xref: /freebsd/usr.sbin/ppp/auth.c (revision 53c9f6c0c48df668bb8fa282cd0b12cb8690bcce) 
1af57ed9fSAtsushi Murai /*
2af57ed9fSAtsushi Murai  *			PPP Secret Key Module
3af57ed9fSAtsushi Murai  *
4af57ed9fSAtsushi Murai  *	    Written by Toshiharu OHNO (tony-o@iij.ad.jp)
5af57ed9fSAtsushi Murai  *
6af57ed9fSAtsushi Murai  *   Copyright (C) 1994, Internet Initiative Japan, Inc. All rights reserverd.
7af57ed9fSAtsushi Murai  *
8af57ed9fSAtsushi Murai  * Redistribution and use in source and binary forms are permitted
9af57ed9fSAtsushi Murai  * provided that the above copyright notice and this paragraph are
10af57ed9fSAtsushi Murai  * duplicated in all such forms and that any documentation,
11af57ed9fSAtsushi Murai  * advertising materials, and other materials related to such
12af57ed9fSAtsushi Murai  * distribution and use acknowledge that the software was developed
13af57ed9fSAtsushi Murai  * by the Internet Initiative Japan, Inc.  The name of the
14af57ed9fSAtsushi Murai  * IIJ may not be used to endorse or promote products derived
15af57ed9fSAtsushi Murai  * from this software without specific prior written permission.
16af57ed9fSAtsushi Murai  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
17af57ed9fSAtsushi Murai  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
18af57ed9fSAtsushi Murai  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
19af57ed9fSAtsushi Murai  *
20af57ed9fSAtsushi Murai  * $Id:$
21af57ed9fSAtsushi Murai  *
22af57ed9fSAtsushi Murai  *	TODO:
23af57ed9fSAtsushi Murai  *		o Imprement check against with registerd IP addresses.
24af57ed9fSAtsushi Murai  */
25af57ed9fSAtsushi Murai #include "fsm.h"
2653c9f6c0SAtsushi Murai #include "lcpproto.h"
27af57ed9fSAtsushi Murai #include "ipcp.h"
2853c9f6c0SAtsushi Murai #include "vars.h"
2953c9f6c0SAtsushi Murai #include "auth.h"
30af57ed9fSAtsushi Murai 
31af57ed9fSAtsushi Murai extern FILE *OpenSecret();
32af57ed9fSAtsushi Murai extern void CloseSecret();
33af57ed9fSAtsushi Murai 
3453c9f6c0SAtsushi Murai LOCAL_AUTH_VALID
3553c9f6c0SAtsushi Murai LocalAuthInit(void){
3653c9f6c0SAtsushi Murai 
3753c9f6c0SAtsushi Murai   char *p;
3853c9f6c0SAtsushi Murai 
3953c9f6c0SAtsushi Murai   if ( gethostname( VarShortHost, sizeof(VarShortHost))) {
4053c9f6c0SAtsushi Murai   	return(1);
4153c9f6c0SAtsushi Murai   }
4253c9f6c0SAtsushi Murai   if ( p = strchr( VarShortHost, '.' ) )
4353c9f6c0SAtsushi Murai 	*p = '\0';
4453c9f6c0SAtsushi Murai 
4553c9f6c0SAtsushi Murai   return LocalAuthValidate( SECRETFILE, VarShortHost, "" );
4653c9f6c0SAtsushi Murai 
4753c9f6c0SAtsushi Murai }
4853c9f6c0SAtsushi Murai 
4953c9f6c0SAtsushi Murai LOCAL_AUTH_VALID
5053c9f6c0SAtsushi Murai LocalAuthValidate( char *fname, char *system, char *key) {
5153c9f6c0SAtsushi Murai   FILE *fp;
5253c9f6c0SAtsushi Murai   int n;
5353c9f6c0SAtsushi Murai   char *vector[20];	/* XXX */
5453c9f6c0SAtsushi Murai   char buff[200];	/* XXX */
5553c9f6c0SAtsushi Murai   LOCAL_AUTH_VALID rc;
5653c9f6c0SAtsushi Murai 
5753c9f6c0SAtsushi Murai   rc = NOT_FOUND;		/* No system entry */
5853c9f6c0SAtsushi Murai   fp = OpenSecret(fname);
5953c9f6c0SAtsushi Murai   if (fp == NULL)
6053c9f6c0SAtsushi Murai     return( rc );
6153c9f6c0SAtsushi Murai   while (fgets(buff, sizeof(buff), fp)) {
