Problems in macOS 13.0 Beta (22A5365d)

[李天硕]

Problems in macOS 13.0 Beta (22A5365d)

The system is set to Chinese and other network filtering tools (Little Snitch, LuLu, AdGuard and the like) are used, but the problem still cannot be improved after quitting all these software.

When connecting to vpn, Tunnelblick shows that it is waiting for a response from the server, and querying the software logs shows that

MANAGEMENT: >STATE:1665172812,WAIT,,,,,,

Seems to be stuck here. But strangely enough, after logging out of the macos account login state, Tunnelblick can successfully connect to the vpn once, but after the first successful connection, it returns to the above state.

This phenomenon also occurs with other openvpn clients (Viscosity, OpenVPN Connect client)

*Tunnelblick: macOS 13.0 (22A5365d); Tunnelblick 3.8.8beta04 (build 5800); Admin user

git commit a5c5a62cde5b775131a3550f6057fa9eb1b05dcf

The Tunnelblick.app process is not being translated (arm64)

System Integrity Protection is enabled

Model: MacBookPro17,1

Configuration Germany2_udp

"Sanitized" condensed configuration file for /Users/greensweet/Library/Application Support/Tunnelblick/Configurations/Germany2_udp.tblk:

client

dev tun

proto udp

remote 37.120.217.179 1194

resolv-retry infinite

remote-random

nobind

tun-mtu 1500

tun-mtu-extra 32

mssfix 1450

persist-key

persist-tun

ping 15

ping-restart 0

ping-timer-rem

reneg-sec 0

remote-cert-tls server

auth-user-pass

verb 3

pull

fast-io

cipher AES-256-GCM

auth SHA512

<ca>

[Security-related line(s) omitted]

</ca>

key-direction 1

<tls-auth>

[Security-related line(s) omitted]

</tls-auth>

================================================================================

Files in Germany2_udp.tblk:

      Contents/Resources/config.ovpn

================================================================================

Tunnelblick Kext Policy Data:

net.tunnelblick.tun|Z2SG5H3HC8|Jonathan Bullard|0|32

net.tunnelblick.tap|Z2SG5H3HC8|Jonathan Bullard|0|32

================================================================================

Configuration preferences:

-routeAllTrafficThroughVpn = 1

-runMtuTest = 1

-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0

-doNotDisconnectOnSleep = 1

-disableSecondaryNetworkServices = 0

-consecutiveSuccessfulIPAddressChanges = 1

-lastConnectionSucceeded = 0

-tunnelDownSoundName = Speak

-tunnelUpSoundName = Blow

================================================================================

Wildcard preferences:

-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0

================================================================================

Program preferences:

launchAtNextLogin = 1

tunnelblickVersionHistory = (

    "3.8.8beta04 (build 5800)"

)

lastLaunchTime = 686865598.73821

lastLanguageAtLaunchWasRTL = 0

connectionWindowDisplayCriteria = showWhenConnecting

maxLogDisplaySize = 102400

lastConnectedDisplayName = Germany2_udp

keyboardShortcutIndex = 1

namedCredentialsThatAllConfigurationsUse = 通用

updateCheckAutomatically = 1

NSWindow Frame SettingsSheetWindow = 312 127 829 548 0 0 1440 875 

NSWindow Frame ConnectingWindow = 525 511 389 217 0 0 1440 875 

detailsWindowFrameVersion = 5800

detailsWindowFrame = {{260, 283}, {920, 522}}

detailsWindowLeftFrame = {{0, 0}, {167, 402}}

detailsWindowViewIndex = 0

detailsWindowConfigurationsTabIdentifier = log

leftNavSelectedDisplayName = Germany2_udp

AdvancedWindowTabIdentifier = connectingAndDisconnecting

haveDealtWithOldTunTapPreferences = 1

haveDealtWithAlwaysShowLoginWindow = 1

haveDealtWithOldLoginItem = 1

haveDealtWithAfterDisconnect = 1

SUEnableAutomaticChecks = 1

SUScheduledCheckInterval = 86400

SULastCheckTime = 2022-10-07 19:59:59 +0000

SUHasLaunchedBefore = 1

================================================================================

Forced preferences:

(None)

================================================================================

Deployed forced preferences:

(None)

================================================================================

Tunnelblick Log:

2022-10-08 04:00:11.499336 *Tunnelblick: macOS 13.0 (22A5365d); Tunnelblick 3.8.8beta04 (build 5800)

2022-10-08 04:00:11.815532 *Tunnelblick: Attempting connection with Germany2_udp using shadow copy; Set nameserver = 769; monitoring connection

