1/* 2 * Copyright (c) 2003 Apple Computer, Inc. All rights reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23/* 24 * ccp.c - PPP Compression Control Protocol. 25 * 26 * Copyright (c) 1994-2002 Paul Mackerras. All rights reserved. 27 * 28 * Redistribution and use in source and binary forms, with or without 29 * modification, are permitted provided that the following conditions 30 * are met: 31 * 32 * 1. Redistributions of source code must retain the above copyright 33 * notice, this list of conditions and the following disclaimer. 34 * 35 * 2. Redistributions in binary form must reproduce the above copyright 36 * notice, this list of conditions and the following disclaimer in 37 * the documentation and/or other materials provided with the 38 * distribution. 39 * 40 * 3. The name(s) of the authors of this software must not be used to 41 * endorse or promote products derived from this software without 42 * prior written permission. 43 * 44 * 4. Redistributions of any form whatsoever must retain the following 45 * acknowledgment: 46 * "This product includes software developed by Paul Mackerras 47 * <paulus@samba.org>". 48 * 49 * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO 50 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 51 * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY 52 * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 53 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 54 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 55 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 56 */ 57 58#define RCSID "$Id: ccp.c,v 1.12 2005/12/13 06:30:15 lindak Exp $" 59 60#include <stdlib.h> 61#include <string.h> 62 63#include "pppd.h" 64#include "fsm.h" 65#include "ccp.h" 66//#include <net/ppp-comp.h> 67#include <ppp_comp.h> 68 69#ifdef MPPE 70#include "chap_ms.h" /* mppe_xxxx_key, mppe_keys_set */ 71#include "lcp.h" /* lcp_close(), lcp_fsm */ 72#endif 73 74#ifndef lint 75static const char rcsid[] = RCSID; 76#endif 77 78/* 79 * Unfortunately there is a bug in zlib which means that using a 80 * size of 8 (window size = 256) for Deflate compression will cause 81 * buffer overruns and kernel crashes in the deflate module. 82 * Until this is fixed we only accept sizes in the range 9 .. 15. 83 * Thanks to James Carlson for pointing this out. 84 */ 85#define DEFLATE_MIN_WORKS 9 86 87/* 88 * Command-line options. 89 */ 90static int setbsdcomp __P((char **)); 91static int setdeflate __P((char **)); 92static char bsd_value[8]; 93static char deflate_value[8]; 94 95/* 96 * Option variables. 97 */ 98#ifdef MPPE 99bool refuse_mppe_stateful = 1; /* Allow stateful mode? */ 100#endif 101 102static option_t ccp_option_list[] = { 103 { "noccp", o_bool, &ccp_protent.enabled_flag, 104 "Disable CCP negotiation" }, 105 { "-ccp", o_bool, &ccp_protent.enabled_flag, 106 "Disable CCP negotiation", OPT_ALIAS }, 107 108 { "bsdcomp", o_special, (void *)setbsdcomp, 109 "Request BSD-Compress packet compression", 110 OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, bsd_value }, 111 { "nobsdcomp", o_bool, &ccp_wantoptions[0].bsd_compress, 112 "don't allow BSD-Compress", OPT_PRIOSUB | OPT_A2CLR, 113 &ccp_allowoptions[0].bsd_compress }, 114 { "-bsdcomp", o_bool, &ccp_wantoptions[0].bsd_compress, 115 "don't allow BSD-Compress", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 116 &ccp_allowoptions[0].bsd_compress }, 117 118 { "deflate", o_special, (void *)setdeflate, 119 "request Deflate compression", 120 OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, deflate_value }, 121 { "nodeflate", o_bool, &ccp_wantoptions[0].deflate, 122 "don't allow Deflate compression", OPT_PRIOSUB | OPT_A2CLR, 123 &ccp_allowoptions[0].deflate }, 124 { "-deflate", o_bool, &ccp_wantoptions[0].deflate, 125 "don't allow Deflate compression", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 126 &ccp_allowoptions[0].deflate }, 127 128 { "nodeflatedraft", o_bool, &ccp_wantoptions[0].deflate_draft, 129 "don't use draft deflate #", OPT_A2COPY, 130 &ccp_allowoptions[0].deflate_draft }, 131 132 { "predictor1", o_bool, &ccp_wantoptions[0].predictor_1, 133 "request Predictor-1", OPT_PRIO | 1 }, 134 { "nopredictor1", o_bool, &ccp_wantoptions[0].predictor_1, 135 "don't allow Predictor-1", OPT_PRIOSUB | OPT_A2CLR, 136 &ccp_allowoptions[0].predictor_1 }, 137 { "-predictor1", o_bool, &ccp_wantoptions[0].predictor_1, 138 "don't allow Predictor-1", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 139 &ccp_allowoptions[0].predictor_1 }, 140 141#ifdef MPPE 142 /* MPPE options are symmetrical ... we only set wantoptions here */ 143 { "require-mppe", o_bool, &ccp_wantoptions[0].mppe, 144 "require MPPE encryption", 145 OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 }, 146 { "+mppe", o_bool, &ccp_wantoptions[0].mppe, 147 "require MPPE encryption", 148 OPT_ALIAS | OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 }, 149 { "nomppe", o_bool, &ccp_wantoptions[0].mppe, 150 "don't allow MPPE encryption", OPT_PRIO }, 151 { "-mppe", o_bool, &ccp_wantoptions[0].mppe, 152 "don't allow MPPE encryption", OPT_ALIAS | OPT_PRIO }, 153 154 /* We use ccp_allowoptions[0].mppe as a junk var ... it is reset later */ 155 { "require-mppe-40", o_bool, &ccp_allowoptions[0].mppe, 156 "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40, 157 &ccp_wantoptions[0].mppe }, 158 { "+mppe-40", o_bool, &ccp_allowoptions[0].mppe, 159 "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40, 160 &ccp_wantoptions[0].mppe }, 161 { "nomppe-40", o_bool, &ccp_allowoptions[0].mppe, 162 "don't allow MPPE 40-bit encryption", 163 OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40, &ccp_wantoptions[0].mppe }, 164 { "-mppe-40", o_bool, &ccp_allowoptions[0].mppe, 165 "don't allow MPPE 40-bit encryption", 166 OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40, 167 &ccp_wantoptions[0].mppe }, 168 169 { "require-mppe-128", o_bool, &ccp_allowoptions[0].mppe, 170 "require MPPE 128-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_128, 171 &ccp_wantoptions[0].mppe }, 172 { "+mppe-128", o_bool, &ccp_allowoptions[0].mppe, 173 "require MPPE 128-bit encryption", 174 OPT_ALIAS | OPT_PRIO | OPT_A2OR | MPPE_OPT_128, 175 &ccp_wantoptions[0].mppe }, 176 { "nomppe-128", o_bool, &ccp_allowoptions[0].mppe, 177 "don't allow MPPE 128-bit encryption", 178 OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128, &ccp_wantoptions[0].mppe }, 179 { "-mppe-128", o_bool, &ccp_allowoptions[0].mppe, 180 "don't allow MPPE 128-bit encryption", 181 OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128, 182 &ccp_wantoptions[0].mppe }, 183 184 /* strange one; we always request stateless, but will we allow stateful? */ 185 { "mppe-stateful", o_bool, &refuse_mppe_stateful, 186 "allow MPPE stateful mode", OPT_PRIO }, 187 { "nomppe-stateful", o_bool, &refuse_mppe_stateful, 188 "disallow MPPE stateful mode", OPT_PRIO | 1 }, 189 190#ifdef __APPLE__ 191 // for compatibility 192 { "mppe-stateless", o_bool, &refuse_mppe_stateful, 193 "disallow MPPE stateful mode", OPT_ALIAS | OPT_PRIO | 1 }, 194 { "+mppe-stateless", o_bool, &refuse_mppe_stateful, 195 "disallow MPPE stateful mode", OPT_ALIAS | OPT_PRIO | 1 }, 196 { "nomppe-stateless", o_bool, &refuse_mppe_stateful, 197 "allow MPPE stateful mode", OPT_ALIAS | OPT_PRIO }, 198 { "-mppe-stateless", o_bool, &refuse_mppe_stateful, 199 "allow MPPE stateful mode", OPT_ALIAS | OPT_PRIO }, 200 { "mppe-40", o_bool, &ccp_allowoptions[0].mppe, 201 "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40, 202 &ccp_wantoptions[0].mppe }, 203 { "mppe-128", o_bool, &ccp_allowoptions[0].mppe, 204 "require MPPE 128-bit encryption", 205 OPT_ALIAS | OPT_PRIO | OPT_A2OR | MPPE_OPT_128, 206 &ccp_wantoptions[0].mppe }, 207#endif 208#endif /* MPPE */ 209 210 { NULL } 211}; 212 213/* 214 * Protocol entry points from main code. 215 */ 216static void ccp_init __P((int unit)); 217static void ccp_open __P((int unit)); 218static void ccp_close __P((int unit, char *)); 219static void ccp_lowerup __P((int unit)); 220static void ccp_lowerdown __P((int)); 221static void ccp_input __P((int unit, u_char *pkt, int len)); 222static void ccp_protrej __P((int unit)); 223static int ccp_printpkt __P((u_char *pkt, int len, 224 void (*printer) __P((void *, char *, ...)), 225 void *arg)); 226static void ccp_datainput __P((int unit, u_char *pkt, int len)); 227 228struct protent ccp_protent = { 229 PPP_CCP, 230 ccp_init, 231 ccp_input, 232 ccp_protrej, 233 ccp_lowerup, 234 ccp_lowerdown, 235 ccp_open, 236 ccp_close, 237 ccp_printpkt, 238 ccp_datainput, 239 1, 240 "CCP", 241 "Compressed", 242 ccp_option_list, 243 NULL, 244 NULL, 245 NULL, 246#ifdef __APPLE__ 247 NULL, 248 NULL, 249 NULL, 250 NULL 251#endif 252}; 253 254fsm ccp_fsm[NUM_PPP]; 255ccp_options ccp_wantoptions[NUM_PPP]; /* what to request the peer to use */ 256ccp_options ccp_gotoptions[NUM_PPP]; /* what the peer agreed to do */ 257ccp_options ccp_allowoptions[NUM_PPP]; /* what we'll agree to do */ 258ccp_options ccp_hisoptions[NUM_PPP]; /* what we agreed to do */ 259 260/* 261 * Callbacks for fsm code. 262 */ 263static void ccp_resetci __P((fsm *)); 264static int ccp_cilen __P((fsm *)); 265static void ccp_addci __P((fsm *, u_char *, int *)); 266static int ccp_ackci __P((fsm *, u_char *, int)); 267static int ccp_nakci __P((fsm *, u_char *, int)); 268static int ccp_rejci __P((fsm *, u_char *, int)); 269static int ccp_reqci __P((fsm *, u_char *, int *, int)); 270static void ccp_up __P((fsm *)); 271static void ccp_down __P((fsm *)); 272static int ccp_extcode __P((fsm *, int, int, u_char *, int)); 273static void ccp_rack_timeout __P((void *)); 274static char *method_name __P((ccp_options *, ccp_options *)); 275 276static fsm_callbacks ccp_callbacks = { 277 ccp_resetci, 278 ccp_cilen, 279 ccp_addci, 280 ccp_ackci, 281 ccp_nakci, 282 ccp_rejci, 283 ccp_reqci, 284 ccp_up, 285 ccp_down, 286 NULL, 287 NULL, 288 NULL, 289 NULL, 290 ccp_extcode, 291 "CCP" 292}; 293 294/* 295 * Do we want / did we get any compression? 296 */ 297#define ANY_COMPRESS(opt) ((opt).deflate || (opt).bsd_compress \ 298 || (opt).predictor_1 || (opt).predictor_2 \ 299 || (opt).mppe) 300 301/* 302 * Local state (mainly for handling reset-reqs and reset-acks). 303 */ 304static int ccp_localstate[NUM_PPP]; 305#define RACK_PENDING 1 /* waiting for reset-ack */ 306#define RREQ_REPEAT 2 /* send another reset-req if no reset-ack */ 307 308#define RACKTIMEOUT 1 /* second */ 309 310static int all_rejected[NUM_PPP]; /* we rejected all peer's options */ 311 312/* 313 * Option parsing. 314 */ 315static int 316setbsdcomp(argv) 317 char **argv; 318{ 319 int rbits, abits; 320 char *str, *endp; 321 322 str = *argv; 323 abits = rbits = strtol(str, &endp, 0); 324 if (endp != str && *endp == ',') { 325 str = endp + 1; 326 abits = strtol(str, &endp, 0); 327 } 328 if (*endp != 0 || endp == str) { 329 option_error("invalid parameter '%s' for bsdcomp option", *argv); 330 return 0; 331 } 332 if ((rbits != 0 && (rbits < BSD_MIN_BITS || rbits > BSD_MAX_BITS)) 333 || (abits != 0 && (abits < BSD_MIN_BITS || abits > BSD_MAX_BITS))) { 334 option_error("bsdcomp option values must be 0 or %d .. %d", 335 BSD_MIN_BITS, BSD_MAX_BITS); 336 return 0; 337 } 338 if (rbits > 0) { 339 ccp_wantoptions[0].bsd_compress = 1; 340 ccp_wantoptions[0].bsd_bits = rbits; 341 } else 342 ccp_wantoptions[0].bsd_compress = 0; 343 if (abits > 0) { 344 ccp_allowoptions[0].bsd_compress = 1; 345 ccp_allowoptions[0].bsd_bits = abits; 346 } else 347 ccp_allowoptions[0].bsd_compress = 0; 348 slprintf(bsd_value, sizeof(bsd_value), 349 rbits == abits? "%d": "%d,%d", rbits, abits); 350 351 return 1; 352} 353 354static int 355setdeflate(argv) 356 char **argv; 357{ 358 int rbits, abits; 359 char *str, *endp; 360 361 str = *argv; 362 abits = rbits = strtol(str, &endp, 0); 363 if (endp != str && *endp == ',') { 364 str = endp + 1; 365 abits = strtol(str, &endp, 0); 366 } 367 if (*endp != 0 || endp == str) { 368 option_error("invalid parameter '%s' for deflate option", *argv); 369 return 0; 370 } 371 if ((rbits != 0 && (rbits < DEFLATE_MIN_SIZE || rbits > DEFLATE_MAX_SIZE)) 372 || (abits != 0 && (abits < DEFLATE_MIN_SIZE 373 || abits > DEFLATE_MAX_SIZE))) { 374 option_error("deflate option values must be 0 or %d .. %d", 375 DEFLATE_MIN_SIZE, DEFLATE_MAX_SIZE); 376 return 0; 377 } 378 if (rbits == DEFLATE_MIN_SIZE || abits == DEFLATE_MIN_SIZE) { 379 if (rbits == DEFLATE_MIN_SIZE) 380 rbits = DEFLATE_MIN_WORKS; 381 if (abits == DEFLATE_MIN_SIZE) 382 abits = DEFLATE_MIN_WORKS; 383 warning("deflate option value of %d changed to %d to avoid zlib bug", 384 DEFLATE_MIN_SIZE, DEFLATE_MIN_WORKS); 385 } 386 if (rbits > 0) { 387 ccp_wantoptions[0].deflate = 1; 388 ccp_wantoptions[0].deflate_size = rbits; 389 } else 390 ccp_wantoptions[0].deflate = 0; 391 if (abits > 0) { 392 ccp_allowoptions[0].deflate = 1; 393 ccp_allowoptions[0].deflate_size = abits; 394 } else 395 ccp_allowoptions[0].deflate = 0; 396 slprintf(deflate_value, sizeof(deflate_value), 397 rbits == abits? "%d": "%d,%d", rbits, abits); 398 399 return 1; 400} 401 402/* 403 * ccp_init - initialize CCP. 404 */ 405static void 406ccp_init(unit) 407 int unit; 408{ 409 fsm *f = &ccp_fsm[unit]; 410 411 f->unit = unit; 412 f->protocol = PPP_CCP; 413 f->callbacks = &ccp_callbacks; 414 fsm_init(f); 415 416 memset(&ccp_wantoptions[unit], 0, sizeof(ccp_options)); 417 memset(&ccp_gotoptions[unit], 0, sizeof(ccp_options)); 418 memset(&ccp_allowoptions[unit], 0, sizeof(ccp_options)); 419 memset(&ccp_hisoptions[unit], 0, sizeof(ccp_options)); 420 421 ccp_wantoptions[0].deflate = 1; 422 ccp_wantoptions[0].deflate_size = DEFLATE_MAX_SIZE; 423 ccp_wantoptions[0].deflate_correct = 1; 424 ccp_wantoptions[0].deflate_draft = 1; 425 ccp_allowoptions[0].deflate = 1; 426 ccp_allowoptions[0].deflate_size = DEFLATE_MAX_SIZE; 427 ccp_allowoptions[0].deflate_correct = 1; 428 ccp_allowoptions[0].deflate_draft = 1; 429 430 ccp_wantoptions[0].bsd_compress = 1; 431 ccp_wantoptions[0].bsd_bits = BSD_MAX_BITS; 432 ccp_allowoptions[0].bsd_compress = 1; 433 ccp_allowoptions[0].bsd_bits = BSD_MAX_BITS; 434 435 ccp_allowoptions[0].predictor_1 = 1; 436} 437 438/* 439 * ccp_open - CCP is allowed to come up. 440 */ 441static void 442ccp_open(unit) 443 int unit; 444{ 445 fsm *f = &ccp_fsm[unit]; 446 447 if (f->state != OPENED) 448 ccp_flags_set(unit, 1, 0); 449 450 /* 451 * Find out which compressors the kernel supports before 452 * deciding whether to open in silent mode. 453 */ 454 ccp_resetci(f); 455 if (!ANY_COMPRESS(ccp_gotoptions[unit])) 456 f->flags |= OPT_SILENT; 457 458 fsm_open(f); 459} 460 461/* 462 * ccp_close - Terminate CCP. 463 */ 464static void 465ccp_close(unit, reason) 466 int unit; 467 char *reason; 468{ 469 ccp_flags_set(unit, 0, 0); 470 fsm_close(&ccp_fsm[unit], reason); 471} 472 473/* 474 * ccp_lowerup - we may now transmit CCP packets. 475 */ 476static void 477ccp_lowerup(unit) 478 int unit; 479{ 480 fsm_lowerup(&ccp_fsm[unit]); 481} 482 483/* 484 * ccp_lowerdown - we may not transmit CCP packets. 485 */ 486static void 487ccp_lowerdown(unit) 488 int unit; 489{ 490 fsm_lowerdown(&ccp_fsm[unit]); 491} 492 493/* 494 * ccp_input - process a received CCP packet. 495 */ 496static void 497ccp_input(unit, p, len) 498 int unit; 499 u_char *p; 500 int len; 501{ 502 fsm *f = &ccp_fsm[unit]; 503 int oldstate; 504 505 /* 506 * Check for a terminate-request so we can print a message. 507 */ 508 oldstate = f->state; 509 fsm_input(f, p, len); 510 if (oldstate == OPENED && p[0] == TERMREQ && f->state != OPENED) { 511 notice("Compression disabled by peer."); 512#ifdef MPPE 513 if (ccp_gotoptions[unit].mppe) { 514 error("MPPE disabled, closing LCP"); 515 lcp_close(unit, "MPPE disabled by peer"); 516 } 517#endif 518 } 519 520 /* 521 * If we get a terminate-ack and we're not asking for compression, 522 * close CCP. 523 */ 524 if (oldstate == REQSENT && p[0] == TERMACK 525 && !ANY_COMPRESS(ccp_gotoptions[unit])) 526 ccp_close(unit, "No compression negotiated"); 527} 528 529/* 530 * Handle a CCP-specific code. 531 */ 532static int 533ccp_extcode(f, code, id, p, len) 534 fsm *f; 535 int code, id; 536 u_char *p; 537 int len; 538{ 539 switch (code) { 540 case CCP_RESETREQ: 541 if (f->state != OPENED) 542 break; 543 /* send a reset-ack, which the transmitter will see and 544 reset its compression state. */ 545 notice("received CCP RESETREQ"); 546 fsm_sdata(f, CCP_RESETACK, id, NULL, 0); 547 break; 548 549 case CCP_RESETACK: 550 if (ccp_localstate[f->unit] & RACK_PENDING && id == f->reqid) { 551 ccp_localstate[f->unit] &= ~(RACK_PENDING | RREQ_REPEAT); 552 UNTIMEOUT(ccp_rack_timeout, f); 553 } 554 notice("received CCP RESETACK"); 555 break; 556 557 default: 558 return 0; 559 } 560 561 return 1; 562} 563 564/* 565 * ccp_protrej - peer doesn't talk CCP. 566 */ 567static void 568ccp_protrej(unit) 569 int unit; 570{ 571 ccp_flags_set(unit, 0, 0); 572 fsm_protreject(&ccp_fsm[unit]); 573 574#ifdef MPPE 575 if (ccp_gotoptions[unit].mppe) { 576 error("MPPE required but peer negotiation failed"); 577 lcp_close(unit, "MPPE required but peer negotiation failed"); 578 } 579#endif 580 581} 582 583/* 584 * ccp_resetci - initialize at start of negotiation. 585 */ 586static void 587ccp_resetci(f) 588 fsm *f; 589{ 590 ccp_options *go = &ccp_gotoptions[f->unit]; 591 u_char opt_buf[CCP_MAX_OPTION_LENGTH]; 592 593 *go = ccp_wantoptions[f->unit]; 594 all_rejected[f->unit] = 0; 595 596#ifdef MPPE 597 if (go->mppe) { 598 ccp_options *ao = &ccp_allowoptions[f->unit]; 599 int auth_mschap_bits = auth_done[f->unit]; 600 int numbits; 601 602 /* 603 * Start with a basic sanity check: mschap[v2] auth must be in 604 * exactly one direction. RFC 3079 says that the keys are 605 * 'derived from the credentials of the peer that initiated the call', 606 * however the PPP protocol doesn't have such a concept, and pppd 607 * cannot get this info externally. Instead we do the best we can. 608 * NB: If MPPE is required, all other compression opts are invalid. 609 * So, we return right away if we can't do it. 610 */ 611 612#ifdef __APPLE__ 613 if (auth_done[f->unit] & (EAP_WITHPEER | EAP_PEER)) { 614 } 615 else 616 { 617#endif 618 619 /* Leave only the mschap auth bits set */ 620 auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER | 621 CHAP_MS2_WITHPEER | CHAP_MS2_PEER); 622 /* Count the mschap auths */ 623 auth_mschap_bits >>= CHAP_MS_SHIFT; 624 numbits = 0; 625 do { 626 numbits += auth_mschap_bits & 1; 627 auth_mschap_bits >>= 1; 628 } while (auth_mschap_bits); 629 if (numbits > 1) { 630 error("MPPE required, but auth done in both directions."); 631 lcp_close(f->unit, "MPPE required but not available"); 632 return; 633 } 634 if (!numbits) { 635 error("MPPE required, but MS-CHAP[v2] auth not performed."); 636 lcp_close(f->unit, "MPPE required but not available"); 637 return; 638 } 639 640 /* A plugin (eg radius) may not have obtained key material. */ 641 if (!mppe_keys_set) { 642 error("MPPE required, but keys are not available. " 643 "Possible plugin problem?"); 644 lcp_close(f->unit, "MPPE required but not available"); 645 return; 646 } 647 648 /* LM auth not supported for MPPE */ 649 if (auth_done[f->unit] & (CHAP_MS_WITHPEER | CHAP_MS_PEER)) { 650 /* This might be noise */ 651 if (go->mppe & MPPE_OPT_40) { 652 notice("Disabling 40-bit MPPE; MS-CHAP LM not supported"); 653 go->mppe &= ~MPPE_OPT_40; 654 ccp_wantoptions[f->unit].mppe &= ~MPPE_OPT_40; 655 } 656 } 657#ifdef __APPLE__ 658 } 659#endif 660 661 /* Last check: can we actually negotiate something? */ 662 if (!