Yasushi TAUCHI
ソースの整理中ですが、利用はできます。
Dependencies: EthernetInterface HttpServer TextLCD mbed-rpc mbed-rtos mbed Socket lwip-eth lwip-sys lwip
EthernetInterface/lwip/netif/ppp/chap.c@0:7766f6712673, 2014-03-12 (annotated)
- Committer:
- yueee_yt
- Date:
- Wed Mar 12 04:19:54 2014 +0000
- Revision:
- 0:7766f6712673
???????????????
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| yueee_yt | 0:7766f6712673 | 1 | /*** WARNING - THIS HAS NEVER BEEN FINISHED ***/ |
| yueee_yt | 0:7766f6712673 | 2 | /***************************************************************************** |
| yueee_yt | 0:7766f6712673 | 3 | * chap.c - Network Challenge Handshake Authentication Protocol program file. |
| yueee_yt | 0:7766f6712673 | 4 | * |
| yueee_yt | 0:7766f6712673 | 5 | * Copyright (c) 2003 by Marc Boucher, Services Informatiques (MBSI) inc. |
| yueee_yt | 0:7766f6712673 | 6 | * portions Copyright (c) 1997 by Global Election Systems Inc. |
| yueee_yt | 0:7766f6712673 | 7 | * |
| yueee_yt | 0:7766f6712673 | 8 | * The authors hereby grant permission to use, copy, modify, distribute, |
| yueee_yt | 0:7766f6712673 | 9 | * and license this software and its documentation for any purpose, provided |
| yueee_yt | 0:7766f6712673 | 10 | * that existing copyright notices are retained in all copies and that this |
| yueee_yt | 0:7766f6712673 | 11 | * notice and the following disclaimer are included verbatim in any |
| yueee_yt | 0:7766f6712673 | 12 | * distributions. No written agreement, license, or royalty fee is required |
| yueee_yt | 0:7766f6712673 | 13 | * for any of the authorized uses. |
| yueee_yt | 0:7766f6712673 | 14 | * |
| yueee_yt | 0:7766f6712673 | 15 | * THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS *AS IS* AND ANY EXPRESS OR |
| yueee_yt | 0:7766f6712673 | 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
| yueee_yt | 0:7766f6712673 | 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
| yueee_yt | 0:7766f6712673 | 18 | * IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
| yueee_yt | 0:7766f6712673 | 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
| yueee_yt | 0:7766f6712673 | 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| yueee_yt | 0:7766f6712673 | 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| yueee_yt | 0:7766f6712673 | 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| yueee_yt | 0:7766f6712673 | 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| yueee_yt | 0:7766f6712673 | 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| yueee_yt | 0:7766f6712673 | 25 | * |
| yueee_yt | 0:7766f6712673 | 26 | ****************************************************************************** |
| yueee_yt | 0:7766f6712673 | 27 | * REVISION HISTORY |
| yueee_yt | 0:7766f6712673 | 28 | * |
| yueee_yt | 0:7766f6712673 | 29 | * 03-01-01 Marc Boucher <marc@mbsi.ca> |
| yueee_yt | 0:7766f6712673 | 30 | * Ported to lwIP. |
| yueee_yt | 0:7766f6712673 | 31 | * 97-12-04 Guy Lancaster <lancasterg@acm.org>, Global Election Systems Inc. |
| yueee_yt | 0:7766f6712673 | 32 | * Original based on BSD chap.c. |
| yueee_yt | 0:7766f6712673 | 33 | *****************************************************************************/ |
| yueee_yt | 0:7766f6712673 | 34 | /* |
| yueee_yt | 0:7766f6712673 | 35 | * chap.c - Challenge Handshake Authentication Protocol. |
| yueee_yt | 0:7766f6712673 | 36 | * |
| yueee_yt | 0:7766f6712673 | 37 | * Copyright (c) 1993 The Australian National University. |
| yueee_yt | 0:7766f6712673 | 38 | * All rights reserved. |
| yueee_yt | 0:7766f6712673 | 39 | * |
| yueee_yt | 0:7766f6712673 | 40 | * Redistribution and use in source and binary forms are permitted |
| yueee_yt | 0:7766f6712673 | 41 | * provided that the above copyright notice and this paragraph are |
| yueee_yt | 0:7766f6712673 | 42 | * duplicated in all such forms and that any documentation, |
| yueee_yt | 0:7766f6712673 | 43 | * advertising materials, and other materials related to such |
| yueee_yt | 0:7766f6712673 | 44 | * distribution and use acknowledge that the software was developed |
| yueee_yt | 0:7766f6712673 | 45 | * by the Australian National University. The name of the University |
| yueee_yt | 0:7766f6712673 | 46 | * may not be used to endorse or promote products derived from this |
| yueee_yt | 0:7766f6712673 | 47 | * software without specific prior written permission. |
| yueee_yt | 0:7766f6712673 | 48 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR |
| yueee_yt | 0:7766f6712673 | 49 | * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED |
| yueee_yt | 0:7766f6712673 | 50 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. |
| yueee_yt | 0:7766f6712673 | 51 | * |
| yueee_yt | 0:7766f6712673 | 52 | * Copyright (c) 1991 Gregory M. Christy. |
| yueee_yt | 0:7766f6712673 | 53 | * All rights reserved. |
| yueee_yt | 0:7766f6712673 | 54 | * |
| yueee_yt | 0:7766f6712673 | 55 | * Redistribution and use in source and binary forms are permitted |
| yueee_yt | 0:7766f6712673 | 56 | * provided that the above copyright notice and this paragraph are |
| yueee_yt | 0:7766f6712673 | 57 | * duplicated in all such forms and that any documentation, |
| yueee_yt | 0:7766f6712673 | 58 | * advertising materials, and other materials related to such |
| yueee_yt | 0:7766f6712673 | 59 | * distribution and use acknowledge that the software was developed |
| yueee_yt | 0:7766f6712673 | 60 | * by Gregory M. Christy. The name of the author may not be used to |
| yueee_yt | 0:7766f6712673 | 61 | * endorse or promote products derived from this software without |
| yueee_yt | 0:7766f6712673 | 62 | * specific prior written permission. |
| yueee_yt | 0:7766f6712673 | 63 | * |
| yueee_yt | 0:7766f6712673 | 64 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR |
| yueee_yt | 0:7766f6712673 | 65 | * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED |
| yueee_yt | 0:7766f6712673 | 66 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. |
| yueee_yt | 0:7766f6712673 | 67 | */ |
| yueee_yt | 0:7766f6712673 | 68 | |
| yueee_yt | 0:7766f6712673 | 69 | #include "lwip/opt.h" |
| yueee_yt | 0:7766f6712673 | 70 | |
| yueee_yt | 0:7766f6712673 | 71 | #if PPP_SUPPORT /* don't build if not configured for use in lwipopts.h */ |
| yueee_yt | 0:7766f6712673 | 72 | |
| yueee_yt | 0:7766f6712673 | 73 | #if CHAP_SUPPORT /* don't build if not configured for use in lwipopts.h */ |
| yueee_yt | 0:7766f6712673 | 74 | |
| yueee_yt | 0:7766f6712673 | 75 | #include "ppp.h" |
| yueee_yt | 0:7766f6712673 | 76 | #include "pppdebug.h" |
| yueee_yt | 0:7766f6712673 | 77 | |
| yueee_yt | 0:7766f6712673 | 78 | #include "magic.h" |
| yueee_yt | 0:7766f6712673 | 79 | #include "randm.h" |
| yueee_yt | 0:7766f6712673 | 80 | #include "auth.h" |
| yueee_yt | 0:7766f6712673 | 81 | #include "md5.h" |
| yueee_yt | 0:7766f6712673 | 82 | #include "chap.h" |
| yueee_yt | 0:7766f6712673 | 83 | #include "chpms.h" |
| yueee_yt | 0:7766f6712673 | 84 | |
| yueee_yt | 0:7766f6712673 | 85 | #include <string.h> |
| yueee_yt | 0:7766f6712673 | 86 | |
| yueee_yt | 0:7766f6712673 | 87 | #if 0 /* UNUSED */ |
| yueee_yt | 0:7766f6712673 | 88 | /* |
| yueee_yt | 0:7766f6712673 | 89 | * Command-line options. |
