Ethernet test for ECE 4180 and others to find your IP address and do a simple HTTP GET request over port 80.
Dependencies: mbed Socket lwip-eth lwip-sys lwip
EthernetInterface/lwip/netif/ppp/chap.c@0:e7ca326e76ee, 2013-04-04 (annotated)
- Committer:
- mkersh3
- Date:
- Thu Apr 04 05:26:09 2013 +0000
- Revision:
- 0:e7ca326e76ee
Ethernet Test for ECE4180 and others to find their IP Address and do a simple HTTP GET request over port 80.
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
mkersh3 | 0:e7ca326e76ee | 1 | /*** WARNING - THIS HAS NEVER BEEN FINISHED ***/ |
mkersh3 | 0:e7ca326e76ee | 2 | /***************************************************************************** |
mkersh3 | 0:e7ca326e76ee | 3 | * chap.c - Network Challenge Handshake Authentication Protocol program file. |
mkersh3 | 0:e7ca326e76ee | 4 | * |
mkersh3 | 0:e7ca326e76ee | 5 | * Copyright (c) 2003 by Marc Boucher, Services Informatiques (MBSI) inc. |
mkersh3 | 0:e7ca326e76ee | 6 | * portions Copyright (c) 1997 by Global Election Systems Inc. |
mkersh3 | 0:e7ca326e76ee | 7 | * |
mkersh3 | 0:e7ca326e76ee | 8 | * The authors hereby grant permission to use, copy, modify, distribute, |
mkersh3 | 0:e7ca326e76ee | 9 | * and license this software and its documentation for any purpose, provided |
mkersh3 | 0:e7ca326e76ee | 10 | * that existing copyright notices are retained in all copies and that this |
mkersh3 | 0:e7ca326e76ee | 11 | * notice and the following disclaimer are included verbatim in any |
mkersh3 | 0:e7ca326e76ee | 12 | * distributions. No written agreement, license, or royalty fee is required |
mkersh3 | 0:e7ca326e76ee | 13 | * for any of the authorized uses. |
mkersh3 | 0:e7ca326e76ee | 14 | * |
mkersh3 | 0:e7ca326e76ee | 15 | * THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS *AS IS* AND ANY EXPRESS OR |
mkersh3 | 0:e7ca326e76ee | 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
mkersh3 | 0:e7ca326e76ee | 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
mkersh3 | 0:e7ca326e76ee | 18 | * IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
mkersh3 | 0:e7ca326e76ee | 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
mkersh3 | 0:e7ca326e76ee | 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
mkersh3 | 0:e7ca326e76ee | 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
mkersh3 | 0:e7ca326e76ee | 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
mkersh3 | 0:e7ca326e76ee | 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
mkersh3 | 0:e7ca326e76ee | 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
mkersh3 | 0:e7ca326e76ee | 25 | * |
mkersh3 | 0:e7ca326e76ee | 26 | ****************************************************************************** |
mkersh3 | 0:e7ca326e76ee | 27 | * REVISION HISTORY |
mkersh3 | 0:e7ca326e76ee | 28 | * |
mkersh3 | 0:e7ca326e76ee | 29 | * 03-01-01 Marc Boucher <marc@mbsi.ca> |
mkersh3 | 0:e7ca326e76ee | 30 | * Ported to lwIP. |
mkersh3 | 0:e7ca326e76ee | 31 | * 97-12-04 Guy Lancaster <lancasterg@acm.org>, Global Election Systems Inc. |
mkersh3 | 0:e7ca326e76ee | 32 | * Original based on BSD chap.c. |
mkersh3 | 0:e7ca326e76ee | 33 | *****************************************************************************/ |
mkersh3 | 0:e7ca326e76ee | 34 | /* |
mkersh3 | 0:e7ca326e76ee | 35 | * chap.c - Challenge Handshake Authentication Protocol. |
mkersh3 | 0:e7ca326e76ee | 36 | * |
mkersh3 | 0:e7ca326e76ee | 37 | * Copyright (c) 1993 The Australian National University. |
mkersh3 | 0:e7ca326e76ee | 38 | * All rights reserved. |
mkersh3 | 0:e7ca326e76ee | 39 | * |
mkersh3 | 0:e7ca326e76ee | 40 | * Redistribution and use in source and binary forms are permitted |
mkersh3 | 0:e7ca326e76ee | 41 | * provided that the above copyright notice and this paragraph are |
mkersh3 | 0:e7ca326e76ee | 42 | * duplicated in all such forms and that any documentation, |
mkersh3 | 0:e7ca326e76ee | 43 | * advertising materials, and other materials related to such |
mkersh3 | 0:e7ca326e76ee | 44 | * distribution and use acknowledge that the software was developed |
mkersh3 | 0:e7ca326e76ee | 45 | * by the Australian National University. The name of the University |
mkersh3 | 0:e7ca326e76ee | 46 | * may not be used to endorse or promote products derived from this |
mkersh3 | 0:e7ca326e76ee | 47 | * software without specific prior written permission. |
mkersh3 | 0:e7ca326e76ee | 48 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR |
mkersh3 | 0:e7ca326e76ee | 49 | * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED |
mkersh3 | 0:e7ca326e76ee | 50 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. |
mkersh3 | 0:e7ca326e76ee | 51 | * |
mkersh3 | 0:e7ca326e76ee | 52 | * Copyright (c) 1991 Gregory M. Christy. |
mkersh3 | 0:e7ca326e76ee | 53 | * All rights reserved. |
mkersh3 | 0:e7ca326e76ee | 54 | * |
mkersh3 | 0:e7ca326e76ee | 55 | * Redistribution and use in source and binary forms are permitted |
mkersh3 | 0:e7ca326e76ee | 56 | * provided that the above copyright notice and this paragraph are |
mkersh3 | 0:e7ca326e76ee | 57 | * duplicated in all such forms and that any documentation, |
mkersh3 | 0:e7ca326e76ee | 58 | * advertising materials, and other materials related to such |
mkersh3 | 0:e7ca326e76ee | 59 | * distribution and use acknowledge that the software was developed |
mkersh3 | 0:e7ca326e76ee | 60 | * by Gregory M. Christy. The name of the author may not be used to |
mkersh3 | 0:e7ca326e76ee | 61 | * endorse or promote products derived from this software without |
mkersh3 | 0:e7ca326e76ee | 62 | * specific prior written permission. |
mkersh3 | 0:e7ca326e76ee | 63 | * |
mkersh3 | 0:e7ca326e76ee | 64 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR |
mkersh3 | 0:e7ca326e76ee | 65 | * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED |
mkersh3 | 0:e7ca326e76ee | 66 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. |
mkersh3 | 0:e7ca326e76ee | 67 | */ |
mkersh3 | 0:e7ca326e76ee | 68 | |
mkersh3 | 0:e7ca326e76ee | 69 | #include "lwip/opt.h" |
mkersh3 | 0:e7ca326e76ee | 70 | |
mkersh3 | 0:e7ca326e76ee | 71 | #if PPP_SUPPORT /* don't build if not configured for use in lwipopts.h */ |
mkersh3 | 0:e7ca326e76ee | 72 | |
mkersh3 | 0:e7ca326e76ee | 73 | #if CHAP_SUPPORT /* don't build if not configured for use in lwipopts.h */ |
mkersh3 | 0:e7ca326e76ee | 74 | |
mkersh3 | 0:e7ca326e76ee | 75 | #include "ppp.h" |
mkersh3 | 0:e7ca326e76ee | 76 | #include "pppdebug.h" |
mkersh3 | 0:e7ca326e76ee | 77 | |
mkersh3 | 0:e7ca326e76ee | 78 | #include "magic.h" |
mkersh3 | 0:e7ca326e76ee | 79 | #include "randm.h" |
mkersh3 | 0:e7ca326e76ee | 80 | #include "auth.h" |
mkersh3 | 0:e7ca326e76ee | 81 | #include "md5.h" |
mkersh3 | 0:e7ca326e76ee | 82 | #include "chap.h" |
mkersh3 | 0:e7ca326e76ee | 83 | #include "chpms.h" |
mkersh3 | 0:e7ca326e76ee | 84 | |
mkersh3 | 0:e7ca326e76ee | 85 | #include <string.h> |
