xref: /freebsd/usr.sbin/ppp/ncp.c (revision ae500c1ff8974130f7f2692772cf288b90349e0d)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2001 Brian Somers <brian@Awfulhak.org>
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  *
28  * $FreeBSD$
29  */
30 
31 #include <sys/param.h>
32 #include <netinet/in_systm.h>
33 #include <netinet/in.h>
34 #include <netinet/ip.h>
35 #include <sys/socket.h>
36 #include <net/route.h>
37 #include <sys/un.h>
38 
39 #include <errno.h>
40 #include <resolv.h>
41 #include <stdarg.h>
42 #include <stdlib.h>
43 #include <string.h>
44 #include <termios.h>
45 
46 #include "layer.h"
47 #include "defs.h"
48 #include "command.h"
49 #include "mbuf.h"
50 #include "log.h"
51 #include "timer.h"
52 #include "fsm.h"
53 #include "iplist.h"
54 #include "throughput.h"
55 #include "slcompress.h"
56 #include "lqr.h"
57 #include "hdlc.h"
58 #include "lcp.h"
59 #include "ncpaddr.h"
60 #include "ipcp.h"
61 #include "filter.h"
62 #include "descriptor.h"
63 #include "async.h"
64 #include "ccp.h"
65 #include "link.h"
66 #include "physical.h"
67 #include "mp.h"
68 #ifndef NORADIUS
69 #include "radius.h"
70 #endif
71 #include "ipv6cp.h"
72 #include "ncp.h"
73 #include "bundle.h"
74 #include "prompt.h"
75 #include "route.h"
76 #include "iface.h"
77 #include "chat.h"
78 #include "auth.h"
79 #include "chap.h"
80 #include "cbcp.h"
81 #include "datalink.h"
82 
83 
84 static u_short default_urgent_tcp_ports[] = {
85   21,	/* ftp */
86   22,	/* ssh */
87   23,	/* telnet */
88   513,	/* login */
89   514,	/* shell */
90   543,	/* klogin */
91   544	/* kshell */
92 };
93 
94 #define NDEFTCPPORTS \
95   (sizeof default_urgent_tcp_ports / sizeof default_urgent_tcp_ports[0])
96 
97 void
98 ncp_Init(struct ncp *ncp, struct bundle *bundle)
99 {
100   ncp->afq = AF_INET;
101   ncp->route = NULL;
102 
103   ncp->cfg.urgent.tcp.port = (u_short *)malloc(NDEFTCPPORTS * sizeof(u_short));
104   if (ncp->cfg.urgent.tcp.port == NULL) {
105     log_Printf(LogERROR, "ncp_Init: Out of memory allocating urgent ports\n");
106     ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = 0;
107   } else {
108     ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = NDEFTCPPORTS;
109     memcpy(ncp->cfg.urgent.tcp.port, default_urgent_tcp_ports,
110 	   NDEFTCPPORTS * sizeof(u_short));
111   }
112   ncp->cfg.urgent.tos = 1;
113 
114   ncp->cfg.urgent.udp.nports = ncp->cfg.urgent.udp.maxports = 0;
115   ncp->cfg.urgent.udp.port = NULL;
116 
117   mp_Init(&ncp->mp, bundle);
118 
119   /* Send over the first physical link by default */
120   ipcp_Init(&ncp->ipcp, bundle, &bundle->links->physical->link,
121             &bundle->fsm);
122 #ifndef NOINET6
123   ipv6cp_Init(&ncp->ipv6cp, bundle, &bundle->links->physical->link,
124               &bundle->fsm);
125 #endif
126 }
127 
128 void
129 ncp_Destroy(struct ncp *ncp)
130 {
131   ipcp_Destroy(&ncp->ipcp);
132 #ifndef NOINET6
133   ipv6cp_Destroy(&ncp->ipv6cp);
134 #endif
135 
136   if (ncp->cfg.urgent.tcp.maxports) {
137     ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = 0;
138     free(ncp->cfg.urgent.tcp.port);
139     ncp->cfg.urgent.tcp.port = NULL;
140   }
141   if (ncp->cfg.urgent.udp.maxports) {
142     ncp->cfg.urgent.udp.nports = ncp->cfg.urgent.udp.maxports = 0;
143     free(ncp->cfg.urgent.udp.port);
144     ncp->cfg.urgent.udp.port = NULL;
145   }
146 }
147 
148 int
149 ncp_fsmStart(struct ncp *ncp,
150 #ifdef NOINET6
151 	     struct bundle *bundle __unused
152 #else
153 	     struct bundle *bundle
154 #endif
155 	     )
156 {
157   int res = 0;
158 
159 #ifndef NOINET6
160   if (Enabled(bundle, OPT_IPCP)) {
161 #endif
162     fsm_Up(&ncp->ipcp.fsm);
163     fsm_Open(&ncp->ipcp.fsm);
164     res++;
165 #ifndef NOINET6
166   }
167 
168   if (Enabled(bundle, OPT_IPV6CP)) {
169     fsm_Up(&ncp->ipv6cp.fsm);
170     fsm_Open(&ncp->ipv6cp.fsm);
171     res++;
172   }
173 #endif
174 
175   return res;
176 }
177 
178 void
179 ncp_IfaceAddrAdded(struct ncp *ncp, const struct iface_addr *addr)
180 {
181   switch (ncprange_family(&addr->ifa)) {
182   case AF_INET:
183     ipcp_IfaceAddrAdded(&ncp->ipcp, addr);
184     break;
185 #ifndef NOINET6
186   case AF_INET6:
187     ipv6cp_IfaceAddrAdded(&ncp->ipv6cp, addr);
188     break;
189 #endif
190   }
191 }
192 
193 void
194 ncp_IfaceAddrDeleted(struct ncp *ncp, const struct iface_addr *addr)
195 {
196   if (ncprange_family(&addr->ifa) == AF_INET)
197     ipcp_IfaceAddrDeleted(&ncp->ipcp, addr);
198 }
199 
200 void
201 ncp_SetLink(struct ncp *ncp, struct link *l)
202 {
203   ipcp_SetLink(&ncp->ipcp, l);
204 #ifndef NOINET6
205   ipv6cp_SetLink(&ncp->ipv6cp, l);
206 #endif
207 }
208 
209 /*
210  * Enqueue a packet of the given address family.  Nothing will make it
211  * down to the physical link level 'till ncp_FillPhysicalQueues() is used.
212  */
213 void
214 ncp_Enqueue(struct ncp *ncp, int af, unsigned pri, char *ptr, int count)
215 {
216 #ifndef NOINET6
217   struct ipv6cp *ipv6cp = &ncp->ipv6cp;
218 #endif
219   struct ipcp *ipcp = &ncp->ipcp;
220   struct mbuf *bp;
221 
222   /*
223    * We allocate an extra 6 bytes, four at the front and two at the end.
224    * This is an optimisation so that we need to do less work in
225    * m_prepend() in acf_LayerPush() and proto_LayerPush() and
226    * appending in hdlc_LayerPush().
227    */
228 
229   switch (af) {
230   case AF_INET:
231     if (pri >= IPCP_QUEUES(ipcp)) {
232       log_Printf(LogERROR, "Can't store in ip queue %u\n", pri);
233       break;
234     }
235 
236     bp = m_get(count + 6, MB_IPOUT);
237     bp->m_offset += 4;
238     bp->m_len -= 6;
239     memcpy(MBUF_CTOP(bp), ptr, count);
240     m_enqueue(ipcp->Queue + pri, bp);
241     break;
242 
243 #ifndef NOINET6
244   case AF_INET6:
245     if (pri >= IPV6CP_QUEUES(ipcp)) {
246       log_Printf(LogERROR, "Can't store in ipv6 queue %u\n", pri);
247       break;
248     }
249 
250     bp = m_get(count + 6, MB_IPOUT);
251     bp->m_offset += 4;
252     bp->m_len -= 6;
253     memcpy(MBUF_CTOP(bp), ptr, count);
254     m_enqueue(ipv6cp->Queue + pri, bp);
255     break;
256 #endif
257 
258   default:
259       log_Printf(LogERROR, "Can't enqueue protocol family %d\n", af);
260   }
261 }
262 
263 /*
264  * How many packets are queued to go out ?
265  */
266 size_t
267 ncp_QueueLen(struct ncp *ncp)
268 {
269   size_t result;
270 
271   result = ipcp_QueueLen(&ncp->ipcp);
272 #ifndef NOINET6
273   result += ipv6cp_QueueLen(&ncp->ipv6cp);
274 #endif
275   result += mp_QueueLen(&ncp->mp);	/* Usually empty */
276 
277   return result;
278 }
279 
280 /*
281  * Ditch all queued packets.  This is usually done after our choked timer
282  * has fired - which happens because we couldn't send any traffic over
283  * any links for some time.