| yueee_yt | 0:7766f6712673 | 90 | */ |
| yueee_yt | 0:7766f6712673 | 91 | static option_t chap_option_list[] = { |
| yueee_yt | 0:7766f6712673 | 92 | { "chap-restart", o_int, &chap[0].timeouttime, |
| yueee_yt | 0:7766f6712673 | 93 | "Set timeout for CHAP" }, |
| yueee_yt | 0:7766f6712673 | 94 | { "chap-max-challenge", o_int, &chap[0].max_transmits, |
| yueee_yt | 0:7766f6712673 | 95 | "Set max #xmits for challenge" }, |
| yueee_yt | 0:7766f6712673 | 96 | { "chap-interval", o_int, &chap[0].chal_interval, |
| yueee_yt | 0:7766f6712673 | 97 | "Set interval for rechallenge" }, |
| yueee_yt | 0:7766f6712673 | 98 | #ifdef MSLANMAN |
| yueee_yt | 0:7766f6712673 | 99 | { "ms-lanman", o_bool, &ms_lanman, |
| yueee_yt | 0:7766f6712673 | 100 | "Use LanMan passwd when using MS-CHAP", 1 }, |
| yueee_yt | 0:7766f6712673 | 101 | #endif |
| yueee_yt | 0:7766f6712673 | 102 | { NULL } |
| yueee_yt | 0:7766f6712673 | 103 | }; |
| yueee_yt | 0:7766f6712673 | 104 | #endif /* UNUSED */ |
| yueee_yt | 0:7766f6712673 | 105 | |
| yueee_yt | 0:7766f6712673 | 106 | /* |
| yueee_yt | 0:7766f6712673 | 107 | * Protocol entry points. |
| yueee_yt | 0:7766f6712673 | 108 | */ |
| yueee_yt | 0:7766f6712673 | 109 | static void ChapInit (int); |
| yueee_yt | 0:7766f6712673 | 110 | static void ChapLowerUp (int); |
| yueee_yt | 0:7766f6712673 | 111 | static void ChapLowerDown (int); |
| yueee_yt | 0:7766f6712673 | 112 | static void ChapInput (int, u_char *, int); |
| yueee_yt | 0:7766f6712673 | 113 | static void ChapProtocolReject (int); |
| yueee_yt | 0:7766f6712673 | 114 | #if PPP_ADDITIONAL_CALLBACKS |
| yueee_yt | 0:7766f6712673 | 115 | static int ChapPrintPkt (u_char *, int, void (*) (void *, char *, ...), void *); |
| yueee_yt | 0:7766f6712673 | 116 | #endif |
| yueee_yt | 0:7766f6712673 | 117 | |
| yueee_yt | 0:7766f6712673 | 118 | struct protent chap_protent = { |
| yueee_yt | 0:7766f6712673 | 119 | PPP_CHAP, |
| yueee_yt | 0:7766f6712673 | 120 | ChapInit, |
| yueee_yt | 0:7766f6712673 | 121 | ChapInput, |
| yueee_yt | 0:7766f6712673 | 122 | ChapProtocolReject, |
| yueee_yt | 0:7766f6712673 | 123 | ChapLowerUp, |
| yueee_yt | 0:7766f6712673 | 124 | ChapLowerDown, |
| yueee_yt | 0:7766f6712673 | 125 | NULL, |
| yueee_yt | 0:7766f6712673 | 126 | NULL, |
| yueee_yt | 0:7766f6712673 | 127 | #if PPP_ADDITIONAL_CALLBACKS |
| yueee_yt | 0:7766f6712673 | 128 | ChapPrintPkt, |
| yueee_yt | 0:7766f6712673 | 129 | NULL, |
| yueee_yt | 0:7766f6712673 | 130 | #endif /* PPP_ADDITIONAL_CALLBACKS */ |
| yueee_yt | 0:7766f6712673 | 131 | 1, |
| yueee_yt | 0:7766f6712673 | 132 | "CHAP", |
| yueee_yt | 0:7766f6712673 | 133 | #if PPP_ADDITIONAL_CALLBACKS |
| yueee_yt | 0:7766f6712673 | 134 | NULL, |
| yueee_yt | 0:7766f6712673 | 135 | NULL, |
| yueee_yt | 0:7766f6712673 | 136 | NULL |
| yueee_yt | 0:7766f6712673 | 137 | #endif /* PPP_ADDITIONAL_CALLBACKS */ |
| yueee_yt | 0:7766f6712673 | 138 | }; |
| yueee_yt | 0:7766f6712673 | 139 | |
| yueee_yt | 0:7766f6712673 | 140 | chap_state chap[NUM_PPP]; /* CHAP state; one for each unit */ |
| yueee_yt | 0:7766f6712673 | 141 | |
| yueee_yt | 0:7766f6712673 | 142 | static void ChapChallengeTimeout (void *); |
| yueee_yt | 0:7766f6712673 | 143 | static void ChapResponseTimeout (void *); |
| yueee_yt | 0:7766f6712673 | 144 | static void ChapReceiveChallenge (chap_state *, u_char *, u_char, int); |
| yueee_yt | 0:7766f6712673 | 145 | static void ChapRechallenge (void *); |
| yueee_yt | 0:7766f6712673 | 146 | static void ChapReceiveResponse (chap_state *, u_char *, int, int); |
| yueee_yt | 0:7766f6712673 | 147 | static void ChapReceiveSuccess(chap_state *cstate, u_char *inp, u_char id, int len); |
| yueee_yt | 0:7766f6712673 | 148 | static void ChapReceiveFailure(chap_state *cstate, u_char *inp, u_char id, int len); |
| yueee_yt | 0:7766f6712673 | 149 | static void ChapSendStatus (chap_state *, int); |
| yueee_yt | 0:7766f6712673 | 150 | static void ChapSendChallenge (chap_state *); |
| yueee_yt | 0:7766f6712673 | 151 | static void ChapSendResponse (chap_state *); |
| yueee_yt | 0:7766f6712673 | 152 | static void ChapGenChallenge (chap_state *); |
| yueee_yt | 0:7766f6712673 | 153 | |
| yueee_yt | 0:7766f6712673 | 154 | /* |
| yueee_yt | 0:7766f6712673 | 155 | * ChapInit - Initialize a CHAP unit. |
| yueee_yt | 0:7766f6712673 | 156 | */ |
| yueee_yt | 0:7766f6712673 | 157 | static void |
| yueee_yt | 0:7766f6712673 | 158 | ChapInit(int unit) |
| yueee_yt | 0:7766f6712673 | 159 | { |
| yueee_yt | 0:7766f6712673 | 160 | chap_state *cstate = &chap[unit]; |
| yueee_yt | 0:7766f6712673 | 161 | |
| yueee_yt | 0:7766f6712673 | 162 | BZERO(cstate, sizeof(*cstate)); |
| yueee_yt | 0:7766f6712673 | 163 | cstate->unit = unit; |
| yueee_yt | 0:7766f6712673 | 164 | cstate->clientstate = CHAPCS_INITIAL; |
| yueee_yt | 0:7766f6712673 | 165 | cstate->serverstate = CHAPSS_INITIAL; |
| yueee_yt | 0:7766f6712673 | 166 | cstate->timeouttime = CHAP_DEFTIMEOUT; |
| yueee_yt | 0:7766f6712673 | 167 | cstate->max_transmits = CHAP_DEFTRANSMITS; |
| yueee_yt | 0:7766f6712673 | 168 | /* random number generator is initialized in magic_init */ |
| yueee_yt | 0:7766f6712673 | 169 | } |
| yueee_yt | 0:7766f6712673 | 170 | |
| yueee_yt | 0:7766f6712673 | 171 | |
| yueee_yt | 0:7766f6712673 | 172 | /* |
| yueee_yt | 0:7766f6712673 | 173 | * ChapAuthWithPeer - Authenticate us with our peer (start client). |
| yueee_yt | 0:7766f6712673 | 174 | * |
| yueee_yt | 0:7766f6712673 | 175 | */ |
| yueee_yt | 0:7766f6712673 | 176 | void |
| yueee_yt | 0:7766f6712673 | 177 | ChapAuthWithPeer(int unit, char *our_name, u_char digest) |
| yueee_yt | 0:7766f6712673 | 178 | { |
| yueee_yt | 0:7766f6712673 | 179 | chap_state *cstate = &chap[unit]; |
| yueee_yt | 0:7766f6712673 | 180 | |
| yueee_yt | 0:7766f6712673 | 181 | cstate->resp_name = our_name; |
| yueee_yt | 0:7766f6712673 | 182 | cstate->resp_type = digest; |
| yueee_yt | 0:7766f6712673 | 183 | |
| yueee_yt | 0:7766f6712673 | 184 | if (cstate->clientstate == CHAPCS_INITIAL || |
| yueee_yt | 0:7766f6712673 | 185 | cstate->clientstate == CHAPCS_PENDING) { |
| yueee_yt | 0:7766f6712673 | 186 | /* lower layer isn't up - wait until later */ |
| yueee_yt | 0:7766f6712673 | 187 | cstate->clientstate = CHAPCS_PENDING; |
| yueee_yt | 0:7766f6712673 | 188 | return; |
| yueee_yt | 0:7766f6712673 | 189 | } |
| yueee_yt | 0:7766f6712673 | 190 | |
| yueee_yt | 0:7766f6712673 | 191 | /* |
| yueee_yt | 0:7766f6712673 | 192 | * We get here as a result of LCP coming up. |
| yueee_yt | 0:7766f6712673 | 193 | * So even if CHAP was open before, we will |
| yueee_yt | 0:7766f6712673 | 194 | * have to re-authenticate ourselves. |
| yueee_yt | 0:7766f6712673 | 195 | */ |
| yueee_yt | 0:7766f6712673 | 196 | cstate->clientstate = CHAPCS_LISTEN; |
| yueee_yt | 0:7766f6712673 | 197 | } |
| yueee_yt | 0:7766f6712673 | 198 | |
| yueee_yt | 0:7766f6712673 | 199 | |
| yueee_yt | 0:7766f6712673 | 200 | /* |
| yueee_yt | 0:7766f6712673 | 201 | * ChapAuthPeer - Authenticate our peer (start server). |
| yueee_yt | 0:7766f6712673 | 202 | */ |
| yueee_yt | 0:7766f6712673 | 203 | void |
| yueee_yt | 0:7766f6712673 | 204 | ChapAuthPeer(int unit, char *our_name, u_char digest) |
