Android Client Openvpn Version 3.5.6 with OPENSSL 1.1.1k
client
1
client
2
dev tun
3
dev tun-ipv6
4
proto tcp-client
5
remote <ip> <port>
6
resolv-retry infinite
7
nobind
8
persist-key
9
persist-tun
10
<ca>
11
--STRIPPED INLINE CA CERT--
12
</ca>
13
ns-cert-type server
14
auth-nocache
15
auth SHA1
16
verb 4
17
compress lz4-v2
18
reneg-sec 0
19
tls-client
20
route-method exe
21
route-delay 2
22
connect-retry 1 1
23
connect-retry-max 5
24
connect-timeout 10
25
auth-user-pass
Client_Log_File
1
05/03 15:24:21: Launching 'app' on pixel.
2
Install successfully finished in 3 s 583 ms.
3
$ adb shell am start -n "sslvpn.client/sslvpn.client.SplashScreen" -a android.intent.action.MAIN -c android.intent.category.LAUNCHER
4
Connected to process 4331 on device 'pixel [emulator-5554]'.
5
Capturing and displaying logcat messages from application. This behavior can be disabled in the "Logcat output" section of the "Debugger" settings page.
6
I/s.sslvpn.clien: Not late-enabling -Xcheck:jni (already on)
7
I/s.sslvpn.clien: Unquickening 12 vdex files!
8
W/s.sslvpn.clien: Unexpected CPU variant for X86 using defaults: x86
9
D/NetworkSecurityConfig: No Network Security Config specified, using platform default
10
D/NetworkSecurityConfig: No Network Security Config specified, using platform default
11
D/libEGL: loaded /vendor/lib/egl/libEGL_emulation.so
12
D/libEGL: loaded /vendor/lib/egl/libGLESv1_CM_emulation.so
13
D/libEGL: loaded /vendor/lib/egl/libGLESv2_emulation.so
14
W/s.sslvpn.clien: Accessing hidden method Landroid/view/View;->computeFitSystemWindows(Landroid/graphics/Rect;Landroid/graphics/Rect;)Z (greylist, reflection, allowed)
15
W/s.sslvpn.clien: Accessing hidden method Landroid/view/ViewGroup;->makeOptionalFitsSystemWindows()V (greylist, reflection, allowed)
16
D/HostConnection: HostConnection::get() New Host Connection established 0xf0ca0a70, tid 4391
17
D/HostConnection: HostComposition ext ANDROID_EMU_CHECKSUM_HELPER_v1 ANDROID_EMU_native_sync_v2 ANDROID_EMU_dma_v1 ANDROID_EMU_direct_mem ANDROID_EMU_host_composition_v1 ANDROID_EMU_host_composition_v2 ANDROID_EMU_vulkan ANDROID_EMU_deferred_vulkan_commands ANDROID_EMU_vulkan_null_optional_strings ANDROID_EMU_vulkan_create_resources_with_requirements ANDROID_EMU_YUV_Cache ANDROID_EMU_async_unmap_buffer ANDROID_EMU_vulkan_ignored_handles ANDROID_EMU_vulkan_free_memory_sync ANDROID_EMU_vulkan_shader_float16_int8 ANDROID_EMU_vulkan_async_queue_submit GL_OES_vertex_array_object GL_KHR_texture_compression_astc_ldr ANDROID_EMU_host_side_tracing ANDROID_EMU_async_frame_commands ANDROID_EMU_gles_max_version_2
18
D/EGL_emulation: eglCreateContext: 0xf0ca1020: maj 2 min 0 rcv 2
19
D/EGL_emulation: eglMakeCurrent: 0xf0ca1020: ver 2 0 (tinfo 0xf0ff01d0) (first time)
20
I/Gralloc4: mapper 4.x is not supported
21
D/HostConnection: createUnique: call
22
D/HostConnection: HostConnection::get() New Host Connection established 0xf0ca0530, tid 4391
23
D/goldfish-address-space: allocate: Ask for block of size 0x100
24
D/goldfish-address-space: allocate: ioctl allocate returned offset 0x3fe757000 size 0x2000
25
