xref: /freebsd/usr.sbin/ppp/fsm.c (revision 5129159789cc9d7bc514e4546b88e3427695002d)
1 /*
2  *		PPP Finite State Machine for LCP/IPCP
3  *
4  *	    Written by Toshiharu OHNO (tony-o@iij.ad.jp)
5  *
6  *   Copyright (C) 1993, Internet Initiative Japan, Inc. All rights reserverd.
7  *
8  * Redistribution and use in source and binary forms are permitted
9  * provided that the above copyright notice and this paragraph are
10  * duplicated in all such forms and that any documentation,
11  * advertising materials, and other materials related to such
12  * distribution and use acknowledge that the software was developed
13  * by the Internet Initiative Japan, Inc.  The name of the
14  * IIJ may not be used to endorse or promote products derived
15  * from this software without specific prior written permission.
16  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
17  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
18  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
19  *
20  * $FreeBSD$
21  *
22  *  TODO:
23  */
24 
25 #include <sys/param.h>
26 #include <netinet/in.h>
27 #include <netinet/in_systm.h>
28 #include <netinet/ip.h>
29 #include <sys/un.h>
30 
31 #include <string.h>
32 #include <termios.h>
33 
34 #include "layer.h"
35 #include "ua.h"
36 #include "mbuf.h"
37 #include "log.h"
38 #include "defs.h"
39 #include "timer.h"
40 #include "fsm.h"
41 #include "iplist.h"
42 #include "lqr.h"
43 #include "hdlc.h"
44 #include "throughput.h"
45 #include "slcompress.h"
46 #include "ipcp.h"
47 #include "filter.h"
48 #include "descriptor.h"
49 #include "lcp.h"
50 #include "ccp.h"
51 #include "link.h"
52 #include "mp.h"
53 #ifndef NORADIUS
54 #include "radius.h"
55 #endif
56 #include "bundle.h"
57 #include "async.h"
58 #include "physical.h"
59 #include "proto.h"
60 
61 static void FsmSendConfigReq(struct fsm *);
62 static void FsmSendTerminateReq(struct fsm *);
63 static void FsmInitRestartCounter(struct fsm *, int);
64 
65 typedef void (recvfn)(struct fsm *, struct fsmheader *, struct mbuf *);
66 static recvfn FsmRecvConfigReq, FsmRecvConfigAck, FsmRecvConfigNak,
67               FsmRecvConfigRej, FsmRecvTermReq, FsmRecvTermAck,
68               FsmRecvCodeRej, FsmRecvProtoRej, FsmRecvEchoReq,
69               FsmRecvEchoRep, FsmRecvDiscReq, FsmRecvIdent,
70               FsmRecvTimeRemain, FsmRecvResetReq, FsmRecvResetAck;
71 
72 static const struct fsmcodedesc {
73   recvfn *recv;
74   unsigned check_reqid : 1;
75   unsigned inc_reqid : 1;
76   const char *name;
77 } FsmCodes[] = {
78   { FsmRecvConfigReq, 0, 0, "ConfigReq"    },
79   { FsmRecvConfigAck, 1, 1, "ConfigAck"    },
80   { FsmRecvConfigNak, 1, 1, "ConfigNak"    },
81   { FsmRecvConfigRej, 1, 1, "ConfigRej"    },
82   { FsmRecvTermReq,   0, 0, "TerminateReq" },
83   { FsmRecvTermAck,   1, 1, "TerminateAck" },
84   { FsmRecvCodeRej,   0, 0, "CodeRej"      },
85   { FsmRecvProtoRej,  0, 0, "ProtocolRej"  },
86   { FsmRecvEchoReq,   0, 0, "EchoRequest"  },
87   { FsmRecvEchoRep,   0, 0, "EchoReply"    },
88   { FsmRecvDiscReq,   0, 0, "DiscardReq"   },
89   { FsmRecvIdent,     0, 0, "Ident"        },
90   { FsmRecvTimeRemain,0, 0, "TimeRemain"   },
91   { FsmRecvResetReq,  0, 0, "ResetReq"     },
92   { FsmRecvResetAck,  0, 1, "ResetAck"     }
93 };
94 
95 static const char *
96 Code2Nam(u_int code)
97 {
98   if (code == 0 || code > sizeof FsmCodes / sizeof FsmCodes[0])
99     return "Unknown";
100   return FsmCodes[code-1].name;
101 }
102 
103 const char *
104 State2Nam(u_int state)
105 {
106   static const char *StateNames[] = {
107     "Initial", "Starting", "Closed", "Stopped", "Closing", "Stopping",
108     "Req-Sent", "Ack-Rcvd", "Ack-Sent", "Opened",
109   };
110 
111   if (state >= sizeof StateNames / sizeof StateNames[0])
112     return "unknown";
113   return StateNames[state];
114 }
115 
116 static void
117 StoppedTimeout(void *v)
118 {
119   struct fsm *fp = (struct fsm *)v;
120 
121   log_Printf(fp->LogLevel, "%s: Stopped timer expired\n", fp->link->name);
122   if (fp->OpenTimer.state == TIMER_RUNNING) {
123     log_Printf(LogWARN, "%s: %s: aborting open delay due to stopped timer\n",
124               fp->link->name, fp->name);
125     timer_Stop(&fp->OpenTimer);
126   }
127   if (fp->state == ST_STOPPED)
128     fsm2initial(fp);
129 }
130 
131 void
132 fsm_Init(struct fsm *fp, const char *name, u_short proto, int mincode,
133          int maxcode, int LogLevel, struct bundle *bundle,
134          struct link *l, const struct fsm_parent *parent,
135          struct fsm_callbacks *fn, const char *timer_names[3])
136 {
137   fp->name = name;
138   fp->proto = proto;
139   fp->min_code = mincode;
140   fp->max_code = maxcode;
141   fp->state = fp->min_code > CODE_TERMACK ? ST_OPENED : ST_INITIAL;
142   fp->reqid = 1;
143   fp->restart = 1;
144   fp->more.reqs = fp->more.naks = fp->more.rejs = 3;
145   memset(&fp->FsmTimer, '\0', sizeof fp->FsmTimer);
146   memset(&fp->OpenTimer, '\0', sizeof fp->OpenTimer);
147   memset(&fp->StoppedTimer, '\0', sizeof fp->StoppedTimer);
148   fp->LogLevel = LogLevel;
149   fp->link = l;
150   fp->bundle = bundle;
151   fp->parent = parent;
152   fp->fn = fn;
153   fp->FsmTimer.name = timer_names[0];
154   fp->OpenTimer.name = timer_names[1];
155   fp->StoppedTimer.name = timer_names[2];
156 }
157 
158 static void
159 NewState(struct fsm *fp, int new)
160 {
161   log_Printf(fp->LogLevel, "%s: State change %s --> %s\n",
162 	    fp->link->name, State2Nam(fp->state), State2Nam(new));
163   if (fp->state == ST_STOPPED && fp->StoppedTimer.state == TIMER_RUNNING)
164     timer_Stop(&fp->StoppedTimer);
165   fp->state = new;
166   if ((new >= ST_INITIAL && new <= ST_STOPPED) || (new == ST_OPENED)) {
167     timer_Stop(&fp->FsmTimer);
168     if (new == ST_STOPPED && fp->StoppedTimer.load) {
169       timer_Stop(&fp->StoppedTimer);
170       fp->StoppedTimer.func = StoppedTimeout;
171       fp->StoppedTimer.arg = (void *) fp;
172       timer_Start(&fp->StoppedTimer);
173     }
174   }
175 }
176 
177 void
178 fsm_Output(struct fsm *fp, u_int code, u_int id, u_char *ptr, int count,
179            int mtype)
180 {
181   int plen;
182   struct fsmheader lh;
183   struct mbuf *bp;
184 
185   if (log_IsKept(fp->LogLevel)) {
186     log_Printf(fp->LogLevel, "%s: Send%s(%d) state = %s\n",
187               fp->link->name, Code2Nam(code), id, State2Nam(fp->state));
188     switch (code) {
189       case CODE_CONFIGREQ:
190       case CODE_CONFIGACK:
191       case CODE_CONFIGREJ:
192       case CODE_CONFIGNAK:
193         (*fp->fn->DecodeConfig)(fp, ptr, count, MODE_NOP, NULL);
194         if (count < sizeof(struct fsmconfig))
195           log_Printf(fp->LogLevel, "  [EMPTY]\n");
196         break;
197     }
198   }
199 
200   plen = sizeof(struct fsmheader) + count;
201   lh.code = code;
202   lh.id = id;
203   lh.length = htons(plen);
204   bp = m_get(plen, mtype);
205   memcpy(MBUF_CTOP(bp), &lh, sizeof(struct fsmheader));
206   if (count)
207     memcpy(MBUF_CTOP(bp) + sizeof(struct fsmheader), ptr, count);
208   log_DumpBp(LogDEBUG, "fsm_Output", bp);
209   link_PushPacket(fp->link, bp, fp->bundle, LINK_QUEUES(fp->link) - 1,
210                   fp->proto);
211 }
212 
213 static void
214 FsmOpenNow(void *v)
215 {
216   struct fsm *fp = (struct fsm *)v;
217 
218   timer_Stop(&fp->OpenTimer);
219   if (fp->state <= ST_STOPPED) {
220     if (fp->state != ST_STARTING) {
221       /*
222        * In practice, we're only here in ST_STOPPED (when delaying the
223        * first config request) or ST_CLOSED (when openmode == 0).
224        *
225        * The ST_STOPPED bit is breaking the RFC already :-(
226        *
227        * According to the RFC (1661) state transition table, a TLS isn't
228        * required for an Open event when state == Closed, but the RFC
229        * must be wrong as TLS hasn't yet been called (since the last TLF)
230        * ie, Initial gets an `Up' event, Closing gets a RTA etc.
