rpms/l2tpd/devel l2tpd-async-sync.patch, NONE, 1.1 l2tpd-changelog.patch, NONE, 1.1 l2tpd-chapsecrets.sample, NONE, 1.1 l2tpd-gcc4-fixes.patch, NONE, 1.1 l2tpd-log-strerr.patch, NONE, 1.1 l2tpd-log.patch, NONE, 1.1 l2tpd-max-retries.patch, NONE, 1.1 l2tpd-moredebug.patch, NONE, 1.1 l2tpd-move-pty-logic.patch, NONE, 1.1 l2tpd-nodebug-default.patch, NONE, 1.1 l2tpd-options.l2tpd, NONE, 1.1 l2tpd-patents.patch, NONE, 1.1 l2tpd-socket.patch, NONE, 1.1 l2tpd-solaris.patch, NONE, 1.1 l2tpd-stopccn.patch, NONE, 1.1 l2tpd-uaddr.patch, NONE, 1.1 l2tpd-version.patch, NONE, 1.1 l2tpd.conf, NONE, 1.1 l2tpd.init, NONE, 1.1 l2tpd.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
Paul Wouters (pwouters)
fedora-extras-commits at redhat.com
Thu Dec 15 19:15:35 UTC 2005
Author: pwouters
Update of /cvs/extras/rpms/l2tpd/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6473/devel
Modified Files:
.cvsignore sources
Added Files:
l2tpd-async-sync.patch l2tpd-changelog.patch
l2tpd-chapsecrets.sample l2tpd-gcc4-fixes.patch
l2tpd-log-strerr.patch l2tpd-log.patch l2tpd-max-retries.patch
l2tpd-moredebug.patch l2tpd-move-pty-logic.patch
l2tpd-nodebug-default.patch l2tpd-options.l2tpd
l2tpd-patents.patch l2tpd-socket.patch l2tpd-solaris.patch
l2tpd-stopccn.patch l2tpd-uaddr.patch l2tpd-version.patch
l2tpd.conf l2tpd.init l2tpd.spec
Log Message:
auto-import l2tpd-0.69-0.1.20051030.2 on branch devel from l2tpd-0.69-0.1.20051030.2.src.rpm
l2tpd-async-sync.patch:
--- NEW FILE l2tpd-async-sync.patch ---
diff-tree b240ad8ce83e0a0dbee533cb2862a5eafb937504 (from e64441dcd5c020067921fb370c738aeb20de7dd8)
Author: Michael Richardson <mcr at xelerance.com>
Date: Fri Nov 25 13:04:50 2005 -0500
async/sync conversion routines must be ready for possibility
that the read will block due to routing loops
diff --git a/call.c b/call.c
--- a/call.c
+++ b/call.c
@@ -97,88 +97,112 @@ int read_packet (struct buffer *buf, int
static unsigned char rbuf[MAX_RECV_SIZE];
static int pos = 0;
static int max = 0;
int res;
int errors = 0;
+
/* Read a packet, doing async->sync conversion if necessary */
p = buf->start;
while (1)
{
if (pos >= max)
{
- max = read (fd, rbuf, sizeof (rbuf));
+ max = read(fd, rbuf, sizeof (rbuf));
res = max;
pos = 0;
}
else
{
res = 1;
}
+
c = rbuf[pos++];
+
+ /* if there was a short read, then see what is about */
if (res < 1)
{
if (res == 0)
{
/*
* Hmm.. Nothing to read. It happens
*/
+ pos=0;
+ max=0;
return 0;
-/* } else if ((errno == EINTR ) || (errno == EAGAIN)) { */
}
else if ((errno == EIO) || (errno == EINTR) || (errno == EAGAIN))
{
/*
* Oops, we were interrupted!
* Or, we ran out of data too soon
* anyway, we discared whatever it is we
* have
*/
+ pos=0;
+ max=0;
return 0;
}
errors++;
l2tp_log (LOG_DEBUG, "%s: Error %d (%s)\n", __FUNCTION__, errno,
strerror (errno));
if (errors > 10)
{
l2tp_log (LOG_DEBUG,
"%s: Too many errors. Declaring call dead.\n",
__FUNCTION__);
+ pos=0;
+ max=0;
return -errno;
}
continue;
}
+
switch (c)
{
case PPP_FLAG:
if (escape)
{
l2tp_log (LOG_DEBUG, "%s: got an escaped PPP_FLAG\n",
__FUNCTION__);
+ pos=0;
+ max=0;
return -EINVAL;
}
+
if (convert)
{
- if (!buf->len)
+ if (buf->len == 0) {
+ /* if the buffer is empty, then we have the beginning
+ * of a packet, not the end
+ */
break;
- /* Drop the FCS */
+ }
+
+ /* must be the end, drop the FCS */
buf->len -= 2;
}
else
{
+ /* if there is space, then insert the byte */
if (buf->len < buf->maxlen)
{
*p = c;
p++;
buf->len++;
}
}
+
+ /* return what we have now */
return buf->len;
+
case PPP_ESCAPE:
escape = PPP_TRANS;
if (convert)
break;
+
+ /* fall through */
default:
if (convert)
c ^= escape;
escape = 0;
if (buf->len < buf->maxlen)
@@ -187,10 +211,12 @@ int read_packet (struct buffer *buf, int
p++;
buf->len++;
break;
};
l2tp_log (LOG_WARN, "%s: read overrun\n", __FUNCTION__);
+ pos=0;
+ max=0;
return -EINVAL;
}
}
/* I should never get here */
l2tpd-changelog.patch:
--- NEW FILE l2tpd-changelog.patch ---
--- l2tpd-0.69cvs20051030/CHANGELOG.Xelerance 1969-12-31 19:00:00.000000000 -0500
+++ l2tpd/CHANGELOG.Xelerance 2005-11-27 18:50:17.000000000 -0500
@@ -0,0 +1,16 @@
+changes to the sourceforge.net sources by Xelerance
+
+- fixes for gcc 4.xx compilation
+- various debugging added, but debugging should not be on by default
+- async/sync conversion routines must be ready for possibility that the read
+ will block due to routing loops
+- refactor control socket handling.
+- use man page in doc/
+- move all logic about pty usage to pty.c try ptmx first. if it fails try
+ legacy ptys
+- rename log() to l2tp_log(), as "log" is a math function.
+- First version managed by Xelerance, called xl2tpd.
+- if we aren't deamonized, then log to stderr.
+- added install: and DESTDIR support
+
+
--- NEW FILE l2tpd-chapsecrets.sample ---
# Secrets for authentication using CHAP
# client server secret IP addresses
jacco * "mysecret" 192.168.1.128/25
* jacco "mysecret" 192.168.1.128/25
sam * "rumpelstiltskin" 192.168.1.5
* sam "rumpelstiltskin" 192.168.1.5
l2tpd-gcc4-fixes.patch:
--- NEW FILE l2tpd-gcc4-fixes.patch ---
diff-tree a30a4defe933ca15aea4986535664774520ec9fa (from f09c91543dc84206a7a82db62bab09b8a52da44a)
Author: Michael Richardson <mcr at via.toronto.xelerance.com>
Date: Fri Nov 25 14:18:37 2005 -0500
fixes for gcc 4.xx
(cherry picked from bfbd2c3c96ffc17453427ea3ea62c70572be5cae commit)
diff --git a/aaa.c b/aaa.c
--- a/aaa.c
+++ b/aaa.c
@@ -23,11 +23,11 @@
extern void bufferDump (char *, int);
/* FIXME: Accounting? */
-static struct addr_ent *uaddr[ADDR_HASH_SIZE];
+struct addr_ent *uaddr[ADDR_HASH_SIZE];
void init_addr ()
{
int x;
for (x = 0; x < ADDR_HASH_SIZE; x++)
@@ -45,11 +45,11 @@ static int ip_used (unsigned int addr)
tmp = tmp->next;
}
return 0;
}
-void mk_challenge (char *c, int length)
+void mk_challenge (unsigned char *c, int length)
{
get_entropy(c, length);
/* int x;
int *s = (int *) c;
@@ -131,11 +131,11 @@ unsigned int get_addr (struct iprange *i
ipr = ipr->next;
}
return 0;
}
-int get_secret (char *us, char *them, char *secret, int size)
+int get_secret (char *us, char *them, unsigned char *secret, int size)
{
FILE *f;
char buf[STRLEN];
char *u, *t, *s;
int num = 0;
@@ -204,11 +204,11 @@ int get_secret (char *us, char *them, ch
#ifdef DEBUG_AUTH
l2tp_log (LOG_DEBUG,
"%s: we are '%s', they are '%s', secret is '%s'\n",
__FUNCTION__, u, t, s);
#endif
- strncpy (secret, s, size);
+ strncpy ((char *)secret, s, size);
fclose(f);
return -1;
}
}
fclose(f);
@@ -249,10 +249,11 @@ int handle_challenge (struct tunnel *t,
if (t->lac->peername[0])
them = t->lac->peername;
else
them = t->hostname;
}
+
if (!get_secret (us, them, chal->secret, sizeof (chal->secret)))
{
l2tp_log (LOG_DEBUG, "%s: no secret found for us='%s' and them='%s'\n",
__FUNCTION__, us, them);
return -1;
@@ -270,11 +271,11 @@ int handle_challenge (struct tunnel *t,
#endif
memset (chal->response, 0, MD_SIG_SIZE);
MD5Init (&chal->md5);
MD5Update (&chal->md5, &chal->ss, 1);
- MD5Update (&chal->md5, chal->secret, strlen (chal->secret));
+ MD5Update (&chal->md5, chal->secret, strlen ((char *)chal->secret));
MD5Update (&chal->md5, chal->challenge, chal->chal_len);
MD5Final (chal->response, &chal->md5);
#ifdef DEBUG_AUTH
l2tp_log (LOG_DEBUG, "response is %X%X%X%X to '%s' and %X%X%X%X, %d\n",
*((int *) &chal->response[0]),
@@ -366,11 +367,11 @@ void encrypt_avp (struct buffer *buf, _u
struct avp_hdr *new_hdr =
(struct avp_hdr *) (buf->start + buf->len - len);
struct avp_hdr *old_hdr =
(struct avp_hdr *) (buf->start + buf->len - len + 2);
_u16 length, flags, attr; /* New length, old flags */
- char *ptr, *end;
+ unsigned char *ptr, *end;
int cnt;
unsigned char digest[MD_SIG_SIZE];
unsigned char *previous_segment;
/* FIXME: Should I pad more randomly? Right now I pad to nearest 16 bytes */
@@ -390,17 +391,17 @@ void encrypt_avp (struct buffer *buf, _u
/* Back to the beginning of real data, including the original length AVP */
MD5Init (&t->chal_them.md5);
MD5Update (&t->chal_them.md5, (void *) &attr, 2);
MD5Update (&t->chal_them.md5, t->chal_them.secret,
- strlen (t->chal_them.secret));
+ strlen ((char *)t->chal_them.secret));
MD5Update (&t->chal_them.md5, t->chal_them.vector, VECTOR_SIZE);
MD5Final (digest, &t->chal_them.md5);
/* Though not a "MUST" in the spec, our subformat length is always a multiple of 16 */
- ptr = ((char *) new_hdr) + sizeof (struct avp_hdr);
- end = ((char *) new_hdr) + length;
+ ptr = ((unsigned char *) new_hdr) + sizeof (struct avp_hdr);
+ end = ((unsigned char *) new_hdr) + length;
previous_segment = ptr;
while (ptr < end)
{
#if DEBUG_HIDDEN
l2tp_log (LOG_DEBUG, "%s: The digest to be XOR'ed\n", __FUNCTION__);
@@ -418,11 +419,11 @@ void encrypt_avp (struct buffer *buf, _u
#endif
if (ptr < end)
{
MD5Init (&t->chal_them.md5);
MD5Update (&t->chal_them.md5, t->chal_them.secret,
- strlen (t->chal_them.secret));
+ strlen ((char *)t->chal_them.secret));
MD5Update (&t->chal_them.md5, previous_segment, MD_SIG_SIZE);
MD5Final (digest, &t->chal_them.md5);
}
previous_segment = ptr;
}
@@ -433,17 +434,17 @@ int decrypt_avp (char *buf, struct tunne
/* Decrypts a hidden AVP pointed to by buf. The
new header will be exptected to be two characters
offset from the old */
int cnt = 0;
int len, olen, flags;
- char digest[MD_SIG_SIZE];
+ unsigned char digest[MD_SIG_SIZE];
