Bacause interface may not still exists in authentication phase

If set to 1 then allocate unit (interface) before authorization, so Nas-Port and Nas-Port-Id would be defined in Access-Request phase

The 'installed' bit of the allocated ipv6db_addr_t structure needs to
be initialised. This is because ap_session_ifdown() reads this bit to
know if the address or route needs to be removed from the kernel.
The 'installed' bit is set by ap_session_accounting_started() and the
ND and DHCPV6 protocol handlers, but disconnection could happen before
these steps.
Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>

This files aren't used (and aren't even compiled) anymore.
Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>

include/ppp_auth.h used to be a symlink to ppp/ppp_auth.h, until it was
made a copy by ebbd6f58 ("fix typo (successed -> succeeded)").
Therefore, changes to ppp/ppp_auth.h aren't visible to files including
ppp_auth.h anymore. These files have already diverged (just a
whitespace fix for now), so let's restore the original symlink before
more changes occur.
Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>

Hello,

small patch to avoid gcc -Wformat warnings on Debian x32 where time_t
is "long long" (64-bit signed, to be 2038 safe), not "unsigned long"
(32-bit unsigned) corresponding to "%lu" format strings.

Regards,
Marek

The kernel flag used for setting PFC is SC_COMP_PROT (SC_COMP_AC is for
Address-and-Control-Field-Compression).
Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>

Using a /0 prefix on an IP different from 0.0.0.0 is valid, but might
be a configuration mistake. Log warning message in this case so that
user can easily troubleshoot it.
Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>

This is equivalent, but INADDR_BROADCAST is more descriptive.
Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>

Move warning messages to PPTP and L2TP modules. No other module
actually uses iprange, so it's perfectly valid to disable it, or at
least to not configure any range, when PPTP and L2TP aren't used.
Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>

Protect conf_disable and client_ranges with a mutex.
Instead of directly setting conf_disable, load_ranges() now returns
a disable flag. The caller is in charge of propagating its value
in conf_disable.
Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>

Add list_replace() and list_replace_init(), as defined in Linux kernel
sources.
Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>

The previous parsing functions had a few problems:

  * They did accept negative numbers in addresses (e.g. 192.0.2.-5).

  * They relied on C undefined behaviour for detecting /0 prefix
    length: "mask = htonl(~((1 << (32 - m)) - 1)" was wrong for m = 0,
    because that resulted in a left shift of 32 bits, on a 32 bit wide
    value (the right operand of a bitwise shift operator must be
    strictly smaller than the width of the promoted left operand).

  * They misinterpreted /32 prefixes as disable requests. In fact, due
    to the undefined behaviour described above, /0 and /32 prefix
    lengths were represented in the same way by parse1(), that is, with
    an iprange_t structure where ->begin == ->end. Therefore
    load_ranges() had no way to distinguish between them and did
    disable the module in both cases.

This patch fixes these issues and brings the following improvements:

  * It uses getaddrinfo() to parse IP addresses, so it accept (almost)
    all IPv4 representations and is more easily extensible to IPv6 in
    the future.

  * It warns when the IP address used in CIDR notation is not the first
    address in the range (e.g. the first address of 192.0.2.1/24 is
    192.0.2.0, not 192.0.2.1).

  * It doesn't _exit() on parsing failures, thus making the functions
    usable in an EV_CONFIG_RELOAD handler.

While there, the unfinished tunnel_ranges code, which was already
commented, has been removed.
Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>

The telnet and tcp servers disconnect as soon as they receive the
'exit' command or see a disconnection from the client. In this case,
all data queued for transmission are lost. This can lead to truncated
output when big amount of data is being sent.

For example, on a moderately loaded server with a few thouthands
connections, the output of the 'accel-cmd show sessions' command can be
truncated.
The problem is that accel-cmd sends the 'show sessions' command,
followed by 'exit'. It does so because it has to stop running once all
data has been received from the server. But it never knows whether more
data are going to arrive. Disconnection must then come from the server,
hence the use of 'exit' (although the same effect could be achieved
with shutdown(SHUT_WR)).

The telnet and tcp modules behave very similarly and are modified in
the same way:

  * For a soft disconnection, cln_read() doesn't call disconnect()
    anymore if there are data queued for transmission. Instead it
    sets the 'disconnect' flag and stops listening to its peer (no
    need to process further messages).

  * cln_write() checks the 'disconnect' flag once it has sent all
    pending data and actually performs the disconnection if necessary.
Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>

In tcp and telnet backends, the first buffer been queued is directly
pointed to by cln->xmit_buf. It's not added to cln->xmit_queue.
Therefore testing if ->xmit_queue is empty doesn't reliably tells
if data has already been queued.

We should test if ->xmit_buf is non-NULL instead. This is reliable
because ->xmit_buf is re-filled with the first buffer from ->xmit_queue
after every successful write().

Failure to properly check if data has already been queued can lead to
message miss-ordering because cli_client_send() or telnet_send() will
try to directly write() their input buffer, effectively bypassing the
one previously queued up in ->xmit_buf.
Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>

When queueing output data for later write(), the 'n' first bytes of the
buffer have already been sent (we have n > 0 if EAGAIN was returned
after some other write() calls succeeded). Therefore, we need to skip
these bytes when initialising the buffer to be queued.
The size passed to memcpy() did already take that space into account.
Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>

This reverts commit fc098b30.