/*
* lcp.c - PPP Link Control Protocol.
*
- * Copyright (c) 1989 Carnegie Mellon University.
- * All rights reserved.
+ * Copyright (c) 1984-2000 Carnegie Mellon University. All rights reserved.
*
- * Redistribution and use in source and binary forms are permitted
- * provided that the above copyright notice and this paragraph are
- * duplicated in all such forms and that any documentation,
- * advertising materials, and other materials related to such
- * distribution and use acknowledge that the software was developed
- * by Carnegie Mellon University. The name of the
- * University may not be used to endorse or promote products derived
- * from this software without specific prior written permission.
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. The name "Carnegie Mellon University" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For permission or any legal
+ * details, please contact
+ * Office of Technology Transfer
+ * Carnegie Mellon University
+ * 5000 Forbes Avenue
+ * Pittsburgh, PA 15213-3890
+ * (412) 268-4387, fax: (412) 268-7395
+ * tech-transfer@andrew.cmu.edu
+ *
+ * 4. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by Computing Services
+ * at Carnegie Mellon University (http://www.cmu.edu/computing/)."
+ *
+ * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
+ * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
+ * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
+ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#ifndef lint
-static char rcsid[] = "$Id: lcp.c,v 1.38 1999/04/16 11:35:43 paulus Exp $";
+#ifdef HAVE_CONFIG_H
+#include "config.h"
#endif
-/*
- * TODO:
- */
-
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "pppd.h"
#include "fsm.h"
#include "lcp.h"
-#include "chap.h"
+#include "chap-new.h"
#include "magic.h"
+
+/*
+ * When the link comes up we want to be able to wait for a short while,
+ * or until seeing some input from the peer, before starting to send
+ * configure-requests. We do this by delaying the fsm_lowerup call.
+ */
+/* steal a bit in fsm flags word */
+#define DELAYED_UP 0x100
+
+static void lcp_delayed_up(void *);
+
/*
* LCP-related command-line options.
*/
int lcp_echo_interval = 0; /* Interval between LCP echo-requests */
int lcp_echo_fails = 0; /* Tolerance to unanswered echo-requests */
+bool lcp_echo_adaptive = 0; /* request echo only if the link was idle */
bool lax_recv = 0; /* accept control chars in asyncmap */
+bool noendpoint = 0; /* don't send/accept endpoint discriminator */
+
+static int noopt(char **);
-static int setescape __P((char **));
+#ifdef HAVE_MULTILINK
+static int setendpoint(char **);
+static void printendpoint(option_t *, void (*)(void *, char *, ...), void *);
+#endif /* HAVE_MULTILINK */
static option_t lcp_option_list[] = {
/* LCP options */
+ { "-all", o_special_noarg, (void *)noopt,
+ "Don't request/allow any LCP options" },
+
{ "noaccomp", o_bool, &lcp_wantoptions[0].neg_accompression,
"Disable address/control compression",
- OPT_A2COPY, &lcp_allowoptions[0].neg_accompression },
+ OPT_A2CLR, &lcp_allowoptions[0].neg_accompression },
{ "-ac", o_bool, &lcp_wantoptions[0].neg_accompression,
"Disable address/control compression",
- OPT_A2COPY, &lcp_allowoptions[0].neg_accompression },
- { "default-asyncmap", o_bool, &lcp_wantoptions[0].neg_asyncmap,
- "Disable asyncmap negotiation",
- OPT_A2COPY, &lcp_allowoptions[0].neg_asyncmap },
- { "-am", o_bool, &lcp_wantoptions[0].neg_asyncmap,
- "Disable asyncmap negotiation",
- OPT_A2COPY, &lcp_allowoptions[0].neg_asyncmap },
+ OPT_ALIAS | OPT_A2CLR, &lcp_allowoptions[0].neg_accompression },
+
{ "asyncmap", o_uint32, &lcp_wantoptions[0].asyncmap,
"Set asyncmap (for received packets)",
OPT_OR, &lcp_wantoptions[0].neg_asyncmap },
{ "-as", o_uint32, &lcp_wantoptions[0].asyncmap,
"Set asyncmap (for received packets)",
- OPT_OR, &lcp_wantoptions[0].neg_asyncmap },
- { "nomagicnumber", o_bool, &lcp_wantoptions[0].neg_magicnumber,
+ OPT_ALIAS | OPT_OR, &lcp_wantoptions[0].neg_asyncmap },
+ { "default-asyncmap", o_uint32, &lcp_wantoptions[0].asyncmap,
+ "Disable asyncmap negotiation",
+ OPT_OR | OPT_NOARG | OPT_VAL(~0U) | OPT_A2CLR,
+ &lcp_allowoptions[0].neg_asyncmap },
+ { "-am", o_uint32, &lcp_wantoptions[0].asyncmap,
+ "Disable asyncmap negotiation",
+ OPT_ALIAS | OPT_OR | OPT_NOARG | OPT_VAL(~0U) | OPT_A2CLR,
+ &lcp_allowoptions[0].neg_asyncmap },
+
+ { "nomagic", o_bool, &lcp_wantoptions[0].neg_magicnumber,
"Disable magic number negotiation (looped-back line detection)",
- OPT_A2COPY, &lcp_allowoptions[0].neg_magicnumber },
+ OPT_A2CLR, &lcp_allowoptions[0].neg_magicnumber },
{ "-mn", o_bool, &lcp_wantoptions[0].neg_magicnumber,
"Disable magic number negotiation (looped-back line detection)",
- OPT_A2COPY, &lcp_allowoptions[0].neg_magicnumber },
+ OPT_ALIAS | OPT_A2CLR, &lcp_allowoptions[0].neg_magicnumber },
+
+ { "mru", o_int, &lcp_wantoptions[0].mru,
+ "Set MRU (maximum received packet size) for negotiation",
+ OPT_PRIO, &lcp_wantoptions[0].neg_mru },
{ "default-mru", o_bool, &lcp_wantoptions[0].neg_mru,
"Disable MRU negotiation (use default 1500)",
- OPT_A2COPY, &lcp_allowoptions[0].neg_mru },
+ OPT_PRIOSUB | OPT_A2CLR, &lcp_allowoptions[0].neg_mru },
{ "-mru", o_bool, &lcp_wantoptions[0].neg_mru,
"Disable MRU negotiation (use default 1500)",
- OPT_A2COPY, &lcp_allowoptions[0].neg_mru },
- { "mru", o_int, &lcp_wantoptions[0].mru,
- "Set MRU (maximum received packet size) for negotiation",
- 0, &lcp_wantoptions[0].neg_mru },
+ OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, &lcp_allowoptions[0].neg_mru },
+
+ { "mtu", o_int, &lcp_allowoptions[0].mru,
+ "Set our MTU", OPT_LIMITS, NULL, MAXMRU, MINMRU },
+
{ "nopcomp", o_bool, &lcp_wantoptions[0].neg_pcompression,
"Disable protocol field compression",
- OPT_A2COPY, &lcp_allowoptions[0].neg_pcompression },
+ OPT_A2CLR, &lcp_allowoptions[0].neg_pcompression },
{ "-pc", o_bool, &lcp_wantoptions[0].neg_pcompression,
"Disable protocol field compression",
- OPT_A2COPY, &lcp_allowoptions[0].neg_pcompression },
- { "-p", o_bool, &lcp_wantoptions[0].passive,
- "Set passive mode", 1 },
+ OPT_ALIAS | OPT_A2CLR, &lcp_allowoptions[0].neg_pcompression },
+
{ "passive", o_bool, &lcp_wantoptions[0].passive,
"Set passive mode", 1 },
+ { "-p", o_bool, &lcp_wantoptions[0].passive,
+ "Set passive mode", OPT_ALIAS | 1 },
+
{ "silent", o_bool, &lcp_wantoptions[0].silent,
"Set silent mode", 1 },
- { "escape", o_special, setescape,
- "List of character codes to escape on transmission" },
+
{ "lcp-echo-failure", o_int, &lcp_echo_fails,
- "Set number of consecutive echo failures to indicate link failure" },
+ "Set number of consecutive echo failures to indicate link failure",
+ OPT_PRIO },
{ "lcp-echo-interval", o_int, &lcp_echo_interval,
- "Set time in seconds between LCP echo requests" },
+ "Set time in seconds between LCP echo requests", OPT_PRIO },
+ { "lcp-echo-adaptive", o_bool, &lcp_echo_adaptive,
+ "Suppress LCP echo requests if traffic was received", 1 },
{ "lcp-restart", o_int, &lcp_fsm[0].timeouttime,
- "Set time in seconds between LCP retransmissions" },
+ "Set time in seconds between LCP retransmissions", OPT_PRIO },
{ "lcp-max-terminate", o_int, &lcp_fsm[0].maxtermtransmits,
- "Set maximum number of LCP terminate-request transmissions" },
+ "Set maximum number of LCP terminate-request transmissions", OPT_PRIO },
{ "lcp-max-configure", o_int, &lcp_fsm[0].maxconfreqtransmits,
- "Set maximum number of LCP configure-request transmissions" },
+ "Set maximum number of LCP configure-request transmissions", OPT_PRIO },
{ "lcp-max-failure", o_int, &lcp_fsm[0].maxnakloops,
- "Set limit on number of LCP configure-naks" },
+ "Set limit on number of LCP configure-naks", OPT_PRIO },
+
{ "receive-all", o_bool, &lax_recv,
"Accept all received control characters", 1 },
+
+#ifdef HAVE_MULTILINK
+ { "mrru", o_int, &lcp_wantoptions[0].mrru,
+ "Maximum received packet size for multilink bundle",
+ OPT_PRIO, &lcp_wantoptions[0].neg_mrru },
+
+ { "mpshortseq", o_bool, &lcp_wantoptions[0].neg_ssnhf,
+ "Use short sequence numbers in multilink headers",
+ OPT_PRIO | 1, &lcp_allowoptions[0].neg_ssnhf },
+ { "nompshortseq", o_bool, &lcp_wantoptions[0].neg_ssnhf,
+ "Don't use short sequence numbers in multilink headers",
+ OPT_PRIOSUB | OPT_A2CLR, &lcp_allowoptions[0].neg_ssnhf },
+
+ { "endpoint", o_special, (void *) setendpoint,
+ "Endpoint discriminator for multilink",
+ OPT_PRIO | OPT_A2PRINTER, (void *) printendpoint },
+#endif /* HAVE_MULTILINK */
+
+ { "noendpoint", o_bool, &noendpoint,
+ "Don't send or accept multilink endpoint discriminator", 1 },
+
{NULL}
};
lcp_options lcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */
lcp_options lcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */
lcp_options lcp_hisoptions[NUM_PPP]; /* Options that we ack'd */
-u_int32_t xmit_accm[NUM_PPP][8]; /* extended transmit ACCM */
-static u_int32_t lcp_echos_pending = 0; /* Number of outstanding echo msgs */
-static u_int32_t lcp_echo_number = 0; /* ID number of next echo frame */
-static u_int32_t lcp_echo_timer_running = 0; /* set if a timer is running */
+static int lcp_echos_pending = 0; /* Number of outstanding echo msgs */
+static int lcp_echo_number = 0; /* ID number of next echo frame */
+static int lcp_echo_timer_running = 0; /* set if a timer is running */
static u_char nak_buffer[PPP_MRU]; /* where we construct a nak packet */
/*
* Callbacks for fsm code. (CI = Configuration Information)
*/
-static void lcp_resetci __P((fsm *)); /* Reset our CI */
-static int lcp_cilen __P((fsm *)); /* Return length of our CI */
-static void lcp_addci __P((fsm *, u_char *, int *)); /* Add our CI to pkt */
-static int lcp_ackci __P((fsm *, u_char *, int)); /* Peer ack'd our CI */
-static int lcp_nakci __P((fsm *, u_char *, int)); /* Peer nak'd our CI */
-static int lcp_rejci __P((fsm *, u_char *, int)); /* Peer rej'd our CI */
-static int lcp_reqci __P((fsm *, u_char *, int *, int)); /* Rcv peer CI */
-static void lcp_up __P((fsm *)); /* We're UP */
-static void lcp_down __P((fsm *)); /* We're DOWN */
-static void lcp_starting __P((fsm *)); /* We need lower layer up */
-static void lcp_finished __P((fsm *)); /* We need lower layer down */
-static int lcp_extcode __P((fsm *, int, int, u_char *, int));
-static void lcp_rprotrej __P((fsm *, u_char *, int));
+static void lcp_resetci(fsm *); /* Reset our CI */
+static int lcp_cilen(fsm *); /* Return length of our CI */
+static void lcp_addci(fsm *, u_char *, int *); /* Add our CI to pkt */
+static int lcp_ackci(fsm *, u_char *, int); /* Peer ack'd our CI */
+static int lcp_nakci(fsm *, u_char *, int, int); /* Peer nak'd our CI */
+static int lcp_rejci(fsm *, u_char *, int); /* Peer rej'd our CI */
+static int lcp_reqci(fsm *, u_char *, int *, int); /* Rcv peer CI */
+static void lcp_up(fsm *); /* We're UP */
+static void lcp_down(fsm *); /* We're DOWN */
+static void lcp_starting(fsm *); /* We need lower layer up */
+static void lcp_finished(fsm *); /* We need lower layer down */
+static int lcp_extcode(fsm *, int, int, u_char *, int);
+static void lcp_rprotrej(fsm *, u_char *, int);
/*
* routines to send LCP echos to peer
*/
-static void lcp_echo_lowerup __P((int));
-static void lcp_echo_lowerdown __P((int));
-static void LcpEchoTimeout __P((void *));
-static void lcp_received_echo_reply __P((fsm *, int, u_char *, int));
-static void LcpSendEchoRequest __P((fsm *));
-static void LcpLinkFailure __P((fsm *));
-static void LcpEchoCheck __P((fsm *));
+static void lcp_echo_lowerup(int);
+static void lcp_echo_lowerdown(int);
+static void LcpEchoTimeout(void *);
+static void lcp_received_echo_reply(fsm *, int, u_char *, int);
+static void LcpSendEchoRequest(fsm *);
+static void LcpLinkFailure(fsm *);
+static void LcpEchoCheck(fsm *);
static fsm_callbacks lcp_callbacks = { /* LCP callback routines */
lcp_resetci, /* Reset our Configuration Information */
* Some of these are called directly.
*/
-static void lcp_init __P((int));
-static void lcp_input __P((int, u_char *, int));
-static void lcp_protrej __P((int));
-static int lcp_printpkt __P((u_char *, int,
- void (*) __P((void *, char *, ...)), void *));
+static void lcp_init(int);
+static void lcp_input(int, u_char *, int);
+static void lcp_protrej(int);
+static int lcp_printpkt(u_char *, int, void (*)(void *, char *, ...), void *);
struct protent lcp_protent = {
PPP_LCP,
*/
#define CILEN_VOID 2
#define CILEN_CHAR 3
-#define CILEN_SHORT 4 /* CILEN_VOID + sizeof(short) */
-#define CILEN_CHAP 5 /* CILEN_VOID + sizeof(short) + 1 */
-#define CILEN_LONG 6 /* CILEN_VOID + sizeof(long) */
-#define CILEN_LQR 8 /* CILEN_VOID + sizeof(short) + sizeof(long) */
+#define CILEN_SHORT 4 /* CILEN_VOID + 2 */
+#define CILEN_CHAP 5 /* CILEN_VOID + 2 + 1 */
+#define CILEN_LONG 6 /* CILEN_VOID + 4 */
+#define CILEN_LQR 8 /* CILEN_VOID + 2 + 4 */
#define CILEN_CBCP 3
#define CODENAME(x) ((x) == CONFACK ? "ACK" : \
(x) == CONFNAK ? "NAK" : "REJ")
-
/*
- * setescape - add chars to the set we escape on transmission.
+ * noopt - Disable all options (why?).
*/
static int
-setescape(argv)
- char **argv;
+noopt(char **argv)
{
- int n, ret;
- char *p, *endp;
-
- p = *argv;
- ret = 1;
- while (*p) {
- n = strtol(p, &endp, 16);
- if (p == endp) {
- option_error("escape parameter contains invalid hex number '%s'",
- p);
- return 0;
- }
- p = endp;
- if (n < 0 || n == 0x5E || n > 0xFF) {
- option_error("can't escape character 0x%x", n);
- ret = 0;
- } else
- xmit_accm[0][n >> 5] |= 1 << (n & 0x1F);
- while (*p == ',' || *p == ' ')
- ++p;
+ BZERO((char *) &lcp_wantoptions[0], sizeof (struct lcp_options));
+ BZERO((char *) &lcp_allowoptions[0], sizeof (struct lcp_options));
+
+ return (1);
+}
+
+#ifdef HAVE_MULTILINK
+static int
+setendpoint(char **argv)
+{
+ if (str_to_epdisc(&lcp_wantoptions[0].endpoint, *argv)) {
+ lcp_wantoptions[0].neg_endpoint = 1;
+ return 1;
}
- return ret;
+ option_error("Can't parse '%s' as an endpoint discriminator", *argv);
+ return 0;
}
+static void
+printendpoint(option_t *opt, void (*printer)(void *, char *, ...), void *arg)
+{
+ printer(arg, "%s", epdisc_to_str(&lcp_wantoptions[0].endpoint));
+}
+#endif /* HAVE_MULTILINK */
+
/*
* lcp_init - Initialize LCP.
*/
static void
-lcp_init(unit)
- int unit;
+lcp_init(int unit)
{
fsm *f = &lcp_fsm[unit];
lcp_options *wo = &lcp_wantoptions[unit];
fsm_init(f);
- wo->passive = 0;
- wo->silent = 0;
- wo->restart = 0; /* Set to 1 in kernels or multi-line
- implementations */
+ BZERO(wo, sizeof(*wo));
wo->neg_mru = 1;
wo->mru = DEFMRU;
wo->neg_asyncmap = 1;
- wo->asyncmap = 0;
- wo->neg_chap = 0; /* Set to 1 on server */
- wo->neg_upap = 0; /* Set to 1 on server */
- wo->chap_mdtype = CHAP_DIGEST_MD5;
wo->neg_magicnumber = 1;
wo->neg_pcompression = 1;
wo->neg_accompression = 1;
- wo->neg_lqr = 0; /* no LQR implementation yet */
- wo->neg_cbcp = 0;
+ BZERO(ao, sizeof(*ao));
ao->neg_mru = 1;
ao->mru = MAXMRU;
ao->neg_asyncmap = 1;
- ao->asyncmap = 0;
ao->neg_chap = 1;
- ao->chap_mdtype = CHAP_DIGEST_MD5;
+ ao->chap_mdtype = chap_mdtype_all;
ao->neg_upap = 1;
+ ao->neg_eap = 1;
ao->neg_magicnumber = 1;
ao->neg_pcompression = 1;
ao->neg_accompression = 1;
- ao->neg_lqr = 0; /* no LQR implementation yet */
-#ifdef CBCP_SUPPORT
- ao->neg_cbcp = 1;
-#else
- ao->neg_cbcp = 0;
-#endif
-
- memset(xmit_accm[unit], 0, sizeof(xmit_accm[0]));
- xmit_accm[unit][3] = 0x60000000;
+ ao->neg_endpoint = 1;
}
* lcp_open - LCP is allowed to come up.
*/
void
-lcp_open(unit)
- int unit;
+lcp_open(int unit)
{
fsm *f = &lcp_fsm[unit];
lcp_options *wo = &lcp_wantoptions[unit];
- f->flags = 0;
+ f->flags &= ~(OPT_PASSIVE | OPT_SILENT);
if (wo->passive)
f->flags |= OPT_PASSIVE;
if (wo->silent)
* lcp_close - Take LCP down.
*/
void
-lcp_close(unit, reason)
- int unit;
- char *reason;
+lcp_close(int unit, char *reason)
{
fsm *f = &lcp_fsm[unit];
+ int oldstate;
- if (phase != PHASE_DEAD)
- phase = PHASE_TERMINATE;
- if (f->state == STOPPED && f->flags & (OPT_PASSIVE|OPT_SILENT)) {
+ if (phase != PHASE_DEAD && phase != PHASE_MASTER)
+ new_phase(PHASE_TERMINATE);
+
+ if (f->flags & DELAYED_UP) {
+ untimeout(lcp_delayed_up, f);
+ f->state = STOPPED;
+ }
+ oldstate = f->state;
+
+ fsm_close(f, reason);
+ if (oldstate == STOPPED && f->flags & (OPT_PASSIVE|OPT_SILENT|DELAYED_UP)) {
/*
* This action is not strictly according to the FSM in RFC1548,
* but it does mean that the program terminates if you do a
- * lcp_close() in passive/silent mode when a connection hasn't
- * been established.
+ * lcp_close() when a connection hasn't been established
+ * because we are in passive/silent mode or because we have
+ * delayed the fsm_lowerup() call and it hasn't happened yet.
*/
- f->state = CLOSED;
+ f->flags &= ~DELAYED_UP;
lcp_finished(f);
-
- } else
- fsm_close(&lcp_fsm[unit], reason);
+ }
}
* lcp_lowerup - The lower layer is up.
*/
void
-lcp_lowerup(unit)
- int unit;
+lcp_lowerup(int unit)
{
lcp_options *wo = &lcp_wantoptions[unit];
+ fsm *f = &lcp_fsm[unit];
/*
* Don't use A/C or protocol compression on transmission,
* but accept A/C and protocol compressed packets
* if we are going to ask for A/C and protocol compression.
*/
- ppp_set_xaccm(unit, xmit_accm[unit]);
- ppp_send_config(unit, PPP_MRU, 0xffffffff, 0, 0);
- ppp_recv_config(unit, PPP_MRU, (lax_recv? 0: 0xffffffff),
- wo->neg_pcompression, wo->neg_accompression);
+ if (ppp_send_config(unit, PPP_MRU, 0xffffffff, 0, 0) < 0
+ || ppp_recv_config(unit, PPP_MRU, (lax_recv? 0: 0xffffffff),
+ wo->neg_pcompression, wo->neg_accompression) < 0)
+ return;
peer_mru[unit] = PPP_MRU;
- lcp_allowoptions[unit].asyncmap = xmit_accm[unit][0];
- fsm_lowerup(&lcp_fsm[unit]);
+ if (listen_time != 0) {
+ f->flags |= DELAYED_UP;
+ timeout(lcp_delayed_up, f, 0, listen_time * 1000);
+ } else
+ fsm_lowerup(f);
}
* lcp_lowerdown - The lower layer is down.
*/
void
-lcp_lowerdown(unit)
- int unit;
+lcp_lowerdown(int unit)
{
- fsm_lowerdown(&lcp_fsm[unit]);
+ fsm *f = &lcp_fsm[unit];
+
+ if (f->flags & DELAYED_UP) {
+ f->flags &= ~DELAYED_UP;
+ untimeout(lcp_delayed_up, f);
+ } else
+ fsm_lowerdown(&lcp_fsm[unit]);
+}
+
+
+/*
+ * lcp_delayed_up - Bring the lower layer up now.
+ */
+static void
+lcp_delayed_up(void *arg)
+{
+ fsm *f = arg;
+
+ if (f->flags & DELAYED_UP) {
+ f->flags &= ~DELAYED_UP;
+ fsm_lowerup(f);
+ }
}
* lcp_input - Input LCP packet.
*/
static void
-lcp_input(unit, p, len)
- int unit;
- u_char *p;
- int len;
+lcp_input(int unit, u_char *p, int len)
{
fsm *f = &lcp_fsm[unit];
+ if (f->flags & DELAYED_UP) {
+ f->flags &= ~DELAYED_UP;
+ untimeout(lcp_delayed_up, f);
+ fsm_lowerup(f);
+ }
fsm_input(f, p, len);
}
-
/*
* lcp_extcode - Handle a LCP-specific code.
*/
static int
-lcp_extcode(f, code, id, inp, len)
- fsm *f;
- int code, id;
- u_char *inp;
- int len;
+lcp_extcode(fsm *f, int code, int id, u_char *inp, int len)
{
u_char *magp;
break;
case DISCREQ:
+ case IDENTIF:
+ case TIMEREM:
break;
default:
* Figure out which protocol is rejected and inform it.
*/
static void
-lcp_rprotrej(f, inp, len)
- fsm *f;
- u_char *inp;
- int len;
+lcp_rprotrej(fsm *f, u_char *inp, int len)
{
int i;
struct protent *protp;
u_short prot;
+ const char *pname;
- if (len < sizeof (u_short)) {
+ if (len < 2) {
LCPDEBUG(("lcp_rprotrej: Rcvd short Protocol-Reject packet!"));
return;
}
return;
}
+ pname = protocol_name(prot);
+
/*
* Upcall the proper Protocol-Reject routine.
*/
for (i = 0; (protp = protocols[i]) != NULL; ++i)
if (protp->protocol == prot && protp->enabled_flag) {
+ if (pname == NULL)
+ dbglog("Protocol-Reject for 0x%x received", prot);
+ else
+ dbglog("Protocol-Reject for '%s' (0x%x) received", pname,
+ prot);
(*protp->protrej)(f->unit);
return;
}
- warn("Protocol-Reject for unsupported protocol 0x%x", prot);
+ if (pname == NULL)
+ warn("Protocol-Reject for unsupported protocol 0x%x", prot);
+ else
+ warn("Protocol-Reject for unsupported protocol '%s' (0x%x)", pname,
+ prot);
}
*/
/*ARGSUSED*/
static void
-lcp_protrej(unit)
- int unit;
+lcp_protrej(int unit)
{
/*
* Can't reject LCP!
* lcp_sprotrej - Send a Protocol-Reject for some protocol.
*/
void
-lcp_sprotrej(unit, p, len)
- int unit;
- u_char *p;
- int len;
+lcp_sprotrej(int unit, u_char *p, int len)
{
/*
* Send back the protocol and the information field of the
* lcp_resetci - Reset our CI.
*/
static void
-lcp_resetci(f)
- fsm *f;
+lcp_resetci(fsm *f)
{
- lcp_wantoptions[f->unit].magicnumber = magic();
- lcp_wantoptions[f->unit].numloops = 0;
- lcp_gotoptions[f->unit] = lcp_wantoptions[f->unit];
+ lcp_options *wo = &lcp_wantoptions[f->unit];
+ lcp_options *go = &lcp_gotoptions[f->unit];
+ lcp_options *ao = &lcp_allowoptions[f->unit];
+
+ wo->magicnumber = magic();
+ wo->numloops = 0;
+ *go = *wo;
+ if (!multilink) {
+ go->neg_mrru = 0;
+ go->neg_ssnhf = 0;
+ go->neg_endpoint = 0;
+ }
+ if (noendpoint)
+ ao->neg_endpoint = 0;
peer_mru[f->unit] = PPP_MRU;
auth_reset(f->unit);
}
* lcp_cilen - Return length of our CI.
*/
static int
-lcp_cilen(f)
- fsm *f;
+lcp_cilen(fsm *f)
{
lcp_options *go = &lcp_gotoptions[f->unit];
#define LENCILQR(neg) ((neg) ? CILEN_LQR: 0)
#define LENCICBCP(neg) ((neg) ? CILEN_CBCP: 0)
/*
- * NB: we only ask for one of CHAP and UPAP, even if we will
- * accept either.
+ * NB: we only ask for one of CHAP, UPAP, or EAP, even if we will
+ * accept more than one. We prefer EAP first, then CHAP, then
+ * PAP.
*/
return (LENCISHORT(go->neg_mru && go->mru != DEFMRU) +
LENCILONG(go->neg_asyncmap && go->asyncmap != 0xFFFFFFFF) +
- LENCICHAP(go->neg_chap) +
- LENCISHORT(!go->neg_chap && go->neg_upap) +
+ LENCISHORT(go->neg_eap) +
+ LENCICHAP(!go->neg_eap && go->neg_chap) +
+ LENCISHORT(!go->neg_eap && !go->neg_chap && go->neg_upap) +
LENCILQR(go->neg_lqr) +
LENCICBCP(go->neg_cbcp) +
LENCILONG(go->neg_magicnumber) +
LENCIVOID(go->neg_pcompression) +
- LENCIVOID(go->neg_accompression));
+ LENCIVOID(go->neg_accompression) +
+ LENCISHORT(go->neg_mrru) +
+ LENCIVOID(go->neg_ssnhf) +
+ (go->neg_endpoint? CILEN_CHAR + go->endpoint.length: 0));
}
* lcp_addci - Add our desired CIs to a packet.
*/
static void
-lcp_addci(f, ucp, lenp)
- fsm *f;
- u_char *ucp;
- int *lenp;
+lcp_addci(fsm *f, u_char *ucp, int *lenp)
{
lcp_options *go = &lcp_gotoptions[f->unit];
u_char *start_ucp = ucp;
PUTCHAR(CILEN_SHORT, ucp); \
PUTSHORT(val, ucp); \
}
-#define ADDCICHAP(opt, neg, val, digest) \
+#define ADDCICHAP(opt, neg, val) \
if (neg) { \
- PUTCHAR(opt, ucp); \
+ PUTCHAR((opt), ucp); \
PUTCHAR(CILEN_CHAP, ucp); \
- PUTSHORT(val, ucp); \
- PUTCHAR(digest, ucp); \
+ PUTSHORT(PPP_CHAP, ucp); \
+ PUTCHAR((CHAP_DIGEST(val)), ucp); \
}
#define ADDCILONG(opt, neg, val) \
if (neg) { \
PUTCHAR(CILEN_CHAR, ucp); \
PUTCHAR(val, ucp); \
}
+#define ADDCIENDP(opt, neg, class, val, len) \
+ if (neg) { \
+ int i; \
+ PUTCHAR(opt, ucp); \
+ PUTCHAR(CILEN_CHAR + len, ucp); \
+ PUTCHAR(class, ucp); \
+ for (i = 0; i < len; ++i) \
+ PUTCHAR(val[i], ucp); \
+ }
ADDCISHORT(CI_MRU, go->neg_mru && go->mru != DEFMRU, go->mru);
ADDCILONG(CI_ASYNCMAP, go->neg_asyncmap && go->asyncmap != 0xFFFFFFFF,
go->asyncmap);
- ADDCICHAP(CI_AUTHTYPE, go->neg_chap, PPP_CHAP, go->chap_mdtype);
- ADDCISHORT(CI_AUTHTYPE, !go->neg_chap && go->neg_upap, PPP_PAP);
+ ADDCISHORT(CI_AUTHTYPE, go->neg_eap, PPP_EAP);
+ ADDCICHAP(CI_AUTHTYPE, !go->neg_eap && go->neg_chap, go->chap_mdtype);
+ ADDCISHORT(CI_AUTHTYPE, !go->neg_eap && !go->neg_chap && go->neg_upap,
+ PPP_PAP);
ADDCILQR(CI_QUALITY, go->neg_lqr, go->lqr_period);
ADDCICHAR(CI_CALLBACK, go->neg_cbcp, CBCP_OPT);
ADDCILONG(CI_MAGICNUMBER, go->neg_magicnumber, go->magicnumber);
ADDCIVOID(CI_PCOMPRESSION, go->neg_pcompression);
ADDCIVOID(CI_ACCOMPRESSION, go->neg_accompression);
+ ADDCISHORT(CI_MRRU, go->neg_mrru, go->mrru);
+ ADDCIVOID(CI_SSNHF, go->neg_ssnhf);
+ ADDCIENDP(CI_EPDISC, go->neg_endpoint, go->endpoint.class,
+ go->endpoint.value, go->endpoint.length);
if (ucp - start_ucp != *lenp) {
/* this should never happen, because peer_mtu should be 1500 */
* 1 - Ack was good.
*/
static int
-lcp_ackci(f, p, len)
- fsm *f;
- u_char *p;
- int len;
+lcp_ackci(fsm *f, u_char *p, int len)
{
lcp_options *go = &lcp_gotoptions[f->unit];
u_char cilen, citype, cichar;
if (cichar != val) \
goto bad; \
}
-#define ACKCICHAP(opt, neg, val, digest) \
+#define ACKCICHAP(opt, neg, val) \
if (neg) { \
if ((len -= CILEN_CHAP) < 0) \
goto bad; \
GETCHAR(citype, p); \
GETCHAR(cilen, p); \
if (cilen != CILEN_CHAP || \
- citype != opt) \
+ citype != (opt)) \
goto bad; \
GETSHORT(cishort, p); \
- if (cishort != val) \
+ if (cishort != PPP_CHAP) \
goto bad; \
GETCHAR(cichar, p); \
- if (cichar != digest) \
+ if (cichar != (CHAP_DIGEST(val))) \
goto bad; \
}
#define ACKCILONG(opt, neg, val) \
if (cilong != val) \
goto bad; \
}
+#define ACKCIENDP(opt, neg, class, val, vlen) \
+ if (neg) { \
+ int i; \
+ if ((len -= CILEN_CHAR + vlen) < 0) \
+ goto bad; \
+ GETCHAR(citype, p); \
+ GETCHAR(cilen, p); \
+ if (cilen != CILEN_CHAR + vlen || \
+ citype != opt) \
+ goto bad; \
+ GETCHAR(cichar, p); \
+ if (cichar != class) \
+ goto bad; \
+ for (i = 0; i < vlen; ++i) { \
+ GETCHAR(cichar, p); \
+ if (cichar != val[i]) \
+ goto bad; \
+ } \
+ }
ACKCISHORT(CI_MRU, go->neg_mru && go->mru != DEFMRU, go->mru);
ACKCILONG(CI_ASYNCMAP, go->neg_asyncmap && go->asyncmap != 0xFFFFFFFF,
go->asyncmap);
- ACKCICHAP(CI_AUTHTYPE, go->neg_chap, PPP_CHAP, go->chap_mdtype);
- ACKCISHORT(CI_AUTHTYPE, !go->neg_chap && go->neg_upap, PPP_PAP);
+ ACKCISHORT(CI_AUTHTYPE, go->neg_eap, PPP_EAP);
+ ACKCICHAP(CI_AUTHTYPE, !go->neg_eap && go->neg_chap, go->chap_mdtype);
+ ACKCISHORT(CI_AUTHTYPE, !go->neg_eap && !go->neg_chap && go->neg_upap,
+ PPP_PAP);
ACKCILQR(CI_QUALITY, go->neg_lqr, go->lqr_period);
ACKCICHAR(CI_CALLBACK, go->neg_cbcp, CBCP_OPT);
ACKCILONG(CI_MAGICNUMBER, go->neg_magicnumber, go->magicnumber);
ACKCIVOID(CI_PCOMPRESSION, go->neg_pcompression);
ACKCIVOID(CI_ACCOMPRESSION, go->neg_accompression);
+ ACKCISHORT(CI_MRRU, go->neg_mrru, go->mrru);
+ ACKCIVOID(CI_SSNHF, go->neg_ssnhf);
+ ACKCIENDP(CI_EPDISC, go->neg_endpoint, go->endpoint.class,
+ go->endpoint.value, go->endpoint.length);
/*
* If there are any remaining CIs, then this packet is bad.
* 1 - Nak was good.
*/
static int
-lcp_nakci(f, p, len)
- fsm *f;
- u_char *p;
- int len;
+lcp_nakci(fsm *f, u_char *p, int len, int treat_as_reject)
{
lcp_options *go = &lcp_gotoptions[f->unit];
lcp_options *wo = &lcp_wantoptions[f->unit];
* Check packet length and CI length at each step.
* If we find any deviations, then this packet is bad.
*/
-#define NAKCIVOID(opt, neg, code) \
+#define NAKCIVOID(opt, neg) \
if (go->neg && \
len >= CILEN_VOID && \
p[1] == CILEN_VOID && \
len -= CILEN_VOID; \
INCPTR(CILEN_VOID, p); \
no.neg = 1; \
- code \
+ try.neg = 0; \
}
#define NAKCICHAP(opt, neg, code) \
if (go->neg && \
no.neg = 1; \
code \
}
+#define NAKCIENDP(opt, neg) \
+ if (go->neg && \
+ len >= CILEN_CHAR && \
+ p[0] == opt && \
+ p[1] >= CILEN_CHAR && \
+ p[1] <= len) { \
+ len -= p[1]; \
+ INCPTR(p[1], p); \
+ no.neg = 1; \
+ try.neg = 0; \
+ }
+ /*
+ * NOTE! There must be no assignments to individual fields of *go in
+ * the code below. Any such assignment is a BUG!
+ */
/*
* We don't care if they want to send us smaller packets than
* we want. Therefore, accept any MRU less than what we asked for,
* they are proposing a different protocol, or a different
* hash algorithm for CHAP.
*/
- if ((go->neg_chap || go->neg_upap)
+ if ((go->neg_chap || go->neg_upap || go->neg_eap)
&& len >= CILEN_SHORT
&& p[0] == CI_AUTHTYPE && p[1] >= CILEN_SHORT && p[1] <= len) {
cilen = p[1];
len -= cilen;
no.neg_chap = go->neg_chap;
no.neg_upap = go->neg_upap;
+ no.neg_eap = go->neg_eap;
INCPTR(2, p);
- GETSHORT(cishort, p);
+ GETSHORT(cishort, p);
if (cishort == PPP_PAP && cilen == CILEN_SHORT) {
+ /* If we were asking for EAP, then we need to stop that. */
+ if (go->neg_eap)
+ try.neg_eap = 0;
+
+ /* If we were asking for CHAP, then we need to stop that. */
+ else if (go->neg_chap)
+ try.neg_chap = 0;
/*
- * If we were asking for CHAP, they obviously don't want to do it.
- * If we weren't asking for CHAP, then we were asking for PAP,
- * in which case this Nak is bad.
+ * If we weren't asking for CHAP or EAP, then we were asking for
+ * PAP, in which case this Nak is bad.
*/
- if (!go->neg_chap)
+ else
goto bad;
- try.neg_chap = 0;
} else if (cishort == PPP_CHAP && cilen == CILEN_CHAP) {
GETCHAR(cichar, p);
- if (go->neg_chap) {
+ /* Stop asking for EAP, if we were. */
+ if (go->neg_eap) {
+ try.neg_eap = 0;
+ /* Try to set up to use their suggestion, if possible */
+ if (CHAP_CANDIGEST(go->chap_mdtype, cichar))
+ try.chap_mdtype = CHAP_MDTYPE_D(cichar);
+ } else if (go->neg_chap) {
/*
- * We were asking for CHAP/MD5; they must want a different
- * algorithm. If they can't do MD5, we'll have to stop
- * asking for CHAP.
+ * We were asking for our preferred algorithm, they must
+ * want something different.
*/
- if (cichar != go->chap_mdtype)
- try.neg_chap = 0;
+ if (cichar != CHAP_DIGEST(go->chap_mdtype)) {
+ if (CHAP_CANDIGEST(go->chap_mdtype, cichar)) {
+ /* Use their suggestion if we support it ... */
+ try.chap_mdtype = CHAP_MDTYPE_D(cichar);
+ } else {
+ /* ... otherwise, try our next-preferred algorithm. */
+ try.chap_mdtype &= ~(CHAP_MDTYPE(try.chap_mdtype));
+ if (try.chap_mdtype == MDTYPE_NONE) /* out of algos */
+ try.neg_chap = 0;
+ }
+ } else {
+ /*
+ * Whoops, they Nak'd our algorithm of choice
+ * but then suggested it back to us.
+ */
+ goto bad;
+ }
} else {
/*
* Stop asking for PAP if we were asking for it.
}
} else {
+
+ /*
+ * If we were asking for EAP, and they're Conf-Naking EAP,
+ * well, that's just strange. Nobody should do that.
+ */
+ if (cishort == PPP_EAP && cilen == CILEN_SHORT && go->neg_eap)
+ dbglog("Unexpected Conf-Nak for EAP");
+
/*
* We don't recognize what they're suggesting.
* Stop asking for what we were asking for.
*/
- if (go->neg_chap)
+ if (go->neg_eap)
+ try.neg_eap = 0;
+ else if (go->neg_chap)
try.neg_chap = 0;
else
try.neg_upap = 0;
* address/control compression requests; they should send
* a Reject instead. If they send a Nak, treat it as a Reject.
*/
- NAKCIVOID(CI_PCOMPRESSION, neg_pcompression,
- try.neg_pcompression = 0;
- );
- NAKCIVOID(CI_ACCOMPRESSION, neg_accompression,
- try.neg_accompression = 0;
- );
+ NAKCIVOID(CI_PCOMPRESSION, neg_pcompression);
+ NAKCIVOID(CI_ACCOMPRESSION, neg_accompression);
+
+ /*
+ * Nak for MRRU option - accept their value if it is smaller
+ * than the one we want.
+ */
+ if (go->neg_mrru) {
+ NAKCISHORT(CI_MRRU, neg_mrru,
+ if (treat_as_reject)
+ try.neg_mrru = 0;
+ else if (cishort <= wo->mrru)
+ try.mrru = cishort;
+ );
+ }
+
+ /*
+ * Nak for short sequence numbers shouldn't be sent, treat it
+ * like a reject.
+ */
+ NAKCIVOID(CI_SSNHF, neg_ssnhf);
+
+ /*
+ * Nak of the endpoint discriminator option is not permitted,
+ * treat it like a reject.
+ */
+ NAKCIENDP(CI_EPDISC, neg_endpoint);
/*
* There may be remaining CIs, if the peer is requesting negotiation
* An option we don't recognize represents the peer asking to
* negotiate some option we don't support, so ignore it.
*/
- while (len > CILEN_VOID) {
+ while (len >= CILEN_VOID) {
GETCHAR(citype, p);
GETCHAR(cilen, p);
if (cilen < CILEN_VOID || (len -= cilen) < 0)
|| no.neg_mru || cilen != CILEN_SHORT)
goto bad;
GETSHORT(cishort, p);
- if (cishort < DEFMRU)
+ if (cishort < DEFMRU) {
+ try.neg_mru = 1;
try.mru = cishort;
+ }
break;
case CI_ASYNCMAP:
if ((go->neg_asyncmap && go->asyncmap != 0xFFFFFFFF)
goto bad;
break;
case CI_AUTHTYPE:
- if (go->neg_chap || no.neg_chap || go->neg_upap || no.neg_upap)
+ if (go->neg_chap || no.neg_chap || go->neg_upap || no.neg_upap ||
+ go->neg_eap || no.neg_eap)
goto bad;
break;
case CI_MAGICNUMBER:
if (go->neg_lqr || no.neg_lqr || cilen != CILEN_LQR)
goto bad;
break;
+ case CI_MRRU:
+ if (go->neg_mrru || no.neg_mrru || cilen != CILEN_SHORT)
+ goto bad;
+ break;
+ case CI_SSNHF:
+ if (go->neg_ssnhf || no.neg_ssnhf || cilen != CILEN_VOID)
+ goto bad;
+ try.neg_ssnhf = 1;
+ break;
+ case CI_EPDISC:
+ if (go->neg_endpoint || no.neg_endpoint || cilen < CILEN_CHAR)
+ goto bad;
+ break;
}
p = next;
}
if (looped_back) {
if (++try.numloops >= lcp_loopbackfail) {
notice("Serial line is looped back.");
+ status = EXIT_LOOPBACK;
lcp_close(f->unit, "Loopback detected");
}
} else
* 1 - Reject was good.
*/
static int
-lcp_rejci(f, p, len)
- fsm *f;
- u_char *p;
- int len;
+lcp_rejci(fsm *f, u_char *p, int len)
{
lcp_options *go = &lcp_gotoptions[f->unit];
u_char cichar;
goto bad; \
try.neg = 0; \
}
-#define REJCICHAP(opt, neg, val, digest) \
+#define REJCICHAP(opt, neg, val) \
if (go->neg && \
len >= CILEN_CHAP && \
p[1] == CILEN_CHAP && \
GETSHORT(cishort, p); \
GETCHAR(cichar, p); \
/* Check rejected value. */ \
- if (cishort != val || cichar != digest) \
+ if ((cishort != PPP_CHAP) || (cichar != (CHAP_DIGEST(val)))) \
goto bad; \
try.neg = 0; \
- try.neg_upap = 0; \
+ try.neg_eap = try.neg_upap = 0; \
}
#define REJCILONG(opt, neg, val) \
if (go->neg && \
goto bad; \
try.neg = 0; \
}
+#define REJCIENDP(opt, neg, class, val, vlen) \
+ if (go->neg && \
+ len >= CILEN_CHAR + vlen && \
+ p[0] == opt && \
+ p[1] == CILEN_CHAR + vlen) { \
+ int i; \
+ len -= CILEN_CHAR + vlen; \
+ INCPTR(2, p); \
+ GETCHAR(cichar, p); \
+ if (cichar != class) \
+ goto bad; \
+ for (i = 0; i < vlen; ++i) { \
+ GETCHAR(cichar, p); \
+ if (cichar != val[i]) \
+ goto bad; \
+ } \
+ try.neg = 0; \
+ }
REJCISHORT(CI_MRU, neg_mru, go->mru);
REJCILONG(CI_ASYNCMAP, neg_asyncmap, go->asyncmap);
- REJCICHAP(CI_AUTHTYPE, neg_chap, PPP_CHAP, go->chap_mdtype);
- if (!go->neg_chap) {
- REJCISHORT(CI_AUTHTYPE, neg_upap, PPP_PAP);
+ REJCISHORT(CI_AUTHTYPE, neg_eap, PPP_EAP);
+ if (!go->neg_eap) {
+ REJCICHAP(CI_AUTHTYPE, neg_chap, go->chap_mdtype);
+ if (!go->neg_chap) {
+ REJCISHORT(CI_AUTHTYPE, neg_upap, PPP_PAP);
+ }
}
REJCILQR(CI_QUALITY, neg_lqr, go->lqr_period);
REJCICBCP(CI_CALLBACK, neg_cbcp, CBCP_OPT);
REJCILONG(CI_MAGICNUMBER, neg_magicnumber, go->magicnumber);
REJCIVOID(CI_PCOMPRESSION, neg_pcompression);
REJCIVOID(CI_ACCOMPRESSION, neg_accompression);
+ REJCISHORT(CI_MRRU, neg_mrru, go->mrru);
+ REJCIVOID(CI_SSNHF, neg_ssnhf);
+ REJCIENDP(CI_EPDISC, neg_endpoint, go->endpoint.class,
+ go->endpoint.value, go->endpoint.length);
/*
* If there are any remaining CIs, then this packet is bad.
* CONFNAK; returns CONFREJ if it can't return CONFACK.
*/
static int
-lcp_reqci(f, inp, lenp, reject_if_disagree)
- fsm *f;
- u_char *inp; /* Requested CIs */
- int *lenp; /* Length of requested CIs */
- int reject_if_disagree;
+lcp_reqci(fsm *f, u_char *inp, int *lenp, int reject_if_disagree)
{
lcp_options *go = &lcp_gotoptions[f->unit];
lcp_options *ho = &lcp_hisoptions[f->unit];
case CI_AUTHTYPE:
if (cilen < CILEN_SHORT ||
- !(ao->neg_upap || ao->neg_chap)) {
+ !(ao->neg_upap || ao->neg_chap || ao->neg_eap)) {
/*
* Reject the option if we're not willing to authenticate.
*/
+ dbglog("No auth is possible");
orc = CONFREJ;
break;
}
GETSHORT(cishort, p);
/*
- * Authtype must be UPAP or CHAP.
+ * Authtype must be PAP, CHAP, or EAP.
*
- * Note: if both ao->neg_upap and ao->neg_chap are set,
- * and the peer sends a Configure-Request with two
- * authenticate-protocol requests, one for CHAP and one
- * for UPAP, then we will reject the second request.
- * Whether we end up doing CHAP or UPAP depends then on
+ * Note: if more than one of ao->neg_upap, ao->neg_chap, and
+ * ao->neg_eap are set, and the peer sends a Configure-Request
+ * with two or more authenticate-protocol requests, then we will
+ * reject the second request.
+ * Whether we end up doing CHAP, UPAP, or EAP depends then on
* the ordering of the CIs in the peer's Configure-Request.
- */
+ */
if (cishort == PPP_PAP) {
- if (ho->neg_chap || /* we've already accepted CHAP */
+ /* we've already accepted CHAP or EAP */
+ if (ho->neg_chap || ho->neg_eap ||
cilen != CILEN_SHORT) {
LCPDEBUG(("lcp_reqci: rcvd AUTHTYPE PAP, rejecting..."));
orc = CONFREJ;
break;
}
if (!ao->neg_upap) { /* we don't want to do PAP */
- orc = CONFNAK; /* NAK it and suggest CHAP */
+ orc = CONFNAK; /* NAK it and suggest CHAP or EAP */
PUTCHAR(CI_AUTHTYPE, nakp);
- PUTCHAR(CILEN_CHAP, nakp);
- PUTSHORT(PPP_CHAP, nakp);
- PUTCHAR(ao->chap_mdtype, nakp);
+ if (ao->neg_eap) {
+ PUTCHAR(CILEN_SHORT, nakp);
+ PUTSHORT(PPP_EAP, nakp);
+ } else {
+ PUTCHAR(CILEN_CHAP, nakp);
+ PUTSHORT(PPP_CHAP, nakp);
+ PUTCHAR(CHAP_DIGEST(ao->chap_mdtype), nakp);
+ }
break;
}
ho->neg_upap = 1;
break;
}
if (cishort == PPP_CHAP) {
- if (ho->neg_upap || /* we've already accepted PAP */
+ /* we've already accepted PAP or EAP */
+ if (ho->neg_upap || ho->neg_eap ||
cilen != CILEN_CHAP) {
LCPDEBUG(("lcp_reqci: rcvd AUTHTYPE CHAP, rejecting..."));
orc = CONFREJ;
break;
}
if (!ao->neg_chap) { /* we don't want to do CHAP */
- orc = CONFNAK; /* NAK it and suggest PAP */
+ orc = CONFNAK; /* NAK it and suggest EAP or PAP */
PUTCHAR(CI_AUTHTYPE, nakp);
PUTCHAR(CILEN_SHORT, nakp);
- PUTSHORT(PPP_PAP, nakp);
+ if (ao->neg_eap) {
+ PUTSHORT(PPP_EAP, nakp);
+ } else {
+ PUTSHORT(PPP_PAP, nakp);
+ }
break;
}
- GETCHAR(cichar, p); /* get digest type*/
- if (cichar != CHAP_DIGEST_MD5
-#ifdef CHAPMS
- && cichar != CHAP_MICROSOFT
-#endif
- ) {
+ GETCHAR(cichar, p); /* get digest type */
+ if (!(CHAP_CANDIGEST(ao->chap_mdtype, cichar))) {
+ /*
+ * We can't/won't do the requested type,
+ * suggest something else.
+ */
orc = CONFNAK;
PUTCHAR(CI_AUTHTYPE, nakp);
PUTCHAR(CILEN_CHAP, nakp);
PUTSHORT(PPP_CHAP, nakp);
- PUTCHAR(ao->chap_mdtype, nakp);
+ PUTCHAR(CHAP_DIGEST(ao->chap_mdtype), nakp);
break;
}
- ho->chap_mdtype = cichar; /* save md type */
+ ho->chap_mdtype = CHAP_MDTYPE_D(cichar); /* save md type */
ho->neg_chap = 1;
break;
}
+ if (cishort == PPP_EAP) {
+ /* we've already accepted CHAP or PAP */
+ if (ho->neg_chap || ho->neg_upap || cilen != CILEN_SHORT) {
+ LCPDEBUG(("lcp_reqci: rcvd AUTHTYPE EAP, rejecting..."));
+ orc = CONFREJ;
+ break;
+ }
+ if (!ao->neg_eap) { /* we don't want to do EAP */
+ orc = CONFNAK; /* NAK it and suggest CHAP or PAP */
+ PUTCHAR(CI_AUTHTYPE, nakp);
+ if (ao->neg_chap) {
+ PUTCHAR(CILEN_CHAP, nakp);
+ PUTSHORT(PPP_CHAP, nakp);
+ PUTCHAR(CHAP_DIGEST(ao->chap_mdtype), nakp);
+ } else {
+ PUTCHAR(CILEN_SHORT, nakp);
+ PUTSHORT(PPP_PAP, nakp);
+ }
+ break;
+ }
+ ho->neg_eap = 1;
+ break;
+ }
/*
* We don't recognize the protocol they're asking for.
* Nak it with something we're willing to do.
- * (At this point we know ao->neg_upap || ao->neg_chap.)
+ * (At this point we know ao->neg_upap || ao->neg_chap ||
+ * ao->neg_eap.)
*/
orc = CONFNAK;
PUTCHAR(CI_AUTHTYPE, nakp);
- if (ao->neg_chap) {
+ if (ao->neg_eap) {
+ PUTCHAR(CILEN_SHORT, nakp);
+ PUTSHORT(PPP_EAP, nakp);
+ } else if (ao->neg_chap) {
PUTCHAR(CILEN_CHAP, nakp);
PUTSHORT(PPP_CHAP, nakp);
- PUTCHAR(ao->chap_mdtype, nakp);
+ PUTCHAR(CHAP_DIGEST(ao->chap_mdtype), nakp);
} else {
PUTCHAR(CILEN_SHORT, nakp);
PUTSHORT(PPP_PAP, nakp);
ho->neg_accompression = 1;
break;
+ case CI_MRRU:
+ if (!ao->neg_mrru || !multilink ||
+ cilen != CILEN_SHORT) {
+ orc = CONFREJ;
+ break;
+ }
+
+ GETSHORT(cishort, p);
+ /* possibly should insist on a minimum/maximum MRRU here */
+ ho->neg_mrru = 1;
+ ho->mrru = cishort;
+ break;
+
+ case CI_SSNHF:
+ if (!ao->neg_ssnhf || !multilink ||
+ cilen != CILEN_VOID) {
+ orc = CONFREJ;
+ break;
+ }
+ ho->neg_ssnhf = 1;
+ break;
+
+ case CI_EPDISC:
+ if (!ao->neg_endpoint ||
+ cilen < CILEN_CHAR ||
+ cilen > CILEN_CHAR + MAX_ENDP_LEN) {
+ orc = CONFREJ;
+ break;
+ }
+ GETCHAR(cichar, p);
+ cilen -= CILEN_CHAR;
+ ho->neg_endpoint = 1;
+ ho->endpoint.class = cichar;
+ ho->endpoint.length = cilen;
+ BCOPY(p, ho->endpoint.value, cilen);
+ INCPTR(cilen, p);
+ break;
+
default:
LCPDEBUG(("lcp_reqci: rcvd unknown option %d", citype));
orc = CONFREJ;
* lcp_up - LCP has come UP.
*/
static void
-lcp_up(f)
- fsm *f;
+lcp_up(fsm *f)
{
lcp_options *wo = &lcp_wantoptions[f->unit];
lcp_options *ho = &lcp_hisoptions[f->unit];
lcp_options *go = &lcp_gotoptions[f->unit];
lcp_options *ao = &lcp_allowoptions[f->unit];
+ int mtu, mru;
if (!go->neg_magicnumber)
go->magicnumber = 0;
* the MRU our peer wanted. If we negotiated an MRU,
* set our MRU to the larger of value we wanted and
* the value we got in the negotiation.
