ng_lmi.c revision 70159
1 2/* 3 * ng_lmi.c 4 * 5 * Copyright (c) 1996-1999 Whistle Communications, Inc. 6 * All rights reserved. 7 * 8 * Subject to the following obligations and disclaimer of warranty, use and 9 * redistribution of this software, in source or object code forms, with or 10 * without modifications are expressly permitted by Whistle Communications; 11 * provided, however, that: 12 * 1. Any and all reproductions of the source or object code must include the 13 * copyright notice above and the following disclaimer of warranties; and 14 * 2. No rights are granted, in any manner or form, to use Whistle 15 * Communications, Inc. trademarks, including the mark "WHISTLE 16 * COMMUNICATIONS" on advertising, endorsements, or otherwise except as 17 * such appears in the above copyright notice or in the software. 18 * 19 * THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND 20 * TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO 21 * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE, 22 * INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF 23 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. 24 * WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANTEE, OR MAKE ANY 25 * REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS 26 * SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE. 27 * IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES 28 * RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING 29 * WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 30 * PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR 31 * SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY 32 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 33 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34 * THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY 35 * OF SUCH DAMAGE. 36 * 37 * Author: Julian Elischer <julian@freebsd.org> 38 * 39 * $FreeBSD: head/sys/netgraph/ng_lmi.c 70159 2000-12-18 20:03:32Z julian $ 40 * $Whistle: ng_lmi.c,v 1.38 1999/11/01 09:24:52 julian Exp $ 41 */ 42 43/* 44 * This node performs the frame relay LMI protocol. It knows how 45 * to do ITU Annex A, ANSI Annex D, and "Group-of-Four" variants 46 * of the protocol. 47 * 48 * A specific protocol can be forced by connecting the corresponding 49 * hook to DLCI 0 or 1023 (as appropriate) of a frame relay link. 50 * 51 * Alternately, this node can do auto-detection of the LMI protocol 52 * by connecting hook "auto0" to DLCI 0 and "auto1023" to DLCI 1023. 53 */ 54 55#include <sys/param.h> 56#include <sys/systm.h> 57#include <sys/errno.h> 58#include <sys/kernel.h> 59#include <sys/malloc.h> 60#include <sys/mbuf.h> 61#include <sys/syslog.h> 62#include <netgraph/ng_message.h> 63#include <netgraph/netgraph.h> 64#include <netgraph/ng_lmi.h> 65 66/* 67 * Human readable names for LMI 68 */ 69#define NAME_ANNEXA NG_LMI_HOOK_ANNEXA 70#define NAME_ANNEXD NG_LMI_HOOK_ANNEXD 71#define NAME_GROUP4 NG_LMI_HOOK_GROUPOF4 72#define NAME_NONE "None" 73 74#define MAX_DLCIS 128 75#define MAXDLCI 1023 76 77/* 78 * DLCI states 79 */ 80#define DLCI_NULL 0 81#define DLCI_UP 1 82#define DLCI_DOWN 2 83 84/* 85 * Any received LMI frame should be at least this long 86 */ 87#define LMI_MIN_LENGTH 8 /* XXX verify */ 88 89/* 90 * Netgraph node methods and type descriptor 91 */ 92static ng_constructor_t nglmi_constructor; 93static ng_rcvmsg_t nglmi_rcvmsg; 94static ng_shutdown_t nglmi_rmnode; 95static ng_newhook_t nglmi_newhook; 96static ng_rcvdata_t nglmi_rcvdata; 97static ng_disconnect_t nglmi_disconnect; 98static int nglmi_checkdata(hook_p hook, struct mbuf *m, meta_p meta); 99 100static struct ng_type typestruct = { 101 NG_ABI_VERSION, 102 NG_LMI_NODE_TYPE, 103 NULL, 104 nglmi_constructor, 105 nglmi_rcvmsg, 106 nglmi_rmnode, 107 nglmi_newhook, 108 NULL, 109 NULL, 110 nglmi_rcvdata, 