diff --git a/.gitignore b/.gitignore index 6393f0d1..07b81d57 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,8 @@ *.o *~ *.bak +*.sw? +tags xl2tpd xl2tpd-control pfc -tags diff --git a/.travis.yml b/.travis.yml index 4c4b3451..eb9eb088 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,9 +1,25 @@ -os: - - linux - language: c -compiler: - - gcc + +jobs: + include: + - os: linux + dist: xenial + compiler: gcc + - os: linux + dist: xenial + compiler: clang + - os: linux + dist: bionic + compiler: gcc + - os: linux + dist: bionic + compiler: clang + - os: linux + dist: focal + compiler: gcc + - os: linux + dist: focal + compiler: clang sudo: false @@ -17,10 +33,12 @@ addons: cache: directories: - - $HOME/.ccache + - $HOME/.ccache before_script: - make clean + - make clean script: - make + - make + - ./xl2tpd-control --version + - ./xl2tpd-control --help diff --git a/CHANGES b/CHANGES index 6a26f041..1407daa9 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,75 @@ +v1.3.16 (October 23, 2020) +* Re-add braces for if-else that have only statement [Samir Hussain] +* xl2tpd-control refactoring [Alexander Naumov] +* fix travis 'script' syntax [Alexander Naumov] +* adding xl2tpd-control tests to travis [Alexander Naumov] +* Re-adding text giving more inofrmation about using ipsec with xl2tpd [Samir Hussain] +* Update README: typo, links to RFC, link to travis [Alexander Naumov] +* Travis will test different compiler on linux distro [Samir Hussain] +* Update travis for proper matrix [Samir Hussain] +* Add Focal to travis testing [Samir Hussain] +* yet another man-page update [Alexander Naumov] +* update man-pages, fix typo [Alexander Naumov] +* set_flow: result of operation is garbage or undefined [Alexander Naumov] +* Update README [Alexander Naumov] +* adding xl2tpd.init.patch [Alexander Naumov] +* adding Makefile.patch [Alexander Naumov] +* moving changes to separate file [Alexander Naumov] +* sync/update spec file with official SUSE version [Alexander Naumov] +* Set IP_PKTINFO even if setting of IPPROTO_IP fails (as it was in 1.3.9) [shadyhh] +* Update .gitignore vim swap file [Samir Hussain] +* Travis will test supported Ubuntu LTS distros [Samir Hussain] +* Updating COMPATABILITY_ISSUES with info on Miktrotik servers [Samir Hussain] +* Add work around for Android 10 maxium retries in COMPATIBILITY_ISSUES [Samir Hussain] +* Add compatability issues with Ciso ASA [Samir Hussain] + +v1.3.15 (October 13, 2019) +* Fix spacing of CONTRIBUTION.md [Samir Hussain] +* Add CONTRIBUTION.md [Samir Hussain] +* Specify missing log arguments [Patch by github user: 川島和津実] +* Use matrix for .travis.yaml to test for multiple Linux distro [Samir Hussain] +* Fixing .travis.yaml spacing warning [Samir Hussain] +* Sockopt bug fix for multiple IP's [JDTX] +* Add Clang as compiler test for travis [Samir Hussain] +* Add info on building and installing xl2tpd [Samir Hussain] + +v1.3.14 (April 17, 2019) +* osport.h: replace SUSv3-specific functions by POSIX variants [Fabrice Fontaine] +* avp: Error Code field in Result Code AVP is optional [Pau Espin Pedrol] +* network_thread: Early continue in loop to remove huge indented block [Pau Espin Pedrol] +* network_thread: Simplify while loop using for loop [Pau Espin Pedrol] +* network: connect_pppol2tp: early return to avoid huge indentation block [Pau Espin Pedrol] +* xl2tpd: start_pppd: Fix truncation of last character [Pau Espin Pedrol] +* handle_packet: Remove unneded else clause when handling payload [Pau Espin Pedrol] +* control: Split control message handling into its own function [Pau Espin Pedrol] +* handle_packet: Rearrange code flow to simplify it [Pau Espin Pedrol] +* avp: Early failure if no handler to remove indent block [Pau Espin Pedrol] +* xl2tpd: Mark internal symbols as static [Pau Espin Pedrol] +* Fix indentation and whitespace in code block [Pau Espin Pedrol] +* xl2tpd: Remove unused variable [Pau Espin Pedrol] +* network: Add missing close(kernel_fd) on init network failure [Pau Espin Pedrol] +* network: Add missing close(server_fd) on init network failure [Pau Espin Pedrol] +* Add 'cap backoff' option, limiting exponential backoff retries will + be delayed by exponentially longer time, unless that time is capped + by configuration. [Bart Trojanowski] +* Add program to show status icon in system tray. [Github user: username34] +* Add info on building and installing xl2tpd [Samir Hussain] +* Update formatting of README.md [Samir Hussain] +* Rename README.xl2tpd to README.md [Samir Hussain] +* Update Debian changelog [Samir Hussain] + +v1.3.13 (December 3, 2018) +* Specify email address for reporting security vulnerabilities [Samir Hussain] +* Fix compile warning with USE_KERNEL in xl2tpd.c [Samir Hussain] +* Applying patch that reduces compile warnings and fixes warnings from gcc and clang. [Gareth Ansell] +* Fix compiler warnings in network.c [Gareth Ansell] +* Add a make command for packaging's prep work [Samir Hussain] +* Add Makefile directive for getting version [Samir Hussain] +* Add a preproc for Watchguard firewall (Github issue #136) [daniel1111] +* Convert from ISO-8859 to UTF-8 [Simon Deziel] +* Update README to provide latest info on xl2tpd + Linux kernel 4.15+ [Samir Hussain] +* Use dh_auto_build in order to allow cross compiles [Helmut Grohne] + v1.3.12 (May 18, 2018) * TOS value to copy to the tunnel header (Yurkovskyy) * Fix for ENODEV (No such device) error with Linux kernel 4.15 (Douglas Kosovic) diff --git a/COMPATIBILITY_ISSUES b/COMPATIBILITY_ISSUES new file mode 100644 index 00000000..9e1c9309 --- /dev/null +++ b/COMPATIBILITY_ISSUES @@ -0,0 +1,29 @@ +* Android 9 & 10 fails on maximum retries exceeded for tunnel + +There are reports that with Android 9 & 10, some users are getting "Maximum retries" +error messages. It seems to related to some of the phones not responding to +L2TP keepalive heartbeats + +A possible work around is to use the max_retries option. Using "max retries" +in the xl2tpd.conf (e.g. max retries = 100) has known to work for some +users. Alternatively, another works around is to not to enable L2TP +keepalive on the VPN servers. + +For more information, please refer to: https://github.com/xelerance/xl2tpd/issues/191 + +* Issues with Cisco ASA + +Some users are reporting that newer version of xl2tpd (1.310 onward) are +not able to connect to Cisco ASA. + +A possible work around is to use x2ltpd 1.39 and disable use of kernel module +(comment out the directive OSFLAGS+= -DUSE_KERNEL -D in the Makefile) + +For more information, please refer to: https://github.com/xelerance/xl2tpd/issues/187 + +* AVP is incorrect size issues with Miktrotik server + +There are reports of problems connecting to Miktrotik server. + +Github user reported that the following configuration works for them: +https://github.com/xelerance/xl2tpd/issues/156#issuecomment-678674101 diff --git a/CONTRIBUTION.md b/CONTRIBUTION.md new file mode 100644 index 00000000..807222d0 --- /dev/null +++ b/CONTRIBUTION.md @@ -0,0 +1,44 @@ +# Contributing to xl2tpd + +First of, thank you for taking the time to contribute. + +*Before spending a lot of time on something, please ask for feedback on your +idea first!* You can ask in the [mailing list](https://lists.openswan.org/cgi-bin/mailman/listinfo/xl2tpd) +or create an [issue](https://github.com/xelerance/xl2tpd/issues). + +This project welcomes contribution from the community! Here are a few +suggestions: + +* Update the [ipv6 branch](https://github.com/xelerance/xl2tpd/tree/ipv6). + It needs to be tested and updated (it has diverged from master quite a bit). +* Test and fix up the [libevent branch](https://github.com/xelerance/xl2tpd/tree/libevent). + There have been reports of crashes. They need to be investigated. User can + get more information with the custom *--debug-signals* and + *--debug-libevent* option (which is only in this branch) + +## **Did you find a bug?** + +To report a security issue please send an e-mail to security@xelerance.com + +For non-security problems, ensure the bug was not already reported by +searching on GitHub under "[Issues](https://github.com/xelerance/xl2tpd/issues)" +and "[Pull requests](https://github.com/xelerance/xl2tpd/pulls)". + +When reporting an issue, please provide output and the content of the logs. + +## **Did you write a patch that fixes a bug?** + +* Open a new GitHub pull request with the patch. +* Ensure the PR description clearly describes the problem and solution. + Include the relevant issue number if applicable. +* Always write a clear log message for your commits. One-line messages are + fine for small changes, but bigger changes should look like this: + + $ git commit -m "A brief summary of the commit + > + > A paragraph describing what changed and its impact." + + $ git commit -m "A brief summary of the commit + > + > A paragraph describing what changed and its impact." + diff --git a/Makefile b/Makefile index 4cd9b287..9927715c 100644 --- a/Makefile +++ b/Makefile @@ -7,6 +7,9 @@ # This is free software. You may distribute it under # the terms of the GNU General Public License, # version 2, or at your option any later version. + +include Makefile.ver + # # Note on debugging flags: # -DDEBUG_ZLB shows all ZLB exchange traffic @@ -97,7 +100,7 @@ OSFLAGS+= -DUSE_KERNEL IPFLAGS?= -DIP_ALLOCATION -CFLAGS+= $(DFLAGS) -Os -Wall -DSANITY $(OSFLAGS) $(IPFLAGS) +CFLAGS+= $(DFLAGS) -Os -Wall -Wextra -DSANITY $(OSFLAGS) $(IPFLAGS) HDRS=l2tp.h avp.h misc.h control.h call.h scheduler.h file.h aaa.h md5.h OBJS=xl2tpd.o pty.o misc.o control.o avp.o call.o network.o avpsend.o scheduler.o file.o aaa.o md5.o SRCS=${OBJS:.o=.c} ${HDRS} @@ -130,6 +133,15 @@ pfc: romfs: $(ROMFSINST) /bin/$(EXEC) +version: + @echo ${XL2TPDVERSION} + +packagingprep: + sed -i "s/XL2TPDVERSION=.*/XL2TPDVERSION=${XL2TPDBASEVERSION}/" Makefile.ver + sed -i "s/#define SERVER_VERSION .*/#define SERVER_VERSION \"xl2tpd-${XL2TPDBASEVERSION}\"/" l2tp.h + sed -i "s/Version: .*/Version: ${XL2TPDBASEVERSION}/" packaging/*/*.spec + sed -i "s/PKG_VERSION:=.*/PKG_VERSION:=${XL2TPDBASEVERSION}/" packaging/openwrt/Makefile + install: ${EXEC} pfc ${CONTROL_EXEC} install -d -m 0755 ${SBINDIR} install -m 0755 $(EXEC) ${SBINDIR}/$(EXEC) diff --git a/Makefile.ver b/Makefile.ver new file mode 100644 index 00000000..69282d44 --- /dev/null +++ b/Makefile.ver @@ -0,0 +1 @@ +XL2TPDVERSION=1.3.16 diff --git a/README.md b/README.md new file mode 100644 index 00000000..d5e83bde --- /dev/null +++ b/README.md @@ -0,0 +1,47 @@ +# xl2tpd + +[![Build Status](https://travis-ci.org/xelerance/xl2tpd.svg?branch=1.3.16dev)](https://travis-ci.org/xelerance/xl2tpd) + +xl2tpd is a **FREE** implementation of the Layer 2 Tunneling Protocol +as defined by [RFC 2661](https://tools.ietf.org/rfc/rfc2661.txt). +L2TP allows you to tunnel PPP over UDP. Some ISPs use L2TP to tunnel user +sessions from dial-in servers (modem banks, ADSL DSLAMs) to back-end PPP +servers. Another important application is Virtual Private Networks where +the IPsec protocol is used to secure the L2TP connection (L2TP/IPsec is +defined by [RFC 3193](https://tools.ietf.org/rfc/rfc3193.txt). xl2tpd can +be used in combination with IPsec implementations such as Openswan. Example +configuration files for such a setup are included in the examples directory. + +xl2tpd uses a pseudo-tty to communicate with pppd. +It runs in userspace but supports kernel mode L2TP. + +xl2tpd supports IPsec SA Reference tracking to enable overlapping internal +NAT'ed IP's by different clients (eg all clients connecting from their +linksys internal IP 192.168.1.101) as well as multiple clients behind +the same NAT router. + +Xl2tpd is based on the L2TP code base of Jeff McAdams . +It was de-facto maintained by Jacco de Leeuw in 2002 and 2003. + +NOTE: In Linux kernel 4.15+ there is a kernel bug with ancillary IP_PKTINFO. + As such, for Linux kernel 4.15+ we recommend the community use xl2tpd + 1.3.12+ + +## Build and install + make + sudo make install + +The xl2tpd.conf(5) man page has details on how to configure xl2tpd. + + +## Mailing Lists + +https://lists.openswan.org/cgi-bin/mailman/listinfo/xl2tpd +is home of the mailing list. + +Note: This is a closed list - you **must** be subscribed to be able +to post mails. + +## Security Vulnerability + +Security vulnerabilities can be e-mailed to: security@xelerance.com diff --git a/README.xl2tpd b/README.xl2tpd deleted file mode 100644 index b5b712d7..00000000 --- a/README.xl2tpd +++ /dev/null @@ -1,37 +0,0 @@ -URL : https://www.xelerance.com/software/xl2tpd/ -Summary : Layer 2 Tunnelling Protocol Daemon (RFC 2661) -Description : - -xl2tpd is an implementation of the Layer 2 Tunnelling Protocol (RFC 2661). -L2TP allows you to tunnel PPP over UDP. Some ISPs use L2TP to tunnel user -sessions from dial-in servers (modem banks, ADSL DSLAMs) to back-end PPP -servers. Another important application is Virtual Private Networks where -the IPsec protocol is used to secure the L2TP connection (L2TP/IPsec, -RFC 3193). The L2TP/IPsec protocol is mainly used by Windows and -Mac OS X clients. On Linux, xl2tpd can be used in combination with IPsec -implementations such as Openswan. -Example configuration files for such a setup are included in this RPM. - -xl2tpd works by opening a pseudo-tty for communicating with pppd. -It runs completely in userspace but supports kernel mode L2TP. - -xl2tpd supports IPsec SA Reference tracking to enable overlapping internak -NAT'ed IP's by different clients (eg all clients connecting from their -linksys internal IP 192.168.1.101) as well as multiple clients behind -the same NAT router. - -xl2tpd supports the pppol2tp kernel mode operations on 2.6.23 or higher, -or via a patch in contrib for 2.4.x kernels. Note that kernel mode and -IPsec SA Reference tracking do not yet work together. - -Xl2tpd is based on the 0.69 L2TP by Jeff McAdams -It was de-facto maintained by Jacco de Leeuw in 2002 and 2003. - -NOTE: In Linux kernel 4.15+ there is a kernel bug with ancillary IP_PKTINFO. - As such, for Linux kernel 4.15+ we recommend the community use the - 1.3.12 branch as a temporary solution until the branch is merged into - the master branch. - -Mailing Lists : - https://lists.openswan.org/cgi-bin/mailman/listinfo/xl2tpd is home of the - mailing list. Note: This is a closed list - you *must* be subscribed to post. diff --git a/avp.c b/avp.c index 4c5f7994..b20f8a75 100644 --- a/avp.c +++ b/avp.c @@ -388,6 +388,8 @@ int ignore_avp (struct tunnel *t, struct call *c, void *data, int datalen) * One option is to simply change the options we pass to pppd. * */ + UNUSED(data); + UNUSED(datalen); if (gconfig.debug_avp) { if (DEBUG) @@ -398,6 +400,7 @@ int ignore_avp (struct tunnel *t, struct call *c, void *data, int datalen) int seq_reqd_avp (struct tunnel *t, struct call *c, void *data, int datalen) { + UNUSED(data); #ifdef SANITY if (t->sanity) { @@ -440,19 +443,19 @@ int result_code_avp (struct tunnel *t, struct call *c, void *data, * I'm not sure what we're supposed to do with this but whatever.. */ - int error; + int error = -1; /* error code unset */ int result; struct unaligned_u16 *raw = data; #ifdef SANITY if (t->sanity) { - if (datalen < 10) + if (datalen < 8) { if (DEBUG) l2tp_log (LOG_DEBUG, - "%s: avp is incorrect size. %d < 10\n", __FUNCTION__, + "%s: avp is incorrect size. %d < 8\n", __FUNCTION__, datalen); - wrong_length (c, "Result Code", 10, datalen, 1); + wrong_length (c, "Result Code", 8, datalen, 1); return -EINVAL; } switch (c->msgtype) @@ -470,7 +473,6 @@ int result_code_avp (struct tunnel *t, struct call *c, void *data, } #endif result = ntohs (raw[3].s); - error = ntohs (raw[4].s); /* * from prepare_StopCCN and prepare_CDN, note missing htons() call @@ -485,15 +487,6 @@ int result_code_avp (struct tunnel *t, struct call *c, void *data, result >>= 8; } - if (((error & 0xFF) == 0) && (error >> 8 != 0)) - { - if (DEBUG) - l2tp_log (LOG_DEBUG, - "%s: error code endianness fix for buggy Apple client. network=%d, le=%d\n", - __FUNCTION__, error, error >> 8); - error >>= 8; - } - if ((c->msgtype == StopCCN) && ((result > 7) || (result < 1))) { if (DEBUG) @@ -512,9 +505,24 @@ int result_code_avp (struct tunnel *t, struct call *c, void *data, return 0; } + if (datalen >= 10) { + error = ntohs (raw[4].s); + if (((error & 0xFF) == 0) && (error >> 8 != 0)) + { + if (DEBUG) + l2tp_log (LOG_DEBUG, + "%s: error code endianness fix for buggy Apple client. network=%d, le=%d\n", + __FUNCTION__, error, error >> 8); + error >>= 8; + } + } + c->error = error; c->result = result; - safe_copy (c->errormsg, (char *) &raw[5].s, datalen - 10); + if (datalen > 10) + safe_copy (c->errormsg, (char *) &raw[5].s, datalen - 10); + else + c->errormsg[0] = 0; if (gconfig.debug_avp) { if (DEBUG && (c->msgtype == StopCCN)) @@ -1628,6 +1636,8 @@ int handle_avps (struct buffer *buf, struct tunnel *t, struct call *c) * checking is done at this point. */ + /* TODO: Refactor function to not use "goto next" */ + struct avp_hdr *avp; int len = buf->len - sizeof (struct control_hdr); int firstavp = -1; @@ -1735,30 +1745,8 @@ int handle_avps (struct buffer *buf, struct tunnel *t, struct call *c) } else hidlen = 0; - if (avps[avp->attr].handler) - { - if (avps[avp->attr].handler (t, c, avp, ALENGTH (avp->length))) - { - if (AMBIT (avp->length)) - { - l2tp_log (LOG_WARNING, - "%s: Bad exit status handling attribute %d (%s) on mandatory packet.