/***************************************************************************** 函 数 名 : chap_Success 功能描述 : 构造Success帧并发送 输入参数 : l - PPP链接 输出参数 : 无 返 回 值 : 无 调用函数 : 被调函数 : 修改历史 : 1.日 期 : 2008年10月25日 作 者 : liukai 修改内容 : porting from BSD *****************************************************************************/ static VOS_VOID chap_Success(struct link *l) { struct authinfo *authp = &(l->chap.auth); const VOS_CHAR *pcMsg = "Welcome!!"; /* follow BSD use "Welcome!!" as message */ /* Success body: */ /* * ------------- * | Message | * ------------- */ ChapOutput(l, CHAP_SUCCESS, authp->id, (VOS_UCHAR *)pcMsg, VOS_StrLen((VOS_CHAR *)pcMsg), VOS_NULL_PTR); l->lcp.auth_ineed = 0; /* after Authentication, clear flag to authenticate peer */ if (0 == l->lcp.auth_iwait) /* auth_iwait: 0, authentication to peer is not complete or no need to authentication, !0, authentication to peer is complete */ { /* * Either I didn't need to authenticate, or I've already been * told that I got the answer right. */ chap_ReInit(&(l->chap)); if (PHASE_AUTHENTICATE == l->phase) { l->phase = PHASE_NETWORK; l->ipcp.fsm.state = ST_CLOSED; fsm_Open(&(l->ipcp.fsm)); PPP_MNTN_LOG(PS_PID_APP_PPP, 0, PS_PRINT_NORMAL, "goto ipcp stage!\r\n"); } } return; } /* chap_Success */
static void datalink_AuthReInit(struct datalink *dl) { auth_StopTimer(&dl->pap); auth_StopTimer(&dl->chap.auth); chap_ReInit(&dl->chap); }
/***************************************************************************** 函 数 名 : chap_Input 功能描述 : 收到CHAP帧的处理入口函数 输入参数 : l - PPP链接 pstMem - 收到的CHAP帧 输出参数 : 无 返 回 值 : NULL 调用函数 : 被调函数 : 修改历史 : 1.日 期 : 2008年10月24日 作 者 : liukai 修改内容 : porting from BSD *****************************************************************************/ PPP_ZC_STRU *chap_Input(struct link *l, PPP_ZC_STRU *pstMem) { struct chap *chap; VOS_INT32 len; VOS_UCHAR alen; /* answer length: challenge or response body length */ struct ppp_mbuf *bp; VOS_UCHAR aucHashValue[MD5DIGESTSIZE]; bp = ppp_m_get_from_ttfmem(pstMem); PPP_MemFree(pstMem); if (VOS_NULL_PTR == bp) { return VOS_NULL_PTR; } if (VOS_NULL_PTR == l) { PPP_MNTN_LOG(PS_PID_APP_PPP, 0, PS_PRINT_WARNING, "Chap Input: Not a physical link - dropped\r\n"); ppp_m_freem(bp); return VOS_NULL_PTR; } if ((PHASE_NETWORK != l->phase) && (PHASE_AUTHENTICATE != l->phase)) { PPP_MNTN_LOG(PS_PID_APP_PPP, 0, PS_PRINT_NORMAL, "Unexpected Chap input - dropped\r\n"); ppp_m_freem(bp); return VOS_NULL_PTR; } chap = &(l->chap); if ((VOS_NULL_PTR == (bp = auth_ReadHeader(&chap->auth, bp))) && (0 == VOS_NTOHS(chap->auth.in.hdr.length))) { PPP_MNTN_LOG(PS_PID_APP_PPP, 0, PS_PRINT_WARNING, "Chap Input: Truncated header\r\n"); } else if ((0 == chap->auth.in.hdr.code) || ((VOS_UINT8)(chap->auth.in.hdr.code) > MAXCHAPCODE)) { PPP_MNTN_LOG1(PS_PID_APP_PPP, 0, LOG_LEVEL_WARNING, "Chap Input: Bad CHAP code %d !\r\n", chap->auth.in.hdr.code); } else { len = ppp_m_length(bp); /* Identifier of rx-ed Response, Success, Fail should match Challenge tx-ed */ if ((CHAP_CHALLENGE != chap->auth.in.hdr.code) && (chap->auth.id != chap->auth.in.hdr.id)) { /* Wrong conversation dude ! */ PPP_MNTN_LOG3(PS_PID_APP_PPP, 0, PS_PRINT_NORMAL, "Chap Input: code <1> dropped (got id <2> not equal to previous id <3>)\r\n", chap->auth.in.hdr.code, chap->auth.in.hdr.id, chap->auth.id); ppp_m_freem(bp); return VOS_NULL_PTR; } chap->auth.id = chap->auth.in.hdr.id; /* We respond with this id */ if (CHAP_CHALLENGE == chap->auth.in.hdr.code) /* rx-ed challenge */ { bp = ppp_mbuf_Read(bp, &alen, 1); /* fetch length of peer's challenge */ len -= (alen + 1); /* after this step, len is length of peer's name */ if (len < 0) { PPP_MNTN_LOG2(PS_PID_APP_PPP, 0, LOG_LEVEL_WARNING, "Chap Input: Truncated challenge (len %d, alen %d)!\r\n", len, alen); ppp_m_freem(bp); return VOS_NULL_PTR; } if (AUTHLEN < len) { PPP_MNTN_LOG2(PS_PID_APP_PPP, 0, LOG_LEVEL_WARNING, "Chap Input: name of challenge too long (len %d, alen %d)!