90dec41d3a8b1aa823709b164b620b449c149195
[etherboot.git] / src / core / nic.c
1 /**************************************************************************
2 Etherboot -  Network Bootstrap Program
3
4 Literature dealing with the network protocols:
5         ARP - RFC826
6         RARP - RFC903
7         IP - RFC791
8         UDP - RFC768
9         BOOTP - RFC951, RFC2132 (vendor extensions)
10         DHCP - RFC2131, RFC2132, RFC3004 (options)
11         TFTP - RFC1350, RFC2347 (options), RFC2348 (blocksize), RFC2349 (tsize)
12         RPC - RFC1831, RFC1832 (XDR), RFC1833 (rpcbind/portmapper)
13         NFS - RFC1094, RFC1813 (v3, useful for clarifications, not implemented)
14         IGMP - RFC1112, RFC2113, RFC2365, RFC2236, RFC3171
15
16 **************************************************************************/
17 #include "etherboot.h"
18 #include "nic.h"
19 #include "elf.h" /* FOR EM_CURRENT */
20
21 struct arptable_t       arptable[MAX_ARP];
22 #if MULTICAST_LEVEL2
23 unsigned long last_igmpv1 = 0;
24 struct igmptable_t      igmptable[MAX_IGMP];
25 #endif
26 /* Put rom_info in .nocompress section so romprefix.S can write to it */
27 struct rom_info rom __attribute__ ((section (".text16.nocompress"))) = {0,0};
28 static unsigned long    netmask;
29 /* Used by nfs.c */
30 char *hostname = "";
31 int hostnamelen = 0;
32 #ifndef USE_STATIC_BOOT_INFO
33 static uint32_t xid;
34 #endif
35 static uint16_t sport;
36 unsigned char *end_of_rfc1533 = NULL;
37 unsigned char *addparam;
38 int addparamlen;
39
40 #ifdef IMAGE_FREEBSD
41 int freebsd_howto = 0;
42 char freebsd_kernel_env[FREEBSD_KERNEL_ENV_SIZE];
43 #endif /* IMAGE_FREEBSD */
44
45 static int vendorext_isvalid;
46 static const unsigned char vendorext_magic[] = {0xE4,0x45,0x74,0x68}; /* √§Eth */
47 static const unsigned char broadcast[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
48 static const in_addr zeroIP = { 0L };
49
50 struct bootpd_t bootp_data;
51
52 #ifdef PXE_DHCP_STRICT
53 #define MAX_BOOT_MENU 5
54 #define MAX_BOOT_ENTRY_LENGTH 60
55 struct {
56   uint16_t id;
57   unsigned char text[MAX_BOOT_ENTRY_LENGTH+1];
58   in_addr ip;
59 } pxe_boot_menu[MAX_BOOT_MENU];
60 static unsigned char num_boot_menu = 0;
61 #endif /* PXE_DHCP_STRICT */
62
63 #ifdef  NO_DHCP_SUPPORT
64 static unsigned char    rfc1533_cookie[5] = { RFC1533_COOKIE, RFC1533_END };
65 #else   /* NO_DHCP_SUPPORT */
66 static int dhcp_reply;
67 static in_addr dhcp_server = { 0L };
68 static unsigned char    rfc1533_cookie[] = { RFC1533_COOKIE };
69 #define DHCP_MACHINE_INFO_SIZE (sizeof dhcp_machine_info)
70 #ifndef USE_STATIC_BOOT_INFO
71 static in_addr dhcp_addr = { 0L };
72 static unsigned char dhcp_machine_info[] = {
73         /* Our enclosing DHCP tag */
74         RFC1533_VENDOR_ETHERBOOT_ENCAP, 11,
75         /* Our boot device */
76         RFC1533_VENDOR_NIC_DEV_ID, 5, PCI_BUS_TYPE, 0, 0, 0, 0,
77         /* Our current architecture */
78         RFC1533_VENDOR_ARCH, 2, EM_CURRENT & 0xff, (EM_CURRENT >> 8) & 0xff,
79 #ifdef EM_CURRENT_64
80         /* The 64bit version of our current architecture */
81         RFC1533_VENDOR_ARCH, 2, EM_CURRENT_64 & 0xff, (EM_CURRENT_64 >> 8) & 0xff,
82 #undef DHCP_MACHINE_INFO_SIZE
83 #define DHCP_MACHINE_INFO_SIZE (sizeof(dhcp_machine_info) - (EM_CURRENT_64_PRESENT? 0: 4))
84 #endif /* EM_CURRENT_64 */
85 };
86 #endif /* USE_STATIC_BOOT_INFO */
87 static const unsigned char dhcpdiscover[] = {
88         RFC2132_MSG_TYPE,1,DHCPDISCOVER,
89         RFC2132_MAX_SIZE,2,     /* request as much as we can */
90         ETH_MAX_MTU / 256, ETH_MAX_MTU % 256,
91 #ifdef PXE_DHCP_STRICT
92         RFC3679_PXE_CLIENT_UUID,RFC3679_PXE_CLIENT_UUID_LENGTH,RFC3679_PXE_CLIENT_UUID_DEFAULT,
93         RFC3679_PXE_CLIENT_ARCH,RFC3679_PXE_CLIENT_ARCH_LENGTH,RFC3679_PXE_CLIENT_ARCH_IAX86PC,
94         RFC3679_PXE_CLIENT_NDI, RFC3679_PXE_CLIENT_NDI_LENGTH, RFC3679_PXE_CLIENT_NDI_21,
95         RFC2132_VENDOR_CLASS_ID,RFC2132_VENDOR_CLASS_ID_PXE_LENGTH,RFC2132_VENDOR_CLASS_ID_PXE,
96 #else
97         RFC2132_VENDOR_CLASS_ID,13,'E','t','h','e','r','b','o','o','t',
98         '-',VERSION_MAJOR+'0','.',VERSION_MINOR+'0',
99 #endif /* PXE_DHCP_STRICT */
100 #ifdef DHCP_CLIENT_ID
101         /* Client ID Option */
102         RFC2132_CLIENT_ID, ( DHCP_CLIENT_ID_LEN + 1 ),
103         DHCP_CLIENT_ID_TYPE, DHCP_CLIENT_ID,
104 #endif /* DHCP_CLIENT_ID */
105 #ifdef DHCP_USER_CLASS
106         /* User Class Option */
107         RFC3004_USER_CLASS, DHCP_USER_CLASS_LEN, DHCP_USER_CLASS,
108 #endif /* DHCP_USER_CLASS */
109         RFC2132_PARAM_LIST,
110 #define DHCPDISCOVER_PARAMS_BASE 4
111 #ifdef  PXE_DHCP_STRICT
112 #define DHCPDISCOVER_PARAMS_PXE ( 1 + 8 )
113 #else
114 #define DHCPDISCOVER_PARAMS_PXE 0
115 #endif /* PXE_DHCP_STRICT */
116 #ifdef  DNS_RESOLVER
117 #define DHCPDISCOVER_PARAMS_DNS         1
118 #else
119 #define DHCPDISCOVER_PARAMS_DNS         0
120 #endif /* DNS_RESOLVER */
121         ( DHCPDISCOVER_PARAMS_BASE +
122           DHCPDISCOVER_PARAMS_PXE+
123           DHCPDISCOVER_PARAMS_DNS ),
124         RFC1533_NETMASK,
125         RFC1533_GATEWAY,
126         RFC1533_HOSTNAME,
127         RFC1533_VENDOR
128 #ifdef PXE_DHCP_STRICT
129         ,RFC2132_VENDOR_CLASS_ID,
130         RFC1533_VENDOR_PXE_OPT128,
131         RFC1533_VENDOR_PXE_OPT129,
132         RFC1533_VENDOR_PXE_OPT130,
133         RFC1533_VENDOR_PXE_OPT131,
134         RFC1533_VENDOR_PXE_OPT132,
135         RFC1533_VENDOR_PXE_OPT133,
136         RFC1533_VENDOR_PXE_OPT134,
137         RFC1533_VENDOR_PXE_OPT135
138 #endif /* PXE_DHCP_STRICT */
139 #ifdef  DNS_RESOLVER
140         ,RFC1533_DNS
141 #endif
142 };
143 static const unsigned char dhcprequest [] = {
144         RFC2132_MSG_TYPE,1,DHCPREQUEST,
145         RFC2132_SRV_ID,4,0,0,0,0,
146         RFC2132_REQ_ADDR,4,0,0,0,0,
147         RFC2132_MAX_SIZE,2,     /* request as much as we can */
148         ETH_MAX_MTU / 256, ETH_MAX_MTU % 256,
149 #ifdef PXE_DHCP_STRICT
150         RFC3679_PXE_CLIENT_UUID,RFC3679_PXE_CLIENT_UUID_LENGTH,RFC3679_PXE_CLIENT_UUID_DEFAULT,
151         RFC3679_PXE_CLIENT_ARCH,RFC3679_PXE_CLIENT_ARCH_LENGTH,RFC3679_PXE_CLIENT_ARCH_IAX86PC,
152         RFC3679_PXE_CLIENT_NDI, RFC3679_PXE_CLIENT_NDI_LENGTH, RFC3679_PXE_CLIENT_NDI_21,
153         RFC2132_VENDOR_CLASS_ID,RFC2132_VENDOR_CLASS_ID_PXE_LENGTH,RFC2132_VENDOR_CLASS_ID_PXE,
154 #else
155         RFC2132_VENDOR_CLASS_ID,13,'E','t','h','e','r','b','o','o','t',
156         '-',VERSION_MAJOR+'0','.',VERSION_MINOR+'0',
157 #endif /* PXE_DHCP_STRICT */
158 #ifdef DHCP_CLIENT_ID
159         /* Client ID Option */
160         RFC2132_CLIENT_ID, ( DHCP_CLIENT_ID_LEN + 1 ),
161         DHCP_CLIENT_ID_TYPE, DHCP_CLIENT_ID,
162 #endif /* DHCP_CLIENT_ID */
163 #ifdef DHCP_USER_CLASS
164         /* User Class Option */
165         RFC3004_USER_CLASS, DHCP_USER_CLASS_LEN, DHCP_USER_CLASS,
166 #endif /* DHCP_USER_CLASS */
167         /* request parameters */
168         RFC2132_PARAM_LIST,
169 #define DHCPREQUEST_PARAMS_BASE 5
170 #ifdef  PXE_DHCP_STRICT
171 #define DHCPREQUEST_PARAMS_PXE 1
172 #define DHCPREQUEST_PARAMS_VENDOR_PXE 8
173 #define DHCPREQUEST_PARAMS_VENDOR_EB 0
174 #else
175 #define DHCPREQUEST_PARAMS_PXE 0
176 #define DHCPREQUEST_PARAMS_VENDOR_PXE 0
177 #define DHCPREQUEST_PARAMS_VENDOR_EB 4
178 #endif /* PXE_DHCP_STRICT */
179 #ifdef  IMAGE_FREEBSD
180 #define DHCPREQUEST_PARAMS_FREEBSD 2
181 #else
182 #define DHCPREQUEST_PARAMS_FREEBSD 0
183 #endif /* IMAGE_FREEBSD */
184 #ifdef  DNS_RESOLVER
185 #define DHCPREQUEST_PARAMS_DNS  1
186 #else
187 #define DHCPREQUEST_PARAMS_DNS  0
188 #endif /* DNS_RESOLVER */
189         ( DHCPREQUEST_PARAMS_BASE +
190           DHCPREQUEST_PARAMS_PXE +
191           DHCPREQUEST_PARAMS_VENDOR_PXE +
192           DHCPREQUEST_PARAMS_VENDOR_EB +
193           DHCPREQUEST_PARAMS_DNS +
194           DHCPREQUEST_PARAMS_FREEBSD ),
195         /* 5 Standard parameters */
196         RFC1533_NETMASK,
197         RFC1533_GATEWAY,
198         RFC1533_HOSTNAME,
199         RFC1533_VENDOR,
200         RFC1533_ROOTPATH,       /* only passed to the booted image */
201 #ifndef PXE_DHCP_STRICT
202         /* 4 Etherboot vendortags */
203         RFC1533_VENDOR_MAGIC,
204         RFC1533_VENDOR_ADDPARM,
205         RFC1533_VENDOR_ETHDEV,
206         RFC1533_VENDOR_ETHERBOOT_ENCAP,
207 #endif /* ! PXE_DHCP_STRICT */
208 #ifdef  IMAGE_FREEBSD
209         /* 2 FreeBSD options */
210         RFC1533_VENDOR_HOWTO,
211         RFC1533_VENDOR_KERNEL_ENV,
212 #endif
213 #ifdef  DNS_RESOLVER
214         /* 1 DNS option */
215         RFC1533_DNS,
216 #endif
217 #ifdef  PXE_DHCP_STRICT
218         RFC2132_VENDOR_CLASS_ID,
219         RFC1533_VENDOR_PXE_OPT128,
220         RFC1533_VENDOR_PXE_OPT129,
221         RFC1533_VENDOR_PXE_OPT130,
222         RFC1533_VENDOR_PXE_OPT131,
223         RFC1533_VENDOR_PXE_OPT132,
224         RFC1533_VENDOR_PXE_OPT133,
225         RFC1533_VENDOR_PXE_OPT134,
226         RFC1533_VENDOR_PXE_OPT135,
227 #endif /* PXE_DHCP_STRICT */
228 };
229 #ifdef PXE_EXPORT
230 static const unsigned char proxydhcprequest [] = {
231         RFC2132_MSG_TYPE,1,DHCPREQUEST,
232         RFC2132_MAX_SIZE,2,     /* request as much as we can */
233         ETH_MAX_MTU / 256, ETH_MAX_MTU % 256,
234 #ifdef  PXE_DHCP_STRICT
235         RFC3679_PXE_CLIENT_UUID,RFC3679_PXE_CLIENT_UUID_LENGTH,RFC3679_PXE_CLIENT_UUID_DEFAULT,
236         RFC3679_PXE_CLIENT_ARCH,RFC3679_PXE_CLIENT_ARCH_LENGTH,RFC3679_PXE_CLIENT_ARCH_IAX86PC,
237         RFC3679_PXE_CLIENT_NDI, RFC3679_PXE_CLIENT_NDI_LENGTH, RFC3679_PXE_CLIENT_NDI_21,
238         RFC2132_VENDOR_CLASS_ID,RFC2132_VENDOR_CLASS_ID_PXE_LENGTH,RFC2132_VENDOR_CLASS_ID_PXE,
239 #endif /* PXE_DHCP_STRICT */
240 };
241 #endif
242
243 #ifdef PXE_DHCP_STRICT
244 static const unsigned char pxedhcprequest [] = {
245         RFC2132_MSG_TYPE,1,DHCPREQUEST,
246         RFC1533_VENDOR,6,PXE_BOOT_ITEM,4,0,0,0,0,
247         RFC3679_PXE_CLIENT_UUID,RFC3679_PXE_CLIENT_UUID_LENGTH,RFC3679_PXE_CLIENT_UUID_DEFAULT,
