Context Navigation

chap-new.c

Last change on this file was 1, checked in by AlexLir, 3 years ago

File size: 19.3 KB

Line
1	/*
2	* chap-new.c - New CHAP implementation.
3	*
4	* Copyright (c) 2003 Paul Mackerras. All rights reserved.
5	*
6	* Redistribution and use in source and binary forms, with or without
7	* modification, are permitted provided that the following conditions
8	* are met:
9	*
10	* 1. Redistributions of source code must retain the above copyright
11	* notice, this list of conditions and the following disclaimer.
12	*
13	* 2. The name(s) of the authors of this software must not be used to
14	* endorse or promote products derived from this software without
15	* prior written permission.
16	*
17	* 3. Redistributions of any form whatsoever must retain the following
18	* acknowledgment:
19	* "This product includes software developed by Paul Mackerras
20	* <paulus@samba.org>".
21	*
22	* THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
23	* THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
24	* AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
25	* SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
26	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
27	* AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
28	* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
29	*/
30
31	#include "netif/ppp/ppp_opts.h"
32	#if PPP_SUPPORT && CHAP_SUPPORT /* don't build if not configured for use in lwipopts.h */
33
34	#if 0 /* UNUSED */
35	#include <stdlib.h>
36	#include <string.h>
37	#endif /* UNUSED */
38
39	#include "netif/ppp/ppp_impl.h"
40
41	#if 0 /* UNUSED */
42	#include "session.h"
43	#endif /* UNUSED */
44
45	#include "netif/ppp/chap-new.h"
46	#include "netif/ppp/chap-md5.h"
47	#if MSCHAP_SUPPORT
48	#include "netif/ppp/chap_ms.h"
49	#endif
50	#include "netif/ppp/magic.h"
51
52	#if 0 /* UNUSED */
53	/* Hook for a plugin to validate CHAP challenge */
54	int (chap_verify_hook)(const char name, const char *ourname, int id,
55	const struct chap_digest_type *digest,
56	const unsigned char challenge, const unsigned char response,
57	char *message, int message_space) = NULL;
58	#endif /* UNUSED */
59
60	#if PPP_OPTIONS
61	/*
62	* Command-line options.
63	*/
64	static option_t chap_option_list[] = {
65	{ "chap-restart", o_int, &chap_timeout_time,
66	"Set timeout for CHAP", OPT_PRIO },
67	{ "chap-max-challenge", o_int, &pcb->settings.chap_max_transmits,
68	"Set max #xmits for challenge", OPT_PRIO },
69	{ "chap-interval", o_int, &pcb->settings.chap_rechallenge_time,
70	"Set interval for rechallenge", OPT_PRIO },
71	{ NULL }
72	};
73	#endif /* PPP_OPTIONS */
74
75
76	/* Values for flags in chap_client_state and chap_server_state */
77	#define LOWERUP 1
78	#define AUTH_STARTED 2
79	#define AUTH_DONE 4
80	#define AUTH_FAILED 8
81	#define TIMEOUT_PENDING 0x10
82	#define CHALLENGE_VALID 0x20
83
84	/*
85	* Prototypes.
