search

OpenVPN / openvpn

OpenVPN is an open source VPN daemon
http://openvpn.net
Other
10.68k stars 2.97k forks source link

Windows: SIGHUP restart fails when using wintun driver #206

Closed selvanair closed 1 year ago

selvanair commented 1 year ago

Describe the bug After a successful connection using OpenVPN-GUI, reconnecting fails with "All wintun adapters on this system are currently in use or disabled." The actual error appears to be with registering ring buffers (see logs below).

To Reproduce Start a connection on Windows with --windows-driver wintun using OpenVPN-GUI. Once connected, press reconnect which sends SIGHUP. After receiving PUSH_REPLY, the connection will fail with the above error. Tested only using OpenVPN-GUI as wintun needs SYSTEM privileges, but the error doesn't appear to be related to the GUI.

Expected behavior SIGHUP restart should work

Version information (please complete the following information):

Additional context Logs after first successful connection (excuse the hacked-up highlighting of errors)

2022-12-28 08:39:23 us=46000 Initialization Sequence Completed
2022-12-28 08:39:23 us=46000 MANAGEMENT: >STATE:1672245563,CONNECTED,SUCCESS,10.9.0.10,x.y.z.136,1194,,,2600:x:y:z::1008
2022-12-28 08:39:27 us=578000 MANAGEMENT: CMD 'signal SIGHUP'
2022-12-28 08:39:27 us=578000 TCP/UDP: Closing socket
2022-12-28 08:39:27 us=578000 Closing TUN/TAP interface
2022-12-28 08:39:27 us=578000 delete_route_ipv6(2600:x:y:z::/64)
2022-12-28 08:39:27 us=578000 IPv6 route deletion via service succeeded
2022-12-28 08:39:27 us=578000 INET6 address service: remove 2600:x:y:z::1008/128
2022-12-28 08:39:27 us=578000 Deleting IPv4 dns servers on 'OpenVPN Wintun' (if_index = 9) using service
2022-12-28 08:39:27 us=656000 IPv4 dns servers deleted using service
2022-12-28 08:39:27 us=656000 INET address service: remove 10.9.0.10/24
2022-12-28 08:39:27 us=671000 SIGHUP[hard,] received, process restarting
2022-12-28 08:39:27 us=671000 MANAGEMENT: >STATE:1672245567,RECONNECTING,SIGHUP,,,,,
2022-12-28 08:39:27 us=671000 --windows-driver is set to 'wintun'. Disabling Data Channel Offload
...
...
2022-12-28 08:39:27 us=687000 Restart pause, 1 second(s)
2022-12-28 08:39:28 us=703000 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2022-12-28 08:39:28 us=703000 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2022-12-28 08:39:28 us=703000 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
2022-12-28 08:39:28 us=703000 MANAGEMENT: >STATE:1672245568,RESOLVE,,,,,,
2022-12-28 08:39:28 us=703000 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
2022-12-28 08:39:28 us=703000 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 1,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
2022-12-28 08:39:28 us=703000 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 0,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
2022-12-28 08:39:28 us=703000 TCP/UDP: Preserving recently used remote address: [AF_INET]x.y.z.136:1194
