|
|
// Copyright (c) 1997, Microsoft Corporation, all rights reserved
//
// receive.c
// RAS L2TP WAN mini-port/call-manager driver
// Receive routines
//
// 01/07/97 Steve Cobb
#include "l2tpp.h"
extern LONG g_lPacketsIndicated;
//-----------------------------------------------------------------------------
// Local prototypes (alphabetically)
//-----------------------------------------------------------------------------
SHORTCompareSequence( USHORT us1, USHORT us2 );
VOIDControlAcknowledged( IN TUNNELCB* pTunnel, IN USHORT usReceivedNr );
VOIDControlAckTimerEvent( IN TIMERQITEM* pItem, IN VOID* pContext, IN TIMERQEVENT event );
USHORTExplodeAvpHeader( IN CHAR* pAvp, IN USHORT usMaxAvpLength, OUT AVPINFO* pInfo );
VOIDExplodeControlAvps( IN CHAR* pFirstAvp, IN CHAR* pEndOfBuffer, OUT CONTROLMSGINFO* pControl );
USHORTExplodeL2tpHeader( IN CHAR* pL2tpHeader, IN ULONG ulBufferLength, IN OUT L2TPHEADERINFO* pInfo );
USHORTGetAvpValueFixedAch( IN AVPINFO* pAvp, IN USHORT usArraySize, OUT CHAR** ppch );
USHORTGetAvpValueFixedAul( IN AVPINFO* pAvp, IN USHORT usArraySize, OUT UNALIGNED ULONG** paulArray );
USHORTGetAvpValueFlag( IN AVPINFO* pAvp, OUT UNALIGNED BOOLEAN* pf );
USHORTGetAvpValueUl( IN AVPINFO* pAvp, OUT UNALIGNED ULONG** ppul );
USHORTGetAvpValueUs( IN AVPINFO* pAvp, OUT UNALIGNED USHORT** ppus );
USHORTGetAvpValue2UsAndVariableAch( IN AVPINFO* pAvp, OUT UNALIGNED USHORT** ppus1, OUT UNALIGNED USHORT** ppus2, OUT CHAR** ppch, OUT USHORT* pusArraySize );
USHORTGetAvpValueVariableAch( IN AVPINFO* pAvp, OUT CHAR** ppch, OUT USHORT* pusArraySize );
VOIDGetCcAvps( IN TUNNELCB* pTunnel, IN CONTROLMSGINFO* pControl, OUT USHORT* pusResult, OUT USHORT* pusError );
VOIDHelloTimerEvent( IN TIMERQITEM* pItem, IN VOID* pContext, IN TIMERQEVENT event );
VOIDIndicateReceived( IN VCCB* pVc, IN CHAR* pBuffer, IN ULONG ulOffset, IN ULONG ulLength, IN LONGLONG llTimeReceived );
BOOLEANLookUpTunnelAndVcCbs( IN ADAPTERCB* pAdapter, IN USHORT* pusTunnelId, IN USHORT* pusCallId, IN L2TPHEADERINFO* pHeader, IN CONTROLMSGINFO* pControl, OUT TUNNELCB** ppTunnel, OUT VCCB** ppVc );
VOIDPayloadAcknowledged( IN TUNNELCB* pTunnel, IN VCCB* pVc, IN USHORT usReceivedNr );
VOIDPayloadAckTimerEvent( IN TIMERQITEM* pItem, IN VOID* pContext, IN TIMERQEVENT event );
BOOLEANReceiveControl( IN ADAPTERCB* pAdapter, IN TUNNELCB* pTunnel, IN VCCB* pVc, IN CHAR* pBuffer, IN ULONG ulAvpOffset, IN ULONG ulAvpLength, IN TDIXRDGINFO* pRdg, IN L2TPHEADERINFO* pInfo, IN CONTROLMSGINFO* pControl );
BOOLEANReceiveFromOutOfOrder( IN VCCB* pVc );
BOOLEANReceivePayload( IN ADAPTERCB* pAdapter, IN TUNNELCB* pTunnel, IN VCCB* pVc, IN CHAR* pBuffer, IN ULONG ulPayloadOffset, IN ULONG ulPayloadLength, IN L2TPHEADERINFO* pInfo );
VOIDScheduleControlAck( IN TUNNELCB* pTunnel, IN USHORT usMsgTypeToAcknowledge );
VOIDSchedulePayloadAck( IN TUNNELCB* pTunnel, IN VCCB* pVc );
VCCB*VcCbFromCallId( IN TUNNELCB* pTunnel, IN USHORT usCallId );
VOIDZombieAckIfNecessary( IN TUNNELCB* pTunnel, IN L2TPHEADERINFO* pHeader, IN CONTROLMSGINFO* pControl );
//-----------------------------------------------------------------------------
// Main receive handlers
//-----------------------------------------------------------------------------
VOIDL2tpReceive( IN TDIXCONTEXT* pTdix, IN TDIXRDGINFO* pRdg, IN CHAR* pBuffer, IN ULONG ulOffset, IN ULONG ulBufferLength )
// TDIXRECEIVEDG handler that receives all incoming L2TP traffic. 'PTdix'
// is our TDI extension context. 'PRdg' points to the RDGINFO context
// 'PBuffer' is the address of the virtual buffer associated with an NDIS
// buffer from our pool passed to TDIX during initialization. We are
// responsible for eventually calling FreeBufferToPool on 'pBuffer'.
// 'UlOffset' is the offset to the first usable data in 'pBuffer'.
// 'UlBufferLen' is the data byte count of 'pBuffer'.
//
{ USHORT usXError; NDIS_STATUS status; L2TPHEADERINFO info; CONTROLMSGINFO* pControl; ADAPTERCB* pAdapter; TUNNELCB* pTunnel; VCCB* pVc; BOOLEAN fFreeBuffer; ULONG ulAvpOffset; ULONG ulAvpLength;
TDIXIPADDRESS* pAddress = &pRdg->source;
TRACE( TL_A, TM_Msg, ( "%sRECEIVE(%d.%d.%d.%d/%d) len=%d off=%d", (g_ulTraceLevel <= TL_I) ? "" : "\nL2TP: ", IPADDRTRACE( ((TDIXIPADDRESS* )pAddress)->ulIpAddress ), (ULONG )(ntohs( ((TDIXIPADDRESS* )pAddress)->sUdpPort )), (ULONG )ulBufferLength, ulOffset ) ); DUMPW( TL_A, TM_MDmp, pBuffer + ulOffset, 16 );
pAdapter = CONTAINING_RECORD( pTdix, ADAPTERCB, tdix );
fFreeBuffer = TRUE; pTunnel = NULL; pVc = NULL; pControl = NULL;
do { // Parse the packet's L2TP header into a conveniently usable form,
// checking that it is consistent with itself and indicates a protocol
// version we know.
//
usXError = ExplodeL2tpHeader( pBuffer + ulOffset, ulBufferLength - ulOffset, &info );
if (usXError != GERR_None) { // Not a coherent L2TP header. Discard the packet.
//
TRACE( TL_A, TM_Recv, ( "Discard: Header" ) ); break; }
ASSERT( info.ulDataLength <= L2TP_MaxFrameSize );
if (*info.pusBits & HBM_T) { // Explode the control message into the conveniently usable
// 'control' form, while checking it for coherency. This must be
// done here so the LookUp routine can peek ahead at the assigned
// call ID in CallDisconnNotify, if necessary. Ugly, but that's
// the way L2TP is defined.
//
pControl = ALLOC_CONTROLMSGINFO( pAdapter ); if (pControl) { ulAvpOffset = (ULONG )(info.pData - pBuffer); ulAvpLength = info.ulDataLength;
if (ulAvpLength) { ExplodeControlAvps( pBuffer + ulAvpOffset, pBuffer + ulAvpOffset + ulAvpLength, pControl ); } else { // No AVPs. Most likely a ZACK.
//
pControl->usXError = GERR_BadValue; } } }
// Find the tunnel and VC control blocks based on the header values.
//
if (!LookUpTunnelAndVcCbs( pAdapter, info.pusTunnelId, info.pusCallId, &info, pControl, &pTunnel, &pVc )) { // Invalid Tunnel-ID/Call-ID combination. Discard the packet.
// Zombie acknowledge may have been performed if the packet was a
// CDN.
//
// The draft/RFC says the tunnel should be closed and restarted on
// receipt of a malformed Control Connection message. Seems
// pretty harsh. For now, just discard such packets.
//
break; }
if (pTunnel) { // The UpdatePeerAddress behavior is obsolete in draft-15, but is
// left available for now as a potential aid to interop with older
// implementations at bakeoffs.
//
if (ReadFlags( &pAdapter->ulFlags ) & ACBF_UpdatePeerAddress) { BOOLEAN fChangeAddress; ULONG ulIpAddress;
fChangeAddress = FALSE;
NdisAcquireSpinLock( &pAdapter->lockTunnels ); { // Per the draft/RFC, the address of the peer is updated
// on each received packet.
//
if (pTunnel->address.ulIpAddress != ((TDIXIPADDRESS* )pAddress)->ulIpAddress ) { if (ReadFlags( &pTunnel->ulFlags ) & TCBF_HostRouteAdded) { fChangeAddress = TRUE; ulIpAddress = pTunnel->address.ulIpAddress; } }
pTunnel->address.ulIpAddress = ((TDIXIPADDRESS* )pAddress)->ulIpAddress; } NdisReleaseSpinLock( &pAdapter->lockTunnels );
if (fChangeAddress) { SetFlags( &pTunnel->ulFlags, TCBF_HostRouteChanged );
TRACE( TL_A, TM_Recv, ( "Peer changed IP address from $%08x to $%08x", ulIpAddress, ((TDIXIPADDRESS* )pAddress)->ulIpAddress ) );
ScheduleTunnelWork( pTunnel, NULL, ChangeHostRoute, (ULONG_PTR )ulIpAddress, (ULONG_PTR )(((TDIXIPADDRESS* )pAddress)->ulIpAddress), 0, 0, FALSE, FALSE ); } } // Verify this packet comes from the right source address
if(pTunnel->address.ulIpAddress != pAddress->ulIpAddress) { // Drop this packet
break; }
// Any message received on a tunnel resets it's Hello timer.
//
ResetHelloTimer( pTunnel ); }
if (*info.pusBits & HBM_T) { // It's a tunnel or call control packet.
//
if (pControl) { fFreeBuffer = ReceiveControl( pAdapter, pTunnel, pVc, pBuffer, ulAvpOffset, ulAvpLength, pRdg, &info, pControl ); } } else { // It's a VC payload packet.
//
if (!pVc) { TRACE( TL_A, TM_Recv, ( "Payload w/o VC?" ) ); break; }
#if 0
// !!! This is a hack to force NDISWAN into PPP framing mode.
