From 221358f2630ad56c980153443f152ca4c1abbbae Mon Sep 17 00:00:00 2001 From: Vladislav Grishenko Date: Tue, 28 Jun 2016 18:34:59 +0500 Subject: chap-secrets: allow to use pool name instead of address to specify ipv4 pool Chap-secrets' ipdb uses 4th field as static peer ipv4 address. With no radius and multiple same username sessions, it's impossible to use non-default pool for such sessions. Abuse chap-secret's 4th field as pool=name to specify session's pool name. With ippool module loaded after chap-secrets (default order), it will be used for allocation from the specified poll name. Compatibility considerations: * pppd will skip 'pool=*' with warn 'unknown host in auth. address list' same as 5th field - shaper, because starting from 4th field pppd parse list of value. so, no new effects here. * previous versions of accel-ppp will parse 'pool=*' as empty address. * with no 'pool=*' in chap-secrets or with no chap-secrets loaded, no behavior change. * with no ippool loaded, session will get no peer address. * with ippool loaded before chap-secrets, chap-secrets's ipdb will not be used, therefore neither ip addess not pool name will has no effect. * if chap-secrets' pool is invalid or not found, default pool will be used by ippool or address came from radius. * chap-secret's pool name might override pool came from radius, if radius module is loaded after chap-secrets and no address came from radius. --- accel-pppd/extra/chap-secrets.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/accel-pppd/extra/chap-secrets.c b/accel-pppd/extra/chap-secrets.c index f99bd0b..166a619 100644 --- a/accel-pppd/extra/chap-secrets.c +++ b/accel-pppd/extra/chap-secrets.c @@ -43,6 +43,7 @@ struct cs_pd_t struct ipv4db_item_t ip; char *passwd; char *rate; + char *pool; }; #ifdef CRYPTO_OPENSSL @@ -229,8 +230,12 @@ found: } pd->ip.addr = conf_gw_ip_address; - if (n >= 3 && ptr[2][0] != '*') - pd->ip.peer_addr = inet_addr(ptr[2]); + if (n >= 3 && ptr[2][0] != '*') { + if (strncmp(ptr[2], "pool=", 5) == 0) + pd->pool = _strdup(ptr[2] + 5); + else + pd->ip.peer_addr = inet_addr(ptr[2]); + } pd->ip.mask = conf_netmask; pd->ip.owner = &ipdb; @@ -269,6 +274,8 @@ static void ev_ses_finished(struct ap_session *ses) _free(pd->passwd); if (pd->rate) _free(pd->rate); + if (pd->pool) + _free(pd->pool); _free(pd); } @@ -300,7 +307,12 @@ static struct ipv4db_item_t *get_ip(struct ap_session *ses) if (!pd) return NULL; - if (!pd->ip.peer_addr) + if (pd->pool) { + if (ses->ipv4_pool_name) + _free(ses->ipv4_pool_name); + ses->ipv4_pool_name = _strdup(pd->pool); + return NULL; + } else if (!pd->ip.peer_addr) return NULL; if (!ses->ctrl->ppp) -- cgit v1.2.3