2022-10-08 04:00:11.816818 *Tunnelblick: openvpnstart start Germany2_udp.tblk 56936 769 0 1 0 34655024 -ptADGNWradsgnw 2.5.6-openssl-1.1.1o <password>

2022-10-08 04:00:11.841269 *Tunnelblick: openvpnstart starting OpenVPN

2022-10-08 04:00:12.219588 OpenVPN 2.5.6 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on May  5 2022

2022-10-08 04:00:12.219966 library versions: OpenSSL 1.1.1o  3 May 2022, LZO 2.10

2022-10-08 04:00:12.221219 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:56936

2022-10-08 04:00:12.221241 Need hold release from management interface, waiting...

2022-10-08 04:00:12.442280 *Tunnelblick: openvpnstart log:

     OpenVPN started successfully.

     Command used to start OpenVPN (one argument per displayed line):

          /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.5.6-openssl-1.1.1o/openvpn

          --daemon

          --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Sgreensweet-SLibrary-SApplication Support-STunnelblick-SConfigurations-SGermany2_udp.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_34655024.56936.openvpn.log

          --cd /Library/Application Support/Tunnelblick/Users/greensweet/Germany2_udp.tblk/Contents/Resources

          --machine-readable-output

          --setenv IV_GUI_VER "net.tunnelblick.tunnelblick 5800 3.8.8beta04 (build 5800)"

          --verb 3

          --config /Library/Application Support/Tunnelblick/Users/greensweet/Germany2_udp.tblk/Contents/Resources/config.ovpn

          --setenv TUNNELBLICK_CONFIG_FOLDER /Library/Application Support/Tunnelblick/Users/greensweet/Germany2_udp.tblk/Contents/Resources

          --verb 3

          --cd /Library/Application Support/Tunnelblick/Users/greensweet/Germany2_udp.tblk/Contents/Resources

          --management 127.0.0.1 56936 /Library/Application Support/Tunnelblick/Mips/Germany2_udp.tblk.mip

          --mtu-test

          --management-query-passwords

          --management-hold

          --redirect-gateway def1

          --script-security 2

          --route-up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw

          --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw

2022-10-08 04:00:12.461434 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:56936

2022-10-08 04:00:12.522893 MANAGEMENT: CMD 'pid'

2022-10-08 04:00:12.522976 MANAGEMENT: CMD 'auth-retry interact'

2022-10-08 04:00:12.523014 MANAGEMENT: CMD 'state on'

2022-10-08 04:00:12.523040 MANAGEMENT: CMD 'state'

2022-10-08 04:00:12.523154 MANAGEMENT: CMD 'bytecount 1'

2022-10-08 04:00:12.524529 *Tunnelblick: Established communication with OpenVPN

2022-10-08 04:00:12.525911 *Tunnelblick: >INFO:OpenVPN Management Interface Version 3 -- type 'help' for more info

2022-10-08 04:00:12.526991 MANAGEMENT: CMD 'hold release'

2022-10-08 04:00:12.537879 *Tunnelblick: Obtained VPN username and password from the Keychain

2022-10-08 04:00:12.538939 MANAGEMENT: CMD 'username "Auth" "FZD4qfZMknSvrB3Z3v9Q4E3u"'

2022-10-08 04:00:12.539026 MANAGEMENT: CMD 'password [...]'

2022-10-08 04:00:12.539673 WARNING: --ping should normally be used with --ping-restart or --ping-exit

2022-10-08 04:00:12.539700 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2022-10-08 04:00:12.542052 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication

2022-10-08 04:00:12.542105 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication

2022-10-08 04:00:12.553928 TCP/UDP: Preserving recently used remote address: [AF_INET]37.120.217.179:1194

2022-10-08 04:00:12.554045 Socket Buffers: R=[786896->786896] S=[9216->9216]

2022-10-08 04:00:12.554065 UDP link local: (not bound)

2022-10-08 04:00:12.554081 UDP link remote: [AF_INET]37.120.217.179:1194

2022-10-08 04:00:12.554192 MANAGEMENT: >STATE:1665172812,WAIT,,,,,,

2022-10-08 04:01:12.147308 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

2022-10-08 04:01:12.147482 TLS Error: TLS handshake failed

2022-10-08 04:01:12.148906 SIGUSR1[soft,tls-error] received, process restarting

2022-10-08 04:01:12.148986 MANAGEMENT: >STATE:1665172872,RECONNECTING,tls-error,,,,,