// Need a cleaner way to do this, or simply have NDISWAN assume it
// for L2TP links. (NDISWAN bug 152167)
//
if (pVc->usNr == 0) { CHAR* pBufferX;
pBufferX = GetBufferFromPool( &pAdapter->poolFrameBuffers ); if (pBufferX) { pBufferX[ 0 ] = (CHAR )0xFF; pBufferX[ 1 ] = (CHAR )0x03; pBufferX[ 2 ] = (CHAR )0xC0; pBufferX[ 3 ] = (CHAR )0x21; pBufferX[ 4 ] = (CHAR )0x01; pBufferX[ 5 ] = (CHAR )0x06;
IndicateReceived( pVc, pBufferX, 0, 6, (ULONGLONG )0 ); } }#endif
if (ReferenceCall( pVc )) { fFreeBuffer = ReceivePayload( pAdapter, pTunnel, pVc, pBuffer, (ULONG )(info.pData - pBuffer), info.ulDataLength, &info );
DereferenceCall( pVc ); } else { TRACE( TL_A, TM_Recv, ( "Discard: Call $%p not active", pVc ) ); } } } while (FALSE);
if (pControl) { FREE_CONTROLMSGINFO( pAdapter, pControl ); }
if (fFreeBuffer) { FreeBufferToPool( &pAdapter->poolFrameBuffers, pBuffer, TRUE ); }
if (pTunnel) { DereferenceTunnel( pTunnel ); }
if (pVc) { DereferenceVc( pVc ); }}
BOOLEANReceiveControl( IN ADAPTERCB* pAdapter, IN TUNNELCB* pTunnel, IN VCCB* pVc, IN CHAR* pBuffer, IN ULONG ulAvpOffset, IN ULONG ulAvpLength, IN TDIXRDGINFO* pRdg, IN L2TPHEADERINFO* pInfo, IN CONTROLMSGINFO* pControl )
// Receive processing for control packet in 'pBuffer'. The AVPs following
// the header start at 'ulAvpOffset' and are 'ulAvpLength' bytes long.
// 'PBuffer' is the receive buffer TDIX retrieved with
// 'GetBufferFromPool'. 'PAdapter' is the adapter control block.
// 'PTunnel' and 'pVc' are the tunnel and VC control blocks associated
// with the received buffer, or NULL if none. 'pAddress' is the IP
// address/port of the sending peer. 'PInfo' is the exploded header
// information. 'PControl' is the control message information, which was
// exploded earlier.
//
// Returns true if caller should free 'pBuffer', or false if this routine
// has taken ownership of the buffer and will see it's freed.
//
{ LIST_ENTRY* pLink; BOOLEAN fCallerFreesBuffer; SHORT sDiff; VCCB** ppVcs; ULONG ulcpVcs;
TDIXIPADDRESS* pAddress = &pRdg->source;
TRACE( TL_V, TM_Recv, ( "ReceiveControl" ) );
ASSERT( !(pVc && !pTunnel) );
if (ulAvpLength > 0) { if (pControl->usXError != GERR_None) { // The message was incoherent or contained "mandatory" AVPs we
// don't recognize.
//
if (pVc && pControl->usXError == GERR_BadValue) { // "Bad values", which includes unrecognized mandatories,
// terminate the call.
//
ScheduleTunnelWork( pTunnel, pVc, FsmCloseCall, (ULONG_PTR )CRESULT_GeneralWithError, (ULONG_PTR )pControl->usXError, 0, 0, FALSE, FALSE ); } else if (pTunnel) { // Any other corruption terminates the tunnel.
//
ScheduleTunnelWork( pTunnel, NULL, FsmCloseTunnel, (ULONG_PTR )TRESULT_GeneralWithError, (ULONG_PTR )pControl->usXError, 0, 0, FALSE, FALSE ); }
return TRUE; }
if (!pTunnel) { if (*(pControl->pusMsgType) == CMT_SCCRQ && pControl->pusAssignedTunnelId && *(pControl->pusAssignedTunnelId) != 0) { // Peer wants to start a new tunnel. Find a tunnel block with
// peer's IP address and assigned Tunnel-ID, or create, if
// necessary. The returned block is linked in the adapter's
// list and and referenced. The reference is the one for peer
// initiation, i.e. case (b).
//
// If this is a retransmit SCCRQ, this is undone after the
// sequence check below. It must be done/undone rather than
// never done because each message, including retransmits,
// must have Ns/Nr processing performed and that processing
// requires a tunnel control block.
//
pTunnel = SetupTunnel( pAdapter, pAddress->ulIpAddress, *(pControl->pusAssignedTunnelId), FALSE );
if (!pTunnel) { return TRUE; } } else { // Don't know what tunnel the message if for and it's not a
// "create new tunnel" request, so there's nothing useful to
// do. Ignore it.
//
TRACE( TL_A, TM_Recv, ( "CMT %d w/o tunnel?", *(pControl->pusMsgType) ) ); return TRUE; } }
if (*(pControl->pusMsgType) == CMT_SCCRQ || *(pControl->pusMsgType) == CMT_SCCRP) { // The source UDP port of the received message is recorded for
// SCCRQ and SCCRP only, i.e. for the first message received
// from peer.
//
pTunnel->address.sUdpPort = pAddress->sUdpPort; TRACE( TL_I, TM_Recv, ( "Peer UDP=%d", (UINT )ntohs( pAddress->sUdpPort ) ) );
pTunnel->myaddress.ulIpAddress = pRdg->dest.ulIpAddress; pTunnel->myaddress.ifindex = pRdg->dest.ifindex;
TRACE( TL_I, TM_Recv, ("L2TP-- dest %d.%d.%d.%d ifindex %d\n", IPADDRTRACE(pRdg->dest.ulIpAddress), pRdg->dest.ifindex)); } } else if (!pTunnel) { // Peer messed up and sent an ACK on tunnel ID 0, which is impossible
// according to the protocol.
//
TRACE( TL_A, TM_Recv, ( "ZACK w/o tunnel?" ) ); return TRUE; }
ASSERT( pTunnel );
NdisAcquireSpinLock( &pTunnel->lockT ); { // Do "acknowledged" handling on sends acknowledged by peer in the
// received packet.
//
ControlAcknowledged( pTunnel, *(pInfo->pusNr) );
if (ulAvpLength == 0) { // There are no AVPs so this was an acknowledgement only. We're
// done.
//
NdisReleaseSpinLock( &pTunnel->lockT ); return TRUE; }
fCallerFreesBuffer = TRUE; do { // Further packet processing depends on where the packet's
// sequence number falls relative to what we've already received.
//
sDiff = CompareSequence( *(pInfo->pusNs), pTunnel->usNr ); if (sDiff == 0) { // It's the expected packet. Process it, setting up the VC
// and popping from the out-of-order list as indicated. The
// 'Next Received' is incremented outside, because that step
// should not happen on a SetupVcAsynchronously restart.
//
++pTunnel->usNr; fCallerFreesBuffer = ReceiveControlExpected( pTunnel, pVc, pBuffer, pControl ); break; } else if (sDiff < 0) { // The received 'Next Sent' is before our 'Next Receive'.
// Peer may have retransmitted while our acknowledge was in
// transit, or the acknowledge may have been lost. Schedule
// another acknowledge.
//
TRACE( TL_A, TM_Recv, ( "Control re-ack" ) ); ScheduleControlAck( pTunnel, 0 );
if (*(pControl->pusMsgType) == CMT_SCCRQ) { // Since SCCRQ is a duplicate, the reference added by
// SetupTunnel above must be undone. In this special case
// the TCBF_PeerInitRef flag was never set and so need not
// be cleared.
//
DereferenceTunnel( pTunnel ); } break; } else if (sDiff < pAdapter->sMaxOutOfOrder) { CONTROLRECEIVED* pCr; BOOLEAN fDiscard;
// The packet is beyond the one we expected, but within our
// out-of-order window.
//
if (ReadFlags( &pTunnel->ulFlags ) & TCBF_Closing) { // The tunnel is closing and the out-of-order queue has
// been flushed, so just discard the packet.
//
TRACE( TL_A, TM_Recv, ( "Control discarded: ooo but closing" ) ); break; }
// Allocate a control-received context
// and queue the packet on the out-of-order list.
//
pCr = ALLOC_CONTROLRECEIVED( pAdapter ); if (!pCr) { ASSERT( !"Alloc CR?" ); break; }
// Fill in the context with the relevant packet information.
//
pCr->usNs = *(pInfo->pusNs); pCr->pVc = pVc; pCr->pBuffer = pBuffer; NdisMoveMemory( &pCr->control, pControl, sizeof(pCr->control) );
if (pCr->pVc) { // Add a VC reference covering the reference stored in the
// context, which will be removed when the context is
// freed.
//
ReferenceVc( pCr->pVc ); }
// Find the first link on the out-of-order list with an 'Ns'
// greater than that in the received message, or the head if
// none.
//
fDiscard = FALSE; for (pLink = pTunnel->listOutOfOrder.Flink; pLink != &pTunnel->listOutOfOrder; pLink = pLink->Flink) { CONTROLRECEIVED* pThisCr; SHORT sThisDiff;
pThisCr = CONTAINING_RECORD( pLink, CONTROLRECEIVED, linkOutOfOrder );
sThisDiff = CompareSequence( pCr->usNs, pThisCr->usNs );
if (sThisDiff < 0) { break; }
if (sThisDiff == 0) { // It's a retransmit that's already on our queue.
//
if (pCr->pVc) { DereferenceVc( pCr->pVc ); }
FREE_CONTROLRECEIVED( pAdapter, pCr ); fDiscard = TRUE; break; } }
if (fDiscard) { break; }
// Queue up the context as out-of-order.
//
TRACE( TL_I, TM_Recv, ( "Control %d out-of-order %d", *(pInfo->pusNs), (LONG )sDiff ) ); InsertBefore( &pCr->linkOutOfOrder, pLink ); fCallerFreesBuffer = FALSE; break; } DBG_else { TRACE( TL_A, TM_Recv, ( "Control discarded: Beyond ooo" ) ); } } while (FALSE);
// Complete any VCs listed as completing.
//
CompleteVcs( pTunnel ); } NdisReleaseSpinLock( &pTunnel->lockT );
return fCallerFreesBuffer;}
BOOLEANReceiveControlExpected( IN TUNNELCB* pTunnel, IN VCCB* pVc, IN CHAR* pBuffer, IN CONTROLMSGINFO* pControl )
// Called to do packet processing when the packet received is the expected
// 'Next Receive' packet. 'PBuffer' is the receive buffer. 'PTunnel' is
// the valid tunnel control block. 'PVc' is the call's VC control block
// and may be NULL, if the VC for the call has not yet been set up.
// 'PControl' is the expoded control message information.
//
// Returns true if the buffer should be freed by caller, false if it was
// queued for further processing.
//
// IMPORTANT: Caller must hold the 'pTunnel->lockT'.
//
{ ADAPTERCB* pAdapter; BOOLEAN fProcessed; SHORT sDiff;
pAdapter = pTunnel->pAdapter;
// Schedule an acknowledge-only packet to be sent if no outgoing traffic
// appears to piggyback on within a reasonable time. Note this occurs
// even if the asynchronous VC set up was invoked. Ns/Nr processing must
// occur before any data processing that may cause delays.
//
ScheduleControlAck( pTunnel, *(pControl->pusMsgType) );
// Pass the packet to the control FSMs.
//
fProcessed = FsmReceive( pTunnel, pVc, pBuffer, pControl ); if (fProcessed) { // The VC is setup and the packet has been processed. See if any
// packets on the received out-of-order queue can now be processed.
//
for (;;) { LIST_ENTRY* pFirstLink; CONTROLRECEIVED* pFirstCr; BOOLEAN fOutOfOrderProcessed;
pFirstLink = pTunnel->listOutOfOrder.Flink; if (pFirstLink == &pTunnel->listOutOfOrder) { break; }
pFirstCr = CONTAINING_RECORD( pFirstLink, CONTROLRECEIVED, linkOutOfOrder );
sDiff = CompareSequence( pFirstCr->usNs, pTunnel->usNr ); if (sDiff == 0) { // Yes, it's the next expected packet. Update 'Next Receive'
// and pass the packet to the control FSMs.
