summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKozlov Dmitry <xeb@mail.ru>2012-04-21 22:01:56 +0400
committerKozlov Dmitry <xeb@mail.ru>2012-04-21 22:04:11 +0400
commit88b01cc61f8cbd41162041da7bf206eca7e04b2f (patch)
tree5cb9d64fb9ec05c2f3956bbccbee9e1660c616af
parent3b3aa52ec2b316f8c5ee1593ca11ce1f437828e6 (diff)
downloadaccel-ppp-88b01cc61f8cbd41162041da7bf206eca7e04b2f.tar.gz
accel-ppp-88b01cc61f8cbd41162041da7bf206eca7e04b2f.zip
implemented per CTRL mppe config
-rw-r--r--accel-pppd/accel-ppp.conf.56
-rw-r--r--accel-pppd/ctrl/l2tp/l2tp.c15
-rw-r--r--accel-pppd/ctrl/pppoe/pppoe.c15
-rw-r--r--accel-pppd/ctrl/pptp/pptp.c16
-rw-r--r--accel-pppd/ppp/ccp_mppe.c62
-rw-r--r--accel-pppd/ppp/ppp.h7
-rw-r--r--accel-pppd/ppp/ppp_ccp.c1
7 files changed, 101 insertions, 21 deletions
diff --git a/accel-pppd/accel-ppp.conf.5 b/accel-pppd/accel-ppp.conf.5
index c622ce3e..4591d669 100644
--- a/accel-pppd/accel-ppp.conf.5
+++ b/accel-pppd/accel-ppp.conf.5
@@ -222,6 +222,8 @@ Specifies maximum number of echo-requests may be sent without valid echo-reply,
.BI "timeout=" n
Timeout waiting reply from client in seconds (default 5).
.TP
+.BI "mppe=" deny|allow|prefer|require
+.TP
.SH [pppoe]
.br
Configuration of PPPoE module.
@@ -264,6 +266,8 @@ Specifies whether to handle TR101 tags.
.BI "padi-limit=" n
Specifies overall limit of PADI packets to reply in 1 second period (default 0 - unlimited). Rate of per-mac PADI packets is limited to no more than 1 packet per second.
.TP
+.BI "mppe=" deny|allow|prefer|require
+.TP
.SH [l2tp]
.br
Configuration of L2TP module.
@@ -291,6 +295,8 @@ If this option is given and
.B n
is greater of zero then l2tp module will produce verbose logging.
.TP
+.BI "mppe=" deny|allow|prefer|require
+.TP
.SH [radius]
.br
Configuration of RADIUS module.
diff --git a/accel-pppd/ctrl/l2tp/l2tp.c b/accel-pppd/ctrl/l2tp/l2tp.c
index a9ecd588..65cf456c 100644
--- a/accel-pppd/ctrl/l2tp/l2tp.c
+++ b/accel-pppd/ctrl/l2tp/l2tp.c
@@ -52,6 +52,7 @@ static int conf_retransmit = 5;
static int conf_hello_interval = 60;
static int conf_dir300_quirk = 0;
static const char *conf_host_name = "accel-ppp";
+static int conf_mppe = MPPE_UNSET;
static unsigned int stat_active;
static unsigned int stat_starting;
@@ -310,6 +311,7 @@ static int l2tp_tunnel_alloc(struct l2tp_serv_t *serv, struct l2tp_packet_t *pac
conn->ctrl.started = l2tp_ppp_started;
conn->ctrl.finished = l2tp_ppp_finished;
conn->ctrl.max_mtu = 1420;
+ conn->ctrl.mppe = conf_mppe;
conn->ctrl.calling_station_id = _malloc(17);
conn->ctrl.called_station_id = _malloc(17);
@@ -1146,6 +1148,19 @@ static void load_config(void)
opt = conf_get_opt("l2tp", "dir300_quirk");
if (opt)
conf_dir300_quirk = atoi(opt);
+
+ conf_mppe = MPPE_UNSET;
+ opt = conf_get_opt("l2tp", "mppe");
+ if (opt) {
+ if (strcmp(opt, "deny") == 0)
+ conf_mppe = MPPE_DENY;
+ else if (strcmp(opt, "allow") == 0)
+ conf_mppe = MPPE_ALLOW;
+ else if (strcmp(opt, "prefer") == 0)
+ conf_mppe = MPPE_PREFER;
+ else if (strcmp(opt, "require") == 0)
+ conf_mppe = MPPE_REQUIRE;
+ }
}
static void l2tp_init(void)
diff --git a/accel-pppd/ctrl/pppoe/pppoe.c b/accel-pppd/ctrl/pppoe/pppoe.c
index e1bc4021..43dc6437 100644
--- a/accel-pppd/ctrl/pppoe/pppoe.c
+++ b/accel-pppd/ctrl/pppoe/pppoe.c
@@ -80,6 +80,7 @@ int conf_ifname_in_sid;
