]> git.saurik.com Git - apple/network_cmds.git/blob - alias/alias_pptp.c
projects / apple / network_cmds.git / blob
? search:


3e76de4a6885e6ad7e31a72c38677a660cf06955
[apple/network_cmds.git] / alias / alias_pptp.c
1 /*
2 * Copyright (c) 2000-2002 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved.
7 *
8 * This file contains Original Code and/or Modifications of Original Code
9 * as defined in and that are subject to the Apple Public Source License
10 * Version 2.0 (the 'License'). You may not use this file except in
11 * compliance with the License. Please obtain a copy of the License at
12 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * file.
14 *
15 * The Original Code and all software distributed under the License are
16 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
17 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
18 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
20 * Please see the License for the specific language governing rights and
21 * limitations under the License.
22 *
23 * @APPLE_LICENSE_HEADER_END@
24 */
25 /*
26 * alias_pptp.c
27 *
28 * Copyright (c) 2000 Whistle Communications, Inc.
29 * All rights reserved.
30 *
31 * Subject to the following obligations and disclaimer of warranty, use and
32 * redistribution of this software, in source or object code forms, with or
33 * without modifications are expressly permitted by Whistle Communications;
34 * provided, however, that:
35 * 1. Any and all reproductions of the source or object code must include the
36 * copyright notice above and the following disclaimer of warranties; and
37 * 2. No rights are granted, in any manner or form, to use Whistle
38 * Communications, Inc. trademarks, including the mark "WHISTLE
39 * COMMUNICATIONS" on advertising, endorsements, or otherwise except as
40 * such appears in the above copyright notice or in the software.
41 *
42 * THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND
43 * TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO
44 * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE,
45 * INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF
46 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
47 * WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANTEE, OR MAKE ANY
48 * REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS
49 * SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE.
50 * IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES
51 * RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING
52 * WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
53 * PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR
54 * SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY
55 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
56 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
57 * THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY
58 * OF SUCH DAMAGE.
59 *
60 * Author: Erik Salander <erik@whistle.com>
61 *
62 * Based upon:
63 * $FreeBSD: src/lib/libalias/alias_pptp.c,v 1.1.2.4 2001/08/01 09:52:27 obrien Exp $
64 */
65
66 /*
67 Alias_pptp.c performs special processing for PPTP sessions under TCP.
68 Specifically, watch PPTP control messages and alias the Call ID or the
69 Peer's Call ID in the appropriate messages. Note, PPTP requires
70 "de-aliasing" of incoming packets, this is different than any other
71 TCP applications that are currently (ie. FTP, IRC and RTSP) aliased.
72
73 For Call IDs encountered for the first time, a PPTP alias link is created.
74 The PPTP alias link uses the Call ID in place of the original port number.
75 An alias Call ID is created.
76
77 For this routine to work, the PPTP control messages must fit entirely
78 into a single TCP packet. This is typically the case, but is not
79 required by the spec.
80
81 Unlike some of the other TCP applications that are aliased (ie. FTP,
82 IRC and RTSP), the PPTP control messages that need to be aliased are
83 guaranteed to remain the same length. The aliased Call ID is a fixed
84 length field.
85
86 Reference: RFC 2637
87
88 Initial version: May, 2000 (eds)
89
90 */
91
92 /* Includes */
93 #include <sys/types.h>
94 #include <netinet/in_systm.h>
95 #include <netinet/in.h>
96 #include <netinet/ip.h>
97 #include <netinet/tcp.h>
98
99 #include <stdio.h>
100
101 #include "alias_local.h"
102
103 /*
104 * PPTP definitions
105 */
106
107 struct grehdr /* Enhanced GRE header. */
108 {
109 u_int16_t gh_flags; /* Flags. */
110 u_int16_t gh_protocol; /* Protocol type. */
111 u_int16_t gh_length; /* Payload length. */
112 u_int16_t gh_call_id; /* Call ID. */
113 u_int32_t gh_seq_no; /* Sequence number (optional). */
114 u_int32_t gh_ack_no; /* Acknowledgment number (optional). */
115 };
116 typedef struct grehdr GreHdr;
117
118 /* The PPTP protocol ID used in the GRE 'proto' field. */
119 #define PPTP_GRE_PROTO 0x880b
120
121 /* Bits that must be set a certain way in all PPTP/GRE packets. */
122 #define PPTP_INIT_VALUE ((0x2001 << 16) | PPTP_GRE_PROTO)
123 #define PPTP_INIT_MASK 0xef7fffff
124
125 #define PPTP_MAGIC 0x1a2b3c4d
126 #define PPTP_CTRL_MSG_TYPE 1
127
128 enum {
129 PPTP_StartCtrlConnRequest = 1,
130 PPTP_StartCtrlConnReply = 2,
131 PPTP_StopCtrlConnRequest = 3,
132 PPTP_StopCtrlConnReply = 4,
133 PPTP_EchoRequest = 5,
134 PPTP_EchoReply = 6,
135 PPTP_OutCallRequest = 7,
136 PPTP_OutCallReply = 8,
137 PPTP_InCallRequest = 9,
138 PPTP_InCallReply = 10,
139 PPTP_InCallConn = 11,
140 PPTP_CallClearRequest = 12,
141 PPTP_CallDiscNotify = 13,
142 PPTP_WanErrorNotify = 14,
143 PPTP_SetLinkInfo = 15
144 };
145
146 /* Message structures */
147 struct pptpMsgHead {
148 u_int16_t length; /* total length */
149 u_int16_t msgType; /* PPTP message type */
150 u_int32_t magic; /* magic cookie */
151 u_int16_t type; /* control message type */
152 u_int16_t resv0; /* reserved */
153 };
154 typedef struct pptpMsgHead *PptpMsgHead;
155
156 struct pptpCodes {
157 u_int8_t resCode; /* Result Code */
158 u_int8_t errCode; /* Error Code */
159 };
160 typedef struct pptpCodes *PptpCode;
161
162 struct pptpCallIds {
163 u_int16_t cid1; /* Call ID field #1 */
164 u_int16_t cid2; /* Call ID field #2 */
165 };
166 typedef struct pptpCallIds *PptpCallId;
167
168 static PptpCallId AliasVerifyPptp(struct ip *, u_int16_t *);
169
170
171 void
172 AliasHandlePptpOut(struct ip *pip, /* IP packet to examine/patch */
173 struct alias_link *link) /* The PPTP control link */
174 {
175 struct alias_link *pptp_link;
176 PptpCallId cptr;
177 PptpCode codes;
178 u_int16_t ctl_type; /* control message type */
179 struct tcphdr *tc;
180
181 /* Verify valid PPTP control message */
182 if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
183 return;
184
185 /* Modify certain PPTP messages */
186 switch (ctl_type) {
187 case PPTP_OutCallRequest:
188 case PPTP_OutCallReply:
189 case PPTP_InCallRequest:
190 case PPTP_InCallReply:
191 /* Establish PPTP link for address and Call ID found in control message. */
192 pptp_link = AddPptp(GetOriginalAddress(link), GetDestAddress(link),
193 GetAliasAddress(link), cptr->cid1);
194 break;
195 case PPTP_CallClearRequest:
196 case PPTP_CallDiscNotify:
197 /* Find PPTP link for address and Call ID found in control message. */
198 pptp_link = FindPptpOutByCallId(GetOriginalAddress(link),
199 GetDestAddress(link),
200 cptr->cid1);
201 break;
202 default:
203 return;
204 }
205
206 if (pptp_link != NULL) {
207 int accumulate = cptr->cid1;
208
209 /* alias the Call Id */
210 cptr->cid1 = GetAliasPort(pptp_link);
211
212 /* Compute TCP checksum for revised packet */
213 tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
214 accumulate -= cptr->cid1;
215 ADJUST_CHECKSUM(accumulate, tc->th_sum);
216
217 switch (ctl_type) {
218 case PPTP_OutCallReply:
219 case PPTP_InCallReply:
220 codes = (PptpCode)(cptr + 1);
221 if (codes->resCode == 1) /* Connection established, */
222 SetDestCallId(pptp_link, /* note the Peer's Call ID. */
223 cptr->cid2);
224 else
225 SetExpire(pptp_link, 0); /* Connection refused. */
226 break;
227 case PPTP_CallDiscNotify: /* Connection closed. */
228 SetExpire(pptp_link, 0);
229 break;
230 }
231 }
232 }
233
234 void
235 AliasHandlePptpIn(struct ip *pip, /* IP packet to examine/patch */
236 struct alias_link *link) /* The PPTP control link */
237 {
238 struct alias_link *pptp_link;
239 PptpCallId cptr;
240 u_int16_t *pcall_id;
241 u_int16_t ctl_type; /* control message type */
242 struct tcphdr *tc;
243
244 /* Verify valid PPTP control message */
245 if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
246 return;
247
248 /* Modify certain PPTP messages */
249 switch (ctl_type)
250 {
251 case PPTP_InCallConn:
252 case PPTP_WanErrorNotify:
253 case PPTP_SetLinkInfo:
254 pcall_id = &cptr->cid1;
255 break;
256 case PPTP_OutCallReply:
257 case PPTP_InCallReply:
258 pcall_id = &cptr->cid2;
259 break;
260 case PPTP_CallDiscNotify: /* Connection closed. */
261 pptp_link = FindPptpInByCallId(GetDestAddress(link),
262 GetAliasAddress(link),
263 cptr->cid1);
264 if (pptp_link != NULL)
265 SetExpire(pptp_link, 0);
266 return;
267 default:
268 return;
269 }
270
271 /* Find PPTP link for address and Call ID found in PPTP Control Msg */
272 pptp_link = FindPptpInByPeerCallId(GetDestAddress(link),
273 GetAliasAddress(link),
274 *pcall_id);
275
276 if (pptp_link != NULL) {
277 int accumulate = *pcall_id;
278
279 /* De-alias the Peer's Call Id. */
280 *pcall_id = GetOriginalPort(pptp_link);
281
282 /* Compute TCP checksum for modified packet */
283 tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
284 accumulate -= *pcall_id;
285 ADJUST_CHECKSUM(accumulate, tc->th_sum);
286
287 if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) {
288 PptpCode codes = (PptpCode)(cptr + 1);
289
290 if (codes->resCode == 1) /* Connection established, */
291 SetDestCallId(pptp_link, /* note the Call ID. */
292 cptr->cid1);
293 else
294 SetExpire(pptp_link, 0); /* Connection refused. */
295 }
296 }
297 }
298
299 static PptpCallId
300 AliasVerifyPptp(struct ip *pip, u_int16_t *ptype) /* IP packet to examine/patch */
301 {
302 int hlen, tlen, dlen;
303 PptpMsgHead hptr;
304 struct tcphdr *tc;
305
306 /* Calculate some lengths */
307 tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
308 hlen = (pip->ip_hl + tc->th_off) << 2;
309 tlen = ntohs(pip->ip_len);
310 dlen = tlen - hlen;
311
312 /* Verify data length */
313 if (dlen < (sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds)))
314 return(NULL);
315
316 /* Move up to PPTP message header */
317 hptr = (PptpMsgHead)(((char *) pip) + hlen);
318
319 /* Return the control message type */
320 *ptype = ntohs(hptr->type);
321
322 /* Verify PPTP Control Message */
323 if ((ntohs(hptr->msgType) != PPTP_CTRL_MSG_TYPE) ||
324 (ntohl(hptr->magic) != PPTP_MAGIC))
325 return(NULL);
326
327 /* Verify data length. */
328 if ((*ptype == PPTP_OutCallReply || *ptype == PPTP_InCallReply) &&
329 (dlen < sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds) +
330 sizeof(struct pptpCodes)))
331 return (NULL);
332 else
333 return (PptpCallId)(hptr + 1);
334 }
335
336
337 int
338 AliasHandlePptpGreOut(struct ip *pip)
339 {
340 GreHdr *gr;
341 struct alias_link *link;
342
343 gr = (GreHdr *)((char *)pip + (pip->ip_hl << 2));
344
345 /* Check GRE header bits. */
346 if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
347 return (-1);
348
349 link = FindPptpOutByPeerCallId(pip->ip_src, pip->ip_dst, gr->gh_call_id);
350 if (link != NULL) {
351 struct in_addr alias_addr = GetAliasAddress(link);
352
353 /* Change source IP address. */
354 DifferentialChecksum(&pip->ip_sum,
355 (u_short *)&alias_addr,
356 (u_short *)&pip->ip_src,
357 2);
358 pip->ip_src = alias_addr;
359 }
360
361 return (0);
362 }
363
364
365 int
366 AliasHandlePptpGreIn(struct ip *pip)
367 {
368 GreHdr *gr;
369 struct alias_link *link;
370
371 gr = (GreHdr *)((char *)pip + (pip->ip_hl << 2));
372
373 /* Check GRE header bits. */
374 if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
375 return (-1);
376
377 link = FindPptpInByPeerCallId(pip->ip_src, pip->ip_dst, gr->gh_call_id);
378 if (link != NULL) {
379 struct in_addr src_addr = GetOriginalAddress(link);
380
381 /* De-alias the Peer's Call Id. */
382 gr->gh_call_id = GetOriginalPort(link);
383
384 /* Restore original IP address. */
385 DifferentialChecksum(&pip->ip_sum,
386 (u_short *)&src_addr,
387 (u_short *)&pip->ip_dst,
388 2);
389 pip->ip_dst = src_addr;
390 }
391
392 return (0);
393 }
mirror of network_cmds