| yueee_yt | 0:7766f6712673 | 205 | { |
| yueee_yt | 0:7766f6712673 | 206 | chap_state *cstate = &chap[unit]; |
| yueee_yt | 0:7766f6712673 | 207 | |
| yueee_yt | 0:7766f6712673 | 208 | cstate->chal_name = our_name; |
| yueee_yt | 0:7766f6712673 | 209 | cstate->chal_type = digest; |
| yueee_yt | 0:7766f6712673 | 210 | |
| yueee_yt | 0:7766f6712673 | 211 | if (cstate->serverstate == CHAPSS_INITIAL || |
| yueee_yt | 0:7766f6712673 | 212 | cstate->serverstate == CHAPSS_PENDING) { |
| yueee_yt | 0:7766f6712673 | 213 | /* lower layer isn't up - wait until later */ |
| yueee_yt | 0:7766f6712673 | 214 | cstate->serverstate = CHAPSS_PENDING; |
| yueee_yt | 0:7766f6712673 | 215 | return; |
| yueee_yt | 0:7766f6712673 | 216 | } |
| yueee_yt | 0:7766f6712673 | 217 | |
| yueee_yt | 0:7766f6712673 | 218 | ChapGenChallenge(cstate); |
| yueee_yt | 0:7766f6712673 | 219 | ChapSendChallenge(cstate); /* crank it up dude! */ |
| yueee_yt | 0:7766f6712673 | 220 | cstate->serverstate = CHAPSS_INITIAL_CHAL; |
| yueee_yt | 0:7766f6712673 | 221 | } |
| yueee_yt | 0:7766f6712673 | 222 | |
| yueee_yt | 0:7766f6712673 | 223 | |
| yueee_yt | 0:7766f6712673 | 224 | /* |
| yueee_yt | 0:7766f6712673 | 225 | * ChapChallengeTimeout - Timeout expired on sending challenge. |
| yueee_yt | 0:7766f6712673 | 226 | */ |
| yueee_yt | 0:7766f6712673 | 227 | static void |
| yueee_yt | 0:7766f6712673 | 228 | ChapChallengeTimeout(void *arg) |
| yueee_yt | 0:7766f6712673 | 229 | { |
| yueee_yt | 0:7766f6712673 | 230 | chap_state *cstate = (chap_state *) arg; |
| yueee_yt | 0:7766f6712673 | 231 | |
| yueee_yt | 0:7766f6712673 | 232 | /* if we aren't sending challenges, don't worry. then again we */ |
| yueee_yt | 0:7766f6712673 | 233 | /* probably shouldn't be here either */ |
| yueee_yt | 0:7766f6712673 | 234 | if (cstate->serverstate != CHAPSS_INITIAL_CHAL && |
| yueee_yt | 0:7766f6712673 | 235 | cstate->serverstate != CHAPSS_RECHALLENGE) { |
| yueee_yt | 0:7766f6712673 | 236 | return; |
| yueee_yt | 0:7766f6712673 | 237 | } |
| yueee_yt | 0:7766f6712673 | 238 | |
| yueee_yt | 0:7766f6712673 | 239 | if (cstate->chal_transmits >= cstate->max_transmits) { |
| yueee_yt | 0:7766f6712673 | 240 | /* give up on peer */ |
| yueee_yt | 0:7766f6712673 | 241 | CHAPDEBUG(LOG_ERR, ("Peer failed to respond to CHAP challenge\n")); |
| yueee_yt | 0:7766f6712673 | 242 | cstate->serverstate = CHAPSS_BADAUTH; |
| yueee_yt | 0:7766f6712673 | 243 | auth_peer_fail(cstate->unit, PPP_CHAP); |
| yueee_yt | 0:7766f6712673 | 244 | return; |
| yueee_yt | 0:7766f6712673 | 245 | } |
| yueee_yt | 0:7766f6712673 | 246 | |
| yueee_yt | 0:7766f6712673 | 247 | ChapSendChallenge(cstate); /* Re-send challenge */ |
| yueee_yt | 0:7766f6712673 | 248 | } |
| yueee_yt | 0:7766f6712673 | 249 | |
| yueee_yt | 0:7766f6712673 | 250 | |
| yueee_yt | 0:7766f6712673 | 251 | /* |
| yueee_yt | 0:7766f6712673 | 252 | * ChapResponseTimeout - Timeout expired on sending response. |
| yueee_yt | 0:7766f6712673 | 253 | */ |
| yueee_yt | 0:7766f6712673 | 254 | static void |
| yueee_yt | 0:7766f6712673 | 255 | ChapResponseTimeout(void *arg) |
| yueee_yt | 0:7766f6712673 | 256 | { |
| yueee_yt | 0:7766f6712673 | 257 | chap_state *cstate = (chap_state *) arg; |
| yueee_yt | 0:7766f6712673 | 258 | |
| yueee_yt | 0:7766f6712673 | 259 | /* if we aren't sending a response, don't worry. */ |
| yueee_yt | 0:7766f6712673 | 260 | if (cstate->clientstate != CHAPCS_RESPONSE) { |
| yueee_yt | 0:7766f6712673 | 261 | return; |
| yueee_yt | 0:7766f6712673 | 262 | } |
| yueee_yt | 0:7766f6712673 | 263 | |
| yueee_yt | 0:7766f6712673 | 264 | ChapSendResponse(cstate); /* re-send response */ |
| yueee_yt | 0:7766f6712673 | 265 | } |
| yueee_yt | 0:7766f6712673 | 266 | |
| yueee_yt | 0:7766f6712673 | 267 | |
| yueee_yt | 0:7766f6712673 | 268 | /* |
| yueee_yt | 0:7766f6712673 | 269 | * ChapRechallenge - Time to challenge the peer again. |
| yueee_yt | 0:7766f6712673 | 270 | */ |
| yueee_yt | 0:7766f6712673 | 271 | static void |
| yueee_yt | 0:7766f6712673 | 272 | ChapRechallenge(void *arg) |
| yueee_yt | 0:7766f6712673 | 273 | { |
| yueee_yt | 0:7766f6712673 | 274 | chap_state *cstate = (chap_state *) arg; |
| yueee_yt | 0:7766f6712673 | 275 | |
| yueee_yt | 0:7766f6712673 | 276 | /* if we aren't sending a response, don't worry. */ |
| yueee_yt | 0:7766f6712673 | 277 | if (cstate->serverstate != CHAPSS_OPEN) { |
| yueee_yt | 0:7766f6712673 | 278 | return; |
| yueee_yt | 0:7766f6712673 | 279 | } |
| yueee_yt | 0:7766f6712673 | 280 | |
| yueee_yt | 0:7766f6712673 | 281 | ChapGenChallenge(cstate); |
| yueee_yt | 0:7766f6712673 | 282 | ChapSendChallenge(cstate); |
| yueee_yt | 0:7766f6712673 | 283 | cstate->serverstate = CHAPSS_RECHALLENGE; |
| yueee_yt | 0:7766f6712673 | 284 | } |
| yueee_yt | 0:7766f6712673 | 285 | |
| yueee_yt | 0:7766f6712673 | 286 | |
| yueee_yt | 0:7766f6712673 | 287 | /* |
| yueee_yt | 0:7766f6712673 | 288 | * ChapLowerUp - The lower layer is up. |
| yueee_yt | 0:7766f6712673 | 289 | * |
| yueee_yt | 0:7766f6712673 | 290 | * Start up if we have pending requests. |
| yueee_yt | 0:7766f6712673 | 291 | */ |
| yueee_yt | 0:7766f6712673 | 292 | static void |
| yueee_yt | 0:7766f6712673 | 293 | ChapLowerUp(int unit) |
| yueee_yt | 0:7766f6712673 | 294 | { |
| yueee_yt | 0:7766f6712673 | 295 | chap_state *cstate = &chap[unit]; |
| yueee_yt | 0:7766f6712673 | 296 | |
| yueee_yt | 0:7766f6712673 | 297 | if (cstate->clientstate == CHAPCS_INITIAL) { |
| yueee_yt | 0:7766f6712673 | 298 | cstate->clientstate = CHAPCS_CLOSED; |
| yueee_yt | 0:7766f6712673 | 299 | } else if (cstate->clientstate == CHAPCS_PENDING) { |
| yueee_yt | 0:7766f6712673 | 300 | cstate->clientstate = CHAPCS_LISTEN; |
| yueee_yt | 0:7766f6712673 | 301 | } |
| yueee_yt | 0:7766f6712673 | 302 | |
| yueee_yt | 0:7766f6712673 | 303 | if (cstate->serverstate == CHAPSS_INITIAL) { |
| yueee_yt | 0:7766f6712673 | 304 | cstate->serverstate = CHAPSS_CLOSED; |
| yueee_yt | 0:7766f6712673 | 305 | } else if (cstate->serverstate == CHAPSS_PENDING) { |
| yueee_yt | 0:7766f6712673 | 306 | ChapGenChallenge(cstate); |
| yueee_yt | 0:7766f6712673 | 307 | ChapSendChallenge(cstate); |
| yueee_yt | 0:7766f6712673 | 308 | cstate->serverstate = CHAPSS_INITIAL_CHAL; |
| yueee_yt | 0:7766f6712673 | 309 | } |
| yueee_yt | 0:7766f6712673 | 310 | } |
| yueee_yt | 0:7766f6712673 | 311 | |
| yueee_yt | 0:7766f6712673 | 312 | |
| yueee_yt | 0:7766f6712673 | 313 | /* |
| yueee_yt | 0:7766f6712673 | 314 | * ChapLowerDown - The lower layer is down. |
| yueee_yt | 0:7766f6712673 | 315 | * |
| yueee_yt | 0:7766f6712673 | 316 | * Cancel all timeouts. |
| yueee_yt | 0:7766f6712673 | 317 | */ |
| yueee_yt | 0:7766f6712673 | 318 | static void |
| yueee_yt | 0:7766f6712673 | 319 | ChapLowerDown(int unit) |
| yueee_yt | 0:7766f6712673 | 320 | { |
| yueee_yt | 0:7766f6712673 | 321 | chap_state *cstate = &chap[unit]; |
| yueee_yt | 0:7766f6712673 | 322 | |
| yueee_yt | 0:7766f6712673 | 323 | /* Timeout(s) pending? Cancel if so. */ |
| yueee_yt | 0:7766f6712673 | 324 | if (cstate->serverstate == CHAPSS_INITIAL_CHAL || |
| yueee_yt | 0:7766f6712673 | 325 | cstate->serverstate == CHAPSS_RECHALLENGE) { |
| yueee_yt | 0:7766f6712673 | 326 | UNTIMEOUT(ChapChallengeTimeout, cstate); |
| yueee_yt | 0:7766f6712673 | 327 | } else if (cstate->serverstate == CHAPSS_OPEN |
| yueee_yt | 0:7766f6712673 | 328 | && cstate->chal_interval != 0) { |
| yueee_yt | 0:7766f6712673 | 329 | UNTIMEOUT(ChapRechallenge, cstate); |
| yueee_yt | 0:7766f6712673 | 330 | } |
| yueee_yt | 0:7766f6712673 | 331 | if (cstate->clientstate == CHAPCS_RESPONSE) { |
| yueee_yt | 0:7766f6712673 | 332 | UNTIMEOUT(ChapResponseTimeout, cstate); |
| yueee_yt | 0:7766f6712673 | 333 | } |
| yueee_yt | 0:7766f6712673 | 334 | cstate->clientstate = CHAPCS_INITIAL; |
| yueee_yt | 0:7766f6712673 | 335 | cstate->serverstate = CHAPSS_INITIAL; |
| yueee_yt | 0:7766f6712673 | 336 | } |
| yueee_yt | 0:7766f6712673 | 337 | |
| yueee_yt | 0:7766f6712673 | 338 | |
| yueee_yt | 0:7766f6712673 | 339 | /* |
| yueee_yt | 0:7766f6712673 | 340 | * ChapProtocolReject - Peer doesn't grok CHAP. |
| yueee_yt | 0:7766f6712673 | 341 | */ |
| yueee_yt | 0:7766f6712673 | 342 | static void |
| yueee_yt | 0:7766f6712673 | 343 | ChapProtocolReject(int unit) |
| yueee_yt | 0:7766f6712673 | 344 | { |
| yueee_yt | 0:7766f6712673 | 345 | chap_state *cstate = &chap[unit]; |
| yueee_yt | 0:7766f6712673 | 346 | |
| yueee_yt | 0:7766f6712673 | 347 | if (cstate->serverstate != CHAPSS_INITIAL && |
| yueee_yt | 0:7766f6712673 | 348 | cstate->serverstate != CHAPSS_CLOSED) { |
| yueee_yt | 0:7766f6712673 | 349 | auth_peer_fail(unit, PPP_CHAP); |
| yueee_yt | 0:7766f6712673 | 350 | } |
| yueee_yt | 0:7766f6712673 | 351 | if (cstate->clientstate != CHAPCS_INITIAL && |
| yueee_yt | 0:7766f6712673 | 352 | cstate->clientstate != CHAPCS_CLOSED) { |
| yueee_yt | 0:7766f6712673 | 353 | auth_withpeer_fail(unit, PPP_CHAP); /* lwip: just sets the PPP error code on this unit to PPPERR_AUTHFAIL */ |
| yueee_yt | 0:7766f6712673 | 354 | } |
| yueee_yt | 0:7766f6712673 | 355 | ChapLowerDown(unit); /* shutdown chap */ |
| yueee_yt | 0:7766f6712673 | 356 | } |
| yueee_yt | 0:7766f6712673 | 357 | |
| yueee_yt | 0:7766f6712673 | 358 | |
| yueee_yt | 0:7766f6712673 | 359 | /* |
| yueee_yt | 0:7766f6712673 | 360 | * ChapInput - Input CHAP packet. |
| yueee_yt | 0:7766f6712673 | 361 | */ |
| yueee_yt | 0:7766f6712673 | 362 | static void |
| yueee_yt | 0:7766f6712673 | 363 | ChapInput(int unit, u_char *inpacket, int packet_len) |
| yueee_yt | 0:7766f6712673 | 364 | { |
| yueee_yt | 0:7766f6712673 | 365 | chap_state *cstate = &chap[unit]; |
| yueee_yt | 0:7766f6712673 | 366 | u_char *inp; |
| yueee_yt | 0:7766f6712673 | 367 | u_char code, id; |
| yueee_yt | 0:7766f6712673 | 368 | int len; |
| yueee_yt | 0:7766f6712673 | 369 | |
| yueee_yt | 0:7766f6712673 | 370 | /* |
| yueee_yt | 0:7766f6712673 | 371 | * Parse header (code, id and length). |
| yueee_yt | 0:7766f6712673 | 372 | * If packet too short, drop it. |
| yueee_yt | 0:7766f6712673 | 373 | */ |
| yueee_yt | 0:7766f6712673 | 374 | inp = inpacket; |
| yueee_yt | 0:7766f6712673 | 375 | if (packet_len < CHAP_HEADERLEN) { |
| yueee_yt | 0:7766f6712673 | 376 | CHAPDEBUG(LOG_INFO, ("ChapInput: rcvd short header.\n")); |
| yueee_yt | 0:7766f6712673 | 377 | return; |
| yueee_yt | 0:7766f6712673 | 378 | } |
| yueee_yt | 0:7766f6712673 | 379 | GETCHAR(code, inp); |
| yueee_yt | 0:7766f6712673 | 380 | GETCHAR(id, inp); |
| yueee_yt | 0:7766f6712673 | 381 | GETSHORT(len, inp); |
| yueee_yt | 0:7766f6712673 | 382 | if (len < CHAP_HEADERLEN) { |
| yueee_yt | 0:7766f6712673 | 383 | CHAPDEBUG(LOG_INFO, ("ChapInput: rcvd illegal length.\n")); |
| yueee_yt | 0:7766f6712673 | 384 | return; |
| yueee_yt | 0:7766f6712673 | 385 | } |
| yueee_yt | 0:7766f6712673 | 386 | if (len > packet_len) { |
| yueee_yt | 0:7766f6712673 | 387 | CHAPDEBUG(LOG_INFO, ("ChapInput: rcvd short packet.\n")); |
| yueee_yt | 0:7766f6712673 | 388 | return; |
| yueee_yt | 0:7766f6712673 | 389 | } |
| yueee_yt | 0:7766f6712673 | 390 | len -= CHAP_HEADERLEN; |
| yueee_yt | 0:7766f6712673 | 391 | |
| yueee_yt | 0:7766f6712673 | 392 | /* |
| yueee_yt | 0:7766f6712673 | 393 | * Action depends on code (as in fact it usually does :-). |
| yueee_yt | 0:7766f6712673 | 394 | */ |
| yueee_yt | 0:7766f6712673 | 395 | switch (code) { |
| yueee_yt | 0:7766f6712673 | 396 | case CHAP_CHALLENGE: |
| yueee_yt | 0:7766f6712673 | 397 | ChapReceiveChallenge(cstate, inp, id, len); |
| yueee_yt | 0:7766f6712673 | 398 | break; |
| yueee_yt | 0:7766f6712673 | 399 | |
| yueee_yt | 0:7766f6712673 | 400 | case CHAP_RESPONSE: |
| yueee_yt | 0:7766f6712673 | 401 | ChapReceiveResponse(cstate, inp, id, len); |
| yueee_yt | 0:7766f6712673 | 402 | break; |
| yueee_yt | 0:7766f6712673 | 403 | |
| yueee_yt | 0:7766f6712673 | 404 | case CHAP_FAILURE: |
| yueee_yt | 0:7766f6712673 | 405 | ChapReceiveFailure(cstate, inp, id, len); |
| yueee_yt | 0:7766f6712673 | 406 | break; |
| yueee_yt | 0:7766f6712673 | 407 | |
| yueee_yt | 0:7766f6712673 | 408 | case CHAP_SUCCESS: |
| yueee_yt | 0:7766f6712673 | 409 | ChapReceiveSuccess(cstate, inp, id, len); |
| yueee_yt | 0:7766f6712673 | 410 | break; |
| yueee_yt | 0:7766f6712673 | 411 | |
| yueee_yt | 0:7766f6712673 | 412 | default: /* Need code reject? */ |
| yueee_yt | 0:7766f6712673 | 413 | CHAPDEBUG(LOG_WARNING, ("Unknown CHAP code (%d) received.\n", code)); |
| yueee_yt | 0:7766f6712673 | 414 | break; |
| yueee_yt | 0:7766f6712673 | 415 | } |
| yueee_yt | 0:7766f6712673 | 416 | } |
| yueee_yt | 0:7766f6712673 | 417 | |
| yueee_yt | 0:7766f6712673 | 418 | |
| yueee_yt | 0:7766f6712673 | 419 | /* |
| yueee_yt | 0:7766f6712673 | 420 | * ChapReceiveChallenge - Receive Challenge and send Response. |
| yueee_yt | 0:7766f6712673 | 421 | */ |
| yueee_yt | 0:7766f6712673 | 422 | static void |
| yueee_yt | 0:7766f6712673 | 423 | ChapReceiveChallenge(chap_state *cstate, u_char *inp, u_char id, int len) |
| yueee_yt | 0:7766f6712673 | 424 | { |
| yueee_yt | 0:7766f6712673 | 425 | int rchallenge_len; |
| yueee_yt | 0:7766f6712673 | 426 | u_char *rchallenge; |
| yueee_yt | 0:7766f6712673 | 427 | int secret_len; |
| yueee_yt | 0:7766f6712673 | 428 | char secret[MAXSECRETLEN]; |
| yueee_yt | 0:7766f6712673 | 429 | char rhostname[256]; |
| yueee_yt | 0:7766f6712673 | 430 | MD5_CTX mdContext; |
| yueee_yt | 0:7766f6712673 | 431 | u_char hash[MD5_SIGNATURE_SIZE]; |
| yueee_yt | 0:7766f6712673 | 432 | |
| yueee_yt | 0:7766f6712673 | 433 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: Rcvd id %d.\n", id)); |
| yueee_yt | 0:7766f6712673 | 434 | if (cstate->clientstate == CHAPCS_CLOSED || |
| yueee_yt | 0:7766f6712673 | 435 | cstate->clientstate == CHAPCS_PENDING) { |
| yueee_yt | 0:7766f6712673 | 436 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: in state %d\n", |
| yueee_yt | 0:7766f6712673 | 437 | cstate->clientstate)); |
| yueee_yt | 0:7766f6712673 | 438 | return; |
| yueee_yt | 0:7766f6712673 | 439 | } |
| yueee_yt | 0:7766f6712673 | 440 | |
| yueee_yt | 0:7766f6712673 | 441 | if (len < 2) { |
| yueee_yt | 0:7766f6712673 | 442 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: rcvd short packet.\n")); |
| yueee_yt | 0:7766f6712673 | 443 | return; |
| yueee_yt | 0:7766f6712673 | 444 | } |
| yueee_yt | 0:7766f6712673 | 445 | |
