1 /*
2 * ccp.c - PPP Compression Control Protocol.
3 *
4 * Copyright (c) 1994-2002 Paul Mackerras. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. The name(s) of the authors of this software must not be used to
14 * endorse or promote products derived from this software without
15 * prior written permission.
16 *
17 * 3. Redistributions of any form whatsoever must retain the following
18 * acknowledgment:
19 * "This product includes software developed by Paul Mackerras
20 * <paulus@samba.org>".
21 *
22 * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
23 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
24 * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
25 * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
26 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
27 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
28 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
29 */
30
31 #define RCSID "$Id: ccp.c,v 1.50 2005/06/26 19:34:41 carlsonj Exp $"
32
33 #include <stdlib.h>
34 #include <string.h>
35
36 #include "pppd.h"
37 #include "fsm.h"
38 #include "ccp.h"
39 #include <net/ppp-comp.h>
40
41 #ifdef MPPE
42 #include "chap_ms.h" /* mppe_xxxx_key, mppe_keys_set */
43 #include "lcp.h" /* lcp_close(), lcp_fsm */
44 #endif
45
46 static const char rcsid[] = RCSID;
47
48 /*
49 * Unfortunately there is a bug in zlib which means that using a
50 * size of 8 (window size = 256) for Deflate compression will cause
51 * buffer overruns and kernel crashes in the deflate module.
52 * Until this is fixed we only accept sizes in the range 9 .. 15.
53 * Thanks to James Carlson for pointing this out.
54 */
55 #define DEFLATE_MIN_WORKS 9
56
57 /*
58 * Command-line options.
59 */
60 static int setbsdcomp __P((char **));
61 static int setdeflate __P((char **));
62 static char bsd_value[8];
63 static char deflate_value[8];
64
65 /*
66 * Option variables.
67 */
68 #ifdef MPPE
69 bool refuse_mppe_stateful = 1; /* Allow stateful mode? */
70 #endif
71
72 static option_t ccp_option_list[] = {
73 { "noccp", o_bool, &ccp_protent.enabled_flag,
74 "Disable CCP negotiation" },
75 { "-ccp", o_bool, &ccp_protent.enabled_flag,
76 "Disable CCP negotiation", OPT_ALIAS },
77
78 { "bsdcomp", o_special, (void *)setbsdcomp,
79 "Request BSD-Compress packet compression",
80 OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, bsd_value },
81 { "nobsdcomp", o_bool, &ccp_wantoptions[0].bsd_compress,
82 "don't allow BSD-Compress", OPT_PRIOSUB | OPT_A2CLR,
83 &ccp_allowoptions[0].bsd_compress },
84 { "-bsdcomp", o_bool, &ccp_wantoptions[0].bsd_compress,
85 "don't allow BSD-Compress", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
86 &ccp_allowoptions[0].bsd_compress },
87
88 { "deflate", o_special, (void *)setdeflate,
89 "request Deflate compression",
90 OPT_PRIO | OPT_A2STRVAL | OPT_STATIC, deflate_value },
91 { "nodeflate", o_bool, &ccp_wantoptions[0].deflate,
92 "don't allow Deflate compression", OPT_PRIOSUB | OPT_A2CLR,
93 &ccp_allowoptions[0].deflate },
94 { "-deflate", o_bool, &ccp_wantoptions[0].deflate,
95 "don't allow Deflate compression", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
96 &ccp_allowoptions[0].deflate },
97
98 { "nodeflatedraft", o_bool, &ccp_wantoptions[0].deflate_draft,
99 "don't use draft deflate #", OPT_A2COPY,
100 &ccp_allowoptions[0].deflate_draft },
101
102 { "predictor1", o_bool, &ccp_wantoptions[0].predictor_1,
103 "request Predictor-1", OPT_PRIO | 1 },
104 { "nopredictor1", o_bool, &ccp_wantoptions[0].predictor_1,
105 "don't allow Predictor-1", OPT_PRIOSUB | OPT_A2CLR,
106 &ccp_allowoptions[0].predictor_1 },
107 { "-predictor1", o_bool, &ccp_wantoptions[0].predictor_1,
108 "don't allow Predictor-1", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
109 &ccp_allowoptions[0].predictor_1 },
110
111 #ifdef MPPE
112 /* MPPE options are symmetrical ... we only set wantoptions here */
113 { "require-mppe", o_bool, &ccp_wantoptions[0].mppe,
114 "require MPPE encryption",
115 OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 },
116 { "+mppe", o_bool, &ccp_wantoptions[0].mppe,
117 "require MPPE encryption",
118 OPT_ALIAS | OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 },
119 { "nomppe", o_bool, &ccp_wantoptions[0].mppe,
120 "don't allow MPPE encryption", OPT_PRIO },
121 { "-mppe", o_bool, &ccp_wantoptions[0].mppe,
122 "don't allow MPPE encryption", OPT_ALIAS | OPT_PRIO },
123
124 /* We use ccp_allowoptions[0].mppe as a junk var ... it is reset later */
125 { "require-mppe-40", o_bool, &ccp_allowoptions[0].mppe,
126 "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40,
127 &ccp_wantoptions[0].mppe },
128 { "+mppe-40", o_bool, &ccp_allowoptions[0].mppe,
129 "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40,
130 &ccp_wantoptions[0].mppe },
131 { "nomppe-40", o_bool, &ccp_allowoptions[0].mppe,
132 "don't allow MPPE 40-bit encryption",
133 OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40, &ccp_wantoptions[0].mppe },
134 { "-mppe-40", o_bool, &ccp_allowoptions[0].mppe,
135 "don't allow MPPE 40-bit encryption",
136 OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40,
137 &ccp_wantoptions[0].mppe },
138
139 { "require-mppe-128", o_bool, &ccp_allowoptions[0].mppe,
140 "require MPPE 128-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_128,
141 &ccp_wantoptions[0].mppe },
142 { "+mppe-128", o_bool, &ccp_allowoptions[0].mppe,
143 "require MPPE 128-bit encryption",
144 OPT_ALIAS | OPT_PRIO | OPT_A2OR | MPPE_OPT_128,
145 &ccp_wantoptions[0].mppe },
146 { "nomppe-128", o_bool, &ccp_allowoptions[0].mppe,
147 "don't allow MPPE 128-bit encryption",
148 OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128, &ccp_wantoptions[0].mppe },
149 { "-mppe-128", o_bool, &ccp_allowoptions[0].mppe,
150 "don't allow MPPE 128-bit encryption",
151 OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128,
152 &ccp_wantoptions[0].mppe },
153
154 /* strange one; we always request stateless, but will we allow stateful? */
155 { "mppe-stateful", o_bool, &refuse_mppe_stateful,
156 "allow MPPE stateful mode", OPT_PRIO },
157 { "nomppe-stateful", o_bool, &refuse_mppe_stateful,
158 "disallow MPPE stateful mode", OPT_PRIO | 1 },
159 #endif /* MPPE */
160
161 { NULL }
162 };
163
164 /*
165 * Protocol entry points from main code.
166 */
167 static void ccp_init __P((int unit));
168 static void ccp_open __P((int unit));
169 static void ccp_close __P((int unit, char *));
170 static void ccp_lowerup __P((int unit));
171 static void ccp_lowerdown __P((int));
172 static void ccp_input __P((int unit, u_char *pkt, int len));
173 static void ccp_protrej __P((int unit));
174 static int ccp_printpkt __P((u_char *pkt, int len,
175 void (*printer) __P((void *, char *, ...)),
176 void *arg));
177 static void ccp_datainput __P((int unit, u_char *pkt, int len));
178
179 struct protent ccp_protent = {
180 PPP_CCP,
181 ccp_init,
182 ccp_input,
183 ccp_protrej,
184 ccp_lowerup,
185 ccp_lowerdown,
186 ccp_open,
187 ccp_close,
188 ccp_printpkt,
189 ccp_datainput,
190 1,
191 "CCP",
192 "Compressed",
193 ccp_option_list,
194 NULL,
195 NULL,
196 NULL
197 };
198
199 fsm ccp_fsm[NUM_PPP];
200 ccp_options ccp_wantoptions[NUM_PPP]; /* what to request the peer to use */
201 ccp_options ccp_gotoptions[NUM_PPP]; /* what the peer agreed to do */
202 ccp_options ccp_allowoptions[NUM_PPP]; /* what we'll agree to do */
203 ccp_options ccp_hisoptions[NUM_PPP]; /* what we agreed to do */
204
205 /*
206 * Callbacks for fsm code.
207 */
208 static void ccp_resetci __P((fsm *));
209 static int ccp_cilen __P((fsm *));
210 static void ccp_addci __P((fsm *, u_char *, int *));
211 static int ccp_ackci __P((fsm *, u_char *, int));
212 static int ccp_nakci __P((fsm *, u_char *, int, int));
213 static int ccp_rejci __P((fsm *, u_char *, int));
214 static int ccp_reqci __P((fsm *, u_char *, int *, int));
215 static void ccp_up __P((fsm *));
216 static void ccp_down __P((fsm *));
217 static int ccp_extcode __P((fsm *, int, int, u_char *, int));
218 static void ccp_rack_timeout __P((void *));
219 static char *method_name __P((ccp_options *, ccp_options *));
220
221 static fsm_callbacks ccp_callbacks = {
222 ccp_resetci,
223 ccp_cilen,
224 ccp_addci,
225 ccp_ackci,
226 ccp_nakci,
227 ccp_rejci,
228 ccp_reqci,
229 ccp_up,
230 ccp_down,
231 NULL,
232 NULL,
233 NULL,
234 NULL,
235 ccp_extcode,
236 "CCP"
237 };
238
239 /*
240 * Do we want / did we get any compression?
241 */
242 #define ANY_COMPRESS(opt) ((opt).deflate || (opt).bsd_compress \
243 || (opt).predictor_1 || (opt).predictor_2 \
244 || (opt).mppe)
245
246 /*
247 * Local state (mainly for handling reset-reqs and reset-acks).
248 */
249 static int ccp_localstate[NUM_PPP];
250 #define RACK_PENDING 1 /* waiting for reset-ack */
251 #define RREQ_REPEAT 2 /* send another reset-req if no reset-ack */
252
253 #define RACKTIMEOUT 1 /* second */
254
255 static int all_rejected[NUM_PPP]; /* we rejected all peer's options */
256
257 /*
258 * Option parsing.
259 */
260 static int
setbsdcomp(argv)261 setbsdcomp(argv)
262 char **argv;
263 {
264 int rbits, abits;
265 char *str, *endp;
266
267 str = *argv;
268 abits = rbits = strtol(str, &endp, 0);
269 if (endp != str && *endp == ',') {
270 str = endp + 1;
271 abits = strtol(str, &endp, 0);
272 }
273 if (*endp != 0 || endp == str) {
274 option_error("invalid parameter '%s' for bsdcomp option", *argv);
275 return 0;
276 }
277 if ((rbits != 0 && (rbits < BSD_MIN_BITS || rbits > BSD_MAX_BITS))
278 || (abits != 0 && (abits < BSD_MIN_BITS || abits > BSD_MAX_BITS))) {
279 option_error("bsdcomp option values must be 0 or %d .. %d",
280 BSD_MIN_BITS, BSD_MAX_BITS);
281 return 0;
282 }
283 if (rbits > 0) {
284 ccp_wantoptions[0].bsd_compress = 1;
285 ccp_wantoptions[0].bsd_bits = rbits;
286 } else
287 ccp_wantoptions[0].bsd_compress = 0;
288 if (abits > 0) {
289 ccp_allowoptions[0].bsd_compress = 1;
290 ccp_allowoptions[0].bsd_bits = abits;
291 } else
292 ccp_allowoptions[0].bsd_compress = 0;
293 slprintf(bsd_value, sizeof(bsd_value),
294 rbits == abits? "%d": "%d,%d", rbits, abits);
295
296 return 1;
297 }
298
299 static int
setdeflate(argv)300 setdeflate(argv)
301 char **argv;
302 {
303 int rbits, abits;
304 char *str, *endp;
305
306 str = *argv;
307 abits = rbits = strtol(str, &endp, 0);
308 if (endp != str && *endp == ',') {
309 str = endp + 1;
310 abits = strtol(str, &endp, 0);
311 }
312 if (*endp != 0 || endp == str) {
313 option_error("invalid parameter '%s' for deflate option", *argv);
314 return 0;
315 }
316 if ((rbits != 0 && (rbits < DEFLATE_MIN_SIZE || rbits > DEFLATE_MAX_SIZE))
317 || (abits != 0 && (abits < DEFLATE_MIN_SIZE
318 || abits > DEFLATE_MAX_SIZE))) {
319 option_error("deflate option values must be 0 or %d .. %d",
320 DEFLATE_MIN_SIZE, DEFLATE_MAX_SIZE);
321 return 0;
322 }
323 if (rbits == DEFLATE_MIN_SIZE || abits == DEFLATE_MIN_SIZE) {
324 if (rbits == DEFLATE_MIN_SIZE)
325 rbits = DEFLATE_MIN_WORKS;
326 if (abits == DEFLATE_MIN_SIZE)
327 abits = DEFLATE_MIN_WORKS;
328 warn("deflate option value of %d changed to %d to avoid zlib bug",
329 DEFLATE_MIN_SIZE, DEFLATE_MIN_WORKS);
330 }
331 if (rbits > 0) {
332 ccp_wantoptions[0].deflate = 1;
333 ccp_wantoptions[0].deflate_size = rbits;
334 } else
335 ccp_wantoptions[0].deflate = 0;
336 if (abits > 0) {
337 ccp_allowoptions[0].deflate = 1;
338 ccp_allowoptions[0].deflate_size = abits;
339 } else
340 ccp_allowoptions[0].deflate = 0;
341 slprintf(deflate_value, sizeof(deflate_value),
342 rbits == abits? "%d": "%d,%d", rbits, abits);
343
344 return 1;
345 }
346
347 /*
348 * ccp_init - initialize CCP.
349 */
350 static void
ccp_init(unit)351 ccp_init(unit)
352 int unit;
353 {
354 fsm *f = &ccp_fsm[unit];
355
356 f->unit = unit;
357 f->protocol = PPP_CCP;
358 f->callbacks = &ccp_callbacks;
359 fsm_init(f);
360
361 memset(&ccp_wantoptions[unit], 0, sizeof(ccp_options));
362 memset(&ccp_gotoptions[unit], 0, sizeof(ccp_options));
363 memset(&ccp_allowoptions[unit], 0, sizeof(ccp_options));
364 memset(&ccp_hisoptions[unit], 0, sizeof(ccp_options));
365
366 ccp_wantoptions[0].deflate = 1;
367 ccp_wantoptions[0].deflate_size = DEFLATE_MAX_SIZE;
368 ccp_wantoptions[0].deflate_correct = 1;
369 ccp_wantoptions[0].deflate_draft = 1;
370 ccp_allowoptions[0].deflate = 1;
371 ccp_allowoptions[0].deflate_size = DEFLATE_MAX_SIZE;
372 ccp_allowoptions[0].deflate_correct = 1;
373 ccp_allowoptions[0].deflate_draft = 1;
374
375 ccp_wantoptions[0].bsd_compress = 1;
376 ccp_wantoptions[0].bsd_bits = BSD_MAX_BITS;
377 ccp_allowoptions[0].bsd_compress = 1;
378 ccp_allowoptions[0].bsd_bits = BSD_MAX_BITS;
379
380 ccp_allowoptions[0].predictor_1 = 1;
381 }
382
383 /*
384 * ccp_open - CCP is allowed to come up.
385 */
386 static void
ccp_open(unit)387 ccp_open(unit)
388 int unit;
389 {
390 fsm *f = &ccp_fsm[unit];
391
392 if (f->state != OPENED)
393 ccp_flags_set(unit, 1, 0);
394
395 /*
396 * Find out which compressors the kernel supports before
397 * deciding whether to open in silent mode.
398 */
399 ccp_resetci(f);
400 if (!ANY_COMPRESS(ccp_gotoptions[unit]))
401 f->flags |= OPT_SILENT;
402
403 fsm_open(f);
404 }
405
406 /*
407 * ccp_close - Terminate CCP.
408 */
409 static void
ccp_close(unit,reason)410 ccp_close(unit, reason)
411 int unit;
412 char *reason;
413 {
414 ccp_flags_set(unit, 0, 0);
415 fsm_close(&ccp_fsm[unit], reason);
416 }
417
418 /*
419 * ccp_lowerup - we may now transmit CCP packets.
420 */
421 static void
ccp_lowerup(unit)422 ccp_lowerup(unit)
423 int unit;
424 {
425 fsm_lowerup(&ccp_fsm[unit]);
426 }
427
428 /*
429 * ccp_lowerdown - we may not transmit CCP packets.
430 */
431 static void
ccp_lowerdown(unit)432 ccp_lowerdown(unit)
433 int unit;
434 {
435 fsm_lowerdown(&ccp_fsm[unit]);
436 }
437
438 /*
439 * ccp_input - process a received CCP packet.
440 */
441 static void
ccp_input(unit,p,len)442 ccp_input(unit, p, len)
443 int unit;
444 u_char *p;
445 int len;
446 {
447 fsm *f = &ccp_fsm[unit];
448 int oldstate;
449
450 /*
451 * Check for a terminate-request so we can print a message.
452 */
453 oldstate = f->state;
454 fsm_input(f, p, len);
455 if (oldstate == OPENED && p[0] == TERMREQ && f->state != OPENED) {
456 notice("Compression disabled by peer.");
457 #ifdef MPPE
458 if (ccp_gotoptions[unit].mppe) {
459 error("MPPE disabled, closing LCP");
460 lcp_close(unit, "MPPE disabled by peer");
461 }
462 #endif
463 }
464
465 /*
466 * If we get a terminate-ack and we're not asking for compression,
467 * close CCP.
468 */
469 if (oldstate == REQSENT && p[0] == TERMACK
470 && !ANY_COMPRESS(ccp_gotoptions[unit]))
471 ccp_close(unit, "No compression negotiated");
472 }
473
474 /*
475 * Handle a CCP-specific code.
476 */
477 static int
ccp_extcode(f,code,id,p,len)478 ccp_extcode(f, code, id, p, len)
479 fsm *f;
480 int code, id;
481 u_char *p;
482 int len;
483 {
484 switch (code) {
485 case CCP_RESETREQ:
486 if (f->state != OPENED)
487 break;
488 /* send a reset-ack, which the transmitter will see and
489 reset its compression state. */
490 fsm_sdata(f, CCP_RESETACK, id, NULL, 0);
491 break;
492
493 case CCP_RESETACK:
494 if (ccp_localstate[f->unit] & RACK_PENDING && id == f->reqid) {
495 ccp_localstate[f->unit] &= ~(RACK_PENDING | RREQ_REPEAT);
496 UNTIMEOUT(ccp_rack_timeout, f);
497 }
498 break;
499
500 default:
501 return 0;
502 }
503
504 return 1;
505 }
506
507 /*
508 * ccp_protrej - peer doesn't talk CCP.
509 */
510 static void
ccp_protrej(unit)511 ccp_protrej(unit)
512 int unit;
513 {
514 ccp_flags_set(unit, 0, 0);
515 fsm_lowerdown(&ccp_fsm[unit]);
516
517 #ifdef MPPE
518 if (ccp_gotoptions[unit].mppe) {
519 error("MPPE required but peer negotiation failed");
520 lcp_close(unit, "MPPE required but peer negotiation failed");
521 }
522 #endif
523
524 }
525
526 /*
527 * ccp_resetci - initialize at start of negotiation.
528 */
529 static void
ccp_resetci(f)530 ccp_resetci(f)
531 fsm *f;
532 {
533 ccp_options *go = &ccp_gotoptions[f->unit];
534 u_char opt_buf[CCP_MAX_OPTION_LENGTH];
535
536 *go = ccp_wantoptions[f->unit];
537 all_rejected[f->unit] = 0;
538
539 #ifdef MPPE
540 if (go->mppe) {
541 ccp_options *ao = &ccp_allowoptions[f->unit];
542 int auth_mschap_bits = auth_done[f->unit];
543 int numbits;
544
545 /*
546 * Start with a basic sanity check: mschap[v2] auth must be in
547 * exactly one direction. RFC 3079 says that the keys are
548 * 'derived from the credentials of the peer that initiated the call',
549 * however the PPP protocol doesn't have such a concept, and pppd
550 * cannot get this info externally. Instead we do the best we can.
551 * NB: If MPPE is required, all other compression opts are invalid.
552 * So, we return right away if we can't do it.
553 */
554
555 /* Leave only the mschap auth bits set */
556 auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER |
557 CHAP_MS2_WITHPEER | CHAP_MS2_PEER);
558 /* Count the mschap auths */
559 auth_mschap_bits >>= CHAP_MS_SHIFT;
560 numbits = 0;
561 do {
562 numbits += auth_mschap_bits & 1;
563 auth_mschap_bits >>= 1;
564 } while (auth_mschap_bits);
565 if (numbits > 1) {
566 error("MPPE required, but auth done in both directions.");
567 lcp_close(f->unit, "MPPE required but not available");
568 return;
569 }
570 if (!numbits) {
571 error("MPPE required, but MS-CHAP[v2] auth not performed.");
572 lcp_close(f->unit, "MPPE required but not available");
573 return;
574 }
575
576 /* A plugin (eg radius) may not have obtained key material. */
577 if (!mppe_keys_set) {
578 error("MPPE required, but keys are not available. "
579 "Possible plugin problem?");
580 lcp_close(f->unit, "MPPE required but not available");
581 return;
582 }
583
584 /* LM auth not supported for MPPE */
585 if (auth_done[f->unit] & (CHAP_MS_WITHPEER | CHAP_MS_PEER)) {
586 /* This might be noise */
587 if (go->mppe & MPPE_OPT_40) {
588 notice("Disabling 40-bit MPPE; MS-CHAP LM not supported");
589 go->mppe &= ~MPPE_OPT_40;
590 ccp_wantoptions[f->unit].mppe &= ~MPPE_OPT_40;
591 }
592 }
593
594 /* Last check: can we actually negotiate something? */
595 if (!(go->mppe & (MPPE_OPT_40 | MPPE_OPT_128))) {
596 /* Could be misconfig, could be 40-bit disabled above. */
597 error("MPPE required, but both 40-bit and 128-bit disabled.");
598 lcp_close(f->unit, "MPPE required but not available");
599 return;
600 }
601
602 /* sync options */
603 ao->mppe = go->mppe;
604 /* MPPE is not compatible with other compression types */
605 ao->bsd_compress = go->bsd_compress = 0;
606 ao->predictor_1 = go->predictor_1 = 0;
607 ao->predictor_2 = go->predictor_2 = 0;
608 ao->deflate = go->deflate = 0;
609 }
610 #endif /* MPPE */
611
612 /*
613 * Check whether the kernel knows about the various
614 * compression methods we might request.
