if_pppoe.c revision 1.50
1/* $NetBSD: if_pppoe.c,v 1.50 2003/10/30 01:43:08 simonb Exp $ */ 2 3/*- 4 * Copyright (c) 2002 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin@netbsd.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the NetBSD 21 * Foundation, Inc. and its contributors. 22 * 4. Neither the name of The NetBSD Foundation nor the names of its 23 * contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGE. 37 */ 38 39#include <sys/cdefs.h> 40__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.50 2003/10/30 01:43:08 simonb Exp $"); 41 42#include "pppoe.h" 43#include "bpfilter.h" 44 45#include <sys/param.h> 46#include <sys/systm.h> 47#include <sys/kernel.h> 48#include <sys/callout.h> 49#include <sys/malloc.h> 50#include <sys/mbuf.h> 51#include <sys/socket.h> 52#include <sys/proc.h> 53#include <sys/ioctl.h> 54#include <net/if.h> 55#include <net/if_types.h> 56#include <net/if_ether.h> 57#include <net/if_sppp.h> 58#include <net/if_spppvar.h> 59#include <net/if_pppoe.h> 60 61#if NBPFILTER > 0 62#include <net/bpf.h> 63#endif 64 65#include <machine/intr.h> 66 67#undef PPPOE_DEBUG /* XXX - remove this or make it an option */ 68/* #define PPPOE_DEBUG 1 */ 69 70struct pppoehdr { 71 u_int8_t vertype; 72 u_int8_t code; 73 u_int16_t session; 74 u_int16_t plen; 75} __attribute__((__packed__)); 76 77struct pppoetag { 78 u_int16_t tag; 79 u_int16_t len; 80} __attribute__((__packed__)); 81 82#define PPPOE_HEADERLEN sizeof(struct pppoehdr) 83#define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 84 85#define PPPOE_TAG_EOL 0x0000 /* end of list */ 86#define PPPOE_TAG_SNAME 0x0101 /* service name */ 87#define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 88#define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 89#define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 90#define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 91#define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 92#define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 93#define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 94#define PPPOE_TAG_GENERIC_ERR 0x0203 /* gerneric error */ 95 96#define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 97#define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 98#define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 99#define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 100#define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 101 102/* two byte PPP protocol discriminator, then IP data */ 103#define PPPOE_MAXMTU (ETHERMTU-PPPOE_HEADERLEN-2) 104 105/* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 106#define PPPOE_ADD_16(PTR, VAL) \ 107 *(PTR)++ = (VAL) / 256; \ 108 *(PTR)++ = (VAL) % 256 109 110/* Add a complete PPPoE header to the buffer pointed to by PTR */ 111#define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 112 *(PTR)++ = PPPOE_VERTYPE; \ 113 *(PTR)++ = (CODE); \ 114 PPPOE_ADD_16(PTR, SESS); \ 115 PPPOE_ADD_16(PTR, LEN) 116 117#define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 118#define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 119#define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 120#define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 121 122#ifdef PPPOE_SERVER 123/* from if_spppsubr.c */ 124#define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 125#endif 126 127struct pppoe_softc { 128 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 129 LIST_ENTRY(pppoe_softc) sc_list; 130 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 131 132 int sc_state; /* discovery phase or session connected */ 133 struct ether_addr sc_dest; /* hardware address of concentrator */ 134 u_int16_t sc_session; /* PPPoE session id */ 135 136 char *sc_service_name; /* if != NULL: requested name of service */ 137 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 138 u_int8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 139 size_t sc_ac_cookie_len; /* length of cookie data */ 140#ifdef PPPOE_SERVER 141 u_int8_t *sc_hunique; /* content of host unique we must echo back */ 142 size_t sc_hunique_len; /* length of host unique */ 143#endif 144 struct callout sc_timeout; /* timeout while not in session state */ 145 int sc_padi_retried; /* number of PADI retries already done */ 146 int sc_padr_retried; /* number of PADR retries already done */ 147}; 148 149/* incoming traffic will be queued here */ 150struct ifqueue ppoediscinq = { NULL }; 151struct ifqueue ppoeinq = { NULL }; 152 153#ifdef __HAVE_GENERIC_SOFT_INTERRUPTS 154void * pppoe_softintr = NULL; 155static void pppoe_softintr_handler(void *); 156#else 157struct callout pppoe_softintr = CALLOUT_INITIALIZER; 158void pppoe_softintr_handler(void *); 159#endif 160 161extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 162 163/* input routines */ 164static void pppoe_input(void); 165static void pppoe_disc_input(struct mbuf *); 