f8e1f5a528
tinc (1.0.34-1) unstable; urgency=medium
[ Guus Sliepen ]
* New upstream release.
- Fixes a potential segmentation fault when connecting to an IPv6
peer via a proxy. Closes: #887401
* Add support for the $EXTRA variable in /etc/default/tinc when using
systemd. Closes: #887116
[ Benda Xu ]
* Prevent possible incorrect IPv6 checksums due to function inlining.
Closes: #891400
65 lines
1.9 KiB
Text
65 lines
1.9 KiB
Text
Package: tinc
|
|
Version: 1.0.33-1
|
|
Severity: important
|
|
|
|
Dear Guus,
|
|
|
|
I have been using tinc since 2009 and it is great!
|
|
|
|
When PMTUDiscovery=yes and Mode=switch, and if ipv6 is used inside
|
|
tinc, the ICMPv6 "Packet Too Big" packets have incorrect checksums.
|
|
It can be reproduced by `ping6 <host in tinc> -s 1800` and `tcpdump -i
|
|
<tinc interface>`. Consequently, the host ignores the tinc-generated
|
|
ICMPv6 packets, PMTUDiscovery does not work and the connections freeze
|
|
when data flows are big.
|
|
|
|
I find the bug is gone if the function "inet_checksum" in route.c is
|
|
not inlined, either by compiling tinc with "-O2
|
|
-fno-inline-functions", or apply a patch such as,
|
|
|
|
diff --git a/src/route.c b/src/route.c
|
|
index ff82c06e..cd55383a 100644
|
|
--- a/src/route.c
|
|
+++ b/src/route.c
|
|
@@ -60,7 +60,7 @@ static const size_t opt_size = sizeof(struct nd_opt_hdr);
|
|
|
|
/* RFC 1071 */
|
|
|
|
-static uint16_t inet_checksum(void *data, int len, uint16_t prevsum) {
|
|
+__attribute__ ((noinline)) static uint16_t inet_checksum(void *data, int len, uint16_t prevsum) {
|
|
uint16_t *p = data;
|
|
uint32_t checksum = prevsum ^ 0xFFFF;
|
|
|
|
|
|
|
|
I have tested with gcc-7.3.0 and gcc-5.4.0. They behaved the same. I
|
|
am not good at assembly to find out what really happened, but it is
|
|
for sure that inet_checksum does not work as expected if compiled
|
|
inline.
|
|
|
|
Thanks!
|
|
|
|
Yours,
|
|
Benda
|
|
|
|
-- System Information:
|
|
Debian Release: buster/sid
|
|
APT prefers unstable
|
|
APT policy: (500, 'unstable')
|
|
Architecture: amd64 (x86_64)
|
|
|
|
Kernel: Linux 4.9.0-5-amd64 (SMP w/8 CPU cores)
|
|
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
|
|
Shell: /bin/sh linked to /bin/dash
|
|
Init: sysvinit (via /sbin/init)
|
|
|
|
Versions of packages tinc depends on:
|
|
ii libc6 2.26-2
|
|
ii liblzo2-2 2.08-1.2+b2
|
|
ii libssl1.1 1.1.0g-2
|
|
ii lsb-base 9.20170808
|
|
ii zlib1g 1:1.2.8.dfsg-5
|
|
|
|
tinc recommends no packages.
|
|
|
|
tinc suggests no packages.
|