X-Git-Url: https://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Fcbcp.c;h=87bf9c002c0c72c3600216936a3edb4fe3519c4d;hb=509f04959ad891d7f981f035ed461d51bd1f74b0;hp=73cbcf02355110341840ee11c6ae35c9260f1b10;hpb=875d9641d05b4fcb7e186f784c801962bb2670e5;p=ppp.git diff --git a/pppd/cbcp.c b/pppd/cbcp.c index 73cbcf0..87bf9c0 100644 --- a/pppd/cbcp.c +++ b/pppd/cbcp.c @@ -1,25 +1,39 @@ /* * cbcp - Call Back Configuration Protocol. * - * Copyright (c) 1995 Pedro Roque Marques - * All rights reserved. + * Copyright (c) 1995 Pedro Roque Marques. All rights reserved. * - * Redistribution and use in source and binary forms are permitted - * provided that the above copyright notice and this paragraph are - * duplicated in all such forms and that any documentation, - * advertising materials, and other materials related to such - * distribution and use acknowledge that the software was developed - * by Pedro Roque Marques. The name of the author may not be used to - * endorse or promote products derived from this software without - * specific prior written permission. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. The names of the authors of this software must not be used to + * endorse or promote products derived from this software without + * prior written permission. + * + * 4. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by Pedro Roque Marques + * " + * + * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO + * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN + * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING + * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef lint -static const char rcsid[] = "$Id: cbcp.c,v 1.9 1999/08/12 04:25:19 paulus Exp $"; +#ifdef HAVE_CONFIG_H +#include "config.h" #endif #include @@ -32,28 +46,29 @@ static const char rcsid[] = "$Id: cbcp.c,v 1.9 1999/08/12 04:25:19 paulus Exp $" #include "fsm.h" #include "lcp.h" + /* * Options. */ -static int setcbcp __P((char **)); +static int setcbcp (char **); static option_t cbcp_option_list[] = { - { "callback", o_special, setcbcp, - "Ask for callback" }, + { "callback", o_special, (void *)setcbcp, + "Ask for callback", OPT_PRIO | OPT_A2STRVAL, &cbcp[0].us_number }, { NULL } }; /* * Protocol entry points. */ -static void cbcp_init __P((int unit)); -static void cbcp_open __P((int unit)); -static void cbcp_lowerup __P((int unit)); -static void cbcp_input __P((int unit, u_char *pkt, int len)); -static void cbcp_protrej __P((int unit)); -static int cbcp_printpkt __P((u_char *pkt, int len, - void (*printer) __P((void *, char *, ...)), - void *arg)); +static void cbcp_init (int unit); +static void cbcp_open (int unit); +static void cbcp_lowerup (int unit); +static void cbcp_input (int unit, u_char *pkt, int len); +static void cbcp_protrej (int unit); +static int cbcp_printpkt (u_char *pkt, int len, + void (*printer)(void *, char *, ...), + void *arg); struct protent cbcp_protent = { PPP_CBCP, @@ -79,16 +94,15 @@ cbcp_state cbcp[NUM_PPP]; /* internal prototypes */ -static void cbcp_recvreq __P((cbcp_state *us, char *pckt, int len)); -static void cbcp_resp __P((cbcp_state *us)); -static void cbcp_up __P((cbcp_state *us)); -static void cbcp_recvack __P((cbcp_state *us, char *pckt, int len)); -static void cbcp_send __P((cbcp_state *us, u_char code, u_char *buf, int len)); +static void cbcp_recvreq (cbcp_state *us, u_char *pckt, int len); +static void cbcp_resp (cbcp_state *us); +static void cbcp_up (cbcp_state *us); +static void cbcp_recvack (cbcp_state *us, u_char *pckt, int len); +static void cbcp_send (cbcp_state *us, int code, u_char *buf, int len); /* option processing */ static int -setcbcp(argv) - char **argv; +setcbcp(char **argv) { lcp_wantoptions[0].neg_cbcp = 1; cbcp_protent.enabled_flag = 1; @@ -102,8 +116,7 @@ setcbcp(argv) /* init state */ static void -cbcp_init(iface) - int iface; +cbcp_init(int iface) { cbcp_state *us; @@ -115,8 +128,7 @@ cbcp_init(iface) /* lower layer is up */ static void -cbcp_lowerup(iface) - int iface; +cbcp_lowerup(int iface) { cbcp_state *us = &cbcp[iface]; @@ -128,18 +140,14 @@ cbcp_lowerup(iface) } static void -cbcp_open(unit) - int unit; +cbcp_open(int unit) { dbglog("cbcp_open"); } /* process an incomming packet */ static void -cbcp_input(unit, inpacket, pktlen) - int unit; - u_char *inpacket; - int pktlen; +cbcp_input(int unit, u_char *inpacket, int pktlen) { u_char *inp; u_char code, id; @@ -150,7 +158,8 @@ cbcp_input(unit, inpacket, pktlen) inp = inpacket; if (pktlen < CBCP_MINLEN) { - error("CBCP packet is too small"); + if (debug) + dbglog("CBCP packet is too small"); return; } @@ -158,12 +167,11 @@ cbcp_input(unit, inpacket, pktlen) GETCHAR(id, inp); GETSHORT(len, inp); -#if 0 - if (len > pktlen) { - error("CBCP packet: invalid length"); + if (len > pktlen || len < CBCP_MINLEN) { + if (debug) + dbglog("CBCP packet: invalid length %d", len); return; } -#endif len -= CBCP_MINLEN; @@ -174,11 +182,12 @@ cbcp_input(unit, inpacket, pktlen) break; case CBCP_RESP: - dbglog("CBCP_RESP received"); + if (debug) + dbglog("CBCP_RESP received"); break; case CBCP_ACK: - if (id != us->us_id) + if (debug && id != us->us_id) dbglog("id doesn't match: expected %d recv %d", us->us_id, id); @@ -208,11 +217,8 @@ char *cbcp_optionnames[] = { /* pretty print a packet */ static int -cbcp_printpkt(p, plen, printer, arg) - u_char *p; - int plen; - void (*printer) __P((void *, char *, ...)); - void *arg; +cbcp_printpkt(u_char *p, int plen, + void (*printer) (void *, char *, ...), void *arg) { int code, opt, id, len, olen, delay; u_char *pstart; @@ -269,8 +275,8 @@ cbcp_printpkt(p, plen, printer, arg) printer(arg, " number = %s", str); } printer(arg, ">"); - break; } + break; default: break; @@ -286,10 +292,7 @@ cbcp_printpkt(p, plen, printer, arg) /* received CBCP request */ static void -cbcp_recvreq(us, pckt, pcktlen) - cbcp_state *us; - char *pckt; - int pcktlen; +cbcp_recvreq(cbcp_state *us, u_char *pckt, int pcktlen) { u_char type, opt_len, delay, addr_type; char address[256]; @@ -297,11 +300,13 @@ cbcp_recvreq(us, pckt, pcktlen) address[0] = 0; - while (len) { + while (len >= 2) { dbglog("length: %d", len); GETCHAR(type, pckt); GETCHAR(opt_len, pckt); + if (opt_len < 2 || opt_len > len) + break; if (opt_len > 2) GETCHAR(delay, pckt); @@ -333,18 +338,23 @@ cbcp_recvreq(us, pckt, pcktlen) } len -= opt_len; } + if (len != 0) { + if (debug) + dbglog("cbcp_recvreq: malformed packet (%d bytes left)", len); + return; + } cbcp_resp(us); } static void -cbcp_resp(us) - cbcp_state *us; +cbcp_resp(cbcp_state *us) { u_char cb_type; u_char buf[256]; u_char *bufp = buf; int len = 0; + int slen; cb_type = us->us_allowed & us->us_type; dbglog("cbcp_resp cb_type=%d", cb_type); @@ -356,12 +366,17 @@ cbcp_resp(us) if (cb_type & ( 1 << CB_CONF_USER ) ) { dbglog("cbcp_resp CONF_USER"); + slen = strlen(us->us_number); + if (slen > 250) { + warn("callback number truncated to 250 characters"); + slen = 250; + } PUTCHAR(CB_CONF_USER, bufp); - len = 3 + 1 + strlen(us->us_number) + 1; + len = 3 + 1 + slen + 1; PUTCHAR(len , bufp); PUTCHAR(5, bufp); /* delay */ PUTCHAR(1, bufp); - BCOPY(us->us_number, bufp, strlen(us->us_number) + 1); + BCOPY(us->us_number, bufp, slen + 1); cbcp_send(us, CBCP_RESP, buf, len); return; } @@ -379,21 +394,16 @@ cbcp_resp(us) if (cb_type & ( 1 << CB_CONF_NO ) ) { dbglog("cbcp_resp CONF_NO"); PUTCHAR(CB_CONF_NO, bufp); - len = 3; + len = 2; PUTCHAR(len , bufp); - PUTCHAR(0, bufp); cbcp_send(us, CBCP_RESP, buf, len); - start_networks(); + start_networks(us->us_unit); return; } } static void -cbcp_send(us, code, buf, len) - cbcp_state *us; - u_char code; - u_char *buf; - int len; +cbcp_send(cbcp_state *us, int code, u_char *buf, int len) { u_char *outp; int outlen; @@ -415,42 +425,42 @@ cbcp_send(us, code, buf, len) } static void -cbcp_recvack(us, pckt, len) - cbcp_state *us; - char *pckt; - int len; +cbcp_recvack(cbcp_state *us, u_char *pckt, int len) { u_char type, delay, addr_type; int opt_len; char address[256]; - if (len) { + if (len >= 2) { GETCHAR(type, pckt); GETCHAR(opt_len, pckt); + if (opt_len >= 2 && opt_len <= len) { - if (opt_len > 2) - GETCHAR(delay, pckt); + if (opt_len > 2) + GETCHAR(delay, pckt); - if (opt_len > 4) { - GETCHAR(addr_type, pckt); - memcpy(address, pckt, opt_len - 4); - address[opt_len - 4] = 0; - if (address[0]) - dbglog("peer will call: %s", address); - } - if (type == CB_CONF_NO) - return; - } + if (opt_len > 4) { + GETCHAR(addr_type, pckt); + memcpy(address, pckt, opt_len - 4); + address[opt_len - 4] = 0; + if (address[0]) + dbglog("peer will call: %s", address); + } + if (type == CB_CONF_NO) + return; + + cbcp_up(us); - cbcp_up(us); + } else if (debug) + dbglog("cbcp_recvack: malformed packet"); + } } /* ok peer will do callback */ static void -cbcp_up(us) - cbcp_state *us; +cbcp_up(cbcp_state *us) { persist = 0; - lcp_close(0, "Call me back, please"); status = EXIT_CALLBACK; + lcp_close(0, "Call me back, please"); }