231        */
232       (*fp->fn->LayerStart)(fp);
233       (*fp->parent->LayerStart)(fp->parent->object, fp);
234     }
235     FsmInitRestartCounter(fp, FSM_REQ_TIMER);
236     FsmSendConfigReq(fp);
237     NewState(fp, ST_REQSENT);
238   }
239 }
240 
241 void
242 fsm_Open(struct fsm *fp)
243 {
244   switch (fp->state) {
245   case ST_INITIAL:
246     NewState(fp, ST_STARTING);
247     (*fp->fn->LayerStart)(fp);
248     (*fp->parent->LayerStart)(fp->parent->object, fp);
249     break;
250   case ST_CLOSED:
251     if (fp->open_mode == OPEN_PASSIVE) {
252       NewState(fp, ST_STOPPED);		/* XXX: This is a hack ! */
253     } else if (fp->open_mode > 0) {
254       if (fp->open_mode > 1)
255         log_Printf(LogPHASE, "%s: Entering STOPPED state for %d seconds\n",
256                   fp->link->name, fp->open_mode);
257       NewState(fp, ST_STOPPED);		/* XXX: This is a not-so-bad hack ! */
258       timer_Stop(&fp->OpenTimer);
259       fp->OpenTimer.load = fp->open_mode * SECTICKS;
260       fp->OpenTimer.func = FsmOpenNow;
261       fp->OpenTimer.arg = (void *)fp;
262       timer_Start(&fp->OpenTimer);
263     } else
264       FsmOpenNow(fp);
265     break;
266   case ST_STOPPED:		/* XXX: restart option */
267   case ST_REQSENT:
268   case ST_ACKRCVD:
269   case ST_ACKSENT:
270   case ST_OPENED:		/* XXX: restart option */
271     break;
272   case ST_CLOSING:		/* XXX: restart option */
273   case ST_STOPPING:		/* XXX: restart option */
274     NewState(fp, ST_STOPPING);
275     break;
276   }
277 }
278 
279 void
280 fsm_Up(struct fsm *fp)
281 {
282   switch (fp->state) {
283   case ST_INITIAL:
284     log_Printf(fp->LogLevel, "FSM: Using \"%s\" as a transport\n",
285               fp->link->name);
286     NewState(fp, ST_CLOSED);
287     break;
288   case ST_STARTING:
289     FsmInitRestartCounter(fp, FSM_REQ_TIMER);
290     FsmSendConfigReq(fp);
291     NewState(fp, ST_REQSENT);
292     break;
293   default:
294     log_Printf(fp->LogLevel, "%s: Oops, Up at %s\n",
295               fp->link->name, State2Nam(fp->state));
296     break;
297   }
298 }
299 
300 void
301 fsm_Down(struct fsm *fp)
302 {
303   switch (fp->state) {
304   case ST_CLOSED:
305     NewState(fp, ST_INITIAL);
306     break;
307   case ST_CLOSING:
308     /* This TLF contradicts the RFC (1661), which ``misses it out'' ! */
309     (*fp->fn->LayerFinish)(fp);
310     NewState(fp, ST_INITIAL);
311     (*fp->parent->LayerFinish)(fp->parent->object, fp);
312     break;
313   case ST_STOPPED:
314     NewState(fp, ST_STARTING);
315     (*fp->fn->LayerStart)(fp);
316     (*fp->parent->LayerStart)(fp->parent->object, fp);
317     break;
318   case ST_STOPPING:
319   case ST_REQSENT:
320   case ST_ACKRCVD:
321   case ST_ACKSENT:
322     NewState(fp, ST_STARTING);
323     break;
324   case ST_OPENED:
325     (*fp->fn->LayerDown)(fp);
326     NewState(fp, ST_STARTING);
327     (*fp->parent->LayerDown)(fp->parent->object, fp);
328     break;
329   }
330 }
331 
332 void
333 fsm_Close(struct fsm *fp)
334 {
335   switch (fp->state) {
336   case ST_STARTING:
337     (*fp->fn->LayerFinish)(fp);
338     NewState(fp, ST_INITIAL);
339     (*fp->parent->LayerFinish)(fp->parent->object, fp);
340     break;
341   case ST_STOPPED:
342     NewState(fp, ST_CLOSED);
343     break;
344   case ST_STOPPING:
345     NewState(fp, ST_CLOSING);
346     break;
347   case ST_OPENED:
348     (*fp->fn->LayerDown)(fp);
349     FsmInitRestartCounter(fp, FSM_TRM_TIMER);
350     FsmSendTerminateReq(fp);
351     NewState(fp, ST_CLOSING);
352     (*fp->parent->LayerDown)(fp->parent->object, fp);
353     break;
354   case ST_REQSENT:
355   case ST_ACKRCVD:
356   case ST_ACKSENT:
357     FsmInitRestartCounter(fp, FSM_TRM_TIMER);
358     FsmSendTerminateReq(fp);
359     NewState(fp, ST_CLOSING);
360     break;
361   }
362 }
363 
364 /*
365  *	Send functions
366  */
367 static void
368 FsmSendConfigReq(struct fsm *fp)
369 {
370   if (fp->more.reqs-- > 0 && fp->restart-- > 0) {
371     (*fp->fn->SendConfigReq)(fp);
372     timer_Start(&fp->FsmTimer);		/* Start restart timer */
373   } else {
374     if (fp->more.reqs < 0)
375       log_Printf(LogPHASE, "%s: Too many %s REQs sent - abandoning "
376                  "negotiation\n", fp->link->name, fp->name);
377     fsm_Close(fp);
378   }
379 }
380 
381 static void
382 FsmSendTerminateReq(struct fsm *fp)
383 {
384   fsm_Output(fp, CODE_TERMREQ, fp->reqid, NULL, 0, MB_UNKNOWN);
385   (*fp->fn->SentTerminateReq)(fp);
386   timer_Start(&fp->FsmTimer);	/* Start restart timer */
387   fp->restart--;		/* Decrement restart counter */
388 }
389 
390 /*
391  *	Timeout actions
392  */
393 static void
394 FsmTimeout(void *v)
395 {
396   struct fsm *fp = (struct fsm *)v;
397 
398   if (fp->restart) {
399     switch (fp->state) {
400     case ST_CLOSING:
401     case ST_STOPPING:
402       FsmSendTerminateReq(fp);
403       break;
404     case ST_REQSENT:
405     case ST_ACKSENT:
406       FsmSendConfigReq(fp);
407       break;
408     case ST_ACKRCVD:
409       FsmSendConfigReq(fp);
410       NewState(fp, ST_REQSENT);
411       break;
412     }
413     timer_Start(&fp->FsmTimer);
414   } else {
415     switch (fp->state) {
416     case ST_CLOSING:
417       (*fp->fn->LayerFinish)(fp);
418       NewState(fp, ST_CLOSED);
419       (*fp->parent->LayerFinish)(fp->parent->object, fp);
420       break;
421     case ST_STOPPING:
422       (*fp->fn->LayerFinish)(fp);
423       NewState(fp, ST_STOPPED);
424       (*fp->parent->LayerFinish)(fp->parent->object, fp);
425       break;
426     case ST_REQSENT:		/* XXX: 3p */
427     case ST_ACKSENT:
428     case ST_ACKRCVD:
429       (*fp->fn->LayerFinish)(fp);
430       NewState(fp, ST_STOPPED);
431       (*fp->parent->LayerFinish)(fp->parent->object, fp);
432       break;
433     }
434   }
435 }
436 
437 static void
438 FsmInitRestartCounter(struct fsm *fp, int what)
439 {
440   timer_Stop(&fp->FsmTimer);
441   fp->FsmTimer.func = FsmTimeout;
442   fp->FsmTimer.arg = (void *)fp;
443   (*fp->fn->InitRestartCounter)(fp, what);
444 }
445 
446 /*
447  * Actions when receive packets
448  */
449 static void
450 FsmRecvConfigReq(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
451 /* RCR */
452 {
453   struct fsm_decode dec;
454   int plen, flen;
455   int ackaction = 0;
456 
457   plen = m_length(bp);
458   flen = ntohs(lhp->length) - sizeof *lhp;
459   if (plen < flen) {
460     log_Printf(LogWARN, "%s: FsmRecvConfigReq: plen (%d) < flen (%d)\n",
461 	      fp->link->name, plen, flen);
462     m_freem(bp);
463     return;
464   }
465 
466   /* Check and process easy case */
467   switch (fp->state) {
468   case ST_INITIAL:
469     if (fp->proto == PROTO_CCP && fp->link->lcp.fsm.state == ST_OPENED) {
470       /*
471        * ccp_SetOpenMode() leaves us in initial if we're disabling
472        * & denying everything.
473        */
474       bp = m_prepend(bp, lhp, sizeof *lhp, 2);
475       bp = proto_Prepend(bp, fp->proto, 0, 0);
476       bp = m_pullup(bp);
477       lcp_SendProtoRej(&fp->link->lcp, MBUF_CTOP(bp), bp->m_len);
478       m_freem(bp);
479       return;
480     }
481     /* Drop through */
482   case ST_STARTING:
483     log_Printf(fp->LogLevel, "%s: Oops, RCR in %s.\n",
484               fp->link->name, State2Nam(fp->state));
485     m_freem(bp);
486     return;
487   case ST_CLOSED:
488     (*fp->fn->SendTerminateAck)(fp, lhp->id);
489     m_freem(bp);
490     return;
491   case ST_CLOSING:
492     log_Printf(fp->LogLevel, "%s: Error: Got ConfigReq while state = %s\n",
493               fp->link->name, State2Nam(fp->state));
494   case ST_STOPPING:
495     m_freem(bp);
496     return;
497   case ST_OPENED:
498     (*fp->fn->LayerDown)(fp);
499     (*fp->parent->LayerDown)(fp->parent->object, fp);
500     break;
501   }
502 
503   bp = m_pullup(bp);
504   dec.ackend = dec.ack;
505   dec.nakend = dec.nak;
506   dec.rejend = dec.rej;
507   (*fp->fn->DecodeConfig)(fp, MBUF_CTOP(bp), flen, MODE_REQ, &dec);
508   if (flen < sizeof(struct fsmconfig))
509     log_Printf(fp->LogLevel, "  [EMPTY]\n");
510 
511   if (dec.nakend == dec.nak && dec.rejend == dec.rej)
512     ackaction = 1;
513 
514   switch (fp->state) {
515   case ST_STOPPED:
516     FsmInitRestartCounter(fp, FSM_REQ_TIMER);
517     /* Fall through */
518 
519   case ST_OPENED:
520     FsmSendConfigReq(fp);
521     break;
522   }
523 
524   if (dec.rejend != dec.rej)
525     fsm_Output(fp, CODE_CONFIGREJ, lhp->id, dec.rej, dec.rejend - dec.rej,
526                MB_UNKNOWN);
527   if (dec.nakend != dec.nak)
528     fsm_Output(fp, CODE_CONFIGNAK, lhp->id, dec.nak, dec.nakend - dec.nak,
529                MB_UNKNOWN);
530   if (ackaction)
531     fsm_Output(fp, CODE_CONFIGACK, lhp->id, dec.ack, dec.ackend - dec.ack,
532                MB_UNKNOWN);
533 
534   switch (fp->state) {
535   case ST_STOPPED:
536       /*
537        * According to the RFC (1661) state transition table, a TLS isn't
538        * required for a RCR when state == ST_STOPPED, but the RFC
539        * must be wrong as TLS hasn't yet been called (since the last TLF)
540        */
541     (*fp->fn->LayerStart)(fp);
542     (*fp->parent->LayerStart)(fp->parent->object, fp);
543     /* Fall through */
544 
545   case ST_OPENED:
546     if (ackaction)
547       NewState(fp, ST_ACKSENT);
548     else
549       NewState(fp, ST_REQSENT);
550     break;
551   case ST_REQSENT:
552     if (ackaction)
553       NewState(fp, ST_ACKSENT);
554     break;
555   case ST_ACKRCVD:
556     if (ackaction) {
557       NewState(fp, ST_OPENED);
558       if ((*fp->fn->LayerUp)(fp))
559         (*fp->parent->LayerUp)(fp->parent->object, fp);
560       else {
561         (*fp->fn->LayerDown)(fp);
562         FsmInitRestartCounter(fp, FSM_TRM_TIMER);
563         FsmSendTerminateReq(fp);
564         NewState(fp, ST_CLOSING);
565       }
566     }
567     break;
568   case ST_ACKSENT:
569     if (!ackaction)
570       NewState(fp, ST_REQSENT);
571     break;
572   }
573   m_freem(bp);
574 
575   if (dec.rejend != dec.rej && --fp->more.rejs <= 0) {
576     log_Printf(LogPHASE, "%s: Too many %s REJs sent - abandoning negotiation\n",
577                fp->link->name, fp->name);
578     fsm_Close(fp);
579   }
580 
581   if (dec.nakend != dec.nak && --fp->more.naks <= 0) {
582     log_Printf(LogPHASE, "%s: Too many %s NAKs sent - abandoning negotiation\n",
583                fp->link->name, fp->name);
584     fsm_Close(fp);
585   }
586 }
587 
588 static void
589 FsmRecvConfigAck(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
590 /* RCA */
591 {
592   switch (fp->state) {
593     case ST_CLOSED:
594     case ST_STOPPED:
595     (*fp->fn->SendTerminateAck)(fp, lhp->id);
596     break;
597   case ST_CLOSING:
598   case ST_STOPPING:
599     break;
600   case ST_REQSENT:
601     FsmInitRestartCounter(fp, FSM_REQ_TIMER);
602     NewState(fp, ST_ACKRCVD);
603     break;
604   case ST_ACKRCVD:
605     FsmSendConfigReq(fp);
606     NewState(fp, ST_REQSENT);
607     break;
608   case ST_ACKSENT:
609     FsmInitRestartCounter(fp, FSM_REQ_TIMER);
610     NewState(fp, ST_OPENED);
611     if ((*fp->fn->LayerUp)(fp))
612       (*fp->parent->LayerUp)(fp->parent->object, fp);
613     else {
614       (*fp->fn->LayerDown)(fp);
615       FsmInitRestartCounter(fp, FSM_TRM_TIMER);
616       FsmSendTerminateReq(fp);
617       NewState(fp, ST_CLOSING);
618     }
619     break;
620   case ST_OPENED:
