1 /*
2 * ng_lmi.c
3 */
4
5 /*-
6 * Copyright (c) 1996-1999 Whistle Communications, Inc.
7 * All rights reserved.
8 *
9 * Subject to the following obligations and disclaimer of warranty, use and
10 * redistribution of this software, in source or object code forms, with or
11 * without modifications are expressly permitted by Whistle Communications;
12 * provided, however, that:
13 * 1. Any and all reproductions of the source or object code must include the
14 * copyright notice above and the following disclaimer of warranties; and
15 * 2. No rights are granted, in any manner or form, to use Whistle
16 * Communications, Inc. trademarks, including the mark "WHISTLE
17 * COMMUNICATIONS" on advertising, endorsements, or otherwise except as
18 * such appears in the above copyright notice or in the software.
19 *
20 * THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND
21 * TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO
22 * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE,
23 * INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF
24 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
25 * WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANTEE, OR MAKE ANY
26 * REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS
27 * SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE.
28 * IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES
29 * RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING
30 * WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
31 * PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR
32 * SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY
33 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35 * THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY
36 * OF SUCH DAMAGE.
37 *
38 * Author: Julian Elischer <julian@freebsd.org>
39 * $Whistle: ng_lmi.c,v 1.38 1999/11/01 09:24:52 julian Exp $
40 */
41
42 /*
43 * This node performs the frame relay LMI protocol. It knows how
44 * to do ITU Annex A, ANSI Annex D, and "Group-of-Four" variants
45 * of the protocol.
46 *
47 * A specific protocol can be forced by connecting the corresponding
48 * hook to DLCI 0 or 1023 (as appropriate) of a frame relay link.
49 *
50 * Alternately, this node can do auto-detection of the LMI protocol
51 * by connecting hook "auto0" to DLCI 0 and "auto1023" to DLCI 1023.
52 */
53
54 #include <sys/param.h>
55 #include <sys/systm.h>
56 #include <sys/errno.h>
57 #include <sys/kernel.h>
58 #include <sys/malloc.h>
59 #include <sys/mbuf.h>
60 #include <sys/syslog.h>
61 #include <netgraph/ng_message.h>
62 #include <netgraph/netgraph.h>
63 #include <netgraph/ng_lmi.h>
64
65 /*
66 * Human readable names for LMI
67 */
68 #define NAME_ANNEXA NG_LMI_HOOK_ANNEXA
69 #define NAME_ANNEXD NG_LMI_HOOK_ANNEXD
70 #define NAME_GROUP4 NG_LMI_HOOK_GROUPOF4
71 #define NAME_NONE "None"
72
73 #define MAX_DLCIS 128
74 #define MAXDLCI 1023
75
76 /*
77 * DLCI states
78 */
79 #define DLCI_NULL 0
80 #define DLCI_UP 1
81 #define DLCI_DOWN 2
82
83 /*
84 * Any received LMI frame should be at least this long
85 */
86 #define LMI_MIN_LENGTH 8 /* XXX verify */
87
88 /*
89 * Netgraph node methods and type descriptor
90 */
91 static ng_constructor_t nglmi_constructor;
92 static ng_rcvmsg_t nglmi_rcvmsg;
93 static ng_shutdown_t nglmi_shutdown;
94 static ng_newhook_t nglmi_newhook;
95 static ng_rcvdata_t nglmi_rcvdata;
96 static ng_disconnect_t nglmi_disconnect;
97 static int nglmi_checkdata(hook_p hook, struct mbuf *m);
98
99 static struct ng_type typestruct = {
100 .version = NG_ABI_VERSION,
101 .name = NG_LMI_NODE_TYPE,
102 .constructor = nglmi_constructor,
103 .rcvmsg = nglmi_rcvmsg,
104 .shutdown = nglmi_shutdown,
105 .newhook = nglmi_newhook,
106 .rcvdata = nglmi_rcvdata,
107 .disconnect = nglmi_disconnect,
108 };
109 NETGRAPH_INIT(lmi, &typestruct);
110
111 /*
112 * Info and status per node
113 */
114 struct nglmi_softc {
115 node_p node; /* netgraph node */
116 int flags; /* state */
117 int poll_count; /* the count of times for autolmi */
118 int poll_state; /* state of auto detect machine */
119 u_char remote_seq; /* sequence number the remote sent */
120 u_char local_seq; /* last sequence number we sent */
121 u_char protoID; /* 9 for group of 4, 8 otherwise */
122 u_long seq_retries; /* sent this how many time so far */
123 struct callout handle; /* see timeout(9) */
124 int liv_per_full;
125 int liv_rate;
126 int livs;
127 int need_full;
128 hook_p lmi_channel; /* whatever we ended up using */
129 hook_p lmi_annexA;
130 hook_p lmi_annexD;
131 hook_p lmi_group4;
132 hook_p lmi_channel0; /* auto-detect on DLCI 0 */
133 hook_p lmi_channel1023;/* auto-detect on DLCI 1023 */
134 char *protoname; /* cache protocol name */
135 u_char dlci_state[MAXDLCI + 1];
136 int invalidx; /* next dlci's to invalidate */
137 };
138 typedef struct nglmi_softc *sc_p;
139
140 /*
141 * Other internal functions
142 */
143 static void LMI_ticker(node_p node, hook_p hook, void *arg1, int arg2);
144 static void nglmi_startup_fixed(sc_p sc, hook_p hook);
145 static void nglmi_startup_auto(sc_p sc);
146 static void nglmi_startup(sc_p sc);
147 static void nglmi_inquire(sc_p sc, int full);
148 static void ngauto_state_machine(sc_p sc);
149
150 /*
151 * Values for 'flags' field
152 * NB: the SCF_CONNECTED flag is set if and only if the timer is running.
153 */
154 #define SCF_CONNECTED 0x01 /* connected to something */
155 #define SCF_AUTO 0x02 /* we are auto-detecting */
156 #define SCF_FIXED 0x04 /* we are fixed from the start */
157
158 #define SCF_LMITYPE 0x18 /* mask for determining Annex mode */
159 #define SCF_NOLMI 0x00 /* no LMI type selected yet */
160 #define SCF_ANNEX_A 0x08 /* running annex A mode */
161 #define SCF_ANNEX_D 0x10 /* running annex D mode */
162 #define SCF_GROUP4 0x18 /* running group of 4 */
163
164 #define SETLMITYPE(sc, annex) \
165 do { \
166 (sc)->flags &= ~SCF_LMITYPE; \
167 (sc)->flags |= (annex); \
168 } while (0)
169
170 #define NOPROTO(sc) (((sc)->flags & SCF_LMITYPE) == SCF_NOLMI)
171 #define ANNEXA(sc) (((sc)->flags & SCF_LMITYPE) == SCF_ANNEX_A)
172 #define ANNEXD(sc) (((sc)->flags & SCF_LMITYPE) == SCF_ANNEX_D)
173 #define GROUP4(sc) (((sc)->flags & SCF_LMITYPE) == SCF_GROUP4)
174
175 #define LMIPOLLSIZE 3
176 #define LMI_PATIENCE 8 /* declare all DLCI DOWN after N LMI failures */
177
178 /*
179 * Node constructor
180 */
181 static int
nglmi_constructor(node_p node)182 nglmi_constructor(node_p node)
183 {
184 sc_p sc;
185
186 sc = malloc(sizeof(*sc), M_NETGRAPH, M_WAITOK | M_ZERO);
187
188 NG_NODE_SET_PRIVATE(node, sc);
189 sc->node = node;
190
191 ng_callout_init(&sc->handle);
192 sc->protoname = NAME_NONE;
193 sc->liv_per_full = NG_LMI_SEQ_PER_FULL; /* make this dynamic */
194 sc->liv_rate = NG_LMI_KEEPALIVE_RATE;
195 return (0);
196 }
197
198 /*
199 * The LMI channel has a private pointer which is the same as the
200 * node private pointer. The debug channel has a NULL private pointer.
201 */
202 static int
nglmi_newhook(node_p node,hook_p hook,const char * name)203 nglmi_newhook(node_p node, hook_p hook, const char *name)
204 {
205 sc_p sc = NG_NODE_PRIVATE(node);
206
207 if (strcmp(name, NG_LMI_HOOK_DEBUG) == 0) {
208 NG_HOOK_SET_PRIVATE(hook, NULL);
209 return (0);
210 }
211 if (sc->flags & SCF_CONNECTED) {
212 /* already connected, return an error */
213 return (EINVAL);
214 }
215 if (strcmp(name, NG_LMI_HOOK_ANNEXA) == 0) {
216 sc->lmi_annexA = hook;
217 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node));
218 sc->protoID = 8;
219 SETLMITYPE(sc, SCF_ANNEX_A);
220 sc->protoname = NAME_ANNEXA;
221 nglmi_startup_fixed(sc, hook);
222 } else if (strcmp(name, NG_LMI_HOOK_ANNEXD) == 0) {
223 sc->lmi_annexD = hook;
224 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node));
225 sc->protoID = 8;
226 SETLMITYPE(sc, SCF_ANNEX_D);
227 sc->protoname = NAME_ANNEXD;
228 nglmi_startup_fixed(sc, hook);
229 } else if (strcmp(name, NG_LMI_HOOK_GROUPOF4) == 0) {
230 sc->lmi_group4 = hook;
231 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node));
232 sc->protoID = 9;
233 SETLMITYPE(sc, SCF_GROUP4);
234 sc->protoname = NAME_GROUP4;
235 nglmi_startup_fixed(sc, hook);
236 } else if (strcmp(name, NG_LMI_HOOK_AUTO0) == 0) {
237 /* Note this, and if B is already installed, we're complete */
238 sc->lmi_channel0 = hook;
239 sc->protoname = NAME_NONE;
240 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node));
241 if (sc->lmi_channel1023)
242 nglmi_startup_auto(sc);
243 } else if (strcmp(name, NG_LMI_HOOK_AUTO1023) == 0) {
244 /* Note this, and if A is already installed, we're complete */
245 sc->lmi_channel1023 = hook;
246 sc->protoname = NAME_NONE;
247 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node));
248 if (sc->lmi_channel0)
249 nglmi_startup_auto(sc);
250 } else
251 return (EINVAL); /* unknown hook */
252 return (0);
253 }
254
255 /*
256 * We have just attached to a live (we hope) node.
