GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: usr.sbin/npppd/npppd/../l2tp/l2tp_subr.c Lines: 0 59 0.0 %
Date: 2017-11-13 Branches: 0 42 0.0 %

Line Branch Exec Source
1
/*	$OpenBSD: l2tp_subr.c,v 1.4 2012/05/08 13:15:11 yasuoka Exp $	*/
2
3
/*-
4
 * Copyright (c) 2009 Internet Initiative Japan Inc.
5
 * All rights reserved.
6
 *
7
 * Redistribution and use in source and binary forms, with or without
8
 * modification, are permitted provided that the following conditions
9
 * are met:
10
 * 1. Redistributions of source code must retain the above copyright
11
 *    notice, this list of conditions and the following disclaimer.
12
 * 2. Redistributions in binary form must reproduce the above copyright
13
 *    notice, this list of conditions and the following disclaimer in the
14
 *    documentation and/or other materials provided with the distribution.
15
 *
16
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26
 * SUCH DAMAGE.
27
 */
28
/* $Id: l2tp_subr.c,v 1.4 2012/05/08 13:15:11 yasuoka Exp $ */
29
/**@file L2TP related sub-routines */
30
#include <sys/types.h>
31
#include <sys/time.h>
32
#include <sys/socket.h>
33
#include <netinet/in.h>
34
#include <stdlib.h>
35
#include <stdio.h>
36
#include <syslog.h>
37
#include <string.h>
38
#include <event.h>
39
40
#ifdef USE_LIBSOCKUTIL
41
#include <seil/sockfromto.h>
42
#endif
43
44
#include "debugutil.h"
45
#include "hash.h"
46
#include "bytebuf.h"
47
#include "slist.h"
48
#include "l2tp.h"
49
#include "l2tp_subr.h"
50
#include "l2tp_local.h"
51
52
#ifdef	L2TP_SUBR_DEBUG
53
#define	L2TP_SUBR_ASSERT(x)	ASSERT(x)
54
#else
55
#define	L2TP_SUBR_ASSERT(x)
56
#endif
57
58
/*
59
 * AVP
60
 */
61
int
62
avp_enum(struct l2tp_avp *avp, const u_char *pkt, int pktlen, int filldata)
63
{
64
	uint16_t flags;
65
66
	L2TP_SUBR_ASSERT(pktlen >= 6);
67
68
	if (pktlen < 6)
69
		return -1;
70
71
	GETSHORT(flags, pkt);
72
73
	avp->is_mandatory = ((flags & 0x8000) != 0)? 1 : 0;
74
	avp->is_hidden = ((flags & 0x4000) != 0)? 1 : 0;
75
	avp->length = flags & 0x03ff;
76
77
	GETSHORT(avp->vendor_id, pkt);
78
79
	avp->attr_type = *pkt << 8;
80
	avp->attr_type |= *(pkt + 1);
81
	pkt += 2;
82
83
	if (avp->length > pktlen)
84
		return -1;
85
86
	if (filldata != 0)
87
		memcpy(avp->attr_value, pkt, avp->length - 6);
88
89
	return avp->length;
90
}
91
92
#define	NAME_VAL(x)	{ x, #x }
93
static struct _label_name {
94
	int		label;
95
	const char	*name;
96
}
97
l2tp_mes_type_names[] = {
98
	NAME_VAL(L2TP_AVP_MESSAGE_TYPE_SCCRQ),
99
	NAME_VAL(L2TP_AVP_MESSAGE_TYPE_SCCRP),
100
	NAME_VAL(L2TP_AVP_MESSAGE_TYPE_SCCCN),
101
	NAME_VAL(L2TP_AVP_MESSAGE_TYPE_StopCCN),
102
	NAME_VAL(L2TP_AVP_MESSAGE_TYPE_HELLO),
103
	NAME_VAL(L2TP_AVP_MESSAGE_TYPE_OCRQ),
104
	NAME_VAL(L2TP_AVP_MESSAGE_TYPE_OCRP),
105
	NAME_VAL(L2TP_AVP_MESSAGE_TYPE_OCCN),
106
	NAME_VAL(L2TP_AVP_MESSAGE_TYPE_ICRQ),
107
	NAME_VAL(L2TP_AVP_MESSAGE_TYPE_ICRP),
108
	NAME_VAL(L2TP_AVP_MESSAGE_TYPE_ICCN),
109
	NAME_VAL(L2TP_AVP_MESSAGE_TYPE_CDN),
110
},
111
l2tp_avp_attribute_names[] = {
112
	NAME_VAL(L2TP_AVP_TYPE_MESSAGE_TYPE),
113
	NAME_VAL(L2TP_AVP_TYPE_RESULT_CODE),
114
	NAME_VAL(L2TP_AVP_TYPE_PROTOCOL_VERSION),
115
	NAME_VAL(L2TP_AVP_TYPE_FRAMING_CAPABILITIES),
116
	NAME_VAL(L2TP_AVP_TYPE_BEARER_CAPABILITIES),
117
	NAME_VAL(L2TP_AVP_TYPE_TIE_BREAKER),
118
	NAME_VAL(L2TP_AVP_TYPE_FIRMWARE_REVISION),
119
	NAME_VAL(L2TP_AVP_TYPE_HOST_NAME),
120
	NAME_VAL(L2TP_AVP_TYPE_VENDOR_NAME),
121
	NAME_VAL(L2TP_AVP_TYPE_ASSINGED_TUNNEL_ID),
122
	NAME_VAL(L2TP_AVP_TYPE_RECV_WINDOW_SIZE),
123
	NAME_VAL(L2TP_AVP_TYPE_CHALLENGE),
124
	NAME_VAL(L2TP_AVP_TYPE_CAUSE_CODE),
125
	NAME_VAL(L2TP_AVP_TYPE_CHALLENGE_RESPONSE),
126
	NAME_VAL(L2TP_AVP_TYPE_ASSIGNED_SESSION_ID),
127
	NAME_VAL(L2TP_AVP_TYPE_CALL_SERIAL_NUMBER),
128
	NAME_VAL(L2TP_AVP_TYPE_MINIMUM_BPS),
129
	NAME_VAL(L2TP_AVP_TYPE_MAXIMUM_BPS),
130
	NAME_VAL(L2TP_AVP_TYPE_BEARER_TYPE),
131
	NAME_VAL(L2TP_AVP_TYPE_FRAMING_TYPE),
132
	NAME_VAL(L2TP_AVP_TYPE_CALLED_NUMBER),
133
	NAME_VAL(L2TP_AVP_TYPE_CALLING_NUMBER),
134
	NAME_VAL(L2TP_AVP_TYPE_SUB_ADDRESS),
135
	NAME_VAL(L2TP_AVP_TYPE_TX_CONNECT_SPEED),
136
	NAME_VAL(L2TP_AVP_TYPE_PHYSICAL_CHANNEL_ID),
137
	NAME_VAL(L2TP_AVP_TYPE_INITIAL_RECV_LCP_CONFREQ),
138
	NAME_VAL(L2TP_AVP_TYPE_LAST_SENT_LCP_CONFREQ),
139
	NAME_VAL(L2TP_AVP_TYPE_LAST_RECV_LCP_CONFREQ),
140
	NAME_VAL(L2TP_AVP_TYPE_PROXY_AUTHEN_TYPE),
141
	NAME_VAL(L2TP_AVP_TYPE_PROXY_AUTHEN_NAME),
142
	NAME_VAL(L2TP_AVP_TYPE_PROXY_AUTHEN_CHALLENGE),
143
	NAME_VAL(L2TP_AVP_TYPE_PROXY_AUTHEN_ID),
