void lcpThisLayerUp(PppContext *context) { //Debug message TRACE_INFO("LCP This-Layer-Up callback\r\n"); //PAP authentication required? if(context->peerConfig.authProtocol == PPP_PROTOCOL_PAP) { //Advance to the Authentication phase context->pppPhase = PPP_PHASE_AUTHENTICATE; //Start PAP authentication process papStartAuth(context); } else { //Advance to the Network phase context->pppPhase = PPP_PHASE_NETWORK; //IPCP Open event ipcpOpen(context); } }
error_t chapProcessSuccess(PppContext *context, const ChapSuccessPacket *successPacket, size_t length) { //Debug message TRACE_INFO("\r\nCHAP Success packet received\r\n"); //Make sure the Success packet is acceptable if(context->peerConfig.authProtocol != PPP_PROTOCOL_CHAP) return ERROR_FAILURE; //Check the length of the packet if(length < sizeof(ChapSuccessPacket)) return ERROR_INVALID_LENGTH; //When a packet is received with an invalid Identifier field, the //packet is silently discarded without affecting the automaton if(successPacket->identifier != context->chapFsm.peerIdentifier) return ERROR_WRONG_IDENTIFIER; //Switch to the Success-Rcvd state context->chapFsm.peerState = CHAP_STATE_7_SUCCESS_RCVD; //The user name has been accepted by the authenticator context->peerAuthDone = TRUE; //Check whether PPP authentication is complete if(context->localAuthDone && context->peerAuthDone) { //Check current PPP phase if(context->pppPhase == PPP_PHASE_AUTHENTICATE) { //Advance to the Network phase context->pppPhase = PPP_PHASE_NETWORK; //IPCP Open event ipcpOpen(context); } } //Successful processing return NO_ERROR; }
error_t chapProcessResponse(PppContext *context, const ChapResponsePacket *responsePacket, size_t length) { bool_t status; const uint8_t *p; //Debug message TRACE_INFO("\r\nCHAP Response packet received\r\n"); //Make sure the Response packet is acceptable if(context->localConfig.authProtocol != PPP_PROTOCOL_CHAP) return ERROR_FAILURE; //Check the length of the packet if(length < sizeof(ChapResponsePacket)) return ERROR_INVALID_LENGTH; //When a packet is received with an invalid Identifier field, the //packet is silently discarded without affecting the automaton if(responsePacket->identifier != context->chapFsm.localIdentifier) return ERROR_WRONG_IDENTIFIER; //Malformed Response packet? if(length < (sizeof(ChapResponsePacket) + responsePacket->valueSize)) return ERROR_INVALID_LENGTH; //The length of the response value depends upon the hash algorithm used if(responsePacket->valueSize != MD5_DIGEST_SIZE) return ERROR_INVALID_LENGTH; //Retrieve the response value context->chapFsm.response = responsePacket->value; //Point to the Name field p = responsePacket->value + responsePacket->valueSize; //Retrieve the length of the Name field length -= sizeof(ChapResponsePacket) + responsePacket->valueSize; //Limit the length of the string length = MIN(length, PPP_MAX_USERNAME_LEN); //Copy the name of the peer to be identified memcpy(context->peerName, p, length); //Properly terminate the string with a NULL character context->peerName[length] = '\0'; //Invoke user-defined callback, if any if(context->settings.authCallback != NULL) { //Perfom username and password verification status = context->settings.authCallback(context->interface, context->peerName); } else { //Unable to perform authentication... status = FALSE; } //Whenever a Response packet is received, the authenticator compares the //Response Value with its own calculation of the expected value. Based on //this comparison, the authenticator must send a Success or Failure packet if(status) { //Send a Success packet chapSendSuccess(context); //Switch to the Success-Sent state context->chapFsm.localState = CHAP_STATE_6_SUCCESS_SENT; //The user has been successfully authenticated context->localAuthDone = TRUE; //Check whether PPP authentication is complete if(context->localAuthDone && context->peerAuthDone) { //Check current PPP phase if(context->pppPhase == PPP_PHASE_AUTHENTICATE) { //Advance to the Network phase context->pppPhase = PPP_PHASE_NETWORK; //IPCP Open event ipcpOpen(context); } } } else { //Send a Failure packet chapSendFailure(context); //Switch to the Failure-Sent state context->chapFsm.localState = CHAP_STATE_8_FAILURE_SENT; //The authenticator should take action to terminate the link lcpClose(context); } //Successful processing return NO_ERROR; }