diff options
| author | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2010-07-09 08:36:32 +0000 |
|---|---|---|
| committer | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2010-07-09 08:36:32 +0000 |
| commit | 481442bd47f2eceb8168e3cdbb64358f1b771094 (patch) | |
| tree | 94691fa989054616e022458728e27b674bb5d9da /sys/net | |
| parent | a0f6c73bb4b91bda1c69bf8799d3de82a8547fc2 (diff) | |
Modified to make sure that pipex_mppe_ouput() keeps the packet 32bit
aligned.
OK claudio@
Diffstat (limited to 'sys/net')
| -rw-r--r-- | sys/net/pipex.c | 56 | ||||
| -rw-r--r-- | sys/net/pipex_local.h | 4 |
2 files changed, 30 insertions, 30 deletions
diff --git a/sys/net/pipex.c b/sys/net/pipex.c index e7586eb4c70..44bb354be22 100644 --- a/sys/net/pipex.c +++ b/sys/net/pipex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pipex.c,v 1.6 2010/07/08 08:40:29 yasuoka Exp $ */ +/* $OpenBSD: pipex.c,v 1.7 2010/07/09 08:36:31 yasuoka Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -859,22 +859,23 @@ Static void pipex_ppp_output(struct mbuf *m0, struct pipex_session *session, int proto) { u_char *cp, hdr[16]; - int mppe = 0; #ifdef PIPEX_MPPE if (pipex_session_is_mppe_enabled(session)) { - if (proto == PPP_IP) - mppe = 1; + if (proto == PPP_IP) { + pipex_mppe_output(m0, session, PPP_IP); + return; + } } #endif /* PIPEX_MPPE */ cp = hdr; - if (!mppe && pipex_session_has_acf(session)) { + if (pipex_session_has_acf(session)) { if (!pipex_session_is_acfc_enabled(session)) { PUTCHAR(PPP_ALLSTATIONS, cp); PUTCHAR(PPP_UI, cp); } } - if (!mppe && pipex_session_is_pfc_enabled(session) && proto <= 0xff) + if (pipex_session_is_pfc_enabled(session) && proto <= 0xff) PUTCHAR(proto, cp); /* protocol field compression */ else PUTSHORT(proto, cp); @@ -884,13 +885,6 @@ pipex_ppp_output(struct mbuf *m0, struct pipex_session *session, int proto) goto drop; memcpy(mtod(m0, u_char *), hdr, cp - hdr); -#ifdef PIPEX_MPPE - if (mppe) { - pipex_mppe_output(m0, session); - return; - } -#endif /* PIPEX_MPPE */ - switch (session->protocol) { #ifdef PIPEX_PPPOE case PIPEX_PROTO_PPPOE: @@ -1847,10 +1841,14 @@ drop: } Static void -pipex_mppe_output(struct mbuf *m0, struct pipex_session *session) +pipex_mppe_output(struct mbuf *m0, struct pipex_session *session, + uint16_t protocol) { int encrypt, flushed, len; - uint16_t coher_cnt; + struct mppe_header { + uint16_t coher_cnt; + uint16_t protocol; + } __packed *hdr; u_char *cp; struct pipex_mppe *mppe; struct mbuf *m; @@ -1858,12 +1856,12 @@ pipex_mppe_output(struct mbuf *m0, struct pipex_session *session) mppe = &session->mppe_send; /* prepend mppe header */ - M_PREPEND(m0, sizeof(coher_cnt), M_NOWAIT); - if (m0 == NULL) - goto drop; - m0 = m_pullup(m0, 2); + M_PREPEND(m0, sizeof(struct mppe_header), M_NOWAIT); if (m0 == NULL) goto drop; + hdr = mtod(m0, struct mppe_header *); + hdr->protocol = protocol; + /* * create a deep-copy if the mbuf has a shared mbuf cluster. * this is required to handle cases of tcp retransmition. @@ -1878,7 +1876,6 @@ pipex_mppe_output(struct mbuf *m0, struct pipex_session *session) break; } } - cp = mtod(m0, u_char *); /* check coherency counter */ flushed = 0; @@ -1905,21 +1902,24 @@ pipex_mppe_output(struct mbuf *m0, struct pipex_session *session) (encrypt) ? "[encrypt]" : "")); /* setup header information */ - coher_cnt = (mppe->coher_cnt++) & PIPEX_COHERENCY_CNT_MASK; - mppe->coher_cnt &= PIPEX_COHERENCY_CNT_MASK; + hdr->coher_cnt = (mppe->coher_cnt++) & PIPEX_COHERENCY_CNT_MASK; + hdr->coher_cnt &= PIPEX_COHERENCY_CNT_MASK; if (flushed) - coher_cnt |= 0x8000; + hdr->coher_cnt |= 0x8000; if (encrypt) - coher_cnt |= 0x1000; + hdr->coher_cnt |= 0x1000; - PUTSHORT(coher_cnt, cp); - len = m0->m_len - 2; - rc4_crypt(&mppe->rc4ctx, cp, cp, len); + HTONS(hdr->protocol); + HTONS(hdr->coher_cnt); /* encrypt chain */ - for (m = m0->m_next; m; m = m->m_next) { + for (m = m0; m; m = m->m_next) { cp = mtod(m, u_char *); len = m->m_len; + if (m == m0 && len > offsetof(struct mppe_header, protocol)) { + len -= offsetof(struct mppe_header, protocol); + cp += offsetof(struct mppe_header, protocol); + } rc4_crypt(&mppe->rc4ctx, cp, cp, len); } diff --git a/sys/net/pipex_local.h b/sys/net/pipex_local.h index 9580ab16a66..ecc4eee134d 100644 --- a/sys/net/pipex_local.h +++ b/sys/net/pipex_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pipex_local.h,v 1.6 2010/07/08 08:40:29 yasuoka Exp $ */ +/* $OpenBSD: pipex_local.h,v 1.7 2010/07/09 08:36:31 yasuoka Exp $ */ /* * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -297,7 +297,7 @@ Static void GetNewKeyFromSHA (u_char *, u_char *, int, u_char * Static void pipex_mppe_reduce_key (struct pipex_mppe *); Static void mppe_key_change (struct pipex_mppe *); Static void pipex_mppe_input (struct mbuf *, struct pipex_session *); -Static void pipex_mppe_output (struct mbuf *, struct pipex_session *); +Static void pipex_mppe_output (struct mbuf *, struct pipex_session *, uint16_t); Static void pipex_ccp_input (struct mbuf *, struct pipex_session *); Static int pipex_ccp_output (struct pipex_session *, int, int); #endif |