\n", - __FUNCTION__, avp->attr, - avps[avp->attr].description); - c->needclose = -1; - return -EINVAL; - } - else - { - if (DEBUG) - l2tp_log (LOG_DEBUG, - "%s: Bad exit status handling attribute %d (%s).\n", - __FUNCTION__, avp->attr, - avps[avp->attr].description); - } - } - } - else + + if (!avps[avp->attr].handler) { if (AMBIT (avp->length)) { @@ -1776,8 +1764,31 @@ int handle_avps (struct buffer *buf, struct tunnel *t, struct call *c) l2tp_log (LOG_WARNING, "%s: no handler for attribute %d (%s).\n", __FUNCTION__, avp->attr, avps[avp->attr].description); + goto next; + } + } + + if (avps[avp->attr].handler (t, c, avp, ALENGTH (avp->length))) + { + if (AMBIT (avp->length)) + { + l2tp_log (LOG_WARNING, + "%s: Bad exit status handling attribute %d (%s) on mandatory packet.\n", + __FUNCTION__, avp->attr, + avps[avp->attr].description); + c->needclose = -1; + return -EINVAL; + } + else + { + if (DEBUG) + l2tp_log (LOG_DEBUG, + "%s: Bad exit status handling attribute %d (%s).\n", + __FUNCTION__, avp->attr, + avps[avp->attr].description); } } + next: if (hidlen && ALENGTH(hidlen)) { diff --git a/call.c b/call.c index f7482592..dc43f56a 100644 --- a/call.c +++ b/call.c @@ -577,6 +577,8 @@ struct call *new_call (struct tunnel *parent) struct call *get_tunnel (int tunnel, unsigned int addr, int port) { + UNUSED(addr); + UNUSED(port); struct tunnel *st; if (tunnel) { diff --git a/contrib/system_tray/REAME.txt b/contrib/system_tray/REAME.txt new file mode 100644 index 00000000..0f089a1b --- /dev/null +++ b/contrib/system_tray/REAME.txt @@ -0,0 +1,30 @@ +This program read xl2tpd log file and show status icon in system tray. +To compile it name file main.cpp and execute command in terminal. + + g++ `pkg-config --cflags --libs gtk+-2.0` main.cpp -o xl2tpd-tray-icon + +then copy xl2tpd-tray-icon to directory /usr/bin + +then copy 4 image files (connect.png, disconnect.png, online.png, offline.png) +to directory /usr/share/xl2tpd-tray-icon + +then make file /etc/xdg/autostart/xl2tpd-tray-icon.desktop with content + + [Desktop Entry] + Name=xl2tpd-tray-icon + Exec=xl2tpd-tray-icon + Terminal=false + Type=Application + X-GNOME-Autostart-enabled=true + +after reboot program will start automatically. + +----- + +Images are from Openclipart (Creative Commons Zero 1.0 Public Domain License) +and Pixabay (Free for commerical use. No attribution required) + +https://openclipart.org/detail/198745/mono-tool-offline-mode-off +https://openclipart.org/detail/198746/mono-tool-offline-mode-on +https://pixabay.com/en/connection-broken-network-98523/ +https://pixabay.com/en/network-computer-workstations-lan-98522/ diff --git a/contrib/system_tray/connect.png b/contrib/system_tray/connect.png new file mode 100644 index 00000000..58833b1a Binary files /dev/null and b/contrib/system_tray/connect.png differ diff --git a/contrib/system_tray/disconnect.png b/contrib/system_tray/disconnect.png new file mode 100644 index 00000000..409d3799 Binary files /dev/null and b/contrib/system_tray/disconnect.png differ diff --git a/contrib/system_tray/main.cpp b/contrib/system_tray/main.cpp new file mode 100644 index 00000000..29f76bf7 --- /dev/null +++ b/contrib/system_tray/main.cpp @@ -0,0 +1,160 @@ +// reading file +#include +#include +// trimming string +#include +#include +#include +#include +// regex +#include +// gtk +#include + +static std::string logfilepath = ""; + +// trim from start (in place) +static inline void ltrim(std::string &s) { + s.erase(s.begin(), std::find_if(s.begin(), s.end(), [](int ch) { + return !std::isspace(ch); + })); +} + +// trim from end (in place) +static inline void rtrim(std::string &s) { + s.erase(std::find_if(s.rbegin(), s.rend(), [](int ch) { + return !std::isspace(ch); + }).base(), s.end()); +} + +// trim from both ends (in place) +static inline void trim(std::string &s) { + ltrim(s); + rtrim(s); +} + +// с++ read file to string +std::string readfile(std::string filepath) { + std::fstream f(filepath, std::fstream::in ); + std::string s; + getline( f, s, '\0'); + f.close(); + return s; +} + +// c++ regex example +std::string whereIsLogFile() { + std::string xl2tpd=readfile("/etc/xl2tpd/xl2tpd.conf"); + + if (xl2tpd!="") { + xl2tpd = std::regex_replace (xl2tpd, std::regex("(^|\n);[^\n]*(?=\n|$)"), ""); + std::string options = ""; + std::smatch match; + if (std::regex_search(xl2tpd, match, std::regex("(^|\n)pppoptfile\\s*=\\s*([^\n]+)(\n|$)")) && match.size() > 1) { + options=readfile(match.str(2)); + if (options!="") { + options = std::regex_replace (options, std::regex("(^|\n)#[^\n]*(?=\n|$)"), ""); + if (std::regex_search(options, match, std::regex("(^|\n)logfile\\s*([^\n]+)(\n|$)")) && match.size() > 1) { + return match.str(2); + } + } + } + } + return "/home/user/beeline.xl2tpd.log"; +} + +// c++ search string in file +int get_status_from_file() { + + std::string s = readfile(logfilepath); + // split file by string + std::string delimiter = "Modem hangup"; + // select last element of array + size_t pos = 0; + std::string token; + while ((pos = s.find(delimiter)) != std::string::npos) { + token = s.substr(0, pos); + s.erase(0, pos + delimiter.length()); + } + trim(s); + if (s=="") { + return 0; + } + else { + delimiter = "status = 0x0"; + token = "1"; + while ((pos = s.find(delimiter)) != std::string::npos) { + token = "3"; + s.erase(0, pos + delimiter.length()); + } + trim(s); + if (s=="") { + return 2; + } + if (token == "1") { + return 1; + } + else { + return 3; + } + } +} + +// c++ convert gchar std::string +const gchar* convertstring2gchar(std::string s) { + const gchar* x; + const char* cv = s.c_str(); + x = (const gchar*) cv; + return x; +} + +// с++ system tray icon +static gboolean updateIcon(gpointer data) { + GtkStatusIcon *icon = (GtkStatusIcon*)data; + int m = get_status_from_file(); + std::string icon_name; + std::string icontext; + std::string icons_path = "/usr/share/xl2tpd-tray-icon/"; + std::string ext = ".png"; + switch (m) { + case 0: icon_name="offline"; icontext = "Internet offline"; break; + case 1: icon_name="connect"; icontext = "Trying to connect to internet"; break; + case 2: icon_name="online"; icontext = "Internet works"; break; + case 3: icon_name="disconnect"; icontext = "Disconnecting internet"; break; + } + gtk_status_icon_set_from_file (icon, convertstring2gchar(icons_path+icon_name + ext)); + gtk_status_icon_set_tooltip (icon, convertstring2gchar(icontext)); + return true; +} + +static void trayIconPopup(GtkStatusIcon *status_icon, guint button, guint32 activate_time, gpointer popUpMenu) { + gtk_menu_popup(GTK_MENU(popUpMenu), NULL, NULL, gtk_status_icon_position_menu, status_icon, button, activate_time); +} + +static void trayExit(GtkMenuItem *item, gpointer user_data) { + exit(0); +} + +int main(int argc, char **argv) { + gtk_init(&argc,&argv); + + GtkStatusIcon *icon = gtk_status_icon_new_from_file ("connect.png"); + gtk_status_icon_set_visible(icon, 1); + gtk_status_icon_set_tooltip(icon, "Icon"); + + GtkWidget *menu, *menuItemView, *menuItemExit; + menu = gtk_menu_new(); + menuItemExit = gtk_menu_item_new_with_label ("Exit"); + gtk_menu_shell_append (GTK_MENU_SHELL (menu), menuItemExit); + gtk_widget_show_all (menu); + g_signal_connect(GTK_STATUS_ICON (icon), "popup-menu", GTK_SIGNAL_FUNC (trayIconPopup), menu); + g_signal_connect (G_OBJECT (menuItemExit), "activate", G_CALLBACK (trayExit), NULL); + + + logfilepath = whereIsLogFile(); + // redraw status icon every 2 seconds + g_timeout_add_seconds(2, updateIcon, icon); + + gtk_main(); + return 0; +} diff --git a/contrib/system_tray/offline.png b/contrib/system_tray/offline.png new file mode 100644 index 00000000..90a7c2b3 Binary files /dev/null and b/contrib/system_tray/offline.png differ diff --git a/contrib/system_tray/online.png b/contrib/system_tray/online.png new file mode 100644 index 00000000..94929009 Binary files /dev/null and b/contrib/system_tray/online.png differ diff --git a/control.c b/control.c index 692e0f38..ba79ce94 100644 --- a/control.c +++ b/control.c @@ -90,7 +90,7 @@ void add_fcs (struct buffer *buf) { _u16 fcs = PPP_INITFCS; unsigned char *c = buf->start; - int x; + size_t x; for (x = 0; x < buf->len; x++) { fcs = PPP_FCS (fcs, *c); @@ -841,10 +841,12 @@ int control_finish (struct tunnel *t, struct call *c) add_frame_avp (buf, c->frame); /* if (c->ourrws >= 0) add_avp_rws(buf, c->ourrws); */ +#ifndef CONFIG_WATCHDOG_FIREWALL /* FIXME: Packet Processing Delay */ /* We don't need any kind of proxy PPP stuff */ /* Can we proxy authenticate ourselves??? */ add_rxspeed_avp (buf, t->rxspeed); +#endif /* add_seqreqd_avp (buf); *//* We don't have sequencing code, so * don't ask for sequencing */ add_control_hdr (t, c, buf); @@ -1312,7 +1314,7 @@ static inline int check_payload (struct buffer *buf, struct tunnel *t, * or not. Returns 0 on success. */ - int ehlen = MIN_PAYLOAD_HDR_LEN; + size_t ehlen = MIN_PAYLOAD_HDR_LEN; struct payload_hdr *h = (struct payload_hdr *) (buf->start); if (!c) { @@ -1413,6 +1415,7 @@ static inline int check_payload (struct buffer *buf, struct tunnel *t, static inline int expand_payload (struct buffer *buf, struct tunnel *t, struct call *c) { + UNUSED(t); /* * Expands payload header. Does not check for valid header, * check_payload() should already be called as a prerequisite. @@ -1597,7 +1600,7 @@ static inline int write_packet (struct buffer *buf, struct tunnel *t, struct cal * Write a packet, doing sync->async conversion if * necessary */ - int x; + size_t x; unsigned char e; int err; static unsigned char wbuf[MAX_RECV_SIZE]; @@ -1627,17 +1630,17 @@ static inline int write_packet (struct buffer *buf, struct tunnel *t, struct cal /* We are given async frames, so write them directly to the tty */ err = write (c->fd, buf->start, buf->len); - if (err == buf->len) + if ((size_t)err == buf->len) { return 0; } - else if (err == 0) + else if ((size_t)err == 0) { l2tp_log (LOG_WARNING, "%s: wrote no bytes of async packet\n", __FUNCTION__); return -EINVAL; } - else if (err < 0) + else if ((size_t)err < 0) { if ((errno == EAGAIN) || (errno == EINTR)) { @@ -1649,13 +1652,13 @@ static inline int write_packet (struct buffer *buf, struct tunnel *t, struct cal strerror (errno)); } } - else if (err < buf->len) + else if ((size_t)err < buf->len) { l2tp_log (LOG_WARNING, "%s: short write (%d of %d bytes)\n", __FUNCTION__, err, buf->len); return -EINVAL; } - else if (err > buf->len) + else if ((size_t)err > buf->len) { l2tp_log (LOG_WARNING, "%s: write returned LONGER than buffer length?\n", __FUNCTION__); @@ -1676,7 +1679,7 @@ static inline int write_packet (struct buffer *buf, struct tunnel *t, struct cal { // we must at least still have 3 bytes left in the worst case scenario: // 1 for a possible escape, 1 for the value and 1 to end the PPP stream. - if(pos >= (sizeof(wbuf) - 4)) { + if((size_t)pos >= (sizeof(wbuf) - 4)) { if(DEBUG) l2tp_log(LOG_CRIT, "%s: rx packet is too big after PPP encoding (size %u, max is %u)\n", __FUNCTION__, buf->len, MAX_RECV_SIZE); @@ -1702,7 +1705,7 @@ static inline int write_packet (struct buffer *buf, struct tunnel *t, struct cal #endif x = 0; - while ( pos != x ) + while ((size_t) pos != x ) { err = write (c->fd, wbuf+x, pos-x); if ( err < 0 ) { @@ -1770,6 +1773,48 @@ int handle_special (struct buffer *buf, struct call *c, _u16 call) return 0; } +static int handle_control(struct buffer *buf, struct tunnel *t, + struct call *c) +{ + /* We have a control packet */ + if (check_control (buf, t, c)) + { + l2tp_log (LOG_DEBUG, "%s: bad control packet!\n", __FUNCTION__); + return -EINVAL; + } + + c->msgtype = -1; + if (buf->len == sizeof (struct control_hdr)) + { + #ifdef DEBUG_ZLB + l2tp_log (LOG_DEBUG, "%s: control ZLB received\n", __FUNCTION__); + #endif + t->control_rec_seq_num--; + c->cnu = 0; + if (c->needclose && c->closing) + { + if (c->container->cLr >= c->closeSs) + { + #ifdef DEBUG_ZLB + l2tp_log (LOG_DEBUG, "%s: ZLB for closing message found\n", + __FUNCTION__); + #endif + c->needclose = 0; + /* Trigger final closing of call */ + } + } + return 0; + } + + if (handle_avps (buf, t, c)) + { + if (gconfig.debug_tunnel) + l2tp_log (LOG_DEBUG, "%s: bad AVP handling!\n", __FUNCTION__); + return -EINVAL; + } + return control_finish (t, c); +} + inline int handle_packet (struct buffer *buf, struct tunnel *t, struct call *c) { @@ -1780,153 +1825,109 @@ inline int handle_packet (struct buffer *buf, struct tunnel *t, #endif */ if (CTBIT (*((_u16 *) buf->start))) + return handle_control(buf, t, c); + + if (!check_payload (buf, t, c)) { - /* We have a control packet */ - if (!check_control (buf, t, c)) - { - c->msgtype = -1; - if (buf->len == sizeof (struct control_hdr)) - { -#ifdef DEBUG_ZLB - l2tp_log (LOG_DEBUG, "%s: control ZLB received\n", __FUNCTION__); -#endif - t->control_rec_seq_num--; - c->cnu = 0; - if (c->needclose && c->closing) - { - if (c->container->cLr >= c->closeSs) - { -#ifdef DEBUG_ZLB - l2tp_log (LOG_DEBUG, "%s: ZLB for closing message found\n", - __FUNCTION__); -#endif - c->needclose = 0; - /* Trigger final closing of call */ - } - } - return 0; - } - else if (!handle_avps (buf, t, c)) - { - return control_finish (t, c); - } - else - { - if (gconfig.debug_tunnel) - l2tp_log (LOG_DEBUG, "%s: bad AVP handling!\n", __FUNCTION__); - return -EINVAL; - } - } - else - { - l2tp_log (LOG_DEBUG, "%s: bad control packet!\n", __FUNCTION__); - return -EINVAL; - } - } - else - { - if (!check_payload (buf, t, c)) + if (!expand_payload (buf, t, c)) { - if (!expand_payload (buf, t, c)) + if (buf->len > sizeof (struct payload_hdr)) { - if (buf->len > sizeof (struct payload_hdr)) - { -/* if (c->throttle) { - if (c->pSs > c->pLr + c->rws) { +/* if (c->throttle) { + if (c->pSs > c->pLr + c->rws) { #ifdef DEBUG_FLOW - l2tp_log(LOG_DEBUG, "%s: not yet dethrottling call\n",__FUNCTION__); + l2tp_log(LOG_DEBUG, "%s: not yet dethrottling call\n",__FUNCTION__); #endif - } else { + } else { #ifdef DEBUG_FLOW - l2tp_log(LOG_DEBUG, "%s: dethrottling call\n",__FUNCTION__); + l2tp_log(LOG_DEBUG, "%s: dethrottling call\n",__FUNCTION__); #endif - if (c->dethrottle) deschedule(c->dethrottle); - c->dethrottle=NULL; - c->throttle = 0; - } - } */ + if (c->dethrottle) deschedule(c->dethrottle); + c->dethrottle=NULL; + c->throttle = 0; + } + } */ /* JLM res = write_packet(buf,t,c, c->frame & SYNC_FRAMING); */ - res = write_packet (buf, t, c, SYNC_FRAMING); - if (res) - return res; - /* - * Assuming we wrote to the ppp driver okay, we should - * do something about ZLB's unless *we* requested no - * window size or if they we have turned off our fbit. - */ + res = write_packet (buf, t, c, SYNC_FRAMING); + if (res) + return res; + /* + * Assuming we wrote to the ppp driver okay, we should + * do something about ZLB's unless *we* requested no + * window size or if they we have turned off our fbit. + */ /* if (c->ourfbit && (c->ourrws > 0)) { - if (c->pSr >= c->prx + c->ourrws - 2) { - We've received enough to fill our receive window. At - this point, we should immediately send a ZLB! + if (c->pSr >= c->prx + c->ourrws - 2) { + We've received enough to fill our receive window. At + this point, we should immediately send a ZLB! #ifdef DEBUG_ZLB - l2tp_log(LOG_DEBUG, "%s: Sending immediate ZLB!\n",__FUNCTION__); + l2tp_log(LOG_DEBUG, "%s: Sending immediate ZLB!