AC_ARG_ENABLE([microsoft-extensions],
AS_HELP_STRING([--disable-microsoft-extensions], [Disable Microsoft CHAP / MPPE extensions]))
-AM_CONDITIONAL(WITH_CHAPMS, test "x${enable_microsoft_extensions}" != "xno")
-AM_COND_IF([WITH_CHAPMS],
- AC_DEFINE([CHAPMS], 1, ["Have Microsoft CHAP support"]))
+AM_CONDITIONAL(PPP_WITH_CHAPMS, test "x${enable_microsoft_extensions}" != "xno")
+AM_COND_IF([PPP_WITH_CHAPMS],
+ AC_DEFINE([PPP_WITH_CHAPMS], 1, ["Have Microsoft CHAP support"]))
-AM_CONDITIONAL(WITH_MPPE, test "x${enable_microsoft_extensions}" != "xno")
-AM_COND_IF([WITH_MPPE],
- AC_DEFINE([MPPE], 1, ["Have Microsoft MPPE support"]))
+AM_CONDITIONAL(PPP_WITH_MPPE, test "x${enable_microsoft_extensions}" != "xno")
+AM_COND_IF([PPP_WITH_MPPE],
+ AC_DEFINE([PPP_WITH_MPPE], 1, ["Have Microsoft MPPE support"]))
#
# Enable Microsoft LAN Manager support, depends on Microsoft Extensions
AC_ARG_ENABLE([mslanman],
AS_HELP_STRING([--enable-mslanman], [Enable Microsoft LAN Manager support]))
AS_IF([test "x${enable_mslanman}" = "xyes" && test "x${enable_microsoft_extensions}" != "xno"],
- AC_DEFINE([MSLANMAN], 1, ["Have Microsoft LAN Manager support"]))
+ AC_DEFINE([PPP_WITH_MSLANMAN], 1, ["Have Microsoft LAN Manager support"]))
#
# Disable IPv6 support
pppd_LIBS += -lsocket -lnsl
endif
-if WITH_CHAPMS
+if PPP_WITH_CHAPMS
pppd_SOURCES += chap_ms.c
pppd_SOURCES += pppcrypt.c
check_PROGRAMS += utest_chap
pppd_SOURCES += cbcp.c
endif
-if WITH_MPPE
+if PPP_WITH_MPPE
pppd_SOURCES += mppe.c
endif
bool refuse_pap = 0; /* Don't wanna auth. ourselves with PAP */
bool refuse_chap = 0; /* Don't wanna auth. ourselves with CHAP */
bool refuse_eap = 0; /* Don't wanna auth. ourselves with EAP */
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
bool refuse_mschap = 0; /* Don't wanna auth. ourselves with MS-CHAP */
bool refuse_mschap_v2 = 0; /* Don't wanna auth. ourselves with MS-CHAPv2 */
#else
"Require CHAP authentication from peer",
OPT_ALIAS | OPT_PRIOSUB | OPT_A2OR | MDTYPE_MD5,
&lcp_wantoptions[0].chap_mdtype },
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
{ "require-mschap", o_bool, &auth_required,
"Require MS-CHAP authentication from peer",
OPT_PRIOSUB | OPT_A2OR | MDTYPE_MICROSOFT,
"Don't allow CHAP authentication with peer",
OPT_ALIAS | OPT_A2CLRB | MDTYPE_MD5,
&lcp_allowoptions[0].chap_mdtype },
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
{ "refuse-mschap", o_bool, &refuse_mschap,
"Don't agree to auth to peer with MS-CHAP",
OPT_A2CLRB | MDTYPE_MICROSOFT,
case CHAP_MD5:
bit |= CHAP_MD5_PEER;
break;
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
case CHAP_MICROSOFT:
bit |= CHAP_MS_PEER;
break;
case CHAP_MD5:
bit |= CHAP_MD5_WITHPEER;
break;
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
case CHAP_MICROSOFT:
bit |= CHAP_MS_WITHPEER;
break;
/*
* Option variables.
