bakabtw/packages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

xl2tpd: moved to github

Browse Source 
git-svn-id: svn://svn.openwrt.org/openwrt/packages@41184 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
cyrus 2014-06-13 16:26:45 +00:00
parent 56c1241a0a
commit 7e63ae1490
13 changed files with 0 additions and 824 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
net/xl2tpd/Makefile
View File

@ -1,68 +0,0 @@
#
# Copyright (C) 2006-2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=xl2tpd
PKG_VERSION:=1.3.1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
# Host seems to be down.
#PKG_SOURCE_URL:=ftp://ftp.xelerance.com/xl2tpd/
PKG_MD5SUM:=cf61576fef5c2d6c68279a408ec1f0d5
PKG_SOURCE_URL:=http://pkgs.fedoraproject.org/lookaside/pkgs/xl2tpd/xl2tpd-$(PKG_VERSION).tar.gz/$(PKG_MD5SUM)/
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
define Package/xl2tpd
SECTION:=net
CATEGORY:=Network
TITLE:=An L2TP (Layer 2 Tunneling Protocol) daemon
URL:=http://www.xelerance.com/software/xl2tpd/
SUBMENU:=VPN
DEPENDS:=+ppp-mod-pppol2tp +ip +resolveip
endef
define Package/xl2tpd/description
l2tpd is the open source implementation of the L2TP tunneling protocol (RFC2661).
It does implement both LAC and LNS role in a L2TP networking architecture. The
main goal of this protocol is to tunnel PPP frame trough an IP network.
endef
# XXX: CFLAGS are already set by Build/Compile/Default
MAKE_FLAGS+= \
OFLAGS=""
define Package/xl2tpd/conffiles
/etc/xl2tpd/xl2tpd.conf
/etc/xl2tpd/xl2tp-secrets
/etc/ppp/options.xl2tpd
endef
define Package/xl2tpd/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/local/sbin/xl2tpd $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/local/sbin/xl2tpd-control $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/xl2tpd.init $(1)/etc/init.d/xl2tpd
$(INSTALL_DIR) $(1)/etc/xl2tpd
$(INSTALL_DATA) ./files/xl2tpd.conf $(1)/etc/xl2tpd/
$(INSTALL_CONF) ./files/xl2tp-secrets $(1)/etc/xl2tpd/
$(INSTALL_DIR) $(1)/etc/ppp
$(INSTALL_DATA) ./files/options.xl2tpd $(1)/etc/ppp/
$(INSTALL_DIR) $(1)/lib/netifd/proto
$(INSTALL_BIN) ./files/l2tp.sh $(1)/lib/netifd/proto
endef
$(eval $(call BuildPackage,xl2tpd))

23
net/xl2tpd/README
View File

@ -1,23 +0,0 @@
OpenWRT Package for xl2tpd
xl2tpd is a development from the original l2tpd package originally written by
Mark Spencer, subsequently forked by Scott Balmos and David Stipp, inherited
by Jeff McAdams, modified substantially by Jacco de Leeuw and then forked
again by Xelerance (after it was abandoned by l2tpd.org).
Rationale for inclusion in OpenWRT:
l2tpd has some serious alignment problems on RISC platforms. It also runs
purely in userspace.
Some of the features added in this fork include:
1. IPSec SA reference tracking inconjunction with openswan's IPSec transport
mode, which adds support for multiple clients behind the same NAT router
and multiple clients on the same internal IP behind different NAT routers.
2. Support for the pppol2tp kernel mode L2TP.
3. Alignment and endian problems resolved.
hcg

