1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2001 Brian Somers <brian@Awfulhak.org> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <sys/param.h> 30 #include <netinet/in_systm.h> 31 #include <netinet/in.h> 32 #include <netinet/ip.h> 33 #include <sys/socket.h> 34 #include <net/route.h> 35 #include <sys/un.h> 36 37 #include <errno.h> 38 #include <resolv.h> 39 #include <stdarg.h> 40 #include <stdlib.h> 41 #include <string.h> 42 #include <termios.h> 43 44 #include "layer.h" 45 #include "defs.h" 46 #include "command.h" 47 #include "mbuf.h" 48 #include "log.h" 49 #include "timer.h" 50 #include "fsm.h" 51 #include "iplist.h" 52 #include "throughput.h" 53 #include "slcompress.h" 54 #include "lqr.h" 55 #include "hdlc.h" 56 #include "lcp.h" 57 #include "ncpaddr.h" 58 #include "ipcp.h" 59 #include "filter.h" 60 #include "descriptor.h" 61 #include "async.h" 62 #include "ccp.h" 63 #include "link.h" 64 #include "physical.h" 65 #include "mp.h" 66 #ifndef NORADIUS 67 #include "radius.h" 68 #endif 69 #include "ipv6cp.h" 70 #include "ncp.h" 71 #include "bundle.h" 72 #include "prompt.h" 73 #include "route.h" 74 #include "iface.h" 75 #include "chat.h" 76 #include "auth.h" 77 #include "chap.h" 78 #include "cbcp.h" 79 #include "datalink.h" 80 81 82 static u_short default_urgent_tcp_ports[] = { 83 21, /* ftp */ 84 22, /* ssh */ 85 23, /* telnet */ 86 513, /* login */ 87 514, /* shell */ 88 543, /* klogin */ 89 544 /* kshell */ 90 }; 91 92 #define NDEFTCPPORTS \ 93 (sizeof default_urgent_tcp_ports / sizeof default_urgent_tcp_ports[0]) 94 95 void 96 ncp_Init(struct ncp *ncp, struct bundle *bundle) 97 { 98 ncp->afq = AF_INET; 99 ncp->route = NULL; 100 101 ncp->cfg.urgent.tcp.port = (u_short *)malloc(NDEFTCPPORTS * sizeof(u_short)); 102 if (ncp->cfg.urgent.tcp.port == NULL) { 103 log_Printf(LogERROR, "ncp_Init: Out of memory allocating urgent ports\n"); 104 ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = 0; 105 } else { 106 ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = NDEFTCPPORTS; 107 memcpy(ncp->cfg.urgent.tcp.port, default_urgent_tcp_ports, 108 NDEFTCPPORTS * sizeof(u_short)); 109 } 110 ncp->cfg.urgent.tos = 1; 111 112 ncp->cfg.urgent.udp.nports = ncp->cfg.urgent.udp.maxports = 0; 113 ncp->cfg.urgent.udp.port = NULL; 114 115 mp_Init(&ncp->mp, bundle); 116 117 /* Send over the first physical link by default */ 118 ipcp_Init(&ncp->ipcp, bundle, &bundle->links->physical->link, 119 &bundle->fsm); 120 #ifndef NOINET6 121 ipv6cp_Init(&ncp->ipv6cp, bundle, &bundle->links->physical->link, 122 &bundle->fsm); 123 #endif 124 } 125 126 void 127 ncp_Destroy(struct ncp *ncp) 128 { 129 ipcp_Destroy(&ncp->ipcp); 130 #ifndef NOINET6 131 ipv6cp_Destroy(&ncp->ipv6cp); 132 #endif 133 134 if (ncp->cfg.urgent.tcp.maxports) { 135 ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = 0; 136 free(ncp->cfg.urgent.tcp.port); 137 ncp->cfg.urgent.tcp.port = NULL; 138 } 139 if (ncp->cfg.urgent.udp.maxports) { 140 ncp->cfg.urgent.udp.nports = ncp->cfg.urgent.udp.maxports = 0; 141 free(ncp->cfg.urgent.udp.port); 142 ncp->cfg.urgent.udp.port = NULL; 143 } 144 } 145 146 int 147 ncp_fsmStart(struct ncp *ncp, 148 #ifdef NOINET6 149 struct bundle *bundle __unused 150 #else 151 struct bundle *bundle 152 #endif 153 ) 154 { 155 int res = 0; 156 157 #ifndef NOINET6 158 if (Enabled(bundle, OPT_IPCP)) { 159 #endif 160 fsm_Up(&ncp->ipcp.fsm); 161 fsm_Open(&ncp->ipcp.fsm); 162 res++; 163 #ifndef NOINET6 164 } 165 166 if (Enabled(bundle, OPT_IPV6CP)) { 167 fsm_Up(&ncp->ipv6cp.fsm); 168 fsm_Open(&ncp->ipv6cp.fsm); 169 res++; 170 } 171 #endif 172 173 return res; 174 } 175 176 void 177 ncp_IfaceAddrAdded(struct ncp *ncp, const struct iface_addr *addr) 178 { 179 switch (ncprange_family(&addr->ifa)) { 180 case AF_INET: 181 ipcp_IfaceAddrAdded(&ncp->ipcp, addr); 182 break; 183 #ifndef NOINET6 184 case AF_INET6: 185 ipv6cp_IfaceAddrAdded(&ncp->ipv6cp, addr); 186 break; 187 #endif 188 } 189 } 190 191 void 192 ncp_IfaceAddrDeleted(struct ncp *ncp, const struct iface_addr *addr) 193 { 194 if (ncprange_family(&addr->ifa) == AF_INET) 195 ipcp_IfaceAddrDeleted(&ncp->ipcp, addr); 196 } 197 198 void 199 ncp_SetLink(struct ncp *ncp, struct link *l) 200 { 201 ipcp_SetLink(&ncp->ipcp, l); 202 #ifndef NOINET6 203 ipv6cp_SetLink(&ncp->ipv6cp, l); 204 #endif 205 } 206 207 /* 208 * Enqueue a packet of the given address family. Nothing will make it 209 * down to the physical link level 'till ncp_FillPhysicalQueues() is used. 210 */ 211 void 212 ncp_Enqueue(struct ncp *ncp, int af, unsigned pri, char *ptr, int count) 213 { 214 #ifndef NOINET6 215 struct ipv6cp *ipv6cp = &ncp->ipv6cp; 216 #endif 217 struct ipcp *ipcp = &ncp->ipcp; 218 struct mbuf *bp; 219 220 /* 221 * We allocate an extra 6 bytes, four at the front and two at the end. 222 * This is an optimisation so that we need to do less work in 223 * m_prepend() in acf_LayerPush() and proto_LayerPush() and 224 * appending in hdlc_LayerPush(). 225 */ 226 227 switch (af) { 228 case AF_INET: 229 if (pri >= IPCP_QUEUES(ipcp)) { 230 log_Printf(LogERROR, "Can't store in ip queue %u\n", pri); 231 break; 232 } 233 234 bp = m_get(count + 6, MB_IPOUT); 235 bp->m_offset += 4; 236 bp->m_len -= 6; 237 memcpy(MBUF_CTOP(bp), ptr, count); 238 m_enqueue(ipcp->Queue + pri, bp); 239 break; 240 241 #ifndef NOINET6 242 case AF_INET6: 243 if (pri >= IPV6CP_QUEUES(ipcp)) { 244 log_Printf(LogERROR, "Can't store in ipv6 queue %u\n", pri); 245 break; 246 } 247 248 bp = m_get(count + 6, MB_IPOUT); 249 bp->m_offset += 4; 250 bp->m_len -= 6; 251 memcpy(MBUF_CTOP(bp), ptr, count); 252 m_enqueue(ipv6cp->Queue + pri, bp); 253 break; 254 #endif 255 256 default: 257 log_Printf(LogERROR, "Can't enqueue protocol family %d\n", af); 258 } 259 } 260 261 /* 262 * How many packets are queued to go out ? 263 */ 264 size_t 265 ncp_QueueLen(struct ncp *ncp) 266 { 267 size_t result; 268 269 result = ipcp_QueueLen(&ncp->ipcp); 270 #ifndef NOINET6 271 result += ipv6cp_QueueLen(&ncp->ipv6cp); 272 #endif 273 result += mp_QueueLen(&ncp->mp); /* Usually empty */ 274 275 return result; 276 } 277 278 /* 279 * Ditch all queued packets. This is usually done after our choked timer 280 * has fired - which happens because we couldn't send any traffic over 281 * any links for some time. 282 */ 283 void 284 ncp_DeleteQueues(struct ncp *ncp) 285 { 286 #ifndef NOINET6 287 struct ipv6cp *ipv6cp = &ncp->ipv6cp; 288 #endif 289 struct ipcp *ipcp = &ncp->ipcp; 290 struct mp *mp = &ncp->mp; 291 struct mqueue *q; 292 293 for (q = ipcp->Queue; q < ipcp->Queue + IPCP_QUEUES(ipcp); q++) 294 