1*9e298f67Stedu /* $OpenBSD: l2tp_ctrl.c,v 1.17 2014/05/07 01:20:53 tedu Exp $ */ 2e109dc18Syasuoka 30fbf3537Syasuoka /*- 40fbf3537Syasuoka * Copyright (c) 2009 Internet Initiative Japan Inc. 50fbf3537Syasuoka * All rights reserved. 60fbf3537Syasuoka * 70fbf3537Syasuoka * Redistribution and use in source and binary forms, with or without 80fbf3537Syasuoka * modification, are permitted provided that the following conditions 90fbf3537Syasuoka * are met: 100fbf3537Syasuoka * 1. Redistributions of source code must retain the above copyright 110fbf3537Syasuoka * notice, this list of conditions and the following disclaimer. 120fbf3537Syasuoka * 2. Redistributions in binary form must reproduce the above copyright 130fbf3537Syasuoka * notice, this list of conditions and the following disclaimer in the 140fbf3537Syasuoka * documentation and/or other materials provided with the distribution. 150fbf3537Syasuoka * 160fbf3537Syasuoka * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 170fbf3537Syasuoka * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 180fbf3537Syasuoka * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 190fbf3537Syasuoka * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 200fbf3537Syasuoka * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 210fbf3537Syasuoka * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 220fbf3537Syasuoka * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 230fbf3537Syasuoka * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 240fbf3537Syasuoka * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 250fbf3537Syasuoka * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 260fbf3537Syasuoka * SUCH DAMAGE. 270fbf3537Syasuoka */ 28f0a4e295Syasuoka /**@file Control connection processing functions for L2TP LNS */ 29*9e298f67Stedu /* $Id: l2tp_ctrl.c,v 1.17 2014/05/07 01:20:53 tedu Exp $ */ 300fbf3537Syasuoka #include <sys/types.h> 310fbf3537Syasuoka #include <sys/param.h> 320fbf3537Syasuoka #include <sys/time.h> 330fbf3537Syasuoka #include <sys/socket.h> 340fbf3537Syasuoka #include <sys/endian.h> 350fbf3537Syasuoka #include <netinet/in.h> 360fbf3537Syasuoka #include <net/if.h> 370fbf3537Syasuoka #include <arpa/inet.h> 389a200ddfSyasuoka #include <errno.h> 390fbf3537Syasuoka #include <event.h> 400fbf3537Syasuoka #include <ifaddrs.h> 419a200ddfSyasuoka #include <netdb.h> 429a200ddfSyasuoka #include <stdarg.h> 439a200ddfSyasuoka #include <stddef.h> 449a200ddfSyasuoka #include <stdio.h> 459a200ddfSyasuoka #include <stdlib.h> 469a200ddfSyasuoka #include <string.h> 479a200ddfSyasuoka #include <syslog.h> 489a200ddfSyasuoka #include <time.h> 49dd8fd9c3Syasuoka #include <unistd.h> 500fbf3537Syasuoka 510fbf3537Syasuoka #ifdef USE_LIBSOCKUTIL 520fbf3537Syasuoka #include <seil/sockfromto.h> 530fbf3537Syasuoka #endif 540fbf3537Syasuoka 550fbf3537Syasuoka #include "time_utils.h" 560fbf3537Syasuoka #include "ipsec_util.h" 570fbf3537Syasuoka #include "bytebuf.h" 580fbf3537Syasuoka #include "hash.h" 590fbf3537Syasuoka #include "debugutil.h" 600fbf3537Syasuoka #include "slist.h" 610fbf3537Syasuoka #include "l2tp.h" 620fbf3537Syasuoka #include "l2tp_local.h" 630fbf3537Syasuoka #include "l2tp_subr.h" 640fbf3537Syasuoka #include "net_utils.h" 650fbf3537Syasuoka #include "version.h" 6659b96086Syasuoka #include "recvfromto.h" 670fbf3537Syasuoka 680fbf3537Syasuoka static int l2tp_ctrl_init (l2tp_ctrl *, l2tpd *, struct sockaddr *, struct sockaddr *, void *); 690fbf3537Syasuoka static void l2tp_ctrl_reload (l2tp_ctrl *); 700fbf3537Syasuoka static int l2tp_ctrl_send_disconnect_notify (l2tp_ctrl *); 710fbf3537Syasuoka #if 0 720fbf3537Syasuoka static void l2tp_ctrl_purge_ipsec_sa (l2tp_ctrl *); 730fbf3537Syasuoka #endif 740fbf3537Syasuoka static void l2tp_ctrl_timeout (int, short, void *); 750fbf3537Syasuoka static int l2tp_ctrl_resend_una_packets (l2tp_ctrl *); 760fbf3537Syasuoka static void l2tp_ctrl_destroy_all_calls (l2tp_ctrl *); 770fbf3537Syasuoka static int l2tp_ctrl_disconnect_all_calls (l2tp_ctrl *); 780fbf3537Syasuoka static void l2tp_ctrl_reset_timeout (l2tp_ctrl *); 790fbf3537Syasuoka static inline int l2tp_ctrl_txwin_size (l2tp_ctrl *); 800fbf3537Syasuoka static inline int l2tp_ctrl_txwin_is_full (l2tp_ctrl *); 810fbf3537Syasuoka static int l2tp_ctrl_recv_SCCRQ (l2tp_ctrl *, u_char *, int, l2tpd *, struct sockaddr *); 820fbf3537Syasuoka static int l2tp_ctrl_send_StopCCN (l2tp_ctrl *, int); 830fbf3537Syasuoka static int l2tp_ctrl_recv_StopCCN (l2tp_ctrl *, u_char *, int); 840fbf3537Syasuoka static void l2tp_ctrl_send_SCCRP (l2tp_ctrl *); 850fbf3537Syasuoka static int l2tp_ctrl_send_HELLO (l2tp_ctrl *); 860fbf3537Syasuoka static int l2tp_ctrl_send_ZLB (l2tp_ctrl *); 870fbf3537Syasuoka static inline const char *l2tp_ctrl_state_string (l2tp_ctrl *); 880fbf3537Syasuoka 890fbf3537Syasuoka #ifdef L2TP_CTRL_DEBUG 900fbf3537Syasuoka #define L2TP_CTRL_ASSERT(x) ASSERT(x) 910fbf3537Syasuoka #define L2TP_CTRL_DBG(x) l2tp_ctrl_log x 920fbf3537Syasuoka #else 930fbf3537Syasuoka #define L2TP_CTRL_ASSERT(x) 940fbf3537Syasuoka #define L2TP_CTRL_DBG(x) 950fbf3537Syasuoka #endif 960fbf3537Syasuoka 97f0a4e295Syasuoka /* Sequence # of l2tp_ctrl ID */ 98c46ae403Syasuoka static u_int l2tp_ctrl_id_seq = 0; 990fbf3537Syasuoka 1000fbf3537Syasuoka #define SEQ_LT(a,b) ((int16_t)((a) - (b)) < 0) 1010fbf3537Syasuoka #define SEQ_GT(a,b) ((int16_t)((a) - (b)) > 0) 1020fbf3537Syasuoka 1030fbf3537Syasuoka /** 104f0a4e295Syasuoka * Build instance of {@link ::_l2tp_ctrl L2TP LNS control connection} 1050fbf3537Syasuoka */ 1060fbf3537Syasuoka l2tp_ctrl * 1070fbf3537Syasuoka l2tp_ctrl_create(void) 1080fbf3537Syasuoka { 1090fbf3537Syasuoka 110*9e298f67Stedu return calloc(1, sizeof(l2tp_ctrl)); 1110fbf3537Syasuoka } 1120fbf3537Syasuoka 1130fbf3537Syasuoka /** 114f0a4e295Syasuoka * initialize and startup of {@link ::_l2tp_ctrl L2TP LNS control connection} 115f0a4e295Syasuoka * instance 1160fbf3537Syasuoka */ 1170fbf3537Syasuoka static int 1180fbf3537Syasuoka l2tp_ctrl_init(l2tp_ctrl *_this, l2tpd *_l2tpd, struct sockaddr *peer, 1190fbf3537Syasuoka struct sockaddr *sock, void *nat_t_ctx) 1200fbf3537Syasuoka { 1210fbf3537Syasuoka int tunid, i; 1220fbf3537Syasuoka bytebuffer *bytebuf; 1230fbf3537Syasuoka time_t curr_time; 1240fbf3537Syasuoka 1250fbf3537Syasuoka memset(_this, 0, sizeof(l2tp_ctrl)); 1260fbf3537Syasuoka 1270fbf3537Syasuoka curr_time = get_monosec(); 1280fbf3537Syasuoka _this->l2tpd = _l2tpd; 1290fbf3537Syasuoka _this->state = L2TP_CTRL_STATE_IDLE; 1300fbf3537Syasuoka _this->last_snd_ctrl = curr_time; 1310fbf3537Syasuoka 1320fbf3537Syasuoka slist_init(&_this->call_list); 133f0a4e295Syasuoka 134f0a4e295Syasuoka /* seek a free tunnel ID */ 1350fbf3537Syasuoka i = 0; 1360fbf3537Syasuoka _this->id = ++l2tp_ctrl_id_seq; 1370fbf3537Syasuoka for (i = 0, tunid = _this->id; ; i++, tunid++) { 1380fbf3537Syasuoka tunid &= 0xffff; 1390fbf3537Syasuoka _this->tunnel_id = l2tp_ctrl_id_seq & 0xffff; 1400fbf3537Syasuoka if (tunid == 0) 1410fbf3537Syasuoka continue; 1420fbf3537Syasuoka if (l2tpd_get_ctrl(_l2tpd, tunid) == NULL) 1430fbf3537Syasuoka break; 1440fbf3537Syasuoka if (i > 80000) { 145f0a4e295Syasuoka /* this must be happen, just log it. */ 1460fbf3537Syasuoka l2tpd_log(_l2tpd, LOG_ERR, "Too many l2tp controls"); 1470fbf3537Syasuoka return -1; 1480fbf3537Syasuoka } 1490fbf3537Syasuoka } 1500fbf3537Syasuoka 1510fbf3537Syasuoka _this->tunnel_id = tunid; 1520fbf3537Syasuoka 1530fbf3537Syasuoka L2TP_CTRL_ASSERT(peer != NULL); 1540fbf3537Syasuoka L2TP_CTRL_ASSERT(sock != NULL); 1550fbf3537Syasuoka memcpy(&_this->peer, peer, peer->sa_len); 1560fbf3537Syasuoka memcpy(&_this->sock, sock, sock->sa_len); 1570fbf3537Syasuoka 158f0a4e295Syasuoka /* prepare send buffer */ 1590fbf3537Syasuoka _this->winsz = L2TPD_DEFAULT_SEND_WINSZ; 1600fbf3537Syasuoka if ((_this->snd_buffers = calloc(_this->winsz, sizeof(bytebuffer *))) 1610fbf3537Syasuoka == NULL) { 1620fbf3537Syasuoka l2tpd_log(_l2tpd, LOG_ERR, 1630fbf3537Syasuoka "calloc() failed in %s(): %m", __func__); 164f0a4e295Syasuoka goto fail; 1650fbf3537Syasuoka } 1660fbf3537Syasuoka for (i = 0; i < _this->winsz; i++) { 1670fbf3537Syasuoka if ((bytebuf = bytebuffer_create(L2TPD_SND_BUFSIZ)) == NULL) { 1680fbf3537Syasuoka l2tpd_log(_l2tpd, LOG_ERR, 1690fbf3537Syasuoka "bytebuffer_create() failed in %s(): %m", __func__); 170f0a4e295Syasuoka goto fail; 1710fbf3537Syasuoka } 1720fbf3537Syasuoka _this->snd_buffers[i] = bytebuf; 1730fbf3537Syasuoka } 1740fbf3537Syasuoka if ((_this->zlb_buffer = bytebuffer_create(sizeof(struct l2tp_header) 1750fbf3537Syasuoka + 128)) == NULL) { 1760fbf3537Syasuoka l2tpd_log(_l2tpd, LOG_ERR, 1770fbf3537Syasuoka "bytebuffer_create() failed in %s(): %m", __func__); 178f0a4e295Syasuoka goto fail; 1790fbf3537Syasuoka } 180b56612b6Smarkus #if defined(USE_LIBSOCKUTIL) || defined(USE_SA_COOKIE) 1810fbf3537Syasuoka if (nat_t_ctx != NULL) { 1820fbf3537Syasuoka if ((_this->sa_cookie = malloc( 1830fbf3537Syasuoka sizeof(struct in_ipsec_sa_cookie))) != NULL) { 1840fbf3537Syasuoka *(struct in_ipsec_sa_cookie *)_this->sa_cookie = 1850fbf3537Syasuoka *(struct in_ipsec_sa_cookie *)nat_t_ctx; 1860fbf3537Syasuoka } else { 1870fbf3537Syasuoka l2tpd_log(_l2tpd, LOG_ERR, 1880fbf3537Syasuoka "creating sa_cookie failed: %m"); 189f0a4e295Syasuoka goto fail; 1900fbf3537Syasuoka } 1910fbf3537Syasuoka } 1920fbf3537Syasuoka #endif 1930fbf3537Syasuoka _this->hello_interval = L2TP_CTRL_DEFAULT_HELLO_INTERVAL; 1940fbf3537Syasuoka _this->hello_timeout = L2TP_CTRL_DEFAULT_HELLO_TIMEOUT; 1950fbf3537Syasuoka _this->hello_io_time = curr_time; 1960fbf3537Syasuoka 197f0a4e295Syasuoka /* initialize