111 nglmi_disconnect, 112 NULL 113}; 114NETGRAPH_INIT(lmi, &typestruct); 115 116/* 117 * Info and status per node 118 */ 119struct nglmi_softc { 120 node_p node; /* netgraph node */ 121 int flags; /* state */ 122 int poll_count; /* the count of times for autolmi */ 123 int poll_state; /* state of auto detect machine */ 124 u_char remote_seq; /* sequence number the remote sent */ 125 u_char local_seq; /* last sequence number we sent */ 126 u_char protoID; /* 9 for group of 4, 8 otherwise */ 127 u_long seq_retries; /* sent this how many time so far */ 128 struct callout_handle handle; /* see timeout(9) */ 129 int liv_per_full; 130 int liv_rate; 131 int livs; 132 int need_full; 133 hook_p lmi_channel; /* whatever we ended up using */ 134 hook_p lmi_annexA; 135 hook_p lmi_annexD; 136 hook_p lmi_group4; 137 hook_p lmi_channel0; /* auto-detect on DLCI 0 */ 138 hook_p lmi_channel1023;/* auto-detect on DLCI 1023 */ 139 char *protoname; /* cache protocol name */ 140 u_char dlci_state[MAXDLCI + 1]; 141 int invalidx; /* next dlci's to invalidate */ 142}; 143typedef struct nglmi_softc *sc_p; 144 145/* 146 * Other internal functions 147 */ 148static void LMI_ticker(void *arg); 149static void nglmi_startup_fixed(sc_p sc, hook_p hook); 150static void nglmi_startup_auto(sc_p sc); 151static void nglmi_startup(sc_p sc); 152static void nglmi_inquire(sc_p sc, int full); 153static void ngauto_state_machine(sc_p sc); 154 155/* 156 * Values for 'flags' field 157 * NB: the SCF_CONNECTED flag is set if and only if the timer is running. 158 */ 159#define SCF_CONNECTED 0x01 /* connected to something */ 160#define SCF_AUTO 0x02 /* we are auto-detecting */ 161#define SCF_FIXED 0x04 /* we are fixed from the start */ 162 163#define SCF_LMITYPE 0x18 /* mask for determining Annex mode */ 164#define SCF_NOLMI 0x00 /* no LMI type selected yet */ 165#define SCF_ANNEX_A 0x08 /* running annex A mode */ 166#define SCF_ANNEX_D 0x10 /* running annex D mode */ 167#define SCF_GROUP4 0x18 /* running group of 4 */ 168 169#define SETLMITYPE(sc, annex) \ 170do { \ 171 (sc)->flags &= ~SCF_LMITYPE; \ 172 (sc)->flags |= (annex); \ 173} while (0) 174 175#define NOPROTO(sc) (((sc)->flags & SCF_LMITYPE) == SCF_NOLMI) 176#define ANNEXA(sc) (((sc)->flags & SCF_LMITYPE) == SCF_ANNEX_A) 177#define ANNEXD(sc) (((sc)->flags & SCF_LMITYPE) == SCF_ANNEX_D) 178#define GROUP4(sc) (((sc)->flags & SCF_LMITYPE) == SCF_GROUP4) 179 180#define LMIPOLLSIZE 3 181#define LMI_PATIENCE 8 /* declare all DLCI DOWN after N LMI failures */ 182 183/* 184 * Node constructor 185 */ 186static int 187nglmi_constructor(node_p *nodep) 188{ 189 sc_p sc; 190 int error = 0; 191 192 MALLOC(sc, sc_p, sizeof(*sc), M_NETGRAPH, M_NOWAIT | M_ZERO); 193 if (sc == NULL) 194 return (ENOMEM); 195 196 callout_handle_init(&sc->handle); 197 if ((error = ng_make_node_common(&typestruct, nodep))) { 198 FREE(sc, M_NETGRAPH); 199 return (error); 200 } 201 (*nodep)->private = sc; 202 sc->protoname = NAME_NONE; 203 sc->node = *nodep; 204 sc->liv_per_full = NG_LMI_SEQ_PER_FULL; /* make this dynamic */ 205 sc->liv_rate = NG_LMI_KEEPALIVE_RATE; 206 return (0); 207} 208 209/* 210 * The LMI channel has a private pointer which is the same as the 211 * node private pointer. The debug channel has a NULL private pointer. 