1 | /*
|
---|
2 | * TINET (TCP/IP Protocol Stack)
|
---|
3 | *
|
---|
4 | * Copyright (C) 2001-2009 by Dep. of Computer Science and Engineering
|
---|
5 | * Tomakomai National College of Technology, JAPAN
|
---|
6 | *
|
---|
7 | * ä¸è¨èä½æ¨©è
|
---|
8 | ã¯ï¼ä»¥ä¸ã® (1)ï½(4) ã®æ¡ä»¶ãï¼Free Software Foundation
|
---|
9 | * ã«ãã£ã¦å
|
---|
10 | ¬è¡¨ããã¦ãã GNU General Public License ã® Version 2 ã«è¨
|
---|
11 | * è¿°ããã¦ããæ¡ä»¶ãæºããå ´åã«éãï¼æ¬ã½ããã¦ã§ã¢ï¼æ¬ã½ããã¦ã§ã¢
|
---|
12 | * ãæ¹å¤ãããã®ãå«ãï¼ä»¥ä¸åãï¼ã使ç¨ã»è¤è£½ã»æ¹å¤ã»åé
|
---|
13 | å¸ï¼ä»¥ä¸ï¼
|
---|
14 | * å©ç¨ã¨å¼ã¶ï¼ãããã¨ãç¡åã§è¨±è«¾ããï¼
|
---|
15 | * (1) æ¬ã½ããã¦ã§ã¢ãã½ã¼ã¹ã³ã¼ãã®å½¢ã§å©ç¨ããå ´åã«ã¯ï¼ä¸è¨ã®èä½
|
---|
16 | * 権表示ï¼ãã®å©ç¨æ¡ä»¶ããã³ä¸è¨ã®ç¡ä¿è¨¼è¦å®ãï¼ãã®ã¾ã¾ã®å½¢ã§ã½ã¼
|
---|
17 | * ã¹ã³ã¼ãä¸ã«å«ã¾ãã¦ãããã¨ï¼
|
---|
18 | * (2) æ¬ã½ããã¦ã§ã¢ãï¼ã©ã¤ãã©ãªå½¢å¼ãªã©ï¼ä»ã®ã½ããã¦ã§ã¢éçºã«ä½¿
|
---|
19 | * ç¨ã§ããå½¢ã§åé
|
---|
20 | å¸ããå ´åã«ã¯ï¼åé
|
---|
21 | å¸ã«ä¼´ãããã¥ã¡ã³ãï¼å©ç¨
|
---|
22 | * è
|
---|
23 | ããã¥ã¢ã«ãªã©ï¼ã«ï¼ä¸è¨ã®èä½æ¨©è¡¨ç¤ºï¼ãã®å©ç¨æ¡ä»¶ããã³ä¸è¨
|
---|
24 | * ã®ç¡ä¿è¨¼è¦å®ãæ²è¼ãããã¨ï¼
|
---|
25 | * (3) æ¬ã½ããã¦ã§ã¢ãï¼æ©å¨ã«çµã¿è¾¼ããªã©ï¼ä»ã®ã½ããã¦ã§ã¢éçºã«ä½¿
|
---|
26 | * ç¨ã§ããªãå½¢ã§åé
|
---|
27 | å¸ããå ´åã«ã¯ï¼æ¬¡ã®æ¡ä»¶ãæºãããã¨ï¼
|
---|
28 | * (a) åé
|
---|
29 | å¸ã«ä¼´ãããã¥ã¡ã³ãï¼å©ç¨è
|
---|
30 | ããã¥ã¢ã«ãªã©ï¼ã«ï¼ä¸è¨ã®è
|
---|
31 | * ä½æ¨©è¡¨ç¤ºï¼ãã®å©ç¨æ¡ä»¶ããã³ä¸è¨ã®ç¡ä¿è¨¼è¦å®ãæ²è¼ãããã¨ï¼
|
---|
32 | * (4) æ¬ã½ããã¦ã§ã¢ã®å©ç¨ã«ããç´æ¥çã¾ãã¯éæ¥çã«çãããããªãæ
|
---|
33 | * 害ãããï¼ä¸è¨èä½æ¨©è
|
---|
34 | ããã³TOPPERSããã¸ã§ã¯ããå
|
---|
35 | 責ãããã¨ï¼
|
---|
36 | *
|
---|
37 | * æ¬ã½ããã¦ã§ã¢ã¯ï¼ç¡ä¿è¨¼ã§æä¾ããã¦ãããã®ã§ããï¼ä¸è¨èä½æ¨©è
|
---|
38 | ã
|
---|
39 | * ãã³TOPPERSããã¸ã§ã¯ãã¯ï¼æ¬ã½ããã¦ã§ã¢ã«é¢ãã¦ï¼ãã®é©ç¨å¯è½æ§ã
|
---|
40 | * å«ãã¦ï¼ãããªãä¿è¨¼ãè¡ããªãï¼ã¾ãï¼æ¬ã½ããã¦ã§ã¢ã®å©ç¨ã«ããç´
|
---|
41 | * æ¥çã¾ãã¯éæ¥çã«çãããããªãæ害ã«é¢ãã¦ãï¼ãã®è²¬ä»»ãè² ããªãï¼
|
---|
42 | *
|
---|
