From 4f5ea4fbe0a32b7623cdc815a5fb99c481d14764 Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Tue, 16 Nov 2004 07:54:32 +0000 Subject: [PATCH] - Ignore gateway address in Framed-Route (from Jonathan McDowell). - Call sessionshutdown() when a tunnel is dropped rather than sessionkill() to ensure that RADIUS stop records are sent. - Cleanup: make a bunch of global functions/variables static. --- Changes | 6 ++ cli.c | 31 +++---- cluster.c | 28 +++---- cluster.h | 12 ++- icmp.c | 6 +- l2tpns.c | 233 ++++++++++++++++++++++++---------------------------- l2tpns.h | 64 ++++----------- l2tpns.spec | 6 +- ppp.c | 50 +++++------ radius.c | 22 +---- util.c | 22 ++--- 11 files changed, 205 insertions(+), 275 deletions(-) diff --git a/Changes b/Changes index 4bdb060..ae77ea2 100644 --- a/Changes +++ b/Changes @@ -1,3 +1,9 @@ +* Tue Nov 16 2004 Brendan O'Dea 2.0.8 +- Ignore gateway address in Framed-Route (from Jonathan McDowell). +- Call sessionshutdown() when a tunnel is dropped rather than + sessionkill() to ensure that RADIUS stop records are sent. +- Cleanup: make a bunch of global functions/variables static. + * Mon Nov 15 2004 Brendan O'Dea 2.0.7 - Fix socket creation in host_unreachable() (thanks to Bjørn Augestad) - Don't assume BGP peer sends back negotiated hold time, pick smallest diff --git a/cli.c b/cli.c index aa2d5e9..50712b1 100644 --- a/cli.c +++ b/cli.c @@ -2,7 +2,7 @@ // vim: sw=8 ts=8 char const *cvs_name = "$Name: $"; -char const *cvs_id_cli = "$Id: cli.c,v 1.27 2004-11-11 06:13:29 bodea Exp $"; +char const *cvs_id_cli = "$Id: cli.c,v 1.28 2004-11-16 07:54:32 bodea Exp $"; #include #include @@ -37,8 +37,7 @@ extern sessiont *session; extern radiust *radius; extern ippoolt *ip_address_pool; extern struct Tstats *_statistics; -struct cli_def *cli = NULL; -int cli_quit = 0; +static struct cli_def *cli = NULL; extern struct configt *config; extern struct config_descriptt config_values[]; #ifdef RINGBUFFER @@ -48,7 +47,7 @@ extern struct cli_session_actions *cli_session_actions; extern struct cli_tunnel_actions *cli_tunnel_actions; extern tbft *filter_list; -char *debug_levels[] = { +static char *debug_levels[] = { "CRIT", "ERROR", "WARN", @@ -67,10 +66,9 @@ struct char data; } debug_flags; -int debug_session; -int debug_tunnel; -int debug_rb_tail; -FILE *save_config_fh; +static int debug_session; +static int debug_tunnel; +static int debug_rb_tail; static int cmd_show_session(struct cli_def *cli, char *command, char **argv, int argc); static int cmd_show_tunnels(struct cli_def *cli, char *command, char **argv, int argc); @@ -301,7 +299,7 @@ void cli_do(int sockfd) exit(0); } -void cli_print_log(struct cli_def *cli, char *string) +static void cli_print_log(struct cli_def *cli, char *string) { LOG(3, 0, 0, 0, "%s\n", string); } @@ -826,7 +824,8 @@ static int cmd_show_pool(struct cli_def *cli, char *command, char **argv, int ar return CLI_OK; } -void print_save_config(struct cli_def *cli, char *string) +static FILE *save_config_fh = 0; +static void print_save_config(struct cli_def *cli, char *string) { if (save_config_fh) fprintf(save_config_fh, "%s\n", string); @@ -844,6 +843,7 @@ static int cmd_write_memory(struct cli_def *cli, char *command, char **argv, int cmd_show_run(cli, command, argv, argc); cli_print_callback(cli, NULL); fclose(save_config_fh); + save_config_fh = 0; } else { @@ -1647,7 +1647,7 @@ static int cmd_remove_plugin(struct cli_def *cli, char *command, char **argv, in return CLI_OK; } -char *duration(time_t secs) +static char *duration(time_t secs) { static char *buf = NULL; int p = 0; @@ -1877,15 +1877,6 @@ static int cmd_router_bgp(struct cli_def *cli, char *command, char **argv, int a return CLI_OK; } -static int cmd_router_bgp_exit(struct cli_def *cli, char *command, char **argv, int argc) -{ - if (CLI_HELP_REQUESTED) - return CLI_HELP_NO_ARGS; - - cli_set_configmode(cli, MODE_CONFIG, NULL); - return CLI_OK; -} - static int find_bgp_neighbour(char *name) { int i; diff --git a/cluster.c b/cluster.c index 890b2d0..f15127d 100644 --- a/cluster.c +++ b/cluster.c @@ -1,6 +1,6 @@ // L2TPNS Clustering Stuff -char const *cvs_id_cluster = "$Id: cluster.c,v 1.17 2004-11-09 03:09:12 bodea Exp $"; +char const *cvs_id_cluster = "$Id: cluster.c,v 1.18 2004-11-16 07:54:32 bodea Exp $"; #include #include @@ -67,8 +67,8 @@ static struct { } peers[CLUSTER_MAX_SIZE]; // List of all the peers we've heard from. static int num_peers; // Number of peers in list. -int rle_decompress(u8 ** src_p, int ssize, u8 *dst, int dsize); -int rle_compress(u8 ** src_p, int ssize, u8 *dst, int dsize); +static int rle_decompress(u8 ** src_p, int ssize, u8 *dst, int dsize); +static int rle_compress(u8 ** src_p, int ssize, u8 *dst, int dsize); // // Create a listening socket @@ -147,7 +147,7 @@ int cluster_init() // address ). // -int cluster_send_data(void *data, int datalen) +static int cluster_send_data(void *data, int datalen) { struct sockaddr_in addr = {0}; @@ -200,7 +200,7 @@ static void advertise(void) send_garp(config->bind_address); // Start taking traffic. } -void cluster_uptodate(void) +static void cluster_uptodate(void) { if (config->cluster_iam_uptodate) return; @@ -218,7 +218,7 @@ void cluster_uptodate(void) // Send a unicast UDP packet to a peer with 'data' as the // contents. // -int peer_send_data(u32 peer, char * data, int size) +static int peer_send_data(u32 peer, char * data, int size) { struct sockaddr_in addr = {0}; @@ -246,7 +246,7 @@ int peer_send_data(u32 peer, char * data, int size) // // Send a structured message to a peer with a single element of type 'type'. // -int peer_send_message(u32 peer, int type, int more, char * data, int size) +static int peer_send_message(u32 peer, int type, int more, char * data, int size) { char buf[65536]; // Vast overkill. char * p = buf; @@ -681,7 +681,7 @@ static void cluster_check_sessions(int highsession, int freesession_ptr, int hig cluster_uptodate(); } -int hb_add_type(char **p, int type, int id) +static int hb_add_type(char **p, int type, int id) { switch (type) { case C_CSESSION: { // Compressed C_SESSION. @@ -831,7 +831,7 @@ void cluster_heartbeat() // // A structure of type 'type' has changed; Add it to the queue to send. // -int type_changed(int type, int id) +static int type_changed(int type, int id) { int i; @@ -879,7 +879,7 @@ int cluster_send_tunnel(int tid) // missed a packet. We'll resend it every packet since // the last one it's seen. // -int cluster_catchup_slave(int seq, u32 slave) +static int cluster_catchup_slave(int seq, u32 slave) { int s; int diff; @@ -914,7 +914,7 @@ int cluster_catchup_slave(int seq, u32 slave) // We've heard from another peer! Add it to the list // that we select from at election time. // -int cluster_add_peer(u32 peer, time_t basetime, pingt *pp, int size) +static int cluster_add_peer(u32 peer, time_t basetime, pingt *pp, int size) { int i; u32 clusterid; @@ -998,7 +998,7 @@ int cluster_add_peer(u32 peer, time_t basetime, pingt *pp, int size) // Note that we don't mark the session as dirty; We rely on // the slow table walk to propogate this back out to the slaves. // -int cluster_handle_bytes(char * data, int size) +static int cluster_handle_bytes(char * data, int size) { bytest * b; @@ -1451,7 +1451,7 @@ int cmd_show_cluster(struct cli_def *cli, char *command, char **argv, int argc) // // Worst case is a 50% expansion in space required (trying to // compress { 0x00, 0x01 } * N ) -int rle_compress(u8 ** src_p, int ssize, u8 *dst, int dsize) +static int rle_compress(u8 ** src_p, int ssize, u8 *dst, int dsize) { int count; int orig_dsize = dsize; @@ -1497,7 +1497,7 @@ int rle_compress(u8 ** src_p, int ssize, u8 *dst, int dsize) // Return the number of dst bytes used. // Updates the 'src_p' pointer to point to the // first un-used byte. -int rle_decompress(u8 ** src_p, int ssize, u8 *dst, int dsize) +static int rle_decompress(u8 ** src_p, int ssize, u8 *dst, int dsize) { int count; int orig_dsize = dsize; diff --git a/cluster.h b/cluster.h index 317d41b..20e1d75 100644 --- a/cluster.h +++ b/cluster.h @@ -1,5 +1,5 @@ // L2TPNS Clustering Stuff -// $Id: cluster.h,v 1.6 2004-11-11 03:07:42 bodea Exp $ +// $Id: cluster.h,v 1.7 2004-11-16 07:54:32 bodea Exp $ #ifndef __CLUSTER_H__ #define __CLUSTER_H__ @@ -65,16 +65,14 @@ typedef struct { u32 basetime; // start time of this peer. } pingt; -int cluster_init(); +int cluster_init(void); int processcluster(char *buf, int size, u32 addr); -int cluster_forward_packet(char *buf, int size, u32 addr); int cluster_send_session(int sid); int cluster_send_tunnel(int tid); -int master_forward_packet(char * data, int size, u32 addr, int port); -int master_throttle_packet(int tid, char * data, int size); -int master_garden_packet(sessionidt s, char * data, int size); +int master_forward_packet(char *data, int size, u32 addr, int port); +int master_throttle_packet(int tid, char *data, int size); +int master_garden_packet(sessionidt s, char *data, int size); void master_update_counts(void); - void cluster_send_ping(time_t basetime); void cluster_heartbeat(void); void cluster_check_master(void); diff --git a/icmp.c b/icmp.c index 3937961..6db1a2c 100644 --- a/icmp.c +++ b/icmp.c @@ -1,6 +1,6 @@ // L2TPNS: icmp -char const *cvs_id_icmp = "$Id: icmp.c,v 1.4 2004-11-15 02:26:20 bodea Exp $"; +char const *cvs_id_icmp = "$Id: icmp.c,v 1.5 2004-11-16 07:54:32 bodea Exp $"; #include #include @@ -17,7 +17,7 @@ char const *cvs_id_icmp = "$Id: icmp.c,v 1.4 2004-11-15 02:26:20 bodea Exp $"; #include "l2tpns.h" -__u16 _checksum(unsigned char *addr, int count); +static __u16 _checksum(unsigned char *addr, int count); void host_unreachable(ipt destination, u16 id, ipt source, char *packet, int packet_len) { @@ -68,7 +68,7 @@ void host_unreachable(ipt destination, u16 id, ipt source, char *packet, int pac close(icmp_socket); } -__u16 _checksum(unsigned char *addr, int count) +static __u16 _checksum(unsigned char *addr, int count) { register long sum = 0; diff --git a/l2tpns.c b/l2tpns.c index cf7ef18..5307009 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -4,7 +4,7 @@ // Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced // vim: sw=8 ts=8 -char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.48 2004-11-11 03:07:42 bodea Exp $"; +char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.49 2004-11-16 07:54:32 bodea Exp $"; #include #include @@ -58,31 +58,32 @@ struct configt *config = NULL; // all configuration int tunfd = -1; // tun interface file handle. (network device) int udpfd = -1; // UDP file handle int controlfd = -1; // Control signal handle +int clifd = -1; // Socket listening for CLI connections. int snoopfd = -1; // UDP file handle for sending out intercept data int *radfds = NULL; // RADIUS requests file handles int ifrfd = -1; // File descriptor for routing, etc time_t basetime = 0; // base clock char hostname[1000] = ""; // us. -int tunidx; // ifr_ifindex of tun device -u32 sessionid = 0; // session id for radius accounting -int syslog_log = 0; // are we logging to syslog -FILE *log_stream = NULL; // file handle for direct logging (i.e. direct into file, not via syslog). +static u32 sessionid = 0; // session id for radius accounting +static int syslog_log = 0; // are we logging to syslog +static FILE *log_stream = NULL; // file handle for direct logging (i.e. direct into file, not via syslog). extern int cluster_sockfd; // Intra-cluster communications socket. u32 last_id = 0; // Last used PPP SID. Can I kill this?? -- mo -int clifd = 0; // Socket listening for CLI connections. struct cli_session_actions *cli_session_actions = NULL; // Pending session changes requested by CLI struct cli_tunnel_actions *cli_tunnel_actions = NULL; // Pending tunnel changes required by CLI static void *ip_hash[256]; // Mapping from IP address to session structures. -u32 udp_tx = 0, udp_rx = 0, udp_rx_pkt = 0; // Global traffic counters. -u32 eth_tx = 0, eth_rx = 0, eth_rx_pkt = 0; -u32 ip_pool_size = 1; // Size of the pool of addresses used for dynamic address allocation. -time_t time_now = 0; // Current time in seconds since epoch. -char time_now_string[64] = {0}; // Current time as a string. -char main_quit = 0; // True if we're in the process of exiting. -char *_program_name = NULL; +// Traffic counters. +static u32 udp_rx = 0, udp_rx_pkt = 0, udp_tx = 0; +static u32 eth_rx = 0, eth_rx_pkt = 0; +u32 eth_tx = 0; + +static u32 ip_pool_size = 1; // Size of the pool of addresses used for dynamic address allocation. +time_t time_now = 0; // Current time in seconds since epoch. +static char time_now_string[64] = {0}; // Current time as a string. +static char main_quit = 0; // True if we're in the process of exiting. linked_list *loaded_plugins; linked_list *plugins[MAX_PLUGIN_TYPES]; @@ -123,7 +124,7 @@ struct config_descriptt config_values[] = { { NULL, 0, 0, 0 }, }; -char *plugin_functions[] = { +static char *plugin_functions[] = { NULL, "plugin_pre_auth", "plugin_post_auth", @@ -145,30 +146,36 @@ sessiont *session = NULL; // Array of session structures. sessioncountt *sess_count = NULL; // Array of partial per-session traffic counters. radiust *radius = NULL; // Array of radius structures. ippoolt *ip_address_pool = NULL; // Array of dynamic IP addresses. -controlt *controlfree = 0; +static controlt *controlfree = 0; struct Tstats *_statistics = NULL; #ifdef RINGBUFFER struct Tringbuffer *ringbuffer = NULL; #endif -void sigalrm_handler(int); -void sighup_handler(int); -void sigterm_handler(int); -void sigquit_handler(int); -void sigchild_handler(int); -void read_config_file(); -void read_state(); -void dump_state(); -void tunnel_clean(); -tunnelidt new_tunnel(); -void update_config(); -int unhide_avp(u8 *avp, tunnelidt t, sessionidt s, u16 length); - static void cache_ipmap(ipt ip, int s); static void uncache_ipmap(ipt ip); +static void free_ip_address(sessionidt s); +static void dump_acct_info(void); +static void sighup_handler(int sig); +static void sigalrm_handler(int sig); +static void sigterm_handler(int sig); +static void sigquit_handler(int sig); +static void sigchild_handler(int sig); +static void read_state(void); +static void dump_state(void); +static void build_chap_response(char *challenge, u8 id, u16 challenge_length, char **challenge_response); +static void update_config(void); +static void read_config_file(void); +static void initplugins(void); +static void add_plugin(char *plugin_name); +static void remove_plugin(char *plugin_name); +static void plugins_done(void); +static void processcontrol(u8 * buf, int len, struct sockaddr_in *addr); +static tunnelidt new_tunnel(void); +static int unhide_avp(u8 *avp, tunnelidt t, sessionidt s, u16 length); // return internal time (10ths since process startup) -clockt now(void) +static clockt now(void) { struct timeval t; gettimeofday(&t, 0); @@ -286,12 +293,12 @@ void _log_hex(int level, const char *title, const char *data, int maxsize) // Add