Darran Shepherd
First step: AutoIP compiled in and working
lwip/netif/ppp/chap.c@1:4218cacaf696, 2010-06-18 (annotated)
- Committer:
- darran
- Date:
- Fri Jun 18 15:54:21 2010 +0000
- Revision:
- 1:4218cacaf696
- Parent:
- 0:55a05330f8cc
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| darran | 0:55a05330f8cc | 1 | /*** WARNING - THIS HAS NEVER BEEN FINISHED ***/ |
| darran | 0:55a05330f8cc | 2 | /***************************************************************************** |
| darran | 0:55a05330f8cc | 3 | * chap.c - Network Challenge Handshake Authentication Protocol program file. |
| darran | 0:55a05330f8cc | 4 | * |
| darran | 0:55a05330f8cc | 5 | * Copyright (c) 2003 by Marc Boucher, Services Informatiques (MBSI) inc. |
| darran | 0:55a05330f8cc | 6 | * portions Copyright (c) 1997 by Global Election Systems Inc. |
| darran | 0:55a05330f8cc | 7 | * |
| darran | 0:55a05330f8cc | 8 | * The authors hereby grant permission to use, copy, modify, distribute, |
| darran | 0:55a05330f8cc | 9 | * and license this software and its documentation for any purpose, provided |
| darran | 0:55a05330f8cc | 10 | * that existing copyright notices are retained in all copies and that this |
| darran | 0:55a05330f8cc | 11 | * notice and the following disclaimer are included verbatim in any |
| darran | 0:55a05330f8cc | 12 | * distributions. No written agreement, license, or royalty fee is required |
| darran | 0:55a05330f8cc | 13 | * for any of the authorized uses. |
| darran | 0:55a05330f8cc | 14 | * |
| darran | 0:55a05330f8cc | 15 | * THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS *AS IS* AND ANY EXPRESS OR |
| darran | 0:55a05330f8cc | 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
| darran | 0:55a05330f8cc | 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
| darran | 0:55a05330f8cc | 18 | * IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
| darran | 0:55a05330f8cc | 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
| darran | 0:55a05330f8cc | 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| darran | 0:55a05330f8cc | 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| darran | 0:55a05330f8cc | 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| darran | 0:55a05330f8cc | 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| darran | 0:55a05330f8cc | 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| darran | 0:55a05330f8cc | 25 | * |
| darran | 0:55a05330f8cc | 26 | ****************************************************************************** |
| darran | 0:55a05330f8cc | 27 | * REVISION HISTORY |
| darran | 0:55a05330f8cc | 28 | * |
| darran | 0:55a05330f8cc | 29 | * 03-01-01 Marc Boucher <marc@mbsi.ca> |
| darran | 0:55a05330f8cc | 30 | * Ported to lwIP. |
| darran | 0:55a05330f8cc | 31 | * 97-12-04 Guy Lancaster <lancasterg@acm.org>, Global Election Systems Inc. |
| darran | 0:55a05330f8cc | 32 | * Original based on BSD chap.c. |
| darran | 0:55a05330f8cc | 33 | *****************************************************************************/ |
| darran | 0:55a05330f8cc | 34 | /* |
| darran | 0:55a05330f8cc | 35 | * chap.c - Challenge Handshake Authentication Protocol. |
| darran | 0:55a05330f8cc | 36 | * |
| darran | 0:55a05330f8cc | 37 | * Copyright (c) 1993 The Australian National University. |
| darran | 0:55a05330f8cc | 38 | * All rights reserved. |
| darran | 0:55a05330f8cc | 39 | * |
| darran | 0:55a05330f8cc | 40 | * Redistribution and use in source and binary forms are permitted |
| darran | 0:55a05330f8cc | 41 | * provided that the above copyright notice and this paragraph are |
| darran | 0:55a05330f8cc | 42 | * duplicated in all such forms and that any documentation, |
| darran | 0:55a05330f8cc | 43 | * advertising materials, and other materials related to such |
| darran | 0:55a05330f8cc | 44 | * distribution and use acknowledge that the software was developed |
| darran | 0:55a05330f8cc | 45 | * by the Australian National University. The name of the University |
| darran | 0:55a05330f8cc | 46 | * may not be used to endorse or promote products derived from this |
| darran | 0:55a05330f8cc | 47 | * software without specific prior written permission. |
| darran | 0:55a05330f8cc | 48 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR |
| darran | 0:55a05330f8cc | 49 | * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED |
| darran | 0:55a05330f8cc | 50 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. |
| darran | 0:55a05330f8cc | 51 | * |
| darran | 0:55a05330f8cc | 52 | * Copyright (c) 1991 Gregory M. Christy. |
| darran | 0:55a05330f8cc | 53 | * All rights reserved. |
| darran | 0:55a05330f8cc | 54 | * |
| darran | 0:55a05330f8cc | 55 | * Redistribution and use in source and binary forms are permitted |
| darran | 0:55a05330f8cc | 56 | * provided that the above copyright notice and this paragraph are |
| darran | 0:55a05330f8cc | 57 | * duplicated in all such forms and that any documentation, |
| darran | 0:55a05330f8cc | 58 | * advertising materials, and other materials related to such |
| darran | 0:55a05330f8cc | 59 | * distribution and use acknowledge that the software was developed |
| darran | 0:55a05330f8cc | 60 | * by Gregory M. Christy. The name of the author may not be used to |
| darran | 0:55a05330f8cc | 61 | * endorse or promote products derived from this software without |
| darran | 0:55a05330f8cc | 62 | * specific prior written permission. |
| darran | 0:55a05330f8cc | 63 | * |
| darran | 0:55a05330f8cc | 64 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR |
| darran | 0:55a05330f8cc | 65 | * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED |
| darran | 0:55a05330f8cc | 66 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. |
| darran | 0:55a05330f8cc | 67 | */ |
| darran | 0:55a05330f8cc | 68 | |
| darran | 0:55a05330f8cc | 69 | #include "lwip/opt.h" |
| darran | 0:55a05330f8cc | 70 | |
| darran | 0:55a05330f8cc | 71 | #if PPP_SUPPORT /* don't build if not configured for use in lwipopts.h */ |
| darran | 0:55a05330f8cc | 72 | |
| darran | 0:55a05330f8cc | 73 | #if CHAP_SUPPORT /* don't build if not configured for use in lwipopts.h */ |
| darran | 0:55a05330f8cc | 74 | |
| darran | 0:55a05330f8cc | 75 | #include "ppp.h" |
| darran | 0:55a05330f8cc | 76 | #include "pppdebug.h" |
| darran | 0:55a05330f8cc | 77 | |
| darran | 0:55a05330f8cc | 78 | #include "magic.h" |
| darran | 0:55a05330f8cc | 79 | #include "randm.h" |
| darran | 0:55a05330f8cc | 80 | #include "auth.h" |
| darran | 0:55a05330f8cc | 81 | #include "md5.h" |
| darran | 0:55a05330f8cc | 82 | #include "chap.h" |
| darran | 0:55a05330f8cc | 83 | #include "chpms.h" |
| darran | 0:55a05330f8cc | 84 | |
| darran | 0:55a05330f8cc | 85 | #include <string.h> |
| darran | 0:55a05330f8cc | 86 | |
| darran | 0:55a05330f8cc | 87 | #if 0 /* UNUSED */ |
| darran | 0:55a05330f8cc | 88 | /* |
| darran | 0:55a05330f8cc | 89 | * Command-line options. |
