1/* 2 * Point-to-Point Tunneling Protocol for Linux 3 * 4 * Authors: Kozlov D. (xeb@mail.ru) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 * 11 */ 12 13#include <linux/string.h> 14#include <linux/module.h> 15#include <linux/kernel.h> 16#include <linux/slab.h> 17#include <linux/vmalloc.h> 18#include <linux/errno.h> 19#include <linux/netdevice.h> 20#include <linux/net.h> 21#include <linux/skbuff.h> 22#include <linux/init.h> 23#include <linux/ppp_channel.h> 24#include <linux/ppp_defs.h> 25#include <linux/if_pppox.h> 26#include <linux/if_ppp.h> 27#include <linux/notifier.h> 28#include <linux/file.h> 29#include <linux/in.h> 30#include <linux/ip.h> 31#include <linux/netfilter.h> 32#include <linux/netfilter_ipv4.h> 33#include <linux/version.h> 34 35#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 36#include <asm/bitops.h> 37#endif 38 39#include <net/sock.h> 40#include <net/protocol.h> 41#include <net/ip.h> 42#include <net/icmp.h> 43#include <net/route.h> 44 45#include <asm/uaccess.h> 46 47//#define DEBUG 48//#define CONFIG_NET_IPGRE_DEMUX 49#define HAVE_FIND_NEXT_BIT 50#define HAVE_SKB_CLONE_WRITABLE 51 52#if defined(CONFIG_NET_IPGRE_DEMUX) || defined(CONFIG_NET_IPGRE_DEMUX_MODULE) 53#include <net/gre.h> 54#endif 55 56#ifdef CTF_PPTP 57#include <ctf/hndctf.h> 58#endif 59 60#define PPTP_DRIVER_VERSION "0.8.5" 61 62#ifdef DEBUG 63static int log_level=0; 64static int log_packets=10; 65#endif 66 67#define MAX_CALLID 65535 68#define PPP_LCP_ECHOREQ 0x09 69#define PPP_LCP_ECHOREP 0x0A 70 71#if LINUX_VERSION_CODE <= KERNEL_VERSION(2,4,20) 72#define BITS_TO_LONGS(bits) \ 73 (((bits)+BITS_PER_LONG-1)/BITS_PER_LONG) 74#define DECLARE_BITMAP(name,bits) \ 75 unsigned long name[BITS_TO_LONGS(bits)] 76#define CLEAR_BITMAP(name,bits) \ 77 memset(name, 0, BITS_TO_LONGS(bits)*sizeof(unsigned long)) 78#endif 79 80static DECLARE_BITMAP(callid_bitmap, MAX_CALLID + 1); 81static struct pppox_sock **callid_sock; 82 83#define SC_RCV_BITS (SC_RCV_B7_1|SC_RCV_B7_0|SC_RCV_ODDP|SC_RCV_EVNP) 84 85#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 86#define INIT_TIMER(_timer,_routine,_data) \ 87do { \ 88 (_timer)->function=_routine; \ 89 (_timer)->data=_data; \ 90 init_timer(_timer); \ 91} while (0); 92 93static inline void *kzalloc(size_t size,int gfp) 94{ 95 void *p=kmalloc(size,gfp); 96 memset(p,0,size); 97 return p; 98} 99 100#if LINUX_VERSION_CODE <= KERNEL_VERSION(2,4,20) 101static inline void nf_reset(struct sk_buff *skb) 102{ 103#ifdef CONFIG_NETFILTER 104 nf_conntrack_put(skb->nfct); 105 skb->nfct=NULL; 106#ifdef CONFIG_NETFILTER_DEBUG 107 skb->nf_debug=0; 108#endif 109#endif 110} 111#define __user 112#endif 113#endif 114 115#ifndef HAVE_FIND_NEXT_BIT 116/** 117 * __ffs - find first bit in word. 118 * @word: The word to search 119 * 120 * Undefined if no bit exists, so code should check against 0 first. 121 */ 122static inline unsigned long __ffs(unsigned long word) 123{ 124 int num = 0; 125 126#if BITS_PER_LONG == 64 127 if ((word & 0xffffffff) == 0) { 128 num += 32; 129 word >>= 32; 130 } 131#endif 132 if ((word & 0xffff) == 0) { 133 num += 16; 134 word >>= 16; 135 } 136 if ((word & 0xff) == 0) { 137 num += 8; 138 word >>= 8; 139 } 140 if ((word & 0xf) == 0) { 141 num += 4; 142 word >>= 4; 143 } 144 if ((word & 0x3) == 0) { 145 num += 2; 146 word >>= 2; 147 } 148 if ((word & 0x1) == 0) 149 num += 1; 150 return num; 151} 152 153#define BITOP_WORD(nr) ((nr) / BITS_PER_LONG) 154/* 155 * Find the next set bit in a memory region. 156 */ 157static unsigned long find_next_bit(const unsigned long *addr, unsigned long size, 158 unsigned long offset) 159{ 160 const unsigned long *p = addr + BITOP_WORD(offset); 161 unsigned long result = offset & ~(BITS_PER_LONG-1); 162 unsigned long tmp; 163 164 if (offset >= size) 165 return size; 166 size -= result; 167 offset %= BITS_PER_LONG; 168 if (offset) { 169 tmp = *(p++); 170 tmp &= (~0UL << offset); 171 if (size < BITS_PER_LONG) 172 goto found_first; 173 if (tmp) 174 goto found_middle; 175 size -= BITS_PER_LONG; 176 result += BITS_PER_LONG; 177 } 178 while (size & ~(BITS_PER_LONG-1)) { 179 if ((tmp = *(p++))) 180 goto found_middle; 181 result += BITS_PER_LONG; 182 size -= BITS_PER_LONG; 183 } 184 if (!size) 185 return result; 186 tmp = *p; 187 188found_first: 189 tmp &= (~0UL >> (BITS_PER_LONG - size)); 190 if (tmp == 0UL) /* Are