diff --git a/CHANGELOG b/CHANGELOG index 5d55b1fc..91d848ce 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -33,6 +33,10 @@ HISTORY ++ Bugfixes: + 2009-12-31: Simon Goldschmidt + * many ppp files: Reorganised PPP source code from ucip structure to pppd + structure to easily compare our code against the pppd code (around v2.3.1) + 2009-12-27: Simon Goldschmidt * tcp_in.c: Another fix for bug #28241 (ooseq processing) and adapted unit test diff --git a/src/netif/ppp/auth.c b/src/netif/ppp/auth.c index cbd3eb21..f57c9702 100644 --- a/src/netif/ppp/auth.c +++ b/src/netif/ppp/auth.c @@ -320,6 +320,51 @@ link_established(int unit) } } +/* + * Proceed to the network phase. + */ +static void +network_phase(int unit) +{ + int i; + struct protent *protp; + lcp_options *go = &lcp_gotoptions[unit]; + + /* + * If the peer had to authenticate, run the auth-up script now. + */ + if ((go->neg_chap || go->neg_upap) && !did_authup) { + /* XXX Do setup for peer authentication. */ + did_authup = 1; + } + +#if CBCP_SUPPORT + /* + * If we negotiated callback, do it now. + */ + if (go->neg_cbcp) { + lcp_phase[unit] = PHASE_CALLBACK; + (*cbcp_protent.open)(unit); + return; + } +#endif /* CBCP_SUPPORT */ + + lcp_phase[unit] = PHASE_NETWORK; + for (i = 0; (protp = ppp_protocols[i]) != NULL; ++i) { + if (protp->protocol < 0xC000 && protp->enabled_flag && protp->open != NULL) { + (*protp->open)(unit); + if (protp->protocol != PPP_CCP) { + ++num_np_open; + } + } + } + + if (num_np_open == 0) { + /* nothing to do */ + lcp_close(0, "No network protocols running"); + } +} + /* * The peer has failed to authenticate himself using `protocol'. */ @@ -395,6 +440,8 @@ auth_withpeer_fail(int unit, u16_t protocol) * not necessarily the PPP connection. It works here as long * as we are only supporting PPP interfaces. */ + /* @todo: Remove pppIOCtl, it is not used anywhere else. + Instead, directly set errCode. */ pppIOCtl(unit, PPPCTLS_ERRCODE, &errCode); /* @@ -500,6 +547,85 @@ np_finished(int unit, u16_t proto) } } +/* + * check_idle - check whether the link has been idle for long + * enough that we can shut it down. + */ +static void +check_idle(void *arg) +{ + struct ppp_idle idle; + u_short itime; + + LWIP_UNUSED_ARG(arg); + if (!get_idle_time(0, &idle)) { + return; + } + itime = LWIP_MIN(idle.xmit_idle, idle.recv_idle); + if (itime >= ppp_settings.idle_time_limit) { + /* link is idle: shut it down. */ + AUTHDEBUG((LOG_INFO, "Terminating connection due to lack of activity.\n")); + lcp_close(0, "Link inactive"); + } else { + TIMEOUT(check_idle, NULL, ppp_settings.idle_time_limit - itime); + } +} + +/* + * connect_time_expired - log a message and close the connection. + */ +static void +connect_time_expired(void *arg) +{ + LWIP_UNUSED_ARG(arg); + + AUTHDEBUG((LOG_INFO, "Connect time expired\n")); + lcp_close(0, "Connect time expired"); /* Close connection */ +} + +#if 0 /* UNUSED */ +/* + * auth_check_options - called to check authentication options. + */ +void +auth_check_options(void) +{ + lcp_options *wo = &lcp_wantoptions[0]; + int can_auth; + ipcp_options *ipwo = &ipcp_wantoptions[0]; + u32_t remote; + + /* Default our_name to hostname, and user to our_name */ + if (ppp_settings.our_name[0] == 0 || ppp_settings.usehostname) { + strcpy(ppp_settings.our_name, ppp_settings.hostname); + } + + if (ppp_settings.user[0] == 0) { + strcpy(ppp_settings.user, ppp_settings.our_name); + } + + /* If authentication is required, ask peer for CHAP or PAP. */ + if (ppp_settings.auth_required && !wo->neg_chap && !wo->neg_upap) { + wo->neg_chap = 1; + wo->neg_upap = 1; + } + + /* + * Check whether we have appropriate secrets to use + * to authenticate the peer. + */ + can_auth = wo->neg_upap && have_pap_secret(); + if (!can_auth && wo->neg_chap) { + remote = ipwo->accept_remote? 0: ipwo->hisaddr; + can_auth = have_chap_secret(ppp_settings.remote_name, ppp_settings.our_name, remote); + } + + if (ppp_settings.auth_required && !can_auth) { + ppp_panic("No auth secret"); + } +} +#endif + /* * auth_reset - called when LCP is starting negotiations to recheck * authentication options, i.e. whether we have appropriate secrets @@ -542,7 +668,7 @@ auth_reset(int unit) int check_passwd( int unit, char *auser, int userlen, char *apasswd, int passwdlen, char **msg, int *msglen) { -#if 1 +#if 1 /* XXX Assume all entries OK. */ LWIP_UNUSED_ARG(unit); LWIP_UNUSED_ARG(auser); LWIP_UNUSED_ARG(userlen); @@ -585,7 +711,10 @@ check_passwd( int unit, char *auser, int userlen, char *apasswd, int passwdlen, /*ppp_panic("Excess Bad Logins");*/ } if (attempts > 3) { - sys_msleep((attempts - 3) * 5); + /* @todo: this was sleep(), i.e. seconds, not milliseconds + * I don't think we really need this in lwIP - we would block tcpip_thread! + */ + /*sys_msleep((attempts - 3) * 5);*/ } if (addrs != NULL) { free_wordlist(addrs); @@ -608,30 +737,6 @@ check_passwd( int unit, char *auser, int userlen, char *apasswd, int passwdlen, #endif /* PAP_SUPPORT */ -/* - * auth_ip_addr - check whether the peer is authorized to use - * a given IP address. Returns 1 if authorized, 0 otherwise. - */ -int -auth_ip_addr(int unit, u32_t addr) -{ - return ip_addr_check(addr, addresses[unit]); -} - -/* - * bad_ip_adrs - return 1 if the IP address is one we don't want - * to use, such as an address in the loopback net or a multicast address. - * addr is in network byte order. - */ -int -bad_ip_adrs(u32_t addr) -{ - addr = ntohl(addr); - return (addr >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET - || IN_MULTICAST(addr) || IN_BADCLASS(addr); -} - - #if CHAP_SUPPORT /* * get_secret - open the CHAP secret file and return the secret @@ -696,135 +801,6 @@ int get_secret( int unit, char *client, char *server, char *secret, int *secret_ } #endif /* CHAP_SUPPORT */ - -#if 0 /* UNUSED */ -/* - * auth_check_options - called to check authentication options. - */ -void -auth_check_options(void) -{ - lcp_options *wo = &lcp_wantoptions[0]; - int can_auth; - ipcp_options *ipwo = &ipcp_wantoptions[0]; - u32_t remote; - - /* Default our_name to hostname, and user to our_name */ - if (ppp_settings.our_name[0] == 0 || ppp_settings.usehostname) { - strcpy(ppp_settings.our_name, ppp_settings.hostname); - } - - if (ppp_settings.user[0] == 0) { - strcpy(ppp_settings.user, ppp_settings.our_name); - } - - /* If authentication is required, ask peer for CHAP or PAP. */ - if (ppp_settings.auth_required && !wo->neg_chap && !wo->neg_upap) { - wo->neg_chap = 1; - wo->neg_upap = 1; - } - - /* - * Check whether we have appropriate secrets to use - * to authenticate the peer. - */ - can_auth = wo->neg_upap && have_pap_secret(); - if (!can_auth && wo->neg_chap) { - remote = ipwo->accept_remote? 0: ipwo->hisaddr; - can_auth = have_chap_secret(ppp_settings.remote_name, ppp_settings.our_name, remote); - } - - if (ppp_settings.auth_required && !can_auth) { - ppp_panic("No auth secret"); - } -} -#endif - - -/**********************************/ -/*** LOCAL FUNCTION DEFINITIONS ***/ -/**********************************/ -/* - * Proceed to the network phase. - */ -static void -network_phase(int unit) -{ - int i; - struct protent *protp; - lcp_options *go = &lcp_gotoptions[unit]; - - /* - * If the peer had to authenticate, run the auth-up script now. - */ - if ((go->neg_chap || go->neg_upap) && !did_authup) { - /* XXX Do setup for peer authentication. */ - did_authup = 1; - } - -#if CBCP_SUPPORT - /* - * If we negotiated callback, do it now. - */ - if (go->neg_cbcp) { - lcp_phase[unit] = PHASE_CALLBACK; - (*cbcp_protent.open)(unit); - return; - } -#endif /* CBCP_SUPPORT */ - - lcp_phase[unit] = PHASE_NETWORK; - for (i = 0; (protp = ppp_protocols[i]) != NULL; ++i) { - if (protp->protocol < 0xC000 && protp->enabled_flag && protp->open != NULL) { - (*protp->open)(unit); - if (protp->protocol != PPP_CCP) { - ++num_np_open; - } - } - } - - if (num_np_open == 0) { - /* nothing to do */ - lcp_close(0, "No network protocols running"); - } -} - -/* - * check_idle - check whether the link has been idle for long - * enough that we can shut it down. - */ -static void -check_idle(void *arg) -{ - struct ppp_idle idle; - u_short itime; - - LWIP_UNUSED_ARG(arg); - if (!get_idle_time(0, &idle)) { - return; - } - itime = LWIP_MIN(idle.xmit_idle, idle.recv_idle); - if (itime >= ppp_settings.idle_time_limit) { - /* link is idle: shut it down. */ - AUTHDEBUG((LOG_INFO, "Terminating connection due to lack of activity.\n")); - lcp_close(0, "Link inactive"); - } else { - TIMEOUT(check_idle, NULL, ppp_settings.idle_time_limit - itime); - } -} - -/* - * connect_time_expired - log a message and close the connection. - */ -static void -connect_time_expired(void *arg) -{ - LWIP_UNUSED_ARG(arg); - - AUTHDEBUG((LOG_INFO, "Connect time expired\n")); - lcp_close(0, "Connect time expired"); /* Close connection */ -} - #if 0 /* * login - Check the user name and password against the system @@ -878,6 +854,8 @@ get_pap_passwd(int unit, char *user, char *passwd) but this causes problems with some providers (like CHT in Taiwan) who incorrectly request PAP and expect a bogus/empty password, so always provide a default user/passwd of "none"/"none" + + @todo: This should be configured by the user, instead of being hardcoded here! */ if(user) { strcpy(user, "none"); @@ -954,6 +932,16 @@ set_allowed_addrs(int unit, struct wordlist *addrs) } #endif /* 0 */ /* PAP_SUPPORT || CHAP_SUPPORT */ +/* + * auth_ip_addr - check whether the peer is authorized to use + * a given IP address. Returns 1 if authorized, 0 otherwise. + */ +int +auth_ip_addr(int unit, u32_t addr) +{ + return ip_addr_check(addr, addresses[unit]); +} + static int ip_addr_check(u32_t addr, struct wordlist *addrs) { @@ -970,6 +958,19 @@ ip_addr_check(u32_t addr, struct wordlist *addrs) return 1; } +/* + * bad_ip_adrs - return 1 if the IP address is one we don't want + * to use, such as an address in the loopback net or a multicast address. + * addr is in network byte order. + */ +int +bad_ip_adrs(u32_t addr) +{ + addr = ntohl(addr); + return (addr >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET + || IN_MULTICAST(addr) || IN_BADCLASS(addr); +} + #if 0 /* PAP_SUPPORT || CHAP_SUPPORT */ /* * free_wordlist - release memory allocated for a wordlist. diff --git a/src/netif/ppp/chap.c b/src/netif/ppp/chap.c index b3ea6b22..95005979 100644 --- a/src/netif/ppp/chap.c +++ b/src/netif/ppp/chap.c @@ -84,19 +84,6 @@ #include -/*************************/ -/*** LOCAL DEFINITIONS ***/ -/*************************/ - - -/************************/ -/*** LOCAL DATA TYPES ***/ -/************************/ - - -/***********************************/ -/*** LOCAL FUNCTION DECLARATIONS ***/ -/***********************************/ /* * Protocol entry points. */ @@ -105,10 +92,34 @@ static void ChapLowerUp (int); static void ChapLowerDown (int); static void ChapInput (int, u_char *, int); static void ChapProtocolReject (int); -#if 0 +#if PPP_ADDITIONAL_CALLBACKS static int ChapPrintPkt (u_char *, int, void (*) (void *, char *, ...), void *); #endif +struct protent chap_protent = { + PPP_CHAP, + ChapInit, + ChapInput, + ChapProtocolReject, + ChapLowerUp, + ChapLowerDown, + NULL, + NULL, +#if PPP_ADDITIONAL_CALLBACKS + ChapPrintPkt, + NULL, +#endif /* PPP_ADDITIONAL_CALLBACKS */ + 1, + "CHAP", +#if PPP_ADDITIONAL_CALLBACKS + NULL, + NULL, + NULL +#endif /* PPP_ADDITIONAL_CALLBACKS */ +}; + +chap_state chap[NUM_PPP]; /* CHAP state; one for each unit */ + static void ChapChallengeTimeout (void *); static void ChapResponseTimeout (void *); static void ChapReceiveChallenge (chap_state *, u_char *, int, int); @@ -121,38 +132,24 @@ static void ChapSendChallenge (chap_state *); static void ChapSendResponse (chap_state *); static void ChapGenChallenge (chap_state *); +/* + * ChapInit - Initialize a CHAP unit. + */ +static void +ChapInit(int unit) +{ + chap_state *cstate = &chap[unit]; -/******************************/ -/*** PUBLIC DATA STRUCTURES ***/ -/******************************/ -chap_state chap[NUM_PPP]; /* CHAP state; one for each unit */ - -struct protent chap_protent = { - PPP_CHAP, - ChapInit, - ChapInput, - ChapProtocolReject, - ChapLowerUp, - ChapLowerDown, - NULL, - NULL, -#if 0 - ChapPrintPkt, - NULL, -#endif - 1, - "CHAP", -#if 0 - NULL, - NULL, - NULL -#endif -}; + BZERO(cstate, sizeof(*cstate)); + cstate->unit = unit; + cstate->clientstate = CHAPCS_INITIAL; + cstate->serverstate = CHAPSS_INITIAL; + cstate->timeouttime = CHAP_DEFTIMEOUT; + cstate->max_transmits = CHAP_DEFTRANSMITS; + /* random number generator is initialized in magic_init */ +} -/***********************************/ -/*** PUBLIC FUNCTION DEFINITIONS ***/ -/***********************************/ /* * ChapAuthWithPeer - Authenticate us with our peer (start client). * @@ -205,27 +202,6 @@ ChapAuthPeer(int unit, char *our_name, int digest) } -/**********************************/ -/*** LOCAL FUNCTION DEFINITIONS ***/ -/**********************************/ -/* - * ChapInit - Initialize a CHAP unit. - */ -static void -ChapInit(int unit) -{ - chap_state *cstate = &chap[unit]; - - BZERO(cstate, sizeof(*cstate)); - cstate->unit = unit; - cstate->clientstate = CHAPCS_INITIAL; - cstate->serverstate = CHAPSS_INITIAL; - cstate->timeouttime = CHAP_DEFTIMEOUT; - cstate->max_transmits = CHAP_DEFTRANSMITS; - /* random number generator is initialized in magic_init */ -} - - /* * ChapChallengeTimeout - Timeout expired on sending challenge. */ @@ -463,19 +439,23 @@ ChapReceiveChallenge(chap_state *cstate, u_char *inp, int id, int len) BCOPY(inp, rhostname, len); rhostname[len] = '\000'; - CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: received name field '%s'\n", rhostname)); + CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: received name field '%s'\n", + rhostname)); /* Microsoft doesn't send their name back in the PPP packet */ if (ppp_settings.remote_name[0] != 