static void Despatch(struct bundle *bundle, struct link *l, struct mbuf *bp, u_short proto) { unsigned f; for (f = 0; f < DSIZE; f++) if (despatcher[f].proto == proto) { bp = (*despatcher[f].fn)(bundle, l, bp); break; } if (bp) { struct physical *p = link2physical(l); log_Printf(LogPHASE, "%s protocol 0x%04x (%s)\n", f == DSIZE ? "Unknown" : "Unexpected", proto, hdlc_Protocol2Nam(proto)); bp = m_pullup(proto_Prepend(bp, proto, 0, 0)); lcp_SendProtoRej(&l->lcp, MBUF_CTOP(bp), bp->m_len); if (p) { p->hdlc.lqm.SaveInDiscards++; p->hdlc.stats.unknownproto++; } m_freem(bp); } }
void lqr_reStart(struct lcp *lcp) { struct physical *p = link2physical(lcp->fsm.link); lqr_Setup(lcp); if (p->hdlc.lqm.timer.load) timer_Start(&p->hdlc.lqm.timer); }
void lqr_Start(struct lcp *lcp) { struct physical *p = link2physical(lcp->fsm.link); lqr_Setup(lcp); if (p->hdlc.lqm.timer.load) SendLqrReport(lcp); }
static void SendEchoReq(struct lcp *lcp) { struct hdlc *hdlc = &link2physical(lcp->fsm.link)->hdlc; struct echolqr echo; echo.magic = htonl(lcp->want_magic); echo.signature = htonl(SIGNATURE); echo.sequence = htonl(hdlc->lqm.echo.seq_sent); fsm_Output(&lcp->fsm, CODE_ECHOREQ, hdlc->lqm.echo.seq_sent++, (u_char *)&echo, sizeof echo, MB_ECHOOUT); }
static void ipv6cp_SendConfigReq(struct fsm *fp) { /* Send config REQ please */ struct physical *p = link2physical(fp->link); struct ipv6cp *ipv6cp = fsm2ipv6cp(fp); u_char buff[IPV6CP_IFIDLEN+2]; struct fsm_opt *o; o = (struct fsm_opt *)buff; if ((p && !physical_IsSync(p)) || !REJECTED(ipv6cp, TY_TOKEN)) { memcpy(o->data, ipv6cp->my_ifid, IPV6CP_IFIDLEN); INC_FSM_OPT(TY_TOKEN, IPV6CP_IFIDLEN + 2, o); } fsm_Output(fp, CODE_CONFIGREQ, fp->reqid, buff, (u_char *)o - buff, MB_IPV6CPOUT); }
static struct mbuf * sync_LayerPull(struct bundle *b, struct link *l, struct mbuf *bp, u_short *proto) { struct physical *p = link2physical(l); if (!p) log_Printf(LogERROR, "Can't Pull a sync packet from a logical link\n"); else { log_DumpBp(LogSYNC, "Read", bp); /* Either done here or by the HDLC layer */ p->hdlc.lqm.SaveInOctets += m_length(bp) + 1; p->hdlc.lqm.SaveInPackets++; m_settype(bp, MB_SYNCIN); } return bp; }
static struct mbuf * acf_LayerPull(struct bundle *b, struct link *l, struct mbuf *bp, u_short *proto) { struct physical *p = link2physical(l); u_char cp[2]; if (!p) { log_Printf(LogERROR, "Can't Pull an acf packet from a logical link\n"); return bp; } if (mbuf_View(bp, cp, 2) == 2) { if (!p->link.lcp.want_acfcomp) { /* We expect the packet not to be compressed */ bp = mbuf_Read(bp, cp, 2); if (cp[0] != HDLC_ADDR) { p->hdlc.lqm.ifInErrors++; p->hdlc.stats.badaddr++; log_Printf(LogDEBUG, "acf_LayerPull: addr 0x%02x\n", cp[0]); m_freem(bp); return NULL; } if (cp[1] != HDLC_UI) { p->hdlc.lqm.ifInErrors++; p->hdlc.stats.badcommand++; log_Printf(LogDEBUG, "acf_LayerPull: control 0x%02x\n", cp[1]); m_freem(bp); return NULL; } m_settype(bp, MB_ACFIN); } else if (cp[0] == HDLC_ADDR && cp[1] == HDLC_UI) { /* * We can receive compressed packets, but the peer still sends * uncompressed packets (or maybe this is a PROTO_LCP packet) ! */ bp = mbuf_Read(bp, cp, 2); m_settype(bp, MB_ACFIN); } } return bp; }
/* * When LCP is reached to opened state, We'll start LQM activity. */ static void lqr_Setup(struct lcp *lcp) { struct physical *physical = link2physical(lcp->fsm.link); int period; physical->hdlc.lqm.lqr.resent = 0; physical->hdlc.lqm.echo.seq_sent = 0; physical->hdlc.lqm.echo.seq_recv = 0; memset(&physical->hdlc.lqm.lqr.peer, '\0', sizeof physical->hdlc.lqm.lqr.peer); physical->hdlc.lqm.method = lcp->cfg.echo ? LQM_ECHO : 0; if (IsEnabled(lcp->cfg.lqr) && !REJECTED(lcp, TY_QUALPROTO)) physical->hdlc.lqm.method |= LQM_LQR; timer_Stop(&physical->hdlc.lqm.timer); physical->hdlc.lqm.lqr.peer_timeout = lcp->his_lqrperiod; if (lcp->his_lqrperiod) log_Printf(LogLQM, "%s: Expecting LQR every %d.%02d secs\n", physical->link.name, lcp->his_lqrperiod / 100, lcp->his_lqrperiod % 100); period = lcp->want_lqrperiod ? lcp->want_lqrperiod : lcp->cfg.lqrperiod * 100; physical->hdlc.lqm.timer.func = SendLqrReport; physical->hdlc.lqm.timer.name = "lqm"; physical->hdlc.lqm.timer.arg = lcp; if (lcp->want_lqrperiod || physical->hdlc.lqm.method & LQM_ECHO) { log_Printf(LogLQM, "%s: Will send %s every %d.%02d secs\n", physical->link.name, lcp->want_lqrperiod ? "LQR" : "LCP ECHO", period / 100, period % 100); physical->hdlc.lqm.timer.load = period * SECTICKS / 100; } else { physical->hdlc.lqm.timer.load = 0; if (!lcp->his_lqrperiod) log_Printf(LogLQM, "%s: LQR/LCP ECHO not negotiated\n", physical->link.name); } }
struct mbuf * lqr_RecvEcho(struct fsm *fp, struct mbuf *bp) { struct hdlc *hdlc = &link2physical(fp->link)->hdlc; struct lcp *lcp = fsm2lcp(fp); struct echolqr lqr; if (m_length(bp) >= sizeof lqr) { m_freem(mbuf_Read(bp, &lqr, sizeof lqr)); bp = NULL; lqr.magic = ntohl(lqr.magic); lqr.signature = ntohl(lqr.signature); lqr.sequence = ntohl(lqr.sequence); /* Tolerate echo replies with either magic number */ if (lqr.magic != 0 && lqr.magic != lcp->his_magic && lqr.magic != lcp->want_magic) { log_Printf(LogWARN, "%s: lqr_RecvEcho: Bad magic: expected 0x%08x," " got 0x%08x\n", fp->link->name, lcp->his_magic, lqr.magic); /* * XXX: We should send a terminate request. But poor implementations may * die as a result. */ } if (lqr.signature == SIGNATURE || lqr.signature == lcp->want_magic) { /* some implementations return the wrong magic */ /* careful not to update lqm.echo.seq_recv with older values */ if ((hdlc->lqm.echo.seq_recv > (u_int32_t)0 - 5 && lqr.sequence < 5) || (hdlc->lqm.echo.seq_recv <= (u_int32_t)0 - 5 && lqr.sequence > hdlc->lqm.echo.seq_recv)) hdlc->lqm.echo.seq_recv = lqr.sequence; } else log_Printf(LogWARN, "lqr_RecvEcho: Got sig 0x%08lx, not 0x%08lx !\n", (u_long)lqr.signature, (u_long)SIGNATURE); } else log_Printf(LogWARN, "lqr_RecvEcho: Got packet size %zd, expecting %ld !\n", m_length(bp), (long)sizeof(struct echolqr)); return bp; }
static void SendLqrReport(void *v) { struct lcp *lcp = (struct lcp *)v; struct physical *p = link2physical(lcp->fsm.link); timer_Stop(&p->hdlc.lqm.timer); if (p->hdlc.lqm.method & LQM_LQR) { if (p->hdlc.lqm.lqr.resent > 5) { /* XXX: Should implement LQM strategy */ log_Printf(LogPHASE, "%s: ** Too many LQR packets lost **\n", lcp->fsm.link->name); log_Printf(LogLQM, "%s: Too many LQR packets lost\n", lcp->fsm.link->name); p->hdlc.lqm.method = 0; datalink_Down(p->dl, CLOSE_NORMAL); } else { SendLqrData(lcp); p->hdlc.lqm.lqr.resent++; } } else if (p->hdlc.lqm.method & LQM_ECHO) { if ((p->hdlc.lqm.echo.seq_sent > 5 && p->hdlc.lqm.echo.seq_sent - 5 > p->hdlc.lqm.echo.seq_recv) || (p->hdlc.lqm.echo.seq_sent <= 5 && p->hdlc.lqm.echo.seq_sent > p->hdlc.lqm.echo.seq_recv + 5)) { log_Printf(LogPHASE, "%s: ** Too many LCP ECHO packets lost **\n", lcp->fsm.link->name); log_Printf(LogLQM, "%s: Too many LCP ECHO packets lost\n", lcp->fsm.link->name); p->hdlc.lqm.method = 0; datalink_Down(p->dl, CLOSE_NORMAL); } else SendEchoReq(lcp); } if (p->hdlc.lqm.method && p->hdlc.lqm.timer.load) timer_Start(&p->hdlc.lqm.timer); }
