On 06/05/10 20:00, Yevgeny Kosarzhevsky wrote: > Hi, > > I get the following issue here which I don't know how to address. > Removing 'no-reply' 'no-iv' 'auth none' 'cipher none' solves that. > > Server.log: [...snip...]
Moving this one over to the development list.
You have indeed found a bug here. I've dug a little bit into it, and
I've attached your slightly modified config files with example
certificates and keys for others who want to dig into this as well.
(password for client certficate is: 1234)
To use the config files, extract them into a temporary directory and run
in two different terminals:
$ sudo openvpn --config server.conf
$ sudo openvpn --config client.conf
What I've found out ... I added this simple debug code just before the
assertion happens:
static void debug_buf_safe (const struct buffer *buf, int len)
{
printf("---> %ld :: %ld :: %ld :: %ld <= %ld\n",
buf->offset,
buf->len,
len,
buf->offset + buf->len + len,
buf->capacity);
}
This is called from ping.c:81 as
debug_buf_safe(&c->c2.buf, MAX_RW_SIZE_TUN (&c->c2.frame));
When this code path is hit, I get this result:
---> 44 :: 0 :: 1532 :: 1576 <= 1574
So something goes wrong when buf is prepared. For comparison, I removed
"auth none", "cipher none" and "no-iv" from both config files. And it
does indeed not cause an assertion in this case. The debug line then shows:
---> 80 :: 0 :: 1532 :: 1612 <= 1646
It is buf_safe() (buffer.h:353) which returns false which causes the
assertion. This is due to buf->capacity being smaller when no
encryption is not used. It is only buf->offset and buf->capacity which
are different in situations with and without encryption enabled.
I have not investigated why buf->capacity is too low in this situation.
But this was intended to give some lead clues on where things fail.
Unless someone is quicker than me to dig up the real cause of this
error, I'll dig further in the weekend.
kind regards,
David Sommerseth
assert-bug-config.tar.gz
Description: GNU Zip compressed data
signature.asc
Description: OpenPGP digital signature
