1 /* $NetBSD: ccp.c,v 1.5 2021/01/09 16:39:28 christos Exp $ */
2
3 /*
4 * ccp.c - PPP Compression Control Protocol.
5 *
6 * Copyright (c) 1994-2002 Paul Mackerras. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. The name(s) of the authors of this software must not be used to
16 * endorse or promote products derived from this software without
17 * prior written permission.
18 *
19 * 3. Redistributions of any form whatsoever must retain the following
20 * acknowledgment:
21 * "This product includes software developed by Paul Mackerras
22 * <paulus@samba.org>".
23 *
24 * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
25 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
26 * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
27 * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
28 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
29 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
30 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
31 */
32
33 #include <sys/cdefs.h>
34 #if 0
35 #define RCSID "Id: ccp.c,v 1.50 2005/06/26 19:34:41 carlsonj Exp "
36 static const char rcsid[] = RCSID;
37 #else
38 __RCSID("$NetBSD: ccp.c,v 1.5 2021/01/09 16:39:28 christos Exp $");
39 #endif
40
41 #include <stdlib.h>
42 #include <string.h>
43
44 #include "pppd.h"
45 #include "fsm.h"
46 #include "ccp.h"
47 #include <net/ppp-comp.h>
48
49 #ifdef MPPE
50 #include "chap_ms.h" /* mppe_xxxx_key, mppe_keys_set */
51 #include "lcp.h" /* lcp_close(), lcp_fsm */
52 #endif
53
54
55 /*
56 * Unfortunately there is a bug in zlib which means that using a
57 * size of 8 (window size = 256) for Deflate compression will cause
58 * buffer overruns and kernel crashes in the deflate module.
59 * Until this is fixed we only accept sizes in the range 9 .. 15.
60 * Thanks to James Carlson for pointing this out.
61 */
62 #define DEFLATE_MIN_WORKS 9
63
64 /*
65 * Command-line options.
66 */
67 static int setbsdcomp (char **);
68 static int setdeflate (char **);
69 static char bsd_value[8];
70 static char deflate_value[8];
71
72 /*
73 * Option variables.
74 */
75 #ifdef MPPE
76 bool refuse_mppe_stateful = 1; /* Allow stateful mode? */
77 #endif
78
79 static option_t ccp_option_list[] = {
80 { "noccp", o_bool, &ccp_protent.enabled_flag,
81 "Disable CCP negotiation" },
82 { "-ccp", o_bool, &ccp_protent.enabled_flag,
83 "Disable CCP negotiation", OPT_ALIAS },
84
85 { "bsdcomp", o_special, (void *)setbsdcomp,
86 "Request BSD-Compress packet compression",
87 OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, bsd_value },
88 { "nobsdcomp", o_bool, &ccp_wantoptions[0].bsd_compress,
89 "don't allow BSD-Compress", OPT_PRIOSUB | OPT_A2CLR,
90 &ccp_allowoptions[0].bsd_compress },
91 { "-bsdcomp", o_bool, &ccp_wantoptions[0].bsd_compress,
92 "don't allow BSD-Compress", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
93 &ccp_allowoptions[0].bsd_compress },
94
95 { "deflate", o_special, (void *)setdeflate,
96 "request Deflate compression",
97 OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, deflate_value },
98 { "nodeflate", o_bool, &ccp_wantoptions[0].deflate,
99 "don't allow Deflate compression", OPT_PRIOSUB | OPT_A2CLR,
100 &ccp_allowoptions[0].deflate },
101 { "-deflate", o_bool, &ccp_wantoptions[0].deflate,
102 "don't allow Deflate compression", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
103 &ccp_allowoptions[0].deflate },
104
105 { "nodeflatedraft", o_bool, &ccp_wantoptions[0].deflate_draft,
106 "don't use draft deflate #", OPT_A2COPY,
107 &ccp_allowoptions[0].deflate_draft },
108
109 { "predictor1", o_bool, &ccp_wantoptions[0].predictor_1,
110 "request Predictor-1", OPT_PRIO | 1 },
111 { "nopredictor1", o_bool, &ccp_wantoptions[0].predictor_1,
112 "don't allow Predictor-1", OPT_PRIOSUB | OPT_A2CLR,
113 &ccp_allowoptions[0].predictor_1 },
114 { "-predictor1", o_bool, &ccp_wantoptions[0].predictor_1,
115 "don't allow Predictor-1", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
116 &ccp_allowoptions[0].predictor_1 },
117
118 #ifdef MPPE
119 /* MPPE options are symmetrical ... we only set wantoptions here */
120 { "require-mppe", o_bool, &ccp_wantoptions[0].mppe,
121 "require MPPE encryption",
122 OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 },
123 { "+mppe", o_bool, &ccp_wantoptions[0].mppe,
124 "require MPPE encryption",
125 OPT_ALIAS | OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 },
126 { "nomppe", o_bool, &ccp_wantoptions[0].mppe,
127 "don't allow MPPE encryption", OPT_PRIO },
128 { "-mppe", o_bool, &ccp_wantoptions[0].mppe,
129 "don't allow MPPE encryption", OPT_ALIAS | OPT_PRIO },
130
131 /* We use ccp_allowoptions[0].mppe as a junk var ... it is reset later */
132 { "require-mppe-40", o_bool, &ccp_allowoptions[0].mppe,
133 "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40,
134 &ccp_wantoptions[0].mppe },
135 { "+mppe-40", o_bool, &ccp_allowoptions[0].mppe,
136 "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40,
137 &ccp_wantoptions[0].mppe },
138 { "nomppe-40", o_bool, &ccp_allowoptions[0].mppe,
139 "don't allow MPPE 40-bit encryption",
140 OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40, &ccp_wantoptions[0].mppe },
141 { "-mppe-40", o_bool, &ccp_allowoptions[0].mppe,
142 "don't allow MPPE 40-bit encryption",
143 OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40,
144 &ccp_wantoptions[0].mppe },
145
146 { "require-mppe-128", o_bool, &ccp_allowoptions[0].mppe,
147 "require MPPE 128-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_128,
148 &ccp_wantoptions[0].mppe },
149 { "+mppe-128", o_bool, &ccp_allowoptions[0].mppe,
150 "require MPPE 128-bit encryption",
151 OPT_ALIAS | OPT_PRIO | OPT_A2OR | MPPE_OPT_128,
152 &ccp_wantoptions[0].mppe },
153 { "nomppe-128", o_bool, &ccp_allowoptions[0].mppe,
154 "don't allow MPPE 128-bit encryption",
155 OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128, &ccp_wantoptions[0].mppe },
156 { "-mppe-128", o_bool, &ccp_allowoptions[0].mppe,
157 "don't allow MPPE 128-bit encryption",
158 OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128,
159 &ccp_wantoptions[0].mppe },
160
161 /* strange one; we always request stateless, but will we allow stateful? */
162 { "mppe-stateful", o_bool, &refuse_mppe_stateful,
163 "allow MPPE stateful mode", OPT_PRIO },
164 { "nomppe-stateful", o_bool, &refuse_mppe_stateful,
165 "disallow MPPE stateful mode", OPT_PRIO | 1 },
166 #endif /* MPPE */
167
168 { NULL }
169 };
170
171 /*
172 * Protocol entry points from main code.
