Annotation of embedaddon/libpdel/ppp/ppp_auth.h, revision 1.1.1.1
1.1 misho 1:
2: /*
3: * Copyright (c) 2001-2002 Packet Design, LLC.
4: * All rights reserved.
5: *
6: * Subject to the following obligations and disclaimer of warranty,
7: * use and redistribution of this software, in source or object code
8: * forms, with or without modifications are expressly permitted by
9: * Packet Design; provided, however, that:
10: *
11: * (i) Any and all reproductions of the source or object code
12: * must include the copyright notice above and the following
13: * disclaimer of warranties; and
14: * (ii) No rights are granted, in any manner or form, to use
15: * Packet Design trademarks, including the mark "PACKET DESIGN"
16: * on advertising, endorsements, or otherwise except as such
17: * appears in the above copyright notice or in the software.
18: *
19: * THIS SOFTWARE IS BEING PROVIDED BY PACKET DESIGN "AS IS", AND
20: * TO THE MAXIMUM EXTENT PERMITTED BY LAW, PACKET DESIGN MAKES NO
21: * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING
22: * THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED
23: * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
24: * OR NON-INFRINGEMENT. PACKET DESIGN DOES NOT WARRANT, GUARANTEE,
25: * OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS
26: * OF THE USE OF THIS SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY,
27: * RELIABILITY OR OTHERWISE. IN NO EVENT SHALL PACKET DESIGN BE
28: * LIABLE FOR ANY DAMAGES RESULTING FROM OR ARISING OUT OF ANY USE
29: * OF THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY DIRECT,
30: * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, PUNITIVE, OR CONSEQUENTIAL
31: * DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, LOSS OF
32: * USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY THEORY OF
33: * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
35: * THE USE OF THIS SOFTWARE, EVEN IF PACKET DESIGN IS ADVISED OF
36: * THE POSSIBILITY OF SUCH DAMAGE.
37: *
38: * Author: Archie Cobbs <archie@freebsd.org>
39: */
40:
41: #ifndef _PDEL_PPP_PPP_AUTH_H_
42: #define _PDEL_PPP_PPP_AUTH_H_
43:
44: struct ppp_auth_config;
45: struct ppp_fsm_option;
46: struct ppp_link;
47: struct ppp_log;
48:
49: /* Types of authentication (in reverse order of preference) */
50: enum ppp_auth_index {
51: PPP_AUTH_NONE = 0,
52: PPP_AUTH_PAP,
53: PPP_AUTH_CHAP_MSV1,
54: PPP_AUTH_CHAP_MSV2,
55: PPP_AUTH_CHAP_MD5,
56: PPP_AUTH_MAX
57: };
58:
59: #ifndef MD5_DIGEST_LENGTH
60: #define MD5_DIGEST_LENGTH 16
61: #endif
62:
63: /* Max authorization username and password length */
64: #define PPP_MAX_AUTHNAME 64
65: #define PPP_MAX_AUTHPASS 64
66:
67: /* Max challenge/response data length */
68: #define PPP_MAX_AUTHVALUE 64
69:
70: /* Microsoft stuff */
71: #define PPP_MSOFT_LM_HASH_LEN 24
72: #define PPP_MSOFT_NT_HASH_LEN 24
73: #define PPP_MSOFTV1_CHAL_LEN 8
74: #define PPP_MSOFTV2_CHAL_LEN 16
75: #define PPP_MSOFT_RESP_LEN 49
76: #define PPP_MSOFTV2_AUTHRESP_LEN 20
77:
78: #define PPP_MPPE_DATA_MAX MAX(PPP_MSOFTV1_CHAL_LEN, PPP_MSOFT_NT_HASH_LEN)
79:
80: /***********************************************************************
81: AUTHORIZATION CREDENTIALS
82: ***********************************************************************/
83:
84: /* Credentials for PAP */
85: struct ppp_auth_cred_pap {
86: char name[PPP_MAX_AUTHNAME];
87: char password[PPP_MAX_AUTHPASS];
88: };
89:
90: /* Response data for MD5 CHAP */
91: struct ppp_auth_cred_chap_md5 {
92: u_char id;
93: u_char hash[MD5_DIGEST_LENGTH];
94: };
95:
96: /* Response data for MSoft CHAPv1 */
97: struct ppp_auth_cred_chap_msv1 {
98: u_char lm_hash[PPP_MSOFT_LM_HASH_LEN];
99: u_char nt_hash[PPP_MSOFT_NT_HASH_LEN];
100: u_char use_nt;
101: };
102:
103: /* Response data for MSoft CHAPv2 */
104: struct ppp_auth_cred_chap_msv2 {
105: u_char peer_chal[PPP_MSOFTV2_CHAL_LEN];
106: u_char reserved[8];
107: u_char nt_response[PPP_MSOFT_NT_HASH_LEN];
108: u_char flags;
109: };
110:
111: /* Credentials for CHAP */
112: struct ppp_auth_cred_chap {
113: char name[PPP_MAX_AUTHNAME];
114: u_char chal_len;
115: u_char chal_data[PPP_MAX_AUTHVALUE];
116: union {
117: struct ppp_auth_cred_chap_md5 md5;
118: struct ppp_auth_cred_chap_msv1 msv1;
119: struct ppp_auth_cred_chap_msv2 msv2;
120: } u;
121: };
122:
123: /* Authorization credentials info */
124: struct ppp_auth_cred {
125: enum ppp_auth_index type;
126: union {
127: struct ppp_auth_cred_pap pap;
128: struct ppp_auth_cred_chap chap;
129: } u;
130: };
131:
132: /***********************************************************************
133: AUTHORIZATION RESPONSE
134: ***********************************************************************/
135:
136: /* Microsoft MPPE information derived from CHAP exchange */
137: struct ppp_auth_mppe_chapv1 {
138: u_char key_64[8]; /* lan-man hash (40, 56 bits) */
139: u_char key_128[16]; /* start key (128 bits) */
140: };
141:
142: struct ppp_auth_mppe_chapv2 {
143: u_char keys[2][16]; /* server xmit key is first */
144: };
145:
146: union ppp_auth_mppe {
147: struct ppp_auth_mppe_chapv1 msv1;
148: struct ppp_auth_mppe_chapv2 msv2;
149: };
150:
151: /* Authorization response info */
152: struct ppp_auth_resp {
153: u_char authresp[PPP_MSOFTV2_AUTHRESP_LEN];
154: union ppp_auth_mppe mppe; /* mppe keys */
155: char errmsg[64]; /* error message */
156: };
157:
158: /***********************************************************************
159: CREDENTIALS CALLBACKS
160: ***********************************************************************/
161:
162: /*
163: * Function type for acquiring credentials. Any name and/or challenge
164: * data will already be present in the credentials structure.
