From 29bfdacc0e5321df6d05b93359a49419a2f59670 Mon Sep 17 00:00:00 2001 From: Kozlov Dmitry Date: Mon, 23 Aug 2010 13:36:50 +0400 Subject: implemented base IPCP module implemented IPCP IP-Address configuration option --- accel-pptpd/CMakeLists.txt | 8 +- accel-pptpd/auth_pap.c | 4 +- accel-pptpd/events.h | 18 -- accel-pptpd/ipcp_opt_ipaddr.c | 105 ++++++++ accel-pptpd/ipdb.c | 10 + accel-pptpd/ipdb.h | 9 + accel-pptpd/lcp_base_opt.c | 75 ------ accel-pptpd/ppp.c | 31 ++- accel-pptpd/ppp_ipcp.c | 545 +++++++++++++++++++++++++++++++++++++++++- accel-pptpd/ppp_ipcp.h | 94 ++++++++ accel-pptpd/ppp_lcp.c | 11 +- 11 files changed, 792 insertions(+), 118 deletions(-) delete mode 100644 accel-pptpd/events.h create mode 100644 accel-pptpd/ipcp_opt_ipaddr.c create mode 100644 accel-pptpd/ipdb.c create mode 100644 accel-pptpd/ipdb.h delete mode 100644 accel-pptpd/lcp_base_opt.c create mode 100644 accel-pptpd/ppp_ipcp.h diff --git a/accel-pptpd/CMakeLists.txt b/accel-pptpd/CMakeLists.txt index 2a038f1..452f914 100644 --- a/accel-pptpd/CMakeLists.txt +++ b/accel-pptpd/CMakeLists.txt @@ -11,15 +11,21 @@ ADD_EXECUTABLE(pptpd log.c ppp.c ppp_fsm.c + ppp_lcp.c lcp_opt_mru.c lcp_opt_magic.c lcp_opt_pcomp.c lcp_opt_accomp.c + ppp_auth.c + auth_pap.c + ppp_ccp.c ppp_ipcp.c - auth_pap.c + ipcp_opt_ipaddr.c + pwdb.c + ipdb.c ) TARGET_LINK_LIBRARIES(pptpd pthread triton) diff --git a/accel-pptpd/auth_pap.c b/accel-pptpd/auth_pap.c index e92f253..85e71e6 100644 --- a/accel-pptpd/auth_pap.c +++ b/accel-pptpd/auth_pap.c @@ -114,7 +114,7 @@ static void pap_send_ack(struct pap_auth_data_t *p, int id) msg->hdr.proto=htons(PPP_PAP); msg->hdr.code=PAP_ACK; msg->hdr.id=id; - msg->hdr.len=htons(HDR_LEN+1+sizeof(MSG_SUCCESSED)); + msg->hdr.len=htons(HDR_LEN+1+sizeof(MSG_SUCCESSED)-1); msg->msg_len=sizeof(MSG_SUCCESSED)-1; memcpy(msg->msg,MSG_SUCCESSED,sizeof(MSG_SUCCESSED)); @@ -130,7 +130,7 @@ static void pap_send_nak(struct pap_auth_data_t *p,int id) msg->hdr.proto=htons(PPP_PAP); msg->hdr.code=PAP_NAK; msg->hdr.id=id; - msg->hdr.len=htons(HDR_LEN+1+sizeof(MSG_FAILED)); + msg->hdr.len=htons(HDR_LEN+1+sizeof(MSG_FAILED)-1); msg->msg_len=sizeof(MSG_FAILED)-1; memcpy(msg->msg,MSG_FAILED,sizeof(MSG_FAILED)); diff --git a/accel-pptpd/events.h b/accel-pptpd/events.h deleted file mode 100644 index 15704a7..0000000 --- a/accel-pptpd/events.h +++ /dev/null @@ -1,18 +0,0 @@ -// -// C++ Interface: events -// -// Description: -// -// -// Author: , (C) 2009 -// -// Copyright: See COPYING file that comes with this distribution -// -// - -#ifndef EVENTS_H -#define EVENTS_H - -#define EV_PPP_PACKET 1 - -#endif diff --git a/accel-pptpd/ipcp_opt_ipaddr.c b/accel-pptpd/ipcp_opt_ipaddr.c new file mode 100644 index 0000000..a68212f --- /dev/null +++ b/accel-pptpd/ipcp_opt_ipaddr.c @@ -0,0 +1,105 @@ +#include +#include +#include + +#include "ppp.h" +#include "ppp_ipcp.h" +#include "log.h" +#include "ipdb.h" + +static struct ipcp_option_t *ipaddr_init(struct ppp_ipcp_t *ipcp); +static void ipaddr_free(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt); +static int ipaddr_send_conf_req(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr); +static int ipaddr_send_conf_nak(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr); +static int ipaddr_recv_conf_req(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr); +static void ipaddr_print(void (*print)(const char *fmt,...),struct ipcp_option_t*, uint8_t *ptr); + +struct ipaddr_option_t +{ + struct ipcp_option_t opt; + in_addr_t addr; + in_addr_t peer_addr; +}; + +static struct ipcp_option_handler_t ipaddr_opt_hnd= +{ + .init=ipaddr_init, + .send_conf_req=ipaddr_send_conf_req, + .send_conf_nak=ipaddr_send_conf_nak, + .recv_conf_req=ipaddr_recv_conf_req, + .free=ipaddr_free, + .print=ipaddr_print, +}; + +static struct ipcp_option_t *ipaddr_init(struct ppp_ipcp_t *ipcp) +{ + struct ipaddr_option_t *ipaddr_opt=malloc(sizeof(*ipaddr_opt)); + memset(ipaddr_opt,0,sizeof(*ipaddr_opt)); + ipdb_get(&ipaddr_opt->addr,&ipaddr_opt->peer_addr); + ipaddr_opt->opt.id=CI_ADDR; + ipaddr_opt->opt.len=6; + + return &ipaddr_opt->opt; +} + +static void ipaddr_free(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt) +{ + struct ipaddr_option_t *ipaddr_opt=container_of(opt,typeof(*ipaddr_opt),opt); + + free(ipaddr_opt); +} + +static int ipaddr_send_conf_req(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr) +{ + struct ipaddr_option_t *ipaddr_opt=container_of(opt,typeof(*ipaddr_opt),opt); + struct ipcp_opt32_t *opt32=(struct ipcp_opt32_t*)ptr; + opt32->hdr.id=CI_ADDR; + opt32->hdr.len=6; + opt32->val=ipaddr_opt->addr; + return 6; +} + +static int ipaddr_send_conf_nak(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr) +{ + struct ipaddr_option_t *ipaddr_opt=container_of(opt,typeof(*ipaddr_opt),opt); + struct ipcp_opt32_t *opt32=(struct ipcp_opt32_t*)ptr; + opt32->hdr.id=CI_ADDR; + opt32->hdr.len=6; + opt32->val=ipaddr_opt->peer_addr; + return 6; +} + +static int ipaddr_recv_conf_req(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr) +{ + struct ipaddr_option_t *ipaddr_opt=container_of(opt,typeof(*ipaddr_opt),opt); + struct ipcp_opt32_t *opt32=(struct ipcp_opt32_t*)ptr; + + if (ipaddr_opt->peer_addr==opt32->val) + return IPCP_OPT_ACK; + + if (!ipaddr_opt->peer_addr) + { + ipaddr_opt->peer_addr=opt32->val; + return IPCP_OPT_ACK; + } + + return IPCP_OPT_NAK; +} + +static void ipaddr_print(void (*print)(const char *fmt,...),struct ipcp_option_t *opt, uint8_t *ptr) +{ + struct ipaddr_option_t *ipaddr_opt=container_of(opt,typeof(*ipaddr_opt),opt); + struct ipcp_opt32_t *opt32=(struct ipcp_opt32_t*)ptr; + struct in_addr in; + + if (ptr) in.s_addr=opt32->val; + else in.s_addr=ipaddr_opt->addr; + + print("",inet_ntoa(in)); +} + +static void __init ipaddr_opt_init() +{ + ipcp_option_register(&ipaddr_opt_hnd); +} + diff --git a/accel-pptpd/ipdb.c b/accel-pptpd/ipdb.c new file mode 100644 index 0000000..fb13971 --- /dev/null +++ b/accel-pptpd/ipdb.c @@ -0,0 +1,10 @@ +#include "ipdb.h" + +int ipdb_get(in_addr_t *addr, in_addr_t *peer_addr) +{ + *addr=inet_addr("192.168.200.100"); + *peer_addr=inet_addr("192.168.200.200"); + + return 0; +} + diff --git a/accel-pptpd/ipdb.h b/accel-pptpd/ipdb.h new file mode 100644 index 0000000..ed7df6b --- /dev/null +++ b/accel-pptpd/ipdb.h @@ -0,0 +1,9 @@ +#ifndef IPDB_H +#define IPDB_H + +#include + +int ipdb_get(in_addr_t *addr, in_addr_t *peer_addr); + +#endif + diff --git a/accel-pptpd/lcp_base_opt.c b/accel-pptpd/lcp_base_opt.c deleted file mode 100644 index 352dee2..0000000 --- a/accel-pptpd/lcp_base_opt.c +++ /dev/null @@ -1,75 +0,0 @@ -#include "ppp_lcp.h" - -static struct lcp_option_t *mru_init(struct ppp_lcp_t *lcp); -static void mru_free(struct ppp_lcp_t *lcp, struct lcp_option_t *opt); -static int mru_send_conf_req(struct ppp_lcp_t *lcp, struct lcp_option_t *opt, uint8_t *ptr); -static int mru_send_conf_nak(struct ppp_lcp_t *lcp, struct lcp_option_t *opt, uint8_t *ptr); -static int mru_recv_conf_req(struct ppp_lcp_t *lcp, struct lcp_option_t *opt, uint8_t *ptr); - -struct mru_option_t -{ - struct lcp_option_t opt; - int mru; - int mtu; -}; - -static struct lcp_option_handler_t opt_mru= -{ - .id=CI_MRU, - .init=mru_init, - .send_conf_req=mru_send_conf_req, - .send_conf_nak=mru_send_conf_nak, - .recv_conf_req=mru_recv_conf_req, - .free=mru_free, -}; - -static struct lcp_option_t *mru_init(struct ppp_lcp_t *lcp) -{ - struct mru_option_t *mru_opt=malloc(sizeof(*mru_opt)); - memset(mru_opt,0,sizeof(*mru_opt)); - mru_opt->mtu=0; - mru_opt->mru=1500; - mru_opt->opt.len=4; - - return &mru_opt->opt; -} - -static void mru_free(struct ppp_lcp_t *lcp, struct lcp_option_t *opt) -{ - struct mru_option_t *mru_opt=container_of(opt,typeof(*mru_opt),opt); - - free(mru_opt); -} - -static int mru_send_conf_req(struct ppp_lcp_t *lcp, struct lcp_option_t *opt, uint8_t *ptr) -{ - struct mru_option_t *mru_opt=container_of(opt,typeof(*mru_opt),opt); - struct lcp_opt16_t *opt16=(struct lcp_opt16_t*)ptr; - opt16->hdr.type=CI_MRU; - opt16->hdr.len=4; - opt16->val=htons(mru_opt->mru); - return 4; -} - -static int mru_send_conf_nak(struct ppp_lcp_t *lcp, struct lcp_option_t *opt, uint8_t *ptr) -{ - struct mru_option_t *mru_opt=container_of(opt,typeof(*mru_opt),opt); - struct lcp_opt16_t *opt16=(struct lcp_opt16_t*)ptr; - opt16->hdr.type=CI_MRU; - opt16->hdr.len=4; - opt16->val=htons(mru_opt->mtu); - return 4; -} - -static int mru_recv_conf_req(struct ppp_lcp_t *lcp, struct lcp_option_t *opt, uint8_t *ptr) -{ - struct mru_option_t *mru_opt=container_of(opt,typeof(*mru_opt),opt); - struct lcp_opt16_t *opt16=(struct lcp_opt16_t*)ptr; - - if (!mru_opt->mtu || mru_opt->mtu==ntohs(opt16->val)) - { - mru_opt->mtu=ntohs(opt16->val); - return LCP_OPT_ACK; - }else return LCP_OPT_NAK; -} - diff --git a/accel-pptpd/ppp.c b/accel-pptpd/ppp.c index 58f99dc..40f5ff7 100644 --- a/accel-pptpd/ppp.c +++ b/accel-pptpd/ppp.c @@ -15,7 +15,6 @@ #include "ppp.h" #include "ppp_fsm.h" #include "log.h" -#include "events.h" static LIST_HEAD(layers); @@ -158,8 +157,8 @@ int ppp_chan_send(struct ppp_t *ppp, void *data, int size) { int n; - printf("ppp_chan_send: "); - print_buf((uint8_t*)data,size); + //printf("ppp_chan_send: "); + //print_buf((uint8_t*)data,size); n=write(ppp->chan_fd,data,size); if (nunit_fd,data,size); if (nchan_buf_size=read(h->fd,ppp->chan_buf,PPP_MRU); - printf("ppp_chan_read: "); - print_buf(ppp->chan_buf,ppp->chan_buf_size); + //printf("ppp_chan_read: "); + //print_buf(ppp->chan_buf,ppp->chan_buf_size); if (ppp->chan_buf_size<2) { @@ -266,28 +265,26 @@ void ppp_layer_finished(struct ppp_t *ppp, struct ppp_layer_data_t *d) d->started=0; - list_for_each_entry(d,&n->items,entry) - if (d->started) return; - - if (n->entry.prev==&ppp->layers) destablish_ppp(ppp); - else + list_for_each_entry(n,&ppp->layers,entry) { - n=list_entry(n->entry.prev,typeof(*n),entry); list_for_each_entry(d,&n->items,entry) - if (d->started) d->layer->finish(d); + { + if (d->started) + return; + } } + destablish_ppp(ppp); } void ppp_terminate(struct ppp_t *ppp) { struct layer_node_t *n; - struct list_head *p; struct ppp_layer_data_t *d; int s=0; log_debug("ppp_terminate\n"); - list_for_each_prev(p,&ppp->layers) + list_for_each_entry(n,&ppp->layers,entry) { list_for_each_entry(d,&n->items,entry) { @@ -297,8 +294,8 @@ void ppp_terminate(struct ppp_t *ppp) d->layer->finish(d); } } - if (s) return; } + if (s) return; destablish_ppp(ppp); } diff --git a/accel-pptpd/ppp_ipcp.c b/accel-pptpd/ppp_ipcp.c index 09b0483..e008117 100644 --- a/accel-pptpd/ppp_ipcp.c +++ b/accel-pptpd/ppp_ipcp.c @@ -1,12 +1,551 @@ +#include +#include +#include +#include +#include + +#include "triton/triton.h" + +#include "log.h" + #include "ppp.h" +#include "ppp_ipcp.h" -int ipcp_start(struct ppp_t *ppp) +struct recv_opt_t { - return 0; + struct list_head entry; + struct ipcp_opt_hdr_t *hdr; + int len; + int state; + struct ipcp_option_t *lopt; +}; + +static LIST_HEAD(option_handlers); + +static void ipcp_layer_up(struct ppp_fsm_t*); +static void ipcp_layer_down(struct ppp_fsm_t*); +static void send_conf_req(struct ppp_fsm_t*); +static void send_conf_ack(struct ppp_fsm_t*); +static void send_conf_nak(struct ppp_fsm_t*); +static void send_conf_rej(struct ppp_fsm_t*); +static void ipcp_recv(struct ppp_handler_t*); + +static void ipcp_options_init(struct ppp_ipcp_t *ipcp) +{ + struct ipcp_option_t *lopt; + struct ipcp_option_handler_t *h; + + INIT_LIST_HEAD(&ipcp->options); + + list_for_each_entry(h,&option_handlers,entry) + { + lopt=h->init(ipcp); + if (lopt) + { + lopt->h=h; + list_add_tail(&lopt->entry,&ipcp->options); + ipcp->conf_req_len+=lopt->len; + } + } +} + +static void ipcp_options_free(struct ppp_ipcp_t *ipcp) +{ + struct ipcp_option_t *lopt; + + while(!list_empty(&ipcp->options)) + { + lopt=list_entry(ipcp->options.next,typeof(*lopt),entry); + list_del(&lopt->entry); + lopt->h->free(ipcp,lopt); + } +} + +static struct ppp_layer_data_t *ipcp_layer_init(struct ppp_t *ppp) +{ + struct ppp_ipcp_t *ipcp=malloc(sizeof(*ipcp)); + memset(ipcp,0,sizeof(*ipcp)); + + log_debug("ipcp_layer_init\n"); + + ipcp->ppp=ppp; + ipcp->fsm.ppp=ppp; + + ipcp->hnd.proto=PPP_IPCP; + ipcp->hnd.recv=ipcp_recv; + + ppp_register_unit_handler(ppp,&ipcp->hnd); + + ppp_fsm_init(&ipcp->fsm); + + ipcp->fsm.layer_up=ipcp_layer_up; + ipcp->fsm.layer_finished=ipcp_layer_down; + ipcp->fsm.send_conf_req=send_conf_req; + ipcp->fsm.send_conf_ack=send_conf_ack; + ipcp->fsm.send_conf_nak=send_conf_nak; + ipcp->fsm.send_conf_rej=send_conf_rej; + + INIT_LIST_HEAD(&ipcp->ropt_list); + + return &ipcp->ld; +} + +void ipcp_layer_start(struct ppp_layer_data_t *ld) +{ + struct ppp_ipcp_t *ipcp=container_of(ld,typeof(*ipcp),ld); + + log_debug("ipcp_layer_start\n"); + + ipcp_options_init(ipcp); + ppp_fsm_lower_up(&ipcp->fsm); + ppp_fsm_open(&ipcp->fsm); +} + +void ipcp_layer_finish(struct ppp_layer_data_t *ld) +{ + struct ppp_ipcp_t *ipcp=container_of(ld,typeof(*ipcp),ld); + + log_debug("ipcp_layer_finish\n"); + + ppp_unregister_handler(ipcp->ppp,&ipcp->hnd); + ipcp_options_free(ipcp); + + ppp_layer_finished(ipcp->ppp,ld); +} + +void ipcp_layer_free(struct ppp_layer_data_t *ld) +{ + struct ppp_ipcp_t *ipcp=container_of(ld,typeof(*ipcp),ld); + + log_debug("ipcp_layer_free\n"); + + free(ipcp); +} + +static void ipcp_layer_up(struct ppp_fsm_t *fsm) +{ + struct ppp_ipcp_t *ipcp=container_of(fsm,typeof(*ipcp),fsm); + log_debug("ipcp_layer_started\n"); + ppp_layer_started(ipcp->ppp,&ipcp->ld); +} + +static void ipcp_layer_down(struct ppp_fsm_t *fsm) +{ + struct ppp_ipcp_t *ipcp=container_of(fsm,typeof(*ipcp),fsm); + log_debug("ipcp_layer_finished\n"); + ppp_layer_finished(ipcp->ppp,&ipcp->ld); +} + +static void print_ropt(struct recv_opt_t *ropt) +{ + int i; + uint8_t *ptr=(uint8_t*)ropt->hdr; + + log_debug(" <"); + for(i=0; ilen; i++) + { + log_debug(" %x",ptr[i]); + } + log_debug(">"); +} + +static void send_conf_req(struct ppp_fsm_t *fsm) +{ + struct ppp_ipcp_t *ipcp=container_of(fsm,typeof(*ipcp),fsm); + uint8_t *buf=malloc(ipcp->conf_req_len), *ptr=buf; + struct ipcp_hdr_t *ipcp_hdr=(struct ipcp_hdr_t*)ptr; + struct ipcp_option_t *lopt; + int n; + + log_debug("send [IPCP ConfReq"); + ipcp_hdr->proto=htons(PPP_IPCP); + ipcp_hdr->code=CONFREQ; + ipcp_hdr->id=++ipcp->fsm.id; + ipcp_hdr->len=0; + log_debug(" id=%x",ipcp_hdr->id); + + ptr+=sizeof(*ipcp_hdr); + + list_for_each_entry(lopt,&ipcp->options,entry) + { + n=lopt->h->send_conf_req(ipcp,lopt,ptr); + if (n) + { + log_debug(" "); + lopt->h->print(log_debug,lopt,NULL); + ptr+=n; + } + } + + log_debug("]\n"); + + ipcp_hdr->len=htons((ptr-buf)-2); + ppp_unit_send(ipcp->ppp,ipcp_hdr,ptr-buf); +} + +static void send_conf_ack(struct ppp_fsm_t *fsm) +{ + struct ppp_ipcp_t *ipcp=container_of(fsm,typeof(*ipcp),fsm); + struct ipcp_hdr_t *hdr=(struct ipcp_hdr_t*)ipcp->ppp->unit_buf; + + hdr->code=CONFACK; + log_debug("send [IPCP ConfAck id=%x ]\n",ipcp->fsm.recv_id); + + ppp_unit_send(ipcp->ppp,hdr,ntohs(hdr->len)+2); +} + +static void send_conf_nak(struct ppp_fsm_t *fsm) +{ + struct ppp_ipcp_t *ipcp=container_of(fsm,typeof(*ipcp),fsm); + uint8_t *buf=malloc(ipcp->conf_req_len), *ptr=buf; + struct ipcp_hdr_t *ipcp_hdr=(struct ipcp_hdr_t*)ptr; + struct ipcp_option_t *lopt; + + log_debug("send [IPCP ConfNak id=%x",ipcp->fsm.recv_id); + + ipcp_hdr->proto=htons(PPP_IPCP); + ipcp_hdr->code=CONFNAK; + ipcp_hdr->id=ipcp->fsm.recv_id; + ipcp_hdr->len=0; + + ptr+=sizeof(*ipcp_hdr); + + list_for_each_entry(lopt,&ipcp->options,entry) + { + if (lopt->state==IPCP_OPT_NAK) + { + log_debug(" "); + lopt->h->print(log_debug,lopt,NULL); + ptr+=lopt->h->send_conf_nak(ipcp,lopt,ptr); + } + } + + log_debug("]\n"); + + ipcp_hdr->len=htons((ptr-buf)-2); + ppp_unit_send(ipcp->ppp,ipcp_hdr,ptr-buf); +} + +static void send_conf_rej(struct ppp_fsm_t *fsm) +{ + struct ppp_ipcp_t *ipcp=container_of(fsm,typeof(*ipcp),fsm); + uint8_t *buf=malloc(ipcp->ropt_len), *ptr=buf; + struct ipcp_hdr_t *ipcp_hdr=(struct ipcp_hdr_t*)ptr; + struct recv_opt_t *ropt; + + log_debug("send [IPCP ConfRej id=%x ",ipcp->fsm.recv_id); + + ipcp_hdr->proto=htons(PPP_IPCP); + ipcp_hdr->code=CONFREJ; + ipcp_hdr->id=ipcp->fsm.recv_id; + ipcp_hdr->len=0; + + ptr+=sizeof(*ipcp_hdr); + + list_for_each_entry(ropt,&ipcp->ropt_list,entry) + { + if (ropt->state==IPCP_OPT_REJ) + { + log_debug(" "); + if (ropt->lopt) ropt->lopt->h->print(log_debug,ropt->lopt,(uint8_t*)ropt->hdr); + else print_ropt(ropt); + memcpy(ptr,ropt->hdr,ropt->len); + ptr+=ropt->len; + } + } + + log_debug("]\n"); + + ipcp_hdr->len=htons((ptr-buf)-2); + ppp_unit_send(ipcp->ppp,ipcp_hdr,ptr-buf); +} + +static int ipcp_recv_conf_req(struct ppp_ipcp_t *ipcp,uint8_t *data,int size) +{ + struct ipcp_opt_hdr_t *hdr; + struct recv_opt_t *ropt; + struct ipcp_option_t *lopt; + int r,ret=1; + + ipcp->ropt_len=size; + + while(size>0) + { + hdr=(struct ipcp_opt_hdr_t *)data; + + ropt=malloc(sizeof(*ropt)); + memset(ropt,0,sizeof(*ropt)); + if (hdr->len>size) ropt->len=size; + else ropt->len=hdr->len; + ropt->hdr=hdr; + ropt->state=IPCP_OPT_NONE; + list_add_tail(&ropt->entry,&ipcp->ropt_list); + + data+=ropt->len; + size-=ropt->len; + } + + list_for_each_entry(lopt,&ipcp->options,entry) + lopt->state=IPCP_OPT_NONE; + + log_debug("recv [IPCP ConfReq id=%x",ipcp->fsm.recv_id); + list_for_each_entry(ropt,&ipcp->ropt_list,entry) + { + list_for_each_entry(lopt,&ipcp->options,entry) + { + if (lopt->id==ropt->hdr->id) + { + log_debug(" "); + lopt->h->print(log_debug,lopt,(uint8_t*)ropt->hdr); + r=lopt->h->recv_conf_req(ipcp,lopt,(uint8_t*)ropt->hdr); + lopt->state=r; + ropt->state=r; + ropt->lopt=lopt; + if (rlopt) + { + log_debug(" "); + print_ropt(ropt); + ropt->state=IPCP_OPT_REJ; + ret=IPCP_OPT_REJ; + } + } + log_debug("]\n"); + + /*list_for_each_entry(lopt,&ipcp->options,entry) + { + if (lopt->state==IPCP_OPT_NONE) + { + r=lopt->h->recv_conf_req(ipcp,lopt,NULL); + lopt->state=r; + if (rropt_list)) + { + ropt=list_entry(ipcp->ropt_list.next,typeof(*ropt),entry); + list_del(&ropt->entry); + free(ropt); + } +} + +static int ipcp_recv_conf_rej(struct ppp_ipcp_t *ipcp,uint8_t *data,int size) +{ + struct ipcp_opt_hdr_t *hdr; + struct ipcp_option_t *lopt; + int res=0; + + log_debug("recv [IPCP ConfRej id=%x",ipcp->fsm.recv_id); + + if (ipcp->fsm.recv_id!=ipcp->fsm.id) + { + log_debug(": id mismatch ]\n"); + return 0; + } + + while(size>0) + { + hdr=(struct ipcp_opt_hdr_t *)data; + + list_for_each_entry(lopt,&ipcp->options,entry) + { + if (lopt->id==hdr->id) + { + if (lopt->h->recv_conf_rej(ipcp,lopt,data)) + res=-1; + break; + } + } + + data+=hdr->len; + size-=hdr->len; + } + log_debug("]\n"); + return res; } -void ipcp_finish(struct ppp_t *ppp) +static int ipcp_recv_conf_nak(struct ppp_ipcp_t *ipcp,uint8_t *data,int size) { + struct ipcp_opt_hdr_t *hdr; + struct ipcp_option_t *lopt; + int res=0; + log_debug("recv [IPCP ConfNak id=%x",ipcp->fsm.recv_id); + + if (ipcp->fsm.recv_id!=ipcp->fsm.id) + { + log_debug(": id mismatch ]\n"); + return 0; + } + + while(size>0) + { + hdr=(struct ipcp_opt_hdr_t *)data; + + list_for_each_entry(lopt,&ipcp->options,entry) + { + if (lopt->id==hdr->id) + { + log_debug(" "); + lopt->h->print(log_debug,lopt,data); + if (lopt->h->recv_conf_nak(ipcp,lopt,data)) + res=-1; + break; + } + } + + data+=hdr->len; + size-=hdr->len; + } + log_debug("]\n"); + return res; } +static int ipcp_recv_conf_ack(struct ppp_ipcp_t *ipcp,uint8_t *data,int size) +{ + struct ipcp_opt_hdr_t *hdr; + struct ipcp_option_t *lopt; + int res=0; + + log_debug("recv [IPCP ConfAck id=%x",ipcp->fsm.recv_id); + + if (ipcp->fsm.recv_id!=ipcp->fsm.id) + { + log_debug(": id mismatch ]\n"); + return 0; + } + + while(size>0) + { + hdr=(struct ipcp_opt_hdr_t *)data; + + list_for_each_entry(lopt,&ipcp->options,entry) + { + if (lopt->id==hdr->id) + { + log_debug(" "); + lopt->h->print(log_debug,lopt,data); + if (lopt->h->recv_conf_ack) + lopt->h->recv_conf_ack(ipcp,lopt,data); + break; + } + } + + data+=hdr->len; + size-=hdr->len; + } + log_debug("]\n"); + return res; +} + +static void ipcp_recv(struct ppp_handler_t*h) +{ + struct ipcp_hdr_t *hdr; + struct ppp_ipcp_t *ipcp=container_of(h,typeof(*ipcp),hnd); + int r; + char *term_msg; + + if (ipcp->ppp->unit_buf_sizeppp->unit_buf; + if (ntohs(hdr->len)fsm.recv_id=hdr->id; + switch(hdr->code) + { + case CONFREQ: + r=ipcp_recv_conf_req(ipcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); + switch(r) + { + case IPCP_OPT_ACK: + ppp_fsm_recv_conf_req_ack(&ipcp->fsm); + break; + case IPCP_OPT_NAK: + ppp_fsm_recv_conf_req_nak(&ipcp->fsm); + break; + case IPCP_OPT_REJ: + ppp_fsm_recv_conf_req_rej(&ipcp->fsm); + break; + } + ipcp_free_conf_req(ipcp); + if (r==IPCP_OPT_FAIL) + ppp_terminate(ipcp->ppp); + break; + case CONFACK: + ipcp_recv_conf_ack(ipcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); + ppp_fsm_recv_conf_ack(&ipcp->fsm); + break; + case CONFNAK: + ipcp_recv_conf_nak(ipcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); + ppp_fsm_recv_conf_rej(&ipcp->fsm); + break; + case CONFREJ: + ipcp_recv_conf_rej(ipcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); + ppp_fsm_recv_conf_rej(&ipcp->fsm); + break; + case TERMREQ: + term_msg=strndup((uint8_t*)(hdr+1),ntohs(hdr->len)); + log_debug("recv [IPCP TermReq id=%x \"%s\"]\n",hdr->id,term_msg); + free(term_msg); + ppp_fsm_recv_term_req(&ipcp->fsm); + ppp_terminate(ipcp->ppp); + break; + case TERMACK: + term_msg=strndup((uint8_t*)(hdr+1),ntohs(hdr->len)); + log_debug("recv [IPCP TermAck id=%x \"%s\"]\n",hdr->id,term_msg); + free(term_msg); + ppp_fsm_recv_term_ack(&ipcp->fsm); + break; + case CODEREJ: + log_debug("recv [IPCP CodeRej id=%x]\n",hdr->id); + ppp_fsm_recv_code_rej_bad(&ipcp->fsm); + break; + default: + ppp_fsm_recv_unk(&ipcp->fsm); + break; + } +} + +int ipcp_option_register(struct ipcp_option_handler_t *h) +{ + /*struct ipcp_option_drv_t *p; + + list_for_each_entry(p,option_drv_list,entry) + if (p->id==h->id) + return -1;*/ + + list_add_tail(&h->entry,&option_handlers); + + return 0; +} + +static struct ppp_layer_t ipcp_layer= +{ + .init=ipcp_layer_init, + .start=ipcp_layer_start, + .finish=ipcp_layer_finish, + .free=ipcp_layer_free, +}; + +static void __init ipcp_init(void) +{ + ppp_register_layer("ipcp",&ipcp_layer); +} diff --git a/accel-pptpd/ppp_ipcp.h b/accel-pptpd/ppp_ipcp.h new file mode 100644 index 0000000..0f83d44 --- /dev/null +++ b/accel-pptpd/ppp_ipcp.h @@ -0,0 +1,94 @@ +#ifndef PPP_IPCP_H +#define PPP_IPCP_H + +#include + +#include "triton/triton.h" +#include "ppp_fsm.h" +/* + * Options. + */ +#define CI_COMP 2 /* IP-Compress-Protocol */ +#define CI_ADDR 3 /* IP-Address */ +#define CI_DNS1 128 /* Primary-DNS-Address */ +#define CI_DNS2 131 /* Secondary-DNS-Address */ + +struct ipcp_hdr_t +{ + uint16_t proto; + uint8_t code; + uint8_t id; + uint16_t len; +} __attribute__((packed)); +struct ipcp_opt_hdr_t +{ + uint8_t id; + uint8_t len; +} __attribute__((packed)); +struct ipcp_opt8_t +{ + struct ipcp_opt_hdr_t hdr; + uint8_t val; +} __attribute__((packed)); +struct ipcp_opt16_t +{ + struct ipcp_opt_hdr_t hdr; + uint16_t val; +} __attribute__((packed)); +struct ipcp_opt32_t +{ + struct ipcp_opt_hdr_t hdr; + uint32_t val; +} __attribute__((packed)); + +#define IPCP_OPT_NONE 0 +#define IPCP_OPT_ACK 1 +#define IPCP_OPT_NAK -1 +#define IPCP_OPT_REJ -2 +#define IPCP_OPT_FAIL -3 + +struct ppp_ipcp_t; +struct ipcp_option_handler_t; + +struct ipcp_option_t +{ + struct list_head entry; + int id; + int len; + int state; + struct ipcp_option_handler_t *h; +}; + +struct ipcp_option_handler_t +{ + struct list_head entry; + struct ipcp_option_t* (*init)(struct ppp_ipcp_t*); + int (*send_conf_req)(struct ppp_ipcp_t*,struct ipcp_option_t*,uint8_t*); + int (*send_conf_rej)(struct ppp_ipcp_t*,struct ipcp_option_t*,uint8_t*); + int (*send_conf_nak)(struct ppp_ipcp_t*,struct ipcp_option_t*,uint8_t*); + int (*recv_conf_req)(struct ppp_ipcp_t*,struct ipcp_option_t*,uint8_t*); + int (*recv_conf_rej)(struct ppp_ipcp_t*,struct ipcp_option_t*,uint8_t*); + int (*recv_conf_nak)(struct ppp_ipcp_t*,struct ipcp_option_t*,uint8_t*); + int (*recv_conf_ack)(struct ppp_ipcp_t*,struct ipcp_option_t*,uint8_t*); + void (*free)(struct ppp_ipcp_t*,struct ipcp_option_t*); + void (*print)(void (*print)(const char *fmt,...), struct ipcp_option_t*,uint8_t*); +}; + +struct ppp_ipcp_t +{ + struct ppp_layer_data_t ld; + struct ppp_handler_t hnd; + struct ppp_fsm_t fsm; + struct ppp_t *ppp; + struct list_head options; + + struct list_head ropt_list; // last received ConfReq + int ropt_len; + + int conf_req_len; +}; + +int ipcp_option_register(struct ipcp_option_handler_t *h); + +#endif + diff --git a/accel-pptpd/ppp_lcp.c b/accel-pptpd/ppp_lcp.c index bfc9917..2bb7e38 100644 --- a/accel-pptpd/ppp_lcp.c +++ b/accel-pptpd/ppp_lcp.c @@ -6,7 +6,6 @@ #include "triton/triton.h" -#include "events.h" #include "log.h" #include "ppp.h" @@ -110,7 +109,6 @@ void lcp_layer_finish(struct ppp_layer_data_t *ld) ppp_unregister_handler(lcp->ppp,&lcp->hnd); lcp_options_free(lcp); - } void lcp_layer_free(struct ppp_layer_data_t *ld) @@ -299,9 +297,17 @@ static int lcp_recv_conf_req(struct ppp_lcp_t *lcp,uint8_t *data,int size) r=lopt->h->recv_conf_req(lcp,lopt,(uint8_t*)ropt->hdr); lopt->state=r; ropt->state=r; + ropt->lopt=lopt; if (rlopt) + { + log_debug(" "); + print_ropt(ropt); + ropt->state=LCP_OPT_REJ; + ret=LCP_OPT_REJ; + } } log_debug("]\n"); @@ -520,6 +526,7 @@ static void lcp_recv(struct ppp_handler_t*h) log_debug("recv [LCP TermReq id=%x \"%s\"]\n",hdr->id,term_msg); free(term_msg); ppp_fsm_recv_term_req(&lcp->fsm); + ppp_terminate(lcp->ppp); break; case TERMACK: term_msg=strndup((uint8_t*)(hdr+1),ntohs(hdr->len)); -- cgit v1.2.3 From 3c82158dca0e01aca17749a4c017e19d744f159e Mon Sep 17 00:00:00 2001 From: Kozlov Dmitry Date: Mon, 23 Aug 2010 14:34:37 +0400 Subject: implemented IPCP primary/secondary dns configuration option --- accel-pptpd/CMakeLists.txt | 1 + accel-pptpd/ipcp_opt_dns.c | 146 +++++++++++++++++++++++++++++++++++++++++++++ accel-pptpd/ppp.c | 11 +++- accel-pptpd/ppp.h | 1 + accel-pptpd/ppp_ipcp.c | 26 ++++---- accel-pptpd/ppp_ipcp.h | 2 +- accel-pptpd/ppp_lcp.c | 29 +++++---- 7 files changed, 191 insertions(+), 25 deletions(-) create mode 100644 accel-pptpd/ipcp_opt_dns.c diff --git a/accel-pptpd/CMakeLists.txt b/accel-pptpd/CMakeLists.txt index 452f914..e97d916 100644 --- a/accel-pptpd/CMakeLists.txt +++ b/accel-pptpd/CMakeLists.txt @@ -24,6 +24,7 @@ ADD_EXECUTABLE(pptpd ppp_ccp.c ppp_ipcp.c ipcp_opt_ipaddr.c + ipcp_opt_dns.c pwdb.c ipdb.c diff --git a/accel-pptpd/ipcp_opt_dns.c b/accel-pptpd/ipcp_opt_dns.c new file mode 100644 index 0000000..b741798 --- /dev/null +++ b/accel-pptpd/ipcp_opt_dns.c @@ -0,0 +1,146 @@ +#include +#include +#include + +#include "ppp.h" +#include "ppp_ipcp.h" +#include "log.h" +#include "ipdb.h" + +static struct ipcp_option_t *dns1_init(struct ppp_ipcp_t *ipcp); +static struct ipcp_option_t *dns2_init(struct ppp_ipcp_t *ipcp); +static void dns_free(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt); +static int dns_send_conf_req(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr); +static int dns_send_conf_nak(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr); +static int dns_recv_conf_req(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr); +static void dns1_print(void (*print)(const char *fmt,...),struct ipcp_option_t*, uint8_t *ptr); +static void dns2_print(void (*print)(const char *fmt,...),struct ipcp_option_t*, uint8_t *ptr); + +struct dns_option_t +{ + struct ipcp_option_t opt; + in_addr_t addr; +}; + +static struct ipcp_option_handler_t dns1_opt_hnd= +{ + .init=dns1_init, + .send_conf_req=dns_send_conf_req, + .send_conf_nak=dns_send_conf_nak, + .recv_conf_req=dns_recv_conf_req, + .free=dns_free, + .print=dns1_print, +}; +static struct ipcp_option_handler_t dns2_opt_hnd= +{ + .init=dns2_init, + .send_conf_req=dns_send_conf_req, + .send_conf_nak=dns_send_conf_nak, + .recv_conf_req=dns_recv_conf_req, + .free=dns_free, + .print=dns2_print, +}; + +static struct ipcp_option_t *dns1_init(struct ppp_ipcp_t *ipcp) +{ + struct dns_option_t *dns_opt=malloc(sizeof(*dns_opt)); + memset(dns_opt,0,sizeof(*dns_opt)); + dns_opt->opt.id=CI_DNS1; + dns_opt->opt.len=6; + + return &dns_opt->opt; +} + +static struct ipcp_option_t *dns2_init(struct ppp_ipcp_t *ipcp) +{ + struct dns_option_t *dns_opt=malloc(sizeof(*dns_opt)); + memset(dns_opt,0,sizeof(*dns_opt)); + dns_opt->opt.id=CI_DNS2; + dns_opt->opt.len=6; + + return &dns_opt->opt; +} + +static void dns_free(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt) +{ + struct dns_option_t *dns_opt=container_of(opt,typeof(*dns_opt),opt); + + free(dns_opt); +} + +static int dns_send_conf_req(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr) +{ + struct dns_option_t *dns_opt=container_of(opt,typeof(*dns_opt),opt); + struct ipcp_opt32_t *opt32=(struct ipcp_opt32_t*)ptr; + + if (!dns_opt->addr) + return 0; + opt32->hdr.id=dns_opt->opt.id; + opt32->hdr.len=6; + opt32->val=dns_opt->addr; + return 6; +} + +static int dns_send_conf_nak(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr) +{ + struct dns_option_t *dns_opt=container_of(opt,typeof(*dns_opt),opt); + struct ipcp_opt32_t *opt32=(struct ipcp_opt32_t*)ptr; + opt32->hdr.id=dns_opt->opt.id; + opt32->hdr.len=6; + opt32->val=dns_opt->addr; + return 6; +} + +static int dns_recv_conf_req(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr) +{ + struct dns_option_t *dns_opt=container_of(opt,typeof(*dns_opt),opt); + struct ipcp_opt32_t *opt32=(struct ipcp_opt32_t*)ptr; + + if (!dns_opt->addr) + { + if (dns_opt->opt.id==CI_DNS1) dns_opt->addr=inet_addr("10.0.0.1"); + else dns_opt->addr=inet_addr("10.0.0.2"); + + if (!dns_opt->addr) + { + dns_opt->addr=opt32->val; + return IPCP_OPT_ACK; + } + } + + if (dns_opt->addr==opt32->val) + return IPCP_OPT_ACK; + + return IPCP_OPT_NAK; +} + +static void dns1_print(void (*print)(const char *fmt,...),struct ipcp_option_t *opt, uint8_t *ptr) +{ + struct dns_option_t *dns_opt=container_of(opt,typeof(*dns_opt),opt); + struct ipcp_opt32_t *opt32=(struct ipcp_opt32_t*)ptr; + struct in_addr in; + + if (ptr) in.s_addr=opt32->val; + else in.s_addr=dns_opt->addr; + + print("",inet_ntoa(in)); +} + +static void dns2_print(void (*print)(const char *fmt,...),struct ipcp_option_t *opt, uint8_t *ptr) +{ + struct dns_option_t *dns_opt=container_of(opt,typeof(*dns_opt),opt); + struct ipcp_opt32_t *opt32=(struct ipcp_opt32_t*)ptr; + struct in_addr in; + + if (ptr) in.s_addr=opt32->val; + else in.s_addr=dns_opt->addr; + + print("",inet_ntoa(in)); +} + +static void __init dns_opt_init() +{ + ipcp_option_register(&dns1_opt_hnd); + ipcp_option_register(&dns2_opt_hnd); +} + diff --git a/accel-pptpd/ppp.c b/accel-pptpd/ppp.c index 40f5ff7..518f757 100644 --- a/accel-pptpd/ppp.c +++ b/accel-pptpd/ppp.c @@ -255,7 +255,10 @@ void ppp_layer_started(struct ppp_t *ppp, struct ppp_layer_data_t *d) { n=list_entry(n->entry.next,typeof(*n),entry); list_for_each_entry(d,&n->items,entry) + { + d->starting=1; d->layer->start(d); + } } } @@ -263,13 +266,14 @@ void ppp_layer_finished(struct ppp_t *ppp, struct ppp_layer_data_t *d) { struct layer_node_t *n=d->node; + d->starting=0; d->started=0; list_for_each_entry(n,&ppp->layers,entry) { list_for_each_entry(d,&n->items,entry) { - if (d->started) + if (d->starting) return; } } @@ -288,7 +292,7 @@ void ppp_terminate(struct ppp_t *ppp) { list_for_each_entry(d,&n->items,entry) { - if (d->started) + if (d->starting) { s=1; d->layer->finish(d); @@ -394,7 +398,10 @@ static void start_first_layer(struct ppp_t *ppp) n=list_entry(ppp->layers.next,typeof(*n),entry); list_for_each_entry(d,&n->items,entry) + { + d->starting=1; d->layer->start(d); + } } struct ppp_layer_data_t *ppp_find_layer_data(struct ppp_t *ppp, struct ppp_layer_t *layer) diff --git a/accel-pptpd/ppp.h b/accel-pptpd/ppp.h index 9d8cdf1..39a0d41 100644 --- a/accel-pptpd/ppp.h +++ b/accel-pptpd/ppp.h @@ -95,6 +95,7 @@ struct ppp_layer_data_t struct list_head entry; struct ppp_layer_t *layer; struct layer_node_t *node; + int starting:1; int started:1; }; diff --git a/accel-pptpd/ppp_ipcp.c b/accel-pptpd/ppp_ipcp.c index e008117..5a37546 100644 --- a/accel-pptpd/ppp_ipcp.c +++ b/accel-pptpd/ppp_ipcp.c @@ -107,6 +107,8 @@ void ipcp_layer_finish(struct ppp_layer_data_t *ld) log_debug("ipcp_layer_finish\n"); + ppp_fsm_lower_down(&ipcp->fsm); + ppp_unregister_handler(ipcp->ppp,&ipcp->hnd); ipcp_options_free(ipcp); @@ -118,7 +120,7 @@ void ipcp_layer_free(struct ppp_layer_data_t *ld) struct ppp_ipcp_t *ipcp=container_of(ld,typeof(*ipcp),ld); log_debug("ipcp_layer_free\n"); - + free(ipcp); } @@ -146,7 +148,7 @@ static void print_ropt(struct recv_opt_t *ropt) { log_debug(" %x",ptr[i]); } - log_debug(">"); + log_debug(" >"); } static void send_conf_req(struct ppp_fsm_t *fsm) @@ -199,7 +201,7 @@ static void send_conf_nak(struct ppp_fsm_t *fsm) struct ppp_ipcp_t *ipcp=container_of(fsm,typeof(*ipcp),fsm); uint8_t *buf=malloc(ipcp->conf_req_len), *ptr=buf; struct ipcp_hdr_t *ipcp_hdr=(struct ipcp_hdr_t*)ptr; - struct ipcp_option_t *lopt; + struct recv_opt_t *ropt; log_debug("send [IPCP ConfNak id=%x",ipcp->fsm.recv_id); @@ -210,13 +212,13 @@ static void send_conf_nak(struct ppp_fsm_t *fsm) ptr+=sizeof(*ipcp_hdr); - list_for_each_entry(lopt,&ipcp->options,entry) + list_for_each_entry(ropt,&ipcp->ropt_list,entry) { - if (lopt->state==IPCP_OPT_NAK) + if (ropt->state==IPCP_OPT_NAK) { log_debug(" "); - lopt->h->print(log_debug,lopt,NULL); - ptr+=lopt->h->send_conf_nak(ipcp,lopt,ptr); + ropt->lopt->h->print(log_debug,ropt->lopt,NULL); + ptr+=ropt->lopt->h->send_conf_nak(ipcp,ropt->lopt,ptr); } } @@ -361,7 +363,9 @@ static int ipcp_recv_conf_rej(struct ppp_ipcp_t *ipcp,uint8_t *data,int size) { if (lopt->id==hdr->id) { - if (lopt->h->recv_conf_rej(ipcp,lopt,data)) + if (!lopt->h->recv_conf_rej) + res=-1; + else if (lopt->h->recv_conf_rej(ipcp,lopt,data)) res=-1; break; } @@ -498,8 +502,10 @@ static void ipcp_recv(struct ppp_handler_t*h) ppp_fsm_recv_conf_rej(&ipcp->fsm); break; case CONFREJ: - ipcp_recv_conf_rej(ipcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); - ppp_fsm_recv_conf_rej(&ipcp->fsm); + if (ipcp_recv_conf_rej(ipcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN)) + ppp_terminate(ipcp->ppp); + else + ppp_fsm_recv_conf_rej(&ipcp->fsm); break; case TERMREQ: term_msg=strndup((uint8_t*)(hdr+1),ntohs(hdr->len)); diff --git a/accel-pptpd/ppp_ipcp.h b/accel-pptpd/ppp_ipcp.h index 0f83d44..a2ce3b3 100644 --- a/accel-pptpd/ppp_ipcp.h +++ b/accel-pptpd/ppp_ipcp.h @@ -10,7 +10,7 @@ */ #define CI_COMP 2 /* IP-Compress-Protocol */ #define CI_ADDR 3 /* IP-Address */ -#define CI_DNS1 128 /* Primary-DNS-Address */ +#define CI_DNS1 129 /* Primary-DNS-Address */ #define CI_DNS2 131 /* Secondary-DNS-Address */ struct ipcp_hdr_t diff --git a/accel-pptpd/ppp_lcp.c b/accel-pptpd/ppp_lcp.c index 2bb7e38..da0034c 100644 --- a/accel-pptpd/ppp_lcp.c +++ b/accel-pptpd/ppp_lcp.c @@ -106,9 +106,7 @@ void lcp_layer_finish(struct ppp_layer_data_t *ld) struct ppp_lcp_t *lcp=container_of(ld,typeof(*lcp),ld); log_debug("lcp_layer_finish\n"); - - ppp_unregister_handler(lcp->ppp,&lcp->hnd); - lcp_options_free(lcp); + ppp_fsm_close(&lcp->fsm); } void lcp_layer_free(struct ppp_layer_data_t *ld) @@ -117,6 +115,9 @@ void lcp_layer_free(struct ppp_layer_data_t *ld) log_debug("lcp_layer_free\n"); + ppp_unregister_handler(lcp->ppp,&lcp->hnd); + lcp_options_free(lcp); + free(lcp); } @@ -144,7 +145,7 @@ static void print_ropt(struct recv_opt_t *ropt) { log_debug(" %x",ptr[i]); } - log_debug(">"); + log_debug(" >"); } static void send_conf_req(struct ppp_fsm_t *fsm) @@ -197,7 +198,7 @@ static void send_conf_nak(struct ppp_fsm_t *fsm) struct ppp_lcp_t *lcp=container_of(fsm,typeof(*lcp),fsm); uint8_t *buf=malloc(lcp->conf_req_len), *ptr=buf; struct lcp_hdr_t *lcp_hdr=(struct lcp_hdr_t*)ptr; - struct lcp_option_t *lopt; + struct recv_opt_t *ropt; log_debug("send [LCP ConfNak id=%x",lcp->fsm.recv_id); @@ -208,13 +209,13 @@ static void send_conf_nak(struct ppp_fsm_t *fsm) ptr+=sizeof(*lcp_hdr); - list_for_each_entry(lopt,&lcp->options,entry) + list_for_each_entry(ropt,&lcp->ropt_list,entry) { - if (lopt->state==LCP_OPT_NAK) + if (ropt->state==LCP_OPT_NAK) { log_debug(" "); - lopt->h->print(log_debug,lopt,NULL); - ptr+=lopt->h->send_conf_nak(lcp,lopt,ptr); + ropt->lopt->h->print(log_debug,ropt->lopt,NULL); + ptr+=ropt->lopt->h->send_conf_nak(lcp,ropt->lopt,ptr); } } @@ -358,7 +359,9 @@ static int lcp_recv_conf_rej(struct ppp_lcp_t *lcp,uint8_t *data,int size) { if (lopt->id==hdr->id) { - if (lopt->h->recv_conf_rej(lcp,lopt,data)) + if (!lopt->h->recv_conf_rej) + res=-1; + else if (lopt->h->recv_conf_rej(lcp,lopt,data)) res=-1; break; } @@ -518,8 +521,10 @@ static void lcp_recv(struct ppp_handler_t*h) ppp_fsm_recv_conf_rej(&lcp->fsm); break; case CONFREJ: - lcp_recv_conf_rej(lcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); - ppp_fsm_recv_conf_rej(&lcp->fsm); + if (lcp_recv_conf_rej(lcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN)) + ppp_terminate(lcp->ppp); + else + ppp_fsm_recv_conf_rej(&lcp->fsm); break; case TERMREQ: term_msg=strndup((uint8_t*)(hdr+1),ntohs(hdr->len)); -- cgit v1.2.3 From 33e8d91d44655aadf76abc3551ca7bea3e7ea8aa Mon Sep 17 00:00:00 2001 From: Kozlov Dmitry Date: Mon, 23 Aug 2010 15:23:30 +0400 Subject: implemented base ccp module --- accel-pptpd/CMakeLists.txt | 3 +- accel-pptpd/ppp_ccp.c | 561 ++++++++++++++++++++++++++++++++++++++++++++- accel-pptpd/ppp_ccp.h | 94 ++++++++ accel-pptpd/ppp_ipcp.c | 1 + accel-pptpd/ppp_lcp.c | 1 + 5 files changed, 656 insertions(+), 4 deletions(-) create mode 100644 accel-pptpd/ppp_ccp.h diff --git a/accel-pptpd/CMakeLists.txt b/accel-pptpd/CMakeLists.txt index e97d916..bbe59b8 100644 --- a/accel-pptpd/CMakeLists.txt +++ b/accel-pptpd/CMakeLists.txt @@ -21,11 +21,12 @@ ADD_EXECUTABLE(pptpd ppp_auth.c auth_pap.c - ppp_ccp.c ppp_ipcp.c ipcp_opt_ipaddr.c ipcp_opt_dns.c + ppp_ccp.c + pwdb.c ipdb.c ) diff --git a/accel-pptpd/ppp_ccp.c b/accel-pptpd/ppp_ccp.c index 2f3ce4a..0a7246d 100644 --- a/accel-pptpd/ppp_ccp.c +++ b/accel-pptpd/ppp_ccp.c @@ -1,12 +1,567 @@ +#include +#include +#include +#include +#include + +#include "triton/triton.h" + +#include "log.h" + #include "ppp.h" +#include "ppp_ccp.h" -int ccp_start(struct ppp_t *ppp) +struct recv_opt_t { - return 0; + struct list_head entry; + struct ccp_opt_hdr_t *hdr; + int len; + int state; + struct ccp_option_t *lopt; +}; + +static LIST_HEAD(option_handlers); + +static void ccp_layer_up(struct ppp_fsm_t*); +static void ccp_layer_down(struct ppp_fsm_t*); +static void send_conf_req(struct ppp_fsm_t*); +static void send_conf_ack(struct ppp_fsm_t*); +static void send_conf_nak(struct ppp_fsm_t*); +static void send_conf_rej(struct ppp_fsm_t*); +static void ccp_recv(struct ppp_handler_t*); + +static void ccp_options_init(struct ppp_ccp_t *ccp) +{ + struct ccp_option_t *lopt; + struct ccp_option_handler_t *h; + + INIT_LIST_HEAD(&ccp->options); + + list_for_each_entry(h,&option_handlers,entry) + { + lopt=h->init(ccp); + if (lopt) + { + lopt->h=h; + list_add_tail(&lopt->entry,&ccp->options); + ccp->conf_req_len+=lopt->len; + } + } +} + +static void ccp_options_free(struct ppp_ccp_t *ccp) +{ + struct ccp_option_t *lopt; + + while(!list_empty(&ccp->options)) + { + lopt=list_entry(ccp->options.next,typeof(*lopt),entry); + list_del(&lopt->entry); + lopt->h->free(ccp,lopt); + } +} + +static struct ppp_layer_data_t *ccp_layer_init(struct ppp_t *ppp) +{ + struct ppp_ccp_t *ccp=malloc(sizeof(*ccp)); + memset(ccp,0,sizeof(*ccp)); + + log_debug("ccp_layer_init\n"); + + ccp->ppp=ppp; + ccp->fsm.ppp=ppp; + + ccp->hnd.proto=PPP_CCP; + ccp->hnd.recv=ccp_recv; + + ppp_register_unit_handler(ppp,&ccp->hnd); + + ppp_fsm_init(&ccp->fsm); + + ccp->fsm.layer_up=ccp_layer_up; + ccp->fsm.layer_finished=ccp_layer_down; + ccp->fsm.send_conf_req=send_conf_req; + ccp->fsm.send_conf_ack=send_conf_ack; + ccp->fsm.send_conf_nak=send_conf_nak; + ccp->fsm.send_conf_rej=send_conf_rej; + + INIT_LIST_HEAD(&ccp->ropt_list); + + return &ccp->ld; +} + +void ccp_layer_start(struct ppp_layer_data_t *ld) +{ + struct ppp_ccp_t *ccp=container_of(ld,typeof(*ccp),ld); + + log_debug("ccp_layer_start\n"); + + ccp_options_init(ccp); + ppp_fsm_lower_up(&ccp->fsm); + ppp_fsm_open(&ccp->fsm); +} + +void ccp_layer_finish(struct ppp_layer_data_t *ld) +{ + struct ppp_ccp_t *ccp=container_of(ld,typeof(*ccp),ld); + + log_debug("ccp_layer_finish\n"); + + ppp_fsm_lower_down(&ccp->fsm); + + ppp_unregister_handler(ccp->ppp,&ccp->hnd); + ccp_options_free(ccp); + + ppp_layer_finished(ccp->ppp,ld); +} + +void ccp_layer_free(struct ppp_layer_data_t *ld) +{ + struct ppp_ccp_t *ccp=container_of(ld,typeof(*ccp),ld); + + log_debug("ccp_layer_free\n"); + + free(ccp); +} + +static void ccp_layer_up(struct ppp_fsm_t *fsm) +{ + struct ppp_ccp_t *ccp=container_of(fsm,typeof(*ccp),fsm); + log_debug("ccp_layer_started\n"); + ppp_layer_started(ccp->ppp,&ccp->ld); +} + +static void ccp_layer_down(struct ppp_fsm_t *fsm) +{ + struct ppp_ccp_t *ccp=container_of(fsm,typeof(*ccp),fsm); + log_debug("ccp_layer_finished\n"); + ppp_layer_finished(ccp->ppp,&ccp->ld); +} + +static void print_ropt(struct recv_opt_t *ropt) +{ + int i; + uint8_t *ptr=(uint8_t*)ropt->hdr; + + log_debug(" <"); + for(i=0; ilen; i++) + { + log_debug(" %x",ptr[i]); + } + log_debug(" >"); +} + +static void send_conf_req(struct ppp_fsm_t *fsm) +{ + struct ppp_ccp_t *ccp=container_of(fsm,typeof(*ccp),fsm); + uint8_t *buf=malloc(ccp->conf_req_len), *ptr=buf; + struct ccp_hdr_t *ccp_hdr=(struct ccp_hdr_t*)ptr; + struct ccp_option_t *lopt; + int n; + + log_debug("send [CCP ConfReq"); + ccp_hdr->proto=htons(PPP_CCP); + ccp_hdr->code=CONFREQ; + ccp_hdr->id=++ccp->fsm.id; + ccp_hdr->len=0; + log_debug(" id=%x",ccp_hdr->id); + + ptr+=sizeof(*ccp_hdr); + + list_for_each_entry(lopt,&ccp->options,entry) + { + n=lopt->h->send_conf_req(ccp,lopt,ptr); + if (n) + { + log_debug(" "); + lopt->h->print(log_debug,lopt,NULL); + ptr+=n; + } + } + + log_debug("]\n"); + + ccp_hdr->len=htons((ptr-buf)-2); + ppp_unit_send(ccp->ppp,ccp_hdr,ptr-buf); +} + +static void send_conf_ack(struct ppp_fsm_t *fsm) +{ + struct ppp_ccp_t *ccp=container_of(fsm,typeof(*ccp),fsm); + struct ccp_hdr_t *hdr=(struct ccp_hdr_t*)ccp->ppp->unit_buf; + + hdr->code=CONFACK; + log_debug("send [CCP ConfAck id=%x ]\n",ccp->fsm.recv_id); + + ppp_unit_send(ccp->ppp,hdr,ntohs(hdr->len)+2); +} + +static void send_conf_nak(struct ppp_fsm_t *fsm) +{ + struct ppp_ccp_t *ccp=container_of(fsm,typeof(*ccp),fsm); + uint8_t *buf=malloc(ccp->conf_req_len), *ptr=buf; + struct ccp_hdr_t *ccp_hdr=(struct ccp_hdr_t*)ptr; + struct recv_opt_t *ropt; + + log_debug("send [CCP ConfNak id=%x",ccp->fsm.recv_id); + + ccp_hdr->proto=htons(PPP_CCP); + ccp_hdr->code=CONFNAK; + ccp_hdr->id=ccp->fsm.recv_id; + ccp_hdr->len=0; + + ptr+=sizeof(*ccp_hdr); + + list_for_each_entry(ropt,&ccp->ropt_list,entry) + { + if (ropt->state==CCP_OPT_NAK) + { + log_debug(" "); + ropt->lopt->h->print(log_debug,ropt->lopt,NULL); + ptr+=ropt->lopt->h->send_conf_nak(ccp,ropt->lopt,ptr); + } + } + + log_debug("]\n"); + + ccp_hdr->len=htons((ptr-buf)-2); + ppp_unit_send(ccp->ppp,ccp_hdr,ptr-buf); +} + +static