mirror of
https://github.com/lwip-tcpip/lwip.git
synced 2024-09-13 02:05:43 +00:00
moved auth.c global variables to ppp_pcb
This commit is contained in:
parent
51bfac71b0
commit
844f5e5af1
@ -139,17 +139,6 @@
|
|||||||
#define ISWILD(word) (word[0] == '*' && word[1] == 0)
|
#define ISWILD(word) (word[0] == '*' && word[1] == 0)
|
||||||
#endif /* UNUSED */
|
#endif /* UNUSED */
|
||||||
|
|
||||||
#if PPP_SERVER
|
|
||||||
/* The name by which the peer authenticated itself to us. */
|
|
||||||
char peer_authname[MAXNAMELEN];
|
|
||||||
#endif /* PPP_SERVER */
|
|
||||||
|
|
||||||
/* Records which authentication operations haven't completed yet. */
|
|
||||||
static int auth_pending[NUM_PPP];
|
|
||||||
|
|
||||||
/* Records which authentication operations have been completed. */
|
|
||||||
int auth_done[NUM_PPP];
|
|
||||||
|
|
||||||
#if 0 /* UNUSED */
|
#if 0 /* UNUSED */
|
||||||
/* List of addresses which the peer may use. */
|
/* List of addresses which the peer may use. */
|
||||||
static struct permitted_ip *addresses[NUM_PPP];
|
static struct permitted_ip *addresses[NUM_PPP];
|
||||||
@ -168,12 +157,6 @@ static struct wordlist *permitted_numbers;
|
|||||||
static struct wordlist *extra_options;
|
static struct wordlist *extra_options;
|
||||||
#endif /* UNUSED */
|
#endif /* UNUSED */
|
||||||
|
|
||||||
/* Number of network protocols which we have opened. */
|
|
||||||
static int num_np_open;
|
|
||||||
|
|
||||||
/* Number of network protocols which have come up. */
|
|
||||||
static int num_np_up;
|
|
||||||
|
|
||||||
#if 0 /* UNUSED */
|
#if 0 /* UNUSED */
|
||||||
/* Set if we require authentication only because we have a default route. */
|
/* Set if we require authentication only because we have a default route. */
|
||||||
static bool default_auth;
|
static bool default_auth;
|
||||||
@ -732,8 +715,8 @@ void upper_layers_down(ppp_pcb *pcb) {
|
|||||||
if (protp->protocol < 0xC000 && protp->close != NULL)
|
if (protp->protocol < 0xC000 && protp->close != NULL)
|
||||||
(*protp->close)(pcb->unit, "LCP down");
|
(*protp->close)(pcb->unit, "LCP down");
|
||||||
}
|
}
|
||||||
num_np_open = 0;
|
pcb->num_np_open = 0;
|
||||||
num_np_up = 0;
|
pcb->num_np_up = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -845,8 +828,8 @@ void link_established(ppp_pcb *pcb) {
|
|||||||
#endif /* PAP_SUPPORT */
|
#endif /* PAP_SUPPORT */
|
||||||
{}
|
{}
|
||||||
|
|
||||||
auth_pending[pcb->unit] = auth;
|
pcb->auth_pending = auth;
|
||||||
auth_done[pcb->unit] = 0;
|
pcb->auth_done = 0;
|
||||||
|
|
||||||
if (!auth)
|
if (!auth)
|
||||||
network_phase(pcb);
|
network_phase(pcb);
|
||||||
@ -996,10 +979,10 @@ void continue_networks(ppp_pcb *pcb) {
|
|||||||
#endif /* ECP_SUPPORT */
|
#endif /* ECP_SUPPORT */
|
||||||
&& protp->enabled_flag && protp->open != NULL) {
|
&& protp->enabled_flag && protp->open != NULL) {
|
||||||
(*protp->open)(0);
|
(*protp->open)(0);
|
||||||
++num_np_open;
|
++pcb->num_np_open;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (num_np_open == 0)
|
if (pcb->num_np_open == 0)
|
||||||
/* nothing to do */
|
/* nothing to do */
|
||||||
lcp_close(0, "No network protocols running");
|
lcp_close(0, "No network protocols running");
|
||||||
}
|
}
|
||||||
@ -1008,26 +991,18 @@ void continue_networks(ppp_pcb *pcb) {
|
|||||||
/*
|
/*
|
||||||
* The peer has failed to authenticate himself using `protocol'.
