welterde/l2tpns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use LOG for logging macro

Browse source 
clean up initlcp handling
This commit is contained in:
bodea 2004-11-05 04:55:25 +00:00
parent 91b978f4a8
commit d2c470fb4e
14 changed files with 509 additions and 511 deletions
Download patch file Download diff file Expand all files Collapse all files

6
autosnoop.c
View file

@ -4,7 +4,7 @@
/* set up intercept based on RADIUS reply */
char const *cvs_id = "$Id: autosnoop.c,v 1.4 2004/11/05 02:39:35 bodea Exp $";
char const *cvs_id = "$Id: autosnoop.c,v 1.5 2004/11/05 04:55:25 bodea Exp $";
int __plugin_api_version = 1;
struct pluginfuncs *p;
@ -22,12 +22,12 @@ int plugin_radius_response(struct param_radius_response *data)
if (*data->value) data->s->snoop_ip = inet_addr(data->value);
if (data->s->snoop_ip == INADDR_NONE) data->s->snoop_ip = 0;
if (*x) data->s->snoop_port = atoi(x);
p->_log(3, 0, 0, 0, " Intercepting user to %s:%d\n",
p->log(3, 0, 0, 0, " Intercepting user to %s:%d\n",
p->inet_toa(data->s->snoop_ip), data->s->snoop_port);
}
else
{
p->_log(3, 0, 0, 0, " Not Intercepting user (reply string should be snoop=ip:port)\n");
p->log(3, 0, 0, 0, " Not Intercepting user (reply string should be snoop=ip:port)\n");
}
}
return PLUGIN_RET_OK;

16
autothrottle.c
View file

@ -4,7 +4,7 @@
/* set up throttling based on RADIUS reply */
char const *cvs_id = "$Id: autothrottle.c,v 1.6 2004/11/05 02:39:35 bodea Exp $";
char const *cvs_id = "$Id: autothrottle.c,v 1.7 2004/11/05 04:55:26 bodea Exp $";
int __plugin_api_version = 1;
struct pluginfuncs *p;
@ -35,17 +35,17 @@ int plugin_radius_response(struct param_radius_response *data)
case 2: // output
data->s->throttle_out = rate;
free(pt);
p->_log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Set output throttle rate %dkb/s\n", rate);
p->log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Set output throttle rate %dkb/s\n", rate);
return PLUGIN_RET_OK;
case 3: //input
data->s->throttle_in = rate;
free(pt);
p->_log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Set input throttle rate %dkb/s\n", rate);
p->log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Set input throttle rate %dkb/s\n", rate);
return PLUGIN_RET_OK;
default:
p->_log(1, 0, p->get_id_by_session(data->s), data->s->tunnel, "Syntax error in rate limit AV pair: %s=%s\n", data->key, data->value);
p->log(1, 0, p->get_id_by_session(data->s), data->s->tunnel, "Syntax error in rate limit AV pair: %s=%s\n", data->key, data->value);
free(pt);
return PLUGIN_RET_OK;
}
@ -53,7 +53,7 @@ int plugin_radius_response(struct param_radius_response *data)
else
{
free(pt);
p->_log(1, 0, p->get_id_by_session(data->s), data->s->tunnel, "Syntax error in rate limit AV pair: %s=%s\n",
p->log(1, 0, p->get_id_by_session(data->s), data->s->tunnel, "Syntax error in rate limit AV pair: %s=%s\n",
data->key, data->value);
return PLUGIN_RET_OK;
}
@ -64,17 +64,17 @@ int plugin_radius_response(struct param_radius_response *data)
{
if (strcmp(data->value, "yes") == 0)
{
p->_log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Throttling user\n");
p->log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Throttling user\n");
data->s->throttle_in = data->s->throttle_out = config->rl_rate;
}
else if (strcmp(data->value, "no") == 0)
{
p->_log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Not throttling user\n");
p->log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Not throttling user\n");
data->s->throttle_in = data->s->throttle_out = 0;
}
}
p->_log(4, 0, p->get_id_by_session(data->s), data->s->tunnel, "autothrottle module ignoring AV pair %s=%s\n",
p->log(4, 0, p->get_id_by_session(data->s), data->s->tunnel, "autothrottle module ignoring AV pair %s=%s\n",
data->key, data->value);
return PLUGIN_RET_OK;

80
bgp.c
View file

@ -10,7 +10,7 @@
* nor RFC2385 (which requires a kernel patch on 2.4 kernels).
*/
char const *cvs_id_bgp = "$Id: bgp.c,v 1.4 2004/09/02 04:18:07 fred_nerk Exp $";
char const *cvs_id_bgp = "$Id: bgp.c,v 1.5 2004/11/05 04:55:26 bodea Exp $";
#include <stdlib.h>
#include <unistd.h>
@ -66,7 +66,7 @@ int bgp_setup(int as)
if (!((peer->outbuf = malloc(sizeof(*peer->outbuf)))
&& (peer->inbuf = malloc(sizeof(*peer->inbuf)))))
{
log(0, 0, 0, 0, "Can't allocate buffers for bgp peer (%s)\n",
LOG(0, 0, 0, 0, "Can't allocate buffers for bgp peer (%s)\n",
strerror(errno));
return 0;
@ -108,7 +108,7 @@ int bgp_start(struct bgp_peer *peer, char *name, int as, int enable)
if (!(h = gethostbyname(name)) || h->h_addrtype != AF_INET)
{
log(0, 0, 0, 0, "Can't get address for BGP peer %s (%s)\n",
LOG(0, 0, 0, 0, "Can't get address for BGP peer %s (%s)\n",
name, h ? "no address" : hstrerror(h_errno));
return 0;
@ -212,7 +212,7 @@ int bgp_start(struct bgp_peer *peer, char *name, int as, int enable)
if (!(peer->path_attrs = malloc(peer->path_attr_len)))
{
log(0, 0, 0, 0, "Can't allocate path_attrs for %s (%s)\n",
LOG(0, 0, 0, 0, "Can't allocate path_attrs for %s (%s)\n",
name, strerror(errno));
return 0;
@ -220,7 +220,7 @@ int bgp_start(struct bgp_peer *peer, char *name, int as, int enable)
memcpy(peer->path_attrs, path_attrs, peer->path_attr_len);
log(4, 0, 0, 0, "Initiating BGP connection to %s (routing %s)\n",
LOG(4, 0, 0, 0, "Initiating BGP connection to %s (routing %s)\n",
name, enable ? "enabled" : "suspended");
/* we have at least one peer configured */
@ -259,7 +259,7 @@ static void bgp_clear(struct bgp_peer *peer)
peer->state = peer->next_state;
peer->state_time = time_now;
log(4, 0, 0, 0, "BGP peer %s: state %s\n", peer->name,
LOG(4, 0, 0, 0, "BGP peer %s: state %s\n", peer->name,
bgp_state_str(peer->next_state));
}
}
@ -267,14 +267,14 @@ static void bgp_clear(struct bgp_peer *peer)
/* initiate a clean shutdown */
void bgp_stop(struct bgp_peer *peer)
{
log(4, 0, 0, 0, "Terminating BGP connection to %s\n", peer->name);
LOG(4, 0, 0, 0, "Terminating BGP connection to %s\n", peer->name);
bgp_send_notification(peer, BGP_ERR_CEASE, 0);
}
/* drop connection (if any) and set state to Disabled */
void bgp_halt(struct bgp_peer *peer)
{
log(4, 0, 0, 0, "Aborting BGP connection to %s\n", peer->name);
LOG(4, 0, 0, 0, "Aborting BGP connection to %s\n", peer->name);
peer->next_state = Disabled;
bgp_clear(peer);
}
@ -384,7 +384,7 @@ int bgp_add_route(in_addr_t ip, in_addr_t mask)
/* insert into route list; sorted */
if (!(r = malloc(sizeof(*r))))
{
log(0, 0, 0, 0, "Can't allocate route for %s/%d (%s)\n",
LOG(0, 0, 0, 0, "Can't allocate route for %s/%d (%s)\n",
inet_toa(add.dest.prefix), add.dest.len, strerror(errno));
return 0;
@ -398,7 +398,7 @@ int bgp_add_route(in_addr_t ip, in_addr_t mask)
if (bgp_peers[i].state == Established)
bgp_peers[i].update_routes = 1;
log(4, 0, 0, 0, "Registered BGP route %s/%d\n", inet_toa(add.dest.prefix),
LOG(4, 0, 0, 0, "Registered BGP route %s/%d\n", inet_toa(add.dest.prefix),
add.dest.len);
return 1;
@ -447,7 +447,7 @@ int bgp_del_route(in_addr_t ip, in_addr_t mask)
if (bgp_peers[i].state == Established)
bgp_peers[i].update_routes = 1;
log(4, 0, 0, 0, "Removed BGP route %s/%d\n", inet_toa(del.dest.prefix),
LOG(4, 0, 0, 0, "Removed BGP route %s/%d\n", inet_toa(del.dest.prefix),
del.dest.len);
return 1;
@ -467,7 +467,7 @@ void bgp_enable_routing(int enable)
bgp_peers[i].update_routes = 1;
}
log(4, 0, 0, 0, "%s BGP routing\n", enable ? "Enabled" : "Suspended");
LOG(4, 0, 0, 0, "%s BGP routing\n", enable ? "Enabled" : "Suspended");
}
/* return a bitmask indicating if the socket should be added to the
@ -573,7 +573,7 @@ int bgp_process(struct bgp_peer *peer, int readable, int writable)
{
if (time_now > peer->expire_time)
{
log(1, 0, 0, 0, "No message from BGP peer %s in %ds\n",
LOG(1, 0, 0, 0, "No message from BGP peer %s in %ds\n",
peer->name, peer->hold);
bgp_send_notification(peer, BGP_ERR_HOLD_TIMER_EXP, 0);
@ -590,7 +590,7 @@ int bgp_process(struct bgp_peer *peer, int readable, int writable)
}
else if (time_now > peer->state_time + BGP_KEEPALIVE_TIME)
{
log(1, 0, 0, 0, "%s timer expired for BGP peer %s\n",
LOG(1, 0, 0, 0, "%s timer expired for BGP peer %s\n",
bgp_state_str(peer->state), peer->name);
return bgp_restart(peer);
@ -650,7 +650,7 @@ static int bgp_connect(struct bgp_peer *peer)
struct servent *serv;
if (!(serv = getservbyname("bgp", "tcp")))
{
log(0, 0, 0, 0, "Can't get bgp service (%s)\n", strerror(errno));
LOG(0, 0, 0, 0, "Can't get bgp service (%s)\n", strerror(errno));
return 0;
}
@ -659,7 +659,7 @@ static int bgp_connect(struct bgp_peer *peer)
if ((peer->sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0)
{
log(0, 0, 0, 0, "Can't create a socket for BGP peer %s (%s)\n",
LOG(0, 0, 0, 0, "Can't create a socket for BGP peer %s (%s)\n",
peer->name, strerror(errno));
peer->state = peer->next_state = Disabled;
@ -682,7 +682,7 @@ static int bgp_connect(struct bgp_peer *peer)
if (errno != EINPROGRESS)
{
log(1, 0, 0, 0, "Can't connect to BGP peer %s (%s)\n",
LOG(1, 0, 0, 0, "Can't connect to BGP peer %s (%s)\n",
inet_ntoa(addr.sin_addr), strerror(errno));
bgp_set_retry(peer);
@ -692,7 +692,7 @@ static int bgp_connect(struct bgp_peer *peer)
peer->state = Connect;
peer->state_time = time_now;
log(4, 0, 0, 0, "BGP peer %s: state Connect\n", peer->name);
LOG(4, 0, 0, 0, "BGP peer %s: state Connect\n", peer->name);
return 1;
}
@ -700,7 +700,7 @@ static int bgp_connect(struct bgp_peer *peer)
peer->state_time = time_now;
peer->retry_time = peer->retry_count = 0;
log(4, 0, 0, 0, "BGP peer %s: state Active\n", inet_ntoa(addr.sin_addr));
LOG(4, 0, 0, 0, "BGP peer %s: state Active\n", inet_ntoa(addr.sin_addr));
return bgp_send_open(peer);
}
@ -713,7 +713,7 @@ static int bgp_handle_connect(struct bgp_peer *peer)
getsockopt(peer->sock, SOL_SOCKET, SO_ERROR, &err, &len);
if (err)
{
log(1, 0, 0, 0, "Can't connect to BGP peer %s (%s)\n", peer->name,
LOG(1, 0, 0, 0, "Can't connect to BGP peer %s (%s)\n", peer->name,
strerror(err));
bgp_set_retry(peer);
@ -723,7 +723,7 @@ static int bgp_handle_connect(struct bgp_peer *peer)
peer->state = Active;
peer->state_time = time_now;
log(4, 0, 0, 0, "BGP peer %s: state Active\n", peer->name);
LOG(4, 0, 0, 0, "BGP peer %s: state Active\n", peer->name);
return bgp_send_open(peer);
}
@ -744,9 +744,9 @@ static int bgp_write(struct bgp_peer *peer)
return 1;
if (errno == EPIPE)
log(1, 0, 0, 0, "Connection to BGP peer %s closed\n", peer->name);
LOG(1, 0, 0, 0, "Connection to BGP peer %s closed\n", peer->name);
else
log(1, 0, 0, 0, "Can't write to BGP peer %s (%s)\n", peer->name,
LOG(1, 0, 0, 0, "Can't write to BGP peer %s (%s)\n", peer->name,
strerror(errno));
bgp_set_retry(peer);
@ -759,7 +759,7 @@ static int bgp_write(struct bgp_peer *peer)
return 1;
}
log(4, 0, 0, 0, "Sent %s to BGP peer %s\n",
LOG(4, 0, 0, 0, "Sent %s to BGP peer %s\n",
bgp_msg_type_str(peer->outbuf->packet.header.type), peer->name);
peer->outbuf->packet.header.len = 0;
@ -779,7 +779,7 @@ static int bgp_write(struct bgp_peer *peer)
peer->state = peer->next_state;
peer->state_time = time_now;
log(4, 0, 0, 0, "BGP peer %s: state %s\n", peer->name,
LOG(4, 0, 0, 0, "BGP peer %s: state %s\n", peer->name,
bgp_state_str(peer->state));
}
@ -796,7 +796,7 @@ static int bgp_read(struct bgp_peer *peer)
{
if (!r)
{
log(1, 0, 0, 0, "Connection to BGP peer %s closed\n", peer->name);
LOG(1, 0, 0, 0, "Connection to BGP peer %s closed\n", peer->name);
}
else
{
@ -806,7 +806,7 @@ static int bgp_read(struct bgp_peer *peer)
if (errno == EAGAIN)
return 1;
log(1, 0, 0, 0, "Can't read from BGP peer %s (%s)\n", peer->name,
LOG(1, 0, 0, 0, "Can't read from BGP peer %s (%s)\n", peer->name,
strerror(errno));
}
@ -826,7 +826,7 @@ static int bgp_handle_input(struct bgp_peer *peer)
if (len > BGP_MAX_PACKET_SIZE)
{
log(1, 0, 0, 0, "Bad header length from BGP %s\n", peer->name);
LOG(1, 0, 0, 0, "Bad header length from BGP %s\n", peer->name);
bgp_send_notification(peer, BGP_ERR_HEADER, BGP_ERR_HDR_BAD_LEN);
return 0;
}
@ -834,7 +834,7 @@ static int bgp_handle_input(struct bgp_peer *peer)
if (peer->inbuf->done < len)
return 0;
log(4, 0, 0, 0, "Received %s from BGP peer %s\n",
LOG(4, 0, 0, 0, "Received %s from BGP peer %s\n",
bgp_msg_type_str(p->header.type), peer->name);
switch (p->header.type)
@ -848,7 +848,7 @@ static int bgp_handle_input(struct bgp_peer *peer)
{
if ((unsigned char) p->header.marker[i] != 0xff)
{
log(1, 0, 0, 0, "Invalid marker from BGP peer %s\n",
LOG(1, 0, 0, 0, "Invalid marker from BGP peer %s\n",
peer->name);
bgp_send_notification(peer, BGP_ERR_HEADER,
@ -860,7 +860,7 @@ static int bgp_handle_input(struct bgp_peer *peer)
if (peer->state != OpenSent)
{
log(1, 0, 0, 0, "OPEN from BGP peer %s in %s state\n",
LOG(1, 0, 0, 0, "OPEN from BGP peer %s in %s state\n",
peer->name, bgp_state_str(peer->state));
bgp_send_notification(peer, BGP_ERR_FSM, 0);
@ -871,7 +871,7 @@ static int bgp_handle_input(struct bgp_peer *peer)
if (data.version != BGP_VERSION)
{
log(1, 0, 0, 0, "Bad version (%d) sent by BGP peer %s\n",
LOG(1, 0, 0, 0, "Bad version (%d) sent by BGP peer %s\n",
(int) data.version, peer->name);
bgp_send_notification(peer, BGP_ERR_OPEN, BGP_ERR_OPN_VERSION);
@ -880,7 +880,7 @@ static int bgp_handle_input(struct bgp_peer *peer)
if (ntohs(data.as) != peer->as)
{
log(1, 0, 0, 0, "Bad AS sent by BGP peer %s (got %d, "
LOG(1, 0, 0, 0, "Bad AS sent by BGP peer %s (got %d, "
"expected %d)\n", peer->name, (int) htons(data.as),
(int) peer->as);
@ -890,7 +890,7 @@ static int bgp_handle_input(struct bgp_peer *peer)
if ((peer->hold = ntohs(data.hold_time)) < 10)
{
log(1, 0, 0, 0, "Bad hold time (%d) from BGP peer %s\n",
LOG(1, 0, 0, 0, "Bad hold time (%d) from BGP peer %s\n",
peer->hold, peer->name);
bgp_send_notification(peer, BGP_ERR_OPEN, BGP_ERR_OPN_HOLD_TIME);
@ -915,7 +915,7 @@ static int bgp_handle_input(struct bgp_peer *peer)
peer->retry_count = 0;
peer->retry_time = 0;
log(4, 0, 0, 0, "BGP peer %s: state Established\n", peer->name);
LOG(4, 0, 0, 0, "BGP peer %s: state Established\n", peer->name);
}
break;
@ -928,13 +928,13 @@ static int bgp_handle_input(struct bgp_peer *peer)
if (notification->error_code == BGP_ERR_CEASE)
{
log(4, 0, 0, 0, "BGP peer %s sent CEASE\n", peer->name);
LOG(4, 0, 0, 0, "BGP peer %s sent CEASE\n", peer->name);
bgp_halt(peer);
return 0;
}
/* FIXME: should handle more notifications */
log(4, 0, 0, 0, "BGP peer %s sent unhandled NOTIFICATION %d\n",
LOG(4, 0, 0, 0, "BGP peer %s sent unhandled NOTIFICATION %d\n",
peer->name, (int) notification->error_code);
}
@ -1053,7 +1053,7 @@ static int bgp_send_update(struct bgp_peer *peer)
unf_len += s;
len += s;
log(5, 0, 0, 0, "Withdrawing route %s/%d from BGP peer %s\n",
LOG(5, 0, 0, 0, "Withdrawing route %s/%d from BGP peer %s\n",
inet_toa(tmp->dest.prefix), tmp->dest.len, peer->name);
free(tmp);
@ -1103,7 +1103,7 @@ static int bgp_send_update(struct bgp_peer *peer)
{
if (!(e = malloc(sizeof(*e))))
{
log(0, 0, 0, 0, "Can't allocate route for %s/%d (%s)\n",
LOG(0, 0, 0, 0, "Can't allocate route for %s/%d (%s)\n",
inet_toa(add->dest.prefix), add->dest.len, strerror(errno));
return 0;
@ -1127,7 +1127,7 @@ static int bgp_send_update(struct bgp_peer *peer)
data += s;
len += s;
log(5, 0, 0, 0, "Advertising route %s/%d to BGP peer %s\n",
LOG(5, 0, 0, 0, "Advertising route %s/%d to BGP peer %s\n",
inet_toa(add->dest.prefix), add->dest.len, peer->name);
}
else

