if_pppoe.c revision 1.53
1 /* $NetBSD: if_pppoe.c,v 1.53 2004/04/21 18:40:40 itojun Exp $ */ 2 3 /*- 4 * Copyright (c) 2002 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin (at) NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the NetBSD 21 * Foundation, Inc. and its contributors. 22 * 4. Neither the name of The NetBSD Foundation nor the names of its 23 * contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGE. 37 */ 38 39 #include <sys/cdefs.h> 40 __KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.53 2004/04/21 18:40:40 itojun Exp $"); 41 42 #include "pppoe.h" 43 #include "bpfilter.h" 44 45 #include <sys/param.h> 46 #include <sys/systm.h> 47 #include <sys/kernel.h> 48 #include <sys/callout.h> 49 #include <sys/malloc.h> 50 #include <sys/mbuf.h> 51 #include <sys/socket.h> 52 #include <sys/proc.h> 53 #include <sys/ioctl.h> 54 #include <net/if.h> 55 #include <net/if_types.h> 56 #include <net/if_ether.h> 57 #include <net/if_sppp.h> 58 #include <net/if_spppvar.h> 59 #include <net/if_pppoe.h> 60 61 #if NBPFILTER > 0 62 #include <net/bpf.h> 63 #endif 64 65 #include <machine/intr.h> 66 67 #undef PPPOE_DEBUG /* XXX - remove this or make it an option */ 68 /* #define PPPOE_DEBUG 1 */ 69 70 struct pppoehdr { 71 u_int8_t vertype; 72 u_int8_t code; 73 u_int16_t session; 74 u_int16_t plen; 75 } __attribute__((__packed__)); 76 77 struct pppoetag { 78 u_int16_t tag; 79 u_int16_t len; 80 } __attribute__((__packed__)); 81 82 #define PPPOE_HEADERLEN sizeof(struct pppoehdr) 83 #define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 84 85 #define PPPOE_TAG_EOL 0x0000 /* end of list */ 86 #define PPPOE_TAG_SNAME 0x0101 /* service name */ 87 #define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 88 #define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 89 #define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 90 #define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 91 #define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 92 #define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 93 #define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 94 #define PPPOE_TAG_GENERIC_ERR 0x0203 /* gerneric error */ 95 96 #define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 97 #define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 98 #define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 99 #define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 100 #define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 101 102 /* two byte PPP protocol discriminator, then IP data */ 103 #define PPPOE_MAXMTU (ETHERMTU-PPPOE_HEADERLEN-2) 104 105 /* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 106 #define PPPOE_ADD_16(PTR, VAL) \ 107 *(PTR)++ = (VAL) / 256; \ 108 *(PTR)++ = (VAL) % 256 109 110 /* Add a complete PPPoE header to the buffer pointed to by PTR */ 111 #define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 112 *(PTR)++ = PPPOE_VERTYPE; \ 113 *(PTR)++ = (CODE); \ 114 PPPOE_ADD_16(PTR, SESS); \ 115 PPPOE_ADD_16(PTR, LEN) 116 117 #define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 118 #define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 119 #define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 120 #define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 121 122 #ifdef PPPOE_SERVER 123 /* from if_spppsubr.c */ 124 #define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 125 #endif 126 127 struct pppoe_softc { 128 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 129 LIST_ENTRY(pppoe_softc) sc_list; 130 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 131 132 int sc_state; /* discovery phase or session connected */ 133 struct ether_addr sc_dest; /* hardware address of concentrator */ 134 u_int16_t sc_session; /* PPPoE session id */ 135 136 char *sc_service_name; /* if != NULL: requested name of service */ 137 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 138 u_int8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 139 size_t sc_ac_cookie_len; /* length of cookie data */ 140 #ifdef PPPOE_SERVER 141 u_int8_t *sc_hunique; /* content of host unique we must echo back */ 142 size_t sc_hunique_len; /* length of host unique */ 143 #endif 144 struct callout sc_timeout; /* timeout while not in session state */ 145 int sc_padi_retried; /* number of PADI retries already done */ 146 int sc_padr_retried; /* number of PADR retries already done */ 147 }; 148 149 /* incoming traffic will be queued here */ 150 struct ifqueue ppoediscinq = { NULL }; 151 struct ifqueue ppoeinq = { NULL }; 152 153 #ifdef __HAVE_GENERIC_SOFT_INTERRUPTS 154 void * pppoe_softintr = NULL; 155 static void pppoe_softintr_handler(void *); 156 #else 157 struct callout pppoe_softintr = CALLOUT_INITIALIZER; 158 void pppoe_softintr_handler(void *); 159 #endif 160 161 extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 162 163 /* input routines */ 164 static void pppoe_input(void); 165 static void pppoe_disc_input(struct mbuf *); 166 static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 167 static void pppoe_data_input(struct mbuf *); 168 169 /* management routines */ 170 void pppoeattach(int); 171 static int pppoe_connect(struct pppoe_softc *); 172 static int pppoe_disconnect(struct pppoe_softc *); 173 static void pppoe_abort_connect(struct pppoe_softc *); 174 static int pppoe_ioctl(struct ifnet *, unsigned long, caddr_t); 175 static void pppoe_tls(struct sppp *); 176 static void pppoe_tlf(struct sppp *); 177 static void pppoe_start(struct ifnet *); 178 179 /* internal timeout handling */ 180 static void pppoe_timeout(void *); 181 182 /* sending actual protocol controll packets */ 183 static int pppoe_send_padi(struct pppoe_softc *); 184 static int pppoe_send_padr(struct pppoe_softc *); 185 #ifdef PPPOE_SERVER 186 static int pppoe_send_pado(struct pppoe_softc *); 187 static int pppoe_send_pads(struct pppoe_softc *); 188 #endif 189 static int pppoe_send_padt(struct ifnet *, u_int, const u_int8_t *); 190 191 /* raw output */ 192 static int pppoe_output(struct pppoe_softc *, struct mbuf *); 193 194 /* internal helper functions */ 195 static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *); 196 static struct pppoe_softc * pppoe_find_softc_by_hunique(u_int8_t *, size_t, struct ifnet *); 197 static struct mbuf *pppoe_get_mbuf(size_t len); 198 199 LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 200 201 int pppoe_clone_create __P((struct if_clone *, int)); 202 void pppoe_clone_destroy __P((struct ifnet *)); 203 204 struct if_clone pppoe_cloner = 205 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 206 207 /* ARGSUSED */ 208 void 209 pppoeattach(count) 210 int count; 211 { 212 LIST_INIT(&pppoe_softc_list); 213 if_clone_attach(&pppoe_cloner); 214 215 ppoediscinq.ifq_maxlen = IFQ_MAXLEN; 216 ppoeinq.ifq_maxlen = IFQ_MAXLEN; 217 218 #ifdef __HAVE_GENERIC_SOFT_INTERRUPTS 219 pppoe_softintr = softintr_establish(IPL_SOFTNET, pppoe_softintr_handler, NULL); 220 #endif 221 } 222 223 int 224 pppoe_clone_create(ifc, unit) 225 struct if_clone *ifc; 226 int unit; 227 { 228 struct pppoe_softc *sc; 229 230 sc = malloc(sizeof(struct pppoe_softc), M_DEVBUF, M_WAITOK); 231 memset(sc, 0, sizeof(struct pppoe_softc)); 232 233 snprintf(sc->sc_sppp.pp_if.if_xname, sizeof(sc->sc_sppp.pp_if.if_xname), 234 "pppoe%d", unit); 235 sc->sc_sppp.pp_if.if_softc = sc; 236 sc->sc_sppp.pp_if.if_mtu = PPPOE_MAXMTU; 237 sc->sc_sppp.pp_if.if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 238 sc->sc_sppp.pp_if.if_type = IFT_PPP; 239 sc->sc_sppp.pp_if.if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 240 sc->sc_sppp.pp_if.if_dlt = DLT_PPP_ETHER; 241 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 242 PP_NOFRAMING; /* no serial encapsulation */ 243 sc->sc_sppp.pp_if.if_ioctl = pppoe_ioctl; 244 IFQ_SET_MAXLEN(&sc->sc_sppp.pp_if.if_snd, IFQ_MAXLEN); 245 IFQ_SET_READY(&sc->sc_sppp.pp_if.if_snd); 246 247 /* changed to real address later */ 248 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 249 250 callout_init(&sc->sc_timeout); 251 252 sc->sc_sppp.pp_if.if_start = pppoe_start; 253 sc->sc_sppp.pp_tls = pppoe_tls; 254 sc->sc_sppp.pp_tlf = pppoe_tlf; 255 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 256 257 if_attach(&sc->sc_sppp.pp_if); 258 sppp_attach(&sc->sc_sppp.pp_if); 259 260 #if NBPFILTER > 0 261 bpfattach(&sc->sc_sppp.pp_if, DLT_PPP_ETHER, 0); 262 #endif 263 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 264 return 0; 265 } 266 267 void 268 pppoe_clone_destroy(ifp) 269 struct ifnet *ifp; 270 { 271 struct pppoe_softc * sc = ifp->if_softc; 272 273 LIST_REMOVE(sc, sc_list); 274 #if NBPFILTER > 0 275 bpfdetach(ifp); 276 #endif 277 sppp_detach(&sc->sc_sppp.pp_if); 278 if_detach(ifp); 279 if (sc->sc_concentrator_name) 280 free(sc->sc_concentrator_name, M_DEVBUF); 281 if (sc->sc_service_name) 282 free(sc->sc_service_name, M_DEVBUF); 283 if (sc->sc_ac_cookie) 284 free(sc->sc_ac_cookie, M_DEVBUF); 285 free(sc, M_DEVBUF); 286 } 287 288 /* 289 * Find the interface handling the specified session. 290 * Note: O(number of sessions open), this is a client-side only, mean 291 * and lean implementation, so number of open sessions typically should 292 * be 1. 293 */ 294 static struct pppoe_softc * 295 pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif) 296 { 297 struct pppoe_softc *sc; 298 299 if (session == 0) 300 return NULL; 301 302 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 303 if (sc->sc_state == PPPOE_STATE_SESSION 304 && sc->sc_session == session) { 305 if (sc->sc_eth_if == rcvif) 306 return sc; 307 else 308 return NULL; 309 } 310 } 311 return NULL; 312 } 313 314 /* Check host unique token passed and return appropriate softc pointer, 315 * or NULL if token is bogus. */ 316 static struct pppoe_softc * 317 pppoe_find_softc_by_hunique(u_int8_t *token, size_t len, struct ifnet *rcvif) 318 { 319 struct pppoe_softc *sc, *t; 320 321 if (LIST_EMPTY(&pppoe_softc_list)) 322 return NULL; 323 