mirror/lwip
1
0
Fork 0
mirror of https://github.com/lwip-tcpip/lwip.git synced 2025-03-25 16:44:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

PAP support is now an optional compile-time feature

Browse Source
This commit is contained in:
Sylvain Rochet 2012-05-30 23:32:30 +02:00
parent 339925e835
commit 4704efa32a
9 changed files with 193 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
src/netif/ppp/auth.c
View File

@ -107,7 +107,9 @@
#include "ccp.h" #include "ccp.h"
#include "ecp.h" #include "ecp.h"
#include "ipcp.h" #include "ipcp.h"
#if PAP_SUPPORT
#include "upap.h" #include "upap.h"
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
#include "chap-new.h" #include "chap-new.h"
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
@ -765,7 +767,10 @@ link_established(unit)
set_allowed_addrs(unit, NULL, NULL); set_allowed_addrs(unit, NULL, NULL);
#endif /* PPP_ALLOWED_ADDRS */ #endif /* PPP_ALLOWED_ADDRS */
if (auth_required && !(go->neg_upap if (auth_required && !(0
#if PAP_SUPPORT
|| go->neg_upap
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
|| go->neg_chap || go->neg_chap
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
@ -809,10 +814,14 @@ link_established(unit)
auth |= CHAP_PEER; auth |= CHAP_PEER;
} else } else
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
if (go->neg_upap) { if (go->neg_upap) {
upap_authpeer(unit); upap_authpeer(unit);
auth |= PAP_PEER; auth |= PAP_PEER;
} } else
#endif /* PAP_SUPPORT */
{}
#if EAP_SUPPORT #if EAP_SUPPORT
if (ho->neg_eap) { if (ho->neg_eap) {
eap_authwithpeer(unit, ppp_settings.user); eap_authwithpeer(unit, ppp_settings.user);
@ -825,10 +834,14 @@ link_established(unit)
auth |= CHAP_WITHPEER; auth |= CHAP_WITHPEER;
} else } else
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
if (ho->neg_upap) { if (ho->neg_upap) {
upap_authwithpeer(unit, ppp_settings.user, ppp_settings.passwd); upap_authwithpeer(unit, ppp_settings.user, ppp_settings.passwd);
auth |= PAP_WITHPEER; auth |= PAP_WITHPEER;
} } else
#endif /* PAP_SUPPORT */
{}
auth_pending[unit] = auth; auth_pending[unit] = auth;
auth_done[unit] = 0; auth_done[unit] = 0;
@ -859,7 +872,9 @@ network_phase(unit)
#if CHAP_SUPPORT #if CHAP_SUPPORT
|| go->neg_chap || go->neg_chap
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
|| go->neg_upap || go->neg_upap
#endif /* PAP_SUPPORT */
#if EAP_SUPPORT #if EAP_SUPPORT
|| go->neg_eap || go->neg_eap
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
@ -1000,12 +1015,16 @@ auth_peer_success(unit, protocol, prot_flavor, name, namelen)
} }
break; break;
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
case PPP_PAP: case PPP_PAP:
bit = PAP_PEER; bit = PAP_PEER;
break; break;
#endif /* PAP_SUPPORT */
#if EAP_SUPPORT
case PPP_EAP: case PPP_EAP:
bit = EAP_PEER; bit = EAP_PEER;
break; break;
#endif /* EAP_SUPPORT */
default: default:
warn("auth_peer_success: unknown protocol %x", protocol); warn("auth_peer_success: unknown protocol %x", protocol);
return; return;
@ -1078,14 +1097,18 @@ auth_withpeer_success(unit, protocol, prot_flavor)
} }
break; break;
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
case PPP_PAP: case PPP_PAP:
bit = PAP_WITHPEER; bit = PAP_WITHPEER;
prot = "PAP"; prot = "PAP";
break; break;
#endif /* PAP_SUPPORT */
#if EAP_SUPPORT
case PPP_EAP: case PPP_EAP:
bit = EAP_WITHPEER; bit = EAP_WITHPEER;
prot = "EAP"; prot = "EAP";
