xref: /freebsd/share/man/man4/ng_mppc.4 (revision 77a0943ded95b9e6438f7db70c4a28e4d93946d4) 
1.\" Copyright (c) 1996-2000 Whistle Communications, Inc.
2.\" All rights reserved.
3.\"
4.\" Subject to the following obligations and disclaimer of warranty, use and
5.\" redistribution of this software, in source or object code forms, with or
6.\" without modifications are expressly permitted by Whistle Communications;
7.\" provided, however, that:
8.\" 1. Any and all reproductions of the source or object code must include the
9.\"    copyright notice above and the following disclaimer of warranties; and
10.\" 2. No rights are granted, in any manner or form, to use Whistle
11.\"    Communications, Inc. trademarks, including the mark "WHISTLE
12.\"    COMMUNICATIONS" on advertising, endorsements, or otherwise except as
13.\"    such appears in the above copyright notice or in the software.
14.\"
15.\" THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND
16.\" TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO
17.\" REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE,
18.\" INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF
19.\" MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
20.\" WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANTEE, OR MAKE ANY
21.\" REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS
22.\" SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE.
23.\" IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES
24.\" RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING
25.\" WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26.\" PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR
27.\" SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY
28.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
30.\" THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY
31.\" OF SUCH DAMAGE.
32.\"
33.\" Author: Archie Cobbs <archie@FreeBSD.org>
34.\"
35.\" $Whistle: ng_mppc.8,v 1.1 1999/12/08 20:20:39 archie Exp $
36.\" $FreeBSD$
37.\"
38.Dd December 8, 1999
39.Dt NG_MPPC 4
40.Os FreeBSD
41.Sh NAME
42.Nm ng_mppc
43.Nd Microsoft MPPC/MPPE compression and encryption netgraph node type
44.Sh SYNOPSIS
45.Fd #include <netgraph/ng_mppc.h>
46.Sh DESCRIPTION
47The
48.Nm mppc
49node type implements the Microsoft Point-to-Point Compression (MPPC)
50and Microsoft Point-to-Point Encryption (MPPE) sub-protocols of
51the PPP protocol.
52These protocols are often used in conjunction with the Point-to-Point
53Tunneling Protocol (PPTP).
54.Pp
55The node has two hooks,
56.Dv "comp"
57for compression and
58.Dv "decomp"
59for decompression.
60Typically one or both of these hooks would be connected to the
61.Xr ng_ppp 4
62node type hook of the same name.
63Each direction of traffic flow is independent of the other.
64.Sh HOOKS
65This node type supports the following hooks:
66.Pp
67.Bl -tag -compact -width vjc_vjuncomp
68.It Dv comp
69Connection to
70.Xr ng_ppp 4
71.Dv "comp"
72hook.
73Incoming frames are compressed and/or encrypted, and sent
74back out the same hook.
75.It Dv decomp
76Connection to
77.Xr ng_ppp 4
78.Dv "decomp"
79hook.
80Incoming frames are decompressed and/or decrypted, and sent
81back out the same hook.
82.El
83.Sh CONTROL MESSAGES
84This node type supports the generic control messages, plus the following:
85.Bl -tag -width foo
86.It Dv NGM_MPPC_CONFIG_COMP
87This command resets and configures the node for a session in the
88outgoing traffic direction (i.e., for compression and/or encryption).
89This command takes a
90.Dv "struct ng_mppc_config"
91as an argument:
92.Bd -literal -offset 0
93/* Length of MPPE key */
94#define MPPE_KEY_LEN      16
95
96/* MPPC/MPPE PPP negotiation bits */
97#define MPPC_BIT          0x00000001      /* mppc compression bits */
98#define MPPE_40           0x00000020      /* use 40 bit key */
99#define MPPE_128          0x00000040      /* use 128 bit key */
100#define MPPE_BITS         0x00000060      /* mppe encryption bits */
101#define MPPE_STATELESS    0x01000000      /* use stateless mode */
102#define MPPC_VALID_BITS   0x01000061      /* possibly valid bits */
103
104/* Configuration for a session */
105struct ng_mppc_config {
106    u_char    enable;                 /* enable */
107    u_int32_t bits;                   /* config bits */
108    u_char    startkey[MPPE_KEY_LEN]; /* start key */
109};
110
111.Ed
112The
113.Dv enabled
114field enables traffic flow through the node.
115The
116.Dv bits
117field contains the bits as negotiated by the Compression Control Protocol
118(CCP) in PPP.
119The
120.Dv startkey
121is only necessary if MPPE was negotiated, and must be equal to the
122session start key as defined for MPPE.
123This key is based on the MS-CHAP credentials used at link authentication time.
124.It Dv NGM_MPPC_CONFIG_DECOMP
125This command resets and configures the node for a session in the
126incoming traffic direction (i.e., for decompression and/or decryption).
127This command takes a
128.Dv "struct ng_mppc_config"
129as an argument.
130.It Dv NGM_MPPC_RESETREQ
131This message contains no arguments, and is bi-directional.
132If an error is detected during decompression, this message is sent by the
133node to the originator of the
134.Dv NGM_MPPC_CONFIG_DECOMP
135message that initiated the session.
136The receiver should respond by sending a PPP CCP Reset-Request to the peer.
137.Pp
138This message may also be received by this node type when a CCP Reset-Request
139is received by the local PPP entity.
140The node will respond by flushing its outgoing compression and encryption
141state so the remote side can resynchronize.
142.El
143.Sh SHUTDOWN
144This node shuts down upon receipt of a
145.Dv NGM_SHUTDOWN
146control message, or when both hooks have been disconnected.
147.Sh COMPILATION
148The kernel options
149.Dv NETGRAPH_MPPC_COMPRESSION
150and
151.Dv NETGRAPH_MPPC_ENCRYPTION
152are supplied to selectively compile in either or both capabilities.
153At least one of these must be defined, or else this node type is useless.
154.Pp
155The MPPC protocol requires proprietary compression code available
156from Hi/Fn (formerly STAC).
157These files must be obtained elsewhere and added to the kernel
158sources before this node type will compile with the
159.Dv NETGRAPH_MPPC_COMPRESSION
160option.
161.Sh BUGS
162In PPP, encryption should be handled by the Encryption Control Procotol (ECP)
163rather than CCP.
164However, Microsoft combined both compression and encryption into their
165``compression'' algorithm, which is confusing.
166.Sh SEE ALSO
167.Xr netgraph 4 ,
168.Xr ng_ppp 4 ,
169.Xr ngctl 8
170.Rs
171.%A G. Pall
172.%T "Microsoft Point-To-Point Compression (MPPC) Protocol"
173.%O RFC 2118
174.Re
175.Rs
176.%A G. S. Pall
177.%A G. Zorn
178.%T "Microsoft Point-To-Point Encryption (MPPE) Protocol"
179.%O draft-ietf-pppext-mppe-04.txt
180.Re
181.Rs
182.%A K. Hamzeh
183.%A G. Pall
184.%A W. Verthein
185.%A J. Taarud
186.%A W. Little
187.%A G. Zorn
188.%T "Point-to-Point Tunneling Protocol (PPTP)"
189.%O RFC 2637
190.Re
191.Sh AUTHORS
192Archie Cobbs <archie@FreeBSD.org>
193