166static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 167static void pppoe_data_input(struct mbuf *); 168 169/* management routines */ 170void pppoeattach(int); 171static int pppoe_connect(struct pppoe_softc *); 172static int pppoe_disconnect(struct pppoe_softc *); 173static void pppoe_abort_connect(struct pppoe_softc *); 174static int pppoe_ioctl(struct ifnet *, unsigned long, caddr_t); 175static void pppoe_tls(struct sppp *); 176static void pppoe_tlf(struct sppp *); 177static void pppoe_start(struct ifnet *); 178 179/* internal timeout handling */ 180static void pppoe_timeout(void *); 181 182/* sending actual protocol controll packets */ 183static int pppoe_send_padi(struct pppoe_softc *); 184static int pppoe_send_padr(struct pppoe_softc *); 185#ifdef PPPOE_SERVER 186static int pppoe_send_pado(struct pppoe_softc *); 187static int pppoe_send_pads(struct pppoe_softc *); 188#endif 189static int pppoe_send_padt(struct ifnet *, u_int, const u_int8_t *); 190 191/* raw output */ 192static int pppoe_output(struct pppoe_softc *, struct mbuf *); 193 194/* internal helper functions */ 195static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *); 196static struct pppoe_softc * pppoe_find_softc_by_hunique(u_int8_t *, size_t, struct ifnet *); 197static struct mbuf *pppoe_get_mbuf(size_t len); 198 199LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 200 201int pppoe_clone_create __P((struct if_clone *, int)); 202void pppoe_clone_destroy __P((struct ifnet *)); 203 204struct if_clone pppoe_cloner = 205 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 206 207/* ARGSUSED */ 208void 209pppoeattach(count) 210 int count; 211{ 212 LIST_INIT(&pppoe_softc_list); 213 if_clone_attach(&pppoe_cloner); 214 215 ppoediscinq.ifq_maxlen = IFQ_MAXLEN; 216 ppoeinq.ifq_maxlen = IFQ_MAXLEN; 217 218#ifdef __HAVE_GENERIC_SOFT_INTERRUPTS 219 pppoe_softintr = softintr_establish(IPL_SOFTNET, pppoe_softintr_handler, NULL); 220#endif 221} 222 223int 224pppoe_clone_create(ifc, unit) 225 struct if_clone *ifc; 226 int unit; 227{ 228 struct pppoe_softc *sc; 229 230 sc = malloc(sizeof(struct pppoe_softc), M_DEVBUF, M_WAITOK); 231 memset(sc, 0, sizeof(struct pppoe_softc)); 232 233 sprintf(sc->sc_sppp.pp_if.if_xname, "pppoe%d", unit); 234 sc->sc_sppp.pp_if.if_softc = sc; 235 sc->sc_sppp.pp_if.if_mtu = PPPOE_MAXMTU; 236 sc->sc_sppp.pp_if.if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 237 sc->sc_sppp.pp_if.if_type = IFT_PPP; 238 sc->sc_sppp.pp_if.if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 239 sc->sc_sppp.pp_if.if_dlt = DLT_PPP_ETHER; 240 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 241 PP_NOFRAMING; /* no serial encapsulation */ 242 sc->sc_sppp.pp_if.if_ioctl = pppoe_ioctl; 243 IFQ_SET_MAXLEN(&sc->sc_sppp.pp_if.if_snd, IFQ_MAXLEN); 244 IFQ_SET_READY(&sc->sc_sppp.pp_if.if_snd); 245 246 /* changed to real address later */ 247 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 248 249 callout_init(&sc->sc_timeout); 250 251 sc->sc_sppp.pp_if.if_start = pppoe_start; 252 sc->sc_sppp.pp_tls = pppoe_tls; 253 sc->sc_sppp.pp_tlf = pppoe_tlf; 254 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 255 256 if_attach(&sc->sc_sppp.pp_if); 257 sppp_attach(&sc->sc_sppp.pp_if); 258 259#if NBPFILTER > 0 260 bpfattach(&sc->sc_sppp.pp_if, DLT_PPP_ETHER, 0); 261#endif 262 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 263 return 0; 264} 265 266void 267pppoe_clone_destroy(ifp) 268 struct ifnet *ifp; 269{ 270 struct pppoe_softc * sc = ifp->if_softc; 271 272 LIST_REMOVE(sc, sc_list); 273#if NBPFILTER > 0 274 bpfdetach(ifp); 275#endif 276 sppp_detach(&sc->sc_sppp.pp_if); 277 if_detach(ifp); 278 if (sc->sc_concentrator_name) 279 free(sc->sc_concentrator_name, M_DEVBUF); 280 if (sc->sc_service_name) 281 free(sc->sc_service_name, M_DEVBUF); 282 if (sc->sc_ac_cookie) 283 free(sc->sc_ac_cookie, M_DEVBUF); 284 free(sc, M_DEVBUF); 285} 286 287/* 288 * Find the interface handling the specified session. 289 * Note: O(number of sessions open), this is a client-side only, mean 290 * and lean implementation, so number of open sessions typically should 291 * be 1. 292 */ 293static struct pppoe_softc * 294pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif) 295{ 296 struct pppoe_softc *sc; 297 298 if (session == 0) 299 return NULL; 300 301 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 302 if (sc->sc_state == PPPOE_STATE_SESSION 303 && sc->sc_session == session) { 304 if (sc->sc_eth_if == rcvif) 305 return sc; 306 else 307 return NULL; 308 } 309 } 310 return NULL; 311} 312 313/* Check host unique token passed and return appropriate softc pointer, 314 * or NULL if token is bogus. */ 315static struct pppoe_softc * 316pppoe_find_softc_by_hunique(u_int8_t *token, size_t len, struct ifnet *rcvif) 317{ 318 struct pppoe_softc *sc, *t; 319 320 if (LIST_EMPTY(&pppoe_softc_list)) 321 return NULL; 322 323 if (len != sizeof sc) 324 return NULL; 325 memcpy(&t, token, len); 326 327 