Annotation of embedaddon/libpdel/ppp/ppp_auth_pap.c, revision 1.1.1.1
1.1 misho 1:
2: /*
3: * Copyright (c) 2001-2002 Packet Design, LLC.
4: * All rights reserved.
5: *
6: * Subject to the following obligations and disclaimer of warranty,
7: * use and redistribution of this software, in source or object code
8: * forms, with or without modifications are expressly permitted by
9: * Packet Design; provided, however, that:
10: *
11: * (i) Any and all reproductions of the source or object code
12: * must include the copyright notice above and the following
13: * disclaimer of warranties; and
14: * (ii) No rights are granted, in any manner or form, to use
15: * Packet Design trademarks, including the mark "PACKET DESIGN"
16: * on advertising, endorsements, or otherwise except as such
17: * appears in the above copyright notice or in the software.
18: *
19: * THIS SOFTWARE IS BEING PROVIDED BY PACKET DESIGN "AS IS", AND
20: * TO THE MAXIMUM EXTENT PERMITTED BY LAW, PACKET DESIGN MAKES NO
21: * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING
22: * THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED
23: * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
24: * OR NON-INFRINGEMENT. PACKET DESIGN DOES NOT WARRANT, GUARANTEE,
25: * OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS
26: * OF THE USE OF THIS SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY,
27: * RELIABILITY OR OTHERWISE. IN NO EVENT SHALL PACKET DESIGN BE
28: * LIABLE FOR ANY DAMAGES RESULTING FROM OR ARISING OUT OF ANY USE
29: * OF THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY DIRECT,
30: * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, PUNITIVE, OR CONSEQUENTIAL
31: * DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, LOSS OF
32: * USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY THEORY OF
33: * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
35: * THE USE OF THIS SOFTWARE, EVEN IF PACKET DESIGN IS ADVISED OF
36: * THE POSSIBILITY OF SUCH DAMAGE.
37: *
38: * Author: Archie Cobbs <archie@freebsd.org>
39: */
40:
41: #include "ppp/ppp_defs.h"
42: #include "ppp/ppp_log.h"
43: #include "ppp/ppp_fsm_option.h"
44: #include "ppp/ppp_fsm.h"
45: #include "ppp/ppp_auth.h"
46: #include "ppp/ppp_link.h"
47: #include "ppp/ppp_auth_pap.h"
48:
49: #define PAP_MTYPE "ppp_authtype.pap"
50:
51: #define PAP_RETRY 3
52:
53: #define PAP_REQUEST 1
54: #define PAP_ACK 2
55: #define PAP_NAK 3
56:
57: #define PAP_MSG_ACK "Authorization successful"
58: #define PAP_MSG_NAK "Authorization failed"
59: #define PAP_MSG_BUFSIZE 64
60:
61: /* PAP info structure */
62: struct ppp_auth_pap {
63: struct ppp_link *link;
64: struct ppp_log *log;
65: struct ppp_auth_config aconf;
66: struct ppp_auth_cred cred;
67: struct ppp_auth_resp resp;
68: int dir;
69: u_char id;
70: struct pevent_ctx *ev_ctx;
71: struct pevent *timer;
72: pthread_mutex_t *mutex;
73: };
74:
75: /* Internal functions */
76: static void ppp_auth_pap_send_request(struct ppp_auth_pap *pap);
77: static void ppp_auth_pap_send_response(struct ppp_auth_pap *pap,
78: u_char id, int ack);
79:
80: static ppp_link_auth_finish_t ppp_auth_pap_acquire_finish;
81: static ppp_link_auth_finish_t ppp_auth_pap_check_finish;
82:
83: /* Internal variables */
84: static const char *pap_codes[] = {
85: "zero",
86: "request",
87: "ack",
88: "nak"
89: };
90:
91: /* Macro for logging */
92: #define LOG(sev, fmt, args...) PPP_LOG(pap->log, sev, fmt , ## args)
93:
94: /*
95: * Start PAP
96: */
97: void *
98: ppp_auth_pap_start(struct pevent_ctx *ev_ctx, struct ppp_link *link,
99: pthread_mutex_t *mutex, int dir, u_int16_t *protop, struct ppp_log *log)
100: {
101: struct ppp_auth_pap *pap;
102:
103: /* Create info structure */
104: if ((pap = MALLOC(PAP_MTYPE, sizeof(*pap))) == NULL)
105: return (NULL);
106: memset(pap, 0, sizeof(*pap));
107: pap->ev_ctx = ev_ctx;
108: pap->mutex = mutex;
109: pap->link = link;
110: pap->log = log;
111: pap->dir = dir;
112: pap->cred.type = PPP_AUTH_PAP;
113:
114: /* Get link auth config */
115: pap->aconf = *ppp_link_auth_get_config(link);
116:
117: /* Return protocol */
118: *protop = PPP_PROTO_PAP;
119:
120: /* If receiving auth, wait for peer's request */
121: if (dir == PPP_SELF)
122: return (pap);
123:
124: /* If sending auth, acquire credentials */
125: if (ppp_link_authorize(pap->link, pap->dir,
126: &pap->cred, ppp_auth_pap_acquire_finish) == -1) {
127: FREE(PAP_MTYPE, pap);
128: return (NULL);
129: }
130:
131: /* Done */
132: return (pap);
133: }
134:
135: /*
136: * Cancel PAP
137: */
138: void
139: ppp_auth_pap_cancel(void *arg)
140: {
141: struct ppp_auth_pap *pap = arg;
142:
143: pevent_unregister(&pap->timer);
144: ppp_log_close(&pap->log);
145: FREE(PAP_MTYPE, pap);
146: }
147:
148: /*
149: * Handle PAP input
150: */
151: void
152: ppp_auth_pap_input(void *arg, int dir, void *data, size_t len)
153: {
154: struct ppp_auth_pap *pap = arg;
155: struct ppp_fsm_pkt *const pkt = data;
156:
157: if (len < sizeof(*pkt) + 2)
158: return;
159: memcpy(pkt, data, sizeof(*pkt));
160: pkt->length = ntohs(pkt->length);
161: if (pkt->length > len)
162: return;
163: if (pkt->length < len)
164: len = pkt->length;
165: len -= sizeof(*pkt);
166: switch (pkt->code) {
167: case PAP_REQUEST:
168: {
169: struct ppp_auth_cred_pap *const cred = &pap->cred.u.pap;
170: u_char nlen;
171: u_char plen;
172:
173: /* Check direction */
174: if (dir != PPP_SELF)
175: break;
176:
177: /* Logging */
178: LOG(LOG_DEBUG, "rec'd %s #%u", pap_codes[pkt->code], pkt->id);
179:
180: /* Extract username and password */
181: if (len < 1)
182: return;
183: nlen = pkt->data[0];
184: if (len < 1 + nlen + 1)
185: return;
186: plen = pkt->data[1 + nlen];
187: if (len < 1 + nlen + 1 + plen)
188: return;
189: strncpy(cred->name, pkt->data + 1,
190: MIN(nlen, sizeof(cred->name) - 1));
191: cred->name[sizeof(cred->name) - 1] = '\0';
192: strncpy(cred->password, pkt->data + 1 + nlen + 1,
193: MIN(plen, sizeof(cred->password) - 1));
194: cred->password[sizeof(cred->password) - 1] = '\0';
195:
196: /* Ignore if already checking a previous request */
197: if (ppp_link_auth_in_progress(pap->link, pap->dir)) {
198: LOG(LOG_DEBUG, "ignoring packet, action pending");
199: break;
200: }
201:
202: /* Check credentials */
203: if (ppp_link_authorize(pap->link, pap->dir,
204: &pap->cred, ppp_auth_pap_check_finish) == -1) {
205: ppp_auth_pap_send_response(pap, pap->id, 0);
206: ppp_link_auth_complete(pap->link, pap->dir, NULL, NULL);
207: break;
208: }
209:
210: /* Save peer's id for my response */
211: pap->id = pkt->id;
212:
213: /* Now wait for credentials check to finish */
214: break;
215: }
216: case PAP_ACK:
217: case PAP_NAK:
218:
219: /* Check direction */
220: if (dir != PPP_PEER)
221: break;
222:
223: /* Logging */
224: LOG(LOG_DEBUG, "rec'd %s #%u", pap_codes[pkt->code], pkt->id);
225:
226: /* Stop timer */
227: pevent_unregister(&pap->timer);
228:
229: /* Finish up */
230: ppp_link_auth_complete(pap->link, pap->dir,
231: pkt->code == PAP_ACK ? &pap->cred : NULL, NULL);
232: break;
233: default:
234: return;
235: }
236: }
237:
238: /*
239: * Continue after a successful credentials acquisition.
240: */
241: static void
242: ppp_auth_pap_acquire_finish(void *arg,
243: const struct ppp_auth_cred *creds, const struct ppp_auth_resp *resp)
244: {
245: struct ppp_auth_pap *const pap = arg;
246: struct ppp_auth_cred_pap *const cred = &pap->cred.u.pap;
247:
248: /* Copy credentials */
249: pap->cred = *creds;
250:
251: /* Sanitize credentials */
252: cred->name[sizeof(cred->name) - 1] = '\0';
253: cred->password[sizeof(cred->password) - 1] = '\0';
254:
255: /* Send first PAP request */
256: ppp_auth_pap_send_request(pap);
257: }
258:
259: /*
260: * Continue after a successful credentials check.
261: */
262: static void
263: ppp_auth_pap_check_finish(void *arg,
264: const struct ppp_auth_cred *creds, const struct ppp_auth_resp *resp)
265: {
266: struct ppp_auth_pap *const pap = arg;
267: struct ppp_auth_cred_pap *const cred = &pap->cred.u.pap;
268: int valid = (*resp->errmsg == '\0');
269:
270: /* Copy response */
271: pap->resp = *resp;
272:
273: /* Report validity */
274: if (valid) {
275: LOG(LOG_INFO, "rec'd %s credentials for \"%s\"",
276: "valid", cred->name);
277: } else {
278: LOG(LOG_NOTICE, "rec'd %s credentials for \"%s\": %s",
279: "invalid", cred->name, resp->errmsg);
280: }
281:
282: /* Send response */
283: ppp_auth_pap_send_response(pap, pap->id, valid);
284:
285: /* Finish up */
286: ppp_link_auth_complete(pap->link,
287: pap->dir, valid ? &pap->cred : NULL, NULL);
288: }
289:
290: /*
291: * Send a PAP request
292: */
293: static void
294: ppp_auth_pap_send_request(struct ppp_auth_pap *pap)
295: {
296: struct ppp_auth_cred_pap *const cred = &pap->cred.u.pap;
297: union {
298: u_char buf[sizeof(struct ppp_fsm_pkt)
299: + sizeof(cred->name) + sizeof(cred->password)];
300: struct ppp_fsm_pkt pkt;
301: } u;
302: struct ppp_fsm_pkt *const pkt = &u.pkt;
303:
304: /* Cancel previous timeout event (if any) and start another */
305: pevent_unregister(&pap->timer);
306: if (pevent_register(pap->ev_ctx, &pap->timer, 0,
307: pap->mutex, (pevent_handler_t *)ppp_auth_pap_send_request,
308: pap, PEVENT_TIME, PAP_RETRY * 1000) == -1)
309: LOG(LOG_ERR, "%s: %m", "pevent_register");
310:
311: /* Construct packet */
312: pkt->id = ++pap->id;
313: pkt->code = PAP_REQUEST;
314: pkt->length = htons(sizeof(*pkt)
315: + 1 + strlen(cred->name) + 1 + strlen(cred->password));
316: pkt->data[0] = strlen(cred->name);
317: memcpy(pkt->data + 1, cred->name, strlen(cred->name));
318: pkt->data[1 + strlen(cred->name)] = strlen(cred->password);
319: memcpy(pkt->data + 1 + strlen(cred->name) + 1,
320: cred->password, strlen(cred->password));
321:
322: /* Logging */
323: LOG(LOG_DEBUG, "xmit %s #%u", pap_codes[pkt->code], pkt->id);
324:
325: /* Send packet */
326: ppp_link_write(pap->link, PPP_PROTO_PAP, pkt, ntohs(pkt->length));
327: }
328:
329: /*
330: * Send a PAP response
331: */
332: static void
333: ppp_auth_pap_send_response(struct ppp_auth_pap *pap, u_char id, int ack)
334: {
335: union {
336: u_char buf[sizeof(struct ppp_fsm_pkt) + 1 + PAP_MSG_BUFSIZE];
337: struct ppp_fsm_pkt pkt;
338: } u;
339: struct ppp_fsm_pkt *const pkt = &u.pkt;
340:
341: /* Construct packet */
342: pkt->id = id;
343: pkt->code = ack ? PAP_ACK : PAP_NAK;
344: snprintf(pkt->data + 1, PAP_MSG_BUFSIZE,
345: "%s", ack ? PAP_MSG_ACK : PAP_MSG_NAK);
346: pkt->data[0] = strlen(pkt->data + 1);
347: pkt->length = htons(sizeof(*pkt) + 1 + strlen(pkt->data + 1));
348:
349: /* Logging */
350: LOG(LOG_DEBUG, "xmit %s #%u", pap_codes[pkt->code], pkt->id);
351:
352: /* Send packet */
353: ppp_link_write(pap->link, PPP_PROTO_PAP, pkt, ntohs(pkt->length));
354: }
355:
356:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to ppp_auth_pap.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / libpdel / ppp