char *conf_pado_delay;
int conf_tr101 = 1;
int conf_padi_limit = 0;
+int conf_mppe = MPPE_UNSET;
static mempool_t conn_pool;
static mempool_t pado_pool;
@@ -263,6 +264,7 @@ static struct pppoe_conn_t *allocate_channel(struct pppoe_serv_t *serv, const ui
conn->ctrl.max_mtu = MAX_PPPOE_MTU;
conn->ctrl.type = CTRL_TYPE_PPPOE;
conn->ctrl.name = "pppoe";
+ conn->ctrl.mppe = conf_mppe;
conn->ctrl.calling_station_id = _malloc(IFNAMSIZ + 19);
conn->ctrl.called_station_id = _malloc(IFNAMSIZ + 19);
@@ -1407,6 +1409,19 @@ static void load_config(void)
opt = conf_get_opt("pppoe", "padi-limit");
if (opt)
conf_padi_limit = atoi(opt);
+
+ conf_mppe = MPPE_UNSET;
+ opt = conf_get_opt("l2tp", "mppe");
+ if (opt) {
+ if (strcmp(opt, "deny") == 0)
+ conf_mppe = MPPE_DENY;
+ else if (strcmp(opt, "allow") == 0)
+ conf_mppe = MPPE_ALLOW;
+ else if (strcmp(opt, "prefer") == 0)
+ conf_mppe = MPPE_PREFER;
+ else if (strcmp(opt, "require") == 0)
+ conf_mppe = MPPE_REQUIRE;
+ }
}
static void pppoe_init(void)
diff --git a/accel-pppd/ctrl/pptp/pptp.c b/accel-pppd/ctrl/pptp/pptp.c
index e0875d6f..456b85a4 100644
--- a/accel-pppd/ctrl/pptp/pptp.c
+++ b/accel-pppd/ctrl/pptp/pptp.c
@@ -58,6 +58,8 @@ static int conf_timeout = 5;
static int conf_echo_interval = 0;
static int conf_echo_failure = 3;
static int conf_verbose = 0;
+static int conf_mppe = MPPE_UNSET;
+
static mempool_t conn_pool;
static unsigned int stat_starting;
@@ -668,6 +670,7 @@ static int pptp_connect(struct triton_md_handler_t *h)
conn->ctrl.max_mtu = PPTP_MAX_MTU;
conn->ctrl.type = CTRL_TYPE_PPTP;
conn->ctrl.name = "pptp";
+ conn->ctrl.mppe = conf_mppe;
conn->ctrl.calling_station_id = _malloc(17);
conn->ctrl.called_station_id = _malloc(17);
@@ -739,6 +742,19 @@ static void load_config(void)
opt = conf_get_opt("pptp", "verbose");
if (opt && atoi(opt) > 0)
conf_verbose = 1;
+
+ conf_mppe = MPPE_UNSET;
+ opt = conf_get_opt("pptp", "mppe");
+ if (opt) {
+ if (strcmp(opt, "deny") == 0)
+ conf_mppe = MPPE_DENY;
+ else if (strcmp(opt, "allow") == 0)
+ conf_mppe = MPPE_ALLOW;
+ else if (strcmp(opt, "prefer") == 0)
+ conf_mppe = MPPE_PREFER;
+ else if (strcmp(opt, "require") == 0)
+ conf_mppe = MPPE_REQUIRE;
+ }
}
static void pptp_init(void)
diff --git a/accel-pppd/ppp/ccp_mppe.c b/accel-pppd/ppp/ccp_mppe.c
index 9099fb0f..7c432842 100644
--- a/accel-pppd/ppp/ccp_mppe.c
+++ b/accel-pppd/ppp/ccp_mppe.c
@@ -32,7 +32,7 @@ static int mppe_recv_conf_nak(struct ppp_ccp_t *ccp, struct ccp_option_t *opt, u
static int mppe_recv_conf_rej(struct ppp_ccp_t *ccp, struct ccp_option_t *opt, uint8_t *ptr);
static void mppe_print(void (*print)(const char *fmt,...),struct ccp_option_t*, uint8_t *ptr);
-static int conf_mppe = -1;
+static int conf_mppe = MPPE_ALLOW;
struct mppe_option_t
{
@@ -59,18 +59,24 @@ static struct ccp_option_t *mppe_init(struct ppp_ccp_t *ccp)
{
struct mppe_option_t *mppe_opt = _malloc(sizeof(*mppe_opt));
memset(mppe_opt, 0, sizeof(*mppe_opt));
+ int mppe;
+
+ if (ccp->ppp->ctrl->mppe == MPPE_UNSET)
+ mppe = conf_mppe;
+ else
+ mppe = ccp->ppp->ctrl->mppe;
- if (conf_mppe != -1)
- mppe_opt->policy = conf_mppe;
+ if (mppe != MPPE_ALLOW)
+ mppe_opt->policy = mppe;
else
mppe_opt->policy = 1;
- if (conf_mppe > 0)
+ if (mppe > 0)
mppe_opt->mppe = 1;
else
mppe_opt->mppe = -1;
- if (conf_mppe == 2)
