search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Correct PPTP server firewall rules chain.
[tomato/davidwu.git] / release / src / router / xl2tpd / file.c
blob289aee6ed5be0e2be8067c9fdb39d60c58845bfe
1 /*
2 * Layer Two Tunnelling Protocol Daemon
3 * Copyright (C) 1998 Adtran, Inc.
4 * Copyright (C) 2002 Jeff McAdams
5 *
6 * Mark Spencer
7 *
8 * This software is distributed under the terms
9 * of the GPL, which you should have received
10 * along with this source.
11 *
12 * File format handling
13 *
14 */
15
16 #include <stdio.h>
17 #include <string.h>
18 #include <unistd.h>
19 #include <stdlib.h>
20 #include <netdb.h>
21 #include <netinet/in.h>
22 #include <time.h>
23 #include <sys/types.h>
24 #include <sys/socket.h>
25
26 #include "l2tp.h"
27
28 struct lns *lnslist;
29 struct lac *laclist;
30 struct lns *deflns;
31 struct lac *deflac;
32 struct global gconfig;
33 char filerr[STRLEN];
34
35 int parse_config (FILE *);
36 struct keyword words[];
37
38 int init_config ()
39 {
40 FILE *f;
41 int returnedValue;
42
43 gconfig.port = UDP_LISTEN_PORT;
44 gconfig.sarefnum = IP_IPSEC_REFINFO; /* default use the latest we know */
45 gconfig.listenaddr = htonl(INADDR_ANY); /* Default is to bind (listen) to all interfaces */
46 gconfig.debug_avp = 0;
47 gconfig.debug_network = 0;
48 gconfig.packet_dump = 0;
49 gconfig.debug_tunnel = 0;
50 gconfig.debug_state = 0;
51 lnslist = NULL;
52 laclist = NULL;
53 deflac = (struct lac *) calloc (1, sizeof (struct lac));
54
55 f = fopen (gconfig.configfile, "r");
56 if (!f)
57 {
58 f = fopen (gconfig.altconfigfile, "r");
59 if (f)
60 {
61 l2tp_log (LOG_WARNING, "%s: Using old style config files %s and %s\n",
62 __FUNCTION__, gconfig.altconfigfile, gconfig.altauthfile);
63 strncpy (gconfig.authfile, gconfig.altauthfile,
64 sizeof (gconfig.authfile));
65 }
66 else
67 {
68 l2tp_log (LOG_CRIT, "%s: Unable to open config file %s or %s\n",
69 __FUNCTION__, gconfig.configfile, gconfig.altconfigfile);
70 return -1;
71 }
72
73 }
74 returnedValue = parse_config (f);
75 fclose (f);
76 return (returnedValue);
77 filerr[0] = 0;
78 }
79
80 struct lns *new_lns ()
81 {
82 struct lns *tmp;
83 tmp = (struct lns *) calloc (1, sizeof (struct lns));
84 if (!tmp)
85 {
86 l2tp_log (LOG_CRIT, "%s: Unable to allocate memory for new LNS\n",
87 __FUNCTION__);
88 return NULL;
89 }
90 tmp->next = NULL;
91 tmp->exclusive = 0;
92 tmp->localaddr = 0;
93 tmp->tun_rws = DEFAULT_RWS_SIZE;
94 tmp->call_rws = DEFAULT_RWS_SIZE;
95 tmp->rxspeed = DEFAULT_RX_BPS;
96 tmp->txspeed = DEFAULT_TX_BPS;
97 tmp->hbit = 0;
98 tmp->lbit = 0;
99 tmp->authpeer = 0;
100 tmp->authself = -1;
101 tmp->authname[0] = 0;
102 tmp->peername[0] = 0;
103 tmp->hostname[0] = 0;
104 tmp->entname[0] = 0;
105 tmp->range = NULL;
106 tmp->assign_ip = 1; /* default to 'yes' */
107 tmp->lacs = NULL;
108 tmp->passwdauth = 0;
109 tmp->pap_require = 0;
110 tmp->pap_refuse = 0;
111 tmp->chap_require = 0;
112 tmp->chap_refuse = 0;
113 tmp->idle = 0;
114 tmp->pridns = 0;
115 tmp->secdns = 0;
116 tmp->priwins = 0;
117 tmp->secwins = 0;
118 tmp->proxyarp = 0;
119 tmp->proxyauth = 0;
120 tmp->challenge = 0;
121 tmp->debug = 0;
122 tmp->pppoptfile[0] = 0;
123 tmp->t = NULL;
124 return tmp;
125 }
126
127 struct lac *new_lac ()
128 {
129 struct lac *tmp;
130 tmp = (struct lac *) calloc (1, sizeof (struct lac));
131 if (!tmp)
132 {
133 l2tp_log (LOG_CRIT, "%s: Unable to allocate memory for lac entry!\n",
134 __FUNCTION__);
135 return NULL;
136 }
137 tmp->next = NULL;
138 tmp->rsched = NULL;
139 tmp->localaddr = 0;
140 tmp->remoteaddr = 0;
141 tmp->lns = 0;
142 tmp->tun_rws = DEFAULT_RWS_SIZE;
143 tmp->call_rws = DEFAULT_RWS_SIZE;
144 tmp->hbit = 0;
145 tmp->lbit = 0;
146 tmp->authpeer = 0;
147 tmp->authself = -1;
148 tmp->authname[0] = 0;
149 tmp->peername[0] = 0;
150 tmp->hostname[0] = 0;
151 tmp->entname[0] = 0;
152 tmp->pap_require = 0;
153 tmp->pap_refuse = 0;
154 tmp->chap_require = 0;
155 tmp->chap_refuse = 0;
156 tmp->t = NULL;
157 tmp->redial = 0;
158 tmp->rtries = 0;
159 tmp->rmax = 0;
160 tmp->challenge = 0;
161 tmp->autodial = 0;
162 tmp->rtimeout = 30;
163 tmp->active = 0;
164 tmp->debug = 0;
165 tmp->pppoptfile[0] = 0;
166 tmp->defaultroute = 0;
167 return tmp;
168 }
169
170 int yesno (char *value)
171 {
172 if (!strcasecmp (value, "yes") || !strcasecmp (value, "y") ||
173 !strcasecmp (value, "true"))
174 return 1;
175 else if (!strcasecmp (value, "no") || !strcasecmp (value, "n") ||
176 !strcasecmp (value, "false"))
177 return 0;
178 else
179 return -1;
180 }
181
182 int set_boolean (char *word, char *value, int *ptr)
