Fix: loopback protection

[l2tpns.git] / ppp.c

diff --git a/ppp.c b/ppp.c
index f9a60ac..584ce61 100644 (file)
--- a/ppp.c
+++ b/ppp.c
@@ -12,6 +12,10 @@
 #include "tbf.h"
 #include "cluster.h"
 
+#ifdef LAC
+#include "l2tplac.h"
+#endif
+
 extern tunnelt *tunnel;
 extern bundlet *bundle;
 extern fragmentationt *frag;
@@ -100,6 +104,14 @@ void processpap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
                LOG(3, s, t, "PAP login %s/%s\n", user, pass);
        }
 
+#ifdef LAC
+       if ((!config->disable_lac_func) && lac_conf_forwardtoremotelns(s, user))
+       {
+               // Creating a tunnel/session has been started
+               return;
+       }
+#endif
+
        if (session[s].ip || !(r = radiusnew(s)))
        {
                // respond now, either no RADIUS available or already authenticated
@@ -251,6 +263,16 @@ void processchap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
                packet.username = calloc(l + 1, 1);
                memcpy(packet.username, p, l);
 
+#ifdef LAC
+               if ((!config->disable_lac_func) && lac_conf_forwardtoremotelns(s, packet.username))
+               {
+                       free(packet.username);
+                       free(packet.password);
+                       // Creating a tunnel/session has been started
+                       return;
+               }
+#endif
+
                run_plugins(PLUGIN_PRE_AUTH, &packet);
                if (!packet.continue_auth)
                {
@@ -403,7 +425,7 @@ void lcp_open(sessionidt s, tunnelidt t)
        }
 }
 
-static void lcp_restart(sessionidt s)
+void lcp_restart(sessionidt s)
 {
        session[s].ppp.phase = Establish;
        // This-Layer-Down