1 /*- 2 * Copyright (c) 2001 Brian Somers <brian@Awfulhak.org> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $FreeBSD$ 27 */ 28 29 #include <sys/param.h> 30 #include <netinet/in_systm.h> 31 #include <netinet/in.h> 32 #include <netinet/ip.h> 33 #include <arpa/inet.h> 34 #include <sys/socket.h> 35 #include <net/if.h> 36 #include <net/route.h> 37 #include <netdb.h> 38 #include <sys/un.h> 39 40 #include <errno.h> 41 #include <fcntl.h> 42 #include <resolv.h> 43 #include <stdlib.h> 44 #include <string.h> 45 #include <sys/stat.h> 46 #include <termios.h> 47 #include <unistd.h> 48 49 #include "layer.h" 50 #include "ua.h" 51 #include "defs.h" 52 #include "command.h" 53 #include "mbuf.h" 54 #include "log.h" 55 #include "timer.h" 56 #include "fsm.h" 57 #include "proto.h" 58 #include "iplist.h" 59 #include "throughput.h" 60 #include "slcompress.h" 61 #include "lqr.h" 62 #include "hdlc.h" 63 #include "lcp.h" 64 #include "ncpaddr.h" 65 #include "ip.h" 66 #include "ipcp.h" 67 #include "filter.h" 68 #include "descriptor.h" 69 #include "vjcomp.h" 70 #include "async.h" 71 #include "ccp.h" 72 #include "link.h" 73 #include "physical.h" 74 #include "mp.h" 75 #ifndef NORADIUS 76 #include "radius.h" 77 #endif 78 #include "ipv6cp.h" 79 #include "ncp.h" 80 #include "bundle.h" 81 #include "id.h" 82 #include "arp.h" 83 #include "systems.h" 84 #include "prompt.h" 85 #include "route.h" 86 #include "iface.h" 87 #include "chat.h" 88 #include "auth.h" 89 #include "chap.h" 90 #include "pap.h" 91 #include "cbcp.h" 92 #include "datalink.h" 93 94 95 static u_short default_urgent_tcp_ports[] = { 96 21, /* ftp */ 97 22, /* ssh */ 98 23, /* telnet */ 99 513, /* login */ 100 514, /* shell */ 101 543, /* klogin */ 102 544 /* kshell */ 103 }; 104 105 static u_short default_urgent_udp_ports[] = { }; 106 107 #define NDEFTCPPORTS \ 108 (sizeof default_urgent_tcp_ports / sizeof default_urgent_tcp_ports[0]) 109 #define NDEFUDPPORTS \ 110 (sizeof default_urgent_udp_ports / sizeof default_urgent_udp_ports[0]) 111 112 void 113 ncp_Init(struct ncp *ncp, struct bundle *bundle) 114 { 115 ncp->afq = AF_INET; 116 ncp->route = NULL; 117 118 ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = NDEFTCPPORTS; 119 ncp->cfg.urgent.tcp.port = (u_short *)malloc(NDEFTCPPORTS * sizeof(u_short)); 120 memcpy(ncp->cfg.urgent.tcp.port, default_urgent_tcp_ports, 121 NDEFTCPPORTS * sizeof(u_short)); 122 ncp->cfg.urgent.tos = 1; 123 124 ncp->cfg.urgent.udp.nports = ncp->cfg.urgent.udp.maxports = NDEFUDPPORTS; 125 ncp->cfg.urgent.udp.port = (u_short *)malloc(NDEFUDPPORTS * sizeof(u_short)); 126 memcpy(ncp->cfg.urgent.udp.port, default_urgent_udp_ports, 127 NDEFUDPPORTS * sizeof(u_short)); 128 129 130 mp_Init(&ncp->mp, bundle); 131 132 /* Send over the first physical link by default */ 133 ipcp_Init(&ncp->ipcp, bundle, &bundle->links->physical->link, 134 &bundle->fsm); 135 #ifndef NOINET6 136 ipv6cp_Init(&ncp->ipv6cp, bundle, &bundle->links->physical->link, 137 &bundle->fsm); 138 #endif 139 } 140 141 void 142 ncp_Destroy(struct ncp *ncp) 143 { 144 ipcp_Destroy(&ncp->ipcp); 145 #ifndef NOINET6 146 ipv6cp_Destroy(&ncp->ipv6cp); 147 #endif 148 149 if (ncp->cfg.urgent.tcp.maxports) { 150 ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = 0; 151 free(ncp->cfg.urgent.tcp.port); 