allow DNS servers to be specified using either old or new vendor-specific Ascend...
authorBrendan O'Dea <bod@optus.net>
Wed, 2 Aug 2006 14:17:30 +0000 (14:17 +0000)
committerBrendan O'Dea <bod@optus.net>
Wed, 2 Aug 2006 14:17:30 +0000 (14:17 +0000)
Changes
l2tpns.spec
radius.c

diff --git a/Changes b/Changes
index 2a3167f..a37c50e 100644 (file)
--- a/Changes
+++ b/Changes
@@ -1,4 +1,4 @@
-* Wed Aug 2 2006 Brendan O'Dea <bod@optus.net> 2.2.0
+* Thu Aug 3 2006 Brendan O'Dea <bod@optus.net> 2.2.0
 - Only poll clifd if successfully bound.
 - Add "Practical VPNs" document from Liran Tal as Docs/vpn .
 - Add Multilink support from Khaled Al Hamwi.
@@ -10,6 +10,8 @@
   AVP is not present.
 - Add radius_bind_{min,max} to simplify firewalling of RADIUS ports.
 - Fix sign problem with reporting of unknown RADIUS VSAs.
+- Allow DNS servers to be specified either using the old or new
+  vendor-specific Ascend formats.
 
 * Tue Apr 18 2006 Brendan O'Dea <bod@optus.net> 2.1.18
 - Don't shutdown on TerminateReq, wait for CDN.
index 6b66952..d2a563b 100644 (file)
@@ -43,5 +43,5 @@ rm -rf %{buildroot}
 %attr(644,root,root) /usr/share/man/man[58]/*
 
 %changelog
-* Wed Aug 2 2006 Brendan O'Dea <bod@optus.net> 2.2.0-1
+* Thu Aug 3 2006 Brendan O'Dea <bod@optus.net> 2.2.0-1
 - 2.2.0 release, see /usr/share/doc/l2tpns-2.2.0/Changes
index c167cbe..3da31f8 100644 (file)
--- a/radius.c
+++ b/radius.c
@@ -1,6 +1,6 @@
 // L2TPNS Radius Stuff
 
-char const *cvs_id_radius = "$Id: radius.c,v 1.54 2006-08-02 13:35:39 bodea Exp $";
+char const *cvs_id_radius = "$Id: radius.c,v 1.55 2006-08-02 14:17:30 bodea Exp $";
 
 #include <time.h>
 #include <stdio.h>
@@ -635,6 +635,35 @@ void processrad(uint8_t *buf, int len, char socket_index)
                                uint8_t *e = buf + len;
                                for (; p + 2 <= e && p[1] && p + p[1] <= e; p += p[1])
                                {
+                                       if (*p == 26 && p[1] >= 7)
+                                       {
+                                               // Vendor-Specific Attribute
+                                               uint32_t vendor = ntohl(*(int *)(p + 2));
+                                               uint8_t attrib = *(p + 6);
+                                               int attrib_length = *(p + 7) - 2;
+
+                                               LOG(4, s, session[s].tunnel, "   Radius reply contains Vendor-Specific.  Vendor=%u Attrib=%u Length=%d\n", vendor, attrib, attrib_length);
+                                               if (vendor == 9 && attrib == 1) // Cisco-AVPair
+                                               {
+                                                       if (attrib_length < 0) continue;
+                                                       LOG(3, s, session[s].tunnel, "      Cisco-AVPair value: %.*s\n",
+                                                               attrib_length, p + 8);
+
+                                                       handle_avpair(s, p + 8, attrib_length);
+                                                       continue;
+                                               }
+                                               else if (vendor == 529 && attrib >= 135 && attrib <= 136) // Ascend
+                                               {
+                                                       // handle old-format ascend DNS attributes below
+                                                       p += 6;
+                                               }
+                                               else
+                                               {
+                                                       LOG(3, s, session[s].tunnel, "      Unknown vendor-specific\n");
+                                                       continue;
+                                               }
+                                       }
+
                                        if (*p == 8)
                                        {
                                                // Framed-IP-Address
@@ -762,28 +791,6 @@ void processrad(uint8_t *buf, int len, char socket_index)
                                                session[s].idle_timeout = ntohl(*(uint32_t *)(p + 2));
                                                LOG(3, s, session[s].tunnel, "   Radius reply contains Idle-Timeout = %u\n", session[s].idle_timeout);
                                        }
-                                       else if (*p == 26 && p[1] >= 7)
-                                       {
-                                               // Vendor-Specific Attribute
-                                               uint32_t vendor = ntohl(*(int *)(p + 2));
-                                               uint8_t attrib = *(p + 6);
-                                               int attrib_length = *(p + 7) - 2;
-
-                                               LOG(3, s, session[s].tunnel, "   Radius reply contains Vendor-Specific.  Vendor=%u Attrib=%u Length=%d\n", vendor, attrib, attrib_length);
-                                               if (vendor != 9 || attrib != 1)
-                                               {
-                                                       LOG(3, s, session[s].tunnel, "      Unknown vendor-specific\n");
-                                                       continue;
-                                               }
-
-                                               if (attrib_length > 0)
-                                               {
-                                                       LOG(3, s, session[s].tunnel, "      Cisco-AVPair value: %.*s\n",
-                                                               attrib_length, p + 8);
-
-                                                       handle_avpair(s, p + 8, attrib_length);
-                                               }
-                                       }
                                        else if (*p == 99)
                                        {
                                                // Framed-IPv6-Route