248         RFC3679_PXE_CLIENT_ARCH,RFC3679_PXE_CLIENT_ARCH_LENGTH,RFC3679_PXE_CLIENT_ARCH_IAX86PC,
249         RFC3679_PXE_CLIENT_NDI, RFC3679_PXE_CLIENT_NDI_LENGTH, RFC3679_PXE_CLIENT_NDI_21,
250         RFC2132_VENDOR_CLASS_ID,RFC2132_VENDOR_CLASS_ID_PXE_LENGTH,RFC2132_VENDOR_CLASS_ID_PXE
251 };
252 #endif /* PXE_DHCP_STRICT */
253
254 #ifdef  REQUIRE_VCI_ETHERBOOT
255 int     vci_etherboot;
256 #endif
257 #endif  /* NO_DHCP_SUPPORT */
258
259 static int dummy(void *unused __unused)
260 {
261         return (0);
262 }
263
264 /* Careful.  We need an aligned buffer to avoid problems on machines
265  * that care about alignment.  To trivally align the ethernet data
266  * (the ip hdr and arp requests) we offset the packet by 2 bytes.
267  * leaving the ethernet data 16 byte aligned.  Beyond this
268  * we use memmove but this makes the common cast simple and fast.
269  */
270 static char     packet[ETH_FRAME_LEN + ETH_DATA_ALIGN] __aligned;
271
272 struct nic      nic =
273 {
274         {
275                 0,                              /* dev.disable */
276                 {
277                         0,
278                         0,
279                         PCI_BUS_TYPE,
280                 },                              /* dev.devid */
281                 0,                              /* index */
282                 0,                              /* type */
283                 PROBE_FIRST,                    /* how_pobe */
284                 PROBE_NONE,                     /* to_probe */
285                 0,                              /* failsafe */
286                 0,                              /* type_index */
287                 {},                             /* state */
288         },
289         (int (*)(struct nic *, int))dummy,      /* poll */
290         (void (*)(struct nic *, const char *,
291                 unsigned int, unsigned int,
292                 const char *))dummy,            /* transmit */
293         (void (*)(struct nic *,
294                  irq_action_t))dummy,           /* irq */
295         0,                                      /* flags */
296         &rom,                                   /* rom_info */
297         arptable[ARP_CLIENT].node,              /* node_addr */
298         packet + ETH_DATA_ALIGN,                /* packet */
299         0,                                      /* packetlen */
300         0,                                      /* ioaddr */
301         0,                                      /* irqno */
302         0,                                      /* priv_data */
303 };
304
305 #ifdef RARP_NOT_BOOTP
306 static int rarp(void);
307 #else
308 #ifdef USE_STATIC_BOOT_INFO
309 static int get_static_boot_info(void);
310 #else
311 static int bootp(void);
312 #endif /* USE_STATIC_BOOT_INFO */
313 #endif /* RARP_NOT_BOOTP */
314 static unsigned short tcpudpchksum(struct iphdr *ip);
315
316
317 int eth_probe(struct dev *dev)
318 {
319         return probe(dev);
320 }
321
322 int eth_poll(int retrieve)
323 {
324         return ((*nic.poll)(&nic, retrieve));
325 }
326
327 void eth_transmit(const char *d, unsigned int t, unsigned int s, const void *p)
328 {
329         (*nic.transmit)(&nic, d, t, s, p);
330         if (t == ETH_P_IP) twiddle();
331 }
332
333 void eth_disable(void)
334 {
335 #ifdef MULTICAST_LEVEL2
336         int i;
337         for(i = 0; i < MAX_IGMP; i++) {
338                 leave_group(i);
339         }
340 #endif
341         disable(&nic.dev);
342 }
343
344 void eth_irq (irq_action_t action)
345 {
346         (*nic.irq)(&nic,action);
347 }
348
349 /*
350  * Find out what our boot parameters are
351  */
352 int eth_load_configuration(struct dev *dev __unused)
353 {
354         int server_found;
355         /* Find a server to get BOOTP reply from */
356 #ifdef  USE_STATIC_BOOT_INFO
357         printf("Using Static IP Information...");
358 #else
359 #ifdef  RARP_NOT_BOOTP
360         printf("Searching for server (RARP)...");
361 #else
362 #ifndef NO_DHCP_SUPPORT
363         printf("Searching for server (DHCP)...");
364 #else
365         printf("Searching for server (BOOTP)...");
366 #endif
367 #endif
368 #endif
369
370 #ifdef  USE_STATIC_BOOT_INFO
371         server_found = get_static_boot_info();
372 #else
373 #ifdef  RARP_NOT_BOOTP
374         server_found = rarp();
375 #else
376         server_found = bootp();
377 #endif
378 #endif
379         if (!server_found) {
380                 printf("No Server found\n");
381                 longjmp(restart_etherboot, -1);
382         }
383         return 0;
384 }
385
386
387 /**************************************************************************
388 LOAD - Try to get booted
389 **************************************************************************/
390 int eth_load(struct dev *dev __unused)
391 {
392         const char      *kernel;
393         printf("\nMe: %@", arptable[ARP_CLIENT].ipaddr.s_addr );
394 #ifndef USE_STATIC_BOOT_INFO
395 #ifndef NO_DHCP_SUPPORT
396         printf(", DHCP: %@", dhcp_server );
397 #ifdef PXE_EXPORT
398         if (arptable[ARP_PROXYDHCP].ipaddr.s_addr)
399                 printf(" (& %@)",
400                        arptable[ARP_PROXYDHCP].ipaddr.s_addr);
401 #endif /* PXE_EXPORT */
402 #endif /* ! NO_DHCP_SUPPORT */
403 #endif /* USE_STATIC_BOOT_INFO */
404         printf(", TFTP: %@", arptable[ARP_SERVER].ipaddr.s_addr);
405         if (bootp_data.bootp_reply.bp_giaddr.s_addr)
406                 printf(", Relay: %@", bootp_data.bootp_reply.bp_giaddr.s_addr);
407         if (arptable[ARP_GATEWAY].ipaddr.s_addr)
408                 printf(", Gateway %@", arptable[ARP_GATEWAY].ipaddr.s_addr);
409 #ifdef  DNS_RESOLVER
410         if (arptable[ARP_NAMESERVER].ipaddr.s_addr)
411                 printf(", Nameserver %@", arptable[ARP_NAMESERVER].ipaddr.s_addr);
412 #endif
413         putchar('\n');
414
415 #ifdef  MDEBUG
416         printf("\n=>>"); getchar();
417 #endif
418
419         /* Now use TFTP to load file */
420 #ifdef  DOWNLOAD_PROTO_NFS
421         rpc_init();
422 #endif
423
424         /* Handle boot filename static and default cases */
425
426         if ( KERNEL_BUF[0] != '\0' ) {
427                 kernel = KERNEL_BUF;
428         } else {
429 #if defined(USE_STATIC_BOOT_INFO) && defined(STATIC_BOOTFILE)
430                 kernel = STATIC_BOOTFILE;
431 #elif defined(DEFAULT_BOOTFILE)
432                 kernel = DEFAULT_BOOTFILE;
433 #else
434                 kernel = NULL;
435 #endif
436         }
437
438         /* Remove .zpxe from filename if it exists */
439
440 #ifdef  ZPXE_SUFFIX_STRIP
441         {
442                 int i = 0;
443                 while (kernel[i++]);
444                 if(i > 5) {
445                         if(kernel[i - 6] == '.' &&
446                            kernel[i - 5] == 'z' &&
447                            kernel[i - 4] == 'p' &&
448                            kernel[i - 3] == 'x' &&
449                            kernel[i - 2] == 'e') {
450                                 printf("Trimming .zpxe extension\n");
451                                 kernel[i - 6] = 0;
452                         }
453                 }
454         }
455 #endif
456
457         if ( kernel ) {
458                 loadkernel(kernel); /* We don't return except on error */
459                 printf("Unable to load file.\n");
460 #ifdef EXIT_ON_FILE_LOAD_ERROR
461                 longjmp(restart_etherboot, 255);
462 #endif
463         } else {
464                 printf("No filename\n");
465         }
466         interruptible_sleep(2);         /* lay off the server for a while */
467         longjmp(restart_etherboot, -1);
468 }
469
470
471 /**************************************************************************
472 DEFAULT_NETMASK - Return default netmask for IP address
473 **************************************************************************/
474 static inline unsigned long default_netmask(void)
475 {
476         int net = ntohl(arptable[ARP_CLIENT].ipaddr.s_addr) >> 24;
477         if (net <= 127)
478                 return(htonl(0xff000000));
479         else if (net < 192)
480                 return(htonl(0xffff0000));
481         else
482                 return(htonl(0xffffff00));
483 }
484
485 /**************************************************************************
486 IP_TRANSMIT - Send an IP datagram
487 **************************************************************************/
488 static int await_arp(int ival, void *ptr,
489         unsigned short ptype, struct iphdr *ip __unused, struct udphdr *udp __unused,
490         struct tcphdr *tcp __unused)
491 {
492         struct  arprequest *arpreply;
493         if (ptype != ETH_P_ARP)
494                 return 0;
495         if (nic.packetlen < ETH_HLEN + sizeof(struct arprequest))
496                 return 0;
497         arpreply = (struct arprequest *)&nic.packet[ETH_HLEN];
498
499         if (arpreply->opcode != htons(ARP_REPLY))
500                 return 0;
501         if (memcmp(arpreply->sipaddr, ptr, sizeof(in_addr)) != 0)
502                 return 0;
503         memcpy(arptable[ival].node, arpreply->shwaddr, ETH_ALEN);
504         return 1;
505 }
506
507 int ip_transmit(int len, const void *buf)
508 {
509         unsigned long destip;
510         struct iphdr *ip;
511         struct arprequest arpreq;
512         int arpentry, i;
513         int retry;
514
515         ip = (struct iphdr *)buf;
516         destip = ip->dest.s_addr;
517         if (destip == IP_BROADCAST) {
518                 eth_transmit(broadcast, ETH_P_IP, len, buf);
519 #ifdef MULTICAST_LEVEL1
520         } else if ((destip & htonl(MULTICAST_MASK)) == htonl(MULTICAST_NETWORK)) {
521                 unsigned char multicast[6];
522                 unsigned long hdestip;
523                 hdestip = ntohl(destip);
524                 multicast[0] = 0x01;
525                 multicast[1] = 0x00;
526                 multicast[2] = 0x5e;
527                 multicast[3] = (hdestip >> 16) & 0x7;
528                 multicast[4] = (hdestip >> 8) & 0xff;
529                 multicast[5] = hdestip & 0xff;
530                 eth_transmit(multicast, ETH_P_IP, len, buf);
531 #endif
532         } else {
533                 if (((destip & netmask) !=
534                         (arptable[ARP_CLIENT].ipaddr.s_addr & netmask)) &&
535                         arptable[ARP_GATEWAY].ipaddr.s_addr)
536                                 destip = arptable[ARP_GATEWAY].ipaddr.s_addr;
537                 for(arpentry = 0; arpentry<MAX_ARP; arpentry++)
538                         if (arptable[arpentry].ipaddr.s_addr == destip) break;
539                 if (arpentry == MAX_ARP) {
540                         printf("%@ is not in my arp table!\n", destip);
541                         return(0);
542                 }
543                 for (i = 0; i < ETH_ALEN; i++)
544                         if (arptable[arpentry].node[i])
545                                 break;
546                 if (i == ETH_ALEN) {    /* Need to do arp request */
547                         arpreq.hwtype = htons(1);
548                         arpreq.protocol = htons(IP);
549                         arpreq.hwlen = ETH_ALEN;
550                         arpreq.protolen = 4;
551                         arpreq.opcode = htons(ARP_REQUEST);
552                         memcpy(arpreq.shwaddr, arptable[ARP_CLIENT].node, ETH_ALEN);
553                         memcpy(arpreq.sipaddr, &arptable[ARP_CLIENT].ipaddr, sizeof(in_addr));
554                         memset(arpreq.thwaddr, 0, ETH_ALEN);
555                         memcpy(arpreq.tipaddr, &destip, sizeof(in_addr));
556                         for (retry = 1; retry <= MAX_ARP_RETRIES; retry++) {
557                                 long timeout;
558                                 eth_transmit(broadcast, ETH_P_ARP, sizeof(arpreq),
559                                         &arpreq);
560                                 timeout = rfc2131_sleep_interval(TIMEOUT, retry);
561                                 if (await_reply(await_arp, arpentry,
562                                         arpreq.tipaddr, timeout)) goto xmit;
563                         }
564                         return(0);
565                 }
566 xmit:
567                 eth_transmit(arptable[arpentry].node, ETH_P_IP, len, buf);
568         }
569         return 1;
570 }
571
572 void build_ip_hdr(unsigned long destip, int ttl, int protocol, int option_len,
573         int len, const void *buf)
574 {
575         struct iphdr *ip;
576         ip = (struct iphdr *)buf;
577         ip->verhdrlen = 0x45;
578         ip->verhdrlen += (option_len/4);
579         ip->service = 0;
580         ip->len = htons(len);
581         ip->ident = 0;
582         ip->frags = 0; /* Should we set don't fragment? */
583         ip->ttl = ttl;
584         ip->protocol = protocol;
585         ip->chksum = 0;
586         ip->src.s_addr = arptable[ARP_CLIENT].ipaddr.s_addr;
587         ip->dest.s_addr = destip;
588         ip->chksum = ipchksum(buf, sizeof(struct iphdr) + option_len);
589 }
590
591 void build_udp_hdr(unsigned long destip,
592         unsigned int srcsock, unsigned int destsock, int ttl,
593         int len, const void *buf)
594 {
595         struct iphdr *ip;
596         struct udphdr *udp;
597         ip = (struct iphdr *)buf;
598         build_ip_hdr(destip, ttl, IP_UDP, 0, len, buf);
599         udp = (struct udphdr *)((char *)buf + sizeof(struct iphdr));
600         udp->src = htons(srcsock);
601         udp->dest = htons(destsock);
602         udp->len = htons(len - sizeof(struct iphdr));
603         udp->chksum = 0;
604         if ((udp->chksum = tcpudpchksum(ip)) == 0)
605                 udp->chksum = 0xffff;
606 }
607
608 #ifdef DOWNLOAD_PROTO_HTTP
609 void build_tcp_hdr(unsigned long destip, unsigned int srcsock,
610                   unsigned int destsock, long send_seq, long recv_seq,
611                   int window, int flags, int ttl, int len, const void *buf)
612 {
613         struct iphdr *ip;
614         struct tcphdr *tcp;
615         ip = (struct iphdr *)buf;
616         build_ip_hdr(destip, ttl, IP_TCP, 0, len, buf);
617         tcp = (struct tcphdr *)(ip + 1);
618         tcp->src = htons(srcsock);
619         tcp->dst = htons(destsock);
620         tcp->seq = htonl(send_seq);
621         tcp->ack = htonl(recv_seq);
622         tcp->ctrl = htons(flags + (5 << 12)); /* No TCP options */
623         tcp->window = htons(window);
624         tcp->chksum = 0;
625         if ((tcp->chksum = tcpudpchksum(ip)) == 0)
626                 tcp->chksum = 0xffff;
627 }
628 #endif
629
630
631 /**************************************************************************
632 UDP_TRANSMIT - Send an UDP datagram
633 **************************************************************************/
634 int udp_transmit(unsigned long destip, unsigned int srcsock,
635         unsigned int destsock, int len, const void *buf)
636 {
637         sport = srcsock;
638         build_udp_hdr(destip, srcsock, destsock, 60, len, buf);
639         return ip_transmit(len, buf);
640 }
641
642 /**************************************************************************
643 TCP_TRANSMIT - Send a TCP packet
644 **************************************************************************/
645 #ifdef DOWNLOAD_PROTO_HTTP
646 int tcp_transmit(unsigned long destip, unsigned int srcsock,
647                 unsigned int destsock, long send_seq, long recv_seq,
648                 int window, int flags, int len, const void *buf)
649 {
650         build_tcp_hdr(destip, srcsock, destsock, send_seq, recv_seq,
651                       window, flags, 60, len, buf);
652         return ip_transmit(len, buf);
653 }
654
655 int tcp_reset(struct iphdr *ip)
656 {
657         struct tcphdr *tcp = (struct tcphdr *)(ip + 1);
658         char buf[sizeof(struct iphdr) + sizeof(struct tcphdr)];
659
660         if (!(tcp->ctrl & htons(RST))) {
661                 long seq = ntohl(tcp->seq) + ntohs(ip->len) -
662                          sizeof(struct iphdr) -
663                          ((ntohs(tcp->ctrl) >> 10) & 0x3C);
664                 if (tcp->ctrl & htons(SYN|FIN))
665                         seq++;
666                 return tcp_transmit(ntohl(ip->src.s_addr),
667                                     ntohs(tcp->dst), ntohs(tcp->src),
668                                     tcp->ctrl&htons(ACK) ? ntohl(tcp->ack) : 0,
669                                     seq, TCP_MAX_WINDOW, RST, sizeof(buf), buf);
670         }
671         return (1);
672 }
673 #endif
674
675 /**************************************************************************
676 QDRAIN - clear the nic's receive queue
677 **************************************************************************/
678 static int await_qdrain(int ival __unused, void *ptr __unused,
679         unsigned short ptype __unused,
680         struct iphdr *ip __unused, struct udphdr *udp __unused,
681         struct tcphdr *tcp __unused)
682 {
683         return 0;
684 }
685
686 void rx_qdrain(void)
687 {
688         /* Clear out the Rx queue first.  It contains nothing of interest,
689          * except possibly ARP requests from the DHCP/TFTP server.  We use
690          * polling throughout Etherboot, so some time may have passed since we
691          * last polled the receive queue, which may now be filled with
692          * broadcast packets.  This will cause the reply to the packets we are
693          * about to send to be lost immediately.  Not very clever.  */
694         await_reply(await_qdrain, 0, NULL, 0);
695 }
696
697 #ifdef  DOWNLOAD_PROTO_TFTP
698 /**************************************************************************
699 TFTP - Download extended BOOTP data, or kernel image
700 **************************************************************************/
701 static int await_tftp(int ival, void *ptr __unused,
702         unsigned short ptype __unused, struct iphdr *ip, struct udphdr *udp,
703         struct tcphdr *tcp __unused)
704 {
705         if (!udp) {
706                 return 0;
707         }
708         if (arptable[ARP_CLIENT].ipaddr.s_addr != ip->dest.s_addr)
709                 return 0;
710         if (ntohs(udp->dest) != ival)
711                 return 0;
712         return 1;
713 }
714
715 int tftp ( const char *name,
716            int (*fnc)(unsigned char *, unsigned int, unsigned int, int) )
717 {
718         struct tftpreq_info_t request_data =
719                 { name, TFTP_PORT, TFTP_MAX_PACKET };
720         struct tftpreq_info_t *request = &request_data;
721         struct tftpblk_info_t block;
722         int rc;
723
724         while ( ( rc = tftp_block ( request, &block ) ) > 0 ) {
725                 request = NULL; /* Send request only once */
726                 rc = fnc ( block.data, block.block, block.len, block.eof );
727                 if ( rc <= 0 ) return (rc);
728                 if ( block.eof ) {
729                         /* fnc should not have returned */
730                         printf ( "TFTP download complete, but\n" );
731                         return ( rc );
732                 }
733         }
734         return ( rc );
735 }
736
737 int tftp_block ( struct tftpreq_info_t *request, struct tftpblk_info_t *block )
738 {
739         static unsigned short lport = 2000; /* local port */
740         static unsigned short rport = TFTP_PORT; /* remote port */
741         struct tftp_t *rcvd = NULL;
742         static struct tftpreq_t xmit;
743         static unsigned short xmitlen = 0;
744         static unsigned short blockidx = 0; /* Last block received */
745         static unsigned short retry = 0; /* Retry attempts on last block */
746         static int blksize = 0;
747         unsigned short recvlen = 0;
748
749         /* If this is a new request (i.e. if name is set), fill in
750          * transmit block with RRQ and send it.
