![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to if_spppsubr.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Apple XNU] / XNU / bsd / net|
Return to if_spppsubr.c CVS log | Up to [Apple XNU] / XNU / bsd / net |
1.1 root 1: /*
2: * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
3: *
4: * @APPLE_LICENSE_HEADER_START@
5: *
6: * The contents of this file constitute Original Code as defined in and
7: * are subject to the Apple Public Source License Version 1.1 (the
8: * "License"). You may not use this file except in compliance with the
9: * License. Please obtain a copy of the License at
10: * http://www.apple.com/publicsource and read it before using this file.
11: *
12: * This Original Code and all software distributed under the License are
13: * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14: * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15: * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16: * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17: * License for the specific language governing rights and limitations
18: * under the License.
19: *
20: * @APPLE_LICENSE_HEADER_END@
21: */
22: /*
23: * Synchronous PPP/Cisco link level subroutines.
24: * Keepalive protocol implemented in both Cisco and PPP modes.
25: *
26: * Copyright (C) 1994-1996 Cronyx Engineering Ltd.
27: * Author: Serge Vakulenko, <[email protected]>
28: *
29: * Heavily revamped to conform to RFC 1661.
30: * Copyright (C) 1997, Joerg Wunsch.
31: *
32: * This software is distributed with NO WARRANTIES, not even the implied
33: * warranties for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
34: *
35: * Authors grant any other persons or organisations permission to use
36: * or modify this software as long as this message is kept with the software,
37: * all derivative works or modified versions.
38: *
39: * From: Version 2.4, Thu Apr 30 17:17:21 MSD 1997
40: *
41: */
42:
43: #include <sys/param.h>
44:
45: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
46: #include "opt_inet.h"
47: #include "opt_ipx.h"
48: #endif
49:
50: #ifdef NetBSD1_3
51: # if NetBSD1_3 > 6
52: # include "opt_inet.h"
53: # include "opt_iso.h"
54: # endif
55: #endif
56:
57: #include <sys/systm.h>
58: #include <sys/kernel.h>
59: #include <sys/sockio.h>
60: #include <sys/socket.h>
61: #include <sys/syslog.h>
62: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
63: #include <machine/random.h>
64: #endif
65: #include <sys/malloc.h>
66: #include <sys/mbuf.h>
67:
68:
69: #if defined (__OpenBSD__)
70: #include <sys/md5k.h>
71: #else
72: #include <sys/md5.h>
73: #endif
74:
75: #include <net/if.h>
76: #include <net/netisr.h>
77: #include <net/if_types.h>
78: #include <net/route.h>
79:
80: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
81: #include <machine/random.h>
82: #endif
83: #if defined (__NetBSD__) || defined (__OpenBSD__)
84: #include <kern/cpu_number.h> /* XXX for softnet */
85: #endif
86:
87: #include <machine/stdarg.h>
88:
89: #if INET
90: #include <netinet/in.h>
91: #include <netinet/in_systm.h>
92: #include <netinet/in_var.h>
93: #include <netinet/ip.h>
94: #include <netinet/tcp.h>
95: # if defined (__FreeBSD__) || defined (__OpenBSD__)
96: # include <netinet/if_ether.h>
97: # else
98: # include <net/ethertypes.h>
99: # endif
100: #else
101: # error Huh? sppp without INET?
102: #endif
103:
104: #if IPX
105: #include <netipx/ipx.h>
106: #include <netipx/ipx_if.h>
107: #endif
108:
109: #if NS
110: #include <netns/ns.h>
111: #include <netns/ns_if.h>
112: #endif
113:
114: #if ISO
115: #include <netiso/argo_debug.h>
116: #include <netiso/iso.h>
117: #include <netiso/iso_var.h>
118: #include <netiso/iso_snpac.h>
119: #endif
120:
121: #include <net/if_sppp.h>
122:
123: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
124: # define UNTIMEOUT(fun, arg, handle) untimeout(fun, arg, handle)
125: # define TIMEOUT(fun, arg1, arg2, handle) handle = timeout(fun, arg1, arg2)
126: # define IOCTL_CMD_T u_long
127: #else
128: # define UNTIMEOUT(fun, arg, handle) untimeout(fun, arg)
129: # define TIMEOUT(fun, arg1, arg2, handle) timeout(fun, arg1, arg2)
130: # define IOCTL_CMD_T int
131: #endif
132:
133: #define MAXALIVECNT 3 /* max. alive packets */
134:
135: /*
136: * Interface flags that can be set in an ifconfig command.
137: *
138: * Setting link0 will make the link passive, i.e. it will be marked
139: * as being administrative openable, but won't be opened to begin
140: * with. Incoming calls will be answered, or subsequent calls with
141: * -link1 will cause the administrative open of the LCP layer.
142: *
143: * Setting link1 will cause the link to auto-dial only as packets
144: * arrive to be sent.
145: *
146: * Setting IFF_DEBUG will syslog the option negotiation and state
147: * transitions at level kern.debug. Note: all logs consistently look
148: * like
149: *
150: * <if-name><unit>: <proto-name> <additional info...>
151: *
152: * with <if-name><unit> being something like "bppp0", and <proto-name>
153: * being one of "lcp", "ipcp", "cisco", "chap", "pap", etc.
154: */
155:
156: #define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */
157: #define IFF_AUTO IFF_LINK1 /* auto-dial on output */
158:
159: #define PPP_ALLSTATIONS 0xff /* All-Stations broadcast address */
160: #define PPP_UI 0x03 /* Unnumbered Information */
161: #define PPP_IP 0x0021 /* Internet Protocol */
162: #define PPP_ISO 0x0023 /* ISO OSI Protocol */
163: #define PPP_XNS 0x0025 /* Xerox NS Protocol */
164: #define PPP_IPX 0x002b /* Novell IPX Protocol */
165: #define PPP_LCP 0xc021 /* Link Control Protocol */
166: #define PPP_PAP 0xc023 /* Password Authentication Protocol */
167: #define PPP_CHAP 0xc223 /* Challenge-Handshake Auth Protocol */
168: #define PPP_IPCP 0x8021 /* Internet Protocol Control Protocol */
169:
170: #define CONF_REQ 1 /* PPP configure request */
171: #define CONF_ACK 2 /* PPP configure acknowledge */
172: #define CONF_NAK 3 /* PPP configure negative ack */
173: #define CONF_REJ 4 /* PPP configure reject */
174: #define TERM_REQ 5 /* PPP terminate request */
175: #define TERM_ACK 6 /* PPP terminate acknowledge */
176: #define CODE_REJ 7 /* PPP code reject */
177: #define PROTO_REJ 8 /* PPP protocol reject */
178: #define ECHO_REQ 9 /* PPP echo request */
179: #define ECHO_REPLY 10 /* PPP echo reply */
180: #define DISC_REQ 11 /* PPP discard request */
181:
182: #define LCP_OPT_MRU 1 /* maximum receive unit */
183: #define LCP_OPT_ASYNC_MAP 2 /* async control character map */
184: #define LCP_OPT_AUTH_PROTO 3 /* authentication protocol */
185: #define LCP_OPT_QUAL_PROTO 4 /* quality protocol */
186: #define LCP_OPT_MAGIC 5 /* magic number */
187: #define LCP_OPT_RESERVED 6 /* reserved */
188: #define LCP_OPT_PROTO_COMP 7 /* protocol field compression */
189: #define LCP_OPT_ADDR_COMP 8 /* address/control field compression */
190:
191: #define IPCP_OPT_ADDRESSES 1 /* both IP addresses; deprecated */
192: #define IPCP_OPT_COMPRESSION 2 /* IP compression protocol (VJ) */
193: #define IPCP_OPT_ADDRESS 3 /* local IP address */
194:
195: #define PAP_REQ 1 /* PAP name/password request */
196: #define PAP_ACK 2 /* PAP acknowledge */
197: #define PAP_NAK 3 /* PAP fail */
198:
199: #define CHAP_CHALLENGE 1 /* CHAP challenge request */
200: #define CHAP_RESPONSE 2 /* CHAP challenge response */
201: #define CHAP_SUCCESS 3 /* CHAP response ok */
202: #define CHAP_FAILURE 4 /* CHAP response failed */
203:
204: #define CHAP_MD5 5 /* hash algorithm - MD5 */
205:
206: #define CISCO_MULTICAST 0x8f /* Cisco multicast address */
207: #define CISCO_UNICAST 0x0f /* Cisco unicast address */
208: #define CISCO_KEEPALIVE 0x8035 /* Cisco keepalive protocol */
209: #define CISCO_ADDR_REQ 0 /* Cisco address request */
210: #define CISCO_ADDR_REPLY 1 /* Cisco address reply */
211: #define CISCO_KEEPALIVE_REQ 2 /* Cisco keepalive request */
212:
213: /* states are named and numbered according to RFC 1661 */
214: #define STATE_INITIAL 0
215: #define STATE_STARTING 1
216: #define STATE_CLOSED 2
217: #define STATE_STOPPED 3
218: #define STATE_CLOSING 4
219: #define STATE_STOPPING 5
220: #define STATE_REQ_SENT 6
221: #define STATE_ACK_RCVD 7
222: #define STATE_ACK_SENT 8
223: #define STATE_OPENED 9
224:
225: struct ppp_header {
226: u_char address;
227: u_char control;
228: u_short protocol;
229: };
230: #define PPP_HEADER_LEN sizeof (struct ppp_header)
231:
232: struct lcp_header {
233: u_char type;
234: u_char ident;
235: u_short len;
236: };
237: #define LCP_HEADER_LEN sizeof (struct lcp_header)
238:
239: struct cisco_packet {
240: u_long type;
241: u_long par1;
242: u_long par2;
243: u_short rel;
244: u_short time0;
245: u_short time1;
246: };
247: #define CISCO_PACKET_LEN 18
248:
249: /*
250: * We follow the spelling and capitalization of RFC 1661 here, to make
251: * it easier comparing with the standard. Please refer to this RFC in
252: * case you can't make sense out of these abbreviation; it will also
253: * explain the semantics related to the various events and actions.
254: */
255: struct cp {
256: u_short proto; /* PPP control protocol number */
257: u_char protoidx; /* index into state table in struct sppp */
258: u_char flags;
259: #define CP_LCP 0x01 /* this is the LCP */
260: #define CP_AUTH 0x02 /* this is an authentication protocol */
261: #define CP_NCP 0x04 /* this is a NCP */
262: #define CP_QUAL 0x08 /* this is a quality reporting protocol */
263: const char *name; /* name of this control protocol */
264: /* event handlers */
265: void (*Up)(struct sppp *sp);
266: void (*Down)(struct sppp *sp);
267: void (*Open)(struct sppp *sp);
268: void (*Close)(struct sppp *sp);
269: void (*TO)(void *sp);
270: int (*RCR)(struct sppp *sp, struct lcp_header *h, int len);
271: void (*RCN_rej)(struct sppp *sp, struct lcp_header *h, int len);
272: void (*RCN_nak)(struct sppp *sp, struct lcp_header *h, int len);
273: /* actions */
274: void (*tlu)(struct sppp *sp);
275: void (*tld)(struct sppp *sp);
276: void (*tls)(struct sppp *sp);
277: void (*tlf)(struct sppp *sp);
278: void (*scr)(struct sppp *sp);
279: };
280:
281: static struct sppp *spppq;
282: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
283: static struct callout_handle keepalive_ch;
284: #endif
285:
286: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
287: #define SPP_FMT "%s%d: "
288: #define SPP_ARGS(ifp) (ifp)->if_name, (ifp)->if_unit
289: #else
290: #define SPP_FMT "%s: "
291: #define SPP_ARGS(ifp) (ifp)->if_xname
292: #endif
293:
294: /*
295: * The following disgusting hack gets around the problem that IP TOS
296: * can't be set yet. We want to put "interactive" traffic on a high
297: * priority queue. To decide if traffic is interactive, we check that
298: * a) it is TCP and b) one of its ports is telnet, rlogin or ftp control.
299: *
300: * XXX is this really still necessary? - joerg -
301: */
302: static u_short interactive_ports[8] = {
303: 0, 513, 0, 0,
304: 0, 21, 0, 23,
305: };
306: #define INTERACTIVE(p) (interactive_ports[(p) & 7] == (p))
307:
308: /* almost every function needs these */
309: #define STDDCL \
310: struct ifnet *ifp = &sp->pp_if; \
311: int debug = ifp->if_flags & IFF_DEBUG
312:
313: static int sppp_output(struct ifnet *ifp, struct mbuf *m,
314: struct sockaddr *dst, struct rtentry *rt);
315:
316: static void sppp_cisco_send(struct sppp *sp, int type, long par1, long par2);
317: static void sppp_cisco_input(struct sppp *sp, struct mbuf *m);
318:
319: static void sppp_cp_input(const struct cp *cp, struct sppp *sp,
320: struct mbuf *m);
321: static void sppp_cp_send(struct sppp *sp, u_short proto, u_char type,
322: u_char ident, u_short len, void *data);
323: /* static void sppp_cp_timeout(void *arg); */
324: static void sppp_cp_change_state(const struct cp *cp, struct sppp *sp,
325: int newstate);
326: static void sppp_auth_send(const struct cp *cp,
327: struct sppp *sp, unsigned int type, unsigned int id,
328: ...);
329:
330: static void sppp_up_event(const struct cp *cp, struct sppp *sp);
331: static void sppp_down_event(const struct cp *cp, struct sppp *sp);
332: static void sppp_open_event(const struct cp *cp, struct sppp *sp);
333: static void sppp_close_event(const struct cp *cp, struct sppp *sp);
334: static void sppp_to_event(const struct cp *cp, struct sppp *sp);
335:
336: static void sppp_null(struct sppp *sp);
337:
338: static void sppp_lcp_init(struct sppp *sp);
339: static void sppp_lcp_up(struct sppp *sp);
340: static void sppp_lcp_down(struct sppp *sp);
341: static void sppp_lcp_open(struct sppp *sp);
342: static void sppp_lcp_close(struct sppp *sp);
343: static void sppp_lcp_TO(void *sp);
344: static int sppp_lcp_RCR(struct sppp *sp, struct lcp_header *h, int len);
345: static void sppp_lcp_RCN_rej(struct sppp *sp, struct lcp_header *h, int len);
346: static void sppp_lcp_RCN_nak(struct sppp *sp, struct lcp_header *h, int len);
347: static void sppp_lcp_tlu(struct sppp *sp);
348: static void sppp_lcp_tld(struct sppp *sp);
349: static void sppp_lcp_tls(struct sppp *sp);
350: static void sppp_lcp_tlf(struct sppp *sp);
351: static void sppp_lcp_scr(struct sppp *sp);
352: static void sppp_lcp_check_and_close(struct sppp *sp);
353: static int sppp_ncp_check(struct sppp *sp);
354:
355: static void sppp_ipcp_init(struct sppp *sp);
356: static void sppp_ipcp_up(struct sppp *sp);
357: static void sppp_ipcp_down(struct sppp *sp);
358: static void sppp_ipcp_open(struct sppp *sp);
359: static void sppp_ipcp_close(struct sppp *sp);
360: static void sppp_ipcp_TO(void *sp);
361: static int sppp_ipcp_RCR(struct sppp *sp, struct lcp_header *h, int len);
362: static void sppp_ipcp_RCN_rej(struct sppp *sp, struct lcp_header *h, int len);
363: static void sppp_ipcp_RCN_nak(struct sppp *sp, struct lcp_header *h, int len);
364: static void sppp_ipcp_tlu(struct sppp *sp);
365: static void sppp_ipcp_tld(struct sppp *sp);
366: static void sppp_ipcp_tls(struct sppp *sp);
367: static void sppp_ipcp_tlf(struct sppp *sp);
368: static void sppp_ipcp_scr(struct sppp *sp);
369:
370: static void sppp_pap_input(struct sppp *sp, struct mbuf *m);
371: static void sppp_pap_init(struct sppp *sp);
372: static void sppp_pap_open(struct sppp *sp);
373: static void sppp_pap_close(struct sppp *sp);
374: static void sppp_pap_TO(void *sp);
375: static void sppp_pap_my_TO(void *sp);
376: static void sppp_pap_tlu(struct sppp *sp);
377: static void sppp_pap_tld(struct sppp *sp);
378: static void sppp_pap_scr(struct sppp *sp);
379:
380: static void sppp_chap_input(struct sppp *sp, struct mbuf *m);
381: static void sppp_chap_init(struct sppp *sp);
382: static void sppp_chap_open(struct sppp *sp);
383: static void sppp_chap_close(struct sppp *sp);
384: static void sppp_chap_TO(void *sp);
385: static void sppp_chap_tlu(struct sppp *sp);
386: static void sppp_chap_tld(struct sppp *sp);
387: static void sppp_chap_scr(struct sppp *sp);
388:
389: static const char *sppp_auth_type_name(u_short proto, u_char type);
390: static const char *sppp_cp_type_name(u_char type);
391: static const char *sppp_dotted_quad(u_long addr);
392: static const char *sppp_ipcp_opt_name(u_char opt);
393: static const char *sppp_lcp_opt_name(u_char opt);
394: static const char *sppp_phase_name(enum ppp_phase phase);
395: static const char *sppp_proto_name(u_short proto);
396: static const char *sppp_state_name(int state);
397: static int sppp_params(struct sppp *sp, u_long cmd, void *data);
398: static int sppp_strnlen(u_char *p, int max);
399: static void sppp_get_ip_addrs(struct sppp *sp, u_long *src, u_long *dst,
400: u_long *srcmask);
401: static void sppp_keepalive(void *dummy);
402: static void sppp_phase_network(struct sppp *sp);
403: static void sppp_print_bytes(const u_char *p, u_short len);
404: static void sppp_print_string(const char *p, u_short len);
405: static void sppp_qflush(struct ifqueue *ifq);
406: static void sppp_set_ip_addr(struct sppp *sp, u_long src);
407:
408: /* our control protocol descriptors */
409: static const struct cp lcp = {
410: PPP_LCP, IDX_LCP, CP_LCP, "lcp",
411: sppp_lcp_up, sppp_lcp_down, sppp_lcp_open, sppp_lcp_close,
412: sppp_lcp_TO, sppp_lcp_RCR, sppp_lcp_RCN_rej, sppp_lcp_RCN_nak,
413: sppp_lcp_tlu, sppp_lcp_tld, sppp_lcp_tls, sppp_lcp_tlf,
414: sppp_lcp_scr
415: };
416:
417: static const struct cp ipcp = {
418: PPP_IPCP, IDX_IPCP, CP_NCP, "ipcp",
419: sppp_ipcp_up, sppp_ipcp_down, sppp_ipcp_open, sppp_ipcp_close,
420: sppp_ipcp_TO, sppp_ipcp_RCR, sppp_ipcp_RCN_rej, sppp_ipcp_RCN_nak,
421: sppp_ipcp_tlu, sppp_ipcp_tld, sppp_ipcp_tls, sppp_ipcp_tlf,
422: sppp_ipcp_scr
423: };
424:
425: static const struct cp pap = {
426: PPP_PAP, IDX_PAP, CP_AUTH, "pap",
427: sppp_null, sppp_null, sppp_pap_open, sppp_pap_close,
428: sppp_pap_TO, 0, 0, 0,
429: sppp_pap_tlu, sppp_pap_tld, sppp_null, sppp_null,
430: sppp_pap_scr
431: };
432:
433: static const struct cp chap = {
434: PPP_CHAP, IDX_CHAP, CP_AUTH, "chap",
435: sppp_null, sppp_null, sppp_chap_open, sppp_chap_close,
436: sppp_chap_TO, 0, 0, 0,
437: sppp_chap_tlu, sppp_chap_tld, sppp_null, sppp_null,
438: sppp_chap_scr
439: };
440:
441: static const struct cp *cps[IDX_COUNT] = {
442: &lcp, /* IDX_LCP */
443: &ipcp, /* IDX_IPCP */
444: &pap, /* IDX_PAP */
445: &chap, /* IDX_CHAP */
446: };
447:
448:
449:
/*
450: * Exported functions, comprising our interface to the lower layer.
451: */
452:
453: /*
454: * Process the received packet.
