| Age | Commit message (Collapse) | Author |
|
|
|
|
|
Replaced Linux-specific headers with their net counterparts.
|
|
Replaced conditional inclusion of if_arp.h and if_packet.h with direct includes.
|
|
|
|
Removed conditional inclusion of printf.h.
|
|
pppoe: Fix RFC2516 non-compilance in PADI tags parsing
|
|
We currently only break out of the switch, so the for loop keeps parsing tags after TAG_END_OF_LIST (accel-pppd/ctrl/pppoe/pppoe.c: around pppoe_recv_PADI).
RFC 2516 (paragraph 5, Tag Types: End-of-List) says an End-of-List tag MAY appear in PADI/PADR and "any TAGs after an End-of-List MUST be ignored."
Since we continue processing them, this behavior is technically non-compliant with the RFC.
Same in pppoe_recv_PADR.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
OpenSSL is now mandatory.
Signed-off-by: Andrii Melnychenko <a.melnychenko@vyos.io>
|
|
Signed-off-by: Andrii Melnychenko <a.melnychenko@vyos.io>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
l2tp: fix buffer overflow and type errors in Calling/Called Number handling
|
|
Fix issues introduced in 88a2ebdb:
- Fix type declaration: uint8_t *calling[254] declared an array of 254
pointers instead of an array of 254 bytes. Remove erroneous asterisks.
- Fix buffer overflow vulnerability: L2TP AVP values can be up to 1017
bytes (L2TP_AVP_LEN_MASK - sizeof(avp_header)), but buffers were only
254(*4?) bytes. A malicious packet could cause stack buffer overflow.
Use L2TP_AVP_LEN_MASK (1023) for buffer size to handle maximum AVP length.
- Remove useless NULL checks: Stack-allocated arrays can never be NULL,
causing compiler warnings. The existence check is n > 0 / m > 1.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
We are using similar approach as in other projects, easiest one,
but probably in future it will break as soon as this functions
will be removed completely.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
SSTP: load certificate chain instead of single one
|
|
Added an explicit break after handling TAG_VENDOR_SPECIFIC,
so vendor-specific PADR tags (e.g., TR-101) no longer fall
through and get misinterpreted as other tags like TAG_PPP_MAX_PAYLOAD.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
|
|
feat(build): Add MUSL detection and conditional linking
|
|
This commit introduces the ability to detect if the project is being
built with the MUSL C library.
A new variable `MUSL` is set to `ON` if MUSL is detected, and `OFF`
otherwise. This is achieved by checking the output of `ldd --version`.
The `accel-pppd/ctrl/pppoe/CMakeLists.txt` file is updated to
conditionally link the `connlimit` library only when building with MUSL.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
|
|
|
|
Allowed using multiple NTP servers in DHCP option 42
|
|
|
|
I think the error handling code of `post_msg` is wrongly implemented due to coding typo. The `EPIPE` should be also considered and then return -1, just like `PPTP_write`:
https://github.com/xebd/accel-ppp/blob/1b8711cf75a7c278d99840112bc7a396398e0205/accel-pppd/ctrl/pptp/pptp.c#L539-L570
|
|
migrate from pcre to pcre2
|
|
build: fix compile errors on GCC 14
|
|
fix(musl/l2tp_session_free): Fix, likely typo
|
|
It is logical, that function should remain same,
not changed to free.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
This reverts commit 543700aed1ac045f12dfafd898bbbbae955fee31.
|
|
The radius library is now linked in pppoe if `-DRADIUS` is true; it wasn't any
issue when `-DRADIUS=FALSE`. This patch can't be worked around if the
user wants to use pppoe with chap-secrets, because radius conflicts with
chap-secrets.
|
|
PCRE is not supported anymore and removed from several distros
|
|
This patch fixes compile errors on GCC 14 like the following
/root/accel-ppp/accel-pppd/radius/packet.c: In function 'rad_packet_recv':
/root/accel-ppp/accel-pppd/radius/packet.c:142:72: error: passing argument 5 of 'recvfrom' from incompatible pointer type [-Wincompatible-pointer-types]
142 | n = recvfrom(fd, pack->buf, REQ_LENGTH_MAX, 0, addr, &addr_len);
| ^~~~
| |
| struct sockaddr_in *
In file included from /usr/include/netinet/in.h:10,
from /usr/include/arpa/inet.h:9,
from /root/accel-ppp/accel-pppd/radius/packet.c:10:
/usr/include/sys/socket.h:397:55: note: expected 'struct sockaddr * restrict' but argument is of type 'struct sockaddr_in *'
Reference: https://gcc.gnu.org/gcc-14/porting_to.html
|
|
these test cases will help for pcre2 migration (issue #173)
|
|
Fixes the issue #124 "HTTP replay for non SSTP query" and log_debug2 in Triton lib
|
|
Fix issue https://github.com/accel-ppp/accel-ppp/issues/131
Proposed by https://github.com/kugel-
Author: Thomas Martitz <kugel@rockbox.org>
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
|
|
|
|
This reverts commit 635ab1b77b06a8891479a46a0e1ba88315ff3958.
|
|
2. Fixes log_debug2 in Triton lib
|
|
Thanks for hints Alpine Linux project and their patches:
https://git.alpinelinux.org/aports/tree/community/accel-ppp?h=master
We can adjust a bit code and cmake config files to make accel-ppp
buildable under musl "as is".
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
ipoe: check localnet only for start=UP (unclassified packets) sessions
|
|
|
|
|
|
Co-authored-by: Peter Adam <p.adam@cygnusnetworks.de>
|
|
CLI: PPPoE: Add possibility to display inbound interface and service-…
|
|
ipoe: fix memory access violation with unset link-selection
|
|
show sessions command
|
|
When accel-ppp has no connected clients, CLI interface add command it try to use net == NULL and crush code.
|
|
Link-selection pointer is not set to NULL when link-selection IPOE
option is not set. It results in a memory access violation in
dhcpv4_packet_insert_opt82()
Set link-selection pointer to NULL if unset to fix the issue.
Fixes: 61e31c591e ("ipoe: add dhcp link selection sub-option")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
|