On Wed, 2 Feb 2011, Roberto C. Sánchez wrote:
What are your thoughts on the patch provided below by Ilya?
I'll have to check the rfc and do some tests, but it's probably good. Paul
Regards, -Roberto On Wed, Feb 02, 2011 at 07:44:03PM +0300, ilya wrote:Package: xl2tpd Version: 1.2.7+dfsg-1 Severity: important Now xl2tpd cut 2 bytes from incomming frame in LAC mode, if it has offset, before send to pppd. It is two bytes "FF 03" usually. Patch for this mistake: l2tp-offsetpad-error.patch: --- xl2tpd-1.2.7+dfsg.orig/network.c +++ xl2tpd-1.2.7+dfsg/network.c @@ -153,7 +153,7 @@ inline void fix_hdr (void *buf) { int len = 6; if (PSBIT (ver)) - len += 4; + len += 2; if (PLBIT (ver)) len += 2; if (PFBIT (ver)) --- xl2tpd-1.2.7+dfsg.orig/control.c +++ xl2tpd-1.2.7+dfsg/control.c @@ -1299,7 +1299,7 @@ inline int check_payload (struct buffer } } */ if (PSBIT (h->ver)) - ehlen += 4; /* Offset information */ + ehlen += 2; /* Offset information */ if (PLBIT (h->ver)) ehlen += h->length; /* include length if available */ if (PVER (h->ver) != VER_L2TP) @@ -1365,7 +1365,7 @@ inline int expand_payload (struct buffer if (!PFBIT (h->ver)) ehlen += 4; /* Should have Ns and Nr too */ if (!PSBIT (h->ver)) - ehlen += 4; /* Offset information */ + ehlen += 2; /* Offset information */ if (ehlen) { /* @@ -1410,13 +1410,13 @@ inline int expand_payload (struct buffer { r++; new_hdr->o_size = *r; - r++; - new_hdr->o_pad = *r; +// r++; +// new_hdr->o_pad = *r; } else { new_hdr->o_size = 0; - new_hdr->o_pad = 0; +// new_hdr->o_pad = 0; } } else @@ -1548,8 +1548,9 @@ inline int write_packet (struct buffer * /* * Skip over header */ - buf->start += sizeof (struct payload_hdr); - buf->len -= sizeof (struct payload_hdr); + _u16 offset = ((struct payload_hdr*)(buf->start))->o_size; // For FIXME: + buf->start += sizeof(struct payload_hdr) + offset; + buf->len -= sizeof(struct payload_hdr) + offset; c->rx_pkts++; c->rx_bytes += buf->len; --- xl2tpd-1.2.7+dfsg.orig/call.c +++ xl2tpd-1.2.7+dfsg/call.c @@ -52,8 +52,8 @@ void add_payload_hdr (struct tunnel *t, buf->start -= sizeof (struct payload_hdr); buf->len += sizeof (struct payload_hdr); /* Account for no offset */ - buf->start += 4; - buf->len -= 4; + buf->start += 2; + buf->len -= 2; if (!c->fbit && !c->ourfbit) { /* Forget about Ns and Nr fields then */ --- xl2tpd-1.2.7+dfsg.orig/l2tp.h +++ xl2tpd-1.2.7+dfsg/l2tp.h @@ -82,7 +82,7 @@ struct payload_hdr _u16 Ns; /* Optional next sent */ _u16 Nr; /* Optional next received */ _u16 o_size; /* Optional offset size */ - _u16 o_pad; /* Optional offset padding */ +// _u16 o_pad; /* Optional offset padding */ } __attribute__((packed)); #define NZL_TIMEOUT_DIVISOR 4 /* Divide TIMEOUT by this and -- System Information: Debian Release: 6.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages xl2tpd depends on: ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib ii libpcap0.8 1.1.1-2 system interface for user-level pa ii ppp 2.4.5-4 Point-to-Point Protocol (PPP) - da xl2tpd recommends no packages. xl2tpd suggests no packages. -- Configuration Files: /etc/init.d/xl2tpd changed [not included] /etc/xl2tpd/l2tp-secrets [Errno 13] Permission denied: u'/etc/xl2tpd/l2tp-secrets' /etc/xl2tpd/xl2tpd.conf changed [not included] -- no debconf information--- xl2tpd-1.2.7+dfsg.orig/network.c +++ xl2tpd-1.2.7+dfsg/network.c @@ -153,7 +153,7 @@ inline void fix_hdr (void *buf) { int len = 6; if (PSBIT (ver)) - len += 4; + len += 2; if (PLBIT (ver)) len += 2; if (PFBIT (ver)) --- xl2tpd-1.2.7+dfsg.orig/control.c +++ xl2tpd-1.2.7+dfsg/control.c @@ -1299,7 +1299,7 @@ inline int check_payload (struct buffer } } */ if (PSBIT (h->ver)) - ehlen += 4; /* Offset information */ + ehlen += 2; /* Offset information */ if (PLBIT (h->ver)) ehlen += h->length; /* include length if available */ if (PVER (h->ver) != VER_L2TP) @@ -1365,7 +1365,7 @@ inline int expand_payload (struct buffer if (!PFBIT (h->ver)) ehlen += 4; /* Should have Ns and Nr too */ if (!PSBIT (h->ver)) - ehlen += 4; /* Offset information */ + ehlen += 2; /* Offset information */ if (ehlen) { /* @@ -1410,13 +1410,13 @@ inline int expand_payload (struct buffer { r++; new_hdr->o_size = *r; - r++; - new_hdr->o_pad = *r; +// r++; +// new_hdr->o_pad = *r; } else { new_hdr->o_size = 0; - new_hdr->o_pad = 0; +// new_hdr->o_pad = 0; } } else @@ -1548,8 +1548,9 @@ inline int write_packet (struct buffer * /* * Skip over header */ - buf->start += sizeof (struct payload_hdr); - buf->len -= sizeof (struct payload_hdr); + _u16 offset = ((struct payload_hdr*)(buf->start))->o_size; // For FIXME: + buf->start += sizeof(struct payload_hdr) + offset; + buf->len -= sizeof(struct payload_hdr) + offset; c->rx_pkts++; c->rx_bytes += buf->len; --- xl2tpd-1.2.7+dfsg.orig/call.c +++ xl2tpd-1.2.7+dfsg/call.c @@ -52,8 +52,8 @@ void add_payload_hdr (struct tunnel *t, buf->start -= sizeof (struct payload_hdr); buf->len += sizeof (struct payload_hdr); /* Account for no offset */ - buf->start += 4; - buf->len -= 4; + buf->start += 2; + buf->len -= 2; if (!c->fbit && !c->ourfbit) { /* Forget about Ns and Nr fields then */ --- xl2tpd-1.2.7+dfsg.orig/l2tp.h +++ xl2tpd-1.2.7+dfsg/l2tp.h @@ -82,7 +82,7 @@ struct payload_hdr _u16 Ns; /* Optional next sent */ _u16 Nr; /* Optional next received */ _u16 o_size; /* Optional offset size */ - _u16 o_pad; /* Optional offset padding */ +// _u16 o_pad; /* Optional offset padding */ } __attribute__((packed)); #define NZL_TIMEOUT_DIVISOR 4 /* Divide TIMEOUT by this and-- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
-- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
