diff options
Diffstat (limited to 'linux/opensimpad-2.4.25-vrs2-pxa1-jpm1/mppe-20040216.patch')
| -rw-r--r-- | linux/opensimpad-2.4.25-vrs2-pxa1-jpm1/mppe-20040216.patch | 1225 |
1 files changed, 1225 insertions, 0 deletions
diff --git a/linux/opensimpad-2.4.25-vrs2-pxa1-jpm1/mppe-20040216.patch b/linux/opensimpad-2.4.25-vrs2-pxa1-jpm1/mppe-20040216.patch index e69de29bb2..4393e2ea83 100644 --- a/linux/opensimpad-2.4.25-vrs2-pxa1-jpm1/mppe-20040216.patch +++ b/linux/opensimpad-2.4.25-vrs2-pxa1-jpm1/mppe-20040216.patch @@ -0,0 +1,1225 @@ + +# +# Patch managed by http://www.holgerschurig.de/patcher.html +# + +--- linux-2.4.25/drivers/net/Config.in~mppe-20040216 ++++ linux-2.4.25/drivers/net/Config.in +@@ -327,6 +327,7 @@ + dep_tristate ' PPP support for sync tty ports' CONFIG_PPP_SYNC_TTY $CONFIG_PPP + dep_tristate ' PPP Deflate compression' CONFIG_PPP_DEFLATE $CONFIG_PPP + dep_tristate ' PPP BSD-Compress compression' CONFIG_PPP_BSDCOMP $CONFIG_PPP ++ dep_tristate ' PPP MPPE compression (encryption)' CONFIG_PPP_MPPE $CONFIG_PPP + if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then + dep_tristate ' PPP over Ethernet (EXPERIMENTAL)' CONFIG_PPPOE $CONFIG_PPP + fi +--- /dev/null ++++ linux-2.4.25/drivers/net/arcfour.c +@@ -0,0 +1,75 @@ ++/* ++ * arcfour.c ++ * by Frank Cusack <frank@google.com> ++ * 100% public domain ++ * ++ * Implemented from the description in _Applied Cryptography_, 2nd ed. ++ * ++ * ** Distribution ** of this software is unlimited and unrestricted. ++ * ++ * ** Use ** of this software is almost certainly legal; however, refer ++ * to <http://theory.lcs.mit.edu/~rivest/faq.html>. ++ */ ++ ++#include "arcfour.h" ++#if defined(__linux__) ++#include <linux/string.h> ++#endif ++ ++#define swap(a, b) \ ++{ \ ++ unsigned char t = b; \ ++ b = a; \ ++ a = t; \ ++} ++ ++/* ++ * Initialize arcfour from a key. ++ */ ++void ++arcfour_setkey(arcfour_context *context, const unsigned char *key, ++ unsigned keylen) ++{ ++ unsigned i, j; ++ unsigned char K[256]; ++ ++ context->i = context->j = 0; ++ ++ for (i = 0; i < 256; i++) { ++ context->S[i] = i; ++ K[i] = key[i % keylen]; ++ } ++ ++ j = 0; ++ for (i = 0; i < 256; i++) { ++ j = (j + context->S[i] + K[i]) % 256; ++ swap(context->S[i], context->S[j]); ++ } ++ ++ memset(K, 0, sizeof(K)); ++} ++ ++/* ++ * plaintext -> ciphertext (or vice versa) ++ */ ++void ++arcfour_encrypt(arcfour_context *context, const unsigned char *in, unsigned len, ++ unsigned char *out) ++{ ++ unsigned i = context->i; ++ unsigned j = context->j; ++ unsigned char *S = context->S; ++ unsigned char K; ++ ++ while (len--) { ++ i = (i + 1) % 256; ++ j = (j + S[i]) % 256; ++ swap(S[i], S[j]); ++ K = S[(S[i] + S[j]) % 256]; ++ *out++ = *in++ ^ K; ++ } ++ ++ context->i = i; ++ context->j = j; ++} ++ +--- /dev/null ++++ linux-2.4.25/drivers/net/arcfour.h +@@ -0,0 +1,17 @@ ++/* arcfour.h */ ++ ++#ifndef _ARCFOUR_H ++#define _ARCFOUR_H ++ ++typedef struct { ++ unsigned i; ++ unsigned j; ++ unsigned char S[256]; ++} arcfour_context; ++ ++extern void arcfour_setkey(arcfour_context *, const unsigned char *, unsigned); ++extern void arcfour_encrypt(arcfour_context *, const unsigned char *, unsigned, ++ unsigned char *); ++#define arcfour_decrypt arcfour_encrypt ++ ++#endif /* _ARCFOUR_H */ +--- linux-2.4.25/drivers/net/ppp_generic.c~mppe-20040216 ++++ linux-2.4.25/drivers/net/ppp_generic.c +@@ -102,6 +102,7 @@ + spinlock_t rlock; /* lock for receive side 58 */ + spinlock_t wlock; /* lock for transmit side 5c */ + int mru; /* max receive unit 60 */ ++ int mru_alloc; /* MAX(1500,MRU) for dev_alloc_skb() */ + unsigned int flags; /* control bits 64 */ + unsigned int xstate; /* transmit state bits 68 */ + unsigned int rstate; /* receive state bits 6c */ +@@ -129,6 +130,7 @@ + struct sock_fprog pass_filter; /* filter for packets to pass */ + struct sock_fprog active_filter;/* filter for pkts to reset idle */ + #endif /* CONFIG_PPP_FILTER */ ++ int xpad; /* ECP or CCP (MPPE) transmit padding */ + }; + + /* +@@ -552,7 +554,9 @@ + case PPPIOCSMRU: + if (get_user(val, (int *) arg)) + break; +- ppp->mru = val; ++ ppp->mru_alloc = ppp->mru = val; ++ if (ppp->mru_alloc < PPP_MRU) ++ ppp->mru_alloc = PPP_MRU; /* increase for broken peers */ + err = 0; + break; + +@@ -1031,8 +1035,8 @@ + /* try to do packet compression */ + if ((ppp->xstate & SC_COMP_RUN) && ppp->xc_state != 0 + && proto != PPP_LCP && proto != PPP_CCP) { +- new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len, +- GFP_ATOMIC); ++ new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len ++ + ppp->xpad, GFP_ATOMIC); + if (new_skb == 0) { + printk(KERN_ERR "PPP: no memory (comp pkt)\n"); + goto drop; +@@ -1044,15 +1048,28 @@ + /* compressor still expects A/C bytes in hdr */ + len = ppp->xcomp->compress(ppp->xc_state, skb->data - 2, + new_skb->data, skb->len + 2, +- ppp->dev->mtu + PPP_HDRLEN); ++ ppp->dev->mtu + ppp->xpad ++ + PPP_HDRLEN); + if (len > 0 && (ppp->flags & SC_CCP_UP)) { + kfree_skb(skb); + skb = new_skb; + skb_put(skb, len); + skb_pull(skb, 2); /* pull off A/C bytes */ +- } else { ++ } else if (len == 0) { + /* didn't compress, or CCP not up yet */ + kfree_skb(new_skb); ++ } else { ++ /* ++ * (len < 0) ++ * MPPE requires that we do not send unencrypted ++ * frames. The compressor will return -1 if we ++ * should drop the frame. We cannot simply test ++ * the compress_proto because MPPE and MPPC share ++ * the same number. ++ */ ++ printk(KERN_ERR "ppp: compressor dropped pkt\n"); ++ kfree_skb(new_skb); ++ goto drop; + } + } + +@@ -1540,14 +1557,15 @@ + int len; + + if (proto == PPP_COMP) { +- ns = dev_alloc_skb(ppp->mru + PPP_HDRLEN); ++ ns = dev_alloc_skb(ppp->mru_alloc + PPP_HDRLEN); + if (ns == 0) { + printk(KERN_ERR "ppp_decompress_frame: no memory\n"); + goto err; + } + /* the decompressor still expects the A/C bytes in the hdr */ + len = ppp->rcomp->decompress(ppp->rc_state, skb->data - 2, +- skb->len + 2, ns->data, ppp->mru + PPP_HDRLEN); ++ skb->len + 2, ns->data, ++ ppp->mru_alloc + PPP_HDRLEN); + if (len < 0) { + /* Pass the compressed frame to pppd as an + error indication. */ +@@ -1982,6 +2000,20 @@ + ocomp->comp_free(ostate); + err = 0; + } ++ if (ccp_option[0] == CI_MPPE) ++ /* ++ * pppd (userland) has reduced the MTU by MPPE_PAD, ++ * to accomodate "compressor" growth. We must ++ * increase the space allocated for compressor ++ * output in ppp_send_frame() accordingly. Note ++ * that from a purist's view, it may be more correct ++ * to require multilink and fragment large packets, ++ * but that seems inefficient compared to this ++ * little trick. ++ */ ++ ppp->xpad = MPPE_PAD; ++ else ++ ppp->xpad = 0; + + } else { + state = cp->decomp_alloc(ccp_option, data.length); +@@ -2253,6 +2285,7 @@ + /* Initialize the new ppp unit */ + ppp->file.index = unit; + ppp->mru = PPP_MRU; ++ ppp->mru_alloc = PPP_MRU; + init_ppp_file(&ppp->file, INTERFACE); + ppp->file.hdrlen = PPP_HDRLEN - 2; /* don't count proto bytes */ + for (i = 0; i < NUM_NP; ++i) +--- /dev/null ++++ linux-2.4.25/drivers/net/ppp_mppe_compress.c +@@ -0,0 +1,643 @@ ++/* ++ * ==FILEVERSION 20020521== ++ * ++ * ppp_mppe_compress.c - interface MPPE to the PPP code. ++ * This version is for use with Linux kernel 2.2.19+ and 2.4.x. ++ * ++ * By Frank Cusack <frank@google.com>. ++ * Copyright (c) 2002 Google, Inc. ++ * All rights reserved. ++ * ++ * Permission to use, copy, modify, and distribute this software and its ++ * documentation is hereby granted, provided that the above copyright ++ * notice appears in all copies. This software is provided without any ++ * warranty, express or implied. ++ * ++ * Changelog: ++ * 2/15/04 - TS: added #include <version.h> and testing for Kernel ++ * version before using ++ * MOD_DEC_USAGE_COUNT/MOD_INC_USAGE_COUNT which are ++ * depreciated in 2.6 ++ */ ++ ++#include <linux/module.h> ++#include <linux/kernel.h> ++#include <linux/version.h> ++#include <linux/init.h> ++#include <linux/types.h> ++#include <linux/slab.h> ++#include <linux/string.h> ++ ++#include <linux/ppp_defs.h> ++#include <linux/ppp-comp.h> ++ ++#include "arcfour.h" ++#include "sha1.h" ++ ++/* ++ * State for an MPPE (de)compressor. ++ */ ++typedef struct ppp_mppe_state { ++ unsigned char master_key[MPPE_MAX_KEY_LEN]; ++ unsigned char session_key[MPPE_MAX_KEY_LEN]; ++ arcfour_context arcfour_context; /* encryption state */ ++ unsigned keylen; /* key length in bytes */ ++ /* NB: 128-bit == 16, 40-bit == 8! */ ++ /* If we want to support 56-bit, */ ++ /* the unit has to change to bits */ ++ unsigned char bits; /* MPPE control bits */ ++ unsigned ccount; /* 12-bit coherency count (seqno) */ ++ unsigned stateful; /* stateful mode flag */ ++ int discard; /* stateful mode packet loss flag */ ++ int sanity_errors; /* take down LCP if too many */ ++ int unit; ++ int debug; ++ struct compstat stats; ++} ppp_mppe_state; ++ ++/* ppp_mppe_state.bits definitions */ ++#define MPPE_BIT_A 0x80 /* Encryption table were (re)inititalized */ ++#define MPPE_BIT_B 0x40 /* MPPC only (not implemented) */ ++#define MPPE_BIT_C 0x20 /* MPPC only (not implemented) */ ++#define MPPE_BIT_D 0x10 /* This is an encrypted frame */ ++ ++#define