summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2026-03-23Prepare stable release 1.14.1stableDenys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-03-23radius: fix stop accounting timeout flow and request cleanupDenys Fedoryshchenko
When sending accounting STOP requests, the timer callback was incorrectly set to the START timeout handler. This caused stop retries to follow the wrong termination path. Also clear rpd->acct_req before freeing on stop timeout/shutdown failures to avoid leaving a stale pointer. This bug is very nasty, revealed during stress tests, leading to memory corruption and other bad stuff when there is noticeable loss of radius "Stop" packets. Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-03-23Replace linux/if.h with net/if.h includemarekm72
2026-03-23Replace linux/if.h with net/if.h in ipoe.hmarekm72
2026-03-23Update header includes in ipoe.cmarekm72
Replaced Linux-specific headers with their net counterparts.
2026-03-23Refactor ARP header includes in arp.cmarekm72
Replaced conditional inclusion of if_arp.h and if_packet.h with direct includes.
2026-03-23Refactor session free function pointer in l2tp.cmarekm72
2026-03-23Clean up CMakeLists.txt by removing unused checksmarekm72
Removed checks for __free_fn_t and good ifarp in CMakeLists.txt.
2026-03-23Remove printf.h check from CMakeLists.txtmarekm72
Removed check for printf.h and related definitions.
2026-03-23Remove unused printf.h includemarekm72
Removed conditional inclusion of printf.h.
2026-03-23radius: Fix use after free and moreDenys Fedoryshchenko
Situation is a bit complex. Even one problem we fix easily, such as saving server as variable, rad_req_free might free server in theory, and s will be invalid. This is a bit of rewrite, but proper fix. Fixes problem in 2 functions. Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-03-23radius: Invalid integer and date parsingDenys Fedoryshchenko
Actually 3 fixes in same place: INTEGER: size mismatch now breaks instead of falling through - a malformed INTEGER attribute is rejected rather than silently parsed with a wrong size INTEGER/DATE split: each case has its own break, no more fallthrough DATE: strictly requires len == 4 (per RFC 2865), warns and skips otherwise instead of silently accepting 1 or 2-byte dates Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-03-23radius: Fix to same type of allocator and deallocatorDenys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-03-23radius: Fix invalid check after mempool allocationDenys Fedoryshchenko
This check left old, relevant to mmap, migrate to proper check. Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-03-23radius: MS-CHAP2-Success unchecked memcpy(40 bytes)Denys Fedoryshchenko
Also fix small typo. Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-03-23radius: Vendor attribute parsing over-readsDenys Fedoryshchenko
When parsing vendor-specific attributes (type 26), the code reads internal structure without checking that the attribute data is long enough. Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-03-23ppp: Defend from possible ppp init failureDenys Fedoryshchenko
ppp init might fail due malloc failure, missing or invalid runtime state, failure to setup resources (sockers, timers, handler registration), etc. This is quite unlikely now, but some floating(hard to catch) bugs says better to be safe than sorry. Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-03-23fix(ppp): Uninitialized struct fieldsDenys Fedoryshchenko
Initialized the ifreq in destablish_ppp to avoid the uninitialized-struct warning before use. Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-03-23ppp: classic TOCTOU, as uc_size not guarded by mutexDenys Fedoryshchenko
It was a micro-optimization to skip taking the mutex when uc_size was 0. But because uc_size isnt atomic and wasnt read under the lock, it created a TOCTOU window. Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-03-23ppp: guard LCP logging field readsDenys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-03-23cli: clear show sessions cell buffer to avoid stale outputDenys Fedoryshchenko
2026-03-23Update accel-pppd/radius/radius.cDenys Fedoryshchenko
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-03-23Update accel-pppd/radius/radius.cDenys Fedoryshchenko
