1 | /*
|
---|
2 | * TINET (TCP/IP Protocol Stack)
|
---|
3 | *
|
---|
4 | * Copyright (C) 2001-2017 by Dep. of Computer Science and Engineering
|
---|
5 | * Tomakomai National College of Technology, JAPAN
|
---|
6 | *
|
---|
7 | * ä¸è¨èä½æ¨©è
|
---|
8 | ã¯ï¼ä»¥ä¸ã® (1)ï½(4) ã®æ¡ä»¶ãï¼Free Software Foundation
|
---|
9 | * ã«ãã£ã¦å
|
---|
10 | ¬è¡¨ããã¦ãã GNU General Public License ã® Version 2 ã«è¨
|
---|
11 | * è¿°ããã¦ããæ¡ä»¶ãæºããå ´åã«éãï¼æ¬ã½ããã¦ã§ã¢ï¼æ¬ã½ããã¦ã§ã¢
|
---|
12 | * ãæ¹å¤ãããã®ãå«ãï¼ä»¥ä¸åãï¼ã使ç¨ã»è¤è£½ã»æ¹å¤ã»åé
|
---|
13 | å¸ï¼ä»¥ä¸ï¼
|
---|
14 | * å©ç¨ã¨å¼ã¶ï¼ãããã¨ãç¡åã§è¨±è«¾ããï¼
|
---|
15 | * (1) æ¬ã½ããã¦ã§ã¢ãã½ã¼ã¹ã³ã¼ãã®å½¢ã§å©ç¨ããå ´åã«ã¯ï¼ä¸è¨ã®èä½
|
---|
16 | * 権表示ï¼ãã®å©ç¨æ¡ä»¶ããã³ä¸è¨ã®ç¡ä¿è¨¼è¦å®ãï¼ãã®ã¾ã¾ã®å½¢ã§ã½ã¼
|
---|
17 | * ã¹ã³ã¼ãä¸ã«å«ã¾ãã¦ãããã¨ï¼
|
---|
18 | * (2) æ¬ã½ããã¦ã§ã¢ãï¼ã©ã¤ãã©ãªå½¢å¼ãªã©ï¼ä»ã®ã½ããã¦ã§ã¢éçºã«ä½¿
|
---|
19 | * ç¨ã§ããå½¢ã§åé
|
---|
20 | å¸ããå ´åã«ã¯ï¼åé
|
---|
21 | å¸ã«ä¼´ãããã¥ã¡ã³ãï¼å©ç¨
|
---|
22 | * è
|
---|
23 | ããã¥ã¢ã«ãªã©ï¼ã«ï¼ä¸è¨ã®èä½æ¨©è¡¨ç¤ºï¼ãã®å©ç¨æ¡ä»¶ããã³ä¸è¨
|
---|
24 | * ã®ç¡ä¿è¨¼è¦å®ãæ²è¼ãããã¨ï¼
|
---|
25 | * (3) æ¬ã½ããã¦ã§ã¢ãï¼æ©å¨ã«çµã¿è¾¼ããªã©ï¼ä»ã®ã½ããã¦ã§ã¢éçºã«ä½¿
|
---|
26 | * ç¨ã§ããªãå½¢ã§åé
|
---|
27 | å¸ããå ´åã«ã¯ï¼æ¬¡ã®æ¡ä»¶ãæºãããã¨ï¼
|
---|
28 | * (a) åé
|
---|
29 | å¸ã«ä¼´ãããã¥ã¡ã³ãï¼å©ç¨è
|
---|
30 | ããã¥ã¢ã«ãªã©ï¼ã«ï¼ä¸è¨ã®è
|
---|
31 | * ä½æ¨©è¡¨ç¤ºï¼ãã®å©ç¨æ¡ä»¶ããã³ä¸è¨ã®ç¡ä¿è¨¼è¦å®ãæ²è¼ãããã¨ï¼
|
---|
32 | * (4) æ¬ã½ããã¦ã§ã¢ã®å©ç¨ã«ããç´æ¥çã¾ãã¯éæ¥çã«çãããããªãæ
|
---|
33 | * 害ãããï¼ä¸è¨èä½æ¨©è
|
---|
34 | ããã³TOPPERSããã¸ã§ã¯ããå
|
---|
35 | 責ãããã¨ï¼
|
---|
36 | *
|
---|
37 | * æ¬ã½ããã¦ã§ã¢ã¯ï¼ç¡ä¿è¨¼ã§æä¾ããã¦ãããã®ã§ããï¼ä¸è¨èä½æ¨©è
|
---|
38 | ã
|
---|
39 | * ãã³TOPPERSããã¸ã§ã¯ãã¯ï¼æ¬ã½ããã¦ã§ã¢ã«é¢ãã¦ï¼ãã®é©ç¨å¯è½æ§ã
|
---|
40 | * å«ãã¦ï¼ãããªãä¿è¨¼ãè¡ããªãï¼ã¾ãï¼æ¬ã½ããã¦ã§ã¢ã®å©ç¨ã«ããç´
|
---|
41 | * æ¥çã¾ãã¯éæ¥çã«çãããããªãæ害ã«é¢ãã¦ãï¼ãã®è²¬ä»»ãè² ããªãï¼
|
---|
42 | *
|
---|
43 | * @(#) $Id: ppp_upap.c 317 2017-08-03 13:14:26Z coas-nagasima $
|
---|
44 | */
|
---|
45 |
|
---|
46 | /*
|
---|
47 | * upap.c - User/Password Authentication Protocol.
|
---|
48 | *
|
---|
49 | * Copyright (c) 1989 Carnegie Mellon University.
|
---|
50 | * All rights reserved.
|
---|
51 | *
|
---|
52 | * Redistribution and use in source and binary forms are permitted
|
---|
53 | * provided that the above copyright notice and this paragraph are
|
---|
54 | * duplicated in all such forms and that any documentation,
|
---|
55 | * advertising materials, and other materials related to such
|
---|
56 | * distribution and use acknowledge that the software was developed
|
---|
57 | * by Carnegie Mellon University. The name of the
|
---|
58 | * University may not be used to endorse or promote products derived
|
---|
59 | * from this software without specific prior written permission.
|
---|
60 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
---|
61 | * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
---|
62 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
---|
63 | */
|
---|
64 |
|
---|
65 | /*
|
---|
66 | * PPP PAP Module
|
---|
67 | *
|
---|
68 | * Written by Toshiharu OHNO (tony-o@iij.ad.jp)
|
---|
69 | *
|
---|
70 | * Copyright (C) 1993-94, Internet Initiative Japan, Inc.
|
---|
71 | * All rights reserverd.
|
---|
72 | *
|
---|
73 | * Redistribution and use in source and binary forms are permitted
|
---|
74 | * provided that the above copyright notice and this paragraph are
|
---|
75 | * duplicated in all such forms and that any documentation,
|
---|
76 | * advertising materials, and other materials related to such
|
---|
77 | * distribution and use acknowledge that the software was developed
|
---|
78 | * by the Internet Initiative Japan, Inc. The name of the
|
---|
79 | * IIJ may not be used to endorse or promote products derived
|
---|
80 | * from this software without specific prior written permission.