|
* The peer has failed to authenticate himself using `protocol'.
|
||||||
*/
|
*/
|
||||||
void
|
void auth_peer_fail(ppp_pcb *pcb, int protocol) {
|
||||||
auth_peer_fail(unit, protocol)
|
|
||||||
int unit, protocol;
|
|
||||||
{
|
|
||||||
/*
|
/*
|
||||||
* Authentication failure: take the link down
|
* Authentication failure: take the link down
|
||||||
*/
|
*/
|
||||||
status = EXIT_PEER_AUTH_FAILED;
|
status = EXIT_PEER_AUTH_FAILED;
|
||||||
lcp_close(unit, "Authentication failed");
|
lcp_close(pcb->unit, "Authentication failed");
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* The peer has been successfully authenticated using `protocol'.
|
* The peer has been successfully authenticated using `protocol'.
|
||||||
*/
|
*/
|
||||||
void
|
void auth_peer_success(ppp_pcb *pcb, int protocol, int prot_flavor, char *name, int namelen) {
|
||||||
auth_peer_success(unit, protocol, prot_flavor, name, namelen)
|
|
||||||
int unit, protocol, prot_flavor;
|
|
||||||
char *name;
|
|
||||||
int namelen;
|
|
||||||
{
|
|
||||||
int bit;
|
int bit;
|
||||||
|
|
||||||
switch (protocol) {
|
switch (protocol) {
|
||||||
@ -1068,22 +1043,22 @@ auth_peer_success(unit, protocol, prot_flavor, name, namelen)
|
|||||||
* Save the authenticated name of the peer for later.
|
* Save the authenticated name of the peer for later.
|
||||||
*/
|
*/
|
||||||
/* FIXME: do we need that ? */
|
/* FIXME: do we need that ? */
|
||||||
if (namelen > sizeof(peer_authname) - 1)
|
if (namelen > sizeof(pcb->peer_authname) - 1)
|
||||||
namelen = sizeof(peer_authname) - 1;
|
namelen = sizeof(pcb->peer_authname) - 1;
|
||||||
MEMCPY(peer_authname, name, namelen);
|
MEMCPY(pcb->peer_authname, name, namelen);
|
||||||
peer_authname[namelen] = 0;
|
pcb->peer_authname[namelen] = 0;
|
||||||
#if 0 /* UNUSED */
|
#if 0 /* UNUSED */
|
||||||
script_setenv("PEERNAME", peer_authname, 0);
|
script_setenv("PEERNAME", , 0);
|
||||||
#endif /* UNUSED */
|
#endif /* UNUSED */
|
||||||
|
|
||||||
/* Save the authentication method for later. */
|
/* Save the authentication method for later. */
|
||||||
auth_done[unit] |= bit;
|
pcb->auth_done |= bit;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If there is no more authentication still to be done,
|
* If there is no more authentication still to be done,
|
||||||
* proceed to the network (or callback) phase.
|
* proceed to the network (or callback) phase.
|
||||||
*/
|
*/
|
||||||
if ((auth_pending[unit] &= ~bit) == 0)
|
if ((pcb->auth_pending &= ~bit) == 0)
|
||||||
network_phase(unit);
|
network_phase(unit);
|
||||||
}
|
}
|
||||||
#endif /* PPP_SERVER */
|
#endif /* PPP_SERVER */
|
||||||
@ -1158,13 +1133,13 @@ void auth_withpeer_success(ppp_pcb *pcb, int protocol, int prot_flavor) {
|
|||||||
notice("%s authentication succeeded", prot);
|
notice("%s authentication succeeded", prot);
|
||||||
|
|
||||||
/* Save the authentication method for later. */
|
/* Save the authentication method for later. */
|
||||||
auth_done[pcb->unit] |= bit;
|
pcb->auth_done |= bit;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If there is no more authentication still being done,
|
* If there is no more authentication still being done,
|
||||||
* proceed to the network (or callback) phase.
