[BACK]Return to ppp_auth_chap_msv1.c CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / libpdel / ppp
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / libpdel / ppp / ppp_auth_chap_msv1.c
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 23:25:53 2012 UTC (12 years, 4 months ago) by misho
Branches: libpdel, MAIN
CVS tags: v0_5_3, HEAD
libpdel


/*
 * Copyright (c) 2001-2002 Packet Design, LLC.
 * All rights reserved.
 * 
 * Subject to the following obligations and disclaimer of warranty,
 * use and redistribution of this software, in source or object code
 * forms, with or without modifications are expressly permitted by
 * Packet Design; provided, however, that:
 * 
 *    (i)  Any and all reproductions of the source or object code
 *         must include the copyright notice above and the following
 *         disclaimer of warranties; and
 *    (ii) No rights are granted, in any manner or form, to use
 *         Packet Design trademarks, including the mark "PACKET DESIGN"
 *         on advertising, endorsements, or otherwise except as such
 *         appears in the above copyright notice or in the software.
 * 
 * THIS SOFTWARE IS BEING PROVIDED BY PACKET DESIGN "AS IS", AND
 * TO THE MAXIMUM EXTENT PERMITTED BY LAW, PACKET DESIGN MAKES NO
 * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING
 * THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED
 * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
 * OR NON-INFRINGEMENT.  PACKET DESIGN DOES NOT WARRANT, GUARANTEE,
 * OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS
 * OF THE USE OF THIS SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY,
 * RELIABILITY OR OTHERWISE.  IN NO EVENT SHALL PACKET DESIGN BE
 * LIABLE FOR ANY DAMAGES RESULTING FROM OR ARISING OUT OF ANY USE
 * OF THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY DIRECT,
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, PUNITIVE, OR CONSEQUENTIAL
 * DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, LOSS OF
 * USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 * THE USE OF THIS SOFTWARE, EVEN IF PACKET DESIGN IS ADVISED OF
 * THE POSSIBILITY OF SUCH DAMAGE.
 *
 * Author: Archie Cobbs <archie@freebsd.org>
 */

#include "ppp/ppp_defs.h"
#include "ppp/ppp_log.h"
#include "ppp/ppp_util.h"
#include "ppp/ppp_fsm_option.h"
#include "ppp/ppp_auth.h"
#include "ppp/ppp_auth_chap.h"
#include "ppp/ppp_msoft.h"

static ppp_auth_chap_hash_t	ppp_auth_chap_msv1_hash;
static ppp_auth_chap_equal_t	ppp_auth_chap_msv1_equal;
static ppp_auth_chap_final_t	ppp_auth_chap_msv1_final;

/* MS-CHAP version 1 descriptor */
const struct ppp_auth_chap_type ppp_auth_chap_msv1 = {
	NULL,
	ppp_auth_chap_msv1_hash,
	ppp_auth_chap_msv1_equal,
	ppp_auth_chap_msv1_final,
	1,
	PPP_MSOFTV1_CHAL_LEN,
	0,
	PPP_MSOFT_RESP_LEN
};

/* MS-CHAP error codes */
const struct mschap_err ppp_mschap_errs[] = {
	{ 646,	"Restricted logon hours" },
	{ 647,	"Account disabled" },
	{ 648,	"Password expired" },
	{ 649,	"No dialin permission" },
	{ 691,	"Authentication failure" },
	{ 709,	"Changing password" },
	{ 0,	NULL }
};

static void
ppp_auth_chap_msv1_hash(struct ppp_auth_cred_chap *chap,
	const void *secret, size_t slen)
{
	struct ppp_auth_cred_chap_msv1 *const msv1 = &chap->u.msv1;

	memset(&msv1->lm_hash, 0, sizeof(msv1->lm_hash));
	ppp_msoft_nt_challenge_response(chap->chal_data, secret, msv1->nt_hash);
	msv1->use_nt = 1;
}

static int
ppp_auth_chap_msv1_equal(struct ppp_auth_cred_chap *chap1,
	struct ppp_auth_cred_chap *chap2)
{
	struct ppp_auth_cred_chap_msv1 *const msv1_1 = &chap1->u.msv1;
	struct ppp_auth_cred_chap_msv1 *const msv1_2 = &chap2->u.msv1;

	if (msv1_1->use_nt != 1 || msv1_2->use_nt != 1)
		return (0);
	return (memcmp(msv1_1->nt_hash,
	    msv1_2->nt_hash, PPP_MSOFT_NT_HASH_LEN) == 0);
}

static int
ppp_auth_chap_msv1_final(struct ppp_auth_cred_chap *cred, struct ppp_log *log,
	int valid, const u_char *payload, size_t len, const u_char *authresp)
{
	char buf[256];
	char *s;

	/* Put payload into nul-terminated buffer */
	if (len > sizeof(buf) - 1)
		len = sizeof(buf) - 1;
	memcpy(buf, payload, len);
	buf[len] = '\0';

	/* Handle failure message */
	if (!valid) {
		const struct mschap_err *me;
		int err;

		if ((s = strstr(buf, "E=")) == NULL)
			return (0);
		if (sscanf(s + 2, "%d", &err) != 1)
			return (0);
		for (me = ppp_mschap_errs;
		    me->err != err && me->msg != NULL; me++);
		ppp_log_put(log, LOG_NOTICE, "error #%d: %s",
		    err, me->msg != NULL ? me->msg : "Unknown error");
		return (0);
	}

	/* Display message */
	ppp_util_ascify(buf, sizeof(buf), payload, len);
	ppp_log_put(log, LOG_INFO, "message: %s", buf);
	return (0);
}
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>