struct mbuf * chap_Input_old(struct bundle *bundle, struct link *l, struct mbuf *bp) { struct physical *p = link2physical(l); struct chap *chap = &p->dl->chap; char *name, *key, *ans; int len, nlen; u_char alen; #ifdef HAVE_DES int lanman; #endif if (p == NULL) { log_Printf(LogERROR, "chap_Input: Not a physical link - dropped\n"); m_freem(bp); return NULL; } if (bundle_Phase(bundle) != PHASE_NETWORK && bundle_Phase(bundle) != PHASE_AUTHENTICATE) { log_Printf(LogPHASE, "Unexpected chap input - dropped !\n"); m_freem(bp); return NULL; } m_settype(bp, MB_CHAPIN); if ((bp = auth_ReadHeader(&chap->auth, bp)) == NULL && ntohs(chap->auth.in.hdr.length) == 0) log_Printf(LogWARN, "Chap Input: Truncated header !\n"); else if (chap->auth.in.hdr.code == 0 || chap->auth.in.hdr.code > MAXCHAPCODE) log_Printf(LogPHASE, "Chap Input: %d: Bad CHAP code !\n", chap->auth.in.hdr.code); else { len = m_length(bp); ans = NULL; if (chap->auth.in.hdr.code != CHAP_CHALLENGE && chap->auth.id != chap->auth.in.hdr.id && Enabled(bundle, OPT_IDCHECK)) { /* Wrong conversation dude ! */ log_Printf(LogPHASE, "Chap Input: %s dropped (got id %d, not %d)\n", chapcodes[chap->auth.in.hdr.code], chap->auth.in.hdr.id, chap->auth.id); m_freem(bp); return NULL; } chap->auth.id = chap->auth.in.hdr.id; /* We respond with this id */ #ifdef HAVE_DES lanman = 0; #endif switch (chap->auth.in.hdr.code) { case CHAP_CHALLENGE: bp = mbuf_Read(bp, &alen, 1); len -= alen + 1; /* len -= (alen + 1); */ if (len < 0) { log_Printf(LogERROR, "Chap Input: Truncated challenge !\n"); m_freem(bp); return NULL; } *chap->challenge.peer = alen; bp = mbuf_Read(bp, chap->challenge.peer + 1, alen); bp = auth_ReadName(&chap->auth, bp, len); #ifdef HAVE_DES lanman = p->link.lcp.his_authtype == 0x80 && ((chap->NTRespSent && IsAccepted(p->link.lcp.cfg.chap80lm)) || !IsAccepted(p->link.lcp.cfg.chap80nt)); #endif break; case CHAP_RESPONSE: auth_StopTimer(&chap->auth); bp = mbuf_Read(bp, &alen, 1); /* read HASH-Size */ len -= alen + 1; /* len -= (alen + 1);, len is length of Name Field */ if (len < 0) { log_Printf(LogERROR, "Chap Input: Truncated response !\n"); m_freem(bp); return NULL; } if ((ans = malloc(alen + 2)) == NULL) { log_Printf(LogERROR, "Chap Input: Out of memory !\n"); m_freem(bp); return NULL; } *ans = chap->auth.id; bp = mbuf_Read(bp, ans + 1, alen); /* cut HASH value */ ans[alen+1] = '\0'; /* ans is (id, HASH, \0)*/ bp = auth_ReadName(&chap->auth, bp, len); #ifdef HAVE_DES lanman = alen == 49 && ans[alen] == 0; #endif break; case CHAP_SUCCESS: case CHAP_FAILURE: /* chap->auth.in.name is already set up at CHALLENGE time */ if ((ans = malloc(len + 1)) == NULL) { log_Printf(LogERROR, "Chap Input: Out of memory !\n"); m_freem(bp); return NULL; } bp = mbuf_Read(bp, ans, len); ans[len] = '\0'; break; } switch (chap->auth.in.hdr.code) { case CHAP_CHALLENGE: case CHAP_RESPONSE: if (*chap->auth.in.name) log_Printf(LogPHASE, "Chap Input: %s (%d bytes from %s%s)\n", chapcodes[chap->auth.in.hdr.code], alen, chap->auth.in.name, #ifdef HAVE_DES lanman && chap->auth.in.hdr.code == CHAP_RESPONSE ? " - lanman" : #endif ""); else log_Printf(LogPHASE, "Chap Input: %s (%d bytes%s)\n", chapcodes[chap->auth.in.hdr.code], alen, #ifdef HAVE_DES lanman && chap->auth.in.hdr.code == CHAP_RESPONSE ? " - lanman" : #endif ""); break; case CHAP_SUCCESS: case CHAP_FAILURE: if (*ans) log_Printf(LogPHASE, "Chap Input: %s (%s)\n", chapcodes[chap->auth.in.hdr.code], ans); else log_Printf(LogPHASE, "Chap Input: %s\n", chapcodes[chap->auth.in.hdr.code]); break; } switch (chap->auth.in.hdr.code) { case CHAP_CHALLENGE: if (*bundle->cfg.auth.key == '!' && bundle->cfg.auth.key[1] != '!') chap_StartChild(chap, bundle->cfg.auth.key + 1, bundle->cfg.auth.name); else chap_Respond(chap, bundle->cfg.auth.name, bundle->cfg.auth.key + (*bundle->cfg.auth.key == '!' ? 