mirror/lwip
1
0
Fork 0
mirror of https://github.com/lwip-tcpip/lwip.git synced 2025-01-30 12:32:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Reorganised PPP source code from ucip structure to pppd structure to easily compare our code against the pppd code (around v2.3.1)

Browse Source
This commit is contained in:
goldsimon 2009-12-31 17:08:08 +00:00
parent a7bcdf4398
commit 1d45aa8d45
11 changed files with 629 additions and 781 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG
View File

@ -33,6 +33,10 @@ HISTORY
++ Bugfixes:
2009-12-31: Simon Goldschmidt
* many ppp files: Reorganised PPP source code from ucip structure to pppd
structure to easily compare our code against the pppd code (around v2.3.1)
2009-12-27: Simon Goldschmidt
* tcp_in.c: Another fix for bug #28241 (ooseq processing) and adapted
unit test

311
src/netif/ppp/auth.c
View File

@ -320,6 +320,51 @@ link_established(int unit)
}
}
/*
* Proceed to the network phase.
*/
static void
network_phase(int unit)
{
int i;
struct protent *protp;
lcp_options *go = &lcp_gotoptions[unit];
/*
* If the peer had to authenticate, run the auth-up script now.
*/
if ((go->neg_chap || go->neg_upap) && !did_authup) {
/* XXX Do setup for peer authentication. */
did_authup = 1;
}
#if CBCP_SUPPORT
/*
* If we negotiated callback, do it now.
*/
if (go->neg_cbcp) {
lcp_phase[unit] = PHASE_CALLBACK;
(*cbcp_protent.open)(unit);
return;
}
#endif /* CBCP_SUPPORT */
lcp_phase[unit] = PHASE_NETWORK;
for (i = 0; (protp = ppp_protocols[i]) != NULL; ++i) {
if (protp->protocol < 0xC000 && protp->enabled_flag && protp->open != NULL) {
(*protp->open)(unit);
if (protp->protocol != PPP_CCP) {
++num_np_open;
}
}
}
if (num_np_open == 0) {
/* nothing to do */
lcp_close(0, "No network protocols running");
}
}
/*
* The peer has failed to authenticate himself using `protocol'.
*/
@ -395,6 +440,8 @@ auth_withpeer_fail(int unit, u16_t protocol)
* not necessarily the PPP connection. It works here as long
* as we are only supporting PPP interfaces.
*/
/* @todo: Remove pppIOCtl, it is not used anywhere else.
Instead, directly set errCode. */
pppIOCtl(unit, PPPCTLS_ERRCODE, &errCode);
/*
@ -500,6 +547,85 @@ np_finished(int unit, u16_t proto)
}
}
/*
* check_idle - check whether the link has been idle for long
* enough that we can shut it down.
*/
static void
check_idle(void *arg)
{
struct ppp_idle idle;
u_short itime;
LWIP_UNUSED_ARG(arg);
if (!get_idle_time(0, &idle)) {
return;
}
itime = LWIP_MIN(idle.xmit_idle, idle.recv_idle);
if (itime >= ppp_settings.idle_time_limit) {
/* link is idle: shut it down. */
AUTHDEBUG((LOG_INFO, "Terminating connection due to lack of activity.\n"));
lcp_close(0, "Link inactive");
} else {
TIMEOUT(check_idle, NULL, ppp_settings.idle_time_limit - itime);
}
}
/*
* connect_time_expired - log a message and close the connection.
*/
static void
connect_time_expired(void *arg)
{
LWIP_UNUSED_ARG(arg);
AUTHDEBUG((LOG_INFO, "Connect time expired\n"));
lcp_close(0, "Connect time expired"); /* Close connection */
}
#if 0 /* UNUSED */
/*
* auth_check_options - called to check authentication options.
*/
void
auth_check_options(void)
{
lcp_options *wo = &lcp_wantoptions[0];
int can_auth;
ipcp_options *ipwo = &ipcp_wantoptions[0];
u32_t remote;
/* Default our_name to hostname, and user to our_name */
if (ppp_settings.our_name[0] == 0 || ppp_settings.usehostname) {
strcpy(ppp_settings.our_name, ppp_settings.hostname);
}
if (ppp_settings.user[0] == 0) {
strcpy(ppp_settings.user, ppp_settings.our_name);
}
/* If authentication is required, ask peer for CHAP or PAP. */
if (ppp_settings.auth_required && !wo->neg_chap && !wo->neg_upap) {
wo->neg_chap = 1;
wo->neg_upap = 1;
}
/*
* Check whether we have appropriate secrets to use
* to authenticate the peer.
*/
can_auth = wo->neg_upap && have_pap_secret();
if (!can_auth && wo->neg_chap) {
remote = ipwo->accept_remote? 0: ipwo->hisaddr;
can_auth = have_chap_secret(ppp_settings.remote_name, ppp_settings.our_name, remote);
}
if (ppp_settings.auth_required && !can_auth) {
ppp_panic("No auth secret");
}
}
#endif
/*
* auth_reset - called when LCP is starting negotiations to recheck
* authentication options, i.e. whether we have appropriate secrets
@ -542,7 +668,7 @@ auth_reset(int unit)
int
check_passwd( int unit, char *auser, int userlen, char *apasswd, int passwdlen, char **msg, int *msglen)
{
#if 1
#if 1 /* XXX Assume all entries OK. */
LWIP_UNUSED_ARG(unit);
LWIP_UNUSED_ARG(auser);
LWIP_UNUSED_ARG(userlen);
@ -585,7 +711,10 @@ check_passwd( int unit, char *auser, int userlen, char *apasswd, int passwdlen,
/*ppp_panic("Excess Bad Logins");*/
}
if (attempts > 3) {
sys_msleep((attempts - 3) * 5);
/* @todo: this was sleep(), i.e. seconds, not milliseconds
* I don't think we really need this in lwIP - we would block tcpip_thread!
*/
/*sys_msleep((attempts - 3) * 5);*/
}
if (addrs != NULL) {
free_wordlist(addrs);
@ -608,30 +737,6 @@ check_passwd( int unit, char *auser, int userlen, char *apasswd, int passwdlen,
#endif /* PAP_SUPPORT */
/*
* auth_ip_addr - check whether the peer is authorized to use
* a given IP address. Returns 1 if authorized, 0 otherwise.
*/
int
auth_ip_addr(int unit, u32_t addr)
{
return ip_addr_check(addr, addresses[unit]);
}
/*
* bad_ip_adrs - return 1 if the IP address is one we don't want
* to use, such as an address in the loopback net or a multicast address.
* addr is in network byte order.
*/
int
bad_ip_adrs(u32_t addr)
{
addr = ntohl(addr);
return (addr >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET
|| IN_MULTICAST(addr) || IN_BADCLASS(addr);
}
#if CHAP_SUPPORT
/*
* get_secret - open the CHAP secret file and return the secret
@ -696,135 +801,6 @@ int get_secret( int unit, char *client, char *server, char *secret, int *secret_
}
#endif /* CHAP_SUPPORT */
#if 0 /* UNUSED */
/*
* auth_check_options - called to check authentication options.
*/
void
auth_check_options(void)
{
lcp_options *wo = &lcp_wantoptions[0];
int can_auth;
ipcp_options *ipwo = &ipcp_wantoptions[0];
u32_t remote;
/* Default our_name to hostname, and user to our_name */
if (ppp_settings.our_name[0] == 0 || ppp_settings.usehostname) {
strcpy(ppp_settings.our_name, ppp_settings.hostname);
}
if (ppp_settings.user[0] == 0) {
strcpy(ppp_settings.user, ppp_settings.our_name);
}
/* If authentication is required, ask peer for CHAP or PAP. */
if (ppp_settings.auth_required && !wo->neg_chap && !wo->neg_upap) {
wo->neg_chap = 1;
wo->neg_upap = 1;
}
/*
* Check whether we have appropriate secrets to use
* to authenticate the peer.
*/
can_auth = wo->neg_upap && have_pap_secret();
if (!can_auth && wo->neg_chap) {
remote = ipwo->accept_remote? 0: ipwo->hisaddr;
can_auth = have_chap_secret(ppp_settings.remote_name, ppp_settings.our_name, remote);
}
if (ppp_settings.auth_required && !can_auth) {
ppp_panic("No auth secret");
}
}
#endif
/**********************************/
/*** LOCAL FUNCTION DEFINITIONS ***/
/**********************************/
/*
* Proceed to the network phase.
*/
static void
network_phase(int unit)
{
int i;
struct protent *protp;
lcp_options *go = &lcp_gotoptions[unit];
/*
* If the peer had to authenticate, run the auth-up script now.
*/
if ((go->neg_chap || go->neg_upap) && !did_authup) {
/* XXX Do setup for peer authentication. */
did_authup = 1;
}
#if CBCP_SUPPORT
/*
* If we negotiated callback, do it now.
*/
if (go->neg_cbcp) {
lcp_phase[unit] = PHASE_CALLBACK;
(*cbcp_protent.open)(unit);
return;
}
#endif /* CBCP_SUPPORT */
lcp_phase[unit] = PHASE_NETWORK;
for (i = 0; (protp = ppp_protocols[i]) != NULL; ++i) {
if (protp->protocol < 0xC000 && protp->enabled_flag && protp->open != NULL) {
(*protp->open)(unit);
if (protp->protocol != PPP_CCP) {
++num_np_open;
}
}
}
if (num_np_open == 0) {
/* nothing to do */
lcp_close(0, "No network protocols running");
}
}
/*
* check_idle - check whether the link has been idle for long
* enough that we can shut it down.
*/
static void
check_idle(void *arg)
{
struct ppp_idle idle;
u_short itime;
LWIP_UNUSED_ARG(arg);
if (!get_idle_time(0, &idle)) {
return;
}
itime = LWIP_MIN(idle.xmit_idle, idle.recv_idle);
if (itime >= ppp_settings.idle_time_limit) {
/* link is idle: shut it down. */
AUTHDEBUG((LOG_INFO, "Terminating connection due to lack of activity.\n"));
lcp_close(0, "Link inactive");
} else {
TIMEOUT(check_idle, NULL, ppp_settings.idle_time_limit - itime);
}
}
/*
* connect_time_expired - log a message and close the connection.
*/
static void
connect_time_expired(void *arg)
{
LWIP_UNUSED_ARG(arg);
AUTHDEBUG((LOG_INFO, "Connect time expired\n"));
lcp_close(0, "Connect time expired"); /* Close connection */
}
#if 0
/*
* login - Check the user name and password against the system
@ -878,6 +854,8 @@ get_pap_passwd(int unit, char *user, char *passwd)
but this causes problems with some providers (like CHT in Taiwan)
who incorrectly request PAP and expect a bogus/empty password, so
always provide a default user/passwd of "none"/"none"
@todo: This should be configured by the user, instead of being hardcoded here!
*/
if(user) {
strcpy(user, "none");
@ -954,6 +932,16 @@ set_allowed_addrs(int unit, struct wordlist *addrs)
}
#endif /* 0 */ /* PAP_SUPPORT || CHAP_SUPPORT */
/*
* auth_ip_addr - check whether the peer is authorized to use
* a given IP address. Returns 1 if authorized, 0 otherwise.
*/
int
auth_ip_addr(int unit, u32_t addr)
{
return ip_addr_check(addr, addresses[unit]);
}
static int
ip_addr_check(u32_t addr, struct wordlist *addrs)
{
@ -970,6 +958,19 @@ ip_addr_check(u32_t addr, struct wordlist *addrs)
return 1;
}
/*
* bad_ip_adrs - return 1 if the IP address is one we don't want
* to use, such as an address in the loopback net or a multicast address.
* addr is in network byte order.
*/
int
bad_ip_adrs(u32_t addr)
{
addr = ntohl(addr);
return (addr >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET
|| IN_MULTICAST(addr) || IN_BADCLASS(addr);
}
#if 0 /* PAP_SUPPORT || CHAP_SUPPORT */
/*
* free_wordlist - release memory allocated for a wordlist.

140
src/netif/ppp/chap.c
View File

@ -84,19 +84,6 @@
#include <string.h>
/*************************/
/*** LOCAL DEFINITIONS ***/
/*************************/
/************************/
/*** LOCAL DATA TYPES ***/
/************************/
/***********************************/
/*** LOCAL FUNCTION DECLARATIONS ***/
/***********************************/
/*
* Protocol entry points.
*/
@ -105,10 +92,34 @@ static void ChapLowerUp (int);
static void ChapLowerDown (int);
static void ChapInput (int, u_char *, int);
static void ChapProtocolReject (int);
#if 0
#if PPP_ADDITIONAL_CALLBACKS
static int ChapPrintPkt (u_char *, int, void (*) (void *, char *, ...), void *);
#endif
struct protent chap_protent = {
PPP_CHAP,
ChapInit,
ChapInput,
ChapProtocolReject,
ChapLowerUp,
ChapLowerDown,
NULL,
NULL,
#if PPP_ADDITIONAL_CALLBACKS
ChapPrintPkt,
NULL,
#endif /* PPP_ADDITIONAL_CALLBACKS */
1,
"CHAP",
#if PPP_ADDITIONAL_CALLBACKS
NULL,
NULL,
NULL
#endif /* PPP_ADDITIONAL_CALLBACKS */
};
chap_state chap[NUM_PPP]; /* CHAP state; one for each unit */
static void ChapChallengeTimeout (void *);
static void ChapResponseTimeout (void *);
static void ChapReceiveChallenge (chap_state *, u_char *, int, int);
@ -121,38 +132,24 @@ static void ChapSendChallenge (chap_state *);
static void ChapSendResponse (chap_state *);
static void ChapGenChallenge (chap_state *);
/*
* ChapInit - Initialize a CHAP unit.
*/
static void
ChapInit(int unit)
{
chap_state *cstate = &chap[unit];
/******************************/
/*** PUBLIC DATA STRUCTURES ***/
/******************************/
chap_state chap[NUM_PPP]; /* CHAP state; one for each unit */
struct protent chap_protent = {
PPP_CHAP,
ChapInit,
ChapInput,
ChapProtocolReject,
ChapLowerUp,
ChapLowerDown,
NULL,
NULL,
#if 0
ChapPrintPkt,
NULL,
#endif
1,
"CHAP",
#if 0
NULL,
NULL,
NULL
#endif
};
BZERO(cstate, sizeof(*cstate));
cstate->unit = unit;
cstate->clientstate = CHAPCS_INITIAL;
cstate->serverstate = CHAPSS_INITIAL;
cstate->timeouttime = CHAP_DEFTIMEOUT;
cstate->max_transmits = CHAP_DEFTRANSMITS;
/* random number generator is initialized in magic_init */
}
/***********************************/
/*** PUBLIC FUNCTION DEFINITIONS ***/
/***********************************/
/*
* ChapAuthWithPeer - Authenticate us with our peer (start client).
*
@ -205,27 +202,6 @@ ChapAuthPeer(int unit, char *our_name, int digest)
}
/**********************************/
/*** LOCAL FUNCTION DEFINITIONS ***/
/**********************************/
/*
* ChapInit - Initialize a CHAP unit.
*/
static void
ChapInit(int unit)
{
chap_state *cstate = &chap[unit];
BZERO(cstate, sizeof(*cstate));
cstate->unit = unit;
cstate->clientstate = CHAPCS_INITIAL;
cstate->serverstate = CHAPSS_INITIAL;
cstate->timeouttime = CHAP_DEFTIMEOUT;
cstate->max_transmits = CHAP_DEFTRANSMITS;
/* random number generator is initialized in magic_init */
}
/*
* ChapChallengeTimeout - Timeout expired on sending challenge.
*/
@ -463,19 +439,23 @@ ChapReceiveChallenge(chap_state *cstate, u_char *inp, int id, int len)
BCOPY(inp, rhostname, len);
rhostname[len] = '\000';
CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: received name field '%s'\n", rhostname));
CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: received name field '%s'\n",
rhostname));
/* Microsoft doesn't send their name back in the PPP packet */
if (ppp_settings.remote_name[0] != 0 && (ppp_settings.explicit_remote || rhostname[0] == 0)) {
strncpy(rhostname, ppp_settings.remote_name, sizeof(rhostname));
rhostname[sizeof(rhostname) - 1] = 0;
CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: using '%s' as remote name\n", rhostname));
CHAPDEBUG((LOG_INFO, "ChapReceiveChallenge: using '%s' as remote name\n",
rhostname));
}
/* get secret for authenticating ourselves with the specified host */
if (!get_secret(cstate->unit, cstate->resp_name, rhostname, secret, &secret_len, 0)) {
if (!get_secret(cstate->unit, cstate->resp_name, rhostname,
secret, &secret_len, 0)) {
secret_len = 0; /* assume null secret if can't find one */
CHAPDEBUG((LOG_WARNING, "No CHAP secret found for authenticating us to %s\n", rhostname));
CHAPDEBUG((LOG_WARNING, "No CHAP secret found for authenticating us to %s\n",
rhostname));
}
/* cancel response send timeout if necessary */
@ -499,7 +479,7 @@ ChapReceiveChallenge(chap_state *cstate, u_char *inp, int id, int len)
cstate->resp_length = MD5_SIGNATURE_SIZE;
break;
#ifdef CHAPMS
#if MSCHAP_SUPPORT
case CHAP_MICROSOFT:
ChapMS(cstate, rchallenge, rchallenge_len, secret, secret_len);
break;
@ -578,15 +558,16 @@ ChapReceiveResponse(chap_state *cstate, u_char *inp, int id, int len)
BCOPY(inp, rhostname, len);
rhostname[len] = '\000';
CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: received name field: %s\n", rhostname));
CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: received name field: %s\n",
rhostname));
