Date: Mon, 18 Nov 2002 18:36:35 -0800 (PST) From: Archie Cobbs <archie@dellroad.org> To: freebsd-net@freebsd.org Subject: MPD/PPTP hang problem: try this patch Message-ID: <200211190236.gAJ2aZNV053950@arch20m.dellroad.org>
next in thread | raw e-mail | index | archive | help
--ELM1037673395-53853-0_ Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII For any users of MPD doing PPTP with MPPE encryption who are experiencing random hangs and/or seeing the "insane jump" message from the kernel, please try the attached patch and let me know if it helps. Thanks, -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com --ELM1037673395-53853-0_ Content-Transfer-Encoding: 7bit Content-Type: text/x-patch Content-Disposition: attachment; filename=ng_mppc.patch Content-Description: --- sys/netgraph/ng_mppc.c.orig Mon Nov 18 11:53:06 2002 +++ sys/netgraph/ng_mppc.c Mon Nov 18 12:02:13 2002 @@ -95,6 +95,10 @@ #define MPPC_FLAG_ENCRYPTED 0x1000 /* packet is encrypted */ #define MPPC_CCOUNT_MASK 0x0fff /* sequence number mask */ +#define MPPC_CCOUNT_EXTEND(x) (((x) & 0x0800) != 0 ? \ + ((x) | ~MPPC_CCOUNT_MASK) : \ + ((x) & MPPC_CCOUNT_MASK)) + #define MPPE_UPDATE_MASK 0xff /* coherency count when we're */ #define MPPE_UPDATE_FLAG 0xff /* supposed to update key */ @@ -105,7 +109,7 @@ struct ng_mppc_dir { struct ng_mppc_config cfg; /* configuration */ hook_p hook; /* netgraph hook */ - u_int16_t cc:12; /* coherency count */ + int16_t cc; /* coherency count */ u_char flushed; /* clean history (xmit only) */ #ifdef NETGRAPH_MPPC_COMPRESSION u_char *history; /* compression history */ @@ -466,7 +470,7 @@ /* Initialize */ *resultp = NULL; - header = d->cc; + header = (d->cc & MPPC_CCOUNT_MASK); if (d->flushed) { header |= MPPC_FLAG_FLUSHED; d->flushed = 0; @@ -556,7 +560,7 @@ #endif /* Update sequence number */ - d->cc++; + d->cc = MPPC_CCOUNT_EXTEND(d->cc + 1); /* Install header */ *((u_int16_t *)outbuf) = htons(header); @@ -576,8 +580,9 @@ { const priv_p priv = node->private; struct ng_mppc_dir *const d = &priv->recv; - u_int16_t header, cc, numLost; + u_int16_t header, numLost; u_char *buf; + int16_t cc; int len; /* Pull off header */ @@ -585,7 +590,7 @@ return (EINVAL); m_copydata(m, 0, MPPC_HDRLEN, (caddr_t)&header); NTOHS(header); - cc = (header & MPPC_CCOUNT_MASK); + cc = MPPC_CCOUNT_EXTEND(header & MPPC_CCOUNT_MASK); /* Copy payload into a contiguous region of memory */ len = m->m_pkthdr.len - MPPC_HDRLEN; @@ -595,7 +600,7 @@ m_copydata(m, MPPC_HDRLEN, len, (caddr_t)buf); /* Check for insane jumps in sequence numbering (D.O.S. attack) */ - numLost = ((cc - d->cc) & MPPC_CCOUNT_MASK); + numLost = MPPC_CCOUNT_EXTEND(cc - d->cc); if (numLost >= MPPC_INSANE_JUMP) { log(LOG_ERR, "%s: insane jump %d", __FUNCTION__, numLost); priv->recv.cfg.enable = 0; @@ -619,7 +624,7 @@ ng_mppc_updatekey(d->cfg.bits, d->cfg.startkey, d->key, &d->rc4); } - d->cc++; + d->cc = MPPC_CCOUNT_EXTEND(d->cc + 1); } /* Reset key (except in stateless mode, see below) */ @@ -666,8 +671,8 @@ } } - /* Update coherency count for next time (12 bit arithmetic) */ - d->cc++; + /* Update coherency count for next time */ + d->cc = MPPC_CCOUNT_EXTEND(d->cc + 1); /* Check for unexpected compressed packet */ if ((header & MPPC_FLAG_COMPRESSED) != 0 --ELM1037673395-53853-0_-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200211190236.gAJ2aZNV053950>