86	*/
87	static void chap_init(ppp_pcb *pcb);
88	static void chap_lowerup(ppp_pcb *pcb);
89	static void chap_lowerdown(ppp_pcb *pcb);
90	#if PPP_SERVER
91	static void chap_timeout(void *arg);
92	static void chap_generate_challenge(ppp_pcb *pcb);
93	static void chap_handle_response(ppp_pcb *pcb, int code,
94	unsigned char *pkt, int len);
95	static int chap_verify_response(ppp_pcb pcb, const char name, const char *ourname, int id,
96	const struct chap_digest_type *digest,
97	const unsigned char challenge, const unsigned char response,
98	char *message, int message_space);
99	#endif /* PPP_SERVER */
100	static void chap_respond(ppp_pcb *pcb, int id,
101	unsigned char *pkt, int len);
102	static void chap_handle_status(ppp_pcb *pcb, int code, int id,
103	unsigned char *pkt, int len);
104	static void chap_protrej(ppp_pcb *pcb);
105	static void chap_input(ppp_pcb pcb, unsigned char pkt, int pktlen);
106	#if PRINTPKT_SUPPORT
107	static int chap_print_pkt(const unsigned char *p, int plen,
108	void (printer) (void , const char , ...), void arg);
109	#endif /* PRINTPKT_SUPPORT */
110
111	/* List of digest types that we know about */
112	static const struct chap_digest_type* const chap_digests[] = {
113	&md5_digest,
114	#if MSCHAP_SUPPORT
115	&chapms_digest,
116	&chapms2_digest,
117	#endif /* MSCHAP_SUPPORT */
118	NULL
119	};
120
121	/*
122	* chap_init - reset to initial state.
123	*/
124	static void chap_init(ppp_pcb *pcb) {
125	LWIP_UNUSED_ARG(pcb);
126
127	#if 0 /* Not necessary, everything is cleared in ppp_new() */
128	memset(&pcb->chap_client, 0, sizeof(chap_client_state));
129	#if PPP_SERVER
130	memset(&pcb->chap_server, 0, sizeof(chap_server_state));
131	#endif /* PPP_SERVER */
132	#endif /* 0 */
133	}
134
135	/*
136	* chap_lowerup - we can start doing stuff now.
137	*/
138	static void chap_lowerup(ppp_pcb *pcb) {
139
140	pcb->chap_client.flags \|= LOWERUP;
141	#if PPP_SERVER
142	pcb->chap_server.flags \|= LOWERUP;
143	if (pcb->chap_server.flags & AUTH_STARTED)
144	chap_timeout(pcb);
145	#endif /* PPP_SERVER */
146	}
147
148	static void chap_lowerdown(ppp_pcb *pcb) {
149
150	pcb->chap_client.flags = 0;
151	#if PPP_SERVER
152	if (pcb->chap_server.flags & TIMEOUT_PENDING)
153	UNTIMEOUT(chap_timeout, pcb);
154	pcb->chap_server.flags = 0;
155	#endif /* PPP_SERVER */
156	}
157
158	#if PPP_SERVER
159	/*
160	* chap_auth_peer - Start authenticating the peer.
161	* If the lower layer is already up, we start sending challenges,
162	* otherwise we wait for the lower layer to come up.
163	*/
164	void chap_auth_peer(ppp_pcb pcb, const char our_name, int digest_code) {
165	const struct chap_digest_type *dp;
166	int i;
167
168	if (pcb->chap_server.flags & AUTH_STARTED) {
169	ppp_error("CHAP: peer authentication already started!");
170	return;
171	}
172	for (i = 0; (dp = chap_digests[i]) != NULL; ++i)
173	if (dp->code == digest_code)
174	break;
175	if (dp == NULL)
176	ppp_fatal("CHAP digest 0x%x requested but not available",
177	digest_code);
178
179	pcb->chap_server.digest = dp;
180	pcb->chap_server.name = our_name;
181	/* Start with a random ID value */
182	pcb->chap_server.id = magic();
183	pcb->chap_server.flags \|= AUTH_STARTED;
184	if (pcb->chap_server.flags & LOWERUP)
185	chap_timeout(pcb);
186	}
187	#endif /* PPP_SERVER */
188
189	/*
190	* chap_auth_with_peer - Prepare to authenticate ourselves to the peer.
191	* There isn't much to do until we receive a challenge.
192	*/
193	void chap_auth_with_peer(ppp_pcb pcb, const char our_name, int digest_code) {
194	const struct chap_digest_type *dp;
195	int i;
196
197	if(NULL == our_name)
198	return;
199
200	if (pcb->chap_client.flags & AUTH_STARTED) {
201	ppp_error("CHAP: authentication with peer already started!");
202	return;
203	}
204	for (i = 0; (dp = chap_digests[i]) != NULL; ++i)
205	if (dp->code == digest_code)
206	break;
207
208	if (dp == NULL)
209	ppp_fatal("CHAP digest 0x%x requested but not available",
210	digest_code);
211
212	pcb->chap_client.digest = dp;
213	pcb->chap_client.name = our_name;
214	pcb->chap_client.flags \|= AUTH_STARTED;
215	}
216
217	#if PPP_SERVER
218	/*
219	* chap_timeout - It's time to send another challenge to the peer.
220	* This could be either a retransmission of a previous challenge,
221	* or a new challenge to start re-authentication.
222	*/
223	static void chap_timeout(void *arg) {
224	ppp_pcb pcb = (ppp_pcb)arg;
225	struct pbuf *p;
226
227	pcb->chap_server.flags &= ~TIMEOUT_PENDING;
228	if ((pcb->chap_server.flags & CHALLENGE_VALID) == 0) {
229	pcb->chap_server.challenge_xmits = 0;
230	chap_generate_challenge(pcb);
231	pcb->chap_server.flags \|= CHALLENGE_VALID;
232	} else if (pcb->chap_server.challenge_xmits >= pcb->settings.chap_max_transmits) {
233	pcb->chap_server.flags &= ~CHALLENGE_VALID;
234	pcb->chap_server.flags \|= AUTH_DONE \| AUTH_FAILED;
235	auth_peer_fail(pcb, PPP_CHAP);
236	return;
237	}
238
239	p = pbuf_alloc(PBUF_RAW, (u16_t)(pcb->chap_server.challenge_pktlen), PPP_CTRL_PBUF_TYPE);
240	if(NULL == p)
241	return;
242	if(p->tot_len != p->len) {
243	pbuf_free(p);
244	return;
245	}
246	MEMCPY(p->payload, pcb->chap_server.challenge, pcb->chap_server.challenge_pktlen);
247	ppp_write(pcb, p);
248	++pcb->chap_server.challenge_xmits;
249	pcb->chap_server.flags \|= TIMEOUT_PENDING;
250	TIMEOUT(chap_timeout, arg, pcb->settings.chap_timeout_time);
251	}
252
253	/*
254	* chap_generate_challenge - generate a challenge string and format
255	* the challenge packet in pcb->chap_server.challenge_pkt.
256	*/
257	static void chap_generate_challenge(ppp_pcb *pcb) {
258	int clen = 1, nlen, len;
259	unsigned char *p;
260
261	p = pcb->chap_server.challenge;
262	MAKEHEADER(p, PPP_CHAP);
263	p += CHAP_HDRLEN;
264	pcb->chap_server.digest->generate_challenge(pcb, p);
265	clen = *p;
266	nlen = strlen(pcb->chap_server.name);
267	memcpy(p + 1 + clen, pcb->chap_server.name, nlen);
268
269	len = CHAP_HDRLEN + 1 + clen + nlen;
270	pcb->chap_server.challenge_pktlen = PPP_HDRLEN + len;
271
272	p = pcb->chap_server.challenge + PPP_HDRLEN;
273	p[0] = CHAP_CHALLENGE;
274	p[1] = ++pcb->chap_server.id;
275	p[2] = len >> 8;
276	p[3] = len;
277	}
278
279	/*
280	* chap_handle_response - check the response to our challenge.
281	*/
282	static void chap_handle_response(ppp_pcb *pcb, int id,
283	unsigned char *pkt, int len) {
284	int response_len, ok, mlen;
285	const unsigned char *response;
286	unsigned char *outp;
287	struct pbuf *p;
288	const char name = NULL; / initialized to shut gcc up */
289	#if 0 /* UNUSED */
290	int (verifier)(const char , const char , int, const struct chap_digest_type ,
291	const unsigned char , const unsigned char , char *, int);
292	#endif /* UNUSED */
293	char rname[MAXNAMELEN+1];
294	char message[256];
295
296	if ((pcb->chap_server.flags & LOWERUP) == 0)
297	return;
298	if (id != pcb->chap_server.challenge[PPP_HDRLEN+1] \|\| len < 2)
299	return;
300	if (pcb->chap_server.flags & CHALLENGE_VALID) {
301	response = pkt;
302	GETCHAR(response_len, pkt);
303	len -= response_len + 1; /* length of name */
304	name = (char *)pkt + response_len;
305	if (len < 0)
306	return;
307
308	if (pcb->chap_server.flags & TIMEOUT_PENDING) {
309	pcb->chap_server.flags &= ~TIMEOUT_PENDING;
310	UNTIMEOUT(chap_timeout, pcb);
311	}
312	#if PPP_REMOTENAME
313	if (pcb->settings.explicit_remote) {
314	name = pcb->remote_name;
315	} else
316	#endif /* PPP_REMOTENAME */
317	{
318	/* Null terminate and clean remote name. */
319	ppp_slprintf(rname, sizeof(rname), "%.*v", len, name);
320	name = rname;
321	}
322
323	#if 0 /* UNUSED */
324	if (chap_verify_hook)
325	verifier = chap_verify_hook;
326	else
327	verifier = chap_verify_response;
328	ok = (*verifier)(name, pcb->chap_server.name, id, pcb->chap_server.digest,
329	pcb->chap_server.challenge + PPP_HDRLEN + CHAP_HDRLEN,
330	response, pcb->chap_server.message, sizeof(pcb->chap_server.message));
331	#endif /* UNUSED */
332	ok = chap_verify_response(pcb, name, pcb->chap_server.name, id, pcb->chap_server.digest,
333	pcb->chap_server.challenge + PPP_HDRLEN + CHAP_HDRLEN,
334	response, message, sizeof(message));
335	#if 0 /* UNUSED */
336	if (!ok \|\| !auth_number()) {
337	#endif /* UNUSED */
338	if (!ok) {
339	pcb->chap_server.flags \|= AUTH_FAILED;
340	ppp_warn("Peer %q failed CHAP authentication", name);
341	}
342	} else if ((pcb->chap_server.flags & AUTH_DONE) == 0)
343	return;
344
345	/* send the response */
346	mlen = strlen(message);
347	len = CHAP_HDRLEN + mlen;
348	p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN +len), PPP_CTRL_PBUF_TYPE);
349	if(NULL == p)
350	return;
351	if(p->tot_len != p->len) {
352	pbuf_free(p);
353	return;
354	}
355
356	outp = (unsigned char *)p->payload;
357	MAKEHEADER(outp, PPP_CHAP);
358
359	outp[0] = (pcb->chap_server.flags & AUTH_FAILED)? CHAP_FAILURE: CHAP_SUCCESS;
360	outp[1] = id;
361	outp[2] = len >> 8;
362	outp[3] = len;
363	if (mlen > 0)
364	memcpy(outp + CHAP_HDRLEN, message, mlen);
365	ppp_write(pcb, p);
366
367	if (pcb->chap_server.flags & CHALLENGE_VALID) {
368	pcb->chap_server.flags &= ~CHALLENGE_VALID;
369	if (!(pcb->chap_server.flags & AUTH_DONE) && !(pcb->chap_server.flags & AUTH_FAILED)) {
370
371	#if 0 /* UNUSED */
372	/*
373	* Auth is OK, so now we need to check session restrictions
374	* to ensure everything is OK, but only if we used a
375	* plugin, and only if we're configured to check. This
376	* allows us to do PAM checks on PPP servers that
377	* authenticate against ActiveDirectory, and use AD for
378	* account info (like when using Winbind integrated with
379	* PAM).
380	*/
381	if (session_mgmt &&
382	session_check(name, NULL, devnam, NULL) == 0) {
383	pcb->chap_server.flags \|= AUTH_FAILED;
384	ppp_warn("Peer %q failed CHAP Session verification", name);
385	}
386	#endif /* UNUSED */
387
388	}
389	if (pcb->chap_server.flags & AUTH_FAILED) {
390	auth_peer_fail(pcb, PPP_CHAP);
391	} else {
392	if ((pcb->chap_server.flags & AUTH_DONE) == 0)
393	auth_peer_success(pcb, PPP_CHAP,
394	pcb->chap_server.digest->code,
395	name, strlen(name));
396	if (pcb->settings.chap_rechallenge_time) {
397	pcb->chap_server.flags \|= TIMEOUT_PENDING;
398	TIMEOUT(chap_timeout, pcb,
399	pcb->settings.chap_rechallenge_time);
400	}
401	}
402	pcb->chap_server.flags \|= AUTH_DONE;
403	}
404	}
405
406	/*
407	* chap_verify_response - check whether the peer's response matches
408	* what we think it should be. Returns 1 if it does (authentication
409	* succeeded), or 0 if it doesn't.
410	*/
411	static int chap_verify_response(ppp_pcb pcb, const char name, const char *ourname, int id,
412	const struct chap_digest_type *digest,
413	const unsigned char challenge, const unsigned char response,
414	char *message, int message_space) {
415	int ok;
416	unsigned char secret[MAXSECRETLEN];
417	int secret_len;
418
419	/* Get the secret that the peer is supposed to know */
420	if (!get_secret(pcb, name, ourname, (char *)secret, &secret_len, 1)) {
421	ppp_error("No CHAP secret found for authenticating %q", name);
422	return 0;
423	}
424	ok = digest->verify_response(pcb, id, name, secret, secret_len, challenge,
425	response, message, message_space);
426	memset(secret, 0, sizeof(secret));
427
428	return ok;
429	}
430	#endif /* PPP_SERVER */
431
432	/*
433	* chap_respond - Generate and send a response to a challenge.
434	*/
435	static void chap_respond(ppp_pcb *pcb, int id,
436	unsigned char *pkt, int len) {
437	int clen, nlen;
438	int secret_len;
439	struct pbuf *p;
440	u_char *outp;
441	char rname[MAXNAMELEN+1];
442	char secret[MAXSECRETLEN+1];
443
444	p = pbuf_alloc(PBUF_RAW, (u16_t)(RESP_MAX_PKTLEN), PPP_CTRL_PBUF_TYPE);
445	if(NULL == p)
446	return;
447	if(p->tot_len != p->len) {
448	pbuf_free(p);
449	return;
450	}
451
452	if ((pcb->chap_client.flags & (LOWERUP \| AUTH_STARTED)) != (LOWERUP \| AUTH_STARTED))
453	return; /* not ready */
454	if (len < 2 \|\| len < pkt[0] + 1)
455	return; /* too short */
456	clen = pkt[0];
457	nlen = len - (clen + 1);
458
459	/* Null terminate and clean remote name. */
460	ppp_slprintf(rname, sizeof(rname), "%.*v", nlen, pkt + clen + 1);
461
462	#if PPP_REMOTENAME
463	/* Microsoft doesn't send their name back in the PPP packet */
464	if (pcb->settings.explicit_remote \|\| (pcb->settings.remote_name[0] != 0 && rname[0] == 0))
465	strlcpy(rname, pcb->settings.remote_name, sizeof(rname));
466	#endif /* PPP_REMOTENAME */
467
468	/* get secret for authenticating ourselves with the specified host */
469	if (!get_secret(pcb, pcb->chap_client.name, rname, secret, &secret_len, 0)) {
470	secret_len = 0; /* assume null secret if can't find one */
471	ppp_warn("No CHAP secret found for authenticating us to %q", rname);
472	}
473
474	outp = (u_char*)p->payload;
475	MAKEHEADER(outp, PPP_CHAP);
476	outp += CHAP_HDRLEN;
477
478	pcb->chap_client.digest->make_response(pcb, outp, id, pcb->chap_client.name, pkt,
479	secret, secret_len, pcb->chap_client.priv);
480	memset(secret, 0, secret_len);
481
482	clen = *outp;
483	nlen = strlen(pcb->chap_client.name);
484	memcpy(outp + clen + 1, pcb->chap_client.name, nlen);
485
486	outp = (u_char*)p->payload + PPP_HDRLEN;
487	len = CHAP_HDRLEN + clen + 1 + nlen;
488	outp[0] = CHAP_RESPONSE;
489	outp[1] = id;
490	outp[2] = len >> 8;
491	outp[3] = len;
492
493	pbuf_realloc(p, PPP_HDRLEN + len);
494	ppp_write(pcb, p);
495	}
496
497	static void chap_handle_status(ppp_pcb *pcb, int code, int id,
498	unsigned char *pkt, int len) {
499	const char *msg = NULL;
500	LWIP_UNUSED_ARG(id);
501
502	if ((pcb->chap_client.flags & (AUTH_DONE\|AUTH_STARTED\|LOWERUP))
503	!= (AUTH_STARTED\|LOWERUP))
504	return;
505	pcb->chap_client.flags \|= AUTH_DONE;
506
507	if (code == CHAP_SUCCESS) {
508	/* used for MS-CHAP v2 mutual auth, yuck */
509	if (pcb->chap_client.digest->check_success != NULL) {
510	if (!(*pcb->chap_client.digest->check_success)(pcb, pkt, len, pcb->chap_client.priv))
511	code = CHAP_FAILURE;
512	} else
513	msg = "CHAP authentication succeeded";
514	} else {
515	if (pcb->chap_client.digest->handle_failure != NULL)
516	(*pcb->chap_client.digest->handle_failure)(pcb, pkt, len);
517	else
518	msg = "CHAP authentication failed";
519	}
520	if (msg) {
521	if (len > 0)
522	ppp_info("%s: %.*v", msg, len, pkt);
523	else
524	ppp_info("%s", msg);
525	}
526	if (code == CHAP_SUCCESS)
527	auth_withpeer_success(pcb, PPP_CHAP, pcb->chap_client.digest->code);
528	else {
529	pcb->chap_client.flags \|= AUTH_FAILED;
530	ppp_error("CHAP authentication failed");
531	auth_withpeer_fail(pcb, PPP_CHAP);
532	}
533	}
534
535	static void chap_input(ppp_pcb pcb, unsigned char pkt, int pktlen) {
536	unsigned char code, id;
537	int len;
538
539	if (pktlen < CHAP_HDRLEN)
540	return;
541	GETCHAR(code, pkt);
542	GETCHAR(id, pkt);
543	GETSHORT(len, pkt);
544	if (len < CHAP_HDRLEN \|\| len > pktlen)
545	return;
546	len -= CHAP_HDRLEN;
547
548	switch (code) {
549	case CHAP_CHALLENGE:
550	chap_respond(pcb, id, pkt, len);
551	break;
552	#if PPP_SERVER
553	case CHAP_RESPONSE:
554	chap_handle_response(pcb, id, pkt, len);
555	break;
556	#endif /* PPP_SERVER */
557	case CHAP_FAILURE:
558	case CHAP_SUCCESS:
559	chap_handle_status(pcb, code, id, pkt, len);
560	break;
561	default:
562	break;
563	}
564	}
565
566	static void chap_protrej(ppp_pcb *pcb) {
567
568	#if PPP_SERVER
569	if (pcb->chap_server.flags & TIMEOUT_PENDING) {
570	pcb->chap_server.flags &= ~TIMEOUT_PENDING;
571	UNTIMEOUT(chap_timeout, pcb);
572	}
573	if (pcb->chap_server.flags & AUTH_STARTED) {
574	pcb->chap_server.flags = 0;
575	auth_peer_fail(pcb, PPP_CHAP);
576	}
577	#endif /* PPP_SERVER */
578	if ((pcb->chap_client.flags & (AUTH_STARTED\|AUTH_DONE)) == AUTH_STARTED) {
579	pcb->chap_client.flags &= ~AUTH_STARTED;
580	ppp_error("CHAP authentication failed due to protocol-reject");
581	auth_withpeer_fail(pcb, PPP_CHAP);
582	}
583	}
584
585	#if PRINTPKT_SUPPORT
586	/*
587	* chap_print_pkt - print the contents of a CHAP packet.
