1 /*** WARNING - THIS HAS NEVER BEEN FINISHED ***/
\r
2 /*****************************************************************************
\r
3 * chap.c - Network Challenge Handshake Authentication Protocol program file.
\r
5 * Copyright (c) 2003 by Marc Boucher, Services Informatiques (MBSI) inc.
\r
6 * portions Copyright (c) 1997 by Global Election Systems Inc.
\r
8 * The authors hereby grant permission to use, copy, modify, distribute,
\r
9 * and license this software and its documentation for any purpose, provided
\r
10 * that existing copyright notices are retained in all copies and that this
\r
11 * notice and the following disclaimer are included verbatim in any
\r
12 * distributions. No written agreement, license, or royalty fee is required
\r
13 * for any of the authorized uses.
\r
15 * THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS *AS IS* AND ANY EXPRESS OR
\r
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
\r
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
\r
18 * IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
\r
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
\r
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
\r
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
\r
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
\r
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
\r
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
\r
26 ******************************************************************************
\r
29 * 03-01-01 Marc Boucher <marc@mbsi.ca>
\r
31 * 97-12-04 Guy Lancaster <lancasterg@acm.org>, Global Election Systems Inc.
\r
32 * Original based on BSD chap.c.
\r
33 *****************************************************************************/
\r
35 * chap.c - Challenge Handshake Authentication Protocol.
\r
37 * Copyright (c) 1993 The Australian National University.
\r
38 * All rights reserved.
\r
40 * Redistribution and use in source and binary forms are permitted
\r
41 * provided that the above copyright notice and this paragraph are
\r
42 * duplicated in all such forms and that any documentation,
\r
43 * advertising materials, and other materials related to such
\r
44 * distribution and use acknowledge that the software was developed
\r
45 * by the Australian National University. The name of the University
\r
46 * may not be used to endorse or promote products derived from this
\r
47 * software without specific prior written permission.
\r
48 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
\r
49 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
\r
50 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
\r
52 * Copyright (c) 1991 Gregory M. Christy.
\r
53 * All rights reserved.
\r
55 * Redistribution and use in source and binary forms are permitted
\r
56 * provided that the above copyright notice and this paragraph are
\r
57 * duplicated in all such forms and that any documentation,
\r
58 * advertising materials, and other materials related to such
\r
59 * distribution and use acknowledge that the software was developed
\r
60 * by Gregory M. Christy. The name of the author may not be used to
\r
61 * endorse or promote products derived from this software without
\r
62 * specific prior written permission.
\r
64 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
\r
65 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
\r
66 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
\r
73 #if CHAP_SUPPORT > 0
\r
80 #include "pppdebug.h"
\r
83 /*************************/
\r
84 /*** LOCAL DEFINITIONS ***/
\r
85 /*************************/
\r
88 /************************/
\r
89 /*** LOCAL DATA TYPES ***/
\r
90 /************************/
\r
93 /***********************************/
\r
94 /*** LOCAL FUNCTION DECLARATIONS ***/
\r
95 /***********************************/
\r
97 * Protocol entry points.
\r
99 static void ChapInit (int);
\r
100 static void ChapLowerUp (int);
\r
101 static void ChapLowerDown (int);
\r
102 static void ChapInput (int, u_char *, int);
\r
103 static void ChapProtocolReject (int);
\r
104 static int ChapPrintPkt (u_char *, int,
\r
105 void (*) (void *, char *, ...), void *);
\r
107 static void ChapChallengeTimeout (void *);
\r
108 static void ChapResponseTimeout (void *);
\r
109 static void ChapReceiveChallenge (chap_state *, u_char *, int, int);
\r
110 static void ChapRechallenge (void *);
\r
111 static void ChapReceiveResponse (chap_state *, u_char *, int, int);
\r
112 static void ChapReceiveSuccess(chap_state *cstate, u_char *inp, u_char id, int len);
\r
113 static void ChapReceiveFailure(chap_state *cstate, u_char *inp, u_char id, int len);
\r
114 static void ChapSendStatus (chap_state *, int);
\r
115 static void ChapSendChallenge (chap_state *);
\r
116 static void ChapSendResponse (chap_state *);
\r
117 static void ChapGenChallenge (chap_state *);
\r
120 /******************************/
\r
121 /*** PUBLIC DATA STRUCTURES ***/
\r
122 /******************************/
\r
123 chap_state chap[NUM_PPP]; /* CHAP state; one for each unit */
\r
125 struct protent chap_protent = {
\r
129 ChapProtocolReject,
\r
149 /*****************************/
\r
150 /*** LOCAL DATA STRUCTURES ***/
\r
151 /*****************************/
\r
152 static char *ChapCodenames[] = {
\r
153 "Challenge", "Response", "Success", "Failure"
\r
158 /***********************************/
\r
159 /*** PUBLIC FUNCTION DEFINITIONS ***/
\r
160 /***********************************/
\r
162 * ChapAuthWithPeer - Authenticate us with our peer (start client).