D/HostConnection: HostComposition ext ANDROID_EMU_CHECKSUM_HELPER_v1 ANDROID_EMU_native_sync_v2 ANDROID_EMU_dma_v1 ANDROID_EMU_direct_mem ANDROID_EMU_host_composition_v1 ANDROID_EMU_host_composition_v2 ANDROID_EMU_vulkan ANDROID_EMU_deferred_vulkan_commands ANDROID_EMU_vulkan_null_optional_strings ANDROID_EMU_vulkan_create_resources_with_requirements ANDROID_EMU_YUV_Cache ANDROID_EMU_async_unmap_buffer ANDROID_EMU_vulkan_ignored_handles ANDROID_EMU_vulkan_free_memory_sync ANDROID_EMU_vulkan_shader_float16_int8 ANDROID_EMU_vulkan_async_queue_submit GL_OES_vertex_array_object GL_KHR_texture_compression_astc_ldr ANDROID_EMU_host_side_tracing ANDROID_EMU_async_frame_commands ANDROID_EMU_gles_max_version_2
26
I/OpenGLRenderer: Davey! duration=1445ms; Flags=1, IntendedVsync=67665624740738, Vsync=67665624740738, OldestInputEvent=9223372036854775807, NewestInputEvent=0, HandleInputStart=67665628069330, AnimationStart=67665628081252, PerformTraversalsStart=67665628092286, DrawStart=67666273346893, SyncQueued=67666294028780, SyncStart=67666306270901, IssueDrawCommandsStart=67666306947385, SwapBuffers=67666922013067, FrameCompleted=67667082888689, DequeueBufferDuration=110005, QueueBufferDuration=2350877, GpuCompleted=0,
27
I/EngineFactory: Provider GmsCore_OpenSSL not available
28
D/Act: Activity not found
29
I/AppCompatViewInflater: app:theme is now deprecated. Please move to using android:theme instead.
30
I/s.sslvpn.clien: Waiting for a blocking GC ProfileSaver
31
I/s.sslvpn.clien: WaitForGcToComplete blocked ProfileSaver on RunEmptyCheckpoint for 10.875ms
32
D/CompatibilityChangeReporter: Compat change id reported: 147798919; UID 10160; state: ENABLED
33
I/s.sslvpn.clien: JIT allocated 74KB for compiled code of void android.view.View.<init>(android.content.Context, android.util.AttributeSet, int, int)
34
D/OpenVPNClient: CLI: onStart
35
D/OpenVPNService: SERV: Service onCreate called
36
I/JellyBeanHack: Build.VERSION.SDK_INT=30
37
D/OpenVPNService: SERV: onStartCommand action=net.openvpn.openvpn.ACTION_IMPORT_PROFILE_VIA_PATH
38
D/PrefUtil: get_string_by_profile: key='epki_alias.ip [dsadsadsadsa]' value='DISABLE_CLIENT_CERT'
39
D/OpenVPNService: SERV: refresh profiles:
40
D/OpenVPNService: SERV: Profile name='ip [dsadsadsadsa]' ofn='dsadsadsadsa.ovpn' userlock= auto=false epki=true/DISABLE_CLIENT_CERT sl= sc=null dc=null
41
D/OpenVPNService: SERV: onBind intent=Intent { act=net.openvpn.openvpn.BIND cmp=sslvpn.client/.OpenVPNService }
42
I/OpenGLRenderer: Davey! duration=1218ms; Flags=1, IntendedVsync=67671025058731, Vsync=67671308392053, OldestInputEvent=9223372036854775807, NewestInputEvent=0, HandleInputStart=67671320840933, AnimationStart=67671320850672, PerformTraversalsStart=67671320866704, DrawStart=67671654705055, SyncQueued=67671666264374, SyncStart=67671677989148, IssueDrawCommandsStart=67671678226864, SwapBuffers=67672224874642, FrameCompleted=67672255233044, DequeueBufferDuration=141673, QueueBufferDuration=11116143, GpuCompleted=72904454231491230,
43
D/PrefUtil: get_boolean: pause_vpn_on_blanked_screen=false
44
I/OpenVPNService: ConnectivityReceiver: CONNECTIVITY_ACTION conn=true fo=false
45
D/OpenVPNService: SERV: client attach n_clients=1
46
D/OpenVPNClient: CLI: post bind
47
D/PrefUtil: get_string_by_profile: key='username.ip [dsadsadsadsa]' value='asdsad'
48
D/PrefUtil: get_boolean_by_profile: key='auth_password_save.ip [dsadsadsadsa]' value=false
49
D/PrefUtil: get_boolean: auto_keyboard=true
50
I/Choreographer: Skipped 64 frames! The application may be doing too much work on its main thread.
