1 /*****************************************************************************
\r
2 * ipcp.c - Network PPP IP Control Protocol program file.
\r
4 * Copyright (c) 2003 by Marc Boucher, Services Informatiques (MBSI) inc.
\r
5 * portions Copyright (c) 1997 by Global Election Systems Inc.
\r
7 * The authors hereby grant permission to use, copy, modify, distribute,
\r
8 * and license this software and its documentation for any purpose, provided
\r
9 * that existing copyright notices are retained in all copies and that this
\r
10 * notice and the following disclaimer are included verbatim in any
\r
11 * distributions. No written agreement, license, or royalty fee is required
\r
12 * for any of the authorized uses.
\r
14 * THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS *AS IS* AND ANY EXPRESS OR
\r
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
\r
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
\r
17 * IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
\r
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
\r
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
\r
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
\r
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
\r
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
\r
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
\r
25 ******************************************************************************
\r
28 * 03-01-01 Marc Boucher <marc@mbsi.ca>
\r
30 * 97-12-08 Guy Lancaster <lancasterg@acm.org>, Global Election Systems Inc.
\r
32 *****************************************************************************/
\r
34 * ipcp.c - PPP IP Control Protocol.
\r
36 * Copyright (c) 1989 Carnegie Mellon University.
\r
37 * All rights reserved.
\r
39 * Redistribution and use in source and binary forms are permitted
\r
40 * provided that the above copyright notice and this paragraph are
\r
41 * duplicated in all such forms and that any documentation,
\r
42 * advertising materials, and other materials related to such
\r
43 * distribution and use acknowledge that the software was developed
\r
44 * by Carnegie Mellon University. The name of the
\r
45 * University may not be used to endorse or promote products derived
\r
46 * from this software without specific prior written permission.
\r
47 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
\r
48 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
\r
49 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
\r
60 #include "pppdebug.h"
\r
63 /*************************/
\r
64 /*** LOCAL DEFINITIONS ***/
\r
65 /*************************/
\r
66 /* #define OLD_CI_ADDRS 1 */ /* Support deprecated address negotiation. */
\r
69 * Lengths of configuration options.
\r
71 #define CILEN_VOID 2
\r
72 #define CILEN_COMPRESS 4 /* min length for compression protocol opt. */
\r
73 #define CILEN_VJ 6 /* length for RFC1332 Van-Jacobson opt. */
\r
74 #define CILEN_ADDR 6 /* new-style single address option */
\r
75 #define CILEN_ADDRS 10 /* old-style dual address option */
\r
79 /***********************************/
\r
80 /*** LOCAL FUNCTION DECLARATIONS ***/
\r
81 /***********************************/
\r
83 * Callbacks for fsm code. (CI = Configuration Information)
\r
85 static void ipcp_resetci (fsm *); /* Reset our CI */
\r
86 static int ipcp_cilen (fsm *); /* Return length of our CI */
\r
87 static void ipcp_addci (fsm *, u_char *, int *); /* Add our CI */
\r
88 static int ipcp_ackci (fsm *, u_char *, int); /* Peer ack'd our CI */
\r
89 static int ipcp_nakci (fsm *, u_char *, int); /* Peer nak'd our CI */
\r
90 static int ipcp_rejci (fsm *, u_char *, int); /* Peer rej'd our CI */
\r
91 static int ipcp_reqci (fsm *, u_char *, int *, int); /* Rcv CI */
\r
92 static void ipcp_up (fsm *); /* We're UP */
\r
93 static void ipcp_down (fsm *); /* We're DOWN */
\r
95 static void ipcp_script (fsm *, char *); /* Run an up/down script */
\r
97 static void ipcp_finished (fsm *); /* Don't need lower layer */
\r
100 * Protocol entry points from main code.
\r
102 static void ipcp_init (int);
\r
103 static void ipcp_open (int);
\r
104 static void ipcp_close (int, char *);
\r
105 static void ipcp_lowerup (int);
\r
106 static void ipcp_lowerdown (int);
\r
107 static void ipcp_input (int, u_char *, int);
\r
108 static void ipcp_protrej (int);
\r
110 static void ipcp_clear_addrs (int);
\r
112 #define CODENAME(x) ((x) == CONFACK ? "ACK" : \
\r
113 (x) == CONFNAK ? "NAK" : "REJ")
\r
117 /******************************/
\r
118 /*** PUBLIC DATA STRUCTURES ***/
\r
119 /******************************/
\r
121 ipcp_options ipcp_wantoptions[NUM_PPP]; /* Options that we want to request */
\r
122 ipcp_options ipcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */
\r
123 ipcp_options ipcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */
\r
124 ipcp_options ipcp_hisoptions[NUM_PPP]; /* Options that we ack'd */
\r
126 fsm ipcp_fsm[NUM_PPP]; /* IPCP fsm structure */
\r
128 struct protent ipcp_protent = {
\r
152 /*****************************/
\r
153 /*** LOCAL DATA STRUCTURES ***/
\r
154 /*****************************/
\r
156 static int cis_received[NUM_PPP]; /* # Conf-Reqs received */
\r
157 static int default_route_set[NUM_PPP]; /* Have set up a default route */
\r
159 static fsm_callbacks ipcp_callbacks = { /* IPCP callback routines */
\r
160 ipcp_resetci, /* Reset our Configuration Information */
\r
161 ipcp_cilen, /* Length of our Configuration Information */
\r
162 ipcp_addci, /* Add our Configuration Information */
\r
163 ipcp_ackci, /* ACK our Configuration Information */
\r
164 ipcp_nakci, /* NAK our Configuration Information */
\r
165 ipcp_rejci, /* Reject our Configuration Information */
\r
166 ipcp_reqci, /* Request peer's Configuration Information */
\r
167 ipcp_up, /* Called when fsm reaches OPENED state */
\r
168 ipcp_down, /* Called when fsm leaves OPENED state */
\r
169 NULL, /* Called when we want the lower layer up */
\r
170 ipcp_finished, /* Called when we want the lower layer down */
\r
171 NULL, /* Called when Protocol-Reject received */
\r
172 NULL, /* Retransmission is necessary */
\r
173 NULL, /* Called to handle protocol-specific codes */
\r
174 "IPCP" /* String name of protocol */
\r
179 /**********************************/
\r
180 /*** LOCAL FUNCTION DEFINITIONS ***/
\r
181 /**********************************/
\r
184 * Non-standard inet_ntoa left here for compat with original ppp
\r
185 * sources. Assumes u32_t instead of struct in_addr.