257 * Fire out a LMI inquiry, and then start up the timers.
258 */
259 static void
LMI_ticker(node_p node,hook_p hook,void * arg1,int arg2)260 LMI_ticker(node_p node, hook_p hook, void *arg1, int arg2)
261 {
262 sc_p sc = NG_NODE_PRIVATE(node);
263
264 if (sc->flags & SCF_AUTO) {
265 ngauto_state_machine(sc);
266 ng_callout(&sc->handle, node, NULL, NG_LMI_POLL_RATE * hz,
267 LMI_ticker, NULL, 0);
268 } else {
269 if (sc->livs++ >= sc->liv_per_full) {
270 nglmi_inquire(sc, 1);
271 /* sc->livs = 0; *//* do this when we get the answer! */
272 } else {
273 nglmi_inquire(sc, 0);
274 }
275 ng_callout(&sc->handle, node, NULL, sc->liv_rate * hz,
276 LMI_ticker, NULL, 0);
277 }
278 }
279
280 static void
nglmi_startup_fixed(sc_p sc,hook_p hook)281 nglmi_startup_fixed(sc_p sc, hook_p hook)
282 {
283 sc->flags |= (SCF_FIXED | SCF_CONNECTED);
284 sc->lmi_channel = hook;
285 nglmi_startup(sc);
286 }
287
288 static void
nglmi_startup_auto(sc_p sc)289 nglmi_startup_auto(sc_p sc)
290 {
291 sc->flags |= (SCF_AUTO | SCF_CONNECTED);
292 sc->poll_state = 0; /* reset state machine */
293 sc->poll_count = 0;
294 nglmi_startup(sc);
295 }
296
297 static void
nglmi_startup(sc_p sc)298 nglmi_startup(sc_p sc)
299 {
300 sc->remote_seq = 0;
301 sc->local_seq = 1;
302 sc->seq_retries = 0;
303 sc->livs = sc->liv_per_full - 1;
304 /* start off the ticker in 1 sec */
305 ng_callout(&sc->handle, sc->node, NULL, hz, LMI_ticker, NULL, 0);
306 }
307
308 static void
nglmi_inquire(sc_p sc,int full)309 nglmi_inquire(sc_p sc, int full)
310 {
311 struct mbuf *m;
312 struct ng_tag_prio *ptag;
313 char *cptr, *start;
314 int error;
315
316 if (sc->lmi_channel == NULL)
317 return;
318 MGETHDR(m, M_NOWAIT, MT_DATA);
319 if (m == NULL) {
320 log(LOG_ERR, "nglmi: unable to start up LMI processing\n");
321 return;
322 }
323 m->m_pkthdr.rcvif = NULL;
324
325 /* Attach a tag to packet, marking it of link level state priority, so
326 * that device driver would put it in the beginning of queue */
327
328 ptag = (struct ng_tag_prio *)m_tag_alloc(NGM_GENERIC_COOKIE, NG_TAG_PRIO,
329 (sizeof(struct ng_tag_prio) - sizeof(struct m_tag)), M_NOWAIT);
330 if (ptag != NULL) { /* if it failed, well, it was optional anyhow */
331 ptag->priority = NG_PRIO_LINKSTATE;
332 ptag->discardability = -1;
333 m_tag_prepend(m, &ptag->tag);
334 }
335
336 m->m_data += 4; /* leave some room for a header */
337 cptr = start = mtod(m, char *);
338 /* add in the header for an LMI inquiry. */
339 *cptr++ = 0x03; /* UI frame */
340 if (GROUP4(sc))
341 *cptr++ = 0x09; /* proto discriminator */
342 else
343 *cptr++ = 0x08; /* proto discriminator */
344 *cptr++ = 0x00; /* call reference */
345 *cptr++ = 0x75; /* inquiry */
346
347 /* If we are Annex-D, add locking shift to codeset 5. */
348 if (ANNEXD(sc))
349 *cptr++ = 0x95; /* locking shift */
350 /* Add a request type */
351 if (ANNEXA(sc))
352 *cptr++ = 0x51; /* report type */
353 else
354 *cptr++ = 0x01; /* report type */
355 *cptr++ = 0x01; /* size = 1 */
356 if (full)
357 *cptr++ = 0x00; /* full */
358 else
359 *cptr++ = 0x01; /* partial */
360
361 /* Add a link verification IE */
362 if (ANNEXA(sc))
363 *cptr++ = 0x53; /* verification IE */
364 else
365 *cptr++ = 0x03; /* verification IE */
366 *cptr++ = 0x02; /* 2 extra bytes */
367 *cptr++ = sc->local_seq;
368 *cptr++ = sc->remote_seq;
369 sc->seq_retries++;
370
371 /* Send it */
372 m->m_len = m->m_pkthdr.len = cptr - start;
373 NG_SEND_DATA_ONLY(error, sc->lmi_channel, m);
374
375 /* If we've been sending requests for long enough, and there has
376 * been no response, then mark as DOWN, any DLCIs that are UP. */
377 if (sc->seq_retries == LMI_PATIENCE) {
378 int count;
379
380 for (count = 0; count < MAXDLCI; count++)
381 if (sc->dlci_state[count] == DLCI_UP)
382 sc->dlci_state[count] = DLCI_DOWN;
383 }
384 }
385
386 /*
387 * State machine for LMI auto-detect. The transitions are ordered
388 * to try the more likely possibilities first.
