Staff 9950 Posted ... Hello! We're very glad to inform you that AirVPN Suite version 1.2.0 is now available. Check supported systems belowUPDATE 15 Feb 22: Release Candidate 1 is available UPDATE 08 Mar 22: Release Candidate 2 is available UPDATE 17 Mar 22: Release Candidate 3 is available 24 Mar 22: Production release is available The suite includes: Bluetit: lightweight, ultra-fast D-Bus controlled system daemon providing full connectivity and integration to AirVPN servers, or generic OpenVPN servers. Bluetit can also enforce Network Lock and/or connect the system to AirVPN during the bootstrap Goldcrest: Bluetit client, allowing full integration with AirVPN servers, users, keys, profiles as well as generic OpenVPN servers Hummingbird: lightweight and standalone binary for generic OpenVPN server connections What's new in 1.2.0 bug fix: white and black lists are now handled more properly by quick connection mode with new logical approach bug fix: comma in password is now parsed correctly when entered in bluetit.rc bug fix: Hummingbird network restore function works properly when hummingbird.lock file is missing but DNS and firewall rules have their backup copies to be recovered bug fixes in --pause, --resume, --reconnect options refinements in logging in automatic network lock mode, nftables takes precedence over iptables if nft userland utility exists DNS handling improvements with certain systemd-resolved wortking modes added support for zstd and gzip compressed kernel modules IPv6 bootstrap servers enhanced support update of all support libraries, including OpenVPN-AirVPN Please check the changelog at the end of this post for detailed information. Thank you very much for your tests and please report any bug, glitch, malfunction etc. in this thread! Packages Please note that the Suite is no more built for i686 systems (32 bit architecture). If you need the Suite for such systems please run 1.1.0 release in the meantime and contact us in this thread or through a ticket. Packages can be downloaded from our web site page https://airvpn.org/linux/suite/ AirVPN Suite is released under GLPv3. Source code and repository: https://gitlab.com/AirVPN/AirVPN-Suite AirVPN Suite changelog Changelog for AirVPN Suite Version 1.2.0 - 22 March 2022 [ProMIND] production release Version 1.2.0 RC 3 - 17 March 2022 [ProMIND] updated to OpenVPN3 AirVPN 3.8.1 [ProMIND] vpnclient.hpp: changed references of ClientAPI::OpenVPNClient class to ClientAPI::OpenVPNClientHelper to conform to the new OpenVPN3 client class names [ProMIND] vpnclient.hpp: added private members event_error and event_fatal_error to reflect client's event errors [ProMIND] vpnclient.hpp: added public methods eventError() and eventFatalError() [ProMIND] vpnclient.hpp: get_connection_stats() added topology, cipher, ping and ping_restart values from OpenVPN3 options Version 1.2.0 RC 2 - 8 March 2022 [ProMIND] vpnclient.hpp: added methods init(), initSupportedDataCiphers(), isDataCipherSupported() and getSupportedDataCiphers() [ProMIND] vpnclient.hpp: added cipher member to struct EventData [ProMIND] vpnclient.hpp: added getPushedDns() method [ProMIND] airvpntools.cpp: added normalizeBoolValue() method for the normalization of "simple" bools to extended values conforming to Suite's option parser and to be used to extend OpenVPN3 "simple" bool options [ProMIND] logger.hpp: flushLog() is now synchronized and thread safe by using a semaphore Version 1.2.0 RC 1 - 15 February 2022 [ProMIND] Updated to OpenVPN 3.7.2 AirVPN Version 1.2.0 Beta 1 - 7 February 2022 [ProMIND] updated to OpenVPN 3.7.1 AirVPN and latest support libraries and support projects [ProMIND] vpnclient.hpp: added methods openVPNInfo(), openVPNCopyright() and sslLibraryVersion() [ProMIND] vpnclient.hpp: added event management (subscription, unsubscription, raising) via callback functions for all native ClientEvent::Type [ProMIND] loadmod.c: added support for gz and zstd modules [ProMIND] netfilter.cpp: changed firewall priority scheme into nftables, iptables-legacy, iptables, pf [ProMIND] netfilter.cpp: added workaround for iptables modules in order to comply to kernel 5.15.x [ProMIND] netfilter.cpp: init(): in case netlock is set to iptables, force the initial loading of system rules by adding and then immediately removing two IPv4 and IPv6 "fake rules" in order to have netlock work in distributions running under kernel 5.15.x and iptables 1.8.7 [ProMIND] dnsmanager.cpp: systemHasResolved() method renamed as systemHasSystemdResolved() [ProMIND] dnsmanager.cpp: added systemHasResolvectl() method [ProMIND] optionparser.cpp: added description and order members to OptionConfig and Option structures [ProMIND] airvpntools.cpp: added automatic support and selection for AirVPN IPv6 bootstrap servers [ProMIND] airvpnserverprovider.cpp: getFilteredServerList() includes all AirVPN server. Those not meeting the connection priority scheme are sent to the bottom of the list with the highest possible penalty. This is needed in case the country black list includes all of the connection priority scheme's countries *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*Changelog for Bluetit Version 1.2.0 - 22 March 2022 [ProMIND] production release Version 1.2.0 RC 3 - 17 March 2022 [ProMIND] do not check for supported ciphers in OpenVPN config file in case eval.cipher is empty [ProMIND] establish_openvpn_connection() returns false in case of client's event error or fatal error [ProMIND] connection and connection stats threads are now stopped by dedicated functions stop_connection_thread() and void stop_connection_stats_thread() respectively [ProMIND] improved error management at connection time Version 1.2.0 RC 2 - 8 March 2022 [ProMIND] Added list_data_ciphers dbus method [ProMIND] Added list_pushed_dns dbus method [ProMIND] Check and validate requested data cipher according to VpnClient's supported ciphers [ProMIND] Shows server information summary at the end of connection process via VpnClient connected event [ProMIND] Normalized (extended) bool values for options allowuaf, compress and network-lock Version 1.2.0 RC 1 - 15 February 2022 [ProMIND] Same as Beta 1 Version 1.2.0 Beta 1 - 7 February 2022 [ProMIND] White and black lists are now properly checked when connecting to an AirVPN server or country [ProMIND] In case there are white lists defined, quick connection will ignore the connection scheme priority [ProMIND] Added "africa" and "oceania" to continent/country connection process [ProMIND] Added SSL library version to startup log [ProMIND] Removed ipv6 option and replaced with allowuaf option (Allow Unused Address Families) in order to comply to the new OpenVPN3 specifications [ProMIND] Added DBus method ssl_library_version [ProMIND] btcommon.hpp: added normalized client options and descriptions [ProMIND] add_airvpn_bootstrap_to_network_lock(): added support for AirVPN IPv6 bootstrap servers *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*Changelog for Goldcrest Version 1.2.0 - 22 March 2022 [ProMIND] production release Version 1.2.0 RC 3 - 17 March 2022 [ProMIND] Update connection statistics to the latest Bluetit specifications Version 1.2.0 RC 2 - 8 March 2022 [ProMIND] Added --list-data-ciphers option [ProMIND] Added server information summary to statistics output [ProMIND] Normalized (extended) bool values for options allowuaf, compress and network-lock Version 1.2.0 RC 1 - 15 February 2022 [ProMIND] Reassigned short option "Q" to long option "air-key-load" Version 1.2.0 Beta 1 - 7 February 2022 [ProMIND] Removed ipv6 command line option and replaced with allowuaf option (Allow