2 * ipcp.c - PPP IP Control Protocol.
4 * Copyright (c) 1984-2000 Carnegie Mellon University. All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
18 * 3. The name "Carnegie Mellon University" must not be used to
19 * endorse or promote products derived from this software without
20 * prior written permission. For permission or any legal
21 * details, please contact
22 * Office of Technology Transfer
23 * Carnegie Mellon University
25 * Pittsburgh, PA 15213-3890
26 * (412) 268-4387, fax: (412) 268-7395
27 * tech-transfer@andrew.cmu.edu
29 * 4. Redistributions of any form whatsoever must retain the following
31 * "This product includes software developed by Computing Services
32 * at Carnegie Mellon University (http://www.cmu.edu/computing/)."
34 * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
35 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
36 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
37 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
38 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
39 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
40 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
51 #include <sys/param.h>
52 #include <sys/types.h>
53 #include <sys/socket.h>
54 #include <netinet/in.h>
55 #include <arpa/inet.h>
58 #include "pppd-private.h"
62 #include "pathnames.h"
66 ipcp_options ipcp_wantoptions[NUM_PPP]; /* Options that we want to request */
67 ipcp_options ipcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */
68 ipcp_options ipcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */
69 ipcp_options ipcp_hisoptions[NUM_PPP]; /* Options that we ack'd */
71 char *ipparam = NULL; /* Extra parameter for ip up/down scripts */
72 u_int32_t netmask = 0; /* IP netmask to set on interface */
74 bool disable_defaultip = 0; /* Don't use hostname for default IP adrs */
75 bool noremoteip = 0; /* Let him have no IP address */
77 ip_up_hook_fn *ip_up_hook = NULL;
78 ip_down_hook_fn *ip_down_hook = NULL;
79 ip_choose_hook_fn *ip_choose_hook = NULL;
82 /* Notifiers for when IPCP goes up and down */
83 struct notifier *ip_up_notifier = NULL;
84 struct notifier *ip_down_notifier = NULL;
87 static int default_route_set[NUM_PPP]; /* Have set up a default route */
88 static int proxy_arp_set[NUM_PPP]; /* Have created proxy arp entry */
89 static bool usepeerdns; /* Ask peer for DNS addrs */
90 static bool usepeerwins; /* Ask peer for WINS addrs */
91 static bool noresolvconf; /* Do not create resolv.conf */
92 static int ipcp_is_up; /* have called np_up() */
93 static int ipcp_is_open; /* haven't called np_finished() */
94 static bool ask_for_local; /* request our address from peer */
95 static char vj_value[8]; /* string form of vj option value */
96 static char netmask_str[20]; /* string form of netmask value */
99 * Callbacks for fsm code. (CI = Configuration Information)
101 static void ipcp_resetci (fsm *); /* Reset our CI */
102 static int ipcp_cilen (fsm *); /* Return length of our CI */
103 static void ipcp_addci (fsm *, u_char *, int *); /* Add our CI */
104 static int ipcp_ackci (fsm *, u_char *, int); /* Peer ack'd our CI */
105 static int ipcp_nakci (fsm *, u_char *, int, int);/* Peer nak'd our CI */
106 static int ipcp_rejci (fsm *, u_char *, int); /* Peer rej'd our CI */
107 static int ipcp_reqci (fsm *, u_char *, int *, int); /* Rcv CI */
108 static void ipcp_up (fsm *); /* We're UP */
109 static void ipcp_down (fsm *); /* We're DOWN */
110 static void ipcp_finished (fsm *); /* Don't need lower layer */
112 fsm ipcp_fsm[NUM_PPP]; /* IPCP fsm structure */
114 static fsm_callbacks ipcp_callbacks = { /* IPCP callback routines */
115 ipcp_resetci, /* Reset our Configuration Information */
116 ipcp_cilen, /* Length of our Configuration Information */
117 ipcp_addci, /* Add our Configuration Information */
118 ipcp_ackci, /* ACK our Configuration Information */
119 ipcp_nakci, /* NAK our Configuration Information */
120 ipcp_rejci, /* Reject our Configuration Information */
121 ipcp_reqci, /* Request peer's Configuration Information */
122 ipcp_up, /* Called when fsm reaches OPENED state */
123 ipcp_down, /* Called when fsm leaves OPENED state */
124 NULL, /* Called when we want the lower layer up */
125 ipcp_finished, /* Called when we want the lower layer down */
126 NULL, /* Called when Protocol-Reject received */
127 NULL, /* Retransmission is necessary */
128 NULL, /* Called to handle protocol-specific codes */
129 "IPCP" /* String name of protocol */
133 * Command-line options.
135 static int setvjslots (char **);
136 static int setdnsaddr (char **);
137 static int setwinsaddr (char **);
138 static int setnetmask (char **);
139 int setipaddr (char *, char **, int);
140 static void printipaddr (struct option *, void (*)(void *, char *,...),void *);
142 static struct option ipcp_option_list[] = {
143 { "noip", o_bool, &ipcp_protent.enabled_flag,
144 "Disable IP and IPCP" },
145 { "-ip", o_bool, &ipcp_protent.enabled_flag,
146 "Disable IP and IPCP", OPT_ALIAS },
148 { "novj", o_bool, &ipcp_wantoptions[0].neg_vj,
149 "Disable VJ compression", OPT_A2CLR, &ipcp_allowoptions[0].neg_vj },
150 { "-vj", o_bool, &ipcp_wantoptions[0].neg_vj,
151 "Disable VJ compression", OPT_ALIAS | OPT_A2CLR,
152 &ipcp_allowoptions[0].neg_vj },
154 { "novjccomp", o_bool, &ipcp_wantoptions[0].cflag,
155 "Disable VJ connection-ID compression", OPT_A2CLR,
156 &ipcp_allowoptions[0].cflag },
157 { "-vjccomp", o_bool, &ipcp_wantoptions[0].cflag,
158 "Disable VJ connection-ID compression", OPT_ALIAS | OPT_A2CLR,
159 &ipcp_allowoptions[0].cflag },
161 { "vj-max-slots", o_special, (void *)setvjslots,
162 "Set maximum VJ header slots",
163 OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, vj_value },
165 { "ipcp-accept-local", o_bool, &ipcp_wantoptions[0].accept_local,
166 "Accept peer's address for us", 1 },
167 { "ipcp-accept-remote", o_bool, &ipcp_wantoptions[0].accept_remote,
168 "Accept peer's address for it", 1 },
170 { "ipparam", o_string, &ipparam,
171 "Set ip script parameter", OPT_PRIO },
173 { "noipdefault", o_bool, &disable_defaultip,
174 "Don't use name for default IP adrs", 1 },
176 { "ms-dns", o_special, (void *)setdnsaddr,
177 "DNS address for the peer's use", OPT_A2LIST },
178 { "ms-wins", o_special, (void *)setwinsaddr,
179 "Nameserver for SMB over TCP/IP for peer", OPT_A2LIST },
181 { "ipcp-restart", o_int, &ipcp_fsm[0].timeouttime,
182 "Set timeout for IPCP", OPT_PRIO },
183 { "ipcp-max-terminate", o_int, &ipcp_fsm[0].maxtermtransmits,
184 "Set max #xmits for term-reqs", OPT_PRIO },
185 { "ipcp-max-configure", o_int, &ipcp_fsm[0].maxconfreqtransmits,
186 "Set max #xmits for conf-reqs", OPT_PRIO },
187 { "ipcp-max-failure", o_int, &ipcp_fsm[0].maxnakloops,
188 "Set max #conf-naks for IPCP", OPT_PRIO },
190 { "defaultroute", o_bool, &ipcp_wantoptions[0].default_route,
191 "Add default route", OPT_ENABLE|1, &ipcp_allowoptions[0].default_route },
192 { "nodefaultroute", o_bool, &ipcp_allowoptions[0].default_route,
193 "disable defaultroute option", OPT_A2CLR,
194 &ipcp_wantoptions[0].default_route },
195 { "-defaultroute", o_bool, &ipcp_allowoptions[0].default_route,
196 "disable defaultroute option", OPT_ALIAS | OPT_A2CLR,
197 &ipcp_wantoptions[0].default_route },
200 { "replacedefaultroute", o_bool,
201 &ipcp_wantoptions[0].replace_default_route,
202 "Replace default route", OPT_PRIV | 1
204 { "noreplacedefaultroute", o_bool,
205 &ipcp_wantoptions[0].replace_default_route,
206 "Do not replace default route", 0 },
208 { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp,
209 "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp },
210 { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp,
211 "disable proxyarp option", OPT_A2CLR,
212 &ipcp_wantoptions[0].proxy_arp },
213 { "-proxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp,
214 "disable proxyarp option", OPT_ALIAS | OPT_A2CLR,
215 &ipcp_wantoptions[0].proxy_arp },
217 { "usepeerdns", o_bool, &usepeerdns,
218 "Ask peer for DNS address(es)", 1 },
220 { "usepeerwins", o_bool, &usepeerwins,
221 "Ask peer for WINS address(es)", 1 },
223 { "noresolvconf", o_bool, &noresolvconf,
224 "Do not create resolv.conf", 1 },
226 { "netmask", o_special, (void *)setnetmask,
227 "set netmask", OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, netmask_str },
229 { "ipcp-no-addresses", o_bool, &ipcp_wantoptions[0].old_addrs,
230 "Disable old-style IP-Addresses usage", OPT_A2CLR,
231 &ipcp_allowoptions[0].old_addrs },
232 { "ipcp-no-address", o_bool, &ipcp_wantoptions[0].neg_addr,
233 "Disable IP-Address usage", OPT_A2CLR,
234 &ipcp_allowoptions[0].neg_addr },
236 { "noremoteip", o_bool, &noremoteip,
237 "Allow peer to have no IP address", 1 },
239 { "nosendip", o_bool, &ipcp_wantoptions[0].neg_addr,
240 "Don't send our IP address to peer", OPT_A2CLR,
241 &ipcp_wantoptions[0].old_addrs},
243 { "IP addresses", o_wild, (void *) &setipaddr,
244 "set local and remote IP addresses",
245 OPT_NOARG | OPT_A2PRINTER, (void *) &printipaddr },
251 * Protocol entry points from main code.
