GNOME Bugzilla – Bug 756638
VPN Password still required even with "No password" option selected
Last modified: 2015-10-20 07:37:59 UTC
When adding a OpenVPN connection from gnome3 interface, (importing an .ovpn file or filing all fields mannualy) the field password is required and if I select the "No passwd" option, the "Add" button on right botom corner doesn't get enabled, so I can't save the connection. If introduce some random characters it saves the data and the connection works ok. When editing the same connection the same happens. I'm using a p12 certificate, with the CA cert and key all in the same file (so that 3 fields get completed with the same file). If more data is needed, please ask. Thanks,
The are actually two problems: a) We do not detect whether private key is really encrypt when PKCS#12 file is used (all 3 fields with the same file). We regard all p12 as encrypted and thus require a password. b) OpenVPN plugin did not take into account password flags (always-ask, not-required, agent-owned). As a result the user could not tell the editor that the password is really not needed. The fix for b) (workarounds a) too) is available in openvpn repository branch jk/key-password-require-bgo756638 A related commit to emit changed signal for password entries when password-storage changes is in network-manager-applet repository branch: jk/emit-changed-for-password-icon Tomás, it still would help if you could attach a screenshot of the editor and tell us whether or not the key is password-protected.
(In reply to Jiri Klimes from comment #1) > The are actually two problems: > a) We do not detect whether private key is really encrypt when PKCS#12 file > is used (all 3 fields with the same file). We regard all p12 as encrypted > and thus require a password. > b) OpenVPN plugin did not take into account password flags (always-ask, > not-required, agent-owned). As a result the user could not tell the editor > that the password is really not needed. > > The fix for b) (workarounds a) too) is available in openvpn repository branch > jk/key-password-require-bgo756638 LGTM > A related commit to emit changed signal for password entries when > password-storage changes is in network-manager-applet repository branch: > jk/emit-changed-for-password-icon LGTM too > Tomás, it still would help if you could attach a screenshot of the editor > and tell us whether or not the key is password-protected.
network-manager-openvpn: master: 53e70d4 properties: do not require password for always-ask, not-required (bgo #756638) nm-1-0: 2f652ad properties: do not require password for always-ask, not-required (bgo #756638) network-manager-applet: master: 5745f60 libnm-gtk/libnma: emit "changed" signal on password entry when icon changes nma-1-0: libnm-gtk: emit "changed" signal on password entry when icon changes