diff options
| author | Kozlov Dmitry <dima@server> | 2010-09-28 14:17:49 +0400 |
|---|---|---|
| committer | Kozlov Dmitry <dima@server> | 2010-09-28 14:17:49 +0400 |
| commit | fa48d5a3e19c1228903b00585be5c4d42d7bc190 (patch) | |
| tree | 2439c1bd0a7a34cab721c1ea1844363565a3dfad /accel-pptpd | |
| parent | c21c265d1b2e85a0fbdc17d1f25a92015572d424 (diff) | |
| parent | 0494f177888650aa52566923bc978a5f3c20f864 (diff) | |
| download | accel-ppp-xebd-fa48d5a3e19c1228903b00585be5c4d42d7bc190.tar.gz accel-ppp-xebd-fa48d5a3e19c1228903b00585be5c4d42d7bc190.zip | |
Merge branch 'accel-pptpd' of ssh://accel-pptp.git.sourceforge.net/gitroot/accel-pptp/accel-pptp into accel-pptpd
Diffstat (limited to 'accel-pptpd')
| -rw-r--r-- | accel-pptpd/accel-pptpd.conf | 18 | ||||
| -rw-r--r-- | accel-pptpd/auth/auth_chap_md5.c | 100 | ||||
| -rw-r--r-- | accel-pptpd/auth/auth_mschap_v1.c | 100 | ||||
| -rw-r--r-- | accel-pptpd/auth/auth_mschap_v2.c | 78 | ||||
| -rw-r--r-- | accel-pptpd/auth/auth_pap.c | 43 | ||||
| -rw-r--r-- | accel-pptpd/ctrl/pptp.c | 2 | ||||
| -rw-r--r-- | accel-pptpd/logs/log_file.c | 6 | ||||
| -rw-r--r-- | accel-pptpd/ppp/ppp.c | 20 | ||||
| -rw-r--r-- | accel-pptpd/ppp/ppp.h | 2 | ||||
| -rw-r--r-- | accel-pptpd/ppp/ppp_ccp.c | 7 | ||||
| -rw-r--r-- | accel-pptpd/ppp/ppp_fsm.c | 10 | ||||
| -rw-r--r-- | accel-pptpd/ppp/ppp_lcp.c | 27 | ||||
| -rw-r--r-- | accel-pptpd/radius/acct.c | 2 | ||||
| -rw-r--r-- | accel-pptpd/radius/radius.c | 22 | ||||
| -rw-r--r-- | accel-pptpd/radius/radius_p.h | 2 | ||||
| -rw-r--r-- | accel-pptpd/triton/loader.c | 44 |
16 files changed, 413 insertions, 70 deletions
diff --git a/accel-pptpd/accel-pptpd.conf b/accel-pptpd/accel-pptpd.conf index a9a8d8a..7a48802 100644 --- a/accel-pptpd/accel-pptpd.conf +++ b/accel-pptpd/accel-pptpd.conf @@ -1,13 +1,13 @@ [modules] -./liblog_file.so -#./liblog_pgsql.so -./libpptp.so -./libauth_pap.so -./libauth_chap_md5.so -./libauth_mschap_v1.so -./libauth_mschap_v2.so -./libradius.so -./libpppd_compat.so +log_file +#log_pgsql +pptp +auth_pap +auth_chap_md5 +auth_mschap_v1 +auth_mschap_v2 +libradius.so +pppd_compat [core] log-error=/dev/stderr diff --git a/accel-pptpd/auth/auth_chap_md5.c b/accel-pptpd/auth/auth_chap_md5.c index 7681fb5..ba12295 100644 --- a/accel-pptpd/auth/auth_chap_md5.c +++ b/accel-pptpd/auth/auth_chap_md5.c @@ -31,6 +31,10 @@ #define HDR_LEN (sizeof(struct chap_hdr_t)-2) +static int conf_timeout = 3; +static int conf_interval = 0; +static int conf_max_failure = 2; + static int urandom_fd; struct chap_hdr_t @@ -69,10 +73,16 @@ struct chap_auth_data_t struct ppp_t *ppp; int id; uint8_t val[VALUE_SIZE]; + struct triton_timer_t timeout; + struct triton_timer_t interval; + int failure; + int started:1; }; static void chap_send_challenge(struct chap_auth_data_t *ad); static void chap_recv(struct ppp_handler_t *h); +static void chap_timeout(struct triton_timer_t *t); +static void chap_restart(struct triton_timer_t *t); static void print_buf(const uint8_t *buf,int size) { @@ -87,8 +97,6 @@ static void print_str(const char *buf,int size) log_ppp_debug("%c",buf[i]); } - - static struct auth_data_t* auth_data_init(struct ppp_t *ppp) { struct chap_auth_data_t *d=_malloc(sizeof(*d)); @@ -113,6 +121,10 @@ static int chap_start(struct ppp_t *ppp, struct auth_data_t *auth) d->h.proto=PPP_CHAP; d->h.recv=chap_recv; + d->timeout.expire = chap_timeout; + d->timeout.expire_tv.tv_sec = conf_timeout; + d->interval.expire = chap_restart; + d->interval.expire_tv.tv_sec = conf_interval; ppp_register_chan_handler(ppp,&d->h); @@ -125,11 +137,41 @@ static int chap_finish(struct ppp_t *ppp, struct auth_data_t *auth) { struct chap_auth_data_t *d=container_of(auth,typeof(*d),auth); + if (d->timeout.tpd) + triton_timer_del(&d->timeout); + + if (d->interval.tpd) + triton_timer_del(&d->interval); + ppp_unregister_handler(ppp,&d->h); return 0; } +static void chap_timeout(struct triton_timer_t *t) +{ + struct chap_auth_data_t *d = container_of(t, typeof(*d), timeout); + + log_ppp_warn("chap-md5: timeout\n"); + + if (++d->failure == conf_max_failure) { + if (d->started) + ppp_terminate(d->ppp, 0); + else + auth_failed(d->ppp); + } else { + --d->id; + chap_send_challenge(d); + } +} + +static void chap_restart(struct triton_timer_t *t) +{ + struct chap_auth_data_t *d = container_of(t, typeof(*d), interval); + + chap_send_challenge(d); +} + static int lcp_send_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t *ptr) { *ptr = CHAP_MD5; @@ -194,6 +236,9 @@ static void chap_send_challenge(struct chap_auth_data_t *ad) log_ppp_debug(">]\n"); ppp_chan_send(ad->ppp,&msg,ntohs(msg.hdr.len)+2); + + if (conf_timeout && !ad->timeout.tpd) + triton_timer_add(ad->ppp->ctrl->ctx, &ad->timeout, 0); } static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *hdr) @@ -205,6 +250,9 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h int r; struct chap_challenge_t *msg=(struct chap_challenge_t*)hdr; + if (ad->timeout.tpd) + triton_timer_del(&ad->timeout); + log_ppp_debug("recv [CHAP Response id=%x <", msg->hdr.id); print_buf(msg->val,msg->val_size); log_ppp_debug(">, name=\""); @@ -249,20 +297,37 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h { log_ppp_debug("chap-md5: challenge response mismatch\n"); chap_send_failure(ad); - auth_failed(ad->ppp); + if (ad->started) + ppp_terminate(ad->ppp, 0); + else + auth_failed(ad->ppp); }else { chap_send_success(ad); - auth_successed(ad->ppp, name); + if (!ad->started) { + ad->started = 1; + if (conf_interval) + triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0); + auth_successed(ad->ppp, name); + } } + _free(name); _free(passwd); } else if (r == PWDB_DENIED) { chap_send_failure(ad); - auth_failed(ad->ppp); _free(name); + if (ad->started) + ppp_terminate(ad->ppp, 0); + else + auth_failed(ad->ppp); } else { chap_send_success(ad); - auth_successed(ad->ppp, name); + if (!ad->started) { + ad->started = 1; + if (conf_interval) + triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0); + auth_successed(ad->ppp, name); + } } } @@ -297,12 +362,27 @@ static void chap_recv(struct ppp_handler_t *h) static void __init auth_chap_md5_init() { - urandom_fd=open("/dev/urandom",O_RDONLY); - if (urandom_fd<0) - { - log_error("chap-md5: failed to open /dev/urandom: %s\n",strerror(errno)); + char *opt; + + opt = conf_get_opt("auth", "timeout"); + if (opt && atoi(opt) > 0) + conf_timeout = atoi(opt); + + opt = conf_get_opt("auth", "interval"); + if (opt && atoi(opt) > 0) + conf_interval = atoi(opt); + + opt = conf_get_opt("auth", "max-failure"); + if (opt && atoi(opt) > 0) + conf_max_failure = atoi(opt); + + urandom_fd=open("/dev/urandom", O_RDONLY); + + if (urandom_fd < 0) { + log_emerg("chap-md5: failed to open /dev/urandom: %s\n", strerror(errno)); return; } + if (ppp_auth_register_handler(&chap)) log_error("chap-md5: failed to register handler\n"); } diff --git a/accel-pptpd/auth/auth_mschap_v1.c b/accel-pptpd/auth/auth_mschap_v1.c index 818d60d..ac8edd7 100644 --- a/accel-pptpd/auth/auth_mschap_v1.c +++ b/accel-pptpd/auth/auth_mschap_v1.c @@ -34,6 +34,10 @@ #define HDR_LEN (sizeof(struct chap_hdr_t)-2) +static int conf_timeout = 3; +static int conf_interval = 0; +static int conf_max_failure = 2; + static int urandom_fd; struct chap_hdr_t @@ -82,11 +86,17 @@ struct chap_auth_data_t struct ppp_t *ppp; int id; uint8_t val[VALUE_SIZE]; + struct triton_timer_t