From owner-freebsd-net  Mon Nov 18 18:45: 6 2002
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9500037B401
	for <freebsd-net@freebsd.org>; Mon, 18 Nov 2002 18:45:03 -0800 (PST)
Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B0FEE43EA9
	for <freebsd-net@freebsd.org>; Mon, 18 Nov 2002 18:45:02 -0800 (PST)
	(envelope-from archie@dellroad.org)
Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.1.1.20])
	by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id SAA61829
	for <freebsd-net@freebsd.org>; Mon, 18 Nov 2002 18:36:35 -0800 (PST)
Received: from arch20m.dellroad.org (localhost [127.0.0.1])
	by arch20m.dellroad.org (8.12.6/8.12.6) with ESMTP id gAJ2aZOS053951
	for <freebsd-net@freebsd.org>; Mon, 18 Nov 2002 18:36:35 -0800 (PST)
	(envelope-from archie@arch20m.dellroad.org)
Received: (from archie@localhost)
	by arch20m.dellroad.org (8.12.6/8.12.6/Submit) id gAJ2aZNV053950
	for freebsd-net@freebsd.org; Mon, 18 Nov 2002 18:36:35 -0800 (PST)
From: Archie Cobbs <archie@dellroad.org>
Message-Id: <200211190236.gAJ2aZNV053950@arch20m.dellroad.org>
Subject: MPD/PPTP hang problem: try this patch
To: freebsd-net@freebsd.org
Date: Mon, 18 Nov 2002 18:36:35 -0800 (PST)
X-Mailer: ELM [version 2.4ME+ PL99b (25)]
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary=ELM1037673395-53853-0_
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org


--ELM1037673395-53853-0_
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII

For any users of MPD doing PPTP with MPPE encryption who are
experiencing random hangs and/or seeing the "insane jump"
message from the kernel, please try the attached patch and
let me know if it helps.

Thanks,
-Archie

__________________________________________________________________________
Archie Cobbs     *     Packet Design     *     http://www.packetdesign.com

--ELM1037673395-53853-0_
Content-Transfer-Encoding: 7bit
Content-Type: text/x-patch
Content-Disposition: attachment; filename=ng_mppc.patch
Content-Description: 

--- sys/netgraph/ng_mppc.c.orig	Mon Nov 18 11:53:06 2002
+++ sys/netgraph/ng_mppc.c	Mon Nov 18 12:02:13 2002
@@ -95,6 +95,10 @@
 #define MPPC_FLAG_ENCRYPTED	0x1000		/* packet is encrypted */
 #define MPPC_CCOUNT_MASK	0x0fff		/* sequence number mask */
 
+#define MPPC_CCOUNT_EXTEND(x)	(((x) & 0x0800) != 0 ?			\
+					((x) | ~MPPC_CCOUNT_MASK) :	\
+					((x) & MPPC_CCOUNT_MASK))
+
 #define MPPE_UPDATE_MASK	0xff		/* coherency count when we're */
 #define MPPE_UPDATE_FLAG	0xff		/*   supposed to update key */
 
@@ -105,7 +109,7 @@
 struct ng_mppc_dir {
 	struct ng_mppc_config	cfg;		/* configuration */
 	hook_p			hook;		/* netgraph hook */
-	u_int16_t		cc:12;		/* coherency count */
+	int16_t			cc;		/* coherency count */
 	u_char			flushed;	/* clean history (xmit only) */
 #ifdef NETGRAPH_MPPC_COMPRESSION
 	u_char			*history;	/* compression history */
@@ -466,7 +470,7 @@
 
 	/* Initialize */
 	*resultp = NULL;
-	header = d->cc;
+	header = (d->cc & MPPC_CCOUNT_MASK);
 	if (d->flushed) {
 		header |= MPPC_FLAG_FLUSHED;
 		d->flushed = 0;
@@ -556,7 +560,7 @@
 #endif
 
 	/* Update sequence number */
-	d->cc++;
+	d->cc = MPPC_CCOUNT_EXTEND(d->cc + 1);
 
 	/* Install header */
 	*((u_int16_t *)outbuf) = htons(header);
@@ -576,8 +580,9 @@
 {
 	const priv_p priv = node->private;
 	struct ng_mppc_dir *const d = &priv->recv;
-	u_int16_t header, cc, numLost;
+	u_int16_t header, numLost;
 	u_char *buf;
+	int16_t cc;
 	int len;
 
 	/* Pull off header */
@@ -585,7 +590,7 @@
 		return (EINVAL);
 	m_copydata(m, 0, MPPC_HDRLEN, (caddr_t)&header);
 	NTOHS(header);
-	cc = (header & MPPC_CCOUNT_MASK);
+	cc = MPPC_CCOUNT_EXTEND(header & MPPC_CCOUNT_MASK);
 
 	/* Copy payload into a contiguous region of memory */
 	len = m->m_pkthdr.len - MPPC_HDRLEN;
@@ -595,7 +600,7 @@
 	m_copydata(m, MPPC_HDRLEN, len, (caddr_t)buf);
 
 	/* Check for insane jumps in sequence numbering (D.O.S. attack) */
-	numLost = ((cc - d->cc) & MPPC_CCOUNT_MASK);
+	numLost = MPPC_CCOUNT_EXTEND(cc - d->cc);
 	if (numLost >= MPPC_INSANE_JUMP) {
 		log(LOG_ERR, "%s: insane jump %d", __FUNCTION__, numLost);
 		priv->recv.cfg.enable = 0;
@@ -619,7 +624,7 @@
 					ng_mppc_updatekey(d->cfg.bits,
 					    d->cfg.startkey, d->key, &d->rc4);
 				}
-				d->cc++;
+				d->cc = MPPC_CCOUNT_EXTEND(d->cc + 1);
 			}
 
 			/* Reset key (except in stateless mode, see below) */
@@ -666,8 +671,8 @@
 		}
 	}
 
-	/* Update coherency count for next time (12 bit arithmetic) */
-	d->cc++;
+	/* Update coherency count for next time */
+	d->cc = MPPC_CCOUNT_EXTEND(d->cc + 1);
 
 	/* Check for unexpected compressed packet */
 	if ((header & MPPC_FLAG_COMPRESSED) != 0

--ELM1037673395-53853-0_--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message