Bug 290715

Summary:	CA certificate, certificate and private key filenames with non-latin characters are not correctly saved.
Product:	[Unmaintained] Network Management	Reporter:	Zhang Hongjiu <noctuorare>
Component:	OpenVPN	Assignee:	Lamarque V. Souza <lamarque>
Status:	RESOLVED FIXED
Severity:	normal
Priority:	NOR
Version:	0.9
Target Milestone:	---
Platform:	Gentoo Packages
OS:	Linux
Latest Commit:		Version Fixed In:
Sentry Crash Report:
Attachments:	Screenshot of configuration (1) Screenshot of configuration (2)

Description Zhang Hongjiu 2012-01-05 17:20:19 UTC

Version:           0.9 (using KDE 4.7.4) 
OS:                Linux

If the path of CA certificate, certificate and private key files for OpenVPN X.509 authentication contains CJK characters, the filename cannot be correctly saved in /etc/NetworkManager/system-connections/xxx files.

additional TLS-authentication file is not affected.

I had /etc/locale.gen linked to /usr/share/i18n/SUPPORTED and ran locale-gen, so I should get all the locale information installed. LANG=zh_TW.UTF-8.

Reproducible: Always

Steps to Reproduce:
0. kde-base/kdebase-startkde-4.7.4
kde-misc/networkmanagement-0.8.98 (Application report: 0.9.0_rc3)
net-misc/networkmanager-0.9.2.0
net-misc/networkmanager-openvpn-0.9.2.0
net-misc/modemmanager-0.5
media-fonts/wqy-zenhei-0.9.45
LANG=zh_TW.UTF-8

1. Save CA certificate, certificate and private key files in a folder.
2. Rename the folder to a name with non-latin characters in it.
3. Set a new OpenVPN connection through NetworkManager tray icon, and save.
4. Close the configuration window and re-configure the connection.
*** 1 ***
5. Try to enable this connection.
*** 2 ***
6. sudo(kdesu/gksu/pkexec) cat /etc/NetworkManager/system-connections/(Name)
*** 3 ***
7. Check syslog
*** 4 ***

Actual Results:  
*** 1 ***
The path contains some unrecognizable characters, which should be apparently different from the ones when the paths were set. (May require a proper fonts like WenQuanYi Zen Hei)
*** 2 ***
Connection failed.
*** 3 ***
Just as *** 1 ***, there is some unrecognizable characters saved in that file.
*** 4 ***
Message said fail to load the key file xxxxxxxxx.

Expected Results:  
The characters should be saved to that file correctly, and thus the connection should be usable without manual modification of that file.

