+++ /dev/null
-/*
- * arcfour.c
- * by Frank Cusack <frank@google.com>
- * 100% public domain
- *
- * Implemented from the description in _Applied Cryptography_, 2nd ed.
- *
- * ** Distribution ** of this software is unlimited and unrestricted.
- *
- * ** Use ** of this software is almost certainly legal; however, refer
- * to <http://theory.lcs.mit.edu/~rivest/faq.html>.
- */
-
-#include "arcfour.h"
-#if defined(__linux__)
-#include <linux/string.h>
-#endif
-
-#define swap(a, b) \
-{ \
- unsigned char t = b; \
- b = a; \
- a = t; \
-}
-
-/*
- * Initialize arcfour from a key.
- */
-void
-arcfour_setkey(arcfour_context *context, const unsigned char *key,
- unsigned keylen)
-{
- unsigned i, j;
- unsigned char K[256];
-
- context->i = context->j = 0;
-
- for (i = 0; i < 256; i++) {
- context->S[i] = i;
- K[i] = key[i % keylen];
- }
-
- j = 0;
- for (i = 0; i < 256; i++) {
- j = (j + context->S[i] + K[i]) % 256;
- swap(context->S[i], context->S[j]);
- }
-
- memset(K, 0, sizeof(K));
-}
-
-/*
- * plaintext -> ciphertext (or vice versa)
- */
-void
-arcfour_encrypt(arcfour_context *context, const unsigned char *in, unsigned len,
- unsigned char *out)
-{
- unsigned i = context->i;
- unsigned j = context->j;
- unsigned char *S = context->S;
- unsigned char K;
-
- while (len--) {
- i = (i + 1) % 256;
- j = (j + S[i]) % 256;
- swap(S[i], S[j]);
- K = S[(S[i] + S[j]) % 256];
- *out++ = *in++ ^ K;
- }
-
- context->i = i;
- context->j = j;
-}
-
+++ /dev/null
-/* arcfour.h */
-
-#ifndef _ARCFOUR_H
-#define _ARCFOUR_H
-
-typedef struct {
- unsigned i;
- unsigned j;
- unsigned char S[256];
-} arcfour_context;
-
-extern void arcfour_setkey(arcfour_context *, const unsigned char *, unsigned);
-extern void arcfour_encrypt(arcfour_context *, const unsigned char *, unsigned,
- unsigned char *);
-#define arcfour_decrypt arcfour_encrypt
-
-#endif /* _ARCFOUR_H */
+++ /dev/null
---- linux-2.2.20/include/linux/ppp-comp.h.orig Sun Mar 25 08:31:04 2001
-+++ linux-2.2.20/include/linux/ppp-comp.h Tue Mar 19 09:39:19 2002
-@@ -187,6 +187,100 @@
- #define DEFLATE_CHK_SEQUENCE 0
-
- /*
-+ * Definitions for MPPE.
-+ */
-+
-+#define CI_MPPE 18 /* config option for MPPE */
-+#define CILEN_MPPE 6 /* length of config option */
-+
-+#define MPPE_PAD 4 /* MPPE growth per frame */
-+#define MPPE_MAX_KEY_LEN 16 /* largest key length (128-bit) */
-+
-+/* option bits for ccp_options.mppe */
-+#define MPPE_OPT_40 0x01 /* 40 bit */
-+#define MPPE_OPT_128 0x02 /* 128 bit */
-+#define MPPE_OPT_STATEFUL 0x04 /* stateful mode */
-+/* unsupported opts */
-+#define MPPE_OPT_56 0x08 /* 56 bit */
-+#define MPPE_OPT_MPPC 0x10 /* MPPC compression */
-+#define MPPE_OPT_D 0x20 /* Unknown */
-+#define MPPE_OPT_UNSUPPORTED (MPPE_OPT_56|MPPE_OPT_MPPC|MPPE_OPT_D)
-+#define MPPE_OPT_UNKNOWN 0x40 /* Bits !defined in RFC 3078 were set */
-+
-+/*
-+ * This is not nice ... the alternative is a bitfield struct though.
-+ * And unfortunately, we cannot share the same bits for the option
-+ * names above since C and H are the same bit. We could do a u_int32
-+ * but then we have to do a htonl() all the time and/or we still need
-+ * to know which octet is which.
-+ */
-+#define MPPE_C_BIT 0x01 /* MPPC */
-+#define MPPE_D_BIT 0x10 /* Obsolete, usage unknown */
-+#define MPPE_L_BIT 0x20 /* 40-bit */
-+#define MPPE_S_BIT 0x40 /* 128-bit */
-+#define MPPE_M_BIT 0x80 /* 56-bit, not supported */
-+#define MPPE_H_BIT 0x01 /* Stateless (in a different byte) */
-+
-+/* Does not include H bit; used for least significant octet only. */
-+#define MPPE_ALL_BITS (MPPE_D_BIT|MPPE_L_BIT|MPPE_S_BIT|MPPE_M_BIT|MPPE_H_BIT)
-+
-+/* Build a CI from mppe opts (see RFC 3078) */
-+#define MPPE_OPTS_TO_CI(opts, ci) \
-+ do { \
-+ u_char *ptr = ci; /* u_char[4] */ \
-+ \
-+ /* H bit */ \
-+ if (opts & MPPE_OPT_STATEFUL) \
-+ *ptr++ = 0x0; \
-+ else \
-+ *ptr++ = MPPE_H_BIT; \
-+ *ptr++ = 0; \
-+ *ptr++ = 0; \
-+ \
-+ /* S,L bits */ \
-+ *ptr = 0; \
-+ if (opts & MPPE_OPT_128) \
-+ *ptr |= MPPE_S_BIT; \
-+ if (opts & MPPE_OPT_40) \
-+ *ptr |= MPPE_L_BIT; \
-+ /* M,D,C bits not supported */ \
-+ } while (/* CONSTCOND */ 0)
-+
-+/* The reverse of the above */
-+#define MPPE_CI_TO_OPTS(ci, opts) \
-+ do { \
-+ u_char *ptr = ci; /* u_char[4] */ \
-+ \
-+ opts = 0; \
-+ \
-+ /* H bit */ \
-+ if (!(ptr[0] & MPPE_H_BIT)) \
-+ opts |= MPPE_OPT_STATEFUL; \
-+ \
-+ /* S,L bits */ \
-+ if (ptr[3] & MPPE_S_BIT) \
-+ opts |= MPPE_OPT_128; \
-+ if (ptr[3] & MPPE_L_BIT) \
-+ opts |= MPPE_OPT_40; \
-+ \
-+ /* M,D,C bits */ \
-+ if (ptr[3] & MPPE_M_BIT) \
-+ opts |= MPPE_OPT_56; \
-+ if (ptr[3] & MPPE_D_BIT) \
-+ opts |= MPPE_OPT_D; \
-+ if (ptr[3] & MPPE_C_BIT) \
-+ opts |= MPPE_OPT_MPPC; \
-+ \
-+ /* Other bits */ \
-+ if (ptr[0] & ~MPPE_H_BIT) \
-+ opts |= MPPE_OPT_UNKNOWN; \
-+ if (ptr[1] || ptr[2]) \
-+ opts |= MPPE_OPT_UNKNOWN; \
-+ if (ptr[3] & ~MPPE_ALL_BITS) \
-+ opts |= MPPE_OPT_UNKNOWN; \
-+ } while (/* CONSTCOND */ 0)
-+
-+/*
- * Definitions for other, as yet unsupported, compression methods.
- */
-
+++ /dev/null
---- linux/drivers/net/Makefile.orig Mon Mar 25 11:38:09 2002
-+++ linux/drivers/net/Makefile Mon Mar 25 11:42:18 2002
-@@ -26,6 +26,8 @@
- CONFIG_BSDCOMP_MODULE :=
- CONFIG_PPPDEF_BUILTIN :=
- CONFIG_PPPDEF_MODULE :=
-+CONFIG_PPPMPPE_BUILTIN :=
-+CONFIG_PPPMPPE_MODULE :=
- CONFIG_7990_BUILTIN :=
- CONFIG_7990_MODULE :=
- CONFIG_82596_BUILTIN :=
-@@ -40,6 +42,7 @@
- CONFIG_BSDCOMP_BUILTIN = y
- CONFIG_SLHC_BUILTIN = y
- CONFIG_PPPDEF_BUILTIN = y
-+ CONFIG_PPPMPPE_BUILTIN = y
- endif
- else
- ifeq ($(CONFIG_ISDN),m)
-@@ -47,6 +50,7 @@
- CONFIG_BSDCOMP_MODULE = y
- CONFIG_SLHC_MODULE = y
- CONFIG_PPPDEF_MODULE = y
-+ CONFIG_PPPMPPE_MODULE = y
- endif
- endif
- endif
-@@ -325,11 +329,13 @@
- CONFIG_BSDCOMP_BUILTIN = y
- CONFIG_SLHC_BUILTIN = y
- CONFIG_PPPDEF_BUILTIN = y
-+CONFIG_PPPMPPE_BUILTIN = y
- else
- ifeq ($(CONFIG_PPP),m)
- CONFIG_BSDCOMP_MODULE = y
- CONFIG_SLHC_MODULE = y
- CONFIG_PPPDEF_MODULE = y
-+ CONFIG_PPPMPPE_MODULE = y
- MX_OBJS += ppp.o
- endif
- endif
-@@ -1120,6 +1126,17 @@
- endif
- endif
-
-+# If anything built-in uses ppp_mppe, then build it into the kernel also.
-+# If not, but a module uses it, build as a module.
-+ifdef CONFIG_PPPMPPE_BUILTIN
-+L_OBJS += ppp_mppe_compress.o arcfour.o sha1.o
-+else
-+ ifdef CONFIG_PPPMPPE_MODULE
-+ PPPMPPE_OBJS = ppp_mppe_compress.o arcfour.o sha1.o
-+ M_OBJS += ppp_mppe.o
-+ endif
-+endif
-+
- ifeq ($(CONFIG_ARIADNE2),y)
- L_OBJS += ariadne2.o
- CONFIG_8390_BUILTIN = y
-@@ -1469,3 +1486,6 @@
-
- rcpci.o: rcpci45.o rclanmtl.o
- $(LD) -r -o rcpci.o rcpci45.o rclanmtl.o
-+
-+ppp_mppe.o: $(PPPMPPE_OBJS)
-+ $(LD) -r -o $@ $(PPPMPPE_OBJS)
+++ /dev/null
---- linux/drivers/net/ppp.c.orig Sun Mar 25 08:31:15 2001
-+++ linux/drivers/net/ppp.c Mon Mar 25 09:27:28 2002
-@@ -2468,10 +2468,14 @@
- (proto != PPP_LCP) &&
- (proto != PPP_CCP)) {
- struct sk_buff *new_skb;
-+ int new_skb_size = ppp->mtu + PPP_HDRLEN;
- int new_count;
-
- /* Allocate an skb for the compressed frame. */
-- new_skb = alloc_skb(ppp->mtu + PPP_HDRLEN, GFP_ATOMIC);
-+ if (ppp->sc_xcomp->compress_proto == CI_MPPE)
-+ /* CCP [must have] reduced MTU by MPPE_PAD. */
-+ new_skb_size += MPPE_PAD;
-+ new_skb = alloc_skb(new_skb_size, GFP_ATOMIC);
- if (new_skb == NULL) {
- printk(KERN_ERR "ppp_send_frame: no memory\n");
- kfree_skb(skb);
-@@ -2482,19 +2486,32 @@
- /* Compress the frame. */
- new_count = (*ppp->sc_xcomp->compress)
- (ppp->sc_xc_state, data, new_skb->data,
-- count, ppp->mtu + PPP_HDRLEN);
-+ count, new_skb_size);
-
- /* Did it compress? */
- if (new_count > 0 && (ppp->flags & SC_CCP_UP)) {
- skb_put(new_skb, new_count);
- kfree_skb(skb);
- skb = new_skb;
-- } else {
-+ } else if (new_count == 0) {
- /*
- * The frame could not be compressed, or it could not
- * be sent in compressed form because CCP is down.
- */
- kfree_skb(new_skb);
-+ } else {
-+ /*
-+ * (new_count < 0)
-+ * MPPE requires that we do not send unencrypted
-+ * frames. The compressor will return -1 if we
-+ * should drop the frame. We cannot simply test
-+ * the compress_proto because MPPE and MPPC share
-+ * the same number.
-+ */
-+ printk(KERN_ERR "ppp: compressor dropped pkt\n");
-+ kfree_skb(new_skb);
-+ ppp->xmit_busy = 0;
-+ return;
- }
- }
-
+++ /dev/null
---- linux/include/linux/ppp-comp.h.orig Fri Aug 6 10:44:11 1999
-+++ linux/include/linux/ppp-comp.h Mon Mar 25 09:11:33 2002
-@@ -187,6 +187,100 @@
- #define DEFLATE_CHK_SEQUENCE 0
-
- /*
-+ * Definitions for MPPE.
-+ */
-+
-+#define CI_MPPE 18 /* config option for MPPE */
-+#define CILEN_MPPE 6 /* length of config option */
-+
-+#define MPPE_PAD 4 /* MPPE growth per frame */
-+#define MPPE_MAX_KEY_LEN 16 /* largest key length (128-bit) */
-+
-+/* option bits for ccp_options.mppe */
-+#define MPPE_OPT_40 0x01 /* 40 bit */
-+#define MPPE_OPT_128 0x02 /* 128 bit */
-+#define MPPE_OPT_STATEFUL 0x04 /* stateful mode */
-+/* unsupported opts */
-+#define MPPE_OPT_56 0x08 /* 56 bit */
-+#define MPPE_OPT_MPPC 0x10 /* MPPC compression */
-+#define MPPE_OPT_D 0x20 /* Unknown */
-+#define MPPE_OPT_UNSUPPORTED (MPPE_OPT_56|MPPE_OPT_MPPC|MPPE_OPT_D)
-+#define MPPE_OPT_UNKNOWN 0x40 /* Bits !defined in RFC 3078 were set */
-+
-+/*
-+ * This is not nice ... the alternative is a bitfield struct though.
-+ * And unfortunately, we cannot share the same bits for the option
-+ * names above since C and H are the same bit. We could do a u_int32
-+ * but then we have to do a htonl() all the time and/or we still need
-+ * to know which octet is which.
-+ */
-+#define MPPE_C_BIT 0x01 /* MPPC */
-+#define MPPE_D_BIT 0x10 /* Obsolete, usage unknown */
-+#define MPPE_L_BIT 0x20 /* 40-bit */
-+#define MPPE_S_BIT 0x40 /* 128-bit */
-+#define MPPE_M_BIT 0x80 /* 56-bit, not supported */
-+#define MPPE_H_BIT 0x01 /* Stateless (in a different byte) */
-+
-+/* Does not include H bit; used for least significant octet only. */
-+#define MPPE_ALL_BITS (MPPE_D_BIT|MPPE_L_BIT|MPPE_S_BIT|MPPE_M_BIT|MPPE_H_BIT)
-+
-+/* Build a CI from mppe opts (see RFC 3078) */
-+#define MPPE_OPTS_TO_CI(opts, ci) \
-+ do { \
-+ u_char *ptr = ci; /* u_char[4] */ \
-+ \
-+ /* H bit */ \
-+ if (opts & MPPE_OPT_STATEFUL) \
-+ *ptr++ = 0x0; \
-+ else \
-+ *ptr++ = MPPE_H_BIT; \
-+ *ptr++ = 0; \
-+ *ptr++ = 0; \
-+ \
-+ /* S,L bits */ \
-+ *ptr = 0; \
-+ if (opts & MPPE_OPT_128) \
-+ *ptr |= MPPE_S_BIT; \
-+ if (opts & MPPE_OPT_40) \
-+ *ptr |= MPPE_L_BIT; \
-+ /* M,D,C bits not supported */ \
-+ } while (/* CONSTCOND */ 0)
-+
-+/* The reverse of the above */
-+#define MPPE_CI_TO_OPTS(ci, opts) \
-+ do { \
-+ u_char *ptr = ci; /* u_char[4] */ \
-+ \
-+ opts = 0; \
-+ \
-+ /* H bit */ \
-+ if (!(ptr[0] & MPPE_H_BIT)) \
-+ opts |= MPPE_OPT_STATEFUL; \
-+ \
-+ /* S,L bits */ \
-+ if (ptr[3] & MPPE_S_BIT) \
-+ opts |= MPPE_OPT_128; \
-+ if (ptr[3] & MPPE_L_BIT) \
-+ opts |= MPPE_OPT_40; \
-+ \
-+ /* M,D,C bits */ \
-+ if (ptr[3] & MPPE_M_BIT) \
-+ opts |= MPPE_OPT_56; \
-+ if (ptr[3] & MPPE_D_BIT) \
-+ opts |= MPPE_OPT_D; \
-+ if (ptr[3] & MPPE_C_BIT) \
-+ opts |= MPPE_OPT_MPPC; \
-+ \
-+ /* Other bits */ \
-+ if (ptr[0] & ~MPPE_H_BIT) \
-+ opts |= MPPE_OPT_UNKNOWN; \
-+ if (ptr[1] || ptr[2]) \
-+ opts |= MPPE_OPT_UNKNOWN; \
-+ if (ptr[3] & ~MPPE_ALL_BITS) \
-+ opts |= MPPE_OPT_UNKNOWN; \
-+ } while (/* CONSTCOND */ 0)
-+
-+/*
- * Definitions for other, as yet unsupported, compression methods.
- */
-
+++ /dev/null
---- linux/drivers/net/Config.in.orig Mon Mar 25 09:07:26 2002
-+++ linux/drivers/net/Config.in Mon Mar 25 11:18:03 2002
-@@ -279,6 +279,7 @@
- dep_tristate ' PPP support for sync tty ports' CONFIG_PPP_SYNC_TTY $CONFIG_PPP
- dep_tristate ' PPP Deflate compression' CONFIG_PPP_DEFLATE $CONFIG_PPP
- dep_tristate ' PPP BSD-Compress compression' CONFIG_PPP_BSDCOMP $CONFIG_PPP
-+ dep_tristate ' PPP MPPE compression (encryption)' CONFIG_PPP_MPPE $CONFIG_PPP
- if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then
- dep_tristate ' PPP over Ethernet (EXPERIMENTAL)' CONFIG_PPPOE $CONFIG_PPP
- fi
---- linux/drivers/net/Makefile.orig Mon Mar 25 09:07:26 2002
-+++ linux/drivers/net/Makefile Mon Mar 25 11:58:11 2002
-@@ -18,8 +18,9 @@
- export-objs := 8390.o arlan.o aironet4500_core.o aironet4500_card.o \
- ppp_async.o ppp_generic.o slhc.o pppox.o auto_irq.o \
- net_init.o mii.o
--list-multi := rcpci.o
-+list-multi := rcpci.o ppp_mppe.o
- rcpci-objs := rcpci45.o rclanmtl.o
-+ppp_mppe-objs := ppp_mppe_compress.o sha1.o arcfour.o
-
- ifeq ($(CONFIG_TULIP),y)
- obj-y += tulip/tulip.o
-@@ -139,6 +140,14 @@
- obj-$(CONFIG_PPP_BSDCOMP) += bsd_comp.o
- obj-$(CONFIG_PPPOE) += pppox.o pppoe.o
-
-+ifeq ($(CONFIG_PPP_MPPE),y)
-+ obj-y += $(ppp_mppe-objs)
-+else
-+ ifeq ($(CONFIG_PPP_MPPE),m)
-+ obj-m += ppp_mppe.o
-+ endif
-+endif
-+
- obj-$(CONFIG_SLIP) += slip.o
- ifeq ($(CONFIG_SLIP_COMPRESSED),y)
- obj-$(CONFIG_SLIP) += slhc.o
-@@ -237,3 +246,5 @@
- rcpci.o: $(rcpci-objs)
- $(LD) -r -o $@ $(rcpci-objs)
-
-+ppp_mppe.o: $(ppp_mppe-objs)
-+ $(LD) -r -o $@ $(ppp_mppe-objs)
+++ /dev/null
---- linux-2.4.18/drivers/net/ppp_generic.c.orig Mon May 12 01:36:31 2003
-+++ linux-2.4.18/drivers/net/ppp_generic.c Mon May 12 03:09:13 2003
-@@ -99,6 +99,7 @@
- spinlock_t rlock; /* lock for receive side */
- spinlock_t wlock; /* lock for transmit side */
- int mru; /* max receive unit */
-+ int mru_alloc; /* MAX(1500,MRU) for dev_alloc_skb() */
- unsigned int flags; /* control bits */
- unsigned int xstate; /* transmit state bits */
- unsigned int rstate; /* receive state bits */
-@@ -126,6 +127,7 @@
- struct sock_fprog pass_filter; /* filter for packets to pass */
- struct sock_fprog active_filter;/* filter for pkts to reset idle */
- #endif /* CONFIG_PPP_FILTER */
-+ int xpad; /* ECP or CCP (MPPE) transmit padding */
- };
-
- /*
-@@ -531,6 +533,8 @@
- if (get_user(val, (int *) arg))
- break;
-- ppp->mru = val;
-+ ppp->mru_alloc = ppp->mru = val;
-+ if (ppp->mru_alloc < PPP_MRU)
-+ ppp->mru_alloc = PPP_MRU; /* increase for broken peers */
- err = 0;
- break;
-
-@@ -1006,8 +1010,8 @@
- /* try to do packet compression */
- if ((ppp->xstate & SC_COMP_RUN) && ppp->xc_state != 0
- && proto != PPP_LCP && proto != PPP_CCP) {
-- new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len,
-- GFP_ATOMIC);
-+ new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len
-+ + ppp->xpad, GFP_ATOMIC);
- if (new_skb == 0) {
- printk(KERN_ERR "PPP: no memory (comp pkt)\n");
- goto drop;
-@@ -1019,15 +1023,28 @@
- /* compressor still expects A/C bytes in hdr */
- len = ppp->xcomp->compress(ppp->xc_state, skb->data - 2,
- new_skb->data, skb->len + 2,
-- ppp->dev->mtu + PPP_HDRLEN);
-+ ppp->dev->mtu + ppp->xpad
-+ + PPP_HDRLEN);
- if (len > 0 && (ppp->flags & SC_CCP_UP)) {
- kfree_skb(skb);
- skb = new_skb;
- skb_put(skb, len);
- skb_pull(skb, 2); /* pull off A/C bytes */
-- } else {
-+ } else if (len == 0) {
- /* didn't compress, or CCP not up yet */
- kfree_skb(new_skb);
-+ } else {
-+ /*
-+ * (len < 0)
-+ * MPPE requires that we do not send unencrypted
-+ * frames. The compressor will return -1 if we
-+ * should drop the frame. We cannot simply test
-+ * the compress_proto because MPPE and MPPC share
-+ * the same number.
-+ */
-+ printk(KERN_ERR "ppp: compressor dropped pkt\n");
-+ kfree_skb(new_skb);
-+ goto drop;
- }
- }
-
-@@ -1515,14 +1532,15 @@
- int len;
-
- if (proto == PPP_COMP) {
-- ns = dev_alloc_skb(ppp->mru + PPP_HDRLEN);
-+ ns = dev_alloc_skb(ppp->mru_alloc + PPP_HDRLEN);
- if (ns == 0) {
- printk(KERN_ERR "ppp_decompress_frame: no memory\n");
- goto err;
- }
- /* the decompressor still expects the A/C bytes in the hdr */
- len = ppp->rcomp->decompress(ppp->rc_state, skb->data - 2,
-- skb->len + 2, ns->data, ppp->mru + PPP_HDRLEN);
-+ skb->len + 2, ns->data,
-+ ppp->mru_alloc + PPP_HDRLEN);
- if (len < 0) {
- /* Pass the compressed frame to pppd as an
- error indication. */
-@@ -1949,6 +1967,20 @@
- ppp_xmit_unlock(ppp);
- err = 0;
- }
-+ if (ccp_option[0] == CI_MPPE)
-+ /*
-+ * pppd (userland) has reduced the MTU by MPPE_PAD,
-+ * to accomodate "compressor" growth. We must
-+ * increase the space allocated for compressor
-+ * output in ppp_send_frame() accordingly. Note
-+ * that from a purist's view, it may be more correct
-+ * to require multilink and fragment large packets,
-+ * but that seems inefficient compared to this
-+ * little trick.
-+ */
-+ ppp->xpad = MPPE_PAD;
-+ else
-+ ppp->xpad = 0;
-
- } else {
- ppp_recv_lock(ppp);
-@@ -2229,6 +2261,7 @@
-
- ppp->file.index = unit;
- ppp->mru = PPP_MRU;
-+ ppp->mru_alloc = PPP_MRU;
- init_ppp_file(&ppp->file, INTERFACE);
- ppp->file.hdrlen = PPP_HDRLEN - 2; /* don't count proto bytes */
- for (i = 0; i < NUM_NP; ++i)
+++ /dev/null
---- linux-2.4.19/drivers/net/ppp_generic.c.orig Mon May 12 01:36:31 2003
-+++ linux-2.4.19/drivers/net/ppp_generic.c Mon May 12 03:09:13 2003
-@@ -99,6 +99,7 @@
- spinlock_t rlock; /* lock for receive side 58 */
- spinlock_t wlock; /* lock for transmit side 5c */
- int mru; /* max receive unit 60 */
-+ int mru_alloc; /* MAX(1500,MRU) for dev_alloc_skb() */
- unsigned int flags; /* control bits 64 */
- unsigned int xstate; /* transmit state bits 68 */
- unsigned int rstate; /* receive state bits 6c */
-@@ -126,6 +127,7 @@
- struct sock_fprog pass_filter; /* filter for packets to pass */
- struct sock_fprog active_filter;/* filter for pkts to reset idle */
- #endif /* CONFIG_PPP_FILTER */
-+ int xpad; /* ECP or CCP (MPPE) transmit padding */
- };
-
- /*
-@@ -531,6 +533,8 @@
- if (get_user(val, (int *) arg))
- break;
-- ppp->mru = val;
-+ ppp->mru_alloc = ppp->mru = val;
-+ if (ppp->mru_alloc < PPP_MRU)
-+ ppp->mru_alloc = PPP_MRU; /* increase for broken peers */
- err = 0;
- break;
-
-@@ -1006,8 +1010,8 @@
- /* try to do packet compression */
- if ((ppp->xstate & SC_COMP_RUN) && ppp->xc_state != 0
- && proto != PPP_LCP && proto != PPP_CCP) {
-- new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len,
-- GFP_ATOMIC);
-+ new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len
-+ + ppp->xpad, GFP_ATOMIC);
- if (new_skb == 0) {
- printk(KERN_ERR "PPP: no memory (comp pkt)\n");
- goto drop;
-@@ -1019,15 +1023,28 @@
- /* compressor still expects A/C bytes in hdr */
- len = ppp->xcomp->compress(ppp->xc_state, skb->data - 2,
- new_skb->data, skb->len + 2,
-- ppp->dev->mtu + PPP_HDRLEN);
-+ ppp->dev->mtu + ppp->xpad
-+ + PPP_HDRLEN);
- if (len > 0 && (ppp->flags & SC_CCP_UP)) {
- kfree_skb(skb);
- skb = new_skb;
- skb_put(skb, len);
- skb_pull(skb, 2); /* pull off A/C bytes */
-- } else {
-+ } else if (len == 0) {
- /* didn't compress, or CCP not up yet */
- kfree_skb(new_skb);
-+ } else {
-+ /*
-+ * (len < 0)
-+ * MPPE requires that we do not send unencrypted
-+ * frames. The compressor will return -1 if we
-+ * should drop the frame. We cannot simply test
-+ * the compress_proto because MPPE and MPPC share
-+ * the same number.
-+ */
-+ printk(KERN_ERR "ppp: compressor dropped pkt\n");
-+ kfree_skb(new_skb);
-+ goto drop;
- }
- }
-
-@@ -1515,14 +1532,15 @@
- int len;
-
- if (proto == PPP_COMP) {
-- ns = dev_alloc_skb(ppp->mru + PPP_HDRLEN);
-+ ns = dev_alloc_skb(ppp->mru_alloc + PPP_HDRLEN);
- if (ns == 0) {
- printk(KERN_ERR "ppp_decompress_frame: no memory\n");
- goto err;
- }
- /* the decompressor still expects the A/C bytes in the hdr */
- len = ppp->rcomp->decompress(ppp->rc_state, skb->data - 2,
-- skb->len + 2, ns->data, ppp->mru + PPP_HDRLEN);
-+ skb->len + 2, ns->data,
-+ ppp->mru_alloc + PPP_HDRLEN);
- if (len < 0) {
- /* Pass the compressed frame to pppd as an
- error indication. */
-@@ -1949,6 +1967,20 @@
- ppp_xmit_unlock(ppp);
- err = 0;
- }
-+ if (ccp_option[0] == CI_MPPE)
-+ /*
-+ * pppd (userland) has reduced the MTU by MPPE_PAD,
-+ * to accomodate "compressor" growth. We must
-+ * increase the space allocated for compressor
-+ * output in ppp_send_frame() accordingly. Note
-+ * that from a purist's view, it may be more correct
-+ * to require multilink and fragment large packets,
-+ * but that seems inefficient compared to this
-+ * little trick.
-+ */
-+ ppp->xpad = MPPE_PAD;
-+ else
-+ ppp->xpad = 0;
-
- } else {
- ppp_recv_lock(ppp);
-@@ -2229,6 +2261,7 @@
-
- ppp->file.index = unit;
- ppp->mru = PPP_MRU;
-+ ppp->mru_alloc = PPP_MRU;
- init_ppp_file(&ppp->file, INTERFACE);
- ppp->file.hdrlen = PPP_HDRLEN - 2; /* don't count proto bytes */
- for (i = 0; i < NUM_NP; ++i)
+++ /dev/null
---- linux-2.6.0-test6/include/linux/ppp-comp.h 2003-09-27 20:50:05.000000000 -0400
-+++ linux-2.6.0-test6-mod/include/linux/ppp-comp.h 2003-10-08 19:32:13.000000000 -0400
-@@ -191,6 +191,100 @@
- #define DEFLATE_CHK_SEQUENCE 0
-
- /*
-+ * Definitions for MPPE.
-+ */
-+
-+#define CI_MPPE 18 /* config option for MPPE */
-+#define CILEN_MPPE 6 /* length of config option */
-+
-+#define MPPE_PAD 8 /* MPPE growth per frame */
-+#define MPPE_MAX_KEY_LEN 16 /* largest key length (128-bit) */
-+
-+/* option bits for ccp_options.mppe */
-+#define MPPE_OPT_40 0x01 /* 40 bit */
-+#define MPPE_OPT_128 0x02 /* 128 bit */
-+#define MPPE_OPT_STATEFUL 0x04 /* stateful mode */
-+/* unsupported opts */
-+#define MPPE_OPT_56 0x08 /* 56 bit */
-+#define MPPE_OPT_MPPC 0x10 /* MPPC compression */
-+#define MPPE_OPT_D 0x20 /* Unknown */
-+#define MPPE_OPT_UNSUPPORTED (MPPE_OPT_56|MPPE_OPT_MPPC|MPPE_OPT_D)
-+#define MPPE_OPT_UNKNOWN 0x40 /* Bits !defined in RFC 3078 were set */
-+
-+/*
-+ * This is not nice ... the alternative is a bitfield struct though.
-+ * And unfortunately, we cannot share the same bits for the option
-+ * names above since C and H are the same bit. We could do a u_int32
-+ * but then we have to do a htonl() all the time and/or we still need
-+ * to know which octet is which.
-+ */
-+#define MPPE_C_BIT 0x01 /* MPPC */
-+#define MPPE_D_BIT 0x10 /* Obsolete, usage unknown */
-+#define MPPE_L_BIT 0x20 /* 40-bit */
-+#define MPPE_S_BIT 0x40 /* 128-bit */
-+#define MPPE_M_BIT 0x80 /* 56-bit, not supported */
-+#define MPPE_H_BIT 0x01 /* Stateless (in a different byte) */
-+
-+/* Does not include H bit; used for least significant octet only. */
-+#define MPPE_ALL_BITS (MPPE_D_BIT|MPPE_L_BIT|MPPE_S_BIT|MPPE_M_BIT|MPPE_H_BIT)
-+
-+/* Build a CI from mppe opts (see RFC 3078) */
-+#define MPPE_OPTS_TO_CI(opts, ci) \
-+ do { \
-+ u_char *ptr = ci; /* u_char[4] */ \
-+ \
-+ /* H bit */ \
-+ if (opts & MPPE_OPT_STATEFUL) \
-+ *ptr++ = 0x0; \
-+ else \
-+ *ptr++ = MPPE_H_BIT; \
-+ *ptr++ = 0; \
-+ *ptr++ = 0; \
-+ \
-+ /* S,L bits */ \
-+ *ptr = 0; \
-+ if (opts & MPPE_OPT_128) \
-+ *ptr |= MPPE_S_BIT; \
-+ if (opts & MPPE_OPT_40) \
-+ *ptr |= MPPE_L_BIT; \
-+ /* M,D,C bits not supported */ \
-+ } while (/* CONSTCOND */ 0)
-+
-+/* The reverse of the above */
-+#define MPPE_CI_TO_OPTS(ci, opts) \
-+ do { \
-+ u_char *ptr = ci; /* u_char[4] */ \
-+ \
-+ opts = 0; \
-+ \
-+ /* H bit */ \
-+ if (!(ptr[0] & MPPE_H_BIT)) \
-+ opts |= MPPE_OPT_STATEFUL; \
-+ \
-+ /* S,L bits */ \
-+ if (ptr[3] & MPPE_S_BIT) \
-+ opts |= MPPE_OPT_128; \
-+ if (ptr[3] & MPPE_L_BIT) \
-+ opts |= MPPE_OPT_40; \
-+ \
-+ /* M,D,C bits */ \
-+ if (ptr[3] & MPPE_M_BIT) \
-+ opts |= MPPE_OPT_56; \
-+ if (ptr[3] & MPPE_D_BIT) \
-+ opts |= MPPE_OPT_D; \
-+ if (ptr[3] & MPPE_C_BIT) \
-+ opts |= MPPE_OPT_MPPC; \
-+ \
-+ /* Other bits */ \
-+ if (ptr[0] & ~MPPE_H_BIT) \
-+ opts |= MPPE_OPT_UNKNOWN; \
-+ if (ptr[1] || ptr[2]) \
-+ opts |= MPPE_OPT_UNKNOWN; \
-+ if (ptr[3] & ~MPPE_ALL_BITS) \
-+ opts |= MPPE_OPT_UNKNOWN; \
-+ } while (/* CONSTCOND */ 0)
-+
-+/*
- * Definitions for other, as yet unsupported, compression methods.
