165309e5cSBrian Somers /*- 265309e5cSBrian Somers * Copyright (c) 1996 - 2001 Brian Somers <brian@Awfulhak.org> 365309e5cSBrian Somers * based on work by Toshiharu OHNO <tony-o@iij.ad.jp> 465309e5cSBrian Somers * Internet Initiative Japan, Inc (IIJ) 565309e5cSBrian Somers * All rights reserved. 6af57ed9fSAtsushi Murai * 765309e5cSBrian Somers * Redistribution and use in source and binary forms, with or without 865309e5cSBrian Somers * modification, are permitted provided that the following conditions 965309e5cSBrian Somers * are met: 1065309e5cSBrian Somers * 1. Redistributions of source code must retain the above copyright 1165309e5cSBrian Somers * notice, this list of conditions and the following disclaimer. 1265309e5cSBrian Somers * 2. Redistributions in binary form must reproduce the above copyright 1365309e5cSBrian Somers * notice, this list of conditions and the following disclaimer in the 1465309e5cSBrian Somers * documentation and/or other materials provided with the distribution. 15af57ed9fSAtsushi Murai * 1665309e5cSBrian Somers * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 1765309e5cSBrian Somers * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 1865309e5cSBrian Somers * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 1965309e5cSBrian Somers * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 2065309e5cSBrian Somers * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2165309e5cSBrian Somers * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2265309e5cSBrian Somers * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2365309e5cSBrian Somers * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2465309e5cSBrian Somers * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2565309e5cSBrian Somers * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2665309e5cSBrian Somers * SUCH DAMAGE. 27af57ed9fSAtsushi Murai * 2897d92980SPeter Wemm * $FreeBSD$ 29af57ed9fSAtsushi Murai */ 3065309e5cSBrian Somers 31972a1bcfSBrian Somers #include <sys/param.h> 3275240ed1SBrian Somers #include <netinet/in.h> 33eaa4df37SBrian Somers #include <netinet/in_systm.h> 34eaa4df37SBrian Somers #include <netinet/ip.h> 3530949fd4SBrian Somers #include <sys/socket.h> 361fa665f5SBrian Somers #include <sys/un.h> 3775240ed1SBrian Somers 38f0cdd9c0SBrian Somers #include <stdlib.h> 39eb6e5e05SBrian Somers #include <string.h> /* strlen/memcpy */ 406140ba11SBrian Somers #include <termios.h> 4175240ed1SBrian Somers 425d9e6103SBrian Somers #include "layer.h" 4375240ed1SBrian Somers #include "mbuf.h" 4475240ed1SBrian Somers #include "log.h" 4575240ed1SBrian Somers #include "defs.h" 4675240ed1SBrian Somers #include "timer.h" 47af57ed9fSAtsushi Murai #include "fsm.h" 48e2ebb036SBrian Somers #include "auth.h" 49af57ed9fSAtsushi Murai #include "pap.h" 50879ed6faSBrian Somers #include "lqr.h" 51af57ed9fSAtsushi Murai #include "hdlc.h" 521038894eSBrian Somers #include "lcp.h" 535d9e6103SBrian Somers #include "proto.h" 546140ba11SBrian Somers #include "async.h" 556140ba11SBrian Somers #include "throughput.h" 563b0f8d2eSBrian Somers #include "ccp.h" 576140ba11SBrian Somers #include "link.h" 5842d4d396SBrian Somers #include "descriptor.h" 5963b73463SBrian Somers #include "physical.h" 605828db6dSBrian Somers #include "iplist.h" 61eaa4df37SBrian Somers #include "slcompress.h" 6230949fd4SBrian Somers #include "ncpaddr.h" 6330949fd4SBrian Somers #include "ip.h" 645828db6dSBrian Somers #include "ipcp.h" 655ca5389aSBrian Somers #include "filter.h" 663b0f8d2eSBrian Somers #include "mp.h" 67972a1bcfSBrian Somers #ifndef NORADIUS 68972a1bcfSBrian Somers #include "radius.h" 69972a1bcfSBrian Somers #endif 7030949fd4SBrian Somers #include "ipv6cp.h" 7130949fd4SBrian Somers #include "ncp.h" 72455aabc3SBrian Somers #include "bundle.h" 73e2ebb036SBrian Somers #include "chat.h" 74e2ebb036SBrian Somers #include "chap.h" 7592b09558SBrian Somers #include "cbcp.h" 76e2ebb036SBrian Somers #include "datalink.h" 77af57ed9fSAtsushi Murai 78182c898aSBrian Somers static const char * const papcodes[] = { 79182c898aSBrian Somers "???", "REQUEST", "SUCCESS", "FAILURE" 80182c898aSBrian Somers }; 81f0cdd9c0SBrian Somers #define MAXPAPCODE (sizeof papcodes / sizeof papcodes[0] - 1) 82af57ed9fSAtsushi Murai 83f0cdd9c0SBrian Somers static void 84f0cdd9c0SBrian Somers pap_Req(struct authinfo *authp) 85af57ed9fSAtsushi Murai { 86f0cdd9c0SBrian Somers struct bundle *bundle = authp->physical->dl->bundle; 87af57ed9fSAtsushi Murai struct fsmheader lh; 88af57ed9fSAtsushi Murai struct mbuf *bp; 89af57ed9fSAtsushi Murai u_char *cp; 90af57ed9fSAtsushi Murai int namelen, keylen, plen; 91af57ed9fSAtsushi Murai 92f0cdd9c0SBrian Somers namelen = strlen(bundle->cfg.auth.name); 93f0cdd9c0SBrian Somers keylen = strlen(bundle->cfg.auth.key); 94af57ed9fSAtsushi Murai plen = namelen + keylen + 2; 95f0cdd9c0SBrian Somers log_Printf(LogDEBUG, "pap_Req: namelen = %d, keylen = %d\n", namelen, keylen); 96f0cdd9c0SBrian Somers log_Printf(LogPHASE, "Pap Output: %s ********\n", bundle->cfg.auth.name); 97f0cdd9c0SBrian Somers if (*bundle->cfg.auth.name == '\0') 9893280d73SBrian Somers log_Printf(LogWARN, "Sending empty PAP authname!\n"); 99af57ed9fSAtsushi Murai lh.code = PAP_REQUEST; 100f0cdd9c0SBrian Somers lh.id = authp->id; 101af57ed9fSAtsushi Murai lh.length = htons(plen + sizeof(struct fsmheader)); 10226af0ae9SBrian Somers bp = m_get(plen + sizeof(struct fsmheader), MB_PAPOUT); 10375240ed1SBrian Somers memcpy(MBUF_CTOP(bp), &lh, sizeof(struct fsmheader)); 104af57ed9fSAtsushi Murai cp = MBUF_CTOP(bp) + sizeof(struct fsmheader); 105af57ed9fSAtsushi Murai *cp++ = namelen; 106f0cdd9c0SBrian Somers memcpy(cp, bundle->cfg.auth.name, namelen); 107af57ed9fSAtsushi Murai cp += namelen; 108af57ed9fSAtsushi Murai *cp++ = keylen; 109f0cdd9c0SBrian Somers memcpy(cp, bundle->cfg.auth.key, keylen); 110442f8495SBrian Somers link_PushPacket(&authp->physical->link, bp, bundle, 111442f8495SBrian Somers LINK_QUEUES(&authp->physical->link) - 1, PROTO_PAP); 112af57ed9fSAtsushi Murai } 113af57ed9fSAtsushi