*/
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
bool refuse_mppe_stateful = 1; /* Allow stateful mode? */
#endif
"don't allow Predictor-1", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
&ccp_allowoptions[0].predictor_1 },
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
/* MPPE options are symmetrical ... we only set wantoptions here */
{ "require-mppe", o_bool, &ccp_wantoptions[0].mppe,
"require MPPE encryption",
fsm_input(f, p, len);
if (oldstate == OPENED && p[0] == TERMREQ && f->state != OPENED) {
notice("Compression disabled by peer.");
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
if (ccp_gotoptions[unit].mppe) {
error("MPPE disabled, closing LCP");
lcp_close(unit, "MPPE disabled by peer");
ccp_flags_set(unit, 0, 0);
fsm_lowerdown(&ccp_fsm[unit]);
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
if (ccp_gotoptions[unit].mppe) {
error("MPPE required but peer negotiation failed");
lcp_close(unit, "MPPE required but peer negotiation failed");
*go = ccp_wantoptions[f->unit];
all_rejected[f->unit] = 0;
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
if (go->mppe) {
ccp_options *ao = &ccp_allowoptions[f->unit];
int auth_mschap_bits = auth_done[f->unit];
ao->predictor_2 = go->predictor_2 = 0;
ao->deflate = go->deflate = 0;
}
-#endif /* MPPE */
/*
* Check whether the kernel knows about the various
* compression methods we might request.
*/
-#ifdef MPPE
if (go->mppe) {
opt_buf[0] = CI_MPPE;
opt_buf[1] = CILEN_MPPE;
lcp_close(f->unit, "MPPE required but not available");
}
}
-#endif
+#endif /* PPP_WITH_MPPE */
if (go->bsd_compress) {
opt_buf[0] = CI_BSD_COMPRESS;
opt_buf[1] = CILEN_BSD_COMPRESS;
* preference order. Get the kernel to allocate the first one
* in case it gets Acked.
*/
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
if (go->mppe) {
u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN];
ccp_options *go = &ccp_gotoptions[f->unit];
u_char *p0 = p;
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
if (go->mppe) {
u_char opt_buf[CILEN_MPPE];
memset(&no, 0, sizeof(no));
try = *go;
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
if (go->mppe && len >= CILEN_MPPE
&& p[0] == CI_MPPE && p[1] == CILEN_MPPE) {
no.mppe = 1;
lcp_close(f->unit, "MPPE required but peer negotiation failed");
}
}
-#endif /* MPPE */
+#endif /* PPP_WITH_MPPE */
if (go->deflate && len >= CILEN_DEFLATE
&& p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
&& p[1] == CILEN_DEFLATE) {
if (len == 0 && all_rejected[f->unit])
return -1;
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
if (go->mppe && len >= CILEN_MPPE
&& p[0] == CI_MPPE && p[1] == CILEN_MPPE) {
error("MPPE required but peer refused");
int len, clen, type, nb;
ccp_options *ho = &ccp_hisoptions[f->unit];
ccp_options *ao = &ccp_allowoptions[f->unit];
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
bool rej_for_ci_mppe = 1; /* Are we rejecting based on a bad/missing */
/* CI_MPPE, or due to other options? */
#endif
clen = p[1];
switch (type) {
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
case CI_MPPE:
if (!ao->mppe || clen != CILEN_MPPE) {
newret = CONFREJ;
*/
rej_for_ci_mppe = 0;
break;
-#endif /* MPPE */
+#endif /* PPP_WITH_MPPE */
case CI_DEFLATE:
case CI_DEFLATE_DRAFT:
if (!ao->deflate || clen != CILEN_DEFLATE
else
*lenp = retp - p0;
}
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
if (ret == CONFREJ && ao->mppe && rej_for_ci_mppe) {
error("MPPE required but peer negotiation failed");
lcp_close(f->unit, "MPPE required but peer negotiation failed");
if (!ANY_COMPRESS(*opt))
return "(none)";
switch (opt->method) {
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
case CI_MPPE:
{
char *p = result;
notice("%s receive compression enabled", method_name(go, NULL));
} else if (ANY_COMPRESS(*ho))
notice("%s transmit compression enabled", method_name(ho, NULL));
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
if (go->mppe) {
mppe_clear_keys();
continue_networks(f->unit); /* Bring up IP et al */
UNTIMEOUT(ccp_rack_timeout, f);
ccp_localstate[f->unit] = 0;
ccp_flags_set(f->unit, 1, 0);
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
if (ccp_gotoptions[f->unit].mppe) {
ccp_gotoptions[f->unit].mppe = 0;
if (lcp_fsm[f->unit].state == OPENED) {
len -= optlen;
optend = p + optlen;
switch (code) {
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
case CI_MPPE:
if (optlen >= CILEN_MPPE) {
u_char mppe_opts;
*/
error("Lost compression sync: disabling compression");
ccp_close(unit, "Lost compression sync");
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
/*
* If we were doing MPPE, we must also take the link down.