break; break;
#endif /* EAP_SUPPORT */
default: default:
warn("auth_withpeer_success: unknown protocol %x", protocol); warn("auth_withpeer_success: unknown protocol %x", protocol);
bit = 0; bit = 0;
@ -1306,7 +1329,9 @@ auth_check_options()
#if CHAP_SUPPORT #if CHAP_SUPPORT
&& !wo->neg_chap && !wo->neg_chap
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
&& !wo->neg_upap && !wo->neg_upap
#endif /* PAP_SUPPORT */
#if EAP_SUPPORT #if EAP_SUPPORT
&& !wo->neg_eap && !wo->neg_eap
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
@ -1315,7 +1340,9 @@ auth_check_options()
wo->neg_chap = chap_mdtype_all != MDTYPE_NONE; wo->neg_chap = chap_mdtype_all != MDTYPE_NONE;
wo->chap_mdtype = chap_mdtype_all; wo->chap_mdtype = chap_mdtype_all;
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
wo->neg_upap = 1; wo->neg_upap = 1;
#endif /* PAP_SUPPORT */
#if EAP_SUPPORT #if EAP_SUPPORT
wo->neg_eap = 1; wo->neg_eap = 1;
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
@ -1325,7 +1352,9 @@ auth_check_options()
wo->neg_chap = 0; wo->neg_chap = 0;
wo->chap_mdtype = MDTYPE_NONE; wo->chap_mdtype = MDTYPE_NONE;
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
wo->neg_upap = 0; wo->neg_upap = 0;
#endif /* PAP_SUPPORT */
#if EAP_SUPPORT #if EAP_SUPPORT
wo->neg_eap = 0; wo->neg_eap = 0;
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
@ -1337,7 +1366,11 @@ auth_check_options()
* of a CHAP-like exchanges as well as SRP. * of a CHAP-like exchanges as well as SRP.
*/ */
lacks_ip = 0; lacks_ip = 0;
#if PAP_SUPPORT
can_auth = wo->neg_upap && (uselogin || have_pap_secret(&lacks_ip)); can_auth = wo->neg_upap && (uselogin || have_pap_secret(&lacks_ip));
#else
can_auth = 0;
#endif /* PAP_SUPPORT */
if (!can_auth && (0 if (!can_auth && (0
#if CHAP_SUPPORT #if CHAP_SUPPORT
|| wo->neg_chap || wo->neg_chap
@ -1408,7 +1441,9 @@ auth_reset(unit)
if( ppp_settings.passwd[0] ) { if( ppp_settings.passwd[0] ) {
#if PAP_SUPPORT
ao->neg_upap = !ppp_settings.refuse_pap; ao->neg_upap = !ppp_settings.refuse_pap;
#endif /* PAP_SUPPORT */
#if EAP_SUPPORT #if EAP_SUPPORT
ao->neg_eap = !ppp_settings.refuse_eap; ao->neg_eap = !ppp_settings.refuse_eap;
@ -1429,7 +1464,9 @@ auth_reset(unit)
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
} else { } else {
#if PAP_SUPPORT
ao->neg_upap = 0; ao->neg_upap = 0;
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
ao->neg_chap = 0; ao->neg_chap = 0;
ao->chap_mdtype = MDTYPE_NONE; ao->chap_mdtype = MDTYPE_NONE;
@ -1439,8 +1476,9 @@ auth_reset(unit)
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
} }
#if PAP_SUPPORT
printf("neg_upap: %d\n", ao->neg_upap); printf("neg_upap: %d\n", ao->neg_upap);
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
printf("neg_chap: %d\n", ao->neg_chap); printf("neg_chap: %d\n", ao->neg_chap);
printf("neg_chap_md5: %d\n", !!(ao->chap_mdtype&MDTYPE_MD5) ); printf("neg_chap_md5: %d\n", !!(ao->chap_mdtype&MDTYPE_MD5) );
@ -1469,7 +1507,9 @@ auth_reset(unit)
have_srp_secret(ppp_settings.user, (explicit_remote? remote_name: NULL), 0, NULL)); */ have_srp_secret(ppp_settings.user, (explicit_remote? remote_name: NULL), 0, NULL)); */
#endif /* OLD CODE */ #endif /* OLD CODE */
#if PAP_SUPPORT
go->neg_upap = 0; go->neg_upap = 0;
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
go->neg_chap = 0; go->neg_chap = 0;
go->chap_mdtype = MDTYPE_NONE; go->chap_mdtype = MDTYPE_NONE;

129
src/netif/ppp/lcp.c
View File

@ -376,7 +376,9 @@ lcp_init(unit)
ao->neg_chap = 1; ao->neg_chap = 1;
ao->chap_mdtype = chap_mdtype_all; ao->chap_mdtype = chap_mdtype_all;
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
ao->neg_upap = 1; ao->neg_upap = 1;
#endif /* PAP_SUPPORT */
#if EAP_SUPPORT #if EAP_SUPPORT
ao->neg_eap = 1; ao->neg_eap = 1;
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
@ -716,6 +718,7 @@ lcp_cilen(f)
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
go->neg_chap) + go->neg_chap) +
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
LENCISHORT( LENCISHORT(
#if EAP_SUPPORT #if EAP_SUPPORT
!go->neg_eap && !go->neg_eap &&
@ -724,6 +727,7 @@ lcp_cilen(f)
!go->neg_chap && !go->neg_chap &&
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
go->neg_upap) + go->neg_upap) +
#endif /* PAP_SUPPORT */
LENCILQR(go->neg_lqr) + LENCILQR(go->neg_lqr) +
LENCICBCP(go->neg_cbcp) + LENCICBCP(go->neg_cbcp) +
LENCILONG(go->neg_magicnumber) + LENCILONG(go->neg_magicnumber) +
@ -809,6 +813,7 @@ lcp_addci(f, ucp, lenp)
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
go->neg_chap, go->chap_mdtype); go->neg_chap, go->chap_mdtype);
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
ADDCISHORT(CI_AUTHTYPE, ADDCISHORT(CI_AUTHTYPE,
#if EAP_SUPPORT #if EAP_SUPPORT
!go->neg_eap && !go->neg_eap &&
@ -817,6 +822,7 @@ lcp_addci(f, ucp, lenp)
!go->neg_chap && !go->neg_chap &&
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
go->neg_upap, PPP_PAP); go->neg_upap, PPP_PAP);
#endif /* PAP_SUPPORT */
ADDCILQR(CI_QUALITY, go->neg_lqr, go->lqr_period); ADDCILQR(CI_QUALITY, go->neg_lqr, go->lqr_period);
ADDCICHAR(CI_CALLBACK, go->neg_cbcp, CBCP_OPT); ADDCICHAR(CI_CALLBACK, go->neg_cbcp, CBCP_OPT);
ADDCILONG(CI_MAGICNUMBER, go->neg_magicnumber, go->magicnumber); ADDCILONG(CI_MAGICNUMBER, go->neg_magicnumber, go->magicnumber);
@ -974,6 +980,7 @@ lcp_ackci(f, p, len)
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
go->neg_chap, go->chap_mdtype); go->neg_chap, go->chap_mdtype);
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
ACKCISHORT(CI_AUTHTYPE, ACKCISHORT(CI_AUTHTYPE,
#if EAP_SUPPORT #if EAP_SUPPORT
!go->neg_eap && !go->neg_eap &&
@ -982,6 +989,7 @@ lcp_ackci(f, p, len)
!go->neg_chap && !go->neg_chap &&
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
go->neg_upap, PPP_PAP); go->neg_upap, PPP_PAP);
#endif /* PAP_SUPPORT */
ACKCILQR(CI_QUALITY, go->neg_lqr, go->lqr_period); ACKCILQR(CI_QUALITY, go->neg_lqr, go->lqr_period);
ACKCICHAR(CI_CALLBACK, go->neg_cbcp, CBCP_OPT); ACKCICHAR(CI_CALLBACK, go->neg_cbcp, CBCP_OPT);
ACKCILONG(CI_MAGICNUMBER, go->neg_magicnumber, go->magicnumber); ACKCILONG(CI_MAGICNUMBER, go->neg_magicnumber, go->magicnumber);
@ -1155,7 +1163,9 @@ lcp_nakci(f, p, len, treat_as_reject)
#if CHAP_SUPPORT #if CHAP_SUPPORT
|| go->neg_chap || go->neg_chap
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
|| go->neg_upap || go->neg_upap