Murai 114af57ed9fSAtsushi Murai static void 115f0cdd9c0SBrian Somers SendPapCode(struct authinfo *authp, int code, const char *message) 116af57ed9fSAtsushi Murai { 117af57ed9fSAtsushi Murai struct fsmheader lh; 118af57ed9fSAtsushi Murai struct mbuf *bp; 119af57ed9fSAtsushi Murai u_char *cp; 120af57ed9fSAtsushi Murai int plen, mlen; 121af57ed9fSAtsushi Murai 122af57ed9fSAtsushi Murai lh.code = code; 123f0cdd9c0SBrian Somers lh.id = authp->id; 124af57ed9fSAtsushi Murai mlen = strlen(message); 125af57ed9fSAtsushi Murai plen = mlen + 1; 126af57ed9fSAtsushi Murai lh.length = htons(plen + sizeof(struct fsmheader)); 12726af0ae9SBrian Somers bp = m_get(plen + sizeof(struct fsmheader), MB_PAPOUT); 12875240ed1SBrian Somers memcpy(MBUF_CTOP(bp), &lh, sizeof(struct fsmheader)); 129af57ed9fSAtsushi Murai cp = MBUF_CTOP(bp) + sizeof(struct fsmheader); 130b5c3c9aeSBrian Somers /* 131b5c3c9aeSBrian Somers * If our message is longer than 255 bytes, truncate the length to 132b5c3c9aeSBrian Somers * 255 and send the entire message anyway. Maybe the other end will 133b5c3c9aeSBrian Somers * display it... (see pap_Input() !) 134b5c3c9aeSBrian Somers */ 135b5c3c9aeSBrian Somers *cp++ = mlen > 255 ? 255 : mlen; 13675240ed1SBrian Somers memcpy(cp, message, mlen); 137dd7e2610SBrian Somers log_Printf(LogPHASE, "Pap Output: %s\n", papcodes[code]); 138f0cdd9c0SBrian Somers 1395d9e6103SBrian Somers link_PushPacket(&authp->physical->link, bp, authp->physical->dl->bundle, 140442f8495SBrian Somers LINK_QUEUES(&authp->physical->link) - 1, PROTO_PAP); 141af57ed9fSAtsushi Murai } 142af57ed9fSAtsushi Murai 143f0cdd9c0SBrian Somers static void 144f0cdd9c0SBrian Somers pap_Success(struct authinfo *authp) 145af57ed9fSAtsushi Murai { 146f0cdd9c0SBrian Somers datalink_GotAuthname(authp->physical->dl, authp->in.name); 147f0cdd9c0SBrian Somers SendPapCode(authp, PAP_ACK, "Greetings!!"); 148f0cdd9c0SBrian Somers authp->physical->link.lcp.auth_ineed = 0; 149f0cdd9c0SBrian Somers if (Enabled(authp->physical->dl->bundle, OPT_UTMP)) 150f0cdd9c0SBrian Somers physical_Login(authp->physical, authp->in.name); 151af57ed9fSAtsushi Murai 152f0cdd9c0SBrian Somers if (authp->physical->link.lcp.auth_iwait == 0) 153455aabc3SBrian Somers /* 154455aabc3SBrian Somers * Either I didn't need to authenticate, or I've already been 155455aabc3SBrian Somers * told that I got the answer right. 156455aabc3SBrian Somers */ 157f0cdd9c0SBrian Somers datalink_AuthOk(authp->physical->dl); 158af57ed9fSAtsushi Murai } 159f0cdd9c0SBrian Somers 160f0cdd9c0SBrian Somers static void 161f0cdd9c0SBrian Somers pap_Failure(struct authinfo *authp) 162f0cdd9c0SBrian Somers { 163f0cdd9c0SBrian Somers SendPapCode(authp, PAP_NAK, "Login incorrect"); 164f0cdd9c0SBrian Somers datalink_AuthNotOk(authp->physical->dl); 165f0cdd9c0SBrian Somers } 166f0cdd9c0SBrian Somers 167f0cdd9c0SBrian Somers void 168f0cdd9c0SBrian Somers pap_Init(struct authinfo *pap, struct physical *p) 169f0cdd9c0SBrian Somers { 170f0cdd9c0SBrian Somers