diff options
author | Dmitry Kozlov <xeb@mail.ru> | 2014-09-20 12:18:49 +0400 |
---|---|---|
committer | Dmitry Kozlov <xeb@mail.ru> | 2014-09-20 12:18:49 +0400 |
commit | 62e89248160d3592c2d754fcaa15e37586a5b091 (patch) | |
tree | a6513cfd1e8ef6c6079ea2436e8573b122cc1ec6 /accel-pppd/ctrl/ipoe/ipoe.c | |
parent | 0a58c20b44136c1fba996becea18696b3f67a1f9 (diff) | |
download | accel-ppp-62e89248160d3592c2d754fcaa15e37586a5b091.tar.gz accel-ppp-62e89248160d3592c2d754fcaa15e37586a5b091.zip |
rewrite of authentication/accounting procedures
This patch gets rid of synchronuos style of authentication/accounting.
Synchronous style of authentication/accounting produced sleeping threads
which becomes a problem when lots of sessions started/stopped and all they want authorization/accounting.
Diffstat (limited to 'accel-pppd/ctrl/ipoe/ipoe.c')
-rw-r--r-- | accel-pppd/ctrl/ipoe/ipoe.c | 96 |
1 files changed, 56 insertions, 40 deletions
diff --git a/accel-pppd/ctrl/ipoe/ipoe.c b/accel-pppd/ctrl/ipoe/ipoe.c index 9c6075e..f30d46f 100644 --- a/accel-pppd/ctrl/ipoe/ipoe.c +++ b/accel-pppd/ctrl/ipoe/ipoe.c @@ -498,6 +498,52 @@ static int ipoe_create_interface(struct ipoe_session *ses) return 0; } +static void auth_result(struct ipoe_session *ses, int r) +{ + char *username = ses->username; + + ses->username = NULL; + + if (r == PWDB_DENIED) { + pthread_rwlock_wrlock(&ses_lock); + ses->ses.username = username; + ses->ses.terminate_cause = TERM_AUTH_ERROR; + pthread_rwlock_unlock(&ses_lock); + if (conf_ppp_verbose) + log_ppp_warn("authentication failed\n"); + if (conf_l4_redirect_on_reject && !ses->dhcpv4_request) + l4_redirect_list_add(ses->yiaddr); + ap_session_terminate(&ses->ses, TERM_AUTH_ERROR, 0); + return; + } + + ap_session_set_username(&ses->ses, username); + log_ppp_info1("%s: authentication succeeded\n", ses->ses.username); + triton_event_fire(EV_SES_AUTHORIZED, &ses->ses); + + if (ses->serv->opt_nat) + ses->ses.ipv4 = ipdb_get_ipv4(&ses->ses); + + if (ses->serv->opt_shared == 0 && (!ses->ses.ipv4 || ses->ses.ipv4->peer_addr == ses->yiaddr)) { + strncpy(ses->ses.ifname, ses->serv->ifname, AP_IFNAME_LEN); + ses->ses.ifindex = ses->serv->ifindex; + } else if (ses->ifindex == -1) { + if (ipoe_create_interface(ses)) + return; + } + + ap_session_set_ifindex(&ses->ses); + + if (ses->dhcpv4_request && ses->serv->dhcpv4_relay) { + dhcpv4_relay_send(ses->serv->dhcpv4_relay, ses->dhcpv4_request, ses->relay_server_id, ses->serv->ifname, conf_agent_remote_id); + + ses->timer.expire = ipoe_relay_timeout; + ses->timer.period = conf_relay_timeout * 1000; + triton_timer_add(&ses->ctx, &ses->timer, 0); + } else + __ipoe_session_start(ses); +} + static void ipoe_session_start(struct ipoe_session *ses) { int r; @@ -524,7 +570,9 @@ static void ipoe_session_start(struct ipoe_session *ses) ap_session_starting(&ses->ses); - if (!conf_noauth) { + if (conf_noauth) + r = PWDB_SUCCESS; + else { if (ses->serv->opt_shared && ipoe_create_interface(ses)) return; @@ -536,7 +584,12 @@ static void ipoe_session_start(struct ipoe_session *ses) } #endif - r = pwdb_check(&ses->ses, username, PPP_PAP, conf_password ? conf_password : username); + ses->username = username; + r = pwdb_check(&ses->ses, (pwdb_callback)auth_result, ses, username, PPP_PAP, conf_password ? conf_password : username); + + if (r == PWDB_WAIT) + return; + if (r == PWDB_NO_IMPL) { passwd = pwdb_get_passwd(&ses->ses, ses->ses.username); if (!passwd) @@ -546,46 +599,9 @@ static void ipoe_session_start(struct ipoe_session *ses) _free(passwd); } } - - if (r == PWDB_DENIED) { - pthread_rwlock_wrlock(&ses_lock); - ses->ses.username = username; - ses->ses.terminate_cause = TERM_AUTH_ERROR; - pthread_rwlock_unlock(&ses_lock); - if (conf_ppp_verbose) - log_ppp_warn("authentication failed\n"); - if (conf_l4_redirect_on_reject && !ses->dhcpv4_request) - l4_redirect_list_add(ses->yiaddr); - ap_session_terminate(&ses->ses, TERM_AUTH_ERROR, 0); - return; - } } - - ap_session_set_username(&ses->ses, username); - log_ppp_info1("%s: authentication succeeded\n", ses->ses.username); - triton_event_fire(EV_SES_AUTHORIZED, &ses->ses); - - if (ses->serv->opt_nat) - ses->ses.ipv4 = ipdb_get_ipv4(&ses->ses); - if (ses->serv->opt_shared == 0 && (!ses->ses.ipv4 || ses->ses.ipv4->peer_addr == ses->yiaddr)) { - strncpy(ses->ses.ifname, ses->serv->ifname, AP_IFNAME_LEN); - ses->ses.ifindex = ses->serv->ifindex; - } else if (ses->ifindex == -1) { - if (ipoe_create_interface(ses)) - return; - } - - ap_session_set_ifindex(&ses->ses); - - if (ses->dhcpv4_request && ses->serv->dhcpv4_relay) { - dhcpv4_relay_send(ses->serv->dhcpv4_relay, ses->dhcpv4_request, ses->relay_server_id, ses->serv->ifname, conf_agent_remote_id); - - ses->timer.expire = ipoe_relay_timeout; - ses->timer.period = conf_relay_timeout * 1000; - triton_timer_add(&ses->ctx, &ses->timer, 0); - } else - __ipoe_session_start(ses); + auth_result(ses, r); } static void find_gw_addr(struct ipoe_session *ses) |