From 169be1f83215285b2bd3004f4c1b326b984ccb87 Mon Sep 17 00:00:00 2001 From: Paul Mackerras Date: Sat, 30 Aug 2008 10:06:50 +1000 Subject: [PATCH] Remove old Linux kernel MPPE stuff This is all upstream in Linus' kernel tree now, so there's no longer any need to have it here. Signed-off-by: Paul Mackerras --- linux/mppe/arcfour.c | 75 --- linux/mppe/arcfour.h | 17 - linux/mppe/linux-2.2.20-include.patch | 103 ---- linux/mppe/linux-2.2.20-make.patch | 66 --- linux/mppe/linux-2.2.20-pad.patch | 53 --- linux/mppe/linux-2.4.18-include.patch | 103 ---- linux/mppe/linux-2.4.18-make.patch | 44 -- linux/mppe/linux-2.4.18-pad.patch | 117 ----- linux/mppe/linux-2.4.19-pad.patch | 117 ----- linux/mppe/linux-2.6.2-include.patch | 103 ---- linux/mppe/linux-2.6.2-make.patch | 26 - linux/mppe/linux-2.6.2-pad.patch | 59 --- linux/mppe/modutils-2.3.21-mppe.patch | 10 - linux/mppe/mppeinstall.sh | 63 --- linux/mppe/ppp_mppe_compress.c | 656 -------------------------- linux/mppe/sha1.c | 185 -------- linux/mppe/sha1.h | 18 - 17 files changed, 1815 deletions(-) delete mode 100644 linux/mppe/arcfour.c delete mode 100644 linux/mppe/arcfour.h delete mode 100644 linux/mppe/linux-2.2.20-include.patch delete mode 100644 linux/mppe/linux-2.2.20-make.patch delete mode 100644 linux/mppe/linux-2.2.20-pad.patch delete mode 100644 linux/mppe/linux-2.4.18-include.patch delete mode 100644 linux/mppe/linux-2.4.18-make.patch delete mode 100644 linux/mppe/linux-2.4.18-pad.patch delete mode 100644 linux/mppe/linux-2.4.19-pad.patch delete mode 100644 linux/mppe/linux-2.6.2-include.patch delete mode 100644 linux/mppe/linux-2.6.2-make.patch delete mode 100644 linux/mppe/linux-2.6.2-pad.patch delete mode 100644 linux/mppe/modutils-2.3.21-mppe.patch delete mode 100644 linux/mppe/mppeinstall.sh delete mode 100644 linux/mppe/ppp_mppe_compress.c delete mode 100644 linux/mppe/sha1.c delete mode 100644 linux/mppe/sha1.h diff --git a/linux/mppe/arcfour.c b/linux/mppe/arcfour.c deleted file mode 100644 index 97ae006..0000000 --- a/linux/mppe/arcfour.c +++ /dev/null @@ -1,75 +0,0 @@ -/* - * arcfour.c - * by Frank Cusack - * 100% public domain - * - * Implemented from the description in _Applied Cryptography_, 2nd ed. - * - * ** Distribution ** of this software is unlimited and unrestricted. - * - * ** Use ** of this software is almost certainly legal; however, refer - * to . - */ - -#include "arcfour.h" -#if defined(__linux__) -#include -#endif - -#define swap(a, b) \ -{ \ - unsigned char t = b; \ - b = a; \ - a = t; \ -} - -/* - * Initialize arcfour from a key. - */ -void -arcfour_setkey(arcfour_context *context, const unsigned char *key, - unsigned keylen) -{ - unsigned i, j; - unsigned char K[256]; - - context->i = context->j = 0; - - for (i = 0; i < 256; i++) { - context->S[i] = i; - K[i] = key[i % keylen]; - } - - j = 0; - for (i = 0; i < 256; i++) { - j = (j + context->S[i] + K[i]) % 256; - swap(context->S[i], context->S[j]); - } - - memset(K, 0, sizeof(K)); -} - -/* - * plaintext -> ciphertext (or vice versa) - */ -void -arcfour_encrypt(arcfour_context *context, const unsigned char *in, unsigned len, - unsigned char *out) -{ - unsigned i = context->i; - unsigned j = context->j; - unsigned char *S = context->S; - unsigned char K; - - while (len--) { - i = (i + 1) % 256; - j = (j + S[i]) % 256; - swap(S[i], S[j]); - K = S[(S[i] + S[j]) % 256]; - *out++ = *in++ ^ K; - } - - context->i = i; - context->j = j; -} - diff --git a/linux/mppe/arcfour.h b/linux/mppe/arcfour.h deleted file mode 100644 index 27abefb..0000000 --- a/linux/mppe/arcfour.h +++ /dev/null @@ -1,17 +0,0 @@ -/* arcfour.h */ - -#ifndef _ARCFOUR_H -#define _ARCFOUR_H - -typedef struct { - unsigned i; - unsigned j; - unsigned char S[256]; -} arcfour_context; - -extern void arcfour_setkey(arcfour_context *, const unsigned char *, unsigned); -extern void arcfour_encrypt(arcfour_context *, const unsigned char *, unsigned, - unsigned char *); -#define arcfour_decrypt arcfour_encrypt - -#endif /* _ARCFOUR_H */ diff --git a/linux/mppe/linux-2.2.20-include.patch b/linux/mppe/linux-2.2.20-include.patch deleted file mode 100644 index e248834..0000000 --- a/linux/mppe/linux-2.2.20-include.patch +++ /dev/null @@ -1,103 +0,0 @@ ---- linux-2.2.20/include/linux/ppp-comp.h.orig Sun Mar 25 08:31:04 2001 -+++ linux-2.2.20/include/linux/ppp-comp.h Tue Mar 19 09:39:19 2002 -@@ -187,6 +187,100 @@ - #define DEFLATE_CHK_SEQUENCE 0 - - /* -+ * Definitions for MPPE. -+ */ -+ -+#define CI_MPPE 18 /* config option for MPPE */ -+#define CILEN_MPPE 6 /* length of config option */ -+ -+#define MPPE_PAD 4 /* MPPE growth per frame */ -+#define MPPE_MAX_KEY_LEN 16 /* largest key length (128-bit) */ -+ -+/* option bits for ccp_options.mppe */ -+#define MPPE_OPT_40 0x01 /* 40 bit */ -+#define MPPE_OPT_128 0x02 /* 128 bit */ -+#define MPPE_OPT_STATEFUL 0x04 /* stateful mode */ -+/* unsupported opts */ -+#define MPPE_OPT_56 0x08 /* 56 bit */ -+#define MPPE_OPT_MPPC 0x10 /* MPPC compression */ -+#define MPPE_OPT_D 0x20 /* Unknown */ -+#define MPPE_OPT_UNSUPPORTED (MPPE_OPT_56|MPPE_OPT_MPPC|MPPE_OPT_D) -+#define MPPE_OPT_UNKNOWN 0x40 /* Bits !defined in RFC 3078 were set */ -+ -+/* -+ * This is not nice ... the alternative is a bitfield struct though. -+ * And unfortunately, we cannot share the same bits for the option -+ * names above since C and H are the same bit. We could do a u_int32 -+ * but then we have to do a htonl() all the time and/or we still need -+ * to know which octet is which. -+ */ -+#define MPPE_C_BIT 0x01 /* MPPC */ -+#define MPPE_D_BIT 0x10 /* Obsolete, usage unknown */ -+#define MPPE_L_BIT 0x20 /* 40-bit */ -+#define MPPE_S_BIT 0x40 /* 128-bit */ -+#define MPPE_M_BIT 0x80 /* 56-bit, not supported */ -+#define MPPE_H_BIT 0x01 /* Stateless (in a different byte) */ -+ -+/* Does not include H bit; used for least significant octet only. */ -+#define MPPE_ALL_BITS (MPPE_D_BIT|MPPE_L_BIT|MPPE_S_BIT|MPPE_M_BIT|MPPE_H_BIT) -+ -+/* Build a CI from mppe opts (see RFC 3078) */ -+#define MPPE_OPTS_TO_CI(opts, ci) \ -+ do { \ -+ u_char *ptr = ci; /* u_char[4] */ \ -+ \ -+ /* H bit */ \ -+ if (opts & MPPE_OPT_STATEFUL) \ -+ *ptr++ = 0x0; \ -+ else \ -+ *ptr++ = MPPE_H_BIT; \ -+ *ptr++ = 0; \ -+ *ptr++ = 0; \ -+ \ -+ /* S,L bits */ \ -+ *ptr = 0; \ -+ if (opts & MPPE_OPT_128) \ -+ *ptr |= MPPE_S_BIT; \ -+ if (opts & MPPE_OPT_40) \ -+ *ptr |= MPPE_L_BIT; \ -+ /* M,D,C bits not supported */ \ -+ } while (/* CONSTCOND */ 0) -+ -+/* The reverse of the above */ -+#define MPPE_CI_TO_OPTS(ci, opts) \ -+ do { \ -+ u_char *ptr = ci; /* u_char[4] */ \ -+ \ -+ opts = 0; \ -+ \ -+ /* H bit */ \ -+ if (!