324 if (len != sizeof sc) 325 return NULL; 326 memcpy(&t, token, len); 327 328 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) 329 if (sc == t) break; 330 331 if (sc == NULL) { 332 #ifdef PPPOE_DEBUG 333 printf("pppoe: alien host unique tag, no session found\n"); 334 #endif 335 return NULL; 336 } 337 338 /* should be safe to access *sc now */ 339 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 340 printf("%s: host unique tag found, but it belongs to a connection in state %d\n", 341 sc->sc_sppp.pp_if.if_xname, sc->sc_state); 342 return NULL; 343 } 344 if (sc->sc_eth_if != rcvif) { 345 printf("%s: wrong interface, not accepting host unique\n", 346 sc->sc_sppp.pp_if.if_xname); 347 return NULL; 348 } 349 return sc; 350 } 351 352 #ifdef __HAVE_GENERIC_SOFT_INTERRUPTS 353 static void pppoe_softintr_handler(void *dummy) 354 { 355 /* called at splsoftnet() */ 356 pppoe_input(); 357 } 358 #else 359 void pppoe_softintr_handler(void *dummy) 360 { 361 int s = splnet(); 362 pppoe_input(); 363 splx(s); 364 } 365 #endif 366 367 /* called at appropriate protection level */ 368 static void 369 pppoe_input() 370 { 371 struct mbuf *m; 372 int s, disc_done, data_done; 373 374 do { 375 disc_done = 0; 376 data_done = 0; 377 for (;;) { 378 s = splnet(); 379 IF_DEQUEUE(&ppoediscinq, m); 380 splx(s); 381 if (m == NULL) break; 382 disc_done = 1; 383 pppoe_disc_input(m); 384 } 385 386 for (;;) { 387 s = splnet(); 388 IF_DEQUEUE(&ppoeinq, m); 389 splx(s); 390 if (m == NULL) break; 391 data_done = 1; 392 pppoe_data_input(m); 393 } 394 } while (disc_done || data_done); 395 } 396 397 /* analyze and handle a single received packet while not in session state */ 398 static void pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 399 { 400 u_int16_t tag, len; 401 u_int16_t session, plen; 402 struct pppoe_softc *sc; 403 const char *err_msg, *err_txt; 404 u_int8_t *ac_cookie; 405 size_t ac_cookie_len; 406 #ifdef PPPOE_SERVER 407 u_int8_t *hunique; 408 size_t hunique_len; 409 #endif 410 struct pppoehdr *ph; 411 struct pppoetag *pt; 412 struct mbuf *n; 413 int noff, err, errortag; 414 struct ether_header *eh; 415 416 err_msg = err_txt = NULL; 417 errortag = 0; 418 if (m->m_len < sizeof(*eh)) { 419 m = m_pullup(m, sizeof(*eh)); 420 if (!m) 421 goto done; 422 } 423 eh = mtod(m, struct ether_header *); 424 off += sizeof(*eh); 425 426 ac_cookie = NULL; 427 ac_cookie_len = 0; 428 #ifdef PPPOE_SERVER 429 hunique = NULL; 430 hunique_len = 0; 431 #endif 432 session = 0; 433 if (m->m_pkthdr.len - off <= PPPOE_HEADERLEN) { 434 printf("pppoe: packet too short: %d\n", m->m_pkthdr.len); 435 goto done; 436 } 437 438 n = m_pulldown(m, off, sizeof(*ph), &noff); 439 if (!n) { 440 printf("pppoe: could not get PPPoE header\n"); 441 m = NULL; 442 goto done; 443 } 444 ph = (struct pppoehdr *)(mtod(n, caddr_t) + noff); 445 if (ph->vertype != PPPOE_VERTYPE) { 446 printf("pppoe: unknown version/type packet: 0x%x\n", 447 ph->vertype); 448 goto done; 449 } 450 session = ntohs(ph->session); 451 plen = ntohs(ph->plen); 452 off += sizeof(*ph); 453 454 if (plen + off > m->m_pkthdr.len) { 455 printf("pppoe: packet content does not fit: data available = %d, packet size = %u\n", 456 m->m_pkthdr.len - off, plen); 457 goto done; 458 } 459 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 460 tag = 0; 461 len = 0; 462 sc = NULL; 463 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 464 n = m_pulldown(m, off, sizeof(*pt), &noff); 465 if (!n) { 466 printf("%s: parse error\n", 467 sc ? sc->sc_sppp.pp_if.if_xname : "pppoe"); 468 m = NULL; 469 goto done; 470 } 471 pt = (struct pppoetag *)(mtod(n, caddr_t) + noff); 472 tag = ntohs(pt->tag); 473 len = ntohs(pt->len); 474 if (off + len > m->m_pkthdr.len) { 475 printf("pppoe: tag 0x%x len 0x%x is too long\n", 476 tag, len); 477 goto done; 478 } 479 switch (tag) { 480 case PPPOE_TAG_EOL: 481 goto breakbreak; 482 case PPPOE_TAG_SNAME: 483 break; /* ignored */ 484 case PPPOE_TAG_ACNAME: 485 break; /* ignored */ 486 case PPPOE_TAG_HUNIQUE: 487 if (sc != NULL) 488 break; 489 n = m_pulldown(m, off + sizeof(*pt), len, &noff); 490 if (!n) { 491 m = NULL; 492 err_msg = "TAG HUNIQUE ERROR"; 493 break; 494 } 495 #ifdef PPPOE_SERVER 496 hunique = mtod(n, caddr_t) + noff; 497 hunique_len = len; 498 #endif 499 sc = pppoe_find_softc_by_hunique(mtod(n, caddr_t) + noff, 500 len, m->m_pkthdr.rcvif); 501 break; 502 case PPPOE_TAG_ACCOOKIE: 503 if (ac_cookie == NULL) { 504 n = m_pulldown(m, off + sizeof(*pt), len, 505 &noff); 506 if (!n) { 507 err_msg = "TAG ACCOOKIE ERROR"; 508 m = NULL; 509 break; 510 } 511 ac_cookie = mtod(n, caddr_t) + noff; 512 ac_cookie_len = len; 513 } 514 break; 515 case PPPOE_TAG_SNAME_ERR: 516 err_msg = "SERVICE NAME ERROR"; 517 errortag = 1; 518 break; 519 case PPPOE_TAG_ACSYS_ERR: 520 err_msg = "AC SYSTEM ERROR"; 521 errortag = 1; 522 break; 523 case PPPOE_TAG_GENERIC_ERR: 524 err_msg = "GENERIC ERROR"; 525 errortag = 1; 526 break; 527 } 528 if (err_msg) { 529 err_txt = ""; 530 if (errortag && len) { 531 n = m_pulldown(m, off + sizeof(*pt), len, 532 &noff); 533 if (n) 534 err_txt = mtod(n, caddr_t) + noff; 535 } 536 printf("%s: %s: %*s\n", 537 sc ? sc->sc_sppp.pp_if.if_xname : "pppoe*", 538 err_msg, len, err_txt); 539 if (errortag) 540 goto done; 541 } 542 off += sizeof(*pt) + len; 543 } 544 breakbreak:; 545 switch (ph->code) { 546 case PPPOE_CODE_PADI: 547 #ifdef PPPOE_SERVER 548 /* 549 * got service name, concentrator name, and/or host unique. 550 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 551 */ 552 if (LIST_EMPTY(&pppoe_softc_list)) 553 goto done; 554 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 555 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) 556 continue; 557 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 558 continue; 559 if (sc->sc_state == PPPOE_STATE_INITIAL) 560 break; 561 } 562 if (sc == NULL) { 563 /* printf("pppoe: free passive interface is not found\n");*/ 564 goto done; 565 } 566 if (hunique) { 567 if (sc->sc_hunique) 568 free(sc->sc_hunique, M_DEVBUF); 569 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 570 M_DONTWAIT); 571 if (sc->sc_hunique == NULL) 572 goto done; 573 sc->sc_hunique_len = hunique_len; 574 memcpy(sc->sc_hunique, hunique, hunique_len); 575 } 576 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 577 sc->sc_state = PPPOE_STATE_PADO_SENT; 578 pppoe_send_pado(sc); 579 break; 580 #endif /* PPPOE_SERVER */ 581 case PPPOE_CODE_PADR: 582 #ifdef PPPOE_SERVER 583 /* 584 * get sc from ac_cookie if IFF_PASSIVE 585 */ 586 if (ac_cookie == NULL) { 587 /* be quiet if there is not a single pppoe instance */ 588 printf("pppoe: received PADR but not includes ac_cookie\n"); 589 goto done; 590 } 591 sc = pppoe_find_softc_by_hunique(ac_cookie, 592 ac_cookie_len, 593 m->m_pkthdr.rcvif); 594 if (sc == NULL) { 595 /* be quiet if there is not a single pppoe instance */ 596 if (!LIST_EMPTY(&pppoe_softc_list)) 597 printf("pppoe: received PADR but could not find request for it\n"); 598 goto done; 599 } 600 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 601 printf("%s: received unexpected PADR\n", 602 sc->sc_sppp.pp_if.if_xname); 603 goto done; 604 } 605 if (hunique) { 606 if (sc->sc_hunique) 607 free(sc->sc_hunique, M_DEVBUF); 608 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 609 M_DONTWAIT); 610 if (sc->sc_hunique == NULL) 611 goto done; 612 sc->sc_hunique_len = hunique_len; 613 memcpy(sc->sc_hunique, hunique, hunique_len); 614 } 615 pppoe_send_pads(sc); 616 sc->sc_state = PPPOE_STATE_SESSION; 617 sc->sc_sppp.pp_up(&sc->sc_sppp); 618 break; 619 #else 620 /* ignore, we are no access concentrator */ 621 goto done; 622 #endif /* PPPOE_SERVER */ 623 case PPPOE_CODE_PADO: 624 if (sc == NULL) { 625 /* be quiet if there is not a single pppoe instance */ 626 if (!LIST_EMPTY(&pppoe_softc_list)) 627 printf("pppoe: received PADO but could not find request for it\n"); 628 goto done; 629 } 630 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 631 printf("%s: received unexpected PADO\n", 632 sc->sc_sppp.pp_if.if_xname); 633 goto done; 634 } 635 if (ac_cookie) { 636 if (sc->sc_ac_cookie) 637 free(sc->sc_ac_cookie, M_DEVBUF); 638 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 639 M_DONTWAIT); 640 if (sc->sc_ac_cookie == NULL) 641 goto done; 642 sc->sc_ac_cookie_len = ac_cookie_len; 643 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 644 } 645 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 646 callout_stop(&sc->sc_timeout); 647 sc->sc_padr_retried = 0; 648 sc->sc_state = PPPOE_STATE_PADR_SENT; 649 if ((err = pppoe_send_padr(sc)) != 0) { 650 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 651 printf("%s: failed to send PADR, " 652 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 653 err); 654 } 655 callout_reset(&sc->sc_timeout, 656 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 657 pppoe_timeout, sc); 658 break; 659 case PPPOE_CODE_PADS: 660 if (sc == NULL) 661 goto done; 662 sc->sc_session = session; 663 callout_stop(&sc->sc_timeout); 664 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 665 printf("%s: session 0x%x connected\n", 666 sc->sc_sppp.pp_if.if_xname, session); 667 sc->sc_state = PPPOE_STATE_SESSION; 668 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 669 break; 670 case PPPOE_CODE_PADT: 671 if (sc == NULL) 672 goto done; 673 /* stop timer (we might be about to transmit a PADT ourself) */ 674 callout_stop(&sc->sc_timeout); 675 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 676 printf("%s: session 0x%x terminated, received PADT\n", 677 sc->sc_sppp.pp_if.if_xname, session); 678 /* clean up softc */ 679 sc->sc_state = PPPOE_STATE_INITIAL; 680 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 681 if (sc->sc_ac_cookie) { 682 free(sc->sc_ac_cookie, M_DEVBUF); 683 sc->sc_ac_cookie = NULL; 684 } 685 sc->sc_ac_cookie_len = 0; 686 sc->sc_session = 0; 687 /* signal upper layer */ 688 sc->sc_sppp.pp_down(&sc->sc_sppp); 689 break; 690 default: 691 