621     (*fp->fn->LayerDown)(fp);
622     FsmSendConfigReq(fp);
623     NewState(fp, ST_REQSENT);
624     (*fp->parent->LayerDown)(fp->parent->object, fp);
625     break;
626   }
627   m_freem(bp);
628 }
629 
630 static void
631 FsmRecvConfigNak(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
632 /* RCN */
633 {
634   struct fsm_decode dec;
635   int plen, flen;
636 
637   plen = m_length(bp);
638   flen = ntohs(lhp->length) - sizeof *lhp;
639   if (plen < flen) {
640     m_freem(bp);
641     return;
642   }
643 
644   /*
645    * Check and process easy case
646    */
647   switch (fp->state) {
648   case ST_INITIAL:
649   case ST_STARTING:
650     log_Printf(fp->LogLevel, "%s: Oops, RCN in %s.\n",
651               fp->link->name, State2Nam(fp->state));
652     m_freem(bp);
653     return;
654   case ST_CLOSED:
655   case ST_STOPPED:
656     (*fp->fn->SendTerminateAck)(fp, lhp->id);
657     m_freem(bp);
658     return;
659   case ST_CLOSING:
660   case ST_STOPPING:
661     m_freem(bp);
662     return;
663   }
664 
665   bp = m_pullup(bp);
666   dec.ackend = dec.ack;
667   dec.nakend = dec.nak;
668   dec.rejend = dec.rej;
669   (*fp->fn->DecodeConfig)(fp, MBUF_CTOP(bp), flen, MODE_NAK, &dec);
670   if (flen < sizeof(struct fsmconfig))
671     log_Printf(fp->LogLevel, "  [EMPTY]\n");
672 
673   switch (fp->state) {
674   case ST_REQSENT:
675   case ST_ACKSENT:
676     FsmInitRestartCounter(fp, FSM_REQ_TIMER);
677     FsmSendConfigReq(fp);
678     break;
679   case ST_OPENED:
680     (*fp->fn->LayerDown)(fp);
681     FsmSendConfigReq(fp);
682     NewState(fp, ST_REQSENT);
683     (*fp->parent->LayerDown)(fp->parent->object, fp);
684     break;
685   case ST_ACKRCVD:
686     FsmSendConfigReq(fp);
687     NewState(fp, ST_REQSENT);
688     break;
689   }
690 
691   m_freem(bp);
692 }
693 
694 static void
695 FsmRecvTermReq(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
696 /* RTR */
697 {
698   switch (fp->state) {
699   case ST_INITIAL:
700   case ST_STARTING:
701     log_Printf(fp->LogLevel, "%s: Oops, RTR in %s\n",
702               fp->link->name, State2Nam(fp->state));
703     break;
704   case ST_CLOSED:
705   case ST_STOPPED:
706   case ST_CLOSING:
707   case ST_STOPPING:
708   case ST_REQSENT:
709     (*fp->fn->SendTerminateAck)(fp, lhp->id);
710     break;
711   case ST_ACKRCVD:
712   case ST_ACKSENT:
713     (*fp->fn->SendTerminateAck)(fp, lhp->id);
714     NewState(fp, ST_REQSENT);
715     break;
716   case ST_OPENED:
717     (*fp->fn->LayerDown)(fp);
718     (*fp->fn->SendTerminateAck)(fp, lhp->id);
719     FsmInitRestartCounter(fp, FSM_TRM_TIMER);
720     timer_Start(&fp->FsmTimer);			/* Start restart timer */
721     fp->restart = 0;
722     NewState(fp, ST_STOPPING);
723     (*fp->parent->LayerDown)(fp->parent->object, fp);
724     /* A delayed ST_STOPPED is now scheduled */
725     break;
726   }
727   m_freem(bp);
728 }
729 
730 static void
731 FsmRecvTermAck(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
732 /* RTA */
733 {
734   switch (fp->state) {
735   case ST_CLOSING:
736     (*fp->fn->LayerFinish)(fp);
737     NewState(fp, ST_CLOSED);
738     (*fp->parent->LayerFinish)(fp->parent->object, fp);
739     break;
740   case ST_STOPPING:
741     (*fp->fn->LayerFinish)(fp);
742     NewState(fp, ST_STOPPED);
743     (*fp->parent->LayerFinish)(fp->parent->object, fp);
744     break;
745   case ST_ACKRCVD:
746     NewState(fp, ST_REQSENT);
747     break;
748   case ST_OPENED:
749     (*fp->fn->LayerDown)(fp);
750     FsmSendConfigReq(fp);
751     NewState(fp, ST_REQSENT);
752     (*fp->parent->LayerDown)(fp->parent->object, fp);
753     break;
754   }
755   m_freem(bp);
756 }
757 
758 static void
759 FsmRecvConfigRej(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
760 /* RCJ */
761 {
762   struct fsm_decode dec;
763   int plen, flen;
764 
765   plen = m_length(bp);
766   flen = ntohs(lhp->length) - sizeof *lhp;
767   if (plen < flen) {
768     m_freem(bp);
769     return;
770   }
771 
772   /*
773    * Check and process easy case
774    */
775   switch (fp->state) {
776   case ST_INITIAL:
777   case ST_STARTING:
778     log_Printf(fp->LogLevel, "%s: Oops, RCJ in %s.\n",
779               fp->link->name, State2Nam(fp->state));
780     m_freem(bp);
781     return;
782   case ST_CLOSED:
783   case ST_STOPPED:
784     (*fp->fn->SendTerminateAck)(fp, lhp->id);
785     m_freem(bp);
786     return;
787   case ST_CLOSING:
788   case ST_STOPPING:
789     m_freem(bp);
790     return;
791   }
792 
793   bp = m_pullup(bp);
