Page MenuHomeVyOS Platform
Create Task
Maniphest T2829

PPPoE server: mppe setting is implemented as node instead of leafNode
Closed, ResolvedPublicBUG
Actions

Description

PPPoE server supports setting the MPPE preferences, it is implemented as node with leafnodes for require, prefer and deny. This will render a wrong Accel configuration as it will be "None" if specified.

+pppoe-server {
+    ppp-options {
+        mppe {
+            deny
+            require
+        }
+    }
+}

it must be:

+pppoe-server {
+    ppp-options {
+        mppe require
+    }
+}

The first version renders the following AccelPPP configuration:

[ppp]
mppe=None

Accel docs: https://accel-ppp.readthedocs.io/en/latest/configuration/ppp.html?highlight=mppe

Details

Version
1.3-rolling-202008260118
Is it a breaking change?
Unspecified (possibly destroys the router)

Related Objects

Event Timeline

c-po created this task.Aug 26 2020, 5:54 PM
c-po changed the task status from Open to In progress.
c-po claimed this task.
Unknown Object (User) subscribed.Aug 26 2020, 5:56 PM
c-po updated the task description. (Show Details)Aug 26 2020, 5:59 PM
c-po added a comment.Aug 26 2020, 6:01 PM

https://github.com/vyos/vyos-1x/commit/12f566f4566c8ef115b15f0c11280cb3ea9a7673

c-po closed this task as Resolved.Aug 26 2020, 6:01 PM
c-po changed the task status from Resolved to Unknown Status.
c-po triaged this task as Normal priority.
c-po edited a custom field.
c-po added a project: VyOS 1.2 Crux (VyOS 1.2.6).
c-po added a comment.Aug 26 2020, 6:04 PM

There can not be a config migrator, thus the setting will be changed to "prefer" (default) which will not break any client implementations

c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.Aug 26 2020, 6:08 PM
c-po moved this task from Needs Triage to In Progress on the VyOS 1.2 Crux (VyOS 1.2.6) board.
c-po mentioned this in rVYOSONEX1bb1a388dba4: pppoe-server: T2829: bugfix MPPE node definition.Aug 26 2020, 6:10 PM
c-po changed the task status from Unknown Status to Resolved.Aug 26 2020, 6:10 PM
c-po moved this task from In Progress to Finished on the VyOS 1.2 Crux (VyOS 1.2.6) board.
c-po mentioned this in rVYOSONEXefeac80f8281: pppoe-server: T2829: migrate 'ppp-options mppe' to leafNode.Aug 26 2020, 6:20 PM
pasik subscribed.Aug 27 2020, 7:34 AM
marekm subscribed.Oct 2 2020, 2:16 AM
In T2829#73944, @c-po wrote:

There can not be a config migrator, thus the setting will be changed to "prefer" (default) which will not break any client implementations

Actually it broke MikroTik PPPoE client (my home router) which disconnects with "No compression negotiated" error, still worked with 1.2.5 and 1.2.6-epa1 but not with 1.2.6-S1 until I added "set service pppoe-server ppp-options mppe 'deny'" to the config.

MPPE being old (and Microsoft...) is probably not considered secure anymore.

c-po mentioned this in rVYOSONEX0fb210da13c9: pppoe-server: T2829: fix broken migration script (exit called).Oct 4 2020, 10:47 AM
c-po reopened this task as In progress.Oct 4 2020, 10:48 AM
c-po mentioned this in T2959: PPPoE server has migrations scripts but the config version is not incrememnted.Oct 4 2020, 11:25 AM
c-po mentioned this in rVYOSONEX7613fb4d98a7: pppoe-server: T2829: add missing migrator for mppe leafNode.Oct 4 2020, 4:36 PM
c-po added a comment.Oct 4 2020, 4:36 PM

@marekm I've reproduced your issue and fixed it for 1.2.7 - Thanks for reporting.

c-po closed this task as Resolved.Oct 4 2020, 4:38 PM
c-po mentioned this in rVYOSONEX3691fa4aa76b: pppoe-server: T2829: shift config migrators by one.Oct 4 2020, 4:49 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Aug 30 2022, 2:03 PM
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.