1 : 0), p->link.lcp.his_authtype #ifdef HAVE_DES , lanman #endif ); break; case CHAP_RESPONSE: name = chap->auth.in.name; nlen = strlen(name); #ifndef NORADIUS if (*bundle->radius.cfg.file) { u_char end; end = chap->challenge.local[*chap->challenge.local+1]; chap->challenge.local[*chap->challenge.local+1] = '\0'; radius_Authenticate(&bundle->radius, &chap->auth, chap->auth.in.name, ans, chap->challenge.local + 1); chap->challenge.local[*chap->challenge.local+1] = end; } else #endif { key = auth_GetSecret(bundle, name, nlen, p); if (key) { char *myans; #ifdef HAVE_DES if (lanman && !IsEnabled(p->link.lcp.cfg.chap80lm)) { log_Printf(LogPHASE, "Auth failure: LANMan not enabled\n"); if (chap_HaveAnotherGo(chap)) break; key = NULL; } else if (!lanman && !IsEnabled(p->link.lcp.cfg.chap80nt) && p->link.lcp.want_authtype == 0x80) { log_Printf(LogPHASE, "Auth failure: mschap not enabled\n"); if (chap_HaveAnotherGo(chap)) break; key = NULL; } else #endif { myans = chap_BuildAnswer(name, key, chap->auth.id, chap->challenge.local, p->link.lcp.want_authtype #ifdef HAVE_DES , lanman #endif ); if (myans == NULL) key = NULL; else { if (!chap_Cmp(p->link.lcp.want_authtype, myans + 1, *myans, ans + 1, alen #ifdef HAVE_DES , lanman #endif )) key = NULL; free(myans); } } } if (key) chap_Success(&chap->auth); else chap_Failure(&chap->auth); } break; case CHAP_SUCCESS: if (p->link.lcp.auth_iwait == PROTO_CHAP) { p->link.lcp.auth_iwait = 0; if (p->link.lcp.auth_ineed == 0) /* * We've succeeded in our ``login'' * If we're not expecting the peer to authenticate (or he already * has), proceed to network phase. */ datalink_AuthOk(p->dl); } break; case CHAP_FAILURE: datalink_AuthNotOk(p->dl); break; } free(ans); } m_freem(bp); return NULL; }
struct mbuf * pap_Input(struct bundle *bundle, struct link *l, struct mbuf *bp) { struct physical *p = link2physical(l); struct authinfo *authp = &p->dl->pap; u_char nlen, klen, *key; const char *txt; int txtlen; if (p == NULL) { log_Printf(LogERROR, "pap_Input: Not a physical link - dropped\n"); m_freem(bp); return NULL; } if (bundle_Phase(bundle) != PHASE_NETWORK && bundle_Phase(bundle) != PHASE_AUTHENTICATE) { log_Printf(LogPHASE, "Unexpected pap input - dropped !\n"); m_freem(bp); return NULL; } if ((bp = auth_ReadHeader(authp, bp)) == NULL && ntohs(authp->in.hdr.length) == 0) { log_Printf(LogWARN, "Pap Input: Truncated header !\n"); return NULL; } if (authp->in.hdr.code == 0 || authp->in.hdr.code > MAXPAPCODE) { log_Printf(LogPHASE, "Pap Input: %d: Bad PAP code !