123350 – Peer is not allowed to use address [ip-address]

Bug 123350 - Peer is not allowed to use address [ip-address]

Summary: Peer is not allowed to use address [ip-address]

Keywords:
Status:	CLOSED INSUFFICIENT_DATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	ppp
Sub Component:
Version:	1
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Thomas Woerner
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2004-05-17 14:17 UTC by Marco Tagliabue
Modified:	2008-08-02 23:40 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2006-10-25 20:09:10 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Marco Tagliabue 2004-05-17 14:17:24 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6)
Gecko/20040113

Description of problem:
When configured as a ppp server pppd fails to accept a link from
another host giving this message in the log:
"Peer is not allowed to use address [ip-address]".

This seems to have no relation with the address itself.

The same does not happen on a RedHat 9.0 box with the same ppp
configuration.

I've tried to specify a cuple of addresses in options.ttyXXX file and
not specyfying any. Nothing changes. 

I'm using following options in pppd on the server side
-chap
+pap
login
debug
netmask 255.255.255.0
192.9.201.12:192.9.201.13

I've also tried a downgrade of ppp to ppp-2.4.1-10, which is the one
I'm using on RedHat 9.0 but it gives no benefit.


Version-Release number of selected component (if applicable):
ppp-2.4.1-15

How reproducible:
Always

Steps to Reproduce:
1.Just confiugure Fedora as a ppp server.
2.Try to connect from another host.
3.

Actual Results:  You should see that pppd on the server machine drops
the connection and gives a message in the log file saying:
"Peer is not allowed to use address [ip-address]".

Expected Results:  pppd should go on without messages and allow the
Peer to adopt the address.

Additional info:

In order to temporarily fix the problem I've modified the
auth_ip_addr() funcion in auth.c file.
I've just added "return 1" in order to have my address allowed.
Then I've recomplied and installed.
It works, but I'm not really understanding where the problem is coming
from.

/*
 * auth_ip_addr - check whether the peer is authorized to use
 * a given IP address.  Returns 1 if authorized, 0 otherwise.
 */
int
auth_ip_addr(unit, addr)
    int unit;
    u_int32_t addr;
{
    int ok;

    /* don't allow loopback or multicast address */
    if (bad_ip_adrs(addr))
	return 0;


    if (addresses[unit] != NULL) {
	ok = ip_addr_check(addr, addresses[unit]);
	if (ok >= 0)
	    return ok;
    }

    return 1;  /* THIS IS MY MODIFICATION*/

    if (auth_required)
	return 0;		/* no addresses authorized */
    return allow_any_ip || privileged || !have_route_to(addr);
}

Comment 1 Thomas Woerner 2004-06-17 13:29:49 UTC

Can you reproduce this problem with ppp-2.4.2-2 (fc2)?

Comment 2 John Thacker 2006-10-25 20:09:10 UTC

Closed per above message and lack of response.  Note that FC1 and FC2 are not even
supported by Fedora Legacy anymore.

Note You need to log in before you can comment on or make changes to this bug.