mirror/lwip
1
0
Fork 0
mirror of https://github.com/lwip-tcpip/lwip.git synced 2024-08-24 23:25:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

PAP and CHAP are now using ppp_pcb*

Browse Source
This commit is contained in:
Sylvain Rochet 2012-06-15 00:24:39 +02:00
parent 844f5e5af1
commit 1ece33e79a
6 changed files with 301 additions and 405 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/netif/ppp/auth.c
View File

@ -795,7 +795,7 @@ void link_established(ppp_pcb *pcb) {
#endif /* EAP_SUPPORT */
#if CHAP_SUPPORT
if (go->neg_chap) {
chap_auth_peer(unit, pcb->settings.our_name, CHAP_DIGEST(go->chap_mdtype));
chap_auth_peer(pcb, pcb->settings.our_name, CHAP_DIGEST(go->chap_mdtype));
auth |= CHAP_PEER;
} else
#endif /* CHAP_SUPPORT */
@ -816,13 +816,13 @@ void link_established(ppp_pcb *pcb) {
#endif /* EAP_SUPPORT */
#if CHAP_SUPPORT
if (ho->neg_chap) {
chap_auth_with_peer(pcb->unit, pcb->settings.user, CHAP_DIGEST(ho->chap_mdtype));
chap_auth_with_peer(pcb, pcb->settings.user, CHAP_DIGEST(ho->chap_mdtype));
auth |= CHAP_WITHPEER;
} else
#endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
if (ho->neg_upap) {
upap_authwithpeer(pcb->unit, pcb->settings.user, pcb->settings.passwd);
upap_authwithpeer(pcb, pcb->settings.user, pcb->settings.passwd);
auth |= PAP_WITHPEER;
} else
#endif /* PAP_SUPPORT */
@ -832,6 +832,7 @@ void link_established(ppp_pcb *pcb) {
pcb->auth_done = 0;
if (!auth)
network_phase(pcb);
}

311
src/netif/ppp/chap-new.c
View File

@ -82,17 +82,6 @@ static option_t chap_option_list[] = {
};
#endif /* PPP_OPTIONS */
/*
* Internal state.
*/
/* FIXME: one client struct per ppp session */
static struct chap_client_state {
int flags;
char *name;
struct chap_digest_type *digest;
unsigned char priv[64]; /* private area for digest's use */
} client;
/*
* These limits apply to challenge and response packets we send.
* The +4 is the +1 that we actually need rounded up.
@ -100,20 +89,6 @@ static struct chap_client_state {
#define CHAL_MAX_PKTLEN (PPP_HDRLEN + CHAP_HDRLEN + 4 + MAX_CHALLENGE_LEN + MAXNAMELEN)
#define RESP_MAX_PKTLEN (PPP_HDRLEN + CHAP_HDRLEN + 4 + MAX_RESPONSE_LEN + MAXNAMELEN)
#if PPP_SERVER
/* FIXME: one server struct per ppp session */
static struct chap_server_state {
int flags;
int id;
char *name;
struct chap_digest_type *digest;
int challenge_xmits;
int challenge_pktlen;
unsigned char challenge[CHAL_MAX_PKTLEN];
char message[256];
} server;
#endif /* PPP_SERVER */
/* Values for flags in chap_client_state and chap_server_state */
#define LOWERUP 1
#define AUTH_STARTED 2
@ -130,17 +105,17 @@ static void chap_lowerup(int unit);
static void chap_lowerdown(int unit);
#if PPP_SERVER
static void chap_timeout(void *arg);
static void chap_generate_challenge(struct chap_server_state *ss);
static void chap_handle_response(struct chap_server_state *ss, int code,
static void chap_generate_challenge(ppp_pcb *pcb);
static void chap_handle_response(ppp_pcb *pcb, int code,
unsigned char *pkt, int len);
static int chap_verify_response(char *name, char *ourname, int id,
struct chap_digest_type *digest,
unsigned char *challenge, unsigned char *response,
char *message, int message_space);
#endif /* PPP_SERVER */
static void chap_respond(struct chap_client_state *cs, int id,
static void chap_respond(ppp_pcb *pcb, int id,
unsigned char *pkt, int len);
static void chap_handle_status(struct chap_client_state *cs, int code, int id,
static void chap_handle_status(ppp_pcb *pcb, int code, int id,
unsigned char *pkt, int len);
static void chap_protrej(int unit);
static void chap_input(int unit, unsigned char *pkt, int pktlen);
@ -155,12 +130,12 @@ static struct chap_digest_type *chap_digests;
/*
* chap_init - reset to initial state.
*/
static void
chap_init(int unit)
{
memset(&client, 0, sizeof(client));
static void chap_init(int unit) {
ppp_pcb *pcb = &ppp_pcb_list[unit];
memset(&pcb->chap_client, 0, sizeof(chap_client_state));
#if PPP_SERVER
memset(&server, 0, sizeof(server));
memset(&pcb->chap_server, 0, sizeof(chap_server_state));
#endif /* PPP_SERVER */
chap_md5_init();
@ -172,9 +147,7 @@ chap_init(int unit)
/*
* Add a new digest type to the list.
*/
void
chap_register_digest(struct chap_digest_type *dp)
{
void chap_register_digest(struct chap_digest_type *dp) {
dp->next = chap_digests;
chap_digests = dp;
}
@ -182,35 +155,25 @@ chap_register_digest(struct chap_digest_type *dp)
/*
* chap_lowerup - we can start doing stuff now.
*/
static void
chap_lowerup(int unit)
{
struct chap_client_state *cs = &client;
#if PPP_SERVER
struct chap_server_state *ss = &server;
#endif /* PPP_SERVER */
static void chap_lowerup(int unit) {
ppp_pcb *pcb = &ppp_pcb_list[unit];
cs->flags |= LOWERUP;
pcb->chap_client.flags |= LOWERUP;
#if PPP_SERVER
ss->flags |= LOWERUP;
if (ss->flags & AUTH_STARTED)
chap_timeout(ss);
pcb->chap_server.flags |= LOWERUP;
if (pcb->chap_server.flags & AUTH_STARTED)
chap_timeout(pcb);
#endif /* PPP_SERVER */
}
static void
chap_lowerdown(int unit)
{
struct chap_client_state *cs = &client;
#if PPP_SERVER
struct chap_server_state *ss = &server;
#endif /* PPP_SERVER */
static void chap_lowerdown(int unit) {
ppp_pcb *pcb = &ppp_pcb_list[unit];
cs->flags = 0;
pcb->chap_client.flags = 0;
#if PPP_SERVER
if (ss->flags & TIMEOUT_PENDING)
UNTIMEOUT(chap_timeout, ss);
ss->flags = 0;
if (pcb->chap_server.flags & TIMEOUT_PENDING)
UNTIMEOUT(chap_timeout, pcb);
pcb->chap_server.flags = 0;
#endif /* PPP_SERVER */
}
@ -220,13 +183,11 @@ chap_lowerdown(int unit)
* If the lower layer is already up, we start sending challenges,
* otherwise we wait for the lower layer to come up.
