Bump heartbeat version to handle Class entry in session (v6).
Re-arrange session struct to remove padding.
Update cluster code to handle v6 packets. Drop compatability for pre-v5.
-* Thu Jan 20 2011 Brendan O'Dea <bod@optus.net> 2.2.x
+* Sun Sep 11 2011 Brendan O'Dea <bod@optus.net> 2.2.x
- Apply MLPPP patch from Muhammad Tayseer Alquoatli.
- Apply patch from Michael O to avoid sending multiple CDNs.
- Apply patch from Cyril Elkaim to fix an issue with MacOS.
- Apply patch from Geoffrey D. Bennett to fix retry of control packets.
- Apply MLPPP patch from Muhammad Tayseer Alquoatli.
- Apply patch from Michael O to avoid sending multiple CDNs.
- Apply patch from Cyril Elkaim to fix an issue with MacOS.
- Apply patch from Geoffrey D. Bennett to fix retry of control packets.
+- Apply patch from Geoffrey D. Bennett to fix handle RADIUS Class attribute.
+- Bump heartbeat version to handle Class entry in session (v6).
+- Re-arrange session struct to remove padding.
+- Update cluster code to handle v6 packets. Drop compatability for pre-v5.
* Mon Dec 18 2006 Brendan O'Dea <bod@optus.net> 2.2.0
- Only poll clifd if successfully bound.
* Mon Dec 18 2006 Brendan O'Dea <bod@optus.net> 2.2.0
- Only poll clifd if successfully bound.
Rhys Kidd <rhys.kidd@staff.westnet.com.au>
Muhammad Tayseer Alquoatli <idoit.ief@gmail.com>
Cyril Elkaim <cyrelk@users.sourceforge.net>
Rhys Kidd <rhys.kidd@staff.westnet.com.au>
Muhammad Tayseer Alquoatli <idoit.ief@gmail.com>
Cyril Elkaim <cyrelk@users.sourceforge.net>
+Geoffry D. Bennett <g_bennett@users.sourceforge.net>
if (!config->cluster_master_address) // If we don't have a master, skip it for a while.
return;
if (!config->cluster_master_address) // If we don't have a master, skip it for a while.
return;
- // C_BYTES format changed in 2.1.0 (cluster version 5)
- // during upgrade from previous versions, hang onto our counters
- // for a bit until the new master comes up
- if (config->cluster_last_hb_ver < 5)
- return;
-
i = MAX_B_RECS * 5; // Examine max 3000 sessions;
if (config->cluster_highest_sessionid > i)
i = config->cluster_highest_sessionid;
i = MAX_B_RECS * 5; // Examine max 3000 sessions;
if (config->cluster_highest_sessionid > i)
i = config->cluster_highest_sessionid;
-// pre v5 heartbeat session structure
+// pre v6 heartbeat session structure
struct oldsession {
sessionidt next;
sessionidt far;
tunnelidt tunnel;
struct oldsession {
sessionidt next;
sessionidt far;
tunnelidt tunnel;
+ uint8_t flags;
+ struct {
+ uint8_t phase;
+ uint8_t lcp:4;
+ uint8_t ipcp:4;
+ uint8_t ipv6cp:4;
+ uint8_t ccp:4;
+ } ppp;
+ char reserved_1[2];
in_addr_t ip;
int ip_pool_index;
in_addr_t ip;
int ip_pool_index;
- unsigned long unique_id;
- uint16_t nr;
- uint16_t ns;
+ uint32_t unique_id;
+ char reserved_2[4];
- uint32_t total_cin;
- uint32_t total_cout;
- uint32_t id;
+ uint32_t cin, cout;
+ uint32_t cin_wrap, cout_wrap;
+ uint32_t cin_delta, cout_delta;
uint16_t throttle_in;
uint16_t throttle_out;
uint16_t throttle_in;
uint16_t throttle_out;
+ uint8_t filter_in;
+ uint8_t filter_out;
+ uint16_t mru;
clockt opened;
clockt die;
clockt opened;
clockt die;
+ uint32_t session_timeout;
+ uint32_t idle_timeout;
in_addr_t dns1, dns2;
routet route[MAXROUTE];
in_addr_t dns1, dns2;
routet route[MAXROUTE];
- uint16_t radius;
- uint16_t mru;
uint16_t tbf_in;
uint16_t tbf_out;
uint16_t tbf_in;
uint16_t tbf_out;
- uint8_t l2tp_flags;
- uint8_t reserved_old_snoop;
- uint8_t walled_garden;
- uint8_t flags1;
- char random_vector[MAXTEL];
int random_vector_length;
int random_vector_length;
+ uint8_t random_vector[MAXTEL];
+ char user[MAXUSER];
char called[MAXTEL];
char calling[MAXTEL];
uint32_t tx_connect_speed;
uint32_t rx_connect_speed;
char called[MAXTEL];
char calling[MAXTEL];
uint32_t tx_connect_speed;
uint32_t rx_connect_speed;
- uint32_t flags;
-#define SF_IPCP_ACKED 1 // Has this session seen an IPCP Ack?