printf("%s: unknown code (0x%04x) session = 0x%04x\n", 692 sc? sc->sc_sppp.pp_if.if_xname : "pppoe", 693 ph->code, session); 694 break; 695 } 696 697 done: 698 m_freem(m); 699 return; 700 } 701 702 static void 703 pppoe_disc_input(struct mbuf *m) 704 { 705 706 /* avoid error messages if there is not a single pppoe instance */ 707 if (!LIST_EMPTY(&pppoe_softc_list)) { 708 KASSERT(m->m_flags & M_PKTHDR); 709 pppoe_dispatch_disc_pkt(m, 0); 710 } else 711 m_freem(m); 712 } 713 714 static void 715 pppoe_data_input(struct mbuf *m) 716 { 717 u_int16_t session, plen; 718 struct pppoe_softc *sc; 719 struct pppoehdr *ph; 720 #ifdef PPPOE_TERM_UNKNOWN_SESSIONS 721 u_int8_t shost[ETHER_ADDR_LEN]; 722 #endif 723 724 KASSERT(m->m_flags & M_PKTHDR); 725 726 #ifdef PPPOE_TERM_UNKNOWN_SESSIONS 727 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, ETHER_ADDR_LEN); 728 #endif 729 m_adj(m, sizeof(struct ether_header)); 730 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 731 printf("pppoe (data): dropping too short packet: %d bytes\n", 732 m->m_pkthdr.len); 733 goto drop; 734 } 735 736 if (m->m_len < sizeof(*ph)) { 737 m = m_pullup(m, sizeof(*ph)); 738 if (!m) { 739 printf("pppoe: could not get PPPoE header\n"); 740 return; 741 } 742 } 743 ph = mtod(m, struct pppoehdr *); 744 745 if (ph->vertype != PPPOE_VERTYPE) { 746 printf("pppoe (data): unknown version/type packet: 0x%x\n", 747 ph->vertype); 748 goto drop; 749 } 750 if (ph->code != 0) 751 goto drop; 752 753 session = ntohs(ph->session); 754 sc = pppoe_find_softc_by_session(session, m->m_pkthdr.rcvif); 755 if (sc == NULL) { 756 #ifdef PPPOE_TERM_UNKNOWN_SESSIONS 757 printf("pppoe: input for unknown session 0x%x, sending PADT\n", 758 session); 759 pppoe_send_padt(m->m_pkthdr.rcvif, session, shost); 760 #endif 761 goto drop; 762 } 763 764 plen = ntohs(ph->plen); 765 766 #if NBPFILTER > 0 767 if(sc->sc_sppp.pp_if.if_bpf) 768 bpf_mtap(sc->sc_sppp.pp_if.if_bpf, m); 769 #endif 770 771 m_adj(m, PPPOE_HEADERLEN); 772 773 #ifdef PPPOE_DEBUG 774 { 775 struct mbuf *p; 776 777 printf("%s: pkthdr.len=%d, pppoe.len=%d", 778 sc->sc_sppp.pp_if.if_xname, 779 m->m_pkthdr.len, plen); 780 p = m; 781 while (p) { 782 printf(" l=%d", p->m_len); 783 p = p->m_next; 784 } 785 printf("\n"); 786 } 787 #endif 788 789 if (m->m_pkthdr.len < plen) 790 goto drop; 791 792 /* fix incoming interface pointer (not the raw ethernet interface anymore) */ 793 m->m_pkthdr.rcvif = &sc->sc_sppp.pp_if; 794 795 /* pass packet up and account for it */ 796 sc->sc_sppp.pp_if.if_ipackets++; 797 sppp_input(&sc->sc_sppp.pp_if, m); 798 return; 799 800 drop: 801 m_freem(m); 802 } 803 804 static int 805 pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 806 { 807 struct sockaddr dst; 808 struct ether_header *eh; 809 u_int16_t etype; 810 811 if (sc->sc_eth_if == NULL) { 812 m_freem(m); 813 return EIO; 814 } 815 816 memset(&dst, 0, sizeof dst); 817 dst.sa_family = AF_UNSPEC; 818 eh = (struct ether_header*)&dst.sa_data; 819 etype = sc->sc_state == PPPOE_STATE_SESSION ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 820 eh->ether_type = htons(etype); 821 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 822 823 #ifdef PPPOE_DEBUG 824 printf("%s (%x) state=%d, session=0x%x output -> %s, len=%d\n", 825 sc->sc_sppp.pp_if.if_xname, etype, 826 sc->sc_state, sc->sc_session, 827 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 828 #endif 829 830 m->m_flags &= ~(M_BCAST|M_MCAST); 831 sc->sc_sppp.pp_if.if_opackets++; 832 return sc->sc_eth_if->if_output(sc->sc_eth_if, m, &dst, NULL); 833 } 834 835 static int 836 pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, caddr_t data) 837 { 838 struct proc *p = curproc; /* XXX */ 839 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 840 int error = 0; 841 842 switch (cmd) { 843 case PPPOESETPARMS: 844 { 845 struct pppoediscparms *parms = (struct pppoediscparms*)data; 846 if ((error = suser(p->p_ucred, &p->p_acflag)) != 0) 847 return error; 848 if (parms->eth_ifname[0] != 0) { 849 sc->sc_eth_if = ifunit(parms->eth_ifname); 850 if (sc->sc_eth_if == NULL) 851 return ENXIO; 852 } 853 if (parms->ac_name) { 854 size_t s; 855 char * p = malloc(parms->ac_name_len + 1, M_DEVBUF, 856 M_WAITOK); 857 if (p == NULL) 858 return ENOMEM; 859 error = copyinstr(parms->ac_name, p, 860 parms->ac_name_len+1, &s); 861 if (error != 0) { 862 free(p, M_DEVBUF); 863 return error; 864 } 865 if (s != parms->ac_name_len+1) { 866 free(p, M_DEVBUF); 867 return EINVAL; 868 } 869 if (sc->sc_concentrator_name) 870 free(sc->sc_concentrator_name, M_DEVBUF); 871 sc->sc_concentrator_name = p; 872 } 873 if (parms->service_name) { 874 size_t s; 875 char * p = malloc(parms->service_name_len + 1, M_DEVBUF, 876 M_WAITOK); 877 if (p == NULL) 878 return ENOMEM; 879 error = copyinstr(parms->service_name, p, 880 parms->service_name_len+1, &s); 881 if (error != 0) { 882 free(p, M_DEVBUF); 883 return error; 884 } 885 if (s != parms->service_name_len+1) { 886 free(p, M_DEVBUF); 887 return