any bits set? */ 191 return result + size; /* Nope. */ 192found_middle: 193 return result + __ffs(tmp); 194} 195#endif 196 197 198#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 199static rwlock_t chan_lock=RW_LOCK_UNLOCKED; 200#define SK_STATE(sk) (sk)->state 201#else 202static DEFINE_SPINLOCK(chan_lock); 203#define SK_STATE(sk) (sk)->sk_state 204#endif 205 206static int pptp_xmit(struct ppp_channel *chan, struct sk_buff *skb); 207static int pptp_ppp_ioctl(struct ppp_channel *chan, unsigned int cmd, 208 unsigned long arg); 209static int pptp_rcv_core(struct sock *sk,struct sk_buff *skb); 210 211static struct ppp_channel_ops pptp_chan_ops= { 212 .start_xmit = pptp_xmit, 213 .ioctl=pptp_ppp_ioctl, 214}; 215 216 217#define MISSING_WINDOW 20 218#define WRAPPED( curseq, lastseq) \ 219 ((((curseq) & 0xffffff00) == 0) && \ 220 (((lastseq) & 0xffffff00 ) == 0xffffff00)) 221 222/* gre header structure: -------------------------------------------- */ 223 224#define PPTP_GRE_PROTO 0x880B 225#define PPTP_GRE_VER 0x1 226 227#define PPTP_GRE_FLAG_C 0x80 228#define PPTP_GRE_FLAG_R 0x40 229#define PPTP_GRE_FLAG_K 0x20 230#define PPTP_GRE_FLAG_S 0x10 231#define PPTP_GRE_FLAG_A 0x80 232 233#define PPTP_GRE_IS_C(f) ((f)&PPTP_GRE_FLAG_C) 234#define PPTP_GRE_IS_R(f) ((f)&PPTP_GRE_FLAG_R) 235#define PPTP_GRE_IS_K(f) ((f)&PPTP_GRE_FLAG_K) 236#define PPTP_GRE_IS_S(f) ((f)&PPTP_GRE_FLAG_S) 237#define PPTP_GRE_IS_A(f) ((f)&PPTP_GRE_FLAG_A) 238 239struct pptp_gre_header { 240 u8 flags; /* bitfield */ 241 u8 ver; /* should be PPTP_GRE_VER (enhanced GRE) */ 242 u16 protocol; /* should be PPTP_GRE_PROTO (ppp-encaps) */ 243 u16 payload_len; /* size of ppp payload, not inc. gre header */ 244 u16 call_id; /* peer's call_id for this session */ 245 u32 seq; /* sequence number. Present if S==1 */ 246 u32 ack; /* seq number of highest packet recieved by */ 247 /* sender in this session */ 248} __attribute__ ((__packed__)); 249#define PPTP_HEADER_OVERHEAD (2+sizeof(struct pptp_gre_header)) 250 251#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 252static struct pppox_sock * lookup_chan(u16 call_id, u32 s_addr) 253#else 254static struct pppox_sock * lookup_chan(u16 call_id, __be32 s_addr) 255#endif 256{ 257 struct pppox_sock *sock; 258 struct pptp_opt *opt; 259 260#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 261 rcu_read_lock(); 262 sock = rcu_dereference(callid_sock[call_id]); 263#else 264 read_lock(&chan_lock); 265 sock = callid_sock[call_id]; 266#endif 267 if (sock) { 268 opt=&sock->proto.pptp; 269 if (opt->dst_addr.sin_addr.s_addr!=s_addr) sock=NULL; 270 else sock_hold(sk_pppox(sock)); 271 } 272#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 273 rcu_read_unlock(); 274#else 275 read_unlock(&chan_lock); 276#endif 277 278 return sock; 279} 280 281#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 282static int lookup_chan_dst(u16 call_id, u32 d_addr) 283#else 284static int lookup_chan_dst(u16 call_id, __be32 d_addr) 285#endif 286{ 287 struct pppox_sock *sock; 288 struct pptp_opt *opt; 289 int i; 290 291#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 292 rcu_read_lock(); 293#else 294 read_lock(&chan_lock); 295#endif 296 for(i = find_next_bit(callid_bitmap,MAX_CALLID,1); i < MAX_CALLID; 297 i = find_next_bit(callid_bitmap, MAX_CALLID, i + 1)){ 298#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 299 sock = rcu_dereference(callid_sock[i]); 300#else 301 sock = callid_sock[i]; 302#endif 303 if (!sock) 304 continue; 305 opt = &sock->proto.pptp; 306 if (opt->dst_addr.call_id == call_id && opt->dst_addr.sin_addr.s_addr == d_addr) break; 307 } 308#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 309 rcu_read_unlock(); 310#else 311 read_unlock(&chan_lock); 312#endif 313 314 return i<MAX_CALLID; 315} 316 317static int add_chan(struct pppox_sock *sock) 318{ 319 static int call_id=0; 320 int res=-1; 321 322#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 323 spin_lock(&chan_lock); 324#else 325 write_lock_bh(&chan_lock); 326#endif 327 328 if (!sock->proto.pptp.src_addr.call_id) 329 { 330 call_id=find_next_zero_bit(callid_bitmap,MAX_CALLID,call_id+1); 331 if (call_id==MAX_CALLID) 332 call_id=find_next_zero_bit(callid_bitmap,MAX_CALLID,1); 333 sock->proto.pptp.src_addr.call_id=call_id; 334 } 335 else if (test_bit(sock->proto.pptp.src_addr.call_id,callid_bitmap)) 