1*7a7bab9dSyasuoka /* $OpenBSD: l2tp_ctrl.c,v 1.9 2012/05/08 13:15:11 yasuoka Exp $ */ 2e109dc18Syasuoka 30fbf3537Syasuoka /*- 40fbf3537Syasuoka * Copyright (c) 2009 Internet Initiative Japan Inc. 50fbf3537Syasuoka * All rights reserved. 60fbf3537Syasuoka * 70fbf3537Syasuoka * Redistribution and use in source and binary forms, with or without 80fbf3537Syasuoka * modification, are permitted provided that the following conditions 90fbf3537Syasuoka * are met: 100fbf3537Syasuoka * 1. Redistributions of source code must retain the above copyright 110fbf3537Syasuoka * notice, this list of conditions and the following disclaimer. 120fbf3537Syasuoka * 2. Redistributions in binary form must reproduce the above copyright 130fbf3537Syasuoka * notice, this list of conditions and the following disclaimer in the 140fbf3537Syasuoka * documentation and/or other materials provided with the distribution. 150fbf3537Syasuoka * 160fbf3537Syasuoka * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 170fbf3537Syasuoka * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 180fbf3537Syasuoka * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 190fbf3537Syasuoka * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 200fbf3537Syasuoka * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 210fbf3537Syasuoka * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 220fbf3537Syasuoka * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 230fbf3537Syasuoka * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 240fbf3537Syasuoka * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 250fbf3537Syasuoka * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 260fbf3537Syasuoka * SUCH DAMAGE. 270fbf3537Syasuoka */ 28f0a4e295Syasuoka /**@file Control connection processing functions for L2TP LNS */ 29*7a7bab9dSyasuoka /* $Id: l2tp_ctrl.c,v 1.9 2012/05/08 13:15:11 yasuoka Exp $ */ 300fbf3537Syasuoka #include <sys/types.h> 310fbf3537Syasuoka #include <sys/param.h> 320fbf3537Syasuoka #include <sys/time.h> 330fbf3537Syasuoka #include <sys/socket.h> 340fbf3537Syasuoka #include <sys/endian.h> 350fbf3537Syasuoka #include <netinet/in.h> 360fbf3537Syasuoka #include <net/if.h> 370fbf3537Syasuoka #include <arpa/inet.h> 380fbf3537Syasuoka #include <stdlib.h> 390fbf3537Syasuoka #include <syslog.h> 400fbf3537Syasuoka #include <stdio.h> 410fbf3537Syasuoka #include <stdarg.h> 420fbf3537Syasuoka #include <stddef.h> 430fbf3537Syasuoka #include <netdb.h> 440fbf3537Syasuoka #include <time.h> 450fbf3537Syasuoka #include <string.h> 460fbf3537Syasuoka #include <event.h> 470fbf3537Syasuoka #include <ifaddrs.h> 480fbf3537Syasuoka 490fbf3537Syasuoka #ifdef USE_LIBSOCKUTIL 500fbf3537Syasuoka #include <seil/sockfromto.h> 510fbf3537Syasuoka #endif 520fbf3537Syasuoka 530fbf3537Syasuoka #include "time_utils.h" 540fbf3537Syasuoka #include "ipsec_util.h" 550fbf3537Syasuoka #include "bytebuf.h" 560fbf3537Syasuoka #include "hash.h" 570fbf3537Syasuoka #include "debugutil.h" 580fbf3537Syasuoka #include "slist.h" 590fbf3537Syasuoka #include "l2tp.h" 600fbf3537Syasuoka #include "l2tp_local.h" 610fbf3537Syasuoka #include "l2tp_subr.h" 620fbf3537Syasuoka #include "net_utils.h" 630fbf3537Syasuoka #include "config_helper.h" 640fbf3537Syasuoka #include "version.h" 650fbf3537Syasuoka 660fbf3537Syasuoka static int l2tp_ctrl_init (l2tp_ctrl *, l2tpd *, struct sockaddr *, struct sockaddr *, void *); 670fbf3537Syasuoka static void l2tp_ctrl_reload (l2tp_ctrl *); 680fbf3537Syasuoka static int l2tp_ctrl_send_disconnect_notify (l2tp_ctrl *); 690fbf3537Syasuoka #if 0 700fbf3537Syasuoka static void l2tp_ctrl_purge_ipsec_sa (l2tp_ctrl *); 710fbf3537Syasuoka #endif 720fbf3537Syasuoka static void l2tp_ctrl_timeout (int, short, void *); 730fbf3537Syasuoka static int l2tp_ctrl_resend_una_packets (l2tp_ctrl *); 740fbf3537Syasuoka static void l2tp_ctrl_destroy_all_calls (l2tp_ctrl *); 750fbf3537Syasuoka static int l2tp_ctrl_disconnect_all_calls (l2tp_ctrl *); 760fbf3537Syasuoka static void l2tp_ctrl_reset_timeout (l2tp_ctrl *); 770fbf3537Syasuoka static inline int l2tp_ctrl_txwin_size (l2tp_ctrl *); 780fbf3537Syasuoka static inline int l2tp_ctrl_txwin_is_full (l2tp_ctrl *); 790fbf3537Syasuoka static int l2tp_ctrl_recv_SCCRQ (l2tp_ctrl *, u_char *, int, l2tpd *, struct sockaddr *); 800fbf3537Syasuoka static int l2tp_ctrl_send_StopCCN (l2tp_ctrl *, int); 810fbf3537Syasuoka static int l2tp_ctrl_recv_StopCCN (l2tp_ctrl *, u_char *, int); 820fbf3537Syasuoka static void l2tp_ctrl_send_SCCRP (l2tp_ctrl *); 830fbf3537Syasuoka static int l2tp_ctrl_send_HELLO (l2tp_ctrl *); 840fbf3537Syasuoka static int l2tp_ctrl_send_ZLB (l2tp_ctrl *); 850fbf3537Syasuoka static inline const char *l2tp_ctrl_state_string (l2tp_ctrl *); 860fbf3537Syasuoka 870fbf3537Syasuoka #ifdef L2TP_CTRL_DEBUG 880fbf3537Syasuoka #define L2TP_CTRL_ASSERT(x) ASSERT(x) 890fbf3537Syasuoka #define L2TP_CTRL_DBG(x) l2tp_ctrl_log x 900fbf3537Syasuoka #else 910fbf3537Syasuoka #define L2TP_CTRL_ASSERT(x) 920fbf3537Syasuoka #define L2TP_CTRL_DBG(x) 930fbf3537Syasuoka #endif 940fbf3537Syasuoka 95f0a4e295Syasuoka /* Sequence # of l2tp_ctrl ID */ 96c46ae403Syasuoka static u_int l2tp_ctrl_id_seq = 0; 970fbf3537Syasuoka 980fbf3537Syasuoka #define SEQ_LT(a,b) ((int16_t)((a) - (b)) < 0) 990fbf3537Syasuoka #define SEQ_GT(a,b) ((int16_t)((a) - (b)) > 0) 1000fbf3537Syasuoka 1010fbf3537Syasuoka /** 102f0a4e295Syasuoka * Build instance of {@link ::_l2tp_ctrl L2TP LNS control connection} 1030fbf3537Syasuoka */ 1040fbf3537Syasuoka l2tp_ctrl * 1050fbf3537Syasuoka l2tp_ctrl_create(void) 1060fbf3537Syasuoka { 1070fbf3537Syasuoka l2tp_ctrl *_this; 1080fbf3537Syasuoka 1090fbf3537Syasuoka if ((_this = malloc(sizeof(l2tp_ctrl))) == NULL) 1100fbf3537Syasuoka return NULL; 1110fbf3537Syasuoka 1120fbf3537Syasuoka memset(_this, 0, sizeof(l2tp_ctrl)); 1130fbf3537Syasuoka return (l2tp_ctrl *)_this; 1140fbf3537Syasuoka } 1150fbf3537Syasuoka 1160fbf3537Syasuoka /** 117f0a4e295Syasuoka * initialize and startup of {@link ::_l2tp_ctrl L2TP LNS control connection} 118f0a4e295Syasuoka * instance 1190fbf3537Syasuoka */ 1200fbf3537Syasuoka static int 1210fbf3537Syasuoka l2tp_ctrl_init(l2tp_ctrl *_this, l2tpd *_l2tpd, struct sockaddr *peer, 1220fbf3537Syasuoka struct sockaddr *sock, void *nat_t_ctx) 1230fbf3537Syasuoka { 1240fbf3537Syasuoka int tunid, i; 1250fbf3537Syasuoka bytebuffer *bytebuf; 1260fbf3537Syasuoka time_t curr_time; 1270fbf3537Syasuoka 1280fbf3537Syasuoka memset(_this, 0, sizeof(l2tp_ctrl)); 1290fbf3537Syasuoka 1300fbf3537Syasuoka curr_time = get_monosec(); 1310fbf3537Syasuoka _this->l2tpd = _l2tpd; 1320fbf3537Syasuoka _this->state = L2TP_CTRL_STATE_IDLE; 1330fbf3537Syasuoka _this->last_snd_ctrl = curr_time; 1340fbf3537Syasuoka 1350fbf3537Syasuoka slist_init(&_this->call_list); 136f0a4e295Syasuoka 137f0a4e295Syasuoka /* seek a free tunnel ID */ 1380fbf3537Syasuoka i = 0; 1390fbf3537Syasuoka _this->id = ++l2tp_ctrl_id_seq; 1400fbf3537Syasuoka for (i = 0, tunid = _this->id; ; i++, tunid++) { 1410fbf3537Syasuoka tunid &= 0xffff; 1420fbf3537Syasuoka _this->tunnel_id = l2tp_ctrl_id_seq & 0xffff; 1430fbf3537Syasuoka if (tunid == 0) 1440fbf3537Syasuoka continue; 1450fbf3537Syasuoka if (l2tpd_get_ctrl(_l2tpd, tunid) == NULL) 1460fbf3537Syasuoka break; 1470fbf3537Syasuoka if (i > 80000) { 148f0a4e295Syasuoka /* this must be happen, just log it. */ 1490fbf3537Syasuoka l2tpd_log(_l2tpd, LOG_ERR, "Too many l2tp controls"); 1500fbf3537Syasuoka return -1; 1510fbf3537Syasuoka } 1520fbf3537Syasuoka } 1530fbf3537Syasuoka 1540fbf3537Syasuoka _this->tunnel_id = tunid; 1550fbf3537Syasuoka 1560fbf3537Syasuoka L2TP_CTRL_ASSERT(peer != NULL); 1570fbf3537Syasuoka L2TP_CTRL_ASSERT(sock != NULL); 1580fbf3537Syasuoka memcpy(&_this->peer, peer, peer->sa_len); 1590fbf3537Syasuoka memcpy(&_this->sock, sock, sock->sa_len); 1600fbf3537Syasuoka 161f0a4e295Syasuoka /* prepare send buffer */ 1620fbf3537Syasuoka _this->winsz = L2TPD_DEFAULT_SEND_WINSZ; 1630fbf3537Syasuoka if ((_this->snd_buffers = calloc(_this->winsz, sizeof(bytebuffer *))) 1640fbf3537Syasuoka == NULL) { 1650fbf3537Syasuoka l2tpd_log(_l2tpd, LOG_ERR, 1660fbf3537Syasuoka "calloc() failed in %s(): %m", __func__); 167f0a4e295Syasuoka goto fail; 1680fbf3537Syasuoka } 1690fbf3537Syasuoka for (i = 0; i < _this->winsz; i++) { 1700fbf3537Syasuoka if ((bytebuf = bytebuffer_create(L2TPD_SND_BUFSIZ)) == NULL) { 1710fbf3537Syasuoka l2tpd_log(_l2tpd, LOG_ERR, 1720fbf3537Syasuoka "bytebuffer_create() failed in %s(): %m", __func__); 173f0a4e295Syasuoka goto fail; 1740fbf3537Syasuoka } 1750fbf3537Syasuoka _this->snd_buffers[i] = bytebuf; 1760fbf3537Syasuoka } 1770fbf3537Syasuoka if ((_this->zlb_buffer = bytebuffer_create(sizeof(struct l2tp_header) 1780fbf3537Syasuoka + 128)) == NULL) { 1790fbf3537Syasuoka l2tpd_log(_l2tpd, LOG_ERR, 1800fbf3537Syasuoka "bytebuffer_create() failed in %s(): %m", __func__); 181f0a4e295Syasuoka goto fail; 1820fbf3537Syasuoka } 1830fbf3537Syasuoka #ifdef USE_LIBSOCKUTIL 1840fbf3537Syasuoka if (nat_t_ctx != NULL) { 1850fbf3537Syasuoka if ((_this->sa_cookie = malloc( 1860fbf3537Syasuoka sizeof(struct in_ipsec_sa_cookie))) != NULL) { 1870fbf3537Syasuoka *(struct in_ipsec_sa_cookie *)_this->sa_cookie = 1880fbf3537Syasuoka *(struct in_ipsec_sa_cookie *)nat_t_ctx; 1890fbf3537Syasuoka } else { 1900fbf3537Syasuoka l2tpd_log(_l2tpd, LOG_ERR, 1910fbf3537Syasuoka "creating sa_cookie failed: %m"); 192f0a4e295Syasuoka goto fail; 1930fbf3537Syasuoka } 1940fbf3537Syasuoka } 1950fbf3537Syasuoka #endif 1960fbf3537Syasuoka _this->hello_interval = L2TP_CTRL_DEFAULT_HELLO_INTERVAL; 1970fbf3537Syasuoka _this->hello_timeout = L2TP_CTRL_DEFAULT_HELLO_TIMEOUT; 1980fbf3537Syasuoka _this->hello_io_time = curr_time; 1990fbf3537Syasuoka 200f0a4e295Syasuoka /* initialize timeout timer */ 2010fbf3537Syasuoka l2tp_ctrl_reset_timeout(_this); 2020fbf3537Syasuoka 203f0a4e295Syasuoka /* register l2tp context */ 2040fbf3537Syasuoka l2tpd_add_ctrl(_l2tpd, _this); 2050fbf3537Syasuoka return 0; 206f0a4e295Syasuoka fail: 2070fbf3537Syasuoka l2tp_ctrl_stop(_this, 0); 2080fbf3537Syasuoka return -1; 2090fbf3537Syasuoka } 2100fbf3537Syasuoka 211f0a4e295Syasuoka /* 212f0a4e295Syasuoka * setup {@link ::_l2tp_ctrl L2TP LNS control connection} instance 2130fbf3537Syasuoka */ 2140fbf3537Syasuoka static void 2150fbf3537Syasuoka l2tp_ctrl_reload(l2tp_ctrl *_this) 2160fbf3537Syasuoka { 2170fbf3537Syasuoka int ival; 2180fbf3537Syasuoka 2190fbf3537Syasuoka _this->data_use_seq = l2tp_ctrl_config_str_equal(_this, 2200fbf3537Syasuoka "l2tp.data_use_seq", "true", 1); 2210fbf3537Syasuoka 2220fbf3537Syasuoka if ((ival = l2tp_ctrl_config_int(_this, "l2tp.hello_interval", 0))!