| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The 'hw' parameter of cl_key_from_mac() is actually a pointer, so
'key.hw' must be used instead to compute the size of the MAC address.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
ipoe: pass router=siaddr if router was not configured by other way
|
|
|
|
|
|
address and mask if radius can assign only client address
|
|
|
|
|
|
|
|
Fix indentation of sections 'log' and 'ip-pool'.
Remove space before comma in section 'chap-secret/username-hash'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Add two options to the 'l2tp create tunnel' command:
* 'peer-port' allows to specify the destination port of the
SCCRQ packet (instead of standard port 1701). This allows
to connect to a peer listening on a non standard port.
* 'host-port' allows to specify the source port of the SCCRQ
packet (instead of an arbitrary free port).
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Define option 'use-ephemeral-ports' for accel-ppp.conf. When set
to 0, this option deactivates the use of ephemeral ports. That is,
accel-ppp won't choose an arbitrary source port when replying to a
tunnel establishment request, but will use the SCCRQ's destination
port instead.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Commit 05bb6859 "pptp,l2tp: bind to port options" assigns fixed source
port for every L2TP tunnel. This removes support for ephemeral ports
(as described in RFC 2661 section 8.1) and statically sets the source
port when accel-ppp initiates tunnel connections.
This patch reverts to the previous behaviour (automatic source port
selection) while keeping the ability to listen for incoming
connections on a port different from 1701 (which was the purpose of
commit 05bb6859).
Support for disabling usage of ephemeral ports and for manual port
selection upon tunnel creation will be added later on by means of
configuration options.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
This variable doesn't need to be visible outside of its
compilation unit.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
|
|
|
|
|
|
|
|
default)
|
|
|
|
|
|
|
|
Allocate space for the terminationg null byte, to avoid truncating
PPP channel name.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
|
|
|
|
|
|
|
|
Since multiple sessions may be created in each tunnel, a client may
bypass the connlimit module by creating many sessions in an existing
tunnel (connlimit is only used upon reception of SCCRQ messages).
This patch adds connlimit checks when handling session creation requests
(ICRQ and OCRQ) so that connection limits get enforced in every case.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Use the number of available processors to set the thread-count
option if not given in configuration file.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Define l2tp_packet_add_int64() to create attributes of 64 bits long
integers.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Set Challenge attribute using a random length so that its size can't
be guessed when hide-avps is on.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Add option "hide-avps" in the "l2tp" section for hiding attributes
sent to peer. This same option is also made available on accel-ppp's
command line interface:
accel-ppp# tunnel create tunnel peer-addr 192.0.2.1 hide-avps 1
Attribute hiding is performed upon attribute creation (in the
l2tp_packet_add_*() functions family) rather than upon packet sending.
This avoid running the cipher for every retransmission; the counterpart
is that l2tp_packet_print() can't dump original attributes of hidden
AVPs.
Currently, only one random vector is used for all hidden AVPs in a
packet. This is easily extensible though, as the 'last_RV' field in
struct l2tp_packet_t may be overridden to use new vectors for next
AVPs.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
