vrf: T10: Add VRF support

Co-authored-by: Sergey V. Lobanov <svlobanov@users.noreply.github.com>
Co-authored-by: Vladislav Grishenko <themiron@users.noreply.github.com>

5 files changed, 88 insertions, 23 deletions

diff --git a/accel-pppd/radius/attr_defs.h b/accel-pppd/radius/attr_defs.h
index 8e5bf9b8..39fd0c05 100644
--- a/accel-pppd/radius/attr_defs.h
+++ b/accel-pppd/radius/attr_defs.h
@@ -1,6 +1,8 @@
 #define VENDOR_Microsoft 311
 #define VENDOR_Accel_PPP 55999
 
+#define Accel_VRF_Name 1
+
 #define User_Name 1
 #define User_Password 2
 #define CHAP_Password 3
diff --git a/accel-pppd/radius/dict/dictionary b/accel-pppd/radius/dict/dictionary
index cf9e367c..2afd26fc 100644
--- a/accel-pppd/radius/dict/dictionary
+++ b/accel-pppd/radius/dict/dictionary
@@ -76,6 +76,7 @@ $INCLUDE dictionary.rfc4818
 $INCLUDE dictionary.rfc5176
 $INCLUDE dictionary.rfc6911
 
+$INCLUDE dictionary.accel
 $INCLUDE dictionary.microsoft
 $INCLUDE dictionary.cisco
 $INCLUDE dictionary.alcatel
diff --git a/accel-pppd/radius/dict/dictionary.accel b/accel-pppd/radius/dict/dictionary.accel
new file mode 100644
index 00000000..849cc42c
--- /dev/null
+++ b/accel-pppd/radius/dict/dictionary.accel
@@ -0,0 +1,7 @@
+VENDOR			Accel-PPP				55999
+
+BEGIN-VENDOR	Accel-PPP
+
+ATTRIBUTE	Accel-VRF-Name			1		string
+
+END-VENDOR		Accel-PPP
diff --git a/accel-pppd/radius/dm_coa.c b/accel-pppd/radius/dm_coa.c
index 003a691d..b58306c5 100644
--- a/accel-pppd/radius/dm_coa.c
+++ b/accel-pppd/radius/dm_coa.c
@@ -17,6 +17,7 @@
 #include "log.h"
 
 #include "radius_p.h"
+#include "attr_defs.h"
 
 #include "memdebug.h"
 
@@ -143,6 +144,24 @@ static void disconnect_request(struct radius_pd_t *rpd)
 	ap_session_terminate(rpd->ses, TERM_ADMIN_RESET, 0);
 }
 
+#ifdef HAVE_VRF
+int rad_update_vrf(struct radius_pd_t *rpd, const char *vrf_name)
+{
+	if (*vrf_name == '0') {
+		// Delete interface from VRF
+		if (!ap_session_vrf(rpd->ses, NULL, 0))
+			return 1;
+	}
+	else {
+		// Add interface to VRF
+		if(!ap_session_vrf(rpd->ses, vrf_name, -1))
+			return 1;
+	}
+
+	return 0;
+}
+#endif
+
 static void coa_request(struct radius_pd_t *rpd)
 {
 	struct rad_attr_t *class;
@@ -153,6 +172,8 @@ static void coa_request(struct radius_pd_t *rpd)
 		.request = rpd->dm_coa_req,
 	};
 
+	int send_ack = 0;
+
 	if (conf_verbose) {
 		log_ppp_info2("recv ");
 		rad_packet_print(rpd->dm_coa_req, NULL, log_ppp_info2);
@@ -161,7 +182,7 @@ static void coa_request(struct radius_pd_t *rpd)
 	triton_event_fire(EV_RADIUS_COA, &ev);
 
 	if (ev.res)
-		dm_coa_send_nak(serv.hnd.fd, rpd->dm_coa_req, &rpd->dm_coa_addr, 0);
+		goto out;
 	else {
 		class = rad_packet_find_attr(rpd->dm_coa_req, NULL, "Class");
 		if (class) {
@@ -180,14 +201,32 @@ static void coa_request(struct radius_pd_t *rpd)
 				else
 					rad_packet_add_octets(rpd->acct_req->pack, NULL, "Class", rpd->attr_class, rpd->attr_class_len);
 			}
+			send_ack = 1;
+			goto out;
 		}
 
