?? lcp.c
字號:
/* If there is still anything left, this packet is bad. */
if (len != 0)
goto bad;
/*
* OK, the Nak is good. Now we can update state.
*/
if (f->state != OPENED) {
if (looped_back) {
if (++try.numloops >= lcp_loopbackfail) {
LCPDEBUG((LOG_NOTICE, "Serial line is looped back.\n"));
lcp_close(f->unit, "Loopback detected");
}
}
else
try.numloops = 0;
*go = try;
}
return 1;
bad:
LCPDEBUG((LOG_WARNING, "lcp_nakci: received bad Nak!\n"));
return 0;
}
/*
* lcp_rejci - Peer has Rejected some of our CIs.
* This should not modify any state if the Reject is bad
* or if LCP is in the OPENED state.
*
* Returns:
* 0 - Reject was bad.
* 1 - Reject was good.
*/
static int lcp_rejci(fsm *f, u_char *p, int len)
{
lcp_options *go = &lcp_gotoptions[f->unit];
u_char cichar;
u_short cishort;
u32_t cilong;
lcp_options try; /* options to request next time */
try = *go;
/*
* Any Rejected CIs must be in exactly the same order that we sent.
* Check packet length and CI length at each step.
* If we find any deviations, then this packet is bad.
*/
#define REJCIVOID(opt, neg) \
if (go->neg && \
len >= CILEN_VOID && \
p[1] == CILEN_VOID && \
p[0] == opt) { \
len -= CILEN_VOID; \
INCPTR(CILEN_VOID, p); \
try.neg = 0; \
LCPDEBUG((LOG_INFO, "lcp_rejci: void opt %d rejected\n", opt)); \
}
#define REJCISHORT(opt, neg, val) \
if (go->neg && \
len >= CILEN_SHORT && \
p[1] == CILEN_SHORT && \
p[0] == opt) { \
len -= CILEN_SHORT; \
INCPTR(2, p); \
GETSHORT(cishort, p); \
/* Check rejected value. */ \
if (cishort != val) \
goto bad; \
try.neg = 0; \
LCPDEBUG((LOG_INFO,"lcp_rejci: short opt %d rejected\n", opt)); \
}
#define REJCICHAP(opt, neg, val, digest) \
if (go->neg && \
len >= CILEN_CHAP && \
p[1] == CILEN_CHAP && \
p[0] == opt) { \
len -= CILEN_CHAP; \
INCPTR(2, p); \
GETSHORT(cishort, p); \
GETCHAR(cichar, p); \
/* Check rejected value. */ \
if (cishort != val || cichar != digest) \
goto bad; \
try.neg = 0; \
try.neg_upap = 0; \
LCPDEBUG((LOG_INFO,"lcp_rejci: chap opt %d rejected\n", opt)); \
}
#define REJCILONG(opt, neg, val) \
if (go->neg && \
len >= CILEN_LONG && \
p[1] == CILEN_LONG && \
p[0] == opt) { \
len -= CILEN_LONG; \
INCPTR(2, p); \
GETLONG(cilong, p); \
/* Check rejected value. */ \
if (cilong != val) \
goto bad; \
try.neg = 0; \
LCPDEBUG((LOG_INFO,"lcp_rejci: long opt %d rejected\n", opt)); \
}
#define REJCILQR(opt, neg, val) \
if (go->neg && \
len >= CILEN_LQR && \
p[1] == CILEN_LQR && \
p[0] == opt) { \
len -= CILEN_LQR; \
INCPTR(2, p); \
GETSHORT(cishort, p); \
GETLONG(cilong, p); \
/* Check rejected value. */ \
if (cishort != PPP_LQR || cilong != val) \
goto bad; \
try.neg = 0; \
LCPDEBUG((LOG_INFO,"lcp_rejci: LQR opt %d rejected\n", opt)); \
}
#define REJCICBCP(opt, neg, val) \
if (go->neg && \
len >= CILEN_CBCP && \
p[1] == CILEN_CBCP && \
p[0] == opt) { \
len -= CILEN_CBCP; \
INCPTR(2, p); \
GETCHAR(cichar, p); \
/* Check rejected value. */ \
if (cichar != val) \
goto bad; \
try.neg = 0; \
LCPDEBUG((LOG_INFO,"lcp_rejci: Callback opt %d rejected\n", opt)); \
}
REJCISHORT(CI_MRU, neg_mru, go->mru);
REJCILONG(CI_ASYNCMAP, neg_asyncmap, go->asyncmap);
REJCICHAP(CI_AUTHTYPE, neg_chap, PPP_CHAP, go->chap_mdtype);
if (!go->neg_chap) {
REJCISHORT(CI_AUTHTYPE, neg_upap, PPP_PAP);
}
REJCILQR(CI_QUALITY, neg_lqr, go->lqr_period);
REJCICBCP(CI_CALLBACK, neg_cbcp, CBCP_OPT);
REJCILONG(CI_MAGICNUMBER, neg_magicnumber, go->magicnumber);
REJCIVOID(CI_PCOMPRESSION, neg_pcompression);
REJCIVOID(CI_ACCOMPRESSION, neg_accompression);
/*
* If there are any remaining CIs, then this packet is bad.
*/
if (len != 0)
goto bad;
/*
* Now we can update state.
*/
if (f->state != OPENED)
*go = try;
return 1;
bad:
LCPDEBUG((LOG_WARNING, "lcp_rejci: received bad Reject!\n"));
return 0;
}
/*
* lcp_reqci - Check the peer's requested CIs and send appropriate response.
*
* Returns: CONFACK, CONFNAK or CONFREJ and input packet modified
* appropriately. If reject_if_disagree is non-zero, doesn't return
* CONFNAK; returns CONFREJ if it can't return CONFACK.
*/
static int lcp_reqci(fsm *f,
u_char *inp, /* Requested CIs */
int *lenp, /* Length of requested CIs */
int reject_if_disagree)
{
lcp_options *go = &lcp_gotoptions[f->unit];
lcp_options *ho = &lcp_hisoptions[f->unit];
lcp_options *ao = &lcp_allowoptions[f->unit];
u_char *cip, *next; /* Pointer to current and next CIs */
int cilen, citype, cichar; /* Parsed len, type, char value */
u_short cishort; /* Parsed short value */
u32_t cilong; /* Parse long value */
int rc = CONFACK; /* Final packet return code */
int orc; /* Individual option return code */
u_char *p; /* Pointer to next char to parse */
u_char *rejp; /* Pointer to next char in reject frame */
u_char *nakp; /* Pointer to next char in Nak frame */
int l = *lenp; /* Length left */
#if TRACELCP > 0
char traceBuf[80];
int traceNdx = 0;
#endif
/*
* Reset all his options.
*/
BZERO(ho, sizeof(*ho));
/*
* Process all his options.
*/
next = inp;
nakp = nak_buffer;
rejp = inp;
while (l) {
orc = CONFACK; /* Assume success */
cip = p = next; /* Remember begining of CI */
if (l < 2 || /* Not enough data for CI header or */
p[1] < 2 || /* CI length too small or */
p[1] > l) { /* CI length too big? */
LCPDEBUG((LOG_WARNING, "lcp_reqci: bad CI length!\n"));
orc = CONFREJ; /* Reject bad CI */
cilen = l; /* Reject till end of packet */
l = 0; /* Don't loop again */
citype = 0;
goto endswitch;
}
GETCHAR(citype, p); /* Parse CI type */
GETCHAR(cilen, p); /* Parse CI length */
l -= cilen; /* Adjust remaining length */
next += cilen; /* Step to next CI */
switch (citype) { /* Check CI type */
case CI_MRU:
if (!ao->neg_mru) { /* Allow option? */
LCPDEBUG((LOG_INFO, "lcp_reqci: Reject MRU - not allowed\n"));
orc = CONFREJ; /* Reject CI */
break;
} else if (cilen != CILEN_SHORT) { /* Check CI length */
LCPDEBUG((LOG_INFO, "lcp_reqci: Reject MRU - bad length\n"));
orc = CONFREJ; /* Reject CI */
break;
}
GETSHORT(cishort, p); /* Parse MRU */
/*
* He must be able to receive at least our minimum.
* No need to check a maximum. If he sends a large number,
* we'll just ignore it.
*/
if (cishort < PPP_MINMRU) {
LCPDEBUG((LOG_INFO, "lcp_reqci: Nak - MRU too small\n"));
orc = CONFNAK; /* Nak CI */
PUTCHAR(CI_MRU, nakp);
PUTCHAR(CILEN_SHORT, nakp);
PUTSHORT(PPP_MINMRU, nakp); /* Give him a hint */
break;
}
ho->neg_mru = 1; /* Remember he sent MRU */
ho->mru = cishort; /* And remember value */
#if TRACELCP > 0
sprintf(&traceBuf[traceNdx], " MRU %d", cishort);
traceNdx = strlen(traceBuf);
#endif
break;
case CI_ASYNCMAP:
if (!ao->neg_asyncmap) {
LCPDEBUG((LOG_INFO, "lcp_reqci: Reject ASYNCMAP not allowed\n"));
orc = CONFREJ;
break;
} else if (cilen != CILEN_LONG) {
LCPDEBUG((LOG_INFO, "lcp_reqci: Reject ASYNCMAP bad length\n"));
orc = CONFREJ;
break;
}
GETLONG(cilong, p);
/*
* Asyncmap must have set at least the bits
* which are set in lcp_allowoptions[unit].asyncmap.
*/
if ((ao->asyncmap & ~cilong) != 0) {
LCPDEBUG((LOG_INFO, "lcp_reqci: Nak ASYNCMAP %lX missing %lX\n",
cilong, ao->asyncmap));
orc = CONFNAK;
PUTCHAR(CI_ASYNCMAP, nakp);
PUTCHAR(CILEN_LONG, nakp);
PUTLONG(ao->asyncmap | cilong, nakp);
break;
}
ho->neg_asyncmap = 1;
ho->asyncmap = cilong;
#if TRACELCP > 0
sprintf(&traceBuf[traceNdx], " ASYNCMAP=%lX", cilong);
traceNdx = strlen(traceBuf);
#endif
break;
case CI_AUTHTYPE:
if (cilen < CILEN_SHORT) {
LCPDEBUG((LOG_INFO, "lcp_reqci: Reject AUTHTYPE missing arg\n"));
orc = CONFREJ;
break;
} else if (!(ao->neg_upap || ao->neg_chap)) {
/*
* Reject the option if we're not willing to authenticate.
*/
LCPDEBUG((LOG_INFO, "lcp_reqci: Reject AUTHTYPE not allowed\n"));
orc = CONFREJ;
break;
}
GETSHORT(cishort, p);
/*
* Authtype must be UPAP or CHAP.
*
* Note: if both ao->neg_upap and ao->neg_chap are set,
* and the peer sends a Configure-Request with two
* authenticate-protocol requests, one for CHAP and one
* for UPAP, then we will reject the second request.
* Whether we end up doing CHAP or UPAP depends then on
* the ordering of the CIs in the peer's Configure-Request.
*/
if (cishort == PPP_PAP) {
if (ho->neg_chap) { /* we've already accepted CHAP */
LCPDEBUG((LOG_WARNING, "lcp_reqci: Reject AUTHTYPE PAP already accepted\n"));
orc = CONFREJ;
break;
} else if (cilen != CILEN_SHORT) {
LCPDEBUG((LOG_WARNING, "lcp_reqci: Reject AUTHTYPE PAP bad len\n"));
orc = CONFREJ;
break;
}
if (!ao->neg_upap) { /* we don't want to do PAP */
LCPDEBUG((LOG_WARNING, "lcp_reqci: Nak AUTHTYPE PAP not allowed\n"));
orc = CONFNAK; /* NAK it and suggest CHAP */
PUTCHAR(CI_AUTHTYPE, nakp);
PUTCHAR(CILEN_CHAP, nakp);
PUTSHORT(PPP_CHAP, nakp);
PUTCHAR(ao->chap_mdtype, nakp);
break;
}
ho->neg_upap = 1;
#if TRACELCP > 0
sprintf(&traceBuf[traceNdx], " PAP (%X)", cishort);
traceNdx = strlen(traceBuf);
#endif
break;
}
if (cishort == PPP_CHAP) {
if (ho->neg_upap) { /* we've already accepted PAP */
LCPDEBUG((LOG_WARNING, "lcp_reqci: Reject AUTHTYPE CHAP accepted PAP\n"));
orc = CONFREJ;
break;
} else if (cilen != CILEN_CHAP) {
LCPDEBUG((LOG_WARNING, "lcp_reqci: Reject AUTHTYPE CHAP bad len\n"));
orc = CONFREJ;
break;
}
if (!ao->neg_chap) { /* we don't want to do CHAP */
LCPDEBUG((LOG_WARNING, "lcp_reqci: Nak AUTHTYPE CHAP not allowed\n"));
orc = CONFNAK; /* NAK it and suggest PAP */
PUTCHAR(CI_AUTHTYPE, nakp);
PUTCHAR(CILEN_SHORT, nakp);
PUTSHORT(PPP_PAP, nakp);
break;
}
GETCHAR(cichar, p); /* get digest type*/
if (cichar != CHAP_DIGEST_MD5
#ifdef CHAPMS
&& cichar != CHAP_MICROSOFT
#endif
) {
LCPDEBUG((LOG_WARNING, "lcp_reqci: Nak AUTHTYPE CHAP digest=%d\n", cichar));
orc = CONFNAK;
PUTCHAR(CI_AUTHTYPE, nakp);
PUTCHAR(CILEN_CHAP, nakp);
PUTSHORT(PPP_CHAP, nakp);
PUTCHAR(ao->chap_mdtype, nakp);
break;
}
#if TRACELCP > 0
sprintf(&traceBuf[traceNdx], " CHAP %X,%d", cishort, cichar);
traceNdx = strlen(traceBuf);
#endif
ho->chap_mdtype = cichar; /* save md type */
ho->neg_chap = 1;
break;
}
/*
* We don't recognize the protocol they're asking for.
* Nak it with something we're willing to do.
* (At this point we know ao->neg_upap || ao->neg_chap.)
*/
orc = CONFNAK;
PUTCHAR(CI_AUTHTYPE, nakp);
if (ao->neg_chap) {
LCPDEBUG((LOG_WARNING, "lcp_reqci: Nak AUTHTYPE %d req CHAP\n", cishort));
PUTCHAR(CILEN_CHAP, nakp);
PUTSHORT(PPP_CHAP, nakp);
PUTCHAR(ao->chap_mdtype, nakp);
}
else {
LCPDEBUG((LOG_WARNING, "lcp_reqci: Nak AUTHTYPE %d req PAP\n", cishort));
PUTCHAR(CILEN_SHORT, nakp);
PUTSHORT(PPP_PAP, nakp);
}
break;
case CI_QUALITY:
GETSHORT(cishort, p);
GETLONG(cilong, p);
#if TRACELCP > 0
sprintf(&traceBuf[traceNdx], " QUALITY (%x %x)", cishort, (unsigned int) cilong);
traceNdx = strlen(traceBuf);
#endif
if (!ao->neg_lqr ||
cilen != CILEN_LQR) {
orc = CONFREJ;
break;
}
/*
* Check the protocol and the reporting period.
* XXX When should we Nak this, and what with?
*/
if (cishort != PPP_LQR) {
orc = CONFNAK;
PUTCHAR(CI_QUALITY, nakp);
PUTCHAR(CILEN_LQR, nakp);
PUTSHORT(PPP_LQR, nakp);
PUTLONG(ao->lqr_period, nakp);
break;
}
break;
case CI_MAGICNUMBER:
if (!(ao->neg_magicnumber || go->neg_magicnumber) ||
cilen != CILEN_LONG) {
orc = CONFREJ;
break;
}
GETLONG(cilong, p);
#if TRACELCP > 0
sprintf(&traceBuf[traceNdx], " MAGICNUMBER (%lX)", cilong);
traceNdx = strlen(traceBuf);
#endif
/*
* He must have a different magic number.
*/
if (go->neg_magicnumber &&
cilong == go->magicnumber) {
cilong = magic(); /* Don't put magic() inside macro! */
orc = CONFNAK;
PUTCHAR(CI_MAGICNUMBER, nakp);
PUTCHAR(CILEN_LONG, nakp);
PUTLONG(cilong, nakp);
break;
}
ho->neg_magicnumber = 1;
ho->magicnumber = cilong;
break;
case CI_PCOMPRESSION:
#if TRACELCP > 0
sprintf(&traceBuf[traceNdx], " PCOMPRESSION");
traceNdx = strlen(traceBuf);
#endif
if (!ao->neg_pcompression ||
cilen != CILEN_VOID) {
orc = CONFREJ;
break;
}
ho->neg_pcompression = 1;
break;
case CI_ACCOMPRESSION:
#if TRACELCP > 0
sprintf(&traceBuf[traceNdx], " ACCOMPRESSION");
traceNdx = strlen(traceBuf);
#endif
if (!ao->neg_accompression ||
cilen != CILEN_VOID) {
orc = CONFREJ;
break;
}
ho->neg_accompression = 1;
break;
default:
#if TRACELCP
sprintf(&traceBuf[traceNdx], " unknown %d", citype);
traceNdx = strlen(traceBuf);
#endif
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -