[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

DEFAULT client-config file

  • Subject: DEFAULT client-config file
  • From: Mathias Sundman <mathias@xxxxxxxxxx>
  • Date: Fri, 17 Dec 2004 13:39:45 +0100 (CET)

On Thu, 16 Dec 2004, James Yonan wrote:

2004.12.16 -- Version 2.0-rc5

* The --client-config-dir option will now try to open
 a default file called "DEFAULT" if no file matching
 the common name of the incoming client was found.

Thanks for this feature. I've already put it in production at two sites. At the first site where no client specific options were in use it worked perfect.

On another site I ran into some little issues though. First I would have prefered if the DEFAULT file would have worked just like having options in the main config file, so if a real ccd file exist, both DEFAULT is read, and the real ccd file, so push-reset has to be used if the default options is not to be used.

However, I discovered a work around for this, which makes the above behaviour un-necessary, and that is that you can include the DEFAULT config file with "config DEFAULT" from the real ccd files.

But, this is where my real concern was raised. I faultly wrote "config DEFAULT" instead of the whole path to DEFAULT, which caused OpenVPN not to find the DEAFULT file for inclusion. This made the whole OpenVPN process to terminate with the follwing msg:

Fri Dec 17 12:50:07 2004 Mathias_Sundman/ In /etc/openvpn/clients-config/Mathias_Sundman:3: Error opening configuration file: DEFAULT: No such file or directory (errno=2)
Fri Dec 17 12:50:07 2004 Mathias_Sundman/ Exiting

and thous disconnecting all other users as well. I don't think any option errors in a ccd file should make the whole OpenVPN process to exit, only that client instance shut be shutdown, or this error could simply be ignored but logged.

Mathias Sundman                  (^)   ASCII Ribbon Campaign
OpenVPN GUI for Windows           X    NO HTML/RTF in e-mail
http://www.nilings.se/openvpn    / \   NO Word docs in e-mail