Subversion Repositories openrisc

//==========================================================================

//

//      src/chap.c

//

//==========================================================================

// ####ECOSGPLCOPYRIGHTBEGIN####                                            

// -------------------------------------------                              

// This file is part of eCos, the Embedded Configurable Operating System.   

// Copyright (C) 2003 Free Software Foundation, Inc.                        

//

// eCos is free software; you can redistribute it and/or modify it under    

// the terms of the GNU General Public License as published by the Free     

// Software Foundation; either version 2 or (at your option) any later      

// version.                                                                 

//

// eCos is distributed in the hope that it will be useful, but WITHOUT      

// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or    

// FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License    

// for more details.                                                        

//

// You should have received a copy of the GNU General Public License        

// along with eCos; if not, write to the Free Software Foundation, Inc.,    

// 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.            

//

// As a special exception, if other files instantiate templates or use      

// macros or inline functions from this file, or you compile this file      

// and link it with other works to produce a work based on this file,       

// this file does not by itself cause the resulting work to be covered by   

// the GNU General Public License. However the source code for this file    

// must still be made available in accordance with section (3) of the GNU   

// General Public License v2.                                               

//

// This exception does not invalidate any other reasons why a work based    

// on this file might be covered by the GNU General Public License.         

// -------------------------------------------                              

// ####ECOSGPLCOPYRIGHTEND####                                              

// ####BSDALTCOPYRIGHTBEGIN####                                             

// -------------------------------------------                              

// Portions of this software may have been derived from FreeBSD, OpenBSD,   

// or other sources, and if so are covered by the appropriate copyright     

// and license included herein.                                             

// -------------------------------------------                              

// ####BSDALTCOPYRIGHTEND####                                               

//==========================================================================

/*

 * chap.c - Challenge Handshake Authentication Protocol.

 *

 * Copyright (c) 1993 The Australian National University.

 * All rights reserved.

 *

 * Redistribution and use in source and binary forms are permitted

 * provided that the above copyright notice and this paragraph are

 * duplicated in all such forms and that any documentation,

 * advertising materials, and other materials related to such

 * distribution and use acknowledge that the software was developed

 * by the Australian National University.  The name of the University

 * may not be used to endorse or promote products derived from this

 * software without specific prior written permission.

 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR

 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED

 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.

 *

 * Copyright (c) 1991 Gregory M. Christy.

 * All rights reserved.

 *

 * Redistribution and use in source and binary forms are permitted

 * provided that the above copyright notice and this paragraph are

 * duplicated in all such forms and that any documentation,

 * advertising materials, and other materials related to such

 * distribution and use acknowledge that the software was developed

 * by Gregory M. Christy.  The name of the author may not be used to

 * endorse or promote products derived from this software without

 * specific prior written permission.

 *

 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR

 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED

 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.

 */

#ifndef lint

//static char rcsid[] = "$FreeBSD: src/usr.sbin/pppd/chap.c,v 1.10 1999/08/28 01:19:01 peter Exp $";

#endif

/*

 * TODO:

 */

#include <stdio.h>

#include <string.h>

#include <sys/types.h>

#include <sys/time.h>

#include <cyg/ppp/syslog.h>

#include <sys/md5.h>

#include "cyg/ppp/pppd.h"

#include "cyg/ppp/chap.h"

//#include "md5.h"

#ifdef CHAPMS

#include "cyg/ppp/chap_ms.h"

#endif

/*

 * Protocol entry points.

 */

static void ChapInit __P((int));

static void ChapLowerUp __P((int));

static void ChapLowerDown __P((int));

static void ChapInput __P((int, u_char *, int));

static void ChapProtocolReject __P((int));

static int  ChapPrintPkt __P((u_char *, int,

                              void (*) __P((void *, char *, ...)), void *));

struct protent chap_protent = {

    PPP_CHAP,

    ChapInit,

    ChapInput,

    ChapProtocolReject,

    ChapLowerUp,

    ChapLowerDown,

    NULL,

    NULL,

    ChapPrintPkt,

    NULL,

    1,

    "CHAP",

    NULL,

    NULL,

    NULL

};

chap_state chap[NUM_PPP];               /* CHAP state; one for each unit */

static void ChapChallengeTimeout __P((void *));

static void ChapResponseTimeout __P((void *));

static void ChapReceiveChallenge __P((chap_state *, u_char *, int, int));

static void ChapRechallenge __P((void *));

static void ChapReceiveResponse __P((chap_state *, u_char *, int, int));

static void ChapReceiveSuccess __P((chap_state *, u_char *, int, int));

static void ChapReceiveFailure __P((chap_state *, u_char *, int, int));

static void ChapSendStatus __P((chap_state *, int));

static void ChapSendChallenge __P((chap_state *));

static void ChapSendResponse __P((chap_state *));

static void ChapGenChallenge __P((chap_state *));

extern double drand48 __P((void));

extern void srand48 __P((long));

