Joshua Wise's Git repositories - netwatch.git/blob

1 /*** WARNING - THIS HAS NEVER BEEN FINISHED ***/

2 /*****************************************************************************

3 * chap.c - Network Challenge Handshake Authentication Protocol program file.

4 *

7 *

8 * The authors hereby grant permission to use, copy, modify, distribute,

9 * and license this software and its documentation for any purpose, provided

10 * that existing copyright notices are retained in all copies and that this

11 * notice and the following disclaimer are included verbatim in any

12 * distributions. No written agreement, license, or royalty fee is required

13 * for any of the authorized uses.

14 *

15 * THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS *AS IS* AND ANY EXPRESS OR

16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES

17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.

18 * IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,

19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,

21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY

22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT

23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF

24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

25 *

26 ******************************************************************************

27 * REVISION HISTORY

28 *

29 * 03-01-01 Marc Boucher <marc@mbsi.ca>

30 * Ported to lwIP.

31 * 97-12-04 Guy Lancaster <lancasterg@acm.org>, Global Election Systems Inc.

32 * Original based on BSD chap.c.

33 *****************************************************************************/

34 /*

35 * chap.c - Challenge Handshake Authentication Protocol.

36 *

39 *

40 * Redistribution and use in source and binary forms are permitted

41 * provided that the above copyright notice and this paragraph are

42 * duplicated in all such forms and that any documentation,

43 * advertising materials, and other materials related to such

44 * distribution and use acknowledge that the software was developed

45 * by the Australian National University. The name of the University

46 * may not be used to endorse or promote products derived from this

47 * software without specific prior written permission.

48 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR

49 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED

50 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.

51 *

54 *

55 * Redistribution and use in source and binary forms are permitted

56 * provided that the above copyright notice and this paragraph are

57 * duplicated in all such forms and that any documentation,

58 * advertising materials, and other materials related to such

59 * distribution and use acknowledge that the software was developed

60 * by Gregory M. Christy. The name of the author may not be used to

61 * endorse or promote products derived from this software without

62 * specific prior written permission.

63 *

64 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR

65 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED

66 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.

67 */

69 #include "lwip/opt.h"

71 #if PPP_SUPPORT /* don't build if not configured for use in lwipopts.h */

73 #if CHAP_SUPPORT /* don't build if not configured for use in lwipopts.h */

75 #include "ppp.h"

76 #include "pppdebug.h"

78 #include "magic.h"

79 #include "randm.h"

80 #include "auth.h"

81 #include "md5.h"

82 #include "chap.h"

83 #include "chpms.h"

86 /*************************/

87 /*** LOCAL DEFINITIONS ***/

88 /*************************/

91 /************************/

92 /*** LOCAL DATA TYPES ***/

93 /************************/

96 /***********************************/

97 /*** LOCAL FUNCTION DECLARATIONS ***/

98 /***********************************/

99 /*

100 * Protocol entry points.

101 */

102 static void ChapInit (int);

103 static void ChapLowerUp (int);

104 static void ChapLowerDown (int);

105 static void ChapInput (int, u_char *, int);

106 static void ChapProtocolReject (int);

107 #if 0

108 static int ChapPrintPkt (u_char *, int, void (*) (void *, char *, ...), void *);

109 #endif

110

111 static void ChapChallengeTimeout (void *);

112 static void ChapResponseTimeout (void *);

113 static void ChapReceiveChallenge (chap_state *, u_char *, int, int);

114 static void ChapRechallenge (void *);

115 static void ChapReceiveResponse (chap_state *, u_char *, int, int);

116 static void ChapReceiveSuccess(chap_state *cstate, u_char *inp, u_char id, int len);

117 static void ChapReceiveFailure(chap_state *cstate, u_char *inp, u_char id, int len);

118 static void ChapSendStatus (chap_state *, int);

119 static void ChapSendChallenge (chap_state *);

120 static void ChapSendResponse (chap_state *);

121 static void ChapGenChallenge (chap_state *);

122

123

124 /******************************/

125 /*** PUBLIC DATA STRUCTURES ***/

126 /******************************/

127 chap_state chap[NUM_PPP]; /* CHAP state; one for each unit */

128

129 struct protent chap_protent = {

130 PPP_CHAP,

131 ChapInit,

132 ChapInput,

133 ChapProtocolReject,

134 ChapLowerUp,

135 ChapLowerDown,

136 NULL,

137 NULL,

138 #if 0

139 ChapPrintPkt,

140 NULL,

141 #endif

142 1,

143 "CHAP",

144 #if 0

145 NULL,

146 NULL,

147 NULL

148 #endif

149 };

150

151

152 /***********************************/

153 /*** PUBLIC FUNCTION DEFINITIONS ***/

154 /***********************************/

155 /*

156 * ChapAuthWithPeer - Authenticate us with our peer (start client).