 		attr = rad_packet_find_attr(rpd->dm_coa_req, NULL, "Session-Timeout");
-		if (attr)
+		if (attr){
 			rad_update_session_timeout(rpd, attr->val.integer);
+			send_ack = 1;
+			goto out;
+		}
+#ifdef HAVE_VRF
+		attr = rad_packet_find_attr(rpd->dm_coa_req, "Accel-PPP", "Accel-VRF-Name");
+		if (attr){
+			if(!rad_update_vrf(rpd, attr->val.string)){
+				goto out;
+			}
+		}
+#endif
+		send_ack = 1;
+	}
 
+out:
+	if (send_ack)
 		dm_coa_send_ack(serv.hnd.fd, rpd->dm_coa_req, &rpd->dm_coa_addr);
-	}
+	else
+		dm_coa_send_nak(serv.hnd.fd, rpd->dm_coa_req, &rpd->dm_coa_addr, 0);
 
 	rad_packet_free(rpd->dm_coa_req);
 
diff --git a/accel-pppd/radius/radius.c b/accel-pppd/radius/radius.c
index 9137f610..a1a94476 100644
--- a/accel-pppd/radius/radius.c
+++ b/accel-pppd/radius/radius.c
@@ -20,6 +20,7 @@
 
 #include "radius_p.h"
 #include "attr_defs.h"
+#include "config.h"
 
 #include "memdebug.h"
 
@@ -282,28 +283,43 @@ int rad_proc_attrs(struct rad_req_t *req)
 	req->rpd->acct_interim_jitter = conf_acct_interim_jitter;
 
 	list_for_each_entry(attr, &req->reply->attrs, entry) {
-		if (attr->vendor && attr->vendor->id == VENDOR_Microsoft) {
-			switch (attr->attr->id) {
-				case MS_Primary_DNS_Server:
-					dns.ses = rpd->ses;
-					dns.dns1 = attr->val.ipaddr;
-					break;
-				case MS_Secondary_DNS_Server:
-					dns.ses = rpd->ses;
-					dns.dns2 = attr->val.ipaddr;
-					break;
-				case MS_Primary_NBNS_Server:
-					wins.ses = rpd->ses;
-					wins.wins1 = attr->val.ipaddr;
-					break;
-				case MS_Secondary_NBNS_Server:
-					wins.ses = rpd->ses;
-					wins.wins2 = attr->val.ipaddr;
-					break;
+		if (attr->vendor) {
+			if (attr->vendor->id == VENDOR_Microsoft) {
+				switch (attr->attr->id) {
+					case MS_Primary_DNS_Server:
+						dns.ses = rpd->ses;
+						dns.dns1 = attr->val.ipaddr;
+						break;
+					case MS_Secondary_DNS_Server:
+						dns.ses = rpd->ses;
+						dns.dns2 = attr->val.ipaddr;
+						break;
+					case MS_Primary_NBNS_Server:
+						wins.ses = rpd->ses;
+						wins.wins1 = attr->val.ipaddr;
+						break;
+					case MS_Secondary_NBNS_Server:
+						wins.ses = rpd->ses;
+						wins.wins2 = attr->val.ipaddr;
+						break;
+				}
+				continue;
+#ifdef HAVE_VRF
+			} else if (attr->vendor->id == VENDOR_Accel_PPP) {
+				switch (attr->attr->id) {
+					case Accel_VRF_Name:
+						if (rpd->ses->vrf_name)
+							_free(rpd->ses->vrf_name);
+						rpd->ses->vrf_name = _malloc(attr->len + 1);
+						memcpy(rpd->ses->vrf_name, attr->val.string, attr->len);
+						rpd->ses->vrf_name[attr->len] = 0;
+						break;
+				}
+				continue;
+#endif
 			}
 			continue;
-		} else if (attr->vendor)
-			continue;
+		}
 
 		switch(attr->attr->id) {
 			case User_Name: