xref: /freebsd/usr.sbin/ppp/auth.c (revision 33b77e2decd50e53798014b70bf7ca3bdc4c0c7e) 
1 /*
2  *			PPP Secret Key Module
3  *
4  *	    Written by Toshiharu OHNO (tony-o@iij.ad.jp)
5  *
6  *   Copyright (C) 1994, Internet Initiative Japan, Inc. All rights reserverd.
7  *
8  * Redistribution and use in source and binary forms are permitted
9  * provided that the above copyright notice and this paragraph are
10  * duplicated in all such forms and that any documentation,
11  * advertising materials, and other materials related to such
12  * distribution and use acknowledge that the software was developed
13  * by the Internet Initiative Japan, Inc.  The name of the
14  * IIJ may not be used to endorse or promote products derived
15  * from this software without specific prior written permission.
16  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
17  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
18  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
19  *
20  * $Id: auth.c,v 1.25 1997/12/24 09:28:50 brian Exp $
21  *
22  *	TODO:
23  *		o Implement check against with registered IP addresses.
24  */
25 #include <sys/param.h>
26 #include <netinet/in.h>
27 
28 #include <stdio.h>
29 #include <string.h>
30 #include <unistd.h>
31 
32 #include "command.h"
33 #include "mbuf.h"
34 #include "log.h"
35 #include "defs.h"
36 #include "timer.h"
37 #include "fsm.h"
38 #include "lcpproto.h"
39 #include "ipcp.h"
40 #include "loadalias.h"
41 #include "vars.h"
42 #include "filter.h"
43 #include "auth.h"
44 #include "chat.h"
45 #include "systems.h"
46 #include "iplist.h"
47 #include "route.h"
48 
49 void
50 LocalAuthInit()
51 {
52   if (!(mode&MODE_DAEMON))
53     /* We're allowed in interactive mode */
54     VarLocalAuth = LOCAL_AUTH;
55   else if (VarHaveLocalAuthKey)
56     VarLocalAuth = *VarLocalAuthKey == '\0' ? LOCAL_AUTH : LOCAL_NO_AUTH;
57   else
58     switch (LocalAuthValidate(SECRETFILE, VarShortHost, "")) {
59     case NOT_FOUND:
60       VarLocalAuth = LOCAL_DENY;
61       break;
62     case VALID:
63       VarLocalAuth = LOCAL_AUTH;
64       break;
65     case INVALID:
66       VarLocalAuth = LOCAL_NO_AUTH;
67       break;
68     }
69 }
70 
71 LOCAL_AUTH_VALID
72 LocalAuthValidate(const char *fname, const char *system, const char *key)
73 {
74   FILE *fp;
75   int n;
76   char *vector[3];
77   char buff[LINE_LEN];
78   LOCAL_AUTH_VALID rc;
79 
80   rc = NOT_FOUND;		/* No system entry */
81   fp = OpenSecret(fname);
82   if (fp == NULL)
83     return (rc);
84   while (fgets(buff, sizeof buff, fp)) {
85     if (buff[0] == '#')
86       continue;
87     buff[strlen(buff) - 1] = 0;
88     memset(vector, '\0', sizeof vector);
89     n = MakeArgs(buff, vector, VECSIZE(vector));
90     if (n < 1)
91       continue;
92     if (strcmp(vector[0], system) == 0) {
93       if ((vector[1] == (char *) NULL && (key == NULL || *key == '\0')) ||
94           (vector[1] != (char *) NULL && strcmp(vector[1], key) == 0)) {
95 	rc = VALID;		/* Valid   */
96       } else {
97 	rc = INVALID;		/* Invalid */
98       }
99       break;
100     }
101   }
102   CloseSecret(fp);
103   return (rc);
104 }
105 
106 int
107 AuthValidate(const char *fname, const char *system, const char *key)
108 {
109   FILE *fp;
110   int n;
111   char *vector[5];
112   char buff[LINE_LEN];
113   char passwd[100];
114 
115   fp = OpenSecret(fname);
116   if (fp == NULL)
117     return (0);
118   while (fgets(buff, sizeof buff, fp)) {
119     if (buff[0] == '#')
120       continue;
121     buff[strlen(buff) - 1] = 0;
122     memset(vector, '\0', sizeof vector);
123     n = MakeArgs(buff, vector, VECSIZE(vector));
124     if (n < 2)
125       continue;
126     if (strcmp(vector[0], system) == 0) {
127       ExpandString(vector[1], passwd, sizeof passwd, 0);
128       if (strcmp(passwd, key) == 0) {
129 	CloseSecret(fp);
130 	if (n > 2 && !UseHisaddr(vector[2], 1))
131 	    return (0);
132 	IpcpInit();
133 	if (n > 3)
134 	  SetLabel(vector[3]);
135 	return (1);		/* Valid */
136       }
137     }
138   }
139   CloseSecret(fp);
140   return (0);			/* Invalid */
141 }
142 
143 char *
144 AuthGetSecret(const char *fname, const char *system, int len, int setaddr)
145 {
146   FILE *fp;
147   int n;
148   char *vector[5];
149   char buff[LINE_LEN];
150   static char passwd[100];
151 
152   fp = OpenSecret(fname);
153   if (fp == NULL)
154     return (NULL);
155   while (fgets(buff, sizeof buff, fp)) {
156     if (buff[0] == '#')
157       continue;
158     buff[strlen(buff) - 1] = 0;
159     memset(vector, '\0', sizeof vector);
160     n = MakeArgs(buff, vector, VECSIZE(vector));
161     if (n < 2)
162       continue;
163     if (strlen(vector[0]) == len && strncmp(vector[0], system, len) == 0) {
164       ExpandString(vector[1], passwd, sizeof passwd, 0);
165       if (setaddr) {
166 	memset(&DefHisAddress, '\0', sizeof DefHisAddress);
167       }
168       if (n > 2 && setaddr)
169 	if (UseHisaddr(vector[2], 1))
170           IpcpInit();
171         else
172           return NULL;
173       if (n > 3)
174         SetLabel(vector[3]);
175       return (passwd);
176     }
177   }
178   CloseSecret(fp);
179   return (NULL);		/* Invalid */
180 }
181 
182 static void
183 AuthTimeout(void *vauthp)
184 {
185   struct pppTimer *tp;
186   struct authinfo *authp = (struct authinfo *)vauthp;
187 
188   tp = &authp->authtimer;
189   StopTimer(tp);
190   if (--authp->retry > 0) {
191     StartTimer(tp);
192     (authp->ChallengeFunc) (++authp->id);
193   }
194 }
195 
196 void
197 StartAuthChallenge(struct authinfo *authp)
198 {
199   struct pppTimer *tp;
200 
201   tp = &authp->authtimer;
202   StopTimer(tp);
203   tp->func = AuthTimeout;
204   tp->load = VarRetryTimeout * SECTICKS;
205   tp->state = TIMER_STOPPED;
206   tp->arg = (void *) authp;
207   StartTimer(tp);
208   authp->retry = 3;
209   authp->id = 1;
210   (authp->ChallengeFunc) (authp->id);
211 }
212 
213 void
214 StopAuthTimer(struct authinfo *authp)
215 {
216   StopTimer(&authp->authtimer);
217 }
218