| yueee_yt | 0:7766f6712673 | 446 | GETCHAR(rchallenge_len, inp); |
| yueee_yt | 0:7766f6712673 | 447 | len -= sizeof (u_char) + rchallenge_len; /* now name field length */ |
| yueee_yt | 0:7766f6712673 | 448 | if (len < 0) { |
| yueee_yt | 0:7766f6712673 | 449 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: rcvd short packet.\n")); |
| yueee_yt | 0:7766f6712673 | 450 | return; |
| yueee_yt | 0:7766f6712673 | 451 | } |
| yueee_yt | 0:7766f6712673 | 452 | rchallenge = inp; |
| yueee_yt | 0:7766f6712673 | 453 | INCPTR(rchallenge_len, inp); |
| yueee_yt | 0:7766f6712673 | 454 | |
| yueee_yt | 0:7766f6712673 | 455 | if (len >= (int)sizeof(rhostname)) { |
| yueee_yt | 0:7766f6712673 | 456 | len = sizeof(rhostname) - 1; |
| yueee_yt | 0:7766f6712673 | 457 | } |
| yueee_yt | 0:7766f6712673 | 458 | BCOPY(inp, rhostname, len); |
| yueee_yt | 0:7766f6712673 | 459 | rhostname[len] = '\000'; |
| yueee_yt | 0:7766f6712673 | 460 | |
| yueee_yt | 0:7766f6712673 | 461 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: received name field '%s'\n", |
| yueee_yt | 0:7766f6712673 | 462 | rhostname)); |
| yueee_yt | 0:7766f6712673 | 463 | |
| yueee_yt | 0:7766f6712673 | 464 | /* Microsoft doesn't send their name back in the PPP packet */ |
| yueee_yt | 0:7766f6712673 | 465 | if (ppp_settings.remote_name[0] != 0 && (ppp_settings.explicit_remote || rhostname[0] == 0)) { |
| yueee_yt | 0:7766f6712673 | 466 | strncpy(rhostname, ppp_settings.remote_name, sizeof(rhostname)); |
| yueee_yt | 0:7766f6712673 | 467 | rhostname[sizeof(rhostname) - 1] = 0; |
| yueee_yt | 0:7766f6712673 | 468 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: using '%s' as remote name\n", |
| yueee_yt | 0:7766f6712673 | 469 | rhostname)); |
| yueee_yt | 0:7766f6712673 | 470 | } |
| yueee_yt | 0:7766f6712673 | 471 | |
| yueee_yt | 0:7766f6712673 | 472 | /* get secret for authenticating ourselves with the specified host */ |
| yueee_yt | 0:7766f6712673 | 473 | if (!get_secret(cstate->unit, cstate->resp_name, rhostname, |
| yueee_yt | 0:7766f6712673 | 474 | secret, &secret_len, 0)) { |
| yueee_yt | 0:7766f6712673 | 475 | secret_len = 0; /* assume null secret if can't find one */ |
| yueee_yt | 0:7766f6712673 | 476 | CHAPDEBUG(LOG_WARNING, ("No CHAP secret found for authenticating us to %s\n", |
| yueee_yt | 0:7766f6712673 | 477 | rhostname)); |
| yueee_yt | 0:7766f6712673 | 478 | } |
| yueee_yt | 0:7766f6712673 | 479 | |
| yueee_yt | 0:7766f6712673 | 480 | /* cancel response send timeout if necessary */ |
| yueee_yt | 0:7766f6712673 | 481 | if (cstate->clientstate == CHAPCS_RESPONSE) { |
| yueee_yt | 0:7766f6712673 | 482 | UNTIMEOUT(ChapResponseTimeout, cstate); |
| yueee_yt | 0:7766f6712673 | 483 | } |
| yueee_yt | 0:7766f6712673 | 484 | |
| yueee_yt | 0:7766f6712673 | 485 | cstate->resp_id = id; |
| yueee_yt | 0:7766f6712673 | 486 | cstate->resp_transmits = 0; |
| yueee_yt | 0:7766f6712673 | 487 | |
| yueee_yt | 0:7766f6712673 | 488 | /* generate MD based on negotiated type */ |
| yueee_yt | 0:7766f6712673 | 489 | switch (cstate->resp_type) { |
| yueee_yt | 0:7766f6712673 | 490 | |
| yueee_yt | 0:7766f6712673 | 491 | case CHAP_DIGEST_MD5: |
| yueee_yt | 0:7766f6712673 | 492 | MD5Init(&mdContext); |
| yueee_yt | 0:7766f6712673 | 493 | MD5Update(&mdContext, &cstate->resp_id, 1); |
| yueee_yt | 0:7766f6712673 | 494 | MD5Update(&mdContext, (u_char*)secret, secret_len); |
| yueee_yt | 0:7766f6712673 | 495 | MD5Update(&mdContext, rchallenge, rchallenge_len); |
| yueee_yt | 0:7766f6712673 | 496 | MD5Final(hash, &mdContext); |
| yueee_yt | 0:7766f6712673 | 497 | BCOPY(hash, cstate->response, MD5_SIGNATURE_SIZE); |
| yueee_yt | 0:7766f6712673 | 498 | cstate->resp_length = MD5_SIGNATURE_SIZE; |
| yueee_yt | 0:7766f6712673 | 499 | break; |
| yueee_yt | 0:7766f6712673 | 500 | |
| yueee_yt | 0:7766f6712673 | 501 | #if MSCHAP_SUPPORT |
| yueee_yt | 0:7766f6712673 | 502 | case CHAP_MICROSOFT: |
| yueee_yt | 0:7766f6712673 | 503 | ChapMS(cstate, rchallenge, rchallenge_len, secret, secret_len); |
| yueee_yt | 0:7766f6712673 | 504 | break; |
| yueee_yt | 0:7766f6712673 | 505 | #endif |
| yueee_yt | 0:7766f6712673 | 506 | |
| yueee_yt | 0:7766f6712673 | 507 | default: |
| yueee_yt | 0:7766f6712673 | 508 | CHAPDEBUG(LOG_INFO, ("unknown digest type %d\n", cstate->resp_type)); |
| yueee_yt | 0:7766f6712673 | 509 | return; |
| yueee_yt | 0:7766f6712673 | 510 | } |
| yueee_yt | 0:7766f6712673 | 511 | |
| yueee_yt | 0:7766f6712673 | 512 | BZERO(secret, sizeof(secret)); |
| yueee_yt | 0:7766f6712673 | 513 | ChapSendResponse(cstate); |
| yueee_yt | 0:7766f6712673 | 514 | } |
| yueee_yt | 0:7766f6712673 | 515 | |
| yueee_yt | 0:7766f6712673 | 516 | |
| yueee_yt | 0:7766f6712673 | 517 | /* |
| yueee_yt | 0:7766f6712673 | 518 | * ChapReceiveResponse - Receive and process response. |
| yueee_yt | 0:7766f6712673 | 519 | */ |
| yueee_yt | 0:7766f6712673 | 520 | static void |
| yueee_yt | 0:7766f6712673 | 521 | ChapReceiveResponse(chap_state *cstate, u_char *inp, int id, int len) |
| yueee_yt | 0:7766f6712673 | 522 | { |
| yueee_yt | 0:7766f6712673 | 523 | u_char *remmd, remmd_len; |
| yueee_yt | 0:7766f6712673 | 524 | int secret_len, old_state; |
| yueee_yt | 0:7766f6712673 | 525 | int code; |
| yueee_yt | 0:7766f6712673 | 526 | char rhostname[256]; |
| yueee_yt | 0:7766f6712673 | 527 | MD5_CTX mdContext; |
| yueee_yt | 0:7766f6712673 | 528 | char secret[MAXSECRETLEN]; |
| yueee_yt | 0:7766f6712673 | 529 | u_char hash[MD5_SIGNATURE_SIZE]; |
| yueee_yt | 0:7766f6712673 | 530 | |
| yueee_yt | 0:7766f6712673 | 531 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: Rcvd id %d.\n", id)); |
| yueee_yt | 0:7766f6712673 | 532 | |
| yueee_yt | 0:7766f6712673 | 533 | if (cstate->serverstate == CHAPSS_CLOSED || |
| yueee_yt | 0:7766f6712673 | 534 | cstate->serverstate == CHAPSS_PENDING) { |
| yueee_yt | 0:7766f6712673 | 535 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: in state %d\n", |
| yueee_yt | 0:7766f6712673 | 536 | cstate->serverstate)); |
| yueee_yt | 0:7766f6712673 | 537 | return; |
| yueee_yt | 0:7766f6712673 | 538 | } |
| yueee_yt | 0:7766f6712673 | 539 | |
| yueee_yt | 0:7766f6712673 | 540 | if (id != cstate->chal_id) { |
| yueee_yt | 0:7766f6712673 | 541 | return; /* doesn't match ID of last challenge */ |
| yueee_yt | 0:7766f6712673 | 542 | } |
| yueee_yt | 0:7766f6712673 | 543 | |
| yueee_yt | 0:7766f6712673 | 544 | /* |
| yueee_yt | 0:7766f6712673 | 545 | * If we have received a duplicate or bogus Response, |
| yueee_yt | 0:7766f6712673 | 546 | * we have to send the same answer (Success/Failure) |
| yueee_yt | 0:7766f6712673 | 547 | * as we did for the first Response we saw. |
| yueee_yt | 0:7766f6712673 | 548 | */ |
| yueee_yt | 0:7766f6712673 | 549 | if (cstate->serverstate == CHAPSS_OPEN) { |
| yueee_yt | 0:7766f6712673 | 550 | ChapSendStatus(cstate, CHAP_SUCCESS); |
| yueee_yt | 0:7766f6712673 | 551 | return; |
| yueee_yt | 0:7766f6712673 | 552 | } |
| yueee_yt | 0:7766f6712673 | 553 | if (cstate->serverstate == CHAPSS_BADAUTH) { |
| yueee_yt | 0:7766f6712673 | 554 | ChapSendStatus(cstate, CHAP_FAILURE); |
| yueee_yt | 0:7766f6712673 | 555 | return; |
| yueee_yt | 0:7766f6712673 | 556 | } |
| yueee_yt | 0:7766f6712673 | 557 | |
| yueee_yt | 0:7766f6712673 | 558 | if (len < 2) { |
| yueee_yt | 0:7766f6712673 | 559 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: rcvd short packet.\n")); |
| yueee_yt | 0:7766f6712673 | 560 | return; |
| yueee_yt | 0:7766f6712673 | 561 | } |
| yueee_yt | 0:7766f6712673 | 562 | GETCHAR(remmd_len, inp); /* get length of MD */ |
| yueee_yt | 0:7766f6712673 | 563 | remmd = inp; /* get pointer to MD */ |
| yueee_yt | 0:7766f6712673 | 564 | INCPTR(remmd_len, inp); |
| yueee_yt | 0:7766f6712673 | 565 | |
| yueee_yt | 0:7766f6712673 | 566 | len -= sizeof (u_char) + remmd_len; |
| yueee_yt | 0:7766f6712673 | 567 | if (len < 0) { |
| yueee_yt | 0:7766f6712673 | 568 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: rcvd short packet.\n")); |
| yueee_yt | 0:7766f6712673 | 569 | return; |
| yueee_yt | 0:7766f6712673 | 570 | } |
| yueee_yt | 0:7766f6712673 | 571 | |
| yueee_yt | 0:7766f6712673 | 572 | UNTIMEOUT(ChapChallengeTimeout, cstate); |
| yueee_yt | 0:7766f6712673 | 573 | |
| yueee_yt | 0:7766f6712673 | 574 | if (len >= (int)sizeof(rhostname)) { |
| yueee_yt | 0:7766f6712673 | 575 | len = sizeof(rhostname) - 1; |
| yueee_yt | 0:7766f6712673 | 576 | } |
| yueee_yt | 0:7766f6712673 | 577 | BCOPY(inp, rhostname, len); |
| yueee_yt | 0:7766f6712673 | 578 | rhostname[len] = '\000'; |
| yueee_yt | 0:7766f6712673 | 579 | |
| yueee_yt | 0:7766f6712673 | 580 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: received name field: %s\n", |
| yueee_yt | 0:7766f6712673 | 581 | rhostname)); |
| yueee_yt | 0:7766f6712673 | 582 | |
| yueee_yt | 0:7766f6712673 | 583 | /* |
| yueee_yt | 0:7766f6712673 | 584 | * Get secret for authenticating them with us, |
| yueee_yt | 0:7766f6712673 | 585 | * do the hash ourselves, and compare the result. |
| yueee_yt | 0:7766f6712673 | 586 | */ |
| yueee_yt | 0:7766f6712673 | 587 | code = CHAP_FAILURE; |
| yueee_yt | 0:7766f6712673 | 588 | if (!get_secret(cstate->unit, rhostname, cstate->chal_name, |
| yueee_yt | 0:7766f6712673 | 589 | secret, &secret_len, 1)) { |
| yueee_yt | 0:7766f6712673 | 590 | CHAPDEBUG(LOG_WARNING, ("No CHAP secret found for authenticating %s\n", |
| yueee_yt | 0:7766f6712673 | 591 | rhostname)); |
| yueee_yt | 0:7766f6712673 | 592 | } else { |
| yueee_yt | 0:7766f6712673 | 593 | /* generate MD based on negotiated type */ |
| yueee_yt | 0:7766f6712673 | 594 | switch (cstate->chal_type) { |
| yueee_yt | 0:7766f6712673 | 595 | |
| yueee_yt | 0:7766f6712673 | 596 | case CHAP_DIGEST_MD5: /* only MD5 is defined for now */ |
| yueee_yt | 0:7766f6712673 | 597 | if (remmd_len != MD5_SIGNATURE_SIZE) { |
| yueee_yt | 0:7766f6712673 | 598 | break; /* it's not even the right length */ |
| yueee_yt | 0:7766f6712673 | 599 | } |
| yueee_yt | 0:7766f6712673 | 600 | MD5Init(&mdContext); |
| yueee_yt | 0:7766f6712673 | 601 | MD5Update(&mdContext, &cstate->chal_id, 1); |
| yueee_yt | 0:7766f6712673 | 602 | MD5Update(&mdContext, (u_char*)secret, secret_len); |
| yueee_yt | 0:7766f6712673 | 603 | MD5Update(&mdContext, cstate->challenge, cstate->chal_len); |
| yueee_yt | 0:7766f6712673 | 604 | MD5Final(hash, &mdContext); |
| yueee_yt | 0:7766f6712673 | 605 | |
| yueee_yt | 0:7766f6712673 | 606 | /* compare local and remote MDs and send the appropriate status */ |
| yueee_yt | 0:7766f6712673 | 607 | if (memcmp (hash, remmd, MD5_SIGNATURE_SIZE) == 0) { |
| yueee_yt | 0:7766f6712673 | 608 | code = CHAP_SUCCESS; /* they are the same! */ |
| yueee_yt | 0:7766f6712673 | 609 | } |
| yueee_yt | 0:7766f6712673 | 610 | break; |
| yueee_yt | 0:7766f6712673 | 611 | |
| yueee_yt | 0:7766f6712673 | 612 | default: |
| yueee_yt | 0:7766f6712673 | 613 | CHAPDEBUG(LOG_INFO, ("unknown digest type %d\n", cstate->chal_type)); |
| yueee_yt | 0:7766f6712673 | 614 | } |
| yueee_yt | 0:7766f6712673 | 615 | } |
| yueee_yt | 0:7766f6712673 | 616 | |
| yueee_yt | 0:7766f6712673 | 617 | BZERO(secret, sizeof(secret)); |
| yueee_yt | 0:7766f6712673 | 618 | ChapSendStatus(cstate, code); |
| yueee_yt | 0:7766f6712673 | 619 | |
| yueee_yt | 0:7766f6712673 | 620 | if (code == CHAP_SUCCESS) { |
| yueee_yt | 0:7766f6712673 | 621 | old_state = cstate->serverstate; |
| yueee_yt | 0:7766f6712673 | 622 | cstate->serverstate = CHAPSS_OPEN; |
| yueee_yt | 0:7766f6712673 | 623 | if (old_state == CHAPSS_INITIAL_CHAL) { |
| yueee_yt | 0:7766f6712673 | 624 | auth_peer_success(cstate->unit, PPP_CHAP, rhostname, len); |
| yueee_yt | 0:7766f6712673 | 625 | } |
| yueee_yt | 0:7766f6712673 | 626 | if (cstate->chal_interval != 0) { |
| yueee_yt | 0:7766f6712673 | 627 | TIMEOUT(ChapRechallenge, cstate, cstate->chal_interval); |
| yueee_yt | 0:7766f6712673 | 628 | } |
| yueee_yt | 0:7766f6712673 | 629 | } else { |
| yueee_yt | 0:7766f6712673 | 630 | CHAPDEBUG(LOG_ERR, ("CHAP peer authentication failed\n")); |
| yueee_yt | 0:7766f6712673 | 631 | cstate->serverstate = CHAPSS_BADAUTH; |
| yueee_yt | 0:7766f6712673 | 632 | auth_peer_fail(cstate->unit, PPP_CHAP); |
| yueee_yt | 0:7766f6712673 | 633 | } |
| yueee_yt | 0:7766f6712673 | 634 | } |
| yueee_yt | 0:7766f6712673 | 635 | |
| yueee_yt | 0:7766f6712673 | 636 | /* |
| yueee_yt | 0:7766f6712673 | 637 | * ChapReceiveSuccess - Receive Success |
| yueee_yt | 0:7766f6712673 | 638 | */ |
| yueee_yt | 0:7766f6712673 | 639 | static void |
| yueee_yt | 0:7766f6712673 | 640 | ChapReceiveSuccess(chap_state *cstate, u_char *inp, u_char id, int len) |
| yueee_yt | 0:7766f6712673 | 641 | { |
| yueee_yt | 0:7766f6712673 | 642 | LWIP_UNUSED_ARG(id); |
| yueee_yt | 0:7766f6712673 | 643 | LWIP_UNUSED_ARG(inp); |
| yueee_yt | 0:7766f6712673 | 644 | |
| yueee_yt | 0:7766f6712673 | 645 | CHAPDEBUG(LOG_INFO, ("ChapReceiveSuccess: Rcvd id %d.\n", id)); |
| yueee_yt | 0:7766f6712673 | 646 | |
| yueee_yt | 0:7766f6712673 | 647 | if (cstate->clientstate == CHAPCS_OPEN) { |
| yueee_yt | 0:7766f6712673 | 648 | /* presumably an answer to a duplicate response */ |
| yueee_yt | 0:7766f6712673 | 649 | return; |
| yueee_yt | 0:7766f6712673 | 650 | } |
| yueee_yt | 0:7766f6712673 | 651 | |
| yueee_yt | 0:7766f6712673 | 652 | if (cstate->clientstate != CHAPCS_RESPONSE) { |
| yueee_yt | 0:7766f6712673 | 653 | /* don't know what this is */ |
| yueee_yt | 0:7766f6712673 | 654 | CHAPDEBUG(LOG_INFO, ("ChapReceiveSuccess: in state %d\n", |
| yueee_yt | 0:7766f6712673 | 655 | cstate->clientstate)); |
| yueee_yt | 0:7766f6712673 | 656 | return; |
| yueee_yt | 0:7766f6712673 | 657 | } |
| yueee_yt | 0:7766f6712673 | 658 | |
| yueee_yt | 0:7766f6712673 | 659 | UNTIMEOUT(ChapResponseTimeout, cstate); |
| yueee_yt | 0:7766f6712673 | 660 | |
| yueee_yt | 0:7766f6712673 | 661 | /* |
| yueee_yt | 0:7766f6712673 | 662 | * Print message. |
| yueee_yt | 0:7766f6712673 | 663 | */ |
| yueee_yt | 0:7766f6712673 | 664 | if (len > 0) { |
| yueee_yt | 0:7766f6712673 | 665 | PRINTMSG(inp, len); |
| yueee_yt | 0:7766f6712673 | 666 | } |
| yueee_yt | 0:7766f6712673 | 667 | |
| yueee_yt | 0:7766f6712673 | 668 | cstate->clientstate = CHAPCS_OPEN; |
| yueee_yt | 0:7766f6712673 | 669 | |
| yueee_yt | 0:7766f6712673 | 670 | auth_withpeer_success(cstate->unit, PPP_CHAP); |
| yueee_yt | 0:7766f6712673 | 671 | } |