(go->mppe & (MPPE_OPT_40 | MPPE_OPT_128))) { 663 /* Could be misconfig, could be 40-bit disabled above. */ 664 error("MPPE required, but both 40-bit and 128-bit disabled."); 665 lcp_close(f->unit, "MPPE required but not available"); 666 return; 667 } 668 669 /* sync options */ 670 ao->mppe = go->mppe; 671 /* MPPE is not compatible with other compression types */ 672 ao->bsd_compress = go->bsd_compress = 0; 673 ao->predictor_1 = go->predictor_1 = 0; 674 ao->predictor_2 = go->predictor_2 = 0; 675 ao->deflate = go->deflate = 0; 676 } 677#endif /* MPPE */ 678 679 /* 680 * Check whether the kernel knows about the various 681 * compression methods we might request. 682 */ 683#ifdef MPPE 684 if (go->mppe) { 685 opt_buf[0] = CI_MPPE; 686 opt_buf[1] = CILEN_MPPE; 687 MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]); 688 /* Key material unimportant here. */ 689 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) { 690 error("MPPE required, but kernel has no support."); 691 lcp_close(f->unit, "MPPE required but not available"); 692 } 693 } 694#endif 695 if (go->bsd_compress) { 696 opt_buf[0] = CI_BSD_COMPRESS; 697 opt_buf[1] = CILEN_BSD_COMPRESS; 698 opt_buf[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, BSD_MIN_BITS); 699 if (ccp_test(f->unit, opt_buf, CILEN_BSD_COMPRESS, 0) <= 0) 700 go->bsd_compress = 0; 701 } 702 if (go->deflate) { 703 if (go->deflate_correct) { 704 opt_buf[0] = CI_DEFLATE; 705 opt_buf[1] = CILEN_DEFLATE; 706 opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_WORKS); 707 opt_buf[3] = DEFLATE_CHK_SEQUENCE; 708 if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0) 709 go->deflate_correct = 0; 710 } 711 if (go->deflate_draft) { 712 opt_buf[0] = CI_DEFLATE_DRAFT; 713 opt_buf[1] = CILEN_DEFLATE; 714 opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_WORKS); 715 opt_buf[3] = DEFLATE_CHK_SEQUENCE; 716 if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0) 717 go->deflate_draft = 0; 718 } 719 if (!go->deflate_correct && !go->deflate_draft) 720 go->deflate = 0; 721 } 722 if (go->predictor_1) { 723 opt_buf[0] = CI_PREDICTOR_1; 724 opt_buf[1] = CILEN_PREDICTOR_1; 725 if (ccp_test(f->unit, opt_buf, CILEN_PREDICTOR_1, 0) <= 0) 726 go->predictor_1 = 0; 727 } 728 if (go->predictor_2) { 729 opt_buf[0] = CI_PREDICTOR_2; 730 opt_buf[1] = CILEN_PREDICTOR_2; 731 if (ccp_test(f->unit, opt_buf, CILEN_PREDICTOR_2, 0) <= 0) 732 go->predictor_2 = 0; 733 } 734} 735 736/* 737 * ccp_cilen - Return total length of our configuration info. 738 */ 739static int 740ccp_cilen(f) 741 fsm *f; 742{ 743 ccp_options *go = &ccp_gotoptions[f->unit]; 744 745 return (go->bsd_compress? CILEN_BSD_COMPRESS: 0) 746 + (go->deflate? CILEN_DEFLATE: 0) 747 + (go->predictor_1? CILEN_PREDICTOR_1: 0) 748 + (go->predictor_2? CILEN_PREDICTOR_2: 0) 749 + (go->mppe? CILEN_MPPE: 0); 750} 751 752/* 753 * ccp_addci - put our requests in a packet. 754 */ 755static void 756ccp_addci(f, p, lenp) 757 fsm *f; 758 u_char *p; 759 int *lenp; 760{ 761 int res; 762 ccp_options *go = &ccp_gotoptions[f->unit]; 763 u_char *p0 = p; 764 765 /* 766 * Add the compression types that we can receive, in decreasing 767 * preference order. Get the kernel to allocate the first one 768 * in case it gets Acked. 769 */ 770#ifdef MPPE 771 if (go->mppe) { 772 u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN]; 773 774 p[0] = opt_buf[0] = CI_MPPE; 775 p[1] = opt_buf[1] = CILEN_MPPE; 776 MPPE_OPTS_TO_CI(go->mppe, &p[2]); 777 MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]); 778 BCOPY(mppe_recv_key, &opt_buf[CILEN_MPPE], MPPE_MAX_KEY_LEN); 779 res = ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0); 780 if (res > 0) 781 p += CILEN_MPPE; 782 else 783 /* This shouldn't happen, we've already tested it! */ 784 lcp_close(f->unit, "MPPE required but not available in kernel"); 785 } 786#endif 787 if (go->deflate) { 788 p[0] = go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT; 789 p[1] = CILEN_DEFLATE; 790 p[2] = DEFLATE_MAKE_OPT(go->deflate_size); 791 p[3] = DEFLATE_CHK_SEQUENCE; 792 if (p != p0) { 793 p += CILEN_DEFLATE; 794 } else { 795 for (;;) { 796 if (go->deflate_size < DEFLATE_MIN_WORKS) { 797 go->deflate = 0; 798 break; 799 } 800 res = ccp_test(f->unit, p, CILEN_DEFLATE, 0); 801 if (res > 0) { 802 p += CILEN_DEFLATE; 803 break; 804 } else if (res < 0) { 805 go->deflate = 0; 806 break; 807 } 808 --go->deflate_size; 809 p[2] = DEFLATE_MAKE_OPT(go->deflate_size); 810 } 811 } 812 if (p != p0 && go->deflate_correct && go->deflate_draft) { 813 p[0] = CI_DEFLATE_DRAFT; 814 p[1] = CILEN_DEFLATE; 815 p[2] = p[2 - CILEN_DEFLATE]; 816 p[3] = DEFLATE_CHK_SEQUENCE; 817 p += CILEN_DEFLATE; 818 } 819 } 820 if (go->bsd_compress) { 821 p[0] = CI_BSD_COMPRESS; 822 p[1] = CILEN_BSD_COMPRESS; 823 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits); 824 if (p != p0) { 825 p += CILEN_BSD_COMPRESS; /* not the first option */ 826 } else { 827 for (;;) { 828 if (go->bsd_bits < BSD_MIN_BITS) { 829 go->bsd_compress = 0; 830 break; 831 } 832 res = ccp_test(f->unit, p, CILEN_BSD_COMPRESS, 0); 833 if (res > 0) { 834 p += CILEN_BSD_COMPRESS; 835 break; 836 } else if (res < 0) { 837 go->bsd_compress = 0; 838 break; 839 } 840 --go->bsd_bits; 841 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits); 842 } 843 } 844 } 845 /* XXX Should Predictor 2 be preferable to Predictor 1? */ 846 if (go->predictor_1) { 847 p[0] = CI_PREDICTOR_1; 848 p[1] = CILEN_PREDICTOR_1; 849 if (p == p0 && ccp_test(f->unit, p, CILEN_PREDICTOR_1, 0) <= 0) { 850 go->predictor_1 = 0; 851 } else { 852 p += CILEN_PREDICTOR_1; 853 } 854 } 855 if (go->predictor_2) { 856 p[0] = CI_PREDICTOR_2; 857 p[1] = CILEN_PREDICTOR_2; 858 if (p == p0 && ccp_test(f->unit, p, CILEN_PREDICTOR_2, 0) <= 0) { 859 go->predictor_2 = 0; 860 } else { 861 p += CILEN_PREDICTOR_2; 862 } 863 } 864 865 go->method = (p > p0)? p0[0]: -1; 866 867 *lenp = p - p0; 868} 869 870/* 871 * ccp_ackci - process a received configure-ack, and return 872 * 1 iff the packet was OK. 873 */ 874static int 875ccp_ackci(f, p, len) 876 fsm *f; 877 u_char *p; 878 int len; 879{ 880 ccp_options *go = &ccp_gotoptions[f->unit]; 881 u_char *p0 = p; 882 883#ifdef MPPE 884 if (go->mppe) { 885 u_char opt_buf[CILEN_MPPE]; 886 887 opt_buf[0] = CI_MPPE; 888 opt_buf[1] = CILEN_MPPE; 889 MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]); 890 if (len < CILEN_MPPE || memcmp(opt_buf, p, CILEN_MPPE)) 891 return 0; 892 p += CILEN_MPPE; 893 len -= CILEN_MPPE; 894 /* XXX Cope with first/fast ack */ 895 if (len == 0) 896 return 1; 897 } 898#endif 899 if (go->deflate) { 900 if (len < CILEN_DEFLATE 901 || p[0] != (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT) 902 || p[1] != CILEN_DEFLATE 903 || p[2] != DEFLATE_MAKE_OPT(go->deflate_size) 904 || p[3] != DEFLATE_CHK_SEQUENCE) 905 return 0; 906 p += CILEN_DEFLATE; 907 len -= CILEN_DEFLATE; 908 /* XXX Cope with first/fast ack */ 909 if (len == 0) 910 return 1; 911 if (go->deflate_correct && go->deflate_draft) { 912 if (len < CILEN_DEFLATE 913 || p[0] != CI_DEFLATE_DRAFT 914 || p[1] != CILEN_DEFLATE 915 || p[2] != DEFLATE_MAKE_OPT(go->deflate_size) 916 || p[3] != DEFLATE_CHK_SEQUENCE) 917 return 0; 918 p += CILEN_DEFLATE; 919 len -= CILEN_DEFLATE; 920 } 921 } 922 if (go->bsd_compress) { 923 if (len < CILEN_BSD_COMPRESS 924 || p[0] != CI_BSD_COMPRESS || p[1] != CILEN_BSD_COMPRESS 925 || p[2] != BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits)) 926 return 0; 927 p += CILEN_BSD_COMPRESS; 928 len -= CILEN_BSD_COMPRESS; 929 /* XXX Cope with first/fast ack */ 930 if (p == p0 && len == 0) 931 return 1; 932 } 933 if (go->predictor_1) { 934 if (len < CILEN_PREDICTOR_1 935 || p[0] != CI_PREDICTOR_1 || p[1] != CILEN_PREDICTOR_1) 936 return 0; 937 p += CILEN_PREDICTOR_1; 938 len -= CILEN_PREDICTOR_1; 939 /* XXX Cope with first/fast ack */ 940 if (p == p0 && len == 0) 941 return 1; 942 } 943 if (go->predictor_2) { 944 if (len < CILEN_PREDICTOR_2 945 || p[0] != CI_PREDICTOR_2 || p[1] != CILEN_PREDICTOR_2) 946 return 0; 947 p += CILEN_PREDICTOR_2; 948 len -= CILEN_PREDICTOR_2; 949 /* XXX Cope with first/fast ack */ 950 if (p == p0 && len == 0) 951 return 1; 952 } 953 954 if (len != 0) 955 return 0; 956 return 1; 957} 958 959/* 960 * ccp_nakci - process received configure-nak. 961 * Returns 1 iff the nak was OK. 962 */ 963static int 964ccp_nakci(f, p, len) 965 fsm *f; 966 u_char *p; 967 int len; 968{ 969 ccp_options *go = &ccp_gotoptions[f->unit]; 970#ifdef __APPLE__ 971 ccp_options *ao = &ccp_allowoptions[f->unit]; 972#endif 973 ccp_options no; /* options we've seen already */ 974 ccp_options try; /* options to ask for next time */ 975 976 memset(&no, 0, sizeof(no)); 977 try = *go; 978 979#ifdef MPPE 980 if (go->mppe && len >= CILEN_MPPE 981 && p[0] == CI_MPPE && p[1] == CILEN_MPPE) { 982 no.mppe = 1; 983 /* 984 * Peer wants us to use a different strength or other setting. 985 * Fail if we aren't willing to use his suggestion. 986 */ 987 MPPE_CI_TO_OPTS(&p[2], try.mppe); 988#ifdef __APPLE__ 989 /* 990 * Failing completly is extreme and shows interoperability issues. 991 * We insist on our options set. 992 */ 993 if ((try.mppe & MPPE_OPT_STATEFUL) && refuse_mppe_stateful) 994 try.mppe &= ~MPPE_OPT_STATEFUL; 995 if ((try.mppe & MPPE_OPT_40) && !(ao->mppe & MPPE_OPT_40)) 996 try.mppe &= ~MPPE_OPT_40; 997 if ((try.mppe & MPPE_OPT_128) && !(ao->mppe & MPPE_OPT_128)) 998 try.mppe &= ~MPPE_OPT_128; 999 1000 if (!(try.mppe & (MPPE_OPT_40 + MPPE_OPT_128))) { 1001 error("MPPE required but peer negotiation failed"); 1002 lcp_close(f->unit, "MPPE required but peer negotiation failed"); 1003 } 1004#else 1005 if ((try.mppe & MPPE_OPT_STATEFUL) && refuse_mppe_stateful) { 1006 error("Refusing MPPE stateful mode offered by peer"); 1007 try.mppe = 0; 1008 } else if (((go->mppe | MPPE_OPT_STATEFUL) & try.mppe) != try.mppe) { 1009 /* Peer must have set options we didn't request (suggest) */ 1010 try.mppe = 0; 1011 } 1012 1013 if (!try.mppe) { 1014 error("MPPE required but peer negotiation failed"); 1015 lcp_close(f->unit, "MPPE required but peer negotiation failed"); 1016 } 1017#endif 1018 } 1019#endif /* MPPE */ 1020 if (go->deflate && len >= CILEN_DEFLATE 1021 && p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT) 1022 && p[1] == CILEN_DEFLATE) { 1023 no.deflate = 1; 1024 /* 1025 * Peer wants us to use a different code size or something. 1026 * Stop asking for Deflate if we don't understand his suggestion. 1027 */ 1028 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL 1029 || DEFLATE_SIZE(p[2]) < DEFLATE_MIN_WORKS 1030 || p[3] != DEFLATE_CHK_SEQUENCE) 1031 try.deflate = 0; 1032 else if (DEFLATE_SIZE(p[2]) < go->deflate_size) 1033 try.deflate_size = DEFLATE_SIZE(p[2]); 1034 p += CILEN_DEFLATE; 1035 len -= CILEN_DEFLATE; 1036 if (go->deflate_correct && go->deflate_draft 1037 && len >= CILEN_DEFLATE && p[0] == CI_DEFLATE_DRAFT 1038 && p[1] == CILEN_DEFLATE) { 1039 p += CILEN_DEFLATE; 1040 len -= CILEN_DEFLATE; 1041 } 1042 } 1043 1044 if (go->bsd_compress && len >= CILEN_BSD_COMPRESS 1045 && p[0] == CI_BSD_COMPRESS && p[1] == CILEN_BSD_COMPRESS) { 1046 no.bsd_compress = 1; 1047 /* 1048 * Peer wants us to use a different number of bits 1049 * or a different version. 1050 */ 1051 if (BSD_VERSION(p[2]) != BSD_CURRENT_VERSION) 1052 try.bsd_compress = 0; 1053 else if (BSD_NBITS(p[2]) < go->bsd_bits) 1054 try.bsd_bits = BSD_NBITS(p[2]); 1055 p += CILEN_BSD_COMPRESS; 1056 len -= CILEN_BSD_COMPRESS; 1057 } 1058 1059 /* 1060 * Predictor-1 and 2 have no options, so they can't be Naked. 1061 * 1062 * There may be remaining options but we ignore them. 1063 */ 1064 1065 if (f->state != OPENED) 1066 *go = try; 1067 return 1; 1068} 1069 1070/* 1071 * ccp_rejci - reject some of our suggested compression methods. 