static void
chap_response(chap *_this, int authok, u_char *pktp, int lpktp)
{
const char *realm_name;
CHAP_ASSERT(_this != NULL);
CHAP_ASSERT(pktp != NULL);
CHAP_ASSERT(_this->type == PPP_AUTH_CHAP_MD5 ||
_this->type == PPP_AUTH_CHAP_MS_V2);
ppp_output(_this->ppp, PPP_PROTO_CHAP, (authok)? 3 : 4, _this->challid,
pktp, lpktp);
realm_name = npppd_ppp_get_realm_name(_this->ppp->pppd, _this->ppp);
if (!authok) {
chap_log(_this, LOG_ALERT,
"logtype=Failure username=\"%s\" realm=%s", _this->name,
realm_name);
chap_stop(_this);
/* Stop the PPP if the authentication is failed. */
ppp_set_disconnect_cause(_this->ppp,
PPP_DISCON_AUTH_FAILED, PPP_PROTO_CHAP, 1 /* peer */, NULL);
ppp_stop(_this->ppp, "Authentication Required");
} else {
strlcpy(_this->ppp->username, _this->name,
sizeof(_this->ppp->username));
chap_log(_this, LOG_INFO,
"logtype=Success username=\"%s\" "
"realm=%s", _this->name, realm_name);
chap_stop(_this);
/* We change our state to prepare to resend requests. */
_this->state = CHAP_STATE_SENT_RESPONSE;
ppp_auth_ok(_this->ppp);
}
}
static void
pap_response(pap *_this, int authok, const char *mes)
{
int lpktp, lmes;
u_char *pktp, *pktp1;
const char *realm;
pktp = ppp_packetbuf(_this->ppp, PPP_PROTO_PAP) + HEADERLEN;
lpktp = _this->ppp->mru - HEADERLEN;
realm = npppd_ppp_get_realm_name(_this->ppp->pppd, _this->ppp);
pktp1 = pktp;
if (mes == NULL)
lmes = 0;
else
lmes = strlen(mes);
lmes = MINIMUM(lmes, lpktp - 1);
PUTCHAR(lmes, pktp1);
if (lmes > 0)
memcpy(pktp1, mes, lmes);
lpktp = lmes + 1;
if (authok)
ppp_output(_this->ppp, PPP_PROTO_PAP, AUTHACK, _this->auth_id,
pktp, lpktp);
else
ppp_output(_this->ppp, PPP_PROTO_PAP, AUTHNAK, _this->auth_id,
pktp, lpktp);
if (!authok) {
pap_log(_this, LOG_ALERT,
"logtype=Failure username=\"%s\" realm=%s", _this->name,
realm);
pap_stop(_this);
ppp_set_disconnect_cause(_this->ppp,
PPP_DISCON_AUTH_FAILED, PPP_PROTO_PAP, 1 /* peer */, NULL);
ppp_stop(_this->ppp, "Authentication Required");
} else {
strlcpy(_this->ppp->username, _this->name,
sizeof(_this->ppp->username));
pap_log(_this, LOG_INFO,
"logtype=Success username=\"%s\" realm=%s", _this->name,
realm);
pap_stop(_this);
ppp_auth_ok(_this->ppp);
/* reset the state to response request of retransmision. */
_this->state = PAP_STATE_SENT_RESPONSE;
}
}
/** called when the lcp is up */
void
ppp_lcp_up(npppd_ppp *_this)
{
#ifdef USE_NPPPD_MPPE
if (MPPE_REQUIRED(_this) && !MPPE_MUST_NEGO(_this)) {
ppp_log(_this, LOG_ERR, "MPPE is required, auth protocol must "
"be MS-CHAP-V2 or EAP");
ppp_stop(_this, "Encryption required");
return;
}
#endif
/*
* Use our MRU value even if the peer insists on larger value.
* We set the peer_mtu here, the value will be used as the MTU of the
* routing entry. So we will not receive packets larger than the MTU.
*/
if (_this->peer_mru > _this->mru)
_this->peer_mru = _this->mru;
if (_this->peer_auth != 0 && _this->auth_runonce == 0) {
if (AUTH_IS_PAP(_this)) {
pap_start(&_this->pap);
_this->auth_runonce = 1;
return;
}
if (AUTH_IS_CHAP(_this)) {
chap_start(&_this->chap);
_this->auth_runonce = 1;
return;
}
#ifdef USE_NPPPD_EAP_RADIUS
if (AUTH_IS_EAP(_this)) {
eap_init(&_this->eap, _this);
eap_start(&_this->eap);
return;
}
#endif
}
if (_this->peer_auth == 0)
ppp_auth_ok(_this);
}