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) 328 if (sc == t) break; 329 330 if (sc == NULL) { 331#ifdef PPPOE_DEBUG 332 printf("pppoe: alien host unique tag, no session found\n"); 333#endif 334 return NULL; 335 } 336 337 /* should be safe to access *sc now */ 338 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 339 printf("%s: host unique tag found, but it belongs to a connection in state %d\n", 340 sc->sc_sppp.pp_if.if_xname, sc->sc_state); 341 return NULL; 342 } 343 if (sc->sc_eth_if != rcvif) { 344 printf("%s: wrong interface, not accepting host unique\n", 345 sc->sc_sppp.pp_if.if_xname); 346 return NULL; 347 } 348 return sc; 349} 350 351#ifdef __HAVE_GENERIC_SOFT_INTERRUPTS 352static void pppoe_softintr_handler(void *dummy) 353{ 354 /* called at splsoftnet() */ 355 pppoe_input(); 356} 357#else 358void pppoe_softintr_handler(void *dummy) 359{ 360 int s = splnet(); 361 pppoe_input(); 362 splx(s); 363} 364#endif 365 366/* called at appropriate protection level */ 367static void 368pppoe_input() 369{ 370 struct mbuf *m; 371 int s, disc_done, data_done; 372 373 do { 374 disc_done = 0; 375 data_done = 0; 376 for (;;) { 377 s = splnet(); 378 IF_DEQUEUE(&ppoediscinq, m); 379 splx(s); 380 if (m == NULL) break; 381 disc_done = 1; 382 pppoe_disc_input(m); 383 } 384 385 for (;;) { 386 s = splnet(); 387 IF_DEQUEUE(&ppoeinq, m); 388 splx(s); 389 if (m == NULL) break; 390 data_done = 1; 391 pppoe_data_input(m); 392 } 393 } while (disc_done || data_done); 394} 395 396/* analyze and handle a single received packet while not in session state */ 397static void pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 398{ 399 u_int16_t tag, len; 400 u_int16_t session, plen; 401 struct pppoe_softc *sc; 402 const char *err_msg, *err_txt; 403 u_int8_t *ac_cookie; 404 size_t ac_cookie_len; 405#ifdef PPPOE_SERVER 406 u_int8_t *hunique; 407 size_t hunique_len; 408#endif 409 struct pppoehdr *ph; 410 struct pppoetag *pt; 411 struct mbuf *n; 412 int noff, err, errortag; 413 struct ether_header *eh; 414 415 err_msg = err_txt = NULL; 416 errortag = 0; 417 if (m->m_len < sizeof(*eh)) { 418 m = m_pullup(m, sizeof(*eh)); 419 if (!m) 420 goto done; 421 } 422 eh = mtod(m, struct ether_header *); 423 off += sizeof(*eh); 424 425 ac_cookie = NULL; 426 ac_cookie_len = 0; 427#ifdef PPPOE_SERVER 428 hunique = NULL; 429 hunique_len = 0; 430#endif 431 session = 0; 432 if (m->m_pkthdr.len - off <= PPPOE_HEADERLEN) { 433 printf("pppoe: packet too short: %d\n", m->m_pkthdr.len); 434 goto done; 435 } 436 437 n = m_pulldown(m, off, sizeof(*ph), &noff); 438 if (!n) { 439 printf("pppoe: could not get PPPoE header\n"); 440 m = NULL; 441 goto done; 442 } 443 ph = (struct pppoehdr *)(mtod(n, caddr_t) + noff); 444 if (ph->vertype != PPPOE_VERTYPE) { 445 printf("pppoe: unknown version/type packet: 0x%x\n", 446 ph->vertype); 447 goto done; 448 } 449 session = ntohs(ph->session); 450 plen = ntohs(ph->plen); 451 off += sizeof(*ph); 452 453 if (plen + off > m->m_pkthdr.len) { 454 printf("pppoe: packet content does not fit: data available = %d, packet size = %u\n", 455 m->m_pkthdr.len - off, plen); 456 goto done; 457 } 458 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 459 tag = 0; 460 len = 0; 461 sc = NULL; 462 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 463 n = m_pulldown(m, off, sizeof(*pt), &noff); 464 if (!n) { 465 printf("%s: parse error\n", 466 sc ? sc->sc_sppp.pp_if.if_xname : "pppoe"); 467 m = NULL; 468 goto done; 469 } 470 pt = (struct pppoetag *)(mtod(n, caddr_t) + noff); 471 tag = ntohs(pt->tag); 472 len = ntohs(pt->len); 473 if (off + len > m->m_pkthdr.len) { 474 printf("pppoe: tag 0x%x len 0x%x is too long\n", 475 tag, len); 476 goto done; 477 } 478 switch (tag) { 479 case PPPOE_TAG_EOL: 480 goto breakbreak; 481 case PPPOE_TAG_SNAME: 482 break; /* ignored */ 483 case PPPOE_TAG_ACNAME: 484 break; /* ignored */ 485 case PPPOE_TAG_HUNIQUE: 486 if (sc != NULL) 487 break; 488 n = m_pulldown(m, off + sizeof(*pt), len, &noff); 489 if (!n) { 490 m = NULL; 491 err_msg = "TAG HUNIQUE ERROR"; 492 break; 493 } 494#ifdef PPPOE_SERVER 495 hunique = mtod(n, caddr_t) + noff; 496 hunique_len = len; 497#endif 498 sc = pppoe_find_softc_by_hunique(mtod(n, caddr_t) + noff, 499 len, m->m_pkthdr.rcvif); 500 break; 501 case PPPOE_TAG_ACCOOKIE: 502 if (ac_cookie == NULL) { 503 n = m_pulldown(m, off + sizeof(*pt), len, 504 &noff); 505 if (!n) { 506 err_msg = "TAG ACCOOKIE ERROR"; 507 m = NULL; 508 break; 509 } 510 ac_cookie = mtod(n, caddr_t) + noff; 511 ac_cookie_len = len; 512 } 513 break; 514 case PPPOE_TAG_SNAME_ERR: 515 err_msg = "SERVICE NAME ERROR"; 516 errortag = 1; 517 break; 518 case PPPOE_TAG_ACSYS_ERR: 519 err_msg = "AC SYSTEM ERROR"; 520 errortag = 1; 521 break; 522 case PPPOE_TAG_GENERIC_ERR: 523 err_msg = "GENERIC ERROR"; 524 errortag = 1; 525 break; 526 } 527 if (err_msg) { 528 err_txt = ""; 529 if (errortag && len) { 530 n = m_pulldown(m, off + sizeof(*pt), len, 531 &noff); 532 if (n) 533 err_txt = mtod(n, caddr_t) + noff; 534 } 535 printf("%s: %s: %*s\n", 536 sc ? sc->sc_sppp.pp_if.if_xname : "pppoe*", 537 err_msg, len, err_txt); 538 if (errortag) 539 goto done; 540 } 541 off += sizeof(*pt) + len; 542 } 543breakbreak:; 544 switch (ph->code) { 545 case PPPOE_CODE_PADI: 546#ifdef PPPOE_SERVER 547 /* 548 * got service name, concentrator name, and/or host unique. 