0 && (ppp_settings.explicit_remote || rhostname[0] == 0)) { strncpy(rhostname, ppp_settings.remote_name, sizeof(rhostname)); rhostname[sizeof(rhostname) - 1] = 0; - CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: using '%s' as remote name\n", rhostname)); + CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: using '%s' as remote name\n", + rhostname)); } /* get secret for authenticating ourselves with the specified host */ - if (!get_secret(cstate->unit, cstate->resp_name, rhostname, secret, &secret_len, 0)) { + if (!get_secret(cstate->unit, cstate->resp_name, rhostname, + secret, &secret_len, 0)) { secret_len = 0; /* assume null secret if can't find one */ - CHAPDEBUG((LOG_WARNING, "No CHAP secret found for authenticating us to %s\n", rhostname)); + CHAPDEBUG((LOG_WARNING, "No CHAP secret found for authenticating us to %s\n", + rhostname)); } /* cancel response send timeout if necessary */ @@ -499,7 +479,7 @@ ChapReceiveChallenge(chap_state *cstate, u_char *inp, int id, int len) cstate->resp_length = MD5_SIGNATURE_SIZE; break; -#ifdef CHAPMS +#if MSCHAP_SUPPORT case CHAP_MICROSOFT: ChapMS(cstate, rchallenge, rchallenge_len, secret, secret_len); break; @@ -578,17 +558,18 @@ ChapReceiveResponse(chap_state *cstate, u_char *inp, int id, int len) BCOPY(inp, rhostname, len); rhostname[len] = '\000'; - CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: received name field: %s\n", rhostname)); + CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: received name field: %s\n", + rhostname)); /* * Get secret for authenticating them with us, * do the hash ourselves, and compare the result. */ code = CHAP_FAILURE; - if (!get_secret(cstate->unit, rhostname, cstate->chal_name, secret, &secret_len, 1)) { - /* CHAPDEBUG((LOG_WARNING, TL_CHAP, "No CHAP secret found for authenticating %s\n", rhostname)); */ + if (!get_secret(cstate->unit, rhostname, cstate->chal_name, + secret, &secret_len, 1)) { CHAPDEBUG((LOG_WARNING, "No CHAP secret found for authenticating %s\n", - rhostname)); + rhostname)); } else { /* generate MD based on negotiated type */ switch (cstate->chal_type) { @@ -651,7 +632,8 @@ ChapReceiveSuccess(chap_state *cstate, u_char *inp, u_char id, int len) if (cstate->clientstate != CHAPCS_RESPONSE) { /* don't know what this is */ - CHAPDEBUG((LOG_INFO, "ChapReceiveSuccess: in state %d\n", cstate->clientstate)); + CHAPDEBUG((LOG_INFO, "ChapReceiveSuccess: in state %d\n", + cstate->clientstate)); return; } @@ -683,7 +665,8 @@ ChapReceiveFailure(chap_state *cstate, u_char *inp, u_char id, int len) if (cstate->clientstate != CHAPCS_RESPONSE) { /* don't know what this is */ - CHAPDEBUG((LOG_INFO, "ChapReceiveFailure: in state %d\n", cstate->clientstate)); + CHAPDEBUG((LOG_INFO, "ChapReceiveFailure: in state %d\n", + cstate->clientstate)); return; } @@ -745,7 +728,7 @@ ChapSendStatus(chap_state *cstate, int code) { u_char *outp; int outlen, msglen; - char msg[256]; + char msg[256]; /* @todo: this can be a char*, no strcpy needed */ if (code == CHAP_SUCCESS) { strcpy(msg, "Welcome!"); @@ -765,7 +748,8 @@ ChapSendStatus(chap_state *cstate, int code) BCOPY(msg, outp, msglen); pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN); - CHAPDEBUG((LOG_INFO, "ChapSendStatus: Sent code %d, id %d.\n", code, cstate->chal_id)); + CHAPDEBUG((LOG_INFO, "ChapSendStatus: Sent code %d, id %d.\n", code, + cstate->chal_id)); } /* @@ -834,7 +818,7 @@ ChapSendResponse(chap_state *cstate) ++cstate->resp_transmits; } -#if 0 +#if PPP_ADDITIONAL_CALLBACKS static char *ChapCodenames[] = { "Challenge", "Response", "Success", "Failure" }; @@ -896,7 +880,7 @@ ChapPrintPkt( u_char *p, int plen, void (*printer) (void *, char *, ...), void * return len + CHAP_HEADERLEN; } -#endif +#endif /* PPP_ADDITIONAL_CALLBACKS */ #endif /* CHAP_SUPPORT */ diff --git a/src/netif/ppp/chap.h b/src/netif/ppp/chap.h index 83dafd73..00300df1 100644 --- a/src/netif/ppp/chap.h +++ b/src/netif/ppp/chap.h @@ -62,16 +62,12 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: chap.h,v 1.4 2007/12/19 20:47:22 fbernon Exp $ + * $Id: chap.h,v 1.5 2009/12/31 17:08:08 goldsimon Exp $ */ #ifndef CHAP_H #define CHAP_H -/************************* -*** PUBLIC DEFINITIONS *** -*************************/ - /* Code + ID + length */ #define CHAP_HEADERLEN 4 @@ -96,31 +92,6 @@ #define MAX_CHALLENGE_LENGTH 64 #define MAX_RESPONSE_LENGTH 64 /* sufficient for MD5 or MS-CHAP */ -/* - * Client (peer) states. - */ -#define CHAPCS_INITIAL 0 /* Lower layer down, not opened */ -#define CHAPCS_CLOSED 1 /* Lower layer up, not opened */ -#define CHAPCS_PENDING 2 /* Auth us to peer when lower up */ -#define CHAPCS_LISTEN 3 /* Listening for a challenge */ -#define CHAPCS_RESPONSE 4 /* Sent response, waiting for status */ -#define CHAPCS_OPEN 5 /* We've received Success */ - -/* - * Server (authenticator) states. - */ -#define CHAPSS_INITIAL 0 /* Lower layer down, not opened */ -#define CHAPSS_CLOSED 1 /* Lower layer up, not opened */ -#define CHAPSS_PENDING 2 /* Auth peer when lower up */ -#define CHAPSS_INITIAL_CHAL 3 /* We've sent the first challenge */ -#define CHAPSS_OPEN 4 /* We've sent a Success msg */ -#define CHAPSS_RECHALLENGE 5 /* We've sent another challenge */ -#define CHAPSS_BADAUTH 6 /* We've sent a Failure msg */ - -/************************ -*** PUBLIC DATA TYPES *** -************************/ - /* * Each interface is described by a chap structure. */ @@ -148,19 +119,32 @@ typedef struct chap_state { } chap_state; -/****************** -*** PUBLIC DATA *** -******************/ +/* + * Client (peer) states. + */ +#define CHAPCS_INITIAL 0 /* Lower layer down, not opened */ +#define CHAPCS_CLOSED 1 /* Lower layer up, not opened */ +#define CHAPCS_PENDING 2 /* Auth us to peer when lower up */ +#define CHAPCS_LISTEN 3 /* Listening for a challenge */ +#define CHAPCS_RESPONSE 4 /* Sent response, waiting for status */ +#define CHAPCS_OPEN 5 /* We've received Success */ + +/* + * Server (authenticator) states. + */ +#define CHAPSS_INITIAL 0 /* Lower layer down, not opened */ +#define CHAPSS_CLOSED 1 /* Lower layer up, not opened */ +#define CHAPSS_PENDING 2 /* Auth peer when lower up */ +#define CHAPSS_INITIAL_CHAL 3 /* We've sent the first challenge */ +#define CHAPSS_OPEN 4 /* We've sent a Success msg */ +#define CHAPSS_RECHALLENGE 5 /* We've sent another challenge */ +#define CHAPSS_BADAUTH 6 /* We've sent a Failure msg */ + extern chap_state chap[]; -extern struct protent chap_protent; - - -/*********************** -*** PUBLIC FUNCTIONS *** -***********************/ - void ChapAuthWithPeer (int, char *, int); void ChapAuthPeer (int, char *, int); +extern struct protent chap_protent; + #endif /* CHAP_H */ diff --git a/src/netif/ppp/chpms.c b/src/netif/ppp/chpms.c index 582cfd2d..295a43ce 100644 --- a/src/netif/ppp/chpms.c +++ b/src/netif/ppp/chpms.c @@ -85,6 +85,8 @@ #include "chap.h" #include "chpms.h" +#include + /*************************/ /*** LOCAL DEFINITIONS ***/ @@ -137,49 +139,12 @@ static u_char Get7Bits( int startBit ); - -/***********************************/ -/*** PUBLIC FUNCTION DEFINITIONS ***/ -/***********************************/ -void -ChapMS( chap_state *cstate, char *rchallenge, int rchallenge_len, char *secret, int secret_len) -{ - MS_ChapResponse response; -#ifdef MSLANMAN - extern int ms_lanman; -#endif - -#if 0 - CHAPDEBUG((LOG_INFO, "ChapMS: secret is '%.