From a12ffcd5b0a1cf9a4920064295c9b02b127465b3 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Eivind=20N=C3=A6ss?= Date: Mon, 30 May 2022 13:04:59 -0700 Subject: [PATCH] Changing USE_SRP to PPP_WITH_SRP for consistency MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Eivind Næss --- configure.ac | 3 +- pppd/eap.c | 88 +++++++++++++++++++++++----------------------- pppd/pppdconf.h.in | 2 +- 3 files changed, 47 insertions(+), 46 deletions(-) diff --git a/configure.ac b/configure.ac index 1248b84..48fad5e 100644 --- a/configure.ac +++ b/configure.ac @@ -267,7 +267,8 @@ AS_IF([test "${ac_cv_openssl_des}" = "no" ], [ # # With libsrp support -AX_CHECK_SRP +AX_CHECK_SRP([ + AC_DEFINE([PPP_WITH_SRP], 1, [Support for libsrp authentication module])]) # # With libatm support diff --git a/pppd/eap.c b/pppd/eap.c index c73dcfb..4ad67a5 100644 --- a/pppd/eap.c +++ b/pppd/eap.c @@ -71,7 +71,7 @@ #include "peap.h" #endif /* PPP_WITH_PEAP */ -#ifdef USE_SRP +#ifdef PPP_WITH_SRP #ifdef HAVE_TIME_H #include #endif @@ -79,7 +79,7 @@ #include #include #include "pppcrypt.h" -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ #ifndef SHA_DIGESTSIZE #define SHA_DIGESTSIZE 20 @@ -97,7 +97,7 @@ extern int chapms_strip_domain; #endif /* PPP_WITH_CHAPMS */ eap_state eap_states[NUM_PPP]; /* EAP state; one for each unit */ -#ifdef USE_SRP +#ifdef PPP_WITH_SRP static char *pn_secret = NULL; /* Pseudonym generating secret */ #endif @@ -115,7 +115,7 @@ static option_t eap_option_list[] = { "Set max number of EAP Requests allows (client)" }, { "eap-interval", o_int, &eap_states[0].es_rechallenge, "Set interval for EAP rechallenge" }, -#ifdef USE_SRP +#ifdef PPP_WITH_SRP { "srp-interval", o_int, &eap_states[0].es_lwrechallenge, "Set interval for SRP lightweight rechallenge" }, { "srp-pn-secret", o_string, &pn_secret, @@ -157,7 +157,7 @@ struct protent eap_protent = { NULL /* say whether to bring up link for this pkt */ }; -#ifdef USE_SRP +#ifdef PPP_WITH_SRP /* * A well-known 2048 bit modulus. */ @@ -195,7 +195,7 @@ static const u_char wkmodulus[] = { 0x9B, 0x65, 0xE3, 0x72, 0xFC, 0xD6, 0x8E, 0xF2, 0x0F, 0xA7, 0x11, 0x1F, 0x9E, 0x4A, 0xFF, 0x73 }; -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ /* Local forward declarations. */ static void eap_server_timeout (void *arg); @@ -327,7 +327,7 @@ eap_send_success(eap_state *esp) esp->es_server.ea_peer, esp->es_server.ea_peerlen); } -#ifdef USE_SRP +#ifdef PPP_WITH_SRP /* * Set DES key according to pseudonym-generating secret and current * date. @@ -423,7 +423,7 @@ b64dec(struct b64state *bs, u_char *inp, int inlen, u_char *outp) } return (outlen); } -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ /* * Assume that current waiting server state is complete and figure @@ -434,7 +434,7 @@ b64dec(struct b64state *bs, u_char *inp, int inlen, u_char *outp) static void eap_figure_next_state(eap_state *esp, int status) { -#ifdef USE_SRP +#ifdef PPP_WITH_SRP unsigned char secbuf[MAXWORDLEN], clear[8], *sp, *dp; struct t_pw tpw; struct t_confent *tce, mytce; @@ -443,7 +443,7 @@ eap_figure_next_state(eap_state *esp, int status) int id, i, plen, toffs; u_char vals[2]; struct b64state bs; -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ #ifdef PPP_WITH_EAPTLS struct eaptls_session *ets; int secret_len; @@ -459,7 +459,7 @@ eap_figure_next_state(eap_state *esp, int status) return; case eapIdentify: -#ifdef USE_SRP +#ifdef PPP_WITH_SRP /* Discard any previous session. */ ts = (struct t_server *)esp->es_server.ea_session; if (ts != NULL) { @@ -467,12 +467,12 @@ eap_figure_next_state(eap_state *esp, int status) esp->es_server.ea_session = NULL; esp->es_server.ea_skey = NULL; } -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ if (status != 0) { esp->es_server.ea_state = eapBadAuth; break; } -#ifdef USE_SRP +#ifdef PPP_WITH_SRP /* If we've got a pseudonym, try to decode to real name. */ if (esp->es_server.ea_peerlen > SRP_PSEUDO_LEN && strncmp(esp->es_server.ea_peer, SRP_PSEUDO_ID, @@ -577,7 +577,7 @@ eap_figure_next_state(eap_state *esp, int status) t_servergenexp(ts); break; } -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ #ifdef PPP_WITH_EAPTLS if (!get_secret(esp->es_unit, esp->es_server.ea_peer, esp->es_server.ea_name, secret, &secret_len, 1)) { @@ -654,14 +654,14 @@ eap_figure_next_state(eap_state *esp, int status) #endif /* PPP_WITH_EAPTLS */ case eapSRP1: -#ifdef USE_SRP +#ifdef PPP_WITH_SRP ts = (struct t_server *)esp->es_server.ea_session; if (ts != NULL && status != 0) { t_serverclose(ts); esp->es_server.ea_session = NULL; esp->es_server.ea_skey = NULL; } -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ if (status == 1) { esp->es_server.ea_state = eapMD5Chall; } else if (status != 0 || esp->es_server.ea_session == NULL) { @@ -672,14 +672,14 @@ eap_figure_next_state(eap_state *esp, int status) break; case eapSRP2: -#ifdef USE_SRP +#ifdef PPP_WITH_SRP ts = (struct t_server *)esp->es_server.ea_session; if (ts != NULL && status != 0) { t_serverclose(ts); esp->es_server.ea_session = NULL; esp->es_server.ea_skey = NULL; } -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ if (status != 0 || esp->es_server.ea_session == NULL) { esp->es_server.ea_state = eapBadAuth; } else { @@ -689,14 +689,14 @@ eap_figure_next_state(eap_state *esp, int status) case eapSRP3: case eapSRP4: -#ifdef USE_SRP +#ifdef PPP_WITH_SRP ts = (struct t_server *)esp->es_server.ea_session; if (ts != NULL && status != 0) { t_serverclose(ts); esp->es_server.ea_session = NULL; esp->es_server.ea_skey = NULL; } -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ if (status != 0 || esp->es_server.ea_session == NULL) { esp->es_server.ea_state = eapBadAuth; } else { @@ -810,13 +810,13 @@ eap_send_request(eap_state *esp) int outlen; int challen; char *str; -#ifdef USE_SRP +#ifdef PPP_WITH_SRP struct t_server *ts; u_char clear[8], cipher[8], dig[SHA_DIGESTSIZE], *optr, *cp; int i, j; struct b64state b64; SHA1_CTX ctxt; -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ /* Handle both initial auth and restart */ if (esp->es_server.ea_state < eapIdentify && @@ -929,7 +929,7 @@ eap_send_request(eap_state *esp) break; #endif /* PPP_WITH_EAPTLS */ -#ifdef USE_SRP +#ifdef PPP_WITH_SRP case eapSRP1: PUTCHAR(EAPT_SRP, outp); PUTCHAR(EAPSRP_CHALLENGE, outp); @@ -1058,7 +1058,7 @@ eap_send_request(eap_state *esp) BCOPY(esp->es_challenge, outp, esp->es_challen); INCPTR(esp->es_challen, outp); break; -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ default: return; @@ -1342,7 +1342,7 @@ eap_chap_response(eap_state *esp, u_char id, u_char *hash, output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen); } -#ifdef USE_SRP +#ifdef PPP_WITH_SRP /* * Format and send a SRP EAP Response message. */ @@ -1397,7 +1397,7 @@ eap_srpval_response(eap_state *esp, u_char id, u_int32_t flags, u_char *str) output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen); } -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ #ifdef PPP_WITH_EAPTLS /* @@ -1489,7 +1489,7 @@ eap_send_nak(eap_state *esp, u_char id, u_char type) output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen); } -#ifdef USE_SRP +#ifdef PPP_WITH_SRP static char * name_of_pn_file(void) { @@ -1596,7 +1596,7 @@ write_pseudonym(eap_state *esp, u_char *inp, int len, int id) remove_pn_file(); } } -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ #if PPP_WITH_CHAPMS /* @@ -1649,14 +1649,14 @@ eap_request(eap_state *esp, u_char *inp, int id, int len) struct eaptls_session *ets = esp->es_client.ea_session; #endif /* PPP_WITH_EAPTLS */ -#ifdef USE_SRP +#ifdef PPP_WITH_SRP struct t_client *tc; struct t_num sval, gval, Nval, *Ap, Bval; u_char vals[2]; SHA1_CTX ctxt; u_char dig[SHA_DIGESTSIZE]; int fd; -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ /* * Ignore requests if we're not open @@ -1693,7 +1693,7 @@ eap_request(eap_state *esp, u_char *inp, int id, int len) case EAPT_IDENTITY: if (len > 0) info("EAP: Identity prompt \"%.*q\"", len, inp); -#ifdef USE_SRP +#ifdef PPP_WITH_SRP if (esp->es_usepseudo && (esp->es_usedpseudo == 0 || (esp->es_usedpseudo == 1 && @@ -1719,7 +1719,7 @@ eap_request(eap_state *esp, u_char *inp, int id, int len) remove_pn_file(); esp->es_usedpseudo = 2; } -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ eap_send_response(esp, id, typenum, (u_char *)esp->es_client.ea_name, esp->es_client.ea_namelen); break; @@ -1881,7 +1881,7 @@ eap_request(eap_state *esp, u_char *inp, int id, int len) break; #endif /* PPP_WITH_EAPTLS */ -#ifdef USE_SRP +#ifdef PPP_WITH_SRP case EAPT_SRP: if (len < 1) { error("EAP: received empty SRP Request"); @@ -2111,7 +2111,7 @@ eap_request(eap_state *esp, u_char *inp, int id, int len) break; } break; -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ #ifdef PPP_WITH_CHAPMS case EAPT_MSCHAPV2: @@ -2262,10 +2262,10 @@ client_failure: UNTIMEOUT(eap_client_timeout, (void *)esp); } esp->es_client.ea_session = NULL; -#ifdef USE_SRP +#ifdef PPP_WITH_SRP t_clientclose(tc); auth_withpeer_fail(esp->es_unit, PPP_EAP); -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ } /* @@ -2281,12 +2281,12 @@ eap_response(eap_state *esp, u_char *inp, int id, int len) char rhostname[256]; MD5_CTX mdContext; u_char hash[MD5_SIGNATURE_SIZE]; -#ifdef USE_SRP +#ifdef PPP_WITH_SRP struct t_server *ts; struct t_num A; SHA1_CTX ctxt; u_char dig[SHA_DIGESTSIZE]; -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ #ifdef PPP_WITH_EAPTLS struct eaptls_session *ets; @@ -2639,7 +2639,7 @@ eap_response(eap_state *esp, u_char *inp, int id, int len) break; #endif /* PPP_WITH_CHAPMS */ -#ifdef USE_SRP +#ifdef PPP_WITH_SRP case EAPT_SRP: if (len < 1) { error("EAP: empty SRP Response"); @@ -2740,7 +2740,7 @@ eap_response(eap_state *esp, u_char *inp, int id, int len) break; } break; -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ default: /* This can't happen. */ @@ -3061,7 +3061,7 @@ eap_printpkt(u_char *inp, int inlen, break; #endif /* PPP_WITH_EAPTLS */ -#ifdef USE_SRP +#ifdef PPP_WITH_SRP case EAPT_SRP: if (len < 3) goto truncated; @@ -3149,7 +3149,7 @@ eap_printpkt(u_char *inp, int inlen, break; } break; -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ } break; @@ -3275,7 +3275,7 @@ eap_printpkt(u_char *inp, int inlen, break; #endif /* PPP_WITH_CHAPMS */ -#ifdef USE_SRP +#ifdef PPP_WITH_SRP case EAPT_SRP: if (len < 1) goto truncated; @@ -3320,7 +3320,7 @@ eap_printpkt(u_char *inp, int inlen, break; } break; -#endif /* USE_SRP */ +#endif /* PPP_WITH_SRP */ } break; diff --git a/pppd/pppdconf.h.in b/pppd/pppdconf.h.in index d12dc82..c0b2328 100644 --- a/pppd/pppdconf.h.in +++ b/pppd/pppdconf.h.in @@ -37,7 +37,7 @@ #undef PPP_WITH_PAM /* Have EAP-SRP authentication support */ -#undef USE_SRP +#undef PPP_WITH_SRP /* Have EAP-TLS authentication support */ #undef PPP_WITH_EAPTLS -- 2.39.2