X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/aabf1d3fe915334f5ffab9b8e1076917add14358..23b599442a142e123b8d5f1d9541322c70f0a1a3:/ppp.c diff --git a/ppp.c b/ppp.c index a604755..630ca59 100644 --- a/ppp.c +++ b/ppp.c @@ -1,6 +1,6 @@ // L2TPNS PPP Stuff -char const *cvs_id_ppp = "$Id: ppp.c,v 1.65 2005-07-31 10:04:10 bodea Exp $"; +char const *cvs_id_ppp = "$Id: ppp.c,v 1.72 2005-08-12 08:18:46 bodea Exp $"; #include #include @@ -26,7 +26,7 @@ extern configt *config; static int add_lcp_auth(uint8_t *b, int size, int authtype); // Process PAP messages -void processpap(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) +void processpap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) { char user[MAXUSER]; char pass[MAXPASS]; @@ -85,13 +85,12 @@ void processpap(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) LOG(3, s, t, "PAP login %s/%s\n", user, pass); } - r = radiusnew(s); - if (session[s].ip || !r) + if (session[s].ip || !(r = radiusnew(s))) { // respond now, either no RADIUS available or already authenticated uint8_t b[MAXCONTROL]; uint8_t id = p[1]; - uint8_t *p = makeppp(b, sizeof(b), 0, 0, t, s, PPPPAP); + uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPPAP); if (!p) return; if (session[s].ip) @@ -134,13 +133,13 @@ void processpap(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) free(packet.password); radius[r].id = p[1]; - LOG(3, s, t, "Sending login for %s/%s to radius\n", user, pass); + LOG(3, s, t, "Sending login for %s/%s to RADIUS\n", user, pass); radiussend(r, RADIUSAUTH); } } // Process CHAP messages -void processchap(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) +void processchap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) { uint16_t r; uint16_t hl; @@ -289,24 +288,24 @@ static void dumplcp(uint8_t *p, int l) LOG(4, 0, 0, " %s %x\n", ppp_lcp_option(type), asyncmap); } else - LOG(4, 0, 0, " %s odd length %d\n", ppp_lcp_option(type), length); + LOG(4, 0, 0, " %s odd length %d\n", ppp_lcp_option(type), length); break; case 3: // Authentication-Protocol if (length == 4) { int proto = ntohs(*(uint16_t *)(o + 2)); - LOG(4, 0, 0, " %s 0x%x (%s)\n", ppp_lcp_option(type), proto, + LOG(4, 0, 0, " %s 0x%x (%s)\n", ppp_lcp_option(type), proto, proto == PPPPAP ? "PAP" : "UNSUPPORTED"); } else if (length == 5) { int proto = ntohs(*(uint16_t *)(o + 2)); int algo = *(uint8_t *)(o + 4); - LOG(4, 0, 0, " %s 0x%x 0x%x (%s)\n", ppp_lcp_option(type), proto, algo, + LOG(4, 0, 0, " %s 0x%x 0x%x (%s)\n", ppp_lcp_option(type), proto, algo, (proto == PPPCHAP && algo == 5) ? "CHAP MD5" : "UNSUPPORTED"); } else - LOG(4, 0, 0, " %s odd length %d\n", ppp_lcp_option(type), length); + LOG(4, 0, 0, " %s odd length %d\n", ppp_lcp_option(type), length); break; case 4: // Quality-Protocol { @@ -321,7 +320,7 @@ static void dumplcp(uint8_t *p, int l) LOG(4, 0, 0, " %s %x\n", ppp_lcp_option(type), magicno); } else - LOG(4, 0, 0, " %s odd length %d\n", ppp_lcp_option(type), length); + LOG(4, 0, 0, " %s odd length %d\n", ppp_lcp_option(type), length); break; case 7: // Protocol-Field-Compression case 8: // Address-And-Control-Field-Compression @@ -336,23 +335,25 @@ static void dumplcp(uint8_t *p, int l) } } -void lcp_open(tunnelidt t, sessionidt s) +void lcp_open(sessionidt s, tunnelidt t) { // transition to Authentication or Network phase: session[s].ppp.phase = sess_local[s].lcp_authtype ? Authenticate : Network; + LOG(3, s, t, "LCP: Opened, phase %s\n", ppp_phase(session[s].ppp.phase)); + // LCP now Opened change_state(s, lcp, Opened); if (session[s].ppp.phase == Authenticate) { if (sess_local[s].lcp_authtype == AUTHCHAP) - sendchap(t, s); + sendchap(s, t); } else { // This-Layer-Up - sendipcp(t, s); + sendipcp(s, t); change_state(s, ipcp, RequestSent); // move to passive state for IPv6 (if configured), CCP if (config->ipv6_prefix.s6_addr[0]) @@ -378,7 +379,7 @@ static uint8_t *ppp_rej(sessionidt s, uint8_t *buf, size_t blen, uint16_t mtype, { if (!