| Age | Commit message (Collapse) | Author |
|---|
|
It's often useful to let a program crash on SIGSEGV and let an external
daemon, like monit or systemd, restart it when needed. This allows to
generate core dumps and do post-mortem analysis based on the collected
traces.
This patch add the new '--no-sigsegv' option to disable accel-ppp's
SIGSEGV handler and use the system's core(5) mechanism instead.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
SIGSEGV, SIGILL, SIGFPE and SIGBUS aren't blocked, but they're added to
the set of signals passed to sigwait(). This is confusing (should these
signals be consumed by sigwait() or by their respective signal
handler?) and is undefined according to the POSIX man page
(http://man7.org/linux/man-pages/man3/sigwait.3p.html).
In practice, sigwait() was only triggered when manually sending the
signals to accel-pppd ("pkill -FPE accel-pppd"). On normal
circumstances though, these signals are triggered by invalid
operations run by the program. In these cases the signal handler was
run and sigwait() wasn't woken up.
So let's remove SIGSEGV, SIGILL, SIGFPE and SIGBUS from the set passed
to sigwait(). This simplifies the code, avoids undefined behaviour and
doesn't change accel-ppp behaviour for real-world use cases.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
If wins_opt->addr is NULL, then we have no address to propose (none
defined in accel-ppp.conf and none provided by RADIUS). Currently,
in that case, accel-ppp accepts and acks the address found in the peer's
configuration request. But the peer would normally use the undefined IP
address, so if we ack it, we explicitely tell the peer that 0.0.0.0 is
the primary/secondary NBNS server.
If the peer already knows a NBNS server IP address, it doesn't have to
negociate it with accel-ppp. It can just use it directly, after it
retrieved its own IP address. Therefore there is no need for accel-ppp
to blindly accept addresses proposed by the peer.
This patch rejects *-NBNS-Address if accel-ppp has no NBNS server to
propose, making it explicit to the peer that its request can't be
satisfied.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
When handling the EV_WINS event, IPCP assumes that the ->wins1 and
->wins2 fields of the event structure are properly set. But that may
not be the case.
If only one of the MS-Primary-NBNS-Server or MS-Secondary-NBNS-Server
RADIUS attributes was received, then only ->wins1 or ->wins2 is set,
while the other keeps a non initialised value. This uninitialised value
is then copied by ev_wins() and proposed to the peer when negociating
the Primary-NBNS-Address or Secondary-NBNS-Address IPCP options.
That leaks four bytes of the stack to the network and prevents using
the values found in the [wins] section of accel-ppp.conf as fallback.
Fix this by initialising the whole event structure in rad_proc_attrs().
Then, in ev_wins(), we can check if ->wins1 or ->wins2 is properly set
before copying them. That allows to propery fallback to accel-ppp.conf
values when one of the values was not provided by RADIUS.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
If dns_opt->addr is NULL, then we have no address to propose (none
defined in accel-ppp.conf and none provided by RADIUS). Currently,
in that case, accel-ppp accepts and acks the address found in the peer's
configuration request. But the peer would normally use the undefined IP
address, so if we ack it, we explicitely tell the peer that 0.0.0.0 is
the primary/secondary DNS server.
If the peer already knows a DNS server IP address, it doesn't have to
negociate it with accel-ppp. It can just use it directly, after it
retrieved its own IP address. Therefore there is no need for accel-ppp
to blindly accept addresses proposed by the peer.
This patch rejects *-DNS-Address if accel-ppp has no DNS server to
propose, making it explicit to the peer that its request can't be
satisfied.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
When handling the EV_DNS event, IPCP assumes that the ->dns1 and ->dns2
fields of the event structure are properly set. But that may not be the
case.
If only one of the MS-Primary-DNS-Server or MS-Secondary-DNS-Server
RADIUS attributes was received, then only ->dns1 or ->dns2 is set,
while the other keeps a non initialised value. This uninitialised value
is then copied by ev_dns() and proposed to the peer when negociating
the Primary-DNS-Address or Secondary-DNS-Address IPCP options.
That leaks four bytes of the stack to the network and prevents using
the values found in the [dns] section of accel-ppp.conf as fallback.
Fix this by initialising the whole event structure in rad_proc_attrs().
Then, in ev_dns(), we can check if ->dns1 or ->dns2 is properly set
before copying them. That allows to propery fallback to accel-ppp.conf
values when one of the values was not provided by RADIUS.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
When accel-ppp is under stress (for example because of massive
disconnections) it may enter a state where no session could be
created or destroyed anymore.
This happens when at least one of the pppd_compat fork() fail. In this
case, the error code path doesn't unlock the sigchld handler, which
prevents it from running the completion callbacks of running scripts.
If the "fork-limit" option is used, failure to call the completion
callback will prevent other scripts from running. This will block
setting up and tearing down sessions, as those will wait indefinitely
for their pppd_compat scripts to run.
Therefore, we have to unlock the sigchld handler when fork() fails.
