Annotation of embedaddon/libpdel/ppp/ppp_auth.h, revision 1.1
1.1 ! misho 1:
! 2: /*
! 3: * Copyright (c) 2001-2002 Packet Design, LLC.
! 4: * All rights reserved.
! 5: *
! 6: * Subject to the following obligations and disclaimer of warranty,
! 7: * use and redistribution of this software, in source or object code
! 8: * forms, with or without modifications are expressly permitted by
! 9: * Packet Design; provided, however, that:
! 10: *
! 11: * (i) Any and all reproductions of the source or object code
! 12: * must include the copyright notice above and the following
! 13: * disclaimer of warranties; and
! 14: * (ii) No rights are granted, in any manner or form, to use
! 15: * Packet Design trademarks, including the mark "PACKET DESIGN"
! 16: * on advertising, endorsements, or otherwise except as such
! 17: * appears in the above copyright notice or in the software.
! 18: *
! 19: * THIS SOFTWARE IS BEING PROVIDED BY PACKET DESIGN "AS IS", AND
! 20: * TO THE MAXIMUM EXTENT PERMITTED BY LAW, PACKET DESIGN MAKES NO
! 21: * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING
! 22: * THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED
! 23: * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
! 24: * OR NON-INFRINGEMENT. PACKET DESIGN DOES NOT WARRANT, GUARANTEE,
! 25: * OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS
! 26: * OF THE USE OF THIS SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY,
! 27: * RELIABILITY OR OTHERWISE. IN NO EVENT SHALL PACKET DESIGN BE
! 28: * LIABLE FOR ANY DAMAGES RESULTING FROM OR ARISING OUT OF ANY USE
! 29: * OF THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY DIRECT,
! 30: * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, PUNITIVE, OR CONSEQUENTIAL
! 31: * DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, LOSS OF
! 32: * USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY THEORY OF
! 33: * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
! 34: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
! 35: * THE USE OF THIS SOFTWARE, EVEN IF PACKET DESIGN IS ADVISED OF
! 36: * THE POSSIBILITY OF SUCH DAMAGE.
! 37: *
! 38: * Author: Archie Cobbs <archie@freebsd.org>
! 39: */
! 40:
! 41: #ifndef _PDEL_PPP_PPP_AUTH_H_
! 42: #define _PDEL_PPP_PPP_AUTH_H_
! 43:
! 44: struct ppp_auth_config;
! 45: struct ppp_fsm_option;
! 46: struct ppp_link;
! 47: struct ppp_log;
! 48:
! 49: /* Types of authentication (in reverse order of preference) */
! 50: enum ppp_auth_index {
! 51: PPP_AUTH_NONE = 0,
! 52: PPP_AUTH_PAP,
! 53: PPP_AUTH_CHAP_MSV1,
! 54: PPP_AUTH_CHAP_MSV2,
! 55: PPP_AUTH_CHAP_MD5,
! 56: PPP_AUTH_MAX
! 57: };
! 58:
! 59: #ifndef MD5_DIGEST_LENGTH
! 60: #define MD5_DIGEST_LENGTH 16
! 61: #endif
! 62:
! 63: /* Max authorization username and password length */
! 64: #define PPP_MAX_AUTHNAME 64
! 65: #define PPP_MAX_AUTHPASS 64
! 66:
! 67: /* Max challenge/response data length */
! 68: #define PPP_MAX_AUTHVALUE 64
! 69:
! 70: /* Microsoft stuff */
! 71: #define PPP_MSOFT_LM_HASH_LEN 24
! 72: #define PPP_MSOFT_NT_HASH_LEN 24
! 73: #define PPP_MSOFTV1_CHAL_LEN 8
! 74: #define PPP_MSOFTV2_CHAL_LEN 16
! 75: #define PPP_MSOFT_RESP_LEN 49
! 76: #define PPP_MSOFTV2_AUTHRESP_LEN 20
! 77:
! 78: #define PPP_MPPE_DATA_MAX MAX(PPP_MSOFTV1_CHAL_LEN, PPP_MSOFT_NT_HASH_LEN)
! 79:
! 80: /***********************************************************************
! 81: AUTHORIZATION CREDENTIALS
! 82: ***********************************************************************/
! 83:
! 84: /* Credentials for PAP */
! 85: struct ppp_auth_cred_pap {
! 86: char name[PPP_MAX_AUTHNAME];
! 87: char password[PPP_MAX_AUTHPASS];
! 88: };
! 89:
! 90: /* Response data for MD5 CHAP */
! 91: struct ppp_auth_cred_chap_md5 {
! 92: u_char id;
! 93: u_char hash[MD5_DIGEST_LENGTH];
! 94: };
! 95:
! 96: /* Response data for MSoft CHAPv1 */
! 97: struct ppp_auth_cred_chap_msv1 {
! 98: u_char lm_hash[PPP_MSOFT_LM_HASH_LEN];
! 99: u_char nt_hash[PPP_MSOFT_NT_HASH_LEN];
! 100: u_char use_nt;
! 101: };
! 102:
! 103: /* Response data for MSoft CHAPv2 */
! 104: struct ppp_auth_cred_chap_msv2 {
! 105: u_char peer_chal[PPP_MSOFTV2_CHAL_LEN];
! 106: u_char reserved[8];
! 107: u_char nt_response[PPP_MSOFT_NT_HASH_LEN];
! 108: u_char flags;
! 109: };
! 110:
! 111: /* Credentials for CHAP */
! 112: struct ppp_auth_cred_chap {
! 113: char name[PPP_MAX_AUTHNAME];
! 114: u_char chal_len;
! 115: u_char chal_data[PPP_MAX_AUTHVALUE];
! 116: union {
! 117: struct ppp_auth_cred_chap_md5 md5;
! 118: struct ppp_auth_cred_chap_msv1 msv1;
! 119: struct ppp_auth_cred_chap_msv2 msv2;
! 120: } u;
! 121: };
! 122:
! 123: /* Authorization credentials info */
! 124: struct ppp_auth_cred {
! 125: enum ppp_auth_index type;
! 126: union {
! 127: struct ppp_auth_cred_pap pap;
! 128: struct ppp_auth_cred_chap chap;
! 129: } u;
! 130: };
! 131:
! 132: /***********************************************************************
! 133: AUTHORIZATION RESPONSE
! 134: ***********************************************************************/
! 135:
! 136: /* Microsoft MPPE information derived from CHAP exchange */
! 137: struct ppp_auth_mppe_chapv1 {
! 138: u_char key_64[8]; /* lan-man hash (40, 56 bits) */
! 139: u_char key_128[16]; /* start key (128 bits) */
! 140: };
! 141:
! 142: struct ppp_auth_mppe_chapv2 {
! 143: u_char keys[2][16]; /* server xmit key is first */
! 144: };
! 145:
! 146: union ppp_auth_mppe {
! 147: struct ppp_auth_mppe_chapv1 msv1;
! 148: struct ppp_auth_mppe_chapv2 msv2;
! 149: };
! 150:
! 151: /* Authorization response info */
! 152: struct ppp_auth_resp {
! 153: u_char authresp[PPP_MSOFTV2_AUTHRESP_LEN];
! 154: union ppp_auth_mppe mppe; /* mppe keys */
! 155: char errmsg[64]; /* error message */
! 156: };
! 157:
! 158: /***********************************************************************
! 159: CREDENTIALS CALLBACKS
! 160: ***********************************************************************/
! 161:
! 162: /*
! 163: * Function type for acquiring credentials. Any name and/or challenge
! 164: * data will already be present in the credentials structure.
! 165: *
! 166: * Note: if type is PPP_AUTH_CHAP_MSV2, the caller MUST fill in the
! 167: * "authresp" array with the 20 byte MS-CHAPv2 authenticator response.
! 168: *
! 169: * Note: if type is PPP_AUTH_CHAP_MSV1 or PPP_AUTH_CHAP_MSV2, the caller
! 170: * SHOULD fill in the "mppe" structure with the MPPE key(s).
! 171: *
! 172: * Note: this function will be called in a separate thread that may
! 173: * be canceled at any time; it should be prepared to clean up if so.
