PPP, CORE, moved auth configuration from auth_reset() to lcp_resetci()

Prepare for PPP_SERVER support, we need to move auth configuration before lcp_allowoptions is copied into lcp_gotoptions. Restore unused auth_reset() function using pppd original source code.
2024-07-16 09:47:31 +00:00 · 2015-02-28 12:59:29 +01:00 · 2015-02-28 12:59:29 +01:00 · 8d05279599
commit 8d05279599
parent 587e0e3e0c
3 changed files with 73 additions and 90 deletions
--- a/src/include/netif/ppp/ppp_impl.h
+++ b/src/include/netif/ppp/ppp_impl.h
@ -564,7 +564,6 @@ void np_up(ppp_pcb *pcb, int proto);    /* a network protocol has come up */
 void np_down(ppp_pcb *pcb, int proto);  /* a network protocol has gone down */
 void np_finished(ppp_pcb *pcb, int proto); /* a network protocol no longer needs link */
 #if PPP_AUTH_SUPPORT
-void auth_reset(ppp_pcb *pcb);	/* check what secrets we have */
 int get_secret(ppp_pcb *pcb, const char *client, const char *server, char *secret, int *secret_len, int am_server);
 				/* get "secret" for chap */
 #endif /* PPP_AUTH_SUPPORT */
--- a/src/netif/ppp/auth.c
+++ b/src/netif/ppp/auth.c
@ -1466,110 +1466,40 @@ auth_check_options()
 }
 #endif /* PPP_OPTIONS */

-#if PPP_AUTH_SUPPORT
+#if 0 /* UNUSED */
 /*
 * auth_reset - called when LCP is starting negotiations to recheck
 * authentication options, i.e. whether we have appropriate secrets
 * to use for authenticating ourselves and/or the peer.
 */
-void auth_reset(ppp_pcb *pcb) {
-  lcp_options *go = &pcb->lcp_gotoptions;
-  lcp_options *ao = &pcb->lcp_allowoptions;
+void
+auth_reset(unit)
+    int unit;
+{
+    lcp_options *go = &lcp_gotoptions[unit];
+    lcp_options *ao = &lcp_allowoptions[unit];
+    int hadchap;

-  if(pcb->settings.passwd) {
-
-#if PAP_SUPPORT
-    ao->neg_upap = !pcb->settings.refuse_pap;
-#endif /* PAP_SUPPORT */
-
-#if EAP_SUPPORT
-    ao->neg_eap = !pcb->settings.refuse_eap;
-#endif /* EAP_SUPPORT */
-
-#if CHAP_SUPPORT
-    ao->chap_mdtype = MDTYPE_NONE;
-    if(!pcb->settings.refuse_chap)
-      ao->chap_mdtype |= MDTYPE_MD5;
-#if MSCHAP_SUPPORT
-    if(!pcb->settings.refuse_mschap)
-      ao->chap_mdtype |= MDTYPE_MICROSOFT;
-    if(!pcb->settings.refuse_mschap_v2)
-      ao->chap_mdtype |= MDTYPE_MICROSOFT_V2;
-#endif /* MSCHAP_SUPPORT */
-
-    ao->neg_chap = (ao->chap_mdtype != MDTYPE_NONE);
-#endif /* CHAP_SUPPORT */
-
-  } else {
-#if PAP_SUPPORT
-    ao->neg_upap = 0;
-#endif /* PAP_SUPPORT */
-#if CHAP_SUPPORT
-    ao->neg_chap = 0;
-    ao->chap_mdtype = MDTYPE_NONE;
-#endif /* CHAP_SUPPORT */
-#if EAP_SUPPORT
-    ao->neg_eap = 0;
-#endif /* EAP_SUPPORT */
-  }
-
-  PPPDEBUG(LOG_DEBUG, ("ppp: auth protocols:"));
-#if PAP_SUPPORT
-  PPPDEBUG(LOG_DEBUG, (" PAP=%d", ao->neg_upap));
-#endif /* PAP_SUPPORT */
-#if CHAP_SUPPORT
-  PPPDEBUG(LOG_DEBUG, (" CHAP=%d CHAP_MD5=%d", ao->neg_chap, !!(ao->chap_mdtype&MDTYPE_MD5)));
-#if MSCHAP_SUPPORT
-  PPPDEBUG(LOG_DEBUG, (" CHAP_MS=%d CHAP_MS2=%d", !!(ao->chap_mdtype&MDTYPE_MICROSOFT), !!(ao->chap_mdtype&MDTYPE_MICROSOFT_V2)));
-#endif /* MSCHAP_SUPPORT */
-#endif /* CHAP_SUPPORT */
-#if EAP_SUPPORT
-  PPPDEBUG(LOG_DEBUG, (" EAP=%d", ao->neg_eap));
-#endif /* EAP_SUPPORT */
-  PPPDEBUG(LOG_DEBUG, ("\n"));
-
-#if 0 /* OLD CODE */
-    ao->neg_upap = !ppp_settings.refuse_pap && (ppp_settings.passwd[0] != 0 || get_pap_passwd(NULL));
-
-    /*
-    ao->neg_chap = (!ppp_settings.refuse_chap || !refuse_mschap || !refuse_mschap_v2)
+    hadchap = -1;
+    ao->neg_upap = !refuse_pap && (passwd[0] != 0 || get_pap_passwd(NULL));
+    ao->neg_chap = (!refuse_chap || !refuse_mschap || !refuse_mschap_v2)
 	&& (passwd[0] != 0 ||
 	    (hadchap = have_chap_secret(user, (explicit_remote? remote_name:
-					       NULL), 0, NULL))); */
-    /*
+					       NULL), 0, NULL)));
    ao->neg_eap = !refuse_eap && (
 	passwd[0] != 0 ||
-	(hadchap == 1 || (hadchap == -1 && have_chap_secret(ppp_settings.user,
+	(hadchap == 1 || (hadchap == -1 && have_chap_secret(user,
 	    (explicit_remote? remote_name: NULL), 0, NULL))) ||
-	have_srp_secret(ppp_settings.user, (explicit_remote? remote_name: NULL), 0, NULL)); */
-#endif /* OLD CODE */
-
-#if PAP_SUPPORT
-  go->neg_upap = 0;
-#endif /* PAP_SUPPORT */
-#if CHAP_SUPPORT
-  go->neg_chap = 0;
-  go->chap_mdtype = MDTYPE_NONE;
-#endif /* CHAP_SUPPORT */
-#if EAP_SUPPORT
-  go->neg_eap = 0;
-#endif /* EAP_SUPPORT */
-  return;
-#if 0
-    /* FIXME: find what the below stuff do */
-    int hadchap;
-    hadchap = -1;
+	have_srp_secret(user, (explicit_remote? remote_name: NULL), 0, NULL));

