static void MakeKey( u_char *key, /* IN 56 bit DES key missing parity bits */ u_char *des_key /* OUT 64 bit DES key with parity bits added */ ) { des_key[0] = Get7Bits(key, 0); des_key[1] = Get7Bits(key, 7); des_key[2] = Get7Bits(key, 14); des_key[3] = Get7Bits(key, 21); des_key[4] = Get7Bits(key, 28); des_key[5] = Get7Bits(key, 35); des_key[6] = Get7Bits(key, 42); des_key[7] = Get7Bits(key, 49); #ifndef USE_CRYPT des_set_odd_parity((des_cblock *)des_key); #endif #if 0 CHAPDEBUG((LOG_INFO, "MakeKey: 56-bit input : %02X%02X%02X%02X%02X%02X%02X\n", key[0], key[1], key[2], key[3], key[4], key[5], key[6])); CHAPDEBUG((LOG_INFO, "MakeKey: 64-bit output: %02X%02X%02X%02X%02X%02X%02X%02X\n", des_key[0], des_key[1], des_key[2], des_key[3], des_key[4], des_key[5], des_key[6], des_key[7])); #endif }
static void DesEncrypt( u_char *clear, /* IN 8 octets */ u_char *key, /* IN 7 octets */ u_char *cipher /* OUT 8 octets */) { u_char des_key[8]; u_char crypt_key[66]; u_char des_input[66]; MakeKey(key, des_key); Expand(des_key, crypt_key); setkey((char*)crypt_key); #if 0 CHAPDEBUG(LOG_INFO, ("DesEncrypt: 8 octet input : %02X%02X%02X%02X%02X%02X%02X%02X\n", clear[0], clear[1], clear[2], clear[3], clear[4], clear[5], clear[6], clear[7])); #endif Expand(clear, des_input); encrypt((char*)des_input, 0); Collapse(des_input, cipher); #if 0 CHAPDEBUG(LOG_INFO, ("DesEncrypt: 8 octet output: %02X%02X%02X%02X%02X%02X%02X%02X\n", cipher[0], cipher[1], cipher[2], cipher[3], cipher[4], cipher[5], cipher[6], cipher[7])); #endif }
static void DesEncrypt( u_char *clear, /* IN 8 octets */ u_char *key, /* IN 7 octets */ u_char *cipher /* OUT 8 octets */ ) { des_cblock des_key; des_key_schedule key_schedule; MakeKey(key, des_key); des_set_key(&des_key, key_schedule); #if 0 CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet input : %02X%02X%02X%02X%02X%02X%02X%02X\n", clear[0], clear[1], clear[2], clear[3], clear[4], clear[5], clear[6], clear[7])); #endif des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, key_schedule, 1); #if 0 CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet output: %02X%02X%02X%02X%02X%02X%02X%02X\n", cipher[0], cipher[1], cipher[2], cipher[3], cipher[4], cipher[5], cipher[6], cipher[7])); #endif }
/* * ChapInput - Input CHAP packet. */ static void ChapInput( int unit, u_char *inpacket, int packet_len) { chap_state *cstate = &chap[unit]; u_char *inp; u_char code, id; int len; /* * Parse header (code, id and length). * If packet too short, drop it. */ inp = inpacket; if (packet_len < CHAP_HEADERLEN) { CHAPDEBUG(("ChapInput: rcvd short header.")); return; } GETCHAR(code, inp); GETCHAR(id, inp); GETSHORT(len, inp); if (len < CHAP_HEADERLEN) { CHAPDEBUG(("ChapInput: rcvd illegal length.")); return; } if (len > packet_len) { CHAPDEBUG(("ChapInput: rcvd short packet.")); return; } len -= CHAP_HEADERLEN; /* * Action depends on code (as in fact it usually does :-). */ switch (code) { case CHAP_CHALLENGE: ChapReceiveChallenge(cstate, inp, id, len); break; case CHAP_RESPONSE: ChapReceiveResponse(cstate, inp, id, len); break; case CHAP_FAILURE: ChapReceiveFailure(cstate, inp, id, len); break; case CHAP_SUCCESS: ChapReceiveSuccess(cstate, inp, id, len); break; default: /* Need code reject? */ warn("Unknown CHAP code (%d) received.", code); break; } }
