projects / l2tpns.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Update debian/changelog
[l2tpns.git] / pppoe.c
1 /*
2 * Fernando ALVES 2013
3 * Add functionality "server pppoe" to l2tpns.
4 * inspiration pppoe.c of accel-ppp
5 * GPL licenced
6 */
7
8 #include <unistd.h>
9 #include <assert.h>
10 #include <stdlib.h>
11 #include <stdio.h>
12 #include <stdarg.h>
13 #include <errno.h>
14 #include <string.h>
15 #include <pthread.h>
16 #include <fcntl.h>
17 #include <sys/socket.h>
18 #include <sys/ioctl.h>
19 #include <net/if.h>
20 #include <net/ethernet.h>
21 #include <netpacket/packet.h>
22 #include <arpa/inet.h>
23 #include <linux/if_pppox.h>
24 #include <linux/rtnetlink.h>
25
26 #include "l2tpns.h"
27 #include "cluster.h"
28 #include "constants.h"
29 #include "md5.h"
30 #include "util.h"
31
32 int pppoediscfd = -1;
33 int pppoesessfd = -1;
34
35 static uint8_t bc_addr[ETH_ALEN] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
36
37 /* PPPoE codes */
38 #define CODE_PADI 0x09
39 #define CODE_PADO 0x07
40 #define CODE_PADR 0x19
41 #define CODE_PADS 0x65
42 #define CODE_PADT 0xA7
43 #define CODE_SESS 0x00
44
45 /* PPPoE Tags */
46 #define TAG_END_OF_LIST 0x0000
47 #define TAG_SERVICE_NAME 0x0101
48 #define TAG_AC_NAME 0x0102
49 #define TAG_HOST_UNIQ 0x0103
50 #define TAG_AC_COOKIE 0x0104
51 #define TAG_VENDOR_SPECIFIC 0x0105
52 #define TAG_RELAY_SESSION_ID 0x0110
53 #define TAG_SERVICE_NAME_ERROR 0x0201
54 #define TAG_AC_SYSTEM_ERROR 0x0202
55 #define TAG_GENERIC_ERROR 0x0203
56
57 static char *code_pad[] = {
58 "PADI",
59 "PADO",
60 "PADR",
61 "PADS",
62 "PADT",
63 "SESS",
64 NULL
65 };
66
67 enum
68 {
69 INDEX_PADI = 0,
70 INDEX_PADO,
71 INDEX_PADR,
72 INDEX_PADS,
73 INDEX_PADT,
74 INDEX_SESS
75 };
76
77 // set up pppoe discovery socket
78 static void init_pppoe_disc(void)
79 {
80 int on = 1;
81 struct ifreq ifr;
82 struct sockaddr_ll sa;
83
84 memset(&ifr, 0, sizeof(ifr));
85 memset(&sa, 0, sizeof(sa));
86
87 pppoediscfd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_PPP_DISC));
88 if (pppoediscfd < 0)
89 {
90 LOG(0, 0, 0, "Error pppoe: socket: %s\n", strerror(errno));
91 exit(1);
92 }
93
94 fcntl(pppoediscfd, F_SETFD, fcntl(pppoediscfd, F_GETFD) | FD_CLOEXEC);
95
96 if (setsockopt(pppoediscfd, SOL_SOCKET, SO_BROADCAST, &on, sizeof(on)))
97 {
98 LOG(0, 0, 0, "Error pppoe: setsockopt(SO_BROADCAST): %s\n", strerror(errno));
99 exit(1);
100 }
101
102 assert(strlen(ifr.ifr_name) < sizeof(config->pppoe_if_to_bind) - 1);
103 if (*config->pppoe_if_to_bind)
104 strncpy(ifr.ifr_name, config->pppoe_if_to_bind, IFNAMSIZ);
105
106 if (ioctl(pppoediscfd, SIOCGIFHWADDR, &ifr))
107 {
108 LOG(0, 0, 0, "Error pppoe: ioctl(SIOCGIFHWADDR): %s\n", strerror(errno));
109 exit(1);
110 }
111
112 if ((ifr.ifr_hwaddr.sa_data[0] & 1) != 0)
113 {
114 LOG(0, 0, 0, "Error pppoe: interface %s has not unicast address\n", config->pppoe_if_to_bind);
115 exit(1);
116 }
117
118 memcpy(config->pppoe_hwaddr, ifr.ifr_hwaddr.sa_data, ETH_ALEN);
119
120 if (ioctl(pppoediscfd, SIOCGIFMTU, &ifr))
121 {
122 LOG(0, 0, 0, "Error pppoe: ioctl(SIOCGIFMTU): %s\n", strerror(errno));
123 exit(1);
124 }
125
126 if (ifr.ifr_mtu < ETH_DATA_LEN)
127 LOG(0, 0, 0, "Error pppoe: interface %s has MTU of %i, should be %i\n", config->pppoe_if_to_bind, ifr.ifr_mtu, ETH_DATA_LEN);
128
129 if (ioctl(pppoediscfd, SIOCGIFINDEX, &ifr))
130 {
131 LOG(0, 0, 0, "Error pppoe: ioctl(SIOCGIFINDEX): %s\n", strerror(errno));
132 exit(1);
133 }
134
135 memset(&sa, 0, sizeof(sa));
136 sa.sll_family = AF_PACKET;
137 sa.sll_protocol = htons(ETH_P_PPP_DISC);
138 sa.sll_ifindex = ifr.ifr_ifindex;
139
140 if (bind(pppoediscfd, (struct sockaddr *)&sa, sizeof(sa)))
141 {
142 LOG(0, 0, 0, "Error pppoe: bind: %s\n", strerror(errno));
143 exit(1);
144 }
145
146 if (fcntl(pppoediscfd, F_SETFL, O_NONBLOCK))
147 {
148 LOG(0, 0, 0, "Error pppoe: failed to set nonblocking mode: %s\n", strerror(errno));
149 exit(1);
150 }
151
152 }
153
154 // set up pppoe session socket
155 static void init_pppoe_sess(void)
156 {
157 int on = 1;
158 struct ifreq ifr;
159 struct sockaddr_ll sa;
160
161 memset(&ifr, 0, sizeof(ifr));
162 memset(&sa, 0, sizeof(sa));
163
164 pppoesessfd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_PPP_SES));
165 if (pppoesessfd < 0)
166 {
167 LOG(0, 0, 0, "Error pppoe: socket: %s\n", strerror(errno));
168 exit(1);
169 }
170
171 fcntl(pppoesessfd, F_SETFD, fcntl(pppoesessfd, F_GETFD) | FD_CLOEXEC);
172
173 if (setsockopt(pppoesessfd, SOL_SOCKET, SO_BROADCAST, &on, sizeof(on)))
174 {
175 LOG(0, 0, 0, "Error pppoe: setsockopt(SO_BROADCAST): %s\n", strerror(errno));
176 exit(1);
177 }
178
179 assert(strlen(ifr.ifr_name) < sizeof(config->pppoe_if_to_bind) - 1);
180 if (*config->pppoe_if_to_bind)
181 strncpy(ifr.ifr_name, config->pppoe_if_to_bind, IFNAMSIZ);
182
183 if (ioctl(pppoesessfd, SIOCGIFHWADDR, &ifr))
184 {
185 LOG(0, 0, 0, "Error pppoe: ioctl(SIOCGIFHWADDR): %s\n", strerror(errno));
186 exit(1);
187 }
188
189 if ((ifr.ifr_hwaddr.sa_data[0] & 1) != 0)
190 {
191 LOG(0, 0, 0, "Error pppoe: interface %s has not unicast address\n", config->pppoe_if_to_bind);
192 exit(1);
193 }
194
195 memcpy(config->pppoe_hwaddr, ifr.ifr_hwaddr.sa_data, ETH_ALEN);
196
197 if (ioctl(pppoesessfd, SIOCGIFMTU, &ifr))
198 {
199 LOG(0, 0, 0, "Error pppoe: ioctl(SIOCGIFMTU): %s\n", strerror(errno));
200 exit(1);
201 }
202
203 if (ifr.ifr_mtu < ETH_DATA_LEN)
204 LOG(0, 0, 0, "Error pppoe: interface %s has MTU of %i, should be %i\n", config->pppoe_if_to_bind, ifr.ifr_mtu, ETH_DATA_LEN);
205
206 if (ioctl(pppoesessfd, SIOCGIFINDEX, &ifr))
207 {
208 LOG(0, 0, 0, "Error pppoe: ioctl(SIOCGIFINDEX): %s\n", strerror(errno));
209 exit(1);
210 }
211
212 memset(&sa, 0, sizeof(sa));
213 sa.sll_family = AF_PACKET;
214 sa.sll_protocol = htons(ETH_P_PPP_SES);
215 sa.sll_ifindex = ifr.ifr_ifindex;
216
217 if (bind(pppoesessfd, (struct sockaddr *)&sa, sizeof(sa)))
218 {
219 LOG(0, 0, 0, "Error pppoe: bind: %s\n", strerror(errno));
220 exit(1);
221 }
222
223 if (fcntl(pppoesessfd, F_SETFL, O_NONBLOCK))
224 {
225 LOG(0, 0, 0, "Error pppoe: failed to set nonblocking mode: %s\n", strerror(errno));
226 exit(1);
227 }
228 }
229
230 // set up pppoe discovery/session socket
231 void init_pppoe(void)
232 {
233 tunnelidt t = TUNNEL_ID_PPPOE;
234
235 init_pppoe_disc();
236 init_pppoe_sess();
237
238 // Reserve the a pseudo tunnel for pppoe server
239 if (t > config->cluster_highest_tunnelid)
240 config->cluster_highest_tunnelid = t;
241
242 memset(&tunnel[t], 0, sizeof(tunnel[t]));
243 tunnel[t].state = TUNNELOPEN;
244 STAT(tunnel_created);
245 }
246
247 char * get_string_codepad(uint8_t codepad)
248 {
249 char * ptrch = NULL;
250 switch(codepad)
251 {
252 case CODE_PADI:
253 ptrch = code_pad[INDEX_PADI];
254 break;
255
256 case CODE_PADO:
257 ptrch = code_pad[INDEX_PADO];
258 break;
259
260 case CODE_PADR:
261 ptrch = code_pad[INDEX_PADR];
262 break;
263
264 case CODE_PADS:
265 ptrch = code_pad[INDEX_PADS];
266 break;
267
268 case CODE_PADT:
269 ptrch = code_pad[INDEX_PADT];
270 break;
271
272 case CODE_SESS:
273 ptrch = code_pad[INDEX_SESS];
274 break;
275 }
276
277 return ptrch;
278 }
279
280 static uint8_t * setup_header(uint8_t *pack, const uint8_t *src, const uint8_t *dst, int code, uint16_t sid, uint16_t h_proto)
281 {
282 uint8_t * p;
283
284 // 14 bytes ethernet Header + 6 bytes header pppoe
285 struct ethhdr *ethhdr = (struct ethhdr *)pack;
286 struct pppoe_hdr *hdr = (struct pppoe_hdr *)(pack + ETH_HLEN);
287
288 memcpy(ethhdr->h_source, src, ETH_ALEN);
289 memcpy(ethhdr->h_dest, dst, ETH_ALEN);
290 ethhdr->h_proto = htons(h_proto);
291
292 hdr->ver = 1;
293 hdr->type = 1;
294 hdr->code = code;
295 hdr->sid = htons(sid);
296 hdr->length = 0;
297
298 p = (uint8_t *)(pack + ETH_HLEN + sizeof(*hdr));
299
300 return p;
301 }
302
303 static void add_tag(uint8_t *pack, int type, const uint8_t *data, int len)
304 {
305 struct pppoe_hdr *hdr = (struct pppoe_hdr *)(pack + ETH_HLEN);
306 struct pppoe_tag *tag = (struct pppoe_tag *)(pack + ETH_HLEN + sizeof(*hdr) + ntohs(hdr->length));
307
308 tag->tag_type = htons(type);
309 tag->tag_len = htons(len);
310 memcpy(tag->tag_data, data, len);
311
312 hdr->length = htons(ntohs(hdr->length) + sizeof(*tag) + len);
313 }
314
315 static void add_tag2(uint8_t *pack, const struct pppoe_tag *t)
316 {
317 struct pppoe_hdr *hdr = (struct pppoe_hdr *)(pack + ETH_HLEN);
318 struct pppoe_tag *tag = (struct pppoe_tag *)(pack + ETH_HLEN + sizeof(*hdr) + ntohs(hdr->length));
319
320 memcpy(tag, t, sizeof(*t) + ntohs(t->tag_len));
321