- */
-
+++ /dev/null
---- linux-2.6.2/drivers/net/Kconfig 2003-09-27 20:50:52.000000000 -0400
-+++ linux-2.6.2/drivers/net/Kconfig 2003-10-08 19:06:10.000000000 -0400
-@@ -2310,6 +2310,12 @@
- module; it is called bsd_comp and will show up in the directory
- modules once you have said "make modules". If unsure, say N.
-
-+config PPP_MPPE
-+ tristate "PPP MPPE compression (encryption)"
-+ depends on PPP
-+ ---help---
-+ Support for the MPPE Encryption protocol.
-+
- config PPPOE
- tristate "PPP over Ethernet (EXPERIMENTAL)"
- depends on EXPERIMENTAL && PPP
---- linux-2.6.2/drivers/net/Makefile 2003-09-27 20:50:14.000000000 -0400
-+++ linux-2.6.2/drivers/net/Makefile 2003-10-08 19:00:42.000000000 -0400
-@@ -101,6 +101,8 @@
- obj-$(CONFIG_PPP_SYNC_TTY) += ppp_synctty.o
- obj-$(CONFIG_PPP_DEFLATE) += ppp_deflate.o
- obj-$(CONFIG_PPP_BSDCOMP) += bsd_comp.o
-+obj-$(CONFIG_PPP_MPPE) += ppp_mppe.o
-+ppp_mppe-objs := ppp_mppe_compress.o sha1.o arcfour.o
- obj-$(CONFIG_PPPOE) += pppox.o pppoe.o
-
- obj-$(CONFIG_SLIP) += slip.o
+++ /dev/null
---- linux/drivers/net/ppp_generic.c 2003-09-27 20:51:03.000000000 -0400
-+++ linux/drivers/net/ppp_generic.c 2003-10-08 19:08:21.000000000 -0400
-@@ -1045,8 +1045,15 @@
- /* try to do packet compression */
- if ((ppp->xstate & SC_COMP_RUN) && ppp->xc_state != 0
- && proto != PPP_LCP && proto != PPP_CCP) {
-- new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len,
-- GFP_ATOMIC);
-+ int new_skb_size = ppp->dev->mtu + ppp->dev->hard_header_len;
-+ int compressor_skb_size = ppp->dev->mtu + PPP_HDRLEN;
-+
-+ if (ppp->xcomp->compress_proto == CI_MPPE) {
-+ /* CCP [must have] reduced MTU by MPPE_PAD. */
-+ new_skb_size += MPPE_PAD;
-+ compressor_skb_size += MPPE_PAD;
-+ }
-+ new_skb = alloc_skb(new_skb_size, GFP_ATOMIC);
- if (new_skb == 0) {
- printk(KERN_ERR "PPP: no memory (comp pkt)\n");
- goto drop;
-@@ -1058,15 +1065,27 @@
- /* compressor still expects A/C bytes in hdr */
- len = ppp->xcomp->compress(ppp->xc_state, skb->data - 2,
- new_skb->data, skb->len + 2,
-- ppp->dev->mtu + PPP_HDRLEN);
-+ compressor_skb_size);
- if (len > 0 && (ppp->flags & SC_CCP_UP)) {
- kfree_skb(skb);
- skb = new_skb;
- skb_put(skb, len);
- skb_pull(skb, 2); /* pull off A/C bytes */
-- } else {
-+ } else if (len == 0) {
- /* didn't compress, or CCP not up yet */
- kfree_skb(new_skb);
-+ } else {
-+ /*
-+ * (len < 0)
-+ * MPPE requires that we do not send unencrypted
-+ * frames. The compressor will return -1 if we
-+ * should drop the frame. We cannot simply test
-+ * the compress_proto because MPPE and MPPC share
-+ * the same number.
-+ */
-+ printk(KERN_ERR "ppp: compressor dropped pkt\n");
-+ kfree_skb(new_skb);
-+ goto drop;
- }
- }
-
-@@ -1571,7 +1590,7 @@
- goto err;
-
- if (proto == PPP_COMP) {
-- ns = dev_alloc_skb(ppp->mru + PPP_HDRLEN);
-+ ns = dev_alloc_skb(ppp->mru + 128 + PPP_HDRLEN);
- if (ns == 0) {
- printk(KERN_ERR "ppp_decompress_frame: no memory\n");
- goto err;
+++ /dev/null
---- modutils-2.3.21.orig/util/alias.h Tue Mar 19 21:23:02 2002
-+++ modutils-2.3.21/util/alias.h Tue Mar 19 21:25:55 2002
-@@ -162,6 +162,7 @@
- "slip1 slip",
- "tty-ldisc-1 slip",
- "tty-ldisc-3 ppp",
-+ "ppp-compress-18 ppp_mppe",
- "ppp-compress-21 bsd_comp",
- "ppp-compress-24 ppp_deflate",
- "ppp-compress-26 ppp_deflate",
+++ /dev/null
-#!/bin/sh
-#
-# A quickie script to install MPPE into the 2.2.19+ or 2.4.18+ kernel.
-# Does very little error checking!!!
-#
-
-mppe_files="sha1.[ch] arcfour.[ch] ppp_mppe_compress.c"
-
-if [ -z "$1" -o ! -d "$1" ]; then
- echo "Usage: $0 <linux-source-dir>" >&2
- exit 1
-fi
-
-# strip any trailing /
-set -- ${1%/}
-# strip leading /path/to/linux- and trailing -release
-ver=`echo "${1##*/}" | sed -e 's/linux-//' -e 's/-.*//'`
-if ! expr "$ver" : 2.[246] >/dev/null ; then
- ver=`echo "${1##*/}" | sed -e 's/kernel-source-//' -e 's/-.*//'`
- if ! expr "$ver" : 2.[246] >/dev/null ; then
- echo "$0: Unable to determine kernel version ($ver)" >&2
- exit 1
- fi
-fi
-
-# build patch files list
-patchdir=`pwd`
-patchfiles=
-if expr $ver : 2.2 >/dev/null ; then
- patchfiles=$patchdir/linux-2.2.*.patch
-elif expr $ver : 2.4 >/dev/null ; then
- patchfiles=`echo $patchdir/linux-2.4.18-{include,make}.patch`
- # need to differentiate a bit
- typeset -i rel=${ver##*.}
- if [ $rel -eq 18 ]; then
- patchfiles="$patchfiles $patchdir/linux-2.4.18-pad.patch"
- elif [ $rel -gt 18 ]; then
- patchfiles="$patchfiles $patchdir/linux-2.4.19-pad.patch"
- else
- echo "$0: unable to determine kernel version" >&2
- exit 1
- fi
-elif expr $ver : 2.6 >/dev/null ; then
- patchfiles=`echo $patchdir/linux-2.6*.patch`
-fi
-
-echo "Detected kernel version $ver"
-echo "I will now patch the kernel in directory $1"
-echo -n "Press ret to continue, CTRL-C to exit: "
-read
-
-pushd "$1" >/dev/null
-for patch in $patchfiles; do
- patch -p1 < $patch
-done
-
-for file in $mppe_files; do
- cp -v $patchdir/$file drivers/net
-done
-
-popd >/dev/null
-
-exit 0
+++ /dev/null
-/*
- * ppp_mppe_compress.c - interface MPPE to the PPP code.
- * This version is for use with Linux kernel 2.2.19+, 2.4.18+ and 2.6.2+.
- *
- * By Frank Cusack <frank@google.com>.
- * Copyright (c) 2002,2003,2004 Google, Inc.
- * All rights reserved.
- *
- * Permission to use, copy, modify, and distribute this software and its
- * documentation is hereby granted, provided that the above copyright
- * notice appears in all copies. This software is provided without any
- * warranty, express or implied.
- *
- * Changelog:
- * 2/15/04 - TS: added #include <version.h> and testing for Kernel
- * version before using
- * MOD_DEC_USAGE_COUNT/MOD_INC_USAGE_COUNT which are
- * deprecated in 2.6
- */
-
-#include <linux/module.h>
-#include <linux/kernel.h>
-#include <linux/version.h>
-#include <linux/init.h>
-#include <linux/types.h>
-#include <linux/slab.h>
-#include <linux/string.h>
-
-#include <linux/ppp_defs.h>
-#include <linux/ppp-comp.h>
-
-#include "arcfour.h"
-#include "sha1.h"
-
-/*
- * State for an MPPE (de)compressor.
