X-Git-Url: http://git.ozlabs.org/?p=ppp.git;a=blobdiff_plain;f=pppd%2Fupap.c;h=f6bb3ac83f2321634d2cdf70b12241354eb45747;hp=47b3477dfbf06d7e983ccd54343a748ad13d4fb6;hb=642b44a17f5b83cbfbbbca87d85ec0e4d83762cd;hpb=0b63a24d54ba4708c88e31bdd74b0145956c1478 diff --git a/pppd/upap.c b/pppd/upap.c index 47b3477..f6bb3ac 100644 --- a/pppd/upap.c +++ b/pppd/upap.c @@ -18,7 +18,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: upap.c,v 1.1 1993/11/11 03:54:25 paulus Exp $"; +static char rcsid[] = "$Id: upap.c,v 1.10 1996/07/01 01:21:35 paulus Exp $"; #endif /* @@ -26,30 +26,58 @@ static char rcsid[] = "$Id: upap.c,v 1.1 1993/11/11 03:54:25 paulus Exp $"; */ #include +#include #include #include #include -#include "ppp.h" #include "pppd.h" #include "upap.h" - -upap_state upap[NPPP]; /* UPAP state; one for each unit */ - - -static void upap_timeout __ARGS((caddr_t)); -static void upap_rauthreq __ARGS((upap_state *, u_char *, int, int)); -static void upap_rauthack __ARGS((upap_state *, u_char *, int, int)); -static void upap_rauthnak __ARGS((upap_state *, u_char *, int, int)); -static void upap_sauthreq __ARGS((upap_state *)); -static void upap_sresp __ARGS((upap_state *, int, int, char *, int)); +/* + * Protocol entry points. + */ +static void upap_init __P((int)); +static void upap_lowerup __P((int)); +static void upap_lowerdown __P((int)); +static void upap_input __P((int, u_char *, int)); +static void upap_protrej __P((int)); +static int upap_printpkt __P((u_char *, int, + void (*) __P((void *, char *, ...)), void *)); + +struct protent pap_protent = { + PPP_PAP, + upap_init, + upap_input, + upap_protrej, + upap_lowerup, + upap_lowerdown, + NULL, + NULL, + upap_printpkt, + NULL, + 1, + "PAP", + NULL, + NULL, + NULL +}; + +upap_state upap[NUM_PPP]; /* UPAP state; one for each unit */ + +static void upap_timeout __P((caddr_t)); +static void upap_reqtimeout __P((caddr_t)); +static void upap_rauthreq __P((upap_state *, u_char *, int, int)); +static void upap_rauthack __P((upap_state *, u_char *, int, int)); +static void upap_rauthnak __P((upap_state *, u_char *, int, int)); +static void upap_sauthreq __P((upap_state *)); +static void upap_sresp __P((upap_state *, int, int, char *, int)); /* * upap_init - Initialize a UPAP unit. */ -void +static void upap_init(unit) int unit; { @@ -65,6 +93,7 @@ upap_init(unit) u->us_id = 0; u->us_timeouttime = UPAP_DEFTIMEOUT; u->us_maxtransmits = 10; + u->us_reqtimeout = UPAP_DEFREQTIME; } @@ -117,11 +146,13 @@ upap_authpeer(unit) } u->us_serverstate = UPAPSS_LISTEN; + if (u->us_reqtimeout > 0) + TIMEOUT(upap_reqtimeout, (caddr_t) u, u->us_reqtimeout); } /* - * upap_timeout - Timeout expired. + * upap_timeout - Retransmission timer for sending auth-reqs expired. */ static void upap_timeout(arg) @@ -136,7 +167,7 @@ upap_timeout(arg) /* give up in disgust */ syslog(LOG_ERR, "No response to PAP authenticate-requests"); u->us_clientstate = UPAPCS_BADAUTH; - auth_withpeer_fail(u->us_unit, UPAP); + auth_withpeer_fail(u->us_unit, PPP_PAP); return; } @@ -144,12 +175,29 @@ upap_timeout(arg) } +/* + * upap_reqtimeout - Give up waiting for the peer to send an auth-req. + */ +static void +upap_reqtimeout(arg) + caddr_t arg; +{ + upap_state *u = (upap_state *) arg; + + if (u->us_serverstate != UPAPSS_LISTEN) + return; /* huh?? */ + + auth_peer_fail(u->us_unit, PPP_PAP); + u->us_serverstate = UPAPSS_BADAUTH; +} + + /* * upap_lowerup - The lower layer is up. * * Start authenticating if pending. */ -void +static void upap_lowerup(unit) int unit; { @@ -163,8 +211,11 @@ upap_lowerup(unit) if (u->us_serverstate == UPAPSS_INITIAL) u->us_serverstate = UPAPSS_CLOSED; - else if (u->us_serverstate == UPAPSS_PENDING) + else if (u->us_serverstate == UPAPSS_PENDING) { u->us_serverstate = UPAPSS_LISTEN; + if (u->us_reqtimeout > 0) + TIMEOUT(upap_reqtimeout, (caddr_t) u, u->us_reqtimeout); + } } @@ -173,14 +224,16 @@ upap_lowerup(unit) * * Cancel all timeouts. */ -void +static void upap_lowerdown(unit) int unit; { upap_state *u = &upap[unit]; - if (u->us_clientstate == UPAPCS_AUTHREQ) /* Timeout pending? */ + if (u->us_clientstate == UPAPCS_AUTHREQ) /* Timeout pending? */ UNTIMEOUT(upap_timeout, (caddr_t) u); /* Cancel timeout */ + if (u->us_serverstate == UPAPSS_LISTEN && u->us_reqtimeout > 0) + UNTIMEOUT(upap_reqtimeout, (caddr_t) u); u->us_clientstate = UPAPCS_INITIAL; u->us_serverstate = UPAPSS_INITIAL; @@ -192,7 +245,7 @@ upap_lowerdown(unit) * * This shouldn't happen. In any case, pretend lower layer went down. */ -void +static void upap_protrej(unit) int unit; { @@ -200,11 +253,11 @@ upap_protrej(unit) if (u->us_clientstate == UPAPCS_AUTHREQ) { syslog(LOG_ERR, "PAP authentication failed due to protocol-reject"); - auth_withpeer_fail(unit, UPAP); + auth_withpeer_fail(unit, PPP_PAP); } if (u->us_serverstate == UPAPSS_LISTEN) { syslog(LOG_ERR, "PAP authentication of peer failed (protocol-reject)"); - auth_peer_fail(unit, UPAP); + auth_peer_fail(unit, PPP_PAP); } upap_lowerdown(unit); } @@ -213,7 +266,7 @@ upap_protrej(unit) /* * upap_input - Input UPAP packet. */ -void +static void upap_input(unit, inpacket, l) int unit; u_char *inpacket; @@ -230,18 +283,18 @@ upap_input(unit, inpacket, l) */ inp = inpacket; if (l < UPAP_HEADERLEN) { - UPAPDEBUG((LOG_INFO, "upap_input: rcvd short header.")); + UPAPDEBUG((LOG_INFO, "pap_input: rcvd short header.")); return; } GETCHAR(code, inp); GETCHAR(id, inp); GETSHORT(len, inp); if (len < UPAP_HEADERLEN) { - UPAPDEBUG((LOG_INFO, "upap_input: rcvd illegal length.")); + UPAPDEBUG((LOG_INFO, "pap_input: rcvd illegal length.")); return; } if (len > l) { - UPAPDEBUG((LOG_INFO, "upap_input: rcvd short packet.")); + UPAPDEBUG((LOG_INFO, "pap_input: rcvd short packet.")); return; } len -= UPAP_HEADERLEN; @@ -284,7 +337,7 @@ upap_rauthreq(u, inp, id, len) char *msg; int msglen; - UPAPDEBUG((LOG_INFO, "upap_rauth: Rcvd id %d.", id)); + UPAPDEBUG((LOG_INFO, "pap_rauth: Rcvd id %d.", id)); if (u->us_serverstate < UPAPSS_LISTEN) return; @@ -306,20 +359,20 @@ upap_rauthreq(u, inp, id, len) * Parse user/passwd. */ if (len < sizeof (u_char)) { - UPAPDEBUG((LOG_INFO, "upap_rauth: rcvd short packet.")); + UPAPDEBUG((LOG_INFO, "pap_rauth: rcvd short packet.")); return; } GETCHAR(ruserlen, inp); - len -= sizeof (u_char) + ruserlen + sizeof (u_char);; + len -= sizeof (u_char) + ruserlen + sizeof (u_char); if (len < 0) { - UPAPDEBUG((LOG_INFO, "upap_rauth: rcvd short packet.")); + UPAPDEBUG((LOG_INFO, "pap_rauth: rcvd short packet.")); return; } ruser = (char *) inp; INCPTR(ruserlen, inp); GETCHAR(rpasswdlen, inp); if (len < rpasswdlen) { - UPAPDEBUG((LOG_INFO, "upap_rauth: rcvd short packet.")); + UPAPDEBUG((LOG_INFO, "pap_rauth: rcvd short packet.")); return; } rpasswd = (char *) inp; @@ -329,16 +382,20 @@ upap_rauthreq(u, inp, id, len) */ retcode = check_passwd(u->us_unit, ruser, ruserlen, rpasswd, rpasswdlen, &msg, &msglen); + BZERO(rpasswd, rpasswdlen); upap_sresp(u, retcode, id, msg, msglen); if (retcode == UPAP_AUTHACK) { u->us_serverstate = UPAPSS_OPEN; - auth_peer_success(u->us_unit, UPAP); + auth_peer_success(u->us_unit, PPP_PAP, ruser, ruserlen); } else { u->us_serverstate = UPAPSS_BADAUTH; - auth_peer_fail(u->us_unit, UPAP); + auth_peer_fail(u->us_unit, PPP_PAP); } + + if (u->us_reqtimeout > 0) + UNTIMEOUT(upap_reqtimeout, (caddr_t) u); } @@ -355,7 +412,7 @@ upap_rauthack(u, inp, id, len) u_char msglen; char *msg; - UPAPDEBUG((LOG_INFO, "upap_rauthack: Rcvd id %d.", id)); + UPAPDEBUG((LOG_INFO, "pap_rauthack: Rcvd id %d.", id)); if (u->us_clientstate != UPAPCS_AUTHREQ) /* XXX */ return; @@ -363,13 +420,13 @@ upap_rauthack(u, inp, id, len) * Parse message. */ if (len < sizeof (u_char)) { - UPAPDEBUG((LOG_INFO, "upap_rauthack: rcvd short packet.")); + UPAPDEBUG((LOG_INFO, "pap_rauthack: rcvd short packet.")); return; } GETCHAR(msglen, inp); len -= sizeof (u_char); if (len < msglen) { - UPAPDEBUG((LOG_INFO, "upap_rauthack: rcvd short packet.")); + UPAPDEBUG((LOG_INFO, "pap_rauthack: rcvd short packet.")); return; } msg = (char *) inp; @@ -377,7 +434,7 @@ upap_rauthack(u, inp, id, len) u->us_clientstate = UPAPCS_OPEN; - auth_withpeer_success(u->us_unit, UPAP); + auth_withpeer_success(u->us_unit, PPP_PAP); } @@ -394,7 +451,7 @@ upap_rauthnak(u, inp, id, len) u_char msglen; char *msg; - UPAPDEBUG((LOG_INFO, "upap_rauthnak: Rcvd id %d.", id)); + UPAPDEBUG((LOG_INFO, "pap_rauthnak: Rcvd id %d.", id)); if (u->us_clientstate != UPAPCS_AUTHREQ) /* XXX */ return; @@ -402,13 +459,13 @@ upap_rauthnak(u, inp, id, len) * Parse message. */ if (len < sizeof (u_char)) { - UPAPDEBUG((LOG_INFO, "upap_rauthnak: rcvd short packet.")); + UPAPDEBUG((LOG_INFO, "pap_rauthnak: rcvd short packet.")); return; } GETCHAR(msglen, inp); len -= sizeof (u_char); if (len < msglen) { - UPAPDEBUG((LOG_INFO, "upap_rauthnak: rcvd short packet.")); + UPAPDEBUG((LOG_INFO, "pap_rauthnak: rcvd short packet.")); return; } msg = (char *) inp; @@ -417,7 +474,7 @@ upap_rauthnak(u, inp, id, len) u->us_clientstate = UPAPCS_BADAUTH; syslog(LOG_ERR, "PAP authentication failed"); - auth_withpeer_fail(u->us_unit, UPAP); + auth_withpeer_fail(u->us_unit, PPP_PAP); } @@ -435,7 +492,7 @@ upap_sauthreq(u) u->us_userlen + u->us_passwdlen; outp = outpacket_buf; - MAKEHEADER(outp, UPAP); + MAKEHEADER(outp, PPP_PAP); PUTCHAR(UPAP_AUTHREQ, outp); PUTCHAR(++u->us_id, outp); @@ -446,9 +503,9 @@ upap_sauthreq(u) PUTCHAR(u->us_passwdlen, outp); BCOPY(u->us_passwd, outp, u->us_passwdlen); - output(u->us_unit, outpacket_buf, outlen + DLLHEADERLEN); + output(u->us_unit, outpacket_buf, outlen + PPP_HDRLEN); - UPAPDEBUG((LOG_INFO, "upap_sauth: Sent id %d.", u->us_id)); + UPAPDEBUG((LOG_INFO, "pap_sauth: Sent id %d.", u->us_id)); TIMEOUT(upap_timeout, (caddr_t) u, u->us_timeouttime); ++u->us_transmits; @@ -471,14 +528,91 @@ upap_sresp(u, code, id, msg, msglen) outlen = UPAP_HEADERLEN + sizeof (u_char) + msglen; outp = outpacket_buf; - MAKEHEADER(outp, UPAP); + MAKEHEADER(outp, PPP_PAP); PUTCHAR(code, outp); PUTCHAR(id, outp); PUTSHORT(outlen, outp); PUTCHAR(msglen, outp); BCOPY(msg, outp, msglen); - output(u->us_unit, outpacket_buf, outlen + DLLHEADERLEN); + output(u->us_unit, outpacket_buf, outlen + PPP_HDRLEN); + + UPAPDEBUG((LOG_INFO, "pap_sresp: Sent code %d, id %d.", code, id)); +} + +/* + * upap_printpkt - print the contents of a PAP packet. + */ +static char *upap_codenames[] = { + "AuthReq", "AuthAck", "AuthNak" +}; + +static int +upap_printpkt(p, plen, printer, arg) + u_char *p; + int plen; + void (*printer) __P((void *, char *, ...)); + void *arg; +{ + int code, id, len; + int mlen, ulen, wlen; + char *user, *pwd, *msg; + u_char *pstart; + + if (plen < UPAP_HEADERLEN) + return 0; + pstart = p; + GETCHAR(code, p); + GETCHAR(id, p); + GETSHORT(len, p); + if (len < UPAP_HEADERLEN || len > plen) + return 0; + + if (code >= 1 && code <= sizeof(upap_codenames) / sizeof(char *)) + printer(arg, " %s", upap_codenames[code-1]); + else + printer(arg, " code=0x%x", code); + printer(arg, " id=0x%x", id); + len -= UPAP_HEADERLEN; + switch (code) { + case UPAP_AUTHREQ: + if (len < 1) + break; + ulen = p[0]; + if (len < ulen + 2) + break; + wlen = p[ulen + 1]; + if (len < ulen + wlen + 2) + break; + user = (char *) (p + 1); + pwd = (char *) (p + ulen + 2); + p += ulen + wlen + 2; + len -= ulen + wlen + 2; + printer(arg, " user="); + print_string(user, ulen, printer, arg); + printer(arg, " password="); + print_string(pwd, wlen, printer, arg); + break; + case UPAP_AUTHACK: + case UPAP_AUTHNAK: + if (len < 1) + break; + mlen = p[0]; + if (len < mlen + 1) + break; + msg = (char *) (p + 1); + p += mlen + 1; + len -= mlen + 1; + printer(arg, " "); + print_string(msg, mlen, printer, arg); + break; + } + + /* print the rest of the bytes in the packet */ + for (; len > 0; --len) { + GETCHAR(code, p); + printer(arg, " %.2x", code); + } - UPAPDEBUG((LOG_INFO, "upap_sresp: Sent code %d, id %d.", code, id)); + return p - pstart; }