1072 */ 1073static int 1074ccp_rejci(f, p, len) 1075 fsm *f; 1076 u_char *p; 1077 int len; 1078{ 1079 ccp_options *go = &ccp_gotoptions[f->unit]; 1080 ccp_options try; /* options to request next time */ 1081 1082 try = *go; 1083 1084 /* 1085 * Cope with empty configure-rejects by ceasing to send 1086 * configure-requests. 1087 */ 1088 if (len == 0 && all_rejected[f->unit]) 1089 return -1; 1090 1091#ifdef MPPE 1092 if (go->mppe && len >= CILEN_MPPE 1093 && p[0] == CI_MPPE && p[1] == CILEN_MPPE) { 1094 error("MPPE required but peer refused"); 1095 lcp_close(f->unit, "MPPE required but peer refused"); 1096 p += CILEN_MPPE; 1097 len -= CILEN_MPPE; 1098 } 1099#endif 1100 if (go->deflate_correct && len >= CILEN_DEFLATE 1101 && p[0] == CI_DEFLATE && p[1] == CILEN_DEFLATE) { 1102 if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size) 1103 || p[3] != DEFLATE_CHK_SEQUENCE) 1104 return 0; /* Rej is bad */ 1105 try.deflate_correct = 0; 1106 p += CILEN_DEFLATE; 1107 len -= CILEN_DEFLATE; 1108 } 1109 if (go->deflate_draft && len >= CILEN_DEFLATE 1110 && p[0] == CI_DEFLATE_DRAFT && p[1] == CILEN_DEFLATE) { 1111 if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size) 1112 || p[3] != DEFLATE_CHK_SEQUENCE) 1113 return 0; /* Rej is bad */ 1114 try.deflate_draft = 0; 1115 p += CILEN_DEFLATE; 1116 len -= CILEN_DEFLATE; 1117 } 1118 if (!try.deflate_correct && !try.deflate_draft) 1119 try.deflate = 0; 1120 if (go->bsd_compress && len >= CILEN_BSD_COMPRESS 1121 && p[0] == CI_BSD_COMPRESS && p[1] == CILEN_BSD_COMPRESS) { 1122 if (p[2] != BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits)) 1123 return 0; 1124 try.bsd_compress = 0; 1125 p += CILEN_BSD_COMPRESS; 1126 len -= CILEN_BSD_COMPRESS; 1127 } 1128 if (go->predictor_1 && len >= CILEN_PREDICTOR_1 1129 && p[0] == CI_PREDICTOR_1 && p[1] == CILEN_PREDICTOR_1) { 1130 try.predictor_1 = 0; 1131 p += CILEN_PREDICTOR_1; 1132 len -= CILEN_PREDICTOR_1; 1133 } 1134 if (go->predictor_2 && len >= CILEN_PREDICTOR_2 1135 && p[0] == CI_PREDICTOR_2 && p[1] == CILEN_PREDICTOR_2) { 1136 try.predictor_2 = 0; 1137 p += CILEN_PREDICTOR_2; 1138 len -= CILEN_PREDICTOR_2; 1139 } 1140 1141 if (len != 0) 1142 return 0; 1143 1144 if (f->state != OPENED) 1145 *go = try; 1146 1147 return 1; 1148} 1149 1150/* 1151 * ccp_reqci - processed a received configure-request. 1152 * Returns CONFACK, CONFNAK or CONFREJ and the packet modified 1153 * appropriately. 1154 */ 1155static int 1156ccp_reqci(f, p, lenp, dont_nak) 1157 fsm *f; 1158 u_char *p; 1159 int *lenp; 1160 int dont_nak; 1161{ 1162 int ret, newret, res; 1163 u_char *p0, *retp; 1164 int len, clen, type, nb; 1165 ccp_options *ho = &ccp_hisoptions[f->unit]; 1166 ccp_options *ao = &ccp_allowoptions[f->unit]; 1167#ifdef MPPE 1168 bool rej_for_ci_mppe = 1; /* Are we rejecting based on a bad/missing */ 1169 /* CI_MPPE, or due to other options? */ 1170#endif 1171 1172 ret = CONFACK; 1173 retp = p0 = p; 1174 len = *lenp; 1175 1176 memset(ho, 0, sizeof(ccp_options)); 1177 ho->method = (len > 0)? p[0]: -1; 1178 1179 while (len > 0) { 1180 newret = CONFACK; 1181 if (len < 2 || p[1] < 2 || p[1] > len) { 1182 /* length is bad */ 1183 clen = len; 1184 newret = CONFREJ; 1185 1186 } else { 1187 type = p[0]; 1188 clen = p[1]; 1189 1190 switch (type) { 1191#ifdef MPPE 1192 case CI_MPPE: 1193 if (!ao->mppe || clen != CILEN_MPPE) { 1194 newret = CONFREJ; 1195 break; 1196 } 1197 MPPE_CI_TO_OPTS(&p[2], ho->mppe); 1198 1199 /* Nak if anything unsupported or unknown are set. */ 1200 if (ho->mppe & MPPE_OPT_UNSUPPORTED) { 1201 newret = CONFNAK; 1202 ho->mppe &= ~MPPE_OPT_UNSUPPORTED; 1203 } 1204 if (ho->mppe & MPPE_OPT_UNKNOWN) { 1205 newret = CONFNAK; 1206 ho->mppe &= ~MPPE_OPT_UNKNOWN; 1207 } 1208 1209 /* Check state opt */ 1210 if (ho->mppe & MPPE_OPT_STATEFUL) { 1211 /* 1212 * We can Nak and request stateless, but it's a 1213 * lot easier to just assume the peer will request 1214 * it if he can do it; stateful mode is bad over 1215 * the Internet -- which is where we expect MPPE. 1216 */ 1217 if (refuse_mppe_stateful) { 1218 error("Refusing MPPE stateful mode offered by peer"); 1219 newret = CONFREJ; 1220 break; 1221 } 1222 } 1223 1224 /* Find out which of {S,L} are set. */ 1225 if ((ho->mppe & MPPE_OPT_128) 1226 && (ho->mppe & MPPE_OPT_40)) { 1227 /* Both are set, negotiate the strongest. */ 1228 newret = CONFNAK; 1229 if (ao->mppe & MPPE_OPT_128) 1230 ho->mppe &= ~MPPE_OPT_40; 1231 else if (ao->mppe & MPPE_OPT_40) 1232 ho->mppe &= ~MPPE_OPT_128; 1233 else { 1234 newret = CONFREJ; 1235 break; 1236 } 1237 } else if (ho->mppe & MPPE_OPT_128) { 1238 if (!(ao->mppe & MPPE_OPT_128)) { 1239 newret = CONFREJ; 1240 break; 1241 } 1242 } else if (ho->mppe & MPPE_OPT_40) { 1243 if (!(ao->mppe & MPPE_OPT_40)) { 1244 newret = CONFREJ; 1245 break; 1246 } 1247 } else { 1248 /* Neither are set. */ 1249#ifdef __APPLE__ 1250 /* retry with our options */ 1251 newret = CONFNAK; 1252 if (ao->mppe & MPPE_OPT_128) 1253 ho->mppe |= MPPE_OPT_128; 1254 if (ao->mppe & MPPE_OPT_40) 1255 ho->mppe |= MPPE_OPT_40; 1256#else 1257 newret = CONFREJ; 1258 break; 1259#endif 1260 } 1261 1262 /* rebuild the opts */ 1263 MPPE_OPTS_TO_CI(ho->mppe, &p[2]); 1264 if (newret == CONFACK) { 1265 u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN]; 1266 int mtu; 1267 1268 BCOPY(p, opt_buf, CILEN_MPPE); 1269 BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], 1270 MPPE_MAX_KEY_LEN); 1271 if (ccp_test(f->unit, opt_buf, 1272 CILEN_MPPE + MPPE_MAX_KEY_LEN, 1) <= 0) { 1273 /* This shouldn't happen, we've already tested it! */ 1274 error("MPPE required, but kernel has no support."); 1275 lcp_close(f->unit, "MPPE required but not available"); 1276 newret = CONFREJ; 1277 break; 1278 } 1279 /* 1280 * We need to decrease the interface MTU by MPPE_PAD 1281 * because MPPE frames **grow**. The kernel [must] 1282 * allocate MPPE_PAD extra bytes in xmit buffers. 1283 */ 1284 mtu = netif_get_mtu(f->unit); 1285 if (mtu) 1286 netif_set_mtu(f->unit, mtu - MPPE_PAD); 1287 else 1288 newret = CONFREJ; 1289 } 1290 1291 /* 1292 * We have accepted MPPE or are willing to negotiate 1293 * MPPE parameters. A CONFREJ is due to subsequent 1294 * (non-MPPE) processing. 