#include <sys/errno.h>

#include <sys/errno.h>

#include <sys/libkern.h>

#include <sys/libkern.h>

#include <netgraph/ng_message.h>

#include <netgraph/ng_message.h>

#include <netgraph/netgraph.h>

#include <netgraph/netgraph.h>

#include <netgraph/ng_parse.h>

#include <netgraph/ng_parse.h>

static void	ng_l2tp_seq_reset(priv_p priv);

static void	ng_l2tp_seq_reset(priv_p priv);

static void	ng_l2tp_seq_failure(priv_p priv);

static void	ng_l2tp_seq_failure(priv_p priv);

static void	ng_l2tp_seq_recv_nr(priv_p priv, u_int16_t nr);

static void	ng_l2tp_seq_recv_nr(priv_p priv, u_int16_t nr);

static hookpriv_p	ng_l2tp_find_session(priv_p privp, u_int16_t sid);

static hookpriv_p	ng_l2tp_find_session(priv_p privp, u_int16_t sid);

static ng_fn_eachhook	ng_l2tp_reset_session;

static ng_fn_eachhook	ng_l2tp_reset_session;

/* Parse type for struct ng_l2tp_seq_config. */

/* Parse type for struct ng_l2tp_seq_config. */

static const struct ng_parse_struct_field

static const struct ng_parse_struct_field

	ng_l2tp_seq_config_fields[] = NG_L2TP_SEQ_CONFIG_TYPE_INFO;

	ng_l2tp_seq_config_fields[] = NG_L2TP_SEQ_CONFIG_TYPE_INFO;

};

};

NETGRAPH_INIT(l2tp, &ng_l2tp_typestruct);

NETGRAPH_INIT(l2tp, &ng_l2tp_typestruct);

#ifdef INVARIANTS

#ifdef INVARIANTS

#else

#else

#endif

#endif

/* Whether to use m_copypacket() or m_dup() */

/* Whether to use m_copypacket() or m_dup() */

#define L2TP_COPY_MBUF		m_copypacket

#define L2TP_COPY_MBUF		m_copypacket

	const priv_p priv = NG_NODE_PRIVATE(node);

	const priv_p priv = NG_NODE_PRIVATE(node);

	struct l2tp_seq *const seq = &priv->seq;

	struct l2tp_seq *const seq = &priv->seq;

	/* Reset sequence number state */

	/* Reset sequence number state */

	ng_l2tp_seq_reset(priv);

	ng_l2tp_seq_reset(priv);

	/* Free private data if neither timer is running */

	/* Free private data if neither timer is running */

	mtx_destroy(&seq->mtx);

	mtx_destroy(&seq->mtx);

	int error;

	int error;

	int len, plen;

	int len, plen;

	/* If not configured, reject */

	/* If not configured, reject */

	if (!priv->conf.enabled) {

	if (!priv->conf.enabled) {

		NG_FREE_ITEM(item);

		NG_FREE_ITEM(item);

	if ((hdr & L2TP_HDR_CTRL) != 0) {

	if ((hdr & L2TP_HDR_CTRL) != 0) {

		struct l2tp_seq *const seq = &priv->seq;

		struct l2tp_seq *const seq = &priv->seq;

		/* Handle receive ack sequence number Nr */

		/* Handle receive ack sequence number Nr */

		ng_l2tp_seq_recv_nr(priv, nr);

		ng_l2tp_seq_recv_nr(priv, nr);

		/* Discard ZLB packets */

		/* Discard ZLB packets */

		if (m->m_pkthdr.len == 0) {

		if (m->m_pkthdr.len == 0) {

			priv->stats.recvZLBs++;

			priv->stats.recvZLBs++;

			NG_FREE_ITEM(item);

			NG_FREE_ITEM(item);

			NG_FREE_M(m);

			NG_FREE_M(m);

			ERROUT(0);

			ERROUT(0);

		}

		}

		/*

		/*

		 * If not what we expect or we are busy, drop packet and

		 * If not what we expect or we are busy, drop packet and

		 * send an immediate ZLB ack.

		 * send an immediate ZLB ack.

				priv->stats.recvDuplicates++;

				priv->stats.recvDuplicates++;

			else

			else

				priv->stats.recvOutOfOrder++;

				priv->stats.recvOutOfOrder++;

			ng_l2tp_xmit_ctrl(priv, NULL, seq->ns);

			ng_l2tp_xmit_ctrl(priv, NULL, seq->ns);

			NG_FREE_ITEM(item);

			NG_FREE_ITEM(item);

			NG_FREE_M(m);

			NG_FREE_M(m);

			ERROUT(0);

			ERROUT(0);

		}

		}

		/* Prepend session ID to packet. */

		/* Prepend session ID to packet. */

		M_PREPEND(m, 2, M_NOWAIT);

		M_PREPEND(m, 2, M_NOWAIT);

		if (m == NULL) {

		if (m == NULL) {

			priv->stats.memoryFailures++;

			priv->stats.memoryFailures++;

			NG_FREE_ITEM(item);

			NG_FREE_ITEM(item);

			ERROUT(ENOBUFS);

			ERROUT(ENOBUFS);

		mtod(m, u_int8_t *)[0] = sid >> 8;

		mtod(m, u_int8_t *)[0] = sid >> 8;

		mtod(m, u_int8_t *)[1] = sid & 0xff;

		mtod(m, u_int8_t *)[1] = sid & 0xff;

		/* Deliver packet to upper layers */

		/* Deliver packet to upper layers */

		NG_FWD_NEW_DATA(error, item, priv->ctrl, m);

		NG_FWD_NEW_DATA(error, item, priv->ctrl, m);

		/* Ready to process next packet. */

		/* Ready to process next packet. */

		seq->inproc = 0;

		seq->inproc = 0;

			seq->nr++;

			seq->nr++;

			/* Start receive ack timer, if not already running */

			/* Start receive ack timer, if not already running */

			if (!callout_active(&seq->xack_timer)) {

			if (!callout_active(&seq->xack_timer)) {

				    L2TP_DELAYED_ACK, ng_l2tp_seq_xack_timeout,

				    L2TP_DELAYED_ACK, ng_l2tp_seq_xack_timeout,

			}

			}

		}

		}

		ERROUT(error);

		ERROUT(error);

	}

	}

	/* Deliver data */

	/* Deliver data */

	NG_FWD_NEW_DATA(error, item, hook, m);

	NG_FWD_NEW_DATA(error, item, hook, m);

done:

done:

	return (error);

	return (error);

}

}

	int i;

	int i;

	u_int16_t	ns;

	u_int16_t	ns;

	/* If not configured, reject */

	/* If not configured, reject */

	if (!priv->conf.enabled) {

	if (!priv->conf.enabled) {

		NG_FREE_ITEM(item);

		NG_FREE_ITEM(item);

		ERROUT(EOVERFLOW);

		ERROUT(EOVERFLOW);

	}

	}

	/* Find next empty slot in transmit queue */

	/* Find next empty slot in transmit queue */

	for (i = 0; i < L2TP_MAX_XWIN && seq->xwin[i] != NULL; i++);

	for (i = 0; i < L2TP_MAX_XWIN && seq->xwin[i] != NULL; i++);

	if (i == L2TP_MAX_XWIN) {

	if (i == L2TP_MAX_XWIN) {

		priv->stats.xmitDrops++;

		priv->stats.xmitDrops++;

		m_freem(m);

		m_freem(m);

		ERROUT(ENOBUFS);

		ERROUT(ENOBUFS);

	/* If peer's receive window is already full, nothing else to do */

	/* If peer's receive window is already full, nothing else to do */

	if (i >= seq->cwnd) {

	if (i >= seq->cwnd) {

		ERROUT(0);

		ERROUT(0);

	}

	}

	/* Start retransmit timer if not already running */

	/* Start retransmit timer if not already running */

	if (!callout_active(&seq->rack_timer))

	if (!callout_active(&seq->rack_timer))

	ns = seq->ns++;

	ns = seq->ns++;

	/* Copy packet */

	/* Copy packet */

	if ((m = L2TP_COPY_MBUF(m, M_NOWAIT)) == NULL) {

	if ((m = L2TP_COPY_MBUF(m, M_NOWAIT)) == NULL) {

		priv->stats.memoryFailures++;

		priv->stats.memoryFailures++;

		ERROUT(ENOBUFS);

		ERROUT(ENOBUFS);

	}

	}

	/* Send packet and increment xmit sequence number */

	/* Send packet and increment xmit sequence number */

	error = ng_l2tp_xmit_ctrl(priv, m, ns);

	error = ng_l2tp_xmit_ctrl(priv, m, ns);

done:

done:

	return (error);

	return (error);

}

}

	int error;

	int error;

	int i = 2;

	int i = 2;

	/* If not configured, reject */

	/* If not configured, reject */

	if (!priv->conf.enabled) {

	if (!priv->conf.enabled) {

		NG_FREE_ITEM(item);

		NG_FREE_ITEM(item);

	/* Send packet */

	/* Send packet */

	NG_FWD_NEW_DATA(error, item, priv->lower, m);

	NG_FWD_NEW_DATA(error, item, priv->lower, m);

done:

done:

	return (error);

	return (error);

}

}

	if (seq->wmax > L2TP_MAX_XWIN)

	if (seq->wmax > L2TP_MAX_XWIN)

		seq->wmax = L2TP_MAX_XWIN;

		seq->wmax = L2TP_MAX_XWIN;

	seq->ssth = seq->wmax;

	seq->ssth = seq->wmax;

	mtx_init(&seq->mtx, "ng_l2tp", NULL, MTX_DEF);

	mtx_init(&seq->mtx, "ng_l2tp", NULL, MTX_DEF);

}

}

/*

/*

{

{

	struct l2tp_seq *const seq = &priv->seq;

	struct l2tp_seq *const seq = &priv->seq;

	u_int16_t new_wmax;

	u_int16_t new_wmax;

	/* If disabling node, reset state sequence number */

	/* If disabling node, reset state sequence number */

	if (!conf->enabled) {

	if (!conf->enabled) {

		ng_l2tp_seq_reset(priv);

		ng_l2tp_seq_reset(priv);

		return (0);

		return (0);

	}

	}

	if (new_wmax > L2TP_MAX_XWIN)

	if (new_wmax > L2TP_MAX_XWIN)

		new_wmax = L2TP_MAX_XWIN;

		new_wmax = L2TP_MAX_XWIN;

	if (new_wmax == 0)

	if (new_wmax == 0)

	if (new_wmax < seq->wmax)

	if (new_wmax < seq->wmax)

	seq->wmax = new_wmax;

	seq->wmax = new_wmax;

}

}

/*

/*

	hook_p hook;

	hook_p hook;

	int i;

	int i;

	/* Stop timers */

	/* Stop timers */

	/* Free retransmit queue */

	/* Free retransmit queue */

	for (i = 0; i < L2TP_MAX_XWIN; i++) {

	for (i = 0; i < L2TP_MAX_XWIN; i++) {

	seq->acks = 0;

	seq->acks = 0;

	seq->rexmits = 0;

	seq->rexmits = 0;

	bzero(seq->xwin, sizeof(seq->xwin));

	bzero(seq->xwin, sizeof(seq->xwin));

}

}

/*

/*

	int		i, j;

	int		i, j;

	uint16_t	ns;

	uint16_t	ns;

	/* Verify peer's ACK is in range */

	/* Verify peer's ACK is in range */

		return;				/* duplicate ack */

		return;				/* duplicate ack */

	if (L2TP_SEQ_DIFF(nr, seq->ns) > 0) {

	if (L2TP_SEQ_DIFF(nr, seq->ns) > 0) {

		priv->stats.recvBadAcks++;	/* ack for packet not sent */

		priv->stats.recvBadAcks++;	/* ack for packet not sent */

		return;

		return;

	}

	}

	 * ACK had arrived separately.

	 * ACK had arrived separately.

	 */

	 */

	if (seq->cwnd < seq->wmax) {

	if (seq->cwnd < seq->wmax) {

		/* Handle slow start phase */

		/* Handle slow start phase */

		if (seq->cwnd < seq->ssth) {

		if (seq->cwnd < seq->ssth) {

			seq->cwnd += nack;

			seq->cwnd += nack;

	/* Stop xmit timer */

	/* Stop xmit timer */

	if (callout_active(&seq->rack_timer))

	if (callout_active(&seq->rack_timer))

	/* If transmit queue is empty, we're done for now */

	/* If transmit queue is empty, we're done for now */

		return;

		return;

	/* Start restransmit timer again */

	/* Start restransmit timer again */

	/*

	/*

	 * Send more packets, trying to keep peer's receive window full.

	 * Send more packets, trying to keep peer's receive window full.

		seq->ns++;

		seq->ns++;

	}

	}

	/*

	/*

	 * Send prepared.

	 * Send prepared.

	 * If there is a memory error, pretend packet was sent, as it

	 * If there is a memory error, pretend packet was sent, as it

		struct mbuf 	*m;

		struct mbuf 	*m;

		if ((m = L2TP_COPY_MBUF(xwin[i], M_NOWAIT)) == NULL)

		if ((m = L2TP_COPY_MBUF(xwin[i], M_NOWAIT)) == NULL)

			priv->stats.memoryFailures++;

			priv->stats.memoryFailures++;

			ng_l2tp_xmit_ctrl(priv, m, ns);

			ng_l2tp_xmit_ctrl(priv, m, ns);

		ns++;

		ns++;

	}

	}

}

}

 * were hoping to piggy-back, but haven't, so send a ZLB.

 * were hoping to piggy-back, but haven't, so send a ZLB.

 */

 */

static void

static void

{

{

	const priv_p priv = NG_NODE_PRIVATE(node);

	const priv_p priv = NG_NODE_PRIVATE(node);

	struct l2tp_seq *const seq = &priv->seq;

	struct l2tp_seq *const seq = &priv->seq;

	/* Send a ZLB */

	/* Send a ZLB */

	ng_l2tp_xmit_ctrl(priv, NULL, seq->ns);

	ng_l2tp_xmit_ctrl(priv, NULL, seq->ns);

	/* callout_deactivate() is not needed here 

	/* callout_deactivate() is not needed here 

}

}

/* 

/* 

 * with an ack for our packet, so retransmit it.

 * with an ack for our packet, so retransmit it.

 */

 */

static void

static void

{

{

	const priv_p priv = NG_NODE_PRIVATE(node);

	const priv_p priv = NG_NODE_PRIVATE(node);

	struct l2tp_seq *const seq = &priv->seq;

	struct l2tp_seq *const seq = &priv->seq;

	struct mbuf *m;

	struct mbuf *m;

	u_int delay;

	u_int delay;

	priv->stats.xmitRetransmits++;

	priv->stats.xmitRetransmits++;

	delay = (seq->rexmits > 12) ? (1 << 12) : (1 << seq->rexmits);

	delay = (seq->rexmits > 12) ? (1 << 12) : (1 << seq->rexmits);

	if (delay > priv->conf.rexmit_max_to)

	if (delay > priv->conf.rexmit_max_to)

		delay = priv->conf.rexmit_max_to;

		delay = priv->conf.rexmit_max_to;

	/* Do slow-start/congestion algorithm windowing algorithm */

	/* Do slow-start/congestion algorithm windowing algorithm */

	seq->ns = seq->rack;

	seq->ns = seq->rack;

	/* Retransmit oldest unack'd packet */

	/* Retransmit oldest unack'd packet */

	m = L2TP_COPY_MBUF(seq->xwin[0], M_NOWAIT);

	m = L2TP_COPY_MBUF(seq->xwin[0], M_NOWAIT);

		priv->stats.memoryFailures++;

		priv->stats.memoryFailures++;

		ng_l2tp_xmit_ctrl(priv, m, seq->ns++);

		ng_l2tp_xmit_ctrl(priv, m, seq->ns++);

	/* callout_deactivate() is not needed here 

	/* callout_deactivate() is not needed here 

	    as ng_callout() is getting called each time */

	    as ng_callout() is getting called each time */

}

}

/*

/*

 * Transmit a control stream packet, payload optional.

 * Transmit a control stream packet, payload optional.

 * The transmit sequence number is not incremented.

 * The transmit sequence number is not incremented.

 */

 */

static int

static int

ng_l2tp_xmit_ctrl(priv_p priv, struct mbuf *m, u_int16_t ns)

ng_l2tp_xmit_ctrl(priv_p priv, struct mbuf *m, u_int16_t ns)

{

{

	struct l2tp_seq *const seq = &priv->seq;

	struct l2tp_seq *const seq = &priv->seq;

	uint8_t *p;

	uint8_t *p;

	int error;

	int error;

	/* Stop ack timer: we're sending an ack with this packet.

	/* Stop ack timer: we're sending an ack with this packet.

	   Doing this before to keep state predictable after error. */

	   Doing this before to keep state predictable after error. */

	if (callout_active(&seq->xack_timer))

	if (callout_active(&seq->xack_timer))

	/* If no mbuf passed, send an empty packet (ZLB) */

	/* If no mbuf passed, send an empty packet (ZLB) */

	if (m == NULL) {

	if (m == NULL) {

		/* Create a new mbuf for ZLB packet */

		/* Create a new mbuf for ZLB packet */

		MGETHDR(m, M_NOWAIT, MT_DATA);

		MGETHDR(m, M_NOWAIT, MT_DATA);

		if (m == NULL) {

		if (m == NULL) {

		m->m_pkthdr.rcvif = NULL;

		m->m_pkthdr.rcvif = NULL;

		priv->stats.xmitZLBs++;

		priv->stats.xmitZLBs++;

	} else {

	} else {

		/* Strip off session ID */

		/* Strip off session ID */

		if (m->m_len < 2 && (m = m_pullup(m, 2)) == NULL) {

		if (m->m_len < 2 && (m = m_pullup(m, 2)) == NULL) {

			priv->stats.memoryFailures++;

			priv->stats.memoryFailures++;

	p[7] = session_id & 0xff;

	p[7] = session_id & 0xff;

	p[8] = ns >> 8;

	p[8] = ns >> 8;

	p[9] = ns & 0xff;

	p[9] = ns & 0xff;

	/* Update sequence number info and stats */

	/* Update sequence number info and stats */

	priv->stats.xmitPackets++;

	priv->stats.xmitPackets++;

#define CHECK(p)	KASSERT((p), ("%s: not: %s", __func__, #p))

#define CHECK(p)	KASSERT((p), ("%s: not: %s", __func__, #p))

	self_unack = L2TP_SEQ_DIFF(seq->nr, seq->xack);

	self_unack = L2TP_SEQ_DIFF(seq->nr, seq->xack);

	peer_unack = L2TP_SEQ_DIFF(seq->ns, seq->rack);

	peer_unack = L2TP_SEQ_DIFF(seq->ns, seq->rack);

		CHECK(seq->xwin[i] != NULL);

		CHECK(seq->xwin[i] != NULL);

	for ( ; i < seq->cwnd; i++)	    /* verify peer's recv window full */

	for ( ; i < seq->cwnd; i++)	    /* verify peer's recv window full */

		CHECK(seq->xwin[i] == NULL);

		CHECK(seq->xwin[i] == NULL);

#undef CHECK

#undef CHECK

}

}