- more authentication logging uniformity

  . remove duplicate logging from auth.c, now in upap.c
  . auth success logs at info, auth fail at warn, auth with_peer fail at error
- add remote number checks after authentication in case a plugin modifies
  authorization info
- log remote number on successful/no auth
- streamline null termination of remote name for logging

diff --git a/pppd/auth.c b/pppd/auth.c
index fa58933f77cfa190d6733c4132383adcc6946ab1..addfe87c465ca20bf094dccadb4118118b16dd34 100644 (file)
--- a/pppd/auth.c
+++ b/pppd/auth.c
@@ -32,7 +32,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#define RCSID  "$Id: auth.c,v 1.86 2002/10/10 06:12:04 fcusack Exp $"
+#define RCSID  "$Id: auth.c,v 1.87 2002/10/12 01:28:05 fcusack Exp $"
 
 #include <stdio.h>
 #include <stddef.h>
@@ -610,6 +610,10 @@ network_phase(unit)
 {
     lcp_options *go = &lcp_gotoptions[unit];
 
+    /* Log calling number. */
+    if (*remote_number)
+       notice("peer from calling number %q authorized", remote_number);
+
     /*
      * If the peer had to authenticate, run the auth-up script now.
      */
@@ -1180,19 +1184,14 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg)
            ret = UPAP_AUTHACK;
            if (uselogin || login_secret) {
                /* login option or secret is @login */
-               ret = plogin(user, passwd, msg);
-               if (ret == UPAP_AUTHNAK)
-                   warn("PAP login failure for %s", user);
-               else
+               if ((ret = plogin(user, passwd, msg)) == UPAP_AUTHACK)
                    used_login = 1;
            }
            if (secret[0] != 0 && !login_secret) {
                /* password given in pap-secrets - must match */
                if ((cryptpap || strcmp(passwd, secret) != 0)
-                   && strcmp(crypt(passwd, secret), secret) != 0) {
+                   && strcmp(crypt(passwd, secret), secret) != 0)
                    ret = UPAP_AUTHNAK;
-                   warn("PAP authentication failure for %s", user);
-               }
            }
        }
        fclose(f);

diff --git a/pppd/chap.c b/pppd/chap.c
index 85c860fc6816f1c85fd95cec806fb0bed2cdcc54..e47d52f6ba68c76e610c229210e8f7fd8aaf81ab 100644 (file)
--- a/pppd/chap.c
+++ b/pppd/chap.c
@@ -33,7 +33,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#define RCSID  "$Id: chap.c,v 1.34 2002/10/11 22:11:13 fcusack Exp $"
+#define RCSID  "$Id: chap.c,v 1.35 2002/10/12 01:28:05 fcusack Exp $"
 
 /*
  * TODO:
@@ -457,10 +457,8 @@ ChapReceiveChallenge(cstate, inp, id, len)
     rchallenge = inp;
     INCPTR(rchallenge_len, inp);
 
-    if (len >= sizeof(rhostname))
-       len = sizeof(rhostname) - 1;
-    BCOPY(inp, rhostname, len);
-    rhostname[len] = '\000';
+    /* Null terminate and clean remote name. */
+    slprintf(rhostname, sizeof(rhostname), "%.*v", len, inp);
 
     /* Microsoft doesn't send their name back in the PPP packet */
     if (explicit_remote || (remote_name[0] != 0 && rhostname[0] == 0)) {
@@ -599,6 +597,19 @@ ChapReceiveResponse(cstate, inp, id, len)
        code = (*chap_auth_hook) ( (explicit_remote ? remote_name : rhostname),
                                   remmd, (int) remmd_len,
                                   cstate );
+       /*
+        * Check remote number authorization.  A plugin may have filled in
+        * the remote number or added an allowed number, and rather than
+        * return an authenticate failure, is leaving it for us to verify.
+        */
+       if (code == CHAP_SUCCESS) {
+           if (!auth_number()) {
+               /* We do not want to leak info about the chap result. */
+               code = CHAP_FAILURE; /* XXX exit value will be "wrong" */
+               error("calling number %q is not authorized", remote_number);
+           }
+       }
+
     } else {
        if (!get_secret(cstate->unit, (explicit_remote? remote_name: rhostname),
                        cstate->chal_name, secret, &secret_len, 1)) {
@@ -700,7 +711,7 @@ ChapReceiveResponse(cstate, inp, id, len)
        notice("CHAP peer authentication succeeded for %q", rhostname);
 
     } else {
-       error("CHAP peer authentication failed for %q", rhostname);
+       warn("CHAP peer authentication failed for %q", rhostname);
        cstate->serverstate = CHAPSS_BADAUTH;
        auth_peer_fail(cstate->unit, PPP_CHAP);
     }

diff --git a/pppd/main.c b/pppd/main.c
index 4fb985b89a010440c86bb6bf367604afae3b6448..cc329b1bfeaf35465ffa5c1c53e524ebb4ae90bf 100644 (file)
--- a/pppd/main.c
+++ b/pppd/main.c
@@ -17,7 +17,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#define RCSID  "$Id: main.c,v 1.114 2002/10/10 05:47:34 fcusack Exp $"
+#define RCSID  "$Id: main.c,v 1.115 2002/10/12 01:28:05 fcusack Exp $"
 
 #include <stdio.h>
 #include <ctype.h>
@@ -366,7 +366,7 @@ main(argc, argv)
      * Early check for remote number authorization.
      */
     if (!auth_number()) {
-       error("remote number %s is not authorized", remote_number);
+       error("calling number %q is not authorized", remote_number);
        exit(EXIT_CNID_AUTH_FAILED);
     }
 

diff --git a/pppd/upap.c b/pppd/upap.c
index e15c93c40db35b23331ecaf2cd9f40460e5c6851..50a78a2d221657c2e6e15bb3cb314835de203b5b 100644 (file)
--- a/pppd/upap.c
+++ b/pppd/upap.c
@@ -17,7 +17,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#define RCSID  "$Id: upap.c,v 1.26 2002/10/11 22:11:13 fcusack Exp $"
+#define RCSID  "$Id: upap.c,v 1.27 2002/10/12 01:28:05 fcusack Exp $"
 
 /*
  * TODO:
@@ -402,16 +402,27 @@ upap_rauthreq(u, inp, id, len)
     retcode = check_passwd(u->us_unit, ruser, ruserlen, rpasswd,
                           rpasswdlen, &msg);
     BZERO(rpasswd, rpasswdlen);
+
+    /*
+     * Check remote number authorization.  A plugin may have filled in
+     * the remote number or added an allowed number, and rather than
+     * return an authenticate failure, is leaving it for us to verify.
+     */
+    if (retcode == UPAP_AUTHACK) {
+       if (!auth_number()) {
+           /* We do not want to leak info about the pap result. */
+           retcode = UPAP_AUTHNAK; /* XXX exit value will be "wrong" */
+           error("calling number %q is not authorized", remote_number);
+       }
+    }
+
     msglen = strlen(msg);
     if (msglen > 255)
        msglen = 255;
-
     upap_sresp(u, retcode, id, msg, msglen);
 
-    if (ruserlen >= sizeof(rhostname))
-       ruserlen = sizeof(rhostname) - 1;
-    BCOPY(ruser, rhostname, ruserlen);
-    rhostname[ruserlen] = '\000';
+    /* Null terminate and clean remote name. */
+    slprintf(rhostname, sizeof(rhostname), "%.*v", ruserlen, ruser);
 
     if (retcode == UPAP_AUTHACK) {
        u->us_serverstate = UPAPSS_OPEN;
@@ -419,7 +430,7 @@ upap_rauthreq(u, inp, id, len)
        auth_peer_success(u->us_unit, PPP_PAP, 0, ruser, ruserlen);
     } else {
        u->us_serverstate = UPAPSS_BADAUTH;
-       error("PAP peer authentication failed for %q", rhostname);
+       warn("PAP peer authentication failed for %q", rhostname);
        auth_peer_fail(u->us_unit, PPP_PAP);
     }