1 /* $OpenBSD: npppd.h,v 1.13 2012/12/05 23:20:26 deraadt Exp $ */ 2 3 /*- 4 * Copyright (c) 2009 Internet Initiative Japan Inc. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 #ifndef NPPPD_H 29 #define NPPPD_H 1 30 31 32 #include <sys/param.h> 33 #include <sys/queue.h> 34 #include <sys/socket.h> 35 #include <stdbool.h> 36 #include <net/if.h> 37 #include <net/if_dl.h> 38 #include <netinet/in.h> 39 #include <event.h> 40 41 #include "slist.h" 42 #include "addr_range.h" 43 44 #include "l2tp_conf.h" 45 #include "pptp_conf.h" 46 #include "pppoe_conf.h" 47 48 #define NPPPD_USER "_ppp" 49 #define NPPPD_GENERIC_NAME_LEN 32 50 51 /** Constants of tunnel type */ 52 #define NPPPD_TUNNEL_NONE 0 /** None Tunnel Type */ 53 #define NPPPD_TUNNEL_L2TP 1 /** L2TP Tunnel Type */ 54 #define NPPPD_TUNNEL_PPTP 2 /** PPTP Tunnel Type */ 55 #define NPPPD_TUNNEL_PPPOE 3 /** PPPoE Tunnel Type */ 56 #define NPPPD_TUNNEL_SSTP 4 /** SSTP Tunnel Type */ 57 58 #define NPPPD_AUTH_METHODS_PAP 0x0001 59 #define NPPPD_AUTH_METHODS_CHAP 0x0002 60 #define NPPPD_AUTH_METHODS_MSCHAPV2 0x0004 61 62 #define NPPPD_MPPE_DISABLED 0x0000 63 #define NPPPD_MPPE_ENABLED 0x0001 64 #define NPPPD_MPPE_REQUIRED 0x0002 65 66 #define NPPPD_MPPE_40BIT 0x0001 67 #define NPPPD_MPPE_56BIT 0x0002 68 #define NPPPD_MPPE_128BIT 0x0004 69 70 #define NPPPD_MPPE_STATEFUL 0x0001 71 #define NPPPD_MPPE_STATELESS 0x0002 72 73 #define NPPPD_PROTO_BIT_IP 0x0001 74 #define NPPPD_PROTO_BIT_LCP 0x0002 75 #define NPPPD_PROTO_BIT_PAP 0x0004 76 #define NPPPD_PROTO_BIT_CHAP 0x0008 77 #define NPPPD_PROTO_BIT_EAP 0x0010 78 #define NPPPD_PROTO_BIT_MPPE 0x0020 79 #define NPPPD_PROTO_BIT_CCP 0x0040 80 #define NPPPD_PROTO_BIT_IPCP 0x0080 81 82 #define NPPPD_CALLNUM_CHECK_NONE 0 83 #define NPPPD_CALLNUM_CHECK_STRICT 1 84 #define NPPPD_CALLNUM_CHECK_LOOSE 2 85 86 struct tunnconf { 87 TAILQ_ENTRY(tunnconf) entry; 88 const char *name; 89 int protocol; 90 91 union { 92 struct l2tp_conf l2tp; 93 struct pptp_conf pptp; 94 struct pppoe_conf pppoe; 95 } proto; 96 97 int lcp_timeout; 98 int lcp_max_configure; 99 int lcp_max_terminate; 100 int lcp_max_nak_loop; 101 int mru; 102 bool lcp_keepalive; 103 int lcp_keepalive_interval; 104 int lcp_keepalive_retry_interval; 105 int lcp_keepalive_max_retries; 106 107 u_int auth_methods; 108 109 int ipcp_timeout; 110 int ipcp_max_configure; 111 int ipcp_max_terminate; 112 int ipcp_max_nak_loop; 113 int ccp_timeout; 114 int ccp_max_configure; 115 int ccp_max_terminate; 116 int ccp_max_nak_loop; 117 char *chap_name; 118 119 bool mppe_yesno; 120 bool mppe_required; 121 u_int mppe_keylen; 122 u_int mppe_keystate; 123 124 int idle_timeout; 125 bool tcp_mss_adjust; 126 bool ingress_filter; 127 int callnum_check; 128 129 bool pipex; 130 131 u_int debug_dump_pktin; 132 u_int debug_dump_pktout; 133 }; 134 135 struct radserver { 136 TAILQ_ENTRY(radserver) entry; 137 struct sockaddr_storage address; 138 char *secret; 139 }; 140 141 struct radconf { 142 TAILQ_HEAD(radservers, radserver) servers; 143 int timeout; 144 int max_tries; 145 int max_failovers; 146 }; 147 148 struct authconf { 149 TAILQ_ENTRY(authconf) entry; 150 char name[NPPPD_GENERIC_NAME_LEN]; 151 int auth_type; 152 char *username_suffix; 153 char *username_prefix; 154 bool eap_capable; 155 bool strip_nt_domain; 156 bool strip_atmark_realm; 157 char users_file_path[MAXPATHLEN]; 158 union { 159 struct { 160 struct radconf auth; 161 struct radconf acct; 162 } radius; 163 } data; 164 }; 165 166 struct ipcpconf { 167 TAILQ_ENTRY(ipcpconf) entry; 168 char name[NPPPD_GENERIC_NAME_LEN]; 169 bool dns_use_resolver; 170 struct in_addr dns_servers[2]; 171 struct in_addr nbns_servers[2]; 172 bool allow_user_select; 173 struct in_addr_range *dynamic_pool; 174 struct in_addr_range *static_pool; 175 }; 176 177 struct iface { 178 TAILQ_ENTRY(iface) entry; 179 char name[IFNAMSIZ]; 180 struct in_addr ip4addr; 181 struct ipcpconf *ipcpconf; 182 bool is_pppx; 183 }; 184 185 struct confbind { 186 TAILQ_ENTRY(confbind) entry; 187 struct tunnconf *tunnconf; 188 struct authconf *authconf; 189 struct iface *iface; 190 }; 191 192 struct npppd_conf { 193 int max_session; 194 int user_max_session; 195 TAILQ_HEAD(tunnconfs, tunnconf) tunnconfs; 196 TAILQ_HEAD(authconfs, authconf) authconfs; 197 TAILQ_HEAD(ipcpconfs, ipcpconf) ipcpconfs; 198 TAILQ_HEAD(ifaces, iface) ifaces; 199 TAILQ_HEAD(confbinds, confbind) confbinds; 200 struct l2tp_confs l2tp_confs; 201 struct pptp_confs pptp_confs; 202 struct pppoe_confs pppoe_confs; 203 }; 204 205 /** sockaddr_npppd */ 206 struct sockaddr_npppd { 207 struct sockaddr_in sin4; 208 struct sockaddr_in sin4mask; 209 #define snp_len sin4.sin_len 210 #define snp_family sin4.sin_family 211 #define snp_addr sin4.sin_addr 212 int snp_type; /* SNP_POOL or SNP_PPP */ 213 #define snp_mask sin4mask.sin_addr 214 /** next entry */ 215 struct sockaddr_npppd *snp_next; 216 /** contents of entry */ 217 void *snp_data_ptr; 218 }; 219 #define SNP_POOL 1 220 #define SNP_DYN_POOL 2 221 #define SNP_PPP 3 222 223 typedef struct _npppd npppd; 224 225 #include "ppp.h" 226 227 __BEGIN_DECLS 228 npppd *npppd_get_npppd (void); 229 int npppd_init (npppd *, const char *); 230 void npppd_start (npppd *); 231 void npppd_stop (npppd *); 232 void npppd_fini (npppd *); 233 int npppd_reset_routing_table (npppd *, int); 234 int npppd_get_user_password (npppd *, npppd_ppp *, const char *, char *, int *); 235 struct in_addr *npppd_get_user_framed_ip_address (npppd *, npppd_ppp *, const char *); 236 int npppd_check_calling_number (npppd *, npppd_ppp *); 237 npppd_ppp *npppd_get_ppp_by_ip (npppd *, struct in_addr); 238 slist *npppd_get_ppp_by_user (npppd *, const char *); 239 npppd_ppp *npppd_get_ppp_by_id (npppd *, u_int); 240 int npppd_check_user_max_session (npppd *, npppd_ppp *); 241 void npppd_network_output (npppd *, npppd_ppp *, int, u_char *, int); 242 int npppd_ppp_pipex_enable (npppd *, npppd_ppp *); 243 int npppd_ppp_pipex_disable (npppd *, npppd_ppp *); 244 int npppd_prepare_ip (npppd *, npppd_ppp *); 245 void npppd_release_ip (npppd *, npppd_ppp *); 246 void npppd_set_ip_enabled (npppd *, npppd_ppp *, int); 247 int npppd_assign_ip_addr (npppd *, npppd_ppp *, uint32_t); 248 int npppd_set_radish (npppd *, void *); 249 int npppd_get_all_users (npppd *, slist *); 250 int npppd_ppp_bind_realm (npppd *, npppd_ppp *, const char *, int); 251 int npppd_ppp_is_realm_local (npppd *, npppd_ppp *); 252 int npppd_ppp_is_realm_radius (npppd *, npppd_ppp *); 253 int npppd_ppp_is_realm_ready (npppd *, npppd_ppp *); 254 const char *npppd_ppp_get_realm_name (npppd *, npppd_ppp *); 255 const char *npppd_ppp_get_iface_name (npppd *, npppd_ppp *); 256 int npppd_ppp_iface_is_ready (npppd *, npppd_ppp *); 257 int npppd_ppp_bind_iface (npppd *, npppd_ppp *); 258 void npppd_ppp_unbind_iface (npppd *, npppd_ppp *); 259 void *npppd_get_radius_auth_setting (npppd *, npppd_ppp *); 260 int sockaddr_npppd_match (void *, void *); 261 const char *npppd_ppp_get_username_for_auth (npppd *, npppd_ppp *, const char *, char *); 262 const char *npppd_ppp_tunnel_protocol_name (npppd *, npppd_ppp *); 263 const char *npppd_tunnel_protocol_name (int); 264 struct tunnconf *npppd_get_tunnconf (npppd *, const char *); 265 int npppd_reload_config (npppd *); 266 int npppd_modules_reload (npppd *); 267 int npppd_ifaces_load_config (npppd *); 268 269 int npppd_conf_parse (struct npppd_conf *, const char *); 270 void npppd_conf_init (struct npppd_conf *); 271 void npppd_conf_fini (struct npppd_conf *); 272 int npppd_config_check (const char *); 273 274 __END_DECLS 275 276 #endif 277