Package Details: openvpn-openssl-1.0 2.4.6-1

Git Clone URL: https://aur.archlinux.org/openvpn-openssl-1.0.git (read-only)
Package Base: openvpn-openssl-1.0
Description: An easy-to-use, robust and highly configurable VPN (Virtual Private Network) (build against openssl-1.0)
Upstream URL: http://openvpn.net/index.php/open-source.html
Licenses: custom
Conflicts: openvpn
Provides: openvpn
Submitter: drakkan
Maintainer: drakkan
Last Packager: drakkan
Votes: 2
Popularity: 0.000170
First Submitted: 2017-05-04 22:57
Last Updated: 2018-05-25 11:19

Required by (55)

Sources (2)

Latest Comments

drakkan commented on 2018-02-27 07:41

the PGP key is correct

https://openvpn.net/index.php/open-source/documentation/sig.html

it matches the one in the official package too,

I already have the pgp key in my laptop so I tested this command

gpg --recv-keys D72AF3448CC2B034

on a clear virtual machine and it works fine

hiagop commented on 2018-02-27 01:06

The package fails to install on version 2.4.4.

==> Making package: openvpn-openssl-1.0 2.4.4-1 (Mon Feb 26 22:02:21 -03 2018) ==> Retrieving sources... -> Found openvpn-2.4.4.tar.xz -> Found openvpn-2.4.4.tar.xz.asc ==> Validating source files with sha256sums... openvpn-2.4.4.tar.xz ... Passed openvpn-2.4.4.tar.xz.asc ... Skipped ==> Verifying source file signatures with gpg... openvpn-2.4.4.tar.xz ... FAILED (unknown public key D72AF3448CC2B034) ==> ERROR: One or more PGP signatures could not be verified! :: failed to verify openvpn-openssl-1.0 integrity

And $ gpg --recv-keys --keyserver hkp://pgp.mit.edu D72AF3448CC2B034 gpg: keyserver receive failed: Server indicated a failure

Looks like the PGP public key was not updated since the last version.

drakkan commented on 2017-06-22 18:49

the right hash and signature are here:

http://community.openvpn.net/openvpn/wiki/release-packages-2.4.3-2.3.17

updated PKGBUILD,

answer from openvpn developers

"""
Long story short: The wrong tarballs got uploaded the first time.
Despite us fixing this quickly (IIRC, less than an hour, perhaps even
closer to 30 minutes after the initial upload) and purging the
Cloudflare cache instantly - these old files still linger around on the
interwebs. And all this was even before we sent the announcement on e-mail
"""

drakkan commented on 2017-06-22 17:26

something strage is happening with openvpn 2.4.3, the sha256 sum of the actual tar.xz is different from the one registered in fedora and official archlinux package:

wget https://swupdate.openvpn.org/community/releases/openvpn-2.4.3.tar.xz

sha256sum openvpn-2.4.3.tar.xz
15e15fc97f189b52aee7c90ec8355aa77469c773125110b4c2f089abecde36fb openvpn-2.4.3.tar.xz

the sha256 sum here:

https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/openvpn#n19

is:
7aa86167a5b8923e54e8795b814ed77288c793671f59fd830d9ab76d4b480571

if you download fedora src rpm here:

https://kojipkgs.fedoraproject.org//packages/openvpn/2.4.3/1.fc25/src/openvpn-2.4.3-1.fc25.src.rpm

you have:

sha256sum openvpn-2.4.3-1.fc25.src/openvpn-2.4.3.tar.xz
7aa86167a5b8923e54e8795b814ed77288c793671f59fd830d9ab76d4b480571 openvpn-2.4.3-1.fc25.src/openvpn-2.4.3.tar.xz

I reported to openvpn developers, please be patient

Skycoder42 commented on 2017-06-22 17:03

PGP validation of openvpn-2.4.3.tar.xz with key D72AF3448CC2B034 fails:

==> Überprüfe Signaturen der Quell-Dateien mit gpg...
openvpn-2.4.3.tar.xz ... FEHLGESCHLAGEN (Fehlerhafte Signatur des öffentlichen Schlüssels D72AF3448CC2B034)
==> FEHLER: Eine oder mehrere PGP-Signaturen konnten nicht überprüft werden!

Interestingly, if I try to get the full fingerprint of that key:

$ gpg --fingerprint D72AF3448CC2B034
pub rsa4096 2017-02-09 [SC] [verfällt: 2027-02-07]
F554 A368 7412 CFFE BDEF E0A3 12F5 F7B4 2F2B 01E7
uid [ unbekannt ] OpenVPN - Security Mailing List <security@openvpn.net>
sub rsa4096 2017-02-09 [E] [verfällt: 2018-03-06]
sub rsa4096 2017-02-09 [S] [verfällt: 2018-03-06]

As you can see, the full fingerprint is completly different

Toqoz commented on 2017-06-17 13:22

Ahh... thank you. (needed to gpg --recv-keys 29584D9F40864578)