X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/e8a19e982bd84e1d8334e093a3fa5e72e502b9da..75ba8921cf932ef11ccac40e5f7bf9627f9697e0:/ppp.c?ds=inline

diff --git a/ppp.c b/ppp.c
index 005d42a..a03c101 100644
--- a/ppp.c
+++ b/ppp.c
@@ -1,6 +1,6 @@
 // L2TPNS PPP Stuff
 
-char const *cvs_id_ppp = "$Id: ppp.c,v 1.76 2005/08/29 03:21:14 bodea Exp $";
+char const *cvs_id_ppp = "$Id: ppp.c,v 1.79 2005/08/31 12:41:09 bodea Exp $";
 
 #include <stdio.h>
 #include <string.h>
@@ -88,7 +88,7 @@ void processpap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 	if (session[s].ip || !(r = radiusnew(s)))
 	{
 		// respond now, either no RADIUS available or already authenticated
-		uint8_t b[MAXCONTROL];
+		uint8_t b[MAXETHER];
 		uint8_t id = p[1];
 		uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPPAP);
 		if (!p) return;
@@ -447,7 +447,7 @@ static uint8_t *ppp_nak(sessionidt s, uint8_t *buf, size_t blen, uint16_t mtype,
 // Process LCP messages
 void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 {
-	uint8_t b[MAXCONTROL];
+	uint8_t b[MAXETHER];
 	uint8_t *q = NULL;
 	uint32_t magicno = 0;
 	uint16_t hl;
@@ -521,7 +521,7 @@ void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 			if (session[s].ppp.lcp == Opened)
 				lcp_restart(s);
 
-			sendlcp(s, t, sess_local[s].lcp_authtype);
+			sendlcp(s, t);
 			change_state(s, lcp, RequestSent);
 			break;
 
@@ -651,7 +651,7 @@ void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 
 		case Stopped:
 		    	initialise_restart_count(s, lcp);
-			sendlcp(s, t, sess_local[s].lcp_authtype);
+			sendlcp(s, t);
 			if (*response == ConfigAck)
 				change_state(s, lcp, AckSent);
 			else
@@ -673,7 +673,7 @@ void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 
 		case Opened:
 		    	lcp_restart(s);
-			sendlcp(s, t, sess_local[s].lcp_authtype);
+			sendlcp(s, t);
 			/* fallthrough */
 
 		case AckSent:
@@ -694,7 +694,7 @@ void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 
 		tunnelsend(b, l + (response - b), t);
 	}
-	else if (*p == ConfigNak)
+	else if (*p == ConfigNak || *p == ConfigRej)
 	{
 		int x = l - 4;
 		uint8_t *o = (p + 4);
@@ -709,14 +709,24 @@ void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 			switch (type)
 			{
 				case 1: // Maximum-Receive-Unit
-					session[s].mru = ntohs(*(uint16_t *)(o + 2));
-					LOG(3, s, t, "    Remote requested MRU of %u\n", session[s].mru);
+					if (*p == ConfigNak)
+					{
+						session[s].mru = ntohs(*(uint16_t *)(o + 2));
+						LOG(3, s, t, "    Remote requested MRU of %u\n", session[s].mru);
+					}
+					else
+					{
+						session[s].mru = 0;
+						LOG(3, s, t, "    Remote rejected MRU negotiation\n");
+					}
+
 					break;
 
 				case 3: // Authentication-Protocol
 					if (authtype > 0)
 						break;
 
+					if (*p == ConfigNak)
 					{
 						int proto = ntohs(*(uint16_t *)(o + 2));
 						if (proto == PPPPAP)
@@ -737,11 +747,16 @@ void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 								proto);
 						}
 					}
+					else
+					{
+						LOG(2, s, t, "LCP: remote rejected auth negotiation\n");
+					    	authtype = 0; // shutdown
+					}
 
 					break;
 
 				default:
-				    	LOG(2, s, t, "    Remote NAKed LCP type %u?\n", type);
+				    	LOG(2, s, t, "LCP: remote sent %s for type %u?\n", ppp_code(*p), type);
 					break;
 			}
 			x -= length;
@@ -777,17 +792,17 @@ void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 		case RequestSent:
 		case AckSent:
 		    	initialise_restart_count(s, lcp);
-			sendlcp(s, t, sess_local[s].lcp_authtype);
+			sendlcp(s, t);
 			break;
 
 		case AckReceived:
 		    	LOG(2, s, t, "LCP: ConfigNak in state %s?  Sending ConfigReq\n", ppp_state(session[s].ppp.lcp));
-			sendlcp(s, t, sess_local[s].lcp_authtype);
+			sendlcp(s, t);
 			break;
 
 		case Opened:
 		    	lcp_restart(s);
-			sendlcp(s, t, sess_local[s].lcp_authtype);
+			sendlcp(s, t);
 			break;
 
 		default:
@@ -851,7 +866,7 @@ void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 	{
 		// Ignore it, last_packet time is set earlier than this.
 	}
-	else
+	else if (*p != CodeRej)
 	{
 		int code = *p;
 		int mru = session[s].mru;
@@ -896,7 +911,7 @@ static void ipcp_open(sessionidt s, tunnelidt t)
 // Process IPCP messages
 void processipcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 {
-	uint8_t b[MAXCONTROL];
+	uint8_t b[MAXETHER];
 	uint8_t *q = 0;
 	uint16_t hl;
 
@@ -1094,7 +1109,7 @@ void processipcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 		tunnelsend(b, l + (q - b), t);
 		change_state(s, ipcp, Stopped);
 	}
-	else
+	else if (*p != CodeRej)
 	{
 		int code = *p;
 		int mru = session[s].mru;
@@ -1128,7 +1143,7 @@ static void ipv6cp_open(sessionidt s, tunnelidt t)
 // Process IPV6CP messages
 void processipv6cp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 {
-	uint8_t b[MAXCONTROL];
+	uint8_t b[MAXETHER];
 	uint8_t *q = 0;
 	uint16_t hl;
 
@@ -1315,7 +1330,7 @@ void processipv6cp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 		tunnelsend(b, l + (q - b), t);
 		change_state(s, ipv6cp, Stopped);
 	}
-	else
+	else if (*p != CodeRej)
 	{
 		int code = *p;
 		int mru = session[s].mru;
@@ -1560,7 +1575,7 @@ void send_ipin(sessionidt s, uint8_t *buf, int len)
 // Process CCP messages
 void processccp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 {
-	uint8_t b[MAXCONTROL];
+	uint8_t b[MAXETHER];
 	uint8_t *q;
 
 	CSTAT(processccp);
@@ -1676,7 +1691,7 @@ void processccp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 		tunnelsend(b, l + (q - b), t);
 		change_state(s, ccp, Stopped);
 	}
-	else
+	else if (*p != CodeRej)
 	{
 		int code = *p;
 		int mru = session[s].mru;
@@ -1698,7 +1713,7 @@ void processccp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 // send a CHAP challenge
 void sendchap(sessionidt s, tunnelidt t)
 {
-	uint8_t b[MAXCONTROL];
+	uint8_t b[MAXETHER];
 	uint16_t r;
 	uint8_t *q;
 
@@ -1810,9 +1825,10 @@ static int add_lcp_auth(uint8_t *b, int size, int authtype)
 }
 
 // Send initial LCP ConfigReq for MRU, authentication type and magic no
-void sendlcp(sessionidt s, tunnelidt t, int authtype)
+void sendlcp(sessionidt s, tunnelidt t)
 {
 	uint8_t b[500], *q, *l;
+	int authtype = sess_local[s].lcp_authtype;
 
 	if (!(q = makeppp(b, sizeof(b), NULL, 0, s, t, PPPLCP)))
 		return;
@@ -1822,17 +1838,17 @@ void sendlcp(sessionidt s, tunnelidt t, int authtype)
 	    authtype ? (authtype == AUTHCHAP ? "CHAP" : "PAP") : "",
 	    authtype ? ")" : "");
 
-	if (!session[s].mru)
-		session[s].mru = DEFAULT_MRU;
-
 	l = q;
 	*l++ = ConfigReq;
 	*l++ = (time_now % 255) + 1; // ID
 
 	l += 2; //Save space for length
 
-	*l++ = 1; *l++ = 4; // Maximum-Receive-Unit (length 4)
-	*(uint16_t *) l = htons(session[s].mru); l += 2;
+	if (session[s].mru)
+	{
+		*l++ = 1; *l++ = 4; // Maximum-Receive-Unit (length 4)
+		*(uint16_t *) l = htons(session[s].mru); l += 2;
+	}
 
 	if (authtype)
 		l += add_lcp_auth(l, sizeof(b) - (l - b), authtype);