+ if (mppe == MPPE_REQUIRE)
ccp->ld.passive = 0;
mppe_opt->opt.id = CI_MPPE;
@@ -165,6 +171,12 @@ static int mppe_recv_conf_req(struct ppp_ccp_t *ccp, struct ccp_option_t *opt, u
{
struct mppe_option_t *mppe_opt = container_of(opt, typeof(*mppe_opt), opt);
struct ccp_opt32_t *opt32 = (struct ccp_opt32_t *)ptr;
+ int mppe;
+
+ if (ccp->ppp->ctrl->mppe == MPPE_UNSET)
+ mppe = conf_mppe;
+ else
+ mppe = ccp->ppp->ctrl->mppe;
if (!ptr) {
if (mppe_opt->policy == 2)
@@ -181,7 +193,7 @@ static int mppe_recv_conf_req(struct ppp_ccp_t *ccp, struct ccp_option_t *opt, u
} else if (mppe_opt->policy == 1) {
if (ntohl(opt32->val) == (MPPE_S | MPPE_H))
mppe_opt->mppe = 1;
- else if ((ntohl(opt32->val) & (MPPE_S | MPPE_H)) || conf_mppe == 1) {
+ else if ((ntohl(opt32->val) & (MPPE_S | MPPE_H)) || mppe == 1) {
mppe_opt->mppe = 1;
return CCP_OPT_NAK;
} else if (opt32->val) {
@@ -271,6 +283,7 @@ static void ev_mppe_keys(struct ev_mppe_keys_t *ev)
{
struct ppp_ccp_t *ccp = ccp_find_layer_data(ev->ppp);
struct mppe_option_t *mppe_opt = container_of(ccp_find_option(ev->ppp, &mppe_opt_hnd), typeof(*mppe_opt), opt);
+ int mppe;
memcpy(mppe_opt->recv_key, ev->recv_key, 16);
memcpy(mppe_opt->send_key, ev->send_key, 16);
@@ -284,19 +297,26 @@ static void ev_mppe_keys(struct ev_mppe_keys_t *ev)
return;
}
- mppe_opt->policy = ev->policy;
+ if (ccp->ppp->ctrl->mppe == MPPE_UNSET)
+ mppe = conf_mppe;
+ else
+ mppe = ev->ppp->ctrl->mppe;
- if (ev->policy == 2) {
- mppe_opt->mppe = 1;
- ccp->ld.passive = 0;
- } else if (ev->policy == 1) {
- if (conf_mppe == 1)
- mppe_opt->mppe = 1;
- else
- mppe_opt->mppe = -1;
+ if (ev->ppp->ctrl->mppe == MPPE_UNSET) {
+ mppe_opt->policy = ev->policy;
- if (conf_mppe == 2)
- ccp->ld.passive = 1;
+ if (ev->policy == 2) {
+ mppe_opt->mppe = 1;
+ ccp->ld.passive = 0;
+ } else if (ev->policy == 1) {
+ if (mppe == 1)
+ mppe_opt->mppe = 1;
+ else
+ mppe_opt->mppe = -1;
+
+ if (mppe == 2)
+ ccp->ld.passive = 1;
+ }
}
}
@@ -307,13 +327,13 @@ static void load_config(void)
opt = conf_get_opt("ppp", "mppe");
if (opt) {
if (!strcmp(opt,"require"))
- conf_mppe = 2;
+ conf_mppe = MPPE_REQUIRE;
else if (!strcmp(opt,"prefer") || !strcmp(opt,"prefere"))
- conf_mppe = 1;
+ conf_mppe = MPPE_PREFER;
else if (!strcmp(opt,"deny"))
- conf_mppe = 0;
+ conf_mppe = MPPE_DENY;
} else
- conf_mppe = -1;
+ conf_mppe = MPPE_ALLOW;
}
static void mppe_opt_init()
diff --git a/accel-pppd/ppp/ppp.h b/accel-pppd/ppp/ppp.h
index bb308899..18cb5c21 100644
--- a/accel-pppd/ppp/ppp.h
+++ b/accel-pppd/ppp/ppp.h
@@ -60,6 +60,12 @@
#define CTRL_TYPE_L2TP 2
#define CTRL_TYPE_PPPOE 3
+#define MPPE_UNSET -2
+#define MPPE_ALLOW -1
+#define MPPE_DENY 0
+#define MPPE_PREFER 1
+#define MPPE_REQUIRE 2
+
struct ppp_t;
struct ipv4db_item_t;
@@ -71,6 +77,7 @@ struct ppp_ctrl_t
int type;
const char *name;
int max_mtu;
+ int mppe;
char *calling_station_id;
char *called_station_id;
void (*started)(struct ppp_t*);
diff --git a/accel-pppd/ppp/ppp_ccp.c b/accel-pppd/ppp/ppp_ccp.c
index ee32fbcd..297d9bc7 100644
--- a/accel-pppd/ppp/ppp_ccp.c
+++ b/accel-pppd/ppp/ppp_ccp.c
@@ -719,6 +719,7 @@ static void ccp_recv(struct ppp_handler_t*h)
ppp_fsm_recv_code_rej_bad(&ccp->fsm);
break;
default:
+ log_ppp_info2("recv [CCP Unknown code=%x id=%x]\n", hdr->code, hdr->id);
ppp_fsm_recv_unk(&ccp->fsm);
break;
}