2022-12-28 08:39:28 us=703000 Socket Buffers: R=[65536->65536] S=[65536->65536]
2022-12-28 08:39:28 us=703000 UDPv4 link local: (not bound)
2022-12-28 08:39:28 us=703000 UDPv4 link remote: [AF_INET]x.y.z.136:1194
2022-12-28 08:39:28 us=703000 MANAGEMENT: >STATE:1672245568,WAIT,,,,,,
2022-12-28 08:39:28 us=734000 MANAGEMENT: >STATE:1672245568,AUTH,,,,,,
2022-12-28 08:39:28 us=734000 TLS: Initial packet from [AF_INET]x.y.z.136:1194, sid=38e44662 ec6699b3
2022-12-28 08:39:28 us=781000 VERIFY OK: depth=1, C=CA, ST=ON, L=Toronto, O=Foo, OU=IT, CN=Foo CA, emailAddress=selva@foo.ca
2022-12-28 08:39:28 us=781000 VERIFY KU OK
2022-12-28 08:39:28 us=781000 Validating certificate extended key usage
2022-12-28 08:39:28 us=781000 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2022-12-28 08:39:28 us=781000 VERIFY EKU OK
2022-12-28 08:39:28 us=781000 VERIFY OK: depth=0, C=CA, ST=ON, L=Toronto, O=Foo, OU=IT, CN=ec-384r1, name=server, emailAddress=selva@foo.ca
2022-12-28 08:39:28 us=828000 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 384 bit EC, curve secp384r1, signature: RSA-SHA256
2022-12-28 08:39:28 us=828000 [ec-384r1] Peer Connection Initiated with [AF_INET]x.y.z.136:1194
2022-12-28 08:39:28 us=828000 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2022-12-28 08:39:28 us=828000 TLS: tls_multi_process: initial untrusted session promoted to trusted
2022-12-28 08:39:28 us=859000 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,explicit-exit-notify 1,tun-ipv6,tun-ipv6,route-gateway 10.9.0.1,topology subnet,ping 30,ping-restart 60,ifconfig-ipv6 2600:x:y:z::1008/64 2600:x:y:z::1,ifconfig 10.9.0.10 255.255.255.0,peer-id 2,auth-tokenSESS_ID,cipher AES-256-GCM,key-derivation tls-ekm'
2022-12-28 08:39:28 us=859000 Pushed option removed by filter: 'route 192.168.0.0 255.255.255.0'
2022-12-28 08:39:28 us=859000 OPTIONS IMPORT: timers and/or timeouts modified
2022-12-28 08:39:28 us=859000 OPTIONS IMPORT: explicit notify parm(s) modified
2022-12-28 08:39:28 us=859000 OPTIONS IMPORT: --ifconfig/up options modified
2022-12-28 08:39:28 us=859000 OPTIONS IMPORT: route-related options modified
2022-12-28 08:39:28 us=859000 OPTIONS IMPORT: peer-id set
2022-12-28 08:39:28 us=859000 OPTIONS IMPORT: data channel crypto options modified
2022-12-28 08:39:28 us=859000 interactive service msg_channel=680
2022-12-28 08:39:28 us=859000 open_tun
! 2022-12-28 08:39:28 us=875000 Register ring buffers failed using service: An attempt was made to perform an initialization operation when initialization has already been completed.   [status=0x4df]
! 2022-12-28 08:39:28 us=875000 Failed to register {B34A7ADA-8A81-44F0-9C23-AF21CA64895D} adapter ring buffers
2022-12-28 08:39:28 us=875000 MANAGEMENT: Client disconnected
! 2022-12-28 08:39:28 us=875000 All wintun adapters on this system are currently in use or disabled.
2022-12-28 08:39:28 us=875000 Exiting due to fatal error
TinCanTech commented 1 year ago