/*

 * ChapInit - Initialize a CHAP unit.

 */

static void

ChapInit(unit)

    int unit;

{

    chap_state *cstate = &chap[unit];

    BZERO(cstate, sizeof(*cstate));

    cstate->unit = unit;

    cstate->clientstate = CHAPCS_INITIAL;

    cstate->serverstate = CHAPSS_INITIAL;

    cstate->timeouttime = CHAP_DEFTIMEOUT;

    cstate->max_transmits = CHAP_DEFTRANSMITS;

    /* random number generator is initialized in magic_init */

}

/*

 * ChapAuthWithPeer - Authenticate us with our peer (start client).

 *

 */

void

ChapAuthWithPeer(unit, our_name, digest)

    int unit;

    char *our_name;

    int digest;

{

    chap_state *cstate = &chap[unit];

    cstate->resp_name = our_name;

    cstate->resp_type = digest;

    if (cstate->clientstate == CHAPCS_INITIAL ||

        cstate->clientstate == CHAPCS_PENDING) {

        /* lower layer isn't up - wait until later */

        cstate->clientstate = CHAPCS_PENDING;

        return;

    }

    /*

     * We get here as a result of LCP coming up.

     * So even if CHAP was open before, we will

     * have to re-authenticate ourselves.

     */

    cstate->clientstate = CHAPCS_LISTEN;

}

/*

 * ChapAuthPeer - Authenticate our peer (start server).

 */

void

ChapAuthPeer(unit, our_name, digest)

    int unit;

    char *our_name;

    int digest;

{

    chap_state *cstate = &chap[unit];

    cstate->chal_name = our_name;

    cstate->chal_type = digest;

    if (cstate->serverstate == CHAPSS_INITIAL ||

        cstate->serverstate == CHAPSS_PENDING) {

        /* lower layer isn't up - wait until later */

        cstate->serverstate = CHAPSS_PENDING;

        return;

    }

    ChapGenChallenge(cstate);

    ChapSendChallenge(cstate);          /* crank it up dude! */

    cstate->serverstate = CHAPSS_INITIAL_CHAL;

}

/*

 * ChapChallengeTimeout - Timeout expired on sending challenge.

 */

static void

ChapChallengeTimeout(arg)

    void *arg;

{

    chap_state *cstate = (chap_state *) arg;

    /* if we aren't sending challenges, don't worry.  then again we */

    /* probably shouldn't be here either */

    if (cstate->serverstate != CHAPSS_INITIAL_CHAL &&

        cstate->serverstate != CHAPSS_RECHALLENGE)

        return;

    if (cstate->chal_transmits >= cstate->max_transmits) {

        /* give up on peer */

        syslog(LOG_ERR, "Peer failed to respond to CHAP challenge");

        cstate->serverstate = CHAPSS_BADAUTH;

        auth_peer_fail(cstate->unit, PPP_CHAP);

        return;

    }

    ChapSendChallenge(cstate);          /* Re-send challenge */

}

/*

 * ChapResponseTimeout - Timeout expired on sending response.

 */

static void

ChapResponseTimeout(arg)

    void *arg;

{

    chap_state *cstate = (chap_state *) arg;

    /* if we aren't sending a response, don't worry. */

    if (cstate->clientstate != CHAPCS_RESPONSE)

        return;

    ChapSendResponse(cstate);           /* re-send response */

}

/*

 * ChapRechallenge - Time to challenge the peer again.

 */

static void

ChapRechallenge(arg)

    void *arg;

{

    chap_state *cstate = (chap_state *) arg;

    /* if we aren't sending a response, don't worry. */

    if (cstate->serverstate != CHAPSS_OPEN)

        return;

    ChapGenChallenge(cstate);

    ChapSendChallenge(cstate);

    cstate->serverstate = CHAPSS_RECHALLENGE;

}

/*

 * ChapLowerUp - The lower layer is up.