timeout timer */ 1980fbf3537Syasuoka l2tp_ctrl_reset_timeout(_this); 1990fbf3537Syasuoka 200f0a4e295Syasuoka /* register l2tp context */ 2010fbf3537Syasuoka l2tpd_add_ctrl(_l2tpd, _this); 2020fbf3537Syasuoka return 0; 203f0a4e295Syasuoka fail: 2040fbf3537Syasuoka l2tp_ctrl_stop(_this, 0); 2050fbf3537Syasuoka return -1; 2060fbf3537Syasuoka } 2070fbf3537Syasuoka 208f0a4e295Syasuoka /* 209f0a4e295Syasuoka * setup {@link ::_l2tp_ctrl L2TP LNS control connection} instance 2100fbf3537Syasuoka */ 2110fbf3537Syasuoka static void 2120fbf3537Syasuoka l2tp_ctrl_reload(l2tp_ctrl *_this) 2130fbf3537Syasuoka { 214821f7c56Syasuoka _this->data_use_seq = L2TP_CTRL_CONF(_this)->data_use_seq; 215821f7c56Syasuoka if (L2TP_CTRL_CONF(_this)->hello_interval != 0) 216821f7c56Syasuoka _this->hello_interval = L2TP_CTRL_CONF(_this)->hello_interval; 217821f7c56Syasuoka if (L2TP_CTRL_CONF(_this)->hello_timeout != 0) 218821f7c56Syasuoka _this->hello_timeout = L2TP_CTRL_CONF(_this)->hello_timeout; 2190fbf3537Syasuoka } 2200fbf3537Syasuoka 221f0a4e295Syasuoka /* 222f0a4e295Syasuoka * free {@link ::_l2tp_ctrl L2TP LNS control connection} instance 2230fbf3537Syasuoka */ 2240fbf3537Syasuoka void 2250fbf3537Syasuoka l2tp_ctrl_destroy(l2tp_ctrl *_this) 2260fbf3537Syasuoka { 2270fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 228b56612b6Smarkus #if defined(USE_LIBSOCKUTIL) || defined(USE_SA_COOKIE) 2290fbf3537Syasuoka if (_this->sa_cookie != NULL) 2300fbf3537Syasuoka free(_this->sa_cookie); 2310fbf3537Syasuoka #endif 2320fbf3537Syasuoka free(_this); 2330fbf3537Syasuoka } 2340fbf3537Syasuoka 235f0a4e295Syasuoka /* 236f0a4e295Syasuoka * nortify disconnection to peer 2370fbf3537Syasuoka * 238f0a4e295Syasuoka * @return 0: all CDN and StopCCN have been sent. 239f0a4e295Syasuoka * N: if the remaining calls which still not sent CDN exist, 240f0a4e295Syasuoka * return # of the calls. 241f0a4e295Syasuoka * -1: when try to send of StopCCN failed. 2420fbf3537Syasuoka */ 2430fbf3537Syasuoka static int 2440fbf3537Syasuoka l2tp_ctrl_send_disconnect_notify(l2tp_ctrl *_this) 2450fbf3537Syasuoka { 2460fbf3537Syasuoka int ncalls; 2470fbf3537Syasuoka 2480fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL) 2490fbf3537Syasuoka L2TP_CTRL_ASSERT(_this->state == L2TP_CTRL_STATE_ESTABLISHED || 2500fbf3537Syasuoka _this->state == L2TP_CTRL_STATE_CLEANUP_WAIT); 2510fbf3537Syasuoka 2527a7bab9dSyasuoka /* this control is not actively closing or StopCCN have been sent */ 2530fbf3537Syasuoka if (_this->active_closing == 0) 2540fbf3537Syasuoka return 0; 2550fbf3537Syasuoka 2567a7bab9dSyasuoka /* Send CDN all Calls */ 2570fbf3537Syasuoka ncalls = 0; 2580fbf3537Syasuoka if (slist_length(&_this->call_list) != 0) { 2590fbf3537Syasuoka ncalls = l2tp_ctrl_disconnect_all_calls(_this); 2600fbf3537Syasuoka if (ncalls > 0) { 2610fbf3537Syasuoka /* 2627a7bab9dSyasuoka * Call the function again to check whether the 2637a7bab9dSyasuoka * sending window is fulled. In case ncalls == 0, 2647a7bab9dSyasuoka * it means we've sent CDN for all calls. 2650fbf3537Syasuoka */ 2660fbf3537Syasuoka ncalls = l2tp_ctrl_disconnect_all_calls(_this); 2670fbf3537Syasuoka } 2680fbf3537Syasuoka } 2690fbf3537Syasuoka if (ncalls > 0) 2700fbf3537Syasuoka return ncalls; 2710fbf3537Syasuoka 2720fbf3537Syasuoka if (l2tp_ctrl_send_StopCCN(_this, _this->active_closing) != 0) 2730fbf3537Syasuoka return -1; 2740fbf3537Syasuoka _this->active_closing = 0; 2750fbf3537Syasuoka 2760fbf3537Syasuoka return 0; 2770fbf3537Syasuoka } 2780fbf3537Syasuoka 279f0a4e295Syasuoka /* 280f0a4e295Syasuoka * Terminate the control connection 2810fbf3537Syasuoka * 2820fbf3537Syasuoka * <p> 2837a7bab9dSyasuoka * please specify an appropriate value to result( >0 ) for 284f0a4e295Syasuoka * StopCCN ResultCode AVP, when to sent Active Close (which 285f0a4e295Syasuoka * require StopCCN sent).</p> 2860fbf3537Syasuoka * <p> 287f0a4e295Syasuoka * When the return value of this function is zero, the _this 288f0a4e295Syasuoka * is already released. The lt2p_ctrl process that was bound to it 289f0a4e295Syasuoka * could not contine. 290f0a4e295Syasuoka * When the return value of this function is one, the timer 291f0a4e295Syasuoka * is reset.</p> 2920fbf3537Syasuoka * 293f0a4e295Syasuoka * @return return 0 if terminate process was completed. 2940fbf3537Syasuoka */ 2950fbf3537Syasuoka int 2960fbf3537Syasuoka l2tp_ctrl_stop(l2tp_ctrl *_this, int result) 2970fbf3537Syasuoka { 2980fbf3537Syasuoka int i; 2990fbf3537Syasuoka l2tpd *_l2tpd; 3000fbf3537Syasuoka 3010fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 3020fbf3537Syasuoka 3030fbf3537Syasuoka switch (_this->state) { 3040fbf3537Syasuoka case L2TP_CTRL_STATE_ESTABLISHED: 3050fbf3537Syasuoka _this->state = L2TP_CTRL_STATE_CLEANUP_WAIT; 3060fbf3537Syasuoka if (result > 0) { 3070fbf3537Syasuoka _this->active_closing = result; 3080fbf3537Syasuoka l2tp_ctrl_send_disconnect_notify(_this); 3090fbf3537Syasuoka break; 3100fbf3537Syasuoka } 3110fbf3537Syasuoka goto cleanup; 3120fbf3537Syasuoka default: 3130fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_DEBUG, "%s() unexpected state=%s", 3140fbf3537Syasuoka __func__, l2tp_ctrl_state_string(_this)); 315f0a4e295Syasuoka /* FALLTHROUGH */ 3160fbf3537Syasuoka case L2TP_CTRL_STATE_WAIT_CTL_CONN: 317f0a4e295Syasuoka /* FALLTHROUGH */ 3180fbf3537Syasuoka case L2TP_CTRL_STATE_CLEANUP_WAIT: 3190fbf3537Syasuoka cleanup: 3200fbf3537Syasuoka if (slist_length(&_this->call_list) != 0) { 3210fbf3537Syasuoka if (l2tp_ctrl_disconnect_all_calls(_this) > 0) 3220fbf3537Syasuoka break; 3230fbf3537Syasuoka } 3240fbf3537Syasuoka #if 0 325821f7c56Syasuoka if (L2TP_CTRL_CONF(_this)e_ipsec_sa != 0) 3260fbf3537Syasuoka l2tp_ctrl_purge_ipsec_sa(_this); 3270fbf3537Syasuoka #endif 3280fbf3537Syasuoka 3290fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_NOTICE, "logtype=Finished"); 3300fbf3537Syasuoka 3310fbf3537Syasuoka evtimer_del(&_this->ev_timeout); 3320fbf3537Syasuoka 333f0a4e295Syasuoka /* free send buffer */ 3340fbf3537Syasuoka if (_this->snd_buffers != NULL) { 3350fbf3537Syasuoka for (i = 0; i < _this->winsz; i++) 3360fbf3537Syasuoka bytebuffer_destroy(_this->snd_buffers[i]); 3370fbf3537Syasuoka free(_this->snd_buffers); 3380fbf3537Syasuoka _this->snd_buffers = NULL; 3390fbf3537Syasuoka } 3400fbf3537Syasuoka if (_this->zlb_buffer != NULL) { 3410fbf3537Syasuoka bytebuffer_destroy(_this->zlb_buffer); 3420fbf3537Syasuoka _this->zlb_buffer = NULL; 3430fbf3537Syasuoka } 344f0a4e295Syasuoka 345f0a4e295Syasuoka /* free l2tp_call */ 3460fbf3537Syasuoka l2tp_ctrl_destroy_all_calls(_this); 3470fbf3537Syasuoka slist_fini(&_this->call_list); 3480fbf3537Syasuoka 3490fbf3537Syasuoka l2tpd_remove_ctrl(_this->l2tpd, _this->tunnel_id); 3500fbf3537Syasuoka 3510fbf3537Syasuoka _l2tpd = _this->l2tpd; 3520fbf3537Syasuoka l2tp_ctrl_destroy(_this); 3530fbf3537Syasuoka 3540fbf3537Syasuoka l2tpd_ctrl_finished_notify(_l2tpd); 355f0a4e295Syasuoka return 0; /* stopped */ 3560fbf3537Syasuoka } 3570fbf3537Syasuoka l2tp_ctrl_reset_timeout(_this); 3580fbf3537Syasuoka 3590fbf3537Syasuoka return 1; 3600fbf3537Syasuoka } 3610fbf3537Syasuoka 3620fbf3537Syasuoka #if 0 3630fbf3537Syasuoka /** Delete the IPsec SA for disconnection */ 3640fbf3537Syasuoka static void 3650fbf3537Syasuoka l2tp_ctrl_purge_ipsec_sa(l2tp_ctrl *_this) 3660fbf3537Syasuoka { 3670fbf3537Syasuoka int is_natt, proto; 368886d2b78Syasuoka struct sockaddr_storage peer, sock; 3690fbf3537Syasuoka hash_link *hl; 3700fbf3537Syasuoka #ifdef USE_LIBSOCKUTIL 3710fbf3537Syasuoka struct in_ipsec_sa_cookie *ipsec_sa_cookie; 3720fbf3537Syasuoka #endif 3730fbf3537Syasuoka l2tp_ctrl *anot; 3740fbf3537Syasuoka 3750fbf3537Syasuoka /* 3760fbf3537Syasuoka * Search another tunnel that uses the same IPsec SA 3770fbf3537Syasuoka * by lineer. 3780fbf3537Syasuoka */ 3790fbf3537Syasuoka for (hl = hash_first(_this->l2tpd->ctrl_map); 3800fbf3537Syasuoka hl != NULL; hl = hash_next(_this->l2tpd->ctrl_map)) { 3810fbf3537Syasuoka anot = hl->item; 3820fbf3537Syasuoka if (anot == _this) 3830fbf3537Syasuoka continue; 3840fbf3537Syasuoka 385886d2b78Syasuoka if (_this->peer.ss_family != anot->peer.ss_family) 386886d2b78Syasuoka continue; 387886d2b78Syasuoka if (_this->peer.ss_family == AF_INET) { 388886d2b78Syasuoka if (SIN(&_this->peer)->sin_addr.s_addr != 389886d2b78Syasuoka SIN(&anot->peer)->sin_addr.s_addr) 390886d2b78Syasuoka continue; 391886d2b78Syasuoka } else if (_this->peer.ss_family == AF_INET6) { 392886d2b78Syasuoka if (!IN6_ARE_ADDR_EQUAL( 393886d2b78Syasuoka &(SIN6(&_this->peer)->sin6_addr), 394886d2b78Syasuoka &(SIN6(&anot->peer)->sin6_addr))) 395886d2b78Syasuoka continue; 3960fbf3537Syasuoka } 3970fbf3537Syasuoka #ifdef USE_LIBSOCKUTIL 398886d2b78Syasuoka if (_this->sa_cookie != NULL && anot->sa_cookie != NULL) { 3990fbf3537Syasuoka /* Both tunnels belong the same NAT box. */ 4000fbf3537Syasuoka 4010fbf3537Syasuoka if (memcmp(_this->sa_cookie, anot->sa_cookie, 4020fbf3537Syasuoka sizeof(struct in_ipsec_sa_cookie)) != 0) 4030fbf3537Syasuoka /* Different hosts behind the NAT box. */ 4040fbf3537Syasuoka continue; 4050fbf3537Syasuoka 4060fbf3537Syasuoka /* The SA is shared by another tunnels by one host. */ 4070fbf3537Syasuoka return; /* don't purge the sa */ 4080fbf3537Syasuoka 409886d2b78Syasuoka } else if (_this->sa_cookie != NULL || anot->sa_cookie != NULL) 4100fbf3537Syasuoka /* Only one is behind the NAT */ 4110fbf3537Syasuoka continue; 4120fbf3537Syasuoka #endif 4130fbf3537Syasuoka return; /* don't purge the sa */ 4140fbf3537Syasuoka } 4150fbf3537Syasuoka 4169a200ddfSyasuoka #if defined(USE_LIBSOCKUTIL) && defined(IP_IPSEC_SA_COOKIE) 4170fbf3537Syasuoka is_natt = (_this->sa_cookie != NULL)? 1 : 0; 4180fbf3537Syasuoka #else 4190fbf3537Syasuoka is_natt = 0; 4200fbf3537Syasuoka #endif 4219a200ddfSyasuoka proto = 0; 422886d2b78Syasuoka memcpy(&peer, &_this->peer, _this->peer.ss_len); 423886d2b78Syasuoka memcpy(&sock, &_this->sock, _this->sock.ss_len); 4249a200ddfSyasuoka if (!is_natt) 425886d2b78Syasuoka SIN(&peer)->sin_port = SIN(&sock)->sin_port = 0; 4269a200ddfSyasuoka #if defined(USE_LIBSOCKUTIL) && defined(IP_IPSEC_SA_COOKIE) 4270fbf3537Syasuoka else { 4280fbf3537Syasuoka ipsec_sa_cookie = _this->sa_cookie; 429886d2b78Syasuoka SIN(&peer)->sin_port = ipsec_sa_cookie->remote_port; 430886d2b78Syasuoka SIN(&sock)->sin_port = ipsec_sa_cookie->local_port; 4310fbf3537Syasuoka #if 1 4320fbf3537Syasuoka /* 4330fbf3537Syasuoka * XXX: As RFC 2367, protocol sould be specified if the port 4340fbf3537Syasuoka * XXX: number is non-zero. 4350fbf3537Syasuoka */ 4360fbf3537Syasuoka proto = 0; 4370fbf3537Syasuoka #else 4380fbf3537Syasuoka proto = IPPROTO_UDP; 4390fbf3537Syasuoka #endif 4400fbf3537Syasuoka } 4410fbf3537Syasuoka #endif 4420fbf3537Syasuoka if (ipsec_util_purge_transport_sa((struct sockaddr *)&peer, 443886d2b78Syasuoka (struct sockaddr *)&sock, proto, IPSEC_UTIL_DIRECTION_BOTH) != 0) 4440fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_NOTICE, "failed to purge IPSec SA"); 4450fbf3537Syasuoka } 4460fbf3537Syasuoka #endif 4470fbf3537Syasuoka 448f0a4e295Syasuoka /* timeout processing */ 4490fbf3537Syasuoka static void 4500fbf3537Syasuoka l2tp_ctrl_timeout(int fd, short evtype, void *ctx) 4510fbf3537Syasuoka { 4520fbf3537Syasuoka int next_timeout, need_resend; 4530fbf3537Syasuoka time_t curr_time; 4540fbf3537Syasuoka l2tp_ctrl *_this; 4550fbf3537Syasuoka l2tp_call *call; 4560fbf3537Syasuoka 4570fbf3537Syasuoka /* 458f0a4e295Syasuoka * the timer must be reset, when leave this function. 459f0a4e295Syasuoka * MEMO: l2tp_ctrl_stop() will reset the timer in it. 460f0a4e295Syasuoka * and please remember that the l2tp_ctrl_stop() may free _this. 4610fbf3537Syasuoka */ 4620fbf3537Syasuoka _this = ctx; 4630fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 4640fbf3537Syasuoka 4650fbf3537Syasuoka curr_time = get_monosec(); 4660fbf3537Syasuoka 4670fbf3537Syasuoka next_timeout = 2; 4680fbf3537Syasuoka need_resend = 0; 4690fbf3537Syasuoka 4700fbf3537Syasuoka if (l2tp_ctrl_txwin_size(_this) > 0) { 4710fbf3537Syasuoka if (_this->state == L2TP_CTRL_STATE_ESTABLISHED) { 4720fbf3537Syasuoka if (_this->hello_wait_ack != 0) { 473f0a4e295Syasuoka /* wait Hello reply */ 4740fbf3537Syasuoka if (curr_time - _this->hello_io_time >= 4750fbf3537Syasuoka _this->hello_timeout) { 4760fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_NOTICE, 4770fbf3537Syasuoka "timeout waiting ack for hello " 4780fbf3537Syasuoka "packets."); 4790fbf3537Syasuoka l2tp_ctrl_stop(_this, 4800fbf3537Syasuoka L2TP_STOP_CCN_RCODE_GENERAL); 4810fbf3537Syasuoka return; 4820fbf3537Syasuoka } 4830fbf3537Syasuoka } 4840fbf3537Syasuoka } else if (curr_time - _this->last_snd_ctrl >= 4850fbf3537Syasuoka L2TP_CTRL_CTRL_PKT_TIMEOUT) { 4860fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_NOTICE, 4870fbf3537Syasuoka "timeout waiting ack for ctrl packets."); 4880fbf3537Syasuoka l2tp_ctrl_stop(_this, 4890fbf3537Syasuoka L2TP_STOP_CCN_RCODE_GENERAL); 4900fbf3537Syasuoka return; 4910fbf3537Syasuoka } 4920fbf3537Syasuoka need_resend = 1; 4930fbf3537Syasuoka } else { 4940fbf3537Syasuoka for (slist_itr_first(&_this->call_list); 4950fbf3537Syasuoka slist_itr_has_next(&_this->call_list);) { 4960fbf3537Syasuoka call = slist_itr_next(&_this->call_list); 4970fbf3537Syasuoka if (call->state == L2TP_CALL_STATE_CLEANUP_WAIT) { 4980fbf3537Syasuoka l2tp_call_destroy(call, 1); 4990fbf3537Syasuoka slist_itr_remove(&_this->call_list); 5000fbf3537Syasuoka } 5010fbf3537Syasuoka } 5020fbf3537Syasuoka } 5030fbf3537Syasuoka 5040fbf3537Syasuoka switch (_this->state) { 5050fbf3537Syasuoka case L2TP_CTRL_STATE_IDLE: 5060fbf3537Syasuoka /* 507f0a4e295Syasuoka * idle: 508f0a4e295Syasuoka * XXX: never happen in current implementation 5090fbf3537Syasuoka */ 5100fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 5110fbf3537Syasuoka "Internal error, timeout on illegal state=idle"); 5120fbf3537Syasuoka l2tp_ctrl_stop(_this, L2TP_STOP_CCN_RCODE_GENERAL); 5130fbf3537Syasuoka break; 5140fbf3537Syasuoka case L2TP_CTRL_STATE_WAIT_CTL_CONN: 5150fbf3537Syasuoka /* 516f0a4e295Syasuoka * wait-ctrl-conn: 517f0a4e295Syasuoka * if there is no ack for SCCRP, the peer will 518f0a4e295Syasuoka * resend SCCRQ. however this implementation can 519f0a4e295Syasuoka * not recognize that the SCCRQ was resent or not. 520f0a4e295Syasuoka * Therefore, never resent from this side. 5210fbf3537Syasuoka */ 5220fbf3537Syasuoka need_resend = 0; 5230fbf3537Syasuoka break; 5240fbf3537Syasuoka case L2TP_CTRL_STATE_ESTABLISHED: 5250fbf3537Syasuoka if (slist_length(&_this->call_list) == 0 && 5260fbf3537Syasuoka curr_time - _this->last_snd_ctrl >= 5270fbf3537Syasuoka L2TP_CTRL_WAIT_CALL_TIMEOUT) { 5280fbf3537Syasuoka if (_this->ncalls == 0) 529421b67a1Sjasper /* fail to receive first call */ 5300fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_WARNING, 5310fbf3537Syasuoka "timeout waiting call"); 5320fbf3537Syasuoka l2tp_ctrl_stop(_this, 5330fbf3537Syasuoka L2TP_STOP_CCN_RCODE_GENERAL); 5340fbf3537Syasuoka return; 5350fbf3537Syasuoka } 5360fbf3537Syasuoka if (_this->hello_wait_ack == 0 && _this->hello_interval > 0) { 537f0a4e295Syasuoka /* send Hello */ 5380fbf3537Syasuoka if (curr_time - _this->hello_interval >= 5390fbf3537Syasuoka _this->hello_io_time) { 5400fbf3537Syasuoka if (l2tp_ctrl_send_HELLO(_this) == 0) 541f0a4e295Syasuoka /* success */ 5420fbf3537Syasuoka _this->hello_wait_ack = 1; 5430fbf3537Syasuoka _this->hello_io_time = curr_time; 5440fbf3537Syasuoka need_resend = 0; 5450fbf3537Syasuoka } 5460fbf3537Syasuoka } 5470fbf3537Syasuoka break; 5480fbf3537Syasuoka case L2TP_CTRL_STATE_CLEANUP_WAIT: 5490fbf3537Syasuoka if (curr_time - _this->last_snd_ctrl >= 5500fbf3537Syasuoka L2TP_CTRL_CLEANUP_WAIT_TIME) { 5510fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_NOTICE, 5520fbf3537Syasuoka "Cleanup timeout state=%d", _this->state); 5530fbf3537Syasuoka l2tp_ctrl_stop(_this, 0); 5540fbf3537Syasuoka return; 5550fbf3537Syasuoka } 5560fbf3537Syasuoka if (_this->active_closing != 0) 5570fbf3537Syasuoka l2tp_ctrl_send_disconnect_notify(_this); 5580fbf3537Syasuoka break; 5590fbf3537Syasuoka default: 5600fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 5610fbf3537Syasuoka "Internal error, timeout on illegal state=%d", 5620fbf3537Syasuoka _this->state); 5630fbf3537Syasuoka l2tp_ctrl_stop(_this, L2TP_STOP_CCN_RCODE_GENERAL); 5640fbf3537Syasuoka return; 5650fbf3537Syasuoka } 566f0a4e295Syasuoka /* resend if required */ 5670fbf3537Syasuoka if (need_resend) 5680fbf3537Syasuoka l2tp_ctrl_resend_una_packets(_this); 5690fbf3537Syasuoka l2tp_ctrl_reset_timeout(_this); 5700fbf3537Syasuoka } 5710fbf3537Syasuoka 5720fbf3537Syasuoka int 5730fbf3537Syasuoka l2tp_ctrl_send(l2tp_ctrl *_this, const void *msg, int len) 5740fbf3537Syasuoka { 5750fbf3537Syasuoka int rval; 5760fbf3537Syasuoka 5770fbf3537Syasuoka #ifdef USE_LIBSOCKUTIL 5780fbf3537Syasuoka if (_this->sa_cookie != NULL) 5790fbf3537Syasuoka rval = sendfromto_nat_t(LISTENER_SOCK(_this), msg, len, 0, 5800fbf3537Syasuoka (struct sockaddr *)&_this->sock, 5810fbf3537Syasuoka (struct sockaddr *)&_this->peer, _this->sa_cookie); 5820fbf3537Syasuoka else 5830fbf3537Syasuoka rval = sendfromto(LISTENER_SOCK(_this), msg, len, 0, 5840fbf3537Syasuoka (struct sockaddr *)&_this->sock, 5850fbf3537Syasuoka (struct sockaddr *)&_this->peer); 5860fbf3537Syasuoka #else 587b56612b6Smarkus #ifdef USE_SA_COOKIE 588b56612b6Smarkus if (_this->sa_cookie != NULL) 589b56612b6Smarkus rval = sendto_nat_t(LISTENER_SOCK(_this), msg, len, 0, 590b56612b6Smarkus (struct sockaddr *)&_this->peer, _this->peer.ss_len, 591b56612b6Smarkus _this->sa_cookie); 592b56612b6Smarkus else 593b56612b6Smarkus #endif 5940fbf3537Syasuoka rval = sendto(LISTENER_SOCK(_this), msg, len, 0, 5950fbf3537Syasuoka (struct sockaddr *)&_this->peer, _this->peer.ss_len); 5960fbf3537Syasuoka #endif 5970fbf3537Syasuoka return rval; 5980fbf3537Syasuoka } 5990fbf3537Syasuoka 600f0a4e295Syasuoka /* resend una packets */ 6010fbf3537Syasuoka static int 6020fbf3537Syasuoka l2tp_ctrl_resend_una_packets(l2tp_ctrl *_this) 6030fbf3537Syasuoka { 6040fbf3537Syasuoka uint16_t seq; 6050fbf3537Syasuoka bytebuffer *bytebuf; 6060fbf3537Syasuoka struct l2tp_header *header; 6070fbf3537Syasuoka int nsend; 6080fbf3537Syasuoka 6090fbf3537Syasuoka nsend = 0; 6100fbf3537Syasuoka for (seq = _this->snd_una; SEQ_LT(seq, _this->snd_nxt); seq++) { 6110fbf3537Syasuoka bytebuf = _this->snd_buffers[seq % _this->winsz]; 6120fbf3537Syasuoka header = bytebuffer_pointer(bytebuf); 6130fbf3537Syasuoka header->nr = htons(_this->rcv_nxt); 6140fbf3537Syasuoka #ifdef L2TP_CTRL_DEBUG 6150fbf3537Syasuoka if (debuglevel >= 3) { 6160fbf3537Syasuoka l2tp_ctrl_log(_this, DEBUG_LEVEL_3, "RESEND seq=%u", 6170fbf3537Syasuoka ntohs(header->ns)); 6180fbf3537Syasuoka show_hd(debug_get_debugfp(), 6190fbf3537Syasuoka bytebuffer_pointer(bytebuf), 6200fbf3537Syasuoka bytebuffer_remaining(bytebuf)); 6210fbf3537Syasuoka } 6220fbf3537Syasuoka #endif 6230fbf3537Syasuoka if (l2tp_ctrl_send(_this, bytebuffer_pointer(bytebuf), 6240fbf3537Syasuoka bytebuffer_remaining(bytebuf)) < 0) { 6250fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 6260fbf3537Syasuoka "sendto() failed in %s: %m", __func__); 6270fbf3537Syasuoka return -1; 6280fbf3537Syasuoka } 6290fbf3537Syasuoka nsend++; 6300fbf3537Syasuoka } 6310fbf3537Syasuoka return nsend; 6320fbf3537Syasuoka } 6330fbf3537Syasuoka 634f0a4e295Syasuoka /* free all calls */ 6350fbf3537Syasuoka static void 6360fbf3537Syasuoka l2tp_ctrl_destroy_all_calls(l2tp_ctrl *_this) 6370fbf3537Syasuoka { 6380fbf3537Syasuoka l2tp_call *call; 6390fbf3537Syasuoka 6400fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 6410fbf3537Syasuoka 6420fbf3537Syasuoka while ((call = slist_remove_first(&_this->call_list)) != NULL) 6430fbf3537Syasuoka l2tp_call_destroy(call, 1); 6440fbf3537Syasuoka } 6450fbf3537Syasuoka 646f0a4e295Syasuoka 647f0a4e295Syasuoka /* disconnect all calls on the control context 648f0a4e295Syasuoka * @return return # of calls that is not waiting cleanup. 