|
---|
81 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
---|
82 | * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
---|
83 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
---|
84 | *
|
---|
85 | * $FreeBSD: src/usr.sbin/ppp/pap.c,v 1.42.2.1 2000/08/19 09:30:05 brian Exp $
|
---|
86 | *
|
---|
87 | * TODO:
|
---|
88 | */
|
---|
89 |
|
---|
90 | #include <string.h>
|
---|
91 |
|
---|
92 | #include <s_services.h>
|
---|
93 | #include <t_services.h>
|
---|
94 |
|
---|
95 | #include <tinet_defs.h>
|
---|
96 | #include <tinet_config.h>
|
---|
97 |
|
---|
98 | #include <net/if.h>
|
---|
99 | #include <net/if_ppp.h>
|
---|
100 | #include <net/net.h>
|
---|
101 | #include <net/net_endian.h>
|
---|
102 | #include <net/net_buf.h>
|
---|
103 | #include <net/net_timer.h>
|
---|
104 | #include <net/net_count.h>
|
---|
105 | #include <net/ppp.h>
|
---|
106 | #include <net/ppp_var.h>
|
---|
107 | #include <net/ppp_hdlc.h>
|
---|
108 | #include <net/ppp_auth.h>
|
---|
109 | #include <net/ppp_fsm.h>
|
---|
110 | #include <net/ppp_lcp.h>
|
---|
111 | #include <net/ppp_upap.h>
|
---|
112 |
|
---|
113 | #ifdef SUPPORT_PPP
|
---|
114 |
|
---|
115 | /*
|
---|
116 | * é¢æ°
|
---|
117 | */
|
---|
118 |
|
---|
119 | static void upap_init (void);
|
---|
120 | static void upap_input (T_NET_BUF *input);
|
---|
121 | static void upap_protrej (void);
|
---|
122 | static void upap_lowerup (void);
|
---|
123 | static void upap_lowerdown (void);
|
---|
124 | static bool_t compare (uint8_t *rstr, uint8_t *lstr, uint8_t rlen);
|
---|
125 |
|
---|
126 | #ifdef AUTH_CFG_CLIENT
|
---|
127 |
|
---|
128 | static void upap_sauthreq (void);
|
---|
129 | static void upap_rauthack (void);
|
---|
130 | static void upap_rauthnak (void);
|
---|
131 |
|
---|
132 | #if defined(DEF_PAP_TIMEOUT)
|
---|
133 |
|
---|
134 | static void upap_timeout(void *arg);
|
---|
135 |
|
---|
136 | #endif /* of #if defined(DEF_PAP_TIMEOUT) */
|
---|
137 |
|
---|
138 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
139 |
|
---|
140 | #ifdef AUTH_CFG_SERVER
|
---|
141 |
|
---|
142 | static void upap_rauthreq (T_NET_BUF *input);
|
---|
143 | static void upap_sresp (uint8_t code, uint8_t id);
|
---|
144 |
|
---|
145 | #if defined(DEF_PAP_REQTIME)
|
---|
146 |
|
---|
147 | static void upap_reqtimeout(void *arg);
|
---|
148 |
|
---|
149 | #endif /* of #if defined(DEF_PAP_REQTIME) */
|
---|
150 |
|
---|
151 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
152 |
|
---|
153 | /*
|
---|
154 | * å
|
---|
155 | ¨åå¤æ°
|
---|
156 | */
|
---|
157 |
|
---|
158 | T_PPP_PROTENT pap_protent = {
|
---|
159 | PPP_PAP,
|
---|
160 | upap_init, /* åæå */
|
---|
161 | upap_input, /* å
|
---|
162 | ¥å */
|
---|
163 | upap_protrej, /* Proto-REJ åä¿¡å¦ç */
|
---|
164 | upap_lowerup, /* ä¸ä½å±¤ãèµ·åãã */
|
---|
165 | upap_lowerdown, /* ä¸ä½å±¤ãåæ¢ãã */
|
---|
166 | NULL, /* ãªã¼ãã³ãã */
|
---|
167 | NULL, /* ã¯ãã¼ãºãã */
|
---|
168 | NULL, /* ãã¼ã¿å
|
---|
169 | ¥å */
|
---|
170 | };
|
---|
171 |
|
---|
172 | /*
|
---|
173 | * å¤æ°
|
---|
174 | */
|
---|
175 |
|
---|
176 | #ifdef AUTH_CFG_CLIENT
|
---|
177 |
|
---|
178 | static uint8_t client_state;
|
---|
179 | static uint8_t client_cp_id;
|
---|
180 |
|
---|
181 | #if defined(DEF_PAP_TIMEOUT)
|
---|
182 |
|
---|
183 | static uint8_t client_rexmt = 0;
|
---|
184 |
|
---|
185 | #endif /* of #if defined(DEF_PAP_TIMEOUT) */
|
---|
186 |
|
---|
187 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
188 |
|
---|
189 | #ifdef AUTH_CFG_SERVER
|
---|
190 |
|
---|
191 | static uint8_t server_state;
|
---|
192 |
|
---|
193 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
194 |
|
---|
195 | /*
|
---|
196 | * upap_init -- UPAP ã¢ã¸ã¥ã¼ã«ã®åæå
|
---|
197 | */
|
---|
198 |
|
---|
199 | static void
|
---|
200 | upap_init (void)
|
---|
201 | {
|
---|
202 | #ifdef AUTH_CFG_CLIENT
|
---|
203 |
|
---|
204 | client_cp_id = 0;
|
---|
205 | client_state = PAP_CS_INIT;
|
---|
206 |
|
---|
207 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
208 |
|
---|
209 | #ifdef AUTH_CFG_SERVER
|
---|
210 |
|
---|
211 | server_state = PAP_SS_INIT;
|
---|
212 |
|
---|
213 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
214 | }
|
---|
215 |
|
---|
216 | /*
|
---|
217 | * upap_input -- UPAP å
|
---|
218 | ¥å
|
---|
219 | */
|
---|
220 |
|
---|
221 | static void
|
---|
222 | upap_input (T_NET_BUF *input)
|
---|
223 | {
|
---|
224 | T_PPP_CP_HDR *hdr;
|
---|
225 |
|
---|
226 | NET_COUNT_PPP_PAP(net_count_ppp_upap_in_octets, input->len);
|
---|
227 | NET_COUNT_PPP_PAP(net_count_ppp_upap_in_packets, 1);
|
---|
228 |
|
---|
229 | /* PPP ãªã³ã¯å¶å¾¡ (CP) ãããããçããã°ã¨ã©ã¼ */
|
---|
230 | if (input->len < (sizeof(T_PPP_HDR) + sizeof(T_PPP_CP_HDR))) {
|
---|
231 | syslog(LOG_WARNING, "[PPP/PAP] short hdr: %d.", input->len);
|
---|
232 | return;
|
---|
233 | }
|
---|
234 |
|
---|
235 | hdr = GET_PPP_CP_HDR(input);
|
---|
236 |
|
---|
237 | /* ãããã®é·ãã¨å
|
---|
238 | ¥åãã¼ã¿ãµã¤ãºãä¸è´ããªããã°ã¨ã©ã¼ */
|
---|
239 | if (hdr->len != input->len - sizeof(T_PPP_HDR)) {
|
---|
240 | syslog(LOG_WARNING, "[PPP/PAP] bad len: %d.", hdr->len);
|
---|
241 | return;
|
---|
242 | }
|
---|
243 |
|
---|
244 | /*
|
---|
245 | * å¶å¾¡ã³ã¼ãã«ããé©å½ãªé¢æ°ãå¼åºã
|
---|
246 | */
|
---|
247 |
|
---|
248 | switch (hdr->code) {
|
---|
249 |
|
---|
250 | #ifdef AUTH_CFG_CLIENT
|
---|
251 |
|
---|
252 | case PAP_AUTHACK:
|
---|
253 | upap_rauthack();
|
---|
254 | break;
|
---|
255 |
|
---|
256 | case PAP_AUTHNAK:
|
---|
257 | upap_rauthnak();
|
---|
258 | break;
|
---|
259 |
|
---|
260 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
261 |
|
---|
262 | #ifdef AUTH_CFG_SERVER
|
---|
263 |
|
---|
264 | case PAP_AUTHREQ:
|
---|
265 | upap_rauthreq(input);
|
---|
266 | break;
|
---|
267 |
|
---|
268 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
269 |
|
---|
270 | }
|
---|
271 | }
|
---|
272 |
|
---|
273 | /*
|
---|
274 | * upap_protrej -- Proto-REJ ãåä¿¡ããã¨ãã®å¦ç
|
---|
275 | */
|
---|
276 |
|
---|
277 | static void
|
---|
278 | upap_protrej (void)
|
---|
279 | {
|
---|
280 | #ifdef AUTH_CFG_CLIENT
|
---|
281 |
|
---|
282 | if (client_state == PAP_CS_AUTHREQ)
|
---|
283 | syslog(LOG_WARNING, "[PPP/PAP] proto-rej recved.");
|
---|
284 |
|
---|
285 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
286 |
|
---|
287 | #ifdef AUTH_CFG_SERVER
|
---|
288 |
|
---|
289 | if (server_state == PAP_SS_LISTEN) {
|
---|
290 | syslog(LOG_WARNING, "[PPP/PAP] proto-rej recved.");
|
---|
291 | lcp_close();
|
---|
292 | }
|
---|
293 |
|
---|
294 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
295 |
|
---|
296 | upap_lowerdown();
|
---|
297 | }
|
---|
298 |
|
---|
299 | /*
|
---|
300 | * upap_lowerup -- UPAP ä¸ä½å±¤ãèµ·åããã
|
---|
301 | */
|
---|
302 |
|
---|
303 | static void
|
---|
304 | upap_lowerup (void)
|
---|
305 | {
|
---|
306 | #ifdef AUTH_CFG_CLIENT
|
---|
307 |
|
---|
308 | if (client_state == PAP_CS_INIT)
|
---|
309 | client_state = PAP_CS_CLOSED;
|
---|
310 | else if (client_state == PAP_CS_PENDING)
|
---|
311 | upap_sauthreq();
|
---|
312 |
|
---|
313 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
314 |
|
---|
315 | #ifdef AUTH_CFG_SERVER
|
---|
316 |
|
---|
317 | if (server_state == PAP_SS_INIT)
|
---|
318 | server_state = PAP_SS_CLOSED;
|
---|
319 | else if (server_state == PAP_SS_PENDING) {
|
---|
320 | server_state = PAP_SS_LISTEN;
|
---|
321 |
|
---|
322 | #if defined(DEF_PAP_REQTIME)
|
---|
323 |
|
---|
324 | timeout((FP)upap_reqtimeout, NULL, DEF_PAP_REQTIME);
|
---|
325 |
|
---|
326 | #endif /* of #if defined(DEF_PAP_REQTIME) */
|
---|
327 |
|
---|
328 | }
|
---|
329 |
|
---|
330 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
331 | }
|
---|
332 |
|
---|
333 | /*
|
---|
334 | * upap_lowerdown -- UPAP ä¸ä½å±¤ãåæ¢ããã
|
---|
335 | */
|
---|
336 |
|
---|
337 | static void
|
---|
338 | upap_lowerdown (void)
|
---|
339 | {
|
---|
340 | #ifdef AUTH_CFG_CLIENT
|
---|
341 |
|
---|
342 | #if defined(DEF_PAP_TIMEOUT)
|
---|
343 |
|
---|
344 | if (client_state == PAP_CS_AUTHREQ)
|
---|
345 | untimeout((FP)upap_timeout, NULL);
|
---|
346 |
|
---|
347 | #endif /* of #if defined(DEF_PAP_TIMEOUT) */
|
---|
348 |
|
---|
349 | client_state = PAP_CS_INIT;
|
---|
350 |
