* OR MODIFICATIONS.
*/
-#define RCSID "$Id: ccp.c,v 1.34 2002/04/02 13:54:59 dfs Exp $"
+#define RCSID "$Id: ccp.c,v 1.39 2002/09/01 12:00:15 dfs Exp $"
#include <stdlib.h>
#include <string.h>
#include <net/ppp-comp.h>
#ifdef MPPE
-#include "chap_ms.h" /* mppe_xx_key */
-#include "lcp.h" /* lcp_close() */
+#include "chap_ms.h" /* mppe_xxxx_key */
+#include "lcp.h" /* lcp_close(), lcp_fsm */
#endif
static const char rcsid[] = RCSID;
notice("Compression disabled by peer.");
#ifdef MPPE
if (ccp_gotoptions[unit].mppe) {
- notice("MPPE disabled, closing LCP");
+ error("MPPE disabled, closing LCP");
lcp_close(unit, "MPPE disabled by peer");
}
#endif
{
ccp_flags_set(unit, 0, 0);
fsm_lowerdown(&ccp_fsm[unit]);
+
+#ifdef MPPE
+ if (ccp_gotoptions[unit].mppe) {
+ error("MPPE required but peer negotiation failed");
+ lcp_close(unit, "MPPE required but peer negotiation failed");
+ }
+#endif
+
}
/*
*/
/* Leave only the mschap auth bits set */
- auth_mschap_bits &= ~(PAP_WITHPEER | PAP_PEER |
- CHAP_WITHPEER | CHAP_PEER |
- CHAP_MD5_WITHPEER | CHAP_MD5_PEER);
+ auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER |
+ CHAP_MS2_WITHPEER | CHAP_MS2_PEER);
/* Count the mschap auths */
+ auth_mschap_bits >>= CHAP_MS_SHIFT;
numbits = 0;
do {
numbits += auth_mschap_bits & 1;
if (go->mppe & MPPE_OPT_40) {
notice("Disabling 40-bit MPPE; MS-CHAP LM not supported");
go->mppe &= ~MPPE_OPT_40;
+ ccp_wantoptions[f->unit].mppe &= ~MPPE_OPT_40;
}
}
/* Peer must have set options we didn't request (suggest) */
try.mppe = 0;
- if (!try.mppe)
+ if (!try.mppe) {
+ error("MPPE required but peer negotiation failed");
lcp_close(f->unit, "MPPE required but peer negotiation failed");
+ }
}
#endif /* MPPE */
if (go->deflate && len >= CILEN_DEFLATE
#ifdef MPPE
if (go->mppe && len >= CILEN_MPPE
&& p[0] == CI_MPPE && p[1] == CILEN_MPPE) {
+ error("MPPE required but peer refused");
lcp_close(f->unit, "MPPE required but peer refused");
p += CILEN_MPPE;
len -= CILEN_MPPE;
int len, clen, type, nb;
ccp_options *ho = &ccp_hisoptions[f->unit];
ccp_options *ao = &ccp_allowoptions[f->unit];
+#ifdef MPPE
+ bool seen_ci_mppe = 0;
+#endif
ret = CONFACK;
retp = p0 = p;
newret = CONFREJ;
break;
}
+ seen_ci_mppe = 1;
MPPE_CI_TO_OPTS(&p[2], ho->mppe);
/* Nak if anything unsupported or unknown are set. */
else
*lenp = retp - p0;
}
- if (ret == CONFREJ && ao->mppe)
+#ifdef MPPE
+ if (ret == CONFREJ && ao->mppe && !seen_ci_mppe) {
+ error("MPPE required but peer negotiation failed");
lcp_close(f->unit, "MPPE required but peer negotiation failed");
+ }
+#endif
return ret;
}
notice("%s receive compression enabled", method_name(go, NULL));
} else if (ANY_COMPRESS(*ho))
notice("%s transmit compression enabled", method_name(ho, NULL));
+#ifdef MPPE
+ if (go->mppe) {
+ BZERO(mppe_recv_key, MPPE_MAX_KEY_LEN);
+ BZERO(mppe_send_key, MPPE_MAX_KEY_LEN);
+ continue_networks(f->unit); /* Bring up IP et al */
+ }
+#endif
}
/*
UNTIMEOUT(ccp_rack_timeout, f);
ccp_localstate[f->unit] = 0;
ccp_flags_set(f->unit, 1, 0);
+#ifdef MPPE
+ if (ccp_gotoptions[f->unit].mppe) {
+ ccp_gotoptions[f->unit].mppe = 0;
+ if (lcp_fsm[f->unit].state == OPENED) {
+ /* If LCP is not already going down, make sure it does. */
+ error("MPPE disabled");
+ lcp_close(f->unit, "MPPE disabled");
+ }
+ }
+#endif
}
/*
(p[5] & MPPE_D_BIT)? "+D": "-D",
(p[5] & MPPE_C_BIT)? "+C": "-C",
(mppe_opts & MPPE_OPT_UNKNOWN)? " +U": "");
+ if (mppe_opts & MPPE_OPT_UNKNOWN)
+ printer(arg, " (%.2x %.2x %.2x %.2x)",
+ p[2], p[3], p[4], p[5]);
p += CILEN_MPPE;
}
break;