Package: tinc
Version: 1.0.33-1
Severity: important
Dear Guus,
I have been using tinc since 2009 and it is great!
When PMTUDiscovery=yes and Mode=switch, and if ipv6 is used inside
tinc, the ICMPv6 "Packet Too Big" packets have incorrect checksums.
It can be reproduced by `ping6 <host in tinc> -s 1800` and `tcpdump -i
<tinc interface>`. Consequently, the host ignores the tinc-generated
ICMPv6 packets, PMTUDiscovery does not work and the connections freeze
when data flows are big.
I find the bug is gone if the function "inet_checksum" in route.c is
not inlined, either by compiling tinc with "-O2
-fno-inline-functions", or apply a patch such as,
diff --git a/src/route.c b/src/route.c
index ff82c06e..cd55383a 100644
--- a/src/route.c
+++ b/src/route.c
@@ -60,7 +60,7 @@ static const size_t opt_size = sizeof(struct nd_opt_hdr);
/* RFC 1071 */
-static uint16_t inet_checksum(void *data, int len, uint16_t prevsum) {
+__attribute__ ((noinline)) static uint16_t inet_checksum(void *data, int len,
uint16_t prevsum) {
uint16_t *p = data;
uint32_t checksum = prevsum ^ 0xFFFF;
I have tested with gcc-7.3.0 and gcc-5.4.0. They behaved the same. I
am not good at assembly to find out what really happened, but it is
for sure that inet_checksum does not work as expected if compiled
inline.
Thanks!
Yours,
Benda
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) (ignored: LC_ALL set to
en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages tinc depends on:
ii libc6 2.26-2
ii liblzo2-2 2.08-1.2+b2
ii libssl1.1 1.1.0g-2
ii lsb-base 9.20170808
ii zlib1g 1:1.2.8.dfsg-5
tinc recommends no packages.
tinc suggests no packages.