6490fbf3537Syasuoka */ 6500fbf3537Syasuoka static int 6510fbf3537Syasuoka l2tp_ctrl_disconnect_all_calls(l2tp_ctrl *_this) 6520fbf3537Syasuoka { 6530fbf3537Syasuoka int i, len, ncalls; 6540fbf3537Syasuoka l2tp_call *call; 6550fbf3537Syasuoka 6560fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 6570fbf3537Syasuoka 6580fbf3537Syasuoka ncalls = 0; 6590fbf3537Syasuoka len = slist_length(&_this->call_list); 6600fbf3537Syasuoka for (i = 0; i < len; i++) { 6610fbf3537Syasuoka call = slist_get(&_this->call_list, i); 6620fbf3537Syasuoka if (call->state != L2TP_CALL_STATE_CLEANUP_WAIT) { 6630fbf3537Syasuoka ncalls++; 6640fbf3537Syasuoka 6650fbf3537Syasuoka if (l2tp_ctrl_txwin_is_full(_this)) { 6660fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_INFO, 6670fbf3537Syasuoka "Too many calls. Sending window is not " 6680fbf3537Syasuoka "enough to send CDN to all clients.")); 6690fbf3537Syasuoka /* nothing to do */ 6700fbf3537Syasuoka } else 6710fbf3537Syasuoka l2tp_call_admin_disconnect(call); 6720fbf3537Syasuoka } 6730fbf3537Syasuoka } 6740fbf3537Syasuoka return ncalls; 6750fbf3537Syasuoka } 6760fbf3537Syasuoka 677f0a4e295Syasuoka /* reset timeout */ 6780fbf3537Syasuoka static void 6790fbf3537Syasuoka l2tp_ctrl_reset_timeout(l2tp_ctrl *_this) 6800fbf3537Syasuoka { 6810fbf3537Syasuoka int intvl; 6820fbf3537Syasuoka struct timeval tv0; 6830fbf3537Syasuoka 6840fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 6850fbf3537Syasuoka 6860fbf3537Syasuoka if (evtimer_initialized(&_this->ev_timeout)) 6870fbf3537Syasuoka evtimer_del(&_this->ev_timeout); 6880fbf3537Syasuoka 6890fbf3537Syasuoka switch (_this->state) { 6900fbf3537Syasuoka case L2TP_CTRL_STATE_CLEANUP_WAIT: 6910fbf3537Syasuoka intvl = 1; 6920fbf3537Syasuoka break; 6930fbf3537Syasuoka default: 6940fbf3537Syasuoka intvl = 2; 6950fbf3537Syasuoka break; 6960fbf3537Syasuoka } 6970fbf3537Syasuoka tv0.tv_usec = 0; 6980fbf3537Syasuoka tv0.tv_sec = intvl; 6990fbf3537Syasuoka if (!evtimer_initialized(&_this->ev_timeout)) 7000fbf3537Syasuoka evtimer_set(&_this->ev_timeout, l2tp_ctrl_timeout, _this); 7010fbf3537Syasuoka evtimer_add(&_this->ev_timeout, &tv0); 7020fbf3537Syasuoka } 7030fbf3537Syasuoka 704f0a4e295Syasuoka /* 705f0a4e295Syasuoka * protocols / send and receive 7060fbf3537Syasuoka */ 707421b67a1Sjasper /* Receive packet */ 7080fbf3537Syasuoka void 7090fbf3537Syasuoka l2tp_ctrl_input(l2tpd *_this, int listener_index, struct sockaddr *peer, 7100fbf3537Syasuoka struct sockaddr *sock, void *nat_t_ctx, u_char *pkt, int pktlen) 7110fbf3537Syasuoka { 7120fbf3537Syasuoka int i, len, offsiz, reqlen, is_ctrl; 7130fbf3537Syasuoka uint16_t mestype; 7140fbf3537Syasuoka struct l2tp_avp *avp, *avp0; 7150fbf3537Syasuoka l2tp_ctrl *ctrl; 7160fbf3537Syasuoka l2tp_call *call; 7170fbf3537Syasuoka char buf[L2TP_AVP_MAXSIZ], errmsg[256]; 7180fbf3537Syasuoka time_t curr_time; 7190fbf3537Syasuoka u_char *pkt0; 7200fbf3537Syasuoka struct l2tp_header hdr; 721886d2b78Syasuoka char hbuf[NI_MAXHOST + NI_MAXSERV + 16]; 7220fbf3537Syasuoka 7230fbf3537Syasuoka ctrl = NULL; 7240fbf3537Syasuoka curr_time = get_monosec(); 7250fbf3537Syasuoka pkt0 = pkt; 7260fbf3537Syasuoka 727886d2b78Syasuoka L2TP_CTRL_ASSERT(peer->sa_family == sock->sa_family); 728886d2b78Syasuoka L2TP_CTRL_ASSERT(peer->sa_family == AF_INET || 729886d2b78Syasuoka peer->sa_family == AF_INET6) 7300fbf3537Syasuoka /* 7310fbf3537Syasuoka * Parse L2TP Header 7320fbf3537Syasuoka */ 7330fbf3537Syasuoka memset(&hdr, 0, sizeof(hdr)); 7340fbf3537Syasuoka if (pktlen < 2) { 7350fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), "a short packet. " 7360fbf3537Syasuoka "length=%d", pktlen); 7370fbf3537Syasuoka goto bad_packet; 7380fbf3537Syasuoka } 7390fbf3537Syasuoka memcpy(&hdr, pkt, 2); 7400fbf3537Syasuoka pkt += 2; 7410fbf3537Syasuoka if (hdr.ver != L2TP_HEADER_VERSION_RFC2661) { 742f0a4e295Syasuoka /* XXX: only RFC2661 is supported */ 7430fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 7440fbf3537Syasuoka "Unsupported version at header = %d", hdr.ver); 7450fbf3537Syasuoka goto bad_packet; 7460fbf3537Syasuoka } 7470fbf3537Syasuoka is_ctrl = (hdr.t != 0)? 1 : 0; 7480fbf3537Syasuoka 7490fbf3537Syasuoka /* calc required length */ 7500fbf3537Syasuoka reqlen = 6; /* for Flags, Tunnel-Id, Session-Id field */ 7510fbf3537Syasuoka if (hdr.l) reqlen += 2; /* for Length field (opt) */ 7520fbf3537Syasuoka if (hdr.s) reqlen += 4; /* for Ns, Nr field (opt) */ 7530fbf3537Syasuoka if (hdr.o) reqlen += 2; /* for Offset Size field (opt) */ 7540fbf3537Syasuoka if (reqlen > pktlen) { 7550fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 7560fbf3537Syasuoka "a short packet. length=%d", pktlen); 7570fbf3537Syasuoka goto bad_packet; 7580fbf3537Syasuoka } 7590fbf3537Syasuoka 7600fbf3537Syasuoka if (hdr.l != 0) { 7610fbf3537Syasuoka GETSHORT(hdr.length, pkt); 7620fbf3537Syasuoka if (hdr.length > pktlen) { 7630fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 7640fbf3537Syasuoka "Actual packet size is smaller than the length " 7650fbf3537Syasuoka "field %d < %d", pktlen, hdr.length); 7660fbf3537Syasuoka goto bad_packet; 7670fbf3537Syasuoka } 7680fbf3537Syasuoka pktlen = hdr.length; /* remove trailing trash */ 7690fbf3537Syasuoka } 7700fbf3537Syasuoka GETSHORT(hdr.tunnel_id, pkt); 7710fbf3537Syasuoka GETSHORT(hdr.session_id, pkt); 7720fbf3537Syasuoka if (hdr.s != 0) { 7730fbf3537Syasuoka GETSHORT(hdr.ns, pkt); 7740fbf3537Syasuoka GETSHORT(hdr.nr, pkt); 7750fbf3537Syasuoka } 7760fbf3537Syasuoka if (hdr.o != 0) { 7770fbf3537Syasuoka GETSHORT(offsiz, pkt); 7780fbf3537Syasuoka if (pktlen < offsiz) { 7790fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 7800fbf3537Syasuoka "offset field is bigger than remaining packet " 7810fbf3537Syasuoka "length %d > %d", offsiz, pktlen); 7820fbf3537Syasuoka goto bad_packet; 7830fbf3537Syasuoka } 7840fbf3537Syasuoka pkt += offsiz; 7850fbf3537Syasuoka } 7860fbf3537Syasuoka L2TP_CTRL_ASSERT(pkt - pkt0 == reqlen); 7870fbf3537Syasuoka pktlen -= (pkt - pkt0); /* cut down the length of header */ 7880fbf3537Syasuoka 7890fbf3537Syasuoka ctrl = NULL; 7900fbf3537Syasuoka memset(buf, 0, sizeof(buf)); 7910fbf3537Syasuoka mestype = 0; 7920fbf3537Syasuoka avp = NULL; 7930fbf3537Syasuoka 7940fbf3537Syasuoka if (is_ctrl) { 7950fbf3537Syasuoka avp0 = (struct l2tp_avp *)buf; 7960fbf3537Syasuoka avp = avp_find_message_type_avp(avp0, pkt, pktlen); 7970fbf3537Syasuoka if (avp != NULL) 7980fbf3537Syasuoka mestype = avp->attr_value[0] << 8 | avp->attr_value[1]; 7990fbf3537Syasuoka } 8000fbf3537Syasuoka ctrl = l2tpd_get_ctrl(_this, hdr.tunnel_id); 8010fbf3537Syasuoka 8020fbf3537Syasuoka if (ctrl == NULL) { 803f0a4e295Syasuoka /* new control */ 8040fbf3537Syasuoka if (!is_ctrl) { 8050fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 8060fbf3537Syasuoka "bad data message: tunnelId=%d is not " 8070fbf3537Syasuoka "found.", hdr.tunnel_id); 8080fbf3537Syasuoka goto bad_packet; 8090fbf3537Syasuoka } 8100fbf3537Syasuoka if (mestype != L2TP_AVP_MESSAGE_TYPE_SCCRQ) { 8110fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 8120fbf3537Syasuoka "bad control message: tunnelId=%d is not " 8130fbf3537Syasuoka "found. mestype=%s", hdr.tunnel_id, 8140fbf3537Syasuoka avp_mes_type_string(mestype)); 8150fbf3537Syasuoka goto bad_packet; 8160fbf3537Syasuoka } 8170fbf3537Syasuoka 8180fbf3537Syasuoka if ((ctrl = l2tp_ctrl_create()) == NULL) { 8190fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_ERR, 8200fbf3537Syasuoka "l2tp_ctrl_create() failed: %m"); 821f0a4e295Syasuoka goto fail; 8220fbf3537Syasuoka } 823821f7c56Syasuoka 8240fbf3537Syasuoka if (l2tp_ctrl_init(ctrl, _this, peer, sock, nat_t_ctx) != 0) { 8250fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_ERR, 8260fbf3537Syasuoka "l2tp_ctrl_start() failed: %m"); 827f0a4e295Syasuoka goto fail; 8280fbf3537Syasuoka } 8290fbf3537Syasuoka 8300fbf3537Syasuoka ctrl->listener_index = listener_index; 8310fbf3537Syasuoka l2tp_ctrl_reload(ctrl); 8320fbf3537Syasuoka } else { 8330fbf3537Syasuoka /* 834f0a4e295Syasuoka * treat as an error if src address and port is not 835f0a4e295Syasuoka * match. (because it is potentially DoS attach) 8360fbf3537Syasuoka */ 837886d2b78Syasuoka int notmatch = 0; 8380fbf3537Syasuoka 839886d2b78Syasuoka if (ctrl->peer.ss_family != peer->sa_family) 840886d2b78Syasuoka notmatch = 1; 841886d2b78Syasuoka else if (peer->sa_family == AF_INET) { 842886d2b78Syasuoka if (SIN(peer)->sin_addr.s_addr != 843886d2b78Syasuoka SIN(&ctrl->peer)->sin_addr.s_addr || 844886d2b78Syasuoka SIN(peer)->sin_port != SIN(&ctrl->peer)->sin_port) 845886d2b78Syasuoka notmatch = 1; 846886d2b78Syasuoka } else if (peer->sa_family == AF_INET6) { 847886d2b78Syasuoka if (!IN6_ARE_ADDR_EQUAL(&(SIN6(peer)->sin6_addr), 848886d2b78Syasuoka &(SIN6(&ctrl->peer)->sin6_addr)) || 849886d2b78Syasuoka SIN6(peer)->sin6_port != 850886d2b78Syasuoka SIN6(&ctrl->peer)->sin6_port) 851886d2b78Syasuoka notmatch = 1; 852886d2b78Syasuoka } 853886d2b78Syasuoka if (notmatch) { 8540fbf3537Syasuoka snprintf(errmsg, sizeof(errmsg), 855886d2b78Syasuoka "tunnelId=%u is already assigned for %s", 856886d2b78Syasuoka hdr.tunnel_id, addrport_tostring( 857886d2b78Syasuoka (struct sockaddr *)&ctrl->peer, 858886d2b78Syasuoka ctrl->peer.ss_len, hbuf, sizeof(hbuf))); 8590fbf3537Syasuoka goto bad_packet; 8600fbf3537Syasuoka } 8610fbf3537Syasuoka } 8620fbf3537Syasuoka ctrl->last_rcv = curr_time; 8630fbf3537Syasuoka call = NULL; 8640fbf3537Syasuoka if (hdr.session_id != 0) { 865f0a4e295Syasuoka /* search l2tp_call by Session ID */ 866f0a4e295Syasuoka /* linear search is enough for this purpose */ 8670fbf3537Syasuoka len = slist_length(&ctrl->call_list); 8680fbf3537Syasuoka for (i = 0; i < len; i++) { 8690fbf3537Syasuoka call = slist_get(&ctrl->call_list, i); 8700fbf3537Syasuoka if (call->session_id == hdr.session_id) 8710fbf3537Syasuoka break; 8720fbf3537Syasuoka call = NULL; 8730fbf3537Syasuoka } 8740fbf3537Syasuoka } 8750fbf3537Syasuoka if (!is_ctrl) { 876e405d423Syasuoka int delayed = 0; 877e405d423Syasuoka 878f0a4e295Syasuoka /* L2TP data */ 8790fbf3537Syasuoka if (ctrl->state != L2TP_CTRL_STATE_ESTABLISHED) { 8800fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_WARNING, 8810fbf3537Syasuoka "Received Data packet in '%s'", 8820fbf3537Syasuoka l2tp_ctrl_state_string(ctrl)); 883f0a4e295Syasuoka goto fail; 8840fbf3537Syasuoka } 8850fbf3537Syasuoka if (call == NULL) { 8860fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_WARNING, 8870fbf3537Syasuoka "Received a data packet but it has no call. " 8880fbf3537Syasuoka "session_id=%u", hdr.session_id); 889f0a4e295Syasuoka goto fail; 8900fbf3537Syasuoka } 8910fbf3537Syasuoka L2TP_CTRL_DBG((ctrl, DEBUG_LEVEL_2, 8920fbf3537Syasuoka "call=%u RECV ns=%u nr=%u snd_nxt=%u rcv_nxt=%u len=%d", 8930fbf3537Syasuoka call->id, hdr.ns, hdr.nr, call->snd_nxt, call->rcv_nxt, 8940fbf3537Syasuoka pktlen)); 8950fbf3537Syasuoka if (call->state != L2TP_CALL_STATE_ESTABLISHED){ 8960fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_WARNING, 8970fbf3537Syasuoka "Received a data packet but call is not " 8980fbf3537Syasuoka "established"); 899f0a4e295Syasuoka goto fail; 9000fbf3537Syasuoka } 9010fbf3537Syasuoka 9020fbf3537Syasuoka if (hdr.s != 0) { 9030fbf3537Syasuoka if (SEQ_LT(hdr.ns, call->rcv_nxt)) { 904e405d423Syasuoka if (SEQ_LT(hdr.ns, 905e405d423Syasuoka call->rcv_nxt - L2TP_CALL_DELAY_LIMIT)) { 906e405d423Syasuoka /* sequence number seems to be delayed */ 907f0a4e295Syasuoka /* XXX: need to log? */ 9080fbf3537Syasuoka L2TP_CTRL_DBG((ctrl, LOG_DEBUG, 909e405d423Syasuoka "receive a out of sequence " 910e405d423Syasuoka "data packet: %u < %u.", 911e405d423Syasuoka hdr.ns, call->rcv_nxt)); 9120fbf3537Syasuoka return; 9130fbf3537Syasuoka } 914e405d423Syasuoka delayed = 1; 915e405d423Syasuoka } else { 9160fbf3537Syasuoka call->rcv_nxt = hdr.ns + 1; 9170fbf3537Syasuoka } 918e405d423Syasuoka } 919e405d423Syasuoka 920e405d423Syasuoka l2tp_call_ppp_input(call, pkt, pktlen, delayed); 9210fbf3537Syasuoka 9220fbf3537Syasuoka return; 9230fbf3537Syasuoka } 9240fbf3537Syasuoka if (hdr.s != 0) { 9250fbf3537Syasuoka L2TP_CTRL_DBG((ctrl, DEBUG_LEVEL_2, 9260fbf3537Syasuoka "RECV %s ns=%u nr=%u snd_nxt=%u snd_una=%u rcv_nxt=%u " 9270fbf3537Syasuoka "len=%d", (is_ctrl)? "C" : "", hdr.ns, hdr.nr, 9280fbf3537Syasuoka ctrl->snd_nxt, ctrl->snd_una, ctrl->rcv_nxt, pktlen)); 9290fbf3537Syasuoka 9300fbf3537Syasuoka if (pktlen <= 0) 9310fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_INFO, "RecvZLB"); 9320fbf3537Syasuoka 9330fbf3537Syasuoka if (SEQ_GT(hdr.nr, ctrl->snd_una)) { 9340fbf3537Syasuoka if (hdr.nr == ctrl->snd_nxt || 9350fbf3537Syasuoka SEQ_LT(hdr.nr, ctrl->snd_nxt)) 9360fbf3537Syasuoka ctrl->snd_una = hdr.nr; 9370fbf3537Syasuoka else { 9380fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_INFO, 9390fbf3537Syasuoka "Received message has bad Nr field: " 9400fbf3537Syasuoka "%u < %u.", hdr.ns, ctrl->snd_nxt); 9410fbf3537Syasuoka /* XXX Drop with ZLB? */ 942f0a4e295Syasuoka goto fail; 9430fbf3537Syasuoka } 9440fbf3537Syasuoka } 9450fbf3537Syasuoka if (l2tp_ctrl_txwin_size(ctrl) <= 0) { 946f0a4e295Syasuoka /* no waiting ack */ 9470fbf3537Syasuoka if (ctrl->hello_wait_ack != 0) { 9480fbf3537Syasuoka /* 949f0a4e295Syasuoka * Reset Hello state, as an ack for the Hello 950f0a4e295Syasuoka * is recived. 9510fbf3537Syasuoka */ 9520fbf3537Syasuoka ctrl->hello_wait_ack = 0; 9530fbf3537Syasuoka ctrl->hello_io_time = curr_time; 9540fbf3537Syasuoka } 9550fbf3537Syasuoka switch (ctrl->state) { 9560fbf3537Syasuoka case L2TP_CTRL_STATE_CLEANUP_WAIT: 9570fbf3537Syasuoka l2tp_ctrl_stop(ctrl, 0); 9580fbf3537Syasuoka return; 9590fbf3537Syasuoka } 9600fbf3537Syasuoka } 9610fbf3537Syasuoka if (hdr.ns != ctrl->rcv_nxt) { 962f0a4e295Syasuoka /* there are remaining packet */ 9630fbf3537Syasuoka if (l2tp_ctrl_resend_una_packets(ctrl) <= 0) { 964f0a4e295Syasuoka /* resend or sent ZLB */ 9650fbf3537Syasuoka l2tp_ctrl_send_ZLB(ctrl); 9660fbf3537Syasuoka } 9670fbf3537Syasuoka #ifdef L2TP_CTRL_DEBUG 968f0a4e295Syasuoka if (pktlen != 0) { /* not ZLB */ 9690fbf3537Syasuoka L2TP_CTRL_DBG((ctrl, LOG_DEBUG, 9700fbf3537Syasuoka "receive out of sequence %u must be %u. " 9710fbf3537Syasuoka "mestype=%s", hdr.ns, ctrl->rcv_nxt, 9720fbf3537Syasuoka avp_mes_type_string(mestype))); 9730fbf3537Syasuoka } 9740fbf3537Syasuoka #endif 9750fbf3537Syasuoka return; 9760fbf3537Syasuoka } 9770fbf3537Syasuoka if (pktlen <= 0) 9780fbf3537Syasuoka return; /* ZLB */ 9790fbf3537Syasuoka 9800fbf3537Syasuoka if (l2tp_ctrl_txwin_is_full(ctrl)) { 9810fbf3537Syasuoka L2TP_CTRL_DBG((ctrl, LOG_DEBUG, 9820fbf3537Syasuoka "Received message cannot be handled. " 9830fbf3537Syasuoka "Transmission window is full.")); 9840fbf3537Syasuoka l2tp_ctrl_send_ZLB(ctrl); 9850fbf3537Syasuoka return; 9860fbf3537Syasuoka } 9870fbf3537Syasuoka 9880fbf3537Syasuoka ctrl->rcv_nxt++; 9890fbf3537Syasuoka if (avp == NULL) { 9900fbf3537Syasuoka l2tpd_log(_this, LOG_WARNING, 9910fbf3537Syasuoka "bad control message: no message-type AVP."); 992f0a4e295Syasuoka goto fail; 9930fbf3537Syasuoka } 9940fbf3537Syasuoka } 9950fbf3537Syasuoka 9960fbf3537Syasuoka /* 997f0a4e295Syasuoka * state machine (RFC2661 pp. 56-57) 9980fbf3537Syasuoka */ 9990fbf3537Syasuoka switch (ctrl->state) { 10000fbf3537Syasuoka case L2TP_CTRL_STATE_IDLE: 10010fbf3537Syasuoka switch (mestype) { 10020fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCRQ: 10030fbf3537Syasuoka if (l2tp_ctrl_recv_SCCRQ(ctrl, pkt, pktlen, _this, 10040fbf3537Syasuoka peer) == 0) { 1005f0a4e295Syasuoka /* acceptable */ 10060fbf3537Syasuoka l2tp_ctrl_send_SCCRP(ctrl); 10070fbf3537Syasuoka ctrl->state = L2TP_CTRL_STATE_WAIT_CTL_CONN; 10080fbf3537Syasuoka return; 10090fbf3537Syasuoka } 10100fbf3537Syasuoka /* 1011f0a4e295Syasuoka * in case un-acceptable, it was already processed 1012f0a4e295Syasuoka * at l2tcp_ctrl_recv_SCCRQ 10130fbf3537Syasuoka */ 10140fbf3537Syasuoka return; 10150fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCRP: 10160fbf3537Syasuoka /* 1017f0a4e295Syasuoka * RFC specifies that sent of StopCCN in the state, 1018f0a4e295Syasuoka * However as this implementation only support Passive 1019421b67a1Sjasper * open, this packet will not received. 10200fbf3537Syasuoka */ 1021f0a4e295Syasuoka /* FALLTHROUGH */ 10220fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCCN: 10230fbf3537Syasuoka default: 10240fbf3537Syasuoka break; 10250fbf3537Syasuoka } 1026f0a4e295Syasuoka goto fsm_fail; 10270fbf3537Syasuoka 10280fbf3537Syasuoka case L2TP_CTRL_STATE_WAIT_CTL_CONN: 10290fbf3537Syasuoka /* Wait-Ctl-Conn */ 10300fbf3537Syasuoka switch (mestype) { 10310fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCCN: 10320fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_INFO, "RecvSCCN"); 10330fbf3537Syasuoka if (l2tp_ctrl_send_ZLB(ctrl) == 0) { 10340fbf3537Syasuoka ctrl->state = L2TP_CTRL_STATE_ESTABLISHED; 10350fbf3537Syasuoka } 10360fbf3537Syasuoka return; 10370fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_StopCCN: 10380fbf3537Syasuoka goto receive_stop_ccn; 10390fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCRQ: 10400fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCRP: 10410fbf3537Syasuoka default: 10420fbf3537Syasuoka break; 10430fbf3537Syasuoka } 1044f0a4e295Syasuoka break; /* fsm_fail */ 10450fbf3537Syasuoka case L2TP_CTRL_STATE_ESTABLISHED: 10460fbf3537Syasuoka /* Established */ 10470fbf3537Syasuoka switch (mestype) { 10480fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCCN: 10490fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCRQ: 10500fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_SCCRP: 10510fbf3537Syasuoka break; 10520fbf3537Syasuoka receive_stop_ccn: 10530fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_StopCCN: 10540fbf3537Syasuoka if (l2tp_ctrl_recv_StopCCN(ctrl, pkt, pktlen) == 0) { 10550fbf3537Syasuoka if (l2tp_ctrl_resend_una_packets(ctrl) <= 0) 10560fbf3537Syasuoka l2tp_ctrl_send_ZLB(ctrl); 10570fbf3537Syasuoka l2tp_ctrl_stop(ctrl, 0); 10580fbf3537Syasuoka return; 10590fbf3537Syasuoka } 10600fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_ERR, "Received bad StopCCN"); 10610fbf3537Syasuoka l2tp_ctrl_send_ZLB(ctrl); 10620fbf3537Syasuoka l2tp_ctrl_stop(ctrl, 0); 10630fbf3537Syasuoka return; 10640fbf3537Syasuoka 10650fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_HELLO: 10660fbf3537Syasuoka if (l2tp_ctrl_resend_una_packets(ctrl) <= 0) 10670fbf3537Syasuoka l2tp_ctrl_send_ZLB(ctrl); 10680fbf3537Syasuoka return; 10690fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_CDN: 10700fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_ICRP: 10710fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_ICCN: 10720fbf3537Syasuoka if (call == NULL) { 10730fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_INFO, 10740fbf3537Syasuoka "Unknown call message: %s", 10750fbf3537Syasuoka avp_mes_type_string(mestype)); 1076f0a4e295Syasuoka goto fail; 10770fbf3537Syasuoka } 1078f0a4e295Syasuoka /* FALLTHROUGH */ 10790fbf3537Syasuoka case L2TP_AVP_MESSAGE_TYPE_ICRQ: 10800fbf3537Syasuoka l2tp_call_recv_packet(ctrl, call, mestype, pkt, 10810fbf3537Syasuoka pktlen); 10820fbf3537Syasuoka return; 10830fbf3537Syasuoka default: 10840fbf3537Syasuoka break; 10850fbf3537Syasuoka } 1086f0a4e295Syasuoka break; /* fsm_fail */ 10870fbf3537Syasuoka case L2TP_CTRL_STATE_CLEANUP_WAIT: 10880fbf3537Syasuoka if (mestype == L2TP_AVP_MESSAGE_TYPE_StopCCN) { 10890fbf3537Syasuoka /* 1090f0a4e295Syasuoka * We left ESTABLISHED state, but the peer sent StopCCN. 