<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: "Gernot W. Schmied" <gernot.schmied,AT,chello,DOT,at>
Subject: Re: pkcipe problem "frame error" - RESUBMITTED
From: "Hans Steegers" <hsx,AT,dds,DOT,nl>
Date: Sun, 31 Aug 2003 21:26:00 +0200
Cc: <cipe-l,AT,inka,DOT,de>
Reply-to: "Hans Steegers" <steegers,AT,steegers,DOT,nl>

>I have posted this quite a while ago, maybe there exists somebody who
>can offer a hint.
Probably because you didn't supply sufficient information.

* Did you try the debug option?
* Did you try to compile without the --disable-debug option?
.. etc. to get more information for clues?

>The client connect fails with:
>Aug 22 00:38:26 pollux pkcipe[1698]: connect to 192.168.1.1
>Aug 22 00:38:26 pollux pkcipe[1698]: packetRecv: frame error
this is from the sources (packet.c):
...
    debug((DEB_PKT,
           "packetRecv: %02x %02x %02x (%d)",
           hb[0], hb[1], hb[2], ll));
    if (ll<1 || ll>PKTMAXLEN-2 || ll>len-2 || hb[0]!='*') {
        Log(LOG_ERR, "packetRecv: frame error");
        if (debugging&DEB_PKTERR) {
            memcpy(d, hb, 3);
            e=read(fd, d+3, len-3); /* not xread! */
            Log(LOG_DEBUG, "packetRecv: frame error, received stuff
follows");
            hexdump(d, e+3);
        }
        return -1;

which means you can make a hexdump of the packet, which will tell you more.

>Aug 22 00:38:26 pollux pkcipe[1698]: peer: no magic
main.c:
    if (packetRecv(fd, buf, sizeof(buf))<6) {
        Log(LOG_INFO, "peer: no magic");
        close(fd);
        return 2;
    }

Somehow, the tcp (!) packets are mutilated/corrupted. The cause can be
anything.
Since cipe works well using a static key, the UDP packets are not corrupted.

Hans Steegers

-----Original Message-----
From: Gernot W. Schmied <gernot.schmied,AT,chello,DOT,at>
To: cipe-l,AT,inka,DOT,de <cipe-l,AT,inka,DOT,de>
Date: Sunday, August 31, 2003 8:50 PM
Subject: pkcipe problem "frame error" - RESUBMITTED

>Hello,
>
>I have posted this quite a while ago, maybe there exists somebody who
>can offer a hint.
>
>I'm running pkcipe 1.5.4 via xinetd on callisto (192.168.1.1) and trying to
>connect from pollux (192.168.1.2) via pollux# pkcipe -c callisto:pkcipe
>
>callisto# cat /etc/xinetd.d/pkcipe
>service pkcipe
>{
>         socket_type     = stream
>         protocol        = tcp
>         wait            = no
>         user            = root
>         server          = /usr/local/sbin/pkcipe
>         server_args     = -s 963
>         disable         = no
>}
>
>This appears to work, I don't see any logging on the callisto side.
>
>The client connect fails with:
>Aug 22 00:38:26 pollux pkcipe[1698]: connect to 192.168.1.1
>Aug 22 00:38:26 pollux pkcipe[1698]: packetRecv: frame error
>Aug 22 00:Hello,
>
>I'm running pkcipe via xinetd on callisto (192.168.1.1) and trying to
>connect from pollux (192.168.1.2) via pollux# pkcipe -c callisto:pkcipe
>
>callisto# cat /etc/xinetd.d/pkcipe
>service pkcipe
>{
>         socket_type     = stream
>         protocol        = tcp
>         wait            = no
>         user            = root
>         server          = /usr/local/sbin/pkcipe
>         server_args     = -s 963
>         disable         = no
>}
>
>This appears to work, I don't see any logging on the callisto side.
>
>The client connect fails with:
>Aug 22 00:38:26 pollux pkcipe[1698]: connect to 192.168.1.1
>Aug 22 00:38:26 pollux pkcipe[1698]: packetRecv: frame error
>Aug 22 00:38:26 pollux pkcipe[1698]: peer: no magic
>
>pollux#cat /etc/cipe/pk/callisto
>-----BEGIN PUBLIC KEY-----
>MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdhdZoDIGSaO5jrbVWeBHSsjpm
>VxOIPQJSoVgWB2nTHTqA+3nz6Iz+DClYWUzMt1I+Dd9npOsOxQHvccjZOHRUC+b1
>9rWhDpFRgl/liEpFkCA5POZtiKw7VaDVwOKf89RHLBuDESGYm3CaqDVx9Hxgc8xY
>+61VCR9mvDyiWTzNqQIDAQAB
>-----END PUBLIC KEY-------
>ipaddr  10.1.1.2
>ptpaddr 10.1.1.1
>mask    255.255.255.252
>
>callisto#cat /etc/cipe/pk/pollux
>-----BEGIN PUBLIC KEY-----
>MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDl3o1MUEQN8IjZ9g74OwO1i8Cn
>+nveaW0rqsH8qDmgwe2ofQH2RdHADhd+OgbWDzODxlKp/iSTPAExeDo2gvfy+V3f
>cFn04T+Zsng5uDl6YZ/h35r937l9ve/XoxDGzIyg1RSnl6xvIsO9BFu6J7dc5JES
>+bzICr4T58q6kauTlwIDAQAB
>-----END PUBLIC KEY-------
>ipaddr  10.1.1.1
>ptpaddr 10.1.1.2
>mask    255.255.255.252
>
>Any help appreciated,
>Gernot
>
>PS: The CIPE setup without pkcipe works like a charm
>
>38:26 pollux pkcipe[1698]: peer: no magic
>
>pollux#cat /etc/cipe/pk/callisto
>-----BEGIN PUBLIC KEY-----
>MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdhdZoDIGSaO5jrbVWeBHSsjpm
>VxOIPQJSoVgWB2nTHTqA+3nz6Iz+DClYWUzMt1I+Dd9npOsOxQHvccjZOHRUC+b1
>9rWhDpFRgl/liEpFkCA5POZtiKw7VaDVwOKf89RHLBuDESGYm3CaqDVx9Hxgc8xY
>+61VCR9mvDyiWTzNqQIDAQAB
>-----END PUBLIC KEY-------
>ipaddr  10.1.1.2
>ptpaddr 10.1.1.1
>mask    255.255.255.252
>
>callisto#cat /etc/cipe/pk/pollux
>-----BEGIN PUBLIC KEY-----
>MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDl3o1MUEQN8IjZ9g74OwO1i8Cn
>+nveaW0rqsH8qDmgwe2ofQH2RdHADhd+OgbWDzODxlKp/iSTPAExeDo2gvfy+V3f
>cFn04T+Zsng5uDl6YZ/h35r937l9ve/XoxDGzIyg1RSnl6xvIsO9BFu6J7dc5JES
>+bzICr4T58q6kauTlwIDAQAB
>-----END PUBLIC KEY-------
>ipaddr  10.1.1.1
>ptpaddr 10.1.1.2
>mask    255.255.255.252
>
>Any help appreciated,
>Gernot
>
>PS: The CIPE setup without pkcipe works like a charm
>
>
>
>
>--
>Message sent by the cipe-l,AT,inka,DOT,de mailing list.
>Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
>Other commands available with "help" in body to the same address.
>CIPE info and list archive:
<URL:http://sites.inka.de/~bigred/devel/cipe.html>


<< | Thread Index | >> ]    [ << | Date Index | >> ]