summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--accel-pppd/ctrl/ipoe/ipoe.c40
-rw-r--r--accel-pppd/ctrl/ipoe/ipoe.h2
-rw-r--r--accel-pppd/ctrl/ipoe/lua.c12
-rw-r--r--accel-pppd/ppp/ppp_auth.c1
-rw-r--r--accel-pppd/session.c3
5 files changed, 33 insertions, 25 deletions
diff --git a/accel-pppd/ctrl/ipoe/ipoe.c b/accel-pppd/ctrl/ipoe/ipoe.c
index 039a66a..ec241ea 100644
--- a/accel-pppd/ctrl/ipoe/ipoe.c
+++ b/accel-pppd/ctrl/ipoe/ipoe.c
@@ -5,6 +5,7 @@
#include <errno.h>
#include <string.h>
#include <fcntl.h>
+#include <assert.h>
#include <time.h>
#include <arpa/inet.h>
#include <netinet/in.h>
@@ -325,15 +326,17 @@ static void ipoe_relay_timeout(struct triton_timer_t *t)
}
-static void ipoe_session_set_username(struct ipoe_session *ses)
+static char *ipoe_session_get_username(struct ipoe_session *ses)
{
#ifdef USE_LUA
- if (ses->serv->opt_username == USERNAME_LUA) {
- ipoe_lua_set_username(ses, ses->serv->opt_lua_username_func ? : conf_lua_username_func);
- } else
+ if (ses->serv->opt_username == USERNAME_LUA)
+ return ipoe_lua_get_username(ses, ses->serv->opt_lua_username_func ? : conf_lua_username_func);
+ else
#endif
+ if (!ses->dhcpv4_request)
+ return _strdup(ses->ctrl.calling_station_id);
- ap_session_set_username(&ses->ses, _strdup(ses->ses.ifname));
+ return _strdup(ses->ses.ifname);
}
static void l4_redirect_list_add(in_addr_t addr, int ifindex)
@@ -508,18 +511,19 @@ static void ipoe_session_start(struct ipoe_session *ses)
{
int r;
char *passwd;
+ char *username;
__sync_add_and_fetch(&stat_starting, 1);
- if (!ses->ses.username) {
- strncpy(ses->ses.ifname, ses->serv->ifname, AP_IFNAME_LEN);
-
- ipoe_session_set_username(ses);
+ assert(!ses->ses.username);
- if (!ses->ses.username) {
- ipoe_session_finished(&ses->ses);
- return;
- }
+ strncpy(ses->ses.ifname, ses->serv->ifname, AP_IFNAME_LEN);
+
+ username = ipoe_session_get_username(ses);
+
+ if (!username) {
+ ipoe_session_finished(&ses->ses);
+ return;
}
ses->ses.unit_idx = ses->serv->ifindex;
@@ -533,7 +537,7 @@ static void ipoe_session_start(struct ipoe_session *ses)
if (ses->serv->opt_shared && ipoe_create_interface(ses))
return;
- r = pwdb_check(&ses->ses, ses->ses.username, PPP_PAP, conf_password ? conf_password : ses->ses.username);
+ r = pwdb_check(&ses->ses, username, PPP_PAP, conf_password ? conf_password : username);
if (r == PWDB_NO_IMPL) {
passwd = pwdb_get_passwd(&ses->ses, ses->ses.username);
if (!passwd)
@@ -545,6 +549,10 @@ static void ipoe_session_start(struct ipoe_session *ses)
}
if (r == PWDB_DENIED) {
+ pthread_rwlock_wrlock(&ses_lock);
+ ses->ses.username = username;
+ ses->ses.terminate_cause = TERM_AUTH_ERROR;
+ pthread_rwlock_unlock(&ses_lock);
if (conf_ppp_verbose)
log_ppp_warn("authentication failed\n");
if (conf_l4_redirect_on_reject && !ses->dhcpv4_request && ses->ifindex != -1) {
@@ -556,6 +564,7 @@ static void ipoe_session_start(struct ipoe_session *ses)
}
}
+ ap_session_set_username(&ses->ses, username);
log_ppp_info1("%s: authentication succeeded\n", ses->ses.username);
triton_event_fire(EV_SES_AUTHORIZED, &ses->ses);
@@ -1589,9 +1598,6 @@ static struct ipoe_session *ipoe_session_create_up(struct ipoe_serv *serv, struc