char *ptr, *end;
_u16 attr;
struct avp_hdr *old_hdr = (struct avp_hdr *) buf;
struct avp_hdr *new_hdr = (struct avp_hdr *) (buf + 2);
int saved_segment_len; /* maybe less 16; may be used if the cipher is longer than 16 octets */
- char saved_segment[MD_SIG_SIZE];
+ unsigned char saved_segment[MD_SIG_SIZE];
ptr = ((char *) old_hdr) + sizeof (struct avp_hdr);
olen = old_hdr->length & 0x0FFF;
end = buf + olen;
if (!t->chal_us.vector)
{
@@ -456,11 +457,11 @@ int decrypt_avp (char *buf, struct tunne
have to be more careful than when encrypting */
attr = ntohs (old_hdr->attr);
MD5Init (&t->chal_us.md5);
MD5Update (&t->chal_us.md5, (void *) &attr, 2);
MD5Update (&t->chal_us.md5, t->chal_us.secret,
- strlen (t->chal_us.secret));
+ strlen ((char *)t->chal_us.secret));
MD5Update (&t->chal_us.md5, t->chal_us.vector, t->chal_us.vector_len);
MD5Final (digest, &t->chal_us.md5);
#ifdef DEBUG_HIDDEN
l2tp_log (LOG_DEBUG, "attribute is %d and challenge is: ", attr);
print_challenge (&t->chal_us);
@@ -471,11 +472,11 @@ int decrypt_avp (char *buf, struct tunne
{
if (cnt >= MD_SIG_SIZE)
{
MD5Init (&t->chal_us.md5);
MD5Update (&t->chal_us.md5, t->chal_us.secret,
- strlen (t->chal_us.secret));
+ strlen ((char *)t->chal_us.secret));
MD5Update (&t->chal_us.md5, saved_segment, MD_SIG_SIZE);
MD5Final (digest, &t->chal_us.md5);
cnt = 0;
}
/* at the beginning of each segment, we save the current segment (16 octets or less) of cipher
diff --git a/aaa.h b/aaa.h
--- a/aaa.h
+++ b/aaa.h
@@ -50,7 +50,7 @@ extern struct lns *get_lns (struct tunne
extern unsigned int get_addr (struct iprange *);
extern void reserve_addr (unsigned int);
extern void unreserve_addr (unsigned int);
extern void init_addr ();
extern int handle_challenge (struct tunnel *, struct challenge *);
-extern void mk_challenge (char *, int);
+extern void mk_challenge (unsigned char *, int);
#endif
diff --git a/avp.h b/avp.h
--- a/avp.h
+++ b/avp.h
@@ -112,11 +112,11 @@ extern int ignore_avp (struct tunnel *,
extern int seq_reqd_avp (struct tunnel *, struct call *, void *, int);
extern int challenge_avp (struct tunnel *, struct call *, void *, int);
extern int chalresp_avp (struct tunnel *, struct call *, void *, int);
extern int rand_vector_avp (struct tunnel *, struct call *, void *, int);
-extern int add_challenge_avp (struct buffer *, char *, int);
+extern int add_challenge_avp (struct buffer *, unsigned char *, int);
extern int add_avp_rws (struct buffer *, _u16);
extern int add_tunnelid_avp (struct buffer *, _u16);
extern int add_vendor_avp (struct buffer *);
extern int add_hostname_avp (struct buffer *, const char *);
extern int add_firmware_avp (struct buffer *);
@@ -135,10 +135,10 @@ extern int add_callid_avp (struct buffer
#else
extern int add_callid_avp (struct buffer *, _u16);
#endif
extern int add_ppd_avp (struct buffer *, _u16);
extern int add_seqreqd_avp (struct buffer *);
-extern int add_chalresp_avp (struct buffer *, char *, int);
-extern int add_randvect_avp (struct buffer *, char *, int);
+extern int add_chalresp_avp (struct buffer *, unsigned char *, int);
+extern int add_randvect_avp (struct buffer *, unsigned char *, int);
extern int add_minbps_avp (struct buffer *buf, int speed); /* jz: needed for outgoing call */
extern int add_maxbps_avp (struct buffer *buf, int speed); /* jz: needed for outgoing call */
extern int add_number_avp (struct buffer *buf, char *no); /* jz: needed for outgoing call */
diff --git a/avpsend.c b/avpsend.c
--- a/avpsend.c
+++ b/avpsend.c
@@ -125,27 +125,27 @@ int add_avp_rws (struct buffer *buf, _u1
ptr->s0 = htons (rws);
buf->len += 0x8;
return 0;
}
-int add_challenge_avp (struct buffer *buf, char *c, int len)
+int add_challenge_avp (struct buffer *buf, unsigned char *c, int len)
{
add_header(buf, (0x6 + len), 0xB);
memcpy((char *) (buf->start + buf->len + sizeof(struct avp_hdr)), c, len);
buf->len += 0x6 + len;
return 0;
}
-int add_chalresp_avp (struct buffer *buf, char *c, int len)
+int add_chalresp_avp (struct buffer *buf, unsigned char *c, int len)
{
add_header(buf, (0x6 + len), 0xD);
memcpy((char *) (buf->start + buf->len + sizeof(struct avp_hdr)), c, len);
buf->len += 0x6 + len;
return 0;
}
-int add_randvect_avp (struct buffer *buf, char *c, int len)
+int add_randvect_avp (struct buffer *buf, unsigned char *c, int len)
{
add_header(buf, (0x6 + len), 0x24);
memcpy((char *) (buf->start + buf->len + sizeof(struct avp_hdr)), c, len);
buf->len += 0x6 + len;
return 0;
diff --git a/call.c b/call.c
--- a/call.c
+++ b/call.c
@@ -502,11 +502,11 @@ void destroy_call (struct call *c)
}
struct call *new_call (struct tunnel *parent)
{
- char entropy_buf[2] = "\0";
+ unsigned char entropy_buf[2] = "\0";
struct call *tmp = malloc (sizeof (struct call));
if (!tmp)
return NULL;
tmp->tx_pkts = 0;
diff --git a/l2tp.h b/l2tp.h
--- a/l2tp.h
+++ b/l2tp.h
@@ -214,11 +214,11 @@ extern void control_xmit (void *);
extern int ppd;
extern int switch_io; /* jz */
extern int control_fd;
extern int start_pppd (struct call *c, struct ppp_opts *);
extern void magic_lac_dial (void *);
-extern int get_entropy (char *, int);
+extern int get_entropy (unsigned char *, int);
#ifndef MIN
#define MIN(a,b) (((a)<(b)) ? (a) : (b))
#endif
#endif
diff --git a/l2tpd.c b/l2tpd.c
--- a/l2tpd.c
+++ b/l2tpd.c
@@ -731,11 +731,11 @@ void lac_disconnect (int tid)
}
struct tunnel *new_tunnel ()
{
struct tunnel *tmp = malloc (sizeof (struct tunnel));
- char entropy_buf[2] = "\0";
+ unsigned char entropy_buf[2] = "\0";
if (!tmp)
return NULL;
tmp->control_seq_num = 0;
tmp->control_rec_seq_num = 0;
tmp->cLr = 0;
diff --git a/misc.c b/misc.c
--- a/misc.c
+++ b/misc.c
@@ -90,22 +90,22 @@ inline void recycle_buf (struct buffer *
b->start = b->rstart;
b->len = b->maxlen;
}
#define bufferDumpWIDTH 16
-void bufferDump (char *buf, int buflen)
+void bufferDump (unsigned char *buf, int buflen)
{
int i = 0, j = 0;
/* we need TWO characters to DISPLAY ONE byte */
- unsigned char line[2 * bufferDumpWIDTH + 1], *c;
+ char line[2 * bufferDumpWIDTH + 1], *c;
for (i = 0; i < buflen / bufferDumpWIDTH; i++)
{
c = line;
for (j = 0; j < bufferDumpWIDTH; j++)
{
- sprintf (c, "%02x ", (buf[i * bufferDumpWIDTH + j]) & 0xff);
+ sprintf (c, "%02x ", (buf[i * bufferDumpWIDTH + j]) & 0xff);
c++;
c++; /* again two characters to display ONE byte */
}
*c = '\0';
l2tp_log (LOG_WARN, "%s: buflen=%d, buffer[%d]: *%s*\n", __FUNCTION__,
@@ -242,11 +242,11 @@ void opt_destroy (struct ppp_opts *optio
int get_egd_entropy(char *buf, int count)
{
return -1;
}
-int get_sys_entropy(char *buf, int count)
+int get_sys_entropy(unsigned char *buf, int count)
{
/*
* This way of filling buf with rand() generated data is really
* fairly inefficient from a function call point of view...rand()
* returns four bytes of data (on most systems, sizeof(int))
@@ -263,11 +263,11 @@ int get_sys_entropy(char *buf, int count
bufferDump (buf, count);
#endif
return count;
}
-int get_dev_entropy(char *buf, int count)
+int get_dev_entropy(unsigned char *buf, int count)
{
int devrandom;
ssize_t entropy_amount;
devrandom = open ("/dev/urandom", O_RDONLY | O_NONBLOCK);
@@ -283,11 +283,11 @@ int get_dev_entropy(char *buf, int count
entropy_amount = read(devrandom, buf, count);
close(devrandom);
return entropy_amount;
}
-int get_entropy (char *buf, int count)
+int get_entropy (unsigned char *buf, int count)
{
if (rand_source == RAND_SYS)
{
return get_sys_entropy(buf, count);
}
diff --git a/network.c b/network.c
--- a/network.c
+++ b/network.c
@@ -33,11 +33,11 @@ int kernel_support; /* Kerne
int init_network (void)
{
long arg;
- int length = sizeof (server);
+ unsigned int length = sizeof (server);
gethostname (hostname, sizeof (hostname));
server.sin_family = AF_INET;
server.sin_addr.s_addr = gconfig.listenaddr;
server.sin_port = htons (gconfig.port);
if ((server_socket = socket (PF_INET, SOCK_DGRAM, 0)) < 0)
@@ -304,21 +304,25 @@ void network_thread ()
{
/*
* We loop forever waiting on either data from the ppp drivers or from
* our network socket. Control handling is no longer done here.
*/
- int fromlen; /* Length of the address */
+ unsigned int fromlen; /* Length of the address */
int tunnel, call; /* Tunnel and call */
int recvsize; /* Length of data received */
struct buffer *buf; /* Payload buffer */
struct call *c, *sc; /* Call to send this off to */
struct tunnel *st; /* Tunnel */
fd_set readfds; /* Descriptors to watch for reading */
int max; /* Highest fd */
struct timeval tv; /* Timeout for select */
/* This one buffer can be recycled for everything except control packets */
buf = new_buf (MAX_RECV_SIZE);
+
+ tunnel = 0;
+ call = 0;
+
for (;;)
{
max = build_fdset (&readfds);
tv.tv_sec = 1;
tv.tv_usec = 0;
l2tpd-log-strerr.patch:
--- NEW FILE l2tpd-log-strerr.patch ---
diff-tree a07fa321367d2640217391b12b9cc393a4c61869 (from 95c2f93c9ec71103a75f8657c417759e2a553839)
Author: Michael Richardson <mcr at xelerance.com>
Date: Tue Nov 22 23:21:40 2005 -0500
if we aren't deamonized, then log to stderr.
diff --git a/misc.c b/misc.c
--- a/misc.c
+++ b/misc.c
@@ -27,20 +27,33 @@
# include <varargs.h>
#endif
#include <netinet/in.h>
#include "l2tp.h"
+void init_log()
+{
+ static int logopen=0;
+
+ if(!logopen) {
+ openlog (BINARY, LOG_PID, LOG_DAEMON);
+ }
+}
void l2tp_log (int level, const char *fmt, ...)
{
char buf[256];
va_list args;
va_start (args, fmt);
vsnprintf (buf, sizeof (buf), fmt, args);
va_end (args);
- openlog (BINARY, LOG_PID, LOG_DAEMON);
- syslog (level, "%s", buf);
+
+ if(gconfig.daemon) {
+ init_log();
+ syslog (level, "%s", buf);
+ } else {
+ fprintf(stderr, "l2tpd[%d]: %s", getpid(), buf);
+ }
}
void set_error (struct call *c, int error, const char *fmt, ...)
{
va_list args;
l2tpd-log.patch:
--- NEW FILE l2tpd-log.patch ---
diff-tree 752fcab3fb646b8db314575fdd902aaf40f96f38 (from ce2515775cecaedc26eef65c30c7eb2153af6982)
Author: Michael Richardson <mcr at xelerance.com>
Date: Mon Nov 21 04:14:48 2005 -0500
merge of log->l2tp_log cherry pick
diff --git a/aaa.c b/aaa.c
--- a/aaa.c
+++ b/aaa.c
@@ -140,11 +140,11 @@ int get_secret (char *us, char *them, ch
char *u, *t, *s;
int num = 0;
f = fopen (gconfig.authfile, "r");
if (!f)
{
- log (LOG_WARN, "%s : Unable to open '%s' for authentication\n",
+ l2tp_log (LOG_WARN, "%s : Unable to open '%s' for authentication\n",
__FUNCTION__, gconfig.authfile);
return 0;
}
while (!feof (f))
{
@@ -164,11 +164,11 @@ int get_secret (char *us, char *them, ch
while (*u && (*u < 33))
u++;
/* us */
if (!*u)
{
- log (LOG_WARN,
+ l2tp_log (LOG_WARN,
"%s: Invalid authentication info (no us), line %d\n",
__FUNCTION__, num);
continue;
}
t = u;
@@ -178,11 +178,11 @@ int get_secret (char *us, char *them, ch
while (*t && (*t < 33))
t++;
/* them */
if (!*t)
{
- log (LOG_WARN,
+ l2tp_log (LOG_WARN,
"%s: Invalid authentication info (nothem), line %d\n",
__FUNCTION__, num);
continue;
}
s = t;
@@ -191,20 +191,20 @@ int get_secret (char *us, char *them, ch
*(s++) = 0;
while (*s && (*s < 33))
s++;
if (!*s)
{
- log (LOG_WARN,
+ l2tp_log (LOG_WARN,
"%s: Invalid authentication info (no secret), line %d\n",
__FUNCTION__, num);
continue;
}
if ((!strcasecmp (u, us) || !strcasecmp (u, "*")) &&
(!strcasecmp (t, them) || !strcasecmp (t, "*")))
{
#ifdef DEBUG_AUTH
- log (LOG_DEBUG,
+ l2tp_log (LOG_DEBUG,
"%s: we are '%s', they are '%s', secret is '%s'\n",
__FUNCTION__, u, t, s);
#endif
strncpy (secret, s, size);
fclose(f);
@@ -219,16 +219,16 @@ int handle_challenge (struct tunnel *t,
{
char *us;
char *them;
if (!t->lns && !t->lac)
{
- log (LOG_DEBUG, "%s: No LNS or LAC to handle challenge!\n",
+ l2tp_log (LOG_DEBUG, "%s: No LNS or LAC to handle challenge!\n",
__FUNCTION__);
return -1;
}
#ifdef DEBUG_AUTH
- log (LOG_DEBUG, "%s: making response for tunnel: %d\n", __FUNCTION__,
+ l2tp_log (LOG_DEBUG, "%s: making response for tunnel: %d\n", __FUNCTION__,
t->ourtid);
#endif
if (t->lns)
{
if (t->lns->hostname[0])
@@ -251,34 +251,34 @@ int handle_challenge (struct tunnel *t,
else
them = t->hostname;
}
if (!get_secret (us, them, chal->secret, sizeof (chal->secret)))
{
- log (LOG_DEBUG, "%s: no secret found for us='%s' and them='%s'\n",
+ l2tp_log (LOG_DEBUG, "%s: no secret found for us='%s' and them='%s'\n",
__FUNCTION__, us, them);
return -1;
}
#if DEBUG_AUTH
- log (LOG_DEBUG, "*%s: Here comes the chal->ss:\n", __FUNCTION__);
+ l2tp_log (LOG_DEBUG, "*%s: Here comes the chal->ss:\n", __FUNCTION__);
bufferDump (&chal->ss, 1);
- log (LOG_DEBUG, "%s: Here comes the secret\n", __FUNCTION__);
+ l2tp_log (LOG_DEBUG, "%s: Here comes the secret\n", __FUNCTION__);
bufferDump (chal->secret, strlen (chal->secret));
- log (LOG_DEBUG, "%s: Here comes the challenge\n", __FUNCTION__);
+ l2tp_log (LOG_DEBUG, "%s: Here comes the challenge\n", __FUNCTION__);
bufferDump (chal->challenge, chal->chal_len);
#endif
memset (chal->response, 0, MD_SIG_SIZE);
MD5Init (&chal->md5);
MD5Update (&chal->md5, &chal->ss, 1);
MD5Update (&chal->md5, chal->secret, strlen (chal->secret));
MD5Update (&chal->md5, chal->challenge, chal->chal_len);
MD5Final (chal->response, &chal->md5);
#ifdef DEBUG_AUTH
- log (LOG_DEBUG, "response is %X%X%X%X to '%s' and %X%X%X%X, %d\n",
+ l2tp_log (LOG_DEBUG, "response is %X%X%X%X to '%s' and %X%X%X%X, %d\n",
*((int *) &chal->response[0]),
*((int *) &chal->response[4]),
*((int *) &chal->response[8]),
*((int *) &chal->response[12]),
chal->secret,
@@ -317,11 +317,11 @@ struct lns *get_lns (struct tunnel *t)
{
if ((ntohl (t->peer.sin_addr.s_addr) >= ntohl (ipr->start)) &&
(ntohl (t->peer.sin_addr.s_addr) <= ntohl (ipr->end)))
{
#ifdef DEBUG_AAA
- log (LOG_DEBUG,
+ l2tp_log (LOG_DEBUG,
"get_lns: Rule %s to %s, sense %s matched %s\n",
IPADDY (ipr->start), IPADDY (ipr->end),
(ipr->sense ? "allow" : "deny"), IPADDY (t->peer.sin_addr.s_addr));
#endif
allow = ipr->sense;
@@ -345,18 +345,18 @@ struct lns *get_lns (struct tunnel *t)
#ifdef DEBUG_HIDDEN
void print_md5 (void *md5)
{
int *i = (int *) md5;
- log (LOG_DEBUG, "%X%X%X%X\n", i[0], i[1], i[2], i[3], i[4]);
+ l2tp_log (LOG_DEBUG, "%X%X%X%X\n", i[0], i[1], i[2], i[3], i[4]);
}
inline void print_challenge (struct challenge *chal)
{
- log (LOG_DEBUG, "vector: ");
+ l2tp_log (LOG_DEBUG, "vector: ");
print_md5 (chal->vector);
- log (LOG_DEBUG, "secret: %s\n", chal->secret);
+ l2tp_log (LOG_DEBUG, "secret: %s\n", chal->secret);
}
#endif
void encrypt_avp (struct buffer *buf, _u16 len, struct tunnel *t)
{
/* Encrypts an AVP of len, at data. We assume there
@@ -401,21 +401,21 @@ void encrypt_avp (struct buffer *buf, _u
end = ((char *) new_hdr) + length;
previous_segment = ptr;
while (ptr < end)
{
#if DEBUG_HIDDEN
- log (LOG_DEBUG, "%s: The digest to be XOR'ed\n", __FUNCTION__);
+ l2tp_log (LOG_DEBUG, "%s: The digest to be XOR'ed\n", __FUNCTION__);
bufferDump (digest, MD_SIG_SIZE);
- log (LOG_DEBUG, "%s: The plaintext to be XOR'ed\n", __FUNCTION__);
+ l2tp_log (LOG_DEBUG, "%s: The plaintext to be XOR'ed\n", __FUNCTION__);
bufferDump (ptr, MD_SIG_SIZE);
#endif
for (cnt = 0; cnt < MD_SIG_SIZE; cnt++, ptr++)
{
*ptr = *ptr ^ digest[cnt];
}
#if DEBUG_HIDDEN
- log (LOG_DEBUG, "%s: The result of XOR\n", __FUNCTION__);
+ l2tp_log (LOG_DEBUG, "%s: The result of XOR\n", __FUNCTION__);
bufferDump (previous_segment, MD_SIG_SIZE);
#endif
if (ptr < end)
{
MD5Init (&t->chal_them.md5);
@@ -445,11 +445,11 @@ int decrypt_avp (char *buf, struct tunne
ptr = ((char *) old_hdr) + sizeof (struct avp_hdr);
olen = old_hdr->length & 0x0FFF;
end = buf + olen;
if (!t->chal_us.vector)
{
- log (LOG_DEBUG,
+ l2tp_log (LOG_DEBUG,
"decrypt_avp: Hidden bit set, but no random vector specified!\n");
[...4088 lines suppressed...]
{
- log (LOG_WARN, "%s: called on NULL buffer!\n", __FUNCTION__);
+ l2tp_log (LOG_WARN, "%s: called on NULL buffer!\n", __FUNCTION__);
return;
}
buf->retries++;
t = buf->tunnel;
@@ -170,11 +170,11 @@ void control_xmit (void *b)
if (t)
{
if (ns < t->cLr)
{
#ifdef DEBUG_CONTROL_XMIT
- log (LOG_DEBUG, "%s: Tossing packet %d\n", __FUNCTION__, ns);
+ l2tp_log (LOG_DEBUG, "%s: Tossing packet %d\n", __FUNCTION__, ns);
#endif
/* Okay, it's been received. Let's toss it now */
toss (buf);
return;
}
@@ -187,19 +187,19 @@ void control_xmit (void *b)
*/
if (t)
{
if (t->self->needclose)
{
- log (LOG_DEBUG,
+ l2tp_log (LOG_DEBUG,
"Unable to deliver closing message for tunnel %d. Destroying anyway.\n",
t->ourtid);
t->self->needclose = 0;
t->self->closing = -1;
}
else
{
- log (LOG_NOTICE,
+ l2tp_log (LOG_NOTICE,
"Maximum retries exceeded for tunnel %d. Closing.\n",
t->ourtid);
strcpy (t->self->errormsg, "Timeout");
t->self->needclose = -1;
}
@@ -214,11 +214,11 @@ void control_xmit (void *b)
*/
tv.tv_sec = 1;
tv.tv_usec = 0;
schedule (tv, control_xmit, buf);
#ifdef DEBUG_CONTROL_XMIT
- log (LOG_DEBUG, "%s: Scheduling and transmitting packet %d\n",
+ l2tp_log (LOG_DEBUG, "%s: Scheduling and transmitting packet %d\n",
__FUNCTION__, ns);
#endif
udp_xmit (buf);
}
}
@@ -277,11 +277,11 @@ int build_fdset (fd_set *readfds)
* closing, check if the tunnel needs to be closed too
*/
if (tun->self->needclose ^ tun->self->closing)
{
if (gconfig.debug_tunnel)
- log (LOG_DEBUG, "%s: closing down tunnel %d\n",
+ l2tp_log (LOG_DEBUG, "%s: closing down tunnel %d\n",
__FUNCTION__, tun->ourtid);
call_close (tun->self);
/* Reset the while loop
* and check for NULL */
tun = tunnels.head;
@@ -345,26 +345,26 @@ void network_thread ()
if (recvsize < MIN_PAYLOAD_HDR_LEN)
{
if (recvsize < 0)
{
if (errno != EAGAIN)
- log (LOG_WARN,
+ l2tp_log (LOG_WARN,
"%s: recvfrom returned error %d (%s)\n",
__FUNCTION__, errno, strerror (errno));
}
else
{
- log (LOG_WARN, "%s: received too small a packet\n",
+ l2tp_log (LOG_WARN, "%s: received too small a packet\n",
__FUNCTION__);
}
}
else
{
buf->len = recvsize;
if (gconfig.debug_network)
{
- log (LOG_DEBUG, "%s: recv packet from %s, size = %d, "
+ l2tp_log (LOG_DEBUG, "%s: recv packet from %s, size = %d, "
"tunnel = %d, call = %d\n", __FUNCTION__,
inet_ntoa (from.sin_addr), recvsize, tunnel, call);
}
if (gconfig.packet_dump)
{
@@ -388,17 +388,17 @@ void network_thread ()
* this from closing the tunnel, if we get a call on a valid
* tunnel, but not with a valid CID, we'll just send a ZLB
* to ack receiving the packet.