144
	NAME_VAL(L2TP_AVP_TYPE_PROXY_AUTHEN_RESPONSE),
145
	NAME_VAL(L2TP_AVP_TYPE_CALL_ERRORS),
146
	NAME_VAL(L2TP_AVP_TYPE_ACCM),
147
	NAME_VAL(L2TP_AVP_TYPE_RANDOM_VECTOR),
148
	NAME_VAL(L2TP_AVP_TYPE_PRIVATE_GROUP_ID),
149
	NAME_VAL(L2TP_AVP_TYPE_RX_CONNECT_SPEED),
150
	NAME_VAL(L2TP_AVP_TYPE_SEQUENCING_REQUIRED),
151
	NAME_VAL(L2TP_AVP_TYPE_TX_MINIMUM),
152
	NAME_VAL(L2TP_AVP_TYPE_CALLING_SUB_ADDRESS),
153
	NAME_VAL(L2TP_AVP_TYPE_PPP_DISCONNECT_CAUSE_CODE),
154
	NAME_VAL(L2TP_AVP_TYPE_CCDS),
155
	NAME_VAL(L2TP_AVP_TYPE_SDS),
156
	NAME_VAL(L2TP_AVP_TYPE_LCP_WANT_OPTIONS),
157
	NAME_VAL(L2TP_AVP_TYPE_LCP_ALLOW_OPTIONS),
158
	NAME_VAL(L2TP_AVP_TYPE_LNS_LAST_SENT_LCP_CONFREQ),
159
	NAME_VAL(L2TP_AVP_TYPE_LNS_LAST_RECV_LCP_CONFREQ),
160
	NAME_VAL(L2TP_AVP_TYPE_MODEM_ON_HOLD_CAPABLE),
161
	NAME_VAL(L2TP_AVP_TYPE_MODEM_ON_HOLD_STATUS),
162
	NAME_VAL(L2TP_AVP_TYPE_PPPOE_RELAY),
163
	NAME_VAL(L2TP_AVP_TYPE_PPPOE_RELAY_RESP_CAP),
164
	NAME_VAL(L2TP_AVP_TYPE_PPPOE_RELAY_FORW_CAP),
165
	NAME_VAL(L2TP_AVP_TYPE_EXTENDED_VENDOR_ID),
166
	NAME_VAL(L2TP_AVP_TYPE_PSEUDOWIRE_CAP_LIST),
167
	NAME_VAL(L2TP_AVP_TYPE_LOCAL_SESSION_ID),
168
	NAME_VAL(L2TP_AVP_TYPE_REMOTE_SESSION_ID),
169
	NAME_VAL(L2TP_AVP_TYPE_ASSIGNED_COOKIE),
170
	NAME_VAL(L2TP_AVP_TYPE_REMOTE_END_ID),
171
	NAME_VAL(L2TP_AVP_TYPE_APPLICATION_CODE),
172
	NAME_VAL(L2TP_AVP_TYPE_PSEUDOWIRE_TYPE),
173
	NAME_VAL(L2TP_AVP_TYPE_L2_SPECIFIC_SUBLAYER),
174
	NAME_VAL(L2TP_AVP_TYPE_DATA_SEQUENCING),
175
	NAME_VAL(L2TP_AVP_TYPE_CIRCUIT_STATUS),
176
	NAME_VAL(L2TP_AVP_TYPE_PREFERRED_LANGUAGE),
177
	NAME_VAL(L2TP_AVP_TYPE_CTRL_MSG_AUTH_NONCE),
178
	NAME_VAL(L2TP_AVP_TYPE_TX_CONNECT_SPEED),
179
	NAME_VAL(L2TP_AVP_TYPE_RX_CONNECT_SPEED),
180
	NAME_VAL(L2TP_AVP_TYPE_FAILOVER_CAPABILITY),
181
	NAME_VAL(L2TP_AVP_TYPE_TUNNEL_RECOVERY),
182
	NAME_VAL(L2TP_AVP_TYPE_SUGGESTED_CTRL_SEQUENCE),
183
	NAME_VAL(L2TP_AVP_TYPE_FAILOVER_SESSION_STATE),
184
	NAME_VAL(L2TP_AVP_TYPE_MULTICAST_CAPABILITY),
185
	NAME_VAL(L2TP_AVP_TYPE_NEW_OUTGOING_SESSIONS),
186
	NAME_VAL(L2TP_AVP_TYPE_NEW_OUTGOING_SESSIONS_ACK),
187
	NAME_VAL(L2TP_AVP_TYPE_WITHDRAW_OUTGOING_SESSIONS),
188
	NAME_VAL(L2TP_AVP_TYPE_MULTICAST_PACKETS_PRIORITY),
189
},
190
l2tp_stopccn_rcode_names[] = {
191