284  */
285 void
286 ncp_DeleteQueues(struct ncp *ncp)
287 {
288 #ifndef NOINET6
289   struct ipv6cp *ipv6cp = &ncp->ipv6cp;
290 #endif
291   struct ipcp *ipcp = &ncp->ipcp;
292   struct mp *mp = &ncp->mp;
293   struct mqueue *q;
294 
295   for (q = ipcp->Queue; q < ipcp->Queue + IPCP_QUEUES(ipcp); q++)
296     while (q->top)
297       m_freem(m_dequeue(q));
298 
299 #ifndef NOINET6
300   for (q = ipv6cp->Queue; q < ipv6cp->Queue + IPV6CP_QUEUES(ipv6cp); q++)
301     while (q->top)
302       m_freem(m_dequeue(q));
303 #endif
304 
305   link_DeleteQueue(&mp->link);	/* Usually empty anyway */
306 }
307 
308 /*
309  * Arrange that each of our links has at least one packet.  We keep the
310  * number of packets queued at the link level to a minimum so that the
311  * loss of a link in multi-link mode results in the minimum number of
312  * dropped packets.
313  */
314 size_t
315 ncp_FillPhysicalQueues(struct ncp *ncp, struct bundle *bundle)
316 {
317   size_t total;
318 
319   if (bundle->ncp.mp.active)
320     total = mp_FillPhysicalQueues(bundle);
321   else {
322     struct datalink *dl;
323     size_t add;
324 
325     for (total = 0, dl = bundle->links; dl; dl = dl->next)
326       if (dl->state == DATALINK_OPEN) {
327         add = link_QueueLen(&dl->physical->link);
328         if (add == 0 && dl->physical->out == NULL)
329           add = ncp_PushPacket(ncp, &ncp->afq, &dl->physical->link);
330         total += add;
331       }
332   }
333 
334   return total + ncp_QueueLen(&bundle->ncp);
335 }
336 
337 /*
338  * Push a packet into the given link.  ``af'' is used as a persistent record
339  * of what is to be pushed next, coming either from mp->out or ncp->afq.
340  */
341 int
342 ncp_PushPacket(struct ncp *ncp __unused,
343 #ifdef NOINET6
344 	       int *af __unused,
345 #else
346 	       int *af,
347 #endif
348 	       struct link *l)
349 {
350   struct bundle *bundle = l->lcp.fsm.bundle;
351   int res;
352 
353 #ifndef NOINET6
354   if (*af == AF_INET) {
355     if ((res = ipcp_PushPacket(&bundle->ncp.ipcp, l)))
356       *af = AF_INET6;
357     else
358       res = ipv6cp_PushPacket(&bundle->ncp.ipv6cp, l);
359   } else {
360     if ((res = ipv6cp_PushPacket(&bundle->ncp.ipv6cp, l)))
361       *af = AF_INET;
362     else
363       res = ipcp_PushPacket(&bundle->ncp.ipcp, l);
364   }
365 #else
366   res = ipcp_PushPacket(&bundle->ncp.ipcp, l);
367 #endif
368 
369   return res;
370 }
371 
372 int
373 ncp_IsUrgentPort(struct port_range *range, u_short src, u_short dst)
374 {
375   unsigned f;
376 
377   for (f = 0; f < range->nports; f++)
378     if (range->port[f] == src || range->port[f] == dst)
379       return 1;
380 
381   return 0;
382 }
383 
384 void
385 ncp_AddUrgentPort(struct port_range *range, u_short port)
386 {
387   u_short *newport;
388   unsigned p;
389 
390   if (range->nports == range->maxports) {
391     range->maxports += 10;
392     newport = (u_short *)realloc(range->port,
393                                  range->maxports * sizeof(u_short));
394     if (newport == NULL) {
395       log_Printf(LogERROR, "ncp_AddUrgentPort: realloc: %s\n",
396                  strerror(errno));
397       range->maxports -= 10;
398       return;
399     }
400     range->port = newport;
401   }
402 
403   for (p = 0; p < range->nports; p++)
404     if (range->port[p] == port) {
405       log_Printf(LogWARN, "%u: Port already set to urgent\n", port);
406       break;
407     } else if (range->port[p] > port) {
408       memmove(range->port + p + 1, range->port + p,
409               (range->nports - p) * sizeof(u_short));
410       range->port[p] = port;
411       range->nports++;
412       break;
413     }
414 
415   if (p == range->nports)
416     range->port[range->nports++] = port;
417 }
418 
419 void
420 ncp_RemoveUrgentPort(struct port_range *range, u_short port)
421 {
422   unsigned p;
423 
424   for (p = 0; p < range->nports; p++)
425     if (range->port[p] == port) {
426       if (p + 1 != range->nports)
427         memmove(range->port + p, range->port + p + 1,
428                 (range->nports - p - 1) * sizeof(u_short));
429       range->nports--;
430       return;
431     }
432 
433   if (p == range->nports)
434     log_Printf(LogWARN, "%u: Port not set to urgent\n", port);
435 }
436 
437 void
438 ncp_ClearUrgentPorts(struct port_range *range)
439 {
440   range->nports = 0;
441 }
442 
443 int
444 ncp_IsUrgentTcpLen(struct ncp *ncp, int len)
445 {
446   if (len < ncp->cfg.urgent.len)
447     return 1;
448   else
449     return 0;
450 }
451 
452 void
453 ncp_SetUrgentTcpLen(struct ncp *ncp, int len)
454 {
455     ncp->cfg.urgent.len = len;
456 }
457 
458 int
459 ncp_Show(struct cmdargs const *arg)
460 {
461   struct ncp *ncp = &arg->bundle->ncp;
462   unsigned p;
463 
464 #ifndef NOINET6
465   prompt_Printf(arg->prompt, "Next queued AF: %s\n",
466                 ncp->afq == AF_INET6 ? "inet6" : "inet");
467 #endif
468 
469   if (ncp->route) {
470     prompt_Printf(arg->prompt, "\n");
471     route_ShowSticky(arg->prompt, ncp->route, "Sticky routes", 1);
472   }
473 
474   prompt_Printf(arg->prompt, "\nDefaults:\n");
475   prompt_Printf(arg->prompt, "  sendpipe:      ");
476   if (ncp->cfg.sendpipe > 0)
477     prompt_Printf(arg->prompt, "%-20ld\n", ncp->cfg.sendpipe);
478   else
479     prompt_Printf(arg->prompt, "unspecified\n");
480   prompt_Printf(arg->prompt, "  recvpipe:      ");
481   if (ncp->cfg.recvpipe > 0)
482     prompt_Printf(arg->prompt, "%ld\n", ncp->cfg.recvpipe);
483   else
484     prompt_Printf(arg->prompt, "unspecified\n");
485 
486   prompt_Printf(arg->prompt, "\n  Urgent ports\n");
487   prompt_Printf(arg->prompt, "         TCP:    ");
488   if (ncp->cfg.urgent.tcp.nports == 0)
489     prompt_Printf(arg->prompt, "none");
490   else
491     for (p = 0; p < ncp->cfg.urgent.tcp.nports; p++) {
492       if (p)
493         prompt_Printf(arg->prompt, ", ");
494       prompt_Printf(arg->prompt, "%u", ncp->cfg.urgent.tcp.port[p]);
495     }
496 
497   prompt_Printf(arg->prompt, "\n         UDP:    ");
498   if (ncp->cfg.urgent.udp.nports == 0)
499     prompt_Printf(arg->prompt, "none");
500   else
501     for (p = 0; p < ncp->cfg.urgent.udp.nports; p++) {
502       if (p)
503         prompt_Printf(arg->prompt, ", ");
504       prompt_Printf(arg->prompt, "%u", ncp->cfg.urgent.udp.port[p]);
505     }
506   prompt_Printf(arg->prompt, "\n         TOS:    %s\n\n",
507                 ncp->cfg.urgent.tos ? "yes" : "no");
508 
509   return 0;
510 }
511 
512 int
513 ncp_LayersOpen(struct ncp *ncp)
514 {
515   int n;
516 
517   n = !!(ncp->ipcp.fsm.state == ST_OPENED);
518 #ifndef NOINET6
519   n += !!(ncp->ipv6cp.fsm.state == ST_OPENED);
520 #endif
521 
522   return n;
523 }
524 
525 int
526 ncp_LayersUnfinished(struct ncp *ncp)
527 {
528   int n = 0;
529 
530   if (ncp->ipcp.fsm.state > ST_CLOSED ||
531       ncp->ipcp.fsm.state == ST_STARTING)
532     n++;
533 
534 #ifndef NOINET6
535   if (ncp->ipv6cp.fsm.state > ST_CLOSED ||
536       ncp->ipv6cp.fsm.state == ST_STARTING)
537     n++;
538 #endif
539 
540   return n;
541 }
542 
543 void
544 ncp_Close(struct ncp *ncp)
545 {
546   if (ncp->ipcp.fsm.state > ST_CLOSED ||
547       ncp->ipcp.fsm.state == ST_STARTING)
548     fsm_Close(&ncp->ipcp.fsm);
549 
550 #ifndef NOINET6
551   if (ncp->ipv6cp.fsm.state > ST_CLOSED ||
552       ncp->ipv6cp.fsm.state == ST_STARTING)
553     fsm_Close(&ncp->ipv6cp.fsm);
554 #endif
555 }
556 
557 void
558 ncp2initial(struct ncp *ncp)
559 {
560   fsm2initial(&ncp->ipcp.fsm);
561 #ifndef NOINET6
562   fsm2initial(&ncp->ipv6cp.fsm);
563 #endif
564 }
565