Annotation of embedaddon/libpdel/ppp/ppp_auth_chap_msv2.c, revision 1.1.1.1
1.1 misho 1:
2: /*
3: * Copyright (c) 2001-2002 Packet Design, LLC.
4: * All rights reserved.
5: *
6: * Subject to the following obligations and disclaimer of warranty,
7: * use and redistribution of this software, in source or object code
8: * forms, with or without modifications are expressly permitted by
9: * Packet Design; provided, however, that:
10: *
11: * (i) Any and all reproductions of the source or object code
12: * must include the copyright notice above and the following
13: * disclaimer of warranties; and
14: * (ii) No rights are granted, in any manner or form, to use
15: * Packet Design trademarks, including the mark "PACKET DESIGN"
16: * on advertising, endorsements, or otherwise except as such
17: * appears in the above copyright notice or in the software.
18: *
19: * THIS SOFTWARE IS BEING PROVIDED BY PACKET DESIGN "AS IS", AND
20: * TO THE MAXIMUM EXTENT PERMITTED BY LAW, PACKET DESIGN MAKES NO
21: * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING
22: * THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED
23: * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
24: * OR NON-INFRINGEMENT. PACKET DESIGN DOES NOT WARRANT, GUARANTEE,
25: * OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS
26: * OF THE USE OF THIS SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY,
27: * RELIABILITY OR OTHERWISE. IN NO EVENT SHALL PACKET DESIGN BE
28: * LIABLE FOR ANY DAMAGES RESULTING FROM OR ARISING OUT OF ANY USE
29: * OF THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY DIRECT,
30: * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, PUNITIVE, OR CONSEQUENTIAL
31: * DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, LOSS OF
32: * USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY THEORY OF
33: * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
35: * THE USE OF THIS SOFTWARE, EVEN IF PACKET DESIGN IS ADVISED OF
36: * THE POSSIBILITY OF SUCH DAMAGE.
37: *
38: * Author: Archie Cobbs <archie@freebsd.org>
39: */
40:
41: #include "ppp/ppp_defs.h"
42: #include "ppp/ppp_log.h"
43: #include "ppp/ppp_util.h"
44: #include "ppp/ppp_fsm_option.h"
45: #include "ppp/ppp_auth.h"
46: #include "ppp/ppp_auth_chap.h"
47: #include "ppp/ppp_msoft.h"
48:
49: #define PATH_RANDOM "/dev/urandom"
50: #define HEXVAL(c) (isdigit(c) ? (c) - '0' : tolower(c) - 'a' + 10)
51:
52: static ppp_auth_chap_hash_t ppp_auth_chap_msv2_hash;
53: static ppp_auth_chap_equal_t ppp_auth_chap_msv2_equal;
54: static ppp_auth_chap_final_t ppp_auth_chap_msv2_final;
55:
56: /* MS-CHAP version 1 descriptor */
57: const struct ppp_auth_chap_type ppp_auth_chap_msv2 = {
58: NULL,
59: ppp_auth_chap_msv2_hash,
60: ppp_auth_chap_msv2_equal,
61: ppp_auth_chap_msv2_final,
62: 1,
63: PPP_MSOFTV2_CHAL_LEN,
64: 0,
65: PPP_MSOFT_RESP_LEN
66: };
67:
68: static void
69: ppp_auth_chap_msv2_hash(struct ppp_auth_cred_chap *chap,
70: const void *secret, size_t slen)
71: {
72: struct ppp_auth_cred_chap_msv2 *const msv2 = &chap->u.msv2;
73: const char *user;
74: int fd;
75:
76: /* Get username without domain part */
77: if ((user = strrchr(chap->name, '\\')) != NULL)
78: user++;
79: else
80: user = chap->name;
81:
82: /* Create challenge for peer */
83: if ((fd = open(PATH_RANDOM, O_RDONLY)) == -1)
84: goto nochal;
85: if (read(fd, msv2->peer_chal, sizeof(msv2->peer_chal)) == -1) {
86: (void)close(fd);
87: goto nochal;
88: }
89: (void)close(fd);
90:
91: nochal:
92: memset(&msv2->reserved, 0, sizeof(msv2->reserved));
93: msv2->flags = 0x04;
94: ppp_msoft_generate_nt_response(chap->chal_data,
95: msv2->peer_chal, user, secret, msv2->nt_response);
96: }
97:
98: static int
99: ppp_auth_chap_msv2_equal(struct ppp_auth_cred_chap *chap1,
100: struct ppp_auth_cred_chap *chap2)
101: {
102: struct ppp_auth_cred_chap_msv2 *const msv2_1 = &chap1->u.msv2;
103: struct ppp_auth_cred_chap_msv2 *const msv2_2 = &chap2->u.msv2;
104:
105: (void)msv2_1;
106: (void)msv2_2;
107: return (0); /* XXX implement me */
108: }
109:
110: static int
111: ppp_auth_chap_msv2_final(struct ppp_auth_cred_chap *cred, struct ppp_log *log,
112: int valid, const u_char *payload, size_t len, const u_char *authresp)
113: {
114: u_char servresp[PPP_MSOFTV2_AUTHRESP_LEN];
115: char buf[256];
116: const char *s;
117: int i;
118:
119: /* Put payload into nul-terminated buffer */
120: if (len > sizeof(buf) - 1)
121: len = sizeof(buf) - 1;
122: memcpy(buf, payload, len);
123: buf[len] = '\0';
124:
125: /* Handle failure message */
126: if (!valid) {
127: const struct mschap_err *me;
128: int err;
129:
130: if ((s = strstr(buf, "E=")) == NULL)
131: return (0);
132: if (sscanf(s + 2, "%d", &err) != 1)
133: return (0);
134: for (me = ppp_mschap_errs;
135: me->err != err && me->msg != NULL; me++);
136: ppp_log_put(log, LOG_NOTICE, "error #%d: %s",
137: err, me->msg != NULL ? me->msg : "Unknown error");
138: return (0);
139: }
140:
141: /* Parse out server response */
142: if ((s = strstr(buf, "S=")) == NULL)
143: return (-1);
144: s += 2;
145: for (i = 0; i < sizeof(servresp); i++) {
146: if (!isxdigit(s[i * 2]) || !isxdigit(s[i * 2 + 1]))
147: return (-1);
148: servresp[i] = (HEXVAL(s[i * 2]) << 4) | HEXVAL(s[i * 2 + 1]);
149: }
150:
151: /* Verify response */
152: if (memcmp(servresp, authresp, sizeof(servresp)) != 0) {
153: ppp_log_put(log, LOG_NOTICE,
154: "server MS-CHAPv2 authentication is invalid");
155: errno = EAUTH;
156: return (-1);
157: }
158:
159: /* Display message */
160: if ((s = strstr(buf, "M=")) == NULL)
161: return (0);
162: ppp_util_ascify(buf, sizeof(buf), s, strlen(s));
163: ppp_log_put(log, LOG_INFO, "message: %s", buf);
164: return (0);
165: }
166:
167:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to ppp_auth_chap_msv2.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / libpdel / ppp