mkersh3 | 0:e7ca326e76ee | 86 | |
mkersh3 | 0:e7ca326e76ee | 87 | #if 0 /* UNUSED */ |
mkersh3 | 0:e7ca326e76ee | 88 | /* |
mkersh3 | 0:e7ca326e76ee | 89 | * Command-line options. |
mkersh3 | 0:e7ca326e76ee | 90 | */ |
mkersh3 | 0:e7ca326e76ee | 91 | static option_t chap_option_list[] = { |
mkersh3 | 0:e7ca326e76ee | 92 | { "chap-restart", o_int, &chap[0].timeouttime, |
mkersh3 | 0:e7ca326e76ee | 93 | "Set timeout for CHAP" }, |
mkersh3 | 0:e7ca326e76ee | 94 | { "chap-max-challenge", o_int, &chap[0].max_transmits, |
mkersh3 | 0:e7ca326e76ee | 95 | "Set max #xmits for challenge" }, |
mkersh3 | 0:e7ca326e76ee | 96 | { "chap-interval", o_int, &chap[0].chal_interval, |
mkersh3 | 0:e7ca326e76ee | 97 | "Set interval for rechallenge" }, |
mkersh3 | 0:e7ca326e76ee | 98 | #ifdef MSLANMAN |
mkersh3 | 0:e7ca326e76ee | 99 | { "ms-lanman", o_bool, &ms_lanman, |
mkersh3 | 0:e7ca326e76ee | 100 | "Use LanMan passwd when using MS-CHAP", 1 }, |
mkersh3 | 0:e7ca326e76ee | 101 | #endif |
mkersh3 | 0:e7ca326e76ee | 102 | { NULL } |
mkersh3 | 0:e7ca326e76ee | 103 | }; |
mkersh3 | 0:e7ca326e76ee | 104 | #endif /* UNUSED */ |
mkersh3 | 0:e7ca326e76ee | 105 | |
mkersh3 | 0:e7ca326e76ee | 106 | /* |
mkersh3 | 0:e7ca326e76ee | 107 | * Protocol entry points. |
mkersh3 | 0:e7ca326e76ee | 108 | */ |
mkersh3 | 0:e7ca326e76ee | 109 | static void ChapInit (int); |
mkersh3 | 0:e7ca326e76ee | 110 | static void ChapLowerUp (int); |
mkersh3 | 0:e7ca326e76ee | 111 | static void ChapLowerDown (int); |
mkersh3 | 0:e7ca326e76ee | 112 | static void ChapInput (int, u_char *, int); |
mkersh3 | 0:e7ca326e76ee | 113 | static void ChapProtocolReject (int); |
mkersh3 | 0:e7ca326e76ee | 114 | #if PPP_ADDITIONAL_CALLBACKS |
mkersh3 | 0:e7ca326e76ee | 115 | static int ChapPrintPkt (u_char *, int, void (*) (void *, char *, ...), void *); |
mkersh3 | 0:e7ca326e76ee | 116 | #endif |
mkersh3 | 0:e7ca326e76ee | 117 | |
mkersh3 | 0:e7ca326e76ee | 118 | struct protent chap_protent = { |
mkersh3 | 0:e7ca326e76ee | 119 | PPP_CHAP, |
mkersh3 | 0:e7ca326e76ee | 120 | ChapInit, |
mkersh3 | 0:e7ca326e76ee | 121 | ChapInput, |
mkersh3 | 0:e7ca326e76ee | 122 | ChapProtocolReject, |
mkersh3 | 0:e7ca326e76ee | 123 | ChapLowerUp, |
mkersh3 | 0:e7ca326e76ee | 124 | ChapLowerDown, |
mkersh3 | 0:e7ca326e76ee | 125 | NULL, |
mkersh3 | 0:e7ca326e76ee | 126 | NULL, |
mkersh3 | 0:e7ca326e76ee | 127 | #if PPP_ADDITIONAL_CALLBACKS |
mkersh3 | 0:e7ca326e76ee | 128 | ChapPrintPkt, |
mkersh3 | 0:e7ca326e76ee | 129 | NULL, |
mkersh3 | 0:e7ca326e76ee | 130 | #endif /* PPP_ADDITIONAL_CALLBACKS */ |
mkersh3 | 0:e7ca326e76ee | 131 | 1, |
mkersh3 | 0:e7ca326e76ee | 132 | "CHAP", |
mkersh3 | 0:e7ca326e76ee | 133 | #if PPP_ADDITIONAL_CALLBACKS |
mkersh3 | 0:e7ca326e76ee | 134 | NULL, |
mkersh3 | 0:e7ca326e76ee | 135 | NULL, |
mkersh3 | 0:e7ca326e76ee | 136 | NULL |
mkersh3 | 0:e7ca326e76ee | 137 | #endif /* PPP_ADDITIONAL_CALLBACKS */ |
mkersh3 | 0:e7ca326e76ee | 138 | }; |
mkersh3 | 0:e7ca326e76ee | 139 | |
mkersh3 | 0:e7ca326e76ee | 140 | chap_state chap[NUM_PPP]; /* CHAP state; one for each unit */ |
mkersh3 | 0:e7ca326e76ee | 141 | |
mkersh3 | 0:e7ca326e76ee | 142 | static void ChapChallengeTimeout (void *); |
mkersh3 | 0:e7ca326e76ee | 143 | static void ChapResponseTimeout (void *); |
mkersh3 | 0:e7ca326e76ee | 144 | static void ChapReceiveChallenge (chap_state *, u_char *, u_char, int); |
mkersh3 | 0:e7ca326e76ee | 145 | static void ChapRechallenge (void *); |
mkersh3 | 0:e7ca326e76ee | 146 | static void ChapReceiveResponse (chap_state *, u_char *, int, int); |
mkersh3 | 0:e7ca326e76ee | 147 | static void ChapReceiveSuccess(chap_state *cstate, u_char *inp, u_char id, int len); |
mkersh3 | 0:e7ca326e76ee | 148 | static void ChapReceiveFailure(chap_state *cstate, u_char *inp, u_char id, int len); |
mkersh3 | 0:e7ca326e76ee | 149 | static void ChapSendStatus (chap_state *, int); |
mkersh3 | 0:e7ca326e76ee | 150 | static void ChapSendChallenge (chap_state *); |
mkersh3 | 0:e7ca326e76ee | 151 | static void ChapSendResponse (chap_state *); |
mkersh3 | 0:e7ca326e76ee | 152 | static void ChapGenChallenge (chap_state *); |
mkersh3 | 0:e7ca326e76ee | 153 | |
mkersh3 | 0:e7ca326e76ee | 154 | /* |
mkersh3 | 0:e7ca326e76ee | 155 | * ChapInit - Initialize a CHAP unit. |
mkersh3 | 0:e7ca326e76ee | 156 | */ |
mkersh3 | 0:e7ca326e76ee | 157 | static void |
mkersh3 | 0:e7ca326e76ee | 158 | ChapInit(int unit) |
mkersh3 | 0:e7ca326e76ee | 159 | { |
mkersh3 | 0:e7ca326e76ee | 160 | chap_state *cstate = &chap[unit]; |
mkersh3 | 0:e7ca326e76ee | 161 | |
mkersh3 | 0:e7ca326e76ee | 162 | BZERO(cstate, sizeof(*cstate)); |
mkersh3 | 0:e7ca326e76ee | 163 | cstate->unit = unit; |
mkersh3 | 0:e7ca326e76ee | 164 | cstate->clientstate = CHAPCS_INITIAL; |
mkersh3 | 0:e7ca326e76ee | 165 | cstate->serverstate = CHAPSS_INITIAL; |
mkersh3 | 0:e7ca326e76ee | 166 | cstate->timeouttime = CHAP_DEFTIMEOUT; |
mkersh3 | 0:e7ca326e76ee | 167 | cstate->max_transmits = CHAP_DEFTRANSMITS; |
mkersh3 | 0:e7ca326e76ee | 168 | /* random number generator is initialized in magic_init */ |
mkersh3 | 0:e7ca326e76ee | 169 | } |
mkersh3 | 0:e7ca326e76ee | 170 | |
mkersh3 | 0:e7ca326e76ee | 171 | |
mkersh3 | 0:e7ca326e76ee | 172 | /* |
mkersh3 | 0:e7ca326e76ee | 173 | * ChapAuthWithPeer - Authenticate us with our peer (start client). |
mkersh3 | 0:e7ca326e76ee | 174 | * |
mkersh3 | 0:e7ca326e76ee | 175 | */ |
mkersh3 | 0:e7ca326e76ee | 176 | void |
mkersh3 | 0:e7ca326e76ee | 177 | ChapAuthWithPeer(int unit, char *our_name, u_char digest) |
mkersh3 | 0:e7ca326e76ee | 178 | { |
mkersh3 | 0:e7ca326e76ee | 179 | chap_state *cstate = &chap[unit]; |
mkersh3 | 0:e7ca326e76ee | 180 | |
mkersh3 | 0:e7ca326e76ee | 181 | cstate->resp_name = our_name; |
mkersh3 | 0:e7ca326e76ee | 182 | cstate->resp_type = digest; |
mkersh3 | 0:e7ca326e76ee | 183 | |
mkersh3 | 0:e7ca326e76ee | 184 | if (cstate->clientstate == CHAPCS_INITIAL || |
mkersh3 | 0:e7ca326e76ee | 185 | cstate->clientstate == CHAPCS_PENDING) { |
mkersh3 | 0:e7ca326e76ee | 186 | /* lower layer isn't up - wait until later */ |
mkersh3 | 0:e7ca326e76ee | 187 | cstate->clientstate = CHAPCS_PENDING; |
mkersh3 | 0:e7ca326e76ee | 188 | return; |
mkersh3 | 0:e7ca326e76ee | 189 | } |
mkersh3 | 0:e7ca326e76ee | 190 | |
mkersh3 | 0:e7ca326e76ee | 191 | /* |
mkersh3 | 0:e7ca326e76ee | 192 | * We get here as a result of LCP coming up. |
mkersh3 | 0:e7ca326e76ee | 193 | * So even if CHAP was open before, we will |
mkersh3 | 0:e7ca326e76ee | 194 | * have to re-authenticate ourselves. |
mkersh3 | 0:e7ca326e76ee | 195 | */ |
mkersh3 | 0:e7ca326e76ee | 196 | cstate->clientstate = CHAPCS_LISTEN; |
mkersh3 | 0:e7ca326e76ee | 197 | } |
mkersh3 | 0:e7ca326e76ee | 198 | |
mkersh3 | 0:e7ca326e76ee | 199 | |
mkersh3 | 0:e7ca326e76ee | 200 | /* |
mkersh3 | 0:e7ca326e76ee | 201 | * ChapAuthPeer - Authenticate our peer (start server). |