152 ncp->cfg.urgent.tcp.port = NULL; 153 } 154 if (ncp->cfg.urgent.udp.maxports) { 155 ncp->cfg.urgent.udp.nports = ncp->cfg.urgent.udp.maxports = 0; 156 free(ncp->cfg.urgent.udp.port); 157 ncp->cfg.urgent.udp.port = NULL; 158 } 159 } 160 161 int 162 ncp_fsmStart(struct ncp *ncp, struct bundle *bundle) 163 { 164 int res = 0; 165 166 #ifndef NOINET6 167 if (Enabled(bundle, OPT_IPCP)) { 168 #endif 169 fsm_Up(&ncp->ipcp.fsm); 170 fsm_Open(&ncp->ipcp.fsm); 171 res++; 172 #ifndef NOINET6 173 } 174 175 if (Enabled(bundle, OPT_IPV6CP)) { 176 fsm_Up(&ncp->ipv6cp.fsm); 177 fsm_Open(&ncp->ipv6cp.fsm); 178 res++; 179 } 180 #endif 181 182 return res; 183 } 184 185 void 186 ncp_IfaceAddrAdded(struct ncp *ncp, const struct iface_addr *addr) 187 { 188 switch (ncprange_family(&addr->ifa)) { 189 case AF_INET: 190 ipcp_IfaceAddrAdded(&ncp->ipcp, addr); 191 break; 192 #ifndef NOINET6 193 case AF_INET6: 194 ipv6cp_IfaceAddrAdded(&ncp->ipv6cp, addr); 195 break; 196 #endif 197 } 198 } 199 200 void 201 ncp_IfaceAddrDeleted(struct ncp *ncp, const struct iface_addr *addr) 202 { 203 if (ncprange_family(&addr->ifa) == AF_INET) 204 ipcp_IfaceAddrDeleted(&ncp->ipcp, addr); 205 } 206 207 void 208 ncp_SetLink(struct ncp *ncp, struct link *l) 209 { 210 ipcp_SetLink(&ncp->ipcp, l); 211 #ifndef NOINET6 212 ipv6cp_SetLink(&ncp->ipv6cp, l); 213 #endif 214 } 215 216 /* 217 * Enqueue a packet of the given address family. Nothing will make it 218 * down to the physical link level 'till ncp_FillPhysicalQueues() is used. 219 */ 220 void 221 ncp_Enqueue(struct ncp *ncp, int af, int pri, char *ptr, int count) 222 { 223 #ifndef NOINET6 224 struct ipv6cp *ipv6cp = &ncp->ipv6cp; 225 #endif 226 struct ipcp *ipcp = &ncp->ipcp; 227 struct mbuf *bp; 228 229 /* 230 * We allocate an extra 6 bytes, four at the front and two at the end. 231 * This is an optimisation so that we need to do less work in 232 * m_prepend() in acf_LayerPush() and proto_LayerPush() and 233 * appending in hdlc_LayerPush(). 234 */ 235 236 switch (af) { 237 case AF_INET: 238 if (pri < 0 || pri >= IPCP_QUEUES(ipcp)) { 239 log_Printf(LogERROR, "Can't store in ip queue %d\n", pri); 240 break; 241 } 242 243 bp = m_get(count + 6, MB_IPOUT); 244 bp->m_offset += 4; 245 bp->m_len -= 6; 246 memcpy(MBUF_CTOP(bp), ptr, count); 247 m_enqueue(ipcp->Queue + pri, bp); 248 break; 249 250 #ifndef NOINET6 251 case AF_INET6: 252 if (pri < 0 || pri >= IPV6CP_QUEUES(ipcp)) { 253 log_Printf(LogERROR, "Can't store in ipv6 queue %d\n", pri); 254 break; 255 } 256 257 bp = m_get(count + 6, MB_IPOUT); 258 bp->m_offset += 4; 259 bp->m_len -= 6; 260 memcpy(MBUF_CTOP(bp), ptr, count); 261 m_enqueue(ipv6cp->Queue + pri, bp); 262 break; 263 #endif 264 265 default: 266 log_Printf(LogERROR, "Can't enqueue protocol family %d\n", af); 267 } 268 } 269 270 /* 271 * How many packets are queued to go out ? 