1295 */ 1296 rej_for_ci_mppe = 0; 1297 break; 1298#endif /* MPPE */ 1299 case CI_DEFLATE: 1300 case CI_DEFLATE_DRAFT: 1301 if (!ao->deflate || clen != CILEN_DEFLATE 1302 || (!ao->deflate_correct && type == CI_DEFLATE) 1303 || (!ao->deflate_draft && type == CI_DEFLATE_DRAFT)) { 1304 newret = CONFREJ; 1305 break; 1306 } 1307 1308 ho->deflate = 1; 1309 ho->deflate_size = nb = DEFLATE_SIZE(p[2]); 1310 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL 1311 || p[3] != DEFLATE_CHK_SEQUENCE 1312 || nb > ao->deflate_size || nb < DEFLATE_MIN_WORKS) { 1313 newret = CONFNAK; 1314 if (!dont_nak) { 1315 p[2] = DEFLATE_MAKE_OPT(ao->deflate_size); 1316 p[3] = DEFLATE_CHK_SEQUENCE; 1317 /* fall through to test this #bits below */ 1318 } else 1319 break; 1320 } 1321 1322 /* 1323 * Check whether we can do Deflate with the window 1324 * size they want. If the window is too big, reduce 1325 * it until the kernel can cope and nak with that. 1326 * We only check this for the first option. 1327 */ 1328 if (p == p0) { 1329 for (;;) { 1330 res = ccp_test(f->unit, p, CILEN_DEFLATE, 1); 1331 if (res > 0) 1332 break; /* it's OK now */ 1333 if (res < 0 || nb == DEFLATE_MIN_WORKS || dont_nak) { 1334 newret = CONFREJ; 1335 p[2] = DEFLATE_MAKE_OPT(ho->deflate_size); 1336 break; 1337 } 1338 newret = CONFNAK; 1339 --nb; 1340 p[2] = DEFLATE_MAKE_OPT(nb); 1341 } 1342 } 1343 break; 1344 1345 case CI_BSD_COMPRESS: 1346 if (!ao->bsd_compress || clen != CILEN_BSD_COMPRESS) { 1347 newret = CONFREJ; 1348 break; 1349 } 1350 1351 ho->bsd_compress = 1; 1352 ho->bsd_bits = nb = BSD_NBITS(p[2]); 1353 if (BSD_VERSION(p[2]) != BSD_CURRENT_VERSION 1354 || nb > ao->bsd_bits || nb < BSD_MIN_BITS) { 1355 newret = CONFNAK; 1356 if (!dont_nak) { 1357 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, ao->bsd_bits); 1358 /* fall through to test this #bits below */ 1359 } else 1360 break; 1361 } 1362 1363 /* 1364 * Check whether we can do BSD-Compress with the code 1365 * size they want. If the code size is too big, reduce 1366 * it until the kernel can cope and nak with that. 1367 * We only check this for the first option. 1368 */ 1369 if (p == p0) { 1370 for (;;) { 1371 res = ccp_test(f->unit, p, CILEN_BSD_COMPRESS, 1); 1372 if (res > 0) 1373 break; 1374 if (res < 0 || nb == BSD_MIN_BITS || dont_nak) { 1375 newret = CONFREJ; 1376 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, 1377 ho->bsd_bits); 1378 break; 1379 } 1380 newret = CONFNAK; 1381 --nb; 1382 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, nb); 1383 } 1384 } 1385 break; 1386 1387 case CI_PREDICTOR_1: 1388 if (!ao->predictor_1 || clen != CILEN_PREDICTOR_1) { 1389 newret = CONFREJ; 1390 break; 1391 } 1392 1393 ho->predictor_1 = 1; 1394 if (p == p0 1395 && ccp_test(f->unit, p, CILEN_PREDICTOR_1, 1) <= 0) { 1396 newret = CONFREJ; 1397 } 1398 break; 1399 1400 case CI_PREDICTOR_2: 1401 if (!ao->predictor_2 || clen != CILEN_PREDICTOR_2) { 1402 newret = CONFREJ; 1403 break; 1404 } 1405 1406 ho->predictor_2 = 1; 1407 if (p == p0 1408 && ccp_test(f->unit, p, CILEN_PREDICTOR_2, 1) <= 0) { 1409 newret = CONFREJ; 1410 } 1411 break; 1412 1413 default: 1414 newret = CONFREJ; 1415 } 1416 } 1417 1418 if (newret == CONFNAK && dont_nak) 1419 newret = CONFREJ; 1420 if (!(newret == CONFACK || (newret == CONFNAK && ret == CONFREJ))) { 1421 /* we're returning this option */ 1422 if (newret == CONFREJ && ret == CONFNAK) 1423 retp = p0; 1424 ret = newret; 1425 if (p != retp) 1426 BCOPY(p, retp, clen); 1427 retp += clen; 1428 } 1429 1430 p += clen; 1431 len -= clen; 1432 } 1433 1434 if (ret != CONFACK) { 1435 if (ret == CONFREJ && *lenp == retp - p0) 1436 all_rejected[f->unit] = 1; 1437 else 1438 *lenp = retp - p0; 1439 } 1440#ifdef MPPE 1441 if (ret == CONFREJ && ao->mppe && rej_for_ci_mppe) { 1442 error("MPPE required but peer negotiation failed"); 1443 lcp_close(f->unit, "MPPE required but peer negotiation failed"); 1444 } 1445#endif 1446 return ret; 1447} 1448 1449/* 1450 * Make a string name for a compression method (or 2). 1451 */ 1452static char * 1453method_name(opt, opt2) 1454 ccp_options *opt, *opt2; 1455{ 1456 static char result[64]; 1457 1458 if (!ANY_COMPRESS(*opt)) 1459 return "(none)"; 1460 switch (opt->method) { 1461#ifdef MPPE 1462 case CI_MPPE: 1463 { 1464 char *p = result; 1465 char *q = result + sizeof(result); /* 1 past result */ 1466 1467 slprintf(p, q - p, "MPPE "); 1468 p += 5; 1469 if (opt->mppe & MPPE_OPT_128) { 1470 slprintf(p, q - p, "128-bit "); 1471 p += 8; 1472 } 1473 if (opt->mppe & MPPE_OPT_40) { 1474 slprintf(p, q - p, "40-bit "); 1475 p += 7; 1476 } 1477 if (opt->mppe & MPPE_OPT_STATEFUL) 1478 slprintf(p, q - p, "stateful"); 1479 else 1480 slprintf(p, q - p, "stateless"); 1481 1482 break; 1483 } 1484#endif 1485 case CI_DEFLATE: 1486 case CI_DEFLATE_DRAFT: 1487 if (opt2 != NULL && opt2->deflate_size != opt->deflate_size) 1488 slprintf(result, sizeof(result), "Deflate%s (%d/%d)", 1489 (opt->method == CI_DEFLATE_DRAFT? "(old#)": ""), 1490 opt->deflate_size, opt2->deflate_size); 1491 else 1492 slprintf(result, sizeof(result), "Deflate%s (%d)", 1493 (opt->method == CI_DEFLATE_DRAFT? "(old#)": ""), 1494 opt->deflate_size); 1495 break; 1496 case CI_BSD_COMPRESS: 1497 if (opt2 != NULL && opt2->bsd_bits != opt->bsd_bits) 1498 slprintf(result, sizeof(result), "BSD-Compress (%d/%d)", 1499 opt->bsd_bits, opt2->bsd_bits); 1500 else 1501 slprintf(result, sizeof(result), "BSD-Compress (%d)", 1502 opt->bsd_bits); 1503 break; 1504 case CI_PREDICTOR_1: 1505 return "Predictor 1"; 1506 case CI_PREDICTOR_2: 1507 return "Predictor 2"; 1508 default: 1509 slprintf(result, sizeof(result), "Method %d", opt->method); 1510 } 1511 return result; 1512} 1513 1514/* 1515 * CCP has come up - inform the kernel driver and log a message. 1516 */ 1517static void 1518ccp_up(f) 1519 fsm *f; 1520{ 1521 ccp_options *go = &ccp_gotoptions[f->unit]; 1522 ccp_options *ho = &ccp_hisoptions[f->unit]; 1523 char method1[64]; 1524 1525 ccp_flags_set(f->unit, 1, 1); 1526 if (ANY_COMPRESS(*go)) { 1527 if (ANY_COMPRESS(*ho)) { 1528 if (go->method == ho->method) { 1529 notice("%s compression enabled", method_name(go, ho)); 1530 } else { 1531 strlcpy(method1, method_name(go, NULL), sizeof(method1)); 1532 notice("%s / %s compression enabled", 1533 method1, method_name(ho, NULL)); 1534 } 1535 } else 1536 notice("%s receive compression enabled", method_name(go, NULL)); 1537 } else if (ANY_COMPRESS(*ho)) 1538 notice("%s transmit compression enabled", method_name(ho, NULL)); 1539#ifdef MPPE 1540 if (go->mppe) { 1541 BZERO(mppe_recv_key, MPPE_MAX_KEY_LEN); 1542 BZERO(mppe_send_key, MPPE_MAX_KEY_LEN); 1543 continue_networks(f->unit); /* Bring up IP et al */ 1544 } 1545#endif 1546} 1547 1548/* 1549 * CCP has gone down - inform the kernel driver. 