mirror/lwip
1
0
Fork 0
mirror of https://github.com/lwip-tcpip/lwip.git synced 2025-04-16 08:43:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

moved refuse_mschap, refuse_mschap_v2, refuse_eap from globals to ppp_settings

Browse Source
This commit is contained in:
Sylvain Rochet 2012-05-17 19:41:34 +02:00
parent 2a44bad2e7
commit 372a0f9eea
2 changed files with 20 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/netif/ppp/auth.c
View File

@ -223,13 +223,13 @@ bool session_mgmt = 0; /* Do session management (login records) */
bool cryptpap = 0; /* Passwords in pap-secrets are encrypted */ bool cryptpap = 0; /* Passwords in pap-secrets are encrypted */
//bool refuse_pap = 0; /* Don't wanna auth. ourselves with PAP */ //bool refuse_pap = 0; /* Don't wanna auth. ourselves with PAP */
//bool refuse_chap = 0; /* Don't wanna auth. ourselves with CHAP */ //bool refuse_chap = 0; /* Don't wanna auth. ourselves with CHAP */
bool refuse_eap = 0; /* Don't wanna auth. ourselves with EAP */ //bool refuse_eap = 0; /* Don't wanna auth. ourselves with EAP */
#ifdef CHAPMS #ifdef CHAPMS
bool refuse_mschap = 0; /* Don't wanna auth. ourselves with MS-CHAP */ //bool refuse_mschap = 0; /* Don't wanna auth. ourselves with MS-CHAP */
bool refuse_mschap_v2 = 0; /* Don't wanna auth. ourselves with MS-CHAPv2 */ //bool refuse_mschap_v2 = 0; /* Don't wanna auth. ourselves with MS-CHAPv2 */
#else #else
bool refuse_mschap = 1; /* Don't wanna auth. ourselves with MS-CHAP */ //bool refuse_mschap = 1; /* Don't wanna auth. ourselves with MS-CHAP */
bool refuse_mschap_v2 = 1; /* Don't wanna auth. ourselves with MS-CHAPv2 */ //bool refuse_mschap_v2 = 1; /* Don't wanna auth. ourselves with MS-CHAPv2 */
#endif #endif
bool usehostname = 0; /* Use hostname for our_name */ bool usehostname = 0; /* Use hostname for our_name */
bool auth_required = 0; /* Always require authentication from peer */ bool auth_required = 0; /* Always require authentication from peer */
@ -330,6 +330,7 @@ option_t auth_options[] = {
&lcp_allowoptions[0].chap_mdtype }, &lcp_allowoptions[0].chap_mdtype },
#endif #endif
#ifdef CHAPMS #ifdef CHAPMS
#if 0
{ "refuse-mschap", o_bool, &refuse_mschap, { "refuse-mschap", o_bool, &refuse_mschap,
"Don't agree to auth to peer with MS-CHAP", "Don't agree to auth to peer with MS-CHAP",
OPT_A2CLRB | MDTYPE_MICROSOFT, OPT_A2CLRB | MDTYPE_MICROSOFT,
@ -346,14 +347,16 @@ option_t auth_options[] = {
"Don't allow MS-CHAPv2 authentication with peer", "Don't allow MS-CHAPv2 authentication with peer",
OPT_ALIAS | OPT_A2CLRB | MDTYPE_MICROSOFT_V2, OPT_ALIAS | OPT_A2CLRB | MDTYPE_MICROSOFT_V2,
&lcp_allowoptions[0].chap_mdtype }, &lcp_allowoptions[0].chap_mdtype },
#endif
#endif #endif
{ "require-eap", o_bool, &lcp_wantoptions[0].neg_eap, { "require-eap", o_bool, &lcp_wantoptions[0].neg_eap,
"Require EAP authentication from peer", OPT_PRIOSUB | 1, "Require EAP authentication from peer", OPT_PRIOSUB | 1,
&auth_required }, &auth_required },
#if 0
{ "refuse-eap", o_bool, &refuse_eap, { "refuse-eap", o_bool, &refuse_eap,
"Don't agree to authenticate to peer with EAP", 1 }, "Don't agree to authenticate to peer with EAP", 1 },
