diff --git a/src/netif/ppp/auth.c b/src/netif/ppp/auth.c index 50c295b5..b516ad23 100644 --- a/src/netif/ppp/auth.c +++ b/src/netif/ppp/auth.c @@ -139,17 +139,6 @@ #define ISWILD(word) (word[0] == '*' && word[1] == 0) #endif /* UNUSED */ -#if PPP_SERVER -/* The name by which the peer authenticated itself to us. */ -char peer_authname[MAXNAMELEN]; -#endif /* PPP_SERVER */ - -/* Records which authentication operations haven't completed yet. */ -static int auth_pending[NUM_PPP]; - -/* Records which authentication operations have been completed. */ -int auth_done[NUM_PPP]; - #if 0 /* UNUSED */ /* List of addresses which the peer may use. */ static struct permitted_ip *addresses[NUM_PPP]; @@ -168,12 +157,6 @@ static struct wordlist *permitted_numbers; static struct wordlist *extra_options; #endif /* UNUSED */ -/* Number of network protocols which we have opened. */ -static int num_np_open; - -/* Number of network protocols which have come up. */ -static int num_np_up; - #if 0 /* UNUSED */ /* Set if we require authentication only because we have a default route. */ static bool default_auth; @@ -732,8 +715,8 @@ void upper_layers_down(ppp_pcb *pcb) { if (protp->protocol < 0xC000 && protp->close != NULL) (*protp->close)(pcb->unit, "LCP down"); } - num_np_open = 0; - num_np_up = 0; + pcb->num_np_open = 0; + pcb->num_np_up = 0; } /* @@ -845,8 +828,8 @@ void link_established(ppp_pcb *pcb) { #endif /* PAP_SUPPORT */ {} - auth_pending[pcb->unit] = auth; - auth_done[pcb->unit] = 0; + pcb->auth_pending = auth; + pcb->auth_done = 0; if (!auth) network_phase(pcb); @@ -996,10 +979,10 @@ void continue_networks(ppp_pcb *pcb) { #endif /* ECP_SUPPORT */ && protp->enabled_flag && protp->open != NULL) { (*protp->open)(0); - ++num_np_open; + ++pcb->num_np_open; } - if (num_np_open == 0) + if (pcb->num_np_open == 0) /* nothing to do */ lcp_close(0, "No network protocols running"); } @@ -1008,26 +991,18 @@ void continue_networks(ppp_pcb *pcb) { /* * The peer has failed to authenticate himself using `protocol'. */ -void -auth_peer_fail(unit, protocol) - int unit, protocol; -{ +void auth_peer_fail(ppp_pcb *pcb, int protocol) { /* * Authentication failure: take the link down */ status = EXIT_PEER_AUTH_FAILED; - lcp_close(unit, "Authentication failed"); + lcp_close(pcb->unit, "Authentication failed"); } /* * The peer has been successfully authenticated using `protocol'. */ -void -auth_peer_success(unit, protocol, prot_flavor, name, namelen) - int unit, protocol, prot_flavor; - char *name; - int namelen; -{ +void auth_peer_success(ppp_pcb *pcb, int protocol, int prot_flavor, char *name, int namelen) { int bit; switch (protocol) { @@ -1068,22 +1043,22 @@ auth_peer_success(unit, protocol, prot_flavor, name, namelen) * Save the authenticated name of the peer for later. */ /* FIXME: do we need that ? */ - if (namelen > sizeof(peer_authname) - 1) - namelen = sizeof(peer_authname) - 1; - MEMCPY(peer_authname, name, namelen); - peer_authname[namelen] = 0; + if (namelen > sizeof(pcb->peer_authname) - 1) + namelen = sizeof(pcb->peer_authname) - 1; + MEMCPY(pcb->peer_authname, name, namelen); + pcb->peer_authname[namelen] = 0; #if 0 /* UNUSED */ - script_setenv("PEERNAME", peer_authname, 