welterde/l2tpns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1206 commits 1 branch 0 tags 3.7 MiB
Commit graph

1206 commits

This branch
This branch
All branches
Author SHA1 Message Date
Samuel Thibault
943717e48d Add needrestart file 
To let administrator when to drop all sessions
 2024-01-05 14:11:38 +01:00
Samuel Thibault
6be06966e3 Use Makefile rules to generate documentation 
And regenerate documentation.
 2023-12-24 15:42:03 +01:00
Samuel Thibault
986961ad5d Add missing mp_mrru option in manpage source 2023-12-24 15:33:09 +01:00
Samuel Thibault
05772e2295 Add periodic RA sends 
The RFC indeed say that we should send them periodically.  We were
previously only sending them along LCP echo replies, but echo requests
are typically sent only when there is no trafic, which RA need to be
sent even when there is trafic.
 2023-12-04 19:41:57 +01:00
Samuel Thibault
3be9b1657a Note what changed in versions 8, 9 and 10 2023-12-03 21:24:54 +01:00
Samuel Thibault
01576b74da typo 2023-11-08 01:37:01 +01:00
Samuel Thibault
3667bdfe80 Also clamp MSS on IPv6 
Some routers erratically drop "Packet too big" icmp messages, and PMTU
discovery then doesn't work. We can however easily clamp MSS on IPv6 too.
 2023-11-05 17:21:14 +01:00
sthibaul
7514eecf68 Merge branch 'initippool_memset' into 'master' 
initippool: fix initialization of ip_address_pool

See merge request l2tpns/l2tpns!27
 2023-08-02 21:31:13 +00:00
Dominique Martinet
1a89fc3f63 initippool: drop redundant memset 
The size of the memset was just wrong, but the data has already been
zeroed in initdata so we can just remove it.
# This is the commit message #2:

# squash! initippool: fix initialization of ip_address_pool
 2023-08-03 06:10:27 +09:00
sthibaul
43e25849b2 Merge branch 'icmp_header' into 'master' 
icmp.c: do not include linux headers

See merge request l2tpns/l2tpns!26
 2023-08-02 20:49:10 +00:00
Dominique Martinet
e168cc6ff7 icmp.c: do not include linux headers 
net/if.h and linux/if.h headers conflict with each other as of linux
6.3 and glibc 2.37 headers:
In file included from /usr/include/linux/icmp.h:23,
                 from icmp.c:5:
/usr/include/net/if.h:44:5: error: redeclaration of enumerator ‘IFF_UP’
   44 |     IFF_UP = 0x1,               /* Interface is up.  */
      |     ^~~~~~
/usr/include/linux/if.h:83:9: note: previous definition of ‘IFF_UP’ with type ‘enum net_device_flags’
   83 |         IFF_UP                          = 1<<0,  /* sysfs */
      |         ^~~~~~

icmp.c gets net/if.h from l2tpns.h, and linux/if.h from linux/icmp.h.

In our case, we do not need to use the linux headers at all here as we
are doing normal userspace things: just use glibc headers all the way.

This has been tested with kernel 3.2 / glibc 2.13 headers, so it's
probably fine. (l2tpns does not currently build with musl)
 2023-08-03 05:29:01 +09:00
sthibaul
b46c2aa671 Merge branch 'cli' into 'master' 
Add more information in show session/tunnel

See merge request l2tpns/l2tpns!25
 2023-04-30 18:10:57 +00:00
Samuel Thibault
90b7d4a0dc Add more information in show session/tunnel 2023-04-30 20:10:01 +02:00
Samuel Thibault
b0a93e8809 Lower log level of IPV6CP warning 
Level 2 is actually often used.

Ref #10
 2023-04-23 13:56:48 +02:00
sebian
3a5bd840b2 Merge branch 'mp_mrru' into 'master' 
Add mp_mrru option

See merge request l2tpns/l2tpns!20
 2023-03-05 17:40:29 +00:00
Samuel Thibault
8e7bfa9a77 Add mp_mrru option 
Some equipments seem not able to actually put options in Configure-Reject
messages, so we then have to disable MRRU by hand.
 2023-02-07 12:45:29 +01:00
zorun
b3b5fc5c59 Merge branch 'chap_nack' into 'master' 
LCP: accept an auth nack to CHAP with length == 4

See merge request l2tpns/l2tpns!19
 2022-12-14 20:51:46 +00:00
Samuel Thibault
af9cb755ab LCP: accept an auth nack to CHAP with length == 4 
It seems at least some products send this:

 {LCP (0xc021), length 12: LCP, Conf-Nack (0x03), id 9, length 10
        encoded length 8 (=Option(s) length 4)
        0x0000:  c021 0309 0008
          Auth-Prot Option (0x03), length 4: CHAP[|lcp]}

If we refuse to nack to CHAP, we'd stay stuck with PAP and eventually
get a reject.
 2022-12-14 19:08:07 +01:00
sthibaul
19ee48869f Merge branch 'coverity' into 'master' 
coverity misc fixes

See merge request l2tpns/l2tpns!18
 2022-11-05 22:27:07 +00:00
Dominique Martinet
c770205890 pppoe_sess_send: check packet length before reading header 
if the packet is too small then reading pack + ETH_HLEN is invalid, first
check that the packet is big enough then read the header at an offset we
know is valid

Reported-by: Coverity#375305
 2022-11-05 21:35:53 +09:00
Dominique Martinet
54be500888 bgp_write: fix sent data (offset) on partial write 
&peer->outbuf->packet has a non-1 size, so &foo + offset would
incorrectly offset by sizeof(packet) * offset, while it is meant as a
byte offset.

Cast to char * to have a simple offset.

Reported-by: Coverity#375309
 2022-11-05 21:29:02 +09:00
Dominique Martinet
bbedc40bf2 sendarp: fix out of bound read on mac address 
mac address is only 6 bytes, which we specify in sll_halen, so do not try to
read more than that into sll_addr.

Reported-by: Coverity#375313
 2022-11-05 21:25:31 +09:00
Dominique Martinet
af92de5eeb processudp: fix memory leak 
send/recvchalresponse should be freed before early returns in the function,
as there are code paths where they would be allocated before these.

Note free is no-op on null pointer so checking for non-null value is useless.

Reported-by: Coverity#375342
 2022-11-05 21:18:36 +09:00
Samuel Thibault
4d906e595d Fix liveness of buf 
So that domain can point to it.
 2022-11-03 13:27:54 +01:00
Samuel Thibault
6df96f8148 Fix duplicate close 2022-11-03 13:23:59 +01:00
Samuel Thibault
7623522726 Avoid warning 
The restart code is indeed only needed for reset cases, any other case
doesn't need anything there.
 2022-11-03 11:51:43 +01:00
Samuel Thibault
92733074db Fix state name 
Dead and Initial happen to both equal 0, so this is actually a
no-behavior-change.
 2022-11-03 11:50:39 +01:00
Samuel Thibault
fbf0c191e1 Fix operator priority 
(notably ternary ?: is less prioritized than <=)
 2022-11-03 11:50:04 +01:00
Samuel Thibault
233f7e8526 Drop useless test 2022-11-03 11:49:48 +01:00
Samuel Thibault
7124084434 Fix alarm management 2022-11-03 11:33:50 +01:00
Samuel Thibault
a612c24207 Add missing +x perm 2022-11-03 11:30:22 +01:00
Sebastien Badia
d1536bdcfb
New release: 2.4.1 2022-09-03 01:10:37 +02:00
Sebastien Badia
48e7ef75b7
ci: test L2TPNS version (Ref #11) 2022-08-24 13:16:43 +02:00
Samuel Thibault
ab58da4056 Reduce loglevel of warning 
Various clients are making the same mistake, let's not flood our own
logs with errors that are actually from the client.

Ref #10
 2022-07-13 11:18:50 +02:00
Sebastien Badia
e9afb88de7
New release: 2.4.0 2022-07-03 23:17:59 +02:00
sebian
5e8cf3660c Merge branch 'set-secret-detection-config-1' into 'master' 
Configure Secret Detection in `.gitlab-ci.yml`, creating this file if it does not already exist

See merge request l2tpns/l2tpns!17
 2022-07-03 20:52:26 +00:00
sebian
bb56dd7987 Configure Secret Detection in .gitlab-ci.yml, creating this file if it does not already exist 2022-07-03 20:50:42 +00:00
sebian
6053b0d23d Merge branch 'set-sast-config-1' into 'master' 
Configure SAST in `.gitlab-ci.yml`, creating this file if it does not already exist

See merge request l2tpns/l2tpns!16
 2022-07-03 20:50:19 +00:00
sebian
7e5d8afaf5 Configure SAST in .gitlab-ci.yml, creating this file if it does not already exist 2022-07-03 20:47:34 +00:00
sebian
40a02aa8d5 Merge branch '64bit' into 'master' 
Use 64bit counters for accounting

Closes #12

See merge request l2tpns/l2tpns!13
 2022-07-02 12:16:54 +00:00
sebian
5317b7aca6 Merge branch 'default_radius_port' into 'master' 
Use newer radius port 1812 by default

See merge request l2tpns/l2tpns!15
 2022-07-02 12:15:30 +00:00
sebian
955b079395 Merge branch 'cli_localhost' into 'master' 
Make cli bound to localhost in default configuration

See merge request l2tpns/l2tpns!14
 2022-07-02 12:13:41 +00:00
Samuel Thibault
71a60411a1 Use newer radius port 1812 by default 
1645 has been marked as "old-radius" for a long time.
 2022-05-28 09:33:05 +02:00
Samuel Thibault
41c0bd1bc7 Make cli bound to localhost in default configuration 
Even if the default users file is empty, it's still better to avoid
exposing by default a service to the wide internet...
 2022-05-26 14:07:56 +02:00
Samuel Thibault
f9e2045b38 Add example for IPv6 DNS servers 2022-05-26 13:23:46 +02:00
Samuel Thibault
31dedbbe66 Use 64bit counters for accounting 
Otherwise with 5-minute reporting we overflow with >= ~100Mbps.

Fixes #12
 2022-01-24 00:40:26 +01:00
Dominique Rousseau
7c715f16fc fix bgp_add_route with bind_address ( fix #9 ) 2021-10-15 21:55:31 +02:00
Baptiste Jonglez
832945bb4b Fix reported l2tpns version number 2021-10-15 21:55:31 +02:00
sthibaul
1e5573679c Merge branch 'fix-ppoe-buffer-overflow' into 'master' 
Buffer overflow on show sesion pppoe and on pppoe discover LOG level 3.

See merge request l2tpns/l2tpns!12
 2021-08-23 18:10:09 +00:00
Fernando ALVES
dd98adf3e2 Buffer overflow on show sesion pppoe and on pppoe discover LOG level 3. 2021-04-25 13:47:51 +02:00