| darran | 0:55a05330f8cc | 90 | */ |
| darran | 0:55a05330f8cc | 91 | static option_t chap_option_list[] = { |
| darran | 0:55a05330f8cc | 92 | { "chap-restart", o_int, &chap[0].timeouttime, |
| darran | 0:55a05330f8cc | 93 | "Set timeout for CHAP" }, |
| darran | 0:55a05330f8cc | 94 | { "chap-max-challenge", o_int, &chap[0].max_transmits, |
| darran | 0:55a05330f8cc | 95 | "Set max #xmits for challenge" }, |
| darran | 0:55a05330f8cc | 96 | { "chap-interval", o_int, &chap[0].chal_interval, |
| darran | 0:55a05330f8cc | 97 | "Set interval for rechallenge" }, |
| darran | 0:55a05330f8cc | 98 | #ifdef MSLANMAN |
| darran | 0:55a05330f8cc | 99 | { "ms-lanman", o_bool, &ms_lanman, |
| darran | 0:55a05330f8cc | 100 | "Use LanMan passwd when using MS-CHAP", 1 }, |
| darran | 0:55a05330f8cc | 101 | #endif |
| darran | 0:55a05330f8cc | 102 | { NULL } |
| darran | 0:55a05330f8cc | 103 | }; |
| darran | 0:55a05330f8cc | 104 | #endif /* UNUSED */ |
| darran | 0:55a05330f8cc | 105 | |
| darran | 0:55a05330f8cc | 106 | /* |
| darran | 0:55a05330f8cc | 107 | * Protocol entry points. |
| darran | 0:55a05330f8cc | 108 | */ |
| darran | 0:55a05330f8cc | 109 | static void ChapInit (int); |
| darran | 0:55a05330f8cc | 110 | static void ChapLowerUp (int); |
| darran | 0:55a05330f8cc | 111 | static void ChapLowerDown (int); |
| darran | 0:55a05330f8cc | 112 | static void ChapInput (int, u_char *, int); |
| darran | 0:55a05330f8cc | 113 | static void ChapProtocolReject (int); |
| darran | 0:55a05330f8cc | 114 | #if PPP_ADDITIONAL_CALLBACKS |
| darran | 0:55a05330f8cc | 115 | static int ChapPrintPkt (u_char *, int, void (*) (void *, char *, ...), void *); |
| darran | 0:55a05330f8cc | 116 | #endif |
| darran | 0:55a05330f8cc | 117 | |
| darran | 0:55a05330f8cc | 118 | struct protent chap_protent = { |
| darran | 0:55a05330f8cc | 119 | PPP_CHAP, |
| darran | 0:55a05330f8cc | 120 | ChapInit, |
| darran | 0:55a05330f8cc | 121 | ChapInput, |
| darran | 0:55a05330f8cc | 122 | ChapProtocolReject, |
| darran | 0:55a05330f8cc | 123 | ChapLowerUp, |
| darran | 0:55a05330f8cc | 124 | ChapLowerDown, |
| darran | 0:55a05330f8cc | 125 | NULL, |
| darran | 0:55a05330f8cc | 126 | NULL, |
| darran | 0:55a05330f8cc | 127 | #if PPP_ADDITIONAL_CALLBACKS |
| darran | 0:55a05330f8cc | 128 | ChapPrintPkt, |
| darran | 0:55a05330f8cc | 129 | NULL, |
| darran | 0:55a05330f8cc | 130 | #endif /* PPP_ADDITIONAL_CALLBACKS */ |
| darran | 0:55a05330f8cc | 131 | 1, |
| darran | 0:55a05330f8cc | 132 | "CHAP", |
| darran | 0:55a05330f8cc | 133 | #if PPP_ADDITIONAL_CALLBACKS |
| darran | 0:55a05330f8cc | 134 | NULL, |
| darran | 0:55a05330f8cc | 135 | NULL, |
| darran | 0:55a05330f8cc | 136 | NULL |
| darran | 0:55a05330f8cc | 137 | #endif /* PPP_ADDITIONAL_CALLBACKS */ |
| darran | 0:55a05330f8cc | 138 | }; |
| darran | 0:55a05330f8cc | 139 | |
| darran | 0:55a05330f8cc | 140 | chap_state chap[NUM_PPP]; /* CHAP state; one for each unit */ |
| darran | 0:55a05330f8cc | 141 | |
| darran | 0:55a05330f8cc | 142 | static void ChapChallengeTimeout (void *); |
| darran | 0:55a05330f8cc | 143 | static void ChapResponseTimeout (void *); |
| darran | 0:55a05330f8cc | 144 | static void ChapReceiveChallenge (chap_state *, u_char *, u_char, int); |
| darran | 0:55a05330f8cc | 145 | static void ChapRechallenge (void *); |
| darran | 0:55a05330f8cc | 146 | static void ChapReceiveResponse (chap_state *, u_char *, int, int); |
| darran | 0:55a05330f8cc | 147 | static void ChapReceiveSuccess(chap_state *cstate, u_char *inp, u_char id, int len); |
| darran | 0:55a05330f8cc | 148 | static void ChapReceiveFailure(chap_state *cstate, u_char *inp, u_char id, int len); |
| darran | 0:55a05330f8cc | 149 | static void ChapSendStatus (chap_state *, int); |
| darran | 0:55a05330f8cc | 150 | static void ChapSendChallenge (chap_state *); |
| darran | 0:55a05330f8cc | 151 | static void ChapSendResponse (chap_state *); |
| darran | 0:55a05330f8cc | 152 | static void ChapGenChallenge (chap_state *); |
| darran | 0:55a05330f8cc | 153 | |
| darran | 0:55a05330f8cc | 154 | /* |
| darran | 0:55a05330f8cc | 155 | * ChapInit - Initialize a CHAP unit. |
| darran | 0:55a05330f8cc | 156 | */ |
| darran | 0:55a05330f8cc | 157 | static void |
| darran | 0:55a05330f8cc | 158 | ChapInit(int unit) |
| darran | 0:55a05330f8cc | 159 | { |
| darran | 0:55a05330f8cc | 160 | chap_state *cstate = &chap[unit]; |
| darran | 0:55a05330f8cc | 161 | |
| darran | 0:55a05330f8cc | 162 | BZERO(cstate, sizeof(*cstate)); |
| darran | 0:55a05330f8cc | 163 | cstate->unit = unit; |
| darran | 0:55a05330f8cc | 164 | cstate->clientstate = CHAPCS_INITIAL; |
| darran | 0:55a05330f8cc | 165 | cstate->serverstate = CHAPSS_INITIAL; |
| darran | 0:55a05330f8cc | 166 | cstate->timeouttime = CHAP_DEFTIMEOUT; |
| darran | 0:55a05330f8cc | 167 | cstate->max_transmits = CHAP_DEFTRANSMITS; |
| darran | 0:55a05330f8cc | 168 | /* random number generator is initialized in magic_init */ |
| darran | 0:55a05330f8cc | 169 | } |
| darran | 0:55a05330f8cc | 170 | |
| darran | 0:55a05330f8cc | 171 | |
| darran | 0:55a05330f8cc | 172 | /* |
| darran | 0:55a05330f8cc | 173 | * ChapAuthWithPeer - Authenticate us with our peer (start client). |
| darran | 0:55a05330f8cc | 174 | * |
| darran | 0:55a05330f8cc | 175 | */ |
| darran | 0:55a05330f8cc | 176 | void |
| darran | 0:55a05330f8cc | 177 | ChapAuthWithPeer(int unit, char *our_name, u_char digest) |
| darran | 0:55a05330f8cc | 178 | { |
| darran | 0:55a05330f8cc | 179 | chap_state *cstate = &chap[unit]; |
| darran | 0:55a05330f8cc | 180 | |
| darran | 0:55a05330f8cc | 181 | cstate->resp_name = our_name; |
| darran | 0:55a05330f8cc | 182 | cstate->resp_type = digest; |
| darran | 0:55a05330f8cc | 183 | |
| darran | 0:55a05330f8cc | 184 | if (cstate->clientstate == CHAPCS_INITIAL || |
| darran | 0:55a05330f8cc | 185 | cstate->clientstate == CHAPCS_PENDING) { |
| darran | 0:55a05330f8cc | 186 | /* lower layer isn't up - wait until later */ |
| darran | 0:55a05330f8cc | 187 | cstate->clientstate = CHAPCS_PENDING; |
| darran | 0:55a05330f8cc | 188 | return; |
| darran | 0:55a05330f8cc | 189 | } |
| darran | 0:55a05330f8cc | 190 | |
| darran | 0:55a05330f8cc | 191 | /* |
| darran | 0:55a05330f8cc | 192 | * We get here as a result of LCP coming up. |
| darran | 0:55a05330f8cc | 193 | * So even if CHAP was open before, we will |
| darran | 0:55a05330f8cc | 194 | * have to re-authenticate ourselves. |
| darran | 0:55a05330f8cc | 195 | */ |
| darran | 0:55a05330f8cc | 196 | cstate->clientstate = CHAPCS_LISTEN; |
| darran | 0:55a05330f8cc | 197 | } |
| darran | 0:55a05330f8cc | 198 | |
| darran | 0:55a05330f8cc | 199 | |
| darran | 0:55a05330f8cc | 200 | /* |
| darran | 0:55a05330f8cc | 201 | * ChapAuthPeer - Authenticate our peer (start server). |
| darran | 0:55a05330f8cc | 202 | */ |
| darran | 0:55a05330f8cc | 203 | void |
| darran | 0:55a05330f8cc | 204 | ChapAuthPeer(int unit, char *our_name, u_char digest) |
