Hi, On Thu, May 13, 2021 at 10:03:58PM +0200, Antonio Quartulli wrote: > On 02/05/2021 00:35, Arne Schwabe wrote: > > the socket_info->connection_establish is set through > > link_socket_set_outgoing_addr when we reach FULL_SYNC. This patch > > introduces a new state in context_auth that replaces the > > connection_established state for TLS connections. This make the state > > machine easier to understand. > > > > Signed-off-by: Arne Schwabe <[email protected]> [..] > Acked-by: Antonio Quartulli <[email protected]>
This patch, applied on top of d49df6bdde0592c ("master as of today, with
the exponential backoff patch applied") breaks p2p TLS mode on the
server side.
Authentication and PUSH_REPLY works fine, but afterwards the server
complains about keys
May 15 20:01:44 gentoo tap-tcp-p2p[31731]: Key
[AF_INET6]::ffff:194.97.140.21:60334 [0] not initialized (yet), dropping packet.
May 15 20:01:47 gentoo tap-tcp-p2p[31731]: Key
[AF_INET6]::ffff:194.97.140.21:60334 [0] not initialized (yet), dropping packet.
(specifially, the test case is: TCP, TAP, tcp-server on the server, and
"--client" on the client for "9", and "--tls-client" for "9a" - both
break)
The client in this test runs about 8 weeks old master (7064ccb9fd3578c0).
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
