static void chap_response(chap *_this, int authok, u_char *pktp, int lpktp) { const char *realm_name; CHAP_ASSERT(_this != NULL); CHAP_ASSERT(pktp != NULL); CHAP_ASSERT(_this->type == PPP_AUTH_CHAP_MD5 || _this->type == PPP_AUTH_CHAP_MS_V2); ppp_output(_this->ppp, PPP_PROTO_CHAP, (authok)? 3 : 4, _this->challid, pktp, lpktp); realm_name = npppd_ppp_get_realm_name(_this->ppp->pppd, _this->ppp); if (!authok) { chap_log(_this, LOG_ALERT, "logtype=Failure username=\"%s\" realm=%s", _this->name, realm_name); chap_stop(_this); /* Stop the PPP if the authentication is failed. */ ppp_set_disconnect_cause(_this->ppp, PPP_DISCON_AUTH_FAILED, PPP_PROTO_CHAP, 1 /* peer */, NULL); ppp_stop(_this->ppp, "Authentication Required"); } else { strlcpy(_this->ppp->username, _this->name, sizeof(_this->ppp->username)); chap_log(_this, LOG_INFO, "logtype=Success username=\"%s\" " "realm=%s", _this->name, realm_name); chap_stop(_this); /* We change our state to prepare to resend requests. */ _this->state = CHAP_STATE_SENT_RESPONSE; ppp_auth_ok(_this->ppp); } }
static void pap_response(pap *_this, int authok, const char *mes) { int lpktp, lmes; u_char *pktp, *pktp1; const char *realm; pktp = ppp_packetbuf(_this->ppp, PPP_PROTO_PAP) + HEADERLEN; lpktp = _this->ppp->mru - HEADERLEN; realm = npppd_ppp_get_realm_name(_this->ppp->pppd, _this->ppp); pktp1 = pktp; if (mes == NULL) lmes = 0; else lmes = strlen(mes); lmes = MINIMUM(lmes, lpktp - 1); PUTCHAR(lmes, pktp1); if (lmes > 0) memcpy(pktp1, mes, lmes); lpktp = lmes + 1; if (authok) ppp_output(_this->ppp, PPP_PROTO_PAP, AUTHACK, _this->auth_id, pktp, lpktp); else ppp_output(_this->ppp, PPP_PROTO_PAP, AUTHNAK, _this->auth_id, pktp, lpktp); if (!authok) { pap_log(_this, LOG_ALERT, "logtype=Failure username=\"%s\" realm=%s", _this->name, realm); pap_stop(_this); ppp_set_disconnect_cause(_this->ppp, PPP_DISCON_AUTH_FAILED, PPP_PROTO_PAP, 1 /* peer */, NULL); ppp_stop(_this->ppp, "Authentication Required"); } else { strlcpy(_this->ppp->username, _this->name, sizeof(_this->ppp->username)); pap_log(_this, LOG_INFO, "logtype=Success username=\"%s\" realm=%s", _this->name, realm); pap_stop(_this); ppp_auth_ok(_this->ppp); /* reset the state to response request of retransmision. */ _this->state = PAP_STATE_SENT_RESPONSE; } }
/** called when the lcp is up */ void ppp_lcp_up(npppd_ppp *_this) { #ifdef USE_NPPPD_MPPE if (MPPE_REQUIRED(_this) && !MPPE_MUST_NEGO(_this)) { ppp_log(_this, LOG_ERR, "MPPE is required, auth protocol must " "be MS-CHAP-V2 or EAP"); ppp_stop(_this, "Encryption required"); return; } #endif /* * Use our MRU value even if the peer insists on larger value. * We set the peer_mtu here, the value will be used as the MTU of the * routing entry. So we will not receive packets larger than the MTU. */ if (_this->peer_mru > _this->mru) _this->peer_mru = _this->mru; if (_this->peer_auth != 0 && _this->auth_runonce == 0) { if (AUTH_IS_PAP(_this)) { pap_start(&_this->pap); _this->auth_runonce = 1; return; } if (AUTH_IS_CHAP(_this)) { chap_start(&_this->chap); _this->auth_runonce = 1; return; } #ifdef USE_NPPPD_EAP_RADIUS if (AUTH_IS_EAP(_this)) { eap_init(&_this->eap, _this); eap_start(&_this->eap); return; } #endif } if (_this->peer_auth == 0) ppp_auth_ok(_this); }