107
net/xl2tpd/files/l2tp.sh
View File

@ -1,107 +0,0 @@
#!/bin/sh
[ -x /usr/sbin/xl2tpd ] || exit 0
[ -n "$INCLUDE_ONLY" ] || {
. /lib/functions.sh
. ../netifd-proto.sh
init_proto "$@"
}
proto_l2tp_init_config() {
proto_config_add_string "username"
proto_config_add_string "password"
proto_config_add_string "keepalive"
proto_config_add_string "pppd_options"
proto_config_add_boolean "ipv6"
proto_config_add_int "mtu"
proto_config_add_string "server"
available=1
no_device=1
}
proto_l2tp_setup() {
local config="$1"
local iface="$2"
local optfile="/tmp/l2tp/options.${config}"
local ip serv_addr server
json_get_var server server && {
for ip in $(resolveip -t 5 "$server"); do
( proto_add_host_dependency "$config" "$ip" )
serv_addr=1
done
}
[ -n "$serv_addr" ] || {
echo "Could not resolve server address"
sleep 5
proto_setup_failed "$config"
exit 1
}
if [ ! -p /var/run/xl2tpd/l2tp-control ]; then
/etc/init.d/xl2tpd start
fi
json_get_vars ipv6 demand keepalive username password pppd_options
[ "$ipv6" = 1 ] || ipv6=""
if [ "${demand:-0}" -gt 0 ]; then
demand="precompiled-active-filter /etc/ppp/filter demand idle $demand"
else
demand="persist"
fi
[ -n "$mtu" ] || json_get_var mtu mtu
local interval="${keepalive##*[, ]}"
[ "$interval" != "$keepalive" ] || interval=5
mkdir -p /tmp/l2tp
echo "${keepalive:+lcp-echo-interval $interval lcp-echo-failure ${keepalive%%[, ]*}}" > "${optfile}"
echo "usepeerdns" >> "${optfile}"
echo "nodefaultroute" >> "${optfile}"
echo "${username:+user \"$username\" password \"$password\"}" >> "${optfile}"
echo "ipparam \"$config\"" >> "${optfile}"
echo "ifname \"l2tp-$config\"" >> "${optfile}"
echo "ip-up-script /lib/netifd/ppp-up" >> "${optfile}"
echo "ipv6-up-script /lib/netifd/ppp-up" >> "${optfile}"
echo "ip-down-script /lib/netifd/ppp-down" >> "${optfile}"
echo "ipv6-down-script /lib/netifd/ppp-down" >> "${optfile}"
# Don't wait for LCP term responses; exit immediately when killed.
echo "lcp-max-terminate 0" >> "${optfile}"
echo "${ipv6:++ipv6} ${pppd_options}" >> "${optfile}"
echo "${mtu:+mtu $mtu mru $mtu}" >> "${optfile}"
xl2tpd-control add l2tp-${config} pppoptfile=${optfile} lns=${server} redial=yes redial timeout=20
xl2tpd-control connect l2tp-${config}
}
proto_l2tp_teardown() {
local interface="$1"
local optfile="/tmp/l2tp/options.${interface}"
case "$ERROR" in
11|19)
proto_notify_error "$interface" AUTH_FAILED
proto_block_restart "$interface"
;;
2)
proto_notify_error "$interface" INVALID_OPTIONS
proto_block_restart "$interface"
;;
esac
xl2tpd-control disconnect l2tp-${interface}
# Wait for interface to go down
while [ -d /sys/class/net/l2tp-${interface} ]; do
sleep 1
done
xl2tpd-control remove l2tp-${interface}
rm -f ${optfile}
}
[ -n "$INCLUDE_ONLY" ] || {
add_protocol l2tp
}

13
net/xl2tpd/files/options.xl2tpd
View File

@ -1,13 +0,0 @@
#
lock
noauth
debug
dump
logfd 2
logfile /var/log/xl2tpd.log
noccp
novj
novjccomp
nopcomp
noaccomp

5
net/xl2tpd/files/xl2tp-secrets
View File

@ -1,5 +0,0 @@
# Secrets for authenticating l2tp tunnels
# us them secret
# * marko blah2
# zeus marko blah
# * * interop

23
net/xl2tpd/files/xl2tpd.conf
View File

@ -1,23 +0,0 @@
[global]
port = 1701
auth file = /etc/xl2tpd/xl2tp-secrets
access control = no
;[lns default]
;exclusive = yes
;ip range = 192.168.254.202-192.168.254.210
;lac = 10.0.1.2
;hidden bit = no
;local ip = 192.168.254.200
;length bit = yes
;refuse authentication = yes
;name = VersaLink
;ppp debug = yes
;pppoptfile = /etc/ppp/options.xl2tpd
;[lac left]
;lns = 10.0.1.2
;refuse authentication = yes
;name = VersaLink
;ppp debug = yes
;pppoptfile = /etc/ppp/options.xl2tpd

