Home Explore Help
Register Sign In
wareck
/
openwrt_lede
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 488fc98adf
Branches Tags
openwrt_lede
/
package
/
network
/
services
/
ppp
/
patches
/
110-debian_defaultroute.patch

110-debian_defaultroute.patch 12 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313 
  1. pppd: Add "replacedefaultroute" and "noreplacedefaultroute" options
    2. 

  2. 

  3. This patch implements two new options, "replacedefaultroute" to replace any
    4. 

  4. existing system default route when specified and "noreplacedefaultroute" to
    5. 

  5. disable the "replacedefaultroute" option, which is useful in multi user
    6. 

  6. environments where the administrator wants to allow users to dial pppd
    7. 

  7. connections but not allow them to change the system default route.
    8. 

  8. 

  9. The patch originated from the Debian project.
    10. 

  10. 

  11. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
    12. 

  12. 

  13. --- a/pppd/ipcp.c
    14. 

  14. +++ b/pppd/ipcp.c
    15. 

  15. @@ -198,6 +198,14 @@ static option_t ipcp_option_list[] = {
    16. 

  16.        "disable defaultroute option", OPT_ALIAS | OPT_A2CLR,
    17. 

  17.        &ipcp_wantoptions[0].default_route },
    18. 

  18.  
    19. 

  19. +    { "replacedefaultroute", o_bool,
    20. 

  20. +				&ipcp_wantoptions[0].replace_default_route,
    21. 

  21. +      "Replace default route", 1
    22. 

  22. +    },
    23. 

  23. +    { "noreplacedefaultroute", o_bool,
    24. 

  24. +				&ipcp_allowoptions[0].replace_default_route,
    25. 

  25. +      "Never replace default route", OPT_A2COPY,
    26. 

  26. +				&ipcp_wantoptions[0].replace_default_route },
    27. 

  27.      { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp,
    28. 

  28.        "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp },
    29. 

  29.      { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp,
    30. 

  30. @@ -271,7 +279,7 @@ struct protent ipcp_protent = {
    31. 

  31.      ip_active_pkt
    32. 

  32.  };
    33. 

  33.  
    34. 

  34. -static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t));
    35. 

  35. +static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t, bool));
    36. 

  36.  static void ipcp_script __P((char *, int));	/* Run an up/down script */
    37. 

  37.  static void ipcp_script_done __P((void *));
    38. 

  38.  
    39. 

  39. @@ -1761,7 +1769,8 @@ ip_demand_conf(u)
    40. 

  40.      if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE))
    41. 

  41.  	return 0;
    42. 

  42.      if (wo->default_route)
    43. 

  43. -	if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr))
    44. 

  44. +	if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr,
    45. 

  45. +		wo->replace_default_route))
    46. 

  46.  	    default_route_set[u] = 1;
    47. 

  47.      if (wo->proxy_arp)
    48. 

  48.  	if (sifproxyarp(u, wo->hisaddr))
    49. 

  49. @@ -1849,7 +1858,8 @@ ipcp_up(f)
    50. 

  50.       */
    51. 

  51.      if (demand) {
    52. 

  52.  	if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) {
    53. 

  53. -	    ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr);
    54. 

  54. +	    ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr,
    55. 

  55. +				      wo->replace_default_route);
    56. 

  56.  	    if (go->ouraddr != wo->ouraddr) {
    57. 

  57.  		warn("Local IP address changed to %I", go->ouraddr);
    58. 

  58.  		script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0);
    59. 

  59. @@ -1874,7 +1884,8 @@ ipcp_up(f)
    60. 

  60.  
    61. 

  61.  	    /* assign a default route through the interface if required */
    62. 

  62.  	    if (ipcp_wantoptions[f->unit].default_route) 
    63. 

  63. -		if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
    64. 

  64. +		if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
    65. 

  65. +			wo->replace_default_route))
    66. 

  66.  		    default_route_set[f->unit] = 1;
    67. 

  67.  
    68. 

  68.  	    /* Make a proxy ARP entry if requested. */
    69. 

  69. @@ -1924,7 +1935,8 @@ ipcp_up(f)
    70. 

  70.  
    71. 

  71.  	/* assign a default route through the interface if required */
    72. 

  72.  	if (ipcp_wantoptions[f->unit].default_route) 
    73. 

  73. -	    if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
    74. 

  74. +	    if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
    75. 

  75. +		    wo->replace_default_route))
    76. 

  76.  		default_route_set[f->unit] = 1;
    77. 

  77.  
    78. 

  78.  	/* Make a proxy ARP entry if requested. */
    79. 

  79. @@ -2002,7 +2014,7 @@ ipcp_down(f)
    80. 

  80.  	sifnpmode(f->unit, PPP_IP, NPMODE_DROP);
    81. 

  81.  	sifdown(f->unit);
    82. 

  82.  	ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr,
    83. 

  83. -			 ipcp_hisoptions[f->unit].hisaddr);
    84. 

  84. +			 ipcp_hisoptions[f->unit].hisaddr, 0);
    85. 

  85.      }
    86. 

  86.  
    87. 

  87.      /* Execute the ip-down script */
    88. 

  88. @@ -2018,16 +2030,25 @@ ipcp_down(f)
    89. 

  89.   * proxy arp entries, etc.
    90. 

  90.   */
    91. 

  91.  static void
    92. 

  92. -ipcp_clear_addrs(unit, ouraddr, hisaddr)
    93. 

  93. +ipcp_clear_addrs(unit, ouraddr, hisaddr, replacedefaultroute)
    94. 

  94.      int unit;
    95. 

  95.      u_int32_t ouraddr;  /* local address */
    96. 

  96.      u_int32_t hisaddr;  /* remote address */
    97. 

  97. +    bool replacedefaultroute;
    98. 

  98.  {
    99. 

  99.      if (proxy_arp_set[unit]) {
    100. 

  100.  	cifproxyarp(unit, hisaddr);
    101. 

  101.  	proxy_arp_set[unit] = 0;
    102. 

  102.      }
    103. 

  103. -    if (default_route_set[unit]) {
    104. 

  104. +    /* If replacedefaultroute, sifdefaultroute will be called soon
    105. 

  105. +     * with replacedefaultroute set and that will overwrite the current
    106. 

  106. +     * default route. This is the case only when doing demand, otherwise
    107. 

  107. +     * during demand, this cifdefaultroute would restore the old default
    108. 

  108. +     * route which is not what we want in this case. In the non-demand
    109. 

  109. +     * case, we'll delete the default route and restore the old if there
    110. 

  110. +     * is one saved by an sifdefaultroute with replacedefaultroute.
    111. 

  111. +     */
    112. 

  112. +    if (!replacedefaultroute && default_route_set[unit]) {
    113. 

  113.  	cifdefaultroute(unit, ouraddr, hisaddr);
    114. 

  114.  	default_route_set[unit] = 0;
    115. 

  115.      }
    116. 

  116. --- a/pppd/ipcp.h
    117. 

  117. +++ b/pppd/ipcp.h
    118. 

  118. @@ -70,6 +70,7 @@ typedef struct ipcp_options {
    119. 

  119.      bool old_addrs;		/* Use old (IP-Addresses) option? */
    120. 

  120.      bool req_addr;		/* Ask peer to send IP address? */
    121. 

  121.      bool default_route;		/* Assign default route through interface? */
    122. 

  122. +    bool replace_default_route;	/* Replace default route through interface? */
    123. 

  123.      bool proxy_arp;		/* Make proxy ARP entry for peer? */
    124. 

  124.      bool neg_vj;		/* Van Jacobson Compression? */
    125. 

  125.      bool old_vj;		/* use old (short) form of VJ option? */
    126. 

  126. --- a/pppd/pppd.8
    127. 

  127. +++ b/pppd/pppd.8
    128. 

  128. @@ -121,6 +121,11 @@ the gateway, when IPCP negotiation is su
    129. 

  129.  This entry is removed when the PPP connection is broken.  This option
    130. 

  130.  is privileged if the \fInodefaultroute\fR option has been specified.
    131. 

  131.  .TP
    132. 

  132. +.B replacedefaultroute
    133. 

  133. +This option is a flag to the defaultroute option. If defaultroute is
    134. 

  134. +set and this flag is also set, pppd replaces an existing default route
    135. 

  135. +with the new default route.
    136. 

  136. +.TP
    137. 

  137.  .B disconnect \fIscript
    138. 

  138.  Execute the command specified by \fIscript\fR, by passing it to a
    139. 

  139.  shell, after
    140. 

  140. @@ -734,7 +739,12 @@ disable both forms of hardware flow cont
    141. 

  141.  .TP
    142. 

  142.  .B nodefaultroute
    143. 

  143.  Disable the \fIdefaultroute\fR option.  The system administrator who
    144. 

  144. -wishes to prevent users from creating default routes with pppd
    145. 

  145. +wishes to prevent users from adding a default route with pppd
    146. 

  146. +can do so by placing this option in the /etc/ppp/options file.
    147. 

  147. +.TP
    148. 

  148. +.B noreplacedefaultroute
    149. 

  149. +Disable the \fIreplacedefaultroute\fR option. The system administrator who
    150. 

  150. +wishes to prevent users from replacing a default route with pppd
    151. 

  151.  can do so by placing this option in the /etc/ppp/options file.
    152. 

  152.  .TP
    153. 

  153.  .B nodeflate
    154. 

  154. --- a/pppd/pppd.h
    155. 

  155. +++ b/pppd/pppd.h
    156. 

  156. @@ -667,7 +667,7 @@ int  sif6addr __P((int, eui64_t, eui64_t
    157. 

  157.  int  cif6addr __P((int, eui64_t, eui64_t));
    158. 

  158.  				/* Remove an IPv6 address from i/f */
    159. 

  159.  #endif
    160. 

  160. -int  sifdefaultroute __P((int, u_int32_t, u_int32_t));
    161. 

  161. +int  sifdefaultroute __P((int, u_int32_t, u_int32_t, bool replace_default_rt));
    162. 

  162.  				/* Create default route through i/f */
    163. 

  163.  int  cifdefaultroute __P((int, u_int32_t, u_int32_t));
    164. 

  164.  				/* Delete default route through i/f */
    165. 

  165. --- a/pppd/sys-linux.c
    166. 

  166. +++ b/pppd/sys-linux.c
    167. 

  167. @@ -207,6 +207,8 @@ static unsigned char inbuf[512]; /* buff
    168. 

  168.  static int	if_is_up;	/* Interface has been marked up */
    169. 

  169.  static int	if6_is_up;	/* Interface has been marked up for IPv6, to help differentiate */
    170. 

  170.  static int	have_default_route;	/* Gateway for default route added */
    171. 

  171. +static struct	rtentry old_def_rt;	/* Old default route */
    172. 

  172. +static int	default_rt_repl_rest;	/* replace and restore old default rt */
    173. 

  173.  static u_int32_t proxy_arp_addr;	/* Addr for proxy arp entry added */
    174. 

  174.  static char proxy_arp_dev[16];		/* Device for proxy arp entry */
    175. 

  175.  static u_int32_t our_old_addr;		/* for detecting address changes */
    176. 

  176. @@ -1552,6 +1554,9 @@ static int read_route_table(struct rtent
    177. 

  177.  	p = NULL;
    178. 

  178.      }
    179. 

  179.  
    180. 

  180. +    SET_SA_FAMILY (rt->rt_dst,     AF_INET);
    181. 

  181. +    SET_SA_FAMILY (rt->rt_gateway, AF_INET);
    182. 

  182. +
    183. 

  183.      SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16);
    184. 

  184.      SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16);
    185. 

  185.      SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16);
    186. 

  186. @@ -1621,20 +1626,51 @@ int have_route_to(u_int32_t addr)
    187. 

  187.  /********************************************************************
    188. 

  188.   *
    189. 

  189.   * sifdefaultroute - assign a default route through the address given.
    190. 

  190. - */
    191. 

  191. -
    192. 

  192. -int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway)
    193. 

  193. -{
    194. 

  194. -    struct rtentry rt;
    195. 

  195. -
    196. 

  196. -    if (defaultroute_exists(&rt) && strcmp(rt.rt_dev, ifname) != 0) {
    197. 

  197. -	if (rt.rt_flags & RTF_GATEWAY)
    198. 

  198. -	    error("not replacing existing default route via %I",
    199. 

  199. -		  SIN_ADDR(rt.rt_gateway));
    200. 

  200. -	else
    201. 

  201. + *
    202. 

  202. + * If the global default_rt_repl_rest flag is set, then this function
    203. 

  203. + * already replaced the original system defaultroute with some other
    204. 

  204. + * route and it should just replace the current defaultroute with
    205. 

  205. + * another one, without saving the current route. Use: demand mode,
    206. 

  206. + * when pppd sets first a defaultroute it it's temporary ppp0 addresses
    207. 

  207. + * and then changes the temporary addresses to the addresses for the real
    208. 

  208. + * ppp connection when it has come up.
    209. 

  209. + */
    210. 

  210. +
    211. 

  211. +int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway, bool replace)
    212. 

  212. +{
    213. 

  213. +    struct rtentry rt, tmp_rt;
    214. 

  214. +    struct rtentry *del_rt = NULL;
    215. 

  215. +
    216. 

  216. +    if (default_rt_repl_rest) {
    217. 

  217. +	/* We have already reclaced the original defaultroute, if we
    218. 

  218. +	   are called again, we will delete the current default route
    219. 

  219. +	   and set the new default route in this function.
    220. 

  220. +	   - this is normally only the case the doing demand: */
    221. 

  221. +	if (defaultroute_exists(&tmp_rt))
    222. 

  222. +	    del_rt = &tmp_rt;
    223. 

  223. +    } else if (defaultroute_exists(&old_def_rt) &&
    224. 

  224. +	       strcmp(old_def_rt.rt_dev, ifname) != 0) {
    225. 

  225. +	/* We did not yet replace an existing default route, let's
    226. 

  226. +	   check if we should save and replace a default route: */
    227. 

  227. +	if (old_def_rt.rt_flags & RTF_GATEWAY) {
    228. 