\r\n", len, alen); ppp_m_freem(bp); return VOS_NULL_PTR; } if (CHAPCHALLENGELEN < alen) { PPP_MNTN_LOG1(PS_PID_APP_PPP, 0, LOG_LEVEL_WARNING, "Chap Input: challenge too long (len %d)!\r\n", alen); ppp_m_freem(bp); return VOS_NULL_PTR; } *chap->challenge.peer = alen; bp = ppp_mbuf_Read(bp, chap->challenge.peer + 1, alen); /* record peer's challenge */ bp = auth_ReadName(&chap->auth, bp, len); /* record peer's name */ if (*chap->auth.in.name) /* challenge with name */ { PPP_MNTN_LOG2(PS_PID_APP_PPP, 0, LOG_LEVEL_WARNING, "Chap Input: challenge (len %d, alen %d) with name\r\n", len, alen); } else /* without name */ { PPP_MNTN_LOG2(PS_PID_APP_PPP, 0, LOG_LEVEL_WARNING, "Chap Input: challenge (len %d, alen %d) without name\r\n", len, alen); } chap_Respond(l, "HUAWEI_CHAP_CLNT"); /* we always use "HUAWEI_CHAP_CLNT" as Name of Response */ } /* end of rx-ed challenge */ else if (CHAP_RESPONSE == chap->auth.in.hdr.code) /* rx-ed response */ { bp = ppp_mbuf_Read(bp, &alen, 1); /* read HASH-Size */ if (MD5DIGESTSIZE != alen) /* as just support MD5, must be 16 octets */ { PPP_MNTN_LOG1(PS_PID_APP_PPP, 0, LOG_LEVEL_WARNING, "Chap Input: Hash-Size %f is not correct !\r\n", alen); ppp_m_freem(bp); return VOS_NULL_PTR; } len -= (alen + 1); /* after this step, len is length of Name Field */ if (len < 0) { PPP_MNTN_LOG2(PS_PID_APP_PPP, 0, LOG_LEVEL_WARNING, "Chap Input: Truncated response (len %d, alen %d)!\r\n", len, alen); ppp_m_freem(bp); return VOS_NULL_PTR; } if (AUTHLEN < len) { PPP_MNTN_LOG2(PS_PID_APP_PPP, 0, LOG_LEVEL_WARNING, "Chap Input: name of response too long (len %d, alen %d)!\r\n", len, alen); ppp_m_freem(bp); return VOS_NULL_PTR; } bp = ppp_mbuf_Read(bp, aucHashValue, MD5DIGESTSIZE); /* cut HASH value */ bp = auth_ReadName(&chap->auth, bp, len); if (*chap->auth.in.name) { PPP_MNTN_LOG2(PS_PID_APP_PPP, 0, PS_PRINT_NORMAL,"Chap Input: response (len <1>, alen <2>) with name\r\n", len, alen); } else { PPP_MNTN_LOG2(PS_PID_APP_PPP, 0, PS_PRINT_NORMAL,"Chap Input: response (len <1>, alen <2>) without name\r\n", len, alen); } if (PHASE_AUTHENTICATE == l->phase) /* 需要注意只备份在认证阶段中与challenge id匹配的response */ { ChapBufferResponsePacket(chap, MD5DIGESTSIZE, aucHashValue, len); } chap_Success(l); /* Moves code to here as the last step of dealing with response by liukai, it should stop authentication timer after authentication pass or fail. Stops timer at first, a response frame format is not correct and discards it(way of BSD), UE has no chance to send challenge again */ auth_StopTimer(&(chap->auth)); } /* end of rx-ed response */ else if (CHAP_SUCCESS == chap->auth.in.hdr.code) /* rx-ed success */ { /* chap->auth.in.name is already set up at CHALLENGE time, need NOT to print again */ if (0 < len) { PPP_MNTN_LOG(PS_PID_APP_PPP, 0, PS_PRINT_NORMAL, "Chap Input: success with message\r\n"); } else { PPP_MNTN_LOG(PS_PID_APP_PPP, 0, PS_PRINT_NORMAL, "Chap Input: success without message\r\n"); } if (PROTO_CHAP == l->lcp.auth_iwait) { l->lcp.auth_iwait = 0; if (0 == l->lcp.auth_ineed) /* auth_ineed: 0, authentication by peer is not complete or no need to authentication, !0, authentication by peer is complete */ { /* * We've succeeded in our ``login'' * If we're not expecting the peer to authenticate (or he already * has), proceed to network phase. */ chap_ReInit(&(l->chap)); if (PHASE_AUTHENTICATE == l->phase) { l->phase = PHASE_NETWORK; l->ipcp.fsm.state = ST_CLOSED; fsm_Open(&(l->ipcp.fsm)); PPP_MNTN_LOG(PS_PID_APP_PPP, 0, PS_PRINT_NORMAL, "goto ipcp stage!\r\n"); } } } } /* end of rx-ed success */ else /* rx-ed fail */ { /* chap->auth.in.name is already set up at CHALLENGE time, need NOT to print again */ if (0 < len) { PPP_MNTN_LOG(PS_PID_APP_PPP, 0, PS_PRINT_NORMAL, "Chap Input: fail with message\r\n"); } else { PPP_MNTN_LOG(PS_PID_APP_PPP, 0, PS_PRINT_NORMAL, "Chap Input: fail without message\r\n"); } chap_Cleanup(&(l->chap)); l->phase = PHASE_TERMINATE; fsm_Close(&(l->lcp.fsm)); PPP_MNTN_LOG(PS_PID_APP_PPP, 0, PS_PRINT_NORMAL, "goto lcp stage!\r\n"); } /* end of rx-ed fail */ } ppp_m_freem(bp); return VOS_NULL_PTR; } /* chap_Input */