From eb37aeee8e9006ae4d7d9148a5fd0a6657aca659 Mon Sep 17 00:00:00 2001 From: bodea Date: Wed, 5 Apr 2006 01:45:57 +0000 Subject: [PATCH] send nsctl responses back using the correct source address --- Changes | 3 +- THANKS | 1 + l2tpns.c | 18 ++++-- l2tpns.spec | 2 +- util.c | 181 +++++++++++++++++++++++++++++++++++++--------------- util.h | 5 ++ 6 files changed, 150 insertions(+), 60 deletions(-) diff --git a/Changes b/Changes index bbb16bd..c74edc6 100644 --- a/Changes +++ b/Changes @@ -1,5 +1,6 @@ -* Mon Mar 27 2006 Brendan O'Dea 2.1.17 +* Fri Mar 31 2006 Brendan O'Dea 2.1.17 - Fix IPCP length test to allow Terminate-Request (4 bytes). +- Send nsctl responses back using the correct source address (thanks ltd). * Thu Feb 23 2006 Brendan O'Dea 2.1.16 - Send configured magic-no in LCP EchoReq when LCP is opened. diff --git a/THANKS b/THANKS index 9b245f2..1016be5 100644 --- a/THANKS +++ b/THANKS @@ -25,3 +25,4 @@ Charlie Brady Jon Morby Paul Martin Jonathan Yarden +Patrick Cole diff --git a/l2tpns.c b/l2tpns.c index 804e1ad..a48a725 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -4,7 +4,7 @@ // Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced // vim: sw=8 ts=8 -char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.156 2006/02/17 13:27:07 bodea Exp $"; +char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.157 2006/04/05 01:45:57 bodea Exp $"; #include #include @@ -200,7 +200,7 @@ static void initplugins(void); static int add_plugin(char *plugin_name); static int remove_plugin(char *plugin_name); static void plugins_done(void); -static void processcontrol(uint8_t *buf, int len, struct sockaddr_in *addr, int alen); +static void processcontrol(uint8_t *buf, int len, struct sockaddr_in *addr, int alen, struct in_addr *local); static tunnelidt new_tunnel(void); static void unhide_value(uint8_t *value, size_t len, uint16_t type, uint8_t *vector, size_t vec_len); @@ -3248,6 +3248,7 @@ static void mainloop(void) if (n) { struct sockaddr_in addr; + struct in_addr local; socklen_t alen; int c, s; int udp_ready = 0; @@ -3264,6 +3265,7 @@ static void mainloop(void) for (c = n, i = 0; i < c; i++) { struct event_data *d = events[i].data.ptr; + switch (d->type) { case FD_TYPE_CLI: // CLI connections @@ -3290,19 +3292,21 @@ static void mainloop(void) case FD_TYPE_CONTROL: // nsctl commands alen = sizeof(addr); - processcontrol(buf, recvfrom(controlfd, buf, sizeof(buf), MSG_WAITALL, (void *) &addr, &alen), &addr, alen); + s = recvfromto(controlfd, buf, sizeof(buf), MSG_WAITALL, (struct sockaddr *) &addr, &alen, &local); + if (s > 0) processcontrol(buf, s, &addr, alen, &local); n--; break; case FD_TYPE_DAE: // DAE requests alen = sizeof(addr); - processdae(buf, recvfrom(daefd, buf, sizeof(buf), MSG_WAITALL, (void *) &addr, &alen), &addr, alen); + s = recvfrom(daefd, buf, sizeof(buf), MSG_WAITALL, (struct sockaddr *) &addr, &alen); + if (s > 0) processdae(buf, s, &addr, alen); n--; break; case FD_TYPE_RADIUS: // RADIUS response alen = sizeof(addr); - s = recvfrom(radfds[d->index], buf, sizeof(buf), MSG_WAITALL, (void *) &addr, &alen); + s = recvfrom(radfds[d->index], buf, sizeof(buf), MSG_WAITALL, (struct sockaddr *) &addr, &alen); if (s >= 0 && config->cluster_iam_master) { if (addr.sin_addr.s_addr == config->radiusserver[0] || @@ -4883,7 +4887,7 @@ static void plugins_done() run_plugin_done(p); } -static void processcontrol(uint8_t *buf, int