-#define SF_LCP_ACKED 2 // LCP negotiated
-#define SF_CCP_ACKED 4 // CCP negotiated
+ clockt timeout;
+ uint32_t mrru;
+ uint8_t mssf;
+ epdist epdis;
+ bundleidt bundle;
in_addr_t snoop_ip;
uint16_t snoop_port;
in_addr_t snoop_ip;
uint16_t snoop_port;
- uint16_t sid;
- uint8_t filter_in;
- uint8_t filter_out;
- char reserved[18];
+ uint8_t walled_garden;
+ uint8_t ipv6prefixlen;
+ struct in6_addr ipv6route;
+ char reserved_3[11];
};
static uint8_t *convert_session(struct oldsession *old)
};
static uint8_t *convert_session(struct oldsession *old)
new.next = old->next;
new.far = old->far;
new.tunnel = old->tunnel;
new.next = old->next;
new.far = old->far;
new.tunnel = old->tunnel;
- new.flags = old->l2tp_flags;
+ new.flags = old->flags;
+ new.ppp.phase = old->ppp.phase;
+ new.ppp.lcp = old->ppp.lcp;
+ new.ppp.ipcp = old->ppp.ipcp;
+ new.ppp.ipv6cp = old->ppp.ipv6cp;
+ new.ppp.ccp = old->ppp.ccp;
new.ip = old->ip;
new.ip_pool_index = old->ip_pool_index;
new.unique_id = old->unique_id;
new.magic = old->magic;
new.pin = old->pin;
new.pout = old->pout;
new.ip = old->ip;
new.ip_pool_index = old->ip_pool_index;
new.unique_id = old->unique_id;
new.magic = old->magic;
new.pin = old->pin;
new.pout = old->pout;
- new.cin = old->total_cin;
- new.cout = old->total_cout;
- new.cin_delta = old->cin;
- new.cout_delta = old->cout;
+ new.cin = old->cin;
+ new.cout = old->cout;
+ new.cin_wrap = old->cin_wrap;
+ new.cout_wrap = old->cout_wrap;
+ new.cin_delta = old->cin_delta;
+ new.cout_delta = old->cout_delta;
new.throttle_in = old->throttle_in;
new.throttle_out = old->throttle_out;
new.filter_in = old->filter_in;
new.throttle_in = old->throttle_in;
new.throttle_out = old->throttle_out;
new.filter_in = old->filter_in;
new.mru = old->mru;
new.opened = old->opened;
new.die = old->die;
new.mru = old->mru;
new.opened = old->opened;
new.die = old->die;
+ new.session_timeout = old->session_timeout;
+ new.idle_timeout = old->idle_timeout;
new.last_packet = old->last_packet;
new.last_packet = old->last_packet;
+ new.last_data = old->last_data;
new.dns1 = old->dns1;
new.dns2 = old->dns2;
new.tbf_in = old->tbf_in;
new.dns1 = old->dns1;
new.dns2 = old->dns2;
new.tbf_in = old->tbf_in;
new.random_vector_length = old->random_vector_length;
new.tx_connect_speed = old->tx_connect_speed;
new.rx_connect_speed = old->rx_connect_speed;
new.random_vector_length = old->random_vector_length;