173 */
174 static void ccp_init (int unit);
175 static void ccp_open (int unit);
176 static void ccp_close (int unit, char *);
177 static void ccp_lowerup (int unit);
178 static void ccp_lowerdown (int);
179 static void ccp_input (int unit, u_char *pkt, int len);
180 static void ccp_protrej (int unit);
181 static int ccp_printpkt (u_char *pkt, int len,
182 void (*printer)(void *, char *, ...),
183 void *arg);
184 static void ccp_datainput (int unit, u_char *pkt, int len);
185
186 struct protent ccp_protent = {
187 PPP_CCP,
188 ccp_init,
189 ccp_input,
190 ccp_protrej,
191 ccp_lowerup,
192 ccp_lowerdown,
193 ccp_open,
194 ccp_close,
195 ccp_printpkt,
196 ccp_datainput,
197 1,
198 "CCP",
199 "Compressed",
200 ccp_option_list,
201 NULL,
202 NULL,
203 NULL
204 };
205
206 fsm ccp_fsm[NUM_PPP];
207 ccp_options ccp_wantoptions[NUM_PPP]; /* what to request the peer to use */
208 ccp_options ccp_gotoptions[NUM_PPP]; /* what the peer agreed to do */
209 ccp_options ccp_allowoptions[NUM_PPP]; /* what we'll agree to do */
210 ccp_options ccp_hisoptions[NUM_PPP]; /* what we agreed to do */
211
212 /*
213 * Callbacks for fsm code.
214 */
215 static void ccp_resetci (fsm *);
216 static int ccp_cilen (fsm *);
217 static void ccp_addci (fsm *, u_char *, int *);
218 static int ccp_ackci (fsm *, u_char *, int);
219 static int ccp_nakci (fsm *, u_char *, int, int);
220 static int ccp_rejci (fsm *, u_char *, int);
221 static int ccp_reqci (fsm *, u_char *, int *, int);
222 static void ccp_up (fsm *);
223 static void ccp_down (fsm *);
224 static int ccp_extcode (fsm *, int, int, u_char *, int);
225 static void ccp_rack_timeout (void *);
226 static char *method_name (ccp_options *, ccp_options *);
227
228 static fsm_callbacks ccp_callbacks = {
229 ccp_resetci,
230 ccp_cilen,
231 ccp_addci,
232 ccp_ackci,
233 ccp_nakci,
234 ccp_rejci,
235 ccp_reqci,
236 ccp_up,
237 ccp_down,
238 NULL,
239 NULL,
240 NULL,
241 NULL,
242 ccp_extcode,
243 "CCP"
244 };
245
246 /*
247 * Do we want / did we get any compression?
248 */
249 #define ANY_COMPRESS(opt) ((opt).deflate || (opt).bsd_compress \
250 || (opt).predictor_1 || (opt).predictor_2 \
251 || (opt).mppe)
252
253 /*
254 * Local state (mainly for handling reset-reqs and reset-acks).
255 */
256 static int ccp_localstate[NUM_PPP];
257 #define RACK_PENDING 1 /* waiting for reset-ack */
258 #define RREQ_REPEAT 2 /* send another reset-req if no reset-ack */
259
260 #define RACKTIMEOUT 1 /* second */
261
262 static int all_rejected[NUM_PPP]; /* we rejected all peer's options */
263
264 /*
265 * Option parsing.
266 */
267 static int
setbsdcomp(char ** argv)268 setbsdcomp(char **argv)
269 {
270 int rbits, abits;
271 char *str, *endp;
272
273 str = *argv;
274 abits = rbits = strtol(str, &endp, 0);
275 if (endp != str && *endp == ',') {
276 str = endp + 1;
277 abits = strtol(str, &endp, 0);
278 }
279 if (*endp != 0 || endp == str) {
280 option_error("invalid parameter '%s' for bsdcomp option", *argv);
281 return 0;
282 }
283 if ((rbits != 0 && (rbits < BSD_MIN_BITS || rbits > BSD_MAX_BITS))
284 || (abits != 0 && (abits < BSD_MIN_BITS || abits > BSD_MAX_BITS))) {
285 option_error("bsdcomp option values must be 0 or %d .. %d",
286 BSD_MIN_BITS, BSD_MAX_BITS);
287 return 0;
288 }
289 if (rbits > 0) {
290 ccp_wantoptions[0].bsd_compress = 1;
291 ccp_wantoptions[0].bsd_bits = rbits;
292 } else
293 ccp_wantoptions[0].bsd_compress = 0;
294 if (abits > 0) {
295 ccp_allowoptions[0].bsd_compress = 1;
296 ccp_allowoptions[0].bsd_bits = abits;
297 } else
298 ccp_allowoptions[0].bsd_compress = 0;
299 slprintf(bsd_value, sizeof(bsd_value),
300 rbits == abits? "%d": "%d,%d", rbits, abits);
301
302 return 1;
303 }
304
305 static int
setdeflate(char ** argv)306 setdeflate(char **argv)
307 {
308 int rbits, abits;
309 char *str, *endp;
310
311 str = *argv;
312 abits = rbits = strtol(str, &endp, 0);
313 if (endp != str && *endp == ',') {
314 str = endp + 1;
315 abits = strtol(str, &endp, 0);
316 }
317 if (*endp != 0 || endp == str) {
318 option_error("invalid parameter '%s' for deflate option", *argv);
319 return 0;
320 }
321 if ((rbits != 0 && (rbits < DEFLATE_MIN_SIZE || rbits > DEFLATE_MAX_SIZE))
322 || (abits != 0 && (abits < DEFLATE_MIN_SIZE
323 || abits > DEFLATE_MAX_SIZE))) {
324 option_error("deflate option values must be 0 or %d .. %d",
325 DEFLATE_MIN_SIZE, DEFLATE_MAX_SIZE);
326 return 0;
327 }
328 if (rbits == DEFLATE_MIN_SIZE || abits == DEFLATE_MIN_SIZE) {
329 if (rbits == DEFLATE_MIN_SIZE)
330 rbits = DEFLATE_MIN_WORKS;
331 if (abits == DEFLATE_MIN_SIZE)
332 abits = DEFLATE_MIN_WORKS;
333 warn("deflate option value of %d changed to %d to avoid zlib bug",
334 DEFLATE_MIN_SIZE, DEFLATE_MIN_WORKS);
335 }
336 if (rbits > 0) {
337 ccp_wantoptions[0].deflate = 1;
338 ccp_wantoptions[0].deflate_size = rbits;
339 } else
340 ccp_wantoptions[0].deflate = 0;
341 if (abits > 0) {
342 ccp_allowoptions[0].deflate = 1;
343 ccp_allowoptions[0].deflate_size = abits;
344 } else
345 ccp_allowoptions[0].deflate = 0;
346 slprintf(deflate_value, sizeof(deflate_value),
347 rbits == abits? "%d": "%d,%d", rbits, abits);
348
349 return 1;
350 }
351
352 /*
353 * ccp_init - initialize CCP.
354 */
355 static void
ccp_init(int unit)356 ccp_init(int unit)
357 {
358 fsm *f = &ccp_fsm[unit];
359
360 f->unit = unit;
361 f->protocol = PPP_CCP;
362 f->callbacks = &ccp_callbacks;
363 fsm_init(f);
364
365 memset(&ccp_wantoptions[unit], 0, sizeof(ccp_options));
366 memset(&ccp_gotoptions[unit], 0, sizeof(ccp_options));
367 memset(&ccp_allowoptions[unit], 0, sizeof(ccp_options));
368 memset(&ccp_hisoptions[unit], 0, sizeof(ccp_options));
369
370 ccp_wantoptions[0].deflate = 1;
371 ccp_wantoptions[0].deflate_size = DEFLATE_MAX_SIZE;
372 ccp_wantoptions[0].deflate_correct = 1;
373 ccp_wantoptions[0].deflate_draft = 1;
374 ccp_allowoptions[0].deflate = 1;
375 ccp_allowoptions[0].deflate_size = DEFLATE_MAX_SIZE;
376 ccp_allowoptions[0].deflate_correct = 1;
377 ccp_allowoptions[0].deflate_draft = 1;
378
379 ccp_wantoptions[0].bsd_compress = 1;
380 ccp_wantoptions[0].bsd_bits = BSD_MAX_BITS;
381 ccp_allowoptions[0].bsd_compress = 1;
382 ccp_allowoptions[0].bsd_bits = BSD_MAX_BITS;
383
384 ccp_allowoptions[0].predictor_1 = 1;
385 }
386
387 /*
388 * ccp_open - CCP is allowed to come up.
389 */
390 static void
ccp_open(int unit)391 ccp_open(int unit)
392 {
393 fsm *f = &ccp_fsm[unit];
394
395 if (f->state != OPENED)
396 ccp_flags_set(unit, 1, 0);
397
398 /*
399 * Find out which compressors the kernel supports before
400 * deciding whether to open in silent mode.
401 */
402 ccp_resetci(f);
403 if (!ANY_COMPRESS(ccp_gotoptions[unit]))
404 f->flags |= OPT_SILENT;
405
406 fsm_open(f);
407 }
408
409 /*
410 * ccp_close - Terminate CCP.
411 */
412 static void
ccp_close(int unit,char * reason)413 ccp_close(int unit, char *reason)
414 {
415 ccp_flags_set(unit, 0, 0);
416 fsm_close(&ccp_fsm[unit], reason);
417 }
418
419 /*
420 * ccp_lowerup - we may now transmit CCP packets.
421 */
422 static void
ccp_lowerup(int unit)423 ccp_lowerup(int unit)
424 {
425 fsm_lowerup(&ccp_fsm[unit]);
426 }
427
428 /*
429 * ccp_lowerdown - we may not transmit CCP packets.
430 */
431 static void
ccp_lowerdown(int unit)432 ccp_lowerdown(int unit)
433 {
434 fsm_lowerdown(&ccp_fsm[unit]);
435 }
436
437 /*
438 * ccp_input - process a received CCP packet.
439 */
440 static void
ccp_input(int unit,u_char * p,int len)441 ccp_input(int unit, u_char *p, int len)
442 {
443 fsm *f = &ccp_fsm[unit];
444 int oldstate;
445
446 /*
447 * Check for a terminate-request so we can print a message.
448 */
449 oldstate = f->state;
450 fsm_input(f, p, len);
451 if (oldstate == OPENED && p[0] == TERMREQ && f->state != OPENED) {
452 notice("Compression disabled by peer.");
453 #ifdef MPPE
454 if (ccp_gotoptions[unit].mppe) {
455 error("MPPE disabled, closing LCP");
456 lcp_close(unit, "MPPE disabled by peer");
457 }
458 #endif
459 }
460
461 /*
462 * If we get a terminate-ack and we're not asking for compression,
463 * close CCP.
464 */
465 if (oldstate == REQSENT && p[0] == TERMACK
466 && !ANY_COMPRESS(ccp_gotoptions[unit]))
467 ccp_close(unit, "No compression negotiated");
468 }
469
470 /*
471 * Handle a CCP-specific code.
472 */
473 static int
ccp_extcode(fsm * f,int code,int id,u_char * p,int len)474 ccp_extcode(fsm *f, int code, int id, u_char *p, int len)
475 {
476 switch (code) {
477 case CCP_RESETREQ:
478 if (f->state != OPENED)
479 break;
480 /* send a reset-ack, which the transmitter will see and
481 reset its compression state. */
482 fsm_sdata(f, CCP_RESETACK, id, NULL, 0);
483 break;
484
485 case CCP_RESETACK:
486 if (ccp_localstate[f->unit] & RACK_PENDING && id == f->reqid) {
487 ccp_localstate[f->unit] &= ~(RACK_PENDING | RREQ_REPEAT);
488 UNTIMEOUT(ccp_rack_timeout, f);
489 }
490 break;
491
492 default:
493 return 0;
494 }
495
496 return 1;
497 }
498
499 /*
500 * ccp_protrej - peer doesn't talk CCP.
501 */
502 static void
ccp_protrej(int unit)503 ccp_protrej(int unit)
504 {
505 ccp_flags_set(unit, 0, 0);
506 fsm_lowerdown(&ccp_fsm[unit]);
507
508 #ifdef MPPE
509 if (ccp_gotoptions[unit].mppe) {
510 error("MPPE required but peer negotiation failed");
511 lcp_close(unit, "MPPE required but peer negotiation failed");
512 }
513 #endif
514
515 }
516
517 /*
518 * ccp_resetci - initialize at start of negotiation.
519 */
520 static void
ccp_resetci(fsm * f)521 ccp_resetci(fsm *f)
522 {
523 ccp_options *go = &ccp_gotoptions[f->unit];
524 u_char opt_buf[CCP_MAX_OPTION_LENGTH];
525
526 *go = ccp_wantoptions[f->unit];
527 all_rejected[f->unit] = 0;
528
529 #ifdef MPPE
530 if (go->mppe) {
531 ccp_options *ao = &ccp_allowoptions[f->unit];
532 int auth_mschap_bits = auth_done[f->unit];
533 #ifdef USE_EAPTLS
534 int auth_eap_bits = auth_done[f->unit];
535 #endif
536 int numbits;
537
538 /*
539 * Start with a basic sanity check: mschap[v2] auth must be in
540 * exactly one direction. RFC 3079 says that the keys are
541 * 'derived from the credentials of the peer that initiated the call',
542 * however the PPP protocol doesn't have such a concept, and pppd
543 * cannot get this info externally. Instead we do the best we can.
544 * NB: If MPPE is required, all other compression opts are invalid.
545 * So, we return right away if we can't do it.
546 */
547
548 /* Leave only the mschap auth bits set */
549 auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER |
550 CHAP_MS2_WITHPEER | CHAP_MS2_PEER);
551 /* Count the mschap auths */
552 auth_mschap_bits >>= CHAP_MS_SHIFT;
553 numbits = 0;
554 do {
555 numbits += auth_mschap_bits & 1;
556 auth_mschap_bits >>= 1;
557 } while (auth_mschap_bits);
558 if (numbits > 1) {
559 error("MPPE required, but auth done in both directions.");
560 lcp_close(f->unit, "MPPE required but not available");
561 return;
562 }
563
564 #ifdef USE_EAPTLS
565 /*
566 * MPPE is also possible in combination with EAP-TLS.
567 * It is not possible to detect if we're doing EAP or EAP-TLS
568 * at this stage, hence we accept all forms of EAP. If TLS is
569 * not used then the MPPE keys will not be derived anyway.
570 */
571 /* Leave only the eap auth bits set */
572 auth_eap_bits &= (EAP_WITHPEER | EAP_PEER );
573
574 if ((numbits == 0) && (auth_eap_bits == 0)) {
575 error("MPPE required, but MS-CHAP[v2] nor EAP-TLS auth are performed.");
576 #else
577 if (!numbits) {
578 error("MPPE required, but MS-CHAP[v2] auth not performed.");
579 #endif
580 lcp_close(f->unit, "MPPE required but not available");
581 return;
582 }
583
584 /* A plugin (eg radius) may not have obtained key material. */
585 if (!mppe_keys_set) {
586 error("MPPE required, but keys are not available. "
587 "Possible plugin problem?");
588 lcp_close(f->unit, "MPPE required but not available");
589 return;
590 }
591
592 /* LM auth not supported for MPPE */
593 if (auth_done[f->unit] & (CHAP_MS_WITHPEER | CHAP_MS_PEER)) {
594 /* This might be noise */
595 if (go->mppe & MPPE_OPT_40) {
596 notice("Disabling 40-bit MPPE; MS-CHAP LM not supported");
597 go->mppe &= ~MPPE_OPT_40;
598 ccp_wantoptions[f->unit].mppe &= ~MPPE_OPT_40;
599 }
600 }
601
602 /* Last check: can we actually negotiate something? */
603 if (!(go->mppe & (MPPE_OPT_40 | MPPE_OPT_128))) {
604 /* Could be misconfig, could be 40-bit disabled above. */
605 error("MPPE required, but both 40-bit and 128-bit disabled.");
606 lcp_close(f->unit, "MPPE required but not available");
607 return;
608 }
609
610 /* sync options */
611 ao->mppe = go->mppe;
612 /* MPPE is not compatible with other compression types */
613 ao->bsd_compress = go->bsd_compress = 0;
614 ao->predictor_1 = go->predictor_1 = 0;
615 ao->predictor_2 = go->predictor_2 = 0;
616 ao->deflate = go->deflate = 0;
617 }
618 #endif /* MPPE */
619
620 /*
621 * Check whether the kernel knows about the various
622 * compression methods we might request.
