X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/998f1c564e1dc729325cf25f130eaeb9562e745f..5fac6af5f0b93b66ff8e3392704d4a3a69e65b7b:/l2tpns.c

diff --git a/l2tpns.c b/l2tpns.c
index 8f86f1d..2fa9b12 100644
--- a/l2tpns.c
+++ b/l2tpns.c
@@ -4,7 +4,7 @@
 // Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced
 // vim: sw=8 ts=8
 
-char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.98 2005-05-07 11:57:53 bodea Exp $";
+char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.104 2005-05-16 04:51:16 bodea Exp $";
 
 #include <arpa/inet.h>
 #include <assert.h>
@@ -1323,11 +1323,11 @@ static void controlnull(tunnelidt t)
 }
 
 // add a control message to a tunnel, and send if within window
-static void controladd(controlt * c, tunnelidt t, sessionidt s)
+static void controladd(controlt * c, tunnelidt t, sessionidt far)
 {
 	*(uint16_t *) (c->buf + 2) = htons(c->length); // length
 	*(uint16_t *) (c->buf + 4) = htons(tunnel[t].far); // tunnel
-	*(uint16_t *) (c->buf + 6) = htons(s ? session[s].far : 0); // session
+	*(uint16_t *) (c->buf + 6) = htons(far); // session
 	*(uint16_t *) (c->buf + 8) = htons(tunnel[t].ns); // sequence
 	tunnel[t].ns++;              // advance sequence
 	// link in message in to queue
@@ -1518,7 +1518,7 @@ void sessionshutdown(sessionidt s, char *reason, int result, int error)
 			control16(c, 1, result, 1);
 
 		control16(c, 14, s, 1);   // assigned session (our end)
-		controladd(c, session[s].tunnel, s); // send the message
+		controladd(c, session[s].tunnel, session[s].far); // send the message
 	}
 
 	if (!session[s].die)
@@ -1566,7 +1566,7 @@ void sendipcp(tunnelidt t, sessionidt s)
 	if (!q) return;
 
 	*q = ConfigReq;
-	q[1] = r << RADIUS_SHIFT;                    // ID, dont care, we only send one type of request
+	q[1] = r >> RADIUS_SHIFT;                    // ID, dont care, we only send one type of request
 	*(uint16_t *) (q + 2) = htons(10);
 	q[4] = 3;
 	q[5] = 6;
@@ -1588,7 +1588,7 @@ void sendipcp(tunnelidt t, sessionidt s)
 		if (!q) return;
 
 		*q = ConfigReq;
-		q[1] = r << RADIUS_SHIFT;		// ID, don't care, we
+		q[1] = r >> RADIUS_SHIFT;		// ID, don't care, we
 							// only send one type
 							// of request
 		*(uint16_t *) (q + 2) = htons(14);
@@ -2186,7 +2186,7 @@ void processudp(uint8_t * buf, int len, struct sockaddr_in *addr)
 					{
 						uint16_t atype = ntohs(*(uint16_t *)b);
 						LOG(4, s, t, "   Proxy Auth Type %d (%s)\n", atype, auth_type(atype));
-						if (atype = 2)
+						if (atype == 2)
 							authtype = AUTHCHAP;
 						else if (atype == 3)
 							authtype = AUTHPAP;
@@ -2277,7 +2277,7 @@ void processudp(uint8_t * buf, int len, struct sockaddr_in *addr)
 						controls(c, 7, tunnel[t].hostname, 1); // host name (TBA)
 						if (chapresponse) controlb(c, 13, chapresponse, 16, 1); // Challenge response
 						control16(c, 9, t, 1); // assigned tunnel
-						controladd(c, t, s); // send the resply
+						controladd(c, t, 0); // send the resply
 					}
 					tunnel[t].state = TUNNELOPENING;
 					break;
@@ -2305,16 +2305,9 @@ void processudp(uint8_t * buf, int len, struct sockaddr_in *addr)
 					// TBA
 					break;
 				case 10:      // ICRQ
-					if (!sessionfree)
-					{
-						STAT(session_overflow);
-						LOG(1, 0, t, "No free sessions\n");
-						return;
-					}
-					else
+					if (sessionfree)
 					{
 						uint16_t r;
-						controlt *c;
 
 						s = sessionfree;
 						sessionfree = session[s].next;
@@ -2324,28 +2317,40 @@ void processudp(uint8_t * buf, int len, struct sockaddr_in *addr)
 							config->cluster_highest_sessionid = s;
 
