From owner-cvs-all Tue Nov 7 20:16: 0 2000 Delivered-To: cvs-all@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id D4EC437B479; Tue, 7 Nov 2000 20:15:55 -0800 (PST) Received: from curve.dellroad.org (curve.dellroad.org [10.1.1.30]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id UAA58223; Tue, 7 Nov 2000 20:15:55 -0800 (PST) Received: (from archie@localhost) by curve.dellroad.org (8.11.0/8.11.0) id eA84FtE96239; Tue, 7 Nov 2000 20:15:55 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200011080415.eA84FtE96239@curve.dellroad.org> Subject: Re: cvs commit: src/usr.sbin/ppp chap.c mppe.c mppe.h In-Reply-To: <200011072319.PAA02353@freefall.freebsd.org> "from Brian Somers at Nov 7, 2000 03:19:12 pm" To: Brian Somers Date: Tue, 7 Nov 2000 20:15:55 -0800 (PST) Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Brian Somers writes: > Introduce another global (MPPE_IsServer) so that we initiate the > MPPE session keys correctly. > > I'm a bit dubious about this code. It seems that the session keys > are initialised differently based on whether you're the client or > the server. One side is the server if it issues the first challenge, > but of course you can issue a challenge from both sides.... at the > same time. Sounds like another wonderful M$ assumption... > > Ppp can now talk to itself correctly using encryption. > > Problem solved by: Ustimenko Semen > Hair torn out by: me I ran into the same issue with mpd. I think my conclusion was that whoever initiated the link connection was the "client" and the other was the "server". Most link types have a notion of an originator and a receiver, e.g., modem, PPTP, etc., so this generally works OK. For link types where you can't tell, the "client" is whoever is being authenticated. For link types where you can't tell and both sides authenticate each other, too bad :-) -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message