Merge branch 'release/v0.2.9'

CHANGELOG.md

@@ -1,9 +1,15 @@
 # Change Log
 
+## [v0.2.9](https://github.com/cad/ovpm/tree/v0.2.9)
+
+- CLI options to enable comp-lzo back.
+- Minor fixes.
+
 ## [v0.2.8](https://github.com/cad/ovpm/tree/v0.2.8)
 
 - WebUI: dependency updates and switched to yarn (thanks to @drac) [\#92](https://github.com/cad/ovpm/pull/92)
 - CI: switched to Github Actions
+- comp-lzo is now disabled by default (thanks to @archaron) [\#81](#81)
 - Minor fixes.
 
 

README.md

@@ -11,6 +11,8 @@ With OVPM you can create and run an OpenVPN server, add/remove VPN users, genera
 
 *This software is not stable yet. We recommend against using it for anything serious until, version 1.0 is released.*
 
+**NOTICE: Version 0.2.8 comes with `comp-lzo` option disabled by default as it is deprecated by OpenVPN.**
+
 **Roadmap**
 
 - [x] OpenVPN management functionality
@@ -108,3 +110,19 @@ another computer.
 * [User Management](https://github.com/cad/ovpm/wiki/User-Management)
 * [Network Management](https://github.com/cad/ovpm/wiki/Network-Management)
 * [Web Interface](https://github.com/cad/ovpm/wiki/Web-Interface)
+
+# Troubleshooting
+
+## Q: My clients cannot connect to VPN after updating OVPM to v0.2.8
+
+Since `comp-lzo` is disabled by default in OVPM v0.2.8, existing clients' .ovpn profiles became invalid.
+
+In order to solve this you have the options below:
+
+* Generate new .ovpn profile for existing clients
+* Or manually remove `comp-lzo` line from clients .ovpn profiles yourself.
+* Or you can upgrade to v0.2.9 and enable lzo option back by invoking the following command.
+```bash
+$ ovpm vpn update --enable-use-lzo
+``` 
+But please note that this is not recommended as lzo option is [deprecated](https://community.openvpn.net/openvpn/wiki/DeprecatedOptions?__cf_chl_jschl_tk__=0468cbb180cdf21ca5119b591d260538cf788d30-1595873970-0-AY1Yn79gf57uYv2hrAKPwvzk-xuDvhY79eHrxJqWw1hpbapF-XgOJSsglI70HxmV78LDzJSz7m_A7eDhvzo_hCM-tx4UB7PfccKTtoHATGrOBqq4mHDhggN_EwJ7yee3fIzLgc9kvhL9pOCiISlE3NpbC0SOX21tYwFs1njdpOVGG4dHLMyudNKRGexapsQxiD2i23r30i_dzqS12QobGvPe96CuWS84ARjIRAUlutT6t5SxkccyOBunduDnbgYoB7RN8x7ab8y8Paim9ypizKiEHbxwP0Z2Y3lXByKdzHUUZSJzjzolHyRyQx-nSBuZQQ#Option:--comp-lzo) in OpenVPN.

api/pb/vpn.proto

@@ -10,6 +10,12 @@ enum VPNProto {
   TCP = 2;
 }
 
+enum VPNLZOPref {
+  USE_LZO_NOPREF = 0;
+  USE_LZO_ENABLE = 1;
+  USE_LZO_DISABLE= 3;
+}
+
 message VPNStatusRequest {}
 message VPNInitRequest {
   string hostname = 1;
@@ -25,6 +31,7 @@ message VPNInitRequest {
 message VPNUpdateRequest {
   string ip_block = 1;
   string dns = 2;
+  VPNLZOPref lzo_pref = 3;
 }
 message VPNRestartRequest {}
 
@@ -68,6 +75,7 @@ message VPNStatusResponse {
   string dns = 11;
   string expires_at = 12;
   string ca_expires_at = 13;
+  bool use_lzo = 14;
 }
 message VPNInitResponse {}
 message VPNUpdateResponse {}

api/rpc.go

@@ -1,6 +1,7 @@
 package api
 
 import (
+	"go.uber.org/thriftrw/ptr"
 	"os"
 	"time"
 
@@ -132,7 +133,7 @@ func (s *UserService) Create(ctx context.Context, req *pb.UserCreateRequest) (*p
 		NoGw:               user.IsNoGW(),
 		HostId:             user.GetHostID(),
 		IsAdmin:            user.IsAdmin(),
-		Description:		user.GetDescription(),
+		Description:        user.GetDescription(),
 	}
 	ut = append(ut, &pbUser)
 
@@ -354,6 +355,7 @@ func (s *VPNService) Status(ctx context.Context, req *pb.VPNStatusRequest) (*pb.
 		Dns:          server.GetDNS(),
 		ExpiresAt:    server.ExpiresAt().UTC().Format(time.RFC3339),
 		CaExpiresAt:  server.CAExpiresAt().UTC().Format(time.RFC3339),
+		UseLzo:       server.IsUseLZO(),
 	}
 	return &response, nil
 }
@@ -396,7 +398,14 @@ func (s *VPNService) Update(ctx context.Context, req *pb.VPNUpdateRequest) (*pb.
 		return nil, grpc.Errorf(codes.PermissionDenied, "ovpm.UpdateVPNPerm is required for this operation.")
 	}
 
-	if err := ovpm.TheServer().Update(req.IpBlock, req.Dns); err != nil {
+	var useLzo *bool
+	switch req.LzoPref {
+	case pb.VPNLZOPref_USE_LZO_ENABLE:
+		useLzo = ptr.Bool(true)
+	case pb.VPNLZOPref_USE_LZO_DISABLE:
+		useLzo = ptr.Bool(false)
+	}
+	if err := ovpm.TheServer().Update(req.IpBlock, req.Dns, useLzo); err != nil {
 		logrus.Errorf("server can not be updated: %v", err)
 	}
 	return &pb.VPNUpdateResponse{}, nil

cmd/ovpm/action_vpn.go

@@ -64,6 +64,8 @@ func vpnStatusAction(rpcServURLStr string) error {
 	table.Append([]string{"DNS", vpnStatusResp.Dns})
 	table.Append([]string{"Cert Exp", vpnStatusResp.ExpiresAt})
 	table.Append([]string{"CA Cert Exp", vpnStatusResp.CaExpiresAt})
+	table.Append([]string{"Use LZO", fmt.Sprintf("%t", vpnStatusResp.UseLzo)})
+
 	table.Render()
 
 	return nil
@@ -117,7 +119,7 @@ func vpnInitAction(params vpnInitParams) error {
 	return nil
 }
 
-func vpnUpdateAction(rpcServURLStr string, netCIDR *string, dnsAddr *string) error {
+func vpnUpdateAction(rpcServURLStr string, netCIDR *string, dnsAddr *string, useLzo *bool) error {
 	// Parse RPC Server's URL.
 	rpcSrvURL, err := url.Parse(rpcServURLStr)
 	if err != nil {
@@ -171,13 +173,27 @@ func vpnUpdateAction(rpcServURLStr string, netCIDR *string, dnsAddr *string) err
 		targetDNSAddr = *dnsAddr
 	}
 
+	// Set USE-LZO preference if provided.
+	var targetLZOPref pb.VPNLZOPref
+	if useLzo == nil {
+		targetLZOPref = pb.VPNLZOPref_USE_LZO_NOPREF
+	} else {
+		if *useLzo == true {
+			targetLZOPref = pb.VPNLZOPref_USE_LZO_ENABLE
+		}
+		if *useLzo == false {
+			targetLZOPref = pb.VPNLZOPref_USE_LZO_DISABLE
+		}
+	}
+
 	// Prepare service caller.
 	var vpnSvc = pb.NewVPNServiceClient(rpcConn)
 
 	// Request update request from vpn service.
 	_, err = vpnSvc.Update(context.Background(), &pb.VPNUpdateRequest{
 		IpBlock: targetNetCIDR,
 		Dns:     targetDNSAddr,
+		LzoPref: targetLZOPref,
 	})
 	if err != nil {
 		err := errors.UnknownGRPCError(err)
@@ -186,9 +202,10 @@ func vpnUpdateAction(rpcServURLStr string, netCIDR *string, dnsAddr *string) err
 	}
 
 	logrus.WithFields(logrus.Fields{
-		"SERVER": "OpenVPN",
-		"CIDR":   targetNetCIDR,
-		"DNS":    targetDNSAddr,
+		"SERVER":  "OpenVPN",
+		"CIDR":    targetNetCIDR,
+		"DNS":     targetDNSAddr,
+		"USE_LZO": targetLZOPref.String(),
 	}).Infoln("changes applied")
 
 	return nil