1 /* $OpenBSD: npppd.h,v 1.21 2024/07/11 14:05:59 yasuoka Exp $ */ 2 3 /*- 4 * Copyright (c) 2009 Internet Initiative Japan Inc. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 #ifndef NPPPD_H 29 #define NPPPD_H 1 30 31 32 #include <sys/queue.h> 33 #include <sys/socket.h> 34 #include <stdbool.h> 35 #include <net/if.h> 36 #include <net/if_dl.h> 37 #include <netinet/in.h> 38 #include <event.h> 39 #include <limits.h> 40 41 #include "addr_range.h" 42 43 #include "l2tp_conf.h" 44 #include "pptp_conf.h" 45 #include "pppoe_conf.h" 46 #include "slist.h" 47 48 #define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) 49 #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) 50 51 #define NPPPD_USER "_ppp" 52 #define NPPPD_GENERIC_NAME_LEN 32 53 54 /** Constants of tunnel type */ 55 #define NPPPD_TUNNEL_NONE 0 /** None Tunnel Type */ 56 #define NPPPD_TUNNEL_L2TP 1 /** L2TP Tunnel Type */ 57 #define NPPPD_TUNNEL_PPTP 2 /** PPTP Tunnel Type */ 58 #define NPPPD_TUNNEL_PPPOE 3 /** PPPoE Tunnel Type */ 59 #define NPPPD_TUNNEL_SSTP 4 /** SSTP Tunnel Type */ 60 61 #define npppd_pipex_proto(_tunnel) \ 62 (((_tunnel) == NPPPD_TUNNEL_L2TP)? PIPEX_PROTO_L2TP : \ 63 ((_tunnel) == NPPPD_TUNNEL_PPTP)? PIPEX_PROTO_PPTP : \ 64 ((_tunnel) == NPPPD_TUNNEL_PPPOE)? PIPEX_PROTO_PPPOE : -1) 65 66 #define NPPPD_AUTH_METHODS_PAP 0x0001 67 #define NPPPD_AUTH_METHODS_CHAP 0x0002 68 #define NPPPD_AUTH_METHODS_MSCHAPV2 0x0004 69 70 #define NPPPD_MPPE_DISABLED 0x0000 71 #define NPPPD_MPPE_ENABLED 0x0001 72 #define NPPPD_MPPE_REQUIRED 0x0002 73 74 #define NPPPD_MPPE_40BIT 0x0001 75 #define NPPPD_MPPE_56BIT 0x0002 76 #define NPPPD_MPPE_128BIT 0x0004 77 78 #define NPPPD_MPPE_STATEFUL 0x0001 79 #define NPPPD_MPPE_STATELESS 0x0002 80 81 #define NPPPD_PROTO_BIT_IP 0x0001 82 #define NPPPD_PROTO_BIT_LCP 0x0002 83 #define NPPPD_PROTO_BIT_PAP 0x0004 84 #define NPPPD_PROTO_BIT_CHAP 0x0008 85 #define NPPPD_PROTO_BIT_EAP 0x0010 86 #define NPPPD_PROTO_BIT_MPPE 0x0020 87 #define NPPPD_PROTO_BIT_CCP 0x0040 88 #define NPPPD_PROTO_BIT_IPCP 0x0080 89 90 #define NPPPD_CALLNUM_CHECK_NONE 0 91 #define NPPPD_CALLNUM_CHECK_STRICT 1 92 #define NPPPD_CALLNUM_CHECK_LOOSE 2 93 94 struct tunnconf { 95 TAILQ_ENTRY(tunnconf) entry; 96 const char *name; 97 int protocol; 98 99 union { 100 struct l2tp_conf l2tp; 101 struct pptp_conf pptp; 102 struct pppoe_conf pppoe; 103 } proto; 104 105 int lcp_timeout; 106 int lcp_max_configure; 107 int lcp_max_terminate; 108 int lcp_max_nak_loop; 109 int mru; 110 bool lcp_keepalive; 111 int lcp_keepalive_interval; 112 int lcp_keepalive_retry_interval; 113 int lcp_keepalive_max_retries; 114 115 u_int auth_methods; 116 117 int ipcp_timeout; 118 int ipcp_max_configure; 119 int ipcp_max_terminate; 120 int ipcp_max_nak_loop; 121 int ccp_timeout; 122 int ccp_max_configure; 123 int ccp_max_terminate; 124 int ccp_max_nak_loop; 125 char *chap_name; 126 127 bool mppe_yesno; 128 bool mppe_required; 129 u_int mppe_keylen; 130 u_int mppe_keystate; 131 132 int idle_timeout; 133 bool tcp_mss_adjust; 134 bool ingress_filter; 135 int callnum_check; 136 137 bool pipex; 138 139 u_int debug_dump_pktin; 140 u_int debug_dump_pktout; 141 }; 142 143 struct radserver { 144 TAILQ_ENTRY(radserver) entry; 145 struct sockaddr_storage address; 146 char *secret; 147 }; 148 149 struct radconf { 150 TAILQ_HEAD(radservers, radserver) servers; 