157 *

158 */

159 void

160 ChapAuthWithPeer(int unit, char *our_name, int digest)

161 {

162 chap_state *cstate = &chap[unit];

163

164 cstate->resp_name = our_name;

165 cstate->resp_type = digest;

166

167 if (cstate->clientstate == CHAPCS_INITIAL ||

168 cstate->clientstate == CHAPCS_PENDING) {

169 /* lower layer isn't up - wait until later */

170 cstate->clientstate = CHAPCS_PENDING;

171 return;

172 }

173

174 /*

175 * We get here as a result of LCP coming up.

176 * So even if CHAP was open before, we will

177 * have to re-authenticate ourselves.

178 */

179 cstate->clientstate = CHAPCS_LISTEN;

180 }

181

182

183 /*

184 * ChapAuthPeer - Authenticate our peer (start server).

185 */

186 void

187 ChapAuthPeer(int unit, char *our_name, int digest)

188 {

189 chap_state *cstate = &chap[unit];

190

191 cstate->chal_name = our_name;

192 cstate->chal_type = digest;

193

194 if (cstate->serverstate == CHAPSS_INITIAL ||

195 cstate->serverstate == CHAPSS_PENDING) {

196 /* lower layer isn't up - wait until later */

197 cstate->serverstate = CHAPSS_PENDING;

198 return;

199 }

200

201 ChapGenChallenge(cstate);

202 ChapSendChallenge(cstate); /* crank it up dude! */

203 cstate->serverstate = CHAPSS_INITIAL_CHAL;

204 }

205

206

207 /**********************************/

208 /*** LOCAL FUNCTION DEFINITIONS ***/

209 /**********************************/

210 /*

211 * ChapInit - Initialize a CHAP unit.

212 */

213 static void

214 ChapInit(int unit)

215 {

216 chap_state *cstate = &chap[unit];

217

218 BZERO(cstate, sizeof(*cstate));

219 cstate->unit = unit;

220 cstate->clientstate = CHAPCS_INITIAL;

221 cstate->serverstate = CHAPSS_INITIAL;

222 cstate->timeouttime = CHAP_DEFTIMEOUT;

223 cstate->max_transmits = CHAP_DEFTRANSMITS;

224 /* random number generator is initialized in magic_init */

225 }

226

227

228 /*

229 * ChapChallengeTimeout - Timeout expired on sending challenge.

230 */

231 static void

232 ChapChallengeTimeout(void *arg)

233 {

234 chap_state *cstate = (chap_state *) arg;

235

236 /* if we aren't sending challenges, don't worry. then again we */

237 /* probably shouldn't be here either */

238 if (cstate->serverstate != CHAPSS_INITIAL_CHAL &&

239 cstate->serverstate != CHAPSS_RECHALLENGE) {

240 return;

241 }

242

243 if (cstate->chal_transmits >= cstate->max_transmits) {

244 /* give up on peer */

245 CHAPDEBUG((LOG_ERR, "Peer failed to respond to CHAP challenge\n"));

246 cstate->serverstate = CHAPSS_BADAUTH;

247 auth_peer_fail(cstate->unit, PPP_CHAP);

248 return;

249 }

250

251 ChapSendChallenge(cstate); /* Re-send challenge */

252 }

253

254

255 /*

256 * ChapResponseTimeout - Timeout expired on sending response.

257 */

258 static void

259 ChapResponseTimeout(void *arg)

260 {

261 chap_state *cstate = (chap_state *) arg;

262

263 /* if we aren't sending a response, don't worry. */

264 if (cstate->clientstate != CHAPCS_RESPONSE) {

265 return;

266 }

267

268 ChapSendResponse(cstate); /* re-send response */

269 }

270

271

272 /*

273 * ChapRechallenge - Time to challenge the peer again.

