ppp: introduced new option 'single-session' to control single session per user

4 files changed, 76 insertions, 31 deletions

diff --git a/accel-pppd/auth/auth_chap_md5.c b/accel-pppd/auth/auth_chap_md5.c
index 2ea60ba..a9a5572 100644
--- a/accel-pppd/auth/auth_chap_md5.c
+++ b/accel-pppd/auth/auth_chap_md5.c
@@ -289,9 +289,14 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h
 	name = _strndup(msg->name,ntohs(msg->hdr.len) - sizeof(*msg) + 2);
 
 	if (conf_any_login) {
+		if (ppp_auth_successed(ad->ppp, name)) {
+			chap_send_failure(ad);
+			ppp_terminate(ad->ppp, TERM_AUTH_ERROR, 0);
+			_free(name);
+			return;
+		}
 		chap_send_success(ad);
 		ad->started = 1;
-		ppp_auth_successed(ad->ppp, name);
 		return;
 	}
 
@@ -325,12 +330,17 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h
 				ppp_auth_failed(ad->ppp, name);
 			_free(name);
 		} else {
-			chap_send_success(ad);
 			if (!ad->started) {
-				ad->started = 1;
-				if (conf_interval)
-					triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0);
-				ppp_auth_successed(ad->ppp, name);
+				if (ppp_auth_successed(ad->ppp, name)) {
+					chap_send_failure(ad);
+					ppp_terminate(ad->ppp, TERM_AUTH_ERROR, 0);
+					_free(name);
+				} else {
+					chap_send_success(ad);
+					ad->started = 1;
+					if (conf_interval)
+						triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0);
+				}
 			} else
 				_free(name);
 		}
@@ -343,14 +353,21 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h
 			ppp_auth_failed(ad->ppp, name);
 		_free(name);
 	} else {
-		chap_send_success(ad);
 		if (!ad->started) {
-			ad->started = 1;
-			if (conf_interval)
-				triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0);
-			ppp_auth_successed(ad->ppp, name);
-		} else
+			if (ppp_auth_successed(ad->ppp, name)) {
+				chap_send_failure(ad);
+				ppp_terminate(ad->ppp, TERM_AUTH_ERROR, 0);
+				_free(name);
+			} else {
+				chap_send_success(ad);
+				ad->started = 1;
+				if (conf_interval)
+					triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0);
+			}
+		} else {
+			chap_send_success(ad);
 			_free(name);
+		}
 	}
 }
 
diff --git a/accel-pppd/auth/auth_mschap_v1.c b/accel-pppd/auth/auth_mschap_v1.c
index 4308300..237e3aa 100644
--- a/accel-pppd/auth/auth_mschap_v1.c
+++ b/accel-pppd/auth/auth_mschap_v1.c
@@ -312,9 +312,14 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h
 	}
 
 	if (conf_any_login) {
+		if (ppp_auth_successed(ad->ppp, name)) {
+			chap_send_failure(ad);
+			ppp_terminate(ad->ppp, TERM_AUTH_ERROR, 0);
+			_free(name);
+			return;
+		}
 		chap_send_success(ad);
 		ad->started = 1;
-		ppp_auth_successed(ad->ppp, name);
 		return;
 	}
 
@@ -331,14 +336,21 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h
 			ppp_auth_failed(ad->ppp, name);
 		_free(name);
 	} else {
-		chap_send_success(ad);
 		if (!ad->started) {
-			ad->started = 1;
-			if (conf_interval)
-				triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0);
-			ppp_auth_successed(ad->ppp, name);
-		} else
+			if (ppp_auth_successed(ad->ppp, name)) {
+				chap_send_failure(ad);
+				ppp_terminate(ad->ppp, TERM_AUTH_ERROR, 0);
+				_free(name);
+			} else {
+				chap_send_success(ad);
+				ad->started = 1;
+				if (conf_interval)
+					triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0);
+			}
+		} else {
+			chap_send_success(ad);
 			_free(name);
+		}
 	}
 }
 
diff --git a/accel-pppd/auth/auth_mschap_v2.c b/accel-pppd/auth/auth_mschap_v2.c
index 644f70b..c14e44f 100644
--- a/accel-pppd/auth/auth_mschap_v2.c
+++ b/accel-pppd/auth/auth_mschap_v2.c
@@ -404,14 +404,21 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h
 			ppp_auth_failed(ad->ppp, name);
 		_free(name);
 	} else {
-		chap_send_success(ad, msg, authenticator);
 		if (!ad->started) {
-			ad->started = 1;
-			if (conf_interval)
-				triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0);
-			ppp_auth_successed(ad->ppp, name);
-		} else
+			if (ppp_auth_successed(ad->ppp, name)) {
+				chap_send_failure(ad);
+				ppp_terminate(ad->ppp, TERM_AUTH_ERROR, 0);
+				_free(name);
+			} else {
+				chap_send_success(ad, msg, authenticator);
+				ad->started = 1;
+				if (conf_interval)
+					triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0);
+			}
+		} else {
+			chap_send_success(ad, msg, authenticator);
 			_free(name);
+		}
 	}
 }
 
diff --git a/accel-pppd/auth/auth_pap.c b/accel-pppd/auth/auth_pap.c
index 70e8081..c03a9a1 100644
--- a/accel-pppd/auth/auth_pap.c
+++ b/accel-pppd/auth/auth_pap.c
@@ -198,9 +198,14 @@ static int pap_recv_req(struct pap_auth_data_t *p, struct pap_hdr_t *hdr)
 	peer_id = _strndup((const char*)peer_id, peer_id_len);
 	
 	if (conf_any_login) {
+		if (ppp_auth_successed(p->ppp, peer_id)) {
+			pap_send_nak(p, hdr->id);
+			ppp_terminate(p->ppp, TERM_AUTH_ERROR, 0);
+			_free(peer_id);
+			return -1;
+		}
 		pap_send_ack(p, hdr->id);
 		p->started = 1;
-		ppp_auth_successed(p->ppp, peer_id);
 		return 0;
 	}
 
@@ -223,15 +228,19 @@ static int pap_recv_req(struct pap_auth_data_t *p, struct pap_hdr_t *hdr)
 			ppp_terminate(p->ppp, TERM_AUTH_ERROR, 0);
 		else
 			ppp_auth_failed(p->ppp, peer_id);
-		ret=-1;
+		ret = -1;
 		_free(peer_id);
 	} else {
-		pap_send_ack(p, hdr->id);
-		if (!p->started) {
+		if (ppp_auth_successed(p->ppp, peer_id)) {
+			pap_send_nak(p, hdr->id);
+			ppp_terminate(p->ppp, TERM_AUTH_ERROR, 0);
+			_free(peer_id);
+			ret = -1;
+		} else {
+			pap_send_ack(p, hdr->id);
 			p->started = 1;
-			ppp_auth_successed(p->ppp, peer_id);
+			ret = 0;
 		}
-		ret = 0;
 	}
 
 	_free(passwd);