1/* 2 * ppp_mppe_mppc.c - MPPC/MPPE "compressor/decompressor" module. 3 * 4 * Copyright (c) 1994 �rp�d Magos�nyi <mag@bunuel.tii.matav.hu> 5 * Copyright (c) 1999 Tim Hockin, Cobalt Networks Inc. <thockin@cobaltnet.com> 6 * Copyright (c) 2002-2004 Jan Dubiec <jdx@slackware.pl> 7 * 8 * Permission to use, copy, modify, and distribute this software and its 9 * documentation is hereby granted, provided that the above copyright 10 * notice appears in all copies. This software is provided without any 11 * warranty, express or implied. 12 * 13 * The code is based on MPPE kernel module written by �rp�d Magos�nyi and 14 * Tim Hockin which can be found on http://planetmirror.com/pub/mppe/. 15 * I have added MPPC and 56 bit session keys support in MPPE. 16 * 17 * WARNING! Although this is open source code, its usage in some countries 18 * (in particular in the USA) may violate Stac Inc. patent for MPPC. 19 * 20 * ==FILEVERSION 20041123== 21 * 22 */ 23 24#include <linux/init.h> 25#include <linux/module.h> 26#include <linux/mm.h> 27#include <linux/slab.h> 28#include <asm/scatterlist.h> 29#include <linux/vmalloc.h> 30#include <linux/crypto.h> 31 32#include <linux/ppp_defs.h> 33#include <linux/ppp-comp.h> 34 35/* 36 * State for a mppc/mppe "(de)compressor". 37 */ 38struct ppp_mppe_state { 39 struct crypto_tfm *arc4_tfm; 40 struct crypto_hash *sha1_tfm; 41 u8 *sha1_digest; 42 u8 master_key[MPPE_MAX_KEY_LEN]; 43 u8 session_key[MPPE_MAX_KEY_LEN]; 44 u8 mppc; /* do we use compression (MPPC)? */ 45 u8 mppe; /* do we use encryption (MPPE)? */ 46 u8 keylen; /* key length in bytes */ 47 u8 bitkeylen; /* key length in bits */ 48 u16 ccount; /* coherency counter */ 49 u16 bits; /* MPPC/MPPE control bits */ 50 u8 stateless; /* do we use stateless mode? */ 51 u8 nextflushed; /* set A bit in the next outgoing packet; 52 used only by compressor*/ 53 u8 flushexpected; /* drop packets until A bit is received; 54 used only by decompressor*/ 55 u8 *hist; /* MPPC history */ 56 u16 *hash; /* Hash table; used only by compressor */ 57 u16 histptr; /* history "cursor" */ 58 int unit; 59 int debug; 60 int mru; 61 struct compstat stats; 62}; 63 64#define MPPE_HIST_LEN 8192 /* MPPC history size */ 65#define MPPE_MAX_CCOUNT 0x0FFF /* max. coherency counter value */ 66 67#define MPPE_BIT_FLUSHED 0x80 /* bit A */ 68#define MPPE_BIT_RESET 0x40 /* bit B */ 69#define MPPE_BIT_COMP 0x20 /* bit C */ 70#define MPPE_BIT_ENCRYPTED 0x10 /* bit D */ 71 72#define MPPE_SALT0 0xD1 /* values used in MPPE key derivation */ 73#define MPPE_SALT1 0x26 /* according to RFC3079 */ 74#define MPPE_SALT2 0x9E 75 76#define MPPE_CCOUNT(x) ((((x)[4] & 0x0f) << 8) + (x)[5]) 77#define MPPE_BITS(x) ((x)[4] & 0xf0) 78#define MPPE_CTRLHI(x) ((((x)->ccount & 0xf00)>>8)|((x)->bits)) 79#define MPPE_CTRLLO(x) ((x)->ccount & 0xff) 80 81/* 82 * Kernel Crypto API needs its arguments to be in kmalloc'd memory, not in the 83 * module static data area. That means sha_pad needs to be kmalloc'd. It is done 84 * in mppe_module_init(). This has been pointed out on 30th July 2004 by Oleg 85 * Makarenko on pptpclient-devel mailing list. 86 */ 87#define SHA1_PAD_SIZE 40 88struct sha_pad { 89 unsigned char sha_pad1[SHA1_PAD_SIZE]; 90 unsigned char sha_pad2[SHA1_PAD_SIZE]; 91}; 92static struct sha_pad *sha_pad; 93 94static unsigned int 95setup_sg(struct scatterlist *sg, const void *address, unsigned int length) 96{ 97 sg[0].page_link = virt_to_page(address); 98 sg[0].offset = offset_in_page(address); 99 sg[0].length = length; 100 return length; 101} 102 103static inline void 104arc4_setkey(struct ppp_mppe_state *state, const unsigned char *key, 105 const unsigned int keylen) 106{ 107 crypto_cipher_setkey(state->arc4_tfm, key, keylen); 108} 109 110static inline void 111arc4_encrypt(struct ppp_mppe_state *state, const unsigned char *in, 112 const unsigned int len, unsigned char *out) 113{ 114 int i; 115 for (i = 0; i < len; i++) 116 { 117 crypto_cipher_encrypt_one(state->arc4_tfm, out+i, in+i); 118 } 119} 120 121 122#define arc4_decrypt arc4_encrypt 123 124/* 125 * Key Derivation, from RFC 3078, RFC 3079. 126 * Equivalent to Get_Key() for MS-CHAP as described in RFC 3079. 127 */ 128static void 129get_new_key_from_sha(struct ppp_mppe_state *state, unsigned char *interim_key) 130{ 131 struct hash_desc desc; 132 struct scatterlist sg[4]; 133 unsigned int nbytes; 134 135 136 nbytes = setup_sg(&sg[0], state->master_key, state->keylen); 137 nbytes += setup_sg(&sg[1], sha_pad->sha_pad1, 138 sizeof(sha_pad->sha_pad1)); 139 nbytes += setup_sg(&sg[2], state->session_key, state->keylen); 140 nbytes += setup_sg(&sg[3], sha_pad->sha_pad2, 141 sizeof(sha_pad->sha_pad2)); 142 143 desc.tfm = state->sha1_tfm; 144 desc.flags = 0; 145 146 crypto_hash_digest(&desc, sg, nbytes, state->sha1_digest); 147 memcpy(interim_key, state->sha1_digest, state->keylen); 148} 149 150static void 151mppe_change_key(struct ppp_mppe_state *state, int initialize) 152{ 153 unsigned char interim_key[MPPE_MAX_KEY_LEN]; 154 155 get_new_key_from_sha(state, interim_key); 156 if (initialize) { 157 memcpy(state->session_key, interim_key, state->keylen); 158 } else { 159 arc4_setkey(state, interim_key, state->keylen); 160 arc4_encrypt(state, interim_key, state->keylen, state->session_key); 161 } 