auth_Init(pap, p, pap_Req, pap_Success, pap_Failure); 171f0cdd9c0SBrian Somers } 172f0cdd9c0SBrian Somers 1735d9e6103SBrian Somers struct mbuf * 1745d9e6103SBrian Somers pap_Input(struct bundle *bundle, struct link *l, struct mbuf *bp) 175f0cdd9c0SBrian Somers { 1765d9e6103SBrian Somers struct physical *p = link2physical(l); 177f0cdd9c0SBrian Somers struct authinfo *authp = &p->dl->pap; 178f0cdd9c0SBrian Somers u_char nlen, klen, *key; 179b5c3c9aeSBrian Somers const char *txt; 180b5c3c9aeSBrian Somers int txtlen; 181f0cdd9c0SBrian Somers 1825d9e6103SBrian Somers if (p == NULL) { 1835d9e6103SBrian Somers log_Printf(LogERROR, "pap_Input: Not a physical link - dropped\n"); 18426af0ae9SBrian Somers m_freem(bp); 1855d9e6103SBrian Somers return NULL; 1865d9e6103SBrian Somers } 1875d9e6103SBrian Somers 1885d9e6103SBrian Somers if (bundle_Phase(bundle) != PHASE_NETWORK && 1895d9e6103SBrian Somers bundle_Phase(bundle) != PHASE_AUTHENTICATE) { 19029b873f3SBrian Somers log_Printf(LogPHASE, "Unexpected pap input - dropped !\n"); 19126af0ae9SBrian Somers m_freem(bp); 1925d9e6103SBrian Somers return NULL; 19329b873f3SBrian Somers } 19429b873f3SBrian Somers 195b7ff18adSBrian Somers if ((bp = auth_ReadHeader(authp, bp)) == NULL && 196b7ff18adSBrian Somers ntohs(authp->in.hdr.length) == 0) { 197b7ff18adSBrian Somers log_Printf(LogWARN, "Pap Input: Truncated header !\n"); 1985d9e6103SBrian Somers return NULL; 199b7ff18adSBrian Somers } 200f0cdd9c0SBrian Somers 201f0cdd9c0SBrian Somers if (authp->in.hdr.code == 0 || authp->in.hdr.code > MAXPAPCODE) { 202f0cdd9c0SBrian Somers log_Printf(LogPHASE, "Pap Input: %d: Bad PAP code !\n", authp->in.hdr.code); 20326af0ae9SBrian Somers m_freem(bp); 2045d9e6103SBrian Somers return NULL; 205f0cdd9c0SBrian Somers } 206f0cdd9c0SBrian Somers 207f0cdd9c0SBrian Somers if (authp->in.hdr.code != PAP_REQUEST && authp->id != authp->in.hdr.id && 2085d9e6103SBrian Somers Enabled(bundle, OPT_IDCHECK)) { 209f0cdd9c0SBrian Somers /* Wrong conversation dude ! */ 210f0cdd9c0SBrian Somers log_Printf(LogPHASE, "Pap Input: %s dropped (got id %d, not %d)\n", 211f0cdd9c0SBrian Somers papcodes[authp->in.hdr.code], authp->in.hdr.id, authp->id); 21226af0ae9SBrian Somers m_freem(bp); 2135d9e6103SBrian Somers return NULL; 214f0cdd9c0SBrian Somers } 21526af0ae9SBrian Somers m_settype(bp, MB_PAPIN); 216f0cdd9c0SBrian Somers authp->id = authp->in.hdr.id; /* We respond with this id */ 217f0cdd9c0SBrian Somers 218f0cdd9c0SBrian Somers if (bp) { 219f0cdd9c0SBrian Somers bp = mbuf_Read(bp, &nlen, 1); 220b5c3c9aeSBrian Somers if (authp->in.hdr.code == PAP_ACK) { 221b5c3c9aeSBrian Somers /* 222b5c3c9aeSBrian Somers * Don't restrict the length of our acknowledgement freetext to 223b5c3c9aeSBrian Somers * nlen (a one-byte length). Show the rest of the ack packet 224b5c3c9aeSBrian Somers * instead. This isn't really part of the protocol..... 