2 * ipcp.c - PPP IP Control Protocol.
4 * Copyright (c) 1984-2000 Carnegie Mellon University. All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
18 * 3. The name "Carnegie Mellon University" must not be used to
19 * endorse or promote products derived from this software without
20 * prior written permission. For permission or any legal
21 * details, please contact
22 * Office of Technology Transfer
23 * Carnegie Mellon University
25 * Pittsburgh, PA 15213-3890
26 * (412) 268-4387, fax: (412) 268-7395
27 * tech-transfer@andrew.cmu.edu
29 * 4. Redistributions of any form whatsoever must retain the following
31 * "This product includes software developed by Computing Services
32 * at Carnegie Mellon University (http://www.cmu.edu/computing/)."
34 * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
35 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
36 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
37 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
38 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
39 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
40 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
43 #define RCSID "$Id: ipcp.c,v 1.73 2008/05/26 08:33:22 paulus Exp $"
53 #include <sys/param.h>
54 #include <sys/types.h>
55 #include <sys/socket.h>
56 #include <netinet/in.h>
57 #include <arpa/inet.h>
63 #include "pathnames.h"
65 static const char rcsid[] = RCSID;
68 ipcp_options ipcp_wantoptions[NUM_PPP]; /* Options that we want to request */
69 ipcp_options ipcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */
70 ipcp_options ipcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */
71 ipcp_options ipcp_hisoptions[NUM_PPP]; /* Options that we ack'd */
73 u_int32_t netmask = 0; /* IP netmask to set on interface */
75 bool disable_defaultip = 0; /* Don't use hostname for default IP adrs */
76 bool noremoteip = 0; /* Let him have no IP address */
78 /* Hook for a plugin to know when IP protocol has come up */
79 void (*ip_up_hook) __P((void)) = NULL;
81 /* Hook for a plugin to know when IP protocol has come down */
82 void (*ip_down_hook) __P((void)) = NULL;
84 /* Hook for a plugin to choose the remote IP address */
85 void (*ip_choose_hook) __P((u_int32_t *)) = NULL;
87 /* Notifiers for when IPCP goes up and down */
88 struct notifier *ip_up_notifier = NULL;
89 struct notifier *ip_down_notifier = NULL;
92 static int default_route_set[NUM_PPP]; /* Have set up a default route */
93 static int proxy_arp_set[NUM_PPP]; /* Have created proxy arp entry */
94 static bool usepeerdns; /* Ask peer for DNS addrs */
95 static int ipcp_is_up; /* have called np_up() */
96 static int ipcp_is_open; /* haven't called np_finished() */
97 static bool ask_for_local; /* request our address from peer */
98 static char vj_value[8]; /* string form of vj option value */
99 static char netmask_str[20]; /* string form of netmask value */
102 * Callbacks for fsm code. (CI = Configuration Information)
104 static void ipcp_resetci __P((fsm *)); /* Reset our CI */
105 static int ipcp_cilen __P((fsm *)); /* Return length of our CI */
106 static void ipcp_addci __P((fsm *, u_char *, int *)); /* Add our CI */
107 static int ipcp_ackci __P((fsm *, u_char *, int)); /* Peer ack'd our CI */
108 static int ipcp_nakci __P((fsm *, u_char *, int, int));/* Peer nak'd our CI */
109 static int ipcp_rejci __P((fsm *, u_char *, int)); /* Peer rej'd our CI */
110 static int ipcp_reqci __P((fsm *, u_char *, int *, int)); /* Rcv CI */
111 static void ipcp_up __P((fsm *)); /* We're UP */
112 static void ipcp_down __P((fsm *)); /* We're DOWN */
113 static void ipcp_finished __P((fsm *)); /* Don't need lower layer */
115 fsm ipcp_fsm[NUM_PPP]; /* IPCP fsm structure */
117 static fsm_callbacks ipcp_callbacks = { /* IPCP callback routines */
118 ipcp_resetci, /* Reset our Configuration Information */
119 ipcp_cilen, /* Length of our Configuration Information */
120 ipcp_addci, /* Add our Configuration Information */
121 ipcp_ackci, /* ACK our Configuration Information */
122 ipcp_nakci, /* NAK our Configuration Information */
123 ipcp_rejci, /* Reject our Configuration Information */
124 ipcp_reqci, /* Request peer's Configuration Information */
125 ipcp_up, /* Called when fsm reaches OPENED state */
126 ipcp_down, /* Called when fsm leaves OPENED state */
127 NULL, /* Called when we want the lower layer up */
128 ipcp_finished, /* Called when we want the lower layer down */
129 NULL, /* Called when Protocol-Reject received */
130 NULL, /* Retransmission is necessary */
131 NULL, /* Called to handle protocol-specific codes */
132 "IPCP" /* String name of protocol */
136 * Command-line options.
138 static int setvjslots __P((char **));
139 static int setdnsaddr __P((char **));
140 static int setwinsaddr __P((char **));
141 static int setnetmask __P((char **));
142 int setipaddr __P((char *, char **, int));
143 static void printipaddr __P((option_t *, void (*)(void *, char *,...),void *));
145 static option_t ipcp_option_list[] = {
146 { "noip", o_bool, &ipcp_protent.enabled_flag,
147 "Disable IP and IPCP" },
148 { "-ip", o_bool, &ipcp_protent.enabled_flag,
149 "Disable IP and IPCP", OPT_ALIAS },
151 { "novj", o_bool, &ipcp_wantoptions[0].neg_vj,
152 "Disable VJ compression", OPT_A2CLR, &ipcp_allowoptions[0].neg_vj },
153 { "-vj", o_bool, &ipcp_wantoptions[0].neg_vj,
154 "Disable VJ compression", OPT_ALIAS | OPT_A2CLR,
155 &ipcp_allowoptions[0].neg_vj },
157 { "novjccomp", o_bool, &ipcp_wantoptions[0].cflag,
158 "Disable VJ connection-ID compression", OPT_A2CLR,
159 &ipcp_allowoptions[0].cflag },
160 { "-vjccomp", o_bool, &ipcp_wantoptions[0].cflag,
161 "Disable VJ connection-ID compression", OPT_ALIAS | OPT_A2CLR,
162 &ipcp_allowoptions[0].cflag },
164 { "vj-max-slots", o_special, (void *)setvjslots,
165 "Set maximum VJ header slots",
166 OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, vj_value },
168 { "ipcp-accept-local", o_bool, &ipcp_wantoptions[0].accept_local,
169 "Accept peer's address for us", 1 },
170 { "ipcp-accept-remote", o_bool, &ipcp_wantoptions[0].accept_remote,
171 "Accept peer's address for it", 1 },
173 { "ipparam", o_string, &ipparam,
174 "Set ip script parameter", OPT_PRIO },
176 { "noipdefault", o_bool, &disable_defaultip,
177 "Don't use name for default IP adrs", 1 },
179 { "ms-dns", 1, (void *)setdnsaddr,
180 "DNS address for the peer's use" },
181 { "ms-wins", 1, (void *)setwinsaddr,
182 "Nameserver for SMB over TCP/IP for peer" },
184 { "ipcp-restart", o_int, &ipcp_fsm[0].timeouttime,
