ipv6cp.c revision 81739
1/*- 2 * Copyright (c) 2001 Brian Somers <brian@Awfulhak.org> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $FreeBSD: head/usr.sbin/ppp/ipv6cp.c 81739 2001-08-16 02:01:05Z brian $ 27 */ 28 29#include <sys/param.h> 30#include <netinet/in_systm.h> 31#include <netinet/in.h> 32#include <netinet/ip.h> 33#include <sys/socket.h> 34#include <net/route.h> 35#include <net/if.h> 36#include <sys/un.h> 37 38#include <stdio.h> 39#include <stdlib.h> 40#include <string.h> 41#include <termios.h> 42 43#include "layer.h" 44#include "defs.h" 45#include "mbuf.h" 46#include "timer.h" 47#include "fsm.h" 48#include "iplist.h" 49#include "throughput.h" 50#include "slcompress.h" 51#include "lqr.h" 52#include "hdlc.h" 53#include "lcp.h" 54#include "ncpaddr.h" 55#include "ip.h" 56#include "ipcp.h" 57#include "ipv6cp.h" 58#include "filter.h" 59#include "descriptor.h" 60#include "ccp.h" 61#include "link.h" 62#include "mp.h" 63#ifndef NORADIUS 64#include "radius.h" 65#endif 66#include "ncp.h" 67#include "bundle.h" 68#include "route.h" 69#include "iface.h" 70#include "log.h" 71#include "proto.h" 72#include "command.h" 73#include "prompt.h" 74#include "async.h" 75#include "physical.h" 76 77 78#ifndef NOINET6 79static int ipv6cp_LayerUp(struct fsm *); 80static void ipv6cp_LayerDown(struct fsm *); 81static void ipv6cp_LayerStart(struct fsm *); 82static void ipv6cp_LayerFinish(struct fsm *); 83static void ipv6cp_InitRestartCounter(struct fsm *, int); 84static void ipv6cp_SendConfigReq(struct fsm *); 85static void ipv6cp_SentTerminateReq(struct fsm *); 86static void ipv6cp_SendTerminateAck(struct fsm *, u_char); 87static void ipv6cp_DecodeConfig(struct fsm *, u_char *, int, int, 88 struct fsm_decode *); 89 90static struct fsm_callbacks ipv6cp_Callbacks = { 91 ipv6cp_LayerUp, 92 ipv6cp_LayerDown, 93 ipv6cp_LayerStart, 94 ipv6cp_LayerFinish, 95 ipv6cp_InitRestartCounter, 96 ipv6cp_SendConfigReq, 97 ipv6cp_SentTerminateReq, 98 ipv6cp_SendTerminateAck, 99 ipv6cp_DecodeConfig, 100 fsm_NullRecvResetReq, 101 fsm_NullRecvResetAck 102}; 103 104static u_int32_t 105GenerateToken(void) 106{ 107 /* Generate random number which will be used as negotiation token */ 108 randinit(); 109 110 return random() + 1; 111} 112 113static int 114ipcp_SetIPv6address(struct ipv6cp *ipv6cp, u_int32_t mytok, u_int32_t histok) 115{ 116 struct bundle *bundle = ipv6cp->fsm.bundle; 117 struct in6_addr myaddr, hisaddr; 118 struct ncprange myrange; 119 struct sockaddr_storage ssdst, ssgw, ssmask; 120 struct sockaddr *sadst, *sagw, *samask; 121 122 sadst = (struct sockaddr *)&ssdst; 123 sagw = (struct sockaddr *)&ssgw; 124 samask = (struct