= 0) 2230fbf3537Syasuoka _this->hello_interval = ival; 2240fbf3537Syasuoka if ((ival = l2tp_ctrl_config_int(_this, "l2tp.hello_timeout", 0)) != 0) 2250fbf3537Syasuoka _this->hello_timeout = ival; 2260fbf3537Syasuoka 2270fbf3537Syasuoka return; 2280fbf3537Syasuoka } 2290fbf3537Syasuoka 230f0a4e295Syasuoka /* 231f0a4e295Syasuoka * free {@link ::_l2tp_ctrl L2TP LNS control connection} instance 2320fbf3537Syasuoka */ 2330fbf3537Syasuoka void 2340fbf3537Syasuoka l2tp_ctrl_destroy(l2tp_ctrl *_this) 2350fbf3537Syasuoka { 2360fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 2370fbf3537Syasuoka #ifdef USE_LIBSOCKUTIL 2380fbf3537Syasuoka if (_this->sa_cookie != NULL) 2390fbf3537Syasuoka free(_this->sa_cookie); 2400fbf3537Syasuoka #endif 2410fbf3537Syasuoka free(_this); 2420fbf3537Syasuoka } 2430fbf3537Syasuoka 244f0a4e295Syasuoka /* 245f0a4e295Syasuoka * nortify disconnection to peer 2460fbf3537Syasuoka * 247f0a4e295Syasuoka * @return 0: all CDN and StopCCN have been sent. 248f0a4e295Syasuoka * N: if the remaining calls which still not sent CDN exist, 249f0a4e295Syasuoka * return # of the calls. 250f0a4e295Syasuoka * -1: when try to send of StopCCN failed. 2510fbf3537Syasuoka */ 2520fbf3537Syasuoka static int 2530fbf3537Syasuoka l2tp_ctrl_send_disconnect_notify(l2tp_ctrl *_this) 2540fbf3537Syasuoka { 2550fbf3537Syasuoka int ncalls; 2560fbf3537Syasuoka 2570fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL) 2580fbf3537Syasuoka L2TP_CTRL_ASSERT(_this->state == L2TP_CTRL_STATE_ESTABLISHED || 2590fbf3537Syasuoka _this->state == L2TP_CTRL_STATE_CLEANUP_WAIT); 2600fbf3537Syasuoka 261*7a7bab9dSyasuoka /* this control is not actively closing or StopCCN have been sent */ 2620fbf3537Syasuoka if (_this->active_closing == 0) 2630fbf3537Syasuoka return 0; 2640fbf3537Syasuoka 265*7a7bab9dSyasuoka /* Send CDN all Calls */ 2660fbf3537Syasuoka ncalls = 0; 2670fbf3537Syasuoka if (slist_length(&_this->call_list) != 0) { 2680fbf3537Syasuoka ncalls = l2tp_ctrl_disconnect_all_calls(_this); 2690fbf3537Syasuoka if (ncalls > 0) { 2700fbf3537Syasuoka /* 271*7a7bab9dSyasuoka * Call the function again to check whether the 272*7a7bab9dSyasuoka * sending window is fulled. In case ncalls == 0, 273*7a7bab9dSyasuoka * it means we've sent CDN for all calls. 2740fbf3537Syasuoka */ 2750fbf3537Syasuoka ncalls = l2tp_ctrl_disconnect_all_calls(_this); 2760fbf3537Syasuoka } 2770fbf3537Syasuoka } 2780fbf3537Syasuoka if (ncalls > 0) 2790fbf3537Syasuoka return ncalls; 2800fbf3537Syasuoka 2810fbf3537Syasuoka if (l2tp_ctrl_send_StopCCN(_this, _this->active_closing) != 0) 2820fbf3537Syasuoka return -1; 2830fbf3537Syasuoka _this->active_closing = 0; 2840fbf3537Syasuoka 2850fbf3537Syasuoka return 0; 2860fbf3537Syasuoka } 2870fbf3537Syasuoka 288f0a4e295Syasuoka /* 289f0a4e295Syasuoka * Terminate the control connection 2900fbf3537Syasuoka * 2910fbf3537Syasuoka * <p> 292*7a7bab9dSyasuoka * please specify an appropriate value to result( >0 ) for 293f0a4e295Syasuoka * StopCCN ResultCode AVP, when to sent Active Close (which 294f0a4e295Syasuoka * require StopCCN sent).</p> 2950fbf3537Syasuoka * <p> 296f0a4e295Syasuoka * When the return value of this function is zero, the _this 297f0a4e295Syasuoka * is already released. The lt2p_ctrl process that was bound to it 298f0a4e295Syasuoka * could not contine. 299f0a4e295Syasuoka * When the return value of this function is one, the timer 300f0a4e295Syasuoka * is reset.</p> 3010fbf3537Syasuoka * 302f0a4e295Syasuoka * @return return 0 if terminate process was completed. 3030fbf3537Syasuoka */ 3040fbf3537Syasuoka int 3050fbf3537Syasuoka l2tp_ctrl_stop(l2tp_ctrl *_this, int result) 3060fbf3537Syasuoka { 3070fbf3537Syasuoka int i; 3080fbf3537Syasuoka l2tpd *_l2tpd; 3090fbf3537Syasuoka 3100fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 3110fbf3537Syasuoka 3120fbf3537Syasuoka switch (_this->state) { 3130fbf3537Syasuoka case L2TP_CTRL_STATE_ESTABLISHED: 3140fbf3537Syasuoka _this->state = L2TP_CTRL_STATE_CLEANUP_WAIT; 3150fbf3537Syasuoka if (result > 0) { 3160fbf3537Syasuoka _this->active_closing = result; 3170fbf3537Syasuoka l2tp_ctrl_send_disconnect_notify(_this); 3180fbf3537Syasuoka break; 3190fbf3537Syasuoka } 3200fbf3537Syasuoka goto cleanup; 3210fbf3537Syasuoka default: 3220fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_DEBUG, "%s() unexpected state=%s", 3230fbf3537Syasuoka __func__, l2tp_ctrl_state_string(_this)); 324f0a4e295Syasuoka /* FALLTHROUGH */ 3250fbf3537Syasuoka case L2TP_CTRL_STATE_WAIT_CTL_CONN: 326f0a4e295Syasuoka /* FALLTHROUGH */ 3270fbf3537Syasuoka case L2TP_CTRL_STATE_CLEANUP_WAIT: 3280fbf3537Syasuoka cleanup: 3290fbf3537Syasuoka if (slist_length(&_this->call_list) != 0) { 3300fbf3537Syasuoka if (l2tp_ctrl_disconnect_all_calls(_this) > 0) 3310fbf3537Syasuoka break; 3320fbf3537Syasuoka } 3330fbf3537Syasuoka #if 0 3340fbf3537Syasuoka if (_this->l2tpd->purge_ipsec_sa != 0) 3350fbf3537Syasuoka l2tp_ctrl_purge_ipsec_sa(_this); 3360fbf3537Syasuoka #endif 3370fbf3537Syasuoka 3380fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_NOTICE, "logtype=Finished"); 3390fbf3537Syasuoka 3400fbf3537Syasuoka evtimer_del(&_this->ev_timeout); 3410fbf3537Syasuoka 342f0a4e295Syasuoka /* free send buffer */ 3430fbf3537Syasuoka if (_this->snd_buffers != NULL) { 3440fbf3537Syasuoka for (i = 0; i < _this->winsz; i++) 3450fbf3537Syasuoka bytebuffer_destroy(_this->snd_buffers[i]); 3460fbf3537Syasuoka free(_this->snd_buffers); 3470fbf3537Syasuoka _this->snd_buffers = NULL; 3480fbf3537Syasuoka } 3490fbf3537Syasuoka if (_this->zlb_buffer != NULL) { 3500fbf3537Syasuoka bytebuffer_destroy(_this->zlb_buffer); 3510fbf3537Syasuoka _this->zlb_buffer = NULL; 3520fbf3537Syasuoka } 353f0a4e295Syasuoka 354f0a4e295Syasuoka /* free l2tp_call */ 3550fbf3537Syasuoka l2tp_ctrl_destroy_all_calls(_this); 3560fbf3537Syasuoka slist_fini(&_this->call_list); 3570fbf3537Syasuoka 3580fbf3537Syasuoka l2tpd_remove_ctrl(_this->l2tpd, _this->tunnel_id); 3590fbf3537Syasuoka 3600fbf3537Syasuoka _l2tpd = _this->l2tpd; 3610fbf3537Syasuoka l2tp_ctrl_destroy(_this); 3620fbf3537Syasuoka 3630fbf3537Syasuoka l2tpd_ctrl_finished_notify(_l2tpd); 364f0a4e295Syasuoka return 0; /* stopped */ 3650fbf3537Syasuoka } 3660fbf3537Syasuoka l2tp_ctrl_reset_timeout(_this); 3670fbf3537Syasuoka 3680fbf3537Syasuoka return 1; 3690fbf3537Syasuoka } 3700fbf3537Syasuoka 3710fbf3537Syasuoka #if 0 3720fbf3537Syasuoka /** Delete the IPsec SA for disconnection */ 3730fbf3537Syasuoka static void 3740fbf3537Syasuoka l2tp_ctrl_purge_ipsec_sa(l2tp_ctrl *_this) 3750fbf3537Syasuoka { 3760fbf3537Syasuoka int is_natt, proto; 377886d2b78Syasuoka struct sockaddr_storage peer, sock; 3780fbf3537Syasuoka hash_link *hl; 3790fbf3537Syasuoka #ifdef USE_LIBSOCKUTIL 3800fbf3537Syasuoka struct in_ipsec_sa_cookie *ipsec_sa_cookie; 3810fbf3537Syasuoka #endif 3820fbf3537Syasuoka l2tp_ctrl *anot; 3830fbf3537Syasuoka 3840fbf3537Syasuoka /* 3850fbf3537Syasuoka * Search another tunnel that uses the same IPsec SA 3860fbf3537Syasuoka * by lineer. 3870fbf3537Syasuoka */ 3880fbf3537Syasuoka for (hl = hash_first(_this->l2tpd->ctrl_map); 3890fbf3537Syasuoka hl != NULL; hl = hash_next(_this->l2tpd->ctrl_map)) { 3900fbf3537Syasuoka anot = hl->item; 3910fbf3537Syasuoka if (anot == _this) 3920fbf3537Syasuoka continue; 3930fbf3537Syasuoka 394886d2b78Syasuoka if (_this->peer.ss_family != anot->peer.ss_family) 395886d2b78Syasuoka continue; 396886d2b78Syasuoka if (_this->peer.ss_family == AF_INET) { 397886d2b78Syasuoka if (SIN(&_this->peer)->sin_addr.s_addr != 398886d2b78Syasuoka SIN(&anot->peer)->sin_addr.s_addr) 399886d2b78Syasuoka continue; 400886d2b78Syasuoka } else if (_this->peer.ss_family == AF_INET6) { 401886d2b78Syasuoka if (!IN6_ARE_ADDR_EQUAL( 402886d2b78Syasuoka &(SIN6(&_this->peer)->sin6_addr), 403886d2b78Syasuoka &(SIN6(&anot->peer)->sin6_addr))) 404886d2b78Syasuoka continue; 4050fbf3537Syasuoka } 4060fbf3537Syasuoka #ifdef USE_LIBSOCKUTIL 407886d2b78Syasuoka if (_this->sa_cookie != NULL && anot->sa_cookie != NULL) { 4080fbf3537Syasuoka /* Both tunnels belong the same NAT box. */ 4090fbf3537Syasuoka 4100fbf3537Syasuoka if (memcmp(_this->sa_cookie, anot->sa_cookie, 4110fbf3537Syasuoka sizeof(struct in_ipsec_sa_cookie)) != 0) 4120fbf3537Syasuoka /* Different hosts behind the NAT box. */ 4130fbf3537Syasuoka continue; 4140fbf3537Syasuoka 4150fbf3537Syasuoka /* The SA is shared by another tunnels by one host. */ 4160fbf3537Syasuoka return; /* don't purge the sa */ 4170fbf3537Syasuoka 418886d2b78Syasuoka } else if (_this->sa_cookie != NULL || anot->sa_cookie != NULL) 4190fbf3537Syasuoka /* Only one is behind the NAT */ 4200fbf3537Syasuoka continue; 4210fbf3537Syasuoka #endif 4220fbf3537Syasuoka return; /* don't purge the sa */ 4230fbf3537Syasuoka } 4240fbf3537Syasuoka 4250fbf3537Syasuoka #ifdef USE_LIBSOCKUTIL 4260fbf3537Syasuoka is_natt = (_this->sa_cookie != NULL)? 