PPP, added const modifier on auth strings

2024-07-07 13:29:19 +00:00 · 2014-12-24 17:17:00 +01:00 · 2014-12-24 17:17:00 +01:00 · 482a18e6de
commit 482a18e6de
parent 382ddac1a1
12 changed files with 68 additions and 67 deletions
--- a/src/include/netif/ppp/chap-new.h
+++ b/src/include/netif/ppp/chap-new.h
@ -133,14 +133,14 @@ struct chap_digest_type {
 	 * a length byte followed by the actual challenge/response data.
 	 */
 	void (*generate_challenge)(unsigned char *challenge);
-	int (*verify_response)(int id, char *name,
-		unsigned char *secret, int secret_len,
-		unsigned char *challenge, unsigned char *response,
+	int (*verify_response)(int id, const char *name,
+		const unsigned char *secret, int secret_len,
+		const unsigned char *challenge, const unsigned char *response,
 		char *message, int message_space);
 #endif /* PPP_SERVER */
-	void (*make_response)(unsigned char *response, int id, char *our_name,
-		unsigned char *challenge, char *secret, int secret_len,
-		unsigned char *priv);
+	void (*make_response)(unsigned char *response, int id, const char *our_name,
+		const unsigned char *challenge, const char *secret, int secret_len,
+		const unsigned char *priv);
 	int (*check_success)(unsigned char *pkt, int len, unsigned char *priv);
 	void (*handle_failure)(unsigned char *pkt, int len);
 };
@ -151,7 +151,7 @@ struct chap_digest_type {
 #if CHAP_SUPPORT
 typedef struct chap_client_state {
 	u8_t flags;
-	char *name;
+	const char *name;
 	const struct chap_digest_type *digest;
 	unsigned char priv[64];		/* private area for digest's use */
 } chap_client_state;
@ -160,7 +160,7 @@ typedef struct chap_client_state {
 typedef struct chap_server_state {
 	u8_t flags;
 	int id;
-	char *name;
+	const char *name;
 	const struct chap_digest_type *digest;
 	int challenge_xmits;
 	int challenge_pktlen;
@ -180,11 +180,11 @@ extern int (*chap_verify_hook)(char *name, char *ourname, int id,

 #if PPP_SERVER
 /* Called by authentication code to start authenticating the peer. */
-extern void chap_auth_peer(ppp_pcb *pcb, char *our_name, int digest_code);
+extern void chap_auth_peer(ppp_pcb *pcb, const char *our_name, int digest_code);
 #endif /* PPP_SERVER */

 /* Called by auth. code to start authenticating us to the peer. */
-extern void chap_auth_with_peer(ppp_pcb *pcb, char *our_name, int digest_code);
+extern void chap_auth_with_peer(ppp_pcb *pcb, const char *our_name, int digest_code);

 /* Represents the CHAP protocol to the main pppd code */
 extern const struct protent chap_protent;
--- a/src/include/netif/ppp/eap.h
+++ b/src/include/netif/ppp/eap.h
@ -113,8 +113,8 @@ enum eap_state_code {
 };

 struct eap_auth {
-	char *ea_name;		/* Our name */
-	char *ea_peer;		/* Peer's name */
+	const char *ea_name;	/* Our name */
+	char *ea_peer;	/* Peer's name */
 	void *ea_session;	/* Authentication library linkage */
 	u_char *ea_skey;	/* Shared encryption key */
 	u_short ea_namelen;	/* Length of our name */
@ -154,8 +154,8 @@ typedef struct eap_state {
 #define	EAP_DEFALLOWREQ		20	/* max # times to accept requests */
 #endif /* moved to opt.h */

-void eap_authwithpeer(ppp_pcb *pcb, char *localname);
-void eap_authpeer(ppp_pcb *pcb, char *localname);
+void eap_authwithpeer(ppp_pcb *pcb, const char *localname);
+void eap_authpeer(ppp_pcb *pcb, const char *localname);

 extern const struct protent eap_protent;

--- a/src/include/netif/ppp/ppp.h
+++ b/src/include/netif/ppp/ppp.h
@ -250,8 +250,8 @@ typedef struct ppp_settings_s {
 #endif /* PPP_MAXCONNECT */

  /* auth data */
-  char  *user;                         /* Username for PAP */
-  char  *passwd;                       /* Password for PAP, secret for CHAP */
+  const char  *user;                   /* Username for PAP */
+  const char  *passwd;                 /* Password for PAP, secret for CHAP */
 #if PPP_SERVER
  char  our_name   [MAXNAMELEN   + 1]; /* Our name for authentication purposes */
 #endif /* PPP_SERVER */
@ -515,7 +515,7 @@ void ppp_set_default(ppp_pcb *pcb);
 #define PPPAUTHTYPE_EAP    0x08
 #define PPPAUTHTYPE_ANY    0xff

-void ppp_set_auth(ppp_pcb *pcb, u8_t authtype, char *user, char *passwd);
+void ppp_set_auth(ppp_pcb *pcb, u8_t authtype, const char *user, const char *passwd);

 #if PPP_NOTIFY_PHASE
 /*
--- a/src/include/netif/ppp/ppp_impl.h
+++ b/src/include/netif/ppp/ppp_impl.h
@ -508,7 +508,7 @@ void continue_networks(ppp_pcb *pcb); /* start network [ip, etc] control protos
 #if PPP_SERVER
 void auth_peer_fail(ppp_pcb *pcb, int protocol);
 				/* peer failed to authenticate itself */
-void auth_peer_success(ppp_pcb *pcb, int protocol, int prot_flavor, char *name, int namelen);
+void auth_peer_success(ppp_pcb *pcb, int protocol, int prot_flavor, const char *name, int namelen);
 				/* peer successfully authenticated itself */
 #endif /* PPP_SERVER */
 void auth_withpeer_fail(ppp_pcb *pcb, int protocol);
@ -519,7 +519,7 @@ void np_up(ppp_pcb *pcb, int proto);    /* a network protocol has come up */
 void np_down(ppp_pcb *pcb, int proto);  /* a network protocol has gone down */
 void np_finished(ppp_pcb *pcb, int proto); /* a network protocol no longer needs link */
 void auth_reset(ppp_pcb *pcb);	/* check what secrets we have */
-int get_secret(ppp_pcb *pcb, char *client, char *server, char *secret, int *secret_len, int am_server);
+int get_secret(ppp_pcb *pcb, const char *client, const char *server, char *secret, int *secret_len, int am_server);
 				/* get "secret" for chap */

 /* Procedures exported from ipcp.c */
--- a/src/include/netif/ppp/upap.h
+++ b/src/include/netif/ppp/upap.h
@ -98,9 +98,9 @@
 */
 #if PAP_SUPPORT
 typedef struct upap_state {
-    char *us_user;		/* User */
+    const char *us_user;	/* User */
    u8_t us_userlen;		/* User length */
-    char *us_passwd;		/* Password */
+    const char *us_passwd;	/* Password */
    u8_t us_passwdlen;		/* Password length */
    u8_t us_clientstate;	/* Client state */
 #if PPP_SERVER
@ -112,7 +112,7 @@ typedef struct upap_state {
 #endif /* PAP_SUPPORT */


-void upap_authwithpeer(ppp_pcb *pcb, char *user, char *password);
+void upap_authwithpeer(ppp_pcb *pcb, const char *user, const char *password);
 #if PPP_SERVER
 void upap_authpeer(ppp_pcb *pcb);
 #endif /* PPP_SERVER */
--- a/src/netif/ppp/auth.c
+++ b/src/netif/ppp/auth.c
@ -1018,7 +1018,7 @@ void auth_peer_fail(ppp_pcb *pcb, int protocol) {
 /*
 * The peer has been successfully authenticated using `protocol'.
 */
-void auth_peer_success(ppp_pcb *pcb, int protocol, int prot_flavor, char *name, int namelen) {
+void auth_peer_success(ppp_pcb *pcb, int protocol, int prot_flavor, const char *name, int namelen) {
    int bit;

    switch (protocol) {
@ -1943,7 +1943,7 @@ have_srp_secret(client, server, need_ip, lacks_ipp)
 * for authenticating the given client on the given server.
 * (We could be either client or server).
 */
-int get_secret(ppp_pcb *pcb, char *client, char *server, char *secret, int *secret_len, int am_server) {
+int get_secret(ppp_pcb *pcb, const char *client, const char *server, char *secret, int *secret_len, int am_server) {
  int len;

  LWIP_UNUSED_ARG(server);
--- a/src/netif/ppp/chap-md5.c
+++ b/src/netif/ppp/chap-md5.c
@ -62,9 +62,9 @@ static void chap_md5_generate_challenge(unsigned char *cp) {
 	random_bytes(cp, clen);
 }

-static int chap_md5_verify_response(int id, char *name,
-			 unsigned char *secret, int secret_len,
-			 unsigned char *challenge, unsigned char *response,
+static int chap_md5_verify_response(int id, const char *name,
+			 const unsigned char *secret, int secret_len,
+			 const unsigned char *challenge, const unsigned char *response,
 			 char *message, int message_space) {
 	md5_context ctx;
 	unsigned char idbyte = id;
@ -78,8 +78,8 @@ static int chap_md5_verify_response(int id, char *name,
 		/* Generate hash of ID, secret, challenge */
 		md5_starts(&ctx);
 		md5_update(&ctx, &idbyte, 1);
-		md5_update(&ctx, secret, secret_len);
-		md5_update(&ctx, challenge, challenge_len);
+		md5_update(&ctx, (unsigned char*)secret, secret_len);
+		md5_update(&ctx, (unsigned char*)challenge, challenge_len);
 		md5_finish(&ctx, hash);

 		/* Test if our hash matches the peer's response */
@ -93,9 +93,9 @@ static int chap_md5_verify_response(int id, char *name,
 }
 #endif /* PPP_SERVER */

-static void chap_md5_make_response(unsigned char *response, int id, char *our_name,
-		       unsigned char *challenge, char *secret, int secret_len,
-		       unsigned char *private_) {
+static void chap_md5_make_response(unsigned char *response, int id, const char *our_name,
+		       const unsigned char *challenge, const char *secret, int secret_len,
+		       const unsigned char *private_) {
 	md5_context ctx;
 	unsigned char idbyte = id;
 	int challenge_len = *challenge++;
@ -105,7 +105,7 @@ static void chap_md5_make_response(unsigned char *response, int id, char *our_na
 	md5_starts(&ctx);
 	md5_update(&ctx, &idbyte, 1);
 	md5_update(&ctx, (u_char *)secret, secret_len);
-	md5_update(&ctx, challenge, challenge_len);
+	md5_update(&ctx, (unsigned char *)challenge, challenge_len);
 	md5_finish(&ctx, &response[1]);
 	response[0] = MD5_HASH_SIZE;
 }
--- a/src/netif/ppp/chap-new.c
+++ b/src/netif/ppp/chap-new.c
@ -49,9 +49,9 @@
 #endif

 /* Hook for a plugin to validate CHAP challenge */
-int (*chap_verify_hook)(char *name, char *ourname, int id,
+int (*chap_verify_hook)(const char *name, const char *ourname, int id,
 			const struct chap_digest_type *digest,
-			unsigned char *challenge, unsigned char *response,
+			const unsigned char *challenge, const unsigned char *response,
 			char *message, int message_space) = NULL;

 #if PPP_OPTIONS
@ -89,9 +89,9 @@ static void chap_timeout(void *arg);
 static void chap_generate_challenge(ppp_pcb *pcb);
 static void chap_handle_response(ppp_pcb *pcb, int code,
 		unsigned char *pkt, int len);
-static int chap_verify_response(char *name, char *ourname, int id,
+static int chap_verify_response(const char *name, const char *ourname, int id,
 		const struct chap_digest_type *digest,
-		unsigned char *challenge, unsigned char *response,
+		const unsigned char *challenge, const unsigned char *response,
 		char *message, int message_space);
 #endif /* PPP_SERVER */
 static void chap_respond(ppp_pcb *pcb, int id,
@ -155,7 +155,7 @@ static void chap_lowerdown(ppp_pcb *pcb) {
 * If the lower layer is already up, we start sending challenges,
 * otherwise we wait for the lower layer to come up.
 */
-void chap_auth_peer(ppp_pcb *pcb, char *our_name, int digest_code) {
+void chap_auth_peer(ppp_pcb *pcb, const char *our_name, int digest_code) {
 	struct chap_server_state *ss = &pcb->chap_server;
 	const struct chap_digest_type *dp;
 	int i;
@ -185,7 +185,7 @@ void chap_auth_peer(ppp_pcb *pcb, char *our_name, int digest_code) {
 * chap_auth_with_peer - Prepare to authenticate ourselves to the peer.
 * There isn't much to do until we receive a challenge.
 */
-void chap_auth_with_peer(ppp_pcb *pcb, char *our_name, int digest_code) {
+void chap_auth_with_peer(ppp_pcb *pcb, const char *our_name, int digest_code) {
 	const struct chap_digest_type *dp;
 	int i;

@ -277,11 +277,12 @@ static void chap_generate_challenge(ppp_pcb *pcb) {
 static void  chap_handle_response(ppp_pcb *pcb, int id,
 		     unsigned char *pkt, int len) {
 	int response_len, ok, mlen;
-	unsigned char *response, *outp;
+	const unsigned char *response;
+	unsigned char *outp;
 	struct pbuf *p;
-	char *name = NULL;	/* initialized to shut gcc up */
-	int (*verifier)(char *, char *, int, const struct chap_digest_type *,
-		unsigned char *, unsigned char *, char *, int);
+	const char *name = NULL;	/* initialized to shut gcc up */
+	int (*verifier)(const char *, const char *, int, const struct chap_digest_type *,
+		const unsigned char *, const unsigned char *, char *, int);
 	char rname[MAXNAMELEN+1];

 	if ((pcb->chap_server.flags & LOWERUP) == 0)
@ -394,9 +395,9 @@ static void  chap_handle_response(ppp_pcb *pcb, int id,
 * what we think it should be.  Returns 1 if it does (authentication
 * succeeded), or 0 if it doesn't.
 */
-static int chap_verify_response(char *name, char *ourname, int id,
+static int chap_verify_response(const char *name, const char *ourname, int id,
 		     const struct chap_digest_type *digest,
-		     unsigned char *challenge, unsigned char *response,
+		     const unsigned char *challenge, const unsigned char *response,
 		     char *message, int message_space) {
 	int ok;
 	unsigned char secret[MAXSECRETLEN];
--- a/src/netif/ppp/chap_ms.c
+++ b/src/netif/ppp/chap_ms.c
@ -201,9 +201,9 @@ static void chapms2_generate_challenge(unsigned char *challenge) {
 		random_bytes(challenge, 16);
 }

-static int chapms_verify_response(int id, char *name,
-		       unsigned char *secret, int secret_len,
-		       unsigned char *challenge, unsigned char *response,
+static int chapms_verify_response(int id, const char *name,
+		       const unsigned char *secret, int secret_len,
+		       const unsigned char *challenge, const unsigned char *response,
 		       char *message, int message_space) {
 	unsigned char md[MS_CHAP_RESPONSE_LEN];
 	int diff;
@ -225,7 +225,7 @@ static int chapms_verify_response(int id, char *name,
 #endif

 	/* Generate the expected response. */
-	ChapMS(challenge, (char *)secret, secret_len, md);
+	ChapMS((u_char *)challenge, (char *)secret, secret_len, md);

 #ifdef MSLANMAN
 	/* Determine which part of response to verify against */
@ -249,9 +249,9 @@ static int chapms_verify_response(int id, char *name,
 	return 0;
 }

-static int chapms2_verify_response(int id, char *name,
-			unsigned char *secret, int secret_len,
-			unsigned char *challenge, unsigned char *response,
+static int chapms2_verify_response(int id, const char *name,
+			const unsigned char *secret, int secret_len,
+			const unsigned char *challenge, const unsigned char *response,
 			char *message, int message_space) {
 	unsigned char md[MS_CHAP2_RESPONSE_LEN];
 	char saresponse[MS_AUTH_RESPONSE_LENGTH+1];
@ -264,7 +264,7 @@ static int chapms2_verify_response(int id, char *name,
 		goto bad;	/* not even the right length */

 	/* Generate the expected response and our mutual auth. */
-	ChapMS2(challenge, &response[MS_CHAP2_PEER_CHALLENGE], name,
+	ChapMS2((u_char*)challenge, (u_char*)&response[MS_CHAP2_PEER_CHALLENGE], (char*)name,
 		(char *)secret, secret_len, md,
 		(unsigned char *)saresponse, MS_CHAP2_AUTHENTICATOR);

