1/* 2 * Point-to-Point Tunneling Protocol for Linux 3 * 4 * Authors: Kozlov D. (xeb@mail.ru) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 * 11 */ 12 13#include <linux/string.h> 14#include <linux/module.h> 15#include <linux/kernel.h> 16#include <linux/slab.h> 17#include <linux/errno.h> 18#include <linux/netdevice.h> 19#include <linux/net.h> 20#include <linux/skbuff.h> 21#include <linux/init.h> 22#include <linux/ppp_channel.h> 23#include <linux/ppp_defs.h> 24#include "if_pppox.h" 25#include <linux/if_ppp.h> 26#include <linux/notifier.h> 27#include <linux/file.h> 28#include <linux/in.h> 29#include <linux/ip.h> 30#include <linux/netfilter.h> 31#include <linux/netfilter_ipv4.h> 32#include <linux/version.h> 33 34#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 35#include <asm/bitops.h> 36#endif 37 38#include <net/sock.h> 39#include <net/protocol.h> 40#include <net/ip.h> 41#include <net/icmp.h> 42#include <net/route.h> 43 44#include <asm/uaccess.h> 45 46#define DEBUG 47//#define CONFIG_GRE 48 49#if defined(CONFIG_GRE) || defined(CONFIG_GRE_MODULE) 50#include "gre.h" 51#endif 52 53#define PPTP_DRIVER_VERSION "0.8.5" 54 55static int log_level=0; 56static int log_packets=10; 57 58#define MAX_CALLID 65535 59#define PPP_LCP_ECHOREQ 0x09 60#define PPP_LCP_ECHOREP 0x0A 61 62static DECLARE_BITMAP(callid_bitmap, MAX_CALLID + 1); 63static struct pppox_sock **callid_sock; 64 65#define SC_RCV_BITS (SC_RCV_B7_1|SC_RCV_B7_0|SC_RCV_ODDP|SC_RCV_EVNP) 66 67#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 68#define INIT_TIMER(_timer,_routine,_data) \ 69do { \ 70 (_timer)->function=_routine; \ 71 (_timer)->data=_data; \ 72 init_timer(_timer); \ 73} while (0); 74 75static inline void *kzalloc(size_t size,int gfp) 76{ 77 void *p=kmalloc(size,gfp); 78 memset(p,0,size); 79 return p; 80} 81 82#if LINUX_VERSION_CODE <= KERNEL_VERSION(2,4,20) 83static inline void nf_reset(struct sk_buff *skb) 84{ 85#ifdef CONFIG_NETFILTER 86 nf_conntrack_put(skb->nfct); 87 skb->nfct=NULL; 88#ifdef CONFIG_NETFILTER_DEBUG 89 skb->nf_debug=0; 90#endif 91#endif 92} 93#define __user 94#endif 95 96/** 97 * __ffs - find first bit in word. 98 * @word: The word to search 99 * 100 * Undefined if no bit exists, so code should check against 0 first. 101 */ 102static inline unsigned long __ffs(unsigned long word) 103{ 104 int num = 0; 105 106#if BITS_PER_LONG == 64 107 if ((word & 0xffffffff) == 0) { 108 num += 32; 109 word >>= 32; 110 } 111#endif 112 if ((word & 0xffff) == 0) { 113 num += 16; 114 word >>= 16; 115 } 116 if ((word & 0xff) == 0) { 117 num += 8; 118 word >>= 8; 119 } 120 if ((word & 0xf) == 0) { 121 num += 4; 122 word >>= 4; 123 } 124 if ((word & 0x3) == 0) { 125 num += 2; 126 word >>= 2; 127 } 128 if ((word & 0x1) == 0) 129 num += 1; 130 return num; 131} 132 133#define BITOP_WORD(nr) ((nr) / BITS_PER_LONG) 134/* 135 * Find the next set bit in a memory region. 136 */ 137static unsigned long find_next_bit(const unsigned long *addr, unsigned long size, 138 unsigned long offset) 139{ 140 const unsigned long *p = addr + BITOP_WORD(offset); 141 unsigned long result = offset & ~(BITS_PER_LONG-1); 142 unsigned long tmp; 143 144 if (offset >= size) 145 return size; 146 size -= result; 147 offset %= BITS_PER_LONG; 148 if (offset) { 149 tmp = *(p++); 150 tmp &= (~0UL << offset); 151 if (size < BITS_PER_LONG) 152 goto found_first; 153 if (tmp) 154 goto found_middle; 155 size -= BITS_PER_LONG; 156 result += BITS_PER_LONG; 157 } 158 while (size & ~(BITS_PER_LONG-1)) { 159 if ((tmp = *(p++))) 160 goto found_middle; 161 result += BITS_PER_LONG; 162 size -= BITS_PER_LONG; 163 } 164 if (!size) 165 return result; 166 tmp = *p; 167 168found_first: 169 tmp &= (~0UL >> (BITS_PER_LONG - size)); 170 if (tmp == 0UL) /* Are any bits set? */ 171 return result + size; /* Nope. */ 172found_middle: 173 return result + __ffs(tmp); 174} 175#endif 176 177#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 178static rwlock_t chan_lock=RW_LOCK_UNLOCKED; 179#define SK_STATE(sk) (sk)->state 180#else 181static DEFINE_SPINLOCK(chan_lock); 182#define SK_STATE(sk) (sk)->sk_state 183#endif 184 185static int pptp_xmit(struct ppp_channel *chan, struct sk_buff *skb); 186static