X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/5e631c6978946b8333bcd49b79ae5d009ba93413..74ed8f9e19f3d96b6ce090a4840a3be705bc255d:/radius.c?ds=sidebyside diff --git a/radius.c b/radius.c index dd8a3e6..8a39894 100644 --- a/radius.c +++ b/radius.c @@ -1,6 +1,6 @@ // L2TPNS Radius Stuff -char const *cvs_id_radius = "$Id: radius.c,v 1.50 2006/04/27 09:53:50 bodea Exp $"; +char const *cvs_id_radius = "$Id: radius.c,v 1.49.2.2 2006/08/02 14:17:20 bodea Exp $"; #include #include @@ -537,7 +537,7 @@ void processrad(uint8_t *buf, int len, char socket_index) if (radius[r].chap) { // CHAP - uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPCHAP, 0, 0, 0); + uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPCHAP); if (!p) return; // Abort! *p = (r_code == AccessAccept) ? 3 : 4; // ack/nak @@ -551,7 +551,7 @@ void processrad(uint8_t *buf, int len, char socket_index) else { // PAP - uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPPAP, 0, 0, 0); + uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPPAP); if (!p) return; // Abort! // ack/nak @@ -573,6 +573,35 @@ void processrad(uint8_t *buf, int len, char socket_index) uint8_t *e = buf + len; for (; p + 2 <= e && p[1] && p + p[1] <= e; p += p[1]) { + if (*p == 26 && p[1] >= 7) + { + // Vendor-Specific Attribute + uint32_t vendor = ntohl(*(int *)(p + 2)); + uint8_t attrib = *(p + 6); + int attrib_length = *(p + 7) - 2; + + LOG(4, s, session[s].tunnel, " Radius reply contains Vendor-Specific. Vendor=%u Attrib=%u Length=%d\n", vendor, attrib, attrib_length); + if (vendor == 9 && attrib == 1) // Cisco-AVPair + { + if (attrib_length < 0) continue; + LOG(3, s, session[s].tunnel, " Cisco-AVPair value: %.*s\n", + attrib_length, p + 8); + + handle_avpair(s, p + 8, attrib_length); + continue; + } + else if (vendor == 529 && attrib >= 135 && attrib <= 136) // Ascend + { + // handle old-format ascend DNS attributes below + p += 6; + } + else + { + LOG(3, s, session[s].tunnel, " Unknown vendor-specific\n"); + continue; + } + } + if (*p == 8) { // Framed-IP-Address @@ -593,19 +622,6 @@ void processrad(uint8_t *buf, int len, char socket_index) LOG(3, s, session[s].tunnel, " Radius reply contains primary DNS address %s\n", fmtaddr(htonl(session[s].dns1), 0)); } - else if (*p == 27) - { - // Session timeout - if (p[1] < 6) { - LOG(2, s, session[s].tunnel, "Error: Received Session timeout with length %d < 6\n", p[1]); - continue; - } - - session[s].timeout = ntohl(*(uint32_t *) (p + 2)); - LOG(3, s, session[s].tunnel, " Radius reply contains Session timeout %d\n", session[s].timeout); - if (!session[s].timeout) - sessionshutdown(s, "Session timeout is zero", CDN_ADMIN_DISC, TERM_SESSION_TIMEOUT); - } else if (*p == 136) { // DNS address @@ -699,28 +715,6 @@ void processrad(uint8_t *buf, int len, char socket_index) ip_filters[f].used++; } } - else if (*p == 26 && p[1] >= 7) - { - // Vendor-Specific Attribute - int vendor = ntohl(*(int *)(p + 2)); - char attrib = *(p + 6); - int attrib_length = *(p + 7) - 2; - - LOG(3, s, session[s].tunnel, " Radius reply contains Vendor-Specific. Vendor=%d Attrib=%d Length=%d\n", vendor, attrib, attrib_length); - if (vendor != 9 || attrib != 1) - { - LOG(3, s, session[s].tunnel, " Unknown vendor-specific\n"); - continue; - } - - if (attrib_length > 0) - { - LOG(3, s, session[s].tunnel, " Cisco-AVPair value: %.*s\n", - attrib_length, p + 8); - - handle_avpair(s, p + 8, attrib_length); - } - } else if (*p == 99) { // Framed-IPv6-Route