modified auth_reset() so that we can choose which auth we want

also fixed MS-CHAP and MS-CHAP-V2, MD4 polarssl uses bytes as input
length, not bits

src/netif/ppp/auth.c

@@ -1292,21 +1292,42 @@ void
 auth_reset(unit)
     int unit;
 {
-    lcp_options *go = &lcp_gotoptions[unit];
-    lcp_options *ao = &lcp_allowoptions[unit];
-    int hadchap;
-    hadchap = -1;
+  lcp_options *go = &lcp_gotoptions[unit];
+  lcp_options *ao = &lcp_allowoptions[unit];
+
+  if( ppp_settings.passwd[0] ) {
+
+    ao->neg_upap = !ppp_settings.refuse_pap;
+
+    ao->neg_eap = !ppp_settings.refuse_eap;
+
+    ao->chap_mdtype = MDTYPE_NONE;
+    if(!ppp_settings.refuse_chap)
+      ao->chap_mdtype |= MDTYPE_MD5;
+    if(!ppp_settings.refuse_mschap)
+      ao->chap_mdtype |= MDTYPE_MICROSOFT;
+    if(!ppp_settings.refuse_mschap_v2)
+      ao->chap_mdtype |= MDTYPE_MICROSOFT_V2;
+
+    ao->neg_chap = (ao->chap_mdtype != MDTYPE_NONE);
+
+  } else {
+    ao->neg_upap = 0;
+    ao->neg_chap = 0;
+    ao->neg_eap = 0;
+    ao->chap_mdtype = MDTYPE_NONE;
+  }
+
+
+  printf("neg_upap: %d\n", ao->neg_upap);
+  printf("neg_chap: %d\n", ao->neg_chap);
+  printf("neg_chap_md5: %d\n", !!(ao->chap_mdtype&MDTYPE_MD5) );
+  printf("neg_chap_ms: %d\n", !!(ao->chap_mdtype&MDTYPE_MICROSOFT) );
+  printf("neg_chap_ms2: %d\n", !!(ao->chap_mdtype&MDTYPE_MICROSOFT_V2) );
+  printf("neg_eap: %d\n", ao->neg_eap);
 
     //ao->neg_upap = !ppp_settings.refuse_pap && (ppp_settings.passwd[0] != 0 || get_pap_passwd(NULL));
 
-    ao->neg_upap = !ppp_settings.refuse_pap && ppp_settings.passwd[0] != 0;
-
-    ao->neg_chap = (!ppp_settings.refuse_chap || !ppp_settings.refuse_mschap || !ppp_settings.refuse_mschap_v2) && ppp_settings.passwd[0];
-
-    ao->neg_eap = !ppp_settings.refuse_eap && ppp_settings.passwd[0] != 0;
-
-    return;
-
     /*
     ao->neg_chap = (!ppp_settings.refuse_chap || !refuse_mschap || !refuse_mschap_v2)
 	&& (passwd[0] != 0 ||
@@ -1319,15 +1340,26 @@ auth_reset(unit)
 	    (explicit_remote? remote_name: NULL), 0, NULL))) ||
 	have_srp_secret(ppp_settings.user, (explicit_remote? remote_name: NULL), 0, NULL)); */
 
+  go->neg_upap = 0;
+  go->neg_chap = 0;
+  go->neg_eap = 0;
+  go->chap_mdtype = MDTYPE_NONE;
+  return;
+
     /* FIXME: find what the below stuff do */
+    int hadchap;
+    hadchap = -1;
+
     hadchap = -1;
     if (go->neg_upap && !uselogin && !have_pap_secret(NULL))
 	go->neg_upap = 0;
+
     if (go->neg_chap) {
 	if (!(hadchap = have_chap_secret((explicit_remote? remote_name: NULL),
 			      our_name, 1, NULL)))
 	    go->neg_chap = 0;
     }
+
     if (go->neg_eap &&
 	(hadchap == 0 || (hadchap == -1 &&
 	    !have_chap_secret((explicit_remote? remote_name: NULL), our_name,
@@ -1728,6 +1760,8 @@ get_secret(unit, client, server, secret, secret_len, am_server)
   *secret_len = len;
 
   return 1;
+
+/* FIXME: clean that */
 #if 0
 	    //	strlcpy(rname, ppp_settings.user, sizeof(rname));
 

src/netif/ppp/chap-new.c

@@ -456,14 +456,8 @@ chap_respond(struct chap_client_state *cs, int id,
 	slprintf(rname, sizeof(rname), "%.*v", nlen, pkt + clen + 1);
 
 	/* Microsoft doesn't send their name back in the PPP packet */
-	if (ppp_settings.remote_name[0] != 0 && (ppp_settings.explicit_remote || rname[0] == 0)) {
-		strncpy(rname, ppp_settings.remote_name, sizeof(rname));
-		rname[sizeof(rname) - 1] = 0;
-	}
-
-//	/* Microsoft doesn't send their name back in the PPP packet */
-//	if (explicit_remote || (remote_name[0] != 0 && rname[0] == 0))
-//		strlcpy(rname, remote_name, sizeof(rname));
+	if (explicit_remote || (remote_name[0] != 0 && rname[0] == 0))
+		strlcpy(rname, remote_name, sizeof(rname));
 
 	/* get secret for authenticating ourselves with the specified host */
 	if (!get_secret(0, cs->name, rname, secret, &secret_len, 0)) {

src/netif/ppp/chap_ms.c

@@ -512,24 +512,11 @@ ascii2unicode(char ascii[], int ascii_len, u_char unicode[])
 static void
 NTPasswordHash(u_char *secret, int secret_len, u_char hash[MD4_SIGNATURE_SIZE])
 {
-#ifdef __NetBSD__
-    /* NetBSD uses the libc md4 routines which take bytes instead of bits */
-    int			mdlen = secret_len;
-#else
-    int			mdlen = secret_len * 8;
-#endif
     md4_context		md4Context;
 
     md4_starts(&md4Context);
-    /* MD4Update can take at most 64 bytes at a time */
-    while (mdlen > 512) {
-	md4_update(&md4Context, secret, 512);
-	secret += 64;
-	mdlen -= 512;
-    }
-    md4_update(&md4Context, secret, mdlen);
+    md4_update(&md4Context, secret, secret_len);
     md4_finish(&md4Context, hash);
-
 }
 
 static void

src/netif/ppp/pppmy.c

@@ -435,6 +435,14 @@ int ppp_init(void) {
 void
 pppSetAuth(enum pppAuthType authType, const char *user, const char *passwd)
 {
+  ppp_settings.refuse_pap = 1;
+  ppp_settings.refuse_chap = 1;
+  ppp_settings.refuse_mschap = 1;
+  ppp_settings.refuse_mschap_v2 = 0;
+  ppp_settings.refuse_eap = 1;
+
+/* FIXME: re-enable that */
+#if 0
   switch(authType) {
     case PPPAUTHTYPE_NONE:
     default:
@@ -481,6 +489,7 @@ pppSetAuth(enum pppAuthType authType, const char *user, const char *passwd)
       ppp_settings.refuse_chap = 0;
       break;
   }
+#endif
 
   if(user) {
     strncpy(ppp_settings.user, user, sizeof(ppp_settings.user)-1);

src/netif/ppp/pppmy.h

@@ -58,7 +58,8 @@ struct ppp_settings {
   char user       [MAXNAMELEN   + 1]; /* Username for PAP */
   char passwd     [MAXSECRETLEN + 1]; /* Password for PAP, secret for CHAP */
   char our_name   [MAXNAMELEN   + 1]; /* Our name for authentication purposes */
-  char remote_name[MAXNAMELEN   + 1]; /* Peer's name for authentication */
+  // FIXME: re-enable that
+  //  char remote_name[MAXNAMELEN   + 1]; /* Peer's name for authentication */
 };
 
 struct ppp_settings ppp_settings;