xref: /freebsd/usr.sbin/ppp/auth.c (revision 0de89efe5c443f213c7ea28773ef2dc6cf3af2ed) 
1 /*
2  *			PPP Secret Key Module
3  *
4  *	    Written by Toshiharu OHNO (tony-o@iij.ad.jp)
5  *
6  *   Copyright (C) 1994, Internet Initiative Japan, Inc. All rights reserverd.
7  *
8  * Redistribution and use in source and binary forms are permitted
9  * provided that the above copyright notice and this paragraph are
10  * duplicated in all such forms and that any documentation,
11  * advertising materials, and other materials related to such
12  * distribution and use acknowledge that the software was developed
13  * by the Internet Initiative Japan, Inc.  The name of the
14  * IIJ may not be used to endorse or promote products derived
15  * from this software without specific prior written permission.
16  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
17  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
18  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
19  *
20  * $Id: auth.c,v 1.16 1997/09/04 00:38:17 brian Exp $
21  *
22  *	TODO:
23  *		o Implement check against with registered IP addresses.
24  */
25 #include "fsm.h"
26 #include "lcpproto.h"
27 #include "ipcp.h"
28 #include "loadalias.h"
29 #include "vars.h"
30 #include "filter.h"
31 #include "auth.h"
32 #include "chat.h"
33 
34 extern FILE *OpenSecret();
35 extern void CloseSecret();
36 
37 void
38 LocalAuthInit()
39 {
40   char *p;
41 
42   if (gethostname(VarShortHost, sizeof(VarShortHost))) {
43     VarLocalAuth = LOCAL_DENY;
44     return;
45   }
46 
47   p = strchr(VarShortHost, '.');
48   if (p)
49     *p = '\0';
50 
51   if (!(mode&(MODE_AUTO|MODE_DEDICATED|MODE_DIRECT)))
52     /* We're allowed in interactive and direct */
53     VarLocalAuth = LOCAL_AUTH;
54   else
55     VarLocalAuth = LocalAuthValidate(SECRETFILE, VarShortHost, "")
56       == NOT_FOUND ?  LOCAL_DENY : LOCAL_NO_AUTH;
57 }
58 
59 LOCAL_AUTH_VALID
60 LocalAuthValidate(char *fname, char *system, char *key)
61 {
62   FILE *fp;
63   int n;
64   char *vector[3];
65   char buff[200];
66   LOCAL_AUTH_VALID rc;
67 
68   rc = NOT_FOUND;		/* No system entry */
69   fp = OpenSecret(fname);
70   if (fp == NULL)
71     return (rc);
72   while (fgets(buff, sizeof(buff), fp)) {
73     if (buff[0] == '#')
74       continue;
75     buff[strlen(buff) - 1] = 0;
76     bzero(vector, sizeof(vector));
77     n = MakeArgs(buff, vector, VECSIZE(vector));
78     if (n < 1)
79       continue;
80     if (strcmp(vector[0], system) == 0) {
81       if ((vector[1] == (char *) NULL && (key == NULL || *key == '\0')) ||
82           (vector[1] != (char *) NULL && strcmp(vector[1], key) == 0)) {
83 	rc = VALID;		/* Valid   */
84       } else {
85 	rc = INVALID;		/* Invalid */
86       }
87       break;
88     }
89   }
90   CloseSecret(fp);
91   return (rc);
92 }
93 
94 int
95 AuthValidate(char *fname, char *system, char *key)
96 {
97   FILE *fp;
98   int n;
99   char *vector[4];
100   char buff[200];
101   char passwd[100];
102 
103   fp = OpenSecret(fname);
104   if (fp == NULL)
105     return (0);
106   while (fgets(buff, sizeof(buff), fp)) {
107     if (buff[0] == '#')
108       continue;
109     buff[strlen(buff) - 1] = 0;
110     bzero(vector, sizeof(vector));
111     n = MakeArgs(buff, vector, VECSIZE(vector));
112     if (n < 2)
113       continue;
114     if (strcmp(vector[0], system) == 0) {
115       ExpandString(vector[1], passwd, sizeof(passwd), 0);
116       if (strcmp(passwd, key) == 0) {
117 	CloseSecret(fp);
118 	bzero(&DefHisAddress, sizeof(DefHisAddress));
119 	n -= 2;
120 	if (n > 0) {
121 	  if (ParseAddr(n--, &vector[2],
122 			&DefHisAddress.ipaddr,
123 			&DefHisAddress.mask,
124 			&DefHisAddress.width) == 0) {
125 	    return (0);		/* Invalid */
126 	  }
127 	}
128 	IpcpInit();
129 	return (1);		/* Valid */
130       }
131     }
132   }
133   CloseSecret(fp);
134   return (0);			/* Invalid */
135 }
136 
137 char *
138 AuthGetSecret(char *fname, char *system, int len, int setaddr)
139 {
140   FILE *fp;
141   int n;
142   char *vector[4];
143   char buff[200];
144   static char passwd[100];
145 
146   fp = OpenSecret(fname);
147   if (fp == NULL)
148     return (NULL);
149   while (fgets(buff, sizeof(buff), fp)) {
150     if (buff[0] == '#')
151       continue;
152     buff[strlen(buff) - 1] = 0;
153     bzero(vector, sizeof(vector));
154     n = MakeArgs(buff, vector, VECSIZE(vector));
155     if (n < 2)
156       continue;
157     if (strlen(vector[0]) == len && strncmp(vector[0], system, len) == 0) {
158       ExpandString(vector[1], passwd, sizeof(passwd), 0);
159       if (setaddr) {
160 	bzero(&DefHisAddress, sizeof(DefHisAddress));
161       }
162       n -= 2;
163       if (n > 0 && setaddr) {
164 	LogPrintf(LogDEBUG, "AuthGetSecret: n = %d, %s\n", n, vector[2]);
165 	if (ParseAddr(n--, &vector[2],
166 		      &DefHisAddress.ipaddr,
167 		      &DefHisAddress.mask,
168 		      &DefHisAddress.width) != 0)
169 	  IpcpInit();
170       }
171       return (passwd);
172     }
173   }
174   CloseSecret(fp);
175   return (NULL);		/* Invalid */
176 }
177 
178 static void
179 AuthTimeout(struct authinfo * authp)
180 {
181   struct pppTimer *tp;
182 
183   tp = &authp->authtimer;
184   StopTimer(tp);
185   if (--authp->retry > 0) {
186     StartTimer(tp);
187     (authp->ChallengeFunc) (++authp->id);
188   }
189 }
190 
191 void
192 StartAuthChallenge(struct authinfo * authp)
193 {
194   struct pppTimer *tp;
195 
196   tp = &authp->authtimer;
197   StopTimer(tp);
198   tp->func = AuthTimeout;
199   tp->load = VarRetryTimeout * SECTICKS;
200   tp->state = TIMER_STOPPED;
201   tp->arg = (void *) authp;
202   StartTimer(tp);
203   authp->retry = 3;
204   authp->id = 1;
205   (authp->ChallengeFunc) (authp->id);
206 }
207 
208 void
209 StopAuthTimer(struct authinfo * authp)
210 {
211   StopTimer(&authp->authtimer);
212 }
213