322 hdr->length = htons(ntohs(hdr->length) + sizeof(*tag) + ntohs(t->tag_len));
323 }
324
325 static void pppoe_disc_send(const uint8_t *pack)
326 {
327 struct ethhdr *ethhdr = (struct ethhdr *)pack;
328 struct pppoe_hdr *hdr = (struct pppoe_hdr *)(pack + ETH_HLEN);
329 int n, s;
330
331 s = ETH_HLEN + sizeof(*hdr) + ntohs(hdr->length);
332
333 LOG(3, 0, 0, "SENT pppoe_disc: Code %s to %s\n", get_string_codepad(hdr->code), fmtMacAddr(ethhdr->h_dest));
334 LOG_HEX(5, "pppoe_disc_send", pack, s);
335
336 n = write(pppoediscfd, pack, s);
337 if (n < 0 )
338 LOG(0, 0, 0, "pppoe: write: %s\n", strerror(errno));
339 else if (n != s) {
340 LOG(0, 0, 0, "pppoe: short write %i/%i\n", n,s);
341 }
342 }
343
344 void pppoe_sess_send(const uint8_t *pack, uint16_t l, tunnelidt t)
345 {
346 struct pppoe_hdr *hdr = (struct pppoe_hdr *)(pack + ETH_HLEN);
347 int n;
348 uint16_t sizeppp;
349 sessionidt s;
350
351 if (t != TUNNEL_ID_PPPOE)
352 {
353 LOG(3, 0, t, "ERROR pppoe_sess_send: Tunnel %d is not a tunnel pppoe\n", t);
354 return;
355 }
356
357 s = ntohs(hdr->sid);
358 if (session[s].tunnel != t)
359 {
360 LOG(3, s, t, "ERROR pppoe_sess_send: Session is not a session pppoe\n");
361 return;
362 }
363
364 if (l < (ETH_HLEN + sizeof(*hdr) + 3))
365 {
366 LOG(0, s, t, "ERROR pppoe_sess_send: packet too small for pppoe sent (size=%d)\n", l);
367 return;
368 }
369
370 // recalculate the ppp frame length
371 sizeppp = l - (ETH_HLEN + sizeof(*hdr));
372 hdr->length = htons(sizeppp);
373
374 LOG_HEX(5, "pppoe_sess_send", pack, l);
375
376 n = write(pppoesessfd, pack, l);
377 if (n < 0 )
378 LOG(0, s, t, "pppoe_sess_send: write: %s\n", strerror(errno));
379 else if (n != l)
380 LOG(0, s, t, "pppoe_sess_send: short write %i/%i\n", n,l);
381 }
382
383 static void pppoe_send_err(const uint8_t *addr, const struct pppoe_tag *host_uniq, const struct pppoe_tag *relay_sid, int code, int tag_type)
384 {
385 uint8_t pack[ETHER_MAX_LEN];
386
387 setup_header(pack, config->pppoe_hwaddr, addr, code, 0, ETH_P_PPP_DISC);
388
389 add_tag(pack, TAG_AC_NAME, (uint8_t *)config->pppoe_ac_name, strlen(config->pppoe_ac_name));
390 add_tag(pack, tag_type, NULL, 0);
391
392 if (host_uniq)
393 add_tag2(pack, host_uniq);
394
395 if (relay_sid)
396 add_tag2(pack, relay_sid);
397
398 pppoe_disc_send(pack);
399 }
400
401 // generate cookie
402 static void pppoe_gen_cookie(const uint8_t *serv_hwaddr, const uint8_t *client_hwaddr, uint8_t *out)
403 {
404 MD5_CTX ctx;
405
406 MD5_Init(&ctx);
407 MD5_Update(&ctx, config->l2tp_secret, strlen(config->l2tp_secret));
408 MD5_Update(&ctx, (void *) serv_hwaddr, ETH_ALEN);
409 MD5_Update(&ctx, (void *) client_hwaddr, ETH_ALEN);
410 MD5_Final(out, &ctx);
411 }
412
413 // check cookie
414 static int pppoe_check_cookie(const uint8_t *serv_hwaddr, const uint8_t *client_hwaddr, uint8_t *cookie)
415 {
416 hasht hash;
417
418 pppoe_gen_cookie(serv_hwaddr, client_hwaddr, hash);
419
420 return memcmp(hash, cookie, 16);
421 }
422
423 static void pppoe_send_PADO(const uint8_t *addr, const struct pppoe_tag *host_uniq, const struct pppoe_tag *relay_sid, const struct pppoe_tag *service_name)
424 {
425 uint8_t pack[ETHER_MAX_LEN];
426 hasht hash;
427
428 setup_header(pack, config->pppoe_hwaddr, addr, CODE_PADO, 0, ETH_P_PPP_DISC);
429
430 add_tag(pack, TAG_AC_NAME, (uint8_t *)config->pppoe_ac_name, strlen(config->pppoe_ac_name));
431
432 if (service_name)
433 add_tag2(pack, service_name);
434
435 pppoe_gen_cookie(config->pppoe_hwaddr, addr, hash);
436 add_tag(pack, TAG_AC_COOKIE, hash, 16);
437
438 if (host_uniq)
439 add_tag2(pack, host_uniq);
440
441 if (relay_sid)
442 add_tag2(pack, relay_sid);
443
444 pppoe_disc_send(pack);
445 }
446
447 static void pppoe_send_PADS(uint16_t sid, const uint8_t *addr, const struct pppoe_tag *host_uniq, const struct pppoe_tag *relay_sid, const struct pppoe_tag *service_name)
448 {
449 uint8_t pack[ETHER_MAX_LEN];
450
451 setup_header(pack, config->pppoe_hwaddr, addr, CODE_PADS, sid, ETH_P_PPP_DISC);
452
453 add_tag(pack, TAG_AC_NAME, (uint8_t *)config->pppoe_ac_name, strlen(config->pppoe_ac_name));
454
455 add_tag2(pack, service_name);
456
457 if (host_uniq)
458 add_tag2(pack, host_uniq);
459
460 if (relay_sid)
461 add_tag2(pack, relay_sid);
462
463 pppoe_disc_send(pack);
464 }
465