EINVAL; 888 } 889 if (sc->sc_service_name) 890 free(sc->sc_service_name, M_DEVBUF); 891 sc->sc_service_name = p; 892 } 893 return 0; 894 } 895 break; 896 case PPPOEGETPARMS: 897 { 898 struct pppoediscparms *parms = (struct pppoediscparms*)data; 899 memset(parms, 0, sizeof *parms); 900 if (sc->sc_eth_if) 901 strncpy(parms->ifname, sc->sc_eth_if->if_xname, IFNAMSIZ); 902 return 0; 903 } 904 break; 905 case PPPOEGETSESSION: 906 { 907 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 908 state->state = sc->sc_state; 909 state->session_id = sc->sc_session; 910 state->padi_retry_no = sc->sc_padi_retried; 911 state->padr_retry_no = sc->sc_padr_retried; 912 return 0; 913 } 914 break; 915 case SIOCSIFFLAGS: 916 { 917 struct ifreq *ifr = (struct ifreq*) data; 918 /* 919 * Prevent running re-establishment timers overriding 920 * administrators choice. 921 */ 922 if ((ifr->ifr_flags & IFF_UP) == 0 923 && sc->sc_state >= PPPOE_STATE_PADI_SENT 924 && sc->sc_state < PPPOE_STATE_SESSION) { 925 callout_stop(&sc->sc_timeout); 926 sc->sc_state = PPPOE_STATE_INITIAL; 927 sc->sc_padi_retried = 0; 928 sc->sc_padr_retried = 0; 929 memcpy(&sc->sc_dest, etherbroadcastaddr, 930 sizeof(sc->sc_dest)); 931 } 932 return sppp_ioctl(ifp, cmd, data); 933 } 934 case SIOCSIFMTU: 935 { 936 struct ifreq *ifr = (struct ifreq*) data; 937 938 if (ifr->ifr_mtu > PPPOE_MAXMTU) 939 return EINVAL; 940 return sppp_ioctl(ifp, cmd, data); 941 } 942 default: 943 return sppp_ioctl(ifp, cmd, data); 944 } 945 return 0; 946 } 947 948 /* 949 * Allocate a mbuf/cluster with space to store the given data length 950 * of payload, leaving space for prepending an ethernet header 951 * in front. 952 */ 953 static struct mbuf * 954 pppoe_get_mbuf(size_t len) 955 { 956 struct mbuf *m; 957 958 MGETHDR(m, M_DONTWAIT, MT_DATA); 959 if (m == NULL) 960 return NULL; 961 if (len + sizeof(struct ether_header) > MHLEN) { 962 MCLGET(m, M_DONTWAIT); 963 if ((m->m_flags & M_EXT) == 0) { 964 struct mbuf *n; 965 MFREE(m, n); 966 return 0; 967 } 968 } 969 m->m_data += sizeof(struct ether_header); 970 m->m_len = len; 971 m->m_pkthdr.len = len; 972 m->m_pkthdr.rcvif = NULL; 973 974 return m; 975 } 976 977 static int 978 pppoe_send_padi(struct pppoe_softc *sc) 979 { 980 struct mbuf *m0; 981 int len, l1 = 0, l2 = 0; /* XXX: gcc */ 982 u_int8_t *p; 983 984 if (sc->sc_state >PPPOE_STATE_PADI_SENT) 985 panic("pppoe_send_padi in state %d", sc->sc_state); 986 987 /* calculate length of frame (excluding ethernet header + pppoe header) */ 988 len = 2 + 2 + 2 + 2 + sizeof sc; /* service name tag is required, host unique is send too */ 989 if (sc->sc_service_name != NULL) { 990 l1 = strlen(sc->sc_service_name); 991 len += l1; 992 } 993 if (sc->sc_concentrator_name != NULL) { 994 l2 = strlen(sc->sc_concentrator_name); 995 len += 2 + 2 + l2; 996 } 997 998 /* allocate a buffer */ 999 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); /* header len + payload len */ 1000 if (!m0) 1001 return ENOBUFS; 1002 1003 /* fill in pkt */ 1004 p = mtod(m0, u_int8_t *); 1005 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1006 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1007 if (sc->sc_service_name != NULL) { 1008 PPPOE_ADD_16(p, l1); 1009 memcpy(p, sc->sc_service_name, l1); 1010 p += l1; 1011 } else { 1012 PPPOE_ADD_16(p, 0); 1013 } 1014 if (sc->sc_concentrator_name != NULL) { 1015 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1016 PPPOE_ADD_16(p, l2); 1017 memcpy(p, sc->sc_concentrator_name, l2); 1018 p += l2; 1019 } 1020 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1021 PPPOE_ADD_16(p, sizeof(sc)); 1022 memcpy(p, &sc, sizeof sc); 1023 1024 #ifdef PPPOE_DEBUG 1025 p += sizeof sc; 1026 if (p - mtod(m0, u_int8_t *) != len + PPPOE_HEADERLEN) 1027 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1028 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, u_int8_t *))); 1029 #endif 1030 1031 /* send pkt */ 1032 return pppoe_output(sc, m0); 1033 } 1034 1035 static void 1036 pppoe_timeout(void *arg) 1037 { 1038 int x, retry_wait, err; 1039 struct pppoe_softc *sc = (struct pppoe_softc*)arg; 1040 1041 #ifdef PPPOE_DEBUG 1042 printf("%s: timeout\n", sc->sc_sppp.pp_if.if_xname); 1043 #endif 1044 1045 switch (sc->sc_state) { 1046 case PPPOE_STATE_PADI_SENT: 1047 /* 1048 * We have two basic ways of retrying: 1049 * - Quick retry mode: try a few times in short sequence 1050 * - Slow retry mode: we already had a connection successfully 1051 * established and will try infinitely (without user 1052 * intervention) 1053 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1054 * is not set. 1055 */ 1056 1057 /* initialize for quick retry mode */ 1058 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1059 1060 x = splnet(); 1061 sc->sc_padi_retried++; 1062 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1063 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1064 /* slow retry mode */ 1065 retry_wait = PPPOE_SLOW_RETRY; 1066 } else { 1067 pppoe_abort_connect(sc); 