274 */

275 static void

276 ChapRechallenge(void *arg)

277 {

278 chap_state *cstate = (chap_state *) arg;

279

280 /* if we aren't sending a response, don't worry. */

281 if (cstate->serverstate != CHAPSS_OPEN) {

282 return;

283 }

284

285 ChapGenChallenge(cstate);

286 ChapSendChallenge(cstate);

287 cstate->serverstate = CHAPSS_RECHALLENGE;

288 }

289

290

291 /*

292 * ChapLowerUp - The lower layer is up.

293 *

294 * Start up if we have pending requests.

295 */

296 static void

297 ChapLowerUp(int unit)

298 {

299 chap_state *cstate = &chap[unit];

300

301 if (cstate->clientstate == CHAPCS_INITIAL) {

302 cstate->clientstate = CHAPCS_CLOSED;

303 } else if (cstate->clientstate == CHAPCS_PENDING) {

304 cstate->clientstate = CHAPCS_LISTEN;

305 }

306

307 if (cstate->serverstate == CHAPSS_INITIAL) {

308 cstate->serverstate = CHAPSS_CLOSED;

309 } else if (cstate->serverstate == CHAPSS_PENDING) {

310 ChapGenChallenge(cstate);

311 ChapSendChallenge(cstate);

312 cstate->serverstate = CHAPSS_INITIAL_CHAL;

313 }

314 }

315

316

317 /*

318 * ChapLowerDown - The lower layer is down.

319 *

320 * Cancel all timeouts.

321 */

322 static void

323 ChapLowerDown(int unit)

324 {

325 chap_state *cstate = &chap[unit];

326

327 /* Timeout(s) pending? Cancel if so. */

328 if (cstate->serverstate == CHAPSS_INITIAL_CHAL ||

329 cstate->serverstate == CHAPSS_RECHALLENGE) {

330 UNTIMEOUT(ChapChallengeTimeout, cstate);

331 } else if (cstate->serverstate == CHAPSS_OPEN

332 && cstate->chal_interval != 0) {

333 UNTIMEOUT(ChapRechallenge, cstate);

334 }

335 if (cstate->clientstate == CHAPCS_RESPONSE) {

336 UNTIMEOUT(ChapResponseTimeout, cstate);

337 }

338 cstate->clientstate = CHAPCS_INITIAL;

339 cstate->serverstate = CHAPSS_INITIAL;

340 }

341

342

343 /*

344 * ChapProtocolReject - Peer doesn't grok CHAP.

345 */

346 static void

347 ChapProtocolReject(int unit)

348 {

349 chap_state *cstate = &chap[unit];

350

351 if (cstate->serverstate != CHAPSS_INITIAL &&

352 cstate->serverstate != CHAPSS_CLOSED) {

353 auth_peer_fail(unit, PPP_CHAP);

354 }

355 if (cstate->clientstate != CHAPCS_INITIAL &&

356 cstate->clientstate != CHAPCS_CLOSED) {

357 auth_withpeer_fail(unit, PPP_CHAP);

358 }

359 ChapLowerDown(unit); /* shutdown chap */

360 }

361

362

363 /*

364 * ChapInput - Input CHAP packet.

365 */

366 static void

367 ChapInput(int unit, u_char *inpacket, int packet_len)

368 {

369 chap_state *cstate = &chap[unit];

370 u_char *inp;

371 u_char code, id;

372 int len;

373

374 /*

375 * Parse header (code, id and length).

376 * If packet too short, drop it.

377 */

378 inp = inpacket;

379 if (packet_len < CHAP_HEADERLEN) {

380 CHAPDEBUG((LOG_INFO, "ChapInput: rcvd short header.\n"));

381 return;

382 }

383 GETCHAR(code, inp);

384 GETCHAR(id, inp);

385 GETSHORT(len, inp);

386 if (len < CHAP_HEADERLEN) {

387 CHAPDEBUG((LOG_INFO, "ChapInput: rcvd illegal length.\n"));

388 return;

389 }

390 if (len > packet_len) {

391 CHAPDEBUG((LOG_INFO, "ChapInput: rcvd short packet.\n"));

392 return;

393 }

394 len -= CHAP_HEADERLEN;

395

396 /*

397 * Action depends on code (as in fact it usually does :-).

398 */

399 switch (code) {

400 case CHAP_CHALLENGE:

401 ChapReceiveChallenge(cstate, inp, id, len);

402 break;

403

404 case CHAP_RESPONSE:

405 ChapReceiveResponse(cstate, inp, id, len);

406 break;

407

408 case CHAP_FAILURE:

409 ChapReceiveFailure(cstate, inp, id, len);

410 break;

411

412 case CHAP_SUCCESS:

413 ChapReceiveSuccess(cstate, inp, id, len);

414 break;

415

416 default: /* Need code reject? */

417 CHAPDEBUG((LOG_WARNING, "Unknown CHAP code (%d) received.\n", code));

418 break;

419 }

420 }

421

422

423 /*

424 * ChapReceiveChallenge - Receive Challenge and send Response.

425 */

426 static void

427 ChapReceiveChallenge(chap_state *cstate, u_char *inp, int id, int len)

428 {

429 int rchallenge_len;

430 u_char *rchallenge;

431 int secret_len;

432 char secret[MAXSECRETLEN];

433 char rhostname[256];

434 MD5_CTX mdContext;

435 u_char hash[MD5_SIGNATURE_SIZE];

436

437 CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: Rcvd id %d.\n", id));

438 if (cstate->clientstate == CHAPCS_CLOSED ||

439 cstate->clientstate == CHAPCS_PENDING) {

440 CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: in state %d\n",

441 cstate->clientstate));

442 return;

443 }

444

445 if (len < 2) {

446 CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: rcvd short packet.\n"));

447 return;

448 }

449

450 GETCHAR(rchallenge_len, inp);

451 len -= sizeof (u_char) + rchallenge_len; /* now name field length */

452 if (len < 0) {

453 CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: rcvd short packet.\n"));

454 return;

455 }

456 rchallenge = inp;

457 INCPTR(rchallenge_len, inp);

458

459 if (len >= sizeof(rhostname)) {

460 len = sizeof(rhostname) - 1;

461 }

462 BCOPY(inp, rhostname, len);

463 rhostname[len] = '\000';

464

465 CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: received name field '%s'\n", rhostname));

466

467 /* Microsoft doesn't send their name back in the PPP packet */

468 if (ppp_settings.remote_name[0] != 0 && (ppp_settings.explicit_remote || rhostname[0] == 0)) {

469 strncpy(rhostname, ppp_settings.remote_name, sizeof(rhostname));

470 rhostname[sizeof(rhostname) - 1] = 0;

471 CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: using '%s' as remote name\n", rhostname));

472 }

473

474 /* get secret for authenticating ourselves with the specified host */

475 if (!get_secret(cstate->unit, cstate->resp_name, rhostname, secret, &secret_len, 0)) {

476 secret_len = 0; /* assume null secret if can't find one */

477 CHAPDEBUG((LOG_WARNING, "No CHAP secret found for authenticating us to %s\n", rhostname));

478 }

479

480 /* cancel response send timeout if necessary */

481 if (cstate->clientstate == CHAPCS_RESPONSE) {

482 UNTIMEOUT(ChapResponseTimeout, cstate);

483 }

484

485 cstate->resp_id = id;

486 cstate->resp_transmits = 0;

487

488 /* generate MD based on negotiated type */

489 switch (cstate->resp_type) {

490

491 case CHAP_DIGEST_MD5:

492 MD5Init(&mdContext);

493 MD5Update(&mdContext, &cstate->resp_id, 1);

494 MD5Update(&mdContext, (u_char*)secret, secret_len);

495 MD5Update(&mdContext, rchallenge, rchallenge_len);

496 MD5Final(hash, &mdContext);

497 BCOPY(hash, cstate->response, MD5_SIGNATURE_SIZE);

498 cstate->resp_length = MD5_SIGNATURE_SIZE;

499 break;

500

501 #ifdef CHAPMS

502 case CHAP_MICROSOFT:

503 ChapMS(cstate, rchallenge, rchallenge_len, secret, secret_len);

504 break;

505 #endif

506

507 default:

508 CHAPDEBUG((LOG_INFO, "unknown digest type %d\n", cstate->resp_type));

509 return;

510 }

511

512 BZERO(secret, sizeof(secret));

513 ChapSendResponse(cstate);

514 }

515

516

517 /*

518 * ChapReceiveResponse - Receive and process response.