466 static void pppoe_send_PADT(uint16_t sid)
467 {
468 uint8_t pack[ETHER_MAX_LEN];
469
470 setup_header(pack, config->pppoe_hwaddr, session[sid].src_hwaddr, CODE_PADT, sid, ETH_P_PPP_DISC);
471
472 add_tag(pack, TAG_AC_NAME, (uint8_t *)config->pppoe_ac_name, strlen(config->pppoe_ac_name));
473
474 LOG(3, sid, session[sid].tunnel, "pppoe: Sent PADT\n");
475
476 pppoe_disc_send(pack);
477 }
478
479 void pppoe_shutdown_session(sessionidt s)
480 {
481
482 if (session[s].tunnel != TUNNEL_ID_PPPOE)
483 {
484 LOG(3, s, session[s].tunnel, "ERROR pppoe_shutdown_session: Session is not a session pppoe\n");
485 return;
486 }
487
488 pppoe_send_PADT(s);
489 }
490
491 static void pppoe_recv_PADI(uint8_t *pack, int size)
492 {
493 struct ethhdr *ethhdr = (struct ethhdr *)pack;
494 struct pppoe_hdr *hdr = (struct pppoe_hdr *)(pack + ETH_HLEN);
495 struct pppoe_tag *tag;
496 struct pppoe_tag *host_uniq_tag = NULL;
497 struct pppoe_tag *relay_sid_tag = NULL;
498 struct pppoe_tag *service_name_tag = NULL;
499 int n, service_match = 0;
500 int len;
501
502 if (hdr->sid)
503 return;
504
505 len = ntohs(hdr->length);
506 for (n = 0; n < len; n += sizeof(*tag) + ntohs(tag->tag_len))
507 {
508 tag = (struct pppoe_tag *)(pack + ETH_HLEN + sizeof(*hdr) + n);
509 if (n + sizeof(*tag) + ntohs(tag->tag_len) > len)
510 return;
511 switch (ntohs(tag->tag_type))
512 {
513 case TAG_END_OF_LIST:
514 break;
515 case TAG_SERVICE_NAME:
516 if (config->pppoe_only_equal_svc_name && *config->pppoe_service_name && !tag->tag_len)
517 {
518 break;
519 }
520 else if (*config->pppoe_service_name && tag->tag_len)
521 {
522 if (ntohs(tag->tag_len) != strlen(config->pppoe_service_name))
523 break;
524 if (memcmp(tag->tag_data, config->pppoe_service_name, ntohs(tag->tag_len)))
525 break;
526 service_name_tag = tag;
527 service_match = 1;
528 }
529 else
530 {
531 service_name_tag = tag;
532 service_match = 1;
533 }
534 break;
535 case TAG_HOST_UNIQ:
536 host_uniq_tag = tag;
537 break;
538 case TAG_RELAY_SESSION_ID:
539 relay_sid_tag = tag;
540 break;
541 }
542 }
543
544 if (!service_match)
545 {
546 LOG(3, 0, 0, "pppoe: discarding PADI packet (Service-Name mismatch)\n");
547 return;
548 }
549
550 pppoe_send_PADO(ethhdr->h_source, host_uniq_tag, relay_sid_tag, service_name_tag);
551 }
552
553 static void pppoe_recv_PADR(uint8_t *pack, int size)
554 {
555 struct ethhdr *ethhdr = (struct ethhdr *)pack;
556 struct pppoe_hdr *hdr = (struct pppoe_hdr *)(pack + ETH_HLEN);
557 struct pppoe_tag *tag;
558 struct pppoe_tag *host_uniq_tag = NULL;
559 struct pppoe_tag *relay_sid_tag = NULL;
560 struct pppoe_tag *ac_cookie_tag = NULL;
561 struct pppoe_tag *service_name_tag = NULL;
562 int n, service_match = 0;
563 uint16_t sid;
564
565 if (!memcmp(ethhdr->h_dest, bc_addr, ETH_ALEN))
566 {
567 LOG(1, 0, 0, "Rcv pppoe: discard PADR (destination address is broadcast)\n");
568 return;
569 }
570
571 if (hdr->sid)
572 {
573 LOG(1, 0, 0, "Rcv pppoe: discarding PADR packet (sid is not zero)\n");
574 return;
575 }
576
577 for (n = 0; n < ntohs(hdr->length); n += sizeof(*tag) + ntohs(tag->tag_len))
578 {
579 tag = (struct pppoe_tag *)(pack + ETH_HLEN + sizeof(*hdr) + n);
580 switch (ntohs(tag->tag_type))
581 {
582 case TAG_END_OF_LIST:
583 break;
584 case TAG_SERVICE_NAME:
585 service_name_tag = tag;
586 if (tag->tag_len == 0)
587 service_match = 1;
588 else if (*config->pppoe_service_name)
589 {
590 if (ntohs(tag->tag_len) != strlen(config->pppoe_service_name))
591 break;
592 if (memcmp(tag->tag_data, config->pppoe_service_name, ntohs(tag->tag_len)))
593 break;
594 service_match = 1;
595 }
596 else
597 {
598 service_match = 1;
599 }
600 break;
601 case TAG_HOST_UNIQ:
602 host_uniq_tag = tag;
603 break;
604 case TAG_AC_COOKIE:
605 ac_cookie_tag = tag;
606 break;
607 case TAG_RELAY_SESSION_ID:
608 relay_sid_tag = tag;
609 break;
610 }
611 }
612
613 if (!service_match)
614 {
615 LOG(3, 0, 0, "pppoe: Service-Name mismatch\n");
616 pppoe_send_err(ethhdr->h_source, host_uniq_tag, relay_sid_tag, CODE_PADS, TAG_SERVICE_NAME_ERROR);
617 return;
618 }
619
620 if (!ac_cookie_tag)
621 {
622 LOG(3, 0, 0, "pppoe: discard PADR packet (no AC-Cookie tag present)\n");
623 return;
624 }
625
626 if (ntohs(ac_cookie_tag->tag_len) != 16)
627 {