mkersh3 | 0:e7ca326e76ee | 202 | */ |
mkersh3 | 0:e7ca326e76ee | 203 | void |
mkersh3 | 0:e7ca326e76ee | 204 | ChapAuthPeer(int unit, char *our_name, u_char digest) |
mkersh3 | 0:e7ca326e76ee | 205 | { |
mkersh3 | 0:e7ca326e76ee | 206 | chap_state *cstate = &chap[unit]; |
mkersh3 | 0:e7ca326e76ee | 207 | |
mkersh3 | 0:e7ca326e76ee | 208 | cstate->chal_name = our_name; |
mkersh3 | 0:e7ca326e76ee | 209 | cstate->chal_type = digest; |
mkersh3 | 0:e7ca326e76ee | 210 | |
mkersh3 | 0:e7ca326e76ee | 211 | if (cstate->serverstate == CHAPSS_INITIAL || |
mkersh3 | 0:e7ca326e76ee | 212 | cstate->serverstate == CHAPSS_PENDING) { |
mkersh3 | 0:e7ca326e76ee | 213 | /* lower layer isn't up - wait until later */ |
mkersh3 | 0:e7ca326e76ee | 214 | cstate->serverstate = CHAPSS_PENDING; |
mkersh3 | 0:e7ca326e76ee | 215 | return; |
mkersh3 | 0:e7ca326e76ee | 216 | } |
mkersh3 | 0:e7ca326e76ee | 217 | |
mkersh3 | 0:e7ca326e76ee | 218 | ChapGenChallenge(cstate); |
mkersh3 | 0:e7ca326e76ee | 219 | ChapSendChallenge(cstate); /* crank it up dude! */ |
mkersh3 | 0:e7ca326e76ee | 220 | cstate->serverstate = CHAPSS_INITIAL_CHAL; |
mkersh3 | 0:e7ca326e76ee | 221 | } |
mkersh3 | 0:e7ca326e76ee | 222 | |
mkersh3 | 0:e7ca326e76ee | 223 | |
mkersh3 | 0:e7ca326e76ee | 224 | /* |
mkersh3 | 0:e7ca326e76ee | 225 | * ChapChallengeTimeout - Timeout expired on sending challenge. |
mkersh3 | 0:e7ca326e76ee | 226 | */ |
mkersh3 | 0:e7ca326e76ee | 227 | static void |
mkersh3 | 0:e7ca326e76ee | 228 | ChapChallengeTimeout(void *arg) |
mkersh3 | 0:e7ca326e76ee | 229 | { |
mkersh3 | 0:e7ca326e76ee | 230 | chap_state *cstate = (chap_state *) arg; |
mkersh3 | 0:e7ca326e76ee | 231 | |
mkersh3 | 0:e7ca326e76ee | 232 | /* if we aren't sending challenges, don't worry. then again we */ |
mkersh3 | 0:e7ca326e76ee | 233 | /* probably shouldn't be here either */ |
mkersh3 | 0:e7ca326e76ee | 234 | if (cstate->serverstate != CHAPSS_INITIAL_CHAL && |
mkersh3 | 0:e7ca326e76ee | 235 | cstate->serverstate != CHAPSS_RECHALLENGE) { |
mkersh3 | 0:e7ca326e76ee | 236 | return; |
mkersh3 | 0:e7ca326e76ee | 237 | } |
mkersh3 | 0:e7ca326e76ee | 238 | |
mkersh3 | 0:e7ca326e76ee | 239 | if (cstate->chal_transmits >= cstate->max_transmits) { |
mkersh3 | 0:e7ca326e76ee | 240 | /* give up on peer */ |
mkersh3 | 0:e7ca326e76ee | 241 | CHAPDEBUG(LOG_ERR, ("Peer failed to respond to CHAP challenge\n")); |
mkersh3 | 0:e7ca326e76ee | 242 | cstate->serverstate = CHAPSS_BADAUTH; |
mkersh3 | 0:e7ca326e76ee | 243 | auth_peer_fail(cstate->unit, PPP_CHAP); |
mkersh3 | 0:e7ca326e76ee | 244 | return; |
mkersh3 | 0:e7ca326e76ee | 245 | } |
mkersh3 | 0:e7ca326e76ee | 246 | |
mkersh3 | 0:e7ca326e76ee | 247 | ChapSendChallenge(cstate); /* Re-send challenge */ |
mkersh3 | 0:e7ca326e76ee | 248 | } |
mkersh3 | 0:e7ca326e76ee | 249 | |
mkersh3 | 0:e7ca326e76ee | 250 | |
mkersh3 | 0:e7ca326e76ee | 251 | /* |
mkersh3 | 0:e7ca326e76ee | 252 | * ChapResponseTimeout - Timeout expired on sending response. |
mkersh3 | 0:e7ca326e76ee | 253 | */ |
mkersh3 | 0:e7ca326e76ee | 254 | static void |
mkersh3 | 0:e7ca326e76ee | 255 | ChapResponseTimeout(void *arg) |
mkersh3 | 0:e7ca326e76ee | 256 | { |
mkersh3 | 0:e7ca326e76ee | 257 | chap_state *cstate = (chap_state *) arg; |
mkersh3 | 0:e7ca326e76ee | 258 | |
mkersh3 | 0:e7ca326e76ee | 259 | /* if we aren't sending a response, don't worry. */ |
mkersh3 | 0:e7ca326e76ee | 260 | if (cstate->clientstate != CHAPCS_RESPONSE) { |
mkersh3 | 0:e7ca326e76ee | 261 | return; |
mkersh3 | 0:e7ca326e76ee | 262 | } |
mkersh3 | 0:e7ca326e76ee | 263 | |
mkersh3 | 0:e7ca326e76ee | 264 | ChapSendResponse(cstate); /* re-send response */ |
mkersh3 | 0:e7ca326e76ee | 265 | } |
mkersh3 | 0:e7ca326e76ee | 266 | |
mkersh3 | 0:e7ca326e76ee | 267 | |
mkersh3 | 0:e7ca326e76ee | 268 | /* |
mkersh3 | 0:e7ca326e76ee | 269 | * ChapRechallenge - Time to challenge the peer again. |
mkersh3 | 0:e7ca326e76ee | 270 | */ |
mkersh3 | 0:e7ca326e76ee | 271 | static void |
mkersh3 | 0:e7ca326e76ee | 272 | ChapRechallenge(void *arg) |
mkersh3 | 0:e7ca326e76ee | 273 | { |
mkersh3 | 0:e7ca326e76ee | 274 | chap_state *cstate = (chap_state *) arg; |
mkersh3 | 0:e7ca326e76ee | 275 | |
mkersh3 | 0:e7ca326e76ee | 276 | /* if we aren't sending a response, don't worry. */ |
mkersh3 | 0:e7ca326e76ee | 277 | if (cstate->serverstate != CHAPSS_OPEN) { |
mkersh3 | 0:e7ca326e76ee | 278 | return; |
mkersh3 | 0:e7ca326e76ee | 279 | } |
mkersh3 | 0:e7ca326e76ee | 280 | |
mkersh3 | 0:e7ca326e76ee | 281 | ChapGenChallenge(cstate); |
mkersh3 | 0:e7ca326e76ee | 282 | ChapSendChallenge(cstate); |
mkersh3 | 0:e7ca326e76ee | 283 | cstate->serverstate = CHAPSS_RECHALLENGE; |
mkersh3 | 0:e7ca326e76ee | 284 | } |
mkersh3 | 0:e7ca326e76ee | 285 | |
mkersh3 | 0:e7ca326e76ee | 286 | |
mkersh3 | 0:e7ca326e76ee | 287 | /* |
mkersh3 | 0:e7ca326e76ee | 288 | * ChapLowerUp - The lower layer is up. |
mkersh3 | 0:e7ca326e76ee | 289 | * |
mkersh3 | 0:e7ca326e76ee | 290 | * Start up if we have pending requests. |
mkersh3 | 0:e7ca326e76ee | 291 | */ |
mkersh3 | 0:e7ca326e76ee | 292 | static void |
mkersh3 | 0:e7ca326e76ee | 293 | ChapLowerUp(int unit) |
mkersh3 | 0:e7ca326e76ee | 294 | { |
mkersh3 | 0:e7ca326e76ee | 295 | chap_state *cstate = &chap[unit]; |
mkersh3 | 0:e7ca326e76ee | 296 | |
mkersh3 | 0:e7ca326e76ee | 297 | if (cstate->clientstate == CHAPCS_INITIAL) { |
mkersh3 | 0:e7ca326e76ee | 298 | cstate->clientstate = CHAPCS_CLOSED; |
mkersh3 | 0:e7ca326e76ee | 299 | } else if (cstate->clientstate == CHAPCS_PENDING) { |
mkersh3 | 0:e7ca326e76ee | 300 | cstate->clientstate = CHAPCS_LISTEN; |
mkersh3 | 0:e7ca326e76ee | 301 | } |
mkersh3 | 0:e7ca326e76ee | 302 | |
mkersh3 | 0:e7ca326e76ee | 303 | if (cstate->serverstate == CHAPSS_INITIAL) { |
mkersh3 | 0:e7ca326e76ee | 304 | cstate->serverstate = CHAPSS_CLOSED; |
mkersh3 | 0:e7ca326e76ee | 305 | } else if (cstate->serverstate == CHAPSS_PENDING) { |
mkersh3 | 0:e7ca326e76ee | 306 | ChapGenChallenge(cstate); |
mkersh3 | 0:e7ca326e76ee | 307 | ChapSendChallenge(cstate); |
mkersh3 | 0:e7ca326e76ee | 308 | cstate->serverstate = CHAPSS_INITIAL_CHAL; |
mkersh3 | 0:e7ca326e76ee | 309 | } |
mkersh3 | 0:e7ca326e76ee | 310 | } |
mkersh3 | 0:e7ca326e76ee | 311 | |
mkersh3 | 0:e7ca326e76ee | 312 | |
mkersh3 | 0:e7ca326e76ee | 313 | /* |
mkersh3 | 0:e7ca326e76ee | 314 | * ChapLowerDown - The lower layer is down. |
mkersh3 | 0:e7ca326e76ee | 315 | * |
mkersh3 | 0:e7ca326e76ee | 316 | * Cancel all timeouts. |
mkersh3 | 0:e7ca326e76ee | 317 | */ |
mkersh3 | 0:e7ca326e76ee | 318 | static void |
mkersh3 | 0:e7ca326e76ee | 319 | ChapLowerDown(int unit) |
mkersh3 | 0:e7ca326e76ee | 320 | { |
mkersh3 | 0:e7ca326e76ee | 321 | chap_state *cstate = &chap[unit]; |
mkersh3 | 0:e7ca326e76ee | 322 | |
mkersh3 | 0:e7ca326e76ee | 323 | /* Timeout(s) pending? Cancel if so. */ |