10910fbf3537Syasuoka */ 10920fbf3537Syasuoka goto receive_stop_ccn; 10930fbf3537Syasuoka } 1094f0a4e295Syasuoka break; /* fsm_fail */ 10950fbf3537Syasuoka } 10960fbf3537Syasuoka 1097f0a4e295Syasuoka fsm_fail: 1098f0a4e295Syasuoka /* state machine error */ 10990fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_WARNING, "Received %s in '%s' state", 11000fbf3537Syasuoka avp_mes_type_string(mestype), l2tp_ctrl_state_string(ctrl)); 11010fbf3537Syasuoka l2tp_ctrl_stop(ctrl, L2TP_STOP_CCN_RCODE_FSM_ERROR); 11020fbf3537Syasuoka 11030fbf3537Syasuoka return; 1104f0a4e295Syasuoka fail: 11050fbf3537Syasuoka if (ctrl != NULL && mestype != 0) { 11060fbf3537Syasuoka l2tp_ctrl_log(ctrl, LOG_WARNING, "Received %s in '%s' state", 11070fbf3537Syasuoka avp_mes_type_string(mestype), l2tp_ctrl_state_string(ctrl)); 11080fbf3537Syasuoka l2tp_ctrl_stop(ctrl, L2TP_STOP_CCN_RCODE_GENERAL_ERROR); 11090fbf3537Syasuoka } 11100fbf3537Syasuoka return; 11110fbf3537Syasuoka 11120fbf3537Syasuoka bad_packet: 1113886d2b78Syasuoka l2tpd_log(_this, LOG_INFO, "Received from=%s: %s", 1114886d2b78Syasuoka addrport_tostring(peer, peer->sa_len, hbuf, sizeof(hbuf)), errmsg); 1115886d2b78Syasuoka 11160fbf3537Syasuoka return; 11170fbf3537Syasuoka } 11180fbf3537Syasuoka 11190fbf3537Syasuoka static inline int 11200fbf3537Syasuoka l2tp_ctrl_txwin_size(l2tp_ctrl *_this) 11210fbf3537Syasuoka { 11220fbf3537Syasuoka uint16_t sz; 11230fbf3537Syasuoka 11240fbf3537Syasuoka sz = _this->snd_nxt - _this->snd_una; 11250fbf3537Syasuoka 11260fbf3537Syasuoka L2TP_CTRL_ASSERT(sz <= _this->winsz); 11270fbf3537Syasuoka 11280fbf3537Syasuoka return sz; 11290fbf3537Syasuoka } 11300fbf3537Syasuoka 11310fbf3537Syasuoka static inline int 11320fbf3537Syasuoka l2tp_ctrl_txwin_is_full(l2tp_ctrl *_this) 11330fbf3537Syasuoka { 11340fbf3537Syasuoka return (l2tp_ctrl_txwin_size(_this) >= _this->winsz)? 1 : 0; 11350fbf3537Syasuoka } 11360fbf3537Syasuoka 1137f0a4e295Syasuoka /* send control packet */ 11380fbf3537Syasuoka int 11399a200ddfSyasuoka l2tp_ctrl_send_packet(l2tp_ctrl *_this, int call_id, bytebuffer *bytebuf) 11400fbf3537Syasuoka { 11410fbf3537Syasuoka struct l2tp_header *hdr; 11429a200ddfSyasuoka int rval; 11430fbf3537Syasuoka time_t curr_time; 11440fbf3537Syasuoka 11450fbf3537Syasuoka curr_time = get_monosec(); 11460fbf3537Syasuoka 11470fbf3537Syasuoka bytebuffer_flip(bytebuf); 11480fbf3537Syasuoka hdr = (struct l2tp_header *)bytebuffer_pointer(bytebuf); 11490fbf3537Syasuoka memset(hdr, 0, sizeof(*hdr)); 11500fbf3537Syasuoka 11510fbf3537Syasuoka hdr->t = 1; 11520fbf3537Syasuoka hdr->ver = L2TP_HEADER_VERSION_RFC2661; 11530fbf3537Syasuoka hdr->l = 1; 11540fbf3537Syasuoka hdr->length = htons(bytebuffer_remaining(bytebuf)); 11550fbf3537Syasuoka hdr->tunnel_id = htons(_this->peer_tunnel_id); 11560fbf3537Syasuoka hdr->session_id = htons(call_id); 11570fbf3537Syasuoka 11580fbf3537Syasuoka hdr->s = 1; 11590fbf3537Syasuoka hdr->ns = htons(_this->snd_nxt); 11600fbf3537Syasuoka hdr->nr = htons(_this->rcv_nxt); 11610fbf3537Syasuoka 11629a200ddfSyasuoka if (bytebuffer_remaining(bytebuf) > sizeof(struct l2tp_header)) 11630fbf3537Syasuoka /* Not ZLB */ 11640fbf3537Syasuoka _this->snd_nxt++; 11650fbf3537Syasuoka 11660fbf3537Syasuoka L2TP_CTRL_DBG((_this, DEBUG_LEVEL_2, 11679a200ddfSyasuoka "SEND C ns=%u nr=%u snd_nxt=%u snd_una=%u rcv_nxt=%u ", 11689a200ddfSyasuoka ntohs(hdr->ns), htons(hdr->nr), 11690fbf3537Syasuoka _this->snd_nxt, _this->snd_una, _this->rcv_nxt)); 11700fbf3537Syasuoka 1171821f7c56Syasuoka if (L2TP_CTRL_CONF(_this)->ctrl_out_pktdump != 0) { 11720fbf3537Syasuoka l2tpd_log(_this->l2tpd, LOG_DEBUG, 11730fbf3537Syasuoka "L2TP Control output packet dump"); 11740fbf3537Syasuoka show_hd(debug_get_debugfp(), bytebuffer_pointer(bytebuf), 11750fbf3537Syasuoka bytebuffer_remaining(bytebuf)); 11760fbf3537Syasuoka } 11770fbf3537Syasuoka 11780fbf3537Syasuoka if ((rval = l2tp_ctrl_send(_this, bytebuffer_pointer(bytebuf), 11790fbf3537Syasuoka bytebuffer_remaining(bytebuf))) < 0) { 11800fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_DEBUG, "sendto() failed: %m")); 11810fbf3537Syasuoka } 11820fbf3537Syasuoka 11830fbf3537Syasuoka _this->last_snd_ctrl = curr_time; 11840fbf3537Syasuoka 11850fbf3537Syasuoka return (rval == bytebuffer_remaining(bytebuf))? 0 : 1; 11860fbf3537Syasuoka } 11870fbf3537Syasuoka 1188f0a4e295Syasuoka /* 1189f0a4e295Syasuoka * receiver SCCRQ 11900fbf3537Syasuoka */ 11910fbf3537Syasuoka static int 11920fbf3537Syasuoka l2tp_ctrl_recv_SCCRQ(l2tp_ctrl *_this, u_char *pkt, int pktlen, l2tpd *_l2tpd, 11930fbf3537Syasuoka struct sockaddr *peer) 11940fbf3537Syasuoka { 11950fbf3537Syasuoka int avpsz, len, protover, protorev, firmrev, result; 11960fbf3537Syasuoka struct l2tp_avp *avp; 11970fbf3537Syasuoka char host[NI_MAXHOST], serv[NI_MAXSERV]; 11980fbf3537Syasuoka char buf[L2TP_AVP_MAXSIZ], emes[256], hostname[256], vendorname[256]; 11990fbf3537Syasuoka 12000fbf3537Syasuoka result = L2TP_STOP_CCN_RCODE_GENERAL_ERROR; 12010fbf3537Syasuoka strlcpy(hostname, "(no hostname)", sizeof(hostname)); 12020fbf3537Syasuoka strlcpy(vendorname, "(no vendorname)", sizeof(vendorname)); 12030fbf3537Syasuoka 12040fbf3537Syasuoka firmrev = 0; 12050fbf3537Syasuoka protover = 0; 12060fbf3537Syasuoka protorev = 0; 12070fbf3537Syasuoka avp = (struct l2tp_avp *)buf; 12080fbf3537Syasuoka while (pktlen >= 6 && (avpsz = avp_enum(avp, pkt, pktlen, 1)) > 0) { 12090fbf3537Syasuoka pkt += avpsz; 12100fbf3537Syasuoka pktlen -= avpsz; 12110fbf3537Syasuoka if (avp->vendor_id != 0) { 12120fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_DEBUG, 12130fbf3537Syasuoka "Received a Vendor-specific AVP vendor-id=%d " 12140fbf3537Syasuoka "type=%d", avp->vendor_id, avp->attr_type)); 12150fbf3537Syasuoka continue; 12160fbf3537Syasuoka } 12170fbf3537Syasuoka switch (avp->attr_type) { 12180fbf3537Syasuoka case L2TP_AVP_TYPE_MESSAGE_TYPE: 12190fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 8); 12200fbf3537Syasuoka continue; 12210fbf3537Syasuoka case L2TP_AVP_TYPE_PROTOCOL_VERSION: 12220fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 8); 12230fbf3537Syasuoka protover = avp->attr_value[0]; 12240fbf3537Syasuoka protorev = avp->attr_value[1]; 12250fbf3537Syasuoka 12260fbf3537Syasuoka if (protover != L2TP_RFC2661_VERSION || 12270fbf3537Syasuoka protorev != L2TP_RFC2661_REVISION) { 12280fbf3537Syasuoka result = L2TP_STOP_CCN_RCODE_GENERAL_ERROR; 12290fbf3537Syasuoka snprintf(emes, sizeof(emes), 12300fbf3537Syasuoka "Peer's protocol version is not supported:" 12310fbf3537Syasuoka " %d.%d", protover, protorev); 12320fbf3537Syasuoka goto not_acceptable; 12330fbf3537Syasuoka } 12340fbf3537Syasuoka continue; 12350fbf3537Syasuoka case L2TP_AVP_TYPE_FRAMING_CAPABILITIES: 12360fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 10); 12370fbf3537Syasuoka if ((avp_get_val32(avp) & L2TP_FRAMING_CAP_FLAGS_SYNC) 12380fbf3537Syasuoka == 0) { 12390fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_DEBUG, "Peer doesn't " 12400fbf3537Syasuoka "support synchronous framing")); 12410fbf3537Syasuoka } 12420fbf3537Syasuoka continue; 12430fbf3537Syasuoka case L2TP_AVP_TYPE_BEARER_CAPABILITIES: 12440fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 10); 12450fbf3537Syasuoka continue; 12460fbf3537Syasuoka case L2TP_AVP_TYPE_TIE_BREAKER: 12470fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 14); 12480fbf3537Syasuoka /* 1249f0a4e295Syasuoka * As the implementation never send SCCRQ, 1250f0a4e295Syasuoka * the peer is always winner 12510fbf3537Syasuoka */ 12520fbf3537Syasuoka continue; 12530fbf3537Syasuoka case L2TP_AVP_TYPE_FIRMWARE_REVISION: 12540fbf3537Syasuoka AVP_SIZE_CHECK(avp, >=, 6); 12550fbf3537Syasuoka firmrev = avp_get_val16(avp); 12560fbf3537Syasuoka continue; 12570fbf3537Syasuoka case L2TP_AVP_TYPE_HOST_NAME: 12580fbf3537Syasuoka AVP_SIZE_CHECK(avp, >, 4); 12590fbf3537Syasuoka len = MIN(sizeof(hostname) - 1, avp->length - 6); 12600fbf3537Syasuoka memcpy(hostname, avp->attr_value, len); 12610fbf3537Syasuoka hostname[len] = '\0'; 12620fbf3537Syasuoka continue; 12630fbf3537Syasuoka case L2TP_AVP_TYPE_VENDOR_NAME: 12640fbf3537Syasuoka AVP_SIZE_CHECK(avp, >, 4); 12650fbf3537Syasuoka len = MIN(sizeof(vendorname) - 1, avp->length - 6); 12660fbf3537Syasuoka memcpy(vendorname, avp->attr_value, len); 12670fbf3537Syasuoka vendorname[len] = '\0'; 12680fbf3537Syasuoka continue; 12690fbf3537Syasuoka case L2TP_AVP_TYPE_ASSINGED_TUNNEL_ID: 12700fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 8); 12710fbf3537Syasuoka _this->peer_tunnel_id = avp_get_val16(avp); 12720fbf3537Syasuoka continue; 12730fbf3537Syasuoka case L2TP_AVP_TYPE_RECV_WINDOW_SIZE: 