提交 695ad876 编写于 作者: D David S. Miller

Merge branch 'l2tp-l2tp_ppp-must-ignore-non-PPP-sessions'

Guillaume Nault says:

====================
l2tp: l2tp_ppp must ignore non-PPP sessions

The original L2TP code was written for version 2 of the protocol, which
could only carry PPP sessions. Then L2TPv3 generalised the protocol so that
it could transport different kinds of pseudo-wires. But parts of the
l2tp_ppp module still break in presence of non-PPP sessions.

Assuming L2TPv2 tunnels can only transport PPP sessions is right, but
l2tp_netlink failed to ensure that (fixed in patch 1).
When retrieving a session from an arbitrary tunnel, l2tp_ppp needs to
filter out non-PPP sessions (last occurrence fixed in patch 2).
====================
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
...@@ -553,6 +553,12 @@ static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *inf ...@@ -553,6 +553,12 @@ static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *inf
goto out_tunnel; goto out_tunnel;
} }
/* L2TPv2 only accepts PPP pseudo-wires */
if (tunnel->version == 2 && cfg.pw_type != L2TP_PWTYPE_PPP) {
ret = -EPROTONOSUPPORT;
goto out_tunnel;
}
if (tunnel->version > 2) { if (tunnel->version > 2) {
if (info->attrs[L2TP_ATTR_DATA_SEQ]) if (info->attrs[L2TP_ATTR_DATA_SEQ])
cfg.data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); cfg.data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]);
......
...@@ -1201,7 +1201,7 @@ static int pppol2tp_tunnel_ioctl(struct l2tp_tunnel *tunnel, ...@@ -1201,7 +1201,7 @@ static int pppol2tp_tunnel_ioctl(struct l2tp_tunnel *tunnel,
l2tp_session_get(sock_net(sk), tunnel, l2tp_session_get(sock_net(sk), tunnel,
stats.session_id); stats.session_id);
if (session) { if (session && session->pwtype == L2TP_PWTYPE_PPP) {
err = pppol2tp_session_ioctl(session, cmd, err = pppol2tp_session_ioctl(session, cmd,
arg); arg);
l2tp_session_dec_refcount(session); l2tp_session_dec_refcount(session);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册