X-Git-Url: http://git.ozlabs.org/?p=ppp.git;a=blobdiff_plain;f=pppd%2Fchap.c;h=06c17e8bfdf71daeb31fef91e1f3bdc39a618cfa;hp=2fcd3a5ae8301e7963886a4317e63d0641b1a547;hb=bfa20ccde2a70b1252dbb614132f1a4cbee815d4;hpb=82560dd131f497476d2ae1eddc5ac5005ffb3e2c

diff --git a/pppd/chap.c b/pppd/chap.c
index 2fcd3a5..06c17e8 100644
--- a/pppd/chap.c
+++ b/pppd/chap.c
@@ -34,7 +34,7 @@
  */
 
 #ifndef lint
-static char rcsid[] = "$Id: chap.c,v 1.13 1996/07/01 01:12:09 paulus Exp $";
+static char rcsid[] = "$Id: chap.c,v 1.16 1998/11/07 06:59:26 paulus Exp $";
 #endif
 
 /*
@@ -54,6 +54,23 @@ static char rcsid[] = "$Id: chap.c,v 1.13 1996/07/01 01:12:09 paulus Exp $";
 #include "chap_ms.h"
 #endif
 
+/*
+ * Command-line options.
+ */
+static option_t chap_option_list[] = {
+    { "chap-restart", o_int, &chap[0].timeouttime,
+      "Set timeout for CHAP" },
+    { "chap-max-challenge", o_int, &chap[0].max_transmits,
+      "Set max #xmits for challenge" },
+    { "chap-interval", o_int, &chap[0].chal_interval,
+      "Set interval for rechallenge" },
+#ifdef MSLANMAN
+    { "ms-lanman", o_bool, &ms_lanman,
+      "Use LanMan psswd when using MS-CHAP", 1 },
+#endif
+    { NULL }
+};
+
 /*
  * Protocol entry points.
  */
@@ -78,6 +95,7 @@ struct protent chap_protent = {
     NULL,
     1,
     "CHAP",
+    chap_option_list,
     NULL,
     NULL,
     NULL
@@ -85,9 +103,10 @@ struct protent chap_protent = {
 
 chap_state chap[NUM_PPP];		/* CHAP state; one for each unit */
 
-static void ChapChallengeTimeout __P((caddr_t));
-static void ChapResponseTimeout __P((caddr_t));
+static void ChapChallengeTimeout __P((void *));
+static void ChapResponseTimeout __P((void *));
 static void ChapReceiveChallenge __P((chap_state *, u_char *, int, int));
+static void ChapRechallenge __P((void *));
 static void ChapReceiveResponse __P((chap_state *, u_char *, int, int));
 static void ChapReceiveSuccess __P((chap_state *, u_char *, int, int));
 static void ChapReceiveFailure __P((chap_state *, u_char *, int, int));
@@ -181,7 +200,7 @@ ChapAuthPeer(unit, our_name, digest)
  */
 static void
 ChapChallengeTimeout(arg)
-    caddr_t arg;
+    void *arg;
 {
     chap_state *cstate = (chap_state *) arg;
   
@@ -208,7 +227,7 @@ ChapChallengeTimeout(arg)
  */
 static void
 ChapResponseTimeout(arg)
-    caddr_t arg;
+    void *arg;
 {
     chap_state *cstate = (chap_state *) arg;
 
@@ -225,7 +244,7 @@ ChapResponseTimeout(arg)
  */
 static void
 ChapRechallenge(arg)
-    caddr_t arg;
+    void *arg;
 {
     chap_state *cstate = (chap_state *) arg;
 
@@ -279,12 +298,12 @@ ChapLowerDown(unit)
     /* Timeout(s) pending?  Cancel if so. */
     if (cstate->serverstate == CHAPSS_INITIAL_CHAL ||
 	cstate->serverstate == CHAPSS_RECHALLENGE)
-	UNTIMEOUT(ChapChallengeTimeout, (caddr_t) cstate);
+	UNTIMEOUT(ChapChallengeTimeout, cstate);
     else if (cstate->serverstate == CHAPSS_OPEN
 	     && cstate->chal_interval != 0)
-	UNTIMEOUT(ChapRechallenge, (caddr_t) cstate);
+	UNTIMEOUT(ChapRechallenge, cstate);
     if (cstate->clientstate == CHAPCS_RESPONSE)
-	UNTIMEOUT(ChapResponseTimeout, (caddr_t) cstate);
+	UNTIMEOUT(ChapResponseTimeout, cstate);
 
     cstate->clientstate = CHAPCS_INITIAL;
     cstate->serverstate = CHAPSS_INITIAL;
@@ -389,6 +408,7 @@ ChapReceiveChallenge(cstate, inp, id, len)
     char secret[MAXSECRETLEN];
     char rhostname[256];
     MD5_CTX mdContext;
+    u_char hash[MD5_SIGNATURE_SIZE];
  
     CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: Rcvd id %d.", id));
     if (cstate->clientstate == CHAPCS_CLOSED ||
@@ -421,8 +441,9 @@ ChapReceiveChallenge(cstate, inp, id, len)
 	       rhostname));
 
     /* Microsoft doesn't send their name back in the PPP packet */
-    if (rhostname[0] == 0 && cstate->resp_type == CHAP_MICROSOFT) {
-	strcpy(rhostname, remote_name);
+    if (remote_name[0] != 0 && (explicit_remote || rhostname[0] == 0)) {
+	strncpy(rhostname, remote_name, sizeof(rhostname));
+	rhostname[sizeof(rhostname) - 1] = 0;
 	CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: using '%s' as remote name",
 		   rhostname));
     }
@@ -437,7 +458,7 @@ ChapReceiveChallenge(cstate, inp, id, len)
 
     /* cancel response send timeout if necessary */
     if (cstate->clientstate == CHAPCS_RESPONSE)
-	UNTIMEOUT(ChapResponseTimeout, (caddr_t) cstate);
+	UNTIMEOUT(ChapResponseTimeout, cstate);
 
     cstate->resp_id = id;
     cstate->resp_transmits = 0;
@@ -450,8 +471,8 @@ ChapReceiveChallenge(cstate, inp, id, len)
 	MD5Update(&mdContext, &cstate->resp_id, 1);
 	MD5Update(&mdContext, secret, secret_len);
 	MD5Update(&mdContext, rchallenge, rchallenge_len);
-	MD5Final(&mdContext);
-	BCOPY(mdContext.digest, cstate->response, MD5_SIGNATURE_SIZE);
+	MD5Final(hash, &mdContext);
+	BCOPY(hash, cstate->response, MD5_SIGNATURE_SIZE);
 	cstate->resp_length = MD5_SIGNATURE_SIZE;
 	break;
 
@@ -487,6 +508,7 @@ ChapReceiveResponse(cstate, inp, id, len)
     char rhostname[256];
     MD5_CTX mdContext;
     char secret[MAXSECRETLEN];
+    u_char hash[MD5_SIGNATURE_SIZE];
 
     CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: Rcvd id %d.", id));
 
@@ -528,7 +550,7 @@ ChapReceiveResponse(cstate, inp, id, len)
 	return;
     }
 
-    UNTIMEOUT(ChapChallengeTimeout, (caddr_t) cstate);
+    UNTIMEOUT(ChapChallengeTimeout, cstate);
 
     if (len >= sizeof(rhostname))
 	len = sizeof(rhostname) - 1;
@@ -559,10 +581,10 @@ ChapReceiveResponse(cstate, inp, id, len)
 	    MD5Update(&mdContext, &cstate->chal_id, 1);
 	    MD5Update(&mdContext, secret, secret_len);
 	    MD5Update(&mdContext, cstate->challenge, cstate->chal_len);
-	    MD5Final(&mdContext); 
+	    MD5Final(hash, &mdContext); 
 
 	    /* compare local and remote MDs and send the appropriate status */
-	    if (memcmp (mdContext.digest, remmd, MD5_SIGNATURE_SIZE) == 0)
+	    if (memcmp (hash, remmd, MD5_SIGNATURE_SIZE) == 0)
 		code = CHAP_SUCCESS;	/* they are the same! */
 	    break;
 
@@ -581,10 +603,13 @@ ChapReceiveResponse(cstate, inp, id, len)
 	    auth_peer_success(cstate->unit, PPP_CHAP, rhostname, len);
 	}
 	if (cstate->chal_interval != 0)
-	    TIMEOUT(ChapRechallenge, (caddr_t) cstate, cstate->chal_interval);
+	    TIMEOUT(ChapRechallenge, cstate, cstate->chal_interval);
+	syslog(LOG_NOTICE, "CHAP peer authentication succeeded for %s",
+	       rhostname);
 
     } else {
-	syslog(LOG_ERR, "CHAP peer authentication failed");
+	syslog(LOG_ERR, "CHAP peer authentication failed for remote host %s",
+	       rhostname);
 	cstate->serverstate = CHAPSS_BADAUTH;
 	auth_peer_fail(cstate->unit, PPP_CHAP);
     }
@@ -614,7 +639,7 @@ ChapReceiveSuccess(cstate, inp, id, len)
 	return;
     }
 
-    UNTIMEOUT(ChapResponseTimeout, (caddr_t) cstate);
+    UNTIMEOUT(ChapResponseTimeout, cstate);
 
     /*
      * Print message.
@@ -647,7 +672,7 @@ ChapReceiveFailure(cstate, inp, id, len)
 	return;
     }
 
-    UNTIMEOUT(ChapResponseTimeout, (caddr_t) cstate);
+    UNTIMEOUT(ChapResponseTimeout, cstate);
 
     /*
      * Print message.
@@ -692,7 +717,7 @@ ChapSendChallenge(cstate)
   
     CHAPDEBUG((LOG_INFO, "ChapSendChallenge: Sent id %d.", cstate->chal_id));
 
-    TIMEOUT(ChapChallengeTimeout, (caddr_t) cstate, cstate->timeouttime);
+    TIMEOUT(ChapChallengeTimeout, cstate, cstate->timeouttime);
     ++cstate->chal_transmits;
 }
 
@@ -792,7 +817,7 @@ ChapSendResponse(cstate)
     output(cstate->unit, outpacket_buf, outlen + PPP_HDRLEN);
 
     cstate->clientstate = CHAPCS_RESPONSE;
-    TIMEOUT(ChapResponseTimeout, (caddr_t) cstate, cstate->timeouttime);
+    TIMEOUT(ChapResponseTimeout, cstate, cstate->timeouttime);
     ++cstate->resp_transmits;
 }