X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/afc8f4c6c019f3cd4c8c28fbf7948b594de08658..3efd4f877afa6dbf12370e0be76921cd0b1037df:/l2tpns.c diff --git a/l2tpns.c b/l2tpns.c index 9acdeaf..4a91a3f 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -4,7 +4,7 @@ // Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced // vim: sw=8 ts=8 -char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.115 2005/07/31 10:04:10 bodea Exp $"; +char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.123 2005/08/12 08:35:16 bodea Exp $"; #include #include @@ -38,9 +38,9 @@ char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.115 2005/07/31 10:04:10 bodea Exp #include #include #include -#include #include +#include "md5.h" #include "l2tpns.h" #include "cluster.h" #include "plugin.h" @@ -1104,7 +1104,7 @@ static void processipout(uint8_t *buf, int len) // Add on L2TP header { - uint8_t *p = makeppp(b, sizeof(b), buf, len, t, s, PPPIP); + uint8_t *p = makeppp(b, sizeof(b), buf, len, s, t, PPPIP); if (!p) return; tunnelsend(b, len + (p-b), t); // send it... } @@ -1215,7 +1215,7 @@ static void processipv6out(uint8_t * buf, int len) // Add on L2TP header { - uint8_t *p = makeppp(b, sizeof(b), buf, len, t, s, PPPIPV6); + uint8_t *p = makeppp(b, sizeof(b), buf, len, s, t, PPPIPV6); if (!p) return; tunnelsend(b, len + (p-b), t); // send it... } @@ -1267,7 +1267,7 @@ static void send_ipout(sessionidt s, uint8_t *buf, int len) // Add on L2TP header { - uint8_t *p = makeppp(b, sizeof(b), buf, len, t, s, PPPIP); + uint8_t *p = makeppp(b, sizeof(b), buf, len, s, t, PPPIP); if (!p) return; tunnelsend(b, len + (p-b), t); // send it... } @@ -1366,7 +1366,7 @@ static void controlnull(tunnelidt t) } // add a control message to a tunnel, and send if within window -static void controladd(controlt * c, tunnelidt t, sessionidt far) +static void controladd(controlt *c, sessionidt far, tunnelidt t) { *(uint16_t *) (c->buf + 2) = htons(c->length); // length *(uint16_t *) (c->buf + 4) = htons(tunnel[t].far); // tunnel @@ -1558,7 +1558,7 @@ void sessionshutdown(sessionidt s, char *reason, int result, int error) control16(c, 1, result, 1); control16(c, 14, s, 1); // assigned session (our end) - controladd(c, session[s].tunnel, session[s].far); // send the message + controladd(c, session[s].far, session[s].tunnel); // send the message } if (!session[s].die) @@ -1578,12 +1578,13 @@ void sessionshutdown(sessionidt s, char *reason, int result, int error) cluster_send_session(s); } -void sendipcp(tunnelidt t, sessionidt s) +void sendipcp(sessionidt s, tunnelidt t) { uint8_t buf[MAXCONTROL]; uint8_t *q; CSTAT(sendipcp); + LOG(3, s, t, "IPCP: send ConfigReq\n"); if (!session[s].unique_id) { @@ -1591,7 +1592,7 @@ void sendipcp(tunnelidt t, sessionidt s) session[s].unique_id = last_id; } - q = makeppp(buf,sizeof(buf), 0, 0, t, s, PPPIPCP); + q = makeppp(buf,sizeof(buf), 0, 0, s, t, PPPIPCP); if (!q) return; *q = ConfigReq; @@ -1606,14 +1607,15 @@ void sendipcp(tunnelidt t, sessionidt s) tunnelsend(buf, 10 + (q - buf), t); // send it } -void sendipv6cp(tunnelidt t, sessionidt s) +void sendipv6cp(sessionidt s, tunnelidt t) { uint8_t buf[MAXCONTROL]; uint8_t *q; CSTAT(sendipv6cp); + LOG(3, s, t, "IPV6CP: send ConfigReq\n"); - q = makeppp(buf,sizeof(buf), 0, 0, t, s, PPPIPV6CP); + q = makeppp(buf,sizeof(buf), 0, 0, s, t, PPPIPV6CP); if (!q) return; *q = ConfigReq; @@ -1753,7 +1755,7 @@ static void tunnelshutdown(tunnelidt t, char *reason, int result, int error, cha control16(c, 1, result, 1); control16(c, 9, t, 1); // assigned tunnel (our end) - controladd(c, t, 0); // send the message + controladd(c, 0, t); // send the message } } @@ -1829,7 +1831,6 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) uint16_t message = 0xFFFF; // message type uint8_t fatal = 0; uint8_t mandatory = 0; - uint8_t authtype = 0; // proxy auth type uint16_t asession = 0; // assigned session uint32_t amagic = 0; // magic number uint8_t aflags = 0; // flags from last LCF @@ -2214,11 +2215,6 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) { uint16_t