static void
chap_Respond_old(struct chap *chap, char *name, char *key, u_char type
#ifdef HAVE_DES
                 , int lm
#endif
                )
{
    u_char *ans;

    ans = chap_BuildAnswer(name, key, chap->auth.id, chap->challenge.peer, type
#ifdef HAVE_DES
                           , lm
#endif
                          );

    if (ans) {
        ChapOutput(chap->auth.physical, CHAP_RESPONSE, chap->auth.id,
                   ans, *ans + 1 + strlen(name), name);
#ifdef HAVE_DES
        chap->NTRespSent = !lm;
#endif
        free(ans);
    } else
        ChapOutput(chap->auth.physical, CHAP_FAILURE, chap->auth.id,
                   "Out of memory!", 14, NULL);
}
示例#2
0
static void
chap_Respond(struct chap *chap, char *name, char *key
#ifndef NODES
             , u_char type, int lm
#endif
            )
{
  u_char *ans;

  ans = chap_BuildAnswer(name, key, chap->auth.id, chap->challenge.peer
#ifndef NODES
                         , type, chap->challenge.local, chap->authresponse, lm
#endif
                        );

  if (ans) {
    ChapOutput(chap->auth.physical, CHAP_RESPONSE, chap->auth.id,
               ans, *ans + 1 + strlen(name), name);
#ifndef NODES
    chap->NTRespSent = !lm;
    MPPE_IsServer = 0;		/* XXX Global ! */
#endif
    free(ans);
  } else
    ChapOutput(chap->auth.physical, CHAP_FAILURE, chap->auth.id,
               "Out of memory!", 14, NULL);
}
/*****************************************************************************
 函 数 名  : chap_Success
 功能描述  : 构造Success帧并发送
 输入参数  : l - PPP链接
 输出参数  : 无
 返 回 值  : 无
 调用函数  :
 被调函数  :

 修改历史      :
  1.日    期   : 2008年10月25日
    作    者   : liukai
    修改内容   : porting from BSD

*****************************************************************************/
static VOS_VOID chap_Success(struct link *l)
{
    struct authinfo *authp = &(l->chap.auth);
    const VOS_CHAR *pcMsg = "Welcome!!";    /* follow BSD use "Welcome!!" as message */

    /* Success body: */
    /*
     *  -------------
     * |   Message   |
     *  -------------
     */

    ChapOutput(l, CHAP_SUCCESS, authp->id, (VOS_UCHAR *)pcMsg, VOS_StrLen((VOS_CHAR *)pcMsg), VOS_NULL_PTR);

    l->lcp.auth_ineed = 0;    /* after Authentication, clear flag to authenticate peer */

    if (0 == l->lcp.auth_iwait)    /* auth_iwait: 0, authentication to peer is not complete or no need to authentication,
                                               !0, authentication to peer is complete */
    {
        /*
         * Either I didn't need to authenticate, or I've already been
         * told that I got the answer right.
         */
        chap_ReInit(&(l->chap));
        if (PHASE_AUTHENTICATE == l->phase)
        {
            l->phase = PHASE_NETWORK;
            l->ipcp.fsm.state = ST_CLOSED;
            fsm_Open(&(l->ipcp.fsm));
            PPP_MNTN_LOG(PS_PID_APP_PPP, 0, PS_PRINT_NORMAL, "goto ipcp stage!\r\n");
        }
    }

    return;
}    /* chap_Success */
/*****************************************************************************
 函 数 名  : chap_Respond
 功能描述  : 构造Response帧并发送
 输入参数  : l - PPP链接
             name - 待填写的Name值
 输出参数  : 无
 返 回 值  : 无
 调用函数  :
 被调函数  :

 修改历史      :
  1.日    期   : 2008年10月24日
    作    者   : liukai
    修改内容   : porting from BSD

*****************************************************************************/
static VOS_VOID chap_Respond(struct link *l, const VOS_CHAR *name)
{
    VOS_UCHAR  aucResponseBody[1+MD5DIGESTSIZE+AUTHLEN];
    VOS_UINT32    len;    /* length of Response body */
    VOS_UINT32 ulHashValueLoop;