Portage 2.1.10.44 (hardened/linux/amd64/desktop, gcc-4.5.3, glibc-2.14.1-r2, 3.1.6-hardened x86_64)
=================================================================
System uname: Linux-3.1.6-hardened-x86_64-AMD_Athlon-tm-_II_Neo_K345_Dual-Core_Processor-with-gentoo-2.1
Timestamp of tree: Thu, 05 Jan 2012 04:00:01 +0000
app-shells/bash:          4.2_p20
dev-lang/python:          2.7.2-r3, 3.2.2
dev-util/cmake:           2.8.6-r4
dev-util/pkgconfig:       0.26
sys-apps/baselayout:      2.1
sys-apps/openrc:          0.9.7
sys-apps/sandbox:         2.5
sys-devel/autoconf:       2.68
sys-devel/automake:       1.11.2
sys-devel/binutils:       2.22-r1
sys-devel/gcc:            4.5.3-r2
sys-devel/gcc-config:     1.5-r2
sys-devel/libtool:        2.4.2
sys-devel/make:           3.82-r3
sys-kernel/linux-headers: 3.1 (virtual/os-headers)
sys-libs/glibc:           2.14.1-r2
Repositories: gentoo science sunrise gentoo-zh gentoo-haskell oss-overlay local
ACCEPT_KEYWORDS="amd64 ~amd64"
ACCEPT_LICENSE="* -@EULA google-talkplugin skype-eula"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=native -O2 -pipe -ggdb"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt /usr/share/openvpn/easy-rsa /usr/share/themes/oxygen-gtk/gtk-2.0"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-march=native -O2 -pipe -ggdb"
DISTDIR="/var/pkg/dist"
EMERGE_DEFAULT_OPTS="--keep-going y --with-bdeps y --quiet-build y"
FEATURES="assume-digests binpkg-logs distlocks ebuild-locks fixlafiles news parallel-fetch protect-owned sandbox sfperms splitdebug strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
FFLAGS="-O2"
GENTOO_MIRRORS="http://mirrors.163.com/gentoo"
LANG="en_GB.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="en_GB en zh_TW zh af ak am ar as as_IN ast az be be_BY bg bn bn_BD bn_IN bo br brx bs ca ca_XV ca@valencia crh cs csb cy da de de_FR dgo dz ee el en_CA en_US en_ZA eo es es_AR es_CL es_CR es_ES es_LA es_MX et et_EE eu fa fi fil fo fr fr_CA fy fy_NL ga ga_IE gd gl gu gu_IN ha he hi hi_IN hne hr hsb hu hy hy_AM ia id is it ja ka kk km kn kn_IN ko ko_KR kok ks ku ky la lb lg lo lt lv mai me mi mk ml ml_IN mn mni mr mr_IN ms mt my nb nb_NO nds ne nl nn nn_NO no nr ns nso oc om or or_IN pa pa_IN pap pl ps pt pt_BR pt_PT rm ro ru rw sa_IN sat sd se sh sh_YU son si sk sl sq sr sr@ijekavian sr@ijekavianlatin sr@latin sr@Latn sr_CS ss st sv sv_SE sw sw_TZ ta ta_IN ta_LK te te_IN tg th ti ti_ER tk tl tn tr ts tt ug uk ur_IN ur_PK uz uz@cyrillic ve ven vi wa xh zh_CN zh_HK zu"
MAKEOPTS="-j2"
PKGDIR="/var/pkg/bin"
PORTAGE_COMPRESS="/usr/bin/xz"
PORTAGE_COMPRESS_FLAGS=""
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/var/pkg/portage"
PORTDIR_OVERLAY="/var/pkg/science /var/pkg/sunrise /var/pkg/gentoo-zh /var/pkg/haskell /var/pkg/oss-overlay /var/pkg/usr"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="X a52 aac acl acpi amd64 avahi bash-completion berkdb bluetooth branding bzip2 cairo cdda cdr cjk cli consolekit cracklib crypt cups cxx dbus djvu dri dts dvd dvdr emboss encode exif fam ffmpeg firefox flac gdbm gdu gif gpm gstreamer hardened iconv introspection ipv6 jpeg jpeg2k justify kde lame lcms ldap libnotify mad mms mmx mmxext mng modules mp3 mp4 mpeg mudflap multilib ncurses networkmanager nls nptl nptlonly ogg opengl openmp oss pam pango pax_kernel pcre pdf png policykit ppds pppd qt3support qt4 readline samba sdl semantic-desktop session spell sqlite sse sse2 ssl startup-notification svg sysfs taglib tcpd theora threads tiff truetype udev unicode upnp urandom usb v4l vaapi vim-syntax vorbis wifi x264 xcb xcomposite xml xorg xulrunner xv xvid xvmc zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan stage tables krita karbon braindump" CAMERAS="ptp2 adc65 agfa_cl20 aox ax203 barbie canon casio_qv clicksmart310 digigr8 digita dimagev dimera3500 directory enigma13 fuji gsmart300 hp215 iclick jamcam jd11 jl2005a jl2005c kodak_dc120 kodak_dc210 kodak_dc240 kodak_dc3200 kodak_ez200 konica konica_qm150 largan lg_gsm mars mustek panasonic_coolshot panasonic_dc1000 panasonic_dc1580 panasonic_l859 pccam300 pccam600 polaroid_pdc320 polaroid_pdc640 polaroid_pdc700 ricoh ricoh_g3 samsung sierra sipix_blink sipix_blink2 sipix_web2 smal sonix sony_dscf1 sony_dscf55 soundvision spca50x sq905 st2205 stv0674 stv0680 sx330z template topfield toshiba_pdrm11" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" DRACUT_MODULES="crypt" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev joystick synaptics wacom" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en_GB en zh_TW zh af ak am ar as as_IN ast az be be_BY bg bn bn_BD bn_IN bo br brx bs ca ca_XV ca@valencia crh cs csb cy da de de_FR dgo dz ee el en_CA en_US en_ZA eo es es_AR es_CL es_CR es_ES es_LA es_MX et et_EE eu fa fi fil fo fr fr_CA fy fy_NL ga ga_IE gd gl gu gu_IN ha he hi hi_IN hne hr hsb hu hy hy_AM ia id is it ja ka kk km kn kn_IN ko ko_KR kok ks ku ky la lb lg lo lt lv mai me mi mk ml ml_IN mn mni mr mr_IN ms mt my nb nb_NO nds ne nl nn nn_NO no nr ns nso oc om or or_IN pa pa_IN pap pl ps pt pt_BR pt_PT rm ro ru rw sa_IN sat sd se sh sh_YU son si sk sl sq sr sr@ijekavian sr@ijekavianlatin sr@latin sr@Latn sr_CS ss st sv sv_SE sw sw_TZ ta ta_IN ta_LK te te_IN tg th ti ti_ER tk tl tn tr ts tt ug uk ur_IN ur_PK uz uz@cyrillic ve ven vi wa xh zh_CN zh_HK zu" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="radeon" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"