212 */ 213static int 214nglmi_newhook(node_p node, hook_p hook, const char *name) 215{ 216 sc_p sc = node->private; 217 218 if (strcmp(name, NG_LMI_HOOK_DEBUG) == 0) { 219 hook->private = NULL; 220 return (0); 221 } 222 if (sc->flags & SCF_CONNECTED) { 223 /* already connected, return an error */ 224 return (EINVAL); 225 } 226 if (strcmp(name, NG_LMI_HOOK_ANNEXA) == 0) { 227 sc->lmi_annexA = hook; 228 hook->private = node->private; 229 sc->protoID = 8; 230 SETLMITYPE(sc, SCF_ANNEX_A); 231 sc->protoname = NAME_ANNEXA; 232 nglmi_startup_fixed(sc, hook); 233 } else if (strcmp(name, NG_LMI_HOOK_ANNEXD) == 0) { 234 sc->lmi_annexD = hook; 235 hook->private = node->private; 236 sc->protoID = 8; 237 SETLMITYPE(sc, SCF_ANNEX_D); 238 sc->protoname = NAME_ANNEXD; 239 nglmi_startup_fixed(sc, hook); 240 } else if (strcmp(name, NG_LMI_HOOK_GROUPOF4) == 0) { 241 sc->lmi_group4 = hook; 242 hook->private = node->private; 243 sc->protoID = 9; 244 SETLMITYPE(sc, SCF_GROUP4); 245 sc->protoname = NAME_GROUP4; 246 nglmi_startup_fixed(sc, hook); 247 } else if (strcmp(name, NG_LMI_HOOK_AUTO0) == 0) { 248 /* Note this, and if B is already installed, we're complete */ 249 sc->lmi_channel0 = hook; 250 sc->protoname = NAME_NONE; 251 hook->private = node->private; 252 if (sc->lmi_channel1023) 253 nglmi_startup_auto(sc); 254 } else if (strcmp(name, NG_LMI_HOOK_AUTO1023) == 0) { 255 /* Note this, and if A is already installed, we're complete */ 256 sc->lmi_channel1023 = hook; 257 sc->protoname = NAME_NONE; 258 hook->private = node->private; 259 if (sc->lmi_channel0) 260 nglmi_startup_auto(sc); 261 } else 262 return (EINVAL); /* unknown hook */ 263 return (0); 264} 265 266/* 267 * We have just attached to a live (we hope) node. 268 * Fire out a LMI inquiry, and then start up the timers. 269 */ 270static void 271LMI_ticker(void *arg) 272{ 273 sc_p sc = arg; 274 int s = splnet(); 275 276 if (sc->flags & SCF_AUTO) { 277 ngauto_state_machine(sc); 278 sc->handle = timeout(LMI_ticker, sc, NG_LMI_POLL_RATE * hz); 279 } else { 280 if (sc->livs++ >= sc->liv_per_full) { 281 nglmi_inquire(sc, 1); 282 /* sc->livs = 0; *//* do this when we get the answer! */ 283 } else { 284 nglmi_inquire(sc, 0); 285 } 286 sc->handle = timeout(LMI_ticker, sc, sc->liv_rate * hz); 287 } 288 splx(s); 289} 290 291static void 292nglmi_startup_fixed(sc_p sc, hook_p hook) 293{ 294 sc->flags |= (SCF_FIXED | SCF_CONNECTED); 295 sc->lmi_channel = hook; 296 nglmi_startup(sc); 297} 298 299static void 300nglmi_startup_auto(sc_p sc) 301{ 302 sc->flags |= (SCF_AUTO | SCF_CONNECTED); 303 sc->poll_state = 0; /* reset state machine */ 304 sc->poll_count = 0; 305 nglmi_startup(sc); 306} 307 308static void 309nglmi_startup(sc_p sc) 310{ 311 sc->remote_seq = 0; 312 sc->local_seq = 1; 313 sc->seq_retries = 0; 314 sc->livs = sc->liv_per_full - 1; 315 /* start off the ticker in 1 sec */ 316 sc->handle = timeout(LMI_ticker, sc, hz); 317} 318 319#define META_PAD 16 320static void 321nglmi_inquire(sc_p sc, int full) 322{ 323 struct mbuf *m; 324 char *cptr, *start; 325 int error; 326 meta_p meta = NULL; 327 328 if (sc->lmi_channel == NULL) 329 return; 330 MGETHDR(m, M_DONTWAIT, MT_DATA); 331 if (m == NULL) { 332 log(LOG_ERR, "nglmi: unable to start up LMI processing\n"); 333 return; 334 } 335 m->m_pkthdr.rcvif = NULL; 336 /* Allocate a meta struct (and leave some slop for options to be 337 * added by other modules). */ 338 /* MALLOC(meta, meta_p, sizeof( struct ng_meta) + META_PAD, 339 * M_NETGRAPH, M_NOWAIT); */ 340 MALLOC(meta, meta_p, sizeof(*meta) + META_PAD, M_NETGRAPH, M_NOWAIT); 341 if (meta != NULL) { /* if it failed, well, it was optional anyhow */ 342 meta->used_len = (u_short) sizeof(struct ng_meta); 343 meta->allocated_len 344 = (u_short) sizeof(struct ng_meta) + META_PAD; 345 meta->flags = 0; 346 meta->priority = NG_LMI_LMI_PRIORITY; 347 meta->discardability = -1; 348 } 349 m->m_data += 4; /* leave some room for a header */ 350 cptr = start = mtod(m, char *); 351 /* add in the header for an LMI inquiry. */ 352 *cptr++ = 0x03; /* UI frame */ 353 if (GROUP4(sc)) 354 *cptr++ = 0x09; /* proto discriminator */ 355 else 356 *cptr++ = 0x08; /* proto discriminator */ 357 *cptr++ = 0x00; /* call reference */ 358 *cptr++ = 0x75; /* inquiry */ 359 360 /* If we are Annex-D, there is this extra thing.. */ 361 if (ANNEXD(sc)) 362 *cptr++ = 0x95; /* ??? */ 363 /* Add a request type */ 364 if (ANNEXA(sc)) 365 *cptr++ = 0x51; /* report type */ 366 else 367 *cptr++ = 0x01; /* report type */ 368 *cptr++ = 0x01; /* size = 1 */ 369 if (full) 370 *cptr++ = 0x00; /* full */ 371 else 372 *cptr++ = 0x01; /* partial */ 373 374 /* Add a link verification IE */ 375 if (ANNEXA(sc)) 376 *cptr++ = 0x53; /* verification IE */ 377 else 378 *cptr++ = 0x03; /* verification IE */ 379 *cptr++ = 0x02; /* 2 extra bytes */ 380 *cptr++ = sc->local_seq; 381 *cptr++ = sc->remote_seq; 382 sc->seq_retries++; 383 384 /* Send it */ 385 m->m_len = m->m_pkthdr.len = cptr - start; 386 NG_SEND_DATA(error, sc->lmi_channel, m, meta); 387 388 /* If we've been sending requests for long enough, and there has 389 * been no response, then mark as DOWN, any DLCIs that are UP. */ 390 if (sc->seq_retries == LMI_PATIENCE) { 391 int count; 392 393 for (count = 0; count < MAXDLCI; count++) 394 if (sc->dlci_state[count] == DLCI_UP) 395 sc->dlci_state[count] = DLCI_DOWN; 396 } 397} 398 399/* 400 * State machine for LMI auto-detect. The transitions are ordered 401 * to try the more likely possibilities first. 402 */ 403static void 404ngauto_state_machine(sc_p sc) 405{ 406 if ((sc->poll_count <= 0) || (sc->poll_count > LMIPOLLSIZE)) { 407 /* time to change states in the auto probe machine */ 408 /* capture wild values of poll_count while we are at it */ 409 sc->poll_count = LMIPOLLSIZE; 410 sc->poll_state++; 411 } 412 switch (sc->poll_state) { 413 case 7: 414 log(LOG_WARNING, "nglmi: no response from exchange\n"); 415 default: /* capture bad states */ 416 sc->poll_state = 1; 417 case 1: 418 sc->lmi_channel = sc->lmi_channel0; 419 SETLMITYPE(sc, SCF_ANNEX_D); 420 break; 421 case 2: 422 sc->lmi_channel = sc->lmi_channel1023; 423 SETLMITYPE(sc, SCF_ANNEX_D); 424 break; 425 case 3: 426 sc->lmi_channel = sc->lmi_channel0; 427 SETLMITYPE(sc, SCF_ANNEX_A); 428 break; 429 case 4: 430 sc->lmi_channel = sc->lmi_channel1023; 431 SETLMITYPE(sc, SCF_GROUP4); 432 break; 433 case 5: 434 sc->lmi_channel = sc->lmi_channel1023; 435 SETLMITYPE(sc, SCF_ANNEX_A); 436 break; 437 case 6: 438 sc->lmi_channel = sc->lmi_channel0; 439 SETLMITYPE(sc, SCF_GROUP4); 440 break; 441 } 442 443 /* send an inquirey encoded appropriatly */ 444 nglmi_inquire(sc, 0); 445 sc->poll_count--; 446} 447 448/* 449 * Receive a netgraph control message. 450 */ 451static int 452nglmi_rcvmsg(node_p node, struct ng_mesg *msg, const char *retaddr, 453 struct ng_mesg **rptr, hook_p lasthook) 454{ 455 sc_p sc = node->private; 456 struct ng_mesg *resp = NULL; 457 int error = 0; 458 459 switch (msg->header.typecookie) { 460 case NGM_GENERIC_COOKIE: 461 switch (msg->header.cmd) { 462 case NGM_TEXT_STATUS: 463 { 464 char *arg; 465 int pos, count; 466 467 NG_MKRESPONSE(resp, msg, NG_TEXTRESPONSE, M_NOWAIT); 468 if (resp == NULL) { 469 error = ENOMEM; 470 break; 471 } 472 arg = resp->data; 473 pos = sprintf(arg, "protocol %s ", sc->protoname); 474 if (sc->flags & SCF_FIXED) 475 pos += sprintf(arg + pos, "fixed\n"); 476 else if (sc->flags & SCF_AUTO) 477 pos += sprintf(arg + pos, "auto-detecting\n"); 478 else 479 pos += sprintf(arg + pos, "auto on dlci %d\n", 480 (sc->lmi_channel == sc->lmi_channel0) ? 481 0 : 1023); 482 pos += sprintf(arg + pos, 483 "keepalive period: %d seconds\n", sc->liv_rate); 484 pos += sprintf(arg + pos, 485 "unacknowledged keepalives: %ld\n", 486 sc->seq_retries); 487 for (count = 0; 488 ((count <= MAXDLCI) 489 && (pos < (NG_TEXTRESPONSE - 20))); 490 count++) { 491 if (sc->dlci_state[count]) { 492 pos += sprintf(arg + pos, 493 "dlci %d %s\n", count, 494 (sc->dlci_state[count] 495 == DLCI_UP) ? "up" : "down"); 496 } 497 } 498 resp->header.arglen = pos + 1; 499 break; 500 } 501 default: 502 error = EINVAL; 503 break; 504 } 505 break; 506 case NGM_LMI_COOKIE: 507 switch (msg->header.cmd) { 508 case NGM_LMI_GET_STATUS: 509 { 510 struct nglmistat *stat; 511 int k; 512 513 NG_MKRESPONSE(resp, msg, sizeof(*stat), M_NOWAIT); 514 if (!resp) { 515 error = ENOMEM; 516 break; 517 } 518 stat = (struct nglmistat *) resp->data; 519 strncpy(stat->proto, 520 sc->protoname, sizeof(stat->proto) - 1); 521 strncpy(stat->hook, 522 sc->protoname, sizeof(stat->hook) - 1); 523 stat->autod = !!