162 if (state->keylen == 8) { 163 if (state->bitkeylen == 40) { 164 state->session_key[0] = MPPE_SALT0; 165 state->session_key[1] = MPPE_SALT1; 166 state->session_key[2] = MPPE_SALT2; 167 } else { 168 state->session_key[0] = MPPE_SALT0; 169 } 170 } 171 arc4_setkey(state, state->session_key, state->keylen); 172} 173 174/* increase 12-bit coherency counter */ 175static inline void 176mppe_increase_ccount(struct ppp_mppe_state *state) 177{ 178 state->ccount = (state->ccount + 1) & MPPE_MAX_CCOUNT; 179 if (state->mppe) { 180 if (state->stateless) { 181 mppe_change_key(state, 0); 182 state->nextflushed = 1; 183 } else { 184 if ((state->ccount & 0xff) == 0xff) { 185 mppe_change_key(state, 0); 186 } 187 } 188 } 189} 190 191/* allocate space for a MPPE/MPPC (de)compressor. */ 192/* comp != 0 -> init compressor */ 193/* comp = 0 -> init decompressor */ 194static void * 195mppe_alloc(unsigned char *options, int opt_len, int comp) 196{ 197 struct ppp_mppe_state *state; 198 unsigned int digestsize; 199 u8* fname; 200 201 fname = comp ? "mppe_comp_alloc" : "mppe_decomp_alloc"; 202 203 /* 204 * Hack warning - additionally to the standard MPPC/MPPE configuration 205 * options, pppd passes to the (de)copressor 8 or 16 byte session key. 206 * Therefore options[1] contains MPPC/MPPE configuration option length 207 * (CILEN_MPPE = 6), but the real options length, depending on the key 208 * length, is 6+8 or 6+16. 209 */ 210 if (opt_len < CILEN_MPPE) { 211 printk(KERN_WARNING "%s: wrong options length: %u\n", fname, opt_len); 212 return NULL; 213 } 214 215 if (options[0] != CI_MPPE || options[1] != CILEN_MPPE || 216 (options[2] & ~MPPE_STATELESS) != 0 || 217 options[3] != 0 || options[4] != 0 || 218 (options[5] & ~(MPPE_128BIT|MPPE_56BIT|MPPE_40BIT|MPPE_MPPC)) != 0 || 219 (options[5] & (MPPE_128BIT|MPPE_56BIT|MPPE_40BIT|MPPE_MPPC)) == 0) { 220 printk(KERN_WARNING "%s: options rejected: o[0]=%02x, o[1]=%02x, " 221 "o[2]=%02x, o[3]=%02x, o[4]=%02x, o[5]=%02x\n", fname, options[0], 222 options[1], options[2], options[3], options[4], options[5]); 223 return NULL; 224 } 225 226 state = (struct ppp_mppe_state *)kmalloc(sizeof(*state), GFP_KERNEL); 227 if (state == NULL) { 228 printk(KERN_ERR "%s: cannot allocate space for %scompressor\n", fname, 229 comp ? "" : "de"); 230 return NULL; 231 } 232 memset(state, 0, sizeof(struct ppp_mppe_state)); 233 234 state->mppc = options[5] & MPPE_MPPC; /* Do we use MPPC? */ 235 state->mppe = options[5] & (MPPE_128BIT | MPPE_56BIT | 236 MPPE_40BIT); /* Do we use MPPE? */ 237 238 if (state->mppc) { 239 /* allocate MPPC history */ 240 state->hist = (u8*)vmalloc(2*MPPE_HIST_LEN*sizeof(u8)); 241 if (state->hist == NULL) { 242 kfree(state); 243 printk(KERN_ERR "%s: cannot allocate space for MPPC history\n", 244 fname); 245 return NULL; 246 } 247 248 /* allocate hashtable for MPPC compressor */ 249 if (comp) { 250 state->hash = (u16*)vmalloc(MPPE_HIST_LEN*sizeof(u16)); 251 if (state->hash == NULL) { 252 vfree(state->hist); 253 kfree(state); 254 printk(KERN_ERR "%s: cannot allocate space for MPPC history\n", 255 fname); 256 return NULL; 257 } 258 } 259 } 260 261 if (state->mppe) { /* specific for MPPE */ 262 /* Load ARC4 algorithm */ 263 state->arc4_tfm = crypto_alloc_base("arc4", 0, 0); 264 if (state->arc4_tfm == NULL) { 265 if (state->mppc) { 266 vfree(state->hash); 267 if (comp) 268 vfree(state->hist); 269 } 270 kfree(state); 271 printk(KERN_ERR "%s: cannot load ARC4 module\n", fname); 272 return NULL; 273 } 274 275 /* Load SHA1 algorithm */ 276 state->sha1_tfm = crypto_alloc_hash("sha1", 0, CRYPTO_ALG_ASYNC); 277 if (state->sha1_tfm == NULL) { 278 crypto_free_tfm(state->arc4_tfm); 279 if (state->mppc) { 280 vfree(state->hash); 281 if (comp) 282 vfree(state->hist); 283 } 284 kfree(state); 285 printk(KERN_ERR "%s: cannot load SHA1 module\n", fname); 286 return NULL; 287 } 288 289 digestsize = crypto_hash_digestsize(state->sha1_tfm); 290 if (digestsize < MPPE_MAX_KEY_LEN) { 291 crypto_free_hash(state->sha1_tfm); 292 crypto_free_tfm(state->arc4_tfm); 293 if (state->mppc) { 294 vfree(state->hash); 295 if (comp) 296 vfree(state->hist); 297 } 298 kfree(state); 299 printk(KERN_ERR "%s: CryptoAPI SHA1 digest size too small\n", fname); 300 } 301 302 state->sha1_digest = kmalloc(digestsize, GFP_KERNEL); 303 if (!state->sha1_digest) { 304 crypto_free_hash(state->sha1_tfm); 305 crypto_free_tfm(state->arc4_tfm); 306 if (state->mppc) { 307 vfree(state->hash); 308 if (comp) 309 vfree(state->hist); 310 } 311 kfree(state); 312 printk(KERN_ERR "%s: cannot allocate space for SHA1 digest\n", fname); 313 } 314 315 memcpy(state->master_key, options+CILEN_MPPE, MPPE_MAX_KEY_LEN); 316 memcpy(state->session_key, state->master_key, MPPE_MAX_KEY_LEN); 317 /* initial key generation is done in mppe_init() */ 318 } 319 320 return (void *) state; 321} 322 323static void * 324mppe_comp_alloc(unsigned char *options, int opt_len) 325{ 326 return mppe_alloc(options, opt_len, 1); 327} 328 329static void * 330mppe_decomp_alloc(unsigned char *options, int opt_len) 331{ 332 return mppe_alloc(options, opt_len, 0); 333} 334 335/* cleanup the (de)compressor */ 336static void 337mppe_comp_free(void *arg) 338{ 339 struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; 340 341 if (state != NULL) { 342 if (state->mppe) { 343 if (state->sha1_digest != NULL) 344 kfree(state->sha1_digest); 345 if (state->sha1_tfm != NULL) 346 crypto_free_hash(state->sha1_tfm); 347 if (state->arc4_tfm != NULL) 348 crypto_free_tfm(state->arc4_tfm); 349 } 350 if (state->hist != NULL) 351 vfree(state->hist); 352 if (state->hash != NULL) 353 vfree(state->hash); 354 kfree(state); 355 } 356} 357 358/* init MPPC/MPPE (de)compresor */ 359/* comp != 0 -> init compressor */ 360/* comp = 0 -> init decompressor */ 361static int 362mppe_init(void *arg, unsigned char *options, int opt_len, int unit, 363 int hdrlen, int mru, int debug, int comp) 364{ 365 struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; 366 u8* fname; 367 368 fname = comp ? "mppe_comp_init" : "mppe_decomp_init"; 369 370 if (opt_len < CILEN_MPPE) { 371 if (debug) 372 printk(KERN_WARNING "%s: wrong options length: %u\n", 373 fname, opt_len); 374 return 0; 375 } 376 377 if (options[0] != CI_MPPE || options[1] != CILEN_MPPE || 378 (options[2] & ~MPPE_STATELESS) != 0 || 379 options[3] != 0 || options[4] != 0 || 380 (options[5] & ~(MPPE_56BIT|MPPE_128BIT|MPPE_40BIT|MPPE_MPPC)) != 0 || 381 (options[5] & (MPPE_56BIT|MPPE_128BIT|MPPE_40BIT|MPPE_MPPC)) == 0) { 382 if (debug) 383 printk(KERN_WARNING "%s: options rejected: o[0]=%02x, o[1]=%02x, " 384 "o[2]=%02x, o[3]=%02x, o[4]=%02x, o[5]=%02x\n", fname, 385 options[0], options[1], options[2], options[3], options[4], 386 options[5]); 387 return 0; 388 } 389 390 if ((options[5] & ~MPPE_MPPC) != MPPE_128BIT && 391 (options[5] & ~MPPE_MPPC) != MPPE_56BIT && 392 (options[5] & ~MPPE_MPPC) != MPPE_40BIT && 393 (options[5] & MPPE_MPPC) != MPPE_MPPC) { 394 if (debug) 395 printk(KERN_WARNING "%s: don't know what to do: o[5]=%02x\n", 396 fname, options[5]); 397 return 0; 398 } 399 400 state->mppc = options[5] & MPPE_MPPC; /* Do we use MPPC? */ 401 state->mppe = options[5] & (MPPE_128BIT | MPPE_56BIT | 402 MPPE_40BIT); /* Do we use MPPE? */ 403 state->stateless = options[2] & MPPE_STATELESS; /* Do we use stateless mode? */ 404 405 switch (state->mppe) { 406 case MPPE_40BIT: /* 40 bit key */ 407 state->keylen = 8; 408 state->bitkeylen = 40; 409 break; 410 case MPPE_56BIT: /* 56 bit key */ 411 state->keylen = 8; 412 state->bitkeylen = 56; 413 break; 414 case MPPE_128BIT: /* 128 bit key */ 415 state->keylen = 16; 416 state->bitkeylen = 128; 417 break; 418 default: 419 state->keylen = 0; 420 state->bitkeylen = 0; 421 } 422 423 state->ccount = MPPE_MAX_CCOUNT; 424 state->bits = 0; 425 state->unit = unit; 426 state->debug = debug; 427 state->histptr = MPPE_HIST_LEN; 428 if (state->mppc) { /* reset history if MPPC was negotiated */ 429 memset(state->hist, 0, 2*MPPE_HIST_LEN*sizeof(u8)); 430 } 431 432 if (state->mppe) { /* generate initial session keys */ 433 mppe_change_key(state, 1); 434 } 435 436 if (comp) { /* specific for compressor */ 437 state->nextflushed = 1; 438 } else { /* specific for decompressor */ 439 state->mru = mru; 440 state->flushexpected = 1; 441 } 442 443 return 1; 444} 445 446static int 447mppe_comp_init(void *arg, unsigned char *options, int opt_len, int unit, 448 int hdrlen, int debug) 449{ 450 return mppe_init(arg, options, opt_len, unit, hdrlen, 0, debug, 1); 451} 452 453 454static int 455mppe_decomp_init(void *arg, unsigned char *options, int opt_len, int unit, 456 int hdrlen, int mru, int debug) 457{ 458 return mppe_init(arg, options, opt_len, unit, hdrlen, mru, debug, 0); 459} 460 461static void 462mppe_comp_reset(void *arg) 463{ 464 struct ppp_mppe_state *state = (struct ppp_mppe_state *)arg; 465 466 if (state->debug) 467 printk(KERN_DEBUG "%s%d: resetting MPPC/MPPE compressor\n", 468 __FUNCTION__, state->unit); 469 470 state->nextflushed = 1; 471 if (state->mppe) 472 arc4_setkey(state, state->session_key, state->keylen); 473} 474 475static void 476mppe_decomp_reset(void *arg) 477{ 478 /* When MPPC/MPPE is in use, we shouldn't receive any CCP Reset-Ack. 479 But when we receive such a packet, we just ignore it. */ 480 return; 481} 482 483static void 484mppe_stats(void *arg, struct compstat *stats) 485{ 486 struct ppp_mppe_state *state = (struct ppp_mppe_state *)arg; 487 488 *stats = state->stats; 489} 490 491/***************************/ 492/**** Compression stuff ****/ 493/***************************/ 494/* inserts 1 to 8 bits into the output buffer */ 495static inline void putbits8(u8 *buf, u32 val, const u32 n, u32 *i, u32 *l) 496{ 497 buf += *i; 498 if (*l >= n) { 499 *l = (*l) - n; 500 val <<= *l; 501 *buf = *buf | (val & 0xff); 502 if (*l == 0) { 503 *l = 8; 504 (*i)++; 505 *(++buf) = 0; 506 } 507 } else { 508 (*i)++; 509 *l = 8 - n + (*l); 510 val <<= *l; 511 *buf = *buf | ((val >> 8) & 0xff); 512 *(++buf) = val & 0xff; 513 } 514} 515 516/* inserts 9 to 16 bits into the output buffer */ 517static inline void putbits16(u8 *buf, u32 val, const u32 n, u32 *i, u32 *l) 518{ 519 buf += *i; 520 if (*l >= n - 8) { 521 (*i)++; 522 *l = 8 - n + (*l); 523 val <<= *l; 524 *buf = *buf | ((val >> 8) & 0xff); 525 *(++buf) = val & 0xff; 526 if (*l == 0) { 527 *l = 8; 528 (*i)++; 529 *(++buf) = 0; 530 } 531 } else { 532 (*i)++; (*i)++; 533 *l = 16 - n + (*l); 534 val <<= *l; 535 *buf = *buf | ((val >> 16) & 0xff); 536 *(++buf) = (val >> 8) & 0xff; 537 *(++buf) = val & 0xff; 538 } 539} 540 541/* inserts 17 to 24 bits into the output buffer */ 542static inline void putbits24(u8 *buf, u32 val, const u32 n, u32 *i, u32 *l) 543{ 544 buf += *i; 545 if (*l >= n - 16) { 546 (*i)++; (*i)++; 547 *l = 16 - n + (*l); 548 val <<= *l; 549 *buf = *buf | ((val >> 16) & 0xff); 550 *(++buf) = (val >> 8) & 0xff; 551 *(++buf) = val & 0xff; 552 if (*l == 0) { 553 *l = 8; 554 (*i)++; 555 *(++buf) = 0; 556 } 557 } else { 558 (*i)++; (*i)++; (*i)++; 559 *l = 24 - n + (*l); 560 val <<= *l; 561 *buf = *buf | ((val >> 24) & 0xff); 562 *(++buf) = (val >> 16) & 0xff; 563 *(++buf) = (val >> 8) & 0xff; 564 *(++buf) = val & 0xff; 565 } 566} 567 568static int 569mppc_compress(struct ppp_mppe_state *state, unsigned char *ibuf, 570 unsigned char *obuf, int isize, int osize) 571{ 572 u32 olen, off, len, idx, i, l; 573 u8 *hist, *sbuf, *p, *q, *r, *s; 574 575 /* 576 At this point, to avoid possible buffer overflow caused by packet 577 expansion during/after compression, we should make sure that 578 osize >= (((isize*9)/8)+1)+2, but we don't do that because in 579 ppp_generic.c we simply allocate bigger obuf. 580 581 Maximum MPPC packet expansion is 12.5%. This is the worst case when 582 all octets in the input buffer are >= 0x80 and we cannot find any 583 repeated tokens. Additionally we have to reserve 2 bytes for MPPE/MPPC 584 status bits and coherency counter. 585 */ 586 587 hist = state->hist + MPPE_HIST_LEN; 588 /* check if there is enough room at the end of the history */ 589 if (state->histptr + isize >= 2*MPPE_HIST_LEN) { 590 state->bits |= MPPE_BIT_RESET; 591 state->histptr = MPPE_HIST_LEN; 592 memcpy(state->hist, hist, MPPE_HIST_LEN); 593 } 594 /* add packet to the history; isize must be <= MPPE_HIST_LEN */ 595 sbuf = state->hist + state->histptr; 596 memcpy(sbuf, ibuf, isize); 597 state->histptr += isize; 598 599 /* compress data */ 600 r = sbuf + isize; 601 *obuf = olen = i = 0; 602 l = 8; 603 while (i < isize - 2) { 604 s = q = sbuf + i; 605 idx = ((40543*((((s[0]<<4)^s[1])<<4)^s[2]))>>4) & 0x1fff; 606 p = hist + state->hash[idx]; 607 state->hash[idx] = (u16) (s - hist); 608 off = s - p; 609 if (off > MPPE_HIST_LEN - 1 || off < 1 || *p++ != *s++ || *p++ != *s++ || 610 *p++ != *s++) { 611 /* no match found; encode literal byte */ 612 if (ibuf[i] < 0x80) { /* literal byte < 0x80 */ 613 putbits8(obuf, (u32) ibuf[i], 8, &olen, &l); 614 } else { /* literal byte >= 0x80 */ 615 putbits16(obuf, (u32) (0x100|(ibuf[i]&0x7f)), 9, &olen, &l); 616 } 617 ++i; 618 continue; 619 } 620 if (r - q >= 64) { 621 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 622 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 623 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 624 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 625 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 626 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 627 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 628 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 629 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 630 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 631 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 632 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 633 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 634 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 635 *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || 636 *p++ != *s++; 637 if (s - q == 64) { 638 p--; s--; 639 while((*p++ == *s++) && (s < r) && (p < q)); 640 } 641 } else { 642 while((*p++ == *s++) && (s < r) && (p < q)); 643 } 644 len = s - q - 1; 645 i += len; 646 647 /* at least 3 character match found; code data */ 648 /* encode offset */ 649 if (off < 64) { /* 10-bit offset; 0 <= offset < 64 */ 650 putbits16(obuf, 0x3c0|off, 10, &olen, &l); 651 } else if (off < 320) { /* 12-bit offset; 64 <= offset < 320 */ 652 putbits16(obuf, 0xe00|(off-64), 12, &olen, &l); 653 } else if (off < 8192) { /* 16-bit offset; 320 <= offset < 8192 */ 654 putbits16(obuf, 0xc000|(off-320), 16, &olen, &l); 655 } else { 656 /* This shouldn't happen; we return 0 what means "packet expands", 657 and we send packet uncompressed. */ 658 if (state->debug) 659 printk(KERN_DEBUG "%s%d: wrong offset value: %d\n", 660 __FUNCTION__, state->unit, off); 661 return 0; 662 } 663 /* encode length of match */ 664 if (len < 4) { /* length = 3 */ 665 putbits8(obuf, 0, 1, &olen, &l); 666 } else if (len < 8) { /* 4 <= length < 8 */ 667 putbits8(obuf, 0x08|(len&0x03), 4, &olen, &l); 668 } else if (len < 16) { /* 8 <= length < 16 */ 669 putbits8(obuf, 0x30|(len&0x07), 6, &olen, &l); 670 } else if (len < 32) { /* 16 <= length < 32 */ 671 putbits8(obuf, 0xe0|(len&0x0f), 8, &olen, &l); 672 } else if (len < 64) { /* 32 <= length < 64 */ 673 putbits16(obuf, 0x3c0|(len&0x1f), 10, &olen, &l); 674 } else if (len < 128) { /* 64 <= length < 128 */ 675 putbits16(obuf, 0xf80|(len&0x3f), 12, &olen, &l); 676 } else if (len < 256) { /* 128 <= length < 256 */ 677 putbits16(obuf, 0x3f00|(len&0x7f), 14, &olen, &l); 678 } else if (len < 512) { /* 256 <= length < 512 */ 679 putbits16(obuf, 0xfe00|(len&0xff), 16, &olen, &l); 680 } else if (len < 1024) { /* 512 <= length < 1024 */ 681 putbits24(obuf, 