Paul Mackerras [Sat, 18 Mar 2023 07:14:04 +0000 (18:14 +1100)]
radius: Fix list traversal in rc_avpair_insert
In rc_avpair_insert, if the list element "p" is non-NULL but not
actually in the list "a", we can end up with this_node being NULL and
being dereferenced.
By changing the while test to this_node->next we avoid having
this_node being NULL; the loop will terminate when this_node == p or
this_node->next == NULL, which is what we want.
Paul Mackerras [Sat, 18 Mar 2023 06:32:20 +0000 (17:32 +1100)]
pppdump: Remove compression functions from local copy of zlib
They aren't used (pppdump only needs decompression), and removing the
unused code avoids getting reports from automated tools about possible
errors in the unused code.
Eivind Næss [Thu, 9 Mar 2023 23:59:19 +0000 (23:59 +0000)]
Additional fixes for broken build
This change fixes the build when
- ./configure is run with --disable-plugins
- ./configure is run with --disable-peap --disable-eaptls
--disable-microsoft-extensions
The latter disables the MPPE encryption too, but <pppd/crypto.h> is
still needed.
Robert Bartel [Fri, 10 Mar 2023 18:31:52 +0000 (18:31 +0000)]
Fixing buffer overflow issue in chat.c
There were two issues here, the report_buffer is too small to hold the
value, and accessing the memory outside its bounds. The following fixes
was made:
- Expand the size of report_buffer to 4096 from 256, this is to account
for handling of really long GSM USSD report strings
- Make sure to not to access memory outside the bounds of the buffer
Signed-off-by: Robert Bartel <r.bartel@gmx.net> Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Eivind Næss [Thu, 16 Mar 2023 23:13:25 +0000 (16:13 -0700)]
Fix several issues uncovered by Coverity (#397)
* Fix for coverity issue 436265, we should cap copy to size of destination buffer
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
* Fix for coverity issue 436262, llv6_ntoa() returns a pointer to a buffer that can be up to 64 bytes long; likely not a problem, but this will quiet coverity
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
* Fix for coverity issue 436251, not freeing path in the normal flow of the code
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
* Fixing coverity issue #436258, Digest maybe uninitialized in some paths of this code
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
* Fix for coverity issue 436254, forgot to free 's' before returning from the function?
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
* Fixing coverity issue #436251, memory leak in put_string() function
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
* Fixing coverity issue 436215, should copy at most sizeof(devname) bytes
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
* Fixing coverity issue #436203, if no authentication (or no accounting) server was found, we still need to free the allocated local instance
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
* Fixing coverity issue #436171, use of uninitialized variable
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
* Use of signed vs unsigned variable in printf for MD4Update
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
* Fixing coverity issue #436182, fixing possible buffer overrun in handling of PW_CLASS attribute
Eivind Næss [Sat, 21 Jan 2023 06:12:58 +0000 (22:12 -0800)]
Header file reorganization and cleaning up the public API for pppd version 2.5.0 (#379)
This commit does several things, being a squash-and-merge of a series
of changes; squashed in order not to break bisection.
* Clean up pppd.h, moving declarations that should only be accessed by
pppd code (not by users of pppd) to a new pppd-private.h. Also,
other parts of pppd.h were moved to multilink.h, chap.h, eap.h,
eui64.h, and a new options.h.
* Provide an API for access to data that is needed by plugins (in no
particular order):
- ifname
- ifunit
- remote_name
- remote_number
- peer_authname
- status (now called "code" internally)
- phase
- doing_multilink
- multilink_master
- idle_time_limit
- link_connect_time
- max_connect_time
- link_stats
- ipparam
- hostname
- got_sigterm
- got_sigusr2
- got_sighup
- session_number
- maxoctets
- maxoctets_dir
- debug
- persist
- devnam
- modem
- peer_authname
- sync_serial
* Update the version number to 2.5.0.