\r
188 char * _inet_ntoa(u32_t n)
\r
192 return inet_ntoa(ia);
\r
195 #define inet_ntoa _inet_ntoa
\r
198 * ipcp_init - Initialize IPCP.
\r
200 static void ipcp_init(int unit)
\r
202 fsm *f = &ipcp_fsm[unit];
\r
203 ipcp_options *wo = &ipcp_wantoptions[unit];
\r
204 ipcp_options *ao = &ipcp_allowoptions[unit];
\r
207 f->protocol = PPP_IPCP;
\r
208 f->callbacks = &ipcp_callbacks;
\r
209 fsm_init(&ipcp_fsm[unit]);
\r
211 memset(wo, 0, sizeof(*wo));
\r
212 memset(ao, 0, sizeof(*ao));
\r
221 wo->vj_protocol = IPCP_VJ_COMP;
\r
222 wo->maxslotindex = MAX_SLOTS - 1;
\r
225 wo->default_route = 1;
\r
233 ao->maxslotindex = MAX_SLOTS - 1;
\r
236 ao->default_route = 1;
\r
241 * ipcp_open - IPCP is allowed to come up.
\r
243 static void ipcp_open(int unit)
\r
245 fsm_open(&ipcp_fsm[unit]);
\r
250 * ipcp_close - Take IPCP down.
\r
252 static void ipcp_close(int unit, char *reason)
\r
254 fsm_close(&ipcp_fsm[unit], reason);
\r
259 * ipcp_lowerup - The lower layer is up.
\r
261 static void ipcp_lowerup(int unit)
\r
263 fsm_lowerup(&ipcp_fsm[unit]);
\r
268 * ipcp_lowerdown - The lower layer is down.
\r
270 static void ipcp_lowerdown(int unit)
\r
272 fsm_lowerdown(&ipcp_fsm[unit]);
\r
277 * ipcp_input - Input IPCP packet.
\r
279 static void ipcp_input(int unit, u_char *p, int len)
\r
281 fsm_input(&ipcp_fsm[unit], p, len);
\r
286 * ipcp_protrej - A Protocol-Reject was received for IPCP.
\r
288 * Pretend the lower layer went down, so we shut up.
\r
290 static void ipcp_protrej(int unit)
\r
292 fsm_lowerdown(&ipcp_fsm[unit]);
\r
297 * ipcp_resetci - Reset our CI.
\r
299 static void ipcp_resetci(fsm *f)
\r
301 ipcp_options *wo = &ipcp_wantoptions[f->unit];
\r
303 wo->req_addr = wo->neg_addr && ipcp_allowoptions[f->unit].neg_addr;
\r
304 if (wo->ouraddr == 0)
\r
305 wo->accept_local = 1;
\r
306 if (wo->hisaddr == 0)
\r
307 wo->accept_remote = 1;
\r
308 /* Request DNS addresses from the peer */
\r
309 wo->req_dns1 = ppp_settings.usepeerdns;
\r
310 wo->req_dns2 = ppp_settings.usepeerdns;
\r
311 ipcp_gotoptions[f->unit] = *wo;
\r
312 cis_received[f->unit] = 0;
\r
317 * ipcp_cilen - Return length of our CI.
\r
319 static int ipcp_cilen(fsm *f)
\r
321 ipcp_options *go = &ipcp_gotoptions[f->unit];
\r
322 ipcp_options *wo = &ipcp_wantoptions[f->unit];
\r
323 ipcp_options *ho = &ipcp_hisoptions[f->unit];
\r
325 #define LENCIVJ(neg, old) (neg ? (old? CILEN_COMPRESS : CILEN_VJ) : 0)
\r
326 #define LENCIADDR(neg, old) (neg ? (old? CILEN_ADDRS : CILEN_ADDR) : 0)
\r
327 #define LENCIDNS(neg) (neg ? (CILEN_ADDR) : 0)
\r
330 * First see if we want to change our options to the old
\r
331 * forms because we have received old forms from the peer.
\r
333 if (wo->neg_addr && !go->neg_addr && !go->old_addrs) {
\r
334 /* use the old style of address negotiation */
\r
338 if (wo->neg_vj && !go->neg_vj && !go->old_vj) {
\r
339 /* try an older style of VJ negotiation */
\r
340 if (cis_received[f->unit] == 0) {
\r
341 /* keep trying the new style until we see some CI from the peer */
\r
344 /* use the old style only if the peer did */
\r
345 if (ho->neg_vj && ho->old_vj) {
\r
348 go->vj_protocol = ho->vj_protocol;
\r
353 return (LENCIADDR(go->neg_addr, go->old_addrs)
\r
354 + LENCIVJ(go->neg_vj, go->old_vj) +
\r
355 LENCIDNS(go->req_dns1) +
\r
356 LENCIDNS(go->req_dns2));
\r
361 * ipcp_addci - Add our desired CIs to a packet.
