1 /* $OpenBSD: ppp.h,v 1.25 2024/07/01 07:09:07 yasuoka Exp $ */ 2 3 /*- 4 * Copyright (c) 2009 Internet Initiative Japan Inc. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 #ifndef _NPPPD_H 29 #define _NPPPD_H 1 30 31 #define PPP_HDRLEN 4 32 #define PPP_ALLSTATIONS 0xff 33 #define PPP_UI 0x03 34 35 #define PPP_PROTO_IP 0x0021 36 #define PPP_PROTO_MPPE 0x00FD 37 38 #define PPP_PROTO_LCP 0xC021 39 #define PPP_PROTO_PAP 0xC023 40 #define PPP_PROTO_LQR 0xC025 41 #define PPP_PROTO_CHAP 0xC223 42 #define PPP_PROTO_EAP 0xC227 43 #define PPP_PROTO_NCP 0x8000 44 #define NCP_CCP 0xfd 45 #define NCP_IPCP 0x21 46 #define NCP_IPV6CP 0x57 47 #define PPP_PROTO_ACSP 0x8235 /* Apple Client Server Protocol 48 Control */ 49 50 #define PPP_LCP_MRU 1 /* Maximum-Receive-Unit */ 51 #define PPP_LCP_ACCM 2 /* Async-Control-Character-Map*/ 52 #define PPP_LCP_AUTH_PROTOCOL 3 /* Authentication-Protcol */ 53 #define PPP_LCP_QUALITY_PROTOCOL 4 /* Quality-Control */ 54 #define PPP_LCP_MAGICNUMBER 5 /* Magic-Number */ 55 #define PPP_LCP_PFC 7 /* Protocol Field Compression */ 56 #define PPP_LCP_ACFC 8 /* Address-and-Control-Field- 57 Compression */ 58 59 #define DEFAULT_MRU 1400 60 #define NPPPD_MIN_MRU 500 61 62 #define PPP_AUTH_PAP 0xc023 /* Password Authentication Protocol */ 63 #define PPP_AUTH_CHAP 0xc223 /* Challenge Handshake Authentication Protocol*/ 64 #define PPP_AUTH_EAP 0xc227 /* Extensible Authentication Protocol */ 65 66 /* EAP Type */ 67 #define PPP_AUTH_EAP_ANY 0x00 68 #define PPP_AUTH_EAP_IDENTITY 0x01 69 #define PPP_AUTH_EAP_NOTIFICATION 0x02 70 #define PPP_AUTH_EAP_NAK 0x03 71 #define PPP_AUTH_EAP_MD5_CHALLENGE 0x04 72 #define PPP_AUTH_EAP_OTP 0x05 73 #define PPP_AUTH_EAP_GTC 0x06 74 #define PPP_AUTH_EAP_TLS 0x0d 75 #define PPP_AUTH_EAP_EXPANDED_TYPES 0xFE 76 #define PPP_AUTH_EAP_EXPERIMENTAL_USE 0xFF 77 78 /* Chap Algorithms */ 79 #define PPP_AUTH_CHAP_MD5 0x05 /* MD5 */ 80 #define PPP_AUTH_CHAP_MS 0x80 /* MS-CHAP */ 81 #define PPP_AUTH_CHAP_MS_V2 0x81 /* MS-CHAP-V2 */ 82 83 #define MAX_USERNAME_LENGTH 256 84 #define MAX_PASSWORD_LENGTH 256 85 #define MAX_CHALLENGE_LENGTH 96 86 87 #define INADDR_IPCP_OBEY_REMOTE_REQ 0x00000000L 88 89 #define MPPE_KEYLEN 16 /* 128bit */ 90 #define CCP_MPPE 0x12 91 #define CCP_MPPC_ALONE 0x00000001 /* See RFC 2118, Hi/fn */ 92 #define CCP_MPPE_LM_40bit 0x00000010 /* obsolute */ 93 #define CCP_MPPE_NT_40bit 0x00000020 94 #define CCP_MPPE_NT_128bit 0x00000040 95 #define CCP_MPPE_NT_56bit 0x00000080 96 #define CCP_MPPE_STATELESS 0x01000000 /* Packet-by-packet encryption */ 97 #define CCP_MPPE_KEYLENMASK 0x00000FF0 98 #define CCP_MPPE_HEADER_LEN 4 /* mppe header + protocol */ 99 100 #define INADDR_USER_SELECT (htonl(0xFFFFFFFFL)) 101 #define INADDR_NAS_SELECT (htonl(0xFFFFFFFEL)) 102 103 /** Default LCP ECHO interval (sec) */ 104 #define DEFAULT_LCP_ECHO_INTERVAL 300 105 106 /** Default LCP ECHO retry interval (sec) */ 107 #define DEFAULT_LCP_ECHO_RETRY_INTERVAL 60 108 109 /** Default LCP ECHO number of retry */ 110 #define DEFAULT_LCP_ECHO_MAX_RETRIES 3 111 112 /** MRU includes MPPE/CCP header (XXX delete this) */ 113 /* #define MRU_INCLUDES_MPPE_CCP */ 114 115 /** Length for phone number */ 116 #define NPPPD_PHONE_NUMBER_LEN 32 117 118 /** PPP Disconnect Codes based on RFC 3145 */ 119 typedef enum _npppd_ppp_disconnect_code { 120 /* 121 * 3.1. Global Errors 122 */ 123 /** No information available. */ 124 PPP_DISCON_NO_INFORMATION = 0, 125 126 /** Administrative disconnect. */ 127 PPP_DISCON_ADMINITRATIVE = 1, 128 129 /** 130 * Link Control Protocol (LCP) renegotiation at LNS disabled; LNS 131 * expects proxy LCP information, LAC did not send it. 132 */ 133 PPP_DISCON_LCP_RENEGOTIATION_DISABLED = 2, 134 135 /** Normal Disconnection, LCP Terminate-Request sent. */ 136 PPP_DISCON_NORMAL = 3, 137 138 /* 139 * 3.2. LCP Errors 140 */ 141 /** 142 * Compulsory encryption required by a PPP peer was refused by the 143 * other. 144 */ 145 PPP_DISCON_COMPULSORY_ENCRYPTION_REQUIRED = 4, 146 147 /** FSM (Finite State Machine) Timeout error. (PPP event "TO-".) */ 148 PPP_DISCON_LCP_FSM_TIMEOUT = 5, 149 150 /** No recognizable LCP packets were received. */ 151 PPP_DISCON_RECOGNIZABLE_LCP = 6, 152 153 /** LCP failure: Magic Number error; link possibly looped back. */ 154 PPP_DISCON_LCP_MAGIC_NUMBER_ERROR = 7, 155 156 /** LCP link failure: Echo Request timeout. */ 157 PPP_DISCON_LCP_TIMEOUT = 8, 158 159 /** 160 * Peer has unexpected Endpoint-Discriminator for existing 161 * Multilink PPP (MP) bundle. 162 */ 163 PPP_DISCON_LCP_UNEXPECTED_ENDPOINT_DISC = 9, 164 165 /** Peer has unexpected MRRU for existing MP bundle. */ 166 PPP_DISCON_LCP_UNEXPECTED_MRRU = 10, 167 168 /** 169 * Peer has unexpected Short-Sequence-Number option for existing 170 * MP bundle. 171 */ 172 PPP_DISCON_LCP_UNEXPECTED_SHORT_SEQNUM = 11, 173 174 /** 175 * Compulsory call-back required by a PPP peer was refused by the 176 * other. 177 */ 178 PPP_DISCON_LCP_COMPULSORY_CALL_BACK_REQUIRED = 12, 179 180 /* 181 * 3.3. Authentication Errors 182 */ 183 /** FSM Timeout error. */ 184 PPP_DISCON_AUTH_FSM_TIMEOUT = 13, 185 186 /** Peer has unexpected authenticated name for existing MP bundle. */ 187 PPP_DISCON_AUTH_UNEXPECTED_AUTH_NAME = 14, 188 189 /** 190 * PPP authentication failure: Authentication protocol 191 * unacceptable. 192 */ 193 PPP_DISCON_AUTH_PROTOCOL_UNACCEPTABLE= 15, 194 195 /** 196 * PPP authentication failure: Authentication failed (bad name, 197 * password, or secret). 198 */ 199 PPP_DISCON_AUTH_FAILED = 16, 200 201 /* 202 * 3.4. Network Control Protocol (NCP) Errors 203 */ 204 /** FSM Timeout error. */ 205 PPP_DISCON_NCP_FSM_TIMEOUT = 17, 206 207 /** 208 * No NCPs available (all disabled or rejected); no NCPs went to 209 * Opened state. (Control Protocol Number may be zero only if 210 * neither peer has enabled NCPs.) 211 */ 212 PPP_DISCON_NCP_NO_NCP_AVAILABLE = 18, 213 214 /** NCP failure: failed to converge on acceptable addresses. */ 215 PPP_DISCON_NCP_NO_ACCEPTABLE_ADDRESS= 19, 216 217 /** NCP failure: user not permitted to use any addresses. */ 218 PPP_DISCON_NCP_NO_PERMITTED_ADDRESS = 20 219 } npppd_ppp_disconnect_code; 220 221 typedef struct _npppd_ppp npppd_ppp; 222 223 #include "fsm.h" 224 225 #ifdef USE_NPPPD_RADIUS 226 #include <radius.h> 227 #include <radius_req.h> 228 #endif 229 230 /** Type for LCP */ 231 typedef struct _lcp { 232 fsm fsm; 233 /** LCP options */ 234 struct _opt { 235 uint8_t mru; 236 uint8_t pfc; 237 uint8_t acfc; 238 uint8_t pap; 239 uint8_t chap; 240 uint8_t chapms; 241 uint8_t chapms_v2; 242 uint8_t eap; 243 } opt; 244 /** Authentication method of the last Configure-Request */ 245 uint32_t lastauth; 246 /** Magic number */ 247 uint32_t magic_number; 248 249 /** Peer's magic number */ 250 uint32_t peer_magic_number; 251 252 /** context for event(3) */ 253 struct evtimer_wrap timerctx; 254 255 /** echo internval (sec) */ 256 int echo_interval; 257 258 /** echo max retries */ 259 int echo_max_retries; 260 261 /** wait to echo repy (sec) */ 262 int echo_retry_interval; 263 264 /** failure count of echo */ 265 int echo_failures; 266 267 /* for NAT/Blackhole detection */ 268 /** received LCP requests */ 269 int8_t recv_reqs; 270 /** received LCP responses */ 271 int8_t recv_ress; 272 273 /* 274 * XXX 275 */ 276 uint32_t xxxmru; 277 278 /** order of authentication methods */ 279 int auth_order[16]; 280 281 uint32_t /** doing dialin proxy */ 282 dialin_proxy:1, 283 /** do lcp renegotiation? */ 284 dialin_proxy_lcp_renegotiation:1; 285 } lcp; 286 287 /** Type for CHAP */ 288 typedef struct _chap { 289 npppd_ppp *ppp; 290 /** context for event(3) */ 291 struct evtimer_wrap timerctx; 292 uint32_t state; 293 char myname[80]; 294 /** challenge */ 295 u_char name[MAX_USERNAME_LENGTH]; 296 u_char chall[MAX_CHALLENGE_LENGTH]; 297 int lchall; /* length of challenge */ 298 u_char pktid; /* PPP Packet Id */ 299 u_char challid; /* Id of challenge */ 300 int type; /* chap type */ 301 int ntry; 302 u_char authenticator[16]; 303 #ifdef USE_NPPPD_RADIUS 304 RADIUS_REQUEST_CTX radctx; 305 #endif 306 } chap; 307 308 /** Type for PAP */ 309 typedef struct _pap { 310 npppd_ppp *ppp; 311 uint32_t state; 312 u_char name[MAX_USERNAME_LENGTH]; 313 int auth_id; 314 #ifdef USE_NPPPD_RADIUS 315 RADIUS_REQUEST_CTX radctx; 316 #endif 317 } pap; 318 319 /** Type for EAP */ 320 #ifdef USE_NPPPD_EAP_RADIUS 321 #define PPP_EAP_FLAG_NAK_RESPONSE 0x01 322 typedef struct _eap { 323 npppd_ppp *ppp; 324 struct evtimer_wrap timerctx; 325 uint32_t state; 326 u_char eapid; 327 int ntry; 328 u_char name[MAX_USERNAME_LENGTH]; 329 u_char authenticator[16]; 330 /* FIXME */ 331 #define RADIUS_ATTR_STATE_LEN 100 332 int name_len; 333 u_char attr_state[RADIUS_ATTR_STATE_LEN]; 334 u_char attr_state_len; 335 unsigned int session_timeout; 336 /* 337 * nak response 0x01 338 */ 339 u_char flags; 340 RADIUS_REQUEST_CTX radctx; 341 } eap; 342 #endif 343 344 /** Type for CCP */ 345 typedef struct _ccp { 346 npppd_ppp *ppp; 347 fsm fsm; 348 349 uint32_t mppe_o_bits; 350 uint32_t mppe_p_bits; 351 uint mppe_rej; 352 } ccp; 353 354 /** Type for IPCP */ 355 typedef struct _ipcp { 356 fsm fsm; 357 npppd_ppp *ppp; 358 359 struct in_addr ip4_our; 360 361 struct in_addr dns_pri; 362 struct in_addr dns_sec; 363 struct in_addr nbns_pri; 364 struct in_addr nbns_sec; 365 } ipcp; 366 367 /** Function pointer to delegate packet send/recv */ 368 typedef int (*npppd_iofunc) ( 369 npppd_ppp *ppp, 370 unsigned char *bytes, 371 int nbytes, 372 int flags 373 ); 374 375 /** Flag indicates the original packet was encrypted by MPPE */ 376 #define PPP_IO_FLAGS_MPPE_ENCRYPTED 0x0001 377 /** Flag indicates the original packet was delayed */ 378 #define PPP_IO_FLAGS_DELAYED 0x0002 379 380 typedef void (*npppd_voidfunc) ( 381 npppd_ppp *ppp 382 ); 383 384 #ifdef USE_NPPPD_MPPE 385 386 #define MPPE_NOLDKEY 64 387 388 typedef struct _mppe_rc4 { 389 void *rc4ctx; 390 391 uint8_t stateless; 392 uint8_t resetreq; 393 394 /** session key length */ 395 uint8_t keylen; 396 /** key length in bits */ 397 uint8_t keybits; 398 399 /** Cohrency Counter */ 400 uint16_t coher_cnt; 401 402 uint8_t master_key[MPPE_KEYLEN]; 403 uint8_t session_key[MPPE_KEYLEN]; 404 uint8_t (*old_session_keys)[MPPE_KEYLEN]; 405 } mppe_rc4_t; 406 407 /** Type for MPPE */ 408 typedef struct _mppe { 409 npppd_ppp *ppp; 410 uint8_t master_key[MPPE_KEYLEN]; 411 412 uint16_t pkt_cnt; 413 414 /* 415 * configuration parameters. 416 */ 417 uint16_t /* if 0 no MPPE */ 418 enabled :1, 419 /* if 1 don't forward packet without MPPE */ 420 required :1, 421 mode_auto :1, 422 mode_stateless :1, 423 reserved :12; 424 uint16_t keylenbits; 425 426 mppe_rc4_t send, recv; 427 } mppe; 428 #endif 429 430 /** Type for phone number. Can be to use as a struct sockaddr. */ 431 typedef struct _npppd_phone_number { 432 #define NPPPD_AF_PHONE_NUMBER (AF_MAX + 0) 433 /** total length */ 434 uint8_t pn_len; 435 /** address family. this must be NPPPD_AF_PHONE_NUMBER */ 436 sa_family_t pn_family; 437 /** phone number */ 438 char pn_number[NPPPD_PHONE_NUMBER_LEN + 1]; 439 } npppd_phone_number; 440 441 /** Type for PPP */ 442 struct _npppd_ppp { 443 npppd *pppd; 444 u_int id; /** Ppp Id */ 445 /* Input and output */ 446 uint8_t *outpacket_buf; /** buffer space for output */ 447 npppd_iofunc send_packet; /** send to physical layer */ 448 npppd_iofunc recv_packet; /** recv from physical layer */ 449 450 /** event context for idle-timer's timer */ 451 struct event idle_event; 452 /** idle-timer value (sec) */ 453 int timeout_sec; 454 455 /** Physical layer */ 456 int tunnel_type; /** PPP Tunnel Type */ 457 uint16_t tunnel_session_id; /** Tunnel Session Id */ 458 uint16_t mru; /** MRU */ 459 uint16_t peer_mru; /** Peer's MRU */ 460 void *phy_context; /** Context of physical layer */ 461 char phy_label[16]; /** Label for physical layer */ 462 union { 463 struct sockaddr_in peer_in4; /** {L2TP,PPTP}/IPv4 */ 464 struct sockaddr_in6 peer_in6; /** {L2TP,PPTP}/IPv6 */ 465 #if defined(USE_NPPPD_PPPOE) 466 struct sockaddr_dl peer_dl; /** PPPoE */ 467 #endif 468 npppd_phone_number peer_pn; /** DialIn */ 469 } phy_info; /** Info of physical layer */ 470 char calling_number[NPPPD_PHONE_NUMBER_LEN + 1]; 471 npppd_voidfunc phy_close; /** close line */ 472 /* 473 * phy_close() will be called by any cases disconnecting. ppp will be 474 * freed just after phy_close() is called. Don't touch the ppp after 475 * then. 476 */ 477 478 /** authentication realm */ 479 void *realm; 480 481 /* protocols */ 482 lcp lcp; /** lcp */ 483 chap chap; /** chap */ 484 pap pap; /** pap */ 485 #ifdef USE_NPPPD_EAP_RADIUS 486 eap eap; /** eap */ 487 #endif 488 ccp ccp; /** ccp */ 489 ipcp ipcp; /** ipcp */ 490 491 char username[MAX_USERNAME_LENGTH]; /** Remote username */ 492 int ifidx; /** interface index */ 493 494 /** Proxy Authen Response */ 495 u_char *proxy_authen_resp; 496 /** Length of 'Proxy Authen Response' */ 497 int lproxy_authen_resp; 498 499 /** 500 * Authentication methods that requires to the peer. 501 * <pre> 502 * PAP 0xC023 503 * EAP 0xC227 504 * CHAP 0x0005 505 * MSCHAP 0x0080 506 * MSCHAPv2 0x0081 507 * </pre> 508 */ 509 uint16_t peer_auth; 510 511 #ifdef USE_NPPPD_MPPE 512 uint8_t mppe_started; 513 mppe mppe; 514 #endif 515 /** Assigning/Assigned IP Address */ 516 struct sockaddr_npppd snp; 517 #define ppp_framed_ip_address snp.snp_addr 518 #define ppp_framed_ip_netmask snp.snp_mask 519 #define ppp_ip_assigned(p) (p->ppp_framed_ip_address.s_addr != 0) 520 521 /** Address pool used by IP asssignment */ 522 void *assigned_pool; 523 524 /** Framed-IP-Address for Accounting */ 525 struct in_addr acct_framed_ip_address; 526 527 struct in_addr realm_framed_ip_address; 528 struct in_addr realm_framed_ip_netmask; 529 530 uint8_t /** data link have the Address and Control Field? */ 531 has_acf:1, 532 /** adjust TCP MSS to smaller than the MRU? */ 533 adjust_mss:1, 534 /** authentication once */ 535 auth_runonce:1, 536 /** use pipex? */ 537 use_pipex:1, 538 /** pipex is started? (even if it is not available) */ 539 pipex_started:1, 540 /** pipex is enabled? */ 541 pipex_enabled:1, 542 /** ingress filter */ 543 ingress_filter:1, 544 reserved:2; 545 uint8_t /** IP address is assigned from dynamic address pool */ 546 assign_dynapool:1, 