*s'\n", secret_len, secret)); -#endif - BZERO(&response, sizeof(response)); - - /* Calculate both always */ - ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, &response); - -#ifdef MSLANMAN - ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, &response); - - /* prefered method is set by option */ - response.UseNT = !ms_lanman; -#else - response.UseNT = 1; -#endif - - BCOPY(&response, cstate->response, MS_CHAP_RESPONSE_LEN); - cstate->resp_length = MS_CHAP_RESPONSE_LEN; -} - - -/**********************************/ -/*** LOCAL FUNCTION DEFINITIONS ***/ -/**********************************/ static void ChallengeResponse( u_char *challenge, /* IN 8 octets */ u_char *pwHash, /* IN 16 octets */ u_char *response /* OUT 24 octets */) { - char ZPasswordHash[21]; + u_char ZPasswordHash[21]; BZERO(ZPasswordHash, sizeof(ZPasswordHash)); BCOPY(pwHash, ZPasswordHash, 16); @@ -211,7 +176,7 @@ DesEncrypt( u_char *clear, /* IN 8 octets */ MakeKey(key, des_key); Expand(des_key, crypt_key); - setkey(crypt_key); + setkey((char*)crypt_key); #if 0 CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet input : %02X%02X%02X%02X%02X%02X%02X%02X\n", @@ -219,7 +184,7 @@ DesEncrypt( u_char *clear, /* IN 8 octets */ #endif Expand(clear, des_input); - encrypt(des_input, 0); + encrypt((char*)des_input, 0); Collapse(des_input, cipher); #if 0 @@ -348,6 +313,8 @@ ChapMS_NT( char *rchallenge, u_char unicodePassword[MAX_NT_PASSWORD * 2]; static int low_byte_first = -1; + LWIP_UNUSED_ARG(rchallenge_len); + /* Initialize the Unicode version of the secret (== password). */ /* This implicitly supports 8-bit ISO8859/1 characters. */ BZERO(unicodePassword, sizeof(unicodePassword)); @@ -361,12 +328,12 @@ ChapMS_NT( char *rchallenge, low_byte_first = (htons((unsigned short int)1) != 1); } if (low_byte_first == 0) { - MDreverse((u_long *)&md4Context); /* sfb 961105 */ + MDreverse((unsigned int*)&md4Context); /* sfb 961105 */ } MDupdate(&md4Context, NULL, 0); /* Tell MD4 we're done */ - ChallengeResponse(rchallenge, (char *)md4Context.buffer, response->NTResp); + ChallengeResponse((u_char*)rchallenge, (u_char*)md4Context.buffer, response->NTResp); } #ifdef MSLANMAN @@ -394,6 +361,35 @@ ChapMS_LANMan( char *rchallenge, } #endif +void +ChapMS( chap_state *cstate, char *rchallenge, int rchallenge_len, char *secret, int secret_len) +{ + MS_ChapResponse response; +#ifdef MSLANMAN + extern int ms_lanman; +#endif + +#if 0 + CHAPDEBUG((LOG_INFO, "ChapMS: secret is '%.*s'\n", secret_len, secret)); +#endif + BZERO(&response, sizeof(response)); + + /* Calculate both always */ + ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, &response); + +#ifdef MSLANMAN + ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, &response); + + /* prefered method is set by option */ + response.UseNT = !ms_lanman; +#else + response.UseNT = 1; +#endif + + BCOPY(&response, cstate->response, MS_CHAP_RESPONSE_LEN); + cstate->resp_length = MS_CHAP_RESPONSE_LEN; +} + #endif /* MSCHAP_SUPPORT */ #endif /* PPP_SUPPORT */ diff --git a/src/netif/ppp/fsm.c b/src/netif/ppp/fsm.c index ee549f23..c998534a 100644 --- a/src/netif/ppp/fsm.c +++ b/src/netif/ppp/fsm.c @@ -66,13 +66,7 @@ #include - -/*************************/ -/*** LOCAL DEFINITIONS ***/ -/*************************/ - #if PPP_DEBUG - static const char *ppperr_strerr[] = { "LS_INITIAL", /* LS_INITIAL 0 */ "LS_STARTING", /* LS_STARTING 1 */ @@ -85,17 +79,8 @@ static const char *ppperr_strerr[] = { "LS_ACKSENT", /* LS_ACKSENT 8 */ "LS_OPENED" /* LS_OPENED 9 */ }; - #endif /* PPP_DEBUG */ -/************************/ -/*** LOCAL DATA TYPES ***/ -/************************/ - - -/***********************************/ -/*** LOCAL FUNCTION DECLARATIONS ***/ -/***********************************/ static void fsm_timeout (void *); static void fsm_rconfreq (fsm *, u_char, u_char *, int); static void fsm_rconfack (fsm *, int, u_char *, int); @@ -107,22 +92,9 @@ static void fsm_sconfreq (fsm *, int); #define PROTO_NAME(f) ((f)->callbacks->proto_name) - -/******************************/ -/*** PUBLIC DATA STRUCTURES ***/ -/******************************/ - - -/*****************************/ -/*** LOCAL DATA STRUCTURES ***/ -/*****************************/ int peer_mru[NUM_PPP]; -/***********************************/ -/*** PUBLIC FUNCTION DEFINITIONS ***/ -/***********************************/ - /* * fsm_init - Initialize fsm. * @@ -328,32 +300,65 @@ fsm_close(fsm *f, char *reason) /* - * fsm_sdata - Send some data. - * - * Used for all packets sent to our peer by this module. + * fsm_timeout - Timeout expired. */ -void -fsm_sdata( fsm *f, u_char code, u_char id, u_char *data, int datalen) +static void +fsm_timeout(void *arg) { - u_char *outp; - int outlen; + fsm *f = (fsm *) arg; - /* Adjust length to be smaller than MTU */ - outp = outpacket_buf[f->unit]; - if (datalen > peer_mru[f->unit] - (int)HEADERLEN) { - datalen = peer_mru[f->unit] - HEADERLEN; + switch (f->state) { + case LS_CLOSING: + case LS_STOPPING: + if( f->retransmits <= 0 ) { + FSMDEBUG((LOG_WARNING, "%s: timeout sending Terminate-Request state=%d (%s)\n", + PROTO_NAME(f), f->state, ppperr_strerr[f->state])); + /* + * We've waited for an ack long enough. Peer probably heard us. + */ + f->state = (f->state == LS_CLOSING)? LS_CLOSED: LS_STOPPED; + if( f->callbacks->finished ) { + (*f->callbacks->finished)(f); + } + } else { + FSMDEBUG((LOG_WARNING, "%s: timeout resending Terminate-Requests state=%d (%s)\n", + PROTO_NAME(f), f->state, ppperr_strerr[f->state])); + /* Send Terminate-Request */ + fsm_sdata(f, TERMREQ, f->reqid = ++f->id, + (u_char *) f->term_reason, f->term_reason_len); + TIMEOUT(fsm_timeout, f, f->timeouttime); + --f->retransmits; + } + break; + + case LS_REQSENT: + case LS_ACKRCVD: + case LS_ACKSENT: + if (f->retransmits <= 0) { + FSMDEBUG((LOG_WARNING, "%s: timeout sending Config-Requests state=%d (%s)\n", + PROTO_NAME(f), f->state, ppperr_strerr[f->state])); + f->state = LS_STOPPED; + if( (f->flags & OPT_PASSIVE) == 0 && f->callbacks->finished ) { + (*f->callbacks->finished)(f); + } + } else { + FSMDEBUG((LOG_WARNING, "%s: timeout resending Config-Request state=%d (%s)\n", + PROTO_NAME(f), f->state, ppperr_strerr[f->state])); + /* Retransmit the configure-request */ + if (f->callbacks->retransmit) { + (*f->callbacks->retransmit)(f); + } + fsm_sconfreq(f, 1); /* Re-send Configure-Request */ + if( f->state == LS_ACKRCVD ) { + f->state = LS_REQSENT; + } + } + break; + + default: + FSMDEBUG((LOG_INFO, "%s: UNHANDLED timeout event in state %d (%s)!