* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
/*
* TODO:
*/
"disable defaultroute option", OPT_ALIAS | OPT_A2CLR,
&ipcp_wantoptions[0].default_route },
+#ifdef __linux__
+ { "replacedefaultroute", o_bool,
+ &ipcp_wantoptions[0].replace_default_route,
+ "Replace default route", OPT_PRIV | 1
+ },
+ { "noreplacedefaultroute", o_bool,
+ &ipcp_wantoptions[0].replace_default_route,
+ "Do not replace default route", 0 },
+#endif
{ "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp,
"Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp },
{ "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp,
ip_active_pkt
};
-static void ipcp_clear_addrs (int, u_int32_t, u_int32_t);
+static void ipcp_clear_addrs (int, u_int32_t, u_int32_t, bool);
static void ipcp_script (char *, int); /* Run an up/down script */
static void ipcp_script_done (void *);
ipcp_options *go = &ipcp_gotoptions[f->unit];
ipcp_options *ao = &ipcp_allowoptions[f->unit];
- wo->req_addr = (wo->neg_addr || wo->old_addrs) &&
- (ao->neg_addr || ao->old_addrs);
+ wo->req_addr = ((wo->neg_addr || wo->old_addrs) &&
+ (ao->neg_addr || ao->old_addrs)) ||
+ (wo->hisaddr && !wo->accept_remote);
if (wo->ouraddr == 0)
wo->accept_local = 1;
if (wo->hisaddr == 0)
static int
ipcp_nakci(fsm *f, u_char *p, int len, int treat_as_reject)
{
+ ipcp_options *wo = &ipcp_wantoptions[f->unit];
ipcp_options *go = &ipcp_gotoptions[f->unit];
u_char cimaxslotindex, cicflag;
u_char citype, cilen, *next;
GETLONG(l, p);
ciaddr1 = htonl(l);
if (ciaddr1 && go->accept_local)
- try.ouraddr = ciaddr1;
+ try.ouraddr = wo->old_addrs ? ciaddr1 : 0;
GETLONG(l, p);
ciaddr2 = htonl(l);
if (ciaddr2 && go->accept_remote)
ciaddr1 = htonl(l);
if (ciaddr1 && go->accept_local)
try.ouraddr = ciaddr1;
- if (try.ouraddr != 0)
+ if (try.ouraddr != 0 && wo->neg_addr)
try.neg_addr = 1;
no.neg_addr = 1;
break;
if (ciaddr2 != wo->ouraddr) {
if (ciaddr2 == 0 || !wo->accept_local) {
orc = CONFNAK;
- if (!reject_if_disagree) {
+ if (!reject_if_disagree && wo->old_addrs) {
DECPTR(sizeof(u_int32_t), p);
tl = ntohl(wo->ouraddr);
PUTLONG(tl, p);
* option safely.
*/
if (rc != CONFREJ && !ho->neg_addr && !ho->old_addrs &&
- wo->req_addr && !reject_if_disagree && !noremoteip) {
+ wo->req_addr && !reject_if_disagree &&
+ ((wo->hisaddr && !wo->accept_remote) || !noremoteip)) {
if (rc == CONFACK) {
rc = CONFNAK;
ucp = inp; /* reset pointer */
if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE))
return 0;
if (wo->default_route)
- if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr))
+ if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr,
+ wo->replace_default_route))
default_route_set[u] = 1;
if (wo->proxy_arp)
if (sifproxyarp(u, wo->hisaddr))
/*
* We must have a non-zero IP address for both ends of the link.
*/
+
+ if (wo->hisaddr && !wo->accept_remote && (!(ho->neg_addr || ho->old_addrs) || ho->hisaddr != wo->hisaddr)) {
+ error("Peer refused to agree to his IP address");
+ ipcp_close(f->unit, "Refused his IP address");
+ return;
+ }
if (!ho->neg_addr && !ho->old_addrs)
ho->hisaddr = wo->hisaddr;
*/
if (demand) {
if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) {
- ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr);
+ ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr,
+ wo->replace_default_route);
if (go->ouraddr != wo->ouraddr) {
warn("Local IP address changed to %I", go->ouraddr);
script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0);
wo->ouraddr = go->ouraddr;
} else
script_unsetenv("OLDIPLOCAL");
- if (ho->hisaddr != wo->hisaddr && wo->hisaddr != 0) {
+ if (ho->hisaddr != wo->hisaddr) {
warn("Remote IP address changed to %I", ho->hisaddr);
- script_setenv("OLDIPREMOTE", ip_ntoa(wo->hisaddr), 0);
+ if (wo->hisaddr != 0)
+ script_setenv("OLDIPREMOTE", ip_ntoa(wo->hisaddr), 0);
wo->hisaddr = ho->hisaddr;
} else
script_unsetenv("OLDIPREMOTE");
/* assign a default route through the interface if required */
if (ipcp_wantoptions[f->unit].default_route)
- if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
+ wo->replace_default_route))
default_route_set[f->unit] = 1;
/* Make a proxy ARP entry if requested. */
/* assign a default route through the interface if required */
if (ipcp_wantoptions[f->unit].default_route)
- if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
+ wo->replace_default_route))
default_route_set[f->unit] = 1;
/* Make a proxy ARP entry if requested. */
*/
if (ipcp_script_state == s_down && ipcp_script_pid == 0) {
ipcp_script_state = s_up;
- ipcp_script(_PATH_IPUP, 0);
+ ipcp_script(path_ipup, 0);
}
}
sifnpmode(f->unit, PPP_IP, NPMODE_DROP);
sifdown(f->unit);
ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr,
- ipcp_hisoptions[f->unit].hisaddr);
+ ipcp_hisoptions[f->unit].hisaddr, 0);
}
/* Execute the ip-down script */
if (ipcp_script_state == s_up && ipcp_script_pid == 0) {
ipcp_script_state = s_down;
- ipcp_script(_PATH_IPDOWN, 0);
+ ipcp_script(path_ipdown, 0);
}
}
* proxy arp entries, etc.
*/
static void
-ipcp_clear_addrs(int unit, u_int32_t ouraddr, u_int32_t hisaddr)
+ipcp_clear_addrs(int unit, u_int32_t ouraddr, u_int32_t hisaddr, bool replacedefaultroute)
{
if (proxy_arp_set[unit]) {
cifproxyarp(unit, hisaddr);
proxy_arp_set[unit] = 0;
}
- if (default_route_set[unit]) {
+ /* If replacedefaultroute, sifdefaultroute will be called soon
+ * with replacedefaultroute set and that will overwrite the current
+ * default route. This is the case only when doing demand, otherwise
+ * during demand, this cifdefaultroute would restore the old default
+ * route which is not what we want in this case. In the non-demand
+ * case, we'll delete the default route and restore the old if there
+ * is one saved by an sifdefaultroute with replacedefaultroute.
+ */
+ if (!replacedefaultroute && default_route_set[unit]) {
cifdefaultroute(unit, ouraddr, hisaddr);
default_route_set[unit] = 0;
}
case s_up:
if (ipcp_fsm[0].state != OPENED) {
ipcp_script_state = s_down;
- ipcp_script(_PATH_IPDOWN, 0);
+ ipcp_script(path_ipdown, 0);
}
break;
case s_down:
if (ipcp_fsm[0].state == OPENED) {
ipcp_script_state = s_up;
- ipcp_script(_PATH_IPUP, 0);
+ ipcp_script(path_ipup, 0);
}
break;
}