1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
|
/* $OpenBSD: ppp.h,v 1.20 2017/05/30 17:22:00 yasuoka Exp $ */
/*-
* Copyright (c) 2009 Internet Initiative Japan Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef _NPPPD_H
#define _NPPPD_H 1
#define PPP_HDRLEN 4
#define PPP_ALLSTATIONS 0xff
#define PPP_UI 0x03
#define PPP_PROTO_IP 0x0021
#define PPP_PROTO_MPPE 0x00FD
#define PPP_PROTO_LCP 0xC021
#define PPP_PROTO_PAP 0xC023
#define PPP_PROTO_LQR 0xC025
#define PPP_PROTO_CHAP 0xC223
#define PPP_PROTO_EAP 0xC227
#define PPP_PROTO_NCP 0x8000
#define NCP_CCP 0xfd
#define NCP_IPCP 0x21
#define NCP_IPV6CP 0x57
#define PPP_PROTO_ACSP 0x8235 /* Apple Client Server Protocol
Control */
#define PPP_LCP_MRU 1 /* Maximum-Receive-Unit */
#define PPP_LCP_ACCM 2 /* Async-Control-Character-Map*/
#define PPP_LCP_AUTH_PROTOCOL 3 /* Authentication-Protcol */
#define PPP_LCP_QUALITY_PROTOCOL 4 /* Quality-Control */
#define PPP_LCP_MAGICNUMBER 5 /* Magic-Number */
#define PPP_LCP_PFC 7 /* Protocol Field Compression */
#define PPP_LCP_ACFC 8 /* Address-and-Control-Field-
Compression */
#define DEFAULT_MRU 1400
#define NPPPD_MIN_MRU 500
#define PPP_AUTH_PAP 0xc023 /* Password Authentication Protocol */
#define PPP_AUTH_CHAP 0xc223 /* Challenge Handshake Authentication Protocol*/
#define PPP_AUTH_EAP 0xc227 /* Extensible Authentication Protocol */
/* EAP Type */
#define PPP_AUTH_EAP_ANY 0x00
#define PPP_AUTH_EAP_IDENTITY 0x01
#define PPP_AUTH_EAP_NOTIFICATION 0x02
#define PPP_AUTH_EAP_NAK 0x03
#define PPP_AUTH_EAP_MD5_CHALLENGE 0x04
#define PPP_AUTH_EAP_OTP 0x05
#define PPP_AUTH_EAP_GTC 0x06
#define PPP_AUTH_EAP_TLS 0x0d
#define PPP_AUTH_EAP_EXPANDED_TYPES 0xFE
#define PPP_AUTH_EAP_EXPERIMENTAL_USE 0xFF
/* Chap Algorithms */
#define PPP_AUTH_CHAP_MD5 0x05 /* MD5 */
#define PPP_AUTH_CHAP_MS 0x80 /* MS-CHAP */
#define PPP_AUTH_CHAP_MS_V2 0x81 /* MS-CHAP-V2 */
#define MAX_USERNAME_LENGTH 256
#define MAX_PASSWORD_LENGTH 256
#define MAX_CHALLENGE_LENGTH 24
#define INADDR_IPCP_OBEY_REMOTE_REQ 0x00000000L
#define MPPE_KEYLEN 16 /* 128bit */
#define CCP_MPPE 0x12
#define CCP_MPPC_ALONE 0x00000001 /* See RFC 2118, Hi/fn */
#define CCP_MPPE_LM_40bit 0x00000010 /* obsolute */
#define CCP_MPPE_NT_40bit 0x00000020
#define CCP_MPPE_NT_128bit 0x00000040
#define CCP_MPPE_NT_56bit 0x00000080
#define CCP_MPPE_STATELESS 0x01000000 /* Packet-by-packet encryption */
#define CCP_MPPE_KEYLENMASK 0x00000FF0
#define CCP_MPPE_HEADER_LEN 4 /* mppe header + protocol */
#define INADDR_USER_SELECT (htonl(0xFFFFFFFFL))
#define INADDR_NAS_SELECT (htonl(0xFFFFFFFEL))
/** Default LCP ECHO interval (sec) */