43 | * @(#) $Id: ppp_upap.c 270 2017-02-09 04:03:47Z coas-nagasima $
|
---|
44 | */
|
---|
45 |
|
---|
46 | /*
|
---|
47 | * upap.c - User/Password Authentication Protocol.
|
---|
48 | *
|
---|
49 | * Copyright (c) 1989 Carnegie Mellon University.
|
---|
50 | * All rights reserved.
|
---|
51 | *
|
---|
52 | * Redistribution and use in source and binary forms are permitted
|
---|
53 | * provided that the above copyright notice and this paragraph are
|
---|
54 | * duplicated in all such forms and that any documentation,
|
---|
55 | * advertising materials, and other materials related to such
|
---|
56 | * distribution and use acknowledge that the software was developed
|
---|
57 | * by Carnegie Mellon University. The name of the
|
---|
58 | * University may not be used to endorse or promote products derived
|
---|
59 | * from this software without specific prior written permission.
|
---|
60 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
---|
61 | * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
---|
62 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
---|
63 | */
|
---|
64 |
|
---|
65 | /*
|
---|
66 | * PPP PAP Module
|
---|
67 | *
|
---|
68 | * Written by Toshiharu OHNO (tony-o@iij.ad.jp)
|
---|
69 | *
|
---|
70 | * Copyright (C) 1993-94, Internet Initiative Japan, Inc.
|
---|
71 | * All rights reserverd.
|
---|
72 | *
|
---|
73 | * Redistribution and use in source and binary forms are permitted
|
---|
74 | * provided that the above copyright notice and this paragraph are
|
---|
75 | * duplicated in all such forms and that any documentation,
|
---|
76 | * advertising materials, and other materials related to such
|
---|
77 | * distribution and use acknowledge that the software was developed
|
---|
78 | * by the Internet Initiative Japan, Inc. The name of the
|
---|
79 | * IIJ may not be used to endorse or promote products derived
|
---|
80 | * from this software without specific prior written permission.
|
---|
81 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
---|
82 | * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
---|
83 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
---|
84 | *
|
---|
85 | * $FreeBSD: src/usr.sbin/ppp/pap.c,v 1.42.2.1 2000/08/19 09:30:05 brian Exp $
|
---|
86 | *
|
---|
87 | * TODO:
|
---|
88 | */
|
---|
89 |
|
---|
90 | #include <string.h>
|
---|
91 |
|
---|
92 | #include <s_services.h>
|
---|
93 | #include <t_services.h>
|
---|
94 |
|
---|
95 | #include <tinet_defs.h>
|
---|
96 | #include <tinet_config.h>
|
---|
97 |
|
---|
98 | #include <net/if.h>
|
---|
99 | #include <net/if_ppp.h>
|
---|
100 | #include <net/net.h>
|
---|
101 | #include <net/net_buf.h>
|
---|
102 | #include <net/net_timer.h>
|
---|
103 | #include <net/net_count.h>
|
---|
104 | #include <net/ppp.h>
|
---|
105 | #include <net/ppp_var.h>
|
---|
106 | #include <net/ppp_hdlc.h>
|
---|
107 | #include <net/ppp_auth.h>
|
---|
108 | #include <net/ppp_fsm.h>
|
---|
109 | #include <net/ppp_lcp.h>
|
---|
110 | #include <net/ppp_upap.h>
|
---|
111 |
|
---|
112 | #ifdef SUPPORT_PPP
|
---|
113 |
|
---|
114 | /*
|
---|
115 | * é¢æ°
|
---|
116 | */
|
---|
117 |
|
---|
118 | static void upap_init (void);
|
---|
119 | static void upap_input (T_NET_BUF *input);
|
---|
120 | static void upap_protrej (void);
|
---|
121 | static void upap_lowerup (void);
|
---|
122 | static void upap_lowerdown (void);
|
---|
123 | static bool_t compare (uint8_t *rstr, uint8_t *lstr, uint8_t rlen);
|
---|
124 |
|
---|
125 | #ifdef AUTH_CFG_CLIENT
|
---|
126 |
|
---|
127 | static void upap_sauthreq (void);
|
---|
128 | static void upap_rauthack (void);
|
---|
129 | static void upap_rauthnak (void);
|
---|
130 |
|
---|
131 | #if defined(DEF_PAP_TIMEOUT)
|
---|
132 |
|
---|
133 | static void upap_timeout(void *arg);
|
---|
134 |
|
---|
135 | #endif /* of #if defined(DEF_PAP_TIMEOUT) */
|
---|
136 |
|
---|
137 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
138 |
|
---|
139 | #ifdef AUTH_CFG_SERVER
|
---|
140 |
|
---|
141 | static void upap_rauthreq (T_NET_BUF *input);
|
---|
142 | static void upap_sresp (uint8_t code, uint8_t id);
|
---|
143 |
|
---|
144 | #if defined(DEF_PAP_REQTIME)
|
---|
145 |
|
---|
146 | static void upap_reqtimeout(void *arg);
|
---|
147 |
|
---|
148 | #endif /* of #if defined(DEF_PAP_REQTIME) */
|
---|
149 |
|
---|
150 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
151 |
|
---|
152 | /*
|
---|
153 | * å
|
---|
154 | ¨åå¤æ°
|
---|
155 | */
|
---|
156 |
|
---|
157 | T_PPP_PROTENT pap_protent = {
|
---|
158 | PPP_PAP,
|
---|
159 | upap_init, /* åæå */
|
---|
160 | upap_input, /* å
|
---|
161 | ¥å */
|
---|
162 | upap_protrej, /* Proto-REJ åä¿¡å¦ç */
|
---|
163 | upap_lowerup, /* ä¸ä½å±¤ãèµ·åãã */
|
---|
164 | upap_lowerdown, /* ä¸ä½å±¤ãåæ¢ãã */
|
---|
165 | NULL, /* ãªã¼ãã³ãã */
|
---|
166 | NULL, /* ã¯ãã¼ãºãã */
|
---|
167 | NULL, /* ãã¼ã¿å
|
---|
168 | ¥å */
|
---|
169 | };
|
---|
170 |
|
---|
171 | /*
|
---|
172 | * å¤æ°
|
---|
173 | */
|
---|
174 |
|
---|
175 | #ifdef AUTH_CFG_CLIENT
|
---|
176 |
|
---|
177 | static uint8_t client_state;
|
---|
178 | static uint8_t client_cp_id;
|
---|
179 |
|
---|
180 | #if defined(DEF_PAP_TIMEOUT)
|
---|
181 |
|
---|
182 | static uint8_t client_rexmt = 0;
|
---|
183 |
|
---|
184 | #endif /* of #if defined(DEF_PAP_TIMEOUT) */
|
---|
185 |
|
---|
186 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
187 |
|
---|
188 | #ifdef AUTH_CFG_SERVER
|
---|
189 |
|
---|
190 | static uint8_t server_state;
|
---|
191 |
|
---|
192 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
193 |
|
---|
194 | /*
|
---|
195 | * upap_init -- UPAP ã¢ã¸ã¥ã¼ã«ã®åæå
|
---|
196 | */
|
---|
197 |
|
---|
198 | static void
|
---|
199 | upap_init (void)
|
---|
200 | {
|
---|
201 | #ifdef AUTH_CFG_CLIENT
|
---|
202 |
|
---|
203 | client_cp_id = 0;
|
---|
204 | client_state = PAP_CS_INIT;
|
---|
205 |
|
---|
206 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
207 |
|
---|
208 | #ifdef AUTH_CFG_SERVER
|
---|
209 |
|
---|
210 | server_state = PAP_SS_INIT;
|
---|
211 |
|
---|
212 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
213 | }
|
---|
214 |
|
---|
215 | /*
|
---|
216 | * upap_input -- UPAP å
|
---|
217 | ¥å
|
---|
218 | */
|
---|
219 |
|
---|
220 | static void
|
---|
221 | upap_input (T_NET_BUF *input)
|
---|
222 | {
|
---|
223 | T_PPP_CP_HDR *hdr;
|
---|
224 |
|
---|
225 | NET_COUNT_PPP_PAP(net_count_ppp_upap_in_octets, input->len);
|
---|
226 | NET_COUNT_PPP_PAP(net_count_ppp_upap_in_packets, 1);
|
---|
227 |
|
---|
228 | /* PPP ãªã³ã¯å¶å¾¡ (CP) ãããããçããã°ã¨ã©ã¼ */
|
---|
229 | if (input->len < (sizeof(T_PPP_HDR) + sizeof(T_PPP_CP_HDR))) {
|
---|
230 | syslog(LOG_WARNING, "[PPP/PAP] short hdr: %d.", input->len);
|
---|
231 | return;
|
---|
232 | }
|
---|
233 |
|
---|
234 | hdr = GET_PPP_CP_HDR(input);
|
---|
235 |
|
---|
236 | /* ãããã®é·ãã¨å
|
---|
237 | ¥åãã¼ã¿ãµã¤ãºãä¸è´ããªããã°ã¨ã©ã¼ */
|
---|
238 | if (hdr->len != input->len - sizeof(T_PPP_HDR)) {
|
---|
239 | syslog(LOG_WARNING, "[PPP/PAP] bad len: %d.", hdr->len);
|
---|
240 | return;
|
---|
241 | }
|
---|
242 |
|
---|
243 | /*
|
---|
244 | * å¶å¾¡ã³ã¼ãã«ããé©å½ãªé¢æ°ãå¼åºã
|
---|
245 | */
|
---|
246 |
|
---|
247 | switch (hdr->code) {
|
---|
248 |
|
---|
249 | #ifdef AUTH_CFG_CLIENT
|
---|
250 |
|
---|
251 | case PAP_AUTHACK:
|
---|
252 | upap_rauthack();
|
---|
253 | break;
|
---|
254 |
|
---|
255 | case PAP_AUTHNAK:
|
---|
256 | upap_rauthnak();
|
