![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to ecp.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / mpd / src|
Return to ecp.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / mpd / src |
1.1 misho 1:
2: /*
3: * ecp.c
4: *
5: * Written by Archie Cobbs <archie@freebsd.org>
6: * Copyright (c) 1998-1999 Whistle Communications, Inc. All rights reserved.
7: * See ``COPYRIGHT.whistle''
8: */
9:
10: #include "ppp.h"
11: #include "bund.h"
12: #include "ecp.h"
13: #include "fsm.h"
14: #include "ngfunc.h"
15:
16: #include <netgraph/ng_message.h>
17: #include <netgraph/ng_socket.h>
18: #include <netgraph.h>
19:
20: /*
21: * DEFINITIONS
22: */
23:
24: #define ECP_MAXFAILURE 7
25:
26: #define ECP_KNOWN_CODES ( (1 << CODE_CONFIGREQ) \
27: | (1 << CODE_CONFIGACK) \
28: | (1 << CODE_CONFIGNAK) \
29: | (1 << CODE_CONFIGREJ) \
30: | (1 << CODE_TERMREQ) \
31: | (1 << CODE_TERMACK) \
32: | (1 << CODE_CODEREJ) \
33: | (1 << CODE_RESETREQ) \
34: | (1 << CODE_RESETACK) )
35:
36: #define ECP_OVERHEAD 2
37:
38: #define ECP_PEER_REJECTED(p,x) ((p)->peer_reject & (1<<(x)))
39: #define ECP_SELF_REJECTED(p,x) ((p)->self_reject & (1<<(x)))
40:
41: #define ECP_PEER_REJ(p,x) do{(p)->peer_reject |= (1<<(x));}while(0)
42: #define ECP_SELF_REJ(p,x) do{(p)->self_reject |= (1<<(x));}while(0)
43:
44: /* Set menu options */
45:
46: enum
47: {
48: SET_KEY,
49: SET_ACCEPT,
50: SET_DENY,
51: SET_ENABLE,
52: SET_DISABLE,
53: SET_YES,
54: SET_NO
55: };
56:
57: /*
58: * INTERNAL FUNCTIONS
59: */
60:
61: static void EcpConfigure(Fsm fp);
62: static void EcpUnConfigure(Fsm fp);
63: static u_char *EcpBuildConfigReq(Fsm fp, u_char *cp);
64: static void EcpDecodeConfig(Fsm fp, FsmOption a, int num, int mode);
65: static void EcpLayerUp(Fsm fp);
66: static void EcpLayerDown(Fsm fp);
67: static void EcpFailure(Fsm f, enum fsmfail reason);
68: static void EcpRecvResetReq(Fsm fp, int id, Mbuf bp);
69: static void EcpRecvResetAck(Fsm fp, int id, Mbuf bp);
70:
71: static int EcpSetCommand(Context ctx, int ac, char *av[], void *arg);
72: static EncType EcpFindType(int type, int *indexp);
73: static const char *EcpTypeName(int type);
74:
75: static void EcpNgDataEvent(int type, void *cookie);
76:
77: /*
78: * GLOBAL VARIABLES
79: */
80:
81: const struct cmdtab EcpSetCmds[] =
82: {
83: { "key {string}", "Set encryption key",
84: EcpSetCommand, NULL, 2, (void *) SET_KEY },
85: { "accept [opt ...]", "Accept option",
86: EcpSetCommand, NULL, 2, (void *) SET_ACCEPT },
87: { "deny [opt ...]", "Deny option",
88: EcpSetCommand, NULL, 2, (void *) SET_DENY },
89: { "enable [opt ...]", "Enable option",
90: EcpSetCommand, NULL, 2, (void *) SET_ENABLE },
91: { "disable [opt ...]", "Disable option",
92: EcpSetCommand, NULL, 2, (void *) SET_DISABLE },
93: { "yes [opt ...]", "Enable and accept option",
94: EcpSetCommand, NULL, 2, (void *) SET_YES },
95: { "no [opt ...]", "Disable and deny option",
96: EcpSetCommand, NULL, 2, (void *) SET_NO },
97: { NULL },
98: };
99:
100: /*
101: * INTERNAL VARIABLES
102: */
103:
104: /* These should be listed in order of preference */
105:
106: static const EncType gEncTypes[] =
107: {
108: #ifdef ECP_DES
109: &gDeseBisEncType,
