[pptp-server] Forcing encryption (was: Optimizing pppd for PPTP)
Patrick J. LoPresti
patl at cag.lcs.mit.edu
Sat Mar 18 12:11:16 CST 2000
Martin Mueller <mm at lunetix.de> writes:
> I think my patch is doing 2) at the moment, at least I´m hopeing to
> achieve it with the following snippet:
>
> +++ ppp-2.3.11.mppe/pppd/ccp.c
> @ -450,6 +455,8 @@
> {
> ccp_flags_set(unit, 0, 0);
> fsm_lowerdown(&ccp_fsm[unit]);
> + if ( ccp_wantoptions[unit].require_mppe || ccp_wantoptions[unit].require_mppe_stateless )
> + lcp_close(unit,"Encryption negotiation rejected");
> }
>
> Which should close the connection on the closing of the CCP.
>
> Correct me if I´m wrong.
I believe you are wrong, although I am not enough of a pppd expert to
be sure. My reasoning follows.
Open up ppp-2.3.11/pppd/ccp.c and follow along...
Find the call to ccp_fatal_error(). This returns true when a fatal
error has occurred. If so, we log a message and call ccp_close().
Now look at ccp_close(). It does something very similar to
ccp_protrej(), which is the function you have changed to terminate the
connection when CCP negotiation fails. I believe you need to make a
similar change to ccp_close(), and possibly to ccp_down() as well (to
be completely safe).
Now you can correct me if *I* am wrong :-).
- Pat
More information about the pptp-server
mailing list