1 : 0; 4270fbf3537Syasuoka #else 4280fbf3537Syasuoka is_natt = 0; 4290fbf3537Syasuoka #endif 430886d2b78Syasuoka memcpy(&peer, &_this->peer, _this->peer.ss_len); 431886d2b78Syasuoka memcpy(&sock, &_this->sock, _this->sock.ss_len); 4320fbf3537Syasuoka if (!is_natt) { 4330fbf3537Syasuoka proto = 0; 434886d2b78Syasuoka SIN(&peer)->sin_port = SIN(&sock)->sin_port = 0; 4350fbf3537Syasuoka } 4360fbf3537Syasuoka #ifdef USE_LIBSOCKUTIL 4370fbf3537Syasuoka else { 4380fbf3537Syasuoka ipsec_sa_cookie = _this->sa_cookie; 439886d2b78Syasuoka SIN(&peer)->sin_port = ipsec_sa_cookie->remote_port; 440886d2b78Syasuoka SIN(&sock)->sin_port = ipsec_sa_cookie->local_port; 4410fbf3537Syasuoka #if 1 4420fbf3537Syasuoka /* 4430fbf3537Syasuoka * XXX: As RFC 2367, protocol sould be specified if the port 4440fbf3537Syasuoka * XXX: number is non-zero. 4450fbf3537Syasuoka */ 4460fbf3537Syasuoka proto = 0; 4470fbf3537Syasuoka #else 4480fbf3537Syasuoka proto = IPPROTO_UDP; 4490fbf3537Syasuoka #endif 4500fbf3537Syasuoka } 4510fbf3537Syasuoka #endif 4520fbf3537Syasuoka if (ipsec_util_purge_transport_sa((struct sockaddr *)&peer, 453886d2b78Syasuoka (struct sockaddr *)&sock, proto, IPSEC_UTIL_DIRECTION_BOTH) != 0) 4540fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_NOTICE, "failed to purge IPSec SA"); 4550fbf3537Syasuoka } 4560fbf3537Syasuoka #endif 4570fbf3537Syasuoka 458f0a4e295Syasuoka /* timeout processing */ 4590fbf3537Syasuoka static void 4600fbf3537Syasuoka l2tp_ctrl_timeout(int fd, short evtype, void *ctx) 4610fbf3537Syasuoka { 4620fbf3537Syasuoka int next_timeout, need_resend; 4630fbf3537Syasuoka time_t curr_time; 4640fbf3537Syasuoka l2tp_ctrl *_this; 4650fbf3537Syasuoka l2tp_call *call; 4660fbf3537Syasuoka 4670fbf3537Syasuoka /* 468f0a4e295Syasuoka * the timer must be reset, when leave this function. 469f0a4e295Syasuoka * MEMO: l2tp_ctrl_stop() will reset the timer in it. 470f0a4e295Syasuoka * and please remember that the l2tp_ctrl_stop() may free _this. 4710fbf3537Syasuoka */ 4720fbf3537Syasuoka _this = ctx; 4730fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 4740fbf3537Syasuoka 4750fbf3537Syasuoka curr_time = get_monosec(); 4760fbf3537Syasuoka 4770fbf3537Syasuoka next_timeout = 2; 4780fbf3537Syasuoka need_resend = 0; 4790fbf3537Syasuoka 4800fbf3537Syasuoka if (l2tp_ctrl_txwin_size(_this) > 0) { 4810fbf3537Syasuoka if (_this->state == L2TP_CTRL_STATE_ESTABLISHED) { 4820fbf3537Syasuoka if (_this->hello_wait_ack != 0) { 483f0a4e295Syasuoka /* wait Hello reply */ 4840fbf3537Syasuoka if (curr_time - _this->hello_io_time >= 4850fbf3537Syasuoka _this->hello_timeout) { 4860fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_NOTICE, 4870fbf3537Syasuoka "timeout waiting ack for hello " 4880fbf3537Syasuoka "packets."); 4890fbf3537Syasuoka l2tp_ctrl_stop(_this, 4900fbf3537Syasuoka L2TP_STOP_CCN_RCODE_GENERAL); 4910fbf3537Syasuoka return; 4920fbf3537Syasuoka } 4930fbf3537Syasuoka } 4940fbf3537Syasuoka } else if (curr_time - _this->last_snd_ctrl >= 4950fbf3537Syasuoka L2TP_CTRL_CTRL_PKT_TIMEOUT) { 4960fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_NOTICE, 4970fbf3537Syasuoka "timeout waiting ack for ctrl packets."); 4980fbf3537Syasuoka l2tp_ctrl_stop(_this, 4990fbf3537Syasuoka L2TP_STOP_CCN_RCODE_GENERAL); 5000fbf3537Syasuoka return; 5010fbf3537Syasuoka } 5020fbf3537Syasuoka need_resend = 1; 5030fbf3537Syasuoka } else { 5040fbf3537Syasuoka for (slist_itr_first(&_this->call_list); 5050fbf3537Syasuoka slist_itr_has_next(&_this->call_list);) { 5060fbf3537Syasuoka call = slist_itr_next(&_this->call_list); 5070fbf3537Syasuoka if (call->state == L2TP_CALL_STATE_CLEANUP_WAIT) { 5080fbf3537Syasuoka l2tp_call_destroy(call, 1); 5090fbf3537Syasuoka slist_itr_remove(&_this->call_list); 5100fbf3537Syasuoka } 5110fbf3537Syasuoka } 5120fbf3537Syasuoka } 5130fbf3537Syasuoka 5140fbf3537Syasuoka switch (_this->state) { 5150fbf3537Syasuoka case L2TP_CTRL_STATE_IDLE: 5160fbf3537Syasuoka /* 517f0a4e295Syasuoka * idle: 518f0a4e295Syasuoka * XXX: never happen in current implementation 5190fbf3537Syasuoka */ 5200fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 5210fbf3537Syasuoka "Internal error, timeout on illegal state=idle"); 5220fbf3537Syasuoka l2tp_ctrl_stop(_this, L2TP_STOP_CCN_RCODE_GENERAL); 5230fbf3537Syasuoka break; 5240fbf3537Syasuoka case L2TP_CTRL_STATE_WAIT_CTL_CONN: 5250fbf3537Syasuoka /* 526f0a4e295Syasuoka * wait-ctrl-conn: 527f0a4e295Syasuoka * if there is no ack for SCCRP, the peer will 528f0a4e295Syasuoka * resend SCCRQ. however this implementation can 529f0a4e295Syasuoka * not recognize that the SCCRQ was resent or not. 530f0a4e295Syasuoka * Therefore, never resent from this side. 5310fbf3537Syasuoka */ 5320fbf3537Syasuoka need_resend = 0; 5330fbf3537Syasuoka break; 5340fbf3537Syasuoka case L2TP_CTRL_STATE_ESTABLISHED: 5350fbf3537Syasuoka if (slist_length(&_this->call_list) == 0 && 5360fbf3537Syasuoka curr_time - _this->last_snd_ctrl >= 5370fbf3537Syasuoka L2TP_CTRL_WAIT_CALL_TIMEOUT) { 5380fbf3537Syasuoka if (_this->ncalls == 0) 539421b67a1Sjasper /* fail to receive first call */ 5400fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_WARNING, 5410fbf3537Syasuoka "timeout waiting call"); 5420fbf3537Syasuoka l2tp_ctrl_stop(_this, 5430fbf3537Syasuoka L2TP_STOP_CCN_RCODE_GENERAL); 5440fbf3537Syasuoka return; 5450fbf3537Syasuoka } 5460fbf3537Syasuoka if (_this->hello_wait_ack == 0 && _this->hello_interval > 0) { 547f0a4e295Syasuoka /* send Hello */ 5480fbf3537Syasuoka if (curr_time - _this->hello_interval >= 5490fbf3537Syasuoka _this->hello_io_time) { 5500fbf3537Syasuoka if (l2tp_ctrl_send_HELLO(_this) == 0) 551f0a4e295Syasuoka /* success */ 5520fbf3537Syasuoka _this->hello_wait_ack = 1; 5530fbf3537Syasuoka _this->hello_io_time = curr_time; 5540fbf3537Syasuoka need_resend = 0; 5550fbf3537Syasuoka } 5560fbf3537Syasuoka } 5570fbf3537Syasuoka break; 5580fbf3537Syasuoka case L2TP_CTRL_STATE_CLEANUP_WAIT: 5590fbf3537Syasuoka if (curr_time - _this->last_snd_ctrl >= 5600fbf3537Syasuoka L2TP_CTRL_CLEANUP_WAIT_TIME) { 5610fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_NOTICE, 5620fbf3537Syasuoka "Cleanup timeout state=%d", _this->state); 5630fbf3537Syasuoka l2tp_ctrl_stop(_this, 0); 5640fbf3537Syasuoka return; 5650fbf3537Syasuoka } 5660fbf3537Syasuoka if (_this->active_closing != 0) 5670fbf3537Syasuoka l2tp_ctrl_send_disconnect_notify(_this); 5680fbf3537Syasuoka break; 5690fbf3537Syasuoka default: 5700fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 5710fbf3537Syasuoka "Internal error, timeout on illegal state=%d", 5720fbf3537Syasuoka _this->state); 5730fbf3537Syasuoka l2tp_ctrl_stop(_this, L2TP_STOP_CCN_RCODE_GENERAL); 5740fbf3537Syasuoka return; 5750fbf3537Syasuoka } 576f0a4e295Syasuoka /* resend if required */ 5770fbf3537Syasuoka if (need_resend) 5780fbf3537Syasuoka l2tp_ctrl_resend_una_packets(_this); 5790fbf3537Syasuoka l2tp_ctrl_reset_timeout(_this); 5800fbf3537Syasuoka } 5810fbf3537Syasuoka 5820fbf3537Syasuoka int 5830fbf3537Syasuoka l2tp_ctrl_send(l2tp_ctrl *_this, const void *msg, int len) 5840fbf3537Syasuoka { 5850fbf3537Syasuoka int rval; 5860fbf3537Syasuoka 5870fbf3537Syasuoka #ifdef USE_LIBSOCKUTIL 5880fbf3537Syasuoka if (_this->sa_cookie != NULL) 5890fbf3537Syasuoka rval = sendfromto_nat_t(LISTENER_SOCK(_this), msg, len, 0, 5900fbf3537Syasuoka (struct sockaddr *)&_this->sock, 5910fbf3537Syasuoka (struct sockaddr *)&_this->peer, _this->sa_cookie); 5920fbf3537Syasuoka else 5930fbf3537Syasuoka rval = sendfromto(LISTENER_SOCK(_this), msg, len, 0, 5940fbf3537Syasuoka (struct sockaddr *)&_this->sock, 5950fbf3537Syasuoka (struct sockaddr *)&_this->peer); 5960fbf3537Syasuoka #else 5970fbf3537Syasuoka rval = sendto(LISTENER_SOCK(_this), msg, len, 0, 5980fbf3537Syasuoka (struct sockaddr *)&_this->peer, _this->peer.ss_len); 5990fbf3537Syasuoka #endif 6000fbf3537Syasuoka return rval; 6010fbf3537Syasuoka } 6020fbf3537Syasuoka 603f0a4e295Syasuoka /* resend una packets */ 6040fbf3537Syasuoka static int 6050fbf3537Syasuoka l2tp_ctrl_resend_una_packets(l2tp_ctrl *_this) 6060fbf3537Syasuoka { 6070fbf3537Syasuoka uint16_t seq; 6080fbf3537Syasuoka bytebuffer *bytebuf; 6090fbf3537Syasuoka struct l2tp_header *header; 6100fbf3537Syasuoka int nsend; 6110fbf3537Syasuoka 6120fbf3537Syasuoka nsend = 0; 6130fbf3537Syasuoka for (seq = _this->snd_una; SEQ_LT(seq, _this->snd_nxt); seq++) { 6140fbf3537Syasuoka bytebuf = _this->snd_buffers[seq % _this->winsz]; 6150fbf3537Syasuoka header = bytebuffer_pointer(bytebuf); 6160fbf3537Syasuoka header->nr = htons(_this->rcv_nxt); 6170fbf3537Syasuoka #ifdef L2TP_CTRL_DEBUG 6180fbf3537Syasuoka if (debuglevel >= 3) { 6190fbf3537Syasuoka l2tp_ctrl_log(_this, DEBUG_LEVEL_3, "RESEND seq=%u", 6200fbf3537Syasuoka ntohs(header->ns)); 6210fbf3537Syasuoka show_hd(debug_get_debugfp(), 6220fbf3537Syasuoka bytebuffer_pointer(bytebuf), 6230fbf3537Syasuoka bytebuffer_remaining(bytebuf)); 6240fbf3537Syasuoka } 6250fbf3537Syasuoka #endif 6260fbf3537Syasuoka if (l2tp_ctrl_send(_this, bytebuffer_pointer(bytebuf), 6270fbf3537Syasuoka bytebuffer_remaining(bytebuf)) < 0) { 6280fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 6290fbf3537Syasuoka "sendto() failed in %s: %m", __func__); 6300fbf3537Syasuoka return -1; 6310fbf3537Syasuoka } 6320fbf3537Syasuoka nsend++; 6330fbf3537Syasuoka } 6340fbf3537Syasuoka return nsend; 6350fbf3537Syasuoka } 6360fbf3537Syasuoka 637f0a4e295Syasuoka /* free all calls */ 6380fbf3537Syasuoka static void 6390fbf3537Syasuoka l2tp_ctrl_destroy_all_calls(l2tp_ctrl *_this) 6400fbf3537Syasuoka { 6410fbf3537Syasuoka l2tp_call *call; 6420fbf3537Syasuoka 6430fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 6440fbf3537Syasuoka 6450fbf3537Syasuoka while ((call = slist_remove_first(&_this->call_list)) != NULL) 6460fbf3537Syasuoka l2tp_call_destroy(call, 1); 6470fbf3537Syasuoka } 6480fbf3537Syasuoka 649f0a4e295Syasuoka 650f0a4e295Syasuoka /* disconnect all calls on the control context 651f0a4e295Syasuoka * @return return # of calls that is not waiting cleanup. 