183 {
184 int val;
185 #ifdef DEBUG_FILE
186 l2tp_log (LOG_DEBUG, "set_%s: %s flag to '%s'\n", word, word, value);
187 #endif /* ; */
188 if ((val = yesno (value)) < 0)
189 {
190 snprintf (filerr, sizeof (filerr), "%s must be 'yes' or 'no'\n",
191 word);
192 return -1;
193 }
194 *ptr = val;
195 return 0;
196 }
197
198 int set_int (char *word, char *value, int *ptr)
199 {
200 int val;
201 #ifdef DEBUG_FILE
202 l2tp_log (LOG_DEBUG, "set_%s: %s flag to '%s'\n", word, word, value);
203 #endif /* ; */
204 if ((val = atoi (value)) < 0)
205 {
206 snprintf (filerr, sizeof (filerr), "%s must be a number\n", word);
207 return -1;
208 }
209 *ptr = val;
210 return 0;
211 }
212
213 int set_string (char *word, char *value, char *ptr, int len)
214 {
215 #ifdef DEBUG_FILE
216 l2tp_log (LOG_DEBUG, "set_%s: %s flag to '%s'\n", word, word, value);
217 #endif /* ; */
218 strncpy (ptr, value, len);
219 return 0;
220 }
221
222 int set_port (char *word, char *value, int context, void *item)
223 {
224 switch (context & ~CONTEXT_DEFAULT)
225 {
226 case CONTEXT_GLOBAL:
227 #ifdef DEBUG_FILE
228 l2tp_log (LOG_DEBUG, "set_port: Setting global port number to %s\n",
229 value);
230 #endif
231 set_int (word, value, &(((struct global *) item)->port));
232 break;
233 default:
234 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
235 word);
236 return -1;
237 }
238 return 0;
239 }
240
241 int set_rtimeout (char *word, char *value, int context, void *item)
242 {
243 if (atoi (value) < 1)
244 {
245 snprintf (filerr, sizeof (filerr),
246 "rtimeout value must be at least 1\n");
247 return -1;
248 }
249 switch (context & ~CONTEXT_DEFAULT)
250 {
251 case CONTEXT_LAC:
252 #ifdef DEBUG_FILE
253 l2tp_log (LOG_DEBUG, "set_rtimeout: Setting redial timeout to %s\n",
254 value);
255 #endif
256 set_int (word, value, &(((struct lac *) item)->rtimeout));
257 break;
258 default:
259 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
260 word);
261 return -1;
262 }
263 return 0;
264 }
265
266 int set_rws (char *word, char *value, int context, void *item)
267 {
268 if (atoi (value) < -1)
269 {
270 snprintf (filerr, sizeof (filerr),
271 "receive window size must be at least -1\n");
272 return -1;
273 }
274 switch (context & ~CONTEXT_DEFAULT)
275 {
276 case CONTEXT_LAC:
277 if (word[0] == 'c')
278 set_int (word, value, &(((struct lac *) item)->call_rws));
279 if (word[0] == 't')
280 {
281 set_int (word, value, &(((struct lac *) item)->tun_rws));
282 if (((struct lac *) item)->tun_rws < 1)
283 {
284 snprintf (filerr, sizeof (filerr),
285 "receive window size for tunnels must be at least 1\n");
286 return -1;
287 }
288 }
289 break;
290 case CONTEXT_LNS:
291 if (word[0] == 'c')
292 set_int (word, value, &(((struct lns *) item)->call_rws));
293 if (word[0] == 't')
294 {
295 set_int (word, value, &(((struct lns *) item)->tun_rws));
296 if (((struct lns *) item)->tun_rws < 1)
297 {
298 snprintf (filerr, sizeof (filerr),
299 "receive window size for tunnels must be at least 1\n");
300 return -1;
301 }
302 }
303 break;
304 default:
305 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
306 word);
307 return -1;
308 }
309 return 0;
310 }
311
312 int set_speed (char *word, char *value, int context, void *item)
313 {
314 if (atoi (value) < 1 )
315 {
316 snprintf (filerr, sizeof (filerr),
317 "bps must be greater than zero\n");
318 return -1;
319 }
320 switch (context & ~CONTEXT_DEFAULT)
321 {
322 case CONTEXT_LAC:
323 if (word[0] == 't')
324 set_int (word, value, &(((struct lac *) item)->txspeed));
325 else if (word[0] == 'r')
326 set_int (word, value, &(((struct lac *) item)->rxspeed));
327 else
328 {
329 set_int (word, value, &(((struct lac *) item)->rxspeed));
330 set_int (word, value, &(((struct lac *) item)->txspeed));
331 }
332 break;
333 case CONTEXT_LNS:
334 if (word[0] == 't')
335 set_int (word, value, &(((struct lns *) item)->txspeed));
336 else if (word[0] == 'r')
337 set_int (word, value, &(((struct lns *) item)->rxspeed));
338 else
339 {
340 set_int (word, value, &(((struct lns *) item)->rxspeed));
341 set_int (word, value, &(((struct lns *) item)->txspeed));
342 }
343 break;
344 default:
345 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
346 word);
347 return -1;
348 }
349 return 0;
350 }
351
352 int set_rmax (char *word, char *value, int context, void *item)
353 {
354 if (atoi (value) < 1)
355 {
356 snprintf (filerr, sizeof (filerr), "rmax value must be at least 1\n");
357 return -1;
358 }
359 switch (context & ~CONTEXT_DEFAULT)
360 {
361 case CONTEXT_LAC:
362 #ifdef DEBUG_FILE
363 l2tp_log (LOG_DEBUG, "set_rmax: Setting max redials to %s\n", value);
364 #endif
365 set_int (word, value, &(((struct lac *) item)->rmax));
366 break;
367 default:
368 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
369 word);
370 return -1;
371 }
372 return 0;
373 }
374
375 int set_authfile (char *word, char *value, int context, void *item)
376 {
377 if (!strlen (value))
378 {
379 snprintf (filerr, sizeof (filerr),
380 "no filename specified for authentication\n");
381 return -1;
382 }
383 switch (context & ~CONTEXT_DEFAULT)
384 {
385 case CONTEXT_GLOBAL:
386 #ifdef DEBUG_FILE
387 l2tp_log (LOG_DEBUG, "set_authfile: Setting global auth file to '%s'\n",
388 value);
389 #endif /* ; */
390 strncpy (((struct global *) item)->authfile, value,
391 sizeof (((struct global *)item)->authfile));
392 break;
393 default:
394 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
395 word);
396 return -1;
397 }
398 return 0;
399 }
400
401 int set_autodial (char *word, char *value, int context, void *item)
402 {
403 switch (context & ~CONTEXT_DEFAULT)
404 {
405 case CONTEXT_LAC:
406 if (set_boolean (word, value, &(((struct lac *) item)->autodial)))
407 return -1;
408 break;
409 default:
410 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
411 word);
412 return -1;
413 }
414 return 0;
415 }
416
417 int set_flow (char *word, char *value, int context, void *item)
418 {
419 int v;
420 set_boolean (word, value, &v);
421 if (v < 0)
422 return -1;
423 switch (context & ~CONTEXT_DEFAULT)
424 {
425 case CONTEXT_LAC:
426 if (v)
427 {
428 if (((struct lac *) item)->call_rws < 0)
429 ((struct lac *) item)->call_rws = 0;
430 }
431 else
432 {
433 ((struct lac *) item)->call_rws = -1;
434 }
435 break;
436 case CONTEXT_LNS:
437 if (v)
438 {
439 if (((struct lns *) item)->call_rws < 0)
440 ((struct lns *) item)->call_rws = 0;
441 }
442 else
443 {
444 ((struct lns *) item)->call_rws = -1;
445 }
446 break;
447 default:
448 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
449 word);
450 return -1;
451 }
452 return 0;
453 }
454
455 int set_defaultroute (char *word, char *value, int context, void *item)
456 {
457 switch (context & ~CONTEXT_DEFAULT)
458 {
459 case CONTEXT_LAC:
460 if (set_boolean (word, value, &(((struct lac *) item)->defaultroute)))
461 return -1;
462 break;
463 default:
464 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
465 word);
466 return -1;
467 }
468 return 0;
469 }
470
471 int set_authname (char *word, char *value, int context, void *item)
472 {
473 struct lac *l = (struct lac *) item;
474 struct lns *n = (struct lns *) item;
475 switch (context & ~CONTEXT_DEFAULT)
476 {
477 case CONTEXT_LNS:
478 if (set_string (word, value, n->authname, sizeof (n->authname)))
479 return -1;
480 break;
481 case CONTEXT_LAC:
482 if (set_string (word, value, l->authname, sizeof (l->authname)))
483 return -1;
484 break;
485 default:
486 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
487 word);
488 return -1;
489 }
490 return 0;
491 }
492
493 int set_hostname (char *word, char *value, int context, void *item)
494 {
495 struct lac *l = (struct lac *) item;
496 struct lns *n = (struct lns *) item;
497 switch (context & ~CONTEXT_DEFAULT)
498 {
499 case CONTEXT_LNS:
500 if (set_string (word, value, n->hostname, sizeof (n->hostname)))
501 return -1;
502 break;
503 case CONTEXT_LAC:
504 if (set_string (word, value, l->hostname, sizeof (l->hostname)))
505 return -1;
506 break;
507 default:
508 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
509 word);
510 return -1;
511 }
512 return 0;
513 }
514
515 int set_passwdauth (char *word, char *value, int context, void *item)
516 {
517 switch (context & ~CONTEXT_DEFAULT)
518 {
519 case CONTEXT_LNS:
520 if (set_boolean (word, value, &(((struct lns *) item)->passwdauth)))
521 return -1;
522 break;
523 default:
524 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
525 word);
526 return -1;
527 }
528 return 0;
529 }
530
531 int set_hbit (char *word, char *value, int context, void *item)
532 {
533 switch (context & ~CONTEXT_DEFAULT)
534 {
535 case CONTEXT_LAC:
536 if (set_boolean (word, value, &(((struct lac *) item)->hbit)))
537 return -1;
538 break;
539 case CONTEXT_LNS:
540 if (set_boolean (word, value, &(((struct lns *) item)->hbit)))
541 return -1;
542 break;
543 default:
544 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
545 word);
546 return -1;
547 }
548 return 0;
549 }
550
551 int set_challenge (char *word, char *value, int context, void *item)
552 {
553 switch (context & ~CONTEXT_DEFAULT)
554 {
555 case CONTEXT_LAC:
556 if (set_boolean (word, value, &(((struct lac *) item)->challenge)))
557 return -1;
558 break;
559 case CONTEXT_LNS:
560 if (set_boolean (word, value, &(((struct lns *) item)->challenge)))
561 return -1;
562 break;
563 default:
564 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
565 word);
566 return -1;
567 }
568 return 0;
569 }
570
571 int set_lbit (char *word, char *value, int context, void *item)
572 {
573 switch (context & ~CONTEXT_DEFAULT)
574 {
575 case CONTEXT_LAC:
576 if (set_boolean (word, value, &(((struct lac *) item)->lbit)))
577 return -1;
578 break;
579 case CONTEXT_LNS:
580 if (set_boolean (word, value, &(((struct lns *) item)->lbit)))
581 return -1;
582 break;
583 default:
584 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
585 word);
586 return -1;
587 }
588 return 0;
589 }
590
591
592 int set_debug (char *word, char *value, int context, void *item)
593 {
594 switch (context & ~CONTEXT_DEFAULT)
595 {
596 case CONTEXT_LAC:
597 if (set_boolean (word, value, &(((struct lac *) item)->debug)))
598 return -1;
599 break;
600 case CONTEXT_LNS:
601 if (set_boolean (word, value, &(((struct lns *) item)->debug)))
602 return -1;
603 break;
604 default:
605 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
606 word);
607 return -1;
608 }
609 return 0;
610 }
611
612 int set_pppoptfile (char *word, char *value, int context, void *item)
613 {
614 struct lac *l = (struct lac *) item;
615 struct lns *n = (struct lns *) item;
616 switch (context & ~CONTEXT_DEFAULT)
617 {
618 case CONTEXT_LNS:
619 if (set_string (word, value, n->pppoptfile, sizeof (n->pppoptfile)))
620 return -1;
621 break;
622 case CONTEXT_LAC:
623 if (set_string (word, value, l->pppoptfile, sizeof (l->pppoptfile)))
624 return -1;
625 break;
626 default:
627 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
628 word);
629 return -1;
630 }
631 return 0;
632 }
633
634 int set_papchap (char *word, char *value, int context, void *item)
635 {
636 int result;
637 char *c;
638 struct lac *l = (struct lac *) item;
639 struct lns *n = (struct lns *) item;
640 if (set_boolean (word, value, &result))
641 return -1;
642 c = strchr (word, ' ');
643 c++;
644 switch (context & ~CONTEXT_DEFAULT)
645 {
646 case CONTEXT_LAC:
647 if (c[0] == 'p') /* PAP */
648 if (word[2] == 'f')
649 l->pap_refuse = result;
650 else
651 l->pap_require = result;
652 else if (c[0] == 'a') /* Authentication */
653 if (word[2] == 'f')
654 l->authself = !result;
655 else
656 l->authpeer = result;
657 else /* CHAP */ if (word[2] == 'f')
658 l->chap_refuse = result;
659 else
660 l->chap_require = result;
661 break;
662 case CONTEXT_LNS:
663 if (c[0] == 'p') /* PAP */
664 if (word[2] == 'f')
665 n->pap_refuse = result;
666 else
667 n->pap_require = result;
668 else if (c[0] == 'a') /* Authentication */
669 if (word[2] == 'f')
670 n->authself = !result;
671 else
672 n->authpeer = result;
673 else /* CHAP */ if (word[2] == 'f')
674 n->chap_refuse = result;
675 else
676 n->chap_require = result;
677 break;
678 default:
679 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
680 word);
681 return -1;
682 }
683 return 0;
684 }
685
686 int set_redial (char *word, char *value, int context, void *item)
687 {
688 switch (context & ~CONTEXT_DEFAULT)
689 {
690 case CONTEXT_LAC:
691 if (set_boolean (word, value, &(((struct lac *) item)->redial)))
692 return -1;
693 break;
694 default:
695 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
696 word);
697 return -1;
698 }
699 return 0;
700 }
701
702 int set_accesscontrol (char *word, char *value, int context, void *item)
703 {
704 switch (context & ~CONTEXT_DEFAULT)
705 {
706 case CONTEXT_GLOBAL:
707 if (set_boolean
708 (word, value, &(((struct global *) item)->accesscontrol)))
709 return -1;
710 break;
711 default:
712 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
713 word);
714 return -1;
715 }
716 return 0;
717 }
718
719 int set_userspace (char *word, char *value, int context, void *item)
720 {
721 switch (context & ~CONTEXT_DEFAULT)
722 {
723 case CONTEXT_GLOBAL:
724 if (set_boolean
725 (word, value, &(((struct global *) item)->forceuserspace)))
726 return -1;
727 break;
728 default:
729 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
730 word);
731 return -1;
732 }
733 return 0;
734 }
735
736 int set_debugavp (char *word, char *value, int context, void *item)
737 {
738 switch (context & ~CONTEXT_DEFAULT)
739 {
740 case CONTEXT_GLOBAL:
741 if (set_boolean
742 (word, value, &(((struct global *) item)->debug_avp)))
743 return -1;
744 break;
745 default:
746 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
747 word);
748 return -1;
749 }
750 return 0;
751 }
752
753 int set_debugnetwork (char *word, char *value, int context, void *item)
754 {
755 switch (context & ~CONTEXT_DEFAULT)
756 {
757 case CONTEXT_GLOBAL:
758 if (set_boolean
759 (word, value, &(((struct global *) item)->debug_network)))
760 return -1;
761 break;
762 default:
763 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
764 word);
765 return -1;
766 }
767 return 0;
768 }
769
770 int set_debugpacket (char *word, char *value, int context, void *item)
771 {
772 switch (context & ~CONTEXT_DEFAULT)
773 {
774 case CONTEXT_GLOBAL:
775 if (set_boolean
776 (word, value, &(((struct global *) item)->packet_dump)))
777 return -1;
778 break;
779 default:
780 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
781 word);
782 return -1;
783 }
784 return 0;
785 }
786
787 int set_debugtunnel (char *word, char *value, int context, void *item)
788 {
789 switch (context & ~CONTEXT_DEFAULT)
790 {
791 case CONTEXT_GLOBAL:
792 if (set_boolean
793 (word, value, &(((struct global *) item)->debug_tunnel)))
794 return -1;
795 break;
796 default:
797 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
798 word);
799 return -1;
800 }
801 return 0;
802 }
803
804 int set_debugstate (char *word, char *value, int context, void *item)
805 {
806 switch (context & ~CONTEXT_DEFAULT)
807 {
808 case CONTEXT_GLOBAL:
809 if (set_boolean
810 (word, value, &(((struct global *) item)->debug_state)))
811 return -1;
812 break;
813 default:
814 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
815 word);
816 return -1;
817 }
818 return 0;
819 }
820
821 int set_assignip (char *word, char *value, int context, void *item)
822 {
823 switch (context & ~CONTEXT_DEFAULT)
824 {
825 case CONTEXT_LNS:
826 if (set_boolean (word, value, &(((struct lns *) item)->assign_ip)))
827 return -1;
828 break;
829 default:
830 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
831 word);
832 return -1;
833 }
834 return 0;
835 }
836
837 struct iprange *set_range (char *word, char *value, struct iprange *in)
838 {
839 char *c, *d = NULL, *e = NULL;
840 struct iprange *ipr, *p;
841 struct hostent *hp;
842 int count = 0;
843 c = strchr (value, '-');
844 if (c)
845 {
846 d = c + 1;
847 *c = 0;
848 while ((c >= value) && (*c < 33))
849 *(c--) = 0;
850 while (*d && (*d < 33))
851 d++;
852 }
853 if (!strlen (value) || (c && !strlen (d)))
854 {
855 snprintf (filerr, sizeof (filerr),
856 "format is '%s <host or ip> - <host or ip>'\n", word);
857 return NULL;
858 }
859 ipr = (struct iprange *) malloc (sizeof (struct iprange));
860 ipr->next = NULL;
861 hp = gethostbyname (value);
862 if (!hp)
863 {
864 snprintf (filerr, sizeof (filerr), "Unknown host %s\n", value);
865 free (ipr);
866 return NULL;
867 }
868 bcopy (hp->h_addr, &ipr->start, sizeof (unsigned int));
869 if (c)
870 {
871 char ip_hi[16];
872
873 e = d;
874 while(*e != '\0') {
875 if (*e++ == '.')
876 count++;
877 }
878 if (count < 3) {
879 strcpy(ip_hi, value);
880 for (e = ip_hi + sizeof(ip_hi); e >= ip_hi; e--) {
881 if (*e == '.') count--;
882 if (count < 0) {
883 e++;
884 break;
885 }
886 }
887 /* Copy the last field + null terminator */
888 if (ip_hi + sizeof(ip_hi)-e > strlen(d)) {
889 strcpy(e, d);
890 d = ip_hi;
891 }
892 }
893 hp = gethostbyname (d);
894 if (!hp)
895 {
896 snprintf (filerr, sizeof (filerr), "Unknown host %s\n", d);
897 free (ipr);
898 return NULL;
899 }
900 bcopy (hp->h_addr, &ipr->end, sizeof (unsigned int));
901 }
902 else
903 ipr->end = ipr->start;
904 if (ntohl (ipr->start) > ntohl (ipr->end))
905 {
906 snprintf (filerr, sizeof (filerr), "start is greater than end!\n");
907 free (ipr);
908 return NULL;
909 }
910 if (word[0] == 'n')
911 ipr->sense = SENSE_DENY;
912 else
913 ipr->sense = SENSE_ALLOW;
914 p = in;
915 if (p)
916 {
917 while (p->next)
918 p = p->next;
919 p->next = ipr;
920 return in;
921 }
922 else
923 return ipr;
924 }
925
926 int set_iprange (char *word, char *value, int context, void *item)
927 {
928 struct lns *lns = (struct lns *) item;
929 switch (context & ~CONTEXT_DEFAULT)
930 {
931 case CONTEXT_LNS:
932 break;
933 default:
934 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
935 word);
936 return -1;
937 }
938 lns->range = set_range (word, value, lns->range);
939 if (!lns->range)
940 return -1;
941 #ifdef DEBUG_FILE
942 l2tp_log (LOG_DEBUG, "range start = %x, end = %x, sense=%ud\n",
943 ntohl (lns->range->start), ntohl (lns->range->end), lns->range->sense);
944 #endif
945 return 0;
946 }
947
948 int set_lac (char *word, char *value, int context, void *item)
949 {
950 struct lns *lns = (struct lns *) item;
951 switch (context & ~CONTEXT_DEFAULT)
952 {
953 case CONTEXT_LNS:
954 break;
955 default:
956 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
957 word);
958 return -1;
959 }
960 lns->lacs = set_range (word, value, lns->lacs);
961 if (!lns->lacs)
962 return -1;
963 #ifdef DEBUG_FILE
964 l2tp_log (LOG_DEBUG, "lac start = %x, end = %x, sense=%ud\n",
965 ntohl (lns->lacs->start), ntohl (lns->lacs->end), lns->lacs->sense);
966 #endif
967 return 0;
968 }
969
970 int set_exclusive (char *word, char *value, int context, void *item)
971 {
972 switch (context & ~CONTEXT_DEFAULT)
973 {
974 case CONTEXT_LNS:
975 if (set_boolean (word, value, &(((struct lns *) item)->exclusive)))
976 return -1;
977 break;
978 default:
979 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
980 word);
981 return -1;
982 }
983 return 0;
984 }
985
986 int set_ip (char *word, char *value, unsigned int *addr)
987 {
988 struct hostent *hp;
989 hp = gethostbyname (value);
990 if (!hp)
991 {
992 snprintf (filerr, sizeof (filerr), "%s: host '%s' not found\n",
993 __FUNCTION__, value);
994 return -1;
995 }
996 bcopy (hp->h_addr, addr, sizeof (unsigned int));
997 return 0;
998 }
999
1000 int set_listenaddr (char *word, char *value, int context, void *item)
1001 {
1002 switch (context & ~CONTEXT_DEFAULT)
1003 {
1004 case CONTEXT_GLOBAL:
1005 #ifdef DEBUG_FILE
1006 l2tp_log (LOG_DEBUG, "set_listenaddr: Setting listen address to %s\n",
1007 value);
1008 #endif
1009 if (set_ip (word, value, &(((struct global *) item)->listenaddr)))
1010 return -1;
1011 break;
1012 default:
1013 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
1014 word);
1015 return -1;
1016 }
1017 return 0;
1018 }
1019
1020 int set_localaddr (char *word, char *value, int context, void *item)
1021 {
1022 struct lac *l;
1023 struct lns *n;
1024 switch (context & ~CONTEXT_DEFAULT)
1025 {
1026 case CONTEXT_LAC:
1027 l = (struct lac *) item;
1028 return set_ip (word, value, &(l->localaddr));
1029 case CONTEXT_LNS:
1030 n = (struct lns *) item;
1031 return set_ip (word, value, &(n->localaddr));
1032 default:
1033 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
1034 word);
1035 return -1;
1036 }
1037 return 0;
1038 }
1039
1040 int set_remoteaddr (char *word, char *value, int context, void *item)
1041 {
1042 struct lac *l;
1043 switch (context & ~CONTEXT_DEFAULT)
1044 {
1045 case CONTEXT_LAC:
1046 l = (struct lac *) item;
1047 return set_ip (word, value, &(l->remoteaddr));
1048 default:
1049 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
1050 word);
1051 return -1;
1052 }
1053 return 0;
1054 }
1055
1056 int set_lns (char *word, char *value, int context, void *item)
1057 {
1058 #if 0
1059 struct hostent *hp;
1060 #endif
1061 struct lac *l;
1062 struct host *ipr, *pos;
1063 char *d;
1064 switch (context & ~CONTEXT_DEFAULT)
1065 {
1066 case CONTEXT_LAC:
1067 #ifdef DEBUG_FILE
1068 l2tp_log (LOG_DEBUG, "set_lns: setting LNS to '%s'\n", value);
1069 #endif
1070 l = (struct lac *) item;
1071 d = strchr (value, ':');
1072 if (d)
1073 {
1074 d[0] = 0;
1075 d++;
1076 }
1077 #if 0
1078 // why would you want to lookup hostnames at this time?
1079 hp = gethostbyname (value);
1080 if (!hp)
1081 {
1082 snprintf (filerr, sizeof (filerr), "no such host '%s'\n", value);
1083 return -1;
1084 }
1085 #endif
1086 ipr = malloc (sizeof (struct host));
1087 ipr->next = NULL;
1088 pos = l->lns;
1089 if (!pos)
1090 {
1091 l->lns = ipr;
1092 }
1093 else
1094 {
1095 while (pos->next)
1096 pos = pos->next;
1097 pos->next = ipr;
1098 }
1099 strncpy (ipr->hostname, value, sizeof (ipr->hostname));
1100 if (d)
1101 ipr->port = atoi (d);
1102 else
1103 ipr->port = UDP_LISTEN_PORT;
1104 break;
1105 default:
1106 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
1107 word);
1108 return -1;
1109 }
1110 return 0;
1111 }
1112
1113 int set_rand_sys ()
1114 {
1115 l2tp_log(LOG_WARNING, "The \"rand()\" function call is not a very good source"
1116 "of randomness\n");
1117 rand_source = RAND_SYS;
1118 return 0;
1119 }
1120
1121 int set_ipsec_saref (char *word, char *value, int context, void *item)
1122 {
1123 struct global *g = ((struct global *) item);
1124 switch (context & ~CONTEXT_DEFAULT)
1125 {
1126 case CONTEXT_GLOBAL:
1127 if (set_boolean
1128 (word, value, &(g->ipsecsaref)))
1129 return -1;
1130 if(g->ipsecsaref) {
1131 l2tp_log(LOG_INFO, "Enabling IPsec SAref processing for L2TP transport mode SAs\n");
1132 }
1133 if(g->forceuserspace != 1) {
1134 l2tp_log(LOG_WARNING, "IPsec SAref does not work with L2TP kernel mode yet, enabling forceuserspace=yes\n");
1135 }
1136 break;
1137 default:
1138 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n",
1139 word);
1140 return -1;
1141 }
1142 return 0;
1143 }
1144
1145 int set_saref_num (char *word, char *value, int context, void *item)
1146 {
1147 switch (context & ~CONTEXT_DEFAULT)
1148 {
1149 case CONTEXT_GLOBAL:
1150 l2tp_log (LOG_INFO, "Setting SAref IP_IPSEC_REFINFO number to %s\n", value);
1151 set_int (word, value, &(((struct global *) item)->sarefnum));
1152 break;
1153 default:
1154 snprintf (filerr, sizeof (filerr), "'%s' not valid in this context\n", word);
1155 return -1;
1156 }
1157 return 0;
1158 }
1159
1160 int set_rand_dev ()
1161 {
1162 rand_source = RAND_DEV;
1163 return 0;
1164 }
1165
1166 int set_rand_egd (char *value)
1167 {
1168 l2tp_log(LOG_WARNING, "%s: not yet implemented!\n", __FUNCTION__);
1169 rand_source = RAND_EGD;
1170 return -1;
1171 }
1172
1173 int set_rand_source (char *word, char *value, int context, void *item)
1174 {
1175 time_t seconds;
1176 /*
1177 * We're going to go ahead and seed the rand() function with srand()
1178 * because even if we set the randomness source to dev or egd, they
1179 * can fall back to sys if they fail, so we want to make sure we at
1180 * least have *some* semblance of randomness available from the
1181 * rand() function
1182 */
1183 /*
1184 * This is a sucky random number seed...just the result from the
1185 * time() call...but...the user requested to use the rand()
1186 * function, which is a pretty sucky source of randomness
1187 * regardless...at least we can get a almost sorta decent seed. If
1188 * you have any better suggestions for creating a seed...lemme know
1189 * :/
1190 */
1191 seconds = time(NULL);
1192 srand(seconds);
1193
1194 if (context != CONTEXT_GLOBAL)
1195 {
1196 l2tp_log(LOG_WARNING, "%s: %s not valid in context %d\n",
1197 __FUNCTION__, word, context);
1198 return -1;
1199 }
1200 /* WORKING HERE */
1201 if (strlen(value) == 0)
1202 {
1203 snprintf(filerr, sizeof (filerr), "no randomness source specified\n");
1204 return -1;
1205 }
1206 if (strncmp(value, "egd", 3) == 0)
1207 {
1208 return set_rand_egd(value);
1209 }
1210 else if (strncmp(value, "dev", 3) == 0)
1211 {
1212 return set_rand_dev();
1213 }
1214 else if (strncmp(value, "sys", 3) == 0)
1215 {
1216 return set_rand_sys();
1217 }
1218 else
1219 {
1220 l2tp_log(LOG_WARNING, "%s: %s is not a valid randomness source\n",
1221 __FUNCTION__, value);
1222 return -1;
1223
1224 }
1225 }
1226
1227 int parse_config (FILE * f)
1228 {
1229 /* Read in the configuration file handed to us */
1230 /* FIXME: I should check for incompatible options */
1231 int context = 0;
1232 char buf[STRLEN];
1233 char *s, *d, *t;
1234 int linenum = 0;
1235 int def = 0;
1236 void *data = NULL;
1237 struct lns *tl;
1238 struct lac *tc;
1239 while (!feof (f))
1240 {
1241 if (NULL == fgets (buf, sizeof (buf), f))
1242 {
1243 /* Error or EOL */
1244 break;
1245 }
1246 linenum++;
1247 s = buf;
1248 /* Strip comments */
1249 while (*s && *s != ';')
1250 s++;
1251 *s = 0;
1252 s = buf;
1253 if (!strlen (buf))
1254 continue;
1255 while ((*s < 33) && *s)
1256 s++; /* Skip over beginning white space */
1257 t = s + strlen (s);
1258 while ((t >= s) && (*t < 33))
1259 *(t--) = 0; /* Ditch trailing white space */
1260 if (!strlen (s))
1261 continue;
1262 if (s[0] == '[')
1263 {
1264 /* We've got a context description */
1265 if (!(t = strchr (s, ']')))
1266 {
1267 l2tp_log (LOG_CRIT, "parse_config: line %d: No closing bracket\n",
1268 linenum);
1269 return -1;
1270 }
1271 t[0] = 0;
1272 s++;
1273 if ((d = strchr (s, ' ')))
1274 {
1275 /* There's a parameter */
1276 d[0] = 0;
1277 d++;
1278 }
1279 if (d && !strcasecmp (d, "default"))
1280 def = CONTEXT_DEFAULT;
1281 else
1282 def = 0;
1283 if (!strcasecmp (s, "global"))
1284 {
1285 context = CONTEXT_GLOBAL;
1286 #ifdef DEBUG_FILE
1287 l2tp_log (LOG_DEBUG,
1288 "parse_config: global context descriptor %s\n",
1289 d ? d : "");
1290 #endif
1291 data = &gconfig;
1292 }
1293 else if (!strcasecmp (s, "lns"))
1294 {
1295 context = CONTEXT_LNS;
1296 if (def)
1297 {
1298 if (!deflns)
1299 {
1300 deflns = new_lns ();
1301 strncpy (deflns->entname, "default",
1302 sizeof (deflns->entname));
1303 }
1304 data = deflns;
1305 continue;
1306 }
1307 data = NULL;
1308 tl = lnslist;
1309 if (d)
1310 {
1311 while (tl)
1312 {
1313 if (!strcasecmp (d, tl->entname))
1314 break;
1315 tl = tl->next;
1316 }
1317 if (tl)
1318 data = tl;
1319 }
1320 if (!data)
1321 {
1322 data = new_lns ();
1323 if (!data)
1324 return -1;
1325 ((struct lns *) data)->next = lnslist;
1326 lnslist = (struct lns *) data;
1327 }
1328 if (d)
1329 strncpy (((struct lns *) data)->entname,
1330 d, sizeof (((struct lns *) data)->entname));
1331 #ifdef DEBUG_FILE
1332 l2tp_log (LOG_DEBUG, "parse_config: lns context descriptor %s\n",
1333 d ? d : "");
1334 #endif
1335 }
1336 else if (!strcasecmp (s, "lac"))
1337 {
1338 context = CONTEXT_LAC;
1339 if (def)
1340 {
1341 if (!deflac)
1342 {
1343 deflac = new_lac ();
1344 strncpy (deflac->entname, "default",
1345 sizeof (deflac->entname));
1346 }
1347 data = deflac;
1348 continue;
1349 }
1350 data = NULL;
1351 tc = laclist;
1352 if (d)
1353 {
1354 while (tc)
1355 {
1356 if (!strcasecmp (d, tc->entname))
1357 break;
1358 tc = tc->next;
1359 }
1360 if (tc)
1361 data = tc;
1362 }
1363 if (!data)
1364 {
1365 data = new_lac ();
1366 if (!data)
1367 return -1;
1368 ((struct lac *) data)->next = laclist;
1369 laclist = (struct lac *) data;
1370 }
1371 if (d)
1372 strncpy (((struct lac *) data)->entname,
1373 d, sizeof (((struct lac *) data)->entname));
1374 #ifdef DEBUG_FILE
1375 l2tp_log (LOG_DEBUG, "parse_config: lac context descriptor %s\n",
1376 d ? d : "");
1377 #endif
1378 }
1379 else
1380 {
1381 l2tp_log (LOG_WARNING,
1382 "parse_config: line %d: unknown context '%s'\n", linenum,
1383 s);
1384 return -1;
1385 }
1386 }
1387 else
1388 {
1389 if (!context)
1390 {
1391 l2tp_log (LOG_WARNING,
1392 "parse_config: line %d: data '%s' occurs with no context\n",
1393 linenum, s);
1394 return -1;
1395 }
1396 if (!(t = strchr (s, '=')))
1397 {
1398 l2tp_log (LOG_WARNING, "parse_config: line %d: no '=' in data\n",
1399 linenum);
1400 return -1;
1401 }
1402 d = t;
1403 d--;
1404 t++;
1405 while ((d >= s) && (*d < 33))
1406 d--;
1407 d++;
1408 *d = 0;
1409 while (*t && (*t < 33))
1410 t++;
1411 #ifdef DEBUG_FILE
1412 l2tp_log (LOG_DEBUG, "parse_config: field is %s, value is %s\n", s, t);
1413 #endif
1414 /* Okay, bit twidling is done. Let's handle this */
1415
1416 switch (parse_one_option (s, t, context | def, data))
1417 {
1418 case -1:
1419 l2tp_log (LOG_WARNING, "parse_config: line %d: %s", linenum,
1420 filerr);
1421 return -1;
1422 case -2:
1423 l2tp_log (LOG_CRIT, "parse_config: line %d: Unknown field '%s'\n",
1424 linenum, s);
1425 return -1;
1426 }
1427 }
1428 }
1429 return 0;
1430 }
1431
1432 int parse_one_option(char *word, char *value, int context, void *item)
1433 {
1434 struct keyword *kw;
1435
1436 for (kw = words; kw->keyword; kw++)
1437 {
1438 if (!strcasecmp (word, kw->keyword))
1439 {
1440 if (kw->handler (word, value, context, item))
1441 {
1442 return -1;
1443 }
1444 break;
1445 }
1446 }
1447 if (!kw->keyword)
1448 {
1449 return -2;
1450 }
1451 return 0;
1452 }
1453
1454 struct keyword words[] = {
1455 {"listen-addr", &set_listenaddr},
1456 {"port", &set_port},
1457 {"saref refinfo", &set_saref_num},
1458 {"rand source", &set_rand_source},
1459 {"auth file", &set_authfile},
1460 {"exclusive", &set_exclusive},
1461 {"autodial", &set_autodial},
1462 {"redial", &set_redial},
1463 {"redial timeout", &set_rtimeout},
1464 {"lns", &set_lns},
1465 {"max redials", &set_rmax},
1466 {"access control", &set_accesscontrol},
1467 {"force userspace", &set_userspace},
1468 {"ip range", &set_iprange},
1469 {"no ip range", &set_iprange},
1470 {"debug avp", &set_debugavp},
1471 {"debug network", &set_debugnetwork},
1472 {"debug packet", &set_debugpacket},
1473 {"debug tunnel", &set_debugtunnel},
1474 {"debug state", &set_debugstate},
1475 {"ipsec saref", &set_ipsec_saref},
1476 {"lac", &set_lac},
1477 {"no lac", &set_lac},
1478 {"assign ip", &set_assignip},
1479 {"local ip", &set_localaddr},
1480 {"remote ip", &set_remoteaddr},
1481 {"defaultroute", &set_defaultroute},
1482 {"length bit", &set_lbit},
1483 {"hidden bit", &set_hbit},
1484 {"require pap", &set_papchap},
1485 {"require chap", &set_papchap},
1486 {"require authentication", &set_papchap},
1487 {"require auth", &set_papchap},
1488 {"refuse pap", &set_papchap},
1489 {"refuse chap", &set_papchap},
1490 {"refuse authentication", &set_papchap},
1491 {"refuse auth", &set_papchap},
1492 {"unix authentication", &set_passwdauth},
1493 {"unix auth", &set_passwdauth},
1494 {"name", &set_authname},
1495 {"hostname", &set_hostname},
1496 {"ppp debug", &set_debug},
1497 {"pppoptfile", &set_pppoptfile},
1498 {"call rws", &set_rws},
1499 {"tunnel rws", &set_rws},
1500 {"flow bit", &set_flow},
1501 {"challenge", &set_challenge},
1502 {"tx bps", &set_speed},
1503 {"rx bps", &set_speed},
1504 {"bps", &set_speed},
1505 {NULL, NULL}
1506 };