mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2025-07-08 00:34:57 +03:00
Merge pull request #133 from yehorov/master
Add the possibility to send the Virtual Hub Name to an external DHCP server
This commit is contained in:
Daiyuu Nobori
GitHub
@ -700,6 +700,8 @@ void DataToHubOptionStruct(HUB_OPTION *o, RPC_ADMIN_OPTION *ao)
|
||||
GetHubAdminOptionDataAndSet(ao, "SecureNAT_RandomizeAssignIp", &o->SecureNAT_RandomizeAssignIp);
|
||||
GetHubAdminOptionDataAndSet(ao, "DetectDormantSessionInterval", &o->DetectDormantSessionInterval);
|
||||
GetHubAdminOptionDataAndSet(ao, "NoPhysicalIPOnPacketLog", &o->NoPhysicalIPOnPacketLog);
|
||||
GetHubAdminOptionDataAndSet(ao, "UseHubNameAsDhcpUserClassOption", &o->UseHubNameAsDhcpUserClassOption);
|
||||
GetHubAdminOptionDataAndSet(ao, "UseHubNameAsRadiusNasId", &o->UseHubNameAsRadiusNasId);
|
||||
}
|
||||
|
||||
// Convert the contents of the HUB_OPTION to data
|
||||
@ -771,6 +773,8 @@ void HubOptionStructToData(RPC_ADMIN_OPTION *ao, HUB_OPTION *o, char *hub_name)
|
||||
Add(aol, NewAdminOption("SecureNAT_RandomizeAssignIp", o->SecureNAT_RandomizeAssignIp));
|
||||
Add(aol, NewAdminOption("DetectDormantSessionInterval", o->DetectDormantSessionInterval));
|
||||
Add(aol, NewAdminOption("NoPhysicalIPOnPacketLog", o->NoPhysicalIPOnPacketLog));
|
||||
Add(aol, NewAdminOption("UseHubNameAsDhcpUserClassOption", o->UseHubNameAsDhcpUserClassOption));
|
||||
Add(aol, NewAdminOption("UseHubNameAsRadiusNasId", o->UseHubNameAsRadiusNasId));
|
||||
|
||||
Zero(ao, sizeof(RPC_ADMIN_OPTION));
|
||||
|
||||
|
||||
@ -281,6 +281,8 @@ struct HUB_OPTION
|
||||
bool SecureNAT_RandomizeAssignIp; // Randomize the assignment IP address for new DHCP client
|
||||
UINT DetectDormantSessionInterval; // Interval (seconds) threshold to detect a dormant VPN session
|
||||
bool NoPhysicalIPOnPacketLog; // Disable saving physical IP address on the packet log
|
||||
bool UseHubNameAsDhcpUserClassOption; // Add HubName to DHCP request as User-Class option
|
||||
bool UseHubNameAsRadiusNasId; // Add HubName to Radius request as NAS-Identifier attrioption
|
||||
};
|
||||
|
||||
// MAC table entry
|
||||
|
||||
@ -679,6 +679,24 @@ void FreeIPC(IPC *ipc)
|
||||
Free(ipc);
|
||||
}
|
||||
|
||||
// Set User Class option if corresponding Virtual Hub optin is set
|
||||
void IPCDhcpSetConditionalUserClass(IPC *ipc, DHCP_OPTION_LIST *req)
|
||||
{
|
||||
HUB *hub;
|
||||
|
||||
hub = GetHub(ipc->Cedar, ipc->HubName);
|
||||
if (hub == NULL)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
if (hub->Option && hub->Option->UseHubNameAsDhcpUserClassOption == true)
|
||||
{
|
||||
StrCpy(req->UserClass, sizeof(req->UserClass), ipc->HubName);
|
||||
}
|
||||
ReleaseHub(hub);
|
||||
}
|
||||
|
||||
// Release the IP address from the DHCP server
|
||||
void IPCDhcpFreeIP(IPC *ipc, IP *dhcp_server)
|
||||
{
|
||||
@ -693,6 +711,7 @@ void IPCDhcpFreeIP(IPC *ipc, IP *dhcp_server)
|
||||
Zero(&req, sizeof(req));
|
||||
req.Opcode = DHCP_RELEASE;
|
||||
req.ServerAddress = IPToUINT(dhcp_server);
|
||||
IPCDhcpSetConditionalUserClass(ipc, &req);
|
||||
|