(sc->flags & SCF_AUTO); 524 stat->fixed = !!(sc->flags & SCF_FIXED); 525 for (k = 0; k <= MAXDLCI; k++) { 526 switch (sc->dlci_state[k]) { 527 case DLCI_UP: 528 stat->up[k / 8] |= (1 << (k % 8)); 529 /* fall through */ 530 case DLCI_DOWN: 531 stat->seen[k / 8] |= (1 << (k % 8)); 532 break; 533 } 534 } 535 break; 536 } 537 default: 538 error = EINVAL; 539 break; 540 } 541 break; 542 default: 543 error = EINVAL; 544 break; 545 } 546 547 if (rptr) 548 *rptr = resp; 549 else if (resp != NULL) 550 FREE(resp, M_NETGRAPH); 551 552 FREE(msg, M_NETGRAPH); 553 return (error); 554} 555 556#define STEPBY(stepsize) \ 557 do { \ 558 packetlen -= (stepsize); \ 559 data += (stepsize); \ 560 } while (0) 561 562/* 563 * receive data, and use it to update our status. 564 * Anything coming in on the debug port is discarded. 565 */ 566static int 567nglmi_rcvdata(hook_p hook, struct mbuf *m, meta_p meta, 568 struct mbuf **ret_m, meta_p *ret_meta, struct ng_mesg **resp) 569{ 570 sc_p sc = hook->node->private; 571 u_char *data; 572 unsigned short dlci; 573 u_short packetlen; 574 int resptype_seen = 0; 575 int seq_seen = 0; 576 577 if (hook->private == NULL) { 578 goto drop; 579 } 580 packetlen = m->m_hdr.mh_len; 581 582 /* XXX what if it's more than 1 mbuf? */ 583 if ((packetlen > MHLEN) && !(m->m_flags & M_EXT)) { 584 log(LOG_WARNING, "nglmi: packetlen (%d) too big\n", packetlen); 585 goto drop; 586 } 587 if (m->m_len < packetlen && (m = m_pullup(m, packetlen)) == NULL) { 588 log(LOG_WARNING, 589 "nglmi: m_pullup failed for %d bytes\n", packetlen); 590 NG_FREE_META(meta); 591 return (0); 592 } 593 if (nglmi_checkdata(hook, m, meta) == 0) 594 return (0); 595 596 /* pass the first 4 bytes (already checked in the nglmi_checkdata()) */ 597 data = mtod(m, u_char *); 598 STEPBY(4); 599 600 /* Now check if there is a 'locking shift'. This is only seen in 601 * Annex D frames. don't bother checking, we already did that. Don't 602 * increment immediatly as it might not be there. */ 603 if (ANNEXD(sc)) 604 STEPBY(1); 605 606 /* If we get this far we should consider that it is a legitimate 607 * frame and we know what it is. */ 608 if (sc->flags & SCF_AUTO) { 609 /* note the hook that this valid channel came from and drop 610 * out of auto probe mode. */ 611 if (ANNEXA(sc)) 612 sc->protoname = NAME_ANNEXA; 613 else if (ANNEXD(sc)) 614 sc->protoname = NAME_ANNEXD; 615 else if (GROUP4(sc)) 616 sc->protoname = NAME_GROUP4; 617 else { 618 log(LOG_ERR, "nglmi: No known type\n"); 619 goto drop; 620 } 621 sc->lmi_channel = hook; 622 sc->flags &= ~SCF_AUTO; 623 log(LOG_INFO, "nglmi: auto-detected %s LMI on DLCI %d\n", 624 sc->protoname, hook == sc->lmi_channel0 ? 0 : 1023); 625 } 626 627 /* While there is more data in the status packet, keep processing 628 * status items. First make sure there is enough data for the 629 * segment descriptor's length field. */ 630 while (packetlen >= 2) { 631 u_int segtype = data[0]; 632 u_int segsize = data[1]; 633 634 /* Now that we know how long it claims to be, make sure 635 * there is enough data for the next seg. */ 636 if (packetlen < segsize + 2) 637 break; 638 switch (segtype) { 639 case 0x01: 640 case 0x51: 641 if (resptype_seen) { 642 log(LOG_WARNING, "nglmi: dup MSGTYPE\n"); 643 goto nextIE; 644 } 645 resptype_seen++; 646 /* The remote end tells us what kind of response 647 * this is. Only expect a type 0 or 1. if we are a 648 * full status, invalidate a few DLCIs just to see 649 * that