*/
#include "chap-new.h"
#include "chap-md5.h"
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
#include "chap_ms.h"
#define MDTYPE_ALL (MDTYPE_MICROSOFT_V2 | MDTYPE_MICROSOFT | MDTYPE_MD5)
#else
memset(&server, 0, sizeof(server));
chap_md5_init();
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
chapms_init();
#endif
}
#include "config.h"
#endif
-#ifdef CHAPMS
-
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "mppe.h"
#ifdef UNIT_TEST
-#undef MPPE
+#undef PPP_WITH_MPPE
#endif
static void ascii2unicode (char[], int, u_char[]);
static void GenerateAuthenticatorResponsePlain
(char*, int, u_char[24], u_char[16], u_char *,
char *, u_char[41]);
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
static void ChapMS_LANMan (u_char *, char *, int, u_char *);
#endif
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
bool ms_lanman = 0; /* Use LanMan password instead of NT */
/* Has meaning only with MS-CHAP challenges */
#endif
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
#ifdef DEBUGMPPEKEY
/* For MPPE debug */
/* Use "[]|}{?/><,`!2&&(" (sans quotes) for RFC 3079 MS-CHAPv2 test value */
* Command-line options.
*/
static option_t chapms_option_list[] = {
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
{ "ms-lanman", o_bool, &ms_lanman,
"Use LanMan passwd when using MS-CHAP", 1 },
#endif
if (response_len != MS_CHAP_RESPONSE_LEN)
goto bad;
-#ifndef MSLANMAN
+#ifndef PPP_WITH_MSLANMAN
if (!response[MS_CHAP_USENT]) {
/* Should really propagate this into the error packet. */
notice("Peer request for LANMAN auth not supported");
/* Generate the expected response. */
ChapMS(challenge, (char *)secret, secret_len, md);
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
/* Determine which part of response to verify against */
if (!response[MS_CHAP_USENT])
diff = memcmp(&response[MS_CHAP_LANMANRESP],
ChallengeResponse(Challenge, PasswordHash, NTResponse);
}
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
static u_char *StdText = (u_char *)"KGS!@#$%"; /* key from rasapi32.dll */
static void
}
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
/*
* Set mppe_xxxx_key from MS-CHAP credentials. (see RFC 3079)
mppe_set_chapv2(PasswordHashHash, NTResponse, IsServer);
}
-#endif /* MPPE */
+#endif /* PPP_WITH_MPPE */
void
ChapMS_NT(rchallenge, secret, secret_len, &response[MS_CHAP_NTRESP]);
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
ChapMS_LANMan(rchallenge, secret, secret_len,
&response[MS_CHAP_LANMANRESP]);
response[MS_CHAP_USENT] = 1;
#endif
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
Set_Start_Key(rchallenge, secret, secret_len);
#endif
}
&response[MS_CHAP2_PEER_CHALLENGE],
rchallenge, user, authResponse);
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
SetMasterKeys(secret, secret_len,
&response[MS_CHAP2_NTRESP], authenticator);
#endif
#endif /* UNIT_TEST */
-
-#endif /* CHAPMS */
size_t len, SSL * ssl, void *arg);
int ssl_new_session_cb(SSL *s, SSL_SESSION *sess);
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
#define EAPTLS_MPPE_KEY_LEN 32
/*
}
}
-#endif /* MPPE */
+#endif /* PPP_WITH_MPPE */
int password_callback (char *buf, int size, int rwflag, void *u)
{
char *clicertfile, char *servcertfile, char *cacertfile,
char *capath, char *pkfile, char *pkcs12, int am_server);
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
void eaptls_gen_mppe_keys(struct eaptls_session *ets, int client);
#endif
#include "eap-tls.h"
#endif /* USE_EAPTLS */
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
#include "chap_ms.h"
#include "chap-new.h"
extern int chapms_strip_domain;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
eap_state eap_states[NUM_PPP]; /* EAP state; one for each unit */
#ifdef USE_SRP
#ifdef USE_EAPTLS
esp->es_client.ea_using_eaptls = 0;
#endif /* USE_EAPTLS */
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
esp->es_client.digest = chap_find_digest(CHAP_MICROSOFT_V2);
esp->es_server.digest = chap_find_digest(CHAP_MICROSOFT_V2);
#endif
}
break;
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
case eapMSCHAPv2Chall:
#endif
case eapMD5Chall:
#endif /* USE_EAPTLS */
}
-#if CHAPMS
+#if PPP_WITH_CHAPMS
/*
* eap_chap_verify_response - check whether the peer's response matches
* what we think it should be. Returns 1 if it does (authentication
auth_peer_fail(esp->es_unit, PPP_EAP);
}
}
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
/*
* Format an EAP Request message and send it to the peer. Message
INCPTR(esp->es_server.ea_namelen, outp);
break;
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
case eapMSCHAPv2Chall:
esp->es_server.digest->generate_challenge(esp->es_challenge);
challen = esp->es_challenge[0];
esp->es_server.ea_namelen);
INCPTR(esp->es_server.ea_namelen, outp);
break;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
#ifdef USE_EAPTLS
case eapTlsStart:
}
#endif /* USE_SRP */
-#if CHAPMS
+#if PPP_WITH_CHAPMS
/*
* Format and send an CHAPV2-Challenge EAP Response message.