623 */
624 #ifdef MPPE
625 if (go->mppe) {
626 opt_buf[0] = CI_MPPE;
627 opt_buf[1] = CILEN_MPPE;
628 MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]);
629 /* Key material unimportant here. */
630 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) {
631 error("MPPE required, but kernel has no support.");
632 lcp_close(f->unit, "MPPE required but not available");
633 }
634 }
635 #endif
636 if (go->bsd_compress) {
637 opt_buf[0] = CI_BSD_COMPRESS;
638 opt_buf[1] = CILEN_BSD_COMPRESS;
639 opt_buf[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, BSD_MIN_BITS);
640 if (ccp_test(f->unit, opt_buf, CILEN_BSD_COMPRESS, 0) <= 0)
641 go->bsd_compress = 0;
642 }
643 if (go->deflate) {
644 if (go->deflate_correct) {
645 opt_buf[0] = CI_DEFLATE;
646 opt_buf[1] = CILEN_DEFLATE;
647 opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_WORKS);
648 opt_buf[3] = DEFLATE_CHK_SEQUENCE;
649 if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0)
650 go->deflate_correct = 0;
651 }
652 if (go->deflate_draft) {
653 opt_buf[0] = CI_DEFLATE_DRAFT;
654 opt_buf[1] = CILEN_DEFLATE;
655 opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_WORKS);
656 opt_buf[3] = DEFLATE_CHK_SEQUENCE;
657 if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0)
658 go->deflate_draft = 0;
659 }
660 if (!go->deflate_correct && !go->deflate_draft)
661 go->deflate = 0;
662 }
663 if (go->predictor_1) {
664 opt_buf[0] = CI_PREDICTOR_1;
665 opt_buf[1] = CILEN_PREDICTOR_1;
666 if (ccp_test(f->unit, opt_buf, CILEN_PREDICTOR_1, 0) <= 0)
667 go->predictor_1 = 0;
668 }
669 if (go->predictor_2) {
670 opt_buf[0] = CI_PREDICTOR_2;
671 opt_buf[1] = CILEN_PREDICTOR_2;
672 if (ccp_test(f->unit, opt_buf, CILEN_PREDICTOR_2, 0) <= 0)
673 go->predictor_2 = 0;
674 }
675 }
676
677 /*
678 * ccp_cilen - Return total length of our configuration info.
679 */
680 static int
681 ccp_cilen(fsm *f)
682 {
683 ccp_options *go = &ccp_gotoptions[f->unit];
684
685 return (go->bsd_compress? CILEN_BSD_COMPRESS: 0)
686 + (go->deflate && go->deflate_correct? CILEN_DEFLATE: 0)
687 + (go->deflate && go->deflate_draft? CILEN_DEFLATE: 0)
688 + (go->predictor_1? CILEN_PREDICTOR_1: 0)
689 + (go->predictor_2? CILEN_PREDICTOR_2: 0)
690 + (go->mppe? CILEN_MPPE: 0);
691 }
692
693 /*
694 * ccp_addci - put our requests in a packet.
695 */
696 static void
697 ccp_addci(fsm *f, u_char *p, int *lenp)
698 {
699 int res;
700 ccp_options *go = &ccp_gotoptions[f->unit];
701 u_char *p0 = p;
702
703 /*
704 * Add the compression types that we can receive, in decreasing
705 * preference order. Get the kernel to allocate the first one
706 * in case it gets Acked.
707 */
708 #ifdef MPPE
709 if (go->mppe) {
710 u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN];
711
712 p[0] = opt_buf[0] = CI_MPPE;
713 p[1] = opt_buf[1] = CILEN_MPPE;
714 MPPE_OPTS_TO_CI(go->mppe, &p[2]);
715 MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]);
716 BCOPY(mppe_recv_key, &opt_buf[CILEN_MPPE], MPPE_MAX_KEY_LEN);
717 res = ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0);
718 if (res > 0)
719 p += CILEN_MPPE;
720 else
721 /* This shouldn't happen, we've already tested it! */
722 lcp_close(f->unit, "MPPE required but not available in kernel");
723 }
724 #endif
725 if (go->deflate) {
726 p[0] = go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT;
727 p[1] = CILEN_DEFLATE;
728 p[2] = DEFLATE_MAKE_OPT(go->deflate_size);
729 p[3] = DEFLATE_CHK_SEQUENCE;
730 if (p != p0) {
731 p += CILEN_DEFLATE;
732 } else {
733 for (;;) {
734 if (go->deflate_size < DEFLATE_MIN_WORKS) {
735 go->deflate = 0;
736 break;
737 }
738 res = ccp_test(f->unit, p, CILEN_DEFLATE, 0);
739 if (res > 0) {
740 p += CILEN_DEFLATE;
741 break;
742 } else if (res < 0) {
743 go->deflate = 0;
744 break;
745 }
746 --go->deflate_size;
747 p[2] = DEFLATE_MAKE_OPT(go->deflate_size);
748 }
749 }
750 if (p != p0 && go->deflate_correct && go->deflate_draft) {
751 p[0] = CI_DEFLATE_DRAFT;
752 p[1] = CILEN_DEFLATE;
753 p[2] = p[2 - CILEN_DEFLATE];
754 p[3] = DEFLATE_CHK_SEQUENCE;
755 p += CILEN_DEFLATE;
756 }
757 }
758 if (go->bsd_compress) {
759 p[0] = CI_BSD_COMPRESS;
760 p[1] = CILEN_BSD_COMPRESS;
761 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits);
762 if (p != p0) {
763 p += CILEN_BSD_COMPRESS; /* not the first option */
764 } else {
765 for (;;) {
766 if (go->bsd_bits < BSD_MIN_BITS) {
767 go->bsd_compress = 0;
768 break;
769 }
770 res = ccp_test(f->unit, p, CILEN_BSD_COMPRESS, 0);
771 if (res > 0) {
772 p += CILEN_BSD_COMPRESS;
773 break;
774 } else if (res < 0) {
775 go->bsd_compress = 0;
776 break;
777 }
778 --go->bsd_bits;
779 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits);
780 }
781 }
782 }
783 /* XXX Should Predictor 2 be preferable to Predictor 1? */
784 if (go->predictor_1) {
785 p[0] = CI_PREDICTOR_1;
786 p[1] = CILEN_PREDICTOR_1;
787 if (p == p0 && ccp_test(f->unit, p, CILEN_PREDICTOR_1, 0) <= 0) {
788 go->predictor_1 = 0;
789 } else {
790 p += CILEN_PREDICTOR_1;
791 }
792 }
793 if (go->predictor_2) {
794 p[0] = CI_PREDICTOR_2;
795 p[1] = CILEN_PREDICTOR_2;
796 if (p == p0 && ccp_test(f->unit, p, CILEN_PREDICTOR_2, 0) <= 0) {
797 go->predictor_2 = 0;
798 } else {
799 p += CILEN_PREDICTOR_2;
800 }
801 }
802
803 go->method = (p > p0)? p0[0]: -1;
804
805 *lenp = p - p0;
806 }
807
808 /*
809 * ccp_ackci - process a received configure-ack, and return
810 * 1 iff the packet was OK.
