if_spppsubr.c (29681) | if_spppsubr.c (30300) |
---|---|
1/* 2 * Synchronous PPP/Cisco link level subroutines. 3 * Keepalive protocol implemented in both Cisco and PPP modes. 4 * | 1/* 2 * Synchronous PPP/Cisco link level subroutines. 3 * Keepalive protocol implemented in both Cisco and PPP modes. 4 * |
5 * Copyright (C) 1994 Cronyx Ltd. | 5 * Copyright (C) 1994-1996 Cronyx Engineering Ltd. |
6 * Author: Serge Vakulenko, <vak@cronyx.ru> 7 * 8 * Heavily revamped to conform to RFC 1661. 9 * Copyright (C) 1997, Joerg Wunsch. 10 * 11 * This software is distributed with NO WARRANTIES, not even the implied 12 * warranties for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 13 * 14 * Authors grant any other persons or organisations permission to use 15 * or modify this software as long as this message is kept with the software, 16 * all derivative works or modified versions. 17 * | 6 * Author: Serge Vakulenko, <vak@cronyx.ru> 7 * 8 * Heavily revamped to conform to RFC 1661. 9 * Copyright (C) 1997, Joerg Wunsch. 10 * 11 * This software is distributed with NO WARRANTIES, not even the implied 12 * warranties for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 13 * 14 * Authors grant any other persons or organisations permission to use 15 * or modify this software as long as this message is kept with the software, 16 * all derivative works or modified versions. 17 * |
18 * From: Version 1.9, Wed Oct 4 18:58:15 MSK 1995 | 18 * From: Version 2.4, Thu Apr 30 17:17:21 MSD 1997 |
19 * 20 * $Id: if_spppsubr.c,v 1.26 1997/09/02 01:18:37 bde Exp $ 21 */ 22 23#include <sys/param.h> 24#include <sys/systm.h> 25#include <sys/kernel.h> 26#include <sys/sockio.h> 27#include <sys/socket.h> 28#include <sys/syslog.h> 29#include <sys/malloc.h> 30#include <sys/mbuf.h> | 19 * 20 * $Id: if_spppsubr.c,v 1.26 1997/09/02 01:18:37 bde Exp $ 21 */ 22 23#include <sys/param.h> 24#include <sys/systm.h> 25#include <sys/kernel.h> 26#include <sys/sockio.h> 27#include <sys/socket.h> 28#include <sys/syslog.h> 29#include <sys/malloc.h> 30#include <sys/mbuf.h> |
31#include <sys/md5.h> |
|
31 32#include <net/if.h> 33#include <net/netisr.h> 34#include <net/if_types.h> 35 | 32 33#include <net/if.h> 34#include <net/netisr.h> 35#include <net/if_types.h> 36 |
37#include <machine/stdarg.h> 38 |
|
36#ifdef INET 37#include <netinet/in.h> 38#include <netinet/in_systm.h> 39#include <netinet/in_var.h> 40#include <netinet/ip.h> 41#include <netinet/tcp.h> 42#include <netinet/if_ether.h> 43#endif --- 24 unchanged lines hidden (view full) --- 68 * 69 * Setting link0 will make the link passive, i.e. it will be marked 70 * as being administrative openable, but won't be opened to begin 71 * with. Incoming calls will be answered, or subsequent calls with 72 * -link1 will cause the administrative open of the LCP layer. 73 * 74 * Setting link1 will cause the link to auto-dial only as packets 75 * arrive to be sent. | 39#ifdef INET 40#include <netinet/in.h> 41#include <netinet/in_systm.h> 42#include <netinet/in_var.h> 43#include <netinet/ip.h> 44#include <netinet/tcp.h> 45#include <netinet/if_ether.h> 46#endif --- 24 unchanged lines hidden (view full) --- 71 * 72 * Setting link0 will make the link passive, i.e. it will be marked 73 * as being administrative openable, but won't be opened to begin 74 * with. Incoming calls will be answered, or subsequent calls with 75 * -link1 will cause the administrative open of the LCP layer. 76 * 77 * Setting link1 will cause the link to auto-dial only as packets 78 * arrive to be sent. |
79 * 80 * Setting IFF_DEBUG will syslog the option negotiation and state 81 * transitions at level kern.debug. Note: all logs consistently look 82 * like 83 * 84 * <if-name><unit>: <proto-name> <additional info...> 85 * 86 * with <if-name><unit> being something like "bppp0", and <proto-name> 87 * being one of "lcp", "ipcp", "cisco", "chap", "pap", etc. |
|
76 */ 77 78#define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 79#define IFF_AUTO IFF_LINK1 /* auto-dial on output */ 80 | 88 */ 89 90#define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 91#define IFF_AUTO IFF_LINK1 /* auto-dial on output */ 92 |
81#define PPP_ALLSTATIONS 0xff /* All-Stations broadcast address */ 82#define PPP_UI 0x03 /* Unnumbered Information */ 83#define PPP_IP 0x0021 /* Internet Protocol */ 84#define PPP_ISO 0x0023 /* ISO OSI Protocol */ 85#define PPP_XNS 0x0025 /* Xerox NS Protocol */ 86#define PPP_IPX 0x002b /* Novell IPX Protocol */ 87#define PPP_LCP 0xc021 /* Link Control Protocol */ 88#define PPP_IPCP 0x8021 /* Internet Protocol Control Protocol */ | 93#define PPP_ALLSTATIONS 0xff /* All-Stations broadcast address */ 94#define PPP_UI 0x03 /* Unnumbered Information */ 95#define PPP_IP 0x0021 /* Internet Protocol */ 96#define PPP_ISO 0x0023 /* ISO OSI Protocol */ 97#define PPP_XNS 0x0025 /* Xerox NS Protocol */ 98#define PPP_IPX 0x002b /* Novell IPX Protocol */ 99#define PPP_LCP 0xc021 /* Link Control Protocol */ 100#define PPP_PAP 0xc023 /* Password Authentication Protocol */ 101#define PPP_CHAP 0xc223 /* Challenge-Handshake Auth Protocol */ 102#define PPP_IPCP 0x8021 /* Internet Protocol Control Protocol */ |
89 90#define CONF_REQ 1 /* PPP configure request */ 91#define CONF_ACK 2 /* PPP configure acknowledge */ 92#define CONF_NAK 3 /* PPP configure negative ack */ 93#define CONF_REJ 4 /* PPP configure reject */ 94#define TERM_REQ 5 /* PPP terminate request */ 95#define TERM_ACK 6 /* PPP terminate acknowledge */ 96#define CODE_REJ 7 /* PPP code reject */ 97#define PROTO_REJ 8 /* PPP protocol reject */ 98#define ECHO_REQ 9 /* PPP echo request */ 99#define ECHO_REPLY 10 /* PPP echo reply */ 100#define DISC_REQ 11 /* PPP discard request */ 101 | 103 104#define CONF_REQ 1 /* PPP configure request */ 105#define CONF_ACK 2 /* PPP configure acknowledge */ 106#define CONF_NAK 3 /* PPP configure negative ack */ 107#define CONF_REJ 4 /* PPP configure reject */ 108#define TERM_REQ 5 /* PPP terminate request */ 109#define TERM_ACK 6 /* PPP terminate acknowledge */ 110#define CODE_REJ 7 /* PPP code reject */ 111#define PROTO_REJ 8 /* PPP protocol reject */ 112#define ECHO_REQ 9 /* PPP echo request */ 113#define ECHO_REPLY 10 /* PPP echo reply */ 114#define DISC_REQ 11 /* PPP discard request */ 115 |
102#define LCP_OPT_MRU 1 /* maximum receive unit */ 103#define LCP_OPT_ASYNC_MAP 2 /* async control character map */ 104#define LCP_OPT_AUTH_PROTO 3 /* authentication protocol */ 105#define LCP_OPT_QUAL_PROTO 4 /* quality protocol */ 106#define LCP_OPT_MAGIC 5 /* magic number */ 107#define LCP_OPT_RESERVED 6 /* reserved */ 108#define LCP_OPT_PROTO_COMP 7 /* protocol field compression */ 109#define LCP_OPT_ADDR_COMP 8 /* address/control field compression */ | 116#define LCP_OPT_MRU 1 /* maximum receive unit */ 117#define LCP_OPT_ASYNC_MAP 2 /* async control character map */ 118#define LCP_OPT_AUTH_PROTO 3 /* authentication protocol */ 119#define LCP_OPT_QUAL_PROTO 4 /* quality protocol */ 120#define LCP_OPT_MAGIC 5 /* magic number */ 121#define LCP_OPT_RESERVED 6 /* reserved */ 122#define LCP_OPT_PROTO_COMP 7 /* protocol field compression */ 123#define LCP_OPT_ADDR_COMP 8 /* address/control field compression */ |
110 111#define IPCP_OPT_ADDRESSES 1 /* both IP addresses; deprecated */ 112#define IPCP_OPT_COMPRESSION 2 /* IP compression protocol (VJ) */ 113#define IPCP_OPT_ADDRESS 3 /* local IP address */ 114 | 124 125#define IPCP_OPT_ADDRESSES 1 /* both IP addresses; deprecated */ 126#define IPCP_OPT_COMPRESSION 2 /* IP compression protocol (VJ) */ 127#define IPCP_OPT_ADDRESS 3 /* local IP address */ 128 |
115#define CISCO_MULTICAST 0x8f /* Cisco multicast address */ 116#define CISCO_UNICAST 0x0f /* Cisco unicast address */ 117#define CISCO_KEEPALIVE 0x8035 /* Cisco keepalive protocol */ 118#define CISCO_ADDR_REQ 0 /* Cisco address request */ 119#define CISCO_ADDR_REPLY 1 /* Cisco address reply */ 120#define CISCO_KEEPALIVE_REQ 2 /* Cisco keepalive request */ | 129#define PAP_REQ 1 /* PAP name/password request */ 130#define PAP_ACK 2 /* PAP acknowledge */ 131#define PAP_NAK 3 /* PAP fail */ |
121 | 132 |
133#define CHAP_CHALLENGE 1 /* CHAP challenge request */ 134#define CHAP_RESPONSE 2 /* CHAP challenge response */ 135#define CHAP_SUCCESS 3 /* CHAP response ok */ 136#define CHAP_FAILURE 4 /* CHAP response failed */ 137 138#define CHAP_MD5 5 /* hash algorithm - MD5 */ 139 140#define CISCO_MULTICAST 0x8f /* Cisco multicast address */ 141#define CISCO_UNICAST 0x0f /* Cisco unicast address */ 142#define CISCO_KEEPALIVE 0x8035 /* Cisco keepalive protocol */ 143#define CISCO_ADDR_REQ 0 /* Cisco address request */ 144#define CISCO_ADDR_REPLY 1 /* Cisco address reply */ 145#define CISCO_KEEPALIVE_REQ 2 /* Cisco keepalive request */ 146 |
|
122/* states are named and numbered according to RFC 1661 */ 123#define STATE_INITIAL 0 124#define STATE_STARTING 1 125#define STATE_CLOSED 2 126#define STATE_STOPPED 3 127#define STATE_CLOSING 4 128#define STATE_STOPPING 5 129#define STATE_REQ_SENT 6 --- 53 unchanged lines hidden (view full) --- 183 void (*tlu)(struct sppp *sp); 184 void (*tld)(struct sppp *sp); 185 void (*tls)(struct sppp *sp); 186 void (*tlf)(struct sppp *sp); 187 void (*scr)(struct sppp *sp); 188}; 189 190static struct sppp *spppq; | 147/* states are named and numbered according to RFC 1661 */ 148#define STATE_INITIAL 0 149#define STATE_STARTING 1 150#define STATE_CLOSED 2 151#define STATE_STOPPED 3 152#define STATE_CLOSING 4 153#define STATE_STOPPING 5 154#define STATE_REQ_SENT 6 --- 53 unchanged lines hidden (view full) --- 208 void (*tlu)(struct sppp *sp); 209 void (*tld)(struct sppp *sp); 210 void (*tls)(struct sppp *sp); 211 void (*tlf)(struct sppp *sp); 212 void (*scr)(struct sppp *sp); 213}; 214 215static struct sppp *spppq; |
216static struct callout_handle keepalive_ch; |
|
191 192/* 193 * The following disgusting hack gets around the problem that IP TOS 194 * can't be set yet. We want to put "interactive" traffic on a high 195 * priority queue. To decide if traffic is interactive, we check that 196 * a) it is TCP and b) one of its ports is telnet, rlogin or ftp control. | 217 218/* 219 * The following disgusting hack gets around the problem that IP TOS 220 * can't be set yet. We want to put "interactive" traffic on a high 221 * priority queue. To decide if traffic is interactive, we check that 222 * a) it is TCP and b) one of its ports is telnet, rlogin or ftp control. |
223 * 224 * XXX is this really still necessary? - joerg - |
|
197 */ 198static u_short interactive_ports[8] = { 199 0, 513, 0, 0, 200 0, 21, 0, 23, 201}; 202#define INTERACTIVE(p) (interactive_ports[(p) & 7] == (p)) 203 204/* almost every function needs these */ 205#define STDDCL \ 206 struct ifnet *ifp = &sp->pp_if; \ 207 int debug = ifp->if_flags & IFF_DEBUG 208 | 225 */ 226static u_short interactive_ports[8] = { 227 0, 513, 0, 0, 228 0, 21, 0, 23, 229}; 230#define INTERACTIVE(p) (interactive_ports[(p) & 7] == (p)) 231 232/* almost every function needs these */ 233#define STDDCL \ 234 struct ifnet *ifp = &sp->pp_if; \ 235 int debug = ifp->if_flags & IFF_DEBUG 236 |
209static int sppp_output(struct ifnet *ifp, struct mbuf *m, | 237static int sppp_output(struct ifnet *ifp, struct mbuf *m, |
210 struct sockaddr *dst, struct rtentry *rt); 211 212static void sppp_cisco_send(struct sppp *sp, int type, long par1, long par2); 213static void sppp_cisco_input(struct sppp *sp, struct mbuf *m); 214 215static void sppp_cp_input(const struct cp *cp, struct sppp *sp, 216 struct mbuf *m); 217static void sppp_cp_send(struct sppp *sp, u_short proto, u_char type, 218 u_char ident, u_short len, void *data); 219static void sppp_cp_timeout(void *arg); 220static void sppp_cp_change_state(const struct cp *cp, struct sppp *sp, 221 int newstate); | 238 struct sockaddr *dst, struct rtentry *rt); 239 240static void sppp_cisco_send(struct sppp *sp, int type, long par1, long par2); 241static void sppp_cisco_input(struct sppp *sp, struct mbuf *m); 242 243static void sppp_cp_input(const struct cp *cp, struct sppp *sp, 244 struct mbuf *m); 245static void sppp_cp_send(struct sppp *sp, u_short proto, u_char type, 246 u_char ident, u_short len, void *data); 247static void sppp_cp_timeout(void *arg); 248static void sppp_cp_change_state(const struct cp *cp, struct sppp *sp, 249 int newstate); |
250static void sppp_auth_send(const struct cp *cp, 251 struct sppp *sp, u_char type, u_char id, 252 ...); |
|
222 223static void sppp_up_event(const struct cp *cp, struct sppp *sp); 224static void sppp_down_event(const struct cp *cp, struct sppp *sp); 225static void sppp_open_event(const struct cp *cp, struct sppp *sp); 226static void sppp_close_event(const struct cp *cp, struct sppp *sp); 227static void sppp_to_event(const struct cp *cp, struct sppp *sp); 228 | 253 254static void sppp_up_event(const struct cp *cp, struct sppp *sp); 255static void sppp_down_event(const struct cp *cp, struct sppp *sp); 256static void sppp_open_event(const struct cp *cp, struct sppp *sp); 257static void sppp_close_event(const struct cp *cp, struct sppp *sp); 258static void sppp_to_event(const struct cp *cp, struct sppp *sp); 259 |
