summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-04-28move contrib/centos/centos.cmake -> cmake/centos/centos.cmakeDmitry Kozlov
2018-04-21shaper: "change" command: consider value to be in simple formatDmitry Kozlov
2018-04-20Merge pull request #48 from themiron/sstpxebd
sstp: fix mppe, non-standard port and hostname checking issues
2018-04-19sstp: fix connection drop with global mppe=required optionVladislav Grishenko
2018-04-19sstp: fix coexistance of host-name= & port= optionsVladislav Grishenko
2018-04-12radius: initialize rad_attr_t::raw field on newly inserted attributesDmitry Kozlov
2018-04-06radius: allow CoA/DM by single username attributeDmitry Kozlov
2018-04-03ipoe: assign default values to verbose and unit-cache if not specified on ↵Dmitry Kozlov
config reload
2018-04-03ppp: move call connect_ppp_channel to appropriate place (when noauth=1)Dmitry Kozlov
2018-03-24auth: fix re-authentication of peer in all chap modulesGuillaume Nault
If the peer re-authenticates (because of option conf_interval) and pwdb calls auth_result(), we may add the interval timer again to the session context. This crashes accel-ppp when deleting the session, because the interval timer is removed only once and the superfluous timers are still running. Therefore, when removing the context, triton detects this issue and calls abort(). To fix this, we need to detect if the session is already started and just send a CHAP Success message in this case. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2018-03-24auth: avoid sending duplicate CHAP Failure messages in mschap-v1 and mschap-v2Guillaume Nault
When pwdb returns PWDB_NO_IMPL and chap_recv_response() performs the authentication itself, it delegates this task to chap_check_response(). This function sends a CHAP Failure message if it can't retrieve the password, but not in case of password mismatch. Since chap_recv_response() already sends a CHAP Failure message on error, the one sent by chap_check_response() is useless. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2018-03-24auth: fix missing CHAP Success message in chap-md5Guillaume Nault
When pwdb returns PWDB_NO_IMPL, then chap_recv_response() tries to authenticate the peer itself. If this authentication succeeds but the session is already started (in case of re-authentication, with option conf_interval), no CHAP Success is sent. This patch sends the missing CHAP Success message in this case, so that the peer knows that its response has been received and accepted, and that no retransmission is required. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2018-03-20ipoe_mod: fixed ipv6 from non-shared mode (v2)Dmitry Kozlov
2018-03-20Merge branch 'master' of https://github.com/xebd/accel-pppDmitry Kozlov
2018-03-20Merge pull request #46 from nuclearcat/masterxebd
Compiling fix for 4.15+ kernels
2018-03-20Compiling fix for 4.15+ kernelsDenys Fedoryshchenko
2018-03-19ipoe_mod: fixed ipv6 from non-shared modeDmitry Kozlov
2018-03-14ipoe_mod: accept ipv6 packets from link-local address if session does not existsDmitry Kozlov
2018-03-06terminate program gracefully by SIGINTDmitry Kozlov
2018-03-06Merge pull request #43 from themiron/sstpxebd
sstp: ipv6/unix sock & proxy protocol support
2018-03-06triton: prevent alloc_context function to be inlined (fixes improper stack ↵Dmitry Kozlov
size calculation)
2018-03-06pppoe: fixed invalid behaviour after changing pado-delayDmitry Kozlov
2018-03-06Merge branch 'master' of github.com:xebd/accel-pppDmitry Kozlov
2018-03-04Merge pull request #45 from themiron/cppcheck-fixesxebd
cppcheck fixes
2018-03-04fix build error with VALGRIND definedVladislav Grishenko
2018-03-04fix possible null pointer dereferencesVladislav Grishenko
2018-03-03removed accel-dp mentioning from config fileDmitry Kozlov
2018-03-03Merge pull request #44 from themiron/alloca-crashxebd
triton: more general fix of thread wake up crash
2018-03-03ppp: fix use-after-free in ppp_auth_failed()Guillaume Nault
The 'username' variable can be freed at the beginning of the function. We have to use ppp->ses.username instead. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2018-03-03pppoe: fixed PADO delaying functionDmitry Kozlov
2018-03-02triton: more general fix of thread wake up crashVladislav Grishenko
after commit 287adbfc205c02eac375f55fb94f13c073faec97 gcc still may reorder alloca() and memset() calls. fix that with volatile access & memory barrier.
2018-02-28sstp: http: improve http detectionVladislav Grishenko
no need to wait until timeout for non-http data (i.e https)
2018-02-28sstp: http: change method error from 501 to 405Vladislav Grishenko
2018-02-28sstp: fix proxy-protocol support in ssl modeVladislav Grishenko
2018-02-27sstp: allow access to unix socket to anyoneVladislav Grishenko
almost the same as ipv4/ipv6 is accessible by anyone for easier access under multiple proxy effective users.
2018-02-27sstp: fix crash with no any accept option specifiedVladislav Grishenko
2018-02-27sstp: unlink stray unix socket on init/bind errorVladislav Grishenko
2018-02-27sstp: implement proxy-protocol 1 & 2 supportVladislav Grishenko
2018-02-27sstp: implement ipv6 & unix socket supportVladislav Grishenko
following bind option formats are valid: bind=x.x.x.x bind=2001:db8::1 bind=unix:/var/run/sstp.socket bind=unix:@sstp port option is meaningful for ipv4 and ipv6 only
2018-02-27sstp: implement accept list optionVladislav Grishenko
currently the only ssl value is supported
2018-02-26removed accel-dp mentioning from config fileDmitry Kozlov
2018-02-21radius: add support for route priority (metric) in Framed-RouteGuillaume Nault
Let an optional route priority (aka metric) be defined in RADIUS Framed-Route attributes. The priority is an integer placed at the end of the route string. This is backward compatible with the previous format and also conforms with the recommended format defined by RFC 2865 (although we don't allow multiple metrics). Framed-Route format is: <network> [<gateway> [<priority>]] For example, 'Framed-Route = "192.0.2.0/24 203.0.113.1 8"' will let the following route be installed (assuming 203.0.113.1 is routed through eth0): $ ip route show [...] 192.0.2.0/24 via 203.0.113.1 dev eth0 metric 8 It's possible to use the unspecified gateway (0.0.0.0) if one wants to set a priority without specifying a gateway address. Finally, route deletion now also takes the priority into account, in order to avoid removing a different route accidentally. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
2018-02-20Merge pull request #40 from themiron/accel-cmd-passwordxebd
accel-cmd: add -P/--password support
2018-02-20accel-cmd: add -P/--password supportVladislav Grishenko
2018-02-19radius: fixed invalid behaviour when route to radius server is not existingDmitry Kozlov
2018-02-19Merge branch 'master' of github.com:xebd/accel-pppDmitry Kozlov
2018-02-15Merge pull request #39 from themiron/pptp-max-mtuxebd
pptp: add the ppp-max-mtu option to match l2tp & sstp
2018-02-15Merge pull request #38 from themiron/ipoe-pd-gatewayxebd
ipv6: dhcpv6: fix PD linklocal route for ipoe clients
2018-02-08pptp: add the ppp-max-mtu option to match l2tp & sstpVladislav Grishenko
2018-02-08ipv6: dhcpv6: fix PD linklocal route for ipoe clientsVladislav Grishenko
peer linklocal address can't be negotiated in ipoe mode unlike ppp, so route may lead to nowhere with non-working PD routing as result. so, instead of guessing peer link-local address, use dhcpv6 client src address as the gateway. since dhcpv6 clients are onlink and there's no dhcpv6 relay support (yet), dhcpv6 source would be exactly final linklocal address, no matter ppp or ipoe is in use. fine tune commit abaa43a307fa7a790dd34034c5fd8013dbd0488c
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-22 15:49:37 +0000