/*
* Get secret for authenticating them with us,
* do the hash ourselves, and compare the result.
*/
code = CHAP_FAILURE;
if (!get_secret(cstate->unit, rhostname, cstate->chal_name, secret, &secret_len, 1)) {
/* CHAPDEBUG((LOG_WARNING, TL_CHAP, "No CHAP secret found for authenticating %s\n", rhostname)); */
if (!get_secret(cstate->unit, rhostname, cstate->chal_name,
secret, &secret_len, 1)) {
CHAPDEBUG((LOG_WARNING, "No CHAP secret found for authenticating %s\n",
rhostname));
} else {
@ -651,7 +632,8 @@ ChapReceiveSuccess(chap_state *cstate, u_char *inp, u_char id, int len)
if (cstate->clientstate != CHAPCS_RESPONSE) {
/* don't know what this is */
CHAPDEBUG((LOG_INFO, "ChapReceiveSuccess: in state %d\n", cstate->clientstate));
CHAPDEBUG((LOG_INFO, "ChapReceiveSuccess: in state %d\n",
cstate->clientstate));
return;
}
@ -683,7 +665,8 @@ ChapReceiveFailure(chap_state *cstate, u_char *inp, u_char id, int len)
if (cstate->clientstate != CHAPCS_RESPONSE) {
/* don't know what this is */
CHAPDEBUG((LOG_INFO, "ChapReceiveFailure: in state %d\n", cstate->clientstate));
CHAPDEBUG((LOG_INFO, "ChapReceiveFailure: in state %d\n",
cstate->clientstate));
return;
}
@ -745,7 +728,7 @@ ChapSendStatus(chap_state *cstate, int code)
{
u_char *outp;
int outlen, msglen;
char msg[256];
char msg[256]; /* @todo: this can be a char*, no strcpy needed */
if (code == CHAP_SUCCESS) {
strcpy(msg, "Welcome!");
@ -765,7 +748,8 @@ ChapSendStatus(chap_state *cstate, int code)
BCOPY(msg, outp, msglen);
pppWrite(cstate->unit, outpacket_buf[cstate->unit], outlen + PPP_HDRLEN);
CHAPDEBUG((LOG_INFO, "ChapSendStatus: Sent code %d, id %d.\n", code, cstate->chal_id));
CHAPDEBUG((LOG_INFO, "ChapSendStatus: Sent code %d, id %d.\n", code,
cstate->chal_id));
}
/*
@ -834,7 +818,7 @@ ChapSendResponse(chap_state *cstate)
++cstate->resp_transmits;
}
#if 0
#if PPP_ADDITIONAL_CALLBACKS
static char *ChapCodenames[] = {
"Challenge", "Response", "Success", "Failure"
};
@ -896,7 +880,7 @@ ChapPrintPkt( u_char *p, int plen, void (*printer) (void *, char *, ...), void *
return len + CHAP_HEADERLEN;
}
#endif
#endif /* PPP_ADDITIONAL_CALLBACKS */
#endif /* CHAP_SUPPORT */

64
src/netif/ppp/chap.h
View File

@ -62,16 +62,12 @@
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $Id: chap.h,v 1.4 2007/12/19 20:47:22 fbernon Exp $
* $Id: chap.h,v 1.5 2009/12/31 17:08:08 goldsimon Exp $
*/
#ifndef CHAP_H
#define CHAP_H
/*************************
*** PUBLIC DEFINITIONS ***
*************************/
/* Code + ID + length */
#define CHAP_HEADERLEN 4
@ -96,31 +92,6 @@
#define MAX_CHALLENGE_LENGTH 64
#define MAX_RESPONSE_LENGTH 64 /* sufficient for MD5 or MS-CHAP */
/*
* Client (peer) states.
*/
#define CHAPCS_INITIAL 0 /* Lower layer down, not opened */
#define CHAPCS_CLOSED 1 /* Lower layer up, not opened */
#define CHAPCS_PENDING 2 /* Auth us to peer when lower up */
#define CHAPCS_LISTEN 3 /* Listening for a challenge */
#define CHAPCS_RESPONSE 4 /* Sent response, waiting for status */
#define CHAPCS_OPEN 5 /* We've received Success */
/*
* Server (authenticator) states.
*/
#define CHAPSS_INITIAL 0 /* Lower layer down, not opened */
#define CHAPSS_CLOSED 1 /* Lower layer up, not opened */
#define CHAPSS_PENDING 2 /* Auth peer when lower up */
#define CHAPSS_INITIAL_CHAL 3 /* We've sent the first challenge */
#define CHAPSS_OPEN 4 /* We've sent a Success msg */
#define CHAPSS_RECHALLENGE 5 /* We've sent another challenge */
#define CHAPSS_BADAUTH 6 /* We've sent a Failure msg */
/************************
*** PUBLIC DATA TYPES ***
************************/
/*
* Each interface is described by a chap structure.
*/
@ -148,19 +119,32 @@ typedef struct chap_state {
} chap_state;
/******************
*** PUBLIC DATA ***
******************/
/*
* Client (peer) states.
*/
#define CHAPCS_INITIAL 0 /* Lower layer down, not opened */
#define CHAPCS_CLOSED 1 /* Lower layer up, not opened */
#define CHAPCS_PENDING 2 /* Auth us to peer when lower up */
#define CHAPCS_LISTEN 3 /* Listening for a challenge */
#define CHAPCS_RESPONSE 4 /* Sent response, waiting for status */
#define CHAPCS_OPEN 5 /* We've received Success */
/*
* Server (authenticator) states.
*/
#define CHAPSS_INITIAL 0 /* Lower layer down, not opened */
#define CHAPSS_CLOSED 1 /* Lower layer up, not opened */
#define CHAPSS_PENDING 2 /* Auth peer when lower up */
#define CHAPSS_INITIAL_CHAL 3 /* We've sent the first challenge */
#define CHAPSS_OPEN 4 /* We've sent a Success msg */
#define CHAPSS_RECHALLENGE 5 /* We've sent another challenge */
#define CHAPSS_BADAUTH 6 /* We've sent a Failure msg */
extern chap_state chap[];
extern struct protent chap_protent;
/***********************
*** PUBLIC FUNCTIONS ***
***********************/
void ChapAuthWithPeer (int, char *, int);
void ChapAuthPeer (int, char *, int);
extern struct protent chap_protent;
#endif /* CHAP_H */