||||
FreeDHCPv4Data(IPCSendDhcpRequest(ipc, NULL, tran_id, &req, 0, 0, NULL));
|
||||
}
|
||||
@ -713,6 +732,7 @@ void IPCDhcpRenewIP(IPC *ipc, IP *dhcp_server)
|
||||
req.Opcode = DHCP_REQUEST;
|
||||
StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname);
|
||||
req.RequestedIp = IPToUINT(&ipc->ClientIPAddress);
|
||||
IPCDhcpSetConditionalUserClass(ipc, &req);
|
||||
|
||||
FreeDHCPv4Data(IPCSendDhcpRequest(ipc, dhcp_server, tran_id, &req, 0, 0, NULL));
|
||||
}
|
||||
@ -735,6 +755,7 @@ bool IPCDhcpRequestInformIP(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_t
|
||||
req.Opcode = DHCP_INFORM;
|
||||
req.ClientAddress = IPToUINT(client_ip);
|
||||
StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname);
|
||||
IPCDhcpSetConditionalUserClass(ipc, &req);
|
||||
|
||||
d = IPCSendDhcpRequest(ipc, NULL, tran_id, &req, DHCP_ACK, IPC_DHCP_TIMEOUT, discon_poll_tube);
|
||||
if (d == NULL)
|
||||
@ -799,6 +820,7 @@ LABEL_RETRY_FOR_OPENVPN:
|
||||
req.RequestedIp = request_ip;
|
||||
req.Opcode = DHCP_DISCOVER;
|
||||
StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname);
|
||||
IPCDhcpSetConditionalUserClass(ipc, &req);
|
||||
|
||||
d = IPCSendDhcpRequest(ipc, NULL, tran_id, &req, DHCP_OFFER, IPC_DHCP_TIMEOUT, discon_poll_tube);
|
||||
if (d == NULL)
|
||||
@ -909,6 +931,7 @@ LABEL_RETRY_FOR_OPENVPN:
|
||||
StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname);
|
||||
req.ServerAddress = d->ParsedOptionList->ServerAddress;
|
||||
req.RequestedIp = d->ParsedOptionList->ClientAddress;
|
||||
IPCDhcpSetConditionalUserClass(ipc, &req);
|
||||
|
||||
d2 = IPCSendDhcpRequest(ipc, NULL, tran_id, &req, DHCP_ACK, IPC_DHCP_TIMEOUT, discon_poll_tube);
|
||||
if (d2 == NULL)
|
||||
@ -1243,6 +1266,12 @@ BUF *IPCBuildDhcpRequestOptions(IPC *ipc, DHCP_OPTION_LIST *opt)
|
||||
Add(o, NewDhcpOption(DHCP_ID_HOST_NAME, opt->Hostname, StrLen(opt->Hostname)));
|
||||
}
|
||||
|
||||
// User Class
|
||||
if (IsEmptyStr(opt->UserClass) == false)
|
||||
{
|
||||
Add(o, NewDhcpOption(DHCP_ID_USER_CLASS, opt->UserClass, StrLen(opt->UserClass)));
|
||||
}
|
||||
|
||||
// Vendor
|
||||
Add(o, NewDhcpOption(DHCP_ID_VENDOR_ID, IPC_DHCP_VENDOR_ID, StrLen(IPC_DHCP_VENDOR_ID)));
|
||||
|
||||
|
||||
@ -1655,6 +1655,10 @@ bool ServerAccept(CONNECTION *c)
|
||||
{
|
||||
radius_login_opt.In_CheckVLanId = hub->Option->AssignVLanIdByRadiusAttribute;
|
||||
radius_login_opt.In_DenyNoVlanId = hub->Option->DenyAllRadiusLoginWithNoVlanAssign;
|
||||
if (hub->Option->UseHubNameAsRadiusNasId == true)
|
||||
{
|
||||
StrCpy(radius_login_opt.NasId, sizeof(radius_login_opt.NasId), hubname);
|
||||
}
|
||||
}
|
||||
|
||||
// Get the various flags
|
||||
|
||||
@ -1833,7 +1833,16 @@ bool RadiusLogin(CONNECTION *c, char *hubname, char *server, UINT port, UCHAR *s
|
||||
{
|
||||
// Generate a password packet
|
||||
BUF *user_password = (is_mschap ? NULL : RadiusCreateUserPassword(encrypted_password->Buf, encrypted_password->Size));
|
||||
BUF *nas_id = RadiusCreateNasId(CEDAR_SERVER_STR);
|
||||
BUF *nas_id;
|
||||
|
||||
if (IsEmptyStr(opt->NasId) == true)
|
||||
{
|