389 */
390 static void
ngauto_state_machine(sc_p sc)391 ngauto_state_machine(sc_p sc)
392 {
393 if ((sc->poll_count <= 0) || (sc->poll_count > LMIPOLLSIZE)) {
394 /* time to change states in the auto probe machine */
395 /* capture wild values of poll_count while we are at it */
396 sc->poll_count = LMIPOLLSIZE;
397 sc->poll_state++;
398 }
399 switch (sc->poll_state) {
400 case 7:
401 log(LOG_WARNING, "nglmi: no response from exchange\n");
402 default: /* capture bad states */
403 sc->poll_state = 1;
404 case 1:
405 sc->lmi_channel = sc->lmi_channel0;
406 SETLMITYPE(sc, SCF_ANNEX_D);
407 break;
408 case 2:
409 sc->lmi_channel = sc->lmi_channel1023;
410 SETLMITYPE(sc, SCF_ANNEX_D);
411 break;
412 case 3:
413 sc->lmi_channel = sc->lmi_channel0;
414 SETLMITYPE(sc, SCF_ANNEX_A);
415 break;
416 case 4:
417 sc->lmi_channel = sc->lmi_channel1023;
418 SETLMITYPE(sc, SCF_GROUP4);
419 break;
420 case 5:
421 sc->lmi_channel = sc->lmi_channel1023;
422 SETLMITYPE(sc, SCF_ANNEX_A);
423 break;
424 case 6:
425 sc->lmi_channel = sc->lmi_channel0;
426 SETLMITYPE(sc, SCF_GROUP4);
427 break;
428 }
429
430 /* send an inquirey encoded appropriately */
431 nglmi_inquire(sc, 0);
432 sc->poll_count--;
433 }
434
435 /*
436 * Receive a netgraph control message.
437 */
438 static int
nglmi_rcvmsg(node_p node,item_p item,hook_p lasthook)439 nglmi_rcvmsg(node_p node, item_p item, hook_p lasthook)
440 {
441 sc_p sc = NG_NODE_PRIVATE(node);
442 struct ng_mesg *resp = NULL;
443 int error = 0;
444 struct ng_mesg *msg;
445
446 NGI_GET_MSG(item, msg);
447 switch (msg->header.typecookie) {
448 case NGM_GENERIC_COOKIE:
449 switch (msg->header.cmd) {
450 case NGM_TEXT_STATUS:
451 {
452 char *arg;
453 int pos, count;
454
455 NG_MKRESPONSE(resp, msg, NG_TEXTRESPONSE, M_NOWAIT);
456 if (resp == NULL) {
457 error = ENOMEM;
458 break;
459 }
460 arg = resp->data;
461 pos = sprintf(arg, "protocol %s ", sc->protoname);
462 if (sc->flags & SCF_FIXED)
463 pos += sprintf(arg + pos, "fixed\n");
464 else if (sc->flags & SCF_AUTO)
465 pos += sprintf(arg + pos, "auto-detecting\n");
466 else
467 pos += sprintf(arg + pos, "auto on dlci %d\n",
468 (sc->lmi_channel == sc->lmi_channel0) ?
469 0 : 1023);
470 pos += sprintf(arg + pos,
471 "keepalive period: %d seconds\n", sc->liv_rate);
472 pos += sprintf(arg + pos,
473 "unacknowledged keepalives: %ld\n",
474 sc->seq_retries);
475 for (count = 0;
476 ((count <= MAXDLCI)
477 && (pos < (NG_TEXTRESPONSE - 20)));
478 count++) {
479 if (sc->dlci_state[count]) {
480 pos += sprintf(arg + pos,
481 "dlci %d %s\n", count,
482 (sc->dlci_state[count]
483 == DLCI_UP) ? "up" : "down");
484 }
485 }
486 resp->header.arglen = pos + 1;
487 break;
488 }
489 default:
490 error = EINVAL;
491 break;
492 }
493 break;
494 case NGM_LMI_COOKIE:
495 switch (msg->header.cmd) {
496 case NGM_LMI_GET_STATUS:
497 {
498 struct nglmistat *stat;
499 int k;
500
501 NG_MKRESPONSE(resp, msg, sizeof(*stat), M_NOWAIT);
502 if (!resp) {
503 error = ENOMEM;
504 break;
505 }
506 stat = (struct nglmistat *) resp->data;
507 strncpy(stat->proto,
508 sc->protoname, sizeof(stat->proto) - 1);
509 strncpy(stat->hook,
510 sc->protoname, sizeof(stat->hook) - 1);
511 stat->autod = !!(sc->flags & SCF_AUTO);
512 stat->fixed = !!(sc->flags & SCF_FIXED);
513 for (k = 0; k <= MAXDLCI; k++) {
514 switch (sc->dlci_state[k]) {
515 case DLCI_UP:
516 stat->up[k / 8] |= (1 << (k % 8));
517 /* fall through */
518 case DLCI_DOWN:
519 stat->seen[k / 8] |= (1 << (k % 8));
520 break;
521 }
522 }
523 break;
524 }
525 default:
526 error = EINVAL;
527 break;
528 }
529 break;
530 default:
531 error = EINVAL;
532 break;
533 }
534
535 NG_RESPOND_MSG(error, node, item, resp);
536 NG_FREE_MSG(msg);
537 return (error);
538 }
539
540 #define STEPBY(stepsize) \
541 do { \
542 packetlen -= (stepsize); \
543 data += (stepsize); \
544 } while (0)
545
546 /*
547 * receive data, and use it to update our status.
548 * Anything coming in on the debug port is discarded.
549 */
550 static int
nglmi_rcvdata(hook_p hook,item_p item)551 nglmi_rcvdata(hook_p hook, item_p item)
552 {
553 sc_p sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
554 const u_char *data;
555 unsigned short dlci;
556 u_short packetlen;
557 int resptype_seen = 0;
558 struct mbuf *m;
559
560 NGI_GET_M(item, m);
561 NG_FREE_ITEM(item);
562 if (NG_HOOK_PRIVATE(hook) == NULL) {
563 goto drop;
564 }
565 packetlen = m->m_len;
566
567 /* XXX what if it's more than 1 mbuf? */
568 if ((packetlen > MHLEN) && !(m->m_flags & M_EXT)) {
569 log(LOG_WARNING, "nglmi: packetlen (%d) too big\n", packetlen);
570 goto drop;
571 }
572 if (m->m_len < packetlen && (m = m_pullup(m, packetlen)) == NULL) {
573 log(LOG_WARNING,
574 "nglmi: m_pullup failed for %d bytes\n", packetlen);
575 return (0);
576 }
577 if (nglmi_checkdata(hook, m) == 0)
578 return (0);
579
580 /* pass the first 4 bytes (already checked in the nglmi_checkdata()) */
581 data = mtod(m, const u_char *);
582 STEPBY(4);
583
584 /* Now check if there is a 'locking shift'. This is only seen in
585 * Annex D frames. don't bother checking, we already did that. Don't
586 * increment immediately as it might not be there. */
587 if (ANNEXD(sc))
588 STEPBY(1);
589
590 /* If we get this far we should consider that it is a legitimate
591 * frame and we know what it is. */
592 if (sc->flags & SCF_AUTO) {
593 /* note the hook that this valid channel came from and drop
594 * out of auto probe mode. */
595 if (ANNEXA(sc))
596 sc->protoname = NAME_ANNEXA;
597 else if (ANNEXD(sc))
598 sc->protoname = NAME_ANNEXD;
599 else if (GROUP4(sc))
600 sc->protoname = NAME_GROUP4;
601 else {
602 log(LOG_ERR, "nglmi: No known type\n");
603 goto drop;
604 }
605 sc->lmi_channel = hook;
606 sc->flags &= ~SCF_AUTO;
607 log(LOG_INFO, "nglmi: auto-detected %s LMI on DLCI %d\n",
608 sc->protoname, hook == sc->lmi_channel0 ? 0 : 1023);
609 }
610
611 /* While there is more data in the status packet, keep processing
612 * status items. First make sure there is enough data for the
613 * segment descriptor's length field. */
614 while (packetlen >= 2) {
615 u_int segtype = data[0];
616 u_int segsize = data[1];
617
618 /* Now that we know how long it claims to be, make sure
619 * there is enough data for the next seg. */
620 if (packetlen < segsize + 2)
621 break;
622 switch (segtype) {
623 case 0x01:
624 case 0x51:
625 if (resptype_seen) {
626 log(LOG_WARNING, "nglmi: dup MSGTYPE\n");
627 goto nextIE;
628 }
629 resptype_seen++;
630 /* The remote end tells us what kind of response
631 * this is. Only expect a type 0 or 1. if we are a
632 * full status, invalidate a few DLCIs just to see
633 * that they are still ok. */
634 if (segsize != 1)
635 goto nextIE;
636 switch (data[2]) {
637 case 1:
638 /* partial status, do no extra processing */
639 break;
640 case 0:
641 {
642 int count = 0;
643 int idx = sc->invalidx;
644
645 for (count = 0; count < 10; count++) {
646 if (idx > MAXDLCI)
647 idx = 0;
648 if (sc->dlci_state[idx] == DLCI_UP)
649 sc->dlci_state[idx] = DLCI_DOWN;
650 idx++;
651 }
652 sc->invalidx = idx;
653 /* we got and we wanted one. relax
654 * now.. but don't reset to 0 if it
655 * was unrequested. */
656 if (sc->livs > sc->liv_per_full)
657 sc->livs = 0;
658 break;
659 }
660 }
661 break;
662 case 0x03:
663 case 0x53:
664 /* The remote tells us what it thinks the sequence
665 * numbers are. If it's not size 2, it must be a
666 * duplicate to have gotten this far, skip it. */
667 if (segsize != 2)
668 goto nextIE;
669 sc->remote_seq = data[2];
670 if (sc->local_seq == data[3]) {
671 sc->local_seq++;
672 sc->seq_retries = 0;
673 /* Note that all 3 Frame protocols seem to
674 * not like 0 as a sequence number. */
675 if (sc->local_seq == 0)
676 sc->local_seq = 1;
677 }
678 break;
679 case 0x07:
680 case 0x57:
681 /* The remote tells us about a DLCI that it knows
682 * about. There may be many of these in a single
683 * status response */
684 switch (segsize) {
685 case 6:/* only on 'group of 4' */
686 dlci = ((u_short) data[2] & 0xff) << 8;
687 dlci |= (data[3] & 0xff);
688 if ((dlci < 1024) && (dlci > 0)) {
689 /* XXX */
690 }
691 break;
692 case 3:
693 dlci = ((u_short) data[2] & 0x3f) << 4;
694 dlci |= ((data[3] & 0x78) >> 3);
695 if ((dlci < 1024) && (dlci > 0)) {
696 /* set up the bottom half of the
697 * support for that dlci if it's not
698 * already been done */
699 /* store this information somewhere */
700 }
701 break;
702 default:
703 goto nextIE;
704 }
705 if (sc->dlci_state[dlci] != DLCI_UP) {
706 /* bring new DLCI to life */
707 /* may do more here some day */
708 if (sc->dlci_state[dlci] != DLCI_DOWN)
709 log(LOG_INFO,
710 "nglmi: DLCI %d became active\n",
711 dlci);
712 sc->dlci_state[dlci] = DLCI_UP;
713 }
714 break;
715 }
716 nextIE:
717 STEPBY(segsize + 2);
718 }
719 NG_FREE_M(m);
720 return (0);
721
722 drop:
723 NG_FREE_M(m);
724 return (EINVAL);
725 }
726
727 /*
728 * Check that a packet is entirely kosha.
729 * return 1 of ok, and 0 if not.
730 * All data is discarded if a 0 is returned.
731 */
732 static int
nglmi_checkdata(hook_p hook,struct mbuf * m)733 nglmi_checkdata(hook_p hook, struct mbuf *m)
734 {
735 sc_p sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
736 const u_char *data;
737 u_short packetlen;
738 unsigned short dlci;
739 u_char type;
740 u_char nextbyte;
741 int seq_seen = 0;
742 int resptype_seen = 0; /* 0 , 1 (partial) or 2 (full) */
743 #if 0
744 int highest_dlci = 0;
745 #endif
746
747 packetlen = m->m_len;
748 data = mtod(m, const u_char *);
749 if (*data != 0x03) {
750 log(LOG_WARNING, "nglmi: unexpected value in LMI(%d)\n", 1);
751 goto reject;
752 }
753 STEPBY(1);
754
755 /* look at the protocol ID */
756 nextbyte = *data;
757 if (sc->flags & SCF_AUTO) {
758 SETLMITYPE(sc, SCF_NOLMI); /* start with a clean slate */
759 switch (nextbyte) {
760 case 0x8:
761 sc->protoID = 8;
762 break;
763 case 0x9:
764 SETLMITYPE(sc, SCF_GROUP4);
765 sc->protoID = 9;
766 break;
767 default:
768 log(LOG_WARNING, "nglmi: bad Protocol ID(%d)\n",
769 (int) nextbyte);
770 goto reject;
771 }
772 } else {
773 if (nextbyte != sc->protoID) {
774 log(LOG_WARNING, "nglmi: unexpected Protocol ID(%d)\n",
775 (int) nextbyte);
776 goto reject;
777 }
778 }
779 STEPBY(1);
780
781 /* check call reference (always null in non ISDN frame relay) */
782 if (*data != 0x00) {
783 log(LOG_WARNING, "nglmi: unexpected Call Reference (0x%x)\n",
784 data[-1]);
785 goto reject;
786 }
787 STEPBY(1);
788
789 /* check message type */
790 switch ((type = *data)) {
791 case 0x75: /* Status enquiry */
792 log(LOG_WARNING, "nglmi: unexpected message type(0x%x)\n",
793 data[-1]);
794 goto reject;
795 case 0x7D: /* Status message */
796 break;
797 default:
798 log(LOG_WARNING,
799 "nglmi: unexpected msg type(0x%x) \n", (int) type);
800 goto reject;
801 }
802 STEPBY(1);
803
804 /* Now check if there is a 'locking shift'. This is only seen in
805 * Annex D frames. Don't increment immediately as it might not be
806 * there. */
807 nextbyte = *data;
808 if (sc->flags & SCF_AUTO) {
809 if (!(GROUP4(sc))) {
810 if (nextbyte == 0x95) {
811 SETLMITYPE(sc, SCF_ANNEX_D);
812 STEPBY(1);
813 } else
814 SETLMITYPE(sc, SCF_ANNEX_A);
815 } else if (nextbyte == 0x95) {
816 log(LOG_WARNING, "nglmi: locking shift seen in G4\n");
817 goto reject;
818 }
819 } else {
820 if (ANNEXD(sc)) {
821 if (*data == 0x95)
822 STEPBY(1);
823 else {
824 log(LOG_WARNING,
825 "nglmi: locking shift missing\n");
826 goto reject;
827 }
828 } else if (*data == 0x95) {
829 log(LOG_WARNING, "nglmi: locking shift seen\n");
830 goto reject;
831 }
832 }
833
834 /* While there is more data in the status packet, keep processing
835 * status items. First make sure there is enough data for the
836 * segment descriptor's length field. */
837 while (packetlen >= 2) {
838 u_int segtype = data[0];
839 u_int segsize = data[1];
840
841 /* Now that we know how long it claims to be, make sure
842 * there is enough data for the next seg. */
843 if (packetlen < (segsize + 2)) {
844 log(LOG_WARNING, "nglmi: IE longer than packet\n");
845 break;
846 }
847 switch (segtype) {
848 case 0x01:
849 case 0x51:
850 /* According to MCI's HP analyser, we should just
851 * ignore if there is mor ethan one of these (?). */
852 if (resptype_seen) {
853 log(LOG_WARNING, "nglmi: dup MSGTYPE\n");
854 goto nextIE;
855 }
856 if (segsize != 1) {
857 log(LOG_WARNING, "nglmi: MSGTYPE wrong size\n");
858 goto reject;
859 }
860 /* The remote end tells us what kind of response
861 * this is. Only expect a type 0 or 1. if it was a
862 * full (type 0) check we just asked for a type
863 * full. */
864 switch (data[2]) {
865 case 1:/* partial */
866 if (sc->livs > sc->liv_per_full) {
867 log(LOG_WARNING,
868 "nglmi: LIV when FULL expected\n");
869 goto reject; /* need full */
870 }
871 resptype_seen = 1;
872 break;
873 case 0:/* full */
874 /* Full response is always acceptable */
875 resptype_seen = 2;
876 break;
877 default:
878 log(LOG_WARNING,
879 "nglmi: Unknown report type %d\n", data[2]);
880 goto reject;
881 }
882 break;
883 case 0x03:
884 case 0x53:
885 /* The remote tells us what it thinks the sequence
886 * numbers are. I would have thought that there
887 * needs to be one and only one of these, but MCI
888 * want us to just ignore extras. (?) */
889 if (resptype_seen == 0) {
890 log(LOG_WARNING, "nglmi: no TYPE before SEQ\n");
891 goto reject;
892 }
893 if (seq_seen != 0) /* already seen seq numbers */
894 goto nextIE;
895 if (segsize != 2) {
896 log(LOG_WARNING, "nglmi: bad SEQ sts size\n");
897 goto reject;
898 }
899 if (sc->local_seq != data[3]) {
900 log(LOG_WARNING, "nglmi: unexpected SEQ\n");
901 goto reject;
902 }
903 seq_seen = 1;
904 break;
905 case 0x07:
906 case 0x57:
907 /* The remote tells us about a DLCI that it knows
908 * about. There may be many of these in a single
909 * status response */
910 if (seq_seen != 1) { /* already seen seq numbers? */
911 log(LOG_WARNING,
912 "nglmi: No sequence before DLCI\n");
913 goto reject;
914 }
915 if (resptype_seen != 2) { /* must be full */
916 log(LOG_WARNING,
917 "nglmi: No resp type before DLCI\n");
918 goto reject;
919 }
920 if (GROUP4(sc)) {
921 if (segsize != 6) {
922 log(LOG_WARNING,
923 "nglmi: wrong IE segsize\n");
