summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-04-01l2tp: display control channel name upon apsession startGuillaume Nault
Ease log file analysis by explicitely logging which L2TP control channel carries a given data channel (PPP). Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-04-01l2tp: modify control channel name stringGuillaume Nault
Use a syntax closer to the one used by log_session() in order to ease grep searching in log files. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-04-01l2tp: delete tunnel/session connection timeout after expirationGuillaume Nault
Tunnel and session establishment timers should to be unset after they expire. Otherwise, they may uselessly expire again while disconnection is performed. While here, rename l2tp_timeout() to l2tp_tunnel_timeout() for consistency with its session counterpart. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-04-01l2tp: fix typos in log messagesGuillaume Nault
* missing space char (l2tp_send_StopCCN) * missing new line char (l2tp_tunnel_create_session) Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-03-19ppp: fixed magic endiannessDmitry Kozlov
2014-02-08l2tp: add session statistics for control channelsGuillaume Nault
Compute control channel statistics for L2TP sessions and report them in the "show stat" command. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-02-08l2tp: add tunnel statisticsGuillaume Nault
Report tunnel statistics with the "show stat" command. Statistics are updated upon tunnel state modifications. Setting the STATE_ESTB state is centralised in l2tp_tunnel_connect() to ensure the tunnel state remains synchronised with the statistics even when errors occur. While there, connect tunnels after sending SCCCN and stop tunnel establishment timer as soon as l2tp_tunnel_connect() is called (so that it'll be deleted even upon failure). Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-02-08l2tp: remove l2tp_tunnel_start_session()Guillaume Nault
Since launching L2TP sessions doesn't require to create a new context anymore, the only purpose of l2tp_tunnel_start_session() is to start the session establishment timer. This patch let the session startup functions handle this timer, so that sessions aren't started by a function pointer anymore. Direct access to the session startup function also let the caller handle startup failures using its existing error handling path. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-02-08l2tp: old functions cleanupGuillaume Nault
* l2tp_session_disconnect() now always succeeds. * l2tp_tunnel_cancel_session() now can be replaced by l2tp_session_free(). Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-02-08l2tp: use same context for tunnels and session control channelsGuillaume Nault
Run the control channels of L2TP sessions in their tunnel context to avoid context calls between tunnels and sessions. Tunnels and sessions now use the new state STATE_INIT as their initial state (allows to differentiate between tunnels and sessions that are starting or stopping). The STATE_CLOSE state isn't implicitely set to 0 by memset() anymore, so its value is changed for consistency with the other STATE_* values. With tunnels and sessions running in the same context, sessions can remove themselves from their tunnel without having to perform context calls. Tunnels can also remove sessions directly, without having to asynchronously notify them. So the set of l2tp_tunnel_free_session*() functions becomes useless. Sessions can also check if they're the last session of the tunnel and automatically disconnect the tunnel if need be. So the l2tp_tunnel_session_freed() callback can be removed. The 'sess_count' field is now used to track the number of sessions stored in the 'sessions' field of tunnels. It's incremented as soon as a session is added and everytime one is removed. The callback, used by data channels to notify their L2TP control session of disconnection, is now executed in the tunnel context. The session ID is used by the tunnel to find which session the disconnection applies to. The session may well get destroyed by other means between the time of the context call and the time of the callback execution. The l2tp_tunnel_start_session() function doesn't need to create a new context for the session. It now only sets the session establishment timer and directly runs the session startup callback. Since l2tp_session_free() can now handle sessions in any state and is called within the tunnel context, there is no need for a special l2tp_tunnel_cancel_session() (for now, this function is kept for patch clarity). Now that session packets are sent while in tunnel context, l2tp_session_send() only needs to set the header session ID and can directly call l2tp_tunnel_send(). For reception, the tunnel also directly calls l2tp_session_recv(). Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-02-08l2tp: launch session data channels in their own contextGuillaume Nault