549 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 550 */ 551 if (LIST_EMPTY(&pppoe_softc_list)) 552 goto done; 553 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 554 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) 555 continue; 556 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 557 continue; 558 if (sc->sc_state == PPPOE_STATE_INITIAL) 559 break; 560 } 561 if (sc == NULL) { 562/* printf("pppoe: free passive interface is not found\n");*/ 563 goto done; 564 } 565 if (hunique) { 566 if (sc->sc_hunique) 567 free(sc->sc_hunique, M_DEVBUF); 568 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 569 M_DONTWAIT); 570 if (sc->sc_hunique == NULL) 571 goto done; 572 sc->sc_hunique_len = hunique_len; 573 memcpy(sc->sc_hunique, hunique, hunique_len); 574 } 575 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 576 sc->sc_state = PPPOE_STATE_PADO_SENT; 577 pppoe_send_pado(sc); 578 break; 579#endif /* PPPOE_SERVER */ 580 case PPPOE_CODE_PADR: 581#ifdef PPPOE_SERVER 582 /* 583 * get sc from ac_cookie if IFF_PASSIVE 584 */ 585 if (ac_cookie == NULL) { 586 /* be quiet if there is not a single pppoe instance */ 587 printf("pppoe: received PADR but not includes ac_cookie\n"); 588 goto done; 589 } 590 sc = pppoe_find_softc_by_hunique(ac_cookie, 591 ac_cookie_len, 592 m->m_pkthdr.rcvif); 593 if (sc == NULL) { 594 /* be quiet if there is not a single pppoe instance */ 595 if (!LIST_EMPTY(&pppoe_softc_list)) 596 printf("pppoe: received PADR but could not find request for it\n"); 597 goto done; 598 } 599 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 600 printf("%s: received unexpected PADR\n", 601 sc->sc_sppp.pp_if.if_xname); 602 goto done; 603 } 604 if (hunique) { 605 if (sc->sc_hunique) 606 free(sc->sc_hunique, M_DEVBUF); 607 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 608 M_DONTWAIT); 609 if (sc->sc_hunique == NULL) 610 goto done; 611 sc->sc_hunique_len = hunique_len; 612 memcpy(sc->sc_hunique, hunique, hunique_len); 613 } 614 pppoe_send_pads(sc); 615 sc->sc_state = PPPOE_STATE_SESSION; 616 sc->sc_sppp.pp_up(&sc->sc_sppp); 617 break; 618#else 619 /* ignore, we are no access concentrator */ 620 goto done; 621#endif /* PPPOE_SERVER */ 622 case PPPOE_CODE_PADO: 623 if (sc == NULL) { 624 /* be quiet if there is not a single pppoe instance */ 625 if (!LIST_EMPTY(&pppoe_softc_list)) 626 printf("pppoe: received PADO but could not find request for it\n"); 627 goto done; 628 } 629 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 630 printf("%s: received unexpected PADO\n", 631 sc->sc_sppp.pp_if.if_xname); 632 goto done; 633 } 634 if (ac_cookie) { 635 if (sc->sc_ac_cookie) 636 free(sc->sc_ac_cookie, M_DEVBUF); 637 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 638 M_DONTWAIT); 639 if (sc->sc_ac_cookie == NULL) 640 goto done; 641 sc->sc_ac_cookie_len = ac_cookie_len; 642 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 643 } 644 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 645 callout_stop(&sc->sc_timeout); 646 sc->sc_padr_retried = 0; 647 sc->sc_state = PPPOE_STATE_PADR_SENT; 648 if ((err = pppoe_send_padr(sc)) != 0) { 649 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 650 printf("%s: failed to send PADR, " 651 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 652 err); 653 } 654 callout_reset(&sc->sc_timeout, 655 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 656 pppoe_timeout, sc); 657 break; 658 case PPPOE_CODE_PADS: 659 if (sc == NULL) 660 goto done; 661 sc->sc_session = session; 662 callout_stop(&sc->sc_timeout); 663 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 664 printf("%s: session 0x%x connected\n", 665 sc->sc_sppp.pp_if.if_xname, session); 666 sc->sc_state = PPPOE_STATE_SESSION; 667 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 668 break; 669 case PPPOE_CODE_PADT: 670 if (sc == NULL) 671 goto done; 672 /* stop timer (we might be about to transmit a PADT ourself) */ 673 callout_stop(&sc->sc_timeout); 674 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 675 printf("%s: session 0x%x terminated, received PADT\n", 676 sc->sc_sppp.pp_if.if_xname, session); 677 /* clean up softc */ 678 sc->sc_state = PPPOE_STATE_INITIAL; 679 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 680 if (sc->sc_ac_cookie) { 681 free(sc->sc_ac_cookie, M_DEVBUF); 682 sc->sc_ac_cookie = NULL; 683 } 684 sc->sc_ac_cookie_len = 0; 685 sc->sc_session = 0; 686 /* signal upper layer */ 687 sc->sc_sppp.pp_down(&sc->sc_sppp); 688 break; 689 default: 690 printf("%s: unknown