*/
void
chap_auth_peer(int unit, char *our_name, int digest_code)
{
void chap_auth_peer(ppp_pcb *pcb, char *our_name, int digest_code) {
struct chap_server_state *ss = &server;
struct chap_digest_type *dp;
if (ss->flags & AUTH_STARTED) {
if (pcb->chap_server.flags & AUTH_STARTED) {
error("CHAP: peer authentication already started!");
return;
}
@ -237,12 +198,12 @@ chap_auth_peer(int unit, char *our_name, int digest_code)
fatal("CHAP digest 0x%x requested but not available",
digest_code);
ss->digest = dp;
ss->name = our_name;
pcb->chap_server.digest = dp;
pcb->chap_server.name = our_name;
/* Start with a random ID value */
ss->id = (unsigned char)(drand48() * 256);
ss->flags |= AUTH_STARTED;
if (ss->flags & LOWERUP)
pcb->chap_server.id = (unsigned char)(drand48() * 256);
pcb->chap_server.flags |= AUTH_STARTED;
if (pcb->chap_server.flags & LOWERUP)
chap_timeout(ss);
}
#endif /* PPP_SERVER */
@ -251,13 +212,10 @@ chap_auth_peer(int unit, char *our_name, int digest_code)
* chap_auth_with_peer - Prepare to authenticate ourselves to the peer.
* There isn't much to do until we receive a challenge.
*/
void
chap_auth_with_peer(int unit, char *our_name, int digest_code)
{
struct chap_client_state *cs = &client;
void chap_auth_with_peer(ppp_pcb *pcb, char *our_name, int digest_code) {
struct chap_digest_type *dp;
if (cs->flags & AUTH_STARTED) {
if (pcb->chap_client.flags & AUTH_STARTED) {
error("CHAP: authentication with peer already started!");
return;
}
@ -268,9 +226,9 @@ chap_auth_with_peer(int unit, char *our_name, int digest_code)
fatal("CHAP digest 0x%x requested but not available",
digest_code);
cs->digest = dp;
cs->name = our_name;
cs->flags |= AUTH_STARTED;
pcb->chap_client.digest = dp;
pcb->chap_client.name = our_name;
pcb->chap_client.flags |= AUTH_STARTED;
}
# if PPP_SERVER
@ -279,55 +237,49 @@ chap_auth_with_peer(int unit, char *our_name, int digest_code)
* This could be either a retransmission of a previous challenge,
* or a new challenge to start re-authentication.
*/
static void
chap_timeout(void *arg)
{
/* FIXME: fix forced unit 0 */
ppp_pcb *pcb = &ppp_pcb_list[0];
struct chap_server_state *ss = arg;
static void chap_timeout(void *arg) {
ppp_pcb *pcb = (ppp_pcb*)arg;
ss->flags &= ~TIMEOUT_PENDING;
if ((ss->flags & CHALLENGE_VALID) == 0) {
ss->challenge_xmits = 0;
chap_generate_challenge(ss);
ss->flags |= CHALLENGE_VALID;
} else if (ss->challenge_xmits >= chap_max_transmits) {
ss->flags &= ~CHALLENGE_VALID;
ss->flags |= AUTH_DONE | AUTH_FAILED;
pcb->chap_server.flags &= ~TIMEOUT_PENDING;
if ((pcb->chap_server.flags & CHALLENGE_VALID) == 0) {
pcb->chap_server.challenge_xmits = 0;
chap_generate_challenge(pcb);
pcb->chap_server.flags |= CHALLENGE_VALID;
} else if (pcb->chap_server.challenge_xmits >= chap_max_transmits) {
pcb->chap_server.flags &= ~CHALLENGE_VALID;
pcb->chap_server.flags |= AUTH_DONE | AUTH_FAILED;
auth_peer_fail(pcb, PPP_CHAP);
return;
}
ppp_write(pcb, ss->challenge, ss->challenge_pktlen);
++ss->challenge_xmits;
ss->flags |= TIMEOUT_PENDING;
ppp_write(pcb, pcb->chap_server.challenge, pcb->chap_server.challenge_pktlen);
++pcb->chap_server.challenge_xmits;
pcb->chap_server.flags |= TIMEOUT_PENDING;
TIMEOUT(chap_timeout, arg, chap_timeout_time);
}
/*
* chap_generate_challenge - generate a challenge string and format
* the challenge packet in ss->challenge_pkt.
* the challenge packet in pcb->chap_server.challenge_pkt.
*/
static void
chap_generate_challenge(struct chap_server_state *ss)
{
static void chap_generate_challenge(ppp_pcb *pcb) {
int clen = 1, nlen, len;
unsigned char *p;
p = ss->challenge;
p = pcb->chap_server.challenge;
MAKEHEADER(p, PPP_CHAP);
p += CHAP_HDRLEN;
ss->digest->generate_challenge(p);
pcb->chap_server.digest->generate_challenge(p);
clen = *p;
nlen = strlen(ss->name);
memcpy(p + 1 + clen, ss->name, nlen);
nlen = strlen(pcb->chap_server.name);
memcpy(p + 1 + clen, pcb->chap_server.name, nlen);
len = CHAP_HDRLEN + 1 + clen + nlen;
ss->challenge_pktlen = PPP_HDRLEN + len;
pcb->chap_server.challenge_pktlen = PPP_HDRLEN + len;
p = ss->challenge + PPP_HDRLEN;
p = pcb->chap_server.challenge + PPP_HDRLEN;
p[0] = CHAP_CHALLENGE;
p[1] = ++ss->id;
p[1] = ++pcb->chap_server.id;
p[2] = len >> 8;
p[3] = len;
}
@ -335,12 +287,8 @@ chap_generate_challenge(struct chap_server_state *ss)
/*
* chap_handle_response - check the response to our challenge.
