summaryrefslogtreecommitdiffstats
path: root/share/man/man4/ng_mppc.4
diff options
context:
space:
mode:
Diffstat (limited to 'share/man/man4/ng_mppc.4')
-rw-r--r--share/man/man4/ng_mppc.4193
1 files changed, 193 insertions, 0 deletions
diff --git a/share/man/man4/ng_mppc.4 b/share/man/man4/ng_mppc.4
new file mode 100644
index 0000000..e7eeedf
--- /dev/null
+++ b/share/man/man4/ng_mppc.4
@@ -0,0 +1,193 @@
+.\" Copyright (c) 1996-2000 Whistle Communications, Inc.
+.\" All rights reserved.
+.\"
+.\" Subject to the following obligations and disclaimer of warranty, use and
+.\" redistribution of this software, in source or object code forms, with or
+.\" without modifications are expressly permitted by Whistle Communications;
+.\" provided, however, that:
+.\" 1. Any and all reproductions of the source or object code must include the
+.\" copyright notice above and the following disclaimer of warranties; and
+.\" 2. No rights are granted, in any manner or form, to use Whistle
+.\" Communications, Inc. trademarks, including the mark "WHISTLE
+.\" COMMUNICATIONS" on advertising, endorsements, or otherwise except as
+.\" such appears in the above copyright notice or in the software.
+.\"
+.\" THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND
+.\" TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO
+.\" REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE,
+.\" INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
+.\" WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANTEE, OR MAKE ANY
+.\" REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS
+.\" SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE.
+.\" IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES
+.\" RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING
+.\" WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+.\" PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR
+.\" SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY
+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+.\" THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY
+.\" OF SUCH DAMAGE.
+.\"
+.\" Author: Archie Cobbs <archie@FreeBSD.org>
+.\"
+.\" $Whistle: ng_mppc.8,v 1.1 1999/12/08 20:20:39 archie Exp $
+.\" $FreeBSD$
+.\"
+.Dd December 8, 1999
+.Dt NG_MPPC 4
+.Os
+.Sh NAME
+.Nm ng_mppc
+.Nd Microsoft MPPC/MPPE compression and encryption netgraph node type
+.Sh SYNOPSIS
+.In sys/types.h
+.In netgraph/ng_mppc.h
+.Sh DESCRIPTION
+The
+.Nm mppc
+node type implements the Microsoft Point-to-Point Compression (MPPC)
+and Microsoft Point-to-Point Encryption (MPPE) sub-protocols of
+the PPP protocol.
+These protocols are often used in conjunction with the Point-to-Point
+Tunneling Protocol (PPTP).
+.Pp
+The node has two hooks,
+.Dv "comp"
+for compression and
+.Dv "decomp"
+for decompression.
+Typically one or both of these hooks would be connected to the
+.Xr ng_ppp 4
+node type hook of the same name.
+Each direction of traffic flow is independent of the other.
+.Sh HOOKS
+This node type supports the following hooks:
+.Bl -tag -width ".Va decomp"
+.It Va comp
+Connection to
+.Xr ng_ppp 4
+.Dv "comp"
+hook.
+Incoming frames are compressed and/or encrypted, and sent
+back out the same hook.
+.It Va decomp
+Connection to
+.Xr ng_ppp 4
+.Dv "decomp"
+hook.
+Incoming frames are decompressed and/or decrypted, and sent
+back out the same hook.
+.El
+.Sh CONTROL MESSAGES
+This node type supports the generic control messages, plus the following:
+.Bl -tag -width foo
+.It Dv NGM_MPPC_CONFIG_COMP
+This command resets and configures the node for a session in the
+outgoing traffic direction (i.e., for compression and/or encryption).