260static void sppp_null(struct sppp *sp); 261 |
|
229static void sppp_lcp_init(struct sppp *sp); 230static void sppp_lcp_up(struct sppp *sp); 231static void sppp_lcp_down(struct sppp *sp); 232static void sppp_lcp_open(struct sppp *sp); 233static void sppp_lcp_close(struct sppp *sp); 234static void sppp_lcp_TO(void *sp); 235static int sppp_lcp_RCR(struct sppp *sp, struct lcp_header *h, int len); 236static void sppp_lcp_RCN_rej(struct sppp *sp, struct lcp_header *h, int len); 237static void sppp_lcp_RCN_nak(struct sppp *sp, struct lcp_header *h, int len); 238static void sppp_lcp_tlu(struct sppp *sp); 239static void sppp_lcp_tld(struct sppp *sp); 240static void sppp_lcp_tls(struct sppp *sp); 241static void sppp_lcp_tlf(struct sppp *sp); 242static void sppp_lcp_scr(struct sppp *sp); | 262static void sppp_lcp_init(struct sppp *sp); 263static void sppp_lcp_up(struct sppp *sp); 264static void sppp_lcp_down(struct sppp *sp); 265static void sppp_lcp_open(struct sppp *sp); 266static void sppp_lcp_close(struct sppp *sp); 267static void sppp_lcp_TO(void *sp); 268static int sppp_lcp_RCR(struct sppp *sp, struct lcp_header *h, int len); 269static void sppp_lcp_RCN_rej(struct sppp *sp, struct lcp_header *h, int len); 270static void sppp_lcp_RCN_nak(struct sppp *sp, struct lcp_header *h, int len); 271static void sppp_lcp_tlu(struct sppp *sp); 272static void sppp_lcp_tld(struct sppp *sp); 273static void sppp_lcp_tls(struct sppp *sp); 274static void sppp_lcp_tlf(struct sppp *sp); 275static void sppp_lcp_scr(struct sppp *sp); |
243static void sppp_lcp_check(struct sppp *sp); | 276static void sppp_lcp_check_and_close(struct sppp *sp); 277static int sppp_ncp_check(struct sppp *sp); |
244 245static void sppp_ipcp_init(struct sppp *sp); 246static void sppp_ipcp_up(struct sppp *sp); 247static void sppp_ipcp_down(struct sppp *sp); 248static void sppp_ipcp_open(struct sppp *sp); 249static void sppp_ipcp_close(struct sppp *sp); 250static void sppp_ipcp_TO(void *sp); 251static int sppp_ipcp_RCR(struct sppp *sp, struct lcp_header *h, int len); 252static void sppp_ipcp_RCN_rej(struct sppp *sp, struct lcp_header *h, int len); 253static void sppp_ipcp_RCN_nak(struct sppp *sp, struct lcp_header *h, int len); 254static void sppp_ipcp_tlu(struct sppp *sp); 255static void sppp_ipcp_tld(struct sppp *sp); 256static void sppp_ipcp_tls(struct sppp *sp); 257static void sppp_ipcp_tlf(struct sppp *sp); 258static void sppp_ipcp_scr(struct sppp *sp); 259 | 278 279static void sppp_ipcp_init(struct sppp *sp); 280static void sppp_ipcp_up(struct sppp *sp); 281static void sppp_ipcp_down(struct sppp *sp); 282static void sppp_ipcp_open(struct sppp *sp); 283static void sppp_ipcp_close(struct sppp *sp); 284static void sppp_ipcp_TO(void *sp); 285static int sppp_ipcp_RCR(struct sppp *sp, struct lcp_header *h, int len); 286static void sppp_ipcp_RCN_rej(struct sppp *sp, struct lcp_header *h, int len); 287static void sppp_ipcp_RCN_nak(struct sppp *sp, struct lcp_header *h, int len); 288static void sppp_ipcp_tlu(struct sppp *sp); 289static void sppp_ipcp_tld(struct sppp *sp); 290static void sppp_ipcp_tls(struct sppp *sp); 291static void sppp_ipcp_tlf(struct sppp *sp); 292static void sppp_ipcp_scr(struct sppp *sp); 293 |
294static void sppp_pap_input(struct sppp *sp, struct mbuf *m); 295static void sppp_pap_init(struct sppp *sp); 296static void sppp_pap_open(struct sppp *sp); 297static void sppp_pap_close(struct sppp *sp); 298static void sppp_pap_TO(void *sp); 299static void sppp_pap_my_TO(void *sp); 300static void sppp_pap_tlu(struct sppp *sp); 301static void sppp_pap_tld(struct sppp *sp); 302static void sppp_pap_scr(struct sppp *sp); 303 304static void sppp_chap_input(struct sppp *sp, struct mbuf *m); 305static void sppp_chap_init(struct sppp *sp); 306static void sppp_chap_open(struct sppp *sp); 307static void sppp_chap_close(struct sppp *sp); 308static void sppp_chap_TO(void *sp); 309static void sppp_chap_tlu(struct sppp *sp); 310static void sppp_chap_tld(struct sppp *sp); 311static void sppp_chap_scr(struct sppp *sp); 312 313static const char *sppp_auth_type_name(u_short proto, u_char type); |
|
260static const char *sppp_cp_type_name(u_char type); | 314static const char *sppp_cp_type_name(u_char type); |
261static const char *sppp_lcp_opt_name(u_char opt); | 315static const char *sppp_dotted_quad(u_long addr); |
262static const char *sppp_ipcp_opt_name(u_char opt); | 316static const char *sppp_ipcp_opt_name(u_char opt); |
263static const char *sppp_state_name(int state); | 317static const char *sppp_lcp_opt_name(u_char opt); |
264static const char *sppp_phase_name(enum ppp_phase phase); 265static const char *sppp_proto_name(u_short proto); | 318static const char *sppp_phase_name(enum ppp_phase phase); 319static const char *sppp_proto_name(u_short proto); |
266 | 320static const char *sppp_state_name(int state); 321static int sppp_params(struct sppp *sp, int cmd, void *data); 322static int sppp_strnlen(u_char *p, int max); 323static void sppp_get_ip_addrs(struct sppp *sp, u_long *src, u_long *dst, 324 u_long *srcmask); |
267static void sppp_keepalive(void *dummy); | 325static void sppp_keepalive(void *dummy); |
268static struct callout_handle keepalive_ch; | 326static void sppp_phase_network(struct sppp *sp); 327static void sppp_print_bytes(const u_char *p, u_short len); 328static void sppp_print_string(const char *p, u_short len); |
269static void sppp_qflush(struct ifqueue *ifq); | 329static void sppp_qflush(struct ifqueue *ifq); |
270 271static void sppp_get_ip_addrs(struct sppp *sp, u_long *src, u_long *dst); | |
272static void sppp_set_ip_addr(struct sppp *sp, u_long src); 273 | 330static void sppp_set_ip_addr(struct sppp *sp, u_long src); 331 |
274static void sppp_print_bytes(u_char *p, u_short len); 275 | |
276/* our control protocol descriptors */ 277const struct cp lcp = { 278 PPP_LCP, IDX_LCP, CP_LCP, "lcp", 279 sppp_lcp_up, sppp_lcp_down, sppp_lcp_open, sppp_lcp_close, 280 sppp_lcp_TO, sppp_lcp_RCR, sppp_lcp_RCN_rej, sppp_lcp_RCN_nak, 281 sppp_lcp_tlu, sppp_lcp_tld, sppp_lcp_tls, sppp_lcp_tlf, 282 sppp_lcp_scr 283}; 284 285const struct cp ipcp = { 286 PPP_IPCP, IDX_IPCP, CP_NCP, "ipcp", 287 sppp_ipcp_up, sppp_ipcp_down, sppp_ipcp_open, sppp_ipcp_close, 288 sppp_ipcp_TO, sppp_ipcp_RCR, sppp_ipcp_RCN_rej, sppp_ipcp_RCN_nak, 289 sppp_ipcp_tlu, sppp_ipcp_tld, sppp_ipcp_tls, sppp_ipcp_tlf, 290 sppp_ipcp_scr 291}; 292 | 332/* our control protocol descriptors */ 333const struct cp lcp = { 334 PPP_LCP, IDX_LCP, CP_LCP, "lcp", 335 sppp_lcp_up, sppp_lcp_down, sppp_lcp_open, sppp_lcp_close, 336 sppp_lcp_TO, sppp_lcp_RCR, sppp_lcp_RCN_rej, sppp_lcp_RCN_nak, 337 sppp_lcp_tlu, sppp_lcp_tld, sppp_lcp_tls, sppp_lcp_tlf, 338 sppp_lcp_scr 339}; 340 341const struct cp ipcp = { 342 PPP_IPCP, IDX_IPCP, CP_NCP, "ipcp", 343 sppp_ipcp_up, sppp_ipcp_down, sppp_ipcp_open, sppp_ipcp_close, 344 sppp_ipcp_TO, sppp_ipcp_RCR, sppp_ipcp_RCN_rej, sppp_ipcp_RCN_nak, 345 sppp_ipcp_tlu, sppp_ipcp_tld, sppp_ipcp_tls, sppp_ipcp_tlf, 346 sppp_ipcp_scr 347}; 348 |
349const struct cp pap = { 350 PPP_PAP, IDX_PAP, CP_AUTH, "pap", 351 sppp_null, sppp_null, sppp_pap_open, sppp_pap_close, 352 sppp_pap_TO, 0, 0, 0, 353 sppp_pap_tlu, sppp_pap_tld, sppp_null, sppp_null, 354 sppp_pap_scr 355}; 356 357const struct cp chap = { 358 PPP_CHAP, IDX_CHAP, CP_AUTH, "chap", 359 sppp_null, sppp_null, sppp_chap_open, sppp_chap_close, 360 sppp_chap_TO, 0, 0, 0, 361 sppp_chap_tlu, sppp_chap_tld, sppp_null, sppp_null, 362 sppp_chap_scr 363}; 364 |
|
293const struct cp *cps[IDX_COUNT] = { 294 &lcp, /* IDX_LCP */ 295 &ipcp, /* IDX_IPCP */ | 365const struct cp *cps[IDX_COUNT] = { 366 &lcp, /* IDX_LCP */ 367 &ipcp, /* IDX_IPCP */ |
368 &pap, /* IDX_PAP */ 369 &chap, /* IDX_CHAP */ |
|
296}; 297 298 299/* 300 * Exported functions, comprising our interface to the lower layer. 301 */ 302 303/* --- 52 unchanged lines hidden (view full) --- 356 log(LOG_DEBUG, 357 "%s%d: invalid input protocol " 358 "<addr=0x%x ctrl=0x%x proto=0x%x>\n", 359 ifp->if_name, ifp->if_unit, 360 h->address, h->control, ntohs(h->protocol)); 361 ++ifp->if_noproto; 362 goto drop; 363 case PPP_LCP: | 370}; 371 372 373/* 374 * Exported functions, comprising our interface to the lower layer. 375 */ 376 377/* --- 52 unchanged lines hidden (view full) --- 430 log(LOG_DEBUG, 431 "%s%d: invalid input protocol " 432 "<addr=0x%x ctrl=0x%x proto=0x%x>\n", 433 ifp->if_name, ifp->if_unit, 434 h->address, h->control, ntohs(h->protocol)); 435 ++ifp->if_noproto; 436 goto drop; 437 case PPP_LCP: |
364 sppp_cp_input(&lcp, (struct sppp*)ifp, m); | 438 sppp_cp_input(&lcp, sp, m); |
365 m_freem (m); 366 return; | 439 m_freem (m); 440 return; |
441 case PPP_PAP: 442 if (sp->pp_phase >= PHASE_AUTHENTICATE) 443 sppp_pap_input(sp, m); 444 m_freem (m); 445 return; 446 case PPP_CHAP: 447 if (sp->pp_phase >= PHASE_AUTHENTICATE) 448 sppp_chap_input(sp, m); 449 m_freem (m); 450 return; |
|
367#ifdef INET 368 case PPP_IPCP: 369 if (sp->pp_phase == PHASE_NETWORK) | 451#ifdef INET 452 case PPP_IPCP: 453 if (sp->pp_phase == PHASE_NETWORK) |
370 sppp_cp_input(&ipcp, (struct sppp*) ifp, m); | 454 sppp_cp_input(&ipcp, sp, m); |
371 m_freem (m); 372 return; 373 case PPP_IP: 374 if (sp->state[IDX_IPCP] == STATE_OPENED) { 375 schednetisr (NETISR_IP); 376 inq = &ipintrq; 377 } 378 break; --- 244 unchanged lines hidden (view full) --- 623 624void 625sppp_attach(struct ifnet *ifp) 626{ 627 struct sppp *sp = (struct sppp*) ifp; 628 629 /* Initialize keepalive handler. */ 630 if (! spppq) | 455 m_freem (m); 456 return; 457 case PPP_IP: 458 if (sp->state[IDX_IPCP] == STATE_OPENED) { 459 schednetisr (NETISR_IP); 460 inq = &ipintrq; 461 } 462 break; --- 244 unchanged lines hidden (view full) --- 707 708void 709sppp_attach(struct ifnet *ifp) 710{ 711 struct sppp *sp = (struct sppp*) ifp; 712 713 /* Initialize keepalive handler. */ 714 if (! spppq) |
631 keepalive_ch = timeout (sppp_keepalive, 0, hz * 10); | 715 keepalive_ch = timeout(sppp_keepalive, 0, hz * 10); |
632 633 /* Insert new entry into the keepalive list. */ 634 sp->pp_next = spppq; 635 spppq = sp; 636 637 sp->pp_if.if_type = IFT_PPP; 638 sp->pp_if.if_output = sppp_output; 639 sp->pp_fastq.ifq_maxlen = 32; 640 sp->pp_cpq.ifq_maxlen = 20; 641 sp->pp_loopcnt = 0; 642 sp->pp_alivecnt = 0; 643 sp->pp_seq = 0; 644 sp->pp_rseq = 0; 645 sp->pp_phase = PHASE_DEAD; 646 sp->pp_up = lcp.Up; 647 sp->pp_down = lcp.Down; 648 649 sppp_lcp_init(sp); 650 sppp_ipcp_init(sp); | 716 717 /* Insert new entry into the keepalive list. */ 718 sp->pp_next = spppq; 719 spppq = sp; 720 721 sp->pp_if.if_type = IFT_PPP; 722 sp->pp_if.if_output = sppp_output; 723 sp->pp_fastq.ifq_maxlen = 32; 724 sp->pp_cpq.ifq_maxlen = 20; 725 sp->pp_loopcnt = 0; 726 sp->pp_alivecnt = 0; 727 sp->pp_seq = 0; 728 sp->pp_rseq = 0; 729 sp->pp_phase = PHASE_DEAD; 730 sp->pp_up = lcp.Up; 731 sp->pp_down = lcp.Down; 732 733 sppp_lcp_init(sp); 734 sppp_ipcp_init(sp); |
735 sppp_pap_init(sp); 736 sppp_chap_init(sp); |
|
651} 652 | 737} 738 |
653void | 739void |
654sppp_detach(struct ifnet *ifp) 655{ 656 struct sppp **q, *p, *sp = (struct sppp*) ifp; 657 int i; 658 659 /* Remove the entry from the keepalive list. */ 660 for (q = &spppq; (p = *q); q = &p->pp_next) 661 if (p == sp) { 662 *q = p->pp_next; 663 break; 664 } 665 666 /* Stop keepalive handler. */ 667 if (! spppq) | 740sppp_detach(struct ifnet *ifp) 741{ 742 struct sppp **q, *p, *sp = (struct sppp*) ifp; 743 int i; 744 745 /* Remove the entry from the keepalive list. */ 746 for (q = &spppq; (p = *q); q = &p->pp_next) 747 if (p == sp) { 748 *q = p->pp_next; 749 break; 750 } 751 752 /* Stop keepalive handler. */ 753 if (! spppq) |
668 untimeout (sppp_keepalive, 0, keepalive_ch); | 754 untimeout(sppp_keepalive, 0, keepalive_ch); |
669 670 for (i = 0; i < IDX_COUNT; i++) 671 untimeout((cps[i])->TO, (void *)sp, sp->ch[i]); | 755 756 for (i = 0; i < IDX_COUNT; i++) 757 untimeout((cps[i])->TO, (void *)sp, sp->ch[i]); |
758 untimeout(sppp_pap_my_TO, (void *)sp, sp->pap_my_to_ch); |
|
672} 673 674/* 675 * Flush the interface output queue. 676 */ 677void 678sppp_flush(struct ifnet *ifp) 679{ --- 27 unchanged lines hidden (view full) --- 707sppp_dequeue(struct ifnet *ifp) 708{ 709 struct sppp *sp = (struct sppp*) ifp; 710 struct mbuf *m; 711 int s; 712 713 s = splimp(); 714 /* | 759} 760 761/* 762 * Flush the interface output queue. 763 */ 764void 765sppp_flush(struct ifnet *ifp) 766{ --- 27 unchanged lines hidden (view full) --- 794sppp_dequeue(struct ifnet *ifp) 795{ 796 struct sppp *sp = (struct sppp*) ifp; 797 struct mbuf *m; 798 int s; 799 800 s = splimp(); 801 /* |
715 * Process only the control protocol queue until we are in 716 * network phase. | 802 * Process only the control protocol queue until we have at 803 * least one NCP open. |
717 * | 804 * |
718 * XXX Network phase itself is still not a sufficient test, we 719 * normally should keep a separate queue for each supported 720 * protocol family, and only serve these queues as the 721 * respective NCPs were opened. The simplistic logic used 722 * here might cause some loss of network traffic while the 723 * NCPs are being negotiated, in particular if the NCPs take a 724 * long time to negotiate. 725 * | |
726 * Do always serve all three queues in Cisco mode. 727 */ 728 IF_DEQUEUE(&sp->pp_cpq, m); 729 if (m == NULL && | 805 * Do always serve all three queues in Cisco mode. 806 */ 807 IF_DEQUEUE(&sp->pp_cpq, m); 808 if (m == NULL && |
730 (sp->pp_phase == PHASE_NETWORK || 731 (sp->pp_flags & PP_CISCO) != 0)) { | 809 (sppp_ncp_check(sp) || (sp->pp_flags & PP_CISCO) != 0)) { |
732 IF_DEQUEUE(&sp->pp_fastq, m); 733 if (m == NULL) 734 IF_DEQUEUE (&sp->pp_if.if_snd, m); 735 } 736 splx(s); 737 return m; 738} 739 740/* | 810 IF_DEQUEUE(&sp->pp_fastq, m); 811 if (m == NULL) 812 IF_DEQUEUE (&sp->pp_if.if_snd, m); 813 } 814 splx(s); 815 return m; 816} 817 818/* |
819 * Pick the next packet, do not remove it from the queue. 820 */ 821struct mbuf * 822sppp_pick(struct ifnet *ifp) 823{ 824 struct sppp *sp = (struct sppp*)ifp; 825 struct mbuf *m; 826 int s; 827 828 s= splimp (); 829 830 m = sp->pp_cpq.ifq_head; 831 if (m == NULL && 832 (sp->pp_phase == PHASE_NETWORK || 833 (sp->pp_flags & PP_CISCO) != 0)) 834 if ((m = sp->pp_fastq.ifq_head) == NULL) 835 m = sp->pp_if.if_snd.ifq_head; 836 splx (s); 837 return (m); 838} 839 840/* |
|
741 * Process an ioctl request. Called on low priority level. 742 */ 743int 744sppp_ioctl(struct ifnet *ifp, int cmd, void *data) 745{ 746 struct ifreq *ifr = (struct ifreq*) data; 747 struct sppp *sp = (struct sppp*) ifp; | 841 * Process an ioctl request. Called on low priority level. 842 */ 843int 844sppp_ioctl(struct ifnet *ifp, int cmd, void *data) 845{ 846 struct ifreq *ifr = (struct ifreq*) data; 847 struct sppp *sp = (struct sppp*) ifp; |
748 int s, going_up, going_down, newmode; | 848 int s, rv, going_up, going_down, newmode; |
749 750 s = splimp(); | 849 850 s = splimp(); |
851 rv = 0; |
|
751 switch (cmd) { 752 case SIOCAIFADDR: 753 case SIOCSIFDSTADDR: 754 break; 755 756 case SIOCSIFADDR: 757 if_up(ifp); 758 /* fall through... */ --- 50 unchanged lines hidden (view full) --- 809 case SLIOCGETMTU: 810 *(short*)data = ifp->if_mtu; 811 break; 812#endif 813 case SIOCADDMULTI: 814 case SIOCDELMULTI: 815 break; 816 | 852 switch (cmd) { 853 case SIOCAIFADDR: 854 case SIOCSIFDSTADDR: 855 break; 856 857 case SIOCSIFADDR: 858 if_up(ifp); 859 /* fall through... */ --- 50 unchanged lines hidden (view full) --- 910 case SLIOCGETMTU: 911 *(short*)data = ifp->if_mtu; 912 break; 913#endif 914 case SIOCADDMULTI: 915 case SIOCDELMULTI: 916 break; 917 |
918 case SIOCGIFGENERIC: 919 case SIOCSIFGENERIC: 920 rv = sppp_params(sp, cmd, data); 921 break; 922 |
|
817 default: | 923 default: |
818 splx(s); 819 return (ENOTTY); | 924 rv = ENOTTY; |
820 } 821 splx(s); | 925 } 926 splx(s); |
822 return (0); | 927 return rv; |
823} 824 825 826/* 827 * Cisco framing implementation. 828 */ 829 830/* 831 * Handle incoming Cisco keepalive protocol packets. 832 */ | 928} 929 930 931/* 932 * Cisco framing implementation. 933 */ 934 935/* 936 * Handle incoming Cisco keepalive protocol packets. 937 */ |
833static void | 938static void |
834sppp_cisco_input(struct sppp *sp, struct mbuf *m) 835{ 836 STDDCL; 837 struct cisco_packet *h; | 939sppp_cisco_input(struct sppp *sp, struct mbuf *m) 940{ 941 STDDCL; 942 struct cisco_packet *h; |
838 struct ifaddr *ifa; | 943 u_long me, mymask; |
839 840 if (m->m_pkthdr.len < CISCO_PACKET_LEN) { 841 if (debug) 842 log(LOG_DEBUG, | 944 945 if (m->m_pkthdr.len < CISCO_PACKET_LEN) { 946 if (debug) 947 log(LOG_DEBUG, |
843 "%s%d: invalid cisco packet length: %d bytes\n", | 948 "%s%d: cisco invalid packet length: %d bytes\n", |
844 ifp->if_name, ifp->if_unit, m->m_pkthdr.len); 845 return; 846 } 847 h = mtod (m, struct cisco_packet*); 848 if (debug) 849 log(LOG_DEBUG, 850 "%s%d: cisco input: %d bytes " 851 "<0x%lx 0x%lx 0x%lx 0x%x 0x%x-0x%x>\n", 852 ifp->if_name, ifp->if_unit, m->m_pkthdr.len, 853 ntohl (h->type), h->par1, h->par2, h->rel, 854 h->time0, h->time1); 855 switch (ntohl (h->type)) { 856 default: 857 if (debug) | 949 ifp->if_name, ifp->if_unit, m->m_pkthdr.len); 950 return; 951 } 952 h = mtod (m, struct cisco_packet*); 953 if (debug) 954 log(LOG_DEBUG, 955 "%s%d: cisco input: %d bytes " 956 "<0x%lx 0x%lx 0x%lx 0x%x 0x%x-0x%x>\n", 957 ifp->if_name, ifp->if_unit, m->m_pkthdr.len, 958 ntohl (h->type), h->par1, h->par2, h->rel, 959 h->time0, h->time1); 960 switch (ntohl (h->type)) { 961 default: 962 if (debug) |
858 addlog("%s%d: unknown cisco packet type: 0x%lx\n", | 963 addlog("%s%d: cisco unknown packet type: 0x%lx\n", |
859 ifp->if_name, ifp->if_unit, ntohl (h->type)); 860 break; 861 case CISCO_ADDR_REPLY: 862 /* Reply on address request, ignore */ 863 break; 864 case CISCO_KEEPALIVE_REQ: 865 sp->pp_alivecnt = 0; 866 sp->pp_rseq = ntohl (h->par1); --- 10 unchanged lines hidden (view full) --- 877 } 878 } 879 ++sp->pp_loopcnt; 880 881 /* Generate new local sequence number */ 882 sp->pp_seq ^= time.tv_sec ^ time.tv_usec; 883 break; 884 } | 964 ifp->if_name, ifp->if_unit, ntohl (h->type)); 965 break; 966 case CISCO_ADDR_REPLY: 967 /* Reply on address request, ignore */ 968 break; 969 case CISCO_KEEPALIVE_REQ: 970 sp->pp_alivecnt = 0; 971 sp->pp_rseq = ntohl (h->par1); --- 10 unchanged lines hidden (view full) --- 982 } 983 } 984 ++sp->pp_loopcnt; 985 986 /* Generate new local sequence number */ 987 sp->pp_seq ^= time.tv_sec ^ time.tv_usec; 988 break; 989 } |
885 sp->pp_loopcnt = 0; | 990 sp->pp_loopcnt = 0; |
886 if (! (ifp->if_flags & IFF_UP) && 887 (ifp->if_flags & IFF_RUNNING)) { | 991 if (! (ifp->if_flags & IFF_UP) && 992 (ifp->if_flags & IFF_RUNNING)) { |
888 ifp->if_flags |= IFF_UP; | 993 if_up(ifp); |
889 printf ("%s%d: up\n", ifp->if_name, ifp->if_unit); 890 } 891 break; 892 case CISCO_ADDR_REQ: | 994 printf ("%s%d: up\n", ifp->if_name, ifp->if_unit); 995 } 996 break; 997 case CISCO_ADDR_REQ: |
893 for (ifa=ifp->if_addrhead.tqh_first; ifa; 894 ifa=ifa->ifa_link.tqe_next) 895 if (ifa->ifa_addr->sa_family == AF_INET) 896 break; 897 if (! ifa) { 898 if (debug) 899 addlog("%s%d: unknown address for cisco request\n", 900 ifp->if_name, ifp->if_unit); 901 return; 902 } 903 sppp_cisco_send (sp, CISCO_ADDR_REPLY, 904 ntohl (((struct sockaddr_in*)ifa->ifa_addr)->sin_addr.s_addr), 905 ntohl (((struct sockaddr_in*)ifa->ifa_netmask)->sin_addr.s_addr)); | 998 sppp_get_ip_addrs(sp, &me, 0, &mymask); 999 if (me != 0L) 1000 sppp_cisco_send(sp, CISCO_ADDR_REPLY, me, mymask); |
906 break; 907 } 908} 909 910/* 911 * Send Cisco keepalive packet. 912 */ 913static void --- 126 unchanged lines hidden (view full) --- 1040 sppp_state_name(sp->state[cp->protoidx]), 1041 sppp_cp_type_name (h->type), h->ident, ntohs (h->len)); 1042 if (len > 4) 1043 sppp_print_bytes ((u_char*) (h+1), len-4); 1044 addlog(">\n"); 1045 } 1046 if (len > ntohs (h->len)) 1047 len = ntohs (h->len); | 1001 break; 1002 } 1003} 1004 1005/* 1006 * Send Cisco keepalive packet. 1007 */ 1008static void --- 126 unchanged lines hidden (view full) --- 1135 sppp_state_name(sp->state[cp->protoidx]), 1136 sppp_cp_type_name (h->type), h->ident, ntohs (h->len)); 1137 if (len > 4) 1138 sppp_print_bytes ((u_char*) (h+1), len-4); 1139 addlog(">\n"); 1140 } 1141 if (len > ntohs (h->len)) 1142 len = ntohs (h->len); |
1143 p = (u_char *)(h + 1); |
|
1048 switch (h->type) { 1049 case CONF_REQ: 1050 if (len < 4) { 1051 if (debug) 1052 addlog("%s%d: %s invalid conf-req length %d\n", 1053 ifp->if_name, ifp->if_unit, cp->name, 1054 len); 1055 ++ifp->if_ierrors; 1056 break; 1057 } | 1144 switch (h->type) { 1145 case CONF_REQ: 1146 if (len < 4) { 1147 if (debug) 1148 addlog("%s%d: %s invalid conf-req length %d\n", 1149 ifp->if_name, ifp->if_unit, cp->name, 1150 len); 1151 ++ifp->if_ierrors; 1152 break; 1153 } |
1154 /* handle states where RCR doesn't get a SCA/SCN */ 1155 switch (sp->state[cp->protoidx]) { 1156 case STATE_CLOSING: 1157 case STATE_STOPPING: 1158 return; 1159 case STATE_CLOSED: 1160 sppp_cp_send(sp, cp->proto, TERM_ACK, h->ident, 1161 0, 0); 1162 return; 1163 } |
|
1058 rv = (cp->RCR)(sp, h, len); 1059 switch (sp->state[cp->protoidx]) { 1060 case STATE_OPENED: 1061 (cp->tld)(sp); 1062 (cp->scr)(sp); 1063 /* fall through... */ 1064 case STATE_ACK_SENT: 1065 case STATE_REQ_SENT: 1066 sppp_cp_change_state(cp, sp, rv? 1067 STATE_ACK_SENT: STATE_REQ_SENT); 1068 break; | 1164 rv = (cp->RCR)(sp, h, len); 1165 switch (sp->state[cp->protoidx]) { 1166 case STATE_OPENED: 1167 (cp->tld)(sp); 1168 (cp->scr)(sp); 1169 /* fall through... */ 1170 case STATE_ACK_SENT: 1171 case STATE_REQ_SENT: 1172 sppp_cp_change_state(cp, sp, rv? 1173 STATE_ACK_SENT: STATE_REQ_SENT); 1174 break; |
1069 case STATE_CLOSING: 1070 case STATE_STOPPING: 1071 break; | |
1072 case STATE_STOPPED: 1073 sp->rst_counter[cp->protoidx] = sp->lcp.max_configure; 1074 (cp->scr)(sp); 1075 sppp_cp_change_state(cp, sp, rv? 1076 STATE_ACK_SENT: STATE_REQ_SENT); 1077 break; | 1175 case STATE_STOPPED: 1176 sp->rst_counter[cp->protoidx] = sp->lcp.max_configure; 1177 (cp->scr)(sp); 1178 sppp_cp_change_state(cp, sp, rv? 1179 STATE_ACK_SENT: STATE_REQ_SENT); 1180 break; |
1078 case STATE_CLOSED: 1079 sppp_cp_send(sp, cp->proto, TERM_ACK, h->ident, 1080 0, 0); 1081 break; | |
1082 case STATE_ACK_RCVD: 1083 if (rv) { 1084 sppp_cp_change_state(cp, sp, STATE_OPENED); 1085 if (debug) 1086 log(LOG_DEBUG, "%s%d: %s tlu\n", 1087 ifp->if_name, ifp->if_unit, 1088 cp->name); 1089 (cp->tlu)(sp); --- 35 unchanged lines hidden (view full) --- 1125 case STATE_ACK_RCVD: 1126 (cp->scr)(sp); 1127 sppp_cp_change_state(cp, sp, STATE_REQ_SENT); 1128 break; 1129 case STATE_ACK_SENT: 1130 sp->rst_counter[cp->protoidx] = sp->lcp.max_configure; 1131 sppp_cp_change_state(cp, sp, STATE_OPENED); 1132 if (debug) | 1181 case STATE_ACK_RCVD: 1182 if (rv) { 1183 sppp_cp_change_state(cp, sp, STATE_OPENED); 1184 if (debug) 1185 log(LOG_DEBUG, "%s%d: %s tlu\n", 1186 ifp->if_name, ifp->if_unit, 1187 cp->name); 1188 (cp->tlu)(sp); --- 35 unchanged lines hidden (view full) --- 1224 case STATE_ACK_RCVD: 1225 (cp->scr)(sp); 1226 sppp_cp_change_state(cp, sp, STATE_REQ_SENT); 1227 break; 1228 case STATE_ACK_SENT: 1229 sp->rst_counter[cp->protoidx] = sp->lcp.max_configure; 1230 sppp_cp_change_state(cp, sp, STATE_OPENED); 1231 if (debug) |
1133 addlog("%s%d: %s tlu\n", | 1232 log(LOG_DEBUG, "%s%d: %s tlu\n", |
1134 ifp->if_name, ifp->if_unit, cp->name); 1135 (cp->tlu)(sp); 1136 break; 1137 default: 1138 printf("%s%d: %s illegal %s in state %s\n", 1139 ifp->if_name, ifp->if_unit, cp->name, 1140 sppp_cp_type_name(h->type), 1141 sppp_state_name(sp->state[cp->protoidx])); --- 105 unchanged lines hidden (view full) --- 1247 sppp_cp_type_name(h->type), 1248 sppp_state_name(sp->state[cp->protoidx])); 1249 ++ifp->if_ierrors; 1250 } 1251 break; 1252 case CODE_REJ: 1253 case PROTO_REJ: 1254 /* XXX catastrophic rejects (RXJ-) aren't handled yet. */ | 1233 ifp->if_name, ifp->if_unit, cp->name); 1234 (cp->tlu)(sp); 1235 break; 1236 default: 1237 printf("%s%d: %s illegal %s in state %s\n", 1238 ifp->if_name, ifp->if_unit, cp->name, 1239 sppp_cp_type_name(h->type), 1240 sppp_state_name(sp->state[cp->protoidx])); --- 105 unchanged lines hidden (view full) --- 1346 sppp_cp_type_name(h->type), 1347 sppp_state_name(sp->state[cp->protoidx])); 1348 ++ifp->if_ierrors; 1349 } 1350 break; 1351 case CODE_REJ: 1352 case PROTO_REJ: 1353 /* XXX catastrophic rejects (RXJ-) aren't handled yet. */ |
1354 log(LOG_INFO, 1355 "%s%d: %s: ignoring RXJ (%s) for proto 0x%x, " 1356 "danger will robinson\n", 1357 ifp->if_name, ifp->if_unit, cp->name, 1358 sppp_cp_type_name(h->type), ntohs(*((u_short *)p))); |
|
1255 switch (sp->state[cp->protoidx]) { 1256 case STATE_CLOSED: 1257 case STATE_STOPPED: 1258 case STATE_REQ_SENT: 1259 case STATE_ACK_SENT: 1260 case STATE_CLOSING: 1261 case STATE_STOPPING: 1262 case STATE_OPENED: --- 317 unchanged lines hidden (view full) --- 1580sppp_lcp_init(struct sppp *sp) 1581{ 1582 sp->lcp.opts = (1 << LCP_OPT_MAGIC); 1583 sp->lcp.magic = 0; 1584 sp->state[IDX_LCP] = STATE_INITIAL; 1585 sp->fail_counter[IDX_LCP] = 0; 1586 sp->lcp.protos = 0; 1587 sp->lcp.mru = sp->lcp.their_mru = PP_MTU; | 1359 switch (sp->state[cp->protoidx]) { 1360 case STATE_CLOSED: 1361 case STATE_STOPPED: 1362 case STATE_REQ_SENT: 1363 case STATE_ACK_SENT: 1364 case STATE_CLOSING: 1365 case STATE_STOPPING: 1366 case STATE_OPENED: --- 317 unchanged lines hidden (view full) --- 1684sppp_lcp_init(struct sppp *sp) 1685{ 1686 sp->lcp.opts = (1 << LCP_OPT_MAGIC); 1687 sp->lcp.magic = 0; 1688 sp->state[IDX_LCP] = STATE_INITIAL; 1689 sp->fail_counter[IDX_LCP] = 0; 1690 sp->lcp.protos = 0; 1691 sp->lcp.mru = sp->lcp.their_mru = PP_MTU; |
1588 callout_handle_init(&sp->ch[IDX_LCP]); 1589 | 1692 |
1590 /* 1591 * Initialize counters and timeout values. Note that we don't 1592 * use the 3 seconds suggested in RFC 1661 since we are likely 1593 * running on a fast link. XXX We should probably implement 1594 * the exponential backoff option. Note that these values are 1595 * relevant for all control protocols, not just LCP only. 1596 */ 1597 sp->lcp.timeout = 1 * hz; 1598 sp->lcp.max_terminate = 2; 1599 sp->lcp.max_configure = 10; 1600 sp->lcp.max_failure = 10; | 1693 /* 1694 * Initialize counters and timeout values. Note that we don't 1695 * use the 3 seconds suggested in RFC 1661 since we are likely 1696 * running on a fast link. XXX We should probably implement 1697 * the exponential backoff option. Note that these values are 1698 * relevant for all control protocols, not just LCP only. 1699 */ 1700 sp->lcp.timeout = 1 * hz; 1701 sp->lcp.max_terminate = 2; 1702 sp->lcp.max_configure = 10; 1703 sp->lcp.max_failure = 10; |
1704 callout_handle_init(&sp->ch[IDX_LCP]); |
|
1601} 1602 1603static void 1604sppp_lcp_up(struct sppp *sp) 1605{ 1606 STDDCL; 1607 1608 /* | 1705} 1706 1707static void 1708sppp_lcp_up(struct sppp *sp) 1709{ 1710 STDDCL; 1711 1712 /* |
1609 * If this interface is passive or dial-on-demand, it means 1610 * we've got in incoming call. Activate the interface. | 1713 * If this interface is passive or dial-on-demand, and we are 1714 * still in Initial state, it means we've got an incoming 1715 * call. Activate the interface. |
1611 */ 1612 if ((ifp->if_flags & (IFF_AUTO | IFF_PASSIVE)) != 0) { 1613 if (debug) 1614 log(LOG_DEBUG, | 1716 */ 1717 if ((ifp->if_flags & (IFF_AUTO | IFF_PASSIVE)) != 0) { 1718 if (debug) 1719 log(LOG_DEBUG, |
1615 "%s%d: Up event (incoming call)\n", 1616 ifp->if_name, ifp->if_unit); | 1720 "%s%d: Up event", ifp->if_name, ifp->if_unit); |
1617 ifp->if_flags |= IFF_RUNNING; | 1721 ifp->if_flags |= IFF_RUNNING; |
1618 lcp.Open(sp); | 1722 if (sp->state[IDX_LCP] == STATE_INITIAL) { 1723 if (debug) 1724 addlog("(incoming call)\n"); 1725 sp->pp_flags |= PP_CALLIN; 1726 lcp.Open(sp); 1727 } else if (debug) 1728 addlog("\n"); |
1619 } 1620 1621 sppp_up_event(&lcp, sp); 1622} 1623 1624static void 1625sppp_lcp_down(struct sppp *sp) 1626{ --- 14 unchanged lines hidden (view full) --- 1641 ifp->if_name, ifp->if_unit); 1642 if_down(ifp); 1643 } else { 1644 if (debug) 1645 log(LOG_DEBUG, 1646 "%s%d: Down event (carrier loss)\n", 1647 ifp->if_name, ifp->if_unit); 1648 } | 1729 } 1730 1731 sppp_up_event(&lcp, sp); 1732} 1733 1734static void 1735sppp_lcp_down(struct sppp *sp) 1736{ --- 14 unchanged lines hidden (view full) --- 1751 ifp->if_name, ifp->if_unit); 1752 if_down(ifp); 1753 } else { 1754 if (debug) 1755 log(LOG_DEBUG, 1756 "%s%d: Down event (carrier loss)\n", 1757 ifp->if_name, ifp->if_unit); 1758 } |
1649 lcp.Close(sp); | 1759 sp->pp_flags &= ~PP_CALLIN; 1760 if (sp->state[IDX_LCP] != STATE_INITIAL) 1761 lcp.Close(sp); |
1650 ifp->if_flags &= ~IFF_RUNNING; 1651} 1652 1653static void 1654sppp_lcp_open(struct sppp *sp) 1655{ | 1762 ifp->if_flags &= ~IFF_RUNNING; 1763} 1764 1765static void 1766sppp_lcp_open(struct sppp *sp) 1767{ |
1768 /* 1769 * If we are authenticator, negotiate LCP_AUTH 1770 */ 1771 if (sp->hisauth.proto != 0) 1772 sp->lcp.opts |= (1 << LCP_OPT_AUTH_PROTO); 1773 else 1774 sp->lcp.opts &= ~(1 << LCP_OPT_AUTH_PROTO); 1775 sp->pp_flags &= ~PP_NEEDAUTH; |
|
1656 sppp_open_event(&lcp, sp); 1657} 1658 1659static void 1660sppp_lcp_close(struct sppp *sp) 1661{ 1662 sppp_close_event(&lcp, sp); 1663} --- 12 unchanged lines hidden (view full) --- 1676 */ 1677static int 1678sppp_lcp_RCR(struct sppp *sp, struct lcp_header *h, int len) 1679{ 1680 STDDCL; 1681 u_char *buf, *r, *p; 1682 int origlen, rlen; 1683 u_long nmagic; | 1776 sppp_open_event(&lcp, sp); 1777} 1778 1779static void 1780sppp_lcp_close(struct sppp *sp) 1781{ 1782 sppp_close_event(&lcp, sp); 1783} --- 12 unchanged lines hidden (view full) --- 1796 */ 1797static int 1798sppp_lcp_RCR(struct sppp *sp, struct lcp_header *h, int len) 1799{ 1800 STDDCL; 1801 u_char *buf, *r, *p; 1802 int origlen, rlen; 1803 u_long nmagic; |
1804 u_short authproto; |
|
1684 1685 len -= 4; 1686 origlen = len; 1687 buf = r = malloc (len, M_TEMP, M_NOWAIT); 1688 if (! buf) 1689 return (0); 1690 1691 if (debug) --- 18 unchanged lines hidden (view full) --- 1710 break; 1711 case LCP_OPT_MRU: 1712 /* Maximum receive unit. */ 1713 if (len >= 4 && p[1] == 4) 1714 continue; 1715 if (debug) 1716 addlog("[invalid] "); 1717 break; | 1805 1806 len -= 4; 1807 origlen = len; 1808 buf = r = malloc (len, M_TEMP, M_NOWAIT); 1809 if (! buf) 1810 return (0); 1811 1812 if (debug) --- 18 unchanged lines hidden (view full) --- 1831 break; 1832 case LCP_OPT_MRU: 1833 /* Maximum receive unit. */ 1834 if (len >= 4 && p[1] == 4) 1835 continue; 1836 if (debug) 1837 addlog("[invalid] "); 1838 break; |
1839 case LCP_OPT_AUTH_PROTO: 1840 if (len < 4) { 1841 if (debug) 1842 addlog("[invalid] "); 1843 break; 1844 } 1845 authproto = (p[2] << 8) + p[3]; 1846 if (authproto == PPP_CHAP && p[1] != 5) { 1847 if (debug) 1848 addlog("[invalid chap len] "); 1849 break; 1850 } 1851 if (sp->myauth.proto == 0) { 1852 /* we are not configured to do auth */ 1853 if (debug) 1854 addlog("[not configured] "); 1855 break; 1856 } 1857 /* 1858 * Remote want us to authenticate, remember this, 1859 * so we stay in PHASE_AUTHENTICATE after LCP got 1860 * up. 1861 */ 1862 sp->pp_flags |= PP_NEEDAUTH; 1863 continue; |
|
1718 default: 1719 /* Others not supported. */ 1720 if (debug) 1721 addlog("[rej] "); 1722 break; 1723 } 1724 /* Add the option to rejected list. */ 1725 bcopy (p, r, p[1]); --- 30 unchanged lines hidden (view full) --- 1756 if (debug) 1757 addlog("0x%x ", nmagic); 1758 continue; 1759 } 1760 /* 1761 * Local and remote magics equal -- loopback? 1762 */ 1763 if (sp->pp_loopcnt >= MAXALIVECNT*5) { | 1864 default: 1865 /* Others not supported. */ 1866 if (debug) 1867 addlog("[rej] "); 1868 break; 1869 } 1870 /* Add the option to rejected list. */ 1871 bcopy (p, r, p[1]); --- 30 unchanged lines hidden (view full) --- 1902 if (debug) 1903 addlog("0x%x ", nmagic); 1904 continue; 1905 } 1906 /* 1907 * Local and remote magics equal -- loopback? 1908 */ 1909 if (sp->pp_loopcnt >= MAXALIVECNT*5) { |
1764 printf ("\n%s%d: loopback\n", | 1910 printf ("%s%d: loopback\n", |
1765 ifp->if_name, ifp->if_unit); 1766 sp->pp_loopcnt = 0; 1767 if (ifp->if_flags & IFF_UP) { 1768 if_down(ifp); 1769 sppp_qflush(&sp->pp_cpq); 1770 /* XXX ? */ 1771 lcp.Down(sp); 1772 lcp.Up(sp); --- 31 unchanged lines hidden (view full) --- 1804 /* 1805 * Maximum receive unit. Always agreeable, 1806 * but ignored by now. 1807 */ 1808 sp->lcp.their_mru = p[2] * 256 + p[3]; 1809 if (debug) 1810 addlog("%d ", sp->lcp.their_mru); 1811 continue; | 1911 ifp->if_name, ifp->if_unit); 1912 sp->pp_loopcnt = 0; 1913 if (ifp->if_flags & IFF_UP) { 1914 if_down(ifp); 1915 sppp_qflush(&sp->pp_cpq); 1916 /* XXX ? */ 1917 lcp.Down(sp); 1918 lcp.Up(sp); --- 31 unchanged lines hidden (view full) --- 1950 /* 1951 * Maximum receive unit. Always agreeable, 1952 * but ignored by now. 1953 */ 1954 sp->lcp.their_mru = p[2] * 256 + p[3]; 1955 if (debug) 1956 addlog("%d ", sp->lcp.their_mru); 1957 continue; |
1958 1959 case LCP_OPT_AUTH_PROTO: 1960 authproto = (p[2] << 8) + p[3]; 1961 if (sp->myauth.proto != authproto) { 1962 /* not agreed, nak */ 1963 if (debug) 1964 addlog("[mine %s != his %s] ", 1965 sppp_proto_name(sp->hisauth.proto), 1966 sppp_proto_name(authproto)); 1967 p[2] = sp->myauth.proto >> 8; 1968 p[3] = sp->myauth.proto; 1969 break; 1970 } 1971 if (authproto == PPP_CHAP && p[4] != CHAP_MD5) { 1972 if (debug) 1973 addlog("[chap not MD5] "); 1974 p[4] == CHAP_MD5; 1975 break; 1976 } 1977 continue; |
|
1812 } 1813 /* Add the option to nak'ed list. */ 1814 bcopy (p, r, p[1]); 1815 r += p[1]; 1816 rlen += p[1]; 1817 } 1818 if (rlen) { 1819 if (++sp->fail_counter[IDX_LCP] >= sp->lcp.max_failure) { --- 53 unchanged lines hidden (view full) --- 1873 case LCP_OPT_MRU: 1874 /* 1875 * Should not be rejected anyway, since we only 1876 * negotiate a MRU if explicitly requested by 1877 * peer. 1878 */ 1879 sp->lcp.opts &= ~(1 << LCP_OPT_MRU); 1880 break; | 1978 } 1979 /* Add the option to nak'ed list. */ 1980 bcopy (p, r, p[1]); 1981 r += p[1]; 1982 rlen += p[1]; 1983 } 1984 if (rlen) { 1985 if (++sp->fail_counter[IDX_LCP] >= sp->lcp.max_failure) { --- 53 unchanged lines hidden (view full) --- 2039 case LCP_OPT_MRU: 2040 /* 2041 * Should not be rejected anyway, since we only 2042 * negotiate a MRU if explicitly requested by 2043 * peer. 2044 */ 2045 sp->lcp.opts &= ~(1 << LCP_OPT_MRU); 2046 break; |
2047 case LCP_OPT_AUTH_PROTO: 2048 /* 2049 * Peer doesn't want to authenticate himself, 2050 * deny unless this is a dialout call, and 2051 * AUTHFLAG_NOCALLOUT is set. 2052 */ 2053 if ((sp->pp_flags & PP_CALLIN) == 0 && 2054 (sp->hisauth.flags & AUTHFLAG_NOCALLOUT) != 0) { 2055 if (debug) 2056 addlog("[don't insist on auth " 2057 "for callout]"); 2058 sp->lcp.opts &= ~(1 << LCP_OPT_AUTH_PROTO); 2059 break; 2060 } 2061 if (debug) 2062 addlog("[access denied]\n"); 2063 lcp.Close(sp); 2064 break; |
|
1881 } 1882 } 1883 if (debug) 1884 addlog("\n"); 1885 free (buf, M_TEMP); 1886 return; 1887} 1888 --- 55 unchanged lines hidden (view full) --- 1944 if (debug) 1945 addlog("%d ", mru); 1946 if (mru < PP_MTU || mru > PP_MAX_MRU) 1947 mru = PP_MTU; 1948 sp->lcp.mru = mru; 1949 sp->lcp.opts |= (1 << LCP_OPT_MRU); 1950 } 1951 break; | 2065 } 2066 } 2067 if (debug) 2068 addlog("\n"); 2069 free (buf, M_TEMP); 2070 return; 2071} 2072 --- 55 unchanged lines hidden (view full) --- 2128 if (debug) 2129 addlog("%d ", mru); 2130 if (mru < PP_MTU || mru > PP_MAX_MRU) 2131 mru = PP_MTU; 2132 sp->lcp.mru = mru; 2133 sp->lcp.opts |= (1 << LCP_OPT_MRU); 2134 } 2135 break; |
2136 case LCP_OPT_AUTH_PROTO: 2137 /* 2138 * Peer doesn't like our authentication method, 2139 * deny. 2140 */ 2141 if (debug) 2142 addlog("[access denied]\n"); 2143 lcp.Close(sp); 2144 break; |
|
1952 } 1953 } 1954 if (debug) 1955 addlog("\n"); 1956 free (buf, M_TEMP); 1957 return; 1958} 1959 --- 11 unchanged lines hidden (view full) --- 1971 if_up(ifp); 1972 printf ("%s%d: up\n", ifp->if_name, ifp->if_unit); 1973 } 1974 1975 for (i = 0; i < IDX_COUNT; i++) 1976 if ((cps[i])->flags & CP_QUAL) 1977 (cps[i])->Open(sp); 1978 | 2145 } 2146 } 2147 if (debug) 2148 addlog("\n"); 2149 free (buf, M_TEMP); 2150 return; 2151} 2152 --- 11 unchanged lines hidden (view full) --- 2164 if_up(ifp); 2165 printf ("%s%d: up\n", ifp->if_name, ifp->if_unit); 2166 } 2167 2168 for (i = 0; i < IDX_COUNT; i++) 2169 if ((cps[i])->flags & CP_QUAL) 2170 (cps[i])->Open(sp); 2171 |
1979 if (/* require authentication XXX */ 0) | 2172 if ((sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) != 0 || 2173 (sp->pp_flags & PP_NEEDAUTH) != 0) |
1980 sp->pp_phase = PHASE_AUTHENTICATE; 1981 else 1982 sp->pp_phase = PHASE_NETWORK; 1983 1984 log(LOG_INFO, "%s%d: phase %s\n", ifp->if_name, ifp->if_unit, 1985 sppp_phase_name(sp->pp_phase)); 1986 | 2174 sp->pp_phase = PHASE_AUTHENTICATE; 2175 else 2176 sp->pp_phase = PHASE_NETWORK; 2177 2178 log(LOG_INFO, "%s%d: phase %s\n", ifp->if_name, ifp->if_unit, 2179 sppp_phase_name(sp->pp_phase)); 2180 |
1987 if (sp->pp_phase == PHASE_AUTHENTICATE) { 1988 for (i = 0; i < IDX_COUNT; i++) 1989 if ((cps[i])->flags & CP_AUTH) 1990 (cps[i])->Open(sp); 1991 } else { | 2181 /* 2182 * Open all authentication protocols. This is even required 2183 * if we already proceeded to network phase, since it might be 2184 * that remote wants us to authenticate, so we might have to 2185 * send a PAP request. Undesired authentication protocols 2186 * don't do anything when they get an Open event. 2187 */ 2188 for (i = 0; i < IDX_COUNT; i++) 2189 if ((cps[i])->flags & CP_AUTH) 2190 (cps[i])->Open(sp); 2191 2192 if (sp->pp_phase == PHASE_NETWORK) { |
1992 /* Notify all NCPs. */ 1993 for (i = 0; i < IDX_COUNT; i++) 1994 if ((cps[i])->flags & CP_NCP) 1995 (cps[i])->Open(sp); 1996 } 1997 1998 /* Send Up events to all started protos. */ 1999 for (i = 0, mask = 1; i < IDX_COUNT; i++, mask <<= 1) 2000 if (sp->lcp.protos & mask && ((cps[i])->flags & CP_LCP) == 0) 2001 (cps[i])->Up(sp); 2002 2003 if (sp->pp_phase == PHASE_NETWORK) 2004 /* if no NCP is starting, close down */ | 2193 /* Notify all NCPs. */ 2194 for (i = 0; i < IDX_COUNT; i++) 2195 if ((cps[i])->flags & CP_NCP) 2196 (cps[i])->Open(sp); 2197 } 2198 2199 /* Send Up events to all started protos. */ 2200 for (i = 0, mask = 1; i < IDX_COUNT; i++, mask <<= 1) 2201 if (sp->lcp.protos & mask && ((cps[i])->flags & CP_LCP) == 0) 2202 (cps[i])->Up(sp); 2203 2204 if (sp->pp_phase == PHASE_NETWORK) 2205 /* if no NCP is starting, close down */ |
2005 sppp_lcp_check(sp); | 2206 sppp_lcp_check_and_close(sp); |
2006} 2007 2008static void 2009sppp_lcp_tld(struct sppp *sp) 2010{ 2011 STDDCL; 2012 int i; 2013 u_long mask; --- 43 unchanged lines hidden (view full) --- 2057 /* Notify lower layer if desired. */ 2058 if (sp->pp_tlf) 2059 (sp->pp_tlf)(sp); 2060} 2061 2062static void 2063sppp_lcp_scr(struct sppp *sp) 2064{ | 2207} 2208 2209static void 2210sppp_lcp_tld(struct sppp *sp) 2211{ 2212 STDDCL; 2213 int i; 2214 u_long mask; --- 43 unchanged lines hidden (view full) --- 2258 /* Notify lower layer if desired. */ 2259 if (sp->pp_tlf) 2260 (sp->pp_tlf)(sp); 2261} 2262 2263static void 2264sppp_lcp_scr(struct sppp *sp) 2265{ |
2065 char opt[6 /* magicnum */ + 4 /* mru */]; | 2266 char opt[6 /* magicnum */ + 4 /* mru */ + 5 /* chap */]; |
2066 int i = 0; | 2267 int i = 0; |
2268 u_short authproto; |
|
2067 2068 if (sp->lcp.opts & (1 << LCP_OPT_MAGIC)) { 2069 if (! sp->lcp.magic) 2070 sp->lcp.magic = time.tv_sec + time.tv_usec; 2071 opt[i++] = LCP_OPT_MAGIC; 2072 opt[i++] = 6; 2073 opt[i++] = sp->lcp.magic >> 24; 2074 opt[i++] = sp->lcp.magic >> 16; 2075 opt[i++] = sp->lcp.magic >> 8; 2076 opt[i++] = sp->lcp.magic; 2077 } 2078 2079 if (sp->lcp.opts & (1 << LCP_OPT_MRU)) { 2080 opt[i++] = LCP_OPT_MRU; 2081 opt[i++] = 4; 2082 opt[i++] = sp->lcp.mru >> 8; 2083 opt[i++] = sp->lcp.mru; 2084 } 2085 | 2269 2270 if (sp->lcp.opts & (1 << LCP_OPT_MAGIC)) { 2271 if (! sp->lcp.magic) 2272 sp->lcp.magic = time.tv_sec + time.tv_usec; 2273 opt[i++] = LCP_OPT_MAGIC; 2274 opt[i++] = 6; 2275 opt[i++] = sp->lcp.magic >> 24; 2276 opt[i++] = sp->lcp.magic >> 16; 2277 opt[i++] = sp->lcp.magic >> 8; 2278 opt[i++] = sp->lcp.magic; 2279 } 2280 2281 if (sp->lcp.opts & (1 << LCP_OPT_MRU)) { 2282 opt[i++] = LCP_OPT_MRU; 2283 opt[i++] = 4; 2284 opt[i++] = sp->lcp.mru >> 8; 2285 opt[i++] = sp->lcp.mru; 2286 } 2287 |
2288 if (sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) { 2289 authproto = sp->hisauth.proto; 2290 opt[i++] = LCP_OPT_AUTH_PROTO; 2291 opt[i++] = authproto == PPP_CHAP? 5: 4; 2292 opt[i++] = authproto >> 8; 2293 opt[i++] = authproto; 2294 if (authproto == PPP_CHAP) 2295 opt[i++] = CHAP_MD5; 2296 } 2297 |
|
2086 sp->confid[IDX_LCP] = ++sp->pp_seq; 2087 sppp_cp_send (sp, PPP_LCP, CONF_REQ, sp->confid[IDX_LCP], i, &opt); 2088} 2089 2090/* | 2298 sp->confid[IDX_LCP] = ++sp->pp_seq; 2299 sppp_cp_send (sp, PPP_LCP, CONF_REQ, sp->confid[IDX_LCP], i, &opt); 2300} 2301 2302/* |
2091 * Re-check the open NCPs and see if we should terminate the link. 2092 * Called by the NCPs during their tlf action handling. | 2303 * Check the open NCPs, return true if at least one NCP is open. |
2093 */ | 2304 */ |
2094static void 2095sppp_lcp_check(struct sppp *sp) | 2305static int 2306sppp_ncp_check(struct sppp *sp) |
2096{ 2097 int i, mask; 2098 2099 for (i = 0, mask = 1; i < IDX_COUNT; i++, mask <<= 1) 2100 if (sp->lcp.protos & mask && (cps[i])->flags & CP_NCP) | 2307{ 2308 int i, mask; 2309 2310 for (i = 0, mask = 1; i < IDX_COUNT; i++, mask <<= 1) 2311 if (sp->lcp.protos & mask && (cps[i])->flags & CP_NCP) |
2101 return; | 2312 return 1; 2313 return 0; 2314} 2315 2316/* 2317 * Re-check the open NCPs and see if we should terminate the link. 2318 * Called by the NCPs during their tlf action handling. 2319 */ 2320static void 2321sppp_lcp_check_and_close(struct sppp *sp) 2322{ 2323 2324 if (sp->pp_phase < PHASE_NETWORK) 2325 /* don't bother, we are already going down */ 2326 return; 2327 2328 if (sppp_ncp_check(sp)) 2329 return; 2330 |
2102 lcp.Close(sp); 2103} 2104/* 2105 *--------------------------------------------------------------------------* 2106 * * 2107 * The IPCP implementation. * 2108 * * 2109 *--------------------------------------------------------------------------* --- 22 unchanged lines hidden (view full) --- 2132} 2133 2134static void 2135sppp_ipcp_open(struct sppp *sp) 2136{ 2137 STDDCL; 2138 u_long myaddr, hisaddr; 2139 | 2331 lcp.Close(sp); 2332} 2333/* 2334 *--------------------------------------------------------------------------* 2335 * * 2336 * The IPCP implementation. * 2337 * * 2338 *--------------------------------------------------------------------------* --- 22 unchanged lines hidden (view full) --- 2361} 2362 2363static void 2364sppp_ipcp_open(struct sppp *sp) 2365{ 2366 STDDCL; 2367 u_long myaddr, hisaddr; 2368 |
2140 sppp_get_ip_addrs(sp, &myaddr, &hisaddr); | 2369 sppp_get_ip_addrs(sp, &myaddr, &hisaddr, 0); |
2141 /* 2142 * If we don't have his address, this probably means our 2143 * interface doesn't want to talk IP at all. (This could 2144 * be the case if somebody wants to speak only IPX, for 2145 * example.) Don't open IPCP in this case. 2146 */ 2147 if (hisaddr == 0L) { 2148 /* XXX this message should go away */ --- 97 unchanged lines hidden (view full) --- 2246 if (debug) 2247 addlog(" send conf-rej\n"); 2248 sppp_cp_send (sp, PPP_IPCP, CONF_REJ, h->ident, rlen, buf); 2249 return 0; 2250 } else if (debug) 2251 addlog("\n"); 2252 2253 /* pass 2: parse option values */ | 2370 /* 2371 * If we don't have his address, this probably means our 2372 * interface doesn't want to talk IP at all. (This could 2373 * be the case if somebody wants to speak only IPX, for 2374 * example.) Don't open IPCP in this case. 2375 */ 2376 if (hisaddr == 0L) { 2377 /* XXX this message should go away */ --- 97 unchanged lines hidden (view full) --- 2475 if (debug) 2476 addlog(" send conf-rej\n"); 2477 sppp_cp_send (sp, PPP_IPCP, CONF_REJ, h->ident, rlen, buf); 2478 return 0; 2479 } else if (debug) 2480 addlog("\n"); 2481 2482 /* pass 2: parse option values */ |
2254 sppp_get_ip_addrs(sp, 0, &hisaddr); | 2483 sppp_get_ip_addrs(sp, 0, &hisaddr, 0); |
2255 if (debug) | 2484 if (debug) |
2256 addlog("%s%d: ipcp parse opt values: ", ifp->if_name, ifp->if_unit); | 2485 log(LOG_DEBUG, "%s%d: ipcp parse opt values: ", 2486 ifp->if_name, ifp->if_unit); |
2257 p = (void*) (h+1); 2258 len = origlen; 2259 for (rlen=0; len>1 && p[1]; len-=p[1], p+=p[1]) { 2260 if (debug) 2261 addlog(" %s ", sppp_ipcp_opt_name(*p)); 2262 switch (*p) { 2263#ifdef notyet 2264 case IPCP_OPT_COMPRESSION: --- 4 unchanged lines hidden (view full) --- 2269 p[4] << 8 | p[5]; 2270 if (desiredaddr == hisaddr) { 2271 /* 2272 * Peer's address is same as our value, 2273 * this is agreeable. Gonna conf-ack 2274 * it. 2275 */ 2276 if (debug) | 2487 p = (void*) (h+1); 2488 len = origlen; 2489 for (rlen=0; len>1 && p[1]; len-=p[1], p+=p[1]) { 2490 if (debug) 2491 addlog(" %s ", sppp_ipcp_opt_name(*p)); 2492 switch (*p) { 2493#ifdef notyet 2494 case IPCP_OPT_COMPRESSION: --- 4 unchanged lines hidden (view full) --- 2499 p[4] << 8 | p[5]; 2500 if (desiredaddr == hisaddr) { 2501 /* 2502 * Peer's address is same as our value, 2503 * this is agreeable. Gonna conf-ack 2504 * it. 2505 */ 2506 if (debug) |
2277 addlog("0x%x [ack] ", hisaddr); | 2507 addlog("%s [ack] ", 2508 sppp_dotted_quad(hisaddr)); |
2278 /* record that we've seen it already */ 2279 sp->ipcp.flags |= IPCP_HISADDR_SEEN; 2280 continue; 2281 } 2282 /* 2283 * The address wasn't agreeable. This is either 2284 * he sent us 0.0.0.0, asking to assign him an 2285 * address, or he send us another address not 2286 * matching our value. Either case, we gonna 2287 * conf-nak it with our value. 2288 */ 2289 if (debug) { 2290 if (desiredaddr == 0) 2291 addlog("[addr requested] "); 2292 else | 2509 /* record that we've seen it already */ 2510 sp->ipcp.flags |= IPCP_HISADDR_SEEN; 2511 continue; 2512 } 2513 /* 2514 * The address wasn't agreeable. This is either 2515 * he sent us 0.0.0.0, asking to assign him an 2516 * address, or he send us another address not 2517 * matching our value. Either case, we gonna 2518 * conf-nak it with our value. 2519 */ 2520 if (debug) { 2521 if (desiredaddr == 0) 2522 addlog("[addr requested] "); 2523 else |
2293 addlog("0x%x [not agreed] ", 2294 desiredaddr); | 2524 addlog("%s [not agreed] ", 2525 sppp_dotted_quad(desiredaddr)); |
2295 2296 p[2] = hisaddr >> 24; 2297 p[3] = hisaddr >> 16; 2298 p[4] = hisaddr >> 8; 2299 p[5] = hisaddr; 2300 } 2301 break; 2302 } --- 117 unchanged lines hidden (view full) --- 2420 * if we can do something for him. We'll drop 2421 * him our address then. 2422 */ 2423 if (len >= 6 && p[1] == 6) { 2424 wantaddr = p[2] << 24 | p[3] << 16 | 2425 p[4] << 8 | p[5]; 2426 sp->ipcp.opts |= (1 << IPCP_OPT_ADDRESS); 2427 if (debug) | 2526 2527 p[2] = hisaddr >> 24; 2528 p[3] = hisaddr >> 16; 2529 p[4] = hisaddr >> 8; 2530 p[5] = hisaddr; 2531 } 2532 break; 2533 } --- 117 unchanged lines hidden (view full) --- 2651 * if we can do something for him. We'll drop 2652 * him our address then. 2653 */ 2654 if (len >= 6 && p[1] == 6) { 2655 wantaddr = p[2] << 24 | p[3] << 16 | 2656 p[4] << 8 | p[5]; 2657 sp->ipcp.opts |= (1 << IPCP_OPT_ADDRESS); 2658 if (debug) |
2428 addlog("[wantaddr 0x%x] ", wantaddr); | 2659 addlog("[wantaddr %s] ", 2660 sppp_dotted_quad(wantaddr)); |
2429 /* 2430 * When doing dynamic address assignment, 2431 * we accept his offer. Otherwise, we 2432 * ignore it and thus continue to negotiate 2433 * our already existing value. 2434 */ 2435 if (sp->ipcp.flags & IPCP_MYADDR_DYN) { 2436 sppp_set_ip_addr(sp, wantaddr); --- 34 unchanged lines hidden (view full) --- 2471 sp->lcp.protos |= (1 << IDX_IPCP); 2472} 2473 2474static void 2475sppp_ipcp_tlf(struct sppp *sp) 2476{ 2477 /* we no longer need LCP */ 2478 sp->lcp.protos &= ~(1 << IDX_IPCP); | 2661 /* 2662 * When doing dynamic address assignment, 2663 * we accept his offer. Otherwise, we 2664 * ignore it and thus continue to negotiate 2665 * our already existing value. 2666 */ 2667 if (sp->ipcp.flags & IPCP_MYADDR_DYN) { 2668 sppp_set_ip_addr(sp, wantaddr); --- 34 unchanged lines hidden (view full) --- 2703 sp->lcp.protos |= (1 << IDX_IPCP); 2704} 2705 2706static void 2707sppp_ipcp_tlf(struct sppp *sp) 2708{ 2709 /* we no longer need LCP */ 2710 sp->lcp.protos &= ~(1 << IDX_IPCP); |
2479 sppp_lcp_check(sp); | 2711 sppp_lcp_check_and_close(sp); |
2480} 2481 2482static void 2483sppp_ipcp_scr(struct sppp *sp) 2484{ 2485 char opt[6 /* compression */ + 6 /* address */]; 2486 u_long ouraddr; 2487 int i = 0; --- 5 unchanged lines hidden (view full) --- 2493 opt[i++] = 0; /* VJ header compression */ 2494 opt[i++] = 0x2d; /* VJ header compression */ 2495 opt[i++] = max_slot_id; 2496 opt[i++] = comp_slot_id; 2497 } 2498#endif 2499 2500 if (sp->ipcp.opts & (1 << IPCP_OPT_ADDRESS)) { | 2712} 2713 2714static void 2715sppp_ipcp_scr(struct sppp *sp) 2716{ 2717 char opt[6 /* compression */ + 6 /* address */]; 2718 u_long ouraddr; 2719 int i = 0; --- 5 unchanged lines hidden (view full) --- 2725 opt[i++] = 0; /* VJ header compression */ 2726 opt[i++] = 0x2d; /* VJ header compression */ 2727 opt[i++] = max_slot_id; 2728 opt[i++] = comp_slot_id; 2729 } 2730#endif 2731 2732 if (sp->ipcp.opts & (1 << IPCP_OPT_ADDRESS)) { |
2501 sppp_get_ip_addrs(sp, &ouraddr, 0); | 2733 sppp_get_ip_addrs(sp, &ouraddr, 0, 0); |
2502 opt[i++] = IPCP_OPT_ADDRESS; 2503 opt[i++] = 6; 2504 opt[i++] = ouraddr >> 24; 2505 opt[i++] = ouraddr >> 16; 2506 opt[i++] = ouraddr >> 8; 2507 opt[i++] = ouraddr; 2508 } 2509 2510 sp->confid[IDX_IPCP] = ++sp->pp_seq; 2511 sppp_cp_send(sp, PPP_IPCP, CONF_REQ, sp->confid[IDX_IPCP], i, &opt); 2512} 2513 2514 2515/* | 2734 opt[i++] = IPCP_OPT_ADDRESS; 2735 opt[i++] = 6; 2736 opt[i++] = ouraddr >> 24; 2737 opt[i++] = ouraddr >> 16; 2738 opt[i++] = ouraddr >> 8; 2739 opt[i++] = ouraddr; 2740 } 2741 2742 sp->confid[IDX_IPCP] = ++sp->pp_seq; 2743 sppp_cp_send(sp, PPP_IPCP, CONF_REQ, sp->confid[IDX_IPCP], i, &opt); 2744} 2745 2746 2747/* |
2748 *--------------------------------------------------------------------------* 2749 * * 2750 * The CHAP implementation. * 2751 * * 2752 *--------------------------------------------------------------------------* 2753 */ 2754 2755/* 2756 * The authentication protocols don't employ a full-fledged state machine as 2757 * the control protocols do, since they do have Open and Close events, but 2758 * not Up and Down, nor are they explicitly terminated. Also, use of the 2759 * authentication protocols may be different in both directions (this makes 2760 * sense, think of a machine that never accepts incoming calls but only 2761 * calls out, it doesn't require the called party to authenticate itself). 2762 * 2763 * Our state machine for the local authentication protocol (we are requesting 2764 * the peer to authenticate) looks like: 2765 * 2766 * RCA- 2767 * +--------------------------------------------+ 2768 * V scn,tld| 2769 * +--------+ Close +---------+ RCA+ 2770 * | |<----------------------------------| |------+ 2771 * +--->| Closed | TO* | Opened | sca | 2772 * | | |-----+ +-------| |<-----+ 2773 * | +--------+ irc | | +---------+ 2774 * | ^ | | ^ 2775 * | | | | | 2776 * | | | | | 2777 * | TO-| | | | 2778 * | |tld TO+ V | | 2779 * | | +------->+ | | 2780 * | | | | | | 2781 * | +--------+ V | | 2782 * | | |<----+<--------------------+ | 2783 * | | Req- | scr | 2784 * | | Sent | | 2785 * | | | | 2786 * | +--------+ | 2787 * | RCA- | | RCA+ | 2788 * +------+ +------------------------------------------+ 2789 * scn,tld sca,irc,ict,tlu 2790 * 2791 * 2792 * with: 2793 * 2794 * Open: LCP reached authentication phase 2795 * Close: LCP reached terminate phase 2796 * 2797 * RCA+: received reply (pap-req, chap-response), acceptable 2798 * RCN: received reply (pap-req, chap-response), not acceptable 2799 * TO+: timeout with restart counter >= 0 2800 * TO-: timeout with restart counter < 0 2801 * TO*: reschedule timeout for CHAP 2802 * 2803 * scr: send request packet (none for PAP, chap-challenge) 2804 * sca: send ack packet (pap-ack, chap-success) 2805 * scn: send nak packet (pap-nak, chap-failure) 2806 * ict: initialize re-challenge timer (CHAP only) 2807 * 2808 * tlu: this-layer-up, LCP reaches network phase 2809 * tld: this-layer-down, LCP enters terminate phase 2810 * 2811 * Note that in CHAP mode, after sending a new challenge, while the state 2812 * automaton falls back into Req-Sent state, it doesn't signal a tld 2813 * event to LCP, so LCP remains in network phase. Only after not getting 2814 * any response (or after getting an unacceptable response), CHAP closes, 2815 * causing LCP to enter terminate phase. 2816 * 2817 * With PAP, there is no initial request that can be sent. The peer is 2818 * expected to send one based on the successful negotiation of PAP as 2819 * the authentication protocol during the LCP option negotiation. 2820 * 2821 * Incoming authentication protocol requests (remote requests 2822 * authentication, we are peer) don't employ a state machine at all, 2823 * they are simply answered. Some peers [Ascend P50 firmware rev 2824 * 4.50] react allergically when sending IPCP requests while they are 2825 * still in authentication phase (thereby violating the standard that 2826 * demands that these NCP packets are to be discarded), so we keep 2827 * track of the peer demanding us to authenticate, and only proceed to 2828 * phase network once we've seen a positive acknowledge for the 2829 * authentication. 2830 */ 2831 2832/* 2833 * Handle incoming CHAP packets. 2834 */ 2835void 2836sppp_chap_input(struct sppp *sp, struct mbuf *m) 2837{ 2838 STDDCL; 2839 struct lcp_header *h; 2840 int len, x; 2841 u_char *value, *name, digest[AUTHKEYLEN], dsize; 2842 int value_len, name_len; 2843 MD5_CTX ctx; 2844 2845 len = m->m_pkthdr.len; 2846 if (len < 4) { 2847 if (debug) 2848 log(LOG_DEBUG, 2849 "%s%d: chap invalid packet length: %d bytes\n", 2850 ifp->if_name, ifp->if_unit, len); 2851 return; 2852 } 2853 h = mtod (m, struct lcp_header*); 2854 if (len > ntohs (h->len)) 2855 len = ntohs (h->len); 2856 2857 switch (h->type) { 2858 /* challenge, failure and success are his authproto */ 2859 case CHAP_CHALLENGE: 2860 value = 1 + (u_char*)(h+1); 2861 value_len = value[-1]; 2862 name = value + value_len; 2863 name_len = len - value_len - 5; 2864 if (name_len < 0) { 2865 if (debug) { 2866 log(LOG_DEBUG, 2867 "%s%d: chap corrupted challenge " 2868 "<%s id=0x%x len=%d", 2869 ifp->if_name, ifp->if_unit, 2870 sppp_auth_type_name(PPP_CHAP, h->type), 2871 h->ident, ntohs(h->len)); 2872 if (len > 4) 2873 sppp_print_bytes((u_char*) (h+1), len-4); 2874 addlog(">\n"); 2875 } 2876 break; 2877 } 2878 if (name_len != sppp_strnlen(sp->hisauth.name, AUTHNAMELEN) 2879 || bcmp(name, sp->hisauth.name, name_len) != 0) { 2880 log(LOG_INFO, "%s%d: chap challenge, his name "); 2881 sppp_print_string(name, name_len); 2882 addlog(" != expected "); 2883 sppp_print_string(sp->hisauth.name, 2884 sppp_strnlen(sp->hisauth.name, AUTHNAMELEN)); 2885 addlog("\n"); 2886 } 2887 2888 if (debug) { 2889 log(LOG_DEBUG, 2890 "%s%d: chap input <%s id=0x%x len=%d name=", 2891 ifp->if_name, ifp->if_unit, 2892 sppp_auth_type_name(PPP_CHAP, h->type), h->ident, 2893 ntohs(h->len)); 2894 sppp_print_string((char*) name, name_len); 2895 addlog(" value-size=%d value=", value_len); 2896 sppp_print_bytes(value, value_len); 2897 addlog(">\n"); 2898 } 2899 2900 /* Compute reply value. */ 2901 MD5Init(&ctx); 2902 MD5Update(&ctx, &h->ident, 1); 2903 MD5Update(&ctx, sp->myauth.secret, 2904 sppp_strnlen(sp->myauth.secret, AUTHKEYLEN)); 2905 MD5Update(&ctx, value, value_len); 2906 MD5Final(digest, &ctx); 2907 dsize = sizeof digest; 2908 2909 sppp_auth_send(&chap, sp, CHAP_RESPONSE, h->ident, 2910 sizeof dsize, (const char *)&dsize, 2911 sizeof digest, digest, 2912 sppp_strnlen(sp->myauth.name, AUTHNAMELEN), 2913 sp->myauth.name, 2914 0); 2915 break; 2916 2917 case CHAP_SUCCESS: 2918 if (debug) { 2919 log(LOG_DEBUG, "%s%d: chap success", 2920 ifp->if_name, ifp->if_unit); 2921 if (len > 4) { 2922 addlog(": "); 2923 sppp_print_string((char*)(h + 1), len - 4); 2924 } 2925 addlog("\n"); 2926 } 2927 x = splimp(); 2928 sp->pp_flags &= ~PP_NEEDAUTH; 2929 if (sp->myauth.proto == PPP_CHAP && 2930 (sp->lcp.protos & (1 << IDX_CHAP)) == 0) { 2931 /* 2932 * We are authenticator for CHAP but didn't 2933 * complete yet. Leave it to tlu to proceed 2934 * to network phase. 2935 */ 2936 splx(x); 2937 break; 2938 } 2939 splx(x); 2940 sppp_phase_network(sp); 2941 break; 2942 2943 case CHAP_FAILURE: 2944 if (debug) { 2945 log(LOG_INFO, "%s%d: chap failure", 2946 ifp->if_name, ifp->if_unit); 2947 if (len > 4) { 2948 addlog(": "); 2949 sppp_print_string((char*)(h + 1), len - 4); 2950 } 2951 addlog("\n"); 2952 } else 2953 log(LOG_INFO, "%s%d: chap failure\n", 2954 ifp->if_name, ifp->if_unit); 2955 /* await LCP shutdown by authenticator */ 2956 break; 2957 2958 /* response is my authproto */ 2959 case CHAP_RESPONSE: 2960 value = 1 + (u_char*)(h+1); 2961 value_len = value[-1]; 2962 name = value + value_len; 2963 name_len = len - value_len - 5; 2964 if (name_len < 0) { 2965 if (debug) { 2966 log(LOG_DEBUG, 2967 "%s%d: chap corrupted response " 2968 "<%s id=0x%x len=%d", 2969 ifp->if_name, ifp->if_unit, 2970 sppp_auth_type_name(PPP_CHAP, h->type), 2971 h->ident, ntohs(h->len)); 2972 if (len > 4) 2973 sppp_print_bytes((u_char*)(h+1), len-4); 2974 addlog(">\n"); 2975 } 2976 break; 2977 } 2978 if (h->ident != sp->confid[IDX_CHAP]) { 2979 if (debug) 2980 log(LOG_DEBUG, 2981 "%s%d: chap dropping response for old ID " 2982 "(got %d, expected %d)\n", 2983 h->ident, sp->confid[IDX_CHAP]); 2984 break; 2985 } 2986 if (name_len != sppp_strnlen(sp->hisauth.name, AUTHNAMELEN) 2987 || bcmp(name, sp->hisauth.name, name_len) != 0) { 2988 log(LOG_INFO, "%s%d: chap response, his name ", 2989 ifp->if_name, ifp->if_unit); 2990 sppp_print_string(name, name_len); 2991 addlog(" != expected "); 2992 sppp_print_string(sp->hisauth.name, 2993 sppp_strnlen(sp->hisauth.name, AUTHNAMELEN)); 2994 addlog("\n"); 2995 } 2996 if (debug) { 2997 log(LOG_DEBUG, "%s%d: chap input(%s) " 2998 "<%s id=0x%x len=%d name=", 2999 ifp->if_name, ifp->if_unit, 3000 sppp_state_name(sp->state[IDX_CHAP]), 3001 sppp_auth_type_name(PPP_CHAP, h->type), 3002 h->ident, ntohs (h->len)); 3003 sppp_print_string((char*)name, name_len); 3004 addlog(" value-size=%d value=", value_len); 3005 sppp_print_bytes(value, value_len); 3006 addlog(">\n"); 3007 } 3008 if (value_len != AUTHKEYLEN) { 3009 if (debug) 3010 log(LOG_DEBUG, 3011 "%s%d: chap bad hash value length: " 3012 "%d bytes, should be %d\n", 3013 ifp->if_name, ifp->if_unit, value_len, 3014 AUTHKEYLEN); 3015 break; 3016 } 3017 3018 MD5Init(&ctx); 3019 MD5Update(&ctx, &h->ident, 1); 3020 MD5Update(&ctx, sp->hisauth.secret, 3021 sppp_strnlen(sp->hisauth.secret, AUTHKEYLEN)); 3022 MD5Update(&ctx, sp->myauth.challenge, AUTHKEYLEN); 3023 MD5Final(digest, &ctx); 3024 3025#define FAILMSG "Failed..." 3026#define SUCCMSG "Welcome!" 3027 3028 if (value_len != sizeof digest || 3029 bcmp(digest, value, value_len) != 0) { 3030 /* action scn, tld */ 3031 sppp_auth_send(&chap, sp, CHAP_FAILURE, h->ident, 3032 sizeof(FAILMSG) - 1, (u_char *)FAILMSG, 3033 0); 3034 chap.tld(sp); 3035 break; 3036 } 3037 /* action sca, perhaps tlu */ 3038 if (sp->state[IDX_CHAP] == STATE_REQ_SENT || 3039 sp->state[IDX_CHAP] == STATE_OPENED) 3040 sppp_auth_send(&chap, sp, CHAP_SUCCESS, h->ident, 3041 sizeof(SUCCMSG) - 1, (u_char *)SUCCMSG, 3042 0); 3043 if (sp->state[IDX_CHAP] == STATE_REQ_SENT) { 3044 sppp_cp_change_state(&chap, sp, STATE_OPENED); 3045 chap.tlu(sp); 3046 } 3047 break; 3048 3049 default: 3050 /* Unknown CHAP packet type -- ignore. */ 3051 if (debug) { 3052 log(LOG_DEBUG, "%s%d: chap unknown input(%s) " 3053 "<0x%x id=0x%xh len=%d", 3054 ifp->if_name, ifp->if_unit, 3055 sppp_state_name(sp->state[IDX_CHAP]), 3056 h->type, h->ident, ntohs(h->len)); 3057 if (len > 4) 3058 sppp_print_bytes((u_char*)(h+1), len-4); 3059 addlog(">\n"); 3060 } 3061 break; 3062 3063 } 3064} 3065 3066static void 3067sppp_chap_init(struct sppp *sp) 3068{ 3069 /* Chap doesn't have STATE_INITIAL at all. */ 3070 sp->state[IDX_CHAP] = STATE_CLOSED; 3071 sp->fail_counter[IDX_CHAP] = 0; 3072 callout_handle_init(&sp->ch[IDX_CHAP]); 3073} 3074 3075static void 3076sppp_chap_open(struct sppp *sp) 3077{ 3078 if (sp->myauth.proto == PPP_CHAP && 3079 (sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) != 0) { 3080 /* we are authenticator for CHAP, start it */ 3081 chap.scr(sp); 3082 sp->rst_counter[IDX_CHAP] = sp->lcp.max_configure; 3083 sppp_cp_change_state(&chap, sp, STATE_REQ_SENT); 3084 } 3085 /* nothing to be done if we are peer, await a challenge */ 3086} 3087 3088static void 3089sppp_chap_close(struct sppp *sp) 3090{ 3091 if (sp->state[IDX_CHAP] != STATE_CLOSED) 3092 sppp_cp_change_state(&chap, sp, STATE_CLOSED); 3093} 3094 3095static void 3096sppp_chap_TO(void *cookie) 3097{ 3098 struct sppp *sp = (struct sppp *)cookie; 3099 STDDCL; 3100 int s; 3101 3102 s = splimp(); 3103 if (debug) 3104 log(LOG_DEBUG, "%s%d: chap TO(%s) rst_counter = %d\n", 3105 ifp->if_name, ifp->if_unit, 3106 sppp_state_name(sp->state[IDX_CHAP]), 3107 sp->rst_counter[IDX_CHAP]); 3108 3109 if (--sp->rst_counter[IDX_CHAP] < 0) 3110 /* TO- event */ 3111 switch (sp->state[IDX_CHAP]) { 3112 case STATE_REQ_SENT: 3113 chap.tld(sp); 3114 sppp_cp_change_state(&chap, sp, STATE_CLOSED); 3115 break; 3116 } 3117 else 3118 /* TO+ (or TO*) event */ 3119 switch (sp->state[IDX_CHAP]) { 3120 case STATE_OPENED: 3121 /* TO* event */ 3122 sp->rst_counter[IDX_CHAP] = sp->lcp.max_configure; 3123 /* fall through */ 3124 case STATE_REQ_SENT: 3125 chap.scr(sp); 3126 /* sppp_cp_change_state() will restart the timer */ 3127 sppp_cp_change_state(&chap, sp, STATE_REQ_SENT); 3128 break; 3129 } 3130 3131 splx(s); 3132} 3133 3134static void 3135sppp_chap_tlu(struct sppp *sp) 3136{ 3137 STDDCL; 3138 int i, x; 3139 3140 sp->rst_counter[IDX_CHAP] = sp->lcp.max_configure; 3141 3142 /* 3143 * Some broken CHAP implementations (Conware CoNet, firmware 3144 * 4.0.?) don't want to re-authenticate their CHAP once the 3145 * initial challenge-response exchange has taken place. 3146 * Provide for an option to avoid rechallenges. 3147 */ 3148 if ((sp->hisauth.flags & AUTHFLAG_NORECHALLENGE) == 0) { 3149 /* 3150 * Compute the re-challenge timeout. This will yield 3151 * a number between 300 and 810 seconds. 3152 */ 3153 i = 300 + ((unsigned)(random() & 0xff00) >> 7); 3154 3155 sp->ch[IDX_CHAP] = timeout(chap.TO, (void *)sp, i * hz); 3156 } 3157 3158 if (debug) { 3159 log(LOG_DEBUG, 3160 "%s%d: chap %s, ", 3161 ifp->if_name, ifp->if_unit, 3162 sp->pp_phase == PHASE_NETWORK? "reconfirmed": "tlu"); 3163 if ((sp->hisauth.flags & AUTHFLAG_NORECHALLENGE) == 0) 3164 addlog("next re-challenge in %d seconds\n", i); 3165 else 3166 addlog("re-challenging supressed\n"); 3167 } 3168 3169 x = splimp(); 3170 /* indicate to LCP that we need to be closed down */ 3171 sp->lcp.protos |= (1 << IDX_CHAP); 3172 3173 if (sp->pp_flags & PP_NEEDAUTH) { 3174 /* 3175 * Remote is authenticator, but his auth proto didn't 3176 * complete yet. Defer the transition to network 3177 * phase. 3178 */ 3179 splx(x); 3180 return; 3181 } 3182 splx(x); 3183 3184 /* 3185 * If we are already in phase network, we are done here. This 3186 * is the case if this is a dummy tlu event after a re-challenge. 