*/
if (gconfig.debug_tunnel)
- log (LOG_DEBUG,
+ l2tp_log (LOG_DEBUG,
"%s: no such call %d on tunnel %d. Sending special ZLB\n",
__FUNCTION__);
handle_special (buf, c, call);
}
else
- log (LOG_DEBUG,
+ l2tp_log (LOG_DEBUG,
"%s: unable to find call or tunnel to handle packet. call = %d, tunnel = %d Dumping.\n",
__FUNCTION__, call, tunnel);
}
else
@@ -407,11 +407,11 @@ void network_thread ()
/* Handle the packet */
c->container->chal_us.vector = NULL;
if (handle_packet (buf, c->container, c))
{
if (gconfig.debug_tunnel)
- log (LOG_DEBUG, "%s: bad packet\n", __FUNCTION__);
+ l2tp_log (LOG_DEBUG, "%s: bad packet\n", __FUNCTION__);
};
if (c->cnu)
{
/* Send Zero Byte Packet */
control_zlb (buf, c->container, c);
@@ -431,11 +431,11 @@ void network_thread ()
{
/* Got some payload to send */
int result;
recycle_payload (buf, sc->container->peer);
#ifdef DEBUG_FLOW_MORE
- log (LOG_DEBUG, "%s: rws = %d, pSs = %d, pLr = %d\n",
+ l2tp_log (LOG_DEBUG, "%s: rws = %d, pSs = %d, pLr = %d\n",
__FUNCTION__, sc->rws, sc->pSs, sc->pLr);
#endif
/* if ((sc->rws>0) && (sc->pSs > sc->pLr + sc->rws) && !sc->rbit) {
#ifdef DEBUG_FLOW
log(LOG_DEBUG, "%s: throttling payload (call = %d, tunnel = %d, Lr = %d, Ss = %d, rws = %d)!\n",__FUNCTION__,
@@ -472,11 +472,11 @@ void network_thread ()
udp_xmit (buf);
recycle_payload (buf, sc->container->peer);
}
if (result != 0)
{
- log (LOG_WARN,
+ l2tp_log (LOG_WARN,
"%s: tossing read packet, error = %s (%d). Closing call.\n",
__FUNCTION__, strerror (-result), -result);
strcpy (sc->errormsg, strerror (-result));
sc->needclose = -1;
}
diff --git a/pty.c b/pty.c
--- a/pty.c
+++ b/pty.c
@@ -55,8 +55,8 @@ int getPtyMaster (char *tty10, char *tty
*tty01 = *p01;
return fd;
}
}
}
- log (LOG_CRIT, "%s: No more free pseudo-tty's\n", __FUNCTION__);
+ l2tp_log (LOG_CRIT, "%s: No more free pseudo-tty's\n", __FUNCTION__);
return -1;
}
diff --git a/scheduler.c b/scheduler.c
--- a/scheduler.c
+++ b/scheduler.c
@@ -54,11 +54,11 @@ void alarm_handler (int signal)
static int cnt = 0;
cnt++;
if (cnt != 1)
{
/* Whoa, we got called from within ourselves! */
- log (LOG_DEBUG, "%s : Whoa... cnt = %d\n", __FUNCTION__, cnt);
+ l2tp_log (LOG_DEBUG, "%s : Whoa... cnt = %d\n", __FUNCTION__, cnt);
return;
}
while (events)
{
gettimeofday (&now, NULL);
@@ -87,11 +87,11 @@ void alarm_handler (int signal)
then.tv_sec -= 1;
then.tv_usec += 1000000;
}
if ((then.tv_sec <= 0) && (then.tv_usec <= 0))
{
- log (LOG_WARN, "%s: Whoa... Scheduling for <=0 time???\n",
+ l2tp_log (LOG_WARN, "%s: Whoa... Scheduling for <=0 time???\n",
__FUNCTION__);
}
else
{
itv.it_interval = zero;
l2tpd-max-retries.patch:
--- NEW FILE l2tpd-max-retries.patch ---
diff --git a/l2tp.h b/l2tp.h
--- a/l2tp.h
+++ b/l2tp.h
@@ -88,11 +88,16 @@ struct payload_hdr
a zero byte packet */
#define PAYLOAD_BUF 10 /* Provide 10 expansion bytes
so we can "decompress" the
payloads and simplify coding */
-#define DEFAULT_MAX_RETRIES 5 /* Recommended value from spec */
+#if 1
+#define DEFAULT_MAX_RETRIES 5 /* Recommended value from spec */
+#else
+#define DEFAULT_MAX_RETRIES 95 /* give us more time to debug */
+#endif
+
#define DEFAULT_RWS_SIZE 4 /* Default max outstanding
control packets in queue */
#define DEFAULT_TX_BPS 10000000 /* For outgoing calls, report this speed */
#define DEFAULT_RX_BPS 10000000
#define DEFAULT_MAX_BPS 10000000 /* jz: outgoing calls max bps */
l2tpd-moredebug.patch:
--- NEW FILE l2tpd-moredebug.patch ---
diff-tree a61da5a7451135f3504012f68bb7307abaf42657 (from 7493cefcda7a70ce3da5f244ef2df4782c551c87)
Author: Michael Richardson <mcr at xelerance.com>
Date: Fri Nov 25 13:06:02 2005 -0500
various debugging added
diff --git a/control.c b/control.c
--- a/control.c
+++ b/control.c
@@ -1545,11 +1545,11 @@ inline int write_packet (struct buffer *
static unsigned char wbuf[MAX_RECV_SIZE];
int pos = 0;
if (c->fd < 0)
{
- if (DEBUG)
+ if (DEBUG || 1)
l2tp_log (LOG_DEBUG, "%s: tty is not open yet.\n", __FUNCTION__);
return -EIO;
}
/*
* Skip over header
@@ -1561,11 +1561,10 @@ inline int write_packet (struct buffer *
c->rx_bytes += buf->len;
/*
* FIXME: What about offset?
*/
-
while (!convert)
{
/* We are given async frames, so write them
directly to the tty */
err = write (c->fd, buf->start, buf->len);
@@ -1633,22 +1632,31 @@ inline int write_packet (struct buffer *
}
wbuf[pos++] = e;
}
wbuf[pos++] = PPP_FLAG;
+
+#if 0
+ if(DEBUG) {
+ l2tp_log(LOG_DEBUG, "after sync->async, expanded %d->%d\n",
+ buf->len, pos);
+ }
+#endif
+
x = write (c->fd, wbuf, pos);
if (x < pos)
{
+ if (DEBUG)
+ l2tp_log (LOG_WARN, "%s: %s(%d)\n", __FUNCTION__, strerror (errno),
+ errno);
+
if (!(errno == EINTR) && !(errno == EAGAIN))
{
/*
* I guess pppd died. we'll pretend
* everything ended normally
*/
- if (DEBUG)
- l2tp_log (LOG_WARN, "%s: %s(%d)\n", __FUNCTION__, strerror (errno),
- errno);
c->needclose = -1;
c->fd = -1;
return -EIO;
}
}
l2tpd-move-pty-logic.patch:
--- NEW FILE l2tpd-move-pty-logic.patch ---
diff-tree 95c2f93c9ec71103a75f8657c417759e2a553839 (from c61f0a0bd1a0c8029b7770e20950aa83c79a9a1f)
Author: Michael Richardson <mcr at xelerance.com>
Date: Tue Nov 22 23:21:29 2005 -0500
move all logic about pty usage to pty.c
try ptmx first. if it fails try legacy ptys
diff --git a/l2tpd.c b/l2tpd.c
--- a/l2tpd.c
+++ b/l2tpd.c
@@ -288,11 +288,11 @@ void death_handler (int signal)
}
int start_pppd (struct call *c, struct ppp_opts *opts)
{
/* char a, b; */
- char *tty;
+ char tty[512];
char *stropt[80];
struct ppp_opts *p;
#ifdef USE_KERNEL
struct l2tp_call_opts co;
#endif
@@ -337,71 +337,35 @@ int start_pppd (struct call *c, struct p
snprintf (stropt[pos], 10, "%d", co.id);
pos++;
stropt[pos] = NULL;
}
else
- {
#endif
- c->fd = open("/dev/ptmx", O_RDWR);
- if (c->fd == -1)
- {
- l2tp_log (LOG_WARN, "%s: unable to open /dev/ptmx to allocate pty\n",
- __FUNCTION__);
- return -EINVAL;
- } else
- {
- if (grantpt(c->fd))
- {
- l2tp_log (LOG_WARN, "%s: unable to grantpt() on pty\n",
- __FUNCTION__);
- close(c->fd);
- return -EINVAL;
- }
- if (unlockpt(c->fd))
- {
- l2tp_log (LOG_WARN, "%s: unable to unlockpt() on pty\n",
- __FUNCTION__);
- close(c->fd);
- return -EINVAL;
- }
- tty = ptsname(c->fd);
- if (tty == NULL)
- {
- l2tp_log (LOG_WARN, "%s: unable to obtain name of slave tty\n",
- __FUNCTION__);
- close(c->fd);
- return -EINVAL;
- }
- }
-
-
- /* if ((c->fd = getPtyMaster (&a, &b)) < 0)
+ {
+ if ((c->fd = getPtyMaster (tty, sizeof(tty))) < 0)
{
l2tp_log (LOG_WARN, "%s: unable to allocate pty, abandoning!\n",
- __FUNCTION__);
+ __FUNCTION__);
return -EINVAL;
- } */
+ }
/* set fd opened above to not echo so we don't see read our own packets
back of the file descriptor that we just wrote them to */
tcgetattr (c->fd, &ptyconf);
*(c->oldptyconf) = ptyconf;
ptyconf.c_cflag &= ~(ICANON | ECHO);
ptyconf.c_lflag &= ~ECHO;
tcsetattr (c->fd, TCSANOW, &ptyconf);
-/* snprintf (tty, sizeof (tty), "/dev/tty%c%c", a, b); */
fd2 = open (tty, O_RDWR);
if (fd2 < 0) {
l2tp_log (LOG_WARN, "unable to open tty %s, cannot start pppd", tty);
return -EINVAL;
}
stropt[pos++] = strdup(tty);
stropt[pos] = NULL;
-#ifdef USE_KERNEL
}
-#endif
#ifdef DEBUG_PPPD
l2tp_log (LOG_DEBUG, "%s: I'm running: ", __FUNCTION__);
for (x = 0; stropt[x]; x++)
{
@@ -1151,11 +1115,11 @@ void init (int argc,char *argv[])
if (init_config ())
{
l2tp_log (LOG_CRIT, "%s: Unable to load config file\n", __FUNCTION__);
exit (1);
}
- if (uname (&uts))
+ if (uname (&uts)<0)
{
l2tp_log (LOG_CRIT, "%s : Unable to determine host system\n",
__FUNCTION__);
exit (1);
}
diff --git a/misc.h b/misc.h
--- a/misc.h
+++ b/misc.h
@@ -71,11 +71,11 @@ extern void udppush_handler (int);
extern int addfcs (struct buffer *buf);
extern inline void swaps (void *, int);
extern void do_packet_dump (struct buffer *);
extern void status (const char *fmt, ...);
extern void status_handler (int signal);
-extern int getPtyMaster (char *a, char *b);
+extern int getPtyMaster(char *, int);
extern void do_control (void);
extern void recycle_buf (struct buffer *);
extern void safe_copy (char *, char *, int);
extern void opt_destroy (struct ppp_opts *);
extern struct ppp_opts *add_opt (struct ppp_opts *, char *, ...);
diff --git a/pty.c b/pty.c
--- a/pty.c
+++ b/pty.c
@@ -12,12 +12,24 @@
* Pseudo-pty allocation routines... Concepts and code borrowed
* from pty-redir by Magosanyi Arpad.