751          */
752         if ( request ) {
753                 rx_qdrain(); /* Flush receive queue */
754                 xmit.opcode = htons(TFTP_RRQ);
755                 xmitlen = (void*)&xmit.u.rrq - (void*)&xmit +
756                         sprintf((char*)xmit.u.rrq, "%s%coctet%cblksize%c%d",
757                                 request->name, 0, 0, 0, request->blksize)
758                         + 1; /* null terminator */
759                 blockidx = 0; /* Reset counters */
760                 retry = 0;
761                 blksize = TFTP_DEFAULTSIZE_PACKET;
762                 lport++; /* Use new local port */
763                 rport = request->port;
764                 if ( !udp_transmit(arptable[ARP_SERVER].ipaddr.s_addr, lport,
765                                    rport, xmitlen, &xmit) )
766                         return (0);
767         }
768         /* Exit if no transfer in progress */
769         if ( !blksize ) return (0);
770         /* Loop to wait until we get a packet we're interested in */
771         block->data = NULL; /* Used as flag */
772         while ( block->data == NULL ) {
773                 long timeout = rfc2131_sleep_interval ( blockidx ? TFTP_REXMT :
774                                                         TIMEOUT, retry );
775                 if ( !await_reply(await_tftp, lport, NULL, timeout) ) {
776                         /* No packet received */
777                         if ( retry++ > MAX_TFTP_RETRIES ) break;
778                         /* Retransmit last packet */
779                         if ( !blockidx ) lport++; /* New lport if new RRQ */
780                         if ( !udp_transmit(arptable[ARP_SERVER].ipaddr.s_addr,
781                                            lport, rport, xmitlen, &xmit) )
782                                 return (0);
783                         continue; /* Back to waiting for packet */
784                 }
785                 /* Packet has been received */
786                 rcvd = (struct tftp_t *)&nic.packet[ETH_HLEN];
787                 recvlen = ntohs(rcvd->udp.len) - sizeof(struct udphdr)
788                         - sizeof(rcvd->opcode);
789                 rport = ntohs(rcvd->udp.src);
790                 retry = 0; /* Reset retry counter */
791                 switch ( htons(rcvd->opcode) ) {
792                 case TFTP_ERROR : {
793                         printf ( "TFTP error %d (%s)\n",
794                                  ntohs(rcvd->u.err.errcode),
795                                  rcvd->u.err.errmsg );
796                         return ( -ntohs ( rcvd->u.err.errcode ) );  /* abort */
797                 }
798                 case TFTP_OACK : {
799                         const char *p = rcvd->u.oack.data;
800                         const char *e = p + recvlen - 10; /* "blksize\0\d\0" */
801
802                         *((char*)(p+recvlen-1)) = '\0'; /* Force final 0 */
803                         if ( blockidx || !request ) break; /* Too late */
804                         if ( recvlen <= TFTP_MAX_PACKET ) /* sanity */ {
805                                 /* Check for blksize option honoured */
806                                 while ( p < e ) {
807                                         if ( strcasecmp("blksize",p) == 0 &&
808                                              p[7] == '\0' ) {
809                                                 blksize = strtoul(p+8,&p,10);
810                                                 p++; /* skip null */
811                                         }
812                                         while ( *(p++) ) {};
813                                 }
814                         }
815                         if ( blksize < TFTP_DEFAULTSIZE_PACKET || blksize > request->blksize ) {
816                                 /* Incorrect blksize - error and abort */
817                                 xmit.opcode = htons(TFTP_ERROR);
818                                 xmit.u.err.errcode = 8;
819                                 xmitlen = (void*)&xmit.u.err.errmsg
820                                         - (void*)&xmit
821                                         + sprintf((char*)xmit.u.err.errmsg,
822                                                   "RFC1782 error")
823                                         + 1;
824                                 udp_transmit(
825                                     arptable[ARP_SERVER].ipaddr.s_addr,
826                                     lport, rport, xmitlen, &xmit);
827                                 return (0);
828                         }
829                 } break;
830                 case TFTP_DATA :
831                         if ( ntohs(rcvd->u.data.block) != (unsigned short)( blockidx + 1 ) )
832                                 break; /* Re-ACK last block sent */
833                         if ( recvlen > ( blksize+sizeof(rcvd->u.data.block) ) )
834                                 break; /* Too large; ignore */
835                         block->data = rcvd->u.data.download;
836                         block->block = ++blockidx;
837                         block->len = recvlen - sizeof(rcvd->u.data.block);
838                         block->eof = ( (unsigned short)block->len < blksize );
839                         /* If EOF, zero blksize to indicate transfer done */
840                         if ( block->eof ) blksize = 0;
841                         break;
842                 default: break; /* Do nothing */
843                 }
844                 /* Send ACK */
845                 xmit.opcode = htons(TFTP_ACK);
846                 xmit.u.ack.block = htons(blockidx);
847                 xmitlen = TFTP_MIN_PACKET;
848                 udp_transmit ( arptable[ARP_SERVER].ipaddr.s_addr,
849                                lport, rport, xmitlen, &xmit );
850         }
851         if ( request && blksize )
852                 request->blksize = blksize;
853         return ( block->data ? 1 : 0 );
854 }
855 #endif  /* DOWNLOAD_PROTO_TFTP */
856
857 #ifdef  USE_STATIC_BOOT_INFO
858 /***************************************************************************
859 get_static_boot_info - construct bootp response from supplied CFLAG values
860 ***************************************************************************/
861 static int get_static_boot_info (void)
862 {
863         in_addr client_addr, server_addr, gateway_addr, netmask_addr;
864
865         inet_aton( STATIC_CLIENT_IP, &client_addr );
866         memcpy ( &arptable[ARP_CLIENT].ipaddr, &client_addr.s_addr, sizeof(in_addr) );
867
868         inet_aton( STATIC_SERVER_IP, &server_addr );
869         memcpy( &arptable[ARP_SERVER].ipaddr, &server_addr.s_addr, sizeof(in_addr) );
870
871         inet_aton( STATIC_GATEWAY_IP, &gateway_addr );
872         memcpy( &arptable[ARP_GATEWAY].ipaddr, &gateway_addr.s_addr, sizeof(in_addr) );
873
874         inet_aton( STATIC_SUBNET_MASK, &netmask_addr );
875         netmask = ntohl( netmask_addr.s_addr );
876
877         bootp_data.bootp_reply.bp_op = BOOTP_REPLY;
878
879         return (1);
880 }
881 #endif
882 #ifdef  RARP_NOT_BOOTP
883
884 /**************************************************************************
885 RARP - Get my IP address and load information
886 **************************************************************************/
887 static int await_rarp(int ival, void *ptr,
888         unsigned short ptype, struct iphdr *ip, struct udphdr *udp,
889         struct tcphdr *tcp __unused)
890 {
891         struct arprequest *arpreply;
892         if (ptype != ETH_P_RARP)
893                 return 0;
894         if (nic.packetlen < ETH_HLEN + sizeof(struct arprequest))
895                 return 0;
896         arpreply = (struct arprequest *)&nic.packet[ETH_HLEN];
897         if (arpreply->opcode != htons(RARP_REPLY))
898                 return 0;
899         if ((arpreply->opcode == htons(RARP_REPLY)) &&
900                 (memcmp(arpreply->thwaddr, ptr, ETH_ALEN) == 0)) {
901                 memcpy(arptable[ARP_SERVER].node, arpreply->shwaddr, ETH_ALEN);
902                 memcpy(&arptable[ARP_SERVER].ipaddr, arpreply->sipaddr, sizeof(in_addr));
903                 memcpy(&arptable[ARP_CLIENT].ipaddr, arpreply->tipaddr, sizeof(in_addr));
904                 return 1;
905         }
906         return 0;
907 }
908
909 static int rarp(void)
910 {
911         int retry;
912
913         /* arp and rarp requests share the same packet structure. */
914         struct arprequest rarpreq;
915
916         memset(&rarpreq, 0, sizeof(rarpreq));
917
918         rarpreq.hwtype = htons(1);
919         rarpreq.protocol = htons(IP);
920         rarpreq.hwlen = ETH_ALEN;
921         rarpreq.protolen = 4;
922         rarpreq.opcode = htons(RARP_REQUEST);
923         memcpy(&rarpreq.shwaddr, arptable[ARP_CLIENT].node, ETH_ALEN);
924         /* sipaddr is already zeroed out */
925         memcpy(&rarpreq.thwaddr, arptable[ARP_CLIENT].node, ETH_ALEN);
926         /* tipaddr is already zeroed out */
927
928         for (retry = 0; retry < MAX_ARP_RETRIES; ++retry) {
929                 long timeout;
930                 eth_transmit(broadcast, ETH_P_RARP, sizeof(rarpreq), &rarpreq);
931
932                 timeout = rfc2131_sleep_interval(TIMEOUT, retry);
933                 if (await_reply(await_rarp, 0, rarpreq.shwaddr, timeout))
934                         break;
935         }
936
937         if (retry < MAX_ARP_RETRIES) {
938                 (void)sprintf(KERNEL_BUF, DEFAULT_KERNELPATH, arptable[ARP_CLIENT].ipaddr);
939
940                 return (1);
941         }
942         return (0);
943 }
944
945 #else
946
947 #ifdef PXE_DHCP_STRICT
948 /**************************************************************************
949 FIND_VCI_PXECLIENT - Looks for "PXEClient" Vendor Class Identifier
950 Upon entry p points after rfc1533_cookie.
951 **************************************************************************/
952 static int find_vci_pxeclient(unsigned char*p)
953 {
954         for (; *p != RFC1533_END; p += TAG_LEN(p) + 2)
955                 if (*p == RFC2132_VENDOR_CLASS_ID)
956                         if (memcmp(p + 2, "PXEClient", 9) == 0)
957                                 return 1;
958         return 0;
959 }
960 #endif
961
962 #ifndef USE_STATIC_BOOT_INFO
963 /**************************************************************************
964 BOOTP - Get my IP address and load information
965 **************************************************************************/
966 static int await_bootp(int ival __unused, void *ptr __unused,
967         unsigned short ptype __unused, struct iphdr *ip __unused,
968         struct udphdr *udp, struct tcphdr *tcp __unused)
969 {
970         struct  bootp_t *bootpreply;
971         if (!udp) {
972                 return 0;
973         }
974         bootpreply = (struct bootp_t *)&nic.packet[ETH_HLEN +
975                 sizeof(struct iphdr) + sizeof(struct udphdr)];
976         if (nic.packetlen < ETH_HLEN + sizeof(struct iphdr) +
977                 sizeof(struct udphdr) +
978 #ifdef NO_DHCP_SUPPORT
979                 sizeof(struct bootp_t)
980 #else
981                 sizeof(struct bootp_t) - DHCP_OPT_LEN
982 #endif  /* NO_DHCP_SUPPORT */
983                 ) {
984                 return 0;
985         }
986         if (udp->dest != htons(sport))
987                 return 0;
988         if (bootpreply->bp_op != BOOTP_REPLY)
989                 return 0;
990         if (bootpreply->bp_xid != xid)
991                 return 0;
992 #ifdef PXE_DHCP_STRICT
993         /* in principle one could check here:
994          *
995          * - DHCPACK
996          * - BOOT_ITEM
997          * - RFC2132_SRV_ID
998          * - UUID
999          */
1000         if (sport == PXE_BOOT_CLIENT) {
1001                 if (!find_vci_pxeclient(bootpreply->bp_vend + sizeof rfc1533_cookie)) {
1002                         return 0;
1003                 }
1004                 /* we only solicited this packet for the options and the bp_file */