*/
static void
chap_handle_response(struct chap_server_state *ss, int id,
unsigned char *pkt, int len)
{
/* FIXME: fix forced unit 0 */
ppp_pcb *pcb = &ppp_pcb_list[0];
static void chap_handle_response(ppp_pcb *pcb, int id,
unsigned char *pkt, int len) {
int response_len, ok, mlen;
unsigned char *response, *p;
char *name = NULL; /* initialized to shut gcc up */
@ -348,11 +296,11 @@ chap_handle_response(struct chap_server_state *ss, int id,
unsigned char *, unsigned char *, char *, int);
char rname[MAXNAMELEN+1];
if ((ss->flags & LOWERUP) == 0)
if ((pcb->chap_server.flags & LOWERUP) == 0)
return;
if (id != ss->challenge[PPP_HDRLEN+1] || len < 2)
if (id != pcb->chap_server.challenge[PPP_HDRLEN+1] || len < 2)
return;
if (ss->flags & CHALLENGE_VALID) {
if (pcb->chap_server.flags & CHALLENGE_VALID) {
response = pkt;
GETCHAR(response_len, pkt);
len -= response_len + 1; /* length of name */
@ -360,9 +308,9 @@ chap_handle_response(struct chap_server_state *ss, int id,
if (len < 0)
return;
if (ss->flags & TIMEOUT_PENDING) {
ss->flags &= ~TIMEOUT_PENDING;
UNTIMEOUT(chap_timeout, ss);
if (pcb->chap_server.flags & TIMEOUT_PENDING) {
pcb->chap_server.flags &= ~TIMEOUT_PENDING;
UNTIMEOUT(chap_timeout, pcb);
}
if (explicit_remote) {
@ -377,35 +325,35 @@ chap_handle_response(struct chap_server_state *ss, int id,
verifier = chap_verify_hook;
else
verifier = chap_verify_response;
ok = (*verifier)(name, ss->name, id, ss->digest,
ss->challenge + PPP_HDRLEN + CHAP_HDRLEN,
response, ss->message, sizeof(ss->message));
ok = (*verifier)(name, pcb->chap_server.name, id, pcb->chap_server.digest,
pcb->chap_server.challenge + PPP_HDRLEN + CHAP_HDRLEN,
response, pcb->chap_server.message, sizeof(pcb->chap_server.message));
#if 0 /* UNUSED */
if (!ok || !auth_number()) {
#endif /* UNUSED */
if (!ok) {
ss->flags |= AUTH_FAILED;
pcb->chap_server.flags |= AUTH_FAILED;
warn("Peer %q failed CHAP authentication", name);
}
} else if ((ss->flags & AUTH_DONE) == 0)
} else if ((pcb->chap_server.flags & AUTH_DONE) == 0)
return;
/* send the response */
p = outpacket_buf;
MAKEHEADER(p, PPP_CHAP);
mlen = strlen(ss->message);
mlen = strlen(pcb->chap_server.message);
len = CHAP_HDRLEN + mlen;
p[0] = (ss->flags & AUTH_FAILED)? CHAP_FAILURE: CHAP_SUCCESS;
p[0] = (pcb->chap_server.flags & AUTH_FAILED)? CHAP_FAILURE: CHAP_SUCCESS;
p[1] = id;
p[2] = len >> 8;
p[3] = len;
if (mlen > 0)
memcpy(p + CHAP_HDRLEN, ss->message, mlen);
memcpy(p + CHAP_HDRLEN, pcb->chap_server.message, mlen);
ppp_write(pcb, outpacket_buf, PPP_HDRLEN + len);
if (ss->flags & CHALLENGE_VALID) {
ss->flags &= ~CHALLENGE_VALID;
if (!(ss->flags & AUTH_DONE) && !(ss->flags & AUTH_FAILED)) {
if (pcb->chap_server.flags & CHALLENGE_VALID) {
pcb->chap_server.flags &= ~CHALLENGE_VALID;
if (!(pcb->chap_server.flags & AUTH_DONE) && !(pcb->chap_server.flags & AUTH_FAILED)) {
#if 0 /* UNUSED */
/*
@ -419,26 +367,26 @@ chap_handle_response(struct chap_server_state *ss, int id,
*/
if (session_mgmt &&
session_check(name, NULL, devnam, NULL) == 0) {
ss->flags |= AUTH_FAILED;
pcb->chap_server.flags |= AUTH_FAILED;
warn("Peer %q failed CHAP Session verification", name);
}
#endif /* UNUSED */
}
if (ss->flags & AUTH_FAILED) {
if (pcb->chap_server.flags & AUTH_FAILED) {
auth_peer_fail(pcb, PPP_CHAP);
} else {
if ((ss->flags & AUTH_DONE) == 0)
if ((pcb->chap_server.flags & AUTH_DONE) == 0)
auth_peer_success(pcb, PPP_CHAP,
ss->digest->code,
pcb->chap_server.digest->code,
name, strlen(name));
if (chap_rechallenge_time) {
ss->flags |= TIMEOUT_PENDING;
TIMEOUT(chap_timeout, ss,
pcb->chap_server.flags |= TIMEOUT_PENDING;
TIMEOUT(chap_timeout, pcb,
chap_rechallenge_time);
}
}
ss->flags |= AUTH_DONE;
pcb->chap_server.flags |= AUTH_DONE;
}
}
@ -447,12 +395,10 @@ chap_handle_response(struct chap_server_state *ss, int id,
* what we think it should be. Returns 1 if it does (authentication
* succeeded), or 0 if it doesn't.
*/
static int
chap_verify_response(char *name, char *ourname, int id,
static int chap_verify_response(char *name, char *ourname, int id,
struct chap_digest_type *digest,
unsigned char *challenge, unsigned char *response,
char *message, int message_space)
{
char *message, int message_space) {
int ok;
unsigned char secret[MAXSECRETLEN];
int secret_len;
@ -474,12 +420,8 @@ chap_verify_response(char *name, char *ourname, int id,
/*
* chap_respond - Generate and send a response to a challenge.
