X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/bd5e68707a108e2a5ddcae287a3a4875fe65d4de..11e0f6910dd7f4bc2bee8683a5d472aba371ab5c:/ppp.c diff --git a/ppp.c b/ppp.c index 9a76d33..0a0dd45 100644 --- a/ppp.c +++ b/ppp.c @@ -1,6 +1,6 @@ // L2TPNS PPP Stuff -char const *cvs_id_ppp = "$Id: ppp.c,v 1.54 2005/05/10 00:56:12 bodea Exp $"; +char const *cvs_id_ppp = "$Id: ppp.c,v 1.62 2005/06/02 11:32:31 bodea Exp $"; #include #include @@ -150,7 +150,6 @@ void processchap(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) { LOG(1, s, t, "Unexpected CHAP message\n"); STAT(tunnel_rx_errors); - sessionshutdown(s, "Unexpected CHAP message.", 3, 0); return; } @@ -355,7 +354,33 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) if (*p == ConfigAck) { - LOG(3, s, t, "LCP: Discarding ConfigAck\n"); + int x = l - 4; + uint8_t *o = (p + 4); + + LOG(3, s, t, "LCP: ConfigAck (%d bytes)...\n", l); + if (config->debug > 3) dumplcp(p, l); + + while (x > 2) + { + int type = o[0]; + int length = o[1]; + + if (length == 0 || type == 0 || x < length) break; + switch (type) + { + case 3: // Authentication-Protocol + { + int proto = ntohs(*(uint16_t *)(o + 2)); + if (proto == PPPCHAP && *(o + 4) == 5) + sendchap(t, s); + } + + break; + } + x -= length; + o += length; + } + session[s].flags |= SF_LCP_ACKED; } else if (*p == ConfigReq) @@ -405,7 +430,6 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) *q++ = 6; memset(q, 0, 4); // asyncmap 0 q += 4; - *((uint16_t *) (response + 2)) = htons(q - response); // LCP header length break; case 3: // Authentication-Protocol @@ -466,7 +490,6 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) q = a; } - *((uint16_t *) (response + 2)) = htons(q - response); // LCP header length break; } break; @@ -498,22 +521,26 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) memcpy(q, o, length); q += length; - *((uint16_t *) (response + 2)) = htons(q - response); // LCP header length } x -= length; o += length; } - if (!response) + if (response) + { + l = q - response; // LCP packet length + *((uint16_t *) (response + 2)) = htons(l); // update header + } + else { - // Send back a ConfigAck - q = response = makeppp(b, sizeof(b), p, l, t, s, PPPLCP); - if (!q) return; - *q = ConfigAck; + // Send packet back as ConfigAck + response = makeppp(b, sizeof(b), p, l, t, s, PPPLCP); + if (!response) return; + *response = ConfigAck; } LOG(3, s, t, "Sending %s\n", ppp_lcp_type(*response)); - tunnelsend(b, l + (q - b), t); + tunnelsend(b, l + response - b, t); if (!(session[s].flags & SF_LCP_ACKED)) sendlcp(t, s, config->radius_authprefer); @@ -522,7 +549,7 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) { int x = l - 4; uint8_t *o = (p + 4); - int authtype = 0; + int authtype = -1; LOG(3, s, t, "LCP: ConfigNak (%d bytes)...\n", l); if (config->debug > 3) dumplcp(p, l); @@ -541,7 +568,7 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) break; case 3: // Authentication-Protocol - if (authtype) + if (authtype > 0) break; { @@ -565,21 +592,23 @@ void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) } } - if (!authtype) - { - sessionshutdown(s, "Unsupported authentication.", 3, 0); - return; - } - break; default: LOG(2, s, t, " Remote NAKed LCP type %u?\n", type); break; } + x -= length; + o += length; } if (!authtype) + { + sessionshutdown(s, "Unsupported authentication.", 3, 0); + return; + } + + if (authtype == -1) authtype = config->radius_authprefer; sendlcp(t, s, authtype); @@ -986,21 +1015,26 @@ void processipin(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) return; } + p += 4; + l -= 4; + if (session[s].snoop_ip && session[s].snoop_port) { // Snooping this session - snoop_send_packet(p + 4, l - 4, session[s].snoop_ip, session[s].snoop_port); + snoop_send_packet(p, l, session[s].snoop_ip, session[s].snoop_port); } - session[s].cin += l - 4; - session[s].total_cin += l - 4; - sess_local[s].cin += l - 4; - + increment_counter(&session[s].cin, &session[s].cin_wrap, l); + session[s].cin_delta += l; session[s].pin++; - eth_tx += l - 4; + + sess_local[s].cin += l; + sess_local[s].pin++; + + eth_tx += l; STAT(tun_tx_packets); - INC_STAT(tun_tx_bytes, l - 4); + INC_STAT(tun_tx_bytes, l); } // process IPv6 packet received @@ -1074,21 +1108,26 @@ void processipv6in(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) return; } + p += 4; + l -= 4; + if (session[s].snoop_ip && session[s].snoop_port) { // Snooping this session - snoop_send_packet(p + 4, l - 4, session[s].snoop_ip, session[s].snoop_port); + snoop_send_packet(p, l, session[s].snoop_ip, session[s].snoop_port); } - session[s].cin += l - 4; - session[s].total_cin += l - 4; - sess_local[s].cin += l - 4; - + increment_counter(&session[s].cin, &session[s].cin_wrap, l); + session[s].cin_delta += l; session[s].pin++; - eth_tx += l - 4; + + sess_local[s].cin += l; + sess_local[s].pin++; + + eth_tx += l; STAT(tun_tx_packets); - INC_STAT(tun_tx_bytes, l - 4); + INC_STAT(tun_tx_bytes, l); } // @@ -1108,19 +1147,24 @@ void send_ipin(sessionidt s, uint8_t *buf, int len) return; } + buf += 4; + len -= 4; + if (session[s].snoop_ip && session[s].snoop_port) { // Snooping this session - snoop_send_packet(buf + 4, len - 4, session[s].snoop_ip, session[s].snoop_port); + snoop_send_packet(buf, len, session[s].snoop_ip, session[s].snoop_port); } // Increment packet counters - session[s].cin += len - 4; - session[s].total_cin += len - 4; - sess_local[s].cin += len - 4; - + increment_counter(&session[s].cin, &session[s].cin_wrap, len); + session[s].cin_delta += len; session[s].pin++; - eth_tx += len - 4; + + sess_local[s].cin += len; + sess_local[s].pin++; + + eth_tx += len; STAT(tun_tx_packets); INC_STAT(tun_tx_bytes, len - 4); @@ -1299,7 +1343,7 @@ void sendlcp(tunnelidt t, sessionidt s, int authtype) return; LOG(4, s, t, "Sending LCP ConfigReq for %s\n", - config->radius_authprefer == AUTHCHAP ? "CHAP" : "PAP"); + authtype == AUTHCHAP ? "CHAP" : "PAP"); if (!session[s].mru) session[s].mru = DEFAULT_MRU;