This change is for enabling the pppd for vpn authentication and setup.

It includes:
  1. Enable the CHAPMS authentication for talking to MS vpn server.
  2. Reuse the message digest/hashing functions in openssl instead of
     the md4, md5 and sha1 functions in the package to save the space.
  3. Enable the execution the ip-up/ip-down script on Android.

Update: add comment and replace tab with spaces.

8 files changed, 135 insertions, 6 deletions

diff --git a/pppd/Android.mk b/pppd/Android.mk
index 01928b1..4155fe3 100644
--- a/pppd/Android.mk
+++ b/pppd/Android.mk
@@ -11,28 +11,28 @@ LOCAL_SRC_FILES:= \
 	ipcp.c \
 	upap.c \
 	chap-new.c \
-	md5.c \
 	ccp.c \
 	ecp.c \
 	ipxcp.c \
 	auth.c \
 	options.c \
 	sys-linux.c \
-	md4.c \
 	chap_ms.c \
 	demand.c \
 	utils.c \
 	tty.c \
 	eap.c \
-	chap-md5.c
+	chap-md5.c \
+	pppcrypt.c \
+	openssl-hash.c
 
 LOCAL_SHARED_LIBRARIES := \
-	libcutils
+	libcutils libcrypto libssl
 
 LOCAL_C_INCLUDES := \
 	$(LOCAL_PATH)/include
 
-LOCAL_CFLAGS := -DANDROID_CHANGES
+LOCAL_CFLAGS := -DANDROID_CHANGES -DCHAPMS=1 -Iexternal/openssl/include
 
 LOCAL_MODULE_PATH := $(TARGET_OUT_OPTIONAL_EXECUTABLES)
 LOCAL_MODULE_TAGS := eng
diff --git a/pppd/chap-new.c b/pppd/chap-new.c
index b09fa3e..7d1aecd 100644
--- a/pppd/chap-new.c
+++ b/pppd/chap-new.c
@@ -35,6 +35,9 @@
 #include "pppd.h"
 #include "chap-new.h"
 #include "chap-md5.h"
+#ifdef ANDROID_CHANGES
+#include "openssl-hash.h"
+#endif
 
 #ifdef CHAPMS
 #include "chap_ms.h"
@@ -141,6 +144,9 @@ chap_init(int unit)
 	memset(&client, 0, sizeof(client));
 	memset(&server, 0, sizeof(server));
 
+#ifdef ANDROID_CHANGES
+	openssl_hash_init();
+#endif
 	chap_md5_init();
 #ifdef CHAPMS
 	chapms_init();
diff --git a/pppd/chap_ms.c b/pppd/chap_ms.c
index fb65d56..5f2c0e2 100644
--- a/pppd/chap_ms.c
+++ b/pppd/chap_ms.c
@@ -89,8 +89,12 @@
 #include "pppd.h"
 #include "chap-new.h"
 #include "chap_ms.h"
+#ifdef ANDROID_CHANGES
+#include "openssl-hash.h"
+#else
 #include "md4.h"
 #include "sha1.h"
+#endif
 #include "pppcrypt.h"
 #include "magic.h"
 
@@ -514,12 +518,17 @@ ascii2unicode(char ascii[], int ascii_len, u_char unicode[])
 static void
 NTPasswordHash(char *secret, int secret_len, u_char hash[MD4_SIGNATURE_SIZE])
 {
+#ifdef ANDROID_CHANGES
+    /* We link with MD4 routines in openssl, we have to take bytes instead */
+    int			mdlen = secret_len;
+#else
 #ifdef __NetBSD__
     /* NetBSD uses the libc md4 routines which take bytes instead of bits */
     int			mdlen = secret_len;
 #else
     int			mdlen = secret_len * 8;
 #endif
+#endif
     MD4_CTX		md4Context;
 
     MD4Init(&md4Context);
diff --git a/pppd/ipcp.c b/pppd/ipcp.c
index 52eb3ca..a7b984f 100644
--- a/pppd/ipcp.c
+++ b/pppd/ipcp.c
@@ -55,6 +55,9 @@
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
+#ifdef ANDROID_CHANGES
+#include <paths.h>
+#endif
 
 #include "pppd.h"
 #include "fsm.h"
@@ -1712,6 +1715,9 @@ ipcp_up(f)
     }
     script_setenv("IPLOCAL", ip_ntoa(go->ouraddr), 0);
     script_setenv("IPREMOTE", ip_ntoa(ho->hisaddr), 1);
+#ifdef ANDROID_CHANGES
+    script_setenv("PATH","/sbin:/system/sbin:/system/bin:/system/xbin", 0);
+#endif
 
     if (go->dnsaddr[0])
 	script_setenv("DNS1", ip_ntoa(go->dnsaddr[0]), 0);
@@ -1978,6 +1984,13 @@ ipcp_script(script)
     slprintf(strlocal, sizeof(strlocal), "%I", ipcp_gotoptions[0].ouraddr);
     slprintf(strremote, sizeof(strremote), "%I", ipcp_hisoptions[0].hisaddr);
 
