openvpn-auth.sh gives errors when trying to authenticate password from client.

[humble-student]

Hello,

First off, great work on the script. I tried to run your script as part of the authentication of my vpn clients connecting to the server. I followed your instructions and this is the error that comes back:

**/bin/openvpn-auth.sh: local: line 75: not in a function** Mon Jun 25 23:38:40 2018 172.56.44.226:64827 **WARNING: Failed running command (--auth-user-pass-verify): external program exited with error status: 2** Mon Jun 25 23:38:40 2018 172.56.44.226:64827 TLS Auth Error: Auth Username/Password verification failed for peer Mon Jun 25 23:38:40 2018 172.56.44.226:64827 WARNING: 'keydir' is present in remote config but missing in local config, remote='keydir 1' Mon Jun 25 23:38:40 2018 172.56.44.226:64827 SIGTERM[soft,auth-control-exit] received, client-instance exiting Mon Jun 25 23:39:44 2018 event_wait : Interrupted system call (code=4) Mon Jun 25 23:39:44 2018 Closing TUN/TAP interface
I have tried chmod and chown to 0777 and root. I have also stepped out side your guide tried
#option script_security '3' #option auth_user_pass_verify '/bin/openvpn-auth.sh via-env'
I also tried moving the openvpn-auth.sh to other locations like /sbin/, /usr/bin/, and /usr/sbin/.

I read somewhere that the new version of busybox may be the root cause of it for some type of feature that prohibits variables being passed. Another article mentioned that "local" doesn't handle well in scripts and to replace it.

Please let me know you thoughts or if you need additional configuration info.

[jr01]

Hi,

I just ran into this issue.
A quick fix is to wrap the main body of the script in a function and call that function at the end of the script.

...
# Destination /bin/openvpn-auth.sh
#

bananas()
{
   if [ "$script_type" == "user-pass-verify" ]; then
   ....
   fi
}

bananas $1;
# Done