152419Sjulian/* 252419Sjulian * ng_pppoe.c 3139823Simp */ 4139823Simp 5139823Simp/*- 652419Sjulian * Copyright (c) 1996-1999 Whistle Communications, Inc. 752419Sjulian * All rights reserved. 852419Sjulian * 952419Sjulian * Subject to the following obligations and disclaimer of warranty, use and 1052419Sjulian * redistribution of this software, in source or object code forms, with or 1152419Sjulian * without modifications are expressly permitted by Whistle Communications; 1252419Sjulian * provided, however, that: 1352419Sjulian * 1. Any and all reproductions of the source or object code must include the 1452419Sjulian * copyright notice above and the following disclaimer of warranties; and 1552419Sjulian * 2. No rights are granted, in any manner or form, to use Whistle 1652419Sjulian * Communications, Inc. trademarks, including the mark "WHISTLE 1752419Sjulian * COMMUNICATIONS" on advertising, endorsements, or otherwise except as 1852419Sjulian * such appears in the above copyright notice or in the software. 1952419Sjulian * 2052419Sjulian * THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND 2152419Sjulian * TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO 2252419Sjulian * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE, 2352419Sjulian * INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF 2452419Sjulian * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. 2552419Sjulian * WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANTEE, OR MAKE ANY 2652419Sjulian * REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS 2752419Sjulian * SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE. 2852419Sjulian * IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES 2952419Sjulian * RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING 3052419Sjulian * WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 3152419Sjulian * PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR 3252419Sjulian * SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY 3352419Sjulian * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 3452419Sjulian * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 3552419Sjulian * THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY 3652419Sjulian * OF SUCH DAMAGE. 3752419Sjulian * 3867506Sjulian * Author: Julian Elischer <julian@freebsd.org> 3952419Sjulian * 4052419Sjulian * $FreeBSD: releng/10.3/sys/netgraph/ng_pppoe.c 288918 2015-10-06 13:10:21Z mav $ 4152752Sjulian * $Whistle: ng_pppoe.c,v 1.10 1999/11/01 09:24:52 julian Exp $ 4252419Sjulian */ 4352419Sjulian 4452419Sjulian#include <sys/param.h> 4552419Sjulian#include <sys/systm.h> 4652419Sjulian#include <sys/kernel.h> 47154604Sglebius#include <sys/ktr.h> 4852419Sjulian#include <sys/mbuf.h> 4952419Sjulian#include <sys/malloc.h> 5052419Sjulian#include <sys/errno.h> 51161034Sglebius#include <sys/syslog.h> 5252419Sjulian#include <net/ethernet.h> 5352419Sjulian 5452419Sjulian#include <netgraph/ng_message.h> 5552419Sjulian#include <netgraph/netgraph.h> 5668031Sbrian#include <netgraph/ng_parse.h> 5752419Sjulian#include <netgraph/ng_pppoe.h> 58161117Sglebius#include <netgraph/ng_ether.h> 5952419Sjulian 6070870Sjulian#ifdef NG_SEPARATE_MALLOC 61227293Sedstatic MALLOC_DEFINE(M_NETGRAPH_PPPOE, "netgraph_pppoe", "netgraph pppoe node"); 6270870Sjulian#else 6370870Sjulian#define M_NETGRAPH_PPPOE M_NETGRAPH 6470870Sjulian#endif 6570870Sjulian 6653405Sarchie#define SIGNOFF "session closed" 6753405Sarchie 6852419Sjulian/* 6952419Sjulian * This section contains the netgraph method declarations for the 7072946Sjulian * pppoe node. These methods define the netgraph pppoe 'type'. 7152419Sjulian */ 7252419Sjulian 7352752Sjulianstatic ng_constructor_t ng_pppoe_constructor; 7452752Sjulianstatic ng_rcvmsg_t ng_pppoe_rcvmsg; 7570700Sjulianstatic ng_shutdown_t ng_pppoe_shutdown; 7652752Sjulianstatic ng_newhook_t ng_pppoe_newhook; 77161117Sglebiusstatic ng_connect_t ng_pppoe_connect; 7852752Sjulianstatic ng_rcvdata_t ng_pppoe_rcvdata; 79172629Smavstatic ng_rcvdata_t ng_pppoe_rcvdata_ether; 80172629Smavstatic ng_rcvdata_t ng_pppoe_rcvdata_debug; 8152752Sjulianstatic ng_disconnect_t ng_pppoe_disconnect; 8252419Sjulian 8368031Sbrian/* Parse type for struct ngpppoe_init_data */ 8497685Sarchiestatic const struct ng_parse_struct_field ngpppoe_init_data_type_fields[] 8568031Sbrian = NG_PPPOE_INIT_DATA_TYPE_INFO; 8668845Sbrianstatic const struct ng_parse_type ngpppoe_init_data_state_type = { 8768031Sbrian &ng_parse_struct_type, 8897685Sarchie &ngpppoe_init_data_type_fields 8968031Sbrian}; 9068031Sbrian 9168031Sbrian/* Parse type for struct ngpppoe_sts */ 9297685Sarchiestatic const struct ng_parse_struct_field ng_pppoe_sts_type_fields[] 9368031Sbrian = NG_PPPOE_STS_TYPE_INFO; 9468031Sbrianstatic const struct ng_parse_type ng_pppoe_sts_state_type = { 9568031Sbrian &ng_parse_struct_type, 9697685Sarchie &ng_pppoe_sts_type_fields 9768031Sbrian}; 9868031Sbrian 9968031Sbrian/* List of commands and how to convert arguments to/from ASCII */ 10068031Sbrianstatic const struct ng_cmdlist ng_pppoe_cmds[] = { 10168031Sbrian { 10268031Sbrian NGM_PPPOE_COOKIE, 10368031Sbrian NGM_PPPOE_CONNECT, 10468031Sbrian "pppoe_connect", 10568845Sbrian &ngpppoe_init_data_state_type, 10668031Sbrian NULL 10768031Sbrian }, 10868031Sbrian { 10968031Sbrian NGM_PPPOE_COOKIE, 11068031Sbrian NGM_PPPOE_LISTEN, 11168031Sbrian "pppoe_listen", 11268845Sbrian &ngpppoe_init_data_state_type, 11368031Sbrian NULL 11468031Sbrian }, 11568031Sbrian { 11668031Sbrian NGM_PPPOE_COOKIE, 11768031Sbrian NGM_PPPOE_OFFER, 11868031Sbrian "pppoe_offer", 11968845Sbrian &ngpppoe_init_data_state_type, 12068031Sbrian NULL 12168031Sbrian }, 12268031Sbrian { 12368031Sbrian NGM_PPPOE_COOKIE, 12469922Sjulian NGM_PPPOE_SERVICE, 12569922Sjulian "pppoe_service", 12669922Sjulian &ngpppoe_init_data_state_type, 12769922Sjulian NULL 12869922Sjulian }, 12969922Sjulian { 13069922Sjulian NGM_PPPOE_COOKIE, 13168031Sbrian NGM_PPPOE_SUCCESS, 13268031Sbrian "pppoe_success", 13368031Sbrian &ng_pppoe_sts_state_type, 13468031Sbrian NULL 13568031Sbrian }, 13668031Sbrian { 13768031Sbrian NGM_PPPOE_COOKIE, 13868031Sbrian NGM_PPPOE_FAIL, 13968031Sbrian "pppoe_fail", 14068031Sbrian &ng_pppoe_sts_state_type, 14168031Sbrian NULL 14268031Sbrian }, 14368031Sbrian { 14468031Sbrian NGM_PPPOE_COOKIE, 14568031Sbrian NGM_PPPOE_CLOSE, 14668031Sbrian "pppoe_close", 14768031Sbrian &ng_pppoe_sts_state_type, 14868031Sbrian NULL 14968031Sbrian }, 150132703Sglebius { 151132703Sglebius NGM_PPPOE_COOKIE, 152132703Sglebius NGM_PPPOE_SETMODE, 153132703Sglebius "pppoe_setmode", 154132703Sglebius &ng_parse_string_type, 155132703Sglebius NULL 156132703Sglebius }, 157132703Sglebius { 158132703Sglebius NGM_PPPOE_COOKIE, 159132703Sglebius NGM_PPPOE_GETMODE, 160132703Sglebius "pppoe_getmode", 161132703Sglebius NULL, 162132703Sglebius &ng_parse_string_type 163132703Sglebius }, 164161117Sglebius { 165161117Sglebius NGM_PPPOE_COOKIE, 166161117Sglebius NGM_PPPOE_SETENADDR, 167161117Sglebius "setenaddr", 168161117Sglebius &ng_parse_enaddr_type, 169161117Sglebius NULL 170161117Sglebius }, 171288918Smav { 172288918Smav NGM_PPPOE_COOKIE, 173288918Smav NGM_PPPOE_SETMAXP, 174288918Smav "setmaxp", 175288918Smav &ng_parse_uint16_type, 176288918Smav NULL 177288918Smav }, 17868031Sbrian { 0 } 17968031Sbrian}; 18068031Sbrian 18152419Sjulian/* Netgraph node type descriptor */ 18252419Sjulianstatic struct ng_type typestruct = { 183129823Sjulian .version = NG_ABI_VERSION, 184129823Sjulian .name = NG_PPPOE_NODE_TYPE, 185129823Sjulian .constructor = ng_pppoe_constructor, 186129823Sjulian .rcvmsg = ng_pppoe_rcvmsg, 187129823Sjulian .shutdown = ng_pppoe_shutdown, 188129823Sjulian .newhook = ng_pppoe_newhook, 189161117Sglebius .connect = ng_pppoe_connect, 190129823Sjulian .rcvdata = ng_pppoe_rcvdata, 191129823Sjulian .disconnect = ng_pppoe_disconnect, 192129823Sjulian .cmdlist = ng_pppoe_cmds, 19352419Sjulian}; 19452562SjulianNETGRAPH_INIT(pppoe, &typestruct); 19552419Sjulian 19652419Sjulian/* 19752419Sjulian * States for the session state machine. 19852419Sjulian * These have no meaning if there is no hook attached yet. 19952419Sjulian */ 20052419Sjulianenum state { 20152419Sjulian PPPOE_SNONE=0, /* [both] Initial state */ 20253498Sjulian PPPOE_LISTENING, /* [Daemon] Listening for discover initiation pkt */ 20352419Sjulian PPPOE_SINIT, /* [Client] Sent discovery initiation */ 20453498Sjulian PPPOE_PRIMED, /* [Server] Awaiting PADI from daemon */ 20553498Sjulian PPPOE_SOFFER, /* [Server] Sent offer message (got PADI)*/ 20652419Sjulian PPPOE_SREQ, /* [Client] Sent a Request */ 20753498Sjulian PPPOE_NEWCONNECTED, /* [Server] Connection established, No data received */ 20852419Sjulian PPPOE_CONNECTED, /* [Both] Connection established, Data received */ 20952419Sjulian PPPOE_DEAD /* [Both] */ 21052419Sjulian}; 21152419Sjulian 21252419Sjulian#define NUMTAGS 20 /* number of tags we are set up to work with */ 21352419Sjulian 21452419Sjulian/* 215154604Sglebius * Information we store for each hook on each node for negotiating the 21652419Sjulian * session. The mbuf and cluster are freed once negotiation has completed. 21752419Sjulian * The whole negotiation block is then discarded. 21852419Sjulian */ 21952419Sjulian 22052419Sjulianstruct sess_neg { 22152419Sjulian struct mbuf *m; /* holds cluster with last sent packet */ 22252419Sjulian union packet *pkt; /* points within the above cluster */ 223138562Sglebius struct callout handle; /* see timeout(9) */ 22452419Sjulian u_int timeout; /* 0,1,2,4,8,16 etc. seconds */ 22552419Sjulian u_int numtags; 22697897Sarchie const struct pppoe_tag *tags[NUMTAGS]; 22752419Sjulian u_int service_len; 22852419Sjulian u_int ac_name_len; 22952419Sjulian 23052419Sjulian struct datatag service; 23152419Sjulian struct datatag ac_name; 23252419Sjulian}; 23352419Sjuliantypedef struct sess_neg *negp; 23452419Sjulian 23552419Sjulian/* 23652419Sjulian * Session information that is needed after connection. 23752419Sjulian */ 23866052Sarchiestruct sess_con { 23952419Sjulian hook_p hook; 240154604Sglebius uint16_t Session_ID; 24152419Sjulian enum state state; 242154604Sglebius ng_ID_t creator; /* who to notify */ 24352419Sjulian struct pppoe_full_hdr pkt_hdr; /* used when connected */ 24452419Sjulian negp neg; /* used when negotiating */ 245176775Smav LIST_ENTRY(sess_con) sessions; 24652419Sjulian}; 24766052Sarchietypedef struct sess_con *sessp; 24852419Sjulian 249175865Smav#define SESSHASHSIZE 0x0100 250175865Smav#define SESSHASH(x) (((x) ^ ((x) >> 8)) & (SESSHASHSIZE - 1)) 251175865Smav 252175865Smavstruct sess_hash_entry { 253175865Smav struct mtx mtx; 254176775Smav LIST_HEAD(hhead, sess_con) head; 255175865Smav}; 256175865Smav 25752419Sjulian/* 25852419Sjulian * Information we store for each node 25952419Sjulian */ 260154604Sglebiusstruct PPPoE { 26152419Sjulian node_p node; /* back pointer to node */ 26252419Sjulian hook_p ethernet_hook; 26352419Sjulian hook_p debug_hook; 26452419Sjulian u_int packets_in; /* packets in from ethernet */ 26552419Sjulian u_int packets_out; /* packets out towards ethernet */ 266154604Sglebius uint32_t flags; 267154901Sglebius#define COMPAT_3COM 0x00000001 268154901Sglebius#define COMPAT_DLINK 0x00000002 269161117Sglebius struct ether_header eh; 270176775Smav LIST_HEAD(, sess_con) listeners; 271175865Smav struct sess_hash_entry sesshash[SESSHASHSIZE]; 272288918Smav struct maxptag max_payload; /* PPP-Max-Payload (RFC4638) */ 27352419Sjulian}; 274154604Sglebiustypedef struct PPPoE *priv_p; 27552419Sjulian 27652419Sjulianunion uniq { 27752419Sjulian char bytes[sizeof(void *)]; 278154604Sglebius void *pointer; 279154604Sglebius}; 28052419Sjulian 28152419Sjulian#define LEAVE(x) do { error = x; goto quit; } while(0) 28252419Sjulianstatic void pppoe_start(sessp sp); 283138562Sglebiusstatic void pppoe_ticker(node_p node, hook_p hook, void *arg1, int arg2); 28497897Sarchiestatic const struct pppoe_tag *scan_tags(sessp sp, 28597897Sarchie const struct pppoe_hdr* ph); 28652441Sjulianstatic int pppoe_send_event(sessp sp, enum cmd cmdid); 28752419Sjulian 28852419Sjulian/************************************************************************* 28952419Sjulian * Some basic utilities from the Linux version with author's permission.* 29052419Sjulian * Author: Michal Ostrowski <mostrows@styx.uwaterloo.ca> * 29152419Sjulian ************************************************************************/ 29252419Sjulian 29352419Sjulian 29452419Sjulian 29552419Sjulian/* 296154604Sglebius * Return the location where the next tag can be put 29752419Sjulian */ 29897897Sarchiestatic __inline const struct pppoe_tag* 29997897Sarchienext_tag(const struct pppoe_hdr* ph) 30052419Sjulian{ 301189315Sed return (const struct pppoe_tag*)(((const char*)(ph + 1)) 30297897Sarchie + ntohs(ph->length)); 30352419Sjulian} 30452419Sjulian 30552419Sjulian/* 306154604Sglebius * Look for a tag of a specific type. 307154604Sglebius * Don't trust any length the other end says, 30852419Sjulian * but assume we already sanity checked ph->length. 30952419Sjulian */ 31097897Sarchiestatic const struct pppoe_tag* 311154604Sglebiusget_tag(const struct pppoe_hdr* ph, uint16_t idx) 31252419Sjulian{ 31397897Sarchie const char *const end = (const char *)next_tag(ph); 314189315Sed const struct pppoe_tag *pt = (const void *)(ph + 1); 31597897Sarchie const char *ptn; 316154604Sglebius 31752419Sjulian /* 31852419Sjulian * Keep processing tags while a tag header will still fit. 31952419Sjulian */ 32097897Sarchie while((const char*)(pt + 1) <= end) { 321154604Sglebius /* 322154604Sglebius * If the tag data would go past the end of the packet, abort. 323154604Sglebius */ 324154604Sglebius ptn = (((const char *)(pt + 1)) + ntohs(pt->tag_len)); 325154604Sglebius if (ptn > end) { 326154604Sglebius CTR2(KTR_NET, "%20s: invalid length for tag %d", 327154604Sglebius __func__, idx); 328154604Sglebius return (NULL); 329154604Sglebius } 330154604Sglebius if (pt->tag_type == idx) { 331154604Sglebius CTR2(KTR_NET, "%20s: found tag %d", __func__, idx); 332154604Sglebius return (pt); 333154604Sglebius } 33452419Sjulian 335154604Sglebius pt = (const struct pppoe_tag*)ptn; 336154604Sglebius } 33752419Sjulian 338154604Sglebius CTR2(KTR_NET, "%20s: not found tag %d", __func__, idx); 339154604Sglebius return (NULL); 34052419Sjulian} 34152419Sjulian 34252419Sjulian/************************************************************************** 343154604Sglebius * Inlines to initialise or add tags to a session's tag list. 34452419Sjulian **************************************************************************/ 34552419Sjulian/* 346154604Sglebius * Initialise the session's tag list. 34752419Sjulian */ 34852419Sjulianstatic void 34952419Sjulianinit_tags(sessp sp) 35052419Sjulian{ 351154604Sglebius KASSERT(sp->neg != NULL, ("%s: no neg", __func__)); 35252419Sjulian sp->neg->numtags = 0; 35352419Sjulian} 35452419Sjulian 35552419Sjulianstatic void 35697897Sarchieinsert_tag(sessp sp, const struct pppoe_tag *tp) 35752419Sjulian{ 358154604Sglebius negp neg = sp->neg; 359154604Sglebius int i; 36052419Sjulian 361154604Sglebius KASSERT(neg != NULL, ("%s: no neg", __func__)); 36252419Sjulian if ((i = neg->numtags++) < NUMTAGS) { 36352419Sjulian neg->tags[i] = tp; 36452419Sjulian } else { 365161034Sglebius log(LOG_NOTICE, "ng_pppoe: asked to add too many tags to " 366161034Sglebius "packet\n"); 36753042Sjulian neg->numtags--; 36852419Sjulian } 36952419Sjulian} 37052419Sjulian 37152419Sjulian/* 37252419Sjulian * Make up a packet, using the tags filled out for the session. 37352419Sjulian * 374154604Sglebius * Assume that the actual pppoe header and ethernet header 37552419Sjulian * are filled out externally to this routine. 376154604Sglebius * Also assume that neg->wh points to the correct 37752419Sjulian * location at the front of the buffer space. 37852419Sjulian */ 37952419Sjulianstatic void 38052419Sjulianmake_packet(sessp sp) { 38152419Sjulian struct pppoe_full_hdr *wh = &sp->neg->pkt->pkt_header; 38297897Sarchie const struct pppoe_tag **tag; 38352419Sjulian char *dp; 38452419Sjulian int count; 38552419Sjulian int tlen; 386154604Sglebius uint16_t length = 0; 38752419Sjulian 388154604Sglebius KASSERT((sp->neg != NULL) && (sp->neg->m != NULL), 389161034Sglebius ("%s: called from wrong state", __func__)); 390154604Sglebius CTR2(KTR_NET, "%20s: called %d", __func__, sp->Session_ID); 391154604Sglebius 392189315Sed dp = (char *)(&wh->ph + 1); 39352419Sjulian for (count = 0, tag = sp->neg->tags; 394154604Sglebius ((count < sp->neg->numtags) && (count < NUMTAGS)); 39552419Sjulian tag++, count++) { 39652419Sjulian tlen = ntohs((*tag)->tag_len) + sizeof(**tag); 39752419Sjulian if ((length + tlen) > (ETHER_MAX_LEN - 4 - sizeof(*wh))) { 398161034Sglebius log(LOG_NOTICE, "ng_pppoe: tags too long\n"); 39952419Sjulian sp->neg->numtags = count; 40052419Sjulian break; /* XXX chop off what's too long */ 40152419Sjulian } 40297897Sarchie bcopy(*tag, (char *)dp, tlen); 40352419Sjulian length += tlen; 40452419Sjulian dp += tlen; 40552419Sjulian } 40652419Sjulian wh->ph.length = htons(length); 40752419Sjulian sp->neg->m->m_len = length + sizeof(*wh); 40852419Sjulian sp->neg->m->m_pkthdr.len = length + sizeof(*wh); 40952419Sjulian} 41052419Sjulian 41152419Sjulian/************************************************************************** 412154862Sglebius * Routines to match a service. * 41352419Sjulian **************************************************************************/ 414154862Sglebius 415154604Sglebius/* 41652419Sjulian * Find a hook that has a service string that matches that 417154862Sglebius * we are seeking. For now use a simple string. 41852419Sjulian * In the future we may need something like regexp(). 419154862Sglebius * 420154862Sglebius * Null string is a wildcard (ANY service), according to RFC2516. 421154862Sglebius * And historical FreeBSD wildcard is also "*". 42252419Sjulian */ 42380311Sbrian 42452419Sjulianstatic hook_p 425154862Sglebiuspppoe_match_svc(node_p node, const struct pppoe_tag *tag) 42652419Sjulian{ 427176775Smav const priv_p privp = NG_NODE_PRIVATE(node); 428176775Smav sessp sp; 42952419Sjulian 430176775Smav LIST_FOREACH(sp, &privp->listeners, sessions) { 431176775Smav negp neg = sp->neg; 43252419Sjulian 433154862Sglebius /* Empty Service-Name matches any service. */ 434154862Sglebius if (neg->service_len == 0) 435154862Sglebius break; 43652419Sjulian 437154862Sglebius /* Special case for a blank or "*" service name (wildcard). */ 438154862Sglebius if (neg->service_len == 1 && neg->service.data[0] == '*') 439154862Sglebius break; 440154862Sglebius 44152419Sjulian /* If the lengths don't match, that aint it. */ 442154862Sglebius if (neg->service_len != ntohs(tag->tag_len)) 44352419Sjulian continue; 44452419Sjulian 445189315Sed if (strncmp((const char *)(tag + 1), neg->service.data, 446154862Sglebius ntohs(tag->tag_len)) == 0) 44780311Sbrian break; 448154862Sglebius } 449176775Smav CTR3(KTR_NET, "%20s: matched %p for %s", __func__, 450189315Sed sp?sp->hook:NULL, (const char *)(tag + 1)); 45180311Sbrian 452176775Smav return (sp?sp->hook:NULL); 453154862Sglebius} 454154862Sglebius 455154862Sglebius/* 456154862Sglebius * Broadcast the PADI packet in m0 to all listening hooks. 457154862Sglebius * This routine is called when a PADI with empty Service-Name 458154862Sglebius * tag is received. Client should receive PADOs with all 459154862Sglebius * available services. 460154862Sglebius */ 461154862Sglebiusstatic int 462154862Sglebiuspppoe_broadcast_padi(node_p node, struct mbuf *m0) 463154862Sglebius{ 464176775Smav const priv_p privp = NG_NODE_PRIVATE(node); 465176775Smav sessp sp; 466154862Sglebius int error = 0; 467154862Sglebius 468176775Smav LIST_FOREACH(sp, &privp->listeners, sessions) { 469154862Sglebius struct mbuf *m; 470154862Sglebius 471243882Sglebius m = m_dup(m0, M_NOWAIT); 472154862Sglebius if (m == NULL) 473154862Sglebius return (ENOMEM); 474176775Smav NG_SEND_DATA_ONLY(error, sp->hook, m); 475154862Sglebius if (error) 476154862Sglebius return (error); 47752419Sjulian } 478154604Sglebius 479154862Sglebius return (0); 48052419Sjulian} 481154604Sglebius 482154862Sglebius/* 483154862Sglebius * Find a hook, which name equals to given service. 