24
cli.c
View file

@ -2,7 +2,7 @@
// vim: sw=8 ts=8
char const *cvs_name = "$Name: $";
char const *cvs_id_cli = "$Id: cli.c,v 1.23 2004/11/05 02:47:47 bodea Exp $";
char const *cvs_id_cli = "$Id: cli.c,v 1.24 2004/11/05 04:55:26 bodea Exp $";
#include <stdio.h>
#include <stdarg.h>
@ -186,7 +186,7 @@ void init_cli(char *hostname)
if (!(f = fopen(CLIUSERS, "r")))
{
log(0, 0, 0, 0, "WARNING! No users specified. Command-line access is open to all\n");
LOG(0, 0, 0, 0, "WARNING! No users specified. Command-line access is open to all\n");
}
else
{
@ -202,12 +202,12 @@ void init_cli(char *hostname)
if (!strcmp(buf, "enable"))
{
cli_allow_enable(cli, p);
log(3, 0, 0, 0, "Setting enable password\n");
LOG(3, 0, 0, 0, "Setting enable password\n");
}
else
{
cli_allow_user(cli, buf, p);
log(3, 0, 0, 0, "Allowing user %s to connect to the CLI\n", buf);
LOG(3, 0, 0, 0, "Allowing user %s to connect to the CLI\n", buf);
}
}
fclose(f);
@ -226,7 +226,7 @@ void init_cli(char *hostname)
addr.sin_port = htons(23);
if (bind(clifd, (void *) &addr, sizeof(addr)) < 0)
{
log(0, 0, 0, 0, "Error listening on cli port 23: %s\n", strerror(errno));
LOG(0, 0, 0, 0, "Error listening on cli port 23: %s\n", strerror(errno));
return;
}
listen(clifd, 10);
@ -241,18 +241,18 @@ void cli_do(int sockfd)
if (fork_and_close()) return;
if (getpeername(sockfd, (struct sockaddr *)&addr, &l) == 0)
{
log(3, 0, 0, 0, "Accepted connection to CLI from %s\n", inet_toa(addr.sin_addr.s_addr));
LOG(3, 0, 0, 0, "Accepted connection to CLI from %s\n", inet_toa(addr.sin_addr.s_addr));
require_auth = addr.sin_addr.s_addr != inet_addr("127.0.0.1");
}
else
log(0, 0, 0, 0, "getpeername() failed on cli socket. Requiring authentication: %s\n", strerror(errno));
LOG(0, 0, 0, 0, "getpeername() failed on cli socket. Requiring authentication: %s\n", strerror(errno));
if (require_auth)
{
log(3, 0, 0, 0, "CLI is remote, requiring authentication\n");
LOG(3, 0, 0, 0, "CLI is remote, requiring authentication\n");
if (!cli->users) /* paranoia */
{
log(0, 0, 0, 0, "No users for remote authentication! Exiting CLI\n");
LOG(0, 0, 0, 0, "No users for remote authentication! Exiting CLI\n");
exit(0);
}
}
@ -273,18 +273,18 @@ void cli_do(int sockfd)
cli_loop(cli, sockfd);
close(sockfd);
log(3, 0, 0, 0, "Closed CLI connection from %s\n", inet_toa(addr.sin_addr.s_addr));
LOG(3, 0, 0, 0, "Closed CLI connection from %s\n", inet_toa(addr.sin_addr.s_addr));
exit(0);
}
void cli_print_log(struct cli_def *cli, char *string)
{
log(3, 0, 0, 0, "%s\n", string);
LOG(3, 0, 0, 0, "%s\n", string);
}
void cli_do_file(FILE *fh)
{
log(3, 0, 0, 0, "Reading configuration file\n");
LOG(3, 0, 0, 0, "Reading configuration file\n");
cli_print_callback(cli, cli_print_log);
cli_file(cli, fh, PRIVILEGE_PRIVILEGED, MODE_CONFIG);
cli_print_callback(cli, NULL);