//
TRACE( TL_I, TM_Recv, ( "Control %d from queue", (UINT )pFirstCr->usNs ) ); RemoveEntryList( pFirstLink ); InitializeListHead( pFirstLink );
++pTunnel->usNr; fOutOfOrderProcessed = FsmReceive( pTunnel, pFirstCr->pVc, pFirstCr->pBuffer, &pFirstCr->control );
ScheduleControlAck( pTunnel, *(pFirstCr->control.pusMsgType) );
if (fOutOfOrderProcessed) { FreeBufferToPool( &pAdapter->poolFrameBuffers, pFirstCr->pBuffer, TRUE ); }
if (pFirstCr->pVc) { DereferenceVc( pFirstCr->pVc ); }
FREE_CONTROLRECEIVED( pAdapter, pFirstCr ); } else if (sDiff > 0) { // No, there's still some missing.
//
TRACE( TL_I, TM_Recv, ( "Control %d still missing", pTunnel->usNr ) ); break; } else { ASSERT( "Old control queued?" ); break; } } }
return fProcessed;}
BOOLEANReceivePayload( IN ADAPTERCB* pAdapter, IN TUNNELCB* pTunnel, IN VCCB* pVc, IN CHAR* pBuffer, IN ULONG ulPayloadOffset, IN ULONG ulPayloadLength, IN L2TPHEADERINFO* pInfo )
// Receive processing for payload in 'pBuffer' of 'ulPayloadLength' bytes
// starting at offset 'ulPayloadOffset'. 'PBuffer' is the receive buffer
// TDIX retrieved with 'GetBufferFromPool'. 'PAdapter, 'pTunnel' and
// 'PVc' are the adapter, tunnel, and VC control blocks associated with
// the received buffer. 'PInfo' is the exploded header information.
//
// Returns true if caller should free 'pBuffer', or false if this routine
// has taken ownership of the buffer and will see it's freed.
//
{ LONGLONG llTimeReceived; BOOLEAN fCallerFreesBuffer;
TRACE( TL_V, TM_Recv, ( "ReceivePayload" ) );
if (!pTunnel || !pVc) { // Both control blocks are always required to receive payload.
//
TRACE( TL_A, TM_Recv, ( "Discard: No CB" ) ); return TRUE; }
// Note the time if client's call parameters indicated interest in time
// received.
//
if (ReadFlags( &pVc->ulFlags ) & VCBF_IndicateTimeReceived) { NdisGetCurrentSystemTime( (LARGE_INTEGER* )&llTimeReceived ); } else { llTimeReceived = 0; }
if (!(ReadFlags( &pVc->ulFlags ) & VCBF_Sequencing) || !pInfo->pusNr) { DBG_if (ReadFlags( &pVc->ulFlags ) & VCBF_Sequencing) TRACE( TL_A, TM_Recv, ( "No Nr field?" ) );
if (ulPayloadLength > 0) { // Flow control was disabled during negotiation. This should be
// extremely rare, since a compliant peer MUST implement flow
// control.
//
IndicateReceived( pVc, pBuffer, ulPayloadOffset, ulPayloadLength, llTimeReceived ); return FALSE; } else { NdisAcquireSpinLock( &pVc->lockV ); { ++pVc->stats.ulRecdZlbs; } NdisReleaseSpinLock( &pVc->lockV ); return TRUE; } }
fCallerFreesBuffer = TRUE; NdisAcquireSpinLock( &pVc->lockV ); do { SHORT sDiff;
// All R-bit handling occurs first. Peer sends a packet with the
// R-bit set to indicate that all packets expected between the last
// packet and this packet should be assumed lost.
//
if (*(pInfo->pusBits) & HBM_R) { ++pVc->stats.ulRecdResets;
sDiff = CompareSequence( *(pInfo->pusNs), pVc->usNr ); if (sDiff > 0) { TRACE( TL_I, TM_Recv, ( "Reset Nr=%d from %d", (LONG )*(pInfo->pusNs), (LONG )pVc->usNr ) );
pVc->usNr = *(pInfo->pusNs); } else { ++pVc->stats.ulRecdResetsIgnored;
TRACE( TL_I, TM_Recv, ( "Reset Nr=%d from %d ignored", (LONG )*(pInfo->pusNs), (LONG )pVc->usNr ) ); } }
// Do "acknowledged" handling on sends acknowledged by peer in the
// received packet.
//
PayloadAcknowledged( pTunnel, pVc, *(pInfo->pusNr) );
// If there's no payload and the R-bit is not set, this was an
// acknowledgement only and we're done.
//
if (ulPayloadLength == 0) { ++pVc->stats.ulRecdZlbs;
if (*(pInfo->pusBits) & HBM_R) { BOOLEAN fReceivedFromOutOfOrder;
// Indicate up any packet on the out-of-order list made
// receivable by the R-bit reset.
//
fReceivedFromOutOfOrder = FALSE; while (ReceiveFromOutOfOrder( pVc )) { fReceivedFromOutOfOrder = TRUE; }
if (fReceivedFromOutOfOrder) { // Schedule an acknowledge-only packet to be sent if no
// outgoing traffic appears to piggyback on within a
// reasonable time.
//
SchedulePayloadAck( pTunnel, pVc ); } }
break; }
DBG_if (pInfo->pusNs && pInfo->pusNr) { TRACE( TL_N, TM_Recv, ( "len=%d Ns=%d Nr=%d", (ULONG )*(pInfo->pusLength), (ULONG )*(pInfo->pusNs), (ULONG )*(pInfo->pusNr) ) ); }
// Further packet processing depends on where the packet's sequence
// number falls relative to what we've already received.
//
sDiff = CompareSequence( *(pInfo->pusNs), pVc->usNr ); if (sDiff == 0) { // It's the next expected packet. Update 'Next Receive' and
// indicate the payload received to the driver above.
//
pVc->usNr = *(pInfo->pusNs) + 1;
NdisReleaseSpinLock( &pVc->lockV ); { IndicateReceived( pVc, pBuffer, ulPayloadOffset, ulPayloadLength, llTimeReceived ); } NdisAcquireSpinLock( &pVc->lockV );
// Indicate up any packets on the out-of-order list that were
// waiting for this one.
//
while (ReceiveFromOutOfOrder( pVc )) ;
// Schedule an acknowledge-only packet to be sent if no outgoing
// traffic appears to piggyback on within a reasonable time.
//
SchedulePayloadAck( pTunnel, pVc ); } else if (sDiff < 0) { // The received 'Next Sent' is before our 'Next Receive'. Maybe
// an out-of-order packet we didn't wait for long enough. It's
// useless at this point.
//
TRACE( TL_A, TM_Recv, ( "Payload discarded: Old Ns" ) ); break; } else if (sDiff < pAdapter->sMaxOutOfOrder) { LIST_ENTRY* pLink; PAYLOADRECEIVED* pPr; BOOLEAN fDiscard;
TRACE( TL_I, TM_Recv, ( "%d out-of-order %d", *(pInfo->pusNs), (LONG )sDiff ) );
// The packet is beyond the one we expected, but within our
// out-of-order window. Allocate a payload-received context and
// queue it up on the out-of-order list.
//
pPr = ALLOC_PAYLOADRECEIVED( pAdapter ); if (!pPr) { TRACE( TL_A, TM_Recv, ( "Alloc PR?" ) ); break; }
// Fill in the context with the relevant packet information.
//
pPr->usNs = *(pInfo->pusNs); pPr->pBuffer = pBuffer; pPr->ulPayloadOffset = ulPayloadOffset; pPr->ulPayloadLength = ulPayloadLength; pPr->llTimeReceived = llTimeReceived;
// Queue up the context on the out-of-order list, keeping the list
// correctly sorted by 'Ns'.
//
fDiscard = FALSE; for (pLink = pVc->listOutOfOrder.Flink; pLink != &pVc->listOutOfOrder; pLink = pLink->Flink) { PAYLOADRECEIVED* pThisPr; SHORT sThisDiff;
pThisPr = CONTAINING_RECORD( pLink, PAYLOADRECEIVED, linkOutOfOrder );
sThisDiff = CompareSequence( pPr->usNs, pThisPr->usNs );
if (sThisDiff < 0) { break; }
if (sThisDiff == 0) { // This shouldn't happen because payloads are not
// retransmitted, but do the right thing just in case.
//
TRACE( TL_A, TM_Recv, ( "Payload on ooo queue?" ) ); fDiscard = TRUE; break; } }
if (fDiscard) { FREE_PAYLOADRECEIVED( pAdapter, pPr ); break; }
InsertBefore( &pPr->linkOutOfOrder, pLink ); } else { // The packet is beyond the one we expected and outside our
// out-of-order window. Discard it.
//
TRACE( TL_A, TM_Recv, ( "Out-of-order %d too far" , (LONG )sDiff ) );
break; }
fCallerFreesBuffer = FALSE; } while (FALSE); NdisReleaseSpinLock( &pVc->lockV );
return fCallerFreesBuffer;}
//-----------------------------------------------------------------------------
// Receive utility routines (alphabetically)
//-----------------------------------------------------------------------------
SHORTCompareSequence( USHORT us1, USHORT us2 )
// Returns the "logical" difference between sequence numbers 'us1' and
// 'us2' accounting for the possibility of rollover.
//
{ USHORT usDiff = us1 - us2;
if (usDiff == 0) return 0;
if (usDiff < 0x4000) return (SHORT )usDiff;
return -((SHORT )(0 - usDiff));}
VOIDControlAcknowledged( IN TUNNELCB* pTunnel, IN USHORT usReceivedNr )
// Dequeues and cancels the timer of all control-sent contexts in the
// tunnel's 'listSendsOut' queue with 'Next Sent' less than
// 'usReceivedNr'.
//
// IMPORTANT: Caller must hold 'pTunnel->lockT'.
//
{ ADAPTERCB* pAdapter; BOOLEAN fFoundOne;
pAdapter = pTunnel->pAdapter; fFoundOne = FALSE;
while (!IsListEmpty( &pTunnel->listSendsOut )) { CONTROLSENT* pCs; LIST_ENTRY* pLink;
pLink = pTunnel->listSendsOut.Flink; pCs = CONTAINING_RECORD( pLink, CONTROLSENT, linkSendsOut );
// The list is in 'Ns' order so as soon as a non-acknowledge is hit
// we're done.
//
if (CompareSequence( pCs->usNs, usReceivedNr ) >= 0) { break; }
fFoundOne = TRUE;
// Remove the context from the "outstanding send" list and cancel the
// associated timer. Doesn't matter if the cancel fails because the
// expire handler will recognize that the context is not linked into
// the "out" list and do nothing.
//
RemoveEntryList( pLink ); InitializeListHead( pLink ); TimerQCancelItem( pTunnel->pTimerQ, pCs->pTqiSendTimeout );
// Per the draft/RFC, adjustments to the send window and send timeouts
// are necessary. Per Karn's Algorithm, if the packet was
// retransmitted it is useless for timeout adjustment because it's not
// known if peer responded to the original send or the retransmission.
//
if (pCs->ulRetransmits == 0) { AdjustTimeoutsAtAckReceived( pCs->llTimeSent, pAdapter->ulMaxSendTimeoutMs, &pTunnel->ulSendTimeoutMs, &pTunnel->ulRoundTripMs, &pTunnel->lDeviationMs ); }
// See if it's time to open the send window a bit further.
