// Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced
// vim: sw=8 ts=8
-char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.102 2005/05/12 04:08:45 bodea Exp $";
+char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.106 2005/06/02 04:04:07 bodea Exp $";
#include <arpa/inet.h>
#include <assert.h>
CONFIG("radius_interim", radius_interim, INT),
CONFIG("radius_secret", radiussecret, STRING),
CONFIG("radius_authtypes", radius_authtypes_s, STRING),
+ CONFIG("allow_duplicate_users", allow_duplicate_users, BOOL),
CONFIG("bind_address", bind_address, IPv4),
CONFIG("peer_address", peer_address, IPv4),
CONFIG("send_garp", send_garp, BOOL),
CONFIG("cluster_interface", cluster_interface, STRING),
CONFIG("cluster_hb_interval", cluster_hb_interval, INT),
CONFIG("cluster_hb_timeout", cluster_hb_timeout, INT),
+ CONFIG("cluster_master_min_adv", cluster_master_min_adv, INT),
CONFIG("ipv6_prefix", ipv6_prefix, IPv6),
{ NULL, 0, 0, 0 },
};
if (!q) return;
*q = ConfigReq;
- q[1] = r << RADIUS_SHIFT; // ID, dont care, we only send one type of request
+ q[1] = r >> RADIUS_SHIFT; // ID, dont care, we only send one type of request
*(uint16_t *) (q + 2) = htons(10);
q[4] = 3;
q[5] = 6;
if (!q) return;
*q = ConfigReq;
- q[1] = r << RADIUS_SHIFT; // ID, don't care, we
+ q[1] = r >> RADIUS_SHIFT; // ID, don't care, we
// only send one type
// of request
*(uint16_t *) (q + 2) = htons(14);
// TBA
break;
case 10: // ICRQ
- controlt *c;
-
if (sessionfree)
{
uint16_t r;
// make a RADIUS session
if ((r = radiusnew(s)))
{
- c = controlnew(11); // sending ICRP
+ controlt *c = controlnew(11); // sending ICRP
session[s].opened = time_now;
session[s].tunnel = t;
session[s].far = asession;
LOG(1, 0, t, "No free sessions\n");
}
- c = controlnew(14); // CDN
- control16(c, 1, 4, 1); // temporary lack of resources
- controladd(c, session[s].tunnel, asession); // send the message
+ {
+ controlt *c = controlnew(14); // CDN
+ control16(c, 1, 4, 1); // temporary lack of resources
+ controladd(c, session[s].tunnel, asession); // send the message
+ }
return;
case 11: // ICRP
// TBA
LOG(3, s, t, "Magic %X Flags %X\n", amagic, aflags);
controlnull(t); // ack
// proxy authentication type is not supported
- if (authtype && !(config->radius_authtypes & authtype))
- sendlcp(t, s, config->radius_authprefer);
+ if (!(config->radius_authtypes & authtype))
+ authtype = config->radius_authprefer;
+
+ // start LCP
+ sendlcp(t, s, authtype);
break;
case 14: // CDN
controlnull(t); // ack
config->debug = optdebug;
config->num_tbfs = MAXTBFS;
config->rl_rate = 28; // 28kbps
+ config->cluster_master_min_adv = 1;
strcpy(config->random_device, RANDOMDEVICE);
log_stream = stderr;
if (!config->numradiusservers)
LOG(0, 0, 0, "No RADIUS servers defined!\n");
- config->num_radfds = 2 << RADIUS_SHIFT;
+ config->num_radfds = 1 << RADIUS_SHIFT;
// parse radius_authtypes_s
config->radius_authtypes = config->radius_authprefer = 0;
for (i = 1; i <= config->cluster_highest_sessionid; i++)
{
if (i == s) continue;
- if (ip == session[i].ip) sessionkill(i, "Duplicate IP address");
- if (!session[s].walled_garden && !session[i].walled_garden && strcasecmp(user, session[i].user) == 0)
+ if (!session[s].opened) continue;
+ if (ip == session[i].ip)
+ {
+ sessionkill(i, "Duplicate IP address");
+ continue;
+ }
+
+ if (config->allow_duplicate_users) continue;
+ if (session[s].walled_garden || session[i].walled_garden) continue;
+ if (!strcasecmp(user, session[i].user))
sessionkill(i, "Duplicate session for users");
}
}