628 LOG(3, 0, 0, "pppoe: discard PADR packet (incorrect AC-Cookie tag length)\n");
629 return;
630 }
631
632 if (pppoe_check_cookie(ethhdr->h_dest, ethhdr->h_source, (uint8_t *) ac_cookie_tag->tag_data))
633 {
634 LOG(3, 0, 0, "pppoe: discard PADR packet (incorrect AC-Cookie)\n");
635 return;
636 }
637
638 sid = sessionfree;
639 sessionfree = session[sid].next;
640 memset(&session[sid], 0, sizeof(session[0]));
641
642 if (sid > config->cluster_highest_sessionid)
643 config->cluster_highest_sessionid = sid;
644
645 session[sid].opened = time_now;
646 session[sid].tunnel = TUNNEL_ID_PPPOE;
647 session[sid].last_packet = session[sid].last_data = time_now;
648
649 //strncpy(session[sid].called, called, sizeof(session[sid].called) - 1);
650 //strncpy(session[sid].calling, calling, sizeof(session[sid].calling) - 1);
651
652 session[sid].ppp.phase = Establish;
653 session[sid].ppp.lcp = Starting;
654
655 session[sid].magic = time_now; // set magic number
656 session[sid].mru = PPPoE_MRU; // default
657
658 // start LCP
659 sess_local[sid].lcp_authtype = config->radius_authprefer;
660 sess_local[sid].ppp_mru = MRU;
661
662 // Set multilink options before sending initial LCP packet
663 sess_local[sid].mp_mrru = 1614;
664 sess_local[sid].mp_epdis = ntohl(config->iftun_address ? config->iftun_address : my_address);
665
666 memcpy(session[sid].src_hwaddr, ethhdr->h_source, ETH_ALEN);
667 pppoe_send_PADS(sid, ethhdr->h_source, host_uniq_tag, relay_sid_tag, service_name_tag);
668
669 sendlcp(sid, session[sid].tunnel);
670 change_state(sid, lcp, RequestSent);
671
672 }
673
674 static void pppoe_recv_PADT(uint8_t *pack)
675 {
676 struct ethhdr *ethhdr = (struct ethhdr *)pack;
677 struct pppoe_hdr *hdr = (struct pppoe_hdr *)(pack + ETH_HLEN);
678
679 if (!memcmp(ethhdr->h_dest, bc_addr, ETH_ALEN))
680 {
681 LOG(3, 0, 0, "pppoe: discard PADT (destination address is broadcast)\n");
682 return;
683 }
684
685 if (hdr->sid)
686 {
687 if ((hdr->sid < MAXSESSION) && (session[hdr->sid].tunnel == TUNNEL_ID_PPPOE))
688 sessionshutdown(hdr->sid, "Client shutdown", CDN_ADMIN_DISC, 0);
689 }
690 }
691
692 // fill in a PPPOE message with a PPP frame,
693 // returns start of PPP frame
694 uint8_t *pppoe_makeppp(uint8_t *b, int size, uint8_t *p, int l, sessionidt s, tunnelidt t,
695 uint16_t mtype, uint8_t prio, bundleidt bid, uint8_t mp_bits)
696 {
697 uint16_t type = mtype;
698 uint8_t *start = b;
699 struct pppoe_hdr *hdr = (struct pppoe_hdr *)(b + ETH_HLEN);
700
701 if (t != TUNNEL_ID_PPPOE)
702 return NULL;
703
704 if (size < 28) // Need more space than this!!
705 {
706 LOG(0, s, t, "pppoe_makeppp buffer too small for pppoe header (size=%d)\n", size);
707 return NULL;
708 }
709
710 // 14 bytes ethernet Header + 6 bytes header pppoe
711 b = setup_header(b, config->pppoe_hwaddr, session[s].src_hwaddr, CODE_SESS, s, ETH_P_PPP_SES);
712
713 // Check whether this session is part of multilink
714 if (bid)
715 {
716 if (bundle[bid].num_of_links > 1)
717 type = PPPMP; // Change PPP message type to the PPPMP
718 else
719 bid = 0;
720 }
721
722 *(uint16_t *) b = htons(type);
723 b += 2;
724 hdr->length += 2;
725
726 if (bid)
727 {
728 // Set the sequence number and (B)egin (E)nd flags
729 if (session[s].mssf)
730 {
731 // Set the multilink bits
732 uint16_t bits_send = mp_bits;
733 *(uint16_t *) b = htons((bundle[bid].seq_num_t & 0x0FFF)|bits_send);
734 b += 2;
735 hdr->length += 2;
736 }
737 else
738 {
739 *(uint32_t *) b = htonl(bundle[bid].seq_num_t);
740 // Set the multilink bits
741 *b = mp_bits;
742 b += 4;
743 hdr->length += 4;
744 }
745
746 bundle[bid].seq_num_t++;
747
748 // Add the message type if this fragment has the begin bit set
749 if (mp_bits & MP_BEGIN)
750 {
751 //*b++ = mtype; // The next two lines are instead of this
752 *(uint16_t *) b = htons(mtype); // Message type
753 b += 2;
754 hdr->length += 2;
755 }
756 }
757
758 if ((b - start) + l > size)
759 {
760 LOG(0, s, t, "pppoe_makeppp would overflow buffer (size=%d, header+payload=%td)\n", size, (b - start) + l);
761 return NULL;
762 }
763
764 // Copy the payload
765 if (p && l)
766 {
767 memcpy(b, p, l);
768 hdr->length += l;
769 }
770
771 return b;
772 }
773
774 // fill in a PPPOE message with a PPP frame,
775 // returns start of PPP frame
776 //(note: THIS ROUTINE WRITES TO p[-28]).