1068 splx(x); 1069 return; 1070 } 1071 } 1072 if ((err = pppoe_send_padi(sc)) != 0) { 1073 sc->sc_padi_retried--; 1074 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1075 printf("%s: failed to transmit PADI, " 1076 "error=%d\n", 1077 sc->sc_sppp.pp_if.if_xname, err); 1078 } 1079 callout_reset(&sc->sc_timeout, retry_wait, 1080 pppoe_timeout, sc); 1081 splx(x); 1082 break; 1083 1084 case PPPOE_STATE_PADR_SENT: 1085 x = splnet(); 1086 sc->sc_padr_retried++; 1087 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1088 memcpy(&sc->sc_dest, etherbroadcastaddr, 1089 sizeof(sc->sc_dest)); 1090 sc->sc_state = PPPOE_STATE_PADI_SENT; 1091 sc->sc_padr_retried = 0; 1092 if ((err = pppoe_send_padi(sc)) != 0) { 1093 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1094 printf("%s: failed to send PADI" 1095 ", error=%d\n", 1096 sc->sc_sppp.pp_if.if_xname, 1097 err); 1098 } 1099 callout_reset(&sc->sc_timeout, 1100 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried), 1101 pppoe_timeout, sc); 1102 splx(x); 1103 return; 1104 } 1105 if ((err = pppoe_send_padr(sc)) != 0) { 1106 sc->sc_padr_retried--; 1107 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1108 printf("%s: failed to send PADR, " 1109 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 1110 err); 1111 } 1112 callout_reset(&sc->sc_timeout, 1113 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 1114 pppoe_timeout, sc); 1115 splx(x); 1116 break; 1117 case PPPOE_STATE_CLOSING: 1118 pppoe_disconnect(sc); 1119 break; 1120 default: 1121 return; /* all done, work in peace */ 1122 } 1123 } 1124 1125 /* Start a connection (i.e. initiate discovery phase) */ 1126 static int 1127 pppoe_connect(struct pppoe_softc *sc) 1128 { 1129 int x, err; 1130 1131 if (sc->sc_state != PPPOE_STATE_INITIAL) 1132 return EBUSY; 1133 1134 #ifdef PPPOE_SERVER 1135 /* wait PADI if IFF_PASSIVE */ 1136 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1137 return 0; 1138 #endif 1139 x = splnet(); 1140 /* save state, in case we fail to send PADI */ 1141 sc->sc_state = PPPOE_STATE_PADI_SENT; 1142 sc->sc_padr_retried = 0; 1143 err = pppoe_send_padi(sc); 1144 if (err != 0 && sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1145 printf("%s: failed to send PADI, error=%d\n", 1146 sc->sc_sppp.pp_if.if_xname, err); 1147 callout_reset(&sc->sc_timeout, PPPOE_DISC_TIMEOUT, pppoe_timeout, sc); 1148 splx(x); 1149 return err; 1150 } 1151 1152 /* disconnect */ 1153 static int 1154 pppoe_disconnect(struct pppoe_softc *sc) 1155 { 1156 int err, x; 1157 1158 x = splnet(); 1159 1160 if (sc->sc_state < PPPOE_STATE_SESSION) 1161 err = EBUSY; 1162 else { 1163 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1164 printf("%s: disconnecting\n", 1165 sc->sc_sppp.pp_if.if_xname); 1166 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, (const u_int8_t *)&sc->sc_dest); 1167 } 1168 1169 /* cleanup softc */ 1170 sc->sc_state = PPPOE_STATE_INITIAL; 1171 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1172 if (sc->sc_ac_cookie) { 1173 free(sc->sc_ac_cookie, M_DEVBUF); 1174 sc->sc_ac_cookie = NULL; 1175 } 1176 sc->sc_ac_cookie_len = 0; 1177 #ifdef PPPOE_SERVER 1178 if (sc->sc_hunique) { 1179 free(sc->sc_hunique, M_DEVBUF); 1180 sc->sc_hunique = NULL; 1181 } 1182 sc->sc_hunique_len = 0; 1183 #endif 1184 sc->sc_session = 0; 1185 1186 /* notify upper layer */ 1187 sc->sc_sppp.pp_down(&sc->sc_sppp); 1188 1189 splx(x); 1190 1191 return err; 1192 } 1193 1194 /* Connection attempt aborted */ 1195 static void 1196 pppoe_abort_connect(struct pppoe_softc *sc) 1197 { 1198 printf("%s: could not establish connection\n", 1199 sc->sc_sppp.pp_if.if_xname); 1200 sc->sc_state = PPPOE_STATE_CLOSING; 1201 1202 /* notify upper layer */ 1203 sc->sc_sppp.pp_down(&sc->sc_sppp); 1204 1205 /* clear connection state */ 1206 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1207 sc->sc_state = PPPOE_STATE_INITIAL; 1208 } 1209 1210 /* Send a PADR packet */ 1211 static int 1212 pppoe_send_padr(struct pppoe_softc *sc) 1213 { 1214 struct mbuf *m0; 1215 u_int8_t *p; 1216 size_t len, l1 = 0; /* XXX: gcc */ 1217 1218 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1219 return EIO; 1220 1221 len = 2 + 2 + 2 + 2 + sizeof(sc); /* service name, host unique */ 1222 if (sc->sc_service_name != NULL) { /* service name tag maybe empty */ 1223 l1 = strlen(sc->sc_service_name); 1224 len += l1; 1225 } 1226 if (sc->sc_ac_cookie_len > 0) 1227 len += 2 + 2 + sc->sc_ac_cookie_len; /* AC cookie */ 1228 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1229 if (!m0) 1230 return ENOBUFS; 1231 p = mtod(m0, u_int8_t *); 1232 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1233 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1234 if (sc->sc_service_name != NULL) { 1235 PPPOE_ADD_16(p, l1); 1236 memcpy(p, sc->sc_service_name, l1); 1237 p += l1; 1238 } else { 1239 PPPOE_ADD_16(p, 0); 1240 } 1241 if (sc->sc_ac_cookie_len > 0) { 1242 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1243 