794   dec.ackend = dec.ack;
795   dec.nakend = dec.nak;
796   dec.rejend = dec.rej;
797   (*fp->fn->DecodeConfig)(fp, MBUF_CTOP(bp), flen, MODE_REJ, &dec);
798   if (flen < sizeof(struct fsmconfig))
799     log_Printf(fp->LogLevel, "  [EMPTY]\n");
800 
801   switch (fp->state) {
802   case ST_REQSENT:
803   case ST_ACKSENT:
804     FsmInitRestartCounter(fp, FSM_REQ_TIMER);
805     FsmSendConfigReq(fp);
806     break;
807   case ST_OPENED:
808     (*fp->fn->LayerDown)(fp);
809     FsmSendConfigReq(fp);
810     NewState(fp, ST_REQSENT);
811     (*fp->parent->LayerDown)(fp->parent->object, fp);
812     break;
813   case ST_ACKRCVD:
814     FsmSendConfigReq(fp);
815     NewState(fp, ST_REQSENT);
816     break;
817   }
818   m_freem(bp);
819 }
820 
821 static void
822 FsmRecvCodeRej(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
823 {
824   m_freem(bp);
825 }
826 
827 static void
828 FsmRecvProtoRej(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
829 {
830   struct physical *p = link2physical(fp->link);
831   u_short proto;
832 
833   if (m_length(bp) < 2) {
834     m_freem(bp);
835     return;
836   }
837   bp = mbuf_Read(bp, &proto, 2);
838   proto = ntohs(proto);
839   log_Printf(fp->LogLevel, "%s: -- Protocol 0x%04x (%s) was rejected!\n",
840             fp->link->name, proto, hdlc_Protocol2Nam(proto));
841 
842   switch (proto) {
843   case PROTO_LQR:
844     if (p)
845       lqr_Stop(p, LQM_LQR);
846     else
847       log_Printf(LogERROR, "%s: FsmRecvProtoRej: Not a physical link !\n",
848                 fp->link->name);
849     break;
850   case PROTO_CCP:
851     if (fp->proto == PROTO_LCP) {
852       fp = &fp->link->ccp.fsm;
853       /* Despite the RFC (1661), don't do an out-of-place TLF */
854       /* (*fp->fn->LayerFinish)(fp); */
855       switch (fp->state) {
856       case ST_CLOSED:
857       case ST_CLOSING:
858         NewState(fp, ST_CLOSED);
859       default:
860         NewState(fp, ST_STOPPED);
861         break;
862       }
863       /* See above */
864       /* (*fp->parent->LayerFinish)(fp->parent->object, fp); */
865     }
866     break;
867   case PROTO_IPCP:
868     if (fp->proto == PROTO_LCP) {
869       log_Printf(LogPHASE, "%s: IPCP protocol reject closes IPCP !\n",
870                 fp->link->name);
871       fsm_Close(&fp->bundle->ncp.ipcp.fsm);
872     }
873     break;
874   case PROTO_MP:
875     if (fp->proto == PROTO_LCP) {
876       struct lcp *lcp = fsm2lcp(fp);
877 
878       if (lcp->want_mrru && lcp->his_mrru) {
879         log_Printf(LogPHASE, "%s: MP protocol reject is fatal !\n",
880                   fp->link->name);
881         fsm_Close(fp);
882       }
883     }
884     break;
885   }
886   m_freem(bp);
887 }
888 
889 static void
890 FsmRecvEchoReq(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
891 {
892   struct lcp *lcp = fsm2lcp(fp);
893   u_char *cp;
894   u_int32_t magic;
895 
896   bp = m_pullup(bp);
897   m_settype(bp, MB_ECHOIN);
898 
899   if (lcp && ntohs(lhp->length) - sizeof *lhp >= 4) {
900     cp = MBUF_CTOP(bp);
901     ua_ntohl(cp, &magic);
902     if (magic != lcp->his_magic) {
903       log_Printf(fp->LogLevel, "%s: RecvEchoReq: magic 0x%08lx is wrong,"
904                  " expecting 0x%08lx\n", fp->link->name, (u_long)magic,
905                  (u_long)lcp->his_magic);
906       /* XXX: We should send terminate request */
907     }
908     if (fp->state == ST_OPENED) {
909       ua_htonl(&lcp->want_magic, cp);		/* local magic */
910       fsm_Output(fp, CODE_ECHOREP, lhp->id, cp,
911                  ntohs(lhp->length) - sizeof *lhp, MB_ECHOOUT);
912     }
913   }
914   m_freem(bp);
915 }
916 
917 static void
918 FsmRecvEchoRep(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
919 {
920   if (fsm2lcp(fp))
921     bp = lqr_RecvEcho(fp, bp);
922 
923   m_freem(bp);
924 }
925 
926 static void
927 FsmRecvDiscReq(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
928 {
929   m_freem(bp);
930 }
931 
932 static void
933 FsmRecvIdent(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
934 {
935   m_freem(bp);
936 }
937 
938 static void
939 FsmRecvTimeRemain(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
940 {
941   m_freem(bp);
942 }
943 
944 static void
945 FsmRecvResetReq(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
946 {
947   (*fp->fn->RecvResetReq)(fp);
948   /*
949    * All sendable compressed packets are queued in the first (lowest
950    * priority) modem output queue.... dump 'em to the priority queue
951    * so that they arrive at the peer before our ResetAck.