We also need to call fork_queue_wakeup(), because the previous
check_fork_limit() call already took one reference in the fork limit.
Finally, ev_ses_pre_up() is a bit special because it has to tear the
session down if the ip-pre-up script failed. Therefore it also has to
call ap_session_terminate() upon fork() failures.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Allow triton_context_wakeup() to run before triton_context_schedule().
When that happens, triton_context_schedule() now lets the context
running instead of putting it in sleep mode.
Note that, even though triton now allows triton_context_wakeup() to
happen before triton_context_schedule(), these two functions still need
to be paired and not nested. That is, in a sequence like the following,
triton_context_wakeup()
triton_context_wakeup()
triton_context_schedule()
triton_context_schedule()
the second triton_context_schedule() would put the context in sleep
mode. No matter how many triton_context_wakeup() have been called, the
first triton_context_schedule() "consumes" them all.
Being immune to schedule/wakeup inversion allows to fix the pppd_compat
module. This module needs to fork() to execute external programs. The
parent then waits for completion of its child using
triton_context_schedule(). When child terminates, the sigchld module
runs a callback that has to call triton_context_wakeup() to resume
execution of the parent.
The problem is that there is no synchronisation between the parent and
its child. When under stress, the child may execute faster than its
parent and the sigchld callback might run triton_context_wakeup()
before the parent had time to call triton_context_schedule().
Then accel-ppp might crash because the triton thread might have reset
ctx->thread to NULL, making triton_context_wakeup() write to invalid
memory when trying to insert the context in ctx->thread->wakeup_list[].
Synchronising the parent and its child completion's callback would
require cooperation from triton_context_schedule(). Otherwise we would
still have a time frame between the moment we let the callback waking
up the context and the moment we put the context in sleep mode.
Allowing schedule/wakeup call inversion in triton looks simpler since
it avoids modifying the current API.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
sstp: fix build w/o openssl & with 1.1.0-1.1.0g
|
|
|
|
|
|
|
|
list.h is an accel-ppp internal file.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include <stdint.h> to define 'uint16_t'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
If MEMDEBUG is defined, then we need to include "memdebug.h" to define
'md_free'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include "list.h" to define 'struct list_head' and
<netinet/in.h> for 'in_addr_t' and 'struct in6_addr'.
Also, let's include "ap_session.h" so that we don't need a forward
declaration for 'struct ap_session'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include <stdint.h> to define 'uint16_t' and "triton.h" for
'struct triton_timer_t'.
Also, let's include "ppp.h" so that we don't need a forward declaration
for 'struct ppp_t'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include <stdint.h> to define 'uint8_t' and "ppp.h" for
'struct ppp_t'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include "ppp.h" to define 'struct ppp_layer_data_t' and
'struct ppp_handler_t'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include <stdio.h> to define 'asprintf', <stdlib.h> for
'malloc', 'realloc' and 'free' and <string.h> for 'strdup' and
'strndup'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include "ap_session.h" to define 'struct ap_session'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include <sys/types.h> to define 'pid_t'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include <netinet/in.h> to define 'in_addr_t'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include <stdint.h> to define 'uint32_t' and <netinet/in.h>
for 'in_addr_t' and 'struct in6_addr'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include <sys/socket.h> to define 'socklen_t', <sys/types.h>
for 'ssize_t' and "list.h" for 'struct list_head'.
Also, let's include "libnetlink.h" so that we don't need a forward
declaration for 'struct rtnl_handle'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include <stdint.h> to define 'uint*_t' and <string.h> for
'memcpy'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include <sys/types.h> to define 'size_t'.
Also, let's include "ap_session.h" so that we don't need a forward
declaration for 'struct ap_session'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
We need to include <netinet/in.h> to define 'struct in6_addr' and
<stdint.h> for 'uint8_t'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
fix gateway address setup fail due memory corruption
|
|
log:
libnetlink: RTNETLINK answers: Invalid argument
ppp0: f7bb00a79ef667d2: failed to set IPv4 address: Invalid argument
ipaddr_add_peer() called only with mask equeal 0 or 32, but w/o
zero-allocated structs it contans garbage in some cases.
so, instead ipaddr_add() was called with wrong mask value.
also, init chap-secrets mask for the same reason.
|
|
|
|
|
|
Define a new column, called "netns", that prints the network namespace
in which sessions are set.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Several modules assume that if ses->ipv6 is set, then
ses->ipv6->addr_list contains at least one element. But this is not
true if ipv6 was allocated by the pseudo ipdb backend of ipv6cp
(ipv6cp_opt_intfid.c). That is, if the PPP session only has an
automatic link-local address.
This leads modules like pppd-compat and dhcpv6 to access invalid memory
when trying to retrieve the IPv6 address of a PPP session.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
|
|
|
|
Missing tab was misleading.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
If the PPP device is set up into a specific network namespace, all the
configuration that goes with it belongs to this same netns. Therefore,
we need to run the up/down scripts in that namespace too.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
The first argument passed to the ip-pre-up script, was mistakenly set
to the value of ip-up.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