|
---|
351 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
352 |
|
---|
353 | #ifdef AUTH_CFG_SERVER
|
---|
354 |
|
---|
355 | #if defined(DEF_PAP_REQTIME)
|
---|
356 |
|
---|
357 | if (server_state == PAP_SS_LISTEN)
|
---|
358 | untimeout((FP)upap_reqtimeout, NULL);
|
---|
359 |
|
---|
360 | #endif /* of #if defined(DEF_PAP_REQTIME) */
|
---|
361 |
|
---|
362 | server_state = PAP_SS_INIT;
|
---|
363 |
|
---|
364 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
365 | }
|
---|
366 | #ifdef AUTH_CFG_CLIENT
|
---|
367 |
|
---|
368 | /*
|
---|
369 | * ã¯ã©ã¤ã¢ã³ãã¢ã¼ã㧠PAP èªè¨¼ãéå§ããã
|
---|
370 | */
|
---|
371 |
|
---|
372 | void
|
---|
373 | upap_auth_client (void)
|
---|
374 | {
|
---|
375 | #if defined(DEF_PAP_TIMEOUT)
|
---|
376 |
|
---|
377 | client_rexmt = 0;
|
---|
378 |
|
---|
379 | #endif /* of #if defined(DEF_PAP_TIMEOUT) */
|
---|
380 |
|
---|
381 | if (client_state == PAP_CS_INIT || client_state == PAP_CS_PENDING) {
|
---|
382 | client_state = PAP_CS_PENDING;
|
---|
383 | return;
|
---|
384 | }
|
---|
385 |
|
---|
386 | upap_sauthreq();
|
---|
387 | }
|
---|
388 |
|
---|
389 | /*
|
---|
390 | * upap_rauthack -- èªè¨¼ ACK å¦ç
|
---|
391 | */
|
---|
392 |
|
---|
393 | static void
|
---|
394 | upap_rauthack (void)
|
---|
395 | {
|
---|
396 | if (client_state == PAP_CS_AUTHREQ) {
|
---|
397 | client_state = PAP_CS_OPEN;
|
---|
398 | network_phase();
|
---|
399 | }
|
---|
400 | }
|
---|
401 |
|
---|
402 | /*
|
---|
403 | * upap_rauthnak -- èªè¨¼ NAK å¦ç
|
---|
404 | */
|
---|
405 |
|
---|
406 | static void
|
---|
407 | upap_rauthnak (void)
|
---|
408 | {
|
---|
409 | syslog(LOG_WARNING, "[PPP/PAP] auth-req NAKed.");
|
---|
410 | client_state = PAP_CS_BADAUTH;
|
---|
411 | }
|
---|
412 |
|
---|
413 | /*
|
---|
414 | * upap_sauthreq -- èªè¨¼è¦æ±å¦ç
|
---|
415 | */
|
---|
416 |
|
---|
417 | static void
|
---|
418 | upap_sauthreq (void)
|
---|
419 | {
|
---|
420 | T_NET_BUF *output;
|
---|
421 | uint8_t *data;
|
---|
422 |
|
---|
423 | syscall(get_net_buf(&output, sizeof(T_PPP_HDR) + sizeof(T_PPP_CP_HDR)
|
---|
424 | + sizeof(AUTH_REMOTE_USER) + sizeof(AUTH_REMOTE_PASSWD)));
|
---|
425 |
|
---|
426 | data = output->buf + sizeof(T_PPP_HDR) + sizeof(T_PPP_CP_HDR);
|
---|
427 |
|
---|
428 | /* ã¦ã¼ã¶åãè¨å®ããã*/
|
---|
429 | *data = sizeof(AUTH_REMOTE_USER) - 1;
|
---|
430 | strcpy(data + 1, AUTH_REMOTE_USER);
|
---|
431 |
|
---|
432 | /* ãã¹ã¯ã¼ããè¨å®ããã*/
|
---|
433 | *(data + sizeof(AUTH_REMOTE_USER)) = sizeof(AUTH_REMOTE_PASSWD) - 1;
|
---|
434 | strcpy(data + sizeof(AUTH_REMOTE_USER) + 1, AUTH_REMOTE_PASSWD);
|
---|
435 |
|
---|
436 | /* éä¿¡ãã */
|
---|
437 | IF_SET_PROTO(output, PPP_PAP);
|
---|
438 | ppp_cp_output(PAP_AUTHREQ, ++ client_cp_id, output);
|
---|
