X-Git-Url: http://git.ozlabs.org/?p=ppp.git;a=blobdiff_plain;f=pppd%2Flcp.c;h=d3c16b804bd64ef21a0dc6ac8ad38fb57ec9d04c;hp=801dc5ae0f25c3985fcc4260524327d49d62a3ce;hb=642b44a17f5b83cbfbbbca87d85ec0e4d83762cd;hpb=1acc38d1a82052c4dd967991622e9adc84f9a311 diff --git a/pppd/lcp.c b/pppd/lcp.c index 801dc5a..d3c16b8 100644 --- a/pppd/lcp.c +++ b/pppd/lcp.c @@ -18,7 +18,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: lcp.c,v 1.9 1994/06/14 06:07:47 paulus Exp $"; +static char rcsid[] = "$Id: lcp.c,v 1.27 1996/07/01 01:15:19 paulus Exp $"; #endif /* @@ -36,60 +36,52 @@ static char rcsid[] = "$Id: lcp.c,v 1.9 1994/06/14 06:07:47 paulus Exp $"; #include #include "pppd.h" -#include "ppp.h" #include "fsm.h" #include "lcp.h" -#include "magic.h" #include "chap.h" -#include "upap.h" -#include "ipcp.h" - -#ifdef _linux_ /* Needs ppp ioctls */ -#include -#endif +#include "magic.h" /* global vars */ -fsm lcp_fsm[NPPP]; /* LCP fsm structure (global)*/ -lcp_options lcp_wantoptions[NPPP]; /* Options that we want to request */ -lcp_options lcp_gotoptions[NPPP]; /* Options that peer ack'd */ -lcp_options lcp_allowoptions[NPPP]; /* Options we allow peer to request */ -lcp_options lcp_hisoptions[NPPP]; /* Options that we ack'd */ -u_long xmit_accm[NPPP][8]; /* extended transmit ACCM */ +fsm lcp_fsm[NUM_PPP]; /* LCP fsm structure (global)*/ +lcp_options lcp_wantoptions[NUM_PPP]; /* Options that we want to request */ +lcp_options lcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */ +lcp_options lcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */ +lcp_options lcp_hisoptions[NUM_PPP]; /* Options that we ack'd */ +u_int32_t xmit_accm[NUM_PPP][8]; /* extended transmit ACCM */ -static u_long lcp_echos_pending = 0; /* Number of outstanding echo msgs */ -static u_long lcp_echo_number = 0; /* ID number of next echo frame */ -static u_long lcp_echo_timer_running = 0; /* TRUE if a timer is running */ +static u_int32_t lcp_echos_pending = 0; /* Number of outstanding echo msgs */ +static u_int32_t lcp_echo_number = 0; /* ID number of next echo frame */ +static u_int32_t lcp_echo_timer_running = 0; /* TRUE if a timer is running */ -u_long lcp_echo_interval = 0; -u_long lcp_echo_fails = 0; +static u_char nak_buffer[PPP_MRU]; /* where we construct a nak packet */ /* * Callbacks for fsm code. (CI = Configuration Information) */ -static void lcp_resetci __ARGS((fsm *)); /* Reset our CI */ -static int lcp_cilen __ARGS((fsm *)); /* Return length of our CI */ -static void lcp_addci __ARGS((fsm *, u_char *, int *)); /* Add our CI to pkt */ -static int lcp_ackci __ARGS((fsm *, u_char *, int)); /* Peer ack'd our CI */ -static int lcp_nakci __ARGS((fsm *, u_char *, int)); /* Peer nak'd our CI */ -static int lcp_rejci __ARGS((fsm *, u_char *, int)); /* Peer rej'd our CI */ -static int lcp_reqci __ARGS((fsm *, u_char *, int *, int)); /* Rcv peer CI */ -static void lcp_up __ARGS((fsm *)); /* We're UP */ -static void lcp_down __ARGS((fsm *)); /* We're DOWN */ -static void lcp_starting __ARGS((fsm *)); /* We need lower layer up */ -static void lcp_finished __ARGS((fsm *)); /* We need lower layer down */ -static int lcp_extcode __ARGS((fsm *, int, int, u_char *, int)); -static void lcp_rprotrej __ARGS((fsm *, u_char *, int)); +static void lcp_resetci __P((fsm *)); /* Reset our CI */ +static int lcp_cilen __P((fsm *)); /* Return length of our CI */ +static void lcp_addci __P((fsm *, u_char *, int *)); /* Add our CI to pkt */ +static int lcp_ackci __P((fsm *, u_char *, int)); /* Peer ack'd our CI */ +static int lcp_nakci __P((fsm *, u_char *, int)); /* Peer nak'd our CI */ +static int lcp_rejci __P((fsm *, u_char *, int)); /* Peer rej'd our CI */ +static int lcp_reqci __P((fsm *, u_char *, int *, int)); /* Rcv peer CI */ +static void lcp_up __P((fsm *)); /* We're UP */ +static void lcp_down __P((fsm *)); /* We're DOWN */ +static void lcp_starting __P((fsm *)); /* We need lower layer up */ +static void lcp_finished __P((fsm *)); /* We need lower layer down */ +static int lcp_extcode __P((fsm *, int, int, u_char *, int)); +static void lcp_rprotrej __P((fsm *, u_char *, int)); /* * routines to send LCP echos to peer */ -static void lcp_echo_lowerup __ARGS((int)); -static void lcp_echo_lowerdown __ARGS((int)); -static void LcpEchoTimeout __ARGS((caddr_t)); -static void lcp_received_echo_reply __ARGS((fsm *, int, u_char *, int)); -static void LcpSendEchoRequest __ARGS((fsm *)); -static void LcpLinkFailure __ARGS((fsm *)); +static void lcp_echo_lowerup __P((int)); +static void lcp_echo_lowerdown __P((int)); +static void LcpEchoTimeout __P((caddr_t)); +static void lcp_received_echo_reply __P((fsm *, int, u_char *, int)); +static void LcpSendEchoRequest __P((fsm *)); +static void LcpLinkFailure __P((fsm *)); static fsm_callbacks lcp_callbacks = { /* LCP callback routines */ lcp_resetci, /* Reset our Configuration Information */ @@ -109,7 +101,36 @@ static fsm_callbacks lcp_callbacks = { /* LCP callback routines */ "LCP" /* String name of protocol */ }; -int lcp_warnloops = DEFWARNLOOPS; /* Warn about a loopback this often */ +/* + * Protocol entry points. + * Some of these are called directly. + */ + +static void lcp_init __P((int)); +static void lcp_input __P((int, u_char *, int)); +static void lcp_protrej __P((int)); +static int lcp_printpkt __P((u_char *, int, + void (*) __P((void *, char *, ...)), void *)); + +struct protent lcp_protent = { + PPP_LCP, + lcp_init, + lcp_input, + lcp_protrej, + lcp_lowerup, + lcp_lowerdown, + lcp_open, + lcp_close, + lcp_printpkt, + NULL, + 1, + "LCP", + NULL, + NULL, + NULL +}; + +int lcp_loopbackfail = DEFLOOPBACKFAIL; /* * Length of each type of configuration option (in octets) @@ -127,7 +148,7 @@ int lcp_warnloops = DEFWARNLOOPS; /* Warn about a loopback this often */ /* * lcp_init - Initialize LCP. */ -void +static void lcp_init(unit) int unit; { @@ -136,7 +157,7 @@ lcp_init(unit) lcp_options *ao = &lcp_allowoptions[unit]; f->unit = unit; - f->protocol = LCP; + f->protocol = PPP_LCP; f->callbacks = &lcp_callbacks; fsm_init(f); @@ -197,23 +218,25 @@ lcp_open(unit) * lcp_close - Take LCP down. */ void -lcp_close(unit) +lcp_close(unit, reason) int unit; + char *reason; { fsm *f = &lcp_fsm[unit]; + phase = PHASE_TERMINATE; if (f->state == STOPPED && f->flags & (OPT_PASSIVE|OPT_SILENT)) { /* * This action is not strictly according to the FSM in RFC1548, * but it does mean that the program terminates if you do a - * lcp_close(0) in passive/silent mode when a connection hasn't + * lcp_close() in passive/silent mode when a connection hasn't * been established. */ f->state = CLOSED; lcp_finished(f); } else - fsm_close(&lcp_fsm[unit]); + fsm_close(&lcp_fsm[unit], reason); } @@ -224,11 +247,18 @@ void lcp_lowerup(unit) int unit; { - sifdown(unit); + lcp_options *wo = &lcp_wantoptions[unit]; + + /* + * Don't use A/C or protocol compression on transmission, + * but accept A/C and protocol compressed packets + * if we are going to ask for A/C and protocol compression. + */ ppp_set_xaccm(unit, xmit_accm[unit]); - ppp_send_config(unit, MTU, 0xffffffff, 0, 0); - ppp_recv_config(unit, MTU, 0x00000000, 0, 0); - peer_mru[unit] = MTU; + ppp_send_config(unit, PPP_MRU, 0xffffffff, 0, 0); + ppp_recv_config(unit, PPP_MRU, 0x00000000, + wo->neg_pcompression, wo->neg_accompression); + peer_mru[unit] = PPP_MRU; lcp_allowoptions[unit].asyncmap = xmit_accm[unit][0]; fsm_lowerup(&lcp_fsm[unit]); @@ -249,13 +279,15 @@ lcp_lowerdown(unit) /* * lcp_input - Input LCP packet. */ -void +static void lcp_input(unit, p, len) int unit; u_char *p; int len; { - fsm_input(&lcp_fsm[unit], p, len); + fsm *f = &lcp_fsm[unit]; + + fsm_input(f, p, len); } @@ -282,8 +314,6 @@ lcp_extcode(f, code, id, inp, len) LCPDEBUG((LOG_INFO, "lcp: Echo-Request, Rcvd id %d", id)); magp = inp; PUTLONG(lcp_gotoptions[f->unit].magicnumber, magp); - if (len < CILEN_LONG) - len = CILEN_LONG; fsm_sdata(f, ECHOREP, id, inp, len); break; @@ -312,6 +342,8 @@ lcp_rprotrej(f, inp, len) u_char *inp; int len; { + int i; + struct protent *protp; u_short prot; LCPDEBUG((LOG_INFO, "lcp_rprotrej.")); @@ -338,7 +370,17 @@ lcp_rprotrej(f, inp, len) return; } - DEMUXPROTREJ(f->unit, prot); /* Inform protocol */ + /* + * Upcall the proper Protocol-Reject routine. + */ + for (i = 0; (protp = protocols[i]) != NULL; ++i) + if (protp->protocol == prot && protp->enabled_flag) { + (*protp->protrej)(f->unit); + return; + } + + syslog(LOG_WARNING, "Protocol-Reject for unsupported protocol 0x%x", + prot); } @@ -346,7 +388,7 @@ lcp_rprotrej(f, inp, len) * lcp_protrej - A Protocol-Reject was received. */ /*ARGSUSED*/ -void +static void lcp_protrej(unit) int unit; { @@ -384,13 +426,14 @@ lcp_sprotrej(unit, p, len) * lcp_resetci - Reset our CI. */ static void - lcp_resetci(f) -fsm *f; +lcp_resetci(f) + fsm *f; { lcp_wantoptions[f->unit].magicnumber = magic(); lcp_wantoptions[f->unit].numloops = 0; lcp_gotoptions[f->unit] = lcp_wantoptions[f->unit]; - peer_mru[f->unit] = MTU; + peer_mru[f->unit] = PPP_MRU; + auth_reset(f->unit); } @@ -403,17 +446,17 @@ lcp_cilen(f) { lcp_options *go = &lcp_gotoptions[f->unit]; -#define LENCIVOID(neg) (neg ? CILEN_VOID : 0) -#define LENCICHAP(neg) (neg ? CILEN_CHAP : 0) -#define LENCISHORT(neg) (neg ? CILEN_SHORT : 0) -#define LENCILONG(neg) (neg ? CILEN_LONG : 0) -#define LENCILQR(neg) (neg ? CILEN_LQR: 0) +#define LENCIVOID(neg) ((neg) ? CILEN_VOID : 0) +#define LENCICHAP(neg) ((neg) ? CILEN_CHAP : 0) +#define LENCISHORT(neg) ((neg) ? CILEN_SHORT : 0) +#define LENCILONG(neg) ((neg) ? CILEN_LONG : 0) +#define LENCILQR(neg) ((neg) ? CILEN_LQR: 0) /* * NB: we only ask for one of CHAP and UPAP, even if we will * accept either. */ - return (LENCISHORT(go->neg_mru) + - LENCILONG(go->neg_asyncmap) + + return (LENCISHORT(go->neg_mru && go->mru != DEFMRU) + + LENCILONG(go->neg_asyncmap && go->asyncmap != 0xFFFFFFFF) + LENCICHAP(go->neg_chap) + LENCISHORT(!go->neg_chap && go->neg_upap) + LENCILQR(go->neg_lqr) + @@ -463,14 +506,15 @@ lcp_addci(f, ucp, lenp) if (neg) { \ PUTCHAR(opt, ucp); \ PUTCHAR(CILEN_LQR, ucp); \ - PUTSHORT(LQR, ucp); \ + PUTSHORT(PPP_LQR, ucp); \ PUTLONG(val, ucp); \ } - ADDCISHORT(CI_MRU, go->neg_mru, go->mru); - ADDCILONG(CI_ASYNCMAP, go->neg_asyncmap, go->asyncmap); - ADDCICHAP(CI_AUTHTYPE, go->neg_chap, CHAP, go->chap_mdtype); - ADDCISHORT(CI_AUTHTYPE, !go->neg_chap && go->neg_upap, UPAP); + ADDCISHORT(CI_MRU, go->neg_mru && go->mru != DEFMRU, go->mru); + ADDCILONG(CI_ASYNCMAP, go->neg_asyncmap && go->asyncmap != 0xFFFFFFFF, + go->asyncmap); + ADDCICHAP(CI_AUTHTYPE, go->neg_chap, PPP_CHAP, go->chap_mdtype); + ADDCISHORT(CI_AUTHTYPE, !go->neg_chap && go->neg_upap, PPP_PAP); ADDCILQR(CI_QUALITY, go->neg_lqr, go->lqr_period); ADDCILONG(CI_MAGICNUMBER, go->neg_magicnumber, go->magicnumber); ADDCIVOID(CI_PCOMPRESSION, go->neg_pcompression); @@ -500,7 +544,7 @@ lcp_ackci(f, p, len) lcp_options *go = &lcp_gotoptions[f->unit]; u_char cilen, citype, cichar; u_short cishort; - u_long cilong; + u_int32_t cilong; /* * CIs must be in exactly the same order that we sent. @@ -569,17 +613,18 @@ lcp_ackci(f, p, len) citype != opt) \ goto bad; \ GETSHORT(cishort, p); \ - if (cishort != LQR) \ + if (cishort != PPP_LQR) \ goto bad; \ GETLONG(cilong, p); \ if (cilong != val) \ goto bad; \ } - ACKCISHORT(CI_MRU, go->neg_mru, go->mru); - ACKCILONG(CI_ASYNCMAP, go->neg_asyncmap, go->asyncmap); - ACKCICHAP(CI_AUTHTYPE, go->neg_chap, CHAP, go->chap_mdtype); - ACKCISHORT(CI_AUTHTYPE, !go->neg_chap && go->neg_upap, UPAP); + ACKCISHORT(CI_MRU, go->neg_mru && go->mru != DEFMRU, go->mru); + ACKCILONG(CI_ASYNCMAP, go->neg_asyncmap && go->asyncmap != 0xFFFFFFFF, + go->asyncmap); + ACKCICHAP(CI_AUTHTYPE, go->neg_chap, PPP_CHAP, go->chap_mdtype); + ACKCISHORT(CI_AUTHTYPE, !go->neg_chap && go->neg_upap, PPP_PAP); ACKCILQR(CI_QUALITY, go->neg_lqr, go->lqr_period); ACKCILONG(CI_MAGICNUMBER, go->neg_magicnumber, go->magicnumber); ACKCIVOID(CI_PCOMPRESSION, go->neg_pcompression); @@ -614,12 +659,13 @@ lcp_nakci(f, p, len) { lcp_options *go = &lcp_gotoptions[f->unit]; lcp_options *wo = &lcp_wantoptions[f->unit]; - u_char cilen, citype, cichar, *next; + u_char citype, cichar, *next; u_short cishort; - u_long cilong; + u_int32_t cilong; lcp_options no; /* options we've seen Naks for */ lcp_options try; /* options to request next time */ int looped_back = 0; + int cilen; BZERO(&no, sizeof(no)); try = *go; @@ -693,53 +739,101 @@ lcp_nakci(f, p, len) * If they send us a bigger MRU than what we asked, accept it, up to * the limit of the default MRU we'd get if we didn't negotiate. */ - NAKCISHORT(CI_MRU, neg_mru, - if (cishort <= wo->mru || cishort < DEFMRU) - try.mru = cishort; - ); + if (go->neg_mru && go->mru != DEFMRU) { + NAKCISHORT(CI_MRU, neg_mru, + if (cishort <= wo->mru || cishort < DEFMRU) + try.mru = cishort; + ); + } + /* * Add any characters they want to our (receive-side) asyncmap. */ - NAKCILONG(CI_ASYNCMAP, neg_asyncmap, - try.asyncmap = go->asyncmap | cilong; - ); - /* - * If they can't cope with our CHAP hash algorithm, we'll have - * to stop asking for CHAP. We haven't got any other algorithm. - */ - NAKCICHAP(CI_AUTHTYPE, neg_chap, - try.neg_chap = 0; - ); + if (go->neg_asyncmap && go->asyncmap != 0xFFFFFFFF) { + NAKCILONG(CI_ASYNCMAP, neg_asyncmap, + try.asyncmap = go->asyncmap | cilong; + ); + } + /* - * Peer shouldn't send Nak for UPAP, protocol compression or - * address/control compression requests; they should send - * a Reject instead. If they send a Nak, treat it as a Reject. + * If they've nak'd our authentication-protocol, check whether + * they are proposing a different protocol, or a different + * hash algorithm for CHAP. */ - if (!go->neg_chap ){ - NAKCISHORT(CI_AUTHTYPE, neg_upap, - try.neg_upap = 0; - ); + if ((go->neg_chap || go->neg_upap) + && len >= CILEN_SHORT + && p[0] == CI_AUTHTYPE && p[1] >= CILEN_SHORT && p[1] <= len) { + cilen = p[1]; + len -= cilen; + no.neg_chap = go->neg_chap; + no.neg_upap = go->neg_upap; + INCPTR(2, p); + GETSHORT(cishort, p); + if (cishort == PPP_PAP && cilen == CILEN_SHORT) { + /* + * If we were asking for CHAP, they obviously don't want to do it. + * If we weren't asking for CHAP, then we were asking for PAP, + * in which case this Nak is bad. + */ + if (!go->neg_chap) + goto bad; + try.neg_chap = 0; + + } else if (cishort == PPP_CHAP && cilen == CILEN_CHAP) { + GETCHAR(cichar, p); + if (go->neg_chap) { + /* + * We were asking for CHAP/MD5; they must want a different + * algorithm. If they can't do MD5, we'll have to stop + * asking for CHAP. + */ + if (cichar != go->chap_mdtype) + try.neg_chap = 0; + } else { + /* + * Stop asking for PAP if we were asking for it. + */ + try.neg_upap = 0; + } + + } else { + /* + * We don't recognize what they're suggesting. + * Stop asking for what we were asking for. + */ + if (go->neg_chap) + try.neg_chap = 0; + else + try.neg_upap = 0; + p += cilen - CILEN_SHORT; + } } + /* * If they can't cope with our link quality protocol, we'll have * to stop asking for LQR. We haven't got any other protocol. * If they Nak the reporting period, take their value XXX ? */ NAKCILQR(CI_QUALITY, neg_lqr, - if (cishort != LQR) + if (cishort != PPP_LQR) try.neg_lqr = 0; else try.lqr_period = cilong; ); + /* * Check for a looped-back line. */ NAKCILONG(CI_MAGICNUMBER, neg_magicnumber, try.magicnumber = magic(); - ++try.numloops; looped_back = 1; ); + /* + * Peer shouldn't send Nak for protocol compression or + * address/control compression requests; they should send + * a Reject instead. If they send a Nak, treat it as a Reject. + */ NAKCIVOID(CI_PCOMPRESSION, neg_pcompression, try.neg_pcompression = 0; ); @@ -760,21 +854,28 @@ lcp_nakci(f, p, len) * `let me authenticate myself with you' which is a bit pointless. * For the quality protocol, the Nak means `ask me to send you quality * reports', but if we didn't ask for them, we don't want them. + * An option we don't recognize represents the peer asking to + * negotiate some option we don't support, so ignore it. */ while (len > CILEN_VOID) { GETCHAR(citype, p); GETCHAR(cilen, p); - if( (len -= cilen) < 0 ) + if (cilen < CILEN_VOID || (len -= cilen) < 0) goto bad; next = p + cilen - 2; switch (citype) { case CI_MRU: - if (go->neg_mru || no.neg_mru || cilen != CILEN_SHORT) + if (go->neg_mru && go->mru != DEFMRU + || no.neg_mru || cilen != CILEN_SHORT) goto bad; + GETSHORT(cishort, p); + if (cishort < DEFMRU) + try.mru = cishort; break; case CI_ASYNCMAP: - if (go->neg_asyncmap || no.neg_asyncmap || cilen != CILEN_LONG) + if (go->neg_asyncmap && go->asyncmap != 0xFFFFFFFF + || no.neg_asyncmap || cilen != CILEN_LONG) goto bad; break; case CI_AUTHTYPE: @@ -800,8 +901,6 @@ lcp_nakci(f, p, len) if (go->neg_lqr || no.neg_lqr || cilen != CILEN_LQR) goto bad; break; - default: - goto bad; } p = next; } @@ -814,9 +913,14 @@ lcp_nakci(f, p, len) * OK, the Nak is good. Now we can update state. */ if (f->state != OPENED) { + if (looped_back) { + if (++try.numloops >= lcp_loopbackfail) { + syslog(LOG_NOTICE, "Serial line is looped back."); + lcp_close(f->unit, "Loopback detected"); + } + } else + try.numloops = 0; *go = try; - if (looped_back && try.numloops % lcp_warnloops == 0) - syslog(LOG_WARNING, "Serial line appears to be looped back."); } return 1; @@ -845,9 +949,7 @@ lcp_rejci(f, p, len) lcp_options *go = &lcp_gotoptions[f->unit]; u_char cichar; u_short cishort; - u_long cilong; - u_char *start = p; - int plen = len; + u_int32_t cilong; lcp_options try; /* options to request next time */ try = *go; @@ -894,6 +996,7 @@ lcp_rejci(f, p, len) if (cishort != val || cichar != digest) \ goto bad; \ try.neg = 0; \ + try.neg_upap = 0; \ LCPDEBUG((LOG_INFO,"lcp_rejci rejected chap opt %d", opt)); \ } #define REJCILONG(opt, neg, val) \ @@ -920,7 +1023,7 @@ lcp_rejci(f, p, len) GETSHORT(cishort, p); \ GETLONG(cilong, p); \ /* Check rejected value. */ \ - if (cishort != LQR || cilong != val) \ + if (cishort != PPP_LQR || cilong != val) \ goto bad; \ try.neg = 0; \ LCPDEBUG((LOG_INFO,"lcp_rejci rejected LQR opt %d", opt)); \ @@ -928,9 +1031,9 @@ lcp_rejci(f, p, len) REJCISHORT(CI_MRU, neg_mru, go->mru); REJCILONG(CI_ASYNCMAP, neg_asyncmap, go->asyncmap); - REJCICHAP(CI_AUTHTYPE, neg_chap, CHAP, go->chap_mdtype); + REJCICHAP(CI_AUTHTYPE, neg_chap, PPP_CHAP, go->chap_mdtype); if (!go->neg_chap) { - REJCISHORT(CI_AUTHTYPE, neg_upap, UPAP); + REJCISHORT(CI_AUTHTYPE, neg_upap, PPP_PAP); } REJCILQR(CI_QUALITY, neg_lqr, go->lqr_period); REJCILONG(CI_MAGICNUMBER, neg_magicnumber, go->magicnumber); @@ -951,8 +1054,6 @@ lcp_rejci(f, p, len) bad: LCPDEBUG((LOG_WARNING, "lcp_rejci: received bad Reject!")); - LCPDEBUG((LOG_WARNING, "lcp_rejci: plen %d len %d off %d", - plen, len, p - start)); return 0; } @@ -975,13 +1076,14 @@ lcp_reqci(f, inp, lenp, reject_if_disagree) lcp_options *ho = &lcp_hisoptions[f->unit]; lcp_options *ao = &lcp_allowoptions[f->unit]; u_char *cip, *next; /* Pointer to current and next CIs */ - u_char cilen, citype, cichar;/* Parsed len, type, char value */ + int cilen, citype, cichar; /* Parsed len, type, char value */ u_short cishort; /* Parsed short value */ - u_long cilong; /* Parse long value */ + u_int32_t cilong; /* Parse long value */ int rc = CONFACK; /* Final packet return code */ int orc; /* Individual option return code */ u_char *p; /* Pointer to next char to parse */ - u_char *ucp = inp; /* Pointer to current output char */ + u_char *rejp; /* Pointer to next char in reject frame */ + u_char *nakp; /* Pointer to next char in Nak frame */ int l = *lenp; /* Length left */ /* @@ -993,6 +1095,8 @@ lcp_reqci(f, inp, lenp, reject_if_disagree) * Process all his options. */ next = inp; + nakp = nak_buffer; + rejp = inp; while (l) { orc = CONFACK; /* Assume success */ cip = p = next; /* Remember begining of CI */ @@ -1003,6 +1107,7 @@ lcp_reqci(f, inp, lenp, reject_if_disagree) orc = CONFREJ; /* Reject bad CI */ cilen = l; /* Reject till end of packet */ l = 0; /* Don't loop again */ + citype = 0; goto endswitch; } GETCHAR(citype, p); /* Parse CI type */ @@ -1028,10 +1133,9 @@ lcp_reqci(f, inp, lenp, reject_if_disagree) */ if (cishort < MINMRU) { orc = CONFNAK; /* Nak CI */ - if( !reject_if_disagree ){ - DECPTR(sizeof (short), p); /* Backup */ - PUTSHORT(MINMRU, p); /* Give him a hint */ - } + PUTCHAR(CI_MRU, nakp); + PUTCHAR(CILEN_SHORT, nakp); + PUTSHORT(MINMRU, nakp); /* Give him a hint */ break; } ho->neg_mru = 1; /* Remember he sent MRU */ @@ -1046,7 +1150,7 @@ lcp_reqci(f, inp, lenp, reject_if_disagree) break; } GETLONG(cilong, p); - LCPDEBUG((LOG_INFO, "(%lx)", cilong)); + LCPDEBUG((LOG_INFO, "(%x)", (unsigned int) cilong)); /* * Asyncmap must have set at least the bits @@ -1054,10 +1158,9 @@ lcp_reqci(f, inp, lenp, reject_if_disagree) */ if ((ao->asyncmap & ~cilong) != 0) { orc = CONFNAK; - if( !reject_if_disagree ){ - DECPTR(sizeof (long), p); - PUTLONG(ao->asyncmap | cilong, p); - } + PUTCHAR(CI_ASYNCMAP, nakp); + PUTCHAR(CILEN_LONG, nakp); + PUTLONG(ao->asyncmap | cilong, nakp); break; } ho->neg_asyncmap = 1; @@ -1068,6 +1171,9 @@ lcp_reqci(f, inp, lenp, reject_if_disagree) LCPDEBUG((LOG_INFO, "lcp_reqci: rcvd AUTHTYPE")); if (cilen < CILEN_SHORT || !