*
*/
-#include "l2tp.h"
+#define _ISOC99_SOURCE
+#define _XOPEN_SOURCE
+#define _BSD_SOURCE
+#define _XOPEN_SOURCE_EXTENDED
+
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+#include <errno.h>
+#include <stdio.h>
#include <fcntl.h>
+#include "l2tp.h"
+
+
#ifdef SOLARIS
#define PTY00 "/dev/ptyXX"
#define PTY10 "pqrstuvwxyz"
#define PTY01 "0123456789abcdef"
@@ -33,11 +45,11 @@
#define PTY00 "/dev/ptyXX"
#define PTY10 "p"
#define PTY01 "0123456789abcdefghijklmnopqrstuv"
#endif
-int getPtyMaster (char *tty10, char *tty01)
+int getPtyMaster_pty (char *tty10, char *tty01)
{
char *p10;
char *p01;
static char dev[] = PTY00;
int fd;
@@ -58,5 +70,70 @@ int getPtyMaster (char *tty10, char *tty
}
}
l2tp_log (LOG_CRIT, "%s: No more free pseudo-tty's\n", __FUNCTION__);
return -1;
}
+
+int getPtyMaster_ptmx(char *ttybuf, int ttybuflen)
+{
+ int fd;
+ char *tty;
+
+ fd = open("/dev/ptmx", O_RDWR);
+ if (fd == -1)
+ {
+ l2tp_log (LOG_WARN, "%s: unable to open /dev/ptmx to allocate pty\n",
+ __FUNCTION__);
+ return -EINVAL;
+ }
+
+ /* change the onwership */
+ if (grantpt(fd))
+ {
+ l2tp_log (LOG_WARN, "%s: unable to grantpt() on pty\n",
+ __FUNCTION__);
+ close(fd);
+ return -EINVAL;
+ }
+
+ if (unlockpt(fd))
+ {
+ l2tp_log (LOG_WARN, "%s: unable to unlockpt() on pty\n",
+ __FUNCTION__);
+ close(fd);
+ return -EINVAL;
+ }
+
+ tty = ptsname(fd);
+ if (tty == NULL)
+ {
+ l2tp_log (LOG_WARN, "%s: unable to obtain name of slave tty\n",
+ __FUNCTION__);
+ close(fd);
+ return -EINVAL;
+ }
+ ttybuf[0]='\0';
+ strncat(ttybuf, tty, ttybuflen);
+
+ return fd;
+}
+
+int getPtyMaster(char *ttybuf, int ttybuflen)
+{
+ int fd = getPtyMaster_ptmx(ttybuf, ttybuflen);
+ char a, b;
+
+ if(fd >= 0) {
+ return fd;
+ }
+
+ l2tp_log (LOG_WARN, "%s: failed to use pts -- using legacy ptys\n", __FUNCTION__);
+ fd = getPtyMaster_pty(&a,&b);
+
+ if(fd >= 0) {
+ snprintf(ttybuf, ttybuflen, "/dev/tty%c%c", a, b);
+ return fd;
+ }
+
+ return -EINVAL;
+}
+
l2tpd-nodebug-default.patch:
--- NEW FILE l2tpd-nodebug-default.patch ---
diff-tree 30715d7b0838372bd42ecd9fb6b9c708d522e72d (from b240ad8ce83e0a0dbee533cb2862a5eafb937504)
Author: Michael Richardson <mcr at xelerance.com>
Date: Fri Nov 25 13:05:21 2005 -0500
debugging should not be on by default
diff --git a/Makefile b/Makefile
--- a/Makefile
+++ b/Makefile
@@ -24,11 +24,11 @@
# -DTEST_HIDDEN makes Assigned Call ID sent as a hidden AVP
#
# Also look at the top of network.c for some other (eventually to
# become runtime options) debugging flags
#
-DFLAGS= -g -O2 -DDEBUG_PPPD -DDEBUG_PAYLOAD
+DFLAGS= -g -O2
#
# Uncomment the next line for Linux
#
OSFLAGS= -DLINUX
#
--- NEW FILE l2tpd-options.l2tpd ---
ipcp-accept-local
ipcp-accept-remote
ms-dns 192.168.1.1
ms-dns 192.168.1.3
ms-wins 192.168.1.2
ms-wins 192.168.1.4
noccp
auth
crtscts
idle 1800
mtu 1410
mru 1410
nodefaultroute
debug
lock
proxyarp
connect-delay 5000
l2tpd-patents.patch:
--- NEW FILE l2tpd-patents.patch ---
--- l2tpd-0.69cvs20051030/README.patents 1969-12-31 19:00:00.000000000 -0500
+++ l2tpd/README.patents 2005-11-27 19:45:38.000000000 -0500
@@ -0,0 +1,50 @@
+
+http://www.ietf.org/ietf/IPR/CISCO-L2TP
+
+The following was received on March 2, 1999 from
+Andy Valencia (vandys at cisco.com)
+
+Cisco has a patent pending that may relate to this proposed standard. If
+this proposed standard is adopted by IETF and any patents issue to Cisco or
+its subsidiaries with claims that are necessary for practicing this
+standard, any party will be able to obtain the right to implement, use and
+distribute the technology or works when implementing, using or distributing
+technology based upon the specific specification(s) under openly specified,
+reasonable, non-discriminatory terms.
+
+
+Requests may be sent to:
+
+Robert Barr
+Suite 280
+2882 Sand Hill Road
+Menlo Park Ca 94025
+
+Phone: 650-926-6205
+
+
+Note: On July 30, 1999, we were informed that the patent office had assigned
+ the number 5,918,019 for the patent
+
+--------------------------
+Cisco allows anyone to use their patent as long as it is IETF RFC
+compliant. This is Cisco's standard policy on patents for their IETF
+work. In fact, their statement was made before being awarded the
+patent. They complied fully with the IPR disclosure policy of the
+IETF. The IETF does not release RFC's that are limited or in any way
+discriminatory in their use. The patent holder (in this case Ciso)
+agree to a royalty free, unrevocable use of their patent as needed for
+implementing the IETF standards.
+
+If there were any limitations on the implementation and use of L2TP,
+the L2TP working group would not exist any more, and no new protocol
+additions or changes would be accepted as RFC standard.
+
+The L2TP became an IETF standard, see http://www.ietf.org/rfc/rfc2661.txt
+
+Notice the RFC was issued after the disclosure for IPR by Cisco, so
+the IETF fully knew about the patent and confirmed that there were no
+restrictions before it issued the RFC.
+
+ --- Paul Wouters <paul at xelerance.com>
+
l2tpd-socket.patch:
--- NEW FILE l2tpd-socket.patch ---
diff --git a/l2tpd.c b/l2tpd.c
--- a/l2tpd.c
+++ b/l2tpd.c
@@ -58,10 +58,12 @@ int control_fd; /* descr
char *args;
char *dial_no_tmp; /* jz: Dialnumber for Outgoing Call */
int switch_io = 0; /* jz: Switch for Incoming or Outgoing Call */
+static void open_controlfd(void);
+
void init_tunnel_list (struct tunnel_list *t)
{
t->head = NULL;
t->count = 0;
t->calls = 0;
@@ -353,10 +356,14 @@ int start_pppd (struct call *c, struct p
tcgetattr (c->fd, &ptyconf);
*(c->oldptyconf) = ptyconf;
ptyconf.c_cflag &= ~(ICANON | ECHO);
ptyconf.c_lflag &= ~ECHO;
tcsetattr (c->fd, TCSANOW, &ptyconf);
+ if(fcntl(c->fd, F_SETFL, O_NONBLOCK)!=0) {
+ l2tp_log(LOG_WARN, "failed to set nonblock: %s\n", strerror(errno));
+ return -EINVAL;
+ }
fd2 = open (tty, O_RDWR);
if (fd2 < 0) {
l2tp_log (LOG_WARN, "unable to open tty %s, cannot start pppd", tty);
return -EINVAL;
@@ -809,170 +818,176 @@ void do_control ()
char *tmp_ptr; /* jz: use by the strtok function */
struct lac *lac;
int call;
int tunl;
int cnt = -1;
- while (cnt)
+ int done = 0;
+
+ buf[0]='\0';
+
+ while (!done)
{
- cnt = read (control_fd, buf, sizeof (buf));
- if (cnt > 0)
- {
- if (buf[cnt - 1] == '\n')
- buf[--cnt] = 0;
+ cnt = read (control_fd, buf, sizeof (buf));
+ if (cnt <= 0)
+ {
+ if(cnt < 0 && errno != EINTR) {
+ perror("controlfd");
+ }
+ done=1;
+ break;
+ }
+
+ if (buf[cnt - 1] == '\n')
+ buf[--cnt] = 0;
#ifdef DEBUG_CONTROL
- l2tp_log (LOG_DEBUG, "%s: Got message %s (%d bytes long)\n",
- __FUNCTION__, buf, cnt);
+ l2tp_log (LOG_DEBUG, "%s: Got message %s (%d bytes long)\n",
+ __FUNCTION__, buf, cnt);
#endif
- switch (buf[0])
- {
- case 't':
- host = strchr (buf, ' ') + 1;
+ switch (buf[0])
+ {
+ case 't':
+ host = strchr (buf, ' ') + 1;
#ifdef DEBUG_CONTROL
- l2tp_log (LOG_DEBUG, "%s: Attempting to tunnel to %s\n",
- __FUNCTION__, host);
+ l2tp_log (LOG_DEBUG, "%s: Attempting to tunnel to %s\n",
+ __FUNCTION__, host);
#endif
- l2tp_call (host, UDP_LISTEN_PORT, NULL, NULL);
- break;
- case 'c':
-
- switch_io = 1; /* jz: Switch for Incoming - Outgoing Calls */
-
- tunstr = strchr (buf, ' ') + 1;
- lac = laclist;
- while (lac)
- {
- if (!strcasecmp (lac->entname, tunstr))
- {
- lac->active = -1;
- lac->rtries = 0;
- if (!lac->c)
- magic_lac_dial (lac);
- else
- l2tp_log (LOG_DEBUG,
- "Session '%s' already active!\n", lac->entname);
- break;
- }
- lac = lac->next;
- }
- if (lac)
- break;
- tunl = atoi (tunstr);
- if (!tunl)
- {