\n",__FUNCTION__); #endif - if (c->zlb_xmit) { - Deschedule any existing zlb_xmit's - deschedule(c->zlb_xmit); - c->zlb_xmit = NULL; - } - send_zlb((void *)c); - } else { - struct timeval tv; - We need to schedule sending a ZLB. FIXME: Should - be 1/4 RTT instead, when rate adaptive stuff is - in place. Spec allows .5 seconds though - tv.tv_sec = 0; - tv.tv_usec = 500000; - if (c->zlb_xmit) - deschedule(c->zlb_xmit); + if (c->zlb_xmit) { + Deschedule any existing zlb_xmit's + deschedule(c->zlb_xmit); + c->zlb_xmit = NULL; + } + send_zlb((void *)c); + } else { + struct timeval tv; + We need to schedule sending a ZLB. FIXME: Should + be 1/4 RTT instead, when rate adaptive stuff is + in place. Spec allows .5 seconds though + tv.tv_sec = 0; + tv.tv_usec = 500000; + if (c->zlb_xmit) + deschedule(c->zlb_xmit); #ifdef DEBUG_ZLB - l2tp_log(LOG_DEBUG, "%s: scheduling ZLB\n",__FUNCTION__); + l2tp_log(LOG_DEBUG, "%s: scheduling ZLB\n",__FUNCTION__); #endif - c->zlb_xmit = schedule(tv, &send_zlb, (void *)c); - } - } */ - return 0; - } - else if (buf->len == sizeof (struct payload_hdr)) - { + c->zlb_xmit = schedule(tv, &send_zlb, (void *)c); + } + } */ + return 0; + } + else if (buf->len == sizeof (struct payload_hdr)) + { #ifdef DEBUG_ZLB - l2tp_log (LOG_DEBUG, "%s: payload ZLB received\n", - __FUNCTION__); + l2tp_log (LOG_DEBUG, "%s: payload ZLB received\n", + __FUNCTION__); #endif /* if (c->throttle) { - if (c->pSs > c->pLr + c->rws) { + if (c->pSs > c->pLr + c->rws) { #ifdef DEBUG_FLOW - l2tp_log(LOG_DEBUG, "%s: not yet dethrottling call\n",__FUNCTION__); + l2tp_log(LOG_DEBUG, "%s: not yet dethrottling call\n",__FUNCTION__); #endif - } else { + } else { #ifdef DEBUG_FLOW - l2tp_log(LOG_DEBUG, "%s: dethrottling call\n",__FUNCTION__); + l2tp_log(LOG_DEBUG, "%s: dethrottling call\n",__FUNCTION__); #endif - if (c->dethrottle) - deschedule(c->dethrottle); - c->dethrottle=NULL; - c->throttle = 0; - } - } */ - c->data_rec_seq_num--; - return 0; - } - else - { - l2tp_log (LOG_DEBUG, "%s: payload too small!\n", __FUNCTION__); - return -EINVAL; - } + if (c->dethrottle) + deschedule(c->dethrottle); + c->dethrottle=NULL; + c->throttle = 0; + } + } */ + c->data_rec_seq_num--; + return 0; } else { - if (gconfig.debug_tunnel) - l2tp_log (LOG_DEBUG, "%s: unable to expand payload!\n", - __FUNCTION__); + l2tp_log (LOG_DEBUG, "%s: payload too small!\n", __FUNCTION__); return -EINVAL; } } else { - l2tp_log (LOG_DEBUG, "%s: invalid payload packet!\n", __FUNCTION__); + if (gconfig.debug_tunnel) + l2tp_log (LOG_DEBUG, "%s: unable to expand payload!\n", + __FUNCTION__); return -EINVAL; } } + else + { + l2tp_log (LOG_DEBUG, "%s: invalid payload packet!\n", __FUNCTION__); + return -EINVAL; + } } diff --git a/debian/changelog b/debian/changelog index 6ea29610..d920ed0a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,15 @@ +xl2tpd (1.3.14-1) UNRELEASED; urgency=medium + + * New upstream release. + + -- Samir Hussain Wed, 17 Apr 2019 12:22:21 -0500 + +xl2tpd (1.3.13-1) UNRELEASED; urgency=medium + + * New upstream release. + + -- Samir Hussain Mon, 03 Dec 2018 13:02:21 -0500 + xl2tpd (1.3.12-2) UNRELEASED; urgency=medium * copyright: Use https URL for Format. diff --git a/doc/l2tpd-RPM.README b/doc/l2tpd-RPM.README index 3b9a40d9..54f65769 100644 --- a/doc/l2tpd-RPM.README +++ b/doc/l2tpd-RPM.README @@ -3,7 +3,7 @@ l2tpd RPM """"""""" This l2tpd RPM was originally created by Lenny Cartier - and Per yvind Karlsen . + and Per Øyvind Karlsen . Some details have been changed by me (see specfile changelog). Originally it only built on recent versions of Mandrake but it should now work on Red Hat, SuSE and older Mandrake versions as well. diff --git a/doc/xl2tpd-control.8 b/doc/xl2tpd-control.8 index 546b0cdf..27d7e8f3 100644 --- a/doc/xl2tpd-control.8 +++ b/doc/xl2tpd-control.8 @@ -1,92 +1,114 @@ -.TH "xl2tpd-control" "8" "" "Alexander Dorokhov" "" -.SH "NAME" -xl2tpd\-control \- Layer 2 Tunnelling Protocol Daemon Contorl Utility -.SH "DESCRIPTION" -A Layer 2 Tunneling Protocol Daemon Control Utility for Linux. +.TH xl2tpd-control 8 "Sep 2020" -Currently maintained by Xelerance - http://www.xelerance.com/software/xl2tpd/ +.SH NAME +xl2tpd\-control \- xl2tpd control utility. -.SH "SYNOPSIS" -.HP \w'\fBipsec\fR\ 'u -\fBxl2tpd-control\fR [\fI-c\fR ] \fI\fR \fI\fR [\fI\fR] +.SH DESCRIPTION +xl2tpd is an implementation of the Layer 2 Tunneling Protocol (RFC 2661). +L2TP allows to tunnel PPP over UDP. Some ISPs use L2TP to tunnel user sessions +from dial-in servers (modem banks, ADSL DSLAMs) to back-end PPP servers. +Another important application is Virtual Private Networks where the IPsec +protocol is used to secure the L2TP connection (L2TP/IPsec, RFC 3193). +xl2tpd works by opening a pseudo-tty for communicating with pppd. +It runs completely in userspace but supports kernel mode L2TP. -.SH "OPTIONS" -.TP -.B -c -This option specifies xl2tpd control file - -.TP -.B -d -This option specify xl2tpd-control to run in debug mode +xl2tpd supports IPsec SA Reference tracking to enable overlapping internak +NAT'ed IP's by different clients (eg all clients connecting from their +linksys internal IP 192.168.1.101) as well as multiple clients behind +the same NAT router. -.SH "COMMANDS" -.TP -.B add -Adds new or modify existing lac configuration. Configuration must be -specified as command options in = pairs format. See available -options in xl2tpd.conf(5) +.SH SYNOPSIS +.HP +\fBxl2tpd-control\fR [\fI-c\fR PATH] \fI\fR \fI\fR [\fIOPTIONS\fR] -.TP -.B connect -Tries to activate the tunnel. Username and secret for the tunnel can be -passed as command options. +.SH OPTIONS .TP -.B disconnect -Disconnects the tunnel. +.B -c +This option specifies xl2tpd control file. .TP -.B remove +.B -d +This option enables debugging mode. +.SH COMMANDS .TP .B add-lac -Adds new or modify existing lac configuration. +Adds new or modify existing LAC (L2TP Access Concentrator) configuration. +Configuration should be specified as a command options in = +pairs format. See available options in xl2tpd.conf(5). .TP .B connect-lac +Establish new connection to LAC. +Username and secret for tunnel can be passed as a command options. .TP .B disconnect-lac +Disconnects tunnel. .TP .B remove-lac +Removes existing LAC configuration. +xl2tpd disconnects the tunnel before removing. .TP .B add-lns -Adds new or modify existing lns configuration. +Adds new or modify existing LNS (L2TP Network Server) configuration. .TP .B remove-lns - -.TP -.B status +Removes existing LNS configuration. .TP .B status-lns +Check the status of LNS. .TP .B available +Check availability. + +.SH BUGS +Please use the github project page +https://github.com/xelerance/xl2tpd +to send bugreports, issues and any other feedback. + +.SH SEE ALSO +xl2tpd.conf(5), +xl2tpd(8), +pppd(8) + +.SH COPYLEFT +This program is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License +as published by the Free Software Foundation; either version 2 +of the License, or (at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program (see the file LICENSE); if not, see +https://www.gnu.org/licenses/, or contact Free Software Foundation, Inc., +51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +.SH CONTRIBUTORS +Alexander Dorokhov +.br +Alexander Naumov -.SH "BUGS" - -Please address bugs and comment to xl2tpd@lists.xelerance.com -.SH "SEE ALSO" - -\fB\fRxl2tpd.conf(5) -.SH "AUTHORS" -Forked from l2tpd by Xelerance (http://www.xelerance.com/software/xl2tpd/ +.SH AUTHORS +Forked from l2tpd by Xelerance: https://github.com/xelerance/xl2tpd Michael Richardson +.br Paul Wouters +.br Samir Hussain -Many thanks to Jacco de Leeuw for maintaining l2tpd. - -Patched contributed by: -Alexander Dorokhov - Previous development was hosted at sourceforge (http://www.sourceforge.net/projects/l2tpd) by: .P @@ -96,7 +118,9 @@ David Stipp .br Jeff McAdams -Based off of l2tpd version 0.60 +Based off of l2tpd version 0.61. +Many thanks to Jacco de Leeuw for maintaining l2tpd. + .br Copyright (C)1998 Adtran, Inc. .br diff --git a/doc/xl2tpd.8 b/doc/xl2tpd.8 index e34f7ce2..fe8a9c97 100644 --- a/doc/xl2tpd.8 +++ b/doc/xl2tpd.8 @@ -1,23 +1,31 @@ -.TH "xl2tpd" "8" "" "Jeff McAdams" "" -.SH "NAME" -xl2tpd \- Layer 2 Tunnelling Protocol Daemon -.SH "DESCRIPTION" -A Layer 2 Tunneling Protocol VPN client/daemon for Linux and other POSIX-based -OSs. Based off of L2TPd 0.61 from - http://www.marko.net/l2tp -and patches collected by Jacco de Leeuw at - http://www.jacco2.dds.nl/networking/openswan-l2tp.html +.TH xl2tpd 8 "Sep 2020" + +.SH NAME +xl2tpd \- Layer 2 Tunnelling Protocol Daemon. + +.SH DESCRIPTION +xl2tpd is an implementation of the Layer 2 Tunneling Protocol (RFC 2661). +L2TP allows to tunnel PPP over UDP. Some ISPs use L2TP to tunnel user sessions +from dial-in servers (modem banks, ADSL DSLAMs) to back-end PPP servers. +Another important application is Virtual Private Networks (VPN) where the +IPsec protocol is used to secure the L2TP connection (L2TP/IPsec, RFC 3193). -Currently maintained by Xelerance - http://www.xelerance.com/software/xl2tpd/ +xl2tpd works by opening a pseudo-tty for communicating with pppd. +It runs completely in userspace but supports kernel mode L2TP. -xl2tpd implements the Layer 2 Tunnelling Protocol, defined by RFC 2661. +xl2tpd supports IPsec SA Reference tracking to enable overlapping internak +NAT'ed IP's by different clients (eg all clients connecting from their +linksys internal IP 192.168.1.101) as well as multiple clients behind +the same NAT router. + +This implementation is based on L2TPd 0.61 from http://www.marko.net/l2tp +and patches collected by Jacco de Leeuw at +http://www.jacco2.dds.nl/networking/openswan-l2tp.html. -.SH "OPTIONS" +.SH OPTIONS .TP .B -D -This option prevents xl2tpd from detaching from the terminal and -daemonizing. +This option prevents xl2tpd from detaching from the terminal and daemonizing. .TP .B -l @@ -25,44 +33,75 @@ This option tells xl2tpd to use syslog for logging even when \fB\-D\fR was specified. .TP -.B -c -Tells xl2tpd to use an alternate config file. Default is -/etc/xl2tpd/xl2tpd.conf. Fallback configuration file is -/etc/l2tpd/l2tpd.conf +.B -c +Set an alternate config file. +Fallback configuration file is /etc/l2tpd/l2tpd.conf. .TP -.B -s -Tells xl2tpd to use an alternate "secrets" file. Default is -/etc/xl2tpd/l2tp-secrets +.B -s +Tells xl2tpd to use an alternate "secrets" file. .TP -.B -p -Tells xl2tpd to use an alternate pid file. Default is -/var/run/xl2tpd/xl2tpd.pid +.B -p +Set an alternate pid file. +Default is /var/run/xl2tpd/xl2tpd.pid. .TP -.B -C -Tells xl2tpd to use an alternate control file. Default is -/var/run/xl2tpd/l2tp-control +.B -C +Set an alternate control file. + + +.SH FILES +.IP /etc/xl2tpd/xl2tpd.conf +Configuration file of xl2tpd, used by default. + +.IP /etc/xl2tpd/l2tp-secrets +Secrets file, used by default. + +.IP /var/run/xl2tpd/l2tp\-control +Control file, used by default. + +.SH BUGS +Please use the github project page +https://github.com/xelerance/xl2tpd +to send bugreports, issues and any other feedback. +.SH SEE ALSO +xl2tpd.conf(5), +xl2tpd-control(8), +pppd(8) -.SH "FILES" +.SH COPYLEFT +This program is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License +as published by the Free Software Foundation; either version 2 +of the License, or (at your option) any later version. -\fB\fR/etc/xl2tpd/xl2tpd.conf \fB\fR/etc/xl2tpd/l2tp\-secrets -\fB\fR/var/run/xl2tpd/l2tp\-control -.SH "BUGS" +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. -Please address bugs and comment to xl2tpd@lists.xelerance.com -.SH "SEE ALSO" +You should have received a copy of the GNU General Public License +along with this program (see the file LICENSE); if not, see +https://www.gnu.org/licenses/, or contact Free Software Foundation, Inc., +51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -\fB\fRxl2tpd.conf(5) -.SH "AUTHORS" -Forked from l2tpd by Xelerance (http://www.xelerance.com/software/xl2tpd/ + +.SH CONTRIBUTORS +Alexander Dorokhov +.br +Alexander Naumov + + +.SH AUTHORS +Forked from l2tpd by Xelerance: https://github.com/xelerance/xl2tpd Michael Richardson +.br Paul Wouters - -Many thanks to Jacco de Leeuw for maintaining l2tpd. +.br +Samir Hussain Previous development was hosted at sourceforge @@ -74,8 +113,8 @@ David Stipp .br Jeff McAdams - -Based off of l2tpd version 0.60 +Based off of l2tpd version 0.61. +Many thanks to Jacco de Leeuw for maintaining l2tpd. .br Copyright (C)1998 Adtran, Inc. .br diff --git a/doc/xl2tpd.conf.5 b/doc/xl2tpd.conf.5 index 81a60293..59529e6b 100644 --- a/doc/xl2tpd.conf.5 +++ b/doc/xl2tpd.conf.5 @@ -1,17 +1,19 @@ -.TH "xl2tpd.conf" "5" "" "Jean-Francois Dive" "" -.SH "NAME" +.TH xl2tpd.conf 5 "Sep 2020" +.SH NAME xl2tpd.conf \- L2TPD configuration file -.SH "DESCRIPTION" -The xl2tpd.conf file contains configuration information for xl2tpd, the implementation of l2tp protocol. +.SH DESCRIPTION +The xl2tpd.conf file contains configuration information for xl2tpd, +the free implementation of l2tp protocol. The configuration file is composed of sections and parameters. Each section has a given name which will be used when using the configuration FIFO -(normally /var/run/xl2tpd/l2tp\-control). See xl2tpd.8 for more details. +(normally /var/run/xl2tpd/l2tp\-control). See xl2tpd.8 for more details. The specific given name .B default will specify parameters applicable for all the following sections. -.SH "GLOBAL SECTION" + +.SH GLOBAL SECTION .TP .B auth file Specify where to find the authentication file used to authenticate @@ -29,7 +31,7 @@ only works with Openswan KLIPS in "mast" mode. (see http://www.openswan.org/) Set this to yes and the system will provide proper SAref values in the recvmsg() calls. -Values can be yes or no. The default is no. +Values can be 'yes' or 'no'. The default is 'no'. .TP .B saref refinfo @@ -50,46 +52,46 @@ Specify which UDP port xl2tpd should use. The default is 1701. .TP .B access control -If set to yes, the xl2tpd process will only accept connections from -peers addresses specified in the following sections. The default is no. +If set to 'yes', the xl2tpd process will only accept connections from +peers addresses specified in the following sections. The default is 'no'. .TP .B debug avp -Set this to yes to enable syslog output of L2TP AVP debugging information. +Set this to 'yes' to enable syslog output of L2TP AVP debugging information. .TP .B debug network -Set this to yes to enable syslog output of network debugging information. +Set this to 'yes' to enable syslog output of network debugging information. .TP .B debug packet -Set this to yes to enable printing of L2TP packet debugging information. +Set this to 'yes' to enable printing of L2TP packet debugging information. Note: Output goes to STDOUT, so use this only in conjunction with the .B -D command line option. .TP .B debug state -Set this to yes to enable syslog output of FSM debugging information. +Set this to 'yes' to enable syslog output of FSM debugging information. .TP .B debug tunnel -Set this to yes to enable syslog output of tunnel debugging information. +Set this to 'yes' to enable syslog output of tunnel debugging information. .TP .B max retries Specify how many retries before a tunnel is closed. If there is no tunnel, then stop re-transmitting. The default is 5. -.SH "LNS SECTION" +.SH LNS SECTION .TP .B exclusive -If set to yes, only one control tunnel will be allowed to be built -between 2 peers. CHECK +If set to 'yes', only one control tunnel will be allowed to be built +between 2 peers. .TP .B (no) ip range -Specify the range of ip addresses the LNS will assign to the connecting +Specify the range of IP addresses the LNS will assign to the connecting LAC PPP tunnels. Multiple ranges can be defined. Using the 'no' statement disallows the use of that particular range. Ranges are defined using the format IP \- IP (example: 1.1.1.1 \- 1.1.1.10). Note that either @@ -101,7 +103,7 @@ to no. .TP .B assign ip -Set this to no if xl2tpd should not assign IP addresses out of the pool +Set this to 'no' if xl2tpd should not assign IP addresses out of the pool defined with the .B ip range option. This can be useful if you have some other means to assign IP @@ -110,20 +112,20 @@ addresses, e. g. a pppd that supports RADIUS AAA. .TP .B (no) lac -Specify the ip addresses of LAC's which are