952    */
953   link_SequenceQueue(fp->link);
954   fsm_Output(fp, CODE_RESETACK, lhp->id, NULL, 0, MB_CCPOUT);
955   m_freem(bp);
956 }
957 
958 static void
959 FsmRecvResetAck(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
960 {
961   (*fp->fn->RecvResetAck)(fp, lhp->id);
962   m_freem(bp);
963 }
964 
965 void
966 fsm_Input(struct fsm *fp, struct mbuf *bp)
967 {
968   int len;
969   struct fsmheader lh;
970   const struct fsmcodedesc *codep;
971 
972   len = m_length(bp);
973   if (len < sizeof(struct fsmheader)) {
974     m_freem(bp);
975     return;
976   }
977   bp = mbuf_Read(bp, &lh, sizeof lh);
978 
979   if (ntohs(lh.length) != len)
980     log_Printf(LogWARN, "%s: Oops: Got %d bytes but %d byte payload\n",
981                fp->link->name, len, (int)ntohs(lh.length));
982 
983   if (lh.code < fp->min_code || lh.code > fp->max_code ||
984       lh.code > sizeof FsmCodes / sizeof *FsmCodes) {
985     /*
986      * Use a private id.  This is really a response-type packet, but we
987      * MUST send a unique id for each REQ....
988      */
989     static u_char id;
990 
991     bp = m_prepend(bp, &lh, sizeof lh, 0);
992     bp = m_pullup(bp);
993     fsm_Output(fp, CODE_CODEREJ, id++, MBUF_CTOP(bp), bp->m_len, MB_UNKNOWN);
994     m_freem(bp);
995     return;
996   }
997 
998   codep = FsmCodes + lh.code - 1;
999   if (lh.id != fp->reqid && codep->check_reqid &&
1000       Enabled(fp->bundle, OPT_IDCHECK)) {
1001     log_Printf(fp->LogLevel, "%s: Recv%s(%d), dropped (expected %d)\n",
1002 	      fp->link->name, codep->name, lh.id, fp->reqid);
1003     return;
1004   }
1005 
1006   log_Printf(fp->LogLevel, "%s: Recv%s(%d) state = %s\n",
1007 	    fp->link->name, codep->name, lh.id, State2Nam(fp->state));
1008 
1009   if (codep->inc_reqid && (lh.id == fp->reqid ||
1010       (!Enabled(fp->bundle, OPT_IDCHECK) && codep->check_reqid)))
1011     fp->reqid++;	/* That's the end of that ``exchange''.... */
1012 
1013   (*codep->recv)(fp, &lh, bp);
1014 }
1015 
1016 void
1017 fsm_NullRecvResetReq(struct fsm *fp)
1018 {
1019   log_Printf(fp->LogLevel, "%s: Oops - received unexpected reset req\n",
1020             fp->link->name);
1021 }
1022 
1023 void
1024 fsm_NullRecvResetAck(struct fsm *fp, u_char id)
1025 {
1026   log_Printf(fp->LogLevel, "%s: Oops - received unexpected reset ack\n",
1027             fp->link->name);
1028 }
1029 
1030 void
1031 fsm_Reopen(struct fsm *fp)
1032 {
1033   if (fp->state == ST_OPENED) {
1034     (*fp->fn->LayerDown)(fp);
1035     FsmInitRestartCounter(fp, FSM_REQ_TIMER);
1036     FsmSendConfigReq(fp);
1037     NewState(fp, ST_REQSENT);
1038     (*fp->parent->LayerDown)(fp->parent->object, fp);
1039   }
1040 }
1041 
1042 void
1043 fsm2initial(struct fsm *fp)
1044 {
1045   timer_Stop(&fp->FsmTimer);
1046   timer_Stop(&fp->OpenTimer);
1047   timer_Stop(&fp->StoppedTimer);
1048   if (fp->state == ST_STOPPED)
1049     fsm_Close(fp);
1050   if (fp->state > ST_INITIAL)
1051     fsm_Down(fp);
1052   if (fp->state > ST_INITIAL)
1053     fsm_Close(fp);
1054 }
1055