X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/3cdac878d7531dcb0af7792b58ef58c5ff2a7fb6..872ee44e6164e26770b8a3c0e6edc68ad66f56a4:/l2tpns.c diff --git a/l2tpns.c b/l2tpns.c index 22187e1..50ff43f 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -4,7 +4,7 @@ // Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced // vim: sw=8 ts=8 -char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.109 2005/06/12 06:10:29 bodea Exp $"; +char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.112 2005/06/24 07:05:04 bodea Exp $"; #include #include @@ -326,7 +326,8 @@ static void initrandom(char *source) return; // close previous source, if any - if (rand_fd >= 0) close(rand_fd); + if (rand_fd >= 0) + close(rand_fd); rand_fd = -1; @@ -343,13 +344,6 @@ static void initrandom(char *source) path, strerror(errno)); } } - - // no source: seed prng - { - unsigned seed = time_now ^ getpid(); - LOG(4, 0, 0, "Seeding the pseudo random generator: %u\n", seed); - srand(seed); - } } // fill buffer with random data @@ -370,7 +364,7 @@ void random_data(uint8_t *buf, int len) strerror(errno)); // fall back to rand() - initrandom(0); + initrandom(NULL); } n = 0; @@ -2030,8 +2024,6 @@ void processudp(uint8_t * buf, int len, struct sockaddr_in *addr) continue; } - LOG(4, s, t, "Hidden AVP\n"); - // Unhide the AVP unhide_value(b, n, mtype, session[s].random_vector, session[s].random_vector_length); @@ -2052,7 +2044,9 @@ void processudp(uint8_t * buf, int len, struct sockaddr_in *addr) n = orig_len; } - LOG(4, s, t, " AVP %d (%s) len %d\n", mtype, avp_name(mtype), n); + LOG(4, s, t, " AVP %d (%s) len %d%s%s\n", mtype, avp_name(mtype), n, + flags & 0x40 ? ", hidden" : "", flags & 0x80 ? ", mandatory" : ""); + switch (mtype) { case 0: // message type @@ -2274,6 +2268,8 @@ void processudp(uint8_t * buf, int len, struct sockaddr_in *addr) case 36: // Random Vector LOG(4, s, t, " Random Vector received. Enabled AVP Hiding.\n"); memset(session[s].random_vector, 0, sizeof(session[s].random_vector)); + if (n > sizeof(session[s].random_vector)) + n = sizeof(session[s].random_vector); memcpy(session[s].random_vector, b, n); session[s].random_vector_length = n; break; @@ -2721,7 +2717,8 @@ static void regular_cleanups(double period) continue; } - if (session[s].ip && !(session[s].flags & SF_IPCP_ACKED)) + if (session[s].ip && !(session[s].flags & SF_IPCP_ACKED) + && !(sess_local[s].radius && radius[sess_local[s].radius].state == RADIUSIPCP)) { // IPCP has not completed yet. Resend LOG(3, s, session[s].tunnel, "No ACK for initial IPCP ConfigReq... resending\n"); @@ -2837,7 +2834,8 @@ static void regular_cleanups(double period) && !sess_local[s].radius // RADIUS already in progress && time_now - sess_local[s].last_interim >= config->radius_interim) { - if (!(r = radiusnew(s))) + int rad = radiusnew(s); + if (!rad) { LOG(1, s, session[s].tunnel, "No free RADIUS sessions for Interim message\n"); STAT(radius_overflow); @@ -2847,7 +2845,7 @@ static void regular_cleanups(double period) LOG(3, s, session[s].tunnel, "Sending RADIUS Interim for %s (%u)\n", session[s].user, session[s].unique_id); - radiussend(r, RADIUSINTERIM); + radiussend(rad, RADIUSINTERIM); sess_local[s].last_interim = time_now; s_actions++; } @@ -3929,6 +3927,13 @@ int main(int argc, char *argv[]) initrad(); initippool(); + // seed prng + { + unsigned seed = time_now ^ getpid(); + LOG(4, 0, 0, "Seeding the pseudo random generator: %u\n", seed); + srand(seed); + } + signal(SIGHUP, sighup_handler); signal(SIGCHLD, sigchild_handler); signal(SIGTERM, shutdown_handler); @@ -5008,11 +5013,11 @@ static void unhide_value(uint8_t *value, size_t len, uint16_t type, uint8_t *vec uint8_t digest[16]; uint8_t *last; size_t d = 0; + uint16_t m = htons(type); // Compute initial pad MD5Init(&ctx); - MD5Update(&ctx, (uint8_t) (type >> 8) & 0xff, 1); - MD5Update(&ctx, (uint8_t) type & 0xff, 1); + MD5Update(&ctx, (unsigned char *) &m, 2); MD5Update(&ctx, config->l2tpsecret, strlen(config->l2tpsecret)); MD5Update(&ctx, vector, vec_len); MD5Final(digest, &ctx);