projects
/
l2tpns.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'master' into samesversion
[l2tpns.git]
/
ppp.c
diff --git
a/ppp.c
b/ppp.c
index
a8a355d
..
cb8512f
100644
(file)
--- a/
ppp.c
+++ b/
ppp.c
@@
-5,6
+5,9
@@
#include <unistd.h>
#include <errno.h>
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
#include <stdlib.h>
+#include <sys/socket.h>
+#include <linux/rtnetlink.h>
+
#include "l2tpns.h"
#include "constants.h"
#include "plugin.h"
#include "l2tpns.h"
#include "constants.h"
#include "plugin.h"
@@
-12,9
+15,7
@@
#include "tbf.h"
#include "cluster.h"
#include "tbf.h"
#include "cluster.h"
-#ifdef LAC
#include "l2tplac.h"
#include "l2tplac.h"
-#endif
#include "pppoe.h"
extern tunnelt *tunnel;
#include "pppoe.h"
extern tunnelt *tunnel;
@@
-105,13
+106,11
@@
void processpap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
LOG(3, s, t, "PAP login %s/%s\n", user, pass);
}
LOG(3, s, t, "PAP login %s/%s\n", user, pass);
}
-#ifdef LAC
if ((!config->disable_lac_func) && lac_conf_forwardtoremotelns(s, user))
{
// Creating a tunnel/session has been started
return;
}
if ((!config->disable_lac_func) && lac_conf_forwardtoremotelns(s, user))
{
// Creating a tunnel/session has been started
return;
}
-#endif
if (session[s].ip || !(r = radiusnew(s)))
{
if (session[s].ip || !(r = radiusnew(s)))
{
@@
-264,7
+263,6
@@
void processchap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
packet.username = calloc(l + 1, 1);
memcpy(packet.username, p, l);
packet.username = calloc(l + 1, 1);
memcpy(packet.username, p, l);
-#ifdef LAC
if ((!config->disable_lac_func) && lac_conf_forwardtoremotelns(s, packet.username))
{
free(packet.username);
if ((!config->disable_lac_func) && lac_conf_forwardtoremotelns(s, packet.username))
{
free(packet.username);
@@
-272,7
+270,6
@@
void processchap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
// Creating a tunnel/session has been started
return;
}
// Creating a tunnel/session has been started
return;
}
-#endif
run_plugins(PLUGIN_PRE_AUTH, &packet);
if (!packet.continue_auth)
run_plugins(PLUGIN_PRE_AUTH, &packet);
if (!packet.continue_auth)
@@
-1769,7
+1766,7
@@
void processipin(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
if (!session[s].bundle || bundle[session[s].bundle].num_of_links < 2) // FIXME:
{
// no spoof (do sessionbyip to handled statically routed subnets)
if (!session[s].bundle || bundle[session[s].bundle].num_of_links < 2) // FIXME:
{
// no spoof (do sessionbyip to handled statically routed subnets)
- if (ip != session[s].ip && sessionbyip(htonl(ip)) != s)
+ if (
!config->disable_no_spoof &&
ip != session[s].ip && sessionbyip(htonl(ip)) != s)
{
LOG(4, s, t, "Dropping packet with spoofed IP %s\n", fmtaddr(htonl(ip), 0));
return;
{
LOG(4, s, t, "Dropping packet with spoofed IP %s\n", fmtaddr(htonl(ip), 0));
return;
@@
-2244,7
+2241,7
@@
void processipv6in(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
return;
// no spoof
return;
// no spoof
- if (
ipv4 != session[s].ip && memcmp(&config->ipv6_prefix, &ip, 8
) && sessionbyipv6(ip) != s)
+ if (
(ipv4 != session[s].ip || memcmp(&config->ipv6_prefix, &ip, 8)
) && sessionbyipv6(ip) != s)
{
char str[INET6_ADDRSTRLEN];
LOG(5, s, t, "Dropping packet with spoofed IP %s\n",
{
char str[INET6_ADDRSTRLEN];
LOG(5, s, t, "Dropping packet with spoofed IP %s\n",