Bug#574164: openvpn: Assertion fails in socket.c:429 in p2p mode due to Debian ipv6 patch

Tue, 16 Mar 2010 12:53:26 -0700 

Package: openvpn
Version: 2.1.0-1
Severity: important


The debian ipv6 patch for openvpn seems to break openvpn in certain 
configurations. When I try to connect to debian openvpn 2.1.0-1, I receive an 
assertion at socket.c:429.
Debians openvpn 2.1-rc11 (stable) works fine and if I compile the openvpn 
2.1.0-1 debian source package WITHOUT applying the debian patches, it also 
works fine.

Since the debian ipv6 patch is the only patch that adds ASSERTs to socket.c, my 
first guess is to blame the patch.

I use openvpn on mipsel platform started via xinetd without any encryption 
(tunneled trough ssh).


This is the server config file:
===============================
port 1194
mode p2p
proto tcp-server
dev tap0
keepalive 10 120
user nobody
group nogroup
persist-key
persist-tun
status /etc/openvpn/openvpn-status.log
verb 3

The xinetd.d file:
==================
service openvpn_tap0
{
        disable         = no
        type            = UNLISTED
        port            = 1194
        socket_type     = stream
        protocol        = tcp
        wait            = yes
        user            = root
        server          = /usr/sbin/openvpn
        server_args     = --writepid /var/run/openvpn.server-tap0.pid --inetd 
wait ovpn-server-tap0 --config /etc/openvpn/server-tap0.conf
}



-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (600, 'testing'), (500, 'stable'), (50, 'unstable')
Architecture: mipsel (mips)

Kernel: Linux 2.6.30.5-0.1-HD-HLAN
Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1) (ignored: LC_ALL set to 
de_DE)
Shell: /bin/sh linked to /bin/bash

Versions of packages openvpn depends on:
ii  debconf [debconf-2.0]         1.5.28     Debian configuration management sy
ii  libc6                         2.10.2-6   Embedded GNU C Library: Shared lib
ii  liblzo2-2                     2.03-2     data compression library
ii  libpam0g                      1.1.1-2    Pluggable Authentication Modules l
ii  libpkcs11-helper1             1.07-1     library that simplifies the intera
ii  libssl0.9.8                   0.9.8k-8   SSL shared libraries
ii  net-tools                     1.60-23    The NET-3 networking toolkit
ii  openssl-blacklist             0.5-2      list of blacklisted OpenSSL RSA ke
ii  openvpn-blacklist             0.4        list of blacklisted OpenVPN RSA sh

openvpn recommends no packages.

Versions of packages openvpn suggests:
ii  openssl                       0.9.8k-8   Secure Socket Layer (SSL) binary a
pn  resolvconf                    <none>     (no description available)

-- debconf information:
  openvpn/vulnerable_prng:
  openvpn/create_tun: false



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to