From 98008cb1ab5d16391ddcb6a4106bc49f3f0c5f24 Mon Sep 17 00:00:00 2001
From: Sylvain Rochet <gradator@gradator.net>
Date: Fri, 15 Jun 2018 14:05:06 +0200
Subject: [PATCH] PPP, PPPoL2TP: use expected peer NS instead of current peer
 NS

We never use the current peer NS value but always the next expected peer
NS value (current value plus one).

Signed-off-by: Sylvain Rochet <gradator@gradator.net>
---
 src/include/netif/ppp/pppol2tp.h |  2 +-
 src/netif/ppp/pppol2tp.c         | 18 +++++++++---------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/include/netif/ppp/pppol2tp.h b/src/include/netif/ppp/pppol2tp.h
index f03950e6..6c241b77 100644
--- a/src/include/netif/ppp/pppol2tp.h
+++ b/src/include/netif/ppp/pppol2tp.h
@@ -179,7 +179,7 @@ struct pppol2tp_pcb_s {
   u16_t tunnel_port;           /* Tunnel port */
   u16_t our_ns;                /* NS to peer */
   u16_t peer_nr;               /* NR from peer */
-  u16_t peer_ns;               /* NS from peer */
+  u16_t peer_ns;               /* Expected NS from peer */
   u16_t source_tunnel_id;      /* Tunnel ID assigned by peer */
   u16_t remote_tunnel_id;      /* Tunnel ID assigned to peer */
   u16_t source_session_id;     /* Session ID assigned by peer */
diff --git a/src/netif/ppp/pppol2tp.c b/src/netif/ppp/pppol2tp.c
index c786875a..1df2f105 100644
--- a/src/netif/ppp/pppol2tp.c
+++ b/src/netif/ppp/pppol2tp.c
@@ -268,7 +268,7 @@ static void pppol2tp_connect(ppp_pcb *ppp, void *ctx) {
   l2tp->tunnel_port = l2tp->remote_port;
   l2tp->our_ns = 0;
   l2tp->peer_nr = 0;
-  l2tp->peer_ns = ~0; /* First expected packet is 0 */
+  l2tp->peer_ns = 0;
   l2tp->source_tunnel_id = 0;
   l2tp->remote_tunnel_id = 0;
   l2tp->source_session_id = 0;
@@ -496,8 +496,8 @@ static void pppol2tp_dispatch_control_packet(pppol2tp_pcb *l2tp, u16_t port, str
   /* printf("L2TP CTRL INPUT, ns=%d, nr=%d, len=%d\n", ns, nr, p->len); */
 
   /* Drop unexpected packet */
-  if (ns != (u16_t)(l2tp->peer_ns+1)) {
-    PPPDEBUG(LOG_DEBUG, ("pppol2tp: drop unexpected packet: received NS=%d, expected NS=%d\n", ns, l2tp->peer_ns+1));
+  if (ns != l2tp->peer_ns) {
+    PPPDEBUG(LOG_DEBUG, ("pppol2tp: drop unexpected packet: received NS=%d, expected NS=%d\n", ns, l2tp->peer_ns));
     /*
      * The RFC says we must send a ZLB ack for duplicate packets but preventing an endless
      * ZLB packets loop came out wayyyy more complicated than just dropping the packet.
@@ -518,7 +518,7 @@ static void pppol2tp_dispatch_control_packet(pppol2tp_pcb *l2tp, u16_t port, str
     return;
   }
   /* A ZLB packet does not consume a NS slot thus we don't record the NS value for ZLB packets */
-  l2tp->peer_ns = ns;
+  l2tp->peer_ns = ns+1;
 
   p = pbuf_coalesce(p, PBUF_RAW);
   inp = (u8_t*)p->payload;
@@ -922,7 +922,7 @@ static err_t pppol2tp_send_scccn(pppol2tp_pcb *l2tp, u16_t ns) {
   PUTSHORT(l2tp->source_tunnel_id, p); /* Tunnel Id */
   PUTSHORT(0, p); /* Session Id */
   PUTSHORT(ns, p); /* NS Sequence number - to peer */
-  PUTSHORT(l2tp->peer_ns+1, p); /* NR Sequence number - expected for peer */
+  PUTSHORT(l2tp->peer_ns, p); /* NR Sequence number - expected for peer */
 
   /* AVP - Message type */
   PUTSHORT(PPPOL2TP_AVPHEADERFLAG_MANDATORY + 8, p); /* Mandatory flag + len field */
@@ -969,7 +969,7 @@ static err_t pppol2tp_send_icrq(pppol2tp_pcb *l2tp, u16_t ns) {
   PUTSHORT(l2tp->source_tunnel_id, p); /* Tunnel Id */
   PUTSHORT(0, p); /* Session Id */
   PUTSHORT(ns, p); /* NS Sequence number - to peer */
-  PUTSHORT(l2tp->peer_ns+1, p); /* NR Sequence number - expected for peer */
+  PUTSHORT(l2tp->peer_ns, p); /* NR Sequence number - expected for peer */
 
   /* AVP - Message type */
   PUTSHORT(PPPOL2TP_AVPHEADERFLAG_MANDATORY + 8, p); /* Mandatory flag + len field */
@@ -1017,7 +1017,7 @@ static err_t pppol2tp_send_iccn(pppol2tp_pcb *l2tp, u16_t ns) {
   PUTSHORT(l2tp->source_tunnel_id, p); /* Tunnel Id */
   PUTSHORT(l2tp->source_session_id, p); /* Session Id */
   PUTSHORT(ns, p); /* NS Sequence number - to peer */
-  PUTSHORT(l2tp->peer_ns+1, p); /* NR Sequence number - expected for peer */
+  PUTSHORT(l2tp->peer_ns, p); /* NR Sequence number - expected for peer */
 
   /* AVP - Message type */
   PUTSHORT(PPPOL2TP_AVPHEADERFLAG_MANDATORY + 8, p); /* Mandatory flag + len field */
@@ -1064,7 +1064,7 @@ static err_t pppol2tp_send_zlb(pppol2tp_pcb *l2tp, u16_t ns) {
   PUTSHORT(l2tp->source_tunnel_id, p); /* Tunnel Id */
   PUTSHORT(0, p); /* Session Id */
   PUTSHORT(ns, p); /* NS Sequence number - to peer */
-  PUTSHORT(l2tp->peer_ns+1, p); /* NR Sequence number - expected for peer */
+  PUTSHORT(l2tp->peer_ns, p); /* NR Sequence number - expected for peer */
 
   return pppol2tp_udp_send(l2tp, pb);
 }
@@ -1093,7 +1093,7 @@ static err_t pppol2tp_send_stopccn(pppol2tp_pcb *l2tp, u16_t ns) {
   PUTSHORT(l2tp->source_tunnel_id, p); /* Tunnel Id */
   PUTSHORT(0, p); /* Session Id */
   PUTSHORT(ns, p); /* NS Sequence number - to peer */
-  PUTSHORT(l2tp->peer_ns+1, p); /* NR Sequence number - expected for peer */
+  PUTSHORT(l2tp->peer_ns, p); /* NR Sequence number - expected for peer */
 
   /* AVP - Message type */
   PUTSHORT(PPPOL2TP_AVPHEADERFLAG_MANDATORY + 8, p); /* Mandatory flag + len field */