| darran | 0:55a05330f8cc | 205 | { |
| darran | 0:55a05330f8cc | 206 | chap_state *cstate = &chap[unit]; |
| darran | 0:55a05330f8cc | 207 | |
| darran | 0:55a05330f8cc | 208 | cstate->chal_name = our_name; |
| darran | 0:55a05330f8cc | 209 | cstate->chal_type = digest; |
| darran | 0:55a05330f8cc | 210 | |
| darran | 0:55a05330f8cc | 211 | if (cstate->serverstate == CHAPSS_INITIAL || |
| darran | 0:55a05330f8cc | 212 | cstate->serverstate == CHAPSS_PENDING) { |
| darran | 0:55a05330f8cc | 213 | /* lower layer isn't up - wait until later */ |
| darran | 0:55a05330f8cc | 214 | cstate->serverstate = CHAPSS_PENDING; |
| darran | 0:55a05330f8cc | 215 | return; |
| darran | 0:55a05330f8cc | 216 | } |
| darran | 0:55a05330f8cc | 217 | |
| darran | 0:55a05330f8cc | 218 | ChapGenChallenge(cstate); |
| darran | 0:55a05330f8cc | 219 | ChapSendChallenge(cstate); /* crank it up dude! */ |
| darran | 0:55a05330f8cc | 220 | cstate->serverstate = CHAPSS_INITIAL_CHAL; |
| darran | 0:55a05330f8cc | 221 | } |
| darran | 0:55a05330f8cc | 222 | |
| darran | 0:55a05330f8cc | 223 | |
| darran | 0:55a05330f8cc | 224 | /* |
| darran | 0:55a05330f8cc | 225 | * ChapChallengeTimeout - Timeout expired on sending challenge. |
| darran | 0:55a05330f8cc | 226 | */ |
| darran | 0:55a05330f8cc | 227 | static void |
| darran | 0:55a05330f8cc | 228 | ChapChallengeTimeout(void *arg) |
| darran | 0:55a05330f8cc | 229 | { |
| darran | 0:55a05330f8cc | 230 | chap_state *cstate = (chap_state *) arg; |
| darran | 0:55a05330f8cc | 231 | |
| darran | 0:55a05330f8cc | 232 | /* if we aren't sending challenges, don't worry. then again we */ |
| darran | 0:55a05330f8cc | 233 | /* probably shouldn't be here either */ |
| darran | 0:55a05330f8cc | 234 | if (cstate->serverstate != CHAPSS_INITIAL_CHAL && |
| darran | 0:55a05330f8cc | 235 | cstate->serverstate != CHAPSS_RECHALLENGE) { |
| darran | 0:55a05330f8cc | 236 | return; |
| darran | 0:55a05330f8cc | 237 | } |
| darran | 0:55a05330f8cc | 238 | |
| darran | 0:55a05330f8cc | 239 | if (cstate->chal_transmits >= cstate->max_transmits) { |
| darran | 0:55a05330f8cc | 240 | /* give up on peer */ |
| darran | 0:55a05330f8cc | 241 | CHAPDEBUG(LOG_ERR, ("Peer failed to respond to CHAP challenge\n")); |
| darran | 0:55a05330f8cc | 242 | cstate->serverstate = CHAPSS_BADAUTH; |
| darran | 0:55a05330f8cc | 243 | auth_peer_fail(cstate->unit, PPP_CHAP); |
| darran | 0:55a05330f8cc | 244 | return; |
| darran | 0:55a05330f8cc | 245 | } |
| darran | 0:55a05330f8cc | 246 | |
| darran | 0:55a05330f8cc | 247 | ChapSendChallenge(cstate); /* Re-send challenge */ |
| darran | 0:55a05330f8cc | 248 | } |
| darran | 0:55a05330f8cc | 249 | |
| darran | 0:55a05330f8cc | 250 | |
| darran | 0:55a05330f8cc | 251 | /* |
| darran | 0:55a05330f8cc | 252 | * ChapResponseTimeout - Timeout expired on sending response. |
| darran | 0:55a05330f8cc | 253 | */ |
| darran | 0:55a05330f8cc | 254 | static void |
| darran | 0:55a05330f8cc | 255 | ChapResponseTimeout(void *arg) |
| darran | 0:55a05330f8cc | 256 | { |
| darran | 0:55a05330f8cc | 257 | chap_state *cstate = (chap_state *) arg; |
| darran | 0:55a05330f8cc | 258 | |
| darran | 0:55a05330f8cc | 259 | /* if we aren't sending a response, don't worry. */ |
| darran | 0:55a05330f8cc | 260 | if (cstate->clientstate != CHAPCS_RESPONSE) { |
| darran | 0:55a05330f8cc | 261 | return; |
| darran | 0:55a05330f8cc | 262 | } |
| darran | 0:55a05330f8cc | 263 | |
| darran | 0:55a05330f8cc | 264 | ChapSendResponse(cstate); /* re-send response */ |
| darran | 0:55a05330f8cc | 265 | } |
| darran | 0:55a05330f8cc | 266 | |
| darran | 0:55a05330f8cc | 267 | |
| darran | 0:55a05330f8cc | 268 | /* |
| darran | 0:55a05330f8cc | 269 | * ChapRechallenge - Time to challenge the peer again. |
| darran | 0:55a05330f8cc | 270 | */ |
| darran | 0:55a05330f8cc | 271 | static void |
| darran | 0:55a05330f8cc | 272 | ChapRechallenge(void *arg) |
| darran | 0:55a05330f8cc | 273 | { |
| darran | 0:55a05330f8cc | 274 | chap_state *cstate = (chap_state *) arg; |
| darran | 0:55a05330f8cc | 275 | |
| darran | 0:55a05330f8cc | 276 | /* if we aren't sending a response, don't worry. */ |
| darran | 0:55a05330f8cc | 277 | if (cstate->serverstate != CHAPSS_OPEN) { |
| darran | 0:55a05330f8cc | 278 | return; |
| darran | 0:55a05330f8cc | 279 | } |
| darran | 0:55a05330f8cc | 280 | |
| darran | 0:55a05330f8cc | 281 | ChapGenChallenge(cstate); |
| darran | 0:55a05330f8cc | 282 | ChapSendChallenge(cstate); |
| darran | 0:55a05330f8cc | 283 | cstate->serverstate = CHAPSS_RECHALLENGE; |
| darran | 0:55a05330f8cc | 284 | } |
| darran | 0:55a05330f8cc | 285 | |
| darran | 0:55a05330f8cc | 286 | |
| darran | 0:55a05330f8cc | 287 | /* |
| darran | 0:55a05330f8cc | 288 | * ChapLowerUp - The lower layer is up. |
| darran | 0:55a05330f8cc | 289 | * |
| darran | 0:55a05330f8cc | 290 | * Start up if we have pending requests. |
| darran | 0:55a05330f8cc | 291 | */ |
| darran | 0:55a05330f8cc | 292 | static void |
| darran | 0:55a05330f8cc | 293 | ChapLowerUp(int unit) |
| darran | 0:55a05330f8cc | 294 | { |
| darran | 0:55a05330f8cc | 295 | chap_state *cstate = &chap[unit]; |
| darran | 0:55a05330f8cc | 296 | |
| darran | 0:55a05330f8cc | 297 | if (cstate->clientstate == CHAPCS_INITIAL) { |
| darran | 0:55a05330f8cc | 298 | cstate->clientstate = CHAPCS_CLOSED; |
| darran | 0:55a05330f8cc | 299 | } else if (cstate->clientstate == CHAPCS_PENDING) { |
| darran | 0:55a05330f8cc | 300 | cstate->clientstate = CHAPCS_LISTEN; |
| darran | 0:55a05330f8cc | 301 | } |
| darran | 0:55a05330f8cc | 302 | |
| darran | 0:55a05330f8cc | 303 | if (cstate->serverstate == CHAPSS_INITIAL) { |
| darran | 0:55a05330f8cc | 304 | cstate->serverstate = CHAPSS_CLOSED; |
| darran | 0:55a05330f8cc | 305 | } else if (cstate->serverstate == CHAPSS_PENDING) { |
| darran | 0:55a05330f8cc | 306 | ChapGenChallenge(cstate); |
| darran | 0:55a05330f8cc | 307 | ChapSendChallenge(cstate); |
| darran | 0:55a05330f8cc | 308 | cstate->serverstate = CHAPSS_INITIAL_CHAL; |
| darran | 0:55a05330f8cc | 309 | } |
| darran | 0:55a05330f8cc | 310 | } |
| darran | 0:55a05330f8cc | 311 | |
| darran | 0:55a05330f8cc | 312 | |
| darran | 0:55a05330f8cc | 313 | /* |
| darran | 0:55a05330f8cc | 314 | * ChapLowerDown - The lower layer is down. |
| darran | 0:55a05330f8cc | 315 | * |
| darran | 0:55a05330f8cc | 316 | * Cancel all timeouts. |
| darran | 0:55a05330f8cc | 317 | */ |
| darran | 0:55a05330f8cc | 318 | static void |
| darran | 0:55a05330f8cc | 319 | ChapLowerDown(int unit) |
| darran | 0:55a05330f8cc | 320 | { |
| darran | 0:55a05330f8cc | 321 | chap_state *cstate = &chap[unit]; |
| darran | 0:55a05330f8cc | 322 | |
| darran | 0:55a05330f8cc | 323 | /* Timeout(s) pending? Cancel if so. */ |
| darran | 0:55a05330f8cc | 324 | if (cstate->serverstate == CHAPSS_INITIAL_CHAL || |
| darran | 0:55a05330f8cc | 325 | cstate->serverstate == CHAPSS_RECHALLENGE) { |