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-03-23radius: Fix buggy Framed-Route parsingDenys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-01-25Merge pull request #289 from nuclearcat/release-1.141.14.0Denys Fedoryshchenko
release: 1.14.0
2026-01-24release: 1.14.0Denys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-01-24Merge pull request #287 from nuclearcat/remove-nagging-daeDenys Fedoryshchenko
dae-allowed: Remove nagging about making option mandatory
2026-01-24dae-allowed: Remove nagging about making option mandatoryDenys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2026-01-05Merge pull request #285 from nuclearcat/add-coa-securityDenys Fedoryshchenko
radius: Implement DM/CoA security hardening by restricting source ips
2025-12-23radius: Implement DM/CoA security hardening by restricting source ip addressesDenys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2025-12-15Merge pull request #281 from nuclearcat/fix-acct-cachingDenys Fedoryshchenko
fix(radius): refresh session stats in req_set_stat
2025-12-15fix(radius): refresh session stats in req_set_statDenys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2025-12-13Merge pull request #277 from nuclearcat/minor-rfc2516-complianceDenys Fedoryshchenko
pppoe: Fix RFC2516 non-compilance in PADI tags parsing
2025-12-13Merge pull request #279 from nuclearcat/fix-acctDenys Fedoryshchenko
acct: Fix losing some data on interface down due wrong sequence
2025-12-13fix(accounting): preserve last counters on disconnectDmitriy Eshenko
Ensure accounting values include the most recent traffic sample when a session disconnects, preventing the final interval from being dropped and avoiding under-reported totals in usage/billing. Big thanks Dmitriy Eshenko for patch and testing Author: Dmitriy Eshenko <dmitriy.eshenko@accel-ppp.org> Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2025-12-12Merge pull request #275 from nuclearcat/backport-nr-pr-17Denys Fedoryshchenko
Backporting PR#17 from accel-ppp-ng
2025-12-11Merge pull request #274 from nuclearcat/add-docsDenys Fedoryshchenko
docs: Add Radius documentation for ipoe and pppoe
2025-12-11Merge pull request #276 from nuclearcat/fix-cmake-min2Denys Fedoryshchenko
cmake: Bump up minimum version to supress Alpine Linux compile warnings
2025-12-11docs: Add Radius documentation for ipoe and pppoeDenys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2025-12-11pppoe: Fix RFC2516 non-compilance in PADI tags parsingDenys Fedoryshchenko
We currently only break out of the switch, so the for loop keeps parsing tags after TAG_END_OF_LIST (accel-pppd/ctrl/pppoe/pppoe.c: around pppoe_recv_PADI). RFC 2516 (paragraph 5, Tag Types: End-of-List) says an End-of-List tag MAY appear in PADI/PADR and "any TAGs after an End-of-List MUST be ignored." Since we continue processing them, this behavior is technically non-compliant with the RFC. Same in pppoe_recv_PADR. Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2025-12-10cmake: Bump up minimum version to supress Alpine Linux compile warningsDenys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2025-12-10Minor compile fix, we have only OpenSSL version nowDenys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2025-12-10crypto: Removed CRYPTO_OPENSSL definition.Andrii Melnychenko
OpenSSL is now mandatory. Signed-off-by: Andrii Melnychenko <a.melnychenko@vyos.io>
2025-12-10crypto: Removed internal tomcat crypto.Andrii Melnychenko
Signed-off-by: Andrii Melnychenko <a.melnychenko@vyos.io>
2025-12-07Merge pull request #270 from nuclearcat/static-analyzer-fixesDenys Fedoryshchenko
auth_chap_md5: unused variable, mschap_error likely copy paste error, plain chap dont have errors like mschap
2025-12-07Merge pull request #271 from nuclearcat/sstp-improvementsDenys Fedoryshchenko
Sstp improvements
2025-12-07Merge pull request #272 from nuclearcat/missing-docs-moreDenys Fedoryshchenko
Missing docs more
2025-12-01radius: Improve documentationDenys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2025-12-01ppp: Add missing documentation, improve clarityDenys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
2025-12-01pppoe: Add missing documentationDenys Fedoryshchenko
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>