atype = ntohs(*(uint16_t *)b); LOG(4, s, t, " Proxy Auth Type %d (%s)\n", atype, ppp_auth_type(atype)); - if (atype == 2) - authtype = AUTHCHAP; - else if (atype == 3) - authtype = AUTHPAP; - break; } case 30: // Proxy Authentication Name @@ -2233,16 +2229,12 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) case 31: // Proxy Authentication Challenge { LOG(4, s, t, " Proxy Auth Challenge\n"); - if (sess_local[s].radius) - memcpy(radius[sess_local[s].radius].auth, b, 16); break; } case 32: // Proxy Authentication ID { uint16_t authid = ntohs(*(uint16_t *)(b)); LOG(4, s, t, " Proxy Auth ID (%d)\n", authid); - if (sess_local[s].radius) - radius[sess_local[s].radius].id = authid; break; } case 33: // Proxy Authentication Response @@ -2255,10 +2247,6 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) { if (*p == 5 && p[1] == 6) // Magic-Number amagic = ntohl(*(uint32_t *) (p + 2)); - else if (*p == 3 && p[1] == 4 && *(uint16_t *) (p + 2) == htons(PPPPAP)) // Authentication-Protocol (PAP) - authtype = AUTHPAP; - else if (*p == 3 && p[1] == 5 && *(uint16_t *) (p + 2) == htons(PPPCHAP) && p[4] == 5) // Authentication-Protocol (CHAP) - authtype = AUTHCHAP; else if (*p == 7) // Protocol-Field-Compression aflags |= SESSIONPFC; else if (*p == 8) // Address-and-Control-Field-Compression @@ -2309,7 +2297,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) controls(c, 7, tunnel[t].hostname, 1); // host name (TBA) if (chapresponse) controlb(c, 13, chapresponse, 16, 1); // Challenge response control16(c, 9, t, 1); // assigned tunnel - controladd(c, t, 0); // send the resply + controladd(c, 0, t); // send the resply } else { @@ -2357,7 +2345,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) session[s].last_packet = time_now; LOG(3, s, t, "New session (%d/%d)\n", tunnel[t].far, session[s].far); control16(c, 14, s, 1); // assigned session - controladd(c, t, asession); // send the reply + controladd(c, asession, t); // send the reply strncpy(session[s].called, called, sizeof(session[s].called) - 1); strncpy(session[s].calling, calling, sizeof(session[s].calling) - 1); @@ -2380,7 +2368,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) else control16(c, 1, 2, 7); // shutting down, try another - controladd(c, t, asession); // send the message + controladd(c, asession, t); // send the message } return; case 11: // ICRP @@ -2390,19 +2378,14 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) if (amagic == 0) amagic = time_now; session[s].magic = amagic; // set magic number session[s].l2tp_flags = aflags; // set flags received - LOG(3, s, t, "Magic %X Flags %X\n", amagic, aflags); controlnull(t); // ack - // proxy authentication type is not supported - if (!(config->radius_authtypes & authtype)) - authtype = config->radius_authprefer; - // start LCP - sendlcp(t, s, authtype); + sendlcp(s, t, config->radius_authprefer); sess_local[s].lcp.restart = time_now + config->ppp_restart_time; sess_local[s].lcp.conf_sent = 1; sess_local[s].lcp.nak_sent = 0; - sess_local[s].lcp_authtype = authtype; + sess_local[s].lcp_authtype = config->radius_authprefer; session[s].ppp.lcp = RequestSent; break; @@ -2476,37 +2459,37 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) { session[s].last_packet = time_now; if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } - processpap(t, s, p, l); + processpap(s, t, p, l); } else if (prot == PPPCHAP) { session[s].last_packet = time_now; if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } - processchap(t, s, p, l); + processchap(s, t, p, l); } else if (prot == PPPLCP) { session[s].last_packet = time_now; if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } - processlcp(t, s, p, l); + processlcp(s, t, p, l); } else if (prot == PPPIPCP) { session[s].last_packet = time_now; if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } - processipcp(t, s, p, l); + processipcp(s, t, p, l); } else if (prot == PPPIPV6CP) { session[s].last_packet = time_now; if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } - processipv6cp(t, s, p, l); + processipv6cp(s, t, p, l); } else