(ptr[0] & MPPE_H_BIT)) \ -+ opts |= MPPE_OPT_STATEFUL; \ -+ \ -+ /* S,L bits */ \ -+ if (ptr[3] & MPPE_S_BIT) \ -+ opts |= MPPE_OPT_128; \ -+ if (ptr[3] & MPPE_L_BIT) \ -+ opts |= MPPE_OPT_40; \ -+ \ -+ /* M,D,C bits */ \ -+ if (ptr[3] & MPPE_M_BIT) \ -+ opts |= MPPE_OPT_56; \ -+ if (ptr[3] & MPPE_D_BIT) \ -+ opts |= MPPE_OPT_D; \ -+ if (ptr[3] & MPPE_C_BIT) \ -+ opts |= MPPE_OPT_MPPC; \ -+ \ -+ /* Other bits */ \ -+ if (ptr[0] & ~MPPE_H_BIT) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ if (ptr[1] || ptr[2]) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ if (ptr[3] & ~MPPE_ALL_BITS) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ } while (/* CONSTCOND */ 0) -+ -+/* - * Definitions for other, as yet unsupported, compression methods. - */ - diff --git a/linux/mppe/linux-2.2.20-make.patch b/linux/mppe/linux-2.2.20-make.patch deleted file mode 100644 index d925004..0000000 --- a/linux/mppe/linux-2.2.20-make.patch +++ /dev/null @@ -1,66 +0,0 @@ ---- linux/drivers/net/Makefile.orig Mon Mar 25 11:38:09 2002 -+++ linux/drivers/net/Makefile Mon Mar 25 11:42:18 2002 -@@ -26,6 +26,8 @@ - CONFIG_BSDCOMP_MODULE := - CONFIG_PPPDEF_BUILTIN := - CONFIG_PPPDEF_MODULE := -+CONFIG_PPPMPPE_BUILTIN := -+CONFIG_PPPMPPE_MODULE := - CONFIG_7990_BUILTIN := - CONFIG_7990_MODULE := - CONFIG_82596_BUILTIN := -@@ -40,6 +42,7 @@ - CONFIG_BSDCOMP_BUILTIN = y - CONFIG_SLHC_BUILTIN = y - CONFIG_PPPDEF_BUILTIN = y -+ CONFIG_PPPMPPE_BUILTIN = y - endif - else - ifeq ($(CONFIG_ISDN),m) -@@ -47,6 +50,7 @@ - CONFIG_BSDCOMP_MODULE = y - CONFIG_SLHC_MODULE = y - CONFIG_PPPDEF_MODULE = y -+ CONFIG_PPPMPPE_MODULE = y - endif - endif - endif -@@ -325,11 +329,13 @@ - CONFIG_BSDCOMP_BUILTIN = y - CONFIG_SLHC_BUILTIN = y - CONFIG_PPPDEF_BUILTIN = y -+CONFIG_PPPMPPE_BUILTIN = y - else - ifeq ($(CONFIG_PPP),m) - CONFIG_BSDCOMP_MODULE = y - CONFIG_SLHC_MODULE = y - CONFIG_PPPDEF_MODULE = y -+ CONFIG_PPPMPPE_MODULE = y - MX_OBJS += ppp.o - endif - endif -@@ -1120,6 +1126,17 @@ - endif - endif - -+# If anything built-in uses ppp_mppe, then build it into the kernel also. -+# If not, but a module uses it, build as a module. -+ifdef CONFIG_PPPMPPE_BUILTIN -+L_OBJS += ppp_mppe_compress.o arcfour.o sha1.o -+else -+ ifdef CONFIG_PPPMPPE_MODULE -+ PPPMPPE_OBJS = ppp_mppe_compress.o arcfour.o sha1.o -+ M_OBJS += ppp_mppe.o -+ endif -+endif -+ - ifeq ($(CONFIG_ARIADNE2),y) - L_OBJS += ariadne2.o - CONFIG_8390_BUILTIN = y -@@ -1469,3 +1486,6 @@ - - rcpci.o: rcpci45.o rclanmtl.o - $(LD) -r -o rcpci.o rcpci45.o rclanmtl.o -+ -+ppp_mppe.o: $(PPPMPPE_OBJS) -+ $(LD) -r -o $@ $(PPPMPPE_OBJS) diff --git a/linux/mppe/linux-2.2.20-pad.patch b/linux/mppe/linux-2.2.20-pad.patch deleted file mode 100644 index 1fe2d13..0000000 --- a/linux/mppe/linux-2.2.20-pad.patch +++ /dev/null @@ -1,53 +0,0 @@ ---- linux/drivers/net/ppp.c.orig Sun Mar 25 08:31:15 2001 -+++ linux/drivers/net/ppp.c Mon Mar 25 09:27:28 2002 -@@ -2468,10 +2468,14 @@ - (proto != PPP_LCP) && - (proto != PPP_CCP)) { - struct sk_buff *new_skb; -+ int new_skb_size = ppp->mtu + PPP_HDRLEN; - int new_count; - - /* Allocate an skb for the compressed frame. */ -- new_skb = alloc_skb(ppp->mtu + PPP_HDRLEN, GFP_ATOMIC); -+ if (ppp->sc_xcomp->compress_proto == CI_MPPE) -+ /* CCP [must have] reduced MTU by MPPE_PAD. */ -+ new_skb_size += MPPE_PAD; -+ new_skb = alloc_skb(new_skb_size, GFP_ATOMIC); - if (new_skb == NULL) { - printk(KERN_ERR "ppp_send_frame: no memory\n"); - kfree_skb(skb); -@@ -2482,19 +2486,32 @@ - /* Compress the frame. */ - new_count = (*ppp->sc_xcomp->compress) - (ppp->sc_xc_state, data, new_skb->data, -- count, ppp->mtu + PPP_HDRLEN); -+ count, new_skb_size); - - /* Did it compress? */ - if (new_count > 0 && (ppp->flags & SC_CCP_UP)) { - skb_put(new_skb, new_count); - kfree_skb(skb); - skb = new_skb; -- } else { -+ } else if (new_count == 0) { - /* - * The frame could not be compressed, or it could not - * be sent in compressed form because CCP is down. - */ - kfree_skb(new_skb); -+ } else { -+ /* -+ * (new_count < 0) -+ * MPPE requires that we do not send unencrypted -+ * frames. The compressor will return -1 if we -+ * should drop the frame. We cannot simply test -+ * the compress_proto because MPPE and MPPC share -+ * the same number. -+ */ -+ printk(KERN_ERR "ppp: compressor dropped pkt\n"); -+ kfree_skb(new_skb); -+ ppp->xmit_busy = 0; -+ return; - } - } - diff --git a/linux/mppe/linux-2.4.18-include.patch b/linux/mppe/linux-2.4.18-include.patch deleted file mode 100644 index b8dd56f..0000000 --- a/linux/mppe/linux-2.4.18-include.patch +++ /dev/null @@ -1,103 +0,0 @@ ---- linux/include/linux/ppp-comp.h.orig Fri Aug 6 10:44:11 1999 -+++ linux/include/linux/ppp-comp.h Mon Mar 25 09:11:33 2002 -@@ -187,6 +187,100 @@ - #define DEFLATE_CHK_SEQUENCE 0 - - /* -+ * Definitions for MPPE. -+ */ -+ -+#define CI_MPPE 18 /* config option for MPPE */ -+#define CILEN_MPPE 6 /* length of config option */ -+ -+#define MPPE_PAD 4 /* MPPE growth per frame */ -+#define MPPE_MAX_KEY_LEN 16 /* largest key length (128-bit) */ -+ -+/* option bits for ccp_options.mppe */ -+#define MPPE_OPT_40 0x01 /* 40 bit */ -+#define MPPE_OPT_128 0x02 /* 128 bit */ -+#define MPPE_OPT_STATEFUL 0x04 /* stateful mode */ -+/* unsupported opts */ -+#define MPPE_OPT_56 0x08 /* 56 bit */ -+#define MPPE_OPT_MPPC 0x10 /* MPPC compression */ -+#define MPPE_OPT_D 0x20 /* Unknown */ -+#define MPPE_OPT_UNSUPPORTED (MPPE_OPT_56|MPPE_OPT_MPPC|MPPE_OPT_D) -+#define MPPE_OPT_UNKNOWN 0x40 /* Bits !defined in RFC 3078 were set */ -+ -+/* -+ * This is not nice ... the alternative is a bitfield struct though. -+ * And unfortunately, we cannot share the same bits for the option -+ * names above since C and H are the same bit. We could do a u_int32 -+ * but then we have to do a htonl() all the time and/or we still need -+ * to know which octet is which. -+ */ -+#define MPPE_C_BIT 0x01 /* MPPC */ -+#define MPPE_D_BIT 0x10 /* Obsolete, usage unknown */ -+#define MPPE_L_BIT 0x20 /* 40-bit */ -+#define MPPE_S_BIT 0x40 /* 128-bit */ -+#define MPPE_M_BIT 0x80 /* 56-bit, not supported */ -+#define MPPE_H_BIT 0x01 /* Stateless (in a different byte) */ -+ -+/* Does not include H bit; used for least significant octet only. */ -+#define MPPE_ALL_BITS (MPPE_D_BIT|MPPE_L_BIT|MPPE_S_BIT|MPPE_M_BIT|MPPE_H_BIT) -+ -+/* Build a CI from mppe opts (see RFC 3078) */ -+#define MPPE_OPTS_TO_CI(opts, ci) \ -+ do { \ -+ u_char *ptr = ci; /* u_char[4] */ \ -+ \ -+ /* H bit */ \ -+ if (opts & MPPE_OPT_STATEFUL) \ -+ *ptr++ = 0x0; \ -+ else \ -+ *ptr++ = MPPE_H_BIT; \ -+ *ptr++ = 0; \ -+ *ptr++ = 0; \ -+ \ -+ /* S,L bits */ \ -+ *ptr = 0; \ -+ if (opts & MPPE_OPT_128) \ -+ *ptr |= MPPE_S_BIT; \ -+ if (opts & MPPE_OPT_40) \ -+ *ptr |= MPPE_L_BIT; \ -+ /* M,D,C bits not supported */ \ -+ } while (/* CONSTCOND */ 0) -+ -+/* The reverse of the above */ -+#define MPPE_CI_TO_OPTS(ci, opts) \ -+ do { \ -+ u_char *ptr = ci; /* u_char[4] */ \ -+ \ -+ opts = 0; \ -+ \ -+ /* H bit */ \ -+ if (!