#endif /* PAP_SUPPORT */
#if EAP_SUPPORT #if EAP_SUPPORT
|| go->neg_eap || go->neg_eap
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
@ -1167,12 +1177,16 @@ lcp_nakci(f, p, len, treat_as_reject)
#if CHAP_SUPPORT #if CHAP_SUPPORT
no.neg_chap = go->neg_chap; no.neg_chap = go->neg_chap;
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
no.neg_upap = go->neg_upap; no.neg_upap = go->neg_upap;
#endif /* PAP_SUPPORT */
#if EAP_SUPPORT #if EAP_SUPPORT
no.neg_eap = go->neg_eap; no.neg_eap = go->neg_eap;
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
INCPTR(2, p); INCPTR(2, p);
GETSHORT(cishort, p); GETSHORT(cishort, p);
#if PAP_SUPPORT
if (cishort == PPP_PAP && cilen == CILEN_SHORT) { if (cishort == PPP_PAP && cilen == CILEN_SHORT) {
#if EAP_SUPPORT #if EAP_SUPPORT
/* If we were asking for EAP, then we need to stop that. */ /* If we were asking for EAP, then we need to stop that. */
@ -1193,9 +1207,11 @@ lcp_nakci(f, p, len, treat_as_reject)
* PAP, in which case this Nak is bad. * PAP, in which case this Nak is bad.
*/ */
goto bad; goto bad;
} } else
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
else if (cishort == PPP_CHAP && cilen == CILEN_CHAP) { if (cishort == PPP_CHAP && cilen == CILEN_CHAP) {
GETCHAR(cichar, p); GETCHAR(cichar, p);
#if EAP_SUPPORT #if EAP_SUPPORT
/* Stop asking for EAP, if we were. */ /* Stop asking for EAP, if we were. */
@ -1232,12 +1248,14 @@ lcp_nakci(f, p, len, treat_as_reject)
/* /*
* Stop asking for PAP if we were asking for it. * Stop asking for PAP if we were asking for it.
*/ */
#if PAP_SUPPORT
try.neg_upap = 0; try.neg_upap = 0;
#endif /* PAP_SUPPORT */
} }
} } else
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
else { {
#if EAP_SUPPORT #if EAP_SUPPORT
/* /*
@ -1261,7 +1279,14 @@ lcp_nakci(f, p, len, treat_as_reject)
try.neg_chap = 0; try.neg_chap = 0;
else else
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
if(1)
try.neg_upap = 0; try.neg_upap = 0;
else
#endif /* PAP_SUPPORT */
{}
p += cilen - CILEN_SHORT; p += cilen - CILEN_SHORT;
} }
} }
@ -1370,7 +1395,9 @@ lcp_nakci(f, p, len, treat_as_reject)
#if CHAP_SUPPORT #if CHAP_SUPPORT
|| go->neg_chap || no.neg_chap || go->neg_chap || no.neg_chap
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
|| go->neg_upap || no.neg_upap || go->neg_upap || no.neg_upap
#endif /* PAP_SUPPORT */
#if EAP_SUPPORT #if EAP_SUPPORT
|| go->neg_eap || no.neg_eap || go->neg_eap || no.neg_eap
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
@ -1488,7 +1515,7 @@ lcp_rejci(f, p, len)
try.neg = 0; \ try.neg = 0; \
} }
#if CHAP_SUPPORT && EAP_SUPPORT #if CHAP_SUPPORT && EAP_SUPPORT && PAP_SUPPORT
#define REJCICHAP(opt, neg, val) \ #define REJCICHAP(opt, neg, val) \
if (go->neg && \ if (go->neg && \
len >= CILEN_CHAP && \ len >= CILEN_CHAP && \
@ -1504,9 +1531,9 @@ lcp_rejci(f, p, len)
try.neg = 0; \ try.neg = 0; \
try.neg_eap = try.neg_upap = 0; \ try.neg_eap = try.neg_upap = 0; \
} }
#endif /* CHAP_SUPPORT && EAP_SUPPORT */ #endif /* CHAP_SUPPORT && EAP_SUPPORT && PAP_SUPPORT */
#if CHAP_SUPPORT && !EAP_SUPPORT #if CHAP_SUPPORT && !EAP_SUPPORT && PAP_SUPPORT
#define REJCICHAP(opt, neg, val) \ #define REJCICHAP(opt, neg, val) \
if (go->neg && \ if (go->neg && \
len >= CILEN_CHAP && \ len >= CILEN_CHAP && \
@ -1522,7 +1549,42 @@ lcp_rejci(f, p, len)
try.neg = 0; \ try.neg = 0; \
try.neg_upap = 0; \ try.neg_upap = 0; \
} }
#endif /* CHAP_SUPPORT && !EAP_SUPPORT */ #endif /* CHAP_SUPPORT && !EAP_SUPPORT && PAP_SUPPORT */
#if CHAP_SUPPORT && EAP_SUPPORT && !PAP_SUPPORT
#define REJCICHAP(opt, neg, val) \
if (go->neg && \
len >= CILEN_CHAP && \
p[1] == CILEN_CHAP && \
p[0] == opt) { \
len -= CILEN_CHAP; \
INCPTR(2, p); \
GETSHORT(cishort, p); \
GETCHAR(cichar, p); \
/* Check rejected value. */ \
if ((cishort != PPP_CHAP) || (cichar != (CHAP_DIGEST(val)))) \
goto bad; \
try.neg = 0; \
try.neg_eap = 0; \
}
#endif /* CHAP_SUPPORT && EAP_SUPPORT && !PAP_SUPPORT */
#if CHAP_SUPPORT && !EAP_SUPPORT && !PAP_SUPPORT
#define REJCICHAP(opt, neg, val) \
if (go->neg && \
len >= CILEN_CHAP && \
p[1] == CILEN_CHAP && \
p[0] == opt) { \
len -= CILEN_CHAP; \
INCPTR(2, p); \
GETSHORT(cishort, p); \
GETCHAR(cichar, p); \
/* Check rejected value. */ \
if ((cishort != PPP_CHAP) || (cichar != (CHAP_DIGEST(val)))) \
goto bad; \
try.neg = 0; \
}
#endif /* CHAP_SUPPORT && !EAP_SUPPORT && !PAP_SUPPORT */
#define REJCILONG(opt, neg, val) \ #define REJCILONG(opt, neg, val) \
if (go->neg && \ if (go->neg && \
@ -1593,7 +1655,9 @@ lcp_rejci(f, p, len)
REJCICHAP(CI_AUTHTYPE, neg_chap, go->chap_mdtype); REJCICHAP(CI_AUTHTYPE, neg_chap, go->chap_mdtype);
if (!go->neg_chap) { if (!go->neg_chap) {
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
REJCISHORT(CI_AUTHTYPE, neg_upap, PPP_PAP); REJCISHORT(CI_AUTHTYPE, neg_upap, PPP_PAP);
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
} }
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
@ -1735,7 +1799,10 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
case CI_AUTHTYPE: case CI_AUTHTYPE:
if (cilen < CILEN_SHORT || if (cilen < CILEN_SHORT ||
!(ao->neg_upap !(0
#if PAP_SUPPORT
|| ao->neg_upap
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
|| ao->neg_chap || ao->neg_chap
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
@ -1763,6 +1830,7 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
* the ordering of the CIs in the peer's Configure-Request. * the ordering of the CIs in the peer's Configure-Request.
*/ */
#if PAP_SUPPORT
if (cishort == PPP_PAP) { if (cishort == PPP_PAP) {
/* we've already accepted CHAP or EAP */ /* we've already accepted CHAP or EAP */
if (0 if (0
@ -1799,14 +1867,18 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
ho->neg_upap = 1; ho->neg_upap = 1;
break; break;
} }
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
if (cishort == PPP_CHAP) { if (cishort == PPP_CHAP) {
