Re: [Openvpn-users] Windows: on the suspend/resume bug

Simon Deziel Wed, 04 Nov 2015 07:35:20 -0800

On 11/04/2015 10:20 AM, Gert Doering wrote:
> Hi,
> 
> On Wed, Nov 04, 2015 at 08:49:10AM -0500, Simon Deziel wrote:
>> It also works on the physical box. Thanks
> 
> Thanks for testing.  Could one of you send me an openvpn log with
> --verb 4 that shows what is now happening on suspend/resume?


ATM, I have a verb 3 log from when I disabled/enabled the TAP. I hope
that will be enough to validate the code flow, if not, I'll try to get
your exactly what you asked for (will have to wait till end of day here).

Simon

Tue Nov 03 22:57:59 2015 OpenVPN 2.3_git i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [IPv6] built on Nov  3 2015
Tue Nov 03 22:57:59 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Tue Nov 03 22:58:00 2015 Control Channel Authentication: using 'foobar-vpn-tlsa.key' as a OpenVPN static key file
Tue Nov 03 22:58:00 2015 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 03 22:58:00 2015 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 03 22:58:00 2015 TCP/UDP: Preserving recently used remote address: [AF_INET]1.2.3.4:4225
Tue Nov 03 22:58:00 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Nov 03 22:58:00 2015 UDP link local (bound): [AF_INET][undef]:5224
Tue Nov 03 22:58:00 2015 UDP link remote: [AF_INET]1.2.3.4:4225
Tue Nov 03 22:58:00 2015 TLS: Initial packet from [AF_INET]1.2.3.4:4225, sid=4e2bd678 505bf62d
Tue Nov 03 22:58:00 2015 VERIFY OK: depth=1, C=US, ST=CA, L=Somewhere, O=foobar, OU=Key Server, CN=foobar CA, emailAddress=r...@example.com
Tue Nov 03 22:58:00 2015 Validating certificate key usage
Tue Nov 03 22:58:00 2015 ++ Certificate has key usage  00a0, expects 00a0
Tue Nov 03 22:58:00 2015 VERIFY KU OK
Tue Nov 03 22:58:00 2015 Validating certificate extended key usage
Tue Nov 03 22:58:00 2015 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Nov 03 22:58:00 2015 VERIFY EKU OK
Tue Nov 03 22:58:00 2015 VERIFY X509NAME OK: C=US, ST=CA, L=Somewhere, O=foobar, OU=VPN Server, CN=foobar-vpn-server, emailAddress=r...@example.com
Tue Nov 03 22:58:00 2015 VERIFY OK: depth=0, C=US, ST=CA, L=Somewhere, O=foobar, OU=VPN Server, CN=foobar-vpn-server, emailAddress=r...@example.com
Tue Nov 03 22:58:01 2015 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Nov 03 22:58:01 2015 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 03 22:58:01 2015 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Nov 03 22:58:01 2015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 03 22:58:01 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Tue Nov 03 22:58:01 2015 [foobar-vpn-server] Peer Connection Initiated with [AF_INET]1.2.3.4:4225
Tue Nov 03 22:58:03 2015 SENT CONTROL [foobar-vpn-server]: 'PUSH_REQUEST' (status=1)
Tue Nov 03 22:58:03 2015 PUSH: Received control message: 'PUSH_REPLY,topology subnet,comp-lzo no,route-gateway 172.31.0.1,dhcp-option DISABLE-NBT,ping 50,ping-restart 120,route 172.24.0.0 255.255.0.0,ifconfig 172.31.100.205 255.255.0.0'
Tue Nov 03 22:58:03 2015 OPTIONS IMPORT: timers and/or timeouts modified
Tue Nov 03 22:58:03 2015 OPTIONS IMPORT: compression parms modified
Tue Nov 03 22:58:03 2015 OPTIONS IMPORT: --ifconfig/up options modified
Tue Nov 03 22:58:03 2015 OPTIONS IMPORT: route options modified
Tue Nov 03 22:58:03 2015 OPTIONS IMPORT: route-related options modified
Tue Nov 03 22:58:03 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Nov 03 22:58:03 2015 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 I=11 HWADDR=00:10:c6:af:6b:84
Tue Nov 03 22:58:03 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Nov 03 22:58:03 2015 open_tun, tt->ipv6=0
Tue Nov 03 22:58:03 2015 TAP-WIN32 device [Connexion au rÃ©seau local 2] opened: \\.\Global\{B232B539-52AD-48CA-9552-FB0E680C78B0}.tap
Tue Nov 03 22:58:03 2015 TAP-Windows Driver Version 9.21 
Tue Nov 03 22:58:03 2015 Set TAP-Windows TUN subnet mode network/local/netmask = 172.31.0.0/172.31.100.205/255.255.0.0 [SUCCEEDED]
Tue Nov 03 22:58:03 2015 Notified TAP-Windows driver to set a DHCP IP/netmask of 172.31.100.205/255.255.0.0 on interface {B232B539-52AD-48CA-9552-FB0E680C78B0} [DHCP-serv: 172.31.255.254, lease-time: 31536000]
Tue Nov 03 22:58:03 2015 Successful ARP Flush on interface [20] {B232B539-52AD-48CA-9552-FB0E680C78B0}
Tue Nov 03 22:58:08 2015 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Tue Nov 03 22:58:08 2015 C:\Windows\system32\route.exe ADD 172.24.0.0 MASK 255.255.0.0 172.31.0.1
Tue Nov 03 22:58:08 2015 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Tue Nov 03 22:58:08 2015 Route addition via IPAPI succeeded [adaptive]
Tue Nov 03 22:58:08 2015 Initialization Sequence Completed
Tue Nov 03 22:58:23 2015 TUN/TAP I/O operation aborted, restarting