*/
/* Check if TLS handshake is finished */
if(eaptls_is_init_finished(ets)) {
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
eaptls_gen_mppe_keys(ets, 1);
#endif
eaptls_free_session(ets);
break;
#endif /* USE_SRP */
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
case EAPT_MSCHAPV2:
if (len < 4) {
error("EAP: received invalid MSCHAPv2 packet, too short");
}
break;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
#ifdef USE_PEAP
case EAPT_PEAP:
}
break;
-#endif /* USE_PEAP */
+#endif // USE_PEAP
default:
info("EAP: unknown authentication type %d; Naking", typenum);
struct eaptls_session *ets;
u_char flags;
#endif /* USE_EAPTLS */
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
u_char opcode;
int (*chap_verifier)(char *, char *, int, struct chap_digest_type *,
unsigned char *, unsigned char *, char *, int);
char response_message[256];
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
/*
* Ignore responses if we're not open
GETCHAR(flags, inp);
if(len == 1 && !flags) { /* Ack = ok */
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
eaptls_gen_mppe_keys( esp->es_server.ea_session, 0 );
#endif
eap_send_success(esp);
break;
#endif /* USE_EAPTLS */
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
case EAPT_MSCHAPV2:
info("EAP: peer proposes MSCHAPv2");
/* If MSCHAPv2 digest was not found, NAK the packet */
}
esp->es_server.ea_state = eapMSCHAPv2Chall;
break;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
default:
dbglog("EAP: peer requesting unknown Type %d", vallen);
TIMEOUT(eap_rechallenge, esp, esp->es_rechallenge);
break;
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
case EAPT_MSCHAPV2:
if (len < 1) {
error("EAP: received MSCHAPv2 with no data");
}
break;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
#ifdef USE_SRP
case EAPT_SRP:
#ifdef USE_EAPTLS
u_char flags;
#endif /* USE_EAPTLS */
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
u_char opcode;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
if (inlen < EAP_HEADERLEN)
return (0);
}
break;
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
case EAPT_MSCHAPV2:
if (len <= 0)
break;
break;
}
break;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
#ifdef USE_EAPTLS
case EAPT_TLS:
}
break;
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
case EAPT_MSCHAPV2:
if (len <= 0)
break;
break;
}
break;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
#ifdef USE_SRP
case EAPT_SRP:
#ifdef USE_EAPTLS
enum eap_state_code ea_prev_state;
#endif
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
struct chap_digest_type *digest;
#endif
u_char ea_id; /* Current id */
} while (/* CONSTCOND */ 0)
-#if MPPE
+#if PPP_WITH_MPPE
/*
* NOTE:
void mppe_set_chapv2(u_char PasswordHashHash[MD4_SIGNATURE_SIZE],
u_char NTResponse[MS_AUTH_NTRESP_LEN], int IsServer);
-#endif // #ifdef MPPE
+#endif // #ifdef PPP_WITH_MPPE
#endif // #ifdef __MPPE_H__
#include "pppd.h"
#include "chap-new.h"
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
#include "chap_ms.h"
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
#include "mppe.h"
#include "md5.h"
#endif
static int get_client_port(char *ifname);
static int radius_allowed_address(u_int32_t addr);
static void radius_acct_interim(void *);
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
static int radius_setmppekeys(VALUE_PAIR *vp, REQUEST_INFO *req_info,
unsigned char *);
static int radius_setmppekeys2(VALUE_PAIR *vp, REQUEST_INFO *req_info);
int result;
int challenge_len, response_len;
u_char cpassword[MAX_RESPONSE_LEN + 1];