73
net/xl2tpd/files/xl2tpd.conf.sample
View File

@ -1,73 +0,0 @@
;
; Sample l2tpd configuration file
;
; This example file should give you some idea of how the options for l2tpd
; should work. The best place to look for a list of all options is in
; the source code itself, until I have the time to write better documetation :)
; Specifically, the file "file.c" contains a list of commands at the end.
;
; You most definitely don't have to spell out everything as it is done here
;
; [global] ; Global parameters:
; port = 1701 ; * Bind to port 1701
; auth file = /etc/xl2tpd/xl2tp-secrets ; * Where our challenge secrets are
; access control = yes ; * Refuse connections without IP match
; rand source = dev ; Source for entropy for random
; ; numbers, options are:
; ; dev - reads of /dev/urandom
; ; sys - uses rand()
; ; egd - reads from egd socket
; ; egd is not yet implemented
;
; [lns default] ; Our fallthrough LNS definition
; exclusive = no ; * Only permit one tunnel per host
; ip range = 192.168.0.1-192.168.0.20 ; * Allocate from this IP range
; no ip range = 192.168.0.3-192.168.0.9 ; * Except these hosts
; ip range = 192.168.0.5 ; * But this one is okay
; ip range = lac1-lac2 ; * And anything from lac1 to lac2's IP
; lac = 192.168.1.4 - 192.168.1.8 ; * These can connect as LAC's
; no lac = untrusted.marko.net ; * This guy can't connect
; hidden bit = no ; * Use hidden AVP's?
; local ip = 192.168.1.2 ; * Our local IP to use
; length bit = yes ; * Use length bit in payload?
; require chap = yes ; * Require CHAP auth. by peer
; refuse pap = yes ; * Refuse PAP authentication
; refuse chap = no ; * Refuse CHAP authentication
; refuse authentication = no ; * Refuse authentication altogether
; require authentication = yes ; * Require peer to authenticate
; unix authentication = no ; * Use /etc/passwd for auth.
; name = myhostname ; * Report this as our hostname
; ppp debug = no ; * Turn on PPP debugging
; pppoptfile = /etc/ppp/options.xl2tpd.lns ; * ppp options file
; call rws = 10 ; * RWS for call (-1 is valid)
; tunnel rws = 4 ; * RWS for tunnel (must be > 0)
; flow bit = yes ; * Include sequence numbers
; challenge = yes ; * Challenge authenticate peer ;
;
; [lac marko] ; Example VPN LAC definition
; lns = lns.marko.net ; * Who is our LNS?
; lns = lns2.marko.net ; * A backup LNS (not yet used)
; redial = yes ; * Redial if disconnected?
; redial timeout = 15 ; * Wait n seconds between redials
; max redials = 5 ; * Give up after n consecutive failures
; hidden bit = yes ; * User hidden AVP's?
; local ip = 192.168.1.1 ; * Force peer to use this IP for us
; remote ip = 192.168.1.2 ; * Force peer to use this as their IP
; length bit = no ; * Use length bit in payload?
; require pap = no ; * Require PAP auth. by peer
; require chap = yes ; * Require CHAP auth. by peer
; refuse pap = yes ; * Refuse PAP authentication
; refuse chap = no ; * Refuse CHAP authentication
; refuse authentication = no ; * Refuse authentication altogether
; require authentication = yes ; * Require peer to authenticate
; name = marko ; * Report this as our hostname
; ppp debug = no ; * Turn on PPP debugging
; pppoptfile = /etc/ppp/options.xl2tpd.marko ; * ppp options file for this lac
; call rws = 10 ; * RWS for call (-1 is valid)
; tunnel rws = 4 ; * RWS for tunnel (must be > 0)
; flow bit = yes ; * Include sequence numbers
; challenge = yes ; * Challenge authenticate peer
;
; [lac cisco] ; Another quick LAC
; lns = cisco.marko.net ; * Required, but can take from default
; require authentication = yes

