Opened 11 years ago
Closed 11 years ago
#297 closed Bug / Defect (fixed)
unable to create a tunnel over UDP
Reported by: | danta | Owned by: | Gert Döring |
---|---|---|---|
Priority: | critical | Milestone: | |
Component: | Networking | Version: | OpenVPN 2.3.1 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: |
Description
We just tried to upgrade from openvpn 2.2.2 to 2.3.1.
After upgrade we noticed that creating a tunnel over UDP fails and the following messages are logged:
10.32.64.229:1255 write UDPv4: Invalid argument (code=22)
stracing the problem brought us to
30929 sendmsg(6, {msg_name(16)={sa_family=AF_INET, sin_port=htons(1127), sin_addr=inet_addr("10.32.64.229")}, msg_iov(1)=[{"@\31\31}/\327b\2,\1\0\0\0\0\367O\242U\352<it\0\0\0\0", 26}], msg_controllen=24, {cmsg_len=2, cmsg_level=0x8c4ef00 /* SOL_??? */, cmsg_type=, ...}, msg_flags=0}, 0) = -1 EINVAL (Invalid argument)
It looks as if 'cmsg_len' and 'cmsg_level' are set incorrectly.
Trying to debug the problem with gdb we made a build with no optimizations (gcc 4.7.2 with -O0). With that build the problem goes away and everything seems to work.
Further digging brought us to src/openvpn/socket.c:2782 function link_socket_write_udp_posix_sendmsg
struct iovec iov; struct msghdr mesg; struct cmsghdr *cmsg; ... { struct openvpn_in4_pktinfo msgpi4; ... mesg.msg_control = &msgpi4; mesg.msg_controllen = sizeof msgpi4; ... cmsg = CMSG_FIRSTHDR (&mesg); cmsg->cmsg_len = sizeof (struct openvpn_in4_pktinfo); ... } return sendmsg (sock->sd, &mesg, 0);
A pointer to a local variable msgpi4 is stored in mesg.msg_control and is later used by sendmsg(...) after it's been already destroyed.
I will attached a patch that solves the problem for us.
Attachments (1)
Change History (4)
Changed 11 years ago by
Attachment: | openvpn-2.3.1-udp-send.patch added |
---|
comment:1 Changed 11 years ago by
Owner: | set to Gert Döring |
---|---|
Status: | new → accepted |
comment:2 Changed 11 years ago by
The union was copied from link_socket_read_udp_posix_recvmsg.
Just wanted to create a openvpn_in4_pktinfo or openvpn_in6_pktinfo on the stack and not both. This seemed the easiest.
comment:3 Changed 11 years ago by
Resolution: | → fixed |
---|---|
Status: | accepted → closed |
patch has been committed to master and release/2.3
8c431f960357d776cfd0961192214ad1b0942bfb (master)
02d027fd797a2ebfe846bd70d10cb4234cad957a (release/2.3)
thanks!
Thanks for the report and patch. Yes, this code looks very much broken.
I'll look a bit more closely into your patch to understand what the union involved does, and will then commit it. If you want to be named as patch author, I'd need your name & mail address... (per private mail to gert <at> greenie.muc.de if you don't want it here in the open)