 *

 * Start up if we have pending requests.

 */

static void

ChapLowerUp(unit)

    int unit;

{

    chap_state *cstate = &chap[unit];

    if (cstate->clientstate == CHAPCS_INITIAL)

        cstate->clientstate = CHAPCS_CLOSED;

    else if (cstate->clientstate == CHAPCS_PENDING)

        cstate->clientstate = CHAPCS_LISTEN;

    if (cstate->serverstate == CHAPSS_INITIAL)

        cstate->serverstate = CHAPSS_CLOSED;

    else if (cstate->serverstate == CHAPSS_PENDING) {

        ChapGenChallenge(cstate);

        ChapSendChallenge(cstate);

        cstate->serverstate = CHAPSS_INITIAL_CHAL;

    }

}

/*

 * ChapLowerDown - The lower layer is down.

 *

 * Cancel all timeouts.

 */

static void

ChapLowerDown(unit)

    int unit;

{

    chap_state *cstate = &chap[unit];

    /* Timeout(s) pending?  Cancel if so. */

    if (cstate->serverstate == CHAPSS_INITIAL_CHAL ||

        cstate->serverstate == CHAPSS_RECHALLENGE)

        UNTIMEOUT(ChapChallengeTimeout, cstate);

    else if (cstate->serverstate == CHAPSS_OPEN

             && cstate->chal_interval != 0)

        UNTIMEOUT(ChapRechallenge, cstate);

    if (cstate->clientstate == CHAPCS_RESPONSE)

        UNTIMEOUT(ChapResponseTimeout, cstate);

    cstate->clientstate = CHAPCS_INITIAL;

    cstate->serverstate = CHAPSS_INITIAL;

}

/*

 * ChapProtocolReject - Peer doesn't grok CHAP.

 */

static void

ChapProtocolReject(unit)

    int unit;

{

    chap_state *cstate = &chap[unit];

    if (cstate->serverstate != CHAPSS_INITIAL &&

        cstate->serverstate != CHAPSS_CLOSED)

        auth_peer_fail(unit, PPP_CHAP);

    if (cstate->clientstate != CHAPCS_INITIAL &&

        cstate->clientstate != CHAPCS_CLOSED)

        auth_withpeer_fail(unit, PPP_CHAP);

    ChapLowerDown(unit);                /* shutdown chap */

}

/*

 * ChapInput - Input CHAP packet.

 */

static void

ChapInput(unit, inpacket, packet_len)

    int unit;

    u_char *inpacket;

    int packet_len;

{

    chap_state *cstate = &chap[unit];

    u_char *inp;

    u_char code, id;

    int len;

    /*

     * Parse header (code, id and length).

     * If packet too short, drop it.

     */

    inp = inpacket;

    if (packet_len < CHAP_HEADERLEN) {

        CHAPDEBUG((LOG_INFO, "ChapInput: rcvd short header."));

        return;

    }

    GETCHAR(code, inp);

    GETCHAR(id, inp);

    GETSHORT(len, inp);

    if (len < CHAP_HEADERLEN) {

        CHAPDEBUG((LOG_INFO, "ChapInput: rcvd illegal length."));

        return;

    }

    if (len > packet_len) {

        CHAPDEBUG((LOG_INFO, "ChapInput: rcvd short packet."));

        return;

    }

    len -= CHAP_HEADERLEN;

    /*

     * Action depends on code (as in fact it usually does :-).

     */

    switch (code) {

    case CHAP_CHALLENGE:

        ChapReceiveChallenge(cstate, inp, id, len);

        break;

    case CHAP_RESPONSE:

        ChapReceiveResponse(cstate, inp, id, len);

        break;

    case CHAP_FAILURE:

        ChapReceiveFailure(cstate, inp, id, len);

        break;

    case CHAP_SUCCESS:

        ChapReceiveSuccess(cstate, inp, id, len);

        break;

    default:                            /* Need code reject? */

        syslog(LOG_WARNING, "Unknown CHAP code (%d) received.", code);

        break;

    }

}

/*

 * ChapReceiveChallenge - Receive Challenge and send Response.