*/
static void
chap_respond(struct chap_client_state *cs, int id,
unsigned char *pkt, int len)
{
/* FIXME: fix forced unit 0 */
ppp_pcb *pcb = &ppp_pcb_list[0];
static void chap_respond(ppp_pcb *pcb, int id,
unsigned char *pkt, int len) {
int clen, nlen;
int secret_len;
unsigned char *p;
@ -488,7 +430,7 @@ chap_respond(struct chap_client_state *cs, int id,
char secret[MAXSECRETLEN+1];
ppp_pcb *pc = &ppp_pcb_list[0];
if ((cs->flags & (LOWERUP | AUTH_STARTED)) != (LOWERUP | AUTH_STARTED))
if ((pcb->chap_client.flags & (LOWERUP | AUTH_STARTED)) != (LOWERUP | AUTH_STARTED))
return; /* not ready */
if (len < 2 || len < pkt[0] + 1)
return; /* too short */
@ -503,7 +445,7 @@ chap_respond(struct chap_client_state *cs, int id,
strlcpy(rname, pc->settings.remote_name, sizeof(rname));
/* get secret for authenticating ourselves with the specified host */
if (!get_secret(pcb, cs->name, rname, secret, &secret_len, 0)) {
if (!get_secret(pcb, pcb->chap_client.name, rname, secret, &secret_len, 0)) {
secret_len = 0; /* assume null secret if can't find one */
warn("No CHAP secret found for authenticating us to %q", rname);
}
@ -512,13 +454,13 @@ chap_respond(struct chap_client_state *cs, int id,
MAKEHEADER(p, PPP_CHAP);
p += CHAP_HDRLEN;
cs->digest->make_response(p, id, cs->name, pkt,
secret, secret_len, cs->priv);
pcb->chap_client.digest->make_response(p, id, pcb->chap_client.name, pkt,
secret, secret_len, pcb->chap_client.priv);
memset(secret, 0, secret_len);
clen = *p;
nlen = strlen(cs->name);
memcpy(p + clen + 1, cs->name, nlen);
nlen = strlen(pcb->chap_client.name);
memcpy(p + clen + 1, pcb->chap_client.name, nlen);
p = response + PPP_HDRLEN;
len = CHAP_HDRLEN + clen + 1 + nlen;
@ -530,29 +472,25 @@ chap_respond(struct chap_client_state *cs, int id,
ppp_write(pcb, response, PPP_HDRLEN + len);
}
static void
chap_handle_status(struct chap_client_state *cs, int code, int id,
unsigned char *pkt, int len)
{
/* FIXME: fix forced unit 0 */
ppp_pcb *pcb = &ppp_pcb_list[0];
static void chap_handle_status(ppp_pcb *pcb, int code, int id,
unsigned char *pkt, int len) {
const char *msg = NULL;
if ((cs->flags & (AUTH_DONE|AUTH_STARTED|LOWERUP))
if ((pcb->chap_client.flags & (AUTH_DONE|AUTH_STARTED|LOWERUP))
!= (AUTH_STARTED|LOWERUP))
return;
cs->flags |= AUTH_DONE;
pcb->chap_client.flags |= AUTH_DONE;
if (code == CHAP_SUCCESS) {
/* used for MS-CHAP v2 mutual auth, yuck */
if (cs->digest->check_success != NULL) {
if (!(*cs->digest->check_success)(pkt, len, cs->priv))
if (pcb->chap_client.digest->check_success != NULL) {
if (!(*pcb->chap_client.digest->check_success)(pkt, len, pcb->chap_client.priv))
code = CHAP_FAILURE;
} else
msg = "CHAP authentication succeeded";
} else {
if (cs->digest->handle_failure != NULL)
(*cs->digest->handle_failure)(pkt, len);
if (pcb->chap_client.digest->handle_failure != NULL)
(*pcb->chap_client.digest->handle_failure)(pkt, len);
else
msg = "CHAP authentication failed";
}
@ -563,22 +501,16 @@ chap_handle_status(struct chap_client_state *cs, int code, int id,
info("%s", msg);
}
if (code == CHAP_SUCCESS)
auth_withpeer_success(pcb, PPP_CHAP, cs->digest->code);
auth_withpeer_success(pcb, PPP_CHAP, pcb->chap_client.digest->code);
else {
cs->flags |= AUTH_FAILED;
pcb->chap_client.flags |= AUTH_FAILED;
error("CHAP authentication failed");
auth_withpeer_fail(pcb, PPP_CHAP);
}
}
static void
chap_input(int unit, unsigned char *pkt, int pktlen)
{
struct chap_client_state *cs = &client;
#if PPP_SERVER
struct chap_server_state *ss = &server;
#endif /* PPP_SERVER */
static void chap_input(int unit, unsigned char *pkt, int pktlen) {
ppp_pcb *pcb = &ppp_pcb_list[unit];
unsigned char code, id;
int len;
@ -593,39 +525,35 @@ chap_input(int unit, unsigned char *pkt, int pktlen)
switch (code) {
case CHAP_CHALLENGE:
chap_respond(cs, id, pkt, len);
chap_respond(pcb, id, pkt, len);
break;
#if PPP_SERVER
case CHAP_RESPONSE:
chap_handle_response(ss, id, pkt, len);
chap_handle_response(pcb, id, pkt, len);
break;
#endif /* PPP_SERVER */
case CHAP_FAILURE:
case CHAP_SUCCESS:
chap_handle_status(cs, code, id, pkt, len);
chap_handle_status(pcb, code, id, pkt, len);
break;
}
}
static void
chap_protrej(int unit)
{
static void chap_protrej(int unit) {
ppp_pcb *pcb = &ppp_pcb_list[unit];
struct chap_client_state *cs = &client;
#if PPP_SERVER
struct chap_server_state *ss = &server;
if (ss->flags & TIMEOUT_PENDING) {
ss->flags &= ~TIMEOUT_PENDING;
UNTIMEOUT(chap_timeout, ss);
#if PPP_SERVER
if (pcb->chap_server.flags & TIMEOUT_PENDING) {
pcb->chap_server.flags &= ~TIMEOUT_PENDING;
UNTIMEOUT(chap_timeout, pcb);
}
if (ss->flags & AUTH_STARTED) {
ss->flags = 0;
if (pcb->chap_server.flags & AUTH_STARTED) {
pcb->chap_server.flags = 0;
auth_peer_fail(pcb, PPP_CHAP);
}
#endif /* PPP_SERVER */
if ((cs->flags & (AUTH_STARTED|AUTH_DONE)) == AUTH_STARTED) {
cs->flags &= ~AUTH_STARTED;
if ((pcb->chap_client.flags & (AUTH_STARTED|AUTH_DONE)) == AUTH_STARTED) {
pcb->chap_client.flags &= ~AUTH_STARTED;
error("CHAP authentication failed due to protocol-reject");
auth_withpeer_fail(pcb, PPP_CHAP);
}
@ -639,10 +567,8 @@ static char *chap_code_names[] = {
"Challenge", "Response", "Success", "Failure"
};
static int
chap_print_pkt(unsigned char *p, int plen,
void (*printer) (void *, char *, ...), void *arg)
{
static int chap_print_pkt(unsigned char *p, int plen,
void (*printer) (void *, char *, ...), void *arg) {
int code, id, len;
int clen, nlen;
unsigned char x;
@ -689,6 +615,7 @@ chap_print_pkt(unsigned char *p, int plen,
GETCHAR(x, p);
printer(arg, " %.2x", x);
}
/* no break */
}
return len + CHAP_HDRLEN;

4
src/netif/ppp/chap-new.h
View File

@ -151,11 +151,11 @@ extern void chap_register_digest(struct chap_digest_type *);
#if PPP_SERVER
/* Called by authentication code to start authenticating the peer. */
extern void chap_auth_peer(int unit, char *our_name, int digest_code);
extern void chap_auth_peer(ppp_pcb *pcb, char *our_name, int digest_code);
#endif /* PPP_SERVER */
/* Called by auth. code to start authenticating us to the peer. */
extern void chap_auth_with_peer(int unit, char *our_name, int digest_code);
extern void chap_auth_with_peer(ppp_pcb *pcb, char *our_name, int digest_code);
/* Represents the CHAP protocol to the main pppd code */
extern struct protent chap_protent;

58
src/netif/ppp/ppp.h
View File

@ -214,6 +214,53 @@ typedef struct ppp_pcb_rx_s {
} ppp_pcb_rx;
#endif /* PPPOS_SUPPORT */
/*
* Each interface is described by upap structure.