mkersh3 | 0:e7ca326e76ee | 324 | if (cstate->serverstate == CHAPSS_INITIAL_CHAL || |
mkersh3 | 0:e7ca326e76ee | 325 | cstate->serverstate == CHAPSS_RECHALLENGE) { |
mkersh3 | 0:e7ca326e76ee | 326 | UNTIMEOUT(ChapChallengeTimeout, cstate); |
mkersh3 | 0:e7ca326e76ee | 327 | } else if (cstate->serverstate == CHAPSS_OPEN |
mkersh3 | 0:e7ca326e76ee | 328 | && cstate->chal_interval != 0) { |
mkersh3 | 0:e7ca326e76ee | 329 | UNTIMEOUT(ChapRechallenge, cstate); |
mkersh3 | 0:e7ca326e76ee | 330 | } |
mkersh3 | 0:e7ca326e76ee | 331 | if (cstate->clientstate == CHAPCS_RESPONSE) { |
mkersh3 | 0:e7ca326e76ee | 332 | UNTIMEOUT(ChapResponseTimeout, cstate); |
mkersh3 | 0:e7ca326e76ee | 333 | } |
mkersh3 | 0:e7ca326e76ee | 334 | cstate->clientstate = CHAPCS_INITIAL; |
mkersh3 | 0:e7ca326e76ee | 335 | cstate->serverstate = CHAPSS_INITIAL; |
mkersh3 | 0:e7ca326e76ee | 336 | } |
mkersh3 | 0:e7ca326e76ee | 337 | |
mkersh3 | 0:e7ca326e76ee | 338 | |
mkersh3 | 0:e7ca326e76ee | 339 | /* |
mkersh3 | 0:e7ca326e76ee | 340 | * ChapProtocolReject - Peer doesn't grok CHAP. |
mkersh3 | 0:e7ca326e76ee | 341 | */ |
mkersh3 | 0:e7ca326e76ee | 342 | static void |
mkersh3 | 0:e7ca326e76ee | 343 | ChapProtocolReject(int unit) |
mkersh3 | 0:e7ca326e76ee | 344 | { |
mkersh3 | 0:e7ca326e76ee | 345 | chap_state *cstate = &chap[unit]; |
mkersh3 | 0:e7ca326e76ee | 346 | |
mkersh3 | 0:e7ca326e76ee | 347 | if (cstate->serverstate != CHAPSS_INITIAL && |
mkersh3 | 0:e7ca326e76ee | 348 | cstate->serverstate != CHAPSS_CLOSED) { |
mkersh3 | 0:e7ca326e76ee | 349 | auth_peer_fail(unit, PPP_CHAP); |
mkersh3 | 0:e7ca326e76ee | 350 | } |
mkersh3 | 0:e7ca326e76ee | 351 | if (cstate->clientstate != CHAPCS_INITIAL && |
mkersh3 | 0:e7ca326e76ee | 352 | cstate->clientstate != CHAPCS_CLOSED) { |
mkersh3 | 0:e7ca326e76ee | 353 | auth_withpeer_fail(unit, PPP_CHAP); /* lwip: just sets the PPP error code on this unit to PPPERR_AUTHFAIL */ |
mkersh3 | 0:e7ca326e76ee | 354 | } |
mkersh3 | 0:e7ca326e76ee | 355 | ChapLowerDown(unit); /* shutdown chap */ |
mkersh3 | 0:e7ca326e76ee | 356 | } |
mkersh3 | 0:e7ca326e76ee | 357 | |
mkersh3 | 0:e7ca326e76ee | 358 | |
mkersh3 | 0:e7ca326e76ee | 359 | /* |
mkersh3 | 0:e7ca326e76ee | 360 | * ChapInput - Input CHAP packet. |
mkersh3 | 0:e7ca326e76ee | 361 | */ |
mkersh3 | 0:e7ca326e76ee | 362 | static void |
mkersh3 | 0:e7ca326e76ee | 363 | ChapInput(int unit, u_char *inpacket, int packet_len) |
mkersh3 | 0:e7ca326e76ee | 364 | { |
mkersh3 | 0:e7ca326e76ee | 365 | chap_state *cstate = &chap[unit]; |
mkersh3 | 0:e7ca326e76ee | 366 | u_char *inp; |
mkersh3 | 0:e7ca326e76ee | 367 | u_char code, id; |
mkersh3 | 0:e7ca326e76ee | 368 | int len; |
mkersh3 | 0:e7ca326e76ee | 369 | |
mkersh3 | 0:e7ca326e76ee | 370 | /* |
mkersh3 | 0:e7ca326e76ee | 371 | * Parse header (code, id and length). |
mkersh3 | 0:e7ca326e76ee | 372 | * If packet too short, drop it. |
mkersh3 | 0:e7ca326e76ee | 373 | */ |
mkersh3 | 0:e7ca326e76ee | 374 | inp = inpacket; |
mkersh3 | 0:e7ca326e76ee | 375 | if (packet_len < CHAP_HEADERLEN) { |
mkersh3 | 0:e7ca326e76ee | 376 | CHAPDEBUG(LOG_INFO, ("ChapInput: rcvd short header.\n")); |
mkersh3 | 0:e7ca326e76ee | 377 | return; |
mkersh3 | 0:e7ca326e76ee | 378 | } |
mkersh3 | 0:e7ca326e76ee | 379 | GETCHAR(code, inp); |
mkersh3 | 0:e7ca326e76ee | 380 | GETCHAR(id, inp); |
mkersh3 | 0:e7ca326e76ee | 381 | GETSHORT(len, inp); |
mkersh3 | 0:e7ca326e76ee | 382 | if (len < CHAP_HEADERLEN) { |
mkersh3 | 0:e7ca326e76ee | 383 | CHAPDEBUG(LOG_INFO, ("ChapInput: rcvd illegal length.\n")); |
mkersh3 | 0:e7ca326e76ee | 384 | return; |
mkersh3 | 0:e7ca326e76ee | 385 | } |
mkersh3 | 0:e7ca326e76ee | 386 | if (len > packet_len) { |
mkersh3 | 0:e7ca326e76ee | 387 | CHAPDEBUG(LOG_INFO, ("ChapInput: rcvd short packet.\n")); |
mkersh3 | 0:e7ca326e76ee | 388 | return; |
mkersh3 | 0:e7ca326e76ee | 389 | } |
mkersh3 | 0:e7ca326e76ee | 390 | len -= CHAP_HEADERLEN; |
mkersh3 | 0:e7ca326e76ee | 391 | |
mkersh3 | 0:e7ca326e76ee | 392 | /* |
mkersh3 | 0:e7ca326e76ee | 393 | * Action depends on code (as in fact it usually does :-). |
mkersh3 | 0:e7ca326e76ee | 394 | */ |
mkersh3 | 0:e7ca326e76ee | 395 | switch (code) { |
mkersh3 | 0:e7ca326e76ee | 396 | case CHAP_CHALLENGE: |
mkersh3 | 0:e7ca326e76ee | 397 | ChapReceiveChallenge(cstate, inp, id, len); |
mkersh3 | 0:e7ca326e76ee | 398 | break; |
mkersh3 | 0:e7ca326e76ee | 399 | |
mkersh3 | 0:e7ca326e76ee | 400 | case CHAP_RESPONSE: |
mkersh3 | 0:e7ca326e76ee | 401 | ChapReceiveResponse(cstate, inp, id, len); |
mkersh3 | 0:e7ca326e76ee | 402 | break; |
mkersh3 | 0:e7ca326e76ee | 403 | |
mkersh3 | 0:e7ca326e76ee | 404 | case CHAP_FAILURE: |
mkersh3 | 0:e7ca326e76ee | 405 | ChapReceiveFailure(cstate, inp, id, len); |
mkersh3 | 0:e7ca326e76ee | 406 | break; |
mkersh3 | 0:e7ca326e76ee | 407 | |
mkersh3 | 0:e7ca326e76ee | 408 | case CHAP_SUCCESS: |
mkersh3 | 0:e7ca326e76ee | 409 | ChapReceiveSuccess(cstate, inp, id, len); |
mkersh3 | 0:e7ca326e76ee | 410 | break; |
mkersh3 | 0:e7ca326e76ee | 411 | |
mkersh3 | 0:e7ca326e76ee | 412 | default: /* Need code reject? */ |
mkersh3 | 0:e7ca326e76ee | 413 | CHAPDEBUG(LOG_WARNING, ("Unknown CHAP code (%d) received.\n", code)); |
mkersh3 | 0:e7ca326e76ee | 414 | break; |
mkersh3 | 0:e7ca326e76ee | 415 | } |
mkersh3 | 0:e7ca326e76ee | 416 | } |
mkersh3 | 0:e7ca326e76ee | 417 | |
mkersh3 | 0:e7ca326e76ee | 418 | |
mkersh3 | 0:e7ca326e76ee | 419 | /* |
mkersh3 | 0:e7ca326e76ee | 420 | * ChapReceiveChallenge - Receive Challenge and send Response. |
mkersh3 | 0:e7ca326e76ee | 421 | */ |
mkersh3 | 0:e7ca326e76ee | 422 | static void |
mkersh3 | 0:e7ca326e76ee | 423 | ChapReceiveChallenge(chap_state *cstate, u_char *inp, u_char id, int len) |
mkersh3 | 0:e7ca326e76ee | 424 | { |
mkersh3 | 0:e7ca326e76ee | 425 | int rchallenge_len; |
mkersh3 | 0:e7ca326e76ee | 426 | u_char *rchallenge; |
mkersh3 | 0:e7ca326e76ee | 427 | int secret_len; |
mkersh3 | 0:e7ca326e76ee | 428 | char secret[MAXSECRETLEN]; |
mkersh3 | 0:e7ca326e76ee | 429 | char rhostname[256]; |
mkersh3 | 0:e7ca326e76ee | 430 | MD5_CTX mdContext; |
mkersh3 | 0:e7ca326e76ee | 431 | u_char hash[MD5_SIGNATURE_SIZE]; |
mkersh3 | 0:e7ca326e76ee | 432 | |
mkersh3 | 0:e7ca326e76ee | 433 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: Rcvd id %d.\n", id)); |
mkersh3 | 0:e7ca326e76ee | 434 | if (cstate->clientstate == CHAPCS_CLOSED || |
mkersh3 | 0:e7ca326e76ee | 435 | cstate->clientstate == CHAPCS_PENDING) { |
mkersh3 | 0:e7ca326e76ee | 436 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: in state %d\n", |
mkersh3 | 0:e7ca326e76ee | 437 | cstate->clientstate)); |
mkersh3 | 0:e7ca326e76ee | 438 | return; |
mkersh3 | 0:e7ca326e76ee | 439 | } |
mkersh3 | 0:e7ca326e76ee | 440 | |
mkersh3 | 0:e7ca326e76ee | 441 | if (len < 2) { |
mkersh3 | 0:e7ca326e76ee | 442 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: rcvd short packet.\n")); |
mkersh3 | 0:e7ca326e76ee | 443 | return; |
mkersh3 | 0:e7ca326e76ee | 444 | } |
mkersh3 | 0:e7ca326e76ee | 445 | |
mkersh3 | 0:e7ca326e76ee | 446 | GETCHAR(rchallenge_len, inp); |
mkersh3 | 0:e7ca326e76ee | 447 | len -= sizeof (u_char) + rchallenge_len; /* now name field length */ |
mkersh3 | 0:e7ca326e76ee | 448 | if (len < 0) { |
mkersh3 | 0:e7ca326e76ee | 449 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: rcvd short packet.\n")); |
mkersh3 | 0:e7ca326e76ee | 450 | return; |
mkersh3 | 0:e7ca326e76ee | 451 | } |
mkersh3 | 0:e7ca326e76ee | 452 | rchallenge = inp; |
mkersh3 | 0:e7ca326e76ee | 453 | INCPTR(rchallenge_len, inp); |
mkersh3 | 0:e7ca326e76ee | 454 | |
mkersh3 | 0:e7ca326e76ee | 455 | if (len >= (int)sizeof(rhostname)) { |
mkersh3 | 0:e7ca326e76ee | 456 | len = sizeof(rhostname) - 1; |
mkersh3 | 0:e7ca326e76ee | 457 | } |
mkersh3 | 0:e7ca326e76ee | 458 | BCOPY(inp, rhostname, len); |
mkersh3 | 0:e7ca326e76ee | 459 | rhostname[len] = '\000'; |
mkersh3 | 0:e7ca326e76ee | 460 | |
mkersh3 | 0:e7ca326e76ee | 461 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: received name field '%s'\n", |
mkersh3 | 0:e7ca326e76ee | 462 | rhostname)); |
mkersh3 | 0:e7ca326e76ee | 463 | |
mkersh3 | 0:e7ca326e76ee | 464 | /* Microsoft doesn't send their name back in the PPP packet */ |
mkersh3 | 0:e7ca326e76ee | 465 | if (ppp_settings.remote_name[0] != 0 && (ppp_settings.explicit_remote || rhostname[0] == 0)) { |
mkersh3 | 0:e7ca326e76ee | 466 | strncpy(rhostname, ppp_settings.remote_name, sizeof(rhostname)); |
mkersh3 | 0:e7ca326e76ee | 467 | rhostname[sizeof(rhostname) - 1] = 0; |
mkersh3 | 0:e7ca326e76ee | 468 | CHAPDEBUG(LOG_INFO, ("ChapReceiveChallenge: using '%s' as remote name\n", |
mkersh3 | 0:e7ca326e76ee | 469 | rhostname)); |
mkersh3 | 0:e7ca326e76ee | 470 | } |
mkersh3 | 0:e7ca326e76ee | 471 | |
mkersh3 | 0:e7ca326e76ee | 472 | /* get secret for authenticating ourselves with the specified host */ |
mkersh3 | 0:e7ca326e76ee | 473 | if (!get_secret(cstate->unit, cstate->resp_name, rhostname, |
mkersh3 | 0:e7ca326e76ee | 474 | secret, &secret_len, 0)) { |
mkersh3 | 0:e7ca326e76ee | 475 | secret_len = 0; /* assume null secret if can't find one */ |
mkersh3 | 0:e7ca326e76ee | 476 | CHAPDEBUG(LOG_WARNING, ("No CHAP secret found for authenticating us to %s\n", |
mkersh3 | 0:e7ca326e76ee | 477 | rhostname)); |
mkersh3 | 0:e7ca326e76ee | 478 | } |
mkersh3 | 0:e7ca326e76ee | 479 | |
mkersh3 | 0:e7ca326e76ee | 480 | /* cancel response send timeout if necessary */ |
mkersh3 | 0:e7ca326e76ee | 481 | if (cstate->clientstate == CHAPCS_RESPONSE) { |
mkersh3 | 0:e7ca326e76ee | 482 | UNTIMEOUT(ChapResponseTimeout, cstate); |
mkersh3 | 0:e7ca326e76ee | 483 | } |
mkersh3 | 0:e7ca326e76ee | 484 | |
mkersh3 | 0:e7ca326e76ee | 485 | cstate->resp_id = id; |
mkersh3 | 0:e7ca326e76ee | 486 | cstate->resp_transmits = 0; |
mkersh3 | 0:e7ca326e76ee | 487 | |
mkersh3 | 0:e7ca326e76ee | 488 | /* generate MD based on negotiated type */ |
mkersh3 | 0:e7ca326e76ee | 489 | switch (cstate->resp_type) { |
mkersh3 | 0:e7ca326e76ee | 490 | |
mkersh3 | 0:e7ca326e76ee | 491 | case CHAP_DIGEST_MD5: |
mkersh3 | 0:e7ca326e76ee | 492 | MD5Init(&mdContext); |
mkersh3 | 0:e7ca326e76ee | 493 | MD5Update(&mdContext, &cstate->resp_id, 1); |
mkersh3 | 0:e7ca326e76ee | 494 | MD5Update(&mdContext, (u_char*)secret, secret_len); |
mkersh3 | 0:e7ca326e76ee | 495 | MD5Update(&mdContext, rchallenge, rchallenge_len); |
mkersh3 | 0:e7ca326e76ee | 496 | MD5Final(hash, &mdContext); |
mkersh3 | 0:e7ca326e76ee | 497 | BCOPY(hash, cstate->response, MD5_SIGNATURE_SIZE); |
mkersh3 | 0:e7ca326e76ee | 498 | cstate->resp_length = MD5_SIGNATURE_SIZE; |
mkersh3 | 0:e7ca326e76ee | 499 | break; |
mkersh3 | 0:e7ca326e76ee | 500 | |
mkersh3 | 0:e7ca326e76ee | 501 | #if MSCHAP_SUPPORT |
mkersh3 | 0:e7ca326e76ee | 502 | case CHAP_MICROSOFT: |
mkersh3 | 0:e7ca326e76ee | 503 | ChapMS(cstate, rchallenge, rchallenge_len, secret, secret_len); |
mkersh3 | 0:e7ca326e76ee | 504 | break; |
mkersh3 | 0:e7ca326e76ee | 505 | #endif |
mkersh3 | 0:e7ca326e76ee | 506 | |
mkersh3 | 0:e7ca326e76ee | 507 | default: |
mkersh3 | 0:e7ca326e76ee | 508 | CHAPDEBUG(LOG_INFO, ("unknown digest type %d\n", cstate->resp_type)); |
mkersh3 | 0:e7ca326e76ee | 509 | return; |
mkersh3 | 0:e7ca326e76ee | 510 | } |
mkersh3 | 0:e7ca326e76ee | 511 | |
mkersh3 | 0:e7ca326e76ee | 512 | BZERO(secret, sizeof(secret)); |
mkersh3 | 0:e7ca326e76ee | 513 | ChapSendResponse(cstate); |
mkersh3 | 0:e7ca326e76ee | 514 | } |
mkersh3 | 0:e7ca326e76ee | 515 | |
mkersh3 | 0:e7ca326e76ee | 516 | |
mkersh3 | 0:e7ca326e76ee | 517 | /* |
mkersh3 | 0:e7ca326e76ee | 518 | * ChapReceiveResponse - Receive and process response. |
mkersh3 | 0:e7ca326e76ee | 519 | */ |
mkersh3 | 0:e7ca326e76ee | 520 | static void |
mkersh3 | 0:e7ca326e76ee | 521 | ChapReceiveResponse(chap_state *cstate, u_char *inp, int id, int len) |
mkersh3 | 0:e7ca326e76ee | 522 | { |
mkersh3 | 0:e7ca326e76ee | 523 | u_char *remmd, remmd_len; |
mkersh3 | 0:e7ca326e76ee | 524 | int secret_len, old_state; |
mkersh3 | 0:e7ca326e76ee | 525 | int code; |
mkersh3 | 0:e7ca326e76ee | 526 | char rhostname[256]; |
mkersh3 | 0:e7ca326e76ee | 527 | MD5_CTX mdContext; |
mkersh3 | 0:e7ca326e76ee | 528 | char secret[MAXSECRETLEN]; |
mkersh3 | 0:e7ca326e76ee | 529 | u_char hash[MD5_SIGNATURE_SIZE]; |
mkersh3 | 0:e7ca326e76ee | 530 | |
mkersh3 | 0:e7ca326e76ee | 531 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: Rcvd id %d.\n", id)); |
mkersh3 | 0:e7ca326e76ee | 532 | |
mkersh3 | 0:e7ca326e76ee | 533 | if (cstate->serverstate == CHAPSS_CLOSED || |
mkersh3 | 0:e7ca326e76ee | 534 | cstate->serverstate == CHAPSS_PENDING) { |
mkersh3 | 0:e7ca326e76ee | 535 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: in state %d\n", |
mkersh3 | 0:e7ca326e76ee | 536 | cstate->serverstate)); |
mkersh3 | 0:e7ca326e76ee | 537 | return; |
mkersh3 | 0:e7ca326e76ee | 538 | } |
mkersh3 | 0:e7ca326e76ee | 539 | |
mkersh3 | 0:e7ca326e76ee | 540 | if (id != cstate->chal_id) { |
mkersh3 | 0:e7ca326e76ee | 541 | return; /* doesn't match ID of last challenge */ |
mkersh3 | 0:e7ca326e76ee | 542 | } |
mkersh3 | 0:e7ca326e76ee | 543 | |
mkersh3 | 0:e7ca326e76ee | 544 | /* |
mkersh3 | 0:e7ca326e76ee | 545 | * If we have received a duplicate or bogus Response, |
mkersh3 | 0:e7ca326e76ee | 546 | * we have to send the same answer (Success/Failure) |
mkersh3 | 0:e7ca326e76ee | 547 | * as we did for the first Response we saw. |
mkersh3 | 0:e7ca326e76ee | 548 | */ |
mkersh3 | 0:e7ca326e76ee | 549 | if (cstate->serverstate == CHAPSS_OPEN) { |
mkersh3 | 0:e7ca326e76ee | 550 | ChapSendStatus(cstate, CHAP_SUCCESS); |
mkersh3 | 0:e7ca326e76ee | 551 | return; |
mkersh3 | 0:e7ca326e76ee | 552 | } |
mkersh3 | 0:e7ca326e76ee | 553 | if (cstate->serverstate == CHAPSS_BADAUTH) { |
mkersh3 | 0:e7ca326e76ee | 554 | ChapSendStatus(cstate, CHAP_FAILURE); |
mkersh3 | 0:e7ca326e76ee | 555 | return; |
mkersh3 | 0:e7ca326e76ee | 556 | } |
mkersh3 | 0:e7ca326e76ee | 557 | |
mkersh3 | 0:e7ca326e76ee | 558 | if (len < 2) { |
mkersh3 | 0:e7ca326e76ee | 559 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: rcvd short packet.\n")); |
mkersh3 | 0:e7ca326e76ee | 560 | return; |
mkersh3 | 0:e7ca326e76ee | 561 | } |
mkersh3 | 0:e7ca326e76ee | 562 | GETCHAR(remmd_len, inp); /* get length of MD */ |
mkersh3 | 0:e7ca326e76ee | 563 | remmd = inp; /* get pointer to MD */ |
mkersh3 | 0:e7ca326e76ee | 564 | INCPTR(remmd_len, inp); |
mkersh3 | 0:e7ca326e76ee | 565 | |
mkersh3 | 0:e7ca326e76ee | 566 | len -= sizeof (u_char) + remmd_len; |
mkersh3 | 0:e7ca326e76ee | 567 | if (len < 0) { |
mkersh3 | 0:e7ca326e76ee | 568 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: rcvd short packet.\n")); |
mkersh3 | 0:e7ca326e76ee | 569 | return; |
mkersh3 | 0:e7ca326e76ee | 570 | } |
mkersh3 | 0:e7ca326e76ee | 571 | |
mkersh3 | 0:e7ca326e76ee | 572 | UNTIMEOUT(ChapChallengeTimeout, cstate); |
mkersh3 | 0:e7ca326e76ee | 573 | |
mkersh3 | 0:e7ca326e76ee | 574 | if (len >= (int)sizeof(rhostname)) { |
mkersh3 | 0:e7ca326e76ee | 575 | len = sizeof(rhostname) - 1; |
mkersh3 | 0:e7ca326e76ee | 576 | } |
mkersh3 | 0:e7ca326e76ee | 577 | BCOPY(inp, rhostname, len); |
mkersh3 | 0:e7ca326e76ee | 578 | rhostname[len] = '\000'; |
mkersh3 | 0:e7ca326e76ee | 579 | |
mkersh3 | 0:e7ca326e76ee | 580 | CHAPDEBUG(LOG_INFO, ("ChapReceiveResponse: received name field: %s\n", |
mkersh3 | 0:e7ca326e76ee | 581 | rhostname)); |
mkersh3 | 0:e7ca326e76ee | 582 | |
mkersh3 | 0:e7ca326e76ee | 583 | /* |
mkersh3 | 0:e7ca326e76ee | 584 | * Get secret for authenticating them with us, |
mkersh3 | 0:e7ca326e76ee | 585 | * do the hash ourselves, and compare the result. |
mkersh3 | 0:e7ca326e76ee | 586 | */ |
mkersh3 | 0:e7ca326e76ee | 587 | code = CHAP_FAILURE; |
mkersh3 | 0:e7ca326e76ee | 588 | if (!get_secret(cstate->unit, rhostname, cstate->chal_name, |
mkersh3 | 0:e7ca326e76ee | 589 | secret, &secret_len, 1)) { |
mkersh3 | 0:e7ca326e76ee | 590 | CHAPDEBUG(LOG_WARNING, ("No CHAP secret found for authenticating %s\n", |
mkersh3 | 0:e7ca326e76ee | 591 | rhostname)); |
mkersh3 | 0:e7ca326e76ee | 592 | } else { |
mkersh3 | 0:e7ca326e76ee | 593 | /* generate MD based on negotiated type */ |
mkersh3 | 0:e7ca326e76ee | 594 | switch (cstate->chal_type) { |
mkersh3 | 0:e7ca326e76ee | 595 | |
mkersh3 | 0:e7ca326e76ee | 596 | case CHAP_DIGEST_MD5: /* only MD5 is defined for now */ |
mkersh3 | 0:e7ca326e76ee | 597 | if (remmd_len != MD5_SIGNATURE_SIZE) { |
mkersh3 | 0:e7ca326e76ee | 598 | break; /* it's not even the right length */ |
mkersh3 | 0:e7ca326e76ee | 599 | } |
mkersh3 | 0:e7ca326e76ee | 600 | MD5Init(&mdContext); |
mkersh3 | 0:e7ca326e76ee | 601 | MD5Update(&mdContext, &cstate->chal_id, 1); |
mkersh3 | 0:e7ca326e76ee | 602 | MD5Update(&mdContext, (u_char*)secret, secret_len); |
mkersh3 | 0:e7ca326e76ee | 603 | MD5Update(&mdContext, cstate->challenge, cstate->chal_len); |
mkersh3 | 0:e7ca326e76ee | 604 | MD5Final(hash, &mdContext); |
mkersh3 | 0:e7ca326e76ee | 605 | |
mkersh3 | 0:e7ca326e76ee | 606 | /* compare local and remote MDs and send the appropriate status */ |
mkersh3 | 0:e7ca326e76ee | 607 | if (memcmp (hash, remmd, MD5_SIGNATURE_SIZE) == 0) { |
mkersh3 | 0:e7ca326e76ee | 608 | code = CHAP_SUCCESS; /* they are the same! */ |
mkersh3 | 0:e7ca326e76ee | 609 | } |
mkersh3 | 0:e7ca326e76ee | 610 | break; |
mkersh3 | 0:e7ca326e76ee | 611 | |
mkersh3 | 0:e7ca326e76ee | 612 | default: |
mkersh3 | 0:e7ca326e76ee | 613 | CHAPDEBUG(LOG_INFO, ("unknown digest type %d\n", cstate->chal_type)); |
mkersh3 | 0:e7ca326e76ee | 614 | } |
mkersh3 | 0:e7ca326e76ee | 615 | } |
mkersh3 | 0:e7ca326e76ee | 616 | |
mkersh3 | 0:e7ca326e76ee | 617 | BZERO(secret, sizeof(secret)); |
mkersh3 | 0:e7ca326e76ee | 618 | ChapSendStatus(cstate, code); |
mkersh3 | 0:e7ca326e76ee | 619 | |
mkersh3 | 0:e7ca326e76ee | 620 | if (code == CHAP_SUCCESS) { |
mkersh3 | 0:e7ca326e76ee | 621 | old_state = cstate->serverstate; |
mkersh3 | 0:e7ca326e76ee | 622 | cstate->serverstate = CHAPSS_OPEN; |
mkersh3 | 0:e7ca326e76ee | 623 | if (old_state == CHAPSS_INITIAL_CHAL) { |
mkersh3 | 0:e7ca326e76ee | 624 | auth_peer_success(cstate->unit, PPP_CHAP, rhostname, len); |
mkersh3 | 0:e7ca326e76ee | 625 | } |
mkersh3 | 0:e7ca326e76ee | 626 | if (cstate->chal_interval != 0) { |
mkersh3 | 0:e7ca326e76ee | 627 | TIMEOUT(ChapRechallenge, cstate, cstate->chal_interval); |
mkersh3 | 0:e7ca326e76ee | 628 | } |
mkersh3 | 0:e7ca326e76ee | 629 | } else { |
mkersh3 | 0:e7ca326e76ee | 630 | CHAPDEBUG(LOG_ERR, ("CHAP peer authentication failed\n")); |
mkersh3 | 0:e7ca326e76ee | 631 | cstate->serverstate = CHAPSS_BADAUTH; |
mkersh3 | 0:e7ca326e76ee | 632 | auth_peer_fail(cstate->unit, PPP_CHAP); |
mkersh3 | 0:e7ca326e76ee | 633 | } |
mkersh3 | 0:e7ca326e76ee | 634 | } |
mkersh3 | 0:e7ca326e76ee | 635 | |
mkersh3 | 0:e7ca326e76ee | 636 | /* |
mkersh3 | 0:e7ca326e76ee | 637 | * ChapReceiveSuccess - Receive Success |
mkersh3 | 0:e7ca326e76ee | 638 | */ |
mkersh3 | 0:e7ca326e76ee | 639 | static void |
mkersh3 | 0:e7ca326e76ee | 640 | ChapReceiveSuccess(chap_state *cstate, u_char *inp, u_char id, int len) |
mkersh3 | 0:e7ca326e76ee | 641 | { |
mkersh3 | 0:e7ca326e76ee | 642 | LWIP_UNUSED_ARG(id); |
mkersh3 | 0:e7ca326e76ee | 643 | LWIP_UNUSED_ARG(inp); |
mkersh3 | 0:e7ca326e76ee | 644 | |
mkersh3 | 0:e7ca326e76ee | 645 | CHAPDEBUG(LOG_INFO, ("ChapReceiveSuccess: Rcvd id %d.\n", id)); |
mkersh3 | 0:e7ca326e76ee | 646 | |
mkersh3 | 0:e7ca326e76ee | 647 | if (cstate->clientstate == CHAPCS_OPEN) { |
mkersh3 | 0:e7ca326e76ee | 648 | /* presumably an answer to a duplicate response */ |
mkersh3 | 0:e7ca326e76ee | 649 | return; |
mkersh3 | 0:e7ca326e76ee | 650 | } |
mkersh3 | 0:e7ca326e76ee | 651 | |
mkersh3 | 0:e7ca326e76ee | 652 | if (cstate->clientstate != CHAPCS_RESPONSE) { |
mkersh3 | 0:e7ca326e76ee | 653 | /* don't know what this is */ |
mkersh3 | 0:e7ca326e76ee | 654 | CHAPDEBUG(LOG_INFO, ("ChapReceiveSuccess: in state %d\n", |
mkersh3 | 0:e7ca326e76ee | 655 | cstate->clientstate)); |
mkersh3 | 0:e7ca326e76ee | 656 | return; |
mkersh3 | 0:e7ca326e76ee | 657 | } |
mkersh3 | 0:e7ca326e76ee | 658 | |
mkersh3 | 0:e7ca326e76ee | 659 | UNTIMEOUT(ChapResponseTimeout, cstate); |
mkersh3 | 0:e7ca326e76ee | 660 | |
mkersh3 | 0:e7ca326e76ee | 661 | /* |
mkersh3 | 0:e7ca326e76ee | 662 | * Print message. |
mkersh3 | 0:e7ca326e76ee | 663 | */ |
mkersh3 | 0:e7ca326e76ee | 664 | if (len > 0) { |
mkersh3 | 0:e7ca326e76ee | 665 | PRINTMSG(inp, len); |
mkersh3 | 0:e7ca326e76ee | 666 | } |
mkersh3 | 0:e7ca326e76ee | 667 | |
mkersh3 | 0:e7ca326e76ee | 668 | cstate->clientstate = CHAPCS_OPEN; |
mkersh3 | 0:e7ca326e76ee | 669 | |
mkersh3 | 0:e7ca326e76ee | 670 | auth_withpeer_success(cstate->unit, PPP_CHAP); |
mkersh3 | 0:e7ca326e76ee | 671 | } |
mkersh3 | 0:e7ca326e76ee | 672 | |
mkersh3 | 0:e7ca326e76ee | 673 | |
mkersh3 | 0:e7ca326e76ee | 674 | /* |
mkersh3 | 0:e7ca326e76ee | 675 | * ChapReceiveFailure - Receive failure. |
mkersh3 | 0:e7ca326e76ee | 676 | */ |
mkersh3 | 0:e7ca326e76ee | 677 | static void |
mkersh3 | 0:e7ca326e76ee | 678 | ChapReceiveFailure(chap_state *cstate, u_char *inp, u_char id, int len) |
mkersh3 | 0:e7ca326e76ee | 679 | { |
mkersh3 | 0:e7ca326e76ee | 680 | LWIP_UNUSED_ARG(id); |
mkersh3 | 0:e7ca326e76ee | 681 | LWIP_UNUSED_ARG(inp); |
mkersh3 | 0:e7ca326e76ee | 682 | |
mkersh3 | 0:e7ca326e76ee | 683 | CHAPDEBUG(LOG_INFO, ("ChapReceiveFailure: Rcvd id %d.\n", id)); |
mkersh3 | 0:e7ca326e76ee | 684 | |
mkersh3 | 0:e7ca326e76ee | 685 | if (cstate->clientstate != CHAPCS_RESPONSE) { |
mkersh3 | 0:e7ca326e76ee | 686 | /* don't know what this is */ |
mkersh3 | 0:e7ca326e76ee | 687 | CHAPDEBUG(LOG_INFO, ("ChapReceiveFailure: in state %d\n", |
mkersh3 | 0:e7ca326e76ee | 688 | cstate->clientstate)); |
mkersh3 | 0:e7ca326e76ee | 689 | return; |
mkersh3 | 0:e7ca326e76ee | 690 | } |
mkersh3 | 0:e7ca326e76ee | 691 | |
mkersh3 | 0:e7ca326e76ee | 692 | UNTIMEOUT(ChapResponseTimeout, cstate); |
mkersh3 | 0:e7ca326e76ee | 693 | |
mkersh3 | 0:e7ca326e76ee | 694 | /* |
mkersh3 | 0:e7ca326e76ee | 695 | * Print message. |
mkersh3 | 0:e7ca326e76ee | 696 | */ |
mkersh3 | 0:e7ca326e76ee | 697 | if (len > 0) { |
mkersh3 | 0:e7ca326e76ee | 698 | PRINTMSG(inp, len); |
mkersh3 | 0:e7ca326e76ee | 699 | } |
mkersh3 | 0:e7ca326e76ee | 700 | |
mkersh3 | 0:e7ca326e76ee | 701 | CHAPDEBUG(LOG_ERR, ("CHAP authentication failed\n")); |
mkersh3 | 0:e7ca326e76ee | 702 | auth_withpeer_fail(cstate->unit, PPP_CHAP); /* lwip: just sets the PPP error code on this unit to PPPERR_AUTHFAIL */ |
mkersh3 | 0:e7ca326e76ee | 703 | } |
mkersh3 | 0:e7ca326e76ee | 704 | |
mkersh3 | 0:e7ca326e76ee | 705 | |
mkersh3 | 0:e7ca326e76ee | 706 | /* |
mkersh3 | 0:e7ca326e76ee | 707 | * ChapSendChallenge - Send an Authenticate challenge. |
mkersh3 | 0:e7ca326e76ee | 708 | */ |
mkersh3 | 0:e7ca326e76ee | 709 | static void |
mkersh3 | 0:e7ca326e76ee | 710 | ChapSendChallenge(chap_state *cstate) |
mkersh3 | 0:e7ca326e76ee | 711 | { |
mkersh3 | 0:e7ca326e76ee | 712 | u_char *outp; |
mkersh3 | 0:e7ca326e76ee | 713 | int chal_len, name_len; |
mkersh3 | 0:e7ca326e76ee | 714 | int outlen; |
mkersh3 | 0:e7ca326e76ee | 715 | |
mkersh3 | 0:e7ca326e76ee | 716 | chal_len = cstate->chal_len; |
mkersh3 | 0:e7ca326e76ee | 717 | name_len = (int)strlen(cstate->chal_name); |
mkersh3 | 0:e7ca326e76ee | 718 | outlen = CHAP_HEADERLEN + sizeof (u_char) + chal_len + name_len; |
mkersh3 | 0:e7ca326e76ee | 719 | outp = outpacket_buf[cstate->unit]; |
mkersh3 | 0:e7ca326e76ee | 720 | |
mkersh3 | 0:e7ca326e76ee | 721 | MAKEHEADER(outp, PPP_CHAP); /* paste in a CHAP header */ |
mkersh3 | 0:e7ca326e76ee | 722 | |
mkersh3 | 0:e7ca326e76ee | 723 | PUTCHAR(CHAP_CHALLENGE, outp); |
mkersh3 | 0:e7ca326e76ee | 724 | PUTCHAR(cstate->chal_id, outp); |
mkersh3 | 0:e7ca326e76ee | 725 | PUTSHORT(outlen, outp); |
mkersh3 | 0:e7ca326e76ee | 726 | |
mkersh3 | 0:e7ca326e76ee | 727 | PUTCHAR(chal_len, outp); /* put length of challenge */ |
mkersh3 | 0:e7ca326e76ee | 728 | BCOPY(cstate->challenge, outp, chal_len); |
mkersh3 | 0:e7ca326e76ee | 729 | INCPTR(chal_len, outp); |
mkersh3 | 0:e7ca326e76ee | 730 | |
mkersh3 | 0:e7ca326e76ee | 731 | BCOPY(cstate->chal_name, outp, name_len); /* append hostname */ |
mkersh3 | 0:e7ca326e76ee | 732 | |
mkersh3 | 0:e7ca326e76ee | 733 | pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN); |
mkersh3 | 0:e7ca326e76ee | 734 | |
mkersh3 | 0:e7ca326e76ee | 735 | CHAPDEBUG(LOG_INFO, ("ChapSendChallenge: Sent id %d.\n", cstate->chal_id)); |
mkersh3 | 0:e7ca326e76ee | 736 | |
mkersh3 | 0:e7ca326e76ee | 737 | TIMEOUT(ChapChallengeTimeout, cstate, cstate->timeouttime); |
mkersh3 | 0:e7ca326e76ee | 738 | ++cstate->chal_transmits; |
mkersh3 | 0:e7ca326e76ee | 739 | } |
mkersh3 | 0:e7ca326e76ee | 740 | |
mkersh3 | 0:e7ca326e76ee | 741 | |
mkersh3 | 0:e7ca326e76ee | 742 | /* |
mkersh3 | 0:e7ca326e76ee | 743 | * ChapSendStatus - Send a status response (ack or nak). |
mkersh3 | 0:e7ca326e76ee | 744 | */ |
mkersh3 | 0:e7ca326e76ee | 745 | static void |
mkersh3 | 0:e7ca326e76ee | 746 | ChapSendStatus(chap_state *cstate, int code) |
mkersh3 | 0:e7ca326e76ee | 747 | { |
mkersh3 | 0:e7ca326e76ee | 748 | u_char *outp; |
mkersh3 | 0:e7ca326e76ee | 749 | int outlen, msglen; |
mkersh3 | 0:e7ca326e76ee | 750 | char msg[256]; /* @todo: this can be a char*, no strcpy needed */ |
mkersh3 | 0:e7ca326e76ee | 751 | |
mkersh3 | 0:e7ca326e76ee | 752 | if (code == CHAP_SUCCESS) { |
mkersh3 | 0:e7ca326e76ee | 753 | strcpy(msg, "Welcome!"); |
mkersh3 | 0:e7ca326e76ee | 754 | } else { |
mkersh3 | 0:e7ca326e76ee | 755 | strcpy(msg, "I don't like you. Go 'way."); |
mkersh3 | 0:e7ca326e76ee | 756 | } |
mkersh3 | 0:e7ca326e76ee | 757 | msglen = (int)strlen(msg); |
mkersh3 | 0:e7ca326e76ee | 758 | |
mkersh3 | 0:e7ca326e76ee | 759 | outlen = CHAP_HEADERLEN + msglen; |
mkersh3 | 0:e7ca326e76ee | 760 | outp = outpacket_buf[cstate->unit]; |
mkersh3 | 0:e7ca326e76ee | 761 | |
mkersh3 | 0:e7ca326e76ee | 762 | MAKEHEADER(outp, PPP_CHAP); /* paste in a header */ |
mkersh3 | 0:e7ca326e76ee | 763 | |
mkersh3 | 0:e7ca326e76ee | 764 | PUTCHAR(code, outp); |
mkersh3 | 0:e7ca326e76ee | 765 | PUTCHAR(cstate->chal_id, outp); |
mkersh3 | 0:e7ca326e76ee | 766 | PUTSHORT(outlen, outp); |
mkersh3 | 0:e7ca326e76ee | 767 | BCOPY(msg, outp, msglen); |
mkersh3 | 0:e7ca326e76ee | 768 | pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN); |
mkersh3 | 0:e7ca326e76ee | 769 | |
mkersh3 | 0:e7ca326e76ee | 770 | CHAPDEBUG(LOG_INFO, ("ChapSendStatus: Sent code %d, id %d.\n", code, |
mkersh3 | 0:e7ca326e76ee | 771 | cstate->chal_id)); |
mkersh3 | 0:e7ca326e76ee | 772 | } |
mkersh3 | 0:e7ca326e76ee | 773 | |
mkersh3 | 0:e7ca326e76ee | 774 | /* |
mkersh3 | 0:e7ca326e76ee | 775 | * ChapGenChallenge is used to generate a pseudo-random challenge string of |
mkersh3 | 0:e7ca326e76ee | 776 | * a pseudo-random length between min_len and max_len. The challenge |
mkersh3 | 0:e7ca326e76ee | 777 | * string and its length are stored in *cstate, and various other fields of |
mkersh3 | 0:e7ca326e76ee | 778 | * *cstate are initialized. |
mkersh3 | 0:e7ca326e76ee | 779 | */ |
mkersh3 | 0:e7ca326e76ee | 780 | |
mkersh3 | 0:e7ca326e76ee | 781 | static void |
mkersh3 | 0:e7ca326e76ee | 782 | ChapGenChallenge(chap_state *cstate) |
mkersh3 | 0:e7ca326e76ee | 783 | { |
mkersh3 | 0:e7ca326e76ee | 784 | int chal_len; |
mkersh3 | 0:e7ca326e76ee | 785 | u_char *ptr = cstate->challenge; |
mkersh3 | 0:e7ca326e76ee | 786 | int i; |
mkersh3 | 0:e7ca326e76ee | 787 | |
mkersh3 | 0:e7ca326e76ee | 788 | /* pick a random challenge length between MIN_CHALLENGE_LENGTH and |
mkersh3 | 0:e7ca326e76ee | 789 | MAX_CHALLENGE_LENGTH */ |
mkersh3 | 0:e7ca326e76ee | 790 | chal_len = (unsigned) |
mkersh3 | 0:e7ca326e76ee | 791 | ((((magic() >> 16) * |
mkersh3 | 0:e7ca326e76ee | 792 | (MAX_CHALLENGE_LENGTH - MIN_CHALLENGE_LENGTH)) >> 16) |
mkersh3 | 0:e7ca326e76ee | 793 | + MIN_CHALLENGE_LENGTH); |
mkersh3 | 0:e7ca326e76ee | 794 | LWIP_ASSERT("chal_len <= 0xff", chal_len <= 0xffff); |
mkersh3 | 0:e7ca326e76ee | 795 | cstate->chal_len = (u_char)chal_len; |
mkersh3 | 0:e7ca326e76ee | 796 | cstate->chal_id = ++cstate->id; |
mkersh3 | 0:e7ca326e76ee | 797 | cstate->chal_transmits = 0; |
mkersh3 | 0:e7ca326e76ee | 798 | |
mkersh3 | 0:e7ca326e76ee | 799 | /* generate a random string */ |
mkersh3 | 0:e7ca326e76ee | 800 | for (i = 0; i < chal_len; i++ ) { |
mkersh3 | 0:e7ca326e76ee | 801 | *ptr++ = (char) (magic() & 0xff); |
mkersh3 | 0:e7ca326e76ee | 802 | } |
mkersh3 | 0:e7ca326e76ee | 803 | } |
mkersh3 | 0:e7ca326e76ee | 804 | |
mkersh3 | 0:e7ca326e76ee | 805 | /* |
mkersh3 | 0:e7ca326e76ee | 806 | * ChapSendResponse - send a response packet with values as specified |
mkersh3 | 0:e7ca326e76ee | 807 | * in *cstate. |
mkersh3 | 0:e7ca326e76ee | 808 | */ |
mkersh3 | 0:e7ca326e76ee | 809 | /* ARGSUSED */ |
mkersh3 | 0:e7ca326e76ee | 810 | static void |
mkersh3 | 0:e7ca326e76ee | 811 | ChapSendResponse(chap_state *cstate) |
mkersh3 | 0:e7ca326e76ee | 812 | { |
mkersh3 | 0:e7ca326e76ee | 813 | u_char *outp; |
mkersh3 | 0:e7ca326e76ee | 814 | int outlen, md_len, name_len; |
mkersh3 | 0:e7ca326e76ee | 815 | |
mkersh3 | 0:e7ca326e76ee | 816 | md_len = cstate->resp_length; |
mkersh3 | 0:e7ca326e76ee | 817 | name_len = (int)strlen(cstate->resp_name); |
mkersh3 | 0:e7ca326e76ee | 818 | outlen = CHAP_HEADERLEN + sizeof (u_char) + md_len + name_len; |
mkersh3 | 0:e7ca326e76ee | 819 | outp = outpacket_buf[cstate->unit]; |
mkersh3 | 0:e7ca326e76ee | 820 | |
mkersh3 | 0:e7ca326e76ee | 821 | MAKEHEADER(outp, PPP_CHAP); |
mkersh3 | 0:e7ca326e76ee | 822 | |
mkersh3 | 0:e7ca326e76ee | 823 | PUTCHAR(CHAP_RESPONSE, outp); /* we are a response */ |
mkersh3 | 0:e7ca326e76ee | 824 | PUTCHAR(cstate->resp_id, outp); /* copy id from challenge packet */ |
mkersh3 | 0:e7ca326e76ee | 825 | PUTSHORT(outlen, outp); /* packet length */ |
mkersh3 | 0:e7ca326e76ee | 826 | |
mkersh3 | 0:e7ca326e76ee | 827 | PUTCHAR(md_len, outp); /* length of MD */ |
mkersh3 | 0:e7ca326e76ee | 828 | BCOPY(cstate->response, outp, md_len); /* copy MD to buffer */ |
mkersh3 | 0:e7ca326e76ee | 829 | INCPTR(md_len, outp); |
mkersh3 | 0:e7ca326e76ee | 830 | |
mkersh3 | 0:e7ca326e76ee | 831 | BCOPY(cstate->resp_name, outp, name_len); /* append our name */ |
mkersh3 | 0:e7ca326e76ee | 832 | |
mkersh3 | 0:e7ca326e76ee | 833 | /* send the packet */ |
mkersh3 | 0:e7ca326e76ee | 834 | pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN); |
mkersh3 | 0:e7ca326e76ee | 835 | |
mkersh3 | 0:e7ca326e76ee | 836 | cstate->clientstate = CHAPCS_RESPONSE; |
mkersh3 | 0:e7ca326e76ee | 837 | TIMEOUT(ChapResponseTimeout, cstate, cstate->timeouttime); |
mkersh3 | 0:e7ca326e76ee | 838 | ++cstate->resp_transmits; |
mkersh3 | 0:e7ca326e76ee | 839 | } |
mkersh3 | 0:e7ca326e76ee | 840 | |
mkersh3 | 0:e7ca326e76ee | 841 | #if PPP_ADDITIONAL_CALLBACKS |
mkersh3 | 0:e7ca326e76ee | 842 | static char *ChapCodenames[] = { |
mkersh3 | 0:e7ca326e76ee | 843 | "Challenge", "Response", "Success", "Failure" |
mkersh3 | 0:e7ca326e76ee | 844 | }; |
mkersh3 | 0:e7ca326e76ee | 845 | /* |
mkersh3 | 0:e7ca326e76ee | 846 | * ChapPrintPkt - print the contents of a CHAP packet. |
mkersh3 | 0:e7ca326e76ee | 847 | */ |
mkersh3 | 0:e7ca326e76ee | 848 | static int |
mkersh3 | 0:e7ca326e76ee | 849 | ChapPrintPkt( u_char *p, int plen, void (*printer) (void *, char *, ...), void *arg) |
mkersh3 | 0:e7ca326e76ee | 850 | { |
mkersh3 | 0:e7ca326e76ee | 851 | int code, id, len; |
mkersh3 | 0:e7ca326e76ee | 852 | int clen, nlen; |
mkersh3 | 0:e7ca326e76ee | 853 | u_char x; |
mkersh3 | 0:e7ca326e76ee | 854 | |
mkersh3 | 0:e7ca326e76ee | 855 | if (plen < CHAP_HEADERLEN) { |
mkersh3 | 0:e7ca326e76ee | 856 | return 0; |
mkersh3 | 0:e7ca326e76ee | 857 | } |
mkersh3 | 0:e7ca326e76ee | 858 | GETCHAR(code, p); |
mkersh3 | 0:e7ca326e76ee | 859 | GETCHAR(id, p); |
mkersh3 | 0:e7ca326e76ee | 860 | GETSHORT(len, p); |
mkersh3 | 0:e7ca326e76ee | 861 | if (len < CHAP_HEADERLEN || len > plen) { |
mkersh3 | 0:e7ca326e76ee | 862 | return 0; |
mkersh3 | 0:e7ca326e76ee | 863 | } |
mkersh3 | 0:e7ca326e76ee | 864 | |
mkersh3 | 0:e7ca326e76ee | 865 | if (code >= 1 && code <= sizeof(ChapCodenames) / sizeof(char *)) { |
mkersh3 | 0:e7ca326e76ee | 866 | printer(arg, " %s", ChapCodenames[code-1]); |
mkersh3 | 0:e7ca326e76ee | 867 | } else { |
mkersh3 | 0:e7ca326e76ee | 868 | printer(arg, " code=0x%x", code); |
mkersh3 | 0:e7ca326e76ee | 869 | } |
mkersh3 | 0:e7ca326e76ee | 870 | printer(arg, " id=0x%x", id); |
mkersh3 | 0:e7ca326e76ee | 871 | len -= CHAP_HEADERLEN; |
mkersh3 | 0:e7ca326e76ee | 872 | switch (code) { |
mkersh3 | 0:e7ca326e76ee | 873 | case CHAP_CHALLENGE: |
mkersh3 | 0:e7ca326e76ee | 874 | case CHAP_RESPONSE: |
mkersh3 | 0:e7ca326e76ee | 875 | if (len < 1) { |
mkersh3 | 0:e7ca326e76ee | 876 | break; |
mkersh3 | 0:e7ca326e76ee | 877 | } |
mkersh3 | 0:e7ca326e76ee | 878 | clen = p[0]; |
mkersh3 | 0:e7ca326e76ee | 879 | if (len < clen + 1) { |
mkersh3 | 0:e7ca326e76ee | 880 | break; |
mkersh3 | 0:e7ca326e76ee | 881 | } |
mkersh3 | 0:e7ca326e76ee | 882 | ++p; |
mkersh3 | 0:e7ca326e76ee | 883 | nlen = len - clen - 1; |
mkersh3 | 0:e7ca326e76ee | 884 | printer(arg, " <"); |
mkersh3 | 0:e7ca326e76ee | 885 | for (; clen > 0; --clen) { |
mkersh3 | 0:e7ca326e76ee | 886 | GETCHAR(x, p); |
mkersh3 | 0:e7ca326e76ee | 887 | printer(arg, "%.2x", x); |
mkersh3 | 0:e7ca326e76ee | 888 | } |
mkersh3 | 0:e7ca326e76ee | 889 | printer(arg, ">, name = %.*Z", nlen, p); |
mkersh3 | 0:e7ca326e76ee | 890 | break; |
mkersh3 | 0:e7ca326e76ee | 891 | case CHAP_FAILURE: |
mkersh3 | 0:e7ca326e76ee | 892 | case CHAP_SUCCESS: |
mkersh3 | 0:e7ca326e76ee | 893 | printer(arg, " %.*Z", len, p); |
mkersh3 | 0:e7ca326e76ee | 894 | break; |
mkersh3 | 0:e7ca326e76ee | 895 | default: |
mkersh3 | 0:e7ca326e76ee | 896 | for (clen = len; clen > 0; --clen) { |
mkersh3 | 0:e7ca326e76ee | 897 | GETCHAR(x, p); |
mkersh3 | 0:e7ca326e76ee | 898 | printer(arg, " %.2x", x); |
mkersh3 | 0:e7ca326e76ee | 899 | } |
mkersh3 | 0:e7ca326e76ee | 900 | } |
mkersh3 | 0:e7ca326e76ee | 901 | |
mkersh3 | 0:e7ca326e76ee | 902 | return len + CHAP_HEADERLEN; |
mkersh3 | 0:e7ca326e76ee | 903 | } |
mkersh3 | 0:e7ca326e76ee | 904 | #endif /* PPP_ADDITIONAL_CALLBACKS */ |
mkersh3 | 0:e7ca326e76ee | 905 | |
mkersh3 | 0:e7ca326e76ee | 906 | #endif /* CHAP_SUPPORT */ |
mkersh3 | 0:e7ca326e76ee | 907 | |
mkersh3 | 0:e7ca326e76ee | 908 | #endif /* PPP_SUPPORT */ |