 */

static void

ChapReceiveChallenge(cstate, inp, id, len)

    chap_state *cstate;

    u_char *inp;

    int id;

    int len;

{

    int rchallenge_len;

    u_char *rchallenge;

    int secret_len;

    char secret[MAXSECRETLEN];

    char rhostname[256];

    MD5_CTX mdContext;

    u_char hash[MD5_SIGNATURE_SIZE];

    CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: Rcvd id %d.", id));

    if (cstate->clientstate == CHAPCS_CLOSED ||

        cstate->clientstate == CHAPCS_PENDING) {

        CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: in state %d",

                   cstate->clientstate));

        return;

    }

    if (len < 2) {

        CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: rcvd short packet."));

        return;

    }

    GETCHAR(rchallenge_len, inp);

    len -= sizeof (u_char) + rchallenge_len;    /* now name field length */

    if (len < 0) {

        CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: rcvd short packet."));

        return;

    }

    rchallenge = inp;

    INCPTR(rchallenge_len, inp);

    if (len >= sizeof(rhostname))

        len = sizeof(rhostname) - 1;

    BCOPY(inp, rhostname, len);

    rhostname[len] = '\000';

    CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: received name field '%s'",

               rhostname));

    /* Microsoft doesn't send their name back in the PPP packet */

    if (remote_name[0] != 0 && (explicit_remote || rhostname[0] == 0)) {

        strncpy(rhostname, remote_name, sizeof(rhostname));

        rhostname[sizeof(rhostname) - 1] = 0;

        CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: using '%s' as remote name",

                   rhostname));

    }

    /* get secret for authenticating ourselves with the specified host */

    if (!get_secret(cstate->unit, cstate->resp_name, rhostname,

                    secret, &secret_len, 0)) {

        secret_len = 0;          /* assume null secret if can't find one */

        syslog(LOG_WARNING, "No CHAP secret found for authenticating us to %s",

               rhostname);

    }

    /* cancel response send timeout if necessary */

    if (cstate->clientstate == CHAPCS_RESPONSE)

        UNTIMEOUT(ChapResponseTimeout, cstate);

    cstate->resp_id = id;

    cstate->resp_transmits = 0;

    /*  generate MD based on negotiated type */

    switch (cstate->resp_type) {

    case CHAP_DIGEST_MD5:

        MD5Init(&mdContext);

        MD5Update(&mdContext, &cstate->resp_id, 1);

        MD5Update(&mdContext, (u_char *)secret, secret_len);

        MD5Update(&mdContext, rchallenge, rchallenge_len);

        MD5Final(hash, &mdContext);

        BCOPY(hash, cstate->response, MD5_SIGNATURE_SIZE);

        cstate->resp_length = MD5_SIGNATURE_SIZE;

        break;

#ifdef CHAPMS

    case CHAP_MICROSOFT:

        ChapMS(cstate, rchallenge, rchallenge_len, secret, secret_len);

        break;

#endif

    default:

        CHAPDEBUG((LOG_INFO, "unknown digest type %d", cstate->resp_type));

        return;

    }

    BZERO(secret, sizeof(secret));

    ChapSendResponse(cstate);

}

/*

 * ChapReceiveResponse - Receive and process response.

 */

static void

ChapReceiveResponse(cstate, inp, id, len)

    chap_state *cstate;

    u_char *inp;

    int id;

    int len;

{

    u_char *remmd, remmd_len;

    int secret_len, old_state;

    int code;

    char rhostname[256];

    MD5_CTX mdContext;

    char secret[MAXSECRETLEN];

    u_char hash[MD5_SIGNATURE_SIZE];

    CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: Rcvd id %d.", id));

    if (cstate->serverstate == CHAPSS_CLOSED ||

        cstate->serverstate == CHAPSS_PENDING) {

        CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: in state %d",

                   cstate->serverstate));

        return;

    }

    if (id != cstate->chal_id)

        return;                 /* doesn't match ID of last challenge */

    /*

     * If we have received a duplicate or bogus Response,

     * we have to send the same answer (Success/Failure)

     * as we did for the first Response we saw.

