1 /*****************************************************************************
\r
2 * chap.h - Network Challenge Handshake Authentication Protocol header file.
\r
4 * Copyright (c) 2003 by Marc Boucher, Services Informatiques (MBSI) inc.
\r
5 * portions Copyright (c) 1998 Global Election Systems Inc.
\r
7 * The authors hereby grant permission to use, copy, modify, distribute,
\r
8 * and license this software and its documentation for any purpose, provided
\r
9 * that existing copyright notices are retained in all copies and that this
\r
10 * notice and the following disclaimer are included verbatim in any
\r
11 * distributions. No written agreement, license, or royalty fee is required
\r
12 * for any of the authorized uses.
\r
14 * THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS *AS IS* AND ANY EXPRESS OR
\r
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
\r
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
\r
17 * IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
\r
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
\r
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
\r
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
\r
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
\r
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
\r
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
\r
25 ******************************************************************************
\r
28 * 03-01-01 Marc Boucher <marc@mbsi.ca>
\r
30 * 97-12-03 Guy Lancaster <lancasterg@acm.org>, Global Election Systems Inc.
\r
31 * Original built from BSD network code.
\r
32 ******************************************************************************/
\r
34 * chap.h - Challenge Handshake Authentication Protocol definitions.
\r
36 * Copyright (c) 1993 The Australian National University.
\r
37 * All rights reserved.
\r
39 * Redistribution and use in source and binary forms are permitted
\r
40 * provided that the above copyright notice and this paragraph are
\r
41 * duplicated in all such forms and that any documentation,
\r
42 * advertising materials, and other materials related to such
\r
43 * distribution and use acknowledge that the software was developed
\r
44 * by the Australian National University. The name of the University
\r
45 * may not be used to endorse or promote products derived from this
\r
46 * software without specific prior written permission.
\r
47 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
\r
48 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
\r
49 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
\r
51 * Copyright (c) 1991 Gregory M. Christy
\r
52 * All rights reserved.
\r
54 * Redistribution and use in source and binary forms are permitted
\r
55 * provided that the above copyright notice and this paragraph are
\r
56 * duplicated in all such forms and that any documentation,
\r
57 * advertising materials, and other materials related to such
\r
58 * distribution and use acknowledge that the software was developed
\r
61 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
\r
62 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
\r
63 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
\r
65 * $Id: chap.h,v 1.1 2003/05/27 14:37:56 jani Exp $
\r
71 /*************************
\r
72 *** PUBLIC DEFINITIONS ***
\r
73 *************************/
\r
75 /* Code + ID + length */
\r
76 #define CHAP_HEADERLEN 4
\r
82 #define CHAP_DIGEST_MD5 5 /* use MD5 algorithm */
\r
83 #define MD5_SIGNATURE_SIZE 16 /* 16 bytes in a MD5 message digest */
\r
84 #define CHAP_MICROSOFT 0x80 /* use Microsoft-compatible alg. */
\r
85 #define MS_CHAP_RESPONSE_LEN 49 /* Response length for MS-CHAP */
\r
87 #define CHAP_CHALLENGE 1
\r
88 #define CHAP_RESPONSE 2
\r
89 #define CHAP_SUCCESS 3
\r
90 #define CHAP_FAILURE 4
\r
93 * Challenge lengths (for challenges we send) and other limits.
\r
95 #define MIN_CHALLENGE_LENGTH 32
\r
96 #define MAX_CHALLENGE_LENGTH 64
\r
97 #define MAX_RESPONSE_LENGTH 64 /* sufficient for MD5 or MS-CHAP */
\r
100 * Client (peer) states.
\r
102 #define CHAPCS_INITIAL 0 /* Lower layer down, not opened */
\r
103 #define CHAPCS_CLOSED 1 /* Lower layer up, not opened */
\r
104 #define CHAPCS_PENDING 2 /* Auth us to peer when lower up */
\r
105 #define CHAPCS_LISTEN 3 /* Listening for a challenge */
\r
106 #define CHAPCS_RESPONSE 4 /* Sent response, waiting for status */
\r
107 #define CHAPCS_OPEN 5 /* We've received Success */
\r
110 * Server (authenticator) states.
\r
112 #define CHAPSS_INITIAL 0 /* Lower layer down, not opened */
\r
113 #define CHAPSS_CLOSED 1 /* Lower layer up, not opened */
\r
114 #define CHAPSS_PENDING 2 /* Auth peer when lower up */
\r
115 #define CHAPSS_INITIAL_CHAL 3 /* We've sent the first challenge */
\r
116 #define CHAPSS_OPEN 4 /* We've sent a Success msg */
\r
117 #define CHAPSS_RECHALLENGE 5 /* We've sent another challenge */
\r
118 #define CHAPSS_BADAUTH 6 /* We've sent a Failure msg */
\r
120 /************************
\r
121 *** PUBLIC DATA TYPES ***
\r
122 ************************/
\r
125 * Each interface is described by a chap structure.
\r
128 typedef struct chap_state {
\r
129 int unit; /* Interface unit number */
\r
130 int clientstate; /* Client state */
\r
131 int serverstate; /* Server state */
\r
132 u_char challenge[MAX_CHALLENGE_LENGTH]; /* last challenge string sent */
\r
133 u_char chal_len; /* challenge length */
\r
134 u_char chal_id; /* ID of last challenge */
\r
135 u_char chal_type; /* hash algorithm for challenges */
\r
136 u_char id; /* Current id */
\r
137 char *chal_name; /* Our name to use with challenge */
\r
138 int chal_interval; /* Time until we challenge peer again */
\r
139 int timeouttime; /* Timeout time in seconds */
\r
140 int max_transmits; /* Maximum # of challenge transmissions */
\r
141 int chal_transmits; /* Number of transmissions of challenge */
\r
142 int resp_transmits; /* Number of transmissions of response */
\r
143 u_char response[MAX_RESPONSE_LENGTH]; /* Response to send */
\r
144 u_char resp_length; /* length of response */
\r
145 u_char resp_id; /* ID for response messages */
\r
146 u_char resp_type; /* hash algorithm for responses */
\r
147 char *resp_name; /* Our name to send with response */
\r
151 /******************
\r
152 *** PUBLIC DATA ***
\r
153 ******************/
\r
154 extern chap_state chap[];
\r
156 extern struct protent chap_protent;
\r
159 /***********************
\r
160 *** PUBLIC FUNCTIONS ***
\r
161 ***********************/
\r
163 void ChapAuthWithPeer (int, char *, int);
\r
164 void ChapAuthPeer (int, char *, int);
\r
166 #endif /* CHAP_H */
\r