CHAP support from Jordan Hrycaj (work in progress)
[l2tpns.git] / l2tpns.h
index db96836..d29c547 100644 (file)
--- a/l2tpns.h
+++ b/l2tpns.h
@@ -1,5 +1,5 @@
 // L2TPNS Global Stuff
 // L2TPNS Global Stuff
-// $Id: l2tpns.h,v 1.47 2004/12/16 08:49:53 bodea Exp $
+// $Id: l2tpns.h,v 1.51 2005/01/07 07:17:13 bodea Exp $
 
 #ifndef __L2TPNS_H__
 #define __L2TPNS_H__
 
 #ifndef __L2TPNS_H__
 #define __L2TPNS_H__
@@ -15,7 +15,7 @@
 #include <sys/types.h>
 #include <libcli.h>
 
 #include <sys/types.h>
 #include <libcli.h>
 
-#define VERSION        "2.0.13"
+#define VERSION        "2.1.0"
 
 // Limits
 #define MAXTUNNEL      500             // could be up to 65535
 
 // Limits
 #define MAXTUNNEL      500             // could be up to 65535
@@ -72,6 +72,7 @@
 #endif
 
 #define TUNDEVICE      "/dev/net/tun"
 #endif
 
 #define TUNDEVICE      "/dev/net/tun"
+#define RANDOMDEVICE   "/dev/urandom"                  // default, not as secure as /dev/random but non-blocking
 #define STATEFILE      DATADIR "/state.dump"           // State dump file
 #define CONFIGFILE     FLASHDIR "/startup-config"      // Configuration file
 #define CLIUSERS       FLASHDIR "/users"               // CLI Users file
 #define STATEFILE      DATADIR "/state.dump"           // State dump file
 #define CONFIGFILE     FLASHDIR "/startup-config"      // Configuration file
 #define CLIUSERS       FLASHDIR "/users"               // CLI Users file
 #define        L2TPPORT        1701            // L2TP port
 #define RADPORT                1645            // old radius port...
 #define        PKTARP          0x0806          // ARP packet type
 #define        L2TPPORT        1701            // L2TP port
 #define RADPORT                1645            // old radius port...
 #define        PKTARP          0x0806          // ARP packet type
-#define        PKTIP           0x0800          // IP packet type
-#define PSEUDOMAC      0x0200          // pseudo MAC prefix (local significant MAC)
+#define        PKTIP           0x0800          // IPv4 packet type
+#define        PKTIPV6         0x86DD          // IPv6 packet type
 #define        PPPPAP          0xC023
 #define        PPPCHAP         0xC223
 #define        PPPLCP          0xC021
 #define        PPPIPCP         0x8021
 #define        PPPPAP          0xC023
 #define        PPPCHAP         0xC223
 #define        PPPLCP          0xC021
 #define        PPPIPCP         0x8021
+#define        PPPIPV6CP       0x8057
 #define        PPPCCP          0x80FD
 #define PPPIP          0x0021
 #define        PPPCCP          0x80FD
 #define PPPIP          0x0021
+#define PPPIPV6                0x0057
 #define PPPMP          0x003D
 #define MIN_IP_SIZE    0x19
 #define PPPMP          0x003D
 #define MIN_IP_SIZE    0x19
-enum
-{
+
+enum {
        ConfigReq = 1,
        ConfigAck,
        ConfigNak,
        ConfigReq = 1,
        ConfigAck,
        ConfigNak,
@@ -107,6 +110,15 @@ enum
        IdentRequest
 };
 
        IdentRequest
 };
 
+enum {
+       AccessRequest = 1,
+       AccessAccept,
+       AccessReject,
+       AccountingRequest,
+       AccountingResponse,
+       AccessChallenge = 11
+};
+
 // Types
 typedef uint16_t sessionidt;
 typedef uint16_t tunnelidt;
 // Types
 typedef uint16_t sessionidt;
 typedef uint16_t tunnelidt;
@@ -208,6 +220,11 @@ sessiont;
 #define SF_IPCP_ACKED  1       // Has this session seen an IPCP Ack?
 #define SF_LCP_ACKED   2       // LCP negotiated
 #define SF_CCP_ACKED   4       // CCP negotiated
 #define SF_IPCP_ACKED  1       // Has this session seen an IPCP Ack?
 #define SF_LCP_ACKED   2       // LCP negotiated
 #define SF_CCP_ACKED   4       // CCP negotiated
+#define SF_IPV6CP_ACKED        8       // IPv6 negotiated
+#define SF_IPV6_NACKED 16      // IPv6 rejected
+
+#define AUTHPAP                1       // allow PAP
+#define AUTHCHAP       2       // allow CHAP
 
