1/* 2 * ccp.c - PPP Compression Control Protocol. 3 * 4 * Copyright (c) 1994-2002 Paul Mackerras. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in 15 * the documentation and/or other materials provided with the 16 * distribution. 17 * 18 * 3. The name(s) of the authors of this software must not be used to 19 * endorse or promote products derived from this software without 20 * prior written permission. 21 * 22 * 4. Redistributions of any form whatsoever must retain the following 23 * acknowledgment: 24 * "This product includes software developed by Paul Mackerras 25 * <paulus@samba.org>". 26 * 27 * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO 28 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 29 * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY 30 * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 31 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 32 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 33 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 34 */ 35 36#define RCSID "$Id: ccp.c,v 1.1.1.1 2008/10/15 03:30:45 james26_jang Exp $" 37 38#include <stdlib.h> 39#include <string.h> 40 41#include "pppd.h" 42#include "fsm.h" 43#include "ccp.h" 44#include <net/ppp-comp.h> 45 46#ifdef MPPE 47#include "chap_ms.h" /* mppe_xxxx_key, mppe_keys_set */ 48#include "lcp.h" /* lcp_close(), lcp_fsm */ 49#endif 50 51static const char rcsid[] = RCSID; 52 53/* 54 * Unfortunately there is a bug in zlib which means that using a 55 * size of 8 (window size = 256) for Deflate compression will cause 56 * buffer overruns and kernel crashes in the deflate module. 57 * Until this is fixed we only accept sizes in the range 9 .. 15. 58 * Thanks to James Carlson for pointing this out. 59 */ 60#define DEFLATE_MIN_WORKS 9 61 62/* 63 * Command-line options. 64 */ 65static int setbsdcomp __P((char **)); 66static int setdeflate __P((char **)); 67static char bsd_value[8]; 68static char deflate_value[8]; 69 70static option_t ccp_option_list[] = { 71 { "noccp", o_bool, &ccp_protent.enabled_flag, 72 "Disable CCP negotiation" }, 73 { "-ccp", o_bool, &ccp_protent.enabled_flag, 74 "Disable CCP negotiation", OPT_ALIAS }, 75 76 { "bsdcomp", o_special, (void *)setbsdcomp, 77 "Request BSD-Compress packet compression", 78 OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, bsd_value }, 79 { "nobsdcomp", o_bool, &ccp_wantoptions[0].bsd_compress, 80 "don't allow BSD-Compress", OPT_PRIOSUB | OPT_A2CLR, 81 &ccp_allowoptions[0].bsd_compress }, 82 { "-bsdcomp", o_bool, &ccp_wantoptions[0].bsd_compress, 83 "don't allow BSD-Compress", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 84 &ccp_allowoptions[0].bsd_compress }, 85 86 { "deflate", o_special, (void *)setdeflate, 87 "request Deflate compression", 88 OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, deflate_value }, 89 { "nodeflate", o_bool, &ccp_wantoptions[0].deflate, 90 "don't allow Deflate compression", OPT_PRIOSUB | OPT_A2CLR, 91 &ccp_allowoptions[0].deflate }, 92 { "-deflate", o_bool, &ccp_wantoptions[0].deflate, 93 "don't allow Deflate compression", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 94 &ccp_allowoptions[0].deflate }, 95 96 { "nodeflatedraft", o_bool, &ccp_wantoptions[0].deflate_draft, 97 "don't use draft deflate #", OPT_A2COPY, 98 &ccp_allowoptions[0].deflate_draft }, 99 100 { "predictor1", o_bool, &ccp_wantoptions[0].predictor_1, 101 "request Predictor-1", OPT_PRIO | 1 }, 102 { "nopredictor1", o_bool, &ccp_wantoptions[0].predictor_1, 103 "don't allow Predictor-1", OPT_PRIOSUB | OPT_A2CLR, 104 &ccp_allowoptions[0].predictor_1 }, 105 { "-predictor1", o_bool, &ccp_wantoptions[0].predictor_1, 106 "don't allow Predictor-1", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 107 &ccp_allowoptions[0].predictor_1 }, 108 109 { "lzs", o_bool, &ccp_wantoptions[0].lzs, 110 "request Stac LZS", 1, &ccp_allowoptions[0].lzs, OPT_PRIO }, 111 { "+lzs", o_bool, &ccp_wantoptions[0].lzs, 112 "request Stac LZS", 1, &ccp_allowoptions[0].lzs, OPT_ALIAS | OPT_PRIO }, 113 { "nolzs", o_bool, &ccp_wantoptions[0].lzs, 114 "don't allow Stac LZS", OPT_PRIOSUB | OPT_A2CLR, 115 &ccp_allowoptions[0].lzs }, 116 { "-lzs", o_bool, &ccp_wantoptions[0].lzs, 117 "don't allow Stac LZS", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 118 &ccp_allowoptions[0].lzs }, 119 120#ifdef MPPE 121 { "mppc", o_bool, &ccp_wantoptions[0].mppc, 122 "request MPPC compression", 1, &ccp_allowoptions[0].mppc, OPT_PRIO }, 123 { "+mppc", o_bool, &ccp_wantoptions[0].mppc, 124 "request MPPC compression", 1, &ccp_allowoptions[0].mppc, 125 OPT_ALIAS | OPT_PRIO }, 126 { "nomppc", o_bool, &ccp_wantoptions[0].mppc, 127 "don't allow MPPC compression", OPT_PRIOSUB | OPT_A2CLR, 128 &ccp_allowoptions[0].mppc }, 129 { "-mppc", o_bool, &ccp_wantoptions[0].mppc, 130 "don't allow MPPC compression", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 131 &ccp_allowoptions[0].mppc }, 132 133 { "require-mppe", o_bool, &ccp_wantoptions[0].mppe, 134 "require MPPE encryption", 1, &ccp_allowoptions[0].mppe, OPT_PRIO }, 135 { "+mppe", o_bool, &ccp_wantoptions[0].mppe, 136 "require MPPE encryption", 1, &ccp_allowoptions[0].mppe, 137 OPT_ALIAS | OPT_PRIO }, 138 { "nomppe", o_bool, &ccp_wantoptions[0].mppe, 139 "don't allow MPPE encryption", OPT_PRIOSUB | OPT_A2CLR, 140 &ccp_allowoptions[0].mppe }, 141 { "-mppe", o_bool, &ccp_wantoptions[0].mppe, 142 "don't allow MPPE encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 143 &ccp_allowoptions[0].mppe }, 144 145 { "require-mppe-40", o_bool, &ccp_wantoptions[0].mppe_40, 146 "require MPPE 40-bit encryption", 1, &ccp_allowoptions[0].mppe_40, 147 OPT_PRIO }, 148 { "+mppe-40", o_bool, &ccp_wantoptions[0].mppe_40, 149 "require MPPE 40-bit encryption", 1, &ccp_allowoptions[0].mppe_40, 150 OPT_ALIAS | OPT_PRIO }, 151 { "nomppe-40", o_bool, &ccp_wantoptions[0].mppe_40, 152 "don't allow MPPE 40-bit encryption", OPT_PRIOSUB | OPT_A2CLR, 153 &ccp_allowoptions[0].mppe_40 }, 154 { "-mppe-40", o_bool, &ccp_wantoptions[0].mppe_40, 155 "don't allow MPPE 40-bit encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 156 &ccp_allowoptions[0].mppe_40 }, 157 158 { "require-mppe-56", o_bool, &ccp_wantoptions[0].mppe_56, 159 "require MPPE 56-bit encryption", 1, &ccp_allowoptions[0].mppe_56, 160 OPT_PRIO }, 161 { "+mppe-56", o_bool, &ccp_wantoptions[0].mppe_56, 162 "require MPPE 56-bit encryption", 1, &ccp_allowoptions[0].mppe_56, 163 OPT_ALIAS | OPT_PRIO }, 164 { "nomppe-56", o_bool, &ccp_wantoptions[0].mppe_56, 165 "don't allow MPPE 56-bit encryption", OPT_PRIOSUB | OPT_A2CLR, 166 &ccp_allowoptions[0].mppe_56 }, 167 { "-mppe-56", o_bool, &ccp_wantoptions[0].mppe_56, 168 "don't allow MPPE 56-bit encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 169 &ccp_allowoptions[0].mppe_56 }, 170 171 { "require-mppe-128", o_bool, &ccp_wantoptions[0].mppe_128, 172 "require MPPE 128-bit encryption", 1, &ccp_allowoptions[0].mppe_128, 173 OPT_PRIO }, 174 { "+mppe-128", o_bool, &ccp_wantoptions[0].mppe_128, 175 "require MPPE 128-bit encryption", 1, &ccp_allowoptions[0].mppe_128, 176 OPT_ALIAS | OPT_PRIO }, 177 { "nomppe-128", o_bool, &ccp_wantoptions[0].mppe_40, 178 "don't allow MPPE 128-bit encryption", OPT_PRIOSUB | OPT_A2CLR, 179 &ccp_allowoptions[0].mppe_128 }, 180 { "-mppe-128", o_bool, &ccp_wantoptions[0].mppe_128, 181 "don't allow MPPE 128-bit encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 182 &ccp_allowoptions[0].mppe_128 }, 183 184 { "nomppe-stateful", o_bool, &ccp_wantoptions[0].mppe_stateless, 185 "disallow MPPE stateful mode", 1, &ccp_allowoptions[0].mppe_stateless, 186 OPT_PRIO }, 187 { "mppe-stateful", o_bool, &ccp_wantoptions[0].mppe_stateless, 188 "allow MPPE stateful mode", OPT_PRIOSUB | OPT_A2CLR, 189 &ccp_allowoptions[0].mppe_stateless }, 190#endif /* MPPE */ 191 192 { NULL } 193}; 194 195/* 196 * Protocol entry points from main code. 197 */ 198static void ccp_init __P((int unit)); 199static void ccp_open __P((int unit)); 200static void ccp_close __P((int unit, char *)); 201static void ccp_lowerup __P((int unit)); 202static void ccp_lowerdown __P((int)); 203static void ccp_input __P((int unit, u_char *pkt, int len)); 204static void ccp_protrej __P((int unit)); 205static int ccp_printpkt __P((u_char *pkt, int len, 206 void (*printer) __P((void *, char *, ...)), 207 void *arg)); 208static void ccp_datainput __P((int unit, u_char *pkt, int len)); 209 210struct protent ccp_protent = { 211 PPP_CCP, 212 ccp_init, 213 ccp_input, 214 ccp_protrej, 215 ccp_lowerup, 216 ccp_lowerdown, 217 ccp_open, 218 ccp_close, 219 ccp_printpkt, 220 ccp_datainput, 221 1, 222 "CCP", 223 "Compressed", 224 ccp_option_list, 225 NULL, 226 NULL, 227 NULL 228}; 229 230fsm ccp_fsm[NUM_PPP]; 231ccp_options ccp_wantoptions[NUM_PPP]; /* what to request the peer to use */ 232ccp_options ccp_gotoptions[NUM_PPP]; /* what the peer agreed to do */ 233ccp_options ccp_allowoptions[NUM_PPP]; /* what we'll agree to do */ 234ccp_options ccp_hisoptions[NUM_PPP]; /* what we agreed to do */ 235 236/* 237 * Callbacks for fsm code. 238 */ 239static void ccp_resetci __P((fsm *)); 240static int ccp_cilen __P((fsm *)); 241static void ccp_addci __P((fsm *, u_char *, int *)); 242static int ccp_ackci __P((fsm *, u_char *, int)); 243static int ccp_nakci __P((fsm *, u_char *, int)); 244static int ccp_rejci __P((fsm *, u_char *, int)); 245static int ccp_reqci __P((fsm *, u_char *, int *, int)); 246static void ccp_up __P((fsm *)); 247static void ccp_down __P((fsm *)); 248static int ccp_extcode __P((fsm *, int, int, u_char *, int)); 249static void ccp_rack_timeout __P((void *)); 250static char *method_name __P((ccp_options *, ccp_options *)); 251 252static fsm_callbacks ccp_callbacks = { 253 ccp_resetci, 254 ccp_cilen, 255 ccp_addci, 256 ccp_ackci, 257 ccp_nakci, 258 ccp_rejci, 259 ccp_reqci, 260 ccp_up, 261 ccp_down, 262 NULL, 263 NULL, 264 NULL, 265 NULL, 266 ccp_extcode, 267 "CCP" 268}; 269 270/* 271 * Do we want / did we get any compression? 272 */ 273#define ANY_COMPRESS(opt) ((opt).deflate || (opt).bsd_compress \ 274 || (opt).predictor_1 || (opt).predictor_2 \ 275 || (opt).lzs || (opt).mppc || (opt).mppe) 276 277/* 278 * Local state (mainly for handling reset-reqs and reset-acks). 279 */ 280static int ccp_localstate[NUM_PPP]; 281#define RACK_PENDING 1 /* waiting for reset-ack */ 282#define RREQ_REPEAT 2 /* send another reset-req if no reset-ack */ 283 284#define RACKTIMEOUT 1 /* second */ 285 286static int all_rejected[NUM_PPP]; /* we rejected all peer's options */ 287 288/* 289 * Option parsing. 290 */ 291static int 292setbsdcomp(argv) 293 char **argv; 294{ 295 int rbits, abits; 296 char *str, *endp; 297 298 str = *argv; 299 abits = rbits = strtol(str, &endp, 0); 300 if (endp != str && *endp == ',') { 301 str = endp + 1; 302 abits = strtol(str, &endp, 0); 303 } 304 if (*endp != 0 || endp == str) { 305 option_error("invalid parameter '%s' for bsdcomp option", *argv); 306 return 0; 307 } 308 if ((rbits != 0 && (rbits < BSD_MIN_BITS || rbits > BSD_MAX_BITS)) 309 || (abits != 0 && (abits < BSD_MIN_BITS || abits > BSD_MAX_BITS))) { 310 option_error("bsdcomp option values must be 0 or %d .. %d", 311 BSD_MIN_BITS, BSD_MAX_BITS); 312 return 0; 313 } 314 if (rbits > 0) { 315 ccp_wantoptions[0].bsd_compress = 1; 316 ccp_wantoptions[0].bsd_bits = rbits; 317 } else 318 ccp_wantoptions[0].bsd_compress = 0; 319 if (abits > 0) { 320 ccp_allowoptions[0].bsd_compress = 1; 321 ccp_allowoptions[0].bsd_bits = abits; 322 } else 323 ccp_allowoptions[0].bsd_compress = 0; 324 slprintf(bsd_value, sizeof(bsd_value), 325 rbits == abits? "%d": "%d,%d", rbits, abits); 326 327 return 1; 328} 329 330static int 331setdeflate(argv) 332 char **argv; 333{ 334 int rbits, abits; 335 char *str, *endp; 336 337 str = *argv; 338 abits = rbits = strtol(str, &endp, 0); 339 if (endp != str && *endp == ',') { 340 str = endp + 1; 341 abits = strtol(str, &endp, 0); 342 } 343 if (*endp != 0 || endp == str) { 344 option_error("invalid parameter '%s' for deflate option", *argv); 345 return 0; 346 } 347 if ((rbits != 0 && (rbits < DEFLATE_MIN_SIZE || rbits > DEFLATE_MAX_SIZE)) 348 || (abits != 0 && (abits < DEFLATE_MIN_SIZE 349 || abits > DEFLATE_MAX_SIZE))) { 350 option_error("deflate option values must be 0 or %d .. %d", 351 DEFLATE_MIN_SIZE, DEFLATE_MAX_SIZE); 352 return 0; 353 } 354 if (rbits == DEFLATE_MIN_SIZE || abits == DEFLATE_MIN_SIZE) { 355 if (rbits == DEFLATE_MIN_SIZE) 356 rbits = DEFLATE_MIN_WORKS; 357 if (abits == DEFLATE_MIN_SIZE) 358 abits = DEFLATE_MIN_WORKS; 359 warn("deflate option value of %d changed to %d to avoid zlib bug", 360 DEFLATE_MIN_SIZE, DEFLATE_MIN_WORKS); 361 } 362 if (rbits > 0) { 363 ccp_wantoptions[0].deflate = 1; 364 ccp_wantoptions[0].deflate_size = rbits; 365 } else 366 ccp_wantoptions[0].deflate = 0; 367 if (abits > 0) { 368 ccp_allowoptions[0].deflate = 1; 369 ccp_allowoptions[0].deflate_size = abits; 370 } else 371 ccp_allowoptions[0].deflate = 0; 372 slprintf(deflate_value, sizeof(deflate_value), 373 rbits == abits? "%d": "%d,%d", rbits, abits); 374 375 return 1; 376} 377 378/* 379 * ccp_init - initialize CCP. 380 */ 381static void 382ccp_init(unit) 383 int unit; 384{ 385 fsm *f = &ccp_fsm[unit]; 386 387 f->unit = unit; 388 f->protocol = PPP_CCP; 389 f->callbacks = &ccp_callbacks; 390 fsm_init(f); 391 392 memset(&ccp_wantoptions[unit], 0, sizeof(ccp_options)); 393 memset(&ccp_gotoptions[unit], 0, sizeof(ccp_options)); 394 memset(&ccp_allowoptions[unit], 0, sizeof(ccp_options)); 395 memset(&ccp_hisoptions[unit], 0, sizeof(ccp_options)); 396 397 ccp_wantoptions[0].deflate = 1; 398 ccp_wantoptions[0].deflate_size = DEFLATE_MAX_SIZE; 399 ccp_wantoptions[0].deflate_correct = 1; 400 ccp_wantoptions[0].deflate_draft = 1; 401 ccp_allowoptions[0].deflate = 1; 402 ccp_allowoptions[0].deflate_size = DEFLATE_MAX_SIZE; 403 ccp_allowoptions[0].deflate_correct = 1; 404 ccp_allowoptions[0].deflate_draft = 1; 405 406 ccp_wantoptions[0].bsd_compress = 1; 407 ccp_wantoptions[0].bsd_bits = BSD_MAX_BITS; 408 ccp_allowoptions[0].bsd_compress = 1; 409 ccp_allowoptions[0].bsd_bits = BSD_MAX_BITS; 410 411 ccp_allowoptions[0].predictor_1 = 1; 412 413 ccp_wantoptions[0].lzs = 0; /* Stac LZS - will be enabled in the future */ 414 ccp_wantoptions[0].lzs_mode = LZS_MODE_SEQ; 415 ccp_wantoptions[0].lzs_hists = 1; 416 ccp_allowoptions[0].lzs = 0; /* Stac LZS - will be enabled in the future */ 417 ccp_allowoptions[0].lzs_mode = LZS_MODE_SEQ; 418 ccp_allowoptions[0].lzs_hists = 1; 419 420#ifdef MPPE 421 /* by default allow and request MPPC... */ 422 ccp_wantoptions[0].mppc = ccp_allowoptions[0].mppc = 1; 423 424 /* ... and allow but don't request MPPE */ 425 ccp_allowoptions[0].mppe = 1; 426 ccp_allowoptions[0].mppe_40 = 1; 427 ccp_allowoptions[0].mppe_56 = 1; 428 ccp_allowoptions[0].mppe_128 = 1; 429 ccp_allowoptions[0].mppe_stateless = 1; 430 ccp_wantoptions[0].mppe = 0; 431 ccp_wantoptions[0].mppe_40 = 0; 432 ccp_wantoptions[0].mppe_56 = 0; 433 ccp_wantoptions[0].mppe_128 = 0; 434 ccp_wantoptions[0].mppe_stateless = 0; 435#endif /* MPPE */ 436} 437 438/* 439 * ccp_open - CCP is allowed to come up. 440 */ 441static void 442ccp_open(unit) 443 int unit; 444{ 445 fsm *f = &ccp_fsm[unit]; 446 447 if (f->state != OPENED) 448 ccp_flags_set(unit, 1, 0); 449 450 /* 451 * Find out which compressors the kernel supports before 452 * deciding whether to open in silent mode. 453 */ 454 ccp_resetci(f); 455 if (!ANY_COMPRESS(ccp_gotoptions[unit])) 456 f->flags |= OPT_SILENT; 457 458 fsm_open(f); 459} 460 461/* 462 * ccp_close - Terminate CCP. 463 */ 464static void 465ccp_close(unit, reason) 466 int unit; 467 char *reason; 468{ 469 ccp_flags_set(unit, 0, 0); 470 fsm_close(&ccp_fsm[unit], reason); 471} 472 473/* 474 * ccp_lowerup - we may now transmit CCP packets. 