\n", authp->in.hdr.code); m_freem(bp); return NULL; } if (authp->in.hdr.code != PAP_REQUEST && authp->id != authp->in.hdr.id && Enabled(bundle, OPT_IDCHECK)) { /* Wrong conversation dude ! */ log_Printf(LogPHASE, "Pap Input: %s dropped (got id %d, not %d)\n", papcodes[authp->in.hdr.code], authp->in.hdr.id, authp->id); m_freem(bp); return NULL; } m_settype(bp, MB_PAPIN); authp->id = authp->in.hdr.id; /* We respond with this id */ if (bp) { bp = mbuf_Read(bp, &nlen, 1); if (authp->in.hdr.code == PAP_ACK) { /* * Don't restrict the length of our acknowledgement freetext to * nlen (a one-byte length). Show the rest of the ack packet * instead. This isn't really part of the protocol..... */ bp = m_pullup(bp); txt = MBUF_CTOP(bp); txtlen = m_length(bp); } else { bp = auth_ReadName(authp, bp, nlen); txt = authp->in.name; txtlen = strlen(authp->in.name); } } else { txt = ""; txtlen = 0; } log_Printf(LogPHASE, "Pap Input: %s (%.*s)\n", papcodes[authp->in.hdr.code], txtlen, txt); switch (authp->in.hdr.code) { case PAP_REQUEST: if (bp == NULL) { log_Printf(LogPHASE, "Pap Input: No key given !\n"); break; } bp = mbuf_Read(bp, &klen, 1); if (m_length(bp) < klen) { log_Printf(LogERROR, "Pap Input: Truncated key !\n"); break; } if ((key = malloc(klen+1)) == NULL) { log_Printf(LogERROR, "Pap Input: Out of memory !\n"); break; } bp = mbuf_Read(bp, key, klen); key[klen] = '\0'; #ifndef NORADIUS if (*bundle->radius.cfg.file) { if (!radius_Authenticate(&bundle->radius, authp, authp->in.name, key, strlen(key), NULL, 0)) pap_Failure(authp); } else #endif if (auth_Validate(bundle, authp->in.name, key)) pap_Success(authp); else pap_Failure(authp); free(key); break; case PAP_ACK: auth_StopTimer(authp); if (p->link.lcp.auth_iwait == PROTO_PAP) { p->link.lcp.auth_iwait = 0; if (p->link.lcp.auth_ineed == 0) /* * We've succeeded in our ``login'' * If we're not expecting the peer to authenticate (or he already * has), proceed to network phase. */ datalink_AuthOk(p->dl); } break; case PAP_NAK: auth_StopTimer(authp); datalink_AuthNotOk(p->dl); break; } m_freem(bp); return NULL; }
lcp->fsm.link->name); log_Printf(LogLQM, "%s: Too many LCP ECHO packets lost\n", lcp->fsm.link->name); p->hdlc.lqm.method = 0; datalink_Down(p->dl, CLOSE_NORMAL); } else SendEchoReq(lcp); } if (p->hdlc.lqm.method && p->hdlc.lqm.timer.load) timer_Start(&p->hdlc.lqm.timer); } struct mbuf * lqr_Input(struct bundle *bundle __unused, struct link *l, struct mbuf *bp) { struct physical *p = link2physical(l); struct lcp *lcp = p->hdlc.lqm.owner; int len; if (p == NULL) { log_Printf(LogERROR, "lqr_Input: Not a physical link - dropped\n"); m_freem(bp); return NULL; } len = m_length(bp); if (len != sizeof(struct lqrdata)) log_Printf(LogWARN, "lqr_Input: Got packet size %d, expecting %ld !\n", len, (long)sizeof(struct lqrdata)); else if (!IsAccepted(l->lcp.cfg.lqr) && !(p->hdlc.lqm.method & LQM_LQR)) { bp = m_pullup(proto_Prepend(bp, PROTO_LQR, 0, 0));
struct mbuf * chap_Input(struct bundle *bundle, struct link *l, struct mbuf *bp) { struct physical *p = link2physical(l); struct chap *chap = &p->dl->chap; char *name, *key, *ans; int len, nlen; u_char alen; #ifndef NODES int lanman; #endif if (p == NULL) { log_Printf(LogERROR, "chap_Input: Not a physical link - dropped\n"); m_freem(bp); return NULL; } if (bundle_Phase(bundle) != PHASE_NETWORK && bundle_Phase(bundle) != PHASE_AUTHENTICATE) { log_Printf(LogPHASE, "Unexpected chap input - dropped !\n"); m_freem(bp); return NULL; } m_settype(bp, MB_CHAPIN); if ((bp = auth_ReadHeader(&chap->auth, bp)) == NULL && ntohs(chap->auth.in.hdr.length) == 0) log_Printf(LogWARN, "Chap Input: Truncated header !\n"); else if (chap->auth.in.hdr.code == 0 || chap->auth.in.hdr.code > MAXCHAPCODE) log_Printf(LogPHASE, "Chap Input: %d: Bad CHAP code !