185 "Set timeout for IPCP", OPT_PRIO },
186 { "ipcp-max-terminate", o_int, &ipcp_fsm[0].maxtermtransmits,
187 "Set max #xmits for term-reqs", OPT_PRIO },
188 { "ipcp-max-configure", o_int, &ipcp_fsm[0].maxconfreqtransmits,
189 "Set max #xmits for conf-reqs", OPT_PRIO },
190 { "ipcp-max-failure", o_int, &ipcp_fsm[0].maxnakloops,
191 "Set max #conf-naks for IPCP", OPT_PRIO },
193 { "defaultroute", o_bool, &ipcp_wantoptions[0].default_route,
194 "Add default route", OPT_ENABLE|1, &ipcp_allowoptions[0].default_route },
195 { "nodefaultroute", o_bool, &ipcp_allowoptions[0].default_route,
196 "disable defaultroute option", OPT_A2CLR,
197 &ipcp_wantoptions[0].default_route },
198 { "-defaultroute", o_bool, &ipcp_allowoptions[0].default_route,
199 "disable defaultroute option", OPT_ALIAS | OPT_A2CLR,
200 &ipcp_wantoptions[0].default_route },
202 { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp,
203 "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp },
204 { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp,
205 "disable proxyarp option", OPT_A2CLR,
206 &ipcp_wantoptions[0].proxy_arp },
207 { "-proxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp,
208 "disable proxyarp option", OPT_ALIAS | OPT_A2CLR,
209 &ipcp_wantoptions[0].proxy_arp },
211 { "usepeerdns", o_bool, &usepeerdns,
212 "Ask peer for DNS address(es)", 1 },
214 { "netmask", o_special, (void *)setnetmask,
215 "set netmask", OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, netmask_str },
217 { "ipcp-no-addresses", o_bool, &ipcp_wantoptions[0].old_addrs,
218 "Disable old-style IP-Addresses usage", OPT_A2CLR,
219 &ipcp_allowoptions[0].old_addrs },
220 { "ipcp-no-address", o_bool, &ipcp_wantoptions[0].neg_addr,
221 "Disable IP-Address usage", OPT_A2CLR,
222 &ipcp_allowoptions[0].neg_addr },
224 { "noremoteip", o_bool, &noremoteip,
225 "Allow peer to have no IP address", 1 },
227 { "nosendip", o_bool, &ipcp_wantoptions[0].neg_addr,
228 "Don't send our IP address to peer", OPT_A2CLR,
229 &ipcp_wantoptions[0].old_addrs},
231 { "IP addresses", o_wild, (void *) &setipaddr,
232 "set local and remote IP addresses",
233 OPT_NOARG | OPT_A2PRINTER, (void *) &printipaddr },
239 * Protocol entry points from main code.
241 static void ipcp_init __P((int));
242 static void ipcp_open __P((int));
243 static void ipcp_close __P((int, char *));
244 static void ipcp_lowerup __P((int));
245 static void ipcp_lowerdown __P((int));
246 static void ipcp_input __P((int, u_char *, int));
247 static void ipcp_protrej __P((int));
248 static int ipcp_printpkt __P((u_char *, int,
249 void (*) __P((void *, char *, ...)), void *));
250 static void ip_check_options __P((void));
251 static int ip_demand_conf __P((int));
252 static int ip_active_pkt __P((u_char *, int));
253 static void create_resolv __P((u_int32_t, u_int32_t));
255 struct protent ipcp_protent = {
275 static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t));
276 static void ipcp_script __P((char *, int)); /* Run an up/down script */
277 static void ipcp_script_done __P((void *));
280 * Lengths of configuration options.
283 #define CILEN_COMPRESS 4 /* min length for compression protocol opt. */
284 #define CILEN_VJ 6 /* length for RFC1332 Van-Jacobson opt. */
285 #define CILEN_ADDR 6 /* new-style single address option */
286 #define CILEN_ADDRS 10 /* old-style dual address option */
289 #define CODENAME(x) ((x) == CONFACK ? "ACK" : \
290 (x) == CONFNAK ? "NAK" : "REJ")
293 * This state variable is used to ensure that we don't
294 * run an ipcp-up/down script while one is already running.
296 static enum script_state {
300 static pid_t ipcp_script_pid;
303 * Make a string representation of a network IP address.
311 slprintf(b, sizeof(b), "%I", ipaddr);
320 * setvjslots - set maximum number of connection slots for VJ compression
328 if (!int_option(*argv, &value))
330 if (value < 2 || value > 16) {
331 option_error("vj-max-slots value must be between 2 and 16");
334 ipcp_wantoptions [0].maxslotindex =
335 ipcp_allowoptions[0].maxslotindex = value - 1;
336 slprintf(vj_value, sizeof(vj_value), "%d", value);
341 * setdnsaddr - set the dns address(es)
350 dns = inet_addr(*argv);
351 if (dns == (u_int32_t) -1) {
352 if ((hp = gethostbyname(*argv)) == NULL) {
353 option_error("invalid address parameter '%s' for ms-dns option",
357 dns = *(u_int32_t *)hp->h_addr;
360 /* We take the last 2 values given, the 2nd-last as the primary
361 and the last as the secondary. If only one is given it
362 becomes both primary and secondary. */
363 if (ipcp_allowoptions[0].dnsaddr[1] == 0)
364 ipcp_allowoptions[0].dnsaddr[0] = dns;
366 ipcp_allowoptions[0].dnsaddr[0] = ipcp_allowoptions[0].dnsaddr[1];
368 /* always set the secondary address value. */
369 ipcp_allowoptions[0].dnsaddr[1] = dns;
375 * setwinsaddr - set the wins address(es)
376 * This is primrarly used with the Samba package under UNIX or for pointing
377 * the caller to the existing WINS server on a Windows NT platform.
386 wins = inet_addr(*argv);
387 if (wins == (u_int32_t) -1) {
388 if ((hp = gethostbyname(*argv)) == NULL) {
389 option_error("invalid address parameter '%s' for ms-wins option",
393 wins = *(u_int32_t *)hp->h_addr;
396 /* We take the last 2 values given, the 2nd-last as the primary
397 and the last as the secondary. If only one is given it
398 becomes both primary and secondary. */
399 if (ipcp_allowoptions[0].winsaddr[1] == 0)
400 ipcp_allowoptions[0].winsaddr[0] = wins;
402 ipcp_allowoptions[0].winsaddr[0] = ipcp_allowoptions[0].winsaddr[1];
404 /* always set the secondary address value. */
405 ipcp_allowoptions[0].winsaddr[1] = wins;
411 * setipaddr - Set the IP address
412 * If doit is 0, the call is to check whether this option is
413 * potentially an IP address specification.
414 * Not static so that plugins can call it to set the addresses
417 setipaddr(arg, argv, doit)
424 u_int32_t local, remote;
425 ipcp_options *wo = &ipcp_wantoptions[0];
426 static int prio_local = 0, prio_remote = 0;
429 * IP address pair separated by ":".
431 if ((colon = strchr(arg, ':')) == NULL)
437 * If colon first character, then no local addr.
439 if (colon != arg && option_priority >= prio_local) {
441 if ((local = inet_addr(arg)) == (u_int32_t) -1) {
442 if ((hp = gethostbyname(arg)) == NULL) {
443 option_error("unknown host: %s", arg);
446 local = *(u_int32_t *)hp->h_addr;
448 if (bad_ip_adrs(local)) {
449 option_error("bad local IP address %s", ip_ntoa(local));
455 prio_local = option_priority;
459 * If colon last character, then no remote addr.