253 static void ipcp_init (int);
254 static void ipcp_open (int);
255 static void ipcp_close (int, char *);
256 static void ipcp_lowerup (int);
257 static void ipcp_lowerdown (int);
258 static void ipcp_input (int, u_char *, int);
259 static void ipcp_protrej (int);
260 static int ipcp_printpkt (u_char *, int,
261 void (*) (void *, char *, ...), void *);
262 static void ip_check_options (void);
263 static int ip_demand_conf (int);
264 static int ip_active_pkt (u_char *, int);
265 static void create_resolv (u_int32_t, u_int32_t);
267 struct protent ipcp_protent = {
287 static void ipcp_clear_addrs (int, u_int32_t, u_int32_t, bool);
288 static void ipcp_script (char *, int); /* Run an up/down script */
289 static void ipcp_script_done (void *);
292 * Lengths of configuration options.
295 #define CILEN_COMPRESS 4 /* min length for compression protocol opt. */
296 #define CILEN_VJ 6 /* length for RFC1332 Van-Jacobson opt. */
297 #define CILEN_ADDR 6 /* new-style single address option */
298 #define CILEN_ADDRS 10 /* old-style dual address option */
301 #define CODENAME(x) ((x) == CONFACK ? "ACK" : \
302 (x) == CONFNAK ? "NAK" : "REJ")
305 * This state variable is used to ensure that we don't
306 * run an ipcp-up/down script while one is already running.
308 static enum script_state {
312 static pid_t ipcp_script_pid;
315 * Make a string representation of a network IP address.
318 ip_ntoa(u_int32_t ipaddr)
322 slprintf(b, sizeof(b), "%I", ipaddr);
331 * setvjslots - set maximum number of connection slots for VJ compression
334 setvjslots(char **argv)
338 if (!ppp_int_option(*argv, &value))
340 if (value < 2 || value > 16) {
341 ppp_option_error("vj-max-slots value must be between 2 and 16");
344 ipcp_wantoptions [0].maxslotindex =
345 ipcp_allowoptions[0].maxslotindex = value - 1;
346 slprintf(vj_value, sizeof(vj_value), "%d", value);
351 * setdnsaddr - set the dns address(es)
354 setdnsaddr(char **argv)
359 dns = inet_addr(*argv);
360 if (dns == (u_int32_t) -1) {
361 if ((hp = gethostbyname(*argv)) == NULL) {
362 ppp_option_error("invalid address parameter '%s' for ms-dns option",
366 dns = *(u_int32_t *)hp->h_addr;
369 /* We take the last 2 values given, the 2nd-last as the primary
370 and the last as the secondary. If only one is given it
371 becomes both primary and secondary. */
372 if (ipcp_allowoptions[0].dnsaddr[1] == 0)
373 ipcp_allowoptions[0].dnsaddr[0] = dns;
375 ipcp_allowoptions[0].dnsaddr[0] = ipcp_allowoptions[0].dnsaddr[1];
377 /* always set the secondary address value. */
378 ipcp_allowoptions[0].dnsaddr[1] = dns;
384 * setwinsaddr - set the wins address(es)
385 * This is primrarly used with the Samba package under UNIX or for pointing
386 * the caller to the existing WINS server on a Windows NT platform.
389 setwinsaddr(char **argv)
394 wins = inet_addr(*argv);
395 if (wins == (u_int32_t) -1) {
396 if ((hp = gethostbyname(*argv)) == NULL) {
397 ppp_option_error("invalid address parameter '%s' for ms-wins option",
401 wins = *(u_int32_t *)hp->h_addr;
404 /* We take the last 2 values given, the 2nd-last as the primary
405 and the last as the secondary. If only one is given it
406 becomes both primary and secondary. */
407 if (ipcp_allowoptions[0].winsaddr[1] == 0)
408 ipcp_allowoptions[0].winsaddr[0] = wins;
410 ipcp_allowoptions[0].winsaddr[0] = ipcp_allowoptions[0].winsaddr[1];
412 /* always set the secondary address value. */
413 ipcp_allowoptions[0].winsaddr[1] = wins;
419 * setipaddr - Set the IP address
420 * If doit is 0, the call is to check whether this option is
421 * potentially an IP address specification.
422 * Not static so that plugins can call it to set the addresses
425 setipaddr(char *arg, char **argv, int doit)
429 u_int32_t local, remote;
430 ipcp_options *wo = &ipcp_wantoptions[0];
431 static int prio_local = 0, prio_remote = 0;
434 * IP address pair separated by ":".
436 if ((colon = strchr(arg, ':')) == NULL)
442 * If colon first character, then no local addr.
444 if (colon != arg && option_priority >= prio_local) {
446 if ((local = inet_addr(arg)) == (u_int32_t) -1) {
447 if ((hp = gethostbyname(arg)) == NULL) {
448 ppp_option_error("unknown host: %s", arg);
451 local = *(u_int32_t *)hp->h_addr;
453 if (ppp_bad_ip_addr(local)) {
454 ppp_option_error("bad local IP address %s", ip_ntoa(local));
460 prio_local = option_priority;
464 * If colon last character, then no remote addr.