475 */ 476static void 477ccp_lowerup(unit) 478 int unit; 479{ 480 fsm_lowerup(&ccp_fsm[unit]); 481} 482 483/* 484 * ccp_lowerdown - we may not transmit CCP packets. 485 */ 486static void 487ccp_lowerdown(unit) 488 int unit; 489{ 490 fsm_lowerdown(&ccp_fsm[unit]); 491} 492 493/* 494 * ccp_input - process a received CCP packet. 495 */ 496static void 497ccp_input(unit, p, len) 498 int unit; 499 u_char *p; 500 int len; 501{ 502 fsm *f = &ccp_fsm[unit]; 503 int oldstate; 504 505 /* 506 * Check for a terminate-request so we can print a message. 507 */ 508 oldstate = f->state; 509 fsm_input(f, p, len); 510 if (oldstate == OPENED && p[0] == TERMREQ && f->state != OPENED) { 511 notice("Compression disabled by peer."); 512#ifdef MPPE 513 if (ccp_wantoptions[unit].mppe) { 514 error("MPPE disabled, closing LCP"); 515 lcp_close(unit, "MPPE disabled by peer"); 516 } 517#endif /* MPPE */ 518 } 519 520 /* 521 * If we get a terminate-ack and we're not asking for compression, 522 * close CCP. 523 */ 524 if (oldstate == REQSENT && p[0] == TERMACK 525 && !ANY_COMPRESS(ccp_gotoptions[unit])) 526 ccp_close(unit, "No compression negotiated"); 527} 528 529/* 530 * Handle a CCP-specific code. 531 */ 532static int 533ccp_extcode(f, code, id, p, len) 534 fsm *f; 535 int code, id; 536 u_char *p; 537 int len; 538{ 539 switch (code) { 540 case CCP_RESETREQ: 541 if (f->state != OPENED) 542 break; 543 /* send a reset-ack, which the transmitter will see and 544 reset its compression state. */ 545 546 /* In case of MPPE/MPPC or LZS we shouldn't send CCP_RESETACK, 547 but we do it in order to reset compressor; CCP_RESETACK is 548 then silently discarded. See functions ppp_send_frame and 549 ppp_ccp_peek in ppp_generic.c (Linux only !!!). All the 550 confusion is caused by the fact that CCP code is splited 551 into two parts - one part is handled by pppd, the other one 552 is handled by kernel. */ 553 554 fsm_sdata(f, CCP_RESETACK, id, NULL, 0); 555 break; 556 557 case CCP_RESETACK: 558 if (ccp_localstate[f->unit] & RACK_PENDING && id == f->reqid) { 559 ccp_localstate[f->unit] &= ~(RACK_PENDING | RREQ_REPEAT); 560 UNTIMEOUT(ccp_rack_timeout, f); 561 } 562 break; 563 564 default: 565 return 0; 566 } 567 568 return 1; 569} 570 571/* 572 * ccp_protrej - peer doesn't talk CCP. 573 */ 574static void 575ccp_protrej(unit) 576 int unit; 577{ 578 ccp_flags_set(unit, 0, 0); 579 fsm_lowerdown(&ccp_fsm[unit]); 580 581#ifdef MPPE 582 if (ccp_wantoptions[unit].mppe) { 583 error("MPPE required but peer negotiation failed"); 584 lcp_close(unit, "MPPE required but peer negotiation failed"); 585 } 586#endif /* MPPE */ 587} 588 589/* 590 * ccp_resetci - initialize at start of negotiation. 591 */ 592static void 593ccp_resetci(f) 594 fsm *f; 595{ 596 ccp_options *go = &ccp_gotoptions[f->unit]; 597 u_char opt_buf[CCP_MAX_OPTION_LENGTH]; 598 599 *go = ccp_wantoptions[f->unit]; 600 all_rejected[f->unit] = 0; 601 602#ifdef MPPE 603 if (go->mppe || go->mppc) { 604 ccp_options *ao = &ccp_allowoptions[f->unit]; 605 int auth_mschap_bits = auth_done[f->unit]; 606 int numbits; 607 608 /* 609 * Start with a basic sanity check: mschap[v2] auth must be in 610 * exactly one direction. RFC 3079 says that the keys are 611 * 'derived from the credentials of the peer that initiated the call', 612 * however the PPP protocol doesn't have such a concept, and pppd 613 * cannot get this info externally. Instead we do the best we can. 614 * NB: If MPPE is required, all other compression opts are invalid. 615 * So, we return right away if we can't do it. 616 */ 617 if (ccp_wantoptions[f->unit].mppe) { 618 /* Leave only the mschap auth bits set */ 619 auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER | 620 CHAP_MS2_WITHPEER | CHAP_MS2_PEER); 621 /* Count the mschap auths */ 622 auth_mschap_bits >>= CHAP_MS_SHIFT; 623 numbits = 0; 624 do { 625 numbits += auth_mschap_bits & 1; 626 auth_mschap_bits >>= 1; 627 } while (auth_mschap_bits); 628 if (numbits > 1) { 629 error("MPPE required, but auth done in both directions."); 630 lcp_close(f->unit, "MPPE required but not available"); 631 return; 632 } 633 if (!numbits) { 634 error("MPPE required, but MS-CHAP[v2] auth not performed."); 635 lcp_close(f->unit, "MPPE required but not available"); 636 return; 637 } 638 639 /* A plugin (eg radius) may not have obtained key material. */ 640 if (!mppe_keys_set) { 641 error("MPPE required, but keys are not available. " 642 "Possible plugin problem?"); 643 lcp_close(f->unit, "MPPE required but not available"); 644 return; 645 } 646 } 647 648 /* 649 * Check whether the kernel knows about the various 650 * compression methods we might request. Key material 651 * unimportant here. 652 */ 653 if (go->mppc) { 654 opt_buf[0] = CI_MPPE; 655 opt_buf[1] = CILEN_MPPE; 656 opt_buf[2] = 0; 657 opt_buf[3] = 0; 658 opt_buf[4] = 0; 659 opt_buf[5] = MPPE_MPPC; 660 if (ccp_test(f->unit, opt_buf, CILEN_MPPE, 0) <= 0) 661 go->mppc = 0; 662 } 663 if (go->mppe_40) { 664 opt_buf[0] = CI_MPPE; 665 opt_buf[1] = CILEN_MPPE; 666 opt_buf[2] = MPPE_STATELESS; 667 opt_buf[3] = 0; 668 opt_buf[4] = 0; 669 opt_buf[5] = MPPE_40BIT; 670 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) 671 go->mppe_40 = 0; 672 } 673 if (go->mppe_56) { 674 opt_buf[0] = CI_MPPE; 675 opt_buf[1] = CILEN_MPPE; 676 opt_buf[2] = MPPE_STATELESS; 677 opt_buf[3] = 0; 678 opt_buf[4] = 0; 679 opt_buf[5] = MPPE_56BIT; 680 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) 681 go->mppe_56 = 0; 682 } 683 if (go->mppe_128) { 684 opt_buf[0] = CI_MPPE; 685 opt_buf[1] = CILEN_MPPE; 686 opt_buf[2] = MPPE_STATELESS; 687 opt_buf[3] = 0; 688 opt_buf[4] = 0; 689 opt_buf[5] = MPPE_128BIT; 690 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) 691 go->mppe_128 = 0; 692 } 693 if (!go->mppe_40 && !go->mppe_56 && !go->mppe_128) { 694 if (ccp_wantoptions[f->unit].mppe) { 695 error("MPPE required, but kernel has no support."); 696 lcp_close(f->unit, "MPPE required but not available"); 697 } 698 go->mppe = go->mppe_stateless = 0; 699 } else { 700 /* MPPE is not compatible with other compression types */ 701 if (ccp_wantoptions[f->unit].mppe) { 702 ao->bsd_compress = go->bsd_compress = 0; 703 ao->predictor_1 = go->predictor_1 = 0; 704 ao->predictor_2 = go->predictor_2 = 0; 705 ao->deflate = go->deflate = 0; 706 ao->lzs = go->lzs = 0; 707 } 708 } 709 } 710#endif /* MPPE */ 711 if (go->lzs) { 712 opt_buf[0] = CI_LZS; 713 opt_buf[1] = CILEN_LZS; 714 opt_buf[2] = go->lzs_hists >> 8; 715 opt_buf[3] = go->lzs_hists & 0xff; 716 opt_buf[4] = LZS_MODE_SEQ; 717 if (ccp_test(f->unit, opt_buf, CILEN_LZS, 0) <= 0) 718 go->lzs = 0; 719 } 720 if (go->bsd_compress) { 721 opt_buf[0] = CI_BSD_COMPRESS; 722 opt_buf[1] = CILEN_BSD_COMPRESS; 723 opt_buf[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, BSD_MIN_BITS); 724 if (ccp_test(f->unit, opt_buf, CILEN_BSD_COMPRESS, 0) <= 0) 725 go->bsd_compress = 0; 726 } 727 if (go->deflate) { 728 if (go->deflate_correct) { 729 opt_buf[0] = CI_DEFLATE; 730 opt_buf[1] = CILEN_DEFLATE; 731 opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_WORKS); 732 opt_buf[3] = DEFLATE_CHK_SEQUENCE; 733 if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0) 734 go->deflate_correct = 0; 735 } 736 if (go->deflate_draft) { 737 opt_buf[0] = CI_DEFLATE_DRAFT; 738 opt_buf[1] = CILEN_DEFLATE; 739 opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_WORKS); 740 opt_buf[3] = DEFLATE_CHK_SEQUENCE; 741 if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0) 742 go->deflate_draft = 0; 743 } 744 if (!go->deflate_correct && !go->deflate_draft) 745 go->deflate = 0; 746 } 747 if (go->predictor_1) { 748 opt_buf[0] = CI_PREDICTOR_1; 749 opt_buf[1] = CILEN_PREDICTOR_1; 750 if (ccp_test(f->unit, opt_buf, CILEN_PREDICTOR_1, 0) <= 0) 751 go->predictor_1 = 0; 752 } 753 if (go->predictor_2) { 754 opt_buf[0] = CI_PREDICTOR_2; 755 opt_buf[1] = CILEN_PREDICTOR_2; 756 if (ccp_test(f->unit, opt_buf, CILEN_PREDICTOR_2, 0) <= 0) 757 go->predictor_2 = 0; 758 } 759} 760 761/* 762 * ccp_cilen - Return total length of our configuration info. 763 */ 764static int 765ccp_cilen(f) 766 fsm *f; 767{ 768 ccp_options *go = &ccp_gotoptions[f->unit]; 769 770 return (go->bsd_compress? CILEN_BSD_COMPRESS: 0) 771 + (go->deflate? CILEN_DEFLATE: 0) 772 + (go->predictor_1? CILEN_PREDICTOR_1: 0) 773 + (go->predictor_2? CILEN_PREDICTOR_2: 0) 774 + (go->lzs? CILEN_LZS: 0) 775 + ((go->mppe || go->mppc)? CILEN_MPPE: 0); 776} 777 778/* 779 * ccp_addci - put our requests in a packet. 