* lcp.c - PPP Link Control Protocol.
* Copyright (c) 1989 Carnegie Mellon University.
* Redistribution and use in source and binary forms are permitted
* provided that the above copyright notice and this paragraph are
* duplicated in all such forms and that any documentation,
* advertising materials, and other materials related to such
* distribution and use acknowledge that the software was developed
* by Carnegie Mellon University. The name of the
* University may not be used to endorse or promote products derived
* from this software without specific prior written permission.
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
* Send NAKs for unsent CIs.
* Keep separate MTU, MRU.
* Extra data on authtype option.
fsm lcp_fsm
[NPPP
]; /* LCP fsm structure (global)*/
lcp_options lcp_wantoptions
[NPPP
]; /* Options that we want to request */
lcp_options lcp_gotoptions
[NPPP
]; /* Options that peer ack'd */
lcp_options lcp_allowoptions
[NPPP
]; /* Options that we allow peer to request */
lcp_options lcp_hisoptions
[NPPP
]; /* Options that we ack'd */
static void lcp_resetci
__ARGS((fsm
*));
/* Reset our Configuration Information */
static int lcp_cilen
__ARGS((fsm
*)); /* Return length of our CI */
static void lcp_addci
__ARGS((fsm
*, u_char
*)); /* Add our CIs */
static int lcp_ackci
__ARGS((fsm
*, u_char
*, int)); /* Ack some CIs */
static void lcp_nakci
__ARGS((fsm
*, u_char
*, int)); /* Nak some CIs */
static void lcp_rejci
__ARGS((fsm
*, u_char
*, int));
static u_char lcp_reqci
__ARGS((fsm
*, u_char
*, int *));
/* Check the requested CIs */
static void lcp_up
__ARGS((fsm
*)); /* We're UP */
static void lcp_down
__ARGS((fsm
*)); /* We're DOWN */
static void lcp_closed
__ARGS((fsm
*)); /* We're CLOSED */
static fsm_callbacks lcp_callbacks
= { /* LCP callback routines */
lcp_resetci
, /* Reset our Configuration Information */
lcp_cilen
, /* Length of our Configuration Information */
lcp_addci
, /* Add our Configuration Information */
lcp_ackci
, /* ACK our Configuration Information */
lcp_nakci
, /* NAK our Configuration Information */
lcp_rejci
, /* Reject our Configuration Information */
lcp_reqci
, /* Request peer's Configuration Information */
lcp_up
, /* Called when fsm reaches OPEN state */
lcp_down
, /* Called when fsm leaves OPEN state */
lcp_closed
, /* Called when fsm reaches CLOSED state */
NULL
, /* Called when Protocol-Reject received */
NULL
/* Retransmission is necessary */
#define DEFWARNLOOPS 10 /* XXX Move to lcp.h */
static int lcp_warnloops
= DEFWARNLOOPS
; /* Warn about a loopback this often */
* lcp_init - Initialize LCP.
lcp_options
*wo
= &lcp_wantoptions
[unit
];
lcp_options
*ao
= &lcp_allowoptions
[unit
];
f
->timeouttime
= DEFTIMEOUT
;
f
->maxconfreqtransmits
= DEFMAXCONFIGREQS
;
f
->maxtermtransmits
= DEFMAXTERMTRANSMITS
;
f
->maxnakloops
= DEFMAXNAKLOOPS
;
f
->callbacks
= &lcp_callbacks
;
wo
->restart
= 0; /* Set to 1 in kernels or multi-line
wo
->neg_chap
= 0; /* Set to 1 on server */
wo
->neg_upap
= 0; /* Set to 1 on server */
wo
->neg_pcompression
= 1;
wo
->neg_accompression
= 1;
ao
->neg_chap
= 0; /* Set to 1 on client */
ao
->chap_mdtype
= CHAP_DIGEST_MD5
;
ao
->chap_callback
= CHAP_NOCALLBACK
;
ao
->neg_upap
= 0; /* Set to 1 on client */
ao
->neg_pcompression
= 1;
ao
->neg_accompression
= 1;
* lcp_activeopen - Actively open LCP.
fsm_activeopen(&lcp_fsm
[unit
]);
* lcp_passiveopen - Passively open LCP.
fsm_passiveopen(&lcp_fsm
[unit
]);
fsm_close(&lcp_fsm
[unit
]);
* lcp_lowerup - The lower layer is up.
SIFASYNCMAP(unit
, 0xffffffff);
fsm_lowerup(&lcp_fsm
[unit
]);
* lcp_lowerdown - The lower layer is down.
fsm_lowerdown(&lcp_fsm
[unit
]);
* lcp_input - Input LCP packet.
fsm_input(&lcp_fsm
[unit
], p
, len
);
* lcp_protrej - A Protocol-Reject was received.
"lcp_protrej: Received Protocol-Reject for LCP!"))
* lcp_sprotrej - Send a Protocol-Reject for some protocol.
lcp_sprotrej(unit
, p
, len
)
/* this is marginal, as rejected-info should be full frame,
* but at least we return the rejected-protocol
fsm_sdata(&lcp_fsm
[unit
], PROTREJ
, ++lcp_fsm
[unit
].id
,
* lcp_resetci - Reset our CI.
lcp_wantoptions
[f
->unit
].magicnumber
= magic();
lcp_wantoptions
[f
->unit
].numloops
= 0;
lcp_gotoptions
[f
->unit
] = lcp_wantoptions
[f
->unit
];
* lcp_cilen - Return length of our CI.
lcp_options
*go
= &lcp_gotoptions
[f
->unit
];
#define LENCIVOID(neg) (neg ? 2 : 0)
#define LENCICHAP(neg) (neg ? 6 : 0)
#define LENCISHORT(neg) (neg ? 4 : 0)
#define LENCILONG(neg) (neg ? 6 : 0)
return (LENCISHORT(go
->neg_mru
) +
LENCILONG(go
->neg_asyncmap
) +
LENCICHAP(go
->neg_chap
) +
LENCISHORT(go
->neg_upap
) +
LENCILONG(go
->neg_magicnumber
) +
LENCIVOID(go
->neg_pcompression
) +
LENCIVOID(go
->neg_accompression
));
* lcp_addci - Add our desired CIs to a packet.
lcp_options
*go
= &lcp_gotoptions
[f
->unit
];
#define ADDCIVOID(opt, neg) \
#define ADDCISHORT(opt, neg, val) \
PUTCHAR(2 + sizeof (short), ucp); \
#define ADDCICHAP(opt, neg, val, digest, callback) \
PUTCHAR(callback, ucp); \
#define ADDCILONG(opt, neg, val) \
PUTCHAR(2 + sizeof (long), ucp); \
ADDCISHORT(CI_MRU
, go
->neg_mru
, go
->mru
)
ADDCILONG(CI_ASYNCMAP
, go
->neg_asyncmap
, go
->asyncmap
)
ADDCICHAP(CI_AUTHTYPE
, go
->neg_chap
, CHAP
, go
->chap_mdtype
, go
->chap_callback
)
ADDCISHORT(CI_AUTHTYPE
, go
->neg_upap
, UPAP
)
ADDCILONG(CI_MAGICNUMBER
, go
->neg_magicnumber
, go
->magicnumber
)
ADDCIVOID(CI_PCOMPRESSION
, go
->neg_pcompression
)
ADDCIVOID(CI_ACCOMPRESSION
, go
->neg_accompression
)
* lcp_ackci - Ack our CIs.
lcp_options
*go
= &lcp_gotoptions
[f
->unit
];
u_char cilen
, citype
, cichar
;
* CIs must be in exactly the same order that we sent.
* Check packet length and CI length at each step.
* If we find any deviations, then this packet is bad.
#define ACKCIVOID(opt, neg) \
#define ACKCISHORT(opt, neg, val) \
if ((len -= 2 + sizeof (short)) < 0) \
if (cilen != 2 + sizeof (short) || \
#define ACKCICHAP(opt, neg, val, digest, callback) \
if ((len -= 4 + sizeof (short)) < 0) \
if (cilen != 4 + sizeof (short) || \
if (cichar != callback) \
#define ACKCILONG(opt, neg, val) \
if ((len -= 2 + sizeof (long)) < 0) \
if (cilen != 2 + sizeof (long) || \
ACKCISHORT(CI_MRU
, go
->neg_mru
, go
->mru
)
ACKCILONG(CI_ASYNCMAP
, go
->neg_asyncmap
, go
->asyncmap
)
ACKCICHAP(CI_AUTHTYPE
, go
->neg_chap
, CHAP
, go
->chap_mdtype
, go
->chap_callback
)
ACKCISHORT(CI_AUTHTYPE
, go
->neg_upap
, UPAP
)
ACKCILONG(CI_MAGICNUMBER
, go
->neg_magicnumber
, go
->magicnumber
)
ACKCIVOID(CI_PCOMPRESSION
, go
->neg_pcompression
)
ACKCIVOID(CI_ACCOMPRESSION
, go
->neg_accompression
)
* If there are any remaining CIs, then this packet is bad.
LCPDEBUG((LOG_WARNING
, "lcp_acki: received bad Ack!"))
* lcp_nakci - NAK some of our CIs.
lcp_options
*go
= &lcp_gotoptions
[f
->unit
];
lcp_options
*wo
= &lcp_wantoptions
[f
->unit
];
* Any Nak'd CIs must be in exactly the same order that we sent.
* Check packet length and CI length at each step.
* If we find any deviations, then this packet is bad.
#define NAKCIVOID(opt, neg, code) \
#define NAKCICHAP(opt, neg, digest, callback, code) \
len >= 4 + sizeof (short) && \
p[1] == 4 + sizeof (short) && \
len -= 4 + sizeof (short); \
#define NAKCISHORT(opt, neg, code) \
len >= 2 + sizeof (short) && \
p[1] == 2 + sizeof (short) && \
len -= 2 + sizeof (short); \
#define NAKCILONG(opt, neg, code) \
len >= 2 + sizeof (long) && \
p[1] == 2 + sizeof (long) && \
len -= 2 + sizeof (long); \
* We don't care if they want to send us smaller packets than
* we want. Therefore, accept any MRU less than what we asked for,
* but then ignore the new value when setting the MRU in the kernel.
* If they send us a bigger MRU than what we asked, reject it and
* let him decide to accept our value.
NAKCISHORT(CI_MRU
, go
->neg_mru
,
NAKCILONG(CI_ASYNCMAP
, go
->neg_asyncmap
,
NAKCICHAP(CI_AUTHTYPE
, go
->neg_chap
, go
->chap_mdtype
, go
->chap_callback
,
LCPDEBUG((LOG_WARNING
, "Peer refuses to authenticate chap!"))
NAKCISHORT(CI_AUTHTYPE
, go
->neg_upap
,
LCPDEBUG((LOG_WARNING
, "Peer refuses to authenticate pap!"))
NAKCILONG(CI_MAGICNUMBER
, go
->neg_magicnumber
,
go
->magicnumber
= magic();
if (++go
->numloops
% lcp_warnloops
== 0)
LCPDEBUG((LOG_INFO
, "The line appears to be looped back."))
NAKCIVOID(CI_PCOMPRESSION
, go
->neg_pcompression
,
go
->neg_pcompression
= 0;
NAKCIVOID(CI_ACCOMPRESSION
, go
->neg_accompression
,
go
->neg_accompression
= 0;
* If there are any remaining CIs, then this packet is bad.
LCPDEBUG((LOG_WARNING
, "lcp_nakci: received bad Nak!"))
* lcp_rejci - Reject some of our CIs.
lcp_options
*go
= &lcp_gotoptions
[f
->unit
];
int myopt
, myval
, xval
, plen
= len
;
* Any Rejected CIs must be in exactly the same order that we sent.
* Check packet length and CI length at each step.
* If we find any deviations, then this packet is bad.
#define REJCIVOID(opt, neg) \
LCPDEBUG((LOG_INFO,"lcp_rejci rejected void opt %d",opt)) \
#define REJCISHORT(opt, neg, val) \
myopt = opt; myval = val; \
len >= 2 + sizeof (short) && \
p[1] == 2 + sizeof (short) && \
len -= 2 + sizeof (short); \
/* Check rejected value. */ \
LCPDEBUG((LOG_INFO,"lcp_rejci rejected short opt %d", opt)) \
#define REJCICHAP(opt, neg, val, digest, callback) \
myopt = opt; myval = val; \
len >= 4 + sizeof (short) && \
p[1] == 4 + sizeof (short) && \
len -= 4 + sizeof (short); \
/* Check rejected value. */ \
LCPDEBUG((LOG_INFO,"lcp_rejci rejected chap opt %d", opt)) \
#define REJCILONG(opt, neg, val) \
myopt = opt; myval = val; \
len >= 2 + sizeof (long) && \
p[1] == 2 + sizeof (long) && \
len -= 2 + sizeof (long); \
/* Check rejected value. */ \
LCPDEBUG((LOG_INFO,"lcp_rejci rejected long opt %d", opt)) \
REJCISHORT(CI_MRU
, go
->neg_mru
, go
->mru
)
REJCILONG(CI_ASYNCMAP
, go
->neg_asyncmap
, go
->asyncmap
)
REJCICHAP(CI_AUTHTYPE
, go
->neg_chap
, CHAP
, go
->chap_mdtype
, go
->callback
)
REJCISHORT(CI_AUTHTYPE
, go
->neg_upap
, UPAP
)
REJCILONG(CI_MAGICNUMBER
, go
->neg_magicnumber
, go
->magicnumber
)
REJCIVOID(CI_PCOMPRESSION
, go
->neg_pcompression
)
REJCIVOID(CI_ACCOMPRESSION
, go
->neg_accompression
)
* If there are any remaining CIs, then this packet is bad.
LCPDEBUG((LOG_WARNING
, "lcp_rejci: received bad Reject!"))
LCPDEBUG((LOG_WARNING
, "lcp_rejci: plen %d len %d off %d, exp opt %d, found %d, val %d fval %d ",
plen
, len
, p
- start
, myopt
, p
[0] &0xff, myval
, xval
))
* lcp_reqci - Check the peer's requested CIs and send appropriate response.
* Returns: CONFACK, CONFNAK or CONFREJ and input packet modified
u_char
*inp
; /* Requested CIs */
int *len
; /* Length of requested CIs */
lcp_options
*go
= &lcp_gotoptions
[f
->unit
];
lcp_options
*ho
= &lcp_hisoptions
[f
->unit
];
lcp_options
*ao
= &lcp_allowoptions
[f
->unit
];
u_char
*cip
; /* Pointer to Current CI */
u_char cilen
, citype
, cichar
;/* Parsed len, type, char value */
u_short cishort
; /* Parsed short value */
u_long cilong
; /* Parse long value */
int rc
= CONFACK
; /* Final packet return code */
int orc
; /* Individual option return code */
u_char
*p
= inp
; /* Pointer to next char to parse */
u_char
*ucp
= inp
; /* Pointer to current output char */
int l
= *len
; /* Length left */
ho
->neg_pcompression
= 0;
ho
->neg_accompression
= 0;
* Process all his options.
orc
= CONFACK
; /* Assume success */
cip
= p
; /* Remember begining of CI */
if (l
< 2 || /* Not enough data for CI header or */
p
[1] < 2 || /* CI length too small or */
p
[1] > l
) { /* CI length too big? */
LCPDEBUG((LOG_WARNING
, "lcp_reqci: bad CI length!"))
orc
= CONFREJ
; /* Reject bad CI */
cilen
= l
; /* Reject till end of packet */
l
= 0; /* Don't loop again */
GETCHAR(citype
, p
); /* Parse CI type */
GETCHAR(cilen
, p
); /* Parse CI length */
l
-= cilen
; /* Adjust remaining length */
cilen
-= 2; /* Adjust cilen to just data */
switch (citype
) { /* Check CI type */
LCPDEBUG((LOG_INFO
, "lcp_reqci: rcvd MRU"))
if (!ao
->neg_mru
|| /* Allow option? */
cilen
!= sizeof (short)) { /* Check CI length */
INCPTR(cilen
, p
); /* Skip rest of CI */
orc
= CONFREJ
; /* Reject CI */
GETSHORT(cishort
, p
); /* Parse MRU */
LCPDEBUG((LOG_INFO
, "(%d)", cishort
))
* He must be able to receive at least our minimum.
* No need to check a maximum. If he sends a large number,
orc
= CONFNAK
; /* Nak CI */
DECPTR(sizeof (short), p
); /* Backup */
PUTSHORT(MINMRU
, p
); /* Give him a hint */
ho
->neg_mru
= 1; /* Remember he sent and MRU */
ho
->mru
= cishort
; /* And remember value */
LCPDEBUG((LOG_INFO
, "lcp_reqci: rcvd ASYNCMAP"))
cilen
!= sizeof (long)) {
LCPDEBUG((LOG_INFO
, "(%lx)", cilong
))
/* XXX Accept anything he says */
* Asyncmap must be OR of two maps.
if ((lcp_wantoptions
[f
->unit
].neg_asyncmap
&&
cilong
!= (lcp_wantoptions
[f
->unit
].asyncmap
| cilong
)) ||
(!lcp_wantoptions
[f
->unit
].neg_asyncmap
&&
DECPTR(sizeof (long), p
);
PUTLONG(lcp_wantoptions
[f
->unit
].neg_asyncmap
?
lcp_wantoptions
[f
->unit
].asyncmap
| cilong
:
if (cilen
< sizeof (short) ||
(!ao
->neg_upap
&& !ao
->neg_chap
)) {
"lcp_reqci: rcvd AUTHTYPE, rejecting ...!"))
LCPDEBUG((LOG_INFO
, "lcp_reqci: rcvd AUTHTYPE (%x)",
* Authtype must be UPAP or CHAP.
INCPTR(cilen
- sizeof (u_short
), p
);
if (!ao
->neg_upap
) { /* we don't want to do PAP */
"lcp_reqci: rcvd AUTHTYPE PAP, rejecting..."))
else if (cishort
== CHAP
) {
INCPTR(cilen
- sizeof (u_short
), p
);
if (!ao
->neg_chap
) { /* we don't want to do CHAP */
"lcp_reqci: rcvd AUTHTYPE CHAP, rejecting..."))
GETCHAR(cichar
, p
); /* get digest type*/
if (cichar
!= ao
->chap_mdtype
) {
DECPTR(sizeof (u_char
), p
);
PUTCHAR(ao
->chap_mdtype
, p
);
INCPTR(cilen
- sizeof(u_char
), p
);
ho
->chap_mdtype
= cichar
; /* save md type */
GETCHAR(cichar
, p
); /* get callback type*/
if (cichar
!= ao
->chap_callback
) { /* we don't callback yet */
DECPTR(sizeof (u_char
), p
);
PUTCHAR(CHAP_NOCALLBACK
, p
);
INCPTR(cilen
- sizeof(u_char
), p
);
ho
->chap_callback
= cichar
; /* save callback */
DECPTR(sizeof (short), p
);
if (ao
->neg_chap
) { /* We prefer CHAP */
syslog(LOG_ERR
, "Coding botch in lcp_reqci authnak. This shouldn't happen.");
INCPTR(cilen
- sizeof (u_short
), p
);
LCPDEBUG((LOG_INFO
, "lcp_reqci: rcvd MAGICNUMBER"))
if (!ao
->neg_magicnumber
||
cilen
!= sizeof (long)) {
LCPDEBUG((LOG_INFO
, "(%lx)", cilong
))
* He must have a different magic number.
if (go
->neg_magicnumber
&&
cilong
== go
->magicnumber
) {
DECPTR(sizeof (long), p
);
cilong
= magic(); /* Don't put magic() inside macro! */
ho
->magicnumber
= cilong
;
LCPDEBUG((LOG_INFO
, "lcp_reqci: rcvd PCOMPRESSION"))
if (!ao
->neg_pcompression
||
ho
->neg_pcompression
= 1;
LCPDEBUG((LOG_INFO
, "lcp_reqci: rcvd ACCOMPRESSION"))
if (!ao
->neg_accompression
||
ho
->neg_accompression
= 1;
LCPDEBUG((LOG_INFO
, "lcp_reqci: rcvd unknown option %d",
cilen
+= 2; /* Adjust cilen whole CI */
LCPDEBUG((LOG_INFO
, " (%s)",
orc
== CONFACK
? "ACK" : (orc
== CONFNAK
? "NAK" : "REJ")))
if (orc
== CONFACK
&& /* Good CI */
rc
!= CONFACK
) /* but prior CI wasnt? */
continue; /* Don't send this one */
if (orc
== CONFNAK
) { /* Nak this CI? */
if (rc
== CONFREJ
) /* Rejecting prior CI? */
continue; /* Don't send this one */
if (rc
== CONFACK
) { /* Ack'd all prior CIs? */
rc
= CONFNAK
; /* Not anymore... */
if (orc
== CONFREJ
&& /* Reject this CI */
rc
!= CONFREJ
) { /* but no prior ones? */
if (ucp
!= cip
) /* Need to move CI? */
BCOPY(cip
, ucp
, cilen
); /* Move it */
INCPTR(cilen
, ucp
); /* Update output pointer */
* XXX If we wanted to send additional NAKs (for unsent CIs), the
* code would go here. This must be done with care since it might
* require a longer packet than we received.
*len
= ucp
- inp
; /* Compute output length */
LCPDEBUG((LOG_INFO
, "lcp_reqci: returning %s.",
rc
== CONFACK
? "CONFACK" :
rc
== CONFNAK
? "CONFNAK" : "CONFREJ"))
return (rc
); /* Return final code */
* lcp_up - LCP has come UP.
lcp_options
*ho
= &lcp_hisoptions
[f
->unit
];
lcp_options
*go
= &lcp_gotoptions
[f
->unit
];
SIFMTU(f
->unit
, ho
->mru
);
SIFASYNCMAP(f
->unit
, ho
->asyncmap
);
if (ho
->neg_pcompression
)
SIFPCOMPRESSION(f
->unit
);
if (ho
->neg_accompression
)
SIFACCOMPRESSION(f
->unit
);
SIFUP(f
->unit
); /* Bring the interface up (set IFF_UP) */
ChapLowerUp(f
->unit
); /* Enable CHAP */
upap_lowerup(f
->unit
); /* Enable UPAP */
ipcp_lowerup(f
->unit
); /* Enable IPCP */
ChapAuthWithPeer(f
->unit
);
upap_authwithpeer(f
->unit
);
ipcp_activeopen(f
->unit
);
* lcp_down - LCP has gone DOWN.
SIFASYNCMAP(f
->unit
, 0xffffffff);
CIFPCOMPRESSION(f
->unit
);
CIFACCOMPRESSION(f
->unit
);
* lcp_closed - LCP has CLOSED.
if (lcp_wantoptions
[f
->unit
].restart
) {
if (lcp_wantoptions
[f
->unit
].passive
)
lcp_passiveopen(f
->unit
); /* Start protocol in passive mode */
lcp_activeopen(f
->unit
); /* Start protocol in active mode */