151 int timeout; 152 int max_tries; 153 int max_failovers; 154 }; 155 156 struct authconf { 157 TAILQ_ENTRY(authconf) entry; 158 char name[NPPPD_GENERIC_NAME_LEN]; 159 int auth_type; 160 char *username_suffix; 161 bool eap_capable; 162 bool strip_nt_domain; 163 bool strip_atmark_realm; 164 char users_file_path[PATH_MAX]; 165 int user_max_session; 166 union { 167 struct { 168 struct radconf auth; 169 struct radconf acct; 170 } radius; 171 } data; 172 }; 173 174 struct radclientconf { 175 union { 176 struct sockaddr_in sin4; 177 struct sockaddr_in6 sin6; 178 } addr; 179 TAILQ_ENTRY(radclientconf) entry; 180 char secret[]; 181 }; 182 TAILQ_HEAD(radclientconfs,radclientconf); 183 184 struct radlistenconf { 185 union { 186 struct sockaddr_in sin4; 187 struct sockaddr_in6 sin6; 188 } addr; 189 TAILQ_ENTRY(radlistenconf) entry; 190 }; 191 TAILQ_HEAD(radlistenconfs,radlistenconf); 192 193 struct ipcpconf { 194 TAILQ_ENTRY(ipcpconf) entry; 195 char name[NPPPD_GENERIC_NAME_LEN]; 196 bool dns_use_resolver; 197 bool dns_configured; 198 struct in_addr dns_servers[2]; 199 bool nbns_configured; 200 struct in_addr nbns_servers[2]; 201 bool allow_user_select; 202 struct in_addr_range *dynamic_pool; 203 struct in_addr_range *static_pool; 204 int max_session; 205 }; 206 207 struct iface { 208 TAILQ_ENTRY(iface) entry; 209 char name[IFNAMSIZ]; 210 struct in_addr ip4addr; 211 struct ipcpconf *ipcpconf; 212 bool is_pppx; 213 }; 214 215 struct confbind { 216 TAILQ_ENTRY(confbind) entry; 217 struct tunnconf *tunnconf; 218 struct authconf *authconf; 219 struct iface *iface; 220 }; 221 222 struct npppd_conf { 223 int max_session; 224 int user_max_session; 225 TAILQ_HEAD(tunnconfs, tunnconf) tunnconfs; 226 TAILQ_HEAD(authconfs, authconf) authconfs; 227 TAILQ_HEAD(ipcpconfs, ipcpconf) ipcpconfs; 228 TAILQ_HEAD(ifaces, iface) ifaces; 229 TAILQ_HEAD(confbinds, confbind) confbinds; 230 struct radclientconfs raddaeclientconfs; 231 struct radlistenconfs raddaelistenconfs; 232 char nas_id[NPPPD_GENERIC_NAME_LEN]; 233 struct l2tp_confs l2tp_confs; 234 struct pptp_confs pptp_confs; 235 struct pppoe_confs pppoe_confs; 236 }; 237 238 /** sockaddr_npppd */ 239 struct sockaddr_npppd { 240 struct sockaddr_in sin4; 241 struct sockaddr_in sin4mask; 242 #define snp_len sin4.sin_len 243 #define snp_family sin4.sin_family 244 #define snp_addr sin4.sin_addr 245 int snp_type; /* SNP_POOL or SNP_PPP */ 246 #define snp_mask sin4mask.sin_addr 247 /** next entry */ 248 struct sockaddr_npppd *snp_next; 249 /** contents of entry */ 250 void *snp_data_ptr; 251 }; 252 #define SNP_POOL 1 253 #define SNP_DYN_POOL 2 254 #define SNP_PPP 3 255 256 struct ipcpstat { 257 LIST_ENTRY(ipcpstat) entry; 258 char name[NPPPD_GENERIC_NAME_LEN]; 259 int nsession; 260 LIST_HEAD(, _npppd_ppp) ppp; 261 }; 262 LIST_HEAD(ipcpstat_head, ipcpstat); 263 264 typedef struct _npppd npppd; 265 266 #include "ppp.h" 267 268 #include <imsg.h> 269 270 struct imsgev { 271 struct imsgbuf ibuf; 272 void (*handler)(int, short, void *); 273 struct event ev; 274 void *data; 275 short events; 276 }; 277 278 struct ctl_conn { 279 TAILQ_ENTRY(ctl_conn) entry; 280 struct control_sock *parent; 281 u_int8_t flags; 282 #define CTL_CONN_NOTIFY 0x01 283 #define CTL_CONN_LOCKED 0x02 /* restricted mode */ 284 struct imsgev iev; 285 void *ctx; 286 }; 287 288 TAILQ_HEAD(ctl_conn_list, ctl_conn); 289 extern struct ctl_conn_list ctl_conns; 290 291 __BEGIN_DECLS 292 npppd *npppd_get_npppd(void); 293 int npppd_init(npppd *, const char *); 294 void npppd_start(npppd *); 295 void npppd_stop(npppd *); 296 void npppd_fini(npppd *); 297 int npppd_reset_routing_table(npppd *, int); 298 int npppd_get_user_password(npppd *, npppd_ppp *, const char *, 299 char *, int *); 300 struct in_addr *npppd_get_user_framed_ip_address(npppd *, npppd_ppp *, 301 const char *); 302 int npppd_check_calling_number(npppd *, npppd_ppp *); 303 npppd_ppp *npppd_get_ppp_by_ip(npppd *, struct in_addr); 304 npppd_ppp *npppd_get_ppp_by_id(npppd *, u_int); 305 slist *npppd_get_ppp_by_user(npppd *, const char *); 306 int npppd_check_user_max_session(npppd *, npppd_ppp *); 307 void npppd_network_output(npppd *, npppd_ppp *, int, u_char *, int); 308 int npppd_ppp_pipex_enable(npppd *, npppd_ppp *); 309 int npppd_ppp_pipex_disable(npppd *, npppd_ppp *); 310 int npppd_prepare_ip(npppd *, npppd_ppp *); 311 void npppd_release_ip(npppd *, npppd_ppp *); 312 void npppd_set_ip_enabled(npppd *, npppd_ppp *, int); 313 int npppd_assign_ip_addr(npppd *, npppd_ppp *, uint32_t); 314 int npppd_set_radish(npppd *, void *); 315 int npppd_ppp_bind_realm(npppd *, npppd_ppp *, const char *, int); 316 int npppd_ppp_is_realm_local(npppd *, npppd_ppp *); 317 int npppd_ppp_is_realm_radius(npppd *, npppd_ppp *); 318 int npppd_ppp_is_realm_ready(npppd *, npppd_ppp *); 319 const char *npppd_ppp_get_realm_name(npppd *, npppd_ppp *); 320 const char *npppd_ppp_get_iface_name(npppd *, npppd_ppp *); 321 int npppd_ppp_iface_is_ready(npppd *, npppd_ppp *); 322 int npppd_ppp_bind_iface(npppd *, npppd_ppp *); 323 void npppd_ppp_unbind_iface(npppd *, npppd_ppp *); 324 void *npppd_get_radius_auth_setting(npppd *, npppd_ppp *); 325 int sockaddr_npppd_match(void *, void *); 326 const char *npppd_ppp_get_username_for_auth(npppd *, npppd_ppp *, 327 const char *, char *); 328 const char *npppd_ppp_tunnel_protocol_name(npppd *, npppd_ppp *); 329 const char *npppd_tunnel_protocol_name(int); 330 struct tunnconf *npppd_get_tunnconf(npppd *, const char *); 331 int npppd_reload_config(npppd *); 332 int npppd_modules_reload(npppd *); 333 int npppd_ifaces_load_config(npppd *); 334 335 int npppd_conf_parse(struct npppd_conf *, const char *); 336 void npppd_conf_init(struct npppd_conf *); 337 void npppd_conf_fini(struct npppd_conf *); 338 int npppd_config_check(const char *); 339 void npppd_on_ppp_start(npppd *, npppd_ppp *); 340 void npppd_on_ppp_stop(npppd *, npppd_ppp *); 341 void imsg_event_add(struct imsgev *); 342 343 int control_init(struct control_sock *); 344 int control_listen(struct control_sock *); 345 void control_cleanup(struct control_sock *); 346 struct npppd_ctl 347 *npppd_ctl_create(npppd *); 348 void npppd_ctl_destroy(struct npppd_ctl *); 349 int npppd_ctl_who(struct npppd_ctl *); 350 int npppd_ctl_monitor(struct npppd_ctl *); 351 int npppd_ctl_who_and_monitor(struct npppd_ctl *); 352 int npppd_ctl_add_started_ppp_id(struct npppd_ctl *, uint32_t); 353 int npppd_ctl_add_stopped_ppp(struct npppd_ctl *, npppd_ppp *); 354 int npppd_ctl_imsg_compose(struct npppd_ctl *, struct imsgbuf *); 355 int npppd_ctl_disconnect(struct npppd_ctl *, u_int *, int); 356 357 __END_DECLS 358 359 #endif 360