allowed to connect to xl2tpd +Specify the IP addresses of LAC's which are allowed to connect to xl2tpd acting as a LNS. The format is the same as the .B ip range option. .TP .B hidden bit -If set to yes, xl2tpd will use the AVP hiding feature of L2TP. To get +If set to 'yes', xl2tpd will use the AVP hiding feature of L2TP. To get more information about hidden AVP's and AVP in general, refer to rfc2661 (add URL?) .TP .B local ip -Use the following IP as xl2tpd's own ip address. +Use the following IP as xl2tpd's own IP address. .TP .B local ip range @@ -140,7 +142,7 @@ option has no effect on this option. .TP .B length bit -If set to yes, the length bit present in the l2tp packet payload +If set to 'yes', the length bit present in the l2tp packet payload will be used. .TP @@ -159,7 +161,7 @@ Will require or refuse the remote peer to authenticate itself. .TP .B unix authentication -If set to yes, /etc/passwd will be used for remote peer ppp authentication. +If set to 'yes', /etc/passwd will be used for remote peer ppp authentication. .TP .B hostname @@ -171,7 +173,7 @@ This will enable the debug for pppd. .TP .B pass peer -Pass the peer's IP address to pppd as ipparam. Enabled by default. +Pass the peer's IP address to pppd as ipparam. Enabled by default. .TP .B pppoptfile @@ -180,9 +182,9 @@ to be used. .TP .B call rws -This option is deprecated and no longer functions. It used to be used +This option is deprecated and no longer functions. It used to be used to define the flow control window size for individual L2TP calls or -sessions. The L2TP standard (RFC2661) no longer defines flow control or +sessions. The L2TP standard (RFC2661) no longer defines flow control or window sizes on calls or sessions. .TP @@ -193,13 +195,13 @@ number of bytes. .TP .B flow bits -If set to yes, sequence numbers will be included in the communication. +If set to 'yes', sequence numbers will be included in the communication. The feature to use sequence numbers in sessions is currently broken and does not function. .TP .B challenge -If set to yes, use challenge authentication to authenticate peer. +If set to 'yes', use challenge authentication to authenticate peer. .TP .B rx bps @@ -221,40 +223,76 @@ Set the dns name or ip address of the LNS to connect to. .TP .B autodial -If set to yes, xl2tpd will automatically dial the LAC during startup. +If set to 'yes', xl2tpd will automatically dial the LAC during startup. .TP .B redial -If set to yes, xl2tpd will attempt to redial if the call get +If set to 'yes', xl2tpd will attempt to redial if the call get disconnected. Note that, if enabled, xl2tpd will keep passwords in memory: a potential security risk. .TP .B redial timeout Wait X seconds before redial. The redial option must be set to yes -to use this option. Defaults to 30 seconds. +to use this option. Defaults to 30 seconds. .TP .B max redials Will give up redial tries after X attempts. -.SH "FILES" +.SH FILES +.IP /etc/xl2tpd/xl2tpd.conf +Configuration file of xl2tpd, used by default. + +.IP /etc/xl2tpd/l2tp-secrets +Secrets file, used by default. + +.IP /var/run/xl2tpd/l2tp\-control +Control file, used by default. + + +.SH BUGS +Please use the github project page +https://github.com/xelerance/xl2tpd +to send bugreports, issues and any other feedback -\fB\fR/etc/xl2tpd/xl2tpd.conf \fB\fR/etc/xl2tpd/l2tp\-secrets -\fB\fR/var/run/xl2tpd/l2tp\-control -.SH "BUGS" -Please address bugs and comment to xl2tpdv@lists.xelerance.com -.SH "SEE ALSO" +.SH SEE ALSO +xl2tpd(8), +xl2tpd-control(8), +pppd(8) -\fB\fRxl2tpd(8) -.SH "AUTHORS" -Forked from xl2tpd by Xelerance (https://www.xelerance.com/software/xl2tpd/) +.SH COPYLEFT +This program is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License +as published by the Free Software Foundation; either version 2 +of the License, or (at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program (see the file LICENSE); if not, see +https://www.gnu.org/licenses/, or contact Free Software Foundation, Inc., +51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + + +.SH CONTRIBUTORS +Alexander Dorokhov +.br +Alexander Naumov + + +.SH AUTHORS +Forked from l2tpd by Xelerance: https://github.com/xelerance/xl2tpd Michael Richardson +.br Paul Wouters - -Many thanks to Jacco de Leeuw for maintaining l2tpd. +.br +Samir Hussain Previous development was hosted at sourceforge @@ -267,7 +305,8 @@ David Stipp Jeff McAdams -Based off of l2tpd version 0.60 +Based off of l2tpd version 0.61. +Many thanks to Jacco de Leeuw for maintaining l2tpd. .br Copyright (C)1998 Adtran, Inc. .br diff --git a/file.c b/file.c index a6362c06..17dc3775 100644 --- a/file.c +++ b/file.c @@ -51,6 +51,7 @@ int init_config () gconfig.debug_tunnel = 0; gconfig.debug_state = 0; gconfig.max_retries = DEFAULT_MAX_RETRIES; + gconfig.cap_backoff = 0; lnslist = NULL; laclist = NULL; deflac = (struct lac *) calloc (1, sizeof (struct lac)); @@ -217,6 +218,7 @@ int set_int (char *word, char *value, int *ptr) int set_string (char *word, char *value, char *ptr, int len) { + UNUSED(word); #ifdef DEBUG_FILE l2tp_log (LOG_DEBUG, "set_%s: %s flag to '%s'\n", word, word, value); #endif /* ; */ @@ -230,7 +232,7 @@ int set_port (char *word, char *value, int context, void *item) { case CONTEXT_GLOBAL: #ifdef DEBUG_FILE - l2tp_log (LOG_DEBUG, "set_port: Setting global port number to %s\n", + l2tp_log (LOG_DEBUG, "set_maxretries: Setting global max retries to %s\n", value); #endif set_int (word, value, &(((struct global *) item)->port)); @@ -374,6 +376,26 @@ int set_maxretries (char *word, char *value, int context, void *item) } +int set_capbackoff (char *word, char *value, int context, void *item) +{ + switch (context & ~CONTEXT_DEFAULT) + { + case CONTEXT_GLOBAL: +#ifdef DEBUG_FILE + l2tp_log (LOG_DEBUG, "set_capbackoff: Setting global cap backoff to %s\n", + value); +#endif + set_int (word, value, &(((struct global *) item)->cap_backoff)); + break; + default: + snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n", + word); + return -1; + } + return 0; + +} + int set_rmax (char *word, char *value, int context, void *item) { if (atoi (value) < 1) @@ -441,7 +463,7 @@ int set_autodial (char *word, char *value, int context, void *item) int set_flow (char *word, char *value, int context, void *item) { - int v; + int v = -1; set_boolean (word, value, &v); if (v < 0) return -1; @@ -930,7 +952,7 @@ struct iprange *set_range (char *word, char *value, struct iprange *in) } } /* Copy the last field + null terminator */ - if (ip_hi + sizeof(ip_hi)-e > strlen(d)) { + if ((size_t)(ip_hi + sizeof(ip_hi)-e) > strlen(d)) { strcpy(e, d); d = ip_hi; } @@ -1058,6 +1080,7 @@ int set_exclusive (char *word, char *value, int context, void *item) int set_ip (char *word, char *value, unsigned int *addr) { + UNUSED(word); struct hostent *hp; hp = gethostbyname (value); if (!hp) @@ -1244,6 +1267,7 @@ int set_rand_dev () int set_rand_egd (char *value) { + UNUSED(value); l2tp_log(LOG_WARNING, "%s: not yet implemented!\n", __FUNCTION__); rand_source = RAND_EGD; return -1; @@ -1251,6 +1275,7 @@ int set_rand_egd (char *value) int set_rand_source (char *word, char *value, int context, void *item) { + UNUSED(item); time_t seconds; /* * We're going to go ahead and seed the rand() function with srand() @@ -1595,5 +1620,6 @@ struct keyword words[] = { {"rx bps", &set_speed}, {"bps", &set_speed}, {"max retries" , &set_maxretries}, + {"cap backoff" , &set_capbackoff}, {NULL, NULL} }; diff --git a/file.h b/file.h index 4f9a6fa3..a2707c2d 100644 --- a/file.h +++ b/file.h @@ -168,6 +168,7 @@ struct global * Changed in SAref patch in openswan 2.6.36 for linux 2.6.36+ */ int max_retries; /* Max retries before closing tunnel or stop re-transmitting */ + int cap_backoff; /* Limit seconds between exponential backoff */ }; extern struct global gconfig; /* Global configuration options */ diff --git a/l2tp.h b/l2tp.h index 200e290d..b77b908c 100644 --- a/l2tp.h +++ b/l2tp.h @@ -41,6 +41,7 @@ typedef unsigned long long _u64; #define CONTROL_PIPE "/var/run/xl2tpd/l2tp-control" #define CONTROL_PIPE_MESSAGE_SIZE 1024 +#define UNUSED(x) (void)(x) /* Control pip request types */ #define CONTROL_PIPE_REQ_LAC_REMOVE 'r' @@ -58,7 +59,7 @@ typedef unsigned long long _u64; #define CONTROL_PIPE_REQ_LNS_REMOVE 'w' /* Get status of LNS */ #define BINARY "xl2tpd" -#define SERVER_VERSION "xl2tpd-1.3.12" +#define SERVER_VERSION "xl2tpd-1.3.16" #define VENDOR_NAME "xelerance.com" #ifndef PPPD #define PPPD "/usr/sbin/pppd" diff --git a/misc.c b/misc.c index e11881f1..322af264 100644 --- a/misc.c +++ b/misc.c @@ -39,6 +39,8 @@ static int syslog_nesting = 0; --syslog_nesting; \ } while(0) +#define UNUSED(x) (void)(x) + void init_log() { static int logopen=0; @@ -150,7 +152,7 @@ void bufferDump (unsigned char *buf, int buflen) void do_packet_dump (struct buffer *buf) { - int x; + size_t x; unsigned char *c = buf->start; printf ("packet dump: \nHEX: { "); for (x = 0; x < buf->len; x++) @@ -260,6 +262,8 @@ void opt_destroy (struct ppp_opts *option) int get_egd_entropy(char *buf, int count) { + UNUSED(buf); + UNUSED(count); return -1; } diff --git a/misc.h b/misc.h index caab7a14..b8da0a92 100644 --- a/misc.h +++ b/misc.h @@ -24,8 +24,8 @@ struct buffer void *rstart; void *rend; void *start; - int len; - int maxlen; + size_t len; + size_t maxlen; #if 0 unsigned int addr; int port; @@ -68,7 +68,6 @@ extern int addfcs (struct buffer *buf); extern void swaps (void *, int); extern void do_packet_dump (struct buffer *); extern void status (const char *fmt, ...); -extern void status_handler (int signal); extern int getPtyMaster(char *, int); extern void do_control (void); extern void recycle_buf (struct buffer *); diff --git a/network.c b/network.c index 9d53b8c7..40fba1f8 100644 --- a/network.c +++ b/network.c @@ -68,6 +68,7 @@ int init_network (void) }; if (getsockname (server_socket, (struct sockaddr *) &server, &length)) { + close (server_socket); l2tp_log (LOG_CRIT, "%s: Unable to read socket name.Terminating.\n", __FUNCTION__); return -EINVAL; @@ -85,16 +86,15 @@ int init_network (void) else { arg=1; - if(setsockopt(server_socket, IPPROTO_IP, gconfig.sarefnum, &arg, sizeof(arg)) != 0) { + if(setsockopt(server_socket, IPPROTO_IP, gconfig.sarefnum, &arg, sizeof(arg)) != 0 && !gconfig.forceuserspace) + { l2tp_log(LOG_CRIT, "setsockopt recvref[%d]: %s\n", gconfig.sarefnum, strerror(errno)); gconfig.ipsecsaref=0; } - else + arg=1; + if(setsockopt(server_socket, IPPROTO_IP, IP_PKTINFO, (char*)&arg, sizeof(arg)) != 0) { - arg=1; - if(setsockopt(server_socket, IPPROTO_IP, IP_PKTINFO, (char*)&arg, sizeof(arg)) != 0) { - l2tp_log(LOG_CRIT, "setsockopt IP_PKTINFO: %s\n", strerror(errno)); - } + l2tp_log(LOG_CRIT, "setsockopt IP_PKTINFO: %s\n", strerror(errno)); } } #else @@ -112,6 +112,7 @@ int init_network (void) int kernel_fd = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP); if (kernel_fd < 0) { + close(kernel_fd); l2tp_log (LOG_INFO, "L2TP kernel support not detected (try modprobing l2tp_ppp and pppol2tp)\n"); kernel_support = 0; } @@ -183,6 +184,7 @@ static inline void fix_hdr (void *buf) void dethrottle (void *call) { + UNUSED(call); /* struct call *c = (struct call *)call; */ /* if (c->throttle) { #ifdef DEBUG_FLOW @@ -261,9 +263,14 @@ void control_xmit (void *b) else { /* - * Adaptive timeout with exponential backoff + * Adaptive timeout with exponential backoff. The delay grows + * exponentialy, unless it's capped by configuration. */ - tv.tv_sec = 1LL << (buf->retries-1); + unsigned shift_by = (buf->retries-1); + if (shift_by > 31) + shift_by = 31; + + tv.tv_sec = 1LL << shift_by; tv.tv_usec = 0; schedule (tv, control_xmit, buf); #ifdef DEBUG_CONTROL_XMIT @@ -571,31 +578,31 @@ void network_thread () } - refme=refhim=0; + refme=refhim=0; - struct cmsghdr *cmsg; - /* Process auxiliary received data in msgh */ - for (cmsg = CMSG_FIRSTHDR(&msgh); - cmsg != NULL; - cmsg = CMSG_NXTHDR(&msgh,cmsg)) { + struct cmsghdr *cmsg; + /* Process auxiliary received data in msgh */ + for (cmsg = CMSG_FIRSTHDR(&msgh); + cmsg != NULL; + cmsg = CMSG_NXTHDR(&msgh,cmsg)) { #ifdef LINUX - /* extract destination(our) addr */ - if (cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == IP_PKTINFO) { - struct in_pktinfo* pktInfo = ((struct in_pktinfo*)CMSG_DATA(cmsg)); - to = *pktInfo; - } else + /* extract destination(our) addr */ + if (cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == IP_PKTINFO) { + struct in_pktinfo* pktInfo = ((struct in_pktinfo*)CMSG_DATA(cmsg)); + to = *pktInfo; + } else #endif - /* extract IPsec info out */ - if (gconfig.ipsecsaref && cmsg->cmsg_level == IPPROTO_IP - && cmsg->cmsg_type == gconfig.sarefnum) { - unsigned int *refp; - - refp = (unsigned int *)CMSG_DATA(cmsg); - refme =refp[0]; - refhim=refp[1]; - } - } + /* extract IPsec info out */ + if (gconfig.ipsecsaref && cmsg->cmsg_level == IPPROTO_IP && + cmsg->cmsg_type == gconfig.sarefnum) { + unsigned int *refp; + + refp = (unsigned int *)CMSG_DATA(cmsg); + refme =refp[0]; + refhim=refp[1]; + } + } /* * some logic could be added here to verify that we only @@ -635,7 +642,7 @@ void network_thread () if (gconfig.debug_tunnel) l2tp_log (LOG_DEBUG, "%s: no such call %d on tunnel %d. Sending special ZLB\n", - __FUNCTION__); + __FUNCTION__, call, tunnel); if(1==handle_special (buf, c, call)) { buf = new_buf (MAX_RECV_SIZE); } @@ -673,145 +680,140 @@ void network_thread () /* * finished obvious sources, look for data from PPP connections. */ - st = tunnels.head; - while (st) + for (st = tunnels.head; st; st = st->next) { - sc = st->call_head; - while (sc) + for (sc = st->call_head; sc; sc = sc->next) { - if ((sc->fd >= 0) && FD_ISSET (sc->fd, &readfds)) - { - /* Got some payload to send */ - int result; + if ((sc->fd < 0) || !FD_ISSET (sc->fd, &readfds)) + continue; + + /* Got some payload to send */ + int result; - while ((result = read_packet (sc)) > 0) + while ((result = read_packet (sc)) > 0) + { + add_payload_hdr (sc->container, sc, sc->ppp_buf); + if (gconfig.packet_dump) { - add_payload_hdr (sc->container, sc, sc->ppp_buf); - if (gconfig.packet_dump) - { - do_packet_dump (sc->ppp_buf); - } - - - sc->prx = sc->data_rec_seq_num; - if (sc->zlb_xmit) - { - deschedule (sc->zlb_xmit); - sc->zlb_xmit = NULL; - } - sc->tx_bytes += sc->ppp_buf->len; - sc->tx_pkts++; - - unsigned char* tosval,typeval; - tosval = *get_inner_tos_byte(sc->ppp_buf); - typeval = *get_inner_ppp_type(sc->ppp_buf); - - int tosval_dec = (int)tosval; - int typeval_dec = (int)typeval; - - if (typeval_dec != 33 ) - tosval_dec=atoi(gconfig.controltos); - setsockopt(server_socket, IPPROTO_IP, IP_TOS, &tosval_dec, sizeof(tosval_dec)); - - udp_xmit (sc->ppp_buf, st); - recycle_payload (sc->ppp_buf, sc->container->peer); + do_packet_dump (sc->ppp_buf); } - if (result != 0) + + sc->prx = sc->data_rec_seq_num; + if (sc->zlb_xmit) { - l2tp_log (LOG_WARNING, - "%s: tossing read packet, error = %s (%d). Closing call.\n", - __FUNCTION__, strerror (-result), -result); - strcpy (sc->errormsg, strerror (-result)); - sc->needclose = -1; + deschedule (sc->zlb_xmit); + sc->zlb_xmit = NULL; } + sc->tx_bytes += sc->ppp_buf->len; + sc->tx_pkts++; + + unsigned char* tosval = get_inner_tos_byte(sc->ppp_buf); + unsigned char* typeval = get_inner_ppp_type(sc->ppp_buf); + + int tosval_dec = (int)*tosval; + int typeval_dec = (int)*typeval; + + if (typeval_dec != 33 ) + tosval_dec=atoi(gconfig.controltos); + setsockopt(server_socket, IPPROTO_IP, IP_TOS, &tosval_dec, sizeof(tosval_dec)); + + udp_xmit (sc->ppp_buf, st); + recycle_payload (sc->ppp_buf, sc->container->peer); } - sc = sc->next; - } - st = st->next; - } + if (result != 0) + { + l2tp_log (LOG_WARNING, + "%s: tossing read packet, error = %s (%d). Closing call.\n", + __FUNCTION__, strerror (-result), -result); + strcpy (sc->errormsg, strerror (-result)); + sc->needclose = -1; + } + } // for (sc.. + } // for (st.. } } #ifdef USE_KERNEL int connect_pppol2tp(struct tunnel *t) { - if (kernel_support) { - int ufd = -1, fd2 = -1; - int flags; - struct sockaddr_pppol2tp sax; - - struct sockaddr_in server; - - memset(&server, 0, sizeof(struct sockaddr_in)); - server.sin_family = AF_INET; - server.sin_addr.s_addr = gconfig.listenaddr; - server.sin_port = htons (gconfig.port); - if ((ufd = socket (PF_INET, SOCK_DGRAM, 0)) < 0) - { - l2tp_log (LOG_CRIT, "%s: Unable to allocate UDP socket. Terminating.