0); + script_setenv("PEERNAME", , 0); #endif /* UNUSED */ /* Save the authentication method for later. */ - auth_done[unit] |= bit; + pcb->auth_done |= bit; /* * If there is no more authentication still to be done, * proceed to the network (or callback) phase. */ - if ((auth_pending[unit] &= ~bit) == 0) + if ((pcb->auth_pending &= ~bit) == 0) network_phase(unit); } #endif /* PPP_SERVER */ @@ -1158,13 +1133,13 @@ void auth_withpeer_success(ppp_pcb *pcb, int protocol, int prot_flavor) { notice("%s authentication succeeded", prot); /* Save the authentication method for later. */ - auth_done[pcb->unit] |= bit; + pcb->auth_done |= bit; /* * If there is no more authentication still being done, * proceed to the network (or callback) phase. */ - if ((auth_pending[pcb->unit] &= ~bit) == 0) + if ((pcb->auth_pending &= ~bit) == 0) network_phase(pcb); } @@ -1175,7 +1150,7 @@ void auth_withpeer_success(ppp_pcb *pcb, int protocol, int prot_flavor) { void np_up(ppp_pcb *pcb, int proto) { int tlim; - if (num_np_up == 0) { + if (pcb->num_np_up == 0) { /* * At this point we consider that the link has come up successfully. */ @@ -1211,14 +1186,14 @@ void np_up(ppp_pcb *pcb, int proto) { detach(); #endif /* Unused */ } - ++num_np_up; + ++pcb->num_np_up; } /* * np_down - a network protocol has gone down. */ void np_down(ppp_pcb *pcb, int proto) { - if (--num_np_up == 0) { + if (--pcb->num_np_up == 0) { UNTIMEOUT(check_idle, (void*)pcb); UNTIMEOUT(connect_time_expired, NULL); #ifdef MAXOCTETS @@ -1232,7 +1207,7 @@ void np_down(ppp_pcb *pcb, int proto) { * np_finished - a network protocol has finished using the link. */ void np_finished(ppp_pcb *pcb, int proto) { - if (--num_np_open <= 0) { + if (--pcb->num_np_open <= 0) { /* no further use for the link: shut up shop. */ lcp_close(0, "No network protocols running"); } diff --git a/src/netif/ppp/chap-new.c b/src/netif/ppp/chap-new.c index 0ba348fe..2cf2ab74 100644 --- a/src/netif/ppp/chap-new.c +++ b/src/netif/ppp/chap-new.c @@ -294,7 +294,7 @@ chap_timeout(void *arg) } else if (ss->challenge_xmits >= chap_max_transmits) { ss->flags &= ~CHALLENGE_VALID; ss->flags |= AUTH_DONE | AUTH_FAILED; - auth_peer_fail(0, PPP_CHAP); + auth_peer_fail(pcb, PPP_CHAP); return; } @@ -426,10 +426,10 @@ chap_handle_response(struct chap_server_state *ss, int id, } if (ss->flags & AUTH_FAILED) { - auth_peer_fail(0, PPP_CHAP); + auth_peer_fail(pcb, PPP_CHAP); } else { if ((ss->flags & AUTH_DONE) == 0) - auth_peer_success(0, PPP_CHAP, + auth_peer_success(pcb, PPP_CHAP, ss->digest->code, name, strlen(name)); if (chap_rechallenge_time) { @@ -621,7 +621,7 @@ chap_protrej(int unit) } if (ss->flags & AUTH_STARTED) { ss->flags = 0; - auth_peer_fail(0, PPP_CHAP); + auth_peer_fail(pcb, PPP_CHAP); } #endif /* PPP_SERVER */ if ((cs->flags & (AUTH_STARTED|AUTH_DONE)) == AUTH_STARTED) { diff --git a/src/netif/ppp/eap.c b/src/netif/ppp/eap.c index a6605ded..58bd5ed4 100644 --- a/src/netif/ppp/eap.c +++ b/src/netif/ppp/eap.c @@ -284,7 +284,7 @@ eap_state *esp; ppp_write(pcb, outpacket_buf, EAP_HEADERLEN + PPP_HDRLEN); esp->es_server.ea_state = eapBadAuth; - auth_peer_fail(esp->es_unit, PPP_EAP); + auth_peer_fail(pcb, PPP_EAP); } /* @@ -309,7 +309,7 @@ eap_state *esp; ppp_write(pcb, outpacket_buf, PPP_HDRLEN + EAP_HEADERLEN); - auth_peer_success(esp->es_unit, PPP_EAP, 0, + auth_peer_success(pcb, PPP_EAP, 0, esp->es_server.ea_peer, esp->es_server.ea_peerlen); } #endif /* PPP_SERVER */ diff --git a/src/netif/ppp/ppp.h b/src/netif/ppp/ppp.h index c16d8f59..a524e117 100644 --- a/src/netif/ppp/ppp.h +++ b/src/netif/ppp/ppp.h @@ -157,6 +157,7 @@ typedef struct ppp_settings_s { u16_t idle_time_limit; /* Disconnect if idle for this many seconds */ int maxconnect; /* Maximum connect time (seconds) */ + /* auth data */ char user [MAXNAMELEN + 1]; /* Username for PAP */ char passwd [MAXSECRETLEN + 1]; /* Password for PAP, secret for CHAP */ #if PPP_SERVER @@ -253,6 +254,14 @@ typedef struct ppp_pcb_s { void (*link_status_cb)(void *ctx, int err_code, void *arg); void *link_status_ctx; + /* auth data */ +#if PPP_SERVER + char peer_authname[MAXNAMELEN + 1]; /* The name by which the peer authenticated itself to us. */ +#endif /* PPP_SERVER */ + int auth_pending; /* Records which authentication operations haven't completed yet. */ + int auth_done; /* Records which authentication operations have been completed. */ + int num_np_open; /* Number of network protocols which we have opened. */ + int num_np_up; /* Number of network protocols which have come up. */ } ppp_pcb; /************************ diff --git a/src/netif/ppp/ppp_impl.h b/src/netif/ppp/ppp_impl.h index 6d208c4b..487adb96 100644 --- a/src/netif/ppp/ppp_impl.h +++ b/src/netif/ppp/ppp_impl.h @@ -551,11 +551,12 @@ void upper_layers_down(ppp_pcb *pcb); /* take all NCPs down */ void link_established(ppp_pcb *pcb); /* the link is up; authenticate now */ void start_networks(ppp_pcb *pcb); /* start all the network control protos */ void continue_networks(ppp_pcb *pcb); /* start network [ip, etc] control protos */ - -void auth_peer_fail (int, int); +#if PPP_SERVER +void auth_peer_fail(ppp_pcb *pcb, int protocol); /* peer failed to authenticate itself */ -void auth_peer_success (int, int, int, char *, int); +void auth_peer_success(ppp_pcb *pcb, int protocol, int prot_flavor, char *name, int namelen); /* peer successfully authenticated itself */ +#endif /* PPP_SERVER */ void auth_withpeer_fail(ppp_pcb *pcb, int protocol); /* we failed to authenticate ourselves */ void auth_withpeer_success(ppp_pcb *pcb, int protocol, int prot_flavor); diff --git a/src/netif/ppp/upap.c b/src/netif/ppp/upap.c index 29a71eff..df6ea1fe 100644 --- a/src/netif/ppp/upap.c +++ b/src/netif/ppp/upap.c @@ -252,7 +252,7 @@ upap_reqtimeout(arg) if (u->us_serverstate != UPAPSS_LISTEN) return; /* huh?? */ - auth_peer_fail(u->us_unit, PPP_PAP); + auth_peer_fail(pcb, PPP_PAP); u->us_serverstate = UPAPSS_BADAUTH; } #endif /* PPP_SERVER */ @@ -486,11 +486,11 @@ upap_rauthreq(u, inp, id, len) if (retcode == UPAP_AUTHACK) { u->us_serverstate = UPAPSS_OPEN; notice("PAP peer authentication succeeded for %q", rhostname); - auth_peer_success(u->us_unit, PPP_PAP, 0, ruser, ruserlen); + auth_peer_success(pcb, PPP_PAP, 0, ruser, ruserlen); } else { u->us_serverstate = UPAPSS_BADAUTH; warn("PAP peer authentication failed for %q", rhostname); - auth_peer_fail(u->us_unit, PPP_PAP); + auth_peer_fail(pcb, PPP_PAP); } if (u->us_reqtimeout > 0)