6520fbf3537Syasuoka */ 6530fbf3537Syasuoka static int 6540fbf3537Syasuoka l2tp_ctrl_disconnect_all_calls(l2tp_ctrl *_this) 6550fbf3537Syasuoka { 6560fbf3537Syasuoka int i, len, ncalls; 6570fbf3537Syasuoka l2tp_call *call; 6580fbf3537Syasuoka 6590fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 6600fbf3537Syasuoka 6610fbf3537Syasuoka ncalls = 0; 6620fbf3537Syasuoka len = slist_length(&_this->call_list); 6630fbf3537Syasuoka for (i = 0; i < len; i++) { 6640fbf3537Syasuoka call = slist_get(&_this->call_list, i); 6650fbf3537Syasuoka if (call->state != L2TP_CALL_STATE_CLEANUP_WAIT) { 6660fbf3537Syasuoka ncalls++; 6670fbf3537Syasuoka 6680fbf3537Syasuoka if (l2tp_ctrl_txwin_is_full(_this)) { 6690fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_INFO, 6700fbf3537Syasuoka "Too many calls. Sending window is not " 6710fbf3537Syasuoka "enough to send CDN to all clients.")); 6720fbf3537Syasuoka /* nothing to do */ 6730fbf3537Syasuoka } else 6740fbf3537Syasuoka l2tp_call_admin_disconnect(call); 6750fbf3537Syasuoka } 6760fbf3537Syasuoka } 6770fbf3537Syasuoka return ncalls; 6780fbf3537Syasuoka } 6790fbf3537Syasuoka 680f0a4e295Syasuoka /* reset timeout */ 6810fbf3537Syasuoka static void 6820fbf3537Syasuoka l2tp_ctrl_reset_timeout(l2tp_ctrl *_this) 6830fbf3537Syasuoka { 6840fbf3537Syasuoka int intvl; 6850fbf3537Syasuoka struct timeval tv0; 6860fbf3537Syasuoka 6870fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 6880fbf3537Syasuoka 6890fbf3537Syasuoka if (evtimer_initialized(&_this->ev_timeout)) 6900fbf3537Syasuoka evtimer_del(&_this->ev_timeout); 6910fbf3537Syasuoka 6920fbf3537Syasuoka switch (_this->state) { 6930fbf3537Syasuoka case L2TP_CTRL_STATE_CLEANUP_WAIT: 6940fbf3537Syasuoka intvl = 1; 6950fbf3537Syasuoka break; 6960fbf3537Syasuoka default: 6970fbf3537Syasuoka intvl = 2; 6980fbf3537Syasuoka break; 6990fbf3537Syasuoka } 7000fbf3537Syasuoka tv0.tv_usec = 0; 7010fbf3537Syasuoka tv0.tv_sec = intvl; 7020fbf3537Syasuoka if (!evtimer_initialized(&_this->ev_timeout)) 7030fbf3537Syasuoka evtimer_set(&_this->ev_timeout, l2tp_ctrl_timeout, _this); 7040fbf3537Syasuoka evtimer_add(&_this->ev_timeout, &tv0); 7050fbf3537Syasuoka } 7060fbf3537Syasuoka 707f0a4e295Syasuoka /* 708f0a4e295Syasuoka * protocols / send and receive 7090fbf3537Syasuoka */ 710421b67a1Sjasper /* Receive packet */ 7110fbf3537Syasuoka void 7120fbf3537Syasuoka l2tp_ctrl_input(l2tpd *_this, int listener_index, struct sockaddr *peer, 7130fbf3537Syasuoka struct sockaddr *sock, void *nat_t_ctx, u_char *pkt, int pktlen) 7140fbf3537Syasuoka { 7150fbf3537Syasuoka int i, len, offsiz, reqlen, is_ctrl; 7160fbf3537Syasuoka uint16_t mestype; 7170fbf3537Syasuoka struct l2tp_avp *avp, *avp0; 7180fbf3537Syasuoka l2tp_ctrl *ctrl; 7190fbf3537Syasuoka l2tp_call *call; 7200fbf3537Syasuoka char buf[L2TP_AVP_MAXSIZ], errmsg[256]; 7210fbf3537Syasuoka time_t curr_time; 7220fbf3537Syasuoka u_char *pkt0; 7230fbf3537Syasuoka char ifname[IF_NAMESIZE], phy_label[256]; 7240fbf3537Syasuoka struct l2tp_header hdr; 725886d2b78Syasuoka char hbuf[NI_MAXHOST + NI_MAXSERV + 16]; 7260fbf3537Syasuoka 7270fbf3537Syasuoka ctrl = NULL; 7280fbf3537Syasuoka curr_time = get_monosec(); 7290fbf3537Syasuoka pkt0 = pkt; 7300fbf3537Syasuoka 731886d2b78Syasuoka L2TP_CTRL_ASSERT(peer->sa_family == sock->sa_family); 732886d2b78Syasuoka L2TP_CTRL_ASSERT(peer->sa_family == AF_INET || 733886d2b78Syasuoka peer->sa_family == AF_INET6) 7340fbf3537Syasuoka /* 7350fbf3537Syasuoka * Parse L2TP Header 7360fbf3537Syasuoka */ 7370fbf3537Syasuoka memset(&hdr, 0, sizeof(hdr)); 7380fbf3537Syasuoka if (pktlen < 2) { 7390fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), "a short packet. " 7400fbf3537Syasuoka "length=%d", pktlen); 7410fbf3537Syasuoka goto bad_packet; 7420fbf3537Syasuoka } 7430fbf3537Syasuoka memcpy(&hdr, pkt, 2); 7440fbf3537Syasuoka pkt += 2; 7450fbf3537Syasuoka if (hdr.ver != L2TP_HEADER_VERSION_RFC2661) { 746f0a4e295Syasuoka /* XXX: only RFC2661 is supported */ 7470fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 7480fbf3537Syasuoka "Unsupported version at header = %d", hdr.ver); 7490fbf3537Syasuoka goto bad_packet; 7500fbf3537Syasuoka } 7510fbf3537Syasuoka is_ctrl = (hdr.t != 0)? 1 : 0; 7520fbf3537Syasuoka 7530fbf3537Syasuoka /* calc required length */ 7540fbf3537Syasuoka reqlen = 6; /* for Flags, Tunnel-Id, Session-Id field */ 7550fbf3537Syasuoka if (hdr.l) reqlen += 2; /* for Length field (opt) */ 7560fbf3537Syasuoka if (hdr.s) reqlen += 4; /* for Ns, Nr field (opt) */ 7570fbf3537Syasuoka if (hdr.o) reqlen += 2; /* for Offset Size field (opt) */ 7580fbf3537Syasuoka if (reqlen > pktlen) { 7590fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 7600fbf3537Syasuoka "a short packet. length=%d", pktlen); 7610fbf3537Syasuoka goto bad_packet; 7620fbf3537Syasuoka } 7630fbf3537Syasuoka 7640fbf3537Syasuoka if (hdr.l != 0) { 7650fbf3537Syasuoka GETSHORT(hdr.length, pkt); 7660fbf3537Syasuoka if (hdr.length > pktlen) { 7670fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 7680fbf3537Syasuoka "Actual packet size is smaller than the length " 7690fbf3537Syasuoka "field %d < %d", pktlen, hdr.length); 7700fbf3537Syasuoka goto bad_packet; 7710fbf3537Syasuoka } 7720fbf3537Syasuoka pktlen = hdr.length; /* remove trailing trash */ 7730fbf3537Syasuoka } 7740fbf3537Syasuoka GETSHORT(hdr.tunnel_id, pkt); 7750fbf3537Syasuoka GETSHORT(hdr.session_id, pkt); 7760fbf3537Syasuoka if (hdr.s != 0) { 7770fbf3537Syasuoka GETSHORT(hdr.ns, pkt); 7780fbf3537Syasuoka GETSHORT(hdr.nr, pkt); 7790fbf3537Syasuoka } 7800fbf3537Syasuoka if (hdr.o != 0) { 7810fbf3537Syasuoka GETSHORT(offsiz, pkt); 7820fbf3537Syasuoka if (pktlen < offsiz) { 7830fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 7840fbf3537Syasuoka "offset field is bigger than remaining packet " 7850fbf3537Syasuoka "length %d > %d", offsiz, pktlen); 7860fbf3537Syasuoka goto bad_packet; 7870fbf3537Syasuoka } 7880fbf3537Syasuoka pkt += offsiz; 7890fbf3537Syasuoka } 7900fbf3537Syasuoka L2TP_CTRL_ASSERT(pkt - pkt0 == reqlen); 7910fbf3537Syasuoka pktlen -= (pkt - pkt0); /* cut down the length of header */ 7920fbf3537Syasuoka 7930fbf3537Syasuoka ctrl = NULL; 7940fbf3537Syasuoka memset(buf, 0, sizeof(buf)); 7950fbf3537Syasuoka mestype = 0; 7960fbf3537Syasuoka avp = NULL; 7970fbf3537Syasuoka 7980fbf3537Syasuoka if (is_ctrl) { 7990fbf3537Syasuoka avp0 = (struct l2tp_avp *)buf; 8000fbf3537Syasuoka avp = avp_find_message_type_avp(avp0, pkt, pktlen); 8010fbf3537Syasuoka if (avp != NULL) 8020fbf3537Syasuoka mestype = avp->attr_value[0] << 8 | avp->attr_value[1]; 8030fbf3537Syasuoka } 8040fbf3537Syasuoka ctrl = l2tpd_get_ctrl(_this, hdr.tunnel_id); 8050fbf3537Syasuoka 8060fbf3537Syasuoka if (ctrl == NULL) { 807f0a4e295Syasuoka /* new control */ 8080fbf3537Syasuoka if (!is_ctrl) { 8090fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 8100fbf3537Syasuoka "bad data message: tunnelId=%d is not " 8110fbf3537Syasuoka "found.", hdr.tunnel_id); 8120fbf3537Syasuoka goto bad_packet; 8130fbf3537Syasuoka } 8140fbf3537Syasuoka if (mestype != L2TP_AVP_MESSAGE_TYPE_SCCRQ) { 8150fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 8160fbf3537Syasuoka "bad control message: tunnelId=%d is not " 8170fbf3537Syasuoka "found. mestype=%s", hdr.tunnel_id, 8180fbf3537Syasuoka avp_mes_type_string(mestype)); 8190fbf3537Syasuoka goto bad_packet; 8200fbf3537Syasuoka } 8210fbf3537Syasuoka 8220fbf3537Syasuoka strlcpy(phy_label, 8230fbf3537Syasuoka ((l2tpd_listener *)slist_get(&_this->listener, 8240fbf3537Syasuoka listener_index))->phy_label, sizeof(phy_label)); 8250fbf3537Syasuoka if (_this->phy_label_with_ifname != 0) { 8260fbf3537Syasuoka if (get_ifname_by_sockaddr(sock, ifname) == NULL) { 8270fbf3537Syasuoka l2tpd_log_access_deny(_this, 8280fbf3537Syasuoka "could not get interface informations", 8290fbf3537Syasuoka peer); 830f0a4e295Syasuoka goto fail; 8310fbf3537Syasuoka } 8320fbf3537Syasuoka if (l2tpd_config_str_equal(_this, 8330fbf3537Syasuoka config_key_prefix("l2tpd.interface", ifname), 8340fbf3537Syasuoka "accept", 0)){ 8350fbf3537Syasuoka strlcat(phy_label, "%", sizeof(phy_label)); 8360fbf3537Syasuoka strlcat(phy_label, ifname, sizeof(phy_label)); 8370fbf3537Syasuoka } else if (l2tpd_config_str_equal(_this, 8380fbf3537Syasuoka config_key_prefix("l2tpd.interface", "any"), 8390fbf3537Syasuoka "accept", 0)){ 8400fbf3537Syasuoka } else { 841f0a4e295Syasuoka /* the interface is not permited */ 8420fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 8430fbf3537Syasuoka "'%s' is not allowed by config.", ifname); 8440fbf3537Syasuoka l2tpd_log_access_deny(_this, errmsg, peer); 845f0a4e295Syasuoka goto fail; 8460fbf3537Syasuoka } 8470fbf3537Syasuoka } 8480fbf3537Syasuoka 8490fbf3537Syasuoka if ((ctrl = l2tp_ctrl_create()) == NULL) { 8500fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_ERR, 8510fbf3537Syasuoka "l2tp_ctrl_create() failed: %m"); 852f0a4e295Syasuoka goto fail; 8530fbf3537Syasuoka } 8540fbf3537Syasuoka if (l2tp_ctrl_init(ctrl, _this, peer, sock, nat_t_ctx) != 0) { 8550fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_ERR, 8560fbf3537Syasuoka "l2tp_ctrl_start() failed: %m"); 857f0a4e295Syasuoka goto fail; 8580fbf3537Syasuoka } 8590fbf3537Syasuoka 8600fbf3537Syasuoka ctrl->listener_index = listener_index; 8610fbf3537Syasuoka strlcpy(ctrl->phy_label, phy_label, sizeof(ctrl->phy_label)); 8620fbf3537Syasuoka l2tp_ctrl_reload(ctrl); 8630fbf3537Syasuoka } else { 8640fbf3537Syasuoka /* 865f0a4e295Syasuoka * treat as an error if src address and port is not 866f0a4e295Syasuoka * match. (because it is potentially DoS attach) 8670fbf3537Syasuoka */ 868886d2b78Syasuoka int notmatch = 0; 8690fbf3537Syasuoka 870886d2b78Syasuoka if (ctrl->peer.ss_family != peer->sa_family) 871886d2b78Syasuoka notmatch = 1; 872886d2b78Syasuoka else if (peer->sa_family == AF_INET) { 873886d2b78Syasuoka if (SIN(peer)->sin_addr.s_addr != 874886d2b78Syasuoka SIN(&ctrl->peer)->sin_addr.s_addr || 875886d2b78Syasuoka SIN(peer)->sin_port != SIN(&ctrl->peer)->sin_port) 876886d2b78Syasuoka notmatch = 1; 877886d2b78Syasuoka } else if (peer->sa_family == AF_INET6) { 878886d2b78Syasuoka if (!IN6_ARE_ADDR_EQUAL(&(SIN6(peer)->sin6_addr), 879886d2b78Syasuoka &(SIN6(&ctrl->peer)->sin6_addr)) || 880886d2b78Syasuoka SIN6(peer)->sin6_port != 881886d2b78Syasuoka SIN6(&ctrl->peer)->sin6_port) 882886d2b78Syasuoka notmatch = 1; 883886d2b78Syasuoka } 884886d2b78Syasuoka if (notmatch) { 8850fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 886886d2b78Syasuoka "tunnelId=%u is already assigned for %s", 887886d2b78Syasuoka hdr.tunnel_id, addrport_tostring( 888886d2b78Syasuoka (struct sockaddr *)&ctrl->peer, 889886d2b78Syasuoka ctrl->peer.ss_len, hbuf, sizeof(hbuf))); 8900fbf3537Syasuoka goto bad_packet; 8910fbf3537Syasuoka } 8920fbf3537Syasuoka } 8930fbf3537Syasuoka ctrl->last_rcv = curr_time; 8940fbf3537Syasuoka call = NULL; 8950fbf3537Syasuoka if (hdr.session_id != 0) { 896f0a4e295Syasuoka /* search l2tp_call by Session ID */ 897f0a4e295Syasuoka /* linear search is enough for this purpose */ 8980fbf3537Syasuoka len = slist_length(&ctrl->call_list); 8990fbf3537Syasuoka for (i = 0; i < len; i++) { 9000fbf3537Syasuoka call = slist_get(&ctrl->call_list, i); 9010fbf3537Syasuoka if (call->session_id == hdr.session_id) 9020fbf3537Syasuoka break; 9030fbf3537Syasuoka call = NULL; 9040fbf3537Syasuoka } 9050fbf3537Syasuoka } 9060fbf3537Syasuoka if (!is_ctrl) { 907e405d423Syasuoka int delayed = 0; 908e405d423Syasuoka 909f0a4e295Syasuoka /* L2TP data */ 9100fbf3537Syasuoka if (ctrl->state != L2TP_CTRL_STATE_ESTABLISHED) { 9110fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_WARNING, 9120fbf3537Syasuoka "Received Data packet in '%s'", 9130fbf3537Syasuoka l2tp_ctrl_state_string(ctrl)); 914f0a4e295Syasuoka goto fail; 9150fbf3537Syasuoka } 9160fbf3537Syasuoka if (call == NULL) { 9170fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_WARNING, 9180fbf3537Syasuoka "Received a data packet but it has no call. " 9190fbf3537Syasuoka "session_id=%u", hdr.session_id); 920f0a4e295Syasuoka goto fail; 9210fbf3537Syasuoka } 9220fbf3537Syasuoka L2TP_CTRL_DBG((ctrl, DEBUG_LEVEL_2, 9230fbf3537Syasuoka "call=%u RECV ns=%u nr=%u snd_nxt=%u rcv_nxt=%u len=%d", 9240fbf3537Syasuoka call->id, hdr.ns, hdr.nr, call->snd_nxt, call->rcv_nxt, 9250fbf3537Syasuoka pktlen)); 9260fbf3537Syasuoka if (call->state != L2TP_CALL_STATE_ESTABLISHED){ 9270fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_WARNING, 9280fbf3537Syasuoka "Received a data packet but call is not " 9290fbf3537Syasuoka "established"); 930f0a4e295Syasuoka goto fail; 9310fbf3537Syasuoka } 9320fbf3537Syasuoka 9330fbf3537Syasuoka if (hdr.s != 0) { 9340fbf3537Syasuoka if (SEQ_LT(hdr.ns, call->rcv_nxt)) { 935e405d423Syasuoka if (SEQ_LT(hdr.ns, 936e405d423Syasuoka call->rcv_nxt - L2TP_CALL_DELAY_LIMIT)) { 937e405d423Syasuoka /* sequence number seems to be delayed */ 938f0a4e295Syasuoka /* XXX: need to log? */ 9390fbf3537Syasuoka L2TP_CTRL_DBG((ctrl, LOG_DEBUG, 940e405d423Syasuoka "receive a out of sequence " 941e405d423Syasuoka "data packet: %u < %u.", 942e405d423Syasuoka hdr.ns, call->rcv_nxt)); 9430fbf3537Syasuoka return; 9440fbf3537Syasuoka } 945e405d423Syasuoka delayed = 1; 946e405d423Syasuoka } else { 9470fbf3537Syasuoka call->rcv_nxt = hdr.ns + 1; 9480fbf3537Syasuoka } 949e405d423Syasuoka } 950e405d423Syasuoka 951e405d423Syasuoka l2tp_call_ppp_input(call, pkt, pktlen, delayed); 9520fbf3537Syasuoka 9530fbf3537Syasuoka return; 9540fbf3537Syasuoka } 9550fbf3537Syasuoka if (hdr.s != 0) { 9560fbf3537Syasuoka L2TP_CTRL_DBG((ctrl, DEBUG_LEVEL_2, 9570fbf3537Syasuoka "RECV %s ns=%u nr=%u snd_nxt=%u snd_una=%u rcv_nxt=%u " 9580fbf3537Syasuoka "len=%d", (is_ctrl)? "C" : "", hdr.ns, hdr.nr, 9590fbf3537Syasuoka ctrl->snd_nxt, ctrl->snd_una, ctrl->rcv_nxt, pktlen)); 9600fbf3537Syasuoka 9610fbf3537Syasuoka if (pktlen <= 0) 9620fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_INFO, "RecvZLB"); 9630fbf3537Syasuoka 9640fbf3537Syasuoka if (SEQ_GT(hdr.nr, ctrl->snd_una)) { 9650fbf3537Syasuoka if (hdr.nr == ctrl->snd_nxt || 9660fbf3537Syasuoka SEQ_LT(hdr.nr, ctrl->snd_nxt)) 9670fbf3537Syasuoka ctrl->snd_una = hdr.nr; 9680fbf3537Syasuoka else { 9690fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_INFO, 9700fbf3537Syasuoka "Received message has bad Nr field: " 9710fbf3537Syasuoka "%u < %u.", hdr.ns, ctrl->snd_nxt); 9720fbf3537Syasuoka /* XXX Drop with ZLB? */ 973f0a4e295Syasuoka goto fail; 9740fbf3537Syasuoka } 9750fbf3537Syasuoka } 9760fbf3537Syasuoka if (l2tp_ctrl_txwin_size(ctrl) <= 0) { 977f0a4e295Syasuoka /* no waiting ack */ 9780fbf3537Syasuoka if (ctrl->hello_wait_ack != 0) { 9790fbf3537Syasuoka /* 980f0a4e295Syasuoka * Reset Hello state, as an ack for the Hello 981f0a4e295Syasuoka * is recived. 9820fbf3537Syasuoka */ 9830fbf3537Syasuoka ctrl->hello_wait_ack = 0; 9840fbf3537Syasuoka ctrl->hello_io_time = curr_time; 9850fbf3537Syasuoka } 9860fbf3537Syasuoka switch (ctrl->state) { 9870fbf3537Syasuoka case L2TP_CTRL_STATE_CLEANUP_WAIT: 9880fbf3537Syasuoka l2tp_ctrl_stop(ctrl, 0); 9890fbf3537Syasuoka return; 9900fbf3537Syasuoka } 9910fbf3537Syasuoka } 9920fbf3537Syasuoka if (hdr.ns != ctrl->rcv_nxt) { 993f0a4e295Syasuoka /* there are remaining packet */ 9940fbf3537Syasuoka if (l2tp_ctrl_resend_una_packets(ctrl) <= 0) { 995f0a4e295Syasuoka /* resend or sent ZLB */ 9960fbf3537Syasuoka l2tp_ctrl_send_ZLB(ctrl); 9970fbf3537Syasuoka } 9980fbf3537Syasuoka #ifdef L2TP_CTRL_DEBUG 999f0a4e295Syasuoka if (pktlen != 0) { /* not ZLB */ 10000fbf3537Syasuoka L2TP_CTRL_DBG((ctrl, LOG_DEBUG, 10010fbf3537Syasuoka "receive out of sequence %u must be %u. " 10020fbf3537Syasuoka "mestype=%s", hdr.ns, ctrl->rcv_nxt, 10030fbf3537Syasuoka avp_mes_type_string(mestype))); 10040fbf3537Syasuoka } 10050fbf3537Syasuoka #endif 10060fbf3537Syasuoka return; 10070fbf3537Syasuoka } 10080fbf3537Syasuoka if (pktlen <= 0) 10090fbf3537Syasuoka return; /* ZLB */ 10100fbf3537Syasuoka 10110fbf3537Syasuoka if (l2tp_ctrl_txwin_is_full(ctrl)) { 10120fbf3537Syasuoka L2TP_CTRL_DBG((ctrl, LOG_DEBUG, 10130fbf3537Syasuoka "Received message cannot be handled. " 10140fbf3537Syasuoka "Transmission window is full.")); 10150fbf3537Syasuoka l2tp_ctrl_send_ZLB(ctrl); 10160fbf3537Syasuoka return; 10170fbf3537Syasuoka } 10180fbf3537Syasuoka 10190fbf3537Syasuoka ctrl->rcv_nxt++; 10200fbf3537Syasuoka if (avp == NULL) { 10210fbf3537Syasuoka l2tpd_log(_this, LOG_WARNING, 10220fbf3537Syasuoka "bad control message: no message-type AVP."); 1023f0a4e295Syasuoka goto fail; 10240fbf3537Syasuoka } 10250fbf3537Syasuoka } 10260fbf3537Syasuoka 10270fbf3537Syasuoka /* 1028f0a4e295Syasuoka * state machine (RFC2661 pp. 56-57) 10290fbf3537Syasuoka */ 10300fbf3537Syasuoka switch (ctrl->state) { 10310fbf3537Syasuoka case L2TP_CTRL_STATE_IDLE: 10320fbf3537Syasuoka switch (mestype) { 10330fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCRQ: 10340fbf3537Syasuoka if (l2tp_ctrl_recv_SCCRQ(ctrl, pkt, pktlen, _this, 10350fbf3537Syasuoka peer) == 0) { 1036f0a4e295Syasuoka /* acceptable */ 10370fbf3537Syasuoka l2tp_ctrl_send_SCCRP(ctrl); 10380fbf3537Syasuoka ctrl->state = L2TP_CTRL_STATE_WAIT_CTL_CONN; 10390fbf3537Syasuoka return; 10400fbf3537Syasuoka } 10410fbf3537Syasuoka /* 1042f0a4e295Syasuoka * in case un-acceptable, it was already processed 1043f0a4e295Syasuoka * at l2tcp_ctrl_recv_SCCRQ 10440fbf3537Syasuoka */ 10450fbf3537Syasuoka return; 10460fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCRP: 10470fbf3537Syasuoka /* 1048f0a4e295Syasuoka * RFC specifies that sent of StopCCN in the state, 1049f0a4e295Syasuoka * However as this implementation only support Passive 1050421b67a1Sjasper * open, this packet will not received. 10510fbf3537Syasuoka */ 1052f0a4e295Syasuoka /* FALLTHROUGH */ 10530fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCCN: 10540fbf3537Syasuoka default: 10550fbf3537Syasuoka break; 10560fbf3537Syasuoka } 1057f0a4e295Syasuoka goto fsm_fail; 10580fbf3537Syasuoka 10590fbf3537Syasuoka case L2TP_CTRL_STATE_WAIT_CTL_CONN: 10600fbf3537Syasuoka /* Wait-Ctl-Conn */ 10610fbf3537Syasuoka switch (mestype) { 10620fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCCN: 10630fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_INFO, "RecvSCCN"); 10640fbf3537Syasuoka if (l2tp_ctrl_send_ZLB(ctrl) == 0) { 10650fbf3537Syasuoka ctrl->state = L2TP_CTRL_STATE_ESTABLISHED; 10660fbf3537Syasuoka } 10670fbf3537Syasuoka return; 10680fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_StopCCN: 10690fbf3537Syasuoka goto receive_stop_ccn; 10700fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCRQ: 10710fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCRP: 10720fbf3537Syasuoka default: 10730fbf3537Syasuoka break; 10740fbf3537Syasuoka } 1075f0a4e295Syasuoka break; /* fsm_fail */ 10760fbf3537Syasuoka case L2TP_CTRL_STATE_ESTABLISHED: 10770fbf3537Syasuoka /* Established */ 10780fbf3537Syasuoka switch (mestype) { 10790fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCCN: 10800fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCRQ: 10810fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCRP: 10820fbf3537Syasuoka break; 10830fbf3537Syasuoka receive_stop_ccn: 10840fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_StopCCN: 10850fbf3537Syasuoka if (l2tp_ctrl_recv_StopCCN(ctrl, pkt, pktlen) == 0) { 10860fbf3537Syasuoka if (l2tp_ctrl_resend_una_packets(ctrl) <= 0) 10870fbf3537Syasuoka l2tp_ctrl_send_ZLB(ctrl); 10880fbf3537Syasuoka l2tp_ctrl_stop(ctrl, 0); 10890fbf3537Syasuoka return; 10900fbf3537Syasuoka } 10910fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_ERR, "Received bad StopCCN"); 10920fbf3537Syasuoka l2tp_ctrl_send_ZLB(ctrl); 10930fbf3537Syasuoka l2tp_ctrl_stop(ctrl, 0); 10940fbf3537Syasuoka return; 10950fbf3537Syasuoka 10960fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_HELLO: 10970fbf3537Syasuoka if (l2tp_ctrl_resend_una_packets(ctrl) <= 0) 10980fbf3537Syasuoka l2tp_ctrl_send_ZLB(ctrl); 10990fbf3537Syasuoka return; 11000fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_CDN: 11010fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_ICRP: 11020fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_ICCN: 11030fbf3537Syasuoka if (call == NULL) { 11040fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_INFO, 11050fbf3537Syasuoka "Unknown call message: %s", 11060fbf3537Syasuoka avp_mes_type_string(mestype)); 1107f0a4e295Syasuoka goto fail; 11080fbf3537Syasuoka } 1109f0a4e295Syasuoka /* FALLTHROUGH */ 11100fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_ICRQ: 11110fbf3537Syasuoka l2tp_call_recv_packet(ctrl, call, mestype, pkt, 11120fbf3537Syasuoka pktlen); 11130fbf3537Syasuoka return; 11140fbf3537Syasuoka default: 11150fbf3537Syasuoka break; 11160fbf3537Syasuoka } 1117f0a4e295Syasuoka break; /* fsm_fail */ 11180fbf3537Syasuoka case L2TP_CTRL_STATE_CLEANUP_WAIT: 11190fbf3537Syasuoka if (mestype == L2TP_AVP_MESSAGE_TYPE_StopCCN) { 11200fbf3537Syasuoka /* 1121f0a4e295Syasuoka * We left ESTABLISHED state, but the peer sent StopCCN. 