mirror/lwip
1
0
Fork 0
mirror of https://github.com/lwip-tcpip/lwip.git synced 2025-03-28 19:21:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

PPP, CORE, moved auth configuration from auth_reset() to lcp_resetci()

Browse Source 
Prepare for PPP_SERVER support, we need to move auth configuration before
lcp_allowoptions is copied into lcp_gotoptions. Restore unused
auth_reset() function using pppd original source code.
This commit is contained in:
Sylvain Rochet 2015-02-28 12:59:29 +01:00
parent 587e0e3e0c
commit 8d05279599
3 changed files with 73 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/include/netif/ppp/ppp_impl.h
View File

@ -564,7 +564,6 @@ void np_up(ppp_pcb *pcb, int proto); /* a network protocol has come up */
void np_down(ppp_pcb *pcb, int proto); /* a network protocol has gone down */ void np_down(ppp_pcb *pcb, int proto); /* a network protocol has gone down */
void np_finished(ppp_pcb *pcb, int proto); /* a network protocol no longer needs link */ void np_finished(ppp_pcb *pcb, int proto); /* a network protocol no longer needs link */
#if PPP_AUTH_SUPPORT #if PPP_AUTH_SUPPORT
void auth_reset(ppp_pcb *pcb); /* check what secrets we have */
int get_secret(ppp_pcb *pcb, const char *client, const char *server, char *secret, int *secret_len, int am_server); int get_secret(ppp_pcb *pcb, const char *client, const char *server, char *secret, int *secret_len, int am_server);
/* get "secret" for chap */ /* get "secret" for chap */
#endif /* PPP_AUTH_SUPPORT */ #endif /* PPP_AUTH_SUPPORT */