//
AdjustSendWindowAtAckReceived( pTunnel->ulMaxSendWindow, &pTunnel->ulAcksSinceSendTimeout, &pTunnel->ulSendWindow );
TRACE( TL_N, TM_Send, ( "T%d: ACK(%d) new rtt=%d dev=%d ato=%d sw=%d", (ULONG )pTunnel->usTunnelId, (ULONG )pCs->usNs, pTunnel->ulRoundTripMs, pTunnel->lDeviationMs, pTunnel->ulSendTimeoutMs, pTunnel->ulSendWindow ) );
// Execute any "on ACK" options and note that delayed action
// processing is now required.
//
if (pCs->ulFlags & CSF_TunnelIdleOnAck) { TRACE( TL_N, TM_Send, ( "Tunnel idle on ACK" ) ); ScheduleTunnelWork( pTunnel, NULL, CloseTunnel, 0, 0, 0, 0, FALSE, FALSE ); } else if (pCs->ulFlags & CSF_CallIdleOnAck) { TRACE( TL_N, TM_Send, ( "Call idle on ACK" ) ); ASSERT( pCs->pVc ); ScheduleTunnelWork( pTunnel, pCs->pVc, CloseCall, 0, 0, 0, 0, FALSE, FALSE ); }
if (pCs->ulFlags & CSF_Pending) { // The context is queued for retransmission, so de-queue it. In
// this state the context has already been assumed "not
// outstanding" so no need to adjust the counter as below.
//
pCs->ulFlags &= ~(CSF_Pending); } else { // The context is not queued for retranmission, so adjust the
// counter to indicate it is no longer outstanding.
//
--pTunnel->ulSendsOut; }
// Remove the reference corresponding to linkage in the "outstanding
// send" list.
//
DereferenceControlSent( pCs ); }
if (fFoundOne) { // See if any sends were pending on a closed send window.
//
ScheduleTunnelWork( pTunnel, NULL, SendPending, 0, 0, 0, 0, FALSE, FALSE ); }}
VOIDControlAckTimerEvent( IN TIMERQITEM* pItem, IN VOID* pContext, IN TIMERQEVENT event )
// PTIMERQEVENT handler that fires when it's time to stop waiting for an
// outgoing control packet on which to piggyback an acknowledge.
//
{ TUNNELCB* pTunnel; ADAPTERCB* pAdapter; BOOLEAN fSendAck;
TRACE( TL_N, TM_Recv, ( "ControlAckTimerEvent(%s)", TimerQPszFromEvent( event ) ) );
// Unpack context information.
//
pTunnel = (TUNNELCB* )pContext; pAdapter = pTunnel->pAdapter;
if (event == TE_Expire) { NdisAcquireSpinLock( &pTunnel->lockT ); { if (pItem == pTunnel->pTqiDelayedAck) { pTunnel->pTqiDelayedAck = NULL; fSendAck = TRUE; } else { fSendAck = FALSE; } } NdisReleaseSpinLock( &pTunnel->lockT );
if (fSendAck) { // The timer expired and was not been cancelled or terminated
// while the expire processing was being set up, meaning it's time
// to send a zero-AVP control packet to give peer the acknowledge
// we were hoping to piggyback onto a random outgoing control
// packet.
//
ScheduleTunnelWork( pTunnel, NULL, SendControlAck, 0, 0, 0, 0, FALSE, FALSE ); } DBG_else { TRACE( TL_I, TM_Send, ( "CAck aborted" ) ); } }
// Free the timer event descriptor and remove the reference covering the
// scheduled timer.
//
FREE_TIMERQITEM( pAdapter, pItem ); DereferenceTunnel( pTunnel );}
VOIDPayloadAckTimerEvent( IN TIMERQITEM* pItem, IN VOID* pContext, IN TIMERQEVENT event )
// PTIMERQEVENT handler that fires when it's time to stop waiting for an
// outgoing payload packet on which to piggyback an acknowledge.
//
{ VCCB* pVc; ADAPTERCB* pAdapter; BOOLEAN fSendAck;
TRACE( TL_N, TM_Recv, ( "PayloadAckTimerEvent(%s)=$%p", TimerQPszFromEvent( event ), pItem ) );
// Unpack context information.
//
pVc = (VCCB* )pContext; pAdapter = pVc->pAdapter;
if (event == TE_Expire) { if (ReferenceCall( pVc )) { NdisAcquireSpinLock( &pVc->lockV ); { if (pItem == pVc->pTqiDelayedAck) { fSendAck = TRUE; pVc->pTqiDelayedAck = NULL; ++pVc->stats.ulSentZAcks; } else { fSendAck = FALSE; } } NdisReleaseSpinLock( &pVc->lockV );
if (fSendAck) { // The timer expired and was not been cancelled or terminated
// while the expire processing was being set up, plus the call
// is still up, meaning it's time to send a zero-AVP control
// packet to give peer the acknowledge we were hoping to
// piggyback onto a random outgoing payload packet.
//
ScheduleTunnelWork( pVc->pTunnel, pVc, SendPayloadAck, 0, 0, 0, 0, FALSE, FALSE ); } else { TRACE( TL_I, TM_Send, ( "PAck aborted" ) ); DereferenceCall( pVc ); } } else { NdisAcquireSpinLock( &pVc->lockV ); { if (pItem == pVc->pTqiDelayedAck) { pVc->pTqiDelayedAck = NULL; } } NdisReleaseSpinLock( &pVc->lockV ); } }
// Free the timer event descriptor and remove the reference covering the
// scheduled timer.
//
FREE_TIMERQITEM( pAdapter, pItem ); DereferenceVc( pVc );}
USHORTExplodeAvpHeader( IN CHAR* pAvp, IN USHORT usMaxAvpLength, OUT AVPINFO* pInfo )
// Fills caller's '*pInfo' with the addresses of the various fields in the
// AVP header at 'pAvp'. The byte order of the fields in 'pAvpHeader',
// with the exception of the Value field, are flipped to host-byte-order
// in place. The length and value length are extracted. 'UsMaxAvpLength'
// is the maximum size of the AVP in bytes.
//
// Returns GERR_None if 'pAvpHeader' is a coherent AVP header, or a
// GERR_* failure code.
//
{ UNALIGNED USHORT* pusCur; USHORT usBits;
if (usMaxAvpLength < L2TP_AvpHeaderSize) { TRACE( TL_A, TM_Recv, ( "Avp: Short buffer?" ) ); return GERR_BadLength; }
pusCur = (UNALIGNED USHORT* )pAvp;
// The first 2 bytes contain bits that indicate the presence/absence of
// the other header fields.
//
*pusCur = ntohs( *pusCur ); pInfo->pusBits = pusCur; usBits = *pusCur; ++pusCur;
// As of draft-09, AVPs with reserved bits not set to zero MUST be treated
// as unrecognized.
//
if ((usBits & ABM_Reserved) != 0) { return GERR_BadValue; }
// Extract the Overall Length sub-field and verify that it says the AVP is
// at least as long as the fixed portion of the header.
//
pInfo->usOverallLength = (usBits & ABM_OverallLength); if (pInfo->usOverallLength > usMaxAvpLength || pInfo->usOverallLength < L2TP_AvpHeaderSize) { TRACE( TL_A, TM_Recv, ( "Avp: Bad length?" ) ); return GERR_BadLength; }
// Vendor-ID field.
//
*pusCur = ntohs( *pusCur ); pInfo->pusVendorId = pusCur; ++pusCur;
// Attribute field.
//
*pusCur = ntohs( *pusCur ); pInfo->pusAttribute = pusCur; ++pusCur;
// Value field.
//
pInfo->pValue = (CHAR* )pusCur; pInfo->usValueLength = pInfo->usOverallLength - L2TP_AvpHeaderSize;
return GERR_None;}
VOIDExplodeControlAvps( IN CHAR* pFirstAvp, IN CHAR* pEndOfBuffer, OUT CONTROLMSGINFO* pControl )
// Fills caller's '*pControl' buffer with the exploded interpretation of
// the message with AVP list starting at 'pFirstAvp'. 'PEndOfBuffer'
// points to the first byte beyond the end of the received buffer. The
// AVP values are returned as addresses of the corresponding value field
// in the AVPs. Fields not present are returned as NULL. The byte order
// of the fields in 'pControl' is flipped to host-byte-order in place.
// The values themselves are not validated, only the message format. Sets
// 'pControl->usXError' to GERR_None if successful, or the GERR_* failure
// code.
//
{ USHORT usXError; AVPINFO avp; CHAR* pCur;
DUMPW( TL_A, TM_MDmp, pFirstAvp, (ULONG )(pEndOfBuffer - pFirstAvp) );
NdisZeroMemory( pControl, sizeof(*pControl) ); pCur = pFirstAvp;
// Read and validate the Message Type AVP, which is the first AVP of all
// control messages.
//
usXError = ExplodeAvpHeader( pCur, (USHORT )(pEndOfBuffer - pCur), &avp ); if (usXError != GERR_None) { TRACE( TL_A, TM_CMsg, ( "Bad AVP header" ) ); pControl->usXError = usXError; return; }
if (*(avp.pusAttribute) != ATTR_MsgType || *(avp.pusVendorId) != 0 || (*(avp.pusBits) & ABM_H)) { TRACE( TL_A, TM_CMsg, ( "Bad MsgType AVP" ) ); pControl->usXError = GERR_BadValue; return; }
usXError = GetAvpValueUs( &avp, &pControl->pusMsgType ); if (usXError != GERR_None) { TRACE( TL_A, TM_CMsg, ( "Bad MsgType Us" ) ); pControl->usXError = usXError; return; }
pCur += avp.usOverallLength;
TRACE( TL_A, TM_CMsg, ( "*MsgType=%s", MsgTypePszFromUs( *(pControl->pusMsgType) ) ) );
// Make sure the message type code is valid, and if it is, explode any
// additional AVPs in the message.
//
switch (*(pControl->pusMsgType)) { case CMT_SCCRQ: case CMT_SCCRP: case CMT_SCCCN: case CMT_StopCCN: case CMT_Hello: { // Mark the messages above as tunnel control rather than call
// control.
//
pControl->fTunnelMsg = TRUE;
// ...fall thru...
}
case CMT_OCRQ: case CMT_OCRP: case CMT_OCCN: case CMT_ICRQ: case CMT_ICRP: case CMT_ICCN: case CMT_CDN: case CMT_WEN: case CMT_SLI: { // Walk the list of AVPs, exploding each AVP in turn. Excepting
// the Message Type, the order of the AVPs is not defined.
//
for ( ; pCur < pEndOfBuffer; pCur += avp.usOverallLength ) { usXError = ExplodeAvpHeader( pCur, (USHORT )(pEndOfBuffer - pCur), &avp ); if (usXError != GERR_None) { break; }
if (*avp.pusVendorId != 0) { TRACE( TL_A, TM_CMsg, ( "Non-0 Vendor ID %d", *avp.pusVendorId ) );
// The AVP has a non-IETF vendor ID, and we don't
// recognize any. If the AVP is optional, just ignore it.
// If it's mandatory, then fail.
//
if (*avp.pusBits & ABM_M) { usXError = GERR_BadValue; break; } continue; }
if (*avp.pusBits & ABM_H) { BOOLEAN fIgnore;
TRACE( TL_A, TM_CMsg, ( "Hidden bit on AVP %d", (LONG )(*avp.pusAttribute) ) );
// !!! Remove this when H-bit support is added.