	NAME_VAL(L2TP_STOP_CCN_RCODE_GENERAL),
192
	NAME_VAL(L2TP_STOP_CCN_RCODE_GENERAL_ERROR),
193
	NAME_VAL(L2TP_STOP_CCN_RCODE_ALREADY_EXISTS),
194
	NAME_VAL(L2TP_STOP_CCN_RCODE_UNAUTHORIZED),
195
	NAME_VAL(L2TP_STOP_CCN_RCODE_BAD_PROTOCOL_VERSION),
196
	NAME_VAL(L2TP_STOP_CCN_RCODE_SHUTTING_DOWN),
197
	NAME_VAL(L2TP_STOP_CCN_RCODE_FSM_ERROR),
198
},
199
l2tp_cdn_rcode_names[] = {
200
	NAME_VAL(L2TP_CDN_RCODE_LOST_CARRIER),
201
	NAME_VAL(L2TP_CDN_RCODE_ERROR_CODE),
202
	NAME_VAL(L2TP_CDN_RCODE_ADMINISTRATIVE_REASON),
203
	NAME_VAL(L2TP_CDN_RCODE_TEMP_NOT_AVALIABLE),
204
	NAME_VAL(L2TP_CDN_RCODE_PERM_NOT_AVALIABLE),
205
	NAME_VAL(L2TP_CDN_RCODE_INVALID_DESTINATION),
206
	NAME_VAL(L2TP_CDN_RCODE_NO_CARRIER),
207
	NAME_VAL(L2TP_CDN_RCODE_BUSY),
208
	NAME_VAL(L2TP_CDN_RCODE_NO_DIALTONE),
209
	NAME_VAL(L2TP_CDN_RCODE_CALL_TIMEOUT_BY_LAC),
210
	NAME_VAL(L2TP_CDN_RCODE_NO_FRAMING_DETECTED),
211
},
212
l2tp_ecode_names[] = {
213
	NAME_VAL(L2TP_ECODE_NO_CONTROL_CONNECTION),
214
	NAME_VAL(L2TP_ECODE_WRONG_LENGTH),
215
	NAME_VAL(L2TP_ECODE_INVALID_MESSAGE),
216
	NAME_VAL(L2TP_ECODE_NO_RESOURCE),
217
	NAME_VAL(L2TP_ECODE_INVALID_SESSION_ID),
218
	NAME_VAL(L2TP_ECODE_GENERIC_ERROR),
219
	NAME_VAL(L2TP_ECODE_TRY_ANOTHER),
220
	NAME_VAL(L2TP_ECODE_UNKNOWN_MANDATORY_AVP),
221
};
222
#undef	NAME_VAL
223
224
const char *
225
avp_attr_type_string(int attr_type)
226
{
227
	int i;
228
229
	for (i = 0; i < countof(l2tp_avp_attribute_names); i++) {
230
		if (attr_type == l2tp_avp_attribute_names[i].label)
231
			return l2tp_avp_attribute_names[i].name + 14;
232
	}
233
	return "UNKNOWN_AVP";
234
}
235
236
const char *
237
l2tp_stopccn_rcode_string(int rcode)
238
{
239
	int i;
240
241
	for (i = 0; i < countof(l2tp_stopccn_rcode_names); i++) {
242
		if (rcode == l2tp_stopccn_rcode_names[i].label)
243
			return l2tp_stopccn_rcode_names[i].name + 20;
244
	}
245
	return "UNKNOWN";
246
}
247
248
const char *
249
l2tp_cdn_rcode_string(int rcode)
250
{
251
	int i;
252
253
	for (i = 0; i < countof(l2tp_cdn_rcode_names); i++) {
254
		if (rcode == l2tp_cdn_rcode_names[i].label)
255
			return l2tp_cdn_rcode_names[i].name + 15;
256
	}
257
	return "UNKNOWN";
258
}
259
260
const char *
261
l2tp_ecode_string(int ecode)
262
{
263
	int i;
264
