1/* 2 * ng_lmi.c 3 */ 4 5/*- 6 * Copyright (c) 1996-1999 Whistle Communications, Inc. 7 * All rights reserved. 8 * 9 * Subject to the following obligations and disclaimer of warranty, use and 10 * redistribution of this software, in source or object code forms, with or 11 * without modifications are expressly permitted by Whistle Communications; 12 * provided, however, that: 13 * 1. Any and all reproductions of the source or object code must include the 14 * copyright notice above and the following disclaimer of warranties; and 15 * 2. No rights are granted, in any manner or form, to use Whistle 16 * Communications, Inc. trademarks, including the mark "WHISTLE 17 * COMMUNICATIONS" on advertising, endorsements, or otherwise except as 18 * such appears in the above copyright notice or in the software. 19 * 20 * THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND 21 * TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO 22 * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE, 23 * INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF 24 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. 25 * WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANTEE, OR MAKE ANY 26 * REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS 27 * SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE. 28 * IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES 29 * RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING 30 * WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 31 * PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR 32 * SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY 33 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 34 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 35 * THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY 36 * OF SUCH DAMAGE. 37 * 38 * Author: Julian Elischer <julian@freebsd.org> 39 * $Whistle: ng_lmi.c,v 1.38 1999/11/01 09:24:52 julian Exp $ 40 */ 41 42/* 43 * This node performs the frame relay LMI protocol. It knows how 44 * to do ITU Annex A, ANSI Annex D, and "Group-of-Four" variants 45 * of the protocol. 46 * 47 * A specific protocol can be forced by connecting the corresponding 48 * hook to DLCI 0 or 1023 (as appropriate) of a frame relay link. 49 * 50 * Alternately, this node can do auto-detection of the LMI protocol 51 * by connecting hook "auto0" to DLCI 0 and "auto1023" to DLCI 1023. 52 */ 53 54#include <sys/param.h> 55#include <sys/systm.h> 56#include <sys/errno.h> 57#include <sys/kernel.h> 58#include <sys/malloc.h> 59#include <sys/mbuf.h> 60#include <sys/syslog.h> 61#include <netgraph/ng_message.h> 62#include <netgraph/netgraph.h> 63#include <netgraph/ng_lmi.h> 64 65/* 66 * Human readable names for LMI 67 */ 68#define NAME_ANNEXA NG_LMI_HOOK_ANNEXA 69#define NAME_ANNEXD NG_LMI_HOOK_ANNEXD 70#define NAME_GROUP4 NG_LMI_HOOK_GROUPOF4 71#define NAME_NONE "None" 72 73#define MAX_DLCIS 128 74#define MAXDLCI 1023 75 76/* 77 * DLCI states 78 */ 79#define DLCI_NULL 0 80#define DLCI_UP 1 81#define DLCI_DOWN 2 82 83/* 84 * Any received LMI frame should be at least this long 85 */ 86#define LMI_MIN_LENGTH 8 /* XXX verify */ 87 88/* 89 * Netgraph node methods and type descriptor 90 */ 91static ng_constructor_t nglmi_constructor; 92static ng_rcvmsg_t nglmi_rcvmsg; 93static ng_shutdown_t nglmi_shutdown; 94static ng_newhook_t nglmi_newhook; 95static ng_rcvdata_t nglmi_rcvdata; 96static ng_disconnect_t nglmi_disconnect; 97static int nglmi_checkdata(hook_p hook, struct mbuf *m); 98 99static struct ng_type typestruct = { 100 .version = NG_ABI_VERSION, 101 .name = NG_LMI_NODE_TYPE, 102 .constructor = nglmi_constructor, 103 .rcvmsg = nglmi_rcvmsg, 104 .shutdown = nglmi_shutdown, 105 .newhook = nglmi_newhook, 106 .rcvdata = nglmi_rcvdata, 107 .disconnect = nglmi_disconnect, 108}; 109NETGRAPH_INIT(lmi, &typestruct); 110 111/* 112 * Info and status per node 113 */ 114struct nglmi_softc { 115 node_p node; /* netgraph node */ 116 int flags; /* state */ 117 int poll_count; /* the count of times for autolmi */ 118 int poll_state; /* state of auto detect machine */ 119 u_char remote_seq; /* sequence number the remote sent */ 120 u_char local_seq; /* last sequence number we sent */ 121 u_char protoID; /* 9 for group of 4, 8 otherwise */ 122 u_long seq_retries; /* sent this how many time so far */ 123 struct callout handle; /* see timeout(9) */ 124 int liv_per_full; 125 int liv_rate; 126 int livs; 127 int need_full; 128 hook_p lmi_channel; /* whatever we ended up using */ 129 hook_p lmi_annexA; 130 hook_p lmi_annexD; 131 hook_p lmi_group4; 132 hook_p lmi_channel0; /* auto-detect on DLCI 0 */ 133 hook_p lmi_channel1023;/* auto-detect on DLCI 1023 */ 134 char *protoname; /* cache protocol name */ 135 u_char dlci_state[MAXDLCI + 1]; 136 int invalidx; /* next dlci's to invalidate */ 137}; 138typedef struct nglmi_softc *sc_p; 139 140/* 141 * Other internal functions 142 */ 143static void LMI_ticker(node_p node, hook_p hook, void *arg1, int arg2); 144static void nglmi_startup_fixed(sc_p sc, hook_p hook); 145static void nglmi_startup_auto(sc_p sc); 146static void nglmi_startup(sc_p sc); 147static void nglmi_inquire(sc_p sc, int full); 148static void ngauto_state_machine(sc_p sc); 149 150/* 151 * Values for 'flags' field 152 * NB: the SCF_CONNECTED flag is set if and only if the timer is running. 153 */ 154#define SCF_CONNECTED 0x01 /* connected to something */ 155#define SCF_AUTO 0x02 /* we are auto-detecting */ 156#define SCF_FIXED 0x04 /* we are fixed from the start */ 157 158#define SCF_LMITYPE 0x18 /* mask for determining Annex mode */ 159#define SCF_NOLMI 0x00 /* no LMI type selected yet */ 160#define SCF_ANNEX_A 0x08 /* running annex A mode */ 161#define SCF_ANNEX_D 0x10 /* running annex D mode */ 162#define SCF_GROUP4 0x18 /* running group of 4 */ 163 164#define SETLMITYPE(sc, annex) \ 165do { \ 166 (sc)->flags &= ~SCF_LMITYPE; \ 167 (sc)->flags |= (annex); \ 168} while (0) 169 170#define NOPROTO(sc) (((sc)->flags & SCF_LMITYPE) == SCF_NOLMI) 171#define ANNEXA(sc) (((sc)->flags & SCF_LMITYPE) == SCF_ANNEX_A) 172#define ANNEXD(sc) (((sc)->flags & SCF_LMITYPE) == SCF_ANNEX_D) 173#define GROUP4(sc) (((sc)->flags & SCF_LMITYPE) == SCF_GROUP4) 174 175#define LMIPOLLSIZE 3 176#define LMI_PATIENCE 8 /* declare all DLCI DOWN after N LMI failures */ 177 178/* 179 * Node constructor 180 */ 181static int 182nglmi_constructor(node_p node) 183{ 184 sc_p sc; 185 186 sc = malloc(sizeof(*sc), M_NETGRAPH, M_WAITOK | M_ZERO); 187 188 NG_NODE_SET_PRIVATE(node, sc); 189 sc->node = node; 190 191 ng_callout_init(&sc->handle); 192 sc->protoname = NAME_NONE; 193 sc->liv_per_full = NG_LMI_SEQ_PER_FULL; /* make this dynamic */ 194 sc->liv_rate = NG_LMI_KEEPALIVE_RATE; 195 return (0); 196} 197 198/* 199 * The LMI channel has a private pointer which is the same as the 200 * node private pointer. The debug channel has a NULL private pointer. 201 */ 202static int 203nglmi_newhook(node_p node, hook_p hook, const char *name) 204{ 205 sc_p sc = NG_NODE_PRIVATE(node); 206 207 if (strcmp(name, NG_LMI_HOOK_DEBUG) == 0) { 208 NG_HOOK_SET_PRIVATE(hook, NULL); 209 return (0); 210 } 211 if (sc->flags & SCF_CONNECTED) { 212 /* already connected, return an error */ 213 return (EINVAL); 214 } 215 if (strcmp(name, NG_LMI_HOOK_ANNEXA) == 0) { 216 sc->lmi_annexA = hook; 217 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node)); 218 sc->protoID = 8; 219 SETLMITYPE(sc, SCF_ANNEX_A); 220 sc->protoname = NAME_ANNEXA; 221 nglmi_startup_fixed(sc, hook); 222 } else if (strcmp(name, NG_LMI_HOOK_ANNEXD) == 0) { 223 sc->lmi_annexD = hook; 224 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node)); 225 sc->protoID = 8; 226 SETLMITYPE(sc, SCF_ANNEX_D); 227 sc->protoname = NAME_ANNEXD; 228 nglmi_startup_fixed(sc, hook); 229 } else if (strcmp(name, NG_LMI_HOOK_GROUPOF4) == 0) { 230 sc->lmi_group4 = hook; 231 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node)); 232 sc->protoID = 9; 233 SETLMITYPE(sc, SCF_GROUP4); 234 sc->protoname = NAME_GROUP4; 235 nglmi_startup_fixed(sc, hook); 236 } else if (strcmp(name, NG_LMI_HOOK_AUTO0) == 0) { 237 /* Note this, and if B is already installed, we're complete */ 238 sc->lmi_channel0 = hook; 239 sc->protoname = NAME_NONE; 240 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node)); 241 if (sc->lmi_channel1023) 242 nglmi_startup_auto(sc); 243 } else if (strcmp(name, NG_LMI_HOOK_AUTO1023) == 0) { 244 /* Note this, and if A is already installed, we're complete */ 245 sc->lmi_channel1023 = hook; 246 sc->protoname = NAME_NONE; 247 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node)); 248 if (sc->lmi_channel0) 249 nglmi_startup_auto(sc); 250 } else 251 return (EINVAL); /* unknown hook */ 252 return (0); 253} 254 255/* 256 * We have just attached to a live (we hope) node. 257 * Fire out a LMI inquiry, and then start up the timers. 258 */ 259static void 260LMI_ticker(node_p node, hook_p hook, void *arg1, int arg2) 261{ 262 sc_p sc = NG_NODE_PRIVATE(node); 263 264 if (sc->flags & SCF_AUTO) { 265 ngauto_state_machine(sc); 266 ng_callout(&sc->handle, node, NULL, NG_LMI_POLL_RATE * hz, 267 LMI_ticker, NULL, 0); 268 } else { 269 if (sc->livs++ >= sc->liv_per_full) { 270 nglmi_inquire(sc, 1); 271 /* sc->livs = 0; *//* do this when we get the answer! */ 272 } else { 273 nglmi_inquire(sc, 0); 274 } 275 ng_callout(&sc->handle, node, NULL, sc->liv_rate * hz, 276 LMI_ticker, NULL, 0); 277 } 278} 279 280static void 281nglmi_startup_fixed(sc_p sc, hook_p hook) 282{ 283 sc->flags |= (SCF_FIXED | SCF_CONNECTED); 284 sc->lmi_channel = hook; 285 nglmi_startup(sc); 286} 287 288static void 289nglmi_startup_auto(sc_p sc) 290{ 291 sc->flags |= (SCF_AUTO | SCF_CONNECTED); 292 sc->poll_state = 0; /* reset state machine */ 293 sc->poll_count = 0; 294 nglmi_startup(sc); 295} 296 297static void 298nglmi_startup(sc_p sc) 299{ 300 sc->remote_seq = 0; 301 sc->local_seq = 1; 302 sc->seq_retries = 0; 303 sc->livs = sc->liv_per_full - 1; 304 /* start off the ticker in 1 sec */ 305 ng_callout(&sc->handle, sc->node, NULL, hz, LMI_ticker, NULL, 0); 306} 307 308static void 309nglmi_inquire(sc_p sc, int full) 310{ 311 struct mbuf *m; 312 struct ng_tag_prio *ptag; 313 char *cptr, *start; 314 int error; 315 316 if (sc->lmi_channel == NULL) 317 return; 318 MGETHDR(m, M_NOWAIT, MT_DATA); 319 if (m == NULL) { 320 log(LOG_ERR, "nglmi: unable to start up LMI processing\n"); 321 return; 322 } 323 m->m_pkthdr.rcvif = NULL; 324 325 /* Attach a tag to packet, marking it of link level state priority, so 326 * that device driver would put it in the beginning of queue */ 327 328 ptag = (struct ng_tag_prio *)m_tag_alloc(NGM_GENERIC_COOKIE, NG_TAG_PRIO, 329 (sizeof(struct ng_tag_prio) - sizeof(struct m_tag)), M_NOWAIT); 330 if (ptag != NULL) { /* if it failed, well, it was optional anyhow */ 331 ptag->priority = NG_PRIO_LINKSTATE; 332 ptag->discardability = -1; 333 m_tag_prepend(m, &ptag->tag); 334 } 335 336 m->m_data += 4; /* leave some room for a header */ 337 cptr = start = mtod(m, char *); 338 /* add in the header for an LMI inquiry. */ 339 *cptr++ = 0x03; /* UI frame */ 340 if (GROUP4(sc)) 341 *cptr++ = 0x09; /* proto discriminator */ 342 else 343 *cptr++ = 0x08; /* proto discriminator */ 344 *cptr++ = 0x00; /* call reference */ 345 *cptr++ = 0x75; /* inquiry */ 346 347 /* If we are Annex-D, add locking shift to codeset 5. */ 348 if (ANNEXD(sc)) 349 *cptr++ = 0x95; /* locking shift */ 350 /* Add a request type */ 351 if (ANNEXA(sc)) 352 *cptr++ = 0x51; /* report type */ 353 else 354 *cptr++ = 0x01; /* report type */ 355 *cptr++ = 0x01; /* size = 1 */ 356 if (full) 357 *cptr++ = 0x00; /* full */ 358 else 359 *cptr++ = 0x01; /* partial */ 360 361 /* Add a link verification IE */ 362 if (ANNEXA(sc)) 363 *cptr++ = 0x53; /* verification IE */ 364 else 365 *cptr++ = 0x03; /* verification IE */ 366 *cptr++ = 0x02; /* 2 extra bytes */ 367 *cptr++ = sc->local_seq; 368 *cptr++ = sc->remote_seq; 369 sc->seq_retries++; 370 371 /* Send it */ 372 m->m_len = m->m_pkthdr.len = cptr - start; 373 NG_SEND_DATA_ONLY(error, sc->lmi_channel, m); 374 375 /* If we've been sending requests for long enough, and there has 376 * been no response, then mark as DOWN, any DLCIs that are UP. */ 377 if (sc->seq_retries == LMI_PATIENCE) { 378 int count; 379 380 for (count = 0; count < MAXDLCI; count++) 381 if (sc->dlci_state[count] == DLCI_UP) 382 sc->dlci_state[count] = DLCI_DOWN; 383 } 384} 385 386/* 387 * State machine for LMI auto-detect. The transitions are ordered 388 * to try the more likely possibilities first. 389 */ 390static void 391ngauto_state_machine(sc_p sc) 392{ 393 if ((sc->poll_count <= 0) || (sc->poll_count > LMIPOLLSIZE)) { 394 /* time to change states in the auto probe machine */ 395 /* capture wild values of poll_count while we are at it */ 396 sc->poll_count = LMIPOLLSIZE; 397 sc->poll_state++; 398 } 399 switch (sc->poll_state) { 400 case 7: 401 log(LOG_WARNING, "nglmi: no response from exchange\n"); 402 default: /* capture bad states */ 403 sc->poll_state = 1; 404 case 1: 405 sc->lmi_channel = sc->lmi_channel0; 406 SETLMITYPE(sc, SCF_ANNEX_D); 407 break; 408 case 2: 409 sc->lmi_channel = sc->lmi_channel1023; 410 SETLMITYPE(sc, SCF_ANNEX_D); 411 break; 412 case 3: 413 sc->lmi_channel = sc->lmi_channel0; 414 SETLMITYPE(sc, SCF_ANNEX_A); 415 break; 416 case 4: 417 sc->lmi_channel = sc->lmi_channel1023; 418 SETLMITYPE(sc, SCF_GROUP4); 419 break; 420 case 5: 421 sc->lmi_channel = sc->lmi_channel1023; 422 SETLMITYPE(sc, SCF_ANNEX_A); 423 break; 424 case 6: 425 sc->lmi_channel = sc->lmi_channel0; 426 SETLMITYPE(sc, SCF_GROUP4); 427 break; 428 } 429 430 /* send an inquirey encoded appropriately */ 431 nglmi_inquire(sc, 0); 432 sc->poll_count--; 433} 434 435/* 436 * Receive a netgraph control message. 437 */ 438static int 439nglmi_rcvmsg(node_p node, item_p item, hook_p lasthook) 440{ 441 sc_p sc = NG_NODE_PRIVATE(node); 442 struct ng_mesg *resp = NULL; 443 int error = 0; 444 struct ng_mesg *msg; 445 446 NGI_GET_MSG(item, msg); 447 switch (msg->header.typecookie) { 448 case NGM_GENERIC_COOKIE: 449 switch (msg->header.cmd) { 450 case NGM_TEXT_STATUS: 451 { 452 char *arg; 453 int pos, count; 454 455 NG_MKRESPONSE(resp, msg, NG_TEXTRESPONSE, M_NOWAIT); 456 if (resp == NULL) { 457 error = ENOMEM; 458 break; 459 } 460 arg = resp->data; 461 pos = sprintf(arg, "protocol %s ", sc->protoname); 462 if (sc->flags & SCF_FIXED) 463 pos += sprintf(arg + pos, "fixed\n"); 464 else if (sc->flags & SCF_AUTO) 465 pos += sprintf(arg + pos, "auto-detecting\n"); 466 else 467 pos += sprintf(arg + pos, "auto on dlci %d\n", 468 (sc->lmi_channel == sc->lmi_channel0) ? 469 0 : 1023); 470 pos += sprintf(arg + pos, 471 "keepalive period: %d seconds\n", sc->liv_rate); 472 pos += sprintf(arg + pos, 473 "unacknowledged keepalives: %ld\n", 474 sc->seq_retries); 475 for (count = 0; 476 ((count <= MAXDLCI) 477 && (pos < (NG_TEXTRESPONSE - 20))); 478 count++) { 479 if (sc->dlci_state[count]) { 480 pos += sprintf(arg + pos, 481 "dlci %d %s\n", count, 482 (sc->dlci_state[count] 483 == DLCI_UP) ? "up" : "down"); 484 } 485 } 486 resp->header.arglen = pos + 1; 487 break; 488 } 489 default: 490 error = EINVAL; 491 break; 492 } 493 break; 494 case NGM_LMI_COOKIE: 495 switch (msg->header.cmd) { 496 case NGM_LMI_GET_STATUS: 497 { 498 struct nglmistat *stat; 499 int k; 500 501 NG_MKRESPONSE(resp, msg, sizeof(*stat), M_NOWAIT); 502 if (!resp) { 503 error = ENOMEM; 504 break; 505 } 506 stat = (struct nglmistat *) resp->data; 507 strncpy(stat->proto, 508 sc->protoname, sizeof(stat->proto) - 1); 509 strncpy(stat->hook, 510 sc->protoname, sizeof(stat->hook) - 1); 511 stat->autod = !!