*/
#if PAP_SUPPORT
typedef struct upap_state {
int us_unit; /* Interface unit number */
char *us_user; /* User */
int us_userlen; /* User length */
char *us_passwd; /* Password */
int us_passwdlen; /* Password length */
int us_clientstate; /* Client state */
#if PPP_SERVER
int us_serverstate; /* Server state */
#endif /* PPP_SERVER */
u_char us_id; /* Current id */
int us_timeouttime; /* Timeout (seconds) for auth-req retrans. */
int us_transmits; /* Number of auth-reqs sent */
int us_maxtransmits; /* Maximum number of auth-reqs to send */
int us_reqtimeout; /* Time to wait for auth-req from peer */
} upap_state;
#endif /* PAP_SUPPORT */
/*
* Each interface is described by chap structure.
*/
#if CHAP_SUPPORT
typedef struct chap_client_state {
int flags;
char *name;
struct chap_digest_type *digest;
unsigned char priv[64]; /* private area for digest's use */
} chap_client_state;
#if PPP_SERVER
static struct chap_server_state {
int flags;
int id;
char *name;
struct chap_digest_type *digest;
int challenge_xmits;
int challenge_pktlen;
unsigned char challenge[CHAL_MAX_PKTLEN];
char message[256];
} chap_server_state;
#endif /* PPP_SERVER */
#endif /* CHAP_SUPPORT */
/*
* PPP interface control block.
*/
@ -262,6 +309,17 @@ typedef struct ppp_pcb_s {
int auth_done; /* Records which authentication operations have been completed. */
int num_np_open; /* Number of network protocols which we have opened. */
int num_np_up; /* Number of network protocols which have come up. */
#if PAP_SUPPORT
upap_state upap; /* PAP data */
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT
chap_client_state chap_client;
#if PPP_SERVER
chap_server_state chap_server;
#endif /* PPP_SERVER */
#endif /* CHAP_SUPPORT */
} ppp_pcb;
/************************

291
src/netif/ppp/upap.c
View File

@ -80,14 +80,13 @@ static option_t pap_option_list[] = {
/*
* Protocol entry points.
*/
static void upap_init (int);
static void upap_lowerup (int);
static void upap_lowerdown (int);
static void upap_input (int, u_char *, int);
static void upap_protrej (int);
static void upap_init(int unit);
static void upap_lowerup(int unit);
static void upap_lowerdown(int unit);
static void upap_input(int unit, u_char *inpacket, int l);
static void upap_protrej(int unit);
#if PRINTPKT_SUPPORT
static int upap_printpkt (u_char *, int,
void (*) (void *, char *, ...), void *);
static int upap_printpkt(u_char *p, int plen, void (*printer) (void *, char *, ...), void *arg);
#endif /* PRINTPKT_SUPPORT */
struct protent pap_protent = {
@ -118,45 +117,40 @@ struct protent pap_protent = {
#endif /* DEMAND_SUPPORT */
};
upap_state upap[NUM_PPP]; /* UPAP state; one for each unit */
static void upap_timeout (void *);
static void upap_timeout(void *arg);
#if PPP_SERVER
static void upap_reqtimeout (void *);
static void upap_reqtimeout(void *arg);
#endif /* PPP_SERVER */
#if 0 /* UNUSED */
static void upap_rauthreq (upap_state *, u_char *, int, int);
static void upap_rauthreq(ppp_pcb *pcb, u_char *inp, int id, int len);
#endif /* UNUSED */
static void upap_rauthack (upap_state *, u_char *, int, int);
static void upap_rauthnak (upap_state *, u_char *, int, int);
static void upap_sauthreq (upap_state *);
static void upap_rauthack(ppp_pcb *pcb, u_char *inp, int id, int len);
static void upap_rauthnak(ppp_pcb *pcb, u_char *inp, int id, int len);
static void upap_sauthreq(ppp_pcb *pcb);
#if 0 /* UNUSED */
static void upap_sresp (upap_state *, int, int, char *, int);
static void upap_sresp(ppp_pcb *pcb, u_char code, u_char id, char *msg, int msglen);
#endif /* UNUSED */
/*
* upap_init - Initialize a UPAP unit.