\r
363 static void ipcp_addci(fsm *f, u_char *ucp, int *lenp)
\r
365 ipcp_options *go = &ipcp_gotoptions[f->unit];
\r
368 #define ADDCIVJ(opt, neg, val, old, maxslotindex, cflag) \
\r
370 int vjlen = old? CILEN_COMPRESS : CILEN_VJ; \
\r
371 if (len >= vjlen) { \
\r
372 PUTCHAR(opt, ucp); \
\r
373 PUTCHAR(vjlen, ucp); \
\r
374 PUTSHORT(val, ucp); \
\r
376 PUTCHAR(maxslotindex, ucp); \
\r
377 PUTCHAR(cflag, ucp); \
\r
384 #define ADDCIADDR(opt, neg, old, val1, val2) \
\r
386 int addrlen = (old? CILEN_ADDRS: CILEN_ADDR); \
\r
387 if (len >= addrlen) { \
\r
389 PUTCHAR(opt, ucp); \
\r
390 PUTCHAR(addrlen, ucp); \
\r
402 #define ADDCIDNS(opt, neg, addr) \
\r
404 if (len >= CILEN_ADDR) { \
\r
406 PUTCHAR(opt, ucp); \
\r
407 PUTCHAR(CILEN_ADDR, ucp); \
\r
410 len -= CILEN_ADDR; \
\r
415 ADDCIADDR((go->old_addrs? CI_ADDRS: CI_ADDR), go->neg_addr,
\r
416 go->old_addrs, go->ouraddr, go->hisaddr);
\r
418 ADDCIVJ(CI_COMPRESSTYPE, go->neg_vj, go->vj_protocol, go->old_vj,
\r
419 go->maxslotindex, go->cflag);
\r
421 ADDCIDNS(CI_MS_DNS1, go->req_dns1, go->dnsaddr[0]);
\r
423 ADDCIDNS(CI_MS_DNS2, go->req_dns2, go->dnsaddr[1]);
\r
430 * ipcp_ackci - Ack our CIs.
\r
434 * 1 - Ack was good.
\r
436 static int ipcp_ackci(fsm *f, u_char *p, int len)
\r
438 ipcp_options *go = &ipcp_gotoptions[f->unit];
\r
439 u_short cilen, citype, cishort;
\r
441 u_char cimaxslotindex, cicflag;
\r
444 * CIs must be in exactly the same order that we sent...
\r
445 * Check packet length and CI length at each step.
\r
446 * If we find any deviations, then this packet is bad.
\r
449 #define ACKCIVJ(opt, neg, val, old, maxslotindex, cflag) \
\r
451 int vjlen = old? CILEN_COMPRESS : CILEN_VJ; \
\r
452 if ((len -= vjlen) < 0) \
\r
454 GETCHAR(citype, p); \
\r
455 GETCHAR(cilen, p); \
\r
456 if (cilen != vjlen || \
\r
459 GETSHORT(cishort, p); \
\r
460 if (cishort != val) \
\r
463 GETCHAR(cimaxslotindex, p); \
\r
464 if (cimaxslotindex != maxslotindex) \
\r
466 GETCHAR(cicflag, p); \
\r
467 if (cicflag != cflag) \
\r
472 #define ACKCIADDR(opt, neg, old, val1, val2) \
\r
474 int addrlen = (old? CILEN_ADDRS: CILEN_ADDR); \
\r
476 if ((len -= addrlen) < 0) \
\r
478 GETCHAR(citype, p); \
\r
479 GETCHAR(cilen, p); \
\r
480 if (cilen != addrlen || \
\r
484 cilong = htonl(l); \
\r
485 if (val1 != cilong) \
\r
489 cilong = htonl(l); \
\r
490 if (val2 != cilong) \
\r
495 #define ACKCIDNS(opt, neg, addr) \
\r
498 if ((len -= CILEN_ADDR) < 0) \
\r
500 GETCHAR(citype, p); \
\r
501 GETCHAR(cilen, p); \
\r
502 if (cilen != CILEN_ADDR || \
\r
506 cilong = htonl(l); \
\r
507 if (addr != cilong) \
\r
511 ACKCIADDR((go->old_addrs? CI_ADDRS: CI_ADDR), go->neg_addr,
\r
512 go->old_addrs, go->ouraddr, go->hisaddr);
\r
514 ACKCIVJ(CI_COMPRESSTYPE, go->neg_vj, go->vj_protocol, go->old_vj,
\r
515 go->maxslotindex, go->cflag);
\r
517 ACKCIDNS(CI_MS_DNS1, go->req_dns1, go->dnsaddr[0]);
\r
519 ACKCIDNS(CI_MS_DNS2, go->req_dns2, go->dnsaddr[1]);
\r
522 * If there are any remaining CIs, then this packet is bad.
\r
529 IPCPDEBUG((LOG_INFO, "ipcp_ackci: received bad Ack!\n"));
\r
534 * ipcp_nakci - Peer has sent a NAK for some of our CIs.
\r
535 * This should not modify any state if the Nak is bad
\r
536 * or if IPCP is in the OPENED state.
\r
540 * 1 - Nak was good.
