lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20200930210707.10717-3-tparkin@katalix.com>
Date:   Wed, 30 Sep 2020 22:07:03 +0100
From:   Tom Parkin <tparkin@...alix.com>
To:     netdev@...r.kernel.org
Cc:     jchapman@...alix.com, Tom Parkin <tparkin@...alix.com>
Subject: [PATCH net-next 2/6] l2tp: tweak netlink session create to allow L2TPv2 ac_pppoe

When creating a session in an L2TPv2 tunnel, l2tp_netlink performs
some sanity checking of pseudowire type to prevent L2TPv3 pseudowires
from being instantiated in L2TPv2 tunnels.

To support PPPoE access concentrator functionality the L2TP subsystem
should allow PPP_AC pseudowires to be created in L2TPv2 tunnels.

Extend the l2tp_netlink sanity check to support PPP_AC.

Signed-off-by: Tom Parkin <tparkin@...alix.com>
---
 net/l2tp/l2tp_netlink.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/net/l2tp/l2tp_netlink.c b/net/l2tp/l2tp_netlink.c
index 7045eb105e6a..8ef1a579a2b1 100644
--- a/net/l2tp/l2tp_netlink.c
+++ b/net/l2tp/l2tp_netlink.c
@@ -560,8 +560,14 @@ static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *inf
 		goto out_tunnel;
 	}
 
-	/* L2TPv2 only accepts PPP pseudo-wires */
-	if (tunnel->version == 2 && cfg.pw_type != L2TP_PWTYPE_PPP) {
+	/* L2TPv2 only accepts PPP pseudowires, which may be identified as
+	 * either L2TP_PWTYPE_PPP for locally-terminating PPP sessions, or
+	 * L2TP_PWTYPE_PPP_AC for the Access Concentrator case where the PPP
+	 * session is passed through the tunnel for remote termination.
+	 */
+	if (tunnel->version == 2 &&
+	    cfg.pw_type != L2TP_PWTYPE_PPP &&
+	    cfg.pw_type != L2TP_PWTYPE_PPP_AC) {
 		ret = -EPROTONOSUPPORT;
 		goto out_tunnel;
 	}
-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