Unused Address Families) in order to comply to the new OpenVPN3 specifications [ProMIND] Added OpenVPN copyright information and SSL library information to the welcome message [ProMIND] Changed usage() in order to use the new normalized option format *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*Changelog for Hummingbird Version 1.2.0 - 22 March 2022 [ProMIND] production release Version 1.2.0 RC 3 - 17 March 2022 [ProMIND] updated to OpenVPN3 AirVPN 3.8.1 [ProMIND] do not check for supported ciphers in OpenVPN config file in case eval.cipher is empty [ProMIND] changed references of ClientAPI::OpenVPNClient class to ClientAPI::OpenVPNClientHelper to conform to the new OpenVPN3 client class names [ProMIND] replaced calls to removed OpenVPN client's eval_config_static() with ClientAPI::OpenVPNClientHelper::eval_config() Version 1.2.0 RC 2 - 8 March 2022 [ProMIND] Added --list-data-ciphers option [ProMIND] Check and validate requested data cipher according to VpnClient's supported ciphers [ProMIND] Normalized (extended) bool values for options allowuaf, compress and network-lock Version 1.2.0 RC 1 - 15 February 2022 [ProMIND] Updated to OpenVPN 3.7.2 AirVPN Version 1.2.0 Beta 1 - 7 February 2022 [ProMIND] updated to OpenVPN 3.7.1 AirVPN and latest support libraries and support projects [ProMIND] Added SSL library version to version message [ProMIND] Removed ipv6 command line option and replaced with allowuaf option (Allow Unused Address Families) in order to comply to the new OpenVPN3 specifications [ProMIND] Added OpenVPN and copyright information and SSL library information to the welcome message [ProMIND] Fixed recover network procedure. It now properly checks the existence of network backup file Kind regards and datalove AirVPN Staff 1 1 colorman and djmj0 reacted to this Quote Share this post Link to post
OpenSourcerer 1432 Posted ... Is Goldcrest ignoring the config file or something? $ goldcrest -O 2022-02-08 18:22:10 --air-key-load: no key file name provided I removed goldcrest.rc from .config to see if there are new config params but it generated a file similar to the old one. Nevertheless, I did my changes to the new one (which means also, I let all whitespace as it is). # # goldcrest runcontrol file # air-server Kitalpha air-tls-mode crypt air-ipv6 off air-6to4 off air-user opensourcerer air-password p45Sw0rD air-key key name # cipher <cipher_name> proto udp # server <server_ip|server_url> # port <port> # tcp-queue-limit <n> # ncp-disable <yes|no> network-lock off ignore-dns-push yes ipv6 no # timeout <seconds> # compress <yes|no|asym> # proxy-host <host_ip|host_url> # proxy-port <port> # proxy-username <proxy_username> # proxy-password <proxy_password> # proxy-basic <yes|no> # alt-proxy <yes|no> # persist-tun <on|off> # conn-stat-interval <seconds> air-key name has got a space. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Staff 9950 Posted ... @OpenSourcerer Hello! Thank you, bug confirmed and fixed. Before the next version comes out, you might like to use "--air-connect" in place of "-O" to keep testing. Kind regards Quote Share this post Link to post
colorman 26 Posted ... @Staff, I have problems using Bluetit. See attach Operating System: openSUSE Leap 15.3 KDE Plasma Version: 5.18.6 KDE Frameworks Version: 5.76.0 Qt Version: 5.12.7 Kernel Version: 5.3.18-150300.59.46-preempt OS Type: 64-bit Processors: 8 × AMD Ryzen 5 3400G with Radeon Vega Graphics Memory: 13,6 GiBBack to 1.1.0, no problems there bluetit.txt bluetit2.txt Quote Share this post Link to post
Staff 9950 Posted ... @colorman Hello and thank you! AES-CBC for Data Channel is no more accepted and should not be picked automatically, can we see your bluetit.rc and goldcrest.rc files content? Kind regards Quote Share this post Link to post