\r
542 static int ipcp_nakci(fsm *f, u_char *p, int len)
\r
544 ipcp_options *go = &ipcp_gotoptions[f->unit];
\r
545 u_char cimaxslotindex, cicflag;
\r
546 u_char citype, cilen, *next;
\r
548 u32_t ciaddr1, ciaddr2, l, cidnsaddr;
\r
549 ipcp_options no; /* options we've seen Naks for */
\r
550 ipcp_options try; /* options to request next time */
\r
552 BZERO(&no, sizeof(no));
\r
556 * Any Nak'd CIs must be in exactly the same order that we sent.
\r
557 * Check packet length and CI length at each step.
\r
558 * If we find any deviations, then this packet is bad.
\r
560 #define NAKCIADDR(opt, neg, old, code) \
\r
562 len >= (cilen = (old? CILEN_ADDRS: CILEN_ADDR)) && \
\r
568 ciaddr1 = htonl(l); \
\r
571 ciaddr2 = htonl(l); \
\r
572 no.old_addrs = 1; \
\r
579 #define NAKCIVJ(opt, neg, code) \
\r
581 ((cilen = p[1]) == CILEN_COMPRESS || cilen == CILEN_VJ) && \
\r
586 GETSHORT(cishort, p); \
\r
591 #define NAKCIDNS(opt, neg, code) \
\r
593 ((cilen = p[1]) == CILEN_ADDR) && \
\r
599 cidnsaddr = htonl(l); \
\r
605 * Accept the peer's idea of {our,his} address, if different
\r
606 * from our idea, only if the accept_{local,remote} flag is set.
\r
608 NAKCIADDR((go->old_addrs? CI_ADDRS: CI_ADDR), neg_addr, go->old_addrs,
\r
609 if (go->accept_local && ciaddr1) { /* Do we know our address? */
\r
610 try.ouraddr = ciaddr1;
\r
611 IPCPDEBUG((LOG_INFO, "local IP address %s\n",
\r
612 inet_ntoa(ciaddr1)));
\r
614 if (go->accept_remote && ciaddr2) { /* Does he know his? */
\r
615 try.hisaddr = ciaddr2;
\r
616 IPCPDEBUG((LOG_INFO, "remote IP address %s\n",
\r
617 inet_ntoa(ciaddr2)));
\r
622 * Accept the peer's value of maxslotindex provided that it
\r
623 * is less than what we asked for. Turn off slot-ID compression
\r
624 * if the peer wants. Send old-style compress-type option if
\r
627 NAKCIVJ(CI_COMPRESSTYPE, neg_vj,
\r
628 if (cilen == CILEN_VJ) {
\r
629 GETCHAR(cimaxslotindex, p);
\r
630 GETCHAR(cicflag, p);
\r
631 if (cishort == IPCP_VJ_COMP) {
\r
633 if (cimaxslotindex < go->maxslotindex)
\r
634 try.maxslotindex = cimaxslotindex;
\r
641 if (cishort == IPCP_VJ_COMP || cishort == IPCP_VJ_COMP_OLD) {
\r
643 try.vj_protocol = cishort;
\r
650 NAKCIDNS(CI_MS_DNS1, req_dns1,
\r
651 try.dnsaddr[0] = cidnsaddr;
\r
652 IPCPDEBUG((LOG_INFO, "primary DNS address %s\n", inet_ntoa(cidnsaddr)));
\r
655 NAKCIDNS(CI_MS_DNS2, req_dns2,
\r
656 try.dnsaddr[1] = cidnsaddr;
\r
657 IPCPDEBUG((LOG_INFO, "secondary DNS address %s\n", inet_ntoa(cidnsaddr)));
\r
661 * There may be remaining CIs, if the peer is requesting negotiation
\r
662 * on an option that we didn't include in our request packet.
\r
663 * If they want to negotiate about IP addresses, we comply.
\r
664 * If they want us to ask for compression, we refuse.
\r
666 while (len > CILEN_VOID) {
\r
667 GETCHAR(citype, p);
\r
669 if( (len -= cilen) < 0 )
\r
671 next = p + cilen - 2;
\r
674 case CI_COMPRESSTYPE:
\r
675 if (go->neg_vj || no.neg_vj ||
\r
676 (cilen != CILEN_VJ && cilen != CILEN_COMPRESS))
\r
681 if ((go->neg_addr && go->old_addrs) || no.old_addrs
\r
682 || cilen != CILEN_ADDRS)
\r
687 ciaddr1 = htonl(l);
\r
688 if (ciaddr1 && go->accept_local)
\r
689 try.ouraddr = ciaddr1;
\r
691 ciaddr2 = htonl(l);
\r
692 if (ciaddr2 && go->accept_remote)
\r
693 try.hisaddr = ciaddr2;
\r
697 if (go->neg_addr || no.neg_addr || cilen != CILEN_ADDR)
\r
701 ciaddr1 = htonl(l);
\r
702 if (ciaddr1 && go->accept_local)
\r
703 try.ouraddr = ciaddr1;
\r
704 if (try.ouraddr != 0)
\r
712 /* If there is still anything left, this packet is bad. */
\r
717 * OK, the Nak is good. Now we can update state.
\r
719 if (f->state != OPENED)
\r
725 IPCPDEBUG((LOG_INFO, "ipcp_nakci: received bad Nak!\n"));
\r
731 * ipcp_rejci - Reject some of our CIs.
\r
733 static int ipcp_rejci(fsm *f, u_char *p, int len)
\r
735 ipcp_options *go = &ipcp_gotoptions[f->unit];
\r
736 u_char cimaxslotindex, ciflag, cilen;
\r
739 ipcp_options try; /* options to request next time */
\r
743 * Any Rejected CIs must be in exactly the same order that we sent.