  228. +	    if (!replace) {
    229. 

  229. +		error("not replacing existing default route via %I",
    230. 

  230. +		      SIN_ADDR(old_def_rt.rt_gateway));
    231. 

  231. +		return 0;
    232. 

  232. +	    } else {
    233. 

  233. +		/* we need to copy rt_dev because we need it permanent too: */
    234. 

  234. +		char *tmp_dev = malloc(strlen(old_def_rt.rt_dev) + 1);
    235. 

  235. +		strcpy(tmp_dev, old_def_rt.rt_dev);
    236. 

  236. +		old_def_rt.rt_dev = tmp_dev;
    237. 

  237. +
    238. 

  238. +		notice("replacing old default route to %s [%I]",
    239. 

  239. +			old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway));
    240. 

  240. +		default_rt_repl_rest = 1;
    241. 

  241. +		del_rt = &old_def_rt;
    242. 

  242. +	    }
    243. 

  243. +	} else
    244. 

  244.  	    error("not replacing existing default route through %s",
    245. 

  245. -		  rt.rt_dev);
    246. 

  246. -	return 0;
    247. 

  247. +		  old_def_rt.rt_dev);
    248. 

  248.      }
    249. 

  249.  
    250. 

  250.      memset (&rt, 0, sizeof (rt));
    251. 

  251. @@ -1649,10 +1685,16 @@ int sifdefaultroute (int unit, u_int32_t
    252. 

  252.  
    253. 

  253.      rt.rt_flags = RTF_UP;
    254. 

  254.      if (ioctl(sock_fd, SIOCADDRT, &rt) < 0) {
    255. 

  255. -	if ( ! ok_error ( errno ))
    256. 

  256. +	if (!ok_error(errno))
    257. 

  257.  	    error("default route ioctl(SIOCADDRT): %m");
    258. 

  258.  	return 0;
    259. 

  259.      }
    260. 

  260. +    if (default_rt_repl_rest && del_rt)
    261. 

  261. +        if (ioctl(sock_fd, SIOCDELRT, del_rt) < 0) {
    262. 

  262. +	    if (!ok_error(errno))
    263. 

  263. +	        error("del old default route ioctl(SIOCDELRT): %m");
    264. 

  264. +	    return 0;
    265. 

  265. +        }
    266. 

  266.  
    267. 

  267.      have_default_route = 1;
    268. 

  268.      return 1;
    269. 

  269. @@ -1683,11 +1725,21 @@ int cifdefaultroute (int unit, u_int32_t
    270. 

  270.      rt.rt_flags = RTF_UP;
    271. 

  271.      if (ioctl(sock_fd, SIOCDELRT, &rt) < 0 && errno != ESRCH) {
    272. 

  272.  	if (still_ppp()) {
    273. 

  273. -	    if ( ! ok_error ( errno ))
    274. 

  274. +	    if (!ok_error(errno))
    275. 

  275.  		error("default route ioctl(SIOCDELRT): %m");
    276. 

  276.  	    return 0;
    277. 

  277.  	}
    278. 

  278.      }
    279. 

  279. +    if (default_rt_repl_rest) {
    280. 

  280. +	notice("restoring old default route to %s [%I]",
    281. 

  281. +		old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway));
    282. 

  282. +        if (ioctl(sock_fd, SIOCADDRT, &old_def_rt) < 0) {
    283. 

  283. +	    if (!ok_error(errno))
    284. 

  284. +	        error("restore default route ioctl(SIOCADDRT): %m");
    285. 

  285. +	    return 0;
    286. 

  286. +        }
    287. 

  287. +        default_rt_repl_rest = 0;
    288. 

  288. +    }
    289. 

  289.  
    290. 

  290.      return 1;
    291. 

  291.  }
    292. 

  292. --- a/pppd/sys-solaris.c
    293. 

  293. +++ b/pppd/sys-solaris.c
    294. 

  294. @@ -2039,12 +2039,18 @@ cifaddr(u, o, h)
    295. 

  295.   * sifdefaultroute - assign a default route through the address given.
    296. 

  296.   */
    297. 

  297.  int
    298. 

  298. -sifdefaultroute(u, l, g)
    299. 

  299. +sifdefaultroute(u, l, g, replace)
    300. 

  300.      int u;
    301. 

  301.      u_int32_t l, g;
    302. 

  302. +    bool replace;
    303. 

  303.  {
    304. 

  304.      struct rtentry rt;
    305. 

  305.  
    306. 

  306. +    if (replace) {
    307. 

  307. +	error("replacedefaultroute not supported on this platform");
    308. 

  308. +	return 0;
    309. 

  309. +    }
    310. 

  310. +
    311. 

  311.  #if defined(__USLC__)
    312. 

  312.      g = l;			/* use the local address as gateway */
    313. 

  313.  #endif
    314.