net/ppp-mppe/patches/patch-bf

   1 $NetBSD$
   2
   3 --- pppd/chap.c.orig    Fri Aug 13 02:46:11 1999
   4 +++ pppd/chap.c Sat Sep 25 13:23:26 1999
   5 @@ -47,6 +47,8 @@
   6  #include "pppd.h"
   7  #include "chap.h"
   8  #include "md5.h"
   9 +#include "fsm.h"
  10 +#include "lcp.h"
  11  #ifdef CHAPMS
  12  #include "chap_ms.h"
  13  #endif
  14 @@ -113,7 +115,7 @@
  15  static void ChapSendStatus __P((chap_state *, int));
  16  static void ChapSendChallenge __P((chap_state *));
  17  static void ChapSendResponse __P((chap_state *));
  18 -static void ChapGenChallenge __P((chap_state *));
  19 +void ChapGenChallenge __P((chap_state *));
  20
  21  extern double drand48 __P((void));
  22  extern void srand48 __P((long));
  23 @@ -460,6 +462,7 @@
  24      switch (cstate->resp_type) {
  25
  26      case CHAP_DIGEST_MD5:
  27 +       CHAPDEBUG(("ChapReceiveChallenge: rcvd type CHAP-DIGEST-MD5"));
  28         MD5Init(&mdContext);
  29         MD5Update(&mdContext, &cstate->resp_id, 1);
  30         MD5Update(&mdContext, secret, secret_len);
  31 @@ -471,8 +474,24 @@
  32
  33  #ifdef CHAPMS
  34      case CHAP_MICROSOFT:
  35 +       CHAPDEBUG(("ChapReceiveChallenge: rcvd type MS-CHAP-V1."));
  36 +       if(rchallenge_len != 8)
  37 +       {
  38 +           CHAPDEBUG(("Invalid challenge length for MS-CHAP-V1"));
  39 +           return;
  40 +       }
  41         ChapMS(cstate, rchallenge, rchallenge_len, secret, secret_len);
  42         break;
  43 +
  44 +    case CHAP_MICROSOFT_V2:
  45 +       CHAPDEBUG(("ChapReceiveChallenge: rcvd type MS-CHAP-V2."));
  46 +       if(rchallenge_len != 16)
  47 +       {
  48 +           CHAPDEBUG(("Invalid challenge length for MS-CHAP-V2"));
  49 +           return;
  50 +       }
  51 +       ChapMS_v2(cstate, rchallenge, rchallenge_len, secret, secret_len);
  52 +       break;
  53  #endif
  54
  55      default:
  56 @@ -560,7 +579,8 @@
  57         /*  generate MD based on negotiated type */
  58         switch (cstate->chal_type) {
  59
  60 -       case CHAP_DIGEST_MD5:           /* only MD5 is defined for now */
  61 +       case CHAP_DIGEST_MD5:
  62 +           CHAPDEBUG(("ChapReceiveResponse: rcvd type CHAP-DIGEST-MD5"));
  63             if (remmd_len != MD5_SIGNATURE_SIZE)
  64                 break;                  /* it's not even the right length */
  65             MD5Init(&mdContext);
  66 @@ -574,6 +594,27 @@
  67                 code = CHAP_SUCCESS;    /* they are the same! */
  68             break;
  69
  70 +#ifdef CHAPMS
  71 +       case CHAP_MICROSOFT:
  72 +           CHAPDEBUG(("ChapReceiveResponse: rcvd type MS-CHAP-V1"));
  73 +           if(remmd_len != MS_CHAP_RESPONSE_LEN)
  74 +               break;
  75 +           if(ChapMS_Resp(cstate, secret, secret_len, remmd) == 0)
  76 +               code = CHAP_SUCCESS;
  77 +           break;
  78 +
  79 +       case CHAP_MICROSOFT_V2:
  80 +           CHAPDEBUG(("ChapReceiveResponse: rcvd type MS-CHAP-V2"));
  81 +           if(remmd_len != MS_CHAP_RESPONSE_LEN)
  82 +               break;
  83 +           if(ChapMS_v2_Resp(cstate,secret,secret_len,remmd,rhostname) == 0)
  84 +           {
  85 +               code = CHAP_SUCCESS_R;
  86 +               ChapMS_v2_Auth(cstate, secret, secret_len, remmd, rhostname);
  87 +           }
  88 +           break;
  89 +#endif
  90 +
  91         default:
  92             CHAPDEBUG(("unknown digest type %d", cstate->chal_type));
  93         }
  94 @@ -582,7 +623,7 @@
  95      BZERO(secret, sizeof(secret));
  96      ChapSendStatus(cstate, code);
  97
  98 -    if (code == CHAP_SUCCESS) {
  99 +    if ((code == CHAP_SUCCESS) || (code == CHAP_SUCCESS_R)) {
 100         old_state = cstate->serverstate;
 101         cstate->serverstate = CHAPSS_OPEN;
 102         if (old_state == CHAPSS_INITIAL_CHAL) {
 103 @@ -590,10 +631,43 @@
 104         }
 105         if (cstate->chal_interval != 0)
 106             TIMEOUT(ChapRechallenge, cstate, cstate->chal_interval);
 107 -       notice("CHAP peer authentication succeeded for %q", rhostname);
 108 -
 109 +       switch (cstate->chal_type) {
 110 +         case CHAP_DIGEST_MD5:
 111 +           notice("CHAP peer authentication succeeded for %q", rhostname);
 112 +           break;
 113 +#ifdef CHAPMS
 114 +         case CHAP_MICROSOFT:
 115 +           notice("MSCHAP peer authentication succeeded for %q", rhostname);
 116 +           break;
 117 +         case CHAP_MICROSOFT_V2:
 118 +           notice("MSCHAP-v2 peer authentication succeeded for %q", rhostname);
 119 +           break;
 120 +#endif
 121 +         default:
 122 +           notice("CHAP (unknown) peer authentication succeeded for %q",
 123 +                  rhostname);
 124 +           break;
 125 +       }
 126      } else {
 127 -       error("CHAP peer authentication failed for remote host %q", rhostname);
 128 +       switch (cstate->chal_type) {
 129 +         case CHAP_DIGEST_MD5:
 130 +           error("CHAP peer authentication failed for remote host %q",
 131 +                 rhostname);
 132 +           break;
 133 +#ifdef CHAPMS
 134 +         case CHAP_MICROSOFT:
 135 +           error("MSCHAP peer authentication failed for remote host %q",
 136 +                 rhostname);
 137 +           break;
 138 +         case CHAP_MICROSOFT_V2:
 139 +           error("MSCHAP-v2 peer authentication failed for remote host %q",
 140 +                 rhostname);
 141 +           break;
 142 +#endif
 143 +         default:
 144 +           error("CHAP (unknown) peer authentication failed for remote host %q", rhostname);
 145 +           break;
 146 +       }
 147         cstate->serverstate = CHAPSS_BADAUTH;
 148         auth_peer_fail(cstate->unit, PPP_CHAP);
 149      }
 150 @@ -712,6 +786,8 @@
 151
 152      if (code == CHAP_SUCCESS)
 153         slprintf(msg, sizeof(msg), "Welcome to %s.", hostname);
 154 +    else if(code == CHAP_SUCCESS_R)
 155 +       strcpy(msg, cstate->response);
 156      else
 157         slprintf(msg, sizeof(msg), "I don't like you.  Go 'way.");
 158      msglen = strlen(msg);
 159 @@ -721,7 +797,7 @@
 160
 161      MAKEHEADER(outp, PPP_CHAP);        /* paste in a header */
 162
 163 -    PUTCHAR(code, outp);
 164 +    PUTCHAR(code == CHAP_SUCCESS_R ? CHAP_SUCCESS : code, outp);
 165      PUTCHAR(cstate->chal_id, outp);
 166      PUTSHORT(outlen, outp);
 167      BCOPY(msg, outp, msglen);
 168 @@ -735,7 +811,7 @@
 169   * *cstate are initialized.
 170   */
 171
 172 -static void
 173 +void
 174  ChapGenChallenge(cstate)
 175      chap_state *cstate;
 176  {
 177 @@ -743,6 +819,14 @@
 178      u_char *ptr = cstate->challenge;
 179      unsigned int i;
 180
 181 +#ifdef CHAPMS
 182 +    if(cstate->chal_type == CHAP_MICROSOFT)
 183 +       chal_len = 8;
 184 +    else if(cstate->chal_type == CHAP_MICROSOFT_V2)
 185 +       chal_len = 16;
 186 +    else
 187 +#endif
 188 +
 189      /* pick a random challenge length between MIN_CHALLENGE_LENGTH and
 190         MAX_CHALLENGE_LENGTH */
 191      chal_len =  (unsigned) ((drand48() *
 192 @@ -857,4 +941,14 @@
 193      }
 194
 195      return len + CHAP_HEADERLEN;
 196 +}
 197 +
 198 +int
 199 +reqchap(argv)
 200 +        char **argv;
 201 +{
 202 +    lcp_wantoptions[0].neg_chap = 1;
 203 +    lcp_wantoptions[0].use_digest = 1;
 204 +    auth_required = 1;
 205 +    return 1;
 206  }