X-Git-Url: http://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Fccp.c;h=54fc743e2a702fdc68051d2f25335c185ff6186f;hb=51dfbde005dcd1cac01de097e84245be2c41244c;hp=fa8a5a0cb950f6993ebe51d008c98b556b1c5272;hpb=b38527fb14af5ebe3d2559e2f861575c722a1ce9;p=ppp.git

diff --git a/pppd/ccp.c b/pppd/ccp.c
index fa8a5a0..54fc743 100644
--- a/pppd/ccp.c
+++ b/pppd/ccp.c
@@ -25,7 +25,7 @@
  * OR MODIFICATIONS.
  */
 
-#define RCSID	"$Id: ccp.c,v 1.34 2002/04/02 13:54:59 dfs Exp $"
+#define RCSID	"$Id: ccp.c,v 1.39 2002/09/01 12:00:15 dfs Exp $"
 
 #include <stdlib.h>
 #include <string.h>
@@ -36,8 +36,8 @@
 #include <net/ppp-comp.h>
 
 #ifdef MPPE
-#include "chap_ms.h"	/* mppe_xx_key */
-#include "lcp.h"	/* lcp_close() */
+#include "chap_ms.h"	/* mppe_xxxx_key */
+#include "lcp.h"	/* lcp_close(), lcp_fsm */
 #endif
 
 static const char rcsid[] = RCSID;
@@ -453,7 +453,7 @@ ccp_input(unit, p, len)
 	notice("Compression disabled by peer.");
 #ifdef MPPE
 	if (ccp_gotoptions[unit].mppe) {
-	    notice("MPPE disabled, closing LCP");
+	    error("MPPE disabled, closing LCP");
 	    lcp_close(unit, "MPPE disabled by peer");
 	}
 #endif
@@ -510,6 +510,14 @@ ccp_protrej(unit)
 {
     ccp_flags_set(unit, 0, 0);
     fsm_lowerdown(&ccp_fsm[unit]);
+
+#ifdef MPPE
+    if (ccp_gotoptions[unit].mppe) {
+	error("MPPE required but peer negotiation failed");
+	lcp_close(unit, "MPPE required but peer negotiation failed");
+    }
+#endif
+
 }
 
 /*
@@ -542,10 +550,10 @@ ccp_resetci(f)
 	 */
 
 	/* Leave only the mschap auth bits set */
-	auth_mschap_bits &= ~(PAP_WITHPEER | PAP_PEER |
-			      CHAP_WITHPEER | CHAP_PEER |
-			      CHAP_MD5_WITHPEER | CHAP_MD5_PEER);
+	auth_mschap_bits &= (CHAP_MS_WITHPEER  | CHAP_MS_PEER |
+			     CHAP_MS2_WITHPEER | CHAP_MS2_PEER);
 	/* Count the mschap auths */
+	auth_mschap_bits >>= CHAP_MS_SHIFT;
 	numbits = 0;
 	do {
 	    numbits += auth_mschap_bits & 1;
@@ -568,6 +576,7 @@ ccp_resetci(f)
 	    if (go->mppe & MPPE_OPT_40) {
 		notice("Disabling 40-bit MPPE; MS-CHAP LM not supported");
 		go->mppe &= ~MPPE_OPT_40;
+		ccp_wantoptions[f->unit].mppe &= ~MPPE_OPT_40;
 	    }
 	}
 
@@ -892,8 +901,10 @@ ccp_nakci(f, p, len)
 	    /* Peer must have set options we didn't request (suggest) */
 	    try.mppe = 0;
 
-	if (!try.mppe)
+	if (!try.mppe) {
+	    error("MPPE required but peer negotiation failed");
 	    lcp_close(f->unit, "MPPE required but peer negotiation failed");
+	}
     }
 #endif /* MPPE */
     if (go->deflate && len >= CILEN_DEFLATE
@@ -970,6 +981,7 @@ ccp_rejci(f, p, len)
 #ifdef MPPE
     if (go->mppe && len >= CILEN_MPPE
 	&& p[0] == CI_MPPE && p[1] == CILEN_MPPE) {
+	error("MPPE required but peer refused");
 	lcp_close(f->unit, "MPPE required but peer refused");
 	p += CILEN_MPPE;
 	len -= CILEN_MPPE;
@@ -1047,6 +1059,9 @@ ccp_reqci(f, p, lenp, dont_nak)
     int len, clen, type, nb;
     ccp_options *ho = &ccp_hisoptions[f->unit];
     ccp_options *ao = &ccp_allowoptions[f->unit];
+#ifdef MPPE
+    bool seen_ci_mppe = 0;
+#endif
 
     ret = CONFACK;
     retp = p0 = p;
@@ -1073,6 +1088,7 @@ ccp_reqci(f, p, lenp, dont_nak)
 		    newret = CONFREJ;
 		    break;
 		}
+		seen_ci_mppe = 1;
 		MPPE_CI_TO_OPTS(&p[2], ho->mppe);
 
 		/* Nak if anything unsupported or unknown are set. */
@@ -1302,8 +1318,12 @@ ccp_reqci(f, p, lenp, dont_nak)
 	else
 	    *lenp = retp - p0;
     }
-    if (ret == CONFREJ && ao->mppe)
+#ifdef MPPE
+    if (ret == CONFREJ && ao->mppe && !seen_ci_mppe) {
+	error("MPPE required but peer negotiation failed");
 	lcp_close(f->unit, "MPPE required but peer negotiation failed");
+    }
+#endif
     return ret;
 }
 
@@ -1397,6 +1417,13 @@ ccp_up(f)
 	    notice("%s receive compression enabled", method_name(go, NULL));
     } else if (ANY_COMPRESS(*ho))
 	notice("%s transmit compression enabled", method_name(ho, NULL));
+#ifdef MPPE
+    if (go->mppe) {
+	BZERO(mppe_recv_key, MPPE_MAX_KEY_LEN);
+	BZERO(mppe_send_key, MPPE_MAX_KEY_LEN);
+	continue_networks(f->unit);		/* Bring up IP et al */
+    }
+#endif
 }
 
 /*
@@ -1410,6 +1437,16 @@ ccp_down(f)
 	UNTIMEOUT(ccp_rack_timeout, f);
     ccp_localstate[f->unit] = 0;
     ccp_flags_set(f->unit, 1, 0);
+#ifdef MPPE
+    if (ccp_gotoptions[f->unit].mppe) {
+	ccp_gotoptions[f->unit].mppe = 0;
+	if (lcp_fsm[f->unit].state == OPENED) {
+	    /* If LCP is not already going down, make sure it does. */
+	    error("MPPE disabled");
+	    lcp_close(f->unit, "MPPE disabled");
+	}
+    }
+#endif
 }
 
 /*
@@ -1480,6 +1517,9 @@ ccp_printpkt(p, plen, printer, arg)
 			    (p[5] & MPPE_D_BIT)? "+D": "-D",
 			    (p[5] & MPPE_C_BIT)? "+C": "-C",
 			    (mppe_opts & MPPE_OPT_UNKNOWN)? " +U": "");
+		    if (mppe_opts & MPPE_OPT_UNKNOWN)
+			printer(arg, " (%.2x %.2x %.2x %.2x)",
+				p[2], p[3], p[4], p[5]);
 		    p += CILEN_MPPE;
 		}
 		break;