588	*/
589	static const char* const chap_code_names[] = {
590	"Challenge", "Response", "Success", "Failure"
591	};
592
593	static int chap_print_pkt(const unsigned char *p, int plen,
594	void (printer) (void , const char , ...), void arg) {
595	int code, id, len;
596	int clen, nlen;
597	unsigned char x;
598
599	if (plen < CHAP_HDRLEN)
600	return 0;
601	GETCHAR(code, p);
602	GETCHAR(id, p);
603	GETSHORT(len, p);
604	if (len < CHAP_HDRLEN \|\| len > plen)
605	return 0;
606
607	if (code >= 1 && code <= (int)LWIP_ARRAYSIZE(chap_code_names))
608	printer(arg, " %s", chap_code_names[code-1]);
609	else
610	printer(arg, " code=0x%x", code);
611	printer(arg, " id=0x%x", id);
612	len -= CHAP_HDRLEN;
613	switch (code) {
614	case CHAP_CHALLENGE:
615	case CHAP_RESPONSE:
616	if (len < 1)
617	break;
618	clen = p[0];
619	if (len < clen + 1)
620	break;
621	++p;
622	nlen = len - clen - 1;
623	printer(arg, " <");
624	for (; clen > 0; --clen) {
625	GETCHAR(x, p);
626	printer(arg, "%.2x", x);
627	}
628	printer(arg, ">, name = ");
629	ppp_print_string(p, nlen, printer, arg);
630	break;
631	case CHAP_FAILURE:
632	case CHAP_SUCCESS:
633	printer(arg, " ");
634	ppp_print_string(p, len, printer, arg);
635	break;
636	default:
637	for (clen = len; clen > 0; --clen) {
638	GETCHAR(x, p);
639	printer(arg, " %.2x", x);
640	}
641	/* no break */
642	}
643
644	return len + CHAP_HDRLEN;
645	}
646	#endif /* PRINTPKT_SUPPORT */
647
648	const struct protent chap_protent = {
649	PPP_CHAP,
650	chap_init,
651	chap_input,
652	chap_protrej,
653	chap_lowerup,
654	chap_lowerdown,
655	NULL, /* open */
656	NULL, /* close */
657	#if PRINTPKT_SUPPORT
658	chap_print_pkt,
659	#endif /* PRINTPKT_SUPPORT */
660	#if PPP_DATAINPUT
661	NULL, /* datainput */
662	#endif /* PPP_DATAINPUT */
663	#if PRINTPKT_SUPPORT
664	"CHAP", /* name */
665	NULL, /* data_name */
666	#endif /* PRINTPKT_SUPPORT */
667	#if PPP_OPTIONS
668	chap_option_list,
669	NULL, /* check_options */
670	#endif /* PPP_OPTIONS */
671	#if DEMAND_SUPPORT
672	NULL,
673	NULL
674	#endif /* DEMAND_SUPPORT */
675	};
676
677	#endif /* PPP_SUPPORT && CHAP_SUPPORT */

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: S-port/trunk/Middlewares/Third_Party/LwIP/src/netif/ppp/chap-new.c

Download in other formats: