void lcpThisLayerUp(PppContext *context)
{
//Debug message
TRACE_INFO("LCP This-Layer-Up callback\r\n");
//PAP authentication required?
if(context->peerConfig.authProtocol == PPP_PROTOCOL_PAP)
{
//Advance to the Authentication phase
context->pppPhase = PPP_PHASE_AUTHENTICATE;
//Start PAP authentication process
papStartAuth(context);
}
else
{
//Advance to the Network phase
context->pppPhase = PPP_PHASE_NETWORK;
//IPCP Open event
ipcpOpen(context);
}
}
error_t chapProcessSuccess(PppContext *context,
const ChapSuccessPacket *successPacket, size_t length)
{
//Debug message
TRACE_INFO("\r\nCHAP Success packet received\r\n");
//Make sure the Success packet is acceptable
if(context->peerConfig.authProtocol != PPP_PROTOCOL_CHAP)
return ERROR_FAILURE;
//Check the length of the packet
if(length < sizeof(ChapSuccessPacket))
return ERROR_INVALID_LENGTH;
//When a packet is received with an invalid Identifier field, the
//packet is silently discarded without affecting the automaton
if(successPacket->identifier != context->chapFsm.peerIdentifier)
return ERROR_WRONG_IDENTIFIER;
//Switch to the Success-Rcvd state
context->chapFsm.peerState = CHAP_STATE_7_SUCCESS_RCVD;
//The user name has been accepted by the authenticator
context->peerAuthDone = TRUE;
//Check whether PPP authentication is complete
if(context->localAuthDone && context->peerAuthDone)
{
//Check current PPP phase
if(context->pppPhase == PPP_PHASE_AUTHENTICATE)
{
//Advance to the Network phase
context->pppPhase = PPP_PHASE_NETWORK;
//IPCP Open event
ipcpOpen(context);
}
}
//Successful processing
return NO_ERROR;
}
error_t chapProcessResponse(PppContext *context,
const ChapResponsePacket *responsePacket, size_t length)
{
bool_t status;
const uint8_t *p;
//Debug message
TRACE_INFO("\r\nCHAP Response packet received\r\n");
//Make sure the Response packet is acceptable
if(context->localConfig.authProtocol != PPP_PROTOCOL_CHAP)
return ERROR_FAILURE;
//Check the length of the packet
if(length < sizeof(ChapResponsePacket))
return ERROR_INVALID_LENGTH;
//When a packet is received with an invalid Identifier field, the
//packet is silently discarded without affecting the automaton
if(responsePacket->identifier != context->chapFsm.localIdentifier)
return ERROR_WRONG_IDENTIFIER;
//Malformed Response packet?
if(length < (sizeof(ChapResponsePacket) + responsePacket->valueSize))
return ERROR_INVALID_LENGTH;
//The length of the response value depends upon the hash algorithm used
if(responsePacket->valueSize != MD5_DIGEST_SIZE)
return ERROR_INVALID_LENGTH;
//Retrieve the response value
context->chapFsm.response = responsePacket->value;
//Point to the Name field
p = responsePacket->value + responsePacket->valueSize;
//Retrieve the length of the Name field
length -= sizeof(ChapResponsePacket) + responsePacket->valueSize;
//Limit the length of the string
length = MIN(length, PPP_MAX_USERNAME_LEN);
//Copy the name of the peer to be identified
memcpy(context->peerName, p, length);
//Properly terminate the string with a NULL character
context->peerName[length] = '\0';
//Invoke user-defined callback, if any
if(context->settings.authCallback != NULL)
{
//Perfom username and password verification
status = context->settings.authCallback(context->interface,
context->peerName);
}
else
{
//Unable to perform authentication...
status = FALSE;
}
//Whenever a Response packet is received, the authenticator compares the
//Response Value with its own calculation of the expected value. Based on
//this comparison, the authenticator must send a Success or Failure packet
if(status)
{
//Send a Success packet
chapSendSuccess(context);
//Switch to the Success-Sent state
context->chapFsm.localState = CHAP_STATE_6_SUCCESS_SENT;
//The user has been successfully authenticated
context->localAuthDone = TRUE;
//Check whether PPP authentication is complete
if(context->localAuthDone && context->peerAuthDone)
{
//Check current PPP phase
if(context->pppPhase == PPP_PHASE_AUTHENTICATE)
{
//Advance to the Network phase
context->pppPhase = PPP_PHASE_NETWORK;
//IPCP Open event
ipcpOpen(context);
}
}
}
else
{
//Send a Failure packet
chapSendFailure(context);
//Switch to the Failure-Sent state
context->chapFsm.localState = CHAP_STATE_8_FAILURE_SENT;
//The authenticator should take action to terminate the link
lcpClose(context);
}
//Successful processing
return NO_ERROR;
}