519 */

520 static void

521 ChapReceiveResponse(chap_state *cstate, u_char *inp, int id, int len)

522 {

523 u_char *remmd, remmd_len;

524 int secret_len, old_state;

525 int code;

526 char rhostname[256];

527 MD5_CTX mdContext;

528 char secret[MAXSECRETLEN];

529 u_char hash[MD5_SIGNATURE_SIZE];

530

531 CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: Rcvd id %d.\n", id));

532

533 if (cstate->serverstate == CHAPSS_CLOSED ||

534 cstate->serverstate == CHAPSS_PENDING) {

535 CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: in state %d\n",

536 cstate->serverstate));

537 return;

538 }

539

540 if (id != cstate->chal_id) {

541 return; /* doesn't match ID of last challenge */

542 }

543

544 /*

545 * If we have received a duplicate or bogus Response,

546 * we have to send the same answer (Success/Failure)

547 * as we did for the first Response we saw.

548 */

549 if (cstate->serverstate == CHAPSS_OPEN) {

550 ChapSendStatus(cstate, CHAP_SUCCESS);

551 return;

552 }

553 if (cstate->serverstate == CHAPSS_BADAUTH) {

554 ChapSendStatus(cstate, CHAP_FAILURE);

555 return;

556 }

557

558 if (len < 2) {

559 CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: rcvd short packet.\n"));

560 return;

561 }

562 GETCHAR(remmd_len, inp); /* get length of MD */

563 remmd = inp; /* get pointer to MD */

564 INCPTR(remmd_len, inp);

565

566 len -= sizeof (u_char) + remmd_len;

567 if (len < 0) {

568 CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: rcvd short packet.\n"));

569 return;

570 }

571

572 UNTIMEOUT(ChapChallengeTimeout, cstate);

573

574 if (len >= sizeof(rhostname)) {

575 len = sizeof(rhostname) - 1;

576 }

577 BCOPY(inp, rhostname, len);

578 rhostname[len] = '\000';

579

580 CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: received name field: %s\n", rhostname));

581

582 /*

583 * Get secret for authenticating them with us,

584 * do the hash ourselves, and compare the result.

585 */

586 code = CHAP_FAILURE;

587 if (!get_secret(cstate->unit, rhostname, cstate->chal_name, secret, &secret_len, 1)) {

588 /* CHAPDEBUG((LOG_WARNING, TL_CHAP, "No CHAP secret found for authenticating %s\n", rhostname)); */

589 CHAPDEBUG((LOG_WARNING, "No CHAP secret found for authenticating %s\n",

590 rhostname));

591 } else {

592 /* generate MD based on negotiated type */

593 switch (cstate->chal_type) {

594

595 case CHAP_DIGEST_MD5: /* only MD5 is defined for now */

596 if (remmd_len != MD5_SIGNATURE_SIZE) {

597 break; /* it's not even the right length */

598 }

599 MD5Init(&mdContext);

600 MD5Update(&mdContext, &cstate->chal_id, 1);

601 MD5Update(&mdContext, (u_char*)secret, secret_len);

602 MD5Update(&mdContext, cstate->challenge, cstate->chal_len);

603 MD5Final(hash, &mdContext);

604

605 /* compare local and remote MDs and send the appropriate status */

606 if (memcmp (hash, remmd, MD5_SIGNATURE_SIZE) == 0) {

607 code = CHAP_SUCCESS; /* they are the same! */

608 }

609 break;

610

611 default:

612 CHAPDEBUG((LOG_INFO, "unknown digest type %d\n", cstate->chal_type));

613 }

614 }

615

616 BZERO(secret, sizeof(secret));

617 ChapSendStatus(cstate, code);

618

619 if (code == CHAP_SUCCESS) {

620 old_state = cstate->serverstate;

621 cstate->serverstate = CHAPSS_OPEN;

622 if (old_state == CHAPSS_INITIAL_CHAL) {

623 auth_peer_success(cstate->unit, PPP_CHAP, rhostname, len);

624 }

625 if (cstate->chal_interval != 0) {

626 TIMEOUT(ChapRechallenge, cstate, cstate->chal_interval);

627 }

628 } else {

629 CHAPDEBUG((LOG_ERR, "CHAP peer authentication failed\n"));

630 cstate->serverstate = CHAPSS_BADAUTH;

631 auth_peer_fail(cstate->unit, PPP_CHAP);

632 }

633 }

634

635 /*

636 * ChapReceiveSuccess - Receive Success

637 */

638 static void

639 ChapReceiveSuccess(chap_state *cstate, u_char *inp, u_char id, int len)

640 {

641 LWIP_UNUSED_ARG(id);

642 LWIP_UNUSED_ARG(inp);

643

644 CHAPDEBUG((LOG_INFO, "ChapReceiveSuccess: Rcvd id %d.\n", id));

645

646 if (cstate->clientstate == CHAPCS_OPEN) {

647 /* presumably an answer to a duplicate response */

648 return;

649 }

650

651 if (cstate->clientstate != CHAPCS_RESPONSE) {

652 /* don't know what this is */

653 CHAPDEBUG((LOG_INFO, "ChapReceiveSuccess: in state %d\n", cstate->clientstate));

654 return;

655 }

656

657 UNTIMEOUT(ChapResponseTimeout, cstate);

658

659 /*

660 * Print message.

661 */

662 if (len > 0) {

663 PRINTMSG(inp, len);

664 }

665

666 cstate->clientstate = CHAPCS_OPEN;

667

668 auth_withpeer_success(cstate->unit, PPP_CHAP);

669 }

670

671

672 /*

673 * ChapReceiveFailure - Receive failure.

674 */

675 static void

676 ChapReceiveFailure(chap_state *cstate, u_char *inp, u_char id, int len)

677 {

678 LWIP_UNUSED_ARG(id);

679 LWIP_UNUSED_ARG(inp);

680

681 CHAPDEBUG((LOG_INFO, "ChapReceiveFailure: Rcvd id %d.\n", id));

682

683 if (cstate->clientstate != CHAPCS_RESPONSE) {

684 /* don't know what this is */

685 CHAPDEBUG((LOG_INFO, "ChapReceiveFailure: in state %d\n", cstate->clientstate));

686 return;

687 }

688

689 UNTIMEOUT(ChapResponseTimeout, cstate);

690

691 /*

692 * Print message.

693 */

694 if (len > 0) {

695 PRINTMSG(inp, len);

696 }

697

698 CHAPDEBUG((LOG_ERR, "CHAP authentication failed\n"));

699 auth_withpeer_fail(cstate->unit, PPP_CHAP);

700 }

701

702

703 /*

704 * ChapSendChallenge - Send an Authenticate challenge.

705 */

706 static void

707 ChapSendChallenge(chap_state *cstate)

708 {

709 u_char *outp;

710 int chal_len, name_len;

711 int outlen;

712

713 chal_len = cstate->chal_len;

714 name_len = strlen(cstate->chal_name);

715 outlen = CHAP_HEADERLEN + sizeof (u_char) + chal_len + name_len;

716 outp = outpacket_buf[cstate->unit];

717

718 MAKEHEADER(outp, PPP_CHAP); /* paste in a CHAP header */

719

720 PUTCHAR(CHAP_CHALLENGE, outp);

721 PUTCHAR(cstate->chal_id, outp);

722 PUTSHORT(outlen, outp);

723

724 PUTCHAR(chal_len, outp); /* put length of challenge */

725 BCOPY(cstate->challenge, outp, chal_len);

726 INCPTR(chal_len, outp);

727

728 BCOPY(cstate->chal_name, outp, name_len); /* append hostname */

729

730 pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN);

731

732 CHAPDEBUG((LOG_INFO, "ChapSendChallenge: Sent id %d.\n", cstate->chal_id));

733

734 TIMEOUT(ChapChallengeTimeout, cstate, cstate->timeouttime);

735 ++cstate->chal_transmits;

736 }

737

738

739 /*

740 * ChapSendStatus - Send a status response (ack or nak).

741 */

742 static void

743 ChapSendStatus(chap_state *cstate, int code)

744 {

745 u_char *outp;

746 int outlen, msglen;

747 char msg[256];

748

749 if (code == CHAP_SUCCESS) {

750 strcpy(msg, "Welcome!");

751 } else {

752 strcpy(msg, "I don't like you. Go 'way.");

753 }

754 msglen = strlen(msg);

755

756 outlen = CHAP_HEADERLEN + msglen;

757 outp = outpacket_buf[cstate->unit];

758

759 MAKEHEADER(outp, PPP_CHAP); /* paste in a header */

760

761 PUTCHAR(code, outp);

762 PUTCHAR(cstate->chal_id, outp);

763 PUTSHORT(outlen, outp);

764 BCOPY(msg, outp, msglen);

765 pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN);

766

767 CHAPDEBUG((LOG_INFO, "ChapSendStatus: Sent code %d, id %d.\n", code, cstate->chal_id));

768 }

769

770 /*

771 * ChapGenChallenge is used to generate a pseudo-random challenge string of

772 * a pseudo-random length between min_len and max_len. The challenge

773 * string and its length are stored in *cstate, and various other fields of

774 * *cstate are initialized.

