2 * Copyright (c) 1996 - 2001 Brian Somers <brian@Awfulhak.org>
3 * based on work by Toshiharu OHNO <tony-o@iij.ad.jp>
4 * Internet Initiative Japan, Inc (IIJ)
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 * $FreeBSD: src/usr.sbin/ppp/chap.c,v 1.61.2.7 2002/09/01 02:12:23 brian Exp $
29 * $DragonFly: src/usr.sbin/ppp/chap.c,v 1.2 2003/06/17 04:30:00 dillon Exp $
32 #include <sys/param.h>
33 #include <netinet/in.h>
34 #include <netinet/in_systm.h>
35 #include <netinet/ip.h>
36 #include <sys/socket.h>
67 #include "throughput.h"
68 #include "descriptor.h"
71 #include "slcompress.h"
95 static const char * const chapcodes
[] = {
96 "???", "CHALLENGE", "RESPONSE", "SUCCESS", "FAILURE"
98 #define MAXCHAPCODE (sizeof chapcodes / sizeof chapcodes[0] - 1)
101 ChapOutput(struct physical
*physical
, u_int code
, u_int id
,
102 const u_char
*ptr
, int count
, const char *text
)
108 plen
= sizeof(struct fsmheader
) + count
;
111 lh
.length
= htons(plen
);
112 bp
= m_get(plen
, MB_CHAPOUT
);
113 memcpy(MBUF_CTOP(bp
), &lh
, sizeof(struct fsmheader
));
115 memcpy(MBUF_CTOP(bp
) + sizeof(struct fsmheader
), ptr
, count
);
116 log_DumpBp(LogDEBUG
, "ChapOutput", bp
);
118 log_Printf(LogPHASE
, "Chap Output: %s\n", chapcodes
[code
]);
120 log_Printf(LogPHASE
, "Chap Output: %s (%s)\n", chapcodes
[code
], text
);
121 link_PushPacket(&physical
->link
, bp
, physical
->dl
->bundle
,
122 LINK_QUEUES(&physical
->link
) - 1, PROTO_CHAP
);
126 chap_BuildAnswer(char *name
, char *key
, u_char id
, char *challenge
128 , u_char type
, char *peerchallenge
, char *authresponse
,
133 char *result
, *digest
;
141 char expkey
[AUTHLEN
<< 2];
145 if ((result
= malloc(1 + nlen
+ MS_CHAP_RESPONSE_LEN
)) == NULL
)
148 digest
= result
; /* the response */
149 *digest
++ = MS_CHAP_RESPONSE_LEN
; /* 49 */
150 memcpy(digest
+ MS_CHAP_RESPONSE_LEN
, name
, nlen
);
152 memset(digest
+ 24, '\0', 25);
153 mschap_LANMan(digest
, challenge
+ 1, key
); /* LANMan response */
155 memset(digest
, '\0', 25);
158 for (f
= 0; f
< klen
; f
++) {
159 expkey
[2*f
] = key
[f
];
160 expkey
[2*f
+1] = '\0';
164 * expkey = | k\0e\0y\0 |
167 MD4Init(&MD4context
);
168 MD4Update(&MD4context
, expkey
, klen
<< 1);
169 MD4Final(digest
, &MD4context
);
172 * ---- -------- ---------------- ------- ------
173 * result = | 49 | LANMan | 16 byte digest | 9 * ? | name |
174 * ---- -------- ---------------- ------- ------
176 mschap_NT(digest
, challenge
+ 1);
179 * ---- -------- ------------- ----- ------
180 * | | struct MS_ChapResponse24 | |
181 * result = | 49 | LANMan | NT digest | 0/1 | name |
182 * ---- -------- ------------- ----- ------
183 * where only one of LANMan & NT digest are set.