101
src/netif/ppp/auth.c
View File

@ -1466,110 +1466,40 @@ auth_check_options()
} }
#endif /* PPP_OPTIONS */ #endif /* PPP_OPTIONS */
#if PPP_AUTH_SUPPORT #if 0 /* UNUSED */
/* /*
* auth_reset - called when LCP is starting negotiations to recheck * auth_reset - called when LCP is starting negotiations to recheck
* authentication options, i.e. whether we have appropriate secrets * authentication options, i.e. whether we have appropriate secrets
* to use for authenticating ourselves and/or the peer. * to use for authenticating ourselves and/or the peer.
*/ */
void auth_reset(ppp_pcb *pcb) { void
lcp_options *go = &pcb->lcp_gotoptions; auth_reset(unit)
lcp_options *ao = &pcb->lcp_allowoptions; int unit;
{
lcp_options *go = &lcp_gotoptions[unit];
lcp_options *ao = &lcp_allowoptions[unit];
int hadchap;
if(pcb->settings.passwd) { hadchap = -1;
ao->neg_upap = !refuse_pap && (passwd[0] != 0 || get_pap_passwd(NULL));
#if PAP_SUPPORT ao->neg_chap = (!refuse_chap || !refuse_mschap || !refuse_mschap_v2)
ao->neg_upap = !pcb->settings.refuse_pap;
#endif /* PAP_SUPPORT */
#if EAP_SUPPORT
ao->neg_eap = !pcb->settings.refuse_eap;
#endif /* EAP_SUPPORT */
#if CHAP_SUPPORT
ao->chap_mdtype = MDTYPE_NONE;
if(!pcb->settings.refuse_chap)
ao->chap_mdtype |= MDTYPE_MD5;
#if MSCHAP_SUPPORT
if(!pcb->settings.refuse_mschap)
ao->chap_mdtype |= MDTYPE_MICROSOFT;
if(!pcb->settings.refuse_mschap_v2)
ao->chap_mdtype |= MDTYPE_MICROSOFT_V2;
#endif /* MSCHAP_SUPPORT */
ao->neg_chap = (ao->chap_mdtype != MDTYPE_NONE);
#endif /* CHAP_SUPPORT */
} else {
#if PAP_SUPPORT
ao->neg_upap = 0;
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT
ao->neg_chap = 0;
ao->chap_mdtype = MDTYPE_NONE;
#endif /* CHAP_SUPPORT */
#if EAP_SUPPORT
ao->neg_eap = 0;
#endif /* EAP_SUPPORT */
}
PPPDEBUG(LOG_DEBUG, ("ppp: auth protocols:"));
#if PAP_SUPPORT
PPPDEBUG(LOG_DEBUG, (" PAP=%d", ao->neg_upap));
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT
PPPDEBUG(LOG_DEBUG, (" CHAP=%d CHAP_MD5=%d", ao->neg_chap, !!(ao->chap_mdtype&MDTYPE_MD5)));
#if MSCHAP_SUPPORT
PPPDEBUG(LOG_DEBUG, (" CHAP_MS=%d CHAP_MS2=%d", !!(ao->chap_mdtype&MDTYPE_MICROSOFT), !!(ao->chap_mdtype&MDTYPE_MICROSOFT_V2)));
#endif /* MSCHAP_SUPPORT */
#endif /* CHAP_SUPPORT */
#if EAP_SUPPORT
PPPDEBUG(LOG_DEBUG, (" EAP=%d", ao->neg_eap));
#endif /* EAP_SUPPORT */
PPPDEBUG(LOG_DEBUG, ("\n"));
#if 0 /* OLD CODE */
ao->neg_upap = !ppp_settings.refuse_pap && (ppp_settings.passwd[0] != 0 || get_pap_passwd(NULL));
/*
ao->neg_chap = (!ppp_settings.refuse_chap || !refuse_mschap || !refuse_mschap_v2)
&& (passwd[0] != 0 || && (passwd[0] != 0 ||
(hadchap = have_chap_secret(user, (explicit_remote? remote_name: (hadchap = have_chap_secret(user, (explicit_remote? remote_name:
NULL), 0, NULL))); */ NULL), 0, NULL)));
/*
ao->neg_eap = !refuse_eap && ( ao->neg_eap = !refuse_eap && (
passwd[0] != 0 || passwd[0] != 0 ||
(hadchap == 1 || (hadchap == -1 && have_chap_secret(ppp_settings.user, (hadchap == 1 || (hadchap == -1 && have_chap_secret(user,
(explicit_remote? remote_name: NULL), 0, NULL))) || (explicit_remote? remote_name: NULL), 0, NULL))) ||
have_srp_secret(ppp_settings.user, (explicit_remote? remote_name: NULL), 0, NULL)); */ have_srp_secret(user, (explicit_remote? remote_name: NULL), 0, NULL));
#endif /* OLD CODE */
#if PAP_SUPPORT
go->neg_upap = 0;
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT
go->neg_chap = 0;
go->chap_mdtype = MDTYPE_NONE;
#endif /* CHAP_SUPPORT */
#if EAP_SUPPORT
go->neg_eap = 0;
#endif /* EAP_SUPPORT */
return;
#if 0
/* FIXME: find what the below stuff do */
int hadchap;
hadchap = -1;
hadchap = -1; hadchap = -1;
if (go->neg_upap && !uselogin && !have_pap_secret(NULL)) if (go->neg_upap && !uselogin && !have_pap_secret(NULL))
go->neg_upap = 0; go->neg_upap = 0;
if (go->neg_chap) { if (go->neg_chap) {
if (!(hadchap = have_chap_secret((explicit_remote? remote_name: NULL), if (!(hadchap = have_chap_secret((explicit_remote? remote_name: NULL),
our_name, 1, NULL))) our_name, 1, NULL)))
go->neg_chap = 0; go->neg_chap = 0;
} }
if (go->neg_eap && if (go->neg_eap &&
(hadchap == 0 || (hadchap == -1 && (hadchap == 0 || (hadchap == -1 &&
!have_chap_secret((explicit_remote? remote_name: NULL), our_name, !have_chap_secret((explicit_remote? remote_name: NULL), our_name,
@ -1577,11 +1507,8 @@ void auth_reset(ppp_pcb *pcb) {
!have_srp_secret((explicit_remote? remote_name: NULL), our_name, 1, !have_srp_secret((explicit_remote? remote_name: NULL), our_name, 1,
NULL)) NULL))
go->neg_eap = 0; go->neg_eap = 0;
#endif
} }
#endif /* PPP_AUTH_SUPPORT */
#if 0 /* UNUSED */
/* /*
* check_passwd - Check the user name and passwd against the PAP secrets * check_passwd - Check the user name and passwd against the PAP secrets
* file. If requested, also check against the system password database, * file. If requested, also check against the system password database,