|
* proceed to the network (or callback) phase.
|
||||||
*/
|
*/
|
||||||
if ((auth_pending[pcb->unit] &= ~bit) == 0)
|
if ((pcb->auth_pending &= ~bit) == 0)
|
||||||
network_phase(pcb);
|
network_phase(pcb);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1175,7 +1150,7 @@ void auth_withpeer_success(ppp_pcb *pcb, int protocol, int prot_flavor) {
|
|||||||
void np_up(ppp_pcb *pcb, int proto) {
|
void np_up(ppp_pcb *pcb, int proto) {
|
||||||
int tlim;
|
int tlim;
|
||||||
|
|
||||||
if (num_np_up == 0) {
|
if (pcb->num_np_up == 0) {
|
||||||
/*
|
/*
|
||||||
* At this point we consider that the link has come up successfully.
|
* At this point we consider that the link has come up successfully.
|
||||||
*/
|
*/
|
||||||
@ -1211,14 +1186,14 @@ void np_up(ppp_pcb *pcb, int proto) {
|
|||||||
detach();
|
detach();
|
||||||
#endif /* Unused */
|
#endif /* Unused */
|
||||||
}
|
}
|
||||||
++num_np_up;
|
++pcb->num_np_up;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* np_down - a network protocol has gone down.
|
* np_down - a network protocol has gone down.
|
||||||
*/
|
*/
|
||||||
void np_down(ppp_pcb *pcb, int proto) {
|
void np_down(ppp_pcb *pcb, int proto) {
|
||||||
if (--num_np_up == 0) {
|
if (--pcb->num_np_up == 0) {
|
||||||
UNTIMEOUT(check_idle, (void*)pcb);
|
UNTIMEOUT(check_idle, (void*)pcb);
|
||||||
UNTIMEOUT(connect_time_expired, NULL);
|
UNTIMEOUT(connect_time_expired, NULL);
|
||||||
#ifdef MAXOCTETS
|
#ifdef MAXOCTETS
|
||||||
@ -1232,7 +1207,7 @@ void np_down(ppp_pcb *pcb, int proto) {
|
|||||||
* np_finished - a network protocol has finished using the link.
|
* np_finished - a network protocol has finished using the link.
|
||||||
*/
|
*/
|
||||||
void np_finished(ppp_pcb *pcb, int proto) {
|
void np_finished(ppp_pcb *pcb, int proto) {
|
||||||
if (--num_np_open <= 0) {
|
if (--pcb->num_np_open <= 0) {
|
||||||
/* no further use for the link: shut up shop. */
|
/* no further use for the link: shut up shop. */
|
||||||
lcp_close(0, "No network protocols running");
|
lcp_close(0, "No network protocols running");
|
||||||
}
|
}
|
||||||
|
@ -294,7 +294,7 @@ chap_timeout(void *arg)
|
|||||||
} else if (ss->challenge_xmits >= chap_max_transmits) {
|
} else if (ss->challenge_xmits >= chap_max_transmits) {
|
||||||
ss->flags &= ~CHALLENGE_VALID;
|
ss->flags &= ~CHALLENGE_VALID;
|
||||||
ss->flags |= AUTH_DONE | AUTH_FAILED;
|
ss->flags |= AUTH_DONE | AUTH_FAILED;
|
||||||
auth_peer_fail(0, PPP_CHAP);
|
auth_peer_fail(pcb, PPP_CHAP);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -426,10 +426,10 @@ chap_handle_response(struct chap_server_state *ss, int id,
|
|||||||
|
|
||||||
}
|
}
|
||||||
if (ss->flags & AUTH_FAILED) {
|
if (ss->flags & AUTH_FAILED) {
|
||||||
auth_peer_fail(0, PPP_CHAP);
|
auth_peer_fail(pcb, PPP_CHAP);
|
||||||
} else {
|
} else {
|
||||||
if ((ss->flags & AUTH_DONE) == 0)
|
if ((ss->flags & AUTH_DONE) == 0)
|
||||||
auth_peer_success(0, PPP_CHAP,
|
auth_peer_success(pcb, PPP_CHAP,
|
||||||
ss->digest->code,
|
ss->digest->code,
|
||||||
name, strlen(name));
|
name, strlen(name));
|
||||||
if (chap_rechallenge_time) {
|
if (chap_rechallenge_time) {
|
||||||
@ -621,7 +621,7 @@ chap_protrej(int unit)
|
|||||||
}
|
}
|
||||||
if (ss->flags & AUTH_STARTED) {
|
if (ss->flags & AUTH_STARTED) {
|
||||||
ss->flags = 0;
|
ss->flags = 0;
|
||||||
auth_peer_fail(0, PPP_CHAP);
|
auth_peer_fail(pcb, PPP_CHAP);
|
||||||
}
|
}
|
||||||
#endif /* PPP_SERVER */
|
#endif /* PPP_SERVER */
|
||||||
if ((cs->flags & (AUTH_STARTED|AUTH_DONE)) == AUTH_STARTED) {
|
if ((cs->flags & (AUTH_STARTED|AUTH_DONE)) == AUTH_STARTED) {
|
||||||
|
@ -284,7 +284,7 @@ eap_state *esp;
|
|||||||
ppp_write(pcb, outpacket_buf, EAP_HEADERLEN + PPP_HDRLEN);
|
ppp_write(pcb, outpacket_buf, EAP_HEADERLEN + PPP_HDRLEN);
|
||||||
|
|
||||||
esp->es_server.ea_state = eapBadAuth;
|
esp->es_server.ea_state = eapBadAuth;
|
||||||
auth_peer_fail(esp->es_unit, PPP_EAP);
|
auth_peer_fail(pcb, PPP_EAP);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -309,7 +309,7 @@ eap_state *esp;
|
|||||||
|
|
||||||
ppp_write(pcb, outpacket_buf, PPP_HDRLEN + EAP_HEADERLEN);
|
ppp_write(pcb, outpacket_buf, PPP_HDRLEN + EAP_HEADERLEN);
|
||||||
|
|
||||||
auth_peer_success(esp->es_unit, PPP_EAP, 0,
|
auth_peer_success(pcb, PPP_EAP, 0,
|
||||||
esp->es_server.ea_peer, esp->es_server.ea_peerlen);
|
esp->es_server.ea_peer, esp->es_server.ea_peerlen);
|
||||||
}
|
}
|
||||||
#endif /* PPP_SERVER */
|
#endif /* PPP_SERVER */
|
||||||
|
@ -157,6 +157,7 @@ typedef struct ppp_settings_s {
|
|||||||
u16_t idle_time_limit; /* Disconnect if idle for this many seconds */
|
u16_t idle_time_limit; /* Disconnect if idle for this many seconds */
|
||||||
int maxconnect; /* Maximum connect time (seconds) */
|
int maxconnect; /* Maximum connect time (seconds) */
|
||||||
|
|
||||||
|
/* auth data */
|
||||||
char user [MAXNAMELEN + 1]; /* Username for PAP */
|
char user [MAXNAMELEN + 1]; /* Username for PAP */
|
||||||
char passwd [MAXSECRETLEN + 1]; /* Password for PAP, secret for CHAP */
|
char passwd [MAXSECRETLEN + 1]; /* Password for PAP, secret for CHAP */
|
||||||
#if PPP_SERVER
|
#if PPP_SERVER
|
||||||
@ -253,6 +254,14 @@ typedef struct ppp_pcb_s {
|
|||||||
void (*link_status_cb)(void *ctx, int err_code, void *arg);
|
void (*link_status_cb)(void *ctx, int err_code, void *arg);
|
||||||
void *link_status_ctx;
|
void *link_status_ctx;
|
||||||
|
|
||||||
|
/* auth data */
|
||||||
|
#if PPP_SERVER
|
||||||
|
char peer_authname[MAXNAMELEN + 1]; /* The name by which the peer authenticated itself to us. */
|
||||||
|
#endif /* PPP_SERVER */
|
||||||
|
int auth_pending; /* Records which authentication operations haven't completed yet. */
|
||||||
|
int auth_done; /* Records which authentication operations have been completed. */
|
||||||
|
int num_np_open; /* Number of network protocols which we have opened. */
|
||||||
|
int num_np_up; /* Number of network protocols which have come up. */