a route // // This adds it to the routing table, advertises it -// via iBGP if enabled, and stuffs it into the +// via BGP if enabled, and stuffs it into the // 'sessionbyip' cache. // // 'ip' and 'mask' must be in _host_ order. // -void routeset(sessionidt s, ipt ip, ipt mask, ipt gw, u8 add) +static void routeset(sessionidt s, ipt ip, ipt mask, ipt gw, u8 add) { struct rtentry r; int i; @@ -331,7 +338,7 @@ void routeset(sessionidt s, ipt ip, ipt mask, ipt gw, u8 add) #endif /* BGP */ // Add/Remove the IPs to the 'sessionbyip' cache. - // Note that we add the zero address in the case of + // Note that we add the zero address in the case of // a network route. Roll on CIDR. // Note that 's == 0' implies this is the address pool. @@ -350,7 +357,7 @@ void routeset(sessionidt s, ipt ip, ipt mask, ipt gw, u8 add) // // Set up TUN interface -void inittun(void) +static void inittun(void) { struct ifreq ifr; struct sockaddr_in sin = {0}; @@ -398,16 +405,10 @@ void inittun(void) LOG(0, 0, 0, 0, "Error setting tun flags: %s\n", strerror(errno)); exit(1); } - if (ioctl(ifrfd, SIOCGIFINDEX, (void *) &ifr) < 0) - { - LOG(0, 0, 0, 0, "Error setting tun ifindex: %s\n", strerror(errno)); - exit(1); - } - tunidx = ifr.ifr_ifindex; } // set up UDP port -void initudp(void) +static void initudp(void) { int on = 1; struct sockaddr_in addr; @@ -458,7 +459,7 @@ void initudp(void) // IP address. // -int lookup_ipmap(ipt ip) +static int lookup_ipmap(ipt ip) { u8 *a = (u8 *)&ip; char **d = (char **) ip_hash; @@ -619,13 +620,13 @@ void send_garp(ipt ip) } // Find session by username, 0 for not found -sessiont *sessiontbysessionidt(sessionidt s) +static sessiont *sessiontbysessionidt(sessionidt s) { if (!s || s > MAXSESSION) return NULL; return &session[s]; } -sessionidt sessionidtbysessiont(sessiont *s) +static sessionidt sessionidtbysessiont(sessiont *s) { sessionidt val = s-session; if (s < session || val > MAXSESSION) return 0; @@ -700,7 +701,7 @@ int tun_write(u8 * data, int size) // process outgoing (to tunnel) IP // -void processipout(u8 * buf, int len) +static void processipout(u8 * buf, int len) { sessionidt s; sessiont *sp; @@ -805,7 +806,7 @@ void processipout(u8 * buf, int len) // Helper routine for the TBF filters. // Used to send queued data in to the user! // -void send_ipout(sessionidt s, u8 *buf, int len) +static void send_ipout(sessionidt s, u8 *buf, int len) { sessiont *sp; tunnelidt t; @@ -856,7 +857,7 @@ void send_ipout(sessionidt s, u8 *buf, int len) } // add an AVP (16 bit) -void control16(controlt * c, u16 avp, u16 val, u8 m) +static void control16(controlt * c, u16 avp, u16 val, u8 m) { u16 l = (m ? 0x8008 : 0x0008); *(u16 *) (c->buf + c->length + 0) = htons(l); @@ -867,7 +868,7 @@ void control16(controlt * c, u16 avp, u16 val, u8 m) } // add an AVP (32 bit) -void control32(controlt * c, u16 avp, u32 val, u8 m) +static void control32(controlt * c, u16 avp, u32 val, u8 m) { u16 l = (m ? 0x800A : 0x000A); *(u16 *) (c->buf + c->length + 0) = htons(l); @@ -878,7 +879,7 @@ void control32(controlt * c, u16 avp, u32 val, u8 m) } // add an AVP (32 bit) -void controls(controlt * c, u16 avp, char *val, u8 m) +static void controls(controlt * c, u16 avp, char *val, u8 m) { u16 l = ((m ? 0x8000 : 0) + strlen(val) + 6); *(u16 *) (c->buf + c->length + 0) = htons(l); @@ -889,7 +890,7 @@ void controls(controlt * c, u16 avp, char *val, u8 m) } // add a binary AVP -void controlb(controlt * c, u16 avp, char *val, unsigned int len, u8 m) +static void controlb(controlt * c, u16 avp, char *val, unsigned int len, u8 m) { u16 l = ((m ? 0x8000 : 0) + len + 6); *(u16 *) (c->buf + c->length + 0) = htons(l); @@ -900,7 +901,7 @@ void controlb(controlt * c, u16 avp, char *val, unsigned int len, u8 m) } // new control connection -controlt *controlnew(u16 mtype) +static controlt *controlnew(u16 mtype) { controlt *c; if (!controlfree) @@ -920,7 +921,7 @@ controlt *controlnew(u16 mtype) // send zero block if nothing is waiting // (ZLB send). -void controlnull(tunnelidt t) +static void controlnull(tunnelidt t) { u8 buf[12]; if (tunnel[t].controlc) // Messages queued; They will carry the ack. @@ -936,7 +937,7 @@ void controlnull(tunnelidt t) } // add a control message to a tunnel, and send if within window -void controladd(controlt * c, tunnelidt t, sessionidt s) +static void controladd(controlt * c, tunnelidt t, sessionidt s) { *(u16 *) (c->buf + 2) = htons(c->length); // length *(u16 *) (c->buf + 4) = htons(tunnel[t].far); // tunnel @@ -1008,7 +1009,6 @@ void throttle_session(sessionidt s, int rate_in, int rate_out) // start tidy shutdown of session void sessionshutdown(sessionidt s, char *reason) { - int dead = session[s].die; int walled_garden = session[s].walled_garden; @@ -1020,18 +1020,15 @@ void sessionshutdown(sessionidt s, char *reason) return; // not a live session } - if (!dead) - LOG(2, 0, s, session[s].tunnel, "Shutting down session %d: %s\n", s, reason); - - session[s].die = now() + 150; // Clean