diff options
Diffstat (limited to 'recipes/linux/opensimpad-2.4.25-vrs2-pxa1-jpm1/mppe-20040216.patch')
-rw-r--r-- | recipes/linux/opensimpad-2.4.25-vrs2-pxa1-jpm1/mppe-20040216.patch | 1225 |
1 files changed, 0 insertions, 1225 deletions
diff --git a/recipes/linux/opensimpad-2.4.25-vrs2-pxa1-jpm1/mppe-20040216.patch b/recipes/linux/opensimpad-2.4.25-vrs2-pxa1-jpm1/mppe-20040216.patch deleted file mode 100644 index 4393e2ea83..0000000000 --- a/recipes/linux/opensimpad-2.4.25-vrs2-pxa1-jpm1/mppe-20040216.patch +++ /dev/null @@ -1,1225 +0,0 @@ - -# -# Patch managed by http://www.holgerschurig.de/patcher.html -# - ---- linux-2.4.25/drivers/net/Config.in~mppe-20040216 -+++ linux-2.4.25/drivers/net/Config.in -@@ -327,6 +327,7 @@ - dep_tristate ' PPP support for sync tty ports' CONFIG_PPP_SYNC_TTY $CONFIG_PPP - dep_tristate ' PPP Deflate compression' CONFIG_PPP_DEFLATE $CONFIG_PPP - dep_tristate ' PPP BSD-Compress compression' CONFIG_PPP_BSDCOMP $CONFIG_PPP -+ dep_tristate ' PPP MPPE compression (encryption)' CONFIG_PPP_MPPE $CONFIG_PPP - if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then - dep_tristate ' PPP over Ethernet (EXPERIMENTAL)' CONFIG_PPPOE $CONFIG_PPP - fi ---- /dev/null -+++ linux-2.4.25/drivers/net/arcfour.c -@@ -0,0 +1,75 @@ -+/* -+ * arcfour.c -+ * by Frank Cusack <frank@google.com> -+ * 100% public domain -+ * -+ * Implemented from the description in _Applied Cryptography_, 2nd ed. -+ * -+ * ** Distribution ** of this software is unlimited and unrestricted. -+ * -+ * ** Use ** of this software is almost certainly legal; however, refer -+ * to <http://theory.lcs.mit.edu/~rivest/faq.html>. -+ */ -+ -+#include "arcfour.h" -+#if defined(__linux__) -+#include <linux/string.h> -+#endif -+ -+#define swap(a, b) \ -+{ \ -+ unsigned char t = b; \ -+ b = a; \ -+ a = t; \ -+} -+ -+/* -+ * Initialize arcfour from a key. -+ */ -+void -+arcfour_setkey(arcfour_context *context, const unsigned char *key, -+ unsigned keylen) -+{ -+ unsigned i, j; -+ unsigned char K[256]; -+ -+ context->i = context->j = 0; -+ -+ for (i = 0; i < 256; i++) { -+ context->S[i] = i; -+ K[i] = key[i % keylen]; -+ } -+ -+ j = 0; -+ for (i = 0; i < 256; i++) { -+ j = (j + context->S[i] + K[i]) % 256; -+ swap(context->S[i], context->S[j]); -+ } -+ -+ memset(K, 0, sizeof(K)); -+} -+ -+/* -+ * plaintext -> ciphertext (or vice versa) -+ */ -+void -+arcfour_encrypt(arcfour_context *context, const unsigned char *in, unsigned len, -+ unsigned char *out) -+{ -+ unsigned i = context->i; -+ unsigned j = context->j; -+ unsigned char *S = context->S; -+ unsigned char K; -+ -+ while (len--) { -+ i = (i + 1) % 256; -+ j = (j + S[i]) % 256; -+ swap(S[i], S[j]); -+ K = S[(S[i] + S[j]) % 256]; -+ *out++ = *in++ ^ K; -+ } -+ -+ context->i = i; -+ context->j = j; -+} -+ ---- /dev/null -+++ linux-2.4.25/drivers/net/arcfour.h -@@ -0,0 +1,17 @@ -+/* arcfour.h */ -+ -+#ifndef _ARCFOUR_H -+#define _ARCFOUR_H -+ -+typedef struct { -+ unsigned i; -+ unsigned j; -+ unsigned char S[256]; -+} arcfour_context; -+ -+extern void arcfour_setkey(arcfour_context *, const unsigned char *, unsigned); -+extern void arcfour_encrypt(arcfour_context *, const unsigned char *, unsigned, -+ unsigned char *); -+#define arcfour_decrypt arcfour_encrypt -+ -+#endif /* _ARCFOUR_H */ ---- linux-2.4.25/drivers/net/ppp_generic.c~mppe-20040216 -+++ linux-2.4.25/drivers/net/ppp_generic.c -@@ -102,6 +102,7 @@ - spinlock_t rlock; /* lock for receive side 58 */ - spinlock_t wlock; /* lock for transmit side 5c */ - int mru; /* max receive unit 60 */ -+ int mru_alloc; /* MAX(1500,MRU) for dev_alloc_skb() */ - unsigned int flags; /* control bits 64 */ - unsigned int xstate; /* transmit state bits 68 */ - unsigned int rstate; /* receive state bits 6c */ -@@ -129,6 +130,7 @@ - struct sock_fprog pass_filter; /* filter for packets to pass */ - struct sock_fprog active_filter;/* filter for pkts to reset idle */ - #endif /* CONFIG_PPP_FILTER */ -+ int xpad; /* ECP or CCP (MPPE) transmit padding */ - }; - - /* -@@ -552,7 +554,9 @@ - case PPPIOCSMRU: - if (get_user(val, (int *) arg)) - break; -- ppp->mru = val; -+ ppp->mru_alloc = ppp->mru = val; -+ if (ppp->mru_alloc < PPP_MRU) -+ ppp->mru_alloc = PPP_MRU; /* increase for broken peers */ - err = 0; - break; - -@@ -1031,8 +1035,8 @@ - /* try to do packet compression */ - if ((ppp->xstate & SC_COMP_RUN) && ppp->xc_state != 0 - && proto != PPP_LCP && proto != PPP_CCP) { -- new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len, -- GFP_ATOMIC); -+ new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len -+ + ppp->xpad, GFP_ATOMIC); - if (new_skb == 0) { - printk(KERN_ERR "PPP: no memory (comp pkt)\n"); - goto drop; -@@ -1044,15 +1048,28 @@ - /* compressor still expects A/C bytes in hdr */ - len = ppp->xcomp->compress(ppp->xc_state, skb->data - 2, - new_skb->data, skb->len + 2, -- ppp->dev->mtu + PPP_HDRLEN); -+ ppp->dev->mtu + ppp->xpad -+ + PPP_HDRLEN); - if (len > 0 && (ppp->flags & SC_CCP_UP)) { - kfree_skb(skb); - skb = new_skb; - skb_put(skb, len); - skb_pull(skb, 2); /* pull off A/C bytes */ -- } else { -+ } else if (len == 0) { - /* didn't compress, or CCP not up yet */ - kfree_skb(new_skb); -+ } else { -+ /* -+ * (len < 0) -+ * MPPE requires that we do not send unencrypted -+ * frames. The compressor will return -1 if we -+ * should drop the frame. We cannot simply test -+ * the compress_proto because MPPE and MPPC share -+ * the same number. -+ */ -+ printk(KERN_ERR "ppp: compressor dropped pkt\n"); -+ kfree_skb(new_skb); -+ goto drop; - } - } - -@@ -1540,14 +1557,15 @@ - int len; - - if (proto == PPP_COMP) { -- ns = dev_alloc_skb(ppp->mru + PPP_HDRLEN); -+ ns = dev_alloc_skb(ppp->mru_alloc + PPP_HDRLEN); - if (ns == 0) { - printk(KERN_ERR "ppp_decompress_frame: no memory\n"); - goto err; - } - /* the decompressor still expects the A/C bytes in the hdr */ - len = ppp->rcomp->decompress(ppp->rc_state, skb->data - 2, -- skb->len + 2, ns->data, ppp->mru + PPP_HDRLEN); -+ skb->len + 2, ns->data, -+ ppp->mru_alloc + PPP_HDRLEN); - if (len < 0) { - /* Pass the compressed frame to pppd as an - error indication. */ -@@ -1982,6 +2000,20 @@ - ocomp->comp_free(ostate); - err = 0; - } -+ if (ccp_option[0] == CI_MPPE) -+ /* -+ * pppd (userland) has reduced the MTU by MPPE_PAD, -+ * to accomodate "compressor" growth. We must -+ * increase the space allocated for compressor -+ * output in ppp_send_frame() accordingly. Note -+ * that from a purist's view, it may be more correct -+ * to require multilink and fragment large packets, -+ * but that seems inefficient compared to this -+ * little trick. -+ */ -+ ppp->xpad = MPPE_PAD; -+ else -+ ppp->xpad = 0; - - } else { - state = cp->decomp_alloc(ccp_option, data.length); -@@ -2253,6 +2285,7 @@ - /* Initialize the new ppp unit */ - ppp->file.index = unit; - ppp->mru = PPP_MRU; -+ ppp->mru_alloc = PPP_MRU; - init_ppp_file(&ppp->file, INTERFACE); - ppp->file.hdrlen = PPP_HDRLEN - 2; /* don't count proto bytes */ - for (i = 0; i < NUM_NP; ++i) ---- /dev/null -+++ linux-2.4.25/drivers/net/ppp_mppe_compress.c -@@ -0,0 +1,643 @@ -+/* -+ * ==FILEVERSION 20020521== -+ * -+ * ppp_mppe_compress.c - interface MPPE to the PPP code. -+ * This version is for use with Linux kernel 2.2.19+ and 2.4.x. -+ * -+ * By Frank Cusack <frank@google.com>. -+ * Copyright (c) 2002 Google, Inc. -+ * All rights reserved. -+ * -+ * Permission to use, copy, modify, and distribute this software and its -+ * documentation is hereby granted, provided that the above copyright -+ * notice appears in all copies. This software is provided without any -+ * warranty, express or implied. -+ * -+ * Changelog: -+ * 2/15/04 - TS: added #include <version.h> and testing for Kernel -+ * version before using -+ * MOD_DEC_USAGE_COUNT/MOD_INC_USAGE_COUNT which are -+ * depreciated in 2.6 -+ */ -+ -+#include <linux/module.h> -+#include <linux/kernel.h> -+#include <linux/version.h> -+#include <linux/init.h> -+#include <linux/types.h> -+#include <linux/slab.h> -+#include <linux/string.h> -+ -+#include <linux/ppp_defs.h> -+#include <linux/ppp-comp.h> -+ -+#include "arcfour.h" -+#include "sha1.h" -+ -+/* -+ * State for an MPPE (de)compressor. -+ */ -+typedef struct ppp_mppe_state { -+ unsigned char master_key[MPPE_MAX_KEY_LEN]; -+ unsigned char session_key[MPPE_MAX_KEY_LEN]; -+ arcfour_context arcfour_context; /* encryption state */ -+ unsigned keylen; /* key length in bytes */ -+ /* NB: 128-bit == 16, 40-bit == 8! */ -+ /* If we want to support 56-bit, */ -+ /* the unit has to change to bits */ -+ unsigned char bits; /* MPPE control bits */ -+ unsigned ccount; /* 12-bit coherency count (seqno) */ -+ unsigned stateful; /* stateful mode flag */ -+ int discard; /* stateful mode packet loss flag */ -+ int sanity_errors; /* take down LCP if too many */ -+ int unit; -+ int debug; -+ struct compstat stats; -+} ppp_mppe_state; -+ -+/* ppp_mppe_state.bits definitions */ -+#define MPPE_BIT_A 0x80 /* Encryption table were (re)inititalized */ -+#define MPPE_BIT_B 0x40 /* MPPC only (not implemented) */ -+#define MPPE_BIT_C 0x20 /* MPPC only (not implemented) */ -+#define MPPE_BIT_D 0x10 /* This is an encrypted frame */ -+ -+#define MPPE_BIT_FLUSHED MPPE_BIT_A -+#define MPPE_BIT_ENCRYPTED MPPE_BIT_D -+ -+#define MPPE_BITS(p) ((p)[4] & 0xf0) -+#define MPPE_CCOUNT(p) ((((p)[4] & 0x0f) << 8) + (p)[5]) -+#define MPPE_CCOUNT_SPACE 0x1000 /* The size of the ccount space */ -+ -+#define MPPE_OVHD 2 /* MPPE overhead/packet */ -+#define SANITY_MAX 1600 /* Max bogon factor we will tolerate */ -+ -+static void GetNewKeyFromSHA __P((unsigned char *StartKey, -+ unsigned char *SessionKey, -+ unsigned SessionKeyLength, -+ unsigned char *InterimKey)); -+static void mppe_rekey __P((ppp_mppe_state *state, int)); -+static void *mppe_alloc __P((unsigned char *options, int optlen)); -+static void mppe_free __P((void *state)); -+static int mppe_init __P((void *state, unsigned char *options, -+ int optlen, int unit, int debug, const char *)); -+static int mppe_comp_init __P((void *state, unsigned char *options, -+ int optlen, -+ int unit, int hdrlen, int debug)); -+static int mppe_decomp_init __P((void *state, unsigned char *options, -+ int optlen, int unit, -+ int hdrlen, int mru, int debug)); -+static int mppe_compress __P((void *state, unsigned char *ibuf, -+ unsigned char *obuf, -+ int isize, int osize)); -+static void mppe_incomp __P((void *state, unsigned char *ibuf, int icnt)); -+static int mppe_decompress __P((void *state, unsigned char *ibuf, -+ int isize, unsigned char *obuf,int osize)); -+static void mppe_comp_reset __P((void *state)); -+static void mppe_decomp_reset __P((void *state)); -+static void mppe_comp_stats __P((void *state, struct compstat *stats)); -+ -+ -+/* -+ * Key Derivation, from RFC 3078, RFC 3079. -+ * Equivalent to Get_Key() for MS-CHAP as described in RFC 3079. -+ */ -+static void -+GetNewKeyFromSHA(unsigned char *MasterKey, unsigned char *SessionKey, -+ unsigned SessionKeyLength, unsigned char *InterimKey) -+{ -+ SHA1_CTX Context; -+ unsigned char Digest[SHA1_SIGNATURE_SIZE]; -+ -+ unsigned char SHApad1[40] = -+ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; -+ unsigned char SHApad2[40] = -+ { 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, -+ 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, -+ 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, -+ 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2 }; -+ -+ /* assert(SessionKeyLength <= SHA1_SIGNATURE_SIZE); */ -+ -+ SHA1_Init(&Context); -+ SHA1_Update(&Context, MasterKey, SessionKeyLength); -+ SHA1_Update(&Context, SHApad1, sizeof(SHApad1)); -+ SHA1_Update(&Context, SessionKey, SessionKeyLength); -+ SHA1_Update(&Context, SHApad2, sizeof(SHApad2)); -+ SHA1_Final(Digest, &Context); -+ -+ memcpy(InterimKey, Digest, SessionKeyLength); -+} -+ -+/* -+ * Perform the MPPE rekey algorithm, from RFC 3078, sec. 7.3. -+ * Well, not what's written there, but rather what they meant. -+ */ -+static void -+mppe_rekey(ppp_mppe_state *state, int initial_key) -+{ -+ unsigned char InterimKey[MPPE_MAX_KEY_LEN]; -+ -+ GetNewKeyFromSHA(state->master_key, state->session_key, -+ state->keylen, InterimKey); -+ if (!initial_key) { -+ arcfour_setkey(&state->arcfour_context, InterimKey, state->keylen); -+ arcfour_encrypt(&state->arcfour_context, InterimKey, state->keylen, -+ state->session_key); -+ } else { -+ memcpy(state->session_key, InterimKey, state->keylen); -+ } -+ if (state->keylen == 8) { -+ /* See RFC 3078 */ -+ state->session_key[0] = 0xd1; -+ state->session_key[1] = 0x26; -+ state->session_key[2] = 0x9e; -+ } -+ arcfour_setkey(&state->arcfour_context, state->session_key, state->keylen); -+} -+ -+ -+/* -+ * Allocate space for a (de)compressor. -+ */ -+static void * -+mppe_alloc(unsigned char *options, int optlen) -+{ -+ ppp_mppe_state *state; -+ -+ if (optlen != CILEN_MPPE + sizeof(state->master_key) -+ || options[0] != CI_MPPE -+ || options[1] != CILEN_MPPE) -+ return NULL; -+ -+ state = (ppp_mppe_state *) kmalloc(sizeof(*state), GFP_KERNEL); -+ if (state == NULL) -+ return NULL; -+ -+/* -+ Added to avoid module warnings about MOD_INC -+ being depreciated in 2.6.x -+*/ -+#if ( LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) ) -+ try_module_get(THIS_MODULE); -+#else -+ MOD_INC_USE_COUNT; -+#endif -+ memset(state, 0, sizeof(*state)); -+ -+ /* Save keys. */ -+ memcpy(state->master_key, &options[CILEN_MPPE], sizeof(state->master_key)); -+ memcpy(state->session_key, state->master_key, sizeof(state->master_key)); -+ /* -+ * We defer initial key generation until mppe_init(), as mppe_alloc() -+ * is called frequently during negotiation. -+ */ -+ -+ return (void *) state; -+} -+ -+/* -+ * Deallocate space for a (de)compressor. -+ */ -+static void -+mppe_free(void *arg) -+{ -+ ppp_mppe_state *state = (ppp_mppe_state *) arg; -+ -+ if (state) { -+ kfree(state); -+/* -+ Added to avoid module warnings about MOD_DEC_USE_COUNT -+ being depreciated in 2.6.x -+*/ -+#if ( LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) ) -+ module_put(THIS_MODULE); -+#else -+ MOD_DEC_USE_COUNT; -+#endif -+ } -+} -+ -+ -+/* -+ * Initialize (de)compressor state. -+ */ -+static int -+mppe_init(void *arg, unsigned char *options, int optlen, int unit, int debug, -+ const char *debugstr) -+{ -+ ppp_mppe_state *state = (ppp_mppe_state *) arg; -+ unsigned char mppe_opts; -+ -+ if (optlen != CILEN_MPPE -+ || options[0] != CI_MPPE -+ || options[1] != CILEN_MPPE) -+ return 0; -+ -+ MPPE_CI_TO_OPTS(&options[2], mppe_opts); -+ if (mppe_opts & MPPE_OPT_128) -+ state->keylen = 16; -+ else if (mppe_opts & MPPE_OPT_40) -+ state->keylen = 8; -+ else { -+ printk(KERN_WARNING "%s[%d]: unknown key length\n", debugstr, unit); -+ return 0; -+ } -+ if (mppe_opts & MPPE_OPT_STATEFUL) -+ state->stateful = 1; -+ -+ /* Generate the initial session key. */ -+ mppe_rekey(state, 1); -+ -+ if (debug) { -+ int i; -+ char mkey[sizeof(state->master_key) * 2 + 1]; -+ char skey[sizeof(state->session_key) * 2 + 1]; -+ -+ printk(KERN_DEBUG "%s[%d]: initialized with %d-bit %s mode\n", debugstr, -+ unit, (state->keylen == 16)? 128: 40, -+ (state->stateful)? "stateful": "stateless"); -+ -+ for (i = 0; i < sizeof(state->master_key); i++) -+ sprintf(mkey + i * 2, "%.2x", state->master_key[i]); -+ for (i = 0; i < sizeof(state->session_key); i++) -+ sprintf(skey + i * 2, "%.2x", state->session_key[i]); -+ printk(KERN_DEBUG "%s[%d]: keys: master: %s initial session: %s\n", -+ debugstr, unit, mkey, skey); -+ } -+ -+ /* -+ * Initialize the coherency count. The initial value is not specified -+ * in RFC 3078, but we can make a reasonable assumption that it will -+ * start at 0. Setting it to the max here makes the comp/decomp code -+ * do the right thing (determined through experiment). -+ */ -+ state->ccount = MPPE_CCOUNT_SPACE - 1; -+ -+ /* -+ * Note that even though we have initialized the key table, we don't -+ * set the FLUSHED bit. This is contrary to RFC 3078, sec. 3.1. -+ */ -+ state->bits = MPPE_BIT_ENCRYPTED; -+ -+ state->unit = unit; -+ state->debug = debug; -+ -+ return 1; -+} -+ -+ -+ -+static int -+mppe_comp_init(void *arg, unsigned char *options, int optlen, int unit, -+ int hdrlen, int debug) -+{ -+ /* ARGSUSED */ -+ return mppe_init(arg, options, optlen, unit, debug, "mppe_comp_init"); -+} -+ -+/* -+ * We received a CCP Reset-Request (actually, we are sending a Reset-Ack), -+ * tell the compressor to rekey. Note that we MUST NOT rekey for -+ * every CCP Reset-Request; we only rekey on the next xmit packet. -+ * We might get multiple CCP Reset-Requests if our CCP Reset-Ack is lost. -+ * So, rekeying for every CCP Reset-Request is broken as the peer will not -+ * know how many times we've rekeyed. (If we rekey and THEN get another -+ * CCP Reset-Request, we must rekey again.) -+ */ -+static void -+mppe_comp_reset(void *arg) -+{ -+ ppp_mppe_state *state = (ppp_mppe_state *) arg; -+ -+ state->bits |= MPPE_BIT_FLUSHED; -+} -+ -+/* -+ * Compress (encrypt) a packet. -+ * It's strange to call this a compressor, since the output is always -+ * MPPE_OVHD + 2 bytes larger than the input. -+ */ -+int -+mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf, -+ int isize, int osize) -+{ -+ ppp_mppe_state *state = (ppp_mppe_state *) arg; -+ int proto; -+ -+ /* -+ * Check that the protocol is in the range we handle. -+ */ -+ proto = PPP_PROTOCOL(ibuf); -+ if (proto < 0x0021 || proto > 0x00fa) -+ return 0; -+ -+ /* Make sure we have enough room to generate an encrypted packet. */ -+ if (osize < isize + MPPE_OVHD + 2) { -+ /* Drop the packet if we should encrypt it, but can't. */ -+ printk(KERN_DEBUG "mppe_compress[%d]: osize too small! " -+ "(have: %d need: %d)\n", state->unit, -+ osize, osize + MPPE_OVHD + 2); -+ return -1; -+ } -+ -+ osize = isize + MPPE_OVHD + 2; -+ -+ /* -+ * Copy over the PPP header and set control bits. -+ */ -+ obuf[0] = PPP_ADDRESS(ibuf); -+ obuf[1] = PPP_CONTROL(ibuf); -+ obuf[2] = PPP_COMP >> 8; /* isize + MPPE_OVHD + 1 */ -+ obuf[3] = PPP_COMP; /* isize + MPPE_OVHD + 2 */ -+ obuf += PPP_HDRLEN; -+ -+ state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE; -+ if (state->debug >= 7) -+ printk(KERN_DEBUG "mppe_compress[%d]: ccount %d\n", state->unit, -+ state->ccount); -+ obuf[0] = state->ccount >> 8; -+ obuf[1] = state->ccount & 0xff; -+ -+ if (!state->stateful || /* stateless mode */ -+ ((state->ccount & 0xff) == 0xff) || /* "flag" packet */ -+ (state->bits & MPPE_BIT_FLUSHED)) { /* CCP Reset-Request */ -+ /* We must rekey */ -+ if (state->debug && state->stateful) -+ printk(KERN_DEBUG "mppe_compress[%d]: rekeying\n", state->unit); -+ mppe_rekey(state, 0); -+ state->bits |= MPPE_BIT_FLUSHED; -+ } -+ obuf[0] |= state->bits; -+ state->bits &= ~MPPE_BIT_FLUSHED; /* reset for next xmit */ -+ -+ obuf += MPPE_OVHD; -+ ibuf += 2; /* skip to proto field */ -+ isize -= 2; -+ -+ /* Encrypt packet */ -+ arcfour_encrypt(&state->arcfour_context, ibuf, isize, obuf); -+ -+ state->stats.unc_bytes += isize; -+ state->stats.unc_packets++; -+ state->stats.comp_bytes += osize; -+ state->stats.comp_packets++; -+ -+ return osize; -+} -+ -+/* -+ * Since every frame grows by MPPE_OVHD + 2 bytes, this is always going -+ * to look bad ... and the longer the link is up the worse it will get. -+ */ -+static void -+mppe_comp_stats(void *arg, struct compstat *stats) -+{ -+ ppp_mppe_state *state = (ppp_mppe_state *) arg; -+ -+ *stats = state->stats; -+} -+ -+ -+static int -+mppe_decomp_init(void *arg, unsigned char *options, int optlen, int unit, -+ int hdrlen, int mru, int debug) -+{ -+ /* ARGSUSED */ -+ return mppe_init(arg, options, optlen, unit, debug, "mppe_decomp_init"); -+} -+ -+/* -+ * We received a CCP Reset-Ack. Just ignore it. -+ */ -+static void -+mppe_decomp_reset(void *arg) -+{ -+ /* ARGSUSED */ -+ return; -+} -+ -+/* -+ * Decompress (decrypt) an MPPE packet. -+ */ -+int -+mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, -+ int osize) -+{ -+ ppp_mppe_state *state = (ppp_mppe_state *) arg; -+ unsigned ccount; -+ int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED; -+ int sanity = 0; -+ -+ if (isize <= PPP_HDRLEN + MPPE_OVHD) { -+ if (state->debug) -+ printk(KERN_DEBUG "mppe_decompress[%d]: short pkt (%d)\n", -+ state->unit, isize); -+ return DECOMP_ERROR; -+ } -+ -+ /* Make sure we have enough room to decrypt the packet. */ -+ if (osize < isize - MPPE_OVHD - 2) { -+ printk(KERN_DEBUG "mppe_decompress[%d]: osize too small! " -+ "(have: %d need: %d)\n", state->unit, -+ osize, isize - MPPE_OVHD - 2); -+ return DECOMP_ERROR; -+ } -+ osize = isize - MPPE_OVHD - 2; -+ -+ ccount = MPPE_CCOUNT(ibuf); -+ if (state->debug >= 7) -+ printk(KERN_DEBUG "mppe_decompress[%d]: ccount %d\n", state->unit, -+ ccount); -+ -+ /* sanity checks -- terminate with extreme prejudice */ -+ if (!(MPPE_BITS(ibuf) & MPPE_BIT_ENCRYPTED)) { -+ printk(KERN_DEBUG "mppe_decompress[%d]: ENCRYPTED bit not set!\n", -+ state->unit); -+ state->sanity_errors += 100; -+ sanity = 1; -+ } -+ if (!state->stateful && !flushed) { -+ printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set in " -+ "stateless mode!\n", state->unit); -+ state->sanity_errors += 100; -+ sanity = 1; -+ } -+ if (state->stateful && ((ccount & 0xff) == 0xff) && !flushed) { -+ printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set on " -+ "flag packet!\n", state->unit); -+ state->sanity_errors += 100; -+ sanity = 1; -+ } -+ -+ if (sanity) { -+ if (state->sanity_errors < SANITY_MAX) -+ return DECOMP_ERROR; -+ else -+ /* -+ * Take LCP down if the peer is sending too many bogons. -+ * We don't want to do this for a single or just a few -+ * instances since it could just be due to packet corruption. -+ */ -+ return DECOMP_FATALERROR; -+ } -+ -+ /* -+ * Check the coherency count. -+ */ -+ -+ if (!state->stateful) { -+ /* RFC 3078, sec 8.1. Rekey for every packet. */ -+ while (state->ccount != ccount) { -+ mppe_rekey(state, 0); -+ state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE; -+ } -+ } else { -+ /* RFC 3078, sec 8.2. */ -+ if (!state->discard) { -+ /* normal state */ -+ state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE; -+ if (ccount != state->ccount) { -+ /* -+ * (ccount > state->ccount) -+ * Packet loss detected, enter the discard state. -+ * Signal the peer to rekey (by sending a CCP Reset-Request). -+ */ -+ state->discard = 1; -+ return DECOMP_ERROR; -+ } -+ } else { -+ /* discard state */ -+ if (!flushed) { -+ /* ccp.c will be silent (no additional CCP Reset-Requests). */ -+ return DECOMP_ERROR; -+ } else { -+ /* Rekey for every missed "flag" packet. */ -+ while ((ccount & ~0xff) != (state->ccount & ~0xff)) { -+ mppe_rekey(state, 0); -+ state->ccount = (state->ccount + 256) % MPPE_CCOUNT_SPACE; -+ } -+ -+ /* reset */ -+ state->discard = 0; -+ state->ccount = ccount; -+ /* -+ * Another problem with RFC 3078 here. It implies that the -+ * peer need not send a Reset-Ack packet. But RFC 1962 -+ * requires it. Hopefully, M$ does send a Reset-Ack; even -+ * though it isn't required for MPPE synchronization, it is -+ * required to reset CCP state. -+ */ -+ } -+ } -+ if (flushed) -+ mppe_rekey(state, 0); -+ } -+ -+ /* -+ * Fill in the first part of the PPP header. The protocol field -+ * comes from the decrypted data. -+ */ -+ obuf[0] = PPP_ADDRESS(ibuf); /* +1 */ -+ obuf[1] = PPP_CONTROL(ibuf); /* +1 */ -+ obuf += 2; -+ ibuf += PPP_HDRLEN + MPPE_OVHD; -+ isize -= PPP_HDRLEN + MPPE_OVHD; /* -6 */ -+ /* net osize: isize-4 */ -+ -+ /* And finally, decrypt the packet. */ -+ arcfour_decrypt(&state->arcfour_context, ibuf, isize, obuf); -+ -+ state->stats.unc_bytes += osize; -+ state->stats.unc_packets++; -+ state->stats.comp_bytes += isize; -+ state->stats.comp_packets++; -+ -+ /* good packet credit */ -+ state->sanity_errors >>= 1; -+ -+ return osize; -+} -+ -+/* -+ * Incompressible data has arrived (this should never happen!). -+ * We should probably drop the link if the protocol is in the range -+ * of what should be encrypted. At the least, we should drop this -+ * packet. (How to do this?) -+ */ -+static void -+mppe_incomp(void *arg, unsigned char *ibuf, int icnt) -+{ -+ ppp_mppe_state *state = (ppp_mppe_state *) arg; -+ -+ if (state->debug && -+ (PPP_PROTOCOL(ibuf) >= 0x0021 && PPP_PROTOCOL(ibuf) <= 0x00fa)) -+ printk(KERN_DEBUG "mppe_incomp[%d]: incompressible (unencrypted) data! " -+ "(proto %04x)\n", state->unit, PPP_PROTOCOL(ibuf)); -+ -+ state->stats.inc_bytes += icnt; -+ state->stats.inc_packets++; -+ state->stats.unc_bytes += icnt; -+ state->stats.unc_packets++; -+} -+ -+/************************************************************* -+ * Module interface table -+ *************************************************************/ -+ -+/* These are in ppp.c (2.2.x) or ppp_generic.c (2.4.x) */ -+extern int ppp_register_compressor (struct compressor *cp); -+extern void ppp_unregister_compressor (struct compressor *cp); -+ -+/* -+ * Procedures exported to if_ppp.c. -+ */ -+struct compressor ppp_mppe = { -+ CI_MPPE, /* compress_proto */ -+ mppe_alloc, /* comp_alloc */ -+ mppe_free, /* comp_free */ -+ mppe_comp_init, /* comp_init */ -+ mppe_comp_reset, /* comp_reset */ -+ mppe_compress, /* compress */ -+ mppe_comp_stats, /* comp_stat */ -+ mppe_alloc, /* decomp_alloc */ -+ mppe_free, /* decomp_free */ -+ mppe_decomp_init, /* decomp_init */ -+ mppe_decomp_reset, /* decomp_reset */ -+ mppe_decompress, /* decompress */ -+ mppe_incomp, /* incomp */ -+ mppe_comp_stats, /* decomp_stat */ -+}; -+ -+/* 2.2 compatibility defines */ -+#ifndef __init -+#define __init -+#endif -+#ifndef __exit -+#define __exit -+#endif -+#ifndef MODULE_LICENSE -+#define MODULE_LICENSE(license) -+#endif -+ -+int __init -+ppp_mppe_init(void) -+{ -+ int answer = ppp_register_compressor(&ppp_mppe); -+ -+ if (answer == 0) -+ printk(KERN_INFO "PPP MPPE Compression module registered\n"); -+ return answer; -+} -+ -+void __exit -+ppp_mppe_cleanup(void) -+{ -+ ppp_unregister_compressor(&ppp_mppe); -+} -+ -+module_init(ppp_mppe_init); -+module_exit(ppp_mppe_cleanup); -+MODULE_LICENSE("BSD without advertisement clause"); ---- /dev/null -+++ linux-2.4.25/drivers/net/sha1.c -@@ -0,0 +1,185 @@ -+/* -+ * ftp://ftp.funet.fi/pub/crypt/hash/sha/sha1.c -+ * -+ * SHA-1 in C -+ * By Steve Reid <steve@edmweb.com> -+ * 100% Public Domain -+ * -+ * Test Vectors (from FIPS PUB 180-1) -+ * "abc" -+ * A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D -+ * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -+ * 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1 -+ * A million repetitions of "a" -+ * 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F -+ */ -+ -+/* #define SHA1HANDSOFF * Copies data before messing with it. */ -+ -+#if defined(__linux__) -+#include <asm/byteorder.h> -+#include <linux/string.h> -+#elif defined(__solaris__) -+#include <sys/isa_defs.h> -+#include <sys/ddi.h> -+#include <sys/sunddi.h> -+#define memcpy(d, s, c) bcopy(s, d, c) -+#define memset(d, b, c) bzero(d, c) -+#endif -+ -+#include "sha1.h" -+ -+static void SHA1_Transform(unsigned long[5], const unsigned char[64]); -+ -+#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) -+ -+/* blk0() and blk() perform the initial expand. */ -+/* I got the idea of expanding during the round function from SSLeay */ -+#if defined(__LITTLE_ENDIAN) || defined(_LITTLE_ENDIAN) -+#define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \ -+ |(rol(block->l[i],8)&0x00FF00FF)) -+#elif defined(__BIG_ENDIAN) || defined(_BIG_ENDIAN) -+#define blk0(i) block->l[i] -+#else -+#error Endianness not defined -+#endif -+#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \ -+ ^block->l[(i+2)&15]^block->l[i&15],1)) -+ -+/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */ -+#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30); -+#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30); -+#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30); -+#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30); -+#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30); -+ -+ -+/* Hash a single 512-bit block. This is the core of the algorithm. */ -+ -+static void -+SHA1_Transform(unsigned long state[5], const unsigned char buffer[64]) -+{ -+ unsigned long a, b, c, d, e; -+ typedef union { -+ unsigned char c[64]; -+ unsigned long l[16]; -+ } CHAR64LONG16; -+ CHAR64LONG16 *block; -+ -+#ifdef SHA1HANDSOFF -+ static unsigned char workspace[64]; -+ block = (CHAR64LONG16 *) workspace; -+ memcpy(block, buffer, 64); -+#else -+ block = (CHAR64LONG16 *) buffer; -+#endif -+ /* Copy context->state[] to working vars */ -+ a = state[0]; -+ b = state[1]; -+ c = state[2]; -+ d = state[3]; -+ e = state[4]; -+ /* 4 rounds of 20 operations each. Loop unrolled. */ -+ R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3); -+ R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7); -+ R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11); -+ R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15); -+ R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19); -+ R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23); -+ R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27); -+ R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31); -+ R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35); -+ R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39); -+ R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43); -+ R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47); -+ R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51); -+ R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55); -+ R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59); -+ R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63); -+ R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67); -+ R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71); -+ R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75); -+ R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79); -+ /* Add the working vars back into context.state[] */ -+ state[0] += a; -+ state[1] += b; -+ state[2] += c; -+ state[3] += d; -+ state[4] += e; -+ /* Wipe variables */ -+ a = b = c = d = e = 0; -+} -+ -+ -+/* SHA1Init - Initialize new context */ -+ -+void -+SHA1_Init(SHA1_CTX *context) -+{ -+ /* SHA1 initialization constants */ -+ context->state[0] = 0x67452301; -+ context->state[1] = 0xEFCDAB89; -+ context->state[2] = 0x98BADCFE; -+ context->state[3] = 0x10325476; -+ context->state[4] = 0xC3D2E1F0; -+ context->count[0] = context->count[1] = 0; -+} -+ -+ -+/* Run your data through this. */ -+ -+void -+SHA1_Update(SHA1_CTX *context, const unsigned char *data, unsigned int len) -+{ -+ unsigned int i, j; -+ -+ j = (context->count[0] >> 3) & 63; -+ if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++; -+ context->count[1] += (len >> 29); -+ if ((j + len) > 63) { -+ memcpy(&context->buffer[j], data, (i = 64-j)); -+ SHA1_Transform(context->state, context->buffer); -+ for ( ; i + 63 < len; i += 64) { -+ SHA1_Transform(context->state, &data[i]); -+ } -+ j = 0; -+ } -+ else -+ i = 0; -+ -+ memcpy(&context->buffer[j], &data[i], len - i); -+} -+ -+ -+/* Add padding and return the message digest. */ -+ -+void -+SHA1_Final(unsigned char digest[20], SHA1_CTX *context) -+{ -+ unsigned long i, j; -+ unsigned char finalcount[8]; -+ -+ for (i = 0; i < 8; i++) { -+ finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)] -+ >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */ -+ } -+ SHA1_Update(context, (unsigned char *) "\200", 1); -+ while ((context->count[0] & 504) != 448) { -+ SHA1_Update(context, (unsigned char *) "\0", 1); -+ } -+ SHA1_Update(context, finalcount, 8); /* Should cause a SHA1Transform() */ -+ for (i = 0; i < 20; i++) { -+ digest[i] = (unsigned char) -+ ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255); -+ } -+ /* Wipe variables */ -+ i = j = 0; -+ memset(context->buffer, 0, 64); -+ memset(context->state, 0, 20); -+ memset(context->count, 0, 8); -+ memset(&finalcount, 0, 8); -+#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite it's own static vars */ -+ SHA1Transform(context->state, context->buffer); -+#endif -+} -+ ---- /dev/null -+++ linux-2.4.25/drivers/net/sha1.h -@@ -0,0 +1,18 @@ -+/* sha1.h */ -+ -+#ifndef _SHA1_H -+#define _SHA1_H -+ -+typedef struct { -+ unsigned long state[5]; -+ unsigned long count[2]; -+ unsigned char buffer[64]; -+} SHA1_CTX; -+ -+#define SHA1_SIGNATURE_SIZE 20 -+ -+extern void SHA1_Init(SHA1_CTX *); -+extern void SHA1_Update(SHA1_CTX *, const unsigned char *, unsigned int); -+extern void SHA1_Final(unsigned char[SHA1_SIGNATURE_SIZE], SHA1_CTX *); -+ -+#endif /* _SHA1_H */ ---- linux-2.4.25/include/linux/ppp-comp.h~mppe-20040216 -+++ linux-2.4.25/include/linux/ppp-comp.h -@@ -187,6 +187,100 @@ - #define DEFLATE_CHK_SEQUENCE 0 - - /* -+ * Definitions for MPPE. -+ */ -+ -+#define CI_MPPE 18 /* config option for MPPE */ -+#define CILEN_MPPE 6 /* length of config option */ -+ -+#define MPPE_PAD 4 /* MPPE growth per frame */ -+#define MPPE_MAX_KEY_LEN 16 /* largest key length (128-bit) */ -+ -+/* option bits for ccp_options.mppe */ -+#define MPPE_OPT_40 0x01 /* 40 bit */ -+#define MPPE_OPT_128 0x02 /* 128 bit */ -+#define MPPE_OPT_STATEFUL 0x04 /* stateful mode */ -+/* unsupported opts */ -+#define MPPE_OPT_56 0x08 /* 56 bit */ -+#define MPPE_OPT_MPPC 0x10 /* MPPC compression */ -+#define MPPE_OPT_D 0x20 /* Unknown */ -+#define MPPE_OPT_UNSUPPORTED (MPPE_OPT_56|MPPE_OPT_MPPC|MPPE_OPT_D) -+#define MPPE_OPT_UNKNOWN 0x40 /* Bits !defined in RFC 3078 were set */ -+ -+/* -+ * This is not nice ... the alternative is a bitfield struct though. -+ * And unfortunately, we cannot share the same bits for the option -+ * names above since C and H are the same bit. We could do a u_int32 -+ * but then we have to do a htonl() all the time and/or we still need -+ * to know which octet is which. -+ */ -+#define MPPE_C_BIT 0x01 /* MPPC */ -+#define MPPE_D_BIT 0x10 /* Obsolete, usage unknown */ -+#define MPPE_L_BIT 0x20 /* 40-bit */ -+#define MPPE_S_BIT 0x40 /* 128-bit */ -+#define MPPE_M_BIT 0x80 /* 56-bit, not supported */ -+#define MPPE_H_BIT 0x01 /* Stateless (in a different byte) */ -+ -+/* Does not include H bit; used for least significant octet only. */ -+#define MPPE_ALL_BITS (MPPE_D_BIT|MPPE_L_BIT|MPPE_S_BIT|MPPE_M_BIT|MPPE_H_BIT) -+ -+/* Build a CI from mppe opts (see RFC 3078) */ -+#define MPPE_OPTS_TO_CI(opts, ci) \ -+ do { \ -+ u_char *ptr = ci; /* u_char[4] */ \ -+ \ -+ /* H bit */ \ -+ if (opts & MPPE_OPT_STATEFUL) \ -+ *ptr++ = 0x0; \ -+ else \ -+ *ptr++ = MPPE_H_BIT; \ -+ *ptr++ = 0; \ -+ *ptr++ = 0; \ -+ \ -+ /* S,L bits */ \ -+ *ptr = 0; \ -+ if (opts & MPPE_OPT_128) \ -+ *ptr |= MPPE_S_BIT; \ -+ if (opts & MPPE_OPT_40) \ -+ *ptr |= MPPE_L_BIT; \ -+ /* M,D,C bits not supported */ \ -+ } while (/* CONSTCOND */ 0) -+ -+/* The reverse of the above */ -+#define MPPE_CI_TO_OPTS(ci, opts) \ -+ do { \ -+ u_char *ptr = ci; /* u_char[4] */ \ -+ \ -+ opts = 0; \ -+ \ -+ /* H bit */ \ -+ if (!(ptr[0] & MPPE_H_BIT)) \ -+ opts |= MPPE_OPT_STATEFUL; \ -+ \ -+ /* S,L bits */ \ -+ if (ptr[3] & MPPE_S_BIT) \ -+ opts |= MPPE_OPT_128; \ -+ if (ptr[3] & MPPE_L_BIT) \ -+ opts |= MPPE_OPT_40; \ -+ \ -+ /* M,D,C bits */ \ -+ if (ptr[3] & MPPE_M_BIT) \ -+ opts |= MPPE_OPT_56; \ -+ if (ptr[3] & MPPE_D_BIT) \ -+ opts |= MPPE_OPT_D; \ -+ if (ptr[3] & MPPE_C_BIT) \ -+ opts |= MPPE_OPT_MPPC; \ -+ \ -+ /* Other bits */ \ -+ if (ptr[0] & ~MPPE_H_BIT) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ if (ptr[1] || ptr[2]) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ if (ptr[3] & ~MPPE_ALL_BITS) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ } while (/* CONSTCOND */ 0) -+ -+/* - * Definitions for other, as yet unsupported, compression methods. - */ - ---- linux-2.4.25/drivers/net/Makefile~mppe-20040216 -+++ linux-2.4.25/drivers/net/Makefile -@@ -18,8 +18,9 @@ - export-objs := 8390.o arlan.o aironet4500_core.o aironet4500_card.o \ - ppp_async.o ppp_generic.o slhc.o pppox.o auto_irq.o \ - net_init.o mii.o --list-multi := rcpci.o -+list-multi := rcpci.o ppp_mppe.o - rcpci-objs := rcpci45.o rclanmtl.o -+ppp_mppe-objs := ppp_mppe_compress.o sha1.o arcfour.o - - ifeq ($(CONFIG_TULIP),y) - obj-y += tulip/tulip.o -@@ -163,6 +164,14 @@ - obj-$(CONFIG_PPP_BSDCOMP) += bsd_comp.o - obj-$(CONFIG_PPPOE) += pppox.o pppoe.o - -+ifeq ($(CONFIG_PPP_MPPE),y) -+ obj-y += $(ppp_mppe-objs) -+else -+ ifeq ($(CONFIG_PPP_MPPE),m) -+ obj-m += ppp_mppe.o -+ endif -+endif -+ - obj-$(CONFIG_SLIP) += slip.o - ifeq ($(CONFIG_SLIP_COMPRESSED),y) - obj-$(CONFIG_SLIP) += slhc.o -@@ -269,3 +278,7 @@ - - rcpci.o: $(rcpci-objs) - $(LD) -r -o $@ $(rcpci-objs) -+ -+ppp_mppe.o: $(ppp_mppe-objs) -+ $(LD) -r -o $@ $(ppp_mppe-objs) -+ |