80
src/netif/ppp/chpms.c
View File

@ -85,6 +85,8 @@
#include "chap.h"
#include "chpms.h"
#include <string.h>
/*************************/
/*** LOCAL DEFINITIONS ***/
@ -137,49 +139,12 @@ static u_char Get7Bits(
int startBit
);
/***********************************/
/*** PUBLIC FUNCTION DEFINITIONS ***/
/***********************************/
void
ChapMS( chap_state *cstate, char *rchallenge, int rchallenge_len, char *secret, int secret_len)
{
MS_ChapResponse response;
#ifdef MSLANMAN
extern int ms_lanman;
#endif
#if 0
CHAPDEBUG((LOG_INFO, "ChapMS: secret is '%.*s'\n", secret_len, secret));
#endif
BZERO(&response, sizeof(response));
/* Calculate both always */
ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, &response);
#ifdef MSLANMAN
ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, &response);
/* prefered method is set by option */
response.UseNT = !ms_lanman;
#else
response.UseNT = 1;
#endif
BCOPY(&response, cstate->response, MS_CHAP_RESPONSE_LEN);
cstate->resp_length = MS_CHAP_RESPONSE_LEN;
}
/**********************************/
/*** LOCAL FUNCTION DEFINITIONS ***/
/**********************************/
static void
ChallengeResponse( u_char *challenge, /* IN 8 octets */
u_char *pwHash, /* IN 16 octets */
u_char *response /* OUT 24 octets */)
{
char ZPasswordHash[21];
u_char ZPasswordHash[21];
BZERO(ZPasswordHash, sizeof(ZPasswordHash));
BCOPY(pwHash, ZPasswordHash, 16);
@ -211,7 +176,7 @@ DesEncrypt( u_char *clear, /* IN 8 octets */
MakeKey(key, des_key);
Expand(des_key, crypt_key);
setkey(crypt_key);
setkey((char*)crypt_key);
#if 0
CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet input : %02X%02X%02X%02X%02X%02X%02X%02X\n",
@ -219,7 +184,7 @@ DesEncrypt( u_char *clear, /* IN 8 octets */
#endif
Expand(clear, des_input);
encrypt(des_input, 0);
encrypt((char*)des_input, 0);
Collapse(des_input, cipher);
#if 0
@ -348,6 +313,8 @@ ChapMS_NT( char *rchallenge,
u_char unicodePassword[MAX_NT_PASSWORD * 2];
static int low_byte_first = -1;
LWIP_UNUSED_ARG(rchallenge_len);
/* Initialize the Unicode version of the secret (== password). */
/* This implicitly supports 8-bit ISO8859/1 characters. */
BZERO(unicodePassword, sizeof(unicodePassword));
@ -361,12 +328,12 @@ ChapMS_NT( char *rchallenge,
low_byte_first = (htons((unsigned short int)1) != 1);
}
if (low_byte_first == 0) {
MDreverse((u_long *)&md4Context); /* sfb 961105 */
MDreverse((unsigned int*)&md4Context); /* sfb 961105 */
}
MDupdate(&md4Context, NULL, 0); /* Tell MD4 we're done */
ChallengeResponse(rchallenge, (char *)md4Context.buffer, response->NTResp);
ChallengeResponse((u_char*)rchallenge, (u_char*)md4Context.buffer, response->NTResp);
}
#ifdef MSLANMAN
@ -394,6 +361,35 @@ ChapMS_LANMan( char *rchallenge,
}
#endif
void
ChapMS( chap_state *cstate, char *rchallenge, int rchallenge_len, char *secret, int secret_len)
{
MS_ChapResponse response;
#ifdef MSLANMAN
extern int ms_lanman;
#endif
#if 0
CHAPDEBUG((LOG_INFO, "ChapMS: secret is '%.*s'\n", secret_len, secret));
#endif
BZERO(&response, sizeof(response));
/* Calculate both always */
ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, &response);
#ifdef MSLANMAN
ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, &response);
/* prefered method is set by option */
response.UseNT = !ms_lanman;
#else
response.UseNT = 1;
#endif
BCOPY(&response, cstate->response, MS_CHAP_RESPONSE_LEN);
cstate->resp_length = MS_CHAP_RESPONSE_LEN;
}
#endif /* MSCHAP_SUPPORT */
#endif /* PPP_SUPPORT */

308
src/netif/ppp/fsm.c
View File

@ -66,13 +66,7 @@
#include <string.h>
/*************************/
/*** LOCAL DEFINITIONS ***/
/*************************/
#if PPP_DEBUG
static const char *ppperr_strerr[] = {
"LS_INITIAL", /* LS_INITIAL 0 */
"LS_STARTING", /* LS_STARTING 1 */
@ -85,17 +79,8 @@ static const char *ppperr_strerr[] = {
"LS_ACKSENT", /* LS_ACKSENT 8 */
"LS_OPENED" /* LS_OPENED 9 */
};
#endif /* PPP_DEBUG */
/************************/
/*** LOCAL DATA TYPES ***/
/************************/
/***********************************/
/*** LOCAL FUNCTION DECLARATIONS ***/
/***********************************/
static void fsm_timeout (void *);
static void fsm_rconfreq (fsm *, u_char, u_char *, int);
static void fsm_rconfack (fsm *, int, u_char *, int);
@ -107,22 +92,9 @@ static void fsm_sconfreq (fsm *, int);
#define PROTO_NAME(f) ((f)->callbacks->proto_name)
/******************************/
/*** PUBLIC DATA STRUCTURES ***/
/******************************/
/*****************************/
/*** LOCAL DATA STRUCTURES ***/
/*****************************/
int peer_mru[NUM_PPP];
/***********************************/
/*** PUBLIC FUNCTION DEFINITIONS ***/
/***********************************/
/*
* fsm_init - Initialize fsm.
*
@ -328,32 +300,65 @@ fsm_close(fsm *f, char *reason)
/*
* fsm_sdata - Send some data.
*
* Used for all packets sent to our peer by this module.
* fsm_timeout - Timeout expired.
*/
void
fsm_sdata( fsm *f, u_char code, u_char id, u_char *data, int datalen)
static void
fsm_timeout(void *arg)
{
u_char *outp;
int outlen;
fsm *f = (fsm *) arg;
/* Adjust length to be smaller than MTU */
outp = outpacket_buf[f->unit];
if (datalen > peer_mru[f->unit] - (int)HEADERLEN) {
datalen = peer_mru[f->unit] - HEADERLEN;
switch (f->state) {
case LS_CLOSING:
case LS_STOPPING:
if( f->retransmits <= 0 ) {
FSMDEBUG((LOG_WARNING, "%s: timeout sending Terminate-Request state=%d (%s)\n",
PROTO_NAME(f), f->state, ppperr_strerr[f->state]));
/*
* We've waited for an ack long enough. Peer probably heard us.
*/
f->state = (f->state == LS_CLOSING)? LS_CLOSED: LS_STOPPED;
if( f->callbacks->finished ) {
(*f->callbacks->finished)(f);
}
if (datalen && data != outp + PPP_HDRLEN + HEADERLEN) {
BCOPY(data, outp + PPP_HDRLEN + HEADERLEN, datalen);
} else {
FSMDEBUG((LOG_WARNING, "%s: timeout resending Terminate-Requests state=%d (%s)\n",
PROTO_NAME(f), f->state, ppperr_strerr[f->state]));
/* Send Terminate-Request */
fsm_sdata(f, TERMREQ, f->reqid = ++f->id,
(u_char *) f->term_reason, f->term_reason_len);
TIMEOUT(fsm_timeout, f, f->timeouttime);
--f->retransmits;
}
break;
case LS_REQSENT:
case LS_ACKRCVD:
case LS_ACKSENT:
if (f->retransmits <= 0) {
FSMDEBUG((LOG_WARNING, "%s: timeout sending Config-Requests state=%d (%s)\n",
PROTO_NAME(f), f->state, ppperr_strerr[f->state]));
f->state = LS_STOPPED;
if( (f->flags & OPT_PASSIVE) == 0 && f->callbacks->finished ) {
(*f->callbacks->finished)(f);
}
} else {
FSMDEBUG((LOG_WARNING, "%s: timeout resending Config-Request state=%d (%s)\n",
PROTO_NAME(f), f->state, ppperr_strerr[f->state]));
/* Retransmit the configure-request */
if (f->callbacks->retransmit) {
(*f->callbacks->retransmit)(f);
}
fsm_sconfreq(f, 1); /* Re-send Configure-Request */
if( f->state == LS_ACKRCVD ) {
f->state = LS_REQSENT;
}
}
break;
default:
FSMDEBUG((LOG_INFO, "%s: UNHANDLED timeout event in state %d (%s)!\n",
PROTO_NAME(f), f->state, ppperr_strerr[f->state]));
}
outlen = datalen + HEADERLEN;
MAKEHEADER(outp, f->protocol);
PUTCHAR(code, outp);
PUTCHAR(id, outp);
PUTSHORT(outlen, outp);
pppWrite(f->unit, outpacket_buf[f->unit], outlen + PPP_HDRLEN);
FSMDEBUG((LOG_INFO, "fsm_sdata(%s): Sent code %d,%d,%d.\n",
PROTO_NAME(f), code, id, outlen));
}
@ -436,129 +441,6 @@ fsm_input(fsm *f, u_char *inpacket, int l)
}
/*
* fsm_protreject - Peer doesn't speak this protocol.
*
* Treat this as a catastrophic error (RXJ-).
*/
void
fsm_protreject(fsm *f)
{
switch( f->state ) {
case LS_CLOSING:
UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */
/* fall through */
case LS_CLOSED:
f->state = LS_CLOSED;
if( f->callbacks->finished ) {
(*f->callbacks->finished)(f);
}
break;
case LS_STOPPING:
case LS_REQSENT:
case LS_ACKRCVD:
case LS_ACKSENT:
UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */
/* fall through */
case LS_STOPPED:
f->state = LS_STOPPED;
if( f->callbacks->finished ) {
(*f->callbacks->finished)(f);
}
break;
case LS_OPENED:
if( f->callbacks->down ) {
(*f->callbacks->down)(f);
}
/* Init restart counter, send Terminate-Request */
f->retransmits = f->maxtermtransmits;
fsm_sdata(f, TERMREQ, f->reqid = ++f->id,
(u_char *) f->term_reason, f->term_reason_len);
TIMEOUT(fsm_timeout, f, f->timeouttime);
--f->retransmits;
f->state = LS_STOPPING;
break;
default:
FSMDEBUG((LOG_INFO, "%s: Protocol-reject event in state %d (%s)!\n",
PROTO_NAME(f), f->state, ppperr_strerr[f->state]));
}
}
/**********************************/
/*** LOCAL FUNCTION DEFINITIONS ***/
/**********************************/
/*
* fsm_timeout - Timeout expired.
*/
static void
fsm_timeout(void *arg)
{
fsm *f = (fsm *) arg;
switch (f->state) {
case LS_CLOSING:
case LS_STOPPING:
if( f->retransmits <= 0 ) {
FSMDEBUG((LOG_WARNING, "%s: timeout sending Terminate-Request state=%d (%s)\n",
PROTO_NAME(f), f->state, ppperr_strerr[f->state]));
/*
* We've waited for an ack long enough. Peer probably heard us.
*/
f->state = (f->state == LS_CLOSING)? LS_CLOSED: LS_STOPPED;
if( f->callbacks->finished ) {
(*f->callbacks->finished)(f);
}
} else {
FSMDEBUG((LOG_WARNING, "%s: timeout resending Terminate-Requests state=%d (%s)\n",
PROTO_NAME(f), f->state, ppperr_strerr[f->state]));
/* Send Terminate-Request */
fsm_sdata(f, TERMREQ, f->reqid = ++f->id,
(u_char *) f->term_reason, f->term_reason_len);
TIMEOUT(fsm_timeout, f, f->timeouttime);
--f->retransmits;
}
break;
case LS_REQSENT:
case LS_ACKRCVD:
case LS_ACKSENT:
if (f->retransmits <= 0) {
FSMDEBUG((LOG_WARNING, "%s: timeout sending Config-Requests state=%d (%s)\n",
PROTO_NAME(f), f->state, ppperr_strerr[f->state]));
f->state = LS_STOPPED;
if( (f->flags & OPT_PASSIVE) == 0 && f->callbacks->finished ) {
(*f->callbacks->finished)(f);
}
} else {
FSMDEBUG((LOG_WARNING, "%s: timeout resending Config-Request state=%d (%s)\n",
PROTO_NAME(f), f->state, ppperr_strerr[f->state]));
/* Retransmit the configure-request */
if (f->callbacks->retransmit) {
(*f->callbacks->retransmit)(f);
}
fsm_sconfreq(f, 1); /* Re-send Configure-Request */
if( f->state == LS_ACKRCVD ) {
f->state = LS_REQSENT;
}
}
break;
default:
FSMDEBUG((LOG_INFO, "%s: UNHANDLED timeout event in state %d (%s)!\n",
PROTO_NAME(f), f->state, ppperr_strerr[f->state]));
}
}
/*
* fsm_rconfreq - Receive Configure-Request.
*/
@ -853,6 +735,59 @@ fsm_rcoderej(fsm *f, u_char *inp, int len)
}
/*
* fsm_protreject - Peer doesn't speak this protocol.
*
* Treat this as a catastrophic error (RXJ-).
*/
void
fsm_protreject(fsm *f)
{
switch( f->state ) {
case LS_CLOSING:
UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */
/* fall through */
case LS_CLOSED:
f->state = LS_CLOSED;
if( f->callbacks->finished ) {
(*f->callbacks->finished)(f);
}
break;
case LS_STOPPING:
case LS_REQSENT:
case LS_ACKRCVD:
case LS_ACKSENT:
UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */
/* fall through */
case LS_STOPPED:
f->state = LS_STOPPED;
if( f->callbacks->finished ) {
(*f->callbacks->finished)(f);
}
break;
case LS_OPENED:
if( f->callbacks->down ) {
(*f->callbacks->down)(f);
}
/* Init restart counter, send Terminate-Request */
f->retransmits = f->maxtermtransmits;
fsm_sdata(f, TERMREQ, f->reqid = ++f->id,
(u_char *) f->term_reason, f->term_reason_len);
TIMEOUT(fsm_timeout, f, f->timeouttime);
--f->retransmits;
f->state = LS_STOPPING;
break;
default:
FSMDEBUG((LOG_INFO, "%s: Protocol-reject event in state %d (%s)!\n",
PROTO_NAME(f), f->state, ppperr_strerr[f->state]));
}
}
/*
* fsm_sconfreq - Send a Configure-Request.
*/
@ -905,4 +840,33 @@ fsm_sconfreq(fsm *f, int retransmit)
PROTO_NAME(f), f->reqid));
}
/*
* fsm_sdata - Send some data.
*
* Used for all packets sent to our peer by this module.
*/
void
fsm_sdata( fsm *f, u_char code, u_char id, u_char *data, int datalen)
{
u_char *outp;
int outlen;
/* Adjust length to be smaller than MTU */
outp = outpacket_buf[f->unit];
if (datalen > peer_mru[f->unit] - (int)HEADERLEN) {
datalen = peer_mru[f->unit] - HEADERLEN;
}
if (datalen && data != outp + PPP_HDRLEN + HEADERLEN) {
BCOPY(data, outp + PPP_HDRLEN + HEADERLEN, datalen);
}
outlen = datalen + HEADERLEN;
MAKEHEADER(outp, f->protocol);
PUTCHAR(code, outp);
PUTCHAR(id, outp);
PUTSHORT(outlen, outp);
pppWrite(f->unit, outpacket_buf[f->unit], outlen + PPP_HDRLEN);
FSMDEBUG((LOG_INFO, "fsm_sdata(%s): Sent code %d,%d,%d.\n",
PROTO_NAME(f), code, id, outlen));
}
#endif /* PPP_SUPPORT */