(sc->flags & SCF_AUTO); 512 stat->fixed = !!(sc->flags & SCF_FIXED); 513 for (k = 0; k <= MAXDLCI; k++) { 514 switch (sc->dlci_state[k]) { 515 case DLCI_UP: 516 stat->up[k / 8] |= (1 << (k % 8)); 517 /* fall through */ 518 case DLCI_DOWN: 519 stat->seen[k / 8] |= (1 << (k % 8)); 520 break; 521 } 522 } 523 break; 524 } 525 default: 526 error = EINVAL; 527 break; 528 } 529 break; 530 default: 531 error = EINVAL; 532 break; 533 } 534 535 NG_RESPOND_MSG(error, node, item, resp); 536 NG_FREE_MSG(msg); 537 return (error); 538} 539 540#define STEPBY(stepsize) \ 541 do { \ 542 packetlen -= (stepsize); \ 543 data += (stepsize); \ 544 } while (0) 545 546/* 547 * receive data, and use it to update our status. 548 * Anything coming in on the debug port is discarded. 549 */ 550static int 551nglmi_rcvdata(hook_p hook, item_p item) 552{ 553 sc_p sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); 554 const u_char *data; 555 unsigned short dlci; 556 u_short packetlen; 557 int resptype_seen = 0; 558 struct mbuf *m; 559 560 NGI_GET_M(item, m); 561 NG_FREE_ITEM(item); 562 if (NG_HOOK_PRIVATE(hook) == NULL) { 563 goto drop; 564 } 565 packetlen = m->m_len; 566 567 /* XXX what if it's more than 1 mbuf? */ 568 if ((packetlen > MHLEN) && !(m->m_flags & M_EXT)) { 569 log(LOG_WARNING, "nglmi: packetlen (%d) too big\n", packetlen); 570 goto drop; 571 } 572 if (m->m_len < packetlen && (m = m_pullup(m, packetlen)) == NULL) { 573 log(LOG_WARNING, 574 "nglmi: m_pullup failed for %d bytes\n", packetlen); 575 return (0); 576 } 577 if (nglmi_checkdata(hook, m) == 0) 578 return (0); 579 580 /* pass the first 4 bytes (already checked in the nglmi_checkdata()) */ 581 data = mtod(m, const u_char *); 582 STEPBY(4); 583 584 /* Now check if there is a 'locking shift'. This is only seen in 585 * Annex D frames. don't bother checking, we already did that. Don't 586 * increment immediately as it might not be there. */ 587 if (ANNEXD(sc)) 588 STEPBY(1); 589 590 /* If we get this far we should consider that it is a legitimate 591 * frame and we know what it is. */ 592 if (sc->flags & SCF_AUTO) { 593 /* note the hook that this valid channel came from and drop 594 * out of auto probe mode. */ 595 if (ANNEXA(sc)) 596 sc->protoname = NAME_ANNEXA; 597 else if (ANNEXD(sc)) 598 sc->protoname = NAME_ANNEXD; 599 else if (GROUP4(sc)) 600 sc->protoname = NAME_GROUP4; 601 else { 602 log(LOG_ERR, "nglmi: No known type\n"); 603 goto drop; 604 } 605 sc->lmi_channel = hook; 606 sc->flags &= ~SCF_AUTO; 607 log(LOG_INFO, "nglmi: auto-detected %s LMI on DLCI %d\n", 608 sc->protoname, hook == sc->lmi_channel0 ? 0 : 1023); 609 } 610 611 /* While there is more data in the status packet, keep processing 612 * status items. First make sure there is enough data for the 613 * segment descriptor's length field. */ 614 while (packetlen >= 2) { 615 u_int segtype = data[0]; 616 u_int segsize = data[1]; 617 618 /* Now that we know how long it claims to be, make sure 619 * there is enough data for the next seg. */ 620 if (packetlen < segsize + 2) 621 break; 622 switch (segtype) { 623 case 0x01: 624 case 0x51: 625 if (resptype_seen) { 626 log(LOG_WARNING, "nglmi: dup MSGTYPE\n"); 627 goto nextIE; 628 } 629 resptype_seen++; 630 /* The remote end tells us what kind of response 631 * this is. Only expect a type 0 or 1. if we are a 632 * full status, invalidate a few DLCIs just to see 633 * that they are still ok. */ 634 if (segsize != 1) 635 goto nextIE; 636 switch (data[2]) { 637 case 1: 638 /* partial status, do no extra processing */ 639 break; 640 case 0: 641 { 642 int count = 0; 643 int idx = sc->invalidx; 644 645 for (count = 0; count < 10; count++) { 646 if (idx > MAXDLCI) 647 idx = 0; 648 if (sc->dlci_state[idx] == DLCI_UP) 649 sc->dlci_state[idx] = DLCI_DOWN; 650 idx++; 651 } 652 sc->invalidx = idx; 653 /* we got and we wanted one. relax 654 * now.. but don't reset to 0 if it 655 * was unrequested. */ 656 if (sc->livs > sc->liv_per_full) 657 sc->livs = 0; 658 break; 659 } 660 } 661 break; 662 case 0x03: 663 case 0x53: 664 /* The remote tells us what it thinks the sequence 665 * numbers are. If it's not size 2, it must be a 666 * duplicate to have gotten this far, skip it. */ 667 if (segsize != 2) 668 goto nextIE; 669 sc->remote_seq = data[2]; 670 if (sc->local_seq == data[3]) { 671 sc->local_seq++; 672 sc->seq_retries = 0; 673 /* Note that all 3 Frame protocols seem to 674 * not like 0 as a sequence number. */ 675 if (sc->local_seq == 0) 676 sc->local_seq = 1; 677 } 678 break; 679 case 0x07: 680 case 0x57: 681 /* The remote tells us about a DLCI that it knows 682 * about. There may be many of these in a single 683 * status response */ 684 switch (segsize) { 685 case 6:/* only on 'group of 4' */ 686 dlci = ((u_short) data[2] & 0xff) << 8; 687 dlci |= (data[3] & 0xff); 688 if ((dlci < 1024) && (dlci > 0)) { 689 /* XXX */ 690 } 691 break; 692 case 3: 693 dlci = ((u_short) data[2] & 0x3f) << 4; 694 dlci |= ((data[3] & 0x78) >> 3); 695 if ((dlci < 1024) && (dlci > 0)) { 696 /* set up the bottom half of the 697 * support for that dlci if it's not 698 * already been done */ 699 /* store this information somewhere */ 700 } 701 break; 702 default: 703 goto nextIE; 704 } 705 if (sc->dlci_state[dlci] != DLCI_UP) { 706 /* bring new DLCI to life */ 707 /* may do more here some day */ 708 if (sc->dlci_state[dlci] != DLCI_DOWN) 709 log(LOG_INFO, 710 "nglmi: DLCI %d became active\n", 711 dlci); 712 sc->dlci_state[dlci] = DLCI_UP; 713 } 714 break; 715 } 716nextIE: 717 STEPBY(segsize + 2); 718 } 719 NG_FREE_M(m); 720 return (0); 721 722drop: 723 NG_FREE_M(m); 724 return (EINVAL); 725} 726 727/* 728 * Check that a packet is entirely kosha. 729 * return 1 of ok, and 0 if not. 730 * All data is discarded if a 0 is returned. 731 */ 732static int 733nglmi_checkdata(hook_p hook, struct mbuf *m) 734{ 735 sc_p sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); 736 const u_char *data; 737 u_short packetlen; 738 unsigned short dlci; 739 u_char type; 740 u_char nextbyte; 741 int seq_seen = 0; 742 int resptype_seen = 0; /* 0 , 1 (partial) or 2 (full) */ 743#if 0 744 int highest_dlci = 0; 745#endif 746 747 packetlen = m->m_len; 748 data = mtod(m, const u_char *); 749 if (*data != 0x03) { 750 log(LOG_WARNING, "nglmi: unexpected value in LMI(%d)\n", 1); 751 goto reject; 752 } 753 STEPBY(1); 754 755 /* look at the protocol ID */ 756 nextbyte = *data; 757 if (sc->flags & SCF_AUTO) { 758 SETLMITYPE(sc, SCF_NOLMI); /* start with a clean slate */ 759 switch (nextbyte) { 760 case 0x8: 761 sc->protoID = 8; 762 break; 763 case 0x9: 764 SETLMITYPE(sc, SCF_GROUP4); 765 sc->protoID = 9; 766 break; 767 default: 768 log(LOG_WARNING, "nglmi: bad Protocol ID(%d)\n", 769 (int) nextbyte); 770 goto reject; 771 } 772 } else { 773 if (nextbyte != sc->protoID) { 774 log(LOG_WARNING, "nglmi: unexpected Protocol ID(%d)\n", 775 (int) nextbyte); 776 goto reject; 777 } 778 } 779 STEPBY(1); 780 781 /* check call reference (always null in non ISDN frame relay) */ 782 if (*data != 0x00) { 783 log(LOG_WARNING, "nglmi: unexpected Call Reference (0x%x)\n", 784 data[-1]); 785 goto reject; 786 } 787 STEPBY(1); 788 789 /* check message type */ 790 switch ((type = *data)) { 791 case 0x75: /* Status enquiry */ 792 log(LOG_WARNING, "nglmi: unexpected message type(0x%x)\n", 793 data[-1]); 794 goto reject; 795 case 0x7D: /* Status message */ 796 break; 797 default: 798 log(LOG_WARNING, 799 "nglmi: unexpected msg type(0x%x) \n", (int) type); 800 goto reject; 801 } 802 STEPBY(1); 803 804 /* Now check if there is a 'locking shift'. This is only seen in 805 * Annex D frames. Don't increment immediately as it might not be 806 * there. */ 807 nextbyte = *data; 808 if (sc->flags & SCF_AUTO) { 809 if (!(GROUP4(sc))) { 810 if (nextbyte == 0x95) { 811 SETLMITYPE(sc, SCF_ANNEX_D); 812 STEPBY(1); 813 } else 814 SETLMITYPE(sc, SCF_ANNEX_A); 815 } else if (nextbyte == 0x95) { 816 log(LOG_WARNING, "nglmi: locking shift seen in G4\n"); 817 goto reject; 818 } 819 } else { 820 if (ANNEXD(sc)) { 821 if (*data == 0x95) 822 STEPBY(1); 823 else { 824 log(LOG_WARNING, 825 "nglmi: locking shift missing\n"); 826 goto reject; 827 } 828 } else if (*data == 0x95) { 829 log(LOG_WARNING, "nglmi: locking shift seen\n"); 830 goto reject; 831 } 832 } 833 834 /* While there is more data in the status packet, keep processing 835 * status items. First make sure there is enough data for the 836 * segment descriptor's length field. */ 837 while (packetlen >= 2) { 838 u_int segtype = data[0]; 839 u_int segsize = data[1]; 840 841 /* Now that we know how long it claims to be, make sure 842 * there is enough data for the next seg. */ 843 if (packetlen < (segsize + 2)) { 844 log(LOG_WARNING, "nglmi: IE longer than packet\n"); 845 break; 846 } 847 switch (segtype) { 848 case 0x01: 849 case 0x51: 850 /* According to MCI's HP analyser, we should just 851 * ignore if there is mor ethan one of these (?). */ 852 if (resptype_seen) { 853 log(LOG_WARNING, "nglmi: dup MSGTYPE\n"); 854 goto nextIE; 855 } 856 if (segsize != 1) { 857 log(LOG_WARNING, "nglmi: MSGTYPE wrong size\n"); 858 goto reject; 859 } 860 /* The remote end tells us what kind of response 861 * this is. Only expect a type 0 or 1. if it was a 862 * full (type 0) check we just asked for a type 863 * full. */ 864 switch (data[2]) { 865 case 1:/* partial */ 866 if (sc->livs > sc->liv_per_full) { 867 log(LOG_WARNING, 868 "nglmi: LIV when FULL expected\n"); 869 goto reject; /* need full */ 870 } 871 resptype_seen = 1; 872 break; 873 case 0:/* full */ 874 /* Full response is always acceptable */ 875 resptype_seen = 2; 876 break; 877 default: 878 log(LOG_WARNING, 879 "nglmi: Unknown report type %d\n", data[2]); 880 goto reject; 881 } 882 break; 883 case 0x03: 884 case 0x53: 885 /* The remote tells us what it thinks the sequence 886 * numbers are. I would have thought that there 887 * needs to be one and only one of these, but MCI 888 * want us to just ignore extras. (?) */ 889 if (resptype_seen == 0) { 890 log(LOG_WARNING, "nglmi: no TYPE before SEQ\n"); 891 goto reject; 892 } 893 if (seq_seen != 0) /* already seen seq numbers */ 894 goto nextIE; 895 if (segsize != 2) { 896 log(LOG_WARNING, "nglmi: bad SEQ sts size\n"); 897 goto reject; 898 } 899 if (sc->local_seq != data[3]) { 900 log(LOG_WARNING, "nglmi: unexpected SEQ\n"); 901 goto reject; 902 } 903 seq_seen = 1; 904 break; 905 case 0x07: 906 case 0x57: 907 /* The remote tells us about a DLCI that it knows 908 * about. There may be many of these in a single 909 * status response */ 910 if (seq_seen != 1) { /* already seen seq numbers? */ 911 log(LOG_WARNING, 912 "nglmi: No sequence before DLCI\n"); 913 goto reject; 914 } 915 if (resptype_seen != 2) { /* must be full */ 916 log(LOG_WARNING, 917 "nglmi: No resp type before DLCI\n"); 918 goto reject; 919 } 920 if (GROUP4(sc)) { 921 if (segsize != 6) { 922 log(LOG_WARNING, 923 "nglmi: wrong IE segsize\n"); 924 goto reject; 925 } 926 dlci = ((u_short) data[2] & 0xff) << 8; 927 dlci |= (data[3] & 0xff); 928 } else { 929 if (segsize != 3) { 930 log(LOG_WARNING, 931 "nglmi: DLCI headersize of %d" 932 " not supported\n", segsize - 1); 933 goto reject; 934 } 935 dlci = ((u_short) data[2] & 0x3f) << 4; 936 dlci |= ((data[3] & 0x78) >> 3); 937 } 938 /* async can only have one of these */ 939#if 0 /* async not yet accepted */ 940 if (async && highest_dlci) { 941 log(LOG_WARNING, 942 "nglmi: Async with > 1 DLCI\n"); 943 goto reject; 944 } 945#endif 946 /* Annex D says these will always be Ascending, but 947 * the HP test for G4 says we should accept 948 * duplicates, so for now allow that. ( <= vs. < ) */ 949#if 0 950 /* MCI tests want us to accept out of order for AnxD */ 951 if ((!GROUP4(sc)) && (dlci < highest_dlci)) { 952 /* duplicate or mis-ordered dlci */ 953 /* (spec says they will increase in number) */ 954 log(LOG_WARNING, "nglmi: DLCI out of order\n"); 955 goto reject; 956 } 957#endif 958 if (dlci > 1023) { 959 log(LOG_WARNING, "nglmi: DLCI out of range\n"); 960 goto reject; 961 } 962#if 0 963 highest_dlci = dlci; 964#endif 965 break; 966 default: 967 log(LOG_WARNING, 968 "nglmi: unknown LMI segment type %d\n", segtype); 969 } 970nextIE: 971 STEPBY(segsize + 2); 972 } 973 if (packetlen != 0) { /* partial junk at end? */ 974 log(LOG_WARNING, 975 "nglmi: %d bytes extra at end of packet\n", packetlen); 976 goto print; 977 } 978 if (resptype_seen == 0) { 979 log(LOG_WARNING, "nglmi: No response type seen\n"); 980 goto reject; /* had no response type */ 981 } 982 if (seq_seen == 0) { 983 log(LOG_WARNING, "nglmi: No sequence numbers seen\n"); 984 goto reject; /* had no sequence numbers */ 985 } 986 return (1); 987 988print: 989 { 990 int i, j, k, pos; 991 char buf[100]; 992 int loc; 993 const u_char *bp = mtod(m, const u_char *); 994 995 k = i = 0; 996 loc = (m->m_len - packetlen); 997 log(LOG_WARNING, "nglmi: error at location %d\n", loc); 998 while (k < m->m_len) { 999 pos = 0; 1000 j = 0; 1001 while ((j++ < 16) && k < m->m_len) { 1002 pos += sprintf(buf + pos, "%c%02x", 1003 ((loc == k) ? '>' : ' '), 1004 bp[k]); 1005 k++; 1006 } 1007 if (i == 0) 1008 log(LOG_WARNING, "nglmi: packet data:%s\n", buf); 1009 else 1010 log(LOG_WARNING, "%04d :%s\n", k, buf); 1011 i++; 1012 } 1013 } 1014 return (1); 1015reject: 1016 { 1017 int i, j, k, pos; 1018 char buf[100]; 1019 int loc; 1020 const u_char *bp = mtod(m, const u_char *); 1021 1022 k = i = 0; 1023 loc = (m->m_len - packetlen); 1024 log(LOG_WARNING, "nglmi: error at location %d\n", loc); 1025 while (k < m->m_len) { 1026 pos = 0; 1027 j = 0; 1028 while ((j++ < 16) && k < m->m_len) { 1029 pos += sprintf(buf + pos, "%c%02x", 1030 ((loc == k) ? '>' : ' '), 1031 bp[k]); 1032 k++; 1033 } 1034 if (i == 0) 1035 log(LOG_WARNING, "nglmi: packet data:%s\n", buf); 1036 else 1037 log(LOG_WARNING, "%04d :%s\n", k, buf); 1038 i++; 1039 } 1040 } 1041 NG_FREE_M(m); 1042 return (0); 1043} 1044 1045/* 1046 * Do local shutdown processing.. 1047 * Cut any remaining links and free our local resources. 1048 */ 1049static int 1050nglmi_shutdown(node_p node) 1051{ 1052 const sc_p sc = NG_NODE_PRIVATE(node); 1053 1054 NG_NODE_SET_PRIVATE(node, NULL); 1055 NG_NODE_UNREF(sc->node); 1056 free(sc, M_NETGRAPH); 1057 return (0); 1058} 1059 1060/* 1061 * Hook disconnection 1062 * For this type, removal of any link except "debug" destroys the node. 1063 */ 1064static int 1065nglmi_disconnect(hook_p hook) 1066{ 1067 const sc_p sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); 1068 1069 /* OK to remove debug hook(s) */ 1070 if (NG_HOOK_PRIVATE(hook) == NULL) 1071 return (0); 1072 1073 /* Stop timer if it's currently active */ 1074 if (sc->flags & SCF_CONNECTED) 1075 ng_uncallout(&sc->handle, sc->node); 1076 1077 /* Self-destruct */ 1078 if (NG_NODE_IS_VALID(NG_HOOK_NODE(hook))) 1079 ng_rmnode_self(NG_HOOK_NODE(hook)); 1080 return (0); 1081} 1082