455: */
456: void
457: sppp_input(struct ifnet *ifp, struct mbuf *m)
458: {
459: struct ppp_header *h;
460: struct ifqueue *inq = 0;
461: int s;
462: struct sppp *sp = (struct sppp *)ifp;
463: int debug = ifp->if_flags & IFF_DEBUG;
464:
465: if (ifp->if_flags & IFF_UP)
466: /* Count received bytes, add FCS and one flag */
467: ifp->if_ibytes += m->m_pkthdr.len + 3;
468:
469: if (m->m_pkthdr.len <= PPP_HEADER_LEN) {
470: /* Too small packet, drop it. */
471: if (debug)
472: log(LOG_DEBUG,
473: SPP_FMT "input packet is too small, %d bytes\n",
474: SPP_ARGS(ifp), m->m_pkthdr.len);
475: drop:
476: ++ifp->if_ierrors;
477: ++ifp->if_iqdrops;
478: m_freem (m);
479: return;
480: }
481:
482: /* Get PPP header. */
483: h = mtod (m, struct ppp_header*);
484: m_adj (m, PPP_HEADER_LEN);
485:
486: switch (h->address) {
487: case PPP_ALLSTATIONS:
488: if (h->control != PPP_UI)
489: goto invalid;
490: if (sp->pp_flags & PP_CISCO) {
491: if (debug)
492: log(LOG_DEBUG,
493: SPP_FMT "PPP packet in Cisco mode "
494: "<addr=0x%x ctrl=0x%x proto=0x%x>\n",
495: SPP_ARGS(ifp),
496: h->address, h->control, ntohs(h->protocol));
497: goto drop;
498: }
499: switch (ntohs (h->protocol)) {
500: default:
501: if (sp->state[IDX_LCP] == STATE_OPENED)
502: sppp_cp_send (sp, PPP_LCP, PROTO_REJ,
503: ++sp->pp_seq, m->m_pkthdr.len + 2,
504: &h->protocol);
505: if (debug)
506: log(LOG_DEBUG,
507: SPP_FMT "invalid input protocol "
508: "<addr=0x%x ctrl=0x%x proto=0x%x>\n",
509: SPP_ARGS(ifp),
510: h->address, h->control, ntohs(h->protocol));
511: ++ifp->if_noproto;
512: goto drop;
513: case PPP_LCP:
514: sppp_cp_input(&lcp, sp, m);
515: m_freem (m);
516: return;
517: case PPP_PAP:
518: if (sp->pp_phase >= PHASE_AUTHENTICATE)
519: sppp_pap_input(sp, m);
520: m_freem (m);
521: return;
522: case PPP_CHAP:
523: if (sp->pp_phase >= PHASE_AUTHENTICATE)
524: sppp_chap_input(sp, m);
525: m_freem (m);
526: return;
527: #if INET
528: case PPP_IPCP:
529: if (sp->pp_phase == PHASE_NETWORK)
530: sppp_cp_input(&ipcp, sp, m);
531: m_freem (m);
532: return;
533: case PPP_IP:
534: if (sp->state[IDX_IPCP] == STATE_OPENED) {
535: schednetisr (NETISR_IP);
536: inq = &ipintrq;
537: }
538: break;
539: #endif
540: #if IPX
541: case PPP_IPX:
542: /* IPX IPXCP not implemented yet */
543: if (sp->pp_phase == PHASE_NETWORK) {
544: schednetisr (NETISR_IPX);
545: inq = &ipxintrq;
546: }
547: break;
548: #endif
549: #if NS
550: case PPP_XNS:
551: /* XNS IDPCP not implemented yet */
552: if (sp->pp_phase == PHASE_NETWORK) {
553: schednetisr (NETISR_NS);
554: inq = &nsintrq;
555: }
556: break;
557: #endif
558: #if ISO
559: case PPP_ISO:
560: /* OSI NLCP not implemented yet */
561: if (sp->pp_phase == PHASE_NETWORK) {
562: schednetisr (NETISR_ISO);
563: inq = &clnlintrq;
564: }
565: break;
566: #endif
567: }
568: break;
569: case CISCO_MULTICAST:
570: case CISCO_UNICAST:
571: /* Don't check the control field here (RFC 1547). */
572: if (! (sp->pp_flags & PP_CISCO)) {
573: if (debug)
574: log(LOG_DEBUG,
575: SPP_FMT "Cisco packet in PPP mode "
576: "<addr=0x%x ctrl=0x%x proto=0x%x>\n",
577: SPP_ARGS(ifp),
578: h->address, h->control, ntohs(h->protocol));
579: goto drop;
580: }
581: switch (ntohs (h->protocol)) {
582: default:
583: ++ifp->if_noproto;
584: goto invalid;
585: case CISCO_KEEPALIVE:
586: sppp_cisco_input ((struct sppp*) ifp, m);
587: m_freem (m);
588: return;
589: #if INET
590: case ETHERTYPE_IP:
591: schednetisr (NETISR_IP);
592: inq = &ipintrq;
593: break;
594: #endif
595: #if IPX
596: case ETHERTYPE_IPX:
597: schednetisr (NETISR_IPX);
598: inq = &ipxintrq;
599: break;
600: #endif
601: #if NS
602: case ETHERTYPE_NS:
603: schednetisr (NETISR_NS);
604: inq = &nsintrq;
605: break;
606: #endif
607: }
608: break;
609: default: /* Invalid PPP packet. */
610: invalid:
611: if (debug)
612: log(LOG_DEBUG,
613: SPP_FMT "invalid input packet "
614: "<addr=0x%x ctrl=0x%x proto=0x%x>\n",
615: SPP_ARGS(ifp),
616: h->address, h->control, ntohs(h->protocol));
617: goto drop;
618: }
619:
620: if (! (ifp->if_flags & IFF_UP) || ! inq)
621: goto drop;
622:
623: /* Check queue. */
624: s = splimp();
625: if (IF_QFULL (inq)) {
626: /* Queue overflow. */
627: IF_DROP(inq);
628: splx(s);
629: if (debug)
630: log(LOG_DEBUG, SPP_FMT "protocol queue overflow\n",
631: SPP_ARGS(ifp));
632: goto drop;
633: }
634: IF_ENQUEUE(inq, m);
635: splx(s);
636: }
637:
638: /*
639: * Enqueue transmit packet.
640: */
641: static int
642: sppp_output(struct ifnet *ifp, struct mbuf *m,
643: struct sockaddr *dst, struct rtentry *rt)
644: {
645: struct sppp *sp = (struct sppp*) ifp;
646: struct ppp_header *h;
647: struct ifqueue *ifq;
648: int s, rv = 0;
649: int debug = ifp->if_flags & IFF_DEBUG;
650:
651: s = splimp();
652:
653: if ((ifp->if_flags & IFF_UP) == 0 ||
654: (ifp->if_flags & (IFF_RUNNING | IFF_AUTO)) == 0) {
655: m_freem (m);
656: splx (s);
657: return (ENETDOWN);
658: }
659:
660: if ((ifp->if_flags & (IFF_RUNNING | IFF_AUTO)) == IFF_AUTO) {
661: /*
662: * Interface is not yet running, but auto-dial. Need
663: * to start LCP for it.
664: */
665: ifp->if_flags |= IFF_RUNNING;
666: splx(s);
667: lcp.Open(sp);
668: s = splimp();
669: }
670:
671: ifq = &ifp->if_snd;
672: #if INET
673: if (dst->sa_family == AF_INET) {
674: /* XXX Check mbuf length here? */
675: struct ip *ip = mtod (m, struct ip*);
676: struct tcphdr *tcp = (struct tcphdr*) ((long*)ip + ip->ip_hl);
677:
678: /*
679: * When using dynamic local IP address assignment by using
680: * 0.0.0.0 as a local address, the first TCP session will
681: * not connect because the local TCP checksum is computed
682: * using 0.0.0.0 which will later become our real IP address
683: * so the TCP checksum computed at the remote end will
684: * become invalid. So we
685: * - don't let packets with src ip addr 0 thru
686: * - we flag TCP packets with src ip 0 as an error
687: */
688:
689: if(ip->ip_src.s_addr == INADDR_ANY) /* -hm */
690: {
691: m_freem(m);
692: splx(s);
693: if(ip->ip_p == IPPROTO_TCP)
694: return(EADDRNOTAVAIL);
695: else
696: return(0);
697: }
698:
699: /*
700: * Put low delay, telnet, rlogin and ftp control packets
701: * in front of the queue.
702: */
703: if (IF_QFULL (&sp->pp_fastq))
704: ;
705: else if (ip->ip_tos & IPTOS_LOWDELAY)
706: ifq = &sp->pp_fastq;
707: else if (m->m_len < sizeof *ip + sizeof *tcp)
708: ;
709: else if (ip->ip_p != IPPROTO_TCP)
710: ;
711: else if (INTERACTIVE (ntohs (tcp->th_sport)))
712: ifq = &sp->pp_fastq;
713: else if (INTERACTIVE (ntohs (tcp->th_dport)))
714: ifq = &sp->pp_fastq;
715: }
716: #endif
717:
718: /*
719: * Prepend general data packet PPP header. For now, IP only.
720: */
721: M_PREPEND (m, PPP_HEADER_LEN, M_DONTWAIT);
722: if (! m) {
723: if (debug)
724: log(LOG_DEBUG, SPP_FMT "no memory for transmit header\n",
725: SPP_ARGS(ifp));
726: ++ifp->if_oerrors;
727: splx (s);
728: return (ENOBUFS);
729: }
730: /*
731: * May want to check size of packet
732: * (albeit due to the implementation it's always enough)
733: */
734: h = mtod (m, struct ppp_header*);
735: if (sp->pp_flags & PP_CISCO) {
736: h->address = CISCO_UNICAST; /* unicast address */
737: h->control = 0;
738: } else {
739: h->address = PPP_ALLSTATIONS; /* broadcast address */
740: h->control = PPP_UI; /* Unnumbered Info */
741: }
742:
743: switch (dst->sa_family) {
744: #if INET
745: case AF_INET: /* Internet Protocol */
746: if (sp->pp_flags & PP_CISCO)
747: h->protocol = htons (ETHERTYPE_IP);
748: else {
749: /*
750: * Don't choke with an ENETDOWN early. It's
751: * possible that we just started dialing out,
752: * so don't drop the packet immediately. If
753: * we notice that we run out of buffer space
754: * below, we will however remember that we are
755: * not ready to carry IP packets, and return
756: * ENETDOWN, as opposed to ENOBUFS.
757: */
758: h->protocol = htons(PPP_IP);
759: if (sp->state[IDX_IPCP] != STATE_OPENED)
760: rv = ENETDOWN;
761: }
762: break;
763: #endif
764: #if NS
765: case AF_NS: /* Xerox NS Protocol */
766: h->protocol = htons ((sp->pp_flags & PP_CISCO) ?
767: ETHERTYPE_NS : PPP_XNS);
768: break;
769: #endif
770: #if IPX
771: case AF_IPX: /* Novell IPX Protocol */
772: h->protocol = htons ((sp->pp_flags & PP_CISCO) ?
773: ETHERTYPE_IPX : PPP_IPX);
774: break;
775: #endif
776: #if ISO
777: case AF_ISO: /* ISO OSI Protocol */
778: if (sp->pp_flags & PP_CISCO)
779: goto nosupport;
780: h->protocol = htons (PPP_ISO);
781: break;
782: nosupport:
783: #endif
784: default:
785: m_freem (m);
786: ++ifp->if_oerrors;
787: splx (s);
788: return (EAFNOSUPPORT);
789: }
790:
791: /*
792: * Queue message on interface, and start output if interface
793: * not yet active.
794: */
795: if (IF_QFULL (ifq)) {
796: IF_DROP (&ifp->if_snd);
797: m_freem (m);
798: ++ifp->if_oerrors;
799: splx (s);
800: return (rv? rv: ENOBUFS);
801: }
802: IF_ENQUEUE (ifq, m);
803: if (! (ifp->if_flags & IFF_OACTIVE))
804: (*ifp->if_start) (ifp);
805:
806: /*
807: * Count output packets and bytes.
808: * The packet length includes header, FCS and 1 flag,
809: * according to RFC 1333.
810: */
811: ifp->if_obytes += m->m_pkthdr.len + 3;
812: splx (s);
813: return (0);
814: }
815:
816: void
817: sppp_attach(struct ifnet *ifp)
818: {
819: struct sppp *sp = (struct sppp*) ifp;
820:
821: /* Initialize keepalive handler. */
822: if (! spppq)
823: TIMEOUT(sppp_keepalive, 0, hz * 10, keepalive_ch);
824:
825: /* Insert new entry into the keepalive list. */
826: sp->pp_next = spppq;
827: spppq = sp;
828:
829: sp->pp_if.if_mtu = PP_MTU;
830: sp->pp_if.if_flags = IFF_POINTOPOINT | IFF_MULTICAST;
831: sp->pp_if.if_type = IFT_PPP;
832: sp->pp_if.if_output = sppp_output;
833: #if 0
834: sp->pp_flags = PP_KEEPALIVE;
835: #endif
836: sp->pp_fastq.ifq_maxlen = 32;
837: sp->pp_cpq.ifq_maxlen = 20;
838: sp->pp_loopcnt = 0;
839: sp->pp_alivecnt = 0;
840: sp->pp_seq = 0;
841: sp->pp_rseq = 0;
842: sp->pp_phase = PHASE_DEAD;
843: sp->pp_up = lcp.Up;
844: sp->pp_down = lcp.Down;
845:
846: sppp_lcp_init(sp);
847: sppp_ipcp_init(sp);
848: sppp_pap_init(sp);
849: sppp_chap_init(sp);
850: }
851:
852: void
853: sppp_detach(struct ifnet *ifp)
854: {
855: struct sppp **q, *p, *sp = (struct sppp*) ifp;
856: int i;
857:
858: /* Remove the entry from the keepalive list. */
859: for (q = &spppq; (p = *q); q = &p->pp_next)
860: if (p == sp) {
861: *q = p->pp_next;
862: break;
863: }
864:
865: /* Stop keepalive handler. */
866: if (! spppq)
867: UNTIMEOUT(sppp_keepalive, 0, keepalive_ch);
868:
869: for (i = 0; i < IDX_COUNT; i++)
870: UNTIMEOUT((cps[i])->TO, (void *)sp, sp->ch[i]);
871: UNTIMEOUT(sppp_pap_my_TO, (void *)sp, sp->pap_my_to_ch);
872: }
873:
874: /*
875: * Flush the interface output queue.
876: */
877: void
878: sppp_flush(struct ifnet *ifp)
879: {
880: struct sppp *sp = (struct sppp*) ifp;
881:
882: sppp_qflush (&sp->pp_if.if_snd);
883: sppp_qflush (&sp->pp_fastq);
884: sppp_qflush (&sp->pp_cpq);
885: }
886:
887: /*
888: * Check if the output queue is empty.
889: */
890: int
891: sppp_isempty(struct ifnet *ifp)
892: {
893: struct sppp *sp = (struct sppp*) ifp;
894: int empty, s;
895:
896: s = splimp();
897: empty = !sp->pp_fastq.ifq_head && !sp->pp_cpq.ifq_head &&
898: !sp->pp_if.if_snd.ifq_head;
899: splx(s);
900: return (empty);
901: }
902:
903: /*
904: * Get next packet to send.
905: */
906: struct mbuf *
907: sppp_dequeue(struct ifnet *ifp)
908: {
909: struct sppp *sp = (struct sppp*) ifp;
910: struct mbuf *m;
911: int s;
912:
913: s = splimp();
914: /*
915: * Process only the control protocol queue until we have at
916: * least one NCP open.
917: *
918: * Do always serve all three queues in Cisco mode.
919: */
920: IF_DEQUEUE(&sp->pp_cpq, m);
921: if (m == NULL &&
922: (sppp_ncp_check(sp) || (sp->pp_flags & PP_CISCO) != 0)) {
923: IF_DEQUEUE(&sp->pp_fastq, m);
924: if (m == NULL)
925: IF_DEQUEUE (&sp->pp_if.if_snd, m);
926: }
927: splx(s);
928: return m;
929: }
930:
931: /*
932: * Pick the next packet, do not remove it from the queue.
933: */
934: struct mbuf *
935: sppp_pick(struct ifnet *ifp)
936: {
937: struct sppp *sp = (struct sppp*)ifp;
938: struct mbuf *m;
939: int s;
940:
941: s= splimp ();
942:
943: m = sp->pp_cpq.ifq_head;
944: if (m == NULL &&
945: (sp->pp_phase == PHASE_NETWORK ||
946: (sp->pp_flags & PP_CISCO) != 0))
947: if ((m = sp->pp_fastq.ifq_head) == NULL)
948: m = sp->pp_if.if_snd.ifq_head;
949: splx (s);
950: return (m);
951: }
952:
953: /*
954: * Process an ioctl request. Called on low priority level.
955: */
956: int
957: sppp_ioctl(struct ifnet *ifp, IOCTL_CMD_T cmd, void *data)
958: {
959: struct ifreq *ifr = (struct ifreq*) data;
960: struct sppp *sp = (struct sppp*) ifp;
961: int s, rv, going_up, going_down, newmode;
962:
963: s = splimp();
964: rv = 0;
965: switch (cmd) {
966: case SIOCAIFADDR:
967: case SIOCSIFDSTADDR:
968: break;
969:
970: case SIOCSIFADDR:
971: if_up(ifp);
972: /* fall through... */
973:
974: case SIOCSIFFLAGS:
975: going_up = ifp->if_flags & IFF_UP &&
976: (ifp->if_flags & IFF_RUNNING) == 0;
977: going_down = (ifp->if_flags & IFF_UP) == 0 &&
978: ifp->if_flags & IFF_RUNNING;
979: newmode = ifp->if_flags & (IFF_AUTO | IFF_PASSIVE);
980: if (newmode == (IFF_AUTO | IFF_PASSIVE)) {
981: /* sanity */
982: newmode = IFF_PASSIVE;
983: ifp->if_flags &= ~IFF_AUTO;
984: }
985:
986: if (going_up || going_down)
987: lcp.Close(sp);
988: if (going_up && newmode == 0) {
989: /* neither auto-dial nor passive */
990: ifp->if_flags |= IFF_RUNNING;
991: if (!(sp->pp_flags & PP_CISCO))
992: lcp.Open(sp);
993: } else if (going_down) {
994: sppp_flush(ifp);
995: ifp->if_flags &= ~IFF_RUNNING;
996: }
997:
998: break;
999:
1000: #ifdef SIOCSIFMTU
1001: #ifndef ifr_mtu
1002: #define ifr_mtu ifr_metric
1003: #endif
1004: case SIOCSIFMTU:
1005: if (ifr->ifr_mtu < 128 || ifr->ifr_mtu > sp->lcp.their_mru)
1006: return (EINVAL);
1007: ifp->if_mtu = ifr->ifr_mtu;
1008: break;
1009: #endif
1010: #ifdef SLIOCSETMTU
1011: case SLIOCSETMTU:
1012: if (*(short*)data < 128 || *(short*)data > sp->lcp.their_mru)
1013: return (EINVAL);
1014: ifp->if_mtu = *(short*)data;
1015: break;
1016: #endif
1017: #ifdef SIOCGIFMTU
1018: case SIOCGIFMTU:
1019: ifr->ifr_mtu = ifp->if_mtu;
1020: break;
1021: #endif
1022: #ifdef SLIOCGETMTU
1023: case SLIOCGETMTU:
1024: *(short*)data = ifp->if_mtu;
1025: break;
1026: #endif
1027: case SIOCADDMULTI:
1028: case SIOCDELMULTI:
1029: break;
1030:
1031: case SIOCGIFGENERIC:
1032: case SIOCSIFGENERIC:
1033: rv = sppp_params(sp, cmd, data);
1034: break;
1035:
1036: default:
1037: rv = ENOTTY;
1038: }
1039: splx(s);
1040: return rv;
1041: }
1042:
1043:
1044:
/*
1045: * Cisco framing implementation.
1046: */
1047:
1048: /*
1049: * Handle incoming Cisco keepalive protocol packets.
1050: */
1051: static void
1052: sppp_cisco_input(struct sppp *sp, struct mbuf *m)
1053: {
1054: STDDCL;
1055: struct cisco_packet *h;
1056: u_long me, mymask;
1057:
1058: if (m->m_pkthdr.len < CISCO_PACKET_LEN) {
1059: if (debug)
1060: log(LOG_DEBUG,
1061: SPP_FMT "cisco invalid packet length: %d bytes\n",
1062: SPP_ARGS(ifp), m->m_pkthdr.len);
1063: return;
1064: }
1065: h = mtod (m, struct cisco_packet*);
1066: if (debug)
1067: log(LOG_DEBUG,
1068: SPP_FMT "cisco input: %d bytes "
1069: "<0x%lx 0x%lx 0x%lx 0x%x 0x%x-0x%x>\n",
1070: SPP_ARGS(ifp), m->m_pkthdr.len,
1071: (u_long)ntohl (h->type), (u_long)h->par1, (u_long)h->par2, (u_int)h->rel,
1072: (u_int)h->time0, (u_int)h->time1);
1073: switch (ntohl (h->type)) {
1074: default:
1075: if (debug)
1076: addlog(SPP_FMT "cisco unknown packet type: 0x%lx\n",
1077: SPP_ARGS(ifp), (u_long)ntohl (h->type));
1078: break;
1079: case CISCO_ADDR_REPLY:
1080: /* Reply on address request, ignore */
1081: break;
1082: case CISCO_KEEPALIVE_REQ:
1083: sp->pp_alivecnt = 0;
1084: sp->pp_rseq = ntohl (h->par1);
1085: if (sp->pp_seq == sp->pp_rseq) {
1086: /* Local and remote sequence numbers are equal.
1087: * Probably, the line is in loopback mode. */
1088: if (sp->pp_loopcnt >= MAXALIVECNT) {
1089: printf (SPP_FMT "loopback\n",
1090: SPP_ARGS(ifp));
1091: sp->pp_loopcnt = 0;
1092: if (ifp->if_flags & IFF_UP) {
1093: if_down (ifp);
1094: sppp_qflush (&sp->pp_cpq);
1095: }
1096: }
1097: ++sp->pp_loopcnt;
1098:
1099: /* Generate new local sequence number */
1100: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
1101: sp->pp_seq = random();
1102: #else
1103: sp->pp_seq ^= time.tv_sec ^ time.tv_usec;
1104: #endif
1105: break;
1106: }
1107: sp->pp_loopcnt = 0;
1108: if (! (ifp->if_flags & IFF_UP) &&
1109: (ifp->if_flags & IFF_RUNNING)) {
1110: if_up(ifp);
1111: printf (SPP_FMT "up\n", SPP_ARGS(ifp));
1112: }
1113: break;
1114: case CISCO_ADDR_REQ:
1115: sppp_get_ip_addrs(sp, &me, 0, &mymask);
1116: if (me != 0L)
1117: sppp_cisco_send(sp, CISCO_ADDR_REPLY, me, mymask);
1118: break;
1119: }
1120: }
1121:
1122: /*
1123: * Send Cisco keepalive packet.
1124: */
1125: static void
1126: sppp_cisco_send(struct sppp *sp, int type, long par1, long par2)
1127: {
1128: STDDCL;
1129: struct ppp_header *h;
1130: struct cisco_packet *ch;
1131: struct mbuf *m;
1132: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
1133: struct timeval tv;
1134: #else
1135: u_long t = (time.tv_sec - boottime.tv_sec) * 1000;
1136: #endif
1137:
1138: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
1139: getmicrouptime(&tv);
1140: #endif
1141:
1142: MGETHDR (m, M_DONTWAIT, MT_DATA);
1143: if (! m)
1144: return;
1145: m->m_pkthdr.len = m->m_len = PPP_HEADER_LEN + CISCO_PACKET_LEN;
1146: m->m_pkthdr.rcvif = 0;
1147:
1148: h = mtod (m, struct ppp_header*);
1149: h->address = CISCO_MULTICAST;
1150: h->control = 0;
1151: h->protocol = htons (CISCO_KEEPALIVE);
1152:
1153: ch = (struct cisco_packet*) (h + 1);
1154: ch->type = htonl (type);
1155: ch->par1 = htonl (par1);
1156: ch->par2 = htonl (par2);
1157: ch->rel = -1;
1158:
1159: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
1160: ch->time0 = htons ((u_short) (tv.tv_sec >> 16));
1161: ch->time1 = htons ((u_short) tv.tv_sec);
1162: #else
1163: ch->time0 = htons ((u_short) (t >> 16));
1164: ch->time1 = htons ((u_short) t);
1165: #endif
1166:
1167: if (debug)
1168: log(LOG_DEBUG,
1169: SPP_FMT "cisco output: <0x%lx 0x%lx 0x%lx 0x%x 0x%x-0x%x>\n",
1170: SPP_ARGS(ifp), (u_long)ntohl (ch->type), (u_long)ch->par1,
1171: (u_long)ch->par2, (u_int)ch->rel, (u_int)ch->time0, (u_int)ch->time1);
1172:
1173: if (IF_QFULL (&sp->pp_cpq)) {
1174: IF_DROP (&sp->pp_fastq);
1175: IF_DROP (&ifp->if_snd);
1176: m_freem (m);
1177: } else
1178: IF_ENQUEUE (&sp->pp_cpq, m);
1179: if (! (ifp->if_flags & IFF_OACTIVE))
1180: (*ifp->if_start) (ifp);
1181: ifp->if_obytes += m->m_pkthdr.len + 3;
1182: }
1183:
1184:
/*
1185: * PPP protocol implementation.
1186: */
1187:
1188: /*
1189: * Send PPP control protocol packet.
1190: */
1191: static void
1192: sppp_cp_send(struct sppp *sp, u_short proto, u_char type,
1193: u_char ident, u_short len, void *data)
1194: {
1195: STDDCL;
1196: struct ppp_header *h;
1197: struct lcp_header *lh;
1198: struct mbuf *m;
1199:
1200: if (len > MHLEN - PPP_HEADER_LEN - LCP_HEADER_LEN)
1201: len = MHLEN - PPP_HEADER_LEN - LCP_HEADER_LEN;
1202: MGETHDR (m, M_DONTWAIT, MT_DATA);
1203: if (! m)
1204: return;
1205: m->m_pkthdr.len = m->m_len = PPP_HEADER_LEN + LCP_HEADER_LEN + len;
1206: m->m_pkthdr.rcvif = 0;
1207:
1208: h = mtod (m, struct ppp_header*);
1209: h->address = PPP_ALLSTATIONS; /* broadcast address */
1210: h->control = PPP_UI; /* Unnumbered Info */
1211: h->protocol = htons (proto); /* Link Control Protocol */
1212:
1213: lh = (struct lcp_header*) (h + 1);
1214: lh->type = type;
1215: lh->ident = ident;
1216: lh->len = htons (LCP_HEADER_LEN + len);
1217: if (len)
1218: bcopy (data, lh+1, len);
1219:
1220: if (debug) {
1221: log(LOG_DEBUG, SPP_FMT "%s output <%s id=0x%x len=%d",
1222: SPP_ARGS(ifp),
1223: sppp_proto_name(proto),
1224: sppp_cp_type_name (lh->type), lh->ident,
1225: ntohs (lh->len));
1226: if (len)
1227: sppp_print_bytes ((u_char*) (lh+1), len);
1228: addlog(">\n");
1229: }
1230: if (IF_QFULL (&sp->pp_cpq)) {
1231: IF_DROP (&sp->pp_fastq);
1232: IF_DROP (&ifp->if_snd);
1233: m_freem (m);
1234: ++ifp->if_oerrors;
1235: } else
1236: IF_ENQUEUE (&sp->pp_cpq, m);
1237: if (! (ifp->if_flags & IFF_OACTIVE))
1238: (*ifp->if_start) (ifp);
1239: ifp->if_obytes += m->m_pkthdr.len + 3;
1240: }
1241:
1242: /*
1243: * Handle incoming PPP control protocol packets.
1244: */
1245: static void
1246: sppp_cp_input(const struct cp *cp, struct sppp *sp, struct mbuf *m)
1247: {
1248: STDDCL;
1249: struct lcp_header *h;
1250: int len = m->m_pkthdr.len;
1251: int rv;
1252: u_char *p;
1253:
1254: if (len < 4) {
1255: if (debug)
1256: log(LOG_DEBUG,
1257: SPP_FMT "%s invalid packet length: %d bytes\n",
1258: SPP_ARGS(ifp), cp->name, len);
1259: return;
1260: }
1261: h = mtod (m, struct lcp_header*);
1262: if (debug) {
1263: log(LOG_DEBUG,
1264: SPP_FMT "%s input(%s): <%s id=0x%x len=%d",
1265: SPP_ARGS(ifp), cp->name,
1266: sppp_state_name(sp->state[cp->protoidx]),
1267: sppp_cp_type_name (h->type), h->ident, ntohs (h->len));
1268: if (len > 4)
1269: sppp_print_bytes ((u_char*) (h+1), len-4);
1270: addlog(">\n");
1271: }
1272: if (len > ntohs (h->len))
1273: len = ntohs (h->len);
1274: p = (u_char *)(h + 1);
1275: switch (h->type) {
1276: case CONF_REQ:
1277: if (len < 4) {
1278: if (debug)
1279: addlog(SPP_FMT "%s invalid conf-req length %d\n",
1280: SPP_ARGS(ifp), cp->name,
1281: len);
1282: ++ifp->if_ierrors;
1283: break;
1284: }
1285: /* handle states where RCR doesn't get a SCA/SCN */
1286: switch (sp->state[cp->protoidx]) {
1287: case STATE_CLOSING:
1288: case STATE_STOPPING:
1289: return;
1290: case STATE_CLOSED:
1291: sppp_cp_send(sp, cp->proto, TERM_ACK, h->ident,
1292: 0, 0);
1293: return;
1294: }
1295: rv = (cp->RCR)(sp, h, len);
1296: switch (sp->state[cp->protoidx]) {
1297: case STATE_OPENED:
1298: (cp->tld)(sp);
1299: (cp->scr)(sp);
1300: /* fall through... */
1301: case STATE_ACK_SENT:
1302: case STATE_REQ_SENT:
1303: sppp_cp_change_state(cp, sp, rv?
1304: STATE_ACK_SENT: STATE_REQ_SENT);
1305: break;
1306: case STATE_STOPPED:
1307: sp->rst_counter[cp->protoidx] = sp->lcp.max_configure;
1308: (cp->scr)(sp);
1309: sppp_cp_change_state(cp, sp, rv?
1310: STATE_ACK_SENT: STATE_REQ_SENT);
1311: break;
1312: case STATE_ACK_RCVD:
1313: if (rv) {
1314: sppp_cp_change_state(cp, sp, STATE_OPENED);
1315: if (debug)
1316: log(LOG_DEBUG, SPP_FMT "%s tlu\n",
1317: SPP_ARGS(ifp),
1318: cp->name);
1319: (cp->tlu)(sp);
1320: } else
1321: sppp_cp_change_state(cp, sp, STATE_ACK_RCVD);
1322: break;
1323: default:
1324: printf(SPP_FMT "%s illegal %s in state %s\n",
1325: SPP_ARGS(ifp), cp->name,
1326: sppp_cp_type_name(h->type),
1327: sppp_state_name(sp->state[cp->protoidx]));
1328: ++ifp->if_ierrors;
1329: }
1330: break;
1331: case CONF_ACK:
1332: if (h->ident != sp->confid[cp->protoidx]) {
1333: if (debug)
1334: addlog(SPP_FMT "%s id mismatch 0x%x != 0x%x\n",
1335: SPP_ARGS(ifp), cp->name,
1336: h->ident, sp->confid[cp->protoidx]);
1337: ++ifp->if_ierrors;
1338: break;
1339: }
1340: switch (sp->state[cp->protoidx]) {
1341: case STATE_CLOSED:
1342: case STATE_STOPPED:
1343: sppp_cp_send(sp, cp->proto, TERM_ACK, h->ident, 0, 0);
1344: break;
1345: case STATE_CLOSING:
1346: case STATE_STOPPING:
1347: break;
1348: case STATE_REQ_SENT:
1349: sp->rst_counter[cp->protoidx] = sp->lcp.max_configure;
1350: sppp_cp_change_state(cp, sp, STATE_ACK_RCVD);
1351: break;
1352: case STATE_OPENED:
1353: (cp->tld)(sp);
1354: /* fall through */
1355: case STATE_ACK_RCVD:
1356: (cp->scr)(sp);
1357: sppp_cp_change_state(cp, sp, STATE_REQ_SENT);
1358: break;
1359: case STATE_ACK_SENT:
1360: sp->rst_counter[cp->protoidx] = sp->lcp.max_configure;
1361: sppp_cp_change_state(cp, sp, STATE_OPENED);
1362: if (debug)
1363: log(LOG_DEBUG, SPP_FMT "%s tlu\n",
1364: SPP_ARGS(ifp), cp->name);
1365: (cp->tlu)(sp);
1366: break;
1367: default:
1368: printf(SPP_FMT "%s illegal %s in state %s\n",
1369: SPP_ARGS(ifp), cp->name,
1370: sppp_cp_type_name(h->type),
1371: sppp_state_name(sp->state[cp->protoidx]));
1372: ++ifp->if_ierrors;
1373: }
1374: break;
1375: case CONF_NAK:
1376: case CONF_REJ:
1377: if (h->ident != sp->confid[cp->protoidx]) {
1378: if (debug)
1379: addlog(SPP_FMT "%s id mismatch 0x%x != 0x%x\n",
1380: SPP_ARGS(ifp), cp->name,
1381: h->ident, sp->confid[cp->protoidx]);
1382: ++ifp->if_ierrors;
1383: break;
1384: }
1385: if (h->type == CONF_NAK)
1386: (cp->RCN_nak)(sp, h, len);
1387: else /* CONF_REJ */
1388: (cp->RCN_rej)(sp, h, len);
1389:
1390: switch (sp->state[cp->protoidx]) {
1391: case STATE_CLOSED:
1392: case STATE_STOPPED:
1393: sppp_cp_send(sp, cp->proto, TERM_ACK, h->ident, 0, 0);
1394: break;
1395: case STATE_REQ_SENT:
1396: case STATE_ACK_SENT:
1397: sp->rst_counter[cp->protoidx] = sp->lcp.max_configure;
1398: (cp->scr)(sp);
1399: break;
1400: case STATE_OPENED:
1401: (cp->tld)(sp);
1402: /* fall through */
1403: case STATE_ACK_RCVD:
1404: sppp_cp_change_state(cp, sp, STATE_ACK_SENT);
1405: (cp->scr)(sp);
1406: break;
1407: case STATE_CLOSING:
1408: case STATE_STOPPING:
1409: break;
1410: default:
1411: printf(SPP_FMT "%s illegal %s in state %s\n",
1412: SPP_ARGS(ifp), cp->name,
1413: sppp_cp_type_name(h->type),
1414: sppp_state_name(sp->state[cp->protoidx]));
1415: ++ifp->if_ierrors;
1416: }
1417: break;
1418:
1419: case TERM_REQ:
1420: switch (sp->state[cp->protoidx]) {
1421: case STATE_ACK_RCVD:
1422: case STATE_ACK_SENT:
1423: sppp_cp_change_state(cp, sp, STATE_REQ_SENT);
1424: /* fall through */
1425: case STATE_CLOSED:
1426: case STATE_STOPPED:
1427: case STATE_CLOSING:
1428: case STATE_STOPPING:
1429: case STATE_REQ_SENT:
1430: sta:
1431: /* Send Terminate-Ack packet. */
1432: if (debug)
1433: log(LOG_DEBUG, SPP_FMT "%s send terminate-ack\n",
1434: SPP_ARGS(ifp), cp->name);
1435: sppp_cp_send(sp, cp->proto, TERM_ACK, h->ident, 0, 0);
1436: break;
1437: case STATE_OPENED:
1438: (cp->tld)(sp);
1439: sp->rst_counter[cp->protoidx] = 0;
1440: sppp_cp_change_state(cp, sp, STATE_STOPPING);
1441: goto sta;
1442: break;
1443: default:
1444: printf(SPP_FMT "%s illegal %s in state %s\n",
1445: SPP_ARGS(ifp), cp->name,
1446: sppp_cp_type_name(h->type),
1447: sppp_state_name(sp->state[cp->protoidx]));
1448: ++ifp->if_ierrors;
1449: }
1450: break;
1451: case TERM_ACK:
1452: switch (sp->state[cp->protoidx]) {
1453: case STATE_CLOSED:
1454: case STATE_STOPPED:
1455: case STATE_REQ_SENT:
1456: case STATE_ACK_SENT:
1457: break;
1458: case STATE_CLOSING:
1459: sppp_cp_change_state(cp, sp, STATE_CLOSED);
1460: (cp->tlf)(sp);
1461: break;
1462: case STATE_STOPPING:
1463: sppp_cp_change_state(cp, sp, STATE_STOPPED);
1464: (cp->tlf)(sp);
1465: break;
1466: case STATE_ACK_RCVD:
1467: sppp_cp_change_state(cp, sp, STATE_REQ_SENT);
1468: break;
1469: case STATE_OPENED:
1470: (cp->tld)(sp);
1471: (cp->scr)(sp);
1472: sppp_cp_change_state(cp, sp, STATE_ACK_RCVD);
1473: break;
1474: default:
1475: printf(SPP_FMT "%s illegal %s in state %s\n",
1476: SPP_ARGS(ifp), cp->name,
1477: sppp_cp_type_name(h->type),
1478: sppp_state_name(sp->state[cp->protoidx]));
1479: ++ifp->if_ierrors;
1480: }
1481: break;
1482: case CODE_REJ:
1483: case PROTO_REJ:
1484: /* XXX catastrophic rejects (RXJ-) aren't handled yet. */
1485: log(LOG_INFO,
1486: SPP_FMT "%s: ignoring RXJ (%s) for proto 0x%x, "
1487: "danger will robinson\n",
1488: SPP_ARGS(ifp), cp->name,
1489: sppp_cp_type_name(h->type), ntohs(*((u_short *)p)));
1490: switch (sp->state[cp->protoidx]) {
1491: case STATE_CLOSED:
1492: case STATE_STOPPED:
1493: case STATE_REQ_SENT:
1494: case STATE_ACK_SENT:
1495: case STATE_CLOSING:
1496: case STATE_STOPPING:
1497: case STATE_OPENED:
1498: break;
1499: case STATE_ACK_RCVD:
1500: sppp_cp_change_state(cp, sp, STATE_REQ_SENT);
1501: break;
1502: default:
1503: printf(SPP_FMT "%s illegal %s in state %s\n",
1504: SPP_ARGS(ifp), cp->name,
1505: sppp_cp_type_name(h->type),
1506: sppp_state_name(sp->state[cp->protoidx]));
1507: ++ifp->if_ierrors;
1508: }
1509: break;
1510: case DISC_REQ:
1511: if (cp->proto != PPP_LCP)
1512: goto illegal;
1513: /* Discard the packet. */
1514: break;
1515: case ECHO_REQ:
1516: if (cp->proto != PPP_LCP)
1517: goto illegal;
1518: if (sp->state[cp->protoidx] != STATE_OPENED) {
1519: if (debug)
1520: addlog(SPP_FMT "lcp echo req but lcp closed\n",
1521: SPP_ARGS(ifp));
1522: ++ifp->if_ierrors;
1523: break;
1524: }
1525: if (len < 8) {
1526: if (debug)
1527: addlog(SPP_FMT "invalid lcp echo request "
1528: "packet length: %d bytes\n",
1529: SPP_ARGS(ifp), len);
1530: break;
1531: }
1532: if (ntohl (*(long*)(h+1)) == sp->lcp.magic) {
1533: /* Line loopback mode detected. */
1534: printf(SPP_FMT "loopback\n", SPP_ARGS(ifp));
1535: if_down (ifp);
1536: sppp_qflush (&sp->pp_cpq);
1537:
1538: /* Shut down the PPP link. */
1539: /* XXX */
1540: lcp.Down(sp);
1541: lcp.Up(sp);
1542: break;
1543: }
1544: *(long*)(h+1) = htonl (sp->lcp.magic);
1545: if (debug)
1546: addlog(SPP_FMT "got lcp echo req, sending echo rep\n",
1547: SPP_ARGS(ifp));
1548: sppp_cp_send (sp, PPP_LCP, ECHO_REPLY, h->ident, len-4, h+1);
1549: break;
1550: case ECHO_REPLY:
1551: if (cp->proto != PPP_LCP)
1552: goto illegal;
1553: if (h->ident != sp->lcp.echoid) {
1554: ++ifp->if_ierrors;
1555: break;
1556: }
1557: if (len < 8) {
1558: if (debug)
1559: addlog(SPP_FMT "lcp invalid echo reply "
1560: "packet length: %d bytes\n",
1561: SPP_ARGS(ifp), len);
1562: break;
1563: }
1564: if (debug)
1565: addlog(SPP_FMT "lcp got echo rep\n",
1566: SPP_ARGS(ifp));
1567: if (ntohl (*(long*)(h+1)) != sp->lcp.magic)
1568: sp->pp_alivecnt = 0;
1569: break;
1570: default:
1571: /* Unknown packet type -- send Code-Reject packet. */
1572: illegal:
1573: if (debug)
1574: addlog(SPP_FMT "%s send code-rej for 0x%x\n",
1575: SPP_ARGS(ifp), cp->name, h->type);
1576: sppp_cp_send(sp, cp->proto, CODE_REJ, ++sp->pp_seq,
1577: m->m_pkthdr.len, h);
1578: ++ifp->if_ierrors;
1579: }
1580: }
1581:
1582:
1583: /*
1584: * The generic part of all Up/Down/Open/Close/TO event handlers.
1585: * Basically, the state transition handling in the automaton.
1586: */
1587: static void
1588: sppp_up_event(const struct cp *cp, struct sppp *sp)
1589: {
1590: STDDCL;
1591:
1592: if (debug)
1593: log(LOG_DEBUG, SPP_FMT "%s up(%s)\n",
1594: SPP_ARGS(ifp), cp->name,
1595: sppp_state_name(sp->state[cp->protoidx]));
1596:
1597: switch (sp->state[cp->protoidx]) {
1598: case STATE_INITIAL:
1599: sppp_cp_change_state(cp, sp, STATE_CLOSED);
1600: break;
1601: case STATE_STARTING:
1602: sp->rst_counter[cp->protoidx] = sp->lcp.max_configure;
1603: (cp->scr)(sp);
1604: sppp_cp_change_state(cp, sp, STATE_REQ_SENT);
1605: break;
1606: default:
1607: printf(SPP_FMT "%s illegal up in state %s\n",
1608: SPP_ARGS(ifp), cp->name,
1609: sppp_state_name(sp->state[cp->protoidx]));
1610: }
1611: }
1612:
1613: static void
1614: sppp_down_event(const struct cp *cp, struct sppp *sp)
1615: {
1616: STDDCL;
1617:
1618: if (debug)
1619: log(LOG_DEBUG, SPP_FMT "%s down(%s)\n",
1620: SPP_ARGS(ifp), cp->name,
1621: sppp_state_name(sp->state[cp->protoidx]));
1622:
1623: switch (sp->state[cp->protoidx]) {
1624: case STATE_CLOSED:
1625: case STATE_CLOSING:
1626: sppp_cp_change_state(cp, sp, STATE_INITIAL);
1627: break;
1628: case STATE_STOPPED:
1629: sppp_cp_change_state(cp, sp, STATE_STARTING);
1630: (cp->tls)(sp);
1631: break;
1632: case STATE_STOPPING:
1633: case STATE_REQ_SENT:
1634: case STATE_ACK_RCVD:
1635: case STATE_ACK_SENT:
1636: sppp_cp_change_state(cp, sp, STATE_STARTING);
1637: break;
1638: case STATE_OPENED:
1639: (cp->tld)(sp);
1640: sppp_cp_change_state(cp, sp, STATE_STARTING);
1641: break;
1642: default:
1643: printf(SPP_FMT "%s illegal down in state %s\n",
1644: SPP_ARGS(ifp), cp->name,
1645: sppp_state_name(sp->state[cp->protoidx]));
1646: }
1647: }
1648:
1649:
1650: static void
1651: sppp_open_event(const struct cp *cp, struct sppp *sp)
1652: {
1653: STDDCL;
1654:
1655: if (debug)
1656: log(LOG_DEBUG, SPP_FMT "%s open(%s)\n",
1657: SPP_ARGS(ifp), cp->name,
1658: sppp_state_name(sp->state[cp->protoidx]));
1659:
1660: switch (sp->state[cp->protoidx]) {
1661: case STATE_INITIAL:
1662: sppp_cp_change_state(cp, sp, STATE_STARTING);
1663: (cp->tls)(sp);
1664: break;
1665: case STATE_STARTING:
1666: break;
1667: case STATE_CLOSED:
1668: sp->rst_counter[cp->protoidx] = sp->lcp.max_configure;
1669: (cp->scr)(sp);
1670: sppp_cp_change_state(cp, sp, STATE_REQ_SENT);
1671: break;
1672: case STATE_STOPPED:
1673: case STATE_STOPPING:
1674: case STATE_REQ_SENT:
1675: case STATE_ACK_RCVD:
1676: case STATE_ACK_SENT:
1677: case STATE_OPENED:
1678: break;
1679: case STATE_CLOSING:
1680: sppp_cp_change_state(cp, sp, STATE_STOPPING);
1681: break;
1682: }
1683: }
1684:
1685:
1686: static void
1687: sppp_close_event(const struct cp *cp, struct sppp *sp)
1688: {
1689: STDDCL;
1690:
1691: if (debug)
1692: log(LOG_DEBUG, SPP_FMT "%s close(%s)\n",
1693: SPP_ARGS(ifp), cp->name,
1694: sppp_state_name(sp->state[cp->protoidx]));
1695:
1696: switch (sp->state[cp->protoidx]) {
1697: case STATE_INITIAL:
1698: case STATE_CLOSED:
1699: case STATE_CLOSING:
1700: break;
1701: case STATE_STARTING:
1702: sppp_cp_change_state(cp, sp, STATE_INITIAL);
1703: (cp->tlf)(sp);
1704: break;
1705: case STATE_STOPPED:
1706: sppp_cp_change_state(cp, sp, STATE_CLOSED);
1707: break;
1708: case STATE_STOPPING:
1709: sppp_cp_change_state(cp, sp, STATE_CLOSING);
1710: break;
1711: case STATE_OPENED:
1712: (cp->tld)(sp);
1713: /* fall through */
1714: case STATE_REQ_SENT:
1715: case STATE_ACK_RCVD:
1716: case STATE_ACK_SENT:
1717: sp->rst_counter[cp->protoidx] = sp->lcp.max_terminate;
1718: sppp_cp_send(sp, cp->proto, TERM_REQ, ++sp->pp_seq, 0, 0);
1719: sppp_cp_change_state(cp, sp, STATE_CLOSING);
1720: break;
1721: }
1722: }
1723:
1724: static void
1725: sppp_to_event(const struct cp *cp, struct sppp *sp)
1726: {
1727: STDDCL;
1728: int s;
1729:
1730: s = splimp();
1731: if (debug)
1732: log(LOG_DEBUG, SPP_FMT "%s TO(%s) rst_counter = %d\n",
1733: SPP_ARGS(ifp), cp->name,
1734: sppp_state_name(sp->state[cp->protoidx]),
1735: sp->rst_counter[cp->protoidx]);
1736:
1737: if (--sp->rst_counter[cp->protoidx] < 0)
1738: /* TO- event */
1739: switch (sp->state[cp->protoidx]) {
1740: case STATE_CLOSING:
1741: sppp_cp_change_state(cp, sp, STATE_CLOSED);
1742: (cp->tlf)(sp);
1743: break;
1744: case STATE_STOPPING:
1745: sppp_cp_change_state(cp, sp, STATE_STOPPED);
1746: (cp->tlf)(sp);
1747: break;
1748: case STATE_REQ_SENT:
1749: case STATE_ACK_RCVD:
1750: case STATE_ACK_SENT:
1751: sppp_cp_change_state(cp, sp, STATE_STOPPED);
1752: (cp->tlf)(sp);
1753: break;
1754: }
1755: else
1756: /* TO+ event */
1757: switch (sp->state[cp->protoidx]) {
1758: case STATE_CLOSING:
1759: case STATE_STOPPING:
1760: sppp_cp_send(sp, cp->proto, TERM_REQ, ++sp->pp_seq,
1761: 0, 0);
1762: TIMEOUT(cp->TO, (void *)sp, sp->lcp.timeout,
1763: sp->ch[cp->protoidx]);
1764: break;
1765: case STATE_REQ_SENT:
1766: case STATE_ACK_RCVD:
1767: (cp->scr)(sp);
1768: /* sppp_cp_change_state() will restart the timer */
1769: sppp_cp_change_state(cp, sp, STATE_REQ_SENT);
1770: break;
1771: case STATE_ACK_SENT:
1772: (cp->scr)(sp);
1773: TIMEOUT(cp->TO, (void *)sp, sp->lcp.timeout,
1774: sp->ch[cp->protoidx]);
1775: break;
1776: }
1777:
1778: splx(s);
1779: }
1780:
1781: /*
1782: * Change the state of a control protocol in the state automaton.
1783: * Takes care of starting/stopping the restart timer.
1784: */
1785: void
1786: sppp_cp_change_state(const struct cp *cp, struct sppp *sp, int newstate)
1787: {
1788: sp->state[cp->protoidx] = newstate;
1789:
1790: UNTIMEOUT(cp->TO, (void *)sp, sp->ch[cp->protoidx]);
1791: switch (newstate) {
1792: case STATE_INITIAL:
1793: case STATE_STARTING:
1794: case STATE_CLOSED:
1795: case STATE_STOPPED:
1796: case STATE_OPENED:
1797: break;
1798: case STATE_CLOSING:
1799: case STATE_STOPPING:
1800: case STATE_REQ_SENT:
1801: case STATE_ACK_RCVD:
1802: case STATE_ACK_SENT:
1803: TIMEOUT(cp->TO, (void *)sp, sp->lcp.timeout,
1804: sp->ch[cp->protoidx]);
1805: break;
1806: }
1807: }
1808:
/*
1809: *--------------------------------------------------------------------------*
1810: * *
1811: * The LCP implementation. *
1812: * *
1813: *--------------------------------------------------------------------------*
1814: */
1815: static void
1816: sppp_lcp_init(struct sppp *sp)
1817: {
1818: sp->lcp.opts = (1 << LCP_OPT_MAGIC);
1819: sp->lcp.magic = 0;
1820: sp->state[IDX_LCP] = STATE_INITIAL;
1821: sp->fail_counter[IDX_LCP] = 0;
1822: sp->lcp.protos = 0;
1823: sp->lcp.mru = sp->lcp.their_mru = PP_MTU;
1824:
1825: /*
1826: * Initialize counters and timeout values. Note that we don't
1827: * use the 3 seconds suggested in RFC 1661 since we are likely
1828: * running on a fast link. XXX We should probably implement
1829: * the exponential backoff option. Note that these values are
1830: * relevant for all control protocols, not just LCP only.
1831: */
1832: sp->lcp.timeout = 1 * hz;
1833: sp->lcp.max_terminate = 2;
1834: sp->lcp.max_configure = 10;
1835: sp->lcp.max_failure = 10;
1836: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
1837: callout_handle_init(&sp->ch[IDX_LCP]);
1838: #endif
1839: }
1840:
1841: static void
1842: sppp_lcp_up(struct sppp *sp)
1843: {
1844: STDDCL;
1845:
1846: /*
1847: * If this interface is passive or dial-on-demand, and we are
1848: * still in Initial state, it means we've got an incoming
1849: * call. Activate the interface.
1850: */
1851: if ((ifp->if_flags & (IFF_AUTO | IFF_PASSIVE)) != 0) {
1852: if (debug)
1853: log(LOG_DEBUG,
1854: SPP_FMT "Up event", SPP_ARGS(ifp));
1855: ifp->if_flags |= IFF_RUNNING;
1856: if (sp->state[IDX_LCP] == STATE_INITIAL) {
1857: if (debug)
1858: addlog("(incoming call)\n");
1859: sp->pp_flags |= PP_CALLIN;
1860: lcp.Open(sp);
1861: } else if (debug)
1862: addlog("\n");
1863: }
1864:
1865: sppp_up_event(&lcp, sp);
1866: }
1867:
1868: static void
1869: sppp_lcp_down(struct sppp *sp)
1870: {
1871: STDDCL;
1872:
1873: sppp_down_event(&lcp, sp);
1874:
1875: /*
1876: * If this is neither a dial-on-demand nor a passive
1877: * interface, simulate an ``ifconfig down'' action, so the
1878: * administrator can force a redial by another ``ifconfig
1879: * up''. XXX For leased line operation, should we immediately
1880: * try to reopen the connection here?
1881: */
1882: if ((ifp->if_flags & (IFF_AUTO | IFF_PASSIVE)) == 0) {
1883: log(LOG_INFO,
1884: SPP_FMT "Down event, taking interface down.\n",
1885: SPP_ARGS(ifp));
1886: if_down(ifp);
1887: } else {
1888: if (debug)
1889: log(LOG_DEBUG,
1890: SPP_FMT "Down event (carrier loss)\n",
1891: SPP_ARGS(ifp));
1892: }
1893: sp->pp_flags &= ~PP_CALLIN;
1894: if (sp->state[IDX_LCP] != STATE_INITIAL)
1895: lcp.Close(sp);
1896: ifp->if_flags &= ~IFF_RUNNING;
1897: }
1898:
1899: static void
1900: sppp_lcp_open(struct sppp *sp)
1901: {
1902: /*
1903: * If we are authenticator, negotiate LCP_AUTH
1904: */
1905: if (sp->hisauth.proto != 0)
1906: sp->lcp.opts |= (1 << LCP_OPT_AUTH_PROTO);
1907: else
1908: sp->lcp.opts &= ~(1 << LCP_OPT_AUTH_PROTO);
1909: sp->pp_flags &= ~PP_NEEDAUTH;
1910: sppp_open_event(&lcp, sp);
1911: }
1912:
1913: static void
1914: sppp_lcp_close(struct sppp *sp)
1915: {
1916: sppp_close_event(&lcp, sp);
1917: }
1918:
1919: static void
1920: sppp_lcp_TO(void *cookie)
1921: {
1922: sppp_to_event(&lcp, (struct sppp *)cookie);
1923: }
1924:
1925: /*
1926: * Analyze a configure request. Return true if it was agreeable, and
1927: * caused action sca, false if it has been rejected or nak'ed, and
1928: * caused action scn. (The return value is used to make the state
1929: * transition decision in the state automaton.)
1930: */
1931: static int
1932: sppp_lcp_RCR(struct sppp *sp, struct lcp_header *h, int len)
1933: {
1934: STDDCL;
1935: u_char *buf, *r, *p;
1936: int origlen, rlen;
1937: u_long nmagic;
1938: u_short authproto;
1939:
1940: len -= 4;
1941: origlen = len;
1942: buf = r = _MALLOC(len, M_TEMP, M_NOWAIT);
1943: if (! buf)
1944: return (0);
1945:
1946: if (debug)
1947: log(LOG_DEBUG, SPP_FMT "lcp parse opts: ",
1948: SPP_ARGS(ifp));
1949:
1950: /* pass 1: check for things that need to be rejected */
1951: p = (void*) (h+1);
1952: for (rlen=0; len>1 && p[1]; len-=p[1], p+=p[1]) {
1953: if (debug)
1954: addlog(" %s ", sppp_lcp_opt_name(*p));
1955: switch (*p) {
1956: case LCP_OPT_MAGIC:
1957: /* Magic number. */
1958: /* fall through, both are same length */
1959: case LCP_OPT_ASYNC_MAP:
1960: /* Async control character map. */
1961: if (len >= 6 || p[1] == 6)
1962: continue;
1963: if (debug)
1964: addlog("[invalid] ");
1965: break;
1966: case LCP_OPT_MRU:
1967: /* Maximum receive unit. */
1968: if (len >= 4 && p[1] == 4)
1969: continue;
1970: if (debug)
1971: addlog("[invalid] ");
1972: break;
1973: case LCP_OPT_AUTH_PROTO:
1974: if (len < 4) {
1975: if (debug)
1976: addlog("[invalid] ");
1977: break;
1978: }
1979: authproto = (p[2] << 8) + p[3];
1980: if (authproto == PPP_CHAP && p[1] != 5) {
1981: if (debug)
1982: addlog("[invalid chap len] ");
1983: break;
1984: }
1985: if (sp->myauth.proto == 0) {
1986: /* we are not configured to do auth */
1987: if (debug)
1988: addlog("[not configured] ");
1989: break;
1990: }
1991: /*
1992: * Remote want us to authenticate, remember this,
1993: * so we stay in PHASE_AUTHENTICATE after LCP got
1994: * up.
1995: */
1996: sp->pp_flags |= PP_NEEDAUTH;
1997: continue;
1998: default:
1999: /* Others not supported. */
2000: if (debug)
2001: addlog("[rej] ");
2002: break;
2003: }
2004: /* Add the option to rejected list. */
2005: bcopy (p, r, p[1]);
2006: r += p[1];
2007: rlen += p[1];
2008: }
2009: if (rlen) {
2010: if (debug)
2011: addlog(" send conf-rej\n");
2012: sppp_cp_send (sp, PPP_LCP, CONF_REJ, h->ident, rlen, buf);
2013: return 0;
2014: } else if (debug)
2015: addlog("\n");
2016:
2017: /*
2018: * pass 2: check for option values that are unacceptable and
2019: * thus require to be nak'ed.
2020: */
2021: if (debug)
2022: log(LOG_DEBUG, SPP_FMT "lcp parse opt values: ",
2023: SPP_ARGS(ifp));
2024:
2025: p = (void*) (h+1);
2026: len = origlen;
2027: for (rlen=0; len>1 && p[1]; len-=p[1], p+=p[1]) {
2028: if (debug)
2029: addlog(" %s ", sppp_lcp_opt_name(*p));
2030: switch (*p) {
2031: case LCP_OPT_MAGIC:
2032: /* Magic number -- extract. */
2033: nmagic = (u_long)p[2] << 24 |
2034: (u_long)p[3] << 16 | p[4] << 8 | p[5];
2035: if (nmagic != sp->lcp.magic) {
2036: if (debug)
2037: addlog("0x%lx ", nmagic);
2038: continue;
2039: }
2040: /*
2041: * Local and remote magics equal -- loopback?
2042: */
2043: if (sp->pp_loopcnt >= MAXALIVECNT*5) {
2044: printf (SPP_FMT "loopback\n",
2045: SPP_ARGS(ifp));
2046: sp->pp_loopcnt = 0;
2047: if (ifp->if_flags & IFF_UP) {
2048: if_down(ifp);
2049: sppp_qflush(&sp->pp_cpq);
2050: /* XXX ? */
2051: lcp.Down(sp);
2052: lcp.Up(sp);
2053: }
2054: } else if (debug)
2055: addlog("[glitch] ");
2056: ++sp->pp_loopcnt;
2057: /*
2058: * We negate our magic here, and NAK it. If
2059: * we see it later in an NAK packet, we
2060: * suggest a new one.
2061: */
2062: nmagic = ~sp->lcp.magic;
2063: /* Gonna NAK it. */
2064: p[2] = nmagic >> 24;
2065: p[3] = nmagic >> 16;
2066: p[4] = nmagic >> 8;
2067: p[5] = nmagic;
2068: break;
2069:
2070: case LCP_OPT_ASYNC_MAP:
2071: /* Async control character map -- check to be zero. */
2072: if (! p[2] && ! p[3] && ! p[4] && ! p[5]) {
2073: if (debug)
2074: addlog("[empty] ");
2075: continue;
2076: }
2077: if (debug)
2078: addlog("[non-empty] ");
2079: /* suggest a zero one */
2080: p[2] = p[3] = p[4] = p[5] = 0;
2081: break;
2082:
2083: case LCP_OPT_MRU:
2084: /*
2085: * Maximum receive unit. Always agreeable,
2086: * but ignored by now.