780 */ 781static void 782ccp_addci(f, p, lenp) 783 fsm *f; 784 u_char *p; 785 int *lenp; 786{ 787 int res; 788 ccp_options *go = &ccp_gotoptions[f->unit]; 789 ccp_options *ao = &ccp_allowoptions[f->unit]; 790 ccp_options *wo = &ccp_wantoptions[f->unit]; 791 u_char *p0 = p; 792 793 /* 794 * Add the compression types that we can receive, in decreasing 795 * preference order. Get the kernel to allocate the first one 796 * in case it gets Acked. 797 */ 798#ifdef MPPE 799 if (go->mppe || go->mppc || (!wo->mppe && ao->mppe)) { 800 u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN]; 801 802 p[0] = CI_MPPE; 803 p[1] = CILEN_MPPE; 804 p[2] = (go->mppe_stateless ? MPPE_STATELESS : 0); 805 p[3] = 0; 806 p[4] = 0; 807 p[5] = (go->mppe_40 ? MPPE_40BIT : 0) | (go->mppe_56 ? MPPE_56BIT : 0) | 808 (go->mppe_128 ? MPPE_128BIT : 0) | (go->mppc ? MPPE_MPPC : 0); 809 810 BCOPY(p, opt_buf, CILEN_MPPE); 811 BCOPY(mppe_recv_key, &opt_buf[CILEN_MPPE], MPPE_MAX_KEY_LEN); 812 res = ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0); 813 if (res > 0) { 814 p += CILEN_MPPE; 815 } else { 816 /* This shouldn't happen, we've already tested it! */ 817 go->mppe = go->mppe_40 = go->mppe_56 = go->mppe_128 = 818 go->mppe_stateless = go->mppc = 0; 819 if (ccp_wantoptions[f->unit].mppe) 820 lcp_close(f->unit, "MPPE required but not available in kernel"); 821 } 822 } 823#endif /* MPPE */ 824 if (go->lzs) { 825 p[0] = CI_LZS; 826 p[1] = CILEN_LZS; 827 p[2] = go->lzs_hists >> 8; 828 p[3] = go->lzs_hists & 0xff; 829 p[4] = LZS_MODE_SEQ; 830 res = ccp_test(f->unit, p, CILEN_LZS, 0); 831 if (res > 0) { 832 p += CILEN_LZS; 833 } else 834 go->lzs = 0; 835 } 836 if (go->deflate) { 837 p[0] = go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT; 838 p[1] = CILEN_DEFLATE; 839 p[2] = DEFLATE_MAKE_OPT(go->deflate_size); 840 p[3] = DEFLATE_CHK_SEQUENCE; 841 if (p != p0) { 842 p += CILEN_DEFLATE; 843 } else { 844 for (;;) { 845 if (go->deflate_size < DEFLATE_MIN_WORKS) { 846 go->deflate = 0; 847 break; 848 } 849 res = ccp_test(f->unit, p, CILEN_DEFLATE, 0); 850 if (res > 0) { 851 p += CILEN_DEFLATE; 852 break; 853 } else if (res < 0) { 854 go->deflate = 0; 855 break; 856 } 857 --go->deflate_size; 858 p[2] = DEFLATE_MAKE_OPT(go->deflate_size); 859 } 860 } 861 if (p != p0 && go->deflate_correct && go->deflate_draft) { 862 p[0] = CI_DEFLATE_DRAFT; 863 p[1] = CILEN_DEFLATE; 864 p[2] = p[2 - CILEN_DEFLATE]; 865 p[3] = DEFLATE_CHK_SEQUENCE; 866 p += CILEN_DEFLATE; 867 } 868 } 869 if (go->bsd_compress) { 870 p[0] = CI_BSD_COMPRESS; 871 p[1] = CILEN_BSD_COMPRESS; 872 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits); 873 if (p != p0) { 874 p += CILEN_BSD_COMPRESS; /* not the first option */ 875 } else { 876 for (;;) { 877 if (go->bsd_bits < BSD_MIN_BITS) { 878 go->bsd_compress = 0; 879 break; 880 } 881 res = ccp_test(f->unit, p, CILEN_BSD_COMPRESS, 0); 882 if (res > 0) { 883 p += CILEN_BSD_COMPRESS; 884 break; 885 } else if (res < 0) { 886 go->bsd_compress = 0; 887 break; 888 } 889 --go->bsd_bits; 890 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits); 891 } 892 } 893 } 894 /* XXX Should Predictor 2 be preferable to Predictor 1? */ 895 if (go->predictor_1) { 896 p[0] = CI_PREDICTOR_1; 897 p[1] = CILEN_PREDICTOR_1; 898 if (p == p0 && ccp_test(f->unit, p, CILEN_PREDICTOR_1, 0) <= 0) { 899 go->predictor_1 = 0; 900 } else { 901 p += CILEN_PREDICTOR_1; 902 } 903 } 904 if (go->predictor_2) { 905 p[0] = CI_PREDICTOR_2; 906 p[1] = CILEN_PREDICTOR_2; 907 if (p == p0 && ccp_test(f->unit, p, CILEN_PREDICTOR_2, 0) <= 0) { 908 go->predictor_2 = 0; 909 } else { 910 p += CILEN_PREDICTOR_2; 911 } 912 } 913 914 go->method = (p > p0)? p0[0]: -1; 915 916 *lenp = p - p0; 917} 918 919/* 920 * ccp_ackci - process a received configure-ack, and return 921 * 1 if the packet was OK. 922 */ 923static int 924ccp_ackci(f, p, len) 925 fsm *f; 926 u_char *p; 927 int len; 928{ 929 ccp_options *go = &ccp_gotoptions[f->unit]; 930 ccp_options *ao = &ccp_allowoptions[f->unit]; 931 ccp_options *wo = &ccp_wantoptions[f->unit]; 932 u_char *p0 = p; 933 934#ifdef MPPE 935 if (go->mppe || go->mppc || (!wo->mppe && ao->mppe)) { 936 if (len < CILEN_MPPE 937 || p[1] != CILEN_MPPE || p[0] != CI_MPPE 938 || p[2] != (go->mppe_stateless ? MPPE_STATELESS : 0) 939 || p[3] != 0 940 || p[4] != 0 941 || (p[5] != ((go->mppe_40 ? MPPE_40BIT : 0) | 942 (go->mppc ? MPPE_MPPC : 0)) 943 && p[5] != ((go->mppe_56 ? MPPE_56BIT : 0) | 944 (go->mppc ? MPPE_MPPC : 0)) 945 && p[5] != ((go->mppe_128 ? MPPE_128BIT : 0) | 946 (go->mppc ? MPPE_MPPC : 0)))) 947 return 0; 948 if (go->mppe_40 || go->mppe_56 || go->mppe_128) 949 go->mppe = 1; 950 p += CILEN_MPPE; 951 len -= CILEN_MPPE; 952 /* Cope with first/fast ack */ 953 if (p == p0 && len == 0) 954 return 1; 955 } 956#endif /* MPPE */ 957 if (go->lzs) { 958 if (len < CILEN_LZS || p[0] != CI_LZS || p[1] != CILEN_LZS 959 || p[2] != go->lzs_hists>>8 || p[3] != (go->lzs_hists&0xff) 960 || p[4] != LZS_MODE_SEQ) 961 return 0; 962 p += CILEN_LZS; 963 len -= CILEN_LZS; 964 /* XXX Cope with first/fast ack */ 965 if (p == p0 && len == 0) 966 return 1; 967 } 968 if (go->deflate) { 969 if (len < CILEN_DEFLATE 970 || p[0] != (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT) 971 || p[1] != CILEN_DEFLATE 972 || p[2] != DEFLATE_MAKE_OPT(go->deflate_size) 973 || p[3] != DEFLATE_CHK_SEQUENCE) 974 return 0; 975 p += CILEN_DEFLATE; 976 len -= CILEN_DEFLATE; 977 /* XXX Cope with first/fast ack */ 978 if (len == 0) 979 return 1; 980 if (go->deflate_correct && go->deflate_draft) { 981 if (len < CILEN_DEFLATE 982 || p[0] != CI_DEFLATE_DRAFT 983 || p[1] != CILEN_DEFLATE 984 || p[2] != DEFLATE_MAKE_OPT(go->deflate_size) 985 || p[3] != DEFLATE_CHK_SEQUENCE) 986 return 0; 987 p += CILEN_DEFLATE; 988 len -= CILEN_DEFLATE; 989 } 990 } 991 if (go->bsd_compress) { 992 if (len < CILEN_BSD_COMPRESS 993 || p[0] != CI_BSD_COMPRESS || p[1] != CILEN_BSD_COMPRESS 994 || p[2] != BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits)) 995 return 0; 996 p += CILEN_BSD_COMPRESS; 997 len -= CILEN_BSD_COMPRESS; 998 /* XXX Cope with first/fast ack */ 999 if (p == p0 && len == 0) 1000 return 1; 1001 } 1002 if (go->predictor_1) { 1003 if (len < CILEN_PREDICTOR_1 1004 || p[0] != CI_PREDICTOR_1 || p[1] != CILEN_PREDICTOR_1) 1005 return 0; 1006 p += CILEN_PREDICTOR_1; 1007 len -= CILEN_PREDICTOR_1; 1008 /* XXX Cope with first/fast ack */ 1009 if (p == p0 && len == 0) 1010 return 1; 1011 } 1012 if (go->predictor_2) { 1013 if (len < CILEN_PREDICTOR_2 1014 || p[0] != CI_PREDICTOR_2 || p[1] != CILEN_PREDICTOR_2) 1015 return 0; 1016 p += CILEN_PREDICTOR_2; 1017 len -= CILEN_PREDICTOR_2; 1018 /* XXX Cope with first/fast ack */ 1019 if (p == p0 && len == 0) 1020 return 1; 1021 } 1022 1023 if (len != 0) 1024 return 0; 1025 return 1; 1026} 1027 1028/* 1029 * ccp_nakci - process received configure-nak. 1030 * Returns 1 if the nak was OK. 1031 */ 1032static int 1033ccp_nakci(f, p, len) 1034 fsm *f; 1035 u_char *p; 1036 int len; 1037{ 1038 ccp_options *go = &ccp_gotoptions[f->unit]; 1039 ccp_options *ao = &ccp_allowoptions[f->unit]; 1040 ccp_options *wo = &ccp_wantoptions[f->unit]; 1041 ccp_options no; /* options we've seen already */ 1042 ccp_options try; /* options to ask for next time */ 1043 1044 memset(&no, 0, sizeof(no)); 1045 try = *go; 1046 1047#ifdef MPPE 1048 if ((go->mppe || go->mppc || (!wo->mppe && ao->mppe)) && 1049 len >= CILEN_MPPE && p[0] == CI_MPPE && p[1] == CILEN_MPPE) { 1050 1051 if (go->mppc) { 1052 no.mppc = 1; 1053 if (!(p[5] & MPPE_MPPC)) 1054 try.mppc = 0; 1055 } 1056 1057 if (go->mppe) 1058 no.mppe = 1; 1059 if (go->mppe_40) 1060 no.mppe_40 = 1; 1061 if (go->mppe_56) 1062 no.mppe_56 = 1; 1063 if (go->mppe_128) 1064 no.mppe_128 = 1; 1065 if (go->mppe_stateless) 1066 no.mppe_stateless = 1; 1067 1068 if (ao->mppe_40) { 1069 if ((p[5] & MPPE_40BIT)) 1070 try.mppe_40 = 1; 1071 else 1072 try.mppe_40 = (p[5] == 0) ? 1 : 0; 1073 } 1074 if (ao->mppe_56) { 1075 if ((p[5] & MPPE_56BIT)) 1076 try.mppe_56 = 1; 1077 else 1078 try.mppe_56 = (p[5] == 0) ? 1 : 0; 1079 } 1080 if (ao->mppe_128) { 1081 if ((p[5] & MPPE_128BIT)) 1082 try.mppe_128 = 1; 1083 else 1084 try.mppe_128 = (p[5] == 0) ? 1 : 0; 1085 } 1086 1087 if (ao->mppe_stateless) { 1088 if ((p[2] & MPPE_STATELESS) || wo->mppe_stateless) 1089 try.mppe_stateless = 1; 1090 else 1091 try.mppe_stateless = 0; 1092 } 1093 1094 if (!try.mppe_56 && !try.mppe_40 && !try.mppe_128) { 1095 try.mppe = try.mppe_stateless = 0; 1096 if (wo->mppe) { 1097 /* we require encryption, but peer doesn't support it 1098 so we close connection */ 1099 wo->mppc = wo->mppe = wo->mppe_stateless = wo->mppe_40 = 1100 wo->mppe_56 = wo->mppe_128 = 0; 1101 lcp_close(f->unit, "MPPE required but cannot negotiate MPPE " 1102 "key length"); 1103 } 1104 } 1105 if (wo->mppe && (wo->mppe_40 != try.mppe_40) && 1106 (wo->mppe_56 != try.mppe_56) && (wo->mppe_128 != try.mppe_128)) { 1107 /* cannot negotiate key length */ 1108 wo->mppc = wo->mppe = wo->mppe_stateless = wo->mppe_40 = 1109 wo->mppe_56 = wo->mppe_128 = 0; 1110 lcp_close(f->unit, "Cannot negotiate MPPE key length"); 1111 } 1112 if (try.mppe_40 && try.mppe_56 && try.mppe_128) 1113 try.mppe_40 = try.mppe_56 = 0; 1114 else 1115 if (try.mppe_56 && try.mppe_128) 1116 try.mppe_56 = 0; 1117 else 1118 if (try.mppe_40 && try.mppe_128) 1119 try.mppe_40 = 0; 1120 else 1121 if (try.mppe_40 && try.mppe_56) 1122 try.mppe_40 = 0; 1123 1124 p += CILEN_MPPE; 1125 len -= CILEN_MPPE; 1126 } 1127#endif /* MPPE */ 1128 1129 if (go->lzs && len >= CILEN_LZS && p[0] == CI_LZS && p[1] == CILEN_LZS) { 1130 no.lzs = 1; 1131 if (((p[2]<<8)|p[3]) > 1 || (p[4] != LZS_MODE_SEQ && 1132 p[4] != LZS_MODE_EXT)) 1133 try.lzs = 0; 1134 else { 1135 try.lzs_mode = p[4]; 1136 try.lzs_hists = (p[2] << 8) | p[3]; 1137 } 1138 p += CILEN_LZS; 1139 len -= CILEN_LZS; 1140 } 1141 1142 if (go->deflate && len >= CILEN_DEFLATE 1143 && p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT) 1144 && p[1] == CILEN_DEFLATE) { 1145 no.deflate = 1; 1146 /* 1147 * Peer wants us to use a different code size or something. 1148 * Stop asking for Deflate if we don't understand his suggestion. 1149 */ 1150 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL 1151 || DEFLATE_SIZE(p[2]) < DEFLATE_MIN_WORKS 1152 || p[3] != DEFLATE_CHK_SEQUENCE) 1153 try.deflate = 0; 1154 else if (DEFLATE_SIZE(p[2]) < go->deflate_size) 1155 try.deflate_size = DEFLATE_SIZE(p[2]); 1156 p += CILEN_DEFLATE; 1157 len -= CILEN_DEFLATE; 1158 if (go->deflate_correct && go->deflate_draft 1159 && len >= CILEN_DEFLATE && p[0] == CI_DEFLATE_DRAFT 1160 && p[1] == CILEN_DEFLATE) { 1161 p += CILEN_DEFLATE; 1162 len -= CILEN_DEFLATE; 1163 } 1164 } 1165 1166 if (go->bsd_compress && len >= CILEN_BSD_COMPRESS 1167 && p[0] == CI_BSD_COMPRESS && p[1] == CILEN_BSD_COMPRESS) { 1168 no.bsd_compress = 1; 1169 /* 1170 * Peer wants us to use a different number of bits 1171 * or a different version. 1172 */ 1173 if (BSD_VERSION(p[2]) != BSD_CURRENT_VERSION) 1174 try.bsd_compress = 0; 1175 else if (BSD_NBITS(p[2]) < go->bsd_bits) 1176 try.bsd_bits = BSD_NBITS(p[2]); 1177 p += CILEN_BSD_COMPRESS; 1178 len -= CILEN_BSD_COMPRESS; 1179 } 1180 1181 /* 1182 * Predictor-1 and 2 have no options, so they can't be Naked. 1183 * 1184 * There may be remaining options but we ignore them. 1185 */ 1186 1187 if (f->state != OPENED) 1188 *go = try; 1189 return 1; 1190} 1191 1192/* 1193 * ccp_rejci - reject some of our suggested compression methods. 1194 */ 1195static int 1196ccp_rejci(f, p, len) 1197 fsm *f; 1198 u_char *p; 1199 int len; 1200{ 1201 ccp_options *go = &ccp_gotoptions[f->unit]; 1202 ccp_options try; /* options to request next time */ 1203 1204 try = *go; 1205 1206 /* 1207 * Cope with empty configure-rejects by ceasing to send 1208 * configure-requests. 1209 */ 1210 if (len == 0 && all_rejected[f->unit]) 1211 return -1; 1212 1213#ifdef MPPE 1214 if ((go->mppe || go->mppc) && len >= CILEN_MPPE 1215 && p[0] == CI_MPPE && p[1] == CILEN_MPPE) { 1216 ccp_options *wo = &ccp_wantoptions[f->unit]; 1217 if (p[2] != (go->mppe_stateless ? MPPE_STATELESS : 0) || 1218 p[3] != 0 || 1219 p[4] != 0 || 1220 p[5] != ((go->mppe_40 ? MPPE_40BIT : 0) | 1221 (go->mppe_56 ? MPPE_56BIT : 0) | 1222 (go->mppe_128 ? MPPE_128BIT : 0) | 1223 (go->mppc ? MPPE_MPPC : 0))) 1224 return 0; 1225 if (go->mppc) 1226 try.mppc = 0; 1227 if (go->mppe) { 1228 try.mppe = 0; 1229 if (go->mppe_40) 1230 try.mppe_40 = 0; 1231 if (go->mppe_56) 1232 try.mppe_56 = 0; 1233 if (go->mppe_128) 1234 try.mppe_128 = 0; 1235 if (go->mppe_stateless) 1236 try.mppe_stateless = 0; 1237 if (!try.mppe_56 && !try.mppe_40 && !try.mppe_128) 1238 try.mppe = try.mppe_stateless = 0; 1239 if (wo->mppe) { /* we want MPPE but cannot negotiate key length */ 1240 wo->mppc = wo->mppe = wo->mppe_stateless = wo->mppe_40 = 1241 wo->mppe_56 = wo->mppe_128 = 0; 1242 lcp_close(f->unit, "MPPE required but cannot negotiate MPPE " 1243 "key length"); 1244 } 1245 } 1246 p += CILEN_MPPE; 1247 len -= CILEN_MPPE; 1248 } 1249#endif /* MPPE */ 1250 if (go->lzs && len >= CILEN_LZS && p[0] == CI_LZS && p[1] == CILEN_LZS) { 1251 if (p[2] != go->lzs_hists>>8 || p[3] != (go->lzs_hists&0xff) 1252 || p[4] != go->lzs_mode) 1253 return 0; 1254 try.lzs = 0; 1255 p += CILEN_LZS; 1256 len -= CILEN_LZS; 1257 } 1258 if (go->deflate_correct && len >= CILEN_DEFLATE 1259 && p[0] == CI_DEFLATE && p[1] == CILEN_DEFLATE) { 1260 if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size) 1261 || p[3] != DEFLATE_CHK_SEQUENCE) 1262 return 0; /* Rej is bad */ 1263 try.deflate_correct = 0; 1264 p += CILEN_DEFLATE; 1265 len -= CILEN_DEFLATE; 1266 } 1267 if (go->deflate_draft && len >= CILEN_DEFLATE 1268 && p[0] == CI_DEFLATE_DRAFT && p[1] == CILEN_DEFLATE) { 1269 if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size) 1270 || p[3] != DEFLATE_CHK_SEQUENCE) 1271 return 0; /* Rej is bad */ 1272 try.deflate_draft = 0; 1273 p += CILEN_DEFLATE; 1274 len -= CILEN_DEFLATE; 1275 } 1276 if (!try.deflate_correct && !try.deflate_draft) 1277 try.deflate = 0; 1278 if (go->bsd_compress && len >= CILEN_BSD_COMPRESS 1279 && p[0] == CI_BSD_COMPRESS && p[1] == CILEN_BSD_COMPRESS) { 1280 if (p[2] != BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits)) 1281 return 0; 1282 try.bsd_compress = 0; 1283 p += CILEN_BSD_COMPRESS; 1284 len -= CILEN_BSD_COMPRESS; 1285 } 1286 if (go->predictor_1 && len >= CILEN_PREDICTOR_1 1287 && p[0] == CI_PREDICTOR_1 && p[1] == CILEN_PREDICTOR_1) { 1288 try.predictor_1 = 0; 1289 p += CILEN_PREDICTOR_1; 1290 len -= CILEN_PREDICTOR_1; 1291 } 1292 if (go->predictor_2 && len >= CILEN_PREDICTOR_2 1293 && p[0] == CI_PREDICTOR_2 && p[1] == CILEN_PREDICTOR_2) { 1294 try.predictor_2 = 0; 1295 p += CILEN_PREDICTOR_2; 1296 len -= CILEN_PREDICTOR_2; 1297 } 1298 1299 if (len != 0) 1300 return 0; 1301 1302 if (f->state != OPENED) 1303 *go = try; 1304 1305 return 1; 1306} 1307 1308/* 1309 * ccp_reqci - processed a received configure-request. 