777 uint8_t *opt_pppoe_makeppp(uint8_t *p, int l, sessionidt s, tunnelidt t, uint16_t mtype, uint8_t prio, bundleidt bid, uint8_t mp_bits)
778 {
779 uint16_t type = mtype;
780 uint16_t hdrlen = l;
781 uint8_t *b = p;
782 struct pppoe_hdr *hdr;
783
784 if (t != TUNNEL_ID_PPPOE)
785 return NULL;
786
787 // Check whether this session is part of multilink
788 if (bid)
789 {
790 if (bundle[bid].num_of_links > 1)
791 type = PPPMP; // Change PPP message type to the PPPMP
792 else
793 bid = 0;
794 }
795
796 if (bid)
797 {
798 // Add the message type if this fragment has the begin bit set
799 if (mp_bits & MP_BEGIN)
800 {
801 b -= 2;
802 *(uint16_t *) b = htons(mtype); // Message type
803 }
804
805 // Set the sequence number and (B)egin (E)nd flags
806 if (session[s].mssf)
807 {
808 // Set the multilink bits
809 uint16_t bits_send = mp_bits;
810 b -= 2;
811 *(uint16_t *) b = htons((bundle[bid].seq_num_t & 0x0FFF)|bits_send);
812 }
813 else
814 {
815 b -= 4;
816 *(uint32_t *) b = htonl(bundle[bid].seq_num_t);
817 // Set the multilink bits
818 *b = mp_bits;
819 }
820
821 bundle[bid].seq_num_t++;
822 }
823
824 b -= 2;
825 *(uint16_t *) b = htons(type);
826
827 // Size ppp packet
828 hdrlen += (p - b);
829
830 // 14 bytes ethernet Header + 6 bytes header pppoe
831 b -= (ETH_HLEN + sizeof(*hdr));
832 setup_header(b, config->pppoe_hwaddr, session[s].src_hwaddr, CODE_SESS, s, ETH_P_PPP_SES);
833 hdr = (struct pppoe_hdr *)(b + ETH_HLEN);
834 // Store length on header pppoe
835 hdr->length = hdrlen;
836
837 return b;
838 }
839
840 // pppoe discovery recv data
841 void process_pppoe_disc(uint8_t *pack, int size)
842 {
843 struct ethhdr *ethhdr = (struct ethhdr *)pack;
844 struct pppoe_hdr *hdr = (struct pppoe_hdr *)(pack + ETH_HLEN);
845
846 LOG(3, 0, 0, "RCV pppoe_disc: Code %s from %s\n", get_string_codepad(hdr->code), fmtMacAddr(ethhdr->h_source));
847 LOG_HEX(5, "PPPOE Disc", pack, size);
848
849 if (!config->cluster_iam_master)
850 {
851 if (hdr->code == CODE_PADI)
852 return; // Discard because the PADI is received by all (PADI is a broadcast diffusion)
853
854 master_forward_pppoe_packet(pack, size, hdr->code);
855 return;
856 }
857
858 if (size < (ETH_HLEN + sizeof(*hdr)))
859 {
860 LOG(1, 0, 0, "Error pppoe_disc: short packet received (%i)\n", size);
861 return;
862 }
863
864 if (memcmp(ethhdr->h_dest, bc_addr, ETH_ALEN) && memcmp(ethhdr->h_dest, config->pppoe_hwaddr, ETH_ALEN))
865 {
866 LOG(1, 0, 0, "Error pppoe_disc: h_dest != bc_addr and h_dest != config->pppoe_hwaddr\n");
867 return;
868 }
869
870 if (!memcmp(ethhdr->h_source, bc_addr, ETH_ALEN))
871 {
872 LOG(1, 0, 0, "Error pppoe_disc: discarding packet (source address is broadcast)\n");
873 return;
874 }
875
876 if ((ethhdr->h_source[0] & 1) != 0)
877 {
878 LOG(1, 0, 0, "Error pppoe_disc: discarding packet (host address is not unicast)\n");
879 return;
880 }
881
882 if (size < ETH_HLEN + sizeof(*hdr) + ntohs(hdr->length))
883 {
884 LOG(1, 0, 0, "Error pppoe_disc: short packet received\n");
885 return;
886 }
887
888 if (hdr->ver != 1)
889 {
890 LOG(1, 0, 0, "Error pppoe_disc: discarding packet (unsupported version %i)\n", hdr->ver);
891 return;
892 }
893
894 if (hdr->type != 1)
895 {
896 LOG(1, 0, 0, "Error pppoe_disc: discarding packet (unsupported type %i)\n", hdr->type);
897 return;
898 }
899
900 switch (hdr->code) {
901 case CODE_PADI:
902 pppoe_recv_PADI(pack, size);
903 break;
904 case CODE_PADR:
905 pppoe_recv_PADR(pack, size);
906 break;
907 case CODE_PADT:
908 pppoe_recv_PADT(pack);
909 break;
910 }
911 }
912
913 // Forward from pppoe to l2tp remote LNS
914 static void pppoe_forwardto_session_rmlns(uint8_t *pack, int size, sessionidt sess, uint16_t proto)
915 {
916 struct pppoe_hdr *hdr = (struct pppoe_hdr *)(pack + ETH_HLEN);
917 uint16_t lppp = ntohs(hdr->length);
918 uint16_t ll2tp = lppp + 6;
919 uint8_t *pppdata = (uint8_t *) hdr->tag;
920 uint8_t *pl2tp = pppdata - 6;
921 uint8_t *p = pl2tp;
922 uint16_t t = 0, s = 0;
923
924 s = session[sess].forwardtosession;
925 if (session[s].forwardtosession != sess)
926 {
927 LOG(3, sess, session[sess].tunnel, "pppoe: Link Session (%u) broken\n", s);
928 return;
929 }
930
931 t = session[s].tunnel;
932 if (t >= MAXTUNNEL)
933 {
934 LOG(1, s, t, "pppoe: Session with invalid tunnel ID\n");
935 return;
936 }
937
938 if (!tunnel[t].isremotelns)
939 {
940 LOG(3, sess, session[sess].tunnel, "pppoe: Link Tunnel/Session (%u/%u) broken\n", s, t);
941 return;
942 }
943
944 // First word L2TP options (with no options)
945 *(uint16_t *) p = htons(0x0002);
946 p += 2;
947 *(uint16_t *) p = htons(tunnel[t].far); // tunnel
948 p += 2;
949 *(uint16_t *) p = htons(session[s].far); // session
950 p += 2;
951
952 if ((proto == PPPIP) || (proto == PPPMP) ||(proto == PPPIPV6 && config->ipv6_prefix.s6_addr[0]))
953 {
954 session[sess].last_packet = session[sess].last_data = time_now;
955 // Update STAT IN
956 increment_counter(&session[sess].cin, &session[sess].cin_wrap, ll2tp);
957 session[sess].cin_delta += ll2tp;
958 session[sess].pin++;
959 sess_local[sess].cin += ll2tp;
960 sess_local[sess].pin++;
961
962 session[s].last_data = time_now;
963 // Update STAT OUT
964 increment_counter(&session[s].cout, &session[s].cout_wrap, ll2tp); // byte count
965 session[s].cout_delta += ll2tp;
966 session[s].pout++;
967 sess_local[s].cout += ll2tp;
968 sess_local[s].pout++;
969 }
970 else
971 session[sess].last_packet = time_now;
972
973 tunnelsend(pl2tp, ll2tp, t); // send it...
