| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2020-09-06 | l2tp: fix RCE through buffer overflow & fix LE/BE compatibility | Vladislav Grishenko | |
| Unsufficent checks of valid l2tp header & avp length cause possible RCE through buffer overflow, reported by https://github.com/WinMin swings & leommxj, Chaitin Security Research Lab. Add missed header length and avp length validation to fix the issue. Order of struct bitfields is implementation-defined so current code doesn't play well with big-endian arch. switch to explicit flag bit checking/gathering to fix the issue. RFC 2661 and 3931 requires that length, seqeuence flags must be set and offset flag must not be set, so avp-premissive can't help in this cases. | |||
| 2013-02-13 | l2tp: Take StopCCN's AVPs into account | Guillaume Nault | |
| Use the Assigned Tunnel ID and Result Code AVPs when handling StopCCN messages. The Result Code AVP is used to improve log messages, while the Assigned Tunnel ID is used to set the tunnel's peer-tid field. Setting peer-tid makes the ZLB to be sent to the right tunnel in case no Assigned Tunnel ID had been received yet (this happens when the host sends an SCCRQ but the peer directly rejects the connection with StopCCN). Signed-off-by: Guillaume Nault <g.nault@alphalink.fr> | |||
| 2011-01-05 | rename accel-pptp to accel-ppp | Dmitry Kozlov | |
 |
index : accel-ppp-xebd.git | |
| High performance PPTP/L2TP/PPPoE/IPoE server for Linux (mirror of https://github.com/marekm72/accel-ppp-xebd.git) |
| summaryrefslogtreecommitdiff |