\n", - __FUNCTION__); - return -EINVAL; - }; + if (!kernel_support) + return 0; + + int ufd = -1, fd2 = -1; + int flags; + struct sockaddr_pppol2tp sax; + + struct sockaddr_in server; + + memset(&server, 0, sizeof(struct sockaddr_in)); + server.sin_family = AF_INET; + server.sin_addr.s_addr = gconfig.listenaddr; + server.sin_port = htons (gconfig.port); + if ((ufd = socket (PF_INET, SOCK_DGRAM, 0)) < 0) + { + l2tp_log (LOG_CRIT, "%s: Unable to allocate UDP socket. Terminating.\n", + __FUNCTION__); + return -EINVAL; + }; - flags=1; - setsockopt(ufd, SOL_SOCKET, SO_REUSEADDR, &flags, sizeof(flags)); + flags=1; + setsockopt(ufd, SOL_SOCKET, SO_REUSEADDR, &flags, sizeof(flags)); #ifdef SO_NO_CHECK - setsockopt(ufd, SOL_SOCKET, SO_NO_CHECK, &flags, sizeof(flags)); + setsockopt(ufd, SOL_SOCKET, SO_NO_CHECK, &flags, sizeof(flags)); #endif - if (bind (ufd, (struct sockaddr *) &server, sizeof (server))) - { - close (ufd); - l2tp_log (LOG_CRIT, "%s: Unable to bind UDP socket: %s. Terminating.\n", - __FUNCTION__, strerror(errno), errno); - return -EINVAL; - }; - server = t->peer; - flags = fcntl(ufd, F_GETFL); - if (flags == -1 || fcntl(ufd, F_SETFL, flags | O_NONBLOCK) == -1) { - l2tp_log (LOG_WARNING, "%s: Unable to set UDP socket nonblock.\n", - __FUNCTION__); - return -EINVAL; - } - if (connect (ufd, (struct sockaddr *) &server, sizeof(server)) < 0) { - l2tp_log (LOG_CRIT, "%s: Unable to connect UDP peer. Terminating.\n", - __FUNCTION__); - close(ufd); - return -EINVAL; - } + if (bind (ufd, (struct sockaddr *) &server, sizeof (server))) + { + close (ufd); + l2tp_log (LOG_CRIT, "%s: Unable to bind UDP socket: %s. Terminating.\n", + __FUNCTION__, strerror(errno), errno); + return -EINVAL; + }; + server = t->peer; + flags = fcntl(ufd, F_GETFL); + if (flags == -1 || fcntl(ufd, F_SETFL, flags | O_NONBLOCK) == -1) { + l2tp_log (LOG_WARNING, "%s: Unable to set UDP socket nonblock.\n", + __FUNCTION__); + return -EINVAL; + } + if (connect (ufd, (struct sockaddr *) &server, sizeof(server)) < 0) { + l2tp_log (LOG_CRIT, "%s: Unable to connect UDP peer. Terminating.\n", + __FUNCTION__); + close(ufd); + return -EINVAL; + } - t->udp_fd=ufd; + t->udp_fd=ufd; - fd2 = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP); - if (fd2 < 0) { - l2tp_log (LOG_WARNING, "%s: Unable to allocate PPPoL2TP socket.\n", - __FUNCTION__); - return -EINVAL; - } - flags = fcntl(fd2, F_GETFL); - if (flags == -1 || fcntl(fd2, F_SETFL, flags | O_NONBLOCK) == -1) { - l2tp_log (LOG_WARNING, "%s: Unable to set PPPoL2TP socket nonblock.\n", - __FUNCTION__); - close(fd2); - return -EINVAL; - } - memset(&sax, 0, sizeof(sax)); - sax.sa_family = AF_PPPOX; - sax.sa_protocol = PX_PROTO_OL2TP; - sax.pppol2tp.fd = t->udp_fd; - sax.pppol2tp.addr.sin_addr.s_addr = t->peer.sin_addr.s_addr; - sax.pppol2tp.addr.sin_port = t->peer.sin_port; - sax.pppol2tp.addr.sin_family = AF_INET; - sax.pppol2tp.s_tunnel = t->ourtid; - sax.pppol2tp.d_tunnel = t->tid; - if ((connect(fd2, (struct sockaddr *)&sax, sizeof(sax))) < 0) { - l2tp_log (LOG_WARNING, "%s: Unable to connect PPPoL2TP socket. %d %s\n", - __FUNCTION__, errno, strerror(errno)); - close(fd2); - return -EINVAL; - } - t->pppox_fd = fd2; - } + fd2 = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP); + if (fd2 < 0) { + l2tp_log (LOG_WARNING, "%s: Unable to allocate PPPoL2TP socket.\n", + __FUNCTION__); + return -EINVAL; + } + flags = fcntl(fd2, F_GETFL); + if (flags == -1 || fcntl(fd2, F_SETFL, flags | O_NONBLOCK) == -1) { + l2tp_log (LOG_WARNING, "%s: Unable to set PPPoL2TP socket nonblock.\n", + __FUNCTION__); + close(fd2); + return -EINVAL; + } + memset(&sax, 0, sizeof(sax)); + sax.sa_family = AF_PPPOX; + sax.sa_protocol = PX_PROTO_OL2TP; + sax.pppol2tp.fd = t->udp_fd; + sax.pppol2tp.addr.sin_addr.s_addr = t->peer.sin_addr.s_addr; + sax.pppol2tp.addr.sin_port = t->peer.sin_port; + sax.pppol2tp.addr.sin_family = AF_INET; + sax.pppol2tp.s_tunnel = t->ourtid; + sax.pppol2tp.d_tunnel = t->tid; + if ((connect(fd2, (struct sockaddr *)&sax, sizeof(sax))) < 0) { + l2tp_log (LOG_WARNING, "%s: Unable to connect PPPoL2TP socket. %d %s\n", + __FUNCTION__, errno, strerror(errno)); + close(fd2); + return -EINVAL; + } + t->pppox_fd = fd2; return 0; } #endif diff --git a/osport.h b/osport.h index 02ef2659..c42f5daa 100644 --- a/osport.h +++ b/osport.h @@ -43,4 +43,11 @@ struct in_pktinfo { #endif +#if defined __UCLIBC__ && !defined UCLIBC_SUSV3_LEGACY_MACROS +# define index(x, y) strchr(x, y) +# define bcopy(S1, S2, LEN) ((void)memmove(S2, S1, LEN)) +# define bzero(S1, LEN) ((void)memset(S1, 0, LEN)) +# define bcmp(S1,S2,LEN) ((memcmp(S2, S1, LEN)==0)?0:1) +#endif /* defined __UCLIBC__ && !defined UCLIBC_SUSV3_LEGACY_MACROS */ + #endif /* _OSPORT_H_ */ diff --git a/packaging/fedora/xl2tpd.spec b/packaging/fedora/xl2tpd.spec index 34544251..4775da33 100644 --- a/packaging/fedora/xl2tpd.spec +++ b/packaging/fedora/xl2tpd.spec @@ -1,6 +1,6 @@ Summary: Layer 2 Tunnelling Protocol Daemon (RFC 2661) Name: xl2tpd -Version: 1.3.12 +Version: 1.3.16 Release: 1%{?dist} License: GPLv2 Url: http://www.xelerance.com/software/xl2tpd/ diff --git a/packaging/openwrt/Makefile b/packaging/openwrt/Makefile index 2626d6ce..8b84ea21 100644 --- a/packaging/openwrt/Makefile +++ b/packaging/openwrt/Makefile @@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=xl2tpd -PKG_VERSION:=1.3.12 +PKG_VERSION:=1.3.16 PKG_RELEASE:=1 PKG_MD5SUM:=ab5656eb5a3d1973f7f69b039675332e-NEEDSUPDATING diff --git a/packaging/suse/Makefile.patch b/packaging/suse/Makefile.patch new file mode 100644 index 00000000..ecaf00bc --- /dev/null +++ b/packaging/suse/Makefile.patch @@ -0,0 +1,28 @@ +--- ./Makefile.orig 2011-07-24 04:13:59.000000000 +0400 ++++ ./Makefile 2011-10-19 05:27:27.451967117 +0400 +@@ -47,13 +47,13 @@ + # trust pppd. This work around will be removed in the near future. + + # DFLAGS= -g -DDEBUG_HELLO -DDEBUG_CLOSE -DDEBUG_FLOW -DDEBUG_PAYLOAD -DDEBUG_CONTROL -DDEBUG_CONTROL_XMIT -DDEBUG_FLOW_MORE -DDEBUG_MAGIC -DDEBUG_ENTROPY -DDEBUG_HIDDEN -DDEBUG_PPPD -DDEBUG_AAA -DDEBUG_FILE -DDEBUG_FLOW -DDEBUG_HELLO -DDEBUG_CLOSE -DDEBUG_ZLB -DDEBUG_AUTH +-DFLAGS?= -DDEBUG_PPPD -DTRUST_PPPD_TO_DIE ++#DFLAGS?= -DDEBUG_PPPD -DTRUST_PPPD_TO_DIE + + # Uncomment the next line for Linux. KERNELSRC is needed for if_pppol2tp.h, + # but we use a local copy if we don't find it. + # +-#KERNELSRC=/lib/modules/`uname -r`/build/ +-KERNELSRC?=./linux ++KERNELSRC=/lib/modules/`uname -r`/build/ ++#KERNELSRC?=./linux + OSFLAGS?= -DLINUX -I$(KERNELSRC)/include/ + # + # Uncomment the following to use the kernel interface under Linux +@@ -99,7 +99,7 @@ + EXEC=xl2tpd + CONTROL_EXEC=xl2tpd-control + +-PREFIX?=/usr/local ++PREFIX?=/usr + SBINDIR?=$(DESTDIR)${PREFIX}/sbin + BINDIR?=$(DESTDIR)${PREFIX}/bin + MANDIR?=$(DESTDIR)${PREFIX}/share/man diff --git a/packaging/suse/README b/packaging/suse/README index 9d5f16d0..b2bcb474 100644 --- a/packaging/suse/README +++ b/packaging/suse/README @@ -1 +1,2 @@ -Suse startup files based on examples found in OpenSuse 10.3 +These files can be used to build openSUSE/SLE packages by using Open Build Service +(standard system to build packages used by openSUSE project and SUSE itself). diff --git a/packaging/suse/sles10.spec b/packaging/suse/sles10.spec index d2eb84f9..f4e0ddbf 100644 --- a/packaging/suse/sles10.spec +++ b/packaging/suse/sles10.spec @@ -1,6 +1,6 @@ Summary: Layer 2 Tunnelling Protocol Daemon (RFC 2661) Name: xl2tpd -Version: 1.3.12 +Version: 1.3.16 Release: 1%{?dist} License: GPLv2 Url: http://www.xelerance.com/software/xl2tpd/ diff --git a/packaging/suse/xl2tpd.changes b/packaging/suse/xl2tpd.changes new file mode 100644 index 00000000..6739aa29 --- /dev/null +++ b/packaging/suse/xl2tpd.changes @@ -0,0 +1,446 @@ +------------------------------------------------------------------- +Sun Oct 13 18:22:24 UTC 2019 - Martin Hauke + +- Update to version 1.3.15 + * Specify missing log arguments + * Sockopt bug fix for multiple IP's + +------------------------------------------------------------------- +Wed Apr 17 17:42:30 UTC 2019 - Martin Hauke + +- Update to version 1.3.14 + * Bugfix release, mostly code cleanup + +------------------------------------------------------------------- +Wed Mar 20 19:03:16 UTC 2019 - Jan Engelhardt + +- Drop ||true from %tmpfiles_create, this is already + included in the macro. +- Reduce hard dependency on systemd during build. + +------------------------------------------------------------------- +Fri Mar 8 20:54:23 UTC 2019 - Martin Hauke + +- Run spec-cleaner +- Remove support for non-systemd distros +- Remove -doc subpackage (contained only some KB text-files and + and manpages) +- Fix handling of tmpfilesdir +- Update to version 1.3.13 + * Fix compile warning with USE_KERNEL in xl2tpd.c + * Applying patch that reduces compile warnings and fixes warnings + from gcc and clang. + * Fix compiler warnings in network.c + * Add a preproc for Watchguard firewall (Github issue #136) + * Convert from ISO-8859 to UTF-8 [Simon Deziel] + Update README to provide latest info on xl2tpd + Linux kernel 4.15+ +- Update to version 1.3.12 + * TOS value to copy to the tunnel header + * Fix for ENODEV (No such device) error with Linux kernel 4.15 + * Update xl2tpd.init + * fix version number and upload +- Update to version 1.3.11 + * only changes related to debian packaging + +------------------------------------------------------------------- +Thu Oct 26 12:38:37 UTC 2017 - badshah400@gmail.com + +- Update to version 1.3.10 + * Update STRLEN in file.h to 100 (from 80). + * xl2tpd-control: fix xl2tpd hanged up in "fopen". + * Update version in spec and opewnrt Makefile. +- Update source URL in specfile. + +------------------------------------------------------------------- +Thu Jun 29 15:04:34 UTC 2017 - dimstar@opensuse.org + +- Own /etc/ppp (mode 750, like other packages too). + +------------------------------------------------------------------- +Thu May 16 10:33:42 UTC 2017 - alexander_naumov@opensuse.org + +- Update to version 1.3.9 + * Add xl2tpd-control man pages (Samir Hussain) + * Update spec file with newest Soure0 and version (Samir Hussain) + * Update License file (Samir Hussain) + * Display PID for call in the logs (Samir Hussain) + * Use left shift rather than pow() function. (Samir Hussain) + * Enable Travis integration (Samir Hussain) + * Remove unnecessary casting of malloc() results (Andrew Clayton) + * Remove an unused line of code in init_config() (Andrew Clayton) + * Fix some undefined behaviour in read_result() (Andrew Clayton) + * Fix feature test macro deprecation warnings (Andrew Clayton) + +------------------------------------------------------------------- +Sun Apr 12 00:55:33 UTC 2015 - p.drouand@gmail.com + +- Update to version 1.3.6 + * Fix the size of the lenght param for AVP headers. This should + fix Android support no matter how the compiler optimizes. +- For changes from other versions, please read the CHANGES files +- Use download Url as source +- Remove redundant %clean section +- Remove xl2tpd-1.3.0-0001-Add-kernel-support-for-2.6.32.patch; + fixed by upstream +- Adapt Makefile.patch and xl2tpd.init.patch to upstream changes +- Do not provide sysvinit and systemd support on the same system; + it's redundant +- Add backward compatibility symlinl to systemd service + +------------------------------------------------------------------- +Thu Jun 26 15:27:11 UTC 2014 - dvlaeev@suse.com + +- switch to /run on openSUSE newer than 13.1 + +------------------------------------------------------------------- +Wed Jan 1 21:53:05 UTC 2014 - dvlaeev@suse.com + +- Remove newline from description in xl2tpd.conf (bnc#856928) + +------------------------------------------------------------------- +Sun Mar 17 16:14:54 UTC 2013 - dvaleev@suse.com + +- Use /usr/lib/tmpfile.d for tmpfiles configuration + +------------------------------------------------------------------- +Wed Mar 6 21:15:13 YEKT 2013 - avm.xandry@gmail.com + +- Added /etc/tmpfiles.d/xl2tpd.conf file (bnc#807605) + +------------------------------------------------------------------- +Mon Nov 26 10:24:38 UTC 2012 - dvaleev@suse.com + +- don't use old version of if_pppol2tp.h (bnc#791109) + +------------------------------------------------------------------- +Wed Nov 21 06:04:50 UTC 2012 - binli@opensuse.org + +- xl2tpd Add kernel support for 2.6.23+ (patch v12) + xl2tpd-1.3.0-0001-Add-kernel-support-for-2.6.32.patch + Public Clone URL: git://gist.github.com/1306094.git + (bnc#790250). + +------------------------------------------------------------------- +Fri Aug 31 21:45:57 UTC 2012 - crrodriguez@opensuse.org + +- Add systemd support. + +------------------------------------------------------------------- +Thu Oct 26 20:10:00 UTC 2011 - nekolayer@yandex.ru + +- update to xl2tpd 1.3.0 + * added xl2tpd-control tool (activates/disconnects the tunnel, + actions with lac configuration file) + * fixed bug causing "Resource temporarily unavailable(11)" in log + * fixed xl2tpd hungs and won't redial after communication fail + * fixed buffer overrun in reading >16 char l2tp-secrets + +------------------------------------------------------------------- +Tue May 4 12:30:00 CEST 2010 - dvaleev@novell.com + +- fixed rpmlint dir-or-file-in-var-run + +------------------------------------------------------------------- +Thu Apr 22 09:23:57 UTC 2010 - aj@suse.de + +- Fix specfile, debug_package will get inserted automatically. +- Do not use license package. + +------------------------------------------------------------------- +Fri Apr 16 15:01:13 CEST 2010 - eri_zaq@please-enter-an-email-address + +- xl2tpd-1.2.4-4 +- Fix init script to stop service correctly +- *.changes +------------------------------------------------------------------- +Mon Mar 15 00:00:00 CET 2010 - k0da@opensuse.org + +- xl2tpd-1.2.4-3 +- avoid a huge overload of duplicated files + +------------------------------------------------------------------- +Thu Mar 11 00:00:00 CET 2010 - k0da@opensuse.org + +- xl2tpd-1.2.4-2 +- xl2tpd-doc-1.2.4-2 +- *-doc package +- cleanup init script + +------------------------------------------------------------------- +Wed Mar 10 00:00:00 CET 2010 - k0da@opensuse.org + +- xl2tpd-1.2.4-1 +- patch for init file + +------------------------------------------------------------------- +Tue Oct 28 00:00:00 CET 2008 - k0da@opensuse.org + +- Adjust build requires + +------------------------------------------------------------------- +Sun Oct 26 00:00:00 CEST 2008 - paul@xelerance.com + +- Updated Suse init scripts and spec file +- Added pfc for pppd's precompiled-active-filter + +------------------------------------------------------------------- +Fri Apr 18 00:00:00 CEST 2008 - paul@xelerance.com + +- Updated Suse init scripts and spec file + +------------------------------------------------------------------- +Tue Jun 26 00:00:00 CEST 2007 - paul@xelerance.com + +- Minor changes to spec file to accomodate new README files + +------------------------------------------------------------------- +Fri Feb 23 00:00:00 CET 2007 - paul@xelerance.com + +- Upgraded to 1.1.08 +- This works around the ppp-2.4.2-6.4 issue of not dying on SIGTERM + +------------------------------------------------------------------- +Mon Feb 19 00:00:00 CET 2007 - paul@xelerance.com + +- Upgraded to 1.1.07 +- Fixes from Tuomo Soini for pidfile handling with Fedora +- Fix hardcoded version for Source in spec file. + +------------------------------------------------------------------- +Thu Dec 7 00:00:00 CET 2006 - paul@xelerance.com + +- Changed space/tab replacing method + +------------------------------------------------------------------- +Wed Dec 6 00:00:00 CET 2006 - paul@xelerance.com + +- Added -p to keep original timestamps +- Added temporary hack to change space/tab in init file. +- Added /sbin/service dependancy + +------------------------------------------------------------------- +Tue Dec 5 00:00:00 CET 2006 - paul@xelerance.com + +- Changed Mr. Karlsen's name to not be a utf8 problem +- Fixed Obosoletes/Provides to be more specific wrt l2tpd. +- Added dist tag which accidentally got deleted. + +------------------------------------------------------------------- +Mon Dec 4 00:00:00 CET 2006 - paul@xelerance.com + +- Rebased spec file on Fedora Extras copy, but using xl2tpd as package name + +------------------------------------------------------------------- +Sun Nov 27 00:00:00 CET 2005 - paul@xelerance.com + +- Pulled up sourceforget.net CVS fixes. +- various debugging added, but debugging should not be on by default. +- async/sync conversion routines must be ready for possibility that the read + will block due to routing loops. +- refactor control socket handling. +- move all logic about pty usage to pty.c. Try ptmx first, if it fails try + legacy ptys +- rename log() to l2tp_log(), as "log" is a math function. +- if we aren't deamonized, then log to stderr. +- added install: and DESTDIR support. + +------------------------------------------------------------------- +Thu Oct 20 00:00:00 CEST 2005 - paul@xelerance.com + +- Removed suse/mandrake specifics. Comply for Fedora Extras guidelines + +------------------------------------------------------------------- +Tue Jun 21 00:00:00 CEST 2005 - jacco2@dds.nl + +- Added log() patch by Paul Wouters so that l2tpd compiles on FC4. + +------------------------------------------------------------------- +Sat Jun 4 00:00:00 CEST 2005 - jacco2@dds.nl + +- l2tpd.org has been hijacked. Project moved back to SourceForge: + http://l2tpd.sourceforge.net + +------------------------------------------------------------------- +Tue May 3 00:00:00 CEST 2005 - jacco2@dds.nl + +- Small Makefile fixes. Explicitly use gcc instead of cc. + Network services library was not linked on Solaris due to typo. + +------------------------------------------------------------------- +Thu Mar 17 00:00:00 CET 2005 - jacco2@dds.nl + +- Choosing between SysV or BSD style ptys is now configurable through + a compile-time boolean "unix98pty". + +------------------------------------------------------------------- +Fri Feb 4 00:00:00 CET 2005 - jacco2@dds.nl + +- Added code from Roaring Penguin (rp-l2tp) to support SysV-style ptys. + Requires the N_HDLC kernel module. + +------------------------------------------------------------------- +Fri Nov 26 00:00:00 CET 2004 - jacco2@dds.nl + +- Updated the README. + +------------------------------------------------------------------- +Wed Nov 10 00:00:00 CET 2004 - jacco2@dds.nl + +- Patch by Marald Klein and Roger Luethi. Fixes writing PID file. + (http://l2tpd.graffl.net/msg01790.html) + Long overdue. Rereleasing 10jdl. + +------------------------------------------------------------------- +Tue Nov 9 00:00:00 CET 2004 - jacco2@dds.nl + +- [SECURITY FIX] Added fix from Debian because of a bss-based + buffer overflow. + (http://www.mail-archive.com/l2tpd-devel@l2tpd.org/msg01071.html) +- Mandrake's FreeS/WAN, Openswan and Strongswan RPMS use configuration + directories /etc/{freeswan,openswan,strongswan}. Install our + configuration files to /etc/ipsec.d and create symbolic links in + those directories. + +------------------------------------------------------------------- +Wed Aug 18 00:00:00 CEST 2004 - jacco2@dds.nl + +- Removed 'leftnexthop=' lines. Not relevant for recent versions + of FreeS/WAN and derivates. + +------------------------------------------------------------------- +Tue Jan 20 00:00:00 CET 2004 - jacco2@dds.nl + +- Added "noccp" because of too much MPPE/CCP messages sometimes. + +------------------------------------------------------------------- +Wed Dec 31 00:00:00 CET 2003 - jacco2@dds.nl + +- Added patch in order to prevent StopCCN messages. + +------------------------------------------------------------------- +Sat Aug 23 00:00:00 CEST 2003 - jacco2@dds.nl + +- MTU/MRU 1410 seems to be the lowest possible for MSL2TP. + For Windows 2000/XP it doesn't seem to matter. +- Typo in l2tpd.conf (192.168.128/25). + +------------------------------------------------------------------- +Fri Aug 8 00:00:00 CEST 2003 - jacco2@dds.nl + +- Added MTU/MRU 1400 to options.l2tpd. I don't know the optimal + value but some apps had problems with the default value. + +------------------------------------------------------------------- +Fri Aug 1 00:00:00 CEST 2003 - jacco2@dds.nl + +- Added workaround for the missing hostname bug in the MSL2TP client + ('Specify your hostname', error 629: "You have been disconnected + from the computer you are dialing"). + +------------------------------------------------------------------- +Sun Jul 20 00:00:00 CEST 2003 - jacco2@dds.nl + +- Added the "listen-addr" global parameter for l2tpd.conf. By + default, the daemon listens on *all* interfaces. Use + "listen-addr" if you want it to bind to one specific + IP address (interface), for security reasons. (See also: + http://www.jacco2.dds.nl/networking/freeswan-l2tp.html#Firewallwarning) +- Explained in l2tpd.conf that two different IP addresses should be + used for 'listen-addr' and 'local ip'. +- Modified init script. Upgrades should work better now. You + still need to start/chkconfig l2tpd manually. +- Renamed the example Openswan .conf files to better reflect + the situation. There are two variants using different portselectors. + Previously I thought Windows 2000/XP used portselector 17/0 + and the rest used 17/1701. But with the release of an updated + IPsec client by Microsoft, it turns out that 17/0 must have + been a mistake: the updated client now also uses 17/1701. + +------------------------------------------------------------------- +Thu Apr 10 00:00:00 CEST 2003 - jacco2@dds.nl + +- Changed sample chap-secrets to be valid only for specific + IP addresses. + +------------------------------------------------------------------- +Thu Mar 13 00:00:00 CET 2003 - tech-role@tronicplanet.de + +- Adjustments for SuSE8.x (thanks, Bernhard!) +- Added sample chap-secrets. + +------------------------------------------------------------------- +Thu Mar 6 00:00:00 CET 2003 - jacco2@dds.nl + +- Replaced Dominique's patch by Damion de Soto's, which does not + depend on the N_HDLC kernel module. + +------------------------------------------------------------------- +Wed Feb 26 00:00:00 CET 2003 - jacco2@dds.nl + +- Seperate example config files for Win9x (MSL2TP) and Win2K/XP + due to left/rightprotoport differences. + Fixing preun for Red Hat. + +------------------------------------------------------------------- +Mon Feb 3 00:00:00 CET 2003 - jacco2@dds.nl + +- Mandrake uses /etc/freeswan/ instead of /etc/ipsec.d/ + Error fixed: source6 was used for both PSK and CERT. + +------------------------------------------------------------------- +Wed Jan 29 00:00:00 CET 2003 - jacco2@dds.nl + +- Added Dominique Cressatti's pty patch in another attempt to + prevent the Windows 2000 Professional "loopback detected" error. + Seems to work! + +------------------------------------------------------------------- +Wed Dec 25 00:00:00 CET 2002 - jacco2@dds.nl + +- Added 'connect-delay' to PPP parameters in an attempt to + prevent the Windows 2000 Professional "loopback detected" error. + Didn't seem to work. + +------------------------------------------------------------------- +Fri Dec 13 00:00:00 CET 2002 - jacco2@dds.nl + +- Did not build on Red Hat 8.0. Solved by adding comments(?!). + Bug detected in spec file: chkconfig --list l2tpd does not work + on Red Hat 8.0. Not important enough to look into yet. + +------------------------------------------------------------------- +Sun Nov 17 00:00:00 CET 2002 - jacco2@dds.nl + +- Tested on Red Hat, required some changes. No gprintf. Used different + pty patch, otherwise wouldn't run. Added buildroot sanity check. + +------------------------------------------------------------------- +Sun Nov 10 00:00:00 CET 2002 - jacco2@dds.nl + +- Specfile adapted from Mandrake Cooker. The original RPM can be + retrieved through: + http://www.rpmfind.net/linux/rpm2html/search.php?query=l2tpd +- Config path changed from /etc/l2tp/ to /etc/l2tpd/ + (Seems more logical and rp-l2tp already uses /etc/l2tp/). +- Do not run at boot or install. The original RPM uses a config file + which is completely commented out, but it still starts l2tpd on all + interfaces. Could be a security risk. This RPM does not start l2tpd, + the sysadmin has to edit the config file and start l2tpd explicitly. +- Renamed patches to start with l2tpd- +- Added dependencies for pppd, glibc-devel. +- Use %%{name} as much as possible. +- l2tp-secrets contains passwords, thus should not be world readable. +- Removed dependency on rpm-helper. + +------------------------------------------------------------------- +Mon Oct 21 00:00:00 CEST 2002 - lenny@mandrakesoft.com + +- from Per 0yvind Karlsen : + - PreReq and Requires + - Fix preun_service + +------------------------------------------------------------------- +Thu Oct 17 00:00:00 CEST 2002 - peroyvind@delonic.no + +- Initial release + diff --git a/packaging/suse/xl2tpd.init.patch b/packaging/suse/xl2tpd.init.patch new file mode 100644 index 00000000..b6170e5e --- /dev/null +++ b/packaging/suse/xl2tpd.init.patch @@ -0,0 +1,92 @@ +--- packaging/suse/xl2tpd.init.orig 2010-05-04 12:01:25.000000000 +0200 ++++ packaging/suse/xl2tpd.init 2010-05-04 12:08:08.000000000 +0200 +@@ -17,8 +17,10 @@ + # + ### BEGIN INIT INFO + # Provides: xl2tpd +-# Required-Start: $syslog $remote_fs +-# Required-Stop: $syslog $remote_fs ++# Required-Start: $remote_fs $syslog $network ++# Required-Stop: $remote_fs $syslog $network ++# Should-Start: ypbind ++# Should-Stop: ypbind + # Default-Start: 3 5 + # Default-Stop: 0 1 2 6 + # Short-Description: Start xl2tpd (to provide L2TP VPN's) +@@ -30,20 +32,11 @@ + # not real dependencies. Depencies have to be handled by admin + # resp. the configuration tools (s)he uses. + +-# Source SuSE config (if still necessary, most info has been moved) +-test -r /etc/rc.config && . /etc/rc.config +- + # Check for missing binaries (stale symlinks should not happen) + XL2TPD_BIN=/usr/sbin/xl2tpd +-test -x $YPBIND_BIN || { echo "$YPBIND_BIN not installed"; +- if [ "$1" = "stop" ]; then exit 0; else exit 5; fi; } +- +-# Check for existence of needed config file and read it +-#XL2TPD_CONFIG=/etc/sysconfig/xl2tpd +-#test -r $YPBIND_CONFIG || { echo "$YPBIND_CONFIG not existing"; +-# if [ "$1" = "stop" ]; then exit 0; else exit 6; fi; } +-#. $XL2TPD_CONFIG +- ++XL2TPD_PID=/var/run/xl2tpd/xl2tpd.pid ++XL2TPD_CONF=/etc/xl2tpd/xl2tpd.conf ++XL2TPD_PIDDIR=/var/run/xl2tpd + # Shell functions sourced from /etc/rc.status: + # rc_check check and set local and overall rc status + # rc_status check and set local and overall rc status +@@ -82,7 +75,10 @@ + + # NOTE: startproc returns 0, even if service is + # already running to match LSB spec. +- startproc $XL2TPD_BIN >/dev/null 2>&1 ++ if [ ! -d $XL2TPD_PIDDIR ]; then ++ mkdir -p $XL2TPD_PIDDIR ++ fi ++ startproc -p $XL2TPD_PID $XL2TPD_BIN + + # Remember status and be verbose + rc_status -v +@@ -92,8 +88,7 @@ + ## Stop daemon with killproc(8) and if this fails + ## set echo the echo return value. + +- killproc -TERM $XL2TPD_BIN +- rm -f /var/run/xl2tpd/xl2tpd.pid ++ killproc -G -TERM $XL2TPD_BIN + # Remember status and be verbose + rc_status -v + ;; +@@ -123,13 +118,8 @@ + ## do this on signal 1 (SIGHUP). + ## If it does not support it, restart. + echo -n "Reload service xl2tpd" +- ## if it supports it: + killproc -HUP $XL2TPD_BIN +- #touch /var/run/xl2tpd/xl2tpd.pid + rc_status -v +- ## Otherwise: +- #$0 stop && $0 start +- #rc_status + ;; + reload) + ## Like force-reload, but if daemon does not support +@@ -137,7 +127,6 @@ + # If it supports signalling: + echo -n "Reload service xl2tpd" + killproc -HUP $XL2TPD_BIN +- #touch /var/run/xl2tpd.pid + rc_status -v + ## Otherwise if it does not support reload: + #rc_failed 3 +@@ -162,7 +151,7 @@ + ## Optional: Probe for the necessity of a reload, + ## print out the argument which is required for a reload. + +- test /etc/xl2tpd/xl2tpd.conf -nt /var/run/xltpd/xl2tpd.pid && echo reload ++ test $XL2TPD_CONF -nt $XL2TPD_PID && echo reload + ;; + *) + echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}" diff --git a/packaging/suse/xl2tpd.spec b/packaging/suse/xl2tpd.spec index 211d81ce..bdc6c0c9 100644 --- a/packaging/suse/xl2tpd.spec +++ b/packaging/suse/xl2tpd.spec @@ -1,19 +1,46 @@ -Summary: Layer 2 Tunnelling Protocol Daemon (RFC 2661) -Name: xl2tpd -Version: 1.3.12 -Release: 1%{?dist} -License: GPLv2 -Url: http://www.xelerance.com/software/xl2tpd/ -Group: Productivity/Networking/Other -Source0: https://github.com/xelerance/xl2tpd/archive/v%{version}.tar.gz -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Requires: ppp >= 2.4.3 -BuildRequires: libpcap-devel -Obsoletes: l2tpd < 0.69 -Provides: l2tpd = 0.69 -Requires(post): /sbin/chkconfig -Requires(preun): /sbin/chkconfig -Requires(preun): /sbin/service +# +# spec file for package xl2tpd +# +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%if 0%{?suse_version} <= 1310 +%define rundir %{_localstatedir}/run +%else +%define rundir /run +%endif +Name: xl2tpd +Version: 1.3.16 +Release: 0 +Summary: Layer 2 Tunnelling Protocol Daemon (RFC 2661) +License: GPL-2.0-only +Group: Productivity/Networking/System +URL: http://www.xelerance.com/software/xl2tpd/ +Source0: https://github.com/xelerance/xl2tpd/archive/v%{version}.tar.gz +Source1: %{name}.service +Source2: %{name}.conf +Patch0: Makefile.patch +Patch1: xl2tpd.init.patch +BuildRequires: libpcap +BuildRequires: libpcap-devel +BuildRequires: linux-kernel-headers >= 2.6.19 +BuildRequires: systemd-rpm-macros +Requires: ppp +Obsoletes: l2tpd <= 0.68 +Provides: l2tpd = 0.69 +%{?systemd_ordering} %description xl2tpd is an implementation of the Layer 2 Tunnelling Protocol (RFC 2661). @@ -42,264 +69,79 @@ It was de-facto maintained by Jacco de Leeuw in 2002 and 2003. %prep %setup -q +%patch0 +%patch1 %build -make DFLAGS="$RPM_OPT_FLAGS -g -DDEBUG_PPPD -DDEBUG_CONTROL -DDEBUG_ENTROPY -DTRUST_PPPD_TO_DIE" +make %{?_smp_mflags} DFLAGS="%{optflags} -D_GNU_SOURCE $(getconf LFS_CFLAGS)" %install -make PREFIX=%{_prefix} DESTDIR=%{buildroot} MANDIR=%{buildroot}/%{_mandir} install +export PREFIX=%{_prefix} +%make_install install -p -D -m644 examples/xl2tpd.conf %{buildroot}%{_sysconfdir}/xl2tpd/xl2tpd.conf +install -p -d -m750 %{buildroot}%{_sysconfdir}/ppp install -p -D -m644 examples/ppp-options.xl2tpd %{buildroot}%{_sysconfdir}/ppp/options.xl2tpd install -p -D -m600 doc/l2tp-secrets.sample %{buildroot}%{_sysconfdir}/xl2tpd/l2tp-secrets install -p -D -m600 examples/chapsecrets.sample %{buildroot}%{_sysconfdir}/ppp/chap-secrets.sample -install -p -D -m755 packaging/suse/xl2tpd.init %{buildroot}%{_initrddir}/xl2tpd -ln -sf /etc/init.d/xl2tpd $RPM_BUILD_ROOT/usr/sbin/rcxl2tpd -install -p -D -m755 -d %{buildroot}%{_localstatedir}/run/xl2tpd - - -%clean -rm -rf %{buildroot} +install -p -D -m755 -d %{buildroot}%{rundir}/xl2tpd +install -D -m0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service +install -D -m0644 %{SOURCE2} %{buildroot}%{_tmpfilesdir}/%{name}.conf +%if 0%{?suse_version} > 1310 +sed -i 's|%{_localstatedir}/run/|/run/|' %{buildroot}%{_tmpfilesdir}/%{name}.conf +%endif +mkdir -p %{buildroot}%{_prefix}/lib/modules-load.d +echo "l2tp_ppp" > %{buildroot}%{_prefix}/lib/modules-load.d/%{name}.conf +ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name} + +%pre +%service_add_pre %{name}.service %post -%{fillup_and_insserv xl2tpd} - # if we migrate from l2tpd to xl2tpd, copy the configs -if [ -f /etc/l2tpd/l2tpd.conf ] +if [ -f %{_sysconfdir}/l2tpd/l2tpd.conf ] then - echo "Old /etc/l2tpd configuration found, migrating to /etc/xl2tpd" - mv /etc/xl2tpd/xl2tpd.conf /etc/xl2tpd/xl2tpd.conf.rpmsave - cat /etc/l2tpd/l2tpd.conf | sed "s/options.l2tpd/options.xl2tpd/" > /etc/xl2tpd/xl2tpd.conf - mv /etc/ppp/options.xl2tpd /etc/ppp/options.xl2tpd.rpmsave - mv /etc/ppp/options.l2tpd /etc/ppp/options.xl2tpd - mv /etc/xl2tpd/l2tp-secrets /etc/xl2tpd/l2tpd-secrets.rpmsave - cp -pa /etc/l2tpd/l2tp-secrets /etc/xl2tpd/l2tp-secrets + echo "Old %{_sysconfdir}/l2tpd configuration found, migrating to %{_sysconfdir}/xl2tpd" + mv %{_sysconfdir}/xl2tpd/xl2tpd.conf %{_sysconfdir}/xl2tpd/xl2tpd.conf.rpmsave + cat %{_sysconfdir}/l2tpd/l2tpd.conf | sed "s/options.l2tpd/options.xl2tpd/" > %{_sysconfdir}/xl2tpd/xl2tpd.conf + mv %{_sysconfdir}/ppp/options.xl2tpd %{_sysconfdir}/ppp/options.xl2tpd.rpmsave + mv %{_sysconfdir}/ppp/options.l2tpd %{_sysconfdir}/ppp/options.xl2tpd + mv %{_sysconfdir}/xl2tpd/l2tp-secrets %{_sysconfdir}/xl2tpd/l2tpd-secrets.rpmsave + cp -pa %{_sysconfdir}/l2tpd/l2tp-secrets %{_sysconfdir}/xl2tpd/l2tp-secrets fi +%service_add_post %{name}.service +%fillup_only +%tmpfiles_create %{_tmpfilesdir}/%{name}.conf %preun -%stop_on_removal xl2tpd -exit 0 +%service_del_preun %{name}.service %postun -%restart_on_update xl2tpd -%insserv_cleanup -exit 0 +%service_del_postun %{name}.service %files -%defattr(-,root,root) -%doc BUGS CHANGES CREDITS LICENSE README.