they are still ok. */ 650 if (segsize != 1) 651 goto nextIE; 652 switch (data[2]) { 653 case 1: 654 /* partial status, do no extra processing */ 655 break; 656 case 0: 657 { 658 int count = 0; 659 int idx = sc->invalidx; 660 661 for (count = 0; count < 10; count++) { 662 if (idx > MAXDLCI) 663 idx = 0; 664 if (sc->dlci_state[idx] == DLCI_UP) 665 sc->dlci_state[idx] = DLCI_DOWN; 666 idx++; 667 } 668 sc->invalidx = idx; 669 /* we got and we wanted one. relax 670 * now.. but don't reset to 0 if it 671 * was unrequested. */ 672 if (sc->livs > sc->liv_per_full) 673 sc->livs = 0; 674 break; 675 } 676 } 677 break; 678 case 0x03: 679 case 0x53: 680 /* The remote tells us what it thinks the sequence 681 * numbers are. If it's not size 2, it must be a 682 * duplicate to have gotten this far, skip it. */ 683 if (seq_seen != 0) /* already seen seq numbers */ 684 goto nextIE; 685 if (segsize != 2) 686 goto nextIE; 687 sc->remote_seq = data[2]; 688 if (sc->local_seq == data[3]) { 689 sc->local_seq++; 690 sc->seq_retries = 0; 691 /* Note that all 3 Frame protocols seem to 692 * not like 0 as a sequence number. */ 693 if (sc->local_seq == 0) 694 sc->local_seq = 1; 695 } 696 break; 697 case 0x07: 698 case 0x57: 699 /* The remote tells us about a DLCI that it knows 700 * about. There may be many of these in a single 701 * status response */ 702 switch (segsize) { 703 case 6:/* only on 'group of 4' */ 704 dlci = ((u_short) data[2] & 0xff) << 8; 705 dlci |= (data[3] & 0xff); 706 if ((dlci < 1024) && (dlci > 0)) { 707 /* XXX */ 708 } 709 break; 710 case 3: 711 dlci = ((u_short) data[2] & 0x3f) << 4; 712 dlci |= ((data[3] & 0x78) >> 3); 713 if ((dlci < 1024) && (dlci > 0)) { 714 /* set up the bottom half of the 715 * support for that dlci if it's not 716 * already been done */ 717 /* store this information somewhere */ 718 } 719 break; 720 default: 721 goto nextIE; 722 } 723 if (sc->dlci_state[dlci] != DLCI_UP) { 724 /* bring new DLCI to life */ 725 /* may do more here some day */ 726 if (sc->dlci_state[dlci] != DLCI_DOWN) 727 log(LOG_INFO, 728 "nglmi: DLCI %d became active\n", 729 dlci); 730 sc->dlci_state[dlci] = DLCI_UP; 731 } 732 break; 733 } 734nextIE: 735 STEPBY(segsize + 2); 736 } 737 NG_FREE_DATA(m, meta); 738 return (0); 739 740drop: 741 NG_FREE_DATA(m, meta); 742 return (EINVAL); 743} 744 745/* 746 * Check that a packet is entirely kosha. 747 * return 1 of ok, and 0 if not. 748 * All data is discarded if a 0 is returned. 749 */ 750static int 751nglmi_checkdata(hook_p hook, struct mbuf *m, meta_p meta) 752{ 753 sc_p sc = hook->node->private; 754 u_char *data; 755 u_short packetlen; 756 unsigned short dlci; 757 u_char type; 758 u_char nextbyte; 759 int seq_seen = 0; 760 int resptype_seen = 0; /* 0 , 1 (partial) or 2 (full) */ 761 int highest_dlci = 0; 762 763 packetlen = m->m_hdr.mh_len; 764 data = mtod(m, u_char *); 765 if (*data != 0x03) { 766 log(LOG_WARNING, "nglmi: unexpected value in LMI(%d)\n", 1); 767 goto reject; 768 } 769 STEPBY(1); 770 771 /* look at the protocol ID */ 772 nextbyte = *data; 773 if (sc->flags & SCF_AUTO) { 774 SETLMITYPE(sc, SCF_NOLMI); /* start with a clean slate */ 775 switch (nextbyte) { 776 case 0x8: 777 sc->protoID = 8; 778 break; 779 case 0x9: 780 SETLMITYPE(sc, SCF_GROUP4); 781 sc->protoID = 9; 782 break; 783 default: 784 log(LOG_WARNING, "nglmi: bad Protocol ID(%d)\n", 785 (int) nextbyte); 786 goto reject; 787 } 788 } else { 789 if (nextbyte != sc->protoID) { 790 log(LOG_WARNING, "nglmi: unexpected Protocol ID(%d)\n", 791 (int) nextbyte); 792 goto reject; 793 } 794 } 795 STEPBY(1); 796 797 /* check call reference (always null in non ISDN frame relay) */ 798 if (*data != 0x00) { 799 log(LOG_WARNING, "nglmi: unexpected Call Reference (0x%x)\n", 800 data[-1]); 801 goto reject; 802 } 803 STEPBY(1); 804 805 /* check message type */ 806 switch ((type = *data)) { 807 case 0x75: /* Status enquiry */ 808 log(LOG_WARNING, "nglmi: unexpected message type(0x%x)\n", 809 data[-1]); 810 goto reject; 811 case 0x7D: /* Status message */ 812 break; 813 default: 814 log(LOG_WARNING, 815 "nglmi: unexpected msg type(0x%x) \n", (int) type); 816 goto reject; 817 } 818 STEPBY(1); 819 820 /* Now check if there is a 'locking shift'. This is only seen in 821 * Annex D frames. Don't increment immediately as it might not be 822 * there. */ 823 nextbyte = *data; 824 if (sc->flags & SCF_AUTO) { 825 if (!(GROUP4(sc))) { 826 if (nextbyte == 0x95) { 827 SETLMITYPE(sc, SCF_ANNEX_D); 828 STEPBY(1); 829 } else 830 SETLMITYPE(sc, SCF_ANNEX_A); 831 } else if (nextbyte == 0x95) { 832 log(LOG_WARNING, "nglmi: locking shift seen in G4\n"); 833 goto reject; 834 } 835 } else { 836 if (ANNEXD(sc)) { 837 if (*data == 0x95) 838 STEPBY(1); 839 else { 840 log(LOG_WARNING, 841 "nglmi: locking shift missing\n"); 842 goto reject; 843 } 844 } else if (*data == 0x95) { 845 log(LOG_WARNING, "nglmi: locking shift seen\n"); 846 goto reject; 847 } 848 } 849 850 /* While there is more data in the status packet, keep processing 851 * status items. First make sure there is enough data for the 852 * segment descriptor's length field. */ 853 while (packetlen >= 2) { 854 u_int segtype = data[0]; 855 u_int segsize = data[1]; 856 857 /* Now that we know how long it claims to be, make sure 858 * there is enough data for the next seg. */ 859 if (packetlen < (segsize + 2)) { 860 log(LOG_WARNING, "nglmi: IE longer than packet\n"); 861 break; 862 } 863 switch (segtype) { 864 case 0x01: 865 case 0x51: 866 /* According to MCI's HP analyser, we should just 867 * ignore if there is mor ethan one of these (?). */ 868 if (resptype_seen) { 869 log(LOG_WARNING, "nglmi: dup MSGTYPE\n"); 870 goto nextIE; 871 } 872 if (segsize != 1) { 873 log(LOG_WARNING, "nglmi: MSGTYPE wrong size\n"); 874 goto reject; 875 } 876 /* The remote end tells us what kind of response 877 * this is. Only expect a type 0 or 1. if it was a 878 * full (type 0) check we just asked for a type 879 * full. */ 880 switch (data[2]) { 881 case 1:/* partial */ 882 if (sc->livs > sc->liv_per_full) { 883 log(LOG_WARNING, 884 "nglmi: LIV when FULL expected\n"); 885 goto reject; /* need full */ 886 } 887 resptype_seen = 1; 888 break; 889 case 0:/* full */ 890 /* Full response is always acceptable */ 891 resptype_seen = 2; 892 break; 893 default: 894 log(LOG_WARNING, 895 "nglmi: Unknown report type %d\n", data[2]); 896 goto reject; 897 } 898 break; 899 case 0x03: 900 case 0x53: 901 /* The remote tells us what it thinks the sequence 902 * numbers are. I would have thought that there 903 * needs to be one and only one of these, but MCI 904 * want us to just ignore extras. (?) */ 905 if (resptype_seen == 0) { 906 log(LOG_WARNING, "nglmi: no TYPE before SEQ\n"); 907 goto reject; 908 } 909 if (seq_seen != 0) /* already seen seq numbers */ 910 goto nextIE; 911 if (segsize != 2) { 912 log(LOG_WARNING, "nglmi: bad SEQ sts size\n"); 913 goto reject; 914 } 915 if (sc->local_seq != data[3]) { 916 log(LOG_WARNING, "nglmi: unexpected SEQ\n"); 917 goto reject; 918 } 919 seq_seen = 1; 920 break; 921 case 0x07: 922 case 0x57: 923 /* The remote tells us about a DLCI that it knows 924 * about. There may be many of these in a single 925 * status response */ 926 if (seq_seen != 1) { /* already seen seq numbers? */ 927 log(LOG_WARNING, 928 "nglmi: No sequence before DLCI\n"); 929 goto reject; 930 } 931 if (resptype_seen != 2) { /* must be full */ 932 log(LOG_WARNING, 933 "nglmi: No resp type before DLCI\n"); 934 goto reject; 935 } 936 if (GROUP4(sc)) { 937 if (segsize != 6) { 938 log(LOG_WARNING, 939 "nglmi: wrong IE segsize\n"); 940 goto reject; 941 } 942 dlci = ((u_short) data[2] & 0xff) << 8; 943 dlci |= (data[3] & 0xff); 944 } else { 945 if (segsize != 3) { 946 log(LOG_WARNING, 947 "nglmi: DLCI headersize of %d" 948 " not supported\n", segsize - 1); 949 goto reject; 950 } 951 dlci = ((u_short) data[2] & 0x3f) << 4; 952 dlci |= ((data[3] & 0x78) >> 3); 953 } 954 /* async can only have one of these */ 955#if 0 /* async not yet accepted */ 956 if (async && highest_dlci) { 957 log(LOG_WARNING, 958 "nglmi: Async with > 1 DLCI\n"); 959 goto reject; 960 } 961#endif 962 /* Annex D says these will always be Ascending, but 963 * the HP test for G4 says we should accept 964 * duplicates, so for now allow that. ( <= vs. < ) */ 965#if 0 966 /* MCI tests want us to accept out of order for AnxD */ 967 if ((!GROUP4(sc)) && (dlci < highest_dlci)) { 968 /* duplicate or mis-ordered dlci */ 969 /* (spec says they will increase in number) */ 970 log(LOG_WARNING, "nglmi: DLCI out of order\n"); 971 goto reject; 972 } 973#endif 974 if (dlci > 1023) { 975 log(LOG_WARNING, "nglmi: DLCI out of range\n"); 976 goto reject; 977 } 978 highest_dlci = dlci; 979 break; 980 default: 981 log(LOG_WARNING, 982 "nglmi: unknown LMI segment type %d\n", segtype); 983 } 984nextIE: 985 STEPBY(segsize + 2); 986 } 987 if (packetlen != 0) { /* partial junk at end? */ 988 log(LOG_WARNING, 989 "nglmi: %d bytes extra at end of packet\n", packetlen); 990 goto print; 991 } 992 if (resptype_seen == 0) { 993 log(LOG_WARNING, "nglmi: No response type seen\n"); 994 goto reject; /* had no response type */ 995 } 996 if (seq_seen == 0) { 997 log(LOG_WARNING, "nglmi: No sequence numbers seen\n"); 998 goto reject; /* had no sequence numbers */ 999 } 1000 return (1); 1001 1002print: 1003 { 1004 int i, j, k, pos; 1005 char buf[100]; 1006 int loc; 1007 u_char *bp = mtod(m, u_char *); 1008 1009 k = i = 0; 1010 loc = (m->m_hdr.mh_len - packetlen); 1011 log(LOG_WARNING, "nglmi: error at location %d\n", loc); 1012 while (k < m->m_hdr.mh_len) { 1013 pos = 0; 1014 j = 0; 1015 while ((j++ < 16) && k < m->m_hdr.mh_len) { 1016 pos += sprintf(buf + pos, "%c%02x", 1017 ((loc == k) ? '>' : ' '), 1018 bp[k]); 1019 k++; 1020 } 1021 if (i == 0) 1022 log(LOG_WARNING, "nglmi: packet data:%s\n", buf); 1023 else 1024 log(LOG_WARNING, "%04d :%s\n", k, buf); 1025 i++; 1026 } 1027 } 1028 return (1); 1029reject: 1030 { 1031 int i, j, k, pos; 1032 char buf[100]; 1033 int loc; 1034 u_char *bp = mtod(m, u_char *); 1035 1036 k = i = 0; 1037 loc = (m->m_hdr.mh_len - packetlen); 1038 log(LOG_WARNING, "nglmi: error at location %d\n", loc); 1039 while (k < m->m_hdr.mh_len) { 1040 pos = 0; 1041 j = 0; 1042 while ((j++ < 16) && k < m->m_hdr.mh_len) { 1043 pos += sprintf(buf + pos, "%c%02x", 1044 ((loc == k) ? '>' : ' '), 1045 bp[k]); 1046 k++; 1047 } 1048 if (i == 0) 1049 log(LOG_WARNING, "nglmi: packet data:%s\n", buf); 1050 else 1051 log(LOG_WARNING, "%04d :%s\n", k, buf); 1052 i++; 1053 } 1054 } 1055 NG_FREE_DATA(m, meta); 1056 return (0); 1057} 1058 1059/* 1060 * Do local shutdown processing.. 1061 * Cut any remaining links and free our local resources. 1062 */ 1063static int 1064nglmi_rmnode(node_p node) 1065{ 1066 const sc_p sc = node->private; 1067 1068 node->flags |= NG_INVALID; 1069 ng_cutlinks(node); 1070 ng_unname(node); 1071 node->private = NULL; 1072 ng_unref(sc->node); 1073 FREE(sc, M_NETGRAPH); 1074 return (0); 1075} 1076 1077/* 1078 * Hook disconnection 1079 * For this type, removal of any link except "debug" destroys the node. 1080 */ 1081static int 1082nglmi_disconnect(hook_p hook) 1083{ 1084 const sc_p sc = hook->node->private; 1085 1086 /* OK to remove debug hook(s) */ 1087 if (hook->private == NULL) 1088 return (0); 1089 1090 /* Stop timer if it's currently active */ 1091 if (sc->flags & SCF_CONNECTED) 1092 untimeout(LMI_ticker, sc, sc->handle); 1093 1094 /* Self-destruct */ 1095 ng_rmnode(hook->node); 1096 return (0); 1097} 1098 1099