xref: /freebsd/usr.sbin/ppp/pap.c (revision 65309e5cda5d671cbca4763b481566ce387dcf7e) 
165309e5cSBrian Somers /*-
265309e5cSBrian Somers  * Copyright (c) 1996 - 2001 Brian Somers <brian@Awfulhak.org>
365309e5cSBrian Somers  *          based on work by Toshiharu OHNO <tony-o@iij.ad.jp>
465309e5cSBrian Somers  *                           Internet Initiative Japan, Inc (IIJ)
565309e5cSBrian Somers  * All rights reserved.
6af57ed9fSAtsushi Murai  *
765309e5cSBrian Somers  * Redistribution and use in source and binary forms, with or without
865309e5cSBrian Somers  * modification, are permitted provided that the following conditions
965309e5cSBrian Somers  * are met:
1065309e5cSBrian Somers  * 1. Redistributions of source code must retain the above copyright
1165309e5cSBrian Somers  *    notice, this list of conditions and the following disclaimer.
1265309e5cSBrian Somers  * 2. Redistributions in binary form must reproduce the above copyright
1365309e5cSBrian Somers  *    notice, this list of conditions and the following disclaimer in the
1465309e5cSBrian Somers  *    documentation and/or other materials provided with the distribution.
15af57ed9fSAtsushi Murai  *
1665309e5cSBrian Somers  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
1765309e5cSBrian Somers  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1865309e5cSBrian Somers  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1965309e5cSBrian Somers  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
2065309e5cSBrian Somers  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
2165309e5cSBrian Somers  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
2265309e5cSBrian Somers  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
2365309e5cSBrian Somers  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
2465309e5cSBrian Somers  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
2565309e5cSBrian Somers  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2665309e5cSBrian Somers  * SUCH DAMAGE.
27af57ed9fSAtsushi Murai  *
2897d92980SPeter Wemm  * $FreeBSD$
29af57ed9fSAtsushi Murai  */
3065309e5cSBrian Somers 
31972a1bcfSBrian Somers #include <sys/param.h>
3275240ed1SBrian Somers #include <netinet/in.h>
33eaa4df37SBrian Somers #include <netinet/in_systm.h>
34eaa4df37SBrian Somers #include <netinet/ip.h>
351fa665f5SBrian Somers #include <sys/un.h>
3675240ed1SBrian Somers 
37f0cdd9c0SBrian Somers #include <stdlib.h>
38eb6e5e05SBrian Somers #include <string.h>		/* strlen/memcpy */
396140ba11SBrian Somers #include <termios.h>
4075240ed1SBrian Somers 
415d9e6103SBrian Somers #include "layer.h"
4275240ed1SBrian Somers #include "mbuf.h"
4375240ed1SBrian Somers #include "log.h"
4475240ed1SBrian Somers #include "defs.h"
4575240ed1SBrian Somers #include "timer.h"
46af57ed9fSAtsushi Murai #include "fsm.h"
47e2ebb036SBrian Somers #include "auth.h"
48af57ed9fSAtsushi Murai #include "pap.h"
49879ed6faSBrian Somers #include "lqr.h"
50af57ed9fSAtsushi Murai #include "hdlc.h"
511038894eSBrian Somers #include "lcp.h"
525d9e6103SBrian Somers #include "proto.h"
536140ba11SBrian Somers #include "async.h"
546140ba11SBrian Somers #include "throughput.h"
553b0f8d2eSBrian Somers #include "ccp.h"
566140ba11SBrian Somers #include "link.h"
5742d4d396SBrian Somers #include "descriptor.h"
5863b73463SBrian Somers #include "physical.h"
595828db6dSBrian Somers #include "iplist.h"
60eaa4df37SBrian Somers #include "slcompress.h"
615828db6dSBrian Somers #include "ipcp.h"
625ca5389aSBrian Somers #include "filter.h"
633b0f8d2eSBrian Somers #include "mp.h"
64972a1bcfSBrian Somers #ifndef NORADIUS
65972a1bcfSBrian Somers #include "radius.h"
66972a1bcfSBrian Somers #endif
67455aabc3SBrian Somers #include "bundle.h"
68e2ebb036SBrian Somers #include "chat.h"
69e2ebb036SBrian Somers #include "chap.h"
7092b09558SBrian Somers #include "cbcp.h"
71e2ebb036SBrian Somers #include "datalink.h"
72af57ed9fSAtsushi Murai 
73182c898aSBrian Somers static const char * const papcodes[] = {
74182c898aSBrian Somers   "???", "REQUEST", "SUCCESS", "FAILURE"
75182c898aSBrian Somers };
76f0cdd9c0SBrian Somers #define MAXPAPCODE (sizeof papcodes / sizeof papcodes[0] - 1)
77af57ed9fSAtsushi Murai 
78f0cdd9c0SBrian Somers static void
79f0cdd9c0SBrian Somers pap_Req(struct authinfo *authp)
80af57ed9fSAtsushi Murai {
81f0cdd9c0SBrian Somers   struct bundle *bundle = authp->physical->dl->bundle;
82af57ed9fSAtsushi Murai   struct fsmheader lh;
83af57ed9fSAtsushi Murai   struct mbuf *bp;
