lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150703154155.GA19294@jackdaw>
Date:	Fri, 3 Jul 2015 16:41:56 +0100
From:	Tom Parkin <tparkin@...alix.com>
To:	Sam Protsenko <semen.protsenko@...aro.org>
Cc:	James Chapman <jchapman@...alix.com>,
	"David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	Sumit Semwal <sumit.semwal@...aro.org>
Subject: Re: problems with L2TP

Hi Sam,

On Fri, Jul 03, 2015 at 04:49:51PM +0300, Sam Protsenko wrote:
> Hi,
> 
> I'm having issues running user-space code, which uses net/l2tp/l2tp_ppp.c.
> The code is supposed to be running in LAC mode (which is I believe is default).
> My server configuration described here: https://wiki.linaro.org/LMG/Kernel/PPP
> 
> I was trying to use next code snippets as user-space part:
>   1. Code example from comments in net/l2tp/l2tp_ppp.c
>   2. Code examples from Documentation/networking/l2tp.txt
>   3. Code from this project: http://www.kvack.org/~bcrl/pppol2tp/multihop.c
> 
> Basically, I was trying two options for user-space code:
>   1. Creating only one sockaddr_pppol2tp, like this:
> 
>     <<<<<<<<<<<<<<<<<<<<<< cut here >>>>>>>>>>>>>>>>>>
>     session_fd = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP);
>     session_sa.sa_family = AF_PPPOX;
>     session_sa.sa_protocol = PX_PROTO_OL2TP;
>     session_sa.pppol2tp.fd = udp_fd;
>     session_sa.pppol2tp.s_tunnel = local_tunnel;
>     session_sa.pppol2tp.s_session = local_session;
>     session_sa.pppol2tp.d_tunnel = remote_tunnel;
>     session_sa.pppol2tp.d_session = remote_session;
>     connect(session_fd, (struct sockaddr *)&session_sa,
>             sizeof(session_sa));
>     <<<<<<<<<<<<<<<<<<<<<< cut here >>>>>>>>>>>>>>>>>>
> 
>     In that case user-space tool was failing on connect() call.
> 
>   2. Creating two sockaddr_pppol2tp, like this:
> 
>     <<<<<<<<<<<<<<<<<<<<<< cut here >>>>>>>>>>>>>>>>>>
> 
>     tunnel_fd = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP);
>     tunnel_sa.sa_family = AF_PPPOX;
>     tunnel_sa.sa_protocol = PX_PROTO_OL2TP;
>     tunnel_sa.pppol2tp.fd = the_socket; /* UDP socket */
>     tunnel_sa.pppol2tp.s_tunnel = local_tunnel;
>     tunnel_sa.pppol2tp.s_session = 0; /* special case: mgmt socket */
>     tunnel_sa.pppol2tp.d_tunnel = remote_tunnel;
>     tunnel_sa.pppol2tp.d_session = 0; /* special case: mgmt socket */
>     connect(tunnel_fd, (struct sockaddr *)&tunnel_sa,
>             sizeof(tunnel_sa));
> 
>     session_fd = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP);
>     session_sa.sa_family = AF_PPPOX;
>     session_sa.sa_protocol = PX_PROTO_OL2TP;
>     session_sa.pppol2tp.fd = udp_fd;
>     session_sa.pppol2tp.s_tunnel = local_tunnel;
>     session_sa.pppol2tp.s_session = local_session;
>     session_sa.pppol2tp.d_tunnel = remote_tunnel;
>     session_sa.pppol2tp.d_session = remote_session;
>     connect(session_fd, (struct sockaddr *)&session_sa,
>             sizeof(session_sa));
>     <<<<<<<<<<<<<<<<<<<<<< cut here >>>>>>>>>>>>>>>>>>
> 
>     In this case my user-space tool works fine, but my server shows
> next errors in /var/log/syslog:
> 
>     <<<<<<<<<<<<<<<<<<<<<< cut here >>>>>>>>>>>>>>>>>>
>     Jul  3 16:32:49 joe-laptop xl2tpd[2978]: Can not find tunnel 25061
> (refhim=0)
>     Jul  3 16:32:49 joe-laptop xl2tpd[2978]: network_thread: unable to
> find call or tunnel to handle packet.  call = 48566, tunnel = 25061
> Dumping.
>     <<<<<<<<<<<<<<<<<<<<<< cut here >>>>>>>>>>>>>>>>>>
> 
> UDP socket was created next way (for both cases):
> https://android.googlesource.com/platform/external/mtpd/+/0269612ac00a0700997dda333faf0a3c33a388b8/mtpd.c#253
> 
> (see the_socket variable in create_socket() function).
> 
> So my questions are:
> 1. Am I doing something wrong in userspace part? Because my server
> part is working fine with Android kernel implementation of LAC
> (drivers/net/ppp/pppolac.c). When I'm trying to do the same with
> mainline kernel implementation of LAC -- I'm having issues described
> above.

The second approach looks good to me.  Note that the session only
stays up as long as session_fd is open.

How is the tunnel/session being created on the server side?  How are
you deriving the session and tunnel IDs?  The fact that xl2tp is
complaining about being unable to find tunnel IDs suggests that data
is arriving there but that something isn't correctly configured at
that end.

> 2. Do we have some testing code for L2TP (particularly LAC)? Or maybe
> just some working user-space code sample?
> 
> Thanks!
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

-- 
Tom Parkin
Katalix Systems Ltd
http://www.katalix.com
Catalysts for your Embedded Linux software development

Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