if (prot == PPPCCP) { session[s].last_packet = time_now; if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } - processccp(t, s, p, l); + processccp(s, t, p, l); } else if (prot == PPPIP) { @@ -2523,7 +2506,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) return; } - processipin(t, s, p, l); + processipin(s, t, p, l); } else if (prot == PPPIPV6) { @@ -2545,7 +2528,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) return; } - processipv6in(t, s, p, l); + processipv6in(s, t, p, l); } else { @@ -2664,7 +2647,7 @@ static void regular_cleanups(double period) if (tunnel[t].state == TUNNELOPEN && tunnel[t].lastrec < TIME + 600) { controlt *c = controlnew(6); // sending HELLO - controladd(c, t, 0); // send the message + controladd(c, 0, t); // send the message LOG(3, 0, t, "Sending HELLO message\n"); t_actions++; } @@ -2719,7 +2702,7 @@ static void regular_cleanups(double period) } // PPP timeouts - if (sess_local[s].lcp.restart >= time_now) + if (sess_local[s].lcp.restart <= time_now) { int next_state = session[s].ppp.lcp; switch (session[s].ppp.lcp) @@ -2734,7 +2717,7 @@ static void regular_cleanups(double period) LOG(3, s, session[s].tunnel, "No ACK for LCP ConfigReq... resending\n"); sess_local[s].lcp.restart = time_now + config->ppp_restart_time; sess_local[s].lcp.conf_sent++; - sendlcp(t, s, sess_local[s].lcp_authtype); + sendlcp(s, session[s].tunnel, sess_local[s].lcp_authtype); change_state(s, lcp, next_state); } else @@ -2750,7 +2733,7 @@ static void regular_cleanups(double period) continue; } - if (sess_local[s].ipcp.restart >= time_now) + if (sess_local[s].ipcp.restart <= time_now) { int next_state = session[s].ppp.ipcp; switch (session[s].ppp.ipcp) @@ -2765,7 +2748,7 @@ static void regular_cleanups(double period) LOG(3, s, session[s].tunnel, "No ACK for IPCP ConfigReq... resending\n"); sess_local[s].ipcp.restart = time_now + config->ppp_restart_time; sess_local[s].ipcp.conf_sent++; - sendipcp(t, s); + sendipcp(s, session[s].tunnel); change_state(s, ipcp, next_state); } else @@ -2781,7 +2764,7 @@ static void regular_cleanups(double period) continue; } - if (sess_local[s].ipv6cp.restart >= time_now) + if (sess_local[s].ipv6cp.restart <= time_now) { int next_state = session[s].ppp.ipv6cp; switch (session[s].ppp.ipv6cp) @@ -2796,7 +2779,7 @@ static void regular_cleanups(double period) LOG(3, s, session[s].tunnel, "No ACK for IPV6CP ConfigReq... resending\n"); sess_local[s].ipv6cp.restart = time_now + config->ppp_restart_time; sess_local[s].ipv6cp.conf_sent++; - sendipv6cp(t, s); + sendipv6cp(s, session[s].tunnel); change_state(s, ipv6cp, next_state); } else @@ -2809,7 +2792,7 @@ static void regular_cleanups(double period) } } - if (sess_local[s].ccp.restart >= time_now) + if (sess_local[s].ccp.restart <= time_now) { int next_state = session[s].ppp.ccp; switch (session[s].ppp.ccp) @@ -2824,7 +2807,7 @@ static void regular_cleanups(double period) LOG(3, s, session[s].tunnel, "No ACK for CCP ConfigReq... resending\n"); sess_local[s].ccp.restart = time_now + config->ppp_restart_time; sess_local[s].ccp.conf_sent++; - sendccp(t, s); + sendccp(s, session[s].tunnel); change_state(s, ccp, next_state); } else @@ -2851,7 +2834,7 @@ static void regular_cleanups(double period) { uint8_t b[MAXCONTROL] = {0}; - uint8_t *q = makeppp(b, sizeof(b), 0, 0, session[s].tunnel, s, PPPLCP); + uint8_t *q = makeppp(b, sizeof(b), 0, 0, s, session[s].tunnel, PPPLCP); if (!q) continue; *q = EchoReq; @@ -4404,7 +4387,7 @@ static void read_config_file() update_config(); } -int sessionsetup(tunnelidt t, sessionidt s) +int sessionsetup(sessionidt s, tunnelidt t) { // A session now exists, set it up in_addr_t ip; @@ -4483,7 +4466,7 @@ int sessionsetup(tunnelidt t, sessionidt s) } sess_local[s].lcp_authtype = 0; // RADIUS authentication complete - lcp_open(t, s); // transition to Network phase and send initial IPCP + lcp_open(s, t); // transition to Network phase and send initial IPCP // Run the plugin's against this new session. {