1550 */ 1551static void 1552ccp_down(f) 1553 fsm *f; 1554{ 1555 if (ccp_localstate[f->unit] & RACK_PENDING) 1556 UNTIMEOUT(ccp_rack_timeout, f); 1557 ccp_localstate[f->unit] = 0; 1558 ccp_flags_set(f->unit, 1, 0); 1559#ifdef MPPE 1560 if (ccp_gotoptions[f->unit].mppe) { 1561 ccp_gotoptions[f->unit].mppe = 0; 1562 if (lcp_fsm[f->unit].state == OPENED) { 1563 /* If LCP is not already going down, make sure it does. */ 1564 error("MPPE disabled"); 1565 lcp_close(f->unit, "MPPE disabled"); 1566 } 1567 } 1568#endif 1569} 1570 1571/* 1572 * Print the contents of a CCP packet. 1573 */ 1574static char *ccp_codenames[] = { 1575 "ConfReq", "ConfAck", "ConfNak", "ConfRej", 1576 "TermReq", "TermAck", "CodeRej", 1577 NULL, NULL, NULL, NULL, NULL, NULL, 1578 "ResetReq", "ResetAck", 1579}; 1580 1581static int 1582ccp_printpkt(p, plen, printer, arg) 1583 u_char *p; 1584 int plen; 1585 void (*printer) __P((void *, char *, ...)); 1586 void *arg; 1587{ 1588 u_char *p0, *optend; 1589 int code, id, len; 1590 int optlen; 1591 1592 p0 = p; 1593 if (plen < HEADERLEN) 1594 return 0; 1595 code = p[0]; 1596 id = p[1]; 1597 len = (p[2] << 8) + p[3]; 1598 if (len < HEADERLEN || len > plen) 1599 return 0; 1600 1601 if (code >= 1 && code <= sizeof(ccp_codenames) / sizeof(char *) 1602 && ccp_codenames[code-1] != NULL) 1603 printer(arg, " %s", ccp_codenames[code-1]); 1604 else 1605 printer(arg, " code=0x%x", code); 1606 printer(arg, " id=0x%x", id); 1607 len -= HEADERLEN; 1608 p += HEADERLEN; 1609 1610 switch (code) { 1611 case CONFREQ: 1612 case CONFACK: 1613 case CONFNAK: 1614 case CONFREJ: 1615 /* print list of possible compression methods */ 1616 while (len >= 2) { 1617 code = p[0]; 1618 optlen = p[1]; 1619 if (optlen < 2 || optlen > len) 1620 break; 1621 printer(arg, " <"); 1622 len -= optlen; 1623 optend = p + optlen; 1624 switch (code) { 1625#ifdef MPPE 1626 case CI_MPPE: 1627 if (optlen >= CILEN_MPPE) { 1628 u_char mppe_opts; 1629 1630 MPPE_CI_TO_OPTS(&p[2], mppe_opts); 1631 printer(arg, "mppe %s %s %s %s %s %s%s", 1632 (p[2] & MPPE_H_BIT)? "+H": "-H", 1633 (p[5] & MPPE_M_BIT)? "+M": "-M", 1634 (p[5] & MPPE_S_BIT)? "+S": "-S", 1635 (p[5] & MPPE_L_BIT)? "+L": "-L", 1636 (p[5] & MPPE_D_BIT)? "+D": "-D", 1637 (p[5] & MPPE_C_BIT)? "+C": "-C", 1638 (mppe_opts & MPPE_OPT_UNKNOWN)? " +U": ""); 1639 if (mppe_opts & MPPE_OPT_UNKNOWN) 1640 printer(arg, " (%.2x %.2x %.2x %.2x)", 1641 p[2], p[3], p[4], p[5]); 1642 p += CILEN_MPPE; 1643 } 1644 break; 1645#endif 1646 case CI_DEFLATE: 1647 case CI_DEFLATE_DRAFT: 1648 if (optlen >= CILEN_DEFLATE) { 1649 printer(arg, "deflate%s %d", 1650 (code == CI_DEFLATE_DRAFT? "(old#)": ""), 1651 DEFLATE_SIZE(p[2])); 1652 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL) 1653 printer(arg, " method %d", DEFLATE_METHOD(p[2])); 1654 if (p[3] != DEFLATE_CHK_SEQUENCE) 1655 printer(arg, " check %d", p[3]); 1656 p += CILEN_DEFLATE; 1657 } 1658 break; 1659 case CI_BSD_COMPRESS: 1660 if (optlen >= CILEN_BSD_COMPRESS) { 1661 printer(arg, "bsd v%d %d", BSD_VERSION(p[2]), 1662 BSD_NBITS(p[2])); 1663 p += CILEN_BSD_COMPRESS; 1664 } 1665 break; 1666 case CI_PREDICTOR_1: 1667 if (optlen >= CILEN_PREDICTOR_1) { 1668 printer(arg, "predictor 1"); 1669 p += CILEN_PREDICTOR_1; 1670 } 1671 break; 1672 case CI_PREDICTOR_2: 1673 if (optlen >= CILEN_PREDICTOR_2) { 1674 printer(arg, "predictor 2"); 1675 p += CILEN_PREDICTOR_2; 1676 } 1677 break; 1678 } 1679 while (p < optend) 1680 printer(arg, " %.2x", *p++); 1681 printer(arg, ">"); 1682 } 1683 break; 1684 1685 case TERMACK: 1686 case TERMREQ: 1687 if (len > 0 && *p >= ' ' && *p < 0x7f) { 1688 print_string((char *)p, len, printer, arg); 1689 p += len; 1690 len = 0; 1691 } 1692 break; 1693 } 1694 1695 /* dump out the rest of the packet in hex */ 1696 while (--len >= 0) 1697 printer(arg, " %.2x", *p++); 1698 1699 return p - p0; 1700} 1701 1702/* 1703 * We have received a packet that the decompressor failed to 1704 * decompress. Here we would expect to issue a reset-request, but 1705 * Motorola has a patent on resetting the compressor as a result of 1706 * detecting an error in the decompressed data after decompression. 1707 * (See US patent 5,130,993; international patent publication number 1708 * WO 91/10289; Australian patent 73296/91.) 1709 * 1710 * So we ask the kernel whether the error was detected after 1711 * decompression; if it was, we take CCP down, thus disabling 1712 * compression :-(, otherwise we issue the reset-request. 1713 */ 1714static void 1715ccp_datainput(unit, pkt, len) 1716 int unit; 1717 u_char *pkt; 1718 int len; 1719{ 1720 fsm *f; 1721 1722 f = &ccp_fsm[unit]; 1723 if (f->state == OPENED) { 1724 if (ccp_fatal_error(unit)) { 1725 /* 1726 * Disable compression by taking CCP down. 1727 */ 1728 error("Lost compression sync: disabling compression"); 1729 ccp_close(unit, "Lost compression sync"); 1730#ifdef MPPE 1731 /* 1732 * If we were doing MPPE, we must also take the link down. 1733 */ 1734 if (ccp_gotoptions[unit].mppe) { 1735 error("Too many MPPE errors, closing LCP"); 1736 lcp_close(unit, "Too many MPPE errors"); 1737 } 1738#endif 1739 } else { 1740 /* 1741 * Send a reset-request to reset the peer's compressor. 1742 * We don't do that if we are still waiting for an 1743 * acknowledgement to a previous reset-request. 1744 */ 1745 if (!(ccp_localstate[f->unit] & RACK_PENDING)) { 1746 fsm_sdata(f, CCP_RESETREQ, f->reqid = ++f->id, NULL, 0); 1747 TIMEOUT(ccp_rack_timeout, f, RACKTIMEOUT); 1748 ccp_localstate[f->unit] |= RACK_PENDING; 1749 } else 1750 ccp_localstate[f->unit] |= RREQ_REPEAT; 1751 } 1752 } 1753} 1754 1755/* 1756 * Timeout waiting for reset-ack. 1757 */ 1758static void 1759ccp_rack_timeout(arg) 1760 void *arg; 1761{ 1762 fsm *f = arg; 1763 1764 if (f->state == OPENED && ccp_localstate[f->unit] & RREQ_REPEAT) { 1765 fsm_sdata(f, CCP_RESETREQ, f->reqid, NULL, 0); 1766 TIMEOUT(ccp_rack_timeout, f, RACKTIMEOUT); 1767 ccp_localstate[f->unit] &= ~RREQ_REPEAT; 1768 } else 1769 ccp_localstate[f->unit] &= ~RACK_PENDING; 1770} 1771 1772