265
	if (ecode == 0)
266
		return "none";
267
	for (i = 0; i < countof(l2tp_ecode_names); i++) {
268
		if (ecode == l2tp_ecode_names[i].label)
269
			return l2tp_ecode_names[i].name + 11;
270
	}
271
	return "UNKNOWN";
272
}
273
274
/**
275
 * Search the AVP that matches given vendor_id and attr_type and return it
276
 * In case the "fill_data" is specified (non 0 value is specified as the
277
 * "fill_data"), the memory space of the "avp" must be larger than or equal
278
 * to L2TP_AVP_MAXSIZ (1024).
279
 */
280
struct l2tp_avp *
281
avp_find(struct l2tp_avp *avp, const u_char *pkt, int pktlen,
282
    uint16_t vendor_id, uint16_t attr_type, int fill_data)
283
{
284
	int avpsz;
285
286
	while (pktlen >= 6 &&
287
	    (avpsz = avp_enum(avp, pkt, pktlen, fill_data)) > 0) {
288
		if (avp->vendor_id != vendor_id || avp->attr_type != attr_type) {
289
			if (avpsz < 6)
290
				return NULL;
291
			pkt += avpsz;
292
			pktlen -= avpsz;
293
			continue;
294
		}
295
		return avp;
296
	}
297
298
	return NULL;
299
}
300
301
/**
302
 * Search the Message-Type AVP and return it.  The memory space of the "avp"
303
 * must be larger than or equal to L2TP_AVP_MAXSIZ (1024).
304
 */
305
struct l2tp_avp *
306
avp_find_message_type_avp(struct l2tp_avp *avp, const u_char *pkt, int pktlen)
307
{
308
	return avp_find(avp, pkt, pktlen, 0, L2TP_AVP_TYPE_MESSAGE_TYPE, 1);
309
}
310
311
/**
312
 * add an AVP to bytebuffer
313
 */
314
int
315
bytebuf_add_avp(bytebuffer *bytebuf, struct l2tp_avp *avp, int value_len)
316
{
317
	struct l2tp_avp avp1;
318
319
	memcpy(&avp1, avp, sizeof(struct l2tp_avp));
320
321
	avp1.length = value_len + 6;
322
	avp1.vendor_id = htons(avp->vendor_id);
323
	avp1.attr_type = htons(avp->attr_type);
324
	*(uint16_t *)&avp1 = htons(*(uint16_t *)&avp1);
325
326
	if (bytebuffer_put(bytebuf, &avp1, 6) == NULL)
327
		return -1;
328
	if (bytebuffer_put(bytebuf, avp->attr_value, value_len) == NULL)
329
		return -1;
330
331
	return 0;
332
}
333
334
const char *
335
avp_mes_type_string(int mes_type)
336
{
337
	int i;
338
339
	for (i = 0; i < countof(l2tp_mes_type_names); i++) {
340
		if (mes_type == l2tp_mes_type_names[i].label)
341
			return l2tp_mes_type_names[i].name + 22;
342
	}
343
	return "Unknown";
344
}