1 /*-
2 * Copyright (c) 1996 - 2001 Brian Somers <brian@Awfulhak.org>
3 * based on work by Toshiharu OHNO <tony-o@iij.ad.jp>
4 * Internet Initiative Japan, Inc (IIJ)
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 *
28 * $OpenBSD: fsm.c,v 1.24 2005/07/17 20:24:45 brad Exp $
29 */
30
31 #include <sys/param.h>
32 #include <netinet/in.h>
33 #include <netinet/in_systm.h>
34 #include <netinet/ip.h>
35 #include <sys/socket.h>
36 #include <sys/un.h>
37
38 #include <string.h>
39 #include <termios.h>
40
41 #include "layer.h"
42 #include "ua.h"
43 #include "mbuf.h"
44 #include "log.h"
45 #include "defs.h"
46 #include "timer.h"
47 #include "fsm.h"
48 #include "iplist.h"
49 #include "lqr.h"
50 #include "hdlc.h"
51 #include "throughput.h"
52 #include "slcompress.h"
53 #include "ncpaddr.h"
54 #include "ipcp.h"
55 #include "filter.h"
56 #include "descriptor.h"
57 #include "lcp.h"
58 #include "ccp.h"
59 #include "link.h"
60 #include "mp.h"
61 #ifndef NORADIUS
62 #include "radius.h"
63 #endif
64 #include "ipv6cp.h"
65 #include "ncp.h"
66 #include "bundle.h"
67 #include "async.h"
68 #include "physical.h"
69 #include "proto.h"
70
71 __RCSID("$MirOS: src/usr.sbin/ppp/ppp/fsm.c,v 1.3 2005/12/04 15:02:26 tg Exp $");
72
73 static void FsmSendConfigReq(struct fsm *);
74 static void FsmSendTerminateReq(struct fsm *);
75 static void FsmInitRestartCounter(struct fsm *, int);
76
77 typedef void (recvfn)(struct fsm *, struct fsmheader *, struct mbuf *);
78 static recvfn FsmRecvConfigReq, FsmRecvConfigAck, FsmRecvConfigNak,
79 FsmRecvConfigRej, FsmRecvTermReq, FsmRecvTermAck,
80 FsmRecvCodeRej, FsmRecvProtoRej, FsmRecvEchoReq,
81 FsmRecvEchoRep, FsmRecvDiscReq, FsmRecvIdent,
82 FsmRecvTimeRemain, FsmRecvResetReq, FsmRecvResetAck;
83
84 static const struct fsmcodedesc {
85 recvfn *recv;
86 unsigned check_reqid : 1;
87 unsigned inc_reqid : 1;
88 const char *name;
89 } FsmCodes[] = {
90 { FsmRecvConfigReq, 0, 0, "ConfigReq" },
91 { FsmRecvConfigAck, 1, 1, "ConfigAck" },
92 { FsmRecvConfigNak, 1, 1, "ConfigNak" },
93 { FsmRecvConfigRej, 1, 1, "ConfigRej" },
94 { FsmRecvTermReq, 0, 0, "TerminateReq" },
95 { FsmRecvTermAck, 1, 1, "TerminateAck" },
96 { FsmRecvCodeRej, 0, 0, "CodeRej" },
97 { FsmRecvProtoRej, 0, 0, "ProtocolRej" },
98 { FsmRecvEchoReq, 0, 0, "EchoRequest" },
99 { FsmRecvEchoRep, 0, 0, "EchoReply" },
100 { FsmRecvDiscReq, 0, 0, "DiscardReq" },
101 { FsmRecvIdent, 0, 1, "Ident" },
102 { FsmRecvTimeRemain,0, 0, "TimeRemain" },
103 { FsmRecvResetReq, 0, 0, "ResetReq" },
104 { FsmRecvResetAck, 0, 1, "ResetAck" }
105 };
106
107 static const char *
Code2Nam(u_int code)108 Code2Nam(u_int code)
109 {
110 if (code == 0 || code > sizeof FsmCodes / sizeof FsmCodes[0])
111 return "Unknown";
112 return FsmCodes[code-1].name;
113 }
114
115 const char *
State2Nam(u_int state)116 State2Nam(u_int state)
117 {
118 static const char * const StateNames[] = {
119 "Initial", "Starting", "Closed", "Stopped", "Closing", "Stopping",
120 "Req-Sent", "Ack-Rcvd", "Ack-Sent", "Opened",
121 };
122
123 if (state >= sizeof StateNames / sizeof StateNames[0])
124 return "unknown";
125 return StateNames[state];
126 }
127
128 static void
StoppedTimeout(void * v)129 StoppedTimeout(void *v)
130 {
131 struct fsm *fp = (struct fsm *)v;
132
133 log_Printf(fp->LogLevel, "%s: Stopped timer expired\n", fp->link->name);
134 if (fp->OpenTimer.state == TIMER_RUNNING) {
135 log_Printf(LogWARN, "%s: %s: aborting open delay due to stopped timer\n",
136 fp->link->name, fp->name);
137 timer_Stop(&fp->OpenTimer);
138 }
139 if (fp->state == ST_STOPPED)
140 fsm2initial(fp);
141 }
142
143 void
