xref: /freebsd/usr.sbin/ppp/auth.c (revision ce834215a70ff69e7e222827437116eee2f9ac6f) 
1 /*
2  *			PPP Secret Key Module
3  *
4  *	    Written by Toshiharu OHNO (tony-o@iij.ad.jp)
5  *
6  *   Copyright (C) 1994, Internet Initiative Japan, Inc. All rights reserverd.
7  *
8  * Redistribution and use in source and binary forms are permitted
9  * provided that the above copyright notice and this paragraph are
10  * duplicated in all such forms and that any documentation,
11  * advertising materials, and other materials related to such
12  * distribution and use acknowledge that the software was developed
13  * by the Internet Initiative Japan, Inc.  The name of the
14  * IIJ may not be used to endorse or promote products derived
15  * from this software without specific prior written permission.
16  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
17  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
18  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
19  *
20  * $Id: auth.c,v 1.13 1997/05/26 00:43:55 brian Exp $
21  *
22  *	TODO:
23  *		o Implement check against with registered IP addresses.
24  */
25 #include "fsm.h"
26 #include "lcpproto.h"
27 #include "ipcp.h"
28 #include "loadalias.h"
29 #include "vars.h"
30 #include "filter.h"
31 #include "auth.h"
32 #include "chat.h"
33 
34 extern FILE *OpenSecret();
35 extern void CloseSecret();
36 
37 LOCAL_AUTH_VALID
38 LocalAuthInit(void)
39 {
40 
41   char *p;
42 
43   if ( gethostname( VarShortHost, sizeof(VarShortHost))) {
44   	return(NOT_FOUND);
45   }
46   p = strchr( VarShortHost, '.' );
47   if (p)
48 	*p = '\0';
49 
50   VarLocalAuth = LOCAL_NO_AUTH;
51   return LocalAuthValidate( SECRETFILE, VarShortHost, "" );
52 
53 }
54 
55 LOCAL_AUTH_VALID
56 LocalAuthValidate( char *fname, char *system, char *key) {
57   FILE *fp;
58   int n;
59   char *vector[20];	/* XXX */
60   char buff[200];	/* XXX */
61   LOCAL_AUTH_VALID rc;
62 
63   rc = NOT_FOUND;		/* No system entry */
64   fp = OpenSecret(fname);
65   if (fp == NULL)
66     return( rc );
67   while (fgets(buff, sizeof(buff), fp)) {
68     if (buff[0] == '#')
69       continue;
70     buff[strlen(buff)-1] = 0;
71     bzero(vector, sizeof(vector));
72     n = MakeArgs(buff, vector, VECSIZE(vector));
73     if (n < 1)
74       continue;
75     if (strcmp(vector[0], system) == 0) {
76       if ( vector[1] != (char *) NULL && strcmp(vector[1], key) == 0) {
77 	rc = VALID;		/* Valid   */
78       } else {
79 	rc = INVALID;		/* Invalid */
80       }
81       break;
82     }
83   }
84   CloseSecret(fp);
85   return( rc );
86 }
87 
88 int
89 AuthValidate(fname, system, key)
90 char *fname, *system, *key;
91 {
92   FILE *fp;
93   int n;
94   char *vector[20];
95   char buff[200];
96   char passwd[100];
97 
98   fp = OpenSecret(fname);
99   if (fp == NULL)
100     return(0);
101   while (fgets(buff, sizeof(buff), fp)) {
102     if (buff[0] == '#')
103       continue;
104     buff[strlen(buff)-1] = 0;
105     bzero(vector, sizeof(vector));
106     n = MakeArgs(buff, vector, VECSIZE(vector));
107     if (n < 2)
108       continue;
109     if (strcmp(vector[0], system) == 0) {
110       ExpandString(vector[1], passwd, sizeof(passwd), 0);
111       if (strcmp(passwd, key) == 0) {
112 	CloseSecret(fp);
113         bzero(&DefHisAddress, sizeof(DefHisAddress));
114         n -= 2;
115         if (n > 0) {
116 	  if (ParseAddr(n--, &vector[2],
117 		  &DefHisAddress.ipaddr,
118 		  &DefHisAddress.mask,
119                   &DefHisAddress.width) == 0) {
120 	     return(0); /* Invalid */
121 	  }
122 	}
123 	IpcpInit();
124 	return(1);	/* Valid */
125       }
126     }
127   }
128   CloseSecret(fp);
129   return(0);		/* Invalid */
130 }
131 
132 char *
133 AuthGetSecret(fname, system, len, setaddr)
134 char *fname, *system;
135 int len, setaddr;
136 {
137   FILE *fp;
138   int n;
139   char *vector[20];
140   char buff[200];
141   static char passwd[100];
142 
143   fp = OpenSecret(fname);
144   if (fp == NULL)
145     return(NULL);
146   while (fgets(buff, sizeof(buff), fp)) {
147     if (buff[0] == '#')
148       continue;
149     buff[strlen(buff)-1] = 0;
150     bzero(vector, sizeof(vector));
151     n = MakeArgs(buff, vector, VECSIZE(vector));
152     if (n < 2)
153       continue;
154     if (strlen(vector[0]) == len && strncmp(vector[0], system, len) == 0) {
155       ExpandString(vector[1], passwd, sizeof(passwd), 0);
156       if (setaddr) {
157         bzero(&DefHisAddress, sizeof(DefHisAddress));
158       }
159       n -= 2;
160       if (n > 0 && setaddr) {
161 	LogPrintf(LogDEBUG, "AuthGetSecret: n = %d, %s\n", n, vector[2]);
162 	if (ParseAddr(n--, &vector[2],
163 		      &DefHisAddress.ipaddr,
164 		      &DefHisAddress.mask,
165 		      &DefHisAddress.width) != 0)
166 	   IpcpInit();
167       }
168       return(passwd);
169     }
170   }
171   CloseSecret(fp);
172   return(NULL);		/* Invalid */
173 }
174 
175 static void
176 AuthTimeout(authp)
177 struct authinfo *authp;
178 {
179   struct pppTimer *tp;
180 
181   tp = &authp->authtimer;
182   StopTimer(tp);
183   if (--authp->retry > 0) {
184     StartTimer(tp);
185     (authp->ChallengeFunc)(++authp->id);
186   }
187 }
188 
189 void
190 StartAuthChallenge(authp)
191 struct authinfo *authp;
192 {
193   struct pppTimer *tp;
194 
195   tp = &authp->authtimer;
196   StopTimer(tp);
197   tp->func = AuthTimeout;
198   tp->load = VarRetryTimeout * SECTICKS;
199   tp->state = TIMER_STOPPED;
200   tp->arg = (void *)authp;
201   StartTimer(tp);
202   authp->retry = 3;
203   authp->id = 1;
204   (authp->ChallengeFunc)(authp->id);
205 }
206 
207 void
208 StopAuthTimer(authp)
209 struct authinfo *authp;
210 {
211   StopTimer(&authp->authtimer);
212 }
213