The size of the memset was just wrong, but the data has already been
zeroed in initdata so we can just remove it.
# This is the commit message #2:
# squash! initippool: fix initialization of ip_address_pool
net/if.h and linux/if.h headers conflict with each other as of linux
6.3 and glibc 2.37 headers:
In file included from /usr/include/linux/icmp.h:23,
from icmp.c:5:
/usr/include/net/if.h:44:5: error: redeclaration of enumerator ‘IFF_UP’
44 | IFF_UP = 0x1, /* Interface is up. */
| ^~~~~~
/usr/include/linux/if.h:83:9: note: previous definition of ‘IFF_UP’ with type ‘enum net_device_flags’
83 | IFF_UP = 1<<0, /* sysfs */
| ^~~~~~
icmp.c gets net/if.h from l2tpns.h, and linux/if.h from linux/icmp.h.
In our case, we do not need to use the linux headers at all here as we
are doing normal userspace things: just use glibc headers all the way.
This has been tested with kernel 3.2 / glibc 2.13 headers, so it's
probably fine. (l2tpns does not currently build with musl)
When acting as LNS, we have to answer challenges with our own secret, but
when acting as LAC, we have to answer challenges with the LNS secret, not
ours.
It seems at least some products send this:
{LCP (0xc021), length 12: LCP, Conf-Nack (0x03), id 9, length 10
encoded length 8 (=Option(s) length 4)
0x0000: c021 0309 0008
Auth-Prot Option (0x03), length 4: CHAP[|lcp]}
If we refuse to nack to CHAP, we'd stay stuck with PAP and eventually
get a reject.
if the packet is too small then reading pack + ETH_HLEN is invalid, first
check that the packet is big enough then read the header at an offset we
know is valid
Reported-by: Coverity#375305
&peer->outbuf->packet has a non-1 size, so &foo + offset would
incorrectly offset by sizeof(packet) * offset, while it is meant as a
byte offset.
Cast to char * to have a simple offset.
Reported-by: Coverity#375309
send/recvchalresponse should be freed before early returns in the function,
as there are code paths where they would be allocated before these.
Note free is no-op on null pointer so checking for non-null value is useless.
Reported-by: Coverity#375342
When a l2tpns cluster gets out of a "split brain" situation, l2tpns will
consider that it is not normal to having multiple master, and some members
of the cluster will voluntarily kill themselves.
While this is probably the best thing to do for l2tpns in this situation,
continued operation is important. Let's tell systemd to restart l2tpns in
such cases.
Looking at the code, there are several other places where l2tpns might
exit in case of grave failure, and this change will also cover these
cases.