up in 15 seconds - + if (!session[s].die) { struct param_kill_session data = { &tunnel[session[s].tunnel], &session[s] }; + LOG(2, 0, s, session[s].tunnel, "Shutting down session %d: %s\n", s, reason); run_plugins(PLUGIN_KILL_SESSION, &data); } // RADIUS Stop message - if (session[s].opened && !walled_garden && !dead) + if (session[s].opened && !walled_garden && !session[s].die) { u16 r = session[s].radius; if (!r) @@ -1057,7 +1054,7 @@ void sessionshutdown(sessionidt s, char *reason) int r; for (r = 0; r < MAXROUTE && session[s].route[r].ip; r++) { - routeset(s, session[s].route[r].ip, session[s].route[r].mask, session[s].ip, 0); + routeset(s, session[s].route[r].ip, session[s].route[r].mask, 0, 0); session[s].route[r].ip = 0; } @@ -1080,6 +1077,9 @@ void sessionshutdown(sessionidt s, char *reason) controladd(c, session[s].tunnel, s); // send the message } + if (!session[s].die) + session[s].die = now() + 150; // Clean up in 15 seconds + cluster_send_session(s); } @@ -1129,7 +1129,7 @@ void sendipcp(tunnelidt t, sessionidt s) } // kill a session now -void sessionkill(sessionidt s, char *reason) +static void sessionkill(sessionidt s, char *reason) { CSTAT(call_sessionkill); @@ -1149,8 +1149,15 @@ void sessionkill(sessionidt s, char *reason) cluster_send_session(s); } +static void tunnelclear(tunnelidt t) +{ + if (!t) return; + memset(&tunnel[t], 0, sizeof(tunnel[t])); + tunnel[t].state = TUNNELFREE; +} + // kill a tunnel now -void tunnelkill(tunnelidt t, char *reason) +static void tunnelkill(tunnelidt t, char *reason) { sessionidt s; controlt *c; @@ -1181,7 +1188,7 @@ void tunnelkill(tunnelidt t, char *reason) } // shut down a tunnel cleanly -void tunnelshutdown(tunnelidt t, char *reason) +static void tunnelshutdown(tunnelidt t, char *reason) { sessionidt s; @@ -1198,7 +1205,7 @@ void tunnelshutdown(tunnelidt t, char *reason) // close session for (s = 1; s < MAXSESSION; s++) if (session[s].tunnel == t) - sessionkill(s, reason); + sessionshutdown(s, reason); tunnel[t].state = TUNNELDIE; tunnel[t].die = now() + 700; // Clean up in 70 seconds @@ -1921,7 +1928,7 @@ void processudp(u8 * buf, int len, struct sockaddr_in *addr) } // read and process packet on tun -void processtun(u8 * buf, int len) +static void processtun(u8 * buf, int len) { LOG_HEX(5, "Receive TUN Data", buf, len); STAT(tun_rx_packets); @@ -1949,7 +1956,7 @@ void processtun(u8 * buf, int len) // at once. #define MAX_ACTIONS 500 -int regular_cleanups(void) +static int regular_cleanups(void) { static sessionidt s = 0; // Next session to check for actions on. tunnelidt t; @@ -2149,7 +2156,7 @@ int regular_cleanups(void) // Are we in the middle of a tunnel update, or radius // requests?? // -int still_busy(void) +static int still_busy(void) { int i; static clockt last_talked = 0; @@ -2199,7 +2206,7 @@ static fd_set readset; static int readset_n = 0; // main loop - gets packets on tun or udp and processes them -void mainloop(void) +static void mainloop(void) { int i; u8 buf[65536]; @@ -2474,7 +2481,7 @@ static void stripdomain(char *host) } // Init data structures -void initdata(int optdebug, char *optconfig) +static void initdata(int optdebug, char *optconfig) { int i; @@ -2583,7 +2590,7 @@ void initdata(int optdebug, char *optconfig) #endif /* BGP */ } -int assign_ip_address(sessionidt s) +static int assign_ip_address(sessionidt s) { u32 i; int best = -1; @@ -2640,10 +2647,13 @@ int assign_ip_address(sessionidt s) return 1; } -void free_ip_address(sessionidt s) +static void free_ip_address(sessionidt s) { int i = session[s].ip_pool_index; + + CSTAT(call_free_ip_address); + if (!session[s].ip) return; // what the? @@ -2656,10 +2666,6 @@ void free_ip_address(sessionidt s) ip_address_pool[i].assigned = 0; ip_address_pool[i].session = 0; ip_address_pool[i].last = time_now; - - - CSTAT(call_free_ip_address); - } // @@ -2726,7 +2732,7 @@ void rebuild_address_pool(void) // // Fix the address pool to match a changed session. // (usually when the master sends us an update). -void fix_address_pool(int sid) +static void fix_address_pool(int sid) { int ipid; @@ -2747,7 +2753,7 @@ void fix_address_pool(int sid) // // Add a block of addresses to the IP pool to hand out. // -void add_to_ip_pool(u32 addr, u32 mask) +static void add_to_ip_pool(u32 addr, u32 mask) { int i; if (mask == 0) @@ -2775,7 +2781,7 @@ void add_to_ip_pool(u32 addr, u32 mask) } // Initialize the IP address pool -void initippool() +static void initippool() { FILE *f; char *p; @@ -2861,7 +2867,7 @@ void snoop_send_packet(char *packet, u16 size, ipt destination, u16 port) STAT(packets_snooped); } -void dump_acct_info() +static void dump_acct_info() { char filename[1024]; char timestr[64]; @@ -2921,8 +2927,6 @@ int main(int argc, char *argv[]) int optdebug = 0; char *optconfig = CONFIGFILE; - _program_name = strdup(argv[0]); - time(&basetime); // start clock // scan args @@ -3012,7 +3016,7 @@ int main(int argc, char *argv[]) } /* Set up the cluster