Page MenuHomeVyOS Platform
Create Task
Maniphest T5817

Show openvpn server fails in some cases
Closed, ResolvedPublicBUG
Actions

Description

Op-mode show openvpn server could fail in some cases

$ show openvpn server
Traceback (most recent call last):
  File "/usr/libexec/vyos/op_mode/show_openvpn.py", line 173, in <module>
    data = get_status(args.mode, intf)
  File "/usr/libexec/vyos/op_mode/show_openvpn.py", line 130, in get_status
    client["tunnel"] = get_vpn_tunnel_address(client['remote'], interface)
  File "/usr/libexec/vyos/op_mode/show_openvpn.py", line 66, in get_vpn_tunnel_address
    tunnel_ip = lst[0].split(',')[0]
IndexError: list index out of range

The cause https://github.com/vyos/vyos-1x/blob/48e512ffec259d8753a8fd5a0a6a961f332ab8c1/src/op_mode/show_openvpn.py#L64

This could be fixed by replacing def get_vpn_tunnel_address with this

def get_vpn_tunnel_address(peer, interface):
    lst = []
    status_file = '/var/run/openvpn/{}.status'.format(interface)

    with open(status_file, 'r') as f:
        lines = f.readlines()
        for line in lines:
            if peer in line:
                lst.append(line)

        # filter out subnet entries
        lst = [l for l in lst[1:] if '/' not in l.split(',')[0]]

        if lst:
            tunnel_ip = lst[0].split(',')[0]
            return tunnel_ip

        return 'n/a'

i.e

diff --git a/src/op_mode/show_openvpn.py b/src/op_mode/show_openvpn.py
index e29e594a..6abafc8b 100755
--- a/src/op_mode/show_openvpn.py
+++ b/src/op_mode/show_openvpn.py
@@ -63,9 +63,11 @@ def get_vpn_tunnel_address(peer, interface):
         # filter out subnet entries
         lst = [l for l in lst[1:] if '/' not in l.split(',')[0]]
 
-        tunnel_ip = lst[0].split(',')[0]
+        if lst:
+            tunnel_ip = lst[0].split(',')[0]
+            return tunnel_ip
 
-        return tunnel_ip
+        return 'n/a'
 
 def get_status(mode, interface):
     status_file = '/var/run/openvpn/{}.status'.format(interface)

Details

Difficulty level
Unknown (require assessment)
Version
1.3.4
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Unspecified (please specify)

Related Objects

Event Timeline

Viacheslav created this task.Dec 12 2023, 1:54 PM
Viacheslav added a project: VyOS 1.3 Equuleus (1.3.5).
Viacheslav added a comment.Dec 12 2023, 2:01 PM

PR https://github.com/vyos/vyos-1x/pull/2619

pasik added a subscriber: pasik.Dec 12 2023, 2:30 PM
Viacheslav closed this task as Resolved.Dec 12 2023, 8:50 PM
Viacheslav claimed this task.
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.5) board.Dec 18 2023, 12:19 AM
Viacheslav mentioned this in T4710: show openvpn server occasionally returns IndexError: list index out of range.Dec 20 2023, 3:39 PM
dmbaturin merged a task: T4710: show openvpn server occasionally returns IndexError: list index out of range.Jan 10 2024, 10:48 PM
dmbaturin added subscribers: ajgnet, giga1699.
giga1699 added a comment.Jan 17 2024, 1:35 AM

I just tested in 1.3.5, and I’m getting the same error.

Cat of /var/run/openvpn/vtun1.status shows an UNDEF in client list, with no corresponding entry in routing table.

Viacheslav added a comment.Jan 17 2024, 11:40 AM

@giga1699 it was merged on Dec 12, 2023 https://github.com/vyos/vyos-1x/commit/b149a386400c0f869654ac26b0fee2e7f1bbc282
after building 1.3.5 Built on: Mon 04 Dec 2023 21:36 UTC

SrividyaA mentioned this in T6245: Show openvpn server fails sometime.Wed, Apr 17, 10:17 AM