| darran | 0:55a05330f8cc | 326 | UNTIMEOUT(ChapChallengeTimeout, cstate); |
| darran | 0:55a05330f8cc | 327 | } else if (cstate->serverstate == CHAPSS_OPEN |
| darran | 0:55a05330f8cc | 328 | && cstate->chal_interval != 0) { |
| darran | 0:55a05330f8cc | 329 | UNTIMEOUT(ChapRechallenge, cstate); |
| darran | 0:55a05330f8cc | 330 | } |
| darran | 0:55a05330f8cc | 331 | if (cstate->clientstate == CHAPCS_RESPONSE) { |
| darran | 0:55a05330f8cc | 332 | UNTIMEOUT(ChapResponseTimeout, cstate); |
| darran | 0:55a05330f8cc | 333 | } |
| darran | 0:55a05330f8cc | 334 | cstate->clientstate = CHAPCS_INITIAL; |
| darran | 0:55a05330f8cc | 335 | cstate->serverstate = CHAPSS_INITIAL; |
| darran | 0:55a05330f8cc | 336 | } |
| darran | 0:55a05330f8cc | 337 | |
| darran | 0:55a05330f8cc | 338 | |
| darran | 0:55a05330f8cc | 339 | /* |
| darran | 0:55a05330f8cc | 340 | * ChapProtocolReject - Peer doesn't grok CHAP. |
| darran | 0:55a05330f8cc | 341 | */ |
| darran | 0:55a05330f8cc | 342 | static void |
| darran | 0:55a05330f8cc | 343 | ChapProtocolReject(int unit) |
| darran | 0:55a05330f8cc | 344 | { |
| darran | 0:55a05330f8cc | 345 | chap_state *cstate = &chap[unit]; |
| darran | 0:55a05330f8cc | 346 | |
| darran | 0:55a05330f8cc | 347 | if (cstate->serverstate != CHAPSS_INITIAL && |
| darran | 0:55a05330f8cc | 348 | cstate->serverstate != CHAPSS_CLOSED) { |
| darran | 0:55a05330f8cc | 349 | auth_peer_fail(unit, PPP_CHAP); |
| darran | 0:55a05330f8cc | 350 | } |
| darran | 0:55a05330f8cc | 351 | if (cstate->clientstate != CHAPCS_INITIAL && |
| darran | 0:55a05330f8cc | 352 | cstate->clientstate != CHAPCS_CLOSED) { |
| darran | 0:55a05330f8cc | 353 | auth_withpeer_fail(unit, PPP_CHAP); /* lwip: just sets the PPP error code on this unit to PPPERR_AUTHFAIL */ |
| darran | 0:55a05330f8cc | 354 | } |
| darran | 0:55a05330f8cc | 355 | ChapLowerDown(unit); /* shutdown chap */ |
| darran | 0:55a05330f8cc | 356 | } |
| darran | 0:55a05330f8cc | 357 | |
| darran | 0:55a05330f8cc | 358 | |
| darran | 0:55a05330f8cc | 359 | /* |
| darran | 0:55a05330f8cc | 360 | * ChapInput - Input CHAP packet. |
| darran | 0:55a05330f8cc | 361 | */ |
| darran | 0:55a05330f8cc | 362 | static void |
| darran | 0:55a05330f8cc | 363 | ChapInput(int unit, u_char *inpacket, int packet_len) |
| darran | 0:55a05330f8cc | 364 | { |
| darran | 0:55a05330f8cc | 365 | chap_state *cstate = &chap[unit]; |
| darran | 0:55a05330f8cc | 366 | u_char *inp; |
| darran | 0:55a05330f8cc | 367 | u_char code, id; |
| darran | 0:55a05330f8cc | 368 | int len; |
| darran | 0:55a05330f8cc | 369 | |
| darran | 0:55a05330f8cc | 370 | /* |
| darran | 0:55a05330f8cc | 371 | * Parse header (code, id and length). |
| darran | 0:55a05330f8cc | 372 | * If packet too short, drop it. |
| darran | 0:55a05330f8cc | 373 | */ |
| darran | 0:55a05330f8cc | 374 | inp = inpacket; |
| darran | 0:55a05330f8cc | 375 | if (packet_len < CHAP_HEADERLEN) { |
| darran | 0:55a05330f8cc | 376 | CHAPDEBUG(LOG_INFO, ("ChapInput: rcvd short header.\n")); |
| darran | 0:55a05330f8cc | 377 | return; |
| darran | 0:55a05330f8cc | 378 | } |
| darran | 0:55a05330f8cc | 379 | GETCHAR(code, inp); |
| darran | 0:55a05330f8cc | 380 | GETCHAR(id, inp); |
| darran | 0:55a05330f8cc | 381 | GETSHORT(len, inp); |
| darran | 0:55a05330f8cc | 382 | if (len < CHAP_HEADERLEN) { |
| darran | 0:55a05330f8cc | 383 | CHAPDEBUG(LOG_INFO, ("ChapInput: rcvd illegal length.\n")); |
| darran | 0:55a05330f8cc | 384 | return; |
| darran | 0:55a05330f8cc | 385 | } |
| darran | 0:55a05330f8cc | 386 | if (len > packet_len) { |
| darran | 0:55a05330f8cc | 387 | CHAPDEBUG(LOG_INFO, ("ChapInput: rcvd short packet.\n")); |
| darran | 0:55a05330f8cc | 388 | return; |
| darran | 0:55a05330f8cc | 389 | } |
| darran | 0:55a05330f8cc | 390 | len -= CHAP_HEADERLEN; |
| darran | 0:55a05330f8cc | 391 | |
| darran | 0:55a05330f8cc | 392 | /* |
| darran | 0:55a05330f8cc | 393 | * Action depends on code (as in fact it usually does :-). |
| darran | 0:55a05330f8cc | 394 | */ |
| darran | 0:55a05330f8cc | 395 | switch (code) { |
| darran | 0:55a05330f8cc | 396 | case CHAP_CHALLENGE: |
| darran | 0:55a05330f8cc | 397 | ChapReceiveChallenge(cstate, inp, id, len); |
| darran | 0:55a05330f8cc | 398 | break; |
| darran | 0:55a05330f8cc | 399 | |
| darran | 0:55a05330f8cc | 400 | case CHAP_RESPONSE: |
| darran | 0:55a05330f8cc | 401 | ChapReceiveResponse(cstate, inp, id, len); |
| darran | 0:55a05330f8cc | 402 | break; |
| darran | 0:55a05330f8cc | 403 | |
| darran | 0:55a05330f8cc | 404 | case CHAP_FAILURE: |
| darran | 0:55a05330f8cc | 405 | ChapReceiveFailure(cstate, inp, id, len); |
| darran | 0:55a05330f8cc | 406 | break; |
| darran | 0:55a05330f8cc | 407 | |
| darran | 0:55a05330f8cc | 408 | case CHAP_SUCCESS: |
| darran | 0:55a05330f8cc | 409 | ChapReceiveSuccess(cstate, inp, id, len); |
| darran | 0:55a05330f8cc | 410 | break; |
| darran | 0:55a05330f8cc | 411 | |
| darran | 0:55a05330f8cc | 412 | default: /* Need code reject? */ |
| darran | 0:55a05330f8cc | 413 | CHAPDEBUG(LOG_WARNING, ("Unknown CHAP code (%d) received.\n", code)); |
| darran | 0:55a05330f8cc | 414 | break; |
| darran | 0:55a05330f8cc | 415 | } |
| darran | 0:55a05330f8cc | 416 | } |
| darran | 0:55a05330f8cc | 417 | |
| darran | 0:55a05330f8cc | 418 | |
| darran | 0:55a05330f8cc | 419 | /* |
| darran | 0:55a05330f8cc | 420 | * ChapReceiveChallenge - Receive Challenge and send Response. |
| darran | 0:55a05330f8cc | 421 | */ |
| darran | 0:55a05330f8cc | 422 | static void |
| darran | 0:55a05330f8cc | 423 | ChapReceiveChallenge(chap_state *cstate, u_char *inp, u_char id, int len) |
| darran | 0:55a05330f8cc | 424 | { |
| darran | 0:55a05330f8cc | 425 | int rchallenge_len; |
| darran | 0:55a05330f8cc | 426 | u_char *rchallenge; |
| darran | 0:55a05330f8cc | 427 | int secret_len; |
| darran | 0:55a05330f8cc | 428 | char secret[MAXSECRETLEN]; |
| darran | 0:55a05330f8cc | 429 | char rhostname[256]; |
| darran | 0:55a05330f8cc | 430 | MD5_CTX mdContext; |
| darran | 0:55a05330f8cc | 431 | u_char hash[MD5_SIGNATURE_SIZE]; |
| darran | 0:55a05330f8cc | 432 | |
| darran | 0:55a05330f8cc | 433 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: Rcvd id %d.\n", id)); |
| darran | 0:55a05330f8cc | 434 | if (cstate->clientstate == CHAPCS_CLOSED || |
| darran | 0:55a05330f8cc | 435 | cstate->clientstate == CHAPCS_PENDING) { |
| darran | 0:55a05330f8cc | 436 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: in state %d\n", |
| darran | 0:55a05330f8cc | 437 | cstate->clientstate)); |
| darran | 0:55a05330f8cc | 438 | return; |
| darran | 0:55a05330f8cc | 439 | } |
| darran | 0:55a05330f8cc | 440 | |
| darran | 0:55a05330f8cc | 441 | if (len < 2) { |
| darran | 0:55a05330f8cc | 442 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: rcvd short packet.\n")); |
| darran | 0:55a05330f8cc | 443 | return; |
| darran | 0:55a05330f8cc | 444 | } |
| darran | 0:55a05330f8cc | 445 | |