1005                 memcpy((char*)&bootp_data, (char*)bootpreply, sizeof(struct bootpd_t));
1006                 memcpy(KERNEL_BUF, bootpreply->bp_file, sizeof(KERNEL_BUF));
1007                 return 1;
1008         }
1009 #endif /* PXE_DHCP_STRICT */
1010         if (memcmp(&bootpreply->bp_siaddr, &zeroIP, sizeof(in_addr)) == 0)
1011                 return 0;
1012         if ((memcmp(broadcast, bootpreply->bp_hwaddr, ETH_ALEN) != 0) &&
1013                 (memcmp(arptable[ARP_CLIENT].node, bootpreply->bp_hwaddr, ETH_ALEN) != 0)) {
1014                 return 0;
1015         }
1016         if ( bootpreply->bp_siaddr.s_addr ) {
1017                 arptable[ARP_SERVER].ipaddr.s_addr = bootpreply->bp_siaddr.s_addr;
1018                 memset(arptable[ARP_SERVER].node, 0, ETH_ALEN); /* Kill arp */
1019         }
1020         if ( bootpreply->bp_giaddr.s_addr ) {
1021                 arptable[ARP_GATEWAY].ipaddr.s_addr = bootpreply->bp_giaddr.s_addr;
1022                 memset(arptable[ARP_GATEWAY].node, 0, ETH_ALEN);        /* Kill arp */
1023         }
1024         if (bootpreply->bp_yiaddr.s_addr) {
1025                 /* Offer with an IP address */
1026                 arptable[ARP_CLIENT].ipaddr.s_addr = bootpreply->bp_yiaddr.s_addr;
1027 #ifndef NO_DHCP_SUPPORT
1028                 dhcp_addr.s_addr = bootpreply->bp_yiaddr.s_addr;
1029 #endif  /* !NO_DHCP_SUPPORT */
1030                 netmask = default_netmask();
1031                 /* bootpreply->bp_file will be copied to KERNEL_BUF in the memcpy */
1032                 memcpy((char *)&bootp_data, (char *)bootpreply, sizeof(struct bootpd_t));
1033                 decode_rfc1533(bootp_data.bootp_reply.bp_vend, 0,
1034 #ifdef  NO_DHCP_SUPPORT
1035                                BOOTP_VENDOR_LEN + MAX_BOOTP_EXTLEN,
1036 #else
1037                                DHCP_OPT_LEN + MAX_BOOTP_EXTLEN,
1038 #endif  /* NO_DHCP_SUPPORT */
1039                                1);
1040 #ifdef PXE_EXPORT
1041         } else {
1042                 /* Offer without an IP address - use as ProxyDHCP server */
1043                 arptable[ARP_PROXYDHCP].ipaddr.s_addr = bootpreply->bp_siaddr.s_addr;
1044                 memset(arptable[ARP_PROXYDHCP].node, 0, ETH_ALEN);      /* Kill arp */
1045                 /* Grab only the bootfile name from a ProxyDHCP packet */
1046                 memcpy(KERNEL_BUF, bootpreply->bp_file, sizeof(KERNEL_BUF));
1047 #endif /* PXE_EXPORT */
1048         }
1049 #ifdef  REQUIRE_VCI_ETHERBOOT
1050         if (!vci_etherboot)
1051                 return (0);
1052 #endif
1053         return(1);
1054 }
1055
1056 static int bootp(void)
1057 {
1058         int retry;
1059 #ifndef NO_DHCP_SUPPORT
1060         int reqretry;
1061 #endif  /* !NO_DHCP_SUPPORT */
1062         struct bootpip_t ip;
1063         unsigned long starttime;
1064         unsigned char *bp_vend;
1065
1066 #ifndef NO_DHCP_SUPPORT
1067         dhcp_machine_info[4] = nic.dev.devid.bus_type;
1068         dhcp_machine_info[5] = nic.dev.devid.vendor_id & 0xff;
1069         dhcp_machine_info[6] = ((nic.dev.devid.vendor_id) >> 8) & 0xff;
1070         dhcp_machine_info[7] = nic.dev.devid.device_id & 0xff;
1071         dhcp_machine_info[8] = ((nic.dev.devid.device_id) >> 8) & 0xff;
1072 #endif  /* !NO_DHCP_SUPPORT */
1073         memset(&ip, 0, sizeof(struct bootpip_t));
1074         ip.bp.bp_op = BOOTP_REQUEST;
1075         ip.bp.bp_htype = 1;
1076         ip.bp.bp_hlen = ETH_ALEN;
1077         starttime = currticks();
1078         /* Use lower 32 bits of node address, more likely to be
1079            distinct than the time since booting */
1080         memcpy(&xid, &arptable[ARP_CLIENT].node[2], sizeof(xid));
1081         ip.bp.bp_xid = xid += htonl(starttime);
1082         memcpy(ip.bp.bp_hwaddr, arptable[ARP_CLIENT].node, ETH_ALEN);
1083 #ifdef  NO_DHCP_SUPPORT
1084         memcpy(ip.bp.bp_vend, rfc1533_cookie, 5); /* request RFC-style options */
1085 #else
1086         memcpy(ip.bp.bp_vend, rfc1533_cookie, sizeof rfc1533_cookie); /* request RFC-style options */
1087         memcpy(ip.bp.bp_vend + sizeof rfc1533_cookie, dhcpdiscover, sizeof dhcpdiscover);
1088         /* Append machine_info to end, in encapsulated option */
1089         bp_vend = ip.bp.bp_vend + sizeof rfc1533_cookie + sizeof dhcpdiscover;
1090         memcpy(bp_vend, dhcp_machine_info, DHCP_MACHINE_INFO_SIZE);
1091         bp_vend += DHCP_MACHINE_INFO_SIZE;
1092         *bp_vend++ = RFC1533_END;
1093 #endif  /* NO_DHCP_SUPPORT */
1094
1095         for (retry = 0; retry < MAX_BOOTP_RETRIES; ) {
1096                 uint8_t my_hwaddr[ETH_ALEN];
1097                 unsigned long stop_time;
1098                 long remaining_time;
1099
1100                 rx_qdrain();
1101
1102                 /* Kill arptable to avoid keeping stale entries */
1103                 memcpy ( my_hwaddr, arptable[ARP_CLIENT].node, ETH_ALEN );
1104                 memset ( arptable, 0, sizeof(arptable) );
1105                 memcpy ( arptable[ARP_CLIENT].node, my_hwaddr, ETH_ALEN );
1106
1107                 udp_transmit(IP_BROADCAST, BOOTP_CLIENT, BOOTP_SERVER,
1108                         sizeof(struct bootpip_t), &ip);
1109                 remaining_time = rfc2131_sleep_interval(BOOTP_TIMEOUT, retry++);
1110                 stop_time = currticks() + remaining_time;
1111 #ifdef PXE_DHCP_STRICT
1112                 num_boot_menu = 0;
1113 #endif /* PXE_DHCP_STRICT */
1114 #ifdef  NO_DHCP_SUPPORT
1115                 if (await_reply(await_bootp, 0, NULL, remaining_time))
1116                         return(1);
1117 #else
1118                 while ( remaining_time > 0 ) {
1119                         /* Collect all DHCP OFFER packets that arrive within
1120                          * the timeout period. This is essential for DHCP
1121                          * setups which rely on the ProxyDHCP feature (such
1122                          * as Microsoft RIS), as otherwise the additional
1123                          * DHCP OFFER is ignored. */
1124                         (void)await_reply(await_bootp, 0, NULL, remaining_time);
1125                         remaining_time = stop_time - currticks();
1126                 }
1127                 if ( ! arptable[ARP_CLIENT].ipaddr.s_addr ) {
1128                         printf("No IP address\n");
1129                         continue;
1130                 }
1131                 /* If not a DHCPOFFER then must be just a BOOTP reply,
1132                  * be backward compatible with BOOTP then */
1133                 if (dhcp_reply != DHCPOFFER)
1134                         return(1);
1135                 dhcp_reply = 0;
1136                 /* Construct the DHCPREQUEST packet */
1137                 memcpy(ip.bp.bp_vend, rfc1533_cookie, sizeof rfc1533_cookie);
1138                 memcpy(ip.bp.bp_vend + sizeof rfc1533_cookie, dhcprequest, sizeof dhcprequest);
1139                 /* Beware: the magic numbers 9 and 15 depend on
1140                    the layout of dhcprequest */
1141                 memcpy(&ip.bp.bp_vend[9], &dhcp_server, sizeof(in_addr));
1142                 memcpy(&ip.bp.bp_vend[15], &dhcp_addr, sizeof(in_addr));
1143                 bp_vend = ip.bp.bp_vend + sizeof rfc1533_cookie + sizeof dhcprequest;
1144                 /* Append machine_info to end, in encapsulated option */
1145                 memcpy(bp_vend, dhcp_machine_info, DHCP_MACHINE_INFO_SIZE);
1146                 bp_vend += DHCP_MACHINE_INFO_SIZE;
1147                 *bp_vend++ = RFC1533_END;
1148                 for (reqretry = 0; reqretry < MAX_BOOTP_RETRIES; ) {
1149                         unsigned long timeout;
1150
1151                         udp_transmit(IP_BROADCAST, BOOTP_CLIENT, BOOTP_SERVER,
1152                                      sizeof(struct bootpip_t), &ip);
1153                         dhcp_reply=0;
1154                         timeout = rfc2131_sleep_interval(TIMEOUT, reqretry++);
1155                         if (!await_reply(await_bootp, 0, NULL, timeout))
1156                                 continue;
1157                         if (dhcp_reply != DHCPACK)
1158                                 continue;
1159                         dhcp_reply = 0;
1160 #ifdef PXE_EXPORT
1161                         if ( arptable[ARP_PROXYDHCP].ipaddr.s_addr ) {
1162 #ifdef PXE_DHCP_STRICT
1163                                 /* boot menu items must not be mixed from different servers */
1164                                 num_boot_menu = 0;
1165 #endif /* PXE_DHCP_STRICT */
1166                                 /* Construct the ProxyDHCPREQUEST packet */
1167                                 memcpy(ip.bp.bp_vend, rfc1533_cookie, sizeof rfc1533_cookie);
1168                                 memcpy(ip.bp.bp_vend + sizeof rfc1533_cookie, proxydhcprequest, sizeof proxydhcprequest);
1169                                 for (reqretry = 0; reqretry < MAX_BOOTP_RETRIES; ) {
1170                                         printf ( "\nSending ProxyDHCP request to %@...", arptable[ARP_PROXYDHCP].ipaddr.s_addr);
1171                                         udp_transmit(arptable[ARP_PROXYDHCP].ipaddr.s_addr, BOOTP_CLIENT, PROXYDHCP_SERVER,
1172                                                      sizeof(struct bootpip_t), &ip);
1173                                         timeout = rfc2131_sleep_interval(TIMEOUT, reqretry++);
1174                                         if (await_reply(await_bootp, 0, NULL, timeout)) {
1175                                                 break;
1176                                         }
1177                                 }
1178                         }
1179 #ifdef PXE_DHCP_STRICT
1180                         if (num_boot_menu) {
1181                                 int i;
1182                                 printf("\nreceived PXE boot menu:\n");
1183                                 for (i = 0; i < num_boot_menu; ++i) {
1184                                         printf("%d %s %@\n", pxe_boot_menu[i].id, pxe_boot_menu[i].text, pxe_boot_menu[i].ip.s_addr);
1185                                 }
1186                                 ip.bp.bp_siaddr.s_addr = zeroIP.s_addr;
1187                                 ip.bp.bp_yiaddr.s_addr = zeroIP.s_addr;
1188                                 ip.bp.bp_ciaddr.s_addr = arptable[ARP_CLIENT].ipaddr.s_addr;
1189                                 memcpy(ip.bp.bp_vend, rfc1533_cookie, sizeof rfc1533_cookie);
1190                                 bp_vend = ip.bp.bp_vend + sizeof rfc1533_cookie;
1191                                 /* for now simply select the first entry */
1192                                 *(uint16_t*)(pxedhcprequest + 7) = htons(pxe_boot_menu[0].id);
1193                                 memcpy(bp_vend, pxedhcprequest, sizeof pxedhcprequest);
1194                                 bp_vend += sizeof pxedhcprequest;
1195                                 *bp_vend = RFC1533_END;
1196                                 for (reqretry = 0; reqretry < MAX_BOOTP_RETRIES; ) {
1197                                         printf("\nselecting boot item [%s] ... ", pxe_boot_menu[0].text);
1198                                         arptable[ARP_SERVER].ipaddr.s_addr = pxe_boot_menu[0].ip.s_addr;
1199                                         memset(&arptable[ARP_SERVER].node, 0, ETH_ALEN);
1200                                         udp_transmit(pxe_boot_menu[0].ip.s_addr, PXE_BOOT_CLIENT,
1201                                                      PXE_BOOT_SERVER, sizeof(struct bootpip_t), &ip);
1202                                         timeout = rfc2131_sleep_interval(TIMEOUT, reqretry++);
1203                                         if (await_reply(await_bootp, 0, NULL, timeout)) {
1204                                                 break;
1205                                         }
1206                                 }
1207                         }
1208 #endif /* PXE_DHCP_STRICT */
1209 #endif /* PXE_EXPORT */
1210                         return(1);
