1 /* $OpenBSD: npppd.h,v 1.16 2015/01/19 01:48:59 deraadt Exp $ */ 2 3 /*- 4 * Copyright (c) 2009 Internet Initiative Japan Inc. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 #ifndef NPPPD_H 29 #define NPPPD_H 1 30 31 32 #include <sys/queue.h> 33 #include <sys/socket.h> 34 #include <stdbool.h> 35 #include <net/if.h> 36 #include <net/if_dl.h> 37 #include <netinet/in.h> 38 #include <event.h> 39 #include <limits.h> 40 41 #include "addr_range.h" 42 43 #include "l2tp_conf.h" 44 #include "pptp_conf.h" 45 #include "pppoe_conf.h" 46 47 #define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) 48 #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) 49 50 #define NPPPD_USER "_ppp" 51 #define NPPPD_GENERIC_NAME_LEN 32 52 53 /** Constants of tunnel type */ 54 #define NPPPD_TUNNEL_NONE 0 /** None Tunnel Type */ 55 #define NPPPD_TUNNEL_L2TP 1 /** L2TP Tunnel Type */ 56 #define NPPPD_TUNNEL_PPTP 2 /** PPTP Tunnel Type */ 57 #define NPPPD_TUNNEL_PPPOE 3 /** PPPoE Tunnel Type */ 58 #define NPPPD_TUNNEL_SSTP 4 /** SSTP Tunnel Type */ 59 60 #define NPPPD_AUTH_METHODS_PAP 0x0001 61 #define NPPPD_AUTH_METHODS_CHAP 0x0002 62 #define NPPPD_AUTH_METHODS_MSCHAPV2 0x0004 63 64 #define NPPPD_MPPE_DISABLED 0x0000 65 #define NPPPD_MPPE_ENABLED 0x0001 66 #define NPPPD_MPPE_REQUIRED 0x0002 67 68 #define NPPPD_MPPE_40BIT 0x0001 69 #define NPPPD_MPPE_56BIT 0x0002 70 #define NPPPD_MPPE_128BIT 0x0004 71 72 #define NPPPD_MPPE_STATEFUL 0x0001 73 #define NPPPD_MPPE_STATELESS 0x0002 74 75 #define NPPPD_PROTO_BIT_IP 0x0001 76 #define NPPPD_PROTO_BIT_LCP 0x0002 77 #define NPPPD_PROTO_BIT_PAP 0x0004 78 #define NPPPD_PROTO_BIT_CHAP 0x0008 79 #define NPPPD_PROTO_BIT_EAP 0x0010 80 #define NPPPD_PROTO_BIT_MPPE 0x0020 81 #define NPPPD_PROTO_BIT_CCP 0x0040 82 #define NPPPD_PROTO_BIT_IPCP 0x0080 83 84 #define NPPPD_CALLNUM_CHECK_NONE 0 85 #define NPPPD_CALLNUM_CHECK_STRICT 1 86 #define NPPPD_CALLNUM_CHECK_LOOSE 2 87 88 struct tunnconf { 89 TAILQ_ENTRY(tunnconf) entry; 90 const char *name; 91 int protocol; 92 93 union { 94 struct l2tp_conf l2tp; 95 struct pptp_conf pptp; 96 struct pppoe_conf pppoe; 97 } proto; 98 99 int lcp_timeout; 100 int lcp_max_configure; 101 int lcp_max_terminate; 102 int lcp_max_nak_loop; 103 int mru; 104 bool lcp_keepalive; 105 int lcp_keepalive_interval; 106 int lcp_keepalive_retry_interval; 107 int lcp_keepalive_max_retries; 108 109 u_int auth_methods; 110 111 int ipcp_timeout; 112 int ipcp_max_configure; 113 int ipcp_max_terminate; 114 int ipcp_max_nak_loop; 115 int ccp_timeout; 116 int ccp_max_configure; 117 int ccp_max_terminate; 118 int ccp_max_nak_loop; 119 char *chap_name; 120 121 bool mppe_yesno; 122 bool mppe_required; 123 u_int mppe_keylen; 124 u_int mppe_keystate; 125 126 int idle_timeout; 127 bool tcp_mss_adjust; 128 bool ingress_filter; 129 int callnum_check; 130 131 bool pipex; 132 133 u_int debug_dump_pktin; 134 u_int debug_dump_pktout; 135 }; 136 137 struct radserver { 138 TAILQ_ENTRY(radserver) entry; 