110: &gDeseEncType,
111: #endif
112: };
113: #define ECP_NUM_PROTOS (sizeof(gEncTypes) / sizeof(*gEncTypes))
114:
115: /* Corresponding option list */
116:
117: static const struct confinfo *gConfList;
118:
119: /* Initializer for struct fsm fields */
120:
121: static const struct fsmtype gEcpFsmType =
122: {
123: "ECP",
124: PROTO_ECP,
125: ECP_KNOWN_CODES,
126: FALSE,
127: LG_ECP, LG_ECP2,
128: NULL,
129: EcpLayerUp,
130: EcpLayerDown,
131: NULL,
132: NULL,
133: EcpBuildConfigReq,
134: EcpDecodeConfig,
135: EcpConfigure,
136: EcpUnConfigure,
137: NULL,
138: NULL,
139: NULL,
140: NULL,
141: EcpFailure,
142: EcpRecvResetReq,
143: EcpRecvResetAck,
144: };
145:
146: /* Names for different types of encryption */
147:
148: static const struct ecpname
149: {
150: u_char type;
151: const char *name;
152: }
153: gEcpTypeNames[] =
154: {
155: { ECP_TY_OUI, "OUI" },
156: { ECP_TY_DESE, "DESE" },
157: { ECP_TY_3DESE, "3DESE" },
158: { ECP_TY_DESE_bis, "DESE-bis" },
159: { 0, NULL },
160: };
161:
162: int gEcpCsock = -1; /* Socket node control socket */
163: int gEcpDsock = -1; /* Socket node data socket */
164: EventRef gEcpDataEvent;
165:
166: int
167: EcpsInit(void)
168: {
169: char name[NG_NODESIZ];
170:
171: /* Create a netgraph socket node */
172: snprintf(name, sizeof(name), "mpd%d-eso", gPid);
173: if (NgMkSockNode(name, &gEcpCsock, &gEcpDsock) < 0) {
174: Perror("EcpsInit(): can't create %s node", NG_SOCKET_NODE_TYPE);
175: return(-1);
176: }
177: (void) fcntl(gEcpCsock, F_SETFD, 1);
178: (void) fcntl(gEcpDsock, F_SETFD, 1);
179:
180: /* Listen for happenings on our node */
181: EventRegister(&gEcpDataEvent, EVENT_READ,
182: gEcpDsock, EVENT_RECURRING, EcpNgDataEvent, NULL);
183:
184: return (0);
185: }
186:
187: void
188: EcpsShutdown(void)
189: {
190: close(gEcpCsock);
191: gEcpCsock = -1;
192: EventUnRegister(&gEcpDataEvent);
193: close(gEcpDsock);
194: gEcpDsock = -1;
195: }
196:
197: /*
198: * EcpInit()
199: */
200:
201: void
202: EcpInit(Bund b)
203: {
204: EcpState ecp = &b->ecp;
205:
206: /* Init ECP state for this bundle */
207:
208: memset(ecp, 0, sizeof(*ecp));
209: FsmInit(&ecp->fsm, &gEcpFsmType, b);
210: ecp->fsm.conf.maxfailure = ECP_MAXFAILURE;
211:
212: /* Construct options list if we haven't done so already */
213:
214: if (gConfList == NULL)
215: {
216: struct confinfo *ci;
217: int k;
218:
219: ci = Malloc(MB_CRYPT, (ECP_NUM_PROTOS + 1) * sizeof(*ci));
220: for (k = 0; k < ECP_NUM_PROTOS; k++)
221: {
222: ci[k].option = k;
223: ci[k].peered = TRUE;
224: ci[k].name = gEncTypes[k]->name;
225: }
226: ci[k].name = NULL;
227: gConfList = (const struct confinfo *) ci;
228: }
229: }
230:
231: /*
232: * EcpInst()
233: */
234:
235: void
236: EcpInst(Bund b, Bund bt)
237: {
238: EcpState ecp = &b->ecp;
239:
240: /* Init ECP state for this bundle */
241: memcpy(ecp, &bt->ecp, sizeof(*ecp));
242: FsmInst(&ecp->fsm, &bt->ecp.fsm, b);
243: }
244:
245: /*
246: * EcpConfigure()
247: */
248:
249: static void
250: EcpConfigure(Fsm fp)
251: {
252: Bund b = (Bund)fp->arg;
253: EcpState const ecp = &b->ecp;
254: int k;
255:
256: for (k = 0; k < ECP_NUM_PROTOS; k++)
257: {
258: EncType const et = gEncTypes[k];
259:
260: if (et->Configure)
261: (*et->Configure)(b);
262: }
263: ecp->xmit = NULL;
264: ecp->recv = NULL;
265: ecp->self_reject = 0;
266: ecp->peer_reject = 0;
267: }
268:
269: /*
270: * EcpUnConfigure()
271: */
272:
273: static void
274: EcpUnConfigure(Fsm fp)
275: {
276: Bund b = (Bund)fp->arg;
277: EcpState const ecp = &b->ecp;
278: int k;
279:
280: for (k = 0; k < ECP_NUM_PROTOS; k++)
281: {
282: EncType const et = gEncTypes[k];
283:
284: if (et->UnConfigure)
285: (*et->UnConfigure)(b);
286: }
287: ecp->xmit = NULL;
288: ecp->recv = NULL;
289: ecp->self_reject = 0;
290: ecp->peer_reject = 0;
291: }
292:
293: /*
294: * EcpNgDataEvent()
295: */
296:
297: static void
298: EcpNgDataEvent(int type, void *cookie)
299: {
300: Bund b;
301: struct sockaddr_ng naddr;
302: socklen_t nsize;
303: Mbuf bp;
304: int num = 0;
305: char *bundname, *rest;
306: int id;
307:
308: while (1) {
309: /* Protect from bundle shutdown and DoS */
310: if (num > 100)
311: return;
312:
313: bp = mballoc(4096);
314:
315: /* Read data */
316: nsize = sizeof(naddr);
317: if ((bp->cnt = recvfrom(gEcpDsock, MBDATA(bp), MBSPACE(bp),
318: MSG_DONTWAIT, (struct sockaddr *)&naddr, &nsize)) < 0) {
319: mbfree(bp);
320: if (errno == EAGAIN)
321: return;
322: Log(LG_BUND|LG_ERR, ("EcpNgDataEvent: socket read: %s", strerror(errno)));
323: return;
324: }
325: num++;
326:
327: /* Debugging */
328: LogDumpBp(LG_FRAME, bp,
329: "EcpNgDataEvent: rec'd %d bytes frame on %s hook", MBLEN(bp), naddr.sg_data);
330:
331: bundname = ((struct sockaddr_ng *)&naddr)->sg_data;
332: if (bundname[0] != 'e' && bundname[0] != 'd') {
333: Log(LG_ERR, ("ECP: Packet from unknown hook \"%s\"",
334: bundname));
335: mbfree(bp);
336: continue;
337: }
338: bundname++;
339: id = strtol(bundname, &rest, 10);
340: if (rest[0] != 0 || !gBundles[id] || gBundles[id]->dead) {
341: Log(LG_ERR, ("ECP: Packet from unexisting bundle \"%s\"",
342: bundname));
343: mbfree(bp);
344: continue;
345: }
346:
347: b = gBundles[id];
348:
349: /* Packet requiring compression */
350: if (bundname[0] == 'e') {
351: bp = EcpDataOutput(b, bp);
352: } else {
353: /* Packet requiring decompression */
354: bp = EcpDataInput(b, bp);
355: }
356: if (bp)
357: NgFuncWriteFrame(gEcpDsock, naddr.sg_data, b->name, bp);
358: }
359: }
360:
361:
362: /*
363: * EcpDataOutput()
364: *
365: * Encrypt a frame. Consumes the original packet.
366: */
367:
368: Mbuf
369: EcpDataOutput(Bund b, Mbuf plain)
370: {
371: EcpState const ecp = &b->ecp;
372: Mbuf cypher;
373:
374: LogDumpBp(LG_FRAME, plain, "[%s] %s: xmit plain", Pref(&ecp->fsm), Fsm(&ecp->fsm));
375:
376: /* Encrypt packet */
377:
378: if ((!ecp->xmit) || (!ecp->xmit->Encrypt))
379: {
380: Log(LG_ERR, ("[%s] %s: no encryption for xmit", Pref(&ecp->fsm), Fsm(&ecp->fsm)));
381: mbfree(plain);
382: return(NULL);
383: }
384: cypher = (*ecp->xmit->Encrypt)(b, plain);
385: LogDumpBp(LG_FRAME, cypher, "[%s] %s: xmit cypher", Pref(&ecp->fsm), Fsm(&ecp->fsm));
386:
387: /* Return result, with new protocol number */
388:
389: return(cypher);
390: }
391:
392: /*
393: * EcpDataInput()
394: *
395: * Decrypt incoming packet. If packet got garbled, return NULL.