+This command takes a
+.Dv "struct ng_mppc_config"
+as an argument:
+.Bd -literal -offset 0n
+/* Length of MPPE key */
+#define MPPE_KEY_LEN 16
+
+/* MPPC/MPPE PPP negotiation bits */
+#define MPPC_BIT 0x00000001 /* mppc compression bits */
+#define MPPE_40 0x00000020 /* use 40 bit key */
+#define MPPE_56 0x00000080 /* use 56 bit key */
+#define MPPE_128 0x00000040 /* use 128 bit key */
+#define MPPE_BITS 0x000000e0 /* mppe encryption bits */
+#define MPPE_STATELESS 0x01000000 /* use stateless mode */
+#define MPPC_VALID_BITS 0x010000e1 /* possibly valid bits */
+
+/* Configuration for a session */
+struct ng_mppc_config {
+ u_char enable; /* enable */
+ uint32_t bits; /* config bits */
+ u_char startkey[MPPE_KEY_LEN]; /* start key */
+};
+
+.Ed
+The
+.Dv enabled
+field enables traffic flow through the node.
+The
+.Dv bits
+field contains the bits as negotiated by the Compression Control Protocol
+(CCP) in PPP.
+The
+.Dv startkey
+is only necessary if MPPE was negotiated, and must be equal to the
+session start key as defined for MPPE.
+This key is based on the MS-CHAP credentials used at link authentication time.
+.It Dv NGM_MPPC_CONFIG_DECOMP
+This command resets and configures the node for a session in the
+incoming traffic direction (i.e., for decompression and/or decryption).
+This command takes a
+.Dv "struct ng_mppc_config"
+as an argument.
+.It Dv NGM_MPPC_RESETREQ
+This message contains no arguments, and is bi-directional.
+If an error is detected during decompression, this message is sent by the
+node to the originator of the
+.Dv NGM_MPPC_CONFIG_DECOMP
+message that initiated the session.
+The receiver should respond by sending a PPP CCP Reset-Request to the peer.
+.Pp
+This message may also be received by this node type when a CCP Reset-Request
+is received by the local PPP entity.
+The node will respond by flushing its outgoing compression and encryption
+state so the remote side can resynchronize.
+.El
+.Sh SHUTDOWN
+This node shuts down upon receipt of a
+.Dv NGM_SHUTDOWN
+control message, or when both hooks have been disconnected.
+.Sh COMPILATION
+The kernel options
+.Dv NETGRAPH_MPPC_COMPRESSION
+and
+.Dv NETGRAPH_MPPC_ENCRYPTION
+are supplied to selectively compile in either or both capabilities.
+At least one of these must be defined, or else this node type is useless.
+.Pp
+The MPPC protocol requires proprietary compression code available
+from Hi/Fn (formerly STAC).
+These files must be obtained elsewhere and added to the kernel
+sources before this node type will compile with the
+.Dv NETGRAPH_MPPC_COMPRESSION
+option.
+.Sh SEE ALSO
+.Xr netgraph 4 ,
+.Xr ng_ppp 4 ,
+.Xr ngctl 8
+.Rs
+.%A G. Pall
+.%T "Microsoft Point-To-Point Compression (MPPC) Protocol"
+.%O RFC 2118
+.Re
+.Rs
+.%A G. S. Pall
+.%A G. Zorn
+.%T "Microsoft Point-To-Point Encryption (MPPE) Protocol"
+.%O draft-ietf-pppext-mppe-04.txt
+.Re
+.Rs
+.%A K. Hamzeh
+.%A G. Pall
+.%A W. Verthein
+.%A J. Taarud
+.%A W. Little
+.%A G. Zorn
+.%T "Point-to-Point Tunneling Protocol (PPTP)"
+.%O RFC 2637
+.Re
+.Sh AUTHORS
+.An Archie Cobbs Aq archie@FreeBSD.org
+.Sh BUGS
+In PPP, encryption should be handled by the Encryption Control Protocol (ECP)
+rather than CCP.
+However, Microsoft combined both compression and encryption into their
+``compression'' algorithm, which is confusing.
OpenPOWER on IntegriCloud