+#ifdef ANDROID_CHANGES
+    argv[0] = "sh";
+    argv[1] = "-c";
+    argv[2] = script;
+    argv[3] = NULL;
+    ipcp_script_pid = run_program(_PATH_BSHELL, argv, 0, ipcp_script_done, NULL);
+#else
     argv[0] = script;
     argv[1] = ifname;
     argv[2] = devnam;
@@ -1987,6 +2000,7 @@ ipcp_script(script)
     argv[6] = ipparam;
     argv[7] = NULL;
     ipcp_script_pid = run_program(script, argv, 0, ipcp_script_done, NULL);
+#endif
 }
 
 /*
diff --git a/pppd/openssl-hash.c b/pppd/openssl-hash.c
new file mode 100644
index 0000000..840a68c
--- /dev/null
+++ b/pppd/openssl-hash.c
@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2009 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <openssl/evp.h>
+
+const EVP_MD *sha1_md;
+const EVP_MD *md4_md;
+const EVP_MD *md5_md;
+
+void    openssl_hash_init() {
+    /* Use the SHA1 functions in openssl to save the flash space.*/
+    OpenSSL_add_all_digests();
+    sha1_md = EVP_get_digestbyname("sha1");
+    if (!sha1_md) {
+        dbglog("Error Unknown message digest SHA1\n");
+        exit(1);
+    }
+    md4_md = EVP_get_digestbyname("md4");
+    if (!md4_md) {
+        dbglog("Error Unknown message digest MD4\n");
+        exit(1);
+    }
+    md5_md = EVP_get_digestbyname("md5");
+    if (!md5_md) {
+        dbglog("Error Unknown message digest MD5\n");
+        exit(1);
+    }
+}
diff --git a/pppd/openssl-hash.h b/pppd/openssl-hash.h
new file mode 100644
index 0000000..a2a5abe
--- /dev/null
+++ b/pppd/openssl-hash.h
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2009 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __OPENSSL_HASH__
+#define __OPENSSL_HASH__
+
+#include <openssl/evp.h>
+
+extern  const EVP_MD *sha1_md;
+#define SHA1_SIGNATURE_SIZE 20
+#define SHA1_CTX	EVP_MD_CTX
+#define SHA1_Init(ctx)  { \
+    EVP_MD_CTX_init(ctx); \
+    EVP_DigestInit_ex(ctx, sha1_md, NULL); \
+}
+#define SHA1_Update EVP_DigestUpdate
+#define SHA1_Final(digest, ctx)  { \
+    int md_len; \
+    EVP_DigestFinal_ex(ctx, digest, &md_len); \
+}
+
+extern const EVP_MD *md4_md;
+#define MD4_CTX EVP_MD_CTX
+#define MD4Init(ctx)  { \
+    EVP_MD_CTX_init(ctx); \
+    EVP_DigestInit_ex(ctx, md4_md, NULL); \
+}
+#define MD4Update   EVP_DigestUpdate
+#define MD4Final    SHA1_Final
+
+extern const EVP_MD *md5_md;
+#define MD5_CTX EVP_MD_CTX
+#define MD5_Init(ctx)  { \
+    EVP_MD_CTX_init(ctx); \
+    EVP_DigestInit_ex(ctx, md5_md, NULL); \
+}
+#define MD5_Update   EVP_DigestUpdate
+#define MD5_Final    SHA1_Final
+
+extern  void    openssl_hash_init();
+
+#endif
diff --git a/pppd/pppcrypt.c b/pppd/pppcrypt.c
index 8b85b13..1302c83 100644
--- a/pppd/pppcrypt.c
+++ b/pppd/pppcrypt.c
@@ -171,7 +171,7 @@ u_char *key;
 }
 
 bool
-DesEncrypt(clear, key, cipher)
+DesEncrypt(clear, cipher)
 u_char *clear;	/* IN  8 octets */
 u_char *cipher;	/* OUT 8 octets */
 {
diff --git a/pppd/pppcrypt.h b/pppd/pppcrypt.h
index adcdcbc..33b956d 100644
--- a/pppd/pppcrypt.h
+++ b/pppd/pppcrypt.h
@@ -38,8 +38,12 @@
 #endif
 
 #ifndef USE_CRYPT
+#ifdef ANDROID_CHANGES
+#include <openssl/des.h>
+#else
 #include <des.h>
 #endif
+#endif
 
 extern bool	DesSetkey __P((u_char *));
 extern bool	DesEncrypt __P((u_char *, u_char *));