mirror of
https://github.com/lwip-tcpip/lwip.git
synced 2024-10-05 22:29:49 +00:00
PPP, added const modifier on auth strings
This commit is contained in:
parent
382ddac1a1
commit
482a18e6de
@ -133,14 +133,14 @@ struct chap_digest_type {
|
||||
* a length byte followed by the actual challenge/response data.
|
||||
*/
|
||||
void (*generate_challenge)(unsigned char *challenge);
|
||||
int (*verify_response)(int id, char *name,
|
||||
unsigned char *secret, int secret_len,
|
||||
unsigned char *challenge, unsigned char *response,
|
||||
int (*verify_response)(int id, const char *name,
|
||||
const unsigned char *secret, int secret_len,
|
||||
const unsigned char *challenge, const unsigned char *response,
|
||||
char *message, int message_space);
|
||||
#endif /* PPP_SERVER */
|
||||
void (*make_response)(unsigned char *response, int id, char *our_name,
|
||||
unsigned char *challenge, char *secret, int secret_len,
|
||||
unsigned char *priv);
|
||||
void (*make_response)(unsigned char *response, int id, const char *our_name,
|
||||
const unsigned char *challenge, const char *secret, int secret_len,
|
||||
const unsigned char *priv);
|
||||
int (*check_success)(unsigned char *pkt, int len, unsigned char *priv);
|
||||
void (*handle_failure)(unsigned char *pkt, int len);
|
||||
};
|
||||
@ -151,7 +151,7 @@ struct chap_digest_type {
|
||||
#if CHAP_SUPPORT
|
||||
typedef struct chap_client_state {
|
||||
u8_t flags;
|
||||
char *name;
|
||||
const char *name;
|
||||
const struct chap_digest_type *digest;
|
||||
unsigned char priv[64]; /* private area for digest's use */
|
||||
} chap_client_state;
|
||||
@ -160,7 +160,7 @@ typedef struct chap_client_state {
|
||||
typedef struct chap_server_state {
|
||||
u8_t flags;
|
||||
int id;
|
||||
char *name;
|
||||
const char *name;
|
||||
const struct chap_digest_type *digest;
|
||||
int challenge_xmits;
|
||||
int challenge_pktlen;
|
||||
@ -180,11 +180,11 @@ extern int (*chap_verify_hook)(char *name, char *ourname, int id,
|
||||
|
||||
#if PPP_SERVER
|
||||
/* Called by authentication code to start authenticating the peer. */
|
||||
extern void chap_auth_peer(ppp_pcb *pcb, char *our_name, int digest_code);
|
||||
extern void chap_auth_peer(ppp_pcb *pcb, const char *our_name, int digest_code);
|
||||
#endif /* PPP_SERVER */
|
||||
|
||||
/* Called by auth. code to start authenticating us to the peer. */
|
||||
extern void chap_auth_with_peer(ppp_pcb *pcb, char *our_name, int digest_code);
|
||||
extern void chap_auth_with_peer(ppp_pcb *pcb, const char *our_name, int digest_code);
|
||||
|
||||
/* Represents the CHAP protocol to the main pppd code */
|
||||
extern const struct protent chap_protent;
|
||||
|
@ -113,8 +113,8 @@ enum eap_state_code {
|
||||
};
|
||||
|
||||
struct eap_auth {
|
||||
char *ea_name; /* Our name */
|
||||
char *ea_peer; /* Peer's name */
|
||||
const char *ea_name; /* Our name */
|
||||
char *ea_peer; /* Peer's name */
|
||||
void *ea_session; /* Authentication library linkage */
|
||||
u_char *ea_skey; /* Shared encryption key */
|
||||
u_short ea_namelen; /* Length of our name */
|
||||
@ -154,8 +154,8 @@ typedef struct eap_state {
|
||||
#define EAP_DEFALLOWREQ 20 /* max # times to accept requests */
|
||||
#endif /* moved to opt.h */
|
||||
|
||||
void eap_authwithpeer(ppp_pcb *pcb, char *localname);
|
||||
void eap_authpeer(ppp_pcb *pcb, char *localname);
|
||||
void eap_authwithpeer(ppp_pcb *pcb, const char *localname);
|
||||
void eap_authpeer(ppp_pcb *pcb, const char *localname);
|
||||
|
||||
extern const struct protent eap_protent;
|
||||
|
||||
|
@ -250,8 +250,8 @@ typedef struct ppp_settings_s {
|
||||
#endif /* PPP_MAXCONNECT */
|
||||
|
||||
/* auth data */
|
||||
char *user; /* Username for PAP */
|
||||
char *passwd; /* Password for PAP, secret for CHAP */
|
||||
const char *user; /* Username for PAP */
|
||||
const char *passwd; /* Password for PAP, secret for CHAP */
|
||||
#if PPP_SERVER
|
||||
char our_name [MAXNAMELEN + 1]; /* Our name for authentication purposes */
|
||||
#endif /* PPP_SERVER */
|
||||
@ -515,7 +515,7 @@ void ppp_set_default(ppp_pcb *pcb);
|
||||
#define PPPAUTHTYPE_EAP 0x08
|
||||
#define PPPAUTHTYPE_ANY 0xff
|
||||
|
||||
void ppp_set_auth(ppp_pcb *pcb, u8_t authtype, char *user, char *passwd);
|
||||
void ppp_set_auth(ppp_pcb *pcb, u8_t authtype, const char *user, const char *passwd);
|
||||
|
||||
#if PPP_NOTIFY_PHASE
|
||||
/*
|
||||
|
@ -508,7 +508,7 @@ void continue_networks(ppp_pcb *pcb); /* start network [ip, etc] control protos
|
||||
#if PPP_SERVER
|
||||
void auth_peer_fail(ppp_pcb *pcb, int protocol);
|
||||
/* peer failed to authenticate itself */
|
||||
void auth_peer_success(ppp_pcb *pcb, int protocol, int prot_flavor, char *name, int namelen);
|
||||
void auth_peer_success(ppp_pcb *pcb, int protocol, int prot_flavor, const char *name, int namelen);
|
||||
/* peer successfully authenticated itself */
|
||||
#endif /* PPP_SERVER */
|
||||
void auth_withpeer_fail(ppp_pcb *pcb, int protocol);
|
||||
@ -519,7 +519,7 @@ void np_up(ppp_pcb *pcb, int proto); /* a network protocol has come up */
|
||||
void np_down(ppp_pcb *pcb, int proto); /* a network protocol has gone down */
|
||||
void np_finished(ppp_pcb *pcb, int proto); /* a network protocol no longer needs link */
|
||||
void auth_reset(ppp_pcb *pcb); /* check what secrets we have */
|
||||
int get_secret(ppp_pcb *pcb, char *client, char *server, char *secret, int *secret_len, int am_server);
|
||||
int get_secret(ppp_pcb *pcb, const char *client, const char *server, char *secret, int *secret_len, int am_server);
|
||||
/* get "secret" for chap */
|
||||
|
||||
/* Procedures exported from ipcp.c */
|
||||
|
@ -98,9 +98,9 @@
|
||||
*/
|
||||
#if PAP_SUPPORT
|
||||
typedef struct upap_state {
|
||||
char *us_user; /* User */
|
||||
const char *us_user; /* User */
|
||||
u8_t us_userlen; /* User length */
|
||||
char *us_passwd; /* Password */
|
||||
const char *us_passwd; /* Password */
|
||||
u8_t us_passwdlen; /* Password length */
|
||||
u8_t us_clientstate; /* Client state */
|
||||
#if PPP_SERVER
|
||||
@ -112,7 +112,7 @@ typedef struct upap_state {
|
||||
#endif /* PAP_SUPPORT */
|
||||
|
||||
|
||||
void upap_authwithpeer(ppp_pcb *pcb, char *user, char *password);
|
||||
void upap_authwithpeer(ppp_pcb *pcb, const char *user, const char *password);
|
||||
#if PPP_SERVER
|
||||
void upap_authpeer(ppp_pcb *pcb);
|
||||
#endif /* PPP_SERVER */
|
||||
|
@ -1018,7 +1018,7 @@ void auth_peer_fail(ppp_pcb *pcb, int protocol) {
|
||||
/*
|
||||
* The peer has been successfully authenticated using `protocol'.
|
||||
*/
|
||||
void auth_peer_success(ppp_pcb *pcb, int protocol, int prot_flavor, char *name, int namelen) {
|
||||
void auth_peer_success(ppp_pcb *pcb, int protocol, int prot_flavor, const char *name, int namelen) {
|
||||
int bit;
|
||||
|
||||
switch (protocol) {
|
||||
@ -1943,7 +1943,7 @@ have_srp_secret(client, server, need_ip, lacks_ipp)
|
||||
* for authenticating the given client on the given server.
|
||||
* (We could be either client or server).
|
||||
*/
|
||||
int get_secret(ppp_pcb *pcb, char *client, char *server, char *secret, int *secret_len, int am_server) {
|
||||
int get_secret(ppp_pcb *pcb, const char *client, const char *server, char *secret, int *secret_len, int am_server) {
|
||||
int len;
|
||||
|
||||
LWIP_UNUSED_ARG(server);
|
||||
|
@ -62,9 +62,9 @@ static void chap_md5_generate_challenge(unsigned char *cp) {
|
||||
random_bytes(cp, clen);
|
||||
}
|
||||
|
||||
static int chap_md5_verify_response(int id, char *name,
|
||||
unsigned char *secret, int secret_len,
|
||||
unsigned char *challenge, unsigned char *response,
|
||||
static int chap_md5_verify_response(int id, const char *name,
|
||||
const unsigned char *secret, int secret_len,
|
||||
const unsigned char *challenge, const unsigned char *response,
|
||||
char *message, int message_space) {
|
||||
md5_context ctx;
|
||||
unsigned char idbyte = id;
|
||||
@ -78,8 +78,8 @@ static int chap_md5_verify_response(int id, char *name,
|
||||
/* Generate hash of ID, secret, challenge */
|
||||
md5_starts(&ctx);
|
||||
md5_update(&ctx, &idbyte, 1);
|
||||
md5_update(&ctx, secret, secret_len);
|
||||
md5_update(&ctx, challenge, challenge_len);
|
||||
md5_update(&ctx, (unsigned char*)secret, secret_len);
|
||||
md5_update(&ctx, (unsigned char*)challenge, challenge_len);
|
||||
md5_finish(&ctx, hash);
|
||||
|
||||
/* Test if our hash matches the peer's response */
|
||||
@ -93,9 +93,9 @@ static int chap_md5_verify_response(int id, char *name,
|
||||
}
|
||||
#endif /* PPP_SERVER */
|
||||
|
||||
static void chap_md5_make_response(unsigned char *response, int id, char *our_name,
|
||||
unsigned char *challenge, char *secret, int secret_len,
|
||||
unsigned char *private_) {
|
||||
static void chap_md5_make_response(unsigned char *response, int id, const char *our_name,
|
||||
const unsigned char *challenge, const char *secret, int secret_len,
|
||||
const unsigned char *private_) {
|
||||
md5_context ctx;
|
||||
unsigned char idbyte = id;
|
||||
int challenge_len = *challenge++;
|
||||
@ -105,7 +105,7 @@ static void chap_md5_make_response(unsigned char *response, int id, char *our_na
|
||||
md5_starts(&ctx);
|
||||
md5_update(&ctx, &idbyte, 1);
|
||||
md5_update(&ctx, (u_char *)secret, secret_len);
|
||||
md5_update(&ctx, challenge, challenge_len);
|
||||
md5_update(&ctx, (unsigned char *)challenge, challenge_len);
|
||||
md5_finish(&ctx, &response[1]);
|
||||
response[0] = MD5_HASH_SIZE;
|
||||
}
|
||||
|
@ -49,9 +49,9 @@
|
||||
#endif
|
||||
|
||||
/* Hook for a plugin to validate CHAP challenge */
|
||||
int (*chap_verify_hook)(char *name, char *ourname, int id,
|
||||
int (*chap_verify_hook)(const char *name, const char *ourname, int id,
|
||||
const struct chap_digest_type *digest,
|
||||
unsigned char *challenge, unsigned char *response,
|
||||
const unsigned char *challenge, const unsigned char *response,
|
||||
char *message, int message_space) = NULL;
|
||||
|
||||
#if PPP_OPTIONS
|
||||
@ -89,9 +89,9 @@ static void chap_timeout(void *arg);
|
||||
static void chap_generate_challenge(ppp_pcb *pcb);
|
||||
static void chap_handle_response(ppp_pcb *pcb, int code,
|
||||
unsigned char *pkt, int len);
|
||||
static int chap_verify_response(char *name, char *ourname, int id,
|
||||
static int chap_verify_response(const char *name, const char *ourname, int id,
|
||||
const struct chap_digest_type *digest,
|
||||
unsigned char *challenge, unsigned char *response,
|
||||
const unsigned char *challenge, const unsigned char *response,
|
||||
char *message, int message_space);
|
||||
#endif /* PPP_SERVER */
|
||||
static void chap_respond(ppp_pcb *pcb, int id,
|
||||
@ -155,7 +155,7 @@ static void chap_lowerdown(ppp_pcb *pcb) {
|
||||
* If the lower layer is already up, we start sending challenges,
|
||||
* otherwise we wait for the lower layer to come up.
|
||||
*/
|
||||
void chap_auth_peer(ppp_pcb *pcb, char *our_name, int digest_code) {
|
||||
void chap_auth_peer(ppp_pcb *pcb, const char *our_name, int digest_code) {
|
||||
struct chap_server_state *ss = &pcb->chap_server;
|
||||
const struct chap_digest_type *dp;
|
||||
int i;
|
||||
@ -185,7 +185,7 @@ void chap_auth_peer(ppp_pcb *pcb, char *our_name, int digest_code) {
|
||||
* chap_auth_with_peer - Prepare to authenticate ourselves to the peer.
|
||||
* There isn't much to do until we receive a challenge.
|
||||
*/
|
||||
void chap_auth_with_peer(ppp_pcb *pcb, char *our_name, int digest_code) {
|
||||
void chap_auth_with_peer(ppp_pcb *pcb, const char *our_name, int digest_code) {
|
||||
const struct chap_digest_type *dp;
|
||||
int i;
|
||||
|
||||
@ -277,11 +277,12 @@ static void chap_generate_challenge(ppp_pcb *pcb) {
|
||||
static void chap_handle_response(ppp_pcb *pcb, int id,
|
||||
unsigned char *pkt, int len) {
|
||||
int response_len, ok, mlen;
|
||||
unsigned char *response, *outp;
|
||||
const unsigned char *response;
|
||||
unsigned char *outp;
|
||||
struct pbuf *p;
|
||||
char *name = NULL; /* initialized to shut gcc up */
|
||||
int (*verifier)(char *, char *, int, const struct chap_digest_type *,
|
||||
unsigned char *, unsigned char *, char *, int);
|
||||
const char *name = NULL; /* initialized to shut gcc up */
|
||||
int (*verifier)(const char *, const char *, int, const struct chap_digest_type *,
|
||||
const unsigned char *, const unsigned char *, char *, int);
|
||||
char rname[MAXNAMELEN+1];
|
||||
|
||||
if ((pcb->chap_server.flags & LOWERUP) == 0)
|
||||
@ -394,9 +395,9 @@ static void chap_handle_response(ppp_pcb *pcb, int id,
|
||||
* what we think it should be. Returns 1 if it does (authentication
|
||||
* succeeded), or 0 if it doesn't.
