PPP, MSCHAP, reworked local functions and constants

MSCHAP was written the old-way, with all functions declared non static in
header, independent of their local or global scope status. Same for local
constants. Reworked in a more mordern way.

src/include/netif/ppp/chap_ms.h

@@ -35,65 +35,6 @@
 
 #ifndef __CHAPMS_INCLUDE__
 
-#define MD4_SIGNATURE_SIZE	16	/* 16 bytes in a MD4 message digest */
-#define MAX_NT_PASSWORD		256	/* Max (Unicode) chars in an NT pass */
-
-#define MS_CHAP_RESPONSE_LEN	49	/* Response length for MS-CHAP */
-#define MS_CHAP2_RESPONSE_LEN	49	/* Response length for MS-CHAPv2 */
-#define MS_AUTH_RESPONSE_LENGTH	40	/* MS-CHAPv2 authenticator response, */
-					/* as ASCII */
-
-/* Error codes for MS-CHAP failure messages. */
-#define MS_CHAP_ERROR_RESTRICTED_LOGON_HOURS	646
-#define MS_CHAP_ERROR_ACCT_DISABLED		647
-#define MS_CHAP_ERROR_PASSWD_EXPIRED		648
-#define MS_CHAP_ERROR_NO_DIALIN_PERMISSION	649
-#define MS_CHAP_ERROR_AUTHENTICATION_FAILURE	691
-#define MS_CHAP_ERROR_CHANGING_PASSWORD		709
-
-/*
- * Offsets within the response field for MS-CHAP
- */
-#define MS_CHAP_LANMANRESP	0
-#define MS_CHAP_LANMANRESP_LEN	24
-#define MS_CHAP_NTRESP		24
-#define MS_CHAP_NTRESP_LEN	24
-#define MS_CHAP_USENT		48
-
-/*
- * Offsets within the response field for MS-CHAP2
- */
-#define MS_CHAP2_PEER_CHALLENGE	0
-#define MS_CHAP2_PEER_CHAL_LEN	16
-#define MS_CHAP2_RESERVED_LEN	8
-#define MS_CHAP2_NTRESP		24
-#define MS_CHAP2_NTRESP_LEN	24
-#define MS_CHAP2_FLAGS		48
-
-#if MPPE_SUPPORT
-#if 0 /* UNUSED */
-/* These values are the RADIUS attribute values--see RFC 2548. */
-#define MPPE_ENC_POL_ENC_ALLOWED 1
-#define MPPE_ENC_POL_ENC_REQUIRED 2
-#define MPPE_ENC_TYPES_RC4_40 2
-#define MPPE_ENC_TYPES_RC4_128 4
-
-/* used by plugins (using above values) */
-extern void set_mppe_enc_types(int, int);
-#endif /* UNUSED */
-#endif /* MPPE_SUPPORT */
-
-/* Are we the authenticator or authenticatee?  For MS-CHAPv2 key derivation. */
-#define MS_CHAP2_AUTHENTICATEE 0
-#define MS_CHAP2_AUTHENTICATOR 1
-
-void	ChallengeHash (u_char[16], u_char *, char *, u_char[8]);
-
-void GenerateAuthenticatorResponse(u_char PasswordHashHash[MD4_SIGNATURE_SIZE],
-			u_char NTResponse[24], u_char PeerChallenge[16],
-			u_char *rchallenge, char *username,
-			u_char authResponse[MS_AUTH_RESPONSE_LENGTH+1]);
-
 extern const struct chap_digest_type chapms_digest;
 extern const struct chap_digest_type chapms2_digest;
 