\n", + PROTO_NAME(f), f->state, ppperr_strerr[f->state])); } - if (datalen && data != outp + PPP_HDRLEN + HEADERLEN) { - BCOPY(data, outp + PPP_HDRLEN + HEADERLEN, datalen); - } - outlen = datalen + HEADERLEN; - MAKEHEADER(outp, f->protocol); - PUTCHAR(code, outp); - PUTCHAR(id, outp); - PUTSHORT(outlen, outp); - pppWrite(f->unit, outpacket_buf[f->unit], outlen + PPP_HDRLEN); - FSMDEBUG((LOG_INFO, "fsm_sdata(%s): Sent code %d,%d,%d.\n", - PROTO_NAME(f), code, id, outlen)); } @@ -436,129 +441,6 @@ fsm_input(fsm *f, u_char *inpacket, int l) } -/* - * fsm_protreject - Peer doesn't speak this protocol. - * - * Treat this as a catastrophic error (RXJ-). - */ -void -fsm_protreject(fsm *f) -{ - switch( f->state ) { - case LS_CLOSING: - UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */ - /* fall through */ - case LS_CLOSED: - f->state = LS_CLOSED; - if( f->callbacks->finished ) { - (*f->callbacks->finished)(f); - } - break; - - case LS_STOPPING: - case LS_REQSENT: - case LS_ACKRCVD: - case LS_ACKSENT: - UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */ - /* fall through */ - case LS_STOPPED: - f->state = LS_STOPPED; - if( f->callbacks->finished ) { - (*f->callbacks->finished)(f); - } - break; - - case LS_OPENED: - if( f->callbacks->down ) { - (*f->callbacks->down)(f); - } - /* Init restart counter, send Terminate-Request */ - f->retransmits = f->maxtermtransmits; - fsm_sdata(f, TERMREQ, f->reqid = ++f->id, - (u_char *) f->term_reason, f->term_reason_len); - TIMEOUT(fsm_timeout, f, f->timeouttime); - --f->retransmits; - - f->state = LS_STOPPING; - break; - - default: - FSMDEBUG((LOG_INFO, "%s: Protocol-reject event in state %d (%s)!\n", - PROTO_NAME(f), f->state, ppperr_strerr[f->state])); - } -} - - - - - -/**********************************/ -/*** LOCAL FUNCTION DEFINITIONS ***/ -/**********************************/ - -/* - * fsm_timeout - Timeout expired. - */ -static void -fsm_timeout(void *arg) -{ - fsm *f = (fsm *) arg; - - switch (f->state) { - case LS_CLOSING: - case LS_STOPPING: - if( f->retransmits <= 0 ) { - FSMDEBUG((LOG_WARNING, "%s: timeout sending Terminate-Request state=%d (%s)\n", - PROTO_NAME(f), f->state, ppperr_strerr[f->state])); - /* - * We've waited for an ack long enough. Peer probably heard us. - */ - f->state = (f->state == LS_CLOSING)? LS_CLOSED: LS_STOPPED; - if( f->callbacks->finished ) { - (*f->callbacks->finished)(f); - } - } else { - FSMDEBUG((LOG_WARNING, "%s: timeout resending Terminate-Requests state=%d (%s)\n", - PROTO_NAME(f), f->state, ppperr_strerr[f->state])); - /* Send Terminate-Request */ - fsm_sdata(f, TERMREQ, f->reqid = ++f->id, - (u_char *) f->term_reason, f->term_reason_len); - TIMEOUT(fsm_timeout, f, f->timeouttime); - --f->retransmits; - } - break; - - case LS_REQSENT: - case LS_ACKRCVD: - case LS_ACKSENT: - if (f->retransmits <= 0) { - FSMDEBUG((LOG_WARNING, "%s: timeout sending Config-Requests state=%d (%s)\n", - PROTO_NAME(f), f->state, ppperr_strerr[f->state])); - f->state = LS_STOPPED; - if( (f->flags & OPT_PASSIVE) == 0 && f->callbacks->finished ) { - (*f->callbacks->finished)(f); - } - } else { - FSMDEBUG((LOG_WARNING, "%s: timeout resending Config-Request state=%d (%s)\n", - PROTO_NAME(f), f->state, ppperr_strerr[f->state])); - /* Retransmit the configure-request */ - if (f->callbacks->retransmit) { - (*f->callbacks->retransmit)(f); - } - fsm_sconfreq(f, 1); /* Re-send Configure-Request */ - if( f->state == LS_ACKRCVD ) { - f->state = LS_REQSENT; - } - } - break; - - default: - FSMDEBUG((LOG_INFO, "%s: UNHANDLED timeout event in state %d (%s)!\n", - PROTO_NAME(f), f->state, ppperr_strerr[f->state])); - } -} - - /* * fsm_rconfreq - Receive Configure-Request. */ @@ -853,6 +735,59 @@ fsm_rcoderej(fsm *f, u_char *inp, int len) } +/* + * fsm_protreject - Peer doesn't speak this protocol. + * + * Treat this as a catastrophic error (RXJ-). + */ +void +fsm_protreject(fsm *f) +{ + switch( f->state ) { + case LS_CLOSING: + UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */ + /* fall through */ + case LS_CLOSED: + f->state = LS_CLOSED; + if( f->callbacks->finished ) { + (*f->callbacks->finished)(f); + } + break; + + case LS_STOPPING: + case LS_REQSENT: + case LS_ACKRCVD: + case LS_ACKSENT: + UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */ + /* fall through */ + case LS_STOPPED: + f->state = LS_STOPPED; + if( f->callbacks->finished ) { + (*f->callbacks->finished)(f); + } + break; + + case LS_OPENED: + if( f->callbacks->down ) { + (*f->callbacks->down)(f); + } + /* Init restart counter, send Terminate-Request */ + f->retransmits = f->maxtermtransmits; + fsm_sdata(f, TERMREQ, f->reqid = ++f->id, + (u_char *) f->term_reason, f->term_reason_len); + TIMEOUT(fsm_timeout, f, f->timeouttime); + --f->retransmits; + + f->state = LS_STOPPING; + break; + + default: + FSMDEBUG((LOG_INFO, "%s: Protocol-reject event in state %d (%s)!\n", + PROTO_NAME(f), f->state, ppperr_strerr[f->state])); + } +} + + /* * fsm_sconfreq - Send a Configure-Request. */ @@ -905,4 +840,33 @@ fsm_sconfreq(fsm *f, int retransmit) PROTO_NAME(f), f->reqid)); } +/* + * fsm_sdata - Send some data. + * + * Used for all packets sent to our peer by this module. + */ +void +fsm_sdata( fsm *f, u_char code, u_char id, u_char *data, int datalen) +{ + u_char *outp; + int outlen; + + /* Adjust length to be smaller than MTU */ + outp = outpacket_buf[f->unit]; + if (datalen > peer_mru[f->unit] - (int)HEADERLEN) { + datalen = peer_mru[f->unit] - HEADERLEN; + } + if (datalen && data != outp + PPP_HDRLEN + HEADERLEN) { + BCOPY(data, outp + PPP_HDRLEN + HEADERLEN, datalen); + } + outlen = datalen + HEADERLEN; + MAKEHEADER(outp, f->protocol); + PUTCHAR(code, outp); + PUTCHAR(id, outp); + PUTSHORT(outlen, outp); + pppWrite(f->unit, outpacket_buf[f->unit], outlen + PPP_HDRLEN); + FSMDEBUG((LOG_INFO, "fsm_sdata(%s): Sent code %d,%d,%d.