! 174: *
! 175: * Note: 'resp' has been zeroed out when this function is invoked.
! 176: * The MPPE key fields should remain zeroed out unless valid keys
! 177: * are present.
! 178: *
! 179: * Returns:
! 180: * 0 Credentials found
! 181: * -1 Credentials can't be found. Set errno or resp->errmsg.
! 182: */
! 183: typedef int ppp_auth_acquire_t(struct ppp_link *link,
! 184: struct ppp_auth_cred *creds,
! 185: struct ppp_auth_resp *resp);
! 186:
! 187: /*
! 188: * Function type for checking credentials.
! 189: *
! 190: * Note: if type is PPP_AUTH_CHAP_MSV2, the caller must fill in the
! 191: * "authresp" array with the 20 byte MS-CHAPv2 authenticator response.
! 192: *
! 193: * Note: if type is PPP_AUTH_CHAP_MSV1 or PPP_AUTH_CHAP_MSV2, the caller
! 194: * SHOULD fill in the "mppe" structure with the MPPE key(s).
! 195: *
! 196: * Note: this function will be called in a separate thread that may
! 197: * be canceled at any time; it should be prepared to clean up if so.
! 198: *
! 199: * Note: 'resp' has been zeroed out when this function is invoked.
! 200: * The MPPE key fields should remain zeroed out unless valid keys
! 201: * are present.
! 202: *
! 203: * Returns:
! 204: * 0 Credentials are valid
! 205: * -1 Credentials can't be validated. Set errno or resp->errmsg.
! 206: */
! 207: typedef int ppp_auth_check_t(struct ppp_link *link,
! 208: const struct ppp_auth_cred *creds,
! 209: struct ppp_auth_resp *resp);
! 210:
! 211: /*
! 212: * Authorization information supplied by caller.
! 213: */
! 214: struct ppp_auth_meth {
! 215: ppp_auth_acquire_t *acquire;
! 216: ppp_auth_check_t *check;
! 217: };
! 218:
! 219: /* Authorization configuration for a link */
! 220: struct ppp_auth_config {
! 221: struct ppp_auth_meth *meth; /* auth_config callbacks */
! 222: u_int32_t allow[2]; /* auth types allowed (bits) */
! 223: };
! 224:
! 225: /***********************************************************************
! 226: PPP PRIVATE STUFF
! 227: ***********************************************************************/
! 228:
! 229: #ifdef _PDEL_PPP_PRIVATE_H_
! 230:
! 231: /*
! 232: * Authorization type methods
! 233: */
! 234: typedef void *ppp_authtype_start_t(struct pevent_ctx *ev_ctx,
! 235: struct ppp_link *link, pthread_mutex_t *mutex,
! 236: int dir, u_int16_t *protop, struct ppp_log *log);
! 237: typedef void ppp_authtype_cancel_t(void *arg);
! 238: typedef void ppp_authtype_input_t(void *arg,
! 239: int dir, void *data, size_t len);
! 240:
! 241: /* Authorization type descriptor */
! 242: struct ppp_auth_type {
! 243: const char *name; /* name */
! 244: enum ppp_auth_index index; /* auth type index */
! 245: ppp_authtype_start_t *start; /* start method */
! 246: ppp_authtype_cancel_t *cancel; /* cancel method */
! 247: ppp_authtype_input_t *input; /* input packet method */
! 248: u_int len; /* length of option data */
! 249: const u_char data[8]; /* option data */
! 250: };
! 251:
! 252: __BEGIN_DECLS
! 253:
! 254: /* Authorization type functions */
! 255: extern const struct ppp_auth_type *ppp_auth_by_option(
! 256: const struct ppp_fsm_option *opt);
! 257: extern const struct ppp_auth_type *ppp_auth_by_index(
! 258: enum ppp_auth_index index);
! 259:
! 260: extern opt_pr_t ppp_auth_print;
! 261:
! 262: __END_DECLS
! 263:
! 264: #endif /* _PDEL_PPP_PRIVATE_H_ */
! 265:
! 266: #endif /* _PDEL_PPP_PPP_AUTH_H_ */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to ppp_auth.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / libpdel / ppp