* TODO +%license LICENSE +%doc BUGS CHANGES CREDITS README.* TODO %doc doc/README.patents examples/chapsecrets.sample %{_sbindir}/rcxl2tpd %{_sbindir}/xl2tpd %{_sbindir}/xl2tpd-control %{_bindir}/pfc -%{_mandir}/*/* %dir %{_sysconfdir}/xl2tpd %config(noreplace) %{_sysconfdir}/xl2tpd/* +%dir %{_sysconfdir}/ppp %config(noreplace) %{_sysconfdir}/ppp/* -%attr(0755,root,root) %{_initrddir}/xl2tpd -%dir %{_localstatedir}/run/xl2tpd +%dir %ghost %{rundir}/xl2tpd +%ghost %{rundir}/xl2tpd/l2tp-control +%{_tmpfilesdir}/%{name}.conf +%{_unitdir}/%{name}.service +%dir %{_prefix}/lib/modules-load.d +%{_prefix}/lib/modules-load.d/%{name}.conf +%{_mandir}/man1/pfc.1%{?ext_man} +%{_mandir}/man5/l2tp-secrets.5%{?ext_man} +%{_mandir}/man5/xl2tpd.conf.5%{?ext_man} +%{_mandir}/man8/xl2tpd-control.8%{?ext_man} +%{_mandir}/man8/xl2tpd.8%{?ext_man} %changelog -* Sun Oct 26 2008 Paul Wouters 1.2.2-1 -- Updated Suse init scripts and spec file -- Added pfc for pppd's precompiled-active-filter - -* Fri Apr 18 2008 Paul Wouters 1.2.1-1 -- Updated Suse init scripts and spec file - -* Tue Jun 26 2007 Paul Wouters 1.1.11-1 -- Minor changes to spec file to accomodate new README files - -* Fri Feb 23 2007 Paul Wouters 1.1.08-1 -- Upgraded to 1.1.08 -- This works around the ppp-2.4.2-6.4 issue of not dying on SIGTERM - -* Mon Feb 19 2007 Paul Wouters 1.1.07-2 -- Upgraded to 1.1.07 -- Fixes from Tuomo Soini for pidfile handling with Fedora -- Fix hardcoded version for Source in spec file. - -* Thu Dec 7 2006 Paul Wouters 1.1.06-5 -- Changed space/tab replacing method - -* Wed Dec 6 2006 Paul Wouters 1.1.06-4 -- Added -p to keep original timestamps -- Added temporary hack to change space/tab in init file. -- Added /sbin/service dependancy - -* Tue Dec 5 2006 Paul Wouters 1.1.06-3 -- Added Requires(post) / Requires(preun) -- changed init file to create /var/run/xl2tpd fixed a tab/space -- changed control file to be within /var/run/xl2tpd/ - -* Tue Dec 5 2006 Paul Wouters 1.1.06-2 -- Changed Mr. Karlsen's name to not be a utf8 problem -- Fixed Obosoletes/Provides to be more specific wrt l2tpd. -- Added dist tag which accidentally got deleted. - -* Mon Dec 4 2006 Paul Wouters 1.1.06-1 -- Rebased spec file on Fedora Extras copy, but using xl2tpd as package name - -* Sun Nov 27 2005 Paul Wouters 0.69.20051030 -- Pulled up sourceforget.net CVS fixes. -- various debugging added, but debugging should not be on by default. -- async/sync conversion routines must be ready for possibility that the read - will block due to routing loops. -- refactor control socket handling. -- move all logic about pty usage to pty.c. Try ptmx first, if it fails try - legacy ptys -- rename log() to l2tp_log(), as "log" is a math function. -- if we aren't deamonized, then log to stderr. -- added install: and DESTDIR support. - -* Thu Oct 20 2005 Paul Wouters 0.69-13 -- Removed suse/mandrake specifics. Comply for Fedora Extras guidelines - -* Tue Jun 21 2005 Jacco de Leeuw 0.69-12jdl -- Added log() patch by Paul Wouters so that l2tpd compiles on FC4. - -* Sat Jun 4 2005 Jacco de Leeuw -- l2tpd.org has been hijacked. Project moved back to SourceForge: - http://l2tpd.sourceforge.net - -* Tue May 3 2005 Jacco de Leeuw -- Small Makefile fixes. Explicitly use gcc instead of cc. - Network services library was not linked on Solaris due to typo. - -* Thu Mar 17 2005 Jacco de Leeuw 0.69-11jdl -- Choosing between SysV or BSD style ptys is now configurable through - a compile-time boolean "unix98pty". - -* Fri Feb 4 2005 Jacco de Leeuw -- Added code from Roaring Penguin (rp-l2tp) to support SysV-style ptys. - Requires the N_HDLC kernel module. - -* Fri Nov 26 2004 Jacco de Leeuw -- Updated the README. - -* Wed Nov 10 2004 Jacco de Leeuw 0.69-10jdl -- Patch by Marald Klein and Roger Luethi. Fixes writing PID file. - (http://l2tpd.graffl.net/msg01790.html) - Long overdue. Rereleasing 10jdl. - -* Tue Nov 9 2004 Jacco de Leeuw 0.69-10jdl -- [SECURITY FIX] Added fix from Debian because of a bss-based - buffer overflow. - (http://www.mail-archive.com/l2tpd-devel@l2tpd.org/msg01071.html) -- Mandrake's FreeS/WAN, Openswan and Strongswan RPMS use configuration - directories /etc/{freeswan,openswan,strongswan}. Install our - configuration files to /etc/ipsec.d and create symbolic links in - those directories. - -* Tue Aug 18 2004 Jacco de Leeuw -- Removed 'leftnexthop=' lines. Not relevant for recent versions - of FreeS/WAN and derivates. - -* Tue Jan 20 2004 Jacco de Leeuw 0.69-9jdl -- Added "noccp" because of too much MPPE/CCP messages sometimes. - -* Wed Dec 31 2003 Jacco de Leeuw -- Added patch in order to prevent StopCCN messages. - -* Sat Aug 23 2003 Jacco de Leeuw -- MTU/MRU 1410 seems to be the lowest possible for MSL2TP. - For Windows 2000/XP it doesn't seem to matter. -- Typo in l2tpd.conf (192.168.128/25). - -* Fri Aug 8 2003 Jacco de Leeuw 0.69-8jdl -- Added MTU/MRU 1400 to options.l2tpd. I don't know the optimal - value but some apps had problems with the default value. - -* Fri Aug 1 2003 Jacco de Leeuw -- Added workaround for the missing hostname bug in the MSL2TP client - ('Specify your hostname', error 629: "You have been disconnected - from the computer you are dialing"). - -* Thu Jul 20 2003 Jacco de Leeuw 0.69-7jdl -- Added the "listen-addr" global parameter for l2tpd.conf. By - default, the daemon listens on *all* interfaces. Use - "listen-addr" if you want it to bind to one specific - IP address (interface), for security reasons. (See also: - http://www.jacco2.dds.nl/networking/freeswan-l2tp.html#Firewallwarning) -- Explained in l2tpd.conf that two different IP addresses should be - used for 'listen-addr' and 'local ip'. -- Modified init script. Upgrades should work better now. You - still need to start/chkconfig l2tpd manually. -- Renamed the example Openswan .conf files to better reflect - the situation. There are two variants using different portselectors. - Previously I thought Windows 2000/XP used portselector 17/0 - and the rest used 17/1701. But with the release of an updated - IPsec client by Microsoft, it turns out that 17/0 must have - been a mistake: the updated client now also uses 17/1701. - -* Mon Apr 10 2003 Jacco de Leeuw 0.69-6jdl -- Changed sample chap-secrets to be valid only for specific - IP addresses. - -* Thu Mar 13 2003 Bernhard Thoni -- Adjustments for SuSE8.x (thanks, Bernhard!) -- Added sample chap-secrets. - -* Thu Mar 6 2003 Jacco de Leeuw 0.69-5jdl -- Replaced Dominique's patch by Damion de Soto's, which does not - depend on the N_HDLC kernel module. - -* Wed Feb 26 2003 Jacco de Leeuw 0.69-4jdl -- Seperate example config files for Win9x (MSL2TP) and Win2K/XP - due to left/rightprotoport differences. - Fixing preun for Red Hat. - -* Mon Feb 3 2003 Jacco de Leeuw 0.69-3jdl -- Mandrake uses /etc/freeswan/ instead of /etc/ipsec.d/ - Error fixed: source6 was used for both PSK and CERT. - -* Wed Jan 29 2003 Jacco de Leeuw 0.69-3jdl -- Added Dominique Cressatti's pty patch in another attempt to - prevent the Windows 2000 Professional "loopback detected" error. - Seems to work! - -* Wed Dec 25 2002 Jacco de Leeuw 0.69-2jdl -- Added 'connect-delay' to PPP parameters in an attempt to - prevent the Windows 2000 Professional "loopback detected" error. - Didn't seem to work. - -* Fri Dec 13 2002 Jacco de Leeuw 0.69-1jdl -- Did not build on Red Hat 8.0. Solved by adding comments(?!). - Bug detected in spec file: chkconfig --list l2tpd does not work - on Red Hat 8.0. Not important enough to look into yet. - -* Sun Nov 17 2002 Jacco de Leeuw 0.69-1jdl -- Tested on Red Hat, required some changes. No gprintf. Used different - pty patch, otherwise wouldn't run. Added buildroot sanity check. - -* Sun Nov 10 2002 Jacco de Leeuw -- Specfile adapted from Mandrake Cooker. The original RPM can be - retrieved through: - http://www.rpmfind.net/linux/rpm2html/search.php?query=l2tpd -- Config path changed from /etc/l2tp/ to /etc/l2tpd/ - (Seems more logical and rp-l2tp already uses /etc/l2tp/). -- Do not run at boot or install. The original RPM uses a config file - which is completely commented out, but it still starts l2tpd on all - interfaces. Could be a security risk. This RPM does not start l2tpd, - the sysadmin has to edit the config file and start l2tpd explicitly. -- Renamed patches to start with l2tpd- -- Added dependencies for pppd, glibc-devel. -- Use %%{name} as much as possible. -- l2tp-secrets contains passwords, thus should not be world readable. -- Removed dependency on rpm-helper. - -* Mon Oct 21 2002 Lenny Cartier 0.69-3mdk -- from Per 0yvind Karlsen : - - PreReq and Requires - - Fix preun_service - -* Thu Oct 17 2002 Per 0yvind Karlsen 0.69-2mdk -- Move l2tpd from /usr/bin to /usr/sbin -- Added SysV initscript -- Patch0 -- Patch1 - -* Thu Oct 17 2002 Per 0yvind Karlsen 0.69-1mdk -- Initial release diff --git a/xl2tpd-control.c b/xl2tpd-control.c index c2345ce9..1e87c930 100644 --- a/xl2tpd-control.c +++ b/xl2tpd-control.c @@ -1,13 +1,24 @@ /* - * Layer Two Tunnelling Protocol Daemon Control Utility - * Copyright (C) 2011 Alexander Dorokhov + * xl2tpd-control - the xl2tpd control utility * - * This software is distributed under the terms - * of the GPL, which you should have received - * along with this source. + * Copyright (C) 2011 Alexander Dorokhov * - * xl2tpd-control client main file + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program (see the file LICENSE); if not, see + * https://www.gnu.org/licenses/, or contact Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + * + **************************************************************** */ #define _GNU_SOURCE @@ -43,7 +54,6 @@ int result_fd = -1; int log_level = ERROR_LEVEL; void print_error (int level, const char *fmt, ...); - int read_result(int result_fd, char* buf, ssize_t size); /* Definition of a command */ @@ -52,99 +62,41 @@ struct command_t char *name; int (*handler) (FILE*, char* tunnel, int optc, char *optv[]); int requires_tunnel; - char *help; }; -int command_add_lac (FILE*, char* tunnel, int optc, char *optv[]); -int command_connect_lac (FILE*, char* tunnel, int optc, char *optv[]); -int command_disconnect_lac (FILE*, char* tunnel, int optc, char *optv[]); -int command_remove_lac (FILE*, char* tunnel, int optc, char *optv[]); -int command_add_lns (FILE*, char* tunnel, int optc, char *optv[]); -int command_status_lac (FILE*, char* tunnel, int optc, char *optv[]); -int command_status_lns (FILE*, char* tunnel, int optc, char *optv[]); -int command_remove_lns (FILE*, char* tunnel, int optc, char *optv[]); -int command_available (FILE*, char* tunnel, int optc, char *optv[]); +int command_add_lac (FILE*, char* tunnel, int optc, char *optv[]); +int command_connect_lac (FILE*, char* tunnel, int optc, char *optv[]); +int command_disconnect_lac(FILE*, char* tunnel, int optc, char *optv[]); +int command_status_lac (FILE*, char* tunnel, int optc, char *optv[]); +int command_remove_lac (FILE*, char* tunnel, int optc, char *optv[]); +int command_available (FILE*, char* tunnel, int optc, char *optv[]); +int command_add_lns (FILE*, char* tunnel, int optc, char *optv[]); +int command_status_lns (FILE*, char* tunnel, int optc, char *optv[]); +int command_remove_lns (FILE*, char* tunnel, int optc, char *optv[]); struct command_t commands[] = { - /* Keep this command mapping for backwards compat */ - {"add", &command_add_lac, TUNNEL_REQUIRED, - "\tadd\tadds new or modify existing lac configuration.\n" - "\t\tConfiguration must be specified as command options in\n" - "\t\t= pairs format.\n" - "\t\tSee available options in xl2tpd.conf(5)\n" - }, - {"connect", &command_connect_lac, TUNNEL_REQUIRED, - "\tconnect\ttries to activate the tunnel.\n" - "\t\tUsername and secret for the tunnel can be passed as\n" - "\t\tcommand options.\n" - }, - {"disconnect", &command_disconnect_lac, TUNNEL_REQUIRED, - "\tdisconnect\tdisconnects the tunnel.\n" - }, - {"remove", &command_remove_lac, TUNNEL_REQUIRED, - "\tremove\tremoves lac configuration from xl2tpd.\n" - "\t\txl2tpd disconnects the tunnel before removing.\n" - }, - - /* LAC commands */ - {"add-lac", &command_add_lac, TUNNEL_REQUIRED}, - {"connect-lac", &command_connect_lac, TUNNEL_REQUIRED}, - {"disconnect-lac", &command_disconnect_lac, TUNNEL_REQUIRED}, - {"remove-lac", &command_remove_lac, TUNNEL_REQUIRED}, - - /* LNS commands */ - {"add-lns", &command_add_lns, TUNNEL_REQUIRED, - "\tadd-lns\tadds new or modify existing lns configuration.\n" - }, - {"remove-lns", &command_remove_lns, TUNNEL_REQUIRED}, - - /* Generic commands */ - {"status", &command_status_lac, TUNNEL_REQUIRED}, - {"status-lns", &command_status_lns, TUNNEL_REQUIRED}, - {"available", &command_available, TUNNEL_NOT_REQUIRED}, - {NULL, NULL} + {"add-lac", &command_add_lac, TUNNEL_REQUIRED}, + {"connect-lac", &command_connect_lac, TUNNEL_REQUIRED}, + {"disconnect-lac",&command_disconnect_lac,TUNNEL_REQUIRED}, + {"status-lac", &command_status_lac, TUNNEL_REQUIRED}, + {"remove-lac", &command_remove_lac, TUNNEL_REQUIRED}, + {"available", &command_available, TUNNEL_NOT_REQUIRED}, + {"add-lns", &command_add_lns, TUNNEL_REQUIRED}, + {"status-lns", &command_status_lns, TUNNEL_REQUIRED}, + {"remove-lns", &command_remove_lns, TUNNEL_REQUIRED} }; void usage() { - int i; - - printf ("\nxl2tpd server version %s\n", SERVER_VERSION); - printf ("Usage: xl2tpd-control [-c ] []\n" - "\n" - " -c\tspecifies xl2tpd control file\n" - " -d\tspecify xl2tpd-control to run in debug mode\n" - "--help\tshows extended help\n" - ); - - printf ("Available commands: "); - for (i = 0; commands[i].name; i++) { - struct command_t *command = &commands[i]; - int last = command[1].name == NULL; - - printf ("%s%s", command->name, !last ? ", " : "\n"); - } -} - -void help() -{ - int i; - - usage(); - printf ( - "\n" - "Commands help:\n" - ); - - for (i = 0; commands[i].name; i++) { - struct command_t *command = &commands[i]; - - if (!command->help) - continue; - printf ("%s", command->help); - } - /*FIXME Ha! there is currently no manpage for xl2tpd-control */ - printf ("See xl2tpd-control man page for more help\n"); + printf ("Usage: xl2tpd-control [-c ] []\n\n" + " -c set xl2tpd control file\n" + " -d enable debugging mode\n" + "--version show version\n" + " --help show this help message\n\n" + "List of supported commands:\n" + "add-lac, status-lac, remove-lac, connect-lac, disconnect-lac\n" + "add-lns, status-lns, remove-lns, avaliable\n\n" + "See xl2tpd-control(8) man page for more details.\n"); } void cleanup(void) @@ -162,17 +114,19 @@ int main (int argc, char *argv[]) struct command_t* command = NULL; int i; /* argv iterator */ - if (argv[1] && !strncmp (argv[1], "--help", 6)) - { - help(); + if (argv[1] && !strncmp (argv[1], "--help", 6)) { + usage(); return 0; } - /* parse global options */ - for (i = 1; i < argc; i++) - { - if (!strncmp (argv[i], "-c", 2)) - { + if (argv[1] && !strncmp (argv[1], "--version", 9)) { + printf ("Version: %s\n", SERVER_VERSION); + return 0; + } + + /* parse global options */ + for (i = 1; i < argc; i++) { + if (!strncmp (argv[i], "-c", 2)) { control_filename = argv[++i]; } else if (!strncmp (argv[i], "-d", 2)) { log_level = DEBUG_LEVEL; @@ -180,14 +134,14 @@ int main (int argc, char *argv[]) break; } } - if (i >= argc) - { + + if (i >= argc) { print_error (ERROR_LEVEL, "error: command not specified\n"); usage(); return -1; } - if (!control_filename) - { + + if (!control_filename) { control_filename = strdup (CONTROL_PIPE); } @@ -202,25 +156,26 @@ int main (int argc, char *argv[]) } if (!command->name) { - print_error (ERROR_LEVEL, "error: no such command %s\n", argv[i]); + print_error (ERROR_LEVEL, "error: no such command\n"); + free(control_filename); + usage(); return -1; } /* get tunnel name */ if(command->requires_tunnel){ - if (i >= argc) - { + if (i >= argc) { print_error (ERROR_LEVEL, "error: tunnel name not specified\n"); usage(); + free(control_filename); return -1; } tunnel_name = argv[i++]; /* check tunnel name for whitespaces */ - if (strstr (tunnel_name, " ")) - { - print_error (ERROR_LEVEL, - "error: tunnel name shouldn't include spaces\n"); - usage(); + if (strstr (tunnel_name, " ")) { + print_error (ERROR_LEVEL, "error: tunnel name shouldn't include spaces\n"); + usage(); + free(control_filename); return -1; } } @@ -233,6 +188,7 @@ int main (int argc, char *argv[]) unlink (result_filename); mkfifo (result_filename, 0600); atexit(cleanup); + result_fd = open (result_filename, O_RDONLY | O_NONBLOCK, 0600); if (result_fd < 0) { @@ -251,8 +207,7 @@ int main (int argc, char *argv[]) /* pass result filename to command */ fprintf (mesf, "@%s ", result_filename); - if (ferror (mesf)) - { + if (ferror (mesf)) { print_error (ERROR_LEVEL, "internal error: message buffer to short"); return -2; } @@ -261,16 +216,15 @@ int main (int argc, char *argv[]) int command_res = command->handler ( mesf, tunnel_name, argc - i, argv + i ); - if (command_res < 0) - { + + if (command_res < 0) { print_error (ERROR_LEVEL, "error: command parse error\n"); return -1; } fflush (mesf); - if (ferror (mesf)) - { + if (ferror (mesf)) { print_error (ERROR_LEVEL, "error: message too long (max = %i ch.)