466 if (*++colon != '\0' && option_priority >= prio_remote) {
467 if ((remote = inet_addr(colon)) == (u_int32_t) -1) {
468 if ((hp = gethostbyname(colon)) == NULL) {
469 ppp_option_error("unknown host: %s", colon);
472 remote = *(u_int32_t *)hp->h_addr;
473 if (remote_name[0] == 0)
474 strlcpy(remote_name, colon, sizeof(remote_name));
476 if (ppp_bad_ip_addr(remote)) {
477 ppp_option_error("bad remote IP address %s", ip_ntoa(remote));
481 wo->hisaddr = remote;
482 prio_remote = option_priority;
489 printipaddr(struct option *opt, void (*printer) (void *, char *, ...), void *arg)
491 ipcp_options *wo = &ipcp_wantoptions[0];
493 if (wo->ouraddr != 0)
494 printer(arg, "%I", wo->ouraddr);
496 if (wo->hisaddr != 0)
497 printer(arg, "%I", wo->hisaddr);
501 * setnetmask - set the netmask to be used on the interface.
504 setnetmask(char **argv)
511 * Unfortunately, if we use inet_addr, we can't tell whether
512 * a result of all 1s is an error or a valid 255.255.255.255.
515 n = parse_dotted_ip(p, &mask);
519 if (n == 0 || p[n] != 0 || (netmask & ~mask) != 0) {
520 ppp_option_error("invalid netmask value '%s'", *argv);
525 slprintf(netmask_str, sizeof(netmask_str), "%I", mask);
531 parse_dotted_ip(char *p, u_int32_t *vp)
539 b = strtoul(p, &endp, 0);
545 /* accept e.g. 0xffffff00 */
561 const char *ppp_ipparam()
568 * ipcp_init - Initialize IPCP.
573 fsm *f = &ipcp_fsm[unit];
574 ipcp_options *wo = &ipcp_wantoptions[unit];
575 ipcp_options *ao = &ipcp_allowoptions[unit];
578 f->protocol = PPP_IPCP;
579 f->callbacks = &ipcp_callbacks;
580 fsm_init(&ipcp_fsm[unit]);
583 * Some 3G modems use repeated IPCP NAKs as a way of stalling
584 * until they can contact a server on the network, so we increase
585 * the default number of NAKs we accept before we start treating
588 f->maxnakloops = 100;
590 memset(wo, 0, sizeof(*wo));
591 memset(ao, 0, sizeof(*ao));
593 wo->neg_addr = wo->old_addrs = 1;
595 wo->vj_protocol = IPCP_VJ_COMP;
596 wo->maxslotindex = MAX_STATES - 1; /* really max index */
600 /* max slots and slot-id compression are currently hardwired in */
601 /* ppp_if.c to 16 and 1, this needs to be changed (among other */
604 ao->neg_addr = ao->old_addrs = 1;
606 ao->maxslotindex = MAX_STATES - 1;
610 * XXX These control whether the user may use the proxyarp
611 * and defaultroute options.
614 ao->default_route = 1;
619 * ipcp_open - IPCP is allowed to come up.
624 fsm_open(&ipcp_fsm[unit]);
630 * ipcp_close - Take IPCP down.
633 ipcp_close(int unit, char *reason)
635 fsm_close(&ipcp_fsm[unit], reason);
640 * ipcp_lowerup - The lower layer is up.
643 ipcp_lowerup(int unit)
645 fsm_lowerup(&ipcp_fsm[unit]);
650 * ipcp_lowerdown - The lower layer is down.
653 ipcp_lowerdown(int unit)
655 fsm_lowerdown(&ipcp_fsm[unit]);
660 * ipcp_input - Input IPCP packet.
663 ipcp_input(int unit, u_char *p, int len)
665 fsm_input(&ipcp_fsm[unit], p, len);
670 * ipcp_protrej - A Protocol-Reject was received for IPCP.
672 * Pretend the lower layer went down, so we shut up.
675 ipcp_protrej(int unit)
677 fsm_lowerdown(&ipcp_fsm[unit]);
682 * ipcp_resetci - Reset our CI.
683 * Called by fsm_sconfreq, Send Configure Request.
688 ipcp_options *wo = &ipcp_wantoptions[f->unit];
689 ipcp_options *go = &ipcp_gotoptions[f->unit];
690 ipcp_options *ao = &ipcp_allowoptions[f->unit];
692 wo->req_addr = ((wo->neg_addr || wo->old_addrs) &&
693 (ao->neg_addr || ao->old_addrs)) ||
694 (wo->hisaddr && !wo->accept_remote);
695 if (wo->ouraddr == 0)
696 wo->accept_local = 1;
697 if (wo->hisaddr == 0)
698 wo->accept_remote = 1;
699 wo->req_dns1 = usepeerdns; /* Request DNS addresses from the peer */
700 wo->req_dns2 = usepeerdns;
701 wo->req_wins1 = usepeerwins; /* Request WINS addresses from the peer */
702 wo->req_wins2 = usepeerwins;
706 if (ip_choose_hook) {
707 ip_choose_hook(&wo->hisaddr);
709 wo->accept_remote = 0;
712 BZERO(&ipcp_hisoptions[f->unit], sizeof(ipcp_options));
717 * ipcp_cilen - Return length of our CI.
718 * Called by fsm_sconfreq, Send Configure Request.
723 ipcp_options *go = &ipcp_gotoptions[f->unit];
724 ipcp_options *wo = &ipcp_wantoptions[f->unit];
725 ipcp_options *ho = &ipcp_hisoptions[f->unit];
727 #define LENCIADDRS(neg) (neg ? CILEN_ADDRS : 0)
728 #define LENCIVJ(neg, old) (neg ? (old? CILEN_COMPRESS : CILEN_VJ) : 0)
729 #define LENCIADDR(neg) (neg ? CILEN_ADDR : 0)
730 #define LENCIDNS(neg) LENCIADDR(neg)
731 #define LENCIWINS(neg) LENCIADDR(neg)
734 * First see if we want to change our options to the old
735 * forms because we have received old forms from the peer.
737 if (go->neg_addr && go->old_addrs && !ho->neg_addr && ho->old_addrs)
739 if (wo->neg_vj && !go->neg_vj && !go->old_vj) {
740 /* try an older style of VJ negotiation */
741 /* use the old style only if the peer did */
742 if (ho->neg_vj && ho->old_vj) {
745 go->vj_protocol = ho->vj_protocol;
749 return (LENCIADDRS(!go->neg_addr && go->old_addrs) +
750 LENCIVJ(go->neg_vj, go->old_vj) +
751 LENCIADDR(go->neg_addr) +
752 LENCIDNS(go->req_dns1) +
753 LENCIDNS(go->req_dns2) +
754 LENCIWINS(go->req_wins1) +
755 LENCIWINS(go->req_wins2)) ;
760 * ipcp_addci - Add our desired CIs to a packet.
761 * Called by fsm_sconfreq, Send Configure Request.
764 ipcp_addci(fsm *f, u_char *ucp, int *lenp)
766 ipcp_options *go = &ipcp_gotoptions[f->unit];
769 #define ADDCIADDRS(opt, neg, val1, val2) \
771 if (len >= CILEN_ADDRS) { \
774 PUTCHAR(CILEN_ADDRS, ucp); \
779 len -= CILEN_ADDRS; \
784 #define ADDCIVJ(opt, neg, val, old, maxslotindex, cflag) \
786 int vjlen = old? CILEN_COMPRESS : CILEN_VJ; \
787 if (len >= vjlen) { \
789 PUTCHAR(vjlen, ucp); \
790 PUTSHORT(val, ucp); \
792 PUTCHAR(maxslotindex, ucp); \
793 PUTCHAR(cflag, ucp); \
800 #define ADDCIADDR(opt, neg, val) \
802 if (len >= CILEN_ADDR) { \
805 PUTCHAR(CILEN_ADDR, ucp); \
813 #define ADDCIDNS(opt, neg, addr) \
815 if (len >= CILEN_ADDR) { \
818 PUTCHAR(CILEN_ADDR, ucp); \
826 #define ADDCIWINS(opt, neg, addr) \
828 if (len >= CILEN_ADDR) { \
831 PUTCHAR(CILEN_ADDR, ucp); \
839 ADDCIADDRS(CI_ADDRS, !go->neg_addr && go->old_addrs, go->ouraddr,
842 ADDCIVJ(CI_COMPRESSTYPE, go->neg_vj, go->vj_protocol, go->old_vj,
843 go->maxslotindex, go->cflag);
845 ADDCIADDR(CI_ADDR, go->neg_addr, go->ouraddr);
847 ADDCIDNS(CI_MS_DNS1, go->req_dns1, go->dnsaddr[0]);
849 ADDCIDNS(CI_MS_DNS2, go->req_dns2, go->dnsaddr[1]);
851 ADDCIWINS(CI_MS_WINS1, go->req_wins1, go->winsaddr[0]);
853 ADDCIWINS(CI_MS_WINS2, go->req_wins2, go->winsaddr[1]);
860 * ipcp_ackci - Ack our CIs.
861 * Called by fsm_rconfack, Receive Configure ACK.
868 ipcp_ackci(fsm *f, u_char *p, int len)
870 ipcp_options *go = &ipcp_gotoptions[f->unit];
871 u_short cilen, citype, cishort;
873 u_char cimaxslotindex, cicflag;
876 * CIs must be in exactly the same order that we sent...
877 * Check packet length and CI length at each step.
878 * If we find any deviations, then this packet is bad.
881 #define ACKCIADDRS(opt, neg, val1, val2) \
884 if ((len -= CILEN_ADDRS) < 0) \
886 GETCHAR(citype, p); \
888 if (cilen != CILEN_ADDRS || \
893 if (val1 != cilong) \
897 if (val2 != cilong) \
901 #define ACKCIVJ(opt, neg, val, old, maxslotindex, cflag) \
903 int vjlen = old? CILEN_COMPRESS : CILEN_VJ; \
904 if ((len -= vjlen) < 0) \
906 GETCHAR(citype, p); \
908 if (cilen != vjlen || \
911 GETSHORT(cishort, p); \
912 if (cishort != val) \
915 GETCHAR(cimaxslotindex, p); \
916 if (cimaxslotindex != maxslotindex) \
918 GETCHAR(cicflag, p); \
919 if (cicflag != cflag) \
924 #define ACKCIADDR(opt, neg, val) \
927 if ((len -= CILEN_ADDR) < 0) \
929 GETCHAR(citype, p); \
931 if (cilen != CILEN_ADDR || \
940 #define ACKCIDNS(opt, neg, addr) \
943 if ((len -= CILEN_ADDR) < 0) \
945 GETCHAR(citype, p); \
947 if (cilen != CILEN_ADDR || citype != opt) \
951 if (addr != cilong) \
955 #define ACKCIWINS(opt, neg, addr) \
958 if ((len -= CILEN_ADDR) < 0) \
960 GETCHAR(citype, p); \
962 if (cilen != CILEN_ADDR || citype != opt) \
966 if (addr != cilong) \
970 ACKCIADDRS(CI_ADDRS, !go->neg_addr && go->old_addrs, go->ouraddr,
973 ACKCIVJ(CI_COMPRESSTYPE, go->neg_vj, go->vj_protocol, go->old_vj,
974 go->maxslotindex, go->cflag);
976 ACKCIADDR(CI_ADDR, go->neg_addr, go->ouraddr);
978 ACKCIDNS(CI_MS_DNS1, go->req_dns1, go->dnsaddr[0]);
980 ACKCIDNS(CI_MS_DNS2, go->req_dns2, go->dnsaddr[1]);
982 ACKCIWINS(CI_MS_WINS1, go->req_wins1, go->winsaddr[0]);
984 ACKCIWINS(CI_MS_WINS2, go->req_wins2, go->winsaddr[1]);
987 * If there are any remaining CIs, then this packet is bad.
994 IPCPDEBUG(("ipcp_ackci: received bad Ack!"));
999 * ipcp_nakci - Peer has sent a NAK for some of our CIs.
1000 * This should not modify any state if the Nak is bad
1001 * or if IPCP is in the OPENED state.
1002 * Calback from fsm_rconfnakrej - Receive Configure-Nak or Configure-Reject.
1009 ipcp_nakci(fsm *f, u_char *p, int len, int treat_as_reject)
1011 ipcp_options *wo = &ipcp_wantoptions[f->unit];
1012 ipcp_options *go = &ipcp_gotoptions[f->unit];
1013 u_char cimaxslotindex, cicflag;
1014 u_char citype, cilen, *next;
1016 u_int32_t ciaddr1, ciaddr2, l, cidnsaddr, ciwinsaddr;
1017 ipcp_options no; /* options we've seen Naks for */
1018 ipcp_options try; /* options to request next time */
1020 BZERO(&no, sizeof(no));
1024 * Any Nak'd CIs must be in exactly the same order that we sent.
1025 * Check packet length and CI length at each step.
1026 * If we find any deviations, then this packet is bad.
1028 #define NAKCIADDRS(opt, neg, code) \
1030 (cilen = p[1]) == CILEN_ADDRS && \
1036 ciaddr1 = htonl(l); \
1038 ciaddr2 = htonl(l); \
1043 #define NAKCIVJ(opt, neg, code) \
1045 ((cilen = p[1]) == CILEN_COMPRESS || cilen == CILEN_VJ) && \
1050 GETSHORT(cishort, p); \
1055 #define NAKCIADDR(opt, neg, code) \
1057 (cilen = p[1]) == CILEN_ADDR && \
1063 ciaddr1 = htonl(l); \
1068 #define NAKCIDNS(opt, neg, code) \
1070 ((cilen = p[1]) == CILEN_ADDR) && \
1076 cidnsaddr = htonl(l); \
1081 #define NAKCIWINS(opt, neg, code) \
1083 ((cilen = p[1]) == CILEN_ADDR) && \
1089 ciwinsaddr = htonl(l); \
1095 * Accept the peer's idea of {our,his} address, if different
1096 * from our idea, only if the accept_{local,remote} flag is set.
1098 NAKCIADDRS(CI_ADDRS, !go->neg_addr && go->old_addrs,
1099 if (treat_as_reject) {
1102 if (go->accept_local && ciaddr1) {
1103 /* take his idea of our address */
1104 try.ouraddr = ciaddr1;
1106 if (go->accept_remote && ciaddr2) {
1107 /* take his idea of his address */
1108 try.hisaddr = ciaddr2;
1114 * Accept the peer's value of maxslotindex provided that it
1115 * is less than what we asked for. Turn off slot-ID compression
1116 * if the peer wants. Send old-style compress-type option if
1119 NAKCIVJ(CI_COMPRESSTYPE, neg_vj,
1120 if (treat_as_reject) {
1122 } else if (cilen == CILEN_VJ) {
1123 GETCHAR(cimaxslotindex, p);
1124 GETCHAR(cicflag, p);
1125 if (cishort == IPCP_VJ_COMP) {
1127 if (cimaxslotindex < go->maxslotindex)
1128 try.maxslotindex = cimaxslotindex;
1135 if (cishort == IPCP_VJ_COMP || cishort == IPCP_VJ_COMP_OLD) {
1137 try.vj_protocol = cishort;
1144 NAKCIADDR(CI_ADDR, neg_addr,
1145 if (treat_as_reject) {
1148 } else if (go->accept_local && ciaddr1) {
1149 /* take his idea of our address */
1150 try.ouraddr = ciaddr1;
1154 NAKCIDNS(CI_MS_DNS1, req_dns1,
1155 if (treat_as_reject) {
1158 try.dnsaddr[0] = cidnsaddr;
1162 NAKCIDNS(CI_MS_DNS2, req_dns2,
1163 if (treat_as_reject) {
1166 try.dnsaddr[1] = cidnsaddr;
1170 NAKCIWINS(CI_MS_WINS1, req_wins1,
1171 if (treat_as_reject) {
1174 try.winsaddr[0] = ciwinsaddr;
1178 NAKCIWINS(CI_MS_WINS2, req_wins2,
1179 if (treat_as_reject) {
1182 try.winsaddr[1] = ciwinsaddr;
1187 * There may be remaining CIs, if the peer is requesting negotiation
1188 * on an option that we didn't include in our request packet.
1189 * If they want to negotiate about IP addresses, we comply.
1190 * If they want us to ask for compression, we refuse.
1191 * If they want us to ask for ms-dns, we do that, since some
1192 * peers get huffy if we don't.
1194 while (len >= CILEN_VOID) {
1197 if ( cilen < CILEN_VOID || (len -= cilen) < 0 )
1199 next = p + cilen - 2;
1202 case CI_COMPRESSTYPE:
1203 if (go->neg_vj || no.neg_vj ||
1204 (cilen != CILEN_VJ && cilen != CILEN_COMPRESS))
1209 if ((!go->neg_addr && go->old_addrs) || no.old_addrs
1210 || cilen != CILEN_ADDRS)
1215 if (ciaddr1 && go->accept_local)
1216 try.ouraddr = wo->old_addrs ? ciaddr1 : 0;
1219 if (ciaddr2 && go->accept_remote)
1220 try.hisaddr = ciaddr2;
1224 if (go->neg_addr || no.neg_addr || cilen != CILEN_ADDR)
1229 if (ciaddr1 && go->accept_local)
1230 try.ouraddr = ciaddr1;
1231 if (try.ouraddr != 0 && wo->neg_addr)
1236 if (go->req_dns1 || no.req_dns1 || cilen != CILEN_ADDR)
1239 try.dnsaddr[0] = htonl(l);
1244 if (go->req_dns2 || no.req_dns2 || cilen != CILEN_ADDR)
1247 try.dnsaddr[1] = htonl(l);
1252 if (go->req_wins1 || no.req_wins1 || cilen != CILEN_ADDR)
1255 try.winsaddr[0] = htonl(l);
1260 if (go->req_wins2 || no.req_wins2 || cilen != CILEN_ADDR)
1263 try.winsaddr[1] = htonl(l);
1272 * OK, the Nak is good. Now we can update state.
1273 * If there are any remaining options, we ignore them.
1275 if (f->state != OPENED)
1281 IPCPDEBUG(("ipcp_nakci: received bad Nak!"));
1286 * ipcp_rejci - Reject some of our CIs.
1287 * Callback from fsm_rconfnakrej.
1290 ipcp_rejci(fsm *f, u_char *p, int len)
1292 ipcp_options *go = &ipcp_gotoptions[f->unit];
1293 u_char cimaxslotindex, ciflag, cilen;
1296 ipcp_options try; /* options to request next time */
1300 * Any Rejected CIs must be in exactly the same order that we sent.
1301 * Check packet length and CI length at each step.
1302 * If we find any deviations, then this packet is bad.
1304 #define REJCIADDRS(opt, neg, val1, val2) \
1306 (cilen = p[1]) == CILEN_ADDRS && \
1313 cilong = htonl(l); \
1314 /* Check rejected value. */ \
1315 if (cilong != val1) \
1318 cilong = htonl(l); \
1319 /* Check rejected value. */ \
1320 if (cilong != val2) \
1322 try.old_addrs = 0; \
1325 #define REJCIVJ(opt, neg, val, old, maxslot, cflag) \
1327 p[1] == (old? CILEN_COMPRESS : CILEN_VJ) && \
1332 GETSHORT(cishort, p); \
1333 /* Check rejected value. */ \
1334 if (cishort != val) \
1337 GETCHAR(cimaxslotindex, p); \
1338 if (cimaxslotindex != maxslot) \
1340 GETCHAR(ciflag, p); \
1341 if (ciflag != cflag) \
1347 #define REJCIADDR(opt, neg, val) \
1349 (cilen = p[1]) == CILEN_ADDR && \
1356 cilong = htonl(l); \
1357 /* Check rejected value. */ \
1358 if (cilong != val) \
1363 #define REJCIDNS(opt, neg, dnsaddr) \
1365 ((cilen = p[1]) == CILEN_ADDR) && \
1372 cilong = htonl(l); \
1373 /* Check rejected value. */ \
1374 if (cilong != dnsaddr) \
1379 #define REJCIWINS(opt, neg, addr) \
1381 ((cilen = p[1]) == CILEN_ADDR) && \
1388 cilong = htonl(l); \
1389 /* Check rejected value. */ \
1390 if (cilong != addr) \
1395 REJCIADDRS(CI_ADDRS, !go->neg_addr && go->old_addrs,
1396 go->ouraddr, go->hisaddr);
1398 REJCIVJ(CI_COMPRESSTYPE, neg_vj, go->vj_protocol, go->old_vj,
1399 go->maxslotindex, go->cflag);
1401 REJCIADDR(CI_ADDR, neg_addr, go->ouraddr);
1403 REJCIDNS(CI_MS_DNS1, req_dns1, go->dnsaddr[0]);
1405 REJCIDNS(CI_MS_DNS2, req_dns2, go->dnsaddr[1]);
1407 REJCIWINS(CI_MS_WINS1, req_wins1, go->winsaddr[0]);
1409 REJCIWINS(CI_MS_WINS2, req_wins2, go->winsaddr[1]);
1412 * If there are any remaining CIs, then this packet is bad.
1417 * Now we can update state.
1419 if (f->state != OPENED)
1424 IPCPDEBUG(("ipcp_rejci: received bad Reject!"));
1430 * ipcp_reqci - Check the peer's requested CIs and send appropriate response.
1431 * Callback from fsm_rconfreq, Receive Configure Request
1433 * Returns: CONFACK, CONFNAK or CONFREJ and input packet modified
1434 * appropriately. If reject_if_disagree is non-zero, doesn't return
1435 * CONFNAK; returns CONFREJ if it can't return CONFACK.
1438 ipcp_reqci(fsm *f, u_char *inp, int *len, int reject_if_disagree)
1440 ipcp_options *wo = &ipcp_wantoptions[f->unit];
1441 ipcp_options *ho = &ipcp_hisoptions[f->unit];
1442 ipcp_options *ao = &ipcp_allowoptions[f->unit];
1443 u_char *cip, *next; /* Pointer to current and next CIs */
1444 u_int32_t cilen, citype; /* Parsed len, type */
1445 u_short cishort; /* Parsed short value */
1446 u_int32_t tl, ciaddr1, ciaddr2;/* Parsed address values */
1447 int rc = CONFACK; /* Final packet return code */
1448 int orc; /* Individual option return code */
1449 u_char *p; /* Pointer to next char to parse */
1450 u_char *ucp = inp; /* Pointer to current output char */
1451 u_int32_t l = *len; /* Length left */
1452 u_char maxslotindex, cflag;
1456 * Reset all his options.
1458 BZERO(ho, sizeof(*ho));
1461 * Process all his options.
1465 orc = CONFACK; /* Assume success */
1466 cip = p = next; /* Remember begining of CI */
1467 if (l < 2 || /* Not enough data for CI header or */
1468 p[1] < 2 || /* CI length too small or */
1469 p[1] > l) { /* CI length too big? */
1470 IPCPDEBUG(("ipcp_reqci: bad CI length!"));
1471 orc = CONFREJ; /* Reject bad CI */
1472 cilen = l; /* Reject till end of packet */
1473 l = 0; /* Don't loop again */
1476 GETCHAR(citype, p); /* Parse CI type */
1477 GETCHAR(cilen, p); /* Parse CI length */
1478 l -= cilen; /* Adjust remaining length */
1479 next += cilen; /* Step to next CI */
1481 switch (citype) { /* Check CI type */
1483 if (!ao->old_addrs || ho->neg_addr ||
1484 cilen != CILEN_ADDRS) { /* Check CI length */
1485 orc = CONFREJ; /* Reject CI */
1490 * If he has no address, or if we both have his address but
1491 * disagree about it, then NAK it with our idea.
