diff options
| author | Vladislav Grishenko <themiron@mail.ru> | 2016-06-28 18:34:59 +0500 |
|---|---|---|
| committer | Vladislav Grishenko <themiron@mail.ru> | 2017-12-06 00:11:13 +0500 |
| commit | 221358f2630ad56c980153443f152ca4c1abbbae (patch) | |
| tree | 1f306ca8b12098f040719d2620de9db53fd2c0c2 | |
| parent | e959ea1bd262441a952ea0c807d553b4a9c38113 (diff) | |
| download | accel-ppp-xebd-221358f2630ad56c980153443f152ca4c1abbbae.tar.gz accel-ppp-xebd-221358f2630ad56c980153443f152ca4c1abbbae.zip | |
chap-secrets: allow to use pool name instead of address to specify ipv4 pool
Chap-secrets' ipdb uses 4th field as static peer ipv4 address. With no radius
and multiple same username sessions, it's impossible to use non-default pool
for such sessions.
Abuse chap-secret's 4th field as pool=name to specify session's pool name.
With ippool module loaded after chap-secrets (default order), it will be
used for allocation from the specified poll name.
Compatibility considerations:
* pppd will skip 'pool=*' with warn 'unknown host in auth. address list'
same as 5th field - shaper, because starting from 4th field pppd
parse list of value. so, no new effects here.
* previous versions of accel-ppp will parse 'pool=*' as empty address.
* with no 'pool=*' in chap-secrets or with no chap-secrets loaded, no
behavior change.
* with no ippool loaded, session will get no peer address.
* with ippool loaded before chap-secrets, chap-secrets's ipdb will not
be used, therefore neither ip addess not pool name will has no effect.
* if chap-secrets' pool is invalid or not found, default pool will be
used by ippool or address came from radius.
* chap-secret's pool name might override pool came from radius, if
radius module is loaded after chap-secrets and no address came from
radius.
| -rw-r--r-- | accel-pppd/extra/chap-secrets.c | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/accel-pppd/extra/chap-secrets.c b/accel-pppd/extra/chap-secrets.c index f99bd0b..166a619 100644 --- a/accel-pppd/extra/chap-secrets.c +++ b/accel-pppd/extra/chap-secrets.c @@ -43,6 +43,7 @@ struct cs_pd_t struct ipv4db_item_t ip; char *passwd; char *rate; + char *pool; }; #ifdef CRYPTO_OPENSSL @@ -229,8 +230,12 @@ found: } pd->ip.addr = conf_gw_ip_address; - if (n >= 3 && ptr[2][0] != '*') - pd->ip.peer_addr = inet_addr(ptr[2]); + if (n >= 3 && ptr[2][0] != '*') { + if (strncmp(ptr[2], "pool=", 5) == 0) + pd->pool = _strdup(ptr[2] + 5); + else + pd->ip.peer_addr = inet_addr(ptr[2]); + } pd->ip.mask = conf_netmask; pd->ip.owner = &ipdb; @@ -269,6 +274,8 @@ static void ev_ses_finished(struct ap_session *ses) _free(pd->passwd); if (pd->rate) _free(pd->rate); + if (pd->pool) + _free(pd->pool); _free(pd); } @@ -300,7 +307,12 @@ static struct ipv4db_item_t *get_ip(struct ap_session *ses) if (!pd) return NULL; - if (!pd->ip.peer_addr) + if (pd->pool) { + if (ses->ipv4_pool_name) + _free(ses->ipv4_pool_name); + ses->ipv4_pool_name = _strdup(pd->pool); + return NULL; + } else if (!pd->ip.peer_addr) return NULL; if (!ses->ctrl->ppp) |