396: * In any case, we consume the packet passed to us.
397: */
398:
399: Mbuf
400: EcpDataInput(Bund b, Mbuf cypher)
401: {
402: EcpState const ecp = &b->ecp;
403: Mbuf plain;
404:
405: LogDumpBp(LG_FRAME, cypher, "[%s] %s: recv cypher", Pref(&ecp->fsm), Fsm(&ecp->fsm));
406:
407: /* Decrypt packet */
408:
409: if ((!ecp->recv) || (!ecp->recv->Decrypt))
410: {
411: Log(LG_ERR, ("[%s] %s: no encryption for recv", Pref(&ecp->fsm), Fsm(&ecp->fsm)));
412: mbfree(cypher);
413: return(NULL);
414: }
415:
416: plain = (*ecp->recv->Decrypt)(b, cypher);
417:
418: /* Decrypted ok? */
419:
420: if (plain == NULL)
421: {
422: Log(LG_ECP, ("[%s] %s: decryption failed", Pref(&ecp->fsm), Fsm(&ecp->fsm)));
423: return(NULL);
424: }
425:
426: LogDumpBp(LG_FRAME, plain, "[%s] %s: recv plain", Pref(&ecp->fsm), Fsm(&ecp->fsm));
427: /* Done */
428:
429: return(plain);
430: }
431:
432: /*
433: * EcpUp()
434: */
435:
436: void
437: EcpUp(Bund b)
438: {
439: FsmUp(&b->ecp.fsm);
440: }
441:
442: /*
443: * EcpDown()
444: */
445:
446: void
447: EcpDown(Bund b)
448: {
449: FsmDown(&b->ecp.fsm);
450: }
451:
452: /*
453: * EcpOpen()
454: */
455:
456: void
457: EcpOpen(Bund b)
458: {
459: FsmOpen(&b->ecp.fsm);
460: }
461:
462: /*
463: * EcpClose()
464: */
465:
466: void
467: EcpClose(Bund b)
468: {
469: FsmClose(&b->ecp.fsm);
470: }
471:
472: /*
473: * EcpOpenCmd()
474: */
475:
476: int
477: EcpOpenCmd(Context ctx)
478: {
479: if (ctx->bund->tmpl)
480: Error("impossible to open template");
481: FsmOpen(&ctx->bund->ecp.fsm);
482: return (0);
483: }
484:
485: /*
486: * EcpCloseCmd()
487: */
488:
489: int
490: EcpCloseCmd(Context ctx)
491: {
492: if (ctx->bund->tmpl)
493: Error("impossible to close template");
494: FsmClose(&ctx->bund->ecp.fsm);
495: return (0);
496: }
497:
498: /*
499: * EcpFailure()
500: *
501: * This is fatal to the entire link if encryption is required.
502: */
503:
504: static void
505: EcpFailure(Fsm fp, enum fsmfail reason)
506: {
507: Bund b = (Bund)fp->arg;
508: if (Enabled(&b->conf.options, BUND_CONF_CRYPT_REQD)) {
509: FsmFailure(&b->ipcp.fsm, FAIL_CANT_ENCRYPT);
510: FsmFailure(&b->ipv6cp.fsm, FAIL_CANT_ENCRYPT);
511: }
512: }
513:
514: /*
515: * EcpStat()
516: */
517:
518: int
519: EcpStat(Context ctx, int ac, char *av[], void *arg)
520: {
521: EcpState const ecp = &ctx->bund->ecp;
522:
523: Printf("[%s] %s [%s]\r\n", Pref(&ecp->fsm), Fsm(&ecp->fsm), FsmStateName(ecp->fsm.state));
524: Printf("Enabled protocols:\r\n");
525: OptStat(ctx, &ecp->options, gConfList);
526: Printf("Outgoing encryption:\r\n");
527: Printf("\tProto\t: %s\r\n", ecp->xmit ? ecp->xmit->name : "none");
528: if (ecp->xmit && ecp->xmit->Stat)
529: ecp->xmit->Stat(ctx, ECP_DIR_XMIT);
530: Printf("\tResets\t: %d\r\n", ecp->xmit_resets);
531: Printf("Incoming decryption:\r\n");
532: Printf("\tProto\t: %s\r\n", ecp->recv ? ecp->recv->name : "none");
533: if (ecp->recv && ecp->recv->Stat)
534: ecp->recv->Stat(ctx, ECP_DIR_RECV);
535: Printf("\tResets\t: %d\r\n", ecp->recv_resets);
536: return(0);
537: }
538:
539: /*
540: * EcpSendResetReq()
541: */
542:
543: void
544: EcpSendResetReq(Fsm fp)
545: {
546: Bund b = (Bund)fp->arg;
547: EcpState const ecp = &b->ecp;
548: EncType const et = ecp->recv;
549: Mbuf bp = NULL;
550:
551: assert(et);
552: ecp->recv_resets++;
553: if (et->SendResetReq)
554: bp = (*et->SendResetReq)(b);
555: Log(LG_ECP, ("[%s] %s: SendResetReq", Pref(fp), Fsm(fp)));
556: FsmOutputMbuf(fp, CODE_RESETREQ, fp->reqid++, bp);
557: }
558:
559: /*
560: * EcpRecvResetReq()
561: */
562:
563: void
564: EcpRecvResetReq(Fsm fp, int id, Mbuf bp)
565: {
566: Bund b = (Bund)fp->arg;
567: EcpState const ecp = &b->ecp;
568: EncType const et = ecp->xmit;
569:
570: ecp->xmit_resets++;
571: bp = (et && et->RecvResetReq) ? (*et->RecvResetReq)(b, id, bp) : NULL;
572: Log(fp->log, ("[%s] %s: SendResetAck", Pref(fp), Fsm(fp)));
573: FsmOutputMbuf(fp, CODE_RESETACK, id, bp);
574: }
575:
576: /*
577: * EcpRecvResetAck()
578: */
579:
580: static void
581: EcpRecvResetAck(Fsm fp, int id, Mbuf bp)
582: {
583: Bund b = (Bund)fp->arg;
584: EcpState const ecp = &b->ecp;
585: EncType const et = ecp->recv;
586:
587: if (et && et->RecvResetAck)
588: (*et->RecvResetAck)(b, id, bp);
589: }
590:
591: /*
592: * EcpInput()
593: */
594:
595: void
596: EcpInput(Bund b, Mbuf bp)
597: {
598: FsmInput(&b->ecp.fsm, bp);
599: }
600:
601: /*
602: * EcpBuildConfigReq()
603: */
604:
605: static u_char *
606: EcpBuildConfigReq(Fsm fp, u_char *cp)
607: {
608: Bund b = (Bund)fp->arg;
609: EcpState const ecp = &b->ecp;
610: int type;
611:
612: /* Put in all options that peer hasn't rejected */
613:
614: for (ecp->xmit = NULL, type = 0; type < ECP_NUM_PROTOS; type++)
615: {
616: EncType const et = gEncTypes[type];
617:
618: if (Enabled(&ecp->options, type) && !ECP_PEER_REJECTED(ecp, type))
619: {
620: cp = (*et->BuildConfigReq)(b, cp);
621: if (!ecp->xmit)
622: ecp->xmit = et;
623: }
624: }
625: return(cp);
626: }
627:
628: /*
629: * EcpLayerUp()
630: *
631: * Called when ECP has reached the OPENED state
632: */
633:
634: static void
635: EcpLayerUp(Fsm fp)
636: {
637: Bund b = (Bund)fp->arg;
638: EcpState const ecp = &b->ecp;
639: struct ngm_connect cn;
640:
641: /* Initialize */
642: if (ecp->xmit && ecp->xmit->Init)
643: (*ecp->xmit->Init)(b, ECP_DIR_XMIT);
644: if (ecp->recv && ecp->recv->Init)
645: (*ecp->recv->Init)(b, ECP_DIR_RECV);
646:
647: if (ecp->recv && ecp->recv->Decrypt)
648: {
649: /* Connect a hook from the bpf node to our socket node */
650: snprintf(cn.path, sizeof(cn.path), "[%x]:", b->nodeID);
651: snprintf(cn.ourhook, sizeof(cn.ourhook), "d%d", b->id);
652: strcpy(cn.peerhook, NG_PPP_HOOK_DECRYPT);
653: if (NgSendMsg(gEcpCsock, ".:",
654: NGM_GENERIC_COOKIE, NGM_CONNECT, &cn, sizeof(cn)) < 0) {
655: Perror("[%s] can't connect \"%s\"->\"%s\" and \"%s\"->\"%s\"",
656: b->name, ".:", cn.ourhook, cn.path, cn.peerhook);
657: }
658: }
659: if (ecp->xmit && ecp->xmit->Encrypt)
660: {
661: /* Connect a hook from the bpf node to our socket node */
662: snprintf(cn.path, sizeof(cn.path), "[%x]:", b->nodeID);
663: snprintf(cn.ourhook, sizeof(cn.ourhook), "e%d", b->id);
664: strcpy(cn.peerhook, NG_PPP_HOOK_ENCRYPT);
665: if (NgSendMsg(gEcpCsock, ".:",
666: NGM_GENERIC_COOKIE, NGM_CONNECT, &cn, sizeof(cn)) < 0) {
667: Perror("[%s] can't connect \"%s\"->\"%s\" and \"%s\"->\"%s\"",
668: b->name, ".:", cn.ourhook, cn.path, cn.peerhook);
669: }
670: }
671:
672: Log(LG_ECP, ("[%s] ECP: Encrypt using: %s", b->name, !ecp->xmit ? "none" : ecp->xmit->name));
673: Log(LG_ECP, ("[%s] ECP: Decrypt using: %s", b->name, !ecp->recv ? "none" : ecp->recv->name));
674:
675: /* Update PPP node config */
676: b->pppConfig.bund.enableEncryption = (ecp->xmit != NULL);
677: b->pppConfig.bund.enableDecryption = (ecp->recv != NULL);
678: NgFuncSetConfig(b);
679:
680: /* Update interface MTU */
681: BundUpdateParams(b);
682: }
683:
684: /*
685: * EcpLayerDown()
686: *
687: * Called when ECP leaves the OPENED state
688: */
689:
690: static void
691: EcpLayerDown(Fsm fp)
692: {
693: Bund b = (Bund)fp->arg;
694: EcpState const ecp = &b->ecp;
695:
696: /* Update PPP node config */
697: b->pppConfig.bund.enableEncryption = 0;
698: b->pppConfig.bund.enableDecryption = 0;
699: NgFuncSetConfig(b);
700:
701: /* Update interface MTU */
702: BundUpdateParams(b);
703:
704: if (ecp->xmit != NULL && ecp->xmit->Encrypt != NULL) {
705: char hook[NG_HOOKSIZ];
706: /* Disconnect hook. */
707: snprintf(hook, sizeof(hook), "e%d", b->id);
708: NgFuncDisconnect(gEcpCsock, b->name, ".:", hook);
709: }
710:
711: if (ecp->recv != NULL && ecp->recv->Decrypt != NULL) {
712: char hook[NG_HOOKSIZ];
713: /* Disconnect hook. */
714: snprintf(hook, sizeof(hook), "d%d", b->id);
715: NgFuncDisconnect(gEcpCsock, b->name, ".:", hook);
716: }
717:
718: if (ecp->xmit && ecp->xmit->Cleanup)
719: (ecp->xmit->Cleanup)(b, ECP_DIR_XMIT);
720: if (ecp->recv && ecp->recv->Cleanup)
721: (ecp->recv->Cleanup)(b, ECP_DIR_RECV);
722:
723: ecp->xmit_resets = 0;
724: ecp->recv_resets = 0;
725: }
726:
727: /*
728: * EcpDecodeConfig()
729: */
730:
731: static void
732: EcpDecodeConfig(Fsm fp, FsmOption list, int num, int mode)
733: {
734: Bund b = (Bund)fp->arg;
735: EcpState const ecp = &b->ecp;
736: u_int ackSizeSave, rejSizeSave;
737: int k, rej;
738:
739: /* Forget our previous choice on new request */
740: if (mode == MODE_REQ)
741: ecp->recv = NULL;
742:
743: /* Decode each config option */
744:
745: for (k = 0; k < num; k++)
746: {
747: FsmOption const opt = &list[k];
748: int index;
