1 /* $NetBSD: ccp.c,v 1.6 2025/01/08 19:59:38 christos Exp $ */ 2 3 /* 4 * ccp.c - PPP Compression Control Protocol. 5 * 6 * Copyright (c) 1994-2024 Paul Mackerras. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO 21 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 22 * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY 23 * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 24 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 25 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 26 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 27 */ 28 29 #include <sys/cdefs.h> 30 __RCSID("$NetBSD: ccp.c,v 1.6 2025/01/08 19:59:38 christos Exp $"); 31 32 #ifdef HAVE_CONFIG_H 33 #include "config.h" 34 #endif 35 36 #include <stdlib.h> 37 #include <string.h> 38 #if defined(__linux__) 39 #include <linux/ppp-comp.h> 40 #else 41 #include <net/ppp-comp.h> 42 #endif 43 44 #include "pppd-private.h" 45 #include "options.h" 46 #include "fsm.h" 47 #include "ccp.h" 48 49 #include "chap_ms.h" 50 #include "mppe.h" 51 #include "lcp.h" /* lcp_close(), lcp_fsm */ 52 53 54 /* 55 * Unfortunately there is a bug in zlib which means that using a 56 * size of 8 (window size = 256) for Deflate compression will cause 57 * buffer overruns and kernel crashes in the deflate module. 58 * Until this is fixed we only accept sizes in the range 9 .. 15. 59 * Thanks to James Carlson for pointing this out. 60 */ 61 #define DEFLATE_MIN_WORKS 9 62 63 /* 64 * Command-line options. 65 */ 66 static int setbsdcomp (char **); 67 static int setdeflate (char **); 68 static char bsd_value[8]; 69 static char deflate_value[8]; 70 71 /* 72 * Option variables. 73 */ 74 #ifdef PPP_WITH_MPPE 75 bool refuse_mppe_stateful = 1; /* Allow stateful mode? */ 76 #endif 77 78 static struct option ccp_option_list[] = { 79 { "noccp", o_bool, &ccp_protent.enabled_flag, 80 "Disable CCP negotiation" }, 81 { "-ccp", o_bool, &ccp_protent.enabled_flag, 82 "Disable CCP negotiation", OPT_ALIAS }, 83 84 { "bsdcomp", o_special, (void *)setbsdcomp, 85 "Request BSD-Compress packet compression", 86 OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, bsd_value }, 87 { "nobsdcomp", o_bool, &ccp_wantoptions[0].bsd_compress, 88 "don't allow BSD-Compress", OPT_PRIOSUB | OPT_A2CLR, 89 &ccp_allowoptions[0].bsd_compress }, 90 { "-bsdcomp", o_bool, &ccp_wantoptions[0].bsd_compress, 91 "don't allow BSD-Compress", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 92 &ccp_allowoptions[0].bsd_compress }, 93 94 { "deflate", o_special, (void *)setdeflate, 95 "request Deflate compression", 96 OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, deflate_value }, 97 { "nodeflate", o_bool, &ccp_wantoptions[0].deflate, 98 "don't allow Deflate compression", OPT_PRIOSUB | OPT_A2CLR, 99 &ccp_allowoptions[0].deflate }, 100 { "-deflate", o_bool, &ccp_wantoptions[0].deflate, 101 "don't allow Deflate compression", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 102 &ccp_allowoptions[0].deflate }, 103 104 { "nodeflatedraft", o_bool, &ccp_wantoptions[0].deflate_draft, 105 "don't use draft deflate #", OPT_A2COPY, 106 &ccp_allowoptions[0].deflate_draft }, 107 108 { "predictor1", o_bool, &ccp_wantoptions[0].predictor_1, 109 "request Predictor-1", OPT_PRIO | 1 }, 110 { "nopredictor1", o_bool, &ccp_wantoptions[0].predictor_1, 111 "don't allow Predictor-1", OPT_PRIOSUB | OPT_A2CLR, 112 &ccp_allowoptions[0].predictor_1 }, 113 { "-predictor1", o_bool, &ccp_wantoptions[0].predictor_1, 114 "don't allow Predictor-1", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, 115 &ccp_allowoptions[0].predictor_1 }, 116 117 #ifdef PPP_WITH_MPPE 118 /* MPPE options are symmetrical ... we only set wantoptions here */ 119 { "require-mppe", o_bool, &ccp_wantoptions[0].mppe, 120 "require MPPE encryption", 121 OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 }, 122 { "+mppe", o_bool, &ccp_wantoptions[0].mppe, 123 "require MPPE encryption", 124 OPT_ALIAS | OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 }, 125 { "nomppe", o_bool, &ccp_wantoptions[0].mppe, 126 "don't allow MPPE encryption", OPT_PRIO }, 127 { "-mppe", o_bool, &ccp_wantoptions[0].mppe, 128 "don't allow MPPE encryption", OPT_ALIAS | OPT_PRIO }, 129 130 /* We use ccp_allowoptions[0].mppe as a junk var ... it is reset later */ 131 { "require-mppe-40", o_bool, &ccp_allowoptions[0].mppe, 132 "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40, 133 &ccp_wantoptions[0].mppe }, 134 { "+mppe-40", o_bool, &ccp_allowoptions[0].mppe, 135 "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40, 136 &ccp_wantoptions[0].mppe }, 137 { "nomppe-40", o_bool, &ccp_allowoptions[0].mppe, 138 "don't allow MPPE 40-bit encryption", 139 OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40, &ccp_wantoptions[0].mppe }, 140 { "-mppe-40", o_bool, &ccp_allowoptions[0].mppe, 141 "don't allow MPPE 40-bit encryption", 142 OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40, 143 &ccp_wantoptions[0].mppe }, 144 145 { "require-mppe-128", o_bool, &ccp_allowoptions[0].mppe, 146 "require MPPE 128-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_128, 147 &ccp_wantoptions[0].mppe }, 148 { "+mppe-128", o_bool, &ccp_allowoptions[0].mppe, 149 "require MPPE 128-bit encryption", 150 OPT_ALIAS | OPT_PRIO | OPT_A2OR | MPPE_OPT_128, 151 &ccp_wantoptions[0].mppe }, 152 { "nomppe-128", o_bool, &ccp_allowoptions[0].mppe, 153 "don't allow MPPE 128-bit encryption", 154 OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128, &ccp_wantoptions[0].mppe }, 155 { "-mppe-128", o_bool, &ccp_allowoptions[0].mppe, 156 "don't allow MPPE 128-bit encryption", 157 OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128, 158 &ccp_wantoptions[0].mppe }, 159 160 /* strange one; we always request stateless, but will we allow stateful? */ 161 { "mppe-stateful", o_bool, &refuse_mppe_stateful, 162 "allow MPPE stateful mode", OPT_PRIO }, 163 { "nomppe-stateful", o_bool, &refuse_mppe_stateful, 164 "disallow MPPE stateful