PPP: use mbed TLS sanitize functions if available

mbed TLS offers sanitize functions to zero-ise memory containing
cryptographic keys, use them if built with external mbed TLS library.

PPP: add a function map for hashes and ciphers to prepare for mbed TLS support

Unfortunately, all functions were renamed when PolarSSL was renamed to
mbed TLS, breaking the API. In order to continue supporting our embedded
PolarSSL copy while allowing our users to use mbed TLS, we need a function
map to deal with the API break.

This commit add a function map for all hashes and ciphers we are currently
using.

Work on task #13907 PPP cleanups: Move PPP options from opt.h to dedicated ppp_opts.h file

PPP: more const fixes

PPP: fix constness in PPP related files (GCC -Wcast-qual)

Signed-off-by: Dirk Ziegelmeier <dirk@ziegelmeier.net>

PPP, magic, using magic_random_bytes() for CHAP/MSCHAP/EAP instead of for-loop byte where possible

PPP, magic, renamed random_bytes() to magic_random_bytes() for API coherency

PPP, MSCHAP, fixed compiler warnings if MPPE support is disabled

PPP, MPPE, reworked MPPE debug, using ppp_pcb metadata

PPP, MSCHAP, CCP, MPPE: reworked key passing from CCP to MPPE

Removed mutiple copies of keys by pre-setting MPPE keys during MSCHAP
negotiation.

Improved MPPE init so we don't need to pass a buffer formatted in a
special way to MPPE, this is necessary for pppd to talk to the kernel,
we don't need that here.

PPP, MSCHAP, merged mppe_set_keys() to Set_Start_Key(), merged mppe_set_keys2() to SetMasterKeys()

PPP, MSCHAP: ensure magic tables are not copied and initialized on stack

PPP, MSCHAP, MPPE: shared identical mppe_sha1_pad* between MSCHAP and MPPE

PPP, MSCHAP, reworked local functions and constants

MSCHAP was written the old-way, with all functions declared non static in
header, independent of their local or global scope status. Same for local
constants. Reworked in a more mordern way.

PPP, MPPE, moved MPPE global variables from MSCHAP to ppp_pcb

PPP, CHAP, reworked to pass ppp_pcb pointer to CHAP childs (MD5, MSCHAP, MSCHAPv2)

We are going to need ppp_pcb* in MSCHAP and MSCHAPv2 for MPPE for
int mppe_keys_set, u_char mppe_send_key and u_char mppe_recv_key
which are currently global variable which must be moved to ppp_pcb.

PPP, CCP, added missing defines from linux/ppp-comp.h to ccp.h

PPP, MPPE, replaced #ifdef MPPE to #if MPPE_SUPPORT

PPP, CCP, various fix if MPPE is enabled

PPP, replaced drand48() with magic_pow()

PPP, added const modifier on auth strings

PPP, fixed some compiler warnings

Using -Wall -pedantic -Wparentheses -Wsequence-point
-Wswitch-default -Wextra -Wundef -Wshadow -Wpointer-arith
-Wbad-function-cast -Wc++-compat -Wwrite-strings -Wold-style-definition
-Wmissing-prototypes -Wredundant-decls -Wnested-externs -Wno-address

fixed bug #43235, cleared compiler warnings when using gcc with -Wextra option

PPP, switched chap_digests linked list to a const table in .rodata/flash, saving about 100 bytes in .data segment if chap(md5) and mschap is enabled

PPP, changed all the code enclosed between PPP_SERVER #if macro to our PPP PCB structure, making it easier to support PPP server in the future

PPP, renamed all functions using common names in utils.c that can conflict with lwIP user code during link operation

Moved PPP headers into include/netif/ppp/, fixing bug #37040.

prevent conflict with existing (md4|md5|sha1|des) object file if polarssl is already used elsewhere in the project

EAP is now using ppp_pcb as well

removed malloc() from ms chap

PPP server support is now optional (disabled by default, not working until PPP have a "listen" support)

cleaned depreacted __P() and __V() macros, removed the legacy varargs.h header

ppp_impl.h is back!

removed all system headers except the strict minimum

removed pppd.h and ppp.c, renamed pppmy.c to ppp.c and pppmy.h to ppp.h

pppd.h disabled, renamed MAX() to LWIP_MAX()

added pppmy.h in all .c files to easily find conflicts

MSCHAP is now an optional compile-time feature

replaced BCOPY to lwip-MEMCPY

disabled almost all PPP options strings and support as well as useless file-based auth code

fixed MS-CHAP and MS-CHAP-V2, MD4 polarssl uses bytes as input length, not bits

Revert "Revert "Added PolarSSL DES library, which is necessary for MSCHAP.""