615 */
616 #ifdef MPPE
617 if (go->mppe) {
618 opt_buf[0] = CI_MPPE;
619 opt_buf[1] = CILEN_MPPE;
620 MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]);
621 /* Key material unimportant here. */
622 if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) {
623 error("MPPE required, but kernel has no support.");
624 lcp_close(f->unit, "MPPE required but not available");
625 }
626 }
627 #endif
628 if (go->bsd_compress) {
629 opt_buf[0] = CI_BSD_COMPRESS;
630 opt_buf[1] = CILEN_BSD_COMPRESS;
631 opt_buf[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, BSD_MIN_BITS);
632 if (ccp_test(f->unit, opt_buf, CILEN_BSD_COMPRESS, 0) <= 0)
633 go->bsd_compress = 0;
634 }
635 if (go->deflate) {
636 if (go->deflate_correct) {
637 opt_buf[0] = CI_DEFLATE;
638 opt_buf[1] = CILEN_DEFLATE;
639 opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_WORKS);
640 opt_buf[3] = DEFLATE_CHK_SEQUENCE;
641 if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0)
642 go->deflate_correct = 0;
643 }
644 if (go->deflate_draft) {
645 opt_buf[0] = CI_DEFLATE_DRAFT;
646 opt_buf[1] = CILEN_DEFLATE;
647 opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_WORKS);
648 opt_buf[3] = DEFLATE_CHK_SEQUENCE;
649 if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0)
650 go->deflate_draft = 0;
651 }
652 if (!go->deflate_correct && !go->deflate_draft)
653 go->deflate = 0;
654 }
655 if (go->predictor_1) {
656 opt_buf[0] = CI_PREDICTOR_1;
657 opt_buf[1] = CILEN_PREDICTOR_1;
658 if (ccp_test(f->unit, opt_buf, CILEN_PREDICTOR_1, 0) <= 0)
659 go->predictor_1 = 0;
660 }
661 if (go->predictor_2) {
662 opt_buf[0] = CI_PREDICTOR_2;
663 opt_buf[1] = CILEN_PREDICTOR_2;
664 if (ccp_test(f->unit, opt_buf, CILEN_PREDICTOR_2, 0) <= 0)
665 go->predictor_2 = 0;
666 }
667 }
668
669 /*
670 * ccp_cilen - Return total length of our configuration info.
671 */
672 static int
ccp_cilen(f)673 ccp_cilen(f)
674 fsm *f;
675 {
676 ccp_options *go = &ccp_gotoptions[f->unit];
677
678 return (go->bsd_compress? CILEN_BSD_COMPRESS: 0)
679 + (go->deflate? CILEN_DEFLATE: 0)
680 + (go->predictor_1? CILEN_PREDICTOR_1: 0)
681 + (go->predictor_2? CILEN_PREDICTOR_2: 0)
682 + (go->mppe? CILEN_MPPE: 0);
683 }
684
685 /*
686 * ccp_addci - put our requests in a packet.
687 */
688 static void
ccp_addci(f,p,lenp)689 ccp_addci(f, p, lenp)
690 fsm *f;
691 u_char *p;
692 int *lenp;
693 {
694 int res;
695 ccp_options *go = &ccp_gotoptions[f->unit];
696 u_char *p0 = p;
697
698 /*
699 * Add the compression types that we can receive, in decreasing
700 * preference order. Get the kernel to allocate the first one
701 * in case it gets Acked.
702 */
703 #ifdef MPPE
704 if (go->mppe) {
705 u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN];
706
707 p[0] = opt_buf[0] = CI_MPPE;
708 p[1] = opt_buf[1] = CILEN_MPPE;
709 MPPE_OPTS_TO_CI(go->mppe, &p[2]);
710 MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]);
711 BCOPY(mppe_recv_key, &opt_buf[CILEN_MPPE], MPPE_MAX_KEY_LEN);
712 res = ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0);
713 if (res > 0)
714 p += CILEN_MPPE;
715 else
716 /* This shouldn't happen, we've already tested it! */
717 lcp_close(f->unit, "MPPE required but not available in kernel");
718 }
719 #endif
720 if (go->deflate) {
721 p[0] = go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT;
722 p[1] = CILEN_DEFLATE;
723 p[2] = DEFLATE_MAKE_OPT(go->deflate_size);
724 p[3] = DEFLATE_CHK_SEQUENCE;
725 if (p != p0) {
726 p += CILEN_DEFLATE;
727 } else {
728 for (;;) {
729 if (go->deflate_size < DEFLATE_MIN_WORKS) {
730 go->deflate = 0;
731 break;
732 }
733 res = ccp_test(f->unit, p, CILEN_DEFLATE, 0);
734 if (res > 0) {
735 p += CILEN_DEFLATE;
736 break;
737 } else if (res < 0) {
738 go->deflate = 0;
739 break;
740 }
741 --go->deflate_size;
742 p[2] = DEFLATE_MAKE_OPT(go->deflate_size);
743 }
744 }
745 if (p != p0 && go->deflate_correct && go->deflate_draft) {
746 p[0] = CI_DEFLATE_DRAFT;
747 p[1] = CILEN_DEFLATE;
748 p[2] = p[2 - CILEN_DEFLATE];
749 p[3] = DEFLATE_CHK_SEQUENCE;
750 p += CILEN_DEFLATE;
751 }
752 }
753 if (go->bsd_compress) {
754 p[0] = CI_BSD_COMPRESS;
755 p[1] = CILEN_BSD_COMPRESS;
756 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits);
757 if (p != p0) {
758 p += CILEN_BSD_COMPRESS; /* not the first option */
759 } else {
760 for (;;) {
761 if (go->bsd_bits < BSD_MIN_BITS) {
762 go->bsd_compress = 0;
763 break;
764 }
765 res = ccp_test(f->unit, p, CILEN_BSD_COMPRESS, 0);
766 if (res > 0) {
767 p += CILEN_BSD_COMPRESS;
768 break;
769 } else if (res < 0) {
770 go->bsd_compress = 0;
771 break;
772 }
773 --go->bsd_bits;
774 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits);
775 }
776 }
777 }
778 /* XXX Should Predictor 2 be preferable to Predictor 1? */
779 if (go->predictor_1) {
780 p[0] = CI_PREDICTOR_1;
781 p[1] = CILEN_PREDICTOR_1;
782 if (p == p0 && ccp_test(f->unit, p, CILEN_PREDICTOR_1, 0) <= 0) {
783 go->predictor_1 = 0;
784 } else {
785 p += CILEN_PREDICTOR_1;
786 }
787 }
788 if (go->predictor_2) {
789 p[0] = CI_PREDICTOR_2;
790 p[1] = CILEN_PREDICTOR_2;
791 if (p == p0 && ccp_test(f->unit, p, CILEN_PREDICTOR_2, 0) <= 0) {
792 go->predictor_2 = 0;
793 } else {
794 p += CILEN_PREDICTOR_2;
795 }
796 }
797
798 go->method = (p > p0)? p0[0]: -1;
799
800 *lenp = p - p0;
801 }
802
803 /*
804 * ccp_ackci - process a received configure-ack, and return
805 * 1 iff the packet was OK.