#endif
{ "name", o_string, our_name, { "name", o_string, our_name,
"Set local name for authentication", "Set local name for authentication",
OPT_PRIO | OPT_PRIV | OPT_STATIC, NULL, MAXNAMELEN }, OPT_PRIO | OPT_PRIV | OPT_STATIC, NULL, MAXNAMELEN },
@ -1319,12 +1322,15 @@ auth_reset(unit)
lcp_options *go = &lcp_gotoptions[unit]; lcp_options *go = &lcp_gotoptions[unit];
lcp_options *ao = &lcp_allowoptions[unit]; lcp_options *ao = &lcp_allowoptions[unit];
int hadchap; int hadchap;
hadchap = -1; hadchap = -1;
//ao->neg_upap = !ppp_settings.refuse_pap && (ppp_settings.passwd[0] != 0 || get_pap_passwd(NULL)); //ao->neg_upap = !ppp_settings.refuse_pap && (ppp_settings.passwd[0] != 0 || get_pap_passwd(NULL));
ao->neg_upap = !ppp_settings.refuse_pap && ppp_settings.passwd[0] != 0; ao->neg_upap = !ppp_settings.refuse_pap && ppp_settings.passwd[0] != 0;
ao->neg_chap = (!ppp_settings.refuse_chap || !refuse_mschap || !refuse_mschap_v2) && ppp_settings.passwd[0]; ao->neg_chap = (!ppp_settings.refuse_chap || !ppp_settings.refuse_mschap || !ppp_settings.refuse_mschap_v2) && ppp_settings.passwd[0];
ao->neg_eap = !ppp_settings.refuse_eap && ppp_settings.passwd[0] != 0;
return; return;
@ -1333,12 +1339,14 @@ auth_reset(unit)
&& (passwd[0] != 0 || && (passwd[0] != 0 ||
(hadchap = have_chap_secret(user, (explicit_remote? remote_name: (hadchap = have_chap_secret(user, (explicit_remote? remote_name:
NULL), 0, NULL))); */ NULL), 0, NULL))); */
/*
ao->neg_eap = !refuse_eap && ( ao->neg_eap = !refuse_eap && (
passwd[0] != 0 || passwd[0] != 0 ||
(hadchap == 1 || (hadchap == -1 && have_chap_secret(ppp_settings.user, (hadchap == 1 || (hadchap == -1 && have_chap_secret(ppp_settings.user,
(explicit_remote? remote_name: NULL), 0, NULL))) || (explicit_remote? remote_name: NULL), 0, NULL))) ||
have_srp_secret(ppp_settings.user, (explicit_remote? remote_name: NULL), 0, NULL)); have_srp_secret(ppp_settings.user, (explicit_remote? remote_name: NULL), 0, NULL)); */
/* FIXME: find what the below stuff do */
hadchap = -1; hadchap = -1;
if (go->neg_upap && !uselogin && !have_pap_secret(NULL)) if (go->neg_upap && !uselogin && !have_pap_secret(NULL))
go->neg_upap = 0; go->neg_upap = 0;

3
src/netif/ppp/pppmy.h
View File

@ -45,6 +45,9 @@ struct ppp_settings {
u_int explicit_remote : 1; /* remote_name specified with remotename opt */ u_int explicit_remote : 1; /* remote_name specified with remotename opt */
u_int refuse_pap : 1; /* Don't wanna auth. ourselves with PAP */ u_int refuse_pap : 1; /* Don't wanna auth. ourselves with PAP */
u_int refuse_chap : 1; /* Don't wanna auth. ourselves with CHAP */ u_int refuse_chap : 1; /* Don't wanna auth. ourselves with CHAP */
u_int refuse_mschap : 1; /* Don't wanna auth. ourselves with MS-CHAP */
u_int refuse_mschap_v2 : 1; /* Don't wanna auth. ourselves with MS-CHAPv2 */
u_int refuse_eap : 1; /* Don't wanna auth. ourselves with EAP */
u_int usehostname : 1; /* Use hostname for our_name */ u_int usehostname : 1; /* Use hostname for our_name */
u_int usepeerdns : 1; /* Ask peer for DNS adds */ u_int usepeerdns : 1; /* Ask peer for DNS adds */