Always initialise PRNG.
[l2tpns.git] / ppp.c
diff --git a/ppp.c b/ppp.c
index d1258cf..0a0dd45 100644 (file)
--- a/ppp.c
+++ b/ppp.c
@@ -1,6 +1,6 @@
 // L2TPNS PPP Stuff
 
 // L2TPNS PPP Stuff
 
-char const *cvs_id_ppp = "$Id: ppp.c,v 1.53 2005/05/08 06:28:12 bodea Exp $";
+char const *cvs_id_ppp = "$Id: ppp.c,v 1.62 2005/06/02 11:32:31 bodea Exp $";
 
 #include <stdio.h>
 #include <string.h>
 
 #include <stdio.h>
 #include <string.h>
@@ -150,7 +150,6 @@ void processchap(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l)
        {
                LOG(1, s, t, "Unexpected CHAP message\n");
                STAT(tunnel_rx_errors);
        {
                LOG(1, s, t, "Unexpected CHAP message\n");
                STAT(tunnel_rx_errors);
-               sessionshutdown(s, "Unexpected CHAP message.", 3, 0);
                return;
        }
 
                return;
        }
 
@@ -355,7 +354,33 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l)
 
        if (*p == ConfigAck)
        {
 
        if (*p == ConfigAck)
        {
-               LOG(3, s, t, "LCP: Discarding ConfigAck\n");
+               int x = l - 4;
+               uint8_t *o = (p + 4);
+
+               LOG(3, s, t, "LCP: ConfigAck (%d bytes)...\n", l);
+               if (config->debug > 3) dumplcp(p, l);
+
+               while (x > 2)
+               {
+                       int type = o[0];
+                       int length = o[1];
+
+                       if (length == 0 || type == 0 || x < length) break;
+                       switch (type)
+                       {
+                               case 3: // Authentication-Protocol
+                                       {
+                                               int proto = ntohs(*(uint16_t *)(o + 2));
+                                               if (proto == PPPCHAP && *(o + 4) == 5)
+                                                       sendchap(t, s);
+                                       }
+
+                                       break;
+                       }
+                       x -= length;
+                       o += length;
+               }
+
                session[s].flags |= SF_LCP_ACKED;
        }
        else if (*p == ConfigReq)
                session[s].flags |= SF_LCP_ACKED;
        }
        else if (*p == ConfigReq)
@@ -405,7 +430,6 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l)
                                        *q++ = 6;
                                        memset(q, 0, 4); // asyncmap 0
                                        q += 4;
                                        *q++ = 6;
                                        memset(q, 0, 4); // asyncmap 0
                                        q += 4;
-                                       *((uint16_t *) (response + 2)) = htons(q - response); // LCP header length
                                        break;
 
                                case 3: // Authentication-Protocol
                                        break;
 
                                case 3: // Authentication-Protocol
@@ -466,7 +490,6 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l)
                                                        q = a;
                                                }
 
                                                        q = a;
                                                }
 
-                                               *((uint16_t *) (response + 2)) = htons(q - response); // LCP header length
                                                break;
                                        }
                                        break;
                                                break;
                                        }
                                        break;
@@ -498,22 +521,26 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l)
 
                                        memcpy(q, o, length);
                                        q += length;
 
                                        memcpy(q, o, length);
                                        q += length;
-                                       *((uint16_t *) (response + 2)) = htons(q - response); // LCP header length
                        }
                        x -= length;
                        o += length;
                }
 
                        }
                        x -= length;
                        o += length;
                }
 
-               if (!response)
+               if (response)
                {
                {
-                       // Send back a ConfigAck
-                       q = response = makeppp(b, sizeof(b), p, l, t, s, PPPLCP);
-                       if (!q) return;
-                       *q = ConfigAck;
+                       l = q - response; // LCP packet length
+                       *((uint16_t *) (response + 2)) = htons(l); // update header
+               }
+               else
+               {
+                       // Send packet back as ConfigAck
+                       response = makeppp(b, sizeof(b), p, l, t, s, PPPLCP);
+                       if (!response) return;
+                       *response = ConfigAck;
                }
 
                LOG(3, s, t, "Sending %s\n", ppp_lcp_type(*response));
                }
 
                LOG(3, s, t, "Sending %s\n", ppp_lcp_type(*response));
-               tunnelsend(b, l + (q - b), t);
+               tunnelsend(b, l + response - b, t);
 
                if (!(session[s].flags & SF_LCP_ACKED))
                        sendlcp(t, s, config->radius_authprefer);
 
                if (!(session[s].flags & SF_LCP_ACKED))
                        sendlcp(t, s, config->radius_authprefer);
@@ -522,7 +549,7 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l)
        {
                int x = l - 4;
                uint8_t *o = (p + 4);
        {
                int x = l - 4;
                uint8_t *o = (p + 4);
-               int authtype = 0;
+               int authtype = -1;
 
                LOG(3, s, t, "LCP: ConfigNak (%d bytes)...\n", l);
                if (config->debug > 3) dumplcp(p, l);
 
                LOG(3, s, t, "LCP: ConfigNak (%d bytes)...\n", l);
                if (config->debug > 3) dumplcp(p, l);
@@ -541,7 +568,7 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l)
                                        break;
 
                                case 3: // Authentication-Protocol
                                        break;
 
                                case 3: // Authentication-Protocol
-                                       if (authtype)
+                                       if (authtype > 0)
                                                break;
 
                                        {
                                                break;
 
                                        {
@@ -565,21 +592,23 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l)
                                                }
                                        }
 
                                                }
                                        }
 
-                                       if (!authtype)
-                                       {
-                                               sessionshutdown(s, "Unsupported authentication.", 3, 0);
-                                               return;
-                                       }
-
                                        break;
 
                                default:
                                        LOG(2, s, t, "    Remote NAKed LCP type %u?\n", type);
                                        break;
                        }
                                        break;
 
                                default:
                                        LOG(2, s, t, "    Remote NAKed LCP type %u?\n", type);
                                        break;
                        }
+                       x -= length;
+                       o += length;
                }
 
                if (!authtype)
                }
 
                if (!authtype)
+               {
+                       sessionshutdown(s, "Unsupported authentication.", 3, 0);
+                       return;
+               }
+
+               if (authtype == -1)
                        authtype = config->radius_authprefer;
 
                sendlcp(t, s, authtype);
                        authtype = config->radius_authprefer;
 
                sendlcp(t, s, authtype);
@@ -986,21 +1015,26 @@ void processipin(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l)
                return;
        }
 
                return;
        }
 
+       p += 4;
+       l -= 4;
+
        if (session[s].snoop_ip && session[s].snoop_port)
        {
                // Snooping this session
        if (session[s].snoop_ip && session[s].snoop_port)
        {
                // Snooping this session
-               snoop_send_packet(p + 4, l - 4, session[s].snoop_ip, session[s].snoop_port);
+               snoop_send_packet(p, l, session[s].snoop_ip, session[s].snoop_port);
        }
 
        }
 
-       session[s].cin += l - 4;
-       session[s].total_cin += l - 4;
-       sess_local[s].cin += l - 4;
-
+       increment_counter(&session[s].cin, &session[s].cin_wrap, l);
+       session[s].cin_delta += l;
        session[s].pin++;
        session[s].pin++;
-       eth_tx += l - 4;
+
+       sess_local[s].cin += l;
+       sess_local[s].pin++;
+
+       eth_tx += l;
 
        STAT(tun_tx_packets);
 
        STAT(tun_tx_packets);
-       INC_STAT(tun_tx_bytes, l - 4);
+       INC_STAT(tun_tx_bytes, l);
 }
 