#define DEFAULT_LCP_ECHO_INTERVAL 300
/** Default LCP ECHO retry interval (sec) */
#define DEFAULT_LCP_ECHO_RETRY_INTERVAL 60
/** Default LCP ECHO number of retry */
#define DEFAULT_LCP_ECHO_MAX_RETRIES 3
/** MRU includes MPPE/CCP header (XXX delete this) */
/* #define MRU_INCLUDES_MPPE_CCP */
/** Length for phone number */
#define NPPPD_PHONE_NUMBER_LEN 32
/** PPP Disconnect Codes based on RFC 3145 */
typedef enum _npppd_ppp_disconnect_code {
/*
* 3.1. Global Errors
*/
/** No information available. */
PPP_DISCON_NO_INFORMATION = 0,
/** Administrative disconnect. */
PPP_DISCON_ADMINITRATIVE = 1,
/**
* Link Control Protocol (LCP) renegotiation at LNS disabled; LNS
* expects proxy LCP information, LAC did not send it.
*/
PPP_DISCON_LCP_RENEGOTIATION_DISABLED = 2,
/** Normal Disconnection, LCP Terminate-Request sent. */
PPP_DISCON_NORMAL = 3,
/*
* 3.2. LCP Errors
*/
/**
* Compulsory encryption required by a PPP peer was refused by the
* other.
*/
PPP_DISCON_COMPULSORY_ENCRYPTION_REQUIRED = 4,
/** FSM (Finite State Machine) Timeout error. (PPP event "TO-".) */
PPP_DISCON_LCP_FSM_TIMEOUT = 5,
/** No recognizable LCP packets were received. */
PPP_DISCON_RECOGNIZABLE_LCP = 6,
/** LCP failure: Magic Number error; link possibly looped back. */
PPP_DISCON_LCP_MAGIC_NUMBER_ERROR = 7,
/** LCP link failure: Echo Request timeout. */
PPP_DISCON_LCP_TIMEOUT = 8,
/**
* Peer has unexpected Endpoint-Discriminator for existing
* Multilink PPP (MP) bundle.
*/
PPP_DISCON_LCP_UNEXPECTED_ENDPOINT_DISC = 9,
/** Peer has unexpected MRRU for existing MP bundle. */
PPP_DISCON_LCP_UNEXPECTED_MRRU = 10,
/**
* Peer has unexpected Short-Sequence-Number option for existing
* MP bundle.
*/
PPP_DISCON_LCP_UNEXPECTED_SHORT_SEQNUM = 11,
/**
* Compulsory call-back required by a PPP peer was refused by the
* other.
*/
PPP_DISCON_LCP_COMPULSORY_CALL_BACK_REQUIRED = 12,
/*
* 3.3. Authentication Errors
*/
/** FSM Timeout error. */
PPP_DISCON_AUTH_FSM_TIMEOUT = 13,
/** Peer has unexpected authenticated name for existing MP bundle. */
PPP_DISCON_AUTH_UNEXPECTED_AUTH_NAME = 14,
/**
* PPP authentication failure: Authentication protocol
* unacceptable.
*/
PPP_DISCON_AUTH_PROTOCOL_UNACCEPTABLE= 15,
/**
* PPP authentication failure: Authentication failed (bad name,
* password, or secret).
*/
PPP_DISCON_AUTH_FAILED = 16,
/*
* 3.4. Network Control Protocol (NCP) Errors
*/
/** FSM Timeout error. */
PPP_DISCON_NCP_FSM_TIMEOUT = 17,
/**
* No NCPs available (all disabled or rejected); no NCPs went to
* Opened state. (Control Protocol Number may be zero only if
* neither peer has enabled NCPs.)