*/
static void
upap_init(unit)
int unit;
{
upap_state *u = &upap[unit];
static void upap_init(int unit) {
ppp_pcb *pcb = &ppp_pcb_list[unit];
u->us_unit = unit;
u->us_user = NULL;
u->us_userlen = 0;
u->us_passwd = NULL;
u->us_passwdlen = 0;
u->us_clientstate = UPAPCS_INITIAL;
pcb->upap.us_unit = unit;
pcb->upap.us_user = NULL;
pcb->upap.us_userlen = 0;
pcb->upap.us_passwd = NULL;
pcb->upap.us_passwdlen = 0;
pcb->upap.us_clientstate = UPAPCS_INITIAL;
#if PPP_SERVER
u->us_serverstate = UPAPSS_INITIAL;
pcb->upap.us_serverstate = UPAPSS_INITIAL;
#endif /* PPP_SERVER */
u->us_id = 0;
u->us_timeouttime = UPAP_DEFTIMEOUT;
u->us_maxtransmits = 10;
u->us_reqtimeout = UPAP_DEFREQTIME;
pcb->upap.us_id = 0;
pcb->upap.us_timeouttime = UPAP_DEFTIMEOUT;
pcb->upap.us_maxtransmits = 10;
pcb->upap.us_reqtimeout = UPAP_DEFREQTIME;
}
@ -165,28 +159,22 @@ upap_init(unit)
*
* Set new state and send authenticate's.
*/
void
upap_authwithpeer(unit, user, password)
int unit;
char *user, *password;
{
upap_state *u = &upap[unit];
void upap_authwithpeer(ppp_pcb *pcb, char *user, char *password) {
/* Save the username and password we're given */
u->us_user = user;
u->us_userlen = strlen(user);
u->us_passwd = password;
u->us_passwdlen = strlen(password);
u->us_transmits = 0;
pcb->upap.us_user = user;
pcb->upap.us_userlen = strlen(user);
pcb->upap.us_passwd = password;
pcb->upap.us_passwdlen = strlen(password);
pcb->upap.us_transmits = 0;
/* Lower layer up yet? */
if (u->us_clientstate == UPAPCS_INITIAL ||
u->us_clientstate == UPAPCS_PENDING) {
u->us_clientstate = UPAPCS_PENDING;
if (pcb->upap.us_clientstate == UPAPCS_INITIAL ||
pcb->upap.us_clientstate == UPAPCS_PENDING) {
pcb->upap.us_clientstate = UPAPCS_PENDING;
return;
}
upap_sauthreq(u); /* Start protocol */
upap_sauthreq(pcb); /* Start protocol */
}
#if PPP_SERVER
@ -195,47 +183,39 @@ upap_authwithpeer(unit, user, password)
*
* Set new state.
*/
void
upap_authpeer(unit)
int unit;
{
upap_state *u = &upap[unit];
void upap_authpeer(ppp_pcb *pcb) {
/* Lower layer up yet? */
if (u->us_serverstate == UPAPSS_INITIAL ||
u->us_serverstate == UPAPSS_PENDING) {
u->us_serverstate = UPAPSS_PENDING;
if (pcb->upap.us_serverstate == UPAPSS_INITIAL ||
pcb->upap.us_serverstate == UPAPSS_PENDING) {
pcb->upap.us_serverstate = UPAPSS_PENDING;
return;
}
u->us_serverstate = UPAPSS_LISTEN;
if (u->us_reqtimeout > 0)
TIMEOUT(upap_reqtimeout, u, u->us_reqtimeout);
pcb->upap.us_serverstate = UPAPSS_LISTEN;
if (pcb->upap.us_reqtimeout > 0)
TIMEOUT(upap_reqtimeout, pcb, pcb->upap.us_reqtimeout);
}
#endif /* PPP_SERVER */
/*
* upap_timeout - Retransmission timer for sending auth-reqs expired.
*/
static void
upap_timeout(arg)
void *arg;
{
upap_state *u = (upap_state *) arg;
ppp_pcb *pcb = &ppp_pcb_list[u->us_unit];
static void upap_timeout(void *arg) {
ppp_pcb *pcb = (ppp_pcb*)arg;
if (u->us_clientstate != UPAPCS_AUTHREQ)
if (pcb->upap.us_clientstate != UPAPCS_AUTHREQ)
return;
if (u->us_transmits >= u->us_maxtransmits) {
if (pcb->upap.us_transmits >= pcb->upap.us_maxtransmits) {
/* give up in disgust */
error("No response to PAP authenticate-requests");
u->us_clientstate = UPAPCS_BADAUTH;
pcb->upap.us_clientstate = UPAPCS_BADAUTH;
auth_withpeer_fail(pcb, PPP_PAP);
return;
}
upap_sauthreq(u); /* Send Authenticate-Request */
upap_sauthreq(pcb); /* Send Authenticate-Request */
}
@ -243,17 +223,14 @@ upap_timeout(arg)
/*
* upap_reqtimeout - Give up waiting for the peer to send an auth-req.
*/
static void
upap_reqtimeout(arg)
void *arg;
{
upap_state *u = (upap_state *) arg;
static void upap_reqtimeout(void *arg) {
ppp_pcb *pcb = (ppp_pcb*)arg;
if (u->us_serverstate != UPAPSS_LISTEN)
if (pcb->upap.us_serverstate != UPAPSS_LISTEN)
return; /* huh?? */
auth_peer_fail(pcb, PPP_PAP);
u->us_serverstate = UPAPSS_BADAUTH;
pcb->upap.us_serverstate = UPAPSS_BADAUTH;
}
#endif /* PPP_SERVER */
@ -263,25 +240,22 @@ upap_reqtimeout(arg)
*
* Start authenticating if pending.
*/
static void
upap_lowerup(unit)
int unit;
{
upap_state *u = &upap[unit];
static void upap_lowerup(int unit) {
ppp_pcb *pcb = &ppp_pcb_list[unit];
if (u->us_clientstate == UPAPCS_INITIAL)
u->us_clientstate = UPAPCS_CLOSED;
else if (u->us_clientstate == UPAPCS_PENDING) {
upap_sauthreq(u); /* send an auth-request */
if (pcb->upap.us_clientstate == UPAPCS_INITIAL)
pcb->upap.us_clientstate = UPAPCS_CLOSED;
else if (pcb->upap.us_clientstate == UPAPCS_PENDING) {
upap_sauthreq(pcb); /* send an auth-request */
}
#if PPP_SERVER
if (u->us_serverstate == UPAPSS_INITIAL)
u->us_serverstate = UPAPSS_CLOSED;
else if (u->us_serverstate == UPAPSS_PENDING) {
u->us_serverstate = UPAPSS_LISTEN;
if (u->us_reqtimeout > 0)
TIMEOUT(upap_reqtimeout, u, u->us_reqtimeout);
if (pcb->upap.us_serverstate == UPAPSS_INITIAL)
pcb->upap.us_serverstate = UPAPSS_CLOSED;
else if (pcb->upap.us_serverstate == UPAPSS_PENDING) {
pcb->upap.us_serverstate = UPAPSS_LISTEN;
if (pcb->upap.us_reqtimeout > 0)
TIMEOUT(upap_reqtimeout, u, pcb->upap.us_reqtimeout);
}
#endif /* PPP_SERVER */
}
@ -292,22 +266,19 @@ upap_lowerup(unit)
*
* Cancel all timeouts.