185 } else if (type
== 0x81) {
186 char expkey
[AUTHLEN
<< 2];
187 char pwdhash
[CHAP81_HASH_LEN
];
188 char pwdhashhash
[CHAP81_HASH_LEN
];
192 if ((result
= malloc(1 + nlen
+ CHAP81_RESPONSE_LEN
)) == NULL
)
195 memset(result
, 0, 1 + nlen
+ CHAP81_RESPONSE_LEN
);
198 *digest
++ = CHAP81_RESPONSE_LEN
; /* value size */
200 /* Copy our challenge */
201 memcpy(digest
, peerchallenge
+ 1, CHAP81_CHALLENGE_LEN
);
203 /* Expand password to Unicode XXX */
204 for (f
= 0; f
< klen
; f
++) {
205 expkey
[2*f
] = key
[f
];
206 expkey
[2*f
+1] = '\0';
209 ntresponse
= digest
+ CHAP81_NTRESPONSE_OFF
;
211 /* Get some needed hashes */
212 NtPasswordHash(expkey
, klen
* 2, pwdhash
);
213 HashNtPasswordHash(pwdhash
, pwdhashhash
);
215 /* Generate NTRESPONSE to respond on challenge call */
216 GenerateNTResponse(challenge
+ 1, peerchallenge
+ 1, name
,
217 expkey
, klen
* 2, ntresponse
);
219 /* Generate MPPE MASTERKEY */
220 GetMasterKey(pwdhashhash
, ntresponse
, MPPE_MasterKey
); /* XXX Global ! */
222 /* Generate AUTHRESPONSE to verify on auth success */
223 GenerateAuthenticatorResponse(expkey
, klen
* 2, ntresponse
,
224 peerchallenge
+ 1, challenge
+ 1, name
,
227 authresponse
[CHAP81_AUTHRESPONSE_LEN
] = 0;
229 memcpy(digest
+ CHAP81_RESPONSE_LEN
, name
, nlen
);
232 if ((result
= malloc(nlen
+ 17)) != NULL
) {
233 /* Normal MD5 stuff */
237 *digest
++ = 16; /* value size */
239 MD5Init(&MD5context
);
240 MD5Update(&MD5context
, &id
, 1);
241 MD5Update(&MD5context
, key
, klen
);
242 MD5Update(&MD5context
, challenge
+ 1, *challenge
);
243 MD5Final(digest
, &MD5context
);
245 memcpy(digest
+ 16, name
, nlen
);
247 * ---- -------- ------
248 * result = | 16 | digest | name |
249 * ---- -------- ------
257 chap_StartChild(struct chap
*chap
, char *prog
, const char *name
)
259 char *argv
[MAXARGS
], *nargv
[MAXARGS
];
264 if (chap
->child
.fd
!= -1) {
265 log_Printf(LogWARN
, "Chap: %s: Program already running\n", prog
);
269 if (pipe(in
) == -1) {
270 log_Printf(LogERROR
, "Chap: pipe: %s\n", strerror(errno
));
274 if (pipe(out
) == -1) {
275 log_Printf(LogERROR
, "Chap: pipe: %s\n", strerror(errno
));
282 switch ((chap
->child
.pid
= fork())) {
284 log_Printf(LogERROR
, "Chap: fork: %s\n", strerror(errno
));
295 if ((argc
= command_Interpret(prog
, strlen(prog
), argv
)) <= 0) {
297 log_Printf(LogWARN
, "CHAP: Invalid command syntax\n");
305 if (out
[1] == STDIN_FILENO
)
306 out
[1] = dup(out
[1]);
307 dup2(in
[0], STDIN_FILENO
);
308 dup2(out
[1], STDOUT_FILENO
);
309 close(STDERR_FILENO
);
310 if (open(_PATH_DEVNULL
, O_RDWR
) != STDERR_FILENO
) {
311 log_Printf(LogALERT
, "Chap: Failed to open %s: %s\n",
312 _PATH_DEVNULL
, strerror(errno
));
315 for (fd
= getdtablesize(); fd
> STDERR_FILENO
; fd
--)
316 fcntl(fd
, F_SETFD
, 1);
318 setuid(ID0realuid());
320 command_Expand(nargv
, argc
, (char const *const *)argv
,
321 chap
->auth
.physical
->dl
->bundle
, 0, pid
);
322 execvp(nargv
[0], nargv
);
323 printf("exec() of %s failed: %s\n", nargv
[0], strerror(errno
));
329 chap
->child
.fd
= out
[0];
330 chap
->child
.buf
.len
= 0;