144
cluster.c
View file

@ -1,6 +1,6 @@
// L2TPNS Clustering Stuff
char const *cvs_id_cluster = "$Id: cluster.c,v 1.15 2004/11/02 04:35:03 bodea Exp $";
char const *cvs_id_cluster = "$Id: cluster.c,v 1.16 2004/11/05 04:55:26 bodea Exp $";
#include <stdio.h>
#include <sys/file.h>
@ -101,14 +101,14 @@ int cluster_init()
if (bind(cluster_sockfd, (void *) &addr, sizeof(addr)) < 0)
{
log(0, 0, 0, 0, "Failed to bind cluster socket: %s\n", strerror(errno));
LOG(0, 0, 0, 0, "Failed to bind cluster socket: %s\n", strerror(errno));
return -1;
}
strcpy(ifr.ifr_name, config->cluster_interface);
if (ioctl(cluster_sockfd, SIOCGIFADDR, &ifr) < 0)
{
log(0, 0, 0, 0, "Failed to get interface address for (%s): %s\n", config->cluster_interface, strerror(errno));
LOG(0, 0, 0, 0, "Failed to get interface address for (%s): %s\n", config->cluster_interface, strerror(errno));
return -1;
}
@ -125,13 +125,13 @@ int cluster_init()
if (setsockopt(cluster_sockfd, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq)) < 0)
{
log(0, 0, 0, 0, "Failed to setsockopt (join mcast group): %s\n", strerror(errno));
LOG(0, 0, 0, 0, "Failed to setsockopt (join mcast group): %s\n", strerror(errno));
return -1;
}
if (setsockopt (cluster_sockfd, IPPROTO_IP, IP_MULTICAST_IF, &interface_addr, sizeof(interface_addr)) < 0)
{
log(0, 0, 0, 0, "Failed to setsockopt (set mcast interface): %s\n", strerror(errno));
LOG(0, 0, 0, 0, "Failed to setsockopt (set mcast interface): %s\n", strerror(errno));
return -1;
}
@ -158,11 +158,11 @@ int cluster_send_data(void *data, int datalen)
addr.sin_port = htons(CLUSTERPORT);
addr.sin_family = AF_INET;
log(5,0,0,0, "Cluster send data: %d bytes\n", datalen);
LOG(5,0,0,0, "Cluster send data: %d bytes\n", datalen);
if (sendto(cluster_sockfd, data, datalen, MSG_NOSIGNAL, (void *) &addr, sizeof(addr)) < 0)
{
log(0, 0, 0, 0, "sendto: %s\n", strerror(errno));
LOG(0, 0, 0, 0, "sendto: %s\n", strerror(errno));
return -1;
}
@ -198,7 +198,7 @@ void cluster_uptodate(void)
config->cluster_iam_uptodate = 1;
log(0,0,0,0, "Now uptodate with master.\n");
LOG(0,0,0,0, "Now uptodate with master.\n");
#ifdef BGP
if (bgp_configured)
@ -227,11 +227,11 @@ int peer_send_data(u32 peer, char * data, int size)
addr.sin_port = htons(CLUSTERPORT);
addr.sin_family = AF_INET;
log_hex(5, "Peer send", data, size);
LOG_HEX(5, "Peer send", data, size);
if (sendto(cluster_sockfd, data, size, MSG_NOSIGNAL, (void *) &addr, sizeof(addr)) < 0)
{
log(0, 0, 0, 0, "sendto: %s\n", strerror(errno));
LOG(0, 0, 0, 0, "sendto: %s\n", strerror(errno));
return -1;
}
@ -246,7 +246,7 @@ int peer_send_message(u32 peer, int type, int more, char * data, int size)
char buf[65536]; // Vast overkill.
char * p = buf;
log(4,0,0,0, "Sending message to peer (type %d, more %d, size %d)\n", type, more, size);
LOG(4,0,0,0, "Sending message to peer (type %d, more %d, size %d)\n", type, more, size);
add_type(&p, type, more, data, size);
return peer_send_data(peer, buf, (p-buf) );
@ -266,7 +266,7 @@ int master_forward_packet(char *data, int size, u32 addr, int port)
if (!config->cluster_master_address) // No election has been held yet. Just skip it.
return -1;
log(4,0,0,0, "Forwarding packet from %s to master (size %d)\n", inet_toa(addr), size);
LOG(4,0,0,0, "Forwarding packet from %s to master (size %d)\n", inet_toa(addr), size);
STAT(c_forwarded);
add_type(&p, C_FORWARD, addr, (char*) &port, sizeof(port) );
@ -292,7 +292,7 @@ int master_throttle_packet(int tbfid, char *data, int size)
if (!config->cluster_master_address) // No election has been held yet. Just skip it.
return -1;
log(4,0,0,0, "Throttling packet master (size %d, tbfid %d)\n", size, tbfid);
LOG(4,0,0,0, "Throttling packet master (size %d, tbfid %d)\n", size, tbfid);
add_type(&p, C_THROTTLE, tbfid, data, size);
@ -317,7 +317,7 @@ int master_garden_packet(sessionidt s, char *data, int size)
if (!config->cluster_master_address) // No election has been held yet. Just skip it.
return -1;
log(4,0,0,0, "Walled garden packet to master (size %d)\n", size);
LOG(4,0,0,0, "Walled garden packet to master (size %d)\n", size);
add_type(&p, C_GARDEN, s, data, size);
@ -335,7 +335,7 @@ static void send_heartbeat(int seq, char * data, int size)
if (size > sizeof(past_hearts[0].data))
{
log(0,0,0,0, "Tried to heartbeat something larger than the maximum packet!\n");
LOG(0,0,0,0, "Tried to heartbeat something larger than the maximum packet!\n");
kill(0, SIGTERM);
exit(1);
}
@ -358,7 +358,7 @@ void cluster_send_ping(time_t basetime)
if (config->cluster_iam_master && basetime) // We're heartbeating so no need to ping.
return;
log(5,0,0,0, "Sending cluster ping...\n");
LOG(5,0,0,0, "Sending cluster ping...\n");
x.ver = 1;
x.addr = config->bind_address;
@ -417,7 +417,7 @@ void master_update_counts(void)
// Forward the data to the master.
log(4,0,0,0, "Sending byte counters to master (%d elements)\n", c);
LOG(4,0,0,0, "Sending byte counters to master (%d elements)\n", c);
peer_send_message(config->cluster_master_address, C_BYTES, c, (char*) &b, sizeof(b[0]) * c);
return;
}
@ -488,7 +488,7 @@ void cluster_check_master(void)
if (!probed && config->cluster_master_address)
{
probed = 1;
log(1, 0, 0, 0, "Heartbeat from master %.1fs late, probing...\n",
LOG(1, 0, 0, 0, "Heartbeat from master %.1fs late, probing...\n",
0.1 * (TIME - (config->cluster_last_hb + config->cluster_hb_interval)));
peer_send_message(config->cluster_master_address,
@ -503,7 +503,7 @@ void cluster_check_master(void)
config->cluster_last_hb = TIME + 1; // Just the one election thanks.
log(0,0,0,0, "Master timed out! Holding election...\n");
LOG(0,0,0,0, "Master timed out! Holding election...\n");
for (i = 0; i < num_peers; i++)
{
@ -514,13 +514,13 @@ void cluster_check_master(void)
continue; // Shutdown peer! Skip them.
if (peers[i].basetime < basetime) {
log(1,0,0,0, "Expecting %s to become master\n", inet_toa(peers[i].peer) );
LOG(1,0,0,0, "Expecting %s to become master\n", inet_toa(peers[i].peer) );
return; // They'll win the election. Get out of here.
}
if (peers[i].basetime == basetime &&
peers[i].peer > my_address) {
log(1,0,0,0, "Expecting %s to become master\n", inet_toa(peers[i].peer) );
LOG(1,0,0,0, "Expecting %s to become master\n", inet_toa(peers[i].peer) );
return; // They'll win the election. Wait for them to come up.
}
}
@ -532,7 +532,7 @@ void cluster_check_master(void)
config->cluster_iam_master = 1;
config->cluster_master_address = 0;
log(0,0,0,0, "I am declaring myself the master!\n");
LOG(0,0,0,0, "I am declaring myself the master!\n");
if (config->cluster_seq_number == -1)
config->cluster_seq_number = 0;
@ -604,7 +604,7 @@ void cluster_check_master(void)
// If we're not the very first master, this is a big issue!
if(count>0)
log(0,0,0,0, "Warning: Fixed %d uninitialized sessions in becoming master!\n", count);
LOG(0,0,0,0, "Warning: Fixed %d uninitialized sessions in becoming master!\n", count);
config->cluster_undefined_sessions = 0;
config->cluster_undefined_tunnels = 0;
@ -664,7 +664,7 @@ static void cluster_check_sessions(int highsession, int freesession_ptr, int hig
if (config->cluster_undefined_sessions || config->cluster_undefined_tunnels) {
log(2,0,0,0, "Cleared undefined sessions/tunnels. %d sess (high %d), %d tunn (high %d)\n",
LOG(2,0,0,0, "Cleared undefined sessions/tunnels. %d sess (high %d), %d tunn (high %d)\n",
config->cluster_undefined_sessions, highsession, config->cluster_undefined_tunnels, hightunnel);
return;
}
@ -718,7 +718,7 @@ int hb_add_type(char **p, int type, int id)
(char*) &tunnel[id], sizeof(tunnelt));
break;
default:
log(0,0,0,0, "Found an invalid type in heart queue! (%d)\n", type);
LOG(0,0,0,0, "Found an invalid type in heart queue! (%d)\n", type);
kill(0, SIGTERM);
exit(1);
}
@ -761,7 +761,7 @@ void cluster_heartbeat()
}
if (p > (buff + sizeof(buff))) { // Did we somehow manage to overun the buffer?
log(0,0,0,0, "FATAL: Overran the heartbeat buffer! This is fatal. Exiting. (size %d)\n", p - buff);
LOG(0,0,0,0, "FATAL: Overran the heartbeat buffer! This is fatal. Exiting. (size %d)\n", p - buff);
kill(0, SIGTERM);
exit(1);
}
@ -806,12 +806,12 @@ void cluster_heartbeat()
//
// Did we do something wrong?
if (p > (buff + sizeof(buff))) { // Did we somehow manage to overun the buffer?
log(0,0,0,0, "Overran the heartbeat buffer now! This is fatal. Exiting. (size %d)\n", p - buff);
LOG(0,0,0,0, "Overran the heartbeat buffer now! This is fatal. Exiting. (size %d)\n", p - buff);
kill(0, SIGTERM);
exit(1);
}
log(3,0,0,0, "Sending heartbeat #%d with %d changes (%d x-sess, %d x-tunnels, %d highsess, %d hightun, size %d)\n",
LOG(3,0,0,0, "Sending heartbeat #%d with %d changes (%d x-sess, %d x-tunnels, %d highsess, %d hightun, size %d)\n",
h.seq, config->cluster_num_changes, count, tcount, config->cluster_highest_sessionid,
config->cluster_highest_tunnelid, (p-buff));
@ -849,7 +849,7 @@ int type_changed(int type, int id)
int cluster_send_session(int sid)
{
if (!config->cluster_iam_master) {
log(0,0,sid,0, "I'm not a master, but I just tried to change a session!\n");
LOG(0,0,sid,0, "I'm not a master, but I just tried to change a session!\n");
return -1;
}
@ -860,7 +860,7 @@ int cluster_send_session(int sid)
int cluster_send_tunnel(int tid)
{
if (!config->cluster_iam_master) {
log(0,0,0,tid, "I'm not a master, but I just tried to change a tunnel!\n");
LOG(0,0,0,tid, "I'm not a master, but I just tried to change a tunnel!\n");
return -1;
}
@ -878,14 +878,14 @@ int cluster_catchup_slave(int seq, u32 slave)
int s;
int diff;
log(1,0,0,0, "Slave %s sent LASTSEEN with seq %d\n", inet_toa(slave), seq);
LOG(1,0,0,0, "Slave %s sent LASTSEEN with seq %d\n", inet_toa(slave), seq);
diff = config->cluster_seq_number - seq; // How many packet do we need to send?
if (diff < 0)
diff += HB_MAX_SEQ;
if (diff >= HB_HISTORY_SIZE) { // Ouch. We don't have the packet to send it!
log(0,0,0,0, "A slaved asked for message %d when our seq number is %d. Killing it.\n",
LOG(0,0,0,0, "A slaved asked for message %d when our seq number is %d. Killing it.\n",
seq, config->cluster_seq_number);
return peer_send_message(slave, C_KILL, seq, NULL, 0);// Kill the slave. Nothing else to do.
}
@ -894,7 +894,7 @@ int cluster_catchup_slave(int seq, u32 slave)
while (seq != config->cluster_seq_number) {
s = seq%HB_HISTORY_SIZE;
if (seq != past_hearts[s].seq) {
log(0,0,0,0, "Tried to re-send heartbeat for %s but %d doesn't match %d! (%d,%d)\n",
LOG(0,0,0,0, "Tried to re-send heartbeat for %s but %d doesn't match %d! (%d,%d)\n",
inet_toa(slave), seq, past_hearts[s].seq, s, config->cluster_seq_number);
return -1; // What to do here!?
}
@ -928,7 +928,7 @@ int cluster_add_peer(u32 peer, time_t basetime, pingt *pp, int size)
if (clusterid != config->bind_address)
{
// Is this for us?
log(4,0,0,0, "Skipping ping from %s (different cluster)\n", inet_toa(peer));
LOG(4,0,0,0, "Skipping ping from %s (different cluster)\n", inet_toa(peer));
return 0;
}
@ -946,7 +946,7 @@ int cluster_add_peer(u32 peer, time_t basetime, pingt *pp, int size)
// Is this the master shutting down??
if (peer == config->cluster_master_address && !basetime) {
log(3,0,0,0, "Master %s shutting down...\n", inet_toa(config->cluster_master_address));
LOG(3,0,0,0, "Master %s shutting down...\n", inet_toa(config->cluster_master_address));
config->cluster_master_address = 0;
config->cluster_last_hb = 0; // Force an election.
cluster_check_master();