\r
744 * Check packet length and CI length at each step.
\r
745 * If we find any deviations, then this packet is bad.
\r
747 #define REJCIADDR(opt, neg, old, val1, val2) \
\r
749 len >= (cilen = old? CILEN_ADDRS: CILEN_ADDR) && \
\r
756 cilong = htonl(l); \
\r
757 /* Check rejected value. */ \
\r
758 if (cilong != val1) \
\r
762 cilong = htonl(l); \
\r
763 /* Check rejected value. */ \
\r
764 if (cilong != val2) \
\r
770 #define REJCIVJ(opt, neg, val, old, maxslot, cflag) \
\r
772 p[1] == (old? CILEN_COMPRESS : CILEN_VJ) && \
\r
777 GETSHORT(cishort, p); \
\r
778 /* Check rejected value. */ \
\r
779 if (cishort != val) \
\r
782 GETCHAR(cimaxslotindex, p); \
\r
783 if (cimaxslotindex != maxslot) \
\r
785 GETCHAR(ciflag, p); \
\r
786 if (ciflag != cflag) \
\r
792 #define REJCIDNS(opt, neg, dnsaddr) \
\r
794 ((cilen = p[1]) == CILEN_ADDR) && \
\r
801 cilong = htonl(l); \
\r
802 /* Check rejected value. */ \
\r
803 if (cilong != dnsaddr) \
\r
808 REJCIADDR((go->old_addrs? CI_ADDRS: CI_ADDR), neg_addr,
\r
809 go->old_addrs, go->ouraddr, go->hisaddr);
\r
811 REJCIVJ(CI_COMPRESSTYPE, neg_vj, go->vj_protocol, go->old_vj,
\r
812 go->maxslotindex, go->cflag);
\r
814 REJCIDNS(CI_MS_DNS1, req_dns1, go->dnsaddr[0]);
\r
816 REJCIDNS(CI_MS_DNS2, req_dns2, go->dnsaddr[1]);
\r
819 * If there are any remaining CIs, then this packet is bad.
\r
824 * Now we can update state.
\r
826 if (f->state != OPENED)
\r
831 IPCPDEBUG((LOG_INFO, "ipcp_rejci: received bad Reject!\n"));
\r
837 * ipcp_reqci - Check the peer's requested CIs and send appropriate response.
\r
839 * Returns: CONFACK, CONFNAK or CONFREJ and input packet modified
\r
840 * appropriately. If reject_if_disagree is non-zero, doesn't return
\r
841 * CONFNAK; returns CONFREJ if it can't return CONFACK.
\r
843 static int ipcp_reqci(
\r
845 u_char *inp, /* Requested CIs */
\r
846 int *len, /* Length of requested CIs */
\r
847 int reject_if_disagree
\r
850 ipcp_options *wo = &ipcp_wantoptions[f->unit];
\r
851 ipcp_options *ho = &ipcp_hisoptions[f->unit];
\r
852 ipcp_options *ao = &ipcp_allowoptions[f->unit];
\r
853 #ifdef OLD_CI_ADDRS
\r
854 ipcp_options *go = &ipcp_gotoptions[f->unit];
\r
856 u_char *cip, *next; /* Pointer to current and next CIs */
\r
857 u_short cilen, citype; /* Parsed len, type */
\r
858 u_short cishort; /* Parsed short value */
\r
859 u32_t tl, ciaddr1; /* Parsed address values */
\r
860 #ifdef OLD_CI_ADDRS
\r
861 u32_t ciaddr2; /* Parsed address values */
\r
863 int rc = CONFACK; /* Final packet return code */
\r
864 int orc; /* Individual option return code */
\r
865 u_char *p; /* Pointer to next char to parse */
\r
866 u_char *ucp = inp; /* Pointer to current output char */
\r
867 int l = *len; /* Length left */
\r
868 u_char maxslotindex, cflag;
\r
871 cis_received[f->unit] = 1;
\r
874 * Reset all his options.
\r
876 BZERO(ho, sizeof(*ho));
\r
879 * Process all his options.
\r
883 orc = CONFACK; /* Assume success */
\r
884 cip = p = next; /* Remember begining of CI */
\r
885 if (l < 2 || /* Not enough data for CI header or */
\r
886 p[1] < 2 || /* CI length too small or */
\r
887 p[1] > l) { /* CI length too big? */
\r
888 IPCPDEBUG((LOG_INFO, "ipcp_reqci: bad CI length!\n"));
\r
889 orc = CONFREJ; /* Reject bad CI */
\r
890 cilen = l; /* Reject till end of packet */
\r
891 l = 0; /* Don't loop again */
\r
894 GETCHAR(citype, p); /* Parse CI type */
\r
895 GETCHAR(cilen, p); /* Parse CI length */
\r
896 l -= cilen; /* Adjust remaining length */
\r
897 next += cilen; /* Step to next CI */
\r
899 switch (citype) { /* Check CI type */
\r
900 #ifdef OLD_CI_ADDRS /* Need to save space... */
\r
902 IPCPDEBUG((LOG_INFO, "ipcp_reqci: received ADDRS\n"));
\r
903 if (!ao->neg_addr ||
\r
904 cilen != CILEN_ADDRS) { /* Check CI length */
\r
905 orc = CONFREJ; /* Reject CI */
\r
910 * If he has no address, or if we both have his address but
\r
911 * disagree about it, then NAK it with our idea.