1310 * Returns CONFACK, CONFNAK or CONFREJ and the packet modified 1311 * appropriately. 1312 */ 1313static int 1314ccp_reqci(f, p, lenp, dont_nak) 1315 fsm *f; 1316 u_char *p; 1317 int *lenp; 1318 int dont_nak; 1319{ 1320 int ret, newret, res; 1321 u_char *p0, *retp, p2, p5; 1322 int len, clen, type, nb; 1323 ccp_options *ho = &ccp_hisoptions[f->unit]; 1324 ccp_options *ao = &ccp_allowoptions[f->unit]; 1325 ccp_options *wo = &ccp_wantoptions[f->unit]; 1326#ifdef MPPE 1327 u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN]; 1328/* int mtu; */ 1329#endif /* MPPE */ 1330 1331 ret = CONFACK; 1332 retp = p0 = p; 1333 len = *lenp; 1334 1335 memset(ho, 0, sizeof(ccp_options)); 1336 ho->method = (len > 0)? p[0]: -1; 1337 1338 while (len > 0) { 1339 newret = CONFACK; 1340 if (len < 2 || p[1] < 2 || p[1] > len) { 1341 /* length is bad */ 1342 clen = len; 1343 newret = CONFREJ; 1344 1345 } else { 1346 type = p[0]; 1347 clen = p[1]; 1348 1349 switch (type) { 1350#ifdef MPPE 1351 case CI_MPPE: 1352 if ((!ao->mppc && !ao->mppe) || clen != CILEN_MPPE) { 1353 newret = CONFREJ; 1354 break; 1355 } 1356 1357 p2 = p[2]; 1358 p5 = p[5]; 1359 /* not sure what they want, tell 'em what we got */ 1360 if (((p[2] & ~MPPE_STATELESS) != 0 || p[3] != 0 || p[4] != 0 || 1361 (p[5] & ~(MPPE_40BIT | MPPE_56BIT | MPPE_128BIT | 1362 MPPE_MPPC)) != 0 || p[5] == 0) || 1363 (p[2] == 0 && p[3] == 0 && p[4] == 0 && p[5] == 0)) { 1364 newret = CONFNAK; 1365 p[2] = (wo->mppe_stateless ? MPPE_STATELESS : 0); 1366 p[3] = 0; 1367 p[4] = 0; 1368 p[5] = (wo->mppe_40 ? MPPE_40BIT : 0) | 1369 (wo->mppe_56 ? MPPE_56BIT : 0) | 1370 (wo->mppe_128 ? MPPE_128BIT : 0) | 1371 (wo->mppc ? MPPE_MPPC : 0); 1372 break; 1373 } 1374 1375 if ((p[5] & MPPE_MPPC)) { 1376 if (ao->mppc) { 1377 ho->mppc = 1; 1378 BCOPY(p, opt_buf, CILEN_MPPE); 1379 opt_buf[2] = opt_buf[3] = opt_buf[4] = 0; 1380 opt_buf[5] = MPPE_MPPC; 1381 if (ccp_test(f->unit, opt_buf, CILEN_MPPE, 1) <= 0) { 1382 ho->mppc = 0; 1383 p[5] &= ~MPPE_MPPC; 1384 newret = CONFNAK; 1385 } 1386 } else { 1387 newret = CONFREJ; 1388 if (wo->mppe || ao->mppe) { 1389 p[5] &= ~MPPE_MPPC; 1390 newret = CONFNAK; 1391 } 1392 } 1393 } 1394 1395 if (ao->mppe) 1396 ho->mppe = 1; 1397 1398 if ((p[2] & MPPE_STATELESS)) { 1399 if (ao->mppe_stateless) { 1400 if (wo->mppe_stateless) 1401 ho->mppe_stateless = 1; 1402 else { 1403 newret = CONFNAK; 1404 if (!dont_nak) 1405 p[2] &= ~MPPE_STATELESS; 1406 } 1407 } else { 1408 newret = CONFNAK; 1409 if (!dont_nak) 1410 p[2] &= ~MPPE_STATELESS; 1411 } 1412 } else { 1413 if (wo->mppe_stateless && !dont_nak) { 1414 wo->mppe_stateless = 0; 1415 newret = CONFNAK; 1416 p[2] |= MPPE_STATELESS; 1417 } 1418 } 1419 1420 if ((p[5] & ~MPPE_MPPC) == (MPPE_40BIT|MPPE_56BIT|MPPE_128BIT)) { 1421 newret = CONFNAK; 1422 if (ao->mppe_128) { 1423 ho->mppe_128 = 1; 1424 p[5] &= ~(MPPE_40BIT|MPPE_56BIT); 1425 BCOPY(p, opt_buf, CILEN_MPPE); 1426 BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], 1427 MPPE_MAX_KEY_LEN); 1428 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + 1429 MPPE_MAX_KEY_LEN, 1) <= 0) { 1430 ho->mppe_128 = 0; 1431 p[5] |= (MPPE_40BIT|MPPE_56BIT); 1432 p[5] &= ~MPPE_128BIT; 1433 goto check_mppe_56_40; 1434 } 1435 goto check_mppe; 1436 } 1437 p[5] &= ~MPPE_128BIT; 1438 goto check_mppe_56_40; 1439 } 1440 if ((p[5] & ~MPPE_MPPC) == (MPPE_56BIT|MPPE_128BIT)) { 1441 newret = CONFNAK; 1442 if (ao->mppe_128) { 1443 ho->mppe_128 = 1; 1444 p[5] &= ~MPPE_56BIT; 1445 BCOPY(p, opt_buf, CILEN_MPPE); 1446 BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], 1447 MPPE_MAX_KEY_LEN); 1448 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + 1449 MPPE_MAX_KEY_LEN, 1) <= 0) { 1450 ho->mppe_128 = 0; 1451 p[5] |= MPPE_56BIT; 1452 p[5] &= ~MPPE_128BIT; 1453 goto check_mppe_56; 1454 } 1455 goto check_mppe; 1456 } 1457 p[5] &= ~MPPE_128BIT; 1458 goto check_mppe_56; 1459 } 1460 if ((p[5] & ~MPPE_MPPC) == (MPPE_40BIT|MPPE_128BIT)) { 1461 newret = CONFNAK; 1462 if (ao->mppe_128) { 1463 ho->mppe_128 = 1; 1464 p[5] &= ~MPPE_40BIT; 1465 BCOPY(p, opt_buf, CILEN_MPPE); 1466 BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], 1467 MPPE_MAX_KEY_LEN); 1468 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + 1469 MPPE_MAX_KEY_LEN, 1) <= 0) { 1470 ho->mppe_128 = 0; 1471 p[5] |= MPPE_40BIT; 1472 p[5] &= ~MPPE_128BIT; 1473 goto check_mppe_40; 1474 } 1475 goto check_mppe; 1476 } 1477 p[5] &= ~MPPE_128BIT; 1478 goto check_mppe_40; 1479 } 1480 if ((p[5] & ~MPPE_MPPC) == MPPE_128BIT) { 1481 if (ao->mppe_128) { 1482 ho->mppe_128 = 1; 1483 BCOPY(p, opt_buf, CILEN_MPPE); 1484 BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], 1485 MPPE_MAX_KEY_LEN); 1486 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + 1487 MPPE_MAX_KEY_LEN, 1) <= 0) { 1488 ho->mppe_128 = 0; 1489 p[5] &= ~MPPE_128BIT; 1490 newret = CONFNAK; 1491 } 1492 goto check_mppe; 1493 } 1494 p[5] &= ~MPPE_128BIT; 1495 newret = CONFNAK; 1496 goto check_mppe; 1497 } 1498 check_mppe_56_40: 1499 if ((p[5] & ~MPPE_MPPC) == (MPPE_40BIT|MPPE_56BIT)) { 1500 newret = CONFNAK; 1501 if (ao->mppe_56) { 1502 ho->mppe_56 = 1; 1503 p[5] &= ~MPPE_40BIT; 1504 BCOPY(p, opt_buf, CILEN_MPPE); 1505 BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], 1506 MPPE_MAX_KEY_LEN); 1507 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + 1508 MPPE_MAX_KEY_LEN, 1) <= 0) { 1509 ho->mppe_56 = 0; 1510 p[5] |= MPPE_40BIT; 1511 p[5] &= ~MPPE_56BIT; 1512 newret = CONFNAK; 1513 goto check_mppe_40; 1514 } 1515 goto check_mppe; 1516 } 1517 p[5] &= ~MPPE_56BIT; 1518 goto check_mppe_40; 1519 } 1520 check_mppe_56: 1521 if ((p[5] & ~MPPE_MPPC) == MPPE_56BIT) { 1522 if (ao->mppe_56) { 1523 ho->mppe_56 = 1; 1524 BCOPY(p, opt_buf, CILEN_MPPE); 1525 BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], 1526 MPPE_MAX_KEY_LEN); 1527 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + 1528 MPPE_MAX_KEY_LEN, 1) <= 0) { 1529 ho->mppe_56 = 0; 1530 p[5] &= ~MPPE_56BIT; 1531 newret = CONFNAK; 1532 } 1533 goto check_mppe; 1534 } 1535 p[5] &= ~MPPE_56BIT; 1536 newret = CONFNAK; 1537 goto check_mppe; 1538 } 1539 check_mppe_40: 1540 if ((p[5] & ~MPPE_MPPC) == MPPE_40BIT) { 1541 if (ao->mppe_40) { 1542 ho->mppe_40 = 1; 1543 BCOPY(p, opt_buf, CILEN_MPPE); 1544 BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], 1545 MPPE_MAX_KEY_LEN); 1546 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + 1547 MPPE_MAX_KEY_LEN, 1) <= 0) { 1548 ho->mppe_40 = 0; 1549 p[5] &= ~MPPE_40BIT; 1550 newret = CONFNAK; 1551 } 1552 goto check_mppe; 1553 } 1554 p[5] &= ~MPPE_40BIT; 1555 } 1556 1557 check_mppe: 1558 if (!ho->mppe_40 && !ho->mppe_56 && !ho->mppe_128) { 1559 if (wo->mppe_40 || wo->mppe_56 || wo->mppe_128) { 1560 newret = CONFNAK; 1561 p[2] |= (wo->mppe_stateless ? MPPE_STATELESS : 0); 1562 p[5] |= (wo->mppe_40 ? MPPE_40BIT : 0) | 1563 (wo->mppe_56 ? MPPE_56BIT : 0) | 1564 (wo->mppe_128 ? MPPE_128BIT : 0) | 1565 (wo->mppc ? MPPE_MPPC : 0); 1566 } else { 1567 ho->mppe = ho->mppe_stateless = 0; 1568 } 1569 } else { 1570 /* MPPE is not compatible with other compression types */ 1571 if (wo->mppe) { 1572 ao->bsd_compress = 0; 1573 ao->predictor_1 = 0; 1574 ao->predictor_2 = 0; 1575 ao->deflate = 0; 1576 ao->lzs = 0; 1577 } 1578 } 1579 if ((!ho->mppc || !ao->mppc) && !ho->mppe) { 1580 p[2] = p2; 1581 p[5] = p5; 1582 newret = CONFREJ; 1583 break; 1584 } 1585 1586 /* 1587 * I have commented the code below because according to RFC1547 1588 * MTU is only information for higher level protocols about 1589 * "the maximum allowable length for a packet (q.v.) transmitted 1590 * over a point-to-point link without incurring network layer 1591 * fragmentation." Of course a PPP implementation should be able 1592 * to handle overhead added by MPPE - in our case apropriate code 1593 * is located in drivers/net/ppp_generic.c in the kernel sources. 