diff --git a/net/mpd5/Makefile b/net/mpd5/Makefile index 81fc894b519b..fcfda2185cb9 100644 --- a/net/mpd5/Makefile +++ b/net/mpd5/Makefile @@ -1,50 +1,57 @@ # Created by: Archie Cobbs PORTNAME= mpd DISTVERSION= 5.9 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= net MASTER_SITES= SF/${PORTNAME}/Mpd5/Mpd-${PORTVERSION} PKGNAMESUFFIX= 5 DIST_SUBDIR= mpd5 MAINTAINER= eugen@FreeBSD.org COMMENT= Multi-link PPP daemon based on netgraph(4) LICENSE= BSD3CLAUSE USES= ssl -OPTIONS_DEFINE= DOCS NG_IPACCT +OPTIONS_DEFINE= DOCS NG_IPACCT RADIUS +OPTIONS_DEFAULT= RADIUS NG_IPACCT_DESC= Use ng_ipacct kernel module from port +RADIUS_DESC= Enable RADIUS support HAS_CONFIGURE= YES CONFIGURE_WRKSRC= "${WRKSRC}/src" .include MAKE_ARGS+= OSVERSION=${OSVERSION} .if ${PORT_OPTIONS:MNG_IPACCT} BUILD_DEPENDS+= ${LOCALBASE}/include/netgraph/ng_ipacct.h:net-mgmt/ng_ipacct .if exists(${KMODDIR}/ng_ipacct.ko) RUN_DEPENDS+= ${KMODDIR}/ng_ipacct.ko:net-mgmt/ng_ipacct .else RUN_DEPENDS+= /boot/modules/ng_ipacct.ko:net-mgmt/ng_ipacct .endif .else CONFIGURE_ENV+= USE_NG_IPACCT=no MAKE_ARGS+= USE_NG_IPACCT=no .endif +.if ! ${PORT_OPTIONS:MRADIUS} +CONFIGURE_ENV+= USE_RADIUS=no +MAKE_ARGS+= USE_RADIUS=no +.endif + USE_RC_SUBR= mpd5 CONFSUF= conf secret script DOCSDIR= ${PREFIX}/share/doc/mpd5 PORTDOCS= README mpd* PLIST_FILES= ${CONFSUF:S/^/etc\/mpd5\/mpd./:S/$/.sample/} sbin/mpd5 .if !defined(WITHOUT_MAN) PLIST_FILES+= man/man8/mpd5.8.gz .endif .include diff --git a/net/mpd5/files/patch-l2tp-multihomed b/net/mpd5/files/patch-l2tp-multihomed new file mode 100644 index 000000000000..55d28f5d693e --- /dev/null +++ b/net/mpd5/files/patch-l2tp-multihomed @@ -0,0 +1,124 @@ +Index: src/l2tp.c +=================================================================== +--- src/l2tp.c (revision 2418) ++++ src/l2tp.c (revision 2419) +@@ -1415,9 +1415,21 @@ L2tpServerEvent(int type, void *arg) + tun->self_port = s->self_port; + tun->alive = 1; + +- Log(LG_PHYS, ("Incoming L2TP packet from %s %d", +- u_addrtoa(&tun->peer_addr, namebuf, sizeof(namebuf)), tun->peer_port)); ++ if (u_addrempty(&tun->self_addr) && ++ !GetSockDstAddress(s->sock, &tun->self_addr)) ++ Log(LG_PHYS, ("Incoming L2TP packet from %s %d", ++ u_addrtoa(&tun->peer_addr, namebuf, sizeof(namebuf)), ++ tun->peer_port)); ++ else { ++ char buf3[INET_ADDRSTRLEN]; + ++ Log(LG_PHYS, ("Incoming L2TP packet from %s %d to %s %d", ++ u_addrtoa(&tun->peer_addr, namebuf, sizeof(namebuf)), ++ tun->peer_port, ++ u_addrtoa(&tun->self_addr, buf3, sizeof(buf3)), ++ tun->self_port)); ++ } ++ + /* Examine all L2TP links to get best possible fit tunnel parameters. */ + for (k = 0; k < gNumLinks; k++) { + Link l2; +@@ -1552,7 +1564,7 @@ L2tpServerEvent(int type, void *arg) + } + + /* Bind socket to a new port */ +- u_addrtosockaddr(&s->self_addr,s->self_port,&sas); ++ u_addrtosockaddr(&tun->self_addr,tun->self_port,&sas); + if (NgSendMsg(csock, namebuf, NGM_KSOCKET_COOKIE, + NGM_KSOCKET_BIND, &sas, sas.ss_len) == -1) { + Perror("L2TP: bind"); +@@ -1649,6 +1661,10 @@ L2tpListen(Link l) + SO_REUSEPORT, &one, sizeof(one)) == -1) { + Perror("L2TP: setsockopt"); + goto