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
/* Need the RADIUS secret and Request Authenticator to decode MPPE */
REQUEST_INFO request_info, *req_info = &request_info;
#else
/* return error for types we can't handle */
if ((digest->code != CHAP_MD5)
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
&& (digest->code != CHAP_MICROSOFT)
&& (digest->code != CHAP_MICROSOFT_V2)
#endif
cpassword, MD5_HASH_SIZE + 1, VENDOR_NONE);
break;
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
case CHAP_MICROSOFT:
{
/* MS-CHAP-Challenge and MS-CHAP-Response */
{
u_int32_t remote;
int ms_chap2_success = 0;
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
int mppe_enc_keys = 0; /* whether or not these were received */
int mppe_enc_policy = 0;
int mppe_enc_types = 0;
} else if (vp->vendorcode == VENDOR_MICROSOFT) {
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
switch (vp->attribute) {
case PW_MS_CHAP2_SUCCESS:
if ((vp->lvalue != 43) || strncmp((char*) vp->strvalue + 1, "S=", 2)) {
ms_chap2_success = 1;
break;
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
case PW_MS_CHAP_MPPE_KEYS:
if (radius_setmppekeys(vp, req_info, challenge) < 0) {
slprintf(msg, BUF_LEN,
mppe_enc_types = vp->lvalue; /* save for later */
break;
-#endif /* MPPE */
+#endif /* PPP_WITH_MPPE */
#ifdef MSDNS
case PW_MS_PRIMARY_DNS_SERVER:
ao->dnsaddr[0] = htonl(vp->lvalue);
break;
#endif /* MSDNS */
}
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
}
vp = vp->next;
}
if (digest && (digest->code == CHAP_MICROSOFT_V2) && !ms_chap2_success)
return -1;
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
/*
* Require both policy and key attributes to indicate a valid key.
* Note that if the policy value was '0' we don't set the key!
return 0;
}
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
/**********************************************************************
* %FUNCTION: radius_setmppekeys
* %ARGUMENTS:
return 0;
}
-#endif /* MPPE */
+#endif /* PPP_WITH_MPPE */
/**********************************************************************
* %FUNCTION: radius_acct_start
nt_response = &response[MS_CHAP_NTRESP];
nt_response_size = MS_CHAP_NTRESP_LEN;
} else {
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
lm_response = &response[MS_CHAP_LANMANRESP];
lm_response_size = MS_CHAP_LANMANRESP_LEN;
#else
/* Should really propagate this into the error packet. */
notice("Peer request for LANMAN auth not supported");
return NOT_AUTHENTICATED;
-#endif /* MSLANMAN */
+#endif /* PPP_WITH_MSLANMAN */
}
/* ship off to winbind, and check */
nt_response, nt_response_size,
session_key,
&error_string) == AUTHENTICATED) {
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
mppe_set_chapv1(challenge, session_key);
#endif
slprintf(message, message_space, "Access granted");
&response[MS_CHAP2_NTRESP],
&response[MS_CHAP2_PEER_CHALLENGE],
challenge, user, saresponse);
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
mppe_set_chapv2(session_key, &response[MS_CHAP2_NTRESP],
MS_CHAP2_AUTHENTICATOR);
#endif
extern struct bpf_program active_filter; /* Filter for link-active pkts */
#endif
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
extern bool ms_lanman; /* Use LanMan password instead of NT */
/* Has meaning only with MS-CHAP challenges */
#endif
*/
/* "Have Microsoft CHAP support" */
-#undef CHAPMS
+#undef PPP_WITH_CHAPMS
+
+/* "Have Microsoft LAN Manager support" */
+#undef PPP_WITH_MSLANMAN
/* "Have Microsoft MPPE support" */
-#undef MPPE
+#undef PPP_WITH_MPPE
/* "Have multilink support" */
#undef HAVE_MULTILINK