code (0x%04x) session = 0x%04x\n", 691 sc? sc->sc_sppp.pp_if.if_xname : "pppoe", 692 ph->code, session); 693 break; 694 } 695 696done: 697 m_freem(m); 698 return; 699} 700 701static void 702pppoe_disc_input(struct mbuf *m) 703{ 704 705 /* avoid error messages if there is not a single pppoe instance */ 706 if (!LIST_EMPTY(&pppoe_softc_list)) { 707 KASSERT(m->m_flags & M_PKTHDR); 708 pppoe_dispatch_disc_pkt(m, 0); 709 } else 710 m_freem(m); 711} 712 713static void 714pppoe_data_input(struct mbuf *m) 715{ 716 u_int16_t session, plen; 717 struct pppoe_softc *sc; 718 struct pppoehdr *ph; 719#ifdef PPPOE_TERM_UNKNOWN_SESSIONS 720 u_int8_t shost[ETHER_ADDR_LEN]; 721#endif 722 723 KASSERT(m->m_flags & M_PKTHDR); 724 725#ifdef PPPOE_TERM_UNKNOWN_SESSIONS 726 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, ETHER_ADDR_LEN); 727#endif 728 m_adj(m, sizeof(struct ether_header)); 729 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 730 printf("pppoe (data): dropping too short packet: %d bytes\n", 731 m->m_pkthdr.len); 732 goto drop; 733 } 734 735 if (m->m_len < sizeof(*ph)) { 736 m = m_pullup(m, sizeof(*ph)); 737 if (!m) { 738 printf("pppoe: could not get PPPoE header\n"); 739 return; 740 } 741 } 742 ph = mtod(m, struct pppoehdr *); 743 744 if (ph->vertype != PPPOE_VERTYPE) { 745 printf("pppoe (data): unknown version/type packet: 0x%x\n", 746 ph->vertype); 747 goto drop; 748 } 749 if (ph->code != 0) 750 goto drop; 751 752 session = ntohs(ph->session); 753 sc = pppoe_find_softc_by_session(session, m->m_pkthdr.rcvif); 754 if (sc == NULL) { 755#ifdef PPPOE_TERM_UNKNOWN_SESSIONS 756 printf("pppoe: input for unknown session 0x%x, sending PADT\n", 757 session); 758 pppoe_send_padt(m->m_pkthdr.rcvif, session, shost); 759#endif 760 goto drop; 761 } 762 763 plen = ntohs(ph->plen); 764 765#if NBPFILTER > 0 766 if(sc->sc_sppp.pp_if.if_bpf) 767 bpf_mtap(sc->sc_sppp.pp_if.if_bpf, m); 768#endif 769 770 m_adj(m, PPPOE_HEADERLEN); 771 772#ifdef PPPOE_DEBUG 773 { 774 struct mbuf *p; 775 776 printf("%s: pkthdr.len=%d, pppoe.len=%d", 777 sc->sc_sppp.pp_if.if_xname, 778 m->m_pkthdr.len, plen); 779 p = m; 780 while (p) { 781 printf(" l=%d", p->m_len); 782 p = p->m_next; 783 } 784 printf("\n"); 785 } 786#endif 787 788 if (m->m_pkthdr.len < plen) 789 goto drop; 790 791 /* fix incoming interface pointer (not the raw ethernet interface anymore) */ 792 m->m_pkthdr.rcvif = &sc->sc_sppp.pp_if; 793 794 /* pass packet up and account for it */ 795 sc->sc_sppp.pp_if.if_ipackets++; 796 sppp_input(&sc->sc_sppp.pp_if, m); 797 return; 798 799drop: 800 m_freem(m); 801} 802 803static int 804pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 805{ 806 struct sockaddr dst; 807 struct ether_header *eh; 808 u_int16_t etype; 809 810 if (sc->sc_eth_if == NULL) 811 return EIO; 812 813 memset(&dst, 0, sizeof dst); 814 dst.sa_family = AF_UNSPEC; 815 eh = (struct ether_header*)&dst.sa_data; 816 etype = sc->sc_state == PPPOE_STATE_SESSION ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 817 eh->ether_type = htons(etype); 818 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 819 820#ifdef PPPOE_DEBUG 821 printf("%s (%x) state=%d, session=0x%x output -> %s, len=%d\n", 822 sc->sc_sppp.pp_if.if_xname, etype, 823 sc->sc_state, sc->sc_session, 824 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 825#endif 826 827 m->m_flags &= ~(M_BCAST|M_MCAST); 828 sc->sc_sppp.pp_if.if_opackets++; 829 return sc->sc_eth_if->if_output(sc->sc_eth_if, m, &dst, NULL); 830} 831 832static int 833pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, caddr_t data) 834{ 835 struct proc *p = curproc; /* XXX */ 836 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 837 int error = 0; 838 839 switch (cmd) { 840 case PPPOESETPARMS: 841 { 842 struct pppoediscparms *parms = (struct pppoediscparms*)data; 843 if ((error = suser(p->p_ucred, &p->p_acflag)) != 0) 844 return error; 845 if (parms->eth_ifname[0] != 0) { 846 sc->sc_eth_if = ifunit(parms->eth_ifname); 847 if (sc->sc_eth_if == NULL) 848 return ENXIO; 849 } 850 if (parms->ac_name) { 851 size_t s; 852 char * p = malloc(parms->ac_name_len + 1, M_DEVBUF, 853 M_WAITOK); 854 if (p == NULL) 855 return ENOMEM; 856 error = copyinstr(parms->ac_name, p, 857 parms->ac_name_len+1, &s); 858 if (error != 0) { 859 free(p, M_DEVBUF); 860 return error; 861 } 862 if (s != parms->ac_name_len+1) { 863 free(p, M_DEVBUF); 864 return EINVAL; 865 } 866 if (sc->sc_concentrator_name) 867 free(sc->sc_concentrator_name, M_DEVBUF); 868 sc->sc_concentrator_name = p; 869 } 870 if (parms->service_name) { 871 size_t s; 872 char * p = malloc(parms->service_name_len + 1, M_DEVBUF, 873 M_WAITOK); 874 if (p == NULL) 875 return ENOMEM; 876 error = copyinstr(parms->service_name, p, 877 parms->service_name_len+1, &s); 878 if (error != 0) { 879 free(p, M_DEVBUF); 880 return error; 881 } 882 if (s != parms->service_name_len+1) { 883 free(p, M_DEVBUF); 884 return EINVAL; 885 } 886 if (sc->sc_service_name) 887 free(sc->sc_service_name, M_DEVBUF); 888 sc->sc_service_name = p; 889 } 890 return 0; 891 } 892 break; 893 case PPPOEGETPARMS: 894 { 895 struct pppoediscparms *parms = (struct pppoediscparms*)data; 896 memset(parms, 0, sizeof *parms); 897 if (sc->sc_eth_if) 898 strncpy(parms->ifname, sc->sc_eth_if->if_xname, IFNAMSIZ); 899 return 0; 900 } 901 break; 902 case PPPOEGETSESSION: 903 { 904 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 905 state->state = sc->sc_state; 906 state->session_id = sc->sc_session; 907 state->padi_retry_no = sc->sc_padi_retried; 908 state->padr_retry_no = sc->sc_padr_retried; 909 return 0; 910 } 911 break; 912 case SIOCSIFFLAGS: 913 { 914 struct ifreq *ifr = (struct ifreq*) data; 915 /* 916 * Prevent running re-establishment timers overriding 917 * administrators choice. 918 */ 919 if ((ifr->ifr_flags & IFF_UP) == 0 920 && sc->sc_state >= PPPOE_STATE_PADI_SENT 921 && sc->sc_state < PPPOE_STATE_SESSION) { 922 callout_stop(&sc->sc_timeout); 923 sc->sc_state = PPPOE_STATE_INITIAL; 924 sc->sc_padi_retried = 0; 925 sc->sc_padr_retried = 0; 926 memcpy(&sc->sc_dest, etherbroadcastaddr, 927 sizeof(sc->sc_dest)); 928 } 929 return sppp_ioctl(ifp, cmd, data); 930 } 931 case SIOCSIFMTU: 932 { 933 struct ifreq *ifr = (struct ifreq*) data; 934 935 if (ifr->ifr_mtu > PPPOE_MAXMTU) 936 return EINVAL; 937 return sppp_ioctl(ifp, cmd, data); 938 } 939 default: 940 return sppp_ioctl(ifp, cmd, data); 941 } 942 return 0; 943} 944 945/* 946 * Allocate a mbuf/cluster with space to store the given data length 947 * of payload, leaving space for prepending an ethernet header 948 * in front. 949 */ 950static struct mbuf * 951pppoe_get_mbuf(size_t len) 952{ 953 struct mbuf *m; 954 955 MGETHDR(m, M_DONTWAIT, MT_DATA); 956 if (m == NULL) 957 return NULL; 958 if (len + sizeof(struct ether_header) > MHLEN) { 959 MCLGET(m, M_DONTWAIT); 960 if ((m->m_flags & M_EXT) == 0) { 961 struct mbuf *n; 962 MFREE(m, n); 963 return 0; 964 } 965 } 966 m->m_data += sizeof(struct ether_header); 967 m->m_len = len; 968 m->m_pkthdr.len = len; 969 m->m_pkthdr.rcvif = NULL; 970 971 return m; 972} 973 974static int 975pppoe_send_padi(struct pppoe_softc *sc) 976{ 977 struct mbuf *m0; 978 int len, l1 = 0, l2 = 0; /* XXX: gcc */ 979 u_int8_t *p; 980 981 if (sc->sc_state >PPPOE_STATE_PADI_SENT) 982 panic("pppoe_send_padi in state %d", sc->sc_state); 983 984 /* calculate length of frame (excluding ethernet header + pppoe header) */ 985 len = 2 + 2 + 2 + 2 + sizeof sc; /* service name tag is required, host unique is send too */ 986 if (sc->sc_service_name != NULL) { 987 l1 = strlen(sc->sc_service_name); 988 len += l1; 989 } 990 if (sc->sc_concentrator_name != NULL) { 991 l2 = strlen(sc->sc_concentrator_name); 992 len += 2 + 2 + l2; 993 } 994 995 /* allocate a buffer */ 996 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); /* header len + payload len */ 997 if (!m0) 998 return ENOBUFS; 999 1000 /* fill in pkt */ 1001 p = mtod(m0, u_int8_t *); 1002 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1003 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1004 if (sc->sc_service_name != NULL) { 1005 PPPOE_ADD_16(p, l1); 1006 memcpy(p, sc->sc_service_name, l1); 1007 p += l1; 1008 } else { 1009 PPPOE_ADD_16(p, 0); 1010 } 1011 if (sc->sc_concentrator_name != NULL) { 1012 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1013 PPPOE_ADD_16(p, l2); 1014 memcpy(p, sc->sc_concentrator_name, l2); 1015 p += l2; 1016 } 1017 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1018 PPPOE_ADD_16(p, sizeof(sc)); 1019 memcpy(p, &sc, sizeof sc); 1020 1021#ifdef PPPOE_DEBUG 1022 p += sizeof sc; 1023 if (p - mtod(m0, u_int8_t *) != len + PPPOE_HEADERLEN) 1024 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1025 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, u_int8_t *))); 1026#endif 1027 1028 /* send pkt */ 1029 return pppoe_output(sc, m0); 1030} 1031 1032static void 1033pppoe_timeout(void *arg) 1034{ 1035 int x, retry_wait, err; 1036 struct pppoe_softc *sc = (struct pppoe_softc*)arg; 1037 1038#ifdef PPPOE_DEBUG 1039 printf("%s: timeout\n", sc->sc_sppp.pp_if.if_xname); 1040#endif 1041 1042 switch (sc->sc_state) { 1043 case PPPOE_STATE_PADI_SENT: 1044 /* 1045 * We have two basic ways of retrying: 1046 * - Quick retry mode: try a few times in short sequence 1047 * - Slow retry mode: we already had a connection successfully 1048 * established and will try infinitely (without user 1049 * intervention) 1050 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1051 * is not set. 1052 */ 1053 1054 /* initialize for quick retry mode */ 1055 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1056 1057 x = splnet(); 1058 sc->sc_padi_retried++; 1059 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1060 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1061 /* slow retry mode */ 1062 retry_wait = PPPOE_SLOW_RETRY; 1063 } else { 1064 pppoe_abort_connect(sc); 