From fc94b60b05a0f2683908eae1751e5e39f59d1ed0 Mon Sep 17 00:00:00 2001 From: bodea Date: Wed, 7 Dec 2005 05:21:37 +0000 Subject: [PATCH 1/1] - Reject unknown/unconfigured protocols on the master. - Sanity check MRU before using in ppp_code_rej, protoreject. --- Changes | 4 +++- Makefile | 2 +- l2tpns.c | 32 ++++++-------------------------- l2tpns.h | 3 ++- l2tpns.spec | 2 +- ppp.c | 35 +++++++++++++++++++++++++++++++++-- 6 files changed, 46 insertions(+), 32 deletions(-) diff --git a/Changes b/Changes index 6449a5b..1e40548 100644 --- a/Changes +++ b/Changes @@ -1,10 +1,12 @@ -* Tue Dec 6 2005 Brendan O'Dea 2.1.13 +* Wed Dec 7 2005 Brendan O'Dea 2.1.13 - Add test/ping-sweep. - Apply spec changes from Charlie Brady: use License header, change BuildRoot to include username. - Fix IPCP negotiation of secondary DNS server, reported by Jon Morby. - Clean up sessiont, removing some unused fields. - Remove unused "MAC" config type. +- Reject unknown/unconfigured protocols on the master. +- Sanity check MRU before using in ppp_code_rej, protoreject. * Thu Nov 17 2005 Brendan O'Dea 2.1.12 - Set MTU on tunnel interface so the kernel will re-fragment large diff --git a/Makefile b/Makefile index 2059695..ea7e8df 100644 --- a/Makefile +++ b/Makefile @@ -119,7 +119,7 @@ l2tpns.o: l2tpns.c md5.h l2tpns.h cluster.h plugin.h ll.h constants.h \ ll.o: ll.c ll.h md5.o: md5.c md5.h ppp.o: ppp.c l2tpns.h constants.h plugin.h util.h tbf.h cluster.h -radius.o: radius.c constants.h l2tpns.h plugin.h util.h cluster.h +radius.o: radius.c md5.h constants.h l2tpns.h plugin.h util.h cluster.h tbf.o: tbf.c l2tpns.h util.h tbf.h util.o: util.c l2tpns.h bgp.h bgp.o: bgp.c l2tpns.h bgp.h util.h diff --git a/l2tpns.c b/l2tpns.c index 39f72d7..ce446ff 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -4,7 +4,7 @@ // Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced // vim: sw=8 ts=8 -char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.150 2005/11/17 07:35:35 bodea Exp $"; +char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.151 2005/12/07 05:21:37 bodea Exp $"; #include #include @@ -96,9 +96,9 @@ uint32_t eth_tx = 0; static uint32_t ip_pool_size = 1; // Size of the pool of addresses used for dynamic address allocation. time_t time_now = 0; // Current time in seconds since epoch. static char time_now_string[64] = {0}; // Current time as a string. -int time_changed = 0; // time_now changed +static int time_changed = 0; // time_now changed char main_quit = 0; // True if we're in the process of exiting. -char main_reload = 0; // Re-load pending +static char main_reload = 0; // Re-load pending linked_list *loaded_plugins; linked_list *plugins[MAX_PLUGIN_TYPES]; @@ -2615,29 +2615,9 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) } else if (session[s].ppp.lcp == Opened) { - uint8_t buf[MAXETHER]; - uint8_t *q; - int mru = session[s].mru; - if (mru > sizeof(buf)) mru = sizeof(buf); - - l += 6; - if (l > mru) l = mru; - - q = makeppp(buf, sizeof(buf), 0, 0, s, t, PPPLCP); - if (!q) return; - - *q = ProtocolRej; - *(q + 