2 * upap.h - User/Password Authentication Protocol definitions.
4 * Copyright (c) 1984-2000 Carnegie Mellon University. All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
18 * 3. The name "Carnegie Mellon University" must not be used to
19 * endorse or promote products derived from this software without
20 * prior written permission. For permission or any legal
21 * details, please contact
22 * Office of Technology Transfer
23 * Carnegie Mellon University
25 * Pittsburgh, PA 15213-3890
26 * (412) 268-4387, fax: (412) 268-7395
27 * tech-transfer@andrew.cmu.edu
29 * 4. Redistributions of any form whatsoever must retain the following
31 * "This product includes software developed by Computing Services
32 * at Carnegie Mellon University (http://www.cmu.edu/computing/)."
34 * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
35 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
36 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
37 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
38 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
39 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
40 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
53 * Packet header = Code, id, length.
55 #define UPAP_HEADERLEN 4
61 #define UPAP_AUTHREQ 1 /* Authenticate-Request */
62 #define UPAP_AUTHACK 2 /* Authenticate-Ack */
63 #define UPAP_AUTHNAK 3 /* Authenticate-Nak */
67 * Each interface is described by upap structure.
69 typedef struct upap_state {
70 int us_unit; /* Interface unit number */
71 char *us_user; /* User */
72 int us_userlen; /* User length */
73 char *us_passwd; /* Password */
74 int us_passwdlen; /* Password length */
75 int us_clientstate; /* Client state */
76 int us_serverstate; /* Server state */
77 unsigned char us_id; /* Current id */
78 int us_timeouttime; /* Timeout (seconds) for auth-req retrans. */
79 int us_transmits; /* Number of auth-reqs sent */
80 int us_maxtransmits; /* Maximum number of auth-reqs to send */
81 int us_reqtimeout; /* Time to wait for auth-req from peer */
88 #define UPAPCS_INITIAL 0 /* Connection down */
89 #define UPAPCS_CLOSED 1 /* Connection up, haven't requested auth */
90 #define UPAPCS_PENDING 2 /* Connection down, have requested auth */
91 #define UPAPCS_AUTHREQ 3 /* We've sent an Authenticate-Request */
92 #define UPAPCS_OPEN 4 /* We've received an Ack */
93 #define UPAPCS_BADAUTH 5 /* We've received a Nak */
98 #define UPAPSS_INITIAL 0 /* Connection down */
99 #define UPAPSS_CLOSED 1 /* Connection up, haven't requested auth */
100 #define UPAPSS_PENDING 2 /* Connection down, have requested auth */
101 #define UPAPSS_LISTEN 3 /* Listening for an Authenticate */
102 #define UPAPSS_OPEN 4 /* We've sent an Ack */
103 #define UPAPSS_BADAUTH 5 /* We've sent a Nak */
109 #define UPAP_DEFTIMEOUT 3 /* Timeout (seconds) for retransmitting req */
110 #define UPAP_DEFREQTIME 30 /* Time to wait for auth-req from peer */
112 extern upap_state upap[];
114 void upap_authwithpeer(int, char *, char *);
115 void upap_authpeer(int);
117 extern struct protent pap_protent;
119 typedef int (pap_check_hook_fn)(void);
120 typedef int (pap_auth_hook_fn)(char *user, char *passwd, char **msgp,
121 struct wordlist **paddrs,
122 struct wordlist **popts);
123 typedef void (pap_logout_hook_fn)(void);
124 typedef int (pap_passwd_hook_fn)(char *user, char *passwd);
127 * This function will return a value of 1 to indicate that a plugin intent to
128 * supply a username or a password through the pap_auth_hook callback.
130 * A return value of > 0 will avoid parsing pap-secrets file.
132 extern pap_check_hook_fn *pap_check_hook;
135 * This hook is used to check if a username and password matches against the
138 extern pap_auth_hook_fn *pap_auth_hook;
141 * Hook for plugin to know about PAP user logout.
143 extern pap_logout_hook_fn *pap_logout_hook;
146 * A plugin can chose to supply its own user and password overriding what
147 * previously has been configured. Hook is only valid when pppd is acting
150 extern pap_passwd_hook_fn *pap_passwd_hook;