2087: */
2088: sp->lcp.their_mru = p[2] * 256 + p[3];
2089: if (debug)
2090: addlog("%lu ", sp->lcp.their_mru);
2091: continue;
2092:
2093: case LCP_OPT_AUTH_PROTO:
2094: authproto = (p[2] << 8) + p[3];
2095: if (sp->myauth.proto != authproto) {
2096: /* not agreed, nak */
2097: if (debug)
2098: addlog("[mine %s != his %s] ",
2099: sppp_proto_name(sp->hisauth.proto),
2100: sppp_proto_name(authproto));
2101: p[2] = sp->myauth.proto >> 8;
2102: p[3] = sp->myauth.proto;
2103: break;
2104: }
2105: if (authproto == PPP_CHAP && p[4] != CHAP_MD5) {
2106: if (debug)
2107: addlog("[chap not MD5] ");
2108: p[4] = CHAP_MD5;
2109: break;
2110: }
2111: continue;
2112: }
2113: /* Add the option to nak'ed list. */
2114: bcopy (p, r, p[1]);
2115: r += p[1];
2116: rlen += p[1];
2117: }
2118: if (rlen) {
2119: if (++sp->fail_counter[IDX_LCP] >= sp->lcp.max_failure) {
2120: if (debug)
2121: addlog(" max_failure (%d) exceeded, "
2122: "send conf-rej\n",
2123: sp->lcp.max_failure);
2124: sppp_cp_send(sp, PPP_LCP, CONF_REJ, h->ident, rlen, buf);
2125: } else {
2126: if (debug)
2127: addlog(" send conf-nak\n");
2128: sppp_cp_send (sp, PPP_LCP, CONF_NAK, h->ident, rlen, buf);
2129: }
2130: return 0;
2131: } else {
2132: if (debug)
2133: addlog(" send conf-ack\n");
2134: sp->fail_counter[IDX_LCP] = 0;
2135: sp->pp_loopcnt = 0;
2136: sppp_cp_send (sp, PPP_LCP, CONF_ACK,
2137: h->ident, origlen, h+1);
2138: }
2139:
2140: FREE(buf, M_TEMP);
2141: return (rlen == 0);
2142: }
2143:
2144: /*
2145: * Analyze the LCP Configure-Reject option list, and adjust our
2146: * negotiation.
2147: */
2148: static void
2149: sppp_lcp_RCN_rej(struct sppp *sp, struct lcp_header *h, int len)
2150: {
2151: STDDCL;
2152: u_char *buf, *p;
2153:
2154: len -= 4;
2155: buf = MALLOC (len, M_TEMP, M_NOWAIT);
2156: if (!buf)
2157: return;
2158:
2159: if (debug)
2160: log(LOG_DEBUG, SPP_FMT "lcp rej opts: ",
2161: SPP_ARGS(ifp));
2162:
2163: p = (void*) (h+1);
2164: for (; len > 1 && p[1]; len -= p[1], p += p[1]) {
2165: if (debug)
2166: addlog(" %s ", sppp_lcp_opt_name(*p));
2167: switch (*p) {
2168: case LCP_OPT_MAGIC:
2169: /* Magic number -- can't use it, use 0 */
2170: sp->lcp.opts &= ~(1 << LCP_OPT_MAGIC);
2171: sp->lcp.magic = 0;
2172: break;
2173: case LCP_OPT_MRU:
2174: /*
2175: * Should not be rejected anyway, since we only
2176: * negotiate a MRU if explicitly requested by
2177: * peer.
2178: */
2179: sp->lcp.opts &= ~(1 << LCP_OPT_MRU);
2180: break;
2181: case LCP_OPT_AUTH_PROTO:
2182: /*
2183: * Peer doesn't want to authenticate himself,
2184: * deny unless this is a dialout call, and
2185: * AUTHFLAG_NOCALLOUT is set.
2186: */
2187: if ((sp->pp_flags & PP_CALLIN) == 0 &&
2188: (sp->hisauth.flags & AUTHFLAG_NOCALLOUT) != 0) {
2189: if (debug)
2190: addlog("[don't insist on auth "
2191: "for callout]");
2192: sp->lcp.opts &= ~(1 << LCP_OPT_AUTH_PROTO);
2193: break;
2194: }
2195: if (debug)
2196: addlog("[access denied]\n");
2197: lcp.Close(sp);
2198: break;
2199: }
2200: }
2201: if (debug)
2202: addlog("\n");
2203: FREE(buf, M_TEMP);
2204: return;
2205: }
2206:
2207: /*
2208: * Analyze the LCP Configure-NAK option list, and adjust our
2209: * negotiation.
2210: */
2211: static void
2212: sppp_lcp_RCN_nak(struct sppp *sp, struct lcp_header *h, int len)
2213: {
2214: STDDCL;
2215: u_char *buf, *p;
2216: u_long magic;
2217:
2218: len -= 4;
2219: buf = MALLOC (len, M_TEMP, M_NOWAIT);
2220: if (!buf)
2221: return;
2222:
2223: if (debug)
2224: log(LOG_DEBUG, SPP_FMT "lcp nak opts: ",
2225: SPP_ARGS(ifp));
2226:
2227: p = (void*) (h+1);
2228: for (; len > 1 && p[1]; len -= p[1], p += p[1]) {
2229: if (debug)
2230: addlog(" %s ", sppp_lcp_opt_name(*p));
2231: switch (*p) {
2232: case LCP_OPT_MAGIC:
2233: /* Magic number -- renegotiate */
2234: if ((sp->lcp.opts & (1 << LCP_OPT_MAGIC)) &&
2235: len >= 6 && p[1] == 6) {
2236: magic = (u_long)p[2] << 24 |
2237: (u_long)p[3] << 16 | p[4] << 8 | p[5];
2238: /*
2239: * If the remote magic is our negated one,
2240: * this looks like a loopback problem.
2241: * Suggest a new magic to make sure.
2242: */
2243: if (magic == ~sp->lcp.magic) {
2244: if (debug)
2245: addlog("magic glitch ");
2246: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
2247: sp->lcp.magic = random();
2248: #else
2249: sp->lcp.magic = time.tv_sec + time.tv_usec;
2250: #endif
2251: } else {
2252: sp->lcp.magic = magic;
2253: if (debug)
2254: addlog("%lu ", magic);
2255: }
2256: }
2257: break;
2258: case LCP_OPT_MRU:
2259: /*
2260: * Peer wants to advise us to negotiate an MRU.
2261: * Agree on it if it's reasonable, or use
2262: * default otherwise.
2263: */
2264: if (len >= 4 && p[1] == 4) {
2265: u_int mru = p[2] * 256 + p[3];
2266: if (debug)
2267: addlog("%d ", mru);
2268: if (mru < PP_MTU || mru > PP_MAX_MRU)
2269: mru = PP_MTU;
2270: sp->lcp.mru = mru;
2271: sp->lcp.opts |= (1 << LCP_OPT_MRU);
2272: }
2273: break;
2274: case LCP_OPT_AUTH_PROTO:
2275: /*
2276: * Peer doesn't like our authentication method,
2277: * deny.
2278: */
2279: if (debug)
2280: addlog("[access denied]\n");
2281: lcp.Close(sp);
2282: break;
2283: }
2284: }
2285: if (debug)
2286: addlog("\n");
2287: FREE(buf, M_TEMP);
2288: return;
2289: }
2290:
2291: static void
2292: sppp_lcp_tlu(struct sppp *sp)
2293: {
2294: STDDCL;
2295: int i;
2296: u_long mask;
2297:
2298: /* XXX ? */
2299: if (! (ifp->if_flags & IFF_UP) &&
2300: (ifp->if_flags & IFF_RUNNING)) {
2301: /* Coming out of loopback mode. */
2302: if_up(ifp);
2303: printf (SPP_FMT "up\n", SPP_ARGS(ifp));
2304: }
2305:
2306: for (i = 0; i < IDX_COUNT; i++)
2307: if ((cps[i])->flags & CP_QUAL)
2308: (cps[i])->Open(sp);
2309:
2310: if ((sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) != 0 ||
2311: (sp->pp_flags & PP_NEEDAUTH) != 0)
2312: sp->pp_phase = PHASE_AUTHENTICATE;
2313: else
2314: sp->pp_phase = PHASE_NETWORK;
2315:
2316: if (debug)
2317: log(LOG_DEBUG, SPP_FMT "phase %s\n", SPP_ARGS(ifp),
2318: sppp_phase_name(sp->pp_phase));
2319:
2320: /*
2321: * Open all authentication protocols. This is even required
2322: * if we already proceeded to network phase, since it might be
2323: * that remote wants us to authenticate, so we might have to
2324: * send a PAP request. Undesired authentication protocols
2325: * don't do anything when they get an Open event.
2326: */
2327: for (i = 0; i < IDX_COUNT; i++)
2328: if ((cps[i])->flags & CP_AUTH)
2329: (cps[i])->Open(sp);
2330:
2331: if (sp->pp_phase == PHASE_NETWORK) {
2332: /* Notify all NCPs. */
2333: for (i = 0; i < IDX_COUNT; i++)
2334: if ((cps[i])->flags & CP_NCP)
2335: (cps[i])->Open(sp);
2336: }
2337:
2338: /* Send Up events to all started protos. */
2339: for (i = 0, mask = 1; i < IDX_COUNT; i++, mask <<= 1)
2340: if (sp->lcp.protos & mask && ((cps[i])->flags & CP_LCP) == 0)
2341: (cps[i])->Up(sp);
2342:
2343: /* notify low-level driver of state change */
2344: if (sp->pp_chg)
2345: sp->pp_chg(sp, (int)sp->pp_phase);
2346:
2347: if (sp->pp_phase == PHASE_NETWORK)
2348: /* if no NCP is starting, close down */
2349: sppp_lcp_check_and_close(sp);
2350: }
2351:
2352: static void
2353: sppp_lcp_tld(struct sppp *sp)
2354: {
2355: STDDCL;
2356: int i;
2357: u_long mask;
2358:
2359: sp->pp_phase = PHASE_TERMINATE;
2360:
2361: if (debug)
2362: log(LOG_DEBUG, SPP_FMT "phase %s\n", SPP_ARGS(ifp),
2363: sppp_phase_name(sp->pp_phase));
2364:
2365: /*
2366: * Take upper layers down. We send the Down event first and
2367: * the Close second to prevent the upper layers from sending
2368: * ``a flurry of terminate-request packets'', as the RFC
2369: * describes it.
2370: */
2371: for (i = 0, mask = 1; i < IDX_COUNT; i++, mask <<= 1)
2372: if (sp->lcp.protos & mask && ((cps[i])->flags & CP_LCP) == 0) {
2373: (cps[i])->Down(sp);
2374: (cps[i])->Close(sp);
2375: }
2376: }
2377:
2378: static void
2379: sppp_lcp_tls(struct sppp *sp)
2380: {
2381: STDDCL;
2382:
2383: sp->pp_phase = PHASE_ESTABLISH;
2384:
2385: if (debug)
2386: log(LOG_DEBUG, SPP_FMT "phase %s\n", SPP_ARGS(ifp),
2387: sppp_phase_name(sp->pp_phase));
2388:
2389: /* Notify lower layer if desired. */
2390: if (sp->pp_tls)
2391: (sp->pp_tls)(sp);
2392: else
2393: (sp->pp_up)(sp);
2394: }
2395:
2396: static void
2397: sppp_lcp_tlf(struct sppp *sp)
2398: {
2399: STDDCL;
2400:
2401: sp->pp_phase = PHASE_DEAD;
2402: if (debug)
2403: log(LOG_DEBUG, SPP_FMT "phase %s\n", SPP_ARGS(ifp),
2404: sppp_phase_name(sp->pp_phase));
2405:
2406: /* Notify lower layer if desired. */
2407: if (sp->pp_tlf)
2408: (sp->pp_tlf)(sp);
2409: else
2410: (sp->pp_down)(sp);
2411: }
2412:
2413: static void
2414: sppp_lcp_scr(struct sppp *sp)
2415: {
2416: char opt[6 /* magicnum */ + 4 /* mru */ + 5 /* chap */];
2417: int i = 0;
2418: u_short authproto;
2419:
2420: if (sp->lcp.opts & (1 << LCP_OPT_MAGIC)) {
2421: if (! sp->lcp.magic)
2422: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
2423: sp->lcp.magic = random();
2424: #else
2425: sp->lcp.magic = time.tv_sec + time.tv_usec;
2426: #endif
2427: opt[i++] = LCP_OPT_MAGIC;
2428: opt[i++] = 6;
2429: opt[i++] = sp->lcp.magic >> 24;
2430: opt[i++] = sp->lcp.magic >> 16;
2431: opt[i++] = sp->lcp.magic >> 8;
2432: opt[i++] = sp->lcp.magic;
2433: }
2434:
2435: if (sp->lcp.opts & (1 << LCP_OPT_MRU)) {
2436: opt[i++] = LCP_OPT_MRU;
2437: opt[i++] = 4;
2438: opt[i++] = sp->lcp.mru >> 8;
2439: opt[i++] = sp->lcp.mru;
2440: }
2441:
2442: if (sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) {
2443: authproto = sp->hisauth.proto;
2444: opt[i++] = LCP_OPT_AUTH_PROTO;
2445: opt[i++] = authproto == PPP_CHAP? 5: 4;
2446: opt[i++] = authproto >> 8;
2447: opt[i++] = authproto;
2448: if (authproto == PPP_CHAP)
2449: opt[i++] = CHAP_MD5;
2450: }
2451:
2452: sp->confid[IDX_LCP] = ++sp->pp_seq;
2453: sppp_cp_send (sp, PPP_LCP, CONF_REQ, sp->confid[IDX_LCP], i, &opt);
2454: }
2455:
2456: /*
2457: * Check the open NCPs, return true if at least one NCP is open.
2458: */
2459: static int
2460: sppp_ncp_check(struct sppp *sp)
2461: {
2462: int i, mask;
2463:
2464: for (i = 0, mask = 1; i < IDX_COUNT; i++, mask <<= 1)
2465: if (sp->lcp.protos & mask && (cps[i])->flags & CP_NCP)
2466: return 1;
2467: return 0;
2468: }
2469:
2470: /*
2471: * Re-check the open NCPs and see if we should terminate the link.
2472: * Called by the NCPs during their tlf action handling.
2473: */
2474: static void
2475: sppp_lcp_check_and_close(struct sppp *sp)
2476: {
2477:
2478: if (sp->pp_phase < PHASE_NETWORK)
2479: /* don't bother, we are already going down */
2480: return;
2481:
2482: if (sppp_ncp_check(sp))
2483: return;
2484:
2485: lcp.Close(sp);
2486: }
2487:
/*
2488: *--------------------------------------------------------------------------*
2489: * *
2490: * The IPCP implementation. *
2491: * *
2492: *--------------------------------------------------------------------------*
2493: */
2494:
2495: static void
2496: sppp_ipcp_init(struct sppp *sp)
2497: {
2498: sp->ipcp.opts = 0;
2499: sp->ipcp.flags = 0;
2500: sp->state[IDX_IPCP] = STATE_INITIAL;
2501: sp->fail_counter[IDX_IPCP] = 0;
2502: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
2503: callout_handle_init(&sp->ch[IDX_IPCP]);
2504: #endif
2505: }
2506:
2507: static void
2508: sppp_ipcp_up(struct sppp *sp)
2509: {
2510: sppp_up_event(&ipcp, sp);
2511: }
2512:
2513: static void
2514: sppp_ipcp_down(struct sppp *sp)
2515: {
2516: sppp_down_event(&ipcp, sp);
2517: }
2518:
2519: static void
2520: sppp_ipcp_open(struct sppp *sp)
2521: {
2522: STDDCL;
2523: u_long myaddr, hisaddr;
2524:
2525: sp->ipcp.flags &= ~(IPCP_HISADDR_SEEN|IPCP_MYADDR_SEEN|IPCP_MYADDR_DYN);
2526:
2527: sppp_get_ip_addrs(sp, &myaddr, &hisaddr, 0);
2528: /*
2529: * If we don't have his address, this probably means our
2530: * interface doesn't want to talk IP at all. (This could
2531: * be the case if somebody wants to speak only IPX, for
2532: * example.) Don't open IPCP in this case.
2533: */
2534: if (hisaddr == 0L) {
2535: /* XXX this message should go away */
2536: if (debug)
2537: log(LOG_DEBUG, SPP_FMT "ipcp_open(): no IP interface\n",
2538: SPP_ARGS(ifp));
2539: return;
2540: }
2541:
2542: if (myaddr == 0L) {
2543: /*
2544: * I don't have an assigned address, so i need to
2545: * negotiate my address.
2546: */
2547: sp->ipcp.flags |= IPCP_MYADDR_DYN;
2548: sp->ipcp.opts |= (1 << IPCP_OPT_ADDRESS);
2549: } else
2550: sp->ipcp.flags |= IPCP_MYADDR_SEEN;
2551: sppp_open_event(&ipcp, sp);
2552: }
2553:
2554: static void
2555: sppp_ipcp_close(struct sppp *sp)
2556: {
2557: sppp_close_event(&ipcp, sp);
2558: if (sp->ipcp.flags & IPCP_MYADDR_DYN)
2559: /*
2560: * My address was dynamic, clear it again.
2561: */
2562: sppp_set_ip_addr(sp, 0L);
2563: }
2564:
2565: static void
2566: sppp_ipcp_TO(void *cookie)
2567: {
2568: sppp_to_event(&ipcp, (struct sppp *)cookie);
2569: }
2570:
2571: /*
2572: * Analyze a configure request. Return true if it was agreeable, and
2573: * caused action sca, false if it has been rejected or nak'ed, and
2574: * caused action scn. (The return value is used to make the state
2575: * transition decision in the state automaton.)
2576: */
2577: static int
2578: sppp_ipcp_RCR(struct sppp *sp, struct lcp_header *h, int len)
2579: {
2580: u_char *buf, *r, *p;
2581: struct ifnet *ifp = &sp->pp_if;
2582: int rlen, origlen, debug = ifp->if_flags & IFF_DEBUG;
2583: u_long hisaddr, desiredaddr;
2584: int gotmyaddr = 0;
2585:
2586: len -= 4;
2587: origlen = len;
2588: /*
2589: * Make sure to allocate a buf that can at least hold a
2590: * conf-nak with an `address' option. We might need it below.
2591: */
2592: buf = r = MALLOC ((len < 6? 6: len), M_TEMP, M_NOWAIT);
2593: if (! buf)
2594: return (0);
2595:
2596: /* pass 1: see if we can recognize them */
2597: if (debug)
2598: log(LOG_DEBUG, SPP_FMT "ipcp parse opts: ",
2599: SPP_ARGS(ifp));
2600: p = (void*) (h+1);
2601: for (rlen=0; len>1 && p[1]; len-=p[1], p+=p[1]) {
2602: if (debug)
2603: addlog(" %s ", sppp_ipcp_opt_name(*p));
2604: switch (*p) {
2605: #ifdef notyet
2606: case IPCP_OPT_COMPRESSION:
2607: if (len >= 6 && p[1] >= 6) {
2608: /* correctly formed compress option */
2609: continue;
2610: }
2611: if (debug)
2612: addlog("[invalid] ");
2613: break;
2614: #endif
2615: case IPCP_OPT_ADDRESS:
2616: if (len >= 6 && p[1] == 6) {
2617: /* correctly formed address option */
2618: continue;
2619: }
2620: if (debug)
2621: addlog("[invalid] ");
2622: break;
2623: default:
2624: /* Others not supported. */
2625: if (debug)
2626: addlog("[rej] ");
2627: break;
2628: }
2629: /* Add the option to rejected list. */
2630: bcopy (p, r, p[1]);
2631: r += p[1];
2632: rlen += p[1];
2633: }
2634: if (rlen) {
2635: if (debug)
2636: addlog(" send conf-rej\n");
2637: sppp_cp_send (sp, PPP_IPCP, CONF_REJ, h->ident, rlen, buf);
2638: return 0;
2639: } else if (debug)
2640: addlog("\n");
2641:
2642: /* pass 2: parse option values */
2643: sppp_get_ip_addrs(sp, 0, &hisaddr, 0);
2644: if (debug)
2645: log(LOG_DEBUG, SPP_FMT "ipcp parse opt values: ",
2646: SPP_ARGS(ifp));
2647: p = (void*) (h+1);
2648: len = origlen;
2649: for (rlen=0; len>1 && p[1]; len-=p[1], p+=p[1]) {
2650: if (debug)
2651: addlog(" %s ", sppp_ipcp_opt_name(*p));
2652: switch (*p) {
2653: #ifdef notyet
2654: case IPCP_OPT_COMPRESSION:
2655: continue;
2656: #endif
2657: case IPCP_OPT_ADDRESS:
2658: /* This is the address he wants in his end */
2659: desiredaddr = p[2] << 24 | p[3] << 16 |
2660: p[4] << 8 | p[5];
2661: if (desiredaddr == hisaddr ||
2662: (hisaddr == 1 && desiredaddr != 0)) {
2663: /*
2664: * Peer's address is same as our value,
2665: * or we have set it to 0.0.0.1 to
2666: * indicate that we do not really care,
2667: * this is agreeable. Gonna conf-ack
2668: * it.
2669: */
2670: if (debug)
2671: addlog("%s [ack] ",
2672: sppp_dotted_quad(hisaddr));
2673: /* record that we've seen it already */
2674: sp->ipcp.flags |= IPCP_HISADDR_SEEN;
2675: continue;
2676: }
2677: /*
2678: * The address wasn't agreeable. This is either
2679: * he sent us 0.0.0.0, asking to assign him an
2680: * address, or he send us another address not
2681: * matching our value. Either case, we gonna
2682: * conf-nak it with our value.
2683: * XXX: we should "rej" if hisaddr == 0
2684: */
2685: if (debug) {
2686: if (desiredaddr == 0)
2687: addlog("[addr requested] ");
2688: else
2689: addlog("%s [not agreed] ",
2690: sppp_dotted_quad(desiredaddr));
2691:
2692: p[2] = hisaddr >> 24;
2693: p[3] = hisaddr >> 16;
2694: p[4] = hisaddr >> 8;
2695: p[5] = hisaddr;
2696: }
2697: break;
2698: }
2699: /* Add the option to nak'ed list. */
2700: bcopy (p, r, p[1]);
2701: r += p[1];
2702: rlen += p[1];
2703: }
2704:
2705: /*
2706: * If we are about to conf-ack the request, but haven't seen
2707: * his address so far, gonna conf-nak it instead, with the
2708: * `address' option present and our idea of his address being
2709: * filled in there, to request negotiation of both addresses.
2710: *
2711: * XXX This can result in an endless req - nak loop if peer
2712: * doesn't want to send us his address. Q: What should we do
2713: * about it? XXX A: implement the max-failure counter.
2714: */
2715: if (rlen == 0 && !(sp->ipcp.flags & IPCP_HISADDR_SEEN) && !gotmyaddr) {
2716: buf[0] = IPCP_OPT_ADDRESS;
2717: buf[1] = 6;
2718: buf[2] = hisaddr >> 24;
2719: buf[3] = hisaddr >> 16;
2720: buf[4] = hisaddr >> 8;
2721: buf[5] = hisaddr;
2722: rlen = 6;
2723: if (debug)
2724: addlog("still need hisaddr ");
2725: }
2726:
2727: if (rlen) {
2728: if (debug)
2729: addlog(" send conf-nak\n");
2730: sppp_cp_send (sp, PPP_IPCP, CONF_NAK, h->ident, rlen, buf);
2731: } else {
2732: if (debug)
2733: addlog(" send conf-ack\n");
2734: sppp_cp_send (sp, PPP_IPCP, CONF_ACK,
2735: h->ident, origlen, h+1);
2736: }
2737:
2738: FREE(buf, M_TEMP);
2739: return (rlen == 0);
2740: }
2741:
2742: /*
2743: * Analyze the IPCP Configure-Reject option list, and adjust our
2744: * negotiation.
2745: */
2746: static void
2747: sppp_ipcp_RCN_rej(struct sppp *sp, struct lcp_header *h, int len)
2748: {
2749: u_char *buf, *p;
2750: struct ifnet *ifp = &sp->pp_if;
2751: int debug = ifp->if_flags & IFF_DEBUG;
2752:
2753: len -= 4;
2754: buf = MALLOC (len, M_TEMP, M_NOWAIT);
2755: if (!buf)
2756: return;
2757:
2758: if (debug)
2759: log(LOG_DEBUG, SPP_FMT "ipcp rej opts: ",
2760: SPP_ARGS(ifp));
2761:
2762: p = (void*) (h+1);
2763: for (; len > 1 && p[1]; len -= p[1], p += p[1]) {
2764: if (debug)
2765: addlog(" %s ", sppp_ipcp_opt_name(*p));
2766: switch (*p) {
2767: case IPCP_OPT_ADDRESS:
2768: /*
2769: * Peer doesn't grok address option. This is
2770: * bad. XXX Should we better give up here?
2771: * XXX We could try old "addresses" option...
2772: */
2773: sp->ipcp.opts &= ~(1 << IPCP_OPT_ADDRESS);
2774: break;
2775: #ifdef notyet
2776: case IPCP_OPT_COMPRESS:
2777: sp->ipcp.opts &= ~(1 << IPCP_OPT_COMPRESS);
2778: break;
2779: #endif
2780: }
2781: }
2782: if (debug)
2783: addlog("\n");
2784: FREE(buf, M_TEMP);
2785: return;
2786: }
2787:
2788: /*
2789: * Analyze the IPCP Configure-NAK option list, and adjust our
2790: * negotiation.
2791: */
2792: static void
2793: sppp_ipcp_RCN_nak(struct sppp *sp, struct lcp_header *h, int len)
2794: {
2795: u_char *buf, *p;
2796: struct ifnet *ifp = &sp->pp_if;
2797: int debug = ifp->if_flags & IFF_DEBUG;
2798: u_long wantaddr;
2799:
2800: len -= 4;
2801: buf = MALLOC (len, M_TEMP, M_NOWAIT);
2802: if (!buf)
2803: return;
2804:
2805: if (debug)
2806: log(LOG_DEBUG, SPP_FMT "ipcp nak opts: ",
2807: SPP_ARGS(ifp));
2808:
2809: p = (void*) (h+1);
2810: for (; len > 1 && p[1]; len -= p[1], p += p[1]) {
2811: if (debug)
2812: addlog(" %s ", sppp_ipcp_opt_name(*p));
2813: switch (*p) {
2814: case IPCP_OPT_ADDRESS:
2815: /*
2816: * Peer doesn't like our local IP address. See
2817: * if we can do something for him. We'll drop
2818: * him our address then.
2819: */
2820: if (len >= 6 && p[1] == 6) {
2821: wantaddr = p[2] << 24 | p[3] << 16 |
2822: p[4] << 8 | p[5];
2823: sp->ipcp.opts |= (1 << IPCP_OPT_ADDRESS);
2824: if (debug)
2825: addlog("[wantaddr %s] ",
2826: sppp_dotted_quad(wantaddr));
2827: /*
2828: * When doing dynamic address assignment,
2829: * we accept his offer. Otherwise, we
2830: * ignore it and thus continue to negotiate
2831: * our already existing value.
2832: * XXX: Bogus, if he said no once, he'll
2833: * just say no again, might as well die.
2834: */
2835: if (sp->ipcp.flags & IPCP_MYADDR_DYN) {
2836: sppp_set_ip_addr(sp, wantaddr);
2837: if (debug)
2838: addlog("[agree] ");
2839: sp->ipcp.flags |= IPCP_MYADDR_SEEN;
2840: }
2841: }
2842: break;
2843: #ifdef notyet
2844: case IPCP_OPT_COMPRESS:
2845: /*
2846: * Peer wants different compression parameters.
2847: */
2848: break;
2849: #endif
2850: }
2851: }
2852: if (debug)
2853: addlog("\n");
2854: FREE(buf, M_TEMP);
2855: return;
2856: }
2857:
2858: static void
2859: sppp_ipcp_tlu(struct sppp *sp)
2860: {
2861: /* we are up - notify isdn daemon */
2862: if (sp->pp_con)
2863: sp->pp_con(sp);
2864: }
2865:
2866: static void
2867: sppp_ipcp_tld(struct sppp *sp)
2868: {
2869: }
2870:
2871: static void
2872: sppp_ipcp_tls(struct sppp *sp)
2873: {
2874: /* indicate to LCP that it must stay alive */
2875: sp->lcp.protos |= (1 << IDX_IPCP);
2876: }
2877:
2878: static void
2879: sppp_ipcp_tlf(struct sppp *sp)
2880: {
2881: /* we no longer need LCP */
2882: sp->lcp.protos &= ~(1 << IDX_IPCP);
2883: sppp_lcp_check_and_close(sp);
2884: }
2885:
2886: static void
2887: sppp_ipcp_scr(struct sppp *sp)
2888: {
2889: char opt[6 /* compression */ + 6 /* address */];
2890: u_long ouraddr;
2891: int i = 0;
2892:
2893: #ifdef notyet
2894: if (sp->ipcp.opts & (1 << IPCP_OPT_COMPRESSION)) {
2895: opt[i++] = IPCP_OPT_COMPRESSION;
2896: opt[i++] = 6;
2897: opt[i++] = 0; /* VJ header compression */
2898: opt[i++] = 0x2d; /* VJ header compression */
2899: opt[i++] = max_slot_id;
2900: opt[i++] = comp_slot_id;
2901: }
2902: #endif
2903:
2904: if (sp->ipcp.opts & (1 << IPCP_OPT_ADDRESS)) {
2905: sppp_get_ip_addrs(sp, &ouraddr, 0, 0);
2906: opt[i++] = IPCP_OPT_ADDRESS;
2907: opt[i++] = 6;
2908: opt[i++] = ouraddr >> 24;
2909: opt[i++] = ouraddr >> 16;
2910: opt[i++] = ouraddr >> 8;
2911: opt[i++] = ouraddr;
2912: }
2913:
2914: sp->confid[IDX_IPCP] = ++sp->pp_seq;
2915: sppp_cp_send(sp, PPP_IPCP, CONF_REQ, sp->confid[IDX_IPCP], i, &opt);
2916: }
2917:
2918:
2919:
/*
2920: *--------------------------------------------------------------------------*
2921: * *
2922: * The CHAP implementation. *
2923: * *
2924: *--------------------------------------------------------------------------*
2925: */
2926:
2927: /*
2928: * The authentication protocols don't employ a full-fledged state machine as
2929: * the control protocols do, since they do have Open and Close events, but
2930: * not Up and Down, nor are they explicitly terminated. Also, use of the
2931: * authentication protocols may be different in both directions (this makes
2932: * sense, think of a machine that never accepts incoming calls but only
2933: * calls out, it doesn't require the called party to authenticate itself).
2934: *
2935: * Our state machine for the local authentication protocol (we are requesting
2936: * the peer to authenticate) looks like:
2937: *
2938: * RCA-
2939: * +--------------------------------------------+
2940: * V scn,tld|
2941: * +--------+ Close +---------+ RCA+
2942: * | |<----------------------------------| |------+
2943: * +--->| Closed | TO* | Opened | sca |
2944: * | | |-----+ +-------| |<-----+
2945: * | +--------+ irc | | +---------+
2946: * | ^ | | ^
2947: * | | | | |
2948: * | | | | |
2949: * | TO-| | | |
2950: * | |tld TO+ V | |
2951: * | | +------->+ | |
2952: * | | | | | |
2953: * | +--------+ V | |
2954: * | | |<----+<--------------------+ |
2955: * | | Req- | scr |
2956: * | | Sent | |
2957: * | | | |
2958: * | +--------+ |
2959: * | RCA- | | RCA+ |
2960: * +------+ +------------------------------------------+
2961: * scn,tld sca,irc,ict,tlu
2962: *
2963: *
2964: * with:
2965: *
2966: * Open: LCP reached authentication phase
2967: * Close: LCP reached terminate phase
2968: *
2969: * RCA+: received reply (pap-req, chap-response), acceptable
2970: * RCN: received reply (pap-req, chap-response), not acceptable
2971: * TO+: timeout with restart counter >= 0
2972: * TO-: timeout with restart counter < 0
2973: * TO*: reschedule timeout for CHAP
2974: *
2975: * scr: send request packet (none for PAP, chap-challenge)
2976: * sca: send ack packet (pap-ack, chap-success)
2977: * scn: send nak packet (pap-nak, chap-failure)
2978: * ict: initialize re-challenge timer (CHAP only)
2979: *
2980: * tlu: this-layer-up, LCP reaches network phase
2981: * tld: this-layer-down, LCP enters terminate phase
2982: *
2983: * Note that in CHAP mode, after sending a new challenge, while the state
2984: * automaton falls back into Req-Sent state, it doesn't signal a tld
2985: * event to LCP, so LCP remains in network phase. Only after not getting
2986: * any response (or after getting an unacceptable response), CHAP closes,
2987: * causing LCP to enter terminate phase.
2988: *
2989: * With PAP, there is no initial request that can be sent. The peer is
2990: * expected to send one based on the successful negotiation of PAP as
2991: * the authentication protocol during the LCP option negotiation.
2992: *
2993: * Incoming authentication protocol requests (remote requests
2994: * authentication, we are peer) don't employ a state machine at all,
2995: * they are simply answered. Some peers [Ascend P50 firmware rev
2996: * 4.50] react allergically when sending IPCP requests while they are
2997: * still in authentication phase (thereby violating the standard that
2998: * demands that these NCP packets are to be discarded), so we keep
2999: * track of the peer demanding us to authenticate, and only proceed to
3000: * phase network once we've seen a positive acknowledge for the
3001: * authentication.
3002: */
3003:
3004: /*
3005: * Handle incoming CHAP packets.
3006: */
3007: void
3008: sppp_chap_input(struct sppp *sp, struct mbuf *m)
3009: {
3010: STDDCL;
3011: struct lcp_header *h;
3012: int len, x;
3013: u_char *value, *name, digest[AUTHKEYLEN], dsize;
3014: int value_len, name_len;
3015: MD5_CTX ctx;
3016:
3017: len = m->m_pkthdr.len;
3018: if (len < 4) {
3019: if (debug)
3020: log(LOG_DEBUG,
3021: SPP_FMT "chap invalid packet length: %d bytes\n",
3022: SPP_ARGS(ifp), len);
3023: return;
3024: }
3025: h = mtod (m, struct lcp_header*);
3026: if (len > ntohs (h->len))
3027: len = ntohs (h->len);
3028:
3029: switch (h->type) {
3030: /* challenge, failure and success are his authproto */
3031: case CHAP_CHALLENGE:
3032: value = 1 + (u_char*)(h+1);
3033: value_len = value[-1];
3034: name = value + value_len;
3035: name_len = len - value_len - 5;
3036: if (name_len < 0) {
3037: if (debug) {
3038: log(LOG_DEBUG,
3039: SPP_FMT "chap corrupted challenge "
3040: "<%s id=0x%x len=%d",
3041: SPP_ARGS(ifp),
3042: sppp_auth_type_name(PPP_CHAP, h->type),
3043: h->ident, ntohs(h->len));
3044: if (len > 4)
3045: sppp_print_bytes((u_char*) (h+1), len-4);
3046: addlog(">\n");
3047: }
3048: break;
3049: }
3050:
3051: if (debug) {
3052: log(LOG_DEBUG,
3053: SPP_FMT "chap input <%s id=0x%x len=%d name=",
3054: SPP_ARGS(ifp),
3055: sppp_auth_type_name(PPP_CHAP, h->type), h->ident,
3056: ntohs(h->len));
3057: sppp_print_string((char*) name, name_len);
3058: addlog(" value-size=%d value=", value_len);
3059: sppp_print_bytes(value, value_len);
3060: addlog(">\n");
3061: }
3062:
3063: /* Compute reply value. */
3064: MD5Init(&ctx);
3065: MD5Update(&ctx, &h->ident, 1);
3066: MD5Update(&ctx, sp->myauth.secret,
3067: sppp_strnlen(sp->myauth.secret, AUTHKEYLEN));
3068: MD5Update(&ctx, value, value_len);
3069: MD5Final(digest, &ctx);
3070: dsize = sizeof digest;
3071:
3072: sppp_auth_send(&chap, sp, CHAP_RESPONSE, h->ident,
3073: sizeof dsize, (const char *)&dsize,
3074: sizeof digest, digest,
3075: (size_t)sppp_strnlen(sp->myauth.name, AUTHNAMELEN),
3076: sp->myauth.name,
3077: 0);
3078: break;
3079:
3080: case CHAP_SUCCESS:
3081: if (debug) {
3082: log(LOG_DEBUG, SPP_FMT "chap success",
3083: SPP_ARGS(ifp));
3084: if (len > 4) {
3085: addlog(": ");
3086: sppp_print_string((char*)(h + 1), len - 4);
3087: }
3088: addlog("\n");
3089: }
3090: x = splimp();
3091: sp->pp_flags &= ~PP_NEEDAUTH;
3092: if (sp->myauth.proto == PPP_CHAP &&
3093: (sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) &&
3094: (sp->lcp.protos & (1 << IDX_CHAP)) == 0) {
3095: /*
3096: * We are authenticator for CHAP but didn't
3097: * complete yet. Leave it to tlu to proceed
3098: * to network phase.
3099: */
3100: splx(x);
3101: break;
3102: }
3103: splx(x);
3104: sppp_phase_network(sp);
3105: break;
3106:
3107: case CHAP_FAILURE:
3108: if (debug) {
3109: log(LOG_INFO, SPP_FMT "chap failure",
3110: SPP_ARGS(ifp));
3111: if (len > 4) {
3112: addlog(": ");
3113: sppp_print_string((char*)(h + 1), len - 4);
3114: }
3115: addlog("\n");
3116: } else
3117: log(LOG_INFO, SPP_FMT "chap failure\n",
3118: SPP_ARGS(ifp));
3119: /* await LCP shutdown by authenticator */
3120: break;
3121:
3122: /* response is my authproto */
3123: case CHAP_RESPONSE:
3124: value = 1 + (u_char*)(h+1);
3125: value_len = value[-1];
3126: name = value + value_len;
3127: name_len = len - value_len - 5;
3128: if (name_len < 0) {
3129: if (debug) {
3130: log(LOG_DEBUG,
3131: SPP_FMT "chap corrupted response "
3132: "<%s id=0x%x len=%d",
3133: SPP_ARGS(ifp),
3134: sppp_auth_type_name(PPP_CHAP, h->type),
3135: h->ident, ntohs(h->len));
3136: if (len > 4)
3137: sppp_print_bytes((u_char*)(h+1), len-4);
3138: addlog(">\n");
3139: }
3140: break;
3141: }
3142: if (h->ident != sp->confid[IDX_CHAP]) {
3143: if (debug)
3144: log(LOG_DEBUG,
3145: SPP_FMT "chap dropping response for old ID "
3146: "(got %d, expected %d)\n",
3147: SPP_ARGS(ifp),
3148: h->ident, sp->confid[IDX_CHAP]);
3149: break;
3150: }
3151: if (name_len != sppp_strnlen(sp->hisauth.name, AUTHNAMELEN)
3152: || bcmp(name, sp->hisauth.name, name_len) != 0) {
3153: log(LOG_INFO, SPP_FMT "chap response, his name ",
3154: SPP_ARGS(ifp));
3155: sppp_print_string(name, name_len);
3156: addlog(" != expected ");
3157: sppp_print_string(sp->hisauth.name,
3158: sppp_strnlen(sp->hisauth.name, AUTHNAMELEN));
3159: addlog("\n");
3160: }
3161: if (debug) {
3162: log(LOG_DEBUG, SPP_FMT "chap input(%s) "
3163: "<%s id=0x%x len=%d name=",
3164: SPP_ARGS(ifp),
3165: sppp_state_name(sp->state[IDX_CHAP]),
3166: sppp_auth_type_name(PPP_CHAP, h->type),
3167: h->ident, ntohs (h->len));
3168: sppp_print_string((char*)name, name_len);
3169: addlog(" value-size=%d value=", value_len);
3170: sppp_print_bytes(value, value_len);
3171: addlog(">\n");
3172: }
3173: if (value_len != AUTHKEYLEN) {
3174: if (debug)
3175: log(LOG_DEBUG,
3176: SPP_FMT "chap bad hash value length: "
3177: "%d bytes, should be %d\n",
3178: SPP_ARGS(ifp), value_len,
3179: AUTHKEYLEN);
3180: break;
3181: }
3182:
3183: MD5Init(&ctx);
3184: MD5Update(&ctx, &h->ident, 1);
3185: MD5Update(&ctx, sp->hisauth.secret,
3186: sppp_strnlen(sp->hisauth.secret, AUTHKEYLEN));
3187: MD5Update(&ctx, sp->myauth.challenge, AUTHKEYLEN);
3188: MD5Final(digest, &ctx);
3189:
3190: #define FAILMSG "Failed..."
3191: #define SUCCMSG "Welcome!"