806 */
807 static int
ccp_ackci(f,p,len)808 ccp_ackci(f, p, len)
809 fsm *f;
810 u_char *p;
811 int len;
812 {
813 ccp_options *go = &ccp_gotoptions[f->unit];
814 u_char *p0 = p;
815
816 #ifdef MPPE
817 if (go->mppe) {
818 u_char opt_buf[CILEN_MPPE];
819
820 opt_buf[0] = CI_MPPE;
821 opt_buf[1] = CILEN_MPPE;
822 MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]);
823 if (len < CILEN_MPPE || memcmp(opt_buf, p, CILEN_MPPE))
824 return 0;
825 p += CILEN_MPPE;
826 len -= CILEN_MPPE;
827 /* XXX Cope with first/fast ack */
828 if (len == 0)
829 return 1;
830 }
831 #endif
832 if (go->deflate) {
833 if (len < CILEN_DEFLATE
834 || p[0] != (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
835 || p[1] != CILEN_DEFLATE
836 || p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
837 || p[3] != DEFLATE_CHK_SEQUENCE)
838 return 0;
839 p += CILEN_DEFLATE;
840 len -= CILEN_DEFLATE;
841 /* XXX Cope with first/fast ack */
842 if (len == 0)
843 return 1;
844 if (go->deflate_correct && go->deflate_draft) {
845 if (len < CILEN_DEFLATE
846 || p[0] != CI_DEFLATE_DRAFT
847 || p[1] != CILEN_DEFLATE
848 || p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
849 || p[3] != DEFLATE_CHK_SEQUENCE)
850 return 0;
851 p += CILEN_DEFLATE;
852 len -= CILEN_DEFLATE;
853 }
854 }
855 if (go->bsd_compress) {
856 if (len < CILEN_BSD_COMPRESS
857 || p[0] != CI_BSD_COMPRESS || p[1] != CILEN_BSD_COMPRESS
858 || p[2] != BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits))
859 return 0;
860 p += CILEN_BSD_COMPRESS;
861 len -= CILEN_BSD_COMPRESS;
862 /* XXX Cope with first/fast ack */
863 if (p == p0 && len == 0)
864 return 1;
865 }
866 if (go->predictor_1) {
867 if (len < CILEN_PREDICTOR_1
868 || p[0] != CI_PREDICTOR_1 || p[1] != CILEN_PREDICTOR_1)
869 return 0;
870 p += CILEN_PREDICTOR_1;
871 len -= CILEN_PREDICTOR_1;
872 /* XXX Cope with first/fast ack */
873 if (p == p0 && len == 0)
874 return 1;
875 }
876 if (go->predictor_2) {
877 if (len < CILEN_PREDICTOR_2
878 || p[0] != CI_PREDICTOR_2 || p[1] != CILEN_PREDICTOR_2)
879 return 0;
880 p += CILEN_PREDICTOR_2;
881 len -= CILEN_PREDICTOR_2;
882 /* XXX Cope with first/fast ack */
883 if (p == p0 && len == 0)
884 return 1;
885 }
886
887 if (len != 0)
888 return 0;
889 return 1;
890 }
891
892 /*
893 * ccp_nakci - process received configure-nak.
894 * Returns 1 iff the nak was OK.
895 */
896 static int
ccp_nakci(f,p,len,treat_as_reject)897 ccp_nakci(f, p, len, treat_as_reject)
898 fsm *f;
899 u_char *p;
900 int len;
901 int treat_as_reject;
902 {
903 ccp_options *go = &ccp_gotoptions[f->unit];
904 ccp_options no; /* options we've seen already */
905 ccp_options try; /* options to ask for next time */
906
907 memset(&no, 0, sizeof(no));
908 try = *go;
909
910 #ifdef MPPE
911 if (go->mppe && len >= CILEN_MPPE
912 && p[0] == CI_MPPE && p[1] == CILEN_MPPE) {
913 no.mppe = 1;
914 /*
915 * Peer wants us to use a different strength or other setting.
916 * Fail if we aren't willing to use his suggestion.
917 */
918 MPPE_CI_TO_OPTS(&p[2], try.mppe);
919 if ((try.mppe & MPPE_OPT_STATEFUL) && refuse_mppe_stateful) {
920 error("Refusing MPPE stateful mode offered by peer");
921 try.mppe = 0;
922 } else if (((go->mppe | MPPE_OPT_STATEFUL) & try.mppe) != try.mppe) {
923 /* Peer must have set options we didn't request (suggest) */
924 try.mppe = 0;
925 }
926
927 if (!try.mppe) {
928 error("MPPE required but peer negotiation failed");
929 lcp_close(f->unit, "MPPE required but peer negotiation failed");
930 }
931 }
932 #endif /* MPPE */
933 if (go->deflate && len >= CILEN_DEFLATE
934 && p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
935 && p[1] == CILEN_DEFLATE) {
936 no.deflate = 1;
937 /*
938 * Peer wants us to use a different code size or something.
939 * Stop asking for Deflate if we don't understand his suggestion.
940 */
941 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL
942 || DEFLATE_SIZE(p[2]) < DEFLATE_MIN_WORKS
943 || p[3] != DEFLATE_CHK_SEQUENCE)
944 try.deflate = 0;
945 else if (DEFLATE_SIZE(p[2]) < go->deflate_size)
946 try.deflate_size = DEFLATE_SIZE(p[2]);
947 p += CILEN_DEFLATE;
948 len -= CILEN_DEFLATE;
949 if (go->deflate_correct && go->deflate_draft
950 && len >= CILEN_DEFLATE && p[0] == CI_DEFLATE_DRAFT
951 && p[1] == CILEN_DEFLATE) {
952 p += CILEN_DEFLATE;
953 len -= CILEN_DEFLATE;
954 }
955 }
956
957 if (go->bsd_compress && len >= CILEN_BSD_COMPRESS
958 && p[0] == CI_BSD_COMPRESS && p[1] == CILEN_BSD_COMPRESS) {
959 no.bsd_compress = 1;
960 /*
961 * Peer wants us to use a different number of bits
962 * or a different version.
963 */
964 if (BSD_VERSION(p[2]) != BSD_CURRENT_VERSION)
965 try.bsd_compress = 0;
966 else if (BSD_NBITS(p[2]) < go->bsd_bits)
967 try.bsd_bits = BSD_NBITS(p[2]);
968 p += CILEN_BSD_COMPRESS;
969 len -= CILEN_BSD_COMPRESS;
970 }
971
972 /*
973 * Predictor-1 and 2 have no options, so they can't be Naked.
974 *
975 * There may be remaining options but we ignore them.
976 */
977
978 if (f->state != OPENED)
979 *go = try;
980 return 1;
981 }
982
983 /*
984 * ccp_rejci - reject some of our suggested compression methods.
985 */
986 static int
ccp_rejci(f,p,len)987 ccp_rejci(f, p, len)
988 fsm *f;
989 u_char *p;
990 int len;
991 {
992 ccp_options *go = &ccp_gotoptions[f->unit];
993 ccp_options try; /* options to request next time */
994
995 try = *go;
996
997 /*
998 * Cope with empty configure-rejects by ceasing to send
999 * configure-requests.
1000 */
1001 if (len == 0 && all_rejected[f->unit])
1002 return -1;
1003
1004 #ifdef MPPE
1005 if (go->mppe && len >= CILEN_MPPE
1006 && p[0] == CI_MPPE && p[1] == CILEN_MPPE) {
1007 error("MPPE required but peer refused");
1008 lcp_close(f->unit, "MPPE required but peer refused");
1009 p += CILEN_MPPE;
1010 len -= CILEN_MPPE;
1011 }
1012 #endif
1013 if (go->deflate_correct && len >= CILEN_DEFLATE
1014 && p[0] == CI_DEFLATE && p[1] == CILEN_DEFLATE) {
1015 if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
1016 || p[3] != DEFLATE_CHK_SEQUENCE)
1017 return 0; /* Rej is bad */
1018 try.deflate_correct = 0;
1019 p += CILEN_DEFLATE;
1020 len -= CILEN_DEFLATE;
1021 }
1022 if (go->deflate_draft && len >= CILEN_DEFLATE
1023 && p[0] == CI_DEFLATE_DRAFT && p[1] == CILEN_DEFLATE) {
1024 if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
1025 || p[3] != DEFLATE_CHK_SEQUENCE)
1026 return 0; /* Rej is bad */
1027 try.deflate_draft = 0;
1028 p += CILEN_DEFLATE;
1029 len -= CILEN_DEFLATE;
1030 }
1031 if (!try.deflate_correct && !try.deflate_draft)
1032 try.deflate = 0;
1033 if (go->bsd_compress && len >= CILEN_BSD_COMPRESS
1034 && p[0] == CI_BSD_COMPRESS && p[1] == CILEN_BSD_COMPRESS) {
1035 if (p[2] != BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits))
1036 return 0;
1037 try.bsd_compress = 0;
1038 p += CILEN_BSD_COMPRESS;
1039 len -= CILEN_BSD_COMPRESS;
1040 }
1041 if (go->predictor_1 && len >= CILEN_PREDICTOR_1
1042 && p[0] == CI_PREDICTOR_1 && p[1] == CILEN_PREDICTOR_1) {
1043 try.predictor_1 = 0;
1044 p += CILEN_PREDICTOR_1;
1045 len -= CILEN_PREDICTOR_1;
1046 }
1047 if (go->predictor_2 && len >= CILEN_PREDICTOR_2
1048 && p[0] == CI_PREDICTOR_2 && p[1] == CILEN_PREDICTOR_2) {
1049 try.predictor_2 = 0;
1050 p += CILEN_PREDICTOR_2;
1051 len -= CILEN_PREDICTOR_2;
1052 }
1053
1054 if (len != 0)
1055 return 0;
1056
1057 if (f->state != OPENED)
1058 *go = try;
1059
1060 return 1;
1061 }
1062
1063 /*
1064 * ccp_reqci - processed a received configure-request.
1065 * Returns CONFACK, CONFNAK or CONFREJ and the packet modified
1066 * appropriately.
1067 */
1068 static int
ccp_reqci(f,p,lenp,dont_nak)1069 ccp_reqci(f, p, lenp, dont_nak)
1070 fsm *f;
1071 u_char *p;
1072 int *lenp;
1073 int dont_nak;
1074 {
1075 int ret, newret, res;
1076 u_char *p0, *retp;
1077 int len, clen, type, nb;
1078 ccp_options *ho = &ccp_hisoptions[f->unit];
1079 ccp_options *ao = &ccp_allowoptions[f->unit];
1080 #ifdef MPPE
1081 bool rej_for_ci_mppe = 1; /* Are we rejecting based on a bad/missing */
1082 /* CI_MPPE, or due to other options? */
1083 #endif
1084
1085 ret = CONFACK;
1086 retp = p0 = p;
1087 len = *lenp;
1088
1089 memset(ho, 0, sizeof(ccp_options));
1090 ho->method = (len > 0)? p[0]: -1;
1091
1092 while (len > 0) {
1093 newret = CONFACK;
1094 if (len < 2 || p[1] < 2 || p[1] > len) {
1095 /* length is bad */
1096 clen = len;
1097 newret = CONFREJ;
1098
1099 } else {
1100 type = p[0];
1101 clen = p[1];
1102
1103 switch (type) {
1104 #ifdef MPPE
1105 case CI_MPPE:
1106 if (!ao->mppe || clen != CILEN_MPPE) {
1107 newret = CONFREJ;
1108 break;
1109 }
1110 MPPE_CI_TO_OPTS(&p[2], ho->mppe);
1111
1112 /* Nak if anything unsupported or unknown are set. */
1113 if (ho->mppe & MPPE_OPT_UNSUPPORTED) {
1114 newret = CONFNAK;
1115 ho->mppe &= ~MPPE_OPT_UNSUPPORTED;
1116 }
1117 if (ho->mppe & MPPE_OPT_UNKNOWN) {
1118 newret = CONFNAK;
1119 ho->mppe &= ~MPPE_OPT_UNKNOWN;
1120 }
1121
1122 /* Check state opt */
1123 if (ho->mppe & MPPE_OPT_STATEFUL) {
1124 /*
1125 * We can Nak and request stateless, but it's a
1126 * lot easier to just assume the peer will request
1127 * it if he can do it; stateful mode is bad over
1128 * the Internet -- which is where we expect MPPE.
1129 */
1130 if (refuse_mppe_stateful) {
1131 error("Refusing MPPE stateful mode offered by peer");
1132 newret = CONFREJ;
1133 break;
1134 }
1135 }
1136
1137 /* Find out which of {S,L} are set. */
1138 if ((ho->mppe & MPPE_OPT_128)
1139 && (ho->mppe & MPPE_OPT_40)) {
1140 /* Both are set, negotiate the strongest. */
1141 newret = CONFNAK;
1142 if (ao->mppe & MPPE_OPT_128)
1143 ho->mppe &= ~MPPE_OPT_40;
1144 else if (ao->mppe & MPPE_OPT_40)
1145 ho->mppe &= ~MPPE_OPT_128;
1146 else {
1147 newret = CONFREJ;
1148 break;
1149 }
1150 } else if (ho->mppe & MPPE_OPT_128) {
1151 if (!(ao->mppe & MPPE_OPT_128)) {
1152 newret = CONFREJ;
1153 break;
1154 }
1155 } else if (ho->mppe & MPPE_OPT_40) {
1156 if (!(ao->mppe & MPPE_OPT_40)) {
1157 newret = CONFREJ;
1158 break;
1159 }
1160 } else {
1161 /* Neither are set. */
1162 /* We cannot accept this. */
1163 newret = CONFNAK;
1164 /* Give the peer our idea of what can be used,
1165 so it can choose and confirm */
1166 ho->mppe = ao->mppe;
1167 }
1168
1169 /* rebuild the opts */
1170 MPPE_OPTS_TO_CI(ho->mppe, &p[2]);
1171 if (newret == CONFACK) {
1172 u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN];
1173 int mtu;
1174
1175 BCOPY(p, opt_buf, CILEN_MPPE);
1176 BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE],
1177 MPPE_MAX_KEY_LEN);
1178 if (ccp_test(f->unit, opt_buf,
1179 CILEN_MPPE + MPPE_MAX_KEY_LEN, 1) <= 0) {
1180 /* This shouldn't happen, we've already tested it! */
1181 error("MPPE required, but kernel has no support.");
1182 lcp_close(f->unit, "MPPE required but not available");
1183 newret = CONFREJ;
1184 break;
1185 }
1186 /*
1187 * We need to decrease the interface MTU by MPPE_PAD
1188 * because MPPE frames **grow**. The kernel [must]
1189 * allocate MPPE_PAD extra bytes in xmit buffers.
1190 */
1191 mtu = netif_get_mtu(f->unit);
1192 if (mtu)
1193 netif_set_mtu(f->unit, mtu - MPPE_PAD);
1194 else
1195 newret = CONFREJ;
1196 }
1197
1198 /*
1199 * We have accepted MPPE or are willing to negotiate
1200 * MPPE parameters. A CONFREJ is due to subsequent
1201 * (non-MPPE) processing.
1202 */
1203 rej_for_ci_mppe = 0;
1204 break;
1205 #endif /* MPPE */
1206 case CI_DEFLATE:
1207 case CI_DEFLATE_DRAFT:
1208 if (!ao->deflate || clen != CILEN_DEFLATE
1209 || (!ao->deflate_correct && type == CI_DEFLATE)
1210 || (!ao->deflate_draft && type == CI_DEFLATE_DRAFT)) {
1211 newret = CONFREJ;
1212 break;
1213 }
1214
1215 ho->deflate = 1;
1216 ho->deflate_size = nb = DEFLATE_SIZE(p[2]);
1217 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL
1218 || p[3] != DEFLATE_CHK_SEQUENCE
1219 || nb > ao->deflate_size || nb < DEFLATE_MIN_WORKS) {
1220 newret = CONFNAK;
1221 if (!dont_nak) {
1222 p[2] = DEFLATE_MAKE_OPT(ao->deflate_size);
1223 p[3] = DEFLATE_CHK_SEQUENCE;
1224 /* fall through to test this #bits below */
1225 } else
1226 break;
1227 }
1228
1229 /*
1230 * Check whether we can do Deflate with the window
1231 * size they want. If the window is too big, reduce
1232 * it until the kernel can cope and nak with that.
1233 * We only check this for the first option.
1234 */
1235 if (p == p0) {
1236 for (;;) {
1237 res = ccp_test(f->unit, p, CILEN_DEFLATE, 1);
1238 if (res > 0)
1239 break; /* it's OK now */
1240 if (res < 0 || nb == DEFLATE_MIN_WORKS || dont_nak) {
1241 newret = CONFREJ;
1242 p[2] = DEFLATE_MAKE_OPT(ho->deflate_size);
1243 break;
1244 }
1245 newret = CONFNAK;
1246 --nb;
1247 p[2] = DEFLATE_MAKE_OPT(nb);
1248 }
1249 }
1250 break;
1251
1252 case CI_BSD_COMPRESS:
1253 if (!ao->bsd_compress || clen != CILEN_BSD_COMPRESS) {
1254 newret = CONFREJ;
1255 break;
1256 }
1257
1258 ho->bsd_compress = 1;
1259 ho->bsd_bits = nb = BSD_NBITS(p[2]);
1260 if (BSD_VERSION(p[2]) != BSD_CURRENT_VERSION
1261 || nb > ao->bsd_bits || nb < BSD_MIN_BITS) {
1262 newret = CONFNAK;
1263 if (!dont_nak) {
1264 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, ao->bsd_bits);
1265 /* fall through to test this #bits below */
1266 } else
1267 break;
1268 }
1269
1270 /*
1271 * Check whether we can do BSD-Compress with the code
1272 * size they want. If the code size is too big, reduce
1273 * it until the kernel can cope and nak with that.
1274 * We only check this for the first option.
1275 */
1276 if (p == p0) {
1277 for (;;) {
1278 res = ccp_test(f->unit, p, CILEN_BSD_COMPRESS, 1);
1279 if (res > 0)
1280 break;
1281 if (res < 0 || nb == BSD_MIN_BITS || dont_nak) {
1282 newret = CONFREJ;
1283 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION,
1284 ho->bsd_bits);
1285 break;
1286 }
1287 newret = CONFNAK;
1288 --nb;
1289 p[2] = BSD_MAKE_OPT(BSD_CURRENT_VERSION, nb);
1290 }
1291 }
1292 break;
1293
1294 case CI_PREDICTOR_1:
1295 if (!ao->predictor_1 || clen != CILEN_PREDICTOR_1) {
1296 newret = CONFREJ;
1297 break;
1298 }
1299
1300 ho->predictor_1 = 1;
1301 if (p == p0
1302 && ccp_test(f->unit, p, CILEN_PREDICTOR_1, 1) <= 0) {
1303 newret = CONFREJ;
1304 }
1305 break;
1306
1307 case CI_PREDICTOR_2:
1308 if (!ao->predictor_2 || clen != CILEN_PREDICTOR_2) {
1309 newret = CONFREJ;
1310 break;
1311 }
1312
1313 ho->predictor_2 = 1;
1314 if (p == p0
1315 && ccp_test(f->unit, p, CILEN_PREDICTOR_2, 1) <= 0) {
1316 newret = CONFREJ;
1317 }
1318 break;
1319
1320 default:
1321 newret = CONFREJ;
1322 }
1323 }
1324
1325 if (newret == CONFNAK && dont_nak)
1326 newret = CONFREJ;
1327 if (!(newret == CONFACK || (newret == CONFNAK && ret == CONFREJ))) {
1328 /* we're returning this option */
1329 if (newret == CONFREJ && ret == CONFNAK)
1330 retp = p0;
1331 ret = newret;
1332 if (p != retp)
1333 BCOPY(p, retp, clen);
1334 retp += clen;
1335 }
1336
1337 p += clen;
1338 len -= clen;
1339 }
1340
1341 if (ret != CONFACK) {
1342 if (ret == CONFREJ && *lenp == retp - p0)
1343 all_rejected[f->unit] = 1;
1344 else
1345 *lenp = retp - p0;
1346 }
1347 #ifdef MPPE
1348 if (ret == CONFREJ && ao->mppe && rej_for_ci_mppe) {
1349 error("MPPE required but peer negotiation failed");
1350 lcp_close(f->unit, "MPPE required but peer negotiation failed");
1351 }
1352 #endif
1353 return ret;
1354 }
1355
1356 /*
1357 * Make a string name for a compression method (or 2).
1358 */
1359 static char *
method_name(opt,opt2)1360 method_name(opt, opt2)
1361 ccp_options *opt, *opt2;
1362 {
1363 static char result[64];
1364
1365 if (!ANY_COMPRESS(*opt))
1366 return "(none)";
1367 switch (opt->method) {
1368 #ifdef MPPE
1369 case CI_MPPE:
1370 {
1371 char *p = result;
1372 char *q = result + sizeof(result); /* 1 past result */
1373
1374 slprintf(p, q - p, "MPPE ");
1375 p += 5;
1376 if (opt->mppe & MPPE_OPT_128) {
1377 slprintf(p, q - p, "128-bit ");
1378 p += 8;
1379 }
1380 if (opt->mppe & MPPE_OPT_40) {
1381 slprintf(p, q - p, "40-bit ");
1382 p += 7;
1383 }
1384 if (opt->mppe & MPPE_OPT_STATEFUL)
1385 slprintf(p, q - p, "stateful");
1386 else
1387 slprintf(p, q - p, "stateless");
1388
1389 break;
1390 }
1391 #endif
1392 case CI_DEFLATE:
1393 case CI_DEFLATE_DRAFT:
1394 if (opt2 != NULL && opt2->deflate_size != opt->deflate_size)
1395 slprintf(result, sizeof(result), "Deflate%s (%d/%d)",
1396 (opt->method == CI_DEFLATE_DRAFT? "(old#)": ""),
1397 opt->deflate_size, opt2->deflate_size);
1398 else
1399 slprintf(result, sizeof(result), "Deflate%s (%d)",
1400 (opt->method == CI_DEFLATE_DRAFT? "(old#)": ""),
1401 opt->deflate_size);
1402 break;
1403 case CI_BSD_COMPRESS:
1404 if (opt2 != NULL && opt2->bsd_bits != opt->bsd_bits)
1405 slprintf(result, sizeof(result), "BSD-Compress (%d/%d)",
1406 opt->bsd_bits, opt2->bsd_bits);
1407 else
1408 slprintf(result, sizeof(result), "BSD-Compress (%d)",
1409 opt->bsd_bits);
1410 break;
1411 case CI_PREDICTOR_1:
1412 return "Predictor 1";
1413 case CI_PREDICTOR_2:
1414 return "Predictor 2";
1415 default:
1416 slprintf(result, sizeof(result), "Method %d", opt->method);
1417 }
1418 return result;
1419 }
1420
1421 /*
1422 * CCP has come up - inform the kernel driver and log a message.
1423 */
1424 static void
ccp_up(f)1425 ccp_up(f)
1426 fsm *f;
1427 {
1428 ccp_options *go = &ccp_gotoptions[f->unit];
1429 ccp_options *ho = &ccp_hisoptions[f->unit];
1430 char method1[64];
1431
1432 ccp_flags_set(f->unit, 1, 1);
1433 if (ANY_COMPRESS(*go)) {
1434 if (ANY_COMPRESS(*ho)) {
1435 if (go->method == ho->method) {
1436 notice("%s compression enabled", method_name(go, ho));
1437 } else {
1438 strlcpy(method1, method_name(go, NULL), sizeof(method1));
1439 notice("%s / %s compression enabled",
1440 method1, method_name(ho, NULL));
1441 }
1442 } else
1443 notice("%s receive compression enabled", method_name(go, NULL));
1444 } else if (ANY_COMPRESS(*ho))
1445 notice("%s transmit compression enabled", method_name(ho, NULL));
1446 #ifdef MPPE
1447 if (go->mppe) {
1448 BZERO(mppe_recv_key, MPPE_MAX_KEY_LEN);
1449 BZERO(mppe_send_key, MPPE_MAX_KEY_LEN);
1450 continue_networks(f->unit); /* Bring up IP et al */
1451 }
1452 #endif
1453 }
1454
1455 /*
1456 * CCP has gone down - inform the kernel driver.
1457 */
1458 static void
ccp_down(f)1459 ccp_down(f)
1460 fsm *f;
1461 {
1462 if (ccp_localstate[f->unit] & RACK_PENDING)
1463 UNTIMEOUT(ccp_rack_timeout, f);
1464 ccp_localstate[f->unit] = 0;
1465 ccp_flags_set(f->unit, 1, 0);
1466 #ifdef MPPE
1467 if (ccp_gotoptions[f->unit].mppe) {
1468 ccp_gotoptions[f->unit].mppe = 0;
1469 if (lcp_fsm[f->unit].state == OPENED) {
1470 /* If LCP is not already going down, make sure it does. */
1471 error("MPPE disabled");
1472 lcp_close(f->unit, "MPPE disabled");
1473 }
1474 }
1475 #endif
1476 }
1477
1478 /*
1479 * Print the contents of a CCP packet.
