diff options
Diffstat (limited to 'scripts/package-build/linux-kernel/patches/accel-ppp')
2 files changed, 378 insertions, 0 deletions
diff --git a/scripts/package-build/linux-kernel/patches/accel-ppp/0001-L2TP-Include-Calling-Number-to-Calling-Station-ID-RA.patch b/scripts/package-build/linux-kernel/patches/accel-ppp/0001-L2TP-Include-Calling-Number-to-Calling-Station-ID-RA.patch new file mode 100644 index 00000000..0c3141a0 --- /dev/null +++ b/scripts/package-build/linux-kernel/patches/accel-ppp/0001-L2TP-Include-Calling-Number-to-Calling-Station-ID-RA.patch @@ -0,0 +1,183 @@ +From 12778d1e9296b6dbf190a80dcf407b24f9821f95 Mon Sep 17 00:00:00 2001 +From: zsdc <taras@vyos.io> +Date: Tue, 4 Apr 2023 11:15:26 +0300 +Subject: [PATCH] L2TP: Include Calling-Number to Calling-Station-ID RADIUS + attribute + +Patch authored by Alexander Serkin from +https://phabricator.accel-ppp.org/T59 +--- + accel-pppd/ctrl/l2tp/l2tp.c | 112 ++++++++++++++++++++++++++++++------ + 1 file changed, 93 insertions(+), 19 deletions(-) + +diff --git a/accel-pppd/ctrl/l2tp/l2tp.c b/accel-pppd/ctrl/l2tp/l2tp.c +index 027d710..c541c60 100644 +--- a/accel-pppd/ctrl/l2tp/l2tp.c ++++ b/accel-pppd/ctrl/l2tp/l2tp.c +@@ -123,6 +123,11 @@ struct l2tp_sess_t + struct l2tp_conn_t *paren_conn; + uint16_t sid; + uint16_t peer_sid; ++/* We will keep l2tp attributes Calling-Number/Called-Number and their length while the session exists */ ++ char *calling_num; ++ int calling_num_len; ++ char *called_num; ++ int called_num_len; + + unsigned int ref_count; + int state1; +@@ -979,6 +984,10 @@ static void __session_destroy(struct l2tp_sess_t *sess) + _free(sess->ctrl.calling_station_id); + if (sess->ctrl.called_station_id) + _free(sess->ctrl.called_station_id); ++ if (sess->calling_num) ++ _free(sess->calling_num); ++ if (sess->called_num) ++ _free(sess->called_num); + + log_session(log_info2, sess, "session destroyed\n"); + +@@ -1771,25 +1780,52 @@ static int l2tp_session_start_data_channel(struct l2tp_sess_t *sess) + sess->ctrl.max_mtu = conf_ppp_max_mtu; + sess->ctrl.mppe = conf_mppe; + +- sess->ctrl.calling_station_id = _malloc(17); +- if (sess->ctrl.calling_station_id == NULL) { +- log_session(log_error, sess, +- "impossible to start data channel:" +- " allocation of calling station ID failed\n"); +- goto err; ++ /* If l2tp calling number avp exists, we use it, otherwise we use lac ip */ ++ if (sess->calling_num != NULL) { ++ sess->ctrl.calling_station_id = _malloc(sess->calling_num_len+1); ++ if (sess->ctrl.calling_station_id == NULL) { ++ log_session(log_error, sess, ++ "impossible to start data channel:" ++ " allocation of calling station ID failed\n"); ++ goto err; ++ }else { ++ strcpy(sess->ctrl.calling_station_id, sess->calling_num); ++ } ++ } else { ++ sess->ctrl.calling_station_id = _malloc(17); ++ if (sess->ctrl.calling_station_id == NULL) { ++ log_session(log_error, sess, ++ "impossible to start data channel:" ++ " allocation of calling station ID failed\n"); ++ goto err; ++ } else { ++ u_inet_ntoa(sess->paren_conn->peer_addr.sin_addr.s_addr, ++ sess->ctrl.calling_station_id); ++ } + } +- u_inet_ntoa(sess->paren_conn->peer_addr.sin_addr.s_addr, +- sess->ctrl.calling_station_id); +- +- sess->ctrl.called_station_id = _malloc(17); +- if (sess->ctrl.called_station_id == NULL) { +- log_session(log_error, sess, +- "impossible to start data channel:" +- " allocation of called station ID failed\n"); +- goto err; ++ /* If l2tp called number avp exists, we use it, otherwise we use my ip */ ++ if (sess->called_num != NULL) { ++ sess->ctrl.called_station_id = _malloc(sess->called_num_len+1); ++ if (sess->ctrl.called_station_id == NULL) { ++ log_session(log_error, sess, ++ "impossible to start data channel:" ++ " allocation of called station ID failed\n"); ++ goto err; ++ } else { ++ strcpy(sess->ctrl.called_station_id, sess->called_num); ++ } ++ } else { ++ sess->ctrl.called_station_id = _malloc(17); ++ if (sess->ctrl.called_station_id == NULL) { ++ log_session(log_error, sess, ++ "impossible to start data channel:" ++ " allocation of called station ID failed\n"); ++ goto err; ++ } else { ++ u_inet_ntoa(sess->paren_conn->host_addr.sin_addr.s_addr, ++ sess->ctrl.called_station_id); ++ } + } +- u_inet_ntoa(sess->paren_conn->host_addr.sin_addr.s_addr, +- sess->ctrl.called_station_id); + + if (conf_ip_pool) { + sess->ppp.ses.ipv4_pool_name = _strdup(conf_ip_pool); +@@ -3295,6 +3331,10 @@ static int l2tp_recv_ICRQ(struct l2tp_conn_t *conn, + uint16_t sid = 0; + uint16_t res = 0; + uint16_t err = 0; ++ uint8_t *calling[254] = {0}; ++ uint8_t *called[254] = {0}; ++ int n = 0; ++ int m = 0; + + if (conn->state != STATE_ESTB && conn->lns_mode) { + log_tunnel(log_warn, conn, "discarding unexpected ICRQ\n"); +@@ -3332,7 +3372,17 @@ static int l2tp_recv_ICRQ(struct l2tp_conn_t *conn, + case Call_Serial_Number: + case Bearer_Type: + case Calling_Number: ++ /* Save Calling-Number L2TP attribute locally */ ++ if (attr->attr->id == Calling_Number) { ++ n = attr->length; ++ memcpy(calling,attr->val.octets,n); ++ } + case Called_Number: ++ /* Save Called-Number L2TP attribute locally */ ++ if (attr->attr->id == Called_Number) { ++ m = attr->length; ++ memcpy(called,attr->val.octets,m); ++ } + case Sub_Address: + case Physical_Channel_ID: + break; +@@ -3371,6 +3421,30 @@ static int l2tp_recv_ICRQ(struct l2tp_conn_t *conn, + sess->peer_sid = peer_sid; + sid = sess->sid; + ++ /* Allocate memory for Calling-Number if exists, and put it to l2tp_sess_t structure */ ++ if (calling != NULL && n > 0) { ++ sess->calling_num = _malloc(n+1); ++ if (sess->calling_num == NULL) { ++ log_tunnel(log_warn, conn, "can't allocate memory for Calling Number attribute. Will use LAC IP instead\n"); ++ }else{ ++ memcpy(sess->calling_num, calling, n); ++ sess->calling_num[n] = '\0'; ++ sess->calling_num_len = n; ++ } ++ } ++ ++ /* Allocate memory for Called-Number if exists, and put it to l2tp_sess_t structure */ ++ if (called != NULL && m > 1) { ++ sess->called_num = _malloc(m+1); ++ if (sess->called_num == NULL) { ++ log_tunnel(log_warn, conn, "can't allocate memory for Called Number attribute. Will use my IP instead\n"); ++ } else { ++ memcpy(sess->called_num, called, m); ++ sess->called_num[m] = '\0'; ++ sess->called_num_len = m; ++ } ++ } ++ + if (unknown_attr) { + log_tunnel(log_error, conn, "impossible to handle ICRQ:" + " unknown mandatory attribute type %i," +@@ -3390,8 +3464,8 @@ static int l2tp_recv_ICRQ(struct l2tp_conn_t *conn, + goto out_reject; + } + +- log_tunnel(log_info1, conn, "new session %hu-%hu created following" +- " reception of ICRQ\n", sid, peer_sid); ++ log_tunnel(log_info1, conn, "new session %hu-%hu with calling num %s len %d, called num %s len %d created following" ++ " reception of ICRQ\n", sid, peer_sid, sess->calling_num, sess->calling_num_len, sess->called_num, sess->called_num_len); + + return 0; + +-- +2.34.1 + diff --git a/scripts/package-build/linux-kernel/patches/accel-ppp/0002-Radius-Dns-Server-IPv6-Address.patch b/scripts/package-build/linux-kernel/patches/accel-ppp/0002-Radius-Dns-Server-IPv6-Address.patch new file mode 100644 index 00000000..a8991801 --- /dev/null +++ b/scripts/package-build/linux-kernel/patches/accel-ppp/0002-Radius-Dns-Server-IPv6-Address.patch @@ -0,0 +1,195 @@ +From: Ben Hardill <ben@hardill.me.uk> +Date: Tue, 13 Mar 2025 05:00:00 +0000 +Subject: [PATCH] PPPoE: IPv6 DNS from Radius - managing the DNS-Server-IPv6-Address attribute + +Patch authored by Ben Hardill from +https://github.com/accel-ppp/accel-ppp/pull/69 +--- +diff --git a/accel-pppd/include/ap_session.h b/accel-pppd/include/ap_session.h +index 70515133..507eae04 100644 +--- a/accel-pppd/include/ap_session.h ++++ b/accel-pppd/include/ap_session.h +@@ -84,6 +84,7 @@ struct ap_session + struct ipv4db_item_t *ipv4; + struct ipv6db_item_t *ipv6; + struct ipv6db_prefix_t *ipv6_dp; ++ struct ipv6db_item_t *ipv6_dns; + char *ipv4_pool_name; + char *ipv6_pool_name; + char *dpv6_pool_name; +diff --git a/accel-pppd/ipv6/dhcpv6.c b/accel-pppd/ipv6/dhcpv6.c +index 158771b1..1ef48132 100644 +--- a/accel-pppd/ipv6/dhcpv6.c ++++ b/accel-pppd/ipv6/dhcpv6.c +@@ -214,19 +214,41 @@ static void insert_status(struct dhcpv6_packet *pkt, struct dhcpv6_option *opt, + status->code = htons(code); + } + +-static void insert_oro(struct dhcpv6_packet *reply, struct dhcpv6_option *opt) ++static void insert_oro(struct dhcpv6_packet *reply, struct dhcpv6_option *opt, struct ap_session *ses) + { + struct dhcpv6_option *opt1; +- int i, j; ++ int i = 0, j = 0, k = 0; + uint16_t *ptr; + struct in6_addr addr, *addr_ptr; ++ struct ipv6db_addr_t *dns; + + for (i = ntohs(opt->hdr->len) / 2, ptr = (uint16_t *)opt->hdr->data; i; i--, ptr++) { + if (ntohs(*ptr) == D6_OPTION_DNS_SERVERS) { +- if (conf_dns_count) { +- opt1 = dhcpv6_option_alloc(reply, D6_OPTION_DNS_SERVERS, conf_dns_count * sizeof(addr)); +- for (j = 0, addr_ptr = (struct in6_addr *)opt1->hdr->data; j < conf_dns_count; j++, addr_ptr++) +- memcpy(addr_ptr, conf_dns + j, sizeof(addr)); ++ if (ses->ipv6_dns && !list_empty(&ses->ipv6_dns->addr_list)) { ++ list_for_each_entry(dns, &ses->ipv6_dns->addr_list, entry) { ++ j++; ++ } ++ if (j >= 3) { ++ j = 3; ++ } ++ opt1 = dhcpv6_option_alloc(reply, D6_OPTION_DNS_SERVERS, j * sizeof(addr)); ++ addr_ptr = (struct in6_addr *)opt1->hdr->data; ++ list_for_each_entry(dns, &ses->ipv6_dns->addr_list, entry) { ++ if (k < j) { ++ memcpy(addr_ptr, &dns->addr, sizeof(addr)); ++ k++; ++ addr_ptr++; ++ } else { ++ break; ++ } ++ } ++ ++ } else { ++ if (conf_dns_count) { ++ opt1 = dhcpv6_option_alloc(reply, D6_OPTION_DNS_SERVERS, conf_dns_count * sizeof(addr)); ++ for (j = 0, addr_ptr = (struct in6_addr *)opt1->hdr->data; j < conf_dns_count; j++, addr_ptr++) ++ memcpy(addr_ptr, conf_dns + j, sizeof(addr)); ++ } + } + } else if (ntohs(*ptr) == D6_OPTION_DOMAIN_LIST) { + if (conf_dnssl_size) { +@@ -434,7 +456,10 @@ static void dhcpv6_send_reply(struct dhcpv6_packet *req, struct dhcpv6_pd *pd, i + + // Option Request + } else if (ntohs(opt->hdr->code) == D6_OPTION_ORO) { +- insert_oro(reply, opt); ++ if (ses->ipv6_dns &&!list_empty(&ses->ipv6_dns->addr_list)) { ++ log_ppp_info2("User specific IPv6 DNS entries\n"); ++ } ++ insert_oro(reply, opt, ses); + + } else if (ntohs(opt->hdr->code) == D6_OPTION_RAPID_COMMIT) { + if (req->hdr->type == D6_SOLICIT) +@@ -594,7 +619,7 @@ static void dhcpv6_send_reply2(struct dhcpv6_packet *req, struct dhcpv6_pd *pd, + } + // Option Request + } else if (ntohs(opt->hdr->code) == D6_OPTION_ORO) +- insert_oro(reply, opt); ++ insert_oro(reply, opt, ses); + } + + opt1 = dhcpv6_option_alloc(reply, D6_OPTION_PREFERENCE, 1); +diff --git a/accel-pppd/ipv6/nd.c b/accel-pppd/ipv6/nd.c +index 297e4d63..b3054274 100644 +--- a/accel-pppd/ipv6/nd.c ++++ b/accel-pppd/ipv6/nd.c +@@ -174,7 +174,32 @@ static void ipv6_nd_send_ra(struct ipv6_nd_handler_t *h, struct sockaddr_in6 *ds + rinfo++; + }*/ + +- if (conf_dns_count) { ++ if (ses->ipv6_dns && !list_empty(&ses->ipv6_dns->addr_list)) { ++ int i = 0, j = 0; ++ struct ipv6db_addr_t *dns; ++ ++ list_for_each_entry(dns, &ses->ipv6_dns->addr_list, entry) { ++ i++; ++ } ++ if (i >= 3) { ++ i = 3; ++ } ++ rdnssinfo = (struct nd_opt_rdnss_info_local *)pinfo; ++ memset(rdnssinfo, 0, sizeof(*rdnssinfo)); ++ rdnssinfo->nd_opt_rdnssi_type = ND_OPT_RDNSS_INFORMATION; ++ rdnssinfo->nd_opt_rdnssi_len = 1 + 2 * i; ++ rdnssinfo->nd_opt_rdnssi_lifetime = htonl(conf_rdnss_lifetime); ++ rdnss_addr = (struct in6_addr *)rdnssinfo->nd_opt_rdnssi; ++ list_for_each_entry(dns, &ses->ipv6_dns->addr_list, entry) { ++ if (j < i) { ++ memcpy(rdnss_addr, &dns->addr, sizeof(*rdnss_addr)); ++ j++; ++ rdnss_addr++; ++ } else { ++ break; ++ } ++ } ++ } else if (conf_dns_count) { + rdnssinfo = (struct nd_opt_rdnss_info_local *)pinfo; + memset(rdnssinfo, 0, sizeof(*rdnssinfo)); + rdnssinfo->nd_opt_rdnssi_type = ND_OPT_RDNSS_INFORMATION; +diff --git a/accel-pppd/radius/radius.c b/accel-pppd/radius/radius.c +index 786faa56..1379b0b2 100644 +--- a/accel-pppd/radius/radius.c ++++ b/accel-pppd/radius/radius.c +@@ -403,6 +403,12 @@ int rad_proc_attrs(struct rad_req_t *req) + case Framed_IPv6_Route: + rad_add_framed_ipv6_route(attr->val.string, rpd); + break; ++ case DNS_Server_IPv6_Address: ++ a = _malloc(sizeof(*a)); ++ memset(a, 0, sizeof(*a)); ++ a->addr = attr->val.ipv6addr; ++ list_add_tail(&a->entry, &rpd->ipv6_dns.addr_list); ++ break; + } + } + +@@ -420,6 +426,9 @@ int rad_proc_attrs(struct rad_req_t *req) + if (!rpd->ses->ipv6_dp && !list_empty(&rpd->ipv6_dp.prefix_list)) + rpd->ses->ipv6_dp = &rpd->ipv6_dp; + ++ if (!rpd->ses->ipv6_dns && !list_empty(&rpd->ipv6_dns.addr_list)) ++ rpd->ses->ipv6_dns = &rpd->ipv6_dns; ++ + return res; + } + +@@ -584,10 +593,12 @@ static void ses_starting(struct ap_session *ses) + INIT_LIST_HEAD(&rpd->plugin_list); + INIT_LIST_HEAD(&rpd->ipv6_addr.addr_list); + INIT_LIST_HEAD(&rpd->ipv6_dp.prefix_list); ++ INIT_LIST_HEAD(&rpd->ipv6_dns.addr_list); + + rpd->ipv4_addr.owner = &ipdb; + rpd->ipv6_addr.owner = &ipdb; + rpd->ipv6_dp.owner = &ipdb; ++ rpd->ipv6_dns.owner = &ipdb; + + list_add_tail(&rpd->pd.entry, &ses->pd_list); + +@@ -764,6 +775,12 @@ static void ses_finished(struct ap_session *ses) + _free(a); + } + ++ while (!list_empty(&rpd->ipv6_dns.addr_list)) { ++ a = list_entry(rpd->ipv6_dns.addr_list.next, typeof(*a), entry); ++ list_del(&a->entry); ++ _free(a); ++ } ++ + fr6 = rpd->fr6; + while (fr6) { + struct framed_ip6_route *next = fr6->next; +diff --git a/accel-pppd/radius/radius_p.h b/accel-pppd/radius/radius_p.h +index 988f154f..eaa5acb0 100644 +--- a/accel-pppd/radius/radius_p.h ++++ b/accel-pppd/radius/radius_p.h +@@ -65,6 +65,7 @@ struct radius_pd_t { + struct ipv4db_item_t ipv4_addr; + struct ipv6db_item_t ipv6_addr; + struct ipv6db_prefix_t ipv6_dp; ++ struct ipv6db_item_t ipv6_dns; + int acct_interim_interval; + int acct_interim_jitter; + |