colorman 26 Posted ... 33 minutes ago, Staff said: @colorman Hello and thank you! AES-CBC for Data Channel is no more accepted and should not be picked automatically, can we see your bluetit.rc and (if you run Golcrest) goldcrest.rc files content, and Goldcrest running options? Kind regards Sorry but i need help with this, don't understand what you mean, but i do my best..... can not attach from /etc/airvpn/ because the are root Like this?@local:/usr/local/bin> ./goldcrest AirVPN_Netherlands_UDP-443-Entry3.ovpn bluetit.rc goldcrest Quote Share this post Link to post
Staff 9950 Posted ... @colorman Hello! The failure is 2022-02-09 11:35:55 Client exception in transport_recv: crypto_alg: AES-256-CBC: bad cipher for data channel use AES-CBC cipher must not (and is not according to our tests) be selected with default settings. Therefore we would like to see the content of the mentioned files to understand how AES-CBC happened to be selected. Forget about Goldcrest running options, we see that you give Goldcrest an ovpn file to parse. Please note that if you generated an OpenVPN configuration file for OpenVPN 2.4, the directive: cipher AES-256-CBC will be included. This directive will cause the error you see on latest OpenVPN3-AirVPN and OpenVPN 2 versions. To generate a proper configuration file for AirVPN Suite and latest OpenVPN 2.5 releases, tick "Advanced Mode", then select "OpenVPN >= 2.5". In this way the aforementioned directive will not be included. Alternatively, do not use ovpn files at all (Bluetit and Goldcrest don't require them with AirVPN). Kind regards Quote Share this post Link to post
OpenSourcerer 1432 Posted ... $ goldcrest --air-connect 2022-02-09 14:45:20 Reading run control directives from file /home/airvpn/.config/goldcrest.rc Goldcrest 1.2.0 Beta 1 - 7 February 2022 2022-02-09 14:45:20 Bluetit - AirVPN OpenVPN 3 Service 1.2.0 Beta 1 - 7 February 2022 2022-02-09 14:45:20 OpenVPN core 3.7.1 AirVPN linux x86_64 64-bit 2022-02-09 14:45:21 Copyright (C) 2012-2020 OpenVPN Inc. All rights reserved. 2022-02-09 14:45:21 OpenSSL 1.1.0l 10 Sep 2019 2022-02-09 14:45:21 Bluetit is ready 2022-02-09 14:45:21 Bluetit options successfully reset 2022-02-09 14:45:21 ERROR: Unknown option --ipv6 . Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Staff 9950 Posted ... @OpenSourcerer Thank you! Do you have "ipv6 on" in your goldcrest.rc ? We brought in from OpenVPN3 main branch the IPv6 member deletion and other IPv6 related modifications. EDIT: ...so ipv6 option is no more supported (check our next message). Kind regards Quote Share this post Link to post
OpenSourcerer 1432 Posted ... 4 minutes ago, Staff said: Do you have "ipv6 on" in your goldcrest.rc ? Same rc as above, ipv6 is off because of server choice. Commenting out ipv6 lets Goldcrest initiate a connection. 1 Staff reacted to this Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
colorman 26 Posted ... 44 minutes ago, Staff said: @colorman Hello! The failure is 2022-02-09 11:35:55 Client exception in transport_recv: crypto_alg: AES-256-CBC: bad cipher for data channel use AES-CBC cipher must not (and is not according to our tests) be selected with default settings. Therefore we would like to see the content of the mentioned files to understand how AES-CBC happened to be selected. Forget about Goldcrest running options, we see that you give Goldcrest an ovpn file to parse. Please note that if you generated an OpenVPN configuration file for OpenVPN 2.4, the directive: cipher AES-256-CBC will be included. This directive will cause the error you see on latest OpenVPN3-AirVPN and OpenVPN 2 versions. To generate a proper configuration file for AirVPN Suite and latest OpenVPN 2.5 releases, tick "Advanced Mode", then select "OpenVPN >= 2.5". In this way the aforementioned directive will not be included. Alternatively, do not use ovpn files at all (Bluetit and Goldcrest don't require them with AirVPN). Kind regards solved thank you...... 1 Staff reacted to this Quote Share this post Link to post