     */

    if (cstate->serverstate == CHAPSS_OPEN) {

        ChapSendStatus(cstate, CHAP_SUCCESS);

        return;

    }

    if (cstate->serverstate == CHAPSS_BADAUTH) {

        ChapSendStatus(cstate, CHAP_FAILURE);

        return;

    }

    if (len < 2) {

        CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: rcvd short packet."));

        return;

    }

    GETCHAR(remmd_len, inp);            /* get length of MD */

    remmd = inp;                        /* get pointer to MD */

    INCPTR(remmd_len, inp);

    len -= sizeof (u_char) + remmd_len;

    if (len < 0) {

        CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: rcvd short packet."));

        return;

    }

    UNTIMEOUT(ChapChallengeTimeout, cstate);

    if (len >= sizeof(rhostname))

        len = sizeof(rhostname) - 1;

    BCOPY(inp, rhostname, len);

    rhostname[len] = '\000';

    CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: received name field: %s",

               rhostname));

    /*

     * Get secret for authenticating them with us,

     * do the hash ourselves, and compare the result.

     */

    code = CHAP_FAILURE;

    if (!get_secret(cstate->unit, rhostname, cstate->chal_name,

                   secret, &secret_len, 1)) {

        syslog(LOG_WARNING, "No CHAP secret found for authenticating %s",

               rhostname);

    } else {

        /*  generate MD based on negotiated type */

        switch (cstate->chal_type) {

        case CHAP_DIGEST_MD5:           /* only MD5 is defined for now */

            if (remmd_len != MD5_SIGNATURE_SIZE)

                break;                  /* it's not even the right length */

            MD5Init(&mdContext);

            MD5Update(&mdContext, &cstate->chal_id, 1);

            MD5Update(&mdContext, (u_char *)secret, secret_len);

            MD5Update(&mdContext, cstate->challenge, cstate->chal_len);

            MD5Final(hash, &mdContext);

            /* compare local and remote MDs and send the appropriate status */

            if (memcmp (hash, remmd, MD5_SIGNATURE_SIZE) == 0)

                code = CHAP_SUCCESS;    /* they are the same! */

            break;

        default:

            CHAPDEBUG((LOG_INFO, "unknown digest type %d", cstate->chal_type));

        }

    }

    BZERO(secret, sizeof(secret));

    ChapSendStatus(cstate, code);

    if (code == CHAP_SUCCESS) {

        old_state = cstate->serverstate;

        cstate->serverstate = CHAPSS_OPEN;

        if (old_state == CHAPSS_INITIAL_CHAL) {

            auth_peer_success(cstate->unit, PPP_CHAP, rhostname, len);

        }

        if (cstate->chal_interval != 0)

            TIMEOUT(ChapRechallenge, cstate, cstate->chal_interval);

        syslog(LOG_NOTICE, "CHAP peer authentication succeeded for %s",

               rhostname);

    } else {

        syslog(LOG_ERR, "CHAP peer authentication failed for remote host %s",

               rhostname);

        cstate->serverstate = CHAPSS_BADAUTH;

        auth_peer_fail(cstate->unit, PPP_CHAP);

    }

}

/*

 * ChapReceiveSuccess - Receive Success

 */

static void

ChapReceiveSuccess(cstate, inp, id, len)

    chap_state *cstate;

    u_char *inp;

    u_char id;

    int len;

{

    CHAPDEBUG((LOG_INFO, "ChapReceiveSuccess: Rcvd id %d.", id));

    if (cstate->clientstate == CHAPCS_OPEN)

        /* presumably an answer to a duplicate response */

        return;

    if (cstate->clientstate != CHAPCS_RESPONSE) {

        /* don't know what this is */

        CHAPDEBUG((LOG_INFO, "ChapReceiveSuccess: in state %d\n",

                   cstate->clientstate));

        return;

    }

    UNTIMEOUT(ChapResponseTimeout, cstate);

    /*

     * Print message.

     */

    if (len > 0)

        PRINTMSG(inp, len);

    cstate->clientstate = CHAPCS_OPEN;

    auth_withpeer_success(cstate->unit, PPP_CHAP);

}

/*

 * ChapReceiveFailure - Receive failure.

 */

static void

ChapReceiveFailure(cstate, inp, id, len)

    chap_state *cstate;

    u_char *inp;

    u_char id;

    int len;

{

    CHAPDEBUG((LOG_INFO, "ChapReceiveFailure: Rcvd id %d.", id));

    if (cstate->clientstate != CHAPCS_RESPONSE) {

        /* don't know what this is */

        CHAPDEBUG((LOG_INFO, "ChapReceiveFailure: in state %d\n",

                   cstate->clientstate));

        return;

    }