 typedef struct
 {
 
 typedef struct
 {
@@ -307,78 +324,84 @@ enum
 
 struct Tstats
 {
 
 struct Tstats
 {
-    time_t             start_time;
-    time_t             last_reset;
-
-    unsigned long      tun_rx_packets;
-    unsigned long      tun_tx_packets;
-    unsigned long      tun_rx_bytes;
-    unsigned long      tun_tx_bytes;
-    unsigned long      tun_rx_errors;
-    unsigned long      tun_tx_errors;
-
-    unsigned long      tunnel_rx_packets;
-    unsigned long      tunnel_tx_packets;
-    unsigned long      tunnel_rx_bytes;
-    unsigned long      tunnel_tx_bytes;
-    unsigned long      tunnel_rx_errors;
-    unsigned long      tunnel_tx_errors;
-
-    unsigned long      tunnel_retries;
-    unsigned long      radius_retries;
-
-    unsigned long      arp_sent;
-
-    unsigned long      packets_snooped;
-
-    unsigned long      tunnel_created;
-    unsigned long      session_created;
-    unsigned long      tunnel_timeout;
-    unsigned long      session_timeout;
-    unsigned long      radius_timeout;
-    unsigned long      radius_overflow;
-    unsigned long      tunnel_overflow;
-    unsigned long      session_overflow;
-
-    unsigned long      ip_allocated;
-    unsigned long      ip_freed;
-
-    unsigned long      c_forwarded;
-    unsigned long      recv_forward;
+    time_t     start_time;
+    time_t     last_reset;
+
+    uint32_t   tun_rx_packets;
+    uint32_t   tun_tx_packets;
+    uint32_t   tun_rx_bytes;
+    uint32_t   tun_tx_bytes;
+    uint32_t   tun_rx_errors;
+    uint32_t   tun_tx_errors;
+
+    uint32_t   tunnel_rx_packets;
+    uint32_t   tunnel_tx_packets;
+    uint32_t   tunnel_rx_bytes;
+    uint32_t   tunnel_tx_bytes;
+    uint32_t   tunnel_rx_errors;
+    uint32_t   tunnel_tx_errors;
+
+    uint32_t   tunnel_retries;
+    uint32_t   radius_retries;
+
+    uint32_t   arp_sent;
+
+    uint32_t   packets_snooped;
+
+    uint32_t   tunnel_created;
+    uint32_t   session_created;
+    uint32_t   tunnel_timeout;
+    uint32_t   session_timeout;
+    uint32_t   radius_timeout;
+    uint32_t   radius_overflow;
+    uint32_t   tunnel_overflow;
+    uint32_t   session_overflow;
+
+    uint32_t   ip_allocated;
+    uint32_t   ip_freed;
+
+    uint32_t   c_forwarded;
+    uint32_t   recv_forward;
+
+    uint32_t   select_called;
+    uint32_t   multi_read_used;
+    uint32_t   multi_read_exceeded;
+
 #ifdef STATISTICS
 #ifdef STATISTICS
-    unsigned long      call_processtun;
-    unsigned long      call_processipout;
-    unsigned long      call_processudp;
-    unsigned long      call_sessionbyip;
-    unsigned long      call_sessionbyuser;
-    unsigned long      call_sendarp;
-    unsigned long      call_sendipcp;
-    unsigned long      call_tunnelsend;
-    unsigned long      call_sessionkill;
-    unsigned long      call_sessionshutdown;
-    unsigned long      call_tunnelkill;
-    unsigned long      call_tunnelshutdown;
-    unsigned long      call_assign_ip_address;
-    unsigned long      call_free_ip_address;
-    unsigned long      call_dump_acct_info;
-    unsigned long      call_sessionsetup;
-    unsigned long      call_processpap;
-    unsigned long      call_processchap;
-    unsigned long      call_processlcp;
-    unsigned long      call_processipcp;
-    unsigned long      call_processipin;
-    unsigned long      call_processccp;
-    unsigned long      call_sendchap;
-    unsigned long      call_processrad;
-    unsigned long      call_radiussend;
-    unsigned long      call_radiusretry;
+    uint32_t   call_processtun;
+    uint32_t   call_processipout;
+    uint32_t   call_processudp;
+    uint32_t   call_sessionbyip;
+    uint32_t   call_sessionbyuser;
+    uint32_t   call_sendarp;
+    uint32_t   call_sendipcp;
+    uint32_t   call_tunnelsend;
+    uint32_t   call_sessionkill;
+    uint32_t   call_sessionshutdown;
+    uint32_t   call_tunnelkill;
+    uint32_t   call_tunnelshutdown;
+    uint32_t   call_assign_ip_address;
+    uint32_t   call_free_ip_address;
+    uint32_t   call_dump_acct_info;
+    uint32_t   call_sessionsetup;
+    uint32_t   call_processpap;
+    uint32_t   call_processchap;
+    uint32_t   call_processlcp;
+    uint32_t   call_processipcp;
+    uint32_t   call_processipin;
+    uint32_t   call_processccp;
+    uint32_t   call_sendchap;
+    uint32_t   call_processrad;
+    uint32_t   call_radiussend;
+    uint32_t   call_radiusretry;
+    uint32_t    call_random_data;
 #endif
 };
 