439 |
|
---|
440 | #if defined(DEF_PAP_TIMEOUT)
|
---|
441 |
|
---|
442 | timeout((FP)upap_timeout, NULL, DEF_PAP_TIMEOUT);
|
---|
443 | client_rexmt ++;
|
---|
444 |
|
---|
445 | #endif /* of #if defined(DEF_PAP_TIMEOUT) */
|
---|
446 |
|
---|
447 | client_state = PAP_CS_AUTHREQ;
|
---|
448 | }
|
---|
449 |
|
---|
450 | #if defined(DEF_PAP_TIMEOUT)
|
---|
451 |
|
---|
452 | /*
|
---|
453 | * upap_timeout -- ã¿ã¤ã ã¢ã¦ãå¦ç
|
---|
454 | */
|
---|
455 |
|
---|
456 | static void
|
---|
457 | upap_timeout (void *arg)
|
---|
458 | {
|
---|
459 | if (client_state != PAP_CS_AUTHREQ)
|
---|
460 | return;
|
---|
461 |
|
---|
462 | if (client_rexmt >= MAX_PAP_REXMT) {
|
---|
463 | syslog(LOG_WARNING, "[PPP/PAP] no reply auth-req.");
|
---|
464 | client_state = PAP_CS_BADAUTH;
|
---|
465 | return;
|
---|
466 | }
|
---|
467 |
|
---|
468 | upap_sauthreq();
|
---|
469 | }
|
---|
470 |
|
---|
471 | #endif /* of #if defined(DEF_PAP_TIMEOUT) */
|
---|
472 |
|
---|
473 | #endif /* of #ifdef AUTH_CFG_CLIENT */
|
---|
474 |
|
---|
475 | #ifdef AUTH_CFG_SERVER
|
---|
476 |
|
---|
477 | /*
|
---|
478 | * ãµã¼ãã¢ã¼ã㧠PAP èªè¨¼ãéå§ããã
|
---|
479 | */
|
---|
480 |
|
---|
481 | void
|
---|
482 | upap_auth_server (void)
|
---|
483 | {
|
---|
484 | if (server_state == PAP_SS_INIT || server_state == PAP_SS_PENDING) {
|
---|
485 | server_state = PAP_SS_PENDING;
|
---|
486 | return;
|
---|
487 | }
|
---|
488 |
|
---|
489 | server_state = PAP_SS_LISTEN;
|
---|
490 |
|
---|
491 | #if defined(DEF_PAP_REQTIME)
|
---|
492 |
|
---|
493 | timeout((FP)upap_reqtimeout, NULL, DEF_PAP_REQTIME);
|
---|
494 |
|
---|
495 | #endif /* of #if defined(DEF_PAP_REQTIME) */
|
---|
496 | }
|
---|
497 |
|
---|
498 | /*
|
---|
499 | * upap_rauthreq -- èªè¨¼è¦æ±å¿çå¦ç
|
---|
500 | */
|
---|
501 |
|
---|
502 | static void
|
---|
503 | upap_rauthreq (T_NET_BUF *input)
|
---|
504 | {
|
---|
505 | int16_t cplen;
|
---|
506 | uint8_t *data, *user, ulen, plen, code, id;
|
---|
507 |
|
---|
508 | if (server_state < PAP_SS_LISTEN)
|
---|
509 | return;
|
---|
510 |
|
---|
511 | /*
|
---|
512 | * åè¦æ±ããã£ãã¨ãã®å¦ç
|
---|
513 | */
|
---|
514 | id = GET_PPP_CP_HDR(input)->id;
|
---|
515 | if (server_state == PAP_SS_OPEN) {
|
---|
516 | upap_sresp(PAP_AUTHACK, id);
|
---|
517 | return;
|
---|
518 | }
|
---|
519 |
|
---|
520 | if (server_state == PAP_SS_BADAUTH) {
|
---|
521 | upap_sresp(PAP_AUTHNAK, id);
|
---|
522 | return;
|
---|
523 | }
|
---|
524 |
|
---|
525 | cplen = GET_PPP_CP_HDR(input)->len;
|
---|
526 | data = input->buf + sizeof(T_PPP_HDR) + sizeof(T_PPP_CP_HDR);
|
---|
527 |
|
---|
528 | /*
|
---|
529 | * ã¦ã¼ã¶åãç¹å®ããã
|
---|
530 | */
|
---|
531 | ulen = *data;
|
---|
532 | if (cplen < sizeof(T_PPP_CP_HDR) + ulen + sizeof(uint8_t)) {
|
---|
533 | syslog(LOG_WARNING, "[PPP/PAP] bad req len: %d.", cplen);
|
---|
534 | return;
|
---|
535 | }
|
---|
536 | user = ++ data;
|
---|
537 | data += ulen;
|
---|
538 |
|
---|
539 | /*
|
---|
540 | * ãã¹ã¯ã¼ããç¹å®ããã
|
---|
541 | */
|
---|
542 | plen = *data;
|
---|
543 | if (cplen < sizeof(T_PPP_CP_HDR) + ulen + plen + sizeof(uint8_t) * 2) {
|
---|
544 | syslog(LOG_WARNING, "[PPP/PAP] bad req len: %d.", cplen);
|
---|
545 | return;
|
---|
546 | }
|
---|
547 |
|
---|
548 | /*
|
---|
549 | * ã¦ã¼ã¶åã¨ãã¹ã¯ã¼ãããã§ãã¯ããã
|
---|
550 | */
|
---|
551 | if (compare(user, AUTH_LOCAL_USER, ulen) &&
|
---|
552 | compare(data + 1, AUTH_LOCAL_PASSWD, plen))
|
---|
553 | code = PAP_AUTHACK;
|
---|
554 | else
|
---|
555 | code = PAP_AUTHNAK;
|
---|
556 |
|
---|
557 | upap_sresp(code, id);
|
---|
558 |
|
---|
559 | if (code == PAP_AUTHACK) {
|
---|
560 | network_phase();
|
---|
561 | server_state = PAP_SS_OPEN;
|
---|
562 | }
|
---|
563 | else {
|
---|
564 | lcp_close();
|
---|
565 | server_state = PAP_SS_BADAUTH;
|
---|
566 | }
|
---|
567 |
|
---|
568 | #if defined(DEF_PAP_REQTIME)
|
---|
569 |
|
---|
570 | untimeout((FP)upap_reqtimeout, NULL);
|
---|
571 |
|
---|
572 | #endif /* of #if defined(DEF_PAP_REQTIME) */
|
---|
573 | }
|
---|
574 |
|
---|
575 | /*
|
---|
576 | * upap_sresp -- å¿çãè¿ãã
|
---|
577 | */
|
---|
578 |
|
---|
579 | static void
|
---|
580 | upap_sresp (uint8_t code, uint8_t id)
|
---|
581 | {
|
---|
582 | T_NET_BUF *output;
|
---|
583 |
|
---|
584 | /* éä¿¡ãã */
|
---|
585 | syscall(get_net_buf(&output, sizeof(T_PPP_HDR) + sizeof(T_PPP_CP_HDR)));
|
---|
586 | IF_SET_PROTO(output, PPP_PAP);
|
---|
587 | ppp_cp_output(code, id, output);
|
---|
588 | }
|
---|
589 |
|
---|
590 | /*
|
---|
591 | * compare -- ã¦ã¼ã¶åã¨ãã¹ã¯ã¼ãã®æ¯è¼
|
---|
592 | */
|
---|
593 |
|
---|
594 | static bool_t
|
---|
595 | compare (uint8_t *rstr, uint8_t *lstr, uint8_t rlen)
|
---|
596 | {
|
---|
597 | while (rlen -- > 0) {
|
---|
598 | if (*rstr != *lstr)
|
---|
599 | return false;
|
---|
600 | rstr ++;
|
---|
601 | lstr ++;
|
---|
602 | }
|
---|
603 | return *lstr ? false : true;
|
---|
604 | }
|
---|
605 |
|
---|
606 | #if defined(DEF_PAP_REQTIME)
|
---|
607 |
|
---|
608 | /*
|
---|
609 | * upap_reqtimeout -- è¦æ±ã¿ã¤ã ã¢ã¦ãå¦ç
|
---|
610 | */
|
---|
611 |
|
---|
612 | static void
|
---|
613 | upap_reqtimeout (void *arg)
|
---|
614 | {
|
---|
615 | if (server_state == PAP_SS_LISTEN) {
|
---|
616 | lcp_close();
|
---|
617 | server_state = PAP_SS_BADAUTH;
|
---|
618 | }
|
---|
619 | }
|
---|
620 |
|
---|
621 | #endif /* of #if defined(DEF_PAP_REQTIME) */
|
---|
622 |
|
---|
623 | #endif /* of #ifdef AUTH_CFG_SERVER */
|
---|
624 |
|
---|
625 | #endif /* fo #ifdef SUPPORT_PPP */
|
---|