\r
165 void ChapAuthWithPeer(int unit, char *our_name, int digest)
\r
167 chap_state *cstate = &chap[unit];
\r
169 cstate->resp_name = our_name;
\r
170 cstate->resp_type = digest;
\r
172 if (cstate->clientstate == CHAPCS_INITIAL ||
\r
173 cstate->clientstate == CHAPCS_PENDING) {
\r
174 /* lower layer isn't up - wait until later */
\r
175 cstate->clientstate = CHAPCS_PENDING;
\r
180 * We get here as a result of LCP coming up.
\r
181 * So even if CHAP was open before, we will
\r
182 * have to re-authenticate ourselves.
\r
184 cstate->clientstate = CHAPCS_LISTEN;
\r
189 * ChapAuthPeer - Authenticate our peer (start server).
\r
191 void ChapAuthPeer(int unit, char *our_name, int digest)
\r
193 chap_state *cstate = &chap[unit];
\r
195 cstate->chal_name = our_name;
\r
196 cstate->chal_type = digest;
\r
198 if (cstate->serverstate == CHAPSS_INITIAL ||
\r
199 cstate->serverstate == CHAPSS_PENDING) {
\r
200 /* lower layer isn't up - wait until later */
\r
201 cstate->serverstate = CHAPSS_PENDING;
\r
205 ChapGenChallenge(cstate);
\r
206 ChapSendChallenge(cstate); /* crank it up dude! */
\r
207 cstate->serverstate = CHAPSS_INITIAL_CHAL;
\r
213 /**********************************/
\r
214 /*** LOCAL FUNCTION DEFINITIONS ***/
\r
215 /**********************************/
\r
217 * ChapInit - Initialize a CHAP unit.
\r
219 static void ChapInit(int unit)
\r
221 chap_state *cstate = &chap[unit];
\r
223 BZERO(cstate, sizeof(*cstate));
\r
224 cstate->unit = unit;
\r
225 cstate->clientstate = CHAPCS_INITIAL;
\r
226 cstate->serverstate = CHAPSS_INITIAL;
\r
227 cstate->timeouttime = CHAP_DEFTIMEOUT;
\r
228 cstate->max_transmits = CHAP_DEFTRANSMITS;
\r
229 /* random number generator is initialized in magic_init */
\r
234 * ChapChallengeTimeout - Timeout expired on sending challenge.
\r
236 static void ChapChallengeTimeout(void *arg)
\r
238 chap_state *cstate = (chap_state *) arg;
\r
240 /* if we aren't sending challenges, don't worry. then again we */
\r
241 /* probably shouldn't be here either */
\r
242 if (cstate->serverstate != CHAPSS_INITIAL_CHAL &&
\r
243 cstate->serverstate != CHAPSS_RECHALLENGE)
\r
246 if (cstate->chal_transmits >= cstate->max_transmits) {
\r
247 /* give up on peer */
\r
248 CHAPDEBUG((LOG_ERR, "Peer failed to respond to CHAP challenge\n"));
\r
249 cstate->serverstate = CHAPSS_BADAUTH;
\r
250 auth_peer_fail(cstate->unit, PPP_CHAP);
\r
254 ChapSendChallenge(cstate); /* Re-send challenge */
\r
259 * ChapResponseTimeout - Timeout expired on sending response.