*/
PPP_DISCON_NCP_NO_NCP_AVAILABLE = 18,
/** NCP failure: failed to converge on acceptable addresses. */
PPP_DISCON_NCP_NO_ACCEPTABLE_ADDRESS= 19,
/** NCP failure: user not permitted to use any addresses. */
PPP_DISCON_NCP_NO_PERMITTED_ADDRESS = 20
} npppd_ppp_disconnect_code;
typedef struct _npppd_ppp npppd_ppp;
#include "fsm.h"
#ifdef USE_NPPPD_RADIUS
#include <radius.h>
#include <radius_req.h>
#endif
/** Type for LCP */
typedef struct _lcp {
fsm fsm;
/** LCP options */
struct _opt {
uint8_t mru;
uint8_t pfc;
uint8_t acfc;
uint8_t pap;
uint8_t chap;
uint8_t chapms;
uint8_t chapms_v2;
uint8_t eap;
} opt;
/** Authentication method of the last Configure-Request */
uint32_t lastauth;
/** Magic number */
uint32_t magic_number;
/** Peer's magic number */
uint32_t peer_magic_number;
/** context for event(3) */
struct evtimer_wrap timerctx;
/** echo internval (sec) */
int echo_interval;
/** echo max retries */
int echo_max_retries;
/** wait to echo repy (sec) */
int echo_retry_interval;
/** failure count of echo */
int echo_failures;
/* for NAT/Blackhole detection */
/** received LCP requests */
int8_t recv_reqs;
/** received LCP responses */
int8_t recv_ress;
/*
* XXX
*/
uint32_t xxxmru;
/** order of authentication methods */
int auth_order[16];
uint32_t /** doing dialin proxy */
dialin_proxy:1,
/** do lcp renegotiation? */
dialin_proxy_lcp_renegotiation:1;
} lcp;
/** Type for CHAP */
typedef struct _chap {
npppd_ppp *ppp;
/** context for event(3) */
struct evtimer_wrap timerctx;
uint32_t state;
char myname[80];
/** challenge */
u_char name[MAX_USERNAME_LENGTH];
u_char chall[MAX_CHALLENGE_LENGTH];
int lchall; /* length of challenge */
u_char pktid; /* PPP Packet Id */
u_char challid; /* Id of challange */
int type; /* chap type */
int ntry;
u_char authenticator[16];
#ifdef USE_NPPPD_RADIUS
RADIUS_REQUEST_CTX radctx;
#endif
} chap;
/** Type for PAP */
typedef struct _pap {
npppd_ppp *ppp;
uint32_t state;
u_char name[MAX_USERNAME_LENGTH];
int auth_id;
#ifdef USE_NPPPD_RADIUS
RADIUS_REQUEST_CTX radctx;
#endif
} pap;
/** Type for EAP */
#ifdef USE_NPPPD_EAP_RADIUS
#define PPP_EAP_FLAG_NAK_RESPONSE 0x01
typedef struct _eap {
npppd_ppp *ppp;
struct evtimer_wrap timerctx;
uint32_t state;
u_char eapid;
int ntry;
u_char name[MAX_USERNAME_LENGTH];
u_char authenticator[16];
/* FIXME */
#define RADIUS_ATTR_STATE_LEN 100
int name_len;
u_char attr_state[RADIUS_ATTR_STATE_LEN];
u_char attr_state_len;
unsigned int session_timeout;
/*
* nak response 0x01
*/
u_char flags;
RADIUS_REQUEST_CTX radctx;
} eap;
#endif
/** Type for CCP */
typedef struct _ccp {
npppd_ppp *ppp;
fsm fsm;
uint32_t mppe_o_bits;
uint32_t mppe_p_bits;
uint mppe_rej;
} ccp;
/** Type for IPCP */
typedef struct _ipcp {
fsm fsm;
npppd_ppp *ppp;
struct in_addr ip4_our;
struct in_addr dns_pri;
struct in_addr dns_sec;
struct in_addr nbns_pri;
struct in_addr nbns_sec;
} ipcp;
/** Function pointer to delegate packet send/recv */
typedef int (*npppd_iofunc) (
npppd_ppp *ppp,
unsigned char *bytes,
int nbytes,