1065 splx(x); 1066 return; 1067 } 1068 } 1069 if ((err = pppoe_send_padi(sc)) != 0) { 1070 sc->sc_padi_retried--; 1071 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1072 printf("%s: failed to transmit PADI, " 1073 "error=%d\n", 1074 sc->sc_sppp.pp_if.if_xname, err); 1075 } 1076 callout_reset(&sc->sc_timeout, retry_wait, 1077 pppoe_timeout, sc); 1078 splx(x); 1079 break; 1080 1081 case PPPOE_STATE_PADR_SENT: 1082 x = splnet(); 1083 sc->sc_padr_retried++; 1084 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1085 memcpy(&sc->sc_dest, etherbroadcastaddr, 1086 sizeof(sc->sc_dest)); 1087 sc->sc_state = PPPOE_STATE_PADI_SENT; 1088 sc->sc_padr_retried = 0; 1089 if ((err = pppoe_send_padi(sc)) != 0) { 1090 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1091 printf("%s: failed to send PADI" 1092 ", error=%d\n", 1093 sc->sc_sppp.pp_if.if_xname, 1094 err); 1095 } 1096 callout_reset(&sc->sc_timeout, 1097 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried), 1098 pppoe_timeout, sc); 1099 splx(x); 1100 return; 1101 } 1102 if ((err = pppoe_send_padr(sc)) != 0) { 1103 sc->sc_padr_retried--; 1104 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1105 printf("%s: failed to send PADR, " 1106 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 1107 err); 1108 } 1109 callout_reset(&sc->sc_timeout, 1110 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 1111 pppoe_timeout, sc); 1112 splx(x); 1113 break; 1114 case PPPOE_STATE_CLOSING: 1115 pppoe_disconnect(sc); 1116 break; 1117 default: 1118 return; /* all done, work in peace */ 1119 } 1120} 1121 1122/* Start a connection (i.e. initiate discovery phase) */ 1123static int 1124pppoe_connect(struct pppoe_softc *sc) 1125{ 1126 int x, err; 1127 1128 if (sc->sc_state != PPPOE_STATE_INITIAL) 1129 return EBUSY; 1130 1131#ifdef PPPOE_SERVER 1132 /* wait PADI if IFF_PASSIVE */ 1133 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1134 return 0; 1135#endif 1136 x = splnet(); 1137 /* save state, in case we fail to send PADI */ 1138 sc->sc_state = PPPOE_STATE_PADI_SENT; 1139 sc->sc_padr_retried = 0; 1140 err = pppoe_send_padi(sc); 1141 if (err != 0 && sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1142 printf("%s: failed to send PADI, error=%d\n", 1143 sc->sc_sppp.pp_if.if_xname, err); 1144 callout_reset(&sc->sc_timeout, PPPOE_DISC_TIMEOUT, pppoe_timeout, sc); 1145 splx(x); 1146 return err; 1147} 1148 1149/* disconnect */ 1150static int 1151pppoe_disconnect(struct pppoe_softc *sc) 1152{ 1153 int err, x; 1154 1155 x = splnet(); 1156 1157 if (sc->sc_state < PPPOE_STATE_SESSION) 1158 err = EBUSY; 1159 else { 1160 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1161 printf("%s: disconnecting\n", 1162 sc->sc_sppp.pp_if.if_xname); 1163 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, (const u_int8_t *)&sc->sc_dest); 1164 } 1165 1166 /* cleanup softc */ 1167 sc->sc_state = PPPOE_STATE_INITIAL; 1168 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1169 if (sc->sc_ac_cookie) { 1170 free(sc->sc_ac_cookie, M_DEVBUF); 1171 sc->sc_ac_cookie = NULL; 1172 } 1173 sc->sc_ac_cookie_len = 0; 1174#ifdef PPPOE_SERVER 1175 if (sc->sc_hunique) { 1176 free(sc->sc_hunique, M_DEVBUF); 1177 sc->sc_hunique = NULL; 1178 } 1179 sc->sc_hunique_len = 0; 1180#endif 1181 sc->sc_session = 0; 1182 1183 /* notify upper layer */ 1184 sc->sc_sppp.pp_down(&sc->sc_sppp); 1185 1186 splx(x); 1187 1188 return err; 1189} 1190 1191/* Connection attempt aborted */ 1192static void 1193pppoe_abort_connect(struct pppoe_softc *sc) 1194{ 1195 printf("%s: could not establish connection\n", 1196 sc->sc_sppp.pp_if.if_xname); 1197 sc->sc_state = PPPOE_STATE_CLOSING; 1198 1199 /* notify upper layer */ 1200 sc->sc_sppp.pp_down(&sc->sc_sppp); 1201 1202 /* clear connection state */ 1203 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1204 sc->sc_state = PPPOE_STATE_INITIAL; 1205} 1206 1207/* Send a PADR packet */ 1208static int 1209pppoe_send_padr(struct pppoe_softc *sc) 1210{ 1211 struct mbuf *m0; 1212 u_int8_t *p; 1213 size_t len, l1 = 0; /* XXX: gcc */ 1214 1215 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1216 return EIO; 1217 1218 len = 2 + 2 + 2 + 2 + sizeof(sc); /* service name, host unique */ 1219 if (sc->sc_service_name != NULL) { /* service name tag maybe empty */ 1220 l1 = strlen(sc->sc_service_name); 1221 len += l1; 1222 } 1223 if (sc->sc_ac_cookie_len > 0) 1224 len += 2 + 2 + sc->sc_ac_cookie_len; /* AC cookie */ 1225 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1226 if (!m0) 1227 return ENOBUFS; 1228 p = mtod(m0, u_int8_t *); 1229 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1230 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1231 if (sc->sc_service_name != NULL) { 1232 PPPOE_ADD_16(p, l1); 1233 memcpy(p, sc->sc_service_name, l1); 1234 p += l1; 1235 } else { 1236 PPPOE_ADD_16(p, 0); 1237 } 1238 if (sc->sc_ac_cookie_len > 0) { 1239 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1240 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1241 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1242 p += sc->sc_ac_cookie_len; 1243 } 1244 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1245 PPPOE_ADD_16(p, sizeof(sc)); 1246 memcpy(p, &sc, sizeof sc); 1247 1248#ifdef PPPOE_DEBUG 1249 p += sizeof sc; 1250 if (p - mtod(m0, u_int8_t *) != len + PPPOE_HEADERLEN) 1251 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1252 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, u_int8_t *))); 1253#endif 1254 1255 return pppoe_output(sc, m0); 1256} 1257 1258/* send a PADT packet */ 1259static int 1260pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const u_int8_t *dest) 1261{ 1262 struct ether_header *eh; 1263 struct sockaddr dst; 1264 struct mbuf *m0; 1265 u_int8_t *p; 1266 1267 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1268 if (!m0) 1269 return EIO; 1270 p = mtod(m0, u_int8_t *); 1271 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1272 1273 memset(&dst, 0, sizeof dst); 1274 dst.sa_family = AF_UNSPEC; 1275 eh = (struct ether_header*)&dst.sa_data; 1276 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1277 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1278 1279 m0->m_flags &= ~(M_BCAST|M_MCAST); 1280 return outgoing_if->if_output(outgoing_if, m0, &dst, NULL); 1281} 1282 1283#ifdef PPPOE_SERVER 1284static int 1285pppoe_send_pado(struct pppoe_softc *sc) 1286{ 1287 struct mbuf *m0; 1288 u_int8_t *p; 1289 size_t len; 1290 1291 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1292 return EIO; 1293 1294 /* calc length */ 1295 len = 0; 1296 /* include ac_cookie */ 1297 len += 2 + 2 + sizeof(sc); 1298 /* include hunique */ 1299 len += 2 + 2 + sc->sc_hunique_len; 1300 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1301 if (!m0) 1302 return EIO; 1303 p = mtod(m0, u_int8_t *); 1304 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1305 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1306 PPPOE_ADD_16(p, sizeof(sc)); 1307 memcpy(p, &sc, sizeof(sc)); 1308 p += sizeof(sc); 1309 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1310 PPPOE_ADD_16(p, sc->sc_hunique_len); 1311 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1312 return pppoe_output(sc, m0); 1313} 1314 1315static int 1316pppoe_send_pads(struct pppoe_softc *sc) 1317{ 1318 struct mbuf *m0; 1319 u_int8_t *p; 1320 size_t len, l1; 1321 1322 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1323 return EIO; 1324 1325 sc->sc_session = mono_time.tv_sec % 0xff + 1; 1326 /* calc length */ 1327 len = 0; 1328 /* include hunique */ 1329 len += 2 + 2 + 2 + 2 + sc->sc_hunique_len; /* service name, host unique*/ 1330 if (sc->sc_service_name != NULL) { /* service name tag maybe empty */ 1331 l1 = strlen(sc->sc_service_name); 1332 len += l1; 1333 } 1334 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1335 if (!m0) 1336 return ENOBUFS; 1337 p = mtod(m0, u_int8_t *); 1338 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1339 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1340 if (sc->sc_service_name != NULL) { 1341 PPPOE_ADD_16(p, l1); 1342 memcpy(p, sc->sc_service_name, l1); 1343 p += l1; 1344 } else { 1345 PPPOE_ADD_16(p, 0); 1346 } 1347 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1348 PPPOE_ADD_16(p, sc->sc_hunique_len); 1349 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1350 return pppoe_output(sc, m0); 1351} 1352#endif 1353 1354static void 1355pppoe_tls(struct sppp *sp) 1356{ 1357 struct pppoe_softc *sc = (void *)sp; 1358 if (sc->sc_state != PPPOE_STATE_INITIAL) 1359 return; 1360 pppoe_connect(sc); 1361} 1362 1363static void 1364pppoe_tlf(struct sppp *sp) 1365{ 1366 struct pppoe_softc *sc = (void *)sp; 1367 if (sc->sc_state < PPPOE_STATE_SESSION) 1368 return; 1369 /* 1370 * Do not call pppoe_disconnect here, the upper layer state 1371 * machine gets confused by this. We must return from this 1372 * function and defer disconnecting to the timeout handler. 1373 */ 1374 sc->sc_state = PPPOE_STATE_CLOSING; 1375 callout_reset(&sc->sc_timeout, hz/50, pppoe_timeout, sc); 1376} 1377 1378static void 1379pppoe_start(struct ifnet *ifp) 1380{ 1381 struct pppoe_softc *sc = (void *)ifp; 1382 struct mbuf *m; 1383 u_int8_t *p; 1384 size_t len; 1385 1386 if (sppp_isempty(ifp)) 1387 return; 1388 1389 /* are we ready to process data yet? */ 1390 if (sc->sc_state < PPPOE_STATE_SESSION) { 1391 sppp_flush(&sc->sc_sppp.pp_if); 1392 return; 1393 } 1394 1395 while ((m = sppp_dequeue(ifp)) != NULL) { 1396 len = m->m_pkthdr.len; 1397 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1398 if (m == NULL) { 1399 ifp->if_oerrors++; 1400 continue; 1401 } 1402 p = mtod(m, u_int8_t *); 1403 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1404 1405#if NBPFILTER > 0 1406 if(sc->sc_sppp.pp_if.if_bpf) 1407 bpf_mtap(sc->sc_sppp.pp_if.if_bpf, m); 1408#endif 1409 1410 pppoe_output(sc, m); 1411 } 1412} 1413