3187 */ 3188 if (sp->pp_phase != PHASE_NETWORK) 3189 sppp_phase_network(sp); 3190} 3191 3192static void 3193sppp_chap_tld(struct sppp *sp) 3194{ 3195 STDDCL; 3196 3197 if (debug) 3198 log(LOG_DEBUG, "%s%d: chap tld\n", ifp->if_name, ifp->if_unit); 3199 untimeout(chap.TO, (void *)sp, sp->ch[IDX_CHAP]); 3200 sp->lcp.protos &= ~(1 << IDX_CHAP); 3201 3202 lcp.Close(sp); 3203} 3204 3205static void 3206sppp_chap_scr(struct sppp *sp) 3207{ 3208 struct timeval tv; 3209 u_long *ch, seed; 3210 u_char clen; 3211 3212 /* Compute random challenge. */ 3213 ch = (u_long *)sp->myauth.challenge; 3214 microtime(&tv); 3215 seed = tv.tv_sec ^ tv.tv_usec; 3216 ch[0] = seed ^ random(); 3217 ch[1] = seed ^ random(); 3218 ch[2] = seed ^ random(); 3219 ch[3] = seed ^ random(); 3220 clen = AUTHKEYLEN; 3221 3222 sp->confid[IDX_CHAP] = ++sp->pp_seq; 3223 3224 sppp_auth_send(&chap, sp, CHAP_CHALLENGE, sp->confid[IDX_CHAP], 3225 sizeof clen, (const char *)&clen, 3226 AUTHKEYLEN, sp->myauth.challenge, 3227 sppp_strnlen(sp->myauth.name, AUTHNAMELEN), 3228 sp->myauth.name, 3229 0); 3230} 3231/* 3232 *--------------------------------------------------------------------------* 3233 * * 3234 * The PAP implementation. * 3235 * * 3236 *--------------------------------------------------------------------------* 3237 */ 3238/* 3239 * For PAP, we need to keep a little state also if we are the peer, not the 3240 * authenticator. This is since we don't get a request to authenticate, but 3241 * have to repeatedly authenticate ourself until we got a response (or the 3242 * retry counter is expired). 3243 */ 3244 3245/* 3246 * Handle incoming PAP packets. */ 3247static void 3248sppp_pap_input(struct sppp *sp, struct mbuf *m) 3249{ 3250 STDDCL; 3251 struct lcp_header *h; 3252 int len, x; 3253 u_char *name, *passwd, mlen; 3254 int name_len, passwd_len; 3255 3256 len = m->m_pkthdr.len; 3257 if (len < 5) { 3258 if (debug) 3259 log(LOG_DEBUG, 3260 "%s%d: pap invalid packet length: %d bytes\n", 3261 ifp->if_name, ifp->if_unit, len); 3262 return; 3263 } 3264 h = mtod (m, struct lcp_header*); 3265 if (len > ntohs (h->len)) 3266 len = ntohs (h->len); 3267 switch (h->type) { 3268 /* PAP request is my authproto */ 3269 case PAP_REQ: 3270 name = 1 + (u_char*)(h+1); 3271 name_len = name[-1]; 3272 passwd = name + name_len + 1; 3273 if (name_len > len - 6 || 3274 (passwd_len = passwd[-1]) > len - 6 - name_len) { 3275 if (debug) { 3276 log(LOG_DEBUG, "%s%d: pap corrupted input " 3277 "<%s id=0x%x len=%d", 3278 ifp->if_name, ifp->if_unit, 3279 sppp_auth_type_name(PPP_PAP, h->type), 3280 h->ident, ntohs(h->len)); 3281 if (len > 4) 3282 sppp_print_bytes((u_char*)(h+1), len-4); 3283 addlog(">\n"); 3284 } 3285 break; 3286 } 3287 if (debug) { 3288 log(LOG_DEBUG, "%s%d: pap input(%s) " 3289 "<%s id=0x%x len=%d name=", 3290 ifp->if_name, ifp->if_unit, 3291 sppp_state_name(sp->state[IDX_PAP]), 3292 sppp_auth_type_name(PPP_PAP, h->type), 3293 h->ident, ntohs(h->len)); 3294 sppp_print_string((char*)name, name_len); 3295 addlog(" passwd="); 3296 sppp_print_string((char*)passwd, passwd_len); 3297 addlog(">\n"); 3298 } 3299 if (name_len > AUTHNAMELEN || 3300 passwd_len > AUTHKEYLEN || 3301 bcmp(name, sp->hisauth.name, name_len) != 0 || 3302 bcmp(passwd, sp->hisauth.secret, passwd_len) != 0) { 3303 /* action scn, tld */ 3304 mlen = sizeof(FAILMSG) - 1; 3305 sppp_auth_send(&pap, sp, PAP_NAK, h->ident, 3306 sizeof mlen, (const char *)&mlen, 3307 sizeof(FAILMSG) - 1, (u_char *)FAILMSG, 3308 0); 3309 pap.tld(sp); 3310 break; 3311 } 3312 /* action sca, perhaps tlu */ 3313 if (sp->state[IDX_PAP] == STATE_REQ_SENT || 3314 sp->state[IDX_PAP] == STATE_OPENED) { 3315 mlen = sizeof(SUCCMSG) - 1; 3316 sppp_auth_send(&pap, sp, PAP_ACK, h->ident, 3317 sizeof mlen, (const char *)&mlen, 3318 sizeof(SUCCMSG) - 1, (u_char *)SUCCMSG, 3319 0); 3320 } 3321 if (sp->state[IDX_PAP] == STATE_REQ_SENT) { 3322 sppp_cp_change_state(&pap, sp, STATE_OPENED); 3323 pap.tlu(sp); 3324 } 3325 break; 3326 3327 /* ack and nak are his authproto */ 3328 case PAP_ACK: 3329 untimeout(sppp_pap_my_TO, (void *)sp, sp->pap_my_to_ch); 3330 if (debug) { 3331 log(LOG_DEBUG, "%s%d: pap success", 3332 ifp->if_name, ifp->if_unit); 3333 name_len = *((char *)h); 3334 if (len > 5 && name_len) { 3335 addlog(": "); 3336 sppp_print_string((char*)(h+1), name_len); 3337 } 3338 addlog("\n"); 3339 } 3340 x = splimp(); 3341 sp->pp_flags &= ~PP_NEEDAUTH; 3342 if (sp->myauth.proto == PPP_PAP && 3343 (sp->lcp.protos & (1 << IDX_PAP)) == 0) { 3344 /* 3345 * We are authenticator for PAP but didn't 3346 * complete yet. Leave it to tlu to proceed 3347 * to network phase. 3348 */ 3349 splx(x); 3350 break; 3351 } 3352 splx(x); 3353 sppp_phase_network(sp); 3354 break; 3355 3356 case PAP_NAK: 3357 untimeout(sppp_pap_my_TO, (void *)sp, sp->pap_my_to_ch); 3358 if (debug) { 3359 log(LOG_INFO, "%s%d: pap failure", 3360 ifp->if_name, ifp->if_unit); 3361 name_len = *((char *)h); 3362 if (len > 5 && name_len) { 3363 addlog(": "); 3364 sppp_print_string((char*)(h+1), name_len); 3365 } 3366 addlog("\n"); 3367 } else 3368 log(LOG_INFO, "%s%d: pap failure\n", 3369 ifp->if_name, ifp->if_unit); 3370 /* await LCP shutdown by authenticator */ 3371 break; 3372 3373 default: 3374 /* Unknown PAP packet type -- ignore. */ 3375 if (debug) { 3376 log(LOG_DEBUG, "%s%d: pap corrupted input " 3377 "<0x%x id=0x%x len=%d", 3378 ifp->if_name, ifp->if_unit, 3379 h->type, h->ident, ntohs(h->len)); 3380 if (len > 4) 3381 sppp_print_bytes((u_char*)(h+1), len-4); 3382 addlog(">\n"); 3383 } 3384 break; 3385 3386 } 3387} 3388 3389static void 3390sppp_pap_init(struct sppp *sp) 3391{ 3392 /* PAP doesn't have STATE_INITIAL at all. */ 3393 sp->state[IDX_PAP] = STATE_CLOSED; 3394 sp->fail_counter[IDX_PAP] = 0; 3395 callout_handle_init(&sp->ch[IDX_PAP]); 3396 callout_handle_init(&sp->pap_my_to_ch); 3397} 3398 3399static void 3400sppp_pap_open(struct sppp *sp) 3401{ 3402 if (sp->hisauth.proto == PPP_PAP && 3403 (sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) != 0) { 3404 /* we are authenticator for PAP, start our timer */ 3405 sp->rst_counter[IDX_PAP] = sp->lcp.max_configure; 3406 sppp_cp_change_state(&pap, sp, STATE_REQ_SENT); 3407 } 3408 if (sp->myauth.proto == PPP_PAP) { 3409 /* we are peer, send a request, and start a timer */ 3410 pap.scr(sp); 3411 sp->pap_my_to_ch = timeout(sppp_pap_my_TO, (void *)sp, 3412 sp->lcp.timeout); 3413 } 3414} 3415 3416static void 3417sppp_pap_close(struct sppp *sp) 3418{ 3419 if (sp->state[IDX_PAP] != STATE_CLOSED) 3420 sppp_cp_change_state(&pap, sp, STATE_CLOSED); 3421} 3422 3423/* 3424 * That's the timeout routine if we are authenticator. Since the 3425 * authenticator is basically passive in PAP, we can't do much here. 3426 */ 3427static void 3428sppp_pap_TO(void *cookie) 3429{ 3430 struct sppp *sp = (struct sppp *)cookie; 3431 STDDCL; 3432 int s; 3433 3434 s = splimp(); 3435 if (debug) 3436 log(LOG_DEBUG, "%s%d: pap TO(%s) rst_counter = %d\n", 3437 ifp->if_name, ifp->if_unit, 3438 sppp_state_name(sp->state[IDX_PAP]), 3439 sp->rst_counter[IDX_PAP]); 3440 3441 if (--sp->rst_counter[IDX_PAP] < 0) 3442 /* TO- event */ 3443 switch (sp->state[IDX_PAP]) { 3444 case STATE_REQ_SENT: 3445 pap.tld(sp); 3446 sppp_cp_change_state(&pap, sp, STATE_CLOSED); 3447 break; 3448 } 3449 else 3450 /* TO+ event, not very much we could do */ 3451 switch (sp->state[IDX_PAP]) { 3452 case STATE_REQ_SENT: 3453 /* sppp_cp_change_state() will restart the timer */ 3454 sppp_cp_change_state(&pap, sp, STATE_REQ_SENT); 3455 break; 3456 } 3457 3458 splx(s); 3459} 3460 3461/* 3462 * That's the timeout handler if we are peer. Since the peer is active, 3463 * we need to retransmit our PAP request since it is apparently lost. 3464 * XXX We should impose a max counter. 3465 */ 3466static void 3467sppp_pap_my_TO(void *cookie) 3468{ 3469 struct sppp *sp = (struct sppp *)cookie; 3470 STDDCL; 3471 3472 if (debug) 3473 log(LOG_DEBUG, "%s%d: pap peer TO\n", 3474 ifp->if_name, ifp->if_unit); 3475 3476 pap.scr(sp); 3477} 3478 3479static void 3480sppp_pap_tlu(struct sppp *sp) 3481{ 3482 STDDCL; 3483 int x; 3484 3485 sp->rst_counter[IDX_PAP] = sp->lcp.max_configure; 3486 3487 if (debug) 3488 log(LOG_DEBUG, "%s%d: %s tlu\n", 3489 ifp->if_name, ifp->if_unit, pap.name); 3490 3491 x = splimp(); 3492 /* indicate to LCP that we need to be closed down */ 3493 sp->lcp.protos |= (1 << IDX_PAP); 3494 3495 if (sp->pp_flags & PP_NEEDAUTH) { 3496 /* 3497 * Remote is authenticator, but his auth proto didn't 3498 * complete yet. Defer the transition to network 3499 * phase. 3500 */ 3501 splx(x); 3502 return; 3503 } 3504 splx(x); 3505 sppp_phase_network(sp); 3506} 3507 3508static void 3509sppp_pap_tld(struct sppp *sp) 3510{ 3511 STDDCL; 3512 3513 if (debug) 3514 log(LOG_DEBUG, "%s%d: pap tld\n", ifp->if_name, ifp->if_unit); 3515 untimeout(pap.TO, (void *)sp, sp->ch[IDX_PAP]); 3516 untimeout(sppp_pap_my_TO, (void *)sp, sp->pap_my_to_ch); 3517 sp->lcp.protos &= ~(1 << IDX_PAP); 3518 3519 lcp.Close(sp); 3520} 3521 3522static void 3523sppp_pap_scr(struct sppp *sp) 3524{ 3525 STDDCL; 3526 u_char idlen, pwdlen; 3527 3528 sp->confid[IDX_PAP] = ++sp->pp_seq; 3529 pwdlen = sppp_strnlen(sp->myauth.secret, AUTHKEYLEN); 3530 idlen = sppp_strnlen(sp->myauth.name, AUTHNAMELEN); 3531 3532 sppp_auth_send(&pap, sp, PAP_REQ, sp->confid[IDX_PAP], 3533 sizeof idlen, (const char *)&idlen, 3534 (unsigned)idlen, sp->myauth.name, 3535 sizeof pwdlen, (const char *)&pwdlen, 3536 (unsigned)pwdlen, sp->myauth.secret, 3537 0); 3538} 3539/* |
|
2516 * Random miscellaneous functions. 2517 */ 2518 2519/* | 3540 * Random miscellaneous functions. 3541 */ 3542 3543/* |
3544 * Send a PAP or CHAP proto packet. 3545 * 3546 * Varadic function, each of the elements for the ellipsis is of type 3547 * ``unsigned mlen, const u_char *msg''. Processing will stop iff 3548 * mlen == 0. 3549 */ 3550 3551static void 3552sppp_auth_send(const struct cp *cp, struct sppp *sp, u_char type, u_char id, 3553 ...) 3554{ 3555 STDDCL; 3556 struct ppp_header *h; 3557 struct lcp_header *lh; 3558 struct mbuf *m; 3559 u_char *p; 3560 int len; 3561 unsigned mlen; 3562 const char *msg; 3563 va_list ap; 3564 3565 MGETHDR (m, M_DONTWAIT, MT_DATA); 3566 if (! m) 3567 return; 3568 m->m_pkthdr.rcvif = 0; 3569 3570 h = mtod (m, struct ppp_header*); 3571 h->address = PPP_ALLSTATIONS; /* broadcast address */ 3572 h->control = PPP_UI; /* Unnumbered Info */ 3573 h->protocol = htons(cp->proto); 3574 3575 lh = (struct lcp_header*)(h + 1); 3576 lh->type = type; 3577 lh->ident = id; 3578 p = (u_char*) (lh+1); 3579 3580 va_start(ap, id); 3581 len = 0; 3582 3583 while ((mlen = va_arg(ap, unsigned)) != 0) { 3584 msg = va_arg(ap, const char *); 3585 len += mlen; 3586 if (len > MHLEN - PPP_HEADER_LEN - LCP_HEADER_LEN) { 3587 va_end(ap); 3588 m_freem(m); 3589 return; 3590 } 3591 3592 bcopy(msg, p, mlen); 3593 p += mlen; 3594 } 3595 va_end(ap); 3596 3597 m->m_pkthdr.len = m->m_len = PPP_HEADER_LEN + LCP_HEADER_LEN + len; 3598 lh->len = htons (LCP_HEADER_LEN + len); 3599 3600 if (debug) { 3601 log(LOG_DEBUG, "%s%d: %s output <%s id=0x%x len=%d", 3602 ifp->if_name, ifp->if_unit, cp->name, 3603 sppp_auth_type_name(cp->proto, lh->type), 3604 lh->ident, ntohs(lh->len)); 3605 if (len) 3606 sppp_print_bytes((u_char*) (lh+1), len); 3607 addlog(">\n"); 3608 } 3609 if (IF_QFULL (&sp->pp_cpq)) { 3610 IF_DROP (&sp->pp_fastq); 3611 IF_DROP (&ifp->if_snd); 3612 m_freem (m); 3613 ++ifp->if_oerrors; 3614 } else 3615 IF_ENQUEUE (&sp->pp_cpq, m); 3616 if (! (ifp->if_flags & IFF_OACTIVE)) 3617 (*ifp->if_start) (ifp); 3618 ifp->if_obytes += m->m_pkthdr.len + 3; 3619} 3620 3621/* |
|
2520 * Flush interface queue. 2521 */ 2522static void 2523sppp_qflush(struct ifqueue *ifq) 2524{ 2525 struct mbuf *m, *n; 2526 2527 n = ifq->ifq_head; --- 57 unchanged lines hidden (view full) --- 2585 splx(s); 2586 keepalive_ch = timeout(sppp_keepalive, 0, hz * 10); 2587} 2588 2589/* 2590 * Get both IP addresses. 2591 */ 2592static void | 3622 * Flush interface queue. 3623 */ 3624static void 3625sppp_qflush(struct ifqueue *ifq) 3626{ 3627 struct mbuf *m, *n; 3628 3629 n = ifq->ifq_head; --- 57 unchanged lines hidden (view full) --- 3687 splx(s); 3688 keepalive_ch = timeout(sppp_keepalive, 0, hz * 10); 3689} 3690 3691/* 3692 * Get both IP addresses. 3693 */ 3694static void |
2593sppp_get_ip_addrs(struct sppp *sp, u_long *src, u_long *dst) | 3695sppp_get_ip_addrs(struct sppp *sp, u_long *src, u_long *dst, u_long *srcmask) |
2594{ 2595 struct ifnet *ifp = &sp->pp_if; 2596 struct ifaddr *ifa; | 3696{ 3697 struct ifnet *ifp = &sp->pp_if; 3698 struct ifaddr *ifa; |
2597 struct sockaddr_in *si; | 3699 struct sockaddr_in *si, *sm; |
2598 u_long ssrc, ddst; 2599 2600 ssrc = ddst = 0L; 2601 /* 2602 * Pick the first AF_INET address from the list, 2603 * aliases don't make any sense on a p2p link anyway. 2604 */ 2605 for (ifa = ifp->if_addrhead.tqh_first, si = 0; | 3700 u_long ssrc, ddst; 3701 3702 ssrc = ddst = 0L; 3703 /* 3704 * Pick the first AF_INET address from the list, 3705 * aliases don't make any sense on a p2p link anyway. 3706 */ 3707 for (ifa = ifp->if_addrhead.tqh_first, si = 0; |
2606 ifa; | 3708 ifa; |
2607 ifa = ifa->ifa_link.tqe_next) 2608 if (ifa->ifa_addr->sa_family == AF_INET) { 2609 si = (struct sockaddr_in *)ifa->ifa_addr; | 3709 ifa = ifa->ifa_link.tqe_next) 3710 if (ifa->ifa_addr->sa_family == AF_INET) { 3711 si = (struct sockaddr_in *)ifa->ifa_addr; |
3712 sm = (struct sockaddr_in *)ifa->ifa_netmask; |
|
2610 if (si) 2611 break; 2612 } 2613 if (ifa) { | 3713 if (si) 3714 break; 3715 } 3716 if (ifa) { |
2614 if (si && si->sin_addr.s_addr) | 3717 if (si && si->sin_addr.s_addr) { |
2615 ssrc = si->sin_addr.s_addr; | 3718 ssrc = si->sin_addr.s_addr; |
3719 if (srcmask) 3720 *srcmask = ntohl(sm->sin_addr.s_addr); 3721 } |
|
2616 2617 si = (struct sockaddr_in *)ifa->ifa_dstaddr; 2618 if (si && si->sin_addr.s_addr) 2619 ddst = si->sin_addr.s_addr; 2620 } 2621 2622 if (dst) *dst = ntohl(ddst); 2623 if (src) *src = ntohl(ssrc); --- 10 unchanged lines hidden (view full) --- 2634 struct sockaddr_in *si; 2635 u_long ssrc, ddst; 2636 2637 /* 2638 * Pick the first AF_INET address from the list, 2639 * aliases don't make any sense on a p2p link anyway. 2640 */ 2641 for (ifa = ifp->if_addrhead.tqh_first, si = 0; | 3722 3723 si = (struct sockaddr_in *)ifa->ifa_dstaddr; 3724 if (si && si->sin_addr.s_addr) 3725 ddst = si->sin_addr.s_addr; 3726 } 3727 3728 if (dst) *dst = ntohl(ddst); 3729 if (src) *src = ntohl(ssrc); --- 10 unchanged lines hidden (view full) --- 3740 struct sockaddr_in *si; 3741 u_long ssrc, ddst; 3742 3743 /* 3744 * Pick the first AF_INET address from the list, 3745 * aliases don't make any sense on a p2p link anyway. 3746 */ 3747 for (ifa = ifp->if_addrhead.tqh_first, si = 0; |
2642 ifa; | 3748 ifa; |
2643 ifa = ifa->ifa_link.tqe_next) 2644 if (ifa->ifa_addr->sa_family == AF_INET) { 2645 si = (struct sockaddr_in *)ifa->ifa_addr; 2646 if (si) 2647 break; 2648 } 2649 if (ifa && si) 2650 si->sin_addr.s_addr = htonl(src); 2651} 2652 | 3749 ifa = ifa->ifa_link.tqe_next) 3750 if (ifa->ifa_addr->sa_family == AF_INET) { 3751 si = (struct sockaddr_in *)ifa->ifa_addr; 3752 if (si) 3753 break; 3754 } 3755 if (ifa && si) 3756 si->sin_addr.s_addr = htonl(src); 3757} 3758 |
3759static int 3760sppp_params(struct sppp *sp, int cmd, void *data) 3761{ 3762 int subcmd; 3763 struct ifreq *ifr = (struct ifreq *)data; 3764 struct spppreq spr; 3765 3766 /* 3767 * ifr->ifr_data is supposed to point to a struct spppreq. 3768 * Check the cmd word first before attempting to fetch all the 3769 * data. 3770 */ 3771 if ((subcmd = fuword(ifr->ifr_data)) == -1) 3772 return EFAULT; 3773 3774 if (copyin((caddr_t)ifr->ifr_data, &spr, sizeof spr) != 0) 3775 return EFAULT; 3776 3777 switch (subcmd) { 3778 case SPPPIOGDEFS: 3779 if (cmd != SIOCGIFGENERIC) 3780 return EINVAL; 3781 /* 3782 * We copy over the entire current state, but clean 3783 * out some of the stuff we don't wanna pass up. 3784 * Remember, SIOCGIFGENERIC is unprotected, and can be 3785 * called by any user. No need to ever get PAP or 3786 * CHAP secrets back to userland anyway. 3787 */ 3788 bcopy(sp, &spr.defs, sizeof(struct sppp)); 3789 bzero(spr.defs.myauth.secret, AUTHKEYLEN); 3790 bzero(spr.defs.myauth.challenge, AUTHKEYLEN); 3791 bzero(spr.defs.hisauth.secret, AUTHKEYLEN); 3792 bzero(spr.defs.hisauth.challenge, AUTHKEYLEN); 3793 return copyout(&spr, (caddr_t)ifr->ifr_data, sizeof spr); 3794 3795 case SPPPIOSDEFS: 3796 if (cmd != SIOCSIFGENERIC) 3797 return EINVAL; 3798 /* 3799 * We have a very specific idea of which fields we allow 3800 * being passed back from userland, so to not clobber our 3801 * current state. For one, we only allow setting 3802 * anything if LCP is in dead phase. Once the LCP 3803 * negotiations started, the authentication settings must 3804 * not be changed again. (The administrator can force an 3805 * ifconfig down in order to get LCP back into dead 3806 * phase.) 3807 * 3808 * Also, we only allow for authentication parameters to be 3809 * specified. 3810 * 3811 * XXX Should allow to set or clear pp_flags. 3812 * 3813 * Finally, if the respective authentication protocol to 3814 * be used is set differently than 0, but the secret is 3815 * passed as all zeros, we don't trash the existing secret. 3816 * This allows an administrator to change the system name 3817 * only without clobbering the secret (which he didn't get 3818 * back in a previous SPPPIOGDEFS call). However, the 3819 * secrets are cleared if the authentication protocol is 3820 * reset to 0. 3821 */ 3822 if (sp->pp_phase != PHASE_DEAD) 3823 return EBUSY; 3824 3825 if ((spr.defs.myauth.proto != 0 && spr.defs.myauth.proto != PPP_PAP && 3826 spr.defs.myauth.proto != PPP_CHAP) || 3827 (spr.defs.hisauth.proto != 0 && spr.defs.hisauth.proto != PPP_PAP && 3828 spr.defs.hisauth.proto != PPP_CHAP)) 3829 return EINVAL; 3830 3831 if (spr.defs.myauth.proto == 0) 3832 /* resetting myauth */ 3833 bzero(&sp->myauth, sizeof sp->myauth); 3834 else { 3835 /* setting/changing myauth */ 3836 sp->myauth.proto = spr.defs.myauth.proto; 3837 bcopy(spr.defs.myauth.name, sp->myauth.name, AUTHNAMELEN); 3838 if (spr.defs.myauth.secret[0] != '\0') 3839 bcopy(spr.defs.myauth.secret, sp->myauth.secret, 3840 AUTHKEYLEN); 3841 } 3842 if (spr.defs.hisauth.proto == 0) 3843 /* resetting hisauth */ 3844 bzero(&sp->hisauth, sizeof sp->hisauth); 3845 else { 3846 /* setting/changing hisauth */ 3847 sp->hisauth.proto = spr.defs.hisauth.proto; 3848 sp->hisauth.flags = spr.defs.hisauth.flags; 3849 bcopy(spr.defs.hisauth.name, sp->hisauth.name, AUTHNAMELEN); 3850 if (spr.defs.hisauth.secret[0] != '\0') 3851 bcopy(spr.defs.hisauth.secret, sp->hisauth.secret, 3852 AUTHKEYLEN); 3853 } 3854 break; 3855 3856 default: 3857 return EINVAL; 3858 } 3859 3860 return 0; 3861} 3862 3863static void 3864sppp_phase_network(struct sppp *sp) 3865{ 3866 struct ifnet *ifp = &sp->pp_if; 3867 int i; 3868 u_long mask; 3869 3870 sp->pp_phase = PHASE_NETWORK; 3871 3872 log(LOG_INFO, "%s%d: phase %s\n", ifp->if_name, ifp->if_unit, 3873 sppp_phase_name(sp->pp_phase)); 3874 3875 /* Notify NCPs now. */ 3876 for (i = 0; i < IDX_COUNT; i++) 3877 if ((cps[i])->flags & CP_NCP) 3878 (cps[i])->Open(sp); 3879 3880 /* Send Up events to all NCPs. */ 3881 for (i = 0, mask = 1; i < IDX_COUNT; i++, mask <<= 1) 3882 if (sp->lcp.protos & mask && ((cps[i])->flags & CP_NCP)) 3883 (cps[i])->Up(sp); 3884 3885 /* if no NCP is starting, all this was in vain, close down */ 3886 sppp_lcp_check_and_close(sp); 3887} 3888 3889 |
|
2653static const char * 2654sppp_cp_type_name(u_char type) 2655{ | 3890static const char * 3891sppp_cp_type_name(u_char type) 3892{ |
2656 static char buf [12]; | 3893 static char buf[12]; |
2657 switch (type) { | 3894 switch (type) { |
2658 case CONF_REQ: return ("conf-req"); 2659 case CONF_ACK: return ("conf-ack"); 2660 case CONF_NAK: return ("conf-nak"); 2661 case CONF_REJ: return ("conf-rej"); 2662 case TERM_REQ: return ("term-req"); 2663 case TERM_ACK: return ("term-ack"); 2664 case CODE_REJ: return ("code-rej"); 2665 case PROTO_REJ: return ("proto-rej"); 2666 case ECHO_REQ: return ("echo-req"); 2667 case ECHO_REPLY: return ("echo-reply"); 2668 case DISC_REQ: return ("discard-req"); | 3895 case CONF_REQ: return "conf-req"; 3896 case CONF_ACK: return "conf-ack"; 3897 case CONF_NAK: return "conf-nak"; 3898 case CONF_REJ: return "conf-rej"; 3899 case TERM_REQ: return "term-req"; 3900 case TERM_ACK: return "term-ack"; 3901 case CODE_REJ: return "code-rej"; 3902 case PROTO_REJ: return "proto-rej"; 3903 case ECHO_REQ: return "echo-req"; 3904 case ECHO_REPLY: return "echo-reply"; 3905 case DISC_REQ: return "discard-req"; |
2669 } 2670 sprintf (buf, "0x%x", type); | 3906 } 3907 sprintf (buf, "0x%x", type); |
2671 return (buf); | 3908 return buf; |
2672} 2673 2674static const char * | 3909} 3910 3911static const char * |
3912sppp_auth_type_name(u_short proto, u_char type) 3913{ 3914 static char buf[12]; 3915 switch (proto) { 3916 case PPP_CHAP: 3917 switch (type) { 3918 case CHAP_CHALLENGE: return "challenge"; 3919 case CHAP_RESPONSE: return "response"; 3920 case CHAP_SUCCESS: return "success"; 3921 case CHAP_FAILURE: return "failure"; 3922 } 3923 case PPP_PAP: 3924 switch (type) { 3925 case PAP_REQ: return "req"; 3926 case PAP_ACK: return "ack"; 3927 case PAP_NAK: return "nak"; 3928 } 3929 } 3930 sprintf (buf, "0x%x", type); 3931 return buf; 3932} 3933 3934static const char * |
|
2675sppp_lcp_opt_name(u_char opt) 2676{ | 3935sppp_lcp_opt_name(u_char opt) 3936{ |
2677 static char buf [12]; | 3937 static char buf[12]; |
2678 switch (opt) { | 3938 switch (opt) { |
2679 case LCP_OPT_MRU: return ("mru"); 2680 case LCP_OPT_ASYNC_MAP: return ("async-map"); 2681 case LCP_OPT_AUTH_PROTO: return ("auth-proto"); 2682 case LCP_OPT_QUAL_PROTO: return ("qual-proto"); 2683 case LCP_OPT_MAGIC: return ("magic"); 2684 case LCP_OPT_PROTO_COMP: return ("proto-comp"); 2685 case LCP_OPT_ADDR_COMP: return ("addr-comp"); | 3939 case LCP_OPT_MRU: return "mru"; 3940 case LCP_OPT_ASYNC_MAP: return "async-map"; 3941 case LCP_OPT_AUTH_PROTO: return "auth-proto"; 3942 case LCP_OPT_QUAL_PROTO: return "qual-proto"; 3943 case LCP_OPT_MAGIC: return "magic"; 3944 case LCP_OPT_PROTO_COMP: return "proto-comp"; 3945 case LCP_OPT_ADDR_COMP: return "addr-comp"; |
2686 } 2687 sprintf (buf, "0x%x", opt); | 3946 } 3947 sprintf (buf, "0x%x", opt); |
2688 return (buf); | 3948 return buf; |
2689} 2690 2691static const char * 2692sppp_ipcp_opt_name(u_char opt) 2693{ | 3949} 3950 3951static const char * 3952sppp_ipcp_opt_name(u_char opt) 3953{ |
2694 static char buf [12]; | 3954 static char buf[12]; |
2695 switch (opt) { | 3955 switch (opt) { |
2696 case IPCP_OPT_ADDRESSES: return ("addresses"); 2697 case IPCP_OPT_COMPRESSION: return ("compression"); 2698 case IPCP_OPT_ADDRESS: return ("address"); | 3956 case IPCP_OPT_ADDRESSES: return "addresses"; 3957 case IPCP_OPT_COMPRESSION: return "compression"; 3958 case IPCP_OPT_ADDRESS: return "address"; |
2699 } 2700 sprintf (buf, "0x%x", opt); | 3959 } 3960 sprintf (buf, "0x%x", opt); |
2701 return (buf); | 3961 return buf; |
2702} 2703 2704static const char * 2705sppp_state_name(int state) 2706{ 2707 switch (state) { 2708 case STATE_INITIAL: return "initial"; 2709 case STATE_STARTING: return "starting"; --- 24 unchanged lines hidden (view full) --- 2734 2735static const char * 2736sppp_proto_name(u_short proto) 2737{ 2738 static char buf[12]; 2739 switch (proto) { 2740 case PPP_LCP: return "lcp"; 2741 case PPP_IPCP: return "ipcp"; | 3962} 3963 3964static const char * 3965sppp_state_name(int state) 3966{ 3967 switch (state) { 3968 case STATE_INITIAL: return "initial"; 3969 case STATE_STARTING: return "starting"; --- 24 unchanged lines hidden (view full) --- 3994 3995static const char * 3996sppp_proto_name(u_short proto) 3997{ 3998 static char buf[12]; 3999 switch (proto) { 4000 case PPP_LCP: return "lcp"; 4001 case PPP_IPCP: return "ipcp"; |
4002 case PPP_PAP: return "pap"; 4003 case PPP_CHAP: return "chap"; |
|
2742 } 2743 sprintf(buf, "0x%x", (unsigned)proto); 2744 return buf; 2745} 2746 2747static void | 4004 } 4005 sprintf(buf, "0x%x", (unsigned)proto); 4006 return buf; 4007} 4008 4009static void |
2748sppp_print_bytes(u_char *p, u_short len) | 4010sppp_print_bytes(const u_char *p, u_short len) |
2749{ 2750 addlog(" %x", *p++); 2751 while (--len > 0) 2752 addlog("-%x", *p++); 2753} 2754 | 4011{ 4012 addlog(" %x", *p++); 4013 while (--len > 0) 4014 addlog("-%x", *p++); 4015} 4016 |
4017static void 4018sppp_print_string(const char *p, u_short len) 4019{ 4020 u_char c; 4021 4022 while (len-- > 0) { 4023 c = *p++; 4024 /* 4025 * Print only ASCII chars directly. RFC 1994 recommends 4026 * using only them, but we don't rely on it. */ 4027 if (c < ' ' || c > '~') 4028 addlog("\\x%x", c); 4029 else 4030 addlog("%c", c); 4031 } 4032} 4033 4034static const char * 4035sppp_dotted_quad(u_long addr) 4036{ 4037 static char s[16]; 4038 sprintf(s, "%d.%d.%d.%d", 4039 (addr >> 24) & 0xff, 4040 (addr >> 16) & 0xff, 4041 (addr >> 8) & 0xff, 4042 addr & 0xff); 4043 return s; 4044} 4045 4046static int 4047sppp_strnlen(u_char *p, int max) 4048{ 4049 int len; 4050 4051 for (len = 0; len < max && *p; ++p) 4052 ++len; 4053 return len; 4054} 4055 4056/* a dummy, used to drop uninteresting events */ 4057static void 4058sppp_null(struct sppp *unused) 4059{ 4060 /* do just nothing */ 4061} |
|
2755/* 2756 * This file is large. Tell emacs to highlight it nevertheless. 2757 * 2758 * Local Variables: | 4062/* 4063 * This file is large. Tell emacs to highlight it nevertheless. 4064 * 4065 * Local Variables: |
2759 * hilit-auto-highlight-maxout: 100000 | 4066 * hilit-auto-highlight-maxout: 120000 |
2760 * End: 2761 */ | 4067 * End: 4068 */ |