sockaddr *)&ssmask; 125 126 memset(&myaddr, '\0', sizeof myaddr); 127 memset(&hisaddr, '\0', sizeof hisaddr); 128 129 myaddr.s6_addr[0] = 0xfe; 130 myaddr.s6_addr[1] = 0x80; 131 *(u_int32_t *)(myaddr.s6_addr + 12) = htonl(mytok); 132 133 hisaddr.s6_addr[0] = 0xfe; 134 hisaddr.s6_addr[1] = 0x80; 135 *(u_int32_t *)(hisaddr.s6_addr + 12) = htonl(histok); 136 137 ncpaddr_setip6(&ipv6cp->myaddr, &myaddr); 138 ncpaddr_setip6(&ipv6cp->hisaddr, &hisaddr); 139 ncprange_sethost(&myrange, &ipv6cp->myaddr); 140 141 if (!iface_Add(bundle->iface, &bundle->ncp, &myrange, &ipv6cp->hisaddr, 142 IFACE_ADD_FIRST|IFACE_FORCE_ADD|IFACE_SYSTEM)) 143 return 0; 144 145 if (!Enabled(bundle, OPT_IFACEALIAS)) 146 iface_Clear(bundle->iface, &bundle->ncp, AF_INET6, 147 IFACE_CLEAR_ALIASES|IFACE_SYSTEM); 148 149 if (bundle->ncp.cfg.sendpipe > 0 || bundle->ncp.cfg.recvpipe > 0) { 150 ncprange_getsa(&myrange, &ssgw, &ssmask); 151 if (ncpaddr_isset(&ipv6cp->hisaddr)) 152 ncpaddr_getsa(&ipv6cp->hisaddr, &ssdst); 153 else 154 sadst = NULL; 155 rt_Update(bundle, sadst, sagw, samask); 156 } 157 158 if (Enabled(bundle, OPT_SROUTES)) 159 route_Change(bundle, bundle->ncp.route, &ipv6cp->myaddr, &ipv6cp->hisaddr); 160 161#ifndef NORADIUS 162 if (bundle->radius.valid) 163 route_Change(bundle, bundle->radius.routes, &ipv6cp->myaddr, 164 &ipv6cp->hisaddr); 165#endif 166 167 return 1; /* Ok */ 168} 169 170void 171ipv6cp_Init(struct ipv6cp *ipv6cp, struct bundle *bundle, struct link *l, 172 const struct fsm_parent *parent) 173{ 174 static const char * const timer_names[] = 175 {"IPV6CP restart", "IPV6CP openmode", "IPV6CP stopped"}; 176 int n; 177 178 fsm_Init(&ipv6cp->fsm, "IPV6CP", PROTO_IPV6CP, 1, IPV6CP_MAXCODE, LogIPV6CP, 179 bundle, l, parent, &ipv6cp_Callbacks, timer_names); 180 181 ipv6cp->cfg.fsm.timeout = DEF_FSMRETRY; 182 ipv6cp->cfg.fsm.maxreq = DEF_FSMTRIES; 183 ipv6cp->cfg.fsm.maxtrm = DEF_FSMTRIES; 184 185 ipv6cp->my_token = GenerateToken(); 186 while ((ipv6cp->peer_token = GenerateToken()) == ipv6cp->my_token) 187 ; 188 189 n = 100; 190 while (n && 191 !ipcp_SetIPv6address(ipv6cp, ipv6cp->my_token, ipv6cp->peer_token)) 192 while (n && (ipv6cp->my_token = GenerateToken()) == ipv6cp->peer_token) 193 n--; 194 195 throughput_init(&ipv6cp->throughput, SAMPLE_PERIOD); 196 memset(ipv6cp->Queue, '\0', sizeof ipv6cp->Queue); 197 ipv6cp_Setup(ipv6cp); 198} 199 200void 201ipv6cp_Destroy(struct ipv6cp *ipv6cp) 202{ 203 throughput_destroy(&ipv6cp->throughput); 204} 205 206void 207ipv6cp_Setup(struct ipv6cp *ipv6cp) 208{ 209 ncpaddr_init(&ipv6cp->myaddr); 210 ncpaddr_init(&ipv6cp->hisaddr); 211 212 ipv6cp->his_reject = 0; 213 ipv6cp->my_reject = 0; 214} 215 216void 217ipv6cp_SetLink(struct ipv6cp *ipv6cp, struct link *l) 218{ 219 ipv6cp->fsm.link = l; 220} 221 222int 223ipv6cp_Show(struct cmdargs const *arg) 224{ 225 struct ipv6cp *ipv6cp = &arg->bundle->ncp.ipv6cp; 226 227 prompt_Printf(arg->prompt, "%s [%s]\n", ipv6cp->fsm.name, 228 State2Nam(ipv6cp->fsm.state)); 229 if (ipv6cp->fsm.state == ST_OPENED) { 230 prompt_Printf(arg->prompt, " His side: %s\n", 231 ncpaddr_ntoa(&ipv6cp->hisaddr)); 232 prompt_Printf(arg->prompt, " My side: %s\n", 233 ncpaddr_ntoa(&ipv6cp->myaddr)); 234 prompt_Printf(arg->prompt, " Queued packets: %lu\n", 235 (unsigned long)ipv6cp_QueueLen(ipv6cp)); 236 } 237 238 prompt_Printf(arg->prompt, "\nDefaults:\n"); 239 prompt_Printf(arg->prompt, " FSM retry = %us, max %u Config" 240 " REQ%s, %u Term REQ%s\n\n", ipv6cp->cfg.fsm.timeout, 241 ipv6cp->cfg.fsm.maxreq, ipv6cp->cfg.fsm.maxreq == 1 ? "" : "s", 242 ipv6cp->cfg.fsm.maxtrm, ipv6cp->cfg.fsm.maxtrm == 1 ? "" : "s"); 243 244 throughput_disp(&ipv6cp->throughput, arg->prompt); 245 246 return 0; 247} 248 249struct mbuf * 250ipv6cp_Input(struct bundle *bundle, struct link *l, struct mbuf *bp) 251{ 252 /* Got PROTO_IPV6CP from link */ 253 m_settype(bp, MB_IPV6CPIN); 254 if (bundle_Phase(bundle) == PHASE_NETWORK) 255 fsm_Input(&bundle->ncp.ipv6cp.fsm, bp); 256 else { 257 if (bundle_Phase(bundle) < PHASE_NETWORK) 258 log_Printf(LogIPV6CP, "%s: Error: Unexpected IPV6CP in phase %s" 259 " (ignored)\n", l->name, bundle_PhaseName(bundle)); 260 m_freem(bp); 261 } 262 return NULL; 263} 264 265void 266ipv6cp_AddInOctets(struct ipv6cp *ipv6cp, int n) 267{ 268 throughput_addin(&ipv6cp->throughput, n); 269} 270 271void 272ipv6cp_AddOutOctets(struct ipv6cp *ipv6cp, int n) 273{ 274 throughput_addout(&ipv6cp->throughput, n); 275} 276 277void 278ipv6cp_IfaceAddrAdded(struct ipv6cp *ipv6cp, const struct iface_addr *addr) 279{ 280} 281 282void 283ipv6cp_IfaceAddrDeleted(struct ipv6cp *ipv6cp, const struct iface_addr *addr) 284{ 285} 286 287int 288ipv6cp_InterfaceUp(struct ipv6cp *ipv6cp) 289{ 290 if (!ipcp_SetIPv6address(ipv6cp, ipv6cp->my_token, ipv6cp->peer_token)) { 291 log_Printf(LogERROR, "ipv6cp_InterfaceUp: unable to set ipv6 address\n"); 292 return 0; 293 } 294 295 if (!iface_SetFlags(ipv6cp->fsm.bundle->iface->name, IFF_UP)) { 296 log_Printf(LogERROR, "ipv6cp_InterfaceUp: Can't set the IFF_UP" 297 " flag on %s\n", ipv6cp->fsm.bundle->iface->name); 298 return 0; 299 } 300 301 return 1; 302} 303 304size_t 305ipv6cp_QueueLen(struct ipv6cp *ipv6cp) 306{ 307 struct mqueue *q; 308 size_t result; 309 310 result = 0; 311 for (q = ipv6cp->Queue; q < ipv6cp->Queue + IPV6CP_QUEUES(ipv6cp); q++) 312 result += q->len; 313 314 return result; 315} 316 317int 318ipv6cp_PushPacket(struct ipv6cp *ipv6cp, struct link *l) 319{ 320 struct bundle *bundle = ipv6cp->fsm.bundle; 321 struct mqueue *queue; 322 struct mbuf *bp; 323 int m_len; 324 u_int32_t secs = 0; 325 unsigned alivesecs = 0; 326 327 if (ipv6cp->fsm.state != ST_OPENED) 328 return 0; 329 330 /* 331 * If ccp is not open but is required, do nothing. 332 */ 333 if (l->ccp.fsm.state != ST_OPENED && ccp_Required(&l->ccp)) { 334 log_Printf(LogPHASE, "%s: Not transmitting... waiting for CCP\n", l->name); 335 return 0; 336 } 337 338 queue = ipv6cp->Queue + IPV6CP_QUEUES(ipv6cp) - 1; 339 do { 340 if (queue->top) { 341 bp = m_dequeue(queue); 342 bp = mbuf_Read(bp, &secs, sizeof secs); 343 bp = m_pullup(bp); 344 m_len = m_length(bp); 345 if (!FilterCheck(MBUF_CTOP(bp), AF_INET6, &bundle->filter.alive, 346 &alivesecs)) { 347 if (secs == 0) 348 secs = alivesecs; 349 bundle_StartIdleTimer(bundle, secs); 350 } 351 link_PushPacket(l, bp, bundle, 0, PROTO_IPV6); 352 ipv6cp_AddOutOctets(ipv6cp, m_len); 353 return 1; 354 } 355 } while (queue-- != ipv6cp->Queue); 356 357 return 0; 358} 359 360static int 361ipv6cp_LayerUp(struct fsm *fp) 362{ 363 /* We're now up */ 364 struct ipv6cp *ipv6cp = fsm2ipv6cp(fp); 365 char tbuff[40]; 366 367 log_Printf(LogIPV6CP, "%s: LayerUp.\n", fp->link->name); 368 if (!ipv6cp_InterfaceUp(ipv6cp)) 369 return 0; 370 371 snprintf(tbuff, sizeof tbuff, "%s", ncpaddr_ntoa(&ipv6cp->myaddr)); 372 log_Printf(LogIPV6CP, "myaddr %s hisaddr = %s\n", 373 tbuff, ncpaddr_ntoa(&ipv6cp->hisaddr)); 374 375 /* XXX: Call radius_Account() and system_Select() */ 376 377 fp->more.reqs = fp->more.naks = fp->more.rejs = ipv6cp->cfg.fsm.maxreq * 3; 378 log_DisplayPrompts(); 379 380 return 1; 381} 382 383static void 384ipv6cp_LayerDown(struct fsm *fp) 385{ 386 /* About to come down */ 387 struct ipv6cp *ipv6cp = fsm2ipv6cp(fp); 388 static int recursing; 389 char addr[40]; 390 391 if (!recursing++) { 392 snprintf(addr, sizeof addr, "%s", ncpaddr_ntoa(&ipv6cp->myaddr)); 393 log_Printf(LogIPV6CP, "%s: LayerDown: %s\n", fp->link->name, addr); 394 395 /* XXX: Call radius_Account() and system_Select() */ 396 397 ipv6cp_Setup(ipv6cp); 398 } 399 recursing--; 400} 401 402static void 403ipv6cp_LayerStart(struct fsm *fp) 404{ 405 /* We're about to start up ! */ 406 struct ipv6cp *ipv6cp = fsm2ipv6cp(fp); 407 408 log_Printf(LogIPV6CP, "%s: LayerStart.