    hadchap = -1;
    if (go->neg_upap && !uselogin && !have_pap_secret(NULL))
 	go->neg_upap = 0;
-
    if (go->neg_chap) {
 	if (!(hadchap = have_chap_secret((explicit_remote? remote_name: NULL),
 			      our_name, 1, NULL)))
 	    go->neg_chap = 0;
    }
-
    if (go->neg_eap &&
 	(hadchap == 0 || (hadchap == -1 &&
 	    !have_chap_secret((explicit_remote? remote_name: NULL), our_name,
@ -1577,11 +1507,8 @@ void auth_reset(ppp_pcb *pcb) {
 	!have_srp_secret((explicit_remote? remote_name: NULL), our_name, 1,
 	    NULL))
 	go->neg_eap = 0;
-#endif
 }
-#endif /* PPP_AUTH_SUPPORT */

-#if 0 /* UNUSED */
 /*
 * check_passwd - Check the user name and passwd against the PAP secrets
 * file.  If requested, also check against the system password database,
--- a/src/netif/ppp/lcp.c
+++ b/src/netif/ppp/lcp.c
@ -650,6 +650,63 @@ static void lcp_resetci(fsm *f) {
    lcp_options *go = &pcb->lcp_gotoptions;
    lcp_options *ao = &pcb->lcp_allowoptions;

+#if PPP_AUTH_SUPPORT
+
+    if (pcb->settings.user && pcb->settings.passwd) {
+#if PAP_SUPPORT
+      if (pcb->settings.refuse_pap) {
+        ao->neg_upap = 0;
+      }
+#endif /* PAP_SUPPORT */
+#if CHAP_SUPPORT
+      if (pcb->settings.refuse_chap) {
+        ao->chap_mdtype &= ~MDTYPE_MD5;
+      }
+#if MSCHAP_SUPPORT
+      if (pcb->settings.refuse_mschap) {
+        ao->chap_mdtype &= ~MDTYPE_MICROSOFT;
+      }
+      if (pcb->settings.refuse_mschap_v2) {
+        ao->chap_mdtype &= ~MDTYPE_MICROSOFT_V2;
+      }
+#endif /* MSCHAP_SUPPORT */
+      ao->neg_chap = (ao->chap_mdtype != MDTYPE_NONE);
+#endif /* CHAP_SUPPORT */
+#if EAP_SUPPORT
+      if (pcb->settings.refuse_eap) {
+        ao->neg_eap = 0;
+      }
+#endif /* EAP_SUPPORT */
+    } else {
+#if PAP_SUPPORT
+      ao->neg_upap = 0;
+#endif /* PAP_SUPPORT */
+#if CHAP_SUPPORT
+      ao->neg_chap = 0;
+      ao->chap_mdtype = MDTYPE_NONE;
+#endif /* CHAP_SUPPORT */
+#if EAP_SUPPORT
+      ao->neg_eap = 0;
+#endif /* EAP_SUPPORT */
+    }
+
+    PPPDEBUG(LOG_DEBUG, ("ppp: auth protocols:"));
+#if PAP_SUPPORT
+    PPPDEBUG(LOG_DEBUG, (" PAP=%d", ao->neg_upap));
+#endif /* PAP_SUPPORT */
+#if CHAP_SUPPORT
+    PPPDEBUG(LOG_DEBUG, (" CHAP=%d CHAP_MD5=%d", ao->neg_chap, !!(ao->chap_mdtype&MDTYPE_MD5)));
+#if MSCHAP_SUPPORT
+    PPPDEBUG(LOG_DEBUG, (" CHAP_MS=%d CHAP_MS2=%d", !!(ao->chap_mdtype&MDTYPE_MICROSOFT), !!(ao->chap_mdtype&MDTYPE_MICROSOFT_V2)));
+#endif /* MSCHAP_SUPPORT */
+#endif /* CHAP_SUPPORT */
+#if EAP_SUPPORT
+    PPPDEBUG(LOG_DEBUG, (" EAP=%d", ao->neg_eap));
+#endif /* EAP_SUPPORT */
+    PPPDEBUG(LOG_DEBUG, ("\n"));
+
+#endif /* PPP_AUTH_SUPPORT */
+
    wo->magicnumber = magic();
    wo->numloops = 0;
    *go = *wo;
@ -665,9 +722,9 @@ static void lcp_resetci(fsm *f) {
    if (pcb->settings.noendpoint)
 	ao->neg_endpoint = 0;
    pcb->peer_mru = PPP_MRU;
-#if PPP_AUTH_SUPPORT
+#if 0 /* UNUSED */
    auth_reset(pcb);
-#endif /* PPP_AUTH_SUPPORT */
+#endif /* UNUSED */
 }