\n", chap->auth.in.hdr.code); else { len = m_length(bp); ans = NULL; if (chap->auth.in.hdr.code != CHAP_CHALLENGE && chap->auth.id != chap->auth.in.hdr.id && Enabled(bundle, OPT_IDCHECK)) { /* Wrong conversation dude ! */ log_Printf(LogPHASE, "Chap Input: %s dropped (got id %d, not %d)\n", chapcodes[chap->auth.in.hdr.code], chap->auth.in.hdr.id, chap->auth.id); m_freem(bp); return NULL; } chap->auth.id = chap->auth.in.hdr.id; /* We respond with this id */ #ifndef NODES lanman = 0; #endif switch (chap->auth.in.hdr.code) { case CHAP_CHALLENGE: bp = mbuf_Read(bp, &alen, 1); len -= alen + 1; if (len < 0) { log_Printf(LogERROR, "Chap Input: Truncated challenge !\n"); m_freem(bp); return NULL; } *chap->challenge.peer = alen; bp = mbuf_Read(bp, chap->challenge.peer + 1, alen); bp = auth_ReadName(&chap->auth, bp, len); #ifndef NODES lanman = p->link.lcp.his_authtype == 0x80 && ((chap->NTRespSent && IsAccepted(p->link.lcp.cfg.chap80lm)) || !IsAccepted(p->link.lcp.cfg.chap80nt)); /* Generate local challenge value */ chap_ChallengeInit(&chap->auth); #endif break; case CHAP_RESPONSE: auth_StopTimer(&chap->auth); bp = mbuf_Read(bp, &alen, 1); len -= alen + 1; if (len < 0) { log_Printf(LogERROR, "Chap Input: Truncated response !\n"); m_freem(bp); return NULL; } if ((ans = malloc(alen + 1)) == NULL) { log_Printf(LogERROR, "Chap Input: Out of memory !\n"); m_freem(bp); return NULL; } *ans = chap->auth.id; bp = mbuf_Read(bp, ans + 1, alen); bp = auth_ReadName(&chap->auth, bp, len); #ifndef NODES lanman = p->link.lcp.want_authtype == 0x80 && alen == 49 && ans[alen] == 0; #endif break; case CHAP_SUCCESS: case CHAP_FAILURE: /* chap->auth.in.name is already set up at CHALLENGE time */ if ((ans = malloc(len + 1)) == NULL) { log_Printf(LogERROR, "Chap Input: Out of memory !\n"); m_freem(bp); return NULL; } bp = mbuf_Read(bp, ans, len); ans[len] = '\0'; break; } switch (chap->auth.in.hdr.code) { case CHAP_CHALLENGE: case CHAP_RESPONSE: if (*chap->auth.in.name) log_Printf(LogPHASE, "Chap Input: %s (%d bytes from %s%s)\n", chapcodes[chap->auth.in.hdr.code], alen, chap->auth.in.name, #ifndef NODES lanman && chap->auth.in.hdr.code == CHAP_RESPONSE ? " - lanman" : #endif ""); else log_Printf(LogPHASE, "Chap Input: %s (%d bytes%s)\n", chapcodes[chap->auth.in.hdr.code], alen, #ifndef NODES lanman && chap->auth.in.hdr.code == CHAP_RESPONSE ? " - lanman" : #endif ""); break; case CHAP_SUCCESS: case CHAP_FAILURE: if (*ans) log_Printf(LogPHASE, "Chap Input: %s (%s)\n", chapcodes[chap->auth.in.hdr.code], ans); else log_Printf(LogPHASE, "Chap Input: %s\n", chapcodes[chap->auth.in.hdr.code]); break; } switch (chap->auth.in.hdr.code) { case CHAP_CHALLENGE: if (*bundle->cfg.auth.key == '!' && bundle->cfg.auth.key[1] != '!') chap_StartChild(chap, bundle->cfg.auth.key + 1, bundle->cfg.auth.name); else chap_Respond(chap, bundle->cfg.auth.name, bundle->cfg.auth.key + (*bundle->cfg.auth.key == '!' ? 1 : 0), p->link.lcp.his_authtype #ifndef NODES , lanman #endif ); break; case CHAP_RESPONSE: name = chap->auth.in.name; nlen = strlen(name); #ifndef NODES if (p->link.lcp.want_authtype == 0x81) { struct MSCHAPv2_resp *resp = (struct MSCHAPv2_resp *)(ans + 1); chap->challenge.peer[0] = sizeof resp->PeerChallenge; memcpy(chap->challenge.peer + 1, resp->PeerChallenge, sizeof resp->PeerChallenge); } #endif #ifndef NORADIUS if (*bundle->radius.cfg.file) { if (!radius_Authenticate(&bundle->radius, &chap->auth, chap->auth.in.name, ans, alen + 1, chap->challenge.local + 1, *chap->challenge.local)) chap_Failure(&chap->auth); } else #endif { if (p->link.lcp.want_authtype == 0x81 && ans[alen] != '\0' && alen == sizeof(struct