2022-10-08 04:01:12.170569 MANAGEMENT: CMD 'hold release'

2022-10-08 04:01:12.170667 WARNING: --ping should normally be used with --ping-restart or --ping-exit

2022-10-08 04:01:12.170686 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2022-10-08 04:01:12.170761 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication

2022-10-08 04:01:12.170776 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication

2022-10-08 04:01:12.170896 TCP/UDP: Preserving recently used remote address: [AF_INET]37.120.217.179:1194

2022-10-08 04:01:12.171183 Socket Buffers: R=[786896->786896] S=[9216->9216]

2022-10-08 04:01:12.171211 UDP link local: (not bound)

2022-10-08 04:01:12.171230 UDP link remote: [AF_INET]37.120.217.179:1194

2022-10-08 04:01:12.171261 MANAGEMENT: >STATE:1665172872,WAIT,,,,,,

2022-10-08 04:01:12.185580 MANAGEMENT: CMD 'hold release'

2022-10-08 04:01:35.197712 *Tunnelblick: Disconnecting; VPN Details… window disconnect button pressed

2022-10-08 04:01:35.357312 *Tunnelblick: Disconnecting using 'kill'

2022-10-08 04:01:35.530804 event_wait : Interrupted system call (code=4)

2022-10-08 04:01:35.532266 SIGTERM[hard,] received, process exiting

2022-10-08 04:01:35.532323 MANAGEMENT: >STATE:1665172895,EXITING,SIGTERM,,,,,

2022-10-08 04:01:35.998146 *Tunnelblick: Expected disconnection occurred.

================================================================================

Down log:

03:35:04 *Tunnelblick:  **********************************************

03:35:04 *Tunnelblick:  Start of output from client.down.tunnelblick.sh

03:35:04 *Tunnelblick:  Cancelled monitoring system configuration changes

03:35:04 *Tunnelblick:  Restored State:DNS

03:35:04 *Tunnelblick:  Removed Setup:DNS

03:35:04 *Tunnelblick:  Removed State:SMB

03:35:04 *Tunnelblick:  Restored DNS and SMB settings

03:35:04 *Tunnelblick:  Re-enabled IPv6 (automatic) for "AX88179A"

03:35:04 *Tunnelblick:  Re-enabled IPv6 (automatic) for "Thunderbolt Bridge"

03:35:04 *Tunnelblick:  Re-enabled IPv6 (automatic) for "Wi-Fi"

03:35:04 *Tunnelblick:  Flushed the DNS cache with dscacheutil -flushcache

03:35:04 *Tunnelblick:  Notified mDNSResponder that the DNS cache was flushed

03:35:04 *Tunnelblick:  End of output from client.down.tunnelblick.sh

03:35:04 *Tunnelblick:  **********************************************

================================================================================

Previous down log:

03:26:45 *Tunnelblick:  **********************************************

03:26:45 *Tunnelblick:  Start of output from client.down.tunnelblick.sh

03:26:45 *Tunnelblick:  Cancelled monitoring system configuration changes

03:26:45 *Tunnelblick:  Restored State:DNS

03:26:46 *Tunnelblick:  Removed Setup:DNS

03:26:46 *Tunnelblick:  Removed State:SMB

03:26:46 *Tunnelblick:  Restored DNS and SMB settings

03:26:46 *Tunnelblick:  Re-enabled IPv6 (automatic) for "AX88179A"

03:26:46 *Tunnelblick:  Re-enabled IPv6 (automatic) for "Thunderbolt Bridge"

03:26:46 *Tunnelblick:  Re-enabled IPv6 (automatic) for "Wi-Fi"

03:26:46 *Tunnelblick:  Flushed the DNS cache with dscacheutil -flushcache

03:26:46 *Tunnelblick:  Notified mDNSResponder that the DNS cache was flushed

03:26:46 *Tunnelblick:  End of output from client.down.tunnelblick.sh

03:26:46 *Tunnelblick:  **********************************************

================================================================================

Network services:

An asterisk (*) denotes that a network service is disabled.