\n", fp->link->name); 409 throughput_start(&ipv6cp->throughput, "IPV6CP throughput", 410 Enabled(fp->bundle, OPT_THROUGHPUT)); 411 fp->more.reqs = fp->more.naks = fp->more.rejs = ipv6cp->cfg.fsm.maxreq * 3; 412 ipv6cp->peer_tokenreq = 0; 413} 414 415static void 416ipv6cp_LayerFinish(struct fsm *fp) 417{ 418 /* We're now down */ 419 struct ipv6cp *ipv6cp = fsm2ipv6cp(fp); 420 421 log_Printf(LogIPV6CP, "%s: LayerFinish.\n", fp->link->name); 422 throughput_stop(&ipv6cp->throughput); 423 throughput_log(&ipv6cp->throughput, LogIPV6CP, NULL); 424} 425 426static void 427ipv6cp_InitRestartCounter(struct fsm *fp, int what) 428{ 429 /* Set fsm timer load */ 430 struct ipv6cp *ipv6cp = fsm2ipv6cp(fp); 431 432 fp->FsmTimer.load = ipv6cp->cfg.fsm.timeout * SECTICKS; 433 switch (what) { 434 case FSM_REQ_TIMER: 435 fp->restart = ipv6cp->cfg.fsm.maxreq; 436 break; 437 case FSM_TRM_TIMER: 438 fp->restart = ipv6cp->cfg.fsm.maxtrm; 439 break; 440 default: 441 fp->restart = 1; 442 break; 443 } 444} 445 446static void 447ipv6cp_SendConfigReq(struct fsm *fp) 448{ 449 /* Send config REQ please */ 450 struct physical *p = link2physical(fp->link); 451 struct ipv6cp *ipv6cp = fsm2ipv6cp(fp); 452 u_char buff[6]; 453 struct lcp_opt *o; 454 455 o = (struct lcp_opt *)buff; 456 457 if ((p && !physical_IsSync(p)) || !REJECTED(ipv6cp, TY_TOKEN)) { 458 memcpy(o->data, &ipv6cp->my_token, 4); 459 INC_LCP_OPT(TY_TOKEN, 6, o); 460 } 461 462 fsm_Output(fp, CODE_CONFIGREQ, fp->reqid, buff, (u_char *)o - buff, 463 MB_IPV6CPOUT); 464} 465 466static void 467ipv6cp_SentTerminateReq(struct fsm *fp) 468{ 469 /* Term REQ just sent by FSM */ 470} 471 472static void 473ipv6cp_SendTerminateAck(struct fsm *fp, u_char id) 474{ 475 /* Send Term ACK please */ 476 fsm_Output(fp, CODE_TERMACK, id, NULL, 0, MB_IPV6CPOUT); 477} 478 479static const char * 480protoname(int proto) 481{ 482 static const char *cftypes[] = { "TOKEN", "COMPPROTO" }; 483 484 if (proto > 0 && proto <= sizeof cftypes / sizeof *cftypes) 485 return cftypes[proto - 1]; 486 487 return NumStr(proto, NULL, 0); 488} 489 490static void 491ipv6cp_ValidateToken(struct ipv6cp *ipv6cp, u_int32_t token, 492 struct fsm_decode *dec) 493{ 494 if (token != 0 && token != ipv6cp->my_token) 495 ipv6cp->peer_token = token; 496 497 if (token == ipv6cp->peer_token) { 498 *dec->ackend++ = TY_TOKEN; 499 *dec->ackend++ = 6; 500 memcpy(dec->ackend, &ipv6cp->peer_token, 4); 501 dec->ackend += 4; 502 } else { 503 *dec->nakend++ = TY_TOKEN; 504 *dec->nakend++ = 6; 505 memcpy(dec->nakend, &ipv6cp->peer_token, 4); 506 dec->nakend += 4; 507 } 508} 509 510static void 511ipv6cp_DecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type, 512 struct fsm_decode *dec) 513{ 514 /* Deal with incoming PROTO_IPV6CP */ 515 struct ipv6cp *ipv6cp = fsm2ipv6cp(fp); 516 int type, length, n; 517 char tbuff[100]; 518 u_int32_t token; 519 520 while (plen >= sizeof(struct fsmconfig)) { 521 type = *cp; 522 length = cp[1]; 523 524 if (length == 0) { 525 log_Printf(LogIPV6CP, "%s: IPV6CP size zero\n", fp->link->name); 526 break; 527 } 528 529 snprintf(tbuff, sizeof tbuff, " %s[%d] ", protoname(type), length); 530 531 switch (type) { 532 case TY_TOKEN: 533 memcpy(&token, cp + 2, 4); 534 log_Printf(LogIPV6CP, "%s 0x%08lx\n", tbuff, (unsigned long)token); 535 536 switch (mode_type) { 537 case MODE_REQ: 538 ipv6cp->peer_tokenreq = 1; 539 ipv6cp_ValidateToken(ipv6cp, token, dec); 540 break; 541 542 case MODE_NAK: 543 if (token == 0) { 544 log_Printf(log_IsKept(LogIPV6CP) ? LogIPV6CP : LogPHASE, 545 "0x00000000: Unacceptable token!\n"); 546 fsm_Close(&ipv6cp->fsm); 547 } else if (token == ipv6cp->peer_token) 548 log_Printf(log_IsKept(LogIPV6CP) ? LogIPV6CP : LogPHASE, 549 "0x08lx: Unacceptable token!\n", (unsigned long)token); 550 else if (token != ipv6cp->my_token) { 551 n = 100; 552 while (n && !ipcp_SetIPv6address(ipv6cp, token, ipv6cp->peer_token)) 553 while (n && (token = GenerateToken()) == ipv6cp->peer_token) 554 n--; 555 556 if (n == 0) { 557 log_Printf(log_IsKept(LogIPV6CP) ? LogIPV6CP : LogPHASE, 558 "0x00000000: Unacceptable token!\n"); 559 fsm_Close(&ipv6cp->fsm); 560 } else { 561 log_Printf(LogIPV6CP, "%s changing token: 0x%08lx --> 0x%08lx\n", 562 tbuff, (unsigned long)ipv6cp->my_token, 563 (unsigned long)token); 564 ipv6cp->my_token = token; 565 bundle_AdjustFilters(fp->bundle, &ipv6cp->myaddr, NULL); 566 } 567 } 568 break; 569 570 case MODE_REJ: 571 ipv6cp->his_reject |= (1 << type); 572 break; 573 } 574 break; 575 576 default: 577 if (mode_type != MODE_NOP) { 578 ipv6cp->my_reject |= (1 << type); 579 memcpy(dec->rejend, cp, length); 580 dec->rejend += length; 581 } 582 break; 583 } 584 plen -= length; 585 cp += length; 586 } 587 588 if (mode_type != MODE_NOP) { 589 if (mode_type == MODE_REQ && !ipv6cp->peer_tokenreq) { 590 if (dec->rejend == dec->rej && dec->nakend == dec->nak) { 591 /* 592 * Pretend the peer has requested a TOKEN. 593 * We do this to ensure that we only send one NAK if the only 594 * reason for the NAK is because the peer isn't sending a 595 * TY_TOKEN REQ. This stops us from repeatedly trying to tell 596 * the peer that we have to have an IP address on their end. 597 */ 598 ipv6cp->peer_tokenreq = 1; 599 } 600 ipv6cp_ValidateToken(ipv6cp, 0, dec); 601 } 602 if (dec->rejend != dec->rej) { 603 /* rejects are preferred */ 604 dec->ackend = dec->ack; 605 dec->nakend = dec->nak; 606 } else if (dec->nakend != dec->nak) 607 /* then NAKs */ 608 dec->ackend = dec->ack; 609 } 610} 611#endif 612