int pptp_ppp_ioctl(struct ppp_channel *chan, unsigned int cmd, 187 unsigned long arg); 188static int pptp_rcv_core(struct sock *sk,struct sk_buff *skb); 189 190static struct ppp_channel_ops pptp_chan_ops= { 191 .start_xmit = pptp_xmit, 192 .ioctl=pptp_ppp_ioctl, 193}; 194 195 196#define MISSING_WINDOW 20 197#define WRAPPED( curseq, lastseq) \ 198 ((((curseq) & 0xffffff00) == 0) && \ 199 (((lastseq) & 0xffffff00 ) == 0xffffff00)) 200 201/* gre header structure: -------------------------------------------- */ 202 203#define PPTP_GRE_PROTO 0x880B 204#define PPTP_GRE_VER 0x1 205 206#define PPTP_GRE_FLAG_C 0x80 207#define PPTP_GRE_FLAG_R 0x40 208#define PPTP_GRE_FLAG_K 0x20 209#define PPTP_GRE_FLAG_S 0x10 210#define PPTP_GRE_FLAG_A 0x80 211 212#define PPTP_GRE_IS_C(f) ((f)&PPTP_GRE_FLAG_C) 213#define PPTP_GRE_IS_R(f) ((f)&PPTP_GRE_FLAG_R) 214#define PPTP_GRE_IS_K(f) ((f)&PPTP_GRE_FLAG_K) 215#define PPTP_GRE_IS_S(f) ((f)&PPTP_GRE_FLAG_S) 216#define PPTP_GRE_IS_A(f) ((f)&PPTP_GRE_FLAG_A) 217 218struct pptp_gre_header { 219 u8 flags; /* bitfield */ 220 u8 ver; /* should be PPTP_GRE_VER (enhanced GRE) */ 221 u16 protocol; /* should be PPTP_GRE_PROTO (ppp-encaps) */ 222 u16 payload_len; /* size of ppp payload, not inc. gre header */ 223 u16 call_id; /* peer's call_id for this session */ 224 u32 seq; /* sequence number. Present if S==1 */ 225 u32 ack; /* seq number of highest packet recieved by */ 226 /* sender in this session */ 227} __packed; 228#define PPTP_HEADER_OVERHEAD (2+sizeof(struct pptp_gre_header)) 229 230#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 231static struct pppox_sock * lookup_chan(u16 call_id, u32 s_addr) 232#else 233static struct pppox_sock * lookup_chan(u16 call_id, __be32 s_addr) 234#endif 235{ 236 struct pppox_sock *sock; 237 struct pptp_opt *opt; 238 239#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 240 rcu_read_lock(); 241 sock = rcu_dereference(callid_sock[call_id]); 242#else 243 read_lock(&chan_lock); 244 sock = callid_sock[call_id]; 245#endif 246 if (sock) { 247 opt=&sock->proto.pptp; 248 if (opt->dst_addr.sin_addr.s_addr!=s_addr) sock=NULL; 249 else sock_hold(sk_pppox(sock)); 250 } 251#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 252 rcu_read_unlock(); 253#else 254 read_unlock(&chan_lock); 255#endif 256 257 return sock; 258} 259 260#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 261static int lookup_chan_dst(u16 call_id, u32 d_addr) 262#else 263static int lookup_chan_dst(u16 call_id, __be32 d_addr) 264#endif 265{ 266 struct pppox_sock *sock; 267 struct pptp_opt *opt; 268 int i; 269 270#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 271 rcu_read_lock(); 272#else 273 down(&chan_lock); 274#endif 275 for(i = find_next_bit(callid_bitmap,MAX_CALLID,1); i < MAX_CALLID; 276 i = find_next_bit(callid_bitmap, MAX_CALLID, i + 1)){ 277#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 278 sock = rcu_dereference(callid_sock[i]); 279#else 280 sock = callid_sock[i]; 281#endif 282 if (!sock) 283 continue; 284 opt = &sock->proto.pptp; 285 if (opt->dst_addr.call_id == call_id && opt->dst_addr.sin_addr.s_addr == d_addr) break; 286 } 287#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 288 rcu_read_unlock(); 289#else 290 up(&chan_lock); 291#endif 292 293 return i<MAX_CALLID; 294} 295 296static int add_chan(struct pppox_sock *sock) 297{ 298 static int call_id=0; 299 int res=-1; 300 301#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 302 spin_lock(&chan_lock); 303#else 304 write_lock_bh(&chan_lock); 305#endif 306 307 if (!sock->proto.pptp.src_addr.call_id) 308 { 309 call_id=find_next_zero_bit(callid_bitmap,MAX_CALLID,call_id+1); 310 if (call_id==MAX_CALLID) 311 call_id=find_next_zero_bit(callid_bitmap,MAX_CALLID,1); 312 sock->proto.pptp.src_addr.call_id=call_id; 313 } 314 else if (test_bit(sock->proto.pptp.src_addr.call_id,callid_bitmap)) 315 goto exit; 316 317#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 318 rcu_assign_pointer(callid_sock[sock->proto.pptp.src_addr.call_id],sock); 319#else 320 callid_sock[sock->proto.pptp.src_addr.call_id] = sock; 321#endif 322 set_bit(sock->proto.pptp.src_addr.call_id,callid_bitmap); 323 res=0; 324 325exit: 