6253c9f6c0SAtsushi Murai     if (buff[0] == '#')
6353c9f6c0SAtsushi Murai       continue;
6453c9f6c0SAtsushi Murai     buff[strlen(buff)-1] = 0;
6553c9f6c0SAtsushi Murai     bzero(vector, sizeof(vector));
6653c9f6c0SAtsushi Murai     n = MakeArgs(buff, &vector);
6753c9f6c0SAtsushi Murai     if (n < 1)
6853c9f6c0SAtsushi Murai       continue;
6953c9f6c0SAtsushi Murai     if (strcmp(vector[0], system) == 0) {
7053c9f6c0SAtsushi Murai       if ( vector[1] != (char *) NULL && strcmp(vector[1], key) == 0) {
7153c9f6c0SAtsushi Murai 	rc = VALID;		/* Valid   */
7253c9f6c0SAtsushi Murai       } else {
7353c9f6c0SAtsushi Murai 	rc = INVALID;		/* Invalid */
7453c9f6c0SAtsushi Murai       }
7553c9f6c0SAtsushi Murai       break;
7653c9f6c0SAtsushi Murai     }
7753c9f6c0SAtsushi Murai   }
7853c9f6c0SAtsushi Murai   CloseSecret(fp);
7953c9f6c0SAtsushi Murai   return( rc );
8053c9f6c0SAtsushi Murai }
8153c9f6c0SAtsushi Murai 
82af57ed9fSAtsushi Murai int
83af57ed9fSAtsushi Murai AuthValidate(fname, system, key)
84af57ed9fSAtsushi Murai char *fname, *system, *key;
85af57ed9fSAtsushi Murai {
86af57ed9fSAtsushi Murai   FILE *fp;
87af57ed9fSAtsushi Murai   int n;
88af57ed9fSAtsushi Murai   char *vector[20];
89af57ed9fSAtsushi Murai   char buff[200];
90af57ed9fSAtsushi Murai   char passwd[100];
91af57ed9fSAtsushi Murai 
92af57ed9fSAtsushi Murai   fp = OpenSecret(fname);
93af57ed9fSAtsushi Murai   if (fp == NULL)
94af57ed9fSAtsushi Murai     return(0);
95af57ed9fSAtsushi Murai   while (fgets(buff, sizeof(buff), fp)) {
96af57ed9fSAtsushi Murai     if (buff[0] == '#')
97af57ed9fSAtsushi Murai       continue;
98af57ed9fSAtsushi Murai     buff[strlen(buff)-1] = 0;
99af57ed9fSAtsushi Murai     bzero(vector, sizeof(vector));
100af57ed9fSAtsushi Murai     n = MakeArgs(buff, &vector);
101af57ed9fSAtsushi Murai     if (n < 2)
102af57ed9fSAtsushi Murai       continue;
103af57ed9fSAtsushi Murai     if (strcmp(vector[0], system) == 0) {
104af57ed9fSAtsushi Murai       ExpandString(vector[1], passwd, 0);
105af57ed9fSAtsushi Murai       if (strcmp(passwd, key) == 0) {
106af57ed9fSAtsushi Murai 	CloseSecret(fp);
107af57ed9fSAtsushi Murai         bzero(&DefHisAddress, sizeof(DefHisAddress));
108af57ed9fSAtsushi Murai         n -= 2;
109af57ed9fSAtsushi Murai         if (n > 0) {
110af57ed9fSAtsushi Murai 	  ParseAddr(n--, &vector[2],
111af57ed9fSAtsushi Murai 	    &DefHisAddress.ipaddr, &DefHisAddress.mask, &DefHisAddress.width);
112af57ed9fSAtsushi Murai 	}
113af57ed9fSAtsushi Murai 	IpcpInit();
114af57ed9fSAtsushi Murai 	return(1);	/* Valid */
115af57ed9fSAtsushi Murai       }
116af57ed9fSAtsushi Murai     }
117af57ed9fSAtsushi Murai   }
118af57ed9fSAtsushi Murai   CloseSecret(fp);
119af57ed9fSAtsushi Murai   return(0);		/* Invalid */
120af57ed9fSAtsushi Murai }
121af57ed9fSAtsushi Murai 
122af57ed9fSAtsushi Murai char *
123af57ed9fSAtsushi Murai AuthGetSecret(fname, system, len, setaddr)
124af57ed9fSAtsushi Murai char *fname, *system;
125af57ed9fSAtsushi Murai int len, setaddr;
126af57ed9fSAtsushi Murai {
127af57ed9fSAtsushi Murai   FILE *fp;
128af57ed9fSAtsushi Murai   int n;
129af57ed9fSAtsushi Murai   char *vector[20];
130af57ed9fSAtsushi Murai   char buff[200];
131af57ed9fSAtsushi Murai   static char passwd[100];
132af57ed9fSAtsushi Murai 
133af57ed9fSAtsushi Murai   fp = OpenSecret(fname);
134af57ed9fSAtsushi Murai   if (fp == NULL)
135af57ed9fSAtsushi Murai     return(NULL);
136af57ed9fSAtsushi Murai   while (fgets(buff, sizeof(buff), fp)) {
137af57ed9fSAtsushi Murai     if (buff[0] == '#')
138af57ed9fSAtsushi Murai       continue;
139af57ed9fSAtsushi Murai     buff[strlen(buff)-1] = 0;
140af57ed9fSAtsushi Murai     bzero(vector, sizeof(vector));
141af57ed9fSAtsushi Murai     n = MakeArgs(buff, &vector);
142af57ed9fSAtsushi Murai     if (n < 2)
143af57ed9fSAtsushi Murai       continue;
144af57ed9fSAtsushi Murai     if (strlen(vector[0]) == len && strncmp(vector[0], system, len) == 0) {
145af57ed9fSAtsushi Murai       ExpandString(vector[1], passwd, 0);
146af57ed9fSAtsushi Murai       if (setaddr) {
147af57ed9fSAtsushi Murai         bzero(&DefHisAddress, sizeof(DefHisAddress));
148af57ed9fSAtsushi Murai       }
149af57ed9fSAtsushi Murai       n -= 2;
150af57ed9fSAtsushi Murai       if (n > 0 && setaddr) {
151af57ed9fSAtsushi Murai #ifdef DEBUG
152af57ed9fSAtsushi Murai 	LogPrintf(LOG_LCP, "*** n = %d, %s\n", n, vector[2]);
153af57ed9fSAtsushi Murai #endif
154af57ed9fSAtsushi Murai 	ParseAddr(n--, &vector[2],
155af57ed9fSAtsushi Murai 	  &DefHisAddress.ipaddr, &DefHisAddress.mask, &DefHisAddress.width);
156af57ed9fSAtsushi Murai 	IpcpInit();
157af57ed9fSAtsushi Murai       }
158af57ed9fSAtsushi Murai       return(passwd);
159af57ed9fSAtsushi Murai     }
160af57ed9fSAtsushi Murai   }
161af57ed9fSAtsushi Murai   CloseSecret(fp);
162af57ed9fSAtsushi Murai   return(NULL);		/* Invalid */
163af57ed9fSAtsushi Murai }
16453c9f6c0SAtsushi Murai 
16553c9f6c0SAtsushi Murai static void
16653c9f6c0SAtsushi Murai AuthTimeout(authp)
16753c9f6c0SAtsushi Murai struct authinfo *authp;
16853c9f6c0SAtsushi Murai {
16953c9f6c0SAtsushi Murai   struct pppTimer *tp;
17053c9f6c0SAtsushi Murai 
17153c9f6c0SAtsushi Murai   tp = &authp->authtimer;
17253c9f6c0SAtsushi Murai   StopTimer(tp);
17353c9f6c0SAtsushi Murai   if (--authp->retry > 0) {
17453c9f6c0SAtsushi Murai     StartTimer(tp);
17553c9f6c0SAtsushi Murai     (authp->ChallengeFunc)(++authp->id);
17653c9f6c0SAtsushi Murai   }
17753c9f6c0SAtsushi Murai }
17853c9f6c0SAtsushi Murai 
17953c9f6c0SAtsushi Murai void
18053c9f6c0SAtsushi Murai StartAuthChallenge(authp)
18153c9f6c0SAtsushi Murai struct authinfo *authp;
18253c9f6c0SAtsushi Murai {
18353c9f6c0SAtsushi Murai   struct pppTimer *tp;
18453c9f6c0SAtsushi Murai 
18553c9f6c0SAtsushi Murai   tp = &authp->authtimer;
18653c9f6c0SAtsushi Murai   StopTimer(tp);
18753c9f6c0SAtsushi Murai   tp->func = AuthTimeout;
18853c9f6c0SAtsushi Murai   tp->load = VarRetryTimeout * SECTICKS;
18953c9f6c0SAtsushi Murai   tp->state = TIMER_STOPPED;
19053c9f6c0SAtsushi Murai   tp->arg = (void *)authp;
19153c9f6c0SAtsushi Murai   StartTimer(tp);
19253c9f6c0SAtsushi Murai   authp->retry = 3;
19353c9f6c0SAtsushi Murai   authp->id = 1;
19453c9f6c0SAtsushi Murai   (authp->ChallengeFunc)(authp->id);
19553c9f6c0SAtsushi Murai }
19653c9f6c0SAtsushi Murai 
19753c9f6c0SAtsushi Murai void
19853c9f6c0SAtsushi Murai StopAuthTimer(authp)
19953c9f6c0SAtsushi Murai struct authinfo *authp;
20053c9f6c0SAtsushi Murai {
20153c9f6c0SAtsushi Murai   StopTimer(&authp->authtimer);
20253c9f6c0SAtsushi Murai }
203