| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2018-03-03 | pppoe: fixed PADO delaying function | Dmitry Kozlov | |
| 2018-02-21 | radius: add support for route priority (metric) in Framed-Route | Guillaume Nault | |
| Let an optional route priority (aka metric) be defined in RADIUS Framed-Route attributes. The priority is an integer placed at the end of the route string. This is backward compatible with the previous format and also conforms with the recommended format defined by RFC 2865 (although we don't allow multiple metrics). Framed-Route format is: <network> [<gateway> [<priority>]] For example, 'Framed-Route = "192.0.2.0/24 203.0.113.1 8"' will let the following route be installed (assuming 203.0.113.1 is routed through eth0): $ ip route show [...] 192.0.2.0/24 via 203.0.113.1 dev eth0 metric 8 It's possible to use the unspecified gateway (0.0.0.0) if one wants to set a priority without specifying a gateway address. Finally, route deletion now also takes the priority into account, in order to avoid removing a different route accidentally. Signed-off-by: Guillaume Nault <g.nault@alphalink.fr> | |||
| 2018-02-08 | pptp: add the ppp-max-mtu option to match l2tp & sstp | Vladislav Grishenko | |
| 2018-01-25 | ipoe: use DHCP-Server-Identifier attribute as siaddr if ↵ | Dmitry Kozlov | |
| DHCP-Server-IP-Address is not supplied | |||
| 2018-01-25 | ipoe: improved handling of DHCP Request for nonexistent sessions | Dmitry Kozlov | |
| Send NAK only to unicast requests or if requested Server-ID matches one of gw-ip-address | |||
| 2018-01-22 | ipoe: ipv6: generate intf_id only if not set by upper layer | Dmitry Kozlov | |
| 2018-01-10 | Merge branch 'master' of github.com:xebd/accel-ppp | Dmitry Kozlov | |
| 2018-01-10 | sstp: drop unnecessary ssl reinitialization | Vladislav Grishenko | |
| 2018-01-10 | Merge branch 'master' of ssh://git.code.sf.net/p/accel-ppp/code | Dmitry Kozlov | |
| 2018-01-10 | Merge pull request #31 from themiron/sstp | xebd | |
| sstp support | |||
| 2018-01-09 | ipoe: do not create ipoe interface with server's ifindex | Dmitry Kozlov | |
| 2018-01-06 | sstp: reuse general logging framework | Vladislav Grishenko | |
| 2018-01-05 | sstp: possible sync ppp mode fix | Vladislav Grishenko | |
| 2018-01-05 | sstp: fix default max mtu to fit standard 1500 media | Vladislav Grishenko | |
| 2018-01-05 | ipoe: implemented ipv6 in shared mode | Dmitry Kozlov | |
| 2017-12-30 | sstp: add generic base for parsing http header values, improve host-name ↵ | Vladislav Grishenko | |
| checking | |||
| 2017-12-30 | sstp: log current SSL mode for reference | Vladislav Grishenko | |
| 2017-12-30 | sstp: optimize SSL context & config reload handling | Vladislav Grishenko | |
| 2017-12-30 | sstp: fix obsolete contexts leak | Vladislav Grishenko | |
| 2017-12-30 | sstp: rework certificate load, fix build issue with some openssl version | Vladislav Grishenko | |
| 2017-12-30 | sstp: fix va_start/va_end usage on x64 platforms | Vladislav Grishenko | |
| 2017-12-30 | sstp: http: protect against oversized headers and improve parsing | Vladislav Grishenko | |
| 2017-12-30 | sstp: implement HTTP host header and TLS SNI checking | Vladislav Grishenko | |
| 2017-12-30 | sstp: drop ssl_mode_auto_retry, not required afer ↵ | Vladislav Grishenko | |
| 7945857927b4cedab365ba86934d771281eeb213 | |||
| 2017-12-30 | sstp: use HTTP status code 510 for HTTP method errors | Vladislav Grishenko | |
| 2017-12-30 | sstp: http: get rid of static reply buffer | Vladislav Grishenko | |
| 2017-12-30 | sstp: fix eof result of ssl read/write ops although no harm was really happened | Vladislav Grishenko | |
| 2017-12-30 | sstp: allow colons in cert-hash-* hex values | Vladislav Grishenko | |
| Simplify copy-pasting from openssl x509 -fingerprint output: Examples: openssl x509 -in cert.pem -noout -fingerprint -sha1 openssl x509 -in cert.pem -noout -fingerprint -sha256 | |||
| 2017-12-30 | sstp: use ssl-keyfile option for certificate private key | Vladislav Grishenko | |
| if not set, fallback to private key in the same ssl-pemfile | |||
| 2017-12-30 | sstp: treat SSL errors as EIO | Vladislav Grishenko | |
| 2017-12-30 | sstp: keep default ssl ciphers for better compatibility | Vladislav Grishenko | |
| 2017-12-30 | sstp: allow to prefer server ciphers with ssl-prefer-server-ciphers option | Vladislav Grishenko | |
| 2017-12-30 | sstp: implement Crypto Binding's Certificate hash & proto checking per 3.3.5.2.3 | Vladislav Grishenko | |
| Warning: config options are changed aligned with general accel-ppp style. Following cases, including no-openssl build are supported: ssl | ssl-pemfile | behavior 1 set get both sha1 & sha256 from the certificate 0 set get both sha1 & sha256 from the certificate 0 unset use cert-hash-sha1 and/or cert-hash-sha256 hex options no-openssl use cert-hash-sha1 and/or cert-hash-sha256 hex options cert-hash-sha1 and/or cert-hash-sha256 hex options override certificate's, so it's possible to turn certficate hash verification off with just empty values (default). | |||
| 2017-12-30 | sstp: implement Crypto Binding attr & nonce checking per 3.3.5.2.3 | Vladislav Grishenko | |
| 2017-12-30 | sstp: fix thread crash on certificate-error diconnect | Vladislav Grishenko | |
| 2017-12-30 | sstp: zero allocated packets, fix non-zero reserved fields | Vladislav Grishenko | |
| 2017-12-30 | sstp: make sstp great again. simplify ssl handlers, fix crashes, move to ↵ | Vladislav Grishenko | |
| async ppp TODO: accounting/statistics, minimize syscall & memory usage | |||
| 2017-12-30 | sstp: implement ifname option support | Vladislav Grishenko | |
| 2017-12-30 | sstp: allow 3 nak replies per 3.3.5.2.2 | Vladislav Grishenko | |
| 2017-12-30 | sstp: implement preliminar sstp protocol support | Vladislav Grishenko | |
| 2017-12-28 | ipoe: check noauth option in [auth] section too | Dmitry Kozlov | |
| 2017-12-27 | ipoe: include server's mac into weight notify packet to be used as ↵ | Dmitry Kozlov | |
| additional key when weights are equal | |||
| 2017-12-27 | ipoe: implemented new load balancing mechanism | Dmitry Kozlov | |
| new config options: [ipoe] weight=N - global weight interface=ethX,weight=N - per-interface weight How it works: On reception of DHCPDISCOVER accel-ppp sends broadcast DHCP message to port 67 with same xid and add special vendor-specific option where encodes its current session count multipled by weight. On reception of such message accel-ppp searches session with same xid and compares weight. If received weight is less than session's weight then it terminates this session. per-interface weight=0 has special meaning as backup (fail-over) interface, f.e. it terminates session on any received weight. By default weight based load balancing is disabled. To enable need to specify global or/and per-interface weight. | |||
| 2017-12-20 | shaper: define UINT16_MAX if not set | Dmitry Kozlov | |
| 2017-12-19 | ipoe: arp: do not reply on requests from 0.0.0.0 | Dmitry Kozlov | |
| 2017-12-19 | ipoe: fixed memory leak | Dmitry Kozlov | |
| 2017-12-05 | ppp: implement per-ctrl ppp interface rename support, may be overrided by radius | Vladislav Grishenko | |
| Reuse exsisting radius functionality and allow set iterface name template for pppoe/pptp/l2tp, '%d' specification will be replaced automagically to the next available index by kernel. PPP interface rename allows to easy differ client's interfaces from the other ppp ones, for example, with just netfilter interface rules. Example: [pptp] ifname=pptp%d will produce pptp0, pptp1, ... | |||
| 2017-12-05 | Merge branch 'master' of github.com:xebd/accel-ppp | Dmitry Kozlov | |
| 2017-12-05 | ipoe: fixed mutex deadlock | Dmitry Kozlov | |
| 2017-12-05 | Merge pull request #23 from themiron/echo-fixes | xebd | |
| pptp/l2tp: echo failure improvements | |||
 |
index : accel-ppp.git | |
| High performance PPTP/L2TP/SSTP/PPPoE/IPoE server for Linux (mirror of https://github.com/accel-ppp/accel-ppp.git) |
| summaryrefslogtreecommitdiff |