18
net/xl2tpd/files/xl2tpd.init
View File

@ -1,18 +0,0 @@
#!/bin/sh /etc/rc.common
# Copyright (C) 2006-2010 OpenWrt.org
START=60
BIN=xl2tpd
DEFAULT=/etc/default/$BIN
RUN_D=/var/run
PID_F=$RUN_D/$BIN.pid
start() {
mkdir -p $RUN_D/$BIN
[ -f $DEFAULT ] && . $DEFAULT
$BIN $OPTIONS
}
stop() {
[ -f $PID_F ] && kill $(cat $PID_F)
}

12
net/xl2tpd/patches/100-makefile_opt_flags.patch
View File

@ -1,12 +0,0 @@
--- a/Makefile
+++ b/Makefile
@@ -90,7 +90,8 @@ OSFLAGS?= -DLINUX -I$(KERNELSRC)/include
IPFLAGS?= -DIP_ALLOCATION
-CFLAGS+= $(DFLAGS) -O2 -fno-builtin -Wall -DSANITY $(OSFLAGS) $(IPFLAGS)
+OFLAGS=-O2
+CFLAGS+= $(DFLAGS) $(OFLAGS) -fno-builtin -Wall -DSANITY $(OSFLAGS) $(IPFLAGS)
HDRS=l2tp.h avp.h misc.h control.h call.h scheduler.h file.h aaa.h md5.h
OBJS=xl2tpd.o pty.o misc.o control.o avp.o call.o network.o avpsend.o scheduler.o file.o aaa.o md5.o
SRCS=${OBJS:.o=.c} ${HDRS}

43
net/xl2tpd/patches/110-makefile_dont_build_pfc.patch
View File

@ -1,43 +0,0 @@
--- a/Makefile
+++ b/Makefile
@@ -106,10 +106,10 @@ BINDIR?=$(DESTDIR)${PREFIX}/bin
MANDIR?=$(DESTDIR)${PREFIX}/share/man
-all: $(EXEC) pfc $(CONTROL_EXEC)
+all: $(EXEC) $(CONTROL_EXEC)
clean:
- rm -f $(OBJS) $(EXEC) pfc.o pfc $(CONTROL_EXEC)
+ rm -f $(OBJS) $(EXEC) $(CONTROL_EXEC)
$(EXEC): $(OBJS) $(HDRS)
$(CC) $(LDFLAGS) -o $@ $(OBJS) $(LDLIBS)
@@ -117,14 +117,10 @@ $(EXEC): $(OBJS) $(HDRS)
$(CONTROL_EXEC): $(CONTROL_SRCS)
$(CC) $(CONTROL_SRCS) -o $@
-pfc:
- $(CC) $(CFLAGS) -c contrib/pfc.c
- $(CC) $(LDFLAGS) -o pfc pfc.o -lpcap $(LDLIBS)
-
romfs:
$(ROMFSINST) /bin/$(EXEC)
-install: ${EXEC} pfc ${CONTROL_EXEC}
+install: ${EXEC} ${CONTROL_EXEC}
install -d -m 0755 ${SBINDIR}
install -m 0755 $(EXEC) ${SBINDIR}/$(EXEC)
install -d -m 0755 ${MANDIR}/man5
@@ -132,11 +128,6 @@ install: ${EXEC} pfc ${CONTROL_EXEC}
install -m 0644 doc/xl2tpd.8 ${MANDIR}/man8/
install -m 0644 doc/xl2tpd.conf.5 doc/l2tp-secrets.5 \
${MANDIR}/man5/
- # pfc
- install -d -m 0755 ${BINDIR}
- install -m 0755 pfc ${BINDIR}/pfc
- install -d -m 0755 ${MANDIR}/man1
- install -m 0644 contrib/pfc.1 ${MANDIR}/man1/
# control exec
install -d -m 0755 ${SBINDIR}
install -m 0755 $(CONTROL_EXEC) ${SBINDIR}/$(CONTROL_EXEC)