@ -955,7 +955,7 @@ int cluster_add_peer(u32 peer, time_t basetime, pingt *pp, int size)
if (i >= num_peers)
{
log(4,0,0,0, "Adding %s as a peer\n", inet_toa(peer));
LOG(4,0,0,0, "Adding %s as a peer\n", inet_toa(peer));
// Not found. Is there a stale slot to re-use?
for (i = 0; i < num_peers ; ++i)
@ -970,7 +970,7 @@ int cluster_add_peer(u32 peer, time_t basetime, pingt *pp, int size)
if (i >= CLUSTER_MAX_SIZE)
{
// Too many peers!!
log(0,0,0,0, "Tried to add %s as a peer, but I already have %d of them!\n", inet_toa(peer), i);
LOG(0,0,0,0, "Tried to add %s as a peer, but I already have %d of them!\n", inet_toa(peer), i);
return -1;
}
@ -981,7 +981,7 @@ int cluster_add_peer(u32 peer, time_t basetime, pingt *pp, int size)
if (i == num_peers)
++num_peers;
log(1,0,0,0, "Added %s as a new peer. Now %d peers\n", inet_toa(peer), num_peers);
LOG(1,0,0,0, "Added %s as a new peer. Now %d peers\n", inet_toa(peer), num_peers);
}
return 1;
@ -998,14 +998,14 @@ int cluster_handle_bytes(char * data, int size)
b = (bytest*) data;
log(3,0,0,0, "Got byte counter update (size %d)\n", size);
LOG(3,0,0,0, "Got byte counter update (size %d)\n", size);
/* Loop around, adding the byte
counts to each of the sessions. */
while (size >= sizeof(*b) ) {
if (b->sid > MAXSESSION) {
log(0,0,0,0, "Got C_BYTES with session #%d!\n", b->sid);
LOG(0,0,0,0, "Got C_BYTES with session #%d!\n", b->sid);
return -1; /* Abort processing */
}
@ -1021,7 +1021,7 @@ int cluster_handle_bytes(char * data, int size)
}
if (size != 0)
log(0,0,0,0, "Got C_BYTES with %d bytes of trailing junk!\n", size);
LOG(0,0,0,0, "Got C_BYTES with %d bytes of trailing junk!\n", size);
return size;
}
@ -1032,13 +1032,13 @@ int cluster_handle_bytes(char * data, int size)
static int cluster_recv_session(int more , u8 * p)
{
if (more >= MAXSESSION) {
log(0,0,0,0, "DANGER: Received a heartbeat session id > MAXSESSION!\n");
LOG(0,0,0,0, "DANGER: Received a heartbeat session id > MAXSESSION!\n");
return -1;
}
if (session[more].tunnel == T_UNDEF) {
if (config->cluster_iam_uptodate) { // Sanity.
log(0,0,0,0, "I thought I was uptodate but I just found an undefined session!\n");
LOG(0,0,0,0, "I thought I was uptodate but I just found an undefined session!\n");
} else {
--config->cluster_undefined_sessions;
}
@ -1046,7 +1046,7 @@ static int cluster_recv_session(int more , u8 * p)
load_session(more, (sessiont*) p); // Copy session into session table..
log(5,0,more,0, "Received session update (%d undef)\n", config->cluster_undefined_sessions);
LOG(5,0,more,0, "Received session update (%d undef)\n", config->cluster_undefined_sessions);
if (!config->cluster_iam_uptodate)
cluster_uptodate(); // Check to see if we're up to date.
@ -1057,13 +1057,13 @@ static int cluster_recv_session(int more , u8 * p)
static int cluster_recv_tunnel(int more, u8 *p)
{
if (more >= MAXTUNNEL) {
log(0,0,0,0, "DANGER: Received a tunnel session id > MAXTUNNEL!\n");
LOG(0,0,0,0, "DANGER: Received a tunnel session id > MAXTUNNEL!\n");
return -1;
}
if (tunnel[more].state == TUNNELUNDEF) {
if (config->cluster_iam_uptodate) { // Sanity.
log(0,0,0,0, "I thought I was uptodate but I just found an undefined tunnel!\n");
LOG(0,0,0,0, "I thought I was uptodate but I just found an undefined tunnel!\n");
} else {
--config->cluster_undefined_tunnels;
}
@ -1078,7 +1078,7 @@ static int cluster_recv_tunnel(int more, u8 *p)
tunnel[more].controls = tunnel[more].controle = NULL;
tunnel[more].controlc = 0;
log(5,0,0,more, "Received tunnel update\n");
LOG(5,0,0,more, "Received tunnel update\n");
if (!config->cluster_iam_uptodate)
cluster_uptodate(); // Check to see if we're up to date.
@ -1102,7 +1102,7 @@ static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32
// we handle version 2+
if (more < 2 || more > HB_VERSION) {
log(0,0,0,0, "Received a heartbeat version that I don't support (%d)!\n", more);
LOG(0,0,0,0, "Received a heartbeat version that I don't support (%d)!\n", more);
return -1; // Ignore it??
}
@ -1120,18 +1120,18 @@ static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32
if (config->cluster_iam_master) { // Sanity...
// Note that this MUST match the election process above!
log(0,0,0,0, "I just got a packet claiming to be from a master but _I_ am the master!\n");
LOG(0,0,0,0, "I just got a packet claiming to be from a master but _I_ am the master!\n");
if (!h->basetime) {
log(0,0,0,0, "Heartbeat from addr %s with zero basetime!\n", inet_toa(addr) );
LOG(0,0,0,0, "Heartbeat from addr %s with zero basetime!\n", inet_toa(addr) );
return -1; // Skip it.
}
if (basetime > h->basetime) {
log(0,0,0,0, "They're (%s) an older master than me so I'm gone!\n", inet_toa(addr));
LOG(0,0,0,0, "They're (%s) an older master than me so I'm gone!\n", inet_toa(addr));
kill(0, SIGTERM);
exit(1);
}
if (basetime == h->basetime && my_address < addr) { // Tie breaker.
log(0,0,0,0, "They're a higher IP address than me, so I'm gone!\n");
LOG(0,0,0,0, "They're a higher IP address than me, so I'm gone!\n");
kill(0, SIGTERM);
exit(1);
}
@ -1144,7 +1144,7 @@ static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32
config->cluster_last_hb = TIME; // Reset to ensure that we don't become master!!
if (config->cluster_seq_number != h->seq) { // Out of sequence heartbeat!
log(1,0,0,0, "HB: Got seq# %d but was expecting %d. asking for resend.\n", h->seq, config->cluster_seq_number);
LOG(1,0,0,0, "HB: Got seq# %d but was expecting %d. asking for resend.\n", h->seq, config->cluster_seq_number);
peer_send_message(addr, C_LASTSEEN, config->cluster_seq_number, NULL, 0);
@ -1171,7 +1171,7 @@ static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32
{
if (h->interval != config->cluster_hb_interval)
{
log(2, 0, 0, 0, "Master set ping/heartbeat interval to %u (was %u)\n",
LOG(2, 0, 0, 0, "Master set ping/heartbeat interval to %u (was %u)\n",
h->interval, config->cluster_hb_interval);
config->cluster_hb_interval = h->interval;
@ -1179,7 +1179,7 @@ static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32
if (h->timeout != config->cluster_hb_timeout)
{
log(2, 0, 0, 0, "Master set heartbeat timeout to %u (was %u)\n",
LOG(2, 0, 0, 0, "Master set heartbeat timeout to %u (was %u)\n",
h->timeout, config->cluster_hb_timeout);
config->cluster_hb_timeout = h->timeout;
@ -1207,7 +1207,7 @@ static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32
s -= (p - orig_p);
if (size != sizeof(sessiont) ) { // Ouch! Very very bad!
log(0,0,0,0, "DANGER: Received a CSESSION that didn't decompress correctly!\n");
LOG(0,0,0,0, "DANGER: Received a CSESSION that didn't decompress correctly!\n");
// Now what? Should exit! No-longer up to date!
break;
}
@ -1234,7 +1234,7 @@ static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32
s -= (p - orig_p);
if (size != sizeof(tunnelt) ) { // Ouch! Very very bad!
log(0,0,0,0, "DANGER: Received a CSESSION that didn't decompress correctly!\n");
LOG(0,0,0,0, "DANGER: Received a CSESSION that didn't decompress correctly!\n");
// Now what? Should exit! No-longer up to date!
break;
}
@ -1253,7 +1253,7 @@ static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32
s -= sizeof(tunnel[more]);
break;
default:
log(0,0,0,0, "DANGER: I received a heartbeat element where I didn't understand the type! (%d)\n", type);
LOG(0,0,0,0, "DANGER: I received a heartbeat element where I didn't understand the type! (%d)\n", type);
return -1; // can't process any more of the packet!!
}
}
@ -1261,7 +1261,7 @@ static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32
{
char *str;
str = strdup(inet_toa(config->cluster_master_address));
log(0,0,0,0, "My master just changed from %s to %s!\n", str, inet_toa(addr));
LOG(0,0,0,0, "My master just changed from %s to %s!\n", str, inet_toa(addr));
if (str) free(str);
}
@ -1270,7 +1270,7 @@ static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32
return 0;
shortpacket:
log(0,0,0,0, "I got an incomplete heartbeat packet! This means I'm probably out of sync!!\n");
LOG(0,0,0,0, "I got an incomplete heartbeat packet! This means I'm probably out of sync!!\n");
return -1;
}
@ -1287,7 +1287,7 @@ int processcluster(char * data, int size, u32 addr)
if (addr == my_address)
return -1; // Ignore it. Something looped back the multicast!
log(5,0,0,0, "Process cluster: %d bytes from %s\n", size, inet_toa(addr));
LOG(5,0,0,0, "Process cluster: %d bytes from %s\n", size, inet_toa(addr));
if (s <= 0) // Any data there??
return -1;
@ -1319,18 +1319,18 @@ int processcluster(char * data, int size, u32 addr)
p += sizeof(int);
if (!config->cluster_iam_master) { // huh?
log(0,0,0,0, "I'm not the master, but I got a C_FORWARD from %s?\n", inet_toa(addr));
LOG(0,0,0,0, "I'm not the master, but I got a C_FORWARD from %s?\n", inet_toa(addr));
return -1;
}
log(4,0,0,0, "Got a forwarded packet... (%s:%d)\n", inet_toa(more), a.sin_port);
LOG(4,0,0,0, "Got a forwarded packet... (%s:%d)\n", inet_toa(more), a.sin_port);
STAT(recv_forward);
processudp(p, s, &a);
return 0;
}
case C_THROTTLE: { // Receive a forwarded packet from a slave.
if (!config->cluster_iam_master) {
log(0,0,0,0, "I'm not the master, but I got a C_THROTTLE from %s?\n", inet_toa(addr));
LOG(0,0,0,0, "I'm not the master, but I got a C_THROTTLE from %s?\n", inet_toa(addr));
return -1;
}
@ -1340,7 +1340,7 @@ int processcluster(char * data, int size, u32 addr)
case C_GARDEN:
// Receive a walled garden packet from a slave.
if (!config->cluster_iam_master) {
log(0,0,0,0, "I'm not the master, but I got a C_GARDEN from %s?\n", inet_toa(addr));
LOG(0,0,0,0, "I'm not the master, but I got a C_GARDEN from %s?\n", inet_toa(addr));
return -1;
}
@ -1352,37 +1352,37 @@ int processcluster(char * data, int size, u32 addr)
case C_KILL: // The master asked us to die!? (usually because we're too out of date).
if (config->cluster_iam_master) {
log(0,0,0,0, "_I_ am master, but I received a C_KILL from %s! (Seq# %d)\n", inet_toa(addr), more);
LOG(0,0,0,0, "_I_ am master, but I received a C_KILL from %s! (Seq# %d)\n", inet_toa(addr), more);
return -1;
}
if (more != config->cluster_seq_number) {
log(0,0,0,0, "The master asked us to die but the seq number didn't match!?\n");
LOG(0,0,0,0, "The master asked us to die but the seq number didn't match!?\n");
return -1;
}
if (addr != config->cluster_master_address) {
log(0,0,0,0, "Received a C_KILL from %s which doesn't match config->cluster_master_address (%x)\n",
LOG(0,0,0,0, "Received a C_KILL from %s which doesn't match config->cluster_master_address (%x)\n",
inet_toa(addr), config->cluster_master_address);
// We can only warn about it. The master might really have switched!
}
log(0,0,0,0, "Received a valid C_KILL: I'm going to die now.\n");
LOG(0,0,0,0, "Received a valid C_KILL: I'm going to die now.\n");
kill(0, SIGTERM);
exit(0); // Lets be paranoid;
return -1; // Just signalling the compiler.
case C_HEARTBEAT:
log(4,0,0,0, "Got a heartbeat from %s\n", inet_toa(addr));
LOG(4,0,0,0, "Got a heartbeat from %s\n", inet_toa(addr));
return cluster_process_heartbeat(data, size, more, p, addr);
default:
log(0,0,0,0, "Strange type packet received on cluster socket (%d)\n", type);
LOG(0,0,0,0, "Strange type packet received on cluster socket (%d)\n", type);
return -1;
}
return 0;
shortpacket:
log(0,0,0,0, "I got a _short_ cluster heartbeat packet! This means I'm probably out of sync!!\n");
LOG(0,0,0,0, "I got a _short_ cluster heartbeat packet! This means I'm probably out of sync!!\n");
return -1;
}