u_inet_ntoa(iph->saddr, ses->ctrl.calling_station_id);
ses->ses.chan_name = ses->ctrl.calling_station_id;
-
- if (conf_username == USERNAME_UNSET)
- ap_session_set_username(&ses->ses, _strdup(ses->ctrl.calling_station_id));
if (conf_ip_pool)
ses->ses.ipv4_pool_name = _strdup(conf_ip_pool);
diff --git a/accel-pppd/ctrl/ipoe/ipoe.h b/accel-pppd/ctrl/ipoe/ipoe.h
index 88e37e4..b3a346f 100644
--- a/accel-pppd/ctrl/ipoe/ipoe.h
+++ b/accel-pppd/ctrl/ipoe/ipoe.h
@@ -98,7 +98,7 @@ struct arp_serv {
};
#ifdef USE_LUA
-int ipoe_lua_set_username(struct ipoe_session *, const char *func);
+char *ipoe_lua_get_username(struct ipoe_session *, const char *func);
#endif
struct iphdr;
diff --git a/accel-pppd/ctrl/ipoe/lua.c b/accel-pppd/ctrl/ipoe/lua.c
index b894aa3..46c8594 100644
--- a/accel-pppd/ctrl/ipoe/lua.c
+++ b/accel-pppd/ctrl/ipoe/lua.c
@@ -230,12 +230,12 @@ out_err:
}*/
-int ipoe_lua_set_username(struct ipoe_session *ses, const char *func)
+char *ipoe_lua_get_username(struct ipoe_session *ses, const char *func)
{
- int r;
+ char *r;
if (file_error && serial == __serial)
- return -1;
+ return NULL;
if (L && serial != __serial) {
lua_close(L);
@@ -244,7 +244,7 @@ int ipoe_lua_set_username(struct ipoe_session *ses, const char *func)
init_lua();
if (!L)
- return -1;
+ return NULL;
lua_getglobal(L, func);
lua_pushlightuserdata(L, ses);
@@ -259,7 +259,7 @@ int ipoe_lua_set_username(struct ipoe_session *ses, const char *func)
goto out_err;
}
- r = ap_session_set_username(&ses->ses, _strdup(lua_tostring(L, -1)));
+ r = _strdup(lua_tostring(L, -1));
lua_settop(L, 0);
@@ -270,7 +270,7 @@ out_err:
lua_close(L);
L = NULL;
pthread_setspecific(__key, L);
- return -1;
+ return NULL;
}
static void load_config()
diff --git a/accel-pppd/ppp/ppp_auth.c b/accel-pppd/ppp/ppp_auth.c
index b32400e..442db7e 100644
--- a/accel-pppd/ppp/ppp_auth.c
+++ b/accel-pppd/ppp/ppp_auth.c
@@ -352,6 +352,7 @@ void __export ppp_auth_failed(struct ppp_t *ppp, char *username)
pthread_rwlock_wrlock(&ses_lock);
if (!ppp->ses.username)
ppp->ses.username = _strdup(username);
+ ppp->ses.terminate_cause = TERM_AUTH_ERROR;
pthread_rwlock_unlock(&ses_lock);
log_ppp_info1("%s: authentication failed\n", username);
log_info1("%s: authentication failed\n", username);
diff --git a/accel-pppd/session.c b/accel-pppd/session.c
index d8ee6dd..ac8633e 100644
--- a/accel-pppd/session.c
+++ b/accel-pppd/session.c
@@ -326,7 +326,7 @@ int __export ap_session_set_username(struct ap_session *s, char *username)
pthread_rwlock_wrlock(&ses_lock);
if (conf_single_session >= 0) {
list_for_each_entry(ses, &ses_list, entry) {
- if (ses->username && !strcmp(ses->username, username)) {
+ if (ses->username && ses->terminate_cause != TERM_AUTH_ERROR && !strcmp(ses->username, username)) {
if (conf_single_session == 0) {
pthread_rwlock_unlock(&ses_lock);
log_ppp_info1("%s: second session denied\n", username);
@@ -341,6 +341,7 @@ int __export ap_session_set_username(struct ap_session *s, char *username)
triton_context_call(ses->ctrl->ctx, (triton_event_func)__terminate_sec, ses);
}
}
+ break;
}
}
s->username = username;