communications port. */ - if (cluster_init(config->bind_address) < 0) + if (cluster_init() < 0) exit(1); #ifdef BGP @@ -3081,7 +3085,7 @@ int main(int argc, char *argv[]) return 0; } -void sighup_handler(int junk) +static void sighup_handler(int sig) { if (log_stream && log_stream != stderr) { @@ -3092,7 +3096,7 @@ void sighup_handler(int junk) read_config_file(); } -void sigalrm_handler(int junk) +static void sigalrm_handler(int sig) { // Log current traffic stats @@ -3125,7 +3129,7 @@ void sigalrm_handler(int junk) } -void sigterm_handler(int junk) +static void sigterm_handler(int sig) { LOG(1, 0, 0, 0, "Shutting down cleanly\n"); if (config->save_state) @@ -3134,7 +3138,7 @@ void sigterm_handler(int junk) main_quit++; } -void sigquit_handler(int junk) +static void sigquit_handler(int sig) { int i; @@ -3153,13 +3157,13 @@ void sigquit_handler(int junk) main_quit++; } -void sigchild_handler(int signal) +static void sigchild_handler(int sig) { while (waitpid(-1, NULL, WNOHANG) > 0) ; } -void read_state() +static void read_state() { struct stat sb; int i; @@ -3284,7 +3288,7 @@ void read_state() LOG(0, 0, 0, 0, "Loaded saved state information\n"); } -void dump_state() +static void dump_state() { FILE *f; u32 buf[2]; @@ -3335,7 +3339,7 @@ void dump_state() unlink(STATEFILE); } -void build_chap_response(char *challenge, u8 id, u16 challenge_length, char **challenge_response) +static void build_chap_response(char *challenge, u8 id, u16 challenge_length, char **challenge_response) { MD5_CTX ctx; *challenge_response = NULL; @@ -3370,7 +3374,7 @@ static int facility_value(char *name) return 0; } -void update_config() +static void update_config() { int i; static int timeout = 0; @@ -3511,7 +3515,7 @@ void update_config() config->reload_config = 0; } -void read_config_file() +static void read_config_file() { FILE *f; @@ -3584,7 +3588,7 @@ int sessionsetup(tunnelidt t, sessionidt s) cache_ipmap(session[s].ip, s); for (r = 0; r < MAXROUTE && session[s].route[r].ip; r++) - routeset(s, session[s].route[r].ip, session[s].route[r].mask, session[s].ip, 1); + routeset(s, session[s].route[r].ip, session[s].route[r].mask, 0, 1); if (!session[s].unique_id) { @@ -3653,7 +3657,7 @@ int load_session(sessionidt s, sessiont *new) // Remove any routes if the IP has changed for (i = 0; i < MAXROUTE && session[s].route[i].ip; i++) { - routeset(s, session[s].route[i].ip, session[s].route[i].mask, session[s].ip, 0); + routeset(s, session[s].route[i].ip, session[s].route[i].mask, 0, 0); session[s].route[i].ip = 0; } @@ -3681,10 +3685,10 @@ int load_session(sessionidt s, sessiont *new) continue; if (session[s].route[i].ip) // Remove the old one if it exists. - routeset(s, session[s].route[i].ip, session[s].route[i].mask, session[s].ip, 0); + routeset(s, session[s].route[i].ip, session[s].route[i].mask, 0, 0); if (new->route[i].ip) // Add the new one if it exists. - routeset(s, new->route[i].ip, new->route[i].mask, new->ip, 1); + routeset(s, new->route[i].ip, new->route[i].mask, 0, 1); } if (new->tunnel && s > config->cluster_highest_sessionid) // Maintain this in the slave. It's used @@ -3706,22 +3710,7 @@ int load_session(sessionidt s, sessiont *new) return 1; } -#ifdef RINGBUFFER -void ringbuffer_dump(FILE *stream) -{ - int i = ringbuffer->head; - - while (i != ringbuffer->tail) - { - if (*ringbuffer->buffer[i].message) - fprintf(stream, "%d-%s", ringbuffer->buffer[i].level, ringbuffer->buffer[i].message); - if (++i == ringbuffer->tail) break; - if (i == RINGBUFFER_SIZE) i = 0; - } -} -#endif - -void initplugins() +static void initplugins() { int i; @@ -3763,7 +3752,7 @@ static void *getconfig(char *key, enum config_typet type) return 0; } -void add_plugin(char *plugin_name) +static void add_plugin(char *plugin_name) { static struct pluginfuncs funcs = { _log, @@ -3837,7 +3826,7 @@ static void run_plugin_done(void *plugin) donefunc(); } -void remove_plugin(char *plugin_name) +static void remove_plugin(char *plugin_name) { void *p = open_plugin(plugin_name, 0); int i; @@ -3878,7 +3867,7 @@ int run_plugins(int plugin_type, void *data) return 1; } -void plugins_done() +static void plugins_done() { void *p; @@ -3887,7 +3876,7 @@ void plugins_done() run_plugin_done(p); } -void processcontrol(u8 * buf, int len, struct sockaddr_in *addr) +static void processcontrol(u8 * buf, int len, struct sockaddr_in *addr) { char *resp; int l; @@ -3922,14 +3911,7 @@ void processcontrol(u8 * buf, int len, struct sockaddr_in *addr) free(resp); } -void tunnelclear(tunnelidt t) -{ - if (!t) return; - memset(&tunnel[t], 0, sizeof(tunnel[t])); - tunnel[t].state = TUNNELFREE; -} - -tunnelidt new_tunnel() +static tunnelidt new_tunnel() { tunnelidt i; for (i = 1; i < MAXTUNNEL; i++) @@ -3976,7 +3958,6 @@ void become_master(void) // add radius fds for (i = 0; i < config->num_radfds; i++) { - if (!radfds[i]) continue; FD_SET(radfds[i], &readset); if (radfds[i] > readset_n) readset_n = radfds[i]; @@ -4070,7 +4051,7 @@ int cmd_show_hist_open(struct