417
net/xl2tpd/patches/120-kernel-mode-l2tp.patch
View File

@ -1,417 +0,0 @@
--- a/Makefile
+++ b/Makefile
@@ -62,8 +62,8 @@ OSFLAGS?= -DLINUX -I$(KERNELSRC)/include
# are packages seperately (eg kernel-headers on Fedora)
# Note: 2.6.23+ support still needs some changes in the xl2tpd source
#
-#OSFLAGS+= -DUSE_KERNEL
-#
+# Kernel mode fixed by sigwall <fionov@gmail.com>
+OSFLAGS+= -DUSE_KERNEL
#
# Uncomment the next line for FreeBSD
#
--- a/call.c
+++ b/call.c
@@ -680,6 +680,8 @@ struct call *get_call (int tunnel, int c
st->peer.sin_port = port;
st->refme = refme;
st->refhim = refhim;
+ st->udp_fd = -1;
+ st->pppox_fd = -1;
bcopy (&addr, &st->peer.sin_addr, sizeof (addr));
st->next = tunnels.head;
tunnels.head = st;
--- a/control.c
+++ b/control.c
@@ -596,6 +596,9 @@ int control_finish (struct tunnel *t, st
if (gconfig.debug_state)
l2tp_log (LOG_DEBUG, "%s: sending SCCCN\n", __FUNCTION__);
control_xmit (buf);
+
+ connect_pppol2tp(t);
+
/* Schedule a HELLO */
tv.tv_sec = HELLO_DELAY;
tv.tv_usec = 0;
@@ -608,6 +611,7 @@ int control_finish (struct tunnel *t, st
"Connection established to %s, %d. Local: %d, Remote: %d (ref=%u/%u).\n",
IPADDY (t->peer.sin_addr),
ntohs (t->peer.sin_port), t->ourtid, t->tid, t->refme, t->refhim);
+
if (t->lac)
{
/* This is part of a LAC, so we want to go ahead
@@ -635,6 +639,9 @@ int control_finish (struct tunnel *t, st
IPADDY (t->peer.sin_addr),
ntohs (t->peer.sin_port), t->ourtid, t->tid, t->refme, t->refhim,
t->lns->entname);
+
+ connect_pppol2tp(t);
+
/* Schedule a HELLO */
tv.tv_sec = HELLO_DELAY;
tv.tv_usec = 0;
--- a/l2tp.h
+++ b/l2tp.h
@@ -167,6 +167,8 @@ struct tunnel
int ourrws; /* Receive Window Size */
int rxspeed; /* Receive bps */
int txspeed; /* Transmit bps */
+ int udp_fd; /* UDP fd */
+ int pppox_fd; /* PPPOX tunnel fd */
struct call *self;
struct lns *lns; /* LNS that owns us */
struct lac *lac; /* LAC that owns us */
@@ -220,6 +222,7 @@ extern void control_xmit (void *);
extern int ppd;
extern int switch_io; /* jz */
extern int control_fd;
+extern int connect_pppol2tp(struct tunnel *t);
extern int start_pppd (struct call *c, struct ppp_opts *);
extern void magic_lac_dial (void *);
extern int get_entropy (unsigned char *, int);
--- a/linux/include/linux/if_pppol2tp.h
+++ b/linux/include/linux/if_pppol2tp.h
@@ -2,7 +2,7 @@
* Linux PPP over L2TP (PPPoL2TP) Socket Implementation (RFC 2661)
*
* This file supplies definitions required by the PPP over L2TP driver
- * (pppol2tp.c). All version information wrt this file is located in pppol2tp.c
+ * (l2tp_ppp.c). All version information wrt this file is located in l2tp_ppp.c
*
* License:
* This program is free software; you can redistribute it and/or
@@ -15,18 +15,13 @@
#ifndef __LINUX_IF_PPPOL2TP_H
#define __LINUX_IF_PPPOL2TP_H
-#include <asm/types.h>
-
-#ifdef __KERNEL__
-#include <linux/in.h>
-#endif
+#include <linux/types.h>
/* Structure used to connect() the socket to a particular tunnel UDP
- * socket.
+ * socket over IPv4.
*/
-struct pppol2tp_addr
-{