fail; ++ } ++ if (u_addrempty(&s->self_addr)) { ++ int on = 1; ++ setsockopt(s->sock, IPPROTO_IP, IP_RECVDSTADDR, &on, sizeof(on)); + } + u_addrtosockaddr(&s->self_addr, s->self_port, &sa); + if (bind(s->sock, (struct sockaddr *)&sa, sa.ss_len) == -1) { +Index: src/util.c +=================================================================== +--- src/util.c (revision 2418) ++++ src/util.c (revision 2419) +@@ -16,8 +16,9 @@ + #include + #include + #include +-#include ++#include + #include ++#include + #include + #include + #include +@@ -1544,5 +1545,48 @@ IfaceSetFlag(const char *ifname, int value) + return (-1); + } + close(s); ++ return (0); ++} ++ ++/* ++ * Obtain destination address of SOCK_DGRAM IPv4 UDP socket, if possible. ++ */ ++int GetSockDstAddress(int sock, struct u_addr *addr) ++{ ++ struct { ++ struct msghdr msg; ++ struct iovec iov; ++ union { /* ensure correct alignment for space */ ++ struct cmsghdr cm; ++ char space[CMSG_SPACE(sizeof(struct in_addr))]; ++ } buf; ++ char io[1024]; ++ } b; ++ ++ struct cmsghdr *p; ++ ssize_t size; ++ ++ /* Sanity check */ ++ if (addr->family != AF_INET) ++ return (0); ++ ++ memset(&b, 0, sizeof(b)); ++ b.msg.msg_iov = &b.iov; ++ b.msg.msg_iovlen = 1; ++ b.msg.msg_control = &b.buf; ++ b.msg.msg_controllen = sizeof(b.buf); ++ b.iov.iov_base = &b.io; ++ b.iov.iov_len = sizeof(b.io); ++ ++ if ((size = recvmsg(sock, &b.msg, 0)) < 0) { ++ Perror("%s: recvmsg: %s", __FUNCTION__, strerror(errno)); ++ return (0); ++ } ++ ++ p = CMSG_FIRSTHDR(&b.msg); ++ if (p && p->cmsg_level == IPPROTO_IP && p->cmsg_type == IP_RECVDSTADDR) { ++ memcpy(&addr->u.ip4, CMSG_DATA(p), sizeof(addr->u.ip4)); ++ return (1); ++ } + return (0); + } +Index: src/util.h +=================================================================== +--- src/util.h (revision 2418) ++++ src/util.h (revision 2419) +@@ -98,6 +98,7 @@ extern u_long GenerateMagic(void); + extern int GetAnyIpAddress(struct u_addr *ipaddr, const char *ifname); + extern int GetEther(struct u_addr *addr, struct sockaddr_dl *hwaddr); + extern int GetPeerEther(struct u_addr *addr, struct sockaddr_dl *hwaddr); ++extern int GetSockDstAddress(int sock, struct u_addr *addr); + extern void ppp_util_ascify(char *buf, size_t max, const char *bytes, size_t len); + extern int IfaceSetFlag(const char *ifname, int value); + diff --git a/net/mpd5/files/patch-noradius b/net/mpd5/files/patch-noradius new file mode 100644 index 000000000000..3c29e90d0f4d --- /dev/null +++ b/net/mpd5/files/patch-noradius @@ -0,0 +1,588 @@ +Index: src/Makefile +=================================================================== +--- src/Makefile (revision 2417) ++++ src/Makefile (working copy) +@@ -60,6 +60,7 @@ USE_TCP_WRAP= yes + #USE_AUTH_OPIE= yes + USE_AUTH_PAM= yes + USE_AUTH_SYSTEM= yes ++USE_RADIUS?= yes + + # Build without builtin web server. + #NOWEB= yes +@@ -108,8 +109,10 @@ CFLAGS+= -DUSE_SYSTEM + LDADD+= -lnetgraph -lutil + DPADD+= ${LIBNETGRAPH} + ++.if defined ( USE_RADIUS ) && ( ${USE_RADIUS} == yes ) + LDADD+= -L/usr/lib -lradius + DPADD+= ${LIBRADIUS} ++.endif + + # Obtained from bsd.port.mk + .if !defined ( OSVERSION ) +@@ -152,8 +155,12 @@ CFLAGS+= -DSYSLOG_FACILITY='"${SYSLOG_FACILITY}"' + STDSRCS= assert.c auth.c bund.c rep.c ccp.c chap.c \ + console.c command.c ecp.c event.c fsm.c iface.c input.c \ + ip.c ipcp.c ipv6cp.c lcp.c link.c log.c main.c mbuf.c mp.c \ +- msg.c ngfunc.c pap.c phys.c proto.c radius.c radsrv.c timer.c \ +- util.c vars.c eap.c msoft.c ippool.c ++ msg.c ngfunc.c pap.c phys.c proto.c timer.c \ ++ util.c vars.c msoft.c ippool.c ++ ++.if defined ( USE_RADIUS ) && ( ${USE_RADIUS} == yes ) ++STDSRCS+= eap.c radius.c radsrv.c ++.endif + + .if defined ( NOWEB ) + CFLAGS+= -DNOWEB +Index: src/auth.c +=================================================================== +--- src/auth.c (revision 2411) ++++ src/auth.c (working copy) +@@ -188,10 +188,12 @@ void + authparamsInit(struct authparams *ap) + { + memset(ap, 0, sizeof(struct authparams)); ++#ifdef USE_RADIUS + ap->eapmsg = NULL; + ap->state = NULL; + ap->class = NULL; + ap->filter_id = NULL; ++#endif + ap->msdomain = NULL; + #ifdef SIOCSIFDESCR + ap->ifdescr = NULL; +@@ -208,10 +210,12 @@ authparamsDestroy(struct authparams *ap) + int i; + #endif + ++#ifdef USE_RADIUS + Freee(ap->eapmsg); + Freee(ap->state); + Freee(ap->class); + Freee(ap->filter_id); ++#endif + + #ifdef USE_IPFW + ACLDestroy(ap->acl_rule); +@@ -252,6 +256,7 @@ authparamsCopy(struct authparams *src, struct authpara + + memcpy(dst, src, sizeof(struct authparams)); + ++#ifdef USE_RADIUS + if (src->eapmsg) + dst->eapmsg = Mdup(MB_AUTH, src->eapmsg, src->eapmsg_len); + if (src->state) +@@ -260,6 +265,7 @@ authparamsCopy(struct authparams *src, struct authpara + dst->class = Mdup(MB_AUTH, src->class, src->class_len); + if (src->filter_id) + dst->filter_id = Mstrdup(MB_AUTH, src->filter_id); ++#endif + + #ifdef USE_IPFW + ACLCopy(src->acl_rule, &dst->acl_rule); +@@ -308,8 +314,10 @@ AuthInit(Link l) + Enable(&ac->options, AUTH_CONF_INTERNAL); + Enable(&ac->options, AUTH_CONF_ACCT_MANDATORY); + ++#ifdef USE_RADIUS + EapInit(l); + RadiusInit(l); ++#endif + } + + /* +@@ -420,9 +428,11 @@ AuthStart(Link l) + case PROTO_CHAP: + ChapStart(l, AUTH_SELF_TO_PEER); + break; ++#ifdef USE_RADIUS + case PROTO_EAP: + EapStart(l, AUTH_SELF_TO_PEER); + break; ++#endif + default: + assert(0); + } +@@ -437,9 +447,11 @@ AuthStart(Link l) + case PROTO_CHAP: + ChapStart(l, AUTH_PEER_TO_SELF); + break; ++#ifdef USE_RADIUS + case PROTO_EAP: + EapStart(l, AUTH_PEER_TO_SELF); + break; ++#endif + default: + assert(0); + } +@@ -449,6 +461,7 @@ AuthStart(Link l) + * AuthInput() + * + * Deal with PAP/CHAP/EAP packet ++ * But cannot be called for EAP packet if RADIUS support is not compiled in. + */ + + void +@@ -494,15 +507,16 @@ AuthInput(Link l, int proto, Mbuf bp) + len -= sizeof(fsmh); + pkt = MBDATA(bp); + ++#ifdef USE_RADIUS + if (proto == PROTO_EAP && bp) { + Log(LG_AUTH, ("[%s] %s: rec'd %s #%d len: %hu, type: %s", l->name, + ProtoName(proto), AuthCode(proto, fsmh.code, buf, sizeof(buf)), fsmh.id, + fsmh_len, EapType(pkt[0]))); +- } else { ++ } else ++#endif + Log(LG_AUTH, ("[%s] %s: rec'd %s #%d len: %hu", l->name, + ProtoName(proto), AuthCode(proto, fsmh.code, buf, sizeof(buf)), fsmh.id, + fsmh_len)); +- } + + auth = AuthDataNew(l); + auth->proto = proto; +@@ -518,9 +532,11 @@ AuthInput(Link l, int proto, Mbuf bp) + case PROTO_CHAP: + ChapInput(l, auth, pkt, len); + break; ++#ifdef USE_RADIUS + case PROTO_EAP: + EapInput(l, auth, pkt, len); + break; ++#endif + default: + assert(0); + } +@@ -563,13 +579,14 @@ AuthOutput(Link l, int proto, u_int code, u_int id, co + } + bp = mbcopyback(bp, MBLEN(bp), ptr, len); + ++#ifdef USE_RADIUS + if (proto == PROTO_EAP) { + Log(LG_AUTH, ("[%s] %s: sending %s #%d len: %d, type: %s", l->name, + ProtoName(proto), AuthCode(proto, code, buf, sizeof(buf)), id, plen, EapType(eap_type))); +- } else { ++ } else ++#endif + Log(LG_AUTH, ("[%s] %s: sending %s #%d len: %d", l->name, + ProtoName(proto), AuthCode(proto, code, buf, sizeof(buf)), id, plen)); +- } + + /* Send it out */ + NgFuncWritePppFrameLink(l, proto, bp); +@@ -718,7 +735,9 @@ AuthStop(Link l) + TimerStop(&a->timer); + PapStop(&a->pap); + ChapStop(&a->chap); ++#ifdef USE_RADIUS + EapStop(&a->eap); ++#endif + paction_cancel(&a->thread); + } + +@@ -979,8 +998,10 @@ AuthAccount(void *arg) + + Log(LG_AUTH2, ("[%s] ACCT: Thread started", auth->info.lnkname)); + ++#ifdef USE_RADIUS + if (Enabled(&auth->conf.options, AUTH_CONF_RADIUS_ACCT)) + err |= RadiusAccount(auth); ++#endif + #ifdef USE_PAM + if (Enabled(&auth->conf.options, AUTH_CONF_PAM_ACCT)) + err |= AuthPAMAcct(auth); +@@ -1020,8 +1041,10 @@ AuthAccountFinish(void *arg, int was_canceled) + auth->info.lnkname)); + } + ++#ifdef USE_RADIUS + /* Cleanup */ + RadiusClose(auth); ++#endif + + if (was_canceled) { + AuthDataDestroy(auth); +@@ -1188,6 +1211,7 @@ AuthAsync(void *arg) + return; + } + } ++#ifdef USE_RADIUS + if (auth->proto == PROTO_EAP && auth->eap_radius) { + auth->params.authentic = AUTH_CONF_RADIUS_AUTH; + RadiusEapProxy(auth); +@@ -1205,6 +1229,7 @@ AuthAsync(void *arg) + return; + } + } ++#endif + #ifdef USE_PAM + if (Enabled(&auth->conf.options, AUTH_CONF_PAM_AUTH)) { + auth->params.authentic = AUTH_CONF_PAM_AUTH; +@@ -1274,8 +1299,10 @@ AuthAsyncFinish(void *arg, int was_canceled) + if (was_canceled) + Log(LG_AUTH2, ("[%s] AUTH: Thread was canceled", auth->info.lnkname)); + ++#ifdef USE_RADIUS + /* cleanup */ + RadiusClose(auth); ++#endif + + if (was_canceled) { + AuthDataDestroy(auth); +@@ -1948,9 +1975,11 @@ static const char * + AuthCode(int proto, u_char code, char *buf, size_t len) + { + switch (proto) { ++#ifdef USE_RADIUS + case PROTO_EAP: + return EapCode(code, buf, len); + ++#endif + case PROTO_CHAP: + return ChapCode(code, buf, len); + +Index: src/auth.h +=================================================================== +--- src/auth.h (revision 2411) ++++ src/auth.h (working copy) +@@ -113,6 +113,7 @@ struct authparams { + struct in_addr peer_dns[2]; /* DNS servers for peer to use */ + struct in_addr peer_nbns[2]; /* NBNS servers for peer to use */ + ++#ifdef USE_RADIUS + char *eapmsg; /* EAP Msg for forwarding to RADIUS + * server */ + int eapmsg_len; +@@ -125,6 +126,7 @@ struct authparams { + + char *filter_id; /* RADIUS Framed-Filter-Id attribute */ + ++#endif + char action[8 + LINK_MAX_NAME]; + + #ifdef USE_IPFW +@@ -204,7 +206,9 @@ struct authparams { + }; + + struct authconf { ++#ifdef USE_RADIUS + struct radiusconf radius; /* RADIUS configuration */ ++#endif + char authname[AUTH_MAX_AUTHNAME]; /* Configured username */ + char password[AUTH_MAX_PASSWORD]; /* Configured password */ + u_int acct_update; +@@ -231,7 +235,9 @@ struct auth { + struct pppTimer acct_timer; /* Timer for accounting updates */ + struct papinfo pap; /* PAP state */ + struct chapinfo chap; /* CHAP state */ ++#ifdef USE_RADIUS + struct eapinfo eap; /* EAP state */ ++#endif + struct paction *thread; /* async auth thread */ + struct paction *acct_thread; /* async accounting auth thread */ + struct authconf conf; /* Auth backends, RADIUS, etc. */ +@@ -253,7 +259,9 @@ struct authdata { + u_int code; /* Proto specific code */ + u_char acct_type; /* Accounting type, Start, Stop, + * Update */ ++#ifdef USE_RADIUS + u_char eap_radius; ++#endif + u_char status; + u_char why_fail; + char *reply_message; /* Text wich may displayed to the user */ +@@ -261,10 +269,13 @@ struct authdata { + char *mschapv2resp; /* Response String for MSCHAPv2 */ + void (*finish) (Link l, struct authdata *auth); /* Finish handler */ + int drop_user; /* RAD_MPD_DROP_USER value sent by +- * RADIUS server */ ++ * RADIUS server or external acct script */ ++#ifdef USE_RADIUS + struct { + struct rad_handle *handle; /* the RADIUS handle */ + } radius; ++#endif ++ + #ifdef USE_OPIE + struct { + struct opie data; +Index: src/command.c +=================================================================== +--- src/command.c (revision 2411) ++++ src/command.c (working copy) +@@ -223,8 +223,10 @@ + #endif + { "ecp", "ECP status", + EcpStat, AdmitBund, 0, NULL }, ++#ifdef USE_RADIUS + { "eap", "EAP status", + EapStat, AdmitLink, 0, NULL }, ++#endif + { "events", "Current events", + ShowEvents, NULL, 0, NULL }, + { "ipcp", "IPCP status", +@@ -253,8 +255,10 @@ + LinkStat, AdmitLink, 0, NULL }, + { "auth", "Auth status", + AuthStat, AdmitLink, 0, NULL }, ++#ifdef USE_RADIUS + { "radius", "RADIUS status", + RadStat, AdmitLink, 0, NULL }, ++#endif + #ifdef RAD_COA_REQUEST + { "radsrv", "RADIUS server status", + RadsrvStat, NULL, 0, NULL }, +@@ -293,8 +297,10 @@ + }; + + static const struct cmdtab UnSetCommands[] = { ++#ifdef USE_RADIUS + { "radius ...", "RADIUS specific stuff", + CMD_SUBMENU, AdmitLink, 2, RadiusUnSetCmds }, ++#endif + #ifdef NG_NAT_DESC_LENGTH + { "nat ...", "NAT specific stuff", + CMD_SUBMENU, AdmitBund, 2, NatUnSetCmds }, +@@ -303,6 +309,8 @@ + }; + + static const struct cmdtab SetCommands[] = { ++ { "auth ...", "Auth specific stuff", ++ CMD_SUBMENU, AdmitLink, 2, AuthSetCmds }, + { "bundle ...", "Bundle specific stuff", + CMD_SUBMENU, AdmitBund, 2, BundSetCmds }, + { "link ...", "Link specific stuff", +@@ -323,15 +331,15 @@ + #endif + { "ecp ...", "ECP specific stuff", + CMD_SUBMENU, AdmitBund, 2, EcpSetCmds }, ++#ifdef USE_RADIUS + { "eap ...", "EAP specific stuff", + CMD_SUBMENU, AdmitLink, 2, EapSetCmds }, +- { "auth ...", "Auth specific stuff", +- CMD_SUBMENU, AdmitLink, 2, AuthSetCmds }, + { "radius ...", "RADIUS specific stuff", + CMD_SUBMENU, AdmitLink, 2, RadiusSetCmds }, + #ifdef RAD_COA_REQUEST + { "radsrv ...", "RADIUS server specific stuff", + CMD_SUBMENU, NULL, 2, RadsrvSetCmds }, ++#endif + #endif + { "console ...", "Console specific stuff", + CMD_SUBMENU, NULL, 0, ConsoleSetCmds }, +Index: src/configure +=================================================================== +--- src/configure (revision 2411) ++++ src/configure (working copy) +@@ -122,6 +122,13 @@ else + echo " not found." + fi + ++echo -n "Looking for radius support ..." ++if [ "$USE_RADIUS" = no ]; then ++ echo " disabled." ++else if [ -e /usr/include/radlib.h ] ++then ++ echo " found." ++ echo "#define HAVE_RADIUS 1" >> $CONFIG + + echo -n "Looking for rad_bind_to() ..." + if /usr/bin/grep rad_bind_to /usr/include/radlib.h >/dev/null 2>&1 +@@ -140,6 +147,8 @@ then + else + echo " not found." + fi ++fi ++fi # RADIUS support + + echo -n "Looking for ether_ntoa_r() ..." + if /usr/bin/grep ether_ntoa_r /usr/include/net/ethernet.h >/dev/null 2>&1 +Index: src/defs.h +=================================================================== +--- src/defs.h (revision 2411) ++++ src/defs.h (working copy) +@@ -55,6 +55,9 @@ + #ifndef HAVE_IPFW + #undef USE_IPFW + #endif ++#ifdef HAVE_RADIUS ++ #define USE_RADIUS ++#endif + #ifndef HAVE_RAD_BIND + #undef HAVE_RAD_BIND + #endif +Index: src/eap.h +=================================================================== +--- src/eap.h (revision 2411) ++++ src/eap.h (working copy) +@@ -77,6 +77,7 @@ + EAP_TYPE_FAST /* EAP-FAST */ + }; + ++#ifdef USE_RADIUS + extern const struct cmdtab EapSetCmds[]; + + /* Configuration for a link */ +@@ -109,5 +110,6 @@ + extern const char *EapType(u_char type); + extern int EapStat(Context ctx, int ac, const char *const av[], const void *arg); + ++#endif /* USE_RADIUS */ + #endif + +Index: src/iface.c +=================================================================== +--- src/iface.c (revision 2416) ++++ src/iface.c (working copy) +@@ -1110,7 +1110,10 @@ IfaceIpIfaceUp(Bund b, int ready) + u_addrtoa(&iface->peer_addr, peerbuf, sizeof(peerbuf)), + *b->params.authname ? b->params.authname : "-", + ns1buf, ns2buf, *b->params.peeraddr ? b->params.peeraddr : "-", +- b->params.filter_id ? b->params.filter_id : "-"); ++#ifdef USE_RADIUS ++ b->params.filter_id ? b->params.filter_id : ++#endif ++ "-"); + if (res != 0) { + FsmFailure(&b->ipcp.fsm, FAIL_NEGOT_FAILURE); + return (-1); +@@ -1142,7 +1145,10 @@ IfaceIpIfaceDown(Bund b) + u_addrtoa(&iface->peer_addr, peerbuf, sizeof(peerbuf)), + *b->params.authname ? b->params.authname : "-", + *b->params.peeraddr ? b->params.peeraddr : "-", +- b->params.filter_id ? b->params.filter_id : "-"); ++#ifdef USE_RADIUS ++ b->params.filter_id ? b->params.filter_id : ++#endif ++ "-"); + } + + /* Delete dynamic routes */ +@@ -1254,7 +1260,10 @@ IfaceIpv6IfaceUp(Bund b, int ready) + u_addrtoa(&iface->peer_ipv6_addr, peerbuf, sizeof(peerbuf)), iface->ifname, + *b->params.authname ? b->params.authname : "-", + *b->params.peeraddr ? b->params.peeraddr : "-", +- b->params.filter_id ? b->params.filter_id : "-"); ++#ifdef USE_RADIUS ++ b->params.filter_id ? b->params.filter_id : ++#endif ++ "-"); + if (res != 0) { + FsmFailure(&b->ipv6cp.fsm, FAIL_NEGOT_FAILURE); + return (-1); +@@ -1287,7 +1296,10 @@ IfaceIpv6IfaceDown(Bund b) + u_addrtoa(&iface->peer_ipv6_addr, peerbuf, sizeof(peerbuf)), iface->ifname, + *b->params.authname ? b->params.authname : "-", + *b->params.peeraddr ? b->params.peeraddr : "-", +- b->params.filter_id ? b->params.filter_id : "-"); ++#ifdef USE_RADIUS ++ b->params.filter_id ? b->params.filter_id : ++#endif ++ "-"); + } + + /* Delete dynamic routes */ +Index: src/input.c +=================================================================== +--- src/input.c (revision 2411) ++++ src/input.c (working copy) +@@ -101,9 +101,16 @@ InputDispatch(Bund b, Link l, int proto, Mbuf bp) + return(0); + case PROTO_PAP: + case PROTO_CHAP: ++ AuthInput(l, proto, bp); ++ return(0); + case PROTO_EAP: ++#ifdef USE_RADIUS + AuthInput(l, proto, bp); + return(0); ++#else ++ reject = 1; ++ goto done; ++#endif + case PROTO_MP: + if (!Enabled(&l->conf.options, LINK_CONF_MULTILINK)) + reject = 1; +Index: src/main.c +=================================================================== +--- src/main.c (revision 2411) ++++ src/main.c (working copy) +@@ -97,7 +97,9 @@ + #ifndef NOWEB + struct web gWeb; + #endif ++#ifdef USE_RADIUS + struct radsrv gRadsrv; ++#endif + int gBackground = FALSE; + int gShutdownInProgress = FALSE; + int gOverload = 0; +Index: src/ppp.h +=================================================================== +--- src/ppp.h (revision 2414) ++++ src/ppp.h (working copy) +@@ -203,7 +203,9 @@ + extern int gNumBundles; /* Total number of bundles */ + extern struct console gConsole; + extern struct web gWeb; ++#ifdef USE_RADIUS + extern struct radsrv gRadsrv; ++#endif + extern int gBackground; + extern int gShutdownInProgress; + extern int gOverload; +Index: src/radius.h +=================================================================== +--- src/radius.h (revision 2411) ++++ src/radius.h (working copy) +@@ -5,6 +5,13 @@ + * + */ + ++#ifndef _RADIUS_H_ ++#define _RADIUS_H_ ++ ++#include "defs.h" ++ ++#ifdef USE_RADIUS ++ + #ifdef CCP_MPPC + #include + #endif +@@ -15,8 +22,6 @@ + + #include "iface.h" + +-#ifndef _RADIUS_H_ +-#define _RADIUS_H_ + + /* + * DEFINITIONS +@@ -189,4 +194,5 @@ extern void RadiusClose(struct authdata *auth); + extern void RadiusEapProxy(void *arg); + extern int RadStat(Context ctx, int ac, const char *const av[], const void *arg); + ++#endif /* USE_RADIUS */ + #endif +Index: src/radsrv.h +=================================================================== +--- src/radsrv.h (revision 2411) ++++ src/radsrv.h (working copy) +@@ -9,6 +9,8 @@ + #define _RADSRV_H_ + + #include "defs.h" ++ ++#ifdef USE_RADIUS + #include + + /* +@@ -57,4 +59,5 @@ extern int RadsrvOpen(Radsrv c); + extern int RadsrvClose(Radsrv c); + extern int RadsrvStat(Context ctx, int ac, const char *const av[], const void *arg); + ++#endif /* USE_RADIUS */ + #endif