Split L2TP control and data channels operations. The data channel of an L2TP session now runs in its own triton context. The L2TP control session initialises and launches the data channel context in l2tp_session_start_data_channel(). Then all data channel operations (e.g. PPP negociation) are performed in this context. When the data channel stops, it checks if the control channel is still running; if so, it notifies the control channel about its disconnection using the l2tp_session_apses_finished() callback. The control channel similarly checks for data channel execution and notifies about L2TP layer disconnection using apses_stop(). Since the presence of the data channel is checked using its context field, the STATE_PPP state isn't required anymore. So L2TP control sessions now automatically enter STATE_ESTB in l2tp_session_connect(). A new set of states (APSTATE_*) are defined for tracking evolution of data channels. Data channels also handle statistics using these new states. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-02-08l2tp: prepare for starting data channels in their own contextGuillaume Nault
Define a new function for initialising and starting the data channel of an L2TP session. For now, l2tp_session_start_data_channel() only gathers the data channel specific operations, previously handled by l2tp_tunnel_alloc_session() and l2tp_session_connect(). While here, move deletion of the session establishment timer to the beginning of l2tp_session_connect(), so that it will stop even if the function fails. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-02-08l2tp: handle tunnel/session dependencies with reference countersGuillaume Nault
Use reference counters to track tunnels and sessions usage. Tunnels hold a reference to each of their sessions while sessions hold a reference to the tunnel they belong to. Tunnels and sessions also hold themselves to ensure that l2tp_{tunnel_session}_free() will be called before their reference counter drops to zero. Once the reference counter drops to zero, the tunnel or session is destroyed. Destruction may happen in any context, so context dependant operations still have to be done in l2tp_{tunnel,session}_free(). On the other hand l2tp_{tunnel,session}_free() must not free data wich may be required by their reference holders. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-02-08l2tp: Fix potential use after free by tunnel context threadGuillaume Nault
A triton context handler may not unregister itself while executed by the context thread, unless it returns -1 (otherwise the md thread may free the handler before the context thread stops using it). So l2tp_conn_read() must return -1 after calling l2tp_tunnel_free() (the md handler associated to l2tp_conn_read() may be unregistered by l2tp_tunnel_free()). Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-02-07ipoe: fixed session lookup without option 82 (continue)Dmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2014-02-07ipoe: fixed session lookup without option 82Dmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2014-01-22l2tp: reset conf_secret if secret removed from accel-ppp.confGuillaume Nault
The "reload" command frees the variable pointed to by conf_secret in case the "secret" option gets removed from accel-ppp.conf. In such a case, conf_secret must be reset to NULL to avoid dereferencing the old pointer. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-01-22l2tp: define tunnel specific secretsGuillaume Nault
Store tunnel secret in the l2tp_conn_t structure so that different tunnels may use different secrets. The new "secret" option, added to the "l2tp create tunnel" command, let the user define the secret to be used by the new tunnel. By default, new tunnels keep using the "secret" option defined in accel-ppp.conf. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-01-19ippool: add support for old style pool name declarationDmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2014-01-19pppoe: fix typoDmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2014-01-19pppoe: handle TR-101 vs. RFC 4679 incompatibilitiesGuillaume Nault
There are a few inconsistencies between TR-101 and RFC 4679. Since RFC 4679 is only informational, prefer TR-101 in case of incompatibilities and explicitely document this choice. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-01-19radius: fix IWF-Session identifier in RFC 4679 dictionaryGuillaume Nault
RFC 4679 assigns identifier 0xFE (254) to the IWF-Session attribute. This is consistent with the identifier value specified by TR-101. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-01-19increase size of buffer for netlink messagesDmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2014-01-17pppoe: handle IFW-SESSION TR-101 sub-tagGuillaume Nault