336 goto exit; 337 338#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 339 rcu_assign_pointer(callid_sock[sock->proto.pptp.src_addr.call_id],sock); 340#else 341 callid_sock[sock->proto.pptp.src_addr.call_id] = sock; 342#endif 343 set_bit(sock->proto.pptp.src_addr.call_id,callid_bitmap); 344 res=0; 345 346#if defined(CTFPOOL) && defined(CTF_PPTP) && /* disable */ 0 347 osl_ctfpool_direction(1); 348#endif 349 350exit: 351 #if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 352 spin_unlock(&chan_lock); 353 #else 354 write_unlock_bh(&chan_lock); 355 #endif 356 357 return res; 358} 359 360static void del_chan(struct pppox_sock *sock) 361{ 362#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 363 spin_lock(&chan_lock); 364#else 365 write_lock_bh(&chan_lock); 366#endif 367 clear_bit(sock->proto.pptp.src_addr.call_id,callid_bitmap); 368 369#if defined(CTFPOOL) && defined(CTF_PPTP) && /* disable */ 0 370 osl_ctfpool_direction(0); 371#endif 372 373#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 374 rcu_assign_pointer(callid_sock[sock->proto.pptp.src_addr.call_id],NULL); 375 spin_unlock(&chan_lock); 376 synchronize_rcu(); 377#else 378 callid_sock[sock->proto.pptp.src_addr.call_id] = NULL; 379 write_unlock_bh(&chan_lock); 380#endif 381} 382 383static int pptp_xmit(struct ppp_channel *chan, struct sk_buff *skb) 384{ 385 struct sock *sk = (struct sock *) chan->private; 386 struct pppox_sock *po = pppox_sk(sk); 387 struct pptp_opt *opt=&po->proto.pptp; 388 struct pptp_gre_header *hdr; 389 unsigned int header_len=sizeof(*hdr); 390 int err=0; 391 int islcp; 392 int len; 393 unsigned char *data; 394 u32 seq_recv; 395 396 397 struct rtable *rt; /* Route to the other host */ 398 struct net_device *tdev; /* Device to other host */ 399 struct iphdr *iph; /* Our new IP header */ 400 int max_headroom; /* The extra header space needed */ 401 402 if (SK_STATE(sk_pppox(po)) & PPPOX_DEAD) 403 goto tx_error; 404 405#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 406 { 407 struct rt_key key = { 408 .dst=opt->dst_addr.sin_addr.s_addr, 409 .src=opt->src_addr.sin_addr.s_addr, 410 .tos=RT_TOS(0), 411 }; 412 if ((err=ip_route_output_key(&rt, &key))) { 413 goto tx_error; 414 } 415 } 416#else 417 { 418 struct flowi fl = { .oif = 0, 419 .nl_u = { .ip4_u = 420 { .daddr = opt->dst_addr.sin_addr.s_addr, 421 .saddr = opt->src_addr.sin_addr.s_addr, 422 .tos = RT_TOS(0) } }, 423 .proto = IPPROTO_GRE }; 424#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,25) 425 if ((err=ip_route_output_key(&rt, &fl))) { 426#else 427 if ((err=ip_route_output_key(&init_net,&rt, &fl))) { 428#endif 429 goto tx_error; 430 } 431 } 432#endif 433 tdev = rt->dst.dev; 434 435#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 436 max_headroom = ((tdev->hard_header_len+15)&~15) + sizeof(*iph)+sizeof(*hdr)+2; 437#else 438 max_headroom = LL_RESERVED_SPACE(tdev) + sizeof(*iph)+sizeof(*hdr)+2; 439#endif 440 441#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23) && !defined(HAVE_SKB_CLONE_WRITABLE) 442 if (skb_headroom(skb) < max_headroom || skb_cloned(skb) || skb_shared(skb)) { 443#else 444 if (skb_headroom(skb) < max_headroom || skb_shared(skb) || 445 (skb_cloned(skb) && !skb_clone_writable(skb,0))) { 446#endif 447 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom); 448 if (!new_skb) { 449 ip_rt_put(rt); 450 goto tx_error; 451 } 452 if (skb->sk) 453 skb_set_owner_w(new_skb, skb->sk); 454 kfree_skb(skb); 455 skb = new_skb; 456 } 457 458 data=skb->data; 459 islcp=((data[0] << 8) + data[1])== PPP_LCP && 1 <= data[2] && data[2] <= 7; 460 461 /* compress protocol field */ 462 if ((opt->ppp_flags & SC_COMP_PROT) && data[0]==0 && !islcp) 463 skb_pull(skb,1); 464 465 /* 466 * Put in the address/control bytes if necessary 467 */ 468 if ((opt->ppp_flags & SC_COMP_AC) == 0 || islcp) { 469 data=skb_push(skb,2); 470 data[0]=PPP_ALLSTATIONS; 471 data[1]=PPP_UI; 472 } 473 474 len=skb->len; 475 476 seq_recv = opt->seq_recv; 477 478 if (opt->ack_sent == seq_recv) header_len-=sizeof(hdr->ack); 479 480 // Push down and install GRE header 481 skb_push(skb,header_len); 482 hdr=(struct pptp_gre_header *)(skb->data); 483 484 hdr->flags = PPTP_GRE_FLAG_K; 485 hdr->ver = PPTP_GRE_VER; 486 hdr->protocol = htons(PPTP_GRE_PROTO); 487 hdr->call_id = htons(opt->dst_addr.call_id); 488 