Subversion Repositories planix.SVN

#include <u.h>

#include <libc.h>

#include <libsec.h>

#include <ip.h>

#include <auth.h>

#include "ppp.h"

enum {

	HistorySize=	8*1024,

	Cminmatch	= 3,		/* sintest match possible */

	Chshift		= 4,		/* nice compromise between space & time */

	Cnhash		= 1<<(Chshift*Cminmatch),

	HMASK		= Cnhash-1,

};

typedef struct Carena Carena;

struct Carena

{

	uchar	*pos;			/* current place, also amount of history filled */

	uchar	buf[HistorySize];

};

typedef struct Cstate Cstate;

struct Cstate

{

	QLock;

	int	count;

	int	reset;		/* compressor has been reset */

	int	front;		/* move to begining of history */

	ulong	sreg;		/* output shift reg */

	int	bits;		/* number of bits in sreg */

	Block	*b; 		/* output block */

	/*

	 * state for hashing compressor

	 */

	Carena	arenas[2];

	Carena	*hist;

	Carena	*ohist;

	ulong	hash[Cnhash];

	int	h;

	ulong	me;

	ulong	split;

	int	encrypt;

	uchar	startkey[16];

	uchar	key[16];

	RC4state rc4key;

};

typedef struct Uncstate Uncstate;

struct Uncstate

{

	int	count;	 	/* packet count - detects missing packets */

	int	resetid;	/* id of reset requests */

	uchar	his[HistorySize];

	int	indx;		/* current indx in history */

	int	size;		/* current history size */

	uchar	startkey[16];

	uchar	key[16];

	RC4state rc4key;

};

/* packet flags */

enum {

	Preset=		(1<<15),	/* reset history */

	Pfront=		(1<<14),	/* move packet to front of history */

	Pcompress=	(1<<13),	/* packet is compressed */

	Pencrypt=	(1<<12),	/* packet is encrypted */

};

enum {

	Lit7,		/* seven bit literal */

	Lit8,		/* eight bit literal */

	Off6,		/* six bit offset */

	Off8,		/* eight bit offset */

	Off13,		/* thirteen bit offset */

};

/* decode first four bits */

int decode[16] = {

	Lit7,	

	Lit7,

	Lit7,

	Lit7,

	Lit7,

	Lit7,

	Lit7,

	Lit7,

	Lit8,

	Lit8,	

	Lit8,

	Lit8,	

	Off13,

	Off13,

	Off8,

	Off6,

};

static	void		*compinit(PPP*);

static	Block*		comp(PPP*, ushort, Block*, int*);

static	void		comp2(Cstate*, uchar*, int);

static	Block		*compresetreq(void*, Block*);

static	void		compfini(void*);

static	void		complit(Cstate*, int);

static	void		compcopy(Cstate*, int, int);

static	void		compout(Cstate*, ulong, int);

static	void		compfront(Cstate*);

static	void		hashcheck(Cstate*);

static	void		compreset(Cstate*);

static	int		hashit(uchar*);

static	void		*uncinit(PPP*);

static	Block*		uncomp(PPP*, Block*, int *protop, Block**);

static	Block		*uncomp2(Uncstate *s, Block*, ushort);

static	void		uncfini(void*);

static	void		uncresetack(void*, Block*);

static  int		ipcheck(uchar*, int);

static  void		hischeck(Uncstate*);

static	void		setkey(uchar *key, uchar *startkey);

Comptype cmppc = {

	compinit,

	comp,

	compresetreq,

	compfini

};

Uncomptype uncmppc = {

	uncinit,

	uncomp,

	uncresetack,

	uncfini

};

static void *

compinit(PPP *ppp)

{

	Cstate *cs;

	cs = mallocz(sizeof(Cstate), 1);

	cs->hist = &cs->arenas[0];

	cs->ohist = &cs->arenas[1];

	compreset(cs);

	/*

	 * make reset clear the hash table

	 */

	cs->me = ~0;

	compreset(cs);

	cs->reset = 0;

	if(ppp->sendencrypted) {

		cs->encrypt = 1;

		memmove(cs->startkey, ppp->key, 16);

		memmove(cs->key, ppp->key, 16);

		setkey(cs->key, cs->startkey);

		setupRC4state(&cs->rc4key, cs->key, 16);

	}

	return cs;

}

static void

compfini(void *as)

{

	Cstate *cs;

	cs = as;

	free(cs);

}

static Block*

comp(PPP *ppp, ushort proto, Block *b, int *protop)

{

	Cstate *s;

	int n, n2;

	ushort count;

	s = ppp->cstate;

	*protop = 0;

	qlock(s);

	/* put protocol into b */

	b->rptr -= 2;

	if(b->rptr < b->base)

		sysfatal("mppc: not enough header in block");

	b->rptr[0] = proto>>8;

	b->rptr[1] = proto;

	n = BLEN(b);

	s->bits = 0;

	s->b = allocb(n*9/8+20);

	s->b->wptr += 2;	/* leave room for mppc header */

	comp2(s, b->rptr, n);

	/* flush sreg */

	if(s->bits)

		*s->b->wptr++ = s->sreg<<(8-s->bits);

	if(s->b->wptr > s->b->lim)

		sysfatal("mppc: comp: output block overflowed");

	n2 = BLEN(s->b);

	if(n2 > n-2 && !s->encrypt) {

		/* expened and not excrypting so send as a regular packet */

//netlog("mppc: comp: expanded\n"); 

		compreset(s);

		freeb(s->b);

		b->rptr += 2;

		qunlock(s);

		*protop = proto;

		return b;

	}

	count = s->count++;

	s->count &= 0xfff;

	if(s->front)

		count |= Pfront;

	if(s->reset)

		count |= Preset;

	s->reset = 0;

	s->front = 0;

	if(n2 > n) {

//netlog("mppc: comp: expanded\n"); 

		freeb(s->b);

		/* make room for count */

		compreset(s);

		b->rptr -= 2;

	} else {

		freeb(b);

		b = s->b;

		count |= Pcompress;

	}

	s->b = nil;

	if(s->encrypt) {

		count |= Pencrypt;

		if((count&0xff) == 0xff) {

//netlog("mppc: comp: changing key\n"); 

			setkey(s->key, s->startkey);

			setupRC4state(&s->rc4key, s->key, 16);

			rc4(&s->rc4key, s->key, 16);

			setupRC4state(&s->rc4key, s->key, 16);

		} else if(count&Preset)

			setupRC4state(&s->rc4key, s->key, 16);

		rc4(&s->rc4key, b->rptr+2, BLEN(b)-2);

//netlog("mppc: encrypt %ux\n", count);

	}

	b->rptr[0] = count>>8;

	b->rptr[1] = count;

	qunlock(s);

	*protop = Pcdata;

	return b;

}

static Block *

compresetreq(void *as, Block *b)

{

	Cstate *cs;

	cs = as;

netlog("mppc: comp: reset request\n");

	qlock(cs);

	compreset(cs);

	qunlock(cs);

	freeb(b);

	return nil;

}

static void

comp2(Cstate *cs, uchar *p, int n)

{

	Carena *hist, *ohist;

	ulong *hash, me, split, you, last;

	uchar *s, *t, *et, *buf, *obuf, *pos, *opos;

	int i, h, m;

	/*

	 * check for wrap

	 */

	if(cs->me + n < cs->me)

		compreset(cs);

	if(cs->hist->pos + n > cs->hist->buf + HistorySize)

		compfront(cs);

	hist = cs->hist;

	ohist = cs->ohist;

	hash = cs->hash;

	me = cs->me;

	split = cs->split;

	memmove(hist->pos, p, n);

	p = hist->pos;

	hist->pos = pos = p + n;

	m = Cminmatch;

	if(m > n)

		m = n;

	h = cs->h;

	for(i = 0; i < m; i++) {

		h = (((h)<<Chshift) ^ p[i]) & HMASK;

		last = me + (i - (Cminmatch-1));

		if(last >= split && last != me)

			hash[h] = last;

	}

	buf = hist->buf - split;

	obuf = ohist->buf + HistorySize - split;

	opos = ohist->pos;

	while(p < pos) {

		you = hash[h];

		if(you < split) {

			if(me - you >= HistorySize)

				t = opos;

			else

				t = obuf + you;

			et = opos;

		} else {

			t = buf + you;

			et = pos;

		}

		m = pos - p;

		if(m < et - t)

			et = t + m;

		for(s = p; t < et; t++) {

			if(*s != *t)

				break;

			s++;

		}

		m = s - p;

		if(m < Cminmatch) {

			complit(cs, *p);

			s = p + 1;

		} else

			compcopy(cs, me - you, m);

		for(; p != s; p++) {

			if(p + Cminmatch <= pos) {

				hash[h] = me;

				if(p + Cminmatch < pos)

					h = (((h)<<Chshift) ^ p[Cminmatch]) & HMASK;

			}

			me++;

		}

	}

	cs->h = h;

	cs->me = me;

}

static void

compfront(Cstate *cs)