/* we've already accepted PAP or EAP */ /* we've already accepted PAP or EAP */
if (ho->neg_upap if (
#if PAP_SUPPORT
ho->neg_upap ||
#endif /* PAP_SUPPORT */
#if EAP_SUPPORT #if EAP_SUPPORT
|| ho->neg_eap ho->neg_eap ||
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
|| cilen != CILEN_CHAP) { cilen != CILEN_CHAP) {
LCPDEBUG(("lcp_reqci: rcvd AUTHTYPE CHAP, rejecting...")); LCPDEBUG(("lcp_reqci: rcvd AUTHTYPE CHAP, rejecting..."));
orc = CONFREJ; orc = CONFREJ;
break; break;
@ -1818,12 +1890,15 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
#if EAP_SUPPORT #if EAP_SUPPORT
if (ao->neg_eap) { if (ao->neg_eap) {
PUTSHORT(PPP_EAP, nakp); PUTSHORT(PPP_EAP, nakp);
} else { } else
#endif /* EAP_SUPPORT */ #endif /* EAP_SUPPORT */
#if PAP_SUPPORT
if(1) {
PUTSHORT(PPP_PAP, nakp); PUTSHORT(PPP_PAP, nakp);
#if EAP_SUPPORT
} }
#endif /* EAP_SUPPORT */ else
#endif /* PAP_SUPPORT */
{}
break; break;
} }
GETCHAR(cichar, p); /* get digest type */ GETCHAR(cichar, p); /* get digest type */
@ -1851,7 +1926,10 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
#if CHAP_SUPPORT #if CHAP_SUPPORT
ho->neg_chap || ho->neg_chap ||
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
ho->neg_upap || cilen != CILEN_SHORT) { #if PAP_SUPPORT
ho->neg_upap ||
#endif /* PAP_SUPPORT */
cilen != CILEN_SHORT) {
LCPDEBUG(("lcp_reqci: rcvd AUTHTYPE EAP, rejecting...")); LCPDEBUG(("lcp_reqci: rcvd AUTHTYPE EAP, rejecting..."));
orc = CONFREJ; orc = CONFREJ;
break; break;
@ -1864,13 +1942,15 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
PUTCHAR(CILEN_CHAP, nakp); PUTCHAR(CILEN_CHAP, nakp);
PUTSHORT(PPP_CHAP, nakp); PUTSHORT(PPP_CHAP, nakp);
PUTCHAR(CHAP_DIGEST(ao->chap_mdtype), nakp); PUTCHAR(CHAP_DIGEST(ao->chap_mdtype), nakp);
} else { } else
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if PAP_SUPPORT
if(1) {
PUTCHAR(CILEN_SHORT, nakp); PUTCHAR(CILEN_SHORT, nakp);
PUTSHORT(PPP_PAP, nakp); PUTSHORT(PPP_PAP, nakp);
#if CHAP_SUPPORT } else
} #endif /* PAP_SUPPORT */
#endif /* CHAP_SUPPORT */ {}
break; break;
} }
ho->neg_eap = 1; ho->neg_eap = 1;
@ -1900,10 +1980,13 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
PUTCHAR(CHAP_DIGEST(ao->chap_mdtype), nakp); PUTCHAR(CHAP_DIGEST(ao->chap_mdtype), nakp);
} else } else
#endif CHAP_SUPPORT #endif CHAP_SUPPORT
{ #if PAP_SUPPORT
if(1) {
PUTCHAR(CILEN_SHORT, nakp); PUTCHAR(CILEN_SHORT, nakp);
PUTSHORT(PPP_PAP, nakp); PUTSHORT(PPP_PAP, nakp);
} } else
#endif /* PAP_SUPPORT */
{}
break; break;
case CI_QUALITY: case CI_QUALITY:
@ -2238,9 +2321,11 @@ lcp_printpkt(p, plen, printer, arg)
printer(arg, "auth "); printer(arg, "auth ");
GETSHORT(cishort, p); GETSHORT(cishort, p);
switch (cishort) { switch (cishort) {
#if PAP_SUPPORT
case PPP_PAP: case PPP_PAP:
printer(arg, "pap"); printer(arg, "pap");
break; break;
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
case PPP_CHAP: case PPP_CHAP:
printer(arg, "chap"); printer(arg, "chap");