775 */

776

777 static void

778 ChapGenChallenge(chap_state *cstate)

779 {

780 int chal_len;

781 u_char *ptr = cstate->challenge;

782 int i;

783

784 /* pick a random challenge length between MIN_CHALLENGE_LENGTH and

785 MAX_CHALLENGE_LENGTH */

786 chal_len = (unsigned)

787 ((((magic() >> 16) *

788 (MAX_CHALLENGE_LENGTH - MIN_CHALLENGE_LENGTH)) >> 16)

789 + MIN_CHALLENGE_LENGTH);

790 cstate->chal_len = chal_len;

791 cstate->chal_id = ++cstate->id;

792 cstate->chal_transmits = 0;

793

794 /* generate a random string */

795 for (i = 0; i < chal_len; i++ ) {

796 *ptr++ = (char) (magic() & 0xff);

797 }

798 }

799

800 /*

801 * ChapSendResponse - send a response packet with values as specified

802 * in *cstate.

803 */

804 /* ARGSUSED */

805 static void

806 ChapSendResponse(chap_state *cstate)

807 {

808 u_char *outp;

809 int outlen, md_len, name_len;

810

811 md_len = cstate->resp_length;

812 name_len = strlen(cstate->resp_name);

813 outlen = CHAP_HEADERLEN + sizeof (u_char) + md_len + name_len;

814 outp = outpacket_buf[cstate->unit];

815

816 MAKEHEADER(outp, PPP_CHAP);

817

818 PUTCHAR(CHAP_RESPONSE, outp); /* we are a response */

819 PUTCHAR(cstate->resp_id, outp); /* copy id from challenge packet */

820 PUTSHORT(outlen, outp); /* packet length */

821

822 PUTCHAR(md_len, outp); /* length of MD */

823 BCOPY(cstate->response, outp, md_len); /* copy MD to buffer */

824 INCPTR(md_len, outp);

825

826 BCOPY(cstate->resp_name, outp, name_len); /* append our name */

827

828 /* send the packet */

829 pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN);

830

831 cstate->clientstate = CHAPCS_RESPONSE;

832 TIMEOUT(ChapResponseTimeout, cstate, cstate->timeouttime);

833 ++cstate->resp_transmits;

834 }

835

836 #if 0

837 static char *ChapCodenames[] = {

838 "Challenge", "Response", "Success", "Failure"

839 };

840 /*

841 * ChapPrintPkt - print the contents of a CHAP packet.

842 */

843 static int

844 ChapPrintPkt( u_char *p, int plen, void (*printer) (void *, char *, ...), void *arg)

845 {

846 int code, id, len;

847 int clen, nlen;

848 u_char x;

849

850 if (plen < CHAP_HEADERLEN) {

851 return 0;

852 }

853 GETCHAR(code, p);

854 GETCHAR(id, p);

855 GETSHORT(len, p);

856 if (len < CHAP_HEADERLEN || len > plen) {

857 return 0;

858 }

859 if (code >= 1 && code <= sizeof(ChapCodenames) / sizeof(char *)) {

860 printer(arg, " %s", ChapCodenames[code-1]);

861 } else {

862 printer(arg, " code=0x%x", code);

863 }

864 printer(arg, " id=0x%x", id);

865 len -= CHAP_HEADERLEN;

866 switch (code) {

867 case CHAP_CHALLENGE:

868 case CHAP_RESPONSE:

869 if (len < 1) {

870 break;

871 }

872 clen = p[0];

873 if (len < clen + 1) {

874 break;

875 }

876 ++p;

877 nlen = len - clen - 1;

878 printer(arg, " <");

879 for (; clen > 0; --clen) {

880 GETCHAR(x, p);

881 printer(arg, "%.2x", x);

882 }

883 printer(arg, ">, name = %.*Z", nlen, p);

884 break;

885 case CHAP_FAILURE:

886 case CHAP_SUCCESS:

887 printer(arg, " %.*Z", len, p);

888 break;

889 default:

890 for (clen = len; clen > 0; --clen) {

891 GETCHAR(x, p);

892 printer(arg, " %.2x", x);

893 }

894 }

895

896 return len + CHAP_HEADERLEN;

897 }

898 #endif

899

900 #endif /* CHAP_SUPPORT */

901

902 #endif /* PPP_SUPPORT */