Tue Nov 03 22:58:23 2015 C:\Windows\system32\route.exe DELETE 172.24.0.0 MASK 255.255.0.0 172.31.0.1
Tue Nov 03 22:58:23 2015 Warning: route gateway is not reachable on any active network adapters: 172.31.0.1
Tue Nov 03 22:58:23 2015 Route deletion via IPAPI failed [adaptive]
Tue Nov 03 22:58:23 2015 Route deletion fallback to route.exe
Tue Nov 03 22:58:23 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Tue Nov 03 22:58:23 2015 Closing TUN/TAP interface
Tue Nov 03 22:58:23 2015 SIGHUP[soft,tun-abort] received, process restarting
Tue Nov 03 22:58:23 2015 OpenVPN 2.3_git i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [IPv6] built on Nov  3 2015
Tue Nov 03 22:58:23 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Tue Nov 03 22:58:23 2015 Restart pause, 10 second(s)
Tue Nov 03 22:58:33 2015 Control Channel Authentication: using 'foobar-vpn-tlsa.key' as a OpenVPN static key file
Tue Nov 03 22:58:33 2015 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 03 22:58:33 2015 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 03 22:58:33 2015 TCP/UDP: Preserving recently used remote address: [AF_INET]1.2.3.4:4225
Tue Nov 03 22:58:33 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Nov 03 22:58:33 2015 UDP link local (bound): [AF_INET][undef]:5224
Tue Nov 03 22:58:33 2015 UDP link remote: [AF_INET]1.2.3.4:4225
Tue Nov 03 22:58:33 2015 TLS: Initial packet from [AF_INET]1.2.3.4:4225, sid=af115c16 a3ec5529
Tue Nov 03 22:58:34 2015 VERIFY OK: depth=1, C=US, ST=CA, L=Somewhere, O=foobar, OU=Key Server, CN=foobar CA, emailAddress=r...@example.com
Tue Nov 03 22:58:34 2015 Validating certificate key usage
Tue Nov 03 22:58:34 2015 ++ Certificate has key usage  00a0, expects 00a0
Tue Nov 03 22:58:34 2015 VERIFY KU OK
Tue Nov 03 22:58:34 2015 Validating certificate extended key usage
Tue Nov 03 22:58:34 2015 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Nov 03 22:58:34 2015 VERIFY EKU OK
Tue Nov 03 22:58:34 2015 VERIFY X509NAME OK: C=US, ST=CA, L=Somewhere, O=foobar, OU=VPN Server, CN=foobar-vpn-server, emailAddress=r...@example.com
Tue Nov 03 22:58:34 2015 VERIFY OK: depth=0, C=US, ST=CA, L=Somewhere, O=foobar, OU=VPN Server, CN=foobar-vpn-server, emailAddress=r...@example.com
Tue Nov 03 22:58:35 2015 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Nov 03 22:58:35 2015 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 03 22:58:35 2015 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Nov 03 22:58:35 2015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 03 22:58:35 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Tue Nov 03 22:58:35 2015 [foobar-vpn-server] Peer Connection Initiated with [AF_INET]1.2.3.4:4225
Tue Nov 03 22:58:36 2015 SENT CONTROL [foobar-vpn-server]: 'PUSH_REQUEST' (status=1)
Tue Nov 03 22:58:36 2015 PUSH: Received control message: 'PUSH_REPLY,topology subnet,comp-lzo no,route-gateway 172.31.0.1,dhcp-option DISABLE-NBT,ping 50,ping-restart 120,route 172.24.0.0 255.255.0.0,ifconfig 172.31.100.205 255.255.0.0'
Tue Nov 03 22:58:36 2015 OPTIONS IMPORT: timers and/or timeouts modified
Tue Nov 03 22:58:36 2015 OPTIONS IMPORT: compression parms modified
Tue Nov 03 22:58:36 2015 OPTIONS IMPORT: --ifconfig/up options modified
Tue Nov 03 22:58:36 2015 OPTIONS IMPORT: route options modified
Tue Nov 03 22:58:36 2015 OPTIONS IMPORT: route-related options modified
Tue Nov 03 22:58:36 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Nov 03 22:58:36 2015 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 I=11 HWADDR=00:10:c6:af:6b:84
Tue Nov 03 22:58:36 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Nov 03 22:58:36 2015 open_tun, tt->ipv6=0
Tue Nov 03 22:58:36 2015 TAP-WIN32 device [Connexion au rÃ©seau local 2] opened: \\.\Global\{B232B539-52AD-48CA-9552-FB0E680C78B0}.tap
Tue Nov 03 22:58:36 2015 TAP-Windows Driver Version 9.21 
Tue Nov 03 22:58:36 2015 Set TAP-Windows TUN subnet mode network/local/netmask = 172.31.0.0/172.31.100.205/255.255.0.0 [SUCCEEDED]
Tue Nov 03 22:58:36 2015 Notified TAP-Windows driver to set a DHCP IP/netmask of 172.31.100.205/255.255.0.0 on interface {B232B539-52AD-48CA-9552-FB0E680C78B0} [DHCP-serv: 172.31.255.254, lease-time: 31536000]
Tue Nov 03 22:58:36 2015 Successful ARP Flush on interface [20] {B232B539-52AD-48CA-9552-FB0E680C78B0}
Tue Nov 03 22:58:42 2015 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Tue Nov 03 22:58:42 2015 C:\Windows\system32\route.exe ADD 172.24.0.0 MASK 255.255.0.0 172.31.0.1
Tue Nov 03 22:58:42 2015 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Tue Nov 03 22:58:42 2015 Route addition via IPAPI succeeded [adaptive]
Tue Nov 03 22:58:42 2015 Initialization Sequence Completed

signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------

_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] Windows: on the suspend/resume bug

Reply via email to