*/
static void
upap_lowerdown(unit)
int unit;
{
upap_state *u = &upap[unit];
static void upap_lowerdown(int unit) {
ppp_pcb *pcb = &ppp_pcb_list[unit];
if (u->us_clientstate == UPAPCS_AUTHREQ) /* Timeout pending? */
UNTIMEOUT(upap_timeout, u); /* Cancel timeout */
if (pcb->upap.us_clientstate == UPAPCS_AUTHREQ) /* Timeout pending? */
UNTIMEOUT(upap_timeout, pcb); /* Cancel timeout */
#if PPP_SERVER
if (u->us_serverstate == UPAPSS_LISTEN && u->us_reqtimeout > 0)
if (pcb->upap.us_serverstate == UPAPSS_LISTEN && pcb->upap.us_reqtimeout > 0)
UNTIMEOUT(upap_reqtimeout, u);
#endif /* PPP_SERVER */
u->us_clientstate = UPAPCS_INITIAL;
pcb->upap.us_clientstate = UPAPCS_INITIAL;
#if PPP_SERVER
u->us_serverstate = UPAPSS_INITIAL;
pcb->upap.us_serverstate = UPAPSS_INITIAL;
#endif /* PPP_SERVER */
}
@ -317,19 +288,15 @@ upap_lowerdown(unit)
*
* This shouldn't happen. In any case, pretend lower layer went down.
*/
static void
upap_protrej(unit)
int unit;
{
upap_state *u = &upap[unit];
ppp_pcb *pcb = &ppp_pcb_list[u->us_unit];
static void upap_protrej(int unit) {
ppp_pcb *pcb = &ppp_pcb_list[unit];
if (u->us_clientstate == UPAPCS_AUTHREQ) {
if (pcb->upap.us_clientstate == UPAPCS_AUTHREQ) {
error("PAP authentication failed due to protocol-reject");
auth_withpeer_fail(pcb, PPP_PAP);
}
#if PPP_SERVER
if (u->us_serverstate == UPAPSS_LISTEN) {
if (pcb->upap.us_serverstate == UPAPSS_LISTEN) {
error("PAP authentication of peer failed (protocol-reject)");
auth_peer_fail(pcb, PPP_PAP);
}
@ -341,13 +308,8 @@ upap_protrej(unit)
/*
* upap_input - Input UPAP packet.
*/
static void
upap_input(unit, inpacket, l)
int unit;
u_char *inpacket;
int l;
{
upap_state *u = &upap[unit];
static void upap_input(int unit, u_char *inpacket, int l) {
ppp_pcb *pcb = &ppp_pcb_list[unit];
u_char *inp;
u_char code, id;
int len;
@ -380,16 +342,16 @@ upap_input(unit, inpacket, l)
switch (code) {
case UPAP_AUTHREQ:
#if 0 /* UNUSED */
upap_rauthreq(u, inp, id, len);
upap_rauthreq(pcb, inp, id, len);
#endif /* UNUSED */
break;
case UPAP_AUTHACK:
upap_rauthack(u, inp, id, len);
upap_rauthack(pcb, inp, id, len);
break;
case UPAP_AUTHNAK:
upap_rauthnak(u, inp, id, len);
upap_rauthnak(pcb, inp, id, len);
break;
default: /* XXX Need code reject */
@ -401,13 +363,7 @@ upap_input(unit, inpacket, l)
/*
* upap_rauth - Receive Authenticate.
*/
static void
upap_rauthreq(u, inp, id, len)
upap_state *u;
u_char *inp;
int id;
int len;
{
static void upap_rauthreq(ppp_pcb *pcb, u_char *inp, int id, int len) {
u_char ruserlen, rpasswdlen;
char *ruser, *rpasswd;
char rhostname[256];
@ -415,18 +371,18 @@ upap_rauthreq(u, inp, id, len)
char *msg;
int msglen;
if (u->us_serverstate < UPAPSS_LISTEN)
if (pcb->upap.us_serverstate < UPAPSS_LISTEN)
return;
/*
* If we receive a duplicate authenticate-request, we are
* supposed to return the same status as for the first request.
*/
if (u->us_serverstate == UPAPSS_OPEN) {
if (pcb->upap.us_serverstate == UPAPSS_OPEN) {
upap_sresp(u, UPAP_AUTHACK, id, "", 0); /* return auth-ack */
return;
}
if (u->us_serverstate == UPAPSS_BADAUTH) {
if (pcb->upap.us_serverstate == UPAPSS_BADAUTH) {
upap_sresp(u, UPAP_AUTHNAK, id, "", 0); /* return auth-nak */
return;
}
@ -456,7 +412,7 @@ upap_rauthreq(u, inp, id, len)
/*
* Check the username and password given.
*/
retcode = check_passwd(u->us_unit, ruser, ruserlen, rpasswd,
retcode = check_passwd(pcb->upap.us_unit, ruser, ruserlen, rpasswd,
rpasswdlen, &msg);
BZERO(rpasswd, rpasswdlen);
@ -484,16 +440,16 @@ upap_rauthreq(u, inp, id, len)
slprintf(rhostname, sizeof(rhostname), "%.*v", ruserlen, ruser);
if (retcode == UPAP_AUTHACK) {
u->us_serverstate = UPAPSS_OPEN;
pcb->upap.us_serverstate = UPAPSS_OPEN;
notice("PAP peer authentication succeeded for %q", rhostname);
auth_peer_success(pcb, PPP_PAP, 0, ruser, ruserlen);
} else {
u->us_serverstate = UPAPSS_BADAUTH;
pcb->upap.us_serverstate = UPAPSS_BADAUTH;
warn("PAP peer authentication failed for %q", rhostname);
auth_peer_fail(pcb, PPP_PAP);
}
if (u->us_reqtimeout > 0)
if (pcb->upap.us_reqtimeout > 0)
UNTIMEOUT(upap_reqtimeout, u);
}
#endif /* UNUSED */
@ -501,18 +457,11 @@ upap_rauthreq(u, inp, id, len)
/*
* upap_rauthack - Receive Authenticate-Ack.