 #ifdef STATISTICS
 
 #ifdef STAT_CALLS
 #endif
 };
 
 #ifdef STATISTICS
 
 #ifdef STAT_CALLS
-#define CSTAT(x)       STAT(x)
+#define CSTAT(x)       STAT(call_ ## x)
 #else
 #define CSTAT(x)
 #endif
 #else
 #define CSTAT(x)
 #endif
@@ -415,6 +438,8 @@ typedef struct
        char            log_filename[128];
        char            l2tpsecret[64];
 
        char            log_filename[128];
        char            l2tpsecret[64];
 
+       char            random_device[256];             // random device path, defaults to RANDOMDEVICE
+
        char            radiussecret[64];
        int             radius_accounting;
        in_addr_t       radiusserver[MAXRADSERVER];     // radius servers
        char            radiussecret[64];
        int             radius_accounting;
        in_addr_t       radiusserver[MAXRADSERVER];     // radius servers
@@ -422,6 +447,10 @@ typedef struct
        uint8_t         numradiusservers;               // radius server count
        short           num_radfds;                     // Number of radius filehandles allocated
 
        uint8_t         numradiusservers;               // radius server count
        short           num_radfds;                     // Number of radius filehandles allocated
 
+       char            radius_authtypes_s[32];         // list of valid authentication types (chap, pap) in order of preference
+       int             radius_authtypes;
+       int             radius_authprefer;
+
        in_addr_t       default_dns1, default_dns2;
 
        unsigned long   rl_rate;                        // default throttle rate
        in_addr_t       default_dns1, default_dns2;
 
        unsigned long   rl_rate;                        // default throttle rate
@@ -475,7 +504,7 @@ typedef struct
 #endif
 } configt;
 
 #endif
 } configt;
 
-enum config_typet { INT, STRING, UNSIGNED_LONG, SHORT, BOOL, IP, MAC };
+enum config_typet { INT, STRING, UNSIGNED_LONG, SHORT, BOOL, IPv4, IPv6, MAC };
 typedef struct
 {
        char *key;
 typedef struct
 {
        char *key;
@@ -566,6 +595,7 @@ void radiusclear(uint16_t r, sessionidt s);
 clockt backoff(uint8_t try);
 sessionidt sessionbyip(in_addr_t ip);
 sessionidt sessionbyuser(char *username);
 clockt backoff(uint8_t try);
 sessionidt sessionbyip(in_addr_t ip);
 sessionidt sessionbyuser(char *username);
+void random_data(uint8_t *buf, int len);
 void sessionshutdown(sessionidt s, char *reason);
 void send_garp(in_addr_t ip);
 void tunnelsend(uint8_t *buf, uint16_t l, tunnelidt t);
 void sessionshutdown(sessionidt s, char *reason);
 void send_garp(in_addr_t ip);
 void tunnelsend(uint8_t *buf, uint16_t l, tunnelidt t);