1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3 *
4 * Copyright (c) 2001 Brian Somers <brian@Awfulhak.org>
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 *
28 * $FreeBSD$
29 */
30
31 #include <sys/param.h>
32 #include <netinet/in_systm.h>
33 #include <netinet/in.h>
34 #include <netinet/ip.h>
35 #include <sys/socket.h>
36 #include <net/route.h>
37 #include <sys/un.h>
38
39 #include <errno.h>
40 #include <resolv.h>
41 #include <stdarg.h>
42 #include <stdlib.h>
43 #include <string.h>
44 #include <termios.h>
45
46 #include "layer.h"
47 #include "defs.h"
48 #include "command.h"
49 #include "mbuf.h"
50 #include "log.h"
51 #include "timer.h"
52 #include "fsm.h"
53 #include "iplist.h"
54 #include "throughput.h"
55 #include "slcompress.h"
56 #include "lqr.h"
57 #include "hdlc.h"
58 #include "lcp.h"
59 #include "ncpaddr.h"
60 #include "ipcp.h"
61 #include "filter.h"
62 #include "descriptor.h"
63 #include "async.h"
64 #include "ccp.h"
65 #include "link.h"
66 #include "physical.h"
67 #include "mp.h"
68 #ifndef NORADIUS
69 #include "radius.h"
70 #endif
71 #include "ipv6cp.h"
72 #include "ncp.h"
73 #include "bundle.h"
74 #include "prompt.h"
75 #include "route.h"
76 #include "iface.h"
77 #include "chat.h"
78 #include "auth.h"
79 #include "chap.h"
80 #include "cbcp.h"
81 #include "datalink.h"
82
83
84 static u_short default_urgent_tcp_ports[] = {
85 21, /* ftp */
86 22, /* ssh */
87 23, /* telnet */
88 513, /* login */
89 514, /* shell */
90 543, /* klogin */
91 544 /* kshell */
92 };
93
94 #define NDEFTCPPORTS \
95 (sizeof default_urgent_tcp_ports / sizeof default_urgent_tcp_ports[0])
96
97 void
ncp_Init(struct ncp * ncp,struct bundle * bundle)98 ncp_Init(struct ncp *ncp, struct bundle *bundle)
99 {
100 ncp->afq = AF_INET;
101 ncp->route = NULL;
102
103 ncp->cfg.urgent.tcp.port = (u_short *)malloc(NDEFTCPPORTS * sizeof(u_short));
104 if (ncp->cfg.urgent.tcp.port == NULL) {
105 log_Printf(LogERROR, "ncp_Init: Out of memory allocating urgent ports\n");
106 ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = 0;
107 } else {
108 ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = NDEFTCPPORTS;
109 memcpy(ncp->cfg.urgent.tcp.port, default_urgent_tcp_ports,
110 NDEFTCPPORTS * sizeof(u_short));
111 }
112 ncp->cfg.urgent.tos = 1;
113
114 ncp->cfg.urgent.udp.nports = ncp->cfg.urgent.udp.maxports = 0;
115 ncp->cfg.urgent.udp.port = NULL;
116
117 mp_Init(&ncp->mp, bundle);
118
119 /* Send over the first physical link by default */
120 ipcp_Init(&ncp->ipcp, bundle, &bundle->links->physical->link,
121 &bundle->fsm);
122 #ifndef NOINET6
123 ipv6cp_Init(&ncp->ipv6cp, bundle, &bundle->links->physical->link,
124 &bundle->fsm);
125 #endif
126 }
127
128 void
ncp_Destroy(struct ncp * ncp)129 ncp_Destroy(struct ncp *ncp)
130 {
131 ipcp_Destroy(&ncp->ipcp);
132 #ifndef NOINET6
133 ipv6cp_Destroy(&ncp->ipv6cp);
134 #endif
135
136 if (ncp->cfg.urgent.tcp.maxports) {
137 ncp->cfg.urgent.tcp.nports = ncp->cfg.urgent.tcp.maxports = 0;
138 free(ncp->cfg.urgent.tcp.port);
139 ncp->cfg.urgent.tcp.port = NULL;
140 }
141 if (ncp->cfg.urgent.udp.maxports) {
142 ncp->cfg.urgent.udp.nports = ncp->cfg.urgent.udp.maxports = 0;
143 free(ncp->cfg.urgent.udp.port);
144 ncp->cfg.urgent.udp.port = NULL;
145 }
146 }
147
148 int
ncp_fsmStart(struct ncp * ncp,struct bundle * bundle __unused)149 ncp_fsmStart(struct ncp *ncp,
150 #ifdef NOINET6
151 struct bundle *bundle __unused
152 #else
153 struct bundle *bundle
154 #endif
155 )
156 {
157 int res = 0;
158
159 #ifndef NOINET6
160 if (Enabled(bundle, OPT_IPCP)) {
161 #endif
162 fsm_Up(&ncp->ipcp.fsm);
163 fsm_Open(&ncp->ipcp.fsm);
164 res++;
165 #ifndef NOINET6
166 }
167
168 if (Enabled(bundle, OPT_IPV6CP)) {
169 fsm_Up(&ncp->ipv6cp.fsm);
170 fsm_Open(&ncp->ipv6cp.fsm);
171 res++;
172 }
173 #endif
174
175 return res;
176 }
177
178 void
ncp_IfaceAddrAdded(struct ncp * ncp,const struct iface_addr * addr)179 ncp_IfaceAddrAdded(struct ncp *ncp, const struct iface_addr *addr)
180 {
181 switch (ncprange_family(&addr->ifa)) {
182 case AF_INET:
183 ipcp_IfaceAddrAdded(&ncp->ipcp, addr);
184 break;
185 #ifndef NOINET6
186 case AF_INET6:
187 ipv6cp_IfaceAddrAdded(&ncp->ipv6cp, addr);
188 break;
189 #endif
190 }
191 }
192
193 void
ncp_IfaceAddrDeleted(struct ncp * ncp,const struct iface_addr * addr)194 ncp_IfaceAddrDeleted(struct ncp *ncp, const struct iface_addr *addr)
195 {
196 if (ncprange_family(&addr->ifa) == AF_INET)
197 ipcp_IfaceAddrDeleted(&ncp->ipcp, addr);
198 }
199
200 void
ncp_SetLink(struct ncp * ncp,struct link * l)201 ncp_SetLink(struct ncp *ncp, struct link *l)
202 {
203 ipcp_SetLink(&ncp->ipcp, l);
204 #ifndef NOINET6
205 ipv6cp_SetLink(&ncp->ipv6cp, l);
206 #endif
207 }
208
209 /*
210 * Enqueue a packet of the given address family. Nothing will make it
211 * down to the physical link level 'till ncp_FillPhysicalQueues() is used.
212 */
213 void
ncp_Enqueue(struct ncp * ncp,int af,unsigned pri,char * ptr,int count)214 ncp_Enqueue(struct ncp *ncp, int af, unsigned pri, char *ptr, int count)
215 {
216 #ifndef NOINET6
217 struct ipv6cp *ipv6cp = &ncp->ipv6cp;
218 #endif
219 struct ipcp *ipcp = &ncp->ipcp;
220 struct mbuf *bp;
221
222 /*
223 * We allocate an extra 6 bytes, four at the front and two at the end.
224 * This is an optimisation so that we need to do less work in
225 * m_prepend() in acf_LayerPush() and proto_LayerPush() and
226 * appending in hdlc_LayerPush().