*/
static void
upap_rauthack(u, inp, id, len)
upap_state *u;
u_char *inp;
int id;
int len;
{
ppp_pcb *pcb = &ppp_pcb_list[u->us_unit];
static void upap_rauthack(ppp_pcb *pcb, u_char *inp, int id, int len) {
u_char msglen;
char *msg;
if (u->us_clientstate != UPAPCS_AUTHREQ) /* XXX */
if (pcb->upap.us_clientstate != UPAPCS_AUTHREQ) /* XXX */
return;
/*
@ -533,7 +482,7 @@ upap_rauthack(u, inp, id, len)
}
}
u->us_clientstate = UPAPCS_OPEN;
pcb->upap.us_clientstate = UPAPCS_OPEN;
auth_withpeer_success(pcb, PPP_PAP, 0);
}
@ -542,18 +491,11 @@ upap_rauthack(u, inp, id, len)
/*
* upap_rauthnak - Receive Authenticate-Nak.
*/
static void
upap_rauthnak(u, inp, id, len)
upap_state *u;
u_char *inp;
int id;
int len;
{
ppp_pcb *pcb = &ppp_pcb_list[u->us_unit];
static void upap_rauthnak(ppp_pcb *pcb, u_char *inp, int id, int len) {
u_char msglen;
char *msg;
if (u->us_clientstate != UPAPCS_AUTHREQ) /* XXX */
if (pcb->upap.us_clientstate != UPAPCS_AUTHREQ) /* XXX */
return;
/*
@ -574,7 +516,7 @@ upap_rauthnak(u, inp, id, len)
}
}
u->us_clientstate = UPAPCS_BADAUTH;
pcb->upap.us_clientstate = UPAPCS_BADAUTH;
error("PAP authentication failed");
auth_withpeer_fail(pcb, PPP_PAP);
@ -584,48 +526,37 @@ upap_rauthnak(u, inp, id, len)
/*
* upap_sauthreq - Send an Authenticate-Request.
*/
static void
upap_sauthreq(u)
upap_state *u;
{
ppp_pcb *pcb = &ppp_pcb_list[u->us_unit];
static void upap_sauthreq(ppp_pcb *pcb) {
u_char *outp;
int outlen;
outlen = UPAP_HEADERLEN + 2 * sizeof (u_char) +
u->us_userlen + u->us_passwdlen;
pcb->upap.us_userlen + pcb->upap.us_passwdlen;
outp = outpacket_buf;
MAKEHEADER(outp, PPP_PAP);
PUTCHAR(UPAP_AUTHREQ, outp);
PUTCHAR(++u->us_id, outp);
PUTCHAR(++pcb->upap.us_id, outp);
PUTSHORT(outlen, outp);
PUTCHAR(u->us_userlen, outp);
MEMCPY(outp, u->us_user, u->us_userlen);
INCPTR(u->us_userlen, outp);
PUTCHAR(u->us_passwdlen, outp);
MEMCPY(outp, u->us_passwd, u->us_passwdlen);
PUTCHAR(pcb->upap.us_userlen, outp);
MEMCPY(outp, pcb->upap.us_user, pcb->upap.us_userlen);
INCPTR(pcb->upap.us_userlen, outp);
PUTCHAR(pcb->upap.us_passwdlen, outp);
MEMCPY(outp, pcb->upap.us_passwd, pcb->upap.us_passwdlen);
ppp_write(pcb, outpacket_buf, outlen + PPP_HDRLEN);
TIMEOUT(upap_timeout, u, u->us_timeouttime);
++u->us_transmits;
u->us_clientstate = UPAPCS_AUTHREQ;
TIMEOUT(upap_timeout, pcb, pcb->upap.us_timeouttime);
++pcb->upap.us_transmits;
pcb->upap.us_clientstate = UPAPCS_AUTHREQ;
}
#if 0 /* UNUSED */
/*
* upap_sresp - Send a response (ack or nak).
*/
static void
upap_sresp(u, code, id, msg, msglen)
upap_state *u;
u_char code, id;
char *msg;
int msglen;
{
ppp_pcb *pcb = &ppp_pcb_list[u->us_unit];
static void upap_sresp(ppp_pcb *pcb, u_char code, u_char id, char *msg, int msglen) {
u_char *outp;
int outlen;
@ -650,13 +581,7 @@ static char *upap_codenames[] = {
"AuthReq", "AuthAck", "AuthNak"
};
static int
upap_printpkt(p, plen, printer, arg)
u_char *p;
int plen;
void (*printer) (void *, char *, ...);
void *arg;
{
static int upap_printpkt(u_char *p, int plen, void (*printer) (void *, char *, ...), void *arg) {
int code, id, len;
int mlen, ulen, wlen;
char *user, *pwd, *msg;

35
src/netif/ppp/upap.h
View File

@ -45,6 +45,11 @@
#include "lwip/opt.h"
#if PPP_SUPPORT && PAP_SUPPORT /* don't build if not configured for use in lwipopts.h */
#ifndef UPAP_H
#define UPAP_H
#include "ppp.h"
/*
* Packet header = Code, id, length.
*/
@ -59,27 +64,6 @@
#define UPAP_AUTHNAK 3 /* Authenticate-Nak */
/*
* Each interface is described by upap structure.
*/
typedef struct upap_state {
int us_unit; /* Interface unit number */
char *us_user; /* User */
int us_userlen; /* User length */
char *us_passwd; /* Password */
int us_passwdlen; /* Password length */
int us_clientstate; /* Client state */
#if PPP_SERVER
int us_serverstate; /* Server state */
#endif /* PPP_SERVER */
u_char us_id; /* Current id */
int us_timeouttime; /* Timeout (seconds) for auth-req retrans. */
int us_transmits; /* Number of auth-reqs sent */
int us_maxtransmits; /* Maximum number of auth-reqs to send */
int us_reqtimeout; /* Time to wait for auth-req from peer */
} upap_state;
/*
* Client states.
*/
@ -109,11 +93,12 @@ typedef struct upap_state {
#endif /* moved to opt.h */
#define UPAP_DEFREQTIME 30 /* Time to wait for auth-req from peer */
extern upap_state upap[];
void upap_authwithpeer (int, char *, char *);
void upap_authpeer (int);
void upap_authwithpeer(ppp_pcb *pcb, char *user, char *password);
#if PPP_SERVER
void upap_authpeer(ppp_pcb *pcb);
#endif /* PPP_SERVER */
extern struct protent pap_protent;
#endif /* UPAP_H */
#endif /* PPP_SUPPORT && PAP_SUPPORT */