I also observed this problem.

selvanair commented 1 year ago

Even 2.5.0 appears to behave the same way. Looks like SIGHUP restart never worked with wintun?

Possibly, closing ring buffers require to use the service? None of the CloseHandle() calls in ~close_tun_sevice()~ close_tun_handle() do error out though. Edit: on further look, attempt is made to close duplicated handles and unmap the file in the service, but its buggy. See https://patchwork.openvpn.net/project/openvpn2/patch/20221229040717.1471276-1-selva.nair@gmail.com/

TinCanTech commented 1 year ago

Confirmed.

Re-installed 2.5.8 and followed the simple instructions.

Connection failed, all adapters in use or disabled.

lstipakov commented 1 year ago

Thanks, I'll look into it

lstipakov commented 1 year ago

Ah looks like @selvanair has already fixed it.

lstipakov commented 1 year ago

Interesting, while the fix indeed makes sense, I cannot reproduce this bug:

Thu Dec 29 12:31:27 2022 OpenVPN 2.6_rc1 [git:v2.6_rc1/84e70c479e81eebe] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Dec 28 2022
Thu Dec 29 12:31:27 2022 Windows version 10.0 (Windows 10 or greater), amd64 executable
Thu Dec 29 12:31:27 2022 library versions: OpenSSL 3.0.7 1 Nov 2022, LZO 2.10
Thu Dec 29 12:31:27 2022 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25355
Thu Dec 29 12:31:27 2022 Need hold release from management interface, waiting...
Thu Dec 29 12:31:27 2022 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:61554
Thu Dec 29 12:31:27 2022 MANAGEMENT: CMD 'state on'
Thu Dec 29 12:31:27 2022 MANAGEMENT: CMD 'log on all'
Thu Dec 29 12:31:27 2022 MANAGEMENT: CMD 'echo on all'
Thu Dec 29 12:31:27 2022 MANAGEMENT: CMD 'bytecount 5'
Thu Dec 29 12:31:27 2022 MANAGEMENT: CMD 'state'
Thu Dec 29 12:31:27 2022 MANAGEMENT: CMD 'hold off'
Thu Dec 29 12:31:27 2022 MANAGEMENT: CMD 'hold release'
Thu Dec 29 12:31:27 2022 MANAGEMENT: CMD 'proxy NONE  '
Thu Dec 29 12:31:28 2022 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Thu Dec 29 12:31:28 2022 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
Thu Dec 29 12:31:28 2022 MANAGEMENT: >STATE:1672309888,RESOLVE,,,,,,
Thu Dec 29 12:31:28 2022 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Thu Dec 29 12:31:28 2022 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1543,tun-mtu 1500,proto TCPv4_CLIENT,auth SHA1,keysize 128,key-method 2,tls-client'
Thu Dec 29 12:31:28 2022 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1543,tun-mtu 1500,proto TCPv4_SERVER,auth SHA1,keysize 128,key-method 2,tls-server'
Thu Dec 29 12:31:28 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]a.b.c.d:1194
Thu Dec 29 12:31:28 2022 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Dec 29 12:31:28 2022 Attempting to establish TCP connection with [AF_INET]a.b.c.d:1194
Thu Dec 29 12:31:28 2022 MANAGEMENT: >STATE:1672309888,TCP_CONNECT,,,,,,
Thu Dec 29 12:31:28 2022 TCP connection established with [AF_INET]a.b.c.d:1194
Thu Dec 29 12:31:28 2022 TCPv4_CLIENT link local: (not bound)
Thu Dec 29 12:31:28 2022 TCPv4_CLIENT link remote: [AF_INET]a.b.c.d:1194
Thu Dec 29 12:31:28 2022 MANAGEMENT: >STATE:1672309888,WAIT,,,,,,
Thu Dec 29 12:31:28 2022 MANAGEMENT: >STATE:1672309888,AUTH,,,,,,
Thu Dec 29 12:31:28 2022 TLS: Initial packet from [AF_INET]a.b.c.d:1194, sid=944d8412 cac1e5de
Thu Dec 29 12:31:29 2022 VERIFY OK: depth=1, CN=LeeviCA5
Thu Dec 29 12:31:29 2022 VERIFY OK: depth=0, CN=foo.fi
