]> git.ozlabs.org Git - ppp.git/blobdiff - pppd/eap.c
pppd/auth: Pass ipparam to auth-up and auth-down scripts
[ppp.git] / pppd / eap.c
index 9773ae2add5ac114803487bc88c5d0dd3e9d4439..6cb595f5b7c57b78cdd22ed790928535f4f29777 100644 (file)
@@ -67,6 +67,9 @@
 #include "pathnames.h"
 #include "md5.h"
 #include "eap.h"
+#ifdef USE_PEAP
+#include "peap.h"
+#endif /* USE_PEAP */
 
 #ifdef USE_SRP
 #ifdef HAVE_TIME_H
@@ -2179,6 +2182,7 @@ eap_request(eap_state *esp, u_char *inp, int id, int len)
                    eap_send_nak(esp, id, EAPT_SRP);
                    break;
                }
+               esp->es_client.ea_namelen = strlen(esp->es_client.ea_name);
 
                /* Create the MSCHAPv2 response (and add to cache) */
                unsigned char response[MS_CHAP2_RESPONSE_LEN+1]; // VLEN + VALUE
@@ -2216,6 +2220,28 @@ eap_request(eap_state *esp, u_char *inp, int id, int len)
 
            break;
 #endif /* CHAPMS */
+#ifdef USE_PEAP
+       case EAPT_PEAP:
+
+               /* Initialize the PEAP context (if not already initialized) */
+               if (!esp->ea_peap) {
+                       rhostname[0] = '\0';
+                       if (explicit_remote || (remote_name[0] != '\0')) {
+                               strlcpy(rhostname, remote_name, sizeof (rhostname));
+                       }
+                       if (peap_init(&esp->ea_peap, rhostname)) {
+                               eap_send_nak(esp, id, EAPT_TLS);
+                               break;
+                       }
+               }
+
+               /* Process the PEAP packet */
+               if (peap_process(esp, id, inp, len)) {
+                       eap_send_nak(esp, id, EAPT_TLS);
+               }
+
+               break;
+#endif /* USE_PEAP */
 
        default:
                info("EAP: unknown authentication type %d; Naking", typenum);
@@ -2769,6 +2795,10 @@ eap_success(eap_state *esp, u_char *inp, int id, int len)
                PRINTMSG(inp, len);
        }
 
+#ifdef USE_PEAP
+       peap_finish(&esp->ea_peap);
+#endif
+
        esp->es_client.ea_state = eapOpen;
        auth_withpeer_success(esp->es_unit, PPP_EAP, 0);
 }
@@ -2803,6 +2833,11 @@ eap_failure(eap_state *esp, u_char *inp, int id, int len)
        esp->es_client.ea_state = eapBadAuth;
 
        error("EAP: peer reports authentication failure");
+
+#ifdef USE_PEAP
+       peap_finish(&esp->ea_peap);
+#endif
+
        auth_withpeer_fail(esp->es_unit, PPP_EAP);
 }