| darran | 0:55a05330f8cc | 446 | GETCHAR(rchallenge_len, inp); |
| darran | 0:55a05330f8cc | 447 | len -= sizeof (u_char) + rchallenge_len; /* now name field length */ |
| darran | 0:55a05330f8cc | 448 | if (len < 0) { |
| darran | 0:55a05330f8cc | 449 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: rcvd short packet.\n")); |
| darran | 0:55a05330f8cc | 450 | return; |
| darran | 0:55a05330f8cc | 451 | } |
| darran | 0:55a05330f8cc | 452 | rchallenge = inp; |
| darran | 0:55a05330f8cc | 453 | INCPTR(rchallenge_len, inp); |
| darran | 0:55a05330f8cc | 454 | |
| darran | 0:55a05330f8cc | 455 | if (len >= (int)sizeof(rhostname)) { |
| darran | 0:55a05330f8cc | 456 | len = sizeof(rhostname) - 1; |
| darran | 0:55a05330f8cc | 457 | } |
| darran | 0:55a05330f8cc | 458 | BCOPY(inp, rhostname, len); |
| darran | 0:55a05330f8cc | 459 | rhostname[len] = '\000'; |
| darran | 0:55a05330f8cc | 460 | |
| darran | 0:55a05330f8cc | 461 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: received name field '%s'\n", |
| darran | 0:55a05330f8cc | 462 | rhostname)); |
| darran | 0:55a05330f8cc | 463 | |
| darran | 0:55a05330f8cc | 464 | /* Microsoft doesn't send their name back in the PPP packet */ |
| darran | 0:55a05330f8cc | 465 | if (ppp_settings.remote_name[0] != 0 && (ppp_settings.explicit_remote || rhostname[0] == 0)) { |
| darran | 0:55a05330f8cc | 466 | strncpy(rhostname, ppp_settings.remote_name, sizeof(rhostname)); |
| darran | 0:55a05330f8cc | 467 | rhostname[sizeof(rhostname) - 1] = 0; |
| darran | 0:55a05330f8cc | 468 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: using '%s' as remote name\n", |
| darran | 0:55a05330f8cc | 469 | rhostname)); |
| darran | 0:55a05330f8cc | 470 | } |
| darran | 0:55a05330f8cc | 471 | |
| darran | 0:55a05330f8cc | 472 | /* get secret for authenticating ourselves with the specified host */ |
| darran | 0:55a05330f8cc | 473 | if (!get_secret(cstate->unit, cstate->resp_name, rhostname, |
| darran | 0:55a05330f8cc | 474 | secret, &secret_len, 0)) { |
| darran | 0:55a05330f8cc | 475 | secret_len = 0; /* assume null secret if can't find one */ |
| darran | 0:55a05330f8cc | 476 | CHAPDEBUG(LOG_WARNING, ("No CHAP secret found for authenticating us to %s\n", |
| darran | 0:55a05330f8cc | 477 | rhostname)); |
| darran | 0:55a05330f8cc | 478 | } |
| darran | 0:55a05330f8cc | 479 | |
| darran | 0:55a05330f8cc | 480 | /* cancel response send timeout if necessary */ |
| darran | 0:55a05330f8cc | 481 | if (cstate->clientstate == CHAPCS_RESPONSE) { |
| darran | 0:55a05330f8cc | 482 | UNTIMEOUT(ChapResponseTimeout, cstate); |
| darran | 0:55a05330f8cc | 483 | } |
| darran | 0:55a05330f8cc | 484 | |
| darran | 0:55a05330f8cc | 485 | cstate->resp_id = id; |
| darran | 0:55a05330f8cc | 486 | cstate->resp_transmits = 0; |
| darran | 0:55a05330f8cc | 487 | |
| darran | 0:55a05330f8cc | 488 | /* generate MD based on negotiated type */ |
| darran | 0:55a05330f8cc | 489 | switch (cstate->resp_type) { |
| darran | 0:55a05330f8cc | 490 | |
| darran | 0:55a05330f8cc | 491 | case CHAP_DIGEST_MD5: |
| darran | 0:55a05330f8cc | 492 | MD5Init(&mdContext); |
| darran | 0:55a05330f8cc | 493 | MD5Update(&mdContext, &cstate->resp_id, 1); |
| darran | 0:55a05330f8cc | 494 | MD5Update(&mdContext, (u_char*)secret, secret_len); |
| darran | 0:55a05330f8cc | 495 | MD5Update(&mdContext, rchallenge, rchallenge_len); |
| darran | 0:55a05330f8cc | 496 | MD5Final(hash, &mdContext); |
| darran | 0:55a05330f8cc | 497 | BCOPY(hash, cstate->response, MD5_SIGNATURE_SIZE); |
| darran | 0:55a05330f8cc | 498 | cstate->resp_length = MD5_SIGNATURE_SIZE; |
| darran | 0:55a05330f8cc | 499 | break; |
| darran | 0:55a05330f8cc | 500 | |
| darran | 0:55a05330f8cc | 501 | #if MSCHAP_SUPPORT |
| darran | 0:55a05330f8cc | 502 | case CHAP_MICROSOFT: |
| darran | 0:55a05330f8cc | 503 | ChapMS(cstate, rchallenge, rchallenge_len, secret, secret_len); |
| darran | 0:55a05330f8cc | 504 | break; |
| darran | 0:55a05330f8cc | 505 | #endif |
| darran | 0:55a05330f8cc | 506 | |
| darran | 0:55a05330f8cc | 507 | default: |
| darran | 0:55a05330f8cc | 508 | CHAPDEBUG(LOG_INFO, ("unknown digest type %d\n", cstate->resp_type)); |
| darran | 0:55a05330f8cc | 509 | return; |
| darran | 0:55a05330f8cc | 510 | } |
| darran | 0:55a05330f8cc | 511 | |
| darran | 0:55a05330f8cc | 512 | BZERO(secret, sizeof(secret)); |
| darran | 0:55a05330f8cc | 513 | ChapSendResponse(cstate); |
| darran | 0:55a05330f8cc | 514 | } |
| darran | 0:55a05330f8cc | 515 | |
| darran | 0:55a05330f8cc | 516 | |
| darran | 0:55a05330f8cc | 517 | /* |
| darran | 0:55a05330f8cc | 518 | * ChapReceiveResponse - Receive and process response. |
| darran | 0:55a05330f8cc | 519 | */ |
| darran | 0:55a05330f8cc | 520 | static void |
| darran | 0:55a05330f8cc | 521 | ChapReceiveResponse(chap_state *cstate, u_char *inp, int id, int len) |
| darran | 0:55a05330f8cc | 522 | { |
| darran | 0:55a05330f8cc | 523 | u_char *remmd, remmd_len; |
| darran | 0:55a05330f8cc | 524 | int secret_len, old_state; |
| darran | 0:55a05330f8cc | 525 | int code; |
| darran | 0:55a05330f8cc | 526 | char rhostname[256]; |
| darran | 0:55a05330f8cc | 527 | MD5_CTX mdContext; |
| darran | 0:55a05330f8cc | 528 | char secret[MAXSECRETLEN]; |
| darran | 0:55a05330f8cc | 529 | u_char hash[MD5_SIGNATURE_SIZE]; |
| darran | 0:55a05330f8cc | 530 | |
| darran | 0:55a05330f8cc | 531 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: Rcvd id %d.\n", id)); |
| darran | 0:55a05330f8cc | 532 | |
| darran | 0:55a05330f8cc | 533 | if (cstate->serverstate == CHAPSS_CLOSED || |
| darran | 0:55a05330f8cc | 534 | cstate->serverstate == CHAPSS_PENDING) { |
| darran | 0:55a05330f8cc | 535 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: in state %d\n", |
| darran | 0:55a05330f8cc | 536 | cstate->serverstate)); |
| darran | 0:55a05330f8cc | 537 | return; |
| darran | 0:55a05330f8cc | 538 | } |
| darran | 0:55a05330f8cc | 539 | |
| darran | 0:55a05330f8cc | 540 | if (id != cstate->chal_id) { |
| darran | 0:55a05330f8cc | 541 | return; /* doesn't match ID of last challenge */ |
| darran | 0:55a05330f8cc | 542 | } |
| darran | 0:55a05330f8cc | 543 | |
| darran | 0:55a05330f8cc | 544 | /* |
| darran | 0:55a05330f8cc | 545 | * If we have received a duplicate or bogus Response, |
| darran | 0:55a05330f8cc | 546 | * we have to send the same answer (Success/Failure) |
| darran | 0:55a05330f8cc | 547 | * as we did for the first Response we saw. |
| darran | 0:55a05330f8cc | 548 | */ |
| darran | 0:55a05330f8cc | 549 | if (cstate->serverstate == CHAPSS_OPEN) { |
| darran | 0:55a05330f8cc | 550 | ChapSendStatus(cstate, CHAP_SUCCESS); |
| darran | 0:55a05330f8cc | 551 | return; |
| darran | 0:55a05330f8cc | 552 | } |
| darran | 0:55a05330f8cc | 553 | if (cstate->serverstate == CHAPSS_BADAUTH) { |
| darran | 0:55a05330f8cc | 554 | ChapSendStatus(cstate, CHAP_FAILURE); |
| darran | 0:55a05330f8cc | 555 | return; |
| darran | 0:55a05330f8cc | 556 | } |
| darran | 0:55a05330f8cc | 557 | |
| darran | 0:55a05330f8cc | 558 | if (len < 2) { |
| darran | 0:55a05330f8cc | 559 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: rcvd short packet.\n")); |
| darran | 0:55a05330f8cc | 560 | return; |
| darran | 0:55a05330f8cc | 561 | } |
| darran | 0:55a05330f8cc | 562 | GETCHAR(remmd_len, inp); /* get length of MD */ |
| darran | 0:55a05330f8cc | 563 | remmd = inp; /* get pointer to MD */ |
| darran | 0:55a05330f8cc | 564 | INCPTR(remmd_len, inp); |
| darran | 0:55a05330f8cc | 565 | |
| darran | 0:55a05330f8cc | 566 | len -= sizeof (u_char) + remmd_len; |
| darran | 0:55a05330f8cc | 567 | if (len < 0) { |
| darran | 0:55a05330f8cc | 568 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: rcvd short packet.\n")); |
| darran | 0:55a05330f8cc | 569 | return; |
| darran | 0:55a05330f8cc | 570 | } |
| darran | 0:55a05330f8cc | 571 | |
| darran | 0:55a05330f8cc | 572 | UNTIMEOUT(ChapChallengeTimeout, cstate); |
| darran | 0:55a05330f8cc | 573 | |
| darran | 0:55a05330f8cc | 574 | if (len >= (int)sizeof(rhostname)) { |
| darran | 0:55a05330f8cc | 575 | len = sizeof(rhostname) - 1; |
| darran | 0:55a05330f8cc | 576 | } |
| darran | 0:55a05330f8cc | 577 | BCOPY(inp, rhostname, len); |
| darran | 0:55a05330f8cc | 578 | rhostname[len] = '\000'; |
| darran | 0:55a05330f8cc | 579 | |
| darran | 0:55a05330f8cc | 580 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: received name field: %s\n", |
| darran | 0:55a05330f8cc | 581 | rhostname)); |
| darran | 0:55a05330f8cc | 582 | |
| darran | 0:55a05330f8cc | 583 | /* |
| darran | 0:55a05330f8cc | 584 | * Get secret for authenticating them with us, |
| darran | 0:55a05330f8cc | 585 | * do the hash ourselves, and compare the result. |
| darran | 0:55a05330f8cc | 586 | */ |
| darran | 0:55a05330f8cc | 587 | code = CHAP_FAILURE; |
| darran | 0:55a05330f8cc | 588 | if (!get_secret(cstate->unit, rhostname, cstate->chal_name, |
| darran | 0:55a05330f8cc | 589 | secret, &secret_len, 1)) { |
| darran | 0:55a05330f8cc | 590 | CHAPDEBUG(LOG_WARNING, ("No CHAP secret found for authenticating %s\n", |
| darran | 0:55a05330f8cc | 591 | rhostname)); |
| darran | 0:55a05330f8cc | 592 | } else { |
| darran | 0:55a05330f8cc | 593 | /* generate MD based on negotiated type */ |
| darran | 0:55a05330f8cc | 594 | switch (cstate->chal_type) { |
| darran | 0:55a05330f8cc | 595 | |
| darran | 0:55a05330f8cc | 596 | case CHAP_DIGEST_MD5: /* only MD5 is defined for now */ |
| darran | 0:55a05330f8cc | 597 | if (remmd_len != MD5_SIGNATURE_SIZE) { |
| darran | 0:55a05330f8cc | 598 | break; /* it's not even the right length */ |
| darran | 0:55a05330f8cc | 599 | } |
| darran | 0:55a05330f8cc | 600 | MD5Init(&mdContext); |
| darran | 0:55a05330f8cc | 601 | MD5Update(&mdContext, &cstate->chal_id, 1); |
| darran | 0:55a05330f8cc | 602 | MD5Update(&mdContext, (u_char*)secret, secret_len); |
| darran | 0:55a05330f8cc | 603 | MD5Update(&mdContext, cstate->challenge, cstate->chal_len); |
| darran | 0:55a05330f8cc | 604 | MD5Final(hash, &mdContext); |
| darran | 0:55a05330f8cc | 605 | |
| darran | 0:55a05330f8cc | 606 | /* compare local and remote MDs and send the appropriate status */ |
| darran | 0:55a05330f8cc | 607 | if (memcmp (hash, remmd, MD5_SIGNATURE_SIZE) == 0) { |
| darran | 0:55a05330f8cc | 608 | code = CHAP_SUCCESS; /* they are the same! */ |
| darran | 0:55a05330f8cc | 609 | } |
| darran | 0:55a05330f8cc | 610 | break; |
| darran | 0:55a05330f8cc | 611 | |
| darran | 0:55a05330f8cc | 612 | default: |
| darran | 0:55a05330f8cc | 613 | CHAPDEBUG(LOG_INFO, ("unknown digest type %d\n", cstate->chal_type)); |
| darran | 0:55a05330f8cc | 614 | } |
| darran | 0:55a05330f8cc | 615 | } |
| darran | 0:55a05330f8cc | 616 | |
| darran | 0:55a05330f8cc | 617 | BZERO(secret, sizeof(secret)); |
| darran | 0:55a05330f8cc | 618 | ChapSendStatus(cstate, code); |
| darran | 0:55a05330f8cc | 619 | |
| darran | 0:55a05330f8cc | 620 | if (code == CHAP_SUCCESS) { |
| darran | 0:55a05330f8cc | 621 | old_state = cstate->serverstate; |
| darran | 0:55a05330f8cc | 622 | cstate->serverstate = CHAPSS_OPEN; |
| darran | 0:55a05330f8cc | 623 | if (old_state == CHAPSS_INITIAL_CHAL) { |
| darran | 0:55a05330f8cc | 624 | auth_peer_success(cstate->unit, PPP_CHAP, rhostname, len); |
| darran | 0:55a05330f8cc | 625 | } |
| darran | 0:55a05330f8cc | 626 | if (cstate->chal_interval != 0) { |
| darran | 0:55a05330f8cc | 627 | TIMEOUT(ChapRechallenge, cstate, cstate->chal_interval); |
| darran | 0:55a05330f8cc | 628 | } |
| darran | 0:55a05330f8cc | 629 | } else { |
| darran | 0:55a05330f8cc | 630 | CHAPDEBUG(LOG_ERR, ("CHAP peer authentication failed\n")); |
| darran | 0:55a05330f8cc | 631 | cstate->serverstate = CHAPSS_BADAUTH; |
| darran | 0:55a05330f8cc | 632 | auth_peer_fail(cstate->unit, PPP_CHAP); |
| darran | 0:55a05330f8cc | 633 | } |
| darran | 0:55a05330f8cc | 634 | } |
| darran | 0:55a05330f8cc | 635 | |
| darran | 0:55a05330f8cc | 636 | /* |
| darran | 0:55a05330f8cc | 637 | * ChapReceiveSuccess - Receive Success |
| darran | 0:55a05330f8cc | 638 | */ |
| darran | 0:55a05330f8cc | 639 | static void |
| darran | 0:55a05330f8cc | 640 | ChapReceiveSuccess(chap_state *cstate, u_char *inp, u_char id, int len) |
| darran | 0:55a05330f8cc | 641 | { |
| darran | 0:55a05330f8cc | 642 | LWIP_UNUSED_ARG(id); |
| darran | 0:55a05330f8cc | 643 | LWIP_UNUSED_ARG(inp); |
| darran | 0:55a05330f8cc | 644 | |
| darran | 0:55a05330f8cc | 645 | CHAPDEBUG(LOG_INFO, ("ChapReceiveSuccess: Rcvd id %d.\n", id)); |
| darran | 0:55a05330f8cc | 646 | |
| darran | 0:55a05330f8cc | 647 | if (cstate->clientstate == CHAPCS_OPEN) { |
| darran | 0:55a05330f8cc | 648 | /* presumably an answer to a duplicate response */ |
| darran | 0:55a05330f8cc | 649 | return; |
| darran | 0:55a05330f8cc | 650 | } |
| darran | 0:55a05330f8cc | 651 | |
| darran | 0:55a05330f8cc | 652 | if (cstate->clientstate != CHAPCS_RESPONSE) { |
| darran | 0:55a05330f8cc | 653 | /* don't know what this is */ |
| darran | 0:55a05330f8cc | 654 | CHAPDEBUG(LOG_INFO, ("ChapReceiveSuccess: in state %d\n", |
| darran | 0:55a05330f8cc | 655 | cstate->clientstate)); |
| darran | 0:55a05330f8cc | 656 | return; |
| darran | 0:55a05330f8cc | 657 | } |
| darran | 0:55a05330f8cc | 658 | |
| darran | 0:55a05330f8cc | 659 | UNTIMEOUT(ChapResponseTimeout, cstate); |
| darran | 0:55a05330f8cc | 660 | |
| darran | 0:55a05330f8cc | 661 | /* |
| darran | 0:55a05330f8cc | 662 | * Print message. |
| darran | 0:55a05330f8cc | 663 | */ |
| darran | 0:55a05330f8cc | 664 | if (len > 0) { |
| darran | 0:55a05330f8cc | 665 | PRINTMSG(inp, len); |
| darran | 0:55a05330f8cc | 666 | } |
| darran | 0:55a05330f8cc | 667 | |
| darran | 0:55a05330f8cc | 668 | cstate->clientstate = CHAPCS_OPEN; |
| darran | 0:55a05330f8cc | 669 | |
| darran | 0:55a05330f8cc | 670 | auth_withpeer_success(cstate->unit, PPP_CHAP); |
| darran | 0:55a05330f8cc | 671 | } |
| darran | 0:55a05330f8cc | 672 | |
| darran | 0:55a05330f8cc | 673 | |
| darran | 0:55a05330f8cc | 674 | /* |
| darran | 0:55a05330f8cc | 675 | * ChapReceiveFailure - Receive failure. |
| darran | 0:55a05330f8cc | 676 | */ |
| darran | 0:55a05330f8cc | 677 | static void |
| darran | 0:55a05330f8cc | 678 | ChapReceiveFailure(chap_state *cstate, u_char *inp, u_char id, int len) |
| darran | 0:55a05330f8cc | 679 | { |
| darran | 0:55a05330f8cc | 680 | LWIP_UNUSED_ARG(id); |
| darran | 0:55a05330f8cc | 681 | LWIP_UNUSED_ARG(inp); |
| darran | 0:55a05330f8cc | 682 | |
| darran | 0:55a05330f8cc | 683 | CHAPDEBUG(LOG_INFO, ("ChapReceiveFailure: Rcvd id %d.\n", id)); |
| darran | 0:55a05330f8cc | 684 | |
| darran | 0:55a05330f8cc | 685 | if (cstate->clientstate != CHAPCS_RESPONSE) { |
| darran | 0:55a05330f8cc | 686 | /* don't know what this is */ |
| darran | 0:55a05330f8cc | 687 | CHAPDEBUG(LOG_INFO, ("ChapReceiveFailure: in state %d\n", |
| darran | 0:55a05330f8cc | 688 | cstate->clientstate)); |
| darran | 0:55a05330f8cc | 689 | return; |
| darran | 0:55a05330f8cc | 690 | } |
| darran | 0:55a05330f8cc | 691 | |
| darran | 0:55a05330f8cc | 692 | UNTIMEOUT(ChapResponseTimeout, cstate); |
| darran | 0:55a05330f8cc | 693 | |
| darran | 0:55a05330f8cc | 694 | /* |
| darran | 0:55a05330f8cc | 695 | * Print message. |
| darran | 0:55a05330f8cc | 696 | */ |
| darran | 0:55a05330f8cc | 697 | if (len > 0) { |
| darran | 0:55a05330f8cc | 698 | PRINTMSG(inp, len); |
| darran | 0:55a05330f8cc | 699 | } |
| darran | 0:55a05330f8cc | 700 | |
| darran | 0:55a05330f8cc | 701 | CHAPDEBUG(LOG_ERR, ("CHAP authentication failed\n")); |
| darran | 0:55a05330f8cc | 702 | auth_withpeer_fail(cstate->unit, PPP_CHAP); /* lwip: just sets the PPP error code on this unit to PPPERR_AUTHFAIL */ |
| darran | 0:55a05330f8cc | 703 | } |
| darran | 0:55a05330f8cc | 704 | |
| darran | 0:55a05330f8cc | 705 | |
| darran | 0:55a05330f8cc | 706 | /* |
| darran | 0:55a05330f8cc | 707 | * ChapSendChallenge - Send an Authenticate challenge. |
| darran | 0:55a05330f8cc | 708 | */ |
| darran | 0:55a05330f8cc | 709 | static void |
| darran | 0:55a05330f8cc | 710 | ChapSendChallenge(chap_state *cstate) |
| darran | 0:55a05330f8cc | 711 | { |
| darran | 0:55a05330f8cc | 712 | u_char *outp; |
| darran | 0:55a05330f8cc | 713 | int chal_len, name_len; |
| darran | 0:55a05330f8cc | 714 | int outlen; |
| darran | 0:55a05330f8cc | 715 | |
| darran | 0:55a05330f8cc | 716 | chal_len = cstate->chal_len; |
| darran | 0:55a05330f8cc | 717 | name_len = (int)strlen(cstate->chal_name); |
| darran | 0:55a05330f8cc | 718 | outlen = CHAP_HEADERLEN + sizeof (u_char) + chal_len + name_len; |
| darran | 0:55a05330f8cc | 719 | outp = outpacket_buf[cstate->unit]; |
| darran | 0:55a05330f8cc | 720 | |
| darran | 0:55a05330f8cc | 721 | MAKEHEADER(outp, PPP_CHAP); /* paste in a CHAP header */ |
| darran | 0:55a05330f8cc | 722 | |
| darran | 0:55a05330f8cc | 723 | PUTCHAR(CHAP_CHALLENGE, outp); |
| darran | 0:55a05330f8cc | 724 | PUTCHAR(cstate->chal_id, outp); |
| darran | 0:55a05330f8cc | 725 | PUTSHORT(outlen, outp); |
| darran | 0:55a05330f8cc | 726 | |
| darran | 0:55a05330f8cc | 727 | PUTCHAR(chal_len, outp); /* put length of challenge */ |
| darran | 0:55a05330f8cc | 728 | BCOPY(cstate->challenge, outp, chal_len); |
| darran | 0:55a05330f8cc | 729 | INCPTR(chal_len, outp); |
| darran | 0:55a05330f8cc | 730 | |
| darran | 0:55a05330f8cc | 731 | BCOPY(cstate->chal_name, outp, name_len); /* append hostname */ |
| darran | 0:55a05330f8cc | 732 | |
| darran | 0:55a05330f8cc | 733 | pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN); |
| darran | 0:55a05330f8cc | 734 | |
| darran | 0:55a05330f8cc | 735 | CHAPDEBUG(LOG_INFO, ("ChapSendChallenge: Sent id %d.\n", cstate->chal_id)); |
| darran | 0:55a05330f8cc | 736 | |
| darran | 0:55a05330f8cc | 737 | TIMEOUT(ChapChallengeTimeout, cstate, cstate->timeouttime); |
| darran | 0:55a05330f8cc | 738 | ++cstate->chal_transmits; |
| darran | 0:55a05330f8cc | 739 | } |
| darran | 0:55a05330f8cc | 740 | |
| darran | 0:55a05330f8cc | 741 | |
| darran | 0:55a05330f8cc | 742 | /* |
| darran | 0:55a05330f8cc | 743 | * ChapSendStatus - Send a status response (ack or nak). |
| darran | 0:55a05330f8cc | 744 | */ |
| darran | 0:55a05330f8cc | 745 | static void |
| darran | 0:55a05330f8cc | 746 | ChapSendStatus(chap_state *cstate, int code) |
| darran | 0:55a05330f8cc | 747 | { |
| darran | 0:55a05330f8cc | 748 | u_char *outp; |
| darran | 0:55a05330f8cc | 749 | int outlen, msglen; |
| darran | 0:55a05330f8cc | 750 | char msg[256]; /* @todo: this can be a char*, no strcpy needed */ |
| darran | 0:55a05330f8cc | 751 | |
| darran | 0:55a05330f8cc | 752 | if (code == CHAP_SUCCESS) { |
| darran | 0:55a05330f8cc | 753 | strcpy(msg, "Welcome!"); |
| darran | 0:55a05330f8cc | 754 | } else { |
| darran | 0:55a05330f8cc | 755 | strcpy(msg, "I don't like you. Go 'way."); |
| darran | 0:55a05330f8cc | 756 | } |
| darran | 0:55a05330f8cc | 757 | msglen = (int)strlen(msg); |
| darran | 0:55a05330f8cc | 758 | |
| darran | 0:55a05330f8cc | 759 | outlen = CHAP_HEADERLEN + msglen; |
| darran | 0:55a05330f8cc | 760 | outp = outpacket_buf[cstate->unit]; |
| darran | 0:55a05330f8cc | 761 | |
| darran | 0:55a05330f8cc | 762 | MAKEHEADER(outp, PPP_CHAP); /* paste in a header */ |
| darran | 0:55a05330f8cc | 763 | |
| darran | 0:55a05330f8cc | 764 | PUTCHAR(code, outp); |
| darran | 0:55a05330f8cc | 765 | PUTCHAR(cstate->chal_id, outp); |
| darran | 0:55a05330f8cc | 766 | PUTSHORT(outlen, outp); |
| darran | 0:55a05330f8cc | 767 | BCOPY(msg, outp, msglen); |
| darran | 0:55a05330f8cc | 768 | pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN); |
| darran | 0:55a05330f8cc | 769 | |
| darran | 0:55a05330f8cc | 770 | CHAPDEBUG(LOG_INFO, ("ChapSendStatus: Sent code %d, id %d.\n", code, |
| darran | 0:55a05330f8cc | 771 | cstate->chal_id)); |
| darran | 0:55a05330f8cc | 772 | } |
| darran | 0:55a05330f8cc | 773 | |
| darran | 0:55a05330f8cc | 774 | /* |
| darran | 0:55a05330f8cc | 775 | * ChapGenChallenge is used to generate a pseudo-random challenge string of |
| darran | 0:55a05330f8cc | 776 | * a pseudo-random length between min_len and max_len. The challenge |
| darran | 0:55a05330f8cc | 777 | * string and its length are stored in *cstate, and various other fields of |
| darran | 0:55a05330f8cc | 778 | * *cstate are initialized. |
| darran | 0:55a05330f8cc | 779 | */ |
| darran | 0:55a05330f8cc | 780 | |
| darran | 0:55a05330f8cc | 781 | static void |
| darran | 0:55a05330f8cc | 782 | ChapGenChallenge(chap_state *cstate) |
| darran | 0:55a05330f8cc | 783 | { |
| darran | 0:55a05330f8cc | 784 | int chal_len; |
| darran | 0:55a05330f8cc | 785 | u_char *ptr = cstate->challenge; |
| darran | 0:55a05330f8cc | 786 | int i; |
| darran | 0:55a05330f8cc | 787 | |
| darran | 0:55a05330f8cc | 788 | /* pick a random challenge length between MIN_CHALLENGE_LENGTH and |
