From cccb82a2e9bbc20f343bf4ef7550f79566f84758 Mon Sep 17 00:00:00 2001 From: Frank Cusack Date: Sat, 12 Oct 2002 01:28:05 +0000 Subject: [PATCH 1/1] - more authentication logging uniformity . remove duplicate logging from auth.c, now in upap.c . auth success logs at info, auth fail at warn, auth with_peer fail at error - add remote number checks after authentication in case a plugin modifies authorization info - log remote number on successful/no auth - streamline null termination of remote name for logging --- pppd/auth.c | 15 +++++++-------- pppd/chap.c | 23 +++++++++++++++++------ pppd/main.c | 4 ++-- pppd/upap.c | 25 ++++++++++++++++++------- 4 files changed, 44 insertions(+), 23 deletions(-) diff --git a/pppd/auth.c b/pppd/auth.c index fa58933..addfe87 100644 --- a/pppd/auth.c +++ b/pppd/auth.c @@ -32,7 +32,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#define RCSID "$Id: auth.c,v 1.86 2002/10/10 06:12:04 fcusack Exp $" +#define RCSID "$Id: auth.c,v 1.87 2002/10/12 01:28:05 fcusack Exp $" #include #include @@ -610,6 +610,10 @@ network_phase(unit) { lcp_options *go = &lcp_gotoptions[unit]; + /* Log calling number. */ + if (*remote_number) + notice("peer from calling number %q authorized", remote_number); + /* * If the peer had to authenticate, run the auth-up script now. */ @@ -1180,19 +1184,14 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg) ret = UPAP_AUTHACK; if (uselogin || login_secret) { /* login option or secret is @login */ - ret = plogin(user, passwd, msg); - if (ret == UPAP_AUTHNAK) - warn("PAP login failure for %s", user); - else + if ((ret = plogin(user, passwd, msg)) == UPAP_AUTHACK) used_login = 1; } if (secret[0] != 0 && !login_secret) { /* password given in pap-secrets - must match */ if ((cryptpap || strcmp(passwd, secret) != 0) - && strcmp(crypt(passwd, secret), secret) != 0) { + && strcmp(crypt(passwd, secret), secret) != 0) ret = UPAP_AUTHNAK; - warn("PAP authentication failure for %s", user); - } } } fclose(f); diff --git a/pppd/chap.c b/pppd/chap.c index 85c860f..e47d52f 100644 --- a/pppd/chap.c +++ b/pppd/chap.c @@ -33,7 +33,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#define RCSID "$Id: chap.c,v 1.34 2002/10/11 22:11:13 fcusack Exp $" +#define RCSID "$Id: chap.c,v 1.35 2002/10/12 01:28:05 fcusack Exp $" /* * TODO: @@ -457,10 +457,8 @@ ChapReceiveChallenge(cstate, inp, id, len) rchallenge = inp; INCPTR(rchallenge_len, inp); - if (len >= sizeof(rhostname)) - len = sizeof(rhostname) - 1; - BCOPY(inp, rhostname, len); - rhostname[len] = '\000'; + /* Null terminate and clean remote name. */ + slprintf(rhostname, sizeof(rhostname), "%.*v", len, inp); /* Microsoft doesn't send their name back in the PPP packet */ if (explicit_remote || (remote_name[0] != 0 && rhostname[0] == 0)) { @@ -599,6 +597,19 @@ ChapReceiveResponse(cstate, inp, id, len) code = (*chap_auth_hook) ( (explicit_remote ? remote_name : rhostname), remmd, (int) remmd_len, cstate ); + /* + * Check remote number authorization. A plugin may have filled in + * the remote number or added an allowed number, and rather than + * return an authenticate failure, is leaving it for us to verify. + */ + if (code == CHAP_SUCCESS) { + if (!auth_number()) { + /* We do not want to leak info about the chap result. */ + code = CHAP_FAILURE; /* XXX exit value will be "wrong" */ + error("calling number %q is not authorized", remote_number); + } + } + } else { if (!get_secret(cstate->unit, (explicit_remote? remote_name: rhostname), cstate->chal_name, secret, &secret_len, 1)) { @@ -700,7 +711,7 @@ ChapReceiveResponse(cstate, inp, id, len) notice("CHAP peer authentication succeeded for %q", rhostname); } else { - error("CHAP peer authentication failed for %q", rhostname); + warn("CHAP peer authentication failed for %q", rhostname); cstate->serverstate = CHAPSS_BADAUTH; auth_peer_fail(cstate->unit, PPP_CHAP); } diff --git a/pppd/main.c b/pppd/main.c index 4fb985b..cc329b1 100644 --- a/pppd/main.c +++ b/pppd/main.c @@ -17,7 +17,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#define RCSID "$Id: main.c,v 1.114 2002/10/10 05:47:34 fcusack Exp $" +#define RCSID "$Id: main.c,v 1.115 2002/10/12 01:28:05 fcusack Exp $" #include #include @@ -366,7 +366,7 @@ main(argc, argv) * Early check for remote number authorization. */ if (!auth_number()) { - error("remote number %s is not authorized", remote_number); + error("calling number %q is not authorized", remote_number); exit(EXIT_CNID_AUTH_FAILED); } diff --git a/pppd/upap.c b/pppd/upap.c index e15c93c..50a78a2 100644 --- a/pppd/upap.c +++ b/pppd/upap.c @@ -17,7 +17,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#define RCSID "$Id: upap.c,v 1.26 2002/10/11 22:11:13 fcusack Exp $" +#define RCSID "$Id: upap.c,v 1.27 2002/10/12 01:28:05 fcusack Exp $" /* * TODO: @@ -402,16 +402,27 @@ upap_rauthreq(u, inp, id, len) retcode = check_passwd(u->us_unit, ruser, ruserlen, rpasswd, rpasswdlen, &msg); BZERO(rpasswd, rpasswdlen); + + /* + * Check remote number authorization. A plugin may have filled in + * the remote number or added an allowed number, and rather than + * return an authenticate failure, is leaving it for us to verify. + */ + if (retcode == UPAP_AUTHACK) { + if (!auth_number()) { + /* We do not want to leak info about the pap result. */ + retcode = UPAP_AUTHNAK; /* XXX exit value will be "wrong" */ + error("calling number %q is not authorized", remote_number); + } + } + msglen = strlen(msg); if (msglen > 255) msglen = 255; - upap_sresp(u, retcode, id, msg, msglen); - if (ruserlen >= sizeof(rhostname)) - ruserlen = sizeof(rhostname) - 1; - BCOPY(ruser, rhostname, ruserlen); - rhostname[ruserlen] = '\000'; + /* Null terminate and clean remote name. */ + slprintf(rhostname, sizeof(rhostname), "%.*v", ruserlen, ruser); if (retcode == UPAP_AUTHACK) { u->us_serverstate = UPAPSS_OPEN; @@ -419,7 +430,7 @@ upap_rauthreq(u, inp, id, len) auth_peer_success(u->us_unit, PPP_PAP, 0, ruser, ruserlen); } else { u->us_serverstate = UPAPSS_BADAUTH; - error("PAP peer authentication failed for %q", rhostname); + warn("PAP peer authentication failed for %q", rhostname); auth_peer_fail(u->us_unit, PPP_PAP); } -- 2.39.2