Staff 9950 Posted ... 36 minutes ago, OpenSourcerer said: Same rc as above, ipv6 is off because of server choice. Commenting out ipv6 lets Goldcrest initiate a connection. Hello! Yes, ipv6 option has been removed. From the changelog: [ProMIND] Removed ipv6 command line option and replaced with allowuaf option (Allow Unused Address Families) in order to comply to the new OpenVPN3 specifications The next user's manual which will be published with the stable release will reflect the change. Kind regards Quote Share this post Link to post
OpenSourcerer 1432 Posted ... 3 hours ago, Staff said: The next user's manual which will be published with the stable release will reflect the change. The part of the suite writing the boilerplate goldcrest.rc if it doesn't exist should reflect this change, too. I also noticed that Bluetit/Goldcrest don't use the system OpenSSL. Is that a deliberate choice or accidental? 2022-02-08 18:39:50 OpenSSL 1.1.0l 10 Sep 2019 System version is 1.1.1m. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Staff 9950 Posted ... @OpenSourcerer Hello! Sure, the *.rc templates will be adjusted accordingly. The Suite must use system OpenSSL library, simply because it has nothing else. That log entry is very strange, as OpenSSL 1.1.0 is nowhere, and we have noticed the same on a different system (Fedora 35). Under investigation. Thanks again. Kind regards Quote Share this post Link to post
Staff 9950 Posted ... On 2/9/2022 at 6:50 PM, OpenSourcerer said: I also noticed that Bluetit/Goldcrest don't use the system OpenSSL. Is that a deliberate choice or accidental? 2022-02-08 18:39:50 OpenSSL 1.1.0l 10 Sep 2019 System version is 1.1.1m. Hello! Explanation found. OpenVPN3 hard codes internally the OpenSSL header value at compilation time, even though OpenSSL is linked dynamically. So, if you compile in, say, Debian 9 to ensure maximum compatibility, OpenVPN 3 will claim "1.1.0h" regardless of the actual OpenSSL used during runtime. It's a wrong approach our library inherited from the master branch. The correct approach would be for example using the proper library function to get and return the library version and avoid the aforementioned hard coding. We are going to fix this botch in our fork asap. EDIT: fix implemented in OpenVPN3 AirVPN 3.7.2. AirVPN Suite 1.2.0 RC 1 is now linked against the new library. Kind regards Quote Share this post Link to post
Staff 9950 Posted ... Hello!Update: AirVPN Suite 1.2.0 Release Candidate 1 is now available. Original message download links and changelog have been updated accordingly. RC 1 is linked against the new OpenVPN3-AirVPN library and fixes all the glitches you have found so far in beta 1. Thank you for your tests! Kind regards 1 colorman reacted to this Quote Share this post Link to post
OpenSourcerer 1432 Posted ... I've been testing this a little on the command line. 1. If passwords (-P) are quoted with "", the marks appear to be seen as part of the password. Single quotes ' ' work, though, and -F accepts them both as well. Backslash escapes work as well. $ goldcrest -O -S Kitalpha -V off -B off -U opensourcerer -P "<password with special Bash characters like * and &>" -F "key name" -6 off 2022-02-26 19:32:12 Reading run control directives from file […]/.config/goldcrest.rc … 2022-02-26 19:12:18 Logging in AirVPN user opensourcerer 2022-02-26 19:12:18 ERROR: AirVPN login failed for user opensourcerer$ goldcrest -O -S Kitalpha -V off -B off -U opensourcerer -P '<password with special Bash characters like * and &>' -F "key name" -6 off … 2022-02-26 19:28:49 Logging in AirVPN user opensourcerer 2022-02-26 19:28:49 AirVPN user opensourcerer successfully logged in 2. -6's off setting is unrecognized. $ goldcrest -O -S Kitalpha -V off -B off -U opensourcerer -P <password> -F "key name" -6 off Goldcrest 1.2.0 RC 1 - 15 February 2022 …2022-02-26 19:12:47 AirVPN user opensourcerer successfully logged in2022-02-26 19:12:47 Selected user key: <key name>2022-02-26 19:12:48 ERROR eval config error: ERR_PROFILE_GENERIC: IPv6Setting: unrecognized setting: 'off' A test afterwards showed the same for allowuaf option in the rc. Default rc does list it as a possible option, though. 3. If allowuaf is not set to off, the suite pushes routes for v6 rerouting, too, regardless of whether the server supports v6 or not. Edge case… but how would you handle someone requesting v6 for Kitalpha? Also from the docs, the default is default, so I deduce that the floor here is made out of floor. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Staff 9950 Posted ... 15 hours ago, OpenSourcerer said: I've been testing this a little on the command line. 1. If passwords (-P) are quoted with "", the marks appear to be seen as part of the password. Single quotes ' ' work, though, and -F accepts them both as well. Backslash escapes work as well. Hello and thank you! OK, it sounds fine here. Quote 2. -6's off setting is unrecognized. Yes, bug reproduced - it doesn't recognize any setting. Quote If allowuaf is not set to off, the suite pushes routes for v6 rerouting, too, regardless of whether the server supports v6 or not. Edge case… but how would you handle someone requesting v6 for Kitalpha? If connection is attempted over IPv6, for example because default system choice is IPv6 or configuration file prescribes IPv6 address in remote directive, failure is expected when IPv6 is not available server side. That's fine. The problem in such systems is again the bug for which one can't turn off -6 (allowuaf), making those almost unable to connect to IPv4 only servers (a remote IPv4 address must be forced to circumvent the problem). Quote Also from the docs, the default is default, so I deduct that the floor here is made out of floor. The default setting for IPv6 should be the default system setting. Docs clarification/fix needed, we will check. Thank you very much! Kind regards Quote Share this post Link to post
Staff 9950 Posted ... @OpenSourcerer Hello!-6 option problem you have detected is caused by the fact that the option is managed by OpenVPN3 and not by the Suite. OpenVPN3 options can't have "on", "off" etc. arguments, but only "yes", "no" and "default"/other, while the Suite parser is much more flexible. We will translate the arguments of those options which are managed internally by OpenVPN3 in order to resolve the issue. In the meantime you should use only "yes" or "no" to resolve the problem and keep testing. Kind regards 1 OpenSourcerer reacted to this Quote Share this post Link to post
OpenSourcerer 1432 Posted ... Some options don't make much sense in ad-hoc mode, and I think these should be separated in the help file and elsewhere. Specifically, these are at least --bluetit-status, --bluetit-stats, --pause, --resume, --reconnect. Calling them in a second terminal if Goldcrest initiated the connection gives me this: 2022-02-28 18:26:37 DBusConnectorException: DBusConnector: not primary owner (2) But the actual issue is that --pause/--resume and --reconnect are somewhat unstable. --pause works always, but --resume often does not: Feb 28 19:02:52 bluetit[9396]: EVENT: PAUSE Received pause signal Feb 28 19:02:52 bluetit[9396]: ERROR: N_PAUSE Feb 28 19:03:00 bluetit[9396]: Requested method "version" Feb 28 19:03:00 bluetit[9396]: Requested method "openvpn_info" Feb 28 19:03:00 bluetit[9396]: Requested method "openvpn_copyright" Feb 28 19:03:00 bluetit[9396]: Requested method "ssl_library_version" Feb 28 19:03:00 bluetit[9396]: Requested method "resume_connection" Feb 28 19:03:00 bluetit[9396]: Resuming VPN connection Feb 28 19:03:00 bluetit[9396]: EVENT: RESUME Feb 28 19:03:00 bluetit[9396]: EVENT: RESUME Feb 28 19:03:00 bluetit[9396]: DBusConnectorException: DBusConnector: cannot append argument to method Feb 28 19:03:00 bluetit[9396]: Stopping OpenVPN3 connection thread Feb 28 19:03:00 bluetit[9396]: EVENT: RECONNECTING Feb 28 19:03:00 bluetit[9396]: net_route_del: 128.0.0.0/1 via 10.20.6.1 dev tun0 table 0 metric 0 Feb 28 19:03:00 bluetit[9396]: Connection statistics updater thread finished Feb 28 19:03:00 bluetit[9396]: net_route_del: 0.0.0.0/1 via 10.20.6.1 dev tun0 table 0 metric 0 Feb 28 19:03:00 bluetit[9396]: net_addr_del: 10.20.6.231/24 dev tun0 Feb 28 19:03:00 bluetit[9396]: net_iface_mtu_set: mtu 1500 for tun0 Feb 28 19:03:00 bluetit[9396]: net_iface_up: set tun0 down Feb 28 19:03:00 bluetit[9396]: net_route_del: 91.214.169.71/32 via 192.168.110.1 dev enp39s0 table 0 metric 0 Feb 28 19:03:00 bluetit[9396]: EVENT: DISCONNECTED Feb 28 19:03:00 bluetit[9396]: Network filter successfully restored Feb 28 19:03:00 bluetit[9396]: OpenVPN3 CONNECT ERROR: DBusConnector: cannot append argument to method Feb 28 19:03:00 bluetit[9396]: Stopping OpenVPN3 connection thread Feb 28 19:03:00 bluetit[9396]: OpenVPN3 Connect thread exception: Verklemmung beim Zugriff auf eine Ressource vermieden Feb 28 19:03:00 bluetit[9396]: Stopping OpenVPN3 connection thread Feb 28 19:03:00 systemd[1]: bluetit.service: Main process exited, code=killed, status=6/ABRT Feb 28 19:03:00 systemd[1]: bluetit.service: Failed with result 'signal'. Same with --reconnect: Feb 28 19:07:46 bluetit[9995]: Reconnecting VPN server Feb 28 19:07:46 bluetit[9995]: Reconnecting OpenVPN3 Feb 28 19:07:46 bluetit[9995]: Reconnecting OpenVPN3 Feb 28 19:07:46 bluetit[9995]: net_route_del: 128.0.0.0/1 via 10.20.6.1 dev tun0 table 0 metric 0 Feb 28 19:07:46 bluetit[9995]: net_route_del: 0.0.0.0/1 via 10.20.6.1 dev tun0 table 0 metric 0 Feb 28 19:07:46 bluetit[9995]: net_addr_del: 10.20.6.231/24 dev tun0 Feb 28 19:07:46 bluetit[9995]: net_iface_mtu_set: mtu 1500 for tun0 Feb 28 19:07:46 bluetit[9995]: net_iface_up: set tun0 down Feb 28 19:07:46 bluetit[9995]: net_route_del: 91.214.169.71/32 via 192.168.110.1 dev enp39s0 table 0 metric 0 Feb 28 19:07:46 bluetit[9995]: EVENT: DISCONNECTED Feb 28 19:07:46 bluetit[9995]: Network filter successfully restored Feb 28 19:07:46 bluetit[9995]: OpenVPN3 CONNECT ERROR: DBusConnector: cannot append argument to method Feb 28 19:07:46 bluetit[9995]: Stopping OpenVPN3 connection thread Feb 28 19:07:46 bluetit[9995]: Connection statistics updater thread finished Feb 28 19:07:46 bluetit[9995]: OpenVPN3 Connect thread exception: Verklemmung beim Zugriff auf eine Ressource vermieden Feb 28 19:07:46 bluetit[9995]: Stopping OpenVPN3 connection thread Feb 28 19:07:46 systemd[1]: bluetit.service: Main process exited, code=killed, status=6/ABRT Feb 28 19:07:46 systemd[1]: bluetit.service: Failed with result 'signal'. The connect thread exceptions are: Deadlock prevented when accessing a resource. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Staff 9950 Posted ... @OpenSourcerer Hello! Quote Calling them in a second terminal if Goldcrest initiated the connection gives me this: 2022-02-28 18:26:37 DBusConnectorException: DBusConnector: not primary owner (2) Yes, that's fine, Bluetit implements an exclusive D-Bus mode to prevent multiple clients from connecting to it. Quote Feb 28 19:07:46 bluetit[9995]: OpenVPN3 CONNECT ERROR: DBusConnector: cannot append argument to method That's puzzling, it may be caused by D-Bus lack of memory or wrong data type (EDIT: the error would be caused by lack of memory only according to D-Bus documentation) Furthermore Bluetit crashes immediately after.: Quote Feb 28 19:07:46 systemd[1]: bluetit.service: Main process exited, code=killed, status=6/ABRT Feb 28 19:07:46 systemd[1]: bluetit.service: Failed with result 'signal'. We've been struggling and failing to reproduce the issue so far. Can you tell us your D-Bus version? Have you experienced the problem in Arch only or even in other distributions? Kind regards Quote Share this post Link to post