*response || **response != ConfigRej) { - queued = *response = makeppp(buf, blen, packet, 2, session[s].tunnel, s, mtype); + queued = *response = makeppp(buf, blen, packet, 2, s, session[s].tunnel, mtype); if (!queued) return 0; @@ -422,7 +423,7 @@ static uint8_t *ppp_nak(sessionidt s, uint8_t *buf, size_t blen, uint16_t mtype, if (*nak_sent >= config->ppp_max_failure) return ppp_rej(s, buf, blen, mtype, response, 0, packet, option); - queued = *response = makeppp(buf, blen, packet, 2, session[s].tunnel, s, mtype); + queued = *response = makeppp(buf, blen, packet, 2, s, session[s].tunnel, mtype); if (!queued) return 0; @@ -444,7 +445,7 @@ static uint8_t *ppp_nak(sessionidt s, uint8_t *buf, size_t blen, uint16_t mtype, } // Process LCP messages -void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) +void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) { uint8_t b[MAXCONTROL]; uint8_t *q = NULL; @@ -472,15 +473,15 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) if (session[s].die) // going down... return; + LOG(*p == EchoReq ? 4 : 3, s, t, "LCP: recv %s\n", ppp_code(*p)); + if (config->debug > 3) dumplcp(p, l); + if (*p == ConfigAck) { int x = l - 4; uint8_t *o = (p + 4); int authtype = 0; - LOG(3, s, t, "LCP: ConfigAck (%d bytes)...\n", l); - if (config->debug > 3) dumplcp(p, l); - while (x > 2) { int type = o[0]; @@ -516,7 +517,7 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) case AckReceived: case Opened: - LOG(3, s, t, "LCP: ConfigAck in state %s? Sending ConfigReq\n", ppp_state(session[s].ppp.lcp)); + LOG(2, s, t, "LCP: ConfigAck in state %s? Sending ConfigReq\n", ppp_state(session[s].ppp.lcp)); if (session[s].ppp.lcp == Opened) lcp_restart(s); @@ -525,11 +526,11 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) break; case AckSent: - lcp_open(t, s); + lcp_open(s, t); break; default: - LOG(3, s, t, "LCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.lcp)); + LOG(2, s, t, "LCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.lcp)); } } else if (*p == ConfigReq) @@ -540,9 +541,6 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) static uint8_t asyncmap[4] = { 0, 0, 0, 0 }; // all zero static uint8_t authproto[5]; - LOG(3, s, t, "LCP: ConfigReq (%d bytes)...\n", l); - if (config->debug > 3) dumplcp(p, l); - while (x > 2) { int type = o[0]; @@ -559,7 +557,7 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) if (!ntohl(*(uint32_t *)(o + 2))) // all bits zero is OK break; - LOG(2, s, t, " Remote requesting asyncmap. Rejecting.\n"); + LOG(3, s, t, " Remote requesting asyncmap. Rejecting.\n"); q = ppp_nak(s, b, sizeof(b), PPPLCP, &response, q, p, o, asyncmap, sizeof(asyncmap)); break; @@ -593,7 +591,7 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) else sprintf(proto_name, "%#4.4x", proto); - LOG(2, s, t, " Remote requesting %s authentication. Rejecting.\n", proto_name); + LOG(3, s, t, " Remote requesting %s authentication. Rejecting.