1594 * 1595 * According to RFC1661: 1596 * - when negotiated MRU is less than 1500 octets, a PPP 1597 * implementation must still be able to receive at least 1500 1598 * octets, 1599 * - when PFC is negotiated, a PPP implementation is still 1600 * required to receive frames with uncompressed protocol field. 1601 * 1602 * So why not to handle MPPE overhead without changing MTU value? 1603 * I am sure that RFC3078, unfortunately silently, assumes that. 1604 */ 1605 1606 /* 1607 * We need to decrease the interface MTU by MPPE_PAD 1608 * because MPPE frames **grow**. The kernel [must] 1609 * allocate MPPE_PAD extra bytes in xmit buffers. 1610 */ 1611/* 1612 mtu = netif_get_mtu(f->unit); 1613 if (mtu) { 1614 netif_set_mtu(f->unit, mtu - MPPE_PAD); 1615 } else { 1616 newret = CONFREJ; 1617 if (ccp_wantoptions[f->unit].mppe) { 1618 error("Cannot adjust MTU needed by MPPE."); 1619 lcp_close(f->unit, "Cannot adjust MTU needed by MPPE."); 1620 } 1621 } 1622*/ 1623 break; 1624#endif /* MPPE */ 1625 1626 case CI_LZS: 1627 if (!ao->lzs || clen != CILEN_LZS) { 1628 newret = CONFREJ; 1629 break; 1630 } 1631 1632 ho->lzs = 1; 1633 ho->lzs_hists = (p[2] << 8) | p[3]; 1634 ho->lzs_mode = p[4]; 1635 if ((ho->lzs_hists != ao->lzs_hists) || 1636 (ho->lzs_mode != ao->lzs_mode)) { 1637 newret = CONFNAK; 1638 if (!dont_nak) { 1639 p[2] = ao->lzs_hists >> 8; 1640 p[3] = ao->lzs_hists & 0xff; 1641 p[4] = ao->lzs_mode; 1642 } else 1643 break; 1644 } 1645 1646 if (p == p0 && ccp_test(f->unit, p, CILEN_LZS, 1) <= 0) { 1647 newret = CONFREJ; 1648 } 1649 break; 1650 1651 case CI_DEFLATE: 1652 case CI_DEFLATE_DRAFT: 1653 if (!ao->deflate || clen != CILEN_DEFLATE 1654 || (!ao->deflate_correct && type == CI_DEFLATE) 1655 || (!ao->deflate_draft && type == CI_DEFLATE_DRAFT)) { 1656 newret = CONFREJ; 1657 break; 1658 } 1659 1660 ho->deflate = 1; 1661 ho->deflate_size = nb = DEFLATE_SIZE(p[2]); 1662 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL 1663 || p[3] != DEFLATE_CHK_SEQUENCE 1664 || nb > ao->deflate_size || nb < DEFLATE_MIN_WORKS) { 1665 newret = CONFNAK; 1666 if (!dont_nak) { 1667 p[2] = DEFLATE_MAKE_OPT(ao->deflate_size); 1668 p[3] = DEFLATE_CHK_SEQUENCE; 1669 /* fall through to test this #bits below */ 1670 } else 1671 break; 1672 } 1673 1674 /* 1675 * Check whether we can do Deflate with the window 1676 * size they want. If the window is too big, reduce 1677 * it until the kernel can cope and nak with that. 1678 * We only check this for the first option. 1679 */ 1680 if (p == p0) { 1681 for (;;) { 1682 res = ccp_test(f->unit, p, CILEN_DEFLATE, 1); 1683 if (res > 0) 1684 break; /* it's OK now */ 1685 if (res < 0 || nb == DEFLATE_MIN_WORKS || dont_nak) { 1686 newret = CONFREJ; 1687 p[2] = DEFLATE_MAKE_OPT(ho->deflate_size); 1688 break; 1689 } 1690 newret = CONFNAK; 1691 --nb; 1692 p[2] = DEFLATE_MAKE_OPT(nb); 1693 } 1694 } 1695 break; 1696 1697 case CI_BSD_COMPRESS: 1698 if (!ao->bsd_compress || clen != CILEN_BSD_COMPRESS) { 1699 newret = CONFREJ; 1700 break; 1701 } 1702 1703 ho->bsd_compress = 1; 1704 ho->bsd_bits = nb = BSD_NBITS(p[2]); 1705 if (BSD_VERSION(p[2]) != BSD_CURRENT_VERSION 1706 || nb > ao->bsd_bits || nb < BSD_MIN_BITS) { 1707 newret = CONFNAK; 1708 if (!dont_nak) { 1709 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, ao->bsd_bits); 1710 /* fall through to test this #bits below */ 1711 } else 1712 break; 1713 } 1714 1715 /* 1716 * Check whether we can do BSD-Compress with the code 1717 * size they want. If the code size is too big, reduce 1718 * it until the kernel can cope and nak with that. 1719 * We only check this for the first option. 1720 */ 1721 if (p == p0) { 1722 for (;;) { 1723 res = ccp_test(f->unit, p, CILEN_BSD_COMPRESS, 1); 1724 if (res > 0) 1725 break; 1726 if (res < 0 || nb == BSD_MIN_BITS || dont_nak) { 1727 newret = CONFREJ; 1728 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, 1729 ho->bsd_bits); 1730 break; 1731 } 1732 newret = CONFNAK; 1733 --nb; 1734 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, nb); 1735 } 1736 } 1737 break; 1738 1739 case CI_PREDICTOR_1: 1740 if (!ao->predictor_1 || clen != CILEN_PREDICTOR_1) { 1741 newret = CONFREJ; 1742 break; 1743 } 1744 1745 ho->predictor_1 = 1; 1746 if (p == p0 1747 && ccp_test(f->unit, p, CILEN_PREDICTOR_1, 1) <= 0) { 1748 newret = CONFREJ; 1749 } 1750 break; 1751 1752 case CI_PREDICTOR_2: 1753 if (!ao->predictor_2 || clen != CILEN_PREDICTOR_2) { 1754 newret = CONFREJ; 1755 break; 1756 } 1757 1758 ho->predictor_2 = 1; 1759 if (p == p0 1760 && ccp_test(f->unit, p, CILEN_PREDICTOR_2, 1) <= 0) { 1761 newret = CONFREJ; 1762 } 1763 break; 1764 1765 default: 1766 newret = CONFREJ; 1767 } 1768 } 1769 1770 if (newret == CONFNAK && dont_nak) 1771 newret = CONFREJ; 1772 if (!(newret == CONFACK || (newret == CONFNAK && ret == CONFREJ))) { 1773 /* we're returning this option */ 1774 if (newret == CONFREJ && ret == CONFNAK) 1775 retp = p0; 1776 ret = newret; 1777 if (p != retp) 1778 BCOPY(p, retp, clen); 1779 retp += clen; 1780 } 1781 1782 p += clen; 1783 len -= clen; 1784 } 1785 1786 if (ret != CONFACK) { 1787 if (ret == CONFREJ && *lenp == retp - p0) 1788 all_rejected[f->unit] = 1; 1789 else 1790 *lenp = retp - p0; 1791 } 1792 return ret; 1793} 1794 1795/* 1796 * Make a string name for a compression method (or 2). 1797 */ 1798static char * 1799method_name(opt, opt2) 1800 ccp_options *opt, *opt2; 1801{ 1802 static char result[64]; 1803 1804 if (!ANY_COMPRESS(*opt)) 1805 return "(none)"; 1806 switch (opt->method) { 1807#ifdef MPPE 1808 case CI_MPPE: 1809 { 1810 char *p = result; 1811 char *q = result + sizeof(result); /* 1 past result */ 1812 1813 if (opt->mppe) { 1814 if (opt->mppc) { 1815 slprintf(p, q - p, "MPPC/MPPE "); 1816 p += 10; 1817 } else { 1818 slprintf(p, q - p, "MPPE "); 1819 p += 5; 1820 } 1821 if (opt->mppe_128) { 1822 slprintf(p, q - p, "128-bit "); 1823 p += 8; 1824 } else if (opt->mppe_56) { 1825 slprintf(p, q - p, "56-bit "); 1826 p += 7; 1827 } else if (opt->mppe_40) { 1828 slprintf(p, q - p, "40-bit "); 1829 p += 7; 1830 } 1831 if (opt->mppe_stateless) 1832 slprintf(p, q - p, "stateless"); 1833 else 1834 slprintf(p, q - p, "stateful"); 1835 } else if (opt->mppc) 1836 slprintf(p, q - p, "MPPC"); 1837 break; 1838 } 1839#endif /* MPPE */ 1840 case CI_LZS: 1841 return "Stac LZS"; 1842 case CI_DEFLATE: 1843 case CI_DEFLATE_DRAFT: 1844 if (opt2 != NULL && opt2->deflate_size != opt->deflate_size) 1845 slprintf(result, sizeof(result), "Deflate%s (%d/%d)", 1846 (opt->method == CI_DEFLATE_DRAFT? "(old#)": ""), 1847 opt->deflate_size, opt2->deflate_size); 1848 else 1849 slprintf(result, sizeof(result), "Deflate%s (%d)", 1850 (opt->method == CI_DEFLATE_DRAFT? "(old#)": ""), 1851 opt->deflate_size); 1852 break; 1853 case CI_BSD_COMPRESS: 1854 if (opt2 != NULL && opt2->bsd_bits != opt->bsd_bits) 1855 slprintf(result, sizeof(result), "BSD-Compress (%d/%d)", 1856 opt->bsd_bits, opt2->bsd_bits); 1857 else 1858 slprintf(result, sizeof(result), "BSD-Compress (%d)", 1859 opt->bsd_bits); 1860 break; 1861 case CI_PREDICTOR_1: 1862 return "Predictor 1"; 1863 case CI_PREDICTOR_2: 1864 return "Predictor 2"; 1865 default: 1866 slprintf(result, sizeof(result), "Method %d", opt->method); 1867 } 1868 return result; 1869} 1870 1871/* 1872 * CCP has come up - inform the kernel driver and log a message. 