3192:
3193: if (value_len != sizeof digest ||
3194: bcmp(digest, value, value_len) != 0) {
3195: /* action scn, tld */
3196: sppp_auth_send(&chap, sp, CHAP_FAILURE, h->ident,
3197: sizeof(FAILMSG) - 1, (u_char *)FAILMSG,
3198: 0);
3199: chap.tld(sp);
3200: break;
3201: }
3202: /* action sca, perhaps tlu */
3203: if (sp->state[IDX_CHAP] == STATE_REQ_SENT ||
3204: sp->state[IDX_CHAP] == STATE_OPENED)
3205: sppp_auth_send(&chap, sp, CHAP_SUCCESS, h->ident,
3206: sizeof(SUCCMSG) - 1, (u_char *)SUCCMSG,
3207: 0);
3208: if (sp->state[IDX_CHAP] == STATE_REQ_SENT) {
3209: sppp_cp_change_state(&chap, sp, STATE_OPENED);
3210: chap.tlu(sp);
3211: }
3212: break;
3213:
3214: default:
3215: /* Unknown CHAP packet type -- ignore. */
3216: if (debug) {
3217: log(LOG_DEBUG, SPP_FMT "chap unknown input(%s) "
3218: "<0x%x id=0x%xh len=%d",
3219: SPP_ARGS(ifp),
3220: sppp_state_name(sp->state[IDX_CHAP]),
3221: h->type, h->ident, ntohs(h->len));
3222: if (len > 4)
3223: sppp_print_bytes((u_char*)(h+1), len-4);
3224: addlog(">\n");
3225: }
3226: break;
3227:
3228: }
3229: }
3230:
3231: static void
3232: sppp_chap_init(struct sppp *sp)
3233: {
3234: /* Chap doesn't have STATE_INITIAL at all. */
3235: sp->state[IDX_CHAP] = STATE_CLOSED;
3236: sp->fail_counter[IDX_CHAP] = 0;
3237: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
3238: callout_handle_init(&sp->ch[IDX_CHAP]);
3239: #endif
3240: }
3241:
3242: static void
3243: sppp_chap_open(struct sppp *sp)
3244: {
3245: if (sp->myauth.proto == PPP_CHAP &&
3246: (sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) != 0) {
3247: /* we are authenticator for CHAP, start it */
3248: chap.scr(sp);
3249: sp->rst_counter[IDX_CHAP] = sp->lcp.max_configure;
3250: sppp_cp_change_state(&chap, sp, STATE_REQ_SENT);
3251: }
3252: /* nothing to be done if we are peer, await a challenge */
3253: }
3254:
3255: static void
3256: sppp_chap_close(struct sppp *sp)
3257: {
3258: if (sp->state[IDX_CHAP] != STATE_CLOSED)
3259: sppp_cp_change_state(&chap, sp, STATE_CLOSED);
3260: }
3261:
3262: static void
3263: sppp_chap_TO(void *cookie)
3264: {
3265: struct sppp *sp = (struct sppp *)cookie;
3266: STDDCL;
3267: int s;
3268:
3269: s = splimp();
3270: if (debug)
3271: log(LOG_DEBUG, SPP_FMT "chap TO(%s) rst_counter = %d\n",
3272: SPP_ARGS(ifp),
3273: sppp_state_name(sp->state[IDX_CHAP]),
3274: sp->rst_counter[IDX_CHAP]);
3275:
3276: if (--sp->rst_counter[IDX_CHAP] < 0)
3277: /* TO- event */
3278: switch (sp->state[IDX_CHAP]) {
3279: case STATE_REQ_SENT:
3280: chap.tld(sp);
3281: sppp_cp_change_state(&chap, sp, STATE_CLOSED);
3282: break;
3283: }
3284: else
3285: /* TO+ (or TO*) event */
3286: switch (sp->state[IDX_CHAP]) {
3287: case STATE_OPENED:
3288: /* TO* event */
3289: sp->rst_counter[IDX_CHAP] = sp->lcp.max_configure;
3290: /* fall through */
3291: case STATE_REQ_SENT:
3292: chap.scr(sp);
3293: /* sppp_cp_change_state() will restart the timer */
3294: sppp_cp_change_state(&chap, sp, STATE_REQ_SENT);
3295: break;
3296: }
3297:
3298: splx(s);
3299: }
3300:
3301: static void
3302: sppp_chap_tlu(struct sppp *sp)
3303: {
3304: STDDCL;
3305: int i, x;
3306:
3307: i = 0;
3308: sp->rst_counter[IDX_CHAP] = sp->lcp.max_configure;
3309:
3310: /*
3311: * Some broken CHAP implementations (Conware CoNet, firmware
3312: * 4.0.?) don't want to re-authenticate their CHAP once the
3313: * initial challenge-response exchange has taken place.
3314: * Provide for an option to avoid rechallenges.
3315: */
3316: if ((sp->hisauth.flags & AUTHFLAG_NORECHALLENGE) == 0) {
3317: /*
3318: * Compute the re-challenge timeout. This will yield
3319: * a number between 300 and 810 seconds.
3320: */
3321: i = 300 + ((unsigned)(random() & 0xff00) >> 7);
3322: TIMEOUT(chap.TO, (void *)sp, i * hz, sp->ch[IDX_CHAP]);
3323: }
3324:
3325: if (debug) {
3326: log(LOG_DEBUG,
3327: SPP_FMT "chap %s, ",
3328: SPP_ARGS(ifp),
3329: sp->pp_phase == PHASE_NETWORK? "reconfirmed": "tlu");
3330: if ((sp->hisauth.flags & AUTHFLAG_NORECHALLENGE) == 0)
3331: addlog("next re-challenge in %d seconds\n", i);
3332: else
3333: addlog("re-challenging supressed\n");
3334: }
3335:
3336: x = splimp();
3337: /* indicate to LCP that we need to be closed down */
3338: sp->lcp.protos |= (1 << IDX_CHAP);
3339:
3340: if (sp->pp_flags & PP_NEEDAUTH) {
3341: /*
3342: * Remote is authenticator, but his auth proto didn't
3343: * complete yet. Defer the transition to network
3344: * phase.
3345: */
3346: splx(x);
3347: return;
3348: }
3349: splx(x);
3350:
3351: /*
3352: * If we are already in phase network, we are done here. This
3353: * is the case if this is a dummy tlu event after a re-challenge.
3354: */
3355: if (sp->pp_phase != PHASE_NETWORK)
3356: sppp_phase_network(sp);
3357: }
3358:
3359: static void
3360: sppp_chap_tld(struct sppp *sp)
3361: {
3362: STDDCL;
3363:
3364: if (debug)
3365: log(LOG_DEBUG, SPP_FMT "chap tld\n", SPP_ARGS(ifp));
3366: UNTIMEOUT(chap.TO, (void *)sp, sp->ch[IDX_CHAP]);
3367: sp->lcp.protos &= ~(1 << IDX_CHAP);
3368:
3369: lcp.Close(sp);
3370: }
3371:
3372: static void
3373: sppp_chap_scr(struct sppp *sp)
3374: {
3375: u_long *ch, seed;
3376: u_char clen;
3377:
3378: /* Compute random challenge. */
3379: ch = (u_long *)sp->myauth.challenge;
3380: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
3381: read_random(&seed, sizeof seed);
3382: #else
3383: {
3384: struct timeval tv;
3385: microtime(&tv);
3386: seed = tv.tv_sec ^ tv.tv_usec;
3387: }
3388: #endif
3389: ch[0] = seed ^ random();
3390: ch[1] = seed ^ random();
3391: ch[2] = seed ^ random();
3392: ch[3] = seed ^ random();
3393: clen = AUTHKEYLEN;
3394:
3395: sp->confid[IDX_CHAP] = ++sp->pp_seq;
3396:
3397: sppp_auth_send(&chap, sp, CHAP_CHALLENGE, sp->confid[IDX_CHAP],
3398: sizeof clen, (const char *)&clen,
3399: (size_t)AUTHKEYLEN, sp->myauth.challenge,
3400: (size_t)sppp_strnlen(sp->myauth.name, AUTHNAMELEN),
3401: sp->myauth.name,
3402: 0);
3403: }
3404:
/*
3405: *--------------------------------------------------------------------------*
3406: * *
3407: * The PAP implementation. *
3408: * *
3409: *--------------------------------------------------------------------------*
3410: */
3411: /*
3412: * For PAP, we need to keep a little state also if we are the peer, not the
3413: * authenticator. This is since we don't get a request to authenticate, but
3414: * have to repeatedly authenticate ourself until we got a response (or the
3415: * retry counter is expired).
3416: */
3417:
3418: /*
3419: * Handle incoming PAP packets. */
3420: static void
3421: sppp_pap_input(struct sppp *sp, struct mbuf *m)
3422: {
3423: STDDCL;
3424: struct lcp_header *h;
3425: int len, x;
3426: u_char *name, *passwd, mlen;
3427: int name_len, passwd_len;
3428:
3429: len = m->m_pkthdr.len;
3430: if (len < 5) {
3431: if (debug)
3432: log(LOG_DEBUG,
3433: SPP_FMT "pap invalid packet length: %d bytes\n",
3434: SPP_ARGS(ifp), len);
3435: return;
3436: }
3437: h = mtod (m, struct lcp_header*);
3438: if (len > ntohs (h->len))
3439: len = ntohs (h->len);
3440: switch (h->type) {
3441: /* PAP request is my authproto */
3442: case PAP_REQ:
3443: name = 1 + (u_char*)(h+1);
3444: name_len = name[-1];
3445: passwd = name + name_len + 1;
3446: if (name_len > len - 6 ||
3447: (passwd_len = passwd[-1]) > len - 6 - name_len) {
3448: if (debug) {
3449: log(LOG_DEBUG, SPP_FMT "pap corrupted input "
3450: "<%s id=0x%x len=%d",
3451: SPP_ARGS(ifp),
3452: sppp_auth_type_name(PPP_PAP, h->type),
3453: h->ident, ntohs(h->len));
3454: if (len > 4)
3455: sppp_print_bytes((u_char*)(h+1), len-4);
3456: addlog(">\n");
3457: }
3458: break;
3459: }
3460: if (debug) {
3461: log(LOG_DEBUG, SPP_FMT "pap input(%s) "
3462: "<%s id=0x%x len=%d name=",
3463: SPP_ARGS(ifp),
3464: sppp_state_name(sp->state[IDX_PAP]),
3465: sppp_auth_type_name(PPP_PAP, h->type),
3466: h->ident, ntohs(h->len));
3467: sppp_print_string((char*)name, name_len);
3468: addlog(" passwd=");
3469: sppp_print_string((char*)passwd, passwd_len);
3470: addlog(">\n");
3471: }
3472: if (name_len > AUTHNAMELEN ||
3473: passwd_len > AUTHKEYLEN ||
3474: bcmp(name, sp->hisauth.name, name_len) != 0 ||
3475: bcmp(passwd, sp->hisauth.secret, passwd_len) != 0) {
3476: /* action scn, tld */
3477: mlen = sizeof(FAILMSG) - 1;
3478: sppp_auth_send(&pap, sp, PAP_NAK, h->ident,
3479: sizeof mlen, (const char *)&mlen,
3480: sizeof(FAILMSG) - 1, (u_char *)FAILMSG,
3481: 0);
3482: pap.tld(sp);
3483: break;
3484: }
3485: /* action sca, perhaps tlu */
3486: if (sp->state[IDX_PAP] == STATE_REQ_SENT ||
3487: sp->state[IDX_PAP] == STATE_OPENED) {
3488: mlen = sizeof(SUCCMSG) - 1;
3489: sppp_auth_send(&pap, sp, PAP_ACK, h->ident,
3490: sizeof mlen, (const char *)&mlen,
3491: sizeof(SUCCMSG) - 1, (u_char *)SUCCMSG,
3492: 0);
3493: }
3494: if (sp->state[IDX_PAP] == STATE_REQ_SENT) {
3495: sppp_cp_change_state(&pap, sp, STATE_OPENED);
3496: pap.tlu(sp);
3497: }
3498: break;
3499:
3500: /* ack and nak are his authproto */
3501: case PAP_ACK:
3502: UNTIMEOUT(sppp_pap_my_TO, (void *)sp, sp->pap_my_to_ch);
3503: if (debug) {
3504: log(LOG_DEBUG, SPP_FMT "pap success",
3505: SPP_ARGS(ifp));
3506: name_len = *((char *)h);
3507: if (len > 5 && name_len) {
3508: addlog(": ");
3509: sppp_print_string((char*)(h+1), name_len);
3510: }
3511: addlog("\n");
3512: }
3513: x = splimp();
3514: sp->pp_flags &= ~PP_NEEDAUTH;
3515: if (sp->myauth.proto == PPP_PAP &&
3516: (sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) &&
3517: (sp->lcp.protos & (1 << IDX_PAP)) == 0) {
3518: /*
3519: * We are authenticator for PAP but didn't
3520: * complete yet. Leave it to tlu to proceed
3521: * to network phase.
3522: */
3523: splx(x);
3524: break;
3525: }
3526: splx(x);
3527: sppp_phase_network(sp);
3528: break;
3529:
3530: case PAP_NAK:
3531: UNTIMEOUT(sppp_pap_my_TO, (void *)sp, sp->pap_my_to_ch);
3532: if (debug) {
3533: log(LOG_INFO, SPP_FMT "pap failure",
3534: SPP_ARGS(ifp));
3535: name_len = *((char *)h);
3536: if (len > 5 && name_len) {
3537: addlog(": ");
3538: sppp_print_string((char*)(h+1), name_len);
3539: }
3540: addlog("\n");
3541: } else
3542: log(LOG_INFO, SPP_FMT "pap failure\n",
3543: SPP_ARGS(ifp));
3544: /* await LCP shutdown by authenticator */
3545: break;
3546:
3547: default:
3548: /* Unknown PAP packet type -- ignore. */
3549: if (debug) {
3550: log(LOG_DEBUG, SPP_FMT "pap corrupted input "
3551: "<0x%x id=0x%x len=%d",
3552: SPP_ARGS(ifp),
3553: h->type, h->ident, ntohs(h->len));
3554: if (len > 4)
3555: sppp_print_bytes((u_char*)(h+1), len-4);
3556: addlog(">\n");
3557: }
3558: break;
3559:
3560: }
3561: }
3562:
3563: static void
3564: sppp_pap_init(struct sppp *sp)
3565: {
3566: /* PAP doesn't have STATE_INITIAL at all. */
3567: sp->state[IDX_PAP] = STATE_CLOSED;
3568: sp->fail_counter[IDX_PAP] = 0;
3569: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
3570: callout_handle_init(&sp->ch[IDX_PAP]);
3571: callout_handle_init(&sp->pap_my_to_ch);
3572: #endif
3573: }
3574:
3575: static void
3576: sppp_pap_open(struct sppp *sp)
3577: {
3578: if (sp->hisauth.proto == PPP_PAP &&
3579: (sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) != 0) {
3580: /* we are authenticator for PAP, start our timer */
3581: sp->rst_counter[IDX_PAP] = sp->lcp.max_configure;
3582: sppp_cp_change_state(&pap, sp, STATE_REQ_SENT);
3583: }
3584: if (sp->myauth.proto == PPP_PAP) {
3585: /* we are peer, send a request, and start a timer */
3586: pap.scr(sp);
3587: TIMEOUT(sppp_pap_my_TO, (void *)sp, sp->lcp.timeout,
3588: sp->pap_my_to_ch);
3589: }
3590: }
3591:
3592: static void
3593: sppp_pap_close(struct sppp *sp)
3594: {
3595: if (sp->state[IDX_PAP] != STATE_CLOSED)
3596: sppp_cp_change_state(&pap, sp, STATE_CLOSED);
3597: }
3598:
3599: /*
3600: * That's the timeout routine if we are authenticator. Since the
3601: * authenticator is basically passive in PAP, we can't do much here.
3602: */
3603: static void
3604: sppp_pap_TO(void *cookie)
3605: {
3606: struct sppp *sp = (struct sppp *)cookie;
3607: STDDCL;
3608: int s;
3609:
3610: s = splimp();
3611: if (debug)
3612: log(LOG_DEBUG, SPP_FMT "pap TO(%s) rst_counter = %d\n",
3613: SPP_ARGS(ifp),
3614: sppp_state_name(sp->state[IDX_PAP]),
3615: sp->rst_counter[IDX_PAP]);
3616:
3617: if (--sp->rst_counter[IDX_PAP] < 0)
3618: /* TO- event */
3619: switch (sp->state[IDX_PAP]) {
3620: case STATE_REQ_SENT:
3621: pap.tld(sp);
3622: sppp_cp_change_state(&pap, sp, STATE_CLOSED);
3623: break;
3624: }
3625: else
3626: /* TO+ event, not very much we could do */
3627: switch (sp->state[IDX_PAP]) {
3628: case STATE_REQ_SENT:
3629: /* sppp_cp_change_state() will restart the timer */
3630: sppp_cp_change_state(&pap, sp, STATE_REQ_SENT);
3631: break;
3632: }
3633:
3634: splx(s);
3635: }
3636:
3637: /*
3638: * That's the timeout handler if we are peer. Since the peer is active,
3639: * we need to retransmit our PAP request since it is apparently lost.
3640: * XXX We should impose a max counter.
3641: */
3642: static void
3643: sppp_pap_my_TO(void *cookie)
3644: {
3645: struct sppp *sp = (struct sppp *)cookie;
3646: STDDCL;
3647:
3648: if (debug)
3649: log(LOG_DEBUG, SPP_FMT "pap peer TO\n",
3650: SPP_ARGS(ifp));
3651:
3652: pap.scr(sp);
3653: }
3654:
3655: static void
3656: sppp_pap_tlu(struct sppp *sp)
3657: {
3658: STDDCL;
3659: int x;
3660:
3661: sp->rst_counter[IDX_PAP] = sp->lcp.max_configure;
3662:
3663: if (debug)
3664: log(LOG_DEBUG, SPP_FMT "%s tlu\n",
3665: SPP_ARGS(ifp), pap.name);
3666:
3667: x = splimp();
3668: /* indicate to LCP that we need to be closed down */
3669: sp->lcp.protos |= (1 << IDX_PAP);
3670:
3671: if (sp->pp_flags & PP_NEEDAUTH) {
3672: /*
3673: * Remote is authenticator, but his auth proto didn't
3674: * complete yet. Defer the transition to network
3675: * phase.
3676: */
3677: splx(x);
3678: return;
3679: }
3680: splx(x);
3681: sppp_phase_network(sp);
3682: }
3683:
3684: static void
3685: sppp_pap_tld(struct sppp *sp)
3686: {
3687: STDDCL;
3688:
3689: if (debug)
3690: log(LOG_DEBUG, SPP_FMT "pap tld\n", SPP_ARGS(ifp));
3691: UNTIMEOUT(pap.TO, (void *)sp, sp->ch[IDX_PAP]);
3692: UNTIMEOUT(sppp_pap_my_TO, (void *)sp, sp->pap_my_to_ch);
3693: sp->lcp.protos &= ~(1 << IDX_PAP);
3694:
3695: lcp.Close(sp);
3696: }
3697:
3698: static void
3699: sppp_pap_scr(struct sppp *sp)
3700: {
3701: u_char idlen, pwdlen;
3702:
3703: sp->confid[IDX_PAP] = ++sp->pp_seq;
3704: pwdlen = sppp_strnlen(sp->myauth.secret, AUTHKEYLEN);
3705: idlen = sppp_strnlen(sp->myauth.name, AUTHNAMELEN);
3706:
3707: sppp_auth_send(&pap, sp, PAP_REQ, sp->confid[IDX_PAP],
3708: sizeof idlen, (const char *)&idlen,
3709: (size_t)idlen, sp->myauth.name,
3710: sizeof pwdlen, (const char *)&pwdlen,
3711: (size_t)pwdlen, sp->myauth.secret,
3712: 0);
3713: }
3714:
/*
3715: * Random miscellaneous functions.
3716: */
3717:
3718: /*
3719: * Send a PAP or CHAP proto packet.
3720: *
3721: * Varadic function, each of the elements for the ellipsis is of type
3722: * ``size_t mlen, const u_char *msg''. Processing will stop iff
3723: * mlen == 0.
3724: * NOTE: never declare variadic functions with types subject to type
3725: * promotion (i.e. u_char). This is asking for big trouble depending
3726: * on the architecture you are on...
3727: */
3728:
3729: static void
3730: sppp_auth_send(const struct cp *cp, struct sppp *sp,
3731: unsigned int type, unsigned int id,
3732: ...)
3733: {
3734: STDDCL;
3735: struct ppp_header *h;
3736: struct lcp_header *lh;
3737: struct mbuf *m;
3738: u_char *p;
3739: int len;
3740: unsigned int mlen;
3741: const char *msg;
3742: va_list ap;
3743:
3744: MGETHDR (m, M_DONTWAIT, MT_DATA);
3745: if (! m)
3746: return;
3747: m->m_pkthdr.rcvif = 0;
3748:
3749: h = mtod (m, struct ppp_header*);
3750: h->address = PPP_ALLSTATIONS; /* broadcast address */
3751: h->control = PPP_UI; /* Unnumbered Info */
3752: h->protocol = htons(cp->proto);
3753:
3754: lh = (struct lcp_header*)(h + 1);
3755: lh->type = type;
3756: lh->ident = id;
3757: p = (u_char*) (lh+1);
3758:
3759: va_start(ap, id);
3760: len = 0;
3761:
3762: while ((mlen = (unsigned int)va_arg(ap, size_t)) != 0) {
3763: msg = va_arg(ap, const char *);
3764: len += mlen;
3765: if (len > MHLEN - PPP_HEADER_LEN - LCP_HEADER_LEN) {
3766: va_end(ap);
3767: m_freem(m);
3768: return;
3769: }
3770:
3771: bcopy(msg, p, mlen);
3772: p += mlen;
3773: }
3774: va_end(ap);
3775:
3776: m->m_pkthdr.len = m->m_len = PPP_HEADER_LEN + LCP_HEADER_LEN + len;
3777: lh->len = htons (LCP_HEADER_LEN + len);
3778:
3779: if (debug) {
3780: log(LOG_DEBUG, SPP_FMT "%s output <%s id=0x%x len=%d",
3781: SPP_ARGS(ifp), cp->name,
3782: sppp_auth_type_name(cp->proto, lh->type),
3783: lh->ident, ntohs(lh->len));
3784: if (len)
3785: sppp_print_bytes((u_char*) (lh+1), len);
3786: addlog(">\n");
3787: }
3788: if (IF_QFULL (&sp->pp_cpq)) {
3789: IF_DROP (&sp->pp_fastq);
3790: IF_DROP (&ifp->if_snd);
3791: m_freem (m);
3792: ++ifp->if_oerrors;
3793: } else
3794: IF_ENQUEUE (&sp->pp_cpq, m);
3795: if (! (ifp->if_flags & IFF_OACTIVE))
3796: (*ifp->if_start) (ifp);
3797: ifp->if_obytes += m->m_pkthdr.len + 3;
3798: }
3799:
3800: /*
3801: * Flush interface queue.
3802: */
3803: static void
3804: sppp_qflush(struct ifqueue *ifq)
3805: {
3806: struct mbuf *m, *n;
3807:
3808: n = ifq->ifq_head;
3809: while ((m = n)) {
3810: n = m->m_act;
3811: m_freem (m);
3812: }
3813: ifq->ifq_head = 0;
3814: ifq->ifq_tail = 0;
3815: ifq->ifq_len = 0;
3816: }
3817:
3818: /*
3819: * Send keepalive packets, every 10 seconds.
3820: */
3821: static void
3822: sppp_keepalive(void *dummy)
3823: {
3824: struct sppp *sp;
3825: int s;
3826:
3827: s = splimp();
3828: for (sp=spppq; sp; sp=sp->pp_next) {
3829: struct ifnet *ifp = &sp->pp_if;
3830:
3831: /* Keepalive mode disabled or channel down? */
3832: if (! (sp->pp_flags & PP_KEEPALIVE) ||
3833: ! (ifp->if_flags & IFF_RUNNING))
3834: continue;
3835:
3836: /* No keepalive in PPP mode if LCP not opened yet. */
3837: if (! (sp->pp_flags & PP_CISCO) &&
3838: sp->pp_phase < PHASE_AUTHENTICATE)
3839: continue;
3840:
3841: if (sp->pp_alivecnt == MAXALIVECNT) {
3842: /* No keepalive packets got. Stop the interface. */
3843: printf (SPP_FMT "down\n", SPP_ARGS(ifp));
3844: if_down (ifp);
3845: sppp_qflush (&sp->pp_cpq);
3846: if (! (sp->pp_flags & PP_CISCO)) {
3847: /* XXX */
3848: /* Shut down the PPP link. */
3849: lcp.Down(sp);
3850: /* Initiate negotiation. XXX */
3851: lcp.Up(sp);
3852: }
3853: }
3854: if (sp->pp_alivecnt <= MAXALIVECNT)
3855: ++sp->pp_alivecnt;
3856: if (sp->pp_flags & PP_CISCO)
3857: sppp_cisco_send (sp, CISCO_KEEPALIVE_REQ, ++sp->pp_seq,
3858: sp->pp_rseq);
3859: else if (sp->pp_phase >= PHASE_AUTHENTICATE) {
3860: long nmagic = htonl (sp->lcp.magic);
3861: sp->lcp.echoid = ++sp->pp_seq;
3862: sppp_cp_send (sp, PPP_LCP, ECHO_REQ,
3863: sp->lcp.echoid, 4, &nmagic);
3864: }
3865: }
3866: splx(s);
3867: TIMEOUT(sppp_keepalive, 0, hz * 10, keepalive_ch);
3868: }
3869:
3870: /*
3871: * Get both IP addresses.
3872: */
3873: static void
3874: sppp_get_ip_addrs(struct sppp *sp, u_long *src, u_long *dst, u_long *srcmask)
3875: {
3876: struct ifnet *ifp = &sp->pp_if;
3877: struct ifaddr *ifa;
3878: struct sockaddr_in *si, *sm;
3879: u_long ssrc, ddst;
3880:
3881: sm = NULL;
3882: ssrc = ddst = 0L;
3883: /*
3884: * Pick the first AF_INET address from the list,
3885: * aliases don't make any sense on a p2p link anyway.
3886: */
3887: si = 0;
3888: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
3889: TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)
3890: #elif defined(__NetBSD__) || defined (__OpenBSD__)
3891: for (ifa = ifp->if_addrlist.tqh_first;
3892: ifa;
3893: ifa = ifa->ifa_list.tqe_next)
3894: #else
3895: for (ifa = ifp->if_addrlist;
3896: ifa;
3897: ifa = ifa->ifa_next)
3898: #endif
3899: if (ifa->ifa_addr->sa_family == AF_INET) {
3900: si = (struct sockaddr_in *)ifa->ifa_addr;
3901: sm = (struct sockaddr_in *)ifa->ifa_netmask;
3902: if (si)
3903: break;
3904: }
3905: if (ifa) {
3906: if (si && si->sin_addr.s_addr) {
3907: ssrc = si->sin_addr.s_addr;
3908: if (srcmask)
3909: *srcmask = ntohl(sm->sin_addr.s_addr);
3910: }
3911:
3912: si = (struct sockaddr_in *)ifa->ifa_dstaddr;
3913: if (si && si->sin_addr.s_addr)
3914: ddst = si->sin_addr.s_addr;
3915: }
3916:
3917: if (dst) *dst = ntohl(ddst);
3918: if (src) *src = ntohl(ssrc);
3919: }
3920:
3921: /*
3922: * Set my IP address. Must be called at splimp.
3923: */
3924: static void
3925: sppp_set_ip_addr(struct sppp *sp, u_long src)
3926: {
3927: STDDCL;
3928: struct ifaddr *ifa;
3929: struct sockaddr_in *si;
3930:
3931: /*
3932: * Pick the first AF_INET address from the list,
3933: * aliases don't make any sense on a p2p link anyway.
3934: */
3935: si = 0;
3936: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
3937: TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)
3938: #elif defined(__NetBSD__) || defined (__OpenBSD__)
3939: for (ifa = ifp->if_addrlist.tqh_first;
3940: ifa;
3941: ifa = ifa->ifa_list.tqe_next)
3942: #else
3943: for (ifa = ifp->if_addrlist;
3944: ifa;
3945: ifa = ifa->ifa_next)
3946: #endif
3947: {
3948: if (ifa->ifa_addr->sa_family == AF_INET)
3949: {
3950: si = (struct sockaddr_in *)ifa->ifa_addr;
3951: if (si)
3952: break;
3953: }
3954: }
3955:
3956: if (ifa && si)
3957: {
3958: int error;
3959: #if __NetBSD_Version__ >= 103080000
3960: struct sockaddr_in new_sin = *si;
3961:
3962: new_sin.sin_addr.s_addr = htonl(src);
3963: error = in_ifinit(ifp, ifatoia(ifa), &new_sin, 1);
3964: if(debug && error)
3965: {
3966: log(LOG_DEBUG, SPP_FMT "sppp_set_ip_addr: in_ifinit "
3967: " failed, error=%d\n", SPP_ARGS(ifp), error);
3968: }
3969: #else
3970: /* delete old route */
3971: error = rtinit(ifa, (int)RTM_DELETE, RTF_HOST);
3972: if(debug && error)
3973: {
3974: log(LOG_DEBUG, SPP_FMT "sppp_set_ip_addr: rtinit DEL failed, error=%d\n",
3975: SPP_ARGS(ifp), error);
3976: }
3977:
3978: /* set new address */
3979: si->sin_addr.s_addr = htonl(src);
3980:
3981: /* add new route */
3982: error = rtinit(ifa, (int)RTM_ADD, RTF_HOST);
3983: if (debug && error)
3984: {
3985: log(LOG_DEBUG, SPP_FMT "sppp_set_ip_addr: rtinit ADD failed, error=%d",
3986: SPP_ARGS(ifp), error);
3987: }
3988: #endif
3989: }
3990: }
3991:
3992: static int
3993: sppp_params(struct sppp *sp, u_long cmd, void *data)
3994: {
3995: u_long subcmd;
3996: struct ifreq *ifr = (struct ifreq *)data;
3997: struct spppreq spr;
3998:
3999: /*
4000: * ifr->ifr_data is supposed to point to a struct spppreq.
4001: * Check the cmd word first before attempting to fetch all the
4002: * data.
4003: */
4004: if ((subcmd = fuword(ifr->ifr_data)) == -1)
4005: return EFAULT;
4006:
4007: if (copyin((caddr_t)ifr->ifr_data, &spr, sizeof spr) != 0)
4008: return EFAULT;
4009:
4010: switch (subcmd) {
4011: case SPPPIOGDEFS:
4012: if (cmd != SIOCGIFGENERIC)
4013: return EINVAL;
4014: /*
4015: * We copy over the entire current state, but clean
4016: * out some of the stuff we don't wanna pass up.
4017: * Remember, SIOCGIFGENERIC is unprotected, and can be
4018: * called by any user. No need to ever get PAP or
4019: * CHAP secrets back to userland anyway.
4020: */
4021: bcopy(sp, &spr.defs, sizeof(struct sppp));
4022: bzero(spr.defs.myauth.secret, AUTHKEYLEN);
4023: bzero(spr.defs.myauth.challenge, AUTHKEYLEN);
4024: bzero(spr.defs.hisauth.secret, AUTHKEYLEN);
4025: bzero(spr.defs.hisauth.challenge, AUTHKEYLEN);
4026: return copyout(&spr, (caddr_t)ifr->ifr_data, sizeof spr);
4027:
4028: case SPPPIOSDEFS:
4029: if (cmd != SIOCSIFGENERIC)
4030: return EINVAL;
4031: /*
4032: * We have a very specific idea of which fields we allow
4033: * being passed back from userland, so to not clobber our
4034: * current state. For one, we only allow setting
4035: * anything if LCP is in dead phase. Once the LCP
4036: * negotiations started, the authentication settings must
4037: * not be changed again. (The administrator can force an
4038: * ifconfig down in order to get LCP back into dead
4039: * phase.)
4040: *
4041: * Also, we only allow for authentication parameters to be
4042: * specified.
4043: *
4044: * XXX Should allow to set or clear pp_flags.
4045: *
4046: * Finally, if the respective authentication protocol to
4047: * be used is set differently than 0, but the secret is
4048: * passed as all zeros, we don't trash the existing secret.
4049: * This allows an administrator to change the system name
4050: * only without clobbering the secret (which he didn't get
4051: * back in a previous SPPPIOGDEFS call). However, the
4052: * secrets are cleared if the authentication protocol is
4053: * reset to 0.
4054: */
4055: if (sp->pp_phase != PHASE_DEAD)
4056: return EBUSY;
4057:
4058: if ((spr.defs.myauth.proto != 0 && spr.defs.myauth.proto != PPP_PAP &&
4059: spr.defs.myauth.proto != PPP_CHAP) ||
4060: (spr.defs.hisauth.proto != 0 && spr.defs.hisauth.proto != PPP_PAP &&
4061: spr.defs.hisauth.proto != PPP_CHAP))
4062: return EINVAL;
4063:
4064: if (spr.defs.myauth.proto == 0)
4065: /* resetting myauth */
4066: bzero(&sp->myauth, sizeof sp->myauth);
4067: else {
4068: /* setting/changing myauth */
4069: sp->myauth.proto = spr.defs.myauth.proto;
4070: bcopy(spr.defs.myauth.name, sp->myauth.name, AUTHNAMELEN);
4071: if (spr.defs.myauth.secret[0] != '\0')
4072: bcopy(spr.defs.myauth.secret, sp->myauth.secret,
4073: AUTHKEYLEN);
4074: }
4075: if (spr.defs.hisauth.proto == 0)
4076: /* resetting hisauth */
4077: bzero(&sp->hisauth, sizeof sp->hisauth);
4078: else {
4079: /* setting/changing hisauth */
4080: sp->hisauth.proto = spr.defs.hisauth.proto;
4081: sp->hisauth.flags = spr.defs.hisauth.flags;
4082: bcopy(spr.defs.hisauth.name, sp->hisauth.name, AUTHNAMELEN);
4083: if (spr.defs.hisauth.secret[0] != '\0')
4084: bcopy(spr.defs.hisauth.secret, sp->hisauth.secret,
4085: AUTHKEYLEN);
4086: }
4087: break;
4088:
4089: default:
4090: return EINVAL;
4091: }
4092:
4093: return 0;
4094: }
4095:
4096: static void
4097: sppp_phase_network(struct sppp *sp)
4098: {
4099: STDDCL;
4100: int i;
4101: u_long mask;
4102:
4103: sp->pp_phase = PHASE_NETWORK;
4104:
4105: if (debug)
4106: log(LOG_DEBUG, SPP_FMT "phase %s\n", SPP_ARGS(ifp),
4107: sppp_phase_name(sp->pp_phase));
4108:
4109: /* Notify NCPs now. */
4110: for (i = 0; i < IDX_COUNT; i++)
4111: if ((cps[i])->flags & CP_NCP)
4112: (cps[i])->Open(sp);
4113:
4114: /* Send Up events to all NCPs. */
4115: for (i = 0, mask = 1; i < IDX_COUNT; i++, mask <<= 1)
4116: if (sp->lcp.protos & mask && ((cps[i])->flags & CP_NCP))
4117: (cps[i])->Up(sp);
4118:
4119: /* if no NCP is starting, all this was in vain, close down */
4120: sppp_lcp_check_and_close(sp);
4121: }
4122:
4123:
4124: static const char *
4125: sppp_cp_type_name(u_char type)
4126: {
4127: static char buf[12];
4128: switch (type) {
4129: case CONF_REQ: return "conf-req";
4130: case CONF_ACK: return "conf-ack";
4131: case CONF_NAK: return "conf-nak";
4132: case CONF_REJ: return "conf-rej";
4133: case TERM_REQ: return "term-req";
4134: case TERM_ACK: return "term-ack";
4135: case CODE_REJ: return "code-rej";
4136: case PROTO_REJ: return "proto-rej";
4137: case ECHO_REQ: return "echo-req";
4138: case ECHO_REPLY: return "echo-reply";
4139: case DISC_REQ: return "discard-req";
4140: }
4141: snprintf (buf, sizeof(buf), "0x%x", type);
4142: return buf;
4143: }
4144:
4145: static const char *
4146: sppp_auth_type_name(u_short proto, u_char type)
4147: {
4148: static char buf[12];
4149: switch (proto) {
4150: case PPP_CHAP:
4151: switch (type) {
4152: case CHAP_CHALLENGE: return "challenge";
4153: case CHAP_RESPONSE: return "response";
4154: case CHAP_SUCCESS: return "success";
4155: case CHAP_FAILURE: return "failure";
4156: }
4157: case PPP_PAP:
4158: switch (type) {
4159: case PAP_REQ: return "req";
4160: case PAP_ACK: return "ack";
4161: case PAP_NAK: return "nak";
4162: }
4163: }
4164: snprintf (buf, sizeof(buf), "0x%x", type);
4165: return buf;
4166: }
4167:
4168: static const char *
4169: sppp_lcp_opt_name(u_char opt)
4170: {
4171: static char buf[12];
4172: switch (opt) {
4173: case LCP_OPT_MRU: return "mru";
4174: case LCP_OPT_ASYNC_MAP: return "async-map";
4175: case LCP_OPT_AUTH_PROTO: return "auth-proto";
4176: case LCP_OPT_QUAL_PROTO: return "qual-proto";
4177: case LCP_OPT_MAGIC: return "magic";
4178: case LCP_OPT_PROTO_COMP: return "proto-comp";
4179: case LCP_OPT_ADDR_COMP: return "addr-comp";
4180: }
4181: snprintf (buf, sizeof(buf), "0x%x", opt);
4182: return buf;
4183: }
4184:
4185: static const char *
4186: sppp_ipcp_opt_name(u_char opt)
4187: {
4188: static char buf[12];
4189: switch (opt) {
4190: case IPCP_OPT_ADDRESSES: return "addresses";
4191: case IPCP_OPT_COMPRESSION: return "compression";
4192: case IPCP_OPT_ADDRESS: return "address";
4193: }
4194: snprintf (buf, sizeof(buf), "0x%x", opt);
4195: return buf;
4196: }
4197:
4198: static const char *
4199: sppp_state_name(int state)
4200: {
4201: switch (state) {
4202: case STATE_INITIAL: return "initial";
4203: case STATE_STARTING: return "starting";
4204: case STATE_CLOSED: return "closed";
4205: case STATE_STOPPED: return "stopped";
4206: case STATE_CLOSING: return "closing";
4207: case STATE_STOPPING: return "stopping";
4208: case STATE_REQ_SENT: return "req-sent";
4209: case STATE_ACK_RCVD: return "ack-rcvd";
4210: case STATE_ACK_SENT: return "ack-sent";
4211: case STATE_OPENED: return "opened";
4212: }
4213: return "illegal";
4214: }
4215:
4216: static const char *
4217: sppp_phase_name(enum ppp_phase phase)
4218: {
4219: switch (phase) {
4220: case PHASE_DEAD: return "dead";
4221: case PHASE_ESTABLISH: return "establish";
4222: case PHASE_TERMINATE: return "terminate";
4223: case PHASE_AUTHENTICATE: return "authenticate";
4224: case PHASE_NETWORK: return "network";
4225: }
4226: return "illegal";
4227: }
4228:
4229: static const char *
4230: sppp_proto_name(u_short proto)
4231: {
4232: static char buf[12];
4233: switch (proto) {
4234: case PPP_LCP: return "lcp";
4235: case PPP_IPCP: return "ipcp";
4236: case PPP_PAP: return "pap";
4237: case PPP_CHAP: return "chap";
4238: }
4239: snprintf(buf, sizeof(buf), "0x%x", (unsigned)proto);
4240: return buf;
4241: }
4242:
4243: static void
4244: sppp_print_bytes(const u_char *p, u_short len)
4245: {
4246: addlog(" %02x", *p++);
4247: while (--len > 0)
4248: addlog("-%02x", *p++);
4249: }
4250:
4251: static void
4252: sppp_print_string(const char *p, u_short len)
4253: {
4254: u_char c;
4255:
4256: while (len-- > 0) {
4257: c = *p++;
4258: /*
4259: * Print only ASCII chars directly. RFC 1994 recommends
4260: * using only them, but we don't rely on it. */
4261: if (c < ' ' || c > '~')
4262: addlog("\\x%x", c);
4263: else
4264: addlog("%c", c);
4265: }
4266: }
4267:
4268: static const char *
4269: sppp_dotted_quad(u_long addr)
4270: {
4271: static char s[16];
4272: sprintf(s, "%d.%d.%d.%d",
4273: (int)((addr >> 24) & 0xff),
4274: (int)((addr >> 16) & 0xff),
4275: (int)((addr >> 8) & 0xff),
4276: (int)(addr & 0xff));
4277: return s;
4278: }
4279:
4280: static int
4281: sppp_strnlen(u_char *p, int max)
4282: {
4283: int len;
4284:
4285: for (len = 0; len < max && *p; ++p)
4286: ++len;
4287: return len;
4288: }
4289:
4290: /* a dummy, used to drop uninteresting events */
4291: static void
4292: sppp_null(struct sppp *unused)
4293: {
4294: /* do just nothing */
4295: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.