- */
-typedef struct ppp_mppe_state {
- unsigned char master_key[MPPE_MAX_KEY_LEN];
- unsigned char session_key[MPPE_MAX_KEY_LEN];
- arcfour_context arcfour_context; /* encryption state */
- unsigned keylen; /* key length in bytes */
- /* NB: 128-bit == 16, 40-bit == 8! */
- /* If we want to support 56-bit, */
- /* the unit has to change to bits */
- unsigned char bits; /* MPPE control bits */
- unsigned ccount; /* 12-bit coherency count (seqno) */
- unsigned stateful; /* stateful mode flag */
- int discard; /* stateful mode packet loss flag */
- int sanity_errors; /* take down LCP if too many */
- int unit;
- int debug;
- struct compstat stats;
-} ppp_mppe_state;
-
-/* ppp_mppe_state.bits definitions */
-#define MPPE_BIT_A 0x80 /* Encryption table were (re)inititalized */
-#define MPPE_BIT_B 0x40 /* MPPC only (not implemented) */
-#define MPPE_BIT_C 0x20 /* MPPC only (not implemented) */
-#define MPPE_BIT_D 0x10 /* This is an encrypted frame */
-
-#define MPPE_BIT_FLUSHED MPPE_BIT_A
-#define MPPE_BIT_ENCRYPTED MPPE_BIT_D
-
-#define MPPE_BITS(p) ((p)[4] & 0xf0)
-#define MPPE_CCOUNT(p) ((((p)[4] & 0x0f) << 8) + (p)[5])
-#define MPPE_CCOUNT_SPACE 0x1000 /* The size of the ccount space */
-
-#define MPPE_OVHD 2 /* MPPE overhead/packet */
-#define SANITY_MAX 1600 /* Max bogon factor we will tolerate */
-
-static void GetNewKeyFromSHA __P((unsigned char *StartKey,
- unsigned char *SessionKey,
- unsigned SessionKeyLength,
- unsigned char *InterimKey));
-static void mppe_rekey __P((ppp_mppe_state *state, int));
-static void *mppe_alloc __P((unsigned char *options, int optlen));
-static void mppe_free __P((void *state));
-static int mppe_init __P((void *state, unsigned char *options,
- int optlen, int unit, int debug, const char *));
-static int mppe_comp_init __P((void *state, unsigned char *options,
- int optlen,
- int unit, int hdrlen, int debug));
-static int mppe_decomp_init __P((void *state, unsigned char *options,
- int optlen, int unit,
- int hdrlen, int mru, int debug));
-static int mppe_compress __P((void *state, unsigned char *ibuf,
- unsigned char *obuf,
- int isize, int osize));
-static void mppe_incomp __P((void *state, unsigned char *ibuf, int icnt));
-static int mppe_decompress __P((void *state, unsigned char *ibuf,
- int isize, unsigned char *obuf,int osize));
-static void mppe_comp_reset __P((void *state));
-static void mppe_decomp_reset __P((void *state));
-static void mppe_comp_stats __P((void *state, struct compstat *stats));
-
-
-/*
- * Key Derivation, from RFC 3078, RFC 3079.
- * Equivalent to Get_Key() for MS-CHAP as described in RFC 3079.
- */
-static void
-GetNewKeyFromSHA(unsigned char *MasterKey, unsigned char *SessionKey,
- unsigned SessionKeyLength, unsigned char *InterimKey)
-{
- SHA1_CTX Context;
- unsigned char Digest[SHA1_SIGNATURE_SIZE];
-
- unsigned char SHApad1[40] =
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
- unsigned char SHApad2[40] =
- { 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
- 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
- 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
- 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2 };
-
- /* assert(SessionKeyLength <= SHA1_SIGNATURE_SIZE); */
-
- SHA1_Init(&Context);
- SHA1_Update(&Context, MasterKey, SessionKeyLength);
- SHA1_Update(&Context, SHApad1, sizeof(SHApad1));
- SHA1_Update(&Context, SessionKey, SessionKeyLength);
- SHA1_Update(&Context, SHApad2, sizeof(SHApad2));
- SHA1_Final(Digest, &Context);
-
- memcpy(InterimKey, Digest, SessionKeyLength);
-}
-
-/*
- * Perform the MPPE rekey algorithm, from RFC 3078, sec. 7.3.
- * Well, not what's written there, but rather what they meant.
- */
-static void
-mppe_rekey(ppp_mppe_state *state, int initial_key)
-{
- unsigned char InterimKey[MPPE_MAX_KEY_LEN];
-
- GetNewKeyFromSHA(state->master_key, state->session_key,
- state->keylen, InterimKey);
- if (!initial_key) {
- arcfour_setkey(&state->arcfour_context, InterimKey, state->keylen);
- arcfour_encrypt(&state->arcfour_context, InterimKey, state->keylen,
- state->session_key);
- } else {
- memcpy(state->session_key, InterimKey, state->keylen);
- }
- if (state->keylen == 8) {
- /* See RFC 3078 */
- state->session_key[0] = 0xd1;
- state->session_key[1] = 0x26;
- state->session_key[2] = 0x9e;
- }
- arcfour_setkey(&state->arcfour_context, state->session_key, state->keylen);
-}
-
-
-/*
- * Allocate space for a (de)compressor.
- */
-static void *
-mppe_alloc(unsigned char *options, int optlen)
-{
- ppp_mppe_state *state;
-
- if (optlen != CILEN_MPPE + sizeof(state->master_key)
- || options[0] != CI_MPPE
- || options[1] != CILEN_MPPE)
- return NULL;
-
- state = (ppp_mppe_state *) kmalloc(sizeof(*state), GFP_KERNEL);
- if (state == NULL)
- return NULL;
-
-#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0))
- try_module_get(THIS_MODULE);
-#else
- MOD_INC_USE_COUNT;
-#endif
- memset(state, 0, sizeof(*state));
-
- /* Save keys. */
- memcpy(state->master_key, &options[CILEN_MPPE], sizeof(state->master_key));
- memcpy(state->session_key, state->master_key, sizeof(state->master_key));
- /*
- * We defer initial key generation until mppe_init(), as mppe_alloc()
- * is called frequently during negotiation.
- */
-
- return (void *) state;
-}
-
-/*
- * Deallocate space for a (de)compressor.
- */
-static void
-mppe_free(void *arg)
-{
- ppp_mppe_state *state = (ppp_mppe_state *) arg;
-
- if (state) {
- kfree(state);
-#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0))
- module_put(THIS_MODULE);
-#else
- MOD_DEC_USE_COUNT;
-#endif
- }
-}
-
-
-/*
- * Initialize (de)compressor state.
- */
-static int
-mppe_init(void *arg, unsigned char *options, int optlen, int unit, int debug,
- const char *debugstr)
-{
- ppp_mppe_state *state = (ppp_mppe_state *) arg;
- unsigned char mppe_opts;
-
- if (optlen != CILEN_MPPE
- || options[0] != CI_MPPE
- || options[1] != CILEN_MPPE)
- return 0;
-
- MPPE_CI_TO_OPTS(&options[2], mppe_opts);
- if (mppe_opts & MPPE_OPT_128)
- state->keylen = 16;
- else if (mppe_opts & MPPE_OPT_40)
- state->keylen = 8;
- else {
- printk(KERN_WARNING "%s[%d]: unknown key length\n", debugstr, unit);
- return 0;
- }
- if (mppe_opts & MPPE_OPT_STATEFUL)
- state->stateful = 1;
-
- /* Generate the initial session key. */
- mppe_rekey(state, 1);
-
- if (debug) {
- int i;
- char mkey[sizeof(state->master_key) * 2 + 1];
- char skey[sizeof(state->session_key) * 2 + 1];
-
- printk(KERN_DEBUG "%s[%d]: initialized with %d-bit %s mode\n", debugstr,
- unit, (state->keylen == 16)? 128: 40,
- (state->stateful)? "stateful": "stateless");
-
- for (i = 0; i < sizeof(state->master_key); i++)
- sprintf(mkey + i * 2, "%.2x", state->master_key[i]);
- for (i = 0; i < sizeof(state->session_key); i++)
- sprintf(skey + i * 2, "%.2x", state->session_key[i]);
- printk(KERN_DEBUG "%s[%d]: keys: master: %s initial session: %s\n",
- debugstr, unit, mkey, skey);
- }
-
- /*
- * Initialize the coherency count. The initial value is not specified
- * in RFC 3078, but we can make a reasonable assumption that it will
- * start at 0. Setting it to the max here makes the comp/decomp code
- * do the right thing (determined through experiment).
- */
- state->ccount = MPPE_CCOUNT_SPACE - 1;
-
- /*
- * Note that even though we have initialized the key table, we don't
- * set the FLUSHED bit. This is contrary to RFC 3078, sec. 3.1.
- */
- state->bits = MPPE_BIT_ENCRYPTED;
-
- state->unit = unit;
- state->debug = debug;
-
- return 1;
-}
-
-
-
-static int
-mppe_comp_init(void *arg, unsigned char *options, int optlen, int unit,
- int hdrlen, int debug)
-{
- /* ARGSUSED */
- return mppe_init(arg, options, optlen, unit, debug, "mppe_comp_init");
-}
-
-/*
- * We received a CCP Reset-Request (actually, we are sending a Reset-Ack),
- * tell the compressor to rekey. Note that we MUST NOT rekey for
- * every CCP Reset-Request; we only rekey on the next xmit packet.