1) = ++sess_local[s].lcp_ident; - *(uint16_t *)(q + 2) = htons(l); - *(uint16_t *)(q + 4) = htons(proto); - memcpy(q + 6, p, l - 6); - - if (proto == PPPIPV6CP) - LOG(3, s, t, "LCP: send ProtocolRej (IPV6CP: not configured)\n"); - else - LOG(2, s, t, "LCP: sent ProtocolRej (0x%04X: unsupported)\n", proto); - - tunnelsend(buf, l + (q - buf), t); + session[s].last_packet = time_now; + if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } + protoreject(s, t, p, l, proto); } else { diff --git a/l2tpns.h b/l2tpns.h index 1e35fbd..ac79f62 100644 --- a/l2tpns.h +++ b/l2tpns.h @@ -1,5 +1,5 @@ // L2TPNS Global Stuff -// $Id: l2tpns.h,v 1.104 2005/12/06 23:53:14 bodea Exp $ +// $Id: l2tpns.h,v 1.105 2005/12/07 05:21:37 bodea Exp $ #ifndef __L2TPNS_H__ #define __L2TPNS_H__ @@ -694,6 +694,7 @@ uint8_t *makeppp(uint8_t *b, int size, uint8_t *p, int l, sessionidt s, tunnelid void sendlcp(sessionidt s, tunnelidt t); void send_ipin(sessionidt s, uint8_t *buf, int len); void sendccp(sessionidt s, tunnelidt t); +void protoreject(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l, uint16_t proto); // radius.c diff --git a/l2tpns.spec b/l2tpns.spec index a57dc76..6f0cf4a 100644 --- a/l2tpns.spec +++ b/l2tpns.spec @@ -43,5 +43,5 @@ rm -rf %{buildroot} %attr(644,root,root) /usr/share/man/man[58]/* %changelog -* Tue Dec 6 2005 Brendan O'Dea 2.1.13-1 +* Wed Dec 7 2005 Brendan O'Dea 2.1.13-1 - 2.1.13 release, see /usr/share/doc/l2tpns-2.1.13/Changes diff --git a/ppp.c b/ppp.c index d7770e5..17fde89 100644 --- a/ppp.c +++ b/ppp.c @@ -1,6 +1,6 @@ // L2TPNS PPP Stuff -char const *cvs_id_ppp = "$Id: ppp.c,v 1.87 2005/12/04 13:06:50 bodea Exp $"; +char const *cvs_id_ppp = "$Id: ppp.c,v 1.88 2005/12/07 05:21:37 bodea Exp $"; #include #include @@ -449,6 +449,7 @@ static void ppp_code_rej(sessionidt s, tunnelidt t, uint16_t proto, { uint8_t *q; int mru = session[s].mru; + if (mru < MINMTU) mru = MINMTU; if (mru > size) mru = size; l += 4; @@ -577,7 +578,7 @@ void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) case 1: // Maximum-Receive-Unit { uint16_t mru = ntohs(*(uint16_t *)(o + 2)); - if (mru >= 576) + if (mru >= MINMTU) { session[s].mru = mru; break; @@ -1877,3 +1878,33 @@ void sendccp(sessionidt s, tunnelidt t) tunnelsend(b, (q - b) + 4 , t); restart_timer(s, ccp); } + +// Reject unknown/unconfigured protocols +void protoreject(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l, uint16_t proto) +{ + + uint8_t buf[MAXETHER]; + uint8_t *q; + int mru = session[s].mru; + if (mru < MINMTU) mru = MINMTU; + if (mru > sizeof(buf)) mru = sizeof(buf); + + l += 6; + if (l > mru) l = mru; + + q = makeppp(buf, sizeof(buf), 0, 0, s, t, PPPLCP); + if (!q) return; + + *q = ProtocolRej; + *(q + 1) = ++sess_local[s].lcp_ident; + *(uint16_t *)(q + 2) = htons(l); + *(uint16_t *)(q + 4) = htons(proto); + memcpy(q + 6, p, l - 6); + + if (proto == PPPIPV6CP) + LOG(3, s, t, "LCP: send ProtocolRej (IPV6CP: not configured)\n"); + else + LOG(2, s, t, "LCP: sent ProtocolRej (0x%04X: unsupported)\n", proto); + + tunnelsend(buf, l + (q - buf), t); +} -- 2.20.1