Changes between Initial Version and Version 1 of Ticket #1434, comment 3


Ignore:
Timestamp:
10/18/21 20:54:54 (3 years ago)
Author:
tct
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #1434, comment 3

    initial v1  
    11This is a shorter log from client-connect to disconnect.
    22
    3 This log appears to show that a float is not required to cause JJK's patch to throw the error, although a timeout probably is required:
    4 
     3I have removed some excess noise:
    54{{{
    652021-10-18 20:33:55 us=744310 core_01_b/10.20.1.2:36433 MULTI_sva: pool returned IPv4=10.171.22.201, IPv6=(Not enabled)
     
    24232021-10-18 20:37:11 us=19193 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
    25242021-10-18 20:37:11 us=19214 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    26 2021-10-18 20:37:11 us=19238 MULTI: multi_create_instance called
    27 2021-10-18 20:37:11 us=19282 10.20.2.2:51617 Re-using SSL/TLS context
    28 2021-10-18 20:37:11 us=19378 10.20.2.2:51617 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    29 2021-10-18 20:37:11 us=19400 10.20.2.2:51617 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    30 2021-10-18 20:37:11 us=19437 10.20.2.2:51617 tls-crypt-v2 server key: Cipher 'AES-256-CTR' initialized with 256 bit key
    31 2021-10-18 20:37:11 us=19462 10.20.2.2:51617 tls-crypt-v2 server key: Using 256 bit message hash 'SHA256' for HMAC authentication
    32 2021-10-18 20:37:11 us=19558 10.20.2.2:51617 Control Channel MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
    33 2021-10-18 20:37:11 us=19588 10.20.2.2:51617 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 AF:14/122 ]
    34 2021-10-18 20:37:11 us=19632 10.20.2.2:51617 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
    35 2021-10-18 20:37:11 us=19645 10.20.2.2:51617 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
    36 2021-10-18 20:37:11 us=19684 10.20.2.2:51617 TLS: Initial packet from [AF_INET6]::ffff:10.20.2.2:51617, sid=f77d7a2a ab17fd42
    37 2021-10-18 20:37:11 us=19699 10.20.2.2:51617 Control Channel: using tls-crypt-v2 key
    38 2021-10-18 20:37:11 us=19726 10.20.2.2:51617 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
    39 2021-10-18 20:37:11 us=19745 10.20.2.2:51617 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    40 2021-10-18 20:37:11 us=19760 10.20.2.2:51617 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
    41 2021-10-18 20:37:11 us=19777 10.20.2.2:51617 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    42 <EXOK> * Easy-TLS-cryptv2-verify => vars loaded => acquire_lock => CN: core01 => easytls OK => MULTI custom_group EasyTLS-v30a OK => tlskey-serial verification disabled => Key age 41 days OK => Enabled OK => metadata verified => connection allowed => Created client_md_file => release_lock
    4325
    44 2021-10-18 20:37:11 us=34171 10.20.2.2:51617 TLS CRYPT V2 VERIFY SCRIPT OK
    45 2021-10-18 20:37:31 us=376202 10.20.2.2:51617 Control Channel: using tls-crypt-v2 key
    46 2021-10-18 20:37:31 us=376357 10.20.2.2:51617 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
    47 2021-10-18 20:37:31 us=376417 10.20.2.2:51617 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    48 2021-10-18 20:37:31 us=376461 10.20.2.2:51617 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
    49 2021-10-18 20:37:31 us=376529 10.20.2.2:51617 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    50 <EXOK> * Easy-TLS-cryptv2-verify => vars loaded => acquire_lock => CN: core01 => easytls OK => MULTI custom_group EasyTLS-v30a OK => tlskey-serial verification disabled => Key age 41 days OK => Enabled OK => metadata verified => connection allowed => Created client_md_file => release_lock
    51 
    52 2021-10-18 20:37:31 us=393243 10.20.2.2:51617 TLS CRYPT V2 VERIFY SCRIPT OK
    53262021-10-18 20:37:48 us=434569 core_01_b/10.20.2.2:36433 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    54272021-10-18 20:37:48 us=434652 core_01_b/10.20.2.2:36433 TLS Error: TLS handshake failed
