Import Debian changes 1.0.34-1

tinc (1.0.34-1) unstable; urgency=medium [ Guus Sliepen ] * New upstream release. - Fixes a potential segmentation fault when connecting to an IPv6 peer via a proxy. Closes: #887401 * Add support for the $EXTRA variable in /etc/default/tinc when using systemd. Closes: #887116 [ Benda Xu ] * Prevent possible incorrect IPv6 checksums due to function inlining. Closes: #891400
2018-06-12 23:00:49 +02:00 · 2018-06-12 23:00:49 +02:00 · f8e1f5a528
commit f8e1f5a528
parent 66e86a419b b28bb7b29b
42 changed files with 975 additions and 1108 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -1,3 +1,18 @@
+tinc (1.0.34-1) unstable; urgency=medium
+
+  [ Guus Sliepen ]
+  * New upstream release.
+    - Fixes a potential segmentation fault when connecting to an IPv6
+      peer via a proxy. Closes: #887401
+  * Add support for the $EXTRA variable in /etc/default/tinc when using
+    systemd. Closes: #887116
+
+  [ Benda Xu ]
+  * Prevent possible incorrect IPv6 checksums due to function inlining.
+    Closes: #891400
+
+ -- Guus Sliepen <guus@debian.org>  Tue, 12 Jun 2018 23:00:49 +0200
+
 tinc (1.0.33-1) unstable; urgency=medium

  * New upstream release.
--- a/debian/control
+++ b/debian/control
@ -2,9 +2,10 @@ Source: tinc
 Section: net
 Priority: optional
 Maintainer: Guus Sliepen <guus@debian.org>
-Standards-Version: 4.1.1
+Standards-Version: 4.1.3
 Build-Depends: libssl-dev, debhelper (>= 10), gettext, texinfo, zlib1g-dev, liblzo2-dev, libvdeplug-dev
 Homepage: http://www.tinc-vpn.org/
+Rules-Requires-Root: no

 Package: tinc
 Architecture: any
--- a/debian/patches/fix-incorrect-icmpv6-checksum
+++ b/debian/patches/fix-incorrect-icmpv6-checksum
@ -0,0 +1,65 @@
+Package: tinc
+Version: 1.0.33-1
+Severity: important
+
+Dear Guus,
+
+I have been using tinc since 2009 and it is great!
+
+When PMTUDiscovery=yes and Mode=switch, and if ipv6 is used inside
+tinc, the ICMPv6 "Packet Too Big" packets have incorrect checksums.
+It can be reproduced by `ping6 <host in tinc> -s 1800` and `tcpdump -i
+<tinc interface>`.  Consequently, the host ignores the tinc-generated
+ICMPv6 packets, PMTUDiscovery does not work and the connections freeze
+when data flows are big.
+
+I find the bug is gone if the function "inet_checksum" in route.c is
+not inlined, either by compiling tinc with "-O2
+-fno-inline-functions", or apply a patch such as,
+
+diff --git a/src/route.c b/src/route.c
+index ff82c06e..cd55383a 100644
+--- a/src/route.c
+++ b/src/route.c
+@@ -60,7 +60,7 @@ static const size_t opt_size = sizeof(struct nd_opt_hdr);
+
+ /* RFC 1071 */
+
+-static uint16_t inet_checksum(void *data, int len, uint16_t prevsum) {
+__attribute__ ((noinline)) static uint16_t inet_checksum(void *data, int len, uint16_t prevsum) {
+ 	uint16_t *p = data;
+ 	uint32_t checksum = prevsum ^ 0xFFFF;
+
+
+
+I have tested with gcc-7.3.0 and gcc-5.4.0.  They behaved the same.  I
+am not good at assembly to find out what really happened, but it is
+for sure that inet_checksum does not work as expected if compiled
+inline.
+
+Thanks!
+
+Yours,
+Benda
+
+-- System Information:
+Debian Release: buster/sid
+  APT prefers unstable
+  APT policy: (500, 'unstable')
+Architecture: amd64 (x86_64)
+
+Kernel: Linux 4.9.0-5-amd64 (SMP w/8 CPU cores)
+Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
+Shell: /bin/sh linked to /bin/dash
+Init: sysvinit (via /sbin/init)
+
+Versions of packages tinc depends on:
+ii  libc6      2.26-2
+ii  liblzo2-2  2.08-1.2+b2
+ii  libssl1.1  1.1.0g-2
+ii  lsb-base   9.20170808
+ii  zlib1g     1:1.2.8.dfsg-5
+
+tinc recommends no packages.
+
+tinc suggests no packages.
--- a/debian/patches/series
+++ b/debian/patches/series
@ -0,0 +1,2 @@
+fix-incorrect-icmpv6-checksum
+support-etc-defaults-tinc
--- a/debian/patches/support-etc-defaults-tinc
+++ b/debian/patches/support-etc-defaults-tinc
@ -0,0 +1,12 @@
+--- a/systemd/tinc@.service.in
+++ b/systemd/tinc@.service.in
+@@ -9,7 +9,8 @@
+ [Service]
+ Type=simple
+ WorkingDirectory=@sysconfdir@/tinc/%i
+-ExecStart=@sbindir@/tincd -n %i -D
+EnvironmentFile=/etc/default/tinc
+ExecStart=@sbindir@/tincd -n %i -D $EXTRA
+ ExecReload=@sbindir@/tincd -n %i -kHUP
+ KillMode=mixed
+ Restart=on-failure
--- a/debian/rules
+++ b/debian/rules
@ -4,7 +4,7 @@
 	dh $@

 override_dh_auto_configure:
-	dh_auto_configure -- --enable-uml --enable-vde --with-systemdsystemunitdir=/lib/systemd/system --runstatedir=/run
+	dh_auto_configure -- --enable-uml --enable-vde --with-systemd=/lib/systemd/system --runstatedir=/run

 override_dh_auto_install:
 	dh_auto_install -- install-html