51
I/OpenGLRenderer: Davey! duration=2454ms; Flags=1, IntendedVsync=67671333338953, Vsync=67672400005577, OldestInputEvent=9223372036854775807, NewestInputEvent=0, HandleInputStart=67672402921283, AnimationStart=67672402930745, PerformTraversalsStart=67672403622774, DrawStart=67672453316640, SyncQueued=67672534339643, SyncStart=67672547237141, IssueDrawCommandsStart=67672547501923, SwapBuffers=67673761788085, FrameCompleted=67673800302463, DequeueBufferDuration=644236, QueueBufferDuration=10423825, GpuCompleted=43984843964424,
52
I/AssistStructure: Flattened final assist data: 5704 bytes, containing 1 windows, 45 views
53
W/IInputConnectionWrapper: getTextBeforeCursor on inactive InputConnection
54
W/IInputConnectionWrapper: getSelectedText on inactive InputConnection
55
W/IInputConnectionWrapper: getTextAfterCursor on inactive InputConnection
56
W/IInputConnectionWrapper: getTextBeforeCursor on inactive InputConnection
57
W/IInputConnectionWrapper: getSelectedText on inactive InputConnection
58
W/IInputConnectionWrapper: getTextAfterCursor on inactive InputConnection
59
W/IInputConnectionWrapper: beginBatchEdit on inactive InputConnection
60
getTextBeforeCursor on inactive InputConnection
61
W/IInputConnectionWrapper: endBatchEdit on inactive InputConnection
62
D/PrefUtil: set_string_by_profile: key='username.ip [dsadsadsadsa]' value='uouo'
63
D/PrefUtil: set_boolean_by_profile: key='auth_password_save.ip [dsadsadsadsa]' value=false
64
D/PrefUtil: get_string: vpn_proto='adaptive'
65
D/PrefUtil: get_string: conn_timeout='60'
66
get_string: compression_mode='yes'
67
D/OpenVPNService: SERV: client attach n_clients=1
68
D/OpenVPNClientBase: CLI: submitConnectIntent: ip [dsadsadsadsa]
69
D/OpenVPNService: SERV: onStartCommand action=net.openvpn.openvpn.CONNECT
70
D/OpenVPNService: SERV: profile file len=1734
71
D/PrefUtil: get_boolean: tun_persist=false
72
D/PrefUtil: get_boolean: google_dns_fallback=true
73
get_boolean: force_aes_cbc_ciphersuites=true
74
I/OpenVPNService: SERV: CONNECT prof=ip [dsadsadsadsa] user=uouo proxy= serv=ip proto=adaptive to=60 resp=null epki_alias=DISABLE_CLIENT_CERT comp=yes
75
D/PrefUtil: set_string: autostart_profile_name='ip [dsadsadsadsa]'
76
I/OpenVPNService: EVENT: CORE_THREAD_ACTIVE
77
D/OpenVPNService: SOCKET PROTECT: fd=74 protected status=true
78
D/PrefUtil: get_boolean: auto_keyboard=true
79
I/OpenVPNService: LOG: OpenVPN core 3.5.6 android i386 32-bit
80
I/OpenVPNService: LOG: Frame=512/2048/512 mssfix-ctrl=1250
81
I/OpenVPNService: LOG: UNUSED OPTIONS
82
1 [dev] [tun]
83
5 [resolv-retry] [infinite]
84
6 [nobind]
85
7 [persist-key]
86
8 [persist-tun]
87
11 [auth-nocache]
88
13 [verb] [3]
89
15 [tls-client]
90
16 [route-method] [exe]
91
17 [route-delay] [2]
92
18 [connect-retry] [1] [1]
93
19 [connect-retry-max] [5]
94
20 [connect-timeout] [10]
95
I/OpenVPNService: EVENT: RESOLVE
96
I/OpenVPNService: LOG: Contacting ip:port via TCPv4
97
I/OpenVPNService: EVENT: WAIT
98
I/OpenVPNService: LOG: Connecting to [ip]:port (ip) via TCPv4
99
I/OpenVPNService: EVENT: CONNECTING
100
I/OpenVPNService: LOG: Tunnel Options:V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client
101
I/OpenVPNService: LOG: Creds: Username/Password
102
I/OpenVPNService: LOG: Peer Info:
103
IV_VER=3.5.6
104
IV_PLAT=android
105
IV_LZO=1
106
IV_GUI_VER=sslvpn.client.android 2.3.0-1
107
IV_BS64DL=1
108
D/OpenVPNService: EXIT: connect() exited, err=false, msg=''
109
I/OpenVPNService: STAT BYTES_IN=2091
110
STAT BYTES_OUT=900
111
STAT PACKETS_IN=6
112
STAT PACKETS_OUT=7
113
I/OpenVPNService: STAT AUTH_FAILED=1
114
I/OpenVPNService: LOG: VERIFY OK: depth=1
115
I/OpenVPNService: LOG: VERIFY OK: depth=0
116
I/OpenVPNService: LOG: SSL Handshake:
117
I/OpenVPNService: LOG: Session is ACTIVE
118
I/OpenVPNService: EVENT: GET_CONFIG
119
I/OpenVPNService: LOG: Sending PUSH_REQUEST to server...
120
I/OpenVPNService: LOG: AUTH_FAILED
121
I/OpenVPNService: EVENT: AUTH_FAILED info='Data channel cipher negotiation failed (no shared cipher)'
122
I/OpenVPNService: EVENT: DISCONNECTED
123
D/PrefUtil: delete_key: key='autostart_profile_name'
124
I/OpenVPNService: EVENT: CORE_THREAD_INACTIVE
125
D/PrefUtil: get_boolean_by_profile: key='auth_password_save.ip [dsadsadsadsa]' value=false
126
D/PrefUtil: get_boolean: auto_keyboard=true
127
I/Choreographer: Skipped 31 frames! The application may be doing too much work on its main thread.