|
||||
*/
|
||||
static int chap_verify_response(char *name, char *ourname, int id,
|
||||
static int chap_verify_response(const char *name, const char *ourname, int id,
|
||||
const struct chap_digest_type *digest,
|
||||
unsigned char *challenge, unsigned char *response,
|
||||
const unsigned char *challenge, const unsigned char *response,
|
||||
char *message, int message_space) {
|
||||
int ok;
|
||||
unsigned char secret[MAXSECRETLEN];
|
||||
|
@ -201,9 +201,9 @@ static void chapms2_generate_challenge(unsigned char *challenge) {
|
||||
random_bytes(challenge, 16);
|
||||
}
|
||||
|
||||
static int chapms_verify_response(int id, char *name,
|
||||
unsigned char *secret, int secret_len,
|
||||
unsigned char *challenge, unsigned char *response,
|
||||
static int chapms_verify_response(int id, const char *name,
|
||||
const unsigned char *secret, int secret_len,
|
||||
const unsigned char *challenge, const unsigned char *response,
|
||||
char *message, int message_space) {
|
||||
unsigned char md[MS_CHAP_RESPONSE_LEN];
|
||||
int diff;
|
||||
@ -225,7 +225,7 @@ static int chapms_verify_response(int id, char *name,
|
||||
#endif
|
||||
|
||||
/* Generate the expected response. */
|
||||
ChapMS(challenge, (char *)secret, secret_len, md);
|
||||
ChapMS((u_char *)challenge, (char *)secret, secret_len, md);
|
||||
|
||||
#ifdef MSLANMAN
|
||||
/* Determine which part of response to verify against */
|
||||
@ -249,9 +249,9 @@ static int chapms_verify_response(int id, char *name,
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int chapms2_verify_response(int id, char *name,
|
||||
unsigned char *secret, int secret_len,
|
||||
unsigned char *challenge, unsigned char *response,
|
||||
static int chapms2_verify_response(int id, const char *name,
|
||||
const unsigned char *secret, int secret_len,
|
||||
const unsigned char *challenge, const unsigned char *response,
|
||||
char *message, int message_space) {
|
||||
unsigned char md[MS_CHAP2_RESPONSE_LEN];
|
||||
char saresponse[MS_AUTH_RESPONSE_LENGTH+1];
|
||||
@ -264,7 +264,7 @@ static int chapms2_verify_response(int id, char *name,
|
||||
goto bad; /* not even the right length */
|
||||
|
||||
/* Generate the expected response and our mutual auth. */
|
||||
ChapMS2(challenge, &response[MS_CHAP2_PEER_CHALLENGE], name,
|
||||
ChapMS2((u_char*)challenge, (u_char*)&response[MS_CHAP2_PEER_CHALLENGE], (char*)name,
|
||||
(char *)secret, secret_len, md,
|
||||
(unsigned char *)saresponse, MS_CHAP2_AUTHENTICATOR);
|
||||
|
||||
@ -326,30 +326,30 @@ static int chapms2_verify_response(int id, char *name,
|
||||
}
|
||||
#endif /* PPP_SERVER */
|
||||
|
||||
static void chapms_make_response(unsigned char *response, int id, char *our_name,
|
||||
unsigned char *challenge, char *secret, int secret_len,
|
||||
unsigned char *private_) {
|
||||
static void chapms_make_response(unsigned char *response, int id, const char *our_name,
|
||||
const unsigned char *challenge, const char *secret, int secret_len,
|
||||
const unsigned char *private_) {
|
||||
LWIP_UNUSED_ARG(id);
|
||||
LWIP_UNUSED_ARG(our_name);
|
||||
