radius: Use IPv6 for communication
IPv4 now only supported via IPv6-mapped addresses.
This commit is contained in:
parent
e9c8c172b9
commit
7081b7aaac
3 changed files with 50 additions and 24 deletions
40
l2tpns.c
40
l2tpns.c
|
|
@ -162,8 +162,8 @@ config_descriptt config_values[] = {
|
|||
CONFIG("lcp_renegotiation", lcp_renegotiation, STRING),
|
||||
CONFIG("primary_dns", default_dns1, IPv4),
|
||||
CONFIG("secondary_dns", default_dns2, IPv4),
|
||||
CONFIG("primary_radius", radiusserver[0], IPv4),
|
||||
CONFIG("secondary_radius", radiusserver[1], IPv4),
|
||||
CONFIG("primary_radius", radiusserver[0], IPv6),
|
||||
CONFIG("secondary_radius", radiusserver[1], IPv6),
|
||||
CONFIG("primary_radius_port", radiusport[0], SHORT),
|
||||
CONFIG("secondary_radius_port", radiusport[1], SHORT),
|
||||
CONFIG("radius_accounting", radius_accounting, BOOL),
|
||||
|
|
@ -231,6 +231,7 @@ config_descriptt config_values[] = {
|
|||
CONFIG("secondary_ipv6_dns", default_ipv6_dns2, IPv6),
|
||||
CONFIG("default_ipv6_domain_list", default_ipv6_domain_list, STRING),
|
||||
CONFIG("kernel_accel", kernel_accel, BOOL),
|
||||
CONFIG("radius_nas_addr", radius_nas_addr, IPv6),
|
||||
{ NULL, 0, 0, 0 }
|
||||
};
|
||||
|
||||
|
|
@ -5980,6 +5981,22 @@ static int still_busy(void)
|
|||
// for the header of the forwarded MPPP/DHCP packet (see C_MPPP_FORWARD)
|
||||
#define SLACK 56
|
||||
|
||||
|
||||
int compare_ipv6_sockaddr(const struct sockaddr_in6 * sa, const struct in6_addr b) {
|
||||
if (sa->sin6_family != AF_INET6)
|
||||
return 0;
|
||||
|
||||
int c = (memcmp((char *) &(sa->sin6_addr),
|
||||
(char *) &(b),
|
||||
sizeof(struct in6_addr)));
|
||||
if (c==0)
|
||||
return 1;
|
||||
else
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
||||
// main loop - gets packets on tun or udp and processes them
|
||||
static void mainloop(void)
|
||||
{
|
||||
|
|
@ -6121,6 +6138,7 @@ static void mainloop(void)
|
|||
if (n)
|
||||
{
|
||||
struct sockaddr_in addr;
|
||||
struct sockaddr_in6 addr6;
|
||||
struct in_addr local;
|
||||
socklen_t alen;
|
||||
int c, s;
|
||||
|
|
@ -6188,16 +6206,16 @@ static void mainloop(void)
|
|||
break;
|
||||
|
||||
case FD_TYPE_RADIUS: // RADIUS response
|
||||
alen = sizeof(addr);
|
||||
s = recvfrom(radfds[d->index], p, size_bufp, MSG_WAITALL, (struct sockaddr *) &addr, &alen);
|
||||
alen = sizeof(addr6);
|
||||
s = recvfrom(radfds[d->index], p, size_bufp, MSG_WAITALL, (struct sockaddr *) &addr6, &alen);
|
||||
if (s >= 0 && config->cluster_iam_master)
|
||||
{
|
||||
if (addr.sin_addr.s_addr == config->radiusserver[0] ||
|
||||
addr.sin_addr.s_addr == config->radiusserver[1])
|
||||
processrad(p, s, d->index);
|
||||
else
|
||||
LOG(3, 0, 0, "Dropping RADIUS packet from unknown source %s\n",
|
||||
fmtaddr(addr.sin_addr.s_addr, 0));
|
||||
if (compare_ipv6_sockaddr(&addr6, config->radiusserver[0]) ||
|
||||
compare_ipv6_sockaddr(&addr6, config->radiusserver[1]))
|
||||
processrad(p, s, d->index);
|
||||
else
|
||||
LOG(3, 0, 0, "Dropping RADIUS packet from unknown source %s\n",
|
||||
fmtaddr6(&addr6.sin6_addr, 0));
|
||||
}
|
||||
|
||||
n--;
|
||||
|
|
@ -7541,7 +7559,7 @@ static void update_config()
|
|||
// Update radius
|
||||
config->numradiusservers = 0;
|
||||
for (i = 0; i < MAXRADSERVER; i++)
|
||||
if (config->radiusserver[i])
|
||||
if (!compare_ipv6_sockaddr(&config->radiusserver[i], in6addr_any))
|
||||
{
|
||||
config->numradiusservers++;
|
||||
// Set radius port: if not set, take the port from the
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue