Hello community, here is the log from the commit of package xl2tpd.1151 for openSUSE:12.2:Update checked in at 2012-12-17 16:33:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.2:Update/xl2tpd.1151 (Old) and /work/SRC/openSUSE:12.2:Update/.xl2tpd.1151.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xl2tpd.1151", Maintainer is "" Changes: -------- New Changes file: --- /dev/null 2012-11-30 12:21:47.308011256 +0100 +++ /work/SRC/openSUSE:12.2:Update/.xl2tpd.1151.new/xl2tpd.changes 2012-12-17 16:33:58.000000000 +0100 @@ -0,0 +1,337 @@ +------------------------------------------------------------------- +Mon Nov 26 10:24:38 UTC 2012 - [email protected] + +- don't use old version of if_pppol2tp.h (bnc#791109) + +------------------------------------------------------------------- +Wed Nov 21 06:04:50 UTC 2012 - [email protected] + +- xl2tpd Add kernel support for 2.6.23+ (patch v12) + xl2tpd-1.3.0-0001-Add-kernel-support-for-2.6.32.patch + Public Clone URL: git://gist.github.com/1306094.git + (bnc#790250). + +------------------------------------------------------------------- +Fri Aug 31 21:45:57 UTC 2012 - [email protected] + +- Add systemd support. + +------------------------------------------------------------------- +Thu Oct 26 20:10:00 UTC 2011 - [email protected] + +- update to xl2tpd 1.3.0 + * added xl2tpd-control tool (activates/disconnects the tunnel, + actions with lac configuration file) + * fixed bug causing "Resource temporarily unavailable(11)" in log + * fixed xl2tpd hungs and won't redial after communication fail + * fixed buffer overrun in reading >16 char l2tp-secrets + +------------------------------------------------------------------- +Tue May 4 12:30:00 CEST 2010 - [email protected] + +- fixed rpmlint dir-or-file-in-var-run + +------------------------------------------------------------------- +Thu Apr 22 09:23:57 UTC 2010 - [email protected] + +- Fix specfile, debug_package will get inserted automatically. +- Do not use license package. + +------------------------------------------------------------------- +Fri Apr 16 15:01:13 CEST 2010 - eri_zaq@please-enter-an-email-address + +- xl2tpd-1.2.4-4 +- Fix init script to stop service correctly +- *.changes +------------------------------------------------------------------- +Mon Mar 15 00:00:00 CET 2010 - [email protected] + +- xl2tpd-1.2.4-3 +- avoid a huge overload of duplicated files + +------------------------------------------------------------------- +Thu Mar 11 00:00:00 CET 2010 - [email protected] + +- xl2tpd-1.2.4-2 +- xl2tpd-doc-1.2.4-2 +- *-doc package +- cleanup init script + +------------------------------------------------------------------- +Wed Mar 10 00:00:00 CET 2010 - [email protected] + +- xl2tpd-1.2.4-1 +- patch for init file + +------------------------------------------------------------------- +Tue Oct 28 00:00:00 CET 2008 - [email protected] + +- Adjust build requires + +------------------------------------------------------------------- +Sun Oct 26 00:00:00 CEST 2008 - [email protected] + +- Updated Suse init scripts and spec file +- Added pfc for pppd's precompiled-active-filter + +------------------------------------------------------------------- +Fri Apr 18 00:00:00 CEST 2008 - [email protected] + +- Updated Suse init scripts and spec file + +------------------------------------------------------------------- +Tue Jun 26 00:00:00 CEST 2007 - [email protected] + +- Minor changes to spec file to accomodate new README files + +------------------------------------------------------------------- +Fri Feb 23 00:00:00 CET 2007 - [email protected] + +- Upgraded to 1.1.08 +- This works around the ppp-2.4.2-6.4 issue of not dying on SIGTERM + +------------------------------------------------------------------- +Mon Feb 19 00:00:00 CET 2007 - [email protected] + +- Upgraded to 1.1.07 +- Fixes from Tuomo Soini for pidfile handling with Fedora +- Fix hardcoded version for Source in spec file. + +------------------------------------------------------------------- +Thu Dec 7 00:00:00 CET 2006 - [email protected] + +- Changed space/tab replacing method + +------------------------------------------------------------------- +Wed Dec 6 00:00:00 CET 2006 - [email protected] + +- Added -p to keep original timestamps +- Added temporary hack to change space/tab in init file. +- Added /sbin/service dependancy + +------------------------------------------------------------------- +Tue Dec 5 00:00:00 CET 2006 - [email protected] + +- Changed Mr. Karlsen's name to not be a utf8 problem +- Fixed Obosoletes/Provides to be more specific wrt l2tpd. +- Added dist tag which accidentally got deleted. + +------------------------------------------------------------------- +Mon Dec 4 00:00:00 CET 2006 - [email protected] + +- Rebased spec file on Fedora Extras copy, but using xl2tpd as package name + +------------------------------------------------------------------- +Sun Nov 27 00:00:00 CET 2005 - [email protected] + +- Pulled up sourceforget.net CVS fixes. +- various debugging added, but debugging should not be on by default. +- async/sync conversion routines must be ready for possibility that the read + will block due to routing loops. +- refactor control socket handling. +- move all logic about pty usage to pty.c. Try ptmx first, if it fails try + legacy ptys +- rename log() to l2tp_log(), as "log" is a math function. +- if we aren't deamonized, then log to stderr. +- added install: and DESTDIR support. + +------------------------------------------------------------------- +Thu Oct 20 00:00:00 CEST 2005 - [email protected] + +- Removed suse/mandrake specifics. Comply for Fedora Extras guidelines + +------------------------------------------------------------------- +Tue Jun 21 00:00:00 CEST 2005 - [email protected] + +- Added log() patch by Paul Wouters so that l2tpd compiles on FC4. + +------------------------------------------------------------------- +Sat Jun 4 00:00:00 CEST 2005 - [email protected] + +- l2tpd.org has been hijacked. Project moved back to SourceForge: + http://l2tpd.sourceforge.net + +------------------------------------------------------------------- +Tue May 3 00:00:00 CEST 2005 - [email protected] + +- Small Makefile fixes. Explicitly use gcc instead of cc. + Network services library was not linked on Solaris due to typo. + +------------------------------------------------------------------- +Thu Mar 17 00:00:00 CET 2005 - [email protected] + +- Choosing between SysV or BSD style ptys is now configurable through + a compile-time boolean "unix98pty". + +------------------------------------------------------------------- +Fri Feb 4 00:00:00 CET 2005 - [email protected] + +- Added code from Roaring Penguin (rp-l2tp) to support SysV-style ptys. + Requires the N_HDLC kernel module. + +------------------------------------------------------------------- +Fri Nov 26 00:00:00 CET 2004 - [email protected] + +- Updated the README. + +------------------------------------------------------------------- +Wed Nov 10 00:00:00 CET 2004 - [email protected] + +- Patch by Marald Klein and Roger Luethi. Fixes writing PID file. + (http://l2tpd.graffl.net/msg01790.html) + Long overdue. Rereleasing 10jdl. + +------------------------------------------------------------------- +Tue Nov 9 00:00:00 CET 2004 - [email protected] + +- [SECURITY FIX] Added fix from Debian because of a bss-based + buffer overflow. + (http://www.mail-archive.com/[email protected]/msg01071.html) +- Mandrake's FreeS/WAN, Openswan and Strongswan RPMS use configuration + directories /etc/{freeswan,openswan,strongswan}. Install our + configuration files to /etc/ipsec.d and create symbolic links in + those directories. + +------------------------------------------------------------------- +Wed Aug 18 00:00:00 CEST 2004 - [email protected] + ++++ 140 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.2:Update/.xl2tpd.1151.new/xl2tpd.changes New: ---- Makefile.patch xl2tpd-1.3.0-0001-Add-kernel-support-for-2.6.32.patch xl2tpd-1.3.0.tar.bz2 xl2tpd.changes xl2tpd.init.patch xl2tpd.service xl2tpd.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xl2tpd.spec ++++++ # # spec file for package xl2tpd # # Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Summary: Layer 2 Tunnelling Protocol Daemon (RFC 2661) License: GPL-2.0 Group: Productivity/Networking/System Name: xl2tpd Version: 1.3.0 Release: 0 Url: http://www.xelerance.com/software/xl2tpd/ Source0: %{name}-%{version}.tar.bz2 Source1: %{name}.service Patch0: Makefile.patch Patch1: xl2tpd.init.patch # PATCH-FIX-UPSTREAM xl2tpd-1.3.0-0001-Add-kernel-support-for-2.6.32.patch bnc#790250 [email protected] -- xl2tpd Add kernel support for 2.6.23+ Patch2: xl2tpd-1.3.0-0001-Add-kernel-support-for-2.6.32.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: ppp %if %sles_version >= 10 BuildRequires: libpcap BuildRequires: linux-kernel-headers => 2.6.19 %endif BuildRequires: libpcap-devel BuildRequires: linux-kernel-headers Obsoletes: l2tpd <= 0.68 Provides: l2tpd = 0.69 %if 0%{?suse_version} >= 1210 BuildRequires: systemd %{?systemd_requires} %define has_systemd 1 %endif %description xl2tpd is an implementation of the Layer 2 Tunnelling Protocol (RFC 2661). L2TP allows you to tunnel PPP over UDP. Some ISPs use L2TP to tunnel user sessions from dial-in servers (modem banks, ADSL DSLAMs) to back-end PPP servers. Another important application is Virtual Private Networks where the IPsec protocol is used to secure the L2TP connection (L2TP/IPsec, RFC 3193). The L2TP/IPsec protocol is mainly used by Windows and Mac OS X clients. On Linux, xl2tpd can be used in combination with IPsec implementations such as Openswan. Example configuration files for such a setup are included in this RPM. xl2tpd works by opening a pseudo-tty for communicating with pppd. It runs completely in userspace but supports kernel mode L2TP. xl2tpd supports IPsec SA Reference tracking to enable overlapping internak NAT'ed IP's by different clients (eg all clients connecting from their linksys internal IP 192.168.1.101) as well as multiple clients behind the same NAT router. xl2tpd supports the pppol2tp kernel mode operations on 2.6.23 or higher, or via a patch in contrib for 2.4.x kernels. Xl2tpd is based on the 0.69 L2TP by Jeff McAdams <[email protected]> It was de-facto maintained by Jacco de Leeuw <[email protected]> in 2002 and 2003. %package -n xl2tpd-doc Summary: Documentation for xl2tpd package Group: Documentation/Man Version: 1.3.0 Release: 0 %description -n xl2tpd-doc This package contains the documentation for using the xl2tpd daemon %prep %setup -q %patch0 %patch1 %patch2 -p1 rm linux/include/linux/if_pppol2tp.h %build make DFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE $(getconf LFS_CFLAGS)" %install export PREFIX=/usr make DESTDIR=%{buildroot} MANDIR=%{buildroot}/%{_mandir} install install -p -D -m644 examples/xl2tpd.conf %{buildroot}%{_sysconfdir}/xl2tpd/xl2tpd.conf install -p -D -m644 examples/ppp-options.xl2tpd %{buildroot}%{_sysconfdir}/ppp/options.xl2tpd install -p -D -m600 doc/l2tp-secrets.sample %{buildroot}%{_sysconfdir}/xl2tpd/l2tp-secrets install -p -D -m600 examples/chapsecrets.sample %{buildroot}%{_sysconfdir}/ppp/chap-secrets.sample install -p -D -m755 packaging/suse/xl2tpd.init %{buildroot}%{_initrddir}/xl2tpd ln -sf /etc/init.d/xl2tpd $RPM_BUILD_ROOT/%{_sbindir}/rcxl2tpd install -p -D -m755 -d %{buildroot}%{_localstatedir}/run/xl2tpd %if 0%{?has_systemd} install -D -m0644 %{S:1} %{buildroot}%{_unitdir}/%{name}.service mkdir -p %{buildroot}/usr/lib/modules-load.d echo "l2tp_ppp" > %{buildroot}/usr/lib/modules-load.d/%{name}.conf %endif %clean rm -rf %{buildroot} %pre %if 0%{?has_systemd} %service_add_pre %{name}.service %endif %post %{fillup_and_insserv xl2tpd} # if we migrate from l2tpd to xl2tpd, copy the configs if [ -f /etc/l2tpd/l2tpd.conf ] then echo "Old /etc/l2tpd configuration found, migrating to /etc/xl2tpd" mv /etc/xl2tpd/xl2tpd.conf /etc/xl2tpd/xl2tpd.conf.rpmsave cat /etc/l2tpd/l2tpd.conf | sed "s/options.l2tpd/options.xl2tpd/" > /etc/xl2tpd/xl2tpd.conf mv /etc/ppp/options.xl2tpd /etc/ppp/options.xl2tpd.rpmsave mv /etc/ppp/options.l2tpd /etc/ppp/options.xl2tpd mv /etc/xl2tpd/l2tp-secrets /etc/xl2tpd/l2tpd-secrets.rpmsave cp -pa /etc/l2tpd/l2tp-secrets /etc/xl2tpd/l2tp-secrets fi %if 0%{?has_systemd} %service_add_post %{name}.service %endif %preun %stop_on_removal xl2tpd %if 0%{?has_systemd} %service_del_preun %{name}.service %endif %postun %restart_on_update xl2tpd %insserv_cleanup %if 0%{?has_systemd} %service_del_postun %{name}.service %endif %files %defattr(-,root,root) %{_sbindir}/rcxl2tpd %{_sbindir}/xl2tpd %{_sbindir}/xl2tpd-control %{_bindir}/pfc %dir %{_sysconfdir}/xl2tpd %config(noreplace) %{_sysconfdir}/xl2tpd/* %config(noreplace) %{_sysconfdir}/ppp/* %attr(0755,root,root) %{_initrddir}/xl2tpd %ghost %{_localstatedir}/run/xl2tpd %if 0%{?has_systemd} %{_unitdir}/%{name}.service /usr/lib/modules-load.d/%{name}.conf %endif %files -n xl2tpd-doc %defattr(-,root,root) %doc BUGS CHANGES CREDITS LICENSE README.* TODO doc/rfc2661.txt %doc doc/README.patents examples/chapsecrets.sample %{_mandir}/*/* %changelog ++++++ Makefile.patch ++++++ --- ./Makefile.orig 2011-07-24 04:13:59.000000000 +0400 +++ ./Makefile 2011-10-19 05:27:27.451967117 +0400 @@ -47,13 +47,13 @@ # trust pppd. This work around will be removed in the near future. # DFLAGS= -g -DDEBUG_HELLO -DDEBUG_CLOSE -DDEBUG_FLOW -DDEBUG_PAYLOAD -DDEBUG_CONTROL -DDEBUG_CONTROL_XMIT -DDEBUG_FLOW_MORE -DDEBUG_MAGIC -DDEBUG_ENTROPY -DDEBUG_HIDDEN -DDEBUG_PPPD -DDEBUG_AAA -DDEBUG_FILE -DDEBUG_FLOW -DDEBUG_HELLO -DDEBUG_CLOSE -DDEBUG_ZLB -DDEBUG_AUTH -DFLAGS?= -DDEBUG_PPPD -DTRUST_PPPD_TO_DIE +#DFLAGS?= -DDEBUG_PPPD -DTRUST_PPPD_TO_DIE # Uncomment the next line for Linux. KERNELSRC is needed for if_pppol2tp.h, # but we use a local copy if we don't find it. # -#KERNELSRC=/lib/modules/`uname -r`/build/ -KERNELSRC?=./linux +KERNELSRC=/lib/modules/`uname -r`/build/ +#KERNELSRC?=./linux OSFLAGS?= -DLINUX -I$(KERNELSRC)/include/ # # Uncomment the following to use the kernel interface under Linux @@ -62,7 +62,7 @@ # are packages seperately (eg kernel-headers on Fedora) # Note: 2.6.23+ support still needs some changes in the xl2tpd source # -#OSFLAGS+= -DUSE_KERNEL +OSFLAGS+= -DUSE_KERNEL # # # Uncomment the next line for FreeBSD @@ -99,7 +99,7 @@ EXEC=xl2tpd CONTROL_EXEC=xl2tpd-control -PREFIX?=/usr/local +PREFIX?=/usr SBINDIR?=$(DESTDIR)${PREFIX}/sbin BINDIR?=$(DESTDIR)${PREFIX}/bin MANDIR?=$(DESTDIR)${PREFIX}/share/man ++++++ xl2tpd-1.3.0-0001-Add-kernel-support-for-2.6.32.patch ++++++ Index: xl2tpd-1.3.0/call.c =================================================================== --- xl2tpd-1.3.0.orig/call.c +++ xl2tpd-1.3.0/call.c @@ -680,6 +680,8 @@ struct call *get_call (int tunnel, int c st->peer.sin_port = port; st->refme = refme; st->refhim = refhim; + st->udp_fd = -1; + st->pppox_fd = -1; bcopy (&addr, &st->peer.sin_addr, sizeof (addr)); st->next = tunnels.head; tunnels.head = st; Index: xl2tpd-1.3.0/control.c =================================================================== --- xl2tpd-1.3.0.orig/control.c +++ xl2tpd-1.3.0/control.c @@ -596,6 +596,9 @@ int control_finish (struct tunnel *t, st if (gconfig.debug_state) l2tp_log (LOG_DEBUG, "%s: sending SCCCN\n", __FUNCTION__); control_xmit (buf); + + connect_pppol2tp(t); + /* Schedule a HELLO */ tv.tv_sec = HELLO_DELAY; tv.tv_usec = 0; @@ -608,6 +611,7 @@ int control_finish (struct tunnel *t, st "Connection established to %s, %d. Local: %d, Remote: %d (ref=%u/%u).\n", IPADDY (t->peer.sin_addr), ntohs (t->peer.sin_port), t->ourtid, t->tid, t->refme, t->refhim); + if (t->lac) { /* This is part of a LAC, so we want to go ahead @@ -635,6 +639,9 @@ int control_finish (struct tunnel *t, st IPADDY (t->peer.sin_addr), ntohs (t->peer.sin_port), t->ourtid, t->tid, t->refme, t->refhim, t->lns->entname); + + connect_pppol2tp(t); + /* Schedule a HELLO */ tv.tv_sec = HELLO_DELAY; tv.tv_usec = 0; Index: xl2tpd-1.3.0/l2tp.h =================================================================== --- xl2tpd-1.3.0.orig/l2tp.h +++ xl2tpd-1.3.0/l2tp.h @@ -167,6 +167,8 @@ struct tunnel int ourrws; /* Receive Window Size */ int rxspeed; /* Receive bps */ int txspeed; /* Transmit bps */ + int udp_fd; /* UDP fd */ + int pppox_fd; /* PPPOX tunnel fd */ struct call *self; struct lns *lns; /* LNS that owns us */ struct lac *lac; /* LAC that owns us */ @@ -220,6 +222,7 @@ extern void control_xmit (void *); extern int ppd; extern int switch_io; /* jz */ extern int control_fd; +extern int connect_pppol2tp(struct tunnel *t); extern int start_pppd (struct call *c, struct ppp_opts *); extern void magic_lac_dial (void *); extern int get_entropy (unsigned char *, int); Index: xl2tpd-1.3.0/linux/include/linux/if_pppol2tp.h =================================================================== --- xl2tpd-1.3.0.orig/linux/include/linux/if_pppol2tp.h +++ xl2tpd-1.3.0/linux/include/linux/if_pppol2tp.h @@ -36,6 +36,20 @@ struct pppol2tp_addr __u16 d_tunnel, d_session; /* For sending outgoing packets */ }; +/* The L2TPv3 protocol changes tunnel and session ids from 16 to 32 + * bits. So we need a different sockaddr structure. + */ +struct pppol2tpv3_addr { + pid_t pid; /* pid that owns the fd. + * 0 => current */ + int fd; /* FD of UDP or IP socket to use */ + + struct sockaddr_in addr; /* IP address and port to send to */ + + __u32 s_tunnel, s_session; /* For matching incoming packets */ + __u32 d_tunnel, d_session; /* For sending outgoing packets */ +}; + /* Socket options: * DEBUG - bitmask of debug message categories * SENDSEQ - 0 => don't send packets with sequence numbers Index: xl2tpd-1.3.0/network.c =================================================================== --- xl2tpd-1.3.0.orig/network.c +++ xl2tpd-1.3.0/network.c @@ -22,6 +22,7 @@ #include <unistd.h> #include <stdlib.h> #include <sys/ioctl.h> +#include <sys/wait.h> #ifndef LINUX # include <sys/uio.h> #endif @@ -36,6 +37,51 @@ int server_socket; /* Serve int kernel_support; /* Kernel Support there or not? */ #endif +#ifdef USE_KERNEL +void modprobe() { + char * modules[] = { "l2tp_ppp", "pppol2tp", NULL }; + char ** module; + char buf[256], *tok; + int pid, exit_status, fd; + + FILE * fmod = fopen("/proc/modules", "r"); + + if (fmod == NULL) + return; + + while (fgets(buf, 255, fmod) != NULL) { + if ((tok = strtok(buf, " ")) != NULL) { + for (module = modules; *module != NULL; ++module) { + if (!strcmp(*module, tok)) { + fclose(fmod); + return; + } + } + } + } + + fclose(fmod); + + for (module = modules; *module != NULL; ++module) { + if ((pid = fork()) >= 0) { + if (pid == 0) { + setenv("PATH", "/sbin:/usr/sbin:/bin:/usr/bin", 1); + if ((fd = open("/dev/null", O_RDWR)) > -1) { + dup2(fd, 1); + dup2(fd, 2); + } + execlp("modprobe", "modprobe", "-q", *module, (char *)NULL); + exit(1); + } else { + if ((pid = waitpid(pid, &exit_status, 0)) != -1 && WIFEXITED(exit_status)) { + if (WEXITSTATUS(exit_status) == 0) + return; + } + } + } + } +} +#endif int init_network (void) { @@ -45,6 +91,7 @@ int init_network (void) server.sin_family = AF_INET; server.sin_addr.s_addr = gconfig.listenaddr; server.sin_port = htons (gconfig.port); + int flags; if ((server_socket = socket (PF_INET, SOCK_DGRAM, 0)) < 0) { l2tp_log (LOG_CRIT, "%s: Unable to allocate socket. Terminating.\n", @@ -52,6 +99,10 @@ int init_network (void) return -EINVAL; }; + flags = 1; + setsockopt(server_socket, SOL_SOCKET, SO_REUSEADDR, &flags, sizeof(flags)); + setsockopt(server_socket, SOL_SOCKET, SO_NO_CHECK, &flags, sizeof(flags)); + if (bind (server_socket, (struct sockaddr *) &server, sizeof (server))) { close (server_socket); @@ -91,6 +142,7 @@ int init_network (void) } else { + modprobe(); int kernel_fd = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP); if (kernel_fd < 0) { @@ -321,6 +373,11 @@ int build_fdset (fd_set *readfds) while (tun) { + if (tun->udp_fd > -1) { + if (tun->udp_fd > max) + max = tun->udp_fd; + FD_SET (tun->udp_fd, readfds); + } call = tun->call_head; while (call) { @@ -390,6 +447,8 @@ void network_thread () struct iovec iov; char cbuf[256]; unsigned int refme, refhim; + int * currentfd; + int server_socket_processed; /* This one buffer can be recycled for everything except control packets */ buf = new_buf (MAX_RECV_SIZE); @@ -428,7 +487,21 @@ void network_thread () { do_control (); } - if (FD_ISSET (server_socket, &readfds)) + server_socket_processed = 0; + currentfd = NULL; + st = tunnels.head; + while (st || !server_socket_processed) { + if (st && (st->udp_fd == -1)) { + st=st->next; + continue; + } + if (st) { + currentfd = &st->udp_fd; + } else { + currentfd = &server_socket; + server_socket_processed = 1; + } + if (FD_ISSET (*currentfd, &readfds)) { /* * Okay, now we're ready for reading and processing new data. @@ -457,12 +530,19 @@ void network_thread () msgh.msg_flags = 0; /* Receive one packet. */ - recvsize = recvmsg(server_socket, &msgh, 0); + recvsize = recvmsg(*currentfd, &msgh, 0); if (recvsize < MIN_PAYLOAD_HDR_LEN) { if (recvsize < 0) { + if (errno == ECONNREFUSED) { + close(*currentfd); + } + if ((errno == ECONNREFUSED) || + (errno == EBADF)) { + *currentfd = -1; + } if (errno != EAGAIN) l2tp_log (LOG_WARNING, "%s: recvfrom returned error %d (%s)\n", @@ -567,6 +647,8 @@ void network_thread () } }; } + if (st) st=st->next; + } /* * finished obvious sources, look for data from PPP connections. @@ -639,3 +721,82 @@ void network_thread () } } + +int connect_pppol2tp(struct tunnel *t) { +#ifdef USE_KERNEL + if (kernel_support) { + int ufd = -1, fd2 = -1; + int flags; + struct sockaddr_pppol2tp sax; + + struct sockaddr_in server; + server.sin_family = AF_INET; + server.sin_addr.s_addr = gconfig.listenaddr; + server.sin_port = htons (gconfig.port); + if ((ufd = socket (PF_INET, SOCK_DGRAM, 0)) < 0) + { + l2tp_log (LOG_CRIT, "%s: Unable to allocate UDP socket. Terminating.\n", + __FUNCTION__); + return -EINVAL; + }; + + flags=1; + setsockopt(ufd, SOL_SOCKET, SO_REUSEADDR, &flags, sizeof(flags)); + setsockopt(ufd, SOL_SOCKET, SO_NO_CHECK, &flags, sizeof(flags)); + + if (bind (ufd, (struct sockaddr *) &server, sizeof (server))) + { + close (ufd); + l2tp_log (LOG_CRIT, "%s: Unable to bind UDP socket: %s. Terminating.\n", + __FUNCTION__, strerror(errno), errno); + return -EINVAL; + }; + server = t->peer; + flags = fcntl(ufd, F_GETFL); + if (flags == -1 || fcntl(ufd, F_SETFL, flags | O_NONBLOCK) == -1) { + l2tp_log (LOG_WARNING, "%s: Unable to set UDP socket nonblock.\n", + __FUNCTION__); + return -EINVAL; + } + if (connect (ufd, (struct sockaddr *) &server, sizeof(server)) < 0) { + l2tp_log (LOG_CRIT, "%s: Unable to connect UDP peer. Terminating.\n", + __FUNCTION__); + return -EINVAL; + } + + t->udp_fd=ufd; + + fd2 = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP); + if (fd2 < 0) { + l2tp_log (LOG_WARNING, "%s: Unable to allocate PPPoL2TP socket.\n", + __FUNCTION__); + return -EINVAL; + } + flags = fcntl(fd2, F_GETFL); + if (flags == -1 || fcntl(fd2, F_SETFL, flags | O_NONBLOCK) == -1) { + l2tp_log (LOG_WARNING, "%s: Unable to set PPPoL2TP socket nonblock.\n", + __FUNCTION__); + return -EINVAL; + } + sax.sa_family = AF_PPPOX; + sax.sa_protocol = PX_PROTO_OL2TP; + sax.pppol2tp.pid = 0; + sax.pppol2tp.fd = t->udp_fd; + sax.pppol2tp.addr.sin_addr.s_addr = t->peer.sin_addr.s_addr; + sax.pppol2tp.addr.sin_port = t->peer.sin_port; + sax.pppol2tp.addr.sin_family = AF_INET; + sax.pppol2tp.s_tunnel = t->ourtid; + sax.pppol2tp.s_session = 0; + sax.pppol2tp.d_tunnel = t->tid; + sax.pppol2tp.d_session = 0; + if ((connect(fd2, (struct sockaddr *)&sax, sizeof(sax))) < 0) { + l2tp_log (LOG_WARNING, "%s: Unable to connect PPPoL2TP socket. %d %s\n", + __FUNCTION__, errno, strerror(errno)); + close(fd2); + return -EINVAL; + } + t->pppox_fd = fd2; + } +#endif + return 0; +} Index: xl2tpd-1.3.0/xl2tpd.c =================================================================== --- xl2tpd-1.3.0.orig/xl2tpd.c +++ xl2tpd-1.3.0/xl2tpd.c @@ -278,7 +278,11 @@ void death_handler (int signal) struct tunnel *st, *st2; int sec; l2tp_log (LOG_CRIT, "%s: Fatal signal %d received\n", __FUNCTION__, signal); +#ifdef USE_KERNEL + if (kernel_support || signal != SIGTERM) { +#else if (signal != SIGTERM) { +#endif st = tunnels.head; while (st) { @@ -349,7 +353,7 @@ int start_pppd (struct call *c, struct p int flags; #endif int pos = 1; - int fd2; + int fd2 = -1; #ifdef DEBUG_PPPD int x; #endif @@ -397,7 +401,7 @@ int start_pppd (struct call *c, struct p sax.sa_family = AF_PPPOX; sax.sa_protocol = PX_PROTO_OL2TP; sax.pppol2tp.pid = 0; - sax.pppol2tp.fd = server_socket; + sax.pppol2tp.fd = c->container->udp_fd; sax.pppol2tp.addr.sin_addr.s_addr = c->container->peer.sin_addr.s_addr; sax.pppol2tp.addr.sin_port = c->container->peer.sin_port; sax.pppol2tp.addr.sin_family = AF_INET; @@ -408,6 +412,7 @@ int start_pppd (struct call *c, struct p if (connect(fd2, (struct sockaddr *)&sax, sizeof(sax)) < 0) { l2tp_log (LOG_WARNING, "%s: Unable to connect PPPoL2TP socket.\n", __FUNCTION__); + close(fd2); return -EINVAL; } stropt[pos++] = strdup ("plugin"); @@ -484,7 +489,7 @@ int start_pppd (struct call *c, struct p dup2 (fd2, 0); dup2 (fd2, 1); close(fd2); - + } /* close all the calls pty fds */ st = tunnels.head; while (st) @@ -492,12 +497,17 @@ int start_pppd (struct call *c, struct p sc = st->call_head; while (sc) { - close (sc->fd); +#ifdef USE_KERNEL + if (kernel_support) { + close(st->udp_fd); /* tunnel UDP fd */ + close(st->pppox_fd); /* tunnel PPPoX fd */ + } else +#endif + close (sc->fd); /* call pty fd */ sc = sc->next; } st = st->next; } - } /* close the UDP socket fd */ close (server_socket); @@ -615,6 +625,10 @@ void destroy_tunnel (struct tunnel *t) the memory pointed to by t->chal_us.vector at some other place */ if (t->chal_them.vector) free (t->chal_them.vector); + if (t->pppox_fd > -1 ) + close (t->pppox_fd); + if (t->udp_fd > -1 ) + close (t->udp_fd); free (t); free (me); } ++++++ xl2tpd.init.patch ++++++ --- packaging/suse/xl2tpd.init.orig 2010-05-04 12:01:25.000000000 +0200 +++ packaging/suse/xl2tpd.init 2010-05-04 12:08:08.000000000 +0200 @@ -17,8 +17,10 @@ # ### BEGIN INIT INFO # Provides: xl2tpd -# Required-Start: $syslog -# Required-Stop: $syslog +# Required-Start: $remote_fs $syslog $network +# Required-Stop: $remote_fs $syslog $network +# Should-Start: ypbind +# Should-Stop: ypbind # Default-Start: 3 5 # Default-Stop: 0 1 2 6 # Short-Description: Start xl2tpd (to provide L2TP VPN's) @@ -30,20 +32,11 @@ # not real dependencies. Depencies have to be handled by admin # resp. the configuration tools (s)he uses. -# Source SuSE config (if still necessary, most info has been moved) -test -r /etc/rc.config && . /etc/rc.config - # Check for missing binaries (stale symlinks should not happen) XL2TPD_BIN=/usr/sbin/xl2tpd -test -x $YPBIND_BIN || { echo "$YPBIND_BIN not installed"; - if [ "$1" = "stop" ]; then exit 0; else exit 5; fi; } - -# Check for existence of needed config file and read it -#XL2TPD_CONFIG=/etc/sysconfig/xl2tpd -#test -r $YPBIND_CONFIG || { echo "$YPBIND_CONFIG not existing"; -# if [ "$1" = "stop" ]; then exit 0; else exit 6; fi; } -#. $XL2TPD_CONFIG - +XL2TPD_PID=/var/run/xl2tpd/xl2tpd.pid +XL2TPD_CONF=/etc/xl2tpd/xl2tpd.conf +XL2TPD_PIDDIR=/var/run/xl2tpd # Shell functions sourced from /etc/rc.status: # rc_check check and set local and overall rc status # rc_status check and set local and overall rc status @@ -82,7 +75,10 @@ # NOTE: startproc returns 0, even if service is # already running to match LSB spec. - startproc $XL2TPD_BIN >/dev/null 2>&1 + if [ ! -d $XL2TPD_PIDDIR ]; then + mkdir -p $XL2TPD_PIDDIR + fi + startproc -p $XL2TPD_PID $XL2TPD_BIN # Remember status and be verbose rc_status -v @@ -92,8 +88,7 @@ ## Stop daemon with killproc(8) and if this fails ## set echo the echo return value. - killproc -TERM $XL2TPD_BIN - rm -f /var/run/xl2tpd/xl2tpd.pid + killproc -G -TERM $XL2TPD_BIN # Remember status and be verbose rc_status -v ;; @@ -123,13 +118,8 @@ ## do this on signal 1 (SIGHUP). ## If it does not support it, restart. echo -n "Reload service xl2tpd" - ## if it supports it: killproc -HUP $XL2TPD_BIN - #touch /var/run/xl2tpd/xl2tpd.pid rc_status -v - ## Otherwise: - #$0 stop && $0 start - #rc_status ;; reload) ## Like force-reload, but if daemon does not support @@ -137,7 +127,6 @@ # If it supports signalling: echo -n "Reload service xl2tpd" killproc -HUP $XL2TPD_BIN - #touch /var/run/xl2tpd.pid rc_status -v ## Otherwise if it does not support reload: #rc_failed 3 @@ -162,7 +151,7 @@ ## Optional: Probe for the necessity of a reload, ## print out the argument which is required for a reload. - test /etc/xl2tpd/xl2tpd.conf -nt /var/run/xltpd/xl2tpd.pid && echo reload + test $XL2TPD_CONF -nt $XL2TPD_PID && echo reload ;; *) echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}" ++++++ xl2tpd.service ++++++ [Unit] Description=Level 2 Tunnel Protocol Daemon (L2TP) After=syslog.target network.target After=ipsec.service # Some ISPs in Russia use l2tp without IPsec, so don't insist anymore #Wants=ipsec.service [Service] ExecStart=/usr/sbin/xl2tpd -D ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