924 goto reject;
925 }
926 dlci = ((u_short) data[2] & 0xff) << 8;
927 dlci |= (data[3] & 0xff);
928 } else {
929 if (segsize != 3) {
930 log(LOG_WARNING,
931 "nglmi: DLCI headersize of %d"
932 " not supported\n", segsize - 1);
933 goto reject;
934 }
935 dlci = ((u_short) data[2] & 0x3f) << 4;
936 dlci |= ((data[3] & 0x78) >> 3);
937 }
938 /* async can only have one of these */
939 #if 0 /* async not yet accepted */
940 if (async && highest_dlci) {
941 log(LOG_WARNING,
942 "nglmi: Async with > 1 DLCI\n");
943 goto reject;
944 }
945 #endif
946 /* Annex D says these will always be Ascending, but
947 * the HP test for G4 says we should accept
948 * duplicates, so for now allow that. ( <= vs. < ) */
949 #if 0
950 /* MCI tests want us to accept out of order for AnxD */
951 if ((!GROUP4(sc)) && (dlci < highest_dlci)) {
952 /* duplicate or mis-ordered dlci */
953 /* (spec says they will increase in number) */
954 log(LOG_WARNING, "nglmi: DLCI out of order\n");
955 goto reject;
956 }
957 #endif
958 if (dlci > 1023) {
959 log(LOG_WARNING, "nglmi: DLCI out of range\n");
960 goto reject;
961 }
962 #if 0
963 highest_dlci = dlci;
964 #endif
965 break;
966 default:
967 log(LOG_WARNING,
968 "nglmi: unknown LMI segment type %d\n", segtype);
969 }
970 nextIE:
971 STEPBY(segsize + 2);
972 }
973 if (packetlen != 0) { /* partial junk at end? */
974 log(LOG_WARNING,
975 "nglmi: %d bytes extra at end of packet\n", packetlen);
976 goto print;
977 }
978 if (resptype_seen == 0) {
979 log(LOG_WARNING, "nglmi: No response type seen\n");
980 goto reject; /* had no response type */
981 }
982 if (seq_seen == 0) {
983 log(LOG_WARNING, "nglmi: No sequence numbers seen\n");
984 goto reject; /* had no sequence numbers */
985 }
986 return (1);
987
988 print:
989 {
990 int i, j, k, pos;
991 char buf[100];
992 int loc;
993 const u_char *bp = mtod(m, const u_char *);
994
995 k = i = 0;
996 loc = (m->m_len - packetlen);
997 log(LOG_WARNING, "nglmi: error at location %d\n", loc);
998 while (k < m->m_len) {
999 pos = 0;
1000 j = 0;
1001 while ((j++ < 16) && k < m->m_len) {
1002 pos += sprintf(buf + pos, "%c%02x",
1003 ((loc == k) ? '>' : ' '),
1004 bp[k]);
1005 k++;
1006 }
1007 if (i == 0)
1008 log(LOG_WARNING, "nglmi: packet data:%s\n", buf);
1009 else
1010 log(LOG_WARNING, "%04d :%s\n", k, buf);
1011 i++;
1012 }
1013 }
1014 return (1);
1015 reject:
1016 {
1017 int i, j, k, pos;
1018 char buf[100];
1019 int loc;
1020 const u_char *bp = mtod(m, const u_char *);
1021
1022 k = i = 0;
1023 loc = (m->m_len - packetlen);
1024 log(LOG_WARNING, "nglmi: error at location %d\n", loc);
1025 while (k < m->m_len) {
1026 pos = 0;
1027 j = 0;
1028 while ((j++ < 16) && k < m->m_len) {
1029 pos += sprintf(buf + pos, "%c%02x",
1030 ((loc == k) ? '>' : ' '),
1031 bp[k]);
1032 k++;
1033 }
1034 if (i == 0)
1035 log(LOG_WARNING, "nglmi: packet data:%s\n", buf);
1036 else
1037 log(LOG_WARNING, "%04d :%s\n", k, buf);
1038 i++;
1039 }
1040 }
1041 NG_FREE_M(m);
1042 return (0);
1043 }
1044
1045 /*
1046 * Do local shutdown processing..
1047 * Cut any remaining links and free our local resources.
1048 */
1049 static int
nglmi_shutdown(node_p node)1050 nglmi_shutdown(node_p node)
1051 {
1052 const sc_p sc = NG_NODE_PRIVATE(node);
1053
1054 NG_NODE_SET_PRIVATE(node, NULL);
1055 NG_NODE_UNREF(sc->node);
1056 free(sc, M_NETGRAPH);
1057 return (0);
1058 }
1059
1060 /*
1061 * Hook disconnection
1062 * For this type, removal of any link except "debug" destroys the node.
1063 */
1064 static int
nglmi_disconnect(hook_p hook)1065 nglmi_disconnect(hook_p hook)
1066 {
1067 const sc_p sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
1068
1069 /* OK to remove debug hook(s) */
1070 if (NG_HOOK_PRIVATE(hook) == NULL)
1071 return (0);
1072
1073 /* Stop timer if it's currently active */
1074 if (sc->flags & SCF_CONNECTED)
1075 ng_uncallout(&sc->handle, sc->node);
1076
1077 /* Self-destruct */
1078 if (NG_NODE_IS_VALID(NG_HOOK_NODE(hook)))
1079 ng_rmnode_self(NG_HOOK_NODE(hook));
1080 return (0);
1081 }
1082