* Detect availability of stddef.h and stdarg.h.
* Rename some headers:
- pppcrypt.c/h to crypto_ms.c/h
- ppp-crypto.c/h to crypto.c/h
- ppp-crypto-priv.h to crypto-priv.h
- chap-new.c/h to chap.c/h
* Remove chap-md5.h, crypto-priv.h, eap-tls.h, etc. from the list of
header files to be installed.
* Provide typedefs for the hook functions.
* Provide a typedef for the "phase" variable.
* Provide a typedef for the link statistics array.
* Remove the option_t typedef.
* Rename the following functions by adding a "ppp_" prefix (with the
intention that these are a "public" API for use by plugins):
- option_error
- add_options
- int_option,
- options_from_file
- script_setenv
- bad_ip_adrs,
- netif_get/set_mtu (renamed to ppp_get/set_mtu)
- get_time
- timeout
- untimeout
- safe_fork
- sys_close
- set_session_number
- update_link_stats (renamed to ppp_get_link_stats)
- add_notifier (renamed to ppp_add_notify)
- remove_notifier (renamed to ppp_del_notify)
- generic_[dis]establish_ppp (to ppp_generic_[dis]establish)
* Rename ppp_devnam to ppp_devname.
* Rename ppp_available() to ppp_check_kernel_support().
* Use unsigned char instead of u_char, unsigned short instead of
u_short, uint32_t instead of u_int32_t.
* Add const to some declarations
* Update comments
* Change the interface for notifiers to use an enum to identify which
notifier is to be modified.
* Provide an API for getting the path to a file, with an enum to
identify different types of file.
* Link plugins with the -DPLUGIN flag
[paulus@ozlabs.org - wrote commit message]
Signed-off-by: Eivind Næss <eivnaes@yahoo.com> Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Jaco Kroon [Fri, 16 Dec 2022 19:09:31 +0000 (21:09 +0200)]
radius: distinguish between User-Request and Admin-Reset.
For the purposes of our definition:
User-Request - remote side hanging up.
Admin-Reset - local side hanging up.
Reasoning is that typically radius will be used to authentication
dial-in users, so if the pppd gets killed locally, that's not the User
(client) requesting hangup, but rather the local administrator (be that
a manual kill, or as a result of a CoA/Disconnect).
Paul Mackerras [Mon, 5 Dec 2022 06:33:48 +0000 (17:33 +1100)]
pppd: Fix spurious LCP echo failures with lcp-echo-adaptive option
If the lcp-echo-adaptive option is specified, it means that seeing
received traffic on the link is considered to be an indication that
the link is working. Hence, this resets the count of missing LCP
echo-replies to 0 when traffic is seen. Without this, occasional
echo failures interspersed with link traffic can accumulate and end up
causing a disconnection even when the link is working correctly.
Paul Mackerras [Sat, 26 Nov 2022 07:18:03 +0000 (18:18 +1100)]
chat: Improve signal handling
This improves the way that signals are handled in chat.
First, signal handlers should not be calling functions which are not
async-signal-safe; doing so incurs the possibility of deadlock. Thus
we can't call fatal() in signal handlers; instead we set 'fatalsig',
which functions both as a flag and as an indication of which signal
occurred, and check that at various points (basically after any
operation which might block) using the new function checksigs().
Secondly, using sigaction rather than signal() means that we can
control whether calls such as read() get restarted after a signal, and
whether the signal disposition gets reset when the signal is
delivered. That simplifies sigalrm(); we no longer need to
re-register the handler, and we don't need the kludge of setting stdin
to non-blocking mode in order to get the read() in get_char() to
return.
This also removes a #ifdef ultrix since ultrix is no longer supported.