\n", CONTROL_PIPE_MESSAGE_SIZE - 1); @@ -281,8 +235,7 @@ int main (int argc, char *argv[]) /* try to open control file for writing */ int control_fd = open (control_filename, O_WRONLY | O_NONBLOCK, 0600); - if (control_fd < 0) - { + if (control_fd < 0) { int errorno = errno; switch (errorno) { @@ -309,8 +262,7 @@ int main (int argc, char *argv[]) } /* pass command to control pipe */ - if (write (control_fd, buf, ftell (mesf)) < 0) - { + if (write (control_fd, buf, ftell (mesf)) < 0) { int errorno = errno; print_error (ERROR_LEVEL, "Unable to write to %s: %s\n", @@ -366,7 +318,8 @@ int read_result(int result_fd, char* buf, ssize_t size) print_error (ERROR_LEVEL, "error: can't read command result: %s\n", strerror (errno)); break; - } else if (len == 0) { + } + else if (len == 0) { if(!write_pipe) { gettimeofday(&tve, NULL); diff = (tve.tv_sec - tvs.tv_sec) * 1000000 + (tve.tv_usec - tvs.tv_usec); @@ -379,13 +332,15 @@ int read_result(int result_fd, char* buf, ssize_t size) } } break; - } else { + } + else { write_pipe = 1; readed += len; if ((size - readed) <= 0) break; } } while (1); + buf[readed] = '\0'; /* scan result code */ @@ -398,11 +353,11 @@ int read_result(int result_fd, char* buf, ssize_t size) int command_add (FILE* mesf, char* tunnel, int optc, char *optv[], int reqopt) { - if (optc <= 0) - { + if (optc <= 0) { print_error (ERROR_LEVEL, "error: tunnel configuration expected\n"); return -1; } + fprintf (mesf, "%c %s ", reqopt, tunnel); int i; int wait_key = 1; @@ -413,11 +368,9 @@ int command_add { /* try to find '=' */ char* eqv = strstr (optv[i], "="); - if (eqv) - { + if (eqv) { /* check is it not last symbol */ - if (eqv != (optv[i] + strlen(optv[i]) - 1)) - { + if (eqv != (optv[i] + strlen(optv[i]) - 1)) { fprintf (mesf, ";"); /* end up option */ } else { wait_key = 0; /* now we waiting for value */ @@ -426,7 +379,7 @@ int command_add fprintf (mesf, " "); /* restore space */ } } else { - fprintf (mesf, ";"); /* end up option */ + fprintf (mesf, ";"); /* end up option */ wait_key = 1; /* now we again waiting for key */ } } @@ -463,6 +416,8 @@ int command_connect_lac int command_disconnect_lac (FILE* mesf, char* tunnel, int optc, char *optv[]) { + UNUSED(optc); + UNUSED(optv); fprintf (mesf, "%c %s", CONTROL_PIPE_REQ_LAC_DISCONNECT, tunnel); return 0; } @@ -470,6 +425,8 @@ int command_disconnect_lac int command_remove_lac (FILE* mesf, char* tunnel, int optc, char *optv[]) { + UNUSED(optc); + UNUSED(optv); fprintf (mesf, "%c %s", CONTROL_PIPE_REQ_LAC_REMOVE, tunnel); return 0; } @@ -477,6 +434,8 @@ int command_remove_lac int command_status_lns (FILE* mesf, char* tunnel, int optc, char *optv[]) { + UNUSED(optc); + UNUSED(optv); fprintf (mesf, "%c %s", CONTROL_PIPE_REQ_LNS_STATUS, tunnel); return 0; } @@ -484,6 +443,8 @@ int command_status_lns int command_status_lac (FILE* mesf, char* tunnel, int optc, char *optv[]) { + UNUSED(optc); + UNUSED(optv); fprintf (mesf, "%c %s", CONTROL_PIPE_REQ_LAC_STATUS, tunnel); return 0; } @@ -491,6 +452,8 @@ int command_status_lac int command_available (FILE* mesf, char* tunnel, int optc, char *optv[]) { + UNUSED(optc); + UNUSED(optv); fprintf (mesf, "%c %s", CONTROL_PIPE_REQ_AVAILABLE, tunnel); return 0; } @@ -498,6 +461,8 @@ int command_available int command_remove_lns (FILE* mesf, char* tunnel, int optc, char *optv[]) { + UNUSED(optc); + UNUSED(optv); fprintf (mesf, "%c %s", CONTROL_PIPE_REQ_LNS_REMOVE, tunnel); return 0; } diff --git a/xl2tpd.c b/xl2tpd.c index c1b8b70e..3195988a 100644 --- a/xl2tpd.c +++ b/xl2tpd.c @@ -47,38 +47,37 @@ struct tunnel_list tunnels; int rand_source; int ppd = 1; /* Packet processing delay */ int control_fd; /* descriptor of control area */ -char *args; -char *dial_no_tmp; /* jz: Dialnumber for Outgoing Call */ +static char *dial_no_tmp; /* jz: Dialnumber for Outgoing Call */ int switch_io = 0; /* jz: Switch for Incoming or Outgoing Call */ static void open_controlfd(void); -volatile sig_atomic_t sigterm_received; -volatile sig_atomic_t sigint_received; -volatile sig_atomic_t sigchld_received; -volatile sig_atomic_t sigusr1_received;; -volatile sig_atomic_t sighup_received; +static volatile sig_atomic_t sigterm_received; +static volatile sig_atomic_t sigint_received; +static volatile sig_atomic_t sigchld_received; +static volatile sig_atomic_t sigusr1_received;; +static volatile sig_atomic_t sighup_received; struct control_requests_handler { char type; int (*handler) (FILE* resf, char* bufp); }; -int control_handle_available(FILE* resf, char* bufp); -int control_handle_lns_add_modify(FILE* resf, char* bufp); -int control_handle_lns_status(FILE* resf, char* bufp); -int control_handle_tunnel(FILE* respf, char* bufp); -int control_handle_lac_connect(FILE* resf, char* bufp); -int control_handle_lac_outgoing_call(FILE* resf, char* bufp); -int control_handle_lac_hangup(FILE* resf, char* bufp); -int control_handle_lac_disconnect(FILE* resf, char* bufp); -int control_handle_lac_add_modify(FILE* resf, char* bufp); -int control_handle_lac_remove(FILE* resf, char* bufp); -int control_handle_lac_status(FILE* resf, char* bufp); -int control_handle_lns_remove(FILE* resf, char* bufp); - -struct control_requests_handler control_handlers[] = { +static int control_handle_available(FILE* resf, char* bufp); +static int control_handle_lns_add_modify(FILE* resf, char* bufp); +static int control_handle_lns_status(FILE* resf, char* bufp); +static int control_handle_tunnel(FILE* respf, char* bufp); +static int control_handle_lac_connect(FILE* resf, char* bufp); +static int control_handle_lac_outgoing_call(FILE* resf, char* bufp); +static int control_handle_lac_hangup(FILE* resf, char* bufp); +static int control_handle_lac_disconnect(FILE* resf, char* bufp); +static int control_handle_lac_add_modify(FILE* resf, char* bufp); +static int control_handle_lac_remove(FILE* resf, char* bufp); +static int control_handle_lac_status(); +static int control_handle_lns_remove(FILE* resf, char* bufp); + +static struct control_requests_handler control_handlers[] = { {CONTROL_PIPE_REQ_AVAILABLE, &control_handle_available}, {CONTROL_PIPE_REQ_LNS_ADD_MODIFY, &control_handle_lns_add_modify}, {CONTROL_PIPE_REQ_LNS_STATUS, &control_handle_lns_status}, @@ -95,7 +94,7 @@ struct control_requests_handler control_handlers[] = { {0, NULL} }; -void init_tunnel_list (struct tunnel_list *t) +static void init_tunnel_list (struct tunnel_list *t) { t->head = NULL; t->count = 0; @@ -103,7 +102,7 @@ void init_tunnel_list (struct tunnel_list *t) } /* Now sends to syslog instead - MvO */ -void show_status (void) +static void show_status (void) { struct schedule_entry *se; struct tunnel *t; @@ -208,21 +207,24 @@ void show_status (void) l2tp_log (LOG_WARNING, "================================\n"); } -void null_handler(int sig) +static void null_handler(int sig) { + UNUSED(sig); /* FIXME * A sighup is received when a call is terminated, unknown origine .. * I catch it and ll looks good, but .. */ } -void status_handler (int sig) +static void status_handler (int sig) { + UNUSED(sig); show_status (); } -void child_handler (int signal) +static void child_handler (int sig) { + UNUSED(sig); /* * Oops, somebody we launched was killed. * It's time to reap them and close that call. @@ -276,9 +278,13 @@ void child_handler (int signal) * it */ #ifdef USE_KERNEL - if (!kernel_support) + if (!kernel_support) { + #endif close (c->fd); +#ifdef USE_KERNEL + } +#endif c->fd = -1; /* * terminate tunnel and call loops, returning to the @@ -293,7 +299,7 @@ void child_handler (int signal) } } -void death_handler (int signal) +static void death_handler (int signal) { /* * If we get here, somebody terminated us with a kill or a control-c. @@ -338,28 +344,33 @@ void death_handler (int signal) exit (1); } -void sigterm_handler(int sig) +static void sigterm_handler(int sig) { + UNUSED(sig); sigterm_received = 1; } -void sigint_handler(int sig) +static void sigint_handler(int sig) { + UNUSED(sig); sigint_received = 1; } -void sigchld_handler(int sig) +static void sigchld_handler(int sig) { + UNUSED(sig); sigchld_received = 1; } -void sigusr1_handler(int sig) +static void sigusr1_handler(int sig) { + UNUSED(sig); sigusr1_received = 1; } -void sighup_handler(int sig) +static void sighup_handler(int sig) { + UNUSED(sig); sighup_received = 1; } @@ -438,18 +449,18 @@ int start_pppd (struct call *c, struct ppp_opts *opts) stropt[pos++] = strdup ("plugin"); stropt[pos++] = strdup ("pppol2tp.so"); stropt[pos++] = strdup ("pppol2tp"); - stropt[pos] = malloc (10); - snprintf (stropt[pos], 10, "%d", fd2); + stropt[pos] = malloc (11); + snprintf (stropt[pos], 11, "%d", fd2); pos++; if (c->container->lns) { stropt[pos++] = strdup ("pppol2tp_lns_mode"); stropt[pos++] = strdup ("pppol2tp_tunnel_id"); - stropt[pos] = malloc (10); - snprintf (stropt[pos], 10, "%d", c->container->ourtid); + stropt[pos] = malloc (11); + snprintf (stropt[pos], 11, "%d", c->container->ourtid); pos++; stropt[pos++] = strdup ("pppol2tp_session_id"); - stropt[pos] = malloc (10); - snprintf (stropt[pos], 10, "%d", c->ourcid); + stropt[pos] = malloc (11); + snprintf (stropt[pos], 11, "%d", c->ourcid); pos++; } } @@ -683,7 +694,7 @@ void destroy_tunnel (struct tunnel *t) free (t); } -struct tunnel *l2tp_call (char *host, int port, struct lac *lac, +static struct tunnel *l2tp_call (char *host, int port, struct lac *lac, struct lns *lns) { /* @@ -734,7 +745,7 @@ struct tunnel *l2tp_call (char *host, int port, struct lac *lac, return tmp->container; } -void magic_lac_tunnel (void *data) +static void magic_lac_tunnel (void *data) { struct lac *lac; lac = (struct lac *) data; @@ -760,7 +771,7 @@ void magic_lac_tunnel (void *data) } } -struct call *lac_call (int tid, struct lac *lac, struct lns *lns) +static struct call *lac_call (int tid, struct lac *lac, struct lns *lns) { struct tunnel *t = tunnels.head; struct call *tmp; @@ -827,7 +838,7 @@ void magic_lac_dial (void *data) lac_call (lac->t->ourtid, lac, NULL); } -void lac_hangup (int cid) +static void lac_hangup (int cid) { struct tunnel *t = tunnels.head; struct call *tmp; @@ -854,7 +865,7 @@ void lac_hangup (int cid) return; } -void lac_disconnect (int tid) +static void lac_disconnect (int tid) { struct tunnel *t = tunnels.head; while (t) @@ -925,7 +936,7 @@ struct tunnel *new_tunnel () return tmp; } -void write_res (FILE* res_file, const char *fmt, ...) +static void write_res (FILE* res_file, const char *fmt, ...) { if (!res_file || ferror (res_file) || feof (res_file)) return; @@ -935,7 +946,7 @@ void write_res (FILE* res_file, const char *fmt, ...) va_end (args); } -int parse_one_line (char* bufp, int context, void* tc) +static int parse_one_line (char* bufp, int context, void* tc) { /* FIXME: I should check for incompatible options */ char *s, *d, *t; @@ -992,15 +1003,15 @@ int parse_one_line (char* bufp, int context, void* tc) return 0; } -int parse_one_line_lac (char* bufp, struct lac *tc){ +static int parse_one_line_lac (char* bufp, struct lac *tc){ return parse_one_line(bufp, CONTEXT_LAC, tc); } -int parse_one_line_lns (char* bufp, struct lns *tc){ +static int parse_one_line_lns (char* bufp, struct lns *tc){ return parse_one_line(bufp, CONTEXT_LNS, tc); } -struct lns* find_lns_by_name(char* name){ +static struct lns* find_lns_by_name(char* name){ struct lns *cursor; /* ml: First check to see if we are searching for default */ @@ -1020,7 +1031,8 @@ struct lns* find_lns_by_name(char* name){ return NULL; /* ml: Ok we could not find anything*/ } -int control_handle_available(FILE* resf, char* bufp){ +static int control_handle_available(FILE* resf, char* bufp) { + UNUSED(bufp); struct lac *lac; struct lns *lns; @@ -1071,7 +1083,7 @@ int control_handle_available(FILE* resf, char* bufp){ return 1; } -int control_handle_lns_add_modify(FILE* resf, char* bufp){ +static int control_handle_lns_add_modify(FILE* resf, char* bufp){ struct lns *lns; char* tunstr; char delims[] = " "; @@ -1104,7 +1116,7 @@ int control_handle_lns_add_modify(FILE* resf, char* bufp){ return 1; } -int control_handle_lns_remove(FILE* resf, char* bufp){ +static int control_handle_lns_remove(FILE* resf, char* bufp){ char *tunstr; struct lns* lns; struct lns* prev_lns; @@ -1152,7 +1164,7 @@ int control_handle_lns_remove(FILE* resf, char* bufp){ return 1; } -int control_handle_lns_status(FILE* resf, char* bufp){ +static int control_handle_lns_status(FILE* resf, char* bufp){ struct lns *lns; char* tunstr; char delims[] = " "; @@ -1210,7 +1222,7 @@ int control_handle_lns_status(FILE* resf, char* bufp){ return 1; } -int control_handle_tunnel(FILE* resf, char* bufp){ +static int control_handle_tunnel(FILE* resf, char* bufp){ char* host; host = strchr (bufp, ' ') + 1; #ifdef DEBUG_CONTROL @@ -1224,7 +1236,7 @@ int control_handle_tunnel(FILE* resf, char* bufp){ return 1; } -int control_handle_lac_connect(FILE* resf, char* bufp){ +static int control_handle_lac_connect(FILE* resf, char* bufp){ char* tunstr = NULL; char* authname= NULL; char* password = NULL; @@ -1285,7 +1297,7 @@ int control_handle_lac_connect(FILE* resf, char* bufp){ return 1; } -int control_handle_lac_outgoing_call(FILE* resf, char* bufp){ +static int control_handle_lac_outgoing_call(FILE* resf, char* bufp){ char* sub_str; char* tunstr; char* tmp_ptr; @@ -1340,7 +1352,7 @@ int control_handle_lac_outgoing_call(FILE* resf, char* bufp){ return 1; } -int control_handle_lac_hangup(FILE* resf, char* bufp){ +static int control_handle_lac_hangup(FILE* resf, char* bufp){ char* callstr; int call; @@ -1355,7 +1367,7 @@ int control_handle_lac_hangup(FILE* resf, char* bufp){ return 1; } -int control_handle_lac_disconnect(FILE* resf, char* bufp){ +static int control_handle_lac_disconnect(FILE* resf, char* bufp){ char* tunstr; struct lac* lac; int tunl = 0; @@ -1401,7 +1413,7 @@ int control_handle_lac_disconnect(FILE* resf, char* bufp){ return 1; } -int control_handle_lac_add_modify(FILE* resf, char* bufp){ +static int control_handle_lac_add_modify(FILE* resf, char* bufp){ char* tunstr; struct lac* lac; char delims[] = " "; @@ -1464,7 +1476,7 @@ int control_handle_lac_add_modify(FILE* resf, char* bufp){ return 1; } -int control_handle_lac_remove(FILE* resf, char* bufp){ +static int control_handle_lac_remove(FILE* resf, char* bufp){ char *tunstr; struct lac* lac; struct lac* prev_lac; @@ -1529,7 +1541,7 @@ int control_handle_lac_remove(FILE* resf, char* bufp){ return 1; } -int control_handle_lac_status(FILE* resf, char* bufp){ +static int control_handle_lac_status(){ show_status (); return 1; } @@ -1630,7 +1642,7 @@ void do_control () } -void usage(void) { +static void usage(void) { printf("\nxl2tpd version: %s\n", SERVER_VERSION); printf("Usage: xl2tpd [-c ] [-s ] [-p ]\n" " [-C ] [-D] [-l] [-q ]\n" @@ -1639,7 +1651,7 @@ void usage(void) { exit(1); } -void init_args(int argc, char *argv[]) +static void init_args(int argc, char *argv[]) { int i=0; @@ -1734,7 +1746,7 @@ void init_args(int argc, char *argv[]) } -void daemonize() { +static void daemonize() { int pid=0; int i; @@ -1832,7 +1844,7 @@ static void open_controlfd() } } -void init (int argc,char *argv[]) +static void init (int argc,char *argv[]) { struct lac *lac; struct in_addr listenaddr; @@ -1909,4 +1921,3 @@ int main (int argc, char *argv[]) network_thread (); return 0; } -