---|
257 | break;
|
---|
258 |
|
---|
259 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
260 |
|
---|
261 | #ifdef AUTH_CFG_SERVER
|
---|
262 |
|
---|
263 | case PAP_AUTHREQ:
|
---|
264 | upap_rauthreq(input);
|
---|
265 | break;
|
---|
266 |
|
---|
267 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
268 |
|
---|
269 | }
|
---|
270 | }
|
---|
271 |
|
---|
272 | /*
|
---|
273 | * upap_protrej -- Proto-REJ ãåä¿¡ããã¨ãã®å¦ç
|
---|
274 | */
|
---|
275 |
|
---|
276 | static void
|
---|
277 | upap_protrej (void)
|
---|
278 | {
|
---|
279 | #ifdef AUTH_CFG_CLIENT
|
---|
280 |
|
---|
281 | if (client_state == PAP_CS_AUTHREQ)
|
---|
282 | syslog(LOG_WARNING, "[PPP/PAP] proto-rej recved.");
|
---|
283 |
|
---|
284 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
285 |
|
---|
286 | #ifdef AUTH_CFG_SERVER
|
---|
287 |
|
---|
288 | if (server_state == PAP_SS_LISTEN) {
|
---|
289 | syslog(LOG_WARNING, "[PPP/PAP] proto-rej recved.");
|
---|
290 | lcp_close();
|
---|
291 | }
|
---|
292 |
|
---|
293 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
294 |
|
---|
295 | upap_lowerdown();
|
---|
296 | }
|
---|
297 |
|
---|
298 | /*
|
---|
299 | * upap_lowerup -- UPAP ä¸ä½å±¤ãèµ·åããã
|
---|
300 | */
|
---|
301 |
|
---|
302 | static void
|
---|
303 | upap_lowerup (void)
|
---|
304 | {
|
---|
305 | #ifdef AUTH_CFG_CLIENT
|
---|
306 |
|
---|
307 | if (client_state == PAP_CS_INIT)
|
---|
308 | client_state = PAP_CS_CLOSED;
|
---|
309 | else if (client_state == PAP_CS_PENDING)
|
---|
310 | upap_sauthreq();
|
---|
311 |
|
---|
312 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
313 |
|
---|
314 | #ifdef AUTH_CFG_SERVER
|
---|
315 |
|
---|
316 | if (server_state == PAP_SS_INIT)
|
---|
317 | server_state = PAP_SS_CLOSED;
|
---|
318 | else if (server_state == PAP_SS_PENDING) {
|
---|
319 | server_state = PAP_SS_LISTEN;
|
---|
320 |
|
---|
321 | #if defined(DEF_PAP_REQTIME)
|
---|
322 |
|
---|
323 | timeout((FP)upap_reqtimeout, NULL, DEF_PAP_REQTIME);
|
---|
324 |
|
---|
325 | #endif /* of #if defined(DEF_PAP_REQTIME) */
|
---|
326 |
|
---|
327 | }
|
---|
328 |
|
---|
329 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
330 | }
|
---|
331 |
|
---|
332 | /*
|
---|
333 | * upap_lowerdown -- UPAP ä¸ä½å±¤ãåæ¢ããã
|
---|
334 | */
|
---|
335 |
|
---|
336 | static void
|
---|
337 | upap_lowerdown (void)
|
---|
338 | {
|
---|
339 | #ifdef AUTH_CFG_CLIENT
|
---|
340 |
|
---|
341 | #if defined(DEF_PAP_TIMEOUT)
|
---|
342 |
|
---|
343 | if (client_state == PAP_CS_AUTHREQ)
|
---|
344 | untimeout((FP)upap_timeout, NULL);
|
---|
345 |
|
---|
346 | #endif /* of #if defined(DEF_PAP_TIMEOUT) */
|
---|
347 |
|
---|
348 | client_state = PAP_CS_INIT;
|
---|
349 |
|
---|
350 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
351 |
|
---|
352 | #ifdef AUTH_CFG_SERVER
|
---|
353 |
|
---|
354 | #if defined(DEF_PAP_REQTIME)
|
---|
355 |
|
---|
356 | if (server_state == PAP_SS_LISTEN)
|
---|
357 | untimeout((FP)upap_reqtimeout, NULL);
|
---|
358 |
|
---|
359 | #endif /* of #if defined(DEF_PAP_REQTIME) */
|
---|
360 |
|
---|
361 | server_state = PAP_SS_INIT;
|
---|
362 |
|
---|
363 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
364 | }
|
---|
365 | #ifdef AUTH_CFG_CLIENT
|
---|
366 |
|
---|
367 | /*
|
---|
368 | * ã¯ã©ã¤ã¢ã³ãã¢ã¼ã㧠PAP èªè¨¼ãéå§ããã
|
---|
369 | */
|
---|
370 |
|
---|
371 | void
|
---|
372 | upap_auth_client (void)
|
---|
373 | {
|
---|
374 | #if defined(DEF_PAP_TIMEOUT)
|
---|
375 |
|
---|
376 | client_rexmt = 0;
|
---|
377 |
|
---|
378 | #endif /* of #if defined(DEF_PAP_TIMEOUT) */
|
---|
379 |
|
---|
380 | if (client_state == PAP_CS_INIT || client_state == PAP_CS_PENDING) {
|
---|
381 | client_state = PAP_CS_PENDING;
|
---|
382 | return;
|
---|
383 | }
|
---|
384 |
|
---|
385 | upap_sauthreq();
|
---|
386 | }
|
---|
387 |
|
---|
388 | /*
|
---|
389 | * upap_rauthack -- èªè¨¼ ACK å¦ç
|
---|
390 | */
|
---|
391 |
|
---|
392 | static void
|
---|
393 | upap_rauthack (void)
|
---|
394 | {
|
---|
395 | if (client_state == PAP_CS_AUTHREQ) {
|
---|
396 | client_state = PAP_CS_OPEN;
|
---|
397 | network_phase();
|
---|
398 | }
|
---|
399 | }
|
---|
400 |
|
---|
401 | /*
|
---|
402 | * upap_rauthnak -- èªè¨¼ NAK å¦ç
|
---|
403 | */
|
---|
404 |
|
---|
405 | static void
|
---|
406 | upap_rauthnak (void)
|
---|
407 | {
|
---|
408 | syslog(LOG_WARNING, "[PPP/PAP] auth-req NAKed.");
|
---|
409 | client_state = PAP_CS_BADAUTH;
|
---|
410 | }
|
---|
411 |
|
---|
412 | /*
|
---|
413 | * upap_sauthreq -- èªè¨¼è¦æ±å¦ç
|
---|
414 | */
|
---|
415 |
|
---|
416 | static void
|
---|
417 | upap_sauthreq (void)
|
---|
418 | {
|
---|
419 | T_NET_BUF *output;
|
---|
420 | uint8_t *data;
|
---|
421 |
|
---|
422 | syscall(get_net_buf(&output, sizeof(T_PPP_HDR) + sizeof(T_PPP_CP_HDR)
|
---|
423 | + sizeof(AUTH_REMOTE_USER) + sizeof(AUTH_REMOTE_PASSWD)));
|
---|
424 |
|
---|
425 | data = output->buf + sizeof(T_PPP_HDR) + sizeof(T_PPP_CP_HDR);
|
---|
426 |
|
---|
427 | /* ã¦ã¼ã¶åãè¨å®ããã*/
|
---|
428 | *data = sizeof(AUTH_REMOTE_USER) - 1;
|
---|
429 | strcpy(data + 1, AUTH_REMOTE_USER);
|
---|
430 |
|
---|
431 | /* ãã¹ã¯ã¼ããè¨å®ããã*/
|
---|
432 | *(data + sizeof(AUTH_REMOTE_USER)) = sizeof(AUTH_REMOTE_PASSWD) - 1;
|
---|
433 | strcpy(data + sizeof(AUTH_REMOTE_USER) + 1, AUTH_REMOTE_PASSWD);
|
---|
434 |
|
---|
435 | /* éä¿¡ãã */
|
---|
436 | IF_SET_PROTO(output, PPP_PAP);
|
---|
437 | ppp_cp_output(PAP_AUTHREQ, ++ client_cp_id, output);
|
---|
438 |
|
---|
