similar to: error:060A7094:digital envelope routines:EVP_EncryptUpdate:invalid operation

Thanks Peter. I saw that bug report and actually posted a comment on it. I think I may have some software that depends on OpenSSL 1.1.1b so I can't downgrade it. On Mon, May 20, 2019 at 7:25 AM Peter Whisker <peter at whisker.org.uk> wrote: > Hi Daniel > > This is all I can see about this out there - it seems to be a problem > brought about by OpenSSL 1.1.1b and the

One of my hosts just rebooted for the first time in ages, and now it won't connect to any other nodes. The log just contains continual "error while decrypting metadata" errors. tincd[8324]: Error while decrypting: error:060A7094:digital envelope routines:EVP_EncryptUpdate:invalid operation tincd[8324]: Error while decrypting metadata from fairfield_gw (yy.yy.yy.yy port 655)

On 18/10/19 7:30 am, Hamish Moffatt wrote: > One of my hosts just rebooted for the first time in ages, and now it > won't connect to any other nodes. > > The log just contains continual "error while decrypting metadata" errors. > > tincd[8324]: Error while decrypting: error:060A7094:digital envelope > routines:EVP_EncryptUpdate:invalid operation >

Hello everybody, Thank you Fufu Fang for your quick reply: With tinc version 1.0.35 and the bellow options at 100% CPu load i get about 10 MB/s... PMTU = 1400 PMTUDiscovery = yes #Cipher = none Cipher = chacha20-poly1305 Digest = blake2b512 Tried Cipher = none as well and also got 10MB/s with 100% CPU on one thread the other three available threads are idle. With inc_1.1~pre17-1.1_amd64.deb

From: Andreas Rammhold <andreas at rammhold.de> With OpenSSL versions 1.0.2r & 1.1.1b there were changes in regards to how OpenSSL treats misuse of Encrypt/Decrypt EVP methods in the opposite case. E.g. using the encrypt methods in a decrypt context. OpenSSL now returns an error in these situations. [1] Since tinc used the EVP_EncryptUpdate function in the cipher_decrypt function the

On Thu, Jun 19, 2014 at 2:51 PM, Andrew Rae <A.M.Rae at leeds.ac.uk> wrote: > Hi all, > > wasnt sure whether this was the best place to put this information; but something seems to have gone 'backwards' in the later pre-releases of 6.03 regarding network booting. I'd say this is an excellent place to start. I'm getting some similar results here with the precompiled

Hey Folks, It seems that Homebrew for some reason arbitrarily decided to banish all of the --devel flavors from all of their installable packages.  I couldn't find any discussion as to why or what they intend to replace the function with. **update;  this is where they decided to do this; https://github.com/Homebrew/brew/pull/5060#issuecomment-428149176 But in the meantime, 1.1pre17 is

FYI, while rebuilding on Stretch: dpkg -i tinc_1.1~pre17-1.1_amd64.deb A seleccionar pacote anteriormente não seleccionado tinc. (Lendo banco de dados ... 33426 ficheiros e directórios actualmente instalados.) A preparar para desempacotar tinc_1.1~pre17-1.1_amd64.deb ... A descompactar tinc (1.1~pre17-1.1) ... Configurando tinc (1.1~pre17-1.1) ... /var/lib/dpkg/info/tinc.postinst: 10:

> Hi all, > > wasnt sure whether this was the best place to put this information; but something seems to have gone 'backwards' in the later pre-releases of 6.03 regarding network booting. > > below are results of me testing - i did each a few times to make sure they are valid results. > > hope it helps identify something that's gone awry ? > so far, 6.03

On 07/01/2014 09:55 PM, Gene Cumm wrote: > On Jul 1, 2014 10:37 PM, "Alexander Perlis" <aperlis at math.lsu.edu > > I believe I'm seeing a bug in lpxelinux.0 6.03-pre17 ... > > Odd. 4.07 should be good but the 4.10/5.1*/6.0* revisions make sense. My bad. I tried again, and in 4.07 we do get further. We couldn't boot all the way because, it seems, using