Server Openvpn Version 2.5.1 with OPENSSL 1.0.2
server
1
topology subnet
2
script-security 3
3
daemon
4
keepalive 10 60
5
ping-timer-rem
6
persist-tun
7
persist-key
8
tls-server
9
client-config-dir ccd
10
ifconfig-pool-persist ipp.txt 0
11
verify-client-cert none
12
management-client-auth
13
username-as-common-name
14
ca <tt-root-s3.pem>
15
cert <server.crt>
16
key <server.key>
17
dh <dh2048.dem>
18
reneg-sec 0
19
status <status log>
20
management <management app unix socket>
21
dev tun1
22
dev-type tun
23
port <port>
24
proto tcp-server
25
data-ciphers "AES-256-GCM:AES-192-GCM:AES-128-GCM:AES-256-CBC:AES-192-CBC:AES-128-CBC"
26
data-ciphers-fallback "AES-256-CBC"
27
auth SHA1
28
compress lz4
29
push "compress lz4"
30
server x.x.x.x y.y.y.y
31
max-clients 100
Server Log
1
May 3 14:00:48 2021 SSLVPN: osman@localhost.localdomain/192.168.0.120:34014 Connection reset, restarting [0]
2
May 3 14:00:48 2021 SSLVPN: action=client-connect auth_type=user two_factor_auth=False login=Success message=Valid config=ssl-vpn dev=tun1 username=osman@localhost.localdomain common_name=osman@localhost.localdomain client_ip=10.8.3.2 remote_ip=192.168.0.120 connect_time_unix=1620039646 disconnect_time_unix= duration_time= duration_time_seconds= sent_bytes= received_bytes=
3
May 3 14:02:03 2021 SSLVPN: OpenVPN CLIENT LIST
4
May 3 14:02:03 2021 SSLVPN: Updated,2021-05-03 14:02:03
5
May 3 14:02:03 2021 SSLVPN: Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
6
May 3 14:02:03 2021 SSLVPN: ROUTING TABLE
7
May 3 14:02:03 2021 SSLVPN: Virtual Address,Common Name,Real Address,Last Ref
8
May 3 14:02:03 2021 SSLVPN: GLOBAL STATS
9
May 3 14:02:03 2021 SSLVPN: Max bcast/mcast queue length,0
10
May 3 14:02:03 2021 SSLVPN: END
11
May 3 14:03:18 2021 SSLVPN: TCP connection established with [AF_INET6]::ffff:192.168.0.120:34140
12
May 3 14:03:18 2021 SSLVPN: 192.168.0.120:34140 peer info: IV_VER=3.5.6
13
May 3 14:03:18 2021 SSLVPN: 192.168.0.120:34140 peer info: IV_PLAT=android
14
May 3 14:03:18 2021 SSLVPN: 192.168.0.120:34140 peer info: IV_LZO=1
15
May 3 14:03:18 2021 SSLVPN: 192.168.0.120:34140 peer info: IV_GUI_VER=sslvpn.client.android_2.3.0-1
16
May 3 14:03:18 2021 SSLVPN: 192.168.0.120:34140 peer info: IV_BS64DL=1
17
May 3 14:03:18 2021 SSLVPN: 192.168.0.120:34140 WARNING: \'link-mtu\' is used inconsistently, local=\'link-mtu 1552\', remote=\'link-mtu 1544\'
18
May 3 14:03:18 2021 SSLVPN: 192.168.0.120:34140 WARNING: \'auth\' is used inconsistently, local=\'auth [null-digest]\', remote=\'auth SHA1\'
19
May 3 14:03:18 2021 SSLVPN: 192.168.0.120:34140 WARNING: \'keysize\' is used inconsistently, local=\'keysize 256\', remote=\'keysize 128\'
20
May 3 14:03:18 2021 SSLVPN: 192.168.0.120:34140 [osman@localhost.localdomain] Peer Connection Initiated with [AF_INET6]::ffff:192.168.0.120:34140
21
May 3 14:03:19 2021 SSLVPN: osman@localhost.localdomain/192.168.0.120:34140 MULTI_sva: pool returned IPv4=10.8.3.2, IPv6=(Not enabled)
22
May 3 14:03:19 2021 SSLVPN: osman@localhost.localdomain/192.168.0.120:34140 PUSH: No common cipher between server and client. Server data-ciphers: \'AES-256-GCM:AES-128-GCM\', client supports cipher \'BF-CBC\'
23
May 3 14:03:19 2021 SSLVPN: osman@localhost.localdomain/192.168.0.120:34140 Connection reset, restarting [0]
For example, adding some --data-ciphers just client or adding both some --data-cipher server and client or adding some --data-ciphers just server but all of them is not working. I have one more test case different from others, that is adding some --data-ciphers to server and adding one of the data-cipher parameter to cipher parameter in client but that is not a data channel negotiation 