[pptp-server] MPPE 128 Bit Compression?? What happen to Encr yption???

lists at earthling.2y.net lists at earthling.2y.net
Tue Jan 15 23:35:48 CST 2002 

Most likely, the same patch will work.  There are not many diffrences in
the areas that the patchs patch.

I would quickly generate a quick and dirty little patch, but i dont even
have mppe working right now because on my system, I set it up so one
has to establish a host-to-host ipsec connection before they can pptp,
so the data is allready encrypted by ipsec.

-Justin Kreger

 On Wed, 16 Jan 2002, George
Vieira wrote:

> Hmm.. just went through it and found they talk about 2.4 PPPD and yet it was
> 2.3.11 for require-mppe... bit dumb...
>
> how hard would it be to make the changes manually... argh!!! I guess not.
>
> > -----Original Message-----
> > From:	lists at earthling.2y.net [SMTP:lists at earthling.2y.net]
> > Sent:	Wednesday, January 16, 2002 4:10 PM
> > To:	Jerry Vonau
> > Cc:	Charlie Brady; Tom Eastep; PPTP List (E-mail); George Vieira
> > Subject:	Re: [pptp-server] MPPE 128 Bit Compression?? What happen to
> > Encryption???
> >
> > Sorry, No, I don't have the patch.  But, you could just delete the other
> > cases in the pppd source, and make the default case to drop the conn with
> > the desired error message.
> >
> >
> >  On Tue, 15 Jan 2002, Jerry Vonau wrote:
> >
> > > Hey All:
> > >
> > > I was able to duplicate the "receive" problem.
> > >
> > > I was using a linux client that had the mppe
> > > support, but didn't state that on the command
> > > line or on the options file.
> > >
> > > So there is something else to watch out for when
> > > using the linux client....
> > >
> > > On a different note, anybody have a require
> > > encryption patch for 2.4.1?
> > >
> > > Jerry Vonau
> > >
> > > Charlie Brady wrote:
> > > >
> > > > On Tue, 15 Jan 2002 lists at earthling.2y.net wrote:
> > > >
> > > > > For mppe stateless to work, I think (its been a while), you have to
> > have
> > > > > both sides supporting mppe for it to work at all because the next
> > > >
> > > > You always need both sides supporting mppe for it to work.
> > > >
> > > > The central issue here though is whether encryption is used in one
> > > > direction or in both. Usually you will want both.
> > > >
> > > > > packet's encryption is based off the previous packet.  I may be
> > wrong, as
> > > > > I said its been a while.  That is why when you start loosing packets
> > with
> > > > > stateless, the ppp session has to stop and renegotiate encryption.
> > > > >
> > > > > On Mon, 14 Jan 2002, Tom Eastep wrote:
> > > > >
> > > > > > On Monday 14 January 2002 04:20 pm, Jerry Vonau wrote:
> > > > > > > Hey all:
> > > > > > > >>MPPE 128 bit, stateless receive compression enabled<<
> > > > > > >
> > > > > > > Is the receive part not an error?? That would suggest
> > > > > > > that encryption is for receive only, not transmit....
> > > > > > >
> > > > > > > Should it not be:
> > > > > > >
> > > > > > > MPPE 128 bit, stateless compression enabled
> > > >
> > > > It depends entirely on what is negotiated, which in turn depends
> > entirely
> > > > on the options selected at each end of the link.
> > > >
> > > > Here is the relevant code; as you can see there are three different
> > > > possibilities:
> > > >
> > > > ...
> > > >     ccp_flags_set(f->unit, 1, 1);
> > > >     if (ANY_COMPRESS(*go)) {
> > > >         if (ANY_COMPRESS(*ho)) {
> > > >             if (go->method == ho->method) {
> > > >                 notice("%s compression enabled", method_name(go, ho));
> > > >             } else {
> > > >                 strlcpy(method1, method_name(go, NULL),
> > sizeof(method1));
> > > >                 notice("%s / %s compression enabled",
> > > >                        method1, method_name(ho, NULL));
> > > >             }
> > > >         } else
> > > >             notice("%s receive compression enabled", method_name(go,
> > NULL));
> > > >     } else if (ANY_COMPRESS(*ho))
> > > >         notice("%s transmit compression enabled", method_name(ho,
> > NULL));
> > > > ...
> > > >
> > > > --
> > > > Charlie Brady                         charlieb at e-smith.com
> > > > Lead Product Developer
> > > > Network Server Solutions Group        http://www.e-smith.com/
> > > > Mitel Networks Corporation            http://www.mitel.com/
> > > > Phone: +1 (613) 368 4376 or 564 8000  Fax: +1 (613) 564 7739
> > > >
> > > > _______________________________________________
> > > > pptp-server maillist  -  pptp-server at lists.schulte.org
> > > > http://lists.schulte.org/mailman/listinfo/pptp-server
> > > > --- To unsubscribe, go to the url just above this line. --
> > > _______________________________________________
> > > pptp-server maillist  -  pptp-server at lists.schulte.org
> > > http://lists.schulte.org/mailman/listinfo/pptp-server
> > > --- To unsubscribe, go to the url just above this line. --
> > >
> >
> > --
> > Justin Kreger, MCP MCSE CCNA
> > jkreger at earthling.2y.net jwkreger at uncg.edu justin at wss.net
> >
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> --- To unsubscribe, go to the url just above this line. --
>

-- 
Justin Kreger, MCP MCSE CCNA
jkreger at earthling.2y.net jwkreger at uncg.edu justin at wss.net

More information about the pptp-server mailing list