MSCHAPv2_resp)) { struct MSCHAPv2_resp *resp = (struct MSCHAPv2_resp *)(ans + 1); log_Printf(LogWARN, "%s: Compensating for corrupt (Win98/WinME?) " "CHAP81 RESPONSE\n", l->name); resp->Flags = '\0'; /* rfc2759 says it *MUST* be zero */ } key = auth_GetSecret(bundle, name, nlen, p); if (key) { #ifndef NODES if (p->link.lcp.want_authtype == 0x80 && lanman && !IsEnabled(p->link.lcp.cfg.chap80lm)) { log_Printf(LogPHASE, "Auth failure: LANMan not enabled\n"); if (chap_HaveAnotherGo(chap)) break; key = NULL; } else if (p->link.lcp.want_authtype == 0x80 && !lanman && !IsEnabled(p->link.lcp.cfg.chap80nt)) { log_Printf(LogPHASE, "Auth failure: mschap not enabled\n"); if (chap_HaveAnotherGo(chap)) break; key = NULL; } else if (p->link.lcp.want_authtype == 0x81 && !IsEnabled(p->link.lcp.cfg.chap81)) { log_Printf(LogPHASE, "Auth failure: CHAP81 not enabled\n"); key = NULL; } else #endif { char *myans = chap_BuildAnswer(name, key, chap->auth.id, chap->challenge.local, p->link.lcp.want_authtype #ifndef NODES , chap->challenge.peer, chap->authresponse, lanman); MPPE_IsServer = 1; /* XXX Global ! */ #else ); #endif if (myans == NULL) key = NULL; else { if (!chap_Cmp(p->link.lcp.want_authtype, myans + 1, *myans, ans + 1, alen #ifndef NODES , lanman #endif )) key = NULL; free(myans); } } } if (key) chap_Success(&chap->auth); else chap_Failure(&chap->auth); } break; case CHAP_SUCCESS: if (p->link.lcp.auth_iwait == PROTO_CHAP) { p->link.lcp.auth_iwait = 0; if (p->link.lcp.auth_ineed == 0) { #ifndef NODES if (p->link.lcp.his_authtype == 0x81) { if (strncasecmp(ans, chap->authresponse, 42)) { datalink_AuthNotOk(p->dl); log_Printf(LogWARN, "CHAP81: AuthenticatorResponse: (%.42s)" " != ans: (%.42s)\n", chap->authresponse, ans); } else { /* Successful login */ MPPE_MasterKeyValid = 1; /* XXX Global ! */ datalink_AuthOk(p->dl); } } else #endif /* * We've succeeded in our ``login'' * If we're not expecting the peer to authenticate (or he already * has), proceed to network phase. */ datalink_AuthOk(p->dl); } } break; case CHAP_FAILURE: datalink_AuthNotOk(p->dl); break; } free(ans); }
static struct mbuf * lqr_LayerPush(struct bundle *b, struct link *l, struct mbuf *bp, int pri, u_short *proto) { struct physical *p = link2physical(l); int len, layer; if (!p) { /* Oops - can't happen :-] */ m_freem(bp); return NULL; } bp = m_pullup(bp); len = m_length(bp); /*- * From rfc1989: * * All octets which are included in the FCS calculation MUST be counted, * including the packet header, the information field, and any padding. * The FCS octets MUST also be counted, and one flag octet per frame * MUST be counted. All other octets (such as additional flag * sequences, and escape bits or octets) MUST NOT be counted. * * As we're stacked higher than the HDLC layer (otherwise HDLC wouldn't be * able to calculate the FCS), we must not forget about these additional * bytes when we're asynchronous. * * We're also expecting to be stacked *before* the likes of the proto and * acf layers (to avoid alignment issues), so deal with this too. */ p->hdlc.lqm.ifOutUniPackets++; p->hdlc.lqm.ifOutOctets += len + 1; /* plus 1 flag octet! */ for (layer = 0; layer < l->nlayers; layer++) switch (l->layer[layer]->type) { case LAYER_ACF: p->hdlc.lqm.ifOutOctets += acf_WrapperOctets(&l->lcp, *proto); break; case LAYER_ASYNC: /* Not included - see rfc1989 */ break; case LAYER_HDLC: p->hdlc.lqm.ifOutOctets += hdlc_WrapperOctets(&l->lcp, *proto); break; case LAYER_LQR: layer = l->nlayers; break; case LAYER_PROTO: p->hdlc.lqm.ifOutOctets += proto_WrapperOctets(&l->lcp, *proto); break; case LAYER_SYNC: /* Nothing to add on */ break; default: log_Printf(LogWARN, "Oops, don't know how to do octets for %s layer\n", l->layer[layer]->name); break; } if (*proto == PROTO_LQR) { /* Overwrite the entire packet (created in SendLqrData()) */ struct lqrdata lqr; size_t pending_pkts, pending_octets; p->hdlc.lqm.lqr.OutLQRs++; /* * We need to compensate for the fact that we're pushing our data * onto the highest priority queue by factoring out packet & octet * values from other queues! */ link_PendingLowPriorityData(l, &pending_pkts, &pending_octets); memset(&lqr, '\0', sizeof lqr); lqr.MagicNumber = p->link.lcp.want_magic; lqr.LastOutLQRs = p->hdlc.lqm.lqr.peer.PeerOutLQRs; lqr.LastOutPackets = p->hdlc.lqm.lqr.peer.PeerOutPackets; lqr.LastOutOctets = p->hdlc.lqm.lqr.peer.PeerOutOctets; lqr.PeerInLQRs = p->hdlc.lqm.lqr.Save.InLQRs; lqr.PeerInPackets = p->hdlc.lqm.lqr.Save.InPackets; lqr.PeerInDiscards = p->hdlc.lqm.lqr.Save.InDiscards; lqr.PeerInErrors = p->hdlc.lqm.lqr.Save.InErrors; lqr.PeerInOctets = p->hdlc.lqm.lqr.Save.InOctets; lqr.PeerOutLQRs = p->hdlc.lqm.lqr.OutLQRs; lqr.PeerOutPackets = p->hdlc.lqm.ifOutUniPackets - pending_pkts; /* Don't forget our ``flag'' octets.... */ lqr.PeerOutOctets = p->hdlc.lqm.ifOutOctets - pending_octets - pending_pkts; lqr_Dump(l->name, "Output", &lqr); lqr_ChangeOrder(&lqr, (struct lqrdata *)MBUF_CTOP(bp)); } return bp; }
struct mbuf * lqr_Input(struct bundle *bundle, struct link *l, struct mbuf *bp) { struct physical *p = link2physical(l); struct lcp *lcp = p->hdlc.lqm.owner; int len; if (p == NULL) { log_Printf(LogERROR, "lqr_Input: Not a physical link - dropped\n"); m_freem(bp); return NULL; } len = m_length(bp); if (len != sizeof(struct lqrdata)) log_Printf(LogWARN, "lqr_Input: Got packet size %d, expecting %ld !\n", len, (long)sizeof(struct lqrdata)); else if (!IsAccepted(l->lcp.cfg.lqr) && !(p->hdlc.lqm.method & LQM_LQR)) { bp = m_pullup(proto_Prepend(bp, PROTO_LQR, 0, 0)); lcp_SendProtoRej(lcp, MBUF_CTOP(bp), bp->m_len); } else { struct lqrdata *lqr; bp = m_pullup(bp); lqr = (struct lqrdata *)MBUF_CTOP(bp); if (ntohl(lqr->MagicNumber) != lcp->his_magic) log_Printf(LogWARN, "lqr_Input: magic 0x%08lx is wrong," " expecting 0x%08lx\n", (u_long)ntohl(lqr->MagicNumber), (u_long)lcp->his_magic); else { struct lqrdata lastlqr; memcpy(&lastlqr, &p->hdlc.lqm.lqr.peer, sizeof lastlqr); lqr_ChangeOrder(lqr, &p->hdlc.lqm.lqr.peer); lqr_Dump(l->name, "Input", &p->hdlc.lqm.lqr.peer); /* we have received an LQR from our peer */ p->hdlc.lqm.lqr.resent = 0; /* Snapshot our state when the LQR packet was received */ memcpy(&p->hdlc.lqm.lqr.prevSave, &p->hdlc.lqm.lqr.Save, sizeof p->hdlc.lqm.lqr.prevSave); p->hdlc.lqm.lqr.Save.InLQRs = ++p->hdlc.lqm.lqr.InLQRs; p->hdlc.lqm.lqr.Save.InPackets = p->hdlc.lqm.ifInUniPackets; p->hdlc.lqm.lqr.Save.InDiscards = p->hdlc.lqm.ifInDiscards; p->hdlc.lqm.lqr.Save.InErrors = p->hdlc.lqm.ifInErrors; p->hdlc.lqm.lqr.Save.InOctets = p->hdlc.lqm.lqr.InGoodOctets; lqr_Analyse(&p->hdlc, &lastlqr, &p->hdlc.lqm.lqr.peer); /* * Generate an LQR response if we're not running an LQR timer OR * two successive LQR's PeerInLQRs are the same. */ if (p->hdlc.lqm.timer.load == 0 || !(p->hdlc.lqm.method & LQM_LQR) || (lastlqr.PeerInLQRs && lastlqr.PeerInLQRs == p->hdlc.lqm.lqr.peer.PeerInLQRs)) SendLqrData(lcp); } } m_freem(bp); return NULL; }