\r
912 * In particular, if we don't know his address, but he does,
\r
915 GETLONG(tl, p); /* Parse source address (his) */
\r
916 ciaddr1 = htonl(tl);
\r
917 IPCPDEBUG((LOG_INFO, "his addr %s\n", inet_ntoa(ciaddr1)));
\r
918 if (ciaddr1 != wo->hisaddr
\r
919 && (ciaddr1 == 0 || !wo->accept_remote)) {
\r
921 if (!reject_if_disagree) {
\r
922 DECPTR(sizeof(u32_t), p);
\r
923 tl = ntohl(wo->hisaddr);
\r
926 } else if (ciaddr1 == 0 && wo->hisaddr == 0) {
\r
928 * If neither we nor he knows his address, reject the option.
\r
931 wo->req_addr = 0; /* don't NAK with 0.0.0.0 later */
\r
936 * If he doesn't know our address, or if we both have our address
\r
937 * but disagree about it, then NAK it with our idea.
\r
939 GETLONG(tl, p); /* Parse desination address (ours) */
\r
940 ciaddr2 = htonl(tl);
\r
941 IPCPDEBUG((LOG_INFO, "our addr %s\n", inet_ntoa(ciaddr2)));
\r
942 if (ciaddr2 != wo->ouraddr) {
\r
943 if (ciaddr2 == 0 || !wo->accept_local) {
\r
945 if (!reject_if_disagree) {
\r
946 DECPTR(sizeof(u32_t), p);
\r
947 tl = ntohl(wo->ouraddr);
\r
951 go->ouraddr = ciaddr2; /* accept peer's idea */
\r
957 ho->hisaddr = ciaddr1;
\r
958 ho->ouraddr = ciaddr2;
\r
963 if (!ao->neg_addr) {
\r
964 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Reject ADDR not allowed\n"));
\r
965 orc = CONFREJ; /* Reject CI */
\r
967 } else if (cilen != CILEN_ADDR) { /* Check CI length */
\r
968 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Reject ADDR bad len\n"));
\r
969 orc = CONFREJ; /* Reject CI */
\r
974 * If he has no address, or if we both have his address but
\r
975 * disagree about it, then NAK it with our idea.
\r
976 * In particular, if we don't know his address, but he does,
\r
979 GETLONG(tl, p); /* Parse source address (his) */
\r
980 ciaddr1 = htonl(tl);
\r
981 if (ciaddr1 != wo->hisaddr
\r
982 && (ciaddr1 == 0 || !wo->accept_remote)) {
\r
984 if (!reject_if_disagree) {
\r
985 DECPTR(sizeof(u32_t), p);
\r
986 tl = ntohl(wo->hisaddr);
\r
989 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Nak ADDR %s\n", inet_ntoa(ciaddr1)));
\r
990 } else if (ciaddr1 == 0 && wo->hisaddr == 0) {
\r
992 * Don't ACK an address of 0.0.0.0 - reject it instead.
\r
994 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Reject ADDR %s\n", inet_ntoa(ciaddr1)));
\r
996 wo->req_addr = 0; /* don't NAK with 0.0.0.0 later */
\r
1001 ho->hisaddr = ciaddr1;
\r
1002 IPCPDEBUG((LOG_INFO, "ipcp_reqci: ADDR %s\n", inet_ntoa(ciaddr1)));
\r
1007 /* Microsoft primary or secondary DNS request */
\r
1008 d = citype == CI_MS_DNS2;
\r
1010 /* If we do not have a DNS address then we cannot send it */
\r
1011 if (ao->dnsaddr[d] == 0 ||
\r
1012 cilen != CILEN_ADDR) { /* Check CI length */
\r
1013 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Rejecting DNS%d Request\n", d+1));
\r
1014 orc = CONFREJ; /* Reject CI */
\r
1018 if (htonl(tl) != ao->dnsaddr[d]) {
\r
1019 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Naking DNS%d Request %d\n",
\r
1020 d+1, inet_ntoa(tl)));
\r
1021 DECPTR(sizeof(u32_t), p);
\r
1022 tl = ntohl(ao->dnsaddr[d]);
\r
1026 IPCPDEBUG((LOG_INFO, "ipcp_reqci: received DNS%d Request\n", d+1));
\r
1031 /* Microsoft primary or secondary WINS request */
\r
1032 d = citype == CI_MS_WINS2;
\r
1033 IPCPDEBUG((LOG_INFO, "ipcp_reqci: received WINS%d Request\n", d+1));
\r
1035 /* If we do not have a DNS address then we cannot send it */
\r
1036 if (ao->winsaddr[d] == 0 ||
\r
1037 cilen != CILEN_ADDR) { /* Check CI length */
\r
1038 orc = CONFREJ; /* Reject CI */
\r
1042 if (htonl(tl) != ao->winsaddr[d]) {
\r
1043 DECPTR(sizeof(u32_t), p);
\r
1044 tl = ntohl(ao->winsaddr[d]);
\r
1050 case CI_COMPRESSTYPE:
\r
1051 if (!ao->neg_vj) {
\r
1052 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Rejecting COMPRESSTYPE not allowed\n"));
\r
1055 } else if (cilen != CILEN_VJ && cilen != CILEN_COMPRESS) {
\r
1056 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Rejecting COMPRESSTYPE len=%d\n", cilen));
\r
1060 GETSHORT(cishort, p);
\r
1062 if (!(cishort == IPCP_VJ_COMP ||
\r
1063 (cishort == IPCP_VJ_COMP_OLD && cilen == CILEN_COMPRESS))) {
\r
1064 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Rejecting COMPRESSTYPE %d\n", cishort));
\r