mode", OPT_PRIO | 1 }, 165 #endif /* MPPE */ 166 167 { NULL } 168 }; 169 170 /* 171 * Protocol entry points from main code. 172 */ 173 static void ccp_init (int unit); 174 static void ccp_open (int unit); 175 static void ccp_close (int unit, char *); 176 static void ccp_lowerup (int unit); 177 static void ccp_lowerdown (int); 178 static void ccp_input (int unit, u_char *pkt, int len); 179 static void ccp_protrej (int unit); 180 static int ccp_printpkt (u_char *pkt, int len, 181 void (*printer)(void *, char *, ...), 182 void *arg); 183 static void ccp_datainput (int unit, u_char *pkt, int len); 184 185 struct protent ccp_protent = { 186 PPP_CCP, 187 ccp_init, 188 ccp_input, 189 ccp_protrej, 190 ccp_lowerup, 191 ccp_lowerdown, 192 ccp_open, 193 ccp_close, 194 ccp_printpkt, 195 ccp_datainput, 196 1, 197 "CCP", 198 "Compressed", 199 ccp_option_list, 200 NULL, 201 NULL, 202 NULL 203 }; 204 205 fsm ccp_fsm[NUM_PPP]; 206 ccp_options ccp_wantoptions[NUM_PPP]; /* what to request the peer to use */ 207 ccp_options ccp_gotoptions[NUM_PPP]; /* what the peer agreed to do */ 208 ccp_options ccp_allowoptions[NUM_PPP]; /* what we'll agree to do */ 209 ccp_options ccp_hisoptions[NUM_PPP]; /* what we agreed to do */ 210 211 /* 212 * Callbacks for fsm code. 213 */ 214 static void ccp_resetci (fsm *); 215 static int ccp_cilen (fsm *); 216 static void ccp_addci (fsm *, u_char *, int *); 217 static int ccp_ackci (fsm *, u_char *, int); 218 static int ccp_nakci (fsm *, u_char *, int, int); 219 static int ccp_rejci (fsm *, u_char *, int); 220 static int ccp_reqci (fsm *, u_char *, int *, int); 221 static void ccp_up (fsm *); 222 static void ccp_down (fsm *); 223 static int ccp_extcode (fsm *, int, int, u_char *, int); 224 static void ccp_rack_timeout (void *); 225 static char *method_name (ccp_options *, ccp_options *); 226 227 static fsm_callbacks ccp_callbacks = { 228 ccp_resetci, 229 ccp_cilen, 230 ccp_addci, 231 ccp_ackci, 232 ccp_nakci, 233 ccp_rejci, 234 ccp_reqci, 235 ccp_up, 236 ccp_down, 237 NULL, 238 NULL, 239 NULL, 240 NULL, 241 ccp_extcode, 242 "CCP" 243 }; 244 245 /* 246 * Do we want / did we get any compression? 247 */ 248 #define ANY_COMPRESS(opt) ((opt).deflate || (opt).bsd_compress \ 249 || (opt).predictor_1 || (opt).predictor_2 \ 250 || (opt).mppe) 251 252 /* 253 * Local state (mainly for handling reset-reqs and reset-acks). 254 */ 255 static int ccp_localstate[NUM_PPP]; 256 #define RACK_PENDING 1 /* waiting for reset-ack */ 257 #define RREQ_REPEAT 2 /* send another reset-req if no reset-ack */ 258 259 #define RACKTIMEOUT 1 /* second */ 260 261 static int all_rejected[NUM_PPP]; /* we rejected all peer's options */ 262 263 /* 264 * Option parsing. 265 */ 266 static int 267 setbsdcomp(char **argv) 268 { 269 int rbits, abits; 270 char *str, *endp; 271 272 str = *argv; 273 abits = rbits = strtol(str, &endp, 0); 274 if (endp != str && *endp == ',') { 275 str = endp + 1; 276 abits = strtol(str, &endp, 0); 277 } 278 if (*endp != 0 || endp == str) { 279 ppp_option_error("invalid parameter '%s' for bsdcomp option", *argv); 280 return 0; 281 } 282 if ((rbits != 0 && (rbits < BSD_MIN_BITS || rbits > BSD_MAX_BITS)) 283 || (abits != 0 && (abits < BSD_MIN_BITS || abits > BSD_MAX_BITS))) { 284 ppp_option_error("bsdcomp option values must be 0 or %d .. %d", 285 BSD_MIN_BITS, BSD_MAX_BITS); 286 return 0; 287 } 288 if (rbits > 0) { 289 ccp_wantoptions[0].bsd_compress = 1; 290 ccp_wantoptions[0].bsd_bits = rbits; 291 } else 292 ccp_wantoptions[0].bsd_compress = 0; 293 if (abits > 0) { 294 ccp_allowoptions[0].bsd_compress = 1; 295 ccp_allowoptions[0].bsd_bits = abits; 296 } else 297 ccp_allowoptions[0].bsd_compress = 0; 298 slprintf(bsd_value, sizeof(bsd_value), 299 rbits == abits? "%d": "%d,%d", rbits, abits); 300 301 return 1; 302 } 303 304 static int 305 setdeflate(char **argv) 306 { 307 int rbits, abits; 308 char *str, *endp; 309 310 str = *argv; 311 abits = rbits = strtol(str, &endp, 0); 312 if (endp != str && *endp == ',') { 313 str = endp + 1; 314 abits = strtol(str, &endp, 0); 315 } 316 if (*endp != 0 || endp == str) { 317 ppp_option_error("invalid parameter '%s' for deflate option", *argv); 318 return 0; 319 } 320 if ((rbits != 0 && (rbits < DEFLATE_MIN_SIZE || rbits > DEFLATE_MAX_SIZE)) 321 || (abits != 0 && (abits < DEFLATE_MIN_SIZE 322 || abits > DEFLATE_MAX_SIZE))) { 323 ppp_option_error("deflate option values must be 0 or %d .. %d", 324 DEFLATE_MIN_SIZE, DEFLATE_MAX_SIZE); 325 return 0; 326 } 327 if (rbits == DEFLATE_MIN_SIZE || abits == DEFLATE_MIN_SIZE) { 328 if (rbits == DEFLATE_MIN_SIZE) 329 rbits = DEFLATE_MIN_WORKS; 330 if (abits == DEFLATE_MIN_SIZE) 331 abits = DEFLATE_MIN_WORKS; 332 warn("deflate option value of %d changed to %d to avoid zlib bug", 333 DEFLATE_MIN_SIZE, DEFLATE_MIN_WORKS); 334 } 335 if (rbits > 0) { 336 ccp_wantoptions[0].deflate = 1; 337 ccp_wantoptions[0].deflate_size = rbits; 338 } else 339 ccp_wantoptions[0].deflate = 0; 340 if (abits > 0) { 341 ccp_allowoptions[0].deflate = 1; 342 ccp_allowoptions[0].deflate_size = abits; 343 } else 344 ccp_allowoptions[0].deflate = 0; 345 slprintf(deflate_value, sizeof(deflate_value), 346 rbits == abits? "%d": "%d,%d", rbits, abits); 347 348 return 1; 349 } 350 351 /* 352 * ccp_init - initialize CCP. 353 */ 354 static void 355 ccp_init(int unit) 356 { 357 fsm *f = &ccp_fsm[unit]; 358 359 f->unit = unit; 360 f->protocol = PPP_CCP; 361 f->callbacks = &ccp_callbacks; 362 fsm_init(f); 363 364 memset(&ccp_wantoptions[unit], 0, sizeof(ccp_options)); 365 memset(&ccp_gotoptions[unit], 0, sizeof(ccp_options)); 366 memset(&ccp_allowoptions[unit], 0, sizeof(ccp_options)); 367 memset(&ccp_hisoptions[unit], 0, sizeof(ccp_options)); 368 369 ccp_wantoptions[0].deflate = 1; 370 ccp_wantoptions[0].deflate_size = DEFLATE_MAX_SIZE; 371 ccp_wantoptions[0].deflate_correct = 1; 372 ccp_wantoptions[0].deflate_draft = 1; 373 ccp_allowoptions[0].deflate = 1; 374 ccp_allowoptions[0].deflate_size = DEFLATE_MAX_SIZE; 375 ccp_allowoptions[0].deflate_correct = 1; 376 ccp_allowoptions[0].deflate_draft = 1; 377 378 ccp_wantoptions[0].bsd_compress = 1; 379 ccp_wantoptions[0].bsd_bits = BSD_MAX_BITS; 380 ccp_allowoptions[0].bsd_compress = 1; 381 ccp_allowoptions[0].bsd_bits = BSD_MAX_BITS; 382 383 ccp_allowoptions[0].predictor_1 = 1; 384 } 385 386 /* 387 * ccp_open - CCP is allowed to come up. 388 */ 389 static void 390 ccp_open(int unit) 391 { 392 fsm *f = &ccp_fsm[unit]; 393 394 if (f->state != OPENED) 395 ccp_flags_set(unit, 1, 0); 396 397 /* 398 * Find out which compressors the kernel supports before 399 * deciding whether to open in silent mode. 400 */ 401 ccp_resetci(f); 402 if (!ANY_COMPRESS(ccp_gotoptions[unit])) 403 f->flags |= OPT_SILENT; 404 405 fsm_open(f); 406 } 407 408 /* 409 * ccp_close - Terminate CCP. 410 */ 411 static void 412 ccp_close(int unit, char *reason) 413 { 414 ccp_flags_set(unit, 0, 0); 415 fsm_close(&ccp_fsm[unit], reason); 416 } 417 418 /* 419 * ccp_lowerup - we may now transmit CCP packets. 420 */ 421 static void 422 ccp_lowerup(int unit) 423 { 424 fsm_lowerup(&ccp_fsm[unit]); 425 } 426 427 /* 428 * ccp_lowerdown - we may not transmit CCP packets. 429 */ 430 static void 431 ccp_lowerdown(int unit) 432 { 433 fsm_lowerdown(&ccp_fsm[unit]); 434 } 435 436 /* 437 * ccp_input - process a received CCP packet. 438 */ 439 static void 440 ccp_input(int unit, u_char *p, int len) 441 { 442 fsm *f = &ccp_fsm[unit]; 443 int oldstate; 444 445 /* 446 * Check for a terminate-request so we can print a message. 447 */ 448 oldstate = f->state; 449 fsm_input(f, p, len); 450 if (oldstate == OPENED && p[0] == TERMREQ && f->state != OPENED) { 451 notice("Compression disabled by peer."); 452 #ifdef PPP_WITH_MPPE 453 if (ccp_gotoptions[unit].mppe) { 454 error("MPPE disabled, closing LCP"); 455 lcp_close(unit, "MPPE disabled by peer"); 456 } 457 #endif 458 } 459 460 /* 461 * If we get a terminate-ack and we're not asking for compression, 462 * close CCP. 463 */ 464 if (oldstate == REQSENT && p[0] == TERMACK 465 && !ANY_COMPRESS(ccp_gotoptions[unit])) 466 ccp_close(unit, "No compression negotiated"); 467 } 468 469 /* 470 * Handle a CCP-specific code. 471 */ 472 static int 473 ccp_extcode(fsm *f, int code, int id, u_char *p, int len) 474 { 475 switch (code) { 476 case CCP_RESETREQ: 477 if (f->state != OPENED) 478 break; 479 /* send a reset-ack, which the transmitter will see and 480 reset its compression state. */ 481 fsm_sdata(f, CCP_RESETACK, id, NULL, 0); 482 break; 483 484 case CCP_RESETACK: 485 if (ccp_localstate[f->unit] & RACK_PENDING && id == f->reqid) { 486 ccp_localstate[f->unit] &= ~(RACK_PENDING | RREQ_REPEAT); 487 UNTIMEOUT(ccp_rack_timeout, f); 488 } 489 break; 490 491 default: 492 return 0; 493 } 494 495 return 1; 496 } 497 498 /* 499 * ccp_protrej - peer doesn't talk CCP. 500 */ 501 static void 502 ccp_protrej(int unit) 503 { 504 ccp_flags_set(unit, 0, 0); 505 fsm_lowerdown(&ccp_fsm[unit]); 506 507 #ifdef PPP_WITH_MPPE 508 if (ccp_gotoptions[unit].mppe) { 509 error("MPPE required but peer negotiation failed"); 510 lcp_close(unit, "MPPE required but peer negotiation failed"); 511 } 512 #endif 513 514 } 515 516 /* 517 * ccp_resetci - initialize at start of negotiation. 518 */ 519 static void 520 ccp_resetci(fsm *f) 521 { 522 ccp_options *go = &ccp_gotoptions[f->unit]; 523 u_char opt_buf[CCP_MAX_OPTION_LENGTH]; 524 525 *go = ccp_wantoptions[f->unit]; 526 all_rejected[f->unit] = 0; 527 528 #ifdef PPP_WITH_MPPE 529 if (go->mppe) { 530 ccp_options *ao = &ccp_allowoptions[f->unit]; 531 int auth_mschap_bits = auth_done[f->unit]; 532 #ifdef PPP_WITH_EAPTLS 533 int auth_eap_bits = auth_done[f->unit]; 534 #endif 535 int numbits; 536 537 /* 538 * Start with a basic sanity check: mschap[v2] auth must be in 539 * exactly one direction. RFC 3079 says that the keys are 540 * 'derived from the credentials of the peer that initiated the call', 541 * however the PPP protocol doesn't have such a concept, and pppd 542 * cannot get this info externally. Instead we do the best we can. 543 * NB: If MPPE is required, all other compression opts are invalid. 544 * So, we return right away if we can't do it. 545 */ 546 547 /* Leave only the mschap auth bits set */ 548 auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER | 549 CHAP_MS2_WITHPEER | CHAP_MS2_PEER); 550 /* Count the mschap auths */ 551 auth_mschap_bits >>= CHAP_MS_SHIFT; 552 numbits = 0; 553 do { 554 numbits += auth_mschap_bits & 1; 555 auth_mschap_bits >>= 1; 556 } while (auth_mschap_bits); 557 if (numbits > 1) { 558 error("MPPE required, but auth done in both directions."); 559 lcp_close(f->unit, "MPPE required but not available"); 560 return; 561 } 562 563 #ifdef PPP_WITH_EAPTLS 564 /* 565 * MPPE is also possible in combination with EAP-TLS. 566 * It is not possible to detect if we're doing EAP or EAP-TLS 567 * at this stage, hence we accept all forms of EAP. If TLS is 568 * not used then the MPPE keys will not be derived anyway. 569 */ 570 /* Leave only the eap auth bits set */ 571 auth_eap_bits &= (EAP_WITHPEER | EAP_PEER ); 572 573 if ((numbits == 0) && (auth_eap_bits == 0)) { 574 error("MPPE required, but MS-CHAP[v2] nor EAP-TLS auth are performed."); 575 #else 576 if (!numbits) { 577 error("MPPE required, but MS-CHAP[v2] auth not performed."); 578 #endif 579 lcp_close(f->unit, "MPPE required but not available"); 580 return; 581 } 582 583 /* A plugin (eg radius) may not have obtained key material. */ 584 if (!mppe_keys_isset()) { 585 error("MPPE required, but keys are not available. " 586 "Possible plugin problem?"); 587 lcp_close(f->unit, "MPPE required but not available"); 588 return; 589 } 590 591 /* LM auth not supported for MPPE */ 592 if (auth_done[f->unit] & (CHAP_MS_WITHPEER | CHAP_MS_PEER)) { 593 /* This might be noise */ 594 if (go->mppe & MPPE_OPT_40) { 595 notice("Disabling 40-bit MPPE; MS-CHAP LM not supported"); 596 go->mppe &= ~MPPE_OPT_40; 597 ccp_wantoptions[f->unit].mppe &= ~MPPE_OPT_40; 598 } 599 } 600 601 /* Last check: can we actually negotiate something? */ 602 if (!(go->mppe & (MPPE_OPT_40 | MPPE_OPT_128))) { 603 /* Could be misconfig, could be 40-bit disabled above. */ 604 error("MPPE required, but both 40-bit and 128-bit disabled."); 605 lcp_close(f->unit, "MPPE required but not available"); 606 return; 607 } 608 609 /* sync options */ 610 ao->mppe = go->mppe; 611 /* MPPE is not compatible with other compression types */ 612 ao->bsd_compress = go->bsd_compress = 0; 613 ao->predictor_1 = go->predictor_1 = 0; 614 ao->predictor_2 = go->predictor_2 = 0; 615 ao->deflate = go->deflate = 0; 616 } 617 618 /* 619 * Check whether the kernel knows about the various 620 * compression methods we might request. 621 */ 622 if (go->mppe) { 623 opt_buf[0] = CI_MPPE; 624 opt_buf[1] = CILEN_MPPE; 625 MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]); 626 /* Key material unimportant here. */ 627 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) { 628 error("MPPE required, but kernel has no support."); 629 lcp_close(f->unit, "MPPE required but not available"); 630 } 631 } 632 #endif /* PPP_WITH_MPPE */ 633 if (go->bsd_compress) { 634 opt_buf[0] = CI_BSD_COMPRESS; 635 opt_buf[1] = CILEN_BSD_COMPRESS; 636 opt_buf[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, BSD_MIN_BITS); 637 if (ccp_test(f->unit, opt_buf, CILEN_BSD_COMPRESS, 0) <= 0) 638 go->bsd_compress = 0; 639 } 640 if (go->deflate) { 641 if (go->deflate_correct) { 642 opt_buf[0] = CI_DEFLATE; 643 opt_buf[1] = CILEN_DEFLATE; 644 opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_WORKS); 645 opt_buf[3] = DEFLATE_CHK_SEQUENCE; 646 if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0) 647 go->deflate_correct = 0; 648 } 649 if (go->deflate_draft) { 650 opt_buf[0] = CI_DEFLATE_DRAFT; 651 opt_buf[1] = CILEN_DEFLATE; 652 opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_WORKS); 653 opt_buf[3] = DEFLATE_CHK_SEQUENCE; 654 if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0) 655 go->deflate_draft = 0; 656 } 657 if (!go->deflate_correct && !go->deflate_draft) 658 go->deflate = 0; 659 } 660 if (go->predictor_1) { 661 opt_buf[0] = CI_PREDICTOR_1; 662 opt_buf[1] = CILEN_PREDICTOR_1; 663 if (ccp_test(f->unit, opt_buf, CILEN_PREDICTOR_1, 0) <= 0) 664 go->predictor_1 = 0; 665 } 666 if (go->predictor_2) { 667 opt_buf[0] = CI_PREDICTOR_2; 668 opt_buf[1] = CILEN_PREDICTOR_2; 669 if (ccp_test(f->unit, opt_buf, CILEN_PREDICTOR_2, 0) <= 0) 670 go->predictor_2 = 0; 671 } 672 } 673 674 /* 675 * ccp_cilen - Return total length of our configuration info. 676 */ 677 static int 678 ccp_cilen(fsm *f) 679 { 680 ccp_options *go = &ccp_gotoptions[f->unit]; 681 682 return (go->bsd_compress? CILEN_BSD_COMPRESS: 0) 683 + (go->deflate && go->deflate_correct? CILEN_DEFLATE: 0) 684 + (go->deflate && go->deflate_draft? CILEN_DEFLATE: 0) 685 + (go->predictor_1? CILEN_PREDICTOR_1: 0) 686 + (go->predictor_2? CILEN_PREDICTOR_2: 0) 687 #ifdef PPP_WITH_MPPE 688 + (go->mppe? CILEN_MPPE: 0) 689 #endif 690 ; 691 } 692 693 /* 694 * ccp_addci - put our requests in a packet. 695 */ 696 static void 697 ccp_addci(fsm *f, u_char *p, int *lenp) 698 { 699 int res; 700 ccp_options *go = &ccp_gotoptions[f->unit]; 701 u_char *p0 = p; 702 703 /* 704 * Add the compression types that we can receive, in decreasing 705 * preference order. Get the kernel to allocate the first one 706 * in case it gets Acked. 707 */ 708 #ifdef PPP_WITH_MPPE 709 if (go->mppe) { 710 u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN]; 711 712 p[0] = opt_buf[0] = CI_MPPE; 713 p[1] = opt_buf[1] = CILEN_MPPE; 714 MPPE_OPTS_TO_CI(go->mppe, &p[2]); 715 MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]); 716 mppe_get_recv_key(&opt_buf[CILEN_MPPE], MPPE_MAX_KEY_LEN); 717 res = ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0); 718 if (res > 0) 719 p += CILEN_MPPE; 720 else 721 /* This shouldn't happen, we've already tested it! */ 722 lcp_close(f->unit, "MPPE required but not available in kernel"); 723 } 724 #endif 725 if (go->deflate) { 726 p[0] = go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT; 727 p[1] = CILEN_DEFLATE; 728 p[2] = DEFLATE_MAKE_OPT(go->deflate_size); 729 p[3] = DEFLATE_CHK_SEQUENCE; 730 if (p != p0) { 731 p += CILEN_DEFLATE; 732 } else { 733 for (;;) { 734 if (go->deflate_size < DEFLATE_MIN_WORKS) { 735 go->deflate = 0; 736 break; 737 } 738 res = ccp_test(f->unit, p, CILEN_DEFLATE, 0); 739 if (res > 0) { 740 p += CILEN_DEFLATE; 741 break; 742 } else if (res < 0) { 743 go->deflate = 0; 744 break; 745 } 746 --go->deflate_size; 747 p[2] = DEFLATE_MAKE_OPT(go->deflate_size); 748 } 749 } 750 if (p != p0 && go->deflate_correct && go->deflate_draft) { 751 p[0] = CI_DEFLATE_DRAFT; 752 p[1] = CILEN_DEFLATE; 753 p[2] = p[2 - CILEN_DEFLATE]; 754 p[3] = DEFLATE_CHK_SEQUENCE; 755 p += CILEN_DEFLATE; 756 } 757 } 758 if (go->bsd_compress) { 759 p[0] = CI_BSD_COMPRESS; 760 p[1] = CILEN_BSD_COMPRESS; 761 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits); 762 if (p != p0) { 763 p += CILEN_BSD_COMPRESS; /* not the first option */ 764 } else { 765 for (;;) { 766 if (go->bsd_bits < BSD_MIN_BITS) { 767 go->bsd_compress = 0; 768 break; 769 } 770 res = ccp_test(f->unit, p, CILEN_BSD_COMPRESS, 0); 771 if (res > 0) { 772 p += CILEN_BSD_COMPRESS; 773 break; 774 } else if (res < 0) { 775 go->bsd_compress = 0; 776 break; 777 } 778 --go->bsd_bits; 779 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits); 780 } 781 } 782 } 783 /* XXX Should Predictor 2 be preferable to Predictor 1? */ 784 if (go->predictor_1) { 785 p[0] = CI_PREDICTOR_1; 786 p[1] = CILEN_PREDICTOR_1; 787 if (p == p0 && ccp_test(f->unit, p, CILEN_PREDICTOR_1, 0) <= 0) { 788 go->predictor_1 = 0; 789 } else { 790 p += CILEN_PREDICTOR_1; 791 } 792 } 793 if (go->predictor_2) { 794 p[0] = CI_PREDICTOR_2; 795 p[1] = CILEN_PREDICTOR_2; 796 if (p == p0 && ccp_test(f->unit, p, CILEN_PREDICTOR_2, 0) <= 0) { 797 go->predictor_2 = 0; 798 } else { 799 p += CILEN_PREDICTOR_2; 800 } 801 } 802 803 go->method = (p > p0)? p0[0]: -1; 804 805 *lenp = p - p0; 806 } 807 808 /* 809 * ccp_ackci - process a received configure-ack, and return 810 * 1 iff the packet was OK. 811 */ 812 static int 813 ccp_ackci(fsm *f, u_char *p, int len) 814 { 815 ccp_options *go = &ccp_gotoptions[f->unit]; 816 u_char *p0 = p; 817 818 #ifdef PPP_WITH_MPPE 819 if (go->mppe) { 820 u_char opt_buf[CILEN_MPPE]; 821 822 opt_buf[0] = CI_MPPE; 823 opt_buf[1] = CILEN_MPPE; 824 MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]); 825 if (len < CILEN_MPPE || memcmp(opt_buf, p, CILEN_MPPE)) 826 return 0; 827 p += CILEN_MPPE; 828 len -= CILEN_MPPE; 829 /* XXX Cope with first/fast ack */ 830 if (len == 0) 831 return 1; 832 } 833 #endif 834 if (go->deflate) { 835 if (len < CILEN_DEFLATE 836 || p[0] != (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT) 837 || p[1] != CILEN_DEFLATE 838 || p[2] != DEFLATE_MAKE_OPT(go->deflate_size) 839 || p[3] != DEFLATE_CHK_SEQUENCE) 840 return 0; 841 p += CILEN_DEFLATE; 842 len -= CILEN_DEFLATE; 843 /* XXX Cope with first/fast ack */ 844 if (len == 0) 845 return 1; 846 if (go->deflate_correct && go->deflate_draft) { 847 if (len < CILEN_DEFLATE 848 || p[0] != CI_DEFLATE_DRAFT 849 || p[1] != CILEN_DEFLATE 850 || p[2] != DEFLATE_MAKE_OPT(go->deflate_size) 851 || p[3] != DEFLATE_CHK_SEQUENCE) 852 return 0; 853 p += CILEN_DEFLATE; 854 len -= CILEN_DEFLATE; 855 } 856 } 857 if (go->bsd_compress) { 858 if (len < CILEN_BSD_COMPRESS 859 || p[0] != CI_BSD_COMPRESS || p[1] != CILEN_BSD_COMPRESS 860 || p[2] != BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits)) 861 return 0; 862 p += CILEN_BSD_COMPRESS; 863 len -= CILEN_BSD_COMPRESS; 864 /* XXX Cope with first/fast ack */ 865 if (p == p0 && len == 0) 866 return 1; 867 } 868 if (go->predictor_1) { 869 if (len < CILEN_PREDICTOR_1 870 || p[0] != CI_PREDICTOR_1 || p[1] != CILEN_PREDICTOR_1) 871 return 0; 872 p += CILEN_PREDICTOR_1; 873 len -= CILEN_PREDICTOR_1; 874 /* XXX Cope with first/fast ack */ 875 if (p == p0 && len == 0) 876 return 1; 877 } 878 if (go->predictor_2) { 879 if (len < CILEN_PREDICTOR_2 880 || p[0] != CI_PREDICTOR_2 || p[1] != CILEN_PREDICTOR_2) 881 return 0; 882 p += CILEN_PREDICTOR_2; 883 len -= CILEN_PREDICTOR_2; 884 /* XXX Cope with first/fast ack */ 885 if (p == p0 && len == 0) 886 return 1; 887 } 888 889 if (len != 0) 890 return 0; 891 return 1; 892 } 893 894 /* 895 * ccp_nakci - process received configure-nak. 896 * Returns 1 iff the nak was OK. 897 */ 898 static int 899 ccp_nakci(fsm *f, u_char *p, int len, int treat_as_reject) 900 { 901 ccp_options *go = &ccp_gotoptions[f->unit]; 902 ccp_options no; /* options we've seen already */ 903 ccp_options try; /* options to ask for next time */ 904 905 memset(&no, 0, sizeof(no)); 906 try = *go; 907 908 #ifdef PPP_WITH_MPPE 909 if (go->mppe && len >= CILEN_MPPE 910 && p[0] == CI_MPPE && p[1] == CILEN_MPPE) { 911 no.mppe = 1; 912 /* 913 * Peer wants us to use a different strength or other setting. 914 * Fail if we aren't willing to use his suggestion. 915 */ 916 MPPE_CI_TO_OPTS(&p[2], try.mppe); 917 if ((try.mppe & MPPE_OPT_STATEFUL) && refuse_mppe_stateful) { 918 error("Refusing MPPE stateful mode offered by peer"); 919 try.mppe = 0; 920 } else if (((go->mppe | MPPE_OPT_STATEFUL) & try.mppe) != try.mppe) { 921 /* Peer must have set options we didn't request (suggest) */ 922 try.mppe = 0; 923 } 924 925 if (!try.mppe) { 926 error("MPPE required but peer negotiation failed"); 927 lcp_close(f->unit, "MPPE required but peer negotiation failed"); 928 } 929 } 930 #endif /* PPP_WITH_MPPE */ 931 if (go->deflate && len >= CILEN_DEFLATE 932 && p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT) 933 && p[1] == CILEN_DEFLATE) { 934 no.deflate = 1; 935 /* 936 * Peer wants us to use a different code size or something. 937 * Stop asking for Deflate if we don't understand his suggestion. 938 */ 939 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL 940 || DEFLATE_SIZE(p[2]) < DEFLATE_MIN_WORKS 941 || p[3] != DEFLATE_CHK_SEQUENCE) 942 try.deflate = 0; 943 else if (DEFLATE_SIZE(p[2]) < go->deflate_size) 944 try.deflate_size = DEFLATE_SIZE(p[2]); 945 p += CILEN_DEFLATE; 946 len -= CILEN_DEFLATE; 947 if (go->deflate_correct && go->deflate_draft 948 && len >= CILEN_DEFLATE && p[0] == CI_DEFLATE_DRAFT 949 && p[1] == CILEN_DEFLATE) { 950 p += CILEN_DEFLATE; 951 len -= CILEN_DEFLATE; 952 } 953 } 954 955 if (go->bsd_compress && len >= CILEN_BSD_COMPRESS 956 && p[0] == CI_BSD_COMPRESS && p[1] == CILEN_BSD_COMPRESS) { 957 no.bsd_compress = 1; 958 /* 959 * Peer wants us to use a different number of bits 960 * or a different version. 961 */ 962 if (BSD_VERSION(p[2]) != BSD_CURRENT_VERSION) 963 try.bsd_compress = 0; 964 else if (BSD_NBITS(p[2]) < go->bsd_bits) 965 try.bsd_bits = BSD_NBITS(p[2]); 966 p += CILEN_BSD_COMPRESS; 967 len -= CILEN_BSD_COMPRESS; 968 } 969 970 /* 971 * Predictor-1 and 2 have no options, so they can't be Naked. 972 * 973 * There may be remaining options but we ignore them. 974 */ 975 976 if (f->state != OPENED) 977 *go = try; 978 return 1; 979 } 980 981 /* 982 * ccp_rejci - reject some of our suggested compression methods. 983 */ 984 static int 985 ccp_rejci(fsm *f, u_char *p, int len) 986 { 987 ccp_options *go = &ccp_gotoptions[f->unit]; 988 ccp_options try; /* options to request next time */ 989 990 try = *go; 991 992 /* 993 * Cope with empty configure-rejects by ceasing to send 994 * configure-requests. 995 */ 996 if (len == 0 && all_rejected[f->unit]) 997 return -1; 998 999 #ifdef PPP_WITH_MPPE 1000 if (go->mppe && len >= CILEN_MPPE 1001 && p[0] == CI_MPPE && p[1] == CILEN_MPPE) { 1002 error("MPPE required but peer refused"); 1003 lcp_close(f->unit, "MPPE required but peer refused"); 1004 p += CILEN_MPPE; 1005 len -= CILEN_MPPE; 1006 } 1007 #endif 1008 if (go->deflate_correct && len >= CILEN_DEFLATE 1009 && p[0] == CI_DEFLATE && p[1] == CILEN_DEFLATE) { 1010 if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size) 1011 || p[3] != DEFLATE_CHK_SEQUENCE) 1012 return 0; /* Rej is bad */ 1013 try.deflate_correct = 0; 1014 p += CILEN_DEFLATE; 1015 len -= CILEN_DEFLATE; 1016 } 1017 if (go->deflate_draft && len >= CILEN_DEFLATE 1018 && p[0] == CI_DEFLATE_DRAFT && p[1] == CILEN_DEFLATE) { 1019 if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size) 1020 || p[3] != DEFLATE_CHK_SEQUENCE) 1021 return 0; /* Rej is bad */ 1022 try.deflate_draft = 0; 1023 p += CILEN_DEFLATE; 1024 len -= CILEN_DEFLATE; 1025 } 1026 if (!try.deflate_correct && !try.deflate_draft) 1027 try.deflate = 0; 1028 if (go->bsd_compress && len >= CILEN_BSD_COMPRESS 1029 && p[0] == CI_BSD_COMPRESS && p[1] == CILEN_BSD_COMPRESS) { 1030 if (p[2] != BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits)) 1031 return 0; 1032 try.bsd_compress = 0; 1033 p += CILEN_BSD_COMPRESS; 1034 len -= CILEN_BSD_COMPRESS; 1035 } 1036 if (go->predictor_1 && len >= CILEN_PREDICTOR_1 1037 && p[0] == CI_PREDICTOR_1 && p[1] == CILEN_PREDICTOR_1) { 1038 try.predictor_1 = 0; 1039 p += CILEN_PREDICTOR_1; 1040 len -= CILEN_PREDICTOR_1; 1041 } 1042 if (go->predictor_2 && len >= CILEN_PREDICTOR_2 1043 && p[0] == CI_PREDICTOR_2 && p[1] == CILEN_PREDICTOR_2) { 1044 try.predictor_2 = 0; 1045 p += CILEN_PREDICTOR_2; 1046 len -= CILEN_PREDICTOR_2; 1047 } 1048 1049 if (len != 0) 1050 return 0; 1051 1052 if (f->state != OPENED) 1053 *go = try; 1054 1055 return 1; 1056 } 1057 1058 /* 1059 * ccp_reqci - processed a received configure-request. 1060 * Returns CONFACK, CONFNAK or CONFREJ and the packet modified 1061 * appropriately. 1062 */ 1063 static int 1064 ccp_reqci(fsm *f, u_char *p, int *lenp, int dont_nak) 1065 { 1066 int ret, newret, res; 1067 u_char *p0, *retp; 1068 int len, clen, type, nb; 1069 ccp_options *ho = &ccp_hisoptions[f->unit]; 1070 ccp_options *ao = &ccp_allowoptions[f->unit]; 1071 #ifdef PPP_WITH_MPPE 1072 bool rej_for_ci_mppe = 1; /* Are we rejecting based on a bad/missing */ 1073 /* CI_MPPE, or due to other options? */ 1074 #endif 1075 1076 ret = CONFACK; 1077 retp = p0 = p; 1078 len = *lenp; 1079 1080 memset(ho, 0, sizeof(ccp_options)); 1081 ho->method = (len > 0)? p[0]: -1; 1082 1083 while (len > 0) { 1084 newret = CONFACK; 1085 if (len < 2 || p[1] < 2 || p[1] > len) { 1086 /* length is bad */ 1087 clen = len; 1088 newret = CONFREJ; 1089 1090 } else { 1091 type = p[0]; 1092 clen = p[1]; 1093 1094 switch (type) { 1095 #ifdef PPP_WITH_MPPE 1096 case CI_MPPE: 1097 if (!ao->mppe || clen != CILEN_MPPE) { 1098 newret = CONFREJ; 1099 break; 1100 } 1101 MPPE_CI_TO_OPTS(&p[2], ho->mppe); 1102 1103 /* Nak if anything unsupported or unknown are set. */ 1104 if (ho->mppe & MPPE_OPT_UNSUPPORTED) { 1105 newret = CONFNAK; 1106 ho->mppe &= ~MPPE_OPT_UNSUPPORTED; 1107 } 1108 if (ho->mppe & MPPE_OPT_UNKNOWN) { 1109 newret = CONFNAK; 1110 ho->mppe &= ~MPPE_OPT_UNKNOWN; 1111 } 1112 1113 /* Check state opt */ 1114 if (ho->mppe & MPPE_OPT_STATEFUL) { 1115 /* 1116 * We can Nak and request stateless, but it's a 1117 * lot easier to just assume the peer will request 1118 * it if he can do it; stateful mode is bad over 1119 * the Internet -- which is where we expect MPPE. 1120 */ 1121 if (refuse_mppe_stateful) { 1122 error("Refusing MPPE stateful mode offered by peer"); 1123 newret = CONFREJ; 1124 break; 1125 } 1126 } 1127 1128 /* Find out which of {S,L} are set. */ 1129 if ((ho->mppe & MPPE_OPT_128) 1130 && (ho->mppe & MPPE_OPT_40)) { 1131 /* Both are set, negotiate the strongest. */ 1132 newret = CONFNAK; 1133 if (ao->mppe & MPPE_OPT_128) 1134 ho->mppe &= ~MPPE_OPT_40; 1135 else if (ao->mppe & MPPE_OPT_40) 1136 ho->mppe &= ~MPPE_OPT_128; 1137 else { 1138 newret = CONFREJ; 1139 break; 1140 } 1141 } else if (ho->mppe & MPPE_OPT_128) { 1142 if (!(ao->mppe & MPPE_OPT_128)) { 1143 newret = CONFREJ; 1144 break; 1145 } 1146 } else if (ho->mppe & MPPE_OPT_40) { 1147 if (!(ao->mppe & MPPE_OPT_40)) { 1148 newret = CONFREJ; 1149 break; 1150 } 1151 } else { 1152 /* Neither are set. */ 1153 /* We cannot accept this. */ 1154 newret = CONFNAK; 1155 /* Give the peer our idea of what can be used, 1156 so it can choose and confirm */ 1157 ho->mppe = ao->mppe; 1158 } 1159 1160 /* rebuild the opts */ 1161 MPPE_OPTS_TO_CI(ho->mppe, &p[2]); 1162 if (newret == CONFACK) { 1163 u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN]; 1164 int mtu; 1165 1166 BCOPY(p, opt_buf, CILEN_MPPE); 1167 mppe_get_send_key(&opt_buf[CILEN_MPPE], MPPE_MAX_KEY_LEN); 1168 if (ccp_test(f->unit, opt_buf, 1169 CILEN_MPPE + MPPE_MAX_KEY_LEN, 1) <= 0) { 1170 /* This shouldn't happen, we've already tested it! */ 1171 error("MPPE required, but kernel has no support."); 1172 lcp_close(f->unit, "MPPE required but not available"); 1173 newret = CONFREJ; 1174 break; 1175 } 1176 /* 1177 * We need to decrease the interface MTU by MPPE_PAD 1178 * because MPPE frames **grow**. The kernel [must] 1179 * allocate MPPE_PAD extra bytes in xmit buffers. 1180 */ 1181 mtu = ppp_get_mtu(f->unit); 1182 if (mtu) 1183 ppp_set_mtu(f->unit, mtu - MPPE_PAD); 1184 else 1185 newret = CONFREJ; 1186 } 1187 1188 /* 1189 * We have accepted MPPE or are willing to negotiate 1190 * MPPE parameters. A CONFREJ is due to subsequent 1191 * (non-MPPE) processing. 1192 */ 1193 rej_for_ci_mppe = 0; 1194 break; 1195 #endif /* PPP_WITH_MPPE */ 1196 case CI_DEFLATE: 1197 case CI_DEFLATE_DRAFT: 1198 if (!ao->deflate || clen != CILEN_DEFLATE 1199 || (!ao->deflate_correct && type == CI_DEFLATE) 1200 || (!ao->deflate_draft && type == CI_DEFLATE_DRAFT)) { 1201 newret = CONFREJ; 1202 break; 1203 } 1204 1205 ho->deflate = 1; 1206 ho->deflate_size = nb = DEFLATE_SIZE(p[2]); 1207 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL 1208 || p[3] != DEFLATE_CHK_SEQUENCE 1209 || nb > ao->deflate_size || nb < DEFLATE_MIN_WORKS) { 1210 newret = CONFNAK; 1211 if (!dont_nak) { 1212 p[2] = DEFLATE_MAKE_OPT(ao->deflate_size); 1213 p[3] = DEFLATE_CHK_SEQUENCE; 1214 /* fall through to test this #bits below */ 1215 } else 1216 break; 1217 } 1218 1219 /* 1220 * Check whether we can do Deflate with the window 1221 * size they want. If the window is too big, reduce 1222 * it until the kernel can cope and nak with that. 1223 * We only check this for the first option. 1224 */ 1225 if (p == p0) { 1226 for (;;) { 1227 res = ccp_test(f->unit, p, CILEN_DEFLATE, 1); 1228 if (res > 0) 1229 break; /* it's OK now */ 1230 if (res < 0 || nb == DEFLATE_MIN_WORKS || dont_nak) { 1231 newret = CONFREJ; 1232 p[2] = DEFLATE_MAKE_OPT(ho->deflate_size); 1233 break; 1234 } 1235 newret = CONFNAK; 1236 --nb; 1237 p[2] = DEFLATE_MAKE_OPT(nb); 1238 } 1239 } 1240 break; 1241 1242 case CI_BSD_COMPRESS: 1243 if (!ao->bsd_compress || clen != CILEN_BSD_COMPRESS) { 1244 newret = CONFREJ; 1245 break; 1246 } 1247 1248 ho->bsd_compress = 1; 1249 ho->bsd_bits = nb = BSD_NBITS(p[2]); 1250 if (BSD_VERSION(p[2]) != BSD_CURRENT_VERSION 1251 || nb > ao->bsd_bits || nb < BSD_MIN_BITS) { 1252 newret = CONFNAK; 1253 if (!dont_nak) { 1254 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, ao->bsd_bits); 1255 /* fall through to test this #bits below */ 1256 } else 1257 break; 1258 } 1259 1260 /* 1261 * Check whether we can do BSD-Compress with the code 1262 * size they want. If the code size is too big, reduce 1263 * it until the kernel can cope and nak with that. 1264 * We only check this for the first option. 1265 */ 1266 if (p == p0) { 1267 for (;;) { 1268 res = ccp_test(f->unit, p, CILEN_BSD_COMPRESS, 1); 1269 if (res > 0) 1270 break; 1271 if (res < 0 || nb == BSD_MIN_BITS || dont_nak) { 1272 newret = CONFREJ; 1273 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, 1274 ho->bsd_bits); 1275 break; 1276 } 1277 newret = CONFNAK; 1278 --nb; 1279 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, nb); 1280 } 1281 } 1282 break; 1283 1284 case CI_PREDICTOR_1: 1285 if (!ao->predictor_1 || clen != CILEN_PREDICTOR_1) { 1286 newret = CONFREJ; 1287 break; 1288 } 1289 1290 ho->predictor_1 = 1; 1291 if (p == p0 1292 && ccp_test(f->unit, p, CILEN_PREDICTOR_1, 1) <= 0) { 1293 newret = CONFREJ; 1294 } 1295 break; 1296 1297 case CI_PREDICTOR_2: 1298 if (!ao->predictor_2 || clen != CILEN_PREDICTOR_2) { 1299 newret = CONFREJ; 1300 break; 1301 } 1302 1303 ho->predictor_2 = 1; 1304 if (p == p0 1305 && ccp_test(f->unit, p, CILEN_PREDICTOR_2, 1) <= 0) { 1306 newret = CONFREJ; 1307 } 1308 break; 1309 1310 default: 1311 newret = CONFREJ; 1312 } 1313 } 1314 1315 if (newret == CONFNAK && dont_nak) 1316 newret = CONFREJ; 1317 if (!(newret == CONFACK || (newret == CONFNAK && ret == CONFREJ))) { 1318 /* we're returning this option */ 1319 if (newret == CONFREJ && ret == CONFNAK) 1320 retp = p0; 1321 ret = newret; 1322 if (p != retp) 1323 BCOPY(p, retp, clen); 1324 retp += clen; 1325 } 1326 1327 p += clen; 1328 len -= clen; 1329 } 1330 1331 if (ret != CONFACK) { 1332 if (ret == CONFREJ && *lenp == retp - p0) 1333 all_rejected[f->unit] = 1; 1334 else 1335 *lenp = retp - p0; 1336 } 1337 #ifdef PPP_WITH_MPPE 1338 if (ret == CONFREJ && ao->mppe && rej_for_ci_mppe) { 1339 error("MPPE required but peer negotiation failed"); 1340 lcp_close(f->unit, "MPPE required but peer negotiation failed"); 1341 } 1342 #endif 1343 return ret; 1344 } 1345 1346 /* 1347 * Make a string name for a compression method (or 2). 1348 */ 1349 static char * 1350 method_name(ccp_options *opt, ccp_options *opt2) 1351 { 1352 static char result[64]; 1353 1354 if (!ANY_COMPRESS(*opt)) 1355 return "(none)"; 1356 switch (opt->method) { 1357 #ifdef PPP_WITH_MPPE 1358 case CI_MPPE: 1359 { 1360 char *p = result; 1361 char *q = result + sizeof(result); /* 1 past result */ 1362 1363 slprintf(p, q - p, "MPPE "); 1364 p += 5; 1365 if (opt->mppe & MPPE_OPT_128) { 1366 slprintf(p, q - p, "128-bit "); 1367 p += 8; 1368 } 1369 if (opt->mppe & MPPE_OPT_40) { 1370 slprintf(p, q - p, "40-bit "); 1371 p += 7; 1372 } 1373 if (opt->mppe & MPPE_OPT_STATEFUL) 1374 slprintf(p, q - p, "stateful"); 1375 else 1376 slprintf(p, q - p, "stateless"); 1377 1378 break; 1379 } 1380 #endif 1381 case CI_DEFLATE: 1382 case CI_DEFLATE_DRAFT: 1383 if (opt2 != NULL && opt2->deflate_size != opt->deflate_size) 1384 slprintf(result, sizeof(result), "Deflate%s (%d/%d)", 1385 (opt->method == CI_DEFLATE_DRAFT? "(old#)": ""), 1386 opt->deflate_size, opt2->deflate_size); 1387 else 1388 slprintf(result, sizeof(result), "Deflate%s (%d)", 1389 (opt->method == CI_DEFLATE_DRAFT? "(old#)": ""), 1390 opt->deflate_size); 1391 break; 1392 case CI_BSD_COMPRESS: 1393 if (opt2 != NULL && opt2->bsd_bits != opt->bsd_bits) 1394 slprintf(result, sizeof(result), "BSD-Compress (%d/%d)", 1395 opt->bsd_bits, opt2->bsd_bits); 1396 else 1397 slprintf(result, sizeof(result), "BSD-Compress (%d)", 1398 opt->bsd_bits); 1399 break; 1400 case CI_PREDICTOR_1: 1401 return "Predictor 1"; 1402 case CI_PREDICTOR_2: 1403 return "Predictor 2"; 1404 default: 1405 slprintf(result, sizeof(result), "Method %d", opt->method); 1406 } 1407 return result; 1408 } 1409 1410 /* 1411 * CCP has come up - inform the kernel driver and log a message. 1412 */ 1413 static void 1414 ccp_up(fsm *f) 1415 { 1416 ccp_options *go = &ccp_gotoptions[f->unit]; 1417 ccp_options *ho = &ccp_hisoptions[f->unit]; 1418 char method1[64]; 1419 1420 ccp_flags_set(f->unit, 1, 1); 1421 if (ANY_COMPRESS(*go)) { 1422 if (ANY_COMPRESS(*ho)) { 1423 if (go->method == ho->method) { 1424 notice("%s compression enabled", method_name(go, ho)); 1425 } else { 1426 strlcpy(method1, method_name(go, NULL), sizeof(method1)); 1427 notice("%s / %s compression enabled", 1428 method1, method_name(ho, NULL)); 1429 } 1430 } else 1431 notice("%s receive compression enabled", method_name(go, NULL)); 1432 } else if (ANY_COMPRESS(*ho)) 1433 notice("%s transmit compression enabled", method_name(ho, NULL)); 1434 #ifdef PPP_WITH_MPPE 1435 if (go->mppe) { 1436 mppe_clear_keys(); 1437 continue_networks(f->unit); /* Bring up IP et al */ 1438 } 1439 #endif 1440 } 1441 1442 /* 1443 * CCP has gone down - inform the kernel driver. 