On Mon, Jun 17, 2013 at 10:26:10AM +0200, Alberto Gonzalez Iniesta wrote: > On Sat, Jun 15, 2013 at 08:34:12PM +0100, Adam D. Barratt wrote: > > [Mail-Followup-To overridden, as iirc you're not reading -release] > > > > On 2013-06-15 20:11, Alberto Gonzalez Iniesta wrote: > > >Dear SRM, I have just received this [1] bug report. I'm AFK this > > >weekend, don't know if I would be able to test tomorrow (hope so), > > >please consider holding (if possible) this upgrade to (old)stable > > >just > > >in case the report is right. The bug solution could wait till next > > >release(s). > > [...] > > >[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712414 > > > > Unfortunately the stable point release has already happened; indeed, > > the bug log indicates that the reporter is running a system updated > > after the release (hence the reference to 7.1 as Debian version). > > > > If the report does transpire to be accurate then we can look at > > releasing a fix via stable-updates if appropriate. > > Seems that the bug affects some specific configurations, did't find out > with yet. Should we avoid the release of 2.1.3-2+squeeze2 for the time > being?
Back again. The problem was a bug in the code that was triggered when GCC was updated after the first build of openvpn-2.2.1-8. The patch is here: https://community.openvpn.net/openvpn/ticket/297 I have already a package for Wheezy, please find attached the debdiff for it. Please let me know how I should proceed now. The bug does not affect 2.1.3-2+squeeze2 (since the gcc version is older) so the package can be included in the next Squeeze point release. Thanks, Alberto -- Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico agi@(inittab.org|debian.org)| en GNU/Linux y software libre Encrypted mail preferred | http://inittab.com Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
diff -Nru openvpn-2.2.1/debian/changelog openvpn-2.2.1/debian/changelog --- openvpn-2.2.1/debian/changelog 2013-06-04 09:46:37.000000000 +0000 +++ openvpn-2.2.1/debian/changelog 2013-06-17 15:48:39.000000000 +0000 @@ -1,3 +1,10 @@ +openvpn (2.2.1-8+deb7u2) wheezy; urgency=low + + * Applied upstream patch to fix UDP fails. + Thanks Gert Doering for the pointer (Closes: #712414) + + -- Alberto Gonzalez Iniesta <[email protected]> Mon, 17 Jun 2013 15:46:47 +0000 + openvpn (2.2.1-8+deb7u1) wheezy; urgency=low * Applied upstream patch to fix use of non-constant-time memcmp diff -Nru openvpn-2.2.1/debian/patches/openvpn-2.3.1-udp-send.patch openvpn-2.2.1/debian/patches/openvpn-2.3.1-udp-send.patch --- openvpn-2.2.1/debian/patches/openvpn-2.3.1-udp-send.patch 1970-01-01 00:00:00.000000000 +0000 +++ openvpn-2.2.1/debian/patches/openvpn-2.3.1-udp-send.patch 2013-06-17 15:45:58.000000000 +0000 @@ -0,0 +1,41 @@ +Index: openvpn-2.2.1/socket.c +=================================================================== +--- openvpn-2.2.1.orig/socket.c 2013-06-17 15:45:42.000000000 +0000 ++++ openvpn-2.2.1/socket.c 2013-06-17 15:45:53.908830414 +0000 +@@ -3079,6 +3079,7 @@ + struct iovec iov; + struct msghdr mesg; + struct cmsghdr *cmsg; ++ union openvpn_pktinfo opi; + + iov.iov_base = BPTR (buf); + iov.iov_len = BLEN (buf); +@@ -3088,11 +3089,10 @@ + { + case AF_INET: + { +- struct openvpn_in4_pktinfo msgpi4; + mesg.msg_name = &to->dest.addr.sa; + mesg.msg_namelen = sizeof (struct sockaddr_in); +- mesg.msg_control = &msgpi4; +- mesg.msg_controllen = sizeof msgpi4; ++ mesg.msg_control = &opi; ++ mesg.msg_controllen = sizeof (struct openvpn_in4_pktinfo); + mesg.msg_flags = 0; + cmsg = CMSG_FIRSTHDR (&mesg); + cmsg->cmsg_len = sizeof (struct openvpn_in4_pktinfo); +@@ -3118,12 +3118,11 @@ + #ifdef USE_PF_INET6 + case AF_INET6: + { +- struct openvpn_in6_pktinfo msgpi6; + struct in6_pktinfo *pkti6; + mesg.msg_name = &to->dest.addr.sa; + mesg.msg_namelen = sizeof (struct sockaddr_in6); +- mesg.msg_control = &msgpi6; +- mesg.msg_controllen = sizeof msgpi6; ++ mesg.msg_control = &opi; ++ mesg.msg_controllen = sizeof (struct openvpn_in6_pktinfo); + mesg.msg_flags = 0; + cmsg = CMSG_FIRSTHDR (&mesg); + cmsg->cmsg_len = sizeof (struct openvpn_in6_pktinfo); diff -Nru openvpn-2.2.1/debian/patches/series openvpn-2.2.1/debian/patches/series --- openvpn-2.2.1/debian/patches/series 2013-05-17 11:32:40.000000000 +0000 +++ openvpn-2.2.1/debian/patches/series 2013-06-17 15:45:52.000000000 +0000 @@ -10,3 +10,4 @@ manpage_fixes.patch use-dpkg-buildflags.patch cve-2013-2061.patch +openvpn-2.3.1-udp-send.patch
