| Age | Commit message (Collapse) | Author |
|
|
|
|
|
Replaced Linux-specific headers with their net counterparts.
|
|
Replaced conditional inclusion of if_arp.h and if_packet.h with direct includes.
|
|
|
|
Removed checks for __free_fn_t and good ifarp in CMakeLists.txt.
|
|
Removed check for printf.h and related definitions.
|
|
Removed conditional inclusion of printf.h.
|
|
Situation is a bit complex. Even one problem we fix easily,
such as saving server as variable, rad_req_free might free
server in theory, and s will be invalid.
This is a bit of rewrite, but proper fix.
Fixes problem in 2 functions.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Minor fixes
|
|
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
ppp init might fail due malloc failure, missing or invalid runtime state, failure to setup
resources (sockers, timers, handler registration), etc.
This is quite unlikely now, but some floating(hard to catch) bugs says
better to be safe than sorry.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Initialized the ifreq in destablish_ppp to avoid the uninitialized-struct
warning before use.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
It was a micro-optimization to skip taking the mutex when uc_size was 0.
But because uc_size isnt atomic and wasnt read under the lock, it created a TOCTOU window.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
netlink: Added VRF support
|
|
Added VRF support to the iproute routines.
Updated iproute* calls in the ipoe, radius, and dhcpv6 code.
Signed-off-by: Andrii Melnychenko <a.melnychenko@vyos.io>
|
|
Various Framed‑Route improvements
|
|
|
|
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
|
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
pppoe: Fix RFC2516 non-compilance in PADI tags parsing
|
|
acct: Fix losing some data on interface down due wrong sequence
|
|
Ensure accounting values include the most recent traffic sample when a session disconnects,
preventing the final interval from being dropped and avoiding under-reported totals in usage/billing.
Big thanks Dmitriy Eshenko for patch and testing
Author: Dmitriy Eshenko <dmitriy.eshenko@accel-ppp.org>
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
We currently only break out of the switch, so the for loop keeps parsing tags after TAG_END_OF_LIST (accel-pppd/ctrl/pppoe/pppoe.c: around pppoe_recv_PADI).
RFC 2516 (paragraph 5, Tag Types: End-of-List) says an End-of-List tag MAY appear in PADI/PADR and "any TAGs after an End-of-List MUST be ignored."
Since we continue processing them, this behavior is technically non-compliant with the RFC.
Same in pppoe_recv_PADR.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
OpenSSL is now mandatory.
Signed-off-by: Andrii Melnychenko <a.melnychenko@vyos.io>
|
|
Signed-off-by: Andrii Melnychenko <a.melnychenko@vyos.io>
|
|
auth_chap_md5: unused variable, mschap_error likely copy paste error, plain chap dont have errors like mschap
|
|
Sstp improvements
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
l2tp: fix buffer overflow and type errors in Calling/Called Number handling
|
|
chap dont have errors like mschap
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Suppress OpenSSL 3.0 deprecation warnings for legacy crypto APIs
|
|
Fix issues introduced in 88a2ebdb:
- Fix type declaration: uint8_t *calling[254] declared an array of 254
pointers instead of an array of 254 bytes. Remove erroneous asterisks.
- Fix buffer overflow vulnerability: L2TP AVP values can be up to 1017
bytes (L2TP_AVP_LEN_MASK - sizeof(avp_header)), but buffers were only
254(*4?) bytes. A malicious packet could cause stack buffer overflow.
Use L2TP_AVP_LEN_MASK (1023) for buffer size to handle maximum AVP length.
- Remove useless NULL checks: Stack-allocated arrays can never be NULL,
causing compiler warnings. The existence check is n > 0 / m > 1.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Not a bug, but to supress warnings.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
We are using similar approach as in other projects, easiest one,
but probably in future it will break as soon as this functions
will be removed completely.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
mempool: Fix 32-bit stats
|
|
docs: Improve ippool documentation
|