//
switch (*avp.pusAttribute) { case ATTR_ProxyAuthName: case ATTR_ProxyAuthChallenge: case ATTR_ProxyAuthId: case ATTR_ProxyAuthResponse: case ATTR_DialedNumber: case ATTR_DialingNumber: case ATTR_SubAddress: case ATTR_InitialLcpConfig: case ATTR_LastSLcpConfig: case ATTR_LastRLcpConfig: case ATTR_Accm: case ATTR_PrivateGroupId: { fIgnore = TRUE; break; }
default: { fIgnore = FALSE; break; } }
if (fIgnore) { TRACE( TL_A, TM_CMsg, ( "Hidden AVP ignored" ) ); break; }
// The AVP has the "hidden" bit set meaning the value is
// hashed with MD5. This requires a shared secret from
// the tunnel authentication, which we don't do. If the
// AVP is optional, just ignore it. If it's mandatory,
// fail.
//
if (*avp.pusBits & ABM_M) { usXError = GERR_BadValue; break; } continue; }
switch (*avp.pusAttribute) { case ATTR_Result: { usXError = GetAvpValue2UsAndVariableAch( &avp, &pControl->pusResult, &pControl->pusError, &pControl->pchResultMsg, &pControl->usResultMsgLength );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*Result=%d,%d", (ULONG )(*(pControl->pusResult)), (ULONG )(*(pControl->pusError)) ) ); }
break; }
case ATTR_HostName: { usXError = GetAvpValueVariableAch( &avp, &pControl->pchHostName, &pControl->usHostNameLength );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*HostName" ) ); }
break; }
case ATTR_ProtocolVersion: { usXError = GetAvpValueUs( &avp, &pControl->pusProtocolVersion );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*ProtVer=$%04x", (ULONG )(*(pControl->pusProtocolVersion)) ) ); }
break; }
case ATTR_FramingCaps: { usXError = GetAvpValueUl( &avp, &pControl->pulFramingCaps );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*FramingCaps=$%08x", *(pControl->pulFramingCaps) ) ); }
break; }
case ATTR_BearerCaps: { usXError = GetAvpValueUl( &avp, &pControl->pulBearerCaps );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*BearerCaps=$%08x", *(pControl->pulBearerCaps) ) ); }
break; }
case ATTR_TieBreaker: { usXError = GetAvpValueFixedAch( &avp, 8, &pControl->pchTieBreaker );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*Tiebreaker" ) ); }
break; }
case ATTR_AssignedTunnelId: { usXError = GetAvpValueUs( &avp, &pControl->pusAssignedTunnelId );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*AssignTid=%d", (ULONG )(*(pControl->pusAssignedTunnelId)) ) ); }
break; }
case ATTR_RWindowSize: { usXError = GetAvpValueUs( &avp, &pControl->pusRWindowSize );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*RWindow=%d", (ULONG )(*(pControl->pusRWindowSize)) ) ); }
break; }
case ATTR_AssignedCallId: { usXError = GetAvpValueUs( &avp, &pControl->pusAssignedCallId );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*AssignCid=%d", (ULONG )(*(pControl->pusAssignedCallId)) ) ); }
break; }
case ATTR_CallSerialNumber: { usXError = GetAvpValueUl( &avp, &pControl->pulCallSerialNumber );
if (usXError == GERR_BadLength) { // Be tolerant here because the meaning in the
// draft has changed a few times.
//
TRACE( TL_A, TM_CMsg, ( "Weird CallSerial# length ignored" ) ); usXError = GERR_None; }
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*CallSerial#" ) ); }
break; }
case ATTR_MinimumBps: { usXError = GetAvpValueUl( &avp, &pControl->pulMinimumBps );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*MinBps=%d", *(pControl->pulMinimumBps) ) ); }
break; }
case ATTR_MaximumBps: { usXError = GetAvpValueUl( &avp, &pControl->pulMaximumBps );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*MaxBps=%d", *(pControl->pulMaximumBps) ) ); }
break; }
case ATTR_BearerType: { usXError = GetAvpValueUl( &avp, &pControl->pulBearerType );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*BearerType=$%08x", *(pControl->pulBearerType) ) ); }
break; }
case ATTR_FramingType: { usXError = GetAvpValueUl( &avp, &pControl->pulFramingType );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*FramingType=$%08x", *(pControl->pulFramingType) ) ); }
break; }
case ATTR_PacketProcDelay: { usXError = GetAvpValueUs( &avp, &pControl->pusPacketProcDelay );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*PPD=%d", (ULONG )(*(pControl->pusPacketProcDelay)) ) ); }
break; }
case ATTR_DialedNumber: { usXError = GetAvpValueVariableAch( &avp, &pControl->pchDialedNumber, &pControl->usDialedNumberLength );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*Dialed#" ) ); }
break; }
case ATTR_DialingNumber: { usXError = GetAvpValueVariableAch( &avp, &pControl->pchDialingNumber, &pControl->usDialingNumberLength );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*Dialing#" ) ); }
break; }
case ATTR_SubAddress: { usXError = GetAvpValueVariableAch( &avp, &pControl->pchSubAddress, &pControl->usSubAddressLength );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*SubAddr" ) ); }
break; }
case ATTR_TxConnectSpeed: { usXError = GetAvpValueUl( &avp, &pControl->pulTxConnectSpeed );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*TxSpeed=%d", *(pControl->pulTxConnectSpeed) ) ); }
break; }
case ATTR_PhysicalChannelId: { usXError = GetAvpValueUl( &avp, &pControl->pulPhysicalChannelId );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*PhysChannelId=$%08x", *(pControl->pulPhysicalChannelId) ) ); }
break; }
case ATTR_Challenge: { usXError = GetAvpValueVariableAch( &avp, &pControl->pchChallenge, &pControl->usChallengeLength );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*Challenge" ) ); }
break; }
case ATTR_ChallengeResponse: { usXError = GetAvpValueFixedAch( &avp, 16, &pControl->pchResponse );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*ChallengeResp" ) ); }
break; }
case ATTR_ProxyAuthType: { usXError = GetAvpValueUs( &avp, &pControl->pusProxyAuthType );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*ProxyAuthType=%d", (ULONG )(*(pControl->pusProxyAuthType)) ) ); }
break; }
case ATTR_ProxyAuthResponse: { usXError = GetAvpValueVariableAch( &avp, &pControl->pchProxyAuthResponse, &pControl->usProxyAuthResponseLength );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*ProxyAuthResponse" ) ); }
break; }
case ATTR_CallErrors: { usXError = GetAvpValueFixedAul( &avp, 6, &pControl->pulCallErrors );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*CallErrors" ) ); }
break; }
case ATTR_Accm: { usXError = GetAvpValueFixedAul( &avp, 2, &pControl->pulAccm );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*Accm" ) ); }
break; }
case ATTR_SequencingRequired: { usXError = GetAvpValueFlag( &avp, &pControl->fSequencingRequired );
DBG_if (usXError == GERR_None) { TRACE( TL_A, TM_CMsg, ( "*SeqReqd" ) ); } break; }
default: { // The AVP is not one we handle. If optional, just
// ignore it, but if mandatory, fail.
//
TRACE( TL_A, TM_CMsg, ( "*AVP %d ignored", (ULONG )*avp.pusAttribute ) );
if (*avp.pusBits & ABM_M) { if (*avp.pusAttribute <= ATTR_MAX) { // This is a bug in the peer, but ignoring it
// is the best action.
//
TRACE( TL_A, TM_CMsg, ( "Known AVP %d marked mandatory ignored", (LONG )(*avp.pusAttribute) ) ); } else { usXError = GERR_BadValue; } } break; } }
if (usXError != GERR_None) { break; } }
ASSERT( pCur <= pEndOfBuffer ); break; }
default: { TRACE( TL_A, TM_CMsg, ( "Unknown CMT %d", (ULONG )*(pControl->pusMsgType) ) ); usXError = GERR_BadValue; break; } }
DBG_if (usXError != GERR_None) TRACE( TL_A, TM_CMsg, ( "XError=%d", (UINT )usXError ) );
pControl->usXError = usXError;}
USHORTExplodeL2tpHeader( IN CHAR* pL2tpHeader, IN ULONG ulBufferLength, IN OUT L2TPHEADERINFO* pInfo )
// Fills caller's '*pInfo' with the addresses of the various fields in the
// L2TP header at 'pL2tpHeader'. Fields not present are returned as NULL.
// The byte order of the fields in 'pL2tpHeader' is flipped to
// host-byte-order in place. 'UlBufferLength' is the length in bytes from
// 'pL2tpHeader' to the end of the buffer.
//
// Returns GERR_None if 'pL2tpHeader' is a coherent L2TP header, or a
// GERR_* failure code.
//
{ USHORT *pusCur; USHORT usOffset; USHORT usBits;
pusCur = (USHORT*)pL2tpHeader;
// The first 2 bytes contain bits that indicate the presence/absence of
// the other header fields.
//
*pusCur = ntohs( *pusCur ); pInfo->pusBits = pusCur; usBits = *pusCur; ++pusCur;
// The T bit indicates a control packet, as opposed to a payload packet.
//
if (usBits & HBM_T) { // Verify the field-present bits guaranteed to be set/clear in a
// control header are set correctly.
//
if ((usBits & HBM_Bits) != HBM_Control) { TRACE( TL_A, TM_Recv, ( "Header: Bad bits=$%04x?", (ULONG )usBits ) ); return GERR_BadValue; } }
// Verify the version indicates L2TP. Cisco's L2F can theoretically
// co-exist on the same media address, though we don't support that.
//
if ((usBits & HBM_Ver) != VER_L2tp) { TRACE( TL_A, TM_Recv, ( "Header: Non-L2TP Ver=%d?", (usBits & HBM_Ver )) ); return GERR_BadValue; }
// The L bit indicates a Length field is present.
//
if (usBits & HBM_L) { *pusCur = ntohs( *pusCur ); pInfo->pusLength = pusCur; ++pusCur; } else { pInfo->pusLength = NULL; }
// The Tunnel-ID field is always present.
//
*pusCur = ntohs( *pusCur ); pInfo->pusTunnelId = pusCur; ++pusCur;
// The Call-ID field is always present.
//
*pusCur = ntohs( *pusCur ); pInfo->pusCallId = pusCur; ++pusCur;
// The F bit indicates the Ns and Nr fields are present.
//
if (usBits & HBM_F) { *pusCur = ntohs( *pusCur ); pInfo->pusNs = pusCur; ++pusCur; *pusCur = ntohs( *pusCur ); pInfo->pusNr = pusCur; ++pusCur; } else { pInfo->pusNs = NULL; pInfo->pusNr = NULL; }
// The S bit indicates the Offset field is present. The S bit appears in
// the payload header only, as was verified above.
//
if (usBits & HBM_S) { *pusCur = ntohs( *pusCur ); usOffset = *pusCur; ++pusCur; } else { usOffset = 0; }
// End and length of header.
//
pInfo->pData = ((CHAR* )pusCur) + usOffset; pInfo->ulHeaderLength = (ULONG )(pInfo->pData - pL2tpHeader);
// "Official" data length.
//
if (pInfo->pusLength) { // Verify any specified length is at least as long as the set header
// bits imply and no longer than the received buffer.
//
if (*(pInfo->pusLength) < pInfo->ulHeaderLength || *(pInfo->pusLength) > ulBufferLength) { TRACE( TL_A, TM_Recv, ( "Header: Bad Length?" ) ); return GERR_BadLength; }
// Use the L2TP length as the "official" length, i.e. any strange
// bytes received beyond what the L2TP header says it sent will be
// ignored.
//
pInfo->ulDataLength = *(pInfo->pusLength) - pInfo->ulHeaderLength;
DBG_if( *(pInfo->pusLength) != ulBufferLength ) TRACE( TL_A, TM_Recv, ( "EOB padding ignored" ) ); } else { // Verify any implied length is at least as long as the set header
// bits imply.