811 */
812 static int
813 ccp_ackci(fsm *f, u_char *p, int len)
814 {
815 ccp_options *go = &ccp_gotoptions[f->unit];
816 u_char *p0 = p;
817
818 #ifdef MPPE
819 if (go->mppe) {
820 u_char opt_buf[CILEN_MPPE];
821
822 opt_buf[0] = CI_MPPE;
823 opt_buf[1] = CILEN_MPPE;
824 MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]);
825 if (len < CILEN_MPPE || memcmp(opt_buf, p, CILEN_MPPE))
826 return 0;
827 p += CILEN_MPPE;
828 len -= CILEN_MPPE;
829 /* XXX Cope with first/fast ack */
830 if (len == 0)
831 return 1;
832 }
833 #endif
834 if (go->deflate) {
835 if (len < CILEN_DEFLATE
836 || p[0] != (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
837 || p[1] != CILEN_DEFLATE
838 || p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
839 || p[3] != DEFLATE_CHK_SEQUENCE)
840 return 0;
841 p += CILEN_DEFLATE;
842 len -= CILEN_DEFLATE;
843 /* XXX Cope with first/fast ack */
844 if (len == 0)
845 return 1;
846 if (go->deflate_correct && go->deflate_draft) {
847 if (len < CILEN_DEFLATE
848 || p[0] != CI_DEFLATE_DRAFT
849 || p[1] != CILEN_DEFLATE
850 || p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
851 || p[3] != DEFLATE_CHK_SEQUENCE)
852 return 0;
853 p += CILEN_DEFLATE;
854 len -= CILEN_DEFLATE;
855 }
856 }
857 if (go->bsd_compress) {
858 if (len < CILEN_BSD_COMPRESS
859 || p[0] != CI_BSD_COMPRESS || p[1] != CILEN_BSD_COMPRESS
860 || p[2] != BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits))
861 return 0;
862 p += CILEN_BSD_COMPRESS;
863 len -= CILEN_BSD_COMPRESS;
864 /* XXX Cope with first/fast ack */
865 if (p == p0 && len == 0)
866 return 1;
867 }
868 if (go->predictor_1) {
869 if (len < CILEN_PREDICTOR_1
870 || p[0] != CI_PREDICTOR_1 || p[1] != CILEN_PREDICTOR_1)
871 return 0;
872 p += CILEN_PREDICTOR_1;
873 len -= CILEN_PREDICTOR_1;
874 /* XXX Cope with first/fast ack */
875 if (p == p0 && len == 0)
876 return 1;
877 }
878 if (go->predictor_2) {
879 if (len < CILEN_PREDICTOR_2
880 || p[0] != CI_PREDICTOR_2 || p[1] != CILEN_PREDICTOR_2)
881 return 0;
882 p += CILEN_PREDICTOR_2;
883 len -= CILEN_PREDICTOR_2;
884 /* XXX Cope with first/fast ack */
885 if (p == p0 && len == 0)
886 return 1;
887 }
888
889 if (len != 0)
890 return 0;
891 return 1;
892 }
893
894 /*
895 * ccp_nakci - process received configure-nak.
896 * Returns 1 iff the nak was OK.
897 */
898 static int
899 ccp_nakci(fsm *f, u_char *p, int len, int treat_as_reject)
900 {
901 ccp_options *go = &ccp_gotoptions[f->unit];
902 ccp_options no; /* options we've seen already */
903 ccp_options try; /* options to ask for next time */
904
905 memset(&no, 0, sizeof(no));
906 try = *go;
907
908 #ifdef MPPE
909 if (go->mppe && len >= CILEN_MPPE
910 && p[0] == CI_MPPE && p[1] == CILEN_MPPE) {
911 no.mppe = 1;
912 /*
913 * Peer wants us to use a different strength or other setting.
914 * Fail if we aren't willing to use his suggestion.
915 */
916 MPPE_CI_TO_OPTS(&p[2], try.mppe);
917 if ((try.mppe & MPPE_OPT_STATEFUL) && refuse_mppe_stateful) {
918 error("Refusing MPPE stateful mode offered by peer");
919 try.mppe = 0;
920 } else if (((go->mppe | MPPE_OPT_STATEFUL) & try.mppe) != try.mppe) {
921 /* Peer must have set options we didn't request (suggest) */
922 try.mppe = 0;
923 }
924
925 if (!try.mppe) {
926 error("MPPE required but peer negotiation failed");
927 lcp_close(f->unit, "MPPE required but peer negotiation failed");
928 }
929 }
930 #endif /* MPPE */
931 if (go->deflate && len >= CILEN_DEFLATE
932 && p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
933 && p[1] == CILEN_DEFLATE) {
934 no.deflate = 1;
935 /*
936 * Peer wants us to use a different code size or something.
937 * Stop asking for Deflate if we don't understand his suggestion.
938 */
939 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL
940 || DEFLATE_SIZE(p[2]) < DEFLATE_MIN_WORKS
941 || p[3] != DEFLATE_CHK_SEQUENCE)
942 try.deflate = 0;
943 else if (DEFLATE_SIZE(p[2]) < go->deflate_size)
944 try.deflate_size = DEFLATE_SIZE(p[2]);
945 p += CILEN_DEFLATE;
946 len -= CILEN_DEFLATE;
947 if (go->deflate_correct && go->deflate_draft
948 && len >= CILEN_DEFLATE && p[0] == CI_DEFLATE_DRAFT
949 && p[1] == CILEN_DEFLATE) {
950 p += CILEN_DEFLATE;
951 len -= CILEN_DEFLATE;
952 }
953 }
954
955 if (go->bsd_compress && len >= CILEN_BSD_COMPRESS
956 && p[0] == CI_BSD_COMPRESS && p[1] == CILEN_BSD_COMPRESS) {
957 no.bsd_compress = 1;
958 /*
959 * Peer wants us to use a different number of bits
960 * or a different version.
961 */
962 if (BSD_VERSION(p[2]) != BSD_CURRENT_VERSION)
963 try.bsd_compress = 0;
964 else if (BSD_NBITS(p[2]) < go->bsd_bits)
965 try.bsd_bits = BSD_NBITS(p[2]);
966 p += CILEN_BSD_COMPRESS;
967 len -= CILEN_BSD_COMPRESS;
968 }
969
970 /*
971 * Predictor-1 and 2 have no options, so they can't be Naked.
972 *
973 * There may be remaining options but we ignore them.
974 */
975
976 if (f->state != OPENED)
977 *go = try;
978 return 1;
979 }
980
981 /*
982 * ccp_rejci - reject some of our suggested compression methods.
983 */
984 static int
985 ccp_rejci(fsm *f, u_char *p, int len)
986 {
987 ccp_options *go = &ccp_gotoptions[f->unit];
988 ccp_options try; /* options to request next time */
989
990 try = *go;
991
992 /*
993 * Cope with empty configure-rejects by ceasing to send
994 * configure-requests.
995 */
996 if (len == 0 && all_rejected[f->unit])
997 return -1;
998
999 #ifdef MPPE
1000 if (go->mppe && len >= CILEN_MPPE
1001 && p[0] == CI_MPPE && p[1] == CILEN_MPPE) {
1002 error("MPPE required but peer refused");
1003 lcp_close(f->unit, "MPPE required but peer refused");
1004 p += CILEN_MPPE;
1005 len -= CILEN_MPPE;
1006 }
1007 #endif
1008 if (go->deflate_correct && len >= CILEN_DEFLATE
1009 && p[0] == CI_DEFLATE && p[1] == CILEN_DEFLATE) {
1010 if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
1011 || p[3] != DEFLATE_CHK_SEQUENCE)
1012 return 0; /* Rej is bad */
1013 try.deflate_correct = 0;
1014 p += CILEN_DEFLATE;
1015 len -= CILEN_DEFLATE;
1016 }
1017 if (go->deflate_draft && len >= CILEN_DEFLATE
1018 && p[0] == CI_DEFLATE_DRAFT && p[1] == CILEN_DEFLATE) {
1019 if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
1020 || p[3] != DEFLATE_CHK_SEQUENCE)
1021 return 0; /* Rej is bad */
1022 try.deflate_draft = 0;
1023 p += CILEN_DEFLATE;
1024 len -= CILEN_DEFLATE;
1025 }
1026 if (!try.deflate_correct && !try.deflate_draft)
1027 try.deflate = 0;
1028 if (go->bsd_compress && len >= CILEN_BSD_COMPRESS
1029 && p[0] == CI_BSD_COMPRESS && p[1] == CILEN_BSD_COMPRESS) {
1030 if (p[2] != BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits))
1031 return 0;
1032 try.bsd_compress = 0;
1033 p += CILEN_BSD_COMPRESS;
1034 len -= CILEN_BSD_COMPRESS;
1035 }
1036 if (go->predictor_1 && len >= CILEN_PREDICTOR_1
1037 && p[0] == CI_PREDICTOR_1 && p[1] == CILEN_PREDICTOR_1) {
1038 try.predictor_1 = 0;
1039 p += CILEN_PREDICTOR_1;
1040 len -= CILEN_PREDICTOR_1;
1041 }
1042 if (go->predictor_2 && len >= CILEN_PREDICTOR_2
1043 && p[0] == CI_PREDICTOR_2 && p[1] == CILEN_PREDICTOR_2) {
1044 try.predictor_2 = 0;
1045 p += CILEN_PREDICTOR_2;
1046 len -= CILEN_PREDICTOR_2;
1047 }
1048
1049 if (len != 0)
1050 return 0;
1051
1052 if (f->state != OPENED)
1053 *go = try;
1054
1055 return 1;
1056 }
1057
1058 /*
1059 * ccp_reqci - processed a received configure-request.
