*/
#ifndef lint
-static char rcsid[] = "$Id: chap.c,v 1.13 1996/07/01 01:12:09 paulus Exp $";
+static char rcsid[] = "$Id: chap.c,v 1.15 1997/11/27 06:07:48 paulus Exp $";
#endif
/*
chap_state chap[NUM_PPP]; /* CHAP state; one for each unit */
-static void ChapChallengeTimeout __P((caddr_t));
-static void ChapResponseTimeout __P((caddr_t));
+static void ChapChallengeTimeout __P((void *));
+static void ChapResponseTimeout __P((void *));
static void ChapReceiveChallenge __P((chap_state *, u_char *, int, int));
+static void ChapRechallenge __P((void *));
static void ChapReceiveResponse __P((chap_state *, u_char *, int, int));
static void ChapReceiveSuccess __P((chap_state *, u_char *, int, int));
static void ChapReceiveFailure __P((chap_state *, u_char *, int, int));
*/
static void
ChapChallengeTimeout(arg)
- caddr_t arg;
+ void *arg;
{
chap_state *cstate = (chap_state *) arg;
*/
static void
ChapResponseTimeout(arg)
- caddr_t arg;
+ void *arg;
{
chap_state *cstate = (chap_state *) arg;
*/
static void
ChapRechallenge(arg)
- caddr_t arg;
+ void *arg;
{
chap_state *cstate = (chap_state *) arg;
/* Timeout(s) pending? Cancel if so. */
if (cstate->serverstate == CHAPSS_INITIAL_CHAL ||
cstate->serverstate == CHAPSS_RECHALLENGE)
- UNTIMEOUT(ChapChallengeTimeout, (caddr_t) cstate);
+ UNTIMEOUT(ChapChallengeTimeout, cstate);
else if (cstate->serverstate == CHAPSS_OPEN
&& cstate->chal_interval != 0)
- UNTIMEOUT(ChapRechallenge, (caddr_t) cstate);
+ UNTIMEOUT(ChapRechallenge, cstate);
if (cstate->clientstate == CHAPCS_RESPONSE)
- UNTIMEOUT(ChapResponseTimeout, (caddr_t) cstate);
+ UNTIMEOUT(ChapResponseTimeout, cstate);
cstate->clientstate = CHAPCS_INITIAL;
cstate->serverstate = CHAPSS_INITIAL;
char secret[MAXSECRETLEN];
char rhostname[256];
MD5_CTX mdContext;
+ u_char hash[MD5_SIGNATURE_SIZE];
CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: Rcvd id %d.", id));
if (cstate->clientstate == CHAPCS_CLOSED ||
rhostname));
/* Microsoft doesn't send their name back in the PPP packet */
- if (rhostname[0] == 0 && cstate->resp_type == CHAP_MICROSOFT) {
- strcpy(rhostname, remote_name);
+ if (remote_name[0] != 0 && (explicit_remote || rhostname[0] == 0)) {
+ strncpy(rhostname, remote_name, sizeof(rhostname));
+ rhostname[sizeof(rhostname) - 1] = 0;
CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: using '%s' as remote name",
rhostname));
}
/* cancel response send timeout if necessary */
if (cstate->clientstate == CHAPCS_RESPONSE)
- UNTIMEOUT(ChapResponseTimeout, (caddr_t) cstate);
+ UNTIMEOUT(ChapResponseTimeout, cstate);
cstate->resp_id = id;
cstate->resp_transmits = 0;
MD5Update(&mdContext, &cstate->resp_id, 1);
MD5Update(&mdContext, secret, secret_len);
MD5Update(&mdContext, rchallenge, rchallenge_len);
- MD5Final(&mdContext);
- BCOPY(mdContext.digest, cstate->response, MD5_SIGNATURE_SIZE);
+ MD5Final(hash, &mdContext);
+ BCOPY(hash, cstate->response, MD5_SIGNATURE_SIZE);
cstate->resp_length = MD5_SIGNATURE_SIZE;
break;
char rhostname[256];
MD5_CTX mdContext;
char secret[MAXSECRETLEN];
+ u_char hash[MD5_SIGNATURE_SIZE];
CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: Rcvd id %d.", id));
return;
}
- UNTIMEOUT(ChapChallengeTimeout, (caddr_t) cstate);
+ UNTIMEOUT(ChapChallengeTimeout, cstate);
if (len >= sizeof(rhostname))
len = sizeof(rhostname) - 1;
MD5Update(&mdContext, &cstate->chal_id, 1);
MD5Update(&mdContext, secret, secret_len);
MD5Update(&mdContext, cstate->challenge, cstate->chal_len);
- MD5Final(&mdContext);
+ MD5Final(hash, &mdContext);
/* compare local and remote MDs and send the appropriate status */
- if (memcmp (mdContext.digest, remmd, MD5_SIGNATURE_SIZE) == 0)
+ if (memcmp (hash, remmd, MD5_SIGNATURE_SIZE) == 0)
code = CHAP_SUCCESS; /* they are the same! */
break;
auth_peer_success(cstate->unit, PPP_CHAP, rhostname, len);
}
if (cstate->chal_interval != 0)
- TIMEOUT(ChapRechallenge, (caddr_t) cstate, cstate->chal_interval);
+ TIMEOUT(ChapRechallenge, cstate, cstate->chal_interval);
+ syslog(LOG_NOTICE, "CHAP peer authentication succeeded for %s",
+ rhostname);
} else {
- syslog(LOG_ERR, "CHAP peer authentication failed");
+ syslog(LOG_ERR, "CHAP peer authentication failed for remote host %s",
+ rhostname);
cstate->serverstate = CHAPSS_BADAUTH;
auth_peer_fail(cstate->unit, PPP_CHAP);
}
return;
}
- UNTIMEOUT(ChapResponseTimeout, (caddr_t) cstate);
+ UNTIMEOUT(ChapResponseTimeout, cstate);
/*
* Print message.
return;
}
- UNTIMEOUT(ChapResponseTimeout, (caddr_t) cstate);
+ UNTIMEOUT(ChapResponseTimeout, cstate);
/*
* Print message.
CHAPDEBUG((LOG_INFO, "ChapSendChallenge: Sent id %d.", cstate->chal_id));
- TIMEOUT(ChapChallengeTimeout, (caddr_t) cstate, cstate->timeouttime);
+ TIMEOUT(ChapChallengeTimeout, cstate, cstate->timeouttime);
++cstate->chal_transmits;
}
output(cstate->unit, outpacket_buf, outlen + PPP_HDRLEN);
cstate->clientstate = CHAPCS_RESPONSE;
- TIMEOUT(ChapResponseTimeout, (caddr_t) cstate, cstate->timeouttime);
+ TIMEOUT(ChapResponseTimeout, cstate, cstate->timeouttime);
++cstate->resp_transmits;
}