(ptr[0] & MPPE_H_BIT)) \ -+ opts |= MPPE_OPT_STATEFUL; \ -+ \ -+ /* S,L bits */ \ -+ if (ptr[3] & MPPE_S_BIT) \ -+ opts |= MPPE_OPT_128; \ -+ if (ptr[3] & MPPE_L_BIT) \ -+ opts |= MPPE_OPT_40; \ -+ \ -+ /* M,D,C bits */ \ -+ if (ptr[3] & MPPE_M_BIT) \ -+ opts |= MPPE_OPT_56; \ -+ if (ptr[3] & MPPE_D_BIT) \ -+ opts |= MPPE_OPT_D; \ -+ if (ptr[3] & MPPE_C_BIT) \ -+ opts |= MPPE_OPT_MPPC; \ -+ \ -+ /* Other bits */ \ -+ if (ptr[0] & ~MPPE_H_BIT) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ if (ptr[1] || ptr[2]) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ if (ptr[3] & ~MPPE_ALL_BITS) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ } while (/* CONSTCOND */ 0) -+ -+/* - * Definitions for other, as yet unsupported, compression methods. - */ - diff --git a/linux/mppe/linux-2.4.18-make.patch b/linux/mppe/linux-2.4.18-make.patch deleted file mode 100644 index aae7fe7..0000000 --- a/linux/mppe/linux-2.4.18-make.patch +++ /dev/null @@ -1,44 +0,0 @@ ---- linux/drivers/net/Config.in.orig Mon Mar 25 09:07:26 2002 -+++ linux/drivers/net/Config.in Mon Mar 25 11:18:03 2002 -@@ -279,6 +279,7 @@ - dep_tristate ' PPP support for sync tty ports' CONFIG_PPP_SYNC_TTY $CONFIG_PPP - dep_tristate ' PPP Deflate compression' CONFIG_PPP_DEFLATE $CONFIG_PPP - dep_tristate ' PPP BSD-Compress compression' CONFIG_PPP_BSDCOMP $CONFIG_PPP -+ dep_tristate ' PPP MPPE compression (encryption)' CONFIG_PPP_MPPE $CONFIG_PPP - if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then - dep_tristate ' PPP over Ethernet (EXPERIMENTAL)' CONFIG_PPPOE $CONFIG_PPP - fi ---- linux/drivers/net/Makefile.orig Mon Mar 25 09:07:26 2002 -+++ linux/drivers/net/Makefile Mon Mar 25 11:58:11 2002 -@@ -18,8 +18,9 @@ - export-objs := 8390.o arlan.o aironet4500_core.o aironet4500_card.o \ - ppp_async.o ppp_generic.o slhc.o pppox.o auto_irq.o \ - net_init.o mii.o --list-multi := rcpci.o -+list-multi := rcpci.o ppp_mppe.o - rcpci-objs := rcpci45.o rclanmtl.o -+ppp_mppe-objs := ppp_mppe_compress.o sha1.o arcfour.o - - ifeq ($(CONFIG_TULIP),y) - obj-y += tulip/tulip.o -@@ -139,6 +140,14 @@ - obj-$(CONFIG_PPP_BSDCOMP) += bsd_comp.o - obj-$(CONFIG_PPPOE) += pppox.o pppoe.o - -+ifeq ($(CONFIG_PPP_MPPE),y) -+ obj-y += $(ppp_mppe-objs) -+else -+ ifeq ($(CONFIG_PPP_MPPE),m) -+ obj-m += ppp_mppe.o -+ endif -+endif -+ - obj-$(CONFIG_SLIP) += slip.o - ifeq ($(CONFIG_SLIP_COMPRESSED),y) - obj-$(CONFIG_SLIP) += slhc.o -@@ -237,3 +246,5 @@ - rcpci.o: $(rcpci-objs) - $(LD) -r -o $@ $(rcpci-objs) - -+ppp_mppe.o: $(ppp_mppe-objs) -+ $(LD) -r -o $@ $(ppp_mppe-objs) diff --git a/linux/mppe/linux-2.4.18-pad.patch b/linux/mppe/linux-2.4.18-pad.patch deleted file mode 100644 index 2d50c00..0000000 --- a/linux/mppe/linux-2.4.18-pad.patch +++ /dev/null @@ -1,117 +0,0 @@ ---- linux-2.4.18/drivers/net/ppp_generic.c.orig Mon May 12 01:36:31 2003 -+++ linux-2.4.18/drivers/net/ppp_generic.c Mon May 12 03:09:13 2003 -@@ -99,6 +99,7 @@ - spinlock_t rlock; /* lock for receive side */ - spinlock_t wlock; /* lock for transmit side */ - int mru; /* max receive unit */ -+ int mru_alloc; /* MAX(1500,MRU) for dev_alloc_skb() */ - unsigned int flags; /* control bits */ - unsigned int xstate; /* transmit state bits */ - unsigned int rstate; /* receive state bits */ -@@ -126,6 +127,7 @@ - struct sock_fprog pass_filter; /* filter for packets to pass */ - struct sock_fprog active_filter;/* filter for pkts to reset idle */ - #endif /* CONFIG_PPP_FILTER */ -+ int xpad; /* ECP or CCP (MPPE) transmit padding */ - }; - - /* -@@ -531,6 +533,8 @@ - if (get_user(val, (int *) arg)) - break; -- ppp->mru = val; -+ ppp->mru_alloc = ppp->mru = val; -+ if (ppp->mru_alloc < PPP_MRU) -+ ppp->mru_alloc = PPP_MRU; /* increase for broken peers */ - err = 0; - break; - -@@ -1006,8 +1010,8 @@ - /* try to do packet compression */ - if ((ppp->xstate & SC_COMP_RUN) && ppp->xc_state != 0 - && proto != PPP_LCP && proto != PPP_CCP) { -- new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len, -- GFP_ATOMIC); -+ new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len -+ + ppp->xpad, GFP_ATOMIC); - if (new_skb == 0) { - printk(KERN_ERR "PPP: no memory (comp pkt)\n"); - goto drop; -@@ -1019,15 +1023,28 @@ - /* compressor still expects A/C bytes in hdr */ - len = ppp->xcomp->compress(ppp->xc_state, skb->data - 2, - new_skb->data, skb->len + 2, -- ppp->dev->mtu + PPP_HDRLEN); -+ ppp->dev->mtu + ppp->xpad -+ + PPP_HDRLEN); - if (len > 0 && (ppp->flags & SC_CCP_UP)) { - kfree_skb(skb); - skb = new_skb; - skb_put(skb, len); - skb_pull(skb, 2); /* pull off A/C bytes */ -- } else { -+ } else if (len == 0) { - /* didn't compress, or CCP not up yet */ - kfree_skb(new_skb); -+ } else { -+ /* -+ * (len < 0) -+ * MPPE requires that we do not send unencrypted -+ * frames. The compressor will return -1 if we -+ * should drop the frame. We cannot simply test -+ * the compress_proto because MPPE and MPPC share -+ * the same number. -+ */ -+ printk(KERN_ERR "ppp: compressor dropped pkt\n"); -+ kfree_skb(new_skb); -+ goto drop; - } - } - -@@ -1515,14 +1532,15 @@ - int len; - - if (proto == PPP_COMP) { -- ns = dev_alloc_skb(ppp->mru + PPP_HDRLEN); -+ ns = dev_alloc_skb(ppp->mru_alloc + PPP_HDRLEN); - if (ns == 0) { - printk(KERN_ERR "ppp_decompress_frame: no memory\n"); - goto err; - } - /* the decompressor still expects the A/C bytes in the hdr */ - len = ppp->rcomp->decompress(ppp->rc_state, skb->data - 2, -- skb->len + 2, ns->data, ppp->mru + PPP_HDRLEN); -+ skb->len + 2, ns->data, -+ ppp->mru_alloc + PPP_HDRLEN); - if (len < 0) { - /* Pass the compressed frame to pppd as an - error indication. */ -@@ -1949,6 +1967,20 @@ - ppp_xmit_unlock(ppp); - err = 0; - } -+ if (ccp_option[0] == CI_MPPE) -+ /* -+ * pppd (userland) has reduced the MTU by MPPE_PAD, -+ * to accomodate "compressor" growth. We must -+ * increase the space allocated for compressor -+ * output in ppp_send_frame() accordingly. Note -+ * that from a purist's view, it may be more correct -+ * to require multilink and fragment large packets, -+ * but that seems inefficient compared to this -+ * little trick. -+ */ -+ ppp->xpad = MPPE_PAD; -+ else -+ ppp->xpad = 0; - - } else { - ppp_recv_lock(ppp); -@@ -2229,6 +2261,7 @@ - - ppp->file.index = unit; - ppp->mru = PPP_MRU; -+ ppp->mru_alloc = PPP_MRU; - init_ppp_file(&ppp->file, INTERFACE); - ppp->file.hdrlen = PPP_HDRLEN - 2; /* don't count proto bytes */ - for (i = 0; i < NUM_NP; ++i) diff --git a/linux/mppe/linux-2.4.19-pad.patch b/linux/mppe/linux-2.4.19-pad.patch deleted file mode 100644 index df19ee3..0000000 --- a/linux/mppe/linux-2.4.19-pad.patch +++ /dev/null @@ -1,117 +0,0 @@ ---- linux-2.4.19/drivers/net/ppp_generic.c.orig Mon May 12 01:36:31 2003 -+++ linux-2.4.19/drivers/net/ppp_generic.c Mon May 12 03:09:13 2003 -@@ -99,6 +99,7 @@ - spinlock_t rlock; /* lock for receive side 58 */ - spinlock_t wlock; /* lock for transmit side 5c */ - int mru; /* max receive unit 60 */ -+ int mru_alloc; /* MAX(1500,MRU) for dev_alloc_skb() */ - unsigned int flags; /* control bits 64 */ - unsigned int xstate; /* transmit state bits 68 */ - unsigned int rstate; /* receive state bits 6c */ -@@ -126,6 +127,7 @@ - struct sock_fprog pass_filter; /* filter for packets to pass */ - struct sock_fprog active_filter;/* filter for pkts to reset idle */ - #endif /* CONFIG_PPP_FILTER */ -+ int xpad; /* ECP or CCP (MPPE) transmit padding */ - }; - - /* -@@ -531,6 +533,8 @@ - if (get_user(val, (int *) arg)) - break; -- ppp->mru = val; -+ ppp->mru_alloc = ppp->mru = val; -+ if (ppp->mru_alloc < PPP_MRU) -+ ppp->mru_alloc = PPP_MRU; /* increase for broken peers */ - err = 0; - break; - -@@ -1006,8 +1010,8 @@ - /* try to do packet compression */ - if ((ppp->xstate & SC_COMP_RUN) && ppp->xc_state != 0 - && proto != PPP_LCP && proto != PPP_CCP) { -- new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len, -- GFP_ATOMIC); -+ new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len -+ + ppp->xpad, GFP_ATOMIC); - if (new_skb == 0) { - printk(KERN_ERR "PPP: no memory (comp pkt)\n"); - goto drop; -@@ -1019,15 +1023,28 @@ - /* compressor still expects A/C bytes in hdr */ - len = ppp->xcomp->compress(ppp->xc_state, skb->data - 2, - new_skb->data, skb->len + 2, -- ppp->dev->mtu + PPP_HDRLEN); -+ ppp->dev->mtu + ppp->xpad -+ + PPP_HDRLEN); - if (len > 0 && (ppp->flags & SC_CCP_UP)) { - kfree_skb(skb); - skb = new_skb; - skb_put(skb, len); - skb_pull(skb, 2); /* pull off A/C bytes */ -- } else { -+ } else if (len == 0) { - /* didn't compress, or CCP not up yet */ - kfree_skb(new_skb); -+ } else { -+ /* -+ * (len < 0) -+ * MPPE requires that we do not send unencrypted -+ * frames. The compressor will return -1 if we -+ * should drop the frame. We cannot simply test -+ * the compress_proto because MPPE and MPPC share -+ * the same number. -+ */ -+ printk(KERN_ERR "ppp: compressor dropped pkt\n"); -+ kfree_skb(new_skb); -+ goto drop; - } - } - -@@ -1515,14 +1532,15 @@ - int len; - - if (proto == PPP_COMP) { -- ns = dev_alloc_skb(ppp->mru + PPP_HDRLEN); -+ ns = dev_alloc_skb(ppp->mru_alloc + PPP_HDRLEN); - if (ns == 0) { - printk(KERN_ERR "ppp_decompress_frame: no memory\n"); - goto err; - } - /* the decompressor still expects the A/C bytes in the hdr */ - len = ppp->rcomp->decompress(ppp->rc_state, skb->data - 2, -- skb->len + 2, ns->data, ppp->mru + PPP_HDRLEN); -+ skb->len + 2, ns->data, -+ ppp->mru_alloc + PPP_HDRLEN); - if (len < 0) { - /* Pass the compressed frame to pppd as an - error indication. */ -@@ -1949,6 +1967,20 @@ - ppp_xmit_unlock(ppp); - err = 0; - } -+ if (ccp_option[0] == CI_MPPE) -+ /* -+ * pppd (userland) has reduced the MTU by MPPE_PAD, -+ * to accomodate "compressor" growth. We must -+ * increase the space allocated for compressor -+ * output in ppp_send_frame() accordingly. Note -+ * that from a purist's view, it may be more correct -+ * to require multilink and fragment large packets, -+ * but that seems inefficient compared to this -+ * little trick. -+ */ -+ ppp->xpad = MPPE_PAD; -+ else -+ ppp->xpad = 0; - - } else { - ppp_recv_lock(ppp); -@@ -2229,6 +2261,7 @@ - - ppp->file.index = unit; - ppp->mru = PPP_MRU; -+ ppp->mru_alloc = PPP_MRU; - init_ppp_file(&ppp->file, INTERFACE); - ppp->file.hdrlen = PPP_HDRLEN - 2; /* don't count proto bytes */ - for (i = 0; i < NUM_NP; ++i) diff --git a/linux/mppe/linux-2.6.2-include.patch b/linux/mppe/linux-2.6.2-include.patch deleted file mode 100644 index f0bfbd9..0000000 --- a/linux/mppe/linux-2.6.2-include.patch +++ /dev/null @@ -1,103 +0,0 @@ ---- linux-2.6.0-test6/include/linux/ppp-comp.h 2003-09-27 20:50:05.000000000 -0400 -+++ linux-2.6.0-test6-mod/include/linux/ppp-comp.h 2003-10-08 19:32:13.000000000 -0400 -@@ -191,6 +191,100 @@ - #define DEFLATE_CHK_SEQUENCE 0 - - /* -+ * Definitions for MPPE. -+ */ -+ -+#define CI_MPPE 18 /* config option for MPPE */ -+#define CILEN_MPPE 6 /* length of config option */ -+ -+#define MPPE_PAD 8 /* MPPE growth per frame */ -+#define MPPE_MAX_KEY_LEN 16 /* largest key length (128-bit) */ -+ -+/* option bits for ccp_options.mppe */ -+#define MPPE_OPT_40 0x01 /* 40 bit */ -+#define MPPE_OPT_128 0x02 /* 128 bit */ -+#define MPPE_OPT_STATEFUL 0x04 /* stateful mode */ -+/* unsupported opts */ -+#define MPPE_OPT_56 0x08 /* 56 bit */ -+#define MPPE_OPT_MPPC 0x10 /* MPPC compression */ -+#define MPPE_OPT_D 0x20 /* Unknown */ -+#define MPPE_OPT_UNSUPPORTED (MPPE_OPT_56|MPPE_OPT_MPPC|MPPE_OPT_D) -+#define MPPE_OPT_UNKNOWN 0x40 /* Bits !defined in RFC 3078 were set */ -+ -+/* -+ * This is not nice ... the alternative is a bitfield struct though. -+ * And unfortunately, we cannot share the same bits for the option -+ * names above since C and H are the same bit. We could do a u_int32 -+ * but then we have to do a htonl() all the time and/or we still need -+ * to know which octet is which. -+ */ -+#define MPPE_C_BIT 0x01 /* MPPC */ -+#define MPPE_D_BIT 0x10 /* Obsolete, usage unknown */ -+#define MPPE_L_BIT 0x20 /* 40-bit */ -+#define MPPE_S_BIT 0x40 /* 128-bit */ -+#define MPPE_M_BIT 0x80 /* 56-bit, not supported */ -+#define MPPE_H_BIT 0x01 /* Stateless (in a different byte) */ -+ -+/* Does not include H bit; used for least significant octet only. */ -+#define MPPE_ALL_BITS (MPPE_D_BIT|MPPE_L_BIT|MPPE_S_BIT|MPPE_M_BIT|MPPE_H_BIT) -+ -+/* Build a CI from mppe opts (see RFC 3078) */ -+#define MPPE_OPTS_TO_CI(opts, ci) \ -+ do { \ -+ u_char *ptr = ci; /* u_char[4] */ \ -+ \ -+ /* H bit */ \ -+ if (opts & MPPE_OPT_STATEFUL) \ -+ *ptr++ = 0x0; \ -+ else \ -+ *ptr++ = MPPE_H_BIT; \ -+ *ptr++ = 0; \ -+ *ptr++ = 0; \ -+ \ -+ /* S,L bits */ \ -+ *ptr = 0; \ -+ if (opts & MPPE_OPT_128) \ -+ *ptr |= MPPE_S_BIT; \ -+ if (opts & MPPE_OPT_40) \ -+ *ptr |= MPPE_L_BIT; \ -+ /* M,D,C bits not supported */ \ -+ } while (/* CONSTCOND */ 0) -+ -+/* The reverse of the above */ -+#define MPPE_CI_TO_OPTS(ci, opts) \ -+ do { \ -+ u_char *ptr = ci; /* u_char[4] */ \ -+ \ -+ opts = 0; \ -+ \ -+ /* H bit */ \ -+ if (!(ptr[0] & MPPE_H_BIT)) \ -+ opts |= MPPE_OPT_STATEFUL; \ -+ \ -+ /* S,L bits */ \ -+ if (ptr[3] & MPPE_S_BIT) \ -+ opts |= MPPE_OPT_128; \ -+ if (ptr[3] & MPPE_L_BIT) \ -+ opts |= MPPE_OPT_40; \ -+ \ -+ /* M,D,C bits */ \ -+ if (ptr[3] & MPPE_M_BIT) \ -+ opts |= MPPE_OPT_56; \ -+ if (ptr[3] & MPPE_D_BIT) \ -+ opts |= MPPE_OPT_D; \ -+ if (ptr[3] & MPPE_C_BIT) \ -+ opts |= MPPE_OPT_MPPC; \ -+ \ -+ /* Other bits */ \ -+ if (ptr[0] & ~MPPE_H_BIT) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ if (ptr[1] || ptr[2]) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ if (ptr[3] & ~MPPE_ALL_BITS) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ } while (/* CONSTCOND */ 0) -+ -+/* - * Definitions for other, as yet unsupported, compression methods. - */ - diff --git a/linux/mppe/linux-2.6.2-make.patch b/linux/mppe/linux-2.6.2-make.patch deleted file mode 100644 index 5b32824..0000000 --- a/linux/mppe/linux-2.6.2-make.patch +++ /dev/null @@ -1,26 +0,0 @@ ---- linux-2.6.2/drivers/net/Kconfig 2003-09-27 20:50:52.000000000 -0400 -+++ linux-2.6.2/drivers/net/Kconfig 2003-10-08 19:06:10.000000000 -0400 -@@ -2310,6 +2310,12 @@ - module; it is called bsd_comp and will show up in the directory - modules once you have said "make modules". If unsure, say N. - -+config PPP_MPPE -+ tristate "PPP MPPE compression (encryption)" -+ depends on PPP -+ ---help--- -+ Support for the MPPE Encryption protocol. -+ - config PPPOE - tristate "PPP over Ethernet (EXPERIMENTAL)" - depends on EXPERIMENTAL && PPP ---- linux-2.6.2/drivers/net/Makefile 2003-09-27 20:50:14.000000000 -0400 -+++ linux-2.6.2/drivers/net/Makefile 2003-10-08 19:00:42.000000000 -0400 -@@ -101,6 +101,8 @@ - obj-$(CONFIG_PPP_SYNC_TTY) += ppp_synctty.o - obj-$(CONFIG_PPP_DEFLATE) += ppp_deflate.o - obj-$(CONFIG_PPP_BSDCOMP) += bsd_comp.o -+obj-$(CONFIG_PPP_MPPE) += ppp_mppe.o -+ppp_mppe-objs := ppp_mppe_compress.o sha1.o arcfour.o - obj-$(CONFIG_PPPOE) += pppox.o pppoe.o - - obj-$(CONFIG_SLIP) += slip.o diff --git a/linux/mppe/linux-2.6.2-pad.patch b/linux/mppe/linux-2.6.2-pad.patch deleted file mode 100644 index 694be67..0000000 --- a/linux/mppe/linux-2.6.2-pad.patch +++ /dev/null @@ -1,59 +0,0 @@ ---- linux/drivers/net/ppp_generic.c 2003-09-27 20:51:03.000000000 -0400 -+++ linux/drivers/net/ppp_generic.c 2003-10-08 19:08:21.000000000 -0400 -@@ -1045,8 +1045,15 @@ - /* try to do packet compression */ - if ((ppp->xstate & SC_COMP_RUN) && ppp->xc_state != 0 - && proto != PPP_LCP && proto != PPP_CCP) { -- new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len, -- GFP_ATOMIC); -+ int new_skb_size = ppp->dev->mtu + ppp->dev->hard_header_len; -+ int compressor_skb_size = ppp->dev->mtu + PPP_HDRLEN; -+ -+ if (ppp->xcomp->compress_proto == CI_MPPE) { -+ /* CCP [must have] reduced MTU by MPPE_PAD. */ -+ new_skb_size += MPPE_PAD; -+ compressor_skb_size += MPPE_PAD; -+ } -+ new_skb = alloc_skb(new_skb_size, GFP_ATOMIC); - if (new_skb == 0) { - printk(KERN_ERR "PPP: no memory (comp pkt)\n"); - goto drop; -@@ -1058,15 +1065,27 @@ - /* compressor still expects A/C bytes in hdr */ - len = ppp->xcomp->compress(ppp->xc_state, skb->data - 2, - new_skb->data, skb->len + 2, -- ppp->dev->mtu + PPP_HDRLEN); -+ compressor_skb_size); - if (len > 0 && (ppp->flags & SC_CCP_UP)) { - kfree_skb(skb); - skb = new_skb; - skb_put(skb, len); - skb_pull(skb, 2); /* pull off A/C bytes */ -- } else { -+ } else if (len == 0) { - /* didn't compress, or CCP not up yet */ - kfree_skb(new_skb); -+ } else { -+ /* -+ * (len < 0) -+ * MPPE requires that we do not send unencrypted -+ * frames. The compressor will return -1 if we -+ * should drop the frame. We cannot simply test -+ * the compress_proto because MPPE and MPPC share -+ * the same number. -+ */ -+ printk(KERN_ERR "ppp: compressor dropped pkt\n"); -+ kfree_skb(new_skb); -+ goto drop; - } - } - -@@ -1571,7 +1590,7 @@ - goto err; - - if (proto == PPP_COMP) { -- ns = dev_alloc_skb(ppp->mru + PPP_HDRLEN); -+ ns = dev_alloc_skb(ppp->mru + 128 + PPP_HDRLEN); - if (ns == 0) { - printk(KERN_ERR "ppp_decompress_frame: no memory\n"); - goto err; diff --git a/linux/mppe/modutils-2.3.21-mppe.patch b/linux/mppe/modutils-2.3.21-mppe.patch deleted file mode 100644 index 3135757..0000000 --- a/linux/mppe/modutils-2.3.21-mppe.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- modutils-2.3.21.orig/util/alias.h Tue Mar 19 21:23:02 2002 -+++ modutils-2.3.21/util/alias.h Tue Mar 19 21:25:55 2002 -@@ -162,6 +162,7 @@ - "slip1 slip", - "tty-ldisc-1 slip", - "tty-ldisc-3 ppp", -+ "ppp-compress-18 ppp_mppe", - "ppp-compress-21 bsd_comp", - "ppp-compress-24 ppp_deflate", - "ppp-compress-26 ppp_deflate", diff --git a/linux/mppe/mppeinstall.sh b/linux/mppe/mppeinstall.sh deleted file mode 100644 index 52ae7d1..0000000 --- a/linux/mppe/mppeinstall.sh +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/sh -# -# A quickie script to install MPPE into the 2.2.19+ or 2.4.18+ kernel. -# Does very little error checking!!! -# - -mppe_files="sha1.[ch] arcfour.[ch] ppp_mppe_compress.c" - -if [ -z "$1" -o ! -d "$1" ]; then - echo "Usage: $0 " >&2 - exit 1 -fi - -# strip any trailing / -set -- ${1%/} -# strip leading /path/to/linux- and trailing -release -ver=`echo "${1##*/}" | sed -e 's/linux-//' -e 's/-.*//'` -if ! expr "$ver" : 2.[246] >/dev/null ; then - ver=`echo "${1##*/}" | sed -e 's/kernel-source-//' -e 's/-.*//'` - if ! expr "$ver" : 2.[246] >/dev/null ; then - echo "$0: Unable to determine kernel version ($ver)" >&2 - exit 1 - fi -fi - -# build patch files list -patchdir=`pwd` -patchfiles= -if expr $ver : 2.2 >/dev/null ; then - patchfiles=$patchdir/linux-2.2.*.patch -elif expr $ver : 2.4 >/dev/null ; then - patchfiles=`echo $patchdir/linux-2.4.18-{include,make}.patch` - # need to differentiate a bit - typeset -i rel=${ver##*.} - if [ $rel -eq 18 ]; then - patchfiles="$patchfiles $patchdir/linux-2.4.18-pad.patch" - elif [ $rel -gt 18 ]; then - patchfiles="$patchfiles $patchdir/linux-2.4.19-pad.patch" - else - echo "$0: unable to determine kernel version" >&2 - exit 1 - fi -elif expr $ver : 2.6 >/dev/null ; then - patchfiles=`echo $patchdir/linux-2.6*.patch` -fi - -echo "Detected kernel version $ver" -echo "I will now patch the kernel in directory $1" -echo -n "Press ret to continue, CTRL-C to exit: " -read - -pushd "$1" >/dev/null -for patch in $patchfiles; do - patch -p1 < $patch -done - -for file in $mppe_files; do - cp -v $patchdir/$file drivers/net -done - -popd >/dev/null - -exit 0 diff --git a/linux/mppe/ppp_mppe_compress.c b/linux/mppe/ppp_mppe_compress.c deleted file mode 100644 index 0512132..0000000 --- a/linux/mppe/ppp_mppe_compress.c +++ /dev/null @@ -1,656 +0,0 @@ -/* - * ppp_mppe_compress.c - interface MPPE to the PPP code. - * This version is for use with Linux kernel 2.2.19+, 2.4.18+ and 2.6.2+. - * - * By Frank Cusack . - * Copyright (c) 2002,2003,2004 Google, Inc. - * All rights reserved. - * - * Permission to use, copy, modify, and distribute this software and its - * documentation is hereby granted, provided that the above copyright - * notice appears in all copies. This software is provided without any - * warranty, express or implied. - * - * Changelog: - * 2/15/04 - TS: added #include and testing for Kernel - * version before using - * MOD_DEC_USAGE_COUNT/MOD_INC_USAGE_COUNT which are - * deprecated in 2.6 - */ - -#include -#include -#include -#include -#include -#include -#include - -#include -#include - -#include "arcfour.h" -#include "sha1.h" - -/* - * State for an MPPE (de)compressor. - */ -typedef struct ppp_mppe_state { - unsigned char master_key[MPPE_MAX_KEY_LEN]; - unsigned char session_key[MPPE_MAX_KEY_LEN]; - arcfour_context arcfour_context; /* encryption state */ - unsigned keylen; /* key length in bytes */ - /* NB: 128-bit == 16, 40-bit == 8! */ - /* If we want to support 56-bit, */ - /* the unit has to change to bits */ - unsigned char bits; /* MPPE control bits */ - unsigned ccount; /* 12-bit coherency count (seqno) */ - unsigned stateful; /* stateful mode flag */ - int discard; /* stateful mode packet loss flag */ - int sanity_errors; /* take down LCP if too many */ - int unit; - int debug; - struct compstat stats; -} ppp_mppe_state; - -/* ppp_mppe_state.bits definitions */ -#define MPPE_BIT_A 0x80 /* Encryption table were (re)inititalized */ -#define MPPE_BIT_B 0x40 /* MPPC only (not implemented) */ -#define MPPE_BIT_C 0x20 /* MPPC only (not implemented) */ -#define MPPE_BIT_D 0x10 /* This is an encrypted frame */ - -#define MPPE_BIT_FLUSHED MPPE_BIT_A -#define MPPE_BIT_ENCRYPTED MPPE_BIT_D - -#define MPPE_BITS(p) ((p)[4] & 0xf0) -#define MPPE_CCOUNT(p) ((((p)[4] & 0x0f) << 8) + (p)[5]) -#define MPPE_CCOUNT_SPACE 0x1000 /* The size of the ccount space */ - -#define MPPE_OVHD 2 /* MPPE overhead/packet */ -#define SANITY_MAX 1600 /* Max bogon factor we will tolerate */ - -static void GetNewKeyFromSHA __P((unsigned char *StartKey, - unsigned char *SessionKey, - unsigned SessionKeyLength, - unsigned char *InterimKey)); -static void mppe_rekey __P((ppp_mppe_state *state, int)); -static void *mppe_alloc __P((unsigned char *options, int optlen)); -static void mppe_free __P((void *state)); -static int mppe_init __P((void *state, unsigned char *options, - int optlen, int unit, int debug, const char *)); -static int mppe_comp_init __P((void *state, unsigned char *options, - int optlen, - int unit, int hdrlen, int debug)); -static int mppe_decomp_init __P((void *state, unsigned char *options, - int optlen, int unit, - int hdrlen, int mru, int debug)); -static int mppe_compress __P((void *state, unsigned char *ibuf, - unsigned char *obuf, - int isize, int osize)); -static void mppe_incomp __P((void *state, unsigned char *ibuf, int icnt)); -static int mppe_decompress __P((void *state, unsigned char *ibuf, - int isize, unsigned char *obuf,int osize)); -static void mppe_comp_reset __P((void *state)); -static void mppe_decomp_reset __P((void *state)); -static void mppe_comp_stats __P((void *state, struct compstat *stats)); - - -/* - * Key Derivation, from RFC 3078, RFC 3079. - * Equivalent to Get_Key() for MS-CHAP as described in RFC 3079. - */ -static void -GetNewKeyFromSHA(unsigned char *MasterKey, unsigned char *SessionKey, - unsigned SessionKeyLength, unsigned char *InterimKey) -{ - SHA1_CTX Context; - unsigned char Digest[SHA1_SIGNATURE_SIZE]; - - unsigned char SHApad1[40] = - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; - unsigned char SHApad2[40] = - { 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, - 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, - 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, - 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2 }; - - /* assert(SessionKeyLength <= SHA1_SIGNATURE_SIZE); */ - - SHA1_Init(&Context); - SHA1_Update(&Context, MasterKey, SessionKeyLength); - SHA1_Update(&Context, SHApad1, sizeof(SHApad1)); - SHA1_Update(&Context, SessionKey, SessionKeyLength); - SHA1_Update(&Context, SHApad2, sizeof(SHApad2)); - SHA1_Final(Digest, &Context); - - memcpy(InterimKey, Digest, SessionKeyLength); -} - -/* - * Perform the MPPE rekey algorithm, from RFC 3078, sec. 7.3. - * Well, not what's written there, but rather what they meant. - */ -static void -mppe_rekey(ppp_mppe_state *state, int initial_key) -{ - unsigned char InterimKey[MPPE_MAX_KEY_LEN]; - - GetNewKeyFromSHA(state->master_key, state->session_key, - state->keylen, InterimKey); - if (!initial_key) { - arcfour_setkey(&state->arcfour_context, InterimKey, state->keylen); - arcfour_encrypt(&state->arcfour_context, InterimKey, state->keylen, - state->session_key); - } else { - memcpy(state->session_key, InterimKey, state->keylen); - } - if (state->keylen == 8) { - /* See RFC 3078 */ - state->session_key[0] = 0xd1; - state->session_key[1] = 0x26; - state->session_key[2] = 0x9e; - } - arcfour_setkey(&state->arcfour_context, state->session_key, state->keylen); -} - - -/* - * Allocate space for a (de)compressor. - */ -static void * -mppe_alloc(unsigned char *options, int optlen) -{ - ppp_mppe_state *state; - - if (optlen != CILEN_MPPE + sizeof(state->master_key) - || options[0] != CI_MPPE - || options[1] != CILEN_MPPE) - return NULL; - - state = (ppp_mppe_state *) kmalloc(sizeof(*state), GFP_KERNEL); - if (state == NULL) - return NULL; - -#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)) - try_module_get(THIS_MODULE); -#else - MOD_INC_USE_COUNT; -#endif - memset(state, 0, sizeof(*state)); - - /* Save keys. */ - memcpy(state->master_key, &options[CILEN_MPPE], sizeof(state->master_key)); - memcpy(state->session_key, state->master_key, sizeof(state->master_key)); - /* - * We defer initial key generation until mppe_init(), as mppe_alloc() - * is called frequently during negotiation. - */ - - return (void *) state; -} - -/* - * Deallocate space for a (de)compressor. - */ -static void -mppe_free(void *arg) -{ - ppp_mppe_state *state = (ppp_mppe_state *) arg; - - if (state) { - kfree(state); -#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)) - module_put(THIS_MODULE); -#else - MOD_DEC_USE_COUNT; -#endif - } -} - - -/* - * Initialize (de)compressor state. - */ -static int -mppe_init(void *arg, unsigned char *options, int optlen, int unit, int debug, - const char *debugstr) -{ - ppp_mppe_state *state = (ppp_mppe_state *) arg; - unsigned char mppe_opts; - - if (optlen != CILEN_MPPE - || options[0] != CI_MPPE - || options[1] != CILEN_MPPE) - return 0; - - MPPE_CI_TO_OPTS(&options[2], mppe_opts); - if (mppe_opts & MPPE_OPT_128) - state->keylen = 16; - else if (mppe_opts & MPPE_OPT_40) - state->keylen = 8; - else { - printk(KERN_WARNING "%s[%d]: unknown key length\n", debugstr, unit); - return 0; - } - if (mppe_opts & MPPE_OPT_STATEFUL) - state->stateful = 1; - - /* Generate the initial session key. */ - mppe_rekey(state, 1); - - if (debug) { - int i; - char mkey[sizeof(state->master_key) * 2 + 1]; - char skey[sizeof(state->session_key) * 2 + 1]; - - printk(KERN_DEBUG "%s[%d]: initialized with %d-bit %s mode\n", debugstr, - unit, (state->keylen == 16)? 128: 40, - (state->stateful)? "stateful": "stateless"); - - for (i = 0; i < sizeof(state->master_key); i++) - sprintf(mkey + i * 2, "%.2x", state->master_key[i]); - for (i = 0; i < sizeof(state->session_key); i++) - sprintf(skey + i * 2, "%.2x", state->session_key[i]); - printk(KERN_DEBUG "%s[%d]: keys: master: %s initial session: %s\n", - debugstr, unit, mkey, skey); - } - - /* - * Initialize the coherency count. The initial value is not specified - * in RFC 3078, but we can make a reasonable assumption that it will - * start at 0. Setting it to the max here makes the comp/decomp code - * do the right thing (determined through experiment). - */ - state->ccount = MPPE_CCOUNT_SPACE - 1; - - /* - * Note that even though we have initialized the key table, we don't - * set the FLUSHED bit. This is contrary to RFC 3078, sec. 3.1. - */ - state->bits = MPPE_BIT_ENCRYPTED; - - state->unit = unit; - state->debug = debug; - - return 1; -} - - - -static int -mppe_comp_init(void *arg, unsigned char *options, int optlen, int unit, - int hdrlen, int debug) -{ - /* ARGSUSED */ - return mppe_init(arg, options, optlen, unit, debug, "mppe_comp_init"); -} - -/* - * We received a CCP Reset-Request (actually, we are sending a Reset-Ack), - * tell the compressor to rekey. Note that we MUST NOT rekey for - * every CCP Reset-Request; we only rekey on the next xmit packet. - * We might get multiple CCP Reset-Requests if our CCP Reset-Ack is lost. - * So, rekeying for every CCP Reset-Request is broken as the peer will not - * know how many times we've rekeyed. (If we rekey and THEN get another - * CCP Reset-Request, we must rekey again.) - */ -static void -mppe_comp_reset(void *arg) -{ - ppp_mppe_state *state = (ppp_mppe_state *) arg; - - state->bits |= MPPE_BIT_FLUSHED; -} - -/* - * Compress (encrypt) a packet. - * It's strange to call this a compressor, since the output is always - * MPPE_OVHD + 2 bytes larger than the input. - */ -int -mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf, - int isize, int osize) -{ - ppp_mppe_state *state = (ppp_mppe_state *) arg; - int proto; - - /* - * Check that the protocol is in the range we handle. - */ - proto = PPP_PROTOCOL(ibuf); - if (proto < 0x0021 || proto > 0x00fa) - return 0; - - /* Make sure we have enough room to generate an encrypted packet. */ - if (osize < isize + MPPE_OVHD + 2) { - /* Drop the packet if we should encrypt it, but can't. */ - printk(KERN_DEBUG "mppe_compress[%d]: osize too small! " - "(have: %d need: %d)\n", state->unit, - osize, osize + MPPE_OVHD + 2); - return -1; - } - - osize = isize + MPPE_OVHD + 2; - - /* - * Copy over the PPP header and set control bits. - */ - obuf[0] = PPP_ADDRESS(ibuf); - obuf[1] = PPP_CONTROL(ibuf); - obuf[2] = PPP_COMP >> 8; /* isize + MPPE_OVHD + 1 */ - obuf[3] = PPP_COMP; /* isize + MPPE_OVHD + 2 */ - obuf += PPP_HDRLEN; - - state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE; - if (state->debug >= 7) - printk(KERN_DEBUG "mppe_compress[%d]: ccount %d\n", state->unit, - state->ccount); - obuf[0] = state->ccount >> 