1492 * In particular, if we don't know his address, but he does,
1495 GETLONG(tl, p); /* Parse source address (his) */
1496 ciaddr1 = htonl(tl);
1497 if (ciaddr1 != wo->hisaddr
1498 && (ciaddr1 == 0 || !wo->accept_remote)) {
1500 if (!reject_if_disagree) {
1501 DECPTR(sizeof(u_int32_t), p);
1502 tl = ntohl(wo->hisaddr);
1505 } else if (ciaddr1 == 0 && wo->hisaddr == 0) {
1507 * If neither we nor he knows his address, reject the option.
1510 wo->req_addr = 0; /* don't NAK with 0.0.0.0 later */
1515 * If he doesn't know our address, or if we both have our address
1516 * but disagree about it, then NAK it with our idea.
1518 GETLONG(tl, p); /* Parse desination address (ours) */
1519 ciaddr2 = htonl(tl);
1520 if (ciaddr2 != wo->ouraddr) {
1521 if (ciaddr2 == 0 || !wo->accept_local) {
1523 if (!reject_if_disagree && wo->old_addrs) {
1524 DECPTR(sizeof(u_int32_t), p);
1525 tl = ntohl(wo->ouraddr);
1529 wo->ouraddr = ciaddr2; /* accept peer's idea */
1534 ho->hisaddr = ciaddr1;
1535 ho->ouraddr = ciaddr2;
1539 if (!ao->neg_addr || ho->old_addrs ||
1540 cilen != CILEN_ADDR) { /* Check CI length */
1541 orc = CONFREJ; /* Reject CI */
1546 * If he has no address, or if we both have his address but
1547 * disagree about it, then NAK it with our idea.
1548 * In particular, if we don't know his address, but he does,
1551 GETLONG(tl, p); /* Parse source address (his) */
1552 ciaddr1 = htonl(tl);
1553 if (ciaddr1 != wo->hisaddr
1554 && (ciaddr1 == 0 || !wo->accept_remote)) {
1556 if (!reject_if_disagree) {
1557 DECPTR(sizeof(u_int32_t), p);
1558 tl = ntohl(wo->hisaddr);
1561 } else if (ciaddr1 == 0 && wo->hisaddr == 0) {
1563 * Don't ACK an address of 0.0.0.0 - reject it instead.
1566 wo->req_addr = 0; /* don't NAK with 0.0.0.0 later */
1571 ho->hisaddr = ciaddr1;
1576 /* Microsoft primary or secondary DNS request */
1577 d = citype == CI_MS_DNS2;
1579 /* If we do not have a DNS address then we cannot send it */
1580 if (ao->dnsaddr[d] == 0 ||
1581 cilen != CILEN_ADDR) { /* Check CI length */
1582 orc = CONFREJ; /* Reject CI */
1586 if (htonl(tl) != ao->dnsaddr[d]) {
1587 DECPTR(sizeof(u_int32_t), p);
1588 tl = ntohl(ao->dnsaddr[d]);
1596 /* Microsoft primary or secondary WINS request */
1597 d = citype == CI_MS_WINS2;
1599 /* If we do not have a WINS address then we cannot send it */
1600 if (ao->winsaddr[d] == 0 ||
1601 cilen != CILEN_ADDR) { /* Check CI length */
1602 orc = CONFREJ; /* Reject CI */
1606 if (htonl(tl) != ao->winsaddr[d]) {
1607 DECPTR(sizeof(u_int32_t), p);
1608 tl = ntohl(ao->winsaddr[d]);
1614 case CI_COMPRESSTYPE:
1616 (cilen != CILEN_VJ && cilen != CILEN_COMPRESS)) {
1620 GETSHORT(cishort, p);
1622 if (!(cishort == IPCP_VJ_COMP ||
1623 (cishort == IPCP_VJ_COMP_OLD && cilen == CILEN_COMPRESS))) {
1629 ho->vj_protocol = cishort;
1630 if (cilen == CILEN_VJ) {
1631 GETCHAR(maxslotindex, p);
1632 if (maxslotindex > ao->maxslotindex) {
1634 if (!reject_if_disagree){
1636 PUTCHAR(ao->maxslotindex, p);
1640 if (cflag && !ao->cflag) {
1642 if (!reject_if_disagree){
1644 PUTCHAR(wo->cflag, p);
1647 ho->maxslotindex = maxslotindex;
1651 ho->maxslotindex = MAX_STATES - 1;
1661 if (orc == CONFACK && /* Good CI */
1662 rc != CONFACK) /* but prior CI wasnt? */
1663 continue; /* Don't send this one */
1665 if (orc == CONFNAK) { /* Nak this CI? */
1666 if (reject_if_disagree) /* Getting fed up with sending NAKs? */
1667 orc = CONFREJ; /* Get tough if so */
1669 if (rc == CONFREJ) /* Rejecting prior CI? */
1670 continue; /* Don't send this one */
1671 if (rc == CONFACK) { /* Ack'd all prior CIs? */
1672 rc = CONFNAK; /* Not anymore... */
1673 ucp = inp; /* Backup */
1678 if (orc == CONFREJ && /* Reject this CI */
1679 rc != CONFREJ) { /* but no prior ones? */
1681 ucp = inp; /* Backup */
1684 /* Need to move CI? */
1686 BCOPY(cip, ucp, cilen); /* Move it */
1688 /* Update output pointer */
1693 * If we aren't rejecting this packet, and we want to negotiate
1694 * their address, and they didn't send their address, then we
1695 * send a NAK with a CI_ADDR option appended. We assume the
1696 * input buffer is long enough that we can append the extra
1699 if (rc != CONFREJ && !ho->neg_addr && !ho->old_addrs &&
1700 wo->req_addr && !reject_if_disagree &&
1701 ((wo->hisaddr && !wo->accept_remote) || !noremoteip)) {
1702 if (rc == CONFACK) {
1704 ucp = inp; /* reset pointer */
1705 wo->req_addr = 0; /* don't ask again */
1707 PUTCHAR(CI_ADDR, ucp);
1708 PUTCHAR(CILEN_ADDR, ucp);
1709 tl = ntohl(wo->hisaddr);
1713 *len = ucp - inp; /* Compute output length */
1714 IPCPDEBUG(("ipcp: returning Configure-%s", CODENAME(rc)));
1715 return (rc); /* Return final code */
1720 * ip_check_options - check that any IP-related options are OK,
1721 * and assign appropriate defaults.
1724 ip_check_options(void)
1728 ipcp_options *wo = &ipcp_wantoptions[0];
1731 * Default our local IP address based on our hostname.
1732 * If local IP address already given, don't bother.
1734 if (wo->ouraddr == 0 && !disable_defaultip) {
1736 * Look up our hostname (possibly with domain name appended)
1737 * and take the first IP address as our local IP address.
1738 * If there isn't an IP address for our hostname, too bad.
1740 wo->accept_local = 1; /* don't insist on this default value */
1741 if ((hp = gethostbyname(hostname)) != NULL) {
1742 local = *(u_int32_t *)hp->h_addr;
1743 if (local != 0 && !ppp_bad_ip_addr(local))
1744 wo->ouraddr = local;
1747 ask_for_local = wo->ouraddr != 0 || !disable_defaultip;
1752 * ip_demand_conf - configure the interface as though
1753 * IPCP were up, for use with dial-on-demand.
1756 ip_demand_conf(int u)
1758 ipcp_options *wo = &ipcp_wantoptions[u];
1760 if (wo->hisaddr == 0 && !noremoteip) {
1761 /* make up an arbitrary address for the peer */
1762 wo->hisaddr = htonl(0x0a707070 + ifunit);
1763 wo->accept_remote = 1;
1765 if (wo->ouraddr == 0) {
1766 /* make up an arbitrary address for us */
1767 wo->ouraddr = htonl(0x0a404040 + ifunit);
1768 wo->accept_local = 1;
1769 ask_for_local = 0; /* don't tell the peer this address */
1771 if (!sifaddr(u, wo->ouraddr, wo->hisaddr, GetMask(wo->ouraddr)))
1773 ipcp_script(path_ippreup, 1);
1776 if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE))
1778 if (wo->default_route)
1779 if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr,
1780 wo->replace_default_route))
1781 default_route_set[u] = 1;
1783 if (sifproxyarp(u, wo->hisaddr))
1784 proxy_arp_set[u] = 1;
1786 notice("local IP address %I", wo->ouraddr);
1788 notice("remote IP address %I", wo->hisaddr);
1795 * ipcp_up - IPCP has come UP.