>From: Syslinux [syslinux-bounces at zytor.com] On Behalf Of Ady [ady-sf at hotmail.com] >Sent: 25 June 2014 19:32 >To: syslinux at zytor.com >Subject: Re: [syslinux] testing out 6.03 network booting... > >> > From: Matt Fleming [matt at console-pimps.org] >> > Sent: 25 June 2014 07:39 >> > To: Andrew Rae >> > Cc: Gene Cumm; syslinux at zytor.com

> > From: Matt Fleming [matt at console-pimps.org] > > Sent: 25 June 2014 07:39 > > To: Andrew Rae > > Cc: Gene Cumm; syslinux at zytor.com > > Subject: Re: [syslinux] testing out 6.03 network booting... > > > > Andrew, could you try out syslinux-6.03-pre18? Peter pushed the release > > button yesterday and -pre18 contains my change. It would be

Hi all, wasnt sure whether this was the best place to put this information; but something seems to have gone 'backwards' in the later pre-releases of 6.03 regarding network booting. below are results of me testing - i did each a few times to make sure they are valid results. hope it helps identify something that's gone awry ? so far, 6.03 pre11 and pre13 (excluding efi32) seem most

On 06/16/2014 05:14 PM, Gene Cumm wrote: > This sounds like you're using gpxelinux.0 4.07 which as I stated will > introduce issues. Instead of using gpxelinux.0 4.07, try pxelinux.0 > 4.07 then do your chainload to lpxelinux.0 6.02. If this doesn't > solve it, try 6.03-pre14. When I DHCP boot to lpxelinux.0 6.02, and then pxechn.c32 back to lpxelinux.0 6.02 with the http

Hello everybody, First a big thanks for tinc-vpn I am still using it next to wireguard and openvpn. I am having a setup where the tinc debian appliance is at 100% cpu load doing about 7.5MB/s. Compression = 9 PMTU = 1400 PMTUDiscovery = yes Cipher = aes-128-cbc How can I pick a cipher that is the fasted for my CPU and don't create a CPU bottleneck at 100%. Kind regards, Jelle de Jong

Especially you who are doing large-scale network booting, please try out 4.10-pre17 *and report the results*. I'm hoping with Gene Cumm's fixes that we have can promote this to a full release shortly, but I really need test reports -- good or bad. -hpa -- H. Peter Anvin, Intel Open Source Technology Center I work for Intel. I don't speak on their behalf.

Hi, I finally managed to test pxelinux 4.10 pre17 in our VMware environment and can report that HTTP booting seems to work reliably now. Downloads are fairly fast. As a side note, rosh "ls" and "pwd" commands now work as expected with a HTTP TFTP prefix, cool! I'll leave it in production use now and report about any further issues. Can you already tell when a 4.10

On Jul 1, 2014 10:37 PM, "Alexander Perlis" <aperlis at math.lsu.edu> wrote: > > I believe I'm seeing a bug in lpxelinux.0 6.03-pre17 but I need some advice on how to isolate and troubleshoot this. (I can't try pre18 at the moment, but did try 4.07 and 5.10 and saw similar behavior, also with pxelinux.0, so although I'll give pre18 a try soon, some

Hi Parke, Thanks for replying. I mkdir it, kill tinc and restart, nothing in config changed, and it works! I don't know what's behind but I should've try system "kill" rather than tinc's stop/restart stuff... Parke <parke.nexus at gmail.com> 于2019年5月7日周二 上午5:12写道： > On Mon, May 6, 2019 at 2:12 AM David Penn <px920906 at gmail.com> wrote: > > > On

Hello, I tried to find out how about to use the hardware crypto engines under Solaris (Sun Fire T2000). It seems, that its not just a compilation issue: > For operations that are to be offloaded, it is necessary to restrict use to subset > of OpenSSL functions (the EVP_ functions) and explicitly indicate the use of the PKCS11 > engine; something like the following works for bulk