- * We might get multiple CCP Reset-Requests if our CCP Reset-Ack is lost.
- * So, rekeying for every CCP Reset-Request is broken as the peer will not
- * know how many times we've rekeyed. (If we rekey and THEN get another
- * CCP Reset-Request, we must rekey again.)
- */
-static void
-mppe_comp_reset(void *arg)
-{
- ppp_mppe_state *state = (ppp_mppe_state *) arg;
-
- state->bits |= MPPE_BIT_FLUSHED;
-}
-
-/*
- * Compress (encrypt) a packet.
- * It's strange to call this a compressor, since the output is always
- * MPPE_OVHD + 2 bytes larger than the input.
- */
-int
-mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf,
- int isize, int osize)
-{
- ppp_mppe_state *state = (ppp_mppe_state *) arg;
- int proto;
-
- /*
- * Check that the protocol is in the range we handle.
- */
- proto = PPP_PROTOCOL(ibuf);
- if (proto < 0x0021 || proto > 0x00fa)
- return 0;
-
- /* Make sure we have enough room to generate an encrypted packet. */
- if (osize < isize + MPPE_OVHD + 2) {
- /* Drop the packet if we should encrypt it, but can't. */
- printk(KERN_DEBUG "mppe_compress[%d]: osize too small! "
- "(have: %d need: %d)\n", state->unit,
- osize, osize + MPPE_OVHD + 2);
- return -1;
- }
-
- osize = isize + MPPE_OVHD + 2;
-
- /*
- * Copy over the PPP header and set control bits.
- */
- obuf[0] = PPP_ADDRESS(ibuf);
- obuf[1] = PPP_CONTROL(ibuf);
- obuf[2] = PPP_COMP >> 8; /* isize + MPPE_OVHD + 1 */
- obuf[3] = PPP_COMP; /* isize + MPPE_OVHD + 2 */
- obuf += PPP_HDRLEN;
-
- state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE;
- if (state->debug >= 7)
- printk(KERN_DEBUG "mppe_compress[%d]: ccount %d\n", state->unit,
- state->ccount);
- obuf[0] = state->ccount >> 8;
- obuf[1] = state->ccount & 0xff;
-
- if (!state->stateful || /* stateless mode */
- ((state->ccount & 0xff) == 0xff) || /* "flag" packet */
- (state->bits & MPPE_BIT_FLUSHED)) { /* CCP Reset-Request */
- /* We must rekey */
- if (state->debug && state->stateful)
- printk(KERN_DEBUG "mppe_compress[%d]: rekeying\n", state->unit);
- mppe_rekey(state, 0);
- state->bits |= MPPE_BIT_FLUSHED;
- }
- obuf[0] |= state->bits;
- state->bits &= ~MPPE_BIT_FLUSHED; /* reset for next xmit */
-
- obuf += MPPE_OVHD;
- ibuf += 2; /* skip to proto field */
- isize -= 2;
-
- /* Encrypt packet */
- arcfour_encrypt(&state->arcfour_context, ibuf, isize, obuf);
-
- state->stats.unc_bytes += isize;
- state->stats.unc_packets++;
- state->stats.comp_bytes += osize;
- state->stats.comp_packets++;
-
- return osize;
-}
-
-/*
- * Since every frame grows by MPPE_OVHD + 2 bytes, this is always going
- * to look bad ... and the longer the link is up the worse it will get.
- */
-static void
-mppe_comp_stats(void *arg, struct compstat *stats)
-{
- ppp_mppe_state *state = (ppp_mppe_state *) arg;
-
- *stats = state->stats;
-}
-
-
-static int
-mppe_decomp_init(void *arg, unsigned char *options, int optlen, int unit,
- int hdrlen, int mru, int debug)
-{
- /* ARGSUSED */
- return mppe_init(arg, options, optlen, unit, debug, "mppe_decomp_init");
-}
-
-/*
- * We received a CCP Reset-Ack. Just ignore it.
- */
-static void
-mppe_decomp_reset(void *arg)
-{
- /* ARGSUSED */
- return;
-}
-
-/*
- * Decompress (decrypt) an MPPE packet.
- */
-int
-mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf,
- int osize)
-{
- ppp_mppe_state *state = (ppp_mppe_state *) arg;
- unsigned ccount;
- int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED;
- int sanity = 0;
-
- if (isize <= PPP_HDRLEN + MPPE_OVHD) {
- if (state->debug)
- printk(KERN_DEBUG "mppe_decompress[%d]: short pkt (%d)\n",
- state->unit, isize);
- return DECOMP_ERROR;
- }
-
- /*
- * Make sure we have enough room to decrypt the packet.
- * Note that for our test we only subtract 1 byte whereas in
- * mppe_compress() we added 2 bytes (+MPPE_OVHD);
- * this is to account for possible PFC.
- */
- if (osize < isize - MPPE_OVHD - 1) {
- printk(KERN_DEBUG "mppe_decompress[%d]: osize too small! "
- "(have: %d need: %d)\n", state->unit,
- osize, isize - MPPE_OVHD - 1);
- return DECOMP_ERROR;
- }
- osize = isize - MPPE_OVHD - 2; /* assume no PFC */
-
- ccount = MPPE_CCOUNT(ibuf);
- if (state->debug >= 7)
- printk(KERN_DEBUG "mppe_decompress[%d]: ccount %d\n", state->unit,
- ccount);
-
- /* sanity checks -- terminate with extreme prejudice */
- if (!(MPPE_BITS(ibuf) & MPPE_BIT_ENCRYPTED)) {
- printk(KERN_DEBUG "mppe_decompress[%d]: ENCRYPTED bit not set!\n",
- state->unit);
- state->sanity_errors += 100;
- sanity = 1;
- }
- if (!state->stateful && !flushed) {
- printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set in "
- "stateless mode!\n", state->unit);
- state->sanity_errors += 100;
- sanity = 1;
- }
- if (state->stateful && ((ccount & 0xff) == 0xff) && !flushed) {
- printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set on "
- "flag packet!\n", state->unit);
- state->sanity_errors += 100;
- sanity = 1;
- }
-
- if (sanity) {
- if (state->sanity_errors < SANITY_MAX)
- return DECOMP_ERROR;
- else
- /*
- * Take LCP down if the peer is sending too many bogons.
- * We don't want to do this for a single or just a few
- * instances since it could just be due to packet corruption.
- */
- return DECOMP_FATALERROR;
- }
-
- /*
- * Check the coherency count.
- */
-
- if (!state->stateful) {
- /* RFC 3078, sec 8.1. Rekey for every packet. */
- while (state->ccount != ccount) {
- mppe_rekey(state, 0);
- state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE;
- }
- } else {
- /* RFC 3078, sec 8.2. */
- if (!state->discard) {
- /* normal state */
- state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE;
- if (ccount != state->ccount) {
- /*
- * (ccount > state->ccount)
- * Packet loss detected, enter the discard state.
- * Signal the peer to rekey (by sending a CCP Reset-Request).
- */
- state->discard = 1;
- return DECOMP_ERROR;
- }
- } else {
- /* discard state */
- if (!flushed) {
- /* ccp.c will be silent (no additional CCP Reset-Requests). */
- return DECOMP_ERROR;
- } else {
- /* Rekey for every missed "flag" packet. */
- while ((ccount & ~0xff) != (state->ccount & ~0xff)) {
- mppe_rekey(state, 0);
- state->ccount = (state->ccount + 256) % MPPE_CCOUNT_SPACE;
- }
-
- /* reset */
- state->discard = 0;
- state->ccount = ccount;
- /*
- * Another problem with RFC 3078 here. It implies that the
- * peer need not send a Reset-Ack packet. But RFC 1962
- * requires it. Hopefully, M$ does send a Reset-Ack; even
- * though it isn't required for MPPE synchronization, it is
- * required to reset CCP state.
- */
- }
- }
- if (flushed)
- mppe_rekey(state, 0);
- }
-
- /*
- * Fill in the first part of the PPP header. The protocol field
- * comes from the decrypted data.
- */
- obuf[0] = PPP_ADDRESS(ibuf); /* +1 */
- obuf[1] = PPP_CONTROL(ibuf); /* +1 */
- obuf += 2;
- ibuf += PPP_HDRLEN + MPPE_OVHD;
- isize -= PPP_HDRLEN + MPPE_OVHD; /* -6 */
- /* net osize: isize-4 */
-
- /*
- * Decrypt the first byte in order to check if it is
- * a compressed or uncompressed protocol field.
- */
- arcfour_decrypt(&state->arcfour_context, ibuf, 1, obuf);
-
- /*
- * Do PFC decompression.
- * This would be nicer if we were given the actual sk_buff
- * instead of a char *.