//
if (ulBufferLength < pInfo->ulHeaderLength) { TRACE( TL_A, TM_Recv, ( "Header: Bad Length?" ) ); return GERR_BadLength; }
// No length field so the received buffer length is the "official"
// length.
//
pInfo->ulDataLength = ulBufferLength - pInfo->ulHeaderLength; }
return GERR_None;}
USHORTGetAvpValueFixedAch( IN AVPINFO* pAvp, IN USHORT usArraySize, OUT CHAR** ppch )
// Set callers '*ppch' to point to value field of AVP 'pAvp' containing an
// array of 'usArraySize' bytes. No byte ordering is done.
//
// Returns GERR_None if successful, or a GERR_* error code.
//
{ // Make sure it's the right size.
//
if (pAvp->usValueLength != usArraySize) { return GERR_BadLength; }
*ppch = pAvp->pValue; return GERR_None;}
USHORTGetAvpValueFixedAul( IN AVPINFO* pAvp, IN USHORT usArraySize, OUT UNALIGNED ULONG** paulArray )
// Set callers '*paulArray' to point to value field of AVP 'pAvp'
// containing an array of 'usArraySize' ULONGs, converted to host
// byte-order. A 2-byte reserved field is assumed to preceed the first
// ULONG.
//
// Returns GERR_None if successful, or a GERR_* error code.
//
{ USHORT* pusCur; UNALIGNED ULONG* pulCur; ULONG i;
// Make sure it's the right size.
//
if (pAvp->usValueLength != sizeof(USHORT) + (usArraySize * sizeof(ULONG))) { return GERR_BadLength; }
pusCur = (USHORT* )pAvp->pValue;
// Skip over and ignore the 'Reserved' field.
//
++pusCur;
*paulArray = (UNALIGNED ULONG* )pusCur; for (i = 0, pulCur = *paulArray; i < usArraySize; ++i, ++pulCur) { // Convert to host byte-order.
//
*pulCur = ntohl( *pulCur ); }
return GERR_None;}
USHORTGetAvpValueFlag( IN AVPINFO* pAvp, OUT UNALIGNED BOOLEAN* pf )
// Set callers '*pf' to true since with a flag AVP the existence is the
// data, and performs the routine AVP validations.
//
// Returns GERR_None if successful, or a GERR_* error code.
//
{ // Make sure it's the right size.
//
if (pAvp->usValueLength != 0) { return GERR_BadLength; }
*pf = TRUE;
return GERR_None;}
USHORTGetAvpValueUs( IN AVPINFO* pAvp, OUT UNALIGNED USHORT** ppus )
// Set callers '*ppus' to point to the USHORT value field of AVP 'pAvp'.
// The field is host byte-ordered.
//
// Returns GERR_None if successful, or a GERR_* error code.
//
{ UNALIGNED USHORT* pusCur;
// Make sure it's the right size.
//
if (pAvp->usValueLength != sizeof(USHORT)) { return GERR_BadLength; }
// Convert in place to host byte-order.
//
pusCur = (USHORT* )pAvp->pValue; *pusCur = ntohs( *pusCur ); *ppus = pusCur;
return GERR_None;}
USHORTGetAvpValue2UsAndVariableAch( IN AVPINFO* pAvp, OUT UNALIGNED USHORT** ppus1, OUT UNALIGNED USHORT** ppus2, OUT CHAR** ppch, OUT USHORT* pusArraySize )
// Gets the data from an AVP with 2 USHORTs followed by a variable length
// array. Sets '*ppus1' and '*ppus2' to the two short integers and
// '*ppus' to the variable length array. '*PusArraySize is set to the
// length of the '*ppch' array. 'pAvp'. The field is host byte-ordered.
//
// Returns GERR_None if successful, or a GERR_* error code.
//
{ UNALIGNED USHORT* pusCur;
// Make sure it's the right size.
//
if (pAvp->usValueLength < (2 * sizeof(USHORT))) { return GERR_BadLength; }
// Convert in place to host byte-order.
//
pusCur = (USHORT* )pAvp->pValue; *pusCur = ntohs( *pusCur ); *ppus1 = pusCur; ++pusCur;
*pusCur = ntohs( *pusCur ); *ppus2 = pusCur; ++pusCur;
*ppch = (CHAR* )pusCur; *pusArraySize = pAvp->usValueLength - (2 * sizeof(USHORT));
return GERR_None;}
USHORTGetAvpValueUl( IN AVPINFO* pAvp, OUT UNALIGNED ULONG** ppul )
// Set callers '*ppul' to point to the ULONG value field of AVP 'pAvp'.
// The field is host byte-ordered.
//
// Returns GERR_None if successful, or a GERR_* error code.
//
{ UNALIGNED ULONG* pulCur;
// Make sure it's the right size.
//
if (pAvp->usValueLength != sizeof(ULONG)) { return GERR_BadLength; }
// Convert in place to host byte-order.
//
pulCur = (UNALIGNED ULONG* )pAvp->pValue; *pulCur = ntohl( *pulCur ); *ppul = pulCur;
return GERR_None;}
USHORTGetAvpValueVariableAch( IN AVPINFO* pAvp, OUT CHAR** ppch, OUT USHORT* pusArraySize )
// Set callers '*ppch' to point to value field of AVP 'pAvp' containing an
// array of bytes, where '*pusArraySize' is set to the length in bytes.
// No byte ordering is done.
//
// Returns GERR_None if successful, or a GERR_* error code.
//
{ *pusArraySize = pAvp->usValueLength; *ppch = pAvp->pValue;
return GERR_None;}
VOIDHelloTimerEvent( IN TIMERQITEM* pItem, IN VOID* pContext, IN TIMERQEVENT event )
// PTIMERQEVENT handler set to expire when a "Hello" interval has expired.
//
{ ADAPTERCB* pAdapter; TUNNELCB* pTunnel; BOOLEAN fReusedTimerQItem;
TRACE( TL_V, TM_Send, ( "HelloTimerEvent(%s)", TimerQPszFromEvent( event ) ) );
// Unpack context information.
//
pTunnel = (TUNNELCB* )pContext; pAdapter = pTunnel->pAdapter;
fReusedTimerQItem = FALSE;
if (event == TE_Expire) { NdisAcquireSpinLock( &pTunnel->lockT ); { if (pTunnel->ulHelloResetsThisInterval == 0 && pTunnel->ulRemainingHelloMs == 0) { if (pTunnel->state != CCS_Idle && pItem == pTunnel->pTqiHello) { // The full timeout period has expired, the tunnel's not
// idle, and the hello timer was not cancelled or
// terminated since the expire timer fired. It's time to
// send a "Hello" message to make sure the media is still
// up.
//
SendControl( pTunnel, NULL, CMT_Hello, 0, 0, NULL, 0 ); } DBG_else { TRACE( TL_A, TM_Send, ( "Hello aborted" ) ); }
pTunnel->pTqiHello = NULL; } else { ULONG ulTimeoutMs;
// Not a full timeout expiration event. Adjust interval
// counters and schedule next interval timeout.
//
if (pTunnel->ulHelloResetsThisInterval > 0) { pTunnel->ulRemainingHelloMs = pAdapter->ulHelloMs; pTunnel->ulHelloResetsThisInterval = 0; }
if (pTunnel->ulRemainingHelloMs >= L2TP_HelloIntervalMs) { ulTimeoutMs = L2TP_HelloIntervalMs; pTunnel->ulRemainingHelloMs -= L2TP_HelloIntervalMs; } else { ulTimeoutMs = pTunnel->ulRemainingHelloMs; pTunnel->ulRemainingHelloMs = 0; }
TimerQInitializeItem( pItem ); TimerQScheduleItem( pTunnel->pTimerQ, pItem, ulTimeoutMs, HelloTimerEvent, pTunnel );
fReusedTimerQItem = TRUE; } } NdisReleaseSpinLock( &pTunnel->lockT ); }
if (!fReusedTimerQItem) { FREE_TIMERQITEM( pAdapter, pItem ); }}
VOIDIndicateReceived( IN VCCB* pVc, IN CHAR* pBuffer, IN ULONG ulOffset, IN ULONG ulLength, IN LONGLONG llTimeReceived )
// Indicates to the client above a packet received on VC 'pVc' containing
// 'ulLength' bytes of data from NDIS_BUFFER 'pBuffer' starting 'ulOffset'
// bytes in. Caller must not reference 'pBuffer' after calling this
// routine. 'UllTimeReceived' is the time the packet was received from
// the net, or 0 if call parameters said client doesn't care.
//
// IMPORTANT: Caller should not hold any spinlocks as this routine make
// NDIS indications.
//
{ NDIS_STATUS status; NDIS_PACKET* pPacket; NDIS_BUFFER* pTrimmedBuffer; ADAPTERCB* pAdapter; PACKETHEAD* pHead; LONG* plRef; LONG lRef;
pAdapter = pVc->pAdapter;
pPacket = GetPacketFromPool( &pAdapter->poolPackets, &pHead ); if (!pPacket) { // Packet descriptor pool is maxed.
//
ASSERT( !"GetPfP?" ); FreeBufferToPool( &pAdapter->poolFrameBuffers, pBuffer, TRUE ); return; }
// Lop off the L2TP header and hook the corresponding NDIS_BUFFER to the
// packet. The "copy" here refers to descriptor information only. The
// packet data is not copied.
//
NdisCopyBuffer( &status, &pTrimmedBuffer, PoolHandleForNdisCopyBufferFromBuffer( pBuffer ), NdisBufferFromBuffer( pBuffer ), ulOffset, ulLength );
if (status != STATUS_SUCCESS) { // Can't get a MDL which likely means the system is toast.
//
TRACE( TL_A, TM_Recv, ( "NdisCopyBuffer=%08x?", status ) ); FreePacketToPool( &pAdapter->poolPackets, pHead, TRUE ); FreeBufferToPool( &pAdapter->poolFrameBuffers, pBuffer, TRUE ); return; } else { extern ULONG g_ulNdisCopyBuffers;
NdisInterlockedIncrement( &g_ulNdisCopyBuffers ); }
NdisChainBufferAtFront( pPacket, pTrimmedBuffer );
// Stash the time the packet was received in the packet.
//
NDIS_SET_PACKET_TIME_RECEIVED( pPacket, llTimeReceived );
// Pre-set the packet to success, since a random value of
// NDIS_STATUS_RESOURCES would prevent our ReturnPackets handler from
// getting called.
//
NDIS_SET_PACKET_STATUS( pPacket, NDIS_STATUS_SUCCESS );
// Stash our context information with the packet for clean-up use in
// LmpReturnPacket, then indicate the packet to NDISWAN.
//
*((PACKETHEAD** )(&pPacket->MiniportReserved[ 0 ])) = pHead; *((CHAR** )(&pPacket->MiniportReserved[ sizeof(VOID*) ])) = pBuffer;
TRACE( TL_N, TM_Recv, ( "NdisMCoIndRecPkt(len=%d)...", ulLength ) ); NdisMCoIndicateReceivePacket( pVc->NdisVcHandle, &pPacket, 1 ); TRACE( TL_N, TM_Recv, ( "NdisMCoIndRecPkt done" ) );
// Tell NDIS our "receive process" is complete. Since we deal with one
// packet at a time and NDISWAN does also, this doesn't accomplish
// anything, but the consensus is it's bad form to omit it.
//
TRACE( TL_N, TM_Recv, ( "NdisMCoRecComp..." ) ); NdisMCoReceiveComplete( pAdapter->MiniportAdapterHandle ); TRACE( TL_N, TM_Recv, ( "NdisMCoRecComp done" ) );
NdisInterlockedIncrement( &g_lPacketsIndicated );
NdisAcquireSpinLock( &pVc->lockV ); { ++pVc->stats.ulRecdDataPackets; pVc->stats.ulDataBytesRecd += ulLength; } NdisReleaseSpinLock( &pVc->lockV );}
TUNNELCB*TunnelCbFromTunnelId( IN ADAPTERCB* pAdapter, IN USHORT usTunnelId )
// Return the tunnel control block associated with 'ulIpAddress' in
// 'pAdapter's list of TUNNELCBs or NULL if not found.
//
// IMPORTANT: Caller must hold 'pAdapter->lockTunnels'.
//
{ TUNNELCB* pTunnel; LIST_ENTRY* pLink;
pTunnel = NULL;
for (pLink = pAdapter->listTunnels.Flink; pLink != &pAdapter->listTunnels; pLink = pLink->Flink) { TUNNELCB* pThis;
pThis = CONTAINING_RECORD( pLink, TUNNELCB, linkTunnels ); if (pThis->usTunnelId == usTunnelId) { pTunnel = pThis; break; } }
return pTunnel;}
BOOLEANLookUpTunnelAndVcCbs( IN ADAPTERCB* pAdapter, IN USHORT* pusTunnelId, IN USHORT* pusCallId, IN L2TPHEADERINFO* pHeader, IN CONTROLMSGINFO* pControl, OUT TUNNELCB** ppTunnel, OUT VCCB** ppVc )
// Fill caller's '*ppTunnel' and '*ppVc' with the control blocks implied
// by the Tunnel-ID and Call-ID found in the header, if any. 'PHeader' is
// the exploded L2TP header. 'PControl' is the exploded control message
// info or NULL if payload.
//
// Returns true if a valid combination is found. This does not
// necessarily mean that both tunnel and VC outputs are non-NULL.
//
// Returns false if the combination is invalid. In this case, the packet
// is zombie acked if necessary. See ZombieAckIfNecessary routine.
//
{ BOOLEAN fFail;
*ppVc = NULL; *ppTunnel = NULL;
// As of draft-05 Tunnel-ID and Call-ID are no longer optional.
//
ASSERT( pusCallId ); ASSERT( pusTunnelId );
if (*pusCallId) { if (*pusCallId > pAdapter->usMaxVcs) { // Non-0 Call-ID out of range of the table, i.e. it's a VC that is
// being used for graceful termination and is not passed up. Look
// up tunnel and VC blocks by walking lists.
//
// Search the adapter's list of active tunnels for the one
// with peer's specified Tunnel-ID.
//
NdisAcquireSpinLock( &pAdapter->lockTunnels ); { *ppTunnel = TunnelCbFromTunnelId( pAdapter, *pusTunnelId ); if (*ppTunnel) { ReferenceTunnel( *ppTunnel, TRUE ); } } NdisReleaseSpinLock( &pAdapter->lockTunnels );
if (*ppTunnel) { // Search the tunnel's list of active VCs for the one with
// peer's specified Call-ID.
//
NdisAcquireSpinLock( &((*ppTunnel)->lockVcs) ); { *ppVc = VcCbFromCallId( *ppTunnel, *pusCallId ); if (*ppVc) { ReferenceVc( *ppVc ); } } NdisReleaseSpinLock( &((*ppTunnel)->lockVcs) );
if (!*ppVc) { // Non-0 Call-ID out of range of table with no
// associated VC control block.
//
TRACE( TL_A, TM_Recv, ( "CBs bad: Big CID w/!pV" ) ); ZombieAckIfNecessary( *ppTunnel, pHeader, pControl ); DereferenceTunnel( *ppTunnel ); *ppTunnel = NULL; return FALSE; } } else { // Non-0 Call-ID out of range of table with no tunnel
// control block associated with the Tunnel-ID.
//
TRACE( TL_A, TM_Recv, ( "CBs bad: Big CID w/!pT" ) ); return FALSE; } } else { // Read the VCCB* from the adapter's table.
//
fFail = FALSE; NdisDprAcquireSpinLock( &pAdapter->lockVcs ); { *ppVc = pAdapter->ppVcs[ *pusCallId - 1 ];
if (*ppVc && *ppVc != (VCCB* )-1) { ReferenceVc( *ppVc );
*ppTunnel = (*ppVc)->pTunnel; ASSERT( *ppTunnel ); ReferenceTunnel( *ppTunnel, FALSE );
if (*pusTunnelId && (*pusTunnelId != (*ppTunnel)->usTunnelId)) { // Non-0 Call-ID is associated with a tunnel different
// than the one indicated by peer in the header.
//
TRACE( TL_A, TM_Recv, ( "CBs bad: TIDs=%d,%d?", (ULONG )*pusTunnelId, (ULONG )(*ppTunnel)->usTunnelId ) );
DereferenceTunnel( *ppTunnel ); *ppTunnel = NULL; DereferenceVc( *ppVc ); *ppVc = NULL; fFail = TRUE; } } else { // Non-0 Call-ID without an active VC.
//
TRACE( TL_A, TM_Recv, ( "CBs bad: CID=%d, pV=$%p?", (ULONG )*pusCallId, *ppVc ) );
// Search the adapter's list of active tunnels for the one
// with peer's specified Tunnel-ID.
//
NdisAcquireSpinLock( &pAdapter->lockTunnels ); { *ppTunnel = TunnelCbFromTunnelId( pAdapter, *pusTunnelId ); if (*ppTunnel) { ReferenceTunnel( *ppTunnel, TRUE ); } } NdisReleaseSpinLock( &pAdapter->lockTunnels );
*ppVc = NULL; fFail = TRUE; } } NdisDprReleaseSpinLock( &pAdapter->lockVcs );
if (fFail) { if (*ppTunnel) { ZombieAckIfNecessary( *ppTunnel, pHeader, pControl ); DereferenceTunnel( *ppTunnel ); *ppTunnel = NULL; }
return FALSE; } } } else if (*pusTunnelId) { // 0 Call-ID with non-0 Tunnel-ID. Search the list of active tunnels
// for the one with peer's specified Tunnel-ID.
//
NdisAcquireSpinLock( &pAdapter->lockTunnels ); { *ppTunnel = TunnelCbFromTunnelId( pAdapter, *pusTunnelId ); if (*ppTunnel) { ReferenceTunnel( *ppTunnel, TRUE ); } } NdisReleaseSpinLock( &pAdapter->lockTunnels );
if (!*ppTunnel) { // 0 Call-Id with bogus Tunnel-ID.
//
TRACE( TL_A, TM_Recv, ( "CBs bad: CID=0, TID=%d, pT=0?", (ULONG )*pusTunnelId ) ); return FALSE; }
if (pControl && pControl->usXError == GERR_None && pControl->pusMsgType && *(pControl->pusMsgType) == CMT_CDN && pControl->pusAssignedCallId) { // The CallDisconnectNotify message includes the sender's assigned
// Call-ID as an AVP so that it may be sent before sender receives
// peer's assigned Call-ID. Unfortunately, this requires this
// routine to have AVP knowledge. Search the tunnel's list of
// associated VCs for the one with peer's specified Assigned
// Call-ID.
//
NdisDprAcquireSpinLock( &((*ppTunnel)->lockVcs) ); { *ppVc = VcCbFromCallId( *ppTunnel, *(pControl->pusAssignedCallId) );
if (*ppVc) { ReferenceVc( *ppVc ); } } NdisDprReleaseSpinLock( &((*ppTunnel)->lockVcs) );
if (!*ppVc) { // 0 Call-Id CDN with no associated VC.
//
TRACE( TL_A, TM_Recv, ( "CBs bad: CDN TID=%d, !pVc?", (ULONG )*pusTunnelId ) ); ZombieAckIfNecessary( *ppTunnel, pHeader, pControl ); DereferenceTunnel( *ppTunnel ); *ppTunnel = NULL; return FALSE; } } }
// Note: 0 Call-ID with 0 Tunnel-ID should only occur on peer's SCCRQ to
// start a tunnel, but that means it's not an error here, even though we
// report back neither control block.
ASSERT( !*ppTunnel || (*ppTunnel)->ulTag == MTAG_TUNNELCB ); ASSERT( !*ppVc || (*ppVc)->ulTag == MTAG_VCCB ); TRACE( TL_N, TM_Recv, ( "CBs good: pT=$%p, pV=$%p", *ppTunnel, *ppVc ) );
return TRUE;}
VOIDPayloadAcknowledged( IN TUNNELCB* pTunnel, IN VCCB* pVc, IN USHORT usReceivedNr )
// Cancels the timer of all payload-sent contexts in the VCs
// 'listSendsOut' queue with 'Next Sent' less than 'usReceivedNr'.
//
// IMPORTANT: Caller must hold 'pVc->lockV', which may be released and
// re-acquired by this routine. Caller must not hold any other
// locks.
//
{ while (!IsListEmpty( &pVc->listSendsOut )) { PAYLOADSENT* pPs; LIST_ENTRY* pLink; BOOLEAN fUpdateSendWindow; LINKSTATUSINFO info;
pLink = pVc->listSendsOut.Flink; pPs = CONTAINING_RECORD( pLink, PAYLOADSENT, linkSendsOut );
// The list is in 'Ns' order so as soon as a non-acknowledge is hit
// we're done.
//
if (CompareSequence( pPs->usNs, usReceivedNr ) >= 0) { break; }
// This packet has been acknowledged.
//
pPs->status = NDIS_STATUS_SUCCESS;
// Remove the context from the head of the "outstanding send" list.
// The corresponding dereference occurs below.
//
RemoveEntryList( &pPs->linkSendsOut ); InitializeListHead( &pPs->linkSendsOut );
// Doesn't matter if this cancel fails because the expire handler will
// recognize that the context is not linked into the "out" list and do
// nothing.
//
TimerQCancelItem( pTunnel->pTimerQ, pPs->pTqiSendTimeout );
// Adjust the timeouts and, if necessary, the send window as suggested
// in the draft/RFC.
//
AdjustTimeoutsAtAckReceived( pPs->llTimeSent, pTunnel->pAdapter->ulMaxSendTimeoutMs, &pVc->ulSendTimeoutMs, &pVc->ulRoundTripMs, &pVc->lDeviationMs );
fUpdateSendWindow = AdjustSendWindowAtAckReceived( pVc->ulMaxSendWindow, &pVc->ulAcksSinceSendTimeout, &pVc->ulSendWindow );
TRACE( TL_V, TM_Send, ( "C%d: ACK(%d) new rtt=%d dev=%d ato=%d sw=%d", (ULONG )pVc->usCallId, (ULONG )pPs->usNs, pVc->ulRoundTripMs, pVc->ulSendTimeoutMs, pVc->lDeviationMs, pVc->ulSendWindow ) );
// Update the statistics the reflect the acknowledge, it's round trip
// time, and any change in the send window. The field
// 'pVc->UlRoundTripMs' is really an "estimate" of the next round trip
// rather than the actual trip time. However, just after an
// acknowledge has been received, the two are identical so it can be
// used in the statistics here.
//
++pVc->stats.ulSentPacketsAcked; ++pVc->stats.ulRoundTrips; pVc->stats.ulRoundTripMsTotal += pVc->ulRoundTripMs;
if (pVc->ulRoundTripMs > pVc->stats.ulMaxRoundTripMs) { pVc->stats.ulMaxRoundTripMs = pVc->ulRoundTripMs; }
if (pVc->ulRoundTripMs < pVc->stats.ulMinRoundTripMs || pVc->stats.ulRoundTrips == 1) { pVc->stats.ulMinRoundTripMs = pVc->ulRoundTripMs; }
if (fUpdateSendWindow) { ++pVc->stats.ulSendWindowChanges;
if (pVc->ulSendWindow > pVc->stats.ulMaxSendWindow) { pVc->stats.ulMaxSendWindow = pVc->ulSendWindow; } else if (pVc->ulSendWindow < pVc->stats.ulMinSendWindow) { pVc->stats.ulMinSendWindow = pVc->ulSendWindow; }
// Indicate the send window change to NDISWAN. The lock is
// released first since this involves a call outside our driver.