165: *
166: * Note: if type is PPP_AUTH_CHAP_MSV2, the caller MUST fill in the
167: * "authresp" array with the 20 byte MS-CHAPv2 authenticator response.
168: *
169: * Note: if type is PPP_AUTH_CHAP_MSV1 or PPP_AUTH_CHAP_MSV2, the caller
170: * SHOULD fill in the "mppe" structure with the MPPE key(s).
171: *
172: * Note: this function will be called in a separate thread that may
173: * be canceled at any time; it should be prepared to clean up if so.
174: *
175: * Note: 'resp' has been zeroed out when this function is invoked.
176: * The MPPE key fields should remain zeroed out unless valid keys
177: * are present.
178: *
179: * Returns:
180: * 0 Credentials found
181: * -1 Credentials can't be found. Set errno or resp->errmsg.
182: */
183: typedef int ppp_auth_acquire_t(struct ppp_link *link,
184: struct ppp_auth_cred *creds,
185: struct ppp_auth_resp *resp);
186:
187: /*
188: * Function type for checking credentials.
189: *
190: * Note: if type is PPP_AUTH_CHAP_MSV2, the caller must fill in the
191: * "authresp" array with the 20 byte MS-CHAPv2 authenticator response.
192: *
193: * Note: if type is PPP_AUTH_CHAP_MSV1 or PPP_AUTH_CHAP_MSV2, the caller
194: * SHOULD fill in the "mppe" structure with the MPPE key(s).
195: *
196: * Note: this function will be called in a separate thread that may
197: * be canceled at any time; it should be prepared to clean up if so.
198: *
199: * Note: 'resp' has been zeroed out when this function is invoked.
200: * The MPPE key fields should remain zeroed out unless valid keys
201: * are present.
202: *
203: * Returns:
204: * 0 Credentials are valid
205: * -1 Credentials can't be validated. Set errno or resp->errmsg.
206: */
207: typedef int ppp_auth_check_t(struct ppp_link *link,
208: const struct ppp_auth_cred *creds,
209: struct ppp_auth_resp *resp);
210:
211: /*
212: * Authorization information supplied by caller.
213: */
214: struct ppp_auth_meth {
215: ppp_auth_acquire_t *acquire;
216: ppp_auth_check_t *check;
217: };
218:
219: /* Authorization configuration for a link */
220: struct ppp_auth_config {
221: struct ppp_auth_meth *meth; /* auth_config callbacks */
222: u_int32_t allow[2]; /* auth types allowed (bits) */
223: };
224:
225: /***********************************************************************
226: PPP PRIVATE STUFF
227: ***********************************************************************/
228:
229: #ifdef _PDEL_PPP_PRIVATE_H_
230:
231: /*
232: * Authorization type methods
233: */
234: typedef void *ppp_authtype_start_t(struct pevent_ctx *ev_ctx,
235: struct ppp_link *link, pthread_mutex_t *mutex,
236: int dir, u_int16_t *protop, struct ppp_log *log);
237: typedef void ppp_authtype_cancel_t(void *arg);
238: typedef void ppp_authtype_input_t(void *arg,
239: int dir, void *data, size_t len);
240:
241: /* Authorization type descriptor */
242: struct ppp_auth_type {
243: const char *name; /* name */
244: enum ppp_auth_index index; /* auth type index */
245: ppp_authtype_start_t *start; /* start method */
246: ppp_authtype_cancel_t *cancel; /* cancel method */
247: ppp_authtype_input_t *input; /* input packet method */
248: u_int len; /* length of option data */
249: const u_char data[8]; /* option data */
250: };
251:
252: __BEGIN_DECLS
253:
254: /* Authorization type functions */
255: extern const struct ppp_auth_type *ppp_auth_by_option(
256: const struct ppp_fsm_option *opt);
257: extern const struct ppp_auth_type *ppp_auth_by_index(
258: enum ppp_auth_index index);
259:
260: extern opt_pr_t ppp_auth_print;
261:
262: __END_DECLS
263:
264: #endif /* _PDEL_PPP_PRIVATE_H_ */
265:
266: #endif /* _PDEL_PPP_PPP_AUTH_H_ */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to ppp_auth.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / libpdel / ppp