60
src/netif/ppp/fsm.h
View File

@ -48,15 +48,12 @@
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $Id: fsm.h,v 1.4 2007/12/19 20:47:23 fbernon Exp $
* $Id: fsm.h,v 1.5 2009/12/31 17:08:08 goldsimon Exp $
*/
#ifndef FSM_H
#define FSM_H
/*****************************************************************************
************************* PUBLIC DEFINITIONS *********************************
*****************************************************************************/
/*
* LCP Packet header = Code, id, length.
*/
@ -74,31 +71,7 @@
#define TERMACK 6 /* Termination Ack */
#define CODEREJ 7 /* Code Reject */
/*
* Link states.
*/
#define LS_INITIAL 0 /* Down, hasn't been opened */
#define LS_STARTING 1 /* Down, been opened */
#define LS_CLOSED 2 /* Up, hasn't been opened */
#define LS_STOPPED 3 /* Open, waiting for down event */
#define LS_CLOSING 4 /* Terminating the connection, not open */
#define LS_STOPPING 5 /* Terminating, but open */
#define LS_REQSENT 6 /* We've sent a Config Request */
#define LS_ACKRCVD 7 /* We've received a Config Ack */
#define LS_ACKSENT 8 /* We've sent a Config Ack */
#define LS_OPENED 9 /* Connection available */
/*
* Flags - indicate options controlling FSM operation
*/
#define OPT_PASSIVE 1 /* Don't die if we don't get a response */
#define OPT_RESTART 2 /* Treat 2nd OPEN as DOWN, UP */
#define OPT_SILENT 4 /* Wait for peer to speak first */
/*****************************************************************************
************************* PUBLIC DATA TYPES **********************************
*****************************************************************************/
/*
* Each FSM is described by an fsm structure and fsm callbacks.
*/
@ -141,18 +114,27 @@ typedef struct fsm_callbacks {
} fsm_callbacks;
/*****************************************************************************
*********************** PUBLIC DATA STRUCTURES *******************************
*****************************************************************************/
/*
* Variables
* Link states.
*/
extern int peer_mru[]; /* currently negotiated peer MRU (per unit) */
#define LS_INITIAL 0 /* Down, hasn't been opened */
#define LS_STARTING 1 /* Down, been opened */
#define LS_CLOSED 2 /* Up, hasn't been opened */
#define LS_STOPPED 3 /* Open, waiting for down event */
#define LS_CLOSING 4 /* Terminating the connection, not open */
#define LS_STOPPING 5 /* Terminating, but open */
#define LS_REQSENT 6 /* We've sent a Config Request */
#define LS_ACKRCVD 7 /* We've received a Config Ack */
#define LS_ACKSENT 8 /* We've sent a Config Ack */
#define LS_OPENED 9 /* Connection available */
/*
* Flags - indicate options controlling FSM operation
*/
#define OPT_PASSIVE 1 /* Don't die if we don't get a response */
#define OPT_RESTART 2 /* Treat 2nd OPEN as DOWN, UP */
#define OPT_SILENT 4 /* Wait for peer to speak first */
/*****************************************************************************
************************** PUBLIC FUNCTIONS **********************************
*****************************************************************************/
/*
* Prototypes
@ -166,4 +148,10 @@ void fsm_input (fsm*, u_char*, int);
void fsm_protreject (fsm*);
void fsm_sdata (fsm*, u_char, u_char, u_char*, int);
/*
* Variables
*/
extern int peer_mru[]; /* currently negotiated peer MRU (per unit) */
#endif /* FSM_H */

137
src/netif/ppp/ipcp.c
View File

@ -1,3 +1,5 @@
/** In contrast to pppd 2.3.1, DNS support has been added, proxy-ARP and
dial-on-demand has been stripped. */
/*****************************************************************************
* ipcp.c - Network PPP IP Control Protocol program file.
*
@ -63,25 +65,18 @@
#include <string.h>
/*************************/
/*** LOCAL DEFINITIONS ***/
/*************************/
/* #define OLD_CI_ADDRS 1 */ /* Support deprecated address negotiation. */
/*
* Lengths of configuration options.
*/
#define CILEN_VOID 2
#define CILEN_COMPRESS 4 /* min length for compression protocol opt. */
#define CILEN_VJ 6 /* length for RFC1332 Van-Jacobson opt. */
#define CILEN_ADDR 6 /* new-style single address option */
#define CILEN_ADDRS 10 /* old-style dual address option */
/* global vars */
ipcp_options ipcp_wantoptions[NUM_PPP]; /* Options that we want to request */
ipcp_options ipcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */
ipcp_options ipcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */
ipcp_options ipcp_hisoptions[NUM_PPP]; /* Options that we ack'd */
/* local vars */
static int cis_received[NUM_PPP]; /* # Conf-Reqs received */
static int default_route_set[NUM_PPP]; /* Have set up a default route */
/***********************************/
/*** LOCAL FUNCTION DECLARATIONS ***/
/***********************************/
/*
* Callbacks for fsm code. (CI = Configuration Information)
*/
@ -94,70 +89,14 @@ static int ipcp_rejci (fsm *, u_char *, int); /* Peer rej'd our CI */
static int ipcp_reqci (fsm *, u_char *, int *, int); /* Rcv CI */
static void ipcp_up (fsm *); /* We're UP */
static void ipcp_down (fsm *); /* We're DOWN */
#if 0
#if PPP_ADDITIONAL_CALLBACKS
static void ipcp_script (fsm *, char *); /* Run an up/down script */
#endif
static void ipcp_finished (fsm *); /* Don't need lower layer */
/*
* Protocol entry points from main code.
*/
static void ipcp_init (int);
static void ipcp_open (int);
static void ipcp_close (int, char *);
static void ipcp_lowerup (int);
static void ipcp_lowerdown (int);
static void ipcp_input (int, u_char *, int);
static void ipcp_protrej (int);
static void ipcp_clear_addrs (int);
#define CODENAME(x) ((x) == CONFACK ? "ACK" : \
(x) == CONFNAK ? "NAK" : "REJ")
/******************************/
/*** PUBLIC DATA STRUCTURES ***/
/******************************/
/* global vars */
ipcp_options ipcp_wantoptions[NUM_PPP]; /* Options that we want to request */
ipcp_options ipcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */
ipcp_options ipcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */
ipcp_options ipcp_hisoptions[NUM_PPP]; /* Options that we ack'd */
fsm ipcp_fsm[NUM_PPP]; /* IPCP fsm structure */
struct protent ipcp_protent = {
PPP_IPCP,
ipcp_init,
ipcp_input,
ipcp_protrej,
ipcp_lowerup,
ipcp_lowerdown,
ipcp_open,
ipcp_close,
#if 0
ipcp_printpkt,
NULL,
#endif
1,
"IPCP",
#if 0
ip_check_options,
NULL,
ip_active_pkt
#endif
};
/*****************************/
/*** LOCAL DATA STRUCTURES ***/
/*****************************/
/* local vars */
static int cis_received[NUM_PPP]; /* # Conf-Reqs received */
static int default_route_set[NUM_PPP]; /* Have set up a default route */
static fsm_callbacks ipcp_callbacks = { /* IPCP callback routines */
ipcp_resetci, /* Reset our Configuration Information */
@ -177,11 +116,55 @@ static fsm_callbacks ipcp_callbacks = { /* IPCP callback routines */
"IPCP" /* String name of protocol */
};
/*
* Protocol entry points from main code.
*/
static void ipcp_init (int);
static void ipcp_open (int);
static void ipcp_close (int, char *);
static void ipcp_lowerup (int);
static void ipcp_lowerdown (int);
static void ipcp_input (int, u_char *, int);
static void ipcp_protrej (int);
/**********************************/
/*** LOCAL FUNCTION DEFINITIONS ***/
/**********************************/
struct protent ipcp_protent = {
PPP_IPCP,
ipcp_init,
ipcp_input,
ipcp_protrej,
ipcp_lowerup,
ipcp_lowerdown,
ipcp_open,
ipcp_close,
#if PPP_ADDITIONAL_CALLBACKS
ipcp_printpkt,
NULL,
#endif /* PPP_ADDITIONAL_CALLBACKS */
1,
"IPCP",
#if PPP_ADDITIONAL_CALLBACKS
ip_check_options,
NULL,
ip_active_pkt
#endif /* PPP_ADDITIONAL_CALLBACKS */
};
static void ipcp_clear_addrs (int);
/*
* Lengths of configuration options.
*/
#define CILEN_VOID 2
#define CILEN_COMPRESS 4 /* min length for compression protocol opt. */
#define CILEN_VJ 6 /* length for RFC1332 Van-Jacobson opt. */
#define CILEN_ADDR 6 /* new-style single address option */
#define CILEN_ADDRS 10 /* old-style dual address option */
#define CODENAME(x) ((x) == CONFACK ? "ACK" : \
(x) == CONFNAK ? "NAK" : "REJ")
#define inet_ntoa(addr) ip_ntoa(((struct ip_addr*)&(addr)))
@ -1361,7 +1344,7 @@ ipcp_finished(fsm *f)
np_finished(f->unit, PPP_IP);
}
#if 0
#if PPP_ADDITIONAL_CALLBACKS
static int
ipcp_printpkt(u_char *p, int plen, void (*printer) (void *, char *, ...), void *arg)
{
@ -1422,6 +1405,6 @@ ip_active_pkt(u_char *pkt, int len)
}
return 1;
}
#endif
#endif /* PPP_ADDITIONAL_CALLBACKS */
#endif /* PPP_SUPPORT */

135
src/netif/ppp/lcp.c
View File

@ -72,25 +72,25 @@
#define PPPOE_MAXMTU PPP_MAXMRU
#endif
/* options */
LinkPhase lcp_phase[NUM_PPP]; /* Phase of link session (RFC 1661) */
static u_int lcp_echo_interval = LCP_ECHOINTERVAL; /* Interval between LCP echo-requests */
static u_int lcp_echo_fails = LCP_MAXECHOFAILS; /* Tolerance to unanswered echo-requests */
/*************************/
/*** LOCAL DEFINITIONS ***/
/*************************/
/*
* Length of each type of configuration option (in octets)
*/
#define CILEN_VOID 2
#define CILEN_CHAR 3
#define CILEN_SHORT 4 /* CILEN_VOID + sizeof(short) */
#define CILEN_CHAP 5 /* CILEN_VOID + sizeof(short) + 1 */
#define CILEN_LONG 6 /* CILEN_VOID + sizeof(long) */
#define CILEN_LQR 8 /* CILEN_VOID + sizeof(short) + sizeof(long) */
#define CILEN_CBCP 3
/* global vars */
static fsm lcp_fsm[NUM_PPP]; /* LCP fsm structure (global)*/
lcp_options lcp_wantoptions[NUM_PPP]; /* Options that we want to request */
lcp_options lcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */
lcp_options lcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */
lcp_options lcp_hisoptions[NUM_PPP]; /* Options that we ack'd */
ext_accm xmit_accm[NUM_PPP]; /* extended transmit ACCM */
static u32_t lcp_echos_pending = 0; /* Number of outstanding echo msgs */
static u32_t lcp_echo_number = 0; /* ID number of next echo frame */
static u32_t lcp_echo_timer_running = 0; /* TRUE if a timer is running */
static u_char nak_buffer[PPP_MRU]; /* where we construct a nak packet */
/***********************************/
/*** LOCAL FUNCTION DECLARATIONS ***/
/***********************************/
/*
* Callbacks for fsm code. (CI = Configuration Information)
*/
@ -106,12 +106,12 @@ static void lcp_down (fsm*); /* We're DOWN */
static void lcp_starting (fsm*); /* We need lower layer up */
static void lcp_finished (fsm*); /* We need lower layer down */
static int lcp_extcode (fsm*, int, u_char, u_char*, int);
static void lcp_rprotrej (fsm*, u_char*, int);
/*
* routines to send LCP echos to peer
*/
static void lcp_echo_lowerup (int);
static void lcp_echo_lowerdown (int);
static void LcpEchoTimeout (void*);
@ -120,41 +120,6 @@ static void LcpSendEchoRequest (fsm*);
static void LcpLinkFailure (fsm*);
static void LcpEchoCheck (fsm*);
/*
* Protocol entry points.
* Some of these are called directly.
*/
static void lcp_input (int, u_char *, int);
static void lcp_protrej (int);
#define CODENAME(x) ((x) == CONFACK ? "ACK" : (x) == CONFNAK ? "NAK" : "REJ")
/******************************/
/*** PUBLIC DATA STRUCTURES ***/
/******************************/
/* global vars */
LinkPhase lcp_phase[NUM_PPP]; /* Phase of link session (RFC 1661) */
lcp_options lcp_wantoptions[NUM_PPP]; /* Options that we want to request */
lcp_options lcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */
lcp_options lcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */
lcp_options lcp_hisoptions[NUM_PPP]; /* Options that we ack'd */
ext_accm xmit_accm[NUM_PPP]; /* extended transmit ACCM */
/*****************************/
/*** LOCAL DATA STRUCTURES ***/
/*****************************/
static fsm lcp_fsm[NUM_PPP]; /* LCP fsm structure (global)*/
static u_int lcp_echo_interval = LCP_ECHOINTERVAL; /* Interval between LCP echo-requests */
static u_int lcp_echo_fails = LCP_MAXECHOFAILS; /* Tolerance to unanswered echo-requests */
static u32_t lcp_echos_pending = 0; /* Number of outstanding echo msgs */
static u32_t lcp_echo_number = 0; /* ID number of next echo frame */
static u32_t lcp_echo_timer_running = 0; /* TRUE if a timer is running */
static u_char nak_buffer[PPP_MRU]; /* where we construct a nak packet */
static fsm_callbacks lcp_callbacks = { /* LCP callback routines */
lcp_resetci, /* Reset our Configuration Information */
lcp_cilen, /* Length of our Configuration Information */
@ -173,6 +138,13 @@ static fsm_callbacks lcp_callbacks = { /* LCP callback routines */
"LCP" /* String name of protocol */
};
/*
* Protocol entry points.
* Some of these are called directly.
*/
static void lcp_input (int, u_char *, int);
static void lcp_protrej (int);
struct protent lcp_protent = {
PPP_LCP,
lcp_init,
@ -182,26 +154,35 @@ struct protent lcp_protent = {
lcp_lowerdown,
lcp_open,
lcp_close,
#if 0
#if PPP_ADDITIONAL_CALLBACKS
lcp_printpkt,
NULL,
#endif
#endif /* PPP_ADDITIONAL_CALLBACKS */
1,
"LCP",
#if 0
#if PPP_ADDITIONAL_CALLBACKS
NULL,
NULL,
NULL
#endif
#endif /* PPP_ADDITIONAL_CALLBACKS */
};
int lcp_loopbackfail = DEFLOOPBACKFAIL;
/*
* Length of each type of configuration option (in octets)
*/
#define CILEN_VOID 2
#define CILEN_CHAR 3
#define CILEN_SHORT 4 /* CILEN_VOID + sizeof(short) */
#define CILEN_CHAP 5 /* CILEN_VOID + sizeof(short) + 1 */
#define CILEN_LONG 6 /* CILEN_VOID + sizeof(long) */
#define CILEN_LQR 8 /* CILEN_VOID + sizeof(short) + sizeof(long) */
#define CILEN_CBCP 3
#define CODENAME(x) ((x) == CONFACK ? "ACK" : (x) == CONFNAK ? "NAK" : "REJ")
/***********************************/
/*** PUBLIC FUNCTION DEFINITIONS ***/
/***********************************/
/*
* lcp_init - Initialize LCP.
*/
@ -356,21 +337,6 @@ lcp_lowerdown(int unit)
fsm_lowerdown(&lcp_fsm[unit]);
}
/*
* lcp_sprotrej - Send a Protocol-Reject for some protocol.
*/
void
lcp_sprotrej(int unit, u_char *p, int len)
{
/*
* Send back the protocol and the information field of the
* rejected packet. We only get here if LCP is in the LS_OPENED state.
*/
fsm_sdata(&lcp_fsm[unit], PROTREJ, ++lcp_fsm[unit].id, p, len);
}
/**********************************/
/*** LOCAL FUNCTION DEFINITIONS ***/
@ -483,6 +449,21 @@ lcp_protrej(int unit)
}
/*
* lcp_sprotrej - Send a Protocol-Reject for some protocol.
*/
void
lcp_sprotrej(int unit, u_char *p, int len)
{
/*
* Send back the protocol and the information field of the
* rejected packet. We only get here if LCP is in the LS_OPENED state.
*/
fsm_sdata(&lcp_fsm[unit], PROTREJ, ++lcp_fsm[unit].id, p, len);
}
/*
* lcp_resetci - Reset our CI.
*/
@ -1382,7 +1363,7 @@ lcp_reqci(fsm *f,
}
GETCHAR(cichar, p); /* get digest type*/
if (cichar != CHAP_DIGEST_MD5
#ifdef CHAPMS
#if MSCHAP_SUPPORT
&& cichar != CHAP_MICROSOFT
#endif
) {
@ -1691,7 +1672,7 @@ lcp_finished(fsm *f)
}
#if 0
#if PPP_ADDITIONAL_CALLBACKS
/*
* print_string - print a readable representation of a string using
* printer.
@ -1898,7 +1879,7 @@ lcp_printpkt( u_char *p, int plen, void (*printer) (void *, char *, ...), void *
return (int)(p - pstart);
}
#endif
#endif /* PPP_ADDITIONAL_CALLBACKS */
/*
* Time to shut down the link because there is nothing out there.

120
src/netif/ppp/pap.c
View File

@ -63,9 +63,6 @@
#include <string.h>
/***********************************/
/*** LOCAL FUNCTION DECLARATIONS ***/
/***********************************/
/*
* Protocol entry points.
*/
@ -75,6 +72,30 @@ static void upap_lowerdown (int);
static void upap_input (int, u_char *, int);
static void upap_protrej (int);
struct protent pap_protent = {
PPP_PAP,
upap_init,
upap_input,
upap_protrej,
upap_lowerup,
upap_lowerdown,
NULL,
NULL,
#if PPP_ADDITIONAL_CALLBACKS
upap_printpkt,
NULL,
#endif /* PPP_ADDITIONAL_CALLBACKS */
1,
"PAP",
#if PPP_ADDITIONAL_CALLBACKS
NULL,
NULL,
NULL
#endif /* PPP_ADDITIONAL_CALLBACKS */
};
upap_state upap[NUM_PPP]; /* UPAP state; one for each unit */
static void upap_timeout (void *);
static void upap_reqtimeout(void *);
static void upap_rauthreq (upap_state *, u_char *, int, int);
@ -84,54 +105,28 @@ static void upap_sauthreq (upap_state *);
static void upap_sresp (upap_state *, u_char, u_char, char *, int);
/******************************/
/*** PUBLIC DATA STRUCTURES ***/
/******************************/
struct protent pap_protent = {
PPP_PAP,
upap_init,
upap_input,
upap_protrej,
upap_lowerup,
upap_lowerdown,
NULL,
NULL,
#if 0
upap_printpkt,
NULL,
#endif
1,
"PAP",
#if 0
NULL,
NULL,
NULL
#endif
};
upap_state upap[NUM_PPP]; /* UPAP state; one for each unit */
/***********************************/
/*** PUBLIC FUNCTION DEFINITIONS ***/
/***********************************/
/*
* Set the default login name and password for the pap sessions
* upap_init - Initialize a UPAP unit.
*/
void
upap_setloginpasswd(int unit, const char *luser, const char *lpassword)
static void
upap_init(int unit)
{
upap_state *u = &upap[unit];
/* Save the username and password we're given */
u->us_user = luser;
u->us_userlen = strlen(luser);
u->us_passwd = lpassword;
u->us_passwdlen = strlen(lpassword);
UPAPDEBUG((LOG_INFO, "upap_init: %d\n", unit));
u->us_unit = unit;
u->us_user = NULL;
u->us_userlen = 0;
u->us_passwd = NULL;
u->us_passwdlen = 0;
u->us_clientstate = UPAPCS_INITIAL;
u->us_serverstate = UPAPSS_INITIAL;
u->us_id = 0;
u->us_timeouttime = UPAP_DEFTIMEOUT;
u->us_maxtransmits = 10;
u->us_reqtimeout = UPAP_DEFREQTIME;
}
/*
* upap_authwithpeer - Authenticate us with our peer (start client).
*
@ -145,7 +140,11 @@ upap_authwithpeer(int unit, char *user, char *password)
UPAPDEBUG((LOG_INFO, "upap_authwithpeer: %d user=%s password=%s s=%d\n",
unit, user, password, u->us_clientstate));
upap_setloginpasswd(unit, user, password);
/* Save the username and password we're given */
u->us_user = user;
u->us_userlen = strlen(user);
u->us_passwd = password;
u->us_passwdlen = strlen(password);
u->us_transmits = 0;
@ -183,33 +182,6 @@ upap_authpeer(int unit)
}
}
/**********************************/
/*** LOCAL FUNCTION DEFINITIONS ***/
/**********************************/
/*
* upap_init - Initialize a UPAP unit.
*/
static void
upap_init(int unit)
{
upap_state *u = &upap[unit];
UPAPDEBUG((LOG_INFO, "upap_init: %d\n", unit));
u->us_unit = unit;
u->us_user = NULL;
u->us_userlen = 0;
u->us_passwd = NULL;
u->us_passwdlen = 0;
u->us_clientstate = UPAPCS_INITIAL;
u->us_serverstate = UPAPSS_INITIAL;
u->us_id = 0;
u->us_timeouttime = UPAP_DEFTIMEOUT;
u->us_maxtransmits = 10;
u->us_reqtimeout = UPAP_DEFREQTIME;
}
/*
* upap_timeout - Retransmission timer for sending auth-reqs expired.
*/
@ -598,7 +570,7 @@ upap_sresp(upap_state *u, u_char code, u_char id, char *msg, int msglen)
UPAPDEBUG((LOG_INFO, "pap_sresp: Sent code %d, id %d s=%d\n", code, id, u->us_clientstate));
}
#if 0
#if PPP_ADDITIONAL_CALLBACKS
/*
* upap_printpkt - print the contents of a PAP packet.
*/
@ -615,7 +587,7 @@ static int upap_printpkt(
LWIP_UNUSED_ARG(arg);
return 0;
}
#endif /* 0 */
#endif /* PPP_ADDITIONAL_CALLBACKS */
#endif /* PAP_SUPPORT */

45
src/netif/ppp/pap.h
View File

@ -70,6 +70,24 @@
#define UPAP_AUTHACK 2 /* Authenticate-Ack */
#define UPAP_AUTHNAK 3 /* Authenticate-Nak */
/*
* Each interface is described by upap structure.
*/
typedef struct upap_state {
int us_unit; /* Interface unit number */
const char *us_user; /* User */
int us_userlen; /* User length */
const char *us_passwd; /* Password */
int us_passwdlen; /* Password length */
int us_clientstate; /* Client state */
int us_serverstate; /* Server state */
u_char us_id; /* Current id */
int us_timeouttime; /* Timeout (seconds) for auth-req retrans. */
int us_transmits; /* Number of auth-reqs sent */
int us_maxtransmits; /* Maximum number of auth-reqs to send */
int us_reqtimeout; /* Time to wait for auth-req from peer */
} upap_state;
/*
* Client states.
*/
@ -91,33 +109,6 @@
#define UPAPSS_BADAUTH 5 /* We've sent a Nak */
/************************
*** PUBLIC DATA TYPES ***
************************/
/*
* Each interface is described by upap structure.
*/
typedef struct upap_state {
int us_unit; /* Interface unit number */
const char *us_user; /* User */
int us_userlen; /* User length */
const char *us_passwd; /* Password */
int us_passwdlen; /* Password length */
int us_clientstate; /* Client state */
int us_serverstate; /* Server state */
u_char us_id; /* Current id */
int us_timeouttime; /* Timeout (seconds) for auth-req retrans. */
int us_transmits; /* Number of auth-reqs sent */
int us_maxtransmits; /* Maximum number of auth-reqs to send */
int us_reqtimeout; /* Time to wait for auth-req from peer */
} upap_state;
/***********************
*** PUBLIC FUNCTIONS ***
***********************/
extern upap_state upap[];
void upap_setloginpasswd(int unit, const char *luser, const char *lpassword);