11220fbf3537Syasuoka */ 11230fbf3537Syasuoka goto receive_stop_ccn; 11240fbf3537Syasuoka } 1125f0a4e295Syasuoka break; /* fsm_fail */ 11260fbf3537Syasuoka } 11270fbf3537Syasuoka 1128f0a4e295Syasuoka fsm_fail: 1129f0a4e295Syasuoka /* state machine error */ 11300fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_WARNING, "Received %s in '%s' state", 11310fbf3537Syasuoka avp_mes_type_string(mestype), l2tp_ctrl_state_string(ctrl)); 11320fbf3537Syasuoka l2tp_ctrl_stop(ctrl, L2TP_STOP_CCN_RCODE_FSM_ERROR); 11330fbf3537Syasuoka 11340fbf3537Syasuoka return; 1135f0a4e295Syasuoka fail: 11360fbf3537Syasuoka if (ctrl != NULL && mestype != 0) { 11370fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_WARNING, "Received %s in '%s' state", 11380fbf3537Syasuoka avp_mes_type_string(mestype), l2tp_ctrl_state_string(ctrl)); 11390fbf3537Syasuoka l2tp_ctrl_stop(ctrl, L2TP_STOP_CCN_RCODE_GENERAL_ERROR); 11400fbf3537Syasuoka } 11410fbf3537Syasuoka return; 11420fbf3537Syasuoka 11430fbf3537Syasuoka bad_packet: 1144886d2b78Syasuoka l2tpd_log(_this, LOG_INFO, "Received from=%s: %s", 1145886d2b78Syasuoka addrport_tostring(peer, peer->sa_len, hbuf, sizeof(hbuf)), errmsg); 1146886d2b78Syasuoka 11470fbf3537Syasuoka return; 11480fbf3537Syasuoka } 11490fbf3537Syasuoka 11500fbf3537Syasuoka static inline int 11510fbf3537Syasuoka l2tp_ctrl_txwin_size(l2tp_ctrl *_this) 11520fbf3537Syasuoka { 11530fbf3537Syasuoka uint16_t sz; 11540fbf3537Syasuoka 11550fbf3537Syasuoka sz = _this->snd_nxt - _this->snd_una; 11560fbf3537Syasuoka 11570fbf3537Syasuoka L2TP_CTRL_ASSERT(sz <= _this->winsz); 11580fbf3537Syasuoka 11590fbf3537Syasuoka return sz; 11600fbf3537Syasuoka } 11610fbf3537Syasuoka 11620fbf3537Syasuoka static inline int 11630fbf3537Syasuoka l2tp_ctrl_txwin_is_full(l2tp_ctrl *_this) 11640fbf3537Syasuoka { 11650fbf3537Syasuoka return (l2tp_ctrl_txwin_size(_this) >= _this->winsz)? 1 : 0; 11660fbf3537Syasuoka } 11670fbf3537Syasuoka 1168f0a4e295Syasuoka /* send control packet */ 11690fbf3537Syasuoka int 11700fbf3537Syasuoka l2tp_ctrl_send_packet(l2tp_ctrl *_this, int call_id, bytebuffer *bytebuf, 11710fbf3537Syasuoka int is_ctrl) 11720fbf3537Syasuoka { 11730fbf3537Syasuoka struct l2tp_header *hdr; 11740fbf3537Syasuoka int rval, use_seq; 11750fbf3537Syasuoka time_t curr_time; 11760fbf3537Syasuoka 11770fbf3537Syasuoka curr_time = get_monosec(); 11780fbf3537Syasuoka 11790fbf3537Syasuoka #ifdef L2TP_DATA_WITH_SEQUENCE 11800fbf3537Syasuoka use_seq = 1; 11810fbf3537Syasuoka #else 11820fbf3537Syasuoka use_seq = is_ctrl; 11830fbf3537Syasuoka #endif 11840fbf3537Syasuoka 11850fbf3537Syasuoka bytebuffer_flip(bytebuf); 11860fbf3537Syasuoka hdr = (struct l2tp_header *)bytebuffer_pointer(bytebuf); 11870fbf3537Syasuoka memset(hdr, 0, sizeof(*hdr)); 11880fbf3537Syasuoka 11890fbf3537Syasuoka hdr->t = 1; 11900fbf3537Syasuoka hdr->ver = L2TP_HEADER_VERSION_RFC2661; 11910fbf3537Syasuoka hdr->l = 1; 11920fbf3537Syasuoka hdr->length = htons(bytebuffer_remaining(bytebuf)); 11930fbf3537Syasuoka hdr->tunnel_id = htons(_this->peer_tunnel_id); 11940fbf3537Syasuoka hdr->session_id = htons(call_id); 11950fbf3537Syasuoka 11960fbf3537Syasuoka hdr->s = 1; 11970fbf3537Syasuoka hdr->ns = htons(_this->snd_nxt); 11980fbf3537Syasuoka hdr->nr = htons(_this->rcv_nxt); 11990fbf3537Syasuoka 12000fbf3537Syasuoka if (is_ctrl && 12010fbf3537Syasuoka bytebuffer_remaining(bytebuf) > sizeof(struct l2tp_header)) 12020fbf3537Syasuoka /* Not ZLB */ 12030fbf3537Syasuoka _this->snd_nxt++; 12040fbf3537Syasuoka 12050fbf3537Syasuoka L2TP_CTRL_DBG((_this, DEBUG_LEVEL_2, 12060fbf3537Syasuoka "SEND %s ns=%u nr=%u snd_nxt=%u snd_una=%u rcv_nxt=%u ", 12070fbf3537Syasuoka (is_ctrl)? "C" : " ", ntohs(hdr->ns), htons(hdr->nr), 12080fbf3537Syasuoka _this->snd_nxt, _this->snd_una, _this->rcv_nxt)); 12090fbf3537Syasuoka 12100fbf3537Syasuoka if (_this->l2tpd->ctrl_out_pktdump != 0) { 12110fbf3537Syasuoka l2tpd_log(_this->l2tpd, LOG_DEBUG, 12120fbf3537Syasuoka "L2TP Control output packet dump"); 12130fbf3537Syasuoka show_hd(debug_get_debugfp(), bytebuffer_pointer(bytebuf), 12140fbf3537Syasuoka bytebuffer_remaining(bytebuf)); 12150fbf3537Syasuoka } 12160fbf3537Syasuoka 12170fbf3537Syasuoka if ((rval = l2tp_ctrl_send(_this, bytebuffer_pointer(bytebuf), 12180fbf3537Syasuoka bytebuffer_remaining(bytebuf))) < 0) { 12190fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_DEBUG, "sendto() failed: %m")); 12200fbf3537Syasuoka } 12210fbf3537Syasuoka 12220fbf3537Syasuoka _this->last_snd_ctrl = curr_time; 12230fbf3537Syasuoka 12240fbf3537Syasuoka return (rval == bytebuffer_remaining(bytebuf))? 0 : 1; 12250fbf3537Syasuoka } 12260fbf3537Syasuoka 1227f0a4e295Syasuoka /* 1228f0a4e295Syasuoka * receiver SCCRQ 12290fbf3537Syasuoka */ 12300fbf3537Syasuoka static int 12310fbf3537Syasuoka l2tp_ctrl_recv_SCCRQ(l2tp_ctrl *_this, u_char *pkt, int pktlen, l2tpd *_l2tpd, 12320fbf3537Syasuoka struct sockaddr *peer) 12330fbf3537Syasuoka { 12340fbf3537Syasuoka int avpsz, len, protover, protorev, firmrev, result; 12350fbf3537Syasuoka struct l2tp_avp *avp; 12360fbf3537Syasuoka char host[NI_MAXHOST], serv[NI_MAXSERV]; 12370fbf3537Syasuoka char buf[L2TP_AVP_MAXSIZ], emes[256], hostname[256], vendorname[256]; 12380fbf3537Syasuoka 12390fbf3537Syasuoka result = L2TP_STOP_CCN_RCODE_GENERAL_ERROR; 12400fbf3537Syasuoka strlcpy(hostname, "(no hostname)", sizeof(hostname)); 12410fbf3537Syasuoka strlcpy(vendorname, "(no vendorname)", sizeof(vendorname)); 12420fbf3537Syasuoka 12430fbf3537Syasuoka firmrev = 0; 12440fbf3537Syasuoka protover = 0; 12450fbf3537Syasuoka protorev = 0; 12460fbf3537Syasuoka avp = (struct l2tp_avp *)buf; 12470fbf3537Syasuoka while (pktlen >= 6 && (avpsz = avp_enum(avp, pkt, pktlen, 1)) > 0) { 12480fbf3537Syasuoka pkt += avpsz; 12490fbf3537Syasuoka pktlen -= avpsz; 12500fbf3537Syasuoka if (avp->vendor_id != 0) { 12510fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_DEBUG, 12520fbf3537Syasuoka "Received a Vendor-specific AVP vendor-id=%d " 12530fbf3537Syasuoka "type=%d", avp->vendor_id, avp->attr_type)); 12540fbf3537Syasuoka continue; 12550fbf3537Syasuoka } 12560fbf3537Syasuoka switch (avp->attr_type) { 12570fbf3537Syasuoka case L2TP_AVP_TYPE_MESSAGE_TYPE: 12580fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 8); 12590fbf3537Syasuoka continue; 12600fbf3537Syasuoka case L2TP_AVP_TYPE_PROTOCOL_VERSION: 12610fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 8); 12620fbf3537Syasuoka protover = avp->attr_value[0]; 12630fbf3537Syasuoka protorev = avp->attr_value[1]; 12640fbf3537Syasuoka 12650fbf3537Syasuoka if (protover != L2TP_RFC2661_VERSION || 12660fbf3537Syasuoka protorev != L2TP_RFC2661_REVISION) { 12670fbf3537Syasuoka result = L2TP_STOP_CCN_RCODE_GENERAL_ERROR; 12680fbf3537Syasuoka snprintf(emes, sizeof(emes), 12690fbf3537Syasuoka "Peer's protocol version is not supported:" 12700fbf3537Syasuoka " %d.%d", protover, protorev); 12710fbf3537Syasuoka goto not_acceptable; 12720fbf3537Syasuoka } 12730fbf3537Syasuoka continue; 12740fbf3537Syasuoka case L2TP_AVP_TYPE_FRAMING_CAPABILITIES: 12750fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 10); 12760fbf3537Syasuoka if ((avp_get_val32(avp) & L2TP_FRAMING_CAP_FLAGS_SYNC) 12770fbf3537Syasuoka == 0) { 12780fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_DEBUG, "Peer doesn't " 12790fbf3537Syasuoka "support synchronous framing")); 12800fbf3537Syasuoka } 12810fbf3537Syasuoka continue; 12820fbf3537Syasuoka case L2TP_AVP_TYPE_BEARER_CAPABILITIES: 12830fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 10); 12840fbf3537Syasuoka continue; 12850fbf3537Syasuoka case L2TP_AVP_TYPE_TIE_BREAKER: 12860fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 14); 12870fbf3537Syasuoka /* 1288f0a4e295Syasuoka * As the implementation never send SCCRQ, 1289f0a4e295Syasuoka * the peer is always winner 12900fbf3537Syasuoka */ 12910fbf3537Syasuoka continue; 12920fbf3537Syasuoka case L2TP_AVP_TYPE_FIRMWARE_REVISION: 12930fbf3537Syasuoka AVP_SIZE_CHECK(avp, >=, 6); 12940fbf3537Syasuoka firmrev = avp_get_val16(avp); 12950fbf3537Syasuoka continue; 12960fbf3537Syasuoka case L2TP_AVP_TYPE_HOST_NAME: 12970fbf3537Syasuoka AVP_SIZE_CHECK(avp, >, 4); 12980fbf3537Syasuoka len = MIN(sizeof(hostname) - 1, avp->length - 6); 12990fbf3537Syasuoka memcpy(hostname, avp->attr_value, len); 13000fbf3537Syasuoka hostname[len] = '\0'; 13010fbf3537Syasuoka continue; 13020fbf3537Syasuoka case L2TP_AVP_TYPE_VENDOR_NAME: 13030fbf3537Syasuoka AVP_SIZE_CHECK(avp, >, 4); 13040fbf3537Syasuoka len = MIN(sizeof(vendorname) - 1, avp->length - 6); 13050fbf3537Syasuoka memcpy(vendorname, avp->attr_value, len); 13060fbf3537Syasuoka vendorname[len] = '\0'; 