\n", + PROTO_NAME(f), code, id, outlen)); +} + #endif /* PPP_SUPPORT */ diff --git a/src/netif/ppp/fsm.h b/src/netif/ppp/fsm.h index 14034ec7..8d41b5f5 100644 --- a/src/netif/ppp/fsm.h +++ b/src/netif/ppp/fsm.h @@ -48,15 +48,12 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: fsm.h,v 1.4 2007/12/19 20:47:23 fbernon Exp $ + * $Id: fsm.h,v 1.5 2009/12/31 17:08:08 goldsimon Exp $ */ #ifndef FSM_H #define FSM_H -/***************************************************************************** -************************* PUBLIC DEFINITIONS ********************************* -*****************************************************************************/ /* * LCP Packet header = Code, id, length. */ @@ -74,31 +71,7 @@ #define TERMACK 6 /* Termination Ack */ #define CODEREJ 7 /* Code Reject */ -/* - * Link states. - */ -#define LS_INITIAL 0 /* Down, hasn't been opened */ -#define LS_STARTING 1 /* Down, been opened */ -#define LS_CLOSED 2 /* Up, hasn't been opened */ -#define LS_STOPPED 3 /* Open, waiting for down event */ -#define LS_CLOSING 4 /* Terminating the connection, not open */ -#define LS_STOPPING 5 /* Terminating, but open */ -#define LS_REQSENT 6 /* We've sent a Config Request */ -#define LS_ACKRCVD 7 /* We've received a Config Ack */ -#define LS_ACKSENT 8 /* We've sent a Config Ack */ -#define LS_OPENED 9 /* Connection available */ -/* - * Flags - indicate options controlling FSM operation - */ -#define OPT_PASSIVE 1 /* Don't die if we don't get a response */ -#define OPT_RESTART 2 /* Treat 2nd OPEN as DOWN, UP */ -#define OPT_SILENT 4 /* Wait for peer to speak first */ - - -/***************************************************************************** -************************* PUBLIC DATA TYPES ********************************** -*****************************************************************************/ /* * Each FSM is described by an fsm structure and fsm callbacks. */ @@ -141,18 +114,27 @@ typedef struct fsm_callbacks { } fsm_callbacks; -/***************************************************************************** -*********************** PUBLIC DATA STRUCTURES ******************************* -*****************************************************************************/ /* - * Variables + * Link states. */ -extern int peer_mru[]; /* currently negotiated peer MRU (per unit) */ +#define LS_INITIAL 0 /* Down, hasn't been opened */ +#define LS_STARTING 1 /* Down, been opened */ +#define LS_CLOSED 2 /* Up, hasn't been opened */ +#define LS_STOPPED 3 /* Open, waiting for down event */ +#define LS_CLOSING 4 /* Terminating the connection, not open */ +#define LS_STOPPING 5 /* Terminating, but open */ +#define LS_REQSENT 6 /* We've sent a Config Request */ +#define LS_ACKRCVD 7 /* We've received a Config Ack */ +#define LS_ACKSENT 8 /* We've sent a Config Ack */ +#define LS_OPENED 9 /* Connection available */ +/* + * Flags - indicate options controlling FSM operation + */ +#define OPT_PASSIVE 1 /* Don't die if we don't get a response */ +#define OPT_RESTART 2 /* Treat 2nd OPEN as DOWN, UP */ +#define OPT_SILENT 4 /* Wait for peer to speak first */ -/***************************************************************************** -************************** PUBLIC FUNCTIONS ********************************** -*****************************************************************************/ /* * Prototypes @@ -166,4 +148,10 @@ void fsm_input (fsm*, u_char*, int); void fsm_protreject (fsm*); void fsm_sdata (fsm*, u_char, u_char, u_char*, int); + +/* + * Variables + */ +extern int peer_mru[]; /* currently negotiated peer MRU (per unit) */ + #endif /* FSM_H */ diff --git a/src/netif/ppp/ipcp.c b/src/netif/ppp/ipcp.c index 0ff4ce3f..e530d067 100644 --- a/src/netif/ppp/ipcp.c +++ b/src/netif/ppp/ipcp.c @@ -1,3 +1,5 @@ +/** In contrast to pppd 2.3.1, DNS support has been added, proxy-ARP and + dial-on-demand has been stripped. */ /***************************************************************************** * ipcp.c - Network PPP IP Control Protocol program file. * @@ -63,25 +65,18 @@ #include -/*************************/ -/*** LOCAL DEFINITIONS ***/ -/*************************/ /* #define OLD_CI_ADDRS 1 */ /* Support deprecated address negotiation. */ -/* - * Lengths of configuration options. - */ -#define CILEN_VOID 2 -#define CILEN_COMPRESS 4 /* min length for compression protocol opt. */ -#define CILEN_VJ 6 /* length for RFC1332 Van-Jacobson opt. */ -#define CILEN_ADDR 6 /* new-style single address option */ -#define CILEN_ADDRS 10 /* old-style dual address option */ +/* global vars */ +ipcp_options ipcp_wantoptions[NUM_PPP]; /* Options that we want to request */ +ipcp_options ipcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */ +ipcp_options ipcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */ +ipcp_options ipcp_hisoptions[NUM_PPP]; /* Options that we ack'd */ +/* local vars */ +static int cis_received[NUM_PPP]; /* # Conf-Reqs received */ +static int default_route_set[NUM_PPP]; /* Have set up a default route */ - -/***********************************/ -/*** LOCAL FUNCTION DECLARATIONS ***/ -/***********************************/ /* * Callbacks for fsm code. (CI = Configuration Information) */ @@ -94,70 +89,14 @@ static int ipcp_rejci (fsm *, u_char *, int); /* Peer rej'd our CI */ static int ipcp_reqci (fsm *, u_char *, int *, int); /* Rcv CI */ static void ipcp_up (fsm *); /* We're UP */ static void ipcp_down (fsm *); /* We're DOWN */ -#if 0 +#if PPP_ADDITIONAL_CALLBACKS static void ipcp_script (fsm *, char *); /* Run an up/down script */ #endif static void ipcp_finished (fsm *); /* Don't need lower layer */ -/* - * Protocol entry points from main code. - */ -static void ipcp_init (int); -static void ipcp_open (int); -static void ipcp_close (int, char *); -static void ipcp_lowerup (int); -static void ipcp_lowerdown (int); -static void ipcp_input (int, u_char *, int); -static void ipcp_protrej (int); - -static void ipcp_clear_addrs (int); - -#define CODENAME(x) ((x) == CONFACK ? "ACK" : \ - (x) == CONFNAK ? "NAK" : "REJ") - - - -/******************************/ -/*** PUBLIC DATA STRUCTURES ***/ -/******************************/ -/* global vars */ -ipcp_options ipcp_wantoptions[NUM_PPP]; /* Options that we want to request */ -ipcp_options ipcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */ -ipcp_options ipcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */ -ipcp_options ipcp_hisoptions[NUM_PPP]; /* Options that we ack'd */ fsm ipcp_fsm[NUM_PPP]; /* IPCP fsm structure */ -struct protent ipcp_protent = { - PPP_IPCP, - ipcp_init, - ipcp_input, - ipcp_protrej, - ipcp_lowerup, - ipcp_lowerdown, - ipcp_open, - ipcp_close, -#if 0 - ipcp_printpkt, - NULL, -#endif - 1, - "IPCP", -#if 0 - ip_check_options, - NULL, - ip_active_pkt -#endif -}; - - - -/*****************************/ -/*** LOCAL DATA STRUCTURES ***/ -/*****************************/ -/* local vars */ -static int cis_received[NUM_PPP]; /* # Conf-Reqs received */ -static int default_route_set[NUM_PPP]; /* Have set up a default route */ static fsm_callbacks ipcp_callbacks = { /* IPCP callback routines */ ipcp_resetci, /* Reset our Configuration Information */ @@ -177,11 +116,55 @@ static fsm_callbacks ipcp_callbacks = { /* IPCP callback routines */ "IPCP" /* String name of protocol */ }; +/* + * Protocol entry points from main code. + */ +static void ipcp_init (int); +static void ipcp_open (int); +static void ipcp_close (int, char *); +static void ipcp_lowerup (int); +static void ipcp_lowerdown (int); +static void ipcp_input (int, u_char *, int); +static void ipcp_protrej (int); -/**********************************/ -/*** LOCAL FUNCTION DEFINITIONS ***/ -/**********************************/ +struct protent ipcp_protent = { + PPP_IPCP, + ipcp_init, + ipcp_input, + ipcp_protrej, + ipcp_lowerup, + ipcp_lowerdown, + ipcp_open, + ipcp_close, +#if PPP_ADDITIONAL_CALLBACKS + ipcp_printpkt, + NULL, +#endif /* PPP_ADDITIONAL_CALLBACKS */ + 1, + "IPCP", +#if PPP_ADDITIONAL_CALLBACKS + ip_check_options, + NULL, + ip_active_pkt +#endif /* PPP_ADDITIONAL_CALLBACKS */ +}; + +static void ipcp_clear_addrs (int); + +/* + * Lengths of configuration options. + */ +#define CILEN_VOID 2 +#define CILEN_COMPRESS 4 /* min length for compression protocol opt. */ +#define CILEN_VJ 6 /* length for RFC1332 Van-Jacobson opt. */ +#define CILEN_ADDR 6 /* new-style single address option */ +#define CILEN_ADDRS 10 /* old-style dual address option */ + + +#define CODENAME(x) ((x) == CONFACK ? "ACK" : \ + (x) == CONFNAK ? "NAK" : "REJ") + #define inet_ntoa(addr) ip_ntoa(((struct ip_addr*)&(addr))) @@ -1361,7 +1344,7 @@ ipcp_finished(fsm *f) np_finished(f->unit, PPP_IP); } -#if 0 +#if PPP_ADDITIONAL_CALLBACKS static int ipcp_printpkt(u_char *p, int plen, void (*printer) (void *, char *, ...), void *arg) { @@ -1422,6 +1405,6 @@ ip_active_pkt(u_char *pkt, int len) } return 1; } -#endif +#endif /* PPP_ADDITIONAL_CALLBACKS */ #endif /* PPP_SUPPORT */ diff --git a/src/netif/ppp/lcp.c b/src/netif/ppp/lcp.c index 85a0add9..e6c0da7b 100644 --- a/src/netif/ppp/lcp.c +++ b/src/netif/ppp/lcp.c @@ -72,25 +72,25 @@ #define PPPOE_MAXMTU PPP_MAXMRU #endif +/* options */ +LinkPhase lcp_phase[NUM_PPP]; /* Phase of link session (RFC 1661) */ +static u_int lcp_echo_interval = LCP_ECHOINTERVAL; /* Interval between LCP echo-requests */ +static u_int lcp_echo_fails = LCP_MAXECHOFAILS; /* Tolerance to unanswered echo-requests */ -/*************************/ -/*** LOCAL DEFINITIONS ***/ -/*************************/ -/* - * Length of each type of configuration option (in octets) - */ -#define CILEN_VOID 2 -#define CILEN_CHAR 3 -#define CILEN_SHORT 4 /* CILEN_VOID + sizeof(short) */ -#define CILEN_CHAP 5 /* CILEN_VOID + sizeof(short) + 1 */ -#define CILEN_LONG 6 /* CILEN_VOID + sizeof(long) */ -#define CILEN_LQR 8 /* CILEN_VOID + sizeof(short) + sizeof(long) */ -#define CILEN_CBCP 3 +/* global vars */ +static fsm lcp_fsm[NUM_PPP]; /* LCP fsm structure (global)*/ +lcp_options lcp_wantoptions[NUM_PPP]; /* Options that we want to request */ +lcp_options lcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */ +lcp_options lcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */ +lcp_options lcp_hisoptions[NUM_PPP]; /* Options that we ack'd */ +ext_accm xmit_accm[NUM_PPP]; /* extended transmit ACCM */ +static u32_t lcp_echos_pending = 0; /* Number of outstanding echo msgs */ +static u32_t lcp_echo_number = 0; /* ID number of next echo frame */ +static u32_t lcp_echo_timer_running = 0; /* TRUE if a timer is running */ + +static u_char nak_buffer[PPP_MRU]; /* where we construct a nak packet */ -/***********************************/ -/*** LOCAL FUNCTION DECLARATIONS ***/ -/***********************************/ /* * Callbacks for fsm code. (CI = Configuration Information) */ @@ -106,12 +106,12 @@ static void lcp_down (fsm*); /* We're DOWN */ static void lcp_starting (fsm*); /* We need lower layer up */ static void lcp_finished (fsm*); /* We need lower layer down */ static int lcp_extcode (fsm*, int, u_char, u_char*, int); - static void lcp_rprotrej (fsm*, u_char*, int); /* * routines to send LCP echos to peer */ + static void lcp_echo_lowerup (int); static void lcp_echo_lowerdown (int); static void LcpEchoTimeout (void*); @@ -120,41 +120,6 @@ static void LcpSendEchoRequest (fsm*); static void LcpLinkFailure (fsm*); static void LcpEchoCheck (fsm*); -/* - * Protocol entry points. - * Some of these are called directly. - */ -static void lcp_input (int, u_char *, int); -static void lcp_protrej (int); - -#define CODENAME(x) ((x) == CONFACK ? "ACK" : (x) == CONFNAK ? "NAK" : "REJ") - - -/******************************/ -/*** PUBLIC DATA STRUCTURES ***/ -/******************************/ -/* global vars */ -LinkPhase lcp_phase[NUM_PPP]; /* Phase of link session (RFC 1661) */ -lcp_options lcp_wantoptions[NUM_PPP]; /* Options that we want to request */ -lcp_options lcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */ -lcp_options lcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */ -lcp_options lcp_hisoptions[NUM_PPP]; /* Options that we ack'd */ -ext_accm xmit_accm[NUM_PPP]; /* extended transmit ACCM */ - - - -/*****************************/ -/*** LOCAL DATA STRUCTURES ***/ -/*****************************/ -static fsm lcp_fsm[NUM_PPP]; /* LCP fsm structure (global)*/ -static u_int lcp_echo_interval = LCP_ECHOINTERVAL; /* Interval between LCP echo-requests */ -static u_int lcp_echo_fails = LCP_MAXECHOFAILS; /* Tolerance to unanswered echo-requests */ -static u32_t lcp_echos_pending = 0; /* Number of outstanding echo msgs */ -static u32_t lcp_echo_number = 0; /* ID number of next echo frame */ -static u32_t lcp_echo_timer_running = 0; /* TRUE if a timer is running */ - -static u_char nak_buffer[PPP_MRU]; /* where we construct a nak packet */ - static fsm_callbacks lcp_callbacks = { /* LCP callback routines */ lcp_resetci, /* Reset our Configuration Information */ lcp_cilen, /* Length of our Configuration Information */ @@ -173,6 +138,13 @@ static fsm_callbacks lcp_callbacks = { /* LCP callback routines */ "LCP" /* String name of protocol */ }; +/* + * Protocol entry points. + * Some of these are called directly. + */ +static void lcp_input (int, u_char *, int); +static void lcp_protrej (int); + struct protent lcp_protent = { PPP_LCP, lcp_init, @@ -182,26 +154,35 @@ struct protent lcp_protent = { lcp_lowerdown, lcp_open, lcp_close, -#if 0 +#if PPP_ADDITIONAL_CALLBACKS lcp_printpkt, NULL, -#endif +#endif /* PPP_ADDITIONAL_CALLBACKS */ 1, "LCP", -#if 0 +#if PPP_ADDITIONAL_CALLBACKS NULL, NULL, NULL -#endif +#endif /* PPP_ADDITIONAL_CALLBACKS */ }; int lcp_loopbackfail = DEFLOOPBACKFAIL; +/* + * Length of each type of configuration option (in octets) + */ +#define CILEN_VOID 2 +#define CILEN_CHAR 3 +#define CILEN_SHORT 4 /* CILEN_VOID + sizeof(short) */ +#define CILEN_CHAP 5 /* CILEN_VOID + sizeof(short) + 1 */ +#define CILEN_LONG 6 /* CILEN_VOID + sizeof(long) */ +#define CILEN_LQR 8 /* CILEN_VOID + sizeof(short) + sizeof(long) */ +#define CILEN_CBCP 3 + +#define CODENAME(x) ((x) == CONFACK ? "ACK" : (x) == CONFNAK ? "NAK" : "REJ") -/***********************************/ -/*** PUBLIC FUNCTION DEFINITIONS ***/ -/***********************************/ /* * lcp_init - Initialize LCP. */ @@ -356,21 +337,6 @@ lcp_lowerdown(int unit) fsm_lowerdown(&lcp_fsm[unit]); } -/* - * lcp_sprotrej - Send a Protocol-Reject for some protocol. - */ -void -lcp_sprotrej(int unit, u_char *p, int len) -{ - /* - * Send back the protocol and the information field of the - * rejected packet. We only get here if LCP is in the LS_OPENED state. - */ - - fsm_sdata(&lcp_fsm[unit], PROTREJ, ++lcp_fsm[unit].id, p, len); -} - - /**********************************/ /*** LOCAL FUNCTION DEFINITIONS ***/ @@ -483,6 +449,21 @@ lcp_protrej(int unit) } +/* + * lcp_sprotrej - Send a Protocol-Reject for some protocol. + */ +void +lcp_sprotrej(int unit, u_char *p, int len) +{ + /* + * Send back the protocol and the information field of the + * rejected packet. We only get here if LCP is in the LS_OPENED state. + */ + + fsm_sdata(&lcp_fsm[unit], PROTREJ, ++lcp_fsm[unit].id, p, len); +} + + /* * lcp_resetci - Reset our CI. */ @@ -1382,7 +1363,7 @@ lcp_reqci(fsm *f, } GETCHAR(cichar, p); /* get digest type*/ if (cichar != CHAP_DIGEST_MD5 -#ifdef CHAPMS +#if MSCHAP_SUPPORT && cichar != CHAP_MICROSOFT #endif ) { @@ -1691,7 +1672,7 @@ lcp_finished(fsm *f) } -#if 0 +#if PPP_ADDITIONAL_CALLBACKS /* * print_string - print a readable representation of a string using * printer. @@ -1898,7 +1879,7 @@ lcp_printpkt( u_char *p, int plen, void (*printer) (void *, char *, ...), void * return (int)(p - pstart); } -#endif +#endif /* PPP_ADDITIONAL_CALLBACKS */ /* * Time to shut down the link because there is nothing out there. diff --git a/src/netif/ppp/pap.c b/src/netif/ppp/pap.c index e8c45dff..af1c0e0f 100644 --- a/src/netif/ppp/pap.c +++ b/src/netif/ppp/pap.c @@ -63,9 +63,6 @@ #include -/***********************************/ -/*** LOCAL FUNCTION DECLARATIONS ***/ -/***********************************/ /* * Protocol entry points. */ @@ -75,6 +72,30 @@ static void upap_lowerdown (int); static void upap_input (int, u_char *, int); static void upap_protrej (int); +struct protent pap_protent = { + PPP_PAP, + upap_init, + upap_input, + upap_protrej, + upap_lowerup, + upap_lowerdown, + NULL, + NULL, +#if PPP_ADDITIONAL_CALLBACKS + upap_printpkt, + NULL, +#endif /* PPP_ADDITIONAL_CALLBACKS */ + 1, + "PAP", +#if PPP_ADDITIONAL_CALLBACKS + NULL, + NULL, + NULL +#endif /* PPP_ADDITIONAL_CALLBACKS */ +}; + +upap_state upap[NUM_PPP]; /* UPAP state; one for each unit */ + static void upap_timeout (void *); static void upap_reqtimeout(void *); static void upap_rauthreq (upap_state *, u_char *, int, int); @@ -84,53 +105,27 @@ static void upap_sauthreq (upap_state *); static void upap_sresp (upap_state *, u_char, u_char, char *, int); -/******************************/ -/*** PUBLIC DATA STRUCTURES ***/ -/******************************/ -struct protent pap_protent = { - PPP_PAP, - upap_init, - upap_input, - upap_protrej, - upap_lowerup, - upap_lowerdown, - NULL, - NULL, -#if 0 - upap_printpkt, - NULL, -#endif - 1, - "PAP", -#if 0 - NULL, - NULL, - NULL -#endif -}; - -upap_state upap[NUM_PPP]; /* UPAP state; one for each unit */ - - - -/***********************************/ -/*** PUBLIC FUNCTION DEFINITIONS ***/ -/***********************************/ /* - * Set the default login name and password for the pap sessions + * upap_init - Initialize a UPAP unit. */ -void -upap_setloginpasswd(int unit, const char *luser, const char *lpassword) +static void +upap_init(int unit) { upap_state *u = &upap[unit]; - - /* Save the username and password we're given */ - u->us_user = luser; - u->us_userlen = strlen(luser); - u->us_passwd = lpassword; - u->us_passwdlen = strlen(lpassword); -} + UPAPDEBUG((LOG_INFO, "upap_init: %d\n", unit)); + u->us_unit = unit; + u->us_user = NULL; + u->us_userlen = 0; + u->us_passwd = NULL; + u->us_passwdlen = 0; + u->us_clientstate = UPAPCS_INITIAL; + u->us_serverstate = UPAPSS_INITIAL; + u->us_id = 0; + u->us_timeouttime = UPAP_DEFTIMEOUT; + u->us_maxtransmits = 10; + u->us_reqtimeout = UPAP_DEFREQTIME; +} /* * upap_authwithpeer - Authenticate us with our peer (start client). @@ -145,7 +140,11 @@ upap_authwithpeer(int unit, char *user, char *password) UPAPDEBUG((LOG_INFO, "upap_authwithpeer: %d user=%s password=%s s=%d\n", unit, user, password, u->us_clientstate)); - upap_setloginpasswd(unit, user, password); + /* Save the username and password we're given */ + u->us_user = user; + u->us_userlen = strlen(user); + u->us_passwd = password; + u->us_passwdlen = strlen(password); u->us_transmits = 0; @@ -183,33 +182,6 @@ upap_authpeer(int unit) } } - - -/**********************************/ -/*** LOCAL FUNCTION DEFINITIONS ***/ -/**********************************/ -/* - * upap_init - Initialize a UPAP unit. - */ -static void -upap_init(int unit) -{ - upap_state *u = &upap[unit]; - - UPAPDEBUG((LOG_INFO, "upap_init: %d\n", unit)); - u->us_unit = unit; - u->us_user = NULL; - u->us_userlen = 0; - u->us_passwd = NULL; - u->us_passwdlen = 0; - u->us_clientstate = UPAPCS_INITIAL; - u->us_serverstate = UPAPSS_INITIAL; - u->us_id = 0; - u->us_timeouttime = UPAP_DEFTIMEOUT; - u->us_maxtransmits = 10; - u->us_reqtimeout = UPAP_DEFREQTIME; -} - /* * upap_timeout - Retransmission timer for sending auth-reqs expired. */ @@ -598,7 +570,7 @@ upap_sresp(upap_state *u, u_char code, u_char id, char *msg, int msglen) UPAPDEBUG((LOG_INFO, "pap_sresp: Sent code %d, id %d s=%d\n", code, id, u->us_clientstate)); } -#if 0 +#if PPP_ADDITIONAL_CALLBACKS /* * upap_printpkt - print the contents of a PAP packet. */ @@ -615,7 +587,7 @@ static int upap_printpkt( LWIP_UNUSED_ARG(arg); return 0; } -#endif /* 0 */ +#endif /* PPP_ADDITIONAL_CALLBACKS */ #endif /* PAP_SUPPORT */ diff --git a/src/netif/ppp/pap.h b/src/netif/ppp/pap.h index 0a09fc84..770312d5 100644 --- a/src/netif/ppp/pap.h +++ b/src/netif/ppp/pap.h @@ -70,6 +70,24 @@ #define UPAP_AUTHACK 2 /* Authenticate-Ack */ #define UPAP_AUTHNAK 3 /* Authenticate-Nak */ +/* + * Each interface is described by upap structure. + */ +typedef struct upap_state { + int us_unit; /* Interface unit number */ + const char *us_user; /* User */ + int us_userlen; /* User length */ + const char *us_passwd; /* Password */ + int us_passwdlen; /* Password length */ + int us_clientstate; /* Client state */ + int us_serverstate; /* Server state */ + u_char us_id; /* Current id */ + int us_timeouttime; /* Timeout (seconds) for auth-req retrans. */ + int us_transmits; /* Number of auth-reqs sent */ + int us_maxtransmits; /* Maximum number of auth-reqs to send */ + int us_reqtimeout; /* Time to wait for auth-req from peer */ +} upap_state; + /* * Client states. */ @@ -91,33 +109,6 @@ #define UPAPSS_BADAUTH 5 /* We've sent a Nak */ -/************************ -*** PUBLIC DATA TYPES *** -************************/ - -/* - * Each interface is described by upap structure. - */ -typedef struct upap_state { - int us_unit; /* Interface unit number */ - const char *us_user; /* User */ - int us_userlen; /* User length */ - const char *us_passwd; /* Password */ - int us_passwdlen; /* Password length */ - int us_clientstate; /* Client state */ - int us_serverstate; /* Server state */ - u_char us_id; /* Current id */ - int us_timeouttime; /* Timeout (seconds) for auth-req retrans. */ - int us_transmits; /* Number of auth-reqs sent */ - int us_maxtransmits; /* Maximum number of auth-reqs to send */ - int us_reqtimeout; /* Time to wait for auth-req from peer */ -} upap_state; - - -/*********************** -*** PUBLIC FUNCTIONS *** -***********************/ - extern upap_state upap[]; void upap_setloginpasswd(int unit, const char *luser, const char *lpassword);