@ -326,30 +326,30 @@ static int chapms2_verify_response(int id, char *name,
 }
 #endif /* PPP_SERVER */

-static void chapms_make_response(unsigned char *response, int id, char *our_name,
-		     unsigned char *challenge, char *secret, int secret_len,
-		     unsigned char *private_) {
+static void chapms_make_response(unsigned char *response, int id, const char *our_name,
+		     const unsigned char *challenge, const char *secret, int secret_len,
+		     const unsigned char *private_) {
 	LWIP_UNUSED_ARG(id);
 	LWIP_UNUSED_ARG(our_name);
 	LWIP_UNUSED_ARG(private_);
 	challenge++;	/* skip length, should be 8 */
 	*response++ = MS_CHAP_RESPONSE_LEN;
-	ChapMS(challenge, secret, secret_len, response);
+	ChapMS((u_char*)challenge, (char*)secret, secret_len, response);
 }

-static void chapms2_make_response(unsigned char *response, int id, char *our_name,
-		      unsigned char *challenge, char *secret, int secret_len,
-		      unsigned char *private_) {
+static void chapms2_make_response(unsigned char *response, int id, const char *our_name,
+		      const unsigned char *challenge, const char *secret, int secret_len,
+		      const unsigned char *private_) {
 	LWIP_UNUSED_ARG(id);
 	challenge++;	/* skip length, should be 16 */
 	*response++ = MS_CHAP2_RESPONSE_LEN;
-	ChapMS2(challenge,
+	ChapMS2((u_char*)challenge,
 #ifdef DEBUGMPPEKEY
 		mschap2_peer_challenge,
 #else
 		NULL,
 #endif
-		our_name, secret, secret_len, response, private_,
+		(char*)our_name, (char*)secret, secret_len, response, (u_char*)private_,
 		MS_CHAP2_AUTHENTICATEE);
 }

--- a/src/netif/ppp/eap.c
+++ b/src/netif/ppp/eap.c
@ -227,7 +227,7 @@ static void eap_client_timeout(void *arg) {
 * Start client state and wait for requests.  This is called only
 * after eap_lowerup.
 */
-void eap_authwithpeer(ppp_pcb *pcb, char *localname) {
+void eap_authwithpeer(ppp_pcb *pcb, const char *localname) {

 	if(NULL == localname)
 		return;
@ -886,7 +886,7 @@ static void eap_send_request(ppp_pcb *pcb) {
 * Start server state and send first request.  This is called only
 * after eap_lowerup.
 */
-void eap_authpeer(ppp_pcb *pcb, char *localname) {
+void eap_authpeer(ppp_pcb *pcb, const char *localname) {

 	/* Save the name we're given. */
 	pcb->eap.es_server.ea_name = localname;
@ -1073,7 +1073,7 @@ static void eap_send_response(ppp_pcb *pcb, u_char id, u_char typenum, u_char *s
 /*
 * Format and send an MD5-Challenge EAP Response message.
 */
-static void eap_chap_response(ppp_pcb *pcb, u_char id, u_char *hash, char *name, int namelen) {
+static void eap_chap_response(ppp_pcb *pcb, u_char id, u_char *hash, const char *name, int namelen) {
 	struct pbuf *p;
 	u_char *outp;
 	int msglen;
--- a/src/netif/ppp/ppp.c
+++ b/src/netif/ppp/ppp.c
@ -302,7 +302,7 @@ void ppp_set_default(ppp_pcb *pcb) {
  netif_set_default(&pcb->netif);
 }

-void ppp_set_auth(ppp_pcb *pcb, u8_t authtype, char *user, char *passwd) {
+void ppp_set_auth(ppp_pcb *pcb, u8_t authtype, const char *user, const char *passwd) {

 #if PAP_SUPPORT
  if (authtype & PPPAUTHTYPE_PAP) {
--- a/src/netif/ppp/upap.c
+++ b/src/netif/ppp/upap.c
@ -151,7 +151,7 @@ static void upap_init(ppp_pcb *pcb) {
 *
 * Set new state and send authenticate's.
 */
-void upap_authwithpeer(ppp_pcb *pcb, char *user, char *password) {
+void upap_authwithpeer(ppp_pcb *pcb, const char *user, const char *password) {

    if(!user || !password)
        return;