| Age | Commit message (Collapse) | Author |
|---|
|
|
|
log:
libnetlink: RTNETLINK answers: Invalid argument
ppp0: f7bb00a79ef667d2: failed to set IPv4 address: Invalid argument
ipaddr_add_peer() called only with mask equeal 0 or 32, but w/o
zero-allocated structs it contans garbage in some cases.
so, instead ipaddr_add() was called with wrong mask value.
also, init chap-secrets mask for the same reason.
|
|
Several modules assume that if ses->ipv6 is set, then
ses->ipv6->addr_list contains at least one element. But this is not
true if ipv6 was allocated by the pseudo ipdb backend of ipv6cp
(ipv6cp_opt_intfid.c). That is, if the PPP session only has an
automatic link-local address.
This leads modules like pppd-compat and dhcpv6 to access invalid memory
when trying to retrieve the IPv6 address of a PPP session.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
Missing tab was misleading.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
If the PPP device is set up into a specific network namespace, all the
configuration that goes with it belongs to this same netns. Therefore,
we need to run the up/down scripts in that namespace too.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
The first argument passed to the ip-pre-up script, was mistakenly set
to the value of ip-up.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
|
|
|
|
|
|
|
|
If pool specified with /128 prefix length, then initialize intf_id by gw_ip6_address and peer_intf_id by generated pool address.
|
|
|
|
config changes:
[ip-pool]
x.x.x.x/mask,name=pool1
y.y.y.y/mask,name=pool2,next=pool1
|
|
|
|
|
|
Simplify previous commit, if 4th field isn't empty and doesn't
start with reserved chars (*-!), assume it as pool name.
Also, fix build warn without OPENSSL.
|
|
Chap-secrets' ipdb uses 4th field as static peer ipv4 address. With no radius
and multiple same username sessions, it's impossible to use non-default pool
for such sessions.
Abuse chap-secret's 4th field as pool=name to specify session's pool name.
With ippool module loaded after chap-secrets (default order), it will be
used for allocation from the specified poll name.
Compatibility considerations:
* pppd will skip 'pool=*' with warn 'unknown host in auth. address list'
same as 5th field - shaper, because starting from 4th field pppd
parse list of value. so, no new effects here.
* previous versions of accel-ppp will parse 'pool=*' as empty address.
* with no 'pool=*' in chap-secrets or with no chap-secrets loaded, no
behavior change.
* with no ippool loaded, session will get no peer address.
* with ippool loaded before chap-secrets, chap-secrets's ipdb will not
be used, therefore neither ip addess not pool name will has no effect.
* if chap-secrets' pool is invalid or not found, default pool will be
used by ippool or address came from radius.
* chap-secret's pool name might override pool came from radius, if
radius module is loaded after chap-secrets and no address came from
radius.
|
|
|
|
|
|
|
|
|
|
[ppppd-compat]
fork-limit=N
Specifies number of simultaneously running background processes.
|
|
implemented coinfig reload
changed default value of ip-xxx scripts to be NULL (disabled)
|
|
|
|
|
|
tx_bytes and rx_bytes are only used in the ->stop_time branch, so
let's compute them here rather than at the top of the function.
Also, let's replace '4294967296llu' by 'UINT32_MAX + 1', to make it
clear that a gigaword equals 2^32 bytes and is used to keep track of
how many times the 32 bits tx and rx counters have overflowed.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Use snprintf() to ensure fill_env() isn't going to overflow 'mem'.
Environment variables are either completely set or not defined at all
(but are never truncated).
For the ipv6 and ipv6_dp cases, the environment variable is now fully
generated with a single format string for simplicity.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Hello,
small patch to avoid gcc -Wformat warnings on Debian x32 where time_t
is "long long" (64-bit signed, to be 2038 safe), not "unsigned long"
(32-bit unsigned) corresponding to "%lu" format strings.
Regards,
Marek
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This patch gets rid of synchronuos style of authentication/accounting.
Synchronous style of authentication/accounting produced sleeping threads
which becomes a problem when lots of sessions started/stopped and all they want authorization/accounting.
|
|
|
|
|
|
|
|
By default list of IP address is serial at startup.
This option shuffles initial IP list so it becomes more random.
|
|
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
|
|
table
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
|
|
Use unshare(CLONE_FILES) to create a local file descriptors namespace
for the SNMP thread. This is similar to what was done in bf5340
'net-snmp: run snmp in "special" thread', but without calling clone()
directly. So the net-snmp plugin keeps running in a regular pthread.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
This reverts commit bf5340291badcc631bd855bb924593cd445ecd26.
snmp_thread() needs to be run as regular thread to allow Valgrind
analysis. Using a different namespace for file desciptors will be
done later on using unshare().
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
