diff options
| author | archie <archie@FreeBSD.org> | 2001-12-15 02:07:32 +0000 |
|---|---|---|
| committer | archie <archie@FreeBSD.org> | 2001-12-15 02:07:32 +0000 |
| commit | ead8e0f2f73f82334aec049fd693352a3cf2a74f (patch) | |
| tree | ad676a49b512f210ccf9f752cdb5c0e11ff546c0 /sys/netgraph | |
| parent | 51a3c73ffeec832a2014a756a6ffa758eea70b21 (diff) | |
| download | FreeBSD-src-ead8e0f2f73f82334aec049fd693352a3cf2a74f.zip FreeBSD-src-ead8e0f2f73f82334aec049fd693352a3cf2a74f.tar.gz | |
Add support for 56 bit MPPE encryption.
MFC after: 3 days
Diffstat (limited to 'sys/netgraph')
| -rw-r--r-- | sys/netgraph/ng_mppc.c | 16 | ||||
| -rw-r--r-- | sys/netgraph/ng_mppc.h | 5 |
2 files changed, 12 insertions, 9 deletions
diff --git a/sys/netgraph/ng_mppc.c b/sys/netgraph/ng_mppc.c index 5f44386..0ebd7d2 100644 --- a/sys/netgraph/ng_mppc.c +++ b/sys/netgraph/ng_mppc.c @@ -164,7 +164,7 @@ static struct ng_type ng_mppc_typestruct = { }; NETGRAPH_INIT(mppc, &ng_mppc_typestruct); -/* Fixed bit pattern to weaken keysize down to 40 bits */ +/* Fixed bit pattern to weaken keysize down to 40 or 56 bits */ static const u_char ng_mppe_weakenkey[3] = { 0xd1, 0x26, 0x9e }; #define ERROUT(x) do { error = (x); goto done; } while (0) @@ -295,10 +295,10 @@ ng_mppc_rcvmsg(node_p node, item_p item, hook_p lasthook) bcopy(cfg->startkey, d->key, keylen); ng_mppc_getkey(cfg->startkey, d->key, keylen); - if ((cfg->bits & MPPE_128) == 0) { - bcopy(&ng_mppe_weakenkey, d->key, - sizeof(ng_mppe_weakenkey)); - } + if ((cfg->bits & MPPE_40) != 0) + bcopy(&ng_mppe_weakenkey, d->key, 3); + else if ((cfg->bits & MPPE_56) != 0) + bcopy(&ng_mppe_weakenkey, d->key, 1); rc4_init(&d->rc4, d->key, keylen); } #endif @@ -779,8 +779,10 @@ ng_mppc_updatekey(u_int32_t bits, ng_mppc_getkey(key0, key, keylen); rc4_init(rc4, key, keylen); rc4_crypt(rc4, key, key, keylen); - if ((bits & MPPE_128) == 0) - bcopy(&ng_mppe_weakenkey, key, sizeof(ng_mppe_weakenkey)); + if ((bits & MPPE_40) != 0) + bcopy(&ng_mppe_weakenkey, key, 3); + else if ((bits & MPPE_56) != 0) + bcopy(&ng_mppe_weakenkey, key, 1); rc4_init(rc4, key, keylen); } diff --git a/sys/netgraph/ng_mppc.h b/sys/netgraph/ng_mppc.h index 2abb65e..e13188c 100644 --- a/sys/netgraph/ng_mppc.h +++ b/sys/netgraph/ng_mppc.h @@ -60,10 +60,11 @@ /* MPPC/MPPE PPP negotiation bits */ #define MPPC_BIT 0x00000001 /* mppc compression bits */ #define MPPE_40 0x00000020 /* use 40 bit key */ +#define MPPE_56 0x00000080 /* use 56 bit key */ #define MPPE_128 0x00000040 /* use 128 bit key */ -#define MPPE_BITS 0x00000060 /* mppe encryption bits */ +#define MPPE_BITS 0x000000e0 /* mppe encryption bits */ #define MPPE_STATELESS 0x01000000 /* use stateless mode */ -#define MPPC_VALID_BITS 0x01000061 /* possibly valid bits */ +#define MPPC_VALID_BITS 0x010000e1 /* possibly valid bits */ /* Config struct (per-direction) */ struct ng_mppc_config { |
