"Unauthorized request" messages after tinc update

Nikolaus Rath Nikolaus at rath.org
Wed Aug 28 17:43:25 CEST 2013 

Guus Sliepen <guus-NnCthlHDAqpg9hUCZPvPmw at public.gmane.org> writes:
> On Mon, Aug 26, 2013 at 06:57:42PM -0700, Nikolaus Rath wrote:
>
>> I have three clients that connect to one server. The server runs tinc
>> 1.0.11 and one client runs tinc 1.0.19. I recently upgraded the two
>> other clients from tinc 1.0.11 to tinc 1.0.16.
>> 
>> Since the upgrade, the server now regularly logs messages of the form
>> 
>> Aug 26 12:17:42 ebox tinc.rath[4049]: Unauthorized request from hspc (87.173.111.136 port 42836)
>> 
>> or
>> 
>> Aug 25 18:39:12 ebox tinc.rath[4049]: Unauthorized request from <unknown> (80.137.207.208 port 57335)
>> 
>> (where hspc is the name of one of the clients).
>> 
>> However, the VPN still seems to work just fine, including connections to
>> the two upgraded clients.
>> 
>> Does anyone have an idea what this may mean, or how I can further debug it?
>
> Hm, that is strange. It would be nice to find out what the offending request
> is. Could you raise the debug level to 4, so tinc will print the contents of
> the request, and then send me the results?

Hi Guus,

This is what it looks like with -d 4. I also updated the server tinc
version to 1.0.22 now:

Aug 28 15:20:38 ebox tinc.rath[2759]: Expiring symmetric keys
Aug 28 15:20:38 ebox tinc.rath[2759]: Sending KEY_CHANGED to everyone (BROADCAST): 14 3296e87f ebox
Aug 28 15:39:04 ebox tinc.rath[2759]: Connection from 198.228.212.252 port 32534
Aug 28 15:39:04 ebox tinc.rath[2759]: Sending ID to <unknown> (198.228.212.252 port 32534): 0 ebox 17
Aug 28 15:39:04 ebox tinc.rath[2759]: Sending 10 bytes of metadata to <unknown> (198.228.212.252 port 32534)
Aug 28 15:39:04 ebox tinc.rath[2759]: Got PING from <unknown> (198.228.212.252 port 32534): 8
Aug 28 15:39:04 ebox tinc.rath[2759]: Unauthorized request from <unknown> (198.228.212.252 port 32534)
Aug 28 15:39:04 ebox tinc.rath[2759]: Closing connection with <unknown> (198.228.212.252 port 32534)
Aug 28 15:39:04 ebox tinc.rath[2759]: Purging unreachable nodes
Aug 28 15:39:35 ebox tinc.rath[2759]: Connection from 198.228.212.252 port 52274
Aug 28 15:39:35 ebox tinc.rath[2759]: Sending ID to <unknown> (198.228.212.252 port 52274): 0 ebox 17
Aug 28 15:39:35 ebox tinc.rath[2759]: Sending 10 bytes of metadata to <unknown> (198.228.212.252 port 52274)
Aug 28 15:39:35 ebox tinc.rath[2759]: Flushing 10 bytes to <unknown> (198.228.212.252 port 52274)
Aug 28 15:39:35 ebox tinc.rath[2759]: Got ID from <unknown> (198.228.212.252 port 52274): 0 thinkpad 17
Aug 28 15:39:35 ebox tinc.rath[2759]: Sending METAKEY to thinkpad (198.228.212.252 port 52274): 1 94 64 0 0 A97CFCE4D8374E5A0BDB372E3D6CBD915429E6FCC0841870910987577AF65477701B99561690E016DA895BD7E744A952595DD25B549E3DB7E7BC11EBB040811A9E8066249839E262737E46592B4C7C33C3D...
Aug 28 15:39:35 ebox tinc.rath[2759]: Sending 525 bytes of metadata to thinkpad (198.228.212.252 port 52274)
Aug 28 15:39:35 ebox tinc.rath[2759]: Got METAKEY from thinkpad (198.228.212.252 port 52274): 1 94 64 0 0 82DFB4A31A4314322EC228FCD1D0307A5D296488767F8F5FB216E0AE526347EFB31D5B500BD89A52F3B899B344D791712CC2CE956146D0F58F4D20F3EB5D449C0294EE6E98CF0FE8E95870C11E5B4BA2BCE2A8A7....
[.....]

Best,
Nikolaus

More information about the tinc mailing list