(ao->neg_upap || ao->neg_chap)) { + /* + * Reject the option if we're not willing to authenticate. + */ orc = CONFREJ; break; } @@ -1085,34 +1191,51 @@ lcp_reqci(f, inp, lenp, reject_if_disagree) * the ordering of the CIs in the peer's Configure-Request. */ - if (cishort == UPAP) { - if (!ao->neg_upap || /* we don't want to do PAP */ - ho->neg_chap || /* or we've already accepted CHAP */ + if (cishort == PPP_PAP) { + if (ho->neg_chap || /* we've already accepted CHAP */ cilen != CILEN_SHORT) { LCPDEBUG((LOG_WARNING, "lcp_reqci: rcvd AUTHTYPE PAP, rejecting...")); orc = CONFREJ; break; } + if (!ao->neg_upap) { /* we don't want to do PAP */ + orc = CONFNAK; /* NAK it and suggest CHAP */ + PUTCHAR(CI_AUTHTYPE, nakp); + PUTCHAR(CILEN_CHAP, nakp); + PUTSHORT(PPP_CHAP, nakp); + PUTCHAR(ao->chap_mdtype, nakp); + break; + } ho->neg_upap = 1; break; } - if (cishort == CHAP) { - if (!ao->neg_chap || /* we don't want to do CHAP */ - ho->neg_upap || /* or we've already accepted UPAP */ + if (cishort == PPP_CHAP) { + if (ho->neg_upap || /* we've already accepted PAP */ cilen != CILEN_CHAP) { LCPDEBUG((LOG_INFO, "lcp_reqci: rcvd AUTHTYPE CHAP, rejecting...")); orc = CONFREJ; break; } + if (!ao->neg_chap) { /* we don't want to do CHAP */ + orc = CONFNAK; /* NAK it and suggest PAP */ + PUTCHAR(CI_AUTHTYPE, nakp); + PUTCHAR(CILEN_SHORT, nakp); + PUTSHORT(PPP_PAP, nakp); + break; + } GETCHAR(cichar, p); /* get digest type*/ - if (cichar != ao->chap_mdtype) { + if (cichar != CHAP_DIGEST_MD5 +#ifdef CHAPMS + && cichar != CHAP_MICROSOFT +#endif + ) { orc = CONFNAK; - if( !reject_if_disagree ){ - DECPTR(sizeof (u_char), p); - PUTCHAR(ao->chap_mdtype, p); - } + PUTCHAR(CI_AUTHTYPE, nakp); + PUTCHAR(CILEN_CHAP, nakp); + PUTSHORT(PPP_CHAP, nakp); + PUTCHAR(ao->chap_mdtype, nakp); break; } ho->chap_mdtype = cichar; /* save md type */ @@ -1122,9 +1245,19 @@ lcp_reqci(f, inp, lenp, reject_if_disagree) /* * We don't recognize the protocol they're asking for. - * Reject it. + * Nak it with something we're willing to do. + * (At this point we know ao->neg_upap || ao->neg_chap.) */ - orc = CONFREJ; + orc = CONFNAK; + PUTCHAR(CI_AUTHTYPE, nakp); + if (ao->neg_chap) { + PUTCHAR(CILEN_CHAP, nakp); + PUTSHORT(PPP_CHAP, nakp); + PUTCHAR(ao->chap_mdtype, nakp); + } else { + PUTCHAR(CILEN_SHORT, nakp); + PUTSHORT(PPP_PAP, nakp); + } break; case CI_QUALITY: @@ -1137,16 +1270,20 @@ lcp_reqci(f, inp, lenp, reject_if_disagree) GETSHORT(cishort, p); GETLONG(cilong, p); - LCPDEBUG((LOG_INFO, "(%x %lx)", cishort, cilong)); - if (cishort != LQR) { - orc = CONFREJ; - break; - } + LCPDEBUG((LOG_INFO, "(%x %x)", cishort, (unsigned int) cilong)); /* - * Check the reporting period. + * Check the protocol and the reporting period. * XXX When should we Nak this, and what with? */ + if (cishort != PPP_LQR) { + orc = CONFNAK; + PUTCHAR(CI_QUALITY, nakp); + PUTCHAR(CILEN_LQR, nakp); + PUTSHORT(PPP_LQR, nakp); + PUTLONG(ao->lqr_period, nakp); + break; + } break; case CI_MAGICNUMBER: @@ -1157,17 +1294,18 @@ lcp_reqci(f, inp, lenp, reject_if_disagree) break; } GETLONG(cilong, p); - LCPDEBUG((LOG_INFO, "(%lx)", cilong)); + LCPDEBUG((LOG_INFO, "(%x)", (unsigned int) cilong)); /* * He must have a different magic number. */ if (go->neg_magicnumber && cilong == go->magicnumber) { - orc = CONFNAK; - DECPTR(sizeof (long), p); cilong = magic(); /* Don't put magic() inside macro! */ - PUTLONG(cilong, p); + orc = CONFNAK; + PUTCHAR(CI_MAGICNUMBER, nakp); + PUTCHAR(CILEN_LONG, nakp); + PUTLONG(cilong, nakp); break; } ho->neg_magicnumber = 1; @@ -1209,35 +1347,46 @@ endswitch: continue; /* Don't send this one */ if (orc == CONFNAK) { /* Nak this CI? */ - if (reject_if_disagree) /* Getting fed up with sending NAKs? */ + if (reject_if_disagree /* Getting fed up with sending NAKs? */ + && citype != CI_MAGICNUMBER) { orc = CONFREJ; /* Get tough if so */ - else { + } else { if (rc == CONFREJ) /* Rejecting prior CI? */ continue; /* Don't send this one */ - if (rc == CONFACK) { /* Ack'd all prior CIs? */ - rc = CONFNAK; /* Not anymore... */ - ucp = inp; /* Backup */ - } + rc = CONFNAK; } } - if (orc == CONFREJ && /* Reject this CI */ - rc != CONFREJ) { /* but no prior ones? */ + if (orc == CONFREJ) { /* Reject this CI */ rc = CONFREJ; - ucp = inp; /* Backup */ + if (cip != rejp) /* Need to move rejected CI? */ + BCOPY(cip, rejp, cilen); /* Move it */ + INCPTR(cilen, rejp); /* Update output pointer */ } - if (ucp != cip) /* Need to move CI? */ - BCOPY(cip, ucp, cilen); /* Move it */ - INCPTR(cilen, ucp); /* Update output pointer */ } /* * If we wanted to send additional NAKs (for unsent CIs), the - * code would go here. This must be done with care since it might - * require a longer packet than we received. At present there - * are no cases where we want to ask the peer to negotiate an option. + * code would go here. The extra NAKs would go at *nakp. + * At present there are no cases where we want to ask the + * peer to negotiate an option. */ - *lenp = ucp - inp; /* Compute output length */ + switch (rc) { + case CONFACK: + *lenp = next - inp; + break; + case CONFNAK: + /* + * Copy the Nak'd options from the nak_buffer to the caller's buffer. + */ + *lenp = nakp - nak_buffer; + BCOPY(nak_buffer, inp, *lenp); + break; + case CONFREJ: + *lenp = rejp - inp; + break; + } + LCPDEBUG((LOG_INFO, "lcp_reqci: returning CONF%s.", CODENAME(rc))); return (rc); /* Return final code */ } @@ -1245,8 +1394,6 @@ endswitch: /* * lcp_up - LCP has come UP. - * - * Start UPAP, IPCP, etc. */ static void lcp_up(f) @@ -1268,7 +1415,7 @@ lcp_up(f) * set our MRU to the larger of value we wanted and * the value we got in the negotiation. */ - ppp_send_config(f->unit, MIN(ao->mru, (ho->neg_mru? ho->mru: MTU)), + ppp_send_config(f->unit, MIN(ao->mru, (ho->neg_mru? ho->mru: PPP_MRU)), (ho->neg_asyncmap? ho->asyncmap: 0xffffffff), ho->neg_pcompression, ho->neg_accompression); /* @@ -1276,16 +1423,13 @@ lcp_up(f) * set the receive asyncmap to ffffffff, but we set it to 0 * for backwards contemptibility. */ - ppp_recv_config(f->unit, (go->neg_mru? MAX(wo->mru, go->mru): MTU), + ppp_recv_config(f->unit, (go->neg_mru? MAX(wo->mru, go->mru): PPP_MRU), (go->neg_asyncmap? go->asyncmap: 0x00000000), go->neg_pcompression, go->neg_accompression); if (ho->neg_mru) peer_mru[f->unit] = ho->mru; - ChapLowerUp(f->unit); /* Enable CHAP */ - upap_lowerup(f->unit); /* Enable UPAP */ - ipcp_lowerup(f->unit); /* Enable IPCP */ lcp_echo_lowerup(f->unit); /* Enable echo messages */ link_established(f->unit); @@ -1301,17 +1445,17 @@ static void lcp_down(f) fsm *f; { - lcp_echo_lowerdown(f->unit); - ipcp_lowerdown(f->unit); - ChapLowerDown(f->unit); - upap_lowerdown(f->unit); + lcp_options *go = &lcp_gotoptions[f->unit]; - sifdown(f->unit); - ppp_send_config(f->unit, MTU, 0xffffffff, 0, 0); - ppp_recv_config(f->unit, MTU, 0x00000000, 0, 0); - peer_mru[f->unit] = MTU; + lcp_echo_lowerdown(f->unit); link_down(f->unit); + + ppp_send_config(f->unit, PPP_MRU, 0xffffffff, 0, 0); + ppp_recv_config(f->unit, PPP_MRU, + (go->neg_asyncmap? go->asyncmap: 0x00000000), + go->neg_pcompression, go->neg_accompression); + peer_mru[f->unit] = PPP_MRU; } @@ -1340,23 +1484,24 @@ lcp_finished(f) /* * lcp_printpkt - print the contents of an LCP packet. */ -char *lcp_codenames[] = { +static char *lcp_codenames[] = { "ConfReq", "ConfAck", "ConfNak", "ConfRej", "TermReq", "TermAck", "CodeRej", "ProtRej", "EchoReq", "EchoRep", "DiscReq" }; -int +static int lcp_printpkt(p, plen, printer, arg) u_char *p; int plen; - void (*printer) __ARGS((void *, char *, ...)); + void (*printer) __P((void *, char *, ...)); void *arg; { int code, id, len, olen; u_char *pstart, *optend; u_short cishort; - u_long cilong; + u_int32_t cilong; + int fascii; if (plen < HEADERLEN) return 0; @@ -1410,10 +1555,10 @@ lcp_printpkt(p, plen, printer, arg) printer(arg, "auth "); GETSHORT(cishort, p); switch (cishort) { - case UPAP: - printer(arg, "upap"); + case PPP_PAP: + printer(arg, "pap"); break; - case CHAP: + case PPP_CHAP: printer(arg, "chap"); break; default: @@ -1427,7 +1572,7 @@ lcp_printpkt(p, plen, printer, arg) printer(arg, "quality "); GETSHORT(cishort, p); switch (cishort) { - case LQR: + case PPP_LQR: printer(arg, "lqr"); break; default: @@ -1462,6 +1607,27 @@ lcp_printpkt(p, plen, printer, arg) printer(arg, ">"); } break; + + case TERMACK: + case TERMREQ: + if (len > 0 && *p >= ' ' && *p < 0x7f) { + printer(arg, " "); + print_string(p, len, printer, arg); + p += len; + len = 0; + } + break; + + case ECHOREQ: + case ECHOREP: + case DISCREQ: + if (len >= 4) { + GETLONG(cilong, p); + printer(arg, " magic=0x%x", cilong); + p += 4; + len -= 4; + } + break; } /* print the rest of the bytes in the packet */ @@ -1482,8 +1648,9 @@ void LcpLinkFailure (f) fsm *f; { if (f->state == OPENED) { - syslog (LOG_NOTICE, "Excessive lack of response to LCP echo frames."); - lcp_lowerdown(f->unit); /* Reset connection */ + syslog(LOG_INFO, "No response to %d echo-requests", lcp_echos_pending); + syslog(LOG_NOTICE, "Serial link appears to be disconnected."); + lcp_close(f->unit, "Peer not responding"); } } @@ -1495,43 +1662,13 @@ static void LcpEchoCheck (f) fsm *f; { - u_long delta; -#ifdef __linux__ - struct ppp_ddinfo ddinfo; - u_long latest; -/* - * Read the time since the last packet was received. - */ - if (ioctl (fd, PPPIOCGTIME, &ddinfo) < 0) { - syslog (LOG_ERR, "ioctl(PPPIOCGTIME): %m"); - die (1); - } -/* - * Choose the most recient frame received. It may be an IP or NON-IP frame. - */ - latest = ddinfo.nip_rjiffies < ddinfo.ip_rjiffies ? ddinfo.nip_rjiffies - : ddinfo.ip_rjiffies; -/* - * Compute the time since the last packet was received. If the timer - * has expired then send the echo request and reset the timer to maximum. - */ - delta = (lcp_echo_interval * HZ) - latest; - if (delta < HZ || latest < 0L) { - LcpSendEchoRequest (f); - delta = lcp_echo_interval * HZ; - } - delta /= HZ; - -#else /* Other implementations do not have ability to find delta */ LcpSendEchoRequest (f); - delta = lcp_echo_interval; -#endif -/* - * Start the timer for the next interval. - */ + /* + * Start the timer for the next interval. + */ assert (lcp_echo_timer_running==0); - TIMEOUT (LcpEchoTimeout, (caddr_t) f, delta); + TIMEOUT (LcpEchoTimeout, (caddr_t) f, lcp_echo_interval); lcp_echo_timer_running = 1; } @@ -1558,15 +1695,19 @@ lcp_received_echo_reply (f, id, inp, len) fsm *f; int id; u_char *inp; int len; { - u_long magic; + u_int32_t magic; /* Check the magic number - don't count replies from ourselves. */ - if (len < CILEN_LONG) + if (len < 4) { + syslog(LOG_DEBUG, "lcp: received short Echo-Reply, length %d", len); return; + } GETLONG(magic, inp); if (lcp_gotoptions[f->unit].neg_magicnumber - && magic == lcp_gotoptions[f->unit].magicnumber) + && magic == lcp_gotoptions[f->unit].magicnumber) { + syslog(LOG_WARNING, "appear to have received our own echo-reply!"); return; + } /* Reset the number of outstanding echo frames */ lcp_echos_pending = 0; @@ -1580,30 +1721,27 @@ static void LcpSendEchoRequest (f) fsm *f; { - u_long lcp_magic; + u_int32_t lcp_magic; u_char pkt[4], *pktp; -/* - * Detect the failure of the peer at this point. - */ + /* + * Detect the failure of the peer at this point. + */ if (lcp_echo_fails != 0) { if (lcp_echos_pending++ >= lcp_echo_fails) { LcpLinkFailure(f); lcp_echos_pending = 0; } } -/* - * Make and send the echo request frame. - */ + + /* + * Make and send the echo request frame. + */ if (f->state == OPENED) { - lcp_magic = lcp_gotoptions[f->unit].neg_magicnumber - ? lcp_gotoptions[f->unit].magicnumber - : 0L; + lcp_magic = lcp_gotoptions[f->unit].magicnumber; pktp = pkt; PUTLONG(lcp_magic, pktp); - - fsm_sdata(f, ECHOREQ, - lcp_echo_number++ & 0xFF, pkt, pktp - pkt); + fsm_sdata(f, ECHOREQ, lcp_echo_number++ & 0xFF, pkt, pktp - pkt); } }