489 hdr->flags |= PPTP_GRE_FLAG_S; 490 hdr->seq = htonl(++opt->seq_sent); 491#ifdef DEBUG 492 if (log_level>=3 && opt->seq_sent<=log_packets) 493 printk(KERN_INFO"PPTP[%i]: send packet: seq=%i",opt->src_addr.call_id,opt->seq_sent); 494#endif 495 if (opt->ack_sent != seq_recv) { 496 /* send ack with this message */ 497 hdr->ver |= PPTP_GRE_FLAG_A; 498 hdr->ack = htonl(seq_recv); 499 opt->ack_sent = seq_recv; 500#ifdef DEBUG 501 if (log_level>=3 && opt->seq_sent<=log_packets) 502 printk(" ack=%i",seq_recv); 503#endif 504 } 505 hdr->payload_len = htons(len); 506#ifdef DEBUG 507 if (log_level>=3 && opt->seq_sent<=log_packets) 508 printk("\n"); 509#endif 510 511 /* 512 * Push down and install the IP header. 513 */ 514 515#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31) 516 skb_reset_transport_header(skb); 517 skb_push(skb, sizeof(*iph)); 518 skb_reset_network_header(skb); 519#elif LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) 520 skb->transport_header = skb->network_header; 521 skb_push(skb, sizeof(*iph)); 522 skb_reset_network_header(skb); 523#else 524 skb->h.raw = skb->nh.raw; 525 skb->nh.raw = skb_push(skb, sizeof(*iph)); 526#endif 527 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); 528#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16) 529 IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED | 530 IPSKB_REROUTED); 531#endif 532 533#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) 534 iph = ip_hdr(skb); 535#else 536 iph = skb->nh.iph; 537#endif 538 iph->version = 4; 539 iph->ihl = sizeof(struct iphdr) >> 2; 540 if (ip_dont_fragment(sk, &rt->dst)) 541 iph->frag_off = htons(IP_DF); 542 else 543 iph->frag_off = 0; 544 iph->protocol = IPPROTO_GRE; 545 iph->tos = 0; 546 iph->daddr = rt->rt_dst; 547 iph->saddr = rt->rt_src; 548#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 549 iph->ttl = sk->protinfo.af_inet.ttl; 550#else 551 iph->ttl = dst_metric(&rt->dst, RTAX_HOPLIMIT); 552#endif 553 iph->tot_len = htons(skb->len); 554 555#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31) 556 skb_dst_drop(skb); 557 skb_dst_set(skb,&rt->dst); 558#else 559 dst_release(skb->dst); 560 skb->dst = &rt->dst; 561#endif 562 563 nf_reset(skb); 564 565 skb->ip_summed = CHECKSUM_NONE; 566 ip_select_ident(iph, &rt->dst, NULL); 567 ip_send_check(iph); 568 569#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 570 err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL, rt->dst.dev, ip_send); 571#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,25) 572 err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL, rt->dst.dev, dst_output); 573#else 574 err = ip_local_out(skb); 575#endif 576 577tx_error: 578 return 1; 579} 580 581static int pptp_rcv_core(struct sock *sk,struct sk_buff *skb) 582{ 583 struct pppox_sock *po = pppox_sk(sk); 584 struct pptp_opt *opt=&po->proto.pptp; 585 int headersize,payload_len,seq; 586 u8 *payload; 587 struct pptp_gre_header *header; 588 589 if (!(SK_STATE(sk) & PPPOX_CONNECTED)) { 590 if (sock_queue_rcv_skb(sk, skb)) 591 goto drop; 592 return NET_RX_SUCCESS; 593 } 594 595 header = (struct pptp_gre_header *)(skb->data); 596 597 /* test if acknowledgement present */ 598 if (PPTP_GRE_IS_A(header->ver)){ 599 u32 ack = (PPTP_GRE_IS_S(header->flags))? 600 header->ack:header->seq; /* ack in different place if S = 0 */ 601 602 ack = ntohl( ack); 603 604 if (ack > opt->ack_recv) opt->ack_recv = ack; 605 /* also handle sequence number wrap-around */ 606 if (WRAPPED(ack,opt->ack_recv)) opt->ack_recv = ack; 607 } 608 609 /* test if payload present */ 610 if (!PPTP_GRE_IS_S(header->flags)){ 611 goto drop; 612 } 613 614 headersize = sizeof(*header); 615 payload_len = ntohs(header->payload_len); 616 seq = ntohl(header->seq); 617 618 /* no ack present? */ 619 if (!PPTP_GRE_IS_A(header->ver)) headersize -= sizeof(header->ack); 620 /* check for incomplete packet (length smaller than expected) */ 621 if (skb->len - headersize < payload_len){ 622#ifdef DEBUG 623 if (log_level>=1) 624 printk(KERN_INFO"PPTP: discarding truncated packet (expected %d, got %d bytes)\n", 625 payload_len, skb->len - headersize); 626#endif 627 goto drop; 628 } 629 630 payload=skb->data+headersize; 631 /* check for expected sequence number */ 632 if ( seq < opt->seq_recv + 1 || WRAPPED(opt->seq_recv, seq) ){ 633 if ( (payload[0] == PPP_ALLSTATIONS) && (payload[1] == PPP_UI) && 634 (PPP_PROTOCOL(payload) == PPP_LCP) && 635 ((payload[4] == PPP_LCP_ECHOREQ) || (payload[4] == PPP_LCP_ECHOREP)) ){ 636#ifdef DEBUG 637 if ( log_level >= 1) 638 printk(KERN_INFO"PPTP[%i]: allowing old LCP Echo packet %d (expecting %d)\n", opt->src_addr.call_id, 639 seq, opt->seq_recv + 1); 640#endif 641 goto allow_packet; 642 } 643#ifdef DEBUG 644 if ( log_level >= 1) 645 printk(KERN_INFO"PPTP[%i]: discarding duplicate or old packet %d (expecting %d)\n",opt->src_addr.call_id, 646 seq, opt->seq_recv + 1); 647#endif 648 }else{ 649 opt->seq_recv = seq; 650allow_packet: 651#ifdef DEBUG 652 if ( log_level >= 3 && opt->seq_sent<=log_packets) 653 printk(KERN_INFO"PPTP[%i]: accepting packet %d size=%i (%02x %02x %02x %02x %02x %02x)\n",opt->src_addr.call_id, seq,payload_len, 654 *(payload +0), 655 *(payload +1), 656 *(payload +2), 657 *(payload +3), 658 *(payload +4), 659 *(payload +5)); 660#endif 661 662 skb_pull(skb,headersize); 663 664 if (payload[0] == PPP_ALLSTATIONS && payload[1] == PPP_UI){ 665 /* chop off address/control */ 666 if (skb->len < 3) 667 goto drop; 668 skb_pull(skb,2); 669 } 670 671 if ((*skb->data) & 1){ 672 /* protocol is compressed */ 673 skb_push(skb, 1)[0] = 0; 674 } 675 676 skb->ip_summed=CHECKSUM_NONE; 677#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,21) 678 skb_set_network_header(skb,skb->head-skb->data); 679#endif 680 ppp_input(&po->chan,skb); 681 682 return NET_RX_SUCCESS; 683 } 684drop: 685 kfree_skb(skb); 686 return NET_RX_DROP; 687} 688 689static int pptp_rcv(struct sk_buff *skb) 690{ 691 struct pppox_sock *po; 692 struct pptp_gre_header *header; 693 struct iphdr *iph; 694#if LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0) 695 int ret; 696 struct sock *sk; 697#endif 698 699 if (skb->pkt_type != PACKET_HOST) 700 goto drop; 701 702#if !defined(CONFIG_NET_IPGRE_DEMUX) && !defined(CONFIG_NET_IPGRE_DEMUX_MODULE) 703 if (!pskb_may_pull(skb, 12)) 704 goto drop; 705#endif 706 707#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) 708 iph = ip_hdr(skb); 709#else 710 iph = skb->nh.iph; 711#endif 712 713 header = (struct pptp_gre_header *)skb->data; 714 715 if ( /* version should be 1 */ 716 ((header->ver & 0x7F) != PPTP_GRE_VER) || 717 /* PPTP-GRE protocol for PPTP */ 718 (ntohs(header->protocol) != PPTP_GRE_PROTO)|| 719 /* flag C should be clear */ 720 PPTP_GRE_IS_C(header->flags) || 721 /* flag R should be clear */ 722 PPTP_GRE_IS_R(header->flags) || 723 /* flag K should be set */ 724 (!PPTP_GRE_IS_K(header->flags)) || 725 /* routing and recursion ctrl = 0 */ 726 ((header->flags&0xF) != 0)){ 727 /* if invalid, discard this packet */ 728#ifdef DEBUG 729 if (log_level>=1) 730 printk(KERN_INFO"PPTP: Discarding GRE: %X %X %X %X %X %X\n", 731 header->ver&0x7F, ntohs(header->protocol), 732 PPTP_GRE_IS_C(header->flags), 733 PPTP_GRE_IS_R(header->flags), 734 PPTP_GRE_IS_K(header->flags), 735 header->flags & 0xF); 736#endif 737 goto drop; 738 } 739 740 741 if ((po=lookup_chan(htons(header->call_id),iph->saddr))) { 742#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31) 743 skb_dst_drop(skb); 744#else 745 dst_release(skb->dst); 746 skb->dst = NULL; 747#endif 748 nf_reset(skb); 749#if LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0) 750 sk=sk_pppox(po); 751 bh_lock_sock(sk); 752 /* Socket state is unknown, must put skb into backlog. */ 753 if (sk->lock.users != 0) { 754 sk_add_backlog(sk, skb); 755 ret = NET_RX_SUCCESS; 756 } else { 757 ret = pptp_rcv_core(sk, skb); 758 } 759 bh_unlock_sock(sk); 760 sock_put(sk); 761 return ret; 762 763#else /* LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0) */ 764 765#if LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,19) 766 return sk_receive_skb(sk_pppox(po), skb); 767#else 768 return sk_receive_skb(sk_pppox(po), skb, 0); 769#endif 770 771#endif /* LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0) */ 772 }else { 773#ifdef DEBUG 774 if (log_level>=1) 775 printk(KERN_INFO"PPTP: Discarding packet from unknown call_id %i\n",htons(header->call_id)); 776#endif 777 } 778 779drop: 780 kfree_skb(skb); 781 return NET_RX_DROP; 782} 783 784static int pptp_bind(struct socket *sock,struct sockaddr *uservaddr,int sockaddr_len) 785{ 786 struct sock *sk = sock->sk; 787 struct sockaddr_pppox *sp = (struct sockaddr_pppox *) uservaddr; 788 struct pppox_sock *po = pppox_sk(sk); 789 struct pptp_opt *opt=&po->proto.pptp; 790 int error=0; 791 792#ifdef DEBUG 793 if (log_level>=1) 794 printk(KERN_INFO"PPTP: bind: addr=%X call_id=%i\n",sp->sa_addr.pptp.sin_addr.s_addr, 795 sp->sa_addr.pptp.call_id); 796#endif 797 lock_sock(sk); 798 799 opt->src_addr=sp->sa_addr.pptp; 800 if (add_chan(po)) 801 error=-EBUSY; 802#ifdef DEBUG 803 if (log_level>=1) 804 printk(KERN_INFO"PPTP: using call_id %i\n",opt->src_addr.call_id); 805#endif 806 807 release_sock(sk); 808 return error; 809} 810 811static int pptp_connect(struct socket *sock, struct sockaddr *uservaddr, 812 int sockaddr_len, int flags) 813{ 814 struct sock *sk = sock->sk; 815 struct sockaddr_pppox *sp = (struct sockaddr_pppox *) uservaddr; 816 struct pppox_sock *po = pppox_sk(sk); 817 struct pptp_opt *opt = &po->proto.pptp; 818 struct rtable *rt; /* Route to the other host */ 819 int error=0; 820 821 if (sp->sa_protocol != PX_PROTO_PPTP) 822 return -EINVAL; 823 824#ifdef DEBUG 825 if (log_level>=1) 826 printk(KERN_INFO"PPTP[%i]: connect: addr=%X call_id=%i\n",opt->src_addr.call_id, 827 sp->sa_addr.pptp.sin_addr.s_addr,sp->sa_addr.pptp.call_id); 828#endif 829 830 if (lookup_chan_dst(sp->sa_addr.pptp.call_id,sp->sa_addr.pptp.sin_addr.s_addr)) 831 return -EALREADY; 832 833 lock_sock(sk); 834 /* Check for already bound sockets */ 835 if (SK_STATE(sk) & PPPOX_CONNECTED){ 836 error = -EBUSY; 837 goto end; 838 } 839 840 /* Check for already disconnected sockets, on attempts to disconnect */ 841 if (SK_STATE(sk) & PPPOX_DEAD){ 842 error = -EALREADY; 843 goto end; 844 } 845 846 if (!opt->src_addr.sin_addr.s_addr || !sp->sa_addr.pptp.sin_addr.s_addr){ 847 error = -EINVAL; 848 goto end; 849 } 850 851 po->chan.private=sk; 852 po->chan.ops=&pptp_chan_ops; 853 854#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 855 { 856 struct rt_key key = { 857 .dst=opt->dst_addr.sin_addr.s_addr, 858 .src=opt->src_addr.sin_addr.s_addr, 859 .tos=RT_TOS(0), 860 }; 861#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,25) 862 if (ip_route_output_key(&rt, &key)) { 863#else 864 if (ip_route_output_key(&init_net, &rt, &key)) { 865#endif 866 error = -EHOSTUNREACH; 867 goto end; 868 } 869 } 870#else 871 { 872 struct flowi fl = { 873 .nl_u = { .ip4_u = 874 { .daddr = opt->dst_addr.sin_addr.s_addr, 875 .saddr = opt->src_addr.sin_addr.s_addr, 876 .tos = RT_CONN_FLAGS(sk) } }, 877 .proto = IPPROTO_GRE }; 878#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,18) 879 security_sk_classify_flow(sk, &fl); 880#endif 881#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,25) 882 if (ip_route_output_key(&rt, &fl)){ 883#else 884 if (ip_route_output_key(&init_net, &rt, &fl)){ 885#endif 886 error = -EHOSTUNREACH; 887 goto end; 888 } 889 sk_setup_caps(sk, &rt->dst); 890 } 891#endif 892#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 893 po->chan.mtu=PPP_MTU; 894#else 895 po->chan.mtu=dst_mtu(&rt->dst); 896 if (!po->chan.mtu) po->chan.mtu=PPP_MTU; 897#endif 898 ip_rt_put(rt); 899 po->chan.mtu-=PPTP_HEADER_OVERHEAD; 900 901 po->chan.hdrlen=2+sizeof(struct pptp_gre_header); 902 po->chan.hdrlen += LL_MAX_HEADER + sizeof(struct iphdr); 903 error = ppp_register_channel(&po->chan); 904 if (error){ 905 printk(KERN_ERR "PPTP: failed to register PPP channel (%d)\n",error); 906 goto end; 907 } 908 909 opt->dst_addr=sp->sa_addr.pptp; 910 SK_STATE(sk) = PPPOX_CONNECTED; 911 912 end: 913 release_sock(sk); 914 return error; 915} 916 917static int pptp_getname(struct socket *sock, struct sockaddr *uaddr, 918 int *usockaddr_len, int peer) 919{ 920 int len = sizeof(struct sockaddr_pppox); 921 struct sockaddr_pppox sp; 922 923 sp.sa_family = AF_PPPOX; 924 sp.sa_protocol = PX_PROTO_PPTP; 925 sp.sa_addr.pptp=pppox_sk(sock->sk)->proto.pptp.src_addr; 926 927 memcpy(uaddr, &sp, len); 928 929 *usockaddr_len = len; 930 931 return 0; 932} 933 934static int pptp_release(struct socket *sock) 935{ 936 struct sock *sk = sock->sk; 937 struct pppox_sock *po; 938 struct pptp_opt *opt; 939 int error = 0; 940 941 if (!sk) 942 return 0; 943 944 lock_sock(sk); 945 946#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 947 if (sk->dead) 948#else 949 if (sock_flag(sk, SOCK_DEAD)) 950#endif 951 { 952 release_sock(sk); 953 return -EBADF; 954 } 955 956 po = pppox_sk(sk); 957 opt=&po->proto.pptp; 958 