439 | #if defined(DEF_PAP_TIMEOUT)
|
---|
440 |
|
---|
441 | timeout((FP)upap_timeout, NULL, DEF_PAP_TIMEOUT);
|
---|
442 | client_rexmt ++;
|
---|
443 |
|
---|
444 | #endif /* of #if defined(DEF_PAP_TIMEOUT) */
|
---|
445 |
|
---|
446 | client_state = PAP_CS_AUTHREQ;
|
---|
447 | }
|
---|
448 |
|
---|
449 | #if defined(DEF_PAP_TIMEOUT)
|
---|
450 |
|
---|
451 | /*
|
---|
452 | * upap_timeout -- ã¿ã¤ã ã¢ã¦ãå¦ç
|
---|
453 | */
|
---|
454 |
|
---|
455 | static void
|
---|
456 | upap_timeout (void *arg)
|
---|
457 | {
|
---|
458 | if (client_state != PAP_CS_AUTHREQ)
|
---|
459 | return;
|
---|
460 |
|
---|
461 | if (client_rexmt >= MAX_PAP_REXMT) {
|
---|
462 | syslog(LOG_WARNING, "[PPP/PAP] no reply auth-req.");
|
---|
463 | client_state = PAP_CS_BADAUTH;
|
---|
464 | return;
|
---|
465 | }
|
---|
466 |
|
---|
467 | upap_sauthreq();
|
---|
468 | }
|
---|
469 |
|
---|
470 | #endif /* of #if defined(DEF_PAP_TIMEOUT) */
|
---|
471 |
|
---|
472 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
473 |
|
---|
474 | #ifdef AUTH_CFG_SERVER
|
---|
475 |
|
---|
476 | /*
|
---|
477 | * ãµã¼ãã¢ã¼ã㧠PAP èªè¨¼ãéå§ããã
|
---|
478 | */
|
---|
479 |
|
---|
480 | void
|
---|
481 | upap_auth_server (void)
|
---|
482 | {
|
---|
483 | if (server_state == PAP_SS_INIT || server_state == PAP_SS_PENDING) {
|
---|
484 | server_state = PAP_SS_PENDING;
|
---|
485 | return;
|
---|
486 | }
|
---|
487 |
|
---|
488 | server_state = PAP_SS_LISTEN;
|
---|
489 |
|
---|
490 | #if defined(DEF_PAP_REQTIME)
|
---|
491 |
|
---|
492 | timeout((FP)upap_reqtimeout, NULL, DEF_PAP_REQTIME);
|
---|
493 |
|
---|
494 | #endif /* of #if defined(DEF_PAP_REQTIME) */
|
---|
495 | }
|
---|
496 |
|
---|
497 | /*
|
---|
498 | * upap_rauthreq -- èªè¨¼è¦æ±å¿çå¦ç
|
---|
499 | */
|
---|
500 |
|
---|
501 | static void
|
---|
502 | upap_rauthreq (T_NET_BUF *input)
|
---|
503 | {
|
---|
504 | int16_t cplen;
|
---|
505 | uint8_t *data, *user, ulen, plen, code, id;
|
---|
506 |
|
---|
507 | if (server_state < PAP_SS_LISTEN)
|
---|
508 | return;
|
---|
509 |
|
---|
510 | /*
|
---|
511 | * åè¦æ±ããã£ãã¨ãã®å¦ç
|
---|
512 | */
|
---|
513 | id = GET_PPP_CP_HDR(input)->id;
|
---|
514 | if (server_state == PAP_SS_OPEN) {
|
---|
515 | upap_sresp(PAP_AUTHACK, id);
|
---|
516 | return;
|
---|
517 | }
|
---|
518 |
|
---|
519 | if (server_state == PAP_SS_BADAUTH) {
|
---|
520 | upap_sresp(PAP_AUTHNAK, id);
|
---|
521 | return;
|
---|
522 | }
|
---|
523 |
|
---|
524 | cplen = GET_PPP_CP_HDR(input)->len;
|
---|
525 | data = input->buf + sizeof(T_PPP_HDR) + sizeof(T_PPP_CP_HDR);
|
---|
526 |
|
---|
527 | /*
|
---|
528 | * ã¦ã¼ã¶åãç¹å®ããã
|
---|
529 | */
|
---|
530 | ulen = *data;
|
---|
531 | if (cplen < sizeof(T_PPP_CP_HDR) + ulen + sizeof(uint8_t)) {
|
---|
532 | syslog(LOG_WARNING, "[PPP/PAP] bad req len: %d.", cplen);
|
---|
533 | return;
|
---|
534 | }
|
---|
535 | user = ++ data;
|
---|
536 | data += ulen;
|
---|
537 |
|
---|
538 | /*
|
---|
539 | * ãã¹ã¯ã¼ããç¹å®ããã
|
---|
540 | */
|
---|
541 | plen = *data;
|
---|
542 | if (cplen < sizeof(T_PPP_CP_HDR) + ulen + plen + sizeof(uint8_t) * 2) {
|
---|
543 | syslog(LOG_WARNING, "[PPP/PAP] bad req len: %d.", cplen);
|
---|
544 | return;
|
---|
545 | }
|
---|
546 |
|
---|
547 | /*
|
---|
548 | * ã¦ã¼ã¶åã¨ãã¹ã¯ã¼ãããã§ãã¯ããã
|
---|
549 | */
|
---|
550 | if (compare(user, AUTH_LOCAL_USER, ulen) &&
|
---|
551 | compare(data + 1, AUTH_LOCAL_PASSWD, plen))
|
---|
552 | code = PAP_AUTHACK;
|
---|
553 | else
|
---|
554 | code = PAP_AUTHNAK;
|
---|
555 |
|
---|
556 | upap_sresp(code, id);
|
---|
557 |
|
---|
558 | if (code == PAP_AUTHACK) {
|
---|
559 | network_phase();
|
---|
560 | server_state = PAP_SS_OPEN;
|
---|
561 | }
|
---|
562 | else {
|
---|
563 | lcp_close();
|
---|
564 | server_state = PAP_SS_BADAUTH;
|
---|
565 | }
|
---|
566 |
|
---|
567 | #if defined(DEF_PAP_REQTIME)
|
---|
568 |
|
---|
569 | untimeout((FP)upap_reqtimeout, NULL);
|
---|
570 |
|
---|
571 | #endif /* of #if defined(DEF_PAP_REQTIME) */
|
---|
572 | }
|
---|
573 |
|
---|
574 | /*
|
---|
575 | * upap_sresp -- å¿çãè¿ãã
|
---|
576 | */
|
---|
577 |
|
---|
578 | static void
|
---|
579 | upap_sresp (uint8_t code, uint8_t id)
|
---|
580 | {
|
---|
581 | T_NET_BUF *output;
|
---|
582 |
|
---|
583 | /* éä¿¡ãã */
|
---|
584 | syscall(get_net_buf(&output, sizeof(T_PPP_HDR) + sizeof(T_PPP_CP_HDR)));
|
---|
585 | IF_SET_PROTO(output, PPP_PAP);
|
---|
586 | ppp_cp_output(code, id, output);
|
---|
587 | }
|
---|
588 |
|
---|
589 | /*
|
---|
590 | * compare -- ã¦ã¼ã¶åã¨ãã¹ã¯ã¼ãã®æ¯è¼
|
---|
591 | */
|
---|
592 |
|
---|
593 | static bool_t
|
---|
594 | compare (uint8_t *rstr, uint8_t *lstr, uint8_t rlen)
|
---|
595 | {
|
---|
596 | while (rlen -- > 0) {
|
---|
597 | if (*rstr != *lstr)
|
---|
598 | return false;
|
---|
599 | rstr ++;
|
---|
600 | lstr ++;
|
---|
601 | }
|
---|
602 | return *lstr ? false : true;
|
---|
603 | }
|
---|
604 |
|
---|
605 | #if defined(DEF_PAP_REQTIME)
|
---|
606 |
|
---|
607 | /*
|
---|
608 | * upap_reqtimeout -- è¦æ±ã¿ã¤ã ã¢ã¦ãå¦ç
|
---|
609 | */
|
---|
610 |
|
---|
611 | static void
|
---|
612 | upap_reqtimeout (void *arg)
|
---|
613 | {
|
---|
614 | if (server_state == PAP_SS_LISTEN) {
|
---|
615 | lcp_close();
|
---|
616 | server_state = PAP_SS_BADAUTH;
|
---|
617 | }
|
---|
618 | }
|
---|
619 |
|
---|
620 | #endif /* of #if defined(DEF_PAP_REQTIME) */
|
---|
621 |
|
---|
622 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
623 |
|
---|
624 | #endif /* fo #ifdef SUPPORT_PPP */
|
---|