\r
261 static void ChapResponseTimeout(void *arg)
\r
263 chap_state *cstate = (chap_state *) arg;
\r
265 /* if we aren't sending a response, don't worry. */
\r
266 if (cstate->clientstate != CHAPCS_RESPONSE)
\r
269 ChapSendResponse(cstate); /* re-send response */
\r
274 * ChapRechallenge - Time to challenge the peer again.
\r
276 static void ChapRechallenge(void *arg)
\r
278 chap_state *cstate = (chap_state *) arg;
\r
280 /* if we aren't sending a response, don't worry. */
\r
281 if (cstate->serverstate != CHAPSS_OPEN)
\r
284 ChapGenChallenge(cstate);
\r
285 ChapSendChallenge(cstate);
\r
286 cstate->serverstate = CHAPSS_RECHALLENGE;
\r
291 * ChapLowerUp - The lower layer is up.
\r
293 * Start up if we have pending requests.
\r
295 static void ChapLowerUp(int unit)
\r
297 chap_state *cstate = &chap[unit];
\r
299 if (cstate->clientstate == CHAPCS_INITIAL)
\r
300 cstate->clientstate = CHAPCS_CLOSED;
\r
301 else if (cstate->clientstate == CHAPCS_PENDING)
\r
302 cstate->clientstate = CHAPCS_LISTEN;
\r
304 if (cstate->serverstate == CHAPSS_INITIAL)
\r
305 cstate->serverstate = CHAPSS_CLOSED;
\r
306 else if (cstate->serverstate == CHAPSS_PENDING) {
\r
307 ChapGenChallenge(cstate);
\r
308 ChapSendChallenge(cstate);
\r
309 cstate->serverstate = CHAPSS_INITIAL_CHAL;
\r
315 * ChapLowerDown - The lower layer is down.
\r
317 * Cancel all timeouts.
\r
319 static void ChapLowerDown(int unit)
\r
321 chap_state *cstate = &chap[unit];
\r
323 /* Timeout(s) pending? Cancel if so. */
\r
324 if (cstate->serverstate == CHAPSS_INITIAL_CHAL ||
\r
325 cstate->serverstate == CHAPSS_RECHALLENGE)
\r
326 UNTIMEOUT(ChapChallengeTimeout, cstate);
\r
327 else if (cstate->serverstate == CHAPSS_OPEN
\r
328 && cstate->chal_interval != 0)
\r
329 UNTIMEOUT(ChapRechallenge, cstate);
\r
330 if (cstate->clientstate == CHAPCS_RESPONSE)
\r
331 UNTIMEOUT(ChapResponseTimeout, cstate);
\r
333 cstate->clientstate = CHAPCS_INITIAL;
\r
334 cstate->serverstate = CHAPSS_INITIAL;
\r
339 * ChapProtocolReject - Peer doesn't grok CHAP.
\r
341 static void ChapProtocolReject(int unit)
\r
343 chap_state *cstate = &chap[unit];
\r
345 if (cstate->serverstate != CHAPSS_INITIAL &&
\r
346 cstate->serverstate != CHAPSS_CLOSED)
\r
347 auth_peer_fail(unit, PPP_CHAP);
\r
348 if (cstate->clientstate != CHAPCS_INITIAL &&
\r
349 cstate->clientstate != CHAPCS_CLOSED)
\r
350 auth_withpeer_fail(unit, PPP_CHAP);
\r
351 ChapLowerDown(unit); /* shutdown chap */
\r
356 * ChapInput - Input CHAP packet.
\r
358 static void ChapInput(int unit, u_char *inpacket, int packet_len)
\r
360 chap_state *cstate = &chap[unit];
\r
366 * Parse header (code, id and length).
\r
367 * If packet too short, drop it.
\r
370 if (packet_len < CHAP_HEADERLEN) {
\r
371 CHAPDEBUG((LOG_INFO, "ChapInput: rcvd short header.\n"));
\r
374 GETCHAR(code, inp);
\r
376 GETSHORT(len, inp);
\r
377 if (len < CHAP_HEADERLEN) {
\r
378 CHAPDEBUG((LOG_INFO, "ChapInput: rcvd illegal length.\n"));
\r
381 if (len > packet_len) {
\r
382 CHAPDEBUG((LOG_INFO, "ChapInput: rcvd short packet.\n"));
\r
385 len -= CHAP_HEADERLEN;
\r
388 * Action depends on code (as in fact it usually does :-).