1. Use uppercase for `prefix` parameter
`SYSTEMD_CFLAGS` is used elsewhere so `prefix` cannot be lowercase.
https://autotools.info/pkgconfig/pkg_check_modules.html
2. The module name should be `libsystemd`
Previously it will result in the following compile error when building pppd/auth.c:
> /usr/bin/ld: pppd-auth.o: undefined reference to symbol 'sd_notify@@LIBSYSTEMD_209'
> /usr/bin/ld: /usr/lib/libsystemd.so.0: error adding symbols: DSO missing from command line
This is due to missing `-lsystemd-daemon` flag which is provided by `libsystemd-daemon-devel`
package on Debian or `systemd-libs` on ArchLinux. And the proper .pc file in the package is
`libsystemd` not `systemd`.
https://stackoverflow.com/a/38303241
Pali Rohár [Sat, 7 Aug 2021 17:48:01 +0000 (19:48 +0200)]
pppd: Retry registering interface when on rtnetlink -EBUSY error
Due to workaround in kernel module ppp_generic.ko in function
ppp_nl_newlink(), kernel may return -EBUSY error to prevent possible
mutex deadlock. In this case userspace needs to retry its request.
Proper way would be to fix kernel module to order requests and mutex
locking, so prevent deadlock in kernel and so never return this error to
userspace. Until it happens we need retry code in userspace.
Eivind Næss [Wed, 3 Aug 2022 15:46:28 +0000 (08:46 -0700)]
Create a new API to abstract the crypto functions used by pppd.
This re-introduces the missing DES encryption functions copied from Openssl 3.0 project. Incorporates a new API for performing MD4/MD5/SHA and encryption using DES-ECB mode.
Unit tests are included for respective digest/encryption functions using this new API. With this change, you can pass configure --without-openssl to use the internally provided functions. If you do have openssl, then it will default to use these functions. This also provides a framework to allow other vendors to provide crypto.
This closes #333, partially addresses #242 (except the pkcs11 engine support). Word has it that openssl is working on support for this, and the libp11 / opensc project are inclined not to support this.
pali [Tue, 9 Aug 2022 09:20:15 +0000 (11:20 +0200)]
pppd: Workaround for generating ppp unit id on Linux (#355)
Linux kernel has nasty bug / feature. If PPPIOCNEWUNIT is called with
negative ppp unit id (which is default option when command line argument
"unit" is not specified; and tells kernel to choose some free ppp unit id)
and the lowest unused/free ppp unit id is present in some existing network
interface name prefixed by "ppp" string then this PPPIOCNEWUNIT ioctl
fails. In this case kernel is basically unable to create a new ppp
interface via PPPIOCNEWUNIT ioctl when user does not specify some unused
and non-conflicted unit id.
Linux kernel should be fixed to choose usable ppp unit id when was
requested via PPPIOCNEWUNIT parameter -1.
Until this happens, add a workaround for pppd to help choosing some random
ppp unit id when kernel returns this error.
Simple test case (run on system when there is no ppp interface):
sudo ./pppd ifname ppp1 nodefaultroute noauth nolock local nodetach pty "./pppd nodefaultroute noauth nolock local nodetach notty"
Second pppd process without this patch prints into syslog following error:
pppd 2.4.10-dev started by pali, uid 0
Couldn't create new ppp unit: File exists
Exit.
With this patch it falls back to random ppp unit id and succeeds:
pppd 2.4.10-dev started by pali, uid 0
Using interface ppp1361
Connect: ppp1361 <--> /dev/pts/14
...
This was previously done by specifying an overriding value for _ROOT_PATH. With this change, this variable is now gone.
Instead, pathnames.h will use the SYSCONFDIR and LOCALSTATEDIR to resolve these paths. These directories is already controlled by
configure.
Package maintainers should be aware though that this may change their current configuration. The convential ./configure way is to
specify:
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var/run --with-plugin-dir=/usr/lib/pppd/2.4.10
If one omit the --sysconfdir option, then the default location is by ${prefix}/etc which may not be what you want.