void send_conf_rej(struct ppp_fsm_t *fsm) +{ + struct ppp_ccp_t *ccp=container_of(fsm,typeof(*ccp),fsm); + uint8_t *buf=malloc(ccp->ropt_len), *ptr=buf; + struct ccp_hdr_t *ccp_hdr=(struct ccp_hdr_t*)ptr; + struct recv_opt_t *ropt; + + log_debug("send [CCP ConfRej id=%x ",ccp->fsm.recv_id); + + ccp_hdr->proto=htons(PPP_CCP); + ccp_hdr->code=CONFREJ; + ccp_hdr->id=ccp->fsm.recv_id; + ccp_hdr->len=0; + + ptr+=sizeof(*ccp_hdr); + + list_for_each_entry(ropt,&ccp->ropt_list,entry) + { + if (ropt->state==CCP_OPT_REJ) + { + log_debug(" "); + if (ropt->lopt) ropt->lopt->h->print(log_debug,ropt->lopt,(uint8_t*)ropt->hdr); + else print_ropt(ropt); + memcpy(ptr,ropt->hdr,ropt->len); + ptr+=ropt->len; + } + } + + log_debug("]\n"); + + ccp_hdr->len=htons((ptr-buf)-2); + ppp_unit_send(ccp->ppp,ccp_hdr,ptr-buf); +} + +static int ccp_recv_conf_req(struct ppp_ccp_t *ccp,uint8_t *data,int size) +{ + struct ccp_opt_hdr_t *hdr; + struct recv_opt_t *ropt; + struct ccp_option_t *lopt; + int r,ret=1,ack=0; + + ccp->ropt_len=size; + + while(size>0) + { + hdr=(struct ccp_opt_hdr_t *)data; + + ropt=malloc(sizeof(*ropt)); + memset(ropt,0,sizeof(*ropt)); + if (hdr->len>size) ropt->len=size; + else ropt->len=hdr->len; + ropt->hdr=hdr; + ropt->state=CCP_OPT_NONE; + list_add_tail(&ropt->entry,&ccp->ropt_list); + + data+=ropt->len; + size-=ropt->len; + } + + list_for_each_entry(lopt,&ccp->options,entry) + lopt->state=CCP_OPT_NONE; + + log_debug("recv [CCP ConfReq id=%x",ccp->fsm.recv_id); + list_for_each_entry(ropt,&ccp->ropt_list,entry) + { + list_for_each_entry(lopt,&ccp->options,entry) + { + if (lopt->id==ropt->hdr->id) + { + log_debug(" "); + lopt->h->print(log_debug,lopt,(uint8_t*)ropt->hdr); + r=lopt->h->recv_conf_req(ccp,lopt,(uint8_t*)ropt->hdr); + if (ack) + { + lopt->state=CCP_OPT_REJ; + ropt->state=CCP_OPT_REJ; + }else + { + lopt->state=r; + ropt->state=r; + } + ropt->lopt=lopt; + if (rstate==CCP_OPT_ACK || ropt->state==CCP_OPT_NAK) + ack=1; + else if (!ropt->lopt) + { + log_debug(" "); + print_ropt(ropt); + ropt->state=CCP_OPT_REJ; + ret=CCP_OPT_REJ; + } + } + log_debug("]\n"); + + /*list_for_each_entry(lopt,&ccp->options,entry) + { + if (lopt->state==CCP_OPT_NONE) + { + r=lopt->h->recv_conf_req(ccp,lopt,NULL); + lopt->state=r; + if (rropt_list)) + { + ropt=list_entry(ccp->ropt_list.next,typeof(*ropt),entry); + list_del(&ropt->entry); + free(ropt); + } +} + +static int ccp_recv_conf_rej(struct ppp_ccp_t *ccp,uint8_t *data,int size) +{ + struct ccp_opt_hdr_t *hdr; + struct ccp_option_t *lopt; + int res=0; + + log_debug("recv [CCP ConfRej id=%x",ccp->fsm.recv_id); + + if (ccp->fsm.recv_id!=ccp->fsm.id) + { + log_debug(": id mismatch ]\n"); + return 0; + } + + while(size>0) + { + hdr=(struct ccp_opt_hdr_t *)data; + + list_for_each_entry(lopt,&ccp->options,entry) + { + if (lopt->id==hdr->id) + { + if (!lopt->h->recv_conf_rej) + res=-1; + else if (lopt->h->recv_conf_rej(ccp,lopt,data)) + res=-1; + break; + } + } + + data+=hdr->len; + size-=hdr->len; + } + log_debug("]\n"); + return res; } -void ccp_finish(struct ppp_t *ppp) +static int ccp_recv_conf_nak(struct ppp_ccp_t *ccp,uint8_t *data,int size) { + struct ccp_opt_hdr_t *hdr; + struct ccp_option_t *lopt; + int res=0; + log_debug("recv [CCP ConfNak id=%x",ccp->fsm.recv_id); + + if (ccp->fsm.recv_id!=ccp->fsm.id) + { + log_debug(": id mismatch ]\n"); + return 0; + } + + while(size>0) + { + hdr=(struct ccp_opt_hdr_t *)data; + + list_for_each_entry(lopt,&ccp->options,entry) + { + if (lopt->id==hdr->id) + { + log_debug(" "); + lopt->h->print(log_debug,lopt,data); + if (lopt->h->recv_conf_nak(ccp,lopt,data)) + res=-1; + break; + } + } + + data+=hdr->len; + size-=hdr->len; + } + log_debug("]\n"); + return res; } +static int ccp_recv_conf_ack(struct ppp_ccp_t *ccp,uint8_t *data,int size) +{ + struct ccp_opt_hdr_t *hdr; + struct ccp_option_t *lopt; + int res=0; + + log_debug("recv [CCP ConfAck id=%x",ccp->fsm.recv_id); + + if (ccp->fsm.recv_id!=ccp->fsm.id) + { + log_debug(": id mismatch ]\n"); + return 0; + } + + while(size>0) + { + hdr=(struct ccp_opt_hdr_t *)data; + + list_for_each_entry(lopt,&ccp->options,entry) + { + if (lopt->id==hdr->id) + { + log_debug(" "); + lopt->h->print(log_debug,lopt,data); + if (lopt->h->recv_conf_ack) + lopt->h->recv_conf_ack(ccp,lopt,data); + break; + } + } + + data+=hdr->len; + size-=hdr->len; + } + log_debug("]\n"); + return res; +} + +static void ccp_recv(struct ppp_handler_t*h) +{ + struct ccp_hdr_t *hdr; + struct ppp_ccp_t *ccp=container_of(h,typeof(*ccp),hnd); + int r; + char *term_msg; + + if (ccp->ppp->unit_buf_sizeppp->unit_buf; + if (ntohs(hdr->len)fsm.recv_id=hdr->id; + switch(hdr->code) + { + case CONFREQ: + r=ccp_recv_conf_req(ccp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); + switch(r) + { + case CCP_OPT_ACK: + ppp_fsm_recv_conf_req_ack(&ccp->fsm); + break; + case CCP_OPT_NAK: + ppp_fsm_recv_conf_req_nak(&ccp->fsm); + break; + case CCP_OPT_REJ: + ppp_fsm_recv_conf_req_rej(&ccp->fsm); + break; + } + ccp_free_conf_req(ccp); + if (r==CCP_OPT_FAIL) + ppp_terminate(ccp->ppp); + break; + case CONFACK: + ccp_recv_conf_ack(ccp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); + ppp_fsm_recv_conf_ack(&ccp->fsm); + break; + case CONFNAK: + ccp_recv_conf_nak(ccp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); + ppp_fsm_recv_conf_rej(&ccp->fsm); + break; + case CONFREJ: + if (ccp_recv_conf_rej(ccp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN)) + ppp_terminate(ccp->ppp); + else + ppp_fsm_recv_conf_rej(&ccp->fsm); + break; + case TERMREQ: + term_msg=strndup((uint8_t*)(hdr+1),ntohs(hdr->len)); + log_debug("recv [CCP TermReq id=%x \"%s\"]\n",hdr->id,term_msg); + free(term_msg); + ppp_fsm_recv_term_req(&ccp->fsm); + ppp_terminate(ccp->ppp); + break; + case TERMACK: + term_msg=strndup((uint8_t*)(hdr+1),ntohs(hdr->len)); + log_debug("recv [CCP TermAck id=%x \"%s\"]\n",hdr->id,term_msg); + free(term_msg); + ppp_fsm_recv_term_ack(&ccp->fsm); + break; + case CODEREJ: + log_debug("recv [CCP CodeRej id=%x]\n",hdr->id); + ppp_fsm_recv_code_rej_bad(&ccp->fsm); + break; + default: + ppp_fsm_recv_unk(&ccp->fsm); + break; + } +} + +int ccp_option_register(struct ccp_option_handler_t *h) +{ + /*struct ccp_option_drv_t *p; + + list_for_each_entry(p,option_drv_list,entry) + if (p->id==h->id) + return -1;*/ + + list_add_tail(&h->entry,&option_handlers); + + return 0; +} + +static struct ppp_layer_t ccp_layer= +{ + .init=ccp_layer_init, + .start=ccp_layer_start, + .finish=ccp_layer_finish, + .free=ccp_layer_free, +}; + +static void __init ccp_init(void) +{ + ppp_register_layer("ccp",&ccp_layer); +} diff --git a/accel-pptpd/ppp_ccp.h b/accel-pptpd/ppp_ccp.h new file mode 100644 index 0000000..6aca0ab --- /dev/null +++ b/accel-pptpd/ppp_ccp.h @@ -0,0 +1,94 @@ +#ifndef PPP_CCP_H +#define PPP_CCP_H + +#include + +#include "triton/triton.h" +#include "ppp_fsm.h" +/* + * Options. + */ +#define CI_COMP 2 /* IP-Compress-Protocol */ +#define CI_ADDR 3 /* IP-Address */ +#define CI_DNS1 129 /* Primary-DNS-Address */ +#define CI_DNS2 131 /* Secondary-DNS-Address */ + +struct ccp_hdr_t +{ + uint16_t proto; + uint8_t code; + uint8_t id; + uint16_t len; +} __attribute__((packed)); +struct ccp_opt_hdr_t +{ + uint8_t id; + uint8_t len; +} __attribute__((packed)); +struct ccp_opt8_t +{ + struct ccp_opt_hdr_t hdr; + uint8_t val; +} __attribute__((packed)); +struct ccp_opt16_t +{ + struct ccp_opt_hdr_t hdr; + uint16_t val; +} __attribute__((packed)); +struct ccp_opt32_t +{ + struct ccp_opt_hdr_t hdr; + uint32_t val; +} __attribute__((packed)); + +#define CCP_OPT_NONE 0 +#define CCP_OPT_ACK 1 +#define CCP_OPT_NAK -1 +#define CCP_OPT_REJ -2 +#define CCP_OPT_FAIL -3 + +struct ppp_ccp_t; +struct ccp_option_handler_t; + +struct ccp_option_t +{ + struct list_head entry; + int id; + int len; + int state; + struct ccp_option_handler_t *h; +}; + +struct ccp_option_handler_t +{ + struct list_head entry; + struct ccp_option_t* (*init)(struct ppp_ccp_t*); + int (*send_conf_req)(struct ppp_ccp_t*,struct ccp_option_t*,uint8_t*); + int (*send_conf_rej)(struct ppp_ccp_t*,struct ccp_option_t*,uint8_t*); + int (*send_conf_nak)(struct ppp_ccp_t*,struct ccp_option_t*,uint8_t*); + int (*recv_conf_req)(struct ppp_ccp_t*,struct ccp_option_t*,uint8_t*); + int (*recv_conf_rej)(struct ppp_ccp_t*,struct ccp_option_t*,uint8_t*); + int (*recv_conf_nak)(struct ppp_ccp_t*,struct ccp_option_t*,uint8_t*); + int (*recv_conf_ack)(struct ppp_ccp_t*,struct ccp_option_t*,uint8_t*); + void (*free)(struct ppp_ccp_t*,struct ccp_option_t*); + void (*print)(void (*print)(const char *fmt,...), struct ccp_option_t*,uint8_t*); +}; + +struct ppp_ccp_t +{ + struct ppp_layer_data_t ld; + struct ppp_handler_t hnd; + struct ppp_fsm_t fsm; + struct ppp_t *ppp; + struct list_head options; + + struct list_head ropt_list; // last received ConfReq + int ropt_len; + + int conf_req_len; +}; + +int ccp_option_register(struct ccp_option_handler_t *h); + +#endif + diff --git a/accel-pptpd/ppp_ipcp.c b/accel-pptpd/ppp_ipcp.c index 5a37546..fb089a5 100644 --- a/accel-pptpd/ppp_ipcp.c +++ b/accel-pptpd/ppp_ipcp.c @@ -304,6 +304,7 @@ static int ipcp_recv_conf_req(struct ppp_ipcp_t *ipcp,uint8_t *data,int size) ropt->state=r; ropt->lopt=lopt; if (rlopt) diff --git a/accel-pptpd/ppp_lcp.c b/accel-pptpd/ppp_lcp.c index da0034c..b9d0de3 100644 --- a/accel-pptpd/ppp_lcp.c +++ b/accel-pptpd/ppp_lcp.c @@ -300,6 +300,7 @@ static int lcp_recv_conf_req(struct ppp_lcp_t *lcp,uint8_t *data,int size) ropt->state=r; ropt->lopt=lopt; if (rlopt) -- cgit v1.2.3 From 38a497e4219c19b81e4a7eb6a89814d86357e2fd Mon Sep 17 00:00:00 2001 From: Kozlov Dmitry Date: Mon, 23 Aug 2010 18:27:31 +0400 Subject: implemented chap authentication fixed auth type selection when configure-nak received --- accel-pptpd/CMakeLists.txt | 3 +- accel-pptpd/auth_chap.c | 294 ++++++++++++++++++++++++++++++++++++++++++ accel-pptpd/auth_pap.c | 6 +- accel-pptpd/ipcp_opt_ipaddr.c | 1 + accel-pptpd/log.c | 4 +- accel-pptpd/ppp_auth.c | 52 +++++--- accel-pptpd/ppp_ccp.c | 20 ++- accel-pptpd/ppp_ipcp.c | 20 ++- accel-pptpd/ppp_lcp.c | 12 +- accel-pptpd/pwdb.c | 5 + accel-pptpd/pwdb.h | 1 + 11 files changed, 383 insertions(+), 35 deletions(-) create mode 100644 accel-pptpd/auth_chap.c diff --git a/accel-pptpd/CMakeLists.txt b/accel-pptpd/CMakeLists.txt index bbe59b8..82c8a9e 100644 --- a/accel-pptpd/CMakeLists.txt +++ b/accel-pptpd/CMakeLists.txt @@ -20,6 +20,7 @@ ADD_EXECUTABLE(pptpd ppp_auth.c auth_pap.c + auth_chap.c ppp_ipcp.c ipcp_opt_ipaddr.c @@ -30,4 +31,4 @@ ADD_EXECUTABLE(pptpd pwdb.c ipdb.c ) -TARGET_LINK_LIBRARIES(pptpd pthread triton) +TARGET_LINK_LIBRARIES(pptpd pthread triton ssl) diff --git a/accel-pptpd/auth_chap.c b/accel-pptpd/auth_chap.c new file mode 100644 index 0000000..4b3d039 --- /dev/null +++ b/accel-pptpd/auth_chap.c @@ -0,0 +1,294 @@ +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include "log.h" +#include "ppp.h" +#include "ppp_auth.h" +#include "ppp_lcp.h" +#include "pwdb.h" + +#define CHAP_CHALLENGE 1 +#define CHAP_RESPONSE 2 +#define CHAP_SUCCESS 3 +#define CHAP_FAILURE 4 + +#define VALUE_SIZE 16 + +#define MSG_FAILURE "Authentication failed" +#define MSG_SUCCESS "Authentication successed" + +#define HDR_LEN (sizeof(struct chap_hdr_t)-2) + +static int urandom_fd; + +struct chap_hdr_t +{ + uint16_t proto; + uint8_t code; + uint8_t id; + uint16_t len; +} __attribute__((packed)); + +struct chap_challenge_t +{ + struct chap_hdr_t hdr; + uint8_t val_size; + uint8_t val[VALUE_SIZE]; + char name[0]; +} __attribute__((packed)); + +struct chap_failure_t +{ + struct chap_hdr_t hdr; + char message[sizeof(MSG_FAILURE)]; +} __attribute__((packed)); + +struct chap_success_t +{ + struct chap_hdr_t hdr; + char message[sizeof(MSG_SUCCESS)]; +} __attribute__((packed)); + + +struct chap_auth_data_t +{ + struct auth_data_t auth; + struct ppp_handler_t h; + struct ppp_t *ppp; + int id; + uint8_t val[VALUE_SIZE]; +}; + +static void chap_send_challenge(struct chap_auth_data_t *ad); +static void chap_recv(struct ppp_handler_t *h); + +static void print_buf(const uint8_t *buf,int size) +{ + int i; + for(i=0;iauth.proto=PPP_CHAP; + d->ppp=ppp; + + return &d->auth; +} + +static void auth_data_free(struct ppp_t *ppp,struct auth_data_t *auth) +{ + struct chap_auth_data_t *d=container_of(auth,typeof(*d),auth); + + free(d); +} + +static int chap_start(struct ppp_t *ppp, struct auth_data_t *auth) +{ + struct chap_auth_data_t *d=container_of(auth,typeof(*d),auth); + + d->h.proto=PPP_CHAP; + d->h.recv=chap_recv; + + ppp_register_chan_handler(ppp,&d->h); + + chap_send_challenge(d); + + return 0; +} + +static int chap_finish(struct ppp_t *ppp, struct auth_data_t *auth) +{ + struct chap_auth_data_t *d=container_of(auth,typeof(*d),auth); + + ppp_unregister_handler(ppp,&d->h); + + return 0; +} + +static int lcp_send_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t *ptr) +{ + *ptr=5; + return 1; +} + +static int lcp_recv_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t *ptr) +{ + if (*ptr==5) + return LCP_OPT_ACK; + return LCP_OPT_REJ; +} + +static void chap_send_failure(struct chap_auth_data_t *ad) +{ + struct chap_failure_t msg= + { + .hdr.proto=htons(PPP_CHAP), + .hdr.code=CHAP_FAILURE, + .hdr.id=++ad->id, + .hdr.len=htons(sizeof(msg)-1-2), + .message=MSG_FAILURE, + }; + + log_debug("send [CHAP Failure id=%x \"%s\"]\n",msg.hdr.id,MSG_FAILURE); + + ppp_chan_send(ad->ppp,&msg,ntohs(msg.hdr.len)+2); +} + +static void chap_send_success(struct chap_auth_data_t *ad) +{ + struct chap_success_t msg= + { + .hdr.proto=htons(PPP_CHAP), + .hdr.code=CHAP_SUCCESS, + .hdr.id=++ad->id, + .hdr.len=htons(sizeof(msg)-1-2), + .message=MSG_SUCCESS, + }; + + log_debug("send [CHAP Success id=%x \"%s\"]\n",msg.hdr.id,MSG_SUCCESS); + + ppp_chan_send(ad->ppp,&msg,ntohs(msg.hdr.len)+2); +} + +static void chap_send_challenge(struct chap_auth_data_t *ad) +{ + struct chap_challenge_t msg= + { + .hdr.proto=htons(PPP_CHAP), + .hdr.code=CHAP_CHALLENGE, + .hdr.id=++ad->id, + .hdr.len=htons(sizeof(msg)-2), + .val_size=VALUE_SIZE, + }; + + read(urandom_fd,ad->val,VALUE_SIZE); + memcpy(msg.val,ad->val,VALUE_SIZE); + + log_debug("send [CHAP Challenge id=%x <",msg.hdr.id); + print_buf(msg.val,VALUE_SIZE); + log_debug(">]\n"); + + ppp_chan_send(ad->ppp,&msg,ntohs(msg.hdr.len)+2); +} + +static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *hdr) +{ + MD5_CTX md5_ctx; + uint8_t md5[MD5_DIGEST_LENGTH]; + char *passwd; + char *name; + struct chap_challenge_t *msg=(struct chap_challenge_t*)hdr; + + log_debug("recv [CHAP Response id=%x <", msg->hdr.id); + print_buf(msg->val,msg->val_size); + log_debug(">, name=\""); + print_str(msg->name,ntohs(msg->hdr.len)-sizeof(*msg)+2); + log_debug("\"]\n"); + + if (msg->hdr.id!=ad->id) + { + log_error("chap-md5: id mismatch\n"); + chap_send_failure(ad); + ppp_terminate(ad->ppp); + } + + if (msg->val_size!=VALUE_SIZE) + { + log_error("chap-md5: value-size should be %i, expected %i\n",VALUE_SIZE,msg->val_size); + chap_send_failure(ad); + ppp_terminate(ad->ppp); + } + + name=strndup(msg->name,ntohs(msg->hdr.len)-sizeof(*msg)+2); + passwd=pwdb_get_passwd(ad->ppp,name); + if (!passwd) + { + free(name); + log_debug("chap-md5: user not found\n"); + chap_send_failure(ad); + return; + } + + MD5_Init(&md5_ctx); + MD5_Update(&md5_ctx,&msg->hdr.id,1); + MD5_Update(&md5_ctx,passwd,strlen(passwd)); + MD5_Update(&md5_ctx,ad->val,VALUE_SIZE); + MD5_Final(md5,&md5_ctx); + + if (memcmp(md5,msg->val,sizeof(md5))) + { + log_debug("chap-md5: challenge response mismatch\n"); + chap_send_failure(ad); + auth_failed(ad->ppp); + }else + { + chap_send_success(ad); + auth_successed(ad->ppp); + } + + free(name); + free(passwd); +} + +static struct ppp_auth_handler_t chap= +{ + .name="CHAP-md5", + .init=auth_data_init, + .free=auth_data_free, + .send_conf_req=lcp_send_conf_req, + .recv_conf_req=lcp_recv_conf_req, + .start=chap_start, + .finish=chap_finish, +}; + +static void chap_recv(struct ppp_handler_t *h) +{ + struct chap_auth_data_t *d=container_of(h,typeof(*d),h); + struct chap_hdr_t *hdr=(struct chap_hdr_t *)d->ppp->chan_buf; + + if (d->ppp->chan_buf_sizelen)len)ppp->chan_buf_size-2) + { + log_warn("CHAP: short packet received\n"); + return; + } + + if (hdr->code==CHAP_RESPONSE) chap_recv_response(d,hdr); + else + { + log_warn("CHAP: unknown code received %x\n",hdr->code); + } +} + +static void __init auth_chap_md5_init() +{ + urandom_fd=open("/dev/urandom",O_RDONLY); + if (urandom_fd<0) + { + log_error("chap-md5: failed to open /dev/urandom: %s\n",strerror(errno)); + return; + } + if (ppp_auth_register_handler(&chap)) + log_error("chap-md5: failed to register handler\n"); +} + diff --git a/accel-pptpd/auth_pap.c b/accel-pptpd/auth_pap.c index 85e71e6..92ddef5 100644 --- a/accel-pptpd/auth_pap.c +++ b/accel-pptpd/auth_pap.c @@ -6,6 +6,8 @@ #include "log.h" #include "ppp.h" #include "ppp_auth.h" +#include "ppp_lcp.h" +#include "pwdb.h" #define MSG_FAILED "Authentication failed" #define MSG_SUCCESSED "Authentication successed" @@ -104,7 +106,7 @@ static int lcp_send_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t * static int lcp_recv_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t *ptr) { - return 0; + return LCP_OPT_ACK; } static void pap_send_ack(struct pap_auth_data_t *p, int id) @@ -168,7 +170,7 @@ static int pap_recv_req(struct pap_auth_data_t *p,struct pap_hdr_t *hdr) peer_id=strndup((const char*)peer_id,peer_id_len); passwd=strndup((const char*)ptr,passwd_len); - if (pwdb_check(peer_id,passwd)) + if (pwdb_check(p->ppp,peer_id,passwd)) { log_warn("PAP: authentication error\n"); pap_send_nak(p,hdr->id); diff --git a/accel-pptpd/ipcp_opt_ipaddr.c b/accel-pptpd/ipcp_opt_ipaddr.c index a68212f..8eae84b 100644 --- a/accel-pptpd/ipcp_opt_ipaddr.c +++ b/accel-pptpd/ipcp_opt_ipaddr.c @@ -12,6 +12,7 @@ static void ipaddr_free(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt); static int ipaddr_send_conf_req(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr); static int ipaddr_send_conf_nak(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr); static int ipaddr_recv_conf_req(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr); +static int ipaddr_recv_conf_ack(struct ppp_ipcp_t *ipcp, struct ipcp_option_t *opt, uint8_t *ptr); static void ipaddr_print(void (*print)(const char *fmt,...),struct ipcp_option_t*, uint8_t *ptr); struct ipaddr_option_t diff --git a/accel-pptpd/log.c b/accel-pptpd/log.c index 4ee86e1..992f24d 100644 --- a/accel-pptpd/log.c +++ b/accel-pptpd/log.c @@ -33,7 +33,7 @@ #define LOG_INFO 2 #define LOG_DEBUG 3 -static FILE *log_file=NULL; +static FILE *log_file; static int log_level=10; static int log_color=1; static const char* level_name[]={"error","warning","info","debug"}; @@ -47,6 +47,8 @@ static void do_log(int level,const char *fmt,va_list ap) struct timeval tv; //pthread_mutex_lock(&lock); + if (!log_file) + log_file=stdout; if (msg_completed) { gettimeofday(&tv,NULL); diff --git a/accel-pptpd/ppp_auth.c b/accel-pptpd/ppp_auth.c index ee173a7..c7075fb 100644 --- a/accel-pptpd/ppp_auth.c +++ b/accel-pptpd/ppp_auth.c @@ -107,10 +107,15 @@ static int auth_send_conf_req(struct ppp_lcp_t *lcp, struct lcp_option_t *opt, u if (list_empty(&auth_opt->auth_list)) return 0; - if (!auth_opt->auth) + if (!auth_opt->auth || auth_opt->auth->state==LCP_OPT_NAK) { - d=list_entry(auth_opt->auth_list.next,typeof(*d),entry); - auth_opt->auth=d; + list_for_each_entry(d,&auth_opt->auth_list,entry) + { + if (d->state==LCP_OPT_NAK || d->state==LCP_OPT_REJ) + continue; + auth_opt->auth=d; + break; + } } opt16->hdr.id=CI_AUTH; @@ -126,6 +131,7 @@ static int auth_recv_conf_req(struct ppp_lcp_t *lcp, struct lcp_option_t *opt, u struct auth_option_t *auth_opt=container_of(opt,typeof(*auth_opt),opt); struct lcp_opt16_t *opt16=(struct lcp_opt16_t*)ptr; struct auth_data_t *d; + int r; if (list_empty(&auth_opt->auth_list)) return LCP_OPT_REJ; @@ -134,10 +140,13 @@ static int auth_recv_conf_req(struct ppp_lcp_t *lcp, struct lcp_option_t *opt, u { if (d->proto==ntohs(opt16->val)) { - if (d->h->recv_conf_req(lcp->ppp,d,(uint8_t*)(opt16+1))) + r=d->h->recv_conf_req(lcp->ppp,d,(uint8_t*)(opt16+1)); + if (r==LCP_OPT_FAIL) + return LCP_OPT_FAIL; + if (r==LCP_OPT_REJ) break; auth_opt->peer_auth=d; - return LCP_OPT_ACK; + return r; } } @@ -166,20 +175,16 @@ static int auth_recv_conf_ack(struct ppp_lcp_t *lcp, struct lcp_option_t *opt, u static int auth_recv_conf_nak(struct ppp_lcp_t *lcp, struct lcp_option_t *opt, uint8_t *ptr) { struct auth_option_t *auth_opt=container_of(opt,typeof(*auth_opt),opt); - struct lcp_opt16_t *opt16=(struct lcp_opt16_t*)ptr; struct auth_data_t *d; - list_for_each_entry(d,&auth_opt->auth_list,entry) + if (!auth_opt->auth) { - if (d->proto==ntohs(opt16->val)) - { - d->state=LCP_OPT_NAK; - if (d->h->recv_conf_req(lcp->ppp,d,(uint8_t*)(opt16+1))) - break; - auth_opt->auth=d; - return 0; - } + log_error("auth: unexcepcted configure-nak\n"); + return -1; } + auth_opt->auth->state=LCP_OPT_NAK; + if (auth_opt->peer_auth) + auth_opt->auth=auth_opt->peer_auth; list_for_each_entry(d,&auth_opt->auth_list,entry) { @@ -194,9 +199,22 @@ static int auth_recv_conf_nak(struct ppp_lcp_t *lcp, struct lcp_option_t *opt, u static int auth_recv_conf_rej(struct ppp_lcp_t *lcp, struct lcp_option_t *opt, uint8_t *ptr) { struct auth_option_t *auth_opt=container_of(opt,typeof(*auth_opt),opt); + struct auth_data_t *d; - if (list_empty(&auth_opt->auth_list)) - return 0; + if (!auth_opt->auth) + { + log_error("auth: unexcepcted configure-reject\n"); + return -1; + } + auth_opt->auth->state=LCP_OPT_NAK; + if (auth_opt->peer_auth) + auth_opt->auth=auth_opt->peer_auth; + + list_for_each_entry(d,&auth_opt->auth_list,entry) + { + if (d->state!=LCP_OPT_NAK) + return 0; + } log_msg("cann't negotiate authentication type\n"); return -1; diff --git a/accel-pptpd/ppp_ccp.c b/accel-pptpd/ppp_ccp.c index 0a7246d..3c8c5cd 100644 --- a/accel-pptpd/ppp_ccp.c +++ b/accel-pptpd/ppp_ccp.c @@ -449,8 +449,10 @@ static int ccp_recv_conf_ack(struct ppp_ccp_t *ccp,uint8_t *data,int size) { log_debug(" "); lopt->h->print(log_debug,lopt,data); - if (lopt->h->recv_conf_ack) - lopt->h->recv_conf_ack(ccp,lopt,data); + if (!lopt->h->recv_conf_ack) + break; + if (lopt->h->recv_conf_ack(ccp,lopt,data)) + res=-1; break; } } @@ -468,7 +470,13 @@ static void ccp_recv(struct ppp_handler_t*h) struct ppp_ccp_t *ccp=container_of(h,typeof(*ccp),hnd); int r; char *term_msg; - + + if (ccp->fsm.fsm_state==FSM_Initial || ccp->fsm.fsm_state==FSM_Closed) + { + log_error("CCP: discaring packet\n"); + return; + } + if (ccp->ppp->unit_buf_sizeppp); break; case CONFACK: - ccp_recv_conf_ack(ccp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); - ppp_fsm_recv_conf_ack(&ccp->fsm); + if (ccp_recv_conf_ack(ccp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN)) + ppp_terminate(ccp->ppp); + else + ppp_fsm_recv_conf_ack(&ccp->fsm); break; case CONFNAK: ccp_recv_conf_nak(ccp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); diff --git a/accel-pptpd/ppp_ipcp.c b/accel-pptpd/ppp_ipcp.c index fb089a5..fc25230 100644 --- a/accel-pptpd/ppp_ipcp.c +++ b/accel-pptpd/ppp_ipcp.c @@ -440,8 +440,10 @@ static int ipcp_recv_conf_ack(struct ppp_ipcp_t *ipcp,uint8_t *data,int size) { log_debug(" "); lopt->h->print(log_debug,lopt,data); - if (lopt->h->recv_conf_ack) - lopt->h->recv_conf_ack(ipcp,lopt,data); + if (!lopt->h->recv_conf_ack) + break; + if (lopt->h->recv_conf_ack(ipcp,lopt,data)) + res=-1; break; } } @@ -459,7 +461,13 @@ static void ipcp_recv(struct ppp_handler_t*h) struct ppp_ipcp_t *ipcp=container_of(h,typeof(*ipcp),hnd); int r; char *term_msg; - + + if (ipcp->fsm.fsm_state==FSM_Initial || ipcp->fsm.fsm_state==FSM_Closed) + { + log_error("IPCP: discaring packet\n"); + return; + } + if (ipcp->ppp->unit_buf_sizeppp); break; case CONFACK: - ipcp_recv_conf_ack(ipcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); - ppp_fsm_recv_conf_ack(&ipcp->fsm); + if (ipcp_recv_conf_ack(ipcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN)) + ppp_terminate(ipcp->ppp); + else + ppp_fsm_recv_conf_ack(&ipcp->fsm); break; case CONFNAK: ipcp_recv_conf_nak(ipcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); diff --git a/accel-pptpd/ppp_lcp.c b/accel-pptpd/ppp_lcp.c index b9d0de3..dbc819a 100644 --- a/accel-pptpd/ppp_lcp.c +++ b/accel-pptpd/ppp_lcp.c @@ -436,8 +436,10 @@ static int lcp_recv_conf_ack(struct ppp_lcp_t *lcp,uint8_t *data,int size) { log_debug(" "); lopt->h->print(log_debug,lopt,data); - if (lopt->h->recv_conf_ack) - lopt->h->recv_conf_ack(lcp,lopt,data); + if (!lopt->h->recv_conf_ack) + break; + if (lopt->h->recv_conf_ack(lcp,lopt,data)) + res=-1; break; } } @@ -514,8 +516,10 @@ static void lcp_recv(struct ppp_handler_t*h) ppp_terminate(lcp->ppp); break; case CONFACK: - lcp_recv_conf_ack(lcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); - ppp_fsm_recv_conf_ack(&lcp->fsm); + if (lcp_recv_conf_ack(lcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN)) + ppp_terminate(lcp->ppp); + else + ppp_fsm_recv_conf_ack(&lcp->fsm); break; case CONFNAK: lcp_recv_conf_nak(lcp,(uint8_t*)(hdr+1),ntohs(hdr->len)-PPP_HDRLEN); diff --git a/accel-pptpd/pwdb.c b/accel-pptpd/pwdb.c index 12130b3..4a03846 100644 --- a/accel-pptpd/pwdb.c +++ b/accel-pptpd/pwdb.c @@ -5,3 +5,8 @@ int pwdb_check(struct ppp_t *ppp,const char *username,const char *password) { return 0; } + +char *pwdb_get_passwd(struct ppp_t *ppp, const char *username) +{ + return strdup("test"); +} diff --git a/accel-pptpd/pwdb.h b/accel-pptpd/pwdb.h index 820e269..07c45b0 100644 --- a/accel-pptpd/pwdb.h +++ b/accel-pptpd/pwdb.h @@ -4,6 +4,7 @@ struct ppp_t; int pwdb_check(struct ppp_t*,const char *username,const char *password); +char *pwdb_get_passwd(struct ppp_t*, const char *username); #endif -- cgit v1.2.3