6 files changed, 44 insertions, 22 deletions

diff --git a/accel-pppd/auth/auth_mschap_v1.c b/accel-pppd/auth/auth_mschap_v1.c
index 65e7b3d9..10d5fe8e 100644
--- a/accel-pppd/auth/auth_mschap_v1.c
+++ b/accel-pppd/auth/auth_mschap_v1.c
@@ -426,8 +426,7 @@ static void set_mppe_keys(struct chap_auth_data_t *ad, uint8_t *z_hash)
 
 	struct ev_mppe_keys_t ev_mppe = {
 		.ppp = ad->ppp,
-		.type = 1 << 2,
-		.policy = 1,
+		.policy = -1,
 		.recv_key = digest,
 		.send_key = digest,
 	};
diff --git a/accel-pppd/auth/auth_mschap_v2.c b/accel-pppd/auth/auth_mschap_v2.c
index 07489513..ebcffb7a 100644
--- a/accel-pppd/auth/auth_mschap_v2.c
+++ b/accel-pppd/auth/auth_mschap_v2.c
@@ -541,8 +541,7 @@ static void set_mppe_keys(struct chap_auth_data_t *ad, uint8_t *z_hash, uint8_t
 
 	struct ev_mppe_keys_t ev_mppe = {
 		.ppp = ad->ppp,
-		.type = 1 << 2,
-		.policy = 1,
+		.policy = -1,
 		.recv_key = recv_key,
 		.send_key = send_key,
 	};
diff --git a/accel-pppd/ppp/ccp_mppe.c b/accel-pppd/ppp/ccp_mppe.c
index cdc8950a..7acf568c 100644
--- a/accel-pppd/ppp/ccp_mppe.c
+++ b/accel-pppd/ppp/ccp_mppe.c
@@ -167,7 +167,7 @@ static int mppe_recv_conf_req(struct ppp_ccp_t *ccp, struct ccp_option_t *opt, u
 	} else if (mppe_opt->policy == 1) {
 		if (ntohl(opt32->val)  == (MPPE_S | MPPE_H))
 			mppe_opt->mppe = 1;
-		else if (((ntohl(opt32->val) & (MPPE_S | MPPE_H)) == (MPPE_S | MPPE_H)) || conf_mppe == 1) {
+		else if ((ntohl(opt32->val) & (MPPE_S | MPPE_H)) || conf_mppe == 1) {
 			mppe_opt->mppe = 1;
 			return CCP_OPT_NAK;
 		} else if (opt32->val) {
@@ -258,14 +258,18 @@ static void ev_mppe_keys(struct ev_mppe_keys_t *ev)
 	struct ppp_ccp_t *ccp = ccp_find_layer_data(ev->ppp);
 	struct mppe_option_t *mppe_opt = container_of(ccp_find_option(ev->ppp, &mppe_opt_hnd), typeof(*mppe_opt), opt);
 
+	memcpy(mppe_opt->recv_key, ev->recv_key, 16);
+	memcpy(mppe_opt->send_key, ev->send_key, 16);
+
+	if (ev->policy == -1)
+		return;
+
 	if ((ev->type & 0x04) == 0) {
 		log_ppp_warn("mppe: 128-bit session keys not allowed, disabling mppe ...\n");
 		mppe_opt->mppe = 0;
 		return;
 	}
 	
-	memcpy(mppe_opt->recv_key, ev->recv_key, 16);
-	memcpy(mppe_opt->send_key, ev->send_key, 16);
 	mppe_opt->policy = ev->policy;
 
 	if (ev->policy == 2) {
@@ -276,6 +280,9 @@ static void ev_mppe_keys(struct ev_mppe_keys_t *ev)
 			mppe_opt->mppe = 1;
 		else
 			mppe_opt->mppe = -1;
+
+		if (conf_mppe == 2)
+			ccp->passive = 1;
 	}
 }
 
diff --git a/accel-pppd/ppp/ppp_ccp.c b/accel-pppd/ppp/ppp_ccp.c
index e59a0638..fd5a1f76 100644
--- a/accel-pppd/ppp/ppp_ccp.c
+++ b/accel-pppd/ppp/ppp_ccp.c
@@ -32,6 +32,7 @@ static LIST_HEAD(option_handlers);
 
 static void ccp_layer_up(struct ppp_fsm_t*);
 static void ccp_layer_down(struct ppp_fsm_t*);
+static void ccp_layer_finished(struct ppp_fsm_t*);
 static int send_conf_req(struct ppp_fsm_t*);
 static void send_conf_ack(struct ppp_fsm_t*);
 static void send_conf_nak(struct ppp_fsm_t*);
@@ -116,7 +117,8 @@ static struct ppp_layer_data_t *ccp_layer_init(struct ppp_t *ppp)
 	ccp->fsm.max_configure = conf_ccp_max_configure;
 
 	ccp->fsm.layer_up = ccp_layer_up;
-	ccp->fsm.layer_finished = ccp_layer_down;
+	ccp->fsm.layer_finished = ccp_layer_finished;
+	ccp->fsm.layer_down = ccp_layer_down;
 	ccp->fsm.send_conf_req = send_conf_req;
 	ccp->fsm.send_conf_ack = send_conf_ack;
 	ccp->fsm.send_conf_nak = send_conf_nak;
@@ -199,7 +201,7 @@ static void ccp_layer_up(struct ppp_fsm_t *fsm)
 	}
 }
 
-static void ccp_layer_down(struct ppp_fsm_t *fsm)
+static void ccp_layer_finished(struct ppp_fsm_t *fsm)
 {
 	struct ppp_ccp_t *ccp = container_of(fsm, typeof(*ccp), fsm);
 
@@ -207,11 +209,20 @@ static void ccp_layer_down(struct ppp_fsm_t *fsm)
 
 	if (!ccp->started) {
 		ccp->started = 1;
-		ppp_fsm_close(fsm);
 		ppp_layer_started(ccp->ppp, &ccp->ld);
 	}
 }
 
+static void ccp_layer_down(struct ppp_fsm_t *fsm)
+{
+	struct ppp_ccp_t *ccp = container_of(fsm, typeof(*ccp), fsm);
+
+	log_ppp_debug("ccp_layer_down\n");
+
+	ppp_fsm_close(fsm);
+}
+
+
 static void print_ropt(struct recv_opt_t *ropt)
 {
 	int i;
@@ -644,9 +655,9 @@ static void ccp_recv(struct ppp_handler_t*h)
 		case CONFREQ:	
 			r = ccp_recv_conf_req(ccp, (uint8_t*)(hdr + 1), ntohs(hdr->len) - PPP_HDRLEN);
 			if (ccp->passive) {
+				ccp->passive = 0;
 				ppp_fsm_lower_up(&ccp->fsm);
 				ppp_fsm_open(&ccp->fsm);
-				ccp->passive = 0;
 			}
 			if (ccp->started) {
 				if (r == CCP_OPT_ACK)
diff --git a/accel-pppd/ppp/ppp_fsm.c b/accel-pppd/ppp/ppp_fsm.c
index 33f82375..b43945b8 100644
--- a/accel-pppd/ppp/ppp_fsm.c
+++ b/accel-pppd/ppp/ppp_fsm.c
@@ -215,12 +215,6 @@ void ppp_fsm_recv_conf_req_ack(struct ppp_fsm_t *layer)
 			--layer->restart_counter;
 			if (layer->send_conf_req) layer->send_conf_req(layer);
 		case FSM_Req_Sent:
-			if (layer->send_conf_ack) layer->send_conf_ack(layer);
-			init_req_counter(layer,layer->max_configure);
-			--layer->restart_counter;
-			if (layer->send_conf_req) layer->send_conf_req(layer);
-			layer->fsm_state=FSM_Ack_Sent;
-			break;
 		case FSM_Ack_Sent:
 			if (layer->send_conf_ack) layer->send_conf_ack(layer);
 			layer->fsm_state=FSM_Ack_Sent;
@@ -381,7 +375,10 @@ void ppp_fsm_recv_conf_rej(struct ppp_fsm_t *layer)
 			layer->fsm_state=FSM_Req_Sent;
 			break;
 		case FSM_Ack_Sent:
-			//if (layer->init_req_cnt) layer->init_req_cnt(layer);
+			if (++layer->conf_failure == layer->max_failure) {
+				if (layer->layer_down) layer->layer_down(layer);
+				return;
+			}
 			init_req_counter(layer,layer->max_configure);
 			--layer->restart_counter;
 			if (layer->send_conf_req) layer->send_conf_req(layer);
diff --git a/accel-pppd/ppp/ppp_ipcp.c b/accel-pppd/ppp/ppp_ipcp.c
index 39627026..bd9f50df 100644
--- a/accel-pppd/ppp/ppp_ipcp.c
+++ b/accel-pppd/ppp/ppp_ipcp.c
@@ -135,10 +135,8 @@ void ipcp_layer_free(struct ppp_layer_data_t *ld)
 	_free(ipcp);
 }
 
-static void ipcp_layer_up(struct ppp_fsm_t *fsm)
+static void __ipcp_layer_up(struct ppp_ipcp_t *ipcp)
 {
-	struct ppp_ipcp_t *ipcp = container_of(fsm, typeof(*ipcp), fsm);
-
 	log_ppp_debug("ipcp_layer_started\n");
 
 	if (!ipcp->started) {
@@ -147,6 +145,14 @@ static void ipcp_layer_up(struct ppp_fsm_t *fsm)
 	}
 }
 
+static void ipcp_layer_up(struct ppp_fsm_t *fsm)
+{
+	struct ppp_ipcp_t *ipcp = container_of(fsm, typeof(*ipcp), fsm);
+	
+	if (!ipcp->delay_ack)
+		__ipcp_layer_up(ipcp);
+}
+
 static void ipcp_layer_down(struct ppp_fsm_t *fsm)
 {
 	struct ppp_ipcp_t *ipcp = container_of(fsm, typeof(*ipcp), fsm);
@@ -563,6 +569,7 @@ static void ipcp_recv(struct ppp_handler_t*h)
 	struct ipcp_hdr_t *hdr;
 	struct ppp_ipcp_t *ipcp = container_of(h, typeof(*ipcp), hnd);
 	int r;
+	int delay_ack = ipcp->delay_ack;
 
 	if (ipcp->fsm.fsm_state == FSM_Initial || ipcp->fsm.fsm_state == FSM_Closed || ipcp->ppp->terminating) {
 		if (conf_ppp_verbose)
@@ -593,7 +600,9 @@ static void ipcp_recv(struct ppp_handler_t*h)
 				ipcp_free_conf_req(ipcp);
 				return;
 			}
-			if (ipcp->started) {
+			if (delay_ack && !ipcp->delay_ack)
+				__ipcp_layer_up(ipcp);
+			if (ipcp->started || delay_ack) {
 				if (r == IPCP_OPT_ACK)
 					send_conf_ack(&ipcp->fsm);
 				else