| darran | 0:55a05330f8cc | 789 | MAX_CHALLENGE_LENGTH */ |
| darran | 0:55a05330f8cc | 790 | chal_len = (unsigned) |
| darran | 0:55a05330f8cc | 791 | ((((magic() >> 16) * |
| darran | 0:55a05330f8cc | 792 | (MAX_CHALLENGE_LENGTH - MIN_CHALLENGE_LENGTH)) >> 16) |
| darran | 0:55a05330f8cc | 793 | + MIN_CHALLENGE_LENGTH); |
| darran | 0:55a05330f8cc | 794 | LWIP_ASSERT("chal_len <= 0xff", chal_len <= 0xffff); |
| darran | 0:55a05330f8cc | 795 | cstate->chal_len = (u_char)chal_len; |
| darran | 0:55a05330f8cc | 796 | cstate->chal_id = ++cstate->id; |
| darran | 0:55a05330f8cc | 797 | cstate->chal_transmits = 0; |
| darran | 0:55a05330f8cc | 798 | |
| darran | 0:55a05330f8cc | 799 | /* generate a random string */ |
| darran | 0:55a05330f8cc | 800 | for (i = 0; i < chal_len; i++ ) { |
| darran | 0:55a05330f8cc | 801 | *ptr++ = (char) (magic() & 0xff); |
| darran | 0:55a05330f8cc | 802 | } |
| darran | 0:55a05330f8cc | 803 | } |
| darran | 0:55a05330f8cc | 804 | |
| darran | 0:55a05330f8cc | 805 | /* |
| darran | 0:55a05330f8cc | 806 | * ChapSendResponse - send a response packet with values as specified |
| darran | 0:55a05330f8cc | 807 | * in *cstate. |
| darran | 0:55a05330f8cc | 808 | */ |
| darran | 0:55a05330f8cc | 809 | /* ARGSUSED */ |
| darran | 0:55a05330f8cc | 810 | static void |
| darran | 0:55a05330f8cc | 811 | ChapSendResponse(chap_state *cstate) |
| darran | 0:55a05330f8cc | 812 | { |
| darran | 0:55a05330f8cc | 813 | u_char *outp; |
| darran | 0:55a05330f8cc | 814 | int outlen, md_len, name_len; |
| darran | 0:55a05330f8cc | 815 | |
| darran | 0:55a05330f8cc | 816 | md_len = cstate->resp_length; |
| darran | 0:55a05330f8cc | 817 | name_len = (int)strlen(cstate->resp_name); |
| darran | 0:55a05330f8cc | 818 | outlen = CHAP_HEADERLEN + sizeof (u_char) + md_len + name_len; |
| darran | 0:55a05330f8cc | 819 | outp = outpacket_buf[cstate->unit]; |
| darran | 0:55a05330f8cc | 820 | |
| darran | 0:55a05330f8cc | 821 | MAKEHEADER(outp, PPP_CHAP); |
| darran | 0:55a05330f8cc | 822 | |
| darran | 0:55a05330f8cc | 823 | PUTCHAR(CHAP_RESPONSE, outp); /* we are a response */ |
| darran | 0:55a05330f8cc | 824 | PUTCHAR(cstate->resp_id, outp); /* copy id from challenge packet */ |
| darran | 0:55a05330f8cc | 825 | PUTSHORT(outlen, outp); /* packet length */ |
| darran | 0:55a05330f8cc | 826 | |
| darran | 0:55a05330f8cc | 827 | PUTCHAR(md_len, outp); /* length of MD */ |
| darran | 0:55a05330f8cc | 828 | BCOPY(cstate->response, outp, md_len); /* copy MD to buffer */ |
| darran | 0:55a05330f8cc | 829 | INCPTR(md_len, outp); |
| darran | 0:55a05330f8cc | 830 | |
| darran | 0:55a05330f8cc | 831 | BCOPY(cstate->resp_name, outp, name_len); /* append our name */ |
| darran | 0:55a05330f8cc | 832 | |
| darran | 0:55a05330f8cc | 833 | /* send the packet */ |
| darran | 0:55a05330f8cc | 834 | pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN); |
| darran | 0:55a05330f8cc | 835 | |
| darran | 0:55a05330f8cc | 836 | cstate->clientstate = CHAPCS_RESPONSE; |
| darran | 0:55a05330f8cc | 837 | TIMEOUT(ChapResponseTimeout, cstate, cstate->timeouttime); |
| darran | 0:55a05330f8cc | 838 | ++cstate->resp_transmits; |
| darran | 0:55a05330f8cc | 839 | } |
| darran | 0:55a05330f8cc | 840 | |
| darran | 0:55a05330f8cc | 841 | #if PPP_ADDITIONAL_CALLBACKS |
| darran | 0:55a05330f8cc | 842 | static char *ChapCodenames[] = { |
| darran | 0:55a05330f8cc | 843 | "Challenge", "Response", "Success", "Failure" |
| darran | 0:55a05330f8cc | 844 | }; |
| darran | 0:55a05330f8cc | 845 | /* |
| darran | 0:55a05330f8cc | 846 | * ChapPrintPkt - print the contents of a CHAP packet. |
| darran | 0:55a05330f8cc | 847 | */ |
| darran | 0:55a05330f8cc | 848 | static int |
| darran | 0:55a05330f8cc | 849 | ChapPrintPkt( u_char *p, int plen, void (*printer) (void *, char *, ...), void *arg) |
| darran | 0:55a05330f8cc | 850 | { |
| darran | 0:55a05330f8cc | 851 | int code, id, len; |
| darran | 0:55a05330f8cc | 852 | int clen, nlen; |
| darran | 0:55a05330f8cc | 853 | u_char x; |
| darran | 0:55a05330f8cc | 854 | |
| darran | 0:55a05330f8cc | 855 | if (plen < CHAP_HEADERLEN) { |
| darran | 0:55a05330f8cc | 856 | return 0; |
| darran | 0:55a05330f8cc | 857 | } |
| darran | 0:55a05330f8cc | 858 | GETCHAR(code, p); |
| darran | 0:55a05330f8cc | 859 | GETCHAR(id, p); |
| darran | 0:55a05330f8cc | 860 | GETSHORT(len, p); |
| darran | 0:55a05330f8cc | 861 | if (len < CHAP_HEADERLEN || len > plen) { |
| darran | 0:55a05330f8cc | 862 | return 0; |
| darran | 0:55a05330f8cc | 863 | } |
| darran | 0:55a05330f8cc | 864 | |
| darran | 0:55a05330f8cc | 865 | if (code >= 1 && code <= sizeof(ChapCodenames) / sizeof(char *)) { |
| darran | 0:55a05330f8cc | 866 | printer(arg, " %s", ChapCodenames[code-1]); |
| darran | 0:55a05330f8cc | 867 | } else { |
| darran | 0:55a05330f8cc | 868 | printer(arg, " code=0x%x", code); |
| darran | 0:55a05330f8cc | 869 | } |
| darran | 0:55a05330f8cc | 870 | printer(arg, " id=0x%x", id); |
| darran | 0:55a05330f8cc | 871 | len -= CHAP_HEADERLEN; |
| darran | 0:55a05330f8cc | 872 | switch (code) { |
| darran | 0:55a05330f8cc | 873 | case CHAP_CHALLENGE: |
| darran | 0:55a05330f8cc | 874 | case CHAP_RESPONSE: |
| darran | 0:55a05330f8cc | 875 | if (len < 1) { |
| darran | 0:55a05330f8cc | 876 | break; |
| darran | 0:55a05330f8cc | 877 | } |
| darran | 0:55a05330f8cc | 878 | clen = p[0]; |
| darran | 0:55a05330f8cc | 879 | if (len < clen + 1) { |
| darran | 0:55a05330f8cc | 880 | break; |
| darran | 0:55a05330f8cc | 881 | } |
| darran | 0:55a05330f8cc | 882 | ++p; |
| darran | 0:55a05330f8cc | 883 | nlen = len - clen - 1; |
| darran | 0:55a05330f8cc | 884 | printer(arg, " <"); |
| darran | 0:55a05330f8cc | 885 | for (; clen > 0; --clen) { |
| darran | 0:55a05330f8cc | 886 | GETCHAR(x, p); |
| darran | 0:55a05330f8cc | 887 | printer(arg, "%.2x", x); |
| darran | 0:55a05330f8cc | 888 | } |
| darran | 0:55a05330f8cc | 889 | printer(arg, ">, name = %.*Z", nlen, p); |
| darran | 0:55a05330f8cc | 890 | break; |
| darran | 0:55a05330f8cc | 891 | case CHAP_FAILURE: |
| darran | 0:55a05330f8cc | 892 | case CHAP_SUCCESS: |
| darran | 0:55a05330f8cc | 893 | printer(arg, " %.*Z", len, p); |
| darran | 0:55a05330f8cc | 894 | break; |
| darran | 0:55a05330f8cc | 895 | default: |
| darran | 0:55a05330f8cc | 896 | for (clen = len; clen > 0; --clen) { |
| darran | 0:55a05330f8cc | 897 | GETCHAR(x, p); |
| darran | 0:55a05330f8cc | 898 | printer(arg, " %.2x", x); |
| darran | 0:55a05330f8cc | 899 | } |
| darran | 0:55a05330f8cc | 900 | } |
| darran | 0:55a05330f8cc | 901 | |
| darran | 0:55a05330f8cc | 902 | return len + CHAP_HEADERLEN; |
| darran | 0:55a05330f8cc | 903 | } |
| darran | 0:55a05330f8cc | 904 | #endif /* PPP_ADDITIONAL_CALLBACKS */ |
| darran | 0:55a05330f8cc | 905 | |
| darran | 0:55a05330f8cc | 906 | #endif /* CHAP_SUPPORT */ |
| darran | 0:55a05330f8cc | 907 | |
| darran | 0:55a05330f8cc | 908 | #endif /* PPP_SUPPORT */ |