    /* Response body: */
    /*
     *  ------------------- --------------------- ----------
     * |   HASH-Size(1B)   |   HASH-Value(16B)   |   Name   |
     *  ------------------- --------------------- ----------
     */
    len = 1 + MD5DIGESTSIZE + VOS_StrLen((VOS_CHAR *)name);    /* BSD always thinks user name is not beyong AUTHLEN octets */

    aucResponseBody[0] = MD5DIGESTSIZE;    /* as CHAP only support MD5, MD5 hash value is 16 octets */
    /* in our product, when rx-ed Challenge from PC, just response hash value with zero */
    for (ulHashValueLoop = 1; ulHashValueLoop <= MD5DIGESTSIZE; ulHashValueLoop ++)
    {
        aucResponseBody[ulHashValueLoop] = 0x00;
    }

    if ((VOS_NULL_PTR != name) && ('\0' != *name))
    {
        PS_MEM_CPY(&aucResponseBody[1+MD5DIGESTSIZE], name, VOS_StrLen((VOS_CHAR*)name));
    }
    ChapOutput(l, CHAP_RESPONSE, (l->chap.auth.id), aucResponseBody, len, name);

    return;
}    /* chap_Respond */
示例#5
0
static void
chap_Challenge(struct authinfo *authp)
{
  struct chap *chap = auth2chap(authp);
  int len;

  log_Printf(LogDEBUG, "CHAP%02X: Challenge\n",
             authp->physical->link.lcp.want_authtype);

  len = strlen(authp->physical->dl->bundle->cfg.auth.name);

  /* Generate new local challenge value */
  if (!*chap->challenge.local)
    chap_ChallengeInit(authp);

#ifndef NODES
  if (authp->physical->link.lcp.want_authtype == 0x81)
    ChapOutput(authp->physical, CHAP_CHALLENGE, authp->id,
             chap->challenge.local, 1 + *chap->challenge.local, NULL);
  else
#endif
    ChapOutput(authp->physical, CHAP_CHALLENGE, authp->id,
             chap->challenge.local, 1 + *chap->challenge.local + len, NULL);
}
static void
chap_Success_old(struct authinfo *authp)
{
    datalink_GotAuthname(authp->physical->dl, authp->in.name);
    ChapOutput(authp->physical, CHAP_SUCCESS, authp->id, "Welcome!!", 10, NULL);
    authp->physical->link.lcp.auth_ineed = 0;
    if (Enabled(authp->physical->dl->bundle, OPT_UTMP))
        physical_Login(authp->physical, authp->in.name);

    if (authp->physical->link.lcp.auth_iwait == 0)
        /*
         * Either I didn't need to authenticate, or I've already been
         * told that I got the answer right.
         */
        datalink_AuthOk(authp->physical->dl);
}
/*****************************************************************************
 函 数 名  : chap_Challenge
 功能描述  : 构造Challenge帧并发送
 输入参数  : l - PPP链接
 输出参数  : 无
 返 回 值  : 无
 调用函数  :
 被调函数  :

 修改历史      :
  1.日    期   : 2008年10月25日
    作    者   : liukai
    修改内容   : porting from BSD

*****************************************************************************/
VOS_VOID chap_Challenge(struct link *l)
{
    struct chap *chap = &(l->chap);
    VOS_UINT32 len, i;
    VOS_UINT8 *cp;
    VOS_UINT32 ulTick;
    const VOS_CHAR acLocalChallenge[] = "HUAWEI_CHAP_SRVR";   /* we always use "HUAWEI_CHAP_SRVR" as Name of Challenge */

    /* Challenge body: */
    /*
     *  ------------------------ --------------------- ----------
     * |   Challenge-Size(1B)   |   Challenge-Value   |   Name   |
     *  ------------------------ --------------------- ----------
     */
    len = VOS_StrLen((VOS_CHAR *)acLocalChallenge);

    if (0x0 == *(chap->challenge.local)) {    /* as each time local[0] is 0x0, here is always true */
        ulTick = VOS_GetTick();
        VOS_SetSeed(ulTick);    /* use current tick as seed of random algorithm */

        cp = chap->challenge.local;
        /*AT2D19295 测试组建议challenge中随机字符串长度固定为16,和标杆一致 */
        *cp++ = (VOS_UINT8)(MD5DIGESTSIZE);

        /*
          *cp++ = (VOS_UINT8)(PS_RAND(CHAPCHALLENGELEN-MD5DIGESTSIZE) + MD5DIGESTSIZE);
          随机字串长度本为任意长度, 存放在local的第一个字节,为了防止对端只支持MD5而要求长度为16, 特意保证长度至少16字节
        */
        for (i = 0; i < *(chap->challenge.local); i++)
        {
            *cp++ = (VOS_UINT8)PS_RAND(PS_NULL_UINT8+1);    /* 随机字串 */
        }

        /* use memcpy instead of strcpy, as "The Name should not be NUL or CR/LF terminated." in RFC1994 */
        PS_MEM_CPY(cp, acLocalChallenge, len);
    }

    /* each time send challenge, record its packet */
    ChapBufferChallengePacket(chap, chap->auth.id, chap->challenge.local,
                              1 + *(chap->challenge.local) + len);

