Merge from master 2.2.1-2sames3.10
authorfendo <fendo@bi12info.com>
Tue, 4 Jun 2013 12:39:00 +0000 (14:39 +0200)
committerfendo <fendo@bi12info.com>
Tue, 4 Jun 2013 12:39:00 +0000 (14:39 +0200)
1  2 
debian/changelog
radius.c

diff --combined debian/changelog
@@@ -1,36 -1,37 +1,43 @@@
 -l2tpns (2.2.1-2fdn3.10) unstable; urgency=low
++l2tpns (2.2.1-2sames3.10) unstable; urgency=low
+   * Fix: authentication success was sent 2 times.
++  * Fix: session mismatch on group.
 - -- Fernando Alves <fernando.alves@sameswireless.fr>  Tue, 04 Jun 2013 11:38:04 +0200
++ -- Fernando Alves <fernando.alves@sameswireless.fr>  Tue, 04 Jun 2013 14:36:37 +0200
 -l2tpns (2.2.1-2fdn3.9) unstable; urgency=low
 +l2tpns (2.2.1-2sames3.9) unstable; urgency=low
  
    * Adding the possibility to set multiple hostname.
  
 - -- Fernando Alves <fernando.alves@sameswireless.fr>  Thu, 23 May 2013 23:58:23 +0200
 + -- Fernando Alves <fernando.alves@sameswireless.fr>  Wed, 22 May 2013 22:25:59 +0200
  
 -l2tpns (2.2.1-2fdn3.8) unstable; urgency=low
 +l2tpns (2.2.1-2sames3.8) unstable; urgency=low
  
 -  * Fix: send SCCCN requested challenge response.
 +  * Fix send SCCCN requested challenge response.
    * add accounting parameter account_all_origin.
    * Fix service_name management and add pppoe_only_equal_svc_name parameter.
 +  * Fix cluster group update.
 +  * Fix possible IPv6 spoofing.
 +  * manage groupes in cluster mode.
 +  * Adding the possibility to listening multiple IP L2TP tunnels.
 +  * Add cli show group and update rate calculation.
  
 - -- Fernando Alves <fernando.alves@sameswireless.fr>  Tue, 30 Apr 2013 16:02:33 +0200
 + -- Fernando Alves <fernando.alves@sameswireless.fr>  Tue, 30 Apr 2013 19:22:11 +0200
  
 -l2tpns (2.2.1-2fdn3.7) unstable; urgency=low
 -
 -  * Adding the possibility to listening multiple IP L2TP Tunnels
 -  * Removing LAC flag.
 -
 - -- Fernando Alves <fernando.alves@sameswireless.fr>  Thu, 28 Mar 2013 10:50:00 +0100
 -
 -l2tpns (2.2.1-2fdn3.6) unstable; urgency=low
 +l2tpns (2.2.1-2sames3.7) unstable; urgency=low
  
 +  * Merge from master
    * Fix Warning: dereferencing type-punned pointer will break strict...
    * Fix: Tunnel creation does not work when the length of the hostname is odd. (revert fix: Add a uint16_t control buffer type, as a union)
  
   -- Fernando Alves <fernando.alves@sameswireless.fr>  Tue, 26 Feb 2013 09:07:16 +0100
  
 +l2tpns (2.2.1-2sames3.6) unstable; urgency=low
 +
 +  * Sames l2tpns version.
 +
 + -- Fernando Alves <fernando.alves@sameswireless.fr>  Tue, 12 Feb 2013 20:20:17 +0100
 +
  l2tpns (2.2.1-2fdn3.5) unstable; urgency=low
  
    * Update debian/changelog
diff --combined radius.c
+++ b/radius.c
@@@ -11,7 -11,6 +11,7 @@@
  #include <ctype.h>
  #include <netinet/in.h>
  #include <errno.h>
 +#include <linux/rtnetlink.h>
  
  #include "md5.h"
  #include "constants.h"
@@@ -598,40 -597,6 +598,6 @@@ void processrad(uint8_t *buf, int len, 
                        run_plugins(PLUGIN_POST_AUTH, &packet);
                        r_code = packet.auth_allowed ? AccessAccept : AccessReject;
  
- #ifndef LAC
-                       // process auth response
-                       if (radius[r].chap)
-                       {
-                               // CHAP
-                               uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPCHAP, 0, 0, 0);
-                               if (!p) return; // Abort!
-                               *p = (r_code == AccessAccept) ? 3 : 4;     // ack/nak
-                               p[1] = radius[r].id;
-                               *(uint16_t *) (p + 2) = ntohs(4); // no message
-                               tunnelsend(b, (p - b) + 4, t); // send it
-                               LOG(3, s, session[s].tunnel, "   CHAP User %s authentication %s.\n", session[s].user,
-                                               (r_code == AccessAccept) ? "allowed" : "denied");
-                       }
-                       else
-                       {
-                               // PAP
-                               uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPPAP, 0, 0, 0);
-                               if (!p) return;         // Abort!
-                               // ack/nak
-                               *p = r_code;
-                               p[1] = radius[r].id;
-                               *(uint16_t *) (p + 2) = ntohs(5);
-                               p[4] = 0; // no message
-                               tunnelsend(b, (p - b) + 5, t); // send it
-                               LOG(3, s, session[s].tunnel, "   PAP User %s authentication %s.\n", session[s].user,
-                                               (r_code == AccessAccept) ? "allowed" : "denied");
-                       }
- #endif
                        if (r_code == AccessAccept)
                        {
                                // Login successful
                                                else if (vendor == 529 && attrib >= 135 && attrib <= 136) // Ascend
                                                {
                                                        // handle old-format ascend DNS attributes below
 -                                                      p += 6;
 +                                                      p += 6;
 +                                              }
 +                                              else if (vendor == 64520) // Sames
 +                                              {
 +                                                      //Sames vendor-specific 64520
 +                                                      uint8_t *pvs = p + 6; // pvs set to begin to attribute
 +                                                      LOG(3, s, session[s].tunnel, "   Sames vendor-specific: %d, Attrib: %d, lenght: %d\n", vendor, attrib, attrib_length);
 +                                                      grp_processvendorspecific(s, pvs);
 +                                                      continue;
                                                }
                                                else
                                                {
 -                                                      LOG(3, s, session[s].tunnel, "      Unknown vendor-specific\n");
 +                                                      LOG(3, s, session[s].tunnel, "   Unknown vendor-specific: %d, Attrib: %d\n", vendor, attrib);
                                                        continue;
                                                }
                                        }