1211                 }
1212 #endif  /* NO_DHCP_SUPPORT */
1213                 ip.bp.bp_secs = htons((currticks()-starttime)/TICKS_PER_SEC);
1214         }
1215         return(0);
1216 }
1217
1218 #endif /* USE_STATIC_BOOT_INFO */
1219
1220 #endif  /* RARP_NOT_BOOTP */
1221
1222 static uint16_t tcpudpchksum(struct iphdr *ip)
1223 {
1224         struct udp_pseudo_hdr pseudo;
1225         uint16_t checksum;
1226
1227         /* Compute the pseudo header */
1228         pseudo.src.s_addr       = ip->src.s_addr;
1229         pseudo.dest.s_addr      = ip->dest.s_addr;
1230         pseudo.unused           = 0;
1231         pseudo.protocol         = ip->protocol;
1232         pseudo.len              = htons(ntohs(ip->len) - sizeof(struct iphdr));
1233
1234         /* Sum the pseudo header */
1235         checksum = ipchksum(&pseudo, 12);
1236
1237         /* Sum the rest of the tcp/udp packet */
1238         checksum = add_ipchksums(12, checksum, ipchksum(ip + 1,
1239                                  ntohs(ip->len) - sizeof(struct iphdr)));
1240         return checksum;
1241 }
1242
1243 #ifdef MULTICAST_LEVEL2
1244 static void send_igmp_reports(unsigned long now)
1245 {
1246         int i;
1247         for(i = 0; i < MAX_IGMP; i++) {
1248                 if (igmptable[i].time && (now >= igmptable[i].time)) {
1249                         struct igmp_ip_t igmp;
1250                         igmp.router_alert[0] = 0x94;
1251                         igmp.router_alert[1] = 0x04;
1252                         igmp.router_alert[2] = 0;
1253                         igmp.router_alert[3] = 0;
1254                         build_ip_hdr(igmptable[i].group.s_addr,
1255                                 1, IP_IGMP, sizeof(igmp.router_alert), sizeof(igmp), &igmp);
1256                         igmp.igmp.type = IGMPv2_REPORT;
1257                         if (last_igmpv1 &&
1258                                 (now < last_igmpv1 + IGMPv1_ROUTER_PRESENT_TIMEOUT)) {
1259                                 igmp.igmp.type = IGMPv1_REPORT;
1260                         }
1261                         igmp.igmp.response_time = 0;
1262                         igmp.igmp.chksum = 0;
1263                         igmp.igmp.group.s_addr = igmptable[i].group.s_addr;
1264                         igmp.igmp.chksum = ipchksum(&igmp.igmp, sizeof(igmp.igmp));
1265                         ip_transmit(sizeof(igmp), &igmp);
1266 #ifdef  MDEBUG
1267                         printf("Sent IGMP report to: %@\n", igmp.igmp.group.s_addr);
1268 #endif
1269                         /* Don't send another igmp report until asked */
1270                         igmptable[i].time = 0;
1271                 }
1272         }
1273 }
1274
1275 static void process_igmp(struct iphdr *ip, unsigned long now)
1276 {
1277         struct igmp *igmp;
1278         int i;
1279         unsigned iplen;
1280         if (!ip || (ip->protocol == IP_IGMP) ||
1281                 (nic.packetlen < sizeof(struct iphdr) + sizeof(struct igmp))) {
1282                 return;
1283         }
1284         iplen = (ip->verhdrlen & 0xf)*4;
1285         igmp = (struct igmp *)&nic.packet[sizeof(struct iphdr)];
1286         if (ipchksum(igmp, ntohs(ip->len) - iplen) != 0)
1287                 return;
1288         if ((igmp->type == IGMP_QUERY) &&
1289                 (ip->dest.s_addr == htonl(GROUP_ALL_HOSTS))) {
1290                 unsigned long interval = IGMP_INTERVAL;
1291                 if (igmp->response_time == 0) {
1292                         last_igmpv1 = now;
1293                 } else {
1294                         interval = (igmp->response_time * TICKS_PER_SEC)/10;
1295                 }
1296
1297 #ifdef  MDEBUG
1298                 printf("Received IGMP query for: %@\n", igmp->group.s_addr);
1299 #endif
1300                 for(i = 0; i < MAX_IGMP; i++) {
1301                         uint32_t group = igmptable[i].group.s_addr;
1302                         if ((group == 0) || (group == igmp->group.s_addr)) {
1303                                 unsigned long time;
1304                                 time = currticks() + rfc1112_sleep_interval(interval, 0);
1305                                 if (time < igmptable[i].time) {
1306                                         igmptable[i].time = time;
1307                                 }
1308                         }
1309                 }
1310         }
1311         if (((igmp->type == IGMPv1_REPORT) || (igmp->type == IGMPv2_REPORT)) &&
1312                 (ip->dest.s_addr == igmp->group.s_addr)) {
1313 #ifdef  MDEBUG
1314                 printf("Received IGMP report for: %@\n", igmp->group.s_addr);
1315 #endif
1316                 for(i = 0; i < MAX_IGMP; i++) {
1317                         if ((igmptable[i].group.s_addr == igmp->group.s_addr) &&
1318                                 igmptable[i].time != 0) {
1319                                 igmptable[i].time = 0;
1320                         }
1321                 }
1322         }
1323 }
1324
1325 void leave_group(int slot)
1326 {
1327         /* Be very stupid and always send a leave group message if
1328          * I have subscribed.  Imperfect but it is standards
1329          * compliant, easy and reliable to implement.
1330          *
1331          * The optimal group leave method is to only send leave when,
1332          * we were the last host to respond to a query on this group,
1333          * and igmpv1 compatibility is not enabled.
1334          */
1335         if (igmptable[slot].group.s_addr) {
1336                 struct igmp_ip_t igmp;
1337                 igmp.router_alert[0] = 0x94;
1338                 igmp.router_alert[1] = 0x04;
1339                 igmp.router_alert[2] = 0;
1340                 igmp.router_alert[3] = 0;
1341                 build_ip_hdr(htonl(GROUP_ALL_HOSTS),
1342                         1, IP_IGMP, sizeof(igmp.router_alert), sizeof(igmp), &igmp);
1343                 igmp.igmp.type = IGMP_LEAVE;
1344                 igmp.igmp.response_time = 0;
1345                 igmp.igmp.chksum = 0;
1346                 igmp.igmp.group.s_addr = igmptable[slot].group.s_addr;
1347                 igmp.igmp.chksum = ipchksum(&igmp.igmp, sizeof(igmp));
1348                 ip_transmit(sizeof(igmp), &igmp);
1349 #ifdef  MDEBUG
1350                 printf("Sent IGMP leave for: %@\n", igmp.igmp.group.s_addr);
1351 #endif
1352         }
1353         memset(&igmptable[slot], 0, sizeof(igmptable[0]));
1354 }
1355
1356 void join_group(int slot, unsigned long group)
1357 {
1358         /* I have already joined */
1359         if (igmptable[slot].group.s_addr == group)
1360                 return;
1361         if (igmptable[slot].group.s_addr) {
1362                 leave_group(slot);
1363         }
1364         /* Only join a group if we are given a multicast ip, this way
1365          * code can be given a non-multicast (broadcast or unicast ip)
1366          * and still work...
1367          */
1368         if ((group & htonl(MULTICAST_MASK)) == htonl(MULTICAST_NETWORK)) {
1369                 igmptable[slot].group.s_addr = group;
1370                 igmptable[slot].time = currticks();
1371         }
1372 }
1373 #else
1374 #define send_igmp_reports(now) do {} while(0)
1375 #define process_igmp(ip, now)  do {} while(0)
1376 #endif
1377
1378 #include "proto_eth_slow.c"
1379
1380 /**************************************************************************
1381 TCP - Simple-minded TCP stack. Can only send data once and then
1382       receive the response. The algorithm for computing window
1383       sizes and delaying ack's is currently broken, and thus
1384       disabled. Performance would probably improve a little, if
1385       this gets fixed. FIXME
1386 **************************************************************************/
1387 #ifdef DOWNLOAD_PROTO_HTTP
1388 static int await_tcp(int ival, void *ptr, unsigned short ptype __unused,
1389                     struct iphdr *ip, struct udphdr *udp __unused,
1390                     struct tcphdr *tcp)
1391 {
1392         if (!tcp) {
1393                 return 0;
1394         }
1395         if (arptable[ARP_CLIENT].ipaddr.s_addr != ip->dest.s_addr)
1396                 return 0;
1397         if (ntohs(tcp->dst) != ival) {
1398                 tcp_reset(ip);
1399                 return 0;
1400         }
1401         *(void **)ptr = tcp;
1402         return 1;
1403 }
1404
1405 int tcp_transaction(unsigned long destip, unsigned int destsock, void *ptr,
1406                    int (*send)(int len, void *buf, void *ptr),
1407                    int (*recv)(int len, const void *buf, void *ptr))
1408 {
1409         static uint16_t srcsock = 0;
1410         int             rc = 1;
1411         long            send_seq = currticks();
1412         long            recv_seq = 0;
1413         int             can_send = 0;
1414         int             sent_all = 0;
1415         struct iphdr    *ip;
1416         struct tcphdr   *tcp;
1417         int             ctrl = SYN;
1418         char            buf[128]; /* Small outgoing buffer */
1419         long            payload;
1420         int             header_size;
1421         int             window = 3*TCP_MIN_WINDOW;
1422         long            last_ack = 0;
1423         long            last_sent = 0;
1424         long            rtt = 0;
1425         long            srtt = 0;
1426         long            rto = TCP_INITIAL_TIMEOUT;
1427         int             retry = TCP_MAX_TIMEOUT/TCP_INITIAL_TIMEOUT;
1428         enum { CLOSED, SYN_RCVD, ESTABLISHED,
1429                FIN_WAIT_1, FIN_WAIT_2 } state = CLOSED;
1430
1431         if (!srcsock) {
1432                 srcsock = currticks();
1433         }
1434         if (++srcsock < 1024)
1435                 srcsock += 1024;
1436
1437         await_reply(await_qdrain, 0, NULL, 0);
1438
1439  send_data:
1440         if (ctrl & ACK)
1441                 last_ack = recv_seq;
1442         if (!tcp_transmit(destip, srcsock, destsock, send_seq,
1443                          recv_seq, window, ctrl,
1444                          sizeof(struct iphdr) + sizeof(struct tcphdr)+
1445                          can_send, buf)) {
1446                 return (0);
1447         }
1448         last_sent = currticks();
1449
1450  recv_data:
1451         if (!await_reply(await_tcp, srcsock, &tcp,
1452                         (state == ESTABLISHED && !can_send)
1453                         ? TCP_MAX_TIMEOUT : rto)) {
1454                 if (state == ESTABLISHED) {
1455  close:
1456                         ctrl = FIN|ACK;
1457                         state = FIN_WAIT_1;
1458                         rc = 0;
1459                         goto send_data;
1460                 }
1461
1462                 if (state == FIN_WAIT_1 || state == FIN_WAIT_2)
1463                         return (rc);
1464
1465                 if (--retry <= 0) {
1466                         /* time out */
1467                         if (state == SYN_RCVD) {
1468                                 tcp_transmit(destip, srcsock, destsock,
1469                                              send_seq, 0, window, RST,
1470                                              sizeof(struct iphdr) +
1471                                              sizeof(struct tcphdr), buf);
1472                         }
1473                         return (0);
1474                 }
1475                 /* retransmit */
1476                 goto send_data;
1477         }
1478  got_data:
1479         retry = TCP_MAX_RETRY;
1480
1481         if (tcp->ctrl & htons(ACK) ) {
1482                 char *data;
1483                 int syn_ack, consumed;
1484
1485                 if (state == FIN_WAIT_1 || state == FIN_WAIT_2) {
1486                         state = FIN_WAIT_2;
1487                         ctrl = ACK;
1488                         goto consume_data;
1489                 }
1490                 syn_ack = state == CLOSED || state == SYN_RCVD;
1491                 consumed = ntohl(tcp->ack) - send_seq - syn_ack;
1492                 if (consumed < 0 || consumed > can_send) {
1493                         tcp_reset((struct iphdr *)&nic.packet[ETH_HLEN]);
1494                         goto recv_data;
1495                 }
1496
1497                 rtt = currticks() - last_sent;
1498                 srtt = !srtt ? rtt : (srtt*4 + rtt)/5;
1499                 rto = srtt + srtt/2;
1500                 if (rto < TCP_MIN_TIMEOUT)
1501                         rto = TCP_MIN_TIMEOUT;
1502                 else if (rto > TCP_MAX_TIMEOUT)
1503                         rto = TCP_MAX_TIMEOUT;
1504
1505                 can_send -= consumed;
1506                 send_seq += consumed + syn_ack;
1507                 data = buf + sizeof(struct iphdr) + sizeof(struct tcphdr);
1508                 if (can_send) {
1509                         memmove(data, data + consumed, can_send);
1510                 }
1511                 if (!sent_all) {
1512                         int more_data;
1513                         data += can_send;
1514                         more_data = buf + sizeof(buf) - data;
1515                         if (more_data > 0) {
1516                                 more_data = send(more_data, data, ptr);
1517                                 can_send += more_data;
1518                         }
1519                         sent_all = !more_data;
1520                 }
1521                 if (state == SYN_RCVD) {
1522                         state = ESTABLISHED;
1523                         ctrl = PSH|ACK;
1524                         goto consume_data;
1525                 }
1526                 if (tcp->ctrl & htons(RST))
1527                         return (0);
1528         } else if (tcp->ctrl & htons(RST)) {
1529                 if (state == CLOSED)
1530                         goto recv_data;
1531                 return (0);
1532         }
1533
1534  consume_data:
1535         ip = (struct iphdr *)&nic.packet[ETH_HLEN];
1536         header_size = sizeof(struct iphdr) + ((ntohs(tcp->ctrl)>>10)&0x3C);
1537         payload = ntohs(ip->len) - header_size;
1538         if (payload > 0 && state == ESTABLISHED) {
1539                 int old_bytes = recv_seq - (long)ntohl(tcp->seq);
1540                 if (old_bytes >= 0 && payload - old_bytes > 0) {
1541                         recv_seq += payload - old_bytes;
1542                         if (state != FIN_WAIT_1 && state != FIN_WAIT_2 &&
1543                             !recv(payload - old_bytes,
1544                                   &nic.packet[ETH_HLEN+header_size+old_bytes],
1545                                   ptr)) {
1546                                 goto close;
1547                         }
1548                         if ((state == ESTABLISHED || state == SYN_RCVD) &&
1549                             !(tcp->ctrl & htons(FIN))) {
1550                                 int in_window = window - 2*TCP_MIN_WINDOW >
1551                                                 recv_seq - last_ack;
1552                                 ctrl = can_send ? PSH|ACK : ACK;
1553                                 if (!can_send && in_window) {
1554 /* Window scaling is broken right now, just fall back to acknowledging every */
1555 /* packet immediately and unconditionally. FIXME */ /***/
1556 /*                                      if (await_reply(await_tcp, srcsock,
1557                                                         &tcp, rto))
1558                                                 goto got_data;
1559                                         else */
1560                                                 goto send_data;
1561                                 }
1562                                 if (!in_window) {
1563                                         window += TCP_MIN_WINDOW;
1564                                         if (window > TCP_MAX_WINDOW)
1565                                                 window = TCP_MAX_WINDOW;
1566                                 }
1567                                 goto send_data;
1568                         }
1569                 } else {
1570                         /* saw old data again, must have lost packets */
1571                         window /= 2;
1572                         if (window < 2*TCP_MIN_WINDOW)
1573                                 window = 2*TCP_MIN_WINDOW;
1574                 }
1575         }
1576
1577         if (tcp->ctrl & htons(FIN)) {
1578                 if (state == ESTABLISHED) {
1579                         ctrl = FIN|ACK;
1580                 } else if (state == FIN_WAIT_1 || state == FIN_WAIT_2) {
1581                         ctrl = ACK;
1582                 } else {
1583                         ctrl = RST;
1584                 }
1585                 return (tcp_transmit(destip, srcsock, destsock,
1586                                      send_seq, recv_seq + 1, window, ctrl,
1587                                      sizeof(struct iphdr) +
1588                                      sizeof(struct tcphdr), buf) &&
1589                         (state == ESTABLISHED ||
1590                          state == FIN_WAIT_1 || state == FIN_WAIT_2) &&
1591                         !can_send);
1592         }
1593
1594         if (state == CLOSED) {
1595                 if (tcp->ctrl & htons(SYN)) {
1596                         recv_seq = ntohl(tcp->seq) + 1;
1597                         if (!(tcp->ctrl & htons(ACK))) {
1598                                 state = SYN_RCVD;
1599                                 ctrl = SYN|ACK|PSH;
1600                                 goto send_data;
1601                         } else {
1602                                 state = ESTABLISHED;
1603                                 ctrl = PSH|ACK;
1604                         }
1605                 }
1606         }
1607
1608         if (can_send || payload) {
1609                 goto send_data;
1610         }
1611         goto recv_data;
1612 }
1613 #endif
1614
1615 /**************************************************************************
1616 AWAIT_REPLY - Wait until we get a response for our request
1617 ************f**************************************************************/
1618 int await_reply(reply_t reply, int ival, void *ptr, long timeout)
1619 {
1620         unsigned long time, now;
1621         struct  iphdr *ip;
1622         unsigned iplen = 0;
1623         struct  udphdr *udp;
1624         struct  tcphdr *tcp;
1625         unsigned short ptype;
1626         int result;
1627
1628         time = timeout + currticks();
1629         /* The timeout check is done below.  The timeout is only checked if
1630          * there is no packet in the Rx queue.  This assumes that eth_poll()
1631          * needs a negligible amount of time.
1632          */
1633         for (;;) {
1634                 now = currticks();
1635                 send_eth_slow_reports(now);
1636                 send_igmp_reports(now);
1637                 result = eth_poll(1);
1638                 if (result == 0) {
1639                         /* We don't have anything */
1640
1641                         /* Check for abort key only if the Rx queue is empty -
1642                          * as long as we have something to process, don't
1643                          * assume that something failed.  It is unlikely that
1644                          * we have no processing time left between packets.  */
1645                         poll_interruptions();
1646                         /* Do the timeout after at least a full queue walk.  */
1647                         if ((timeout == 0) || (currticks() > time)) {
1648                                 break;
1649                         }
1650                         continue;
1651                 }
1652
1653                 /* We have something! */
1654
1655                 /* Find the Ethernet packet type */
1656                 if (nic.packetlen >= ETH_HLEN) {
1657                         ptype = ((unsigned short) nic.packet[12]) << 8
1658                                 | ((unsigned short) nic.packet[13]);
1659                 } else continue; /* what else could we do with it? */
1660                 /* Verify an IP header */
1661                 ip = 0;
1662                 if ((ptype == ETH_P_IP) && (nic.packetlen >= ETH_HLEN + sizeof(struct iphdr))) {
1663                         unsigned ipoptlen;
1664                         ip = (struct iphdr *)&nic.packet[ETH_HLEN];
1665                         if ((ip->verhdrlen < 0x45) || (ip->verhdrlen > 0x4F))
1666                                 continue;
1667                         iplen = (ip->verhdrlen & 0xf) * 4;
1668                         if (ipchksum(ip, iplen) != 0)
1669                                 continue;
1670                         if (ip->frags & htons(0x3FFF)) {
1671                                 static int warned_fragmentation = 0;
1672                                 if (!warned_fragmentation) {
1673                                         printf("ALERT: got a fragmented packet - reconfigure your server\n");
1674                                         warned_fragmentation = 1;
1675                                 }
1676                                 continue;
1677                         }
1678                         if (ntohs(ip->len) > ETH_MAX_MTU)
1679                                 continue;
1680
1681                         ipoptlen = iplen - sizeof(struct iphdr);
1682                         if (ipoptlen) {
1683                                 /* Delete the ip options, to guarantee
1684                                  * good alignment, and make etherboot simpler.
1685                                  */
1686                                 memmove(&nic.packet[ETH_HLEN + sizeof(struct iphdr)],
1687                                         &nic.packet[ETH_HLEN + iplen],
1688                                         nic.packetlen - ipoptlen);
1689                                 nic.packetlen -= ipoptlen;
1690                         }
1691                 }
1692                 udp = 0;
1693                 if (ip && (ip->protocol == IP_UDP) &&
1694                         (nic.packetlen >=
1695                         ETH_HLEN + sizeof(struct iphdr) + sizeof(struct udphdr))) {
1696                         udp = (struct udphdr *)&nic.packet[ETH_HLEN + sizeof(struct iphdr)];
1697
1698                         /* Make certain we have a reasonable packet length */
1699                         if (ntohs(udp->len) > (ntohs(ip->len) - iplen))
1700                                 continue;
1701
1702                         if (udp->chksum && tcpudpchksum(ip)) {
1703                                 printf("UDP checksum error\n");
1704                                 continue;
1705                         }
1706                 }
1707                 tcp = 0;
1708 #ifdef DOWNLOAD_PROTO_HTTP
1709                 if (ip && (ip->protocol == IP_TCP) &&
1710                     (nic.packetlen >=
1711                      ETH_HLEN + sizeof(struct iphdr) + sizeof(struct tcphdr))){
1712                         tcp = (struct tcphdr *)&nic.packet[ETH_HLEN +
1713                                                          sizeof(struct iphdr)];
1714                         /* Make certain we have a reasonable packet length */
1715                         if (((ntohs(tcp->ctrl) >> 10) & 0x3C) >
1716                             ntohs(ip->len) - (int)iplen)
1717                                 continue;
1718                         if (tcpudpchksum(ip)) {
1719                                 printf("TCP checksum error\n");
1720                                 continue;
1721                         }
1722
1723                 }
1724 #endif
1725                 result = reply(ival, ptr, ptype, ip, udp, tcp);
1726                 if (result > 0) {
1727                         return result;
1728                 }
1729
1730                 /* If it isn't a packet the upper layer wants see if there is a default
1731                  * action.  This allows us reply to arp, igmp, and lacp queries.
1732                  */
1733                 if ((ptype == ETH_P_ARP) &&
1734                         (nic.packetlen >= ETH_HLEN + sizeof(struct arprequest))) {
1735                         struct  arprequest *arpreply;
1736                         unsigned long tmp;
1737
1738                         arpreply = (struct arprequest *)&nic.packet[ETH_HLEN];
1739                         memcpy(&tmp, arpreply->tipaddr, sizeof(in_addr));
1740                         if ((arpreply->opcode == htons(ARP_REQUEST)) &&
1741                                 (tmp == arptable[ARP_CLIENT].ipaddr.s_addr)) {
1742                                 arpreply->opcode = htons(ARP_REPLY);
1743                                 memcpy(arpreply->tipaddr, arpreply->sipaddr, sizeof(in_addr));
1744                                 memcpy(arpreply->thwaddr, arpreply->shwaddr, ETH_ALEN);
1745                                 memcpy(arpreply->sipaddr, &arptable[ARP_CLIENT].ipaddr, sizeof(in_addr));
1746                                 memcpy(arpreply->shwaddr, arptable[ARP_CLIENT].node, ETH_ALEN);
1747                                 eth_transmit(arpreply->thwaddr, ETH_P_ARP,
1748                                         sizeof(struct arprequest),
1749                                         arpreply);
1750 #ifdef  MDEBUG
1751                                 memcpy(&tmp, arpreply->tipaddr, sizeof(in_addr));
1752                                 printf("Sent ARP reply to: %@\n",tmp);
1753 #endif  /* MDEBUG */
1754                         }
1755                 }
1756                 process_eth_slow(ptype, now);
1757                 process_igmp(ip, now);
1758         }
1759         return(0);
1760 }
1761
1762 #ifdef  REQUIRE_VCI_ETHERBOOT
1763 /**************************************************************************
1764 FIND_VCI_ETHERBOOT - Looks for "Etherboot" in Vendor Encapsulated Identifiers
1765 On entry p points to byte count of VCI options
1766 **************************************************************************/
1767 static int find_vci_etherboot(unsigned char *p)
1768 {
1769         unsigned char   *end = p + 1 + *p;
1770
1771         for (p++; p < end; ) {
1772                 if (*p == RFC2132_VENDOR_CLASS_ID) {
1773                         if (strncmp("Etherboot", p + 2, sizeof("Etherboot") - 1) == 0)
1774                                 return (1);
1775                 } else if (*p == RFC1533_END)
1776                         return (0);
1777                 p += TAG_LEN(p) + 2;
1778         }
1779         return (0);
1780 }
1781 #endif  /* REQUIRE_VCI_ETHERBOOT */
1782
1783 #ifdef PXE_DHCP_STRICT
1784 /**************************************************************************
1785 DECODE_PXE_BOOT_SERVERS - Decodes the IP addresses of boot servers
1786 **************************************************************************/
1787 static void decode_pxe_boot_servers(unsigned char*p)
1788 {
1789         unsigned short item = ntohs(*(unsigned short*)p);
1790         unsigned char i;
1791
1792         for (i = 0; i < num_boot_menu; ++i) {
1793                 if (pxe_boot_menu[i].id == item)
1794                         break;
1795         }
1796         if (i == MAX_BOOT_MENU) return;
1797         if (i == num_boot_menu) {
1798                 ++num_boot_menu;
1799                 pxe_boot_menu[i].id = item;
1800         }
1801         memcpy(&pxe_boot_menu[i].ip, p + 3, sizeof(in_addr));
1802 }
1803
1804 /**************************************************************************
1805 DECODE_PXE_BOOT_MENU - Decodes the boot menu items
1806 **************************************************************************/
1807 static void decode_pxe_boot_menu(unsigned char*p)
1808 {
1809         unsigned short item = ntohs(*(unsigned short*)p);
1810         unsigned char i, size;
1811
1812         for (i = 0; i < num_boot_menu; ++i) {
1813                 if (pxe_boot_menu[i].id == item)
1814                         break;
1815         }
1816         if (i == MAX_BOOT_MENU) return;
1817         if (i == num_boot_menu) {
1818                 ++num_boot_menu;
1819                 pxe_boot_menu[i].id = item;
1820         }
1821         memset(pxe_boot_menu[i].text, 0, sizeof(pxe_boot_menu[i].text));
1822         size = p[2];
1823         if (size > MAX_BOOT_ENTRY_LENGTH)
1824                 size = MAX_BOOT_ENTRY_LENGTH;
1825         memcpy(pxe_boot_menu[i].text, p + 3, size);
1826 }
1827 #endif /* PXE_DHCP_STRICT */
1828
1829 #if 0
1830 static void dump(unsigned char*p, unsigned char len)
1831 {
1832         unsigned char*end = p+len;
1833         printf("\n");
1834         while (p<end) {
1835                 printf("%hhX ",*p);
1836                 ++p;
1837         }
1838 }
1839 #endif
1840
1841 /**************************************************************************
1842 DECODE_RFC1533 - Decodes RFC1533 header
1843 **************************************************************************/
1844 int decode_rfc1533(unsigned char *p, unsigned int block, unsigned int len, int eof)
1845 {
1846         static unsigned char    *extdata = NULL, *extend = NULL;
1847         unsigned char           *extpath = NULL;
1848         unsigned char           *endp;
1849         static unsigned char    in_encapsulated_options = 0;
1850 #ifdef PXE_DHCP_STRICT
1851         static unsigned char    in_pxe_encapsulated_options = 0;
1852         unsigned char           pxeclient;
1853 #endif
1854
1855         if (eof == -1) {
1856                 /* Encapsulated option block */
1857                 endp = p + len;
1858         }
1859         else if (block == 0) {
1860 #ifdef  REQUIRE_VCI_ETHERBOOT
1861                 vci_etherboot = 0;
1862 #endif
1863                 end_of_rfc1533 = NULL;
1864 #ifdef  IMAGE_FREEBSD
1865                 /* yes this is a pain FreeBSD uses this for swap, however,
1866                    there are cases when you don't want swap and then
1867                    you want this set to get the extra features so lets
1868                    just set if dealing with FreeBSD.  I haven't run into
1869                    any troubles with this but I have without it
1870                 */
1871                 vendorext_isvalid = 1;
1872 #ifdef FREEBSD_KERNEL_ENV
1873                 memcpy(freebsd_kernel_env, FREEBSD_KERNEL_ENV,
1874                        sizeof(FREEBSD_KERNEL_ENV));
1875                 /* FREEBSD_KERNEL_ENV had better be a string constant */
1876 #else
1877                 freebsd_kernel_env[0]='\0';
1878 #endif
1879 #else
1880                 vendorext_isvalid = 0;
1881 #endif
1882                 addparam = NULL;
1883                 addparamlen = 0;
1884                 if (memcmp(p, rfc1533_cookie, 4))
1885                         return(0); /* no RFC 1533 header found */
1886                 p += 4;
1887                 endp = p + len;
1888         } else {
1889                 if (block == 1) {
1890                         if (memcmp(p, rfc1533_cookie, 4))
1891                                 return(0); /* no RFC 1533 header found */
1892                         p += 4;
1893                         len -= 4; }
1894                 if (extend + len <= (unsigned char *)&(bootp_data.bootp_extension[MAX_BOOTP_EXTLEN])) {
1895                         memcpy(extend, p, len);
1896                         extend += len;
1897                 } else {
1898                         printf("Overflow in vendor data buffer! Aborting...\n");
1899                         *extdata = RFC1533_END;
1900                         return(0);
1901                 }
1902                 p = extdata; endp = extend;
1903         }
1904         if (!eof)
1905                 return 1;
1906 #ifdef PXE_DHCP_STRICT
1907         pxeclient = find_vci_pxeclient(p);
1908 #endif
1909         while (p < endp) {
1910                 unsigned char c = *p;
1911                 if (c == RFC1533_PAD) {
1912                         p++;
1913                         continue;
1914                 }
1915                 else if (c == RFC1533_END) {
1916                         end_of_rfc1533 = endp = p;
1917                         continue;
1918                 }
1919                 else if (NON_ENCAP_OPT c == RFC1533_NETMASK)
1920                         memcpy(&netmask, p+2, sizeof(in_addr));
1921                 else if (NON_ENCAP_OPT c == RFC1533_GATEWAY) {
1922                         /* This is a little simplistic, but it will
1923                            usually be sufficient.
1924                            Take only the first entry */
1925                         if (TAG_LEN(p) >= sizeof(in_addr))
1926                                 memcpy(&arptable[ARP_GATEWAY].ipaddr, p+2, sizeof(in_addr));
1927                 }
1928                 else if (c == RFC1533_EXTENSIONPATH)
1929                         extpath = p;
1930 #ifndef NO_DHCP_SUPPORT
1931 #ifdef  REQUIRE_VCI_ETHERBOOT
1932                 else if (NON_ENCAP_OPT c == RFC1533_VENDOR) {
1933                         vci_etherboot = find_vci_etherboot(p+1);
1934 #ifdef  MDEBUG
1935                         printf("vci_etherboot %d\n", vci_etherboot);
1936 #endif
1937                 }
1938 #endif  /* REQUIRE_VCI_ETHERBOOT */
1939                 else if (NON_ENCAP_OPT c == RFC2132_MSG_TYPE)
1940                         dhcp_reply=*(p+2);
1941                 else if (NON_ENCAP_OPT c == RFC2132_SRV_ID)
1942                         memcpy(&dhcp_server, p+2, sizeof(in_addr));
1943 #endif  /* !NO_DHCP_SUPPORT */
1944                 else if (NON_ENCAP_OPT c == RFC1533_HOSTNAME) {
1945                         hostname = p + 2;
1946                         hostnamelen = *(p + 1);
1947                 }
1948 #ifdef PXE_DHCP_STRICT
1949                 else if (PXE_ENCAP_OPT c == PXE_BOOT_SERVERS) {
1950                         unsigned char *q = p + 2;
1951                         unsigned char *end = q + TAG_LEN(p);
1952                         while (q < end) {
1953                                 decode_pxe_boot_servers(q);
1954                                 q += q[2] * 4 + 3;
1955                         }
1956                 }
1957                 else if (PXE_ENCAP_OPT c == PXE_BOOT_MENU) {
1958                         unsigned char *q = p + 2;
1959                         unsigned char *end = q + TAG_LEN(p);
1960                         while (q < end) {
1961                                 decode_pxe_boot_menu(q);
1962                                 q += q[2] + 3;
1963                         }
1964                 }
1965                 else if (NON_ENCAP_OPT c == RFC1533_VENDOR && pxeclient) {
1966                         in_pxe_encapsulated_options = 1;
1967                         decode_rfc1533(p+2, 0, TAG_LEN(p), -1);
1968                         in_pxe_encapsulated_options = 0;
1969                 }
1970 #endif /* PXE_DHCP_STRICT */
1971                 else if (ENCAP_OPT c == RFC1533_VENDOR_MAGIC
1972                          && TAG_LEN(p) >= 6 &&
1973                           !memcmp(p+2,vendorext_magic,4) &&
1974                           p[6] == RFC1533_VENDOR_MAJOR
1975                         )
1976                         vendorext_isvalid++;
1977                 else if (c == RFC1533_VENDOR_ADDPARM) {
1978                         /* This tag intentionally works for BOTH the encapsulated and
1979                          * non-encapsulated case, since the current menu code (in mknbi)
1980                          * creates this tag without encapsulation.  In the future both the
1981                          * menu from mknbi and this code should learn about the proper
1982                          * encapsulation (which will require substantial changes to various
1983                          * stuff from mknbi, which will break compatibility with older
1984                          * versions of Etherboot).  */
1985                         addparam = p + 2;
1986                         addparamlen = *(p + 1);
1987                 }
1988                 else if (NON_ENCAP_OPT c == RFC1533_VENDOR_ETHERBOOT_ENCAP) {
1989                         in_encapsulated_options = 1;
1990                         decode_rfc1533(p+2, 0, TAG_LEN(p), -1);
1991                         in_encapsulated_options = 0;
1992                 }
1993 #ifdef  IMAGE_FREEBSD
1994                 else if (NON_ENCAP_OPT c == RFC1533_VENDOR_HOWTO)
1995                         freebsd_howto = ((p[2]*256+p[3])*256+p[4])*256+p[5];
1996                 else if (NON_ENCAP_OPT c == RFC1533_VENDOR_KERNEL_ENV){
1997                         if(*(p + 1) < sizeof(freebsd_kernel_env)){
1998                                 memcpy(freebsd_kernel_env,p+2,*(p+1));
1999                         }else{
2000                                 printf("Only support %ld bytes in Kernel Env\n",
2001                                         sizeof(freebsd_kernel_env));
2002                         }
2003                 }
2004 #endif
2005 #ifdef  DNS_RESOLVER
2006                 else if (NON_ENCAP_OPT c == RFC1533_DNS) {
2007                         // TODO: Copy the DNS IP somewhere reasonable
2008                         if (TAG_LEN(p) >= sizeof(in_addr))
2009                                 memcpy(&arptable[ARP_NAMESERVER].ipaddr, p+2, sizeof(in_addr));
2010                 }
2011 #endif
2012                 else {
2013 #if 0
2014                         unsigned char *q;
2015                         printf("Unknown RFC1533-tag ");
2016                         for(q=p;q<p+2+TAG_LEN(p);q++)
2017                                 printf("%hhX ",*q);
2018                         putchar('\n');
2019 #endif
2020                 }
2021                 p += TAG_LEN(p) + 2;
2022         }
2023         extdata = extend = endp;
2024         if (block <= 0 && extpath != NULL) {
2025                 char fname[64];
2026                 memcpy(fname, extpath+2, TAG_LEN(extpath));
2027                 fname[(int)TAG_LEN(extpath)] = '\0';
2028                 printf("Loading BOOTP-extension file: %s\n",fname);
2029                 tftp(fname, decode_rfc1533);
2030         }
2031         return 1;       /* proceed with next block */
2032 }
2033
2034
2035 /* FIXME double check TWO_SECOND_DIVISOR */
2036 #define TWO_SECOND_DIVISOR (RAND_MAX/TICKS_PER_SEC)
2037 /**************************************************************************
2038 RFC2131_SLEEP_INTERVAL - sleep for expotentially longer times (base << exp) +- 1 sec)
2039 **************************************************************************/
2040 long rfc2131_sleep_interval(long base, int exp)
2041 {
2042         unsigned long tmo;
2043 #ifdef BACKOFF_LIMIT
2044         if (exp > BACKOFF_LIMIT)
2045                 exp = BACKOFF_LIMIT;
2046 #endif
2047         tmo = (base << exp) + (TICKS_PER_SEC - (random()/TWO_SECOND_DIVISOR));
2048         return tmo;
2049 }
2050
2051 #ifdef MULTICAST_LEVEL2
2052 /**************************************************************************
2053 RFC1112_SLEEP_INTERVAL - sleep for expotentially longer times, up to (base << exp)
2054 **************************************************************************/
2055 long rfc1112_sleep_interval(long base, int exp)
2056 {
2057         unsigned long divisor, tmo;
2058 #ifdef BACKOFF_LIMIT
2059         if (exp > BACKOFF_LIMIT)
2060                 exp = BACKOFF_LIMIT;
2061 #endif
2062         divisor = RAND_MAX/(base << exp);
2063         tmo = random()/divisor;
2064         return tmo;
2065 }
2066 #endif /* MULTICAST_LEVEL_2 */