| yueee_yt | 0:7766f6712673 | 672 | |
| yueee_yt | 0:7766f6712673 | 673 | |
| yueee_yt | 0:7766f6712673 | 674 | /* |
| yueee_yt | 0:7766f6712673 | 675 | * ChapReceiveFailure - Receive failure. |
| yueee_yt | 0:7766f6712673 | 676 | */ |
| yueee_yt | 0:7766f6712673 | 677 | static void |
| yueee_yt | 0:7766f6712673 | 678 | ChapReceiveFailure(chap_state *cstate, u_char *inp, u_char id, int len) |
| yueee_yt | 0:7766f6712673 | 679 | { |
| yueee_yt | 0:7766f6712673 | 680 | LWIP_UNUSED_ARG(id); |
| yueee_yt | 0:7766f6712673 | 681 | LWIP_UNUSED_ARG(inp); |
| yueee_yt | 0:7766f6712673 | 682 | |
| yueee_yt | 0:7766f6712673 | 683 | CHAPDEBUG(LOG_INFO, ("ChapReceiveFailure: Rcvd id %d.\n", id)); |
| yueee_yt | 0:7766f6712673 | 684 | |
| yueee_yt | 0:7766f6712673 | 685 | if (cstate->clientstate != CHAPCS_RESPONSE) { |
| yueee_yt | 0:7766f6712673 | 686 | /* don't know what this is */ |
| yueee_yt | 0:7766f6712673 | 687 | CHAPDEBUG(LOG_INFO, ("ChapReceiveFailure: in state %d\n", |
| yueee_yt | 0:7766f6712673 | 688 | cstate->clientstate)); |
| yueee_yt | 0:7766f6712673 | 689 | return; |
| yueee_yt | 0:7766f6712673 | 690 | } |
| yueee_yt | 0:7766f6712673 | 691 | |
| yueee_yt | 0:7766f6712673 | 692 | UNTIMEOUT(ChapResponseTimeout, cstate); |
| yueee_yt | 0:7766f6712673 | 693 | |
| yueee_yt | 0:7766f6712673 | 694 | /* |
| yueee_yt | 0:7766f6712673 | 695 | * Print message. |
| yueee_yt | 0:7766f6712673 | 696 | */ |
| yueee_yt | 0:7766f6712673 | 697 | if (len > 0) { |
| yueee_yt | 0:7766f6712673 | 698 | PRINTMSG(inp, len); |
| yueee_yt | 0:7766f6712673 | 699 | } |
| yueee_yt | 0:7766f6712673 | 700 | |
| yueee_yt | 0:7766f6712673 | 701 | CHAPDEBUG(LOG_ERR, ("CHAP authentication failed\n")); |
| yueee_yt | 0:7766f6712673 | 702 | auth_withpeer_fail(cstate->unit, PPP_CHAP); /* lwip: just sets the PPP error code on this unit to PPPERR_AUTHFAIL */ |
| yueee_yt | 0:7766f6712673 | 703 | } |
| yueee_yt | 0:7766f6712673 | 704 | |
| yueee_yt | 0:7766f6712673 | 705 | |
| yueee_yt | 0:7766f6712673 | 706 | /* |
| yueee_yt | 0:7766f6712673 | 707 | * ChapSendChallenge - Send an Authenticate challenge. |
| yueee_yt | 0:7766f6712673 | 708 | */ |
| yueee_yt | 0:7766f6712673 | 709 | static void |
| yueee_yt | 0:7766f6712673 | 710 | ChapSendChallenge(chap_state *cstate) |
| yueee_yt | 0:7766f6712673 | 711 | { |
| yueee_yt | 0:7766f6712673 | 712 | u_char *outp; |
| yueee_yt | 0:7766f6712673 | 713 | int chal_len, name_len; |
| yueee_yt | 0:7766f6712673 | 714 | int outlen; |
| yueee_yt | 0:7766f6712673 | 715 | |
| yueee_yt | 0:7766f6712673 | 716 | chal_len = cstate->chal_len; |
| yueee_yt | 0:7766f6712673 | 717 | name_len = (int)strlen(cstate->chal_name); |
| yueee_yt | 0:7766f6712673 | 718 | outlen = CHAP_HEADERLEN + sizeof (u_char) + chal_len + name_len; |
| yueee_yt | 0:7766f6712673 | 719 | outp = outpacket_buf[cstate->unit]; |
| yueee_yt | 0:7766f6712673 | 720 | |
| yueee_yt | 0:7766f6712673 | 721 | MAKEHEADER(outp, PPP_CHAP); /* paste in a CHAP header */ |
| yueee_yt | 0:7766f6712673 | 722 | |
| yueee_yt | 0:7766f6712673 | 723 | PUTCHAR(CHAP_CHALLENGE, outp); |
| yueee_yt | 0:7766f6712673 | 724 | PUTCHAR(cstate->chal_id, outp); |
| yueee_yt | 0:7766f6712673 | 725 | PUTSHORT(outlen, outp); |
| yueee_yt | 0:7766f6712673 | 726 | |
| yueee_yt | 0:7766f6712673 | 727 | PUTCHAR(chal_len, outp); /* put length of challenge */ |
| yueee_yt | 0:7766f6712673 | 728 | BCOPY(cstate->challenge, outp, chal_len); |
| yueee_yt | 0:7766f6712673 | 729 | INCPTR(chal_len, outp); |
| yueee_yt | 0:7766f6712673 | 730 | |
| yueee_yt | 0:7766f6712673 | 731 | BCOPY(cstate->chal_name, outp, name_len); /* append hostname */ |
| yueee_yt | 0:7766f6712673 | 732 | |
| yueee_yt | 0:7766f6712673 | 733 | pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN); |
| yueee_yt | 0:7766f6712673 | 734 | |
| yueee_yt | 0:7766f6712673 | 735 | CHAPDEBUG(LOG_INFO, ("ChapSendChallenge: Sent id %d.\n", cstate->chal_id)); |
| yueee_yt | 0:7766f6712673 | 736 | |
| yueee_yt | 0:7766f6712673 | 737 | TIMEOUT(ChapChallengeTimeout, cstate, cstate->timeouttime); |
| yueee_yt | 0:7766f6712673 | 738 | ++cstate->chal_transmits; |
| yueee_yt | 0:7766f6712673 | 739 | } |
| yueee_yt | 0:7766f6712673 | 740 | |
| yueee_yt | 0:7766f6712673 | 741 | |
| yueee_yt | 0:7766f6712673 | 742 | /* |
| yueee_yt | 0:7766f6712673 | 743 | * ChapSendStatus - Send a status response (ack or nak). |
| yueee_yt | 0:7766f6712673 | 744 | */ |
| yueee_yt | 0:7766f6712673 | 745 | static void |
| yueee_yt | 0:7766f6712673 | 746 | ChapSendStatus(chap_state *cstate, int code) |
| yueee_yt | 0:7766f6712673 | 747 | { |
| yueee_yt | 0:7766f6712673 | 748 | u_char *outp; |
| yueee_yt | 0:7766f6712673 | 749 | int outlen, msglen; |
| yueee_yt | 0:7766f6712673 | 750 | char msg[256]; /* @todo: this can be a char*, no strcpy needed */ |
| yueee_yt | 0:7766f6712673 | 751 | |
| yueee_yt | 0:7766f6712673 | 752 | if (code == CHAP_SUCCESS) { |
| yueee_yt | 0:7766f6712673 | 753 | strcpy(msg, "Welcome!"); |
| yueee_yt | 0:7766f6712673 | 754 | } else { |
| yueee_yt | 0:7766f6712673 | 755 | strcpy(msg, "I don't like you. Go 'way."); |
| yueee_yt | 0:7766f6712673 | 756 | } |
| yueee_yt | 0:7766f6712673 | 757 | msglen = (int)strlen(msg); |
| yueee_yt | 0:7766f6712673 | 758 | |
| yueee_yt | 0:7766f6712673 | 759 | outlen = CHAP_HEADERLEN + msglen; |
| yueee_yt | 0:7766f6712673 | 760 | outp = outpacket_buf[cstate->unit]; |
| yueee_yt | 0:7766f6712673 | 761 | |
| yueee_yt | 0:7766f6712673 | 762 | MAKEHEADER(outp, PPP_CHAP); /* paste in a header */ |
| yueee_yt | 0:7766f6712673 | 763 | |
| yueee_yt | 0:7766f6712673 | 764 | PUTCHAR(code, outp); |
| yueee_yt | 0:7766f6712673 | 765 | PUTCHAR(cstate->chal_id, outp); |
| yueee_yt | 0:7766f6712673 | 766 | PUTSHORT(outlen, outp); |
| yueee_yt | 0:7766f6712673 | 767 | BCOPY(msg, outp, msglen); |
| yueee_yt | 0:7766f6712673 | 768 | pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN); |
| yueee_yt | 0:7766f6712673 | 769 | |
| yueee_yt | 0:7766f6712673 | 770 | CHAPDEBUG(LOG_INFO, ("ChapSendStatus: Sent code %d, id %d.\n", code, |
| yueee_yt | 0:7766f6712673 | 771 | cstate->chal_id)); |
| yueee_yt | 0:7766f6712673 | 772 | } |
| yueee_yt | 0:7766f6712673 | 773 | |
| yueee_yt | 0:7766f6712673 | 774 | /* |
| yueee_yt | 0:7766f6712673 | 775 | * ChapGenChallenge is used to generate a pseudo-random challenge string of |
| yueee_yt | 0:7766f6712673 | 776 | * a pseudo-random length between min_len and max_len. The challenge |
| yueee_yt | 0:7766f6712673 | 777 | * string and its length are stored in *cstate, and various other fields of |
| yueee_yt | 0:7766f6712673 | 778 | * *cstate are initialized. |
| yueee_yt | 0:7766f6712673 | 779 | */ |
| yueee_yt | 0:7766f6712673 | 780 | |
| yueee_yt | 0:7766f6712673 | 781 | static void |
| yueee_yt | 0:7766f6712673 | 782 | ChapGenChallenge(chap_state *cstate) |
| yueee_yt | 0:7766f6712673 | 783 | { |
| yueee_yt | 0:7766f6712673 | 784 | int chal_len; |
| yueee_yt | 0:7766f6712673 | 785 | u_char *ptr = cstate->challenge; |
| yueee_yt | 0:7766f6712673 | 786 | int i; |
| yueee_yt | 0:7766f6712673 | 787 | |
| yueee_yt | 0:7766f6712673 | 788 | /* pick a random challenge length between MIN_CHALLENGE_LENGTH and |
| yueee_yt | 0:7766f6712673 | 789 | MAX_CHALLENGE_LENGTH */ |
| yueee_yt | 0:7766f6712673 | 790 | chal_len = (unsigned) |
| yueee_yt | 0:7766f6712673 | 791 | ((((magic() >> 16) * |
| yueee_yt | 0:7766f6712673 | 792 | (MAX_CHALLENGE_LENGTH - MIN_CHALLENGE_LENGTH)) >> 16) |
| yueee_yt | 0:7766f6712673 | 793 | + MIN_CHALLENGE_LENGTH); |
| yueee_yt | 0:7766f6712673 | 794 | LWIP_ASSERT("chal_len <= 0xff", chal_len <= 0xffff); |
| yueee_yt | 0:7766f6712673 | 795 | cstate->chal_len = (u_char)chal_len; |
| yueee_yt | 0:7766f6712673 | 796 | cstate->chal_id = ++cstate->id; |
| yueee_yt | 0:7766f6712673 | 797 | cstate->chal_transmits = 0; |
| yueee_yt | 0:7766f6712673 | 798 | |
| yueee_yt | 0:7766f6712673 | 799 | /* generate a random string */ |
| yueee_yt | 0:7766f6712673 | 800 | for (i = 0; i < chal_len; i++ ) { |
| yueee_yt | 0:7766f6712673 | 801 | *ptr++ = (char) (magic() & 0xff); |
| yueee_yt | 0:7766f6712673 | 802 | } |
| yueee_yt | 0:7766f6712673 | 803 | } |
| yueee_yt | 0:7766f6712673 | 804 | |
| yueee_yt | 0:7766f6712673 | 805 | /* |
| yueee_yt | 0:7766f6712673 | 806 | * ChapSendResponse - send a response packet with values as specified |
| yueee_yt | 0:7766f6712673 | 807 | * in *cstate. |
| yueee_yt | 0:7766f6712673 | 808 | */ |
| yueee_yt | 0:7766f6712673 | 809 | /* ARGSUSED */ |
| yueee_yt | 0:7766f6712673 | 810 | static void |
| yueee_yt | 0:7766f6712673 | 811 | ChapSendResponse(chap_state *cstate) |
| yueee_yt | 0:7766f6712673 | 812 | { |
| yueee_yt | 0:7766f6712673 | 813 | u_char *outp; |
| yueee_yt | 0:7766f6712673 | 814 | int outlen, md_len, name_len; |
| yueee_yt | 0:7766f6712673 | 815 | |
| yueee_yt | 0:7766f6712673 | 816 | md_len = cstate->resp_length; |
| yueee_yt | 0:7766f6712673 | 817 | name_len = (int)strlen(cstate->resp_name); |
| yueee_yt | 0:7766f6712673 | 818 | outlen = CHAP_HEADERLEN + sizeof (u_char) + md_len + name_len; |
| yueee_yt | 0:7766f6712673 | 819 | outp = outpacket_buf[cstate->unit]; |
| yueee_yt | 0:7766f6712673 | 820 | |
| yueee_yt | 0:7766f6712673 | 821 | MAKEHEADER(outp, PPP_CHAP); |
| yueee_yt | 0:7766f6712673 | 822 | |
| yueee_yt | 0:7766f6712673 | 823 | PUTCHAR(CHAP_RESPONSE, outp); /* we are a response */ |
| yueee_yt | 0:7766f6712673 | 824 | PUTCHAR(cstate->resp_id, outp); /* copy id from challenge packet */ |
| yueee_yt | 0:7766f6712673 | 825 | PUTSHORT(outlen, outp); /* packet length */ |
| yueee_yt | 0:7766f6712673 | 826 | |
| yueee_yt | 0:7766f6712673 | 827 | PUTCHAR(md_len, outp); /* length of MD */ |
| yueee_yt | 0:7766f6712673 | 828 | BCOPY(cstate->response, outp, md_len); /* copy MD to buffer */ |
| yueee_yt | 0:7766f6712673 | 829 | INCPTR(md_len, outp); |
| yueee_yt | 0:7766f6712673 | 830 | |
| yueee_yt | 0:7766f6712673 | 831 | BCOPY(cstate->resp_name, outp, name_len); /* append our name */ |
| yueee_yt | 0:7766f6712673 | 832 | |
| yueee_yt | 0:7766f6712673 | 833 | /* send the packet */ |
| yueee_yt | 0:7766f6712673 | 834 | pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN); |
| yueee_yt | 0:7766f6712673 | 835 | |
| yueee_yt | 0:7766f6712673 | 836 | cstate->clientstate = CHAPCS_RESPONSE; |
| yueee_yt | 0:7766f6712673 | 837 | TIMEOUT(ChapResponseTimeout, cstate, cstate->timeouttime); |
| yueee_yt | 0:7766f6712673 | 838 | ++cstate->resp_transmits; |
| yueee_yt | 0:7766f6712673 | 839 | } |
| yueee_yt | 0:7766f6712673 | 840 | |
| yueee_yt | 0:7766f6712673 | 841 | #if PPP_ADDITIONAL_CALLBACKS |
| yueee_yt | 0:7766f6712673 | 842 | static char *ChapCodenames[] = { |
| yueee_yt | 0:7766f6712673 | 843 | "Challenge", "Response", "Success", "Failure" |
| yueee_yt | 0:7766f6712673 | 844 | }; |
| yueee_yt | 0:7766f6712673 | 845 | /* |
| yueee_yt | 0:7766f6712673 | 846 | * ChapPrintPkt - print the contents of a CHAP packet. |
| yueee_yt | 0:7766f6712673 | 847 | */ |
| yueee_yt | 0:7766f6712673 | 848 | static int |
| yueee_yt | 0:7766f6712673 | 849 | ChapPrintPkt( u_char *p, int plen, void (*printer) (void *, char *, ...), void *arg) |
| yueee_yt | 0:7766f6712673 | 850 | { |
| yueee_yt | 0:7766f6712673 | 851 | int code, id, len; |
| yueee_yt | 0:7766f6712673 | 852 | int clen, nlen; |
| yueee_yt | 0:7766f6712673 | 853 | u_char x; |
| yueee_yt | 0:7766f6712673 | 854 | |
| yueee_yt | 0:7766f6712673 | 855 | if (plen < CHAP_HEADERLEN) { |
| yueee_yt | 0:7766f6712673 | 856 | return 0; |
| yueee_yt | 0:7766f6712673 | 857 | } |
| yueee_yt | 0:7766f6712673 | 858 | GETCHAR(code, p); |
| yueee_yt | 0:7766f6712673 | 859 | GETCHAR(id, p); |
| yueee_yt | 0:7766f6712673 | 860 | GETSHORT(len, p); |
| yueee_yt | 0:7766f6712673 | 861 | if (len < CHAP_HEADERLEN || len > plen) { |
| yueee_yt | 0:7766f6712673 | 862 | return 0; |
| yueee_yt | 0:7766f6712673 | 863 | } |
| yueee_yt | 0:7766f6712673 | 864 | |
| yueee_yt | 0:7766f6712673 | 865 | if (code >= 1 && code <= sizeof(ChapCodenames) / sizeof(char *)) { |
| yueee_yt | 0:7766f6712673 | 866 | printer(arg, " %s", ChapCodenames[code-1]); |
| yueee_yt | 0:7766f6712673 | 867 | } else { |
| yueee_yt | 0:7766f6712673 | 868 | printer(arg, " code=0x%x", code); |
| yueee_yt | 0:7766f6712673 | 869 | } |
| yueee_yt | 0:7766f6712673 | 870 | printer(arg, " id=0x%x", id); |
| yueee_yt | 0:7766f6712673 | 871 | len -= CHAP_HEADERLEN; |
| yueee_yt | 0:7766f6712673 | 872 | switch (code) { |
| yueee_yt | 0:7766f6712673 | 873 | case CHAP_CHALLENGE: |
| yueee_yt | 0:7766f6712673 | 874 | case CHAP_RESPONSE: |
| yueee_yt | 0:7766f6712673 | 875 | if (len < 1) { |
| yueee_yt | 0:7766f6712673 | 876 | break; |
| yueee_yt | 0:7766f6712673 | 877 | } |
| yueee_yt | 0:7766f6712673 | 878 | clen = p[0]; |
| yueee_yt | 0:7766f6712673 | 879 | if (len < clen + 1) { |
| yueee_yt | 0:7766f6712673 | 880 | break; |
| yueee_yt | 0:7766f6712673 | 881 | } |
| yueee_yt | 0:7766f6712673 | 882 | ++p; |
| yueee_yt | 0:7766f6712673 | 883 | nlen = len - clen - 1; |
| yueee_yt | 0:7766f6712673 | 884 | printer(arg, " <"); |
| yueee_yt | 0:7766f6712673 | 885 | for (; clen > 0; --clen) { |
| yueee_yt | 0:7766f6712673 | 886 | GETCHAR(x, p); |
| yueee_yt | 0:7766f6712673 | 887 | printer(arg, "%.2x", x); |
| yueee_yt | 0:7766f6712673 | 888 | } |
| yueee_yt | 0:7766f6712673 | 889 | printer(arg, ">, name = %.*Z", nlen, p); |
| yueee_yt | 0:7766f6712673 | 890 | break; |
| yueee_yt | 0:7766f6712673 | 891 | case CHAP_FAILURE: |
| yueee_yt | 0:7766f6712673 | 892 | case CHAP_SUCCESS: |
| yueee_yt | 0:7766f6712673 | 893 | printer(arg, " %.*Z", len, p); |
| yueee_yt | 0:7766f6712673 | 894 | break; |
| yueee_yt | 0:7766f6712673 | 895 | default: |
| yueee_yt | 0:7766f6712673 | 896 | for (clen = len; clen > 0; --clen) { |
| yueee_yt | 0:7766f6712673 | 897 | GETCHAR(x, p); |
| yueee_yt | 0:7766f6712673 | 898 | printer(arg, " %.2x", x); |
| yueee_yt | 0:7766f6712673 | 899 | } |
| yueee_yt | 0:7766f6712673 | 900 | } |
| yueee_yt | 0:7766f6712673 | 901 | |
| yueee_yt | 0:7766f6712673 | 902 | return len + CHAP_HEADERLEN; |
| yueee_yt | 0:7766f6712673 | 903 | } |
| yueee_yt | 0:7766f6712673 | 904 | #endif /* PPP_ADDITIONAL_CALLBACKS */ |
| yueee_yt | 0:7766f6712673 | 905 | |
| yueee_yt | 0:7766f6712673 | 906 | #endif /* CHAP_SUPPORT */ |
| yueee_yt | 0:7766f6712673 | 907 | |
| yueee_yt | 0:7766f6712673 | 908 | #endif /* PPP_SUPPORT */ |