cli_def *cli, char *command, char **argv, int argc * * Based on code from rp-l2tpd by Roaring Penguin Software Inc. */ -int unhide_avp(u8 *avp, tunnelidt t, sessionidt s, u16 length) +static int unhide_avp(u8 *avp, tunnelidt t, sessionidt s, u16 length) { MD5_CTX ctx; u8 *cursor; diff --git a/l2tpns.h b/l2tpns.h index f6626e3..388059d 100644 --- a/l2tpns.h +++ b/l2tpns.h @@ -1,5 +1,5 @@ // L2TPNS Global Stuff -// $Id: l2tpns.h,v 1.34 2004-11-15 07:01:54 bodea Exp $ +// $Id: l2tpns.h,v 1.35 2004-11-16 07:54:32 bodea Exp $ #ifndef __L2TPNS_H__ #define __L2TPNS_H__ @@ -15,7 +15,7 @@ #include #include -#define VERSION "2.0.7" +#define VERSION "2.0.8" // Limits #define MAXTUNNEL 500 // could be up to 65535 @@ -493,9 +493,8 @@ void processipin(tunnelidt t, sessionidt s, u8 * p, u16 l); void processccp(tunnelidt t, sessionidt s, u8 * p, u16 l); void sendchap(tunnelidt t, sessionidt s); u8 *makeppp(u8 * b, int size, u8 * p, int l, tunnelidt t, sessionidt s, u16 mtype); -u8 *findppp(u8 * b, u8 mtype); void initlcp(tunnelidt t, sessionidt s); -void dumplcp(u8 *p, int l); +void send_ipin(sessionidt s, u8 * buf, int len); // radius.c @@ -508,40 +507,15 @@ void radiusclear(u16 r, sessionidt s); // l2tpns.c -clockt now(void); clockt backoff(u8 try); -void routeset(sessionidt, ipt ip, ipt mask, ipt gw, u8 add); -void inittun(void); -void initudp(void); -void initdata(int optdebug, char *optconfig); -void initippool(); sessionidt sessionbyip(ipt ip); sessionidt sessionbyuser(char *username); void sessionshutdown(sessionidt s, char *reason); -void sessionsendarp(sessionidt s); void send_garp(ipt ip); -void sessionkill(sessionidt s, char *reason); -void control16(controlt * c, u16 avp, u16 val, u8 m); -void control32(controlt * c, u16 avp, u32 val, u8 m); -void controls(controlt * c, u16 avp, char *val, u8 m); -void controlb(controlt * c, u16 avp, char *val, unsigned int len, u8 m); -controlt *controlnew(u16 mtype); -void controlnull(tunnelidt t); -void controladd(controlt * c, tunnelidt t, sessionidt s); void tunnelsend(u8 * buf, u16 l, tunnelidt t); -void tunnelkill(tunnelidt t, char *reason); -void tunnelshutdown(tunnelidt t, char *reason); void sendipcp(tunnelidt t, sessionidt s); -void processipout(u8 * buf, int len); -void processarp(u8 * buf, int len); void processudp(u8 * buf, int len, struct sockaddr_in *addr); -void processtun(u8 * buf, int len); -void processcontrol(u8 * buf, int len, struct sockaddr_in *addr); -int assign_ip_address(sessionidt s); -void free_ip_address(sessionidt s); void snoop_send_packet(char *packet, u16 size, ipt destination, u16 port); -void dump_acct_info(); -void mainloop(void); int cmd_show_ipcache(struct cli_def *cli, char *command, char **argv, int argc); int cmd_show_hist_idle(struct cli_def *cli, char *command, char **argv, int argc); int cmd_show_hist_open(struct cli_def *cli, char *command, char **argv, int argc); @@ -554,31 +528,25 @@ int cmd_show_hist_open(struct cli_def *cli, char *command, char **argv, int argc void _log(int level, ipt address, sessionidt s, tunnelidt t, const char *format, ...) __attribute__((format (printf, 5, 6))); void _log_hex(int level, const char *title, const char *data, int maxsize); -void build_chap_response(char *challenge, u8 id, u16 challenge_length, char **challenge_response); int sessionsetup(tunnelidt t, sessionidt s); -int cluster_send_session(int s); -int cluster_send_tunnel(int t); -int cluster_send_goodbye(); -void init_cli(char *hostname); -void cli_do_file(FILE *fh); -void cli_do(int sockfd); -int cli_arg_help(struct cli_def *cli, int cr_ok, char *entry, ...); -#ifdef RINGBUFFER -void ringbuffer_dump(FILE *stream); -#endif -void initplugins(void); int run_plugins(int plugin_type, void *data); -void add_plugin(char *plugin_name); -void remove_plugin(char *plugin_name); -void plugins_done(void); -void tunnelclear(tunnelidt t); -void host_unreachable(ipt destination, u16 id, ipt source, char *packet, int packet_len); -void fix_address_pool(int sid); void rebuild_address_pool(void); -void send_ipin(sessionidt s, u8 * buf, int len); void throttle_session(sessionidt s, int rate_in, int rate_out); int load_session(sessionidt, sessiont *); void become_master(void); // We're the master; kick off any required master initializations. + + +// cli.c +void init_cli(char *hostname); +void cli_do_file(FILE *fh); +void cli_do(int sockfd); +int cli_arg_help(struct cli_def *cli, int cr_ok, char *entry, ...); + + +// icmp.c +void host_unreachable(ipt destination, u16 id, ipt source, char *packet, int packet_len); + + extern tunnelt *tunnel; extern sessiont *session; extern sessioncountt *sess_count; diff --git a/l2tpns.spec b/l2tpns.spec index 5cb6592..79bf046 100644 --- a/l2tpns.spec +++ b/l2tpns.spec @@ -1,6 +1,6 @@ Summary: A high-speed clustered L2TP LNS Name: l2tpns -Version: 2.0.7 +Version: 2.0.8 Release: 1 Copyright: GPL Group: System Environment/Daemons @@ -41,5 +41,5 @@ rm -rf %{buildroot} %attr(755,root,root) /usr/lib/l2tpns %changelog -* Mon Nov 15 2004 Brendan O'Dea 2.0.7-1 -- 2.0.7 release, see /usr/share/doc/l2tpns-2.0.7/Changes +* Mon Nov 15 2004 Brendan O'Dea 2.0.8-1 +- 2.0.8 release, see /usr/share/doc/l2tpns-2.0.8/Changes diff --git a/ppp.c b/ppp.c index 222cdbd..f0e47e0 100644 --- a/ppp.c +++ b/ppp.c @@ -1,6 +1,6 @@ // L2TPNS PPP Stuff -char const *cvs_id_ppp = "$Id: ppp.c,v 1.25 2004-11-09 05:49:08 bodea Exp $"; +char const *cvs_id_ppp = "$Id: ppp.c,v 1.26 2004-11-16 07:54:32 bodea Exp $"; #include #include @@ -23,7 +23,7 @@ extern u32 eth_tx; extern time_t time_now; extern struct configt *config; -void sendccp(tunnelidt t, sessionidt s); +static void sendccp(tunnelidt t, sessionidt s); // Process PAP messages void processpap(tunnelidt t, sessionidt s, u8 *p, u16 l) @@ -224,7 +224,7 @@ void processchap(tunnelidt t, sessionidt s, u8 *p, u16 l) radiussend(r, RADIUSAUTH); } -char *ppp_lcp_types[] = { +static char *ppp_lcp_types[] = { NULL, "ConfigReq", "ConfigAck", @@ -240,7 +240,7 @@ char *ppp_lcp_types[] = { "IdentRequest", }; -void dumplcp(u8 *p, int l) +static void dumplcp(u8 *p, int l) { int x = l - 4; u8 *o = (p + 4); @@ -543,6 +543,26 @@ void processlcp(tunnelidt t, sessionidt s, u8 *p, u16 l) } } +// find a PPP option, returns point to option, or 0 if not found +static u8 *findppp(u8 *b, u8 mtype) +{ + u16 l = ntohs(*(u16 *) (b + 2)); + if (l < 4) + return 0; + b += 4; + l -= 4; + while (l) + { + if (l < b[1] || !b[1]) + return 0; // faulty + if (*b == mtype) + return b; + l -= b[1]; + b += b[1]; + } + return 0; +} + // Process IPCP messages void processipcp(tunnelidt t, sessionidt s, u8 *p, u16 l) { @@ -910,26 +930,6 @@ u8 *makeppp(u8 *b, int size, u8 *p, int l, tunnelidt t, sessionidt s, u16 mtype) return b; } -// find a PPP option, returns point to option, or 0 if not found -u8 *findppp(u8 *b, u8 mtype) -{ - u16 l = ntohs(*(u16 *) (b + 2)); - if (l < 4) - return 0; - b += 4; - l -= 4; - while (l) - { - if (l < b[1] || !b[1]) - return 0; // faulty - if (*b == mtype) - return b; - l -= b[1]; - b += b[1]; - } - return 0; -} - // Send initial LCP ConfigReq void initlcp(tunnelidt t, sessionidt s) { @@ -955,7 +955,7 @@ void initlcp(tunnelidt t, sessionidt s) } // Send CCP reply -void sendccp(tunnelidt t, sessionidt s) +static void sendccp(tunnelidt t, sessionidt s) { char *q, b[500] = {0}; diff --git a/radius.c b/radius.c index d2e2d3b..0ae8a8c 100644 --- a/radius.c +++ b/radius.c @@ -1,6 +1,6 @@ // L2TPNS Radius Stuff -char const *cvs_id_radius = "$Id: radius.c,v 1.11 2004-11-05 04:55:27 bodea Exp $"; +char const *cvs_id_radius = "$Id: radius.c,v 1.12 2004-11-16 07:54:32 bodea Exp $"; #include #include @@ -25,7 +25,7 @@ extern u32 sessionid; extern struct configt *config; extern int *radfds; -const char *radius_state(int state) +static const char *radius_state(int state) { static char *tmp = NULL; int i; @@ -46,7 +46,7 @@ void initrad(void) for (i = 0; i < config->num_radfds; i++) { int flags; - if (!radfds[i]) radfds[i] = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); + radfds[i] = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); flags = fcntl(radfds[i], F_GETFL, 0); fcntl(radfds[i], F_SETFL, flags | O_NONBLOCK); } @@ -658,19 +658,3 @@ void radiusretry(u16 r) break; } } - -void radius_clean() -{ - int i; - - LOG(1, 0, 0, 0, "Cleaning radius session array\n"); - - for (i = 1; i < MAXRADIUS; i++) - { - if (radius[i].retry == 0 - || !session[radius[i].session].opened - || session[radius[i].session].die - || session[radius[i].session].tunnel == 0) - radiusclear(i, radius[i].session); - } -} diff --git a/util.c b/util.c index 6d6b903..b11627b 100644 --- a/util.c +++ b/util.c @@ -1,6 +1,6 @@ /* Misc util functions */ -char const *cvs_id_util = "$Id: util.c,v 1.5 2004-11-05 04:55:27 bodea Exp $"; +char const *cvs_id_util = "$Id: util.c,v 1.6 2004-11-16 07:54:32 bodea Exp $"; #include #include @@ -34,7 +34,7 @@ void *shared_malloc(unsigned int size) return p; } -extern int udpfd, tunfd, snoopfd, ifrfd, cluster_sockfd; +extern int udpfd, controlfd, tunfd, snoopfd, ifrfd, cluster_sockfd; extern int *radfds; pid_t fork_and_close() @@ -66,14 +66,16 @@ pid_t fork_and_close() signal(SIGTERM, SIG_DFL); // Close sockets - if (udpfd) close(udpfd); udpfd = 0; - if (tunfd) close(tunfd); tunfd = 0; - if (snoopfd) close(snoopfd); snoopfd = 0; - for (i = 0; i < config->num_radfds; i++) - if (radfds[i]) close(radfds[i]); - if (ifrfd) close(ifrfd); ifrfd = 0; - if (cluster_sockfd) close(cluster_sockfd); cluster_sockfd = 0; - if (clifd) close(clifd); clifd = 0; + if (tunfd != -1) close(tunfd); + if (udpfd != -1) close(udpfd); + if (controlfd != -1) close(controlfd); + if (snoopfd != -1) close(snoopfd); + if (ifrfd != -1) close(ifrfd); + if (cluster_sockfd != -1) close(cluster_sockfd); + if (clifd != -1) close(clifd); + + for (i = 0; radfds && i < config->num_radfds; i++) + close(radfds[i]); #ifdef BGP for (i = 0; i < BGP_NUM_PEERS; i++) if (bgp_peers[i].sock != -1) -- 2.20.1