len, struct sockaddr_in *addr, int alen) +static void processcontrol(uint8_t *buf, int len, struct sockaddr_in *addr, int alen, struct in_addr *local) { struct nsctl request; struct nsctl response; @@ -5041,7 +5045,7 @@ static void processcontrol(uint8_t *buf, int len, struct sockaddr_in *addr, int r = pack_control(buf, NSCTL_MAX_PKT_SZ, response.type, response.argc, response.argv); if (r > 0) { - sendto(controlfd, buf, r, 0, (const struct sockaddr *) addr, alen); + sendtofrom(controlfd, buf, r, 0, (const struct sockaddr *) addr, alen, local); if (log_stream && config->debug >= 4) { LOG(4, 0, 0, "Sent [%s] ", fmtaddr(addr->sin_addr.s_addr, 0)); diff --git a/l2tpns.spec b/l2tpns.spec index 8a56285..98904ed 100644 --- a/l2tpns.spec +++ b/l2tpns.spec @@ -43,5 +43,5 @@ rm -rf %{buildroot} %attr(644,root,root) /usr/share/man/man[58]/* %changelog -* Mon Mar 27 2006 Brendan O'Dea 2.1.17-1 +* Fri Mar 31 2006 Brendan O'Dea 2.1.17-1 - 2.1.17 release, see /usr/share/doc/l2tpns-2.1.17/Changes diff --git a/util.c b/util.c index dee81f5..f3303b4 100644 --- a/util.c +++ b/util.c @@ -1,6 +1,6 @@ /* Misc util functions */ -char const *cvs_id_util = "$Id: util.c,v 1.13 2005/09/19 00:29:12 bodea Exp $"; +char const *cvs_id_util = "$Id: util.c,v 1.14 2006/04/05 01:45:57 bodea Exp $"; #include #include @@ -20,23 +20,25 @@ char const *cvs_id_util = "$Id: util.c,v 1.13 2005/09/19 00:29:12 bodea Exp $"; // to use char *fmtaddr(in_addr_t addr, int n) { - static char addrs[4][16]; - struct in_addr in; + static char addrs[4][16]; + struct in_addr in; - if (n < 0 || n >= 4) return ""; - in.s_addr = addr; - return strcpy(addrs[n], inet_ntoa(in)); + if (n < 0 || n >= 4) + return ""; + + in.s_addr = addr; + return strcpy(addrs[n], inet_ntoa(in)); } void *shared_malloc(unsigned int size) { - void * p; - p = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS, 0, 0); + void * p; + p = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS, 0, 0); - if (p == MAP_FAILED) - p = NULL; + if (p == MAP_FAILED) + p = NULL; - return p; + return p; } extern int forked; @@ -45,52 +47,129 @@ extern int *radfds; pid_t fork_and_close() { - pid_t pid = fork(); - int i; + pid_t pid = fork(); + int i; - if (pid) - return pid; + if (pid) + return pid; - forked++; - if (config->scheduler_fifo) + forked++; + if (config->scheduler_fifo) + { + struct sched_param params = {0}; + params.sched_priority = 0; + if (sched_setscheduler(0, SCHED_OTHER, ¶ms)) { - struct sched_param params = {0}; - params.sched_priority = 0; - if (sched_setscheduler(0, SCHED_OTHER, ¶ms)) - { - LOG(0, 0, 0, "Error setting scheduler to OTHER after fork: %s\n", strerror(errno)); - LOG(0, 0, 0, "This is probably really really bad.\n"); - } + LOG(0, 0, 0, "Error setting scheduler to OTHER after fork: %s\n", strerror(errno)); + LOG(0, 0, 0, "This is probably really really bad.\n"); } + } + + signal(SIGPIPE, SIG_DFL); + signal(SIGCHLD, SIG_DFL); + signal(SIGHUP, SIG_DFL); + signal(SIGUSR1, SIG_DFL); + signal(SIGQUIT, SIG_DFL); + signal(SIGKILL, SIG_DFL); + signal(SIGTERM, SIG_DFL); + + // Close sockets + if (clifd != -1) close(clifd); + if (cluster_sockfd != -1) close(cluster_sockfd); + if (tunfd != -1) close(tunfd); + if (udpfd != -1) close(udpfd); + if (controlfd != -1) close(controlfd); + if (daefd != -1) close(daefd); + if (snoopfd != -1) close(snoopfd); + if (ifrfd != -1) close(ifrfd); + if (ifr6fd != -1) close(ifr6fd); + if (rand_fd != -1) close(rand_fd); + if (epollfd != -1) close(epollfd); + + for (i = 0; radfds && i < RADIUS_FDS; i++) + close(radfds[i]); - signal(SIGPIPE, SIG_DFL); - signal(SIGCHLD, SIG_DFL); - signal(SIGHUP, SIG_DFL); - signal(SIGUSR1, SIG_DFL); - signal(SIGQUIT, SIG_DFL); - signal(SIGKILL, SIG_DFL); - signal(SIGTERM, SIG_DFL); - - // Close sockets - if (clifd != -1) close(clifd); - if (cluster_sockfd != -1) close(cluster_sockfd); - if (tunfd != -1) close(tunfd); - if (udpfd != -1) close(udpfd); - if (controlfd != -1) close(controlfd); - if (daefd != -1) close(daefd); - if (snoopfd != -1) close(snoopfd); - if (ifrfd != -1) close(ifrfd); - if (ifr6fd != -1) close(ifr6fd); - if (rand_fd != -1) close(rand_fd); - if (epollfd != -1) close(epollfd); - - for (i = 0; radfds && i < RADIUS_FDS; i++) - close(radfds[i]); #ifdef BGP - for (i = 0; i < BGP_NUM_PEERS; i++) - if (bgp_peers[i].sock != -1) - close(bgp_peers[i].sock); + for (i = 0; i < BGP_NUM_PEERS; i++) + if (bgp_peers[i].sock != -1) + close(bgp_peers[i].sock); #endif /* BGP */ - return pid; + return pid; +} + +ssize_t recvfromto(int s, void *buf, size_t len, int flags, + struct sockaddr *from, socklen_t *fromlen, struct in_addr *toaddr) +{ + ssize_t r; + struct msghdr msg; + struct cmsghdr *cmsg; + struct iovec vec; + char cbuf[128]; + + memset(&msg, 0, sizeof(msg)); + msg.msg_name = from; + msg.msg_namelen = *fromlen; + + vec.iov_base = buf; + vec.iov_len = len; + msg.msg_iov = &vec; + msg.msg_iovlen = 1; + msg.msg_flags = 0; + + msg.msg_control = cbuf; + msg.msg_controllen = sizeof(cbuf); + + if ((r = recvmsg(s, &msg, flags)) < 0) + return r; + + if (fromlen) + *fromlen = msg.msg_namelen; + + memset(toaddr, 0, sizeof(*toaddr)); + for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) + { + if (cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_PKTINFO) + { + struct in_pktinfo *i = (struct in_pktinfo *) CMSG_DATA(cmsg); + memcpy(toaddr, &i->ipi_addr, sizeof(*toaddr)); + break; + } + } + + return r; +} + +ssize_t sendtofrom(int s, void const *buf, size_t len, int flags, + struct sockaddr const *to, socklen_t tolen, struct in_addr const *from) +{ + struct msghdr msg; + struct cmsghdr *cmsg; + struct iovec vec; + struct in_pktinfo pktinfo; + char cbuf[CMSG_SPACE(sizeof(pktinfo))]; + + memset(&msg, 0, sizeof(msg)); + msg.msg_name = (struct sockaddr *) to; + msg.msg_namelen = tolen; + + vec.iov_base = (void *) buf; + vec.iov_len = len; + msg.msg_iov = &vec; + msg.msg_iovlen = 1; + msg.msg_flags = 0; + + msg.msg_control = cbuf; + msg.msg_controllen = sizeof(cbuf); + + cmsg = CMSG_FIRSTHDR(&msg); + cmsg->cmsg_level = SOL_IP; + cmsg->cmsg_type = IP_PKTINFO; + cmsg->cmsg_len = CMSG_LEN(sizeof(pktinfo)); + + memset(&pktinfo, 0, sizeof(pktinfo)); + memcpy(&pktinfo.ipi_spec_dst, from, sizeof(*from)); + memcpy(CMSG_DATA(cmsg), &pktinfo, sizeof(pktinfo)); + + return sendmsg(s, &msg, flags); } diff --git a/util.h b/util.h index 145559b..ee066f6 100644 --- a/util.h +++ b/util.h @@ -4,5 +4,10 @@ char *fmtaddr(in_addr_t addr, int n); void *shared_malloc(unsigned int size); pid_t fork_and_close(void); +ssize_t sendtofrom(int s, void const *buf, size_t len, int flags, + struct sockaddr const *to, socklen_t tolen, struct in_addr const *from); + +ssize_t recvfromto(int s, void *buf, size_t len, int flags, + struct sockaddr *from, socklen_t *fromlen, struct in_addr *toaddr); #endif /* __UTIL_H__ */ -- 2.20.1