Re: connecting tinc 1.0.36/libssl3 to older nodes?

Fri, 06 May 2022 22:24:36 -0700 

On Fri, May 06, 2022 at 09:00:53 -0400, Nathan Stratton Treadway wrote:
> However, from my research so far I understand that those are only used
> for the data channel, and as far as I can tell the failure I'm hitting
> happens during the negotiation of the metadata connection...  

(I just noticed that my original message left off a couple lines in the
cut-and-paste I did from the syslog file on the new node; here's a bit
more of the conversation (after a "tincd [...] -k INT"):

  Sending METAKEY to [...]
  Sending 527 bytes of metadata to [...]
  Flushing 527 bytes to  [...]
  Got METAKEY from [...]
  Sending CHALLENGE to [...]
  Sending 515 bytes of metadata to [...]
  Flushing 515 bytes to [...]
  Bogus data received from [...]
  Closing connection with [...]
  Could not set up a meta connection to [...]
  Trying to re-establish outgoing connection in 20 seconds

Getting log messages for the conversation on the existing server is more
difficult because of all the messages generated by traffic to the
existing nodes on that network, but here is the general outline:

  Got ID from <unknown> [...]
  Sending METAKEY to [...]
  Sending 525 bytes of metadata to [...]
  Flushing 525 bytes to [...]
  Got METAKEY from [...]
  Sending CHALLENGE to [...]
  Sending 515 bytes of metadata to [...]
  Flushing 515 bytes to [...]
  Got CHALLENGE from [...]
  Sending CHAL_REPLY to [...]
  Sending 67 bytes of metadata to [...]
  Flushing 67 bytes to [...]
[... about five seconds pass ...]
  Timeout from [...]
  Closing connection with [...]

So if I am cross-referencing the two sides correctly, the two nodes
successfully exchange METAKEY messages, but after that neither the
CHALLENGE nor the CHAL_REPLY messages sent by the old node make it back
to the tincd on the Jammy node....

)

                                                        Nathan

----------------------------------------------------------------------------
Nathan Stratton Treadway  -  natha...@ontko.com  -  Mid-Atlantic region
Ray Ontko & Co.  -  Software consulting services  -   http://www.ontko.com/
 GPG Key: http://www.ontko.com/~nathanst/gpg_key.txt   ID: 1023D/ECFB6239
 Key fingerprint = 6AD8 485E 20B9 5C71 231C  0C32 15F3 ADCD ECFB 6239
_______________________________________________
tinc mailing list
tinc@tinc-vpn.org
https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc

Reply via email to