12740fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 8); 12750fbf3537Syasuoka _this->peer_winsz = avp_get_val16(avp); 12760fbf3537Syasuoka continue; 12770fbf3537Syasuoka } 12780fbf3537Syasuoka if (avp->is_mandatory) { 12790fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_WARNING, 12800fbf3537Syasuoka "Received AVP (%s/%d) is not supported, but it's " 12810fbf3537Syasuoka "mandatory", avp_attr_type_string(avp->attr_type), 12820fbf3537Syasuoka avp->attr_type); 12830fbf3537Syasuoka #ifdef L2TP_CTRL_DEBUG 12840fbf3537Syasuoka } else { 12850fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_DEBUG, 12860fbf3537Syasuoka "AVP (%s/%d) is not handled", 12870fbf3537Syasuoka avp_attr_type_string(avp->attr_type), 12880fbf3537Syasuoka avp->attr_type)); 12890fbf3537Syasuoka #endif 12900fbf3537Syasuoka } 12910fbf3537Syasuoka } 12920fbf3537Syasuoka if (getnameinfo((struct sockaddr *)&_this->peer, _this->peer.ss_len, 12930fbf3537Syasuoka host, sizeof(host), serv, sizeof(serv), 12940fbf3537Syasuoka NI_NUMERICHOST | NI_NUMERICSERV | NI_DGRAM) != 0) { 12950fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 12960fbf3537Syasuoka "getnameinfo() failed at %s(): %m", __func__); 12970fbf3537Syasuoka strlcpy(host, "error", sizeof(host)); 12980fbf3537Syasuoka strlcpy(serv, "error", sizeof(serv)); 12990fbf3537Syasuoka } 13000fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_NOTICE, "logtype=Started RecvSCCRQ " 13010fbf3537Syasuoka "from=%s:%s/udp tunnel_id=%u/%u protocol=%d.%d winsize=%d " 13020fbf3537Syasuoka "hostname=%s vendor=%s firm=%04X", host, serv, _this->tunnel_id, 13030fbf3537Syasuoka _this->peer_tunnel_id, protover, protorev, _this->peer_winsz, 13040fbf3537Syasuoka hostname, vendorname, firmrev); 13050fbf3537Syasuoka 13060fbf3537Syasuoka return 0; 13070fbf3537Syasuoka not_acceptable: 13080fbf3537Syasuoka size_check_failed: 13090fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, "Received bad SCCRQ: %s", emes); 13100fbf3537Syasuoka l2tp_ctrl_stop(_this, result); 13110fbf3537Syasuoka 13120fbf3537Syasuoka return 1; 13130fbf3537Syasuoka } 13140fbf3537Syasuoka 1315f0a4e295Syasuoka /* 1316f0a4e295Syasuoka * send StopCCN 13170fbf3537Syasuoka */ 13180fbf3537Syasuoka static int 13190fbf3537Syasuoka l2tp_ctrl_send_StopCCN(l2tp_ctrl *_this, int result) 13200fbf3537Syasuoka { 13210fbf3537Syasuoka struct l2tp_avp *avp; 13220fbf3537Syasuoka char buf[L2TP_AVP_MAXSIZ]; 13230fbf3537Syasuoka bytebuffer *bytebuf; 13240fbf3537Syasuoka 13250fbf3537Syasuoka if ((bytebuf = l2tp_ctrl_prepare_snd_buffer(_this, 1)) == NULL) { 13260fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 13270fbf3537Syasuoka "sending StopCCN failed: no buffer."); 13280fbf3537Syasuoka return -1; 13290fbf3537Syasuoka } 13300fbf3537Syasuoka avp = (struct l2tp_avp *)buf; 13310fbf3537Syasuoka 13320fbf3537Syasuoka /* Message Type = StopCCN */ 13330fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 13340fbf3537Syasuoka avp->is_mandatory = 1; 13350fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_MESSAGE_TYPE; 13360fbf3537Syasuoka avp_set_val16(avp, L2TP_AVP_MESSAGE_TYPE_StopCCN); 13370fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 13380fbf3537Syasuoka 13390fbf3537Syasuoka /* Assigned Tunnel Id */ 13400fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 13410fbf3537Syasuoka avp->is_mandatory = 1; 13420fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_ASSINGED_TUNNEL_ID; 13430fbf3537Syasuoka avp_set_val16(avp, _this->tunnel_id); 13440fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 13450fbf3537Syasuoka 13460fbf3537Syasuoka /* Result Code */ 13470fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 13480fbf3537Syasuoka avp->is_mandatory = 1; 13490fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_RESULT_CODE; 13500fbf3537Syasuoka avp_set_val16(avp, result); 13510fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 13520fbf3537Syasuoka 13539a200ddfSyasuoka if (l2tp_ctrl_send_packet(_this, 0, bytebuf) != 0) { 13549a200ddfSyasuoka l2tp_ctrl_log(_this, LOG_ERR, "sending StopCCN failed"); 13550fbf3537Syasuoka return - 1; 13560fbf3537Syasuoka } 13570fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_INFO, "SendStopCCN result=%d", result); 13580fbf3537Syasuoka 13590fbf3537Syasuoka return 0; 13600fbf3537Syasuoka } 13610fbf3537Syasuoka 1362f0a4e295Syasuoka /* 1363f0a4e295Syasuoka * Receiver StopCCN 13640fbf3537Syasuoka */ 13650fbf3537Syasuoka static int 13660fbf3537Syasuoka l2tp_ctrl_recv_StopCCN(l2tp_ctrl *_this, u_char *pkt, int pktlen) 13670fbf3537Syasuoka { 1368b01648a9Syasuoka int result, error, avpsz, len; 1369b01648a9Syasuoka uint16_t tunid; 13700fbf3537Syasuoka struct l2tp_avp *avp; 1371b01648a9Syasuoka char buf[L2TP_AVP_MAXSIZ + 16], emes[256], pmes[256]; 13720fbf3537Syasuoka 1373b01648a9Syasuoka result = 0; 1374b01648a9Syasuoka error = 0; 13750fbf3537Syasuoka tunid = 0; 1376b01648a9Syasuoka pmes[0] = '\0'; 13770fbf3537Syasuoka avp = (struct l2tp_avp *)buf; 13780fbf3537Syasuoka while (pktlen >= 6 && (avpsz = avp_enum(avp, pkt, pktlen, 1)) > 0) { 13790fbf3537Syasuoka pkt += avpsz; 13800fbf3537Syasuoka pktlen -= avpsz; 13810fbf3537Syasuoka if (avp->vendor_id != 0) { 13820fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_DEBUG, 13830fbf3537Syasuoka "Received a Vendor-specific AVP vendor-id=%d " 13840fbf3537Syasuoka "type=%d", avp->vendor_id, avp->attr_type)); 13850fbf3537Syasuoka continue; 13860fbf3537Syasuoka } 13870fbf3537Syasuoka if (avp->is_hidden != 0) { 13880fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_WARNING, 13890fbf3537Syasuoka "Received AVP (%s/%d) is hidden. But we don't " 13900fbf3537Syasuoka "share secret.", 13910fbf3537Syasuoka avp_attr_type_string(avp->attr_type), 13920fbf3537Syasuoka avp->attr_type); 13930fbf3537Syasuoka if (avp->is_mandatory != 0) { 13940fbf3537Syasuoka l2tp_ctrl_stop(_this, 13950fbf3537Syasuoka L2TP_STOP_CCN_RCODE_GENERAL_ERROR | 13960fbf3537Syasuoka L2TP_ECODE_UNKNOWN_MANDATORY_AVP); 13970fbf3537Syasuoka return 1; 13980fbf3537Syasuoka } 13990fbf3537Syasuoka continue; 14000fbf3537Syasuoka } 14010fbf3537Syasuoka switch (avp->attr_type) { 14020fbf3537Syasuoka case L2TP_AVP_TYPE_MESSAGE_TYPE: 14030fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 8); 14040fbf3537Syasuoka continue; 14050fbf3537Syasuoka case L2TP_AVP_TYPE_RESULT_CODE: 1406b01648a9Syasuoka AVP_SIZE_CHECK(avp, >=, 8); 1407b01648a9Syasuoka result = avp->attr_value[0] << 8 | avp->attr_value[1]; 1408b01648a9Syasuoka if (avp->length >= 10) { 1409b01648a9Syasuoka error = avp->attr_value[2] << 8 | 1410b01648a9Syasuoka avp->attr_value[3]; 1411b01648a9Syasuoka len = avp->length - 12; 1412b01648a9Syasuoka if (len > 0) { 1413b01648a9Syasuoka len = MIN(len, sizeof(pmes) - 1); 1414b01648a9Syasuoka memcpy(pmes, &avp->attr_value[4], len); 1415b01648a9Syasuoka pmes[len] = '\0'; 1416b01648a9Syasuoka } 14170fbf3537Syasuoka } 14180fbf3537Syasuoka continue; 14190fbf3537Syasuoka case L2TP_AVP_TYPE_ASSINGED_TUNNEL_ID: 14200fbf3537Syasuoka AVP_SIZE_CHECK(avp, ==, 8); 14210fbf3537Syasuoka tunid = avp_get_val16(avp); 14220fbf3537Syasuoka continue; 14230fbf3537Syasuoka default: 14240fbf3537Syasuoka if (avp->is_mandatory != 0) { 14250fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_WARNING, 14260fbf3537Syasuoka "Received AVP (%s/%d) is not supported, " 14270fbf3537Syasuoka "but it's mandatory", 14280fbf3537Syasuoka avp_attr_type_string(avp->attr_type), 14290fbf3537Syasuoka avp->attr_type); 14300fbf3537Syasuoka #ifdef L2TP_CTRL_DEBUG 14310fbf3537Syasuoka } else { 14320fbf3537Syasuoka L2TP_CTRL_DBG((_this, LOG_DEBUG, 14330fbf3537Syasuoka "AVP (%s/%d) is not handled", 14340fbf3537Syasuoka avp_attr_type_string(avp->attr_type), 14350fbf3537Syasuoka avp->attr_type)); 14360fbf3537Syasuoka #endif 14370fbf3537Syasuoka } 14380fbf3537Syasuoka } 14390fbf3537Syasuoka } 14400fbf3537Syasuoka 1441b01648a9Syasuoka if (result == L2TP_CDN_RCODE_ERROR_CODE && 1442b01648a9Syasuoka error == L2TP_ECODE_NO_RESOURCE) { 14430fbf3537Syasuoka /* 1444f0a4e295Syasuoka * Memo: 1445f0a4e295Syasuoka * This state may be happen in following state. 1446f0a4e295Syasuoka * - lots of connect/disconect by long-running 1447f0a4e295Syasuoka * windows2000, sometimes it fall to this state. 