MPPE_BIT_FLUSHED MPPE_BIT_A ++#define MPPE_BIT_ENCRYPTED MPPE_BIT_D ++ ++#define MPPE_BITS(p) ((p)[4] & 0xf0) ++#define MPPE_CCOUNT(p) ((((p)[4] & 0x0f) << 8) + (p)[5]) ++#define MPPE_CCOUNT_SPACE 0x1000 /* The size of the ccount space */ ++ ++#define MPPE_OVHD 2 /* MPPE overhead/packet */ ++#define SANITY_MAX 1600 /* Max bogon factor we will tolerate */ ++ ++static void GetNewKeyFromSHA __P((unsigned char *StartKey, ++ unsigned char *SessionKey, ++ unsigned SessionKeyLength, ++ unsigned char *InterimKey)); ++static void mppe_rekey __P((ppp_mppe_state *state, int)); ++static void *mppe_alloc __P((unsigned char *options, int optlen)); ++static void mppe_free __P((void *state)); ++static int mppe_init __P((void *state, unsigned char *options, ++ int optlen, int unit, int debug, const char *)); ++static int mppe_comp_init __P((void *state, unsigned char *options, ++ int optlen, ++ int unit, int hdrlen, int debug)); ++static int mppe_decomp_init __P((void *state, unsigned char *options, ++ int optlen, int unit, ++ int hdrlen, int mru, int debug)); ++static int mppe_compress __P((void *state, unsigned char *ibuf, ++ unsigned char *obuf, ++ int isize, int osize)); ++static void mppe_incomp __P((void *state, unsigned char *ibuf, int icnt)); ++static int mppe_decompress __P((void *state, unsigned char *ibuf, ++ int isize, unsigned char *obuf,int osize)); ++static void mppe_comp_reset __P((void *state)); ++static void mppe_decomp_reset __P((void *state)); ++static void mppe_comp_stats __P((void *state, struct compstat *stats)); ++ ++ ++/* ++ * Key Derivation, from RFC 3078, RFC 3079. ++ * Equivalent to Get_Key() for MS-CHAP as described in RFC 3079. ++ */ ++static void ++GetNewKeyFromSHA(unsigned char *MasterKey, unsigned char *SessionKey, ++ unsigned SessionKeyLength, unsigned char *InterimKey) ++{ ++ SHA1_CTX Context; ++ unsigned char Digest[SHA1_SIGNATURE_SIZE]; ++ ++ unsigned char SHApad1[40] = ++ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; ++ unsigned char SHApad2[40] = ++ { 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, ++ 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, ++ 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, ++ 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2 }; ++ ++ /* assert(SessionKeyLength <= SHA1_SIGNATURE_SIZE); */ ++ ++ SHA1_Init(&Context); ++ SHA1_Update(&Context, MasterKey, SessionKeyLength); ++ SHA1_Update(&Context, SHApad1, sizeof(SHApad1)); ++ SHA1_Update(&Context, SessionKey, SessionKeyLength); ++ SHA1_Update(&Context, SHApad2, sizeof(SHApad2)); ++ SHA1_Final(Digest, &Context); ++ ++ memcpy(InterimKey, Digest, SessionKeyLength); ++} ++ ++/* ++ * Perform the MPPE rekey algorithm, from RFC 3078, sec. 7.3. ++ * Well, not what's written there, but rather what they meant. ++ */ ++static void ++mppe_rekey(ppp_mppe_state *state, int initial_key) ++{ ++ unsigned char InterimKey[MPPE_MAX_KEY_LEN]; ++ ++ GetNewKeyFromSHA(state->master_key, state->session_key, ++ state->keylen, InterimKey); ++ if (!initial_key) { ++ arcfour_setkey(&state->arcfour_context, InterimKey, state->keylen); ++ arcfour_encrypt(&state->arcfour_context, InterimKey, state->keylen, ++ state->session_key); ++ } else { ++ memcpy(state->session_key, InterimKey, state->keylen); ++ } ++ if (state->keylen == 8) { ++ /* See RFC 3078 */ ++ state->session_key[0] = 0xd1; ++ state->session_key[1] = 0x26; ++ state->session_key[2] = 0x9e; ++ } ++ arcfour_setkey(&state->arcfour_context, state->session_key, state->keylen); ++} ++ ++ ++/* ++ * Allocate space for a (de)compressor. ++ */ ++static void * ++mppe_alloc(unsigned char *options, int optlen) ++{ ++ ppp_mppe_state *state; ++ ++ if (optlen != CILEN_MPPE + sizeof(state->master_key) ++ || options[0] != CI_MPPE ++ || options[1] != CILEN_MPPE) ++ return NULL; ++ ++ state = (ppp_mppe_state *) kmalloc(sizeof(*state), GFP_KERNEL); ++ if (state == NULL) ++ return NULL; ++ ++/* ++ Added to avoid module warnings about MOD_INC ++ being depreciated in 2.6.x ++*/ ++#if ( LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) ) ++ try_module_get(THIS_MODULE); ++#else ++ MOD_INC_USE_COUNT; ++#endif ++ memset(state, 0, sizeof(*state)); ++ ++ /* Save keys. */ ++ memcpy(state->master_key, &options[CILEN_MPPE], sizeof(state->master_key)); ++ memcpy(state->session_key, state->master_key, sizeof(state->master_key)); ++ /* ++ * We defer initial key generation until mppe_init(), as mppe_alloc() ++ * is called frequently during negotiation. ++ */ ++ ++ return (void *) state; ++} ++ ++/* ++ * Deallocate space for a (de)compressor. ++ */ ++static void ++mppe_free(void *arg) ++{ ++ ppp_mppe_state *state = (ppp_mppe_state *) arg; ++ ++ if (state) { ++ kfree(state); ++/* ++ Added to avoid module warnings about MOD_DEC_USE_COUNT ++ being depreciated in 2.6.x ++*/ ++#if ( LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) ) ++ module_put(THIS_MODULE); ++#else ++ MOD_DEC_USE_COUNT; ++#endif ++ } ++} ++ ++ ++/* ++ * Initialize (de)compressor state. ++ */ ++static int ++mppe_init(void *arg, unsigned char *options, int optlen, int unit, int debug, ++ const char *debugstr) ++{ ++ ppp_mppe_state *state = (ppp_mppe_state *) arg; ++ unsigned char mppe_opts; ++ ++ if (optlen != CILEN_MPPE ++ || options[0] != CI_MPPE ++ || options[1] != CILEN_MPPE) ++ return 0; ++ ++ MPPE_CI_TO_OPTS(&options[2], mppe_opts); ++ if (mppe_opts & MPPE_OPT_128) ++ state->keylen = 16; ++ else if (mppe_opts & MPPE_OPT_40) ++ state->keylen = 8; ++ else { ++ printk(KERN_WARNING "%s[%d]: unknown key length\n", debugstr, unit); ++ return 0; ++ } ++ if (mppe_opts & MPPE_OPT_STATEFUL) ++ state->stateful = 1; ++ ++ /* Generate the initial session key. */ ++ mppe_rekey(state, 1); ++ ++ if (debug) { ++ int i; ++ char mkey[sizeof(state->master_key) * 2 + 1]; ++ char skey[sizeof(state->session_key) * 2 + 1]; ++ ++ printk(KERN_DEBUG "%s[%d]: initialized with %d-bit %s mode\n", debugstr, ++ unit, (state->keylen == 16)? 128: 40, ++ (state->stateful)? "stateful": "stateless"); ++ ++ for (i = 0; i < sizeof(state->master_key); i++) ++ sprintf(mkey + i * 2, "%.2x", state->master_key[i]); ++ for (i = 0; i < sizeof(state->session_key); i++) ++ sprintf(skey + i * 2, "%.2x", state->session_key[i]); ++ printk(KERN_DEBUG "%s[%d]: keys: master: %s initial session: %s\n", ++ debugstr, unit, mkey, skey); ++ } ++ ++ /* ++ * Initialize the coherency count. The initial value is not specified ++ * in RFC 3078, but we can make a reasonable assumption that it will ++ * start at 0. Setting it to the max here makes the comp/decomp code ++ * do the right thing (determined through experiment). ++ */ ++ state->ccount = MPPE_CCOUNT_SPACE - 1; ++ ++ /* ++ * Note that even though we have initialized the key table, we don't ++ * set the FLUSHED bit. This is contrary to RFC 3078, sec. 3.1. ++ */ ++ state->bits = MPPE_BIT_ENCRYPTED; ++ ++ state->unit = unit; ++ state->debug = debug; ++ ++ return 1; ++} ++ ++ ++ ++static int ++mppe_comp_init(void *arg, unsigned char *options, int optlen, int unit, ++ int hdrlen, int debug) ++{ ++ /* ARGSUSED */ ++ return mppe_init(arg, options, optlen, unit, debug, "mppe_comp_init"); ++} ++ ++/* ++ * We received a CCP Reset-Request (actually, we are sending a Reset-Ack), ++ * tell the compressor to rekey. Note that we MUST NOT rekey for ++ * every CCP Reset-Request; we only rekey on the next xmit packet. ++ * We might get multiple CCP Reset-Requests if our CCP Reset-Ack is lost. ++ * So, rekeying for every CCP Reset-Request is broken as the peer will not ++ * know how many times we've rekeyed. (If we rekey and THEN get another ++ * CCP Reset-Request, we must rekey again.) ++ */ ++static void ++mppe_comp_reset(void *arg) ++{ ++ ppp_mppe_state *state = (ppp_mppe_state *) arg; ++ ++ state->bits |= MPPE_BIT_FLUSHED; ++} ++ ++/* ++ * Compress (encrypt) a packet. ++ * It's strange to call this a compressor, since the output is always ++ * MPPE_OVHD + 2 bytes larger than the input. ++ */ ++int ++mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf, ++ int isize, int osize) ++{ ++ ppp_mppe_state *state = (ppp_mppe_state *) arg; ++ int proto; ++ ++ /* ++ * Check that the protocol is in the range we handle. ++ */ ++ proto = PPP_PROTOCOL(ibuf); ++ if (proto < 0x0021 || proto > 0x00fa) ++ return 0; ++ ++ /* Make sure we have enough room to generate an encrypted packet. */ ++ if (osize < isize + MPPE_OVHD + 2) { ++ /* Drop the packet if we should encrypt it, but can't. */ ++ printk(KERN_DEBUG "mppe_compress[%d]: osize too small! " ++ "(have: %d need: %d)\n", state->unit, ++ osize, osize + MPPE_OVHD + 2); ++ return -1; ++ } ++ ++ osize = isize + MPPE_OVHD + 2; ++ ++ /* ++ * Copy over the PPP header and set control bits. ++ */ ++ obuf[0] = PPP_ADDRESS(ibuf); ++ obuf[1] = PPP_CONTROL(ibuf); ++ obuf[2] = PPP_COMP >> 8; /* isize + MPPE_OVHD + 1 */ ++ obuf[3] = PPP_COMP; /* isize + MPPE_OVHD + 2 */ ++ obuf += PPP_HDRLEN; ++ ++ state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE; ++ if (state->debug >= 7) ++ printk(KERN_DEBUG "mppe_compress[%d]: ccount %d\n", state->unit, ++ state->ccount); ++ obuf[0] = state->ccount >> 8; ++ obuf[1] = state->ccount & 0xff; ++ ++ if (!state->stateful || /* stateless mode */ ++ ((state->ccount & 0xff) == 0xff) || /* "flag" packet */ ++ (state->bits & MPPE_BIT_FLUSHED)) { /* CCP Reset-Request */ ++ /* We must rekey */ ++ if (state->debug && state->stateful) ++ printk(KERN_DEBUG "mppe_compress[%d]: rekeying\n", state->unit); ++ mppe_rekey(state, 0); ++ state->bits |= MPPE_BIT_FLUSHED; ++ } ++ obuf[0] |= state->bits; ++ state->bits &= ~MPPE_BIT_FLUSHED; /* reset for next xmit */ ++ ++ obuf += MPPE_OVHD; ++ ibuf += 2; /* skip to proto field */ ++ isize -= 2; ++ ++ /* Encrypt packet */ ++ arcfour_encrypt(&state->arcfour_context, ibuf, isize, obuf); ++ ++ state->stats.unc_bytes += isize; ++ state->stats.unc_packets++; ++ state->stats.comp_bytes += osize; ++ state->stats.comp_packets++; ++ ++ return osize; ++} ++ ++/* ++ * Since every frame grows by MPPE_OVHD + 2 bytes, this is always going ++ * to look bad ... and the longer the link is up the worse it will get. ++ */ ++static void ++mppe_comp_stats(void *arg, struct compstat *stats) ++{ ++ ppp_mppe_state *state = (ppp_mppe_state *) arg; ++ ++ *stats = state->stats; ++} ++ ++ ++static int ++mppe_decomp_init(void *arg, unsigned char *options, int optlen, int unit, ++ int hdrlen, int mru, int debug) ++{ ++ /* ARGSUSED */ ++ return mppe_init(arg, options, optlen, unit, debug, "mppe_decomp_init"); ++} ++ ++/* ++ * We received a CCP Reset-Ack. Just ignore it. ++ */ ++static void ++mppe_decomp_reset(void *arg) ++{ ++ /* ARGSUSED */ ++ return; ++} ++ ++/* ++ * Decompress (decrypt) an MPPE packet. ++ */ ++int ++mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, ++ int osize) ++{ ++ ppp_mppe_state *state = (ppp_mppe_state *) arg; ++ unsigned ccount; ++ int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED; ++ int sanity = 0; ++ ++ if (isize <= PPP_HDRLEN + MPPE_OVHD) { ++ if (state->debug) ++ printk(KERN_DEBUG "mppe_decompress[%d]: short pkt (%d)\n", ++ state->unit, isize); ++ return DECOMP_ERROR; ++ } ++ ++ /* Make sure we have enough room to decrypt the packet. */ ++ if (osize < isize - MPPE_OVHD - 2) { ++ printk(KERN_DEBUG "mppe_decompress[%d]: osize too small! " ++ "(have: %d need: %d)\n", state->unit, ++ osize, isize - MPPE_OVHD - 2); ++ return DECOMP_ERROR; ++ } ++ osize = isize - MPPE_OVHD - 2; ++ ++ ccount = MPPE_CCOUNT(ibuf); ++ if (state->debug >= 7) ++ printk(KERN_DEBUG "mppe_decompress[%d]: ccount %d\n", state->unit, ++ ccount); ++ ++ /* sanity checks -- terminate with extreme prejudice */ ++ if (!(MPPE_BITS(ibuf) & MPPE_BIT_ENCRYPTED)) { ++ printk(KERN_DEBUG "mppe_decompress[%d]: ENCRYPTED bit not set!\n", ++ state->unit); ++ state->sanity_errors += 100; ++ sanity = 1; ++ } ++ if (!state->stateful && !flushed) { ++ printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set in " ++ "stateless mode!\n", state->unit); ++ state->sanity_errors += 100; ++ sanity = 1; ++ } ++ if (state->stateful && ((ccount & 0xff) == 0xff) && !flushed) { ++ printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set on " ++ "flag packet!\n", state->unit); ++ state->sanity_errors += 100; ++ sanity = 1; ++ } ++ ++ if (sanity) { ++ if (state->sanity_errors < SANITY_MAX) ++ return DECOMP_ERROR; ++ else ++ /* ++ * Take LCP down if the peer is sending too many bogons. ++ * We don't want to do this for a single or just a few ++ * instances since it could just be due to packet corruption. ++ */ ++ return DECOMP_FATALERROR; ++ } ++ ++ /* ++ * Check the coherency count. ++ */ ++ ++ if (!state->stateful) { ++ /* RFC 3078, sec 8.1. Rekey for every packet. */ ++ while (state->ccount != ccount) { ++ mppe_rekey(state, 0); ++ state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE; ++ } ++ } else { ++ /* RFC 3078, sec 8.2. */ ++ if (!state->discard) { ++ /* normal state */ ++ state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE; ++ if (ccount != state->ccount) { ++ /* ++ * (ccount > state->ccount) ++ * Packet loss detected, enter the discard state. ++ * Signal the peer to rekey (by sending a CCP Reset-Request). ++ */ ++ state->discard = 1; ++ return DECOMP_ERROR; ++ } ++ } else { ++ /* discard state */ ++ if (!flushed) { ++ /* ccp.c will be silent (no additional CCP Reset-Requests). */ ++ return DECOMP_ERROR; ++ } else { ++ /* Rekey for every missed "flag" packet. */ ++ while ((ccount & ~0xff) != (state->ccount & ~0xff)) { ++ mppe_rekey(state, 0); ++ state->ccount = (state->ccount + 256) % MPPE_CCOUNT_SPACE; ++ } ++ ++ /* reset */ ++ state->discard = 0; ++ state->ccount = ccount; ++ /* ++ * Another problem with RFC 3078 here. It implies that the ++ * peer need not send a Reset-Ack packet. But RFC 1962 ++ * requires it. Hopefully, M$ does send a Reset-Ack; even ++ * though it isn't required for MPPE synchronization, it is ++ * required to reset CCP state. ++ */ ++ } ++ } ++ if (flushed) ++ mppe_rekey(state, 0); ++ } ++ ++ /* ++ * Fill in the first part of the PPP header. The protocol field ++ * comes from the decrypted data. ++ */ ++ obuf[0] = PPP_ADDRESS(ibuf); /* +1 */ ++ obuf[1] = PPP_CONTROL(ibuf); /* +1 */ ++ obuf += 2; ++ ibuf += PPP_HDRLEN + MPPE_OVHD; ++ isize -= PPP_HDRLEN + MPPE_OVHD; /* -6 */ ++ /* net osize: isize-4 */ ++ ++ /* And finally, decrypt the packet. */ ++ arcfour_decrypt(&state->arcfour_context, ibuf, isize, obuf); ++ ++ state->stats.unc_bytes += osize; ++ state->stats.unc_packets++; ++ state->stats.comp_bytes += isize; ++ state->stats.comp_packets++; ++ ++ /* good packet credit */ ++ state->sanity_errors >>= 1; ++ ++ return osize; ++} ++ ++/* ++ * Incompressible data has arrived (this should never happen!). ++ * We should probably drop the link if the protocol is in the range ++ * of what should be encrypted. At the least, we should drop this ++ * packet. (How to do this?) ++ */ ++static void ++mppe_incomp(void *arg, unsigned char *ibuf, int icnt) ++{ ++ ppp_mppe_state *state = (ppp_mppe_state *) arg; ++ ++ if (state->debug && ++ (PPP_PROTOCOL(ibuf) >= 0x0021 && PPP_PROTOCOL(ibuf) <= 0x00fa)) ++ printk(KERN_DEBUG "mppe_incomp[%d]: incompressible (unencrypted) data! " ++ "(proto %04x)\n", state->unit, PPP_PROTOCOL(ibuf)); ++ ++ state->stats.inc_bytes += icnt; ++ state->stats.inc_packets++; ++ state->stats.unc_bytes += icnt; ++ state->stats.unc_packets++; ++} ++ ++/************************************************************* ++ * Module interface table ++ *************************************************************/ ++ ++/* These are in ppp.c (2.2.x) or ppp_generic.c (2.4.x) */ ++extern int ppp_register_compressor (struct compressor *cp); ++extern void ppp_unregister_compressor (struct compressor *cp); ++ ++/* ++ * Procedures exported to if_ppp.c. ++ */ ++struct compressor ppp_mppe = { ++ CI_MPPE, /* compress_proto */ ++ mppe_alloc, /* comp_alloc */ ++ mppe_free, /* comp_free */ ++ mppe_comp_init, /* comp_init */ ++ mppe_comp_reset, /* comp_reset */ ++ mppe_compress, /* compress */ ++ mppe_comp_stats, /* comp_stat */ ++ mppe_alloc, /* decomp_alloc */ ++ mppe_free, /* decomp_free */ ++ mppe_decomp_init, /* decomp_init */ ++ mppe_decomp_reset, /* decomp_reset */ ++ mppe_decompress, /* decompress */ ++ mppe_incomp, /* incomp */ ++ mppe_comp_stats, /* decomp_stat */ ++}; ++ ++/* 2.2 compatibility defines */ ++#ifndef __init ++#define __init ++#endif ++#ifndef __exit ++#define __exit ++#endif ++#ifndef MODULE_LICENSE ++#define MODULE_LICENSE(license) ++#endif ++ ++int __init ++ppp_mppe_init(void) ++{ ++ int answer = ppp_register_compressor(&ppp_mppe); ++ ++ if (answer == 0) ++ printk(KERN_INFO "PPP MPPE Compression module registered\n"); ++ return answer; ++} ++ ++void __exit ++ppp_mppe_cleanup(void) ++{ ++ ppp_unregister_compressor(&ppp_mppe); ++} ++ ++module_init(ppp_mppe_init); ++module_exit(ppp_mppe_cleanup); ++MODULE_LICENSE("BSD without advertisement clause"); +--- /dev/null ++++ linux-2.4.25/drivers/net/sha1.c +@@ -0,0 +1,185 @@ ++/* ++ * ftp://ftp.funet.fi/pub/crypt/hash/sha/sha1.c ++ * ++ * SHA-1 in C ++ * By Steve Reid <steve@edmweb.com> ++ * 100% Public Domain ++ * ++ * Test Vectors (from FIPS PUB 180-1) ++ * "abc" ++ * A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D ++ * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" ++ * 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1 ++ * A million repetitions of "a" ++ * 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F ++ */ ++ ++/* #define SHA1HANDSOFF * Copies data before messing with it. */ ++ ++#if defined(__linux__) ++#include <asm/byteorder.h> ++#include <linux/string.h> ++#elif defined(__solaris__) ++#include <sys/isa_defs.h> ++#include <sys/ddi.h> ++#include <sys/sunddi.h> ++#define memcpy(d, s, c) bcopy(s, d, c) ++#define memset(d, b, c) bzero(d, c) ++#endif ++ ++#include "sha1.h" ++ ++static void SHA1_Transform(unsigned long[5], const unsigned char[64]); ++ ++#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) ++ ++/* blk0() and blk() perform the initial expand. */ ++/* I got the idea of expanding during the round function from SSLeay */ ++#if defined(__LITTLE_ENDIAN) || defined(_LITTLE_ENDIAN) ++#define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \ ++ |(rol(block->l[i],8)&0x00FF00FF)) ++#elif defined(__BIG_ENDIAN) || defined(_BIG_ENDIAN) ++#define blk0(i) block->l[i] ++#else ++#error Endianness not defined ++#endif ++#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \ ++ ^block->l[(i+2)&15]^block->l[i&15],1)) ++ ++/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */ ++#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30); ++#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30); ++#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30); ++#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30); ++#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30); ++ ++ ++/* Hash a single 512-bit block. This is the core of the algorithm. */ ++ ++static void ++SHA1_Transform(unsigned long state[5], const unsigned char buffer[64]) ++{ ++ unsigned long a, b, c, d, e; ++ typedef union { ++ unsigned char c[64]; ++ unsigned long l[16]; ++ } CHAR64LONG16; ++ CHAR64LONG16 *block; ++ ++#ifdef SHA1HANDSOFF ++ static unsigned char workspace[64]; ++ block = (CHAR64LONG16 *) workspace; ++ memcpy(block, buffer, 64); ++#else ++ block = (CHAR64LONG16 *) buffer; ++#endif ++ /* Copy context->state[] to working vars */ ++ a = state[0]; ++ b = state[1]; ++ c = state[2]; ++ d = state[3]; ++ e = state[4]; ++ /* 4 rounds of 20 operations each. Loop unrolled. */ ++ R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3); ++ R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7); ++ R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11); ++ R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15); ++ R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19); ++ R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23); ++ R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27); ++ R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31); ++ R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35); ++ R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39); ++ R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43); ++ R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47); ++ R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51); ++ R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55); ++ R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59); ++ R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63); ++ R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67); ++ R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71); ++ R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75); ++ R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79); ++ /* Add the working vars back into context.state[] */ ++ state[0] += a; ++ state[1] += b; ++ state[2] += c; ++ state[3] += d; ++ state[4] += e; ++ /* Wipe variables */ ++ a = b = c = d = e = 0; ++} ++ ++ ++/* SHA1Init - Initialize new context */ ++ ++void ++SHA1_Init(SHA1_CTX *context) ++{ ++ /* SHA1 initialization constants */ ++ context->state[0] = 0x67452301; ++ context->state[1] = 0xEFCDAB89; ++ context->state[2] = 0x98BADCFE; ++ context->state[3] = 0x10325476; ++ context->state[4] = 0xC3D2E1F0; ++ context->count[0] = context->count[1] = 0; ++} ++ ++ ++/* Run your data through this. */ ++ ++void ++SHA1_Update(SHA1_CTX *context, const unsigned char *data, unsigned int len) ++{ ++ unsigned int i, j; ++ ++ j = (context->count[0] >> 3) & 63; ++ if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++; ++ context->count[1] += (len >> 29); ++ if ((j + len) > 63) { ++ memcpy(&context->buffer[j], data, (i = 64-j)); ++ SHA1_Transform(context->state, context->buffer); ++ for ( ; i + 63 < len; i += 64) { ++ SHA1_Transform(context->state, &data[i]); ++ } ++ j = 0; ++ } ++ else ++ i = 0; ++ ++ memcpy(&context->buffer[j], &data[i], len - i); ++} ++ ++ ++/* Add padding and return the message digest. */ ++ ++void ++SHA1_Final(unsigned char digest[20], SHA1_CTX *context) ++{ ++ unsigned long i, j; ++ unsigned char finalcount[8]; ++ ++ for (i = 0; i < 8; i++) { ++ finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)] ++ >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */ ++ } ++ SHA1_Update(context, (unsigned char *) "\200", 1); ++ while ((context->count[0] & 504) != 448) { ++ SHA1_Update(context, (unsigned char *) "\0", 1); ++ } ++ SHA1_Update(context, finalcount, 8); /* Should cause a SHA1Transform() */ ++ for (i = 0; i < 20; i++) { ++ digest[i] = (unsigned char) ++ ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255); ++ } ++ /* Wipe variables */ ++ i = j = 0; ++ memset(context->buffer, 0, 64); ++ memset(context->state, 0, 20); ++ memset(context->count, 0, 8); ++ memset(&finalcount, 0, 8); ++#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite it's own static vars */ ++ SHA1Transform(context->state, context->buffer); ++#endif ++} ++ +--- /dev/null ++++ linux-2.4.25/drivers/net/sha1.h +@@ -0,0 +1,18 @@ ++/* sha1.h */ ++ ++#ifndef _SHA1_H ++#define _SHA1_H ++ ++typedef struct { ++ unsigned long state[5]; ++ unsigned long count[2]; ++ unsigned char buffer[64]; ++} SHA1_CTX; ++ ++#define SHA1_SIGNATURE_SIZE 20 ++ ++extern void SHA1_Init(SHA1_CTX *); ++extern void SHA1_Update(SHA1_CTX *, const unsigned char *, unsigned int); ++extern void SHA1_Final(unsigned char[SHA1_SIGNATURE_SIZE], SHA1_CTX *); ++ ++#endif /* _SHA1_H */ +--- linux-2.4.25/include/linux/ppp-comp.h~mppe-20040216 ++++ linux-2.4.25/include/linux/ppp-comp.h +@@ -187,6 +187,100 @@ + #define DEFLATE_CHK_SEQUENCE 0 + + /* ++ * Definitions for MPPE. ++ */ ++ ++#define CI_MPPE 18 /* config option for MPPE */ ++#define CILEN_MPPE 6 /* length of config option */ ++ ++#define MPPE_PAD 4 /* MPPE growth per frame */ ++#define MPPE_MAX_KEY_LEN 16 /* largest key length (128-bit) */ ++ ++/* option bits for ccp_options.mppe */ ++#define MPPE_OPT_40 0x01 /* 40 bit */ ++#define MPPE_OPT_128 0x02 /* 128 bit */ ++#define MPPE_OPT_STATEFUL 0x04 /* stateful mode */ ++/* unsupported opts */ ++#define MPPE_OPT_56 0x08 /* 56 bit */ ++#define MPPE_OPT_MPPC 0x10 /* MPPC compression */ ++#define MPPE_OPT_D 0x20 /* Unknown */ ++#define MPPE_OPT_UNSUPPORTED (MPPE_OPT_56|MPPE_OPT_MPPC|MPPE_OPT_D) ++#define MPPE_OPT_UNKNOWN 0x40 /* Bits !defined in RFC 3078 were set */ ++ ++/* ++ * This is not nice ... the alternative is a bitfield struct though. ++ * And unfortunately, we cannot share the same bits for the option ++ * names above since C and H are the same bit. We could do a u_int32 ++ * but then we have to do a htonl() all the time and/or we still need ++ * to know which octet is which. ++ */ ++#define MPPE_C_BIT 0x01 /* MPPC */ ++#define MPPE_D_BIT 0x10 /* Obsolete, usage unknown */ ++#define MPPE_L_BIT 0x20 /* 40-bit */ ++#define MPPE_S_BIT 0x40 /* 128-bit */ ++#define MPPE_M_BIT 0x80 /* 56-bit, not supported */ ++#define MPPE_H_BIT 0x01 /* Stateless (in a different byte) */ ++ ++/* Does not include H bit; used for least significant octet only. */ ++#define MPPE_ALL_BITS (MPPE_D_BIT|MPPE_L_BIT|MPPE_S_BIT|MPPE_M_BIT|MPPE_H_BIT) ++ ++/* Build a CI from mppe opts (see RFC 3078) */ ++#define MPPE_OPTS_TO_CI(opts, ci) \ ++ do { \ ++ u_char *ptr = ci; /* u_char[4] */ \ ++ \ ++ /* H bit */ \ ++ if (opts & MPPE_OPT_STATEFUL) \ ++ *ptr++ = 0x0; \ ++ else \ ++ *ptr++ = MPPE_H_BIT; \ ++ *ptr++ = 0; \ ++ *ptr++ = 0; \ ++ \ ++ /* S,L bits */ \ ++ *ptr = 0; \ ++ if (opts & MPPE_OPT_128) \ ++ *ptr |= MPPE_S_BIT; \ ++ if (opts & MPPE_OPT_40) \ ++ *ptr |= MPPE_L_BIT; \ ++ /* M,D,C bits not supported */ \ ++ } while (/* CONSTCOND */ 0) ++ ++/* The reverse of the above */ ++#define MPPE_CI_TO_OPTS(ci, opts) \ ++ do { \ ++ u_char *ptr = ci; /* u_char[4] */ \ ++ \ ++ opts = 0; \ ++ \ ++ /* H bit */ \ ++ if (!(ptr[0] & MPPE_H_BIT)) \ ++ opts |= MPPE_OPT_STATEFUL; \ ++ \ ++ /* S,L bits */ \ ++ if (ptr[3] & MPPE_S_BIT) \ ++ opts |= MPPE_OPT_128; \ ++ if (ptr[3] & MPPE_L_BIT) \ ++ opts |= MPPE_OPT_40; \ ++ \ ++ /* M,D,C bits */ \ ++ if (ptr[3] & MPPE_M_BIT) \ ++ opts |= MPPE_OPT_56; \ ++ if (ptr[3] & MPPE_D_BIT) \ ++ opts |= MPPE_OPT_D; \ ++ if (ptr[3] & MPPE_C_BIT) \ ++ opts |= MPPE_OPT_MPPC; \ ++ \ ++ /* Other bits */ \ ++ if (ptr[0] & ~MPPE_H_BIT) \ ++ opts |= MPPE_OPT_UNKNOWN; \ ++ if (ptr[1] || ptr[2]) \ ++ opts |= MPPE_OPT_UNKNOWN; \ ++ if (ptr[3] & ~MPPE_ALL_BITS) \ ++ opts |= MPPE_OPT_UNKNOWN; \ ++ } while (/* CONSTCOND */ 0) ++ ++/* + * Definitions for other, as yet unsupported, compression methods. + */ + +--- linux-2.4.25/drivers/net/Makefile~mppe-20040216 ++++ linux-2.4.25/drivers/net/Makefile +@@ -18,8 +18,9 @@ + export-objs := 8390.o arlan.o aironet4500_core.o aironet4500_card.o \ + ppp_async.o ppp_generic.o slhc.o pppox.o auto_irq.o \ + net_init.o mii.o +-list-multi := rcpci.o ++list-multi := rcpci.o ppp_mppe.o + rcpci-objs := rcpci45.o rclanmtl.o ++ppp_mppe-objs := ppp_mppe_compress.o sha1.o arcfour.o + + ifeq ($(CONFIG_TULIP),y) + obj-y += tulip/tulip.o +@@ -163,6 +164,14 @@ + obj-$(CONFIG_PPP_BSDCOMP) += bsd_comp.o + obj-$(CONFIG_PPPOE) += pppox.o pppoe.o + ++ifeq ($(CONFIG_PPP_MPPE),y) ++ obj-y += $(ppp_mppe-objs) ++else ++ ifeq ($(CONFIG_PPP_MPPE),m) ++ obj-m += ppp_mppe.o ++ endif ++endif ++ + obj-$(CONFIG_SLIP) += slip.o + ifeq ($(CONFIG_SLIP_COMPRESSED),y) + obj-$(CONFIG_SLIP) += slhc.o +@@ -269,3 +278,7 @@ + + rcpci.o: $(rcpci-objs) + $(LD) -r -o $@ $(rcpci-objs) ++ ++ppp_mppe.o: $(ppp_mppe-objs) ++ $(LD) -r -o $@ $(ppp_mppe-objs) ++ |