1873 */ 1874static void 1875ccp_up(f) 1876 fsm *f; 1877{ 1878 ccp_options *go = &ccp_gotoptions[f->unit]; 1879 ccp_options *ho = &ccp_hisoptions[f->unit]; 1880 char method1[64]; 1881 1882 ccp_flags_set(f->unit, 1, 1); 1883 if (ANY_COMPRESS(*go)) { 1884 if (ANY_COMPRESS(*ho)) { 1885 if (go->method == ho->method) { 1886 notice("%s compression enabled", method_name(go, ho)); 1887 } else { 1888 strlcpy(method1, method_name(go, NULL), sizeof(method1)); 1889 notice("%s / %s compression enabled", 1890 method1, method_name(ho, NULL)); 1891 } 1892 } else 1893 notice("%s receive compression enabled", method_name(go, NULL)); 1894 } else if (ANY_COMPRESS(*ho)) 1895 notice("%s transmit compression enabled", method_name(ho, NULL)); 1896#ifdef MPPE 1897 if (go->mppe || go->mppc) { 1898 BZERO(mppe_recv_key, MPPE_MAX_KEY_LEN); 1899 BZERO(mppe_send_key, MPPE_MAX_KEY_LEN); 1900 continue_networks(f->unit); /* Bring up IP et al */ 1901 } 1902#endif /* MPPE */ 1903} 1904 1905/* 1906 * CCP has gone down - inform the kernel driver. 1907 */ 1908static void 1909ccp_down(f) 1910 fsm *f; 1911{ 1912 if (ccp_localstate[f->unit] & RACK_PENDING) 1913 UNTIMEOUT(ccp_rack_timeout, f); 1914 ccp_localstate[f->unit] = 0; 1915 ccp_flags_set(f->unit, 1, 0); 1916#ifdef MPPE 1917 if (ccp_gotoptions[f->unit].mppe) { 1918 ccp_gotoptions[f->unit].mppe = 0; 1919 if (lcp_fsm[f->unit].state == OPENED) { 1920 /* If LCP is not already going down, make sure it does. */ 1921 error("MPPE disabled"); 1922 lcp_close(f->unit, "MPPE disabled"); 1923 } 1924 } 1925#endif /* MPPE */ 1926} 1927 1928/* 1929 * Print the contents of a CCP packet. 1930 */ 1931static char *ccp_codenames[] = { 1932 "ConfReq", "ConfAck", "ConfNak", "ConfRej", 1933 "TermReq", "TermAck", "CodeRej", 1934 NULL, NULL, NULL, NULL, NULL, NULL, 1935 "ResetReq", "ResetAck", 1936}; 1937 1938static int 1939ccp_printpkt(p, plen, printer, arg) 1940 u_char *p; 1941 int plen; 1942 void (*printer) __P((void *, char *, ...)); 1943 void *arg; 1944{ 1945 u_char *p0, *optend; 1946 int code, id, len; 1947 int optlen; 1948 1949 p0 = p; 1950 if (plen < HEADERLEN) 1951 return 0; 1952 code = p[0]; 1953 id = p[1]; 1954 len = (p[2] << 8) + p[3]; 1955 if (len < HEADERLEN || len > plen) 1956 return 0; 1957 1958 if (code >= 1 && code <= sizeof(ccp_codenames) / sizeof(char *) 1959 && ccp_codenames[code-1] != NULL) 1960 printer(arg, " %s", ccp_codenames[code-1]); 1961 else 1962 printer(arg, " code=0x%x", code); 1963 printer(arg, " id=0x%x", id); 1964 len -= HEADERLEN; 1965 p += HEADERLEN; 1966 1967 switch (code) { 1968 case CONFREQ: 1969 case CONFACK: 1970 case CONFNAK: 1971 case CONFREJ: 1972 /* print list of possible compression methods */ 1973 while (len >= 2) { 1974 code = p[0]; 1975 optlen = p[1]; 1976 if (optlen < 2 || optlen > len) 1977 break; 1978 printer(arg, " <"); 1979 len -= optlen; 1980 optend = p + optlen; 1981 switch (code) { 1982#ifdef MPPE 1983 case CI_MPPE: 1984 if (optlen >= CILEN_MPPE) { 1985 printer(arg, "mppe %s %s %s %s %s %s", 1986 (p[2] & MPPE_STATELESS)? "+H": "-H", 1987 (p[5] & MPPE_56BIT)? "+M": "-M", 1988 (p[5] & MPPE_128BIT)? "+S": "-S", 1989 (p[5] & MPPE_40BIT)? "+L": "-L", 1990 (p[5] & MPPE_D_BIT)? "+D": "-D", 1991 (p[5] & MPPE_MPPC)? "+C": "-C"); 1992 if ((p[5] & ~(MPPE_56BIT | MPPE_128BIT | MPPE_40BIT | 1993 MPPE_D_BIT | MPPE_MPPC)) || 1994 (p[2] & ~MPPE_STATELESS)) 1995 printer(arg, " (%.2x %.2x %.2x %.2x)", 1996 p[2], p[3], p[4], p[5]); 1997 p += CILEN_MPPE; 1998 } 1999 break; 2000#endif /* MPPE */ 2001 case CI_LZS: 2002 if (optlen >= CILEN_LZS) { 2003 printer(arg, "lzs %.2x %.2x %.2x", p[2], p[3], p[4]); 2004 p += CILEN_LZS; 2005 } 2006 break; 2007 case CI_DEFLATE: 2008 case CI_DEFLATE_DRAFT: 2009 if (optlen >= CILEN_DEFLATE) { 2010 printer(arg, "deflate%s %d", 2011 (code == CI_DEFLATE_DRAFT? "(old#)": ""), 2012 DEFLATE_SIZE(p[2])); 2013 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL) 2014 printer(arg, " method %d", DEFLATE_METHOD(p[2])); 2015 if (p[3] != DEFLATE_CHK_SEQUENCE) 2016 printer(arg, " check %d", p[3]); 2017 p += CILEN_DEFLATE; 2018 } 2019 break; 2020 case CI_BSD_COMPRESS: 2021 if (optlen >= CILEN_BSD_COMPRESS) { 2022 printer(arg, "bsd v%d %d", BSD_VERSION(p[2]), 2023 BSD_NBITS(p[2])); 2024 p += CILEN_BSD_COMPRESS; 2025 } 2026 break; 2027 case CI_PREDICTOR_1: 2028 if (optlen >= CILEN_PREDICTOR_1) { 2029 printer(arg, "predictor 1"); 2030 p += CILEN_PREDICTOR_1; 2031 } 2032 break; 2033 case CI_PREDICTOR_2: 2034 if (optlen >= CILEN_PREDICTOR_2) { 2035 printer(arg, "predictor 2"); 2036 p += CILEN_PREDICTOR_2; 2037 } 2038 break; 2039 } 2040 while (p < optend) 2041 printer(arg, " %.2x", *p++); 2042 printer(arg, ">"); 2043 } 2044 break; 2045 2046 case TERMACK: 2047 case TERMREQ: 2048 if (len > 0 && *p >= ' ' && *p < 0x7f) { 2049 print_string((char *)p, len, printer, arg); 2050 p += len; 2051 len = 0; 2052 } 2053 break; 2054 } 2055 2056 /* dump out the rest of the packet in hex */ 2057 while (--len >= 0) 2058 printer(arg, " %.2x", *p++); 2059 2060 return p - p0; 2061} 2062 2063/* 2064 * We have received a packet that the decompressor failed to 2065 * decompress. Here we would expect to issue a reset-request, but 2066 * Motorola has a patent on resetting the compressor as a result of 2067 * detecting an error in the decompressed data after decompression. 2068 * (See US patent 5,130,993; international patent publication number 2069 * WO 91/10289; Australian patent 73296/91.) 2070 * 2071 * So we ask the kernel whether the error was detected after 2072 * decompression; if it was, we take CCP down, thus disabling 2073 * compression :-(, otherwise we issue the reset-request. 2074 */ 2075static void 2076ccp_datainput(unit, pkt, len) 2077 int unit; 2078 u_char *pkt; 2079 int len; 2080{ 2081 fsm *f; 2082 2083 f = &ccp_fsm[unit]; 2084 if (f->state == OPENED) { 2085 if (ccp_fatal_error(unit)) { 2086 /* 2087 * Disable compression by taking CCP down. 2088 */ 2089 error("Lost compression sync: disabling compression"); 2090 ccp_close(unit, "Lost compression sync"); 2091#ifdef MPPE 2092 /* My module dosn't need this. J.D., 2003-07-06 */ 2093 /* 2094 * If we were doing MPPE, we must also take the link down. 2095 */ 2096 if (ccp_gotoptions[unit].mppe) { 2097 error("Too many MPPE errors, closing LCP"); 2098 lcp_close(unit, "Too many MPPE errors"); 2099 } 2100#endif /* MPPE */ 2101 } else { 2102 /* 2103 * When LZS or MPPE/MPPC is negotiated we just send CCP_RESETREQ 2104 * and don't wait for CCP_RESETACK 2105 */ 2106 if ((ccp_gotoptions[f->unit].method == CI_LZS) || 2107 (ccp_gotoptions[f->unit].method == CI_MPPE)) { 2108 fsm_sdata(f, CCP_RESETREQ, f->reqid = ++f->id, NULL, 0); 2109 return; 2110 } 2111 /* 2112 * Send a reset-request to reset the peer's compressor. 2113 * We don't do that if we are still waiting for an 2114 * acknowledgement to a previous reset-request. 2115 */ 2116 if (!(ccp_localstate[f->unit] & RACK_PENDING)) { 2117 fsm_sdata(f, CCP_RESETREQ, f->reqid = ++f->id, NULL, 0); 2118 TIMEOUT(ccp_rack_timeout, f, RACKTIMEOUT); 2119 ccp_localstate[f->unit] |= RACK_PENDING; 2120 } else 2121 ccp_localstate[f->unit] |= RREQ_REPEAT; 2122 } 2123 } 2124} 2125 2126/* 2127 * Timeout waiting for reset-ack. 2128 */ 2129static void 2130ccp_rack_timeout(arg) 2131 void *arg; 2132{ 2133 fsm *f = arg; 2134 2135 if (f->state == OPENED && ccp_localstate[f->unit] & RREQ_REPEAT) { 2136 fsm_sdata(f, CCP_RESETREQ, f->reqid, NULL, 0); 2137 TIMEOUT(ccp_rack_timeout, f, RACKTIMEOUT); 2138 ccp_localstate[f->unit] &= ~RREQ_REPEAT; 2139 } else 2140 ccp_localstate[f->unit] &= ~RACK_PENDING; 2141} 2142