547 /** assigned IP address is enabled? */ 548 assigned_ip4_enabled:1, 549 assigned_ip4_rcvd:6; 550 551 uint8_t /** dump input packet? */ 552 log_dump_in:1, 553 /** dump output packet? */ 554 log_dump_out:1, 555 log_rcvd:6; 556 557 uint8_t /** "receiving naked IP packet" is logged already? */ 558 logged_naked_ip:1, 559 /** "accounting start" is logged already? */ 560 logged_acct_start:1, 561 /** 562 * "receiving packet without address field" is logged 563 * already? 564 */ 565 logged_no_address:1, 566 logged_rcvd:5; 567 568 /* 569 * Statistical information 570 */ 571 /** Start time */ 572 time_t start_time; 573 /** Start time (in monotime) */ 574 time_t start_monotime; 575 /** End time (in monotime) */ 576 time_t end_monotime; 577 /** Number of input packets */ 578 uint32_t ipackets; 579 /** Number of output packets */ 580 uint32_t opackets; 581 /** Number of input error packets */ 582 uint32_t ierrors; 583 /** Number of output error packets */ 584 uint32_t oerrors; 585 /** Number of input packet bytes */ 586 uint64_t ibytes; 587 /** Number of output packet bytes */ 588 uint64_t obytes; 589 590 /** RADIUS Accounting (RFC2866) Terminate Cause */ 591 int terminate_cause; 592 593 /* 594 * Disconnect cause information for RFC3145 595 */ 596 /** disconnect code */ 597 npppd_ppp_disconnect_code disconnect_code; 598 /** disconnect control protocol */ 599 int16_t disconnect_proto; 600 /** disconnect direction */ 601 int8_t disconnect_direction; 602 /** disconnect message */ 603 const char *disconnect_message; 604 605 /** back pointer to ipcpsstats */ 606 struct ipcpstat *ipcpstat; 607 LIST_ENTRY(_npppd_ppp) ipcpstat_entry; 608 }; 609 610 /** proxied dialin */ 611 typedef struct _dialin_proxy_info { 612 /** Proxied LCP */ 613 struct proxy_lcp { 614 /** Length of the data */ 615 int ldata; 616 /** LCP data */ 617 u_char data[256]; 618 } /** the last sent LCP */ last_sent_lcp, 619 /** the last received LCP */ last_recv_lcp; 620 621 /** ID of authentication packet */ 622 int auth_id; 623 /** authen type. use same value on npppd_ppp#peer_auth. */ 624 uint32_t auth_type; 625 /** Username */ 626 char username[MAX_USERNAME_LENGTH]; 627 /** Authentication challenage */ 628 u_char auth_chall[MAX_CHALLENGE_LENGTH]; 629 /** Authentication challenge length */ 630 int lauth_chall; 631 /** Authentication response */ 632 u_char auth_resp[MAX_PASSWORD_LENGTH]; 633 /** Authentication response length */ 634 int lauth_resp; 635 636 } dialin_proxy_info; 637 638 #define DIALIN_PROXY_IS_REQUESTED(dpi) \ 639 (((dpi)->last_sent_lcp.ldata > 0)? 1 : 0) 640 641 /** MPPE must be negotiated */ 642 #define MPPE_MUST_NEGO(ppp) \ 643 (((ppp)->mppe.enabled != 0) && \ 644 (((ppp)->peer_auth == PPP_AUTH_CHAP_MS_V2) || \ 645 ((ppp)->peer_auth == PPP_AUTH_EAP))) 646 647 /** MPPE is required */ 648 #define MPPE_IS_REQUIRED(ppp) \ 649 (((ppp)->mppe.enabled != 0) && ((ppp)->mppe.required != 0)) 650 651 /** MPPE is ready to use */ 652 #define MPPE_SEND_READY(ppp) \ 653 ((ppp)->mppe_started != 0 && (ppp)->mppe.send.keybits > 0) 654 #define MPPE_RECV_READY(ppp) \ 655 ((ppp)->mppe_started != 0 && (ppp)->mppe.recv.keybits > 0) 656 657 658 /* Adapted from NetBSD:/usr/src/usr.sbin/pppd/pppd/pppd.h */ 659 /* 660 * Inline versions of get/put char/short/long. 661 * Pointer is advanced; we assume that both arguments 662 * are lvalues and will already be in registers. 663 * cp MUST be u_char *. 664 */ 665 #define GETCHAR(c, cp) { \ 666 (c) = *(cp)++; \ 667 } 668 #define PUTCHAR(c, cp) { \ 669 *(cp)++ = (u_char) (c); \ 670 } 671 672 #define GETSHORT(s, cp) { \ 673 (s) = *(cp)++ << 8; \ 674 (s) |= *(cp)++; \ 675 } 676 #define PUTSHORT(s, cp) { \ 677 *(cp)++ = (u_char) ((s) >> 8); \ 678 *(cp)++ = (u_char) (s); \ 679 } 680 681 #define GETLONG(l, cp) { \ 682 (l) = *(cp)++ << 8; \ 683 (l) |= *(cp)++; (l) <<= 8; \ 684 (l) |= *(cp)++; (l) <<= 8; \ 685 (l) |= *(cp)++; \ 686 } 687 #define PUTLONG(l, cp) { \ 688 *(cp)++ = (u_char) ((l) >> 24); \ 689 *(cp)++ = (u_char) ((l) >> 16); \ 690 *(cp)++ = (u_char) ((l) >> 8); \ 691 *(cp)++ = (u_char) (l); \ 692 } 693 #define BCOPY(s, d, l) memcpy(d, s, l) 694 #define BZERO(s, n) memset(s, 0, n) 695 696 #ifndef countof 697 #define countof(x) (sizeof(x) / sizeof((x)[0])) 698 #endif 699 700 /* 701 * MAKEHEADER - Add Header fields to a packet. 702 */ 703 #define MAKEHEADER(p, t) { \ 704 PUTCHAR(PPP_ALLSTATIONS, p); \ 705 PUTCHAR(PPP_UI, p); \ 706 PUTSHORT(t, p); } 707 708 /* adapted from FreeBSD:/usr/include/sys/cdefs */ 709 #ifndef __printflike 710 #define __printflike(fmtarg, firstvararg) \ 711 __attribute__((__format__ (__printf__, fmtarg, firstvararg))) 712 #endif 713 714 /* 715 * Does MRU cover MPPE/CCP header? 716 * 717 * RFC 1331: 718 * The Maximum-Receive-Unit covers only the Data Link Layer Information 719 * field. It does not include the header, padding, FCS, nor any 720 * transparency bits or bytes. 721 * 722 * On Windows XP: 723 * Comparing the MRU indicated by Windows and TCP MSS indicated by the 724 * same Windows, Windows uses MRU minus 40 octets as a TCP MSS value 725 * simply. So a TCP/IP packet that has max segment size with MPPE 726 * requires MRU + 4 octets. If the packet without MPPE requires just MRU 727 * octets. 728 * 729 * If MRU doesn't cover MPPE/CCP header, we need to avoid sending MRU + 4 730 * octets packet. 731 */ 732 #if !defined(USE_NPPPD_MPPE) 733 /* Do nothing if we don't do MPPE */ 734 #define MRU_IPMTU(mru) (mru) 735 #define MRU_PKTLEN(mru, proto) (mru) 736 #else 737 #ifdef MRU_INCLUDES_MPPE_CCP 738 /* MRU covers MPPE/CCP header */ 739 #define MRU_IPMTU(mru) ((mru) - CCP_MPPE_HEADER_LEN) 740 #define MRU_PKTLEN(mru, proto) (mru) 741 #else 742 /* MRU doesn't cover MPPE/CCP header */ 743 #define MRU_IPMTU(mru) (mru) 744 #define MRU_PKTLEN(mru, proto) (((proto) == PPP_PROTO_MPPE) \ 745 ? (mru) + CCP_MPPE_HEADER_LEN : (mru)) 746 #endif 747 #endif 748 749 #define PPP_FSM_CONFIG(_fsm, _memb, _val) \ 750 do { \ 751 (_fsm)->_memb = ((_val) == 0) \ 752 ? (_fsm)->_memb : (_val); \ 753 } while (0 /* CONSTCOND */) 754 755 756 #ifdef __cplusplus 757 extern "C" { 758 #endif 759 760 761 npppd_ppp *ppp_create (void); 762 int ppp_init (npppd *, npppd_ppp *); 763 void ppp_start (npppd_ppp *); 764 int ppp_dialin_proxy_prepare (npppd_ppp *, dialin_proxy_info *); 765 void ppp_stop (npppd_ppp *, const char *); 766 void ppp_set_disconnect_cause (npppd_ppp *, npppd_ppp_disconnect_code, int, int, const char *); 767 void ppp_set_radius_terminate_cause(npppd_ppp *, int); 768 769 void ppp_destroy (void *); 770 void ppp_lcp_up (npppd_ppp *); 771 void ppp_lcp_finished (npppd_ppp *); 772 void ppp_phy_downed (npppd_ppp *); 773 void ppp_auth_ok (npppd_ppp *); 774 void ppp_ipcp_opened (npppd_ppp *); 775 void ppp_ccp_opened (npppd_ppp *); 776 void ppp_ccp_stopped (npppd_ppp *); 777 void ppp_output (npppd_ppp *, uint16_t, u_char, u_char, u_char *, int); 778 u_char *ppp_packetbuf (npppd_ppp *, int); 779 int ppp_log (npppd_ppp *, int, const char *, ...) __printflike(3,4); 780 void ppp_reset_idle_timeout(npppd_ppp *); 781 #ifdef USE_NPPPD_RADIUS 782 void ppp_process_radius_attrs (npppd_ppp *, RADIUS_PACKET *); 783 int ppp_set_radius_attrs_for_authreq (npppd_ppp *, radius_req_setting *, RADIUS_PACKET *); 784 #endif 785 struct tunnconf *ppp_get_tunnconf(npppd_ppp *); 786 787 void ccp_init (ccp *, npppd_ppp *); 788 void ipcp_init (ipcp *, npppd_ppp *); 789 790 void lcp_init (lcp *, npppd_ppp *); 791 void lcp_lowerup (lcp *); 792 void lcp_send_protrej(lcp *, u_char *, int ); 793 int lcp_dialin_proxy(lcp *, dialin_proxy_info *, int, int); 794 795 void pap_init (pap *, npppd_ppp *); 796 int pap_start (pap *); 797 int pap_stop (pap *); 798 int pap_input (pap *, u_char *, int); 799 int pap_proxy_authen_prepare (pap *, dialin_proxy_info *); 800 801 void chap_init (chap *, npppd_ppp *); 802 void chap_stop (chap *); 803 void chap_start (chap *); 804 void chap_input (chap *, u_char *, int); 805 int chap_proxy_authen_prepare (chap *, dialin_proxy_info *); 806 807 #ifdef USE_NPPPD_EAP_RADIUS 808 void eap_init(eap *, npppd_ppp *); 809 void eap_stop(eap *); 810 void eap_start(eap *); 811 void eap_input(eap *, u_char *, int); 812 #endif 813 814 #ifdef USE_NPPPD_MPPE 815 void mppe_init (mppe *, npppd_ppp *); 816 void mppe_fini (mppe *); 817 void mppe_start (mppe *); 818 uint32_t mppe_create_our_bits (mppe *, uint32_t); 819 void mppe_input (mppe *, u_char *, int); 820 void mppe_recv_ccp_reset (mppe *); 821 void mppe_pkt_output (mppe *, uint16_t, u_char *, int); 822 #endif 823 824 825 #ifdef __cplusplus 826 } 827 #endif 828 #endif 829