X-Git-Url: http://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Fchap_ms.c;h=69b2982412d1b54a507ff981e5c534d6a996bcb6;hb=5116fdc189652e3c39e2581a01b7ff5b4cefd514;hp=e9946c9d8d6544fd770fd9406189e5a52af3b05b;hpb=f53a48eb9d74db3c71938e114b7f489c339bc003;p=ppp.git diff --git a/pppd/chap_ms.c b/pppd/chap_ms.c index e9946c9..69b2982 100644 --- a/pppd/chap_ms.c +++ b/pppd/chap_ms.c @@ -45,10 +45,36 @@ * Implemented MS-CHAPv2 functionality, heavily based on sample * implementation in RFC 2759. Implemented MPPE functionality, * heavily based on sample implementation in RFC 3079. - * Copyright (c) 2002 Google, Inc. + * + * Copyright (c) 2002 Google, Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. The name(s) of the authors of this software must not be used to + * endorse or promote products derived from this software without + * prior written permission. + * + * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO + * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN + * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING + * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * */ -#define RCSID "$Id: chap_ms.c,v 1.25 2002/12/04 23:03:32 paulus Exp $" +#define RCSID "$Id: chap_ms.c,v 1.28 2003/01/10 07:12:36 fcusack Exp $" #ifdef CHAPMS @@ -99,6 +125,11 @@ bool ms_lanman = 0; /* Use LanMan password instead of NT */ #ifdef MPPE u_char mppe_send_key[MPPE_MAX_KEY_LEN]; u_char mppe_recv_key[MPPE_MAX_KEY_LEN]; +int mppe_keys_set = 0; /* Have the MPPE keys been set? */ + +#include "fsm.h" /* Need to poke MPPE options */ +#include "ccp.h" +#include #endif static void @@ -461,6 +492,7 @@ ChapMS(chap_state *cstate, u_char *rchallenge, char *secret, int secret_len, #ifdef MPPE Set_Start_Key(rchallenge, secret, secret_len); + mppe_keys_set = 1; #endif } @@ -507,8 +539,41 @@ ChapMS2(chap_state *cstate, u_char *rchallenge, u_char *PeerChallenge, #ifdef MPPE SetMasterKeys(secret, secret_len, response->NTResp, authenticator); + mppe_keys_set = 1; #endif } +#ifdef MPPE +/* + * Set MPPE options from plugins. + */ +void +set_mppe_enc_types(int policy, int types) +{ + /* Early exit for unknown policies. */ + if (policy != MPPE_ENC_POL_ENC_ALLOWED || + policy != MPPE_ENC_POL_ENC_REQUIRED) + return; + + /* Don't modify MPPE if it's optional and wasn't already configured. */ + if (policy == MPPE_ENC_POL_ENC_ALLOWED && !ccp_wantoptions[0].mppe) + return; + + /* + * Disable undesirable encryption types. Note that we don't ENABLE + * any encryption types, to avoid overriding manual configuration. + */ + switch(types) { + case MPPE_ENC_TYPES_RC4_40: + ccp_wantoptions[0].mppe &= ~MPPE_OPT_128; /* disable 128-bit */ + break; + case MPPE_ENC_TYPES_RC4_128: + ccp_wantoptions[0].mppe &= ~MPPE_OPT_40; /* disable 40-bit */ + break; + default: + break; + } +} +#endif /* MPPE */ #endif /* CHAPMS */