int flags
);
/** Flag indicates the orignal packet was encrypted by MPPE */
#define PPP_IO_FLAGS_MPPE_ENCRYPTED 0x0001
/** Flag indicates the orignal packet was delayed */
#define PPP_IO_FLAGS_DELAYED 0x0002
typedef void (*npppd_voidfunc) (
npppd_ppp *ppp
);
#ifdef USE_NPPPD_MPPE
#define MPPE_NOLDKEY 64
typedef struct _mppe_rc4 {
void *rc4ctx;
uint8_t stateless;
uint8_t resetreq;
/** session key length */
uint8_t keylen;
/** key length in bits */
uint8_t keybits;
/** Cohrency Counter */
uint16_t coher_cnt;
uint8_t master_key[MPPE_KEYLEN];
uint8_t session_key[MPPE_KEYLEN];
uint8_t (*old_session_keys)[MPPE_KEYLEN];
} mppe_rc4_t;
/** Type for MPPE */
typedef struct _mppe {
npppd_ppp *ppp;
uint8_t master_key[MPPE_KEYLEN];
uint16_t pkt_cnt;
/*
* configuration parameters.
*/
uint16_t /* if 0 no MPPE */
enabled :1,
/* if 1 don't forward packet without MPPE */
required :1,
mode_auto :1,
mode_stateless :1,
reserved :12;
uint16_t keylenbits;
mppe_rc4_t send, recv;
} mppe;
#endif
/** Type for phone number. Can be to use as a struct sockaddr. */
typedef struct _npppd_phone_number {
#define NPPPD_AF_PHONE_NUMBER (AF_MAX + 0)
/** total length */
uint8_t pn_len;
/** address family. this must be NPPPD_AF_PHONE_NUMBER */
sa_family_t pn_family;
/** phone number */
char pn_number[NPPPD_PHONE_NUMBER_LEN + 1];
} npppd_phone_number;
/** Type for PPP */
struct _npppd_ppp {
npppd *pppd;
u_int id; /** Ppp Id */
/* Input and output */
uint8_t *outpacket_buf; /** buffer space for output */
npppd_iofunc send_packet; /** send to physical layer */
npppd_iofunc recv_packet; /** recv from physical layer */
/** event context for idle-timer's timer */
struct event idle_event;
/** idle-timer value (sec) */
int timeout_sec;
/** Physical layer */
int tunnel_type; /** PPP Tunnel Type */
uint16_t tunnel_session_id; /** Tunnel Sesion Id */
uint16_t mru; /** MRU */
uint16_t peer_mru; /** Peer's MRU */
void *phy_context; /** Context of physical layer */
char phy_label[16]; /** Label for physical layer */
union {
struct sockaddr_in peer_in4; /** {L2TP,PPTP}/IPv4 */
struct sockaddr_in6 peer_in6; /** {L2TP,PPTP}/IPv6 */
#if defined(USE_NPPPD_PPPOE)
struct sockaddr_dl peer_dl; /** PPPoE */
#endif
npppd_phone_number peer_pn; /** DialIn */
} phy_info; /** Info of physical layer */
char calling_number[NPPPD_PHONE_NUMBER_LEN + 1];
npppd_voidfunc phy_close; /** close line */
/*
* phy_close() will be called by any cases disconnecting. ppp will be
* freed just after phy_close() is called. Don't touch the ppp after
* then.
*/
/** authentication realm */
void *realm;
/* protocols */
lcp lcp; /** lcp */
chap chap; /** chap */
pap pap; /** pap */
#ifdef USE_NPPPD_EAP_RADIUS
eap eap; /** eap */
#endif
ccp ccp; /** ccp */
ipcp ipcp; /** ipcp */
char username[MAX_USERNAME_LENGTH]; /** Remote username */
int ifidx; /** interface index */
/** Proxy Authen Response */
u_char *proxy_authen_resp;
/** Length of 'Proxy Authen Response' */
int lproxy_authen_resp;
/**
* Authentication methods that requires to the peer.