20
garden.c
View file

@ -9,7 +9,7 @@
/* walled garden */
char const *cvs_id = "$Id: garden.c,v 1.10 2004/11/05 02:39:35 bodea Exp $";
char const *cvs_id = "$Id: garden.c,v 1.11 2004/11/05 04:55:27 bodea Exp $";
int __plugin_api_version = 1;
static struct pluginfuncs *p = 0;
@ -47,7 +47,7 @@ int plugin_post_auth(struct param_post_auth *data)
// Ignore if user authentication was successful
if (data->auth_allowed) return PLUGIN_RET_OK;
p->_log(3, 0, 0, 0, "Walled Garden allowing login\n");
p->log(3, 0, 0, 0, "Walled Garden allowing login\n");
data->auth_allowed = 1;
data->s->walled_garden = 1;
return PLUGIN_RET_OK;
@ -102,7 +102,7 @@ int plugin_control(struct param_control *data)
sprintf((data->response + data->response_length), "%s", errormsg);
data->response_length += strlen(errormsg) + 1;
p->_log(3, 0, 0, 0, "Unknown session %d\n", session);
p->log(3, 0, 0, 0, "Unknown session %d\n", session);
return PLUGIN_RET_STOP;
}
*(short *)(data->response + 2) = ntohs(PKT_RESP_OK);
@ -125,7 +125,7 @@ int plugin_become_master(void)
for (i = 0; up_commands[i] && *up_commands[i]; i++)
{
p->_log(3, 0, 0, 0, "Running %s\n", up_commands[i]);
p->log(3, 0, 0, 0, "Running %s\n", up_commands[i]);
system(up_commands[i]);
}
@ -150,9 +150,9 @@ int garden_session(sessiont *s, int flag)
if (flag == 1)
{
p->_log(2, 0, 0, s->tunnel, "Garden user %s (%s)\n", s->user, p->inet_toa(htonl(s->ip)));
p->log(2, 0, 0, s->tunnel, "Garden user %s (%s)\n", s->user, p->inet_toa(htonl(s->ip)));
snprintf(cmd, sizeof(cmd), "iptables -t nat -A garden_users -s %s -j garden", p->inet_toa(htonl(s->ip)));
p->_log(3, 0, 0, s->tunnel, "%s\n", cmd);
p->log(3, 0, 0, s->tunnel, "%s\n", cmd);
system(cmd);
s->walled_garden = 1;
}
@ -162,7 +162,7 @@ int garden_session(sessiont *s, int flag)
int count = 40;
// Normal User
p->_log(2, 0, 0, s->tunnel, "Un-Garden user %s (%s)\n", s->user, p->inet_toa(htonl(s->ip)));
p->log(2, 0, 0, s->tunnel, "Un-Garden user %s (%s)\n", s->user, p->inet_toa(htonl(s->ip)));
// Kick off any duplicate usernames
// but make sure not to kick off ourself
if (s->ip && !s->die && (other = p->get_session_by_username(s->user)) && s != p->get_session_by_id(other)) {
@ -173,7 +173,7 @@ int garden_session(sessiont *s, int flag)
s->pin = s->pout = 0;
snprintf(cmd, sizeof(cmd), "iptables -t nat -D garden_users -s %s -j garden", p->inet_toa(htonl(s->ip)));
p->_log(3, 0, 0, s->tunnel, "%s\n", cmd);
p->log(3, 0, 0, s->tunnel, "%s\n", cmd);
while (--count)
{
int status = system(cmd);
@ -217,7 +217,7 @@ int plugin_init(struct pluginfuncs *funcs)
int i;
for (i = 0; down_commands[i] && *down_commands[i]; i++)
{
p->_log(3, 0, 0, 0, "Running %s\n", down_commands[i]);
p->log(3, 0, 0, 0, "Running %s\n", down_commands[i]);
system(down_commands[i]);
}
}
@ -234,7 +234,7 @@ void plugin_done()
for (i = 0; down_commands[i] && *down_commands[i]; i++)
{
p->_log(3, 0, 0, 0, "Running %s\n", down_commands[i]);
p->log(3, 0, 0, 0, "Running %s\n", down_commands[i]);
system(down_commands[i]);
}
}

416
l2tpns.c
View file

File diff suppressed because it is too large Load diff

22
l2tpns.h
View file

@ -1,5 +1,5 @@
// L2TPNS Global Stuff
// $Id: l2tpns.h,v 1.29 2004/11/05 02:47:47 bodea Exp $
// $Id: l2tpns.h,v 1.30 2004/11/05 04:55:27 bodea Exp $
#ifndef __L2TPNS_H__
#define __L2TPNS_H__
@ -203,16 +203,16 @@ typedef struct sessions
}
sessiont;
#define SF_IPCP_ACKED (1<<0) // Has this session seen an IPCP Ack?
#define SF_IPCP_ACKED 1 // Has this session seen an IPCP Ack?
#define SF_LCP_ACKED 2 // LCP negotiated
typedef struct {
u32 cin;
u32 cout;
} sessioncountt;
#define SESSIONPFC 1 // PFC negotiated flags
#define SESSIONACFC 2 // ACFC negotiated flags
#define SESSIONLCPACK 4 // LCP negotiated
#define SESSIONPFC 1 // PFC negotiated flags
#define SESSIONACFC 2 // ACFC negotiated flags
// 168 bytes per tunnel
typedef struct tunnels
@ -540,10 +540,10 @@ int cmd_show_ipcache(struct cli_def *cli, char *command, char **argv, int argc);
int cmd_show_hist_idle(struct cli_def *cli, char *command, char **argv, int argc);
int cmd_show_hist_open(struct cli_def *cli, char *command, char **argv, int argc);
#undef log
#undef log_hex
#define log(D, a, s, t, f, ...) ({ if (D <= config->debug) _log(D, a, s, t, f, ## __VA_ARGS__); })
#define log_hex(D, t, d, s) ({ if (D <= config->debug) _log_hex(D, t, d, s); })
#undef LOG
#undef LOG_HEX
#define LOG(D, a, s, t, f, ...) ({ if (D <= config->debug) _log(D, a, s, t, f, ## __VA_ARGS__); })
#define LOG_HEX(D, t, d, s) ({ if (D <= config->debug) _log_hex(D, t, d, s); })
void _log(int level, ipt address, sessionidt s, tunnelidt t, const char *format, ...) __attribute__((format (printf, 5, 6)));
void _log_hex(int level, const char *title, const char *data, int maxsize);
@ -584,12 +584,12 @@ if (count++ < max) { \
void *array[20]; \
char **strings; \
int size, i; \
log(0, 0, 0, t, "Backtrace follows"); \
LOG(0, 0, 0, t, "Backtrace follows"); \
size = backtrace(array, 10); \
strings = backtrace_symbols(array, size); \
if (strings) for (i = 0; i < size; i++) \
{ \
log(0, 0, 0, t, "%s\n", strings[i]); \
LOG(0, 0, 0, t, "%s\n", strings[i]); \
} \
free(strings); \
}

4
plugin.h
View file

@ -25,8 +25,8 @@ enum
struct pluginfuncs
{
void (*_log)(int level, ipt address, sessionidt s, tunnelidt t, const char *format, ...);
void (*_log_hex)(int level, const char *title, const char *data, int maxsize);
void (*log)(int level, ipt address, sessionidt s, tunnelidt t, const char *format, ...);
void (*log_hex)(int level, const char *title, const char *data, int maxsize);
char *(*inet_toa)(unsigned long addr);
sessionidt (*get_session_by_username)(char *username);
sessiont *(*get_session_by_id)(sessionidt s);