OpenSourcerer 1432 Posted ... 8 hours ago, Staff said: Can you tell us your D-Buys version? Have you experienced the problem in Arch only or even in other distributions? $ dbus-daemon --version D-Bus Message Bus Daemon 1.12.20 Copyright (C) 2002, 2003 Red Hat, Inc., CodeFactory AB, and others This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Didn't test this on other distros, so only Arch so far. Any particular distros (+version) I should retest this with? Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Staff 9950 Posted ... @OpenSourcerer Hello! We couldn't reproduce the issue in Arch, but our distribution uses DBus 1.14, while yours runs the 1.12.20 legacy. Do you have the option to upgrade to 1.12.22 or 1.14 and check whether the problem gets resolved or not? We start suspecting that the issue is related to 1.12.20. Kind regards Quote Share this post Link to post
OpenSourcerer 1432 Posted ... 2 hours ago, Staff said: while yours runs the 1.12.20 legacy Ran. [2022-03-03T23:29:22+0100] [ALPM] upgraded dbus (1.12.20-1 -> 1.14.0-1) When I checked the version at that time, 1.12.20 was indeed the current version in the repository. Retested this with 1.14 now. Mär 04 13:23:08 bluetit[4892]: Requested method "version" Mär 04 13:23:08 bluetit[4892]: Requested method "openvpn_info" Mär 04 13:23:08 bluetit[4892]: Requested method "openvpn_copyright" Mär 04 13:23:08 bluetit[4892]: Requested method "ssl_library_version" Mär 04 13:23:08 bluetit[4892]: Requested method "reconnect_connection" Mär 04 13:23:08 bluetit[4892]: Reconnecting VPN server Mär 04 13:23:08 bluetit[4892]: Reconnecting OpenVPN3 Mär 04 13:23:08 bluetit[4892]: Reconnecting OpenVPN3 Mär 04 13:23:08 bluetit[4892]: net_route_del: 128.0.0.0/1 via 10.20.6.1 dev tun0 table 0 metric 0 Mär 04 13:23:08 bluetit[4892]: net_route_del: 0.0.0.0/1 via 10.20.6.1 dev tun0 table 0 metric 0 Mär 04 13:23:08 bluetit[4892]: net_addr_del: 10.20.6.231/24 dev tun0 Mär 04 13:23:08 bluetit[4892]: net_iface_mtu_set: mtu 1500 for tun0 Mär 04 13:23:08 bluetit[4892]: net_iface_up: set tun0 down Mär 04 13:23:08 bluetit[4892]: net_route_del: 91.214.169.71/32 via 192.168.110.1 dev enp39s0 table 0 metric 0 Mär 04 13:23:08 bluetit[4892]: EVENT: DISCONNECTED Mär 04 13:23:08 bluetit[4892]: Network filter successfully restored Mär 04 13:23:08 bluetit[4892]: OpenVPN3 CONNECT ERROR: DBusConnector: cannot append argument to method Mär 04 13:23:08 bluetit[4892]: Stopping OpenVPN3 connection thread Mär 04 13:23:08 bluetit[4892]: Connection statistics updater thread finished Mär 04 13:23:08 bluetit[4892]: OpenVPN3 Connect thread exception: Verklemmung beim Zugriff auf eine Ressource vermieden Mär 04 13:23:08 bluetit[4892]: Stopping OpenVPN3 connection thread Mär 04 13:23:08 systemd[1]: bluetit.service: Main process exited, code=killed, status=6/ABRT Mär 04 13:23:08 systemd[1]: bluetit.service: Failed with result 'signal'. Would a higher verbosity setting for OpenVPN 3 cause Bluetit to log more verbosely? Though I don't see an option for anything debug besides --ssl-debug. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Staff 9950 Posted ... Hello!Update: AirVPN Suite 1.2.0 Release Candidate 2 is now available. Original message download links and changelog have been updated accordingly. Thank you for your tests! Kind regards 1 colorman reacted to this Quote Share this post Link to post