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1244 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1245 p += sc->sc_ac_cookie_len; 1246 } 1247 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1248 PPPOE_ADD_16(p, sizeof(sc)); 1249 memcpy(p, &sc, sizeof sc); 1250 1251 #ifdef PPPOE_DEBUG 1252 p += sizeof sc; 1253 if (p - mtod(m0, u_int8_t *) != len + PPPOE_HEADERLEN) 1254 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1255 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, u_int8_t *))); 1256 #endif 1257 1258 return pppoe_output(sc, m0); 1259 } 1260 1261 /* send a PADT packet */ 1262 static int 1263 pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const u_int8_t *dest) 1264 { 1265 struct ether_header *eh; 1266 struct sockaddr dst; 1267 struct mbuf *m0; 1268 u_int8_t *p; 1269 1270 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1271 if (!m0) 1272 return EIO; 1273 p = mtod(m0, u_int8_t *); 1274 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1275 1276 memset(&dst, 0, sizeof dst); 1277 dst.sa_family = AF_UNSPEC; 1278 eh = (struct ether_header*)&dst.sa_data; 1279 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1280 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1281 1282 m0->m_flags &= ~(M_BCAST|M_MCAST); 1283 return outgoing_if->if_output(outgoing_if, m0, &dst, NULL); 1284 } 1285 1286 #ifdef PPPOE_SERVER 1287 static int 1288 pppoe_send_pado(struct pppoe_softc *sc) 1289 { 1290 struct mbuf *m0; 1291 u_int8_t *p; 1292 size_t len; 1293 1294 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1295 return EIO; 1296 1297 /* calc length */ 1298 len = 0; 1299 /* include ac_cookie */ 1300 len += 2 + 2 + sizeof(sc); 1301 /* include hunique */ 1302 len += 2 + 2 + sc->sc_hunique_len; 1303 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1304 if (!m0) 1305 return EIO; 1306 p = mtod(m0, u_int8_t *); 1307 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1308 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1309 PPPOE_ADD_16(p, sizeof(sc)); 1310 memcpy(p, &sc, sizeof(sc)); 1311 p += sizeof(sc); 1312 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1313 PPPOE_ADD_16(p, sc->sc_hunique_len); 1314 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1315 return pppoe_output(sc, m0); 1316 } 1317 1318 static int 1319 pppoe_send_pads(struct pppoe_softc *sc) 1320 { 1321 struct mbuf *m0; 1322 u_int8_t *p; 1323 size_t len, l1; 1324 1325 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1326 return EIO; 1327 1328 sc->sc_session = mono_time.tv_sec % 0xff + 1; 1329 /* calc length */ 1330 len = 0; 1331 /* include hunique */ 1332 len += 2 + 2 + 2 + 2 + sc->sc_hunique_len; /* service name, host unique*/ 1333 if (sc->sc_service_name != NULL) { /* service name tag maybe empty */ 1334 l1 = strlen(sc->sc_service_name); 1335 len += l1; 1336 } 1337 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1338 if (!m0) 1339 return ENOBUFS; 1340 p = mtod(m0, u_int8_t *); 1341 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1342 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1343 if (sc->sc_service_name != NULL) { 1344 PPPOE_ADD_16(p, l1); 1345 memcpy(p, sc->sc_service_name, l1); 1346 p += l1; 1347 } else { 1348 PPPOE_ADD_16(p, 0); 1349 } 1350 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1351 PPPOE_ADD_16(p, sc->sc_hunique_len); 1352 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1353 return pppoe_output(sc, m0); 1354 } 1355 #endif 1356 1357 static void 1358 pppoe_tls(struct sppp *sp) 1359 { 1360 struct pppoe_softc *sc = (void *)sp; 1361 if (sc->sc_state != PPPOE_STATE_INITIAL) 1362 return; 1363 pppoe_connect(sc); 1364 } 1365 1366 static void 1367 pppoe_tlf(struct sppp *sp) 1368 { 1369 struct pppoe_softc *sc = (void *)sp; 1370 if (sc->sc_state < PPPOE_STATE_SESSION) 1371 return; 1372 /* 1373 * Do not call pppoe_disconnect here, the upper layer state 1374 * machine gets confused by this. We must return from this 1375 * function and defer disconnecting to the timeout handler. 1376 */ 1377 sc->sc_state = PPPOE_STATE_CLOSING; 1378 callout_reset(&sc->sc_timeout, hz/50, pppoe_timeout, sc); 1379 } 1380 1381 static void 1382 pppoe_start(struct ifnet *ifp) 1383 { 1384 struct pppoe_softc *sc = (void *)ifp; 1385 struct mbuf *m; 1386 u_int8_t *p; 1387 size_t len; 1388 1389 if (sppp_isempty(ifp)) 1390 return; 1391 1392 /* are we ready to process data yet? */ 1393 if (sc->sc_state < PPPOE_STATE_SESSION) { 1394 sppp_flush(&sc->sc_sppp.pp_if); 1395 return; 1396 } 1397 1398 while ((m = sppp_dequeue(ifp)) != NULL) { 1399 len = m->m_pkthdr.len; 1400 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1401 if (m == NULL) { 1402 ifp->if_oerrors++; 1403 continue; 1404 } 1405 p = mtod(m, u_int8_t *); 1406 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1407 1408 #if NBPFILTER > 0 1409 if(sc->sc_sppp.pp_if.if_bpf) 1410 bpf_mtap(sc->sc_sppp.pp_if.if_bpf, m); 1411 #endif 1412 1413 pppoe_output(sc, m); 1414 } 1415 } 1416
Indexes created Tue Sep 30 11:09:46 GMT 2025