Paul Mackerras [Fri, 5 Aug 2022 04:06:33 +0000 (14:06 +1000)]
pppd: Fix compilation on Linux when IPV6 is disabled (#360)
This rearranges the PPP_WITH_IPV6CP guards added in commit 80b8744eb42c ("Changing INET6 to PPP_WITH_IPV6CP and adding configure
option", 2021-08-06) so that we (a) always include the rtnetlink
headers, since we need them for get_ppp_stats_rtnetlink(), and (b)
don't include eui64.h unless we have IPV6 support.
Fixes: 80b8744eb42c ("Changing INET6 to PPP_WITH_IPV6CP and adding configure option") Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Paul Mackerras [Thu, 4 Aug 2022 02:23:08 +0000 (12:23 +1000)]
pppdump: Avoid out-of-range access to packet buffer
This fixes a potential vulnerability where data is written to spkt.buf
and rpkt.buf without a check on the array index. To fix this, we
check the array index (pkt->cnt) before storing the byte or
incrementing the count. This also means we no longer have a potential
signed integer overflow on the increment of pkt->cnt.
Fortunately, pppdump is not used in the normal process of setting up a
PPP connection, is not installed setuid-root, and is not invoked
automatically in any scenario that I am aware of.
Eivind Næss [Mon, 30 May 2022 05:14:08 +0000 (22:14 -0700)]
For Linux, use the Linux / Glibc based defines instead of included headers
This is to ensure compatibility with the OS you are compiling against and that
headers are maintained in upstream projects.
- Moved PPP_EAP and PPP_ECP into respective header files in lieu of not currently
existing in the linux/ppp_defs.h
- Unchained the top-level ${topsrc_dir}/include, this folder is included for
prosterity and may continue to exist on github, but in the future eliminated from
distribution
- Bogus upstream file in glibc for <net/if_ppp.h>, its content should be replaced
with a simple include to <linux/ppp-ioctl.h>. The lack of an appropriate ifreq
structure with ppp_stats or ppp_comp_stats, implementet that inline (and tested).
- Updated instances where PPP_FCS() macro would expand the fcstab, while PPP_GOODFCS
and PPP_INITFCS is provided in <linux/ppp_defs.h>, the latter is tied to a lookup
table. It's used in two places, so add the PPP_FCS macro where applicable.
Cleanup in pppd/pppd.h, eliminate unecessary headers
This removes the need to include the following heades in pppd.h
<limits.h>, this is included where needed (main.c). The number of groups already retrieved is stored in the "int ngroups" variable.
<sys/params.h>, use MAXPATHLEN where needed
<net/if.h>, such that the value of IFNAMSIZ doesn't have to be declared to include <pppd/pppd.h>
Eivind Næss [Tue, 10 Aug 2021 23:38:45 +0000 (16:38 -0700)]
Fix include paths for plugins to use the public API of pppd
This change does a few different things.
* Projects that needs #include "config.h" should use a config.h.in for the project generated by configure in the project's local directory.
* All projects will use #include <pppd/pppd.h>, and Makefile will add -I${top_srcdir} to the appropriate *_CPPFLAGS variable.
* The inclusion of <pppd/pppdconf.h> will set the presidence for all features enabled/disabled in pppd
* Plugins will now need to use PPPD_VERSION as it conflicts with VERSION from config.h generated by autotools for third party packages
Currently, only pppoe require the use of config.h to correctly set the defines for which header files and so on was detected by configure
Other projects only needed to include <pppd/pppd.h> (and maybe a few other header files), a future change will fixup <pppd/pppd.h> to include features as needed such that it's the only needed include for a plugin. This will avoid littering the code with #ifdef/#endif constructs.
BREAKING CHANGE!
pppd/pppd.h no longer provide VERSION, third party packages are required to switch to use PPPD_VERSION. This is to avoid conflict with a source package's own VERSION as set by autotools / config.h. Also, the use of PPP_VERSION conflicts with public header files from Glibc/Linux kernel.