2
src/netif/ppp/lcp.h
View File

@ -91,7 +91,9 @@ typedef struct lcp_options {
bool restart; /* Restart vs. exit after close */ bool restart; /* Restart vs. exit after close */
bool neg_mru; /* Negotiate the MRU? */ bool neg_mru; /* Negotiate the MRU? */
bool neg_asyncmap; /* Negotiate the async map? */ bool neg_asyncmap; /* Negotiate the async map? */
#if PAP_SUPPORT
bool neg_upap; /* Ask for UPAP authentication? */ bool neg_upap; /* Ask for UPAP authentication? */
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
bool neg_chap; /* Ask for CHAP authentication? */ bool neg_chap; /* Ask for CHAP authentication? */
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */

4
src/netif/ppp/ppp.c
View File

@ -102,7 +102,9 @@
#ifdef INET6 #ifdef INET6
#include "ipv6cp.h" #include "ipv6cp.h"
#endif #endif
#if PAP_SUPPORT
#include "upap.h" #include "upap.h"
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
#include "chap-new.h" #include "chap-new.h"
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
@ -268,7 +270,9 @@ extern char *getlogin __P((void));
*/ */
struct protent *protocols[] = { struct protent *protocols[] = {
&lcp_protent, &lcp_protent,
#if PAP_SUPPORT
&pap_protent, &pap_protent,
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
&chap_protent, &chap_protent,
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */

8
src/netif/ppp/pppd.h
View File

@ -355,14 +355,21 @@ extern bool ms_lanman; /* Use LanMan password instead of NT */
#endif #endif
/* Values for auth_pending, auth_done */ /* Values for auth_pending, auth_done */
#if PAP_SUPPORT
#define PAP_WITHPEER 0x1 #define PAP_WITHPEER 0x1
#define PAP_PEER 0x2 #define PAP_PEER 0x2
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT
#define CHAP_WITHPEER 0x4 #define CHAP_WITHPEER 0x4
#define CHAP_PEER 0x8 #define CHAP_PEER 0x8
#endif /* CHAP_SUPPORT */
#if EAP_SUPPORT
#define EAP_WITHPEER 0x10 #define EAP_WITHPEER 0x10
#define EAP_PEER 0x20 #define EAP_PEER 0x20
#endif /* EAP_SUPPORT */
/* Values for auth_done only */ /* Values for auth_done only */
#if CHAP_SUPPORT
#define CHAP_MD5_WITHPEER 0x40 #define CHAP_MD5_WITHPEER 0x40
#define CHAP_MD5_PEER 0x80 #define CHAP_MD5_PEER 0x80
#if MSCHAP_SUPPORT #if MSCHAP_SUPPORT
@ -372,6 +379,7 @@ extern bool ms_lanman; /* Use LanMan password instead of NT */
#define CHAP_MS2_WITHPEER 0x400 #define CHAP_MS2_WITHPEER 0x400
#define CHAP_MS2_PEER 0x800 #define CHAP_MS2_PEER 0x800
#endif /* MSCHAP_SUPPORT */ #endif /* MSCHAP_SUPPORT */
#endif /* CHAP_SUPPORT */
extern char *current_option; /* the name of the option being parsed */ extern char *current_option; /* the name of the option being parsed */
extern int privileged_option; /* set iff the current option came from root */ extern int privileged_option; /* set iff the current option came from root */

20
src/netif/ppp/pppmy.c
View File

@ -197,8 +197,16 @@ static void ppp_input(void *arg) {
*/ */
if (phase <= PHASE_AUTHENTICATE if (phase <= PHASE_AUTHENTICATE
&& !(protocol == PPP_LCP || protocol == PPP_LQR && !(protocol == PPP_LCP || protocol == PPP_LQR
|| protocol == PPP_PAP || protocol == PPP_CHAP || #if PAP_SUPPORT
protocol == PPP_EAP)) { || protocol == PPP_PAP
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT
|| protocol == PPP_CHAP
#endif /* CHAP_SUPPORT */
#if EAP_SUPPORT
|| protocol == PPP_EAP
#endif /* EAP_SUPPORT */
)) {
dbglog("discarding proto 0x%x in phase %d", dbglog("discarding proto 0x%x in phase %d",
protocol, phase); protocol, phase);
return; return;
@ -438,22 +446,30 @@ pppSetAuth(enum pppAuthType authType, const char *user, const char *passwd)
/* FIXME: the following may look stupid, but this is just an easy way /* FIXME: the following may look stupid, but this is just an easy way
* to check different auth by changing compile time option * to check different auth by changing compile time option
*/ */
#if PAP_SUPPORT
ppp_settings.refuse_pap = 0; ppp_settings.refuse_pap = 0;
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
#if PAP_SUPPORT
ppp_settings.refuse_pap = 1; ppp_settings.refuse_pap = 1;
#endif /* PAP_SUPPORT */
ppp_settings.refuse_chap = 0; ppp_settings.refuse_chap = 0;
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */
#if MSCHAP_SUPPORT #if MSCHAP_SUPPORT
#if PAP_SUPPORT
ppp_settings.refuse_pap = 1; ppp_settings.refuse_pap = 1;
#endif /* PAP_SUPPORT */
ppp_settings.refuse_chap = 1; ppp_settings.refuse_chap = 1;
ppp_settings.refuse_mschap = 1; ppp_settings.refuse_mschap = 1;
ppp_settings.refuse_mschap_v2 = 0; ppp_settings.refuse_mschap_v2 = 0;
#endif /* MSCHAP_SUPPORT */ #endif /* MSCHAP_SUPPORT */
#if EAP_SUPPORT #if EAP_SUPPORT
#if PAP_SUPPORT
ppp_settings.refuse_pap = 1; ppp_settings.refuse_pap = 1;
#endif/* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
ppp_settings.refuse_chap = 1; ppp_settings.refuse_chap = 1;
#if MSCHAP_SUPPORT #if MSCHAP_SUPPORT

2
src/netif/ppp/pppmy.h
View File

@ -46,7 +46,9 @@ struct ppp_settings {
u_int disable_defaultip : 1; /* Don't use hostname for default IP addrs */ u_int disable_defaultip : 1; /* Don't use hostname for default IP addrs */
u_int auth_required : 1; /* Peer is required to authenticate */ u_int auth_required : 1; /* Peer is required to authenticate */
u_int explicit_remote : 1; /* remote_name specified with remotename opt */ u_int explicit_remote : 1; /* remote_name specified with remotename opt */
#if PAP_SUPPORT
u_int refuse_pap : 1; /* Don't wanna auth. ourselves with PAP */ u_int refuse_pap : 1; /* Don't wanna auth. ourselves with PAP */
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT #if CHAP_SUPPORT
u_int refuse_chap : 1; /* Don't wanna auth. ourselves with CHAP */ u_int refuse_chap : 1; /* Don't wanna auth. ourselves with CHAP */
#endif /* CHAP_SUPPORT */ #endif /* CHAP_SUPPORT */

7
src/netif/ppp/upap.c
View File

@ -41,8 +41,7 @@
*/ */
#include "lwip/opt.h" #include "lwip/opt.h"
#if PPP_SUPPORT && PAP_SUPPORT /* don't build if not configured for use in lwipopts.h */
#define RCSID "$Id: upap.c,v 1.30 2005/07/13 10:41:58 paulus Exp $"
/* /*
* TODO: * TODO:
@ -54,8 +53,6 @@
#include "pppd.h" #include "pppd.h"
#include "upap.h" #include "upap.h"
static const char rcsid[] = RCSID;
static bool hide_password = 1; static bool hide_password = 1;
#if PPP_OPTIONS #if PPP_OPTIONS
@ -692,3 +689,5 @@ upap_printpkt(p, plen, printer, arg)
return p - pstart; return p - pstart;
} }
#endif /* PPP_SUPPORT && PAP_SUPPORT */

5
src/netif/ppp/upap.h
View File

@ -42,6 +42,9 @@
* $Id: upap.h,v 1.8 2002/12/04 23:03:33 paulus Exp $ * $Id: upap.h,v 1.8 2002/12/04 23:03:33 paulus Exp $
*/ */
#include "lwip/opt.h"
#if PPP_SUPPORT && PAP_SUPPORT /* don't build if not configured for use in lwipopts.h */
/* /*
* Packet header = Code, id, length. * Packet header = Code, id, length.
*/ */
@ -108,3 +111,5 @@ void upap_authwithpeer __P((int, char *, char *));
void upap_authpeer __P((int)); void upap_authpeer __P((int));
extern struct protent pap_protent; extern struct protent pap_protent;
#endif /* PPP_SUPPORT && PAP_SUPPORT */