add standard-based PPP framing (RFC1661, RFC1662) as reference points

- PPP_ENCAP_RFC1661: Plain PPP. “Synchronous” in the ’90s-era language,
  because the start and end of the frame are known from external means.

  In modern instances, this is because they arrive in a complete packet with
  a known length from its lower-level encapsulation. (TLS or DTLS records in
  our expected use cases.)

  This is what `pppd sync` does.

- PPP_ENCAP_RFC1662: “PPP in HDLC-like framing.”

  This is what `pppd` without `sync` does.

At some point, we will be able to add automated testing of our PPP
implementation's ability to communicate with `pppd`.

Signed-off-by: Daniel Lenski <dlenski@gmail.com>

diff --git a/openconnect-internal.h b/openconnect-internal.h
index 4b00da59fb19b79b1ef75ab400685d6cf991f83b..4e88f91ca117837f88658e061fca4e9c580f2c52 100644 (file)
--- a/openconnect-internal.h
+++ b/openconnect-internal.h
@@ -176,10 +176,12 @@ struct pkt {
 #define DTLS_CONNECTING        4       /* ESP probe received; must tell server */
 #define DTLS_CONNECTED 5       /* Server informed and should be sending ESP */
 
-#define PPP_ENCAP_F5           1       /* F5 BigIP no HDLC */
-#define PPP_ENCAP_F5_HDLC      2       /* F5 BigIP HDLC */
-#define PPP_ENCAP_FORTINET_HDLC        3       /* Fortinet HDLC */
-#define PPP_ENCAP_NX_HDLC      4       /* SonicWall NetExtender HDLC */
+#define PPP_ENCAP_RFC1661      1       /* Plain/synchronous/pre-framed PPP (RFC1661) */
+#define PPP_ENCAP_RFC1662_HDLC 2       /* PPP with HDLC-like framing (RFC1662) */
+#define PPP_ENCAP_F5           3       /* F5 BigIP no HDLC */
+#define PPP_ENCAP_F5_HDLC      4       /* F5 BigIP HDLC */
+#define PPP_ENCAP_FORTINET_HDLC        5       /* Fortinet HDLC */
+#define PPP_ENCAP_NX_HDLC      6       /* SonicWall NetExtender HDLC */
 #define PPP_ENCAP_MAX          PPP_ENCAP_NX_HDLC
 
 #define COMPR_DEFLATE  (1<<0)

diff --git a/ppp.c b/ppp.c
index d5164b267a17ed935805a4c9be6e94ba5fc0ba09..2faa49ffc274cf152fe99846946aef38ca598d05 100644 (file)
--- a/ppp.c
+++ b/ppp.c
@@ -168,6 +168,8 @@ static const char *ppps_names[] = {
 
 static const char *encap_names[PPP_ENCAP_MAX+1] = {
        NULL,
+       "RFC1661",
+       "RFC1662 HDLC",
        "F5",
        "F5 HDLC",
        "FORTINET HDLC",
@@ -242,6 +244,7 @@ int openconnect_ppp_new(struct openconnect_info *vpninfo,
 
        case PPP_ENCAP_F5_HDLC:
        case PPP_ENCAP_FORTINET_HDLC:
+       case PPP_ENCAP_RFC1662_HDLC:
                ppp->encap_len = 0;
                ppp->hdlc = 1;
                break;
@@ -251,6 +254,10 @@ int openconnect_ppp_new(struct openconnect_info *vpninfo,
                ppp->hdlc = 1;
                break;
 
+       case PPP_ENCAP_RFC1661:
+               ppp->encap_len = 0;
+               break;
+
        default:
                free(ppp);
                return -EINVAL;
@@ -989,7 +996,7 @@ int ppp_mainloop(struct openconnect_info *vpninfo, int *timeout, int readable)
                if (vpninfo->dump_http_traffic)
                        dump_buf_hex(vpninfo, PRG_DEBUG, '<', eh, len);
 
-               /* check pre-PPP header */
+               /* Deencapsulate from pre-PPP header */
                switch (ppp->encap) {
                case PPP_ENCAP_F5:
                        magic = load_be16(eh);
@@ -1022,6 +1029,7 @@ int ppp_mainloop(struct openconnect_info *vpninfo, int *timeout, int readable)
 
                case PPP_ENCAP_F5_HDLC:
                case PPP_ENCAP_FORTINET_HDLC:
+               case PPP_ENCAP_RFC1662_HDLC:
                        payload_len = unhdlc_in_place(vpninfo, eh + ppp->encap_len, len - ppp->encap_len, &next);
                        if (payload_len < 0)
                                continue; /* unhdlc_in_place already logged */
@@ -1033,6 +1041,11 @@ int ppp_mainloop(struct openconnect_info *vpninfo, int *timeout, int readable)
                        vpn_progress(vpninfo, PRG_ERR, _("Invalid PPP encapsulation\n"));
                        vpninfo->quit_reason = "Invalid encapsulation";
                        return -EINVAL;
+
+               case PPP_ENCAP_RFC1661:
+                       payload_len = len;
+                       next = eh + payload_len;
+                       break;
                }
 
                ph = eh + ppp->encap_len;
@@ -1259,7 +1272,7 @@ int ppp_mainloop(struct openconnect_info *vpninfo, int *timeout, int readable)
                        vpninfo->current_ssl_pkt = this;
                }
 
-               /* Add pre-PPP encapsulation header */
+               /* Encapsulate into pre-PPP header */
                eh = this->data - this->ppp.hlen - ppp->encap_len;
                switch (ppp->encap) {
                case PPP_ENCAP_F5: