Opened 5 years ago
Closed 4 years ago
#1270 closed Bug / Defect (fixed)
OpenVPN-Server crash "Assertion failed at ssl.c:1944"
Reported by: | hoize28 | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | Generic / unclassified | Version: | |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: |
Description
Hello,
actually we have multiple OpenVPN-Instances running on multiple nodes. Sometimes the OpenVPN-Service crashes with error "Assertion failed at ssl.c:1944".
We already tried increasing debug-level to "verb 6", but there are to less information. So we are going to increase it further.
Here a snippet of the log:
Tue Apr 7 16:44:04 2020 us=988966 <user>/<oip:port> UDPv4 READ [96] from [AF_INET]<oip:port>: P_CONTROL_V1 kid=0 pid=[ #12 ] [ ] pid=6 DATA len=42 Tue Apr 7 16:44:04 2020 us=989052 <user>/<oip:port> PUSH: Received control message: 'PUSH_REQUEST' Tue Apr 7 16:44:04 2020 us=989117 <user>/<oip:port> SENT CONTROL [<user>]: 'PUSH_REPLY,route 172.16.0.0 255.240.0.0,route 192.168.0.0 255.255.0.0,route 10.0.0.0 255.0.0.0,route-gateway 192.168.1.1,dhcp-option DNS 192.168.10.1,dhcp-option DNS 192.168.10.2,dhcp-option WINS 192.168.10.1,dhcp-option WINS 192.168.10.2,dhcp-option DOMAIN productive.local,ip-win32 dynamic lease-time 3600,route-gateway 192.168.1.1,topology subnet,ping 10,ping-restart 45,ifconfig 192.168.1.165 255.255.254.0,peer-id 39,cipher AES-256-GCM' (status=1) Tue Apr 7 16:44:04 2020 us=989134 <user>/<oip:port> Data Channel: using negotiated cipher 'AES-256-GCM' Tue Apr 7 16:44:04 2020 us=989158 <user>/<oip:port> Data Channel MTU parms [ L:1554 D:1300 EF:54 EB:407 ET:0 EL:3 ] Tue Apr 7 16:44:04 2020 us=989170 <user>/<oip:port> Assertion failed at ssl.c:1944 (ks->authenticated) Tue Apr 7 16:44:04 2020 us=989181 <user>/<oip:port> Exiting due to fatal error Tue Apr 7 16:44:04 2020 us=989223 <user>/<oip:port> Closing TUN/TAP interface Tue Apr 7 16:44:04 2020 us=989241 <user>/<oip:port> /sbin/ifconfig tun0 0.0.0.0 SIOCSIFADDR: Operation not permitted SIOCSIFFLAGS: Operation not permitted Tue Apr 7 16:44:04 2020 us=993063 <user>/<oip:port> Linux ip addr del failed: external program exited with error status: 255 AUTH-PAM: BACKGROUND: received command code: 1 AUTH-PAM: BACKGROUND: EXIT
Information about the server:
- Debian 9.11
- OpenVPN-Versions (community edition): 2.4.7 and 2.4.8
Information regarding build options:
OpenVPN 2.4.8 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Apr 2 2020 library versions: OpenSSL 1.1.0l 10 Sep 2019, LZO 2.08 Originally developed by James Yonan Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net> Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=no enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=no enable_werror=no enable_win32_dll=yes enable_x509_alt_username=no with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_sysroot=no
Maybe someone already has experience with this error and could help me?
Thank you!
Kind regards,
Manuel
Change History (5)
comment:1 Changed 5 years ago by
comment:2 Changed 5 years ago by
Hi tincantech,
unfortunately I didn't get any mail.
Could someone else please help me with this case, or does anyone have such problems?
Thank you!
comment:3 Changed 5 years ago by
This problem has been addressed by the following patch:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19914.html
comment:4 Changed 4 years ago by
Can we close this now, since the patch is in?
commit 984bd1e1601e4b9562dbc88b02a8db60b884286f (master)
commit 098edbb1f5a2e1360fd6a4ae0642b63bec12e992 (release/2.4)
Author: Jeremy Evans
Date: Wed May 20 11:34:04 2020 -0700
Switch assertion failure to returning false
comment:5 Changed 4 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
Hi Manuel,
this is just a test post to find out if you are receiving email notifications of updates to this ticket. Some users have experienced problems.
Please respond if you get this update.
Unfortunately, I cannot help with the
assertion
error.