\r
391 case CHAP_CHALLENGE:
\r
392 ChapReceiveChallenge(cstate, inp, id, len);
\r
395 case CHAP_RESPONSE:
\r
396 ChapReceiveResponse(cstate, inp, id, len);
\r
400 ChapReceiveFailure(cstate, inp, id, len);
\r
404 ChapReceiveSuccess(cstate, inp, id, len);
\r
407 default: /* Need code reject? */
\r
408 CHAPDEBUG((LOG_WARNING, "Unknown CHAP code (%d) received.\n", code));
\r
415 * ChapReceiveChallenge - Receive Challenge and send Response.
\r
417 static void ChapReceiveChallenge(chap_state *cstate, u_char *inp, int id, int len)
\r
419 int rchallenge_len;
\r
420 u_char *rchallenge;
\r
422 char secret[MAXSECRETLEN];
\r
423 char rhostname[256];
\r
425 u_char hash[MD5_SIGNATURE_SIZE];
\r
427 CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: Rcvd id %d.\n", id));
\r
428 if (cstate->clientstate == CHAPCS_CLOSED ||
\r
429 cstate->clientstate == CHAPCS_PENDING) {
\r
430 CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: in state %d\n",
\r
431 cstate->clientstate));
\r
436 CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: rcvd short packet.\n"));
\r
440 GETCHAR(rchallenge_len, inp);
\r
441 len -= sizeof (u_char) + rchallenge_len; /* now name field length */
\r
443 CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: rcvd short packet.\n"));
\r
447 INCPTR(rchallenge_len, inp);
\r
449 if (len >= sizeof(rhostname))
\r
450 len = sizeof(rhostname) - 1;
\r
451 BCOPY(inp, rhostname, len);
\r
452 rhostname[len] = '\000';
\r
454 CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: received name field '%s'\n",
\r
457 /* Microsoft doesn't send their name back in the PPP packet */
\r
458 if (ppp_settings.remote_name[0] != 0 && (ppp_settings.explicit_remote || rhostname[0] == 0)) {
\r
459 strncpy(rhostname, ppp_settings.remote_name, sizeof(rhostname));
\r
460 rhostname[sizeof(rhostname) - 1] = 0;
\r
461 CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: using '%s' as remote name\n",
\r
465 /* get secret for authenticating ourselves with the specified host */
\r
466 if (!get_secret(cstate->unit, cstate->resp_name, rhostname,
\r
467 secret, &secret_len, 0)) {
\r
468 secret_len = 0; /* assume null secret if can't find one */
\r
469 CHAPDEBUG((LOG_WARNING, "No CHAP secret found for authenticating us to %s\n", rhostname));
\r
472 /* cancel response send timeout if necessary */
\r
473 if (cstate->clientstate == CHAPCS_RESPONSE)
\r
474 UNTIMEOUT(ChapResponseTimeout, cstate);
\r
476 cstate->resp_id = id;
\r
477 cstate->resp_transmits = 0;
\r
479 /* generate MD based on negotiated type */
\r
480 switch (cstate->resp_type) {
\r
482 case CHAP_DIGEST_MD5:
\r
483 MD5Init(&mdContext);
\r
484 MD5Update(&mdContext, &cstate->resp_id, 1);
\r
485 MD5Update(&mdContext, (u_char*)secret, secret_len);
\r
486 MD5Update(&mdContext, rchallenge, rchallenge_len);
\r
487 MD5Final(hash, &mdContext);
\r
488 BCOPY(hash, cstate->response, MD5_SIGNATURE_SIZE);
\r
489 cstate->resp_length = MD5_SIGNATURE_SIZE;
\r
493 case CHAP_MICROSOFT:
\r
494 ChapMS(cstate, rchallenge, rchallenge_len, secret, secret_len);
\r
499 CHAPDEBUG((LOG_INFO, "unknown digest type %d\n", cstate->resp_type));
\r
503 BZERO(secret, sizeof(secret));
\r
504 ChapSendResponse(cstate);
\r
509 * ChapReceiveResponse - Receive and process response.
