| Age | Commit message (Collapse) | Author |
|---|
|
tx_bytes and rx_bytes are only used in the ->stop_time branch, so
let's compute them here rather than at the top of the function.
Also, let's replace '4294967296llu' by 'UINT32_MAX + 1', to make it
clear that a gigaword equals 2^32 bytes and is used to keep track of
how many times the 32 bits tx and rx counters have overflowed.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Use snprintf() to ensure fill_env() isn't going to overflow 'mem'.
Environment variables are either completely set or not defined at all
(but are never truncated).
For the ipv6 and ipv6_dp cases, the environment variable is now fully
generated with a single format string for simplicity.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
There are three different triton contexts that use l2tp_ctx_switch() as
their ->before_switch callback (main UDP server, L2TP control and L2TP
data).
In UDP server and L2TP control contexts, l2tp_ctx_switch() is called
with 'arg' == NULL. Only L2TP data contexts pass an ap_session pointer.
So we have to check 'arg' before setting 'net' or accel-ppp would
segfaults.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
|
|
|
|
Signed-off-by: François Cachereul <f.cachereul@alphalink.fr>
|
|
This reverts commit 07ca3acb40df7668cfd0c6abbdcefc21d944d993.
Signed-off-by: François Cachereul <f.cachereul@alphalink.fr>
|
|
|
|
Do not know how this could work. It make more sense to move an interface
from its original namespace not from its destination.
Signed-off-by: François Cachereul <f.cachereul@alphalink.fr>
|
|
This is done using radius attribute NAS-Port-Id. The new format of this attribute is NAS-Port-Id=[ns/][name].
Namespaces must be created malually by "ip netns add ..." command
|
|
* general rewrite and improve ipoe/vlan_mon drivers
* ipoe: generate EUI-64 interface identifier for ipv6 addresses
* ipoe: log warning if interface was not started by vlan_mon notification
* ipoe: introduced option "start=auto"
* ipoe: translate UP session to dhcp session when dhcp request received (for shared=0 interfaces)
* ipoe: implemented starting UP session by arp request
* ipoe: log interface renaming
* pppoe: add interface name to log messages
* pppoe: implemented vlan_mon support
* pppd_compat: change mode of radattr files to 0644
* pppd_compat: check for script existance before fork
* radius: implemented handling of Framed-Route attribute
* radius: do not send NAS-Port and NAS-Port-Id if they are undefined
* radius: add Delegated-IPv6-Prefix to accounting packets
* radius: update Session-Timeout by CoA
* shaper: implemented internal class id map
* ppp: introduced unit-preallocate option
* ipv6: remove ipv6 address and routes on session termination
* vlan_mon: introduced autoclean module parameter
* iprange: implement config reload
* make termination caused by SIGTERM soft
* remove pid file on exit
* for single-session=deny make early check for duplicate username (before calling radius)
* fixed broken "noauth" mode
|
|
accel-dp will be continued in separated branch
|
|
later use
Bacause interface may not still exists in authentication phase
|
|
|
|
|
|
|
|
If set to 1 then allocate unit (interface) before authorization, so Nas-Port and Nas-Port-Id would be defined in Access-Request phase
|
|
|
|
|
|
|
|
|
|
The 'installed' bit of the allocated ipv6db_addr_t structure needs to
be initialised. This is because ap_session_ifdown() reads this bit to
know if the address or route needs to be removed from the kernel.
The 'installed' bit is set by ap_session_accounting_started() and the
ND and DHCPV6 protocol handlers, but disconnection could happen before
these steps.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
This files aren't used (and aren't even compiled) anymore.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
include/ppp_auth.h used to be a symlink to ppp/ppp_auth.h, until it was
made a copy by ebbd6f580322 ("fix typo (successed -> succeeded)").
Therefore, changes to ppp/ppp_auth.h aren't visible to files including
ppp_auth.h anymore. These files have already diverged (just a
whitespace fix for now), so let's restore the original symlink before
more changes occur.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
Hello,
small patch to avoid gcc -Wformat warnings on Debian x32 where time_t
is "long long" (64-bit signed, to be 2038 safe), not "unsigned long"
(32-bit unsigned) corresponding to "%lu" format strings.
Regards,
Marek
|
|
|
|
The kernel flag used for setting PFC is SC_COMP_PROT (SC_COMP_AC is for
Address-and-Control-Field-Compression).
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Using a /0 prefix on an IP different from 0.0.0.0 is valid, but might
be a configuration mistake. Log warning message in this case so that
user can easily troubleshoot it.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
This is equivalent, but INADDR_BROADCAST is more descriptive.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Move warning messages to PPTP and L2TP modules. No other module
actually uses iprange, so it's perfectly valid to disable it, or at
least to not configure any range, when PPTP and L2TP aren't used.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Protect conf_disable and client_ranges with a mutex.
Instead of directly setting conf_disable, load_ranges() now returns
a disable flag. The caller is in charge of propagating its value
in conf_disable.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Add list_replace() and list_replace_init(), as defined in Linux kernel
sources.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
The previous parsing functions had a few problems:
* They did accept negative numbers in addresses (e.g. 192.0.2.-5).
* They relied on C undefined behaviour for detecting /0 prefix
length: "mask = htonl(~((1 << (32 - m)) - 1)" was wrong for m = 0,
because that resulted in a left shift of 32 bits, on a 32 bit wide
value (the right operand of a bitwise shift operator must be
strictly smaller than the width of the promoted left operand).
* They misinterpreted /32 prefixes as disable requests. In fact, due
to the undefined behaviour described above, /0 and /32 prefix
lengths were represented in the same way by parse1(), that is, with
an iprange_t structure where ->begin == ->end. Therefore
load_ranges() had no way to distinguish between them and did
disable the module in both cases.
This patch fixes these issues and brings the following improvements:
* It uses getaddrinfo() to parse IP addresses, so it accept (almost)
all IPv4 representations and is more easily extensible to IPv6 in
the future.
* It warns when the IP address used in CIDR notation is not the first
address in the range (e.g. the first address of 192.0.2.1/24 is
192.0.2.0, not 192.0.2.1).
* It doesn't _exit() on parsing failures, thus making the functions
usable in an EV_CONFIG_RELOAD handler.
While there, the unfinished tunnel_ranges code, which was already
commented, has been removed.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
|
|
|
|
|
|
The telnet and tcp servers disconnect as soon as they receive the
'exit' command or see a disconnection from the client. In this case,
all data queued for transmission are lost. This can lead to truncated
output when big amount of data is being sent.
For example, on a moderately loaded server with a few thouthands
connections, the output of the 'accel-cmd show sessions' command can be
truncated.
The problem is that accel-cmd sends the 'show sessions' command,
followed by 'exit'. It does so because it has to stop running once all
data has been received from the server. But it never knows whether more
data are going to arrive. Disconnection must then come from the server,
hence the use of 'exit' (although the same effect could be achieved
with shutdown(SHUT_WR)).
The telnet and tcp modules behave very similarly and are modified in
the same way:
* For a soft disconnection, cln_read() doesn't call disconnect()
anymore if there are data queued for transmission. Instead it
sets the 'disconnect' flag and stops listening to its peer (no
need to process further messages).
* cln_write() checks the 'disconnect' flag once it has sent all
pending data and actually performs the disconnection if necessary.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
In tcp and telnet backends, the first buffer been queued is directly
pointed to by cln->xmit_buf. It's not added to cln->xmit_queue.
Therefore testing if ->xmit_queue is empty doesn't reliably tells
if data has already been queued.
We should test if ->xmit_buf is non-NULL instead. This is reliable
because ->xmit_buf is re-filled with the first buffer from ->xmit_queue
after every successful write().
Failure to properly check if data has already been queued can lead to
message miss-ordering because cli_client_send() or telnet_send() will
try to directly write() their input buffer, effectively bypassing the
one previously queued up in ->xmit_buf.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
When queueing output data for later write(), the 'n' first bytes of the
buffer have already been sent (we have n > 0 if EAGAIN was returned
after some other write() calls succeeded). Therefore, we need to skip
these bytes when initialising the buffer to be queued.
The size passed to memcpy() did already take that space into account.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This reverts commit fc098b3062badfd802f91241533069cad4886b6f.
|
