Tons of "Failed to decrypt and verify packet"
Julien Muchembled
jm at jmuchemb.eu
Sun Apr 6 21:58:09 CEST 2014
Le 04/06/14 16:44, Guus Sliepen a écrit :
> On Tue, Apr 01, 2014 at 07:25:50PM +0200, Julien Muchembled wrote:
>
>> Attached a testcase.
>
> Nice script!
>
>> This is not a good one because it does not always fail. And any of these 2 changes seem to hide the issue:
>> - replace "sleep 1" by "sleep 5"
>> - remove the 4th node
>>
>> Hoping it will help.
>
> I'm afraid I don't get any errors with your script, even after running it many
> times. That doesn't mean I don't believe there is a bug, it's just hard to
> find... There will be some substantial changes to the new protocol anyway, I
> hope they will fix this issue.
:(
I tried to bisect. Last good revision is
> e42bd60 Fix typos in the documentation.
And I get errors with
> c1703ea Remove an unused variable.
I guess there's no point bisecting more, and commit 0da0728 ("Use AES-256-GCM for the SPTPS protocol") is involved.
Back to latest revision (09e000b): Attached tarballs contains all files produced by the test I sent in my previous mail. I added microseconds to logs.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ns.test.tar.xz
Type: application/octet-stream
Size: 14388 bytes
Desc: not available
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20140406/9ac14b8c/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20140406/9ac14b8c/attachment-0001.sig>
More information about the tinc
mailing list