From 33f430ac774fb99afb828fc3eab8eb4ac575625f Mon Sep 17 00:00:00 2001 From: bodea Date: Wed, 2 Aug 2006 14:17:30 +0000 Subject: [PATCH 1/1] allow DNS servers to be specified using either old or new vendor-specific Ascend formats --- Changes | 4 +++- l2tpns.spec | 2 +- radius.c | 53 ++++++++++++++++++++++++++++++----------------------- 3 files changed, 34 insertions(+), 25 deletions(-) diff --git a/Changes b/Changes index 2a3167f..a37c50e 100644 --- a/Changes +++ b/Changes @@ -1,4 +1,4 @@ -* Wed Aug 2 2006 Brendan O'Dea 2.2.0 +* Thu Aug 3 2006 Brendan O'Dea 2.2.0 - Only poll clifd if successfully bound. - Add "Practical VPNs" document from Liran Tal as Docs/vpn . - Add Multilink support from Khaled Al Hamwi. @@ -10,6 +10,8 @@ AVP is not present. - Add radius_bind_{min,max} to simplify firewalling of RADIUS ports. - Fix sign problem with reporting of unknown RADIUS VSAs. +- Allow DNS servers to be specified either using the old or new + vendor-specific Ascend formats. * Tue Apr 18 2006 Brendan O'Dea 2.1.18 - Don't shutdown on TerminateReq, wait for CDN. diff --git a/l2tpns.spec b/l2tpns.spec index 6b66952..d2a563b 100644 --- a/l2tpns.spec +++ b/l2tpns.spec @@ -43,5 +43,5 @@ rm -rf %{buildroot} %attr(644,root,root) /usr/share/man/man[58]/* %changelog -* Wed Aug 2 2006 Brendan O'Dea 2.2.0-1 +* Thu Aug 3 2006 Brendan O'Dea 2.2.0-1 - 2.2.0 release, see /usr/share/doc/l2tpns-2.2.0/Changes diff --git a/radius.c b/radius.c index 3dabc34..f35e78d 100644 --- a/radius.c +++ b/radius.c @@ -1,6 +1,6 @@ // L2TPNS Radius Stuff -char const *cvs_id_radius = "$Id: radius.c,v 1.54 2006/08/02 13:35:39 bodea Exp $"; +char const *cvs_id_radius = "$Id: radius.c,v 1.55 2006/08/02 14:17:30 bodea Exp $"; #include #include @@ -635,6 +635,35 @@ void processrad(uint8_t *buf, int len, char socket_index) uint8_t *e = buf + len; for (; p + 2 <= e && p[1] && p + p[1] <= e; p += p[1]) { + if (*p == 26 && p[1] >= 7) + { + // Vendor-Specific Attribute + uint32_t vendor = ntohl(*(int *)(p + 2)); + uint8_t attrib = *(p + 6); + int attrib_length = *(p + 7) - 2; + + LOG(4, s, session[s].tunnel, " Radius reply contains Vendor-Specific. Vendor=%u Attrib=%u Length=%d\n", vendor, attrib, attrib_length); + if (vendor == 9 && attrib == 1) // Cisco-AVPair + { + if (attrib_length < 0) continue; + LOG(3, s, session[s].tunnel, " Cisco-AVPair value: %.*s\n", + attrib_length, p + 8); + + handle_avpair(s, p + 8, attrib_length); + continue; + } + else if (vendor == 529 && attrib >= 135 && attrib <= 136) // Ascend + { + // handle old-format ascend DNS attributes below + p += 6; + } + else + { + LOG(3, s, session[s].tunnel, " Unknown vendor-specific\n"); + continue; + } + } + if (*p == 8) { // Framed-IP-Address @@ -762,28 +791,6 @@ void processrad(uint8_t *buf, int len, char socket_index) session[s].idle_timeout = ntohl(*(uint32_t *)(p + 2)); LOG(3, s, session[s].tunnel, " Radius reply contains Idle-Timeout = %u\n", session[s].idle_timeout); } - else if (*p == 26 && p[1] >= 7) - { - // Vendor-Specific Attribute - uint32_t vendor = ntohl(*(int *)(p + 2)); - uint8_t attrib = *(p + 6); - int attrib_length = *(p + 7) - 2; - - LOG(3, s, session[s].tunnel, " Radius reply contains Vendor-Specific. Vendor=%u Attrib=%u Length=%d\n", vendor, attrib, attrib_length); - if (vendor != 9 || attrib != 1) - { - LOG(3, s, session[s].tunnel, " Unknown vendor-specific\n"); - continue; - } - - if (attrib_length > 0) - { - LOG(3, s, session[s].tunnel, " Cisco-AVPair value: %.*s\n", - attrib_length, p + 8); - - handle_avpair(s, p + 8, attrib_length); - } - } else if (*p == 99) { // Framed-IPv6-Route -- 2.20.1