Thu Dec 29 12:31:29 2022 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
Thu Dec 29 12:31:29 2022 [foo.fi] Peer Connection Initiated with [AF_INET]a.b.c.d:1194
Thu Dec 29 12:31:29 2022 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
Thu Dec 29 12:31:29 2022 TLS: tls_multi_process: initial untrusted session promoted to trusted
Thu Dec 29 12:31:29 2022 PUSH: Received control message: 'PUSH_REPLY,tun-ipv6,route-gateway 10.58.0.1,topology subnet,ping 30,ping-restart 180,ifconfig-ipv6 2001:db8:0:456::1000/64 2001:db8:0:456::1,ifconfig 10.58.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM,protocol-flags cc-exit tls-ekm,tun-mtu 1500'
Thu Dec 29 12:31:29 2022 OPTIONS IMPORT: timers and/or timeouts modified
Thu Dec 29 12:31:29 2022 OPTIONS IMPORT: --ifconfig/up options modified
Thu Dec 29 12:31:29 2022 OPTIONS IMPORT: route-related options modified
Thu Dec 29 12:31:29 2022 OPTIONS IMPORT: peer-id set
Thu Dec 29 12:31:29 2022 OPTIONS IMPORT: data channel crypto options modified
Thu Dec 29 12:31:29 2022 OPTIONS IMPORT: tun-mtu set to 1500
Thu Dec 29 12:31:29 2022 interactive service msg_channel=656
Thu Dec 29 12:31:29 2022 open_tun
Thu Dec 29 12:31:29 2022 Ring buffers registered via service
Thu Dec 29 12:31:29 2022 wintun device [Local Area Connection 2] opened
Thu Dec 29 12:31:29 2022 do_ifconfig, ipv4=1, ipv6=1
Thu Dec 29 12:31:29 2022 MANAGEMENT: >STATE:1672309889,ASSIGN_IP,,10.58.0.2,,,,,2001:db8:0:456::1000
Thu Dec 29 12:31:29 2022 INET address service: add 10.58.0.2/24
Thu Dec 29 12:31:29 2022 IPv4 MTU set to 1500 on interface 18 using service
Thu Dec 29 12:31:29 2022 INET6 address service: add 2001:db8:0:456::1000/128
Thu Dec 29 12:31:29 2022 add_route_ipv6(2001:db8:0:456::/64 -> 2001:db8:0:456::1000 metric 0) dev Local Area Connection 2
Thu Dec 29 12:31:29 2022 IPv6 route addition via service succeeded
Thu Dec 29 12:31:29 2022 IPv6 MTU set to 1500 on interface 18 using service
Thu Dec 29 12:31:29 2022 Data Channel: using negotiated cipher 'AES-256-GCM'
Thu Dec 29 12:31:29 2022 Data Channel MTU parms [ mss_fix:1386 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Thu Dec 29 12:31:29 2022 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Dec 29 12:31:29 2022 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Dec 29 12:31:29 2022 Initialization Sequence Completed
Thu Dec 29 12:31:29 2022 MANAGEMENT: >STATE:1672309889,CONNECTED,SUCCESS,10.58.0.2,a.b.c.d,1194,100.77.196.74,61557,2001:db8:0:456::1000
Thu Dec 29 12:31:36 2022 MANAGEMENT: CMD 'signal SIGHUP'
Thu Dec 29 12:31:36 2022 TCP/UDP: Closing socket
Thu Dec 29 12:31:36 2022 Closing TUN/TAP interface
Thu Dec 29 12:31:36 2022 delete_route_ipv6(2001:db8:0:456::/64)
Thu Dec 29 12:31:36 2022 IPv6 route deletion via service succeeded
Thu Dec 29 12:31:36 2022 INET6 address service: remove 2001:db8:0:456::1000/128
Thu Dec 29 12:31:36 2022 Deleting IPv4 dns servers on 'Local Area Connection 2' (if_index = 18) using service
Thu Dec 29 12:31:37 2022 IPv4 dns servers deleted using service
Thu Dec 29 12:31:37 2022 INET address service: remove 10.58.0.2/24
Thu Dec 29 12:31:37 2022 SIGHUP[hard,] received, process restarting
Thu Dec 29 12:31:37 2022 MANAGEMENT: >STATE:1672309897,RECONNECTING,SIGHUP,,,,,
Thu Dec 29 12:31:37 2022 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
Thu Dec 29 12:31:37 2022 --windows-driver is set to 'wintun'. Disabling Data Channel Offload