1480 */
1481 static char *ccp_codenames[] = {
1482 "ConfReq", "ConfAck", "ConfNak", "ConfRej",
1483 "TermReq", "TermAck", "CodeRej",
1484 NULL, NULL, NULL, NULL, NULL, NULL,
1485 "ResetReq", "ResetAck",
1486 };
1487
1488 static int
ccp_printpkt(p,plen,printer,arg)1489 ccp_printpkt(p, plen, printer, arg)
1490 u_char *p;
1491 int plen;
1492 void (*printer) __P((void *, char *, ...));
1493 void *arg;
1494 {
1495 u_char *p0, *optend;
1496 int code, id, len;
1497 int optlen;
1498
1499 p0 = p;
1500 if (plen < HEADERLEN)
1501 return 0;
1502 code = p[0];
1503 id = p[1];
1504 len = (p[2] << 8) + p[3];
1505 if (len < HEADERLEN || len > plen)
1506 return 0;
1507
1508 if (code >= 1 && code <= sizeof(ccp_codenames) / sizeof(char *)
1509 && ccp_codenames[code-1] != NULL)
1510 printer(arg, " %s", ccp_codenames[code-1]);
1511 else
1512 printer(arg, " code=0x%x", code);
1513 printer(arg, " id=0x%x", id);
1514 len -= HEADERLEN;
1515 p += HEADERLEN;
1516
1517 switch (code) {
1518 case CONFREQ:
1519 case CONFACK:
1520 case CONFNAK:
1521 case CONFREJ:
1522 /* print list of possible compression methods */
1523 while (len >= 2) {
1524 code = p[0];
1525 optlen = p[1];
1526 if (optlen < 2 || optlen > len)
1527 break;
1528 printer(arg, " <");
1529 len -= optlen;
1530 optend = p + optlen;
1531 switch (code) {
1532 #ifdef MPPE
1533 case CI_MPPE:
1534 if (optlen >= CILEN_MPPE) {
1535 u_char mppe_opts;
1536
1537 MPPE_CI_TO_OPTS(&p[2], mppe_opts);
1538 printer(arg, "mppe %s %s %s %s %s %s%s",
1539 (p[2] & MPPE_H_BIT)? "+H": "-H",
1540 (p[5] & MPPE_M_BIT)? "+M": "-M",
1541 (p[5] & MPPE_S_BIT)? "+S": "-S",
1542 (p[5] & MPPE_L_BIT)? "+L": "-L",
1543 (p[5] & MPPE_D_BIT)? "+D": "-D",
1544 (p[5] & MPPE_C_BIT)? "+C": "-C",
1545 (mppe_opts & MPPE_OPT_UNKNOWN)? " +U": "");
1546 if (mppe_opts & MPPE_OPT_UNKNOWN)
1547 printer(arg, " (%.2x %.2x %.2x %.2x)",
1548 p[2], p[3], p[4], p[5]);
1549 p += CILEN_MPPE;
1550 }
1551 break;
1552 #endif
1553 case CI_DEFLATE:
1554 case CI_DEFLATE_DRAFT:
1555 if (optlen >= CILEN_DEFLATE) {
1556 printer(arg, "deflate%s %d",
1557 (code == CI_DEFLATE_DRAFT? "(old#)": ""),
1558 DEFLATE_SIZE(p[2]));
1559 if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL)
1560 printer(arg, " method %d", DEFLATE_METHOD(p[2]));
1561 if (p[3] != DEFLATE_CHK_SEQUENCE)
1562 printer(arg, " check %d", p[3]);
1563 p += CILEN_DEFLATE;
1564 }
1565 break;
1566 case CI_BSD_COMPRESS:
1567 if (optlen >= CILEN_BSD_COMPRESS) {
1568 printer(arg, "bsd v%d %d", BSD_VERSION(p[2]),
1569 BSD_NBITS(p[2]));
1570 p += CILEN_BSD_COMPRESS;
1571 }
1572 break;
1573 case CI_PREDICTOR_1:
1574 if (optlen >= CILEN_PREDICTOR_1) {
1575 printer(arg, "predictor 1");
1576 p += CILEN_PREDICTOR_1;
1577 }
1578 break;
1579 case CI_PREDICTOR_2:
1580 if (optlen >= CILEN_PREDICTOR_2) {
1581 printer(arg, "predictor 2");
1582 p += CILEN_PREDICTOR_2;
1583 }
1584 break;
1585 }
1586 while (p < optend)
1587 printer(arg, " %.2x", *p++);
1588 printer(arg, ">");
1589 }
1590 break;
1591
1592 case TERMACK:
1593 case TERMREQ:
1594 if (len > 0 && *p >= ' ' && *p < 0x7f) {
1595 print_string((char *)p, len, printer, arg);
1596 p += len;
1597 len = 0;
1598 }
1599 break;
1600 }
1601
1602 /* dump out the rest of the packet in hex */
1603 while (--len >= 0)
1604 printer(arg, " %.2x", *p++);
1605
1606 return p - p0;
1607 }
1608
1609 /*
1610 * We have received a packet that the decompressor failed to
1611 * decompress. Here we would expect to issue a reset-request, but
1612 * Motorola has a patent on resetting the compressor as a result of
1613 * detecting an error in the decompressed data after decompression.
1614 * (See US patent 5,130,993; international patent publication number
1615 * WO 91/10289; Australian patent 73296/91.)
1616 *
1617 * So we ask the kernel whether the error was detected after
1618 * decompression; if it was, we take CCP down, thus disabling
1619 * compression :-(, otherwise we issue the reset-request.
1620 */
1621 static void
ccp_datainput(unit,pkt,len)1622 ccp_datainput(unit, pkt, len)
1623 int unit;
1624 u_char *pkt;
1625 int len;
1626 {
1627 fsm *f;
1628
1629 f = &ccp_fsm[unit];
1630 if (f->state == OPENED) {
1631 if (ccp_fatal_error(unit)) {
1632 /*
1633 * Disable compression by taking CCP down.
1634 */
1635 error("Lost compression sync: disabling compression");
1636 ccp_close(unit, "Lost compression sync");
1637 #ifdef MPPE
1638 /*
1639 * If we were doing MPPE, we must also take the link down.
1640 */
1641 if (ccp_gotoptions[unit].mppe) {
1642 error("Too many MPPE errors, closing LCP");
1643 lcp_close(unit, "Too many MPPE errors");
1644 }
1645 #endif
1646 } else {
1647 /*
1648 * Send a reset-request to reset the peer's compressor.
1649 * We don't do that if we are still waiting for an
1650 * acknowledgement to a previous reset-request.
1651 */
1652 if (!(ccp_localstate[f->unit] & RACK_PENDING)) {
1653 fsm_sdata(f, CCP_RESETREQ, f->reqid = ++f->id, NULL, 0);
1654 TIMEOUT(ccp_rack_timeout, f, RACKTIMEOUT);
1655 ccp_localstate[f->unit] |= RACK_PENDING;
1656 } else
1657 ccp_localstate[f->unit] |= RREQ_REPEAT;
1658 }
1659 }
1660 }
1661
1662 /*
1663 * Timeout waiting for reset-ack.
1664 */
1665 static void
ccp_rack_timeout(arg)1666 ccp_rack_timeout(arg)
1667 void *arg;
1668 {
1669 fsm *f = arg;
1670
1671 if (f->state == OPENED && ccp_localstate[f->unit] & RREQ_REPEAT) {
1672 fsm_sdata(f, CCP_RESETREQ, f->reqid, NULL, 0);
1673 TIMEOUT(ccp_rack_timeout, f, RACKTIMEOUT);
1674 ccp_localstate[f->unit] &= ~RREQ_REPEAT;
1675 } else
1676 ccp_localstate[f->unit] &= ~RACK_PENDING;
1677 }
1678
1679