1070 ho->vj_protocol = cishort;
\r
1071 if (cilen == CILEN_VJ) {
\r
1072 GETCHAR(maxslotindex, p);
\r
1073 if (maxslotindex > ao->maxslotindex) {
\r
1074 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Naking VJ max slot %d\n", maxslotindex));
\r
1076 if (!reject_if_disagree){
\r
1078 PUTCHAR(ao->maxslotindex, p);
\r
1081 GETCHAR(cflag, p);
\r
1082 if (cflag && !ao->cflag) {
\r
1083 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Naking VJ cflag %d\n", cflag));
\r
1085 if (!reject_if_disagree){
\r
1087 PUTCHAR(wo->cflag, p);
\r
1090 ho->maxslotindex = maxslotindex;
\r
1091 ho->cflag = cflag;
\r
1094 ho->maxslotindex = MAX_SLOTS - 1;
\r
1097 IPCPDEBUG((LOG_INFO,
\r
1098 "ipcp_reqci: received COMPRESSTYPE p=%d old=%d maxslot=%d cflag=%d\n",
\r
1099 ho->vj_protocol, ho->old_vj, ho->maxslotindex, ho->cflag));
\r
1103 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Rejecting unknown CI type %d\n", citype));
\r
1109 if (orc == CONFACK && /* Good CI */
\r
1110 rc != CONFACK) /* but prior CI wasnt? */
\r
1111 continue; /* Don't send this one */
\r
1113 if (orc == CONFNAK) { /* Nak this CI? */
\r
1114 if (reject_if_disagree) { /* Getting fed up with sending NAKs? */
\r
1115 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Rejecting too many naks\n"));
\r
1116 orc = CONFREJ; /* Get tough if so */
\r
1118 if (rc == CONFREJ) /* Rejecting prior CI? */
\r
1119 continue; /* Don't send this one */
\r
1120 if (rc == CONFACK) { /* Ack'd all prior CIs? */
\r
1121 rc = CONFNAK; /* Not anymore... */
\r
1122 ucp = inp; /* Backup */
\r
1127 if (orc == CONFREJ && /* Reject this CI */
\r
1128 rc != CONFREJ) { /* but no prior ones? */
\r
1130 ucp = inp; /* Backup */
\r
1133 /* Need to move CI? */
\r
1135 BCOPY(cip, ucp, cilen); /* Move it */
\r
1137 /* Update output pointer */
\r
1138 INCPTR(cilen, ucp);
\r
1142 * If we aren't rejecting this packet, and we want to negotiate
\r
1143 * their address, and they didn't send their address, then we
\r
1144 * send a NAK with a CI_ADDR option appended. We assume the
\r
1145 * input buffer is long enough that we can append the extra
\r
1148 if (rc != CONFREJ && !ho->neg_addr &&
\r
1149 wo->req_addr && !reject_if_disagree) {
\r
1150 IPCPDEBUG((LOG_INFO, "ipcp_reqci: Requesting peer address\n"));
\r
1151 if (rc == CONFACK) {
\r
1153 ucp = inp; /* reset pointer */
\r
1154 wo->req_addr = 0; /* don't ask again */
\r
1156 PUTCHAR(CI_ADDR, ucp);
\r
1157 PUTCHAR(CILEN_ADDR, ucp);
\r
1158 tl = ntohl(wo->hisaddr);
\r
1162 *len = (int)(ucp - inp); /* Compute output length */
\r
1163 IPCPDEBUG((LOG_INFO, "ipcp_reqci: returning Configure-%s\n", CODENAME(rc)));
\r
1164 return (rc); /* Return final code */
\r
1170 * ip_check_options - check that any IP-related options are OK,
\r
1171 * and assign appropriate defaults.
\r
1173 static void ip_check_options(u_long localAddr)
\r
1175 ipcp_options *wo = &ipcp_wantoptions[0];
\r
1178 * Load our default IP address but allow the remote host to give us
\r
1181 if (wo->ouraddr == 0 && !ppp_settings.disable_defaultip) {
\r
1182 wo->accept_local = 1; /* don't insist on this default value */
\r
1183 wo->ouraddr = htonl(localAddr);
\r
1190 * ipcp_up - IPCP has come UP.
\r
1192 * Configure the IP network interface appropriately and bring it up.
\r
1194 static void ipcp_up(fsm *f)
\r
1197 ipcp_options *ho = &ipcp_hisoptions[f->unit];
\r
1198 ipcp_options *go = &ipcp_gotoptions[f->unit];
\r
1199 ipcp_options *wo = &ipcp_wantoptions[f->unit];
\r
1201 np_up(f->unit, PPP_IP);
\r
1202 IPCPDEBUG((LOG_INFO, "ipcp: up\n"));
\r
1205 * We must have a non-zero IP address for both ends of the link.
\r
1207 if (!ho->neg_addr)
\r
1208 ho->hisaddr = wo->hisaddr;
\r
1210 if (ho->hisaddr == 0) {
\r
1211 IPCPDEBUG((LOG_ERR, "Could not determine remote IP address\n"));
\r
1212 ipcp_close(f->unit, "Could not determine remote IP address");
\r
1215 if (go->ouraddr == 0) {
\r
1216 IPCPDEBUG((LOG_ERR, "Could not determine local IP address\n"));
\r
1217 ipcp_close(f->unit, "Could not determine local IP address");
\r
1221 if (ppp_settings.usepeerdns && (go->dnsaddr[0] || go->dnsaddr[1])) {
\r
1222 /*pppGotDNSAddrs(go->dnsaddr[0], go->dnsaddr[1]);*/
\r
1226 * Check that the peer is allowed to use the IP address it wants.