484154862Sglebius */ 485154862Sglebiusstatic hook_p 486154862Sglebiuspppoe_find_svc(node_p node, const char *svc_name, int svc_len) 487154862Sglebius{ 488176775Smav const priv_p privp = NG_NODE_PRIVATE(node); 489176775Smav sessp sp; 490154862Sglebius 491176775Smav LIST_FOREACH(sp, &privp->listeners, sessions) { 492176775Smav negp neg = sp->neg; 493154862Sglebius 494154862Sglebius if (neg->service_len == svc_len && 495174931Smav strncmp(svc_name, neg->service.data, svc_len) == 0) 496176775Smav return (sp->hook); 497154862Sglebius } 498154862Sglebius 499154862Sglebius return (NULL); 500154862Sglebius} 501154862Sglebius 50252419Sjulian/************************************************************************** 503175865Smav * Routines to find a particular session that matches an incoming packet. * 50452419Sjulian **************************************************************************/ 505176753Smav/* Find free session and add to hash. */ 506176753Smavstatic uint16_t 507176753Smavpppoe_getnewsession(sessp sp) 508176753Smav{ 509176753Smav const priv_p privp = NG_NODE_PRIVATE(NG_HOOK_NODE(sp->hook)); 510176753Smav static uint16_t pppoe_sid = 1; 511176753Smav sessp tsp; 512176753Smav uint16_t val, hash; 513176753Smav 514176753Smavrestart: 515176753Smav /* Atomicity is not needed here as value will be checked. */ 516176753Smav val = pppoe_sid++; 517176753Smav /* Spec says 0xFFFF is reserved, also don't use 0x0000. */ 518176753Smav if (val == 0xffff || val == 0x0000) 519176753Smav val = pppoe_sid = 1; 520176753Smav 521176753Smav /* Check it isn't already in use. */ 522176753Smav hash = SESSHASH(val); 523176753Smav mtx_lock(&privp->sesshash[hash].mtx); 524176775Smav LIST_FOREACH(tsp, &privp->sesshash[hash].head, sessions) { 525176753Smav if (tsp->Session_ID == val) 526176753Smav break; 527176753Smav } 528176753Smav if (!tsp) { 529176753Smav sp->Session_ID = val; 530176775Smav LIST_INSERT_HEAD(&privp->sesshash[hash].head, sp, sessions); 531176753Smav } 532176753Smav mtx_unlock(&privp->sesshash[hash].mtx); 533176753Smav if (tsp) 534176753Smav goto restart; 535176753Smav 536176753Smav CTR2(KTR_NET, "%20s: new sid %d", __func__, val); 537176753Smav 538176753Smav return (val); 539176753Smav} 540176753Smav 541175865Smav/* Add specified session to hash. */ 542175865Smavstatic void 543175865Smavpppoe_addsession(sessp sp) 54452419Sjulian{ 545175865Smav const priv_p privp = NG_NODE_PRIVATE(NG_HOOK_NODE(sp->hook)); 546175865Smav uint16_t hash = SESSHASH(sp->Session_ID); 54752419Sjulian 548175865Smav mtx_lock(&privp->sesshash[hash].mtx); 549176775Smav LIST_INSERT_HEAD(&privp->sesshash[hash].head, sp, sessions); 550175865Smav mtx_unlock(&privp->sesshash[hash].mtx); 551175865Smav} 552172270Smav 553175865Smav/* Delete specified session from hash. */ 554175865Smavstatic void 555175865Smavpppoe_delsession(sessp sp) 556175865Smav{ 557175865Smav const priv_p privp = NG_NODE_PRIVATE(NG_HOOK_NODE(sp->hook)); 558175865Smav uint16_t hash = SESSHASH(sp->Session_ID); 559175865Smav 560175865Smav mtx_lock(&privp->sesshash[hash].mtx); 561176775Smav LIST_REMOVE(sp, sessions); 562175865Smav mtx_unlock(&privp->sesshash[hash].mtx); 563175865Smav} 564175865Smav 565175865Smav/* Find matching peer/session combination. */ 566175865Smavstatic sessp 567175865Smavpppoe_findsession(priv_p privp, const struct pppoe_full_hdr *wh) 568175865Smav{ 569175865Smav uint16_t session = ntohs(wh->ph.sid); 570175865Smav uint16_t hash = SESSHASH(session); 571175865Smav sessp sp = NULL; 572175865Smav 573175865Smav mtx_lock(&privp->sesshash[hash].mtx); 574176775Smav LIST_FOREACH(sp, &privp->sesshash[hash].head, sessions) { 575172270Smav if (sp->Session_ID == session && 576172270Smav bcmp(sp->pkt_hdr.eh.ether_dhost, 577172270Smav wh->eh.ether_shost, ETHER_ADDR_LEN) == 0) { 57852419Sjulian break; 57952419Sjulian } 58052419Sjulian } 581175865Smav mtx_unlock(&privp->sesshash[hash].mtx); 582175867Smav CTR3(KTR_NET, "%20s: matched %p for %d", __func__, sp?sp->hook:NULL, 583175867Smav session); 584154604Sglebius 585175865Smav return (sp); 58652419Sjulian} 58752419Sjulian 58852419Sjulianstatic hook_p 58997897Sarchiepppoe_finduniq(node_p node, const struct pppoe_tag *tag) 59052419Sjulian{ 591154604Sglebius hook_p hook = NULL; 592154604Sglebius union uniq uniq; 59352419Sjulian 594189315Sed bcopy(tag + 1, uniq.bytes, sizeof(void *)); 595154604Sglebius /* Cycle through all known hooks. */ 59670784Sjulian LIST_FOREACH(hook, &node->nd_hooks, hk_hooks) { 597172270Smav /* Skip any nonsession hook. */ 598172270Smav if (NG_HOOK_PRIVATE(hook) == NULL) 59952419Sjulian continue; 60070784Sjulian if (uniq.pointer == NG_HOOK_PRIVATE(hook)) 60152419Sjulian break; 60252419Sjulian } 603154604Sglebius CTR3(KTR_NET, "%20s: matched %p for %p", __func__, hook, uniq.pointer); 604154604Sglebius 60552419Sjulian return (hook); 60652419Sjulian} 60752419Sjulian 60852419Sjulian/************************************************************************** 609154604Sglebius * Start of Netgraph entrypoints. * 61052419Sjulian **************************************************************************/ 61152419Sjulian 61252419Sjulian/* 613154604Sglebius * Allocate the private data structure and link it with node. 61452419Sjulian */ 61552419Sjulianstatic int 61670700Sjulianng_pppoe_constructor(node_p node) 61752419Sjulian{ 618175865Smav priv_p privp; 619175865Smav int i; 62052419Sjulian 621154604Sglebius /* Initialize private descriptor. */ 622220768Sglebius privp = malloc(sizeof(*privp), M_NETGRAPH_PPPOE, M_WAITOK | M_ZERO); 62352419Sjulian 624154604Sglebius /* Link structs together; this counts as our one reference to *node. */ 625154604Sglebius NG_NODE_SET_PRIVATE(node, privp); 626154604Sglebius privp->node = node; 627132703Sglebius 628154901Sglebius /* Initialize to standard mode. */ 629161117Sglebius memset(&privp->eh.ether_dhost, 0xff, ETHER_ADDR_LEN); 630161117Sglebius privp->eh.ether_type = ETHERTYPE_PPPOE_DISC; 631154604Sglebius 632176775Smav LIST_INIT(&privp->listeners); 633175865Smav for (i = 0; i < SESSHASHSIZE; i++) { 634175865Smav mtx_init(&privp->sesshash[i].mtx, "PPPoE hash mutex", NULL, MTX_DEF); 635176775Smav LIST_INIT(&privp->sesshash[i].head); 636175865Smav } 637175865Smav 638154604Sglebius CTR3(KTR_NET, "%20s: created node [%x] (%p)", 639154604Sglebius __func__, node->nd_ID, node); 640154604Sglebius 64152419Sjulian return (0); 64252419Sjulian} 64352419Sjulian 64452419Sjulian/* 64552419Sjulian * Give our ok for a hook to be added... 64652419Sjulian * point the hook's private info to the hook structure. 64752419Sjulian * 64852419Sjulian * The following hook names are special: 649154604Sglebius * "ethernet": the hook that should be connected to a NIC. 650154604Sglebius * "debug": copies of data sent out here (when I write the code). 65169922Sjulian * All other hook names need only be unique. (the framework checks this). 65252419Sjulian */ 65352419Sjulianstatic int 65452562Sjulianng_pppoe_newhook(node_p node, hook_p hook, const char *name) 65552419Sjulian{ 65670784Sjulian const priv_p privp = NG_NODE_PRIVATE(node); 65752419Sjulian sessp sp; 65852419Sjulian 65952419Sjulian if (strcmp(name, NG_PPPOE_HOOK_ETHERNET) == 0) { 66052419Sjulian privp->ethernet_hook = hook; 661172629Smav NG_HOOK_SET_RCVDATA(hook, ng_pppoe_rcvdata_ether); 66252419Sjulian } else if (strcmp(name, NG_PPPOE_HOOK_DEBUG) == 0) { 66352419Sjulian privp->debug_hook = hook; 664172629Smav NG_HOOK_SET_RCVDATA(hook, ng_pppoe_rcvdata_debug); 66552419Sjulian } else { 66652419Sjulian /* 66752419Sjulian * Any other unique name is OK. 66852419Sjulian * The infrastructure has already checked that it's unique, 66952419Sjulian * so just allocate it and hook it in. 67052419Sjulian */ 671154604Sglebius sp = malloc(sizeof(*sp), M_NETGRAPH_PPPOE, M_NOWAIT | M_ZERO); 672154604Sglebius if (sp == NULL) 673154604Sglebius return (ENOMEM); 67452419Sjulian 67570784Sjulian NG_HOOK_SET_PRIVATE(hook, sp); 67652419Sjulian sp->hook = hook; 67752419Sjulian } 678154604Sglebius CTR5(KTR_NET, "%20s: node [%x] (%p) connected hook %s (%p)", 679154604Sglebius __func__, node->nd_ID, node, name, hook); 680154604Sglebius 68152419Sjulian return(0); 68252419Sjulian} 68352419Sjulian 68452419Sjulian/* 685161117Sglebius * Hook has been added successfully. Request the MAC address of 686161117Sglebius * the underlying Ethernet node. 687161117Sglebius */ 688161117Sglebiusstatic int 689161117Sglebiusng_pppoe_connect(hook_p hook) 690161117Sglebius{ 691161117Sglebius const priv_p privp = NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); 692161117Sglebius struct ng_mesg *msg; 693161181Sglebius int error; 694161117Sglebius 695161117Sglebius if (hook != privp->ethernet_hook) 696161117Sglebius return (0); 697161117Sglebius 698161117Sglebius /* 699161117Sglebius * If this is Ethernet hook, then request MAC address 700161117Sglebius * from our downstream. 701161117Sglebius */ 702161117Sglebius NG_MKMESSAGE(msg, NGM_ETHER_COOKIE, NGM_ETHER_GET_ENADDR, 0, M_NOWAIT); 703161117Sglebius if (msg == NULL) 704161117Sglebius return (ENOBUFS); 705161117Sglebius 706161117Sglebius /* 707161117Sglebius * Our hook and peer hook have HK_INVALID flag set, 708161117Sglebius * so we can't use NG_SEND_MSG_HOOK() macro here. 709161117Sglebius */ 710161117Sglebius NG_SEND_MSG_ID(error, privp->node, msg, 711161117Sglebius NG_NODE_ID(NG_PEER_NODE(privp->ethernet_hook)), 712161117Sglebius NG_NODE_ID(privp->node)); 713161117Sglebius 714161117Sglebius return (error); 715161117Sglebius} 716161117Sglebius/* 71752419Sjulian * Get a netgraph control message. 71852419Sjulian * Check it is one we understand. If needed, send a response. 71952419Sjulian * We sometimes save the address for an async action later. 72052419Sjulian * Always free the message. 72152419Sjulian */ 72252419Sjulianstatic int 72370700Sjulianng_pppoe_rcvmsg(node_p node, item_p item, hook_p lasthook) 72452419Sjulian{ 72570784Sjulian priv_p privp = NG_NODE_PRIVATE(node); 72652562Sjulian struct ngpppoe_init_data *ourmsg = NULL; 72752419Sjulian struct ng_mesg *resp = NULL; 72852419Sjulian int error = 0; 72952419Sjulian hook_p hook = NULL; 73052419Sjulian sessp sp = NULL; 73152419Sjulian negp neg = NULL; 73270700Sjulian struct ng_mesg *msg; 73352419Sjulian 73470700Sjulian NGI_GET_MSG(item, msg); 735154604Sglebius CTR5(KTR_NET, "%20s: node [%x] (%p) got message %d with cookie %d", 736154604Sglebius __func__, node->nd_ID, node, msg->header.cmd, 737154604Sglebius msg->header.typecookie); 738154604Sglebius 739154604Sglebius /* Deal with message according to cookie and command. */ 74052419Sjulian switch (msg->header.typecookie) { 741154604Sglebius case NGM_PPPOE_COOKIE: 74252419Sjulian switch (msg->header.cmd) { 74352419Sjulian case NGM_PPPOE_CONNECT: 744154604Sglebius case NGM_PPPOE_LISTEN: 745154604Sglebius case NGM_PPPOE_OFFER: 746154604Sglebius case NGM_PPPOE_SERVICE: 74768845Sbrian ourmsg = (struct ngpppoe_init_data *)msg->data; 74868845Sbrian if (msg->header.arglen < sizeof(*ourmsg)) { 749161034Sglebius log(LOG_ERR, "ng_pppoe[%x]: init data too " 750161034Sglebius "small\n", node->nd_ID); 75168845Sbrian LEAVE(EMSGSIZE); 75268031Sbrian } 753154604Sglebius if (msg->header.arglen - sizeof(*ourmsg) > 75468031Sbrian PPPOE_SERVICE_NAME_SIZE) { 755161034Sglebius log(LOG_ERR, "ng_pppoe[%x]: service name " 756161034Sglebius "too big\n", node->nd_ID); 75752419Sjulian LEAVE(EMSGSIZE); 75852419Sjulian } 75968845Sbrian if (msg->header.arglen - sizeof(*ourmsg) < 76068845Sbrian ourmsg->data_len) { 761161034Sglebius log(LOG_ERR, "ng_pppoe[%x]: init data has bad " 762161034Sglebius "length, %d should be %zd\n", node->nd_ID, 763161034Sglebius ourmsg->data_len, 76468845Sbrian msg->header.arglen - sizeof (*ourmsg)); 76552419Sjulian LEAVE(EMSGSIZE); 76652419Sjulian } 76768031Sbrian 768154604Sglebius /* Make sure strcmp will terminate safely. */ 76952419Sjulian ourmsg->hook[sizeof(ourmsg->hook) - 1] = '\0'; 77052419Sjulian 771176775Smav /* Find hook by name. */ 772176775Smav hook = ng_findhook(node, ourmsg->hook); 773154604Sglebius if (hook == NULL) 77452419Sjulian LEAVE(ENOENT); 775154604Sglebius 776172270Smav sp = NG_HOOK_PRIVATE(hook); 777172270Smav if (sp == NULL) 77852419Sjulian LEAVE(EINVAL); 779154604Sglebius 78080311Sbrian if (msg->header.cmd == NGM_PPPOE_LISTEN) { 78180311Sbrian /* 78280311Sbrian * Ensure we aren't already listening for this 78380311Sbrian * service. 78480311Sbrian */ 785154862Sglebius if (pppoe_find_svc(node, ourmsg->data, 786154862Sglebius ourmsg->data_len) != NULL) 78780311Sbrian LEAVE(EEXIST); 78880311Sbrian } 78980311Sbrian 79069922Sjulian /* 79169922Sjulian * PPPOE_SERVICE advertisments are set up 79269922Sjulian * on sessions that are in PRIMED state. 79369922Sjulian */ 794154604Sglebius if (msg->header.cmd == NGM_PPPOE_SERVICE) 79569922Sjulian break; 796154604Sglebius 797150319Sglebius if (sp->state != PPPOE_SNONE) { 798161034Sglebius log(LOG_NOTICE, "ng_pppoe[%x]: Session already " 799161034Sglebius "active\n", node->nd_ID); 80052419Sjulian LEAVE(EISCONN); 80152419Sjulian } 80252443Sjulian 80352419Sjulian /* 804154604Sglebius * Set up prototype header. 80552419Sjulian */ 806154604Sglebius neg = malloc(sizeof(*neg), M_NETGRAPH_PPPOE, 80768876Sdwmalone M_NOWAIT | M_ZERO); 80852419Sjulian 809154604Sglebius if (neg == NULL) 81052419Sjulian LEAVE(ENOMEM); 811154604Sglebius 812243882Sglebius neg->m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 813154604Sglebius if (neg->m == NULL) { 814154604Sglebius free(neg, M_NETGRAPH_PPPOE); 81552419Sjulian LEAVE(ENOBUFS); 81652419Sjulian } 81752419Sjulian neg->m->m_pkthdr.rcvif = NULL; 81852419Sjulian sp->neg = neg; 819138562Sglebius ng_callout_init(&neg->handle); 82052419Sjulian neg->m->m_len = sizeof(struct pppoe_full_hdr); 82152419Sjulian neg->pkt = mtod(neg->m, union packet*); 822132703Sglebius memcpy((void *)&neg->pkt->pkt_header.eh, 823161117Sglebius &privp->eh, sizeof(struct ether_header)); 82452419Sjulian neg->pkt->pkt_header.ph.ver = 0x1; 82552419Sjulian neg->pkt->pkt_header.ph.type = 0x1; 82652419Sjulian neg->pkt->pkt_header.ph.sid = 0x0000; 82752419Sjulian neg->timeout = 0; 82852419Sjulian 82970700Sjulian sp->creator = NGI_RETADDR(item); 83052419Sjulian } 83152419Sjulian switch (msg->header.cmd) { 83252419Sjulian case NGM_PPPOE_GET_STATUS: 83352419Sjulian { 83452562Sjulian struct ngpppoestat *stats; 83552419Sjulian 83652419Sjulian NG_MKRESPONSE(resp, msg, sizeof(*stats), M_NOWAIT); 837154604Sglebius if (!resp) 83852419Sjulian LEAVE(ENOMEM); 839154604Sglebius 84052562Sjulian stats = (struct ngpppoestat *) resp->data; 84152419Sjulian stats->packets_in = privp->packets_in; 84252419Sjulian stats->packets_out = privp->packets_out; 84352419Sjulian break; 84452419Sjulian } 84552419Sjulian case NGM_PPPOE_CONNECT: 846174981Smav { 84752419Sjulian /* 84852419Sjulian * Check the hook exists and is Uninitialised. 84952419Sjulian * Send a PADI request, and start the timeout logic. 85052419Sjulian * Store the originator of this message so we can send 85152419Sjulian * a success of fail message to them later. 852154604Sglebius * Move the session to SINIT. 85352419Sjulian * Set up the session to the correct state and 85452419Sjulian * start it. 85552419Sjulian */ 856174981Smav int i, acnlen = 0, acnsep = 0, srvlen; 857174981Smav for (i = 0; i < ourmsg->data_len; i++) { 858174981Smav if (ourmsg->data[i] == '\\') { 859174981Smav acnlen = i; 860174981Smav acnsep = 1; 861174981Smav break; 862174981Smav } 863174981Smav } 864174981Smav srvlen = ourmsg->data_len - acnlen - acnsep; 865174981Smav 866174981Smav bcopy(ourmsg->data, neg->ac_name.data, acnlen); 867174981Smav neg->ac_name_len = acnlen; 868174981Smav 86952419Sjulian neg->service.hdr.tag_type = PTT_SRV_NAME; 870174981Smav neg->service.hdr.tag_len = htons((uint16_t)srvlen); 871174981Smav bcopy(ourmsg->data + acnlen + acnsep, 872174981Smav neg->service.data, srvlen); 873174981Smav neg->service_len = srvlen; 87452419Sjulian pppoe_start(sp); 87552419Sjulian break; 876174981Smav } 87752419Sjulian case NGM_PPPOE_LISTEN: 87852419Sjulian /* 87952419Sjulian * Check the hook exists and is Uninitialised. 88052419Sjulian * Install the service matching string. 88152419Sjulian * Store the originator of this message so we can send 88252419Sjulian * a success of fail message to them later. 88352419Sjulian * Move the hook to 'LISTENING' 88452419Sjulian */ 88552419Sjulian neg->service.hdr.tag_type = PTT_SRV_NAME; 88668845Sbrian neg->service.hdr.tag_len = 887154604Sglebius htons((uint16_t)ourmsg->data_len); 88852443Sjulian 88968845Sbrian if (ourmsg->data_len) 89068845Sbrian bcopy(ourmsg->data, neg->service.data, 89168845Sbrian ourmsg->data_len); 89268845Sbrian neg->service_len = ourmsg->data_len; 89352419Sjulian neg->pkt->pkt_header.ph.code = PADT_CODE; 89452419Sjulian /* 895154604Sglebius * Wait for PADI packet coming from Ethernet. 89652419Sjulian */ 89752419Sjulian sp->state = PPPOE_LISTENING; 898176775Smav LIST_INSERT_HEAD(&privp->listeners, sp, sessions); 89952419Sjulian break; 90052419Sjulian case NGM_PPPOE_OFFER: 90152419Sjulian /* 90252419Sjulian * Check the hook exists and is Uninitialised. 90352419Sjulian * Store the originator of this message so we can send 90452419Sjulian * a success of fail message to them later. 90552419Sjulian * Store the AC-Name given and go to PRIMED. 90652419Sjulian */ 90752419Sjulian neg->ac_name.hdr.tag_type = PTT_AC_NAME; 90868845Sbrian neg->ac_name.hdr.tag_len = 909154604Sglebius htons((uint16_t)ourmsg->data_len); 91068845Sbrian if (ourmsg->data_len) 91168845Sbrian bcopy(ourmsg->data, neg->ac_name.data, 91268845Sbrian ourmsg->data_len); 91368845Sbrian neg->ac_name_len = ourmsg->data_len; 91452419Sjulian neg->pkt->pkt_header.ph.code = PADO_CODE; 91552419Sjulian /* 916154604Sglebius * Wait for PADI packet coming from hook. 91752419Sjulian */ 91852419Sjulian sp->state = PPPOE_PRIMED; 91952419Sjulian break; 920154604Sglebius case NGM_PPPOE_SERVICE: 921154604Sglebius /* 92269922Sjulian * Check the session is primed. 92369922Sjulian * for now just allow ONE service to be advertised. 92469922Sjulian * If you do it twice you just overwrite. 92569922Sjulian */ 92670148Sjulian if (sp->state != PPPOE_PRIMED) { 927161034Sglebius log(LOG_NOTICE, "ng_pppoe[%x]: session not " 928161034Sglebius "primed\n", node->nd_ID); 92969922Sjulian LEAVE(EISCONN); 93069922Sjulian } 93170931Sjulian neg = sp->neg; 93269922Sjulian neg->service.hdr.tag_type = PTT_SRV_NAME; 93369922Sjulian neg->service.hdr.tag_len = 934154604Sglebius htons((uint16_t)ourmsg->data_len); 93569922Sjulian 93669922Sjulian if (ourmsg->data_len) 93769922Sjulian bcopy(ourmsg->data, neg->service.data, 93869922Sjulian ourmsg->data_len); 93969922Sjulian neg->service_len = ourmsg->data_len; 94069922Sjulian break; 941132703Sglebius case NGM_PPPOE_SETMODE: 942132703Sglebius { 943132703Sglebius char *s; 944132703Sglebius size_t len; 945132703Sglebius 946132703Sglebius if (msg->header.arglen == 0) 947132703Sglebius LEAVE(EINVAL); 948132703Sglebius 949132703Sglebius s = (char *)msg->data; 950132703Sglebius len = msg->header.arglen - 1; 951132703Sglebius 952154604Sglebius /* Search for matching mode string. */ 953154901Sglebius if (len == strlen(NG_PPPOE_STANDARD) && 954154901Sglebius (strncmp(NG_PPPOE_STANDARD, s, len) == 0)) { 955154901Sglebius privp->flags = 0; 956161117Sglebius privp->eh.ether_type = ETHERTYPE_PPPOE_DISC; 957154901Sglebius break; 958154901Sglebius } 959154901Sglebius if (len == strlen(NG_PPPOE_3COM) && 960154901Sglebius (strncmp(NG_PPPOE_3COM, s, len) == 0)) { 961154901Sglebius privp->flags |= COMPAT_3COM; 962161117Sglebius privp->eh.ether_type = 963161117Sglebius ETHERTYPE_PPPOE_3COM_DISC; 964154901Sglebius break; 965154901Sglebius } 966154901Sglebius if (len == strlen(NG_PPPOE_DLINK) && 967154901Sglebius (strncmp(NG_PPPOE_DLINK, s, len) == 0)) { 968154901Sglebius privp->flags |= COMPAT_DLINK; 969154901Sglebius break; 970154901Sglebius } 971154901Sglebius error = EINVAL; 972132703Sglebius break; 973132703Sglebius } 974132703Sglebius case NGM_PPPOE_GETMODE: 975154901Sglebius { 976154901Sglebius char *s; 977154901Sglebius size_t len = 0; 978154901Sglebius 979154901Sglebius if (privp->flags == 0) 980154901Sglebius len += strlen(NG_PPPOE_STANDARD) + 1; 981154901Sglebius if (privp->flags & COMPAT_3COM) 982154901Sglebius len += strlen(NG_PPPOE_3COM) + 1; 983154901Sglebius if (privp->flags & COMPAT_DLINK) 984154901Sglebius len += strlen(NG_PPPOE_DLINK) + 1; 985154901Sglebius 986154901Sglebius NG_MKRESPONSE(resp, msg, len, M_NOWAIT); 987132703Sglebius if (resp == NULL) 988132703Sglebius LEAVE(ENOMEM); 989154901Sglebius 990154901Sglebius s = (char *)resp->data; 991154901Sglebius if (privp->flags == 0) { 992154901Sglebius len = strlen(NG_PPPOE_STANDARD); 993154901Sglebius strlcpy(s, NG_PPPOE_STANDARD, len + 1); 994154901Sglebius break; 995154901Sglebius } 996154901Sglebius if (privp->flags & COMPAT_3COM) { 997154901Sglebius len = strlen(NG_PPPOE_3COM); 998154901Sglebius strlcpy(s, NG_PPPOE_3COM, len + 1); 999154901Sglebius s += len; 1000154901Sglebius } 1001154901Sglebius if (privp->flags & COMPAT_DLINK) { 1002154901Sglebius if (s != resp->data) 1003154901Sglebius *s++ = '|'; 1004154901Sglebius len = strlen(NG_PPPOE_DLINK); 1005154901Sglebius strlcpy(s, NG_PPPOE_DLINK, len + 1); 1006154901Sglebius } 1007132703Sglebius break; 1008154901Sglebius } 1009161117Sglebius case NGM_PPPOE_SETENADDR: 1010161117Sglebius if (msg->header.arglen != ETHER_ADDR_LEN) 1011161117Sglebius LEAVE(EINVAL); 1012161117Sglebius bcopy(msg->data, &privp->eh.ether_shost, 1013161117Sglebius ETHER_ADDR_LEN); 1014161117Sglebius break; 1015288918Smav case NGM_PPPOE_SETMAXP: 1016288918Smav if (msg->header.arglen != sizeof(uint16_t)) 1017288918Smav LEAVE(EINVAL); 1018288918Smav privp->max_payload.hdr.tag_type = PTT_MAX_PAYL; 1019288918Smav privp->max_payload.hdr.tag_len = htons(sizeof(uint16_t)); 1020288918Smav privp->max_payload.data = htons(*((uint16_t *)msg->data)); 1021288918Smav break; 102252419Sjulian default: 102352419Sjulian LEAVE(EINVAL); 102452419Sjulian } 102552419Sjulian break; 1026161117Sglebius case NGM_ETHER_COOKIE: 1027161117Sglebius if (!(msg->header.flags & NGF_RESP)) 1028161117Sglebius LEAVE(EINVAL); 1029161117Sglebius switch (msg->header.cmd) { 1030161117Sglebius case NGM_ETHER_GET_ENADDR: 1031161117Sglebius if (msg->header.arglen != ETHER_ADDR_LEN) 1032161117Sglebius LEAVE(EINVAL); 1033161117Sglebius bcopy(msg->data, &privp->eh.ether_shost, 1034161117Sglebius ETHER_ADDR_LEN); 1035161117Sglebius break; 1036161117Sglebius default: 1037161181Sglebius LEAVE(EINVAL); 1038161117Sglebius } 1039161117Sglebius break; 104052419Sjulian default: 104152419Sjulian LEAVE(EINVAL); 104252419Sjulian } 104352419Sjulian 1044154604Sglebius /* Take care of synchronous response, if any. */ 104570700Sjulianquit: 1046154901Sglebius CTR2(KTR_NET, "%20s: returning %d", __func__, error); 104770700Sjulian NG_RESPOND_MSG(error, node, item, resp); 1048154604Sglebius /* Free the message and return. */ 104970700Sjulian NG_FREE_MSG(msg); 105052419Sjulian return(error); 105152419Sjulian} 105252419Sjulian 105352443Sjulian/* 105452443Sjulian * Start a client into the first state. A separate function because 105552443Sjulian * it can be needed if the negotiation times out. 105652443Sjulian */ 105752419Sjulianstatic void 105852419Sjulianpppoe_start(sessp sp) 105952419Sjulian{ 1060172628Smav hook_p hook = sp->hook; 1061172628Smav node_p node = NG_HOOK_NODE(hook); 1062172628Smav priv_p privp = NG_NODE_PRIVATE(node); 1063172628Smav negp neg = sp->neg; 106452419Sjulian struct { 106552419Sjulian struct pppoe_tag hdr; 106652419Sjulian union uniq data; 1067103870Salfred } __packed uniqtag; 1068172628Smav struct mbuf *m0; 1069172628Smav int error; 107052419Sjulian 1071154604Sglebius /* 1072154604Sglebius * Kick the state machine into starting up. 107352419Sjulian */ 1074154604Sglebius CTR2(KTR_NET, "%20s: called %d", __func__, sp->Session_ID); 107552419Sjulian sp->state = PPPOE_SINIT; 1076154604Sglebius /* 1077154604Sglebius * Reset the packet header to broadcast. Since we are 1078161117Sglebius * in a client mode use configured ethertype. 1079154604Sglebius */ 1080172628Smav memcpy((void *)&neg->pkt->pkt_header.eh, &privp->eh, 1081161117Sglebius sizeof(struct ether_header)); 1082172628Smav neg->pkt->pkt_header.ph.code = PADI_CODE; 108352419Sjulian uniqtag.hdr.tag_type = PTT_HOST_UNIQ; 108452419Sjulian uniqtag.hdr.tag_len = htons((u_int16_t)sizeof(uniqtag.data)); 108552419Sjulian uniqtag.data.pointer = sp; 108652419Sjulian init_tags(sp); 108768079Sjulian insert_tag(sp, &uniqtag.hdr); 1088172628Smav insert_tag(sp, &neg->service.hdr); 1089288918Smav if (privp->max_payload.data != 0) 1090288918Smav insert_tag(sp, &privp->max_payload.hdr); 109152419Sjulian make_packet(sp); 1092172628Smav /* 1093172628Smav * Send packet and prepare to retransmit it after timeout. 1094172628Smav */ 1095172628Smav ng_callout(&neg->handle, node, hook, PPPOE_INITIAL_TIMEOUT * hz, 1096172628Smav pppoe_ticker, NULL, 0); 1097172628Smav neg->timeout = PPPOE_INITIAL_TIMEOUT * 2; 1098243882Sglebius m0 = m_copypacket(neg->m, M_NOWAIT); 1099172628Smav NG_SEND_DATA_ONLY(error, privp->ethernet_hook, m0); 110052419Sjulian} 110152419Sjulian 110290973Sbrianstatic int 110397897Sarchiesend_acname(sessp sp, const struct pppoe_tag *tag) 110490973Sbrian{ 110598636Sbrian int error, tlen; 110690973Sbrian struct ng_mesg *msg; 110790973Sbrian struct ngpppoe_sts *sts; 110890973Sbrian 1109154604Sglebius CTR2(KTR_NET, "%20s: called %d", __func__, sp->Session_ID); 1110154604Sglebius 111190973Sbrian NG_MKMESSAGE(msg, NGM_PPPOE_COOKIE, NGM_PPPOE_ACNAME, 111290973Sbrian sizeof(struct ngpppoe_sts), M_NOWAIT); 111390973Sbrian if (msg == NULL) 111490973Sbrian return (ENOMEM); 111590973Sbrian 111690973Sbrian sts = (struct ngpppoe_sts *)msg->data; 1117125028Sharti tlen = min(NG_HOOKSIZ - 1, ntohs(tag->tag_len)); 1118189315Sed strncpy(sts->hook, (const char *)(tag + 1), tlen); 111998636Sbrian sts->hook[tlen] = '\0'; 1120102244Sarchie NG_SEND_MSG_ID(error, NG_HOOK_NODE(sp->hook), msg, sp->creator, 0); 112190973Sbrian 112290973Sbrian return (error); 112390973Sbrian} 112490973Sbrian 112596578Sbrianstatic int 112696578Sbriansend_sessionid(sessp sp) 112796578Sbrian{ 112896578Sbrian int error; 112996578Sbrian struct ng_mesg *msg; 113096578Sbrian 1131154604Sglebius CTR2(KTR_NET, "%20s: called %d", __func__, sp->Session_ID); 1132154604Sglebius 113396578Sbrian NG_MKMESSAGE(msg, NGM_PPPOE_COOKIE, NGM_PPPOE_SESSIONID, 1134154604Sglebius sizeof(uint16_t), M_NOWAIT); 113596578Sbrian if (msg == NULL) 113696578Sbrian return (ENOMEM); 113796578Sbrian 1138154604Sglebius *(uint16_t *)msg->data = sp->Session_ID; 1139102244Sarchie NG_SEND_MSG_ID(error, NG_HOOK_NODE(sp->hook), msg, sp->creator, 0); 114096578Sbrian 114196578Sbrian return (error); 114296578Sbrian} 114396578Sbrian 1144288918Smavstatic int 1145288918Smavsend_maxp(sessp sp, const struct pppoe_tag *tag) 1146288918Smav{ 1147288918Smav int error; 1148288918Smav struct ng_mesg *msg; 1149288918Smav struct ngpppoe_maxp *maxp; 1150288918Smav 1151288918Smav CTR2(KTR_NET, "%20s: called %d", __func__, sp->Session_ID); 1152288918Smav 1153288918Smav NG_MKMESSAGE(msg, NGM_PPPOE_COOKIE, NGM_PPPOE_SETMAXP, 1154288918Smav sizeof(struct ngpppoe_maxp), M_NOWAIT); 1155288918Smav if (msg == NULL) 1156288918Smav return (ENOMEM); 1157288918Smav 1158288918Smav maxp = (struct ngpppoe_maxp *)msg->data; 1159288918Smav strncpy(maxp->hook, NG_HOOK_NAME(sp->hook), NG_HOOKSIZ); 1160288918Smav maxp->data = ntohs(((const struct maxptag *)tag)->data); 1161288918Smav NG_SEND_MSG_ID(error, NG_HOOK_NODE(sp->hook), msg, sp->creator, 0); 1162288918Smav 1163288918Smav return (error); 1164288918Smav} 1165288918Smav 116652419Sjulian/* 1167172629Smav * Receive data from session hook and do something with it. 116852419Sjulian */ 116952419Sjulianstatic int 117070700Sjulianng_pppoe_rcvdata(hook_p hook, item_p item) 117152419Sjulian{ 117270784Sjulian node_p node = NG_HOOK_NODE(hook); 117370784Sjulian const priv_p privp = NG_NODE_PRIVATE(node); 117470784Sjulian sessp sp = NG_HOOK_PRIVATE(hook); 1175172629Smav struct pppoe_full_hdr *wh; 1176154604Sglebius struct mbuf *m; 1177172629Smav int error; 117852419Sjulian 1179154604Sglebius CTR6(KTR_NET, "%20s: node [%x] (%p) received %p on \"%s\" (%p)", 1180154604Sglebius __func__, node->nd_ID, node, item, hook->hk_name, hook); 1181154604Sglebius 118270700Sjulian NGI_GET_M(item, m); 1183172629Smav switch (sp->state) { 1184172629Smav case PPPOE_NEWCONNECTED: 1185172629Smav case PPPOE_CONNECTED: { 118652419Sjulian /* 1187172629Smav * Remove PPP address and control fields, if any. 1188172629Smav * For example, ng_ppp(4) always sends LCP packets 1189172629Smav * with address and control fields as required by 1190172629Smav * generic PPP. PPPoE is an exception to the rule. 119152419Sjulian */ 1192172629Smav if (m->m_pkthdr.len >= 2) { 1193172629Smav if (m->m_len < 2 && !(m = m_pullup(m, 2))) 1194172629Smav LEAVE(ENOBUFS); 1195176057Smav if (mtod(m, u_char *)[0] == 0xff && 1196176057Smav mtod(m, u_char *)[1] == 0x03) 1197172629Smav m_adj(m, 2); 1198172629Smav } 119952419Sjulian /* 1200172629Smav * Bang in a pre-made header, and set the length up 1201172629Smav * to be correct. Then send it to the ethernet driver. 120252419Sjulian */ 1203243882Sglebius M_PREPEND(m, sizeof(*wh), M_NOWAIT); 1204172629Smav if (m == NULL) 1205172629Smav LEAVE(ENOBUFS); 1206172629Smav 1207172629Smav wh = mtod(m, struct pppoe_full_hdr *); 1208172629Smav bcopy(&sp->pkt_hdr, wh, sizeof(*wh)); 1209172629Smav wh->ph.length = htons(m->m_pkthdr.len - sizeof(*wh)); 1210172629Smav NG_FWD_NEW_DATA(error, item, privp->ethernet_hook, m); 1211172629Smav privp->packets_out++; 1212172629Smav break; 1213172629Smav } 1214172629Smav case PPPOE_PRIMED: { 1215172629Smav struct { 1216172629Smav struct pppoe_tag hdr; 1217172629Smav union uniq data; 1218172629Smav } __packed uniqtag; 1219172629Smav const struct pppoe_tag *tag; 1220172629Smav struct mbuf *m0; 1221172629Smav const struct pppoe_hdr *ph; 1222172629Smav negp neg = sp->neg; 1223172629Smav uint16_t session; 1224172629Smav uint16_t length; 1225172629Smav uint8_t code; 1226172629Smav 1227172629Smav /* 1228172629Smav * A PADI packet is being returned by the application 1229172629Smav * that has set up this hook. This indicates that it 1230172629Smav * wants us to offer service. 1231172629Smav */ 1232172629Smav if (m->m_len < sizeof(*wh)) { 1233172629Smav m = m_pullup(m, sizeof(*wh)); 1234172629Smav if (m == NULL) 123552510Sjulian LEAVE(ENOBUFS); 123652419Sjulian } 123752419Sjulian wh = mtod(m, struct pppoe_full_hdr *); 1238172629Smav ph = &wh->ph; 1239172629Smav session = ntohs(wh->ph.sid); 124052419Sjulian length = ntohs(wh->ph.length); 1241172629Smav code = wh->ph.code; 1242172629Smav /* Use peers mode in session. */ 1243172629Smav neg->pkt->pkt_header.eh.ether_type = wh->eh.ether_type; 1244172629Smav if (code != PADI_CODE) 1245172629Smav LEAVE(EINVAL); 1246172629Smav ng_uncallout(&neg->handle, node); 124752419Sjulian 1248172629Smav /* 1249172629Smav * This is the first time we hear 1250172629Smav * from the client, so note it's 1251172629Smav * unicast address, replacing the 1252172629Smav * broadcast address. 1253172629Smav */ 1254172629Smav bcopy(wh->eh.ether_shost, 1255172629Smav neg->pkt->pkt_header.eh.ether_dhost, 1256172629Smav ETHER_ADDR_LEN); 1257172629Smav sp->state = PPPOE_SOFFER; 1258172629Smav neg->timeout = 0; 1259172629Smav neg->pkt->pkt_header.ph.code = PADO_CODE; 1260154862Sglebius 1261172629Smav /* 1262172629Smav * Start working out the tags to respond with. 1263172629Smav */ 1264172629Smav uniqtag.hdr.tag_type = PTT_AC_COOKIE; 1265172629Smav uniqtag.hdr.tag_len = htons((u_int16_t)sizeof(sp)); 1266172629Smav uniqtag.data.pointer = sp; 1267172629Smav init_tags(sp); 1268172629Smav insert_tag(sp, &neg->ac_name.hdr); /* AC_NAME */ 1269172629Smav if ((tag = get_tag(ph, PTT_SRV_NAME))) 1270172629Smav insert_tag(sp, tag); /* return service */ 1271172629Smav /* 1272172629Smav * If we have a NULL service request 1273172629Smav * and have an extra service defined in this hook, 1274172629Smav * then also add a tag for the extra service. 1275172629Smav * XXX this is a hack. eventually we should be able 1276172629Smav * to support advertising many services, not just one 1277172629Smav */ 1278172629Smav if (((tag == NULL) || (tag->tag_len == 0)) && 1279172629Smav (neg->service.hdr.tag_len != 0)) { 1280172629Smav insert_tag(sp, &neg->service.hdr); /* SERVICE */ 1281172629Smav } 1282172629Smav if ((tag = get_tag(ph, PTT_HOST_UNIQ))) 1283172629Smav insert_tag(sp, tag); /* returned hostunique */ 1284172629Smav insert_tag(sp, &uniqtag.hdr); 1285172629Smav scan_tags(sp, ph); 1286172629Smav make_packet(sp); 1287172629Smav /* 1288172629Smav * Send the offer but if they don't respond 1289172629Smav * in PPPOE_OFFER_TIMEOUT seconds, forget about it. 1290172629Smav */ 1291172629Smav ng_callout(&neg->handle, node, hook, PPPOE_OFFER_TIMEOUT * hz, 1292172629Smav pppoe_ticker, NULL, 0); 1293243882Sglebius m0 = m_copypacket(sp->neg->m, M_NOWAIT); 1294172629Smav NG_FWD_NEW_DATA(error, item, privp->ethernet_hook, m0); 1295172629Smav privp->packets_out++; 1296172629Smav break; 1297172629Smav } 129852419Sjulian 1299172629Smav /* 1300172629Smav * Packets coming from the hook make no sense 1301172629Smav * to sessions in the rest of states. Throw them away. 1302172629Smav */ 1303172629Smav default: 1304172629Smav LEAVE(ENETUNREACH); 1305172629Smav } 1306172629Smavquit: 1307172629Smav if (item) 1308172629Smav NG_FREE_ITEM(item); 1309172629Smav NG_FREE_M(m); 1310172629Smav return (error); 1311172629Smav} 131252419Sjulian 1313172629Smav/* 1314172629Smav * Receive data from ether and do something with it. 1315172629Smav */ 1316172629Smavstatic int 1317172629Smavng_pppoe_rcvdata_ether(hook_p hook, item_p item) 1318172629Smav{ 1319172629Smav node_p node = NG_HOOK_NODE(hook); 1320172629Smav const priv_p privp = NG_NODE_PRIVATE(node); 1321208824Smav sessp sp; 1322172629Smav const struct pppoe_tag *utag = NULL, *tag = NULL; 1323172629Smav const struct pppoe_full_hdr *wh; 1324172629Smav const struct pppoe_hdr *ph; 1325172629Smav negp neg = NULL; 1326172629Smav struct mbuf *m; 1327172629Smav hook_p sendhook; 1328172629Smav int error = 0; 1329172629Smav uint16_t session; 1330172629Smav uint16_t length; 1331172629Smav uint8_t code; 1332172629Smav struct mbuf *m0; 133352419Sjulian 1334172629Smav CTR6(KTR_NET, "%20s: node [%x] (%p) received %p on \"%s\" (%p)", 1335172629Smav __func__, node->nd_ID, node, item, hook->hk_name, hook); 133652419Sjulian 1337172629Smav NGI_GET_M(item, m); 1338172629Smav /* 1339172629Smav * Dig out various fields from the packet. 1340172629Smav * Use them to decide where to send it. 1341172629Smav */ 1342172629Smav privp->packets_in++; 1343172629Smav if( m->m_len < sizeof(*wh)) { 1344172629Smav m = m_pullup(m, sizeof(*wh)); /* Checks length */ 1345172629Smav if (m == NULL) { 1346172629Smav log(LOG_NOTICE, "ng_pppoe[%x]: couldn't " 1347172629Smav "m_pullup(wh)\n", node->nd_ID); 1348172629Smav LEAVE(ENOBUFS); 1349172629Smav } 1350172629Smav } 1351172629Smav wh = mtod(m, struct pppoe_full_hdr *); 1352172629Smav length = ntohs(wh->ph.length); 1353172629Smav switch(wh->eh.ether_type) { 1354172629Smav case ETHERTYPE_PPPOE_3COM_DISC: /* fall through */ 1355172629Smav case ETHERTYPE_PPPOE_DISC: 1356172629Smav /* 1357172629Smav * We need to try to make sure that the tag area 1358172629Smav * is contiguous, or we could wander off the end 1359172629Smav * of a buffer and make a mess. 1360172629Smav * (Linux wouldn't have this problem). 1361172629Smav */ 1362172629Smav if (m->m_pkthdr.len <= MHLEN) { 1363172629Smav if( m->m_len < m->m_pkthdr.len) { 1364172629Smav m = m_pullup(m, m->m_pkthdr.len); 1365172629Smav if (m == NULL) { 1366172629Smav log(LOG_NOTICE, "ng_pppoe[%x]: " 1367172629Smav "couldn't m_pullup(pkthdr)\n", 1368172629Smav node->nd_ID); 1369172629Smav LEAVE(ENOBUFS); 137052419Sjulian } 137152419Sjulian } 1372172629Smav } 1373172629Smav if (m->m_len != m->m_pkthdr.len) { 137452419Sjulian /* 1375172629Smav * It's not all in one piece. 1376172629Smav * We need to do extra work. 1377172629Smav * Put it into a cluster. 137852419Sjulian */ 1379172629Smav struct mbuf *n; 1380243882Sglebius n = m_dup(m, M_NOWAIT); 1381172629Smav m_freem(m); 1382172629Smav m = n; 1383172629Smav if (m) { 1384172629Smav /* just check we got a cluster */ 1385172629Smav if (m->m_len != m->m_pkthdr.len) { 1386172629Smav m_freem(m); 1387172629Smav m = NULL; 1388172629Smav } 138952419Sjulian } 1390172629Smav if (m == NULL) { 1391172629Smav log(LOG_NOTICE, "ng_pppoe[%x]: packet " 1392172629Smav "fragmented\n", node->nd_ID); 139352419Sjulian LEAVE(EMSGSIZE); 139452419Sjulian } 139552419Sjulian } 1396172629Smav wh = mtod(m, struct pppoe_full_hdr *); 1397172629Smav length = ntohs(wh->ph.length); 1398172629Smav ph = &wh->ph; 1399172629Smav session = ntohs(wh->ph.sid); 1400172629Smav code = wh->ph.code; 140164502Sarchie 1402172629Smav switch(code) { 1403172629Smav case PADI_CODE: 140452419Sjulian /* 1405172629Smav * We are a server: 1406172629Smav * Look for a hook with the required service and send 1407172629Smav * the ENTIRE packet up there. It should come back to 1408172629Smav * a new hook in PRIMED state. Look there for further 1409172629Smav * processing. 141064502Sarchie */ 1411172629Smav tag = get_tag(ph, PTT_SRV_NAME); 1412172629Smav if (tag == NULL) { 1413172629Smav CTR1(KTR_NET, "%20s: PADI w/o Service-Name", 1414172629Smav __func__); 1415172629Smav LEAVE(ENETUNREACH); 141664502Sarchie } 1417172629Smav 141864502Sarchie /* 1419172629Smav * First, try to match Service-Name against our 1420172629Smav * listening hooks. If no success and we are in D-Link 1421172629Smav * compat mode and Service-Name is empty, then we 1422172629Smav * broadcast the PADI to all listening hooks. 142352419Sjulian */ 1424172629Smav sendhook = pppoe_match_svc(node, tag); 1425172629Smav if (sendhook != NULL) 1426172629Smav NG_FWD_NEW_DATA(error, item, sendhook, m); 1427172629Smav else if (privp->flags & COMPAT_DLINK && 1428172629Smav ntohs(tag->tag_len) == 0) 1429172629Smav error = pppoe_broadcast_padi(node, m); 1430172629Smav else 1431172629Smav error = ENETUNREACH; 143252419Sjulian break; 1433172629Smav case PADO_CODE: 1434172629Smav /* 1435172629Smav * We are a client: 1436172629Smav * Use the host_uniq tag to find the hook this is in 1437172629Smav * response to. Received #2, now send #3 1438172629Smav * For now simply accept the first we receive. 1439172629Smav */ 1440172629Smav utag = get_tag(ph, PTT_HOST_UNIQ); 1441172629Smav if ((utag == NULL) || 1442172629Smav (ntohs(utag->tag_len) != sizeof(sp))) { 1443172629Smav log(LOG_NOTICE, "ng_pppoe[%x]: no host " 1444172629Smav "unique field\n", node->nd_ID); 1445172629Smav LEAVE(ENETUNREACH); 144652419Sjulian } 1447172629Smav 1448172629Smav sendhook = pppoe_finduniq(node, utag); 1449172629Smav if (sendhook == NULL) { 1450172629Smav log(LOG_NOTICE, "ng_pppoe[%x]: no " 1451172629Smav "matching session\n", node->nd_ID); 1452172629Smav LEAVE(ENETUNREACH); 1453172629Smav } 1454172629Smav 145552419Sjulian /* 1456172629Smav * Check the session is in the right state. 1457172629Smav * It needs to be in PPPOE_SINIT. 145852419Sjulian */ 1459172629Smav sp = NG_HOOK_PRIVATE(sendhook); 1460174981Smav if (sp->state == PPPOE_SREQ || 1461174981Smav sp->state == PPPOE_CONNECTED) { 1462174981Smav break; /* Multiple PADO is OK. */ 1463174981Smav } 1464172629Smav if (sp->state != PPPOE_SINIT) { 1465172629Smav log(LOG_NOTICE, "ng_pppoe[%x]: session " 1466172629Smav "in wrong state\n", node->nd_ID); 1467172629Smav LEAVE(ENETUNREACH); 1468172629Smav } 146952419Sjulian neg = sp->neg; 1470174981Smav /* If requested specific AC-name, check it. */ 1471174981Smav if (neg->ac_name_len) { 1472174981Smav tag = get_tag(ph, PTT_AC_NAME); 1473174981Smav if (!tag) { 1474174981Smav /* No PTT_AC_NAME in PADO */ 1475174981Smav break; 1476174981Smav } 1477174981Smav if (neg->ac_name_len != htons(tag->tag_len) || 1478189315Sed strncmp(neg->ac_name.data, 1479189315Sed (const char *)(tag + 1), 1480174981Smav neg->ac_name_len) != 0) { 1481174981Smav break; 1482174981Smav } 1483174981Smav } 1484174981Smav sp->state = PPPOE_SREQ; 1485138562Sglebius ng_uncallout(&neg->handle, node); 148652419Sjulian 148752419Sjulian /* 148852419Sjulian * This is the first time we hear 1489172629Smav * from the server, so note it's 149052419Sjulian * unicast address, replacing the 1491172629Smav * broadcast address . 149252419Sjulian */ 149352419Sjulian bcopy(wh->eh.ether_shost, 149452419Sjulian neg->pkt->pkt_header.eh.ether_dhost, 149552419Sjulian ETHER_ADDR_LEN); 149652419Sjulian neg->timeout = 0; 1497172629Smav neg->pkt->pkt_header.ph.code = PADR_CODE; 1498172629Smav init_tags(sp); 1499172629Smav insert_tag(sp, utag); /* Host Unique */ 1500172629Smav if ((tag = get_tag(ph, PTT_AC_COOKIE))) 1501172629Smav insert_tag(sp, tag); /* return cookie */ 1502172629Smav if ((tag = get_tag(ph, PTT_AC_NAME))) { 1503172629Smav insert_tag(sp, tag); /* return it */ 1504172629Smav send_acname(sp, tag); 1505172629Smav } 1506288918Smav if ((tag = get_tag(ph, PTT_MAX_PAYL)) && 1507288918Smav (privp->max_payload.data != 0)) 1508288918Smav insert_tag(sp, tag); /* return it */ 1509172629Smav insert_tag(sp, &neg->service.hdr); /* Service */ 1510172629Smav scan_tags(sp, ph); 1511172629Smav make_packet(sp); 1512172629Smav sp->state = PPPOE_SREQ; 1513172629Smav ng_callout(&neg->handle, node, sp->hook, 1514172629Smav PPPOE_INITIAL_TIMEOUT * hz, 1515172629Smav pppoe_ticker, NULL, 0); 1516172629Smav neg->timeout = PPPOE_INITIAL_TIMEOUT * 2; 1517243882Sglebius m0 = m_copypacket(neg->m, M_NOWAIT); 1518172629Smav NG_FWD_NEW_DATA(error, item, privp->ethernet_hook, m0); 1519172629Smav break; 1520172629Smav case PADR_CODE: 1521172629Smav /* 1522172629Smav * We are a server: 1523172629Smav * Use the ac_cookie tag to find the 1524172629Smav * hook this is in response to. 1525172629Smav */ 1526172629Smav utag = get_tag(ph, PTT_AC_COOKIE); 1527172629Smav if ((utag == NULL) || 1528172629Smav (ntohs(utag->tag_len) != sizeof(sp))) { 1529172629Smav LEAVE(ENETUNREACH); 1530172629Smav } 153152419Sjulian 1532172629Smav sendhook = pppoe_finduniq(node, utag); 1533172629Smav if (sendhook == NULL) 1534172629Smav LEAVE(ENETUNREACH); 1535172629Smav 153652419Sjulian /* 1537172629Smav * Check the session is in the right state. 1538172629Smav * It needs to be in PPPOE_SOFFER or PPPOE_NEWCONNECTED. 1539172629Smav * If the latter, then this is a retry by the client, 1540172629Smav * so be nice, and resend. 154152419Sjulian */ 1542172629Smav sp = NG_HOOK_PRIVATE(sendhook); 1543172629Smav if (sp->state == PPPOE_NEWCONNECTED) { 1544172629Smav /* 1545172629Smav * Whoa! drop back to resend that PADS packet. 1546172629Smav * We should still have a copy of it. 1547172629Smav */ 1548172629Smav sp->state = PPPOE_SOFFER; 1549175865Smav } else if (sp->state != PPPOE_SOFFER) 1550172629Smav LEAVE (ENETUNREACH); 1551172629Smav neg = sp->neg; 1552172629Smav ng_uncallout(&neg->handle, node); 1553172629Smav neg->pkt->pkt_header.ph.code = PADS_CODE; 1554175865Smav if (sp->Session_ID == 0) { 1555172629Smav neg->pkt->pkt_header.ph.sid = 1556176753Smav htons(pppoe_getnewsession(sp)); 1557175865Smav } 1558172629Smav send_sessionid(sp); 1559172629Smav neg->timeout = 0; 1560172629Smav /* 1561172629Smav * start working out the tags to respond with. 1562172629Smav */ 156352419Sjulian init_tags(sp); 156452419Sjulian insert_tag(sp, &neg->ac_name.hdr); /* AC_NAME */ 156553154Sjulian if ((tag = get_tag(ph, PTT_SRV_NAME))) 1566172629Smav insert_tag(sp, tag);/* return service */ 156753154Sjulian if ((tag = get_tag(ph, PTT_HOST_UNIQ))) 1568172629Smav insert_tag(sp, tag); /* return it */ 1569172629Smav insert_tag(sp, utag); /* ac_cookie */ 157052419Sjulian scan_tags(sp, ph); 157152419Sjulian make_packet(sp); 1572172629Smav sp->state = PPPOE_NEWCONNECTED; 1573172629Smav 1574172629Smav /* Send the PADS without a timeout - we're now connected. */ 1575243882Sglebius m0 = m_copypacket(sp->neg->m, M_NOWAIT); 1576172629Smav NG_FWD_NEW_DATA(error, item, privp->ethernet_hook, m0); 1577172629Smav 1578172628Smav /* 1579172629Smav * Having sent the last Negotiation header, 1580172629Smav * Set up the stored packet header to be correct for 1581172629Smav * the actual session. But keep the negotialtion stuff 1582172629Smav * around in case we need to resend this last packet. 1583172629Smav * We'll discard it when we move from NEWCONNECTED 1584172629Smav * to CONNECTED 1585172628Smav */ 1586172629Smav sp->pkt_hdr = neg->pkt->pkt_header; 1587172629Smav /* Configure ethertype depending on what 1588172629Smav * ethertype was used at discovery phase */ 1589172629Smav if (sp->pkt_hdr.eh.ether_type == 1590172629Smav ETHERTYPE_PPPOE_3COM_DISC) 1591172629Smav sp->pkt_hdr.eh.ether_type 1592172629Smav = ETHERTYPE_PPPOE_3COM_SESS; 1593172629Smav else 1594172629Smav sp->pkt_hdr.eh.ether_type 1595172629Smav = ETHERTYPE_PPPOE_SESS; 1596172629Smav sp->pkt_hdr.ph.code = 0; 1597172629Smav pppoe_send_event(sp, NGM_PPPOE_SUCCESS); 159852419Sjulian break; 1599172629Smav case PADS_CODE: 1600172629Smav /* 1601172629Smav * We are a client: 1602172629Smav * Use the host_uniq tag to find the hook this is in 1603172629Smav * response to. Take the session ID and store it away. 1604172629Smav * Also make sure the pre-made header is correct and 1605172629Smav * set us into Session mode. 1606172629Smav */ 1607172629Smav utag = get_tag(ph, PTT_HOST_UNIQ); 1608172629Smav if ((utag == NULL) || 1609172629Smav (ntohs(utag->tag_len) != sizeof(sp))) { 1610172629Smav LEAVE (ENETUNREACH); 1611172629Smav } 1612172629Smav sendhook = pppoe_finduniq(node, utag); 1613172629Smav if (sendhook == NULL) 1614172629Smav LEAVE(ENETUNREACH); 161552419Sjulian 1616172629Smav /* 1617172629Smav * Check the session is in the right state. 1618172629Smav * It needs to be in PPPOE_SREQ. 1619172629Smav */ 1620172629Smav sp = NG_HOOK_PRIVATE(sendhook); 1621172629Smav if (sp->state != PPPOE_SREQ) 1622172629Smav LEAVE(ENETUNREACH); 1623172629Smav neg = sp->neg; 1624172629Smav ng_uncallout(&neg->handle, node); 1625172629Smav neg->pkt->pkt_header.ph.sid = wh->ph.sid; 1626172629Smav sp->Session_ID = ntohs(wh->ph.sid); 1627175865Smav pppoe_addsession(sp); 1628172629Smav send_sessionid(sp); 1629172629Smav neg->timeout = 0; 1630172629Smav sp->state = PPPOE_CONNECTED; 1631172629Smav /* 1632172629Smav * Now we have gone to Connected mode, 1633172629Smav * Free all resources needed for negotiation. 1634172629Smav * Keep a copy of the header we will be using. 1635172629Smav */ 1636172629Smav sp->pkt_hdr = neg->pkt->pkt_header; 1637172629Smav if (privp->flags & COMPAT_3COM) 1638172629Smav sp->pkt_hdr.eh.ether_type 1639172629Smav = ETHERTYPE_PPPOE_3COM_SESS; 1640172629Smav else 1641172629Smav sp->pkt_hdr.eh.ether_type 1642172629Smav = ETHERTYPE_PPPOE_SESS; 1643172629Smav sp->pkt_hdr.ph.code = 0; 1644172629Smav m_freem(neg->m); 1645172629Smav free(sp->neg, M_NETGRAPH_PPPOE); 1646172629Smav sp->neg = NULL; 1647288918Smav if ((tag = get_tag(ph, PTT_MAX_PAYL)) && 1648288918Smav (privp->max_payload.data != 0)) 1649288918Smav send_maxp(sp, tag); 1650172629Smav pppoe_send_event(sp, NGM_PPPOE_SUCCESS); 1651172629Smav break; 1652172629Smav case PADT_CODE: 1653172629Smav /* 1654172629Smav * Find matching peer/session combination. 1655172629Smav */ 1656175865Smav sp = pppoe_findsession(privp, wh); 1657175865Smav if (sp == NULL) 1658172629Smav LEAVE(ENETUNREACH); 1659172629Smav /* Disconnect that hook. */ 1660175865Smav ng_rmhook_self(sp->hook); 1661172629Smav break; 1662172629Smav default: 1663172629Smav LEAVE(EPFNOSUPPORT); 1664172629Smav } 1665172629Smav break; 1666172629Smav case ETHERTYPE_PPPOE_3COM_SESS: 1667172629Smav case ETHERTYPE_PPPOE_SESS: 166852419Sjulian /* 1669172629Smav * Find matching peer/session combination. 167052419Sjulian */ 1671175865Smav sp = pppoe_findsession(privp, wh); 1672175865Smav if (sp == NULL) 1673172629Smav LEAVE (ENETUNREACH); 1674172629Smav m_adj(m, sizeof(*wh)); 1675172629Smav 1676172629Smav /* If packet too short, dump it. */ 1677172629Smav if (m->m_pkthdr.len < length) 1678172629Smav LEAVE(EMSGSIZE); 1679172629Smav /* Also need to trim excess at the end */ 1680172629Smav if (m->m_pkthdr.len > length) { 1681172629Smav m_adj(m, -((int)(m->m_pkthdr.len - length))); 168252419Sjulian } 1683172629Smav if ( sp->state != PPPOE_CONNECTED) { 1684172629Smav if (sp->state == PPPOE_NEWCONNECTED) { 1685172629Smav sp->state = PPPOE_CONNECTED; 1686172629Smav /* 1687172629Smav * Now we have gone to Connected mode, 1688172629Smav * Free all resources needed for negotiation. 1689172629Smav * Be paranoid about whether there may be 1690172629Smav * a timeout. 1691172629Smav */ 1692172629Smav m_freem(sp->neg->m); 1693172629Smav ng_uncallout(&sp->neg->handle, node); 1694172629Smav free(sp->neg, M_NETGRAPH_PPPOE); 1695172629Smav sp->neg = NULL; 1696172629Smav } else { 1697172629Smav LEAVE (ENETUNREACH); 1698172629Smav } 1699172629Smav } 1700175865Smav NG_FWD_NEW_DATA(error, item, sp->hook, m); 1701172629Smav break; 1702172629Smav default: 1703172629Smav LEAVE(EPFNOSUPPORT); 170452419Sjulian } 170552419Sjulianquit: 170670914Sjulian if (item) 170770914Sjulian NG_FREE_ITEM(item); 170870700Sjulian NG_FREE_M(m); 1709172629Smav return (error); 171052419Sjulian} 171152419Sjulian 171252419Sjulian/* 1713172629Smav * Receive data from debug hook and bypass it to ether. 