Comment 1 Lamarque V. Souza 2012-01-06 01:43:10 UTC

Can you add screenshots of the problem? It would make things easier for me to try to figure out what could be wrong. Anyway, it is NetworkManager that write manages the files in /etc/NetworkManager/system-connections, it is likely the problem is in NM.

Comment 2 Zhang Hongjiu 2012-01-06 02:51:00 UTC

Created attachment 67500 [details]
Screenshot of configuration (1)

This is the screenshot when I just finished the settings and did not save. The 7 textboxs in the tab are (from top to bottom) "Gateway", "CA certificate", "Certificate", "Private key", "Private key password", "Username", "Password".

Comment 3 Zhang Hongjiu 2012-01-06 02:56:10 UTC

Created attachment 67501 [details]
Screenshot of configuration (2)

This is the screenshot of saved configuration.

I did not find the correct saving command in nmcli. How to test the saving function of NetworkManager?

Thank you for your help.

Comment 4 Lamarque V. Souza 2012-01-06 11:36:25 UTC

nmcli does not create connections, for that you need Plasma NM, nm-applet or edit the files in /etc/NetworkManager/system-connections/ directly. Actually, can you do this test for me:

. edit your connection's configuration file in /etc/NetworkManager/system-connections;
. edit the entries "ca", "cert", "key" to contains the correct path;
. stop NetworkManager (usually /etc/init.d/NetworkManager stop should work);
. start NetworkManager (/etc/init.d/NetworkManager start);
. open the edit dialog in Plasma NM and see if the paths are connect or not. If they are connect them there is something wrong only when saving the connection. If they are not correct then test is inconclusive.

Comment 5 Zhang Hongjiu 2012-01-06 16:45:58 UTC

Oh, I think I did that "test" for many times. :)

The current system-conneciton configurations are manually modified by myself. I just did /etc/init.d/NetworkManager stop && /etc/init.NetworkManager start. The paths in the edit dialog are correct. In fact, this is how I get the screenshot-1.

Comment 6 Lamarque V. Souza 2012-01-07 03:28:50 UTC

Git commit cdb37d47762cfb5780e520b83f5e6b70d34dea89 by Lamarque V. Souza.
Committed on 07/01/2012 at 04:26.
Pushed by lvsouza into branch 'master'.

Use QString instead of QByteArray to represent file paths.

M  +1    -1    plasma_nm_version.h
M  +1    -1    vpnplugins/novellvpn/novellvpnwidget.cpp
M  +4    -4    vpnplugins/openconnect/openconnectwidget.cpp
M  +8    -8    vpnplugins/openvpn/openvpnwidget.cpp
M  +4    -4    vpnplugins/strongswan/strongswanwidget.cpp
M  +1    -1    vpnplugins/vpnc/vpncwidget.cpp

http://commits.kde.org/networkmanagement/cdb37d47762cfb5780e520b83f5e6b70d34dea89

Comment 7 Lamarque V. Souza 2012-01-07 03:30:18 UTC

Git commit b4c8891c43f2f12f129352a5996acf3786b8b0f3 by Lamarque V. Souza.
Committed on 07/01/2012 at 04:26.
Pushed by lvsouza into branch 'nm09'.

Use QString instead of QByteArray to represent file paths.

M  +1    -1    plasma_nm_version.h
M  +1    -1    vpnplugins/novellvpn/novellvpnwidget.cpp
M  +4    -4    vpnplugins/openconnect/openconnectwidget.cpp
M  +8    -8    vpnplugins/openvpn/openvpnwidget.cpp
M  +4    -4    vpnplugins/strongswan/strongswanwidget.cpp
M  +1    -1    vpnplugins/vpnc/vpncwidget.cpp

http://commits.kde.org/networkmanagement/b4c8891c43f2f12f129352a5996acf3786b8b0f3