fsm_Init(struct fsm * fp,const char * name,u_short proto,int mincode,int maxcode,int LogLevel,struct bundle * bundle,struct link * l,const struct fsm_parent * parent,struct fsm_callbacks * fn,const char * const timer_names[3])144 fsm_Init(struct fsm *fp, const char *name, u_short proto, int mincode,
145 int maxcode, int LogLevel, struct bundle *bundle,
146 struct link *l, const struct fsm_parent *parent,
147 struct fsm_callbacks *fn, const char * const timer_names[3])
148 {
149 fp->name = name;
150 fp->proto = proto;
151 fp->min_code = mincode;
152 fp->max_code = maxcode;
153 fp->state = fp->min_code > CODE_TERMACK ? ST_OPENED : ST_INITIAL;
154 fp->reqid = 1;
155 fp->restart = 1;
156 fp->more.reqs = fp->more.naks = fp->more.rejs = 3;
157 memset(&fp->FsmTimer, '\0', sizeof fp->FsmTimer);
158 memset(&fp->OpenTimer, '\0', sizeof fp->OpenTimer);
159 memset(&fp->StoppedTimer, '\0', sizeof fp->StoppedTimer);
160 fp->LogLevel = LogLevel;
161 fp->link = l;
162 fp->bundle = bundle;
163 fp->parent = parent;
164 fp->fn = fn;
165 fp->FsmTimer.name = timer_names[0];
166 fp->OpenTimer.name = timer_names[1];
167 fp->StoppedTimer.name = timer_names[2];
168 }
169
170 static void
NewState(struct fsm * fp,int new)171 NewState(struct fsm *fp, int new)
172 {
173 log_Printf(fp->LogLevel, "%s: State change %s --> %s\n",
174 fp->link->name, State2Nam(fp->state), State2Nam(new));
175 if (fp->state == ST_STOPPED && fp->StoppedTimer.state == TIMER_RUNNING)
176 timer_Stop(&fp->StoppedTimer);
177 fp->state = new;
178 if ((new >= ST_INITIAL && new <= ST_STOPPED) || (new == ST_OPENED)) {
179 timer_Stop(&fp->FsmTimer);
180 if (new == ST_STOPPED && fp->StoppedTimer.load) {
181 timer_Stop(&fp->StoppedTimer);
182 fp->StoppedTimer.func = StoppedTimeout;
183 fp->StoppedTimer.arg = (void *) fp;
184 timer_Start(&fp->StoppedTimer);
185 }
186 }
187 }
188
189 void
fsm_Output(struct fsm * fp,u_int code,u_int id,u_char * ptr,int count,int mtype)190 fsm_Output(struct fsm *fp, u_int code, u_int id, u_char *ptr, int count,
191 int mtype)
192 {
193 int plen;
194 struct fsmheader lh;
195 struct mbuf *bp;
196 u_char *tmp;
197
198 if (log_IsKept(fp->LogLevel)) {
199 log_Printf(fp->LogLevel, "%s: Send%s(%d) state = %s\n",
200 fp->link->name, Code2Nam(code), id, State2Nam(fp->state));
201 switch (code) {
202 case CODE_CONFIGREQ:
203 case CODE_CONFIGACK:
204 case CODE_CONFIGREJ:
205 case CODE_CONFIGNAK:
206 (*fp->fn->DecodeConfig)(fp, ptr, ptr + count, MODE_NOP, NULL);
207 if (count < sizeof(struct fsm_opt_hdr))
208 log_Printf(fp->LogLevel, " [EMPTY]\n");
209 break;
210 }
211 }
212
213 plen = sizeof(struct fsmheader) + count;
214 lh.code = code;
215 lh.id = id;
216 lh.length = htons(plen);
217 bp = m_get(plen, mtype);
218 if ((tmp = MBUF_CTOP(bp)) != NULL)
219 memcpy(tmp, &lh, sizeof(struct fsmheader));
220 if (count)
221 if ((tmp = MBUF_CTOP(bp)) != NULL)
222 memcpy(tmp + sizeof(struct fsmheader), ptr, count);
223 log_DumpBp(LogDEBUG, "fsm_Output", bp);
224 link_PushPacket(fp->link, bp, fp->bundle, LINK_QUEUES(fp->link) - 1,
225 fp->proto);
226
227 if (code == CODE_CONFIGREJ)
228 lcp_SendIdentification(&fp->link->lcp);
229 }
230
231 static void
FsmOpenNow(void * v)232 FsmOpenNow(void *v)
233 {
234 struct fsm *fp = (struct fsm *)v;
235
236 timer_Stop(&fp->OpenTimer);
237 if (fp->state <= ST_STOPPED) {
238 if (fp->state != ST_STARTING) {
239 /*
240 * In practice, we're only here in ST_STOPPED (when delaying the
241 * first config request) or ST_CLOSED (when openmode == 0).
242 *
243 * The ST_STOPPED bit is breaking the RFC already :-(
244 *
245 * According to the RFC (1661) state transition table, a TLS isn't
246 * required for an Open event when state == Closed, but the RFC
247 * must be wrong as TLS hasn't yet been called (since the last TLF)
248 * ie, Initial gets an `Up' event, Closing gets a RTA etc.
249 */
250 (*fp->fn->LayerStart)(fp);
251 (*fp->parent->LayerStart)(fp->parent->object, fp);
252 }
253 FsmInitRestartCounter(fp, FSM_REQ_TIMER);
254 FsmSendConfigReq(fp);
255 NewState(fp, ST_REQSENT);
256 }
257 }
258
259 void
fsm_Open(struct fsm * fp)260 fsm_Open(struct fsm *fp)
261 {
262 switch (fp->state) {
263 case ST_INITIAL:
264 NewState(fp, ST_STARTING);
265 (*fp->fn->LayerStart)(fp);
266 (*fp->parent->LayerStart)(fp->parent->object, fp);
267 break;
268 case ST_CLOSED:
269 if (fp->open_mode == OPEN_PASSIVE) {
270 NewState(fp, ST_STOPPED); /* XXX: This is a hack ! */
271 } else if (fp->open_mode > 0) {
272 if (fp->open_mode > 1)
273 log_Printf(LogPHASE, "%s: Entering STOPPED state for %d seconds\n",
274 fp->link->name, fp->open_mode);
275 NewState(fp, ST_STOPPED); /* XXX: This is a not-so-bad hack ! */
276 timer_Stop(&fp->OpenTimer);
277 fp->OpenTimer.load = fp->open_mode * SECTICKS;
278 fp->OpenTimer.func = FsmOpenNow;
279 fp->OpenTimer.arg = (void *)fp;
280 timer_Start(&fp->OpenTimer);
281 } else
282 FsmOpenNow(fp);
283 break;
284 case ST_STOPPED: /* XXX: restart option */
285 case ST_REQSENT:
286 case ST_ACKRCVD:
287 case ST_ACKSENT:
288 case ST_OPENED: /* XXX: restart option */
289 break;
290 case ST_CLOSING: /* XXX: restart option */
291 case ST_STOPPING: /* XXX: restart option */
292 NewState(fp, ST_STOPPING);
293 break;
294 }
295 }
296
297 void
fsm_Up(struct fsm * fp)298 fsm_Up(struct fsm *fp)
299 {
300 switch (fp->state) {
301 case ST_INITIAL:
302 log_Printf(fp->LogLevel, "FSM: Using \"%s\" as a transport\n",
303 fp->link->name);
304 NewState(fp, ST_CLOSED);
305 break;
306 case ST_STARTING:
307 FsmInitRestartCounter(fp, FSM_REQ_TIMER);
308 FsmSendConfigReq(fp);
309 NewState(fp, ST_REQSENT);
310 break;
311 default:
312 log_Printf(fp->LogLevel, "%s: Oops, Up at %s\n",
313 fp->link->name, State2Nam(fp->state));
314 break;
315 }
316 }
317
318 void
fsm_Down(struct fsm * fp)319 fsm_Down(struct fsm *fp)
320 {
321 switch (fp->state) {
322 case ST_CLOSED:
323 NewState(fp, ST_INITIAL);
324 break;
325 case ST_CLOSING:
326 /* This TLF contradicts the RFC (1661), which ``misses it out'' ! */
327 (*fp->fn->LayerFinish)(fp);
328 NewState(fp, ST_INITIAL);
329 (*fp->parent->LayerFinish)(fp->parent->object, fp);
330 break;
331 case ST_STOPPED:
332 NewState(fp, ST_STARTING);
333 (*fp->fn->LayerStart)(fp);
334 (*fp->parent->LayerStart)(fp->parent->object, fp);
335 break;
336 case ST_STOPPING:
337 case ST_REQSENT:
338 case ST_ACKRCVD:
339 case ST_ACKSENT:
340 NewState(fp, ST_STARTING);
341 break;
342 case ST_OPENED:
343 (*fp->fn->LayerDown)(fp);
344 NewState(fp, ST_STARTING);
345 (*fp->parent->LayerDown)(fp->parent->object, fp);
346 break;
347 }
348 }
349
350 void
fsm_Close(struct fsm * fp)351 fsm_Close(struct fsm *fp)
352 {
353 switch (fp->state) {
354 case ST_STARTING:
355 (*fp->fn->LayerFinish)(fp);
356 NewState(fp, ST_INITIAL);
357 (*fp->parent->LayerFinish)(fp->parent->object, fp);
358 break;
359 case ST_STOPPED:
360 NewState(fp, ST_CLOSED);
361 break;
362 case ST_STOPPING:
363 NewState(fp, ST_CLOSING);
364 break;
365 case ST_OPENED:
366 (*fp->fn->LayerDown)(fp);
367 if (fp->state == ST_OPENED) {
368 FsmInitRestartCounter(fp, FSM_TRM_TIMER);
369 FsmSendTerminateReq(fp);
370 NewState(fp, ST_CLOSING);
371 (*fp->parent->LayerDown)(fp->parent->object, fp);
372 }
373 break;
374 case ST_REQSENT:
375 case ST_ACKRCVD:
376 case ST_ACKSENT:
377 FsmInitRestartCounter(fp, FSM_TRM_TIMER);
378 FsmSendTerminateReq(fp);
379 NewState(fp, ST_CLOSING);
380 break;
381 }
382 }
383
384 /*
385 * Send functions
386 */
387 static void
FsmSendConfigReq(struct fsm * fp)388 FsmSendConfigReq(struct fsm *fp)
389 {
390 if (fp->more.reqs-- > 0 && fp->restart-- > 0) {
391 (*fp->fn->SendConfigReq)(fp);
392 timer_Start(&fp->FsmTimer); /* Start restart timer */
393 } else {
394 if (fp->more.reqs < 0)
395 log_Printf(LogPHASE, "%s: Too many %s REQs sent - abandoning "
396 "negotiation\n", fp->link->name, fp->name);
397 lcp_SendIdentification(&fp->link->lcp);
398 fsm_Close(fp);
399 }
400 }
401
402 static void
FsmSendTerminateReq(struct fsm * fp)403 FsmSendTerminateReq(struct fsm *fp)
404 {
405 fsm_Output(fp, CODE_TERMREQ, fp->reqid, NULL, 0, MB_UNKNOWN);
406 (*fp->fn->SentTerminateReq)(fp);
407 timer_Start(&fp->FsmTimer); /* Start restart timer */
408 fp->restart--; /* Decrement restart counter */
409 }
410
411 /*
412 * Timeout actions
413 */
414 static void
FsmTimeout(void * v)415 FsmTimeout(void *v)
416 {
417 struct fsm *fp = (struct fsm *)v;
418
419 if (fp->restart) {
420 switch (fp->state) {
421 case ST_CLOSING:
422 case ST_STOPPING:
423 FsmSendTerminateReq(fp);
424 break;
425 case ST_REQSENT:
426 case ST_ACKSENT:
427 FsmSendConfigReq(fp);
428 break;
429 case ST_ACKRCVD:
430 FsmSendConfigReq(fp);
431 NewState(fp, ST_REQSENT);
432 break;
433 }
434 timer_Start(&fp->FsmTimer);
435 } else {
436 switch (fp->state) {
437 case ST_CLOSING:
438 (*fp->fn->LayerFinish)(fp);
439 NewState(fp, ST_CLOSED);
440 (*fp->parent->LayerFinish)(fp->parent->object, fp);
441 break;
442 case ST_STOPPING:
443 (*fp->fn->LayerFinish)(fp);
444 NewState(fp, ST_STOPPED);
445 (*fp->parent->LayerFinish)(fp->parent->object, fp);
446 break;
447 case ST_REQSENT: /* XXX: 3p */
448 case ST_ACKSENT:
449 case ST_ACKRCVD:
450 (*fp->fn->LayerFinish)(fp);
451 NewState(fp, ST_STOPPED);
452 (*fp->parent->LayerFinish)(fp->parent->object, fp);
453 break;
454 }
455 }
456 }
457
458 static void
FsmInitRestartCounter(struct fsm * fp,int what)459 FsmInitRestartCounter(struct fsm *fp, int what)
460 {
461 timer_Stop(&fp->FsmTimer);
462 fp->FsmTimer.func = FsmTimeout;
463 fp->FsmTimer.arg = (void *)fp;
464 (*fp->fn->InitRestartCounter)(fp, what);
465 }
466
467 /*
468 * Actions when receive packets
469 */
470 static void
FsmRecvConfigReq(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)471 FsmRecvConfigReq(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
472 /* RCR */
473 {
474 struct fsm_decode dec;
475 int plen, flen;
476 int ackaction = 0;
477 u_char *cp;
478
479 bp = m_pullup(bp);
480 plen = m_length(bp);
481 flen = ntohs(lhp->length) - sizeof *lhp;
482 if (plen < flen) {
483 log_Printf(LogWARN, "%s: FsmRecvConfigReq: plen (%d) < flen (%d)\n",
484 fp->link->name, plen, flen);
485 m_freem(bp);
486 return;
487 }
488
489 /* Some things must be done before we Decode the packet */
490 switch (fp->state) {
491 case ST_OPENED:
492 (*fp->fn->LayerDown)(fp);
493 }
494
495 dec.ackend = dec.ack;
496 dec.nakend = dec.nak;
497 dec.rejend = dec.rej;
498 cp = MBUF_CTOP(bp);
499 (*fp->fn->DecodeConfig)(fp, cp, cp + flen, MODE_REQ, &dec);
500 if (flen < sizeof(struct fsm_opt_hdr))
501 log_Printf(fp->LogLevel, " [EMPTY]\n");
502
503 if (dec.nakend == dec.nak && dec.rejend == dec.rej)
504 ackaction = 1;
505
506 /* Check and process easy case */
507 switch (fp->state) {
508 case ST_INITIAL:
509 if (fp->proto == PROTO_CCP && fp->link->lcp.fsm.state == ST_OPENED) {
510 /*
511 * ccp_SetOpenMode() leaves us in initial if we're disabling
512 * & denying everything.
513 */
514 bp = m_prepend(bp, lhp, sizeof *lhp, 2);
515 bp = proto_Prepend(bp, fp->proto, 0, 0);
516 bp = m_pullup(bp);
517 lcp_SendProtoRej(&fp->link->lcp, MBUF_CTOP(bp), bp->m_len);
518 m_freem(bp);
519 return;
520 }
521 /* Drop through */
522 case ST_STARTING:
523 log_Printf(fp->LogLevel, "%s: Oops, RCR in %s.\n",
524 fp->link->name, State2Nam(fp->state));
525 m_freem(bp);
526 return;
527 case ST_CLOSED:
528 (*fp->fn->SendTerminateAck)(fp, lhp->id);
529 m_freem(bp);
530 return;
531 case ST_CLOSING:
532 log_Printf(fp->LogLevel, "%s: Error: Got ConfigReq while state = %s\n",
533 fp->link->name, State2Nam(fp->state));
534 case ST_STOPPING:
535 m_freem(bp);
536 return;
537 case ST_STOPPED:
538 FsmInitRestartCounter(fp, FSM_REQ_TIMER);
539 /* Drop through */
540 case ST_OPENED:
541 FsmSendConfigReq(fp);
542 break;
543 }
544
545 if (dec.rejend != dec.rej)
546 fsm_Output(fp, CODE_CONFIGREJ, lhp->id, dec.rej, dec.rejend - dec.rej,
547 MB_UNKNOWN);
548 if (dec.nakend != dec.nak)
549 fsm_Output(fp, CODE_CONFIGNAK, lhp->id, dec.nak, dec.nakend - dec.nak,
550 MB_UNKNOWN);
551 if (ackaction)
552 fsm_Output(fp, CODE_CONFIGACK, lhp->id, dec.ack, dec.ackend - dec.ack,
553 MB_UNKNOWN);
554
555 switch (fp->state) {
556 case ST_STOPPED:
557 /*
558 * According to the RFC (1661) state transition table, a TLS isn't
559 * required for a RCR when state == ST_STOPPED, but the RFC
560 * must be wrong as TLS hasn't yet been called (since the last TLF)
561 */
562 (*fp->fn->LayerStart)(fp);
563 (*fp->parent->LayerStart)(fp->parent->object, fp);
564 /* FALLTHROUGH */
565
566 case ST_OPENED:
567 if (ackaction)
568 NewState(fp, ST_ACKSENT);
569 else
570 NewState(fp, ST_REQSENT);
571 (*fp->parent->LayerDown)(fp->parent->object, fp);
572 break;
573 case ST_REQSENT:
574 if (ackaction)
575 NewState(fp, ST_ACKSENT);
576 break;
577 case ST_ACKRCVD:
578 if (ackaction) {
579 NewState(fp, ST_OPENED);
580 if ((*fp->fn->LayerUp)(fp))
581 (*fp->parent->LayerUp)(fp->parent->object, fp);
582 else {
583 (*fp->fn->LayerDown)(fp);
584 FsmInitRestartCounter(fp, FSM_TRM_TIMER);
585 FsmSendTerminateReq(fp);
586 NewState(fp, ST_CLOSING);
587 lcp_SendIdentification(&fp->link->lcp);
588 }
589 }
590 break;
591 case ST_ACKSENT:
592 if (!ackaction)
593 NewState(fp, ST_REQSENT);
594 break;
595 }
596 m_freem(bp);
597
598 if (dec.rejend != dec.rej && --fp->more.rejs <= 0) {
599 log_Printf(LogPHASE, "%s: Too many %s REJs sent - abandoning negotiation\n",
600 fp->link->name, fp->name);
601 lcp_SendIdentification(&fp->link->lcp);
602 fsm_Close(fp);
603 }
604
605 if (dec.nakend != dec.nak && --fp->more.naks <= 0) {
606 log_Printf(LogPHASE, "%s: Too many %s NAKs sent - abandoning negotiation\n",
607 fp->link->name, fp->name);
608 lcp_SendIdentification(&fp->link->lcp);
609 fsm_Close(fp);
610 }
611 }
612
613 static void
FsmRecvConfigAck(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)614 FsmRecvConfigAck(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
615 /* RCA */
616 {
617 struct fsm_decode dec;
618 int plen, flen;
619 u_char *cp;
620
621 plen = m_length(bp);
622 flen = ntohs(lhp->length) - sizeof *lhp;
623 if (plen < flen) {
624 m_freem(bp);
625 return;
626 }
627
628 bp = m_pullup(bp);
629 dec.ackend = dec.ack;
630 dec.nakend = dec.nak;
631 dec.rejend = dec.rej;
632 cp = MBUF_CTOP(bp);
633 (*fp->fn->DecodeConfig)(fp, cp, cp + flen, MODE_ACK, &dec);
634 if (flen < sizeof(struct fsm_opt_hdr))
635 log_Printf(fp->LogLevel, " [EMPTY]\n");
636
637 switch (fp->state) {
638 case ST_CLOSED:
639 case ST_STOPPED:
640 (*fp->fn->SendTerminateAck)(fp, lhp->id);
641 break;
642 case ST_CLOSING:
643 case ST_STOPPING:
644 break;
645 case ST_REQSENT:
646 FsmInitRestartCounter(fp, FSM_REQ_TIMER);
647 NewState(fp, ST_ACKRCVD);
648 break;
649 case ST_ACKRCVD:
650 FsmSendConfigReq(fp);
651 NewState(fp, ST_REQSENT);
652 break;
653 case ST_ACKSENT:
654 FsmInitRestartCounter(fp, FSM_REQ_TIMER);
655 NewState(fp, ST_OPENED);
656 if ((*fp->fn->LayerUp)(fp))
657 (*fp->parent->LayerUp)(fp->parent->object, fp);
658 else {
659 (*fp->fn->LayerDown)(fp);
660 FsmInitRestartCounter(fp, FSM_TRM_TIMER);
661 FsmSendTerminateReq(fp);
662 NewState(fp, ST_CLOSING);
663 lcp_SendIdentification(&fp->link->lcp);
664 }
665 break;
666 case ST_OPENED:
667 (*fp->fn->LayerDown)(fp);
668 FsmSendConfigReq(fp);
669 NewState(fp, ST_REQSENT);
670 (*fp->parent->LayerDown)(fp->parent->object, fp);
671 break;
672 }
673 m_freem(bp);
674 }
675
676 static void
FsmRecvConfigNak(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)677 FsmRecvConfigNak(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
678 /* RCN */
679 {
680 struct fsm_decode dec;
681 int plen, flen;
682 u_char *cp;
683
684 plen = m_length(bp);
685 flen = ntohs(lhp->length) - sizeof *lhp;
686 if (plen < flen) {
687 m_freem(bp);
688 return;
689 }
690
691 /*
692 * Check and process easy case
693 */
694 switch (fp->state) {
695 case ST_INITIAL:
696 case ST_STARTING:
697 log_Printf(fp->LogLevel, "%s: Oops, RCN in %s.\n",
698 fp->link->name, State2Nam(fp->state));
699 m_freem(bp);
700 return;
701 case ST_CLOSED:
702 case ST_STOPPED:
703 (*fp->fn->SendTerminateAck)(fp, lhp->id);
704 m_freem(bp);
705 return;
706 case ST_CLOSING:
707 case ST_STOPPING:
708 m_freem(bp);
709 return;
710 }
711
712 bp = m_pullup(bp);
713 dec.ackend = dec.ack;
714 dec.nakend = dec.nak;
715 dec.rejend = dec.rej;
716 cp = MBUF_CTOP(bp);
717 (*fp->fn->DecodeConfig)(fp, cp, cp + flen, MODE_NAK, &dec);
718 if (flen < sizeof(struct fsm_opt_hdr))
719 log_Printf(fp->LogLevel, " [EMPTY]\n");
720
721 switch (fp->state) {
722 case ST_REQSENT:
723 case ST_ACKSENT:
724 FsmInitRestartCounter(fp, FSM_REQ_TIMER);
725 FsmSendConfigReq(fp);
726 break;
727 case ST_OPENED:
728 (*fp->fn->LayerDown)(fp);
729 FsmSendConfigReq(fp);
730 NewState(fp, ST_REQSENT);
731 (*fp->parent->LayerDown)(fp->parent->object, fp);
732 break;
733 case ST_ACKRCVD:
734 FsmSendConfigReq(fp);
735 NewState(fp, ST_REQSENT);
736 break;
737 }
738
739 m_freem(bp);
740 }
741
742 static void
FsmRecvTermReq(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)743 FsmRecvTermReq(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
744 /* RTR */
745 {
746 switch (fp->state) {
747 case ST_INITIAL:
748 case ST_STARTING:
749 log_Printf(fp->LogLevel, "%s: Oops, RTR in %s\n",
750 fp->link->name, State2Nam(fp->state));
751 break;
752 case ST_CLOSED:
753 case ST_STOPPED:
754 case ST_CLOSING:
755 case ST_STOPPING:
756 case ST_REQSENT:
757 (*fp->fn->SendTerminateAck)(fp, lhp->id);
758 break;
759 case ST_ACKRCVD:
760 case ST_ACKSENT:
761 (*fp->fn->SendTerminateAck)(fp, lhp->id);
762 NewState(fp, ST_REQSENT);
763 break;
764 case ST_OPENED:
765 (*fp->fn->LayerDown)(fp);
766 (*fp->fn->SendTerminateAck)(fp, lhp->id);
767 FsmInitRestartCounter(fp, FSM_TRM_TIMER);
768 timer_Start(&fp->FsmTimer); /* Start restart timer */
769 fp->restart = 0;
770 NewState(fp, ST_STOPPING);
771 (*fp->parent->LayerDown)(fp->parent->object, fp);
772 /* A delayed ST_STOPPED is now scheduled */
773 break;
774 }
775 m_freem(bp);
776 }
777
778 static void
FsmRecvTermAck(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)779 FsmRecvTermAck(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
780 /* RTA */
781 {
782 switch (fp->state) {
783 case ST_CLOSING:
784 (*fp->fn->LayerFinish)(fp);
785 NewState(fp, ST_CLOSED);
786 (*fp->parent->LayerFinish)(fp->parent->object, fp);
787 break;
788 case ST_STOPPING:
789 (*fp->fn->LayerFinish)(fp);
790 NewState(fp, ST_STOPPED);
791 (*fp->parent->LayerFinish)(fp->parent->object, fp);
792 break;
793 case ST_ACKRCVD:
794 NewState(fp, ST_REQSENT);
795 break;
796 case ST_OPENED:
797 (*fp->fn->LayerDown)(fp);
798 FsmSendConfigReq(fp);
799 NewState(fp, ST_REQSENT);
800 (*fp->parent->LayerDown)(fp->parent->object, fp);
801 break;
802 }
803 m_freem(bp);
804 }
805
806 static void
FsmRecvConfigRej(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)807 FsmRecvConfigRej(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
808 /* RCJ */
809 {
810 struct fsm_decode dec;
811 int plen, flen;
812 u_char *cp;
813
814 plen = m_length(bp);
815 flen = ntohs(lhp->length) - sizeof *lhp;
816 if (plen < flen) {
817 m_freem(bp);
818 return;
819 }
820
821 lcp_SendIdentification(&fp->link->lcp);
822
823 /*
824 * Check and process easy case
825 */
826 switch (fp->state) {
827 case ST_INITIAL:
828 case ST_STARTING:
829 log_Printf(fp->LogLevel, "%s: Oops, RCJ in %s.\n",
830 fp->link->name, State2Nam(fp->state));
831 m_freem(bp);
832 return;
833 case ST_CLOSED:
834 case ST_STOPPED:
835 (*fp->fn->SendTerminateAck)(fp, lhp->id);
836 m_freem(bp);
837 return;
838 case ST_CLOSING:
839 case ST_STOPPING:
840 m_freem(bp);
841 return;
842 }
843
844 bp = m_pullup(bp);
845 dec.ackend = dec.ack;
846 dec.nakend = dec.nak;
847 dec.rejend = dec.rej;
848 cp = MBUF_CTOP(bp);
849 (*fp->fn->DecodeConfig)(fp, cp, cp + flen, MODE_REJ, &dec);
850 if (flen < sizeof(struct fsm_opt_hdr))
851 log_Printf(fp->LogLevel, " [EMPTY]\n");
852
853 switch (fp->state) {
854 case ST_REQSENT:
855 case ST_ACKSENT:
856 FsmInitRestartCounter(fp, FSM_REQ_TIMER);
857 FsmSendConfigReq(fp);
858 break;
859 case ST_OPENED:
860 (*fp->fn->LayerDown)(fp);
861 FsmSendConfigReq(fp);
862 NewState(fp, ST_REQSENT);
863 (*fp->parent->LayerDown)(fp->parent->object, fp);
864 break;
865 case ST_ACKRCVD:
866 FsmSendConfigReq(fp);
867 NewState(fp, ST_REQSENT);
868 break;
869 }
870 m_freem(bp);
871 }
872
873 static void
FsmRecvCodeRej(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)874 FsmRecvCodeRej(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
875 {
876 m_freem(bp);
877 }
878
879 static void
FsmRecvProtoRej(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)880 FsmRecvProtoRej(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
881 {
882 struct physical *p = link2physical(fp->link);
883 u_short proto;
884
885 if (m_length(bp) < 2) {
886 m_freem(bp);
887 return;
888 }
889 bp = mbuf_Read(bp, &proto, 2);
890 proto = ntohs(proto);
891 log_Printf(fp->LogLevel, "%s: -- Protocol 0x%04x (%s) was rejected!\n",
892 fp->link->name, proto, hdlc_Protocol2Nam(proto));
893
894 switch (proto) {
895 case PROTO_LQR:
896 if (p)
897 lqr_Stop(p, LQM_LQR);
898 else
899 log_Printf(LogERROR, "%s: FsmRecvProtoRej: Not a physical link !\n",
900 fp->link->name);
901 break;
902 case PROTO_CCP:
903 if (fp->proto == PROTO_LCP) {
904 fp = &fp->link->ccp.fsm;
905 /* Despite the RFC (1661), don't do an out-of-place TLF */
906 /* (*fp->fn->LayerFinish)(fp); */
907 switch (fp->state) {
908 case ST_CLOSED:
909 case ST_CLOSING:
910 NewState(fp, ST_CLOSED);
911 break;
912 default:
913 NewState(fp, ST_STOPPED);
914 break;
915 }
916 /* See above */
917 /* (*fp->parent->LayerFinish)(fp->parent->object, fp); */
918 }
919 break;
920 case PROTO_IPCP:
921 if (fp->proto == PROTO_LCP) {
922 log_Printf(LogPHASE, "%s: IPCP protocol reject closes IPCP !\n",
923 fp->link->name);
924 fsm_Close(&fp->bundle->ncp.ipcp.fsm);
925 }
926 break;
927 #ifndef NOINET6
928 case PROTO_IPV6CP:
929 if (fp->proto == PROTO_LCP) {
930 log_Printf(LogPHASE, "%s: IPV6CP protocol reject closes IPV6CP !\n",
931 fp->link->name);
932 fsm_Close(&fp->bundle->ncp.ipv6cp.fsm);
933 }
934 break;
935 #endif
936 case PROTO_MP:
937 if (fp->proto == PROTO_LCP) {
938 struct lcp *lcp = fsm2lcp(fp);
939
940 if (lcp->want_mrru && lcp->his_mrru) {
941 log_Printf(LogPHASE, "%s: MP protocol reject is fatal !\n",
942 fp->link->name);
943 fsm_Close(fp);
944 }
945 }
946 break;
947 }
948 m_freem(bp);
949 }
950
951 static void
FsmRecvEchoReq(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)952 FsmRecvEchoReq(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
953 {
954 struct lcp *lcp = fsm2lcp(fp);
955 u_char *cp;
956 u_int32_t magic;
957
958 bp = m_pullup(bp);
959 m_settype(bp, MB_ECHOIN);
960
961 if (lcp && ntohs(lhp->length) - sizeof *lhp >= 4) {
962 cp = MBUF_CTOP(bp);
963 ua_ntohl(cp, &magic);
964 if (magic != lcp->his_magic) {
965 log_Printf(fp->LogLevel, "%s: RecvEchoReq: magic 0x%08lx is wrong,"
966 " expecting 0x%08lx\n", fp->link->name, (u_long)magic,
967 (u_long)lcp->his_magic);
968 /* XXX: We should send terminate request */
969 }
970 if (fp->state == ST_OPENED) {
971 ua_htonl(&lcp->want_magic, cp); /* local magic */
972 fsm_Output(fp, CODE_ECHOREP, lhp->id, cp,
973 ntohs(lhp->length) - sizeof *lhp, MB_ECHOOUT);
974 }
975 }
976 m_freem(bp);
977 }
978
979 static void
FsmRecvEchoRep(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)980 FsmRecvEchoRep(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
981 {
982 if (fsm2lcp(fp))
983 bp = lqr_RecvEcho(fp, bp);
984
985 m_freem(bp);
986 }
987
988 static void
FsmRecvDiscReq(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)989 FsmRecvDiscReq(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
990 {
991 m_freem(bp);
992 }
993
994 static void
FsmRecvIdent(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)995 FsmRecvIdent(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
996 {
997 u_int32_t magic;
998 u_short len;
999 u_char *cp;
1000
1001 len = ntohs(lhp->length) - sizeof *lhp;
1002 if (len >= 4) {
1003 bp = m_pullup(m_append(bp, "", 1));
1004 cp = MBUF_CTOP(bp);
1005 ua_ntohl(cp, &magic);
1006 if (magic != fp->link->lcp.his_magic)
1007 log_Printf(fp->LogLevel, "%s: RecvIdent: magic 0x%08lx is wrong,"
1008 " expecting 0x%08lx\n", fp->link->name, (u_long)magic,
1009 (u_long)fp->link->lcp.his_magic);
1010 cp[len] = '\0';
1011 lcp_RecvIdentification(&fp->link->lcp, cp + 4);
1012 }
1013 m_freem(bp);
1014 }
1015
1016 static void
FsmRecvTimeRemain(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)1017 FsmRecvTimeRemain(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
1018 {
1019 m_freem(bp);
1020 }
1021
1022 static void
FsmRecvResetReq(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)1023 FsmRecvResetReq(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
1024 {
1025 if ((*fp->fn->RecvResetReq)(fp)) {
1026 /*
1027 * All sendable compressed packets are queued in the first (lowest
1028 * priority) modem output queue.... dump 'em to the priority queue
1029 * so that they arrive at the peer before our ResetAck.
1030 */
1031 link_SequenceQueue(fp->link);
1032 fsm_Output(fp, CODE_RESETACK, lhp->id, NULL, 0, MB_CCPOUT);
1033 }
1034 m_freem(bp);
1035 }
1036
1037 static void
FsmRecvResetAck(struct fsm * fp,struct fsmheader * lhp,struct mbuf * bp)1038 FsmRecvResetAck(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)
1039 {
1040 (*fp->fn->RecvResetAck)(fp, lhp->id);
1041 m_freem(bp);
1042 }
1043
1044 void
fsm_Input(struct fsm * fp,struct mbuf * bp)1045 fsm_Input(struct fsm *fp, struct mbuf *bp)
1046 {
1047 int len;
1048 struct fsmheader lh;
1049 const struct fsmcodedesc *codep;
1050
1051 len = m_length(bp);
1052 if (len < sizeof(struct fsmheader)) {
1053 m_freem(bp);
1054 return;
1055 }
1056 bp = mbuf_Read(bp, &lh, sizeof lh);
1057
1058 if (ntohs(lh.length) > len) {
1059 log_Printf(LogWARN, "%s: Oops: Got %d bytes but %d byte payload "
1060 "- dropped\n", fp->link->name, len, (int)ntohs(lh.length));
1061 m_freem(bp);
1062 return;
1063 }
1064
1065 if (lh.code < fp->min_code || lh.code > fp->max_code ||
1066 lh.code > sizeof FsmCodes / sizeof *FsmCodes) {
1067 /*
1068 * Use a private id. This is really a response-type packet, but we
1069 * MUST send a unique id for each REQ....
1070 */
1071 static u_char id;
1072
1073 bp = m_prepend(bp, &lh, sizeof lh, 0);
1074 bp = m_pullup(bp);
1075 fsm_Output(fp, CODE_CODEREJ, id++, MBUF_CTOP(bp), bp->m_len, MB_UNKNOWN);
1076 m_freem(bp);
1077 return;
1078 }
1079
1080 codep = FsmCodes + lh.code - 1;
1081 if (lh.id != fp->reqid && codep->check_reqid &&
1082 Enabled(fp->bundle, OPT_IDCHECK)) {
1083 log_Printf(fp->LogLevel, "%s: Recv%s(%d), dropped (expected %d)\n",
1084 fp->link->name, codep->name, lh.id, fp->reqid);
1085 return;
1086 }
1087
1088 log_Printf(fp->LogLevel, "%s: Recv%s(%d) state = %s\n",
1089 fp->link->name, codep->name, lh.id, State2Nam(fp->state));
1090
1091 if (codep->inc_reqid && (lh.id == fp->reqid ||
1092 (!Enabled(fp->bundle, OPT_IDCHECK) && codep->check_reqid)))
1093 fp->reqid++; /* That's the end of that ``exchange''.... */
1094
1095 (*codep->recv)(fp, &lh, bp);
1096 }
1097
1098 int
fsm_NullRecvResetReq(struct fsm * fp)1099 fsm_NullRecvResetReq(struct fsm *fp)
1100 {
1101 log_Printf(fp->LogLevel, "%s: Oops - received unexpected reset req\n",
1102 fp->link->name);
1103 return 1;
1104 }
1105
1106 void
fsm_NullRecvResetAck(struct fsm * fp,u_char id)1107 fsm_NullRecvResetAck(struct fsm *fp, u_char id)
1108 {
1109 log_Printf(fp->LogLevel, "%s: Oops - received unexpected reset ack\n",
1110 fp->link->name);
1111 }
1112
1113 void
fsm_Reopen(struct fsm * fp)1114 fsm_Reopen(struct fsm *fp)
1115 {
1116 if (fp->state == ST_OPENED) {
1117 (*fp->fn->LayerDown)(fp);
1118 FsmInitRestartCounter(fp, FSM_REQ_TIMER);
1119 FsmSendConfigReq(fp);
1120 NewState(fp, ST_REQSENT);
1121 (*fp->parent->LayerDown)(fp->parent->object, fp);
1122 }
1123 }
1124
1125 void
fsm2initial(struct fsm * fp)1126 fsm2initial(struct fsm *fp)
1127 {
1128 timer_Stop(&fp->FsmTimer);
1129 timer_Stop(&fp->OpenTimer);
1130 timer_Stop(&fp->StoppedTimer);
1131 if (fp->state == ST_STOPPED)
1132 fsm_Close(fp);
1133 if (fp->state > ST_INITIAL)
1134 fsm_Down(fp);
1135 if (fp->state > ST_INITIAL)
1136 fsm_Close(fp);
1137 }
1138
1139 struct fsm_opt *
fsm_readopt(u_char ** cp)1140 fsm_readopt(u_char **cp)
1141 {
1142 struct fsm_opt *o = (struct fsm_opt *)*cp;
1143
1144 if (o->hdr.len < sizeof(struct fsm_opt_hdr)) {
1145 log_Printf(LogERROR, "Bad option length %d (out of phase?)\n", o->hdr.len);
1146 return NULL;
1147 }
1148
1149 *cp += o->hdr.len;
1150
1151 if (o->hdr.len > sizeof(struct fsm_opt)) {
1152 log_Printf(LogERROR, "Warning: Truncating option length from %d to %d\n",
1153 o->hdr.len, (int)sizeof(struct fsm_opt));
1154 o->hdr.len = sizeof(struct fsm_opt);
1155 }
1156
1157 return o;
1158 }
1159
1160 static int
fsm_opt(u_char * opt,int optlen,const struct fsm_opt * o)1161 fsm_opt(u_char *opt, int optlen, const struct fsm_opt *o)
1162 {
1163 int cplen = o->hdr.len;
1164
1165 if (optlen < sizeof(struct fsm_opt_hdr))
1166 optlen = 0;
1167
1168 if (cplen > optlen) {
1169 log_Printf(LogERROR, "Can't REJ length %d - trunating to %d\n",
1170 cplen, optlen);
1171 cplen = optlen;
1172 }
1173 memcpy(opt, o, cplen);
1174 if (cplen)
1175 opt[1] = cplen;
1176
1177 return cplen;
1178 }
1179
1180 void
fsm_rej(struct fsm_decode * dec,const struct fsm_opt * o)1181 fsm_rej(struct fsm_decode *dec, const struct fsm_opt *o)
1182 {
1183 if (!dec)
1184 return;
1185 dec->rejend += fsm_opt(dec->rejend, FSM_OPTLEN - (dec->rejend - dec->rej), o);
1186 }
1187
1188 void
fsm_ack(struct fsm_decode * dec,const struct fsm_opt * o)1189 fsm_ack(struct fsm_decode *dec, const struct fsm_opt *o)
1190 {
1191 if (!dec)
1192 return;
1193 dec->ackend += fsm_opt(dec->ackend, FSM_OPTLEN - (dec->ackend - dec->ack), o);
1194 }
1195
1196 void
fsm_nak(struct fsm_decode * dec,const struct fsm_opt * o)1197 fsm_nak(struct fsm_decode *dec, const struct fsm_opt *o)
1198 {
1199 if (!dec)
1200 return;
1201 dec->nakend += fsm_opt(dec->nakend, FSM_OPTLEN - (dec->nakend - dec->nak), o);
1202 }
1203
1204 void
fsm_opt_normalise(struct fsm_decode * dec)1205 fsm_opt_normalise(struct fsm_decode *dec)
1206 {
1207 if (dec->rejend != dec->rej) {
1208 /* rejects are preferred */
1209 dec->ackend = dec->ack;
1210 dec->nakend = dec->nak;
1211 } else if (dec->nakend != dec->nak)
1212 /* then NAKs */
1213 dec->ackend = dec->ack;
1214 }
1215