8; - obuf[1] = state->ccount & 0xff; - - if (!state->stateful || /* stateless mode */ - ((state->ccount & 0xff) == 0xff) || /* "flag" packet */ - (state->bits & MPPE_BIT_FLUSHED)) { /* CCP Reset-Request */ - /* We must rekey */ - if (state->debug && state->stateful) - printk(KERN_DEBUG "mppe_compress[%d]: rekeying\n", state->unit); - mppe_rekey(state, 0); - state->bits |= MPPE_BIT_FLUSHED; - } - obuf[0] |= state->bits; - state->bits &= ~MPPE_BIT_FLUSHED; /* reset for next xmit */ - - obuf += MPPE_OVHD; - ibuf += 2; /* skip to proto field */ - isize -= 2; - - /* Encrypt packet */ - arcfour_encrypt(&state->arcfour_context, ibuf, isize, obuf); - - state->stats.unc_bytes += isize; - state->stats.unc_packets++; - state->stats.comp_bytes += osize; - state->stats.comp_packets++; - - return osize; -} - -/* - * Since every frame grows by MPPE_OVHD + 2 bytes, this is always going - * to look bad ... and the longer the link is up the worse it will get. - */ -static void -mppe_comp_stats(void *arg, struct compstat *stats) -{ - ppp_mppe_state *state = (ppp_mppe_state *) arg; - - *stats = state->stats; -} - - -static int -mppe_decomp_init(void *arg, unsigned char *options, int optlen, int unit, - int hdrlen, int mru, int debug) -{ - /* ARGSUSED */ - return mppe_init(arg, options, optlen, unit, debug, "mppe_decomp_init"); -} - -/* - * We received a CCP Reset-Ack. Just ignore it. - */ -static void -mppe_decomp_reset(void *arg) -{ - /* ARGSUSED */ - return; -} - -/* - * Decompress (decrypt) an MPPE packet. - */ -int -mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, - int osize) -{ - ppp_mppe_state *state = (ppp_mppe_state *) arg; - unsigned ccount; - int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED; - int sanity = 0; - - if (isize <= PPP_HDRLEN + MPPE_OVHD) { - if (state->debug) - printk(KERN_DEBUG "mppe_decompress[%d]: short pkt (%d)\n", - state->unit, isize); - return DECOMP_ERROR; - } - - /* - * Make sure we have enough room to decrypt the packet. - * Note that for our test we only subtract 1 byte whereas in - * mppe_compress() we added 2 bytes (+MPPE_OVHD); - * this is to account for possible PFC. - */ - if (osize < isize - MPPE_OVHD - 1) { - printk(KERN_DEBUG "mppe_decompress[%d]: osize too small! " - "(have: %d need: %d)\n", state->unit, - osize, isize - MPPE_OVHD - 1); - return DECOMP_ERROR; - } - osize = isize - MPPE_OVHD - 2; /* assume no PFC */ - - ccount = MPPE_CCOUNT(ibuf); - if (state->debug >= 7) - printk(KERN_DEBUG "mppe_decompress[%d]: ccount %d\n", state->unit, - ccount); - - /* sanity checks -- terminate with extreme prejudice */ - if (!(MPPE_BITS(ibuf) & MPPE_BIT_ENCRYPTED)) { - printk(KERN_DEBUG "mppe_decompress[%d]: ENCRYPTED bit not set!\n", - state->unit); - state->sanity_errors += 100; - sanity = 1; - } - if (!state->stateful && !flushed) { - printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set in " - "stateless mode!\n", state->unit); - state->sanity_errors += 100; - sanity = 1; - } - if (state->stateful && ((ccount & 0xff) == 0xff) && !flushed) { - printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set on " - "flag packet!\n", state->unit); - state->sanity_errors += 100; - sanity = 1; - } - - if (sanity) { - if (state->sanity_errors < SANITY_MAX) - return DECOMP_ERROR; - else - /* - * Take LCP down if the peer is sending too many bogons. - * We don't want to do this for a single or just a few - * instances since it could just be due to packet corruption. - */ - return DECOMP_FATALERROR; - } - - /* - * Check the coherency count. - */ - - if (!state->stateful) { - /* RFC 3078, sec 8.1. Rekey for every packet. */ - while (state->ccount != ccount) { - mppe_rekey(state, 0); - state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE; - } - } else { - /* RFC 3078, sec 8.2. */ - if (!state->discard) { - /* normal state */ - state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE; - if (ccount != state->ccount) { - /* - * (ccount > state->ccount) - * Packet loss detected, enter the discard state. - * Signal the peer to rekey (by sending a CCP Reset-Request). - */ - state->discard = 1; - return DECOMP_ERROR; - } - } else { - /* discard state */ - if (!flushed) { - /* ccp.c will be silent (no additional CCP Reset-Requests). */ - return DECOMP_ERROR; - } else { - /* Rekey for every missed "flag" packet. */ - while ((ccount & ~0xff) != (state->ccount & ~0xff)) { - mppe_rekey(state, 0); - state->ccount = (state->ccount + 256) % MPPE_CCOUNT_SPACE; - } - - /* reset */ - state->discard = 0; - state->ccount = ccount; - /* - * Another problem with RFC 3078 here. It implies that the - * peer need not send a Reset-Ack packet. But RFC 1962 - * requires it. Hopefully, M$ does send a Reset-Ack; even - * though it isn't required for MPPE synchronization, it is - * required to reset CCP state. - */ - } - } - if (flushed) - mppe_rekey(state, 0); - } - - /* - * Fill in the first part of the PPP header. The protocol field - * comes from the decrypted data. - */ - obuf[0] = PPP_ADDRESS(ibuf); /* +1 */ - obuf[1] = PPP_CONTROL(ibuf); /* +1 */ - obuf += 2; - ibuf += PPP_HDRLEN + MPPE_OVHD; - isize -= PPP_HDRLEN + MPPE_OVHD; /* -6 */ - /* net osize: isize-4 */ - - /* - * Decrypt the first byte in order to check if it is - * a compressed or uncompressed protocol field. - */ - arcfour_decrypt(&state->arcfour_context, ibuf, 1, obuf); - - /* - * Do PFC decompression. - * This would be nicer if we were given the actual sk_buff - * instead of a char *. - */ - if ((obuf[0] & 0x01) != 0) { - obuf[1] = obuf[0]; - obuf[0] = 0; - obuf++; - osize++; - } - - /* And finally, decrypt the rest of the packet. */ - arcfour_decrypt(&state->arcfour_context, ibuf + 1, isize - 1, obuf + 1); - - state->stats.unc_bytes += osize; - state->stats.unc_packets++; - state->stats.comp_bytes += isize; - state->stats.comp_packets++; - - /* good packet credit */ - state->sanity_errors >>= 1; - - return osize; -} - -/* - * Incompressible data has arrived (this should never happen!). - * We should probably drop the link if the protocol is in the range - * of what should be encrypted. At the least, we should drop this - * packet. (How to do this?) - */ -static void -mppe_incomp(void *arg, unsigned char *ibuf, int icnt) -{ - ppp_mppe_state *state = (ppp_mppe_state *) arg; - - if (state->debug && - (PPP_PROTOCOL(ibuf) >= 0x0021 && PPP_PROTOCOL(ibuf) <= 0x00fa)) - printk(KERN_DEBUG "mppe_incomp[%d]: incompressible (unencrypted) data! " - "(proto %04x)\n", state->unit, PPP_PROTOCOL(ibuf)); - - state->stats.inc_bytes += icnt; - state->stats.inc_packets++; - state->stats.unc_bytes += icnt; - state->stats.unc_packets++; -} - -/************************************************************* - * Module interface table - *************************************************************/ - -/* These are in ppp.c (2.2.x) or ppp_generic.c (2.4.x) */ -extern int ppp_register_compressor (struct compressor *cp); -extern void ppp_unregister_compressor (struct compressor *cp); - -/* - * Procedures exported to if_ppp.c. - */ -struct compressor ppp_mppe = { - CI_MPPE, /* compress_proto */ - mppe_alloc, /* comp_alloc */ - mppe_free, /* comp_free */ - mppe_comp_init, /* comp_init */ - mppe_comp_reset, /* comp_reset */ - mppe_compress, /* compress */ - mppe_comp_stats, /* comp_stat */ - mppe_alloc, /* decomp_alloc */ - mppe_free, /* decomp_free */ - mppe_decomp_init, /* decomp_init */ - mppe_decomp_reset, /* decomp_reset */ - mppe_decompress, /* decompress */ - mppe_incomp, /* incomp */ - mppe_comp_stats, /* decomp_stat */ -}; - -/* 2.2 compatibility defines */ -#ifndef __init -#define __init -#endif -#ifndef __exit -#define __exit -#endif -#ifndef MODULE_LICENSE -#define MODULE_LICENSE(license) -#endif - -int __init -ppp_mppe_init(void) -{ - int answer = ppp_register_compressor(&ppp_mppe); - - if (answer == 0) - printk(KERN_INFO "PPP MPPE Compression module registered\n"); - return answer; -} - -void __exit -ppp_mppe_cleanup(void) -{ - ppp_unregister_compressor(&ppp_mppe); -} - -module_init(ppp_mppe_init); -module_exit(ppp_mppe_cleanup); -MODULE_LICENSE("BSD without advertisement clause"); diff --git a/linux/mppe/sha1.c b/linux/mppe/sha1.c deleted file mode 100644 index a895c87..0000000 --- a/linux/mppe/sha1.c +++ /dev/null @@ -1,185 +0,0 @@ -/* - * ftp://ftp.funet.fi/pub/crypt/hash/sha/sha1.c - * - * SHA-1 in C - * By Steve Reid - * 100% Public Domain - * - * Test Vectors (from FIPS PUB 180-1) - * "abc" - * A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D - * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" - * 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1 - * A million repetitions of "a" - * 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F - */ - -/* #define SHA1HANDSOFF * Copies data before messing with it. */ - -#if defined(__linux__) -#include -#include -#elif defined(__solaris__) -#include -#include -#include -#define memcpy(d, s, c) bcopy(s, d, c) -#define memset(d, b, c) bzero(d, c) -#endif - -#include "sha1.h" - -static void SHA1_Transform(unsigned int[5], const unsigned char[64]); - -#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) - -/* blk0() and blk() perform the initial expand. */ -/* I got the idea of expanding during the round function from SSLeay */ -#if defined(__LITTLE_ENDIAN) || defined(_LITTLE_ENDIAN) -#define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \ - |(rol(block->l[i],8)&0x00FF00FF)) -#elif defined(__BIG_ENDIAN) || defined(_BIG_ENDIAN) -#define blk0(i) block->l[i] -#else -#error Endianness not defined -#endif -#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \ - ^block->l[(i+2)&15]^block->l[i&15],1)) - -/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */ -#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30); -#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30); -#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30); -#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30); -#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30); - - -/* Hash a single 512-bit block. This is the core of the algorithm. */ - -static void -SHA1_Transform(unsigned int state[5], const unsigned char buffer[64]) -{ - unsigned int a, b, c, d, e; - typedef union { - unsigned char c[64]; - unsigned int l[16]; - } CHAR64LONG16; - CHAR64LONG16 *block; - -#ifdef SHA1HANDSOFF - static unsigned char workspace[64]; - block = (CHAR64LONG16 *) workspace; - memcpy(block, buffer, 64); -#else - block = (CHAR64LONG16 *) buffer; -#endif - /* Copy context->state[] to working vars */ - a = state[0]; - b = state[1]; - c = state[2]; - d = state[3]; - e = state[4]; - /* 4 rounds of 20 operations each. Loop unrolled. */ - R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3); - R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7); - R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11); - R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15); - R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19); - R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23); - R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27); - R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31); - R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35); - R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39); - R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43); - R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47); - R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51); - R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55); - R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59); - R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63); - R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67); - R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71); - R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75); - R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79); - /* Add the working vars back into context.state[] */ - state[0] += a; - state[1] += b; - state[2] += c; - state[3] += d; - state[4] += e; - /* Wipe variables */ - a = b = c = d = e = 0; -} - - -/* SHA1Init - Initialize new context */ - -void -SHA1_Init(SHA1_CTX *context) -{ - /* SHA1 initialization constants */ - context->state[0] = 0x67452301; - context->state[1] = 0xEFCDAB89; - context->state[2] = 0x98BADCFE; - context->state[3] = 0x10325476; - context->state[4] = 0xC3D2E1F0; - context->count[0] = context->count[1] = 0; -} - - -/* Run your data through this. */ - -void -SHA1_Update(SHA1_CTX *context, const unsigned char *data, unsigned int len) -{ - unsigned int i, j; - - j = (context->count[0] >> 3) & 63; - if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++; - context->count[1] += (len >> 29); - if ((j + len) > 63) { - memcpy(&context->buffer[j], data, (i = 64-j)); - SHA1_Transform(context->state, context->buffer); - for ( ; i + 63 < len; i += 64) { - SHA1_Transform(context->state, &data[i]); - } - j = 0; - } - else - i = 0; - - memcpy(&context->buffer[j], &data[i], len - i); -} - - -/* Add padding and return the message digest. */ - -void -SHA1_Final(unsigned char digest[20], SHA1_CTX *context) -{ - unsigned int i, j; - unsigned char finalcount[8]; - - for (i = 0; i < 8; i++) { - finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)] - >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */ - } - SHA1_Update(context, (unsigned char *) "\200", 1); - while ((context->count[0] & 504) != 448) { - SHA1_Update(context, (unsigned char *) "\0", 1); - } - SHA1_Update(context, finalcount, 8); /* Should cause a SHA1Transform() */ - for (i = 0; i < 20; i++) { - digest[i] = (unsigned char) - ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255); - } - /* Wipe variables */ - i = j = 0; - memset(context->buffer, 0, 64); - memset(context->state, 0, 20); - memset(context->count, 0, 8); - memset(&finalcount, 0, 8); -#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite it's own static vars */ - SHA1Transform(context->state, context->buffer); -#endif -} - diff --git a/linux/mppe/sha1.h b/linux/mppe/sha1.h deleted file mode 100644 index 451868c..0000000 --- a/linux/mppe/sha1.h +++ /dev/null @@ -1,18 +0,0 @@ -/* sha1.h */ - -#ifndef _SHA1_H -#define _SHA1_H - -typedef struct { - unsigned int state[5]; - unsigned int count[2]; - unsigned char buffer[64]; -} SHA1_CTX; - -#define SHA1_SIGNATURE_SIZE 20 - -extern void SHA1_Init(SHA1_CTX *); -extern void SHA1_Update(SHA1_CTX *, const unsigned char *, unsigned int); -extern void SHA1_Final(unsigned char[SHA1_SIGNATURE_SIZE], SHA1_CTX *); - -#endif /* _SHA1_H */ -- 2.39.2