On Mon, Jun 17, 2013 at 01:51:13PM +0200, Gert Doering wrote: > Hi, > > On Mon, Jun 17, 2013 at 01:00:03PM +0200, Alberto Gonzalez Iniesta wrote: > > I applied the fix for CVE-2013-2061 [0] to Debian's stable version of > > openvpn (2.2.1) [1]. When the new package was sent to the mirrors I got > > a couple of reports of broken VPNs [2]. After some testing I think the > > problem arises with the use of "multihome" option. The server daemon > > starts to log lots of these: > > Jun 17 12:43:52 srv ovpn-srv[31073]: write UDPv4 []: Invalid argument > > (code=22) > > Jun 17 12:43:53 srv ovpn-srv[31073]: write UDPv4 []: Invalid argument > > (code=22) > > > > If the "multihome" option is removed, the VPN comes back to live. > > > > Could a patch to fix this be made or should we go back to 2.2.1 without > > the patch to fix CVE-2013-2061? > > This patch is most definitely not affecting multihome. If you look at > the patch, there is nothing in there that could affect external behaviour > (except remove the timing variance). >
Thanks Gert, I compiled the package without the patch now, and get the same (bogus) result. Somethigng must have changed in the build environment that breaks this. Will investigate further. -- Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico agi@(inittab.org|debian.org)| en GNU/Linux y software libre Encrypted mail preferred | http://inittab.com Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
