/* * auth_reset - called when LCP is starting negotiations to recheck * authentication options, i.e. whether we have appropriate secrets * to use for authenticating ourselves and/or the peer. */ void auth_reset(int unit) { lcp_options *go = &lcp_gotoptions[unit]; lcp_options *ao = &lcp_allowoptions[0]; ipcp_options *ipwo = &ipcp_wantoptions[0]; u32_t remote; AUTHDEBUG(LOG_INFO, ("auth_reset: %d\n", unit)); ao->neg_upap = !ppp_settings.refuse_pap && (ppp_settings.passwd[0] != 0 || get_pap_passwd(unit, NULL, NULL)); ao->neg_chap = !ppp_settings.refuse_chap && ppp_settings.passwd[0] != 0 /*have_chap_secret(ppp_settings.user, ppp_settings.remote_name, (u32_t)0)*/; if (go->neg_upap && !have_pap_secret()) { go->neg_upap = 0; } if (go->neg_chap) { remote = ipwo->accept_remote? 0: ipwo->hisaddr; if (!have_chap_secret(ppp_settings.remote_name, ppp_settings.our_name, remote)) { go->neg_chap = 0; } } }
/* * auth_check_options - called to check authentication options. */ void auth_check_options(void) { lcp_options *wo = &lcp_wantoptions[0]; int can_auth; ipcp_options *ipwo = &ipcp_wantoptions[0]; u32_t remote; /* Default our_name to hostname, and user to our_name */ if (ppp_settings.our_name[0] == 0 || ppp_settings.usehostname) { strcpy(ppp_settings.our_name, ppp_settings.hostname); } if (ppp_settings.user[0] == 0) { strcpy(ppp_settings.user, ppp_settings.our_name); } /* If authentication is required, ask peer for CHAP or PAP. */ if (ppp_settings.auth_required && !wo->neg_chap && !wo->neg_upap) { wo->neg_chap = 1; wo->neg_upap = 1; } /* * Check whether we have appropriate secrets to use * to authenticate the peer. */ can_auth = wo->neg_upap && have_pap_secret(); if (!can_auth && wo->neg_chap) { remote = ipwo->accept_remote? 0: ipwo->hisaddr; can_auth = have_chap_secret(ppp_settings.remote_name, ppp_settings.our_name, remote); } if (ppp_settings.auth_required && !can_auth) { ppp_panic("No auth secret"); } }