1714172629Smav */ 1715172629Smavstatic int 1716172629Smavng_pppoe_rcvdata_debug(hook_p hook, item_p item) 1717172629Smav{ 1718172629Smav node_p node = NG_HOOK_NODE(hook); 1719172629Smav const priv_p privp = NG_NODE_PRIVATE(node); 1720172629Smav int error; 1721172629Smav 1722172629Smav CTR6(KTR_NET, "%20s: node [%x] (%p) received %p on \"%s\" (%p)", 1723172629Smav __func__, node->nd_ID, node, item, hook->hk_name, hook); 1724172629Smav 1725172629Smav NG_FWD_ITEM_HOOK(error, item, privp->ethernet_hook); 1726172629Smav privp->packets_out++; 1727172629Smav return (error); 1728172629Smav} 1729172629Smav 1730172629Smav/* 173152419Sjulian * Do local shutdown processing.. 173252419Sjulian * If we are a persistant device, we might refuse to go away, and 173352419Sjulian * we'd only remove our links and reset ourself. 173452419Sjulian */ 173552419Sjulianstatic int 173670700Sjulianng_pppoe_shutdown(node_p node) 173752419Sjulian{ 1738175865Smav const priv_p privp = NG_NODE_PRIVATE(node); 1739175865Smav int i; 174052419Sjulian 1741175865Smav for (i = 0; i < SESSHASHSIZE; i++) 1742175865Smav mtx_destroy(&privp->sesshash[i].mtx); 174370784Sjulian NG_NODE_SET_PRIVATE(node, NULL); 1744175865Smav NG_NODE_UNREF(privp->node); 1745175865Smav free(privp, M_NETGRAPH_PPPOE); 174652419Sjulian return (0); 174752419Sjulian} 174852419Sjulian 174952419Sjulian/* 175052419Sjulian * Hook disconnection 175152419Sjulian * 175253498Sjulian * Clean up all dangling links and information about the session/hook. 1753154604Sglebius * For this type, removal of the last link destroys the node. 175452419Sjulian */ 175552419Sjulianstatic int 175652562Sjulianng_pppoe_disconnect(hook_p hook) 175752419Sjulian{ 175870784Sjulian node_p node = NG_HOOK_NODE(hook); 175970784Sjulian priv_p privp = NG_NODE_PRIVATE(node); 176052419Sjulian sessp sp; 176152419Sjulian 1762172270Smav if (hook == privp->debug_hook) { 176352419Sjulian privp->debug_hook = NULL; 1764172270Smav } else if (hook == privp->ethernet_hook) { 176552419Sjulian privp->ethernet_hook = NULL; 176670784Sjulian if (NG_NODE_IS_VALID(node)) 176770700Sjulian ng_rmnode_self(node); 176852419Sjulian } else { 176970784Sjulian sp = NG_HOOK_PRIVATE(hook); 177052441Sjulian if (sp->state != PPPOE_SNONE ) { 177152441Sjulian pppoe_send_event(sp, NGM_PPPOE_CLOSE); 177252441Sjulian } 177359728Sjulian /* 177459728Sjulian * According to the spec, if we are connected, 177559728Sjulian * we should send a DISC packet if we are shutting down 177659728Sjulian * a session. 177759728Sjulian */ 177852523Sjulian if ((privp->ethernet_hook) 177952523Sjulian && ((sp->state == PPPOE_CONNECTED) 178052523Sjulian || (sp->state == PPPOE_NEWCONNECTED))) { 178152523Sjulian struct mbuf *m; 178252523Sjulian 1783154604Sglebius /* Generate a packet of that type. */ 1784243882Sglebius MGETHDR(m, M_NOWAIT, MT_DATA); 1785161034Sglebius if (m == NULL) 1786161034Sglebius log(LOG_NOTICE, "ng_pppoe[%x]: session out of " 1787161034Sglebius "mbufs\n", node->nd_ID); 178853498Sjulian else { 1789172269Smav struct pppoe_full_hdr *wh; 1790172269Smav struct pppoe_tag *tag; 1791172269Smav int msglen = strlen(SIGNOFF); 1792172269Smav int error = 0; 1793172269Smav 179453498Sjulian m->m_pkthdr.rcvif = NULL; 179553498Sjulian m->m_pkthdr.len = m->m_len = sizeof(*wh); 1796172269Smav wh = mtod(m, struct pppoe_full_hdr *); 1797172269Smav bcopy(&sp->pkt_hdr, wh, sizeof(*wh)); 1798172269Smav 1799172269Smav /* Revert the stored header to DISC/PADT mode. */ 1800172269Smav wh->ph.code = PADT_CODE; 180153498Sjulian /* 1802172269Smav * Configure ethertype depending on what 1803172269Smav * was used during sessions stage. 1804172269Smav */ 1805172269Smav if (wh->eh.ether_type == 1806172269Smav ETHERTYPE_PPPOE_3COM_SESS) 1807172269Smav wh->eh.ether_type = ETHERTYPE_PPPOE_3COM_DISC; 1808172269Smav else 1809172269Smav wh->eh.ether_type = ETHERTYPE_PPPOE_DISC; 1810172269Smav /* 181153498Sjulian * Add a General error message and adjust 1812154604Sglebius * sizes. 181353498Sjulian */ 1814189315Sed tag = (void *)(&wh->ph + 1); 181553498Sjulian tag->tag_type = PTT_GEN_ERR; 181653498Sjulian tag->tag_len = htons((u_int16_t)msglen); 1817189315Sed strncpy((char *)(tag + 1), SIGNOFF, msglen); 181853498Sjulian m->m_pkthdr.len = (m->m_len += sizeof(*tag) + 181953498Sjulian msglen); 182053498Sjulian wh->ph.length = htons(sizeof(*tag) + msglen); 182170700Sjulian NG_SEND_DATA_ONLY(error, 182270700Sjulian privp->ethernet_hook, m); 182353498Sjulian } 182452523Sjulian } 1825176775Smav if (sp->state == PPPOE_LISTENING) 1826176775Smav LIST_REMOVE(sp, sessions); 1827176775Smav else if (sp->Session_ID) 1828175865Smav pppoe_delsession(sp); 182959728Sjulian /* 183063138Sasmodai * As long as we have somewhere to store the timeout handle, 183159728Sjulian * we may have a timeout pending.. get rid of it. 183259728Sjulian */ 183352443Sjulian if (sp->neg) { 1834138562Sglebius ng_uncallout(&sp->neg->handle, node); 183552443Sjulian if (sp->neg->m) 183652443Sjulian m_freem(sp->neg->m); 1837154604Sglebius free(sp->neg, M_NETGRAPH_PPPOE); 183852443Sjulian } 1839154604Sglebius free(sp, M_NETGRAPH_PPPOE); 184070784Sjulian NG_HOOK_SET_PRIVATE(hook, NULL); 184152419Sjulian } 1842154604Sglebius if ((NG_NODE_NUMHOOKS(node) == 0) && 1843154604Sglebius (NG_NODE_IS_VALID(node))) 184470700Sjulian ng_rmnode_self(node); 184552419Sjulian return (0); 184652419Sjulian} 184752419Sjulian 184852419Sjulian/* 1849154604Sglebius * Timeouts come here. 185052419Sjulian */ 185152419Sjulianstatic void 1852138562Sglebiuspppoe_ticker(node_p node, hook_p hook, void *arg1, int arg2) 185352419Sjulian{ 1854154604Sglebius priv_p privp = NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); 185570784Sjulian sessp sp = NG_HOOK_PRIVATE(hook); 185652419Sjulian negp neg = sp->neg; 1857154604Sglebius struct mbuf *m0 = NULL; 185852419Sjulian int error = 0; 185952419Sjulian 1860154604Sglebius CTR6(KTR_NET, "%20s: node [%x] (%p) hook \"%s\" (%p) session %d", 1861154604Sglebius __func__, node->nd_ID, node, hook->hk_name, hook, sp->Session_ID); 186252419Sjulian switch(sp->state) { 186352419Sjulian /* 1864154604Sglebius * Resend the last packet, using an exponential backoff. 186552419Sjulian * After a period of time, stop growing the backoff, 1866154604Sglebius * And either leave it, or revert to the start. 186752419Sjulian */ 186852419Sjulian case PPPOE_SINIT: 186952419Sjulian case PPPOE_SREQ: 1870154604Sglebius /* Timeouts on these produce resends. */ 1871243882Sglebius m0 = m_copypacket(sp->neg->m, M_NOWAIT); 187270700Sjulian NG_SEND_DATA_ONLY( error, privp->ethernet_hook, m0); 1873138562Sglebius ng_callout(&neg->handle, node, hook, neg->timeout * hz, 1874138562Sglebius pppoe_ticker, NULL, 0); 187552419Sjulian if ((neg->timeout <<= 1) > PPPOE_TIMEOUT_LIMIT) { 187652419Sjulian if (sp->state == PPPOE_SREQ) { 1877154604Sglebius /* Revert to SINIT mode. */ 187852441Sjulian pppoe_start(sp); 187952419Sjulian } else { 188052419Sjulian neg->timeout = PPPOE_TIMEOUT_LIMIT; 188152419Sjulian } 188252419Sjulian } 188352419Sjulian break; 188452419Sjulian case PPPOE_PRIMED: 188552419Sjulian case PPPOE_SOFFER: 1886154604Sglebius /* A timeout on these says "give up" */ 188770935Sjulian ng_rmhook_self(hook); 188852419Sjulian break; 188952419Sjulian default: 1890154604Sglebius /* Timeouts have no meaning in other states. */ 1891161034Sglebius log(LOG_NOTICE, "ng_pppoe[%x]: unexpected timeout\n", 1892161034Sglebius node->nd_ID); 189352419Sjulian } 189452419Sjulian} 189552419Sjulian 189652419Sjulian/* 189752419Sjulian * Parse an incoming packet to see if any tags should be copied to the 189853145Sjulian * output packet. Don't do any tags that have been handled in the main 189953145Sjulian * state machine. 190052419Sjulian */ 1901154604Sglebiusstatic const struct pppoe_tag* 190297897Sarchiescan_tags(sessp sp, const struct pppoe_hdr* ph) 190352419Sjulian{ 190497897Sarchie const char *const end = (const char *)next_tag(ph); 190597897Sarchie const char *ptn; 1906189315Sed const struct pppoe_tag *pt = (const void *)(ph + 1); 1907154604Sglebius 190852419Sjulian /* 190952419Sjulian * Keep processing tags while a tag header will still fit. 191052419Sjulian */ 1911154604Sglebius CTR2(KTR_NET, "%20s: called %d", __func__, sp->Session_ID); 1912154604Sglebius 191397897Sarchie while((const char*)(pt + 1) <= end) { 191452419Sjulian /* 191552419Sjulian * If the tag data would go past the end of the packet, abort. 191652419Sjulian */ 191797897Sarchie ptn = (((const char *)(pt + 1)) + ntohs(pt->tag_len)); 191852419Sjulian if(ptn > end) 191952419Sjulian return NULL; 192052419Sjulian 192152419Sjulian switch (pt->tag_type) { 192252419Sjulian case PTT_RELAY_SID: 192352419Sjulian insert_tag(sp, pt); 192452419Sjulian break; 192552419Sjulian case PTT_EOL: 192652419Sjulian return NULL; 192752419Sjulian case PTT_SRV_NAME: 192852419Sjulian case PTT_AC_NAME: 192952419Sjulian case PTT_HOST_UNIQ: 193052419Sjulian case PTT_AC_COOKIE: 193152419Sjulian case PTT_VENDOR: 193252419Sjulian case PTT_SRV_ERR: 193352419Sjulian case PTT_SYS_ERR: 193452419Sjulian case PTT_GEN_ERR: 1935253564Sglebius case PTT_MAX_PAYL: 193652419Sjulian break; 193752419Sjulian } 193897897Sarchie pt = (const struct pppoe_tag*)ptn; 193952419Sjulian } 194052419Sjulian return NULL; 194152419Sjulian} 194252419Sjulian 194352441Sjulianstatic int 194452441Sjulianpppoe_send_event(sessp sp, enum cmd cmdid) 194552441Sjulian{ 194652441Sjulian int error; 194752441Sjulian struct ng_mesg *msg; 194852562Sjulian struct ngpppoe_sts *sts; 194952441Sjulian 1950154604Sglebius CTR2(KTR_NET, "%20s: called %d", __func__, sp->Session_ID); 1951154604Sglebius 195268845Sbrian NG_MKMESSAGE(msg, NGM_PPPOE_COOKIE, cmdid, 195352562Sjulian sizeof(struct ngpppoe_sts), M_NOWAIT); 195469922Sjulian if (msg == NULL) 195569922Sjulian return (ENOMEM); 195652562Sjulian sts = (struct ngpppoe_sts *)msg->data; 1957125028Sharti strncpy(sts->hook, NG_HOOK_NAME(sp->hook), NG_HOOKSIZ); 1958102244Sarchie NG_SEND_MSG_ID(error, NG_HOOK_NODE(sp->hook), msg, sp->creator, 0); 195952441Sjulian return (error); 196052441Sjulian} 1961