331 write(in
[1], chap
->auth
.in
.name
, strlen(chap
->auth
.in
.name
));
332 write(in
[1], "\n", 1);
333 write(in
[1], chap
->challenge
.peer
+ 1, *chap
->challenge
.peer
);
334 write(in
[1], "\n", 1);
335 write(in
[1], name
, strlen(name
));
336 write(in
[1], "\n", 1);
343 chap_Cleanup(struct chap
*chap
, int sig
)
345 if (chap
->child
.pid
) {
348 close(chap
->child
.fd
);
351 kill(chap
->child
.pid
, SIGTERM
);
353 chap
->child
.buf
.len
= 0;
355 if (wait(&status
) == -1)
356 log_Printf(LogERROR
, "Chap: wait: %s\n", strerror(errno
));
357 else if (WIFSIGNALED(status
))
358 log_Printf(LogWARN
, "Chap: Child received signal %d\n", WTERMSIG(status
));
359 else if (WIFEXITED(status
) && WEXITSTATUS(status
))
360 log_Printf(LogERROR
, "Chap: Child exited %d\n", WEXITSTATUS(status
));
362 *chap
->challenge
.local
= *chap
->challenge
.peer
= '\0';
369 chap_Respond(struct chap
*chap
, char *name
, char *key
371 , u_char type
, int lm
377 ans
= chap_BuildAnswer(name
, key
, chap
->auth
.id
, chap
->challenge
.peer
379 , type
, chap
->challenge
.local
, chap
->authresponse
, lm
384 ChapOutput(chap
->auth
.physical
, CHAP_RESPONSE
, chap
->auth
.id
,
385 ans
, *ans
+ 1 + strlen(name
), name
);
387 chap
->NTRespSent
= !lm
;
388 MPPE_IsServer
= 0; /* XXX Global ! */
392 ChapOutput(chap
->auth
.physical
, CHAP_FAILURE
, chap
->auth
.id
,
393 "Out of memory!", 14, NULL
);
397 chap_UpdateSet(struct fdescriptor
*d
, fd_set
*r
, fd_set
*w __unused
,
398 fd_set
*e __unused
, int *n
)
400 struct chap
*chap
= descriptor2chap(d
);
402 if (r
&& chap
&& chap
->child
.fd
!= -1) {
403 FD_SET(chap
->child
.fd
, r
);
404 if (*n
< chap
->child
.fd
+ 1)
405 *n
= chap
->child
.fd
+ 1;
406 log_Printf(LogTIMER
, "Chap: fdset(r) %d\n", chap
->child
.fd
);
414 chap_IsSet(struct fdescriptor
*d
, const fd_set
*fdset
)
416 struct chap
*chap
= descriptor2chap(d
);
418 return chap
&& chap
->child
.fd
!= -1 && FD_ISSET(chap
->child
.fd
, fdset
);
422 chap_Read(struct fdescriptor
*d
, struct bundle
*bundle __unused
,
423 const fd_set
*fdset __unused
)
425 struct chap
*chap
= descriptor2chap(d
);
428 got
= read(chap
->child
.fd
, chap
->child
.buf
.ptr
+ chap
->child
.buf
.len
,
429 sizeof chap
->child
.buf
.ptr
- chap
->child
.buf
.len
- 1);
431 log_Printf(LogERROR
, "Chap: Read: %s\n", strerror(errno
));
432 chap_Cleanup(chap
, SIGTERM
);
433 } else if (got
== 0) {
434 log_Printf(LogWARN
, "Chap: Read: Child terminated connection\n");
435 chap_Cleanup(chap
, SIGTERM
);
437 char *name
, *key
, *end
;
439 chap
->child
.buf
.len
+= got
;
440 chap
->child
.buf
.ptr
[chap
->child
.buf
.len
] = '\0';
441 name
= chap
->child
.buf
.ptr
;
442 name
+= strspn(name
, " \t");
443 if ((key
= strchr(name
, '\n')) == NULL
)
446 end
= strchr(++key
, '\n');
449 if (chap
->child
.buf
.len
== sizeof chap
->child
.buf
.ptr
- 1) {
450 log_Printf(LogWARN
, "Chap: Read: Input buffer overflow\n");
451 chap_Cleanup(chap
, SIGTERM
);
455 int lanman
= chap
->auth
.physical
->link
.lcp
.his_authtype
== 0x80 &&
456 ((chap
->NTRespSent
&&
457 IsAccepted(chap
->auth
.physical
->link
.lcp
.cfg
.chap80lm
)) ||
458 !IsAccepted(chap
->auth
.physical
->link
.lcp
.cfg
.chap80nt
));
461 while (end
>= name
&& strchr(" \t\r\n", *end
))
464 while (end
>= name
&& strchr(" \t\r\n", *end
))
466 key
+= strspn(key
, " \t");
468 chap_Respond(chap
, name
, key
470 , chap
->auth
.physical
->link
.lcp
.his_authtype
, lanman
473 chap_Cleanup(chap
, 0);
479 chap_Write(struct fdescriptor
*d __unused
, struct bundle
*bundle __unused
,
480 const fd_set
*fdset __unused
)
482 /* We never want to write here ! */
483 log_Printf(LogALERT
, "chap_Write: Internal error: Bad call !\n");
488 chap_ChallengeInit(struct authinfo
*authp
)
490 struct chap
*chap
= auth2chap(authp
);
494 len
= strlen(authp
->physical
->dl
->bundle
->cfg
.auth
.name
);
496 if (!*chap
->challenge
.local
) {
498 cp
= chap
->challenge
.local
;
501 if (*authp
->physical
->dl
->bundle
->radius
.cfg
.file
) {
502 /* For radius, our challenge is 16 readable NUL terminated bytes :*/
504 for (i
= 0; i
< 16; i
++)
505 *cp
++ = (random() % 10) + '0';
510 if (authp
->physical
->link
.lcp
.want_authtype
== 0x80)
511 *cp
++ = 8; /* MS does 8 byte callenges :-/ */
512 else if (authp
->physical
->link
.lcp
.want_authtype
== 0x81)
513 *cp
++ = 16; /* MS-CHAP-V2 does 16 bytes challenges */
516 *cp
++ = random() % (CHAPCHALLENGELEN
-16) + 16;
517 for (i
= 0; i
< *chap
->challenge
.local
; i
++)
518 *cp
++ = random() & 0xff;
520 memcpy(cp
, authp
->physical
->dl
->bundle
->cfg
.auth
.name
, len
);
525 chap_Challenge(struct authinfo
*authp
)
527 struct chap
*chap
= auth2chap(authp
);
530 log_Printf(LogDEBUG
, "CHAP%02X: Challenge\n",
531 authp
->physical
->link
.lcp
.want_authtype
);
533 len
= strlen(authp
->physical
->dl
->bundle
->cfg
.auth
.name
);
535 /* Generate new local challenge value */
536 if (!*chap
->challenge
.local
)
537 chap_ChallengeInit(authp
);
540 if (authp
->physical
->link
.lcp
.want_authtype
== 0x81)
541 ChapOutput(authp
->physical
, CHAP_CHALLENGE
, authp
->id
,
542 chap
->challenge
.local
, 1 + *chap
->challenge
.local
, NULL
);
545 ChapOutput(authp
->physical
, CHAP_CHALLENGE
, authp
->id
,
546 chap
->challenge
.local
, 1 + *chap
->challenge
.local
+ len
, NULL
);
550 chap_Success(struct authinfo
*authp
)
552 struct bundle
*bundle
= authp
->physical
->dl
->bundle
;
555 datalink_GotAuthname(authp
->physical
->dl
, authp
->in
.name
);
557 if (authp
->physical
->link
.lcp
.want_authtype
== 0x81) {
559 if (*bundle
->radius
.cfg
.file
&& bundle
->radius
.msrepstr
)
560 msg
= bundle
->radius
.msrepstr
;
563 msg
= auth2chap(authp
)->authresponse
;
564 MPPE_MasterKeyValid
= 1; /* XXX Global ! */
568 if (*bundle
->radius
.cfg
.file
&& bundle
->radius
.repstr
)
569 msg
= bundle
->radius
.repstr
;
574 ChapOutput(authp
->physical
, CHAP_SUCCESS
, authp
->id
, msg
, strlen(msg
),
577 authp
->physical
->link
.lcp
.auth_ineed
= 0;
578 if (Enabled(bundle
, OPT_UTMP
))
579 physical_Login(authp
->physical
, authp
->in
.name
);
581 if (authp
->physical
->link
.lcp
.auth_iwait
== 0)
583 * Either I didn't need to authenticate, or I've already been
584 * told that I got the answer right.
586 datalink_AuthOk(authp
->physical
->dl
);
590 chap_Failure(struct authinfo
*authp
)
593 char buf
[1024], *ptr
;
598 struct bundle
*bundle
= authp
->physical
->link
.lcp
.fsm
.bundle
;
599 if (*bundle
->radius
.cfg
.file
&& bundle
->radius
.errstr
)
600 msg
= bundle
->radius
.errstr
;
604 if (authp
->physical
->link
.lcp
.want_authtype
== 0x80) {
605 sprintf(buf
, "E=691 R=1 M=Invalid!");
607 } else if (authp
->physical
->link
.lcp
.want_authtype
== 0x81) {
611 ptr
+= sprintf(buf
, "E=691 R=0 C=");
613 ptr
+= sprintf(ptr
, "%02X", *(auth2chap(authp
)->challenge
.local
+1+i
));
615 sprintf(ptr
, " V=3 M=Invalid!");
621 ChapOutput(authp
->physical
, CHAP_FAILURE
, authp
->id
, msg
, strlen(msg
) + 1,
623 datalink_AuthNotOk(authp
->physical
->dl
);
627 chap_Cmp(char *myans
, int mylen
, char *hisans
, int hislen
629 , u_char type
, int lm
636 else if (type
== 0x80) {
637 int off
= lm
? 0 : 24;
639 if (memcmp(myans
+ off
, hisans
+ off
, 24))
643 else if (memcmp(myans
, hisans
, mylen
))
651 chap_HaveAnotherGo(struct chap
*chap
)
653 if (++chap
->peertries
< 3) {
654 /* Give the peer another shot */
655 *chap
->challenge
.local
= '\0';
656 chap_Challenge(&chap
->auth
);
665 chap_Init(struct chap
*chap
, struct physical
*p
)
667 chap
->desc
.type
= CHAP_DESCRIPTOR
;
668 chap
->desc
.UpdateSet
= chap_UpdateSet
;
669 chap
->desc
.IsSet
= chap_IsSet
;
670 chap
->desc
.Read
= chap_Read
;
671 chap
->desc
.Write
= chap_Write
;
674 auth_Init(&chap
->auth
, p
, chap_Challenge
, chap_Success
, chap_Failure
);
675 *chap
->challenge
.local
= *chap
->challenge
.peer
= '\0';
677 chap
->NTRespSent
= 0;
683 chap_ReInit(struct chap
*chap
)
685 chap_Cleanup(chap
, SIGTERM
);
689 chap_Input(struct bundle
*bundle
, struct link
*l
, struct mbuf
*bp
)
691 struct physical
*p
= link2physical(l
);
692 struct chap
*chap
= &p
->dl
->chap
;
693 char *name
, *key
, *ans
;
702 log_Printf(LogERROR
, "chap_Input: Not a physical link - dropped\n");
707 if (bundle_Phase(bundle
) != PHASE_NETWORK
&&
708 bundle_Phase(bundle
) != PHASE_AUTHENTICATE
) {
709 log_Printf(LogPHASE
, "Unexpected chap input - dropped !\n");
714 m_settype(bp
, MB_CHAPIN
);
715 if ((bp
= auth_ReadHeader(&chap
->auth
, bp
)) == NULL
&&
716 ntohs(chap
->auth
.in
.hdr
.length
) == 0)
717 log_Printf(LogWARN
, "Chap Input: Truncated header !\n");
718 else if (chap
->auth
.in
.hdr
.code
== 0 || chap
->auth
.in
.hdr
.code
> MAXCHAPCODE
)
719 log_Printf(LogPHASE
, "Chap Input: %d: Bad CHAP code !\n",
720 chap
->auth
.in
.hdr
.code
);
725 if (chap
->auth
.in
.hdr
.code
!= CHAP_CHALLENGE
&&
726 chap
->auth
.id
!= chap
->auth
.in
.hdr
.id
&&
727 Enabled(bundle
, OPT_IDCHECK
)) {
728 /* Wrong conversation dude ! */
729 log_Printf(LogPHASE
, "Chap Input: %s dropped (got id %d, not %d)\n",
730 chapcodes
[chap
->auth
.in
.hdr
.code
], chap
->auth
.in
.hdr
.id
,
735 chap
->auth
.id
= chap
->auth
.in
.hdr
.id
; /* We respond with this id */
740 switch (chap
->auth
.in
.hdr
.code
) {
742 bp
= mbuf_Read(bp
, &alen
, 1);
745 log_Printf(LogERROR
, "Chap Input: Truncated challenge !\n");
749 *chap
->challenge
.peer
= alen
;
750 bp
= mbuf_Read(bp
, chap
->challenge
.peer
+ 1, alen
);
751 bp
= auth_ReadName(&chap
->auth
, bp
, len
);
753 lanman
= p
->link
.lcp
.his_authtype
== 0x80 &&
754 ((chap
->NTRespSent
&& IsAccepted(p
->link
.lcp
.cfg
.chap80lm
)) ||
755 !IsAccepted(p
->link
.lcp
.cfg
.chap80nt
));
757 /* Generate local challenge value */
758 chap_ChallengeInit(&chap
->auth
);
763 auth_StopTimer(&chap
->auth
);
764 bp
= mbuf_Read(bp
, &alen
, 1);
767 log_Printf(LogERROR
, "Chap Input: Truncated response !\n");
771 if ((ans
= malloc(alen
+ 1)) == NULL
) {
772 log_Printf(LogERROR
, "Chap Input: Out of memory !\n");
776 *ans
= chap
->auth
.id
;
777 bp
= mbuf_Read(bp
, ans
+ 1, alen
);
778 bp
= auth_ReadName(&chap
->auth
, bp
, len
);
780 lanman
= p
->link
.lcp
.want_authtype
== 0x80 &&
781 alen
== 49 && ans
[alen
] == 0;
787 /* chap->auth.in.name is already set up at CHALLENGE time */
788 if ((ans
= malloc(len
+ 1)) == NULL
) {
789 log_Printf(LogERROR
, "Chap Input: Out of memory !\n");
793 bp
= mbuf_Read(bp
, ans
, len
);
798 switch (chap
->auth
.in
.hdr
.code
) {
801 if (*chap
->auth
.in
.name
)
802 log_Printf(LogPHASE
, "Chap Input: %s (%d bytes from %s%s)\n",
803 chapcodes
[chap
->auth
.in
.hdr
.code
], alen
,
806 lanman
&& chap
->auth
.in
.hdr
.code
== CHAP_RESPONSE
?
811 log_Printf(LogPHASE
, "Chap Input: %s (%d bytes%s)\n",
812 chapcodes
[chap
->auth
.in
.hdr
.code
], alen
,
814 lanman
&& chap
->auth
.in
.hdr
.code
== CHAP_RESPONSE
?
823 log_Printf(LogPHASE
, "Chap Input: %s (%s)\n",
824 chapcodes
[chap
->auth
.in
.hdr
.code
], ans
);
826 log_Printf(LogPHASE
, "Chap Input: %s\n",
827 chapcodes
[chap
->auth
.in
.hdr
.code
]);
831 switch (chap
->auth
.in
.hdr
.code
) {
833 if (*bundle
->cfg
.auth
.key
== '!' && bundle
->cfg
.auth
.key
[1] != '!')
834 chap_StartChild(chap
, bundle
->cfg
.auth
.key
+ 1,
835 bundle
->cfg
.auth
.name
);
837 chap_Respond(chap
, bundle
->cfg
.auth
.name
, bundle
->cfg
.auth
.key
+
838 (*bundle
->cfg
.auth
.key
== '!' ? 1 : 0)
841 , p
->link
.lcp
.his_authtype
, lanman
847 name
= chap
->auth
.in
.name
;
850 if (p
->link
.lcp
.want_authtype
== 0x81) {
851 struct MSCHAPv2_resp
*resp
= (struct MSCHAPv2_resp
*)(ans
+ 1);
853 chap
->challenge
.peer
[0] = sizeof resp
->PeerChallenge
;
854 memcpy(chap
->challenge
.peer
+ 1, resp
->PeerChallenge
,
855 sizeof resp
->PeerChallenge
);
860 if (*bundle
->radius
.cfg
.file
) {
861 if (!radius_Authenticate(&bundle
->radius
, &chap
->auth
,
862 chap
->auth
.in
.name
, ans
, alen
+ 1,
863 chap
->challenge
.local
+ 1,
864 *chap
->challenge
.local
))
865 chap_Failure(&chap
->auth
);
869 if (p
->link
.lcp
.want_authtype
== 0x81 && ans
[alen
] != '\0' &&
870 alen
== sizeof(struct MSCHAPv2_resp
)) {
871 struct MSCHAPv2_resp
*resp
= (struct MSCHAPv2_resp
*)(ans
+ 1);
873 log_Printf(LogWARN
, "%s: Compensating for corrupt (Win98/WinME?) "
874 "CHAP81 RESPONSE\n", l
->name
);
875 resp
->Flags
= '\0'; /* rfc2759 says it *MUST* be zero */
877 key
= auth_GetSecret(name
, nlen
);
880 if (p
->link
.lcp
.want_authtype
== 0x80 &&
881 lanman
&& !IsEnabled(p
->link
.lcp
.cfg
.chap80lm
)) {
882 log_Printf(LogPHASE
, "Auth failure: LANMan not enabled\n");
883 if (chap_HaveAnotherGo(chap
))
886 } else if (p
->link
.lcp
.want_authtype
== 0x80 &&
887 !lanman
&& !IsEnabled(p
->link
.lcp
.cfg
.chap80nt
)) {
888 log_Printf(LogPHASE
, "Auth failure: mschap not enabled\n");
889 if (chap_HaveAnotherGo(chap
))
892 } else if (p
->link
.lcp
.want_authtype
== 0x81 &&
893 !IsEnabled(p
->link
.lcp
.cfg
.chap81
)) {
894 log_Printf(LogPHASE
, "Auth failure: CHAP81 not enabled\n");
899 char *myans
= chap_BuildAnswer(name
, key
, chap
->auth
.id
,
900 chap
->challenge
.local
902 , p
->link
.lcp
.want_authtype
,
903 chap
->challenge
.peer
,
904 chap
->authresponse
, lanman
);
905 MPPE_IsServer
= 1; /* XXX Global ! */
912 if (!chap_Cmp(myans
+ 1, *myans
, ans
+ 1, alen
914 , p
->link
.lcp
.want_authtype
, lanman
924 chap_Success(&chap
->auth
);
926 chap_Failure(&chap
->auth
);
932 if (p
->link
.lcp
.auth_iwait
== PROTO_CHAP
) {
933 p
->link
.lcp
.auth_iwait
= 0;
934 if (p
->link
.lcp
.auth_ineed
== 0) {
936 if (p
->link
.lcp
.his_authtype
== 0x81) {
937 if (strncasecmp(ans
, chap
->authresponse
, 42)) {
938 datalink_AuthNotOk(p
->dl
);
939 log_Printf(LogWARN
, "CHAP81: AuthenticatorResponse: (%.42s)"
940 " != ans: (%.42s)\n", chap
->authresponse
, ans
);
943 /* Successful login */
944 MPPE_MasterKeyValid
= 1; /* XXX Global ! */
945 datalink_AuthOk(p
->dl
);
950 * We've succeeded in our ``login''
951 * If we're not expecting the peer to authenticate (or he already
952 * has), proceed to network phase.
954 datalink_AuthOk(p
->dl
);
960 datalink_AuthNotOk(p
->dl
);