Opened 12 years ago
Closed 12 years ago
#144 closed Bug / Defect (wontfix)
Openvpn client sends log to server, it causes "Bad encapsulated packet length from peer" message
Reported by: | mass85 | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | Generic / unclassified | Version: | OpenVPN 2.0.x (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: |
Description
When Openvpn 2.0.9 is started with default settings regarding logging (it logs to stdout) by some other application that forks, execs Openvpn and closes descriptors for stdin, stdout and stderr, Openvpn sends log to server after establishing TCP connection. When openvpn server receives this packet and in result it reports that it received big packet:
WARNING: Bad encapsulated packet length from peer (22373), which must be > 0 and <= 1544 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
When you use Wireshark on server side you can see that this packet is in fact plain text, a fragment of log sent by client. In the packet length field there are two letters from abbreviation of current week day that is in log message (when it is Tuesday, we will get 21621B (0x5475).
Example of log received by server:
Tue Jun 21 18:36:05 2011 SIGUSR1[soft,connection-reset] received, process restarting
Tue Jun 21 18:36:10 2011 Re-using SSL/TLS context
Tue Jun 21 18:36:10 2011 LZO compression initialized
Tue Jun 21 18:36:10 2011 Attempting to establish TCP connection with 192.168.1.8:8894
Tue Jun 21 18:36:11 2011 TCP connection established with 192.168.1.8:8894
Attachments (1)
Change History (2)
Changed 12 years ago by
Attachment: | openvpn_server added |
---|
comment:1 Changed 12 years ago by
Resolution: | → wontfix |
---|---|
Status: | new → closed |
OpenVPN 2.0.x is no longer supported. Please upgrade to 2.2.0 and try to reproduce the issue there. If the issue is still present on 2.2.0, we can re-open this ticket again with the proper version set.
FWIW, 2.0.9 was released in October 2006, and there has been no updates since that time. 2.2.0 was released April 2011. Running such old software is a security risk.