new.tx_connect_speed = old->tx_connect_speed;
new.rx_connect_speed = old->rx_connect_speed;
+ new.timeout = old->timeout;
+ new.mrru = old->mrru;
+ new.mssf = old->mssf;
+ new.epdis = old->epdis;
+ new.bundle = old->bundle;
new.snoop_ip = old->snoop_ip;
new.snoop_port = old->snoop_port;
new.walled_garden = old->walled_garden;
new.snoop_ip = old->snoop_ip;
new.snoop_port = old->snoop_port;
new.walled_garden = old->walled_garden;
+ new.ipv6prefixlen = old->ipv6prefixlen;
+ new.ipv6route = old->ipv6route;
memcpy(new.random_vector, old->random_vector, sizeof(new.random_vector));
memcpy(new.user, old->user, sizeof(new.user));
memcpy(new.random_vector, old->random_vector, sizeof(new.random_vector));
memcpy(new.user, old->user, sizeof(new.user));
for (i = 0; i < MAXROUTE; i++)
memcpy(&new.route[i], &old->route[i], sizeof(new.route[i]));
for (i = 0; i < MAXROUTE; i++)
memcpy(&new.route[i], &old->route[i], sizeof(new.route[i]));
- if (new.opened)
- {
- new.ppp.phase = Establish;
- if (old->flags & (SF_IPCP_ACKED|SF_LCP_ACKED))
- {
- new.ppp.phase = Network;
- new.ppp.lcp = Opened;
- new.ppp.ipcp = (old->flags & SF_IPCP_ACKED) ? Opened : Starting;
- new.ppp.ccp = (old->flags & SF_CCP_ACKED) ? Opened : Stopped;
- }
-
- // no PPPv6 in old session
- new.ppp.ipv6cp = Stopped;
- }
-
return (uint8_t *) &new;
}
//
// Process a heartbeat..
//
return (uint8_t *) &new;
}
//
// Process a heartbeat..
//
-// v3: added interval, timeout
-// v4: added table_version
-// v5: added ipv6, re-ordered session structure
+// v6: added RADIUS class attribute, re-ordered session structure
static int cluster_process_heartbeat(uint8_t *data, int size, int more, uint8_t *p, in_addr_t addr)
{
heartt *h;
static int cluster_process_heartbeat(uint8_t *data, int size, int more, uint8_t *p, in_addr_t addr)
{
heartt *h;
int i, type;
int hb_ver = more;
int i, type;
int hb_ver = more;
# error "need to update cluster_process_heartbeat()"
#endif
# error "need to update cluster_process_heartbeat()"
#endif
- // we handle versions 3 through 5
- if (hb_ver < 3 || hb_ver > HB_VERSION) {
+ // we handle versions 5 through 6
+ if (hb_ver < 5 || hb_ver > HB_VERSION) {
LOG(0, 0, 0, "Received a heartbeat version that I don't support (%d)!\n", hb_ver);
return -1; // Ignore it??
}
LOG(0, 0, 0, "Received a heartbeat version that I don't support (%d)!\n", hb_ver);
return -1; // Ignore it??