13070fbf3537Syasuoka continue; 13080fbf3537Syasuoka case L2TP_AVP_TYPE_ASSINGED_TUNNEL_ID: 13090fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 8); 13100fbf3537Syasuoka _this->peer_tunnel_id = avp_get_val16(avp); 13110fbf3537Syasuoka continue; 13120fbf3537Syasuoka case L2TP_AVP_TYPE_RECV_WINDOW_SIZE: 13130fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 8); 13140fbf3537Syasuoka _this->peer_winsz = avp_get_val16(avp); 13150fbf3537Syasuoka continue; 13160fbf3537Syasuoka } 13170fbf3537Syasuoka if (avp->is_mandatory) { 13180fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_WARNING, 13190fbf3537Syasuoka "Received AVP (%s/%d) is not supported, but it's " 13200fbf3537Syasuoka "mandatory", avp_attr_type_string(avp->attr_type), 13210fbf3537Syasuoka avp->attr_type); 13220fbf3537Syasuoka #ifdef L2TP_CTRL_DEBUG 13230fbf3537Syasuoka } else { 13240fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_DEBUG, 13250fbf3537Syasuoka "AVP (%s/%d) is not handled", 13260fbf3537Syasuoka avp_attr_type_string(avp->attr_type), 13270fbf3537Syasuoka avp->attr_type)); 13280fbf3537Syasuoka #endif 13290fbf3537Syasuoka } 13300fbf3537Syasuoka } 13310fbf3537Syasuoka if (getnameinfo((struct sockaddr *)&_this->peer, _this->peer.ss_len, 13320fbf3537Syasuoka host, sizeof(host), serv, sizeof(serv), 13330fbf3537Syasuoka NI_NUMERICHOST | NI_NUMERICSERV | NI_DGRAM) != 0) { 13340fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 13350fbf3537Syasuoka "getnameinfo() failed at %s(): %m", __func__); 13360fbf3537Syasuoka strlcpy(host, "error", sizeof(host)); 13370fbf3537Syasuoka strlcpy(serv, "error", sizeof(serv)); 13380fbf3537Syasuoka } 13390fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_NOTICE, "logtype=Started RecvSCCRQ " 13400fbf3537Syasuoka "from=%s:%s/udp tunnel_id=%u/%u protocol=%d.%d winsize=%d " 13410fbf3537Syasuoka "hostname=%s vendor=%s firm=%04X", host, serv, _this->tunnel_id, 13420fbf3537Syasuoka _this->peer_tunnel_id, protover, protorev, _this->peer_winsz, 13430fbf3537Syasuoka hostname, vendorname, firmrev); 13440fbf3537Syasuoka 13450fbf3537Syasuoka return 0; 13460fbf3537Syasuoka not_acceptable: 13470fbf3537Syasuoka size_check_failed: 13480fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, "Received bad SCCRQ: %s", emes); 13490fbf3537Syasuoka l2tp_ctrl_stop(_this, result); 13500fbf3537Syasuoka 13510fbf3537Syasuoka return 1; 13520fbf3537Syasuoka } 13530fbf3537Syasuoka 1354f0a4e295Syasuoka /* 1355f0a4e295Syasuoka * send StopCCN 13560fbf3537Syasuoka */ 13570fbf3537Syasuoka static int 13580fbf3537Syasuoka l2tp_ctrl_send_StopCCN(l2tp_ctrl *_this, int result) 13590fbf3537Syasuoka { 13600fbf3537Syasuoka struct l2tp_avp *avp; 13610fbf3537Syasuoka char buf[L2TP_AVP_MAXSIZ]; 13620fbf3537Syasuoka bytebuffer *bytebuf; 13630fbf3537Syasuoka 13640fbf3537Syasuoka if ((bytebuf = l2tp_ctrl_prepare_snd_buffer(_this, 1)) == NULL) { 13650fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 13660fbf3537Syasuoka "sending StopCCN failed: no buffer."); 13670fbf3537Syasuoka return -1; 13680fbf3537Syasuoka } 13690fbf3537Syasuoka avp = (struct l2tp_avp *)buf; 13700fbf3537Syasuoka 13710fbf3537Syasuoka /* Message Type = StopCCN */ 13720fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 13730fbf3537Syasuoka avp->is_mandatory = 1; 13740fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_MESSAGE_TYPE; 13750fbf3537Syasuoka avp_set_val16(avp, L2TP_AVP_MESSAGE_TYPE_StopCCN); 13760fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 13770fbf3537Syasuoka 13780fbf3537Syasuoka /* Assigned Tunnel Id */ 13790fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 13800fbf3537Syasuoka avp->is_mandatory = 1; 13810fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_ASSINGED_TUNNEL_ID; 13820fbf3537Syasuoka avp_set_val16(avp, _this->tunnel_id); 13830fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 13840fbf3537Syasuoka 13850fbf3537Syasuoka /* Result Code */ 13860fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 13870fbf3537Syasuoka avp->is_mandatory = 1; 13880fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_RESULT_CODE; 13890fbf3537Syasuoka avp_set_val16(avp, result); 13900fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 13910fbf3537Syasuoka 13920fbf3537Syasuoka if (l2tp_ctrl_send_packet(_this, 0, bytebuf, 1) != 0) { 13930fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, "sending CCN failed"); 13940fbf3537Syasuoka return - 1; 13950fbf3537Syasuoka } 13960fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_INFO, "SendStopCCN result=%d", result); 13970fbf3537Syasuoka 13980fbf3537Syasuoka return 0; 13990fbf3537Syasuoka } 14000fbf3537Syasuoka 1401f0a4e295Syasuoka /* 1402f0a4e295Syasuoka * Receiver StopCCN 14030fbf3537Syasuoka */ 14040fbf3537Syasuoka static int 14050fbf3537Syasuoka l2tp_ctrl_recv_StopCCN(l2tp_ctrl *_this, u_char *pkt, int pktlen) 14060fbf3537Syasuoka { 14070fbf3537Syasuoka int avpsz; 14080fbf3537Syasuoka uint32_t val32; 14090fbf3537Syasuoka uint16_t rcode, tunid, ecode; 14100fbf3537Syasuoka struct l2tp_avp *avp; 14110fbf3537Syasuoka char buf[L2TP_AVP_MAXSIZ + 16], emes[256], peermes[256]; 14120fbf3537Syasuoka 14130fbf3537Syasuoka rcode = 0; 14140fbf3537Syasuoka ecode = 0; 14150fbf3537Syasuoka tunid = 0; 14160fbf3537Syasuoka peermes[0] = '\0'; 14170fbf3537Syasuoka avp = (struct l2tp_avp *)buf; 14180fbf3537Syasuoka while (pktlen >= 6 && (avpsz = avp_enum(avp, pkt, pktlen, 1)) > 0) { 14190fbf3537Syasuoka pkt += avpsz; 14200fbf3537Syasuoka pktlen -= avpsz; 14210fbf3537Syasuoka if (avp->vendor_id != 0) { 14220fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_DEBUG, 14230fbf3537Syasuoka "Received a Vendor-specific AVP vendor-id=%d " 14240fbf3537Syasuoka "type=%d", avp->vendor_id, avp->attr_type)); 14250fbf3537Syasuoka continue; 14260fbf3537Syasuoka } 14270fbf3537Syasuoka if (avp->is_hidden != 0) { 14280fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_WARNING, 14290fbf3537Syasuoka "Received AVP (%s/%d) is hidden. But we don't " 14300fbf3537Syasuoka "share secret.", 14310fbf3537Syasuoka avp_attr_type_string(avp->attr_type), 14320fbf3537Syasuoka avp->attr_type); 14330fbf3537Syasuoka if (avp->is_mandatory != 0) { 14340fbf3537Syasuoka l2tp_ctrl_stop(_this, 14350fbf3537Syasuoka L2TP_STOP_CCN_RCODE_GENERAL_ERROR | 14360fbf3537Syasuoka L2TP_ECODE_UNKNOWN_MANDATORY_AVP); 14370fbf3537Syasuoka return 1; 14380fbf3537Syasuoka } 14390fbf3537Syasuoka continue; 14400fbf3537Syasuoka } 14410fbf3537Syasuoka switch (avp->attr_type) { 14420fbf3537Syasuoka case L2TP_AVP_TYPE_MESSAGE_TYPE: 14430fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 8); 14440fbf3537Syasuoka continue; 14450fbf3537Syasuoka case L2TP_AVP_TYPE_RESULT_CODE: 14460fbf3537Syasuoka AVP_SIZE_CHECK(avp, >=, 10); 14470fbf3537Syasuoka val32 = avp_get_val32(avp); 14480fbf3537Syasuoka rcode = val32 >> 16; 14490fbf3537Syasuoka ecode = val32 & 0xffff; 14500fbf3537Syasuoka if (avp->length > 10) { 14510fbf3537Syasuoka avp->attr_value[avp->length - 6] = '\0'; 14520fbf3537Syasuoka strlcpy(peermes, 14530fbf3537Syasuoka (const char *)avp->attr_value + 4, 14540fbf3537Syasuoka sizeof(peermes)); 14550fbf3537Syasuoka } 14560fbf3537Syasuoka continue; 14570fbf3537Syasuoka case L2TP_AVP_TYPE_ASSINGED_TUNNEL_ID: 14580fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 8); 14590fbf3537Syasuoka tunid = avp_get_val16(avp); 14600fbf3537Syasuoka continue; 14610fbf3537Syasuoka default: 14620fbf3537Syasuoka if (avp->is_mandatory != 0) { 14630fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_WARNING, 14640fbf3537Syasuoka "Received AVP (%s/%d) is not supported, " 14650fbf3537Syasuoka "but it's mandatory", 14660fbf3537Syasuoka avp_attr_type_string(avp->attr_type), 14670fbf3537Syasuoka avp->attr_type); 14680fbf3537Syasuoka #ifdef L2TP_CTRL_DEBUG 14690fbf3537Syasuoka } else { 14700fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_DEBUG, 14710fbf3537Syasuoka "AVP (%s/%d) is not handled", 14720fbf3537Syasuoka avp_attr_type_string(avp->attr_type), 14730fbf3537Syasuoka avp->attr_type)); 14740fbf3537Syasuoka #endif 14750fbf3537Syasuoka } 14760fbf3537Syasuoka } 14770fbf3537Syasuoka } 14780fbf3537Syasuoka 14790fbf3537Syasuoka if (rcode == L2TP_CDN_RCODE_ERROR_CODE && 14800fbf3537Syasuoka ecode == L2TP_ECODE_NO_RESOURCE) { 14810fbf3537Syasuoka /* 1482f0a4e295Syasuoka * Memo: 1483f0a4e295Syasuoka * This state may be happen in following state. 1484f0a4e295Syasuoka * - lots of connect/disconect by long-running 1485f0a4e295Syasuoka * windows2000, sometimes it fall to this state. 