summaryrefslogtreecommitdiff
path: root/accel-pppd/ctrl/ipoe/ipoe.c
diff options
context:
space:
mode:
authorDmitry Kozlov <xeb@mail.ru>2014-09-20 12:18:49 +0400
committerDmitry Kozlov <xeb@mail.ru>2014-09-20 12:18:49 +0400
commit62e89248160d3592c2d754fcaa15e37586a5b091 (patch)
treea6513cfd1e8ef6c6079ea2436e8573b122cc1ec6 /accel-pppd/ctrl/ipoe/ipoe.c
parent0a58c20b44136c1fba996becea18696b3f67a1f9 (diff)
downloadaccel-ppp-62e89248160d3592c2d754fcaa15e37586a5b091.tar.gz
accel-ppp-62e89248160d3592c2d754fcaa15e37586a5b091.zip
rewrite of authentication/accounting procedures
This patch gets rid of synchronuos style of authentication/accounting. Synchronous style of authentication/accounting produced sleeping threads which becomes a problem when lots of sessions started/stopped and all they want authorization/accounting.
Diffstat (limited to 'accel-pppd/ctrl/ipoe/ipoe.c')
-rw-r--r--accel-pppd/ctrl/ipoe/ipoe.c96
1 files changed, 56 insertions, 40 deletions
diff --git a/accel-pppd/ctrl/ipoe/ipoe.c b/accel-pppd/ctrl/ipoe/ipoe.c
index 9c6075e..f30d46f 100644
--- a/accel-pppd/ctrl/ipoe/ipoe.c
+++ b/accel-pppd/ctrl/ipoe/ipoe.c
@@ -498,6 +498,52 @@ static int ipoe_create_interface(struct ipoe_session *ses)
return 0;
}
+static void auth_result(struct ipoe_session *ses, int r)
+{
+ char *username = ses->username;
+
+ ses->username = NULL;
+
+ if (r == PWDB_DENIED) {
+ pthread_rwlock_wrlock(&ses_lock);
+ ses->ses.username = username;
+ ses->ses.terminate_cause = TERM_AUTH_ERROR;
+ pthread_rwlock_unlock(&ses_lock);
+ if (conf_ppp_verbose)
+ log_ppp_warn("authentication failed\n");
+ if (conf_l4_redirect_on_reject && !ses->dhcpv4_request)
+ l4_redirect_list_add(ses->yiaddr);
+ ap_session_terminate(&ses->ses, TERM_AUTH_ERROR, 0);
+ return;
+ }
+
+ ap_session_set_username(&ses->ses, username);
+ log_ppp_info1("%s: authentication succeeded\n", ses->ses.username);
+ triton_event_fire(EV_SES_AUTHORIZED, &ses->ses);
+
+ if (ses->serv->opt_nat)
+ ses->ses.ipv4 = ipdb_get_ipv4(&ses->ses);
+
+ if (ses->serv->opt_shared == 0 && (!ses->ses.ipv4 || ses->ses.ipv4->peer_addr == ses->yiaddr)) {
+ strncpy(ses->ses.ifname, ses->serv->ifname, AP_IFNAME_LEN);
+ ses->ses.ifindex = ses->serv->ifindex;
+ } else if (ses->ifindex == -1) {
+ if (ipoe_create_interface(ses))
+ return;
+ }
+
+ ap_session_set_ifindex(&ses->ses);
+
+ if (ses->dhcpv4_request && ses->serv->dhcpv4_relay) {
+ dhcpv4_relay_send(ses->serv->dhcpv4_relay, ses->dhcpv4_request, ses->relay_server_id, ses->serv->ifname, conf_agent_remote_id);
+
+ ses->timer.expire = ipoe_relay_timeout;
+ ses->timer.period = conf_relay_timeout * 1000;
+ triton_timer_add(&ses->ctx, &ses->timer, 0);
+ } else
+ __ipoe_session_start(ses);
+}
+
static void ipoe_session_start(struct ipoe_session *ses)
{
int r;
@@ -524,7 +570,9 @@ static void ipoe_session_start(struct ipoe_session *ses)
ap_session_starting(&ses->ses);
- if (!conf_noauth) {
+ if (conf_noauth)
+ r = PWDB_SUCCESS;
+ else {
if (ses->serv->opt_shared && ipoe_create_interface(ses))
return;
@@ -536,7 +584,12 @@ static void ipoe_session_start(struct ipoe_session *ses)
}
#endif
- r = pwdb_check(&ses->ses, username, PPP_PAP, conf_password ? conf_password : username);
+ ses->username = username;
+ r = pwdb_check(&ses->ses, (pwdb_callback)auth_result, ses, username, PPP_PAP, conf_password ? conf_password : username);
+
+ if (r == PWDB_WAIT)
+ return;
+
if (r == PWDB_NO_IMPL) {
passwd = pwdb_get_passwd(&ses->ses, ses->ses.username);
if (!passwd)
@@ -546,46 +599,9 @@ static void ipoe_session_start(struct ipoe_session *ses)
_free(passwd);
}
}
-
- if (r == PWDB_DENIED) {
- pthread_rwlock_wrlock(&ses_lock);
- ses->ses.username = username;
- ses->ses.terminate_cause = TERM_AUTH_ERROR;
- pthread_rwlock_unlock(&ses_lock);
- if (conf_ppp_verbose)
- log_ppp_warn("authentication failed\n");
- if (conf_l4_redirect_on_reject && !ses->dhcpv4_request)
- l4_redirect_list_add(ses->yiaddr);
- ap_session_terminate(&ses->ses, TERM_AUTH_ERROR, 0);
- return;
- }
}
-
- ap_session_set_username(&ses->ses, username);
- log_ppp_info1("%s: authentication succeeded\n", ses->ses.username);
- triton_event_fire(EV_SES_AUTHORIZED, &ses->ses);
-
- if (ses->serv->opt_nat)
- ses->ses.ipv4 = ipdb_get_ipv4(&ses->ses);
- if (ses->serv->opt_shared == 0 && (!ses->ses.ipv4 || ses->ses.ipv4->peer_addr == ses->yiaddr)) {
- strncpy(ses->ses.ifname, ses->serv->ifname, AP_IFNAME_LEN);
- ses->ses.ifindex = ses->serv->ifindex;
- } else if (ses->ifindex == -1) {
- if (ipoe_create_interface(ses))
- return;
- }
-
- ap_session_set_ifindex(&ses->ses);
-
- if (ses->dhcpv4_request && ses->serv->dhcpv4_relay) {
- dhcpv4_relay_send(ses->serv->dhcpv4_relay, ses->dhcpv4_request, ses->relay_server_id, ses->serv->ifname, conf_agent_remote_id);
-
- ses->timer.expire = ipoe_relay_timeout;
- ses->timer.period = conf_relay_timeout * 1000;
- triton_timer_add(&ses->ctx, &ses->timer, 0);
- } else
- __ipoe_session_start(ses);
+ auth_result(ses, r);
}
static void find_gw_addr(struct ipoe_session *ses)