* <pre>
* PAP 0xC023
* EAP 0xC227
* CHAP 0x0005
* MSCHAP 0x0080
* MSCHAPv2 0x0081
* </pre>
*/
uint16_t peer_auth;
#ifdef USE_NPPPD_MPPE
uint8_t mppe_started;
mppe mppe;
#endif
/** Assiging/Assigned IP Address */
struct sockaddr_npppd snp;
#define ppp_framed_ip_address snp.snp_addr
#define ppp_framed_ip_netmask snp.snp_mask
#define ppp_ip_assigned(p) (p->ppp_framed_ip_address.s_addr != 0)
/** Address pool used by IP asssignment */
void *assigned_pool;
/** Framed-IP-Address for Accounting */
struct in_addr acct_framed_ip_address;
struct in_addr realm_framed_ip_address;
struct in_addr realm_framed_ip_netmask;
uint8_t /** data link have the Address and Control Field? */
has_acf:1,
/** adjust TCP MSS to smaller than the MRU? */
adjust_mss:1,
/** authentication once */
auth_runonce:1,
/** use pipex? */
use_pipex:1,
/** pipex is started? (even if it is not available) */
pipex_started:1,
/** pipex is enabled? */
pipex_enabled:1,
/** ingress filter */
ingress_filter:1,
reserved:2;
uint8_t /** IP address is assigned from dynamic address pool */
assign_dynapool:1,
/** assigned IP address is enabled? */
assigned_ip4_enabled:1,
assigned_ip4_rcvd:6;
uint8_t /** dump input packet? */
log_dump_in:1,
/** dump output packet? */
log_dump_out:1,
log_rcvd:6;
uint8_t /** "receiving naked IP packet" is logged already? */
logged_naked_ip:1,
/** "accounting start" is logged already? */
logged_acct_start:1,
/**
* "receiving packet without address field" is logged
* already?
*/
logged_no_address:1,
logged_rcvd:5;
/*
* Statistical informations
*/
/** Start time */
time_t start_time;
/** Start time (in monotime) */
time_t start_monotime;
/** End time (in monotime) */
time_t end_monotime;
/** Number of input packets */
uint32_t ipackets;
/** Number of output packets */
uint32_t opackets;
/** Number of input error packets */
uint32_t ierrors;
/** Number of output error packets */
uint32_t oerrors;
/** Number of input packet bytes */
uint64_t ibytes;
/** Number of output packet bytes */
uint64_t obytes;
/** RADIUS Accouting (RFC2866) Terminate Cause */
int terminate_cause;
/*
* Disconnect cause information for RFC3145
*/
/** disconnect code */
npppd_ppp_disconnect_code disconnect_code;
/** disconnect control protocol */
int16_t disconnect_proto;
/** disconnect direction */
int8_t disconnect_direction;
/** disconnect message */
const char *disconnect_message;
};
/** proxied dialin */
typedef struct _dialin_proxy_info {
/** Proxied LCP */
struct proxy_lcp {
/** Length of the data */
int ldata;
/** LCP data */
u_char data[256];
} /** the last sent LCP */ last_sent_lcp,
/** the last received LCP */ last_recv_lcp;
/** ID of authentication packet */
int auth_id;
/** authen type. use same value on npppd_ppp#peer_auth. */
uint32_t auth_type;
/** Username */
char username[MAX_USERNAME_LENGTH];
/** Authentication challenage */
u_char auth_chall[MAX_CHALLENGE_LENGTH];
/** Authentication challenge length */
int lauth_chall;
/** Authentication response */
u_char auth_resp[MAX_PASSWORD_LENGTH];
/** Authentication response length */
int lauth_resp;
} dialin_proxy_info;
#define DIALIN_PROXY_IS_REQUESTED(dpi) \
(((dpi)->last_sent_lcp.ldata > 0)? 1 : 0)
/** MPPE must be negotiated */
#define MPPE_MUST_NEGO(ppp) \
(((ppp)->mppe.enabled != 0) && \
(((ppp)->peer_auth == PPP_AUTH_CHAP_MS_V2) || \
((ppp)->peer_auth == PPP_AUTH_EAP)))
/** MPPE is required */
#define MPPE_IS_REQUIRED(ppp) \
(((ppp)->mppe.enabled != 0) && ((ppp)->mppe.required != 0))
/** MPPE is ready to use */
#define MPPE_SEND_READY(ppp) \
((ppp)->mppe_started != 0 && (ppp)->mppe.send.keybits > 0)
#define MPPE_RECV_READY(ppp) \
((ppp)->mppe_started != 0 && (ppp)->mppe.recv.keybits > 0)
/* Adapted from NetBSD:/usr/src/usr.sbin/pppd/pppd/pppd.h */
/*
* Inline versions of get/put char/short/long.