Example:
char pppd_version[] = PPPD_VERSION;
pppd will load plugins, and also look for the symbol "pppd_version" to validate that the plugin was built for the current version of pppd.
Eivind Næss [Sat, 7 Aug 2021 21:15:01 +0000 (14:15 -0700)]
Removing patchlevel.h
The significance of this headerfile has now been reduced as pppd now provides
pppd.pc (pkgconfig) and autotools to configure the project. Other projects can
now also configure the correct path variable:
e.g. /usr/lib/x86_64-linux-gnu/pppd/2.4.10/...
To both consider the architecture and version via pkg-tool. The only consideration
would be the missing DATE directive. But I am less worried about that as the entire
release process has now been changed with the introduction of autotools.
Also fixing up pppd/pppdconf.h.in to remove quotes around the defines
Eivind Næss [Fri, 6 Aug 2021 17:06:17 +0000 (10:06 -0700)]
Changing defines for CHAPMS, MSLANMAN, MPPE to prefix with PPP_WITH_*
To avoid bleeding over to third party projects. They are all
defined and exported by pppdconf.h either way. These projects
will stil have a consistent view of how pppd was compiled.
Eivind Næss [Fri, 6 Aug 2021 16:14:02 +0000 (09:14 -0700)]
Changing INET6 to PPP_WITH_IPV6CP and adding configure option
Based on feedback on PR #296, the option ipv6-support seems inconsistent
with the existing ipxcp option. Futhermore, the #define has been renamed
to avoid bleeding into third party projects.
pppdconf.h is already distributed and will define or undefine the
PPP_WITH_IPV6CP define.
pppd: Add support for registering ppp interface via Linux rtnetlink API
pppd currently creates ppp network interface via PPPIOCNEWUNIT ioctl API.
This API creates a new ppp network interface named "ppp<unit_id>". If user
supply option "ifname" with custom network name then pppd calls SIOCSIFNAME
ioctl to rename "ppp<unit_id>" to custom name immediately after successful
PPPIOCNEWUNIT ioctl call. If custom name is already registered then
SIOCSIFNAME ioctl fails and pppd close current channel (which destroy also
network interface).
This has side effect that in the first few miliseconds interface has
different name as what user supplied.
Tools like systemd, udev or NetworkManager are trying to query
interface attributes based on interface name immediately when new
network interface is created.
But if interface is renamed immediately after creation then these tools
fails. For example when running pppd with option "ifname ppp-wan" following
error is reported by systemd / udev into dmesg log:
[ 35.718732] PPP generic driver version 2.4.2
[ 35.793914] NET: Registered protocol family 24
[ 35.889924] systemd-udevd[1852]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
[ 35.901450] ppp-wan: renamed from ppp0
[ 35.930332] systemd-udevd[1852]: link_config: could not get ethtool features for ppp0
[ 35.939473] systemd-udevd[1852]: Could not set offload features of ppp0: No such device
There is an easy way to fix this issue: Use new rtnetlink API.
Via rtnetlink API it is possible to create ppp network interface with
custom ifname atomically. Just it is not possible to specify custom ppp
unit id.
So use new rtnetlink API when user requested custom ifname without custom
ppp unit id. This will avoid system issues with interface renaming as ppp
interface is directly registered with specified final name.
This has also advantage that if requested interface name already exists
then pppd fail during registering of networking interface and not during
renaming network interface which happens after successful registration.
If user supply custom ppp unit id then it is required to use old ioctl API
as currently it is the only API which allows specifying ppp unit id.
When user does not specify custom ifname stay also with old ioctl API.
There is currently a bug in kernel which cause that when empty interface is
specified in rtnetlink message for creating ppp interface then kernel
creates ppp interface but with pseudo-random name, not derived from ppp
unit id. And therefore it is not possible to retrieve what is the name of
newly created network interface. So when user does not specify interface
name via "ifname" option (which means that want from kernel to choose some
"free" interface name) it is needed to use old ioctl API which do it
correctly for now.
eap-tls.c: In function 'ssl_msg_callback':
eap-tls.c:1284:10: error: 'SSL3_RT_HEADER' undeclared (first use in this function); did you mean 'SSL3_RT_ALERT'?