1444 */ 1445 static void 1446 ccp_down(fsm *f) 1447 { 1448 if (ccp_localstate[f->unit] & RACK_PENDING) 1449 UNTIMEOUT(ccp_rack_timeout, f); 1450 ccp_localstate[f->unit] = 0; 1451 ccp_flags_set(f->unit, 1, 0); 1452 #ifdef PPP_WITH_MPPE 1453 if (ccp_gotoptions[f->unit].mppe) { 1454 ccp_gotoptions[f->unit].mppe = 0; 1455 if (lcp_fsm[f->unit].state == OPENED) { 1456 /* If LCP is not already going down, make sure it does. */ 1457 error("MPPE disabled"); 1458 lcp_close(f->unit, "MPPE disabled"); 1459 } 1460 } 1461 #endif 1462 } 1463 1464 /* 1465 * Print the contents of a CCP packet. 1466 */ 1467 static char *ccp_codenames[] = { 1468 "ConfReq", "ConfAck", "ConfNak", "ConfRej", 1469 "TermReq", "TermAck", "CodeRej", 1470 NULL, NULL, NULL, NULL, NULL, NULL, 1471 "ResetReq", "ResetAck", 1472 }; 1473 1474 static int 1475 ccp_printpkt(u_char *p, int plen, 1476 void (*printer) (void *, char *, ...), void *arg) 1477 { 1478 u_char *p0, *optend; 1479 int code, id, len; 1480 int optlen; 1481 1482 p0 = p; 1483 if (plen < HEADERLEN) 1484 return 0; 1485 code = p[0]; 1486 id = p[1]; 1487 len = (p[2] << 8) + p[3]; 1488 if (len < HEADERLEN || len > plen) 1489 return 0; 1490 1491 if (code >= 1 && code <= sizeof(ccp_codenames) / sizeof(char *) 1492 && ccp_codenames[code-1] != NULL) 1493 printer(arg, " %s", ccp_codenames[code-1]); 1494 else 1495 printer(arg, " code=0x%x", code); 1496 printer(arg, " id=0x%x", id); 1497 len -= HEADERLEN; 1498 p += HEADERLEN; 1499 1500 switch (code) { 1501 case CONFREQ: 1502 case CONFACK: 1503 case CONFNAK: 1504 case CONFREJ: 1505 /* print list of possible compression methods */ 1506 while (len >= 2) { 1507 code = p[0]; 1508 optlen = p[1]; 1509 if (optlen < 2 || optlen > len) 1510 break; 1511 printer(arg, " <"); 1512 len -= optlen; 1513 optend = p + optlen; 1514 switch (code) { 1515 #ifdef PPP_WITH_MPPE 1516 case CI_MPPE: 1517 if (optlen >= CILEN_MPPE) { 1518 u_char mppe_opts; 1519 1520 MPPE_CI_TO_OPTS(&p[2], mppe_opts); 1521 printer(arg, "mppe %s %s %s %s %s %s%s", 1522 (p[2] & MPPE_H_BIT)? "+H": "-H", 1523 (p[5] & MPPE_M_BIT)? "+M": "-M", 1524 (p[5] & MPPE_S_BIT)? "+S": "-S", 1525 (p[5] & MPPE_L_BIT)? "+L": "-L", 1526 (p[5] & MPPE_D_BIT)? "+D": "-D", 1527 (p[5] & MPPE_C_BIT)? "+C": "-C", 1528 (mppe_opts & MPPE_OPT_UNKNOWN)? " +U": ""); 1529 if (mppe_opts & MPPE_OPT_UNKNOWN) 1530 printer(arg, " (%.2x %.2x %.2x %.2x)", 1531 p[2], p[3], p[4], p[5]); 1532 p += CILEN_MPPE; 1533 } 1534 break; 1535 #endif 1536 case CI_DEFLATE: 1537 case CI_DEFLATE_DRAFT: 1538 if (optlen >= CILEN_DEFLATE) { 1539 printer(arg, "deflate%s %d", 1540 (code == CI_DEFLATE_DRAFT? "(old#)": ""), 1541 DEFLATE_SIZE(p[2])); 1542 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL) 1543 printer(arg, " method %d", DEFLATE_METHOD(p[2])); 1544 if (p[3] != DEFLATE_CHK_SEQUENCE) 1545 printer(arg, " check %d", p[3]); 1546 p += CILEN_DEFLATE; 1547 } 1548 break; 1549 case CI_BSD_COMPRESS: 1550 if (optlen >= CILEN_BSD_COMPRESS) { 1551 printer(arg, "bsd v%d %d", BSD_VERSION(p[2]), 1552 BSD_NBITS(p[2])); 1553 p += CILEN_BSD_COMPRESS; 1554 } 1555 break; 1556 case CI_PREDICTOR_1: 1557 if (optlen >= CILEN_PREDICTOR_1) { 1558 printer(arg, "predictor 1"); 1559 p += CILEN_PREDICTOR_1; 1560 } 1561 break; 1562 case CI_PREDICTOR_2: 1563 if (optlen >= CILEN_PREDICTOR_2) { 1564 printer(arg, "predictor 2"); 1565 p += CILEN_PREDICTOR_2; 1566 } 1567 break; 1568 } 1569 while (p < optend) 1570 printer(arg, " %.2x", *p++); 1571 printer(arg, ">"); 1572 } 1573 break; 1574 1575 case TERMACK: 1576 case TERMREQ: 1577 if (len > 0 && *p >= ' ' && *p < 0x7f) { 1578 print_string((char *)p, len, printer, arg); 1579 p += len; 1580 len = 0; 1581 } 1582 break; 1583 } 1584 1585 /* dump out the rest of the packet in hex */ 1586 while (--len >= 0) 1587 printer(arg, " %.2x", *p++); 1588 1589 return p - p0; 1590 } 1591 1592 /* 1593 * We have received a packet that the decompressor failed to 1594 * decompress. Here we would expect to issue a reset-request, but 1595 * Motorola has a patent on resetting the compressor as a result of 1596 * detecting an error in the decompressed data after decompression. 1597 * (See US patent 5,130,993; international patent publication number 1598 * WO 91/10289; Australian patent 73296/91.) 1599 * 1600 * So we ask the kernel whether the error was detected after 1601 * decompression; if it was, we take CCP down, thus disabling 1602 * compression :-(, otherwise we issue the reset-request. 1603 */ 1604 static void 1605 ccp_datainput(int unit, u_char *pkt, int len) 1606 { 1607 fsm *f; 1608 1609 f = &ccp_fsm[unit]; 1610 if (f->state == OPENED) { 1611 if (ccp_fatal_error(unit)) { 1612 /* 1613 * Disable compression by taking CCP down. 1614 */ 1615 error("Lost compression sync: disabling compression"); 1616 ccp_close(unit, "Lost compression sync"); 1617 #ifdef PPP_WITH_MPPE 1618 /* 1619 * If we were doing MPPE, we must also take the link down. 1620 */ 1621 if (ccp_gotoptions[unit].mppe) { 1622 error("Too many MPPE errors, closing LCP"); 1623 lcp_close(unit, "Too many MPPE errors"); 1624 } 1625 #endif 1626 } else { 1627 /* 1628 * Send a reset-request to reset the peer's compressor. 1629 * We don't do that if we are still waiting for an 1630 * acknowledgement to a previous reset-request. 1631 */ 1632 if (!(ccp_localstate[f->unit] & RACK_PENDING)) { 1633 fsm_sdata(f, CCP_RESETREQ, f->reqid = ++f->id, NULL, 0); 1634 TIMEOUT(ccp_rack_timeout, f, RACKTIMEOUT); 1635 ccp_localstate[f->unit] |= RACK_PENDING; 1636 } else 1637 ccp_localstate[f->unit] |= RREQ_REPEAT; 1638 } 1639 } 1640 } 1641 1642 /* 1643 * Timeout waiting for reset-ack. 1644 */ 1645 static void 1646 ccp_rack_timeout(void *arg) 1647 { 1648 fsm *f = arg; 1649 1650 if (f->state == OPENED && ccp_localstate[f->unit] & RREQ_REPEAT) { 1651 fsm_sdata(f, CCP_RESETREQ, f->reqid, NULL, 0); 1652 TIMEOUT(ccp_rack_timeout, f, RACKTIMEOUT); 1653 ccp_localstate[f->unit] &= ~RREQ_REPEAT; 1654 } else 1655 ccp_localstate[f->unit] &= ~RACK_PENDING; 1656 } 1657 1658