void ChapMS( chap_state *cstate, char *rchallenge, int rchallenge_len, char *secret, int secret_len) { MS_ChapResponse response; #ifdef MSLANMAN extern int ms_lanman; #endif #if 0 CHAPDEBUG(LOG_INFO, ("ChapMS: secret is '%.*s'\n", secret_len, secret)); #endif BZERO(&response, sizeof(response)); /* Calculate both always */ ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, &response); #ifdef MSLANMAN ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, &response); /* prefered method is set by option */ response.UseNT = !ms_lanman; #else response.UseNT = 1; #endif BCOPY(&response, cstate->response, MS_CHAP_RESPONSE_LEN); cstate->resp_length = MS_CHAP_RESPONSE_LEN; }
void ChapMS(chap_state *cstate, u_char *rchallenge, char *secret, int secret_len, MS_ChapResponse *response) { #if 0 CHAPDEBUG((LOG_INFO, "ChapMS: secret is '%.*s'", secret_len, secret)); #endif BZERO(response, sizeof(*response)); ChapMS_NT(rchallenge, secret, secret_len, response->NTResp); #ifdef MSLANMAN ChapMS_LANMan(rchallenge, secret, secret_len, response); /* preferred method is set by option */ response->UseNT[0] = !ms_lanman; #else response->UseNT[0] = 1; #endif cstate->resp_length = MS_CHAP_RESPONSE_LEN; #ifdef MPPE Set_Start_Key(rchallenge, secret, secret_len); mppe_keys_set = 1; #endif }
/* * ChapReceiveSuccess - Receive Success */ static void ChapReceiveSuccess( chap_state *cstate, u_char *inp, u_char id, int len) { if (cstate->clientstate == CHAPCS_OPEN) /* presumably an answer to a duplicate response */ return; if (cstate->clientstate != CHAPCS_RESPONSE) { /* don't know what this is */ CHAPDEBUG(("ChapReceiveSuccess: in state %d\n", cstate->clientstate)); return; } UNTIMEOUT(ChapResponseTimeout, cstate); /* * Print message. */ if (len > 0) PRINTMSG(inp, len); cstate->clientstate = CHAPCS_OPEN; auth_withpeer_success(cstate->unit, PPP_CHAP); }
/* * ChapReceiveFailure - Receive failure. */ static void ChapReceiveFailure( chap_state *cstate, u_char *inp, u_char id, int len) { if (cstate->clientstate != CHAPCS_RESPONSE) { /* don't know what this is */ CHAPDEBUG(("ChapReceiveFailure: in state %d\n", cstate->clientstate)); return; } UNTIMEOUT(ChapResponseTimeout, cstate); /* * Print message. */ if (len > 0) PRINTMSG(inp, len); error("CHAP authentication failed"); auth_withpeer_fail(cstate->unit, PPP_CHAP); }
/* * ChapReceiveResponse - Receive and process response. */ static void ChapReceiveResponse( chap_state *cstate, u_char *inp, int id, int len) { u_char *remmd, remmd_len; int secret_len, old_state; int code; char rhostname[256]; MD5_CTX mdContext; unsigned char secret[MAXSECRETLEN]; u_char hash[MD5_SIGNATURE_SIZE]; if (cstate->serverstate == CHAPSS_CLOSED || cstate->serverstate == CHAPSS_PENDING) { CHAPDEBUG(("ChapReceiveResponse: in state %d", cstate->serverstate)); return; } if (id != cstate->chal_id) return; /* doesn't match ID of last challenge */ /* * If we have received a duplicate or bogus Response, * we have to send the same answer (Success/Failure) * as we did for the first Response we saw. */ if (cstate->serverstate == CHAPSS_OPEN) { ChapSendStatus(cstate, CHAP_SUCCESS); return; } if (cstate->serverstate == CHAPSS_BADAUTH) { ChapSendStatus(cstate, CHAP_FAILURE); return; } if (len < 2) { CHAPDEBUG(("ChapReceiveResponse: rcvd short packet.")); return; } GETCHAR(remmd_len, inp); /* get length of MD */ remmd = inp; /* get pointer to MD */ INCPTR(remmd_len, inp); len -= sizeof (u_char) + remmd_len; if (len < 0) { CHAPDEBUG(("ChapReceiveResponse: rcvd short packet.")); return; } UNTIMEOUT(ChapChallengeTimeout, cstate); if (len >= sizeof(rhostname)) len = sizeof(rhostname) - 1; BCOPY(inp, rhostname, len); rhostname[len] = '\000'; /* * Get secret for authenticating them with us, * do the hash ourselves, and compare the result. */ code = CHAP_FAILURE; if (!get_secret(cstate->unit, (explicit_remote? remote_name: rhostname), cstate->chal_name, secret, &secret_len, 1)) { warn("No CHAP secret found for authenticating %q", rhostname); } else { /* generate MD based on negotiated type */ switch (cstate->chal_type) { case CHAP_DIGEST_MD5: /* only MD5 is defined for now */ if (remmd_len != MD5_SIGNATURE_SIZE) break; /* it's not even the right length */ MD5Init(&mdContext); MD5Update(&mdContext, &cstate->chal_id, 1); MD5Update(&mdContext, secret, secret_len); MD5Update(&mdContext, cstate->challenge, cstate->chal_len); MD5Final(hash, &mdContext); /* compare local and remote MDs and send the appropriate status */ if (memcmp (hash, remmd, MD5_SIGNATURE_SIZE) == 0) code = CHAP_SUCCESS; /* they are the same! */ break; default: CHAPDEBUG(("unknown digest type %d", cstate->chal_type)); } } BZERO(secret, sizeof(secret)); ChapSendStatus(cstate, code); if (code == CHAP_SUCCESS) { old_state = cstate->serverstate; cstate->serverstate = CHAPSS_OPEN; if (old_state == CHAPSS_INITIAL_CHAL) { auth_peer_success(cstate->unit, PPP_CHAP, rhostname, len); } if (cstate->chal_interval != 0) TIMEOUT(ChapRechallenge, cstate, cstate->chal_interval); notice("CHAP peer authentication succeeded for %q", rhostname); } else { error("CHAP peer authentication failed for remote host %q", rhostname); cstate->serverstate = CHAPSS_BADAUTH; auth_peer_fail(cstate->unit, PPP_CHAP); } }
/* * ChapReceiveChallenge - Receive Challenge and send Response. */ static void ChapReceiveChallenge( chap_state *cstate, u_char *inp, int id, int len) { int rchallenge_len; u_char *rchallenge; int secret_len; unsigned char secret[MAXSECRETLEN]; char rhostname[256]; MD5_CTX mdContext; u_char hash[MD5_SIGNATURE_SIZE]; if (cstate->clientstate == CHAPCS_CLOSED || cstate->clientstate == CHAPCS_PENDING) { CHAPDEBUG(("ChapReceiveChallenge: in state %d", cstate->clientstate)); return; } if (len < 2) { CHAPDEBUG(("ChapReceiveChallenge: rcvd short packet.")); return; } GETCHAR(rchallenge_len, inp); len -= sizeof (u_char) + rchallenge_len; /* now name field length */ if (len < 0) { CHAPDEBUG(("ChapReceiveChallenge: rcvd short packet.")); return; } rchallenge = inp; INCPTR(rchallenge_len, inp); if (len >= sizeof(rhostname)) len = sizeof(rhostname) - 1; BCOPY(inp, rhostname, len); rhostname[len] = '\000'; /* Microsoft doesn't send their name back in the PPP packet */ if (explicit_remote || (remote_name[0] != 0 && rhostname[0] == 0)) { strlcpy(rhostname, remote_name, sizeof(rhostname)); CHAPDEBUG(("ChapReceiveChallenge: using '%q' as remote name", rhostname)); } /* get secret for authenticating ourselves with the specified host */ if (!get_secret(cstate->unit, cstate->resp_name, rhostname, secret, &secret_len, 0)) { secret_len = 0; /* assume null secret if can't find one */ warn("No CHAP secret found for authenticating us to %q", rhostname); } /* cancel response send timeout if necessary */ if (cstate->clientstate == CHAPCS_RESPONSE) UNTIMEOUT(ChapResponseTimeout, cstate); cstate->resp_id = id; cstate->resp_transmits = 0; /* generate MD based on negotiated type */ switch (cstate->resp_type) { case CHAP_DIGEST_MD5: MD5Init(&mdContext); MD5Update(&mdContext, &cstate->resp_id, 1); MD5Update(&mdContext, secret, secret_len); MD5Update(&mdContext, rchallenge, rchallenge_len); MD5Final(hash, &mdContext); BCOPY(hash, cstate->response, MD5_SIGNATURE_SIZE); cstate->resp_length = MD5_SIGNATURE_SIZE; break; #ifdef CHAPMS case CHAP_MICROSOFT: ChapMS(cstate, rchallenge, rchallenge_len, secret, secret_len); break; #endif default: CHAPDEBUG(("unknown digest type %d", cstate->resp_type)); return; } BZERO(secret, sizeof(secret)); ChapSendResponse(cstate); }