1486f0a4e295Syasuoka * Once it fall to here, connection will fail till 1487f0a4e295Syasuoka * the windows rebooted 14880fbf3537Syasuoka */ 14890fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_WARNING, 14900fbf3537Syasuoka "Peer indicates \"No Resource\" error."); 14910fbf3537Syasuoka } 14920fbf3537Syasuoka 14930fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_INFO, "RecvStopCCN result=%s/%u " 14940fbf3537Syasuoka "error=%s/%u tunnel_id=%u message=\"%s\"", 14950fbf3537Syasuoka l2tp_stopccn_rcode_string(rcode), rcode, l2tp_ecode_string(ecode), 14960fbf3537Syasuoka ecode, tunid, peermes); 14970fbf3537Syasuoka 14980fbf3537Syasuoka return 0; 14990fbf3537Syasuoka 15000fbf3537Syasuoka size_check_failed: 15010fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, "Received bad StopCCN: %s", emes); 15020fbf3537Syasuoka 15030fbf3537Syasuoka return -1; 15040fbf3537Syasuoka } 15050fbf3537Syasuoka 1506f0a4e295Syasuoka /* 1507f0a4e295Syasuoka * send SCCRP 15080fbf3537Syasuoka */ 15090fbf3537Syasuoka static void 15100fbf3537Syasuoka l2tp_ctrl_send_SCCRP(l2tp_ctrl *_this) 15110fbf3537Syasuoka { 15120fbf3537Syasuoka int len; 15130fbf3537Syasuoka struct l2tp_avp *avp; 15140fbf3537Syasuoka char buf[L2TP_AVP_MAXSIZ]; 15150fbf3537Syasuoka const char *val; 15160fbf3537Syasuoka bytebuffer *bytebuf; 15170fbf3537Syasuoka 15180fbf3537Syasuoka if ((bytebuf = l2tp_ctrl_prepare_snd_buffer(_this, 1)) == NULL) { 15190fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 15200fbf3537Syasuoka "sending SCCRP failed: no buffer."); 15210fbf3537Syasuoka return; 15220fbf3537Syasuoka } 15230fbf3537Syasuoka avp = (struct l2tp_avp *)buf; 15240fbf3537Syasuoka 15250fbf3537Syasuoka /* Message Type = SCCRP */ 15260fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15270fbf3537Syasuoka avp->is_mandatory = 1; 15280fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_MESSAGE_TYPE; 15290fbf3537Syasuoka avp_set_val16(avp, L2TP_AVP_MESSAGE_TYPE_SCCRP); 15300fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 15310fbf3537Syasuoka 15320fbf3537Syasuoka /* Protocol Version = 1.0 */ 15330fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15340fbf3537Syasuoka avp->is_mandatory = 1; 15350fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_PROTOCOL_VERSION; 15360fbf3537Syasuoka avp->attr_value[0] = L2TP_RFC2661_VERSION; 15370fbf3537Syasuoka avp->attr_value[1] = L2TP_RFC2661_REVISION; 15380fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 15390fbf3537Syasuoka 15400fbf3537Syasuoka /* Framing Capability = Async */ 15410fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15420fbf3537Syasuoka avp->is_mandatory = 1; 15430fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_FRAMING_CAPABILITIES; 15440fbf3537Syasuoka avp_set_val32(avp, L2TP_FRAMING_CAP_FLAGS_SYNC); 15450fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 4); 15460fbf3537Syasuoka 15470fbf3537Syasuoka /* Host Name */ 15480fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15490fbf3537Syasuoka avp->is_mandatory = 1; 15500fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_HOST_NAME; 15510fbf3537Syasuoka 15520fbf3537Syasuoka if ((val = l2tp_ctrl_config_str(_this, "l2tp.host_name")) == NULL) 15530fbf3537Syasuoka val = _this->l2tpd->default_hostname; 15540fbf3537Syasuoka if (val[0] == '\0') 1555f0a4e295Syasuoka val = "G"; /* XXX magic word, why? ask yasuoka */ 15560fbf3537Syasuoka len = strlen(val); 15570fbf3537Syasuoka memcpy(avp->attr_value, val, len); 15580fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, len); 15590fbf3537Syasuoka 15600fbf3537Syasuoka /* Assigned Tunnel Id */ 15610fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15620fbf3537Syasuoka avp->is_mandatory = 1; 15630fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_ASSINGED_TUNNEL_ID; 15640fbf3537Syasuoka avp_set_val16(avp, _this->tunnel_id); 15650fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 15660fbf3537Syasuoka 15670fbf3537Syasuoka /* Bearer Capability 1568f0a4e295Syasuoka * This implementation never act as LAC. 15690fbf3537Syasuoka * 15700fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15710fbf3537Syasuoka avp->is_mandatory = 1; 15720fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_BEARER_CAPABILITIES; 15730fbf3537Syasuoka avp_set_val32(avp, 0); 15740fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 4); 15750fbf3537Syasuoka */ 15760fbf3537Syasuoka 15770fbf3537Syasuoka /* Firmware Revision */ 15780fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15790fbf3537Syasuoka avp->is_mandatory = 1; 15800fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_FIRMWARE_REVISION; 15810fbf3537Syasuoka avp->attr_value[0] = MAJOR_VERSION; 15820fbf3537Syasuoka avp->attr_value[1] = MINOR_VERSION; 15830fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 15840fbf3537Syasuoka 15850fbf3537Syasuoka /* Host Name */ 15860fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15870fbf3537Syasuoka avp->is_mandatory = 1; 15880fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_VENDOR_NAME; 15890fbf3537Syasuoka 15900fbf3537Syasuoka if ((val = l2tp_ctrl_config_str(_this, "l2tp.vendor_name")) == NULL) 15910fbf3537Syasuoka val = L2TPD_VENDOR_NAME; 15920fbf3537Syasuoka 15930fbf3537Syasuoka len = strlen(val); 15940fbf3537Syasuoka memcpy(avp->attr_value, val, len); 15950fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, len); 15960fbf3537Syasuoka 15970fbf3537Syasuoka /* Window Size */ 15980fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15990fbf3537Syasuoka avp->is_mandatory = 1; 16000fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_RECV_WINDOW_SIZE; 16010fbf3537Syasuoka avp_set_val16(avp, _this->winsz); 16020fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 16030fbf3537Syasuoka 16040fbf3537Syasuoka if ((l2tp_ctrl_send_packet(_this, 0, bytebuf, 1)) != 0) { 16050fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, "sending SCCRP failed"); 16060fbf3537Syasuoka l2tp_ctrl_stop(_this, L2TP_STOP_CCN_RCODE_GENERAL); 16070fbf3537Syasuoka return; 16080fbf3537Syasuoka } 16090fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_INFO, "SendSCCRP"); 16100fbf3537Syasuoka } 16110fbf3537Syasuoka 16120fbf3537Syasuoka static int 16130fbf3537Syasuoka l2tp_ctrl_send_HELLO(l2tp_ctrl *_this) 16140fbf3537Syasuoka { 16150fbf3537Syasuoka struct l2tp_avp *avp; 16160fbf3537Syasuoka char buf[L2TP_AVP_MAXSIZ]; 16170fbf3537Syasuoka bytebuffer *bytebuf; 16180fbf3537Syasuoka 16190fbf3537Syasuoka if ((bytebuf = l2tp_ctrl_prepare_snd_buffer(_this, 1)) == NULL) { 16200fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 16210fbf3537Syasuoka "sending SCCRP failed: no buffer."); 16220fbf3537Syasuoka return 1; 16230fbf3537Syasuoka } 16240fbf3537Syasuoka avp = (struct l2tp_avp *)buf; 16250fbf3537Syasuoka 16260fbf3537Syasuoka /* Message Type = HELLO */ 16270fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 16280fbf3537Syasuoka avp->is_mandatory = 1; 16290fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_MESSAGE_TYPE; 16300fbf3537Syasuoka avp_set_val16(avp, L2TP_AVP_MESSAGE_TYPE_HELLO); 16310fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 16320fbf3537Syasuoka 16330fbf3537Syasuoka if ((l2tp_ctrl_send_packet(_this, 0, bytebuf, 1)) != 0) { 16340fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, "sending HELLO failed"); 16350fbf3537Syasuoka l2tp_ctrl_stop(_this, L2TP_STOP_CCN_RCODE_GENERAL); 16360fbf3537Syasuoka return 1; 16370fbf3537Syasuoka } 16380fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_DEBUG, "SendHELLO"); 16390fbf3537Syasuoka 16400fbf3537Syasuoka return 0; 16410fbf3537Syasuoka } 16420fbf3537Syasuoka 1643f0a4e295Syasuoka /* Send ZLB */ 16440fbf3537Syasuoka static int 16450fbf3537Syasuoka l2tp_ctrl_send_ZLB(l2tp_ctrl *_this) 16460fbf3537Syasuoka { 16470fbf3537Syasuoka int loglevel; 16480fbf3537Syasuoka 16490fbf3537Syasuoka loglevel = (_this->state == L2TP_CTRL_STATE_ESTABLISHED) 16500fbf3537Syasuoka ? LOG_DEBUG : LOG_INFO; 16510fbf3537Syasuoka l2tp_ctrl_log(_this, loglevel, "SendZLB"); 16520fbf3537Syasuoka bytebuffer_clear(_this->zlb_buffer); 16530fbf3537Syasuoka bytebuffer_put(_this->zlb_buffer, BYTEBUFFER_PUT_DIRECT, 16540fbf3537Syasuoka sizeof(struct l2tp_header)); 16550fbf3537Syasuoka 16560fbf3537Syasuoka return l2tp_ctrl_send_packet(_this, 0, _this->zlb_buffer, 1); 16570fbf3537Syasuoka } 16580fbf3537Syasuoka 1659f0a4e295Syasuoka /* 1660f0a4e295Syasuoka * Utitlity 1661f0a4e295Syasuoka */ 1662f0a4e295Syasuoka 16630fbf3537Syasuoka /** 1664f0a4e295Syasuoka * Prepare send buffer 1665f0a4e295Syasuoka * @return return Null when the send buffer exceed Window. 16660fbf3537Syasuoka */ 16670fbf3537Syasuoka bytebuffer * 16680fbf3537Syasuoka l2tp_ctrl_prepare_snd_buffer(l2tp_ctrl *_this, int with_seq) 16690fbf3537Syasuoka { 16700fbf3537Syasuoka bytebuffer *bytebuf; 16710fbf3537Syasuoka 16720fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 16730fbf3537Syasuoka 16740fbf3537Syasuoka if (l2tp_ctrl_txwin_is_full(_this)) { 16750fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_INFO, "sending buffer is full."); 16760fbf3537Syasuoka return NULL; 16770fbf3537Syasuoka } 16780fbf3537Syasuoka bytebuf = _this->snd_buffers[_this->snd_nxt % _this->winsz]; 16790fbf3537Syasuoka bytebuffer_clear(bytebuf); 16800fbf3537Syasuoka if (with_seq) 16810fbf3537Syasuoka bytebuffer_put(bytebuf, BYTEBUFFER_PUT_DIRECT, 16820fbf3537Syasuoka sizeof(struct l2tp_header)); 16830fbf3537Syasuoka else 16840fbf3537Syasuoka bytebuffer_put(bytebuf, BYTEBUFFER_PUT_DIRECT, 16850fbf3537Syasuoka offsetof(struct l2tp_header, ns)); 16860fbf3537Syasuoka 16870fbf3537Syasuoka return bytebuf; 16880fbf3537Syasuoka } 16890fbf3537Syasuoka 16900fbf3537Syasuoka /** 1691f0a4e295Syasuoka * return current state as strings 16920fbf3537Syasuoka */ 16930fbf3537Syasuoka static inline const char * 16940fbf3537Syasuoka l2tp_ctrl_state_string(l2tp_ctrl *_this) 16950fbf3537Syasuoka { 16960fbf3537Syasuoka switch (_this->state) { 16970fbf3537Syasuoka case L2TP_CTRL_STATE_IDLE: return "idle"; 16980fbf3537Syasuoka case L2TP_CTRL_STATE_WAIT_CTL_CONN: return "wait-ctl-conn"; 16990fbf3537Syasuoka case L2TP_CTRL_STATE_WAIT_CTL_REPLY: return "wait-ctl-reply"; 17000fbf3537Syasuoka case L2TP_CTRL_STATE_ESTABLISHED: return "established"; 17010fbf3537Syasuoka case L2TP_CTRL_STATE_CLEANUP_WAIT: return "cleanup-wait"; 17020fbf3537Syasuoka } 17030fbf3537Syasuoka return "unknown"; 17040fbf3537Syasuoka } 17050fbf3537Syasuoka 1706f0a4e295Syasuoka /* logging with the label of the l2tp instance. */ 17070fbf3537Syasuoka void 17080fbf3537Syasuoka l2tp_ctrl_log(l2tp_ctrl *_this, int prio, const char *fmt, ...) 17090fbf3537Syasuoka { 17100fbf3537Syasuoka char logbuf[BUFSIZ]; 17110fbf3537Syasuoka va_list ap; 17120fbf3537Syasuoka 17130fbf3537Syasuoka va_start(ap, fmt); 1714*7a7bab9dSyasuoka #ifdef L2TPD_MULTIPLE 17150fbf3537Syasuoka snprintf(logbuf, sizeof(logbuf), "l2tpd id=%u ctrl=%u %s", 17160fbf3537Syasuoka _this->l2tpd->id, _this->id, fmt); 17170fbf3537Syasuoka #else 17180fbf3537Syasuoka snprintf(logbuf, sizeof(logbuf), "l2tpd ctrl=%u %s", _this->id, fmt); 17190fbf3537Syasuoka #endif 17200fbf3537Syasuoka vlog_printf(prio, logbuf, ap); 17210fbf3537Syasuoka va_end(ap); 17220fbf3537Syasuoka } 1723