    55282021-10-18 20:37:48 us=434687 core_01_b/10.20.2.2:36433 TLS: move_session: dest=TM_LAME_DUCK src=TM_ACTIVE reinit_src=1
    56 2021-10-18 20:38:11 us=416374 10.20.2.2:51617 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    57 2021-10-18 20:38:11 us=416442 10.20.2.2:51617 TLS Error: TLS handshake failed
    58 2021-10-18 20:38:11 us=416603 10.20.2.2:51617 SIGUSR1[soft,tls-error] received, client-instance restarting
    59 2021-10-18 20:38:16 us=929061 Control Channel: using tls-crypt-v2 key
    60 2021-10-18 20:38:16 us=929239 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
    61 2021-10-18 20:38:16 us=929314 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    62 2021-10-18 20:38:16 us=929363 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
    63 2021-10-18 20:38:16 us=929419 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    64 2021-10-18 20:38:16 us=929483 MULTI: multi_create_instance called
    65 2021-10-18 20:38:16 us=929572 10.20.2.2:41196 Re-using SSL/TLS context
    66 2021-10-18 20:38:16 us=929825 10.20.2.2:41196 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    67 2021-10-18 20:38:16 us=929882 10.20.2.2:41196 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    68 2021-10-18 20:38:16 us=929964 10.20.2.2:41196 tls-crypt-v2 server key: Cipher 'AES-256-CTR' initialized with 256 bit key
    69 2021-10-18 20:38:16 us=930015 10.20.2.2:41196 tls-crypt-v2 server key: Using 256 bit message hash 'SHA256' for HMAC authentication
    70 2021-10-18 20:38:16 us=930205 10.20.2.2:41196 Control Channel MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
    71 2021-10-18 20:38:16 us=930255 10.20.2.2:41196 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 AF:14/122 ]
    72 2021-10-18 20:38:16 us=930347 10.20.2.2:41196 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
    73 2021-10-18 20:38:16 us=930389 10.20.2.2:41196 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
    74 2021-10-18 20:38:16 us=930477 10.20.2.2:41196 TLS: Initial packet from [AF_INET6]::ffff:10.20.2.2:41196, sid=24de2738 373cc3ca
    75 2021-10-18 20:38:16 us=930531 10.20.2.2:41196 Control Channel: using tls-crypt-v2 key
    76 2021-10-18 20:38:16 us=930618 10.20.2.2:41196 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
    77 2021-10-18 20:38:16 us=930691 10.20.2.2:41196 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    78 2021-10-18 20:38:16 us=930747 10.20.2.2:41196 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
    79 2021-10-18 20:38:16 us=930794 10.20.2.2:41196 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    80 <EXOK> * Easy-TLS-cryptv2-verify => vars loaded => acquire_lock => CN: core01 => easytls OK => MULTI custom_group EasyTLS-v30a OK => tlskey-serial verification disabled => Key age 41 days OK => Enabled OK => metadata verified => connection allowed => Created client_md_file => release_lock
    8129
    82 2021-10-18 20:38:16 us=947239 10.20.2.2:41196 TLS CRYPT V2 VERIFY SCRIPT OK
    83 2021-10-18 20:38:36 us=548191 10.20.2.2:41196 Control Channel: using tls-crypt-v2 key
    84 2021-10-18 20:38:36 us=548372 10.20.2.2:41196 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
    85 2021-10-18 20:38:36 us=548454 10.20.2.2:41196 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    86 2021-10-18 20:38:36 us=548516 10.20.2.2:41196 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
    87 2021-10-18 20:38:36 us=548587 10.20.2.2:41196 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    88 <EXOK> * Easy-TLS-cryptv2-verify => vars loaded => acquire_lock => CN: core01 => easytls OK => MULTI custom_group EasyTLS-v30a OK => tlskey-serial verification disabled => Key age 41 days OK => Enabled OK => metadata verified => connection allowed => Created client_md_file => release_lock
    89 
    90 2021-10-18 20:38:36 us=567819 10.20.2.2:41196 TLS CRYPT V2 VERIFY SCRIPT OK
    91302021-10-18 20:39:03 us=457918 core_01_b/10.20.2.2:36433 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    92312021-10-18 20:39:03 us=458029 core_01_b/10.20.2.2:36433 TLS Error: TLS handshake failed