1060 * Returns CONFACK, CONFNAK or CONFREJ and the packet modified
1061 * appropriately.
1062 */
1063 static int
1064 ccp_reqci(fsm *f, u_char *p, int *lenp, int dont_nak)
1065 {
1066 int ret, newret, res;
1067 u_char *p0, *retp;
1068 int len, clen, type, nb;
1069 ccp_options *ho = &ccp_hisoptions[f->unit];
1070 ccp_options *ao = &ccp_allowoptions[f->unit];
1071 #ifdef MPPE
1072 bool rej_for_ci_mppe = 1; /* Are we rejecting based on a bad/missing */
1073 /* CI_MPPE, or due to other options? */
1074 #endif
1075
1076 ret = CONFACK;
1077 retp = p0 = p;
1078 len = *lenp;
1079
1080 memset(ho, 0, sizeof(ccp_options));
1081 ho->method = (len > 0)? p[0]: -1;
1082
1083 while (len > 0) {
1084 newret = CONFACK;
1085 if (len < 2 || p[1] < 2 || p[1] > len) {
1086 /* length is bad */
1087 clen = len;
1088 newret = CONFREJ;
1089
1090 } else {
1091 type = p[0];
1092 clen = p[1];
1093
1094 switch (type) {
1095 #ifdef MPPE
1096 case CI_MPPE:
1097 if (!ao->mppe || clen != CILEN_MPPE) {
1098 newret = CONFREJ;
1099 break;
1100 }
1101 MPPE_CI_TO_OPTS(&p[2], ho->mppe);
1102
1103 /* Nak if anything unsupported or unknown are set. */
1104 if (ho->mppe & MPPE_OPT_UNSUPPORTED) {
1105 newret = CONFNAK;
1106 ho->mppe &= ~MPPE_OPT_UNSUPPORTED;
1107 }
1108 if (ho->mppe & MPPE_OPT_UNKNOWN) {
1109 newret = CONFNAK;
1110 ho->mppe &= ~MPPE_OPT_UNKNOWN;
1111 }
1112
1113 /* Check state opt */
1114 if (ho->mppe & MPPE_OPT_STATEFUL) {
1115 /*
1116 * We can Nak and request stateless, but it's a
1117 * lot easier to just assume the peer will request
1118 * it if he can do it; stateful mode is bad over
1119 * the Internet -- which is where we expect MPPE.
1120 */
1121 if (refuse_mppe_stateful) {
1122 error("Refusing MPPE stateful mode offered by peer");
1123 newret = CONFREJ;
1124 break;
1125 }
1126 }
1127
1128 /* Find out which of {S,L} are set. */
1129 if ((ho->mppe & MPPE_OPT_128)
1130 && (ho->mppe & MPPE_OPT_40)) {
1131 /* Both are set, negotiate the strongest. */
1132 newret = CONFNAK;
1133 if (ao->mppe & MPPE_OPT_128)
1134 ho->mppe &= ~MPPE_OPT_40;
1135 else if (ao->mppe & MPPE_OPT_40)
1136 ho->mppe &= ~MPPE_OPT_128;
1137 else {
1138 newret = CONFREJ;
1139 break;
1140 }
1141 } else if (ho->mppe & MPPE_OPT_128) {
1142 if (!(ao->mppe & MPPE_OPT_128)) {
1143 newret = CONFREJ;
1144 break;
1145 }
1146 } else if (ho->mppe & MPPE_OPT_40) {
1147 if (!(ao->mppe & MPPE_OPT_40)) {
1148 newret = CONFREJ;
1149 break;
1150 }
1151 } else {
1152 /* Neither are set. */
1153 /* We cannot accept this. */
1154 newret = CONFNAK;
1155 /* Give the peer our idea of what can be used,
1156 so it can choose and confirm */
1157 ho->mppe = ao->mppe;
1158 }
1159
1160 /* rebuild the opts */
1161 MPPE_OPTS_TO_CI(ho->mppe, &p[2]);
1162 if (newret == CONFACK) {
1163 u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN];
1164 int mtu;
1165
1166 BCOPY(p, opt_buf, CILEN_MPPE);
1167 BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE],
1168 MPPE_MAX_KEY_LEN);
1169 if (ccp_test(f->unit, opt_buf,
1170 CILEN_MPPE + MPPE_MAX_KEY_LEN, 1) <= 0) {
1171 /* This shouldn't happen, we've already tested it! */
1172 error("MPPE required, but kernel has no support.");
1173 lcp_close(f->unit, "MPPE required but not available");
1174 newret = CONFREJ;
1175 break;
1176 }
1177 /*
1178 * We need to decrease the interface MTU by MPPE_PAD
1179 * because MPPE frames **grow**. The kernel [must]
1180 * allocate MPPE_PAD extra bytes in xmit buffers.
1181 */
1182 mtu = netif_get_mtu(f->unit);
1183 if (mtu)
1184 netif_set_mtu(f->unit, mtu - MPPE_PAD);
1185 else
1186 newret = CONFREJ;
1187 }
1188
1189 /*
1190 * We have accepted MPPE or are willing to negotiate
1191 * MPPE parameters. A CONFREJ is due to subsequent
1192 * (non-MPPE) processing.
1193 */
1194 rej_for_ci_mppe = 0;
1195 break;
1196 #endif /* MPPE */
1197 case CI_DEFLATE:
1198 case CI_DEFLATE_DRAFT:
1199 if (!ao->deflate || clen != CILEN_DEFLATE
1200 || (!ao->deflate_correct && type == CI_DEFLATE)
1201 || (!ao->deflate_draft && type == CI_DEFLATE_DRAFT)) {
1202 newret = CONFREJ;
1203 break;
1204 }
1205
1206 ho->deflate = 1;
1207 ho->deflate_size = nb = DEFLATE_SIZE(p[2]);
1208 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL
1209 || p[3] != DEFLATE_CHK_SEQUENCE
1210 || nb > ao->deflate_size || nb < DEFLATE_MIN_WORKS) {
1211 newret = CONFNAK;
1212 if (!dont_nak) {
1213 p[2] = DEFLATE_MAKE_OPT(ao->deflate_size);
1214 p[3] = DEFLATE_CHK_SEQUENCE;
1215 /* fall through to test this #bits below */
1216 } else
1217 break;
1218 }
1219
1220 /*
1221 * Check whether we can do Deflate with the window
1222 * size they want. If the window is too big, reduce
1223 * it until the kernel can cope and nak with that.
1224 * We only check this for the first option.