326 #if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 327 spin_unlock(&chan_lock); 328 #else 329 write_unlock_bh(&chan_lock); 330 #endif 331 332 return res; 333} 334 335static void del_chan(struct pppox_sock *sock) 336{ 337#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 338 spin_lock(&chan_lock); 339#else 340 write_lock_bh(&chan_lock); 341#endif 342 clear_bit(sock->proto.pptp.src_addr.call_id,callid_bitmap); 343#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 344 rcu_assign_pointer(callid_sock[sock->proto.pptp.src_addr.call_id],NULL); 345 spin_unlock(&chan_lock); 346 synchronize_rcu(); 347#else 348 callid_sock[sock->proto.pptp.src_addr.call_id] = NULL; 349 write_unlock_bh(&chan_lock); 350#endif 351} 352 353static int pptp_xmit(struct ppp_channel *chan, struct sk_buff *skb) 354{ 355 struct sock *sk = (struct sock *) chan->private; 356 struct pppox_sock *po = pppox_sk(sk); 357 struct pptp_opt *opt=&po->proto.pptp; 358 struct pptp_gre_header *hdr; 359 unsigned int header_len=sizeof(*hdr); 360 int err=0; 361 int islcp; 362 int len; 363 unsigned char *data; 364 u32 seq_recv; 365 366 367 struct rtable *rt; /* Route to the other host */ 368 struct net_device *tdev; /* Device to other host */ 369 struct iphdr *iph; /* Our new IP header */ 370 int max_headroom; /* The extra header space needed */ 371 372 if (SK_STATE(sk_pppox(po)) & PPPOX_DEAD) 373 goto tx_error; 374 375#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 376 { 377 struct rt_key key = { 378 .dst=opt->dst_addr.sin_addr.s_addr, 379 .src=opt->src_addr.sin_addr.s_addr, 380 .tos=RT_TOS(0), 381 }; 382 if ((err=ip_route_output_key(&rt, &key))) { 383 goto tx_error; 384 } 385 } 386#else 387 { 388 struct flowi fl = { .oif = 0, 389 .nl_u = { .ip4_u = 390 { .daddr = opt->dst_addr.sin_addr.s_addr, 391 .saddr = opt->src_addr.sin_addr.s_addr, 392 .tos = RT_TOS(0) } }, 393 .proto = IPPROTO_GRE }; 394#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,25) 395 if ((err=ip_route_output_key(&rt, &fl))) { 396#else 397 if ((err=ip_route_output_key(&init_net,&rt, &fl))) { 398#endif 399 goto tx_error; 400 } 401 } 402#endif 403 tdev = rt->u.dst.dev; 404 405#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 406 max_headroom = ((tdev->hard_header_len+15)&~15) + sizeof(*iph)+sizeof(*hdr)+2; 407#else 408 max_headroom = LL_RESERVED_SPACE(tdev) + sizeof(*iph)+sizeof(*hdr)+2; 409#endif 410 411#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,22) 412 if (skb_headroom(skb) < max_headroom || skb_cloned(skb) || skb_shared(skb)) { 413#else 414 if (skb_headroom(skb) < max_headroom || skb_shared(skb) || 415 (skb_cloned(skb) && !skb_clone_writable(skb,0))) { 416#endif 417 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom); 418 if (!new_skb) { 419 ip_rt_put(rt); 420 goto tx_error; 421 } 422 if (skb->sk) 423 skb_set_owner_w(new_skb, skb->sk); 424 kfree_skb(skb); 425 skb = new_skb; 426 } 427 428 data=skb->data; 429 islcp=((data[0] << 8) + data[1])== PPP_LCP && 1 <= data[2] && data[2] <= 7; 430 431 /* compress protocol field */ 432 if ((opt->ppp_flags & SC_COMP_PROT) && data[0]==0 && !islcp) 433 skb_pull(skb,1); 434 435 /* 436 * Put in the address/control bytes if necessary 437 */ 438 if ((opt->ppp_flags & SC_COMP_AC) == 0 || islcp) { 439 data=skb_push(skb,2); 440 data[0]=PPP_ALLSTATIONS; 441 data[1]=PPP_UI; 442 } 443 444 len=skb->len; 445 446 seq_recv = opt->seq_recv; 447 448 if (opt->ack_sent == seq_recv) header_len-=sizeof(hdr->ack); 449 450 // Push down and install GRE header 451 skb_push(skb,header_len); 452 hdr=(struct pptp_gre_header *)(skb->data); 453 454 hdr->flags = PPTP_GRE_FLAG_K; 455 hdr->ver = PPTP_GRE_VER; 456 hdr->protocol = htons(PPTP_GRE_PROTO); 457 hdr->call_id = htons(opt->dst_addr.call_id); 458 459 hdr->flags |= PPTP_GRE_FLAG_S; 460 hdr->seq = htonl(++opt->seq_sent); 461#ifdef DEBUG 462 if (log_level>=3 && opt->seq_sent<=log_packets) 463 printk(KERN_INFO"PPTP[%i]: send packet: seq=%i",opt->src_addr.call_id,opt->seq_sent); 464#endif 465 if (opt->ack_sent != seq_recv) { 466 /* send ack with this message */ 467 hdr->ver |= PPTP_GRE_FLAG_A; 468 hdr->ack = htonl(seq_recv); 469 opt->ack_sent = seq_recv; 470#ifdef DEBUG 471 if (log_level>=3 && opt->seq_sent<=log_packets) 472 printk(" ack=%i",seq_recv); 473#endif 474 } 475 hdr->payload_len = htons(len); 476#ifdef DEBUG 477 if (log_level>=3 && opt->seq_sent<=log_packets) 478 printk("\n"); 479#endif 480 481 /* 482 * Push down and install the IP header. 483 */ 484 485#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31) 486 skb_reset_transport_header(skb); 487 skb_push(skb, sizeof(*iph)); 488 skb_reset_network_header(skb); 489#elif LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) 490 skb->transport_header = skb->network_header; 491 skb_push(skb, sizeof(*iph)); 492 skb_reset_network_header(skb); 493#else 494 skb->h.raw = skb->nh.raw; 495 skb->nh.raw = skb_push(skb, sizeof(*iph)); 496#endif 497 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); 498#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16) 499 IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED | 500 IPSKB_REROUTED); 501#endif 502 503#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) 504 iph = ip_hdr(skb); 505#else 506 iph = skb->nh.iph; 507#endif 508 iph->version = 4; 509 iph->ihl = sizeof(struct iphdr) >> 2; 510 if (ip_dont_fragment(sk, &rt->u.dst)) 511 iph->frag_off = htons(IP_DF); 512 else 513 iph->frag_off = 0; 514 iph->protocol = IPPROTO_GRE; 515 iph->tos = 0; 516 iph->daddr = rt->rt_dst; 517 iph->saddr = rt->rt_src; 518#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 519 iph->ttl = sk->protinfo.af_inet.ttl; 520#else 521 iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT); 522#endif 523 iph->tot_len = htons(skb->len); 524 525#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31) 526 skb_dst_drop(skb); 527 skb_dst_set(skb,&rt->u.dst); 528#else 529 dst_release(skb->dst); 530 skb->dst = &rt->u.dst; 531#endif 532 533 nf_reset(skb); 534 535 skb->ip_summed = CHECKSUM_NONE; 536 ip_select_ident(iph, &rt->u.dst, NULL); 537 ip_send_check(iph); 538 539#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 540 err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL, rt->u.dst.dev, ip_send); 541#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,25) 542 err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL, rt->u.dst.dev, dst_output); 543#else 544 err = ip_local_out(skb); 545#endif 546 547tx_error: 548 return 1; 549} 550 551static int pptp_rcv_core(struct sock *sk,struct sk_buff *skb) 552{ 553 struct pppox_sock *po = pppox_sk(sk); 554 struct pptp_opt *opt=&po->proto.pptp; 555 int headersize,payload_len,seq; 556 u8 *payload; 557 struct pptp_gre_header *header; 558 559 if (!(SK_STATE(sk) & PPPOX_CONNECTED)) { 560 if (sock_queue_rcv_skb(sk, skb)) 561 goto drop; 562 return NET_RX_SUCCESS; 563 } 564 565 header = (struct pptp_gre_header *)(skb->data); 566 567 /* test if acknowledgement present */ 568 if (PPTP_GRE_IS_A(header->ver)){ 569 u32 ack = (PPTP_GRE_IS_S(header->flags))? 570 header->ack:header->seq; /* ack in different place if S = 0 */ 571 572 ack = ntohl( ack); 573 574 if (ack > opt->ack_recv) opt->ack_recv = ack; 575 /* also handle sequence number wrap-around */ 576 if (WRAPPED(ack,opt->ack_recv)) opt->ack_recv = ack; 577 } 578 579 /* test if payload present */ 580 if (!PPTP_GRE_IS_S(header->flags)){ 581 goto drop; 582 } 583 584 headersize = sizeof(*header); 585 payload_len = ntohs(header->payload_len); 586 seq = ntohl(header->seq); 587 588 /* no ack present? */ 589 if (!PPTP_GRE_IS_A(header->ver)) headersize -= sizeof(header->ack); 590 /* check for incomplete packet (length smaller than expected) */ 591 if (skb->len - headersize < payload_len){ 592#ifdef DEBUG 593 if (log_level>=1) 594 printk(KERN_INFO"PPTP: discarding truncated packet (expected %d, got %d bytes)\n", 595 payload_len, skb->len - headersize); 596#endif 597 goto drop; 598 } 599 600 payload=skb->data+headersize; 601 /* check for expected sequence number */ 602 if ( seq < opt->seq_recv + 1 || WRAPPED(opt->seq_recv, seq) ){ 603 if ( (payload[0] == PPP_ALLSTATIONS) && (payload[1] == PPP_UI) && 604 (PPP_PROTOCOL(payload) == PPP_LCP) && 605 ((payload[4] == PPP_LCP_ECHOREQ) || (payload[4] == PPP_LCP_ECHOREP)) ){ 606#ifdef DEBUG 607 if ( log_level >= 1) 608 printk(KERN_INFO"PPTP[%i]: allowing old LCP Echo packet %d (expecting %d)\n", opt->src_addr.call_id, 609 seq, opt->seq_recv + 1); 610#endif 611 goto allow_packet; 612 } 613#ifdef DEBUG 614 if ( log_level >= 1) 615 printk(KERN_INFO"PPTP[%i]: discarding duplicate or old packet %d (expecting %d)\n",opt->src_addr.call_id, 616 seq, opt->seq_recv + 1); 617#endif 618 }else{ 619 opt->seq_recv = seq; 620allow_packet: 621#ifdef DEBUG 622 if ( log_level >= 3 && opt->seq_sent<=log_packets) 623 printk(KERN_INFO"PPTP[%i]: accepting packet %d size=%i (%02x %02x %02x %02x %02x %02x)\n",opt->src_addr.call_id, seq,payload_len, 624 *(payload +0), 625 *(payload +1), 626 *(payload +2), 627 *(payload +3), 628 *(payload +4), 629 *(payload +5)); 630#endif 631 632 skb_pull(skb,headersize); 633 634 if (payload[0] == PPP_ALLSTATIONS && payload[1] == PPP_UI){ 635 /* chop off address/control */ 636 if (skb->len < 3) 637 goto drop; 638 skb_pull(skb,2); 639 } 640 641 if ((*skb->data) & 1){ 642 /* protocol is compressed */ 643 skb_push(skb, 1)[0] = 0; 644 } 645 646 skb->ip_summed=CHECKSUM_NONE; 647#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,21) 648 skb_set_network_header(skb,skb->head-skb->data); 649#endif 650 ppp_input(&po->chan,skb); 651 652 return NET_RX_SUCCESS; 653 } 654drop: 655 kfree_skb(skb); 656 return NET_RX_DROP; 657} 658 659static int pptp_rcv(struct sk_buff *skb) 660{ 661 struct pppox_sock *po; 662 struct pptp_gre_header *header; 663 struct iphdr *iph; 664#if LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0) 665 int ret; 666 struct sock *sk; 667#endif 668 669 if (skb->pkt_type != PACKET_HOST) 670 goto drop; 671 672 /*if (!pskb_may_pull(skb, 12)) 673 goto drop;*/ 674 675#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) 676 iph = ip_hdr(skb); 677#else 678 iph = skb->nh.iph; 679#endif 680 681 header = (struct pptp_gre_header *)skb->data; 682 683 if ( /* version should be 1 */ 684 ((header->ver & 0x7F) != PPTP_GRE_VER) || 685 /* PPTP-GRE protocol for PPTP */ 686 (ntohs(header->protocol) != PPTP_GRE_PROTO)|| 687 /* flag C should be clear */ 688 PPTP_GRE_IS_C(header->flags) || 689 /* flag R should be clear */ 690 PPTP_GRE_IS_R(header->flags) || 691 /* flag K should be set */ 692 (!PPTP_GRE_IS_K(header->flags)) || 693 /* routing and recursion ctrl = 0 */ 694 ((header->flags&0xF) != 0)){ 695 /* if invalid, discard this packet */ 696 if (log_level>=1) 697 printk(KERN_INFO"PPTP: Discarding GRE: %X %X %X %X %X %X\n", 698 header->ver&0x7F, ntohs(header->protocol), 699 PPTP_GRE_IS_C(header->flags), 700 PPTP_GRE_IS_R(header->flags), 701 PPTP_GRE_IS_K(header->flags), 702 header->flags & 0xF); 703 goto drop; 704 } 705 706 707 if ((po=lookup_chan(htons(header->call_id),iph->saddr))) { 708#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31) 709 skb_dst_drop(skb); 710#else 711 dst_release(skb->dst); 712 skb->dst = NULL; 713#endif 714 nf_reset(skb); 715#if LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0) 716 sk=sk_pppox(po); 717 bh_lock_sock(sk); 718 /* Socket state is unknown, must put skb into backlog. */ 719 if (sk->lock.users != 0) { 720 sk_add_backlog(sk, skb); 721 ret = NET_RX_SUCCESS; 722 } else { 723 ret = pptp_rcv_core(sk, skb); 724 } 725 bh_unlock_sock(sk); 726 sock_put(sk); 727 return ret; 728 729#else /* LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0) */ 730 731#if LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,19) 732 return sk_receive_skb(sk_pppox(po), skb); 733#else 734 return sk_receive_skb(sk_pppox(po), skb, 0); 735#endif 736 737#endif /* LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0) */ 738 }else { 739#ifdef DEBUG 740 if (log_level>=1) 741 printk(KERN_INFO"PPTP: Discarding packet from unknown call_id %i\n",htons(header->call_id)); 742#endif 743 } 744 745drop: 746 kfree_skb(skb); 747 return NET_RX_DROP; 748} 749 750static int pptp_bind(struct socket *sock,struct sockaddr *uservaddr,int sockaddr_len) 751{ 752 struct sock *sk = sock->sk; 753 struct sockaddr_pppox *sp = (struct sockaddr_pppox *) uservaddr; 754 struct pppox_sock *po = pppox_sk(sk); 755 struct pptp_opt *opt=&po->proto.pptp; 756 int error=0; 757 758#ifdef DEBUG 759 if (log_level>=1) 760 printk(KERN_INFO"PPTP: bind: addr=%X call_id=%i\n",sp->sa_addr.pptp.sin_addr.s_addr, 761 sp->sa_addr.pptp.call_id); 762#endif 763 lock_sock(sk); 764 765 opt->src_addr=sp->sa_addr.pptp; 766 if (add_chan(po)) 767 { 768 release_sock(sk); 769 error=-EBUSY; 770 } 771#ifdef DEBUG 772 if (log_level>=1) 773 printk(KERN_INFO"PPTP: using call_id %i\n",opt->src_addr.call_id); 774#endif 775 776 release_sock(sk); 777 return error; 778} 779 780static int pptp_connect(struct socket *sock, struct sockaddr *uservaddr, 781 int sockaddr_len, int flags) 782{ 783 struct sock *sk = sock->sk; 784 struct sockaddr_pppox *sp = (struct sockaddr_pppox *) uservaddr; 785 struct pppox_sock *po = pppox_sk(sk); 786 struct pptp_opt *opt = &po->proto.pptp; 787 struct rtable *rt; /* Route to the other host */ 788 int error=0; 789 790 if (sp->sa_protocol != PX_PROTO_PPTP) 791 return -EINVAL; 792 793#ifdef DEBUG 794 if (log_level>=1) 795 printk(KERN_INFO"PPTP[%i]: connect: addr=%X call_id=%i\n",opt->src_addr.call_id, 796 sp->sa_addr.pptp.sin_addr.s_addr,sp->sa_addr.pptp.call_id); 797#endif 798 799 if (lookup_chan_dst(sp->sa_addr.pptp.call_id,sp->sa_addr.pptp.sin_addr.s_addr)) 800 return -EALREADY; 801 802 lock_sock(sk); 803 /* Check for already bound sockets */ 804 if (SK_STATE(sk) & PPPOX_CONNECTED){ 805 error = -EBUSY; 806 goto end; 807 } 808 809 /* Check for already disconnected sockets, on attempts to disconnect */ 810 if (SK_STATE(sk) & PPPOX_DEAD){ 811 error = -EALREADY; 812 goto end; 813 } 814 815 if (!opt->src_addr.sin_addr.s_addr || !sp->sa_addr.pptp.sin_addr.s_addr){ 816 error = -EINVAL; 817 goto end; 818 } 819 820 po->chan.private=sk; 821 po->chan.ops=&pptp_chan_ops; 822 823#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 824 { 825 struct rt_key key = { 826 .dst=opt->dst_addr.sin_addr.s_addr, 827 .src=opt->src_addr.sin_addr.s_addr, 828 .tos=RT_TOS(0), 829 }; 830#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,25) 831 if (ip_route_output_key(&rt, &key)) { 832#else 833 if (ip_route_output_key(&init_net, &rt, &key)) { 834#endif 835 error = -EHOSTUNREACH; 836 goto end; 837 } 838 } 839#else 840 { 841 struct flowi fl = { 842 .nl_u = { .ip4_u = 843 { .daddr = opt->dst_addr.sin_addr.s_addr, 844 .saddr = opt->src_addr.sin_addr.s_addr, 845 .tos = RT_CONN_FLAGS(sk) } }, 846 .proto = IPPROTO_GRE }; 847#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,18) 848 security_sk_classify_flow(sk, &fl); 849#endif 850#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,25) 851 if (ip_route_output_key(&rt, &fl)){ 852#else 853 if (ip_route_output_key(&init_net, &rt, &fl)){ 854#endif 855 error = -EHOSTUNREACH; 856 goto end; 857 } 858 sk_setup_caps(sk, &rt->u.dst); 859 } 860#endif 861#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 862 po->chan.mtu=PPP_MTU; 863#else 864 po->chan.mtu=dst_mtu(&rt->u.dst); 865 if (!po->chan.mtu) po->chan.mtu=PPP_MTU; 866#endif 867 ip_rt_put(rt); 868 po->chan.mtu-=PPTP_HEADER_OVERHEAD; 869 870 po->chan.hdrlen=2+sizeof(struct pptp_gre_header); 871 error = ppp_register_channel(&po->chan); 872 if (error){ 873 printk(KERN_ERR "PPTP: failed to register PPP channel (%d)\n",error); 874 goto end; 875 } 876 877 opt->dst_addr=sp->sa_addr.pptp; 878 SK_STATE(sk) = PPPOX_CONNECTED; 879 880 end: 881 release_sock(sk); 882 return error; 883} 884 885static int pptp_getname(struct socket *sock, struct sockaddr *uaddr, 886 int *usockaddr_len, int peer) 887{ 888 int len = sizeof(struct sockaddr_pppox); 889 struct sockaddr_pppox sp; 890 891 sp.sa_family = AF_PPPOX; 892 sp.sa_protocol = PX_PROTO_PPTP; 893 sp.sa_addr.pptp=pppox_sk(sock->sk)->proto.pptp.src_addr; 894 895 memcpy(uaddr, &sp, len); 896 897 *usockaddr_len = len; 898 899 return 0; 900} 901 902static int pptp_release(struct socket *sock) 903{ 904 struct sock *sk = sock->sk; 905 struct pppox_sock *po; 906 struct pptp_opt *opt; 907 int error = 0; 908 909 if (!sk) 910 return 0; 911 912 lock_sock(sk); 913 914#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 915 if (sk->dead) 916#else 917 if (sock_flag(sk, SOCK_DEAD)) 918#endif 919 { 920 release_sock(sk); 921 return -EBADF; 922 } 923 924 po = pppox_sk(sk); 925 opt=&po->proto.pptp; 926 del_chan(po); 927 928 pppox_unbind_sock(sk); 929 SK_STATE(sk) = PPPOX_DEAD; 930 931#ifdef DEBUG 932 if (log_level>=1) 933 printk(KERN_INFO"PPTP[%i]: release\n",opt->src_addr.call_id); 934#endif 935 936 sock_orphan(sk); 937 sock->sk = NULL; 938 939 release_sock(sk); 940 sock_put(sk); 941 942 return error; 943} 944 945 946#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 947static struct proto pptp_sk_proto = { 948 .name = "PPTP", 949 .owner = THIS_MODULE, 950 .obj_size = sizeof(struct pppox_sock), 951}; 952#endif 953 954static struct proto_ops pptp_ops = { 955 .family = AF_PPPOX, 956#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 957 .owner = THIS_MODULE, 958#endif 959 .release = pptp_release, 960 .bind = pptp_bind, 961 .connect = pptp_connect, 962 .socketpair = sock_no_socketpair, 963 .accept = sock_no_accept, 964 .getname = pptp_getname, 965 .poll = sock_no_poll, 966 .listen = sock_no_listen, 967 .shutdown = sock_no_shutdown, 968 .setsockopt = sock_no_setsockopt, 969 .getsockopt = sock_no_getsockopt, 970 .sendmsg = sock_no_sendmsg, 971 .recvmsg = sock_no_recvmsg, 972 .mmap = sock_no_mmap, 973#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16) 974 .ioctl = pppox_ioctl, 975#endif 976}; 977 978 979#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 980static void pptp_sock_destruct(struct sock *sk) 981{ 982 skb_queue_purge(&sk->receive_queue); 983 if (!(SK_STATE(sk) & PPPOX_DEAD)) { 984 del_chan(pppox_sk(sk)); 985 pppox_unbind_sock(sk); 986 } 987 if (sk->protinfo.destruct_hook) 988 kfree(sk->protinfo.destruct_hook); 989 990 MOD_DEC_USE_COUNT; 991} 992 993static int pptp_create(struct socket *sock) 994{ 995 int error = -ENOMEM; 996 struct sock *sk; 997 struct pppox_sock *po; 998 struct pptp_opt *opt; 999 1000 MOD_INC_USE_COUNT; 1001 1002 sk = sk_alloc(PF_PPPOX, GFP_KERNEL, 1); 1003 if (!sk) 1004 goto out; 1005 1006 sock_init_data(sock, sk); 1007 1008 sock->state = SS_UNCONNECTED; 1009 sock->ops = &pptp_ops; 1010 1011 //sk->sk_backlog_rcv = pppoe_rcv_core; 1012 sk->state = PPPOX_NONE; 1013 sk->type = SOCK_STREAM; 1014 sk->family = PF_PPPOX; 1015 sk->protocol = PX_PROTO_PPTP; 1016 1017 sk->protinfo.pppox=kzalloc(sizeof(struct pppox_sock),GFP_KERNEL); 1018 sk->destruct=pptp_sock_destruct; 1019 sk->protinfo.destruct_hook=sk->protinfo.pppox; 1020 1021 po = pppox_sk(sk); 1022 po->sk=sk; 1023 opt=&po->proto.pptp; 1024 1025 opt->seq_sent=0; opt->seq_recv=0; 1026 opt->ack_recv=0; opt->ack_sent=0; 1027 1028 error = 0; 1029out: 1030 return error; 1031} 1032#else 1033static void pptp_sock_destruct(struct sock *sk) 1034{ 1035 if (!(SK_STATE(sk) & PPPOX_DEAD)){ 1036 del_chan(pppox_sk(sk)); 1037 pppox_unbind_sock(sk); 1038 } 1039 skb_queue_purge(&sk->sk_receive_queue); 1040} 1041#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,24) 1042static int pptp_create(struct socket *sock) 1043#else 1044static int pptp_create(struct net *net, struct socket *sock) 1045#endif 1046{ 1047 int error = -ENOMEM; 1048 struct sock *sk; 1049 struct pppox_sock *po; 1050 struct pptp_opt *opt; 1051 1052#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,24) 1053 sk = sk_alloc(PF_PPPOX, GFP_KERNEL, &pptp_sk_proto, 1); 1054#else 1055 sk = sk_alloc(net,PF_PPPOX, GFP_KERNEL, &pptp_sk_proto); 1056#endif 1057 if (!sk) 1058 goto out; 1059 1060 sock_init_data(sock, sk); 1061 1062 sock->state = SS_UNCONNECTED; 1063 sock->ops = &pptp_ops; 1064 1065 sk->sk_backlog_rcv = pptp_rcv_core; 1066 sk->sk_state = PPPOX_NONE; 1067 sk->sk_type = SOCK_STREAM; 1068 sk->sk_family = PF_PPPOX; 1069 sk->sk_protocol = PX_PROTO_PPTP; 1070 sk->sk_destruct = pptp_sock_destruct; 1071 1072 po = pppox_sk(sk); 1073#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 1074 po->sk=sk; 1075#endif 1076 opt=&po->proto.pptp; 1077 1078 opt->seq_sent=0; opt->seq_recv=0; 1079 opt->ack_recv=0; opt->ack_sent=0; 1080 1081 error = 0; 1082out: 1083 return error; 1084} 1085#endif 1086 1087 1088static int pptp_ppp_ioctl(struct ppp_channel *chan, unsigned int cmd, 1089 unsigned long arg) 1090{ 1091 struct sock *sk = (struct sock *) chan->private; 1092 struct pppox_sock *po = pppox_sk(sk); 1093 struct pptp_opt *opt=&po->proto.pptp; 1094 void __user *argp = (void __user *)arg; 1095 int __user *p = argp; 1096 int err, val; 1097 1098 err = -EFAULT; 1099 switch (cmd) { 1100 case PPPIOCGFLAGS: 1101 val = opt->ppp_flags; 1102 if (put_user(val, p)) 1103 break; 1104 err = 0; 1105 break; 1106 case PPPIOCSFLAGS: 1107 if (get_user(val, p)) 1108 break; 1109 opt->ppp_flags = val & ~SC_RCV_BITS; 1110 err = 0; 1111 break; 1112 default: 1113 err = -ENOTTY; 1114 } 1115 1116 return err; 1117} 1118 1119 1120static struct pppox_proto pppox_pptp_proto = { 1121 .create = pptp_create, 1122#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,15) 1123 .owner = THIS_MODULE, 1124#endif 1125}; 1126 1127#if defined(CONFIG_GRE) || defined(CONFIG_GRE_MODULE) 1128static struct gre_protocol gre_pptp_protocol = { 1129 .handler = pptp_rcv, 1130}; 1131#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 1132static struct inet_protocol net_pptp_protocol = { 1133 .handler = pptp_rcv, 1134 .protocol = IPPROTO_GRE, 1135 .name = "PPTP", 1136}; 1137#else 1138static struct net_protocol net_pptp_protocol = { 1139 .handler = pptp_rcv, 1140}; 1141#endif 1142 1143static int __init pptp_init_module(void) 1144{ 1145 int err=0; 1146 printk(KERN_INFO "PPTP driver version " PPTP_DRIVER_VERSION "\n"); 1147 1148#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 1149 callid_sock = __vmalloc((MAX_CALLID + 1) * sizeof(void *), 1150 GFP_KERNEL | __GFP_ZERO, PAGE_KERNEL); 1151#else 1152 callid_sock = __vmalloc((MAX_CALLID + 1) * sizeof(void *), 1153 GFP_KERNEL, PAGE_KERNEL); 1154 memset(callid_sock, 0, (MAX_CALLID + 1) * sizeof(void *)); 1155#endif 1156 if (!callid_sock) { 1157 printk(KERN_ERR "PPTP: cann't allocate memory\n"); 1158 return -ENOMEM; 1159 } 1160 1161#if defined(CONFIG_GRE) || defined(CONFIG_GRE_MODULE) 1162 if (gre_add_protocol(&gre_pptp_protocol, GREPROTO_PPTP) < 0) { 1163 printk(KERN_INFO "PPTP: can't add protocol\n"); 1164 goto out_free_mem; 1165 } 1166#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 1167 inet_add_protocol(&net_pptp_protocol); 1168#else 1169 if (inet_add_protocol(&net_pptp_protocol, IPPROTO_GRE) < 0) { 1170 printk(KERN_INFO "PPTP: can't add protocol\n"); 1171 goto out_free_mem; 1172 } 1173#endif 1174 1175#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 1176 err = proto_register(&pptp_sk_proto, 0); 1177 if (err){ 1178 printk(KERN_INFO "PPTP: can't register sk_proto\n"); 1179 goto out_inet_del_protocol; 1180 } 1181#endif 1182 1183 err = register_pppox_proto(PX_PROTO_PPTP, &pppox_pptp_proto); 1184 if (err){ 1185 printk(KERN_INFO "PPTP: can't register pppox_proto\n"); 1186 goto out_unregister_sk_proto; 1187 } 1188 1189 return 0; 1190out_unregister_sk_proto: 1191#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 1192 proto_unregister(&pptp_sk_proto); 1193#endif 1194 1195#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 1196out_inet_del_protocol: 1197#endif 1198 1199#if defined(CONFIG_GRE) || defined(CONFIG_GRE_MODULE) 1200 gre_del_protocol(&gre_pptp_protocol, GREPROTO_PPTP); 1201#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 1202 inet_del_protocol(&net_pptp_protocol); 1203#else 1204 inet_del_protocol(&net_pptp_protocol, IPPROTO_GRE); 1205#endif 1206out_free_mem: 1207 vfree(callid_sock); 1208 1209 return err; 1210} 1211 1212static void __exit pptp_exit_module(void) 1213{ 1214 unregister_pppox_proto(PX_PROTO_PPTP); 1215#if defined(CONFIG_GRE) || defined(CONFIG_GRE_MODULE) 1216#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,0) 1217 proto_unregister(&pptp_sk_proto); 1218#endif 1219 gre_del_protocol(&gre_pptp_protocol, GREPROTO_PPTP); 1220#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 1221 inet_del_protocol(&net_pptp_protocol); 1222#else 1223 proto_unregister(&pptp_sk_proto); 1224 inet_del_protocol(&net_pptp_protocol, IPPROTO_GRE); 1225#endif 1226 vfree(callid_sock); 1227} 1228 1229module_init(pptp_init_module); 1230module_exit(pptp_exit_module); 1231 1232MODULE_DESCRIPTION("Point-to-Point Tunneling Protocol for Linux"); 1233MODULE_AUTHOR("Kozlov D. (xeb@mail.ru)"); 1234MODULE_LICENSE("GPL"); 1235 1236#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 1237MODULE_PARM(log_level,"i"); 1238MODULE_PARM(log_packets,"i"); 1239#else 1240module_param(log_level,int,0); 1241module_param(log_packets,int,0); 1242#endif 1243MODULE_PARM_DESC(log_level,"Logging level (default=0)"); 1244 1245