+ * Note on the MTU: the link MTU can be the MRU the peer wanted,
+ * the interface MTU is set to the lowest of that, the
+ * MTU we want to use, and our link MRU.
*/
- ppp_send_config(f->unit, MIN(ao->mru, (ho->neg_mru? ho->mru: PPP_MRU)),
+ mtu = ho->neg_mru? ho->mru: PPP_MRU;
+ mru = go->neg_mru? MAX(wo->mru, go->mru): PPP_MRU;
+#ifdef HAVE_MULTILINK
+ if (!(multilink && go->neg_mrru && ho->neg_mrru))
+#endif /* HAVE_MULTILINK */
+ netif_set_mtu(f->unit, MIN(MIN(mtu, mru), ao->mru));
+ ppp_send_config(f->unit, mtu,
(ho->neg_asyncmap? ho->asyncmap: 0xffffffff),
ho->neg_pcompression, ho->neg_accompression);
- ppp_recv_config(f->unit, (go->neg_mru? MAX(wo->mru, go->mru): PPP_MRU),
+ ppp_recv_config(f->unit, mru,
(lax_recv? 0: go->neg_asyncmap? go->asyncmap: 0xffffffff),
go->neg_pcompression, go->neg_accompression);
* Alert other protocols.
*/
static void
-lcp_down(f)
- fsm *f;
+lcp_down(fsm *f)
{
lcp_options *go = &lcp_gotoptions[f->unit];
* lcp_starting - LCP needs the lower layer up.
*/
static void
-lcp_starting(f)
- fsm *f;
+lcp_starting(fsm *f)
{
link_required(f->unit);
}
* lcp_finished - LCP has finished with the lower layer.
*/
static void
-lcp_finished(f)
- fsm *f;
+lcp_finished(fsm *f)
{
link_terminated(f->unit);
}
static char *lcp_codenames[] = {
"ConfReq", "ConfAck", "ConfNak", "ConfRej",
"TermReq", "TermAck", "CodeRej", "ProtRej",
- "EchoReq", "EchoRep", "DiscReq"
+ "EchoReq", "EchoRep", "DiscReq", "Ident",
+ "TimeRem"
};
static int
-lcp_printpkt(p, plen, printer, arg)
- u_char *p;
- int plen;
- void (*printer) __P((void *, char *, ...));
- void *arg;
+lcp_printpkt(u_char *p, int plen, void (*printer)(void *, char *, ...), void *arg)
{
- int code, id, len, olen;
+ int code, id, len, olen, i;
u_char *pstart, *optend;
u_short cishort;
u_int32_t cilong;
printer(arg, "chap");
if (p < optend) {
switch (*p) {
- case CHAP_DIGEST_MD5:
+ case CHAP_MD5:
printer(arg, " MD5");
++p;
break;
-#ifdef CHAPMS
case CHAP_MICROSOFT:
- printer(arg, " m$oft");
+ printer(arg, " MS");
+ ++p;
+ break;
+
+ case CHAP_MICROSOFT_V2:
+ printer(arg, " MS-v2");
++p;
break;
-#endif
}
}
break;
+ case PPP_EAP:
+ printer(arg, "eap");
+ break;
default:
printer(arg, "0x%x", cishort);
}
printer(arg, "accomp");
}
break;
+ case CI_MRRU:
+ if (olen == CILEN_SHORT) {
+ p += 2;
+ GETSHORT(cishort, p);
+ printer(arg, "mrru %d", cishort);
+ }
+ break;
+ case CI_SSNHF:
+ if (olen == CILEN_VOID) {
+ p += 2;
+ printer(arg, "ssnhf");
+ }
+ break;
+ case CI_EPDISC:
+#ifdef HAVE_MULTILINK
+ if (olen >= CILEN_CHAR) {
+ struct epdisc epd;
+ p += 2;
+ GETCHAR(epd.class, p);
+ epd.length = olen - CILEN_CHAR;
+ if (epd.length > MAX_ENDP_LEN)
+ epd.length = MAX_ENDP_LEN;
+ if (epd.length > 0) {
+ BCOPY(p, epd.value, epd.length);
+ p += epd.length;
+ }
+ printer(arg, "endpoint [%s]", epdisc_to_str(&epd));
+ }
+#else
+ printer(arg, "endpoint");
+#endif
+ break;
}
while (p < optend) {
GETCHAR(code, p);
case TERMREQ:
if (len > 0 && *p >= ' ' && *p < 0x7f) {
printer(arg, " ");
- print_string(p, len, printer, arg);
+ print_string((char *)p, len, printer, arg);
p += len;
len = 0;
}
if (len >= 4) {
GETLONG(cilong, p);
printer(arg, " magic=0x%x", cilong);
- p += 4;
len -= 4;
}
break;
+
+ case IDENTIF:
+ case TIMEREM:
+ if (len >= 4) {
+ GETLONG(cilong, p);
+ printer(arg, " magic=0x%x", cilong);
+ len -= 4;
+ }
+ if (code == TIMEREM) {
+ if (len < 4)
+ break;
+ GETLONG(cilong, p);
+ printer(arg, " seconds=%u", cilong);
+ len -= 4;
+ }
+ if (len > 0) {
+ printer(arg, " ");
+ print_string((char *)p, len, printer, arg);
+ p += len;
+ len = 0;
+ }
+ break;
}
/* print the rest of the bytes in the packet */
- for (; len > 0; --len) {
+ for (i = 0; i < len && i < 32; ++i) {
GETCHAR(code, p);
printer(arg, " %.2x", code);
}
+ if (i < len) {
+ printer(arg, " ...");
+ p += len - i;
+ }
return p - pstart;
}
*/
static
-void LcpLinkFailure (f)
- fsm *f;
+void LcpLinkFailure (fsm *f)
{
if (f->state == OPENED) {
info("No response to %d echo-requests", lcp_echos_pending);
notice("Serial link appears to be disconnected.");
- lcp_close(f->unit, "Peer not responding");
+ status = EXIT_PEER_DEAD;
+ lcp_close(f->unit, "Peer not responding");
}
}
*/
static void
-LcpEchoCheck (f)
- fsm *f;
+LcpEchoCheck (fsm *f)
{
LcpSendEchoRequest (f);
+ if (f->state != OPENED)
+ return;
/*
* Start the timer for the next interval.
*/
static void
-LcpEchoTimeout (arg)
- void *arg;
+LcpEchoTimeout (void *arg)
{
if (lcp_echo_timer_running != 0) {
lcp_echo_timer_running = 0;
*/
static void
-lcp_received_echo_reply (f, id, inp, len)
- fsm *f;
- int id; u_char *inp; int len;
+lcp_received_echo_reply (fsm *f, int id, u_char *inp, int len)
{
u_int32_t magic;
*/
static void
-LcpSendEchoRequest (f)
- fsm *f;
+LcpSendEchoRequest (fsm *f)
{
u_int32_t lcp_magic;
u_char pkt[4], *pktp;
}
}
+ /*
+ * If adaptive echos have been enabled, only send the echo request if
+ * no traffic was received since the last one.
+ */
+ if (lcp_echo_adaptive) {
+ static unsigned int last_pkts_in = 0;
+ struct pppd_stats cur_stats;
+
+ if (get_ppp_stats(f->unit, &cur_stats) && cur_stats.pkts_in != last_pkts_in) {
+ last_pkts_in = cur_stats.pkts_in;
+ return;
+ }
+ }
+
/*
* Make and send the echo request frame.
*/
*/
static void
-lcp_echo_lowerup (unit)
- int unit;
+lcp_echo_lowerup (int unit)
{
fsm *f = &lcp_fsm[unit];
*/
static void
-lcp_echo_lowerdown (unit)
- int unit;
+lcp_echo_lowerdown (int unit)
{
fsm *f = &lcp_fsm[unit];