1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2001 Brian Somers <brian@Awfulhak.org> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * 28 * $FreeBSD$ 29 */ 30 31 #include <sys/param.h> 32 #include <netinet/in_systm.h> 33 #include <netinet/in.h> 34 #include <netinet/ip.h> 35 #include <sys/socket.h> 36 #include <net/route.h> 37 #include <sys/un.h> 38 39 #include <errno.h> 40 #include <resolv.h> 41 #include <stdarg.h> 42 #include <stdlib.h> 43 #include <string.h> 44 #include <termios.h> 45 46 #include "layer.h" 47 #include "defs.h" 48 #include "command.h" 49 #include "mbuf.h" 50 #include "log.h" 51 #include "timer.h" 52 #include "fsm.h" 53 #include "iplist.h" 54 #include "throughput.h" 55 #include "slcompress.h" 56 #include "lqr.h" 57 #include "hdlc.h" 58 #include "lcp.h" 59 #include "ncpaddr.h" 60 #include "ipcp.h" 61 #include "filter.h" 62 #include "descriptor.h" 63 #include "async.h" 64 #include "ccp.h" 65 #include "link.h" 66 #include "physical.h" 67 #include "mp.h" 68 #ifndef NORADIUS 69 #include "radius.h" 70 #endif 71 #include "ipv6cp.h" 72 #include "ncp.h" 73 #include "bundle.h" 74 #include "prompt.h" 75 #include "route.h" 76 #include "iface.h" 77 #include "chat.h" 78 #include "auth.h" 79 #include "chap.h" 80 #include "cbcp.h" 81 #include "datalink.h" 82 83 84 static u_short default_urgent_tcp_ports[] = { 85 21, /* ftp */ 86 22, /* ssh */ 87 23, /* telnet */ 88 513, /* login */ 89 514, /* shell */ 90 543, /* klogin */ 91 544 /* kshell */ 92 }; 93 94 #define NDEFTCPPORTS \ 95 (sizeof default_urgent_tcp_ports / sizeof default_urgent_tcp_ports[0]) 96 97 void 98 ncp_Init(struct ncp *ncp, struct bundle *bundle) 99 { 100 ncp->afq = AF_INET; 101 ncp->route = NULL; 102 103 ncp->cfg.urgent.tcp.port = (u_short *)malloc(NDEFTCPPORTS * sizeof(u_short)); 104 if (ncp->cfg.urgent.tcp.port == NULL) { 105 log_Printf(LogERROR, "ncp_Init: Out of memory allocating urgent ports\n"); 106 ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = 0; 107 } else { 108 ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = NDEFTCPPORTS; 109 memcpy(ncp->cfg.urgent.tcp.port, default_urgent_tcp_ports, 110 NDEFTCPPORTS * sizeof(u_short)); 111 } 112 ncp->cfg.urgent.tos = 1; 113 114 ncp->cfg.urgent.udp.nports = ncp->cfg.urgent.udp.maxports = 0; 115 ncp->cfg.urgent.udp.port = NULL; 116 117 mp_Init(&ncp->mp, bundle); 118 119 /* Send over the first physical link by default */ 120 ipcp_Init(&ncp->ipcp, bundle, &bundle->links->physical->link, 121 &bundle->fsm); 122 #ifndef NOINET6 123 ipv6cp_Init(&ncp->ipv6cp, bundle, &bundle->links->physical->link, 124 &bundle->fsm); 125 #endif 126 } 127 128 void 129 ncp_Destroy(struct ncp *ncp) 130 { 131 ipcp_Destroy(&ncp->ipcp); 132 #ifndef NOINET6 133 ipv6cp_Destroy(&ncp->ipv6cp); 134 #endif 135 136 if (ncp->cfg.urgent.tcp.maxports) { 137 ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = 0; 138 free(ncp->cfg.urgent.tcp.port); 139 ncp->cfg.urgent.tcp.port = NULL; 140 } 141 if (ncp->cfg.urgent.udp.maxports) { 142 ncp->cfg.urgent.udp.nports = ncp->cfg.urgent.udp.maxports = 0; 143 free(ncp->cfg.urgent.udp.port); 144 ncp->cfg.urgent.udp.port = NULL; 145 } 146 } 147 148 int 149 ncp_fsmStart(struct ncp *ncp, 150 #ifdef NOINET6 151 struct bundle *bundle __unused 152 #else 153 struct bundle *bundle 154 #endif 155 ) 156 { 157 int res = 0; 158 159 #ifndef NOINET6 160 if (Enabled(bundle, OPT_IPCP)) { 161 #endif 162 fsm_Up(&ncp->ipcp.fsm); 163 fsm_Open(&ncp->ipcp.fsm); 164 res++; 165 #ifndef NOINET6 166 } 167 168 if (Enabled(bundle, OPT_IPV6CP)) { 169 fsm_Up(&ncp->ipv6cp.fsm); 170 fsm_Open(&ncp->ipv6cp.fsm); 171 res++; 172 } 173 #endif 174 175 return res; 176 } 177 178 void 179 ncp_IfaceAddrAdded(struct ncp *ncp, const struct iface_addr *addr) 180 { 181 switch (ncprange_family(&addr->ifa)) { 182 case AF_INET: 183 ipcp_IfaceAddrAdded(&ncp->ipcp, addr); 184 break; 185 #ifndef NOINET6 186 case AF_INET6: 187 ipv6cp_IfaceAddrAdded(&ncp->ipv6cp, addr); 188 break; 189 #endif 190 } 191 } 192 193 void 194 ncp_IfaceAddrDeleted(struct ncp *ncp, const struct iface_addr *addr) 195 { 196 if (ncprange_family(&addr->ifa) == AF_INET) 197 ipcp_IfaceAddrDeleted(&ncp->ipcp, addr); 198 } 199 200 void 201 ncp_SetLink(struct ncp *ncp, struct link *l) 202 { 203 ipcp_SetLink(&ncp->ipcp, l); 204 #ifndef NOINET6 205 ipv6cp_SetLink(&ncp->ipv6cp, l); 206 #endif 207 } 208 209 /* 210 * Enqueue a packet of the given address family. Nothing will make it 211 * down to the physical link level 'till ncp_FillPhysicalQueues() is used. 212 */ 213 void 214 ncp_Enqueue(struct ncp *ncp, int af, unsigned pri, char *ptr, int count) 215 { 216 #ifndef NOINET6 217 struct ipv6cp *ipv6cp = &ncp->ipv6cp; 218 #endif 219 struct ipcp *ipcp = &ncp->ipcp; 220 struct mbuf *bp; 221 222 /* 223 * We allocate an extra 6 bytes, four at the front and two at the end. 224 * This is an optimisation so that we need to do less work in 225 * m_prepend() in acf_LayerPush() and proto_LayerPush() and 226 * appending in hdlc_LayerPush(). 227 */ 228 229 switch (af) { 230 case AF_INET: 231 if (pri >= IPCP_QUEUES(ipcp)) { 232 log_Printf(LogERROR, "Can't store in ip queue %u\n", pri); 233 break; 234 } 235 236 bp = m_get(count + 6, MB_IPOUT); 237 bp->m_offset += 4; 238 bp->m_len -= 6; 239 memcpy(MBUF_CTOP(bp), ptr, count); 240 m_enqueue(ipcp->Queue + pri, bp); 241 break; 242 243 #ifndef NOINET6 244 case AF_INET6: 245 if (pri >= IPV6CP_QUEUES(ipcp)) { 246 log_Printf(LogERROR, "Can't store in ipv6 queue %u\n", pri); 247 break; 248 } 249 250 bp = m_get(count + 6, MB_IPOUT); 251 bp->m_offset += 4; 252 bp->m_len -= 6; 253 memcpy(MBUF_CTOP(bp), ptr, count); 254 m_enqueue(ipv6cp->Queue + pri, bp); 255 break; 256 #endif 257 258 default: 259 log_Printf(LogERROR, "Can't enqueue protocol family %d\n", af); 260 } 261 } 262 263 /* 264 * How many packets are queued to go out ? 265 */ 266 size_t 267 ncp_QueueLen(struct ncp *ncp) 268 { 269 size_t result; 270 271 result = ipcp_QueueLen(&ncp->ipcp); 272 #ifndef NOINET6 273 result += ipv6cp_QueueLen(&ncp->ipv6cp); 274 #endif 275 result += mp_QueueLen(&ncp->mp); /* Usually empty */ 276 277 return result; 278 } 279 280 /* 281 * Ditch all queued packets. This is usually done after our choked timer 282 * has fired - which happens because we couldn't send any traffic over 283 * any links for some time. 284 */ 285 void 286 ncp_DeleteQueues(struct ncp *ncp) 287 { 288 #ifndef NOINET6 289 struct ipv6cp *ipv6cp = &ncp->ipv6cp; 290 #endif 291 struct ipcp *ipcp = &ncp->ipcp; 292 struct mp *mp = &ncp->mp; 293 struct mqueue *q; 294 295 for (q = ipcp->Queue; q < ipcp->Queue + IPCP_QUEUES(ipcp); q++) 296 while (q->top) 297 m_freem(m_dequeue(q)); 298 299 #ifndef NOINET6 300 for (q = ipv6cp->Queue; q < ipv6cp->Queue + IPV6CP_QUEUES(ipv6cp); q++) 301 while (q->top) 302 m_freem(m_dequeue(q)); 303 #endif 304 305 link_DeleteQueue(&mp->link); /* Usually empty anyway */ 306 } 307 308 /* 309 * Arrange that each of our links has at least one packet. We keep the 310 * number of packets queued at the link level to a minimum so that the 311 * loss of a link in multi-link mode results in the minimum number of 312 * dropped packets. 313 */ 314 size_t 315 ncp_FillPhysicalQueues(struct ncp *ncp, struct bundle *bundle) 316 { 317 size_t total; 318 319 if (bundle->ncp.mp.active) 320 total = mp_FillPhysicalQueues(bundle); 321 else { 322 struct datalink *dl; 323 size_t add; 324 325 for (total = 0, dl = bundle->links; dl; dl = dl->next) 326 if (dl->state == DATALINK_OPEN) { 327 add = link_QueueLen(&dl->physical->link); 328 if (add == 0 && dl->physical->out == NULL) 329 add = ncp_PushPacket(ncp, &ncp->afq, &dl->physical->link); 330 total += add; 331 } 332 } 333 334 return total + ncp_QueueLen(&bundle->ncp); 335 } 336 337 /* 338 * Push a packet into the given link. ``af'' is used as a persistent record 339 * of what is to be pushed next, coming either from mp->out or ncp->afq. 340 */ 341 int 342 ncp_PushPacket(struct ncp *ncp __unused, 343 #ifdef NOINET6 344 int *af __unused, 345 #else 346 int *af, 347 #endif 348 struct link *l) 349 { 350 struct bundle *bundle = l->lcp.fsm.bundle; 351 int res; 352 353 #ifndef NOINET6 354 if (*af == AF_INET) { 355 if ((res = ipcp_PushPacket(&bundle->ncp.ipcp, l))) 356 *af = AF_INET6; 357 else 358 res = ipv6cp_PushPacket(&bundle->ncp.ipv6cp, l); 359 } else { 360 if ((res = ipv6cp_PushPacket(&bundle->ncp.ipv6cp, l))) 361 *af = AF_INET; 362 else 363 res = ipcp_PushPacket(&bundle->ncp.ipcp, l); 364 } 365 #else 366 res = ipcp_PushPacket(&bundle->ncp.ipcp, l); 367 #endif 368 369 return res; 370 } 371 372 int 373 ncp_IsUrgentPort(struct port_range *range, u_short src, u_short dst) 374 { 375 unsigned f; 376 377 for (f = 0; f < range->nports; f++) 378 if (range->port[f] == src || range->port[f] == dst) 379 return 1; 380 381 return 0; 382 } 383 384 void 385 ncp_AddUrgentPort(struct port_range *range, u_short port) 386 { 387 u_short *newport; 388 unsigned p; 389 390 if (range->nports == range->maxports) { 391 range->maxports += 10; 392 newport = (u_short *)realloc(range->port, 393 range->maxports * sizeof(u_short)); 394 if (newport == NULL) { 395 log_Printf(LogERROR, "ncp_AddUrgentPort: realloc: %s\n", 396 strerror(errno)); 397 range->maxports -= 10; 398 return; 399 } 400 range->port = newport; 401 } 402 403 for (p = 0; p < range->nports; p++) 404 if (range->port[p] == port) { 405 log_Printf(LogWARN, "%u: Port already set to urgent\n", port); 406 break; 407 } else if (range->port[p] > port) { 408 memmove(range->port + p + 1, range->port + p, 409 (range->nports - p) * sizeof(u_short)); 410 range->port[p] = port; 411 range->nports++; 412 break; 413 } 414 415 if (p == range->nports) 416 range->port[range->nports++] = port; 