* Pointer is advanced; we assume that both arguments
* are lvalues and will already be in registers.
* cp MUST be u_char *.
*/
#define GETCHAR(c, cp) { \
(c) = *(cp)++; \
}
#define PUTCHAR(c, cp) { \
*(cp)++ = (u_char) (c); \
}
#define GETSHORT(s, cp) { \
(s) = *(cp)++ << 8; \
(s) |= *(cp)++; \
}
#define PUTSHORT(s, cp) { \
*(cp)++ = (u_char) ((s) >> 8); \
*(cp)++ = (u_char) (s); \
}
#define GETLONG(l, cp) { \
(l) = *(cp)++ << 8; \
(l) |= *(cp)++; (l) <<= 8; \
(l) |= *(cp)++; (l) <<= 8; \
(l) |= *(cp)++; \
}
#define PUTLONG(l, cp) { \
*(cp)++ = (u_char) ((l) >> 24); \
*(cp)++ = (u_char) ((l) >> 16); \
*(cp)++ = (u_char) ((l) >> 8); \
*(cp)++ = (u_char) (l); \
}
#define BCOPY(s, d, l) memcpy(d, s, l)
#define BZERO(s, n) memset(s, 0, n)
#ifndef countof
#define countof(x) (sizeof(x) / sizeof((x)[0]))
#endif
/*
* MAKEHEADER - Add Header fields to a packet.
*/
#define MAKEHEADER(p, t) { \
PUTCHAR(PPP_ALLSTATIONS, p); \
PUTCHAR(PPP_UI, p); \
PUTSHORT(t, p); }
/* adapted from FreeBSD:/usr/include/sys/cdefs */
#ifndef __printflike
#define __printflike(fmtarg, firstvararg) \
__attribute__((__format__ (__printf__, fmtarg, firstvararg)))
#endif
/*
* Does MRU cover MPPE/CCP header?
*
* RFC 1331:
* The Maximum-Receive-Unit covers only the Data Link Layer Information
* field. It does not include the header, padding, FCS, nor any
* transparency bits or bytes.
*
* On Windows XP:
* Comparing the MRU indicated by Windows and TCP MSS indicated by the
* same Windows, Windows uses MRU minus 40 octets as a TCP MSS value
* simply. So a TCP/IP packet that has max segment size with MPPE
* requires MRU + 4 octets. If the packet without MPPE requires just MRU
* octets.
*
* If MRU doesn't cover MPPE/CCP header, we need to avoid sending MRU + 4
* octets packet.