- */
- if ((obuf[0] & 0x01) != 0) {
- obuf[1] = obuf[0];
- obuf[0] = 0;
- obuf++;
- osize++;
- }
-
- /* And finally, decrypt the rest of the packet. */
- arcfour_decrypt(&state->arcfour_context, ibuf + 1, isize - 1, obuf + 1);
-
- state->stats.unc_bytes += osize;
- state->stats.unc_packets++;
- state->stats.comp_bytes += isize;
- state->stats.comp_packets++;
-
- /* good packet credit */
- state->sanity_errors >>= 1;
-
- return osize;
-}
-
-/*
- * Incompressible data has arrived (this should never happen!).
- * We should probably drop the link if the protocol is in the range
- * of what should be encrypted. At the least, we should drop this
- * packet. (How to do this?)
- */
-static void
-mppe_incomp(void *arg, unsigned char *ibuf, int icnt)
-{
- ppp_mppe_state *state = (ppp_mppe_state *) arg;
-
- if (state->debug &&
- (PPP_PROTOCOL(ibuf) >= 0x0021 && PPP_PROTOCOL(ibuf) <= 0x00fa))
- printk(KERN_DEBUG "mppe_incomp[%d]: incompressible (unencrypted) data! "
- "(proto %04x)\n", state->unit, PPP_PROTOCOL(ibuf));
-
- state->stats.inc_bytes += icnt;
- state->stats.inc_packets++;
- state->stats.unc_bytes += icnt;
- state->stats.unc_packets++;
-}
-
-/*************************************************************
- * Module interface table
- *************************************************************/
-
-/* These are in ppp.c (2.2.x) or ppp_generic.c (2.4.x) */
-extern int ppp_register_compressor (struct compressor *cp);
-extern void ppp_unregister_compressor (struct compressor *cp);
-
-/*
- * Procedures exported to if_ppp.c.
- */
-struct compressor ppp_mppe = {
- CI_MPPE, /* compress_proto */
- mppe_alloc, /* comp_alloc */
- mppe_free, /* comp_free */
- mppe_comp_init, /* comp_init */
- mppe_comp_reset, /* comp_reset */
- mppe_compress, /* compress */
- mppe_comp_stats, /* comp_stat */
- mppe_alloc, /* decomp_alloc */
- mppe_free, /* decomp_free */
- mppe_decomp_init, /* decomp_init */
- mppe_decomp_reset, /* decomp_reset */
- mppe_decompress, /* decompress */
- mppe_incomp, /* incomp */
- mppe_comp_stats, /* decomp_stat */
-};
-
-/* 2.2 compatibility defines */
-#ifndef __init
-#define __init
-#endif
-#ifndef __exit
-#define __exit
-#endif
-#ifndef MODULE_LICENSE
-#define MODULE_LICENSE(license)
-#endif
-
-int __init
-ppp_mppe_init(void)
-{
- int answer = ppp_register_compressor(&ppp_mppe);
-
- if (answer == 0)
- printk(KERN_INFO "PPP MPPE Compression module registered\n");
- return answer;
-}
-
-void __exit
-ppp_mppe_cleanup(void)
-{
- ppp_unregister_compressor(&ppp_mppe);
-}
-
-module_init(ppp_mppe_init);
-module_exit(ppp_mppe_cleanup);
-MODULE_LICENSE("BSD without advertisement clause");
+++ /dev/null
-/*
- * ftp://ftp.funet.fi/pub/crypt/hash/sha/sha1.c
- *
- * SHA-1 in C
- * By Steve Reid <steve@edmweb.com>
- * 100% Public Domain
- *
- * Test Vectors (from FIPS PUB 180-1)
- * "abc"
- * A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
- * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
- * 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
- * A million repetitions of "a"
- * 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
- */
-
-/* #define SHA1HANDSOFF * Copies data before messing with it. */
-
-#if defined(__linux__)
-#include <asm/byteorder.h>
-#include <linux/string.h>
-#elif defined(__solaris__)
-#include <sys/isa_defs.h>
-#include <sys/ddi.h>
-#include <sys/sunddi.h>
-#define memcpy(d, s, c) bcopy(s, d, c)
-#define memset(d, b, c) bzero(d, c)
-#endif
-
-#include "sha1.h"
-
-static void SHA1_Transform(unsigned int[5], const unsigned char[64]);
-
-#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
-
-/* blk0() and blk() perform the initial expand. */
-/* I got the idea of expanding during the round function from SSLeay */
-#if defined(__LITTLE_ENDIAN) || defined(_LITTLE_ENDIAN)
-#define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
- |(rol(block->l[i],8)&0x00FF00FF))
-#elif defined(__BIG_ENDIAN) || defined(_BIG_ENDIAN)
-#define blk0(i) block->l[i]
-#else
-#error Endianness not defined
-#endif
-#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
- ^block->l[(i+2)&15]^block->l[i&15],1))
-
-/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
-#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
-#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
-#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
-#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
-#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
-
-
-/* Hash a single 512-bit block. This is the core of the algorithm. */
-
-static void
-SHA1_Transform(unsigned int state[5], const unsigned char buffer[64])
-{
- unsigned int a, b, c, d, e;
- typedef union {
- unsigned char c[64];
- unsigned int l[16];
- } CHAR64LONG16;
- CHAR64LONG16 *block;
-
-#ifdef SHA1HANDSOFF
- static unsigned char workspace[64];
- block = (CHAR64LONG16 *) workspace;
- memcpy(block, buffer, 64);
-#else
- block = (CHAR64LONG16 *) buffer;
-#endif
- /* Copy context->state[] to working vars */
- a = state[0];
- b = state[1];
- c = state[2];
- d = state[3];
- e = state[4];
- /* 4 rounds of 20 operations each. Loop unrolled. */
- R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
- R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
- R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
- R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
- R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
- R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
- R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
- R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
- R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
- R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
- R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
- R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
- R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
- R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
- R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
- R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
- R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
- R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
- R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
- R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
- /* Add the working vars back into context.state[] */
- state[0] += a;
- state[1] += b;
- state[2] += c;
- state[3] += d;
- state[4] += e;
- /* Wipe variables */
- a = b = c = d = e = 0;
-}
-
-
-/* SHA1Init - Initialize new context */
-
-void
-SHA1_Init(SHA1_CTX *context)
-{
- /* SHA1 initialization constants */
- context->state[0] = 0x67452301;
- context->state[1] = 0xEFCDAB89;
- context->state[2] = 0x98BADCFE;
- context->state[3] = 0x10325476;
- context->state[4] = 0xC3D2E1F0;
- context->count[0] = context->count[1] = 0;
-}
-
-
-/* Run your data through this. */
-
-void
-SHA1_Update(SHA1_CTX *context, const unsigned char *data, unsigned int len)
-{
- unsigned int i, j;
-
- j = (context->count[0] >> 3) & 63;
- if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++;
- context->count[1] += (len >> 29);
- if ((j + len) > 63) {
- memcpy(&context->buffer[j], data, (i = 64-j));
- SHA1_Transform(context->state, context->buffer);
- for ( ; i + 63 < len; i += 64) {
- SHA1_Transform(context->state, &data[i]);
- }
- j = 0;
- }
- else
- i = 0;
-
- memcpy(&context->buffer[j], &data[i], len - i);
-}
-
-
-/* Add padding and return the message digest. */
-
-void
-SHA1_Final(unsigned char digest[20], SHA1_CTX *context)
-{
- unsigned int i, j;
- unsigned char finalcount[8];
-
- for (i = 0; i < 8; i++) {
- finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)]
- >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
- }
- SHA1_Update(context, (unsigned char *) "\200", 1);
- while ((context->count[0] & 504) != 448) {
- SHA1_Update(context, (unsigned char *) "\0", 1);
- }
- SHA1_Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
- for (i = 0; i < 20; i++) {
- digest[i] = (unsigned char)
- ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
- }
- /* Wipe variables */
- i = j = 0;
- memset(context->buffer, 0, 64);
- memset(context->state, 0, 20);
- memset(context->count, 0, 8);
- memset(&finalcount, 0, 8);
-#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite it's own static vars */
- SHA1Transform(context->state, context->buffer);
-#endif
-}
-
+++ /dev/null
-/* sha1.h */
-
-#ifndef _SHA1_H
-#define _SHA1_H
-
-typedef struct {
- unsigned int state[5];
- unsigned int count[2];
- unsigned char buffer[64];
-} SHA1_CTX;
-
-#define SHA1_SIGNATURE_SIZE 20
-
-extern void SHA1_Init(SHA1_CTX *);
-extern void SHA1_Update(SHA1_CTX *, const unsigned char *, unsigned int);
-extern void SHA1_Final(unsigned char[SHA1_SIGNATURE_SIZE], SHA1_CTX *);
-
-#endif /* _SHA1_H */