1225 */
1226 if (p == p0) {
1227 for (;;) {
1228 res = ccp_test(f->unit, p, CILEN_DEFLATE, 1);
1229 if (res > 0)
1230 break; /* it's OK now */
1231 if (res < 0 || nb == DEFLATE_MIN_WORKS || dont_nak) {
1232 newret = CONFREJ;
1233 p[2] = DEFLATE_MAKE_OPT(ho->deflate_size);
1234 break;
1235 }
1236 newret = CONFNAK;
1237 --nb;
1238 p[2] = DEFLATE_MAKE_OPT(nb);
1239 }
1240 }
1241 break;
1242
1243 case CI_BSD_COMPRESS:
1244 if (!ao->bsd_compress || clen != CILEN_BSD_COMPRESS) {
1245 newret = CONFREJ;
1246 break;
1247 }
1248
1249 ho->bsd_compress = 1;
1250 ho->bsd_bits = nb = BSD_NBITS(p[2]);
1251 if (BSD_VERSION(p[2]) != BSD_CURRENT_VERSION
1252 || nb > ao->bsd_bits || nb < BSD_MIN_BITS) {
1253 newret = CONFNAK;
1254 if (!dont_nak) {
1255 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, ao->bsd_bits);
1256 /* fall through to test this #bits below */
1257 } else
1258 break;
1259 }
1260
1261 /*
1262 * Check whether we can do BSD-Compress with the code
1263 * size they want. If the code size is too big, reduce
1264 * it until the kernel can cope and nak with that.
1265 * We only check this for the first option.
1266 */
1267 if (p == p0) {
1268 for (;;) {
1269 res = ccp_test(f->unit, p, CILEN_BSD_COMPRESS, 1);
1270 if (res > 0)
1271 break;
1272 if (res < 0 || nb == BSD_MIN_BITS || dont_nak) {
1273 newret = CONFREJ;
1274 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION,
1275 ho->bsd_bits);
1276 break;
1277 }
1278 newret = CONFNAK;
1279 --nb;
1280 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, nb);
1281 }
1282 }
1283 break;
1284
1285 case CI_PREDICTOR_1:
1286 if (!ao->predictor_1 || clen != CILEN_PREDICTOR_1) {
1287 newret = CONFREJ;
1288 break;
1289 }
1290
1291 ho->predictor_1 = 1;
1292 if (p == p0
1293 && ccp_test(f->unit, p, CILEN_PREDICTOR_1, 1) <= 0) {
1294 newret = CONFREJ;
1295 }
1296 break;
1297
1298 case CI_PREDICTOR_2:
1299 if (!ao->predictor_2 || clen != CILEN_PREDICTOR_2) {
1300 newret = CONFREJ;
1301 break;
1302 }
1303
1304 ho->predictor_2 = 1;
1305 if (p == p0
1306 && ccp_test(f->unit, p, CILEN_PREDICTOR_2, 1) <= 0) {
1307 newret = CONFREJ;
1308 }
1309 break;
1310
1311 default:
1312 newret = CONFREJ;
1313 }
1314 }
1315
1316 if (newret == CONFNAK && dont_nak)
1317 newret = CONFREJ;
1318 if (!(newret == CONFACK || (newret == CONFNAK && ret == CONFREJ))) {
1319 /* we're returning this option */
1320 if (newret == CONFREJ && ret == CONFNAK)
1321 retp = p0;
1322 ret = newret;
1323 if (p != retp)
1324 BCOPY(p, retp, clen);
1325 retp += clen;
1326 }
1327
1328 p += clen;
1329 len -= clen;
1330 }
1331
1332 if (ret != CONFACK) {
1333 if (ret == CONFREJ && *lenp == retp - p0)
1334 all_rejected[f->unit] = 1;
1335 else
1336 *lenp = retp - p0;
1337 }
1338 #ifdef MPPE
1339 if (ret == CONFREJ && ao->mppe && rej_for_ci_mppe) {
1340 error("MPPE required but peer negotiation failed");
1341 lcp_close(f->unit, "MPPE required but peer negotiation failed");
1342 }
1343 #endif
1344 return ret;
1345 }
1346
1347 /*
1348 * Make a string name for a compression method (or 2).
1349 */
1350 static char *
1351 method_name(ccp_options *opt, ccp_options *opt2)
1352 {
1353 static char result[64];
1354
1355 if (!ANY_COMPRESS(*opt))
1356 return "(none)";
1357 switch (opt->method) {
1358 #ifdef MPPE
1359 case CI_MPPE:
1360 {
1361 char *p = result;
1362 char *q = result + sizeof(result); /* 1 past result */
1363
1364 slprintf(p, q - p, "MPPE ");
1365 p += 5;
1366 if (opt->mppe & MPPE_OPT_128) {
1367 slprintf(p, q - p, "128-bit ");
1368 p += 8;
1369 }
1370 if (opt->mppe & MPPE_OPT_40) {
1371 slprintf(p, q - p, "40-bit ");
1372 p += 7;
1373 }
1374 if (opt->mppe & MPPE_OPT_STATEFUL)
1375 slprintf(p, q - p, "stateful");
1376 else
1377 slprintf(p, q - p, "stateless");
1378
1379 break;
1380 }
1381 #endif
1382 case CI_DEFLATE:
1383 case CI_DEFLATE_DRAFT:
1384 if (opt2 != NULL && opt2->deflate_size != opt->deflate_size)
1385 slprintf(result, sizeof(result), "Deflate%s (%d/%d)",
1386 (opt->method == CI_DEFLATE_DRAFT? "(old#)": ""),
1387 opt->deflate_size, opt2->deflate_size);
1388 else
1389 slprintf(result, sizeof(result), "Deflate%s (%d)",
1390 (opt->method == CI_DEFLATE_DRAFT? "(old#)": ""),
1391 opt->deflate_size);
1392 break;
1393 case CI_BSD_COMPRESS:
1394 if (opt2 != NULL && opt2->bsd_bits != opt->bsd_bits)
1395 slprintf(result, sizeof(result), "BSD-Compress (%d/%d)",
1396 opt->bsd_bits, opt2->bsd_bits);
1397 else
1398 slprintf(result, sizeof(result), "BSD-Compress (%d)",
1399 opt->bsd_bits);
1400 break;
1401 case CI_PREDICTOR_1:
1402 return "Predictor 1";
1403 case CI_PREDICTOR_2:
1404 return "Predictor 2";
1405 default:
1406 slprintf(result, sizeof(result), "Method %d", opt->method);
1407 }
1408 return result;
1409 }
1410
1411 /*
1412 * CCP has come up - inform the kernel driver and log a message.
1413 */
1414 static void
1415 ccp_up(fsm *f)
1416 {
1417 ccp_options *go = &ccp_gotoptions[f->unit];
1418 ccp_options *ho = &ccp_hisoptions[f->unit];
1419 char method1[64];
1420
1421 ccp_flags_set(f->unit, 1, 1);
1422 if (ANY_COMPRESS(*go)) {
1423 if (ANY_COMPRESS(*ho)) {
1424 if (go->method == ho->method) {
1425 notice("%s compression enabled", method_name(go, ho));
1426 } else {
1427 strlcpy(method1, method_name(go, NULL), sizeof(method1));
1428 notice("%s / %s compression enabled",
1429 method1, method_name(ho, NULL));
1430 }
1431 } else
1432 notice("%s receive compression enabled", method_name(go, NULL));
1433 } else if (ANY_COMPRESS(*ho))
1434 notice("%s transmit compression enabled", method_name(ho, NULL));
1435 #ifdef MPPE
1436 if (go->mppe) {
1437 BZERO(mppe_recv_key, MPPE_MAX_KEY_LEN);
1438 BZERO(mppe_send_key, MPPE_MAX_KEY_LEN);
1439 continue_networks(f->unit); /* Bring up IP et al */
1440 }
1441 #endif
1442 }
1443
1444 /*
1445 * CCP has gone down - inform the kernel driver.