}
- if (hb_ver >= 4) {
- if (h->table_version > config->cluster_table_version) {
- LOG(0, 0, 0, "They've seen more state changes (%" PRIu64 " vs my %" PRIu64 ") so I'm gone!\n",
+ if (h->table_version > config->cluster_table_version) {
+ LOG(0, 0, 0, "They've seen more state changes (%" PRIu64 " vs my %" PRIu64 ") so I'm gone!\n",
h->table_version, config->cluster_table_version);
h->table_version, config->cluster_table_version);
- kill(0, SIGTERM);
- exit(1);
- }
- if (h->table_version < config->cluster_table_version)
- return -1;
+ kill(0, SIGTERM);
+ exit(1);
+ if (h->table_version < config->cluster_table_version)
+ return -1;
+
if (basetime > h->basetime) {
LOG(0, 0, 0, "They're an older master than me so I'm gone!\n");
kill(0, SIGTERM);
if (basetime > h->basetime) {
LOG(0, 0, 0, "They're an older master than me so I'm gone!\n");
kill(0, SIGTERM);
s -= (p - orig_p);
// session struct changed with v5
s -= (p - orig_p);
// session struct changed with v5
{
if (size != sizeof(struct oldsession)) {
LOG(0, 0, 0, "DANGER: Received a v%d CSESSION that didn't decompress correctly!\n", hb_ver);
{
if (size != sizeof(struct oldsession)) {
LOG(0, 0, 0, "DANGER: Received a v%d CSESSION that didn't decompress correctly!\n", hb_ver);
{
if (s < sizeof(struct oldsession))
goto shortpacket;
{
if (s < sizeof(struct oldsession))
goto shortpacket;
#define C_BUNDLE 17 // Bundle structure.
#define C_CBUNDLE 18 // Compressed bundle structure.
#define C_BUNDLE 17 // Bundle structure.
#define C_CBUNDLE 18 // Compressed bundle structure.
-#define HB_VERSION 5 // Protocol version number..
+#define HB_VERSION 6 // Protocol version number..
#define HB_MAX_SEQ (1<<30) // Maximum sequence number. (MUST BE A POWER OF 2!)
#define HB_HISTORY_SIZE 64 // How many old heartbeats we remember?? (Must be a factor of HB_MAX_SEQ)
#define HB_MAX_SEQ (1<<30) // Maximum sequence number. (MUST BE A POWER OF 2!)
#define HB_HISTORY_SIZE 64 // How many old heartbeats we remember?? (Must be a factor of HB_MAX_SEQ)
#define MAXTEL 96 // telephone number
#define MAXUSER 128 // username
#define MAXPASS 128 // password
#define MAXTEL 96 // telephone number
#define MAXUSER 128 // username
#define MAXPASS 128 // password
+#define MAXCLASS 128 // radius class attribute size
#define MAXPLUGINS 20 // maximum number of plugins to load
#define MAXRADSERVER 10 // max radius servers
#define MAXROUTE 10 // max static routes per session
#define MAXPLUGINS 20 // maximum number of plugins to load
#define MAXRADSERVER 10 // max radius servers
#define MAXROUTE 10 // max static routes per session
uint8_t ipv6cp:4; // IPV6CP state
uint8_t ccp:4; // CCP state
} ppp;
uint8_t ipv6cp:4; // IPV6CP state
uint8_t ccp:4; // CCP state
} ppp;
- char reserved_1[2]; // unused: padding
+ uint16_t mru; // maximum receive unit
in_addr_t ip; // IP of session set by RADIUS response (host byte order).
int ip_pool_index; // index to IP pool
uint32_t unique_id; // unique session id
in_addr_t ip; // IP of session set by RADIUS response (host byte order).
int ip_pool_index; // index to IP pool
uint32_t unique_id; // unique session id
- char reserved_2[4]; // unused: was ns/nr
uint32_t magic; // ppp magic number
uint32_t pin, pout; // packet counts
uint32_t cin, cout; // byte counts
uint32_t magic; // ppp magic number
uint32_t pin, pout; // packet counts
uint32_t cin, cout; // byte counts
uint16_t throttle_out; // downstream throttle rate
uint8_t filter_in; // input filter index (to ip_filters[N-1]; 0 if none)
uint8_t filter_out; // output filter index
uint16_t throttle_out; // downstream throttle rate
uint8_t filter_in; // input filter index (to ip_filters[N-1]; 0 if none)
uint8_t filter_out; // output filter index
- uint16_t mru; // maximum receive unit
+ uint16_t snoop_port; // Interception destination port
+ in_addr_t snoop_ip; // Interception destination IP
clockt opened; // when started
clockt die; // being closed, when to finally free
uint32_t session_timeout; // Maximum session time in seconds
clockt opened; // when started
clockt die; // being closed, when to finally free
uint32_t session_timeout; // Maximum session time in seconds
- uint32_t idle_timeout; // Maximum idle time in seconds
+ uint32_t idle_timeout; // Maximum idle time in seconds
time_t last_packet; // Last packet from the user (used for idle timeouts)
time_t last_packet; // Last packet from the user (used for idle timeouts)
- time_t last_data; // Last data packet to/from the user (used for idle timeouts)
+ time_t last_data; // Last data packet to/from the user (used for idle timeouts)
in_addr_t dns1, dns2; // DNS servers
routet route[MAXROUTE]; // static routes
uint16_t tbf_in; // filter bucket for throttling in from the user.