This reverts commit a820f32ec936a1a699ef76adb3fa8ea0915fc152.

Revert "Revert "Replaced md4/md5/sha1 implementations to PolarSSL ones""

This reverts commit ca2fd867b8e6b92ab4338c504e5b9567ab76e414.

Revert "Removed all stuff requiring encryption."

This reverts commit c268c5e07c046eb2cb8e5798a1f3eba7e0ad13c1.

Conflicts:

src/netif/ppp/auth.c
src/netif/ppp/ppp.c
src/netif/ppp/pppmy.c
src/netif/ppp/pppmy.h

Removed all stuff requiring encryption.

OpenBSD DES require more than 70 kB of static memory.

The GNU libcrypt DES, for information, require more than 131 kB,
so this is probably the case with all non memory optimised DES.

PolarSSL only required 132 bytes of stack with some kB of .rodata
precomputed tables :-)

I personally don't need MS CHAP v1 or MS CHAP v2, and that was not
supported in the previous PPP port, so there is no regression,
I feel comfortable about removing those hard to port stuff.

If someone want to do the MS CHAP port, he first have to find or
do a small memory footprint DES implementation.

Revert "Replaced md4/md5/sha1 implementations to PolarSSL ones"

This reverts commit aa2656cb9e8f6cdd7921fc36d5e00060065058a4.

Licence issue, we cannot include GPLed source code.

Revert "modified auth_reset() so that we can choose which auth we want"

This reverts commit bf10a27db89eb64a50df40a173b2d012b47586e3.

Licence issue, we cannot include GPLed source code.

Revert "Added PolarSSL DES library, which is necessary for MSCHAP."

This reverts commit de70b710af43942130690e9225b32b02cea279aa.

Licence issue, we cannot include GPLed source code.

Added PolarSSL DES library, which is necessary for MSCHAP.

Added a README about our PolarSSL included files, clarifying what we did.

Removed crypt(), -lcrypt ( setkey() / encrypt() ) dependencies.

modified auth_reset() so that we can choose which auth we want

also fixed MS-CHAP and MS-CHAP-V2, MD4 polarssl uses bytes as input
length, not bits

Replaced md4/md5/sha1 implementations to PolarSSL ones

Using cleaned PolarSSL md4/md5/sha1 implementations, without changing the API,
so that lwIP users already doing SSL or using PolarSSL don't need to compile
md4/md5/sha1 twice.

Added to that, we need a DES library for MSCHAP, and PolarSSL provided
a DES support.

And finally, PolarSSL is outstanding :-)

Early development stage of an attempt to port PPPd 2.4.5 to lwIP.

PPPoE works, PPPoS code is not ported at all.

I am using the RP-PPPoE server to do my tests using the following
configuration:

$ cat /etc/ppp/pppoe-server-options
debug
login
lcp-echo-interval 10
lcp-echo-failure 10
ms-dns 192.168.4.130
ms-dns 192.168.4.231
netmask 255.255.255.0
defaultroute
noipdefault
usepeerdns

$ cat /etc/ppp/allip
192.168.4.1-200

$ pppoe-server -C isp -L 192.168.4.254 -p /etc/ppp/allip -I tap0

Plus the usual auth-lines in /etc/ppp/pap-secrets and
/etc/ppp/chap-secrets .

And the unix port minimal "echo" project slightly modified to use
the "tcpip" API, so with threads, which I am going to commit with
NO_SYS as a -Dmacro.

It still use some of the linux'ism, such as syslog() and crypt(),

I do not want to drop the syslog() supports at the moment, this is
pretty useful to debug, and we may just convert the way the syslog() is
done to provide a trace feature to our PPP users, as a compile-time
option.