Page MenuHomePhabricator

Cannot use quotes for openvpn-option --route-up
Open, Requires assessmentPublicBUG

Description

Somewhat related to T1246.

I'm trying to pass arguments to my --route-up script, like this:

set interfaces openvpn vtun0 openvpn-option "--route-up /config/auth/tun_up.sh arg1 arg2"

It doesn't work and openvpn will exit with:

Options error: the --route-up directive should have at most 1 parameter. To pass a list of arguments as one of the parameters, try enclosing them in double quotes ("").

The following doesn't work:

set interfaces openvpn vtun0 openvpn-option "--route-up '/config/auth/tun_up.sh arg1 arg2'"

and will give the error:

Cannot use the single quote (') character in a value string
Value validation failed
Set failed

Is there any solution for this?

Details

Difficulty level
Unknown (require assessment)
Version
1.2.0-rolling-20190416
Why the issue appeared?
Will be filled on close

Event Timeline

yun created this task.May 17 2019, 3:23 PM
pasik added a subscriber: pasik.May 27 2019, 8:20 PM
jjakob added a subscriber: jjakob.Jun 24 2019, 6:38 PM

I think this is a parser issue

vyos@vyos# set interfaces openvpn vtun0 openvpn-option "route-up \"echo arg1 arg2\""

  Cannot use the double quote (") character in a value string
  Value validation failed
  Set failed

Openvpn still uses old style templates and perl script, someone more knowledgeable in the parser and template code may be able to help.

$ cat templates-cfg/interfaces/openvpn/node.tag/openvpn-option/node.def 
multi:
type: txt
help: Additional OpenVPN options
lib/Vyatta/OpenVPN/Config.pm
    # extra options
    if (scalar(@{$self->{_options}}) > 0) {
        for my $option (@{$self->{_options}}) {
            if ($option =~ /^--/) {
                $cmd .= " $option";
            } else {
                $cmd .= " --$option";
            }
        }
    }

Even then we may need some escaping tricks to do this properly as the perl code may "eat" up added quotes (would need testing and documenting)

The documentation could also be improved, in particular the option may or may not have -- preceding it, in which case it is added:

kHub added a subscriber: kHub.Mon, Aug 5, 6:45 PM