- l2tp_log (LOG_DEBUG, "No such tunnel '%s'\n", tunstr);
- break;
- }
+ l2tp_call (host, UDP_LISTEN_PORT, NULL, NULL);
+ break;
+ case 'c':
+ switch_io = 1; /* jz: Switch for Incoming - Outgoing Calls */
+
+ tunstr = strchr (buf, ' ') + 1;
+ lac = laclist;
+ while (lac && strcasecmp (lac->entname, tunstr)!=0)
+ {
+ lac = lac->next;
+ }
+
+ if(lac) {
+ lac->active = -1;
+ lac->rtries = 0;
+ if (!lac->c)
+ magic_lac_dial (lac);
+ else {
+ l2tp_log (LOG_DEBUG,
+ "Session '%s' already active!\n", lac->entname);
+ }
+ break;
+ }
+
+ /* did not find a tunnel by name, look by number */
+ tunl = atoi (tunstr);
+ if (!tunl)
+ {
+ l2tp_log (LOG_DEBUG, "No such tunnel '%s'\n", tunstr);
+ break;
+ }
#ifdef DEBUG_CONTROL
- l2tp_log (LOG_DEBUG, "%s: Attempting to call on tunnel %d\n",
- __FUNCTION__, tunl);
+ l2tp_log (LOG_DEBUG, "%s: Attempting to call on tunnel %d\n",
+ __FUNCTION__, tunl);
#endif
- lac_call (tunl, NULL, NULL);
- break;
-
- case 'o': /* jz: option 'o' for doing a outgoing call */
-
- switch_io = 0; /* jz: Switch for incoming - outgoing Calls */
-
- sub_str = strchr (buf, ' ') + 1;
-
- tunstr = strtok (sub_str, " "); /* jz: using strtok function to get */
- tmp_ptr = strtok (NULL, " "); /* params out of the pipe */
- strcpy (dial_no_tmp, tmp_ptr);
-
- lac = laclist;
- while (lac)
- {
- if (!strcasecmp (lac->entname, tunstr))
- {
- lac->active = -1;
- lac->rtries = 0;
- if (!lac->c)
- magic_lac_dial (lac);
- else
- l2tp_log (LOG_DEBUG,
- "Session '%s' already active!\n",
- lac->entname);
- break;
- }
- lac = lac->next;
- }
- if (lac)
- break;
- tunl = atoi (tunstr);
- if (!tunl)
- {
- l2tp_log (LOG_DEBUG, "No such tunnel '%s'\n", tunstr);
- break;
- }
+ lac_call (tunl, NULL, NULL);
+ break;
+
+ case 'o': /* jz: option 'o' for doing a outgoing call */
+ switch_io = 0; /* jz: Switch for incoming - outgoing Calls */
+
+ sub_str = strchr (buf, ' ') + 1;
+ tunstr = strtok (sub_str, " "); /* jz: using strtok function to get */
+ tmp_ptr = strtok (NULL, " "); /* params out of the pipe */
+ strcpy (dial_no_tmp, tmp_ptr);
+
+ lac = laclist;
+ while (lac && strcasecmp (lac->entname, tunstr)!=0)
+ {
+ lac = lac->next;
+ }
+
+ if(lac) {
+ lac->active = -1;
+ lac->rtries = 0;
+ if (!lac->c)
+ magic_lac_dial (lac);
+ else
+ l2tp_log (LOG_DEBUG,
+ "Session '%s' already active!\n",
+ lac->entname);
+ break;
+ }
+
+ /* did not find a tunnel by name, look by number */
+ tunl = atoi (tunstr);
+ if (!tunl)
+ {
+ l2tp_log (LOG_DEBUG, "No such tunnel '%s'\n", tunstr);
+ break;
+ }
#ifdef DEBUG_CONTROL
- l2tp_log (LOG_DEBUG, "%s: Attempting to call on tunnel %d\n",
- __FUNCTION__, tunl);
+ l2tp_log (LOG_DEBUG, "%s: Attempting to call on tunnel %d\n",
+ __FUNCTION__, tunl);
#endif
- lac_call (tunl, NULL, NULL);
- break;
-
- case 'h':
- callstr = strchr (buf, ' ') + 1;
- call = atoi (callstr);
+ lac_call (tunl, NULL, NULL);
+ break;
+
+ case 'h':
+ callstr = strchr (buf, ' ') + 1;
+ call = atoi (callstr);
#ifdef DEBUG_CONTROL
- l2tp_log (LOG_DEBUG, "%s: Attempting to hangup call %d\n", __FUNCTION__,
- call);
+ l2tp_log (LOG_DEBUG, "%s: Attempting to hangup call %d\n", __FUNCTION__,
+ call);
#endif
- lac_hangup (call);
- break;
- case 'd':
- tunstr = strchr (buf, ' ') + 1;
- lac = laclist;
- while (lac)
- {
- if (!strcasecmp (lac->entname, tunstr))
- {
- lac->active = 0;
- lac->rtries = 0;
- if (lac->t)
- lac_disconnect (lac->t->ourtid);
- else
- l2tp_log (LOG_DEBUG, "Session '%s' not up\n",
- lac->entname);
- break;
- }
- lac = lac->next;
- }
- if (lac)
- break;
- tunl = atoi (tunstr);
- if (!tunl)
- {
- l2tp_log (LOG_DEBUG, "No such tunnel '%s'\n",
- tunstr);
- break;
- }
+ lac_hangup (call);
+ break;
+
+ case 'd':
+ tunstr = strchr (buf, ' ') + 1;
+ lac = laclist;
+ while (lac)
+ {
+ if (!strcasecmp (lac->entname, tunstr))
+ {
+ lac->active = 0;
+ lac->rtries = 0;
+ if (lac->t)
+ lac_disconnect (lac->t->ourtid);
+ else
+ l2tp_log (LOG_DEBUG, "Session '%s' not up\n",
+ lac->entname);
+ break;
+ }
+ lac = lac->next;
+ }
+ if (lac)
+ break;
+ tunl = atoi (tunstr);
+ if (!tunl)
+ {
+ l2tp_log (LOG_DEBUG, "No such tunnel '%s'\n",
+ tunstr);
+ break;
+ }
#ifdef DEBUG_CONTROL
- l2tp_log (LOG_DEBUG, "%s: Attempting to disconnect tunnel %d\n",
- __FUNCTION__, tunl);
+ l2tp_log (LOG_DEBUG, "%s: Attempting to disconnect tunnel %d\n",
+ __FUNCTION__, tunl);
#endif
- lac_disconnect (tunl);
- break;
- case 's':
- show_status ();
- break;
- default:
- l2tp_log (LOG_DEBUG, "Unknown command %c\n",
- buf[0]);
- }
- }
+ lac_disconnect (tunl);
+ break;
+ case 's':
+ show_status ();
+ break;
+ default:
+ l2tp_log (LOG_DEBUG, "Unknown command %c\n",
+ buf[0]);
+ }
}
- /* Otherwise select goes nuts */
+
+ /* Otherwise select goes nuts. Yeah, this just seems wrong */
close (control_fd);
- control_fd = open (gconfig.controlfile, O_RDONLY | O_NONBLOCK, 0600);
- if (control_fd < 0)
- {
- l2tp_log (LOG_CRIT, "%s: Unable to open %s for reading.",
- __FUNCTION__, gconfig.controlfile);
- }
+ open_controlfd();
}
+
void usage(void) {
printf("Usage: l2tpd -D -c [config file] -s [secret file] -p [pid file] -C [control file]\n");
printf("\n");
exit(1);
}
@@ -1037,12 +1052,11 @@ void init_args(int argc, char *argv[]) {
}
void daemonize() {
int pid=0;
- int i,l;
- char buf[STRLEN];
+ int i;
#ifndef CONFIG_SNAPGEAR
if((pid = fork()) < 0) {
l2tp_log(LOG_LOG, "%s: Unable to fork ()\n",__FUNCTION__);
close(server_socket);
@@ -1060,10 +1074,16 @@ void daemonize() {
l2tp_log(LOG_LOG, "Redirect of stdout to /dev/null failed\n");
if (dup2(0, 2) == -1)
l2tp_log(LOG_LOG, "Redirect of stderr to /dev/null failed\n");
}
#endif
+}
+
+void consider_pidfile() {
+ int pid=0;
+ int i,l;
+ char buf[STRLEN];
/* Read previous pid file. */
i = open(gconfig.pidfile,O_RDONLY);
if (i < 0) {
/* l2tp_log(LOG_LOG, "%s: Unable to read pid file [%s]\n",
@@ -1098,11 +1118,27 @@ void daemonize() {
write (i, buf, strlen(buf));
close (i);
}
}
-
+static void open_controlfd()
+{
+ control_fd = open (gconfig.controlfile, O_RDONLY | O_NONBLOCK, 0600);
+ if (control_fd < 0)
+ {
+ l2tp_log (LOG_CRIT, "%s: Unable to open %s for reading.\n",
+ __FUNCTION__, gconfig.controlfile);
+ exit (1);
+ }
+
+ /* turn off O_NONBLOCK */
+ if(fcntl(control_fd, F_SETFL, O_RDONLY)==-1) {
+ l2tp_log(LOG_CRIT, "Can not turn off nonblocking mode for controlfd: %s\n",
+ strerror(errno));
+ exit(1);
+ }
+}
void init (int argc,char *argv[])
{
struct lac *lac;
struct in_addr listenaddr;
@@ -1124,26 +1160,28 @@ void init (int argc,char *argv[])
exit (1);
}
init_tunnel_list (&tunnels);
if (init_network ())
exit (1);
+
if (gconfig.daemon)
daemonize ();
+
+ consider_pidfile();
+
signal (SIGTERM, &death_handler);
signal (SIGINT, &death_handler);
signal (SIGCHLD, &child_handler);
signal (SIGUSR1, &status_handler);
signal (SIGHUP, &null_handler);
init_scheduler ();
+
+ unlink(gconfig.controlfile);
mkfifo (gconfig.controlfile, 0600);
- control_fd = open (gconfig.controlfile, O_RDONLY | O_NONBLOCK, 0600);
- if (control_fd < 0)
- {
- l2tp_log (LOG_CRIT, "%s: Unable to open %s for reading.",
- __FUNCTION__, gconfig.controlfile);
- exit (1);
- }
+
+ open_controlfd();
+
l2tp_log (LOG_LOG, "l2tpd version " SERVER_VERSION " started on %s PID:%d\n",
hostname, getpid ());
l2tp_log (LOG_LOG,
"Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.\n");
l2tp_log (LOG_LOG, "Forked by Scott Balmos and David Stipp, (C) 2001\n");
l2tpd-solaris.patch:
--- NEW FILE l2tpd-solaris.patch ---
diff-tree 4b265089250fa45cf123fc52a6b9492200913e33 (from 6b5bd2833d12585f2cf5d4c128438bb94ccd5a89)