61
src/netif/ppp/lcp.c
View File

@ -650,6 +650,63 @@ static void lcp_resetci(fsm *f) {
lcp_options *go = &pcb->lcp_gotoptions; lcp_options *go = &pcb->lcp_gotoptions;
lcp_options *ao = &pcb->lcp_allowoptions; lcp_options *ao = &pcb->lcp_allowoptions;
#if PPP_AUTH_SUPPORT
if (pcb->settings.user && pcb->settings.passwd) {
#if PAP_SUPPORT
if (pcb->settings.refuse_pap) {
ao->neg_upap = 0;
}
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT
if (pcb->settings.refuse_chap) {
ao->chap_mdtype &= ~MDTYPE_MD5;
}
#if MSCHAP_SUPPORT
if (pcb->settings.refuse_mschap) {
ao->chap_mdtype &= ~MDTYPE_MICROSOFT;
}
if (pcb->settings.refuse_mschap_v2) {
ao->chap_mdtype &= ~MDTYPE_MICROSOFT_V2;
}
#endif /* MSCHAP_SUPPORT */
ao->neg_chap = (ao->chap_mdtype != MDTYPE_NONE);
#endif /* CHAP_SUPPORT */
#if EAP_SUPPORT
if (pcb->settings.refuse_eap) {
ao->neg_eap = 0;
}
#endif /* EAP_SUPPORT */
} else {
#if PAP_SUPPORT
ao->neg_upap = 0;
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT
ao->neg_chap = 0;
ao->chap_mdtype = MDTYPE_NONE;
#endif /* CHAP_SUPPORT */
#if EAP_SUPPORT
ao->neg_eap = 0;
#endif /* EAP_SUPPORT */
}
PPPDEBUG(LOG_DEBUG, ("ppp: auth protocols:"));
#if PAP_SUPPORT
PPPDEBUG(LOG_DEBUG, (" PAP=%d", ao->neg_upap));
#endif /* PAP_SUPPORT */
#if CHAP_SUPPORT
PPPDEBUG(LOG_DEBUG, (" CHAP=%d CHAP_MD5=%d", ao->neg_chap, !!(ao->chap_mdtype&MDTYPE_MD5)));
#if MSCHAP_SUPPORT
PPPDEBUG(LOG_DEBUG, (" CHAP_MS=%d CHAP_MS2=%d", !!(ao->chap_mdtype&MDTYPE_MICROSOFT), !!(ao->chap_mdtype&MDTYPE_MICROSOFT_V2)));
#endif /* MSCHAP_SUPPORT */
#endif /* CHAP_SUPPORT */
#if EAP_SUPPORT
PPPDEBUG(LOG_DEBUG, (" EAP=%d", ao->neg_eap));
#endif /* EAP_SUPPORT */
PPPDEBUG(LOG_DEBUG, ("\n"));
#endif /* PPP_AUTH_SUPPORT */
wo->magicnumber = magic(); wo->magicnumber = magic();
wo->numloops = 0; wo->numloops = 0;
*go = *wo; *go = *wo;
@ -665,9 +722,9 @@ static void lcp_resetci(fsm *f) {
if (pcb->settings.noendpoint) if (pcb->settings.noendpoint)
ao->neg_endpoint = 0; ao->neg_endpoint = 0;
pcb->peer_mru = PPP_MRU; pcb->peer_mru = PPP_MRU;
#if PPP_AUTH_SUPPORT #if 0 /* UNUSED */
auth_reset(pcb); auth_reset(pcb);
#endif /* PPP_AUTH_SUPPORT */ #endif /* UNUSED */
} }