||||
nas_id = RadiusCreateNasId(CEDAR_SERVER_STR);
|
||||
}
|
||||
else
|
||||
{
|
||||
nas_id = RadiusCreateNasId(opt->NasId);
|
||||
}
|
||||
|
||||
if (is_mschap || user_password != NULL)
|
||||
{
|
||||
|
||||
@ -142,6 +142,7 @@
|
||||
#define RADIUS_ATTRIBUTE_EAP_MESSAGE 79
|
||||
#define RADIUS_ATTRIBUTE_EAP_AUTHENTICATOR 80
|
||||
#define RADIUS_ATTRIBUTE_VLAN_ID 81
|
||||
#define RADIUS_MAX_NAS_ID_LEN 253
|
||||
|
||||
// RADIUS codes
|
||||
#define RADIUS_CODE_ACCESS_REQUEST 1
|
||||
@ -371,6 +372,7 @@ struct RADIUS_LOGIN_OPTION
|
||||
bool In_DenyNoVlanId;
|
||||
UINT Out_VLanId;
|
||||
bool Out_IsRadiusLogin;
|
||||
char NasId[RADIUS_MAX_NAS_ID_LEN + 1]; // NAS-Identifier
|
||||
};
|
||||
|
||||
// Function prototype
|
||||
|
||||
@ -4114,6 +4114,8 @@ void SiLoadHubOptionCfg(FOLDER *f, HUB_OPTION *o)
|
||||
o->SecureNAT_RandomizeAssignIp = CfgGetBool(f, "SecureNAT_RandomizeAssignIp");
|
||||
o->DetectDormantSessionInterval = CfgGetInt(f, "DetectDormantSessionInterval");
|
||||
o->NoPhysicalIPOnPacketLog = CfgGetBool(f, "NoPhysicalIPOnPacketLog");
|
||||
o->UseHubNameAsDhcpUserClassOption = CfgGetBool(f, "UseHubNameAsDhcpUserClassOption");
|
||||
o->UseHubNameAsRadiusNasId = CfgGetBool(f, "UseHubNameAsRadiusNasId");
|
||||
|
||||
// Enabled by default
|
||||
if (CfgIsItem(f, "ManageOnlyPrivateIP"))
|
||||
@ -4214,6 +4216,8 @@ void SiWriteHubOptionCfg(FOLDER *f, HUB_OPTION *o)
|
||||
CfgAddBool(f, "DisableUserModeSecureNAT", o->DisableUserModeSecureNAT);
|
||||
CfgAddBool(f, "DisableCheckMacOnLocalBridge", o->DisableCheckMacOnLocalBridge);
|
||||
CfgAddBool(f, "DisableCorrectIpOffloadChecksum", o->DisableCorrectIpOffloadChecksum);
|
||||
CfgAddBool(f, "UseHubNameAsDhcpUserClassOption", o->UseHubNameAsDhcpUserClassOption);
|
||||
CfgAddBool(f, "UseHubNameAsRadiusNasId", o->UseHubNameAsRadiusNasId);
|
||||
}
|
||||
|
||||
// Write the user
|
||||
@ -7625,6 +7629,8 @@ void SiCalledUpdateHub(SERVER *s, PACK *p)
|
||||
o.DisableUserModeSecureNAT = PackGetBool(p, "DisableUserModeSecureNAT");
|
||||
o.DisableCheckMacOnLocalBridge = PackGetBool(p, "DisableCheckMacOnLocalBridge");
|
||||
o.DisableCorrectIpOffloadChecksum = PackGetBool(p, "DisableCorrectIpOffloadChecksum");
|
||||
o.UseHubNameAsDhcpUserClassOption = PackGetBool(p, "UseHubNameAsDhcpUserClassOption");
|
||||
o.UseHubNameAsRadiusNasId = PackGetBool(p, "UseHubNameAsRadiusNasId");
|
||||
|
||||
save_packet_log = PackGetInt(p, "SavePacketLog");
|
||||
packet_log_switch_type = PackGetInt(p, "PacketLogSwitchType");
|
||||
@ -9477,6 +9483,8 @@ void SiPackAddCreateHub(PACK *p, HUB *h)
|
||||
PackAddInt(p, "SecurityLogSwitchType", h->LogSetting.SecurityLogSwitchType);
|
||||
PackAddData(p, "HashedPassword", h->HashedPassword, SHA1_SIZE);
|
||||
PackAddData(p, "SecurePassword", h->SecurePassword, SHA1_SIZE);
|
||||
PackAddBool(p, "UseHubNameAsDhcpUserClassOption", h->Option->UseHubNameAsDhcpUserClassOption);
|
||||
PackAddBool(p, "UseHubNameAsRadiusNasId", h->Option->UseHubNameAsRadiusNasId);
|
||||
|
||||
SiAccessListToPack(p, h->AccessList);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user