461 if (*++colon != '\0' && option_priority >= prio_remote) {
462 if ((remote = inet_addr(colon)) == (u_int32_t) -1) {
463 if ((hp = gethostbyname(colon)) == NULL) {
464 option_error("unknown host: %s", colon);
467 remote = *(u_int32_t *)hp->h_addr;
468 if (remote_name[0] == 0)
469 strlcpy(remote_name, colon, sizeof(remote_name));
471 if (bad_ip_adrs(remote)) {
472 option_error("bad remote IP address %s", ip_ntoa(remote));
476 wo->hisaddr = remote;
477 prio_remote = option_priority;
484 printipaddr(opt, printer, arg)
486 void (*printer) __P((void *, char *, ...));
489 ipcp_options *wo = &ipcp_wantoptions[0];
491 if (wo->ouraddr != 0)
492 printer(arg, "%I", wo->ouraddr);
494 if (wo->hisaddr != 0)
495 printer(arg, "%I", wo->hisaddr);
499 * setnetmask - set the netmask to be used on the interface.
510 * Unfortunately, if we use inet_addr, we can't tell whether
511 * a result of all 1s is an error or a valid 255.255.255.255.
514 n = parse_dotted_ip(p, &mask);
518 if (n == 0 || p[n] != 0 || (netmask & ~mask) != 0) {
519 option_error("invalid netmask value '%s'", *argv);
524 slprintf(netmask_str, sizeof(netmask_str), "%I", mask);
530 parse_dotted_ip(p, vp)
540 b = strtoul(p, &endp, 0);
546 /* accept e.g. 0xffffff00 */
564 * ipcp_init - Initialize IPCP.
570 fsm *f = &ipcp_fsm[unit];
571 ipcp_options *wo = &ipcp_wantoptions[unit];
572 ipcp_options *ao = &ipcp_allowoptions[unit];
575 f->protocol = PPP_IPCP;
576 f->callbacks = &ipcp_callbacks;
577 fsm_init(&ipcp_fsm[unit]);
580 * Some 3G modems use repeated IPCP NAKs as a way of stalling
581 * until they can contact a server on the network, so we increase
582 * the default number of NAKs we accept before we start treating
585 f->maxnakloops = 100;
587 memset(wo, 0, sizeof(*wo));
588 memset(ao, 0, sizeof(*ao));
590 wo->neg_addr = wo->old_addrs = 1;
592 wo->vj_protocol = IPCP_VJ_COMP;
593 wo->maxslotindex = MAX_STATES - 1; /* really max index */
597 /* max slots and slot-id compression are currently hardwired in */
598 /* ppp_if.c to 16 and 1, this needs to be changed (among other */
601 ao->neg_addr = ao->old_addrs = 1;
603 ao->maxslotindex = MAX_STATES - 1;
607 * XXX These control whether the user may use the proxyarp
608 * and defaultroute options.
611 ao->default_route = 1;
616 * ipcp_open - IPCP is allowed to come up.
622 fsm_open(&ipcp_fsm[unit]);
628 * ipcp_close - Take IPCP down.
631 ipcp_close(unit, reason)
635 fsm_close(&ipcp_fsm[unit], reason);
640 * ipcp_lowerup - The lower layer is up.
646 fsm_lowerup(&ipcp_fsm[unit]);
651 * ipcp_lowerdown - The lower layer is down.
657 fsm_lowerdown(&ipcp_fsm[unit]);
662 * ipcp_input - Input IPCP packet.
665 ipcp_input(unit, p, len)
670 fsm_input(&ipcp_fsm[unit], p, len);
675 * ipcp_protrej - A Protocol-Reject was received for IPCP.
677 * Pretend the lower layer went down, so we shut up.
683 fsm_lowerdown(&ipcp_fsm[unit]);
688 * ipcp_resetci - Reset our CI.
689 * Called by fsm_sconfreq, Send Configure Request.
695 ipcp_options *wo = &ipcp_wantoptions[f->unit];
696 ipcp_options *go = &ipcp_gotoptions[f->unit];
697 ipcp_options *ao = &ipcp_allowoptions[f->unit];
699 wo->req_addr = (wo->neg_addr || wo->old_addrs) &&
700 (ao->neg_addr || ao->old_addrs);
701 if (wo->ouraddr == 0)
702 wo->accept_local = 1;
703 if (wo->hisaddr == 0)
704 wo->accept_remote = 1;
705 wo->req_dns1 = usepeerdns; /* Request DNS addresses from the peer */
706 wo->req_dns2 = usepeerdns;
710 if (ip_choose_hook) {
711 ip_choose_hook(&wo->hisaddr);
713 wo->accept_remote = 0;
716 BZERO(&ipcp_hisoptions[f->unit], sizeof(ipcp_options));
721 * ipcp_cilen - Return length of our CI.
722 * Called by fsm_sconfreq, Send Configure Request.
728 ipcp_options *go = &ipcp_gotoptions[f->unit];
729 ipcp_options *wo = &ipcp_wantoptions[f->unit];
730 ipcp_options *ho = &ipcp_hisoptions[f->unit];
732 #define LENCIADDRS(neg) (neg ? CILEN_ADDRS : 0)
733 #define LENCIVJ(neg, old) (neg ? (old? CILEN_COMPRESS : CILEN_VJ) : 0)
734 #define LENCIADDR(neg) (neg ? CILEN_ADDR : 0)
735 #define LENCIDNS(neg) LENCIADDR(neg)
736 #define LENCIWINS(neg) LENCIADDR(neg)
739 * First see if we want to change our options to the old
740 * forms because we have received old forms from the peer.
742 if (go->neg_addr && go->old_addrs && !ho->neg_addr && ho->old_addrs)
744 if (wo->neg_vj && !go->neg_vj && !go->old_vj) {
745 /* try an older style of VJ negotiation */
746 /* use the old style only if the peer did */
747 if (ho->neg_vj && ho->old_vj) {
750 go->vj_protocol = ho->vj_protocol;
754 return (LENCIADDRS(!go->neg_addr && go->old_addrs) +
755 LENCIVJ(go->neg_vj, go->old_vj) +
756 LENCIADDR(go->neg_addr) +
757 LENCIDNS(go->req_dns1) +
758 LENCIDNS(go->req_dns2) +
759 LENCIWINS(go->winsaddr[0]) +
760 LENCIWINS(go->winsaddr[1])) ;
765 * ipcp_addci - Add our desired CIs to a packet.
766 * Called by fsm_sconfreq, Send Configure Request.
769 ipcp_addci(f, ucp, lenp)
774 ipcp_options *go = &ipcp_gotoptions[f->unit];
777 #define ADDCIADDRS(opt, neg, val1, val2) \
779 if (len >= CILEN_ADDRS) { \
782 PUTCHAR(CILEN_ADDRS, ucp); \
787 len -= CILEN_ADDRS; \
792 #define ADDCIVJ(opt, neg, val, old, maxslotindex, cflag) \
794 int vjlen = old? CILEN_COMPRESS : CILEN_VJ; \
795 if (len >= vjlen) { \
797 PUTCHAR(vjlen, ucp); \
798 PUTSHORT(val, ucp); \
800 PUTCHAR(maxslotindex, ucp); \
801 PUTCHAR(cflag, ucp); \
808 #define ADDCIADDR(opt, neg, val) \
810 if (len >= CILEN_ADDR) { \
813 PUTCHAR(CILEN_ADDR, ucp); \
821 #define ADDCIDNS(opt, neg, addr) \
823 if (len >= CILEN_ADDR) { \
826 PUTCHAR(CILEN_ADDR, ucp); \
834 #define ADDCIWINS(opt, addr) \
836 if (len >= CILEN_ADDR) { \
839 PUTCHAR(CILEN_ADDR, ucp); \
847 ADDCIADDRS(CI_ADDRS, !go->neg_addr && go->old_addrs, go->ouraddr,
850 ADDCIVJ(CI_COMPRESSTYPE, go->neg_vj, go->vj_protocol, go->old_vj,
851 go->maxslotindex, go->cflag);
853 ADDCIADDR(CI_ADDR, go->neg_addr, go->ouraddr);
855 ADDCIDNS(CI_MS_DNS1, go->req_dns1, go->dnsaddr[0]);
857 ADDCIDNS(CI_MS_DNS2, go->req_dns2, go->dnsaddr[1]);
859 ADDCIWINS(CI_MS_WINS1, go->winsaddr[0]);
861 ADDCIWINS(CI_MS_WINS2, go->winsaddr[1]);
868 * ipcp_ackci - Ack our CIs.