<snip>

Thu Dec 29 12:31:37 2022 OpenVPN 2.6_rc1 [git:v2.6_rc1/84e70c479e81eebe] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Dec 28 2022
Thu Dec 29 12:31:37 2022 Windows version 10.0 (Windows 10 or greater), amd64 executable
Thu Dec 29 12:31:37 2022 library versions: OpenSSL 3.0.7 1 Nov 2022, LZO 2.10
Thu Dec 29 12:31:37 2022 Restart pause, 2 second(s)
Thu Dec 29 12:31:40 2022 MANAGEMENT: CMD 'proxy NONE  '
Thu Dec 29 12:31:40 2022 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Thu Dec 29 12:31:40 2022 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
Thu Dec 29 12:31:40 2022 MANAGEMENT: >STATE:1672309900,RESOLVE,,,,,,
Thu Dec 29 12:31:40 2022 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Thu Dec 29 12:31:40 2022 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1543,tun-mtu 1500,proto TCPv4_CLIENT,auth SHA1,keysize 128,key-method 2,tls-client'
Thu Dec 29 12:31:40 2022 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1543,tun-mtu 1500,proto TCPv4_SERVER,auth SHA1,keysize 128,key-method 2,tls-server'
Thu Dec 29 12:31:40 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]a.b.c.d:1194
Thu Dec 29 12:31:40 2022 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Dec 29 12:31:40 2022 Attempting to establish TCP connection with [AF_INET]a.b.c.d:1194
Thu Dec 29 12:31:40 2022 MANAGEMENT: >STATE:1672309900,TCP_CONNECT,,,,,,
Thu Dec 29 12:31:40 2022 TCP connection established with [AF_INET]a.b.c.d:1194
Thu Dec 29 12:31:40 2022 TCPv4_CLIENT link local: (not bound)
Thu Dec 29 12:31:40 2022 TCPv4_CLIENT link remote: [AF_INET]a.b.c.d:1194
Thu Dec 29 12:31:40 2022 MANAGEMENT: >STATE:1672309900,WAIT,,,,,,
Thu Dec 29 12:31:40 2022 MANAGEMENT: >STATE:1672309900,AUTH,,,,,,
Thu Dec 29 12:31:40 2022 TLS: Initial packet from [AF_INET]a.b.c.d:1194, sid=d1ecf9a8 841641bb
Thu Dec 29 12:31:40 2022 VERIFY OK: depth=1, CN=LeeviCA5
Thu Dec 29 12:31:40 2022 VERIFY OK: depth=0, CN=foo.fi
Thu Dec 29 12:31:40 2022 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
Thu Dec 29 12:31:40 2022 [foo.fi] Peer Connection Initiated with [AF_INET]a.b.c.d:1194
Thu Dec 29 12:31:40 2022 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
Thu Dec 29 12:31:40 2022 TLS: tls_multi_process: initial untrusted session promoted to trusted
Thu Dec 29 12:31:40 2022 PUSH: Received control message: 'PUSH_REPLY,tun-ipv6,route-gateway 10.58.0.1,topology subnet,ping 30,ping-restart 180,ifconfig-ipv6 2001:db8:0:456::1000/64 2001:db8:0:456::1,ifconfig 10.58.0.2 255.255.255.0,peer-id 1,cipher AES-256-GCM,protocol-flags cc-exit tls-ekm,tun-mtu 1500'
Thu Dec 29 12:31:40 2022 OPTIONS IMPORT: timers and/or timeouts modified
Thu Dec 29 12:31:40 2022 OPTIONS IMPORT: --ifconfig/up options modified
Thu Dec 29 12:31:40 2022 OPTIONS IMPORT: route-related options modified
Thu Dec 29 12:31:40 2022 OPTIONS IMPORT: peer-id set
Thu Dec 29 12:31:40 2022 OPTIONS IMPORT: data channel crypto options modified
Thu Dec 29 12:31:40 2022 OPTIONS IMPORT: tun-mtu set to 1500
Thu Dec 29 12:31:40 2022 interactive service msg_channel=656
Thu Dec 29 12:31:40 2022 open_tun
Thu Dec 29 12:31:40 2022 Ring buffers registered via service
Thu Dec 29 12:31:40 2022 wintun device [Local Area Connection 2] opened
Thu Dec 29 12:31:40 2022 do_ifconfig, ipv4=1, ipv6=1
Thu Dec 29 12:31:40 2022 MANAGEMENT: >STATE:1672309900,ASSIGN_IP,,10.58.0.2,,,,,2001:db8:0:456::1000
Thu Dec 29 12:31:40 2022 INET address service: add 10.58.0.2/24
Thu Dec 29 12:31:40 2022 IPv4 MTU set to 1500 on interface 18 using service
Thu Dec 29 12:31:40 2022 INET6 address service: add 2001:db8:0:456::1000/128
Thu Dec 29 12:31:40 2022 add_route_ipv6(2001:db8:0:456::/64 -> 2001:db8:0:456::1000 metric 0) dev Local Area Connection 2
Thu Dec 29 12:31:40 2022 IPv6 route addition via service succeeded
Thu Dec 29 12:31:40 2022 IPv6 MTU set to 1500 on interface 18 using service
Thu Dec 29 12:31:40 2022 Data Channel: using negotiated cipher 'AES-256-GCM'
Thu Dec 29 12:31:40 2022 Data Channel MTU parms [ mss_fix:1386 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Thu Dec 29 12:31:40 2022 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Dec 29 12:31:40 2022 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Dec 29 12:31:40 2022 Initialization Sequence Completed
Thu Dec 29 12:31:40 2022 MANAGEMENT: >STATE:1672309900,CONNECTED,SUCCESS,10.58.0.2,a.b.c.d,1194,100.77.196.74,61664,2001:db8:0:456::1000
cron2 commented 1 year ago

Edit: on further look, attempt is made to close duplicated handles and unmap the file in the service, but its buggy. See https://patchwork.openvpn.net/project/openvpn2/patch/20221229040717.1471276-1-selva.nair@gmail.com/

We really should do _beta and _rc releases much more often... this brings so many nice findings :-)