1797 * Configure the IP network interface appropriately and bring it up.
1803 ipcp_options *ho = &ipcp_hisoptions[f->unit];
1804 ipcp_options *go = &ipcp_gotoptions[f->unit];
1805 ipcp_options *wo = &ipcp_wantoptions[f->unit];
1808 IPCPDEBUG(("ipcp: up"));
1811 * We must have a non-zero IP address for both ends of the link.
1814 if (wo->hisaddr && !wo->accept_remote && (!(ho->neg_addr || ho->old_addrs) || ho->hisaddr != wo->hisaddr)) {
1815 error("Peer refused to agree to his IP address");
1816 ipcp_close(f->unit, "Refused his IP address");
1819 if (!ho->neg_addr && !ho->old_addrs)
1820 ho->hisaddr = wo->hisaddr;
1822 if (!(go->neg_addr || go->old_addrs) && (wo->neg_addr || wo->old_addrs)
1823 && wo->ouraddr != 0) {
1824 error("Peer refused to agree to our IP address");
1825 ipcp_close(f->unit, "Refused our IP address");
1828 if (go->ouraddr == 0) {
1829 error("Could not determine local IP address");
1830 ipcp_close(f->unit, "Could not determine local IP address");
1833 if (ho->hisaddr == 0 && !noremoteip) {
1834 ho->hisaddr = htonl(0x0a404040 + ifunit);
1835 warn("Could not determine remote IP address: defaulting to %I",
1838 ppp_script_setenv("IPLOCAL", ip_ntoa(go->ouraddr), 0);
1839 if (ho->hisaddr != 0)
1840 ppp_script_setenv("IPREMOTE", ip_ntoa(ho->hisaddr), 1);
1847 ppp_script_setenv("DNS1", ip_ntoa(go->dnsaddr[0]), 0);
1849 ppp_script_setenv("DNS2", ip_ntoa(go->dnsaddr[1]), 0);
1850 if (usepeerdns && (go->dnsaddr[0] || go->dnsaddr[1])) {
1851 ppp_script_setenv("USEPEERDNS", "1", 0);
1852 create_resolv(go->dnsaddr[0], go->dnsaddr[1]);
1855 if (go->winsaddr[0])
1856 ppp_script_setenv("WINS1", ip_ntoa(go->winsaddr[0]), 0);
1857 if (go->winsaddr[1])
1858 ppp_script_setenv("WINS2", ip_ntoa(go->winsaddr[1]), 0);
1859 if (usepeerwins && (go->winsaddr[0] || go->winsaddr[1]))
1860 ppp_script_setenv("USEPEERWINS", "1", 0);
1863 * Check that the peer is allowed to use the IP address it wants.
1865 if (ho->hisaddr != 0 && !auth_ip_addr(f->unit, ho->hisaddr)) {
1866 error("Peer is not authorized to use remote address %I", ho->hisaddr);
1867 ipcp_close(f->unit, "Unauthorized remote IP address");
1871 /* set tcp compression */
1872 sifvjcomp(f->unit, ho->neg_vj, ho->cflag, ho->maxslotindex);
1875 * If we are doing dial-on-demand, the interface is already
1876 * configured, so we put out any saved-up packets, then set the
1877 * interface to pass IP packets.
1880 if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) {
1881 ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr,
1882 wo->replace_default_route);
1883 if (go->ouraddr != wo->ouraddr) {
1884 warn("Local IP address changed to %I", go->ouraddr);
1885 ppp_script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0);
1886 wo->ouraddr = go->ouraddr;
1888 ppp_script_unsetenv("OLDIPLOCAL");
1889 if (ho->hisaddr != wo->hisaddr) {
1890 warn("Remote IP address changed to %I", ho->hisaddr);
1891 if (wo->hisaddr != 0)
1892 ppp_script_setenv("OLDIPREMOTE", ip_ntoa(wo->hisaddr), 0);
1893 wo->hisaddr = ho->hisaddr;
1895 ppp_script_unsetenv("OLDIPREMOTE");
1897 /* Set the interface to the new addresses */
1898 mask = GetMask(go->ouraddr);
1899 if (!sifaddr(f->unit, go->ouraddr, ho->hisaddr, mask)) {
1901 warn("Interface configuration failed");
1902 ipcp_close(f->unit, "Interface configuration failed");
1906 /* assign a default route through the interface if required */
1907 if (ipcp_wantoptions[f->unit].default_route)
1908 if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
1909 wo->replace_default_route))
1910 default_route_set[f->unit] = 1;
1912 /* Make a proxy ARP entry if requested. */
1913 if (ho->hisaddr != 0 && ipcp_wantoptions[f->unit].proxy_arp)
1914 if (sifproxyarp(f->unit, ho->hisaddr))
1915 proxy_arp_set[f->unit] = 1;
1918 demand_rexmit(PPP_IP);
1919 sifnpmode(f->unit, PPP_IP, NPMODE_PASS);
1923 * Set IP addresses and (if specified) netmask.
1925 mask = GetMask(go->ouraddr);
1927 #if !(defined(SVR4) && (defined(SNI) || defined(__USLC__)))
1928 if (!sifaddr(f->unit, go->ouraddr, ho->hisaddr, mask)) {
1930 warn("Interface configuration failed");
1931 ipcp_close(f->unit, "Interface configuration failed");
1936 ifindex = if_nametoindex(ifname);
1938 /* run the pre-up script, if any, and wait for it to finish */
1939 ipcp_script(path_ippreup, 1);
1941 /* check if preup script renamed the interface */
1942 if (!if_indextoname(ifindex, ifname)) {
1943 error("Interface index %d failed to get renamed by a pre-up script", ifindex);
1944 ipcp_close(f->unit, "Interface configuration failed");
1948 /* bring the interface up for IP */
1949 if (!sifup(f->unit)) {
1951 warn("Interface failed to come up");
1952 ipcp_close(f->unit, "Interface configuration failed");
1956 #if (defined(SVR4) && (defined(SNI) || defined(__USLC__)))
1957 if (!sifaddr(f->unit, go->ouraddr, ho->hisaddr, mask)) {
1959 warn("Interface configuration failed");
1960 ipcp_close(f->unit, "Interface configuration failed");
1964 sifnpmode(f->unit, PPP_IP, NPMODE_PASS);
1966 /* assign a default route through the interface if required */
1967 if (ipcp_wantoptions[f->unit].default_route)
1968 if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
1969 wo->replace_default_route))
1970 default_route_set[f->unit] = 1;
1972 /* Make a proxy ARP entry if requested. */
1973 if (ho->hisaddr != 0 && ipcp_wantoptions[f->unit].proxy_arp)
1974 if (sifproxyarp(f->unit, ho->hisaddr))
1975 proxy_arp_set[f->unit] = 1;
1977 ipcp_wantoptions[0].ouraddr = go->ouraddr;
1979 notice("local IP address %I", go->ouraddr);
1980 if (ho->hisaddr != 0)
1981 notice("remote IP address %I", ho->hisaddr);
1983 notice("primary DNS address %I", go->dnsaddr[0]);
1985 notice("secondary DNS address %I", go->dnsaddr[1]);
1988 reset_link_stats(f->unit);
1990 np_up(f->unit, PPP_IP);
1993 notify(ip_up_notifier, 0);
1998 * Execute the ip-up script, like this:
1999 * /etc/ppp/ip-up interface tty speed local-IP remote-IP
2001 if (ipcp_script_state == s_down && ipcp_script_pid == 0) {
2002 ipcp_script_state = s_up;
2003 ipcp_script(path_ipup, 0);
2009 * ipcp_down - IPCP has gone DOWN.
