git: 091a500aaa52 - main - net/mpd5: unbreak multihomed L2TP server setup and add WITHOUT_RADIUS
Eugene Grosbein
eugen at FreeBSD.org
Sat Sep 18 15:44:36 UTC 2021
The branch main has been updated by eugen:
URL: https://cgit.FreeBSD.org/ports/commit/?id=091a500aaa52832a07f3585478f812ca5db18dbc
commit 091a500aaa52832a07f3585478f812ca5db18dbc
Author: Eugene Grosbein <eugen at FreeBSD.org>
AuthorDate: 2021-09-18 15:41:57 +0000
Commit: Eugene Grosbein <eugen at FreeBSD.org>
CommitDate: 2021-09-18 15:44:24 +0000
net/mpd5: unbreak multihomed L2TP server setup and add WITHOUT_RADIUS
This change adds two improvements from upstream:
* Use IP_RECVDSTADDR socket option for IPv4 L2TP server
with unspecified self address (0.0.0.0) to determine destination
IP address of incoming request and bind new tunnel to right address.
This unbreaks multihomed L2TP server setup. (r2419)
* Add support for base system built without libradius
(WITHOUT_RADIUS_SUPPORT): this includes auto-detecting
libradius presence and force building without RADIUS support.
Default build is not affected and enables RADIUS support. (r2424)
---
net/mpd5/Makefile | 11 +-
net/mpd5/files/patch-l2tp-multihomed | 124 ++++++++
net/mpd5/files/patch-noradius | 588 +++++++++++++++++++++++++++++++++++
3 files changed, 721 insertions(+), 2 deletions(-)
diff --git a/net/mpd5/Makefile b/net/mpd5/Makefile
index 81fc894b519b..fcfda2185cb9 100644
--- a/net/mpd5/Makefile
+++ b/net/mpd5/Makefile
@@ -2,7 +2,7 @@
PORTNAME= mpd
DISTVERSION= 5.9
-PORTREVISION= 2
+PORTREVISION= 3
CATEGORIES= net
MASTER_SITES= SF/${PORTNAME}/Mpd5/Mpd-${PORTVERSION}
PKGNAMESUFFIX= 5
@@ -15,8 +15,10 @@ LICENSE= BSD3CLAUSE
USES= ssl
-OPTIONS_DEFINE= DOCS NG_IPACCT
+OPTIONS_DEFINE= DOCS NG_IPACCT RADIUS
+OPTIONS_DEFAULT= RADIUS
NG_IPACCT_DESC= Use ng_ipacct kernel module from port
+RADIUS_DESC= Enable RADIUS support
HAS_CONFIGURE= YES
CONFIGURE_WRKSRC= "${WRKSRC}/src"
@@ -37,6 +39,11 @@ CONFIGURE_ENV+= USE_NG_IPACCT=no
MAKE_ARGS+= USE_NG_IPACCT=no
.endif
+.if ! ${PORT_OPTIONS:MRADIUS}
+CONFIGURE_ENV+= USE_RADIUS=no
+MAKE_ARGS+= USE_RADIUS=no
+.endif
+
USE_RC_SUBR= mpd5
CONFSUF= conf secret script
DOCSDIR= ${PREFIX}/share/doc/mpd5
diff --git a/net/mpd5/files/patch-l2tp-multihomed b/net/mpd5/files/patch-l2tp-multihomed
new file mode 100644
index 000000000000..55d28f5d693e
--- /dev/null
+++ b/net/mpd5/files/patch-l2tp-multihomed
@@ -0,0 +1,124 @@
+Index: src/l2tp.c
+===================================================================
+--- src/l2tp.c (revision 2418)
++++ src/l2tp.c (revision 2419)
+@@ -1415,9 +1415,21 @@ L2tpServerEvent(int type, void *arg)
+ tun->self_port = s->self_port;
+ tun->alive = 1;
+
+- Log(LG_PHYS, ("Incoming L2TP packet from %s %d",
+- u_addrtoa(&tun->peer_addr, namebuf, sizeof(namebuf)), tun->peer_port));
++ if (u_addrempty(&tun->self_addr) &&
++ !GetSockDstAddress(s->sock, &tun->self_addr))
++ Log(LG_PHYS, ("Incoming L2TP packet from %s %d",
++ u_addrtoa(&tun->peer_addr, namebuf, sizeof(namebuf)),
++ tun->peer_port));
++ else {
++ char buf3[INET_ADDRSTRLEN];
+
++ Log(LG_PHYS, ("Incoming L2TP packet from %s %d to %s %d",
++ u_addrtoa(&tun->peer_addr, namebuf, sizeof(namebuf)),
++ tun->peer_port,
++ u_addrtoa(&tun->self_addr, buf3, sizeof(buf3)),
++ tun->self_port));
++ }
++
+ /* Examine all L2TP links to get best possible fit tunnel parameters. */
+ for (k = 0; k < gNumLinks; k++) {
+ Link l2;
+@@ -1552,7 +1564,7 @@ L2tpServerEvent(int type, void *arg)
+ }
+
+ /* Bind socket to a new port */
+- u_addrtosockaddr(&s->self_addr,s->self_port,&sas);
++ u_addrtosockaddr(&tun->self_addr,tun->self_port,&sas);
+ if (NgSendMsg(csock, namebuf, NGM_KSOCKET_COOKIE,
+ NGM_KSOCKET_BIND, &sas, sas.ss_len) == -1) {
+ Perror("L2TP: bind");
+@@ -1649,6 +1661,10 @@ L2tpListen(Link l)
+ SO_REUSEPORT, &one, sizeof(one)) == -1) {
+ Perror("L2TP: setsockopt");
+ goto fail;
++ }
++ if (u_addrempty(&s->self_addr)) {
++ int on = 1;
++ setsockopt(s->sock, IPPROTO_IP, IP_RECVDSTADDR, &on, sizeof(on));
+ }
+ u_addrtosockaddr(&s->self_addr, s->self_port, &sa);
+ if (bind(s->sock, (struct sockaddr *)&sa, sa.ss_len) == -1) {
+Index: src/util.c
+===================================================================
+--- src/util.c (revision 2418)
++++ src/util.c (revision 2419)
+@@ -16,8 +16,9 @@
+ #include <netdb.h>
+ #include <tcpd.h>
+ #include <sys/limits.h>
+-#include <sys/wait.h>
++#include <sys/socket.h>
+ #include <sys/sysctl.h>
++#include <sys/wait.h>
+ #include <net/route.h>
+ #include <netinet/if_ether.h>
+ #include <net/ethernet.h>
+@@ -1544,5 +1545,48 @@ IfaceSetFlag(const char *ifname, int value)
+ return (-1);
+ }
+ close(s);
++ return (0);
++}
++
++/*
++ * Obtain destination address of SOCK_DGRAM IPv4 UDP socket, if possible.
++ */
++int GetSockDstAddress(int sock, struct u_addr *addr)
++{
++ struct {
++ struct msghdr msg;
++ struct iovec iov;
++ union { /* ensure correct alignment for space */
++ struct cmsghdr cm;
++ char space[CMSG_SPACE(sizeof(struct in_addr))];
++ } buf;
++ char io[1024];
++ } b;
++
++ struct cmsghdr *p;
++ ssize_t size;
++
++ /* Sanity check */
++ if (addr->family != AF_INET)
++ return (0);
++
++ memset(&b, 0, sizeof(b));
++ b.msg.msg_iov = &b.iov;
++ b.msg.msg_iovlen = 1;
++ b.msg.msg_control = &b.buf;
++ b.msg.msg_controllen = sizeof(b.buf);
++ b.iov.iov_base = &b.io;
++ b.iov.iov_len = sizeof(b.io);
++
++ if ((size = recvmsg(sock, &b.msg, 0)) < 0) {
++ Perror("%s: recvmsg: %s", __FUNCTION__, strerror(errno));
++ return (0);
++ }
++
++ p = CMSG_FIRSTHDR(&b.msg);
++ if (p && p->cmsg_level == IPPROTO_IP && p->cmsg_type == IP_RECVDSTADDR) {
++ memcpy(&addr->u.ip4, CMSG_DATA(p), sizeof(addr->u.ip4));
++ return (1);
++ }
+ return (0);
+ }
+Index: src/util.h
+===================================================================
+--- src/util.h (revision 2418)
++++ src/util.h (revision 2419)
+@@ -98,6 +98,7 @@ extern u_long GenerateMagic(void);
+ extern int GetAnyIpAddress(struct u_addr *ipaddr, const char *ifname);
+ extern int GetEther(struct u_addr *addr, struct sockaddr_dl *hwaddr);
+ extern int GetPeerEther(struct u_addr *addr, struct sockaddr_dl *hwaddr);
++extern int GetSockDstAddress(int sock, struct u_addr *addr);
+ extern void ppp_util_ascify(char *buf, size_t max, const char *bytes, size_t len);
+ extern int IfaceSetFlag(const char *ifname, int value);
+
diff --git a/net/mpd5/files/patch-noradius b/net/mpd5/files/patch-noradius
new file mode 100644
index 000000000000..3c29e90d0f4d
--- /dev/null
+++ b/net/mpd5/files/patch-noradius
@@ -0,0 +1,588 @@
+Index: src/Makefile
+===================================================================
+--- src/Makefile (revision 2417)
++++ src/Makefile (working copy)
+@@ -60,6 +60,7 @@ USE_TCP_WRAP= yes
+ #USE_AUTH_OPIE= yes
+ USE_AUTH_PAM= yes
+ USE_AUTH_SYSTEM= yes
++USE_RADIUS?= yes
+
+ # Build without builtin web server.
+ #NOWEB= yes
+@@ -108,8 +109,10 @@ CFLAGS+= -DUSE_SYSTEM
+ LDADD+= -lnetgraph -lutil
+ DPADD+= ${LIBNETGRAPH}
+
++.if defined ( USE_RADIUS ) && ( ${USE_RADIUS} == yes )
+ LDADD+= -L/usr/lib -lradius
+ DPADD+= ${LIBRADIUS}
++.endif
+
+ # Obtained from bsd.port.mk
+ .if !defined ( OSVERSION )
+@@ -152,8 +155,12 @@ CFLAGS+= -DSYSLOG_FACILITY='"${SYSLOG_FACILITY}"'
+ STDSRCS= assert.c auth.c bund.c rep.c ccp.c chap.c \
+ console.c command.c ecp.c event.c fsm.c iface.c input.c \
+ ip.c ipcp.c ipv6cp.c lcp.c link.c log.c main.c mbuf.c mp.c \
+- msg.c ngfunc.c pap.c phys.c proto.c radius.c radsrv.c timer.c \
+- util.c vars.c eap.c msoft.c ippool.c
++ msg.c ngfunc.c pap.c phys.c proto.c timer.c \
++ util.c vars.c msoft.c ippool.c
++
++.if defined ( USE_RADIUS ) && ( ${USE_RADIUS} == yes )
++STDSRCS+= eap.c radius.c radsrv.c
++.endif
+
+ .if defined ( NOWEB )
+ CFLAGS+= -DNOWEB
+Index: src/auth.c
+===================================================================
+--- src/auth.c (revision 2411)
++++ src/auth.c (working copy)
+@@ -188,10 +188,12 @@ void
+ authparamsInit(struct authparams *ap)
+ {
+ memset(ap, 0, sizeof(struct authparams));
++#ifdef USE_RADIUS
+ ap->eapmsg = NULL;
+ ap->state = NULL;
+ ap->class = NULL;
+ ap->filter_id = NULL;
++#endif
+ ap->msdomain = NULL;
+ #ifdef SIOCSIFDESCR
+ ap->ifdescr = NULL;
+@@ -208,10 +210,12 @@ authparamsDestroy(struct authparams *ap)
+ int i;
+ #endif
+
++#ifdef USE_RADIUS
+ Freee(ap->eapmsg);
+ Freee(ap->state);
+ Freee(ap->class);
+ Freee(ap->filter_id);
++#endif
+
+ #ifdef USE_IPFW
+ ACLDestroy(ap->acl_rule);
+@@ -252,6 +256,7 @@ authparamsCopy(struct authparams *src, struct authpara
+
+ memcpy(dst, src, sizeof(struct authparams));
+
++#ifdef USE_RADIUS
+ if (src->eapmsg)
+ dst->eapmsg = Mdup(MB_AUTH, src->eapmsg, src->eapmsg_len);
+ if (src->state)
+@@ -260,6 +265,7 @@ authparamsCopy(struct authparams *src, struct authpara
+ dst->class = Mdup(MB_AUTH, src->class, src->class_len);
+ if (src->filter_id)
+ dst->filter_id = Mstrdup(MB_AUTH, src->filter_id);
++#endif
+
+ #ifdef USE_IPFW
+ ACLCopy(src->acl_rule, &dst->acl_rule);
+@@ -308,8 +314,10 @@ AuthInit(Link l)
+ Enable(&ac->options, AUTH_CONF_INTERNAL);
+ Enable(&ac->options, AUTH_CONF_ACCT_MANDATORY);
+
++#ifdef USE_RADIUS
+ EapInit(l);
+ RadiusInit(l);
++#endif
+ }
+
+ /*
+@@ -420,9 +428,11 @@ AuthStart(Link l)
+ case PROTO_CHAP:
+ ChapStart(l, AUTH_SELF_TO_PEER);
+ break;
++#ifdef USE_RADIUS
+ case PROTO_EAP:
+ EapStart(l, AUTH_SELF_TO_PEER);
+ break;
++#endif
+ default:
+ assert(0);
+ }
+@@ -437,9 +447,11 @@ AuthStart(Link l)
+ case PROTO_CHAP:
+ ChapStart(l, AUTH_PEER_TO_SELF);
+ break;
++#ifdef USE_RADIUS
+ case PROTO_EAP:
+ EapStart(l, AUTH_PEER_TO_SELF);
+ break;
++#endif
+ default:
+ assert(0);
+ }
+@@ -449,6 +461,7 @@ AuthStart(Link l)
+ * AuthInput()
+ *
+ * Deal with PAP/CHAP/EAP packet
++ * But cannot be called for EAP packet if RADIUS support is not compiled in.
+ */
+
+ void
+@@ -494,15 +507,16 @@ AuthInput(Link l, int proto, Mbuf bp)
+ len -= sizeof(fsmh);
+ pkt = MBDATA(bp);
+
++#ifdef USE_RADIUS
+ if (proto == PROTO_EAP && bp) {
+ Log(LG_AUTH, ("[%s] %s: rec'd %s #%d len: %hu, type: %s", l->name,
+ ProtoName(proto), AuthCode(proto, fsmh.code, buf, sizeof(buf)), fsmh.id,
+ fsmh_len, EapType(pkt[0])));
+- } else {
++ } else
++#endif
+ Log(LG_AUTH, ("[%s] %s: rec'd %s #%d len: %hu", l->name,
+ ProtoName(proto), AuthCode(proto, fsmh.code, buf, sizeof(buf)), fsmh.id,
+ fsmh_len));
+- }
+
+ auth = AuthDataNew(l);
+ auth->proto = proto;
+@@ -518,9 +532,11 @@ AuthInput(Link l, int proto, Mbuf bp)
+ case PROTO_CHAP:
+ ChapInput(l, auth, pkt, len);
+ break;
++#ifdef USE_RADIUS
+ case PROTO_EAP:
+ EapInput(l, auth, pkt, len);
+ break;
++#endif
+ default:
+ assert(0);
+ }
+@@ -563,13 +579,14 @@ AuthOutput(Link l, int proto, u_int code, u_int id, co
+ }
+ bp = mbcopyback(bp, MBLEN(bp), ptr, len);
+
++#ifdef USE_RADIUS
+ if (proto == PROTO_EAP) {
+ Log(LG_AUTH, ("[%s] %s: sending %s #%d len: %d, type: %s", l->name,
+ ProtoName(proto), AuthCode(proto, code, buf, sizeof(buf)), id, plen, EapType(eap_type)));
+- } else {
++ } else
++#endif
+ Log(LG_AUTH, ("[%s] %s: sending %s #%d len: %d", l->name,
+ ProtoName(proto), AuthCode(proto, code, buf, sizeof(buf)), id, plen));
+- }
+
+ /* Send it out */
+ NgFuncWritePppFrameLink(l, proto, bp);
+@@ -718,7 +735,9 @@ AuthStop(Link l)
+ TimerStop(&a->timer);
+ PapStop(&a->pap);
+ ChapStop(&a->chap);
++#ifdef USE_RADIUS
+ EapStop(&a->eap);
++#endif
+ paction_cancel(&a->thread);
+ }
+
+@@ -979,8 +998,10 @@ AuthAccount(void *arg)
+
+ Log(LG_AUTH2, ("[%s] ACCT: Thread started", auth->info.lnkname));
+
++#ifdef USE_RADIUS
+ if (Enabled(&auth->conf.options, AUTH_CONF_RADIUS_ACCT))
+ err |= RadiusAccount(auth);
++#endif
+ #ifdef USE_PAM
+ if (Enabled(&auth->conf.options, AUTH_CONF_PAM_ACCT))
+ err |= AuthPAMAcct(auth);
+@@ -1020,8 +1041,10 @@ AuthAccountFinish(void *arg, int was_canceled)
+ auth->info.lnkname));
+ }
+
++#ifdef USE_RADIUS
+ /* Cleanup */
+ RadiusClose(auth);
++#endif
+
+ if (was_canceled) {
+ AuthDataDestroy(auth);
+@@ -1188,6 +1211,7 @@ AuthAsync(void *arg)
+ return;
+ }
+ }
++#ifdef USE_RADIUS
+ if (auth->proto == PROTO_EAP && auth->eap_radius) {
+ auth->params.authentic = AUTH_CONF_RADIUS_AUTH;
+ RadiusEapProxy(auth);
+@@ -1205,6 +1229,7 @@ AuthAsync(void *arg)
+ return;
+ }
+ }
++#endif
+ #ifdef USE_PAM
+ if (Enabled(&auth->conf.options, AUTH_CONF_PAM_AUTH)) {
+ auth->params.authentic = AUTH_CONF_PAM_AUTH;
+@@ -1274,8 +1299,10 @@ AuthAsyncFinish(void *arg, int was_canceled)
+ if (was_canceled)
+ Log(LG_AUTH2, ("[%s] AUTH: Thread was canceled", auth->info.lnkname));
+
++#ifdef USE_RADIUS
+ /* cleanup */
+ RadiusClose(auth);
++#endif
+
+ if (was_canceled) {
+ AuthDataDestroy(auth);
+@@ -1948,9 +1975,11 @@ static const char *
+ AuthCode(int proto, u_char code, char *buf, size_t len)
+ {
+ switch (proto) {
++#ifdef USE_RADIUS
+ case PROTO_EAP:
+ return EapCode(code, buf, len);
+
++#endif
+ case PROTO_CHAP:
+ return ChapCode(code, buf, len);
+
+Index: src/auth.h
+===================================================================
+--- src/auth.h (revision 2411)
++++ src/auth.h (working copy)
+@@ -113,6 +113,7 @@ struct authparams {
+ struct in_addr peer_dns[2]; /* DNS servers for peer to use */
+ struct in_addr peer_nbns[2]; /* NBNS servers for peer to use */
+
++#ifdef USE_RADIUS
+ char *eapmsg; /* EAP Msg for forwarding to RADIUS
+ * server */
+ int eapmsg_len;
+@@ -125,6 +126,7 @@ struct authparams {
+
+ char *filter_id; /* RADIUS Framed-Filter-Id attribute */
+
++#endif
+ char action[8 + LINK_MAX_NAME];
+
+ #ifdef USE_IPFW
+@@ -204,7 +206,9 @@ struct authparams {
+ };
+
+ struct authconf {
++#ifdef USE_RADIUS
+ struct radiusconf radius; /* RADIUS configuration */
++#endif
+ char authname[AUTH_MAX_AUTHNAME]; /* Configured username */
+ char password[AUTH_MAX_PASSWORD]; /* Configured password */
+ u_int acct_update;
+@@ -231,7 +235,9 @@ struct auth {
+ struct pppTimer acct_timer; /* Timer for accounting updates */
+ struct papinfo pap; /* PAP state */
+ struct chapinfo chap; /* CHAP state */
++#ifdef USE_RADIUS
+ struct eapinfo eap; /* EAP state */
++#endif
+ struct paction *thread; /* async auth thread */
+ struct paction *acct_thread; /* async accounting auth thread */
+ struct authconf conf; /* Auth backends, RADIUS, etc. */
+@@ -253,7 +259,9 @@ struct authdata {
+ u_int code; /* Proto specific code */
+ u_char acct_type; /* Accounting type, Start, Stop,
+ * Update */
++#ifdef USE_RADIUS
+ u_char eap_radius;
++#endif
+ u_char status;
+ u_char why_fail;
+ char *reply_message; /* Text wich may displayed to the user */
+@@ -261,10 +269,13 @@ struct authdata {
+ char *mschapv2resp; /* Response String for MSCHAPv2 */
+ void (*finish) (Link l, struct authdata *auth); /* Finish handler */
+ int drop_user; /* RAD_MPD_DROP_USER value sent by
+- * RADIUS server */
++ * RADIUS server or external acct script */
++#ifdef USE_RADIUS
+ struct {
+ struct rad_handle *handle; /* the RADIUS handle */
+ } radius;
++#endif
++
+ #ifdef USE_OPIE
+ struct {
+ struct opie data;
+Index: src/command.c
+===================================================================
+--- src/command.c (revision 2411)
++++ src/command.c (working copy)
+@@ -223,8 +223,10 @@
+ #endif
+ { "ecp", "ECP status",
+ EcpStat, AdmitBund, 0, NULL },
++#ifdef USE_RADIUS
+ { "eap", "EAP status",
+ EapStat, AdmitLink, 0, NULL },
++#endif
+ { "events", "Current events",
+ ShowEvents, NULL, 0, NULL },
+ { "ipcp", "IPCP status",
+@@ -253,8 +255,10 @@
+ LinkStat, AdmitLink, 0, NULL },
+ { "auth", "Auth status",
+ AuthStat, AdmitLink, 0, NULL },
++#ifdef USE_RADIUS
+ { "radius", "RADIUS status",
+ RadStat, AdmitLink, 0, NULL },
++#endif
+ #ifdef RAD_COA_REQUEST
+ { "radsrv", "RADIUS server status",
+ RadsrvStat, NULL, 0, NULL },
+@@ -293,8 +297,10 @@
+ };
+
+ static const struct cmdtab UnSetCommands[] = {
++#ifdef USE_RADIUS
+ { "radius ...", "RADIUS specific stuff",
+ CMD_SUBMENU, AdmitLink, 2, RadiusUnSetCmds },
++#endif
+ #ifdef NG_NAT_DESC_LENGTH
+ { "nat ...", "NAT specific stuff",
+ CMD_SUBMENU, AdmitBund, 2, NatUnSetCmds },
+@@ -303,6 +309,8 @@
+ };
+
+ static const struct cmdtab SetCommands[] = {
++ { "auth ...", "Auth specific stuff",
++ CMD_SUBMENU, AdmitLink, 2, AuthSetCmds },
+ { "bundle ...", "Bundle specific stuff",
+ CMD_SUBMENU, AdmitBund, 2, BundSetCmds },
+ { "link ...", "Link specific stuff",
+@@ -323,15 +331,15 @@
+ #endif
+ { "ecp ...", "ECP specific stuff",
+ CMD_SUBMENU, AdmitBund, 2, EcpSetCmds },
++#ifdef USE_RADIUS
+ { "eap ...", "EAP specific stuff",
+ CMD_SUBMENU, AdmitLink, 2, EapSetCmds },
+- { "auth ...", "Auth specific stuff",
+- CMD_SUBMENU, AdmitLink, 2, AuthSetCmds },
+ { "radius ...", "RADIUS specific stuff",
+ CMD_SUBMENU, AdmitLink, 2, RadiusSetCmds },
+ #ifdef RAD_COA_REQUEST
+ { "radsrv ...", "RADIUS server specific stuff",
+ CMD_SUBMENU, NULL, 2, RadsrvSetCmds },
++#endif
+ #endif
+ { "console ...", "Console specific stuff",
+ CMD_SUBMENU, NULL, 0, ConsoleSetCmds },
+Index: src/configure
+===================================================================
+--- src/configure (revision 2411)
++++ src/configure (working copy)
+@@ -122,6 +122,13 @@ else
+ echo " not found."
+ fi
+
++echo -n "Looking for radius support ..."
++if [ "$USE_RADIUS" = no ]; then
++ echo " disabled."
++else if [ -e /usr/include/radlib.h ]
++then
++ echo " found."
++ echo "#define HAVE_RADIUS 1" >> $CONFIG
+
+ echo -n "Looking for rad_bind_to() ..."
+ if /usr/bin/grep rad_bind_to /usr/include/radlib.h >/dev/null 2>&1
+@@ -140,6 +147,8 @@ then
+ else
+ echo " not found."
+ fi
++fi
++fi # RADIUS support
+
+ echo -n "Looking for ether_ntoa_r() ..."
+ if /usr/bin/grep ether_ntoa_r /usr/include/net/ethernet.h >/dev/null 2>&1
+Index: src/defs.h
+===================================================================
+--- src/defs.h (revision 2411)
++++ src/defs.h (working copy)
+@@ -55,6 +55,9 @@
+ #ifndef HAVE_IPFW
+ #undef USE_IPFW
+ #endif
++#ifdef HAVE_RADIUS
++ #define USE_RADIUS
++#endif
+ #ifndef HAVE_RAD_BIND
+ #undef HAVE_RAD_BIND
+ #endif
+Index: src/eap.h
+===================================================================
+--- src/eap.h (revision 2411)
++++ src/eap.h (working copy)
+@@ -77,6 +77,7 @@
+ EAP_TYPE_FAST /* EAP-FAST */
+ };
+
++#ifdef USE_RADIUS
+ extern const struct cmdtab EapSetCmds[];
+
+ /* Configuration for a link */
+@@ -109,5 +110,6 @@
+ extern const char *EapType(u_char type);
+ extern int EapStat(Context ctx, int ac, const char *const av[], const void *arg);
+
++#endif /* USE_RADIUS */
+ #endif
+
+Index: src/iface.c
+===================================================================
+--- src/iface.c (revision 2416)
++++ src/iface.c (working copy)
+@@ -1110,7 +1110,10 @@ IfaceIpIfaceUp(Bund b, int ready)
+ u_addrtoa(&iface->peer_addr, peerbuf, sizeof(peerbuf)),
+ *b->params.authname ? b->params.authname : "-",
+ ns1buf, ns2buf, *b->params.peeraddr ? b->params.peeraddr : "-",
+- b->params.filter_id ? b->params.filter_id : "-");
++#ifdef USE_RADIUS
++ b->params.filter_id ? b->params.filter_id :
++#endif
++ "-");
+ if (res != 0) {
+ FsmFailure(&b->ipcp.fsm, FAIL_NEGOT_FAILURE);
+ return (-1);
+@@ -1142,7 +1145,10 @@ IfaceIpIfaceDown(Bund b)
+ u_addrtoa(&iface->peer_addr, peerbuf, sizeof(peerbuf)),
+ *b->params.authname ? b->params.authname : "-",
+ *b->params.peeraddr ? b->params.peeraddr : "-",
+- b->params.filter_id ? b->params.filter_id : "-");
++#ifdef USE_RADIUS
++ b->params.filter_id ? b->params.filter_id :
++#endif
++ "-");
+ }
+
+ /* Delete dynamic routes */
+@@ -1254,7 +1260,10 @@ IfaceIpv6IfaceUp(Bund b, int ready)
+ u_addrtoa(&iface->peer_ipv6_addr, peerbuf, sizeof(peerbuf)), iface->ifname,
+ *b->params.authname ? b->params.authname : "-",
+ *b->params.peeraddr ? b->params.peeraddr : "-",
+- b->params.filter_id ? b->params.filter_id : "-");
++#ifdef USE_RADIUS
++ b->params.filter_id ? b->params.filter_id :
++#endif
++ "-");
+ if (res != 0) {
+ FsmFailure(&b->ipv6cp.fsm, FAIL_NEGOT_FAILURE);
+ return (-1);
+@@ -1287,7 +1296,10 @@ IfaceIpv6IfaceDown(Bund b)
+ u_addrtoa(&iface->peer_ipv6_addr, peerbuf, sizeof(peerbuf)), iface->ifname,
+ *b->params.authname ? b->params.authname : "-",
+ *b->params.peeraddr ? b->params.peeraddr : "-",
+- b->params.filter_id ? b->params.filter_id : "-");
++#ifdef USE_RADIUS
++ b->params.filter_id ? b->params.filter_id :
++#endif
++ "-");
+ }
+
+ /* Delete dynamic routes */
+Index: src/input.c
+===================================================================
+--- src/input.c (revision 2411)
++++ src/input.c (working copy)
+@@ -101,9 +101,16 @@ InputDispatch(Bund b, Link l, int proto, Mbuf bp)
+ return(0);
+ case PROTO_PAP:
+ case PROTO_CHAP:
++ AuthInput(l, proto, bp);
++ return(0);
+ case PROTO_EAP:
++#ifdef USE_RADIUS
+ AuthInput(l, proto, bp);
+ return(0);
++#else
++ reject = 1;
++ goto done;
++#endif
+ case PROTO_MP:
+ if (!Enabled(&l->conf.options, LINK_CONF_MULTILINK))
+ reject = 1;
+Index: src/main.c
+===================================================================
+--- src/main.c (revision 2411)
++++ src/main.c (working copy)
+@@ -97,7 +97,9 @@
+ #ifndef NOWEB
+ struct web gWeb;
+ #endif
++#ifdef USE_RADIUS
+ struct radsrv gRadsrv;
++#endif
+ int gBackground = FALSE;
+ int gShutdownInProgress = FALSE;
+ int gOverload = 0;
+Index: src/ppp.h
+===================================================================
+--- src/ppp.h (revision 2414)
++++ src/ppp.h (working copy)
+@@ -203,7 +203,9 @@
+ extern int gNumBundles; /* Total number of bundles */
+ extern struct console gConsole;
+ extern struct web gWeb;
++#ifdef USE_RADIUS
+ extern struct radsrv gRadsrv;
++#endif
+ extern int gBackground;
+ extern int gShutdownInProgress;
+ extern int gOverload;
+Index: src/radius.h
+===================================================================
+--- src/radius.h (revision 2411)
++++ src/radius.h (working copy)
+@@ -5,6 +5,13 @@
+ *
+ */
+
++#ifndef _RADIUS_H_
++#define _RADIUS_H_
++
++#include "defs.h"
++
++#ifdef USE_RADIUS
++
+ #ifdef CCP_MPPC
+ #include <netgraph/ng_mppc.h>
+ #endif
+@@ -15,8 +22,6 @@
+
+ #include "iface.h"
+
+-#ifndef _RADIUS_H_
+-#define _RADIUS_H_
+
+ /*
+ * DEFINITIONS
+@@ -189,4 +194,5 @@ extern void RadiusClose(struct authdata *auth);
+ extern void RadiusEapProxy(void *arg);
+ extern int RadStat(Context ctx, int ac, const char *const av[], const void *arg);
+
++#endif /* USE_RADIUS */
+ #endif
+Index: src/radsrv.h
+===================================================================
+--- src/radsrv.h (revision 2411)
++++ src/radsrv.h (working copy)
+@@ -9,6 +9,8 @@
+ #define _RADSRV_H_
+
+ #include "defs.h"
++
++#ifdef USE_RADIUS
+ #include <radlib.h>
+
+ /*
+@@ -57,4 +59,5 @@ extern int RadsrvOpen(Radsrv c);
+ extern int RadsrvClose(Radsrv c);
+ extern int RadsrvStat(Context ctx, int ac, const char *const av[], const void *arg);
+
++#endif /* USE_RADIUS */
+ #endif
More information about the dev-commits-ports-all
mailing list