272 */ 273 size_t 274 ncp_QueueLen(struct ncp *ncp) 275 { 276 size_t result; 277 278 result = ipcp_QueueLen(&ncp->ipcp); 279 #ifndef NOINET6 280 result += ipv6cp_QueueLen(&ncp->ipv6cp); 281 #endif 282 result += mp_QueueLen(&ncp->mp); /* Usually empty */ 283 284 return result; 285 } 286 287 /* 288 * Ditch all queued packets. This is usually done after our choked timer 289 * has fired - which happens because we couldn't send any traffic over 290 * any links for some time. 291 */ 292 void 293 ncp_DeleteQueues(struct ncp *ncp) 294 { 295 #ifndef NOINET6 296 struct ipv6cp *ipv6cp = &ncp->ipv6cp; 297 #endif 298 struct ipcp *ipcp = &ncp->ipcp; 299 struct mp *mp = &ncp->mp; 300 struct mqueue *q; 301 302 for (q = ipcp->Queue; q < ipcp->Queue + IPCP_QUEUES(ipcp); q++) 303 while (q->top) 304 m_freem(m_dequeue(q)); 305 306 #ifndef NOINET6 307 for (q = ipv6cp->Queue; q < ipv6cp->Queue + IPV6CP_QUEUES(ipv6cp); q++) 308 while (q->top) 309 m_freem(m_dequeue(q)); 310 #endif 311 312 link_DeleteQueue(&mp->link); /* Usually empty anyway */ 313 } 314 315 /* 316 * Arrange that each of our links has at least one packet. We keep the 317 * number of packets queued at the link level to a minimum so that the 318 * loss of a link in multi-link mode results in the minimum number of 319 * dropped packets. 320 */ 321 size_t 322 ncp_FillPhysicalQueues(struct ncp *ncp, struct bundle *bundle) 323 { 324 size_t total; 325 326 if (bundle->ncp.mp.active) 327 total = mp_FillPhysicalQueues(bundle); 328 else { 329 struct datalink *dl; 330 size_t add; 331 332 for (total = 0, dl = bundle->links; dl; dl = dl->next) 333 if (dl->state == DATALINK_OPEN) { 334 add = link_QueueLen(&dl->physical->link); 335 if (add == 0 && dl->physical->out == NULL) 336 add = ncp_PushPacket(ncp, &ncp->afq, &dl->physical->link); 337 total += add; 338 } 339 } 340 341 return total + ncp_QueueLen(&bundle->ncp); 342 } 343 344 /* 345 * Push a packet into the given link. ``af'' is used as a persistent record 346 * of what is to be pushed next, coming either from mp->out or ncp->afq. 347 */ 348 int 349 ncp_PushPacket(struct ncp *ncp, int *af, struct link *l) 350 { 351 struct bundle *bundle = l->lcp.fsm.bundle; 352 int res; 353 354 #ifndef NOINET6 355 if (*af == AF_INET) { 356 if ((res = ipcp_PushPacket(&bundle->ncp.ipcp, l))) 357 *af = AF_INET6; 358 else 359 res = ipv6cp_PushPacket(&bundle->ncp.ipv6cp, l); 360 } else { 361 if ((res = ipv6cp_PushPacket(&bundle->ncp.ipv6cp, l))) 362 *af = AF_INET; 363 else 364 res = ipcp_PushPacket(&bundle->ncp.ipcp, l); 365 } 366 #else 367 res = ipcp_PushPacket(&bundle->ncp.ipcp, l); 368 #endif 369 370 return res; 371 } 372 373 int 374 ncp_IsUrgentPort(struct port_range *range, u_short src, u_short dst) 375 { 376 int f; 377 378 for (f = 0; f < range->nports; f++) 379 if (range->port[f] == src || range->port[f] == dst) 380 return 1; 381 382 return 0; 383 } 384 385 void 386 ncp_AddUrgentPort(struct port_range *range, u_short port) 387 { 388 u_short *newport; 389 int p; 390 391 if (range->nports == range->maxports) { 392 range->maxports += 10; 393 newport = (u_short *)realloc(range->port, 394 range->maxports * sizeof(u_short)); 395 if (newport == NULL) { 396 log_Printf(LogERROR, "ncp_AddUrgentPort: realloc: %s\n", 397 strerror(errno)); 398 range->maxports -= 10; 399 return; 400 } 401 range->port = newport; 402 } 403 404 for (p = 0; p < range->nports; p++) 405 if (range->port[p] == port) { 406 log_Printf(LogWARN, "%u: Port already set to urgent\n", port); 407 break; 408 } else if (range->port[p] > port) { 409 memmove(range->port + p + 1, range->port + p, 410 (range->nports - p) * sizeof(u_short)); 411 range->port[p] = port; 412 range->nports++; 413 break; 414 } 415 416 if (p == range->nports) 417 range->port[range->nports++] = port; 418 } 419 420 void 421 ncp_RemoveUrgentPort(struct port_range *range, u_short port) 422 { 423 int p; 424 425 for (p = 0; p < range->nports; p++) 426 if (range->port[p] == port) { 427 if (p != range->nports - 1) 428 memmove(range->port + p, range->port + p + 1, 429 (range->nports - p - 1) * sizeof(u_short)); 430 range->nports--; 431 return; 432 } 433 434 if (p == range->nports) 435 log_Printf(LogWARN, "%u: Port not set to urgent\n", port); 436 } 437 438 void 439 ncp_ClearUrgentPorts(struct port_range *range) 440 { 441 range->nports = 0; 442 } 443 444 int 445 ncp_Show(struct cmdargs const *arg) 446 { 447 struct ncp *ncp = &arg->bundle->ncp; 448 int p; 449 450 #ifndef NOINET6 451 prompt_Printf(arg->prompt, "Next queued AF: %s\n", 452 ncp->afq == AF_INET6 ? "inet6" : "inet"); 453 #endif 454 455 if (ncp->route) { 456 prompt_Printf(arg->prompt, "\n"); 457 route_ShowSticky(arg->prompt, ncp->route, "Sticky routes", 1); 458 } 459 460 prompt_Printf(arg->prompt, "\nDefaults:\n"); 461 prompt_Printf(arg->prompt, " sendpipe: "); 462 if (ncp->cfg.sendpipe > 0) 463 prompt_Printf(arg->prompt, "%-20ld\n", ncp->cfg.sendpipe); 464 else 465 prompt_Printf(arg->prompt, "unspecified\n"); 466 prompt_Printf(arg->prompt, " recvpipe: "); 467 if (ncp->cfg.recvpipe > 0) 468 prompt_Printf(arg->prompt, "%ld\n", ncp->cfg.recvpipe); 469 else 470 prompt_Printf(arg->prompt, "unspecified\n"); 471 472 prompt_Printf(arg->prompt, "\n Urgent ports\n"); 473 prompt_Printf(arg->prompt, " TCP: "); 474 if (ncp->cfg.urgent.tcp.nports == 0) 475 prompt_Printf(arg->prompt, "none"); 476 else 477 for (p = 0; p < ncp->cfg.urgent.tcp.nports; p++) { 478 if (p) 479 prompt_Printf(arg->prompt, ", "); 480 prompt_Printf(arg->prompt, "%u", ncp->cfg.urgent.tcp.port[p]); 481 } 482 483 prompt_Printf(arg->prompt, "\n UDP: "); 484 if (ncp->cfg.urgent.udp.nports == 0) 485 prompt_Printf(arg->prompt, "none"); 486 else 487 for (p = 0; p < ncp->cfg.urgent.udp.nports; p++) { 488 if (p) 489 prompt_Printf(arg->prompt, ", "); 490 prompt_Printf(arg->prompt, "%u", ncp->cfg.urgent.udp.port[p]); 491 } 492 prompt_Printf(arg->prompt, "\n TOS: %s\n\n", 493 ncp->cfg.urgent.tos ? "yes" : "no"); 494 495 return 0; 496 } 497 498 int 499 ncp_LayersOpen(struct ncp *ncp) 500 { 501 int n; 502 503 n = !!(ncp->ipcp.fsm.state == ST_OPENED); 504 #ifndef NOINET6 505 n += !!(ncp->ipv6cp.fsm.state == ST_OPENED); 506 #endif 507 508 return n; 509 } 510 511 int 512 ncp_LayersUnfinished(struct ncp *ncp) 513 { 514 int n = 0; 515 516 if (ncp->ipcp.fsm.state > ST_CLOSED || 517 ncp->ipcp.fsm.state == ST_STARTING) 518 n++; 519 520 #ifndef NOINET6 521 if (ncp->ipv6cp.fsm.state > ST_CLOSED || 522 ncp->ipv6cp.fsm.state == ST_STARTING) 523 n++; 524 #endif 525 526 return n; 527 } 528 529 void 530 ncp_Close(struct ncp *ncp) 531 { 532 if (ncp->ipcp.fsm.state > ST_CLOSED || 533 ncp->ipcp.fsm.state == ST_STARTING) 534 fsm_Close(&ncp->ipcp.fsm); 535 536 #ifndef NOINET6 537 if (ncp->ipv6cp.fsm.state > ST_CLOSED || 538 ncp->ipv6cp.fsm.state == ST_STARTING) 539 fsm_Close(&ncp->ipv6cp.fsm); 540 #endif 541 } 542 543 void 544 ncp2initial(struct ncp *ncp) 545 { 546 fsm2initial(&ncp->ipcp.fsm); 547 #ifndef NOINET6 548 fsm2initial(&ncp->ipv6cp.fsm); 549 #endif 550 } 551