Author: Michael Richardson <mcr at xelerance.com>
Date: Tue Nov 22 23:19:11 2005 -0500
add comments for what to do on Solaris
diff --git a/Makefile b/Makefile
--- a/Makefile
+++ b/Makefile
@@ -24,11 +24,11 @@
# -DTEST_HIDDEN makes Assigned Call ID sent as a hidden AVP
#
# Also look at the top of network.c for some other (eventually to
# become runtime options) debugging flags
#
-#DFLAGS= -g -O2 -DDEBUG_PPPD
+DFLAGS= -g -O2 -DDEBUG_PPPD -DDEBUG_PAYLOAD
#
# Uncomment the next line for Linux
#
OSFLAGS= -DLINUX
#
@@ -43,10 +43,11 @@ OSFLAGS= -DLINUX
# Uncomment the next line for Solaris. For solaris, at least,
# we don't want to specify -I/usr/include because it is in
# the basic search path, and will over-ride some gcc-specific
# include paths and cause problems.
#
+#CC=gcc
#OSFLAGS= -DSOLARIS
#OSLIBS= -lnsl -lsocket
#
# Feature flags
#
@@ -56,11 +57,12 @@ OSFLAGS= -DLINUX
FFLAGS= -DIP_ALLOCATION
CFLAGS+= $(DFLAGS) -O2 -fno-builtin -Wall -DSANITY $(OSFLAGS) $(FFLAGS)
HDRS=l2tp.h avp.h misc.h control.h call.h scheduler.h file.h aaa.h md5.h
OBJS=l2tpd.o pty.o misc.o control.o avp.o call.o network.o avpsend.o scheduler.o file.o aaa.o md5.o
-#LIBS= $(OSLIB) # -lefence # efence for malloc checking
+SRCS=${OBJS:.o=.c} ${HDRS}
+#LIBS= $(OSLIBS) # -lefence # efence for malloc checking
EXEC=l2tpd
BINDIR=/usr/sbin
all: $(EXEC)
@@ -74,5 +76,7 @@ romfs:
$(ROMFSINST) /bin/$(EXEC)
install: ${EXEC}
install --mode=0755 ${EXEC} ${DESTDIR}${BINDIR}
+TAGS: ${SRCS}
+ etags ${SRCS}
l2tpd-stopccn.patch:
--- NEW FILE l2tpd-stopccn.patch ---
diff-tree c61f0a0bd1a0c8029b7770e20950aa83c79a9a1f (from 4b265089250fa45cf123fc52a6b9492200913e33)
Author: Michael Richardson <mcr at xelerance.com>
Date: Tue Nov 22 23:20:38 2005 -0500
l2tp-patches/l2tpd-MSL2TP-StopCCN - make sure we compare against correct cid
diff --git a/control.c b/control.c
--- a/control.c
+++ b/control.c
@@ -666,16 +666,17 @@ int control_finish (struct tunnel *t, st
l2tp_log (LOG_DEBUG,
"%s: Peer tried to disconnect without specifying tunnel ID\n",
__FUNCTION__);
return -EINVAL;
}
- if ((t->qtid != t->tid) && (t->tid > 0))
+
+ if ((t->qtid != t->ourtid) && (t->ourtid > 0))
{
if (DEBUG)
l2tp_log (LOG_DEBUG,
"%s: Peer tried to disconnect with invalid TID (%d != %d)\n",
- __FUNCTION__, t->qtid, t->tid);
+ __FUNCTION__, t->qtid, t->ourtid);
return -EINVAL;
}
/* In case they're disconnecting immediately after SCCN */
if (!t->tid)
t->tid = t->qtid;
@@ -1067,18 +1068,20 @@ int control_finish (struct tunnel *t, st
"%s: Unable to determine call to be disconnected.\n",
__FUNCTION__);
return -EINVAL;
}
}
- else
+ else {
p = c;
- if ((c->qcid != p->cid) && p->cid > 0)
+ }
+
+ if ((c->qcid != p->cid) && p->ourcid > 0)
{
if (DEBUG)
l2tp_log (LOG_DEBUG,
"%s: Peer tried to disconnect with invalid CID (%d != %d)\n",
- __FUNCTION__, c->qcid, c->cid);
+ __FUNCTION__, c->qcid, c->ourcid);
return -EINVAL;
}
c->qcid = -1;
if (c->result < 0)
{
l2tpd-uaddr.patch:
--- NEW FILE l2tpd-uaddr.patch ---
diff-tree f09c91543dc84206a7a82db62bab09b8a52da44a (from df3ccc3ddfa5af6d0950f3308b546809947117fb)
Author: Michael Richardson <mcr at xelerance.com>
Date: Fri Nov 25 13:41:36 2005 -0500
remove definition of uaddr[] --- it is not needed at present
(cherry picked from 148ec348a69f28608d2bc671e96222a4c595d83d commit)
diff --git a/aaa.h b/aaa.h
--- a/aaa.h
+++ b/aaa.h
@@ -45,11 +45,10 @@ struct challenge
unsigned int vector_len;
int state; /* What state is challenge in? */
};
extern struct lns *get_lns (struct tunnel *);
-extern struct addr_ent *uaddr[];
extern unsigned int get_addr (struct iprange *);
extern void reserve_addr (unsigned int);
extern void unreserve_addr (unsigned int);
extern void init_addr ();
extern int handle_challenge (struct tunnel *, struct challenge *);
l2tpd-version.patch:
--- NEW FILE l2tpd-version.patch ---
diff --git a/Makefile b/Makefile
--- a/Makefile
+++ b/Makefile
@@ -58,10 +58,11 @@ FFLAGS= -DIP_ALLOCATION
CFLAGS+= $(DFLAGS) -O2 -fno-builtin -Wall -DSANITY $(OSFLAGS) $(FFLAGS)
HDRS=l2tp.h avp.h misc.h control.h call.h scheduler.h file.h aaa.h md5.h
OBJS=l2tpd.o pty.o misc.o control.o avp.o call.o network.o avpsend.o scheduler.o file.o aaa.o md5.o
#LIBS= $(OSLIB) # -lefence # efence for malloc checking
EXEC=l2tpd
+BINDIR=/usr/sbin
all: $(EXEC)
clean:
rm -f $(OBJS) $(EXEC)
@@ -70,5 +71,8 @@ $(EXEC): $(OBJS) $(HDRS)
$(CC) $(LDFLAGS) -o $@ $(OBJS) $(LDLIBS)
romfs:
$(ROMFSINST) /bin/$(EXEC)
+install: ${EXEC}
+ install --mode=0755 ${EXEC} ${DESTDIR}${BINDIR}
+
diff --git a/l2tp.h b/l2tp.h
--- a/l2tp.h
+++ b/l2tp.h
@@ -34,12 +34,12 @@ typedef unsigned long long _u64;
#include "common.h"
#define CONTROL_PIPE "/var/run/l2tp-control"
#define BINARY "l2tpd"
-#define SERVER_VERSION "0.69"
-#define VENDOR_NAME "l2tpd.org"
+#define SERVER_VERSION "0.69-FedoraExtra"
+#define VENDOR_NAME "FedoraExtra"
#ifndef PPPD
#define PPPD "/usr/sbin/pppd"
#endif
#define CALL_PPP_OPTS "defaultroute"
#define FIRMWARE_REV 0x0690 /* Revision of our firmware (software, in this case) */
--- NEW FILE l2tpd.conf ---
;
; This is a minimal sample l2tpd configuration file for use
; with L2TP over IPsec.
;
; The idea is to provide an L2TP daemon to which remote Windows L2TP/IPsec
; clients connect. In this example, the internal (protected) network
; is 192.168.1.0/24. A special IP range within this network is reserved
; for the remote clients: 192.168.1.128/25
; (i.e. 192.168.1.128 ... 192.168.1.254)
;
; The listen-addr parameter can be used if you want to bind the L2TP daemon
; to a specific IP address instead of to all interfaces. For instance,
; you could bind it to the interface of the internal LAN (e.g. 192.168.1.98
; in the example below). Yet another IP address (local ip, e.g. 192.168.1.99)
; will be used by l2tpd as its address on pppX interfaces.
[global]
; listen-addr = 192.168.1.98
[lns default]
ip range = 192.168.1.128-192.168.1.254
local ip = 192.168.1.99
require chap = yes
refuse pap = yes
require authentication = yes
name = LinuxVPNserver
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd
length bit = yes
--- NEW FILE l2tpd.init ---
#!/bin/sh
#
# l2tpd This shell script takes care of starting and stopping l2tpd.
#
# chkconfig: - 80 30
# description: Layer 2 Tunnelling Protocol Daemon (RFC 2661)
#
# processname: l2tpd
# config: /etc/l2tpd/l2tpd.conf
# pidfile: /var/run/l2tpd.pid
#Servicename
SERVICE=l2tpd
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
if [ ${NETWORKING} = "no" ]
then
exit 0
fi
[ -x /usr/sbin/$SERVICE ] || exit 0
RETVAL=0
start() {
echo -n "Starting $SERVICE: "
daemon $SERVICE
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$SERVICE
echo ""
return $RETVAL
}
stop() {
echo -n "Stopping $SERVICE: "
killproc $SERVICE
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$SERVICE
return $RETVAL
}
restart() {
stop
start
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status $SERVICE
RETVAL=$?
;;
restart|reload)
restart
;;
condrestart)
[ -f /var/lock/subsys/$SERVICE ] && restart || :
;;
*)
echo "Usage: $SERVICE {start|stop|status|restart|reload|condrestart}"
exit 1
esac
--- NEW FILE l2tpd.spec ---
%define cvs 20051030
Summary: Layer 2 Tunnelling Protocol Daemon (RFC 2661)
Name: l2tpd
Version: 0.69
Release: 0.1.%{cvs}.2
License: GPL
Url: http://sourceforge.net/projects/%{name}/
Group: System Environment/Daemons
# cvs is not available as tar ball on sourceforge.
# For cvs se: http://sourceforge.net/cvs/?group_id=18217
Source0: %{name}-%{version}.%{cvs}.tar.gz
Source1: %{name}.init
Source2: %{name}.conf
Source3: %{name}-options.l2tpd
Source4: %{name}-chapsecrets.sample
Patch0: %{name}-log.patch
Patch1: %{name}-version.patch
Patch2: %{name}-solaris.patch
Patch3: %{name}-stopccn.patch
Patch4: %{name}-move-pty-logic.patch
Patch5: %{name}-log-strerr.patch
Patch6: %{name}-socket.patch
Patch7: %{name}-async-sync.patch
Patch8: %{name}-nodebug-default.patch
Patch9: %{name}-moredebug.patch
Patch10: %{name}-max-retries.patch
Patch11: %{name}-uaddr.patch
Patch12: %{name}-gcc4-fixes.patch
Patch13: %{name}-changelog.patch
Patch14: %{name}-patents.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: ppp
Requires(post): /sbin/chkconfig
Requires(preun): /sbin/chkconfig, /sbin/service
Requires(postun): /sbin/service
%description
l2tpd is an implementation of the Layer 2 Tunnelling Protocol (RFC 2661).
L2TP allows you to tunnel PPP over UDP. Some ISPs use L2TP to tunnel user
sessions from dial-in servers (modem banks, ADSL DSLAMs) to back-end PPP
servers. Another important application is Virtual Private Networks where
the IPsec protocol is used to secure the L2TP connection (L2TP/IPsec,
RFC 3193). The L2TP/IPsec protocol is mainly used by Windows and
Mac OS X clients. On Linux, l2tpd can be used in combination with IPsec
implementations such as FreeS/WAN, Openswan, Strongswan and KAME.
Example configuration files for such a setup are included in this RPM.
l2tpd works by opening a pseudo-tty for communicating with pppd.
It runs completely in userspace.
%prep
%setup -q -n %{name}-%{version}.%{cvs}
%patch0 -p1 -b .log
%patch1 -p1 -b .version
%patch2 -p1 -b .solaris
%patch3 -p1 -b .stopccn
%patch4 -p1 -b .move-pty-logic
%patch5 -p1 -b .log-strerr
%patch6 -p1 -b .socket
%patch7 -p1 -b .async-sync
%patch8 -p1 -b .nodebug-default
%patch9 -p1 -b .moredebug
%patch10 -p1 -b .max-retries
%patch11 -p1 -b .uaddr
%patch12 -p1 -b .gcc4-fixes
%patch13 -p1 -b .changelog
%patch14 -p1 -b .patents
%build
make DFLAGS="$RPM_OPT_FLAGS -DDEBUG_PPPD -DDEBUG_CONTROL -DDEBUG_ENTROPY"
# Fix DOS file
tr -d '\r' <CREDITS >CREDITS.new && mv -f CREDITS.new CREDITS
%install
rm -rf %{buildroot}
# There's no 'install' rule in the Makefile, so let's do it manually
install -d %{buildroot}%{_sbindir}
install -m755 %{name} %{buildroot}%{_sbindir}
install -d %{buildroot}%{_mandir}/{man5,man8}
install -m644 doc/%{name}.conf.5 %{buildroot}%{_mandir}/man5
install -m644 doc/l2tp-secrets.5 %{buildroot}%{_mandir}/man5/
install -m644 doc/%{name}.8 %{buildroot}%{_mandir}/man8
install -d %{buildroot}%{_sysconfdir}/{%{name},ppp,ipsec.d}
install -m644 doc/%{name}.conf.sample %{buildroot}%{_sysconfdir}/%{name}/
install -m644 %{SOURCE2} %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
install -m644 %{SOURCE3} %{buildroot}%{_sysconfdir}/ppp/options.l2tpd
install -m600 doc/l2tp-secrets.sample %{buildroot}%{_sysconfdir}/%{name}/l2tp-secrets
install -d %{buildroot}%{_initrddir}
install -m755 %{SOURCE1} %{buildroot}%{_initrddir}/%{name}
install -m644 %{SOURCE4} .
%clean
rm -rf %{buildroot}
%post
/sbin/chkconfig --add %{name}
%preun
if [ $1 -eq 0 ]; then
/sbin/service %{name} stop > /dev/null 2>&1
/sbin/chkconfig --del %{name}
fi
%postun
if [ $1 -ge 1 ]; then
/sbin/service %{name} condrestart 2>&1 >/dev/null
fi
%files
%defattr(-,root,root,-)
%doc BUGS CHANGELOG CREDITS LICENSE README TODO doc/rfc2661.txt
%doc CHANGELOG.Xelerance README.patents l2tpd-chapsecrets.sample
%{_sbindir}/%{name}
%{_mandir}/*/*
%dir %{_sysconfdir}/%{name}
%config(noreplace) %{_sysconfdir}/%{name}/*
%config(noreplace) %{_sysconfdir}/ppp/*
%attr(0755,root,root) %{_initrddir}/%{name}
%changelog
* Wed Dec 14 2005 Paul Wouters <paul at xelerance.com> 0.69-0.1.20051030
- incorporated fixes from Dmitry Butskoy
* Sun Nov 27 2005 Paul Wouters <paul at xelerance.com> 0.69.20051030
- Pulled up sourceforget.net CVS fixes.
- various debugging added, but debugging should not be on by default.
- async/sync conversion routines must be ready for possibility that the read
will block due to routing loops.
- refactor control socket handling.
- move all logic about pty usage to pty.c. Try ptmx first, if it fails try
legacy ptys
- rename log() to l2tp_log(), as "log" is a math function.
- if we aren't deamonized, then log to stderr.
- added install: and DESTDIR support.
* Thu Oct 20 2005 Paul Wouters <paul at xelerance.com> 0.69-13
- Removed suse/mandrake specifics. Comply for Fedora Extras guidelines
* Tue Jun 21 2005 Jacco de Leeuw <jacco2 at dds.nl> 0.69-12jdl
- Added log() patch by Paul Wouters so that l2tpd compiles on FC4.
* Sat Jun 4 2005 Jacco de Leeuw <jacco2 at dds.nl>
- l2tpd.org has been hijacked. Project moved back to SourceForge:
http://l2tpd.sourceforge.net
* Tue May 3 2005 Jacco de Leeuw <jacco2 at dds.nl>
- Small Makefile fixes. Explicitly use gcc instead of cc.
Network services library was not linked on Solaris due to typo.
* Thu Mar 17 2005 Jacco de Leeuw <jacco2 at dds.nl> 0.69-11jdl
- Choosing between SysV or BSD style ptys is now configurable through
a compile-time boolean "unix98pty".
* Fri Feb 4 2005 Jacco de Leeuw <jacco2 at dds.nl>
- Added code from Roaring Penguin (rp-l2tp) to support SysV-style ptys.
Requires the N_HDLC kernel module.
* Fri Nov 26 2004 Jacco de Leeuw <jacco2 at dds.nl>
- Updated the README.
* Wed Nov 10 2004 Jacco de Leeuw <jacco2 at dds.nl> 0.69-10jdl
- Patch by Marald Klein and Roger Luethi. Fixes writing PID file.
(http://l2tpd.graffl.net/msg01790.html)
Long overdue. Rereleasing 10jdl.
* Tue Nov 9 2004 Jacco de Leeuw <jacco2 at dds.nl> 0.69-10jdl
- [SECURITY FIX] Added fix from Debian because of a bss-based
buffer overflow.
(http://www.mail-archive.com/l2tpd-devel@l2tpd.org/msg01071.html)
- Mandrake's FreeS/WAN, Openswan and Strongswan RPMS use configuration
directories /etc/{freeswan,openswan,strongswan}. Install our
configuration files to /etc/ipsec.d and create symbolic links in
those directories.
* Tue Aug 18 2004 Jacco de Leeuw <jacco2 at dds.nl>
- Removed 'leftnexthop=' lines. Not relevant for recent versions
of FreeS/WAN and derivates.
* Tue Jan 20 2004 Jacco de Leeuw <jacco2 at dds.nl> 0.69-9jdl
- Added "noccp" because of too much MPPE/CCP messages sometimes.
* Wed Dec 31 2003 Jacco de Leeuw <jacco2 at dds.nl>
- Added patch in order to prevent StopCCN messages.
* Sat Aug 23 2003 Jacco de Leeuw <jacco2 at dds.nl>
- MTU/MRU 1410 seems to be the lowest possible for MSL2TP.
For Windows 2000/XP it doesn't seem to matter.
- Typo in l2tpd.conf (192.168.128/25).
* Fri Aug 8 2003 Jacco de Leeuw <jacco2 at dds.nl> 0.69-8jdl
- Added MTU/MRU 1400 to options.l2tpd. I don't know the optimal
value but some apps had problems with the default value.
* Fri Aug 1 2003 Jacco de Leeuw <jacco2 at dds.nl>
- Added workaround for the missing hostname bug in the MSL2TP client
('Specify your hostname', error 629: "You have been disconnected
from the computer you are dialing").
* Thu Jul 20 2003 Jacco de Leeuw <jacco2 at dds.nl> 0.69-7jdl
- Added the "listen-addr" global parameter for l2tpd.conf. By
default, the daemon listens on *all* interfaces. Use
"listen-addr" if you want it to bind to one specific
IP address (interface), for security reasons. (See also:
http://www.jacco2.dds.nl/networking/freeswan-l2tp.html#Firewallwarning)
- Explained in l2tpd.conf that two different IP addresses should be
used for 'listen-addr' and 'local ip'.
- Modified init script. Upgrades should work better now. You
still need to start/chkconfig l2tpd manually.
- Renamed the example Openswan .conf files to better reflect
the situation. There are two variants using different portselectors.
Previously I thought Windows 2000/XP used portselector 17/0
and the rest used 17/1701. But with the release of an updated
IPsec client by Microsoft, it turns out that 17/0 must have
been a mistake: the updated client now also uses 17/1701.
* Mon Apr 10 2003 Jacco de Leeuw <jacco2 at dds.nl> 0.69-6jdl
- Changed sample chap-secrets to be valid only for specific
IP addresses.
* Thu Mar 13 2003 Bernhard Thoni <tech-role at tronicplanet.de>
- Adjustments for SuSE8.x (thanks, Bernhard!)
- Added sample chap-secrets.
* Thu Mar 6 2003 Jacco de Leeuw <jacco2 at dds.nl> 0.69-5jdl
- Replaced Dominique's patch by Damion de Soto's, which does not
depend on the N_HDLC kernel module.
* Wed Feb 26 2003 Jacco de Leeuw <jacco2 at dds.nl> 0.69-4jdl
- Seperate example config files for Win9x (MSL2TP) and Win2K/XP
due to left/rightprotoport differences.
Fixing preun for Red Hat.
* Mon Feb 3 2003 Jacco de Leeuw <jacco2 at dds.nl> 0.69-3jdl
- Mandrake uses /etc/freeswan/ instead of /etc/ipsec.d/
Error fixed: source6 was used for both PSK and CERT.
* Wed Jan 29 2003 Jacco de Leeuw <jacco2 at dds.nl> 0.69-3jdl
- Added Dominique Cressatti's pty patch in another attempt to
prevent the Windows 2000 Professional "loopback detected" error.
Seems to work!
* Wed Dec 25 2002 Jacco de Leeuw <jacco2 at dds.nl> 0.69-2jdl
- Added 'connect-delay' to PPP parameters in an attempt to
prevent the Windows 2000 Professional "loopback detected" error.
Didn't seem to work.
* Fri Dec 13 2002 Jacco de Leeuw <jacco2 at dds.nl> 0.69-1jdl
- Did not build on Red Hat 8.0. Solved by adding comments(?!).
Bug detected in spec file: chkconfig --list l2tpd does not work
on Red Hat 8.0. Not important enough to look into yet.
* Sun Nov 17 2002 Jacco de Leeuw <jacco2 at dds.nl> 0.69-1jdl
- Tested on Red Hat, required some changes. No gprintf. Used different
pty patch, otherwise wouldn't run. Added buildroot sanity check.
* Sun Nov 10 2002 Jacco de Leeuw <jacco2 at dds.nl>
- Specfile adapted from Mandrake Cooker. The original RPM can be
retrieved through:
http://www.rpmfind.net/linux/rpm2html/search.php?query=l2tpd
- Config path changed from /etc/l2tp/ to /etc/l2tpd/
(Seems more logical and rp-l2tp already uses /etc/l2tp/).
- Do not run at boot or install. The original RPM uses a config file
which is completely commented out, but it still starts l2tpd on all
interfaces. Could be a security risk. This RPM does not start l2tpd,
the sysadmin has to edit the config file and start l2tpd explicitly.
- Renamed patches to start with l2tpd-
- Added dependencies for pppd, glibc-devel.
- Use %{name} as much as possible.
- l2tp-secrets contains passwords, thus should not be world readable.
- Removed dependency on rpm-helper.
* Mon Oct 21 2002 Lenny Cartier <lenny at mandrakesoft.com> 0.69-3mdk
- from Per Øyvind Karlsen <peroyvind at delonic.no> :
- PreReq and Requires
- Fix preun_service
* Thu Oct 17 2002 Per Øyvind Karlsen <peroyvind at delonic.no> 0.69-2mdk
- Move l2tpd from /usr/bin to /usr/sbin
- Added SysV initscript
- Patch0
- Patch1
* Thu Oct 17 2002 Per Øyvind Karlsen <peroyvind at delonic.no> 0.69-1mdk
- Initial release
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/l2tpd/devel/.cvsignore,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- .cvsignore 15 Dec 2005 19:14:02 -0000 1.1
+++ .cvsignore 15 Dec 2005 19:15:33 -0000 1.2
@@ -0,0 +1 @@
+l2tpd-0.69.20051030.tar.gz
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/l2tpd/devel/sources,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- sources 15 Dec 2005 19:14:02 -0000 1.1
+++ sources 15 Dec 2005 19:15:33 -0000 1.2
@@ -0,0 +1 @@
+36144b856b70d58bdb4ac4805cb71bb2 l2tpd-0.69.20051030.tar.gz
More information about the fedora-extras-commits
mailing list