225b5c3c9aeSBrian Somers */ 22626af0ae9SBrian Somers bp = m_pullup(bp); 227b5c3c9aeSBrian Somers txt = MBUF_CTOP(bp); 22826af0ae9SBrian Somers txtlen = m_length(bp); 229b5c3c9aeSBrian Somers } else { 230f0cdd9c0SBrian Somers bp = auth_ReadName(authp, bp, nlen); 231b5c3c9aeSBrian Somers txt = authp->in.name; 232b5c3c9aeSBrian Somers txtlen = strlen(authp->in.name); 233b5c3c9aeSBrian Somers } 234b5c3c9aeSBrian Somers } else { 235b5c3c9aeSBrian Somers txt = ""; 236b5c3c9aeSBrian Somers txtlen = 0; 237f0cdd9c0SBrian Somers } 238f0cdd9c0SBrian Somers 239b5c3c9aeSBrian Somers log_Printf(LogPHASE, "Pap Input: %s (%.*s)\n", 240b5c3c9aeSBrian Somers papcodes[authp->in.hdr.code], txtlen, txt); 241f0cdd9c0SBrian Somers 242f0cdd9c0SBrian Somers switch (authp->in.hdr.code) { 243f0cdd9c0SBrian Somers case PAP_REQUEST: 244f0cdd9c0SBrian Somers if (bp == NULL) { 245f0cdd9c0SBrian Somers log_Printf(LogPHASE, "Pap Input: No key given !\n"); 246af57ed9fSAtsushi Murai break; 247f0cdd9c0SBrian Somers } 248f0cdd9c0SBrian Somers bp = mbuf_Read(bp, &klen, 1); 24926af0ae9SBrian Somers if (m_length(bp) < klen) { 250f0cdd9c0SBrian Somers log_Printf(LogERROR, "Pap Input: Truncated key !\n"); 251f0cdd9c0SBrian Somers break; 252f0cdd9c0SBrian Somers } 253f0cdd9c0SBrian Somers if ((key = malloc(klen+1)) == NULL) { 254f0cdd9c0SBrian Somers log_Printf(LogERROR, "Pap Input: Out of memory !\n"); 255f0cdd9c0SBrian Somers break; 256f0cdd9c0SBrian Somers } 257f0cdd9c0SBrian Somers bp = mbuf_Read(bp, key, klen); 258f0cdd9c0SBrian Somers key[klen] = '\0'; 259f0cdd9c0SBrian Somers 260f0cdd9c0SBrian Somers #ifndef NORADIUS 2615d9e6103SBrian Somers if (*bundle->radius.cfg.file) 2625d9e6103SBrian Somers radius_Authenticate(&bundle->radius, authp, authp->in.name, 26350ca6ec3SBrian Somers key, strlen(key), NULL, 0); 264f0cdd9c0SBrian Somers else 265f0cdd9c0SBrian Somers #endif 2665d9e6103SBrian Somers if (auth_Validate(bundle, authp->in.name, key, p)) 267f0cdd9c0SBrian Somers pap_Success(authp); 268f0cdd9c0SBrian Somers else 269f0cdd9c0SBrian Somers pap_Failure(authp); 270f0cdd9c0SBrian Somers 271f0cdd9c0SBrian Somers free(key); 272f0cdd9c0SBrian Somers break; 273f0cdd9c0SBrian Somers 274af57ed9fSAtsushi Murai case PAP_ACK: 275f0cdd9c0SBrian Somers auth_StopTimer(authp); 276f0cdd9c0SBrian Somers if (p->link.lcp.auth_iwait == PROTO_PAP) { 277f0cdd9c0SBrian Somers p->link.lcp.auth_iwait = 0; 278f0cdd9c0SBrian Somers if (p->link.lcp.auth_ineed == 0) 279455aabc3SBrian Somers /* 280455aabc3SBrian Somers * We've succeeded in our ``login'' 281455aabc3SBrian Somers * If we're not expecting the peer to authenticate (or he already 282455aabc3SBrian Somers * has), proceed to network phase. 283455aabc3SBrian Somers */ 284f0cdd9c0SBrian Somers datalink_AuthOk(p->dl); 285af57ed9fSAtsushi Murai } 286af57ed9fSAtsushi Murai break; 287f0cdd9c0SBrian Somers 288af57ed9fSAtsushi Murai case PAP_NAK: 289f0cdd9c0SBrian Somers auth_StopTimer(authp); 290f0cdd9c0SBrian Somers datalink_AuthNotOk(p->dl); 291af57ed9fSAtsushi Murai break; 292af57ed9fSAtsushi Murai } 293f0cdd9c0SBrian Somers 29426af0ae9SBrian Somers m_freem(bp); 2955d9e6103SBrian Somers return NULL; 296af57ed9fSAtsushi Murai } 297