| From eefd06639cef7a97bd50e06725e5cabd299f1263 Mon Sep 17 00:00:00 2001 |
| From: Ben Chan <benchan@chromium.org> |
| Date: Tue, 1 Nov 2011 17:05:56 -0700 |
| Subject: [PATCH] Patch xl2tpd-1.3.0 to exclude certain AVPs from L2TP control |
| packets. |
| |
| Certain AVPs (see RFC 2661 for details) included in L2TP control packets |
| by xl2tpd seem to be rejected by some VPN servers such as Check Point |
| VPN. Those AVPs are either optional or not used in our use cases. This |
| CL patches xl2tpd-1.3.0 to work around the issue by excluding those AVPs |
| from L2TP control packets. |
| |
| BUG=chromium-os:22386 |
| TEST=Verified the following: |
| 1. Connected successfully to Check Point VPN server. |
| 2. Connected successfully to Windows 2008 RRAS server, Cisco ASA 5505 |
| and StrongSWAN VPN server with L2TP/IPsec pre-shared key to make sure |
| the existing VPN support still works fine. |
| 3. network_VPN autotest test suite passed. |
| |
| Change-Id: I3474b62521b16fe55682d13f3716daec9c721edc |
| Reviewed-on: https://gerrit.chromium.org/gerrit/11021 |
| Reviewed-by: Ken Mixter <kmixter@chromium.org> |
| Tested-by: Ben Chan <benchan@chromium.org> |
| --- |
| avpsend.c | 13 +++++++++++++ |
| 1 file changed, 13 insertions(+) |
| |
| diff --git a/avpsend.c b/avpsend.c |
| index 7ba470a..c4b6326 100644 |
| --- a/avpsend.c |
| +++ b/avpsend.c |
| @@ -18,6 +18,13 @@ |
| #include <sys/utsname.h> |
| #include "l2tp.h" |
| |
| +/* |
| + * Several AVPs seem to be rejected by some VPN servers such as Check Point VPN. |
| + * This macro is defined to exclude those AVPs from L2TP control packets as a |
| + * workaround. |
| + */ |
| +#define XL2TPD_WORK_AROUND_AVP_ISSUES |
| + |
| struct half_words { |
| _u16 s0; |
| _u16 s1; |
| @@ -86,10 +93,12 @@ int add_bearer_caps_avp (struct buffer *buf, _u16 caps) |
| |
| int add_firmware_avp (struct buffer *buf) |
| { |
| +#ifndef XL2TPD_WORK_AROUND_AVP_ISSUES |
| struct half_words *ptr = (struct half_words *) (buf->start + buf->len + sizeof(struct avp_hdr)); |
| add_nonmandatory_header(buf, 0x8, 0x6); |
| ptr->s0 = htons (FIRMWARE_REV); |
| buf->len += 0x8; |
| +#endif /* XL2TPD_WORK_AROUND_AVP_ISSUES */ |
| return 0; |
| } |
| |
| @@ -108,9 +117,11 @@ int add_hostname_avp (struct buffer *buf, const char *hostname) |
| |
| int add_vendor_avp (struct buffer *buf) |
| { |
| +#ifndef XL2TPD_WORK_AROUND_AVP_ISSUES |
| add_nonmandatory_header(buf, 0x6 + strlen (VENDOR_NAME), 0x8); |
| strcpy ((char *) (buf->start + buf->len + sizeof(struct avp_hdr)), VENDOR_NAME); |
| buf->len += 0x6 + strlen (VENDOR_NAME); |
| +#endif /* XL2TPD_WORK_AROUND_AVP_ISSUES */ |
| return 0; |
| } |
| |
| @@ -232,11 +243,13 @@ int add_txspeed_avp (struct buffer *buf, int speed) |
| |
| int add_rxspeed_avp (struct buffer *buf, int speed) |
| { |
| +#ifndef XL2TPD_WORK_AROUND_AVP_ISSUES |
| struct half_words *ptr = (struct half_words *) (buf->start + buf->len + sizeof(struct avp_hdr)); |
| add_nonmandatory_header(buf, 0xA, 0x26); |
| ptr->s0 = htons ((speed >> 16) & 0xFFFF); |
| ptr->s1 = htons (speed & 0xFFFF); |
| buf->len += 0xA; |
| +#endif /* XL2TPD_WORK_AROUND_AVP_ISSUES */ |
| return 0; |
| } |
| |
| -- |
| 2.21.0.392.gf8f6787159e-goog |
| |