*/
#if !defined(USE_NPPPD_MPPE)
/* Do nothing if we don't do MPPE */
#define MRU_IPMTU(mru) (mru)
#define MRU_PKTLEN(mru, proto) (mru)
#else
#ifdef MRU_INCLUDES_MPPE_CCP
/* MRU covers MPPE/CCP header */
#define MRU_IPMTU(mru) ((mru) - CCP_MPPE_HEADER_LEN)
#define MRU_PKTLEN(mru, proto) (mru)
#else
/* MRU doesn't cover MPPE/CCP header */
#define MRU_IPMTU(mru) (mru)
#define MRU_PKTLEN(mru, proto) (((proto) == PPP_PROTO_MPPE) \
? (mru) + CCP_MPPE_HEADER_LEN : (mru))
#endif
#endif
#define PPP_FSM_CONFIG(_fsm, _memb, _val) \
do { \
(_fsm)->_memb = ((_val) == 0) \
? (_fsm)->_memb : (_val); \
} while (0 /* CONSTCOND */)
#ifdef __cplusplus
extern "C" {
#endif
npppd_ppp *ppp_create (void);
int ppp_init (npppd *, npppd_ppp *);
void ppp_start (npppd_ppp *);
int ppp_dialin_proxy_prepare (npppd_ppp *, dialin_proxy_info *);
void ppp_stop (npppd_ppp *, const char *);
void ppp_set_disconnect_cause (npppd_ppp *, npppd_ppp_disconnect_code, int, int, const char *);
void ppp_set_radius_terminate_cause(npppd_ppp *, int);
void ppp_destroy (void *);
void ppp_lcp_up (npppd_ppp *);
void ppp_lcp_finished (npppd_ppp *);
void ppp_phy_downed (npppd_ppp *);
void ppp_auth_ok (npppd_ppp *);
void ppp_ipcp_opened (npppd_ppp *);
void ppp_ccp_opened (npppd_ppp *);
void ppp_ccp_stopped (npppd_ppp *);
void ppp_output (npppd_ppp *, uint16_t, u_char, u_char, u_char *, int);
u_char *ppp_packetbuf (npppd_ppp *, int);
int ppp_log (npppd_ppp *, int, const char *, ...) __printflike(3,4);
void ppp_reset_idle_timeout(npppd_ppp *);
#ifdef USE_NPPPD_RADIUS
void ppp_process_radius_framed_ip (npppd_ppp *, RADIUS_PACKET *);
int ppp_set_radius_attrs_for_authreq (npppd_ppp *, radius_req_setting *, RADIUS_PACKET *);
#endif
struct tunnconf *ppp_get_tunnconf(npppd_ppp *);
void ccp_init (ccp *, npppd_ppp *);
void ipcp_init (ipcp *, npppd_ppp *);
void lcp_init (lcp *, npppd_ppp *);
void lcp_lowerup (lcp *);
void lcp_send_protrej(lcp *, u_char *, int );
int lcp_dialin_proxy(lcp *, dialin_proxy_info *, int, int);
void pap_init (pap *, npppd_ppp *);
int pap_start (pap *);
int pap_stop (pap *);
int pap_input (pap *, u_char *, int);
int pap_proxy_authen_prepare (pap *, dialin_proxy_info *);
void chap_init (chap *, npppd_ppp *);
void chap_stop (chap *);
void chap_start (chap *);
void chap_input (chap *, u_char *, int);
int chap_proxy_authen_prepare (chap *, dialin_proxy_info *);
#ifdef USE_NPPPD_EAP_RADIUS
void eap_init(eap *, npppd_ppp *);
void eap_stop(eap *);
void eap_start(eap *);
void eap_input(eap *, u_char *, int);
#endif
#ifdef USE_NPPPD_MPPE
void mppe_init (mppe *, npppd_ppp *);
void mppe_fini (mppe *);
void mppe_start (mppe *);
uint32_t mppe_create_our_bits (mppe *, uint32_t);
void mppe_input (mppe *, u_char *, int);
void mppe_recv_ccp_reset (mppe *);
void mppe_pkt_output (mppe *, uint16_t, u_char *, int);
#endif
#ifdef __cplusplus
}
#endif
#endif
|