1284 | case SSL3_RT_HEADER:
| ^~~~~~~~~~~~~~
| SSL3_RT_ALERT
Paul Mackerras [Mon, 4 Jul 2022 07:37:31 +0000 (17:37 +1000)]
pppd: Add dummy noipx option
Add "noipx" as an option that does nothing to avoid breaking
installations that have "noipx" in /etc/ppp/defaults or wherever.
(The IPX-related options were removed by commit c2881a6b71a3 ("pppd:
Drop linux IPX support (#326)", 2022-01-13)).
Jaco Kroon [Tue, 17 May 2022 08:05:27 +0000 (10:05 +0200)]
pppd/auth: Pass ipparam to auth-up and auth-down scripts
ipparam is the only way a system administrator has of passing arbitrary
information from options files to scripts, and this may be useful during
auth-up in particular. (If upstream pppd had support for an auth-fail
script, it could be useful there too.)
Signed-off-by: Jaco Kroon <jaco@uls.co.za> Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Need to update the esp->ea_client.ea_namelen variable. A plugin can override the
name of the user, and the variable is passed onto the eap_chap2_response generating
the wrong response length.
Richard Purdie [Thu, 13 Jan 2022 06:48:14 +0000 (06:48 +0000)]
pppd: Drop linux IPX support (#326)
The 5.15 Linux kernel has removed ipx support, along with the userspace
visible header. This support wasn't very well maintained in the kernel
for several years so drop the support from ppp as well since this won't
be usable in future.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jaco Kroon [Thu, 13 Jan 2022 06:38:04 +0000 (08:38 +0200)]
Expand byte count statistics to 64 bits (#298)
* Add Gigawords to radius packets where applicable.
IMPORTANT NOTE: The ioctl() only supports 32-bit counters. In order t
obtain 64-bit counters, these are now pulled in from sysfs (it's assumed
to be mounted on /sys which I'm assuming is standard).
It is unknown whether sysfs will be available everywhere, as such, keep
the ioctl() method in place, but attempt to detect wrap-overs.
If the sysfs mechanism fails, fail back to the ioctl().
Given maximum data rates, the intervals between calling this needs to be
such that no more than 4GB (2^32) bytes are sent or received in any
given interval. Mostly important for radius plugin where data
accounting may be in effect.
Towards this, a timer interval on 25 seconds is set to force a ioctl()
poll irrespective of the rate of stats update calls. This may be
important for especially radius that needs to provide interim-update
intervals, if the interim updates is too long and the counters could
wrap-over twice in a single interval. At 25 seconds we should detect
all wraps up to an effective data rate of 1.37Gbps, which for my
purposes is adequate.
Possible downsides, 4 files are opened, read and closed every time
statistics is requested. This results in 12 system calls every single
time statistics is required, compared to 1 for the ioctl. Efficiency is
unknown, but as a rule of thumb fewer system calls are better, this is
however not a critical path in my opinion, so should not be a problem.
If required I can run a few benchmarks using gettimeofday() to measure
actual impact.
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
* Use netlink if possible to obtain 64-bit stats.
This uses two system calls per round.
This should be preferred where available. It seems the RTM_GETSTATS was
only added from 2016 some point (4.7.0 as per pali), which is in my
opinion old, but given experience with certain embedded systems does
need to be supported.
Pali Rohár [Tue, 21 Dec 2021 17:10:27 +0000 (18:10 +0100)]
pppoe-discovery: Remove duplicate and unused includes
Some of specified include header files in pppoe-discovery.c are duplicate
and some of them are unused. Remove all these include lines which are not
needed.
projects / ppp.git / log