src/netif/ppp/chap_ms.c

@@ -112,11 +112,63 @@
 #include "polarssl/des.h"
 #endif
 
-#define SHA1_SIGNATURE_SIZE 20
+#define SHA1_SIGNATURE_SIZE	20
+#define MD4_SIGNATURE_SIZE	16	/* 16 bytes in a MD4 message digest */
+#define MAX_NT_PASSWORD		256	/* Max (Unicode) chars in an NT pass */
+
+#define MS_CHAP_RESPONSE_LEN	49	/* Response length for MS-CHAP */
+#define MS_CHAP2_RESPONSE_LEN	49	/* Response length for MS-CHAPv2 */
+#define MS_AUTH_RESPONSE_LENGTH	40	/* MS-CHAPv2 authenticator response, */
+					/* as ASCII */
+
+/* Error codes for MS-CHAP failure messages. */
+#define MS_CHAP_ERROR_RESTRICTED_LOGON_HOURS	646
+#define MS_CHAP_ERROR_ACCT_DISABLED		647
+#define MS_CHAP_ERROR_PASSWD_EXPIRED		648
+#define MS_CHAP_ERROR_NO_DIALIN_PERMISSION	649
+#define MS_CHAP_ERROR_AUTHENTICATION_FAILURE	691
+#define MS_CHAP_ERROR_CHANGING_PASSWORD		709
+
+/*
+ * Offsets within the response field for MS-CHAP
+ */
+#define MS_CHAP_LANMANRESP	0
+#define MS_CHAP_LANMANRESP_LEN	24
+#define MS_CHAP_NTRESP		24
+#define MS_CHAP_NTRESP_LEN	24
+#define MS_CHAP_USENT		48
+
+/*
+ * Offsets within the response field for MS-CHAP2
+ */
+#define MS_CHAP2_PEER_CHALLENGE	0
+#define MS_CHAP2_PEER_CHAL_LEN	16
+#define MS_CHAP2_RESERVED_LEN	8
+#define MS_CHAP2_NTRESP		24
+#define MS_CHAP2_NTRESP_LEN	24
+#define MS_CHAP2_FLAGS		48
+
+#if MPPE_SUPPORT
+#if 0 /* UNUSED */
+/* These values are the RADIUS attribute values--see RFC 2548. */
+#define MPPE_ENC_POL_ENC_ALLOWED 1
+#define MPPE_ENC_POL_ENC_REQUIRED 2
+#define MPPE_ENC_TYPES_RC4_40 2
+#define MPPE_ENC_TYPES_RC4_128 4
+
+/* used by plugins (using above values) */
+extern void set_mppe_enc_types(int, int);
+#endif /* UNUSED */
+#endif /* MPPE_SUPPORT */
+
+/* Are we the authenticator or authenticatee?  For MS-CHAPv2 key derivation. */
+#define MS_CHAP2_AUTHENTICATEE 0
+#define MS_CHAP2_AUTHENTICATOR 1
 
 static void	ascii2unicode (char[], int, u_char[]);
 static void	NTPasswordHash (u_char *, int, u_char[MD4_SIGNATURE_SIZE]);
 static void	ChallengeResponse (u_char *, u_char *, u_char[24]);
+static void	ChallengeHash (u_char[16], u_char *, char *, u_char[8]);
 static void	ChapMS_NT (u_char *, char *, int, u_char[24]);
 static void	ChapMS2_NT (u_char *, u_char[16], char *, char *, int,
 				u_char[24]);
@@ -127,6 +179,11 @@ static void	GenerateAuthenticatorResponsePlain
 static void	ChapMS_LANMan (u_char *, char *, int, u_char *);
 #endif
 
+static void GenerateAuthenticatorResponse(u_char PasswordHashHash[MD4_SIGNATURE_SIZE],
+			u_char NTResponse[24], u_char PeerChallenge[16],
+			u_char *rchallenge, char *username,
+			u_char authResponse[MS_AUTH_RESPONSE_LENGTH+1]);
+
 #if MPPE_SUPPORT
 static void mppe_set_keys(ppp_pcb *pcb, u_char *rchallenge,
 	u_char PasswordHashHash[MD4_SIGNATURE_SIZE]);
@@ -487,7 +544,7 @@ static void ChallengeResponse(u_char *challenge,
 #endif
 }
 
-void ChallengeHash(u_char PeerChallenge[16], u_char *rchallenge,
+static void ChallengeHash(u_char PeerChallenge[16], u_char *rchallenge,
 	      char *username, u_char Challenge[8]) {
     sha1_context	sha1Context;
     u_char	sha1Hash[SHA1_SIGNATURE_SIZE];
@@ -587,7 +644,7 @@ static void ChapMS_LANMan(u_char *rchallenge, char *secret, int secret_len,
 #endif
 
 
-void GenerateAuthenticatorResponse(u_char PasswordHashHash[MD4_SIGNATURE_SIZE],
+static void GenerateAuthenticatorResponse(u_char PasswordHashHash[MD4_SIGNATURE_SIZE],
 			      u_char NTResponse[24], u_char PeerChallenge[16],
 			      u_char *rchallenge, char *username,
 			      u_char authResponse[MS_AUTH_RESPONSE_LENGTH+1]) {