\r
511 static void ChapReceiveResponse(chap_state *cstate, u_char *inp, int id, int len)
\r
513 u_char *remmd, remmd_len;
\r
514 int secret_len, old_state;
\r
516 char rhostname[256];
\r
518 char secret[MAXSECRETLEN];
\r
519 u_char hash[MD5_SIGNATURE_SIZE];
\r
521 CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: Rcvd id %d.\n", id));
\r
523 if (cstate->serverstate == CHAPSS_CLOSED ||
\r
524 cstate->serverstate == CHAPSS_PENDING) {
\r
525 CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: in state %d\n",
\r
526 cstate->serverstate));
\r
530 if (id != cstate->chal_id)
\r
531 return; /* doesn't match ID of last challenge */
\r
534 * If we have received a duplicate or bogus Response,
\r
535 * we have to send the same answer (Success/Failure)
\r
536 * as we did for the first Response we saw.
\r
538 if (cstate->serverstate == CHAPSS_OPEN) {
\r
539 ChapSendStatus(cstate, CHAP_SUCCESS);
\r
542 if (cstate->serverstate == CHAPSS_BADAUTH) {
\r
543 ChapSendStatus(cstate, CHAP_FAILURE);
\r
548 CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: rcvd short packet.\n"));
\r
551 GETCHAR(remmd_len, inp); /* get length of MD */
\r
552 remmd = inp; /* get pointer to MD */
\r
553 INCPTR(remmd_len, inp);
\r
555 len -= sizeof (u_char) + remmd_len;
\r
557 CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: rcvd short packet.\n"));
\r
561 UNTIMEOUT(ChapChallengeTimeout, cstate);
\r
563 if (len >= sizeof(rhostname))
\r
564 len = sizeof(rhostname) - 1;
\r
565 BCOPY(inp, rhostname, len);
\r
566 rhostname[len] = '\000';
\r
568 CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: received name field: %s\n",
\r
572 * Get secret for authenticating them with us,
\r
573 * do the hash ourselves, and compare the result.
\r
575 code = CHAP_FAILURE;
\r
576 if (!get_secret(cstate->unit, rhostname, cstate->chal_name,
\r
577 secret, &secret_len, 1)) {
\r
578 /* CHAPDEBUG((LOG_WARNING, TL_CHAP, "No CHAP secret found for authenticating %s\n", rhostname)); */
\r
579 CHAPDEBUG((LOG_WARNING, "No CHAP secret found for authenticating %s\n",
\r
583 /* generate MD based on negotiated type */
\r
584 switch (cstate->chal_type) {
\r
586 case CHAP_DIGEST_MD5: /* only MD5 is defined for now */
\r
587 if (remmd_len != MD5_SIGNATURE_SIZE)
\r
588 break; /* it's not even the right length */
\r
589 MD5Init(&mdContext);
\r
590 MD5Update(&mdContext, &cstate->chal_id, 1);
\r
591 MD5Update(&mdContext, (u_char*)secret, secret_len);
\r
592 MD5Update(&mdContext, cstate->challenge, cstate->chal_len);
\r
593 MD5Final(hash, &mdContext);
\r
595 /* compare local and remote MDs and send the appropriate status */
\r
596 if (memcmp (hash, remmd, MD5_SIGNATURE_SIZE) == 0)
\r
597 code = CHAP_SUCCESS; /* they are the same! */
\r
601 CHAPDEBUG((LOG_INFO, "unknown digest type %d\n", cstate->chal_type));
\r
605 BZERO(secret, sizeof(secret));