196
ppp.c
View file

@ -1,6 +1,6 @@
// L2TPNS PPP Stuff
char const *cvs_id_ppp = "$Id: ppp.c,v 1.20 2004/11/05 02:21:55 bodea Exp $";
char const *cvs_id_ppp = "$Id: ppp.c,v 1.21 2004/11/05 04:55:27 bodea Exp $";
#include <stdio.h>
#include <string.h>
@ -34,17 +34,17 @@ void processpap(tunnelidt t, sessionidt s, u8 *p, u16 l)
CSTAT(call_processpap);
log_hex(5, "PAP", p, l);
LOG_HEX(5, "PAP", p, l);
if (l < 4)
{
log(1, 0, s, t, "Short PAP %u bytes\n", l);
LOG(1, 0, s, t, "Short PAP %u bytes\n", l);
STAT(tunnel_rx_errors);
return ;
}
if ((hl = ntohs(*(u16 *) (p + 2))) > l)
{
log(1, 0, s, t, "Length mismatch PAP %u/%u\n", hl, l);
LOG(1, 0, s, t, "Length mismatch PAP %u/%u\n", hl, l);
STAT(tunnel_rx_errors);
return ;
}
@ -52,7 +52,7 @@ void processpap(tunnelidt t, sessionidt s, u8 *p, u16 l)
if (*p != 1)
{
log(1, 0, s, t, "Unexpected PAP code %d\n", *p);
LOG(1, 0, s, t, "Unexpected PAP code %d\n", *p);
STAT(tunnel_rx_errors);
return ;
}
@ -67,7 +67,7 @@ void processpap(tunnelidt t, sessionidt s, u8 *p, u16 l)
if (*b && *b < sizeof(pass))
memcpy(pass, b + 1, *b);
pass[*b] = 0;
log(3, 0, s, t, "PAP login %s/%s\n", user, pass);
LOG(3, 0, s, t, "PAP login %s/%s\n", user, pass);
}
if (session[s].ip || !session[s].radius)
{
@ -76,7 +76,7 @@ void processpap(tunnelidt t, sessionidt s, u8 *p, u16 l)
u8 id = p[1];
u8 *p = makeppp(b, sizeof(b), 0, 0, t, s, PPPPAP);
if (!p) { // Failed to make ppp header!
log(1,0,0,0, "Failed to make PPP header in process pap!\n");
LOG(1,0,0,0, "Failed to make PPP header in process pap!\n");
return;
}
if (session[s].ip)
@ -88,14 +88,14 @@ void processpap(tunnelidt t, sessionidt s, u8 *p, u16 l)
p[4] = 0; // no message
if (session[s].ip)
{
log(3, session[s].ip, s, t, "%d Already an IP allocated: %s (%d)\n", getpid(), inet_toa(htonl(session[s].ip)), session[s].ip_pool_index);
LOG(3, session[s].ip, s, t, "Already an IP allocated: %s (%d)\n", inet_toa(htonl(session[s].ip)), session[s].ip_pool_index);
session[s].flags &= ~SF_IPCP_ACKED;
}
else
{
log(1, 0, s, t, "No radius session available to authenticate session...\n");
LOG(1, 0, s, t, "No radius session available to authenticate session...\n");
}
log(3, 0, s, t, "Fallback response to PAP (%s)\n", (session[s].ip) ? "ACK" : "NAK");
LOG(3, 0, s, t, "Fallback response to PAP (%s)\n", (session[s].ip) ? "ACK" : "NAK");
tunnelsend(b, 5 + (p - b), t); // send it
}
else
@ -108,7 +108,7 @@ void processpap(tunnelidt t, sessionidt s, u8 *p, u16 l)
run_plugins(PLUGIN_PRE_AUTH, &packet);
if (!packet.continue_auth)
{
log(3, 0, s, t, "A plugin rejected PRE_AUTH\n");
LOG(3, 0, s, t, "A plugin rejected PRE_AUTH\n");
if (packet.username) free(packet.username);
if (packet.password) free(packet.password);
return;
@ -121,7 +121,7 @@ void processpap(tunnelidt t, sessionidt s, u8 *p, u16 l)
free(packet.password);
radius[r].id = p[1];
log(3, 0, s, t, "Sending login for %s/%s to radius\n", user, pass);
LOG(3, 0, s, t, "Sending login for %s/%s to radius\n", user, pass);
radiussend(r, RADIUSAUTH);
}
}
@ -134,11 +134,11 @@ void processchap(tunnelidt t, sessionidt s, u8 *p, u16 l)
CSTAT(call_processchap);
log_hex(5, "CHAP", p, l);
LOG_HEX(5, "CHAP", p, l);
r = session[s].radius;
if (!r)
{
log(1, 0, s, t, "Unexpected CHAP message\n");
LOG(1, 0, s, t, "Unexpected CHAP message\n");
// FIXME: Need to drop the session here.
@ -148,14 +148,14 @@ void processchap(tunnelidt t, sessionidt s, u8 *p, u16 l)
if (l < 4)
{
log(1, 0, s, t, "Short CHAP %u bytes\n", l);
LOG(1, 0, s, t, "Short CHAP %u bytes\n", l);
STAT(tunnel_rx_errors);
return ;
}
if ((hl = ntohs(*(u16 *) (p + 2))) > l)
{
log(1, 0, s, t, "Length mismatch CHAP %u/%u\n", hl, l);
LOG(1, 0, s, t, "Length mismatch CHAP %u/%u\n", hl, l);
STAT(tunnel_rx_errors);
return ;
}
@ -163,20 +163,20 @@ void processchap(tunnelidt t, sessionidt s, u8 *p, u16 l)
if (*p != 2)
{
log(1, 0, s, t, "Unexpected CHAP response code %d\n", *p);
LOG(1, 0, s, t, "Unexpected CHAP response code %d\n", *p);
STAT(tunnel_rx_errors);
return;
}
if (p[1] != radius[r].id)
{
log(1, 0, s, t, "Wrong CHAP response ID %d (should be %d) (%d)\n", p[1], radius[r].id, r);
LOG(1, 0, s, t, "Wrong CHAP response ID %d (should be %d) (%d)\n", p[1], radius[r].id, r);
STAT(tunnel_rx_errors);
return ;
}
if (l < 5 || p[4] != 16)
{
log(1, 0, s, t, "Bad CHAP response length %d\n", l < 5 ? -1 : p[4]);
LOG(1, 0, s, t, "Bad CHAP response length %d\n", l < 5 ? -1 : p[4]);
STAT(tunnel_rx_errors);
return ;
}
@ -185,7 +185,7 @@ void processchap(tunnelidt t, sessionidt s, u8 *p, u16 l)
p += 5;
if (l < 16 || l - 16 >= sizeof(session[s].user))
{
log(1, 0, s, t, "CHAP user too long %d\n", l - 16);
LOG(1, 0, s, t, "CHAP user too long %d\n", l - 16);
STAT(tunnel_rx_errors);
return ;
}
@ -206,7 +206,7 @@ void processchap(tunnelidt t, sessionidt s, u8 *p, u16 l)
run_plugins(PLUGIN_PRE_AUTH, &packet);
if (!packet.continue_auth)
{
log(3, 0, s, t, "A plugin rejected PRE_AUTH\n");
LOG(3, 0, s, t, "A plugin rejected PRE_AUTH\n");
if (packet.username) free(packet.username);
if (packet.password) free(packet.password);
return;
@ -220,7 +220,7 @@ void processchap(tunnelidt t, sessionidt s, u8 *p, u16 l)
}
radius[r].chap = 1;
log(3, 0, s, t, "CHAP login %s\n", session[s].user);
LOG(3, 0, s, t, "CHAP login %s\n", session[s].user);
radiussend(r, RADIUSAUTH);
}
@ -245,9 +245,9 @@ void dumplcp(u8 *p, int l)
int x = l - 4;
u8 *o = (p + 4);
log_hex(5, "PPP LCP Packet", p, l);
log(4, 0, 0, 0, "PPP LCP Packet type %d (%s len %d)\n", *p, ppp_lcp_types[(int)*p], ntohs( ((u16 *) p)[1]) );
log(4, 0, 0, 0, "Length: %d\n", l);
LOG_HEX(5, "PPP LCP Packet", p, l);
LOG(4, 0, 0, 0, "PPP LCP Packet type %d (%s len %d)\n", *p, ppp_lcp_types[(int)*p], ntohs( ((u16 *) p)[1]) );
LOG(4, 0, 0, 0, "Length: %d\n", l);
if (*p != ConfigReq && *p != ConfigRej && *p != ConfigAck)
return;
@ -257,12 +257,12 @@ void dumplcp(u8 *p, int l)
int length = o[1];
if (length < 2)
{
log(4, 0, 0, 0, " Option length is %d...\n", length);
LOG(4, 0, 0, 0, " Option length is %d...\n", length);
break;
}
if (type == 0)
{
log(4, 0, 0, 0, " Option type is 0...\n");
LOG(4, 0, 0, 0, " Option type is 0...\n");
x -= length;
o += length;
continue;
@ -271,27 +271,27 @@ void dumplcp(u8 *p, int l)
{
case 1: // Maximum-Receive-Unit
if (length == 4)
log(4, 0, 0, 0, " %s %d\n", lcp_types[type], ntohs(*(u16 *)(o + 2)));
LOG(4, 0, 0, 0, " %s %d\n", lcp_types[type], ntohs(*(u16 *)(o + 2)));
else
log(4, 0, 0, 0, " %s odd length %d\n", lcp_types[type], length);
LOG(4, 0, 0, 0, " %s odd length %d\n", lcp_types[type], length);
break;
case 3: // Authentication-Protocol
{
if (length == 4)
{
int proto = ntohs(*(u16 *)(o + 2));
log(4, 0, 0, 0, " %s 0x%x (%s)\n", lcp_types[type], proto,
LOG(4, 0, 0, 0, " %s 0x%x (%s)\n", lcp_types[type], proto,
proto == PPPCHAP ? "CHAP" :
proto == PPPPAP ? "PAP" : "UNKNOWN");
}
else
log(4, 0, 0, 0, " %s odd length %d\n", lcp_types[type], length);
LOG(4, 0, 0, 0, " %s odd length %d\n", lcp_types[type], length);
break;
}
case 4: // Quality-Protocol
{
u32 qp = ntohl(*(u32 *)(o + 2));
log(4, 0, 0, 0, " %s %x\n", lcp_types[type], qp);
LOG(4, 0, 0, 0, " %s %x\n", lcp_types[type], qp);
break;
}
case 5: // Magic-Number
@ -299,24 +299,24 @@ void dumplcp(u8 *p, int l)
if (length == 6)
{
u32 magicno = ntohl(*(u32 *)(o + 2));
log(4, 0, 0, 0, " %s %x\n", lcp_types[type], magicno);
LOG(4, 0, 0, 0, " %s %x\n", lcp_types[type], magicno);
}
else
log(4, 0, 0, 0, " %s odd length %d\n", lcp_types[type], length);
LOG(4, 0, 0, 0, " %s odd length %d\n", lcp_types[type], length);
break;
}
case 7: // Protocol-Field-Compression
{
log(4, 0, 0, 0, " %s\n", lcp_types[type]);
LOG(4, 0, 0, 0, " %s\n", lcp_types[type]);
break;
}
case 8: // Address-And-Control-Field-Compression
{
log(4, 0, 0, 0, " %s\n", lcp_types[type]);
LOG(4, 0, 0, 0, " %s\n", lcp_types[type]);
break;
}
default:
log(2, 0, 0, 0, " Unknown PPP LCP Option type %d\n", type);
LOG(2, 0, 0, 0, " Unknown PPP LCP Option type %d\n", type);
break;
}
x -= length;
@ -334,17 +334,17 @@ void processlcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
CSTAT(call_processlcp);
log_hex(5, "LCP", p, l);
LOG_HEX(5, "LCP", p, l);
if (l < 4)
{
log(1, session[s].ip, s, t, "Short LCP %d bytes\n", l);
LOG(1, session[s].ip, s, t, "Short LCP %d bytes\n", l);
STAT(tunnel_rx_errors);
return ;
}
if ((hl = ntohs(*(u16 *) (p + 2))) > l)
{
log(1, 0, s, t, "Length mismatch LCP %u/%u\n", hl, l);
LOG(1, 0, s, t, "Length mismatch LCP %u/%u\n", hl, l);
STAT(tunnel_rx_errors);
return ;
}
@ -352,15 +352,15 @@ void processlcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
if (*p == ConfigAck)
{
log(3, session[s].ip, s, t, "LCP: Discarding ConfigAck\n");
session[s].flags |= SESSIONLCPACK;
LOG(3, session[s].ip, s, t, "LCP: Discarding ConfigAck\n");
session[s].flags |= SF_LCP_ACKED;
}
else if (*p == ConfigReq)
{
int x = l - 4;
u8 *o = (p + 4);
log(3, session[s].ip, s, t, "LCP: ConfigReq (%d bytes)...\n", l);
LOG(3, session[s].ip, s, t, "LCP: ConfigReq (%d bytes)...\n", l);
if (config->debug > 3) dumplcp(p, l);
while (x > 2)
@ -374,21 +374,21 @@ void processlcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
session[s].mru = ntohs(*(u16 *)(o + 2));
break;
case 2: // asyncmap
log_hex(2, "PPP LCP Packet", p, l);
log(2, 0, 0, 0, "PPP LCP Packet type %d (%s len %d)\n", *p, ppp_lcp_types[(int)*p], ntohs( ((u16 *) p)[1]) );
LOG_HEX(2, "PPP LCP Packet", p, l);
LOG(2, 0, 0, 0, "PPP LCP Packet type %d (%s len %d)\n", *p, ppp_lcp_types[(int)*p], ntohs( ((u16 *) p)[1]) );
break;
case 3: // Authentication-Protocol
{
int proto = ntohs(*(u16 *)(o + 2));
if (proto == PPPCHAP)
{
log(2, session[s].ip, s, t, " Remote end is trying to do CHAP. Rejecting it.\n");
LOG(2, session[s].ip, s, t, " Remote end is trying to do CHAP. Rejecting it.\n");
if (!q)
{
q = makeppp(b, sizeof(b), p, l, t, s, PPPLCP);
if (!q) {
log(2, session[s].ip, s, t, " Failed to send packet.\n");
LOG(2, session[s].ip, s, t, " Failed to send packet.\n");
break;
}
*q++ = ConfigNak;
@ -413,7 +413,7 @@ void processlcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
case 18:
{
// Reject LCP CallBack
log(2, session[s].ip, s, t, " PPP LCP Option type %d, len=%d\n", type, length);
LOG(2, session[s].ip, s, t, " PPP LCP Option type %d, len=%d\n", type, length);
memcpy(p + 4, o, length);
*(u16 *)(p + 2) = htons(length + 4);
*p = ConfigRej;
@ -424,7 +424,7 @@ void processlcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
default:
// Reject Unknown LCP Option to stop to send it again
log(2, session[s].ip, s, t, " Unknown PPP LCP Option type %d\n", type);
LOG(2, session[s].ip, s, t, " Unknown PPP LCP Option type %d\n", type);
memcpy(p + 4, o, length);
*(u16 *)(p + 2) = htons(length + 4);
