Todo list for l2tpd

These are things that I consider major outstading bugs in l2tpd. This is not the equivalent to Bugzilla or anything like that as this is a page that I manually update, so this page is only for major bugs that may take some time to fix.

Clean up issues with memory alignments

There are many places in l2tpd where the code assumes that it is dealing with x86 memory alignment rules. Stuff like taking a buffer and casting it as an in memory data structure. While this works OK (but certainly isn't clean) for the x86 architecture, its one of the things that causes problems when trying to compile l2tpd on other architectures.

The inclusion of a NULL byte in the challenge will foul up challenge-response authentication.

Because much of the code involved in the challenge response authentication mechanism uses string functions, strlen() for example, NULL bytes (0x00) in the challenge (possibly in the challenge response as well?) will cause the string functions to not deal with the whole challenge. For example, strlen() is used to control the number of bytes of challenge that is sent to the MD5Update() function. If there is a NULL byte in the challenge, then only the bytes prior to the NULL will get sent into MD5Update(), resulting in an incorrect response being created. We should probably maintain a seperate variable that specifies the number of bytes in the challenge (derived from the length field of the challenge AVP), rather than depending upon strlen().

l2tpd home