1 /*- 2 * Copyright (c) 2001 Brian Somers <brian@Awfulhak.org> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $FreeBSD$ 27 */ 28 29 #include <sys/param.h> 30 #include <netinet/in_systm.h> 31 #include <netinet/in.h> 32 #include <netinet/ip.h> 33 #include <sys/socket.h> 34 #include <net/route.h> 35 #include <sys/un.h> 36 37 #include <errno.h> 38 #include <resolv.h> 39 #include <stdarg.h> 40 #include <stdlib.h> 41 #include <string.h> 42 #include <termios.h> 43 44 #include "layer.h" 45 #include "defs.h" 46 #include "command.h" 47 #include "mbuf.h" 48 #include "log.h" 49 #include "timer.h" 50 #include "fsm.h" 51 #include "iplist.h" 52 #include "throughput.h" 53 #include "slcompress.h" 54 #include "lqr.h" 55 #include "hdlc.h" 56 #include "lcp.h" 57 #include "ncpaddr.h" 58 #include "ipcp.h" 59 #include "filter.h" 60 #include "descriptor.h" 61 #include "async.h" 62 #include "ccp.h" 63 #include "link.h" 64 #include "physical.h" 65 #include "mp.h" 66 #ifndef NORADIUS 67 #include "radius.h" 68 #endif 69 #include "ipv6cp.h" 70 #include "ncp.h" 71 #include "bundle.h" 72 #include "prompt.h" 73 #include "route.h" 74 #include "iface.h" 75 #include "chat.h" 76 #include "auth.h" 77 #include "chap.h" 78 #include "cbcp.h" 79 #include "datalink.h" 80 81 82 static u_short default_urgent_tcp_ports[] = { 83 21, /* ftp */ 84 22, /* ssh */ 85 23, /* telnet */ 86 513, /* login */ 87 514, /* shell */ 88 543, /* klogin */ 89 544 /* kshell */ 90 }; 91 92 static u_short default_urgent_udp_ports[] = { }; 93 94 #define NDEFTCPPORTS \ 95 (sizeof default_urgent_tcp_ports / sizeof default_urgent_tcp_ports[0]) 96 #define NDEFUDPPORTS \ 97 (sizeof default_urgent_udp_ports / sizeof default_urgent_udp_ports[0]) 98 99 void 100 ncp_Init(struct ncp *ncp, struct bundle *bundle) 101 { 102 ncp->afq = AF_INET; 103 ncp->route = NULL; 104 105 ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = NDEFTCPPORTS; 106 ncp->cfg.urgent.tcp.port = (u_short *)malloc(NDEFTCPPORTS * sizeof(u_short)); 107 memcpy(ncp->cfg.urgent.tcp.port, default_urgent_tcp_ports, 108 NDEFTCPPORTS * sizeof(u_short)); 109 ncp->cfg.urgent.tos = 1; 110 111 ncp->cfg.urgent.udp.nports = ncp->cfg.urgent.udp.maxports = NDEFUDPPORTS; 112 ncp->cfg.urgent.udp.port = (u_short *)malloc(NDEFUDPPORTS * sizeof(u_short)); 113 memcpy(ncp->cfg.urgent.udp.port, default_urgent_udp_ports, 114 NDEFUDPPORTS * sizeof(u_short)); 115 116 117 mp_Init(&ncp->mp, bundle); 118 119 /* Send over the first physical link by default */ 120 ipcp_Init(&ncp->ipcp, bundle, &bundle->links->physical->link, 121 &bundle->fsm); 122 #ifndef NOINET6 123 ipv6cp_Init(&ncp->ipv6cp, bundle, &bundle->links->physical->link, 124 &bundle->fsm); 125 #endif 126 } 127 128 void 129 ncp_Destroy(struct ncp *ncp) 130 { 131 ipcp_Destroy(&ncp->ipcp); 132 #ifndef NOINET6 133 ipv6cp_Destroy(&ncp->ipv6cp); 134 #endif 135 136 if (ncp->cfg.urgent.tcp.maxports) { 137 ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = 0; 138 free(ncp->cfg.urgent.tcp.port); 139 ncp->cfg.urgent.tcp.port = NULL; 140 } 141 if (ncp->cfg.urgent.udp.maxports) { 142 ncp->cfg.urgent.udp.nports = ncp->cfg.urgent.udp.maxports = 0; 143 free(ncp->cfg.urgent.udp.port); 144 ncp->cfg.urgent.udp.port = NULL; 145 } 146 } 147 148 int 149 ncp_fsmStart(struct ncp *ncp, struct bundle *bundle) 150 { 151 int res = 0; 152 153 #ifndef NOINET6 154 if (Enabled(bundle, OPT_IPCP)) { 155 #endif 156 fsm_Up(&ncp->ipcp.fsm); 157 fsm_Open(&ncp->ipcp.fsm); 158 res++; 159 #ifndef NOINET6 160 } 161 162 if (Enabled(bundle, OPT_IPV6CP)) { 163 fsm_Up(&ncp->ipv6cp.fsm); 164 fsm_Open(&ncp->ipv6cp.fsm); 165 res++; 166 } 167 #endif 168 169 return res; 170 } 171 172 void 173 ncp_IfaceAddrAdded(struct ncp *ncp, const struct iface_addr *addr) 174 { 175 switch (ncprange_family(&addr->ifa)) { 176 case AF_INET: 177 ipcp_IfaceAddrAdded(&ncp->ipcp, addr); 178 break; 179 #ifndef NOINET6 180 case AF_INET6: 181 ipv6cp_IfaceAddrAdded(&ncp->ipv6cp, addr); 182 break; 183 #endif 184 } 185 } 186 187 void 188 ncp_IfaceAddrDeleted(struct ncp *ncp, const struct iface_addr *addr) 189 { 190 if (ncprange_family(&addr->ifa) == AF_INET) 191 ipcp_IfaceAddrDeleted(&ncp->ipcp, addr); 192 } 193 194 void 195 ncp_SetLink(struct ncp *ncp, struct link *l) 196 { 197 ipcp_SetLink(&ncp->ipcp, l); 198 #ifndef NOINET6 199 ipv6cp_SetLink(&ncp->ipv6cp, l); 200 #endif 201 } 202 203 /* 204 * Enqueue a packet of the given address family. Nothing will make it 205 * down to the physical link level 'till ncp_FillPhysicalQueues() is used. 206 */ 207 void 208 ncp_Enqueue(struct ncp *ncp, int af, int pri, char *ptr, int count) 209 { 210 #ifndef NOINET6 211 struct ipv6cp *ipv6cp = &ncp->ipv6cp; 212 #endif 213 struct ipcp *ipcp = &ncp->ipcp; 214 struct mbuf *bp; 215 216 /* 217 * We allocate an extra 6 bytes, four at the front and two at the end. 218 * This is an optimisation so that we need to do less work in 219 * m_prepend() in acf_LayerPush() and proto_LayerPush() and 220 * appending in hdlc_LayerPush(). 221 */ 222 223 switch (af) { 224 case AF_INET: 225 if (pri < 0 || pri >= IPCP_QUEUES(ipcp)) { 226 log_Printf(LogERROR, "Can't store in ip queue %d\n", pri); 227 break; 228 } 229 230 bp = m_get(count + 6, MB_IPOUT); 231 bp->m_offset += 4; 232 bp->m_len -= 6; 233 memcpy(MBUF_CTOP(bp), ptr, count); 234 m_enqueue(ipcp->Queue + pri, bp); 235 break; 236 237 #ifndef NOINET6 238 case AF_INET6: 239 if (pri < 0 || pri >= IPV6CP_QUEUES(ipcp)) { 240 log_Printf(LogERROR, "Can't store in ipv6 queue %d\n", pri); 241 break; 242 } 243 244 bp = m_get(count + 6, MB_IPOUT); 245 bp->m_offset += 4; 246 bp->m_len -= 6; 247 memcpy(MBUF_CTOP(bp), ptr, count); 248 m_enqueue(ipv6cp->Queue + pri, bp); 249 break; 250 #endif 251 252 default: 253 log_Printf(LogERROR, "Can't enqueue protocol family %d\n", af); 254 } 255 } 256 257 /* 258 * How many packets are queued to go out ? 259 */ 260 size_t 261 ncp_QueueLen(struct ncp *ncp) 262 { 263 size_t result; 264 265 result = ipcp_QueueLen(&ncp->ipcp); 266 #ifndef NOINET6 267 result += ipv6cp_QueueLen(&ncp->ipv6cp); 268 #endif 269 result += mp_QueueLen(&ncp->mp); /* Usually empty */ 270 271 return result; 272 } 273 274 /* 275 * Ditch all queued packets. This is usually done after our choked timer 276 * has fired - which happens because we couldn't send any traffic over 277 * any links for some time. 278 */ 279 void 280 ncp_DeleteQueues(struct ncp *ncp) 281 { 282 #ifndef NOINET6 283 struct ipv6cp *ipv6cp = &ncp->ipv6cp; 284 #endif 285 struct ipcp *ipcp = &ncp->ipcp; 286 struct mp *mp = &ncp->mp; 287 struct mqueue *q; 288 289 for (q = ipcp->Queue; q < ipcp->Queue + IPCP_QUEUES(ipcp); q++) 290 while (q->top) 291 m_freem(m_dequeue(q)); 292 293 #ifndef NOINET6 294 for (q = ipv6cp->Queue; q < ipv6cp->Queue + IPV6CP_QUEUES(ipv6cp); q++) 295 while (q->top) 296 m_freem(m_dequeue(q)); 297 #endif 298 299 link_DeleteQueue(&mp->link); /* Usually empty anyway */ 300 } 301 302 /* 303 * Arrange that each of our links has at least one packet. We keep the 304 * number of packets queued at the link level to a minimum so that the 305 * loss of a link in multi-link mode results in the minimum number of 306 * dropped packets. 307 */ 308 size_t 309 ncp_FillPhysicalQueues(struct ncp *ncp, struct bundle *bundle) 310 { 311 size_t total; 312 313 if (bundle->ncp.mp.active) 314 total = mp_FillPhysicalQueues(bundle); 315 else { 316 struct datalink *dl; 317 size_t add; 318 319 for (total = 0, dl = bundle->links; dl; dl = dl->next) 320 if (dl->state == DATALINK_OPEN) { 321 add = link_QueueLen(&dl->physical->link); 322 if (add == 0 && dl->physical->out == NULL) 323 add = ncp_PushPacket(ncp, &ncp->afq, &dl->physical->link); 324 total += add; 325 } 326 } 327 328 return total + ncp_QueueLen(&bundle->ncp); 329 } 330 331 /* 332 * Push a packet into the given link. ``af'' is used as a persistent record 333 * of what is to be pushed next, coming either from mp->out or ncp->afq. 334 */ 335 int 336 ncp_PushPacket(struct ncp *ncp, int *af, struct link *l) 337 { 338 struct bundle *bundle = l->lcp.fsm.bundle; 339 int res; 340 341 #ifndef NOINET6 342 if (*af == AF_INET) { 343 if ((res = ipcp_PushPacket(&bundle->ncp.ipcp, l))) 344 *af = AF_INET6; 345 else 346 res = ipv6cp_PushPacket(&bundle->ncp.ipv6cp, l); 347 } else { 348 if ((res = ipv6cp_PushPacket(&bundle->ncp.ipv6cp, l))) 349 *af = AF_INET; 350 else 351 res = ipcp_PushPacket(&bundle->ncp.ipcp, l); 352 } 353 #else 354 res = ipcp_PushPacket(&bundle->ncp.ipcp, l); 355 #endif 356 357 return res; 358 } 359 360 int 361 ncp_IsUrgentPort(struct port_range *range, u_short src, u_short dst) 362 { 363 int f; 364 365 for (f = 0; f < range->nports; f++) 366 if (range->port[f] == src || range->port[f] == dst) 367 return 1; 368 369 return 0; 370 } 371 372 void 373 ncp_AddUrgentPort(struct port_range *range, u_short port) 374 { 375 u_short *newport; 376 int p; 377 378 if (range->nports == range->maxports) { 379 range->maxports += 10; 380 newport = (u_short *)realloc(range->port, 381 range->maxports * sizeof(u_short)); 382 if (newport == NULL) { 383 log_Printf(LogERROR, "ncp_AddUrgentPort: realloc: %s\n", 384 strerror(errno)); 385 range->maxports -= 10; 386 return; 387 } 388 range->port = newport; 389 } 390 391 for (p = 0; p < range->nports; p++) 392 if (range->port[p] == port) { 393 log_Printf(LogWARN, "%u: Port already set to urgent\n", port); 394 break; 395 } else if (range->port[p] > port) { 396 memmove(range->port + p + 1, range->port + p, 397 (range->nports - p) * sizeof(u_short)); 398 range->port[p] = port; 399 range->nports++; 400 break; 401 } 402 403 if (p == range->nports) 404 range->port[range->nports++] = port; 405 } 406 407 void 408 ncp_RemoveUrgentPort(struct port_range *range, u_short port) 409 { 410 int p; 411 412 for (p = 0; p < range->nports; p++) 413 if (range->port[p] == port) { 414 if (p != range->nports - 1) 415 memmove(range->port + p, range->port + p + 1, 416 (range->nports - p - 1) * sizeof(u_short)); 417 range->nports--; 418 return; 419 } 420 421 if (p == range->nports) 422 log_Printf(LogWARN, "%u: Port not set to urgent\n", port); 423 } 424 425 void 426 ncp_ClearUrgentPorts(struct port_range *range) 427 { 428 range->nports = 0; 429 } 430 431 int 432 ncp_Show(struct cmdargs const *arg) 433 { 434 struct ncp *ncp = &arg->bundle->ncp; 435 int p; 436 437 #ifndef NOINET6 438 prompt_Printf(arg->prompt, "Next queued AF: %s\n", 439 ncp->afq == AF_INET6 ? "inet6" : "inet"); 440 #endif 441 442 if (ncp->route) { 443 prompt_Printf(arg->prompt, "\n"); 444 route_ShowSticky(arg->prompt, ncp->route, "Sticky routes", 1); 445 } 446 447 prompt_Printf(arg->prompt, "\nDefaults:\n"); 448 prompt_Printf(arg->prompt, " sendpipe: "); 449 if (ncp->cfg.sendpipe > 0) 450 prompt_Printf(arg->prompt, "%-20ld\n", ncp->cfg.sendpipe); 451 else 452 prompt_Printf(arg->prompt, "unspecified\n"); 453 prompt_Printf(arg->prompt, " recvpipe: "); 454 if (ncp->cfg.recvpipe > 0) 455 prompt_Printf(arg->prompt, "%ld\n", ncp->cfg.recvpipe); 456 else 457 prompt_Printf(arg->prompt, "unspecified\n"); 458 459 prompt_Printf(arg->prompt, "\n Urgent ports\n"); 460 prompt_Printf(arg->prompt, " TCP: "); 461 if (ncp->cfg.urgent.tcp.nports == 0) 462 prompt_Printf(arg->prompt, "none"); 463 else 464 for (p = 0; p < ncp->cfg.urgent.tcp.nports; p++) { 465 if (p) 466 prompt_Printf(arg->prompt, ", "); 467 prompt_Printf(arg->prompt, "%u", ncp->cfg.urgent.tcp.port[p]); 468 } 469 470 prompt_Printf(arg->prompt, "\n UDP: "); 471 if (ncp->cfg.urgent.udp.nports == 0) 472 prompt_Printf(arg->prompt, "none"); 473 else 474 for (p = 0; p < ncp->cfg.urgent.udp.nports; p++) { 475 if (p) 476 prompt_Printf(arg->prompt, ", "); 477 prompt_Printf(arg->prompt, "%u", ncp->cfg.urgent.udp.port[p]); 478 } 479 prompt_Printf(arg->prompt, "\n TOS: %s\n\n", 480 ncp->cfg.urgent.tos ? "yes" : "no"); 481 482 return 0; 483 } 484 485 int 486 ncp_LayersOpen(struct ncp *ncp) 487 { 488 int n; 489 490 n = !!(ncp->ipcp.fsm.state == ST_OPENED); 491 #ifndef NOINET6 492 n += !!(ncp->ipv6cp.fsm.state == ST_OPENED); 493 #endif 494 495 return n; 496 } 497 498 int 499 ncp_LayersUnfinished(struct ncp *ncp) 500 { 501 int n = 0; 502 503 if (ncp->ipcp.fsm.state > ST_CLOSED || 504 ncp->ipcp.fsm.state == ST_STARTING) 505 n++; 506 507 #ifndef NOINET6 508 if (ncp->ipv6cp.fsm.state > ST_CLOSED || 509 ncp->ipv6cp.fsm.state == ST_STARTING) 510 n++; 511 #endif 512 513 return n; 514 } 515 516 void 517 ncp_Close(struct ncp *ncp) 518 { 519 if (ncp->ipcp.fsm.state > ST_CLOSED || 520 ncp->ipcp.fsm.state == ST_STARTING) 521 fsm_Close(&ncp->ipcp.fsm); 522 523 #ifndef NOINET6 524 if (ncp->ipv6cp.fsm.state > ST_CLOSED || 525 ncp->ipv6cp.fsm.state == ST_STARTING) 526 fsm_Close(&ncp->ipv6cp.fsm); 527 #endif 528 } 529 530 void 531 ncp2initial(struct ncp *ncp) 532 { 533 fsm2initial(&ncp->ipcp.fsm); 534 #ifndef NOINET6 535 fsm2initial(&ncp->ipv6cp.fsm); 536 #endif 537 } 538