227 */
228
229 switch (af) {
230 case AF_INET:
231 if (pri >= IPCP_QUEUES(ipcp)) {
232 log_Printf(LogERROR, "Can't store in ip queue %u\n", pri);
233 break;
234 }
235
236 bp = m_get(count + 6, MB_IPOUT);
237 bp->m_offset += 4;
238 bp->m_len -= 6;
239 memcpy(MBUF_CTOP(bp), ptr, count);
240 m_enqueue(ipcp->Queue + pri, bp);
241 break;
242
243 #ifndef NOINET6
244 case AF_INET6:
245 if (pri >= IPV6CP_QUEUES(ipcp)) {
246 log_Printf(LogERROR, "Can't store in ipv6 queue %u\n", pri);
247 break;
248 }
249
250 bp = m_get(count + 6, MB_IPOUT);
251 bp->m_offset += 4;
252 bp->m_len -= 6;
253 memcpy(MBUF_CTOP(bp), ptr, count);
254 m_enqueue(ipv6cp->Queue + pri, bp);
255 break;
256 #endif
257
258 default:
259 log_Printf(LogERROR, "Can't enqueue protocol family %d\n", af);
260 }
261 }
262
263 /*
264 * How many packets are queued to go out ?
265 */
266 size_t
ncp_QueueLen(struct ncp * ncp)267 ncp_QueueLen(struct ncp *ncp)
268 {
269 size_t result;
270
271 result = ipcp_QueueLen(&ncp->ipcp);
272 #ifndef NOINET6
273 result += ipv6cp_QueueLen(&ncp->ipv6cp);
274 #endif
275 result += mp_QueueLen(&ncp->mp); /* Usually empty */
276
277 return result;
278 }
279
280 /*
281 * Ditch all queued packets. This is usually done after our choked timer
282 * has fired - which happens because we couldn't send any traffic over
283 * any links for some time.
284 */
285 void
ncp_DeleteQueues(struct ncp * ncp)286 ncp_DeleteQueues(struct ncp *ncp)
287 {
288 #ifndef NOINET6
289 struct ipv6cp *ipv6cp = &ncp->ipv6cp;
290 #endif
291 struct ipcp *ipcp = &ncp->ipcp;
292 struct mp *mp = &ncp->mp;
293 struct mqueue *q;
294
295 for (q = ipcp->Queue; q < ipcp->Queue + IPCP_QUEUES(ipcp); q++)
296 while (q->top)
297 m_freem(m_dequeue(q));
298
299 #ifndef NOINET6
300 for (q = ipv6cp->Queue; q < ipv6cp->Queue + IPV6CP_QUEUES(ipv6cp); q++)
301 while (q->top)
302 m_freem(m_dequeue(q));
303 #endif
304
305 link_DeleteQueue(&mp->link); /* Usually empty anyway */
306 }
307
308 /*
309 * Arrange that each of our links has at least one packet. We keep the
310 * number of packets queued at the link level to a minimum so that the
311 * loss of a link in multi-link mode results in the minimum number of
312 * dropped packets.
313 */
314 size_t
ncp_FillPhysicalQueues(struct ncp * ncp,struct bundle * bundle)315 ncp_FillPhysicalQueues(struct ncp *ncp, struct bundle *bundle)
316 {
317 size_t total;
318
319 if (bundle->ncp.mp.active)
320 total = mp_FillPhysicalQueues(bundle);
321 else {
322 struct datalink *dl;
323 size_t add;
324
325 for (total = 0, dl = bundle->links; dl; dl = dl->next)
326 if (dl->state == DATALINK_OPEN) {
327 add = link_QueueLen(&dl->physical->link);
328 if (add == 0 && dl->physical->out == NULL)
329 add = ncp_PushPacket(ncp, &ncp->afq, &dl->physical->link);
330 total += add;
331 }
332 }
333
334 return total + ncp_QueueLen(&bundle->ncp);
335 }
336
337 /*
338 * Push a packet into the given link. ``af'' is used as a persistent record
339 * of what is to be pushed next, coming either from mp->out or ncp->afq.
340 */
341 int
ncp_PushPacket(struct ncp * ncp __unused,int * af __unused,struct link * l)342 ncp_PushPacket(struct ncp *ncp __unused,
343 #ifdef NOINET6
344 int *af __unused,
345 #else
346 int *af,
347 #endif
348 struct link *l)
349 {
350 struct bundle *bundle = l->lcp.fsm.bundle;
351 int res;
352
353 #ifndef NOINET6
354 if (*af == AF_INET) {
355 if ((res = ipcp_PushPacket(&bundle->ncp.ipcp, l)))
356 *af = AF_INET6;
357 else
358 res = ipv6cp_PushPacket(&bundle->ncp.ipv6cp, l);
359 } else {
360 if ((res = ipv6cp_PushPacket(&bundle->ncp.ipv6cp, l)))
361 *af = AF_INET;
362 else
363 res = ipcp_PushPacket(&bundle->ncp.ipcp, l);
364 }
365 #else
366 res = ipcp_PushPacket(&bundle->ncp.ipcp, l);
367 #endif
368
369 return res;
370 }
371
372 int
ncp_IsUrgentPort(struct port_range * range,u_short src,u_short dst)373 ncp_IsUrgentPort(struct port_range *range, u_short src, u_short dst)
374 {
375 unsigned f;
376
377 for (f = 0; f < range->nports; f++)
378 if (range->port[f] == src || range->port[f] == dst)
379 return 1;
380
381 return 0;
382 }
383
384 void
ncp_AddUrgentPort(struct port_range * range,u_short port)385 ncp_AddUrgentPort(struct port_range *range, u_short port)
386 {
387 u_short *newport;
388 unsigned p;
389
390 if (range->nports == range->maxports) {
391 range->maxports += 10;
392 newport = (u_short *)realloc(range->port,
393 range->maxports * sizeof(u_short));
394 if (newport == NULL) {
395 log_Printf(LogERROR, "ncp_AddUrgentPort: realloc: %s\n",
396 strerror(errno));
397 range->maxports -= 10;
398 return;
399 }
400 range->port = newport;
401 }
402
403 for (p = 0; p < range->nports; p++)
404 if (range->port[p] == port) {
405 log_Printf(LogWARN, "%u: Port already set to urgent\n", port);
406 break;
407 } else if (range->port[p] > port) {
408 memmove(range->port + p + 1, range->port + p,
409 (range->nports - p) * sizeof(u_short));
410 range->port[p] = port;
411 range->nports++;
412 break;
413 }
414
415 if (p == range->nports)
416 range->port[range->nports++] = port;
417 }
418
419 void
ncp_RemoveUrgentPort(struct port_range * range,u_short port)420 ncp_RemoveUrgentPort(struct port_range *range, u_short port)
421 {
422 unsigned p;
423
424 for (p = 0; p < range->nports; p++)
425 if (range->port[p] == port) {
426 if (p + 1 != range->nports)
427 memmove(range->port + p, range->port + p + 1,
428 (range->nports - p - 1) * sizeof(u_short));
429 range->nports--;
430 return;
431 }
432
433 if (p == range->nports)
434 log_Printf(LogWARN, "%u: Port not set to urgent\n", port);
435 }
436
437 void
ncp_ClearUrgentPorts(struct port_range * range)438 ncp_ClearUrgentPorts(struct port_range *range)
439 {
440 range->nports = 0;
441 }
442
443 int
ncp_Show(struct cmdargs const * arg)444 ncp_Show(struct cmdargs const *arg)
445 {
446 struct ncp *ncp = &arg->bundle->ncp;
447 unsigned p;
448
449 #ifndef NOINET6
450 prompt_Printf(arg->prompt, "Next queued AF: %s\n",
451 ncp->afq == AF_INET6 ? "inet6" : "inet");
452 #endif
453
454 if (ncp->route) {
455 prompt_Printf(arg->prompt, "\n");
456 route_ShowSticky(arg->prompt, ncp->route, "Sticky routes", 1);
457 }
458
459 prompt_Printf(arg->prompt, "\nDefaults:\n");
460 prompt_Printf(arg->prompt, " sendpipe: ");
461 if (ncp->cfg.sendpipe > 0)
462 prompt_Printf(arg->prompt, "%-20ld\n", ncp->cfg.sendpipe);
463 else
464 prompt_Printf(arg->prompt, "unspecified\n");
465 prompt_Printf(arg->prompt, " recvpipe: ");
466 if (ncp->cfg.recvpipe > 0)
467 prompt_Printf(arg->prompt, "%ld\n", ncp->cfg.recvpipe);
468 else
469 prompt_Printf(arg->prompt, "unspecified\n");
470
471 prompt_Printf(arg->prompt, "\n Urgent ports\n");
472 prompt_Printf(arg->prompt, " TCP: ");
473 if (ncp->cfg.urgent.tcp.nports == 0)
474 prompt_Printf(arg->prompt, "none");
475 else
476 for (p = 0; p < ncp->cfg.urgent.tcp.nports; p++) {
477 if (p)
478 prompt_Printf(arg->prompt, ", ");
479 prompt_Printf(arg->prompt, "%u", ncp->cfg.urgent.tcp.port[p]);
480 }
481
482 prompt_Printf(arg->prompt, "\n UDP: ");
483 if (ncp->cfg.urgent.udp.nports == 0)
484 prompt_Printf(arg->prompt, "none");
485 else
486 for (p = 0; p < ncp->cfg.urgent.udp.nports; p++) {
487 if (p)
488 prompt_Printf(arg->prompt, ", ");
489 prompt_Printf(arg->prompt, "%u", ncp->cfg.urgent.udp.port[p]);
490 }
491 prompt_Printf(arg->prompt, "\n TOS: %s\n\n",
492 ncp->cfg.urgent.tos ? "yes" : "no");
493
494 return 0;
495 }
496
497 int
ncp_LayersOpen(struct ncp * ncp)498 ncp_LayersOpen(struct ncp *ncp)
499 {
500 int n;
501
502 n = !!(ncp->ipcp.fsm.state == ST_OPENED);
503 #ifndef NOINET6
504 n += !!(ncp->ipv6cp.fsm.state == ST_OPENED);
505 #endif
506
507 return n;
508 }
509
510 int
ncp_LayersUnfinished(struct ncp * ncp)511 ncp_LayersUnfinished(struct ncp *ncp)
512 {
513 int n = 0;
514
515 if (ncp->ipcp.fsm.state > ST_CLOSED ||
516 ncp->ipcp.fsm.state == ST_STARTING)
517 n++;
518
519 #ifndef NOINET6
520 if (ncp->ipv6cp.fsm.state > ST_CLOSED ||
521 ncp->ipv6cp.fsm.state == ST_STARTING)
522 n++;
523 #endif
524
525 return n;
526 }
527
528 void
ncp_Close(struct ncp * ncp)529 ncp_Close(struct ncp *ncp)
530 {
531 if (ncp->ipcp.fsm.state > ST_CLOSED ||
532 ncp->ipcp.fsm.state == ST_STARTING)
533 fsm_Close(&ncp->ipcp.fsm);
534
535 #ifndef NOINET6
536 if (ncp->ipv6cp.fsm.state > ST_CLOSED ||
537 ncp->ipv6cp.fsm.state == ST_STARTING)
538 fsm_Close(&ncp->ipv6cp.fsm);
539 #endif
540 }
541
542 void
ncp2initial(struct ncp * ncp)543 ncp2initial(struct ncp *ncp)
544 {
545 fsm2initial(&ncp->ipcp.fsm);
546 #ifndef NOINET6
547 fsm2initial(&ncp->ipv6cp.fsm);
548 #endif
549 }
550