\n", proto_name); alen = add_lcp_auth(authproto, sizeof(authproto), config->radius_authprefer); if (alen < 2) break; // paranoia @@ -622,7 +620,7 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) break; default: // Reject any unknown options - LOG(2, s, t, " Rejecting PPP LCP Option type %d\n", type); + LOG(3, s, t, " Rejecting unknown PPP LCP option %d\n", type); q = ppp_rej(s, b, sizeof(b), PPPLCP, &response, q, p, o); } x -= length; @@ -637,7 +635,7 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) else { // Send packet back as ConfigAck - response = makeppp(b, sizeof(b), p, l, t, s, PPPLCP); + response = makeppp(b, sizeof(b), p, l, s, t, PPPLCP); if (!response) return; *response = ConfigAck; } @@ -645,7 +643,7 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) switch (session[s].ppp.lcp) { case Closed: - response = makeppp(b, sizeof(b), p, 2, t, s, PPPLCP); + response = makeppp(b, sizeof(b), p, 2, s, t, PPPLCP); if (!response) return; *response = TerminateAck; *((uint16_t *) (response + 2)) = htons(l = 4); @@ -669,7 +667,7 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) case AckReceived: if (*response == ConfigAck) - lcp_open(t, s); + lcp_open(s, t); break; @@ -687,11 +685,13 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) break; default: - LOG(3, s, t, "LCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.lcp)); + LOG(2, s, t, "LCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.lcp)); return; } - LOG(3, s, t, "LCP: Sending %s\n", ppp_code(*response)); + LOG(3, s, t, "LCP: send %s\n", ppp_code(*response)); + if (config->debug > 3) dumplcp(response, l); + tunnelsend(b, l + (response - b), t); } else if (*p == ConfigNak) @@ -700,9 +700,6 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) uint8_t *o = (p + 4); int authtype = -1; - LOG(3, s, t, "LCP: ConfigNak (%d bytes)...\n", l); - if (config->debug > 3) dumplcp(p, l); - while (x > 2) { int type = o[0]; @@ -765,10 +762,14 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) case Closed: case Stopped: { - uint8_t *response = makeppp(b, sizeof(b), p, 2, t, s, PPPLCP); + uint8_t *response = makeppp(b, sizeof(b), p, 2, s, t, PPPLCP); if (!response) return; *response = TerminateAck; *((uint16_t *) (response + 2)) = htons(l = 4); + + LOG(3, s, t, "LCP: send %s\n", ppp_code(*response)); + if (config->debug > 3) dumplcp(response, l); + tunnelsend(b, l + (response - b), t); } break; @@ -780,7 +781,7 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) break; case AckReceived: - LOG(3, s, t, "LCP: ConfigNak in state %s? Sending ConfigReq\n", ppp_state(session[s].ppp.lcp)); + LOG(2, s, t, "LCP: ConfigNak in state %s? Sending ConfigReq\n", ppp_state(session[s].ppp.lcp)); sendlcp(s, t, sess_local[s].lcp_authtype); break; @@ -790,16 +791,19 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) break; default: - LOG(3, s, t, "LCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.lcp)); + LOG(2, s, t, "LCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.lcp)); return; } } else if (*p == TerminateReq) { - LOG(3, s, t, "LCP: Received TerminateReq. Sending TerminateAck\n"); *p = TerminateAck; // close - q = makeppp(b, sizeof(b), p, l, t, s, PPPLCP); + q = makeppp(b, sizeof(b), p, l, s, t, PPPLCP); if (!q) return; + + LOG(3, s, t, "LCP: send %s\n", ppp_code(*q)); + if (config->debug > 3) dumplcp(q, l); + tunnelsend(b, l + (q - b), t); // send it sessionshutdown(s, "Remote end closed connection.", 3, 0); } @@ -823,11 +827,14 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) } else if (*p == EchoReq) { - LOG(5, s, t, "LCP: Received EchoReq. Sending EchoReply\n"); *p = EchoReply; // reply *(uint32_t *) (p + 4) = htonl(session[s].magic); // our magic number - q = makeppp(b, sizeof(b), p, l, t, s, PPPLCP); + q = makeppp(b, sizeof(b), p, l, s, t, PPPLCP); if (!q) return; + + LOG(4, s, t, "LCP: send %s\n", ppp_code(*q)); + if (config->debug > 3) dumplcp(q, l); + tunnelsend(b, l + (q - b), t); // send it } else if (*p == EchoReply) @@ -844,17 +851,20 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) if (l > mru) l = mru; *p = CodeRej; - q = makeppp(b, sizeof(b), p, l, t, s, PPPLCP); + q = makeppp(b, sizeof(b), p, l, s, t, PPPLCP); if (!q) return; - LOG(3, s, t, "Unexpected LCP code %s\n", ppp_code(code)); + LOG(2, s, t, "Unexpected LCP code %s\n", ppp_code(code)); + LOG(3, s, t, "LCP: send %s\n", ppp_code(*q)); + if (config->debug > 3) dumplcp(q, l); + tunnelsend(b, l + (q - b), t); } } -static void ipcp_open(tunnelidt t, sessionidt s) +static void ipcp_open(sessionidt s, tunnelidt t) { - LOG(3, s, t, "IPCP Acked, session is now active\n"); + LOG(3, s, t, "IPCP: Opened, session is now active\n"); change_state(s, ipcp, Opened); @@ -868,13 +878,13 @@ static void ipcp_open(tunnelidt t, sessionidt s) // start IPv6 if configured and still in passive state if (session[s].ppp.ipv6cp == Stopped) { - sendipv6cp(t, s); + sendipv6cp(s, t); change_state(s, ipv6cp, RequestSent); } } // Process IPCP messages -void processipcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) +void processipcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) { uint8_t b[MAXCONTROL]; uint8_t *q = 0; @@ -904,6 +914,8 @@ void processipcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) return; } + LOG(3, s, t, "IPCP: recv %s\n", ppp_code(*p)); + if (*p == ConfigAck) { switch (session[s].ppp.ipcp) @@ -915,17 +927,17 @@ void processipcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) case AckReceived: case Opened: - LOG(3, s, t, "IPCP: ConfigAck in state %s? Sending ConfigReq\n", ppp_state(session[s].ppp.ipcp)); + LOG(2, s, t, "IPCP: ConfigAck in state %s? Sending ConfigReq\n", ppp_state(session[s].ppp.ipcp)); sendipcp(s, t); change_state(s, ipcp, RequestSent); break; case AckSent: - ipcp_open(t, s); + ipcp_open(s, t); break; default: - LOG(3, s, t, "IPCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.ipcp)); + LOG(2, s, t, "IPCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.ipcp)); } } else if (*p == ConfigReq) @@ -936,8 +948,6 @@ void processipcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) int gotip = 0; in_addr_t addr; - LOG(4, s, t, "IPCP ConfigReq received\n"); - while (length > 2) { switch (*o) @@ -1001,7 +1011,7 @@ void processipcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) else if (gotip) { // Send packet back as ConfigAck - response = makeppp(b, sizeof(b), p, l, t, s, PPPIPCP); + response = makeppp(b, sizeof(b), p, l, s, t, PPPIPCP); if (!response) return; *response = ConfigAck; } @@ -1015,7 +1025,7 @@ void processipcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) switch (session[s].ppp.ipcp) { case Closed: - response = makeppp(b, sizeof(b), p, 2, t, s, PPPIPCP); + response = makeppp(b, sizeof(b), p, 2, s, t, PPPIPCP); if (!response) return; *response = TerminateAck; *((uint16_t *) (response + 2)) = htons(l = 4); @@ -1039,7 +1049,7 @@ void processipcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) case AckReceived: if (*response == ConfigAck) - ipcp_open(t, s); + ipcp_open(s, t); break; @@ -1057,19 +1067,19 @@ void processipcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) break; default: - LOG(3, s, t, "IPCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.ipcp)); + LOG(2, s, t, "IPCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.ipcp)); return; } - LOG(3, s, t, "IPCP: Sending %s\n", ppp_code(*response)); + LOG(3, s, t, "IPCP: send %s\n", ppp_code(*response)); tunnelsend(b, l + (response - b), t); } else if (*p == TerminateReq) { - LOG(3, s, t, "IPCP: Received TerminateReq. Sending TerminateAck\n"); *p = TerminateAck; - q = makeppp(b, sizeof(b), p, l, t, s, PPPIPCP); + q = makeppp(b, sizeof(b), p, l, s, t, PPPIPCP); if (!q) return; + LOG(3, s, t, "IPCP: send %s\n", ppp_code(*q)); tunnelsend(b, l + (q - b), t); change_state(s, ipcp, Stopped); } @@ -1083,28 +1093,29 @@ void processipcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) if (l > mru) l = mru; *p = CodeRej; - q = makeppp(b, sizeof(b), p, l, t, s, PPPIPCP); + q = makeppp(b, sizeof(b), p, l, s, t, PPPIPCP); if (!q) return; - LOG(3, s, t, "Unexpected IPCP code %s\n", ppp_code(code)); + LOG(2, s, t, "Unexpected IPCP code %s\n", ppp_code(code)); + LOG(3, s, t, "IPCP: send %s\n", ppp_code(*q)); tunnelsend(b, l + (q - b), t); } } -static void ipv6cp_open(tunnelidt t, sessionidt s) +static void ipv6cp_open(sessionidt s, tunnelidt t) { - LOG(3, s, t, "IPV6CP Acked\n"); + LOG(3, s, t, "IPV6CP: Opened\n"); change_state(s, ipv6cp, Opened); if (session[s].ipv6prefixlen) route6set(s, session[s].ipv6route, session[s].ipv6prefixlen, 1); // Send an initial RA (TODO: Should we send these regularly?) - send_ipv6_ra(t, s, NULL); + send_ipv6_ra(s, t, NULL); } // Process IPV6CP messages -void processipv6cp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) +void processipv6cp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) { uint8_t b[MAXCONTROL]; uint8_t *q = 0; @@ -1134,11 +1145,13 @@ void processipv6cp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) return; } + LOG(3, s, t, "IPV6CP: recv %s\n", ppp_code(*p)); + if (!config->ipv6_prefix.s6_addr[0]) { - LOG(2, s, t, "IPV6CP %s rejected (not configured)\n", ppp_code(*p)); + LOG(2, s, t, "IPV6CP: %s rejected (not configured)\n", ppp_code(*p)); *p = ProtocolRej; - q = makeppp(b, sizeof(b), p, l, t, s, PPPIPV6CP); + q = makeppp(b, sizeof(b), p, l, s, t, PPPIPV6CP); if (!q) return; tunnelsend(b, l + (q - b), t); return; @@ -1161,17 +1174,17 @@ void processipv6cp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) case AckReceived: case Opened: - LOG(3, s, t, "IPV6CP: ConfigAck in state %s? Sending ConfigReq\n", ppp_state(session[s].ppp.ipv6cp)); + LOG(2, s, t, "IPV6CP: ConfigAck in state %s? Sending ConfigReq\n", ppp_state(session[s].ppp.ipv6cp)); sendipv6cp(s, t); change_state(s, ipv6cp, RequestSent); break; case AckSent: - ipv6cp_open(t, s); + ipv6cp_open(s, t); break; default: - LOG(3, s, t, "IPV6CP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.ipv6cp)); + LOG(2, s, t, "IPV6CP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.ipv6cp)); } } else if (*p == ConfigReq) @@ -1182,8 +1195,6 @@ void processipv6cp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) int gotip = 0; uint8_t ident[8]; - LOG(4, s, t, "IPV6CP ConfigReq received\n"); - while (length > 2) { switch (*o) @@ -1221,7 +1232,7 @@ void processipv6cp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) else if (gotip) { // Send packet back as ConfigAck - response = makeppp(b, sizeof(b), p, l, t, s, PPPIPV6CP); + response = makeppp(b, sizeof(b), p, l, s, t, PPPIPV6CP); if (!response) return; *response = ConfigAck; } @@ -1235,7 +1246,7 @@ void processipv6cp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) switch (session[s].ppp.ipv6cp) { case Closed: - response = makeppp(b, sizeof(b), p, 2, t, s, PPPIPV6CP); + response = makeppp(b, sizeof(b), p, 2, s, t, PPPIPV6CP); if (!response) return; *response = TerminateAck; *((uint16_t *) (response + 2)) = htons(l = 4); @@ -1259,7 +1270,7 @@ void processipv6cp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) case AckReceived: if (*response == ConfigAck) - ipv6cp_open(t, s); + ipv6cp_open(s, t); break; @@ -1277,19 +1288,19 @@ void processipv6cp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) break; default: - LOG(3, s, t, "IPV6CP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.ipv6cp)); + LOG(2, s, t, "IPV6CP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.ipv6cp)); return; } - LOG(3, s, t, "IPV6CP: Sending %s\n", ppp_code(*response)); + LOG(3, s, t, "IPV6CP: send %s\n", ppp_code(*response)); tunnelsend(b, l + (response - b), t); } else if (*p == TerminateReq) { - LOG(3, s, t, "IPV6CP: Received TerminateReq. Sending TerminateAck\n"); *p = TerminateAck; - q = makeppp(b, sizeof(b), p, l, t, s, PPPIPV6CP); + q = makeppp(b, sizeof(b), p, l, s, t, PPPIPV6CP); if (!q) return; + LOG(3, s, t, "IPV6CP: send %s\n", ppp_code(*q)); tunnelsend(b, l + (q - b), t); change_state(s, ipv6cp, Stopped); } @@ -1303,10 +1314,11 @@ void processipv6cp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) if (l > mru) l = mru; *p = CodeRej; - q = makeppp(b, sizeof(b), p, l, t, s, PPPIPV6CP); + q = makeppp(b, sizeof(b), p, l, s, t, PPPIPV6CP); if (!q) return; - LOG(3, s, t, "Unexpected IPV6CP code %s\n", ppp_code(code)); + LOG(2, s, t, "Unexpected IPV6CP code %s\n", ppp_code(code)); + LOG(3, s, t, "IPV6CP: send %s\n", ppp_code(*q)); tunnelsend(b, l + (q - b), t); } } @@ -1315,7 +1327,7 @@ void processipv6cp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) // // This MUST be called with at least 4 byte behind 'p'. // (i.e. this routine writes to p[-4]). -void processipin(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) +void processipin(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) { in_addr_t ip; @@ -1401,7 +1413,7 @@ void processipin(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) // // This MUST be called with at least 4 byte behind 'p'. // (i.e. this routine writes to p[-4]). -void processipv6in(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) +void processipv6in(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) { struct in6_addr ip; in_addr_t ipv4; @@ -1438,7 +1450,7 @@ void processipv6in(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) *(uint32_t *)(p + 34) == 0 && *(p + 38) == 0 && *(p + 39) == 2 && *(p + 40) == 133) { LOG(3, s, t, "Got IPv6 RS\n"); - send_ipv6_ra(t, s, &ip); + send_ipv6_ra(s, t, &ip); return; } @@ -1535,7 +1547,7 @@ void send_ipin(sessionidt s, uint8_t *buf, int len) // Process CCP messages -void processccp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) +void processccp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) { uint8_t b[MAXCONTROL]; uint8_t *q; @@ -1556,6 +1568,7 @@ void processccp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) STAT(tunnel_rx_errors); } + LOG(3, s, t, "CCP: recv %s\n", ppp_code(*p)); if (*p == ConfigAck) { switch (session[s].ppp.ccp) @@ -1567,18 +1580,18 @@ void processccp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) case AckReceived: case Opened: - LOG(3, s, t, "CCP: ConfigAck in state %s? Sending ConfigReq\n", ppp_state(session[s].ppp.ccp)); + LOG(2, s, t, "CCP: ConfigAck in state %s? Sending ConfigReq\n", ppp_state(session[s].ppp.ccp)); sendccp(s, t); change_state(s, ccp, RequestSent); break; case AckSent: - LOG(3, s, t, "CCP Acked\n"); + LOG(3, s, t, "CCP: Opened\n"); change_state(s, ccp, Opened); break; default: - LOG(3, s, t, "CCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.ccp)); + LOG(2, s, t, "CCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.ccp)); } } else if (*p == ConfigReq) @@ -1588,13 +1601,13 @@ void processccp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) else // compression requested--reject *p = ConfigRej; - q = makeppp(b, sizeof(b), p, l, t, s, PPPCCP); + q = makeppp(b, sizeof(b), p, l, s, t, PPPCCP); if (!q) return; switch (session[s].ppp.ccp) { case Closed: - q = makeppp(b, sizeof(b), p, 2, t, s, PPPCCP); + q = makeppp(b, sizeof(b), p, 2, s, t, PPPCCP); if (!q) return; *q = TerminateAck; *((uint16_t *) (q + 2)) = htons(l = 4); @@ -1636,19 +1649,19 @@ void processccp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) break; default: - LOG(3, s, t, "CCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.ccp)); + LOG(2, s, t, "CCP: ignoring %s in state %s\n", ppp_code(*p), ppp_state(session[s].ppp.ccp)); return; } - LOG(3, s, t, "CCP: Sending %s\n", ppp_code(*q)); + LOG(3, s, t, "CCP: send %s\n", ppp_code(*q)); tunnelsend(b, l + (q - b), t); } else if (*p == TerminateReq) { - LOG(3, s, t, "CCP: Received TerminateReq. Sending TerminateAck\n"); *p = TerminateAck; - q = makeppp(b, sizeof(b), p, l, t, s, PPPCCP); + q = makeppp(b, sizeof(b), p, l, s, t, PPPCCP); if (!q) return; + LOG(3, s, t, "CCP: send %s\n", ppp_code(*q)); tunnelsend(b, l + (q - b), t); change_state(s, ccp, Stopped); } @@ -1662,23 +1675,25 @@ void processccp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) if (l > mru) l = mru; *p = CodeRej; - q = makeppp(b, sizeof(b), p, l, t, s, PPPCCP); + q = makeppp(b, sizeof(b), p, l, s, t, PPPCCP); if (!q) return; - LOG(3, s, t, "Unexpected CCP code %s\n", ppp_code(code)); + LOG(2, s, t, "Unexpected CCP code %s\n", ppp_code(code)); + LOG(3, s, t, "CCP: send %s\n", ppp_code(*q)); tunnelsend(b, l + (q - b), t); } } // send a CHAP challenge -void sendchap(tunnelidt t, sessionidt s) +void sendchap(sessionidt s, tunnelidt t) { uint8_t b[MAXCONTROL]; - uint16_t r = sess_local[s].radius; + uint16_t r; uint8_t *q; CSTAT(sendchap); + r = radiusnew(s); if (!r) { LOG(1, s, t, "No RADIUS to send challenge\n"); @@ -1701,7 +1716,7 @@ void sendchap(tunnelidt t, sessionidt s) STAT(tunnel_tx_errors); return ; } - q = makeppp(b, sizeof(b), 0, 0, t, s, PPPCHAP); + q = makeppp(b, sizeof(b), 0, 0, s, t, PPPCHAP); if (!q) return; *q = 1; // challenge @@ -1716,7 +1731,7 @@ void sendchap(tunnelidt t, sessionidt s) // fill in a L2TP message with a PPP frame, // copies existing PPP message and changes magic number if seen // returns start of PPP frame -uint8_t *makeppp(uint8_t *b, int size, uint8_t *p, int l, tunnelidt t, sessionidt s, uint16_t mtype) +uint8_t *makeppp(uint8_t *b, int size, uint8_t *p, int l, sessionidt s, tunnelidt t, uint16_t mtype) { if (size < 12) // Need more space than this!! { @@ -1784,16 +1799,17 @@ static int add_lcp_auth(uint8_t *b, int size, int authtype) } // Send initial LCP ConfigReq for MRU, authentication type and magic no -void sendlcp(tunnelidt t, sessionidt s, int authtype) +void sendlcp(sessionidt s, tunnelidt t, int authtype) { uint8_t b[500], *q, *l; - if (!(q = makeppp(b, sizeof(b), NULL, 0, t, s, PPPLCP))) + if (!(q = makeppp(b, sizeof(b), NULL, 0, s, t, PPPLCP))) return; - LOG(4, s, t, "Sending LCP ConfigReq%s%s\n", - authtype ? " for " : "", - authtype ? (authtype == AUTHCHAP ? "CHAP" : "PAP") : ""); + LOG(3, s, t, "LCP: send ConfigReq%s%s%s\n", + authtype ? " (" : "", + authtype ? (authtype == AUTHCHAP ? "CHAP" : "PAP") : "", + authtype ? ")" : ""); if (!session[s].mru) session[s].mru = DEFAULT_MRU; @@ -1817,18 +1833,21 @@ void sendlcp(tunnelidt t, sessionidt s, int authtype) *(uint16_t *)(q + 2) = htons(l - q); // Length LOG_HEX(5, "PPPLCP", q, l - q); + if (config->debug > 3) dumplcp(q, l - q); + tunnelsend(b, (l - b), t); } // Send CCP request for no compression -void sendccp(tunnelidt t, sessionidt s) +void sendccp(sessionidt s, tunnelidt t) { uint8_t b[500], *q; - if (!(q = makeppp(b, sizeof(b), NULL, 0, t, s, PPPCCP))) + if (!(q = makeppp(b, sizeof(b), NULL, 0, s, t, PPPCCP))) return; - LOG(4, s, t, "Sending CCP ConfigReq for no compression\n"); + LOG(3, s, t, "CCP: send ConfigReq (no compression)\n"); + *q = ConfigReq; *(uint8_t *)(q + 1) = (time_now % 255) + 1; // ID *(uint16_t *)(q + 2) = htons(4); // Length