Annotation of embedaddon/libpdel/ppp/ppp_link.c, revision 1.1
1.1 ! misho 1:
! 2: /*
! 3: * Copyright (c) 2001-2002 Packet Design, LLC.
! 4: * All rights reserved.
! 5: *
! 6: * Subject to the following obligations and disclaimer of warranty,
! 7: * use and redistribution of this software, in source or object code
! 8: * forms, with or without modifications are expressly permitted by
! 9: * Packet Design; provided, however, that:
! 10: *
! 11: * (i) Any and all reproductions of the source or object code
! 12: * must include the copyright notice above and the following
! 13: * disclaimer of warranties; and
! 14: * (ii) No rights are granted, in any manner or form, to use
! 15: * Packet Design trademarks, including the mark "PACKET DESIGN"
! 16: * on advertising, endorsements, or otherwise except as such
! 17: * appears in the above copyright notice or in the software.
! 18: *
! 19: * THIS SOFTWARE IS BEING PROVIDED BY PACKET DESIGN "AS IS", AND
! 20: * TO THE MAXIMUM EXTENT PERMITTED BY LAW, PACKET DESIGN MAKES NO
! 21: * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING
! 22: * THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED
! 23: * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
! 24: * OR NON-INFRINGEMENT. PACKET DESIGN DOES NOT WARRANT, GUARANTEE,
! 25: * OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS
! 26: * OF THE USE OF THIS SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY,
! 27: * RELIABILITY OR OTHERWISE. IN NO EVENT SHALL PACKET DESIGN BE
! 28: * LIABLE FOR ANY DAMAGES RESULTING FROM OR ARISING OUT OF ANY USE
! 29: * OF THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY DIRECT,
! 30: * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, PUNITIVE, OR CONSEQUENTIAL
! 31: * DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, LOSS OF
! 32: * USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY THEORY OF
! 33: * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
! 34: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
! 35: * THE USE OF THIS SOFTWARE, EVEN IF PACKET DESIGN IS ADVISED OF
! 36: * THE POSSIBILITY OF SUCH DAMAGE.
! 37: *
! 38: * Author: Archie Cobbs <archie@freebsd.org>
! 39: */
! 40:
! 41: #include "ppp/ppp_defs.h"
! 42: #include "ppp/ppp_log.h"
! 43: #include "ppp/ppp_fsm_option.h"
! 44: #include "ppp/ppp_fsm.h"
! 45: #include "ppp/ppp_auth.h"
! 46: #include "ppp/ppp_lcp.h"
! 47: #include "ppp/ppp_node.h"
! 48: #include "ppp/ppp_engine.h"
! 49: #include "ppp/ppp_bundle.h"
! 50: #include "ppp/ppp_channel.h"
! 51: #include "ppp/ppp_link.h"
! 52:
! 53: #define LINK_MTYPE "ppp_link"
! 54: #define PKTBUFLEN 4096
! 55: #define LINK_LATENCY 100 /* arbitrary fixed value */
! 56: #define LINK_BANDWIDTH 100 /* arbitrary fixed value */
! 57:
! 58: #define AUTH_TIMEOUT 20 /* time limit for auth phase */
! 59:
! 60: #define WINXP_PPTP_HACK(x) ((x) - 20) /* winxp pptp stupidity hack */
! 61:
! 62: /*
! 63: * Authorization info for one direction
! 64: */
! 65: struct ppp_link_auth {
! 66: struct ppp_link *link; /* back pointer */
! 67: u_int16_t proto; /* auth protocol number */
! 68: const struct ppp_auth_type *type; /* auth type negotiated */
! 69: void *arg; /* auth object in progress */
! 70: struct ppp_auth_cred cred; /* auth credentials */
! 71: struct ppp_auth_resp resp; /* auth response */
! 72: union ppp_auth_mppe mppe; /* mppe keys from ms-chap */
! 73: struct paction *action;/* auth acquire/check action */
! 74: };
! 75:
! 76: /*
! 77: * PPP link structure
! 78: */
! 79: struct ppp_link {
! 80: enum ppp_link_state state; /* link state */
! 81: struct ppp_log *log; /* log */
! 82: struct ppp_link_config conf; /* link configuration */
! 83: struct ppp_engine *engine; /* ppp engine */
! 84: struct ppp_channel *device; /* underlying device */
! 85: struct ppp_node *node; /* ng_ppp(4) node */
! 86: struct ppp_fsm *lcp; /* lcp fsm */
! 87: struct ppp_lcp_req lcp_req; /* lcp negotiation result */
! 88: struct ppp_bundle *bundle; /* bundle, if joined */
! 89: struct pevent_ctx *ev_ctx; /* event context */
! 90: pthread_mutex_t *mutex; /* mutex */
! 91: struct pevent *lcp_event; /* lcp fsm event */
! 92: struct pevent *dev_event; /* device event */
! 93: struct pevent *auth_timer; /* timer for auth phase */
! 94: u_char device_up; /* device is up */
! 95: struct ppp_link_auth auth[2]; /* authorization info */
! 96: u_int16_t link_num; /* ppp node link number */
! 97: u_char shutdown; /* normal shutdown */
! 98: };
! 99:
! 100: /* Internal functions */
! 101: static void ppp_link_join(struct ppp_link *link);
! 102: static void ppp_link_unjoin(struct ppp_link *link);
! 103: static int ppp_link_get_node(struct ppp_link *link);
! 104: static void ppp_link_auth_start(struct ppp_link *link);
! 105: static void ppp_link_auth_stop(struct ppp_link *link);
! 106:
! 107: static ppp_node_recv_t ppp_link_node_recv;
! 108:
! 109: static pevent_handler_t ppp_link_device_event;
! 110: static pevent_handler_t ppp_link_lcp_event;
! 111: static pevent_handler_t ppp_link_auth_timeout;
! 112:
! 113: /* Macro for logging */
! 114: #define LOG(sev, fmt, args...) PPP_LOG(link->log, sev, fmt , ## args)
! 115:
! 116: /***********************************************************************
! 117: PUBLIC FUNCTIONS
! 118: ***********************************************************************/
! 119:
! 120: /*
! 121: * Create a new PPP link.
! 122: *
! 123: * The link is not returned. Instead it disappears into the PPP engine.
! 124: * The "device" and "log" are destroyed when the link is destroyed.
! 125: */
! 126: int
! 127: ppp_link_create(struct ppp_engine *engine, struct ppp_channel *device,
! 128: struct ppp_link_config *conf, struct ppp_log *log)
! 129: {
! 130: struct ppp_fsm_instance *inst = NULL;
! 131: struct ppp_lcp_config lcp_conf;
! 132: struct ppp_fsm *lcp = NULL;
! 133: struct ppp_link *link;
! 134: int esave;
! 135: int i;
! 136: int j;
! 137:
! 138: /* Create new link structure */
! 139: if ((link = MALLOC(LINK_MTYPE, sizeof(*link))) == NULL)
! 140: return (-1);
! 141: memset(link, 0, sizeof(*link));
! 142: link->state = PPP_LINK_DOWN;
! 143: link->engine = engine;
! 144: link->ev_ctx = ppp_engine_get_ev_ctx(engine);
! 145: link->mutex = ppp_engine_get_mutex(engine);
! 146: link->device = device;
! 147: link->conf = *conf;
! 148: link->log = log;
! 149: for (i = 0; i < 2; i++)
! 150: link->auth[i].link = link;
! 151:
! 152: /* Derive LCP configuration from link configuration and device info */
! 153: memset(&lcp_conf, 0, sizeof(lcp_conf));
! 154: lcp_conf.max_mru[PPP_SELF] = conf->max_self_mru;
! 155: lcp_conf.min_mru[PPP_PEER] = conf->min_peer_mru;
! 156: lcp_conf.accm = ppp_channel_is_async(device) ? 0x0a000000 : ~0;
! 157: if (ppp_channel_get_acfcomp(device)) {
! 158: lcp_conf.acfcomp[PPP_SELF] = 1;
! 159: lcp_conf.acfcomp[PPP_PEER] = 1;
! 160: }
! 161: if (ppp_channel_get_pfcomp(device)) {
! 162: lcp_conf.pfcomp[PPP_SELF] = 1;
! 163: lcp_conf.pfcomp[PPP_PEER] = 1;
! 164: }
! 165: for (i = 0; i < PPP_AUTH_MAX; i++) {
! 166: for (j = 0; j < 2; j++) {
! 167: if ((conf->auth.allow[j] & (1 << i)) != 0)
! 168: lcp_conf.auth[j][i] = 1;
! 169: }
! 170: }
! 171: lcp_conf.eid = conf->eid;
! 172: if (conf->multilink) {
! 173: lcp_conf.max_mrru[PPP_SELF] = conf->max_self_mrru;
! 174: lcp_conf.min_mrru[PPP_PEER] = conf->min_peer_mrru;
! 175: lcp_conf.multilink[PPP_SELF] = 1;
! 176: lcp_conf.multilink[PPP_PEER] = 1;
! 177: lcp_conf.shortseq[PPP_SELF] = 1;
! 178: lcp_conf.shortseq[PPP_PEER] = 1;
! 179: }
! 180:
! 181: /* Create ppp node object */
! 182: if (ppp_link_get_node(link) == -1)
! 183: goto fail;
! 184:
! 185: /* Create a new LCP FSM for this link */
! 186: if ((inst = ppp_lcp_create(&lcp_conf)) == NULL) {
! 187: LOG(LOG_ERR, "failed to create LCP: %m");
! 188: goto fail;
! 189: }
! 190: if ((link->lcp = ppp_fsm_create(link->ev_ctx,
! 191: link->mutex, inst, link->log)) == NULL) {
! 192: LOG(LOG_ERR, "failed to create LCP: %m");
! 193: goto fail;
! 194: }
! 195: inst = NULL;
! 196:
! 197: /* Listen for device events */
! 198: if (pevent_register(link->ev_ctx, &link->dev_event, PEVENT_RECURRING,
! 199: link->mutex, ppp_link_device_event, link, PEVENT_MESG_PORT,
! 200: ppp_channel_get_outport(link->device)) == -1) {
! 201: LOG(LOG_ERR, "%s: %m", "adding read event");
! 202: goto fail;
! 203: }
! 204:
! 205: /* Listen for LCP events */
! 206: if (pevent_register(link->ev_ctx, &link->lcp_event, PEVENT_RECURRING,
! 207: link->mutex, ppp_link_lcp_event, link, PEVENT_MESG_PORT,
! 208: ppp_fsm_get_outport(link->lcp)) == -1) {
! 209: LOG(LOG_ERR, "%s: %m", "adding read event");
! 210: goto fail;
! 211: }
! 212:
! 213: /* Notify engine of new link */
! 214: if (ppp_engine_add_link(engine, link) == -1) {
! 215: LOG(LOG_ERR, "failed to add link: %m");
! 216: goto fail;
! 217: }
! 218:
! 219: /* Start LCP negotiations (whenver link comes up) */
! 220: ppp_fsm_input(link->lcp, FSM_INPUT_OPEN);
! 221:
! 222: /* Done */
! 223: return (0);
! 224:
! 225: fail:
! 226: /* Clean up after failure */
! 227: esave = errno;
! 228: pevent_unregister(&link->dev_event);
! 229: pevent_unregister(&link->lcp_event);
! 230: ppp_node_destroy(&link->node);
! 231: ppp_node_destroy(&link->node);
! 232: ppp_fsm_destroy(&lcp);
! 233: if (inst != NULL)
! 234: (*inst->type->destroy)(inst);
! 235: FREE(LINK_MTYPE, link);
! 236: errno = esave;
! 237: return (-1);
! 238: }
! 239:
! 240: /*
! 241: * Destroy a link.
! 242: */
! 243: void
! 244: ppp_link_destroy(struct ppp_link **linkp)
! 245: {
! 246: struct ppp_link *const link = *linkp;
! 247: int r;
! 248:
! 249: /* Sanity check */
! 250: if (link == NULL)
! 251: return;
! 252: *linkp = NULL;
! 253:
! 254: /* Avoid recursion */
! 255: if (link->shutdown)
! 256: return;
! 257: link->shutdown = 1;
! 258:
! 259: /* Acquire lock */
! 260: r = pthread_mutex_lock(link->mutex);
! 261: assert(r == 0);
! 262:
! 263: /* Stop authentication (if any) */
! 264: ppp_link_auth_stop(link);
! 265:
! 266: /* Disconnect from bundle or engine */
! 267: ppp_bundle_unjoin(&link->bundle, link);
! 268: ppp_engine_del_link(link->engine, link);
! 269:
! 270: /* Destroy link */
! 271: r = pthread_mutex_unlock(link->mutex);
! 272: assert(r == 0);
! 273: ppp_fsm_destroy(&link->lcp);
! 274: pevent_unregister(&link->dev_event);
! 275: pevent_unregister(&link->lcp_event);
! 276: ppp_node_destroy(&link->node);
! 277: ppp_channel_destroy(&link->device);
! 278: ppp_log_close(&link->log);
! 279: FREE(LINK_MTYPE, link);
! 280: }
! 281:
! 282: /*
! 283: * Close a link.
! 284: */
! 285: void
! 286: ppp_link_close(struct ppp_link *link)
! 287: {
! 288: ppp_link_auth_stop(link);
! 289: ppp_fsm_input(link->lcp, FSM_INPUT_CLOSE);
! 290: }
! 291:
! 292: /*
! 293: * Get the device associated with a link.
! 294: */
! 295: struct ppp_channel *
! 296: ppp_link_get_device(struct ppp_link *link)
! 297: {
! 298: return (link->device);
! 299: }
! 300:
! 301: /*
! 302: * Get the link's origination (PPP_SELF or PPP_PEER) which
! 303: * is simply inherited from the underlying device.
! 304: */
! 305: int
! 306: ppp_link_get_origination(struct ppp_link *link)
! 307: {
! 308: return (ppp_channel_get_origination(link->device));
! 309: }
! 310:
! 311: /*
! 312: * Get link state.
! 313: */
! 314: enum ppp_link_state
! 315: ppp_link_get_state(struct ppp_link *link)
! 316: {
! 317: return (link->state);
! 318: }
! 319:
! 320: /*
! 321: * Get bundle associated with link, if any.
! 322: */
! 323: struct ppp_bundle *
! 324: ppp_link_get_bundle(struct ppp_link *link)
! 325: {
! 326: if (link->bundle == NULL)
! 327: errno = ENXIO;
! 328: return (link->bundle);
! 329: }
! 330:
! 331: /*
! 332: * Get LCP request state.
! 333: */
! 334: void
! 335: ppp_link_get_lcp_req(struct ppp_link *link, struct ppp_lcp_req *req)
! 336: {
! 337: ppp_lcp_get_req(link->lcp, req);
! 338: }
! 339:
! 340: /*
! 341: * Get link authorization name.
! 342: *
! 343: * Note: we reverse the sense of 'dir' because we want PPP_SELF to
! 344: * mean my authname to peer, which is the opposite of the way that
! 345: * authorization is negotiated, i.e., PPP_SELF is peer's auth to me.
! 346: */
! 347: const char *
! 348: ppp_link_get_authname(struct ppp_link *link, int dir)
! 349: {
! 350: struct ppp_link_auth *const auth = &link->auth[!dir];
! 351:
! 352: if (auth->type == NULL)
! 353: return ("");
! 354: switch (auth->type->index) {
! 355: case PPP_AUTH_PAP:
! 356: return (auth->cred.u.pap.name);
! 357: case PPP_AUTH_CHAP_MSV1:
! 358: case PPP_AUTH_CHAP_MSV2:
! 359: case PPP_AUTH_CHAP_MD5:
! 360: return (auth->cred.u.chap.name);
! 361: default:
! 362: return ("");
! 363: }
! 364: }
! 365:
! 366: /*
! 367: * Get endpoint ID.
! 368: */
! 369: void
! 370: ppp_link_get_eid(struct ppp_link *link, int dir, struct ppp_eid *eid)
! 371: {
! 372: struct ppp_lcp_req req;
! 373:
! 374: dir &= 1;
! 375: ppp_lcp_get_req(link->lcp, &req);
! 376: *eid = req.eid[dir];
! 377: }
! 378:
! 379: void
! 380: ppp_link_get_mppe(struct ppp_link *link, int dir, union ppp_auth_mppe *mppe)
! 381: {
! 382: struct ppp_link_auth *const auth = &link->auth[dir & 1];
! 383:
! 384: memcpy(mppe, &auth->mppe, sizeof(*mppe));
! 385: }
! 386:
! 387: /*
! 388: * Ouput a packet on the link.
! 389: */
! 390: void
! 391: ppp_link_write(struct ppp_link *link,
! 392: u_int16_t proto, const void *data, size_t len)
! 393: {
! 394: int rtn;
! 395:
! 396: /* Drop packet if channel is down */
! 397: if (!link->device_up)
! 398: return;
! 399:
! 400: /* Write packet */
! 401: if (link->bundle != NULL) {
! 402: rtn = ppp_bundle_write(link->bundle,
! 403: link->link_num, proto, data, len);
! 404: } else {
! 405: rtn = ppp_node_write(link->node,
! 406: link->link_num, proto, data, len);
! 407: }
! 408:
! 409: if (rtn == -1) {
! 410: LOG(LOG_ERR, "%s: %m", "error writing to bypass");
! 411: ppp_link_close(link);
! 412: }
! 413: }
! 414:
! 415: /***********************************************************************
! 416: LCP EVENT HANDLER
! 417: ***********************************************************************/
! 418:
! 419: static void
! 420: ppp_link_lcp_event(void *arg)
! 421: {
! 422: struct ppp_link *link = arg;
! 423: struct mesg_port *const outport = ppp_fsm_get_outport(link->lcp);
! 424: struct ppp_fsm_output *output;
! 425:
! 426: /* Read and handle all FSM events */
! 427: while ((output = mesg_port_get(outport, 0)) != NULL) {
! 428:
! 429: /* Check it out */
! 430: switch (output->type) {
! 431: case FSM_OUTPUT_OPEN:
! 432: ppp_channel_open(link->device);
! 433: break;
! 434: case FSM_OUTPUT_CLOSE:
! 435: ppp_channel_close(link->device);
! 436: break;
! 437: case FSM_OUTPUT_UP:
! 438: {
! 439: struct ng_ppp_node_conf conf;
! 440: struct ng_ppp_link_conf *const lconf = &conf.links[0];
! 441:
! 442: /* Get ng_ppp(4) node configuration */
! 443: if (ppp_node_get_config(link->node, &conf) == -1) {
! 444: LOG(LOG_ERR, "can't configure node: %m");
! 445: ppp_link_close(link);
! 446: break;
! 447: }
! 448:
! 449: /* Update with negotiated LCP parameters */
! 450: ppp_lcp_get_req(link->lcp, &link->lcp_req);
! 451: lconf->enableProtoComp = link->lcp_req.pfcomp[PPP_PEER];
! 452: lconf->enableACFComp = link->lcp_req.acfcomp[PPP_PEER];
! 453: lconf->mru = MIN(
! 454: WINXP_PPTP_HACK(link->lcp_req.mru[PPP_PEER]),
! 455: ppp_channel_get_mtu(link->device));
! 456: lconf->latency = LINK_LATENCY;
! 457: lconf->bandwidth = LINK_BANDWIDTH;
! 458: if (ppp_node_set_config(link->node, &conf) == -1) {
! 459: LOG(LOG_ERR, "can't configure node: %m");
! 460: ppp_link_close(link);
! 461: break;
! 462: }
! 463:
! 464: /* Begin authentication phase */
! 465: link->state = PPP_LINK_AUTH;
! 466: ppp_link_auth_start(link);
! 467: break;
! 468: }
! 469: case FSM_OUTPUT_DOWN:
! 470: link->state = PPP_LINK_DOWN;
! 471: ppp_link_auth_stop(link);
! 472: if (link->bundle != NULL) {
! 473:
! 474: /* Leave our bundle */
! 475: assert(link->node == NULL);
! 476: ppp_bundle_unjoin(&link->bundle, link);
! 477:
! 478: /* Create a new node for this link */
! 479: if (ppp_link_get_node(link) == -1) {
! 480: ppp_link_close(link);
! 481: break;
! 482: }
! 483: }
! 484: break;
! 485: case FSM_OUTPUT_DATA:
! 486: ppp_link_write(link, PPP_PROTO_LCP,
! 487: output->u.data.data, output->u.data.length);
! 488: break;
! 489: case FSM_OUTPUT_PROTOREJ:
! 490: {
! 491: /* Log it */
! 492: LOG(LOG_NOTICE,
! 493: "peer rejected protocol 0x%04x", output->u.proto);
! 494:
! 495: /* If fatal, shut down, else report to bundle */
! 496: switch (output->u.proto) {
! 497: case PPP_PROTO_LCP:
! 498: case PPP_PROTO_CHAP:
! 499: case PPP_PROTO_PAP:
! 500: case PPP_PROTO_MP:
! 501: ppp_fsm_input(link->lcp,
! 502: FSM_INPUT_RECD_PROTOREJ, output->u.proto);
! 503: break;
! 504: default:
! 505: if (link->bundle != NULL) {
! 506: ppp_bundle_protorej(link->bundle,
! 507: output->u.proto);
! 508: }
! 509: break;
! 510: }
! 511: break;
! 512: }
! 513: case FSM_OUTPUT_DEAD:
! 514: LOG(LOG_INFO, "LCP is dead: %s",
! 515: ppp_fsm_reason_str(output));
! 516: if (link->bundle != NULL)
! 517: ppp_link_unjoin(link);
! 518: ppp_fsm_free_output(output);
! 519: ppp_link_destroy(&link);
! 520: return;
! 521: }
! 522:
! 523: /* Free output */
! 524: ppp_fsm_free_output(output);
! 525: }
! 526: }
! 527:
! 528: /***********************************************************************
! 529: DEVICE EVENT HANDLER
! 530: ***********************************************************************/
! 531:
! 532: static void
! 533: ppp_link_device_event(void *arg)
! 534: {
! 535: struct ppp_link *const link = arg;
! 536: struct mesg_port *const outport = ppp_channel_get_outport(link->device);
! 537: struct ppp_channel_output *output;
! 538:
! 539: /* Handle channel events */
! 540: while ((output = mesg_port_get(outport, 0)) != NULL) {
! 541:
! 542: /* Check event */
! 543: switch (output->type) {
! 544: case PPP_CHANNEL_OUTPUT_UP:
! 545: LOG(LOG_INFO, "device layer is up");
! 546: ppp_fsm_input(link->lcp, FSM_INPUT_UP);
! 547: link->device_up = 1;
! 548: break;
! 549: case PPP_CHANNEL_OUTPUT_DOWN_FATAL:
! 550: case PPP_CHANNEL_OUTPUT_DOWN_NONFATAL:
! 551: LOG(LOG_INFO, "device layer is down: %s", output->info);
! 552: ppp_fsm_input(link->lcp,
! 553: output->type == PPP_CHANNEL_OUTPUT_DOWN_FATAL ?
! 554: FSM_INPUT_DOWN_FATAL : FSM_INPUT_DOWN_NONFATAL);
! 555: link->device_up = 0;
! 556: break;
! 557: }
! 558:
! 559: /* Free channel output */
! 560: ppp_channel_free_output(link->device, output);
! 561: }
! 562: }
! 563:
! 564: /***********************************************************************
! 565: PPP NODE OUTPUT HANDLER
! 566: ***********************************************************************/
! 567:
! 568: /*
! 569: * Handle data received from the node's bypass hook.
! 570: */
! 571: void
! 572: ppp_link_recv_bypass(struct ppp_link *link,
! 573: u_int16_t proto, u_char *data, size_t len)
! 574: {
! 575: LOG(LOG_DEBUG + 1, "rec'd proto 0x%04x %u bytes", proto, len);
! 576: switch (proto) {
! 577: case PPP_PROTO_LCP:
! 578: ppp_fsm_input(link->lcp, FSM_INPUT_DATA, data, len);
! 579: break;
! 580: case PPP_PROTO_PAP:
! 581: case PPP_PROTO_CHAP:
! 582: {
! 583: int i;
! 584:
! 585: for (i = 0; i < 2; i++) {
! 586: struct ppp_link_auth *const auth = &link->auth[i];
! 587:
! 588: if (auth->type == NULL
! 589: || auth->arg == NULL
! 590: || auth->proto != proto)
! 591: continue;
! 592: (*auth->type->input)(auth->arg, i, data, len);
! 593: }
! 594: break;
! 595: }
! 596: case PPP_PROTO_MP:
! 597: case PPP_PROTO_IPCP:
! 598: case PPP_PROTO_IP:
! 599: case PPP_PROTO_VJCOMP:
! 600: case PPP_PROTO_VJUNCOMP:
! 601: case PPP_PROTO_CCP:
! 602: case PPP_PROTO_COMPD:
! 603: break;
! 604: default: /* send a protocol-reject */
! 605: ppp_fsm_input(link->lcp,
! 606: FSM_INPUT_XMIT_PROTOREJ, proto, data, len);
! 607: break;
! 608: }
! 609: }
! 610:
! 611: static void
! 612: ppp_link_node_recv(void *arg, u_int link_num,
! 613: u_int16_t proto, u_char *data, size_t len)
! 614: {
! 615: struct ppp_link *const link = arg;
! 616:
! 617: assert(link_num == 0);
! 618: ppp_link_recv_bypass(link, proto, data, len);
! 619: }
! 620:
! 621: /***********************************************************************
! 622: AUTHORIZATION PHASE
! 623: ***********************************************************************/
! 624:
! 625: /*
! 626: * Begin link authorization.
! 627: */
! 628: static void
! 629: ppp_link_auth_start(struct ppp_link *link)
! 630: {
! 631: int i;
! 632:
! 633: /* Get auth types negotiated by LCP */
! 634: for (i = 0; i < 2; i++) {
! 635: link->auth[i].type = (link->lcp_req.auth[i] != PPP_AUTH_NONE) ?
! 636: ppp_auth_by_index(link->lcp_req.auth[i]) : NULL;
! 637: }
! 638: LOG(LOG_DEBUG, "auth required: self=%s peer=%s",
! 639: link->auth[PPP_PEER].type != NULL ?
! 640: link->auth[PPP_PEER].type->name : "None",
! 641: link->auth[PPP_SELF].type != NULL ?
! 642: link->auth[PPP_SELF].type->name : "None");
! 643:
! 644: /* If no auth required, skip it */
! 645: if (link->auth[PPP_SELF].type == NULL
! 646: && link->auth[PPP_PEER].type == NULL) {
! 647: ppp_link_join(link);
! 648: return;
! 649: }
! 650:
! 651: /* Start auth timer */
! 652: pevent_unregister(&link->auth_timer);
! 653: if (pevent_register(link->ev_ctx, &link->auth_timer, 0,
! 654: link->mutex, ppp_link_auth_timeout, link, PEVENT_TIME,
! 655: AUTH_TIMEOUT * 1000) == -1) {
! 656: LOG(LOG_ERR, "%s: %m", "pevent_register");
! 657: ppp_link_close(link);
! 658: return;
! 659: }
! 660:
! 661: /* Start authorization in each direction */
! 662: for (i = 0; i < 2; i++) {
! 663: struct ppp_link_auth *const auth = &link->auth[i];
! 664:
! 665: if (auth->type == NULL)
! 666: continue;
! 667: if ((auth->arg = (*auth->type->start)(link->ev_ctx, link,
! 668: link->mutex, i, &auth->proto, ppp_log_dup(link->log)))
! 669: == NULL) {
! 670: LOG(LOG_ERR, "failed to initialize authorization");
! 671: ppp_link_close(link);
! 672: return;
! 673: }
! 674: }
! 675: }
! 676:
! 677: /*
! 678: * Stop link authorization.
! 679: */
! 680: static void
! 681: ppp_link_auth_stop(struct ppp_link *link)
! 682: {
! 683: int i;
! 684:
! 685: /* Stop auth timer */
! 686: pevent_unregister(&link->auth_timer);
! 687:
! 688: /* Stop auth in both directions */
! 689: for (i = 0; i < 2; i++) {
! 690: struct ppp_link_auth *const auth = &link->auth[i];
! 691:
! 692: /* Kill any threads */
! 693: paction_cancel(&auth->action);
! 694:
! 695: /* Clean up authorization code */
! 696: if (auth->arg != NULL) {
! 697: (*auth->type->cancel)(auth->arg);
! 698: auth->arg = NULL;
! 699: }
! 700: }
! 701: }
! 702:
! 703: /*
! 704: * Authorization failed to happen within the alloted time.
! 705: */
! 706: static void
! 707: ppp_link_auth_timeout(void *arg)
! 708: {
! 709: struct ppp_link *const link = arg;
! 710:
! 711: pevent_unregister(&link->auth_timer);
! 712: LOG(LOG_ERR, "authorization timed out");
! 713: ppp_link_close(link);
! 714: }
! 715:
! 716: /***********************************************************************
! 717: AUTHORIZATION CALLBACKS
! 718: ***********************************************************************/
! 719:
! 720: #define AUTHINFO_MTYPE "ppp_link.authinfo"
! 721:
! 722: /* Authorization acquire/check state */
! 723: struct ppp_link_auth_info {
! 724: struct ppp_link *link; /* link being authorized */
! 725: struct ppp_auth_cred cred; /* auth credentials */
! 726: struct ppp_auth_resp resp; /* auth response */
! 727: ppp_link_auth_finish_t *finish;/* auth finish routine */
! 728: int rtn; /* return value from user */
! 729: int error; /* saved value of 'errno' */
! 730: };
! 731:
! 732: static paction_handler_t ppp_link_auth_acquire_main;
! 733: static paction_finish_t ppp_link_auth_acquire_finish;
! 734:
! 735: static paction_handler_t ppp_link_auth_check_main;
! 736: static paction_finish_t ppp_link_auth_check_finish;
! 737:
! 738: /*
! 739: * Acquire or check authorization credentials.
! 740: *
! 741: * This action is done in a separate thread.
! 742: */
! 743: int
! 744: ppp_link_authorize(struct ppp_link *link, int dir,
! 745: const struct ppp_auth_cred *cred, ppp_link_auth_finish_t *authfinish)
! 746: {
! 747: struct ppp_link_auth *const auth = &link->auth[dir];
! 748: struct ppp_link_auth_info *authinfo;
! 749: paction_handler_t *handler;
! 750: paction_finish_t *finish;
! 751:
! 752: /* Sanity check */
! 753: assert(auth->action == NULL);
! 754:
! 755: /* Set up for 'acquire' or 'check' */
! 756: if (dir == PPP_PEER) {
! 757: if (link->conf.auth.meth->acquire == NULL) {
! 758: LOG(LOG_ERR, "no method provided for %s credentials",
! 759: "acquiring");
! 760: return (-1);
! 761: }
! 762: handler = ppp_link_auth_acquire_main;
! 763: finish = ppp_link_auth_acquire_finish;
! 764: } else {
! 765: if (link->conf.auth.meth->check == NULL) {
! 766: LOG(LOG_ERR, "no method provided for %s credentials",
! 767: "checking");
! 768: return (-1);
! 769: }
! 770: handler = ppp_link_auth_check_main;
! 771: finish = ppp_link_auth_check_finish;
! 772: }
! 773:
! 774: /* Create auth info */
! 775: if ((authinfo = MALLOC(AUTHINFO_MTYPE, sizeof(*authinfo))) == NULL) {
! 776: LOG(LOG_ERR, "%s: %m", "malloc");
! 777: return (-1);
! 778: }
! 779: memset(authinfo, 0, sizeof(*authinfo));
! 780: authinfo->link = link;
! 781: authinfo->cred = *cred;
! 782: authinfo->finish = authfinish;
! 783:
! 784: /* Initiate authorization action */
! 785: if (paction_start(&auth->action, link->mutex,
! 786: handler, finish, authinfo) == -1) {
! 787: LOG(LOG_ERR, "%s: %m", "paction_start");
! 788: FREE(AUTHINFO_MTYPE, authinfo);
! 789: return (-1);
! 790: }
! 791:
! 792: /* Done */
! 793: return (0);
! 794: }
! 795:
! 796: /*
! 797: * Acquire authorization credentials.
! 798: *
! 799: * The mutex is NOT locked when this is called.
! 800: */
! 801: static void
! 802: ppp_link_auth_acquire_main(void *arg)
! 803: {
! 804: struct ppp_link_auth_info *const authinfo = arg;
! 805: struct ppp_link *const link = authinfo->link;
! 806:
! 807: /* Acquire credentials */
! 808: authinfo->rtn = (*link->conf.auth.meth->acquire)(link,
! 809: &authinfo->cred, &authinfo->resp);
! 810: authinfo->error = errno;
! 811: }
! 812:
! 813: /*
! 814: * Finish acquiring authorization credentials.
! 815: *
! 816: * The mutex is locked when this is called unless 'canceled' is true.
! 817: */
! 818: static void
! 819: ppp_link_auth_acquire_finish(void *arg, int canceled)
! 820: {
! 821: struct ppp_link_auth_info *const authinfo = arg;
! 822: struct ppp_link *const link = authinfo->link;
! 823: struct ppp_link_auth *const auth = &link->auth[PPP_PEER];
! 824:
! 825: /* If canceled, just clean up */
! 826: if (canceled)
! 827: goto done;
! 828:
! 829: /* If acquiring credentials failed, bail out here */
! 830: if (authinfo->rtn != 0) {
! 831: if (*authinfo->resp.errmsg == '\0') {
! 832: strlcpy(authinfo->resp.errmsg,
! 833: strerror(authinfo->error),
! 834: sizeof(authinfo->resp.errmsg));
! 835: }
! 836: LOG(LOG_WARNING, "failed to acquire credentials: %s",
! 837: auth->resp.errmsg);
! 838: ppp_link_auth_complete(link, PPP_PEER, NULL, NULL);
! 839: return;
! 840: }
! 841:
! 842: /* Save a copy of credentials */
! 843: auth->cred = authinfo->cred;
! 844: auth->resp = authinfo->resp;
! 845:
! 846: /* Report credentials back to authorization code */
! 847: (*authinfo->finish)(auth->arg, &authinfo->cred, &authinfo->resp);
! 848:
! 849: done:
! 850: /* Free authinfo */
! 851: FREE(AUTHINFO_MTYPE, authinfo);
! 852: }
! 853:
! 854: /*
! 855: * Check authorization credentials.
! 856: *
! 857: * The mutex is NOT locked when this is called.
! 858: */
! 859: static void
! 860: ppp_link_auth_check_main(void *arg)
! 861: {
! 862: struct ppp_link_auth_info *const authinfo = arg;
! 863: struct ppp_link *const link = authinfo->link;
! 864:
! 865: /* Check credentials */
! 866: authinfo->rtn = (*link->conf.auth.meth->check)(link,
! 867: &authinfo->cred, &authinfo->resp);
! 868: authinfo->error = errno;
! 869: }
! 870:
! 871: /*
! 872: * Finish checking authorization credentials.
! 873: *
! 874: * The mutex is locked when this is called.
! 875: */
! 876: static void
! 877: ppp_link_auth_check_finish(void *arg, int canceled)
! 878: {
! 879: struct ppp_link_auth_info *const authinfo = arg;
! 880: struct ppp_link *const link = authinfo->link;
! 881: struct ppp_link_auth *const auth = &link->auth[PPP_SELF];
! 882:
! 883: /* If canceled, just clean up */
! 884: if (canceled)
! 885: goto done;
! 886:
! 887: /* Save a copy of credentials */
! 888: auth->cred = authinfo->cred;
! 889: auth->resp = authinfo->resp;
! 890:
! 891: /* Fill in error message to indicate invalid credentials */
! 892: if (authinfo->rtn != 0) {
! 893: if (*authinfo->resp.errmsg == '\0') {
! 894: strlcpy(authinfo->resp.errmsg,
! 895: strerror(authinfo->error),
! 896: sizeof(authinfo->resp.errmsg));
! 897: }
! 898: }
! 899:
! 900: /* Report result back to authorization code */
! 901: (*authinfo->finish)(auth->arg, &authinfo->cred, &authinfo->resp);
! 902:
! 903: done:
! 904: /* Free authinfo */
! 905: FREE(AUTHINFO_MTYPE, authinfo);
! 906: }
! 907:
! 908: /*
! 909: * Determine if an authorization action is already in progress.
! 910: */
! 911: int
! 912: ppp_link_auth_in_progress(struct ppp_link *link, int dir)
! 913: {
! 914: struct ppp_link_auth *const auth = &link->auth[dir];
! 915:
! 916: return (auth->action != NULL);
! 917: }
! 918:
! 919: /*
! 920: * Finish link authorization (in one direction).
! 921: *
! 922: * A NULL 'cred' indicates failure.
! 923: */
! 924: void
! 925: ppp_link_auth_complete(struct ppp_link *link, int dir,
! 926: const struct ppp_auth_cred *cred, const union ppp_auth_mppe *mppe)
! 927: {
! 928: struct ppp_link_auth *const auth = &link->auth[dir];
! 929:
! 930: /* Sanity check */
! 931: assert(auth->arg != NULL);
! 932:
! 933: /* If auth failed, close link */
! 934: if (cred == NULL) {
! 935: LOG(LOG_NOTICE, "authorization %s peer failed",
! 936: dir == PPP_SELF ? "from" : "to");
! 937: ppp_link_close(link);
! 938: return;
! 939: }
! 940:
! 941: /* Save credentials and MPPE info */
! 942: auth->cred = *cred;
! 943: if (mppe != NULL)
! 944: auth->mppe = *mppe;
! 945:
! 946: /* Destroy auth object for this direction */
! 947: (*auth->type->cancel)(auth->arg);
! 948: auth->arg = NULL;
! 949:
! 950: /* If other direction still active, let it finish */
! 951: if (link->auth[!dir].arg != NULL)
! 952: return;
! 953:
! 954: /* Move to the 'UP' state */
! 955: ppp_link_auth_stop(link);
! 956: ppp_link_join(link);
! 957: }
! 958:
! 959: /*
! 960: * Get this link's authorization configuration.
! 961: */
! 962: const struct ppp_auth_config *
! 963: ppp_link_auth_get_config(struct ppp_link *link)
! 964: {
! 965: return (&link->conf.auth);
! 966: }
! 967:
! 968: /*
! 969: * Get this link's authorization type in one direction.
! 970: */
! 971: const struct ppp_auth_type *
! 972: ppp_link_get_auth(struct ppp_link *link, int dir)
! 973: {
! 974: dir &= 1;
! 975: return (link->auth[dir].type);
! 976: }
! 977:
! 978: /*
! 979: * Get this link's log
! 980: */
! 981: struct ppp_log *
! 982: ppp_link_get_log(struct ppp_link *link)
! 983: {
! 984: return (link->log);
! 985: }
! 986:
! 987: /***********************************************************************
! 988: BUNDLE OPERATIONS
! 989: ***********************************************************************/
! 990:
! 991: /*
! 992: * The link FSM has reached the OPENED state and authentication
! 993: * was successful, so join a bundle.
! 994: */
! 995: static void
! 996: ppp_link_join(struct ppp_link *link)
! 997: {
! 998: assert(link->bundle == NULL);
! 999: if ((link->bundle = ppp_engine_join(link->engine,
! 1000: link, &link->node, &link->link_num)) == NULL) {
! 1001: ppp_link_close(link);
! 1002: return;
! 1003: }
! 1004: link->state = PPP_LINK_UP;
! 1005: }
! 1006:
! 1007: /*
! 1008: * Link has left the OPENED state, so leave bundle (if any).
! 1009: */
! 1010: static void
! 1011: ppp_link_unjoin(struct ppp_link *link)
! 1012: {
! 1013: ppp_bundle_unjoin(&link->bundle, link); /* ok if bundle null */
! 1014: }
! 1015:
! 1016: /***********************************************************************
! 1017: INTERNAL FUNCTIONS
! 1018: ***********************************************************************/
! 1019:
! 1020: /*
! 1021: * Acquire an ng_ppp(4) node for this link to use.
! 1022: */
! 1023: static int
! 1024: ppp_link_get_node(struct ppp_link *link)
! 1025: {
! 1026: const char *node;
! 1027: const char *hook;
! 1028:
! 1029: /* Sanity check */
! 1030: if (link->node != NULL)
! 1031: return (0);
! 1032:
! 1033: /* Get new node */
! 1034: if ((link->node = ppp_node_create(link->ev_ctx,
! 1035: link->mutex, ppp_log_dup(link->log))) == NULL) {
! 1036: LOG(LOG_ERR, "%s: %m", "creating ppp node");
! 1037: return (-1);
! 1038: }
! 1039:
! 1040: /* Connect device to node */
! 1041: if ((node = ppp_channel_get_node(link->device)) == NULL
! 1042: || (hook = ppp_channel_get_hook(link->device)) == NULL) {
! 1043: LOG(LOG_ERR, "channel is not a device");
! 1044: ppp_node_destroy(&link->node);
! 1045: return (-1);
! 1046: }
! 1047: if (ppp_node_connect(link->node, 0, node, hook) == -1) {
! 1048: LOG(LOG_ERR, "%s: %m", "connecting device to node");
! 1049: ppp_node_destroy(&link->node);
! 1050: return (-1);
! 1051: }
! 1052:
! 1053: /* Receive all node bypass packets */
! 1054: ppp_node_set_recv(link->node, ppp_link_node_recv, link);
! 1055:
! 1056: /* Done */
! 1057: return (0);
! 1058: }
! 1059:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to ppp_link.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / libpdel / ppp