Modify

Opened 10 years ago

Closed 10 years ago

#2638 closed defect (fixed)

openvpn 2.09 and tcp-server mode

Reported by: alex@… Owned by: developers
Priority: high Milestone:
Component: packages Version:
Keywords: Cc:

Description

Hi

There seems to be a problem with openvpn 2.0.9 and trunk 9455. I have compiled a 2.6 + atheros on broadcom and when I use openvpn in server mode with x509 certificates using proto tcp-server it fails to connect , logging lots of select(5), resource not available. I recompiled with HAVE_EPOLL=0 and it all works fine.

I tested the original config in udp mode and it worked (with and without EPOLL)

Alex

Note :- i did not check with tls-auth ??

Attachments (0)

Change History (2)

comment:1 Changed 10 years ago by david.kammering@…

I can confirm this on my box :-(

Hardware is a Asus WL500gP running OpenWRT Kamikaze 7.09

openvpn --version says:
OpenVPN 2.0.9 mipsel-linux [SSL] [LZO] [EPOLL] built on Sep 30 2007
Developed by James Yonan
Copyright (C) 2002-2005 OpenVPN Solutions LLC <info@openvpn.net>

The Asus is acting as OpenVPN server.

Server config:

port 443
proto tcp-server
dev tap0

mode server
tls-server
tls-cipher RC4-MD5

ca ca.crt
cert xxx.crt
key xxx.key
dh xxx.pem
keepalive 10 120

auth SHA1
cipher AES-256-CBC
comp-lzo

verb 5

Client config:

client
float
tls-client
tls-cipher RC4-MD5

dev tap
dev-node openvpn

proto tcp-client
remote x.x.x.x 443

ca ca.crt
cert xxx.crt
key xxx.key

auth SHA1
cipher aes-256-cbc
nobind
comp-lzo
persist-key
persist-tun

verb 3

As soon as I try to connect the log gets flooded with the following:

Fri Feb 22 11:15:00 2008 us=129830 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1592,tun-mtu 1532,proto TCPv4_CLIENT,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Fri Feb 22 11:15:00 2008 us=130619 Local Options hash (VER=V4): '570d8093'
Fri Feb 22 11:15:00 2008 us=131322 Expected Remote Options hash (VER=V4): '44fbca6b'
Fri Feb 22 11:15:00 2008 us=131916 TCP: accept(3) failed: Resource temporarily unavailable (errno=11)
Fri Feb 22 11:15:00 2008 us=132943 MULTI: multi_create_instance called
Fri Feb 22 11:15:00 2008 us=133484 Re-using SSL/TLS context
Fri Feb 22 11:15:00 2008 us=133915 LZO compression initialized
Fri Feb 22 11:15:00 2008 us=148724 Control Channel MTU parms [ L:1592 D:140 EF:40 EB:0 ET:0 EL:0 ]
Fri Feb 22 11:15:00 2008 us=149311 Data Channel MTU parms [ L:1592 D:1450 EF:60 EB:135 ET:32 EL:0 AF:3/1 ]
Fri Feb 22 11:15:00 2008 us=150023 Local Options String: 'V4,dev-type tap,link-mtu 1592,tun-mtu 1532,proto TCPv4_SERVER,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'

The same configs, just switched to "proto udp" work great.

comment:2 Changed 10 years ago by florian

  • Resolution set to fixed
  • Status changed from new to closed

It should be fixed now.

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.