Re: [Openvpn-devel] [PATCH] Floating: Add support for floating in TLS mode (V2)

Andre Valentin Mon, 28 Oct 2013 20:37:20 +0000

Hi!

While running my patched openvpn in gdb, I had this error multiple times now:
-------------------------------------------------------------------------------
Fri Oct 25 16:41:19 2013 84.139.3.24:40797 Data Channel Decrypt: Cipher 
'AES-256-CBC' initialized with 256 bit key
Fri Oct 25 16:41:19 2013 84.139.3.24:40797 Data Channel Decrypt: Using 160 bit 
message hash 'SHA1' for HMAC authentication
Fri Oct 25 16:41:19 2013 84.139.3.24:40797 Control Channel: TLSv1.2, cipher 
TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Fri Oct 25 16:41:19 2013 84.139.3.24:40797 [avalentin] Peer Connection 
Initiated with [AF_INET]84.139.3.24:40797


Program received signal SIGSEGV, Segmentation fault.
0x0000000000462881 in tls_common_name (multi=0x789b80, null=null@entry=true) at 
ssl_verify.c:133
133       if (ret && strlen (ret))
(gdb) bt
#0  0x0000000000462881 in tls_common_name (multi=0x789b80, 
null=null@entry=true) at ssl_verify.c:133
#1  0x00000000004302dc in multi_delete_dup (new_mi=<optimized out>, m=<optimized 
out>) at multi.c:1207
#2  multi_connection_established (m=m@entry=0x7fffffffcaf0, 
mi=mi@entry=0x71b550) at multi.c:1620
#3  0x0000000000431196 in multi_process_post (m=m@entry=0x7fffffffcaf0, 
mi=0x71b550, flags=flags@entry=5) at multi.c:2054
#4  0x00000000004316e0 in multi_process_incoming_link 
(m=m@entry=0x7fffffffcaf0, instance=instance@entry=0x0, 
mpp_flags=mpp_flags@entry=5) at multi.c:2278
#5  0x000000000042c476 in multi_process_io_udp (m=0x7fffffffcaf0) at mudp.c:285
#6  tunnel_server_udp_single_threaded (top=0x7fffffffd890) at mudp.c:378
#7  0x000000000042cd95 in tunnel_server_udp (top=<optimized out>) at mudp.c:400
#8  0x0000000000432086 in tunnel_server (top=top@entry=0x7fffffffd890) at 
multi.c:2860
#9  0x0000000000433be8 in openvpn_main (argc=7, argv=0x7fffffffe628) at 
openvpn.c:253
#10 0x00007ffff6bdcead in __libc_start_main () from 
/lib/x86_64-linux-gnu/libc.so.6
#11 0x0000000000408441 in _start ()
-------------------------------------------------------------------------------
This happens always after some days. Usually there is only one client, which
floats around. I do not see any reason why my code should produce this.

Any ideas? I do not have any...

André


On 23.10.2013 09:54, André Valentin wrote:

Add support for floating in tls mode using the HMAC of a packet. It costs
a roundtrip through the clients. Its security comes from a secret key, both
peers have. This key and the data form the signature used, which is then
checked againts existing peer connections. Therefore a good auth algo is
recommended.

Re: [Openvpn-devel] [PATCH] Floating: Add support for floating in TLS mode (V2)

Reply via email to