417 } 418 419 void 420 ncp_RemoveUrgentPort(struct port_range *range, u_short port) 421 { 422 unsigned p; 423 424 for (p = 0; p < range->nports; p++) 425 if (range->port[p] == port) { 426 if (p + 1 != range->nports) 427 memmove(range->port + p, range->port + p + 1, 428 (range->nports - p - 1) * sizeof(u_short)); 429 range->nports--; 430 return; 431 } 432 433 if (p == range->nports) 434 log_Printf(LogWARN, "%u: Port not set to urgent\n", port); 435 } 436 437 void 438 ncp_ClearUrgentPorts(struct port_range *range) 439 { 440 range->nports = 0; 441 } 442 443 int 444 ncp_Show(struct cmdargs const *arg) 445 { 446 struct ncp *ncp = &arg->bundle->ncp; 447 unsigned p; 448 449 #ifndef NOINET6 450 prompt_Printf(arg->prompt, "Next queued AF: %s\n", 451 ncp->afq == AF_INET6 ? "inet6" : "inet"); 452 #endif 453 454 if (ncp->route) { 455 prompt_Printf(arg->prompt, "\n"); 456 route_ShowSticky(arg->prompt, ncp->route, "Sticky routes", 1); 457 } 458 459 prompt_Printf(arg->prompt, "\nDefaults:\n"); 460 prompt_Printf(arg->prompt, " sendpipe: "); 461 if (ncp->cfg.sendpipe > 0) 462 prompt_Printf(arg->prompt, "%-20ld\n", ncp->cfg.sendpipe); 463 else 464 prompt_Printf(arg->prompt, "unspecified\n"); 465 prompt_Printf(arg->prompt, " recvpipe: "); 466 if (ncp->cfg.recvpipe > 0) 467 prompt_Printf(arg->prompt, "%ld\n", ncp->cfg.recvpipe); 468 else 469 prompt_Printf(arg->prompt, "unspecified\n"); 470 471 prompt_Printf(arg->prompt, "\n Urgent ports\n"); 472 prompt_Printf(arg->prompt, " TCP: "); 473 if (ncp->cfg.urgent.tcp.nports == 0) 474 prompt_Printf(arg->prompt, "none"); 475 else 476 for (p = 0; p < ncp->cfg.urgent.tcp.nports; p++) { 477 if (p) 478 prompt_Printf(arg->prompt, ", "); 479 prompt_Printf(arg->prompt, "%u", ncp->cfg.urgent.tcp.port[p]); 480 } 481 482 prompt_Printf(arg->prompt, "\n UDP: "); 483 if (ncp->cfg.urgent.udp.nports == 0) 484 prompt_Printf(arg->prompt, "none"); 485 else 486 for (p = 0; p < ncp->cfg.urgent.udp.nports; p++) { 487 if (p) 488 prompt_Printf(arg->prompt, ", "); 489 prompt_Printf(arg->prompt, "%u", ncp->cfg.urgent.udp.port[p]); 490 } 491 prompt_Printf(arg->prompt, "\n TOS: %s\n\n", 492 ncp->cfg.urgent.tos ? "yes" : "no"); 493 494 return 0; 495 } 496 497 int 498 ncp_LayersOpen(struct ncp *ncp) 499 { 500 int n; 501 502 n = !!(ncp->ipcp.fsm.state == ST_OPENED); 503 #ifndef NOINET6 504 n += !!(ncp->ipv6cp.fsm.state == ST_OPENED); 505 #endif 506 507 return n; 508 } 509 510 int 511 ncp_LayersUnfinished(struct ncp *ncp) 512 { 513 int n = 0; 514 515 if (ncp->ipcp.fsm.state > ST_CLOSED || 516 ncp->ipcp.fsm.state == ST_STARTING) 517 n++; 518 519 #ifndef NOINET6 520 if (ncp->ipv6cp.fsm.state > ST_CLOSED || 521 ncp->ipv6cp.fsm.state == ST_STARTING) 522 n++; 523 #endif 524 525 return n; 526 } 527 528 void 529 ncp_Close(struct ncp *ncp) 530 { 531 if (ncp->ipcp.fsm.state > ST_CLOSED || 532 ncp->ipcp.fsm.state == ST_STARTING) 533 fsm_Close(&ncp->ipcp.fsm); 534 535 #ifndef NOINET6 536 if (ncp->ipv6cp.fsm.state > ST_CLOSED || 537 ncp->ipv6cp.fsm.state == ST_STARTING) 538 fsm_Close(&ncp->ipv6cp.fsm); 539 #endif 540 } 541 542 void 543 ncp2initial(struct ncp *ncp) 544 { 545 fsm2initial(&ncp->ipcp.fsm); 546 #ifndef NOINET6 547 fsm2initial(&ncp->ipv6cp.fsm); 548 #endif 549 } 550