AX88179A

Thunderbolt Bridge

Wi-Fi

Wi-Fi Power (en0): On

================================================================================

ifconfig output:

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384

options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>

inet 127.0.0.1 netmask 0xff000000 

inet6 ::1 prefixlen 128 

inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 

nd6 options=201<PERFORMNUD,DAD>

gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280

stf0: flags=0<> mtu 1280

anpi1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

options=400<CHANNEL_IO>

ether e2:3c:4c:5c:c5:c2 

inet6 fe80::e03c:4cff:fe5c:c5c2%anpi1 prefixlen 64 scopeid 0x4 

nd6 options=201<PERFORMNUD,DAD>

media: none

status: inactive

anpi0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

options=400<CHANNEL_IO>

ether e2:3c:4c:5c:c5:c1 

inet6 fe80::e03c:4cff:fe5c:c5c1%anpi0 prefixlen 64 scopeid 0x5 

nd6 options=201<PERFORMNUD,DAD>

media: none

status: inactive

en3: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

options=400<CHANNEL_IO>

ether e2:3c:4c:5c:c5:a1 

nd6 options=201<PERFORMNUD,DAD>

media: none

status: inactive

en4: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

options=400<CHANNEL_IO>

ether e2:3c:4c:5c:c5:a2 

nd6 options=201<PERFORMNUD,DAD>

media: none

status: inactive

en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500

options=460<TSO4,TSO6,CHANNEL_IO>

ether 36:39:30:4a:24:00 

media: autoselect <full-duplex>

status: inactive

en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500

options=460<TSO4,TSO6,CHANNEL_IO>

ether 36:39:30:4a:24:04 

media: autoselect <full-duplex>

status: inactive

bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

options=63<RXCSUM,TXCSUM,TSO4,TSO6>

ether 36:39:30:4a:24:00 

Configuration:

id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0

maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200

root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0

ipfilter disabled flags 0x0

member: en1 flags=3<LEARNING,DISCOVER>

       ifmaxaddr 0 port 8 priority 0 path cost 0

member: en2 flags=3<LEARNING,DISCOVER>

       ifmaxaddr 0 port 9 priority 0 path cost 0

nd6 options=201<PERFORMNUD,DAD>

media: <unknown type>

status: inactive

ap1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500

options=6463<RXCSUM,TXCSUM,TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>

ether a2:78:17:5f:bb:19 

inet6 fe80::a078:17ff:fe5f:bb19%ap1 prefixlen 64 scopeid 0xb 

nd6 options=201<PERFORMNUD,DAD>

media: autoselect

en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

options=6463<RXCSUM,TXCSUM,TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>

ether a0:78:17:5f:bb:19 

inet 192.168.31.185 netmask 0xffffff00 broadcast 192.168.31.255

inet6 fe80::87c:5c86:e47e:b270%en0 prefixlen 64 secured scopeid 0xc 

nd6 options=201<PERFORMNUD,DAD>

media: autoselect

status: active

awdl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500

options=6463<RXCSUM,TXCSUM,TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>

ether f2:44:4b:8d:87:8c 

inet6 fe80::f044:4bff:fe8d:878c%awdl0 prefixlen 64 scopeid 0xd 

nd6 options=201<PERFORMNUD,DAD>

media: autoselect

status: active

llw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

options=400<CHANNEL_IO>

ether f2:44:4b:8d:87:8c 

inet6 fe80::f044:4bff:fe8d:878c%llw0 prefixlen 64 scopeid 0xe 

nd6 options=201<PERFORMNUD,DAD>

media: autoselect

status: inactive

utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000

inet6 fe80::e0a8:209d:8784:3e22%utun0 prefixlen 64 scopeid 0xf 

nd6 options=201<PERFORMNUD,DAD>

utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380

inet6 fe80::5f9c:5be5:ae05:5190%utun1 prefixlen 64 scopeid 0x10 

nd6 options=201<PERFORMNUD,DAD>

utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1000

inet6 fe80::ce81:b1c:bd2c:69e%utun2 prefixlen 64 scopeid 0x11 

nd6 options=201<PERFORMNUD,DAD>

================================================================================

Non-Apple kexts that are loaded:

Index Refs Address            Size       Wired      Name (Version) UUID <Linked Against>

================================================================================

Quit Log:

2022-10-08 03:54:55.517054 applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes)

2022-10-08 03:54:55.520363 shutDownTunnelblick: started.

2022-10-08 03:54:55.521722 shutDownTunnelblick: Starting cleanup.

2022-10-08 03:54:55.522681 cleanup: Entering cleanup

2022-10-08 03:54:55.526716 synchronized user defaults

2022-10-08 03:54:56.267735 shutDownTunnelblick: Cleanup finished.

2022-10-08 03:54:56.268789 Finished shutting down Tunnelblick; allowing termination

================================================================================

Traces Log:

================================================================================

Console Log:

[Tunnelblick developer]

That sounds like a problem with the OpenVPN configuration or possibly with OpenVPN itself.