LWIP_UNUSED_ARG(private_);
|
||||
challenge++; /* skip length, should be 8 */
|
||||
*response++ = MS_CHAP_RESPONSE_LEN;
|
||||
ChapMS(challenge, secret, secret_len, response);
|
||||
ChapMS((u_char*)challenge, (char*)secret, secret_len, response);
|
||||
}
|
||||
|
||||
static void chapms2_make_response(unsigned char *response, int id, char *our_name,
|
||||
unsigned char *challenge, char *secret, int secret_len,
|
||||
unsigned char *private_) {
|
||||
static void chapms2_make_response(unsigned char *response, int id, const char *our_name,
|
||||
const unsigned char *challenge, const char *secret, int secret_len,
|
||||
const unsigned char *private_) {
|
||||
LWIP_UNUSED_ARG(id);
|
||||
challenge++; /* skip length, should be 16 */
|
||||
*response++ = MS_CHAP2_RESPONSE_LEN;
|
||||
ChapMS2(challenge,
|
||||
ChapMS2((u_char*)challenge,
|
||||
#ifdef DEBUGMPPEKEY
|
||||
mschap2_peer_challenge,
|
||||
#else
|
||||
NULL,
|
||||
#endif
|
||||
our_name, secret, secret_len, response, private_,
|
||||
(char*)our_name, (char*)secret, secret_len, response, (u_char*)private_,
|
||||
MS_CHAP2_AUTHENTICATEE);
|
||||
}
|
||||
|
||||
|
@ -227,7 +227,7 @@ static void eap_client_timeout(void *arg) {
|
||||
* Start client state and wait for requests. This is called only
|
||||
* after eap_lowerup.
|
||||
*/
|
||||
void eap_authwithpeer(ppp_pcb *pcb, char *localname) {
|
||||
void eap_authwithpeer(ppp_pcb *pcb, const char *localname) {
|
||||
|
||||
if(NULL == localname)
|
||||
return;
|
||||
@ -886,7 +886,7 @@ static void eap_send_request(ppp_pcb *pcb) {
|
||||
* Start server state and send first request. This is called only
|
||||
* after eap_lowerup.
|
||||
*/
|
||||
void eap_authpeer(ppp_pcb *pcb, char *localname) {
|
||||
void eap_authpeer(ppp_pcb *pcb, const char *localname) {
|
||||
|
||||
/* Save the name we're given. */
|
||||
pcb->eap.es_server.ea_name = localname;
|
||||
@ -1073,7 +1073,7 @@ static void eap_send_response(ppp_pcb *pcb, u_char id, u_char typenum, u_char *s
|
||||
/*
|
||||
* Format and send an MD5-Challenge EAP Response message.
|
||||
*/
|
||||
static void eap_chap_response(ppp_pcb *pcb, u_char id, u_char *hash, char *name, int namelen) {
|
||||
static void eap_chap_response(ppp_pcb *pcb, u_char id, u_char *hash, const char *name, int namelen) {
|
||||
struct pbuf *p;
|
||||
u_char *outp;
|
||||
int msglen;
|
||||
|
@ -302,7 +302,7 @@ void ppp_set_default(ppp_pcb *pcb) {
|
||||
netif_set_default(&pcb->netif);
|
||||
}
|
||||
|
||||
void ppp_set_auth(ppp_pcb *pcb, u8_t authtype, char *user, char *passwd) {
|
||||
void ppp_set_auth(ppp_pcb *pcb, u8_t authtype, const char *user, const char *passwd) {
|
||||
|
||||
#if PAP_SUPPORT
|
||||
if (authtype & PPPAUTHTYPE_PAP) {
|
||||
|
@ -151,7 +151,7 @@ static void upap_init(ppp_pcb *pcb) {
|
||||
*
|
||||
* Set new state and send authenticate's.
|
||||
*/
|
||||
void upap_authwithpeer(ppp_pcb *pcb, char *user, char *password) {
|
||||
void upap_authwithpeer(ppp_pcb *pcb, const char *user, const char *password) {
|
||||
|
||||
if(!user || !password)
|
||||
return;
|
||||
|
Loading…
Reference in New Issue
Block a user