\r
606 ChapSendStatus(cstate, code);
\r
608 if (code == CHAP_SUCCESS) {
\r
609 old_state = cstate->serverstate;
\r
610 cstate->serverstate = CHAPSS_OPEN;
\r
611 if (old_state == CHAPSS_INITIAL_CHAL) {
\r
612 auth_peer_success(cstate->unit, PPP_CHAP, rhostname, len);
\r
614 if (cstate->chal_interval != 0)
\r
615 TIMEOUT(ChapRechallenge, cstate, cstate->chal_interval);
\r
617 CHAPDEBUG((LOG_ERR, "CHAP peer authentication failed\n"));
\r
618 cstate->serverstate = CHAPSS_BADAUTH;
\r
619 auth_peer_fail(cstate->unit, PPP_CHAP);
\r
624 * ChapReceiveSuccess - Receive Success
\r
626 static void ChapReceiveSuccess(chap_state *cstate, u_char *inp, u_char id, int len)
\r
629 CHAPDEBUG((LOG_INFO, "ChapReceiveSuccess: Rcvd id %d.\n", id));
\r
631 if (cstate->clientstate == CHAPCS_OPEN)
\r
632 /* presumably an answer to a duplicate response */
\r
635 if (cstate->clientstate != CHAPCS_RESPONSE) {
\r
636 /* don't know what this is */
\r
637 CHAPDEBUG((LOG_INFO, "ChapReceiveSuccess: in state %d\n",
\r
638 cstate->clientstate));
\r
642 UNTIMEOUT(ChapResponseTimeout, cstate);
\r
648 PRINTMSG(inp, len);
\r
650 cstate->clientstate = CHAPCS_OPEN;
\r
652 auth_withpeer_success(cstate->unit, PPP_CHAP);
\r
657 * ChapReceiveFailure - Receive failure.
\r
659 static void ChapReceiveFailure(chap_state *cstate, u_char *inp, u_char id, int len)
\r
661 CHAPDEBUG((LOG_INFO, "ChapReceiveFailure: Rcvd id %d.\n", id));
\r
663 if (cstate->clientstate != CHAPCS_RESPONSE) {
\r
664 /* don't know what this is */
\r
665 CHAPDEBUG((LOG_INFO, "ChapReceiveFailure: in state %d\n",
\r
666 cstate->clientstate));
\r
670 UNTIMEOUT(ChapResponseTimeout, cstate);
\r
676 PRINTMSG(inp, len);
\r
678 CHAPDEBUG((LOG_ERR, "CHAP authentication failed\n"));
\r
679 auth_withpeer_fail(cstate->unit, PPP_CHAP);
\r
684 * ChapSendChallenge - Send an Authenticate challenge.
\r
686 static void ChapSendChallenge(chap_state *cstate)
\r
689 int chal_len, name_len;
\r
692 chal_len = cstate->chal_len;
\r
693 name_len = strlen(cstate->chal_name);
\r
694 outlen = CHAP_HEADERLEN + sizeof (u_char) + chal_len + name_len;
\r
695 outp = outpacket_buf[cstate->unit];
\r
697 MAKEHEADER(outp, PPP_CHAP); /* paste in a CHAP header */
\r
699 PUTCHAR(CHAP_CHALLENGE, outp);
\r
700 PUTCHAR(cstate->chal_id, outp);
\r
701 PUTSHORT(outlen, outp);
\r
703 PUTCHAR(chal_len, outp); /* put length of challenge */
\r
704 BCOPY(cstate->challenge, outp, chal_len);
\r
705 INCPTR(chal_len, outp);
\r
707 BCOPY(cstate->chal_name, outp, name_len); /* append hostname */
\r
709 pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN);
\r
711 CHAPDEBUG((LOG_INFO, "ChapSendChallenge: Sent id %d.\n", cstate->chal_id));
\r
713 TIMEOUT(ChapChallengeTimeout, cstate, cstate->timeouttime);
\r
714 ++cstate->chal_transmits;
\r
719 * ChapSendStatus - Send a status response (ack or nak).
\r
721 static void ChapSendStatus(chap_state *cstate, int code)
\r
724 int outlen, msglen;
\r
727 if (code == CHAP_SUCCESS)
\r
728 strcpy(msg, "Welcome!");
\r
730 strcpy(msg, "I don't like you. Go 'way.");
\r
731 msglen = strlen(msg);
\r
733 outlen = CHAP_HEADERLEN + msglen;
\r
734 outp = outpacket_buf[cstate->unit];
\r
736 MAKEHEADER(outp, PPP_CHAP); /* paste in a header */
\r
738 PUTCHAR(code, outp);
\r
739 PUTCHAR(cstate->chal_id, outp);
\r
740 PUTSHORT(outlen, outp);
\r
741 BCOPY(msg, outp, msglen);
\r
742 pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN);
\r
744 CHAPDEBUG((LOG_INFO, "ChapSendStatus: Sent code %d, id %d.\n", code,
\r
749 * ChapGenChallenge is used to generate a pseudo-random challenge string of
\r
750 * a pseudo-random length between min_len and max_len. The challenge
\r
751 * string and its length are stored in *cstate, and various other fields of
\r
752 * *cstate are initialized.
\r
755 static void ChapGenChallenge(chap_state *cstate)
\r
758 u_char *ptr = cstate->challenge;
\r
761 /* pick a random challenge length between MIN_CHALLENGE_LENGTH and
\r
762 MAX_CHALLENGE_LENGTH */
\r
763 chal_len = (unsigned)
\r
764 ((((magic() >> 16) *
\r
765 (MAX_CHALLENGE_LENGTH - MIN_CHALLENGE_LENGTH)) >> 16)
\r
766 + MIN_CHALLENGE_LENGTH);
\r
767 cstate->chal_len = chal_len;
\r
768 cstate->chal_id = ++cstate->id;
\r
769 cstate->chal_transmits = 0;
\r
771 /* generate a random string */
\r
772 for (i = 0; i < chal_len; i++ )
\r
773 *ptr++ = (char) (magic() & 0xff);
\r
777 * ChapSendResponse - send a response packet with values as specified
\r
781 static void ChapSendResponse(chap_state *cstate)
\r
784 int outlen, md_len, name_len;
\r
786 md_len = cstate->resp_length;
\r
787 name_len = strlen(cstate->resp_name);
\r
788 outlen = CHAP_HEADERLEN + sizeof (u_char) + md_len + name_len;
\r
789 outp = outpacket_buf[cstate->unit];
\r
791 MAKEHEADER(outp, PPP_CHAP);
\r
793 PUTCHAR(CHAP_RESPONSE, outp); /* we are a response */
\r
794 PUTCHAR(cstate->resp_id, outp); /* copy id from challenge packet */
\r
795 PUTSHORT(outlen, outp); /* packet length */
\r
797 PUTCHAR(md_len, outp); /* length of MD */
\r
798 BCOPY(cstate->response, outp, md_len); /* copy MD to buffer */
\r
799 INCPTR(md_len, outp);
\r
801 BCOPY(cstate->resp_name, outp, name_len); /* append our name */
\r
803 /* send the packet */
\r
804 pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN);
\r
806 cstate->clientstate = CHAPCS_RESPONSE;
\r
807 TIMEOUT(ChapResponseTimeout, cstate, cstate->timeouttime);
\r
808 ++cstate->resp_transmits;
\r
812 * ChapPrintPkt - print the contents of a CHAP packet.
\r
814 static int ChapPrintPkt(
\r
817 void (*printer) (void *, char *, ...),
\r
825 if (plen < CHAP_HEADERLEN)
\r
830 if (len < CHAP_HEADERLEN || len > plen)
\r
833 if (code >= 1 && code <= sizeof(ChapCodenames) / sizeof(char *))
\r
834 printer(arg, " %s", ChapCodenames[code-1]);
\r
836 printer(arg, " code=0x%x", code);
\r
837 printer(arg, " id=0x%x", id);
\r
838 len -= CHAP_HEADERLEN;
\r
840 case CHAP_CHALLENGE:
\r
841 case CHAP_RESPONSE:
\r
845 if (len < clen + 1)
\r
848 nlen = len - clen - 1;
\r
849 printer(arg, " <");
\r
850 for (; clen > 0; --clen) {
\r
852 printer(arg, "%.2x", x);
\r
854 printer(arg, ">, name = %.*Z", nlen, p);
\r
858 printer(arg, " %.*Z", len, p);
\r
861 for (clen = len; clen > 0; --clen) {
\r
863 printer(arg, " %.2x", x);
\r
867 return len + CHAP_HEADERLEN;
\r
872 #endif /* PPP_SUPPORT */
\r