1448f0a4e295Syasuoka * Once it fall to here, connection will fail till 1449f0a4e295Syasuoka * the windows rebooted 14500fbf3537Syasuoka */ 14510fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_WARNING, 14520fbf3537Syasuoka "Peer indicates \"No Resource\" error."); 14530fbf3537Syasuoka } 14540fbf3537Syasuoka 14550fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_INFO, "RecvStopCCN result=%s/%u " 14560fbf3537Syasuoka "error=%s/%u tunnel_id=%u message=\"%s\"", 1457b01648a9Syasuoka l2tp_stopccn_rcode_string(result), result, 1458b01648a9Syasuoka l2tp_ecode_string(error), error, tunid, pmes); 14590fbf3537Syasuoka 14600fbf3537Syasuoka return 0; 14610fbf3537Syasuoka 14620fbf3537Syasuoka size_check_failed: 14630fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, "Received bad StopCCN: %s", emes); 14640fbf3537Syasuoka 14650fbf3537Syasuoka return -1; 14660fbf3537Syasuoka } 14670fbf3537Syasuoka 1468f0a4e295Syasuoka /* 1469f0a4e295Syasuoka * send SCCRP 14700fbf3537Syasuoka */ 14710fbf3537Syasuoka static void 14720fbf3537Syasuoka l2tp_ctrl_send_SCCRP(l2tp_ctrl *_this) 14730fbf3537Syasuoka { 14740fbf3537Syasuoka int len; 14750fbf3537Syasuoka struct l2tp_avp *avp; 147682c6995aSyasuoka char buf[L2TP_AVP_MAXSIZ], hbuf[MAXHOSTNAMELEN]; 14770fbf3537Syasuoka const char *val; 14780fbf3537Syasuoka bytebuffer *bytebuf; 14790fbf3537Syasuoka 14800fbf3537Syasuoka if ((bytebuf = l2tp_ctrl_prepare_snd_buffer(_this, 1)) == NULL) { 14810fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 14820fbf3537Syasuoka "sending SCCRP failed: no buffer."); 14830fbf3537Syasuoka return; 14840fbf3537Syasuoka } 14850fbf3537Syasuoka avp = (struct l2tp_avp *)buf; 14860fbf3537Syasuoka 14870fbf3537Syasuoka /* Message Type = SCCRP */ 14880fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 14890fbf3537Syasuoka avp->is_mandatory = 1; 14900fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_MESSAGE_TYPE; 14910fbf3537Syasuoka avp_set_val16(avp, L2TP_AVP_MESSAGE_TYPE_SCCRP); 14920fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 14930fbf3537Syasuoka 14940fbf3537Syasuoka /* Protocol Version = 1.0 */ 14950fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 14960fbf3537Syasuoka avp->is_mandatory = 1; 14970fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_PROTOCOL_VERSION; 14980fbf3537Syasuoka avp->attr_value[0] = L2TP_RFC2661_VERSION; 14990fbf3537Syasuoka avp->attr_value[1] = L2TP_RFC2661_REVISION; 15000fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 15010fbf3537Syasuoka 15020fbf3537Syasuoka /* Framing Capability = Async */ 15030fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15040fbf3537Syasuoka avp->is_mandatory = 1; 15050fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_FRAMING_CAPABILITIES; 15060fbf3537Syasuoka avp_set_val32(avp, L2TP_FRAMING_CAP_FLAGS_SYNC); 15070fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 4); 15080fbf3537Syasuoka 15090fbf3537Syasuoka /* Host Name */ 15100fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15110fbf3537Syasuoka avp->is_mandatory = 1; 15120fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_HOST_NAME; 151382c6995aSyasuoka if ((val = L2TP_CTRL_CONF(_this)->hostname) == NULL) { 151482c6995aSyasuoka gethostname(hbuf, sizeof(hbuf)); 151582c6995aSyasuoka val = hbuf; 151682c6995aSyasuoka } 15170fbf3537Syasuoka len = strlen(val); 15180fbf3537Syasuoka memcpy(avp->attr_value, val, len); 15190fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, len); 15200fbf3537Syasuoka 15210fbf3537Syasuoka /* Assigned Tunnel Id */ 15220fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15230fbf3537Syasuoka avp->is_mandatory = 1; 15240fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_ASSINGED_TUNNEL_ID; 15250fbf3537Syasuoka avp_set_val16(avp, _this->tunnel_id); 15260fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 15270fbf3537Syasuoka 15280fbf3537Syasuoka /* Bearer Capability 1529f0a4e295Syasuoka * This implementation never act as LAC. 15300fbf3537Syasuoka * 15310fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15320fbf3537Syasuoka avp->is_mandatory = 1; 15330fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_BEARER_CAPABILITIES; 15340fbf3537Syasuoka avp_set_val32(avp, 0); 15350fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 4); 15360fbf3537Syasuoka */ 15370fbf3537Syasuoka 15380fbf3537Syasuoka /* Firmware Revision */ 15390fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 154082c6995aSyasuoka avp->is_mandatory = 0; 15410fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_FIRMWARE_REVISION; 15420fbf3537Syasuoka avp->attr_value[0] = MAJOR_VERSION; 15430fbf3537Syasuoka avp->attr_value[1] = MINOR_VERSION; 15440fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 15450fbf3537Syasuoka 154682c6995aSyasuoka /* Vendor Name */ 154782c6995aSyasuoka if ((val = L2TP_CTRL_CONF(_this)->vendor_name) != NULL) { 15480fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 154982c6995aSyasuoka avp->is_mandatory = 0; 15500fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_VENDOR_NAME; 15510fbf3537Syasuoka 15520fbf3537Syasuoka len = strlen(val); 15530fbf3537Syasuoka memcpy(avp->attr_value, val, len); 15540fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, len); 155582c6995aSyasuoka } 15560fbf3537Syasuoka 15570fbf3537Syasuoka /* Window Size */ 15580fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15590fbf3537Syasuoka avp->is_mandatory = 1; 15600fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_RECV_WINDOW_SIZE; 15610fbf3537Syasuoka avp_set_val16(avp, _this->winsz); 15620fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 15630fbf3537Syasuoka 15649a200ddfSyasuoka if ((l2tp_ctrl_send_packet(_this, 0, bytebuf)) != 0) { 15650fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, "sending SCCRP failed"); 15660fbf3537Syasuoka l2tp_ctrl_stop(_this, L2TP_STOP_CCN_RCODE_GENERAL); 15670fbf3537Syasuoka return; 15680fbf3537Syasuoka } 15690fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_INFO, "SendSCCRP"); 15700fbf3537Syasuoka } 15710fbf3537Syasuoka 15720fbf3537Syasuoka static int 15730fbf3537Syasuoka l2tp_ctrl_send_HELLO(l2tp_ctrl *_this) 15740fbf3537Syasuoka { 15750fbf3537Syasuoka struct l2tp_avp *avp; 15760fbf3537Syasuoka char buf[L2TP_AVP_MAXSIZ]; 15770fbf3537Syasuoka bytebuffer *bytebuf; 15780fbf3537Syasuoka 15790fbf3537Syasuoka if ((bytebuf = l2tp_ctrl_prepare_snd_buffer(_this, 1)) == NULL) { 15800fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, 15810fbf3537Syasuoka "sending SCCRP failed: no buffer."); 15820fbf3537Syasuoka return 1; 15830fbf3537Syasuoka } 15840fbf3537Syasuoka avp = (struct l2tp_avp *)buf; 15850fbf3537Syasuoka 15860fbf3537Syasuoka /* Message Type = HELLO */ 15870fbf3537Syasuoka memset(avp, 0, sizeof(*avp)); 15880fbf3537Syasuoka avp->is_mandatory = 1; 15890fbf3537Syasuoka avp->attr_type = L2TP_AVP_TYPE_MESSAGE_TYPE; 15900fbf3537Syasuoka avp_set_val16(avp, L2TP_AVP_MESSAGE_TYPE_HELLO); 15910fbf3537Syasuoka bytebuf_add_avp(bytebuf, avp, 2); 15920fbf3537Syasuoka 15939a200ddfSyasuoka if ((l2tp_ctrl_send_packet(_this, 0, bytebuf)) != 0) { 15940fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_ERR, "sending HELLO failed"); 15950fbf3537Syasuoka l2tp_ctrl_stop(_this, L2TP_STOP_CCN_RCODE_GENERAL); 15960fbf3537Syasuoka return 1; 15970fbf3537Syasuoka } 15980fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_DEBUG, "SendHELLO"); 15990fbf3537Syasuoka 16000fbf3537Syasuoka return 0; 16010fbf3537Syasuoka } 16020fbf3537Syasuoka 1603f0a4e295Syasuoka /* Send ZLB */ 16040fbf3537Syasuoka static int 16050fbf3537Syasuoka l2tp_ctrl_send_ZLB(l2tp_ctrl *_this) 16060fbf3537Syasuoka { 16070fbf3537Syasuoka int loglevel; 16080fbf3537Syasuoka 16090fbf3537Syasuoka loglevel = (_this->state == L2TP_CTRL_STATE_ESTABLISHED) 16100fbf3537Syasuoka ? LOG_DEBUG : LOG_INFO; 16110fbf3537Syasuoka l2tp_ctrl_log(_this, loglevel, "SendZLB"); 16120fbf3537Syasuoka bytebuffer_clear(_this->zlb_buffer); 16130fbf3537Syasuoka bytebuffer_put(_this->zlb_buffer, BYTEBUFFER_PUT_DIRECT, 16140fbf3537Syasuoka sizeof(struct l2tp_header)); 16150fbf3537Syasuoka 16169a200ddfSyasuoka return l2tp_ctrl_send_packet(_this, 0, _this->zlb_buffer); 16170fbf3537Syasuoka } 16180fbf3537Syasuoka 1619f0a4e295Syasuoka /* 1620f0a4e295Syasuoka * Utitlity 1621f0a4e295Syasuoka */ 1622f0a4e295Syasuoka 16230fbf3537Syasuoka /** 1624f0a4e295Syasuoka * Prepare send buffer 1625f0a4e295Syasuoka * @return return Null when the send buffer exceed Window. 16260fbf3537Syasuoka */ 16270fbf3537Syasuoka bytebuffer * 16280fbf3537Syasuoka l2tp_ctrl_prepare_snd_buffer(l2tp_ctrl *_this, int with_seq) 16290fbf3537Syasuoka { 16300fbf3537Syasuoka bytebuffer *bytebuf; 16310fbf3537Syasuoka 16320fbf3537Syasuoka L2TP_CTRL_ASSERT(_this != NULL); 16330fbf3537Syasuoka 16340fbf3537Syasuoka if (l2tp_ctrl_txwin_is_full(_this)) { 16350fbf3537Syasuoka l2tp_ctrl_log(_this, LOG_INFO, "sending buffer is full."); 16360fbf3537Syasuoka return NULL; 16370fbf3537Syasuoka } 16380fbf3537Syasuoka bytebuf = _this->snd_buffers[_this->snd_nxt % _this->winsz]; 16390fbf3537Syasuoka bytebuffer_clear(bytebuf); 16400fbf3537Syasuoka if (with_seq) 16410fbf3537Syasuoka bytebuffer_put(bytebuf, BYTEBUFFER_PUT_DIRECT, 16420fbf3537Syasuoka sizeof(struct l2tp_header)); 16430fbf3537Syasuoka else 16440fbf3537Syasuoka bytebuffer_put(bytebuf, BYTEBUFFER_PUT_DIRECT, 16450fbf3537Syasuoka offsetof(struct l2tp_header, ns)); 16460fbf3537Syasuoka 16470fbf3537Syasuoka return bytebuf; 16480fbf3537Syasuoka } 16490fbf3537Syasuoka 16500fbf3537Syasuoka /** 1651f0a4e295Syasuoka * return current state as strings 16520fbf3537Syasuoka */ 16530fbf3537Syasuoka static inline const char * 16540fbf3537Syasuoka l2tp_ctrl_state_string(l2tp_ctrl *_this) 16550fbf3537Syasuoka { 16560fbf3537Syasuoka switch (_this->state) { 16570fbf3537Syasuoka case L2TP_CTRL_STATE_IDLE: return "idle"; 16580fbf3537Syasuoka case L2TP_CTRL_STATE_WAIT_CTL_CONN: return "wait-ctl-conn"; 16590fbf3537Syasuoka case L2TP_CTRL_STATE_WAIT_CTL_REPLY: return "wait-ctl-reply"; 16600fbf3537Syasuoka case L2TP_CTRL_STATE_ESTABLISHED: return "established"; 16610fbf3537Syasuoka case L2TP_CTRL_STATE_CLEANUP_WAIT: return "cleanup-wait"; 16620fbf3537Syasuoka } 16630fbf3537Syasuoka return "unknown"; 16640fbf3537Syasuoka } 16650fbf3537Syasuoka 1666f0a4e295Syasuoka /* logging with the label of the l2tp instance. */ 16670fbf3537Syasuoka void 16680fbf3537Syasuoka l2tp_ctrl_log(l2tp_ctrl *_this, int prio, const char *fmt, ...) 16690fbf3537Syasuoka { 16700fbf3537Syasuoka char logbuf[BUFSIZ]; 16710fbf3537Syasuoka va_list ap; 16720fbf3537Syasuoka 16730fbf3537Syasuoka va_start(ap, fmt); 16747a7bab9dSyasuoka #ifdef L2TPD_MULTIPLE 16750fbf3537Syasuoka snprintf(logbuf, sizeof(logbuf), "l2tpd id=%u ctrl=%u %s", 16760fbf3537Syasuoka _this->l2tpd->id, _this->id, fmt); 16770fbf3537Syasuoka #else 16780fbf3537Syasuoka snprintf(logbuf, sizeof(logbuf), "l2tpd ctrl=%u %s", _this->id, fmt); 16790fbf3537Syasuoka #endif 16800fbf3537Syasuoka vlog_printf(prio, logbuf, ap); 16810fbf3537Syasuoka va_end(ap); 16820fbf3537Syasuoka } 1683