X-Git-Url: https://git.ozlabs.org/?p=ppp.git;a=blobdiff_plain;f=pppd%2Fccp.c;h=dbc567e3c037b608b62a44039f1a66b547dd0dd5;hp=1f8fd73868210351499e88b5ae6c992dd1ada61a;hb=505ec5cbd15ec23ed84282462ae9e451a1978133;hpb=43a10279245431ee750f2cff3e5a80e00ad9cd75

diff --git a/pppd/ccp.c b/pppd/ccp.c
index 1f8fd73..dbc567e 100644
--- a/pppd/ccp.c
+++ b/pppd/ccp.c
@@ -28,7 +28,7 @@
  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-#define RCSID	"$Id: ccp.c,v 1.49 2005/03/22 09:53:53 paulus Exp $"
+#define RCSID	"$Id: ccp.c,v 1.50 2005/06/26 19:34:41 carlsonj Exp $"
 
 #include <stdlib.h>
 #include <string.h>
@@ -43,7 +43,6 @@
 #include "lcp.h"	/* lcp_close(), lcp_fsm */
 #endif
 
-static const char rcsid[] = RCSID;
 
 /*
  * Unfortunately there is a bug in zlib which means that using a
@@ -540,6 +539,9 @@ ccp_resetci(f)
     if (go->mppe) {
 	ccp_options *ao = &ccp_allowoptions[f->unit];
 	int auth_mschap_bits = auth_done[f->unit];
+#ifdef USE_EAPTLS
+	int auth_eap_bits = auth_done[f->unit];
+#endif
 	int numbits;
 
 	/*
@@ -567,8 +569,23 @@ ccp_resetci(f)
 	    lcp_close(f->unit, "MPPE required but not available");
 	    return;
 	}
+
+#ifdef USE_EAPTLS
+    /*
+     * MPPE is also possible in combination with EAP-TLS.
+     * It is not possible to detect if we're doing EAP or EAP-TLS
+     * at this stage, hence we accept all forms of EAP. If TLS is
+     * not used then the MPPE keys will not be derived anyway.
+     */
+	/* Leave only the eap auth bits set */
+	auth_eap_bits &= (EAP_WITHPEER | EAP_PEER );
+
+	if ((numbits == 0) && (auth_eap_bits == 0)) {
+	    error("MPPE required, but MS-CHAP[v2] nor EAP-TLS auth are performed.");
+#else
 	if (!numbits) {
 	    error("MPPE required, but MS-CHAP[v2] auth not performed.");
+#endif
 	    lcp_close(f->unit, "MPPE required but not available");
 	    return;
 	}
@@ -676,7 +693,8 @@ ccp_cilen(f)
     ccp_options *go = &ccp_gotoptions[f->unit];
 
     return (go->bsd_compress? CILEN_BSD_COMPRESS: 0)
-	+ (go->deflate? CILEN_DEFLATE: 0)
+	+ (go->deflate && go->deflate_correct? CILEN_DEFLATE: 0)
+	+ (go->deflate && go->deflate_draft? CILEN_DEFLATE: 0)
 	+ (go->predictor_1? CILEN_PREDICTOR_1: 0)
 	+ (go->predictor_2? CILEN_PREDICTOR_2: 0)
 	+ (go->mppe? CILEN_MPPE: 0);
@@ -898,6 +916,7 @@ ccp_nakci(f, p, len, treat_as_reject)
     fsm *f;
     u_char *p;
     int len;
+    int treat_as_reject;
 {
     ccp_options *go = &ccp_gotoptions[f->unit];
     ccp_options no;		/* options we've seen already */