1446 */
1447 static void
1448 ccp_down(fsm *f)
1449 {
1450 if (ccp_localstate[f->unit] & RACK_PENDING)
1451 UNTIMEOUT(ccp_rack_timeout, f);
1452 ccp_localstate[f->unit] = 0;
1453 ccp_flags_set(f->unit, 1, 0);
1454 #ifdef MPPE
1455 if (ccp_gotoptions[f->unit].mppe) {
1456 ccp_gotoptions[f->unit].mppe = 0;
1457 if (lcp_fsm[f->unit].state == OPENED) {
1458 /* If LCP is not already going down, make sure it does. */
1459 error("MPPE disabled");
1460 lcp_close(f->unit, "MPPE disabled");
1461 }
1462 }
1463 #endif
1464 }
1465
1466 /*
1467 * Print the contents of a CCP packet.
1468 */
1469 static char *ccp_codenames[] = {
1470 "ConfReq", "ConfAck", "ConfNak", "ConfRej",
1471 "TermReq", "TermAck", "CodeRej",
1472 NULL, NULL, NULL, NULL, NULL, NULL,
1473 "ResetReq", "ResetAck",
1474 };
1475
1476 static int
1477 ccp_printpkt(u_char *p, int plen,
1478 void (*printer) (void *, char *, ...), void *arg)
1479 {
1480 u_char *p0, *optend;
1481 int code, id, len;
1482 int optlen;
1483
1484 p0 = p;
1485 if (plen < HEADERLEN)
1486 return 0;
1487 code = p[0];
1488 id = p[1];
1489 len = (p[2] << 8) + p[3];
1490 if (len < HEADERLEN || len > plen)
1491 return 0;
1492
1493 if (code >= 1 && code <= sizeof(ccp_codenames) / sizeof(char *)
1494 && ccp_codenames[code-1] != NULL)
1495 printer(arg, " %s", ccp_codenames[code-1]);
1496 else
1497 printer(arg, " code=0x%x", code);
1498 printer(arg, " id=0x%x", id);
1499 len -= HEADERLEN;
1500 p += HEADERLEN;
1501
1502 switch (code) {
1503 case CONFREQ:
1504 case CONFACK:
1505 case CONFNAK:
1506 case CONFREJ:
1507 /* print list of possible compression methods */
1508 while (len >= 2) {
1509 code = p[0];
1510 optlen = p[1];
1511 if (optlen < 2 || optlen > len)
1512 break;
1513 printer(arg, " <");
1514 len -= optlen;
1515 optend = p + optlen;
1516 switch (code) {
1517 #ifdef MPPE
1518 case CI_MPPE:
1519 if (optlen >= CILEN_MPPE) {
1520 u_char mppe_opts;
1521
1522 MPPE_CI_TO_OPTS(&p[2], mppe_opts);
1523 printer(arg, "mppe %s %s %s %s %s %s%s",
1524 (p[2] & MPPE_H_BIT)? "+H": "-H",
1525 (p[5] & MPPE_M_BIT)? "+M": "-M",
1526 (p[5] & MPPE_S_BIT)? "+S": "-S",
1527 (p[5] & MPPE_L_BIT)? "+L": "-L",
1528 (p[5] & MPPE_D_BIT)? "+D": "-D",
1529 (p[5] & MPPE_C_BIT)? "+C": "-C",
1530 (mppe_opts & MPPE_OPT_UNKNOWN)? " +U": "");
1531 if (mppe_opts & MPPE_OPT_UNKNOWN)
1532 printer(arg, " (%.2x %.2x %.2x %.2x)",
1533 p[2], p[3], p[4], p[5]);
1534 p += CILEN_MPPE;
1535 }
1536 break;
1537 #endif
1538 case CI_DEFLATE:
1539 case CI_DEFLATE_DRAFT:
1540 if (optlen >= CILEN_DEFLATE) {
1541 printer(arg, "deflate%s %d",
1542 (code == CI_DEFLATE_DRAFT? "(old#)": ""),
1543 DEFLATE_SIZE(p[2]));
1544 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL)
1545 printer(arg, " method %d", DEFLATE_METHOD(p[2]));
1546 if (p[3] != DEFLATE_CHK_SEQUENCE)
1547 printer(arg, " check %d", p[3]);
1548 p += CILEN_DEFLATE;
1549 }
1550 break;
1551 case CI_BSD_COMPRESS:
1552 if (optlen >= CILEN_BSD_COMPRESS) {
1553 printer(arg, "bsd v%d %d", BSD_VERSION(p[2]),
1554 BSD_NBITS(p[2]));
1555 p += CILEN_BSD_COMPRESS;
1556 }
1557 break;
1558 case CI_PREDICTOR_1:
1559 if (optlen >= CILEN_PREDICTOR_1) {
1560 printer(arg, "predictor 1");
1561 p += CILEN_PREDICTOR_1;
1562 }
1563 break;
1564 case CI_PREDICTOR_2:
1565 if (optlen >= CILEN_PREDICTOR_2) {
1566 printer(arg, "predictor 2");
1567 p += CILEN_PREDICTOR_2;
1568 }
1569 break;
1570 }
1571 while (p < optend)
1572 printer(arg, " %.2x", *p++);
1573 printer(arg, ">");
1574 }
1575 break;
1576
1577 case TERMACK:
1578 case TERMREQ:
1579 if (len > 0 && *p >= ' ' && *p < 0x7f) {
1580 print_string((char *)p, len, printer, arg);
1581 p += len;
1582 len = 0;
1583 }
1584 break;
1585 }
1586
1587 /* dump out the rest of the packet in hex */
1588 while (--len >= 0)
1589 printer(arg, " %.2x", *p++);
1590
1591 return p - p0;
1592 }
1593
1594 /*
1595 * We have received a packet that the decompressor failed to
1596 * decompress. Here we would expect to issue a reset-request, but
1597 * Motorola has a patent on resetting the compressor as a result of
1598 * detecting an error in the decompressed data after decompression.
1599 * (See US patent 5,130,993; international patent publication number
1600 * WO 91/10289; Australian patent 73296/91.)
1601 *
1602 * So we ask the kernel whether the error was detected after
1603 * decompression; if it was, we take CCP down, thus disabling
1604 * compression :-(, otherwise we issue the reset-request.
1605 */
1606 static void
1607 ccp_datainput(int unit, u_char *pkt, int len)
1608 {
1609 fsm *f;
1610
1611 f = &ccp_fsm[unit];
1612 if (f->state == OPENED) {
1613 if (ccp_fatal_error(unit)) {
1614 /*
1615 * Disable compression by taking CCP down.
1616 */
1617 error("Lost compression sync: disabling compression");
1618 ccp_close(unit, "Lost compression sync");
1619 #ifdef MPPE
1620 /*
1621 * If we were doing MPPE, we must also take the link down.
1622 */
1623 if (ccp_gotoptions[unit].mppe) {
1624 error("Too many MPPE errors, closing LCP");
1625 lcp_close(unit, "Too many MPPE errors");
1626 }
1627 #endif
1628 } else {
1629 /*
1630 * Send a reset-request to reset the peer's compressor.
1631 * We don't do that if we are still waiting for an
1632 * acknowledgement to a previous reset-request.
1633 */
1634 if (!(ccp_localstate[f->unit] & RACK_PENDING)) {
1635 fsm_sdata(f, CCP_RESETREQ, f->reqid = ++f->id, NULL, 0);
1636 TIMEOUT(ccp_rack_timeout, f, RACKTIMEOUT);
1637 ccp_localstate[f->unit] |= RACK_PENDING;
1638 } else
1639 ccp_localstate[f->unit] |= RREQ_REPEAT;
1640 }
1641 }
1642 }
1643
1644 /*
1645 * Timeout waiting for reset-ack.
1646 */
1647 static void
1648 ccp_rack_timeout(void *arg)
1649 {
1650 fsm *f = arg;
1651
1652 if (f->state == OPENED && ccp_localstate[f->unit] & RREQ_REPEAT) {
1653 fsm_sdata(f, CCP_RESETREQ, f->reqid, NULL, 0);
1654 TIMEOUT(ccp_rack_timeout, f, RACKTIMEOUT);
1655 ccp_localstate[f->unit] &= ~RREQ_REPEAT;
1656 } else
1657 ccp_localstate[f->unit] &= ~RACK_PENDING;
1658 }
1659
1660