#include "upap.h"
#include "chap-new.h"
#include "eap.h"
-#ifdef USE_EAPTLS
+#ifdef PPP_WITH_EAPTLS
#include "eap-tls.h"
#endif
#ifdef PPP_WITH_CBCP
/* Hook for a plugin to get the CHAP password for authenticating us */
int (*chap_passwd_hook)(char *user, char *passwd) = NULL;
-#ifdef USE_EAPTLS
+#ifdef PPP_WITH_EAPTLS
/* Hook for a plugin to get the EAP-TLS password for authenticating us */
int (*eaptls_passwd_hook)(char *user, char *passwd) = NULL;
#endif
bool explicit_passwd = 0; /* Set if "password" option supplied */
char remote_name[MAXNAMELEN]; /* Peer's name for authentication */
-#if defined(USE_EAPTLS) || defined(USE_PEAP)
+#if defined(PPP_WITH_EAPTLS) || defined(PPP_WITH_PEAP)
char *cacert_file = NULL; /* CA certificate file (pem format) */
char *ca_path = NULL; /* Directory with CA certificates */
char *crl_dir = NULL; /* Directory containing CRL files */
bool tls_verify_key_usage = 0; /* Verify peer certificate key usage */
#endif
-#if defined(USE_EAPTLS)
+#if defined(PPP_WITH_EAPTLS)
char *cert_file = NULL; /* Client certificate file (pem format) */
char *privkey_file = NULL; /* Client private key file (pem format) */
char *pkcs12_file = NULL; /* Client private key envelope file (pkcs12 format) */
static int have_srp_secret(char *client, char *server, int need_ip,
int *lacks_ipp);
-#ifdef USE_EAPTLS
+#ifdef PPP_WITH_EAPTLS
static int have_eaptls_secret_server
(char *client, char *server, int need_ip, int *lacks_ipp);
static int have_eaptls_secret_client (char *client, char *server);
static void check_access (FILE *, char *);
static int wordlist_count (struct wordlist *);
-#ifdef MAXOCTETS
+#ifdef PPP_WITH_MAXOCTETS
static void check_maxoctets (void *);
#endif
"Set telephone number(s) which are allowed to connect",
OPT_PRIV | OPT_A2LIST },
-#if defined(USE_EAPTLS) || defined(USE_PEAP)
+#if defined(PPP_WITH_EAPTLS) || defined(PPP_WITH_PEAP)
{ "ca", o_string, &cacert_file, "CA certificate in PEM format" },
{ "capath", o_string, &ca_path, "TLS CA certificate directory" },
{ "crl-dir", o_string, &crl_dir, "Use CRLs in directory" },
"Verify peer by method (none|subject|name|suffix)" },
#endif
-#if defined(USE_EAPTLS)
+#if defined(PPP_WITH_EAPTLS)
{ "cert", o_string, &cert_file, "client certificate in PEM format" },
{ "key", o_string, &privkey_file, "client private key in PEM format" },
{ "pkcs12", o_string, &pkcs12_file, "EAP-TLS client credentials in PKCS12 format" },
{ "need-peer-eap", o_bool, &need_peer_eap,
"Require the peer to authenticate us", 1 },
-#endif
+#endif /* PPP_WITH_EAPTLS */
{ NULL }
};
lcp_options *wo = &lcp_wantoptions[unit];
lcp_options *go = &lcp_gotoptions[unit];
lcp_options *ho = &lcp_hisoptions[unit];
-#ifdef USE_EAPTLS
+#ifdef PPP_WITH_EAPTLS
lcp_options *ao = &lcp_allowoptions[unit];
#endif
int i;
}
}
-#ifdef USE_EAPTLS
+#ifdef PPP_WITH_EAPTLS
if (need_peer_eap && !ao->neg_eap) {
warn("eap required to authenticate us but no suitable secrets");
lcp_close(unit, "couldn't negotiate eap");
}
#endif /* PPP_WITH_MULTILINK */
-#ifdef PPP_FILTER
+#ifdef PPP_WITH_FILTER
if (!demand)
set_filters(&pass_filter, &active_filter);
#endif
if (maxconnect > 0)
TIMEOUT(connect_time_expired, 0, maxconnect);
-#ifdef MAXOCTETS
+#ifdef PPP_WITH_MAXOCTETS
if (maxoctets > 0)
TIMEOUT(check_maxoctets, NULL, maxoctets_timeout);
#endif
if (--num_np_up == 0) {
UNTIMEOUT(check_idle, NULL);
UNTIMEOUT(connect_time_expired, NULL);
-#ifdef MAXOCTETS
+#ifdef PPP_WITH_MAXOCTETS
UNTIMEOUT(check_maxoctets, NULL);
#endif
new_phase(PHASE_NETWORK);
}
}
-#ifdef MAXOCTETS
+#ifdef PPP_WITH_MAXOCTETS
static void
check_maxoctets(void *arg)
{
our_name, 1, &lacks_ip);
}
-#ifdef USE_EAPTLS
+#ifdef PPP_WITH_EAPTLS
if (!can_auth && wo->neg_eap) {
can_auth =
have_eaptls_secret_server((explicit_remote ? remote_name :
(hadchap == 1 || (hadchap == -1 && have_chap_secret(user,
(explicit_remote? remote_name: NULL), 0, NULL))) ||
have_srp_secret(user, (explicit_remote? remote_name: NULL), 0, NULL)
-#ifdef USE_EAPTLS
+#ifdef PPP_WITH_EAPTLS
|| have_eaptls_secret_client(user, (explicit_remote? remote_name: NULL))
#endif
);
1, NULL))) &&
!have_srp_secret((explicit_remote? remote_name: NULL), our_name, 1,
NULL)
-#ifdef USE_EAPTLS
+#ifdef PPP_WITH_EAPTLS
&& !have_eaptls_secret_server((explicit_remote? remote_name: NULL),
our_name, 1, NULL)
#endif
}
-#ifdef USE_EAPTLS
+#ifdef PPP_WITH_EAPTLS
static int
have_eaptls_secret_server(char *client, char *server,
int need_ip, int *lacks_ipp)