869 * Called by fsm_rconfack, Receive Configure ACK.
876 ipcp_ackci(f, p, len)
881 ipcp_options *go = &ipcp_gotoptions[f->unit];
882 u_short cilen, citype, cishort;
884 u_char cimaxslotindex, cicflag;
887 * CIs must be in exactly the same order that we sent...
888 * Check packet length and CI length at each step.
889 * If we find any deviations, then this packet is bad.
892 #define ACKCIADDRS(opt, neg, val1, val2) \
895 if ((len -= CILEN_ADDRS) < 0) \
897 GETCHAR(citype, p); \
899 if (cilen != CILEN_ADDRS || \
904 if (val1 != cilong) \
908 if (val2 != cilong) \
912 #define ACKCIVJ(opt, neg, val, old, maxslotindex, cflag) \
914 int vjlen = old? CILEN_COMPRESS : CILEN_VJ; \
915 if ((len -= vjlen) < 0) \
917 GETCHAR(citype, p); \
919 if (cilen != vjlen || \
922 GETSHORT(cishort, p); \
923 if (cishort != val) \
926 GETCHAR(cimaxslotindex, p); \
927 if (cimaxslotindex != maxslotindex) \
929 GETCHAR(cicflag, p); \
930 if (cicflag != cflag) \
935 #define ACKCIADDR(opt, neg, val) \
938 if ((len -= CILEN_ADDR) < 0) \
940 GETCHAR(citype, p); \
942 if (cilen != CILEN_ADDR || \
951 #define ACKCIDNS(opt, neg, addr) \
954 if ((len -= CILEN_ADDR) < 0) \
956 GETCHAR(citype, p); \
958 if (cilen != CILEN_ADDR || citype != opt) \
962 if (addr != cilong) \
966 #define ACKCIWINS(opt, addr) \
969 if ((len -= CILEN_ADDR) < 0) \
971 GETCHAR(citype, p); \
973 if (cilen != CILEN_ADDR || citype != opt) \
977 if (addr != cilong) \
981 ACKCIADDRS(CI_ADDRS, !go->neg_addr && go->old_addrs, go->ouraddr,
984 ACKCIVJ(CI_COMPRESSTYPE, go->neg_vj, go->vj_protocol, go->old_vj,
985 go->maxslotindex, go->cflag);
987 ACKCIADDR(CI_ADDR, go->neg_addr, go->ouraddr);
989 ACKCIDNS(CI_MS_DNS1, go->req_dns1, go->dnsaddr[0]);
991 ACKCIDNS(CI_MS_DNS2, go->req_dns2, go->dnsaddr[1]);
993 ACKCIWINS(CI_MS_WINS1, go->winsaddr[0]);
995 ACKCIWINS(CI_MS_WINS2, go->winsaddr[1]);
998 * If there are any remaining CIs, then this packet is bad.
1005 IPCPDEBUG(("ipcp_ackci: received bad Ack!"));
1010 * ipcp_nakci - Peer has sent a NAK for some of our CIs.
1011 * This should not modify any state if the Nak is bad
1012 * or if IPCP is in the OPENED state.
1013 * Calback from fsm_rconfnakrej - Receive Configure-Nak or Configure-Reject.
1020 ipcp_nakci(f, p, len, treat_as_reject)
1024 int treat_as_reject;
1026 ipcp_options *go = &ipcp_gotoptions[f->unit];
1027 u_char cimaxslotindex, cicflag;
1028 u_char citype, cilen, *next;
1030 u_int32_t ciaddr1, ciaddr2, l, cidnsaddr;
1031 ipcp_options no; /* options we've seen Naks for */
1032 ipcp_options try; /* options to request next time */
1034 BZERO(&no, sizeof(no));
1038 * Any Nak'd CIs must be in exactly the same order that we sent.
1039 * Check packet length and CI length at each step.
1040 * If we find any deviations, then this packet is bad.
1042 #define NAKCIADDRS(opt, neg, code) \
1044 (cilen = p[1]) == CILEN_ADDRS && \
1050 ciaddr1 = htonl(l); \
1052 ciaddr2 = htonl(l); \
1057 #define NAKCIVJ(opt, neg, code) \
1059 ((cilen = p[1]) == CILEN_COMPRESS || cilen == CILEN_VJ) && \
1064 GETSHORT(cishort, p); \
1069 #define NAKCIADDR(opt, neg, code) \
1071 (cilen = p[1]) == CILEN_ADDR && \
1077 ciaddr1 = htonl(l); \
1082 #define NAKCIDNS(opt, neg, code) \
1084 ((cilen = p[1]) == CILEN_ADDR) && \
1090 cidnsaddr = htonl(l); \
1096 * Accept the peer's idea of {our,his} address, if different
1097 * from our idea, only if the accept_{local,remote} flag is set.
1099 NAKCIADDRS(CI_ADDRS, !go->neg_addr && go->old_addrs,
1100 if (treat_as_reject) {
1103 if (go->accept_local && ciaddr1) {
1104 /* take his idea of our address */
1105 try.ouraddr = ciaddr1;
1107 if (go->accept_remote && ciaddr2) {
1108 /* take his idea of his address */
1109 try.hisaddr = ciaddr2;
1115 * Accept the peer's value of maxslotindex provided that it
1116 * is less than what we asked for. Turn off slot-ID compression
1117 * if the peer wants. Send old-style compress-type option if
1120 NAKCIVJ(CI_COMPRESSTYPE, neg_vj,
1121 if (treat_as_reject) {
1123 } else if (cilen == CILEN_VJ) {
1124 GETCHAR(cimaxslotindex, p);
1125 GETCHAR(cicflag, p);
1126 if (cishort == IPCP_VJ_COMP) {
1128 if (cimaxslotindex < go->maxslotindex)
1129 try.maxslotindex = cimaxslotindex;
1136 if (cishort == IPCP_VJ_COMP || cishort == IPCP_VJ_COMP_OLD) {
1138 try.vj_protocol = cishort;
1145 NAKCIADDR(CI_ADDR, neg_addr,
1146 if (treat_as_reject) {
1149 } else if (go->accept_local && ciaddr1) {
1150 /* take his idea of our address */
1151 try.ouraddr = ciaddr1;
1155 NAKCIDNS(CI_MS_DNS1, req_dns1,
1156 if (treat_as_reject) {
1159 try.dnsaddr[0] = cidnsaddr;
1163 NAKCIDNS(CI_MS_DNS2, req_dns2,
1164 if (treat_as_reject) {
1167 try.dnsaddr[1] = cidnsaddr;
1172 * There may be remaining CIs, if the peer is requesting negotiation
1173 * on an option that we didn't include in our request packet.
1174 * If they want to negotiate about IP addresses, we comply.
1175 * If they want us to ask for compression, we refuse.
1176 * If they want us to ask for ms-dns, we do that, since some
1177 * peers get huffy if we don't.
1179 while (len >= CILEN_VOID) {
1182 if ( cilen < CILEN_VOID || (len -= cilen) < 0 )
1184 next = p + cilen - 2;
1187 case CI_COMPRESSTYPE:
1188 if (go->neg_vj || no.neg_vj ||
1189 (cilen != CILEN_VJ && cilen != CILEN_COMPRESS))
1194 if ((!go->neg_addr && go->old_addrs) || no.old_addrs
1195 || cilen != CILEN_ADDRS)
1200 if (ciaddr1 && go->accept_local)
1201 try.ouraddr = ciaddr1;
1204 if (ciaddr2 && go->accept_remote)
1205 try.hisaddr = ciaddr2;
1209 if (go->neg_addr || no.neg_addr || cilen != CILEN_ADDR)
1214 if (ciaddr1 && go->accept_local)
1215 try.ouraddr = ciaddr1;
1216 if (try.ouraddr != 0)
1221 if (go->req_dns1 || no.req_dns1 || cilen != CILEN_ADDR)
1224 try.dnsaddr[0] = htonl(l);
1229 if (go->req_dns2 || no.req_dns2 || cilen != CILEN_ADDR)
1232 try.dnsaddr[1] = htonl(l);
1238 if (cilen != CILEN_ADDR)
1243 try.winsaddr[citype == CI_MS_WINS2] = ciaddr1;
1250 * OK, the Nak is good. Now we can update state.
1251 * If there are any remaining options, we ignore them.
1253 if (f->state != OPENED)
1259 IPCPDEBUG(("ipcp_nakci: received bad Nak!"));
1265 * ipcp_rejci - Reject some of our CIs.
1266 * Callback from fsm_rconfnakrej.
1269 ipcp_rejci(f, p, len)
1274 ipcp_options *go = &ipcp_gotoptions[f->unit];
1275 u_char cimaxslotindex, ciflag, cilen;
1278 ipcp_options try; /* options to request next time */
1282 * Any Rejected CIs must be in exactly the same order that we sent.
1283 * Check packet length and CI length at each step.
1284 * If we find any deviations, then this packet is bad.
1286 #define REJCIADDRS(opt, neg, val1, val2) \
1288 (cilen = p[1]) == CILEN_ADDRS && \
1295 cilong = htonl(l); \
1296 /* Check rejected value. */ \
1297 if (cilong != val1) \
1300 cilong = htonl(l); \
1301 /* Check rejected value. */ \
1302 if (cilong != val2) \
1304 try.old_addrs = 0; \
1307 #define REJCIVJ(opt, neg, val, old, maxslot, cflag) \
1309 p[1] == (old? CILEN_COMPRESS : CILEN_VJ) && \
1314 GETSHORT(cishort, p); \
1315 /* Check rejected value. */ \
1316 if (cishort != val) \
1319 GETCHAR(cimaxslotindex, p); \
1320 if (cimaxslotindex != maxslot) \
1322 GETCHAR(ciflag, p); \
1323 if (ciflag != cflag) \
1329 #define REJCIADDR(opt, neg, val) \
1331 (cilen = p[1]) == CILEN_ADDR && \
1338 cilong = htonl(l); \
1339 /* Check rejected value. */ \
1340 if (cilong != val) \
1345 #define REJCIDNS(opt, neg, dnsaddr) \
1347 ((cilen = p[1]) == CILEN_ADDR) && \
1354 cilong = htonl(l); \
1355 /* Check rejected value. */ \
1356 if (cilong != dnsaddr) \
1361 #define REJCIWINS(opt, addr) \
1363 ((cilen = p[1]) == CILEN_ADDR) && \
1370 cilong = htonl(l); \
1371 /* Check rejected value. */ \
1372 if (cilong != addr) \
1374 try.winsaddr[opt == CI_MS_WINS2] = 0; \
1377 REJCIADDRS(CI_ADDRS, !go->neg_addr && go->old_addrs,
1378 go->ouraddr, go->hisaddr);
1380 REJCIVJ(CI_COMPRESSTYPE, neg_vj, go->vj_protocol, go->old_vj,
1381 go->maxslotindex, go->cflag);
1383 REJCIADDR(CI_ADDR, neg_addr, go->ouraddr);
1385 REJCIDNS(CI_MS_DNS1, req_dns1, go->dnsaddr[0]);
1387 REJCIDNS(CI_MS_DNS2, req_dns2, go->dnsaddr[1]);
1389 REJCIWINS(CI_MS_WINS1, go->winsaddr[0]);
1391 REJCIWINS(CI_MS_WINS2, go->winsaddr[1]);
1394 * If there are any remaining CIs, then this packet is bad.
1399 * Now we can update state.
1401 if (f->state != OPENED)
1406 IPCPDEBUG(("ipcp_rejci: received bad Reject!"));
1412 * ipcp_reqci - Check the peer's requested CIs and send appropriate response.
1413 * Callback from fsm_rconfreq, Receive Configure Request
1415 * Returns: CONFACK, CONFNAK or CONFREJ and input packet modified
1416 * appropriately. If reject_if_disagree is non-zero, doesn't return
1417 * CONFNAK; returns CONFREJ if it can't return CONFACK.
1420 ipcp_reqci(f, inp, len, reject_if_disagree)
1422 u_char *inp; /* Requested CIs */
1423 int *len; /* Length of requested CIs */
1424 int reject_if_disagree;
1426 ipcp_options *wo = &ipcp_wantoptions[f->unit];
1427 ipcp_options *ho = &ipcp_hisoptions[f->unit];
1428 ipcp_options *ao = &ipcp_allowoptions[f->unit];
1429 u_char *cip, *next; /* Pointer to current and next CIs */
1430 u_short cilen, citype; /* Parsed len, type */
1431 u_short cishort; /* Parsed short value */
1432 u_int32_t tl, ciaddr1, ciaddr2;/* Parsed address values */
1433 int rc = CONFACK; /* Final packet return code */
1434 int orc; /* Individual option return code */
1435 u_char *p; /* Pointer to next char to parse */
1436 u_char *ucp = inp; /* Pointer to current output char */
1437 int l = *len; /* Length left */
1438 u_char maxslotindex, cflag;
1442 * Reset all his options.
1444 BZERO(ho, sizeof(*ho));
1447 * Process all his options.
1451 orc = CONFACK; /* Assume success */
1452 cip = p = next; /* Remember begining of CI */
1453 if (l < 2 || /* Not enough data for CI header or */
1454 p[1] < 2 || /* CI length too small or */
1455 p[1] > l) { /* CI length too big? */
1456 IPCPDEBUG(("ipcp_reqci: bad CI length!"));
1457 orc = CONFREJ; /* Reject bad CI */
1458 cilen = l; /* Reject till end of packet */
1459 l = 0; /* Don't loop again */
1462 GETCHAR(citype, p); /* Parse CI type */
1463 GETCHAR(cilen, p); /* Parse CI length */
1464 l -= cilen; /* Adjust remaining length */
1465 next += cilen; /* Step to next CI */
1467 switch (citype) { /* Check CI type */
1469 if (!ao->old_addrs || ho->neg_addr ||
1470 cilen != CILEN_ADDRS) { /* Check CI length */
1471 orc = CONFREJ; /* Reject CI */
1476 * If he has no address, or if we both have his address but
1477 * disagree about it, then NAK it with our idea.
1478 * In particular, if we don't know his address, but he does,
1481 GETLONG(tl, p); /* Parse source address (his) */
1482 ciaddr1 = htonl(tl);
1483 if (ciaddr1 != wo->hisaddr
1484 && (ciaddr1 == 0 || !wo->accept_remote)) {
1486 if (!reject_if_disagree) {
1487 DECPTR(sizeof(u_int32_t), p);
1488 tl = ntohl(wo->hisaddr);
1491 } else if (ciaddr1 == 0 && wo->hisaddr == 0) {
1493 * If neither we nor he knows his address, reject the option.
1496 wo->req_addr = 0; /* don't NAK with 0.0.0.0 later */
1501 * If he doesn't know our address, or if we both have our address
1502 * but disagree about it, then NAK it with our idea.
1504 GETLONG(tl, p); /* Parse desination address (ours) */
1505 ciaddr2 = htonl(tl);
1506 if (ciaddr2 != wo->ouraddr) {
1507 if (ciaddr2 == 0 || !wo->accept_local) {
1509 if (!reject_if_disagree) {
1510 DECPTR(sizeof(u_int32_t), p);
1511 tl = ntohl(wo->ouraddr);
1515 wo->ouraddr = ciaddr2; /* accept peer's idea */
1520 ho->hisaddr = ciaddr1;
1521 ho->ouraddr = ciaddr2;
1525 if (!ao->neg_addr || ho->old_addrs ||
1526 cilen != CILEN_ADDR) { /* Check CI length */
1527 orc = CONFREJ; /* Reject CI */
1532 * If he has no address, or if we both have his address but
1533 * disagree about it, then NAK it with our idea.
1534 * In particular, if we don't know his address, but he does,
1537 GETLONG(tl, p); /* Parse source address (his) */
1538 ciaddr1 = htonl(tl);
1539 if (ciaddr1 != wo->hisaddr
1540 && (ciaddr1 == 0 || !wo->accept_remote)) {
1542 if (!reject_if_disagree) {
1543 DECPTR(sizeof(u_int32_t), p);
1544 tl = ntohl(wo->hisaddr);
1547 } else if (ciaddr1 == 0 && wo->hisaddr == 0) {
1549 * Don't ACK an address of 0.0.0.0 - reject it instead.
1552 wo->req_addr = 0; /* don't NAK with 0.0.0.0 later */
1557 ho->hisaddr = ciaddr1;
1562 /* Microsoft primary or secondary DNS request */
1563 d = citype == CI_MS_DNS2;
1565 /* If we do not have a DNS address then we cannot send it */
1566 if (ao->dnsaddr[d] == 0 ||
1567 cilen != CILEN_ADDR) { /* Check CI length */
1568 orc = CONFREJ; /* Reject CI */
1572 if (htonl(tl) != ao->dnsaddr[d]) {
1573 DECPTR(sizeof(u_int32_t), p);
1574 tl = ntohl(ao->dnsaddr[d]);
1582 /* Microsoft primary or secondary WINS request */
1583 d = citype == CI_MS_WINS2;
1585 /* If we do not have a DNS address then we cannot send it */
1586 if (ao->winsaddr[d] == 0 ||
1587 cilen != CILEN_ADDR) { /* Check CI length */
1588 orc = CONFREJ; /* Reject CI */
1592 if (htonl(tl) != ao->winsaddr[d]) {
1593 DECPTR(sizeof(u_int32_t), p);
1594 tl = ntohl(ao->winsaddr[d]);
1600 case CI_COMPRESSTYPE:
1602 (cilen != CILEN_VJ && cilen != CILEN_COMPRESS)) {
1606 GETSHORT(cishort, p);
1608 if (!(cishort == IPCP_VJ_COMP ||
1609 (cishort == IPCP_VJ_COMP_OLD && cilen == CILEN_COMPRESS))) {
1615 ho->vj_protocol = cishort;
1616 if (cilen == CILEN_VJ) {
1617 GETCHAR(maxslotindex, p);
1618 if (maxslotindex > ao->maxslotindex) {
1620 if (!reject_if_disagree){
1622 PUTCHAR(ao->maxslotindex, p);
1626 if (cflag && !ao->cflag) {
1628 if (!reject_if_disagree){
1630 PUTCHAR(wo->cflag, p);
1633 ho->maxslotindex = maxslotindex;
1637 ho->maxslotindex = MAX_STATES - 1;
1647 if (orc == CONFACK && /* Good CI */
1648 rc != CONFACK) /* but prior CI wasnt? */
1649 continue; /* Don't send this one */
1651 if (orc == CONFNAK) { /* Nak this CI? */
1652 if (reject_if_disagree) /* Getting fed up with sending NAKs? */
1653 orc = CONFREJ; /* Get tough if so */
1655 if (rc == CONFREJ) /* Rejecting prior CI? */
1656 continue; /* Don't send this one */
1657 if (rc == CONFACK) { /* Ack'd all prior CIs? */
1658 rc = CONFNAK; /* Not anymore... */
1659 ucp = inp; /* Backup */
1664 if (orc == CONFREJ && /* Reject this CI */
1665 rc != CONFREJ) { /* but no prior ones? */
1667 ucp = inp; /* Backup */
1670 /* Need to move CI? */
1672 BCOPY(cip, ucp, cilen); /* Move it */
1674 /* Update output pointer */
1679 * If we aren't rejecting this packet, and we want to negotiate
1680 * their address, and they didn't send their address, then we
1681 * send a NAK with a CI_ADDR option appended. We assume the
1682 * input buffer is long enough that we can append the extra
1685 if (rc != CONFREJ && !ho->neg_addr && !ho->old_addrs &&
1686 wo->req_addr && !reject_if_disagree && !noremoteip) {
1687 if (rc == CONFACK) {
1689 ucp = inp; /* reset pointer */
1690 wo->req_addr = 0; /* don't ask again */
1692 PUTCHAR(CI_ADDR, ucp);
1693 PUTCHAR(CILEN_ADDR, ucp);
1694 tl = ntohl(wo->hisaddr);
1698 *len = ucp - inp; /* Compute output length */
1699 IPCPDEBUG(("ipcp: returning Configure-%s", CODENAME(rc)));
1700 return (rc); /* Return final code */
1705 * ip_check_options - check that any IP-related options are OK,
1706 * and assign appropriate defaults.
1713 ipcp_options *wo = &ipcp_wantoptions[0];
1716 * Default our local IP address based on our hostname.
1717 * If local IP address already given, don't bother.
1719 if (wo->ouraddr == 0 && !disable_defaultip) {
1721 * Look up our hostname (possibly with domain name appended)
1722 * and take the first IP address as our local IP address.
1723 * If there isn't an IP address for our hostname, too bad.
1725 wo->accept_local = 1; /* don't insist on this default value */
1726 if ((hp = gethostbyname(hostname)) != NULL) {
1727 local = *(u_int32_t *)hp->h_addr;
1728 if (local != 0 && !bad_ip_adrs(local))
1729 wo->ouraddr = local;
1732 ask_for_local = wo->ouraddr != 0 || !disable_defaultip;
1737 * ip_demand_conf - configure the interface as though
1738 * IPCP were up, for use with dial-on-demand.
1744 ipcp_options *wo = &ipcp_wantoptions[u];
1746 if (wo->hisaddr == 0 && !noremoteip) {
1747 /* make up an arbitrary address for the peer */
1748 wo->hisaddr = htonl(0x0a707070 + ifunit);
1749 wo->accept_remote = 1;
1751 if (wo->ouraddr == 0) {
1752 /* make up an arbitrary address for us */
1753 wo->ouraddr = htonl(0x0a404040 + ifunit);
1754 wo->accept_local = 1;
1755 ask_for_local = 0; /* don't tell the peer this address */
1757 if (!sifaddr(u, wo->ouraddr, wo->hisaddr, GetMask(wo->ouraddr)))
1759 ipcp_script(_PATH_IPPREUP, 1);
1762 if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE))
1764 if (wo->default_route)
1765 if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr))
1766 default_route_set[u] = 1;
1768 if (sifproxyarp(u, wo->hisaddr))
1769 proxy_arp_set[u] = 1;
1771 notice("local IP address %I", wo->ouraddr);
1773 notice("remote IP address %I", wo->hisaddr);
1780 * ipcp_up - IPCP has come UP.
1782 * Configure the IP network interface appropriately and bring it up.
1789 ipcp_options *ho = &ipcp_hisoptions[f->unit];
1790 ipcp_options *go = &ipcp_gotoptions[f->unit];
1791 ipcp_options *wo = &ipcp_wantoptions[f->unit];
1794 IPCPDEBUG(("ipcp: up"));
1797 * We must have a non-zero IP address for both ends of the link.
1799 if (!ho->neg_addr && !ho->old_addrs)
1800 ho->hisaddr = wo->hisaddr;
1802 if (!(go->neg_addr || go->old_addrs) && (wo->neg_addr || wo->old_addrs)
1803 && wo->ouraddr != 0) {
1804 error("Peer refused to agree to our IP address");
1805 ipcp_close(f->unit, "Refused our IP address");
1808 if (go->ouraddr == 0) {
1809 error("Could not determine local IP address");
1810 ipcp_close(f->unit, "Could not determine local IP address");
1813 if (ho->hisaddr == 0 && !noremoteip) {
1814 ho->hisaddr = htonl(0x0a404040 + ifunit);
1815 warn("Could not determine remote IP address: defaulting to %I",
1818 script_setenv("IPLOCAL", ip_ntoa(go->ouraddr), 0);
1819 if (ho->hisaddr != 0)
1820 script_setenv("IPREMOTE", ip_ntoa(ho->hisaddr), 1);
1827 script_setenv("DNS1", ip_ntoa(go->dnsaddr[0]), 0);
1829 script_setenv("DNS2", ip_ntoa(go->dnsaddr[1]), 0);
1830 if (usepeerdns && (go->dnsaddr[0] || go->dnsaddr[1])) {
1831 script_setenv("USEPEERDNS", "1", 0);
1832 create_resolv(go->dnsaddr[0], go->dnsaddr[1]);
1836 * Check that the peer is allowed to use the IP address it wants.
1838 if (ho->hisaddr != 0 && !auth_ip_addr(f->unit, ho->hisaddr)) {
1839 error("Peer is not authorized to use remote address %I", ho->hisaddr);
1840 ipcp_close(f->unit, "Unauthorized remote IP address");
1844 /* set tcp compression */
1845 sifvjcomp(f->unit, ho->neg_vj, ho->cflag, ho->maxslotindex);
1848 * If we are doing dial-on-demand, the interface is already
1849 * configured, so we put out any saved-up packets, then set the
1850 * interface to pass IP packets.
1853 if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) {
1854 ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr);
1855 if (go->ouraddr != wo->ouraddr) {
1856 warn("Local IP address changed to %I", go->ouraddr);
1857 script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0);
1858 wo->ouraddr = go->ouraddr;
1860 script_unsetenv("OLDIPLOCAL");
1861 if (ho->hisaddr != wo->hisaddr && wo->hisaddr != 0) {
1862 warn("Remote IP address changed to %I", ho->hisaddr);
1863 script_setenv("OLDIPREMOTE", ip_ntoa(wo->hisaddr), 0);
1864 wo->hisaddr = ho->hisaddr;
1866 script_unsetenv("OLDIPREMOTE");
1868 /* Set the interface to the new addresses */
1869 mask = GetMask(go->ouraddr);
1870 if (!sifaddr(f->unit, go->ouraddr, ho->hisaddr, mask)) {
1872 warn("Interface configuration failed");
1873 ipcp_close(f->unit, "Interface configuration failed");
1877 /* assign a default route through the interface if required */
1878 if (ipcp_wantoptions[f->unit].default_route)
1879 if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
1880 default_route_set[f->unit] = 1;
1882 /* Make a proxy ARP entry if requested. */
1883 if (ho->hisaddr != 0 && ipcp_wantoptions[f->unit].proxy_arp)
1884 if (sifproxyarp(f->unit, ho->hisaddr))
1885 proxy_arp_set[f->unit] = 1;
1888 demand_rexmit(PPP_IP);
1889 sifnpmode(f->unit, PPP_IP, NPMODE_PASS);
1893 * Set IP addresses and (if specified) netmask.
1895 mask = GetMask(go->ouraddr);
1897 #if !(defined(SVR4) && (defined(SNI) || defined(__USLC__)))
1898 if (!sifaddr(f->unit, go->ouraddr, ho->hisaddr, mask)) {
1900 warn("Interface configuration failed");
1901 ipcp_close(f->unit, "Interface configuration failed");
1906 ifindex = if_nametoindex(ifname);
1908 /* run the pre-up script, if any, and wait for it to finish */
1909 ipcp_script(_PATH_IPPREUP, 1);
1911 /* check if preup script renamed the interface */
1912 if (!if_indextoname(ifindex, ifname)) {
1913 error("Interface index %d failed to get renamed by a pre-up script", ifindex);
1914 ipcp_close(f->unit, "Interface configuration failed");
1918 /* bring the interface up for IP */
1919 if (!sifup(f->unit)) {
1921 warn("Interface failed to come up");
1922 ipcp_close(f->unit, "Interface configuration failed");
1926 #if (defined(SVR4) && (defined(SNI) || defined(__USLC__)))
1927 if (!sifaddr(f->unit, go->ouraddr, ho->hisaddr, mask)) {
1929 warn("Interface configuration failed");
1930 ipcp_close(f->unit, "Interface configuration failed");
1934 sifnpmode(f->unit, PPP_IP, NPMODE_PASS);
1936 /* assign a default route through the interface if required */
1937 if (ipcp_wantoptions[f->unit].default_route)
1938 if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
1939 default_route_set[f->unit] = 1;
1941 /* Make a proxy ARP entry if requested. */
1942 if (ho->hisaddr != 0 && ipcp_wantoptions[f->unit].proxy_arp)
1943 if (sifproxyarp(f->unit, ho->hisaddr))
1944 proxy_arp_set[f->unit] = 1;
1946 ipcp_wantoptions[0].ouraddr = go->ouraddr;
1948 notice("local IP address %I", go->ouraddr);
1949 if (ho->hisaddr != 0)
1950 notice("remote IP address %I", ho->hisaddr);
1952 notice("primary DNS address %I", go->dnsaddr[0]);
1954 notice("secondary DNS address %I", go->dnsaddr[1]);
1957 reset_link_stats(f->unit);
1959 np_up(f->unit, PPP_IP);
1962 notify(ip_up_notifier, 0);
1967 * Execute the ip-up script, like this:
1968 * /etc/ppp/ip-up interface tty speed local-IP remote-IP
1970 if (ipcp_script_state == s_down && ipcp_script_pid == 0) {
1971 ipcp_script_state = s_up;
1972 ipcp_script(_PATH_IPUP, 0);
1978 * ipcp_down - IPCP has gone DOWN.
1980 * Take the IP network interface down, clear its addresses
1981 * and delete routes through it.
1987 IPCPDEBUG(("ipcp: down"));
1988 /* XXX a bit IPv4-centric here, we only need to get the stats
1989 * before the interface is marked down. */
1990 /* XXX more correct: we must get the stats before running the notifiers,
1991 * at least for the radius plugin */
1992 update_link_stats(f->unit);
1993 notify(ip_down_notifier, 0);
1998 np_down(f->unit, PPP_IP);
2000 sifvjcomp(f->unit, 0, 0, 0);
2002 print_link_stats(); /* _after_ running the notifiers and ip_down_hook(),
2003 * because print_link_stats() sets link_stats_valid
2007 * If we are doing dial-on-demand, set the interface
2008 * to queue up outgoing packets (for now).
2011 sifnpmode(f->unit, PPP_IP, NPMODE_QUEUE);
2013 sifnpmode(f->unit, PPP_IP, NPMODE_DROP);
2015 ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr,
2016 ipcp_hisoptions[f->unit].hisaddr);
2019 /* Execute the ip-down script */
2020 if (ipcp_script_state == s_up && ipcp_script_pid == 0) {
2021 ipcp_script_state = s_down;
2022 ipcp_script(_PATH_IPDOWN, 0);
2028 * ipcp_clear_addrs() - clear the interface addresses, routes,
2029 * proxy arp entries, etc.
2032 ipcp_clear_addrs(unit, ouraddr, hisaddr)
2034 u_int32_t ouraddr; /* local address */
2035 u_int32_t hisaddr; /* remote address */
2037 if (proxy_arp_set[unit]) {
2038 cifproxyarp(unit, hisaddr);
2039 proxy_arp_set[unit] = 0;
2041 if (default_route_set[unit]) {
2042 cifdefaultroute(unit, ouraddr, hisaddr);
2043 default_route_set[unit] = 0;
2045 cifaddr(unit, ouraddr, hisaddr);
2050 * ipcp_finished - possibly shut down the lower layers.
2058 np_finished(f->unit, PPP_IP);
2064 * ipcp_script_done - called when the ip-up or ip-down script
2068 ipcp_script_done(arg)
2071 ipcp_script_pid = 0;
2072 switch (ipcp_script_state) {
2074 if (ipcp_fsm[0].state != OPENED) {
2075 ipcp_script_state = s_down;
2076 ipcp_script(_PATH_IPDOWN, 0);
2080 if (ipcp_fsm[0].state == OPENED) {
2081 ipcp_script_state = s_up;
2082 ipcp_script(_PATH_IPUP, 0);
2090 * ipcp_script - Execute a script with arguments
2091 * interface-name tty-name speed local-IP remote-IP.
2094 ipcp_script(script, wait)
2098 char strspeed[32], strlocal[32], strremote[32];
2101 slprintf(strspeed, sizeof(strspeed), "%d", baud_rate);
2102 slprintf(strlocal, sizeof(strlocal), "%I", ipcp_gotoptions[0].ouraddr);
2103 slprintf(strremote, sizeof(strremote), "%I", ipcp_hisoptions[0].hisaddr);
2110 argv[5] = strremote;
2114 run_program(script, argv, 0, NULL, NULL, 1);
2116 ipcp_script_pid = run_program(script, argv, 0, ipcp_script_done,
2121 * create_resolv - create the replacement resolv.conf file
2124 create_resolv(peerdns1, peerdns2)
2125 u_int32_t peerdns1, peerdns2;
2129 f = fopen(_PATH_RESOLV, "w");
2131 error("Failed to create %s: %m", _PATH_RESOLV);
2136 fprintf(f, "nameserver %s\n", ip_ntoa(peerdns1));
2139 fprintf(f, "nameserver %s\n", ip_ntoa(peerdns2));
2142 error("Write failed to %s: %m", _PATH_RESOLV);
2148 * ipcp_printpkt - print the contents of an IPCP packet.
2150 static char *ipcp_codenames[] = {
2151 "ConfReq", "ConfAck", "ConfNak", "ConfRej",
2152 "TermReq", "TermAck", "CodeRej"
2156 ipcp_printpkt(p, plen, printer, arg)
2159 void (*printer) __P((void *, char *, ...));
2162 int code, id, len, olen;
2163 u_char *pstart, *optend;
2167 if (plen < HEADERLEN)
2173 if (len < HEADERLEN || len > plen)
2176 if (code >= 1 && code <= sizeof(ipcp_codenames) / sizeof(char *))
2177 printer(arg, " %s", ipcp_codenames[code-1]);
2179 printer(arg, " code=0x%x", code);
2180 printer(arg, " id=0x%x", id);
2187 /* print option list */
2192 if (olen < 2 || olen > len) {
2200 if (olen == CILEN_ADDRS) {
2203 printer(arg, "addrs %I", htonl(cilong));
2205 printer(arg, " %I", htonl(cilong));
2208 case CI_COMPRESSTYPE:
2209 if (olen >= CILEN_COMPRESS) {
2211 GETSHORT(cishort, p);
2212 printer(arg, "compress ");
2217 case IPCP_VJ_COMP_OLD:
2218 printer(arg, "old-VJ");
2221 printer(arg, "0x%x", cishort);
2226 if (olen == CILEN_ADDR) {
2229 printer(arg, "addr %I", htonl(cilong));
2236 printer(arg, "ms-dns%d %I", (code == CI_MS_DNS1? 1: 2),
2243 printer(arg, "ms-wins %I", htonl(cilong));
2246 while (p < optend) {
2248 printer(arg, " %.2x", code);
2256 if (len > 0 && *p >= ' ' && *p < 0x7f) {
2258 print_string((char *)p, len, printer, arg);
2265 /* print the rest of the bytes in the packet */
2266 for (; len > 0; --len) {
2268 printer(arg, " %.2x", code);
2275 * ip_active_pkt - see if this IP packet is worth bringing the link up for.
2276 * We don't bring the link up for IP fragments or for TCP FIN packets
2279 #define IP_HDRLEN 20 /* bytes */
2280 #define IP_OFFMASK 0x1fff
2282 #define IPPROTO_TCP 6
2284 #define TCP_HDRLEN 20
2288 * We use these macros because the IP header may be at an odd address,
2289 * and some compilers might use word loads to get th_off or ip_hl.
2292 #define net_short(x) (((x)[0] << 8) + (x)[1])
2293 #define get_iphl(x) (((unsigned char *)(x))[0] & 0xF)
2294 #define get_ipoff(x) net_short((unsigned char *)(x) + 6)
2295 #define get_ipproto(x) (((unsigned char *)(x))[9])
2296 #define get_tcpoff(x) (((unsigned char *)(x))[12] >> 4)
2297 #define get_tcpflags(x) (((unsigned char *)(x))[13])
2300 ip_active_pkt(pkt, len)
2309 if (len < IP_HDRLEN)
2311 if ((get_ipoff(pkt) & IP_OFFMASK) != 0)
2313 if (get_ipproto(pkt) != IPPROTO_TCP)
2315 hlen = get_iphl(pkt) * 4;
2316 if (len < hlen + TCP_HDRLEN)
2319 if ((get_tcpflags(tcp) & TH_FIN) != 0 && len == hlen + get_tcpoff(tcp) * 4)