    ChapOutput(l, CHAP_CHALLENGE, chap->auth.id, chap->challenge.local,
               1 + *(chap->challenge.local) + len, VOS_NULL_PTR);    /* 1: challenge length, *local: 随机字串长度, len: Name length */

    return;
}    /* chap_Challenge */
示例#8
0
static void
chap_Failure(struct authinfo *authp)
{
#ifndef NODES
  char buf[1024], *ptr;
#endif
  const char *msg;

#ifndef NORADIUS
  struct bundle *bundle = authp->physical->link.lcp.fsm.bundle;
  if (*bundle->radius.cfg.file && bundle->radius.errstr)
    msg = bundle->radius.errstr;
  else
#endif
#ifndef NODES
  if (authp->physical->link.lcp.want_authtype == 0x80) {
    snprintf(buf, sizeof buf, "E=691 R=1 M=Invalid!");
    msg = buf;
  } else if (authp->physical->link.lcp.want_authtype == 0x81) {
    int i;

    ptr = buf;
    snprintf(buf, sizeof(buf), "E=691 R=0 C=");
    ptr += strlen(ptr);
    for (i=0; i<16; i++) {
      snprintf(ptr, buf + sizeof buf - ptr, "%02X", *(auth2chap(authp)->challenge.local+1+i));
      ptr += strlen(ptr);
      if (ptr > buf + sizeof buf)
        break;
    }

    snprintf(ptr, buf + sizeof buf - ptr, " V=3 M=Invalid!");
    msg = buf;
  } else
#endif
    msg = "Invalid!!";

  ChapOutput(authp->physical, CHAP_FAILURE, authp->id, msg, strlen(msg) + 1,
             NULL);
  datalink_AuthNotOk(authp->physical->dl);
}
示例#9
0
static void
chap_Success(struct authinfo *authp)
{
  struct bundle *bundle = authp->physical->dl->bundle;
  const char *msg;

  datalink_GotAuthname(authp->physical->dl, authp->in.name);
#ifndef NODES
  if (authp->physical->link.lcp.want_authtype == 0x81) {
#ifndef NORADIUS
    if (*bundle->radius.cfg.file && bundle->radius.msrepstr)
      msg = bundle->radius.msrepstr;
    else
#endif
      msg = auth2chap(authp)->authresponse;
    MPPE_MasterKeyValid = 1;		/* XXX Global ! */
  } else
#endif
#ifndef NORADIUS
  if (*bundle->radius.cfg.file && bundle->radius.repstr)
    msg = bundle->radius.repstr;
  else
#endif
    msg = "Welcome!!";

  ChapOutput(authp->physical, CHAP_SUCCESS, authp->id, msg, strlen(msg),
             NULL);

  authp->physical->link.lcp.auth_ineed = 0;
  if (Enabled(bundle, OPT_UTMP))
    physical_Login(authp->physical, authp->in.name);

  if (authp->physical->link.lcp.auth_iwait == 0)
    /*
     * Either I didn't need to authenticate, or I've already been
     * told that I got the answer right.
     */
    datalink_AuthOk(authp->physical->dl);
}
static void
chap_Challenge_old(struct authinfo *authp)
{
    struct chap *chap = auth2chap(authp);
    int len, i;
    char *cp;

    len = strlen(authp->physical->dl->bundle->cfg.auth.name);

    if (!*chap->challenge.local) {    /* as each time, local is NULL, here is always true */
        randinit();
        cp = chap->challenge.local;

#ifndef NORADIUS
        if (*authp->physical->dl->bundle->radius.cfg.file) {
            /* For radius, our challenge is 16 readable NUL terminated bytes :*/
            *cp++ = 16;
            for (i = 0; i < 16; i++)
                *cp++ = (random() % 10) + '0';
        } else
#endif
        {
#ifdef HAVE_DES
            if (authp->physical->link.lcp.want_authtype == 0x80)
                *cp++ = 8;	/* MS does 8 byte callenges :-/ */
            else
#endif
                *cp++ = random() % (CHAPCHALLENGELEN-16) + 16;    /* 随机字串长度本身设为随机值, 放在local的第一个字节 */
            for (i = 0; i < *chap->challenge.local; i++)
                *cp++ = random() & 0xff;    /* 随机字串 */
        }
        memcpy(cp, authp->physical->dl->bundle->cfg.auth.name, len);
    }
    ChapOutput(authp->physical, CHAP_CHALLENGE, authp->id, chap->challenge.local,
               1 + *chap->challenge.local + len, NULL);    /* 1: Value-Size, *local: 随机字串长度, len: Name length */
}
static void
chap_Failure_old(struct authinfo *authp)
{
    ChapOutput(authp->physical, CHAP_FAILURE, authp->id, "Invalid!!", 9, NULL);
    datalink_AuthNotOk(authp->physical->dl);
}