0x3fc00|(len&0x1ff), 18, &olen, &l); 682 } else if (len < 2048) { /* 1024 <= length < 2048 */ 683 putbits24(obuf, 0xff800|(len&0x3ff), 20, &olen, &l); 684 } else if (len < 4096) { /* 2048 <= length < 4096 */ 685 putbits24(obuf, 0x3ff000|(len&0x7ff), 22, &olen, &l); 686 } else if (len < 8192) { /* 4096 <= length < 8192 */ 687 putbits24(obuf, 0xffe000|(len&0xfff), 24, &olen, &l); 688 } else { 689 /* This shouldn't happen; we return 0 what means "packet expands", 690 and send packet uncompressed. */ 691 if (state->debug) 692 printk(KERN_DEBUG "%s%d: wrong length of match value: %d\n", 693 __FUNCTION__, state->unit, len); 694 return 0; 695 } 696 } 697 698 /* Add remaining octets to the output */ 699 while(isize - i > 0) { 700 if (ibuf[i] < 0x80) { /* literal byte < 0x80 */ 701 putbits8(obuf, (u32) ibuf[i++], 8, &olen, &l); 702 } else { /* literal byte >= 0x80 */ 703 putbits16(obuf, (u32) (0x100|(ibuf[i++]&0x7f)), 9, &olen, &l); 704 } 705 } 706 /* Reset unused bits of the last output octet */ 707 if ((l != 0) && (l != 8)) { 708 putbits8(obuf, 0, l, &olen, &l); 709 } 710 711 return (int) olen; 712} 713 714int 715mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf, 716 int isize, int osize) 717{ 718 struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; 719 int proto, olen, complen, off; 720 unsigned char *wptr; 721 722 /* Check that the protocol is in the range we handle. */ 723 proto = PPP_PROTOCOL(ibuf); 724 if (proto < 0x0021 || proto > 0x00fa) 725 return 0; 726 727 wptr = obuf; 728 /* Copy over the PPP header */ 729 wptr[0] = PPP_ADDRESS(ibuf); 730 wptr[1] = PPP_CONTROL(ibuf); 731 wptr[2] = PPP_COMP >> 8; 732 wptr[3] = PPP_COMP; 733 wptr += PPP_HDRLEN + (MPPE_OVHD / 2); /* Leave two octets for MPPE/MPPC bits */ 734 735 /* 736 * In ver. 0.99 protocol field was compressed. Deflate and BSD compress 737 * do PFC before actual compression, RCF2118 and RFC3078 are not precise 738 * on this topic so I decided to do PFC. Unfortunately this change caused 739 * incompatibility with older/other MPPE/MPPC modules. I have received 740 * a lot of complaints from unexperienced users so I have decided to revert 741 * to previous state, i.e. the protocol field is sent uncompressed now. 742 * Although this may be changed in the future. 743 * 744 * Receiving side (mppe_decompress()) still accepts packets with compressed 745 * and uncompressed protocol field so you shouldn't get "Unsupported protocol 746 * 0x2145 received" messages anymore. 747 */ 748 //off = (proto > 0xff) ? 2 : 3; /* PFC - skip first protocol byte if 0 */ 749 off = 2; 750 751 ibuf += off; 752 753 mppe_increase_ccount(state); 754 755 if (state->nextflushed) { 756 state->bits |= MPPE_BIT_FLUSHED; 757 state->nextflushed = 0; 758 if (state->mppe && !state->stateless) { 759 /* 760 * If this is the flag packet, the key has been already changed in 761 * mppe_increase_ccount() so we dont't do it once again. 762 */ 763 if ((state->ccount & 0xff) != 0xff) { 764 arc4_setkey(state, state->session_key, state->keylen); 765 } 766 } 767 if (state->mppc) { /* reset history */ 768 state->bits |= MPPE_BIT_RESET; 769 state->histptr = MPPE_HIST_LEN; 770 memset(state->hist + MPPE_HIST_LEN, 0, MPPE_HIST_LEN*sizeof(u8)); 771 } 772 } 773 774 if (state->mppc && !state->mppe) { /* Do only compression */ 775 complen = mppc_compress(state, ibuf, wptr, isize - off, 776 osize - PPP_HDRLEN - (MPPE_OVHD / 2)); 777 /* 778 * TODO: Implement an heuristics to handle packet expansion in a smart 779 * way. Now, when a packet expands, we send it as uncompressed and 780 * when next packet is sent we have to reset compressor's history. 781 * Maybe it would be better to send such packet as compressed in order 782 * to keep history's continuity. 783 */ 784 if ((complen > isize) || (complen > osize - PPP_HDRLEN) || 785 (complen == 0)) { 786 /* packet expands */ 787 state->nextflushed = 1; 788 memcpy(wptr, ibuf, isize - off); 789 olen = isize - (off - 2) + MPPE_OVHD; 790 (state->stats).inc_bytes += olen; 791 (state->stats).inc_packets++; 792 } else { 793 state->bits |= MPPE_BIT_COMP; 794 olen = complen + PPP_HDRLEN + (MPPE_OVHD / 2); 795 (state->stats).comp_bytes += olen; 796 (state->stats).comp_packets++; 797 } 798 } else { /* Do encryption with or without compression */ 799 state->bits |= MPPE_BIT_ENCRYPTED; 800 if (!state->mppc && state->mppe) { /* Do only encryption */ 801 /* read from ibuf, write to wptr, adjust for PPP_HDRLEN */ 802 arc4_encrypt(state, ibuf, isize - off, wptr); 803 olen = isize - (off - 2) + MPPE_OVHD; 804 (state->stats).inc_bytes += olen; 805 (state->stats).inc_packets++; 806 } else { /* Do compression and then encryption - RFC3078 */ 807 complen = mppc_compress(state, ibuf, wptr, isize - off, 808 osize - PPP_HDRLEN - (MPPE_OVHD / 2)); 809 /* 810 * TODO: Implement an heuristics to handle packet expansion in a smart 811 * way. Now, when a packet expands, we send it as uncompressed and 812 * when next packet is sent we have to reset compressor's history. 813 * Maybe it would be good to send such packet as compressed in order 814 * to keep history's continuity. 815 */ 816 if ((complen > isize) || (complen > osize - PPP_HDRLEN) || 817 (complen == 0)) { 818 /* packet expands */ 819 state->nextflushed = 1; 820 arc4_encrypt(state, ibuf, isize - off, wptr); 821 olen = isize - (off - 2) + MPPE_OVHD; 822 (state->stats).inc_bytes += olen; 823 (state->stats).inc_packets++; 824 } else { 825 state->bits |= MPPE_BIT_COMP; 826 /* Hack warning !!! RC4 implementation which we use does 827 encryption "in place" - it means that input and output 828 buffers can be *the same* memory area. Therefore we don't 829 need to use a temporary buffer. But be careful - other 830 implementations don't have to be so nice. 831 I used to use ibuf as temporary buffer here, but it led 832 packet sniffers into error. Thanks to Wilfried Weissmann 833 for pointing that. */ 834 arc4_encrypt(state, wptr, complen, wptr); 835 olen = complen + PPP_HDRLEN + (MPPE_OVHD / 2); 836 (state->stats).comp_bytes += olen; 837 (state->stats).comp_packets++; 838 } 839 } 840 } 841 842 /* write status bits and coherency counter into the output buffer */ 843 wptr = obuf + PPP_HDRLEN; 844 wptr[0] = MPPE_CTRLHI(state); 845 wptr[1] = MPPE_CTRLLO(state); 846 847 state->bits = 0; 848 849 (state->stats).unc_bytes += isize; 850 (state->stats).unc_packets++; 851 852 return olen; 853} 854 855/***************************/ 856/*** Decompression stuff ***/ 857/***************************/ 858static inline u32 getbits(const u8 *buf, const u32 n, u32 *i, u32 *l) 859{ 860 static const u32 m[] = {0x00, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f, 0xff}; 861 u32 res, ol; 862 863 ol = *l; 864 if (*l >= n) { 865 *l = (*l) - n; 866 res = (buf[*i] & m[ol]) >> (*l); 867 if (*l == 0) { 868 *l = 8; 869 (*i)++; 870 } 871 } else { 872 *l = 8 - n + (*l); 873 res = (buf[(*i)++] & m[ol]) << 8; 874 res = (res | buf[*i]) >> (*l); 875 } 876 877 return res; 878} 879 880static inline u32 getbyte(const u8 *buf, const u32 i, const u32 l) 881{ 882 if (l == 8) { 883 return buf[i]; 884 } else { 885 return (((buf[i] << 8) | buf[i+1]) >> l) & 0xff; 886 } 887} 888 889static inline void lamecopy(u8 *dst, u8 *src, u32 len) 890{ 891 while (len--) 892 *dst++ = *src++; 893} 894 895static int 896mppc_decompress(struct ppp_mppe_state *state, unsigned char *ibuf, 897 unsigned char *obuf, int isize, int osize) 898{ 899 u32 olen, off, len, bits, val, sig, i, l; 900 u8 *history, *s; 901 902 history = state->hist + state->histptr; 903 olen = len = i = 0; 904 l = 8; 905 bits = isize * 8; 906 while (bits >= 8) { 907 val = getbyte(ibuf, i++, l); 908 if (val < 0x80) { /* literal byte < 0x80 */ 909 if (state->histptr < 2*MPPE_HIST_LEN) { 910 /* copy uncompressed byte to the history */ 911 (state->hist)[(state->histptr)++] = (u8) val; 912 } else { 913 /* buffer overflow; drop packet */ 914 if (state->debug) 915 printk(KERN_ERR "%s%d: trying to write outside history " 916 "buffer\n", __FUNCTION__, state->unit); 917 return DECOMP_ERROR; 918 } 919 olen++; 920 bits -= 8; 921 continue; 922 } 923 924 sig = val & 0xc0; 925 if (sig == 0x80) { /* literal byte >= 0x80 */ 926 if (state->histptr < 2*MPPE_HIST_LEN) { 927 /* copy uncompressed byte to the history */ 928 (state->hist)[(state->histptr)++] = 929 (u8) (0x80|((val&0x3f)<<1)|getbits(ibuf, 1 , &i ,&l)); 930 } else { 931 /* buffer overflow; drop packet */ 932 if (state->debug) 933 printk(KERN_ERR "%s%d: trying to write outside history " 934 "buffer\n", __FUNCTION__, state->unit); 935 return DECOMP_ERROR; 936 } 937 olen++; 938 bits -= 9; 939 continue; 940 } 941 942 /* Not a literal byte so it must be an (offset,length) pair */ 943 /* decode offset */ 944 sig = val & 0xf0; 945 if (sig == 0xf0) { /* 10-bit offset; 0 <= offset < 64 */ 946 off = (((val&0x0f)<<2)|getbits(ibuf, 2 , &i ,&l)); 947 bits -= 10; 948 } else { 949 if (sig == 0xe0) { /* 12-bit offset; 64 <= offset < 320 */ 950 off = ((((val&0x0f)<<4)|getbits(ibuf, 4 , &i ,&l))+64); 951 bits -= 12; 952 } else { 953 if ((sig&0xe0) == 0xc0) {/* 16-bit offset; 320 <= offset < 8192 */ 954 off = ((((val&0x1f)<<8)|getbyte(ibuf, i++, l))+320); 955 bits -= 16; 956 if (off > MPPE_HIST_LEN - 1) { 957 if (state->debug) 958 printk(KERN_DEBUG "%s%d: too big offset value: %d\n", 959 __FUNCTION__, state->unit, off); 960 return DECOMP_ERROR; 961 } 962 } else { /* this shouldn't happen */ 963 if (state->debug) 964 printk(KERN_DEBUG "%s%d: cannot decode offset value\n", 965 __FUNCTION__, state->unit); 966 return DECOMP_ERROR; 967 } 968 } 969 } 970 /* decode length of match */ 971 val = getbyte(ibuf, i, l); 972 if ((val & 0x80) == 0x00) { /* len = 3 */ 973 len = 3; 974 bits--; 975 getbits(ibuf, 1 , &i ,&l); 976 } else if ((val & 0xc0) == 0x80) { /* 4 <= len < 8 */ 977 len = 0x04 | ((val>>4) & 0x03); 978 bits -= 4; 979 getbits(ibuf, 4 , &i ,&l); 980 } else if ((val & 0xe0) == 0xc0) { /* 8 <= len < 16 */ 981 len = 0x08 | ((val>>2) & 0x07); 982 bits -= 6; 983 getbits(ibuf, 6 , &i ,&l); 984 } else if ((val & 0xf0) == 0xe0) { /* 16 <= len < 32 */ 985 len = 0x10 | (val & 0x0f); 986 bits -= 8; 987 i++; 988 } else { 989 bits -= 8; 990 val = (val << 8) | getbyte(ibuf, ++i, l); 991 if ((val & 0xf800) == 0xf000) { /* 32 <= len < 64 */ 992 len = 0x0020 | ((val >> 6) & 0x001f); 993 bits -= 2; 994 getbits(ibuf, 2 , &i ,&l); 995 } else if ((val & 0xfc00) == 0xf800) { /* 64 <= len < 128 */ 996 len = 0x0040 | ((val >> 4) & 0x003f); 997 bits -= 4; 998 getbits(ibuf, 4 , &i ,&l); 999 } else if ((val & 0xfe00) == 0xfc00) { /* 128 <= len < 256 */ 1000 len = 0x0080 | ((val >> 2) & 0x007f); 1001 bits -= 6; 1002 getbits(ibuf, 6 , &i ,&l); 1003 } else if ((val & 0xff00) == 0xfe00) { /* 256 <= len < 512 */ 1004 len = 0x0100 | (val & 0x00ff); 1005 bits -= 8; 1006 i++; 1007 } else { 1008 bits -= 8; 1009 val = (val << 8) | getbyte(ibuf, ++i, l); 1010 if ((val & 0xff8000) == 0xff0000) { /* 512 <= len < 1024 */ 1011 len = 0x000200 | ((val >> 6) & 0x0001ff); 1012 bits -= 2; 1013 getbits(ibuf, 2 , &i ,&l); 1014 } else if ((val & 0xffc000) == 0xff8000) {/* 1024 <= len < 2048 */ 1015 len = 0x000400 | ((val >> 4) & 0x0003ff); 1016 bits -= 4; 1017 getbits(ibuf, 4 , &i ,&l); 1018 } else if ((val & 0xffe000) == 0xffc000) {/* 2048 <= len < 4096 */ 1019 len = 0x000800 | ((val >> 2) & 0x0007ff); 1020 bits -= 6; 1021 getbits(ibuf, 6 , &i ,&l); 1022 } else if ((val & 0xfff000) == 0xffe000) {/* 4096 <= len < 8192 */ 1023 len = 0x001000 | (val & 0x000fff); 1024 bits -= 8; 1025 i++; 1026 } else { /* this shouldn't happen */ 1027 if (state->debug) 1028 printk(KERN_DEBUG "%s%d: wrong length code: 0x%X\n", 1029 __FUNCTION__, state->unit, val); 1030 return DECOMP_ERROR; 1031 } 1032 } 1033 } 1034 s = state->hist + state->histptr; 1035 state->histptr += len; 1036 olen += len; 1037 if (state->histptr < 2*MPPE_HIST_LEN) { 1038 /* copy uncompressed bytes to the history */ 1039 1040 /* In some cases len may be greater than off. It means that memory 1041 * areas pointed by s and s-off overlap. I had used memmove() here 1042 * because I thought that it acts as libc's version. Unfortunately, 1043 * I was wrong. :-) I got strange errors sometimes. Wilfried suggested 1044 * using of byte by byte copying here and strange errors disappeared. 1045 */ 1046 lamecopy(s, s - off, len); 1047 } else { 1048 /* buffer overflow; drop packet */ 1049 if (state->debug) 1050 printk(KERN_ERR "%s%d: trying to write outside history " 1051 "buffer\n", __FUNCTION__, state->unit); 1052 return DECOMP_ERROR; 1053 } 1054 } 1055 1056 /* Do PFC decompression */ 1057 len = olen; 1058 if ((history[0] & 0x01) != 0) { 1059 obuf[0] = 0; 1060 obuf++; 1061 len++; 1062 } 1063 1064 if (len <= osize) { 1065 /* copy uncompressed packet to the output buffer */ 1066 memcpy(obuf, history, olen); 1067 } else { 1068 /* buffer overflow; drop packet */ 1069 if (state->debug) 1070 printk(KERN_ERR "%s%d: too big uncompressed packet: %d\n", 1071 __FUNCTION__, state->unit, len + (PPP_HDRLEN / 2)); 1072 return DECOMP_ERROR; 1073 } 1074 1075 return (int) len; 1076} 1077 1078int 1079mppe_decompress(void *arg, unsigned char *ibuf, int isize, 1080 unsigned char *obuf, int osize) 1081{ 1082 struct ppp_mppe_state *state = (struct ppp_mppe_state *)arg; 1083 int seq, bits, uncomplen; 1084 1085 if (isize <= PPP_HDRLEN + MPPE_OVHD) { 1086 if (state->debug) { 1087 printk(KERN_DEBUG "%s%d: short packet (len=%d)\n", __FUNCTION__, 1088 state->unit, isize); 1089 } 1090 return DECOMP_ERROR; 1091 } 1092 1093 /* Get coherency counter and control bits from input buffer */ 1094 seq = MPPE_CCOUNT(ibuf); 1095 bits = MPPE_BITS(ibuf); 1096 1097 if (state->stateless) { 1098 /* RFC 3078, sec 8.1. */ 1099 mppe_increase_ccount(state); 1100 if ((seq != state->ccount) && state->debug) 1101 printk(KERN_DEBUG "%s%d: bad sequence number: %d, expected: %d\n", 1102 __FUNCTION__, state->unit, seq, state->ccount); 1103 while (seq != state->ccount) 1104 mppe_increase_ccount(state); 1105 } else { 1106 /* RFC 3078, sec 8.2. */ 1107 if (state->flushexpected) { /* discard state */ 1108 if ((bits & MPPE_BIT_FLUSHED)) { /* we received expected FLUSH bit */ 1109 while (seq != state->ccount) 1110 mppe_increase_ccount(state); 1111 state->flushexpected = 0; 1112 } else /* drop packet*/ 1113 return DECOMP_ERROR; 1114 } else { /* normal state */ 1115 mppe_increase_ccount(state); 1116 if (seq != state->ccount) { 1117 /* Packet loss detected, enter the discard state. */ 1118 if (state->debug) 1119 printk(KERN_DEBUG "%s%d: bad sequence number: %d, expected: %d\n", 1120 __FUNCTION__, state->unit, seq, state->ccount); 1121 state->flushexpected = 1; 1122 return DECOMP_ERROR; 1123 } 1124 } 1125 if (state->mppe && (bits & MPPE_BIT_FLUSHED)) { 1126 arc4_setkey(state, state->session_key, state->keylen); 1127 } 1128 } 1129 1130 if (state->mppc && (bits & (MPPE_BIT_FLUSHED | MPPE_BIT_RESET))) { 1131 state->histptr = MPPE_HIST_LEN; 1132 if ((bits & MPPE_BIT_FLUSHED)) { 1133 memset(state->hist + MPPE_HIST_LEN, 0, MPPE_HIST_LEN*sizeof(u8)); 1134 } else 1135 if ((bits & MPPE_BIT_RESET)) { 1136 memcpy(state->hist, state->hist + MPPE_HIST_LEN, MPPE_HIST_LEN); 1137 } 1138 } 1139 1140 /* Fill in the first part of the PPP header. The protocol field 1141 comes from the decompressed data. */ 1142 obuf[0] = PPP_ADDRESS(ibuf); 1143 obuf[1] = PPP_CONTROL(ibuf); 1144 obuf += PPP_HDRLEN / 2; 1145 1146 if (state->mppe) { /* process encrypted packet */ 1147 if ((bits & MPPE_BIT_ENCRYPTED)) { 1148 /* OK, packet encrypted, so decrypt it */ 1149 if (state->mppc && (bits & MPPE_BIT_COMP)) { 1150 /* Hack warning !!! RC4 implementation which we use does 1151 decryption "in place" - it means that input and output 1152 buffers can be *the same* memory area. Therefore we don't 1153 need to use a temporary buffer. But be careful - other 1154 implementations