while (q->top) 295 m_freem(m_dequeue(q)); 296 297 #ifndef NOINET6 298 for (q = ipv6cp->Queue; q < ipv6cp->Queue + IPV6CP_QUEUES(ipv6cp); q++) 299 while (q->top) 300 m_freem(m_dequeue(q)); 301 #endif 302 303 link_DeleteQueue(&mp->link); /* Usually empty anyway */ 304 } 305 306 /* 307 * Arrange that each of our links has at least one packet. We keep the 308 * number of packets queued at the link level to a minimum so that the 309 * loss of a link in multi-link mode results in the minimum number of 310 * dropped packets. 311 */ 312 size_t 313 ncp_FillPhysicalQueues(struct ncp *ncp, struct bundle *bundle) 314 { 315 size_t total; 316 317 if (bundle->ncp.mp.active) 318 total = mp_FillPhysicalQueues(bundle); 319 else { 320 struct datalink *dl; 321 size_t add; 322 323 for (total = 0, dl = bundle->links; dl; dl = dl->next) 324 if (dl->state == DATALINK_OPEN) { 325 add = link_QueueLen(&dl->physical->link); 326 if (add == 0 && dl->physical->out == NULL) 327 add = ncp_PushPacket(ncp, &ncp->afq, &dl->physical->link); 328 total += add; 329 } 330 } 331 332 return total + ncp_QueueLen(&bundle->ncp); 333 } 334 335 /* 336 * Push a packet into the given link. ``af'' is used as a persistent record 337 * of what is to be pushed next, coming either from mp->out or ncp->afq. 338 */ 339 int 340 ncp_PushPacket(struct ncp *ncp __unused, 341 #ifdef NOINET6 342 int *af __unused, 343 #else 344 int *af, 345 #endif 346 struct link *l) 347 { 348 struct bundle *bundle = l->lcp.fsm.bundle; 349 int res; 350 351 #ifndef NOINET6 352 if (*af == AF_INET) { 353 if ((res = ipcp_PushPacket(&bundle->ncp.ipcp, l))) 354 *af = AF_INET6; 355 else 356 res = ipv6cp_PushPacket(&bundle->ncp.ipv6cp, l); 357 } else { 358 if ((res = ipv6cp_PushPacket(&bundle->ncp.ipv6cp, l))) 359 *af = AF_INET; 360 else 361 res = ipcp_PushPacket(&bundle->ncp.ipcp, l); 362 } 363 #else 364 res = ipcp_PushPacket(&bundle->ncp.ipcp, l); 365 #endif 366 367 return res; 368 } 369 370 int 371 ncp_IsUrgentPort(struct port_range *range, u_short src, u_short dst) 372 { 373 unsigned f; 374 375 for (f = 0; f < range->nports; f++) 376 if (range->port[f] == src || range->port[f] == dst) 377 return 1; 378 379 return 0; 380 } 381 382 void 383 ncp_AddUrgentPort(struct port_range *range, u_short port) 384 { 385 u_short *newport; 386 unsigned p; 387 388 if (range->nports == range->maxports) { 389 range->maxports += 10; 390 newport = (u_short *)realloc(range->port, 391 range->maxports * sizeof(u_short)); 392 if (newport == NULL) { 393 log_Printf(LogERROR, "ncp_AddUrgentPort: realloc: %s\n", 394 strerror(errno)); 395 range->maxports -= 10; 396 return; 397 } 398 range->port = newport; 399 } 400 401 for (p = 0; p < range->nports; p++) 402 if (range->port[p] == port) { 403 log_Printf(LogWARN, "%u: Port already set to urgent\n", port); 404 break; 405 } else if (range->port[p] > port) { 406 memmove(range->port + p + 1, range->port + p, 407 (range->nports - p) * sizeof(u_short)); 408 range->port[p] = port; 409 range->nports++; 410 break; 411 } 412 413 if (p == range->nports) 414 range->port[range->nports++] = port; 415 } 416 417 void 418 ncp_RemoveUrgentPort(struct port_range *range, u_short port) 419 { 420 unsigned p; 421 422 for (p = 0; p < range->nports; p++) 423 if (range->port[p] == port) { 424 if (p + 