- pid_t pid; /* pid that owns the fd.
+struct pppol2tp_addr {
+ __kernel_pid_t pid; /* pid that owns the fd.
* 0 => current */
int fd; /* FD of UDP socket to use */
@@ -36,6 +31,45 @@ struct pppol2tp_addr
__u16 d_tunnel, d_session; /* For sending outgoing packets */
};
+/* Structure used to connect() the socket to a particular tunnel UDP
+ * socket over IPv6.
+ */
+struct pppol2tpin6_addr {
+ __kernel_pid_t pid; /* pid that owns the fd.
+ * 0 => current */
+ int fd; /* FD of UDP socket to use */
+
+ __u16 s_tunnel, s_session; /* For matching incoming packets */
+ __u16 d_tunnel, d_session; /* For sending outgoing packets */
+
+ struct sockaddr_in6 addr; /* IP address and port to send to */
+};
+
+/* The L2TPv3 protocol changes tunnel and session ids from 16 to 32
+ * bits. So we need a different sockaddr structure.
+ */
+struct pppol2tpv3_addr {
+ __kernel_pid_t pid; /* pid that owns the fd.
+ * 0 => current */
+ int fd; /* FD of UDP or IP socket to use */
+
+ struct sockaddr_in addr; /* IP address and port to send to */
+
+ __u32 s_tunnel, s_session; /* For matching incoming packets */
+ __u32 d_tunnel, d_session; /* For sending outgoing packets */
+};
+
+struct pppol2tpv3in6_addr {
+ __kernel_pid_t pid; /* pid that owns the fd.
+ * 0 => current */
+ int fd; /* FD of UDP or IP socket to use */
+
+ __u32 s_tunnel, s_session; /* For matching incoming packets */
+ __u32 d_tunnel, d_session; /* For sending outgoing packets */
+
+ struct sockaddr_in6 addr; /* IP address and port to send to */
+};
+
/* Socket options:
* DEBUG - bitmask of debug message categories
* SENDSEQ - 0 => don't send packets with sequence numbers
@@ -66,4 +100,4 @@ enum {
-#endif
+#endif /* __LINUX_IF_PPPOL2TP_H */
--- a/network.c
+++ b/network.c
@@ -45,6 +45,7 @@ int init_network (void)
server.sin_family = AF_INET;
server.sin_addr.s_addr = gconfig.listenaddr;
server.sin_port = htons (gconfig.port);
+ int flags;
if ((server_socket = socket (PF_INET, SOCK_DGRAM, 0)) < 0)
{
l2tp_log (LOG_CRIT, "%s: Unable to allocate socket. Terminating.\n",
@@ -52,6 +53,10 @@ int init_network (void)
return -EINVAL;
};
+ flags = 1;
+ setsockopt(server_socket, SOL_SOCKET, SO_REUSEADDR, &flags, sizeof(flags));
+ setsockopt(server_socket, SOL_SOCKET, SO_NO_CHECK, &flags, sizeof(flags));
+
if (bind (server_socket, (struct sockaddr *) &server, sizeof (server)))
{
close (server_socket);
@@ -321,6 +326,11 @@ int build_fdset (fd_set *readfds)
while (tun)
{
+ if (tun->udp_fd > -1) {
+ if (tun->udp_fd > max)
+ max = tun->udp_fd;
+ FD_SET (tun->udp_fd, readfds);
+ }
call = tun->call_head;
while (call)
{
@@ -390,6 +400,8 @@ void network_thread ()
struct iovec iov;
char cbuf[256];
unsigned int refme, refhim;
+ int * currentfd;
+ int server_socket_processed;
/* This one buffer can be recycled for everything except control packets */
buf = new_buf (MAX_RECV_SIZE);
@@ -428,7 +440,21 @@ void network_thread ()
{
do_control ();
}
- if (FD_ISSET (server_socket, &readfds))
+ server_socket_processed = 0;
+ currentfd = NULL;
+ st = tunnels.head;
+ while (st || !server_socket_processed) {
+ if (st && (st->udp_fd == -1)) {
+ st=st->next;
+ continue;
+ }
+ if (st) {
+ currentfd = &st->udp_fd;
+ } else {
+ currentfd = &server_socket;
+ server_socket_processed = 1;
+ }
+ if (FD_ISSET (*currentfd, &readfds))
{
/*
* Okay, now we're ready for reading and processing new data.
@@ -457,12 +483,19 @@ void network_thread ()
msgh.msg_flags = 0;
/* Receive one packet. */
- recvsize = recvmsg(server_socket, &msgh, 0);
+ recvsize = recvmsg(*currentfd, &msgh, 0);
if (recvsize < MIN_PAYLOAD_HDR_LEN)
{
if (recvsize < 0)
{
+ if (errno == ECONNREFUSED) {
+ close(*currentfd);
+ }
+ if ((errno == ECONNREFUSED) ||
+ (errno == EBADF)) {
+ *currentfd = -1;
+ }
if (errno != EAGAIN)
l2tp_log (LOG_WARNING,
"%s: recvfrom returned error %d (%s)\n",
@@ -567,6 +600,8 @@ void network_thread ()
}
};
}
+ if (st) st=st->next;
+ }
/*
* finished obvious sources, look for data from PPP connections.
@@ -639,3 +674,82 @@ void network_thread ()
}
}
+
+int connect_pppol2tp(struct tunnel *t) {
+#ifdef USE_KERNEL
+ if (kernel_support) {
+ int ufd = -1, fd2 = -1;
+ int flags;
+ struct sockaddr_pppol2tp sax;
+
+ struct sockaddr_in server;
+ server.sin_family = AF_INET;
+ server.sin_addr.s_addr = gconfig.listenaddr;
+ server.sin_port = htons (gconfig.port);
+ if ((ufd = socket (PF_INET, SOCK_DGRAM, 0)) < 0)
+ {
+ l2tp_log (LOG_CRIT, "%s: Unable to allocate UDP socket. Terminating.\n",
+ __FUNCTION__);
+ return -EINVAL;
+ };
+
+ flags=1;
+ setsockopt(ufd, SOL_SOCKET, SO_REUSEADDR, &flags, sizeof(flags));
+ setsockopt(ufd, SOL_SOCKET, SO_NO_CHECK, &flags, sizeof(flags));
+
+ if (bind (ufd, (struct sockaddr *) &server, sizeof (server)))
+ {
+ close (ufd);
+ l2tp_log (LOG_CRIT, "%s: Unable to bind UDP socket: %s. Terminating.\n",
+ __FUNCTION__, strerror(errno), errno);
+ return -EINVAL;
+ };
+ server = t->peer;
+ flags = fcntl(ufd, F_GETFL);
+ if (flags == -1 || fcntl(ufd, F_SETFL, flags | O_NONBLOCK) == -1) {
+ l2tp_log (LOG_WARNING, "%s: Unable to set UDP socket nonblock.\n",
+ __FUNCTION__);
+ return -EINVAL;
+ }
+ if (connect (ufd, (struct sockaddr *) &server, sizeof(server)) < 0) {
+ l2tp_log (LOG_CRIT, "%s: Unable to connect UDP peer. Terminating.\n",
+ __FUNCTION__);
+ return -EINVAL;
+ }
+
+ t->udp_fd=ufd;
+
+ fd2 = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP);
+ if (fd2 < 0) {
+ l2tp_log (LOG_WARNING, "%s: Unable to allocate PPPoL2TP socket.\n",
+ __FUNCTION__);
+ return -EINVAL;
+ }
+ flags = fcntl(fd2, F_GETFL);
+ if (flags == -1 || fcntl(fd2, F_SETFL, flags | O_NONBLOCK) == -1) {
+ l2tp_log (LOG_WARNING, "%s: Unable to set PPPoL2TP socket nonblock.\n",
+ __FUNCTION__);
+ return -EINVAL;
+ }
+ sax.sa_family = AF_PPPOX;
+ sax.sa_protocol = PX_PROTO_OL2TP;
+ sax.pppol2tp.pid = 0;
+ sax.pppol2tp.fd = t->udp_fd;
+ sax.pppol2tp.addr.sin_addr.s_addr = t->peer.sin_addr.s_addr;
+ sax.pppol2tp.addr.sin_port = t->peer.sin_port;
+ sax.pppol2tp.addr.sin_family = AF_INET;
+ sax.pppol2tp.s_tunnel = t->ourtid;
+ sax.pppol2tp.s_session = 0;
