Hi, On Wed, Oct 26, 2022 at 06:45:22PM +0200, Arne Schwabe wrote: > For tcp this makes no difference as the remote address of the > socket never changes. For udp this allows OpenVPN to differentiate > if a reconnecting client is using the same address as before or > from a different one. This allow sending via the normal userspace > socket in that case. > > Patch v2: fix windows code path
Subjected this to the usual torturing, and while everything *looks*
good, it breaks
FreeBSD tcp client (old code) --> Linux DCO server (master + patch)
freshly started regular TCP/TLS server instance, handshakes just fine,
until the PUSH_REPLY wants to be sent (peer-id allocation?), then
2022-11-23 14:22:50 us=358335 freebsd-14-amd64/194.97.140.5:54725 Data Channel
MTU parms [ mss_fix:1366 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136
payload:1768 tailroom:562 ET:0 ]
2022-11-23 14:22:50 us=358871 freebsd-14-amd64/194.97.140.5:54725 SENT CONTROL
[freebsd-14-amd64]: 'PUSH_REPLY,route 10.220.0.0 255.255.0.0,route-ipv6
fd00:abcd:220::/48,tun-ipv6,route-gateway 10.220.1.1,topology subnet,ping
10,ping-restart 30,compress stub-v2,ifconfig-ipv6 fd00:abcd:220:1::1002/64
fd00:abcd:220:1::1,ifconfig 10.220.1.4 255.255.255.0,peer-id 0,cipher
AES-256-GCM' (status=1)
2022-11-23 14:22:50 us=359153 freebsd-14-amd64/194.97.140.5:54725 write
TCPv6_SERVER []: Bad file descriptor (fd=-1,code=9)
2022-11-23 14:22:52 us=525667 freebsd-14-amd64/194.97.140.5:54725 PUSH:
Received control message: 'PUSH_REQUEST'
2022-11-23 14:22:52 us=526099 freebsd-14-amd64/194.97.140.5:54725 write
TCPv6_SERVER []: Bad file descriptor (fd=-1,code=9)
2022-11-23 14:22:56 us=611511 freebsd-14-amd64/194.97.140.5:54725 write
TCPv6_SERVER []: Bad file descriptor (fd=-1,code=9)
2022-11-23 14:23:04 us=694791 freebsd-14-amd64/194.97.140.5:54725 PUSH:
Received control message: 'PUSH_REQUEST'
2022-11-23 14:23:04 us=694916 freebsd-14-amd64/194.97.140.5:54725 write
TCPv6_SERVER []: Bad file descriptor (fd=-1,code=9)
2022-11-23 14:23:04 us=694966 freebsd-14-amd64/194.97.140.5:54725 PUSH:
Received control message: 'PUSH_REQUEST'
2022-11-23 14:23:05 us=853345 freebsd-14-amd64/194.97.140.5:54725 write
TCPv6_SERVER []: Bad file descriptor (fd=-1,code=9)
on the client I have
2022-11-23 14:22:50 Control Channel: TLSv1.2, cipher TLSv1.2
ECDHE-RSA-CHACHA20-POLY1305, peer certificate: 2048 bit RSA, signature: RSA-SHA1
2022-11-23 14:22:50 [server] Peer Connection Initiated with
[AF_INET]195.30.8.84:51194
2022-11-23 14:22:51 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2022-11-23 14:22:56 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2022-11-23 14:23:00 TLS Error: local/remote TLS keys are out of sync:
[AF_INET]195.30.8.84:51194 (received key id: 0, known key ids: [key#0
state=S_ACTIVE auth=KS_AUTH_TRUE id=0 sid=934b2d6e 14c3286f] [key#1
state=S_UNDEF auth=KS_AUTH_FALSE id=0 sid=00000000 00000000] [key#2
state=S_UNDEF auth=KS_AUTH_FALSE id=0 sid=00000000 00000000])
2022-11-23 14:23:01 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2022-11-23 14:23:06 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2022-11-23 14:23:10 TLS Error: local/remote TLS keys are out of sync:
[AF_INET]195.30.8.84:51194 (received key id: 0, known key ids: [key#0
state=S_ACTIVE auth=KS_AUTH_TRUE id=0 sid=934b2d6e 14c3286f] [key#1
state=S_UNDEF auth=KS_AUTH_FALSE id=0 sid=00000000 00000000] [key#2
state=S_UNDEF auth=KS_AUTH_FALSE id=0 sid=00000000 00000000])
Not exactly sure why it hickups. This is fully reproduceable, so if you
want me to increas debug, just let me know.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