*p = ConfigRej;
@ -436,16 +436,17 @@ void processlcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
o += length;
}
if (!(session[s].flags & SF_LCP_ACKED))
initlcp(t, s);
if (!q)
{
// Send back a ConfigAck
log(3, session[s].ip, s, t, "ConfigReq accepted, sending as Ack\n");
// for win2k L2TP clients and LCP renegotiation of alive session
if (magicno || l == 4 || (session[s].mru && l == 8)) initlcp(t, s);
LOG(3, session[s].ip, s, t, "ConfigReq accepted, sending as Ack\n");
q = makeppp(b, sizeof(b), p, l, t, s, PPPLCP);
if (!q)
{
log(3, session[s].ip, s, t, " failed to create packet.\n");
LOG(3, session[s].ip, s, t, " failed to create packet.\n");
return;
}
*q = ConfigAck;
@ -454,16 +455,13 @@ void processlcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
else
{
// Already built a ConfigNak... send it
log(3, session[s].ip, s, t, "Sending ConfigNak\n");
LOG(3, session[s].ip, s, t, "Sending ConfigNak\n");
tunnelsend(b, l + (q - b), t);
}
if (!(session[s].flags & SESSIONLCPACK))
initlcp(t, s);
}
else if (*p == ConfigNak)
{
log(1, session[s].ip, s, t, "Remote end sent a ConfigNak. Ignoring\n");
LOG(1, session[s].ip, s, t, "Remote end sent a ConfigNak. Ignoring\n");
if (config->debug > 3) dumplcp(p, l);
return ;
}
@ -472,10 +470,10 @@ void processlcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
*p = TerminateAck; // close
q = makeppp(b, sizeof(b), p, l, t, s, PPPLCP);
if (!q) {
log(3, session[s].ip, s, t, "Failed to create PPP packet in processlcp.\n");
LOG(3, session[s].ip, s, t, "Failed to create PPP packet in processlcp.\n");
return;
}
log(3, session[s].ip, s, t, "LCP: Received TerminateReq. Sending TerminateAck\n");
LOG(3, session[s].ip, s, t, "LCP: Received TerminateReq. Sending TerminateAck\n");
sessionshutdown(s, "Remote end closed connection.");
tunnelsend(b, l + (q - b), t); // send it
}
@ -489,10 +487,10 @@ void processlcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
*(u32 *) (p + 4) = htonl(session[s].magic); // our magic number
q = makeppp(b, sizeof(b), p, l, t, s, PPPLCP);
if (!q) {
log(3, session[s].ip, s, t, " failed to send EchoReply.\n");
LOG(3, session[s].ip, s, t, " failed to send EchoReply.\n");
return;
}
log(5, session[s].ip, s, t, "LCP: Received EchoReq. Sending EchoReply\n");
LOG(5, session[s].ip, s, t, "LCP: Received EchoReq. Sending EchoReply\n");
tunnelsend(b, l + (q - b), t); // send it
}
else if (*p == EchoReply)
@ -504,21 +502,21 @@ void processlcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
*p = CodeRej;
if (l > MAXCONTROL)
{
log(1, 0, s, t, "Truncated Ident Packet (length=%d) to 1400 bytes\n", l);
LOG(1, 0, s, t, "Truncated Ident Packet (length=%d) to 1400 bytes\n", l);
l = 1400;
}
q = makeppp(b, sizeof(b), p, l, t, s, PPPLCP);
if (!q)
{
log(3, session[s].ip, s, t, "Failed to create IdentRej.\n");
LOG(3, session[s].ip, s, t, "Failed to create IdentRej.\n");
return;
}
log_hex(5, "LCPIdentRej", q, l + 4);
LOG_HEX(5, "LCPIdentRej", q, l + 4);
tunnelsend(b, 12 + 4 + l, t);
}
else
{
log(1, session[s].ip, s, t, "Unexpected LCP code %d\n", *p);
LOG(1, session[s].ip, s, t, "Unexpected LCP code %d\n", *p);
STAT(tunnel_rx_errors);
return ;
}
@ -531,17 +529,17 @@ void processipcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
CSTAT(call_processipcp);
log_hex(5, "IPCP", p, l);
LOG_HEX(5, "IPCP", p, l);
if (l < 5)
{
log(1, 0, s, t, "Short IPCP %d bytes\n", l);
LOG(1, 0, s, t, "Short IPCP %d bytes\n", l);
STAT(tunnel_rx_errors);
return ;
}
if ((hl = ntohs(*(u16 *) (p + 2))) > l)
{
log(1, 0, s, t, "Length mismatch IPCP %u/%u\n", hl, l);
LOG(1, 0, s, t, "Length mismatch IPCP %u/%u\n", hl, l);
STAT(tunnel_rx_errors);
return ;
}
@ -560,20 +558,20 @@ void processipcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
}
session[s].flags |= SF_IPCP_ACKED;
log(3, session[s].ip, s, t, "IPCP Acked, session is now active\n");
LOG(3, session[s].ip, s, t, "IPCP Acked, session is now active\n");
return;
}
if (*p != ConfigReq)
{
log(1, 0, s, t, "Unexpected IPCP code %d\n", *p);
LOG(1, 0, s, t, "Unexpected IPCP code %d\n", *p);
STAT(tunnel_rx_errors);
return ;
}
log(4, session[s].ip, s, t, "IPCP ConfigReq received\n");
LOG(4, session[s].ip, s, t, "IPCP ConfigReq received\n");
if (!session[s].ip)
{
log(3, 0, s, t, "Waiting on radius reply\n");
LOG(3, 0, s, t, "Waiting on radius reply\n");
return; // have to wait on RADIUS reply
}
// form a config reply quoting the IP in the session
@ -597,7 +595,7 @@ void processipcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
i = p + l;
if (!(q = makeppp(b, sizeof(b), p, l, t, s, PPPIPCP)))
{
log(2, 0, s, t, "Failed to send IPCP ConfigRej\n");
LOG(2, 0, s, t, "Failed to send IPCP ConfigRej\n");
return;
}
*q = ConfigRej;
@ -606,19 +604,19 @@ void processipcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
{
if (*p != 0x81 && *p != 0x83 && *p != 3)
{
log(2, 0, s, t, "IPCP reject %d\n", *p);
LOG(2, 0, s, t, "IPCP reject %d\n", *p);
memcpy(q + n, p, p[1]);
n += p[1];
}
p += p[1];
}
*(u16 *) (q + 2) = htons(n);
log(4, session[s].ip, s, t, "Sending ConfigRej\n");
LOG(4, session[s].ip, s, t, "Sending ConfigRej\n");
tunnelsend(b, n + (q - b), t); // send it
}
else
{
log(4, session[s].ip, s, t, "Sending ConfigAck\n");
LOG(4, session[s].ip, s, t, "Sending ConfigAck\n");
*p = ConfigAck;
if ((i = findppp(p, 0x81))) // Primary DNS address
{
@ -626,7 +624,7 @@ void processipcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
{
*(u32 *) (i + 2) = htonl(session[s].dns1);
*p = ConfigNak;
log(5, session[s].ip, s, t, " DNS1 = %s\n", inet_toa(session[s].dns1));
LOG(5, session[s].ip, s, t, " DNS1 = %s\n", inet_toa(session[s].dns1));
}
}
if ((i = findppp(p, 0x83))) // Secondary DNS address (TBA, is it)
@ -635,13 +633,13 @@ void processipcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
{
*(u32 *) (i + 2) = htonl(session[s].dns2);
*p = ConfigNak;
log(5, session[s].ip, s, t, " DNS2 = %s\n", inet_toa(session[s].dns1));
LOG(5, session[s].ip, s, t, " DNS2 = %s\n", inet_toa(session[s].dns2));
}
}
i = findppp(p, 3); // IP address
if (!i || i[1] != 6)
{
log(1, 0, s, t, "No IP in IPCP request\n");
LOG(1, 0, s, t, "No IP in IPCP request\n");
STAT(tunnel_rx_errors);
return ;
}
@ -649,12 +647,12 @@ void processipcp(tunnelidt t, sessionidt s, u8 *p, u16 l)
{
*(u32 *) (i + 2) = htonl(session[s].ip);
*p = ConfigNak;
log(4, session[s].ip, s, t, " No, a ConfigNak, client is requesting IP - sending %s\n",
LOG(4, session[s].ip, s, t, " No, a ConfigNak, client is requesting IP - sending %s\n",
inet_toa(htonl(session[s].ip)));
}
if (!(q = makeppp(b, sizeof(b), p, l, t, s, PPPIPCP)))
{
log(2, 0, s, t, " Failed to send IPCP packet.\n");
LOG(2, 0, s, t, " Failed to send IPCP packet.\n");
return;
}
tunnelsend(b, l + (q - b), t); // send it
@ -672,13 +670,13 @@ void processipin(tunnelidt t, sessionidt s, u8 *p, u16 l)
CSTAT(call_processipin);
log_hex(5, "IP", p, l);
LOG_HEX(5, "IP", p, l);
ip = ntohl(*(u32 *)(p + 12));
if (l > MAXETHER)
{
log(1, ip, s, t, "IP packet too long %d\n", l);
LOG(1, ip, s, t, "IP packet too long %d\n", l);
STAT(tunnel_rx_errors);
return ;
}
@ -686,7 +684,7 @@ void processipin(tunnelidt t, sessionidt s, u8 *p, u16 l)
// no spoof (do sessionbyip to handled statically routed subnets)
if (ip != session[s].ip && sessionbyip(htonl(ip)) != s)
{
log(5, ip, s, t, "Dropping packet with spoofed IP %s\n", inet_toa(htonl(ip)));
LOG(5, ip, s, t, "Dropping packet with spoofed IP %s\n", inet_toa(htonl(ip)));
return;
}
@ -725,7 +723,7 @@ void processipin(tunnelidt t, sessionidt s, u8 *p, u16 l)
if (tun_write(p, l) < 0)
{
STAT(tun_tx_errors);
log(0, 0, s, t, "Error writing %d bytes to TUN device: %s (tunfd=%d, p=%p)\n",
LOG(0, 0, s, t, "Error writing %d bytes to TUN device: %s (tunfd=%d, p=%p)\n",
l, strerror(errno), tunfd, p);
}
@ -737,11 +735,11 @@ void processipin(tunnelidt t, sessionidt s, u8 *p, u16 l)
//
void send_ipin(sessionidt s, u8 *buf, int len)
{
log_hex(5, "IP in throttled", buf, len);
LOG_HEX(5, "IP in throttled", buf, len);
if (write(tunfd, buf, len) < 0)
{
STAT(tun_tx_errors);
log(0, 0, 0, 0, "Error writing %d bytes to TUN device: %s (tunfd=%d, p=%p)\n",
LOG(0, 0, 0, 0, "Error writing %d bytes to TUN device: %s (tunfd=%d, p=%p)\n",
len, strerror(errno), tunfd, buf);
}
@ -755,16 +753,16 @@ void send_ipin(sessionidt s, u8 *buf, int len)
}
// Process LCP messages
// Process CCP messages
void processccp(tunnelidt t, sessionidt s, u8 *p, u16 l)
{
CSTAT(call_processccp);
log_hex(5, "CCP", p, l);
LOG_HEX(5, "CCP", p, l);
if (l < 2 || (*p != ConfigReq && *p != TerminateReq))
{
log(1, 0, s, t, "Unexpected CCP request code %d\n", *p);
LOG(1, 0, s, t, "Unexpected CCP request code %d\n", *p);
STAT(tunnel_rx_errors);
return ;
}
@ -788,7 +786,7 @@ void processccp(tunnelidt t, sessionidt s, u8 *p, u16 l)
*p = TerminateAck; // close
if (!(q = makeppp(b, sizeof(b), p, l, t, s, PPPCCP)))
{
log(1,0,0,0, "Failed to send CCP packet.\n");
LOG(1,0,0,0, "Failed to send CCP packet.\n");
return;
}
tunnelsend(b, l + (q - b), t); // send it
@ -806,11 +804,11 @@ void sendchap(tunnelidt t, sessionidt s)
if (!r)
{
log(1, 0, s, t, "No RADIUS to send challenge\n");
LOG(1, 0, s, t, "No RADIUS to send challenge\n");
STAT(tunnel_tx_errors);
return ;
}
log(1, 0, s, t, "Send CHAP challenge\n");
LOG(1, 0, s, t, "Send CHAP challenge\n");
{
// new challenge
int n;
@ -831,7 +829,7 @@ void sendchap(tunnelidt t, sessionidt s)
}
q = makeppp(b, sizeof(b), 0, 0, t, s, PPPCHAP);
if (!q) {
log(1, 0, s, t, "failed to send CHAP challenge.\n");
LOG(1, 0, s, t, "failed to send CHAP challenge.\n");
return;
}
*q = 1; // challenge
@ -869,7 +867,7 @@ u8 *makeppp(u8 *b, int size, u8 *p, int l, tunnelidt t, sessionidt s, u16 mtype)
}
if (l + 12 > size) {
log(3,0,0,0, "Would have overflowed the buffer in makeppp: size %d, len %d.\n", size, l);
LOG(3,0,0,0, "Would have overflowed the buffer in makeppp: size %d, len %d.\n", size, l);
return NULL; // Run out of room to hold the packet!
}
if (p && l)
@ -904,10 +902,10 @@ void initlcp(tunnelidt t, sessionidt s)
q = makeppp(b, sizeof(b), NULL, 0, t, s, PPPLCP);
if (!q) {
log(1, 0, s, t, "Failed to send LCP ConfigReq.\n");
LOG(1, 0, s, t, "Failed to send LCP ConfigReq.\n");
return;
}
log(4, 0, s, t, "Sending LCP ConfigReq for PAP\n");
LOG(4, 0, s, t, "Sending LCP ConfigReq for PAP\n");
*q = ConfigReq;
*(u8 *)(q + 1) = (time_now % 255) + 1; // ID
*(u16 *)(q + 2) = htons(14); // Length
@ -929,7 +927,7 @@ void sendccp(tunnelidt t, sessionidt s)
*q = ConfigReq;
*(u8 *)(q + 1) = (time_now % 255) + 1; // ID
*(u16 *)(q + 2) = htons(4); // Length
log_hex(5, "PPPCCP", q, 4);
LOG_HEX(5, "PPPCCP", q, 4);
tunnelsend(b, (q - b) + 4 , t);
}

72
radius.c
View file

@ -1,6 +1,6 @@
// L2TPNS Radius Stuff
char const *cvs_id_radius = "$Id: radius.c,v 1.10 2004/09/02 04:18:07 fred_nerk Exp $";
char const *cvs_id_radius = "$Id: radius.c,v 1.11 2004/11/05 04:55:27 bodea Exp $";
#include <time.h>
#include <stdio.h>
@ -41,7 +41,7 @@ const char *radius_state(int state)
void initrad(void)
{
int i;
log(3, 0, 0, 0, "Creating %d sockets for RADIUS queries\n", config->num_radfds);
LOG(3, 0, 0, 0, "Creating %d sockets for RADIUS queries\n", config->num_radfds);
radfds = calloc(sizeof(int), config->num_radfds);
for (i = 0; i < config->num_radfds; i++)
{
@ -76,7 +76,7 @@ static u16 get_free_radius()
}
}
log(0, 0, 0, 0, "Can't find a free radius session! This is very bad!\n");
LOG(0, 0, 0, 0, "Can't find a free radius session! This is very bad!\n");
return 0;
}
@ -87,13 +87,13 @@ u16 radiusnew(sessionidt s)
/* re-use */
if (r)
{
log(3, 0, s, session[s].tunnel, "Re-used radius %d\n", r);
LOG(3, 0, s, session[s].tunnel, "Re-used radius %d\n", r);
return r;
}
if (!(r = get_free_radius()))
{
log(1, 0, s, session[s].tunnel, "No free RADIUS sessions\n");
LOG(1, 0, s, session[s].tunnel, "No free RADIUS sessions\n");
STAT(radius_overflow);
return 0;
};
@ -104,7 +104,7 @@ u16 radiusnew(sessionidt s)
radius[r].state = RADIUSWAIT;
radius[r].retry = TIME + 1200; // Wait at least 120 seconds to re-claim this.
log(3,0,s, session[s].tunnel, "Allocated radius %d\n", r);
LOG(3,0,s, session[s].tunnel, "Allocated radius %d\n", r);
return r;
}
@ -123,12 +123,12 @@ void radiussend(u16 r, u8 state)
s = radius[r].session;
if (!config->numradiusservers)
{
log(0, 0, s, session[s].tunnel, "No RADIUS servers\n");
LOG(0, 0, s, session[s].tunnel, "No RADIUS servers\n");
return;
}
if (!*config->radiussecret)
{
log(0, 0, s, session[s].tunnel, "No RADIUS secret\n");
LOG(0, 0, s, session[s].tunnel, "No RADIUS secret\n");
return;
}
@ -143,7 +143,7 @@ void radiussend(u16 r, u8 state)
radius[r].try = 0;
radius[r].state = state;
radius[r].retry = backoff(radius[r].try++);
log(4, 0, s, session[s].tunnel, "Send RADIUS id %d sock %d state %s try %d\n",
LOG(4, 0, s, session[s].tunnel, "Send RADIUS id %d sock %d state %s try %d\n",
r >> RADIUS_SHIFT, r & RADIUS_MASK,
radius_state(radius[r].state), radius[r].try);
if (radius[r].try > config->numradiusservers * 2)
@ -154,7 +154,7 @@ void radiussend(u16 r, u8 state)
sessionshutdown(s, "RADIUS timeout");
else
{
log(1, 0, s, session[s].tunnel, "RADIUS timeout, but in state %s so don't timeout session\n",
LOG(1, 0, s, session[s].tunnel, "RADIUS timeout, but in state %s so don't timeout session\n",
radius_states[state]);
radiusclear(r, s);
}
@ -179,7 +179,7 @@ void radiussend(u16 r, u8 state)
b[0] = 4; // accounting request
break;
default:
log(0, 0, 0, 0, "Unknown radius state %d\n", state);
LOG(0, 0, 0, 0, "Unknown radius state %d\n", state);
}
b[1] = r >> RADIUS_SHIFT; // identifier
memcpy(b + 4, radius[r].auth, 16);
@ -354,7 +354,7 @@ void radiussend(u16 r, u8 state)
addr.sin_port = htons((state == RADIUSAUTH) ? port : port+1);
}
log_hex(5, "RADIUS Send", b, (p - b));
LOG_HEX(5, "RADIUS Send", b, (p - b));
sendto(radfds[r & RADIUS_MASK], b, p - b, 0, (void *) &addr, sizeof(addr));
}
@ -377,25 +377,25 @@ void processrad(u8 *buf, int len, char socket_index)
CSTAT(call_processrad);
log_hex(5, "RADIUS Response", buf, len);
LOG_HEX(5, "RADIUS Response", buf, len);
if (len < 20 || len < ntohs(*(u16 *) (buf + 2)))
{
log(1, 0, 0, 0, "Duff RADIUS response length %d\n", len);
LOG(1, 0, 0, 0, "Duff RADIUS response length %d\n", len);
return ;
}
len = ntohs(*(u16 *) (buf + 2));
r = socket_index | (r_id << RADIUS_SHIFT);
s = radius[r].session;
log(3, 0, s, session[s].tunnel, "Received %s, radius %d response for session %u (code %d, id %d)\n",
LOG(3, 0, s, session[s].tunnel, "Received %s, radius %d response for session %u (code %d, id %d)\n",
radius_states[radius[r].state], r, s, r_code, r_id);
if (!s && radius[r].state != RADIUSSTOP)
{
log(1, 0, s, session[s].tunnel, " Unexpected RADIUS response\n");
LOG(1, 0, s, session[s].tunnel, " Unexpected RADIUS response\n");
return;
}
if (radius[r].state != RADIUSAUTH && radius[r].state != RADIUSSTART && radius[r].state != RADIUSSTOP)
{
log(1, 0, s, session[s].tunnel, " Unexpected RADIUS response\n");
LOG(1, 0, s, session[s].tunnel, " Unexpected RADIUS response\n");
return;
}
t = session[s].tunnel;
@ -408,19 +408,19 @@ void processrad(u8 *buf, int len, char socket_index)
do {
if (memcmp(hash, buf + 4, 16))
{
log(0, 0, s, session[s].tunnel, " Incorrect auth on RADIUS response!! (wrong secret in radius config?)\n");
LOG(0, 0, s, session[s].tunnel, " Incorrect auth on RADIUS response!! (wrong secret in radius config?)\n");
return; // Do nothing. On timeout, it will try the next radius server.
}
if ((radius[r].state == RADIUSAUTH && *buf != 2 && *buf != 3) ||
((radius[r].state == RADIUSSTART || radius[r].state == RADIUSSTOP) && *buf != 5))
{
log(1, 0, s, session[s].tunnel, " Unexpected RADIUS response %d\n", *buf);
LOG(1, 0, s, session[s].tunnel, " Unexpected RADIUS response %d\n", *buf);
return; // We got something we didn't expect. Let the timeouts take
// care off finishing the radius session if that's really correct.
}
if (radius[r].state == RADIUSAUTH)
{
log(4, 0, s, session[s].tunnel, " Original response is \"%s\"\n", (*buf == 2) ? "accept" : "reject");
LOG(4, 0, s, session[s].tunnel, " Original response is \"%s\"\n", (*buf == 2) ? "accept" : "reject");
// process auth response
if (radius[r].chap)
{
@ -435,7 +435,7 @@ void processrad(u8 *buf, int len, char socket_index)
*buf = packet.auth_allowed ? 2 : 3;
}
log(3, 0, s, session[s].tunnel, " CHAP User %s authentication %s.\n", session[s].user,
LOG(3, 0, s, session[s].tunnel, " CHAP User %s authentication %s.\n", session[s].user,
(*buf == 2) ? "allowed" : "denied");
*p = (*buf == 2) ? 3 : 4; // ack/nak
p[1] = radius[r].id;
@ -455,7 +455,7 @@ void processrad(u8 *buf, int len, char socket_index)
*buf = packet.auth_allowed ? 2 : 3;
}
log(3, 0, s, session[s].tunnel, " PAP User %s authentication %s.\n", session[s].user,
LOG(3, 0, s, session[s].tunnel, " PAP User %s authentication %s.\n", session[s].user,
(*buf == 2) ? "allowed" : "denied");
// ack/nak
*p = *buf;
@ -476,20 +476,20 @@ void processrad(u8 *buf, int len, char socket_index)
if (*p == 8)
{
// Statically assigned address
log(3, 0, s, session[s].tunnel, " Radius reply contains IP address %s\n", inet_toa(*(u32 *) (p + 2)));
LOG(3, 0, s, session[s].tunnel, " Radius reply contains IP address %s\n", inet_toa(*(u32 *) (p + 2)));
session[s].ip = ntohl(*(u32 *) (p + 2));
session[s].ip_pool_index = -1;
}
else if (*p == 135)
{
// DNS address
log(3, 0, s, session[s].tunnel, " Radius reply contains primary DNS address %s\n", inet_toa(*(u32 *) (p + 2)));
LOG(3, 0, s, session[s].tunnel, " Radius reply contains primary DNS address %s\n", inet_toa(*(u32 *) (p + 2)));
session[s].dns1 = ntohl(*(u32 *) (p + 2));
}
else if (*p == 136)
{
// DNS address
log(3, 0, s, session[s].tunnel, " Radius reply contains secondary DNS address %s\n", inet_toa(*(u32 *) (p + 2)));
LOG(3, 0, s, session[s].tunnel, " Radius reply contains secondary DNS address %s\n", inet_toa(*(u32 *) (p + 2)));
session[s].dns2 = ntohl(*(u32 *) (p + 2));
}
else if (*p == 22)
@ -527,14 +527,14 @@ void processrad(u8 *buf, int len, char socket_index)
mask = 0xFFFFFF00;
if (routes == MAXROUTE)
{
log(1, 0, s, session[s].tunnel, " Too many routes\n");
LOG(1, 0, s, session[s].tunnel, " Too many routes\n");
}
else if (ip)
{
char *ips, *masks;
ips = strdup(inet_toa(htonl(ip)));
masks = strdup(inet_toa(htonl(mask)));
log(3, 0, s, session[s].tunnel, " Radius reply contains route for %s/%s\n", ips, masks);
LOG(3, 0, s, session[s].tunnel, " Radius reply contains route for %s/%s\n", ips, masks);
free(ips);
free(masks);
session[s].route[routes].ip = ip;
@ -548,16 +548,16 @@ void processrad(u8 *buf, int len, char socket_index)
int vendor = ntohl(*(int *)(p + 2));
char attrib = *(p + 6);
char attrib_length = *(p + 7) - 2;
log(3, 0, s, session[s].tunnel, " Radius reply contains Vendor-Specific. Vendor=%d Attrib=%d Length=%d\n", vendor, attrib, attrib_length);
LOG(3, 0, s, session[s].tunnel, " Radius reply contains Vendor-Specific. Vendor=%d Attrib=%d Length=%d\n", vendor, attrib, attrib_length);
if (attrib_length == 0) continue;
if (attrib != 1)
log(3, 0, s, session[s].tunnel, " Unknown vendor-specific\n");
LOG(3, 0, s, session[s].tunnel, " Unknown vendor-specific\n");
else
{
char *avpair, *value, *key, *newp;
avpair = key = calloc(attrib_length + 1, 1);
memcpy(avpair, p + 8, attrib_length);
log(3, 0, s, session[s].tunnel, " Cisco-Avpair value: %s\n", avpair);
LOG(3, 0, s, session[s].tunnel, " Cisco-Avpair value: %s\n", avpair);
do {
value = strchr(key, '=');
if (!value) break;
@ -589,7 +589,7 @@ void processrad(u8 *buf, int len, char socket_index)
}
else if (*buf == 3)
{
log(2, 0, s, session[s].tunnel, " Authentication denied for %s\n", session[s].user);
LOG(2, 0, s, session[s].tunnel, " Authentication denied for %s\n", session[s].user);
//FIXME: We should tear down the session here!
break;
}
@ -597,12 +597,12 @@ void processrad(u8 *buf, int len, char socket_index)
if (!session[s].dns1 && config->default_dns1)
{
session[s].dns1 = htonl(config->default_dns1);
log(3, 0, s, t, " Sending dns1 = %s\n", inet_toa(config->default_dns1));
LOG(3, 0, s, t, " Sending dns1 = %s\n", inet_toa(config->default_dns1));
}
if (!session[s].dns2 && config->default_dns2)
{
session[s].dns2 = htonl(config->default_dns2);
log(3, 0, s, t, " Sending dns2 = %s\n", inet_toa(config->default_dns2));
LOG(3, 0, s, t, " Sending dns2 = %s\n", inet_toa(config->default_dns2));
}
// Valid Session, set it up
@ -612,7 +612,7 @@ void processrad(u8 *buf, int len, char socket_index)
else
{
// An ack for a stop or start record.
log(3, 0, s, t, " RADIUS accounting ack recv in state %s\n", radius_states[radius[r].state]);
LOG(3, 0, s, t, " RADIUS accounting ack recv in state %s\n", radius_states[radius[r].state]);
break;
}
} while (0);
@ -654,7 +654,7 @@ void radiusretry(u16 r)
case RADIUSWAIT: // waiting timeout before available, in case delayed reply from RADIUS server
// free up RADIUS task
radiusclear(r, s);
log(3, 0, s, session[s].tunnel, "Freeing up radius session %d\n", r);
LOG(3, 0, s, session[s].tunnel, "Freeing up radius session %d\n", r);
break;
}
}
@ -663,7 +663,7 @@ void radius_clean()
{
int i;
log(1, 0, 0, 0, "Cleaning radius session array\n");
LOG(1, 0, 0, 0, "Cleaning radius session array\n");
for (i = 1; i < MAXRADIUS; i++)
{

4
stripdomain.c
View file

@ -4,7 +4,7 @@
/* strip domain part of username before sending RADIUS requests */
char const *cvs_id = "$Id: stripdomain.c,v 1.3 2004/11/05 02:39:35 bodea Exp $";
char const *cvs_id = "$Id: stripdomain.c,v 1.4 2004/11/05 04:55:27 bodea Exp $";
int __plugin_api_version = 1;
static struct pluginfuncs *p = 0;
@ -18,7 +18,7 @@ int plugin_pre_auth(struct param_pre_auth *data)
// Strip off @domain
if ((x = strchr(data->username, '@')))
{
p->_log(3, 0, 0, 0, "Stripping off trailing domain name \"%s\"\n", x);
p->log(3, 0, 0, 0, "Stripping off trailing domain name \"%s\"\n", x);
*x = 0;
}

10
tbf.c
View file

@ -1,6 +1,6 @@
// L2TPNS: token bucket filters
char const *cvs_id_tbf = "$Id: tbf.c,v 1.8 2004/10/29 04:01:11 bodea Exp $";
char const *cvs_id_tbf = "$Id: tbf.c,v 1.9 2004/11/05 04:55:27 bodea Exp $";
#include <string.h>
#include "l2tpns.h"
@ -54,7 +54,7 @@ static void del_from_timer(int id)
if (filter_list[id].next == id) { // Last element in chain?
if (timer_chain != id) { // WTF?
log(0,0,0,0, "Removed a singleton element from TBF, but tc didn't point to it!\n");
LOG(0,0,0,0, "Removed a singleton element from TBF, but tc didn't point to it!\n");
} else
timer_chain = -1;
filter_list[id].next = filter_list[id].prev = 0;
@ -96,7 +96,7 @@ int new_tbf(int sid, int max_credit, int rate, void (*f)(sessionidt, u8 *, int))
int i;
static int p = 0;
log(4,0,0,0, "Allocating new TBF (sess %d, rate %d, helper %p)\n", sid, rate, f);
LOG(4,0,0,0, "Allocating new TBF (sess %d, rate %d, helper %p)\n", sid, rate, f);
if (!filter_list)
return 0; // Couldn't alloc memory!
@ -116,7 +116,7 @@ int new_tbf(int sid, int max_credit, int rate, void (*f)(sessionidt, u8 *, int))
return p;
}
log(0,0,0,0, "Ran out of token bucket filters! Sess %d will be un-throttled\n", sid);
LOG(0,0,0,0, "Ran out of token bucket filters! Sess %d will be un-throttled\n", sid);
return 0;
}
@ -300,7 +300,7 @@ int tbf_run_timer(void)
if (filter_list[i].lasttime == TIME) // Did we just run it?
continue;
log(1,0,0,0, "Missed tbf %d! Not on the timer chain?(n %d, p %d, tc %d)\n", i,
LOG(1,0,0,0, "Missed tbf %d! Not on the timer chain?(n %d, p %d, tc %d)\n", i,
filter_list[i].next, filter_list[i].prev, timer_chain);
tbf_run_queue(i);
}

6
util.c
View file

@ -1,6 +1,6 @@
/* Misc util functions */
char const *cvs_id_util = "$Id: util.c,v 1.4 2004/11/02 04:35:04 bodea Exp $";
char const *cvs_id_util = "$Id: util.c,v 1.5 2004/11/05 04:55:27 bodea Exp $";
#include <unistd.h>
#include <errno.h>
@ -51,8 +51,8 @@ pid_t fork_and_close()
params.sched_priority = 0;
if (sched_setscheduler(0, SCHED_OTHER, &params))
{
log(0, 0, 0, 0, "Error setting scheduler to OTHER after fork: %s\n", strerror(errno));
log(0, 0, 0, 0, "This is probably really really bad.\n");
LOG(0, 0, 0, 0, "Error setting scheduler to OTHER after fork: %s\n", strerror(errno));
LOG(0, 0, 0, 0, "This is probably really really bad.\n");
}
}