2011 * Take the IP network interface down, clear its addresses
2012 * and delete routes through it.
2017 IPCPDEBUG(("ipcp: down"));
2018 /* XXX a bit IPv4-centric here, we only need to get the stats
2019 * before the interface is marked down. */
2020 /* XXX more correct: we must get the stats before running the notifiers,
2021 * at least for the radius plugin */
2022 ppp_get_link_stats(NULL);
2023 notify(ip_down_notifier, 0);
2028 np_down(f->unit, PPP_IP);
2030 sifvjcomp(f->unit, 0, 0, 0);
2032 print_link_stats(); /* _after_ running the notifiers and ip_down_hook(),
2033 * because print_link_stats() sets link_stats_print
2037 * If we are doing dial-on-demand, set the interface
2038 * to queue up outgoing packets (for now).
2041 sifnpmode(f->unit, PPP_IP, NPMODE_QUEUE);
2043 sifnpmode(f->unit, PPP_IP, NPMODE_DROP);
2045 ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr,
2046 ipcp_hisoptions[f->unit].hisaddr, 0);
2049 /* Execute the ip-down script */
2050 if (ipcp_script_state == s_up && ipcp_script_pid == 0) {
2051 ipcp_script_state = s_down;
2052 ipcp_script(path_ipdown, 0);
2058 * ipcp_clear_addrs() - clear the interface addresses, routes,
2059 * proxy arp entries, etc.
2062 ipcp_clear_addrs(int unit, u_int32_t ouraddr, u_int32_t hisaddr, bool replacedefaultroute)
2064 if (proxy_arp_set[unit]) {
2065 cifproxyarp(unit, hisaddr);
2066 proxy_arp_set[unit] = 0;
2068 /* If replacedefaultroute, sifdefaultroute will be called soon
2069 * with replacedefaultroute set and that will overwrite the current
2070 * default route. This is the case only when doing demand, otherwise
2071 * during demand, this cifdefaultroute would restore the old default
2072 * route which is not what we want in this case. In the non-demand
2073 * case, we'll delete the default route and restore the old if there
2074 * is one saved by an sifdefaultroute with replacedefaultroute.
2076 if (!replacedefaultroute && default_route_set[unit]) {
2077 cifdefaultroute(unit, ouraddr, hisaddr);
2078 default_route_set[unit] = 0;
2080 cifaddr(unit, ouraddr, hisaddr);
2085 * ipcp_finished - possibly shut down the lower layers.
2088 ipcp_finished(fsm *f)
2092 np_finished(f->unit, PPP_IP);
2098 * ipcp_script_done - called when the ip-up or ip-down script
2102 ipcp_script_done(void *arg)
2104 ipcp_script_pid = 0;
2105 switch (ipcp_script_state) {
2107 if (ipcp_fsm[0].state != OPENED) {
2108 ipcp_script_state = s_down;
2109 ipcp_script(path_ipdown, 0);
2113 if (ipcp_fsm[0].state == OPENED) {
2114 ipcp_script_state = s_up;
2115 ipcp_script(path_ipup, 0);
2123 * ipcp_script - Execute a script with arguments
2124 * interface-name tty-name speed local-IP remote-IP.
2127 ipcp_script(char *script, int wait)
2129 char strspeed[32], strlocal[32], strremote[32];
2132 slprintf(strspeed, sizeof(strspeed), "%d", baud_rate);
2133 slprintf(strlocal, sizeof(strlocal), "%I", ipcp_gotoptions[0].ouraddr);
2134 slprintf(strremote, sizeof(strremote), "%I", ipcp_hisoptions[0].hisaddr);
2141 argv[5] = strremote;
2145 run_program(script, argv, 0, NULL, NULL, 1);
2147 ipcp_script_pid = run_program(script, argv, 0, ipcp_script_done,
2152 * create_resolv - create the replacement resolv.conf file
2155 create_resolv(u_int32_t peerdns1, u_int32_t peerdns2)
2162 f = fopen(PPP_PATH_RESOLV, "w");
2164 error("Failed to create %s: %m", PPP_PATH_RESOLV);
2169 fprintf(f, "nameserver %s\n", ip_ntoa(peerdns1));
2171 if (peerdns2 && peerdns2 != peerdns1)
2172 fprintf(f, "nameserver %s\n", ip_ntoa(peerdns2));
2175 error("Write failed to %s: %m", PPP_PATH_RESOLV);
2181 * ipcp_printpkt - print the contents of an IPCP packet.
2183 static char *ipcp_codenames[] = {
2184 "ConfReq", "ConfAck", "ConfNak", "ConfRej",
2185 "TermReq", "TermAck", "CodeRej"
2189 ipcp_printpkt(u_char *p, int plen,
2190 void (*printer) (void *, char *, ...), void *arg)
2192 int code, id, len, olen;
2193 u_char *pstart, *optend;
2197 if (plen < HEADERLEN)
2203 if (len < HEADERLEN || len > plen)
2206 if (code >= 1 && code <= sizeof(ipcp_codenames) / sizeof(char *))
2207 printer(arg, " %s", ipcp_codenames[code-1]);
2209 printer(arg, " code=0x%x", code);
2210 printer(arg, " id=0x%x", id);
2217 /* print option list */
2222 if (olen < 2 || olen > len) {
2230 if (olen == CILEN_ADDRS) {
2233 printer(arg, "addrs %I", htonl(cilong));
2235 printer(arg, " %I", htonl(cilong));
2238 case CI_COMPRESSTYPE:
2239 if (olen >= CILEN_COMPRESS) {
2241 GETSHORT(cishort, p);
2242 printer(arg, "compress ");
2247 case IPCP_VJ_COMP_OLD:
2248 printer(arg, "old-VJ");
2251 printer(arg, "0x%x", cishort);
2256 if (olen == CILEN_ADDR) {
2259 printer(arg, "addr %I", htonl(cilong));
2266 printer(arg, "ms-dns%d %I", (code == CI_MS_DNS1? 1: 2),
2273 printer(arg, "ms-wins %I", htonl(cilong));
2276 while (p < optend) {
2278 printer(arg, " %.2x", code);
2286 if (len > 0 && *p >= ' ' && *p < 0x7f) {
2288 print_string((char *)p, len, printer, arg);
2295 /* print the rest of the bytes in the packet */
2296 for (; len > 0; --len) {
2298 printer(arg, " %.2x", code);
2305 * ip_active_pkt - see if this IP packet is worth bringing the link up for.
2306 * We don't bring the link up for IP fragments or for TCP FIN packets
2309 #define IP_HDRLEN 20 /* bytes */
2310 #define IP_OFFMASK 0x1fff
2312 #define IPPROTO_TCP 6
2314 #define TCP_HDRLEN 20
2318 * We use these macros because the IP header may be at an odd address,
2319 * and some compilers might use word loads to get th_off or ip_hl.
2322 #define net_short(x) (((x)[0] << 8) + (x)[1])
2323 #define get_iphl(x) (((unsigned char *)(x))[0] & 0xF)
2324 #define get_ipoff(x) net_short((unsigned char *)(x) + 6)
2325 #define get_ipproto(x) (((unsigned char *)(x))[9])
2326 #define get_tcpoff(x) (((unsigned char *)(x))[12] >> 4)
2327 #define get_tcpflags(x) (((unsigned char *)(x))[13])
2330 ip_active_pkt(u_char *pkt, int len)
2337 if (len < IP_HDRLEN)
2339 if ((get_ipoff(pkt) & IP_OFFMASK) != 0)
2341 if (get_ipproto(pkt) != IPPROTO_TCP)
2343 hlen = get_iphl(pkt) * 4;
2344 if (len < hlen + TCP_HDRLEN)
2347 if ((get_tcpflags(tcp) & TH_FIN) != 0 && len == hlen + get_tcpoff(tcp) * 4)
projects / ppp.git / blob