timeout; + struct triton_timer_t interval; + int failure; + int started:1; }; static void chap_send_challenge(struct chap_auth_data_t *ad); static void chap_recv(struct ppp_handler_t *h); static int chap_check_response(struct chap_auth_data_t *ad, struct chap_response_t *res, const char *name); +static void chap_timeout(struct triton_timer_t *t); +static void chap_restart(struct triton_timer_t *t); static void print_buf(const uint8_t *buf,int size) { @@ -125,6 +135,10 @@ static int chap_start(struct ppp_t *ppp, struct auth_data_t *auth) d->h.proto=PPP_CHAP; d->h.recv=chap_recv; + d->timeout.expire = chap_timeout; + d->timeout.expire_tv.tv_sec = conf_timeout; + d->interval.expire = chap_restart; + d->interval.expire_tv.tv_sec = conf_interval; ppp_register_chan_handler(ppp,&d->h); @@ -137,11 +151,41 @@ static int chap_finish(struct ppp_t *ppp, struct auth_data_t *auth) { struct chap_auth_data_t *d=container_of(auth,typeof(*d),auth); + if (d->timeout.tpd) + triton_timer_del(&d->timeout); + + if (d->interval.tpd) + triton_timer_del(&d->interval); + ppp_unregister_handler(ppp,&d->h); return 0; } +static void chap_timeout(struct triton_timer_t *t) +{ + struct chap_auth_data_t *d = container_of(t, typeof(*d), timeout); + + log_ppp_warn("mschap-v1: timeout\n"); + + if (++d->failure == conf_max_failure) { + if (d->started) + ppp_terminate(d->ppp, 0); + else + auth_failed(d->ppp); + } else { + --d->id; + chap_send_challenge(d); + } +} + +static void chap_restart(struct triton_timer_t *t) +{ + struct chap_auth_data_t *d = container_of(t, typeof(*d), interval); + + chap_send_challenge(d); +} + static int lcp_send_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t *ptr) { *ptr=MSCHAP_V1; @@ -206,6 +250,9 @@ static void chap_send_challenge(struct chap_auth_data_t *ad) log_ppp_debug(">]\n"); ppp_chan_send(ad->ppp,&msg,ntohs(msg.hdr.len)+2); + + if (conf_timeout && !ad->timeout.tpd) + triton_timer_add(ad->ppp->ctrl->ctx, &ad->timeout, 0); } static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *hdr) @@ -214,6 +261,9 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h char *name; int r; + if (ad->timeout.tpd) + triton_timer_del(&ad->timeout); + log_ppp_debug("recv [MSCHAP-v1 Response id=%x <", msg->hdr.id); print_buf(msg->lm_hash,24); log_ppp_debug(">, <"); @@ -226,20 +276,29 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h { log_ppp_error("mschap-v1: id mismatch\n"); chap_send_failure(ad); - auth_failed(ad->ppp); + if (ad->started) + ppp_terminate(ad->ppp, 0); + else + auth_failed(ad->ppp); } if (msg->val_size!=RESPONSE_VALUE_SIZE) { log_ppp_error("mschap-v1: value-size should be %i, expected %i\n",RESPONSE_VALUE_SIZE,msg->val_size); chap_send_failure(ad); - auth_failed(ad->ppp); + if (ad->started) + ppp_terminate(ad->ppp, 0); + else + auth_failed(ad->ppp); } name = _strndup(msg->name,ntohs(msg->hdr.len)-sizeof(*msg)+2); if (!name) { log_emerg("mschap-v2: out of memory\n"); - auth_failed(ad->ppp); + if (ad->started) + ppp_terminate(ad->ppp, 0); + else + auth_failed(ad->ppp); return; } @@ -249,11 +308,19 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h if (r == PWDB_DENIED) { chap_send_failure(ad); - auth_failed(ad->ppp); + if (ad->started) + ppp_terminate(ad->ppp, 0); + else + auth_failed(ad->ppp); _free(name); } else { chap_send_success(ad); - auth_successed(ad->ppp, name); + if (!ad->started) { + ad->started = 1; + if (conf_interval) + triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0); + auth_successed(ad->ppp, name); + } } } @@ -356,13 +423,26 @@ static void chap_recv(struct ppp_handler_t *h) static void __init auth_mschap_v1_init() { - urandom_fd=open("/dev/urandom",O_RDONLY); - if (urandom_fd<0) - { - log_error("mschap-v1: failed to open /dev/urandom: %s\n",strerror(errno)); + char *opt; + + opt = conf_get_opt("auth", "timeout"); + if (opt && atoi(opt) > 0) + conf_timeout = atoi(opt); + + opt = conf_get_opt("auth", "interval"); + if (opt && atoi(opt) > 0) + conf_interval = atoi(opt); + + opt = conf_get_opt("auth", "max-failure"); + if (opt && atoi(opt) > 0) + conf_max_failure = atoi(opt); + + urandom_fd = open("/dev/urandom", O_RDONLY); + if (urandom_fd < 0) { + log_emerg("mschap-v1: failed to open /dev/urandom: %s\n", strerror(errno)); return; } if (ppp_auth_register_handler(&chap)) - log_error("mschap-v1: failed to register handler\n"); + log_emerg("mschap-v1: failed to register handler\n"); } diff --git a/accel-pptpd/auth/auth_mschap_v2.c b/accel-pptpd/auth/auth_mschap_v2.c index 8e50775..4b5e9a0 100644 --- a/accel-pptpd/auth/auth_mschap_v2.c +++ b/accel-pptpd/auth/auth_mschap_v2.c @@ -35,7 +35,12 @@ #define HDR_LEN (sizeof(struct chap_hdr_t)-2) +static int conf_timeout = 3; +static int conf_interval = 0; +static int conf_max_failure = 2; + static int urandom_fd; + static uint8_t magic1[39] = {0x4D, 0x61, 0x67, 0x69, 0x63, 0x20, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x74, 0x6F, 0x20, 0x63, 0x6C, 0x69, 0x65, @@ -95,11 +100,17 @@ struct chap_auth_data_t struct ppp_t *ppp; int id; uint8_t val[VALUE_SIZE]; + struct triton_timer_t timeout; + struct triton_timer_t interval; + int failure; + int started:1; }; static void chap_send_challenge(struct chap_auth_data_t *ad); static void chap_recv(struct ppp_handler_t *h); static int chap_check_response(struct chap_auth_data_t *ad, struct chap_response_t *msg, const char *name); +static void chap_timeout(struct triton_timer_t *t); +static void chap_restart(struct triton_timer_t *t); static void print_buf(const uint8_t *buf,int size) { @@ -140,6 +151,10 @@ static int chap_start(struct ppp_t *ppp, struct auth_data_t *auth) d->h.proto=PPP_CHAP; d->h.recv=chap_recv; + d->timeout.expire = chap_timeout; + d->timeout.expire_tv.tv_sec = conf_timeout; + d->interval.expire = chap_restart; + d->interval.expire_tv.tv_sec = conf_interval; ppp_register_chan_handler(ppp,&d->h); @@ -152,11 +167,41 @@ static int chap_finish(struct ppp_t *ppp, struct auth_data_t *auth) { struct chap_auth_data_t *d=container_of(auth,typeof(*d),auth); + if (d->timeout.tpd) + triton_timer_del(&d->timeout); + + if (d->interval.tpd) + triton_timer_del(&d->interval); + ppp_unregister_handler(ppp,&d->h); return 0; } +static void chap_timeout(struct triton_timer_t *t) +{ + struct chap_auth_data_t *d = container_of(t, typeof(*d), timeout); + + log_ppp_warn("mschap-v2: timeout\n"); + + if (++d->failure == conf_max_failure) { + if (d->started) + ppp_terminate(d->ppp, 0); + else + auth_failed(d->ppp); + } else { + --d->id; + chap_send_challenge(d); + } +} + +static void chap_restart(struct triton_timer_t *t) +{ + struct chap_auth_data_t *d = container_of(t, typeof(*d), interval); + + chap_send_challenge(d); +} + static int lcp_send_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t *ptr) { *ptr = MSCHAP_V2; @@ -280,6 +325,9 @@ static void chap_send_challenge(struct chap_auth_data_t *ad) log_ppp_debug(">]\n"); ppp_chan_send(ad->ppp,&msg,ntohs(msg.hdr.len)+2); + + if (conf_timeout && !ad->timeout.tpd) + triton_timer_add(ad->ppp->ctrl->ctx, &ad->timeout, 0); } static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *hdr) @@ -289,6 +337,9 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h char authenticator[40]; int r; + if (ad->timeout.tpd) + triton_timer_del(&ad->timeout); + log_ppp_debug("recv [MSCHAP-v2 Response id=%x <", msg->hdr.id); print_buf(msg->peer_challenge,16); log_ppp_debug(">, <"); @@ -301,20 +352,29 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h { log_ppp_error("mschap-v2: id mismatch\n"); chap_send_failure(ad); - ppp_terminate(ad->ppp, 0); + if (ad->started) + ppp_terminate(ad->ppp, 0); + else + auth_failed(ad->ppp); } if (msg->val_size!=RESPONSE_VALUE_SIZE) { log_ppp_error("mschap-v2: value-size should be %i, expected %i\n",RESPONSE_VALUE_SIZE,msg->val_size); chap_send_failure(ad); - ppp_terminate(ad->ppp, 0); + if (ad->started) + ppp_terminate(ad->ppp, 0); + else + auth_failed(ad->ppp); } name=_strndup(msg->name,ntohs(msg->hdr.len)-sizeof(*msg)+2); if (!name) { log_emerg("mschap-v2: out of memory\n"); - auth_failed(ad->ppp); + if (ad->started) + ppp_terminate(ad->ppp, 0); + else + auth_failed(ad->ppp); return; } @@ -328,11 +388,19 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h if (r == PWDB_DENIED) { chap_send_failure(ad); - auth_failed(ad->ppp); + if (ad->started) + ppp_terminate(ad->ppp, 0); + else + auth_failed(ad->ppp); _free(name); } else { chap_send_success(ad, msg, authenticator); - auth_successed(ad->ppp, name); + if (!ad->started) { + ad->started = 1; + if (conf_interval) + triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0); + auth_successed(ad->ppp, name); + } } } diff --git a/accel-pptpd/auth/auth_pap.c b/accel-pptpd/auth/auth_pap.c index 2abf572..42ef66b 100644 --- a/accel-pptpd/auth/auth_pap.c +++ b/accel-pptpd/auth/auth_pap.c @@ -20,7 +20,7 @@ #define PAP_ACK 2 #define PAP_NAK 3 -char *strndup(const char *s, size_t n); +static int conf_timeout = 3; static struct auth_data_t* auth_data_init(struct ppp_t *ppp); static void auth_data_free(struct ppp_t*, struct auth_data_t*); @@ -29,12 +29,15 @@ static int lcp_recv_conf_req(struct ppp_t*, struct auth_data_t*, uint8_t*); static int pap_start(struct ppp_t*, struct auth_data_t*); static int pap_finish(struct ppp_t*, struct auth_data_t*); static void pap_recv(struct ppp_handler_t*h); +static void pap_timeout(struct triton_timer_t *t); struct pap_auth_data_t { struct auth_data_t auth; struct ppp_handler_t h; struct ppp_t *ppp; + int started:1; + struct triton_timer_t timeout; }; struct pap_hdr_t @@ -85,8 +88,12 @@ static int pap_start(struct ppp_t *ppp, struct auth_data_t *auth) { struct pap_auth_data_t *d=container_of(auth,typeof(*d),auth); - d->h.proto=PPP_PAP; - d->h.recv=pap_recv; + d->h.proto = PPP_PAP; + d->h.recv = pap_recv; + d->timeout.expire = pap_timeout; + d->timeout.expire_tv.tv_sec = conf_timeout; + + triton_timer_add(ppp->ctrl->ctx, &d->timeout, 0); ppp_register_chan_handler(ppp,&d->h); @@ -95,12 +102,23 @@ static int pap_start(struct ppp_t *ppp, struct auth_data_t *auth) static int pap_finish(struct ppp_t *ppp, struct auth_data_t *auth) { struct pap_auth_data_t *d=container_of(auth,typeof(*d),auth); + + if (d->timeout.tpd) + triton_timer_del(&d->timeout); ppp_unregister_handler(ppp,&d->h); return 0; } +static void pap_timeout(struct triton_timer_t *t) +{ + struct pap_auth_data_t *d = container_of(t, typeof(*d), timeout); + + log_ppp_warn("pap: timeout\n"); + auth_failed(d->ppp); +} + static int lcp_send_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t *ptr) { return 0; @@ -153,6 +171,9 @@ static int pap_recv_req(struct pap_auth_data_t *p,struct pap_hdr_t *hdr) int passwd_len; uint8_t *ptr=(uint8_t*)(hdr+1); + if (p->timeout.tpd) + triton_timer_del(&p->timeout); + log_ppp_debug("recv [PAP AuthReq id=%x]\n",hdr->id); peer_id_len=*(uint8_t*)ptr; ptr++; @@ -184,12 +205,18 @@ static int pap_recv_req(struct pap_auth_data_t *p,struct pap_hdr_t *hdr) if (r == PWDB_DENIED) { log_ppp_warn("PAP: authentication error\n"); pap_send_nak(p, hdr->id); - auth_failed(p->ppp); + if (p->started) + ppp_terminate(p->ppp, 0); + else + auth_failed(p->ppp); ret=-1; _free(peer_id); } else { pap_send_ack(p, hdr->id); - auth_successed(p->ppp, peer_id); + if (!p->started) { + p->started = 1; + auth_successed(p->ppp, peer_id); + } ret = 0; } @@ -218,6 +245,12 @@ static void pap_recv(struct ppp_handler_t *h) static void __init auth_pap_init() { + char *opt; + + opt = conf_get_opt("auth", "timeout"); + if (opt && atoi(opt) > 0) + conf_timeout = atoi(opt); + ppp_auth_register_handler(&pap); } diff --git a/accel-pptpd/ctrl/pptp.c b/accel-pptpd/ctrl/pptp.c index e895267..3534493 100644 --- a/accel-pptpd/ctrl/pptp.c +++ b/accel-pptpd/ctrl/pptp.c @@ -387,7 +387,7 @@ static int pptp_echo_rply(struct pptp_conn_t *conn) if (msg->identifier != conn->echo_sent) { log_ppp_warn("pptp:echo: identifier mismatch\n"); - return -1; + //return -1; } conn->echo_sent = 0; return 0; diff --git a/accel-pptpd/logs/log_file.c b/accel-pptpd/logs/log_file.c index 26ec3f9..be615ad 100644 --- a/accel-pptpd/logs/log_file.c +++ b/accel-pptpd/logs/log_file.c @@ -36,14 +36,14 @@ struct log_file_t int fd; int new_fd; off_t offset; - uint64_t magic; + unsigned long magic; }; struct log_file_pd_t { struct ppp_pd_t pd; struct log_file_t lf; - uint64_t tmp; + unsigned long tmp; }; static int conf_color; @@ -72,7 +72,7 @@ static LIST_HEAD(lf_queue); static spinlock_t lf_queue_lock = SPINLOCK_INITIALIZER; static int lf_queue_sleeping = 1; -static uint64_t temp_seq; +static unsigned long temp_seq; static void send_next_chunk(); diff --git a/accel-pptpd/ppp/ppp.c b/accel-pptpd/ppp/ppp.c index f8da005..9491977 100644 --- a/accel-pptpd/ppp/ppp.c +++ b/accel-pptpd/ppp/ppp.c @@ -274,7 +274,8 @@ cont: } } - log_ppp_warn("ppp_chan_read: discarding unknown packet %x\n", proto); + lcp_send_proto_rej(ppp, proto); + //log_ppp_warn("ppp_chan_read: discarding unknown packet %x\n", proto); } } @@ -316,15 +317,18 @@ cont: goto cont; } } - - log_ppp_warn("ppp_unit_read: discarding unknown packet %x\n",proto); + lcp_send_proto_rej(ppp, proto); + //log_ppp_warn("ppp_unit_read: discarding unknown packet %x\n", proto); } } void __export ppp_layer_started(struct ppp_t *ppp, struct ppp_layer_data_t *d) { struct layer_node_t *n=d->node; - + + if (d->started) + return; + d->started=1; list_for_each_entry(d,&n->items,entry) @@ -351,15 +355,15 @@ void __export ppp_layer_started(struct ppp_t *ppp, struct ppp_layer_data_t *d) void __export ppp_layer_finished(struct ppp_t *ppp, struct ppp_layer_data_t *d) { struct layer_node_t *n=d->node; - - d->starting=0; - d->started=0; + + d->finished = 1; + d->starting = 0; list_for_each_entry(n,&ppp->layers,entry) { list_for_each_entry(d,&n->items,entry) { - if (d->starting) + if (!d->finished) return; } } diff --git a/accel-pptpd/ppp/ppp.h b/accel-pptpd/ppp/ppp.h index 5769f8c..afc26a3 100644 --- a/accel-pptpd/ppp/ppp.h +++ b/accel-pptpd/ppp/ppp.h @@ -112,6 +112,7 @@ struct ppp_layer_data_t struct layer_node_t *node; int starting:1; int started:1; + int finished:1; }; struct ppp_layer_t @@ -135,6 +136,7 @@ void ppp_init(struct ppp_t *ppp); int establish_ppp(struct ppp_t *ppp); int ppp_chan_send(struct ppp_t *ppp, void *data, int size); int ppp_unit_send(struct ppp_t *ppp, void *data, int size); +void lcp_send_proto_rej(struct ppp_t *ppp, uint16_t proto); struct ppp_fsm_t* ppp_lcp_init(struct ppp_t *ppp); void ppp_layer_started(struct ppp_t *ppp,struct ppp_layer_data_t*); diff --git a/accel-pptpd/ppp/ppp_ccp.c b/accel-pptpd/ppp/ppp_ccp.c index 477b624..6deaeb1 100644 --- a/accel-pptpd/ppp/ppp_ccp.c +++ b/accel-pptpd/ppp/ppp_ccp.c @@ -105,6 +105,12 @@ int ccp_layer_start(struct ppp_layer_data_t *ld) log_ppp_debug("ccp_layer_start\n"); ccp_options_init(ccp); + + if (list_empty(&ccp->options)) { + ppp_layer_started(ccp->ppp, &ccp->ld); + return 0; + } + ppp_fsm_lower_up(&ccp->fsm); if (ppp_fsm_open(&ccp->fsm)) return -1; @@ -529,6 +535,7 @@ static void ccp_recv(struct ppp_handler_t*h) if (ccp->fsm.fsm_state==FSM_Initial || ccp->fsm.fsm_state==FSM_Closed) { log_ppp_warn("CCP: discaring packet\n"); + lcp_send_proto_rej(ccp->ppp, htons(PPP_CCP)); return; } diff --git a/accel-pptpd/ppp/ppp_fsm.c b/accel-pptpd/ppp/ppp_fsm.c index 4fc60c2..6efc2e0 100644 --- a/accel-pptpd/ppp/ppp_fsm.c +++ b/accel-pptpd/ppp/ppp_fsm.c @@ -277,11 +277,19 @@ void ppp_fsm_recv_conf_req_rej(struct ppp_fsm_t *layer) --layer->restart_counter; if (layer->send_conf_req) layer->send_conf_req(layer); case FSM_Ack_Sent: + if (++layer->conf_failure == layer->max_failure) { + if (layer->layer_down) layer->layer_down(layer); + return; + } if (layer->send_conf_rej) layer->send_conf_rej(layer); layer->fsm_state=FSM_Req_Sent; break; case FSM_Req_Sent: case FSM_Ack_Rcvd: + if (++layer->conf_failure == layer->max_failure) { + if (layer->layer_down) layer->layer_down(layer); + return; + } if (layer->send_conf_rej) layer->send_conf_rej(layer); break; case FSM_Opened: @@ -342,7 +350,7 @@ void ppp_fsm_recv_conf_rej(struct ppp_fsm_t *layer) break; case FSM_Req_Sent: if (++layer->conf_failure == layer->max_failure) { - ppp_terminate(layer->ppp, 0); + if (layer->layer_down) layer->layer_down(layer); return; } //if (layer->init_req_cnt) layer->init_req_cnt(layer); diff --git a/accel-pptpd/ppp/ppp_lcp.c b/accel-pptpd/ppp/ppp_lcp.c index 66d31da..02fafab 100644 --- a/accel-pptpd/ppp/ppp_lcp.c +++ b/accel-pptpd/ppp/ppp_lcp.c @@ -26,6 +26,7 @@ static int conf_echo_interval = 0; static int conf_echo_failure = 3; static LIST_HEAD(option_handlers); +static struct ppp_layer_t lcp_layer; static void lcp_layer_up(struct ppp_fsm_t*); static void lcp_layer_down(struct ppp_fsm_t*); @@ -378,7 +379,7 @@ static int lcp_recv_conf_req(struct ppp_lcp_t *lcp,uint8_t *data,int size) } log_ppp_debug("]\n"); - list_for_each_entry(lopt,&lcp->options,entry) + /*list_for_each_entry(lopt,&lcp->options,entry) { if (lopt->state==LCP_OPT_NONE) { @@ -386,7 +387,7 @@ static int lcp_recv_conf_req(struct ppp_lcp_t *lcp,uint8_t *data,int size) lopt->state=r; if (r<ret) ret=r; } - } + }*/ return ret; } @@ -616,6 +617,27 @@ static void send_term_ack(struct ppp_fsm_t *fsm) ppp_chan_send(lcp->ppp, &hdr, 6); } +void lcp_send_proto_rej(struct ppp_t *ppp, uint16_t proto) +{ + struct ppp_lcp_t *lcp = container_of(ppp_find_layer_data(ppp, &lcp_layer), typeof(*lcp), ld); + struct rej_msg_t + { + struct lcp_hdr_t hdr; + uint16_t proto; + } __attribute__((packed)) msg = { + .hdr.proto = htons(PPP_LCP), + .hdr.code = PROTOREJ, + .hdr.id = ++lcp->fsm.id, + .hdr.len = htons(6), + .proto = proto, + }; + + log_ppp_debug("send [LCP ProtoRej id=%i <%x>]\n", msg.hdr.id, proto); + + ppp_chan_send(lcp->ppp, &msg, sizeof(msg)); +} + + static void lcp_recv(struct ppp_handler_t*h) { struct lcp_hdr_t *hdr; @@ -697,6 +719,7 @@ static void lcp_recv(struct ppp_handler_t*h) ppp_fsm_recv_code_rej_bad(&lcp->fsm); break; case ECHOREQ: + log_ppp_debug("recv [LCP EchoReq id=%x <magic %x>]\n",hdr->id, *(uint32_t*)(hdr + 1)); send_echo_reply(lcp); break; case ECHOREP: diff --git a/accel-pptpd/radius/acct.c b/accel-pptpd/radius/acct.c index fb5e2e2..987b22b 100644 --- a/accel-pptpd/radius/acct.c +++ b/accel-pptpd/radius/acct.c @@ -71,7 +71,7 @@ static int rad_acct_read(struct triton_md_handler_t *h) return 0; if (conf_verbose) { - log_ppp_debug("send "); + log_ppp_debug("recv "); rad_packet_print(req->reply, log_ppp_debug); } diff --git a/accel-pptpd/radius/radius.c b/accel-pptpd/radius/radius.c index 38ace95..42b39a5 100644 --- a/accel-pptpd/radius/radius.c +++ b/accel-pptpd/radius/radius.c @@ -59,6 +59,8 @@ void rad_proc_attrs(struct rad_req_t *req) } } else if (!strcmp(attr->attr->name, "Acct-Interim-Interval")) req->rpd->acct_interim_interval = attr->val.integer; + else if (!strcmp(attr->attr->name, "Session-Timeout")) + req->rpd->session_timeout.expire_tv.tv_sec = attr->val.integer; } } @@ -105,6 +107,14 @@ static struct ipdb_item_t *get_ip(struct ppp_t *ppp) return NULL; } +static void session_timeout(struct triton_timer_t *t) +{ + struct radius_pd_t *rpd = container_of(t, typeof(*rpd), session_timeout); + + log_ppp_msg("radius: session timed out\n"); + ppp_terminate(rpd->ppp, 0); +} + static void ppp_starting(struct ppp_t *ppp) { struct radius_pd_t *rpd = mempool_alloc(rpd_pool); @@ -126,6 +136,11 @@ static void ppp_started(struct ppp_t *ppp) if (rad_acct_start(rpd)) ppp_terminate(rpd->ppp, 0); + + if (rpd->session_timeout.expire_tv.tv_sec) { + rpd->session_timeout.expire = session_timeout; + triton_timer_add(ppp->ctrl->ctx, &rpd->session_timeout, 0); + } } static void ppp_finishing(struct ppp_t *ppp) { @@ -149,6 +164,9 @@ static void ppp_finished(struct ppp_t *ppp) if (rpd->dm_coa_req) rad_packet_free(rpd->dm_coa_req); + if (rpd->session_timeout.tpd) + triton_timer_del(&rpd->session_timeout); + list_del(&rpd->pd.entry); mempool_free(rpd); @@ -302,6 +320,10 @@ static void __init radius_init(void) if (opt) conf_nas_ip_address = opt; + opt = conf_get_opt("radius", "nas-identifier"); + if (opt) + conf_nas_identifier = opt; + opt = conf_get_opt("radius", "gw-ip-address"); if (opt) conf_gw_ip_address = opt; diff --git a/accel-pptpd/radius/radius_p.h b/accel-pptpd/radius/radius_p.h index ae44223..9537641 100644 --- a/accel-pptpd/radius/radius_p.h +++ b/accel-pptpd/radius/radius_p.h @@ -23,6 +23,8 @@ struct radius_pd_t uint32_t acct_input_gigawords; uint32_t acct_output_gigawords; + struct triton_timer_t session_timeout; + struct rad_packet_t *dm_coa_req; struct sockaddr_in dm_coa_addr; diff --git a/accel-pptpd/triton/loader.c b/accel-pptpd/triton/loader.c index a8b9c50..0fef03d 100644 --- a/accel-pptpd/triton/loader.c +++ b/accel-pptpd/triton/loader.c @@ -4,6 +4,7 @@ #include <stdio.h> #include <errno.h> #include <dlfcn.h> +#include <limits.h> #include "triton_p.h" @@ -13,6 +14,8 @@ int load_modules(const char *name) { struct conf_sect_t *sect; struct conf_option_t *opt; + char *fname; + char *path="."; sect = conf_get_section(name); if (!sect) { @@ -20,29 +23,40 @@ int load_modules(const char *name) return -1; } - char *cwd = getcwd(NULL,0); + fname = _malloc(PATH_MAX); list_for_each_entry(opt, §->items, entry) { if (!strcmp(opt->name,"path") && opt->val) { - if (chdir(opt->val)) { - fprintf(stderr,"loader: chdir '%s': %s\n", opt->val, strerror(errno)); - goto out_err; - } + path = opt->val; continue; } - if (!dlopen(opt->name, RTLD_NOW | RTLD_GLOBAL)) { - fprintf(stderr,"loader: failed to load module '%s': %s\n",opt->name, dlerror()); - goto out_err; + + strcpy(fname, path); + strcat(fname, "/"); + strcat(fname, opt->name); + if (access(fname, F_OK)) { + strcpy(fname, path); + strcat(fname, "/lib"); + strcat(fname, opt->name); + strcat(fname, ".so"); + if (access(fname, F_OK)) { + strcpy(fname, opt->name); + if (access(opt->name, F_OK)) { + triton_log_error("loader: '%s' not found\n", opt->name); + continue; + } + } + } + + if (!dlopen(fname, RTLD_NOW | RTLD_GLOBAL)) { + triton_log_error("loader: failed to load '%s': %s\n", opt->name, dlerror()); + _free(fname); + return -1; } } - chdir(cwd); - free(cwd); - return 0; + _free(fname); -out_err: - chdir(cwd); - _free(cwd); - return -1; + return 0; } |