 						// make a RADIUS session
-						if (!(r = radiusnew(s)))
+						if ((r = radiusnew(s)))
 						{
-							LOG(1, s, t, "No free RADIUS sessions for ICRQ\n");
-							sessionclear(s);
-							return;
+							controlt *c = controlnew(11); // sending ICRP
+							session[s].opened = time_now;
+							session[s].tunnel = t;
+							session[s].far = asession;
+							session[s].last_packet = time_now;
+							LOG(3, s, t, "New session (%d/%d)\n", tunnel[t].far, session[s].far);
+							control16(c, 14, s, 1); // assigned session
+							controladd(c, t, asession); // send the reply
+
+							strncpy(radius[r].calling, calling, sizeof(radius[r].calling) - 1);
+							strncpy(session[s].called, called, sizeof(session[s].called) - 1);
+							strncpy(session[s].calling, calling, sizeof(session[s].calling) - 1);
+							STAT(session_created);
+							break;
 						}
 
-						c = controlnew(11); // sending ICRP
-						session[s].opened = time_now;
-						session[s].tunnel = t;
-						session[s].far = asession;
-						session[s].last_packet = time_now;
-						LOG(3, s, t, "New session (%d/%d)\n", tunnel[t].far, session[s].far);
-						control16(c, 14, s, 1); // assigned session
-						controladd(c, t, s); // send the reply
-
-						strncpy(radius[r].calling, calling, sizeof(radius[r].calling) - 1);
-						strncpy(session[s].called, called, sizeof(session[s].called) - 1);
-						strncpy(session[s].calling, calling, sizeof(session[s].calling) - 1);
-						STAT(session_created);
+
+						LOG(1, s, t, "No free RADIUS sessions for ICRQ\n");
+						sessionclear(s);
 					}
-					break;
+					else
+					{
+						STAT(session_overflow);
+						LOG(1, 0, t, "No free sessions\n");
+					}
+
+					{
+						controlt *c = controlnew(14); // CDN
+						control16(c, 1, 4, 1); // temporary lack of resources
+						controladd(c, session[s].tunnel, asession); // send the message
+					}
+					return;
 				case 11:      // ICRP
 					// TBA
 					break;
@@ -2356,8 +2361,11 @@ void processudp(uint8_t * buf, int len, struct sockaddr_in *addr)
 					LOG(3, s, t, "Magic %X Flags %X\n", amagic, aflags);
 					controlnull(t); // ack
 					// proxy authentication type is not supported
-					if (authtype && !(config->radius_authtypes & authtype))
-						initlcp(t, s);
+					if (!(config->radius_authtypes & authtype))
+						authtype = config->radius_authprefer;
+
+					// start LCP
+					sendlcp(t, s, authtype);
 					break;
 				case 14:      // CDN
 					controlnull(t); // ack
@@ -3988,7 +3996,7 @@ static void update_config()
 			// test twice, In case someone works with
 			// a secondary radius server without defining
 			// a primary one, this will work even then.
-			if (i>0 && !config->radiusport[i])
+			if (i > 0 && !config->radiusport[i])
 				config->radiusport[i] = config->radiusport[i-1];
 			if (!config->radiusport[i])
 				config->radiusport[i] = RADPORT;
@@ -3997,12 +4005,12 @@ static void update_config()
 	if (!config->numradiusservers)
 		LOG(0, 0, 0, "No RADIUS servers defined!\n");
 
-	config->num_radfds = 2 << RADIUS_SHIFT;
+	config->num_radfds = 1 << RADIUS_SHIFT;
 
 	// parse radius_authtypes_s
 	config->radius_authtypes = config->radius_authprefer = 0;
 	p = config->radius_authtypes_s;
-	while (*p)
+	while (p && *p)
 	{
 		char *s = strpbrk(p, " \t,");
 		int type = 0;
@@ -4027,6 +4035,8 @@ static void update_config()
 		config->radius_authtypes |= type;
 		if (!config->radius_authprefer)
 			config->radius_authprefer = type;
+
+		p = s;
 	}
 
 	if (!config->radius_authtypes)
@@ -4426,6 +4436,7 @@ static int add_plugin(char *plugin_name)
 		radiusnew,
 		radiussend,
 		getconfig,
+		sessionshutdown,
 		sessionkill,
 		throttle_session,
 		cluster_send_session,