\r
1228 if (!auth_ip_addr(f->unit, ho->hisaddr)) {
\r
1229 IPCPDEBUG((LOG_ERR, "Peer is not authorized to use remote address %s\n",
\r
1230 inet_ntoa(ho->hisaddr)));
\r
1231 ipcp_close(f->unit, "Unauthorized remote IP address");
\r
1235 /* set tcp compression */
\r
1236 sifvjcomp(f->unit, ho->neg_vj, ho->cflag, ho->maxslotindex);
\r
1239 * Set IP addresses and (if specified) netmask.
\r
1241 mask = GetMask(go->ouraddr);
\r
1243 if (!sifaddr(f->unit, go->ouraddr, ho->hisaddr, mask, go->dnsaddr[0], go->dnsaddr[1])) {
\r
1244 IPCPDEBUG((LOG_WARNING, "sifaddr failed\n"));
\r
1245 ipcp_close(f->unit, "Interface configuration failed");
\r
1249 /* bring the interface up for IP */
\r
1250 if (!sifup(f->unit)) {
\r
1251 IPCPDEBUG((LOG_WARNING, "sifup failed\n"));
\r
1252 ipcp_close(f->unit, "Interface configuration failed");
\r
1256 sifnpmode(f->unit, PPP_IP, NPMODE_PASS);
\r
1258 /* assign a default route through the interface if required */
\r
1259 if (ipcp_wantoptions[f->unit].default_route)
\r
1260 if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
\r
1261 default_route_set[f->unit] = 1;
\r
1263 IPCPDEBUG((LOG_NOTICE, "local IP address %s\n", inet_ntoa(go->ouraddr)));
\r
1264 IPCPDEBUG((LOG_NOTICE, "remote IP address %s\n", inet_ntoa(ho->hisaddr)));
\r
1265 if (go->dnsaddr[0]) {
\r
1266 IPCPDEBUG((LOG_NOTICE, "primary DNS address %s\n", inet_ntoa(go->dnsaddr[0])));
\r
1268 if (go->dnsaddr[1]) {
\r
1269 IPCPDEBUG((LOG_NOTICE, "secondary DNS address %s\n", inet_ntoa(go->dnsaddr[1])));
\r
1275 * ipcp_down - IPCP has gone DOWN.
\r
1277 * Take the IP network interface down, clear its addresses
\r
1278 * and delete routes through it.
\r
1280 static void ipcp_down(fsm *f)
\r
1282 IPCPDEBUG((LOG_INFO, "ipcp: down\n"));
\r
1283 np_down(f->unit, PPP_IP);
\r
1284 sifvjcomp(f->unit, 0, 0, 0);
\r
1287 ipcp_clear_addrs(f->unit);
\r
1292 * ipcp_clear_addrs() - clear the interface addresses, routes, etc.
\r
1294 static void ipcp_clear_addrs(int unit)
\r
1296 u32_t ouraddr, hisaddr;
\r
1298 ouraddr = ipcp_gotoptions[unit].ouraddr;
\r
1299 hisaddr = ipcp_hisoptions[unit].hisaddr;
\r
1300 if (default_route_set[unit]) {
\r
1301 cifdefaultroute(unit, ouraddr, hisaddr);
\r
1302 default_route_set[unit] = 0;
\r
1304 cifaddr(unit, ouraddr, hisaddr);
\r
1309 * ipcp_finished - possibly shut down the lower layers.
\r
1311 static void ipcp_finished(fsm *f)
\r
1313 np_finished(f->unit, PPP_IP);
\r
1317 static int ipcp_printpkt(
\r
1320 void (*printer) (void *, char *, ...),
\r
1332 * ip_active_pkt - see if this IP packet is worth bringing the link up for.
\r
1333 * We don't bring the link up for IP fragments or for TCP FIN packets
\r
1336 #define IP_HDRLEN 20 /* bytes */
\r
1337 #define IP_OFFMASK 0x1fff
\r
1338 #define IPPROTO_TCP 6
\r
1339 #define TCP_HDRLEN 20
\r
1340 #define TH_FIN 0x01
\r
1343 * We use these macros because the IP header may be at an odd address,
\r
1344 * and some compilers might use word loads to get th_off or ip_hl.
\r
1347 #define net_short(x) (((x)[0] << 8) + (x)[1])
\r
1348 #define get_iphl(x) (((unsigned char *)(x))[0] & 0xF)
\r
1349 #define get_ipoff(x) net_short((unsigned char *)(x) + 6)
\r
1350 #define get_ipproto(x) (((unsigned char *)(x))[9])
\r
1351 #define get_tcpoff(x) (((unsigned char *)(x))[12] >> 4)
\r
1352 #define get_tcpflags(x) (((unsigned char *)(x))[13])
\r
1354 static int ip_active_pkt(u_char *pkt, int len)
\r
1359 len -= PPP_HDRLEN;
\r
1360 pkt += PPP_HDRLEN;
\r
1361 if (len < IP_HDRLEN)
\r
1363 if ((get_ipoff(pkt) & IP_OFFMASK) != 0)
\r
1365 if (get_ipproto(pkt) != IPPROTO_TCP)
\r
1367 hlen = get_iphl(pkt) * 4;
\r
1368 if (len < hlen + TCP_HDRLEN)
\r
1371 if ((get_tcpflags(tcp) & TH_FIN) != 0 && len == hlen + get_tcpoff(tcp) * 4)
\r
1377 #endif /* PPP_SUPPORT */
\r
projects / freertos / blob