del_chan(po); 959 960 pppox_unbind_sock(sk); 961 SK_STATE(sk) = PPPOX_DEAD; 962 963#ifdef DEBUG 964 if (log_level>=1) 965 printk(KERN_INFO"PPTP[%i]: release\n",opt->src_addr.call_id); 966#endif 967 968 sock_orphan(sk); 969 sock->sk = NULL; 970 971 release_sock(sk); 972 sock_put(sk); 973 974 return error; 975} 976 977 978#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 979static struct proto pptp_sk_proto = { 980 .name = "PPTP", 981 .owner = THIS_MODULE, 982 .obj_size = sizeof(struct pppox_sock), 983}; 984#endif 985 986static struct proto_ops pptp_ops = { 987 .family = AF_PPPOX, 988#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 989 .owner = THIS_MODULE, 990#endif 991 .release = pptp_release, 992 .bind = pptp_bind, 993 .connect = pptp_connect, 994 .socketpair = sock_no_socketpair, 995 .accept = sock_no_accept, 996 .getname = pptp_getname, 997 .poll = sock_no_poll, 998 .listen = sock_no_listen, 999 .shutdown = sock_no_shutdown, 1000 .setsockopt = sock_no_setsockopt, 1001 .getsockopt = sock_no_getsockopt, 1002 .sendmsg = sock_no_sendmsg, 1003 .recvmsg = sock_no_recvmsg, 1004 .mmap = sock_no_mmap, 1005#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16) 1006 .ioctl = pppox_ioctl, 1007#endif 1008}; 1009 1010 1011#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 1012static void pptp_sock_destruct(struct sock *sk) 1013{ 1014 skb_queue_purge(&sk->receive_queue); 1015 if (!(SK_STATE(sk) & PPPOX_DEAD)) { 1016 del_chan(pppox_sk(sk)); 1017 pppox_unbind_sock(sk); 1018 } 1019 if (sk->protinfo.destruct_hook) 1020 kfree(sk->protinfo.destruct_hook); 1021 1022 MOD_DEC_USE_COUNT; 1023} 1024 1025static int pptp_create(struct socket *sock) 1026{ 1027 int error = -ENOMEM; 1028 struct sock *sk; 1029 struct pppox_sock *po; 1030 struct pptp_opt *opt; 1031 1032 MOD_INC_USE_COUNT; 1033 1034 sk = sk_alloc(PF_PPPOX, GFP_KERNEL, 1); 1035 if (!sk) 1036 goto out; 1037 1038 sock_init_data(sock, sk); 1039 1040 sock->state = SS_UNCONNECTED; 1041 sock->ops = &pptp_ops; 1042 1043 //sk->sk_backlog_rcv = pppoe_rcv_core; 1044 sk->state = PPPOX_NONE; 1045 sk->type = SOCK_STREAM; 1046 sk->family = PF_PPPOX; 1047 sk->protocol = PX_PROTO_PPTP; 1048 1049 sk->protinfo.pppox=kzalloc(sizeof(struct pppox_sock),GFP_KERNEL); 1050 sk->destruct=pptp_sock_destruct; 1051 sk->protinfo.destruct_hook=sk->protinfo.pppox; 1052 1053 po = pppox_sk(sk); 1054 po->sk=sk; 1055 opt=&po->proto.pptp; 1056 1057 opt->seq_sent=0; opt->seq_recv=0; 1058 opt->ack_recv=0; opt->ack_sent=0; 1059 1060 error = 0; 1061out: 1062 return error; 1063} 1064#else 1065static void pptp_sock_destruct(struct sock *sk) 1066{ 1067 if (!(SK_STATE(sk) & PPPOX_DEAD)){ 1068 del_chan(pppox_sk(sk)); 1069 pppox_unbind_sock(sk); 1070 } 1071 skb_queue_purge(&sk->sk_receive_queue); 1072} 1073#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,24) 1074static int pptp_create(struct socket *sock) 1075#else 1076static int pptp_create(struct net *net, struct socket *sock) 1077#endif 1078{ 1079 int error = -ENOMEM; 1080 struct sock *sk; 1081 struct pppox_sock *po; 1082 struct pptp_opt *opt; 1083 1084#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,24) 1085 sk = sk_alloc(PF_PPPOX, GFP_KERNEL, &pptp_sk_proto, 1); 1086#else 1087 sk = sk_alloc(net,PF_PPPOX, GFP_KERNEL, &pptp_sk_proto); 1088#endif 1089 if (!sk) 1090 goto out; 1091 1092 sock_init_data(sock, sk); 1093 1094 sock->state = SS_UNCONNECTED; 1095 sock->ops = &pptp_ops; 1096 1097 sk->sk_backlog_rcv = pptp_rcv_core; 1098 sk->sk_state = PPPOX_NONE; 1099 sk->sk_type = SOCK_STREAM; 1100 sk->sk_family = PF_PPPOX; 1101 sk->sk_protocol = PX_PROTO_PPTP; 1102 sk->sk_destruct = pptp_sock_destruct; 1103 1104 po = pppox_sk(sk); 1105#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 1106 po->sk=sk; 1107#endif 1108 opt=&po->proto.pptp; 1109 1110 opt->seq_sent = 0; opt->seq_recv = 0xffffffff; 1111 opt->ack_recv = 0; opt->ack_sent = 0xffffffff; 1112 1113 error = 0; 1114out: 1115 return error; 1116} 1117#endif 1118 1119 1120static int pptp_ppp_ioctl(struct ppp_channel *chan, unsigned int cmd, 1121 unsigned long arg) 1122{ 1123 struct sock *sk = (struct sock *) chan->private; 1124 struct pppox_sock *po = pppox_sk(sk); 1125 struct pptp_opt *opt=&po->proto.pptp; 1126 void __user *argp = (void __user *)arg; 1127 int __user *p = argp; 1128 int err, val; 1129 1130 err = -EFAULT; 1131 switch (cmd) { 1132 case PPPIOCGFLAGS: 1133 val = opt->ppp_flags; 1134 if (put_user(val, p)) 1135 break; 1136 err = 0; 1137 break; 1138 case PPPIOCSFLAGS: 1139 if (get_user(val, p)) 1140 break; 1141 opt->ppp_flags = val & ~SC_RCV_BITS; 1142 err = 0; 1143 break; 1144 default: 1145 err = -ENOTTY; 1146 } 1147 1148 return err; 1149} 1150 1151 1152static struct pppox_proto pppox_pptp_proto = { 1153 .create = pptp_create, 1154#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,15) 1155 .owner = THIS_MODULE, 1156#endif 1157}; 1158 1159#if defined(CONFIG_NET_IPGRE_DEMUX) || defined(CONFIG_NET_IPGRE_DEMUX_MODULE) 1160static struct gre_protocol gre_pptp_protocol = { 1161 .handler = pptp_rcv, 1162}; 1163#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 1164static struct inet_protocol net_pptp_protocol = { 1165 .handler = pptp_rcv, 1166 .protocol = IPPROTO_GRE, 1167 .name = "PPTP", 1168}; 1169#else 1170static struct net_protocol net_pptp_protocol = { 1171 .handler = pptp_rcv, 1172}; 1173#endif 1174 1175static int __init pptp_init_module(void) 1176{ 1177 int err=0; 1178 printk(KERN_INFO "PPTP driver version " PPTP_DRIVER_VERSION "\n"); 1179#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 1180 callid_sock = __vmalloc((MAX_CALLID + 1) * sizeof(void *), 1181 GFP_KERNEL | __GFP_ZERO, PAGE_KERNEL); 1182#else 1183 callid_sock = __vmalloc((MAX_CALLID + 1) * sizeof(void *), 1184 GFP_KERNEL, PAGE_KERNEL); 1185 memset(callid_sock, 0, (MAX_CALLID + 1) * sizeof(void *)); 1186#endif 1187 if (!callid_sock) { 1188 printk(KERN_ERR "PPTP: cann't allocate memory\n"); 1189 return -ENOMEM; 1190 } 1191 1192#if defined(CONFIG_NET_IPGRE_DEMUX) || defined(CONFIG_NET_IPGRE_DEMUX_MODULE) 1193 if (gre_add_protocol(&gre_pptp_protocol, GREPROTO_PPTP) < 0) { 1194 printk(KERN_INFO "PPTP: can't add protocol\n"); 1195 goto out_free_mem; 1196 } 1197#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 1198 inet_add_protocol(&net_pptp_protocol); 1199#else 1200 if (inet_add_protocol(&net_pptp_protocol, IPPROTO_GRE) < 0) { 1201 printk(KERN_INFO "PPTP: can't add protocol\n"); 1202 goto out_free_mem; 1203 } 1204#endif 1205 1206#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 1207 err = proto_register(&pptp_sk_proto, 0); 1208 if (err){ 1209 printk(KERN_INFO "PPTP: can't register sk_proto\n"); 1210 goto out_inet_del_protocol; 1211 } 1212#endif 1213 1214 err = register_pppox_proto(PX_PROTO_PPTP, &pppox_pptp_proto); 1215 if (err){ 1216 printk(KERN_INFO "PPTP: can't register pppox_proto\n"); 1217 goto out_unregister_sk_proto; 1218 } 1219 1220 return 0; 1221out_unregister_sk_proto: 1222#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 1223 proto_unregister(&pptp_sk_proto); 1224#endif 1225 1226#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 1227out_inet_del_protocol: 1228#endif 1229 1230#if defined(CONFIG_NET_IPGRE_DEMUX) || defined(CONFIG_NET_IPGRE_DEMUX_MODULE) 1231 gre_del_protocol(&gre_pptp_protocol, GREPROTO_PPTP); 1232#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 1233 inet_del_protocol(&net_pptp_protocol); 1234#else 1235 inet_del_protocol(&net_pptp_protocol, IPPROTO_GRE); 1236#endif 1237out_free_mem: 1238 vfree(callid_sock); 1239 1240 return err; 1241} 1242 1243static void __exit pptp_exit_module(void) 1244{ 1245 unregister_pppox_proto(PX_PROTO_PPTP); 1246#if defined(CONFIG_NET_IPGRE_DEMUX) || defined(CONFIG_NET_IPGRE_DEMUX_MODULE) 1247#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 1248 proto_unregister(&pptp_sk_proto); 1249#endif 1250 gre_del_protocol(&gre_pptp_protocol, GREPROTO_PPTP); 1251#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 1252 inet_del_protocol(&net_pptp_protocol); 1253#else 1254 proto_unregister(&pptp_sk_proto); 1255 inet_del_protocol(&net_pptp_protocol, IPPROTO_GRE); 1256#endif 1257 vfree(callid_sock); 1258} 1259 1260module_init(pptp_init_module); 1261module_exit(pptp_exit_module); 1262 1263MODULE_DESCRIPTION("Point-to-Point Tunneling Protocol for Linux"); 1264MODULE_AUTHOR("Kozlov D. (xeb@mail.ru)"); 1265MODULE_LICENSE("GPL"); 1266 1267#ifdef DEBUG 1268#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 1269MODULE_PARM(log_level,"i"); 1270MODULE_PARM(log_packets,"i"); 1271#else 1272module_param(log_level,int,0); 1273module_param(log_packets,int,0); 1274#endif 1275MODULE_PARM_DESC(log_level,"Logging level (default=0)"); 1276#endif 1277