+ sax.pppol2tp.d_tunnel = t->tid;
+ sax.pppol2tp.d_session = 0;
+ if ((connect(fd2, (struct sockaddr *)&sax, sizeof(sax))) < 0) {
+ l2tp_log (LOG_WARNING, "%s: Unable to connect PPPoL2TP socket. %d %s\n",
+ __FUNCTION__, errno, strerror(errno));
+ close(fd2);
+ return -EINVAL;
+ }
+ t->pppox_fd = fd2;
+ }
+#endif
+ return 0;
+}
--- a/xl2tpd.c
+++ b/xl2tpd.c
@@ -278,7 +278,11 @@ void death_handler (int signal)
struct tunnel *st, *st2;
int sec;
l2tp_log (LOG_CRIT, "%s: Fatal signal %d received\n", __FUNCTION__, signal);
+#ifdef USE_KERNEL
+ if (kernel_support || signal != SIGTERM) {
+#else
if (signal != SIGTERM) {
+#endif
st = tunnels.head;
while (st)
{
@@ -349,7 +353,7 @@ int start_pppd (struct call *c, struct p
int flags;
#endif
int pos = 1;
- int fd2;
+ int fd2 = -1;
#ifdef DEBUG_PPPD
int x;
#endif
@@ -397,7 +401,7 @@ int start_pppd (struct call *c, struct p
sax.sa_family = AF_PPPOX;
sax.sa_protocol = PX_PROTO_OL2TP;
sax.pppol2tp.pid = 0;
- sax.pppol2tp.fd = server_socket;
+ sax.pppol2tp.fd = c->container->udp_fd;
sax.pppol2tp.addr.sin_addr.s_addr = c->container->peer.sin_addr.s_addr;
sax.pppol2tp.addr.sin_port = c->container->peer.sin_port;
sax.pppol2tp.addr.sin_family = AF_INET;
@@ -408,6 +412,7 @@ int start_pppd (struct call *c, struct p
if (connect(fd2, (struct sockaddr *)&sax, sizeof(sax)) < 0) {
l2tp_log (LOG_WARNING, "%s: Unable to connect PPPoL2TP socket.\n",
__FUNCTION__);
+ close(fd2);
return -EINVAL;
}
stropt[pos++] = strdup ("plugin");
@@ -484,7 +489,7 @@ int start_pppd (struct call *c, struct p
dup2 (fd2, 0);
dup2 (fd2, 1);
close(fd2);
-
+ }
/* close all the calls pty fds */
st = tunnels.head;
while (st)
@@ -492,12 +497,17 @@ int start_pppd (struct call *c, struct p
sc = st->call_head;
while (sc)
{
- close (sc->fd);
+#ifdef USE_KERNEL
+ if (kernel_support) {
+ close(st->udp_fd); /* tunnel UDP fd */
+ close(st->pppox_fd); /* tunnel PPPoX fd */
+ } else
+#endif
+ close (sc->fd); /* call pty fd */
sc = sc->next;
}
st = st->next;
}
- }
/* close the UDP socket fd */
close (server_socket);
@@ -615,6 +625,10 @@ void destroy_tunnel (struct tunnel *t)
the memory pointed to by t->chal_us.vector at some other place */
if (t->chal_them.vector)
free (t->chal_them.vector);
+ if (t->pppox_fd > -1 )
+ close (t->pppox_fd);
+ if (t->udp_fd > -1 )
+ close (t->udp_fd);
free (t);
free (me);
}

11
net/xl2tpd/patches/130-no-kill-ipparam.patch
View File

@ -1,11 +0,0 @@
--- a/control.c
+++ b/control.c
@@ -905,8 +905,6 @@ int control_finish (struct tunnel *t, st
po = add_opt (po, c->lac->pppoptfile);
}
};
- po = add_opt (po, "ipparam");
- po = add_opt (po, IPADDY (t->peer.sin_addr));
start_pppd (c, po);
opt_destroy (po);
if (c->lac)

11
net/xl2tpd/patches/140-control_src_cflags.patch
View File

@ -1,11 +0,0 @@
--- a/Makefile
+++ b/Makefile
@@ -115,7 +115,7 @@ $(EXEC): $(OBJS) $(HDRS)
$(CC) $(LDFLAGS) -o $@ $(OBJS) $(LDLIBS)
$(CONTROL_EXEC): $(CONTROL_SRCS)
- $(CC) $(CONTROL_SRCS) -o $@
+ $(CC) $(CFLAGS) $(CONTROL_SRCS) -o $@
romfs:
$(ROMFSINST) /bin/$(EXEC)