974 }
975
976 // Forward from l2tp to pppoe
977 // (note: THIS ROUTINE WRITES TO pack[-20]).
978 void pppoe_forwardto_session_pppoe(uint8_t *pack, int size, sessionidt sess, uint16_t proto)
979 {
980 uint16_t t = 0, s = 0;
981 uint16_t lpppoe = size - 2;
982 uint8_t *p = pack + 2; // First word L2TP options
983
984 LOG(5, sess, session[sess].tunnel, "Forwarding data session to pppoe session %u\n", session[sess].forwardtosession);
985
986 s = session[sess].forwardtosession;
987 t = session[s].tunnel;
988
989 if (*pack & 0x40)
990 { // length
991 p += 2;
992 lpppoe -= 2;
993 }
994
995 *(uint16_t *) p = htons(tunnel[t].far); // tunnel
996 p += 2;
997 *(uint16_t *) p = htons(session[s].far); // session
998 p += 2;
999 lpppoe -= 4;
1000
1001 if (*pack & 0x08)
1002 { // ns/nr
1003 *(uint16_t *) p = htons(tunnel[t].ns); // sequence
1004 p += 2;
1005 *(uint16_t *) p = htons(tunnel[t].nr); // sequence
1006 p += 2;
1007 lpppoe -= 4;
1008 }
1009
1010 if (lpppoe > 2 && p[0] == 0xFF && p[1] == 0x03)
1011 {
1012 // HDLC address header, discard in pppoe
1013 p += 2;
1014 lpppoe -= 2;
1015 }
1016
1017 lpppoe += (ETH_HLEN + sizeof(struct pppoe_hdr));
1018 p -= (ETH_HLEN + sizeof(struct pppoe_hdr));
1019
1020 // 14 bytes ethernet Header + 6 bytes header pppoe
1021 setup_header(p, config->pppoe_hwaddr, session[s].src_hwaddr, CODE_SESS, s, ETH_P_PPP_SES);
1022
1023 if ((proto == PPPIP) || (proto == PPPMP) ||(proto == PPPIPV6 && config->ipv6_prefix.s6_addr[0]))
1024 {
1025 session[sess].last_packet = session[sess].last_data = time_now;
1026 // Update STAT IN
1027 increment_counter(&session[sess].cin, &session[sess].cin_wrap, lpppoe);
1028 session[sess].cin_delta += lpppoe;
1029 session[sess].pin++;
1030 sess_local[sess].cin += lpppoe;
1031 sess_local[sess].pin++;
1032
1033 session[s].last_data = time_now;
1034 // Update STAT OUT
1035 increment_counter(&session[s].cout, &session[s].cout_wrap, lpppoe); // byte count
1036 session[s].cout_delta += lpppoe;
1037 session[s].pout++;
1038 sess_local[s].cout += lpppoe;
1039 sess_local[s].pout++;
1040 }
1041 else
1042 session[sess].last_packet = time_now;
1043
1044 tunnelsend(p, lpppoe, t); // send it....
1045 }
1046
1047 void process_pppoe_sess(uint8_t *pack, int size)
1048 {
1049 //struct ethhdr *ethhdr = (struct ethhdr *)pack;
1050 struct pppoe_hdr *hdr = (struct pppoe_hdr *)(pack + ETH_HLEN);
1051 uint16_t lppp = ntohs(hdr->length);
1052 uint8_t *pppdata = (uint8_t *) hdr->tag;
1053 uint16_t proto, sid, t;
1054
1055 sid = ntohs(hdr->sid);
1056 t = TUNNEL_ID_PPPOE;
1057
1058 LOG_HEX(5, "RCV PPPOE Sess", pack, size);
1059
1060 if (sid >= MAXSESSION)
1061 {
1062 LOG(0, sid, t, "Received pppoe packet with invalid session ID\n");
1063 STAT(tunnel_rx_errors);
1064 return;
1065 }
1066
1067 if (session[sid].tunnel != t)
1068 {
1069 if (!config->cluster_iam_master) { master_forward_pppoe_packet(pack, size, hdr->code); return; }
1070
1071 LOG(1, sid, t, "ERROR process_pppoe_sess: Session is not a session pppoe\n");
1072 return;
1073 }
1074
1075 if (hdr->ver != 1)
1076 {
1077 LOG(3, sid, t, "Error process_pppoe_sess: discarding packet (unsupported version %i)\n", hdr->ver);
1078 return;
1079 }
1080
1081 if (hdr->type != 1)
1082 {
1083 LOG(3, sid, t, "Error process_pppoe_sess: discarding packet (unsupported type %i)\n", hdr->type);
1084 return;
1085 }
1086
1087 if (lppp > 2 && pppdata[0] == 0xFF && pppdata[1] == 0x03)
1088 { // HDLC address header, discard
1089 LOG(5, sid, t, "pppoe_sess: HDLC address header, discard\n");
1090 pppdata += 2;
1091 lppp -= 2;
1092 }
1093 if (lppp < 2)
1094 {
1095 LOG(3, sid, t, "Error process_pppoe_sess: Short ppp length %d\n", lppp);
1096 return;
1097 }
1098 if (*pppdata & 1)
1099 {
1100 proto = *pppdata++;
1101 lppp--;
1102 }
1103 else
1104 {
1105 proto = ntohs(*(uint16_t *) pppdata);
1106 pppdata += 2;
1107 lppp -= 2;
1108 }
1109
1110 if (session[sid].forwardtosession)
1111 { // Must be forwaded to a remote lns tunnel l2tp
1112 pppoe_forwardto_session_rmlns(pack, size, sid, proto);
1113 return;
1114 }
1115
1116 if (proto == PPPPAP)
1117 {
1118 session[sid].last_packet = time_now;
