. remove duplicate logging from auth.c, now in upap.c
. auth success logs at info, auth fail at warn, auth with_peer fail at error
- add remote number checks after authentication in case a plugin modifies
authorization info
- log remote number on successful/no auth
- streamline null termination of remote name for logging
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
-#define RCSID "$Id: auth.c,v 1.86 2002/10/10 06:12:04 fcusack Exp $"
+#define RCSID "$Id: auth.c,v 1.87 2002/10/12 01:28:05 fcusack Exp $"
#include <stdio.h>
#include <stddef.h>
#include <stdio.h>
#include <stddef.h>
{
lcp_options *go = &lcp_gotoptions[unit];
{
lcp_options *go = &lcp_gotoptions[unit];
+ /* Log calling number. */
+ if (*remote_number)
+ notice("peer from calling number %q authorized", remote_number);
+
/*
* If the peer had to authenticate, run the auth-up script now.
*/
/*
* If the peer had to authenticate, run the auth-up script now.
*/
ret = UPAP_AUTHACK;
if (uselogin || login_secret) {
/* login option or secret is @login */
ret = UPAP_AUTHACK;
if (uselogin || login_secret) {
/* login option or secret is @login */
- ret = plogin(user, passwd, msg);
- if (ret == UPAP_AUTHNAK)
- warn("PAP login failure for %s", user);
- else
+ if ((ret = plogin(user, passwd, msg)) == UPAP_AUTHACK)
used_login = 1;
}
if (secret[0] != 0 && !login_secret) {
/* password given in pap-secrets - must match */
if ((cryptpap || strcmp(passwd, secret) != 0)
used_login = 1;
}
if (secret[0] != 0 && !login_secret) {
/* password given in pap-secrets - must match */
if ((cryptpap || strcmp(passwd, secret) != 0)
- && strcmp(crypt(passwd, secret), secret) != 0) {
+ && strcmp(crypt(passwd, secret), secret) != 0)
- warn("PAP authentication failure for %s", user);
- }
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
-#define RCSID "$Id: chap.c,v 1.34 2002/10/11 22:11:13 fcusack Exp $"
+#define RCSID "$Id: chap.c,v 1.35 2002/10/12 01:28:05 fcusack Exp $"
rchallenge = inp;
INCPTR(rchallenge_len, inp);
rchallenge = inp;
INCPTR(rchallenge_len, inp);
- if (len >= sizeof(rhostname))
- len = sizeof(rhostname) - 1;
- BCOPY(inp, rhostname, len);
- rhostname[len] = '\000';
+ /* Null terminate and clean remote name. */
+ slprintf(rhostname, sizeof(rhostname), "%.*v", len, inp);
/* Microsoft doesn't send their name back in the PPP packet */
if (explicit_remote || (remote_name[0] != 0 && rhostname[0] == 0)) {
/* Microsoft doesn't send their name back in the PPP packet */
if (explicit_remote || (remote_name[0] != 0 && rhostname[0] == 0)) {
code = (*chap_auth_hook) ( (explicit_remote ? remote_name : rhostname),
remmd, (int) remmd_len,
cstate );
code = (*chap_auth_hook) ( (explicit_remote ? remote_name : rhostname),
remmd, (int) remmd_len,
cstate );
+ /*
+ * Check remote number authorization. A plugin may have filled in
+ * the remote number or added an allowed number, and rather than
+ * return an authenticate failure, is leaving it for us to verify.
+ */
+ if (code == CHAP_SUCCESS) {
+ if (!auth_number()) {
+ /* We do not want to leak info about the chap result. */
+ code = CHAP_FAILURE; /* XXX exit value will be "wrong" */
+ error("calling number %q is not authorized", remote_number);
+ }
+ }
+
} else {
if (!get_secret(cstate->unit, (explicit_remote? remote_name: rhostname),
cstate->chal_name, secret, &secret_len, 1)) {
} else {
if (!get_secret(cstate->unit, (explicit_remote? remote_name: rhostname),
cstate->chal_name, secret, &secret_len, 1)) {
notice("CHAP peer authentication succeeded for %q", rhostname);
} else {
notice("CHAP peer authentication succeeded for %q", rhostname);
} else {
- error("CHAP peer authentication failed for %q", rhostname);
+ warn("CHAP peer authentication failed for %q", rhostname);
cstate->serverstate = CHAPSS_BADAUTH;
auth_peer_fail(cstate->unit, PPP_CHAP);
}
cstate->serverstate = CHAPSS_BADAUTH;
auth_peer_fail(cstate->unit, PPP_CHAP);
}
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
-#define RCSID "$Id: main.c,v 1.114 2002/10/10 05:47:34 fcusack Exp $"
+#define RCSID "$Id: main.c,v 1.115 2002/10/12 01:28:05 fcusack Exp $"
#include <stdio.h>
#include <ctype.h>
#include <stdio.h>
#include <ctype.h>
* Early check for remote number authorization.
*/
if (!auth_number()) {
* Early check for remote number authorization.
*/
if (!auth_number()) {
- error("remote number %s is not authorized", remote_number);
+ error("calling number %q is not authorized", remote_number);
exit(EXIT_CNID_AUTH_FAILED);
}
exit(EXIT_CNID_AUTH_FAILED);
}
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
-#define RCSID "$Id: upap.c,v 1.26 2002/10/11 22:11:13 fcusack Exp $"
+#define RCSID "$Id: upap.c,v 1.27 2002/10/12 01:28:05 fcusack Exp $"
retcode = check_passwd(u->us_unit, ruser, ruserlen, rpasswd,
rpasswdlen, &msg);
BZERO(rpasswd, rpasswdlen);
retcode = check_passwd(u->us_unit, ruser, ruserlen, rpasswd,
rpasswdlen, &msg);
BZERO(rpasswd, rpasswdlen);
+
+ /*
+ * Check remote number authorization. A plugin may have filled in
+ * the remote number or added an allowed number, and rather than
+ * return an authenticate failure, is leaving it for us to verify.
+ */
+ if (retcode == UPAP_AUTHACK) {
+ if (!auth_number()) {
+ /* We do not want to leak info about the pap result. */
+ retcode = UPAP_AUTHNAK; /* XXX exit value will be "wrong" */
+ error("calling number %q is not authorized", remote_number);
+ }
+ }
+
msglen = strlen(msg);
if (msglen > 255)
msglen = 255;
msglen = strlen(msg);
if (msglen > 255)
msglen = 255;
upap_sresp(u, retcode, id, msg, msglen);
upap_sresp(u, retcode, id, msg, msglen);
- if (ruserlen >= sizeof(rhostname))
- ruserlen = sizeof(rhostname) - 1;
- BCOPY(ruser, rhostname, ruserlen);
- rhostname[ruserlen] = '\000';
+ /* Null terminate and clean remote name. */
+ slprintf(rhostname, sizeof(rhostname), "%.*v", ruserlen, ruser);
if (retcode == UPAP_AUTHACK) {
u->us_serverstate = UPAPSS_OPEN;
if (retcode == UPAP_AUTHACK) {
u->us_serverstate = UPAPSS_OPEN;
auth_peer_success(u->us_unit, PPP_PAP, 0, ruser, ruserlen);
} else {
u->us_serverstate = UPAPSS_BADAUTH;
auth_peer_success(u->us_unit, PPP_PAP, 0, ruser, ruserlen);
} else {
u->us_serverstate = UPAPSS_BADAUTH;
- error("PAP peer authentication failed for %q", rhostname);
+ warn("PAP peer authentication failed for %q", rhostname);
auth_peer_fail(u->us_unit, PPP_PAP);
}
auth_peer_fail(u->us_unit, PPP_PAP);
}