X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/5e65215ed4758c8fcd26ecaadc4b6121b93dab1c..786a8c4546c4a28f21d8995567e6f8f28f2eb053:/radius.c

diff --git a/radius.c b/radius.c
index 5c2ab46..4321d82 100644
--- a/radius.c
+++ b/radius.c
@@ -19,9 +19,8 @@
 #include "util.h"
 #include "cluster.h"
 
-#ifdef LAC
 #include "l2tplac.h"
-#endif
+#include "pppoe.h"
 
 extern radiust *radius;
 extern sessiont *session;
@@ -536,9 +535,7 @@ void processrad(uint8_t *buf, int len, char socket_index)
 	uint8_t routes = 0;
 	int r_code;
 	int r_id;
-#ifdef LAC
 	int OpentunnelReq = 0;
-#endif
 
 	CSTAT(processrad);
 
@@ -600,49 +597,16 @@ void processrad(uint8_t *buf, int len, char socket_index)
 			run_plugins(PLUGIN_POST_AUTH, &packet);
 			r_code = packet.auth_allowed ? AccessAccept : AccessReject;
 
-			// process auth response
-			if (radius[r].chap)
-			{
-				// CHAP
-				uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPCHAP, 0, 0, 0);
-				if (!p) return;	// Abort!
-
-				*p = (r_code == AccessAccept) ? 3 : 4;     // ack/nak
-				p[1] = radius[r].id;
-				*(uint16_t *) (p + 2) = ntohs(4); // no message
-				tunnelsend(b, (p - b) + 4, t); // send it
-
-				LOG(3, s, session[s].tunnel, "   CHAP User %s authentication %s.\n", session[s].user,
-						(r_code == AccessAccept) ? "allowed" : "denied");
-			}
-			else
-			{
-				// PAP
-				uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPPAP, 0, 0, 0);
-				if (!p) return;		// Abort!
-
-				// ack/nak
-				*p = r_code;
-				p[1] = radius[r].id;
-				*(uint16_t *) (p + 2) = ntohs(5);
-				p[4] = 0; // no message
-				tunnelsend(b, (p - b) + 5, t); // send it
-
-				LOG(3, s, session[s].tunnel, "   PAP User %s authentication %s.\n", session[s].user,
-						(r_code == AccessAccept) ? "allowed" : "denied");
-			}
-
 			if (r_code == AccessAccept)
 			{
 				// Login successful
 				// Extract IP, routes, etc
 				uint8_t *p = buf + 20;
 				uint8_t *e = buf + len;
-#ifdef LAC
 				uint8_t tag;
 				uint8_t strtemp[256];
 				lac_reset_rad_tag_tunnel_ctxt();
-#endif
+
 				for (; p + 2 <= e && p[1] && p + p[1] <= e; p += p[1])
 				{
 					if (*p == 26 && p[1] >= 7)
@@ -837,7 +801,6 @@ void processrad(uint8_t *buf, int len, char socket_index)
 							session[s].classlen = MAXCLASS;
 						memcpy(session[s].class, p + 2, session[s].classlen);
 					}
-#ifdef LAC
 					else if (*p == 64)
 					{
 						// Tunnel-Type
@@ -926,7 +889,6 @@ void processrad(uint8_t *buf, int len, char socket_index)
 						// Fill context
 						lac_set_rad_tag_tunnel_assignment_id(tag, (char *) strtemp);
 					}
-#endif
 				}
 			}
 			else if (r_code == AccessReject)
@@ -936,7 +898,6 @@ void processrad(uint8_t *buf, int len, char socket_index)
 				break;
 			}
 
-#ifdef LAC
 			if ((!config->disable_lac_func) && OpentunnelReq)
 			{
 				char assignment_id[256];
@@ -947,6 +908,8 @@ void processrad(uint8_t *buf, int len, char socket_index)
 				if (!lac_rad_select_assignment_id(s, assignment_id))
 					break; // Error no assignment_id
 
+				LOG(3, s, session[s].tunnel, "Select Tunnel Remote LNS for assignment_id == %s\n", assignment_id);
+
 				if (lac_rad_forwardtoremotelns(s, assignment_id, session[s].user))
 				{
 					int ro;
@@ -959,7 +922,39 @@ void processrad(uint8_t *buf, int len, char socket_index)
 					break;
 				}
 			}
-#endif
+
+			// process auth response
+			if (radius[r].chap)
+			{
+				// CHAP
+				uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPCHAP, 0, 0, 0);
+				if (!p) return;	// Abort!
+
+				*p = (r_code == AccessAccept) ? 3 : 4;     // ack/nak
+				p[1] = radius[r].id;
+				*(uint16_t *) (p + 2) = ntohs(4); // no message
+				tunnelsend(b, (p - b) + 4, t); // send it
+
+				LOG(3, s, session[s].tunnel, "   CHAP User %s authentication %s.\n", session[s].user,
+						(r_code == AccessAccept) ? "allowed" : "denied");
+			}
+			else
+			{
+				// PAP
+				uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPPAP, 0, 0, 0);
+				if (!p) return;		// Abort!
+
+				// ack/nak
+				*p = r_code;
+				p[1] = radius[r].id;
+				*(uint16_t *) (p + 2) = ntohs(5);
+				p[4] = 0; // no message
+				tunnelsend(b, (p - b) + 5, t); // send it
+
+				LOG(3, s, session[s].tunnel, "   PAP User %s authentication %s.\n", session[s].user,
+						(r_code == AccessAccept) ? "allowed" : "denied");
+			}
+
 			if (!session[s].dns1 && config->default_dns1)
 			{
 				session[s].dns1 = ntohl(config->default_dns1);
@@ -1303,7 +1298,6 @@ void processdae(uint8_t *buf, int len, struct sockaddr_in *addr, int alen, struc
 		LOG(0, 0, 0, "Error sending DAE response packet: %s\n", strerror(errno));
 }
 
-#ifdef LAC
 // Decrypte the encrypted Tunnel Password.
 // Defined in RFC-2868.
 // the pl2tpsecret buffer must set to 256 characters.
@@ -1394,4 +1388,3 @@ int rad_tunnel_pwdecode(uint8_t *pl2tpsecret, size_t *pl2tpsecretlen,
 
 	return decodedlen;
 };
-#endif /* LAC */