1 != range->nports) 425 memmove(range->port + p, range->port + p + 1, 426 (range->nports - p - 1) * sizeof(u_short)); 427 range->nports--; 428 return; 429 } 430 431 if (p == range->nports) 432 log_Printf(LogWARN, "%u: Port not set to urgent\n", port); 433 } 434 435 void 436 ncp_ClearUrgentPorts(struct port_range *range) 437 { 438 range->nports = 0; 439 } 440 441 int 442 ncp_IsUrgentTcpLen(struct ncp *ncp, int len) 443 { 444 if (len < ncp->cfg.urgent.len) 445 return 1; 446 else 447 return 0; 448 } 449 450 void 451 ncp_SetUrgentTcpLen(struct ncp *ncp, int len) 452 { 453 ncp->cfg.urgent.len = len; 454 } 455 456 int 457 ncp_Show(struct cmdargs const *arg) 458 { 459 struct ncp *ncp = &arg->bundle->ncp; 460 unsigned p; 461 462 #ifndef NOINET6 463 prompt_Printf(arg->prompt, "Next queued AF: %s\n", 464 ncp->afq == AF_INET6 ? "inet6" : "inet"); 465 #endif 466 467 if (ncp->route) { 468 prompt_Printf(arg->prompt, "\n"); 469 route_ShowSticky(arg->prompt, ncp->route, "Sticky routes", 1); 470 } 471 472 prompt_Printf(arg->prompt, "\nDefaults:\n"); 473 prompt_Printf(arg->prompt, " sendpipe: "); 474 if (ncp->cfg.sendpipe > 0) 475 prompt_Printf(arg->prompt, "%-20ld\n", ncp->cfg.sendpipe); 476 else 477 prompt_Printf(arg->prompt, "unspecified\n"); 478 prompt_Printf(arg->prompt, " recvpipe: "); 479 if (ncp->cfg.recvpipe > 0) 480 prompt_Printf(arg->prompt, "%ld\n", ncp->cfg.recvpipe); 481 else 482 prompt_Printf(arg->prompt, "unspecified\n"); 483 484 prompt_Printf(arg->prompt, "\n Urgent ports\n"); 485 prompt_Printf(arg->prompt, " TCP: "); 486 if (ncp->cfg.urgent.tcp.nports == 0) 487 prompt_Printf(arg->prompt, "none"); 488 else 489 for (p = 0; p < ncp->cfg.urgent.tcp.nports; p++) { 490 if (p) 491 prompt_Printf(arg->prompt, ", "); 492 prompt_Printf(arg->prompt, "%u", ncp->cfg.urgent.tcp.port[p]); 493 } 494 495 prompt_Printf(arg->prompt, "\n UDP: "); 496 if (ncp->cfg.urgent.udp.nports == 0) 497 prompt_Printf(arg->prompt, "none"); 498 else 499 for (p = 0; p < ncp->cfg.urgent.udp.nports; p++) { 500 if (p) 501 prompt_Printf(arg->prompt, ", "); 502 prompt_Printf(arg->prompt, "%u", ncp->cfg.urgent.udp.port[p]); 503 } 504 prompt_Printf(arg->prompt, "\n TOS: %s\n\n", 505 ncp->cfg.urgent.tos ? "yes" : "no"); 506 507 return 0; 508 } 509 510 int 511 ncp_LayersOpen(struct ncp *ncp) 512 { 513 int n; 514 515 n = !!(ncp->ipcp.fsm.state == ST_OPENED); 516 #ifndef NOINET6 517 n += !!(ncp->ipv6cp.fsm.state == ST_OPENED); 518 #endif 519 520 return n; 521 } 522 523 int 524 ncp_LayersUnfinished(struct ncp *ncp) 525 { 526 int n = 0; 527 528 if (ncp->ipcp.fsm.state > ST_CLOSED || 529 ncp->ipcp.fsm.state == ST_STARTING) 530 n++; 531 532 #ifndef NOINET6 533 if (ncp->ipv6cp.fsm.state > ST_CLOSED || 534 ncp->ipv6cp.fsm.state == ST_STARTING) 535 n++; 536 #endif 537 538 return n; 539 } 540 541 void 542 ncp_Close(struct ncp *ncp) 543 { 544 if (ncp->ipcp.fsm.state > ST_CLOSED || 545 ncp->ipcp.fsm.state == ST_STARTING) 546 fsm_Close(&ncp->ipcp.fsm); 547 548 #ifndef NOINET6 549 if (ncp->ipv6cp.fsm.state > ST_CLOSED || 550 ncp->ipv6cp.fsm.state == ST_STARTING) 551 fsm_Close(&ncp->ipv6cp.fsm); 552 #endif 553 } 554 555 void 556 ncp2initial(struct ncp *ncp) 557 { 558 fsm2initial(&ncp->ipcp.fsm); 559 #ifndef NOINET6 560 fsm2initial(&ncp->ipv6cp.fsm); 561 #endif 562 } 563