139 struct sockaddr_storage address; 140 char *secret; 141 }; 142 143 struct radconf { 144 TAILQ_HEAD(radservers, radserver) servers; 145 int timeout; 146 int max_tries; 147 int max_failovers; 148 }; 149 150 struct authconf { 151 TAILQ_ENTRY(authconf) entry; 152 char name[NPPPD_GENERIC_NAME_LEN]; 153 int auth_type; 154 char *username_suffix; 155 bool eap_capable; 156 bool strip_nt_domain; 157 bool strip_atmark_realm; 158 char users_file_path[PATH_MAX]; 159 union { 160 struct { 161 struct radconf auth; 162 struct radconf acct; 163 } radius; 164 } data; 165 }; 166 167 struct ipcpconf { 168 TAILQ_ENTRY(ipcpconf) entry; 169 char name[NPPPD_GENERIC_NAME_LEN]; 170 bool dns_use_resolver; 171 struct in_addr dns_servers[2]; 172 struct in_addr nbns_servers[2]; 173 bool allow_user_select; 174 struct in_addr_range *dynamic_pool; 175 struct in_addr_range *static_pool; 176 }; 177 178 struct iface { 179 TAILQ_ENTRY(iface) entry; 180 char name[IFNAMSIZ]; 181 struct in_addr ip4addr; 182 struct ipcpconf *ipcpconf; 183 bool is_pppx; 184 }; 185 186 struct confbind { 187 TAILQ_ENTRY(confbind) entry; 188 struct tunnconf *tunnconf; 189 struct authconf *authconf; 190 struct iface *iface; 191 }; 192 193 struct npppd_conf { 194 int max_session; 195 int user_max_session; 196 TAILQ_HEAD(tunnconfs, tunnconf) tunnconfs; 197 TAILQ_HEAD(authconfs, authconf) authconfs; 198 TAILQ_HEAD(ipcpconfs, ipcpconf) ipcpconfs; 199 TAILQ_HEAD(ifaces, iface) ifaces; 200 TAILQ_HEAD(confbinds, confbind) confbinds; 201 struct l2tp_confs l2tp_confs; 202 struct pptp_confs pptp_confs; 203 struct pppoe_confs pppoe_confs; 204 }; 205 206 /** sockaddr_npppd */ 207 struct sockaddr_npppd { 208 struct sockaddr_in sin4; 209 struct sockaddr_in sin4mask; 210 #define snp_len sin4.sin_len 211 #define snp_family sin4.sin_family 212 #define snp_addr sin4.sin_addr 213 int snp_type; /* SNP_POOL or SNP_PPP */ 214 #define snp_mask sin4mask.sin_addr 215 /** next entry */ 216 struct sockaddr_npppd *snp_next; 217 /** contents of entry */ 218 void *snp_data_ptr; 219 }; 220 #define SNP_POOL 1 221 #define SNP_DYN_POOL 2 222 #define SNP_PPP 3 223 224 typedef struct _npppd npppd; 225 226 #include "ppp.h" 227 228 #include <imsg.h> 229 230 struct imsgev { 231 struct imsgbuf ibuf; 232 void (*handler)(int, short, void *); 233 struct event ev; 234 void *data; 235 short events; 236 }; 237 238 struct ctl_conn { 239 TAILQ_ENTRY(ctl_conn) entry; 240 struct control_sock *parent; 241 u_int8_t flags; 242 #define CTL_CONN_NOTIFY 0x01 243 #define CTL_CONN_LOCKED 0x02 /* restricted mode */ 244 struct imsgev iev; 245 void *ctx; 246 }; 247 248 TAILQ_HEAD(ctl_conn_list, ctl_conn); 249 extern struct ctl_conn_list ctl_conns; 250 251 __BEGIN_DECLS 252 npppd *npppd_get_npppd (void); 253 int npppd_init (npppd *, const char *); 254 void npppd_start (npppd *); 255 void npppd_stop (npppd *); 256 void npppd_fini (npppd *); 257 int npppd_reset_routing_table (npppd *, int); 258 int npppd_get_user_password (npppd *, npppd_ppp *, const char *, char *, int *); 259 struct in_addr *npppd_get_user_framed_ip_address (npppd *, npppd_ppp *, const char *); 260 int npppd_check_calling_number (npppd *, npppd_ppp *); 261 npppd_ppp *npppd_get_ppp_by_ip (npppd *, struct in_addr); 262 npppd_ppp *npppd_get_ppp_by_id (npppd *, u_int); 263 int npppd_check_user_max_session (npppd *, npppd_ppp *); 264 void npppd_network_output (npppd *, npppd_ppp *, int, u_char *, int); 265 int npppd_ppp_pipex_enable (npppd *, npppd_ppp *); 266 int npppd_ppp_pipex_disable (npppd *, npppd_ppp *); 267 int npppd_prepare_ip (npppd *, npppd_ppp *); 268 void npppd_release_ip (npppd *, npppd_ppp *); 269 void npppd_set_ip_enabled (npppd *, npppd_ppp *, int); 270 int npppd_assign_ip_addr (npppd *, npppd_ppp *, uint32_t); 271 int npppd_set_radish (npppd *, void *); 272 int npppd_ppp_bind_realm (npppd *, npppd_ppp *, const char *, int); 273 int npppd_ppp_is_realm_local (npppd *, npppd_ppp *); 274 int npppd_ppp_is_realm_radius (npppd *, npppd_ppp *); 275 int npppd_ppp_is_realm_ready (npppd *, npppd_ppp *); 276 const char *npppd_ppp_get_realm_name (npppd *, npppd_ppp *); 277 const char *npppd_ppp_get_iface_name (npppd *, npppd_ppp *); 278 int npppd_ppp_iface_is_ready (npppd *, npppd_ppp *); 279 int npppd_ppp_bind_iface (npppd *, npppd_ppp *); 280 void npppd_ppp_unbind_iface (npppd *, npppd_ppp *); 281 void *npppd_get_radius_auth_setting (npppd *, npppd_ppp *); 282 int sockaddr_npppd_match (void *, void *); 283 const char *npppd_ppp_get_username_for_auth (npppd *, npppd_ppp *, const char *, char *); 284 const char *npppd_ppp_tunnel_protocol_name (npppd *, npppd_ppp *); 285 const char *npppd_tunnel_protocol_name (int); 286 struct tunnconf *npppd_get_tunnconf (npppd *, const char *); 287 int npppd_reload_config (npppd *); 288 int npppd_modules_reload (npppd *); 289 int npppd_ifaces_load_config (npppd *); 290 291 int npppd_conf_parse (struct npppd_conf *, const char *); 292 void npppd_conf_init (struct npppd_conf *); 293 void npppd_conf_fini (struct npppd_conf *); 294 int npppd_config_check (const char *); 295 void npppd_on_ppp_start (npppd *, npppd_ppp *); 296 void npppd_on_ppp_stop (npppd *, npppd_ppp *); 297 void imsg_event_add(struct imsgev *); 298 299 int control_init (struct control_sock *); 300 int control_listen (struct control_sock *); 301 void control_cleanup (struct control_sock *); 302 struct npppd_ctl *npppd_ctl_create (npppd *); 303 void npppd_ctl_destroy (struct npppd_ctl *); 304 int npppd_ctl_who (struct npppd_ctl *); 305 int npppd_ctl_monitor (struct npppd_ctl *); 306 int npppd_ctl_who_and_monitor (struct npppd_ctl *); 307 int npppd_ctl_add_started_ppp_id (struct npppd_ctl *, uint32_t); 308 int npppd_ctl_add_stopped_ppp (struct npppd_ctl *, npppd_ppp *); 309 int npppd_ctl_imsg_compose (struct npppd_ctl *, struct imsgbuf *); 310 int npppd_ctl_disconnect (struct npppd_ctl *, u_int *, int); 311 312 __END_DECLS 313 314 #endif 315