uint16_t tbf_out; // filter bucket for throttling out to the user.
int random_vector_length;
uint8_t random_vector[MAXTEL];
in_addr_t dns1, dns2; // DNS servers
routet route[MAXROUTE]; // static routes
uint16_t tbf_in; // filter bucket for throttling in from the user.
uint16_t tbf_out; // filter bucket for throttling out to the user.
int random_vector_length;
uint8_t random_vector[MAXTEL];
- char user[MAXUSER]; // user (needed in seesion for radius stop messages)
+ char user[MAXUSER]; // user (needed in session for radius stop messages)
char called[MAXTEL]; // called number
char calling[MAXTEL]; // calling number
uint32_t tx_connect_speed;
uint32_t rx_connect_speed;
clockt timeout; // Session timeout
char called[MAXTEL]; // called number
char calling[MAXTEL]; // calling number
uint32_t tx_connect_speed;
uint32_t rx_connect_speed;
clockt timeout; // Session timeout
- uint32_t mrru; // Multilink Max-Receive-Reconstructed-Unit
- uint8_t mssf; // Multilink Short Sequence Number Header Format
- epdist epdis; // Multilink Endpoint Discriminator
- bundleidt bundle; // Multilink Bundle Identifier
- in_addr_t snoop_ip; // Interception destination IP
- uint16_t snoop_port; // Interception destination port
+ uint32_t mrru; // Multilink Max-Receive-Reconstructed-Unit
+ epdist epdis; // Multilink Endpoint Discriminator
+ bundleidt bundle; // Multilink Bundle Identifier
+ uint8_t mssf; // Multilink Short Sequence Number Header Format
uint8_t walled_garden; // is this session gardened?
uint8_t walled_garden; // is this session gardened?
+ uint8_t classlen; // class (needed for radius accounting messages)
+ char class[MAXCLASS];
uint8_t ipv6prefixlen; // IPv6 route prefix length
struct in6_addr ipv6route; // Static IPv6 route
uint8_t ipv6prefixlen; // IPv6 route prefix length
struct in6_addr ipv6route; // Static IPv6 route
- char reserved_3[11]; // Space to expand structure without changing HB_VERSION
+ char reserved[12]; // Space to expand structure without changing HB_VERSION
+ if (session[s].classlen) {
+ *p = 25; // class
+ p[1] = session[s].classlen + 2;
+ memcpy(p + 2, session[s].class, session[s].classlen);
+ p += p[1];
+ }
+
{
struct param_radius_account acct = { &tunnel[session[s].tunnel], &session[s], &p };
run_plugins(PLUGIN_RADIUS_ACCOUNT, &acct);
{
struct param_radius_account acct = { &tunnel[session[s].tunnel], &session[s], &p };
run_plugins(PLUGIN_RADIUS_ACCOUNT, &acct);
session[s].ipv6prefixlen = prefixlen;
}
}
session[s].ipv6prefixlen = prefixlen;
}
}
+ else if (*p == 25)
+ {
+ // Class
+ if (p[1] < 3) continue;
+ session[s].classlen = p[1] - 2;
+ if (session[s].classlen > MAXCLASS)
+ session[s].classlen = MAXCLASS;
+ memcpy(session[s].class, p + 2, session[s].classlen);
+ }
}
}
else if (r_code == AccessReject)
}
}
else if (r_code == AccessReject)
projects / l2tpns.git / commitdiff