This TR-101 sub-tag has no payload. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-01-17radius: allow creation of zero length attributesGuillaume Nault
Some attributes, like IWF-Session (RFC 4679), may have no payload. Allow the len parameter of rad_packet_add_octets() to be 0 in order to add such attributes (and do the same for rad_packet_change_octets() for API consistency). Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-01-17pppoe: add missing support for some TR-101 sub-tagsGuillaume Nault
These are all 4 bytes integer values, except ACCESS_LOOP_ENCAP which represents three independant values of one byte each. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-01-17pppoe: fix TR-101 tag length checkGuillaume Nault
The length field of PPPoE TR-101 sub-tags only takes the payload size into account (as opposed to its RADIUS counterpart that stores the full sub-tag length, including the 2 bytes long header). Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-01-17pppoe: fix TR-101 attribute filtering for RADIUS access requestsGuillaume Nault
When a sub-tags is skipped while parsing a TR-101 tag, the ptr variable must be updated to point to the next sub-tag, otherwise the next loop iteration erroneously interprets tag information. While here, fix the range of attribute that mustn't be present in RADIUS access requests (RFC 4679, section 4). Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-01-17pppoe: fix Minimum-Data-Rate-Downstream TR101 sub-tag handlingGuillaume Nault
As per TR-101 specifications and RFC 4679, 0x84 is the sub-tag number for Minimum-Data-Rate-Downstream (instead of Maximum-Data-Rate-Upstream). Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2014-01-17pppoe: check for tag format validity in PADR messagesGuillaume Nault
Avoid parsing inconsistent PPPoE tags when handling PADR. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2013-12-24ppp: don't unconditionaly load pppoe/pptp/l2tp modules, fixes false start ↵Vladislav Grishenko
warning if they're running already Signed-off-by: Vladislav Grishenko <themiron@mail.ru>
2013-12-24Revert "ppp: don't unconditionaly load pppoe/pptp/l2tp modules, fixes false ↵Dmitry Kozlov
start warning if they're running already" This reverts commit c4ddc0fe1f402f84b1bb01b9568e2294569d0d15.
2013-12-24ppp: don't unconditionaly load pppoe/pptp/l2tp modules, fixes false start ↵Vladislav Grishenko
warning if they're running already Signed-off-by: Vladislav Grishenko <themiron@mail.ru>
2013-12-24crypto: don't build/install empty library if not usedVladislav Grishenko
Signed-off-by: Vladislav Grishenko <themiron@mail.ru>
2013-12-12fixed missing spinlock initialized (fixes stuck)Dmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2013-12-12ipoe: fixed parsing 'range' optionDmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2013-11-07shaper: add mtu optionDmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2013-11-07shaper: fixed many race conditionsDmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2013-11-07triton: use pthread_spinlock as spinlockDmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2013-11-06pppoe: add statistics for filtered packets (mac-filter)Dmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2013-11-05pppoe: show 'starting' in statisticsDmitry Kozlov
2013-11-02shaper: fixed socket leakKozlov Dmitry
Close netlink socket in remove_limiter function. Signed-off-by: Kozlov Dmitry <xeb@mail.ru>
2013-10-31net-snmp: fixed ipoe oidsDmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2013-10-31net-snmp: add missing IPOE module initializationDmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2013-10-30fix build with internal & tomcrypt crypto librariesDmitry Kozlov
Signed-off-by: Vladislav Grishenko <themiron@mail.ru>
2013-10-30Merge branch 'master' of ssh://git.code.sf.net/p/accel-ppp/codeDmitry Kozlov
2013-10-30ipoe: implemented source/local address detection for up sessionsDmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2013-10-30ipoe: check for assigned ipv4 address has owner before put it (fixes sigsegv)Dmitry Kozlov
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
2013-10-29l2tp: Don't send Assigned Sesssion ID in ICCNGuillaume Nault
The Assigned Session ID AVP should only be sent in ICRQ, ICRP, OCRQ, OCRP and CDN messages. An LNS receiving an ICCN with Assigned Session ID may reject the message because of this unexpected mandatory AVP. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2013-10-29l2tp: No iprange check for locally created tunnelsGuillaume Nault
There's no need to check for iprange when creating a new tunnel upon administrator's request. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>