*** If you're not sure this is actually a bug, instead post about it at https://discuss.kde.org If you're reporting a crash, attach a backtrace with debug symbols; see https://community.kde.org/Guidelines_and_HOWTOs/Debugging/How_to_create_useful_crash_reports *** SUMMARY Connection to an OpenVPN network using NetworkManager fails after a recent upgrade. The cause is due to a recent change in NetworkManager, and is detailed in this bug report: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1536 STEPS TO REPRODUCE 1. Add an OpenVPN network requiring a challenge-response 2. Attempt to connect to said network OBSERVED RESULT Notification "starting the service providing VPN connection "xxx" failed `journalctl -fu NetworkManager`: ``` connect: failed to connect interactively: 'GDBus.Error:org.freedesktop.NetworkManager.VPN.Error.BadArguments: property “x-dynamic-challenge-echo:challenge-response” invalid or not supported' ``` EXPECTED RESULT Network connection prompting for a token and then working after entering one successfully SOFTWARE/OS VERSIONS Windows: macOS: Linux/KDE Plasma: (available in About System) KDE Plasma Version: 6.0.4 KDE Frameworks Version: 6.2.0 Qt Version: 6.7.0 plasma-nm version: 6.0.4-1 networkmanager version: 1.46.0-2 ADDITIONAL INFORMATION See mentioned bug report on NetworkManager for more detailed information and config files for the connection.
Missed this version: networkmanager-openvpn = 1.10.4-1
I created a MR to fix it: https://invent.kde.org/plasma/plasma-nm/-/merge_requests/350 See also the (wrongly submitted by myself) bug report on the NetworkManager-openvpn plugin: https://gitlab.gnome.org/GNOME/NetworkManager-openvpn/-/issues/142
There is still the issue, that if "challenge-response-flags=2" is missing in the configuration file, the challenge will be saved in "[vpn-secrets]" section of the configuration file, and will break any subsequent VPN connection.
This is going to be fixed in NetworkManager by this MR : https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1958
Git commit 4d0b48618a8daf54d89ff4fcf7d017690a890e24 by Nicolas Fella, on behalf of Benjamin ROBIN. Committed on 14/07/2024 at 14:51. Pushed by nicolasfella into branch 'master'. openvpn: Implement challenge-response echo hint prefix Properly handles hint, if prefixed with either: - `x-dynamic-challenge-echo:` - `x-dynamic-challenge:` This was introduced in libnmc in NetworkManager@27c701ebfb And used in NetworkManager-openvpn@322c27381f The hint prefix no longer need to be removed since the commit in NetworkManager@0583e1f8. This requires NetworkManager versions 1.46.2, 1.48.1 or later. M +20 -9 vpn/openvpn/openvpnauth.cpp https://invent.kde.org/plasma/plasma-nm/-/commit/4d0b48618a8daf54d89ff4fcf7d017690a890e24
Bulk transfer as requested in T17796