{

	Carena *th;

	cs->front = 1;

	th = cs->ohist;

	cs->ohist = cs->hist;

	cs->hist = th;

	cs->hist->pos = cs->hist->buf;

	cs->h = 0;

	cs->me = cs->split + HistorySize;

	cs->split = cs->me;

}

static void

compreset(Cstate *cs)

{

	ulong me;

	cs->reset = 1;

	me = cs->me;

	if(me + 2 * HistorySize < me){

		me = 0;

		memset(cs->hash, 0, sizeof(cs->hash));

	}

	cs->me = me + 2 * HistorySize;

	cs->split = cs->me;

	cs->hist->pos = cs->hist->buf;

	cs->ohist->pos = cs->ohist->buf;

}

static void

complit(Cstate *s, int c)

{

	if(c&0x80)

		compout(s, 0x100|(c&0x7f), 9);

	else

		compout(s, c, 8);

}

static void

compcopy(Cstate *s, int off, int len)

{

	int i;

	ulong mask;

	if(off<64)

		compout(s, 0x3c0|off, 10);

	else if(off<320)

		compout(s, 0xe00|(off-64), 12);

	else

		compout(s, 0xc000|(off-320), 16);

	if(len < 3)

		sysfatal("compcopy: bad len: %d", len);

	if(len == 3)

		compout(s, 0, 1);

	else {

		for(i=3; (1<<i) <= len; i++)

			;

		mask = (1<<(i-1))-1;

		compout(s, (((1<<(i-2))-1)<<i) | len&mask, (i-1)<<1);

	}

}

static void

compout(Cstate *s, ulong data, int bits)

{

	ulong sreg;

	sreg = s->sreg;

	sreg <<= bits;

	sreg |= data;

	bits += s->bits;

	while(bits >= 8) {

		*s->b->wptr++ = sreg>>(bits-8);

		bits -= 8;

	}

	s->sreg = sreg;

	s->bits = bits;

}

void

printkey(uchar *key)

{

	char buf[200], *p;

	int i;

	p = buf;

	for(i=0; i<16; i++)

		p += sprint(p, "%.2ux ", key[i]);

//netlog("key = %s\n", buf);

}

static	void *

uncinit(PPP *ppp)

{

	Uncstate *s;

	s = mallocz(sizeof(Uncstate), 1);

	s->count = 0xfff;	/* count of non existant last packet */

	memmove(s->startkey, ppp->key, 16);

	memmove(s->key, ppp->key, 16);

	setkey(s->key, s->startkey);

	setupRC4state(&s->rc4key, s->key, 16);

	return s;

}

static	Block*

uncomp(PPP *ppp, Block *b, int *protop, Block **r)

{

	Uncstate *s;

	ushort proto;

	ushort count;

	Lcpmsg *m;

	*r = nil;

	*protop = 0;

	s = ppp->uncstate;

	if(BLEN(b) < 2){

		syslog(0, "ppp", ": mppc: short packet\n");

		freeb(b);

		return nil;

	}

	count = nhgets(b->rptr);

	b->rptr += 2;

	b = uncomp2(s, b, count);

	if(b == nil) {

//netlog("ppp: mppc: reset request\n");

		/* return reset request packet */

		*r = alloclcp(Lresetreq, s->resetid++, 4, &m);

		hnputs(m->len, 4);

		*protop = 0;

		return nil;

	}

	if(BLEN(b) < 2){

		syslog(0, "ppp", ": mppc: short packet\n");

		freeb(b);

		*protop = 0;

		return nil;

	}

	proto = nhgets(b->rptr);

	b->rptr += 2;

/*

	if(proto == 0x21)

		if(!ipcheck(b->rptr, BLEN(b)))

			hischeck(s);

*/

	*protop = proto;

	return b;

}

#define NEXTBYTE	sreg = (sreg<<8) | *p++; n--; bits += 8

int	maxoff;

static	Block*

uncomp2(Uncstate *s, Block *b, ushort count)

{

	int ecount, n, bits, off, len, ones;

	ulong sreg;

	int t;

	uchar *p, c, *hp, *hs, *he, *hq;

	if(count&Preset) {

//netlog("mppc reset\n");

		s->indx = 0;

		s->size = 0;

		setupRC4state(&s->rc4key, s->key, 16);

	} else {

		ecount = (s->count+1)&0xfff;

		if((count&0xfff) != ecount) {

netlog("******* bad count - got %ux expected %ux\n", count&0xfff, ecount);

			freeb(b);

			return nil;

		}

		if(count&Pfront) {

			s->indx = 0;