|
||||||
} ppp_pcb;
|
} ppp_pcb;
|
||||||
|
|
||||||
/************************
|
/************************
|
||||||
|
@ -551,11 +551,12 @@ void upper_layers_down(ppp_pcb *pcb); /* take all NCPs down */
|
|||||||
void link_established(ppp_pcb *pcb); /* the link is up; authenticate now */
|
void link_established(ppp_pcb *pcb); /* the link is up; authenticate now */
|
||||||
void start_networks(ppp_pcb *pcb); /* start all the network control protos */
|
void start_networks(ppp_pcb *pcb); /* start all the network control protos */
|
||||||
void continue_networks(ppp_pcb *pcb); /* start network [ip, etc] control protos */
|
void continue_networks(ppp_pcb *pcb); /* start network [ip, etc] control protos */
|
||||||
|
#if PPP_SERVER
|
||||||
void auth_peer_fail (int, int);
|
void auth_peer_fail(ppp_pcb *pcb, int protocol);
|
||||||
/* peer failed to authenticate itself */
|
/* peer failed to authenticate itself */
|
||||||
void auth_peer_success (int, int, int, char *, int);
|
void auth_peer_success(ppp_pcb *pcb, int protocol, int prot_flavor, char *name, int namelen);
|
||||||
/* peer successfully authenticated itself */
|
/* peer successfully authenticated itself */
|
||||||
|
#endif /* PPP_SERVER */
|
||||||
void auth_withpeer_fail(ppp_pcb *pcb, int protocol);
|
void auth_withpeer_fail(ppp_pcb *pcb, int protocol);
|
||||||
/* we failed to authenticate ourselves */
|
/* we failed to authenticate ourselves */
|
||||||
void auth_withpeer_success(ppp_pcb *pcb, int protocol, int prot_flavor);
|
void auth_withpeer_success(ppp_pcb *pcb, int protocol, int prot_flavor);
|
||||||
|
@ -252,7 +252,7 @@ upap_reqtimeout(arg)
|
|||||||
if (u->us_serverstate != UPAPSS_LISTEN)
|
if (u->us_serverstate != UPAPSS_LISTEN)
|
||||||
return; /* huh?? */
|
return; /* huh?? */
|
||||||
|
|
||||||
auth_peer_fail(u->us_unit, PPP_PAP);
|
auth_peer_fail(pcb, PPP_PAP);
|
||||||
u->us_serverstate = UPAPSS_BADAUTH;
|
u->us_serverstate = UPAPSS_BADAUTH;
|
||||||
}
|
}
|
||||||
#endif /* PPP_SERVER */
|
#endif /* PPP_SERVER */
|
||||||
@ -486,11 +486,11 @@ upap_rauthreq(u, inp, id, len)
|
|||||||
if (retcode == UPAP_AUTHACK) {
|
if (retcode == UPAP_AUTHACK) {
|
||||||
u->us_serverstate = UPAPSS_OPEN;
|
u->us_serverstate = UPAPSS_OPEN;
|
||||||
notice("PAP peer authentication succeeded for %q", rhostname);
|
notice("PAP peer authentication succeeded for %q", rhostname);
|
||||||
auth_peer_success(u->us_unit, PPP_PAP, 0, ruser, ruserlen);
|
auth_peer_success(pcb, PPP_PAP, 0, ruser, ruserlen);
|
||||||
} else {
|
} else {
|
||||||
u->us_serverstate = UPAPSS_BADAUTH;
|
u->us_serverstate = UPAPSS_BADAUTH;
|
||||||
warn("PAP peer authentication failed for %q", rhostname);
|
warn("PAP peer authentication failed for %q", rhostname);
|
||||||
auth_peer_fail(u->us_unit, PPP_PAP);
|
auth_peer_fail(pcb, PPP_PAP);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (u->us_reqtimeout > 0)
|
if (u->us_reqtimeout > 0)
|
||||||
|
Loading…
Reference in New Issue
Block a user