1af57ed9fSAtsushi Murai /* 2af57ed9fSAtsushi Murai * PPP Secret Key Module 3af57ed9fSAtsushi Murai * 4af57ed9fSAtsushi Murai * Written by Toshiharu OHNO (tony-o@iij.ad.jp) 5af57ed9fSAtsushi Murai * 6af57ed9fSAtsushi Murai * Copyright (C) 1994, Internet Initiative Japan, Inc. All rights reserverd. 7af57ed9fSAtsushi Murai * 8af57ed9fSAtsushi Murai * Redistribution and use in source and binary forms are permitted 9af57ed9fSAtsushi Murai * provided that the above copyright notice and this paragraph are 10af57ed9fSAtsushi Murai * duplicated in all such forms and that any documentation, 11af57ed9fSAtsushi Murai * advertising materials, and other materials related to such 12af57ed9fSAtsushi Murai * distribution and use acknowledge that the software was developed 13af57ed9fSAtsushi Murai * by the Internet Initiative Japan, Inc. The name of the 14af57ed9fSAtsushi Murai * IIJ may not be used to endorse or promote products derived 15af57ed9fSAtsushi Murai * from this software without specific prior written permission. 16af57ed9fSAtsushi Murai * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 17af57ed9fSAtsushi Murai * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 18af57ed9fSAtsushi Murai * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 19af57ed9fSAtsushi Murai * 209c97abd8SBrian Somers * $Id: auth.c,v 1.25 1997/12/24 09:28:50 brian Exp $ 21af57ed9fSAtsushi Murai * 22af57ed9fSAtsushi Murai * TODO: 23c3899f8dSAtsushi Murai * o Implement check against with registered IP addresses. 24af57ed9fSAtsushi Murai */ 2575240ed1SBrian Somers #include <sys/param.h> 2675240ed1SBrian Somers #include <netinet/in.h> 2775240ed1SBrian Somers 2875240ed1SBrian Somers #include <stdio.h> 2975240ed1SBrian Somers #include <string.h> 3075240ed1SBrian Somers #include <unistd.h> 3175240ed1SBrian Somers 32b6e82f33SBrian Somers #include "command.h" 3375240ed1SBrian Somers #include "mbuf.h" 3475240ed1SBrian Somers #include "log.h" 3575240ed1SBrian Somers #include "defs.h" 3675240ed1SBrian Somers #include "timer.h" 37af57ed9fSAtsushi Murai #include "fsm.h" 3853c9f6c0SAtsushi Murai #include "lcpproto.h" 39af57ed9fSAtsushi Murai #include "ipcp.h" 406ed9fb2fSBrian Somers #include "loadalias.h" 4153c9f6c0SAtsushi Murai #include "vars.h" 42ed6a16c1SPoul-Henning Kamp #include "filter.h" 4353c9f6c0SAtsushi Murai #include "auth.h" 44ed6a16c1SPoul-Henning Kamp #include "chat.h" 4575240ed1SBrian Somers #include "systems.h" 469c97abd8SBrian Somers #include "iplist.h" 479c97abd8SBrian Somers #include "route.h" 48af57ed9fSAtsushi Murai 49683cef3cSBrian Somers void 50944f7098SBrian Somers LocalAuthInit() 51ed6a16c1SPoul-Henning Kamp { 5212ef29a8SBrian Somers if (!(mode&MODE_DAEMON)) 5312ef29a8SBrian Somers /* We're allowed in interactive mode */ 54d40f8a5aSBrian Somers VarLocalAuth = LOCAL_AUTH; 558ea8442cSBrian Somers else if (VarHaveLocalAuthKey) 568ea8442cSBrian Somers VarLocalAuth = *VarLocalAuthKey == '\0' ? LOCAL_AUTH : LOCAL_NO_AUTH; 57d40f8a5aSBrian Somers else 58d025849cSBrian Somers switch (LocalAuthValidate(SECRETFILE, VarShortHost, "")) { 59d025849cSBrian Somers case NOT_FOUND: 60d025849cSBrian Somers VarLocalAuth = LOCAL_DENY; 61d025849cSBrian Somers break; 62d025849cSBrian Somers case VALID: 63d025849cSBrian Somers VarLocalAuth = LOCAL_AUTH; 64d025849cSBrian Somers break; 65d025849cSBrian Somers case INVALID: 66d025849cSBrian Somers VarLocalAuth = LOCAL_NO_AUTH; 67d025849cSBrian Somers break; 68d025849cSBrian Somers } 6953c9f6c0SAtsushi Murai } 7053c9f6c0SAtsushi Murai 7153c9f6c0SAtsushi Murai LOCAL_AUTH_VALID 72b6e82f33SBrian Somers LocalAuthValidate(const char *fname, const char *system, const char *key) 73944f7098SBrian Somers { 7453c9f6c0SAtsushi Murai FILE *fp; 7553c9f6c0SAtsushi Murai int n; 76683cef3cSBrian Somers char *vector[3]; 7786e02934SBrian Somers char buff[LINE_LEN]; 7853c9f6c0SAtsushi Murai LOCAL_AUTH_VALID rc; 7953c9f6c0SAtsushi Murai 8053c9f6c0SAtsushi Murai rc = NOT_FOUND; /* No system entry */ 8153c9f6c0SAtsushi Murai fp = OpenSecret(fname); 8253c9f6c0SAtsushi Murai if (fp == NULL) 8353c9f6c0SAtsushi Murai return (rc); 8470ee81ffSBrian Somers while (fgets(buff, sizeof buff, fp)) { 8553c9f6c0SAtsushi Murai if (buff[0] == '#') 8653c9f6c0SAtsushi Murai continue; 8753c9f6c0SAtsushi Murai buff[strlen(buff) - 1] = 0; 8870ee81ffSBrian Somers memset(vector, '\0', sizeof vector); 89e68d210eSBrian Somers n = MakeArgs(buff, vector, VECSIZE(vector)); 9053c9f6c0SAtsushi Murai if (n < 1) 9153c9f6c0SAtsushi Murai continue; 9253c9f6c0SAtsushi Murai if (strcmp(vector[0], system) == 0) { 93683cef3cSBrian Somers if ((vector[1] == (char *) NULL && (key == NULL || *key == '\0')) || 94683cef3cSBrian Somers (vector[1] != (char *) NULL && strcmp(vector[1], key) == 0)) { 9553c9f6c0SAtsushi Murai rc = VALID; /* Valid */ 9653c9f6c0SAtsushi Murai } else { 9753c9f6c0SAtsushi Murai rc = INVALID; /* Invalid */ 9853c9f6c0SAtsushi Murai } 9953c9f6c0SAtsushi Murai break; 10053c9f6c0SAtsushi Murai } 10153c9f6c0SAtsushi Murai } 10253c9f6c0SAtsushi Murai CloseSecret(fp); 10353c9f6c0SAtsushi Murai return (rc); 10453c9f6c0SAtsushi Murai } 10553c9f6c0SAtsushi Murai 106af57ed9fSAtsushi Murai int 107b6e82f33SBrian Somers AuthValidate(const char *fname, const char *system, const char *key) 108af57ed9fSAtsushi Murai { 109af57ed9fSAtsushi Murai FILE *fp; 110af57ed9fSAtsushi Murai int n; 1119c97abd8SBrian Somers char *vector[5]; 11286e02934SBrian Somers char buff[LINE_LEN]; 113af57ed9fSAtsushi Murai char passwd[100]; 114af57ed9fSAtsushi Murai 115af57ed9fSAtsushi Murai fp = OpenSecret(fname); 116af57ed9fSAtsushi Murai if (fp == NULL) 117af57ed9fSAtsushi Murai return (0); 11870ee81ffSBrian Somers while (fgets(buff, sizeof buff, fp)) { 119af57ed9fSAtsushi Murai if (buff[0] == '#') 120af57ed9fSAtsushi Murai continue; 121af57ed9fSAtsushi Murai buff[strlen(buff) - 1] = 0; 12270ee81ffSBrian Somers memset(vector, '\0', sizeof vector); 123e68d210eSBrian Somers n = MakeArgs(buff, vector, VECSIZE(vector)); 124af57ed9fSAtsushi Murai if (n < 2) 125af57ed9fSAtsushi Murai continue; 126af57ed9fSAtsushi Murai if (strcmp(vector[0], system) == 0) { 12770ee81ffSBrian Somers ExpandString(vector[1], passwd, sizeof passwd, 0); 128af57ed9fSAtsushi Murai if (strcmp(passwd, key) == 0) { 129af57ed9fSAtsushi Murai CloseSecret(fp); 1309c97abd8SBrian Somers if (n > 2 && !UseHisaddr(vector[2], 1)) 1319c97abd8SBrian Somers return (0); 132af57ed9fSAtsushi Murai IpcpInit(); 1339c97abd8SBrian Somers if (n > 3) 1349c97abd8SBrian Somers SetLabel(vector[3]); 135af57ed9fSAtsushi Murai return (1); /* Valid */ 136af57ed9fSAtsushi Murai } 137af57ed9fSAtsushi Murai } 138af57ed9fSAtsushi Murai } 139af57ed9fSAtsushi Murai CloseSecret(fp); 140af57ed9fSAtsushi Murai return (0); /* Invalid */ 141af57ed9fSAtsushi Murai } 142af57ed9fSAtsushi Murai 143af57ed9fSAtsushi Murai char * 144b6e82f33SBrian Somers AuthGetSecret(const char *fname, const char *system, int len, int setaddr) 145af57ed9fSAtsushi Murai { 146af57ed9fSAtsushi Murai FILE *fp; 147af57ed9fSAtsushi Murai int n; 1489c97abd8SBrian Somers char *vector[5]; 14986e02934SBrian Somers char buff[LINE_LEN]; 150af57ed9fSAtsushi Murai static char passwd[100]; 151af57ed9fSAtsushi Murai 152af57ed9fSAtsushi Murai fp = OpenSecret(fname); 153af57ed9fSAtsushi Murai if (fp == NULL) 154af57ed9fSAtsushi Murai return (NULL); 15570ee81ffSBrian Somers while (fgets(buff, sizeof buff, fp)) { 156af57ed9fSAtsushi Murai if (buff[0] == '#') 157af57ed9fSAtsushi Murai continue; 158af57ed9fSAtsushi Murai buff[strlen(buff) - 1] = 0; 15970ee81ffSBrian Somers memset(vector, '\0', sizeof vector); 160e68d210eSBrian Somers n = MakeArgs(buff, vector, VECSIZE(vector)); 161af57ed9fSAtsushi Murai if (n < 2) 162af57ed9fSAtsushi Murai continue; 163af57ed9fSAtsushi Murai if (strlen(vector[0]) == len && strncmp(vector[0], system, len) == 0) { 16470ee81ffSBrian Somers ExpandString(vector[1], passwd, sizeof passwd, 0); 165af57ed9fSAtsushi Murai if (setaddr) { 16670ee81ffSBrian Somers memset(&DefHisAddress, '\0', sizeof DefHisAddress); 167af57ed9fSAtsushi Murai } 1689c97abd8SBrian Somers if (n > 2 && setaddr) 1699c97abd8SBrian Somers if (UseHisaddr(vector[2], 1)) 170af57ed9fSAtsushi Murai IpcpInit(); 1719c97abd8SBrian Somers else 1729c97abd8SBrian Somers return NULL; 1739c97abd8SBrian Somers if (n > 3) 1749c97abd8SBrian Somers SetLabel(vector[3]); 175af57ed9fSAtsushi Murai return (passwd); 176af57ed9fSAtsushi Murai } 177af57ed9fSAtsushi Murai } 178af57ed9fSAtsushi Murai CloseSecret(fp); 179af57ed9fSAtsushi Murai return (NULL); /* Invalid */ 180af57ed9fSAtsushi Murai } 18153c9f6c0SAtsushi Murai 18253c9f6c0SAtsushi Murai static void 183b6e82f33SBrian Somers AuthTimeout(void *vauthp) 18453c9f6c0SAtsushi Murai { 18553c9f6c0SAtsushi Murai struct pppTimer *tp; 186b6e82f33SBrian Somers struct authinfo *authp = (struct authinfo *)vauthp; 18753c9f6c0SAtsushi Murai 18853c9f6c0SAtsushi Murai tp = &authp->authtimer; 18953c9f6c0SAtsushi Murai StopTimer(tp); 19053c9f6c0SAtsushi Murai if (--authp->retry > 0) { 19153c9f6c0SAtsushi Murai StartTimer(tp); 19253c9f6c0SAtsushi Murai (authp->ChallengeFunc) (++authp->id); 19353c9f6c0SAtsushi Murai } 19453c9f6c0SAtsushi Murai } 19553c9f6c0SAtsushi Murai 19653c9f6c0SAtsushi Murai void 197944f7098SBrian Somers StartAuthChallenge(struct authinfo *authp) 19853c9f6c0SAtsushi Murai { 19953c9f6c0SAtsushi Murai struct pppTimer *tp; 20053c9f6c0SAtsushi Murai 20153c9f6c0SAtsushi Murai tp = &authp->authtimer; 20253c9f6c0SAtsushi Murai StopTimer(tp); 20353c9f6c0SAtsushi Murai tp->func = AuthTimeout; 20453c9f6c0SAtsushi Murai tp->load = VarRetryTimeout * SECTICKS; 20553c9f6c0SAtsushi Murai tp->state = TIMER_STOPPED; 20653c9f6c0SAtsushi Murai tp->arg = (void *) authp; 20753c9f6c0SAtsushi Murai StartTimer(tp); 20853c9f6c0SAtsushi Murai authp->retry = 3; 20953c9f6c0SAtsushi Murai authp->id = 1; 21053c9f6c0SAtsushi Murai (authp->ChallengeFunc) (authp->id); 21153c9f6c0SAtsushi Murai } 21253c9f6c0SAtsushi Murai 21353c9f6c0SAtsushi Murai void 214944f7098SBrian Somers StopAuthTimer(struct authinfo *authp) 21553c9f6c0SAtsushi Murai { 21653c9f6c0SAtsushi Murai StopTimer(&authp->authtimer); 21753c9f6c0SAtsushi Murai } 218