/*			netlog("ppp: mppc: frount flag set\n"); */

		}

	}

	/* update key */

	n = (((count+1)>>8)&0xf) - (((s->count+1)>>8)&0xf);

	if(n < 0)

		n += 16;

//netlog("mppc count = %ux oldcount %ux n = %d\n", count, s->count, n);

	if(n < 0 || n > 1) {

		syslog(0, "ppp", ": mppc bad count %ux, %ux", count, s->count);

		freeb(b);

		return nil;

	}

	if(n == 1) {

		setkey(s->key, s->startkey);

		setupRC4state(&s->rc4key, s->key, 16);

		rc4(&s->rc4key, s->key, 16);

		setupRC4state(&s->rc4key, s->key, 16);

	}

	s->count = count;

	n = BLEN(b);

	p = b->rptr;

	if(count & Pencrypt) {

//netlog("mppc unencrypt count = %ux\n", count);

		rc4(&s->rc4key, p, n);

	}

	if(!(count & Pcompress)) {

//netlog("uncompress blen = %d\n", BLEN(b));

		return  b;

	}

	bits = 0;

	sreg = 0;

	hs = s->his;		/* history start */

	hp = hs+s->indx;	/* write pointer in history */

	he = hs+sizeof(s->his);	/* hsitory end */

	for(;;) {

		if(bits<4) {

			if(n==0) goto Done;

			NEXTBYTE;

		}

		t = decode[(sreg>>(bits-4))&0xf];

		switch(t) {

		default:

			sysfatal("mppc: bad decode!");

		case Lit7:

			bits -= 1;

			if(bits<7) {

				if(n==0) goto Done;

				NEXTBYTE;

			}

			c = (sreg>>(bits-7))&0x7f;

			bits -= 7;

			if(hp >= he) goto His;

			*hp++ = c;

/* netlog("\tlit7 %.2ux\n", c); */

			continue;

		case Lit8:

			bits -= 2;

			if(bits<7) {

				if(n==0) goto Eof;

				NEXTBYTE;

			}

			c = 0x80 | ((sreg>>(bits-7))&0x7f);

			bits -= 7;

			if(hp >= he) goto His;

			*hp++ = c;

/* netlog("\tlit8 %.2ux\n", c); */

			continue;

		case Off6:

			bits -= 4;

			if(bits<6) {

				if(n==0) goto Eof;

				NEXTBYTE;

			}

			off = (sreg>>(bits-6))&0x3f;

			bits -= 6;

			break;

		case Off8:

			bits -= 4;

			if(bits<8) {

				if(n==0) goto Eof;

				NEXTBYTE;

			}

			off = ((sreg>>(bits-8))&0xff)+64;

			bits -= 8;

			break;

		case Off13:

			bits -= 3;

			while(bits<13) {

				if(n==0) goto Eof;

				NEXTBYTE;

			}

			off = ((sreg>>(bits-13))&0x1fff)+320;

			bits -= 13;

/* netlog("\toff=%d bits = %d sreg = %ux t = %x\n", off, bits, sreg, t); */

			break;

		}

		for(ones=0;;ones++) {

			if(bits == 0) {

				if(n==0) goto Eof;

				NEXTBYTE;

			}

			bits--;

			if(!(sreg&(1<<bits)))

				break;

		}

		if(ones>11) {

netlog("ppp: mppc: bad length %d\n", ones);

			freeb(b);

			return nil;

		}

		if(ones == 0) {

			len = 3;

		} else {

			ones++;

			while(bits<ones) {

				if(n==0) goto Eof;

				NEXTBYTE;

			}

			len = (1<<ones) | ((sreg>>(bits-ones))&((1<<ones)-1));

			bits -= ones;

		}

		hq = hp-off;

		if(hq < hs) {

			hq += sizeof(s->his);

			if(hq-hs+len > s->size) 

				goto His;

		}

		if(hp+len > he) goto His;

		while(len) {

			*hp++ = *hq++;

			len--;

		}

	}

Done:

	freeb(b);

	/* build up return block */

	hq = hs+s->indx;

	len = hp-hq;

	b = allocb(len);

	memmove(b->wptr, hq, len);

	b->wptr += len;

netlog("ppp: mppc: len %d bits = %d n=%d\n", len, bits, n);

	s->indx += len;

	if(s->indx > s->size)

		s->size = s->indx;

	return b;

Eof:

netlog("*****unexpected end of data\n");

	freeb(b);

	return nil;

His:

netlog("*****bad history\n");

	freeb(b);

	return nil;

}

static	void

uncresetack(void*, Block*)

{

}

static	void

uncfini(void *as)

{

	Uncstate *s;

	s = as;	

	free(s);

}

static void

setkey(uchar *key, uchar *startkey)

{

	uchar pad[40];

	SHAstate *s;

	uchar digest[SHA1dlen];

	s = sha1(startkey, 16, nil, nil);

	memset(pad, 0, 40);

	sha1(pad, 40, nil, s);

	sha1(key, 16, nil, s);

	memset(pad, 0xf2, 40);

	sha1(pad, 40, digest, s);

	memmove(key, digest, 16);

}

/* code to check if IP packet looks good */

typedef struct Iphdr Iphdr;

struct Iphdr

{

	uchar	vihl;		/* Version and header length */

	uchar	tos;		/* Type of service */

	uchar	length[2];	/* packet length */

	uchar	id[2];		/* Identification */

	uchar	frag[2];	/* Fragment information */

	uchar	ttl;		/* Time to live */

	uchar	proto;		/* Protocol */

	uchar	cksum[2];	/* Header checksum */

	uchar	src[4];		/* Ip source */

	uchar	dst[4];		/* Ip destination */

};

enum

{

	QMAX		= 64*1024-1,

	IP_TCPPROTO	= 6,

	TCP_IPLEN	= 8,

	TCP_PHDRSIZE	= 12,

	TCP_HDRSIZE	= 20,

	TCP_PKT		= TCP_IPLEN+TCP_PHDRSIZE,

};

enum

{

	UDP_PHDRSIZE	= 12,

	UDP_HDRSIZE	= 20,

	UDP_IPHDR	= 8,

	IP_UDPPROTO	= 17,

	UDP_USEAD	= 12,

	UDP_RELSIZE	= 16,

	Udprxms		= 200,

	Udptickms	= 100,

	Udpmaxxmit	= 10,

};

typedef struct UDPhdr UDPhdr;

struct UDPhdr

{

	/* ip header */

	uchar	vihl;		/* Version and header length */

	uchar	tos;		/* Type of service */

	uchar	length[2];	/* packet length */

	uchar	id[2];		/* Identification */

	uchar	frag[2];	/* Fragment information */

	uchar	Unused;	

	uchar	udpproto;	/* Protocol */

	uchar	udpplen[2];	/* Header plus data length */

	uchar	udpsrc[4];	/* Ip source */

	uchar	udpdst[4];	/* Ip destination */

	/* udp header */

	uchar	udpsport[2];	/* Source port */

	uchar	udpdport[2];	/* Destination port */

	uchar	udplen[2];	/* data length */

	uchar	udpcksum[2];	/* Checksum */

};

typedef struct TCPhdr TCPhdr;

struct TCPhdr

{

	uchar	vihl;		/* Version and header length */

	uchar	tos;		/* Type of service */

	uchar	length[2];	/* packet length */

	uchar	id[2];		/* Identification */

	uchar	frag[2];	/* Fragment information */

	uchar	Unused;

	uchar	proto;

	uchar	tcplen[2];

	uchar	tcpsrc[4];

	uchar	tcpdst[4];

	uchar	tcpsport[2];

	uchar	tcpdport[2];

	uchar	tcpseq[4];

	uchar	tcpack[4];

	uchar	tcpflag[2];

	uchar	tcpwin[2];

	uchar	tcpcksum[2];

	uchar	tcpurg[2];

	/* Options segment */

	uchar	tcpopt[2];

	uchar	tcpmss[2];

};

static void

hischeck(Uncstate *s)

{

	uchar *p;

	Iphdr *iph;

	int len;

	p = s->his;

netlog("***** history check\n");

	while(p < s->his+s->size) {

		if(p[0] != 0 || p[1] != 0x21) {

netlog("***** unknown protocol\n");

			return;

		}

		p += 2;

netlog("off = %ld ", p-s->his);

		iph = (Iphdr*)p;

		len = nhgets(iph->length);

		ipcheck(p, len);

		p += len;

	}

}

static int

ipcheck(uchar *p, int len)

{

	Iphdr *iph;

	TCPhdr *tcph;

	ushort length;

	UDPhdr *uh;

	Block *bp;

	ushort cksum;

	int good;

	bp = allocb(len);

	memmove(bp->wptr, p, len);

	bp->wptr += len;

	good = 1;

	iph = (Iphdr *)(bp->rptr);

/* netlog("ppp: mppc: ipcheck %I %I len %d proto %d\n", iph->src, iph->dst, BLEN(bp), iph->proto); */

	if(len != nhgets(iph->length)) {

		netlog("***** bad length! %d %d\n", len, nhgets(iph->length));

		good = 0;

	}