1119 if (!config->cluster_iam_master) { master_forward_pppoe_packet(pack, size, hdr->code); return; }
1120 processpap(sid, t, pppdata, lppp);
1121 }
1122 else if (proto == PPPCHAP)
1123 {
1124 session[sid].last_packet = time_now;
1125 if (!config->cluster_iam_master) { master_forward_pppoe_packet(pack, size, hdr->code); return; }
1126 processchap(sid, t, pppdata, lppp);
1127 }
1128 else if (proto == PPPLCP)
1129 {
1130 session[sid].last_packet = time_now;
1131 if (!config->cluster_iam_master) { master_forward_pppoe_packet(pack, size, hdr->code); return; }
1132 processlcp(sid, t, pppdata, lppp);
1133 }
1134 else if (proto == PPPIPCP)
1135 {
1136 session[sid].last_packet = time_now;
1137 if (!config->cluster_iam_master) { master_forward_pppoe_packet(pack, size, hdr->code); return; }
1138 processipcp(sid, t, pppdata, lppp);
1139 }
1140 else if (proto == PPPIPV6CP && config->ipv6_prefix.s6_addr[0])
1141 {
1142 session[sid].last_packet = time_now;
1143 if (!config->cluster_iam_master) { master_forward_pppoe_packet(pack, size, hdr->code); return; }
1144 processipv6cp(sid, t, pppdata, lppp);
1145 }
1146 else if (proto == PPPCCP)
1147 {
1148 session[sid].last_packet = time_now;
1149 if (!config->cluster_iam_master) { master_forward_pppoe_packet(pack, size, hdr->code); return; }
1150 processccp(sid, t, pppdata, lppp);
1151 }
1152 else if (proto == PPPIP)
1153 {
1154 session[sid].last_packet = session[sid].last_data = time_now;
1155 if (session[sid].walled_garden && !config->cluster_iam_master) { master_forward_pppoe_packet(pack, size, hdr->code); return; }
1156 processipin(sid, t, pppdata, lppp);
1157 }
1158 else if (proto == PPPMP)
1159 {
1160 session[sid].last_packet = session[sid].last_data = time_now;
1161 if (!config->cluster_iam_master) { master_forward_pppoe_packet(pack, size, hdr->code); return; }
1162 processmpin(sid, t, pppdata, lppp);
1163 }
1164 else if (proto == PPPIPV6 && config->ipv6_prefix.s6_addr[0])
1165 {
1166 session[sid].last_packet = session[sid].last_data = time_now;
1167 if (session[sid].walled_garden && !config->cluster_iam_master) { master_forward_pppoe_packet(pack, size, hdr->code); return; }
1168 processipv6in(sid, t, pppdata, lppp);
1169 }
1170 else if (session[sid].ppp.lcp == Opened)
1171 {
1172 session[sid].last_packet = time_now;
1173 if (!config->cluster_iam_master) { master_forward_pppoe_packet(pack, size, hdr->code); return; }
1174 protoreject(sid, t, pppdata, lppp, proto);
1175 }
1176 else
1177 {
1178 LOG(3, sid, t, "process_pppoe_sess: Unknown PPP protocol 0x%04X received in LCP %s state\n",
1179 proto, ppp_state(session[sid].ppp.lcp));
1180 }
1181 }
1182
1183 void pppoe_send_garp()
1184 {
1185 int s;
1186 struct ifreq ifr;
1187 uint8_t mac[6];
1188
1189 if (!*config->pppoe_if_to_bind)
1190 return;
1191
1192 s = socket(PF_INET, SOCK_DGRAM, 0);
1193 if (s < 0)
1194 {
1195 LOG(0, 0, 0, "Error creating socket for GARP: %s\n", strerror(errno));
1196 return;
1197 }
1198 memset(&ifr, 0, sizeof(ifr));
1199 strncpy(ifr.ifr_name, config->pppoe_if_to_bind, sizeof(ifr.ifr_name) - 1);
1200 if (ioctl(s, SIOCGIFHWADDR, &ifr) < 0)
1201 {
1202 LOG(0, 0, 0, "Error getting eth0 hardware address for GARP: %s\n", strerror(errno));
1203 close(s);
1204 return;
1205 }
1206 memcpy(mac, &ifr.ifr_hwaddr.sa_data, 6*sizeof(char));
1207 if (ioctl(s, SIOCGIFINDEX, &ifr) < 0)
1208 {
1209 LOG(0, 0, 0, "Error getting eth0 interface index for GARP: %s\n", strerror(errno));
1210 close(s);
1211 return;
1212 }
1213 close(s);
1214
1215 sendarp(ifr.ifr_ifindex, mac, config->iftun_address);
1216 }
1217
1218 // rcv pppoe data from slave
1219 void pppoe_process_forward(uint8_t *pack, int size, in_addr_t addr)
1220 {
1221 struct ethhdr *ethhdr = (struct ethhdr *)pack;
1222
1223 if (ethhdr->h_proto == htons(ETH_P_PPP_DISC))
1224 process_pppoe_disc(pack, size);
1225 else if (ethhdr->h_proto == htons(ETH_P_PPP_SES))
1226 process_pppoe_sess(pack, size);
1227 else
1228 LOG(0, 0, 0, "pppoe_process_forward: I got a C_PPPOE_FORWARD from %s, but not a PPPOE data?\n", fmtaddr(addr, 0));
1229 }
for cloning use: "git clone git://git.sameswireless.fr/l2tpns.git" ; For add to your sources.list: "deb http://package.sameswifi.fr/ jessie main"