don't have to be so nice. */ 1155 arc4_decrypt(state, ibuf + PPP_HDRLEN + (MPPE_OVHD / 2), isize - 1156 PPP_HDRLEN - (MPPE_OVHD / 2), ibuf + PPP_HDRLEN + 1157 (MPPE_OVHD / 2)); 1158 uncomplen = mppc_decompress(state, ibuf + PPP_HDRLEN + 1159 (MPPE_OVHD / 2), obuf, isize - 1160 PPP_HDRLEN - (MPPE_OVHD / 2), 1161 osize - (PPP_HDRLEN / 2)); 1162 if (uncomplen == DECOMP_ERROR) { 1163 state->flushexpected = 1; 1164 return DECOMP_ERROR; 1165 } 1166 uncomplen += PPP_HDRLEN / 2; 1167 (state->stats).comp_bytes += isize; 1168 (state->stats).comp_packets++; 1169 } else { 1170 uncomplen = isize - MPPE_OVHD; 1171 /* Decrypt the first byte in order to check if it is 1172 compressed or uncompressed protocol field */ 1173 arc4_decrypt(state, ibuf + PPP_HDRLEN + (MPPE_OVHD / 2), 1, obuf); 1174 /* Do PFC decompression */ 1175 if ((obuf[0] & 0x01) != 0) { 1176 obuf[1] = obuf[0]; 1177 obuf[0] = 0; 1178 obuf++; 1179 uncomplen++; 1180 } 1181 /* And finally, decrypt the rest of the frame. */ 1182 arc4_decrypt(state, ibuf + PPP_HDRLEN + (MPPE_OVHD / 2) + 1, 1183 isize - PPP_HDRLEN - (MPPE_OVHD / 2) - 1, obuf + 1); 1184 (state->stats).inc_bytes += isize; 1185 (state->stats).inc_packets++; 1186 } 1187 } else { /* this shouldn't happen */ 1188 if (state->debug) 1189 printk(KERN_ERR "%s%d: encryption negotiated but not an " 1190 "encrypted packet received\n", __FUNCTION__, state->unit); 1191 mppe_change_key(state, 0); 1192 state->flushexpected = 1; 1193 return DECOMP_ERROR; 1194 } 1195 } else { 1196 if (state->mppc) { /* no MPPE, only MPPC */ 1197 if ((bits & MPPE_BIT_COMP)) { 1198 uncomplen = mppc_decompress(state, ibuf + PPP_HDRLEN + 1199 (MPPE_OVHD / 2), obuf, isize - 1200 PPP_HDRLEN - (MPPE_OVHD / 2), 1201 osize - (PPP_HDRLEN / 2)); 1202 if (uncomplen == DECOMP_ERROR) { 1203 state->flushexpected = 1; 1204 return DECOMP_ERROR; 1205 } 1206 uncomplen += PPP_HDRLEN / 2; 1207 (state->stats).comp_bytes += isize; 1208 (state->stats).comp_packets++; 1209 } else { 1210 memcpy(obuf, ibuf + PPP_HDRLEN + (MPPE_OVHD / 2), isize - 1211 PPP_HDRLEN - (MPPE_OVHD / 2)); 1212 uncomplen = isize - MPPE_OVHD; 1213 (state->stats).inc_bytes += isize; 1214 (state->stats).inc_packets++; 1215 } 1216 } else { /* this shouldn't happen */ 1217 if (state->debug) 1218 printk(KERN_ERR "%s%d: error - not an MPPC or MPPE frame " 1219 "received\n", __FUNCTION__, state->unit); 1220 state->flushexpected = 1; 1221 return DECOMP_ERROR; 1222 } 1223 } 1224 1225 (state->stats).unc_bytes += uncomplen; 1226 (state->stats).unc_packets++; 1227 1228 return uncomplen; 1229} 1230 1231 1232/************************************************************ 1233 * Module interface table 1234 ************************************************************/ 1235 1236/* These are in ppp_generic.c */ 1237extern int ppp_register_compressor (struct compressor *cp); 1238extern void ppp_unregister_compressor (struct compressor *cp); 1239 1240/* 1241 * Functions exported to ppp_generic.c. 1242 * 1243 * In case of MPPC/MPPE there is no need to process incompressible data 1244 * because such a data is sent in MPPC/MPPE frame. Therefore the (*incomp) 1245 * callback function isn't needed. 1246 */ 1247struct compressor ppp_mppe = { 1248 .compress_proto = CI_MPPE, 1249 .comp_alloc = mppe_comp_alloc, 1250 .comp_free = mppe_comp_free, 1251 .comp_init = mppe_comp_init, 1252 .comp_reset = mppe_comp_reset, 1253 .compress = mppe_compress, 1254 .comp_stat = mppe_stats, 1255 .decomp_alloc = mppe_decomp_alloc, 1256 .decomp_free = mppe_comp_free, 1257 .decomp_init = mppe_decomp_init, 1258 .decomp_reset = mppe_decomp_reset, 1259 .decompress = mppe_decompress, 1260 .incomp = NULL, 1261 .decomp_stat = mppe_stats, 1262 .owner = THIS_MODULE 1263}; 1264 1265/************************************************************ 1266 * Module support routines 1267 ************************************************************/ 1268 1269int __init mppe_module_init(void) 1270{ 1271 int answer; 1272 1273 if (!(crypto_alg_available("arc4", 0) && crypto_alg_available("sha1", 0))) { 1274 printk(KERN_ERR "Kernel doesn't provide ARC4 and/or SHA1 algorithms " 1275 "required by MPPE/MPPC. Check CryptoAPI configuration.\n"); 1276 return -ENODEV; 1277 } 1278 1279 /* Allocate space for SHAPad1, SHAPad2 and ... */ 1280 sha_pad = kmalloc(sizeof(struct sha_pad), GFP_KERNEL); 1281 if (sha_pad == NULL) 1282 return -ENOMEM; 1283 /* ... initialize them */ 1284 memset(sha_pad->sha_pad1, 0x00, sizeof(sha_pad->sha_pad1)); 1285 memset(sha_pad->sha_pad2, 0xf2, sizeof(sha_pad->sha_pad2)); 1286 1287 answer = ppp_register_compressor(&ppp_mppe); 1288 if (answer == 0) { 1289 printk(KERN_INFO "MPPE/MPPC encryption/compression module registered\n"); 1290 } 1291 return answer; 1292} 1293 1294void __exit mppe_module_cleanup(void) 1295{ 1296 kfree(sha_pad); 1297 ppp_unregister_compressor(&ppp_mppe); 1298 printk(KERN_INFO "MPPE/MPPC encryption/compression module unregistered\n"); 1299} 1300 1301module_init(mppe_module_init); 1302module_exit(mppe_module_cleanup); 1303 1304MODULE_AUTHOR("Jan Dubiec <jdx@slackware.pl>"); 1305MODULE_DESCRIPTION("MPPE/MPPC encryption/compression module for Linux"); 1306MODULE_VERSION("1.3"); 1307MODULE_LICENSE("Dual BSD/GPL"); 1308MODULE_ALIAS("ppp-compress-" __stringify(CI_MPPE)); 1309