749: EncType et;
750:
751: Log(LG_ECP, ("[%s] %s", b->name, EcpTypeName(opt->type)));
752: if ((et = EcpFindType(opt->type, &index)) == NULL)
753: {
754: if (mode == MODE_REQ)
755: {
756: Log(LG_ECP, ("[%s] Not supported", b->name));
757: FsmRej(fp, opt);
758: }
759: continue;
760: }
761: switch (mode)
762: {
763: case MODE_REQ:
764: ackSizeSave = gAckSize;
765: rejSizeSave = gRejSize;
766: rej = (!Acceptable(&ecp->options, index)
767: || ECP_SELF_REJECTED(ecp, index)
768: || (ecp->recv && ecp->recv != et));
769: if (rej)
770: {
771: (*et->DecodeConfig)(fp, opt, MODE_NOP);
772: FsmRej(fp, opt);
773: break;
774: }
775: (*et->DecodeConfig)(fp, opt, mode);
776: if (gRejSize != rejSizeSave) /* we rejected it */
777: {
778: ECP_SELF_REJ(ecp, index);
779: break;
780: }
781: if (gAckSize != ackSizeSave) /* we accepted it */
782: ecp->recv = et;
783: break;
784:
785: case MODE_NAK:
786: (*et->DecodeConfig)(fp, opt, mode);
787: break;
788:
789: case MODE_REJ:
790: (*et->DecodeConfig)(fp, opt, mode);
791: ECP_PEER_REJ(ecp, index);
792: break;
793:
794: case MODE_NOP:
795: (*et->DecodeConfig)(fp, opt, mode);
796: break;
797: }
798: }
799: }
800:
801: /*
802: * EcpSubtractBloat()
803: *
804: * Given that "size" is our MTU, return the maximum length frame
805: * we can encrypt without the result being longer than "size".
806: */
807:
808: int
809: EcpSubtractBloat(Bund b, int size)
810: {
811: EcpState const ecp = &b->ecp;
812:
813: /* Check transmit encryption */
814: if (OPEN_STATE(ecp->fsm.state) && ecp->xmit && ecp->xmit->SubtractBloat)
815: size = (*ecp->xmit->SubtractBloat)(b, size);
816:
817: /* Account for ECP's protocol number overhead */
818: if (OPEN_STATE(ecp->fsm.state))
819: size -= ECP_OVERHEAD;
820:
821: /* Done */
822: return(size);
823: }
824:
825: /*
826: * EcpSetCommand()
827: */
828:
829: static int
830: EcpSetCommand(Context ctx, int ac, char *av[], void *arg)
831: {
832: EcpState const ecp = &ctx->bund->ecp;
833:
834: if (ac == 0)
835: return(-1);
836: switch ((intptr_t)arg)
837: {
838: case SET_KEY:
839: if (ac != 1)
840: return(-1);
841: strlcpy(ecp->key, av[0], sizeof(ecp->key));
842: break;
843:
844: case SET_ACCEPT:
845: AcceptCommand(ac, av, &ecp->options, gConfList);
846: break;
847:
848: case SET_DENY:
849: DenyCommand(ac, av, &ecp->options, gConfList);
850: break;
851:
852: case SET_ENABLE:
853: EnableCommand(ac, av, &ecp->options, gConfList);
854: break;
855:
856: case SET_DISABLE:
857: DisableCommand(ac, av, &ecp->options, gConfList);
858: break;
859:
860: case SET_YES:
861: YesCommand(ac, av, &ecp->options, gConfList);
862: break;
863:
864: case SET_NO:
865: NoCommand(ac, av, &ecp->options, gConfList);
866: break;
867:
868: default:
869: assert(0);
870: }
871: return(0);
872: }
873:
874: /*
875: * EcpFindType()
876: */
877:
878: static EncType
879: EcpFindType(int type, int *indexp)
880: {
881: int k;
882:
883: for (k = 0; k < ECP_NUM_PROTOS; k++)
884: if (gEncTypes[k]->type == type)
885: {
886: if (indexp)
887: *indexp = k;
888: return(gEncTypes[k]);
889: }
890: return(NULL);
891: }
892:
893: /*
894: * EcpTypeName()
895: */
896:
897: static const char *
898: EcpTypeName(int type)
899: {
900: const struct ecpname *p;
901:
902: for (p = gEcpTypeNames; p->name; p++)
903: if (p->type == type)
904: return(p->name);
905: return("UNKNOWN");
906: }