//
TransferLinkStatusInfo( pVc, &info ); NdisReleaseSpinLock( &pVc->lockV ); { IndicateLinkStatus( pVc, &info ); } NdisAcquireSpinLock( &pVc->lockV ); }
// This dereference corresponds to the removal of the context from the
// "outstanding send" list above.
//
DereferencePayloadSent( pPs ); }}
BOOLEANReceiveFromOutOfOrder( IN VCCB* pVc )
// "Receives" the first buffer queued on 'pVc's out-of-order list if it is
// the next expected packet.
//
// Returns true if a buffer was "received", false otherwise. If true is
// returned, caller should call SchedulePayloadAck. It's not called here
// so caller can receive multiple packets from the out-of-order queue and
// set the timer once.
//
// IMPORTANT: Caller must hold 'pVc->lockV'. Also, be aware this routine
// may release and re-acquire the lock to make the NDIS receive
// indication.
//
{ ADAPTERCB* pAdapter; LIST_ENTRY* pFirstLink; PAYLOADRECEIVED* pFirstPr; SHORT sDiff;
TRACE( TL_N, TM_Recv, ( "ReceiveFromOutOfOrder Nr=%d", pVc->usNr ) );
if (IsListEmpty( &pVc->listOutOfOrder )) { // No out-of-order buffers queued.
//
TRACE( TL_N, TM_Recv, ( "None queued" ) ); return FALSE; }
pAdapter = pVc->pAdapter; pFirstLink = pVc->listOutOfOrder.Flink; pFirstPr = CONTAINING_RECORD( pFirstLink, PAYLOADRECEIVED, linkOutOfOrder );
// Verify the next queued buffer is in sequence first.
//
sDiff = CompareSequence( pFirstPr->usNs, pVc->usNr ); if (sDiff > 0) { // No, first queued packet is still beyond the next one expected.
//
TRACE( TL_I, TM_Recv, ( "Still out-of-order, Ns=%d", pFirstPr->usNs ) ); return FALSE; }
// De-queue the first out-of-order buffer and if it's exactly the one we
// expected, update 'Next Receive'to be the one following it's 'Next
// Send'. When peer sends an R-bit to set 'Next Receive' ahead, packets
// prior to the new expected packet may be queued before the expected
// packet. These packets are still good and are immediately indicated up,
// but since 'Next Receive' is already updated in that case, it is not
// adjusted here.
//
RemoveEntryList( pFirstLink ); InitializeListHead( pFirstLink );
if (sDiff == 0) { pVc->usNr = pFirstPr->usNs + 1; }
TRACE( TL_I, TM_Recv, ( "%d from queue", (UINT )pFirstPr->usNs ) ); ++pVc->stats.ulDataPacketsDequeued;
NdisReleaseSpinLock( &pVc->lockV ); { // Indicate the buffer to the driver above, and free it's out-of-order
// context.
//
IndicateReceived( pVc, pFirstPr->pBuffer, pFirstPr->ulPayloadOffset, pFirstPr->ulPayloadLength, pFirstPr->llTimeReceived );
FREE_PAYLOADRECEIVED( pAdapter, pFirstPr ); } NdisAcquireSpinLock( &pVc->lockV );
return TRUE;}
VOIDResetHelloTimer( IN TUNNELCB* pTunnel )
// Resets (logically anyway) the 'pTunnel' Hello timer.
//
{ ADAPTERCB* pAdapter;
pAdapter = pTunnel->pAdapter;
if (pAdapter->ulHelloMs) { NdisAcquireSpinLock( &pTunnel->lockT ); { if (pTunnel->state != CCS_Idle) { if (pTunnel->pTqiHello) { TRACE( TL_V, TM_Send, ( "Reset HelloTimer" ) );
// Timer's running so just note that a reset has occurred
// since it was started.
//
++pTunnel->ulHelloResetsThisInterval; } else { TRACE( TL_I, TM_Send, ( "Kickstart HelloTimer" ) );
// Timer is not running. Kickstart it by scheduling an
// "instant expire" event that will reset the interval.
//
pTunnel->pTqiHello = ALLOC_TIMERQITEM( pAdapter ); if (pTunnel->pTqiHello) { pTunnel->ulHelloResetsThisInterval = 1; pTunnel->ulRemainingHelloMs = 0;
TimerQInitializeItem( pTunnel->pTqiHello ); TimerQScheduleItem( pTunnel->pTimerQ, pTunnel->pTqiHello, 0, HelloTimerEvent, pTunnel ); } } } } NdisReleaseSpinLock( &pTunnel->lockT ); }}
VOIDScheduleControlAck( IN TUNNELCB* pTunnel, IN USHORT usMsgTypeToAcknowledge )
// Schedule a 'ControlAckTimerEvent' to occur in 1/4 of the standard send
// timeout. If one's already ticking no action is taken, because any
// packet that goes out will get it done. Doesn't matter who requested
// it. 'UsMsgTypeToAcknowledge' is the CMT_* code of the message to be
// acknowledged and is used for performance tuning.
//
// IMPORTANT: Caller must hold 'pTunnel->lockT'.
//
{ TIMERQITEM* pTqi; ADAPTERCB* pAdapter; ULONG ulDelayMs; BOOLEAN fFastAck;
if ((usMsgTypeToAcknowledge == CMT_StopCCN || usMsgTypeToAcknowledge == CMT_ICCN || usMsgTypeToAcknowledge == CMT_OCCN || usMsgTypeToAcknowledge == CMT_CDN) || (pTunnel->ulSendsOut < pTunnel->ulSendWindow)) { TRACE( TL_N, TM_Recv, ( "Fast ACK" ) );
// Certain messages where follow-on messages are unlikely are
// acknowledged without delay, as are all messages when the send
// window is closed.
//
fFastAck = TRUE; } else { fFastAck = FALSE; }
if (pTunnel->pTqiDelayedAck) { if (fFastAck) { TimerQExpireItem( pTunnel->pTimerQ, pTunnel->pTqiDelayedAck ); } } else { pAdapter = pTunnel->pAdapter; pTqi = ALLOC_TIMERQITEM( pAdapter ); if (!pTqi) { ASSERT( !"Alloc TQI?" ); return; }
pTunnel->pTqiDelayedAck = pTqi;
if (fFastAck) { ulDelayMs = 0; } else { ulDelayMs = pTunnel->ulSendTimeoutMs >> 2; if (ulDelayMs > pAdapter->ulMaxAckDelayMs) { ulDelayMs = pAdapter->ulMaxAckDelayMs; } }
TRACE( TL_N, TM_Recv, ( "SchedControlAck(%dms)", ulDelayMs ) );
ReferenceTunnel( pTunnel, FALSE ); TimerQInitializeItem( pTqi ); TimerQScheduleItem( pTunnel->pTimerQ, pTqi, ulDelayMs, ControlAckTimerEvent, pTunnel ); }}
VOIDSchedulePayloadAck( IN TUNNELCB* pTunnel, IN VCCB* pVc )
// Schedule a 'PayloadAckTimerEvent' to occur in 1/4 of the standard send
// timeout. If one's already ticking no action is taken, because any
// packet that goes out will get it done. Doesn't matter who requested
// it.
//
// IMPORTANT: Caller must hold 'pVc->lockV'.
//
{ ADAPTERCB* pAdapter; TIMERQITEM* pTqi; ULONG ulDelayMs;
if (!pVc->pTqiDelayedAck) { pAdapter = pVc->pAdapter; pTqi = ALLOC_TIMERQITEM( pAdapter ); if (!pTqi) { ASSERT( !"Alloc TQI?" ); return; }
pVc->pTqiDelayedAck = pTqi;
ulDelayMs = pVc->ulSendTimeoutMs >> 2; if (ulDelayMs > pAdapter->ulMaxAckDelayMs) { ulDelayMs = pAdapter->ulMaxAckDelayMs; }
TRACE( TL_N, TM_Recv, ( "SchedPayloadAck(%dms)=$%p", ulDelayMs, pTqi ) );
ReferenceVc( pVc ); TimerQInitializeItem( pTqi ); TimerQScheduleItem( pTunnel->pTimerQ, pTqi, ulDelayMs, PayloadAckTimerEvent, pVc ); }}
VCCB*VcCbFromCallId( IN TUNNELCB* pTunnel, IN USHORT usCallId )
// Return the VC control block associated with 'usCallId' in 'pTunnel's
// list of active VCs or NULL if not found.
//
// IMPORTANT: Caller must hold 'pTunnel->lockVcs'.
//
{ VCCB* pVc; LIST_ENTRY* pLink;
pVc = NULL;
for (pLink = pTunnel->listVcs.Flink; pLink != &pTunnel->listVcs; pLink = pLink->Flink) { VCCB* pThis;
pThis = CONTAINING_RECORD( pLink, VCCB, linkVcs ); if (pThis->usCallId == usCallId) { pVc = pThis; break; } }
return pVc;}
VOIDZombieAckIfNecessary( IN TUNNELCB* pTunnel, IN L2TPHEADERINFO* pHeader, IN CONTROLMSGINFO* pControl )
// Determines if a message not matched to any VC warrants a "zombie"
// re-acknowledge, and if so, schedules one. This situation arises when
// our side sends an acknowledge to peer's CDN on a given call and the
// acknowledge is lost. Our side tears down the VC immediately, but peer
// will eventually drop the entire tunnel if no acknowledge of his follow
// on CDN retransmits are received, thus affecting calls beyond the one
// dropped. This routine acknowledges such retransmissions.
//
// Another simpler approach would be to take a reference on the call and
// hold it for a full retransmission interval before dereferencing.
// However, this would block the drop indications up and would therefore,
// from dial-out user's point of view, cause a potentially long delay
// whenever server disconnected a call. This is judged undesirable enough
// to tolerate the zombie ack messiness.
//
// 'PTunnel' is the associated tunnel control block. 'PHeader' is the
// exploded L2TP header. 'PControl' is the exploded control header, or
// NULL if not a control message. Caller should already have determined
// that no VC is associated with the message.
//
{ if (pControl && pControl->usXError == GERR_None && pControl->pusMsgType && *(pControl->pusMsgType) == CMT_CDN && pControl->pusAssignedCallId) { // It's a CDN message and a candidate for re-acknowledgement. See if
// it's sequence number is prior to or equal to the next expected
// packet. If so, schedule a zombie acknowledge.
//
if (CompareSequence( *(pHeader->pusNs), pTunnel->usNr ) <= 0) { TRACE( TL_A, TM_Send, ( "Zombie acking" ) );
NdisAcquireSpinLock( &pTunnel->lockT ); { // Cancel any pending delayed acknowledge timeout.
//
if (pTunnel->pTqiDelayedAck) { TimerQCancelItem( pTunnel->pTimerQ, pTunnel->pTqiDelayedAck ); pTunnel->pTqiDelayedAck = NULL; } } NdisReleaseSpinLock( &pTunnel->lockT );
ScheduleTunnelWork( pTunnel, NULL, SendControlAck, 0, 0, 0, 0, FALSE, FALSE ); } }}
|