 // process IPv6 packet received
 }
 
 // process IPv6 packet received
@@ -1074,21 +1108,26 @@ void processipv6in(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l)
                return;
        }
 
                return;
        }
 
+       p += 4;
+       l -= 4;
+
        if (session[s].snoop_ip && session[s].snoop_port)
        {
                // Snooping this session
        if (session[s].snoop_ip && session[s].snoop_port)
        {
                // Snooping this session
-               snoop_send_packet(p + 4, l - 4, session[s].snoop_ip, session[s].snoop_port);
+               snoop_send_packet(p, l, session[s].snoop_ip, session[s].snoop_port);
        }
 
        }
 
-       session[s].cin += l - 4;
-       session[s].total_cin += l - 4;
-       sess_local[s].cin += l - 4;
-
+       increment_counter(&session[s].cin, &session[s].cin_wrap, l);
+       session[s].cin_delta += l;
        session[s].pin++;
        session[s].pin++;
-       eth_tx += l - 4;
+
+       sess_local[s].cin += l;
+       sess_local[s].pin++;
+
+       eth_tx += l;
 
        STAT(tun_tx_packets);
 
        STAT(tun_tx_packets);
-       INC_STAT(tun_tx_bytes, l - 4);
+       INC_STAT(tun_tx_bytes, l);
 }
 
 //
 }
 
 //
@@ -1108,19 +1147,24 @@ void send_ipin(sessionidt s, uint8_t *buf, int len)
                return;
        }
 
                return;
        }
 
+       buf += 4;
+       len -= 4;
+
        if (session[s].snoop_ip && session[s].snoop_port)
        {
                // Snooping this session
        if (session[s].snoop_ip && session[s].snoop_port)
        {
                // Snooping this session
-               snoop_send_packet(buf + 4, len - 4, session[s].snoop_ip, session[s].snoop_port);
+               snoop_send_packet(buf, len, session[s].snoop_ip, session[s].snoop_port);
        }
 
        // Increment packet counters
        }
 
        // Increment packet counters
-       session[s].cin += len - 4;
-       session[s].total_cin += len - 4;
-       sess_local[s].cin += len - 4;
-
+       increment_counter(&session[s].cin, &session[s].cin_wrap, len);
+       session[s].cin_delta += len;
        session[s].pin++;
        session[s].pin++;
-       eth_tx += len - 4;
+
+       sess_local[s].cin += len;
+       sess_local[s].pin++;
+
+       eth_tx += len;
 
        STAT(tun_tx_packets);
        INC_STAT(tun_tx_bytes, len - 4);
 
        STAT(tun_tx_packets);
        INC_STAT(tun_tx_bytes, len - 4);
@@ -1299,7 +1343,7 @@ void sendlcp(tunnelidt t, sessionidt s, int authtype)
                return;
 
        LOG(4, s, t, "Sending LCP ConfigReq for %s\n",
                return;
 
        LOG(4, s, t, "Sending LCP ConfigReq for %s\n",
-           config->radius_authprefer == AUTHCHAP ? "CHAP" : "PAP");
+           authtype == AUTHCHAP ? "CHAP" : "PAP");
 
        if (!session[s].mru)
                session[s].mru = DEFAULT_MRU;
 
        if (!session[s].mru)
                session[s].mru = DEFAULT_MRU;
@@ -1308,6 +1352,8 @@ void sendlcp(tunnelidt t, sessionidt s, int authtype)
        *l++ = ConfigReq;
        *l++ = (time_now % 255) + 1; // ID
 
        *l++ = ConfigReq;
        *l++ = (time_now % 255) + 1; // ID
 
+       l += 2; //Save space for length
+
        *l++ = 1; *l++ = 4; // Maximum-Receive-Unit (length 4)
        *(uint16_t *) l = htons(session[s].mru); l += 2;
 
        *l++ = 1; *l++ = 4; // Maximum-Receive-Unit (length 4)
        *(uint16_t *) l = htons(session[s].mru); l += 2;