84af57ed9fSAtsushi Murai   u_char *cp;
85af57ed9fSAtsushi Murai   int namelen, keylen, plen;
86af57ed9fSAtsushi Murai 
87f0cdd9c0SBrian Somers   namelen = strlen(bundle->cfg.auth.name);
88f0cdd9c0SBrian Somers   keylen = strlen(bundle->cfg.auth.key);
89af57ed9fSAtsushi Murai   plen = namelen + keylen + 2;
90f0cdd9c0SBrian Somers   log_Printf(LogDEBUG, "pap_Req: namelen = %d, keylen = %d\n", namelen, keylen);
91f0cdd9c0SBrian Somers   log_Printf(LogPHASE, "Pap Output: %s ********\n", bundle->cfg.auth.name);
92f0cdd9c0SBrian Somers   if (*bundle->cfg.auth.name == '\0')
9393280d73SBrian Somers     log_Printf(LogWARN, "Sending empty PAP authname!\n");
94af57ed9fSAtsushi Murai   lh.code = PAP_REQUEST;
95f0cdd9c0SBrian Somers   lh.id = authp->id;
96af57ed9fSAtsushi Murai   lh.length = htons(plen + sizeof(struct fsmheader));
9726af0ae9SBrian Somers   bp = m_get(plen + sizeof(struct fsmheader), MB_PAPOUT);
9875240ed1SBrian Somers   memcpy(MBUF_CTOP(bp), &lh, sizeof(struct fsmheader));
99af57ed9fSAtsushi Murai   cp = MBUF_CTOP(bp) + sizeof(struct fsmheader);
100af57ed9fSAtsushi Murai   *cp++ = namelen;
101f0cdd9c0SBrian Somers   memcpy(cp, bundle->cfg.auth.name, namelen);
102af57ed9fSAtsushi Murai   cp += namelen;
103af57ed9fSAtsushi Murai   *cp++ = keylen;
104f0cdd9c0SBrian Somers   memcpy(cp, bundle->cfg.auth.key, keylen);
105442f8495SBrian Somers   link_PushPacket(&authp->physical->link, bp, bundle,
106442f8495SBrian Somers                   LINK_QUEUES(&authp->physical->link) - 1, PROTO_PAP);
107af57ed9fSAtsushi Murai }
108af57ed9fSAtsushi Murai 
109af57ed9fSAtsushi Murai static void
110f0cdd9c0SBrian Somers SendPapCode(struct authinfo *authp, int code, const char *message)
111af57ed9fSAtsushi Murai {
112af57ed9fSAtsushi Murai   struct fsmheader lh;
113af57ed9fSAtsushi Murai   struct mbuf *bp;
114af57ed9fSAtsushi Murai   u_char *cp;
115af57ed9fSAtsushi Murai   int plen, mlen;
116af57ed9fSAtsushi Murai 
117af57ed9fSAtsushi Murai   lh.code = code;
118f0cdd9c0SBrian Somers   lh.id = authp->id;
119af57ed9fSAtsushi Murai   mlen = strlen(message);
120af57ed9fSAtsushi Murai   plen = mlen + 1;
121af57ed9fSAtsushi Murai   lh.length = htons(plen + sizeof(struct fsmheader));
12226af0ae9SBrian Somers   bp = m_get(plen + sizeof(struct fsmheader), MB_PAPOUT);
12375240ed1SBrian Somers   memcpy(MBUF_CTOP(bp), &lh, sizeof(struct fsmheader));
124af57ed9fSAtsushi Murai   cp = MBUF_CTOP(bp) + sizeof(struct fsmheader);
125b5c3c9aeSBrian Somers   /*
126b5c3c9aeSBrian Somers    * If our message is longer than 255 bytes, truncate the length to
127b5c3c9aeSBrian Somers    * 255 and send the entire message anyway.  Maybe the other end will
128b5c3c9aeSBrian Somers    * display it... (see pap_Input() !)
129b5c3c9aeSBrian Somers    */
130b5c3c9aeSBrian Somers   *cp++ = mlen > 255 ? 255 : mlen;
13175240ed1SBrian Somers   memcpy(cp, message, mlen);
132dd7e2610SBrian Somers   log_Printf(LogPHASE, "Pap Output: %s\n", papcodes[code]);
133f0cdd9c0SBrian Somers 
1345d9e6103SBrian Somers   link_PushPacket(&authp->physical->link, bp, authp->physical->dl->bundle,
135442f8495SBrian Somers                   LINK_QUEUES(&authp->physical->link) - 1, PROTO_PAP);
136af57ed9fSAtsushi Murai }
137af57ed9fSAtsushi Murai 
138f0cdd9c0SBrian Somers static void
139f0cdd9c0SBrian Somers pap_Success(struct authinfo *authp)
140af57ed9fSAtsushi Murai {
141f0cdd9c0SBrian Somers   datalink_GotAuthname(authp->physical->dl, authp->in.name);
142f0cdd9c0SBrian Somers   SendPapCode(authp, PAP_ACK, "Greetings!!");
143f0cdd9c0SBrian Somers   authp->physical->link.lcp.auth_ineed = 0;
144f0cdd9c0SBrian Somers   if (Enabled(authp->physical->dl->bundle, OPT_UTMP))
145f0cdd9c0SBrian Somers     physical_Login(authp->physical, authp->in.name);
146af57ed9fSAtsushi Murai 
147f0cdd9c0SBrian Somers   if (authp->physical->link.lcp.auth_iwait == 0)
148455aabc3SBrian Somers     /*
149455aabc3SBrian Somers      * Either I didn't need to authenticate, or I've already been
150455aabc3SBrian Somers      * told that I got the answer right.
151455aabc3SBrian Somers      */
152f0cdd9c0SBrian Somers     datalink_AuthOk(authp->physical->dl);
153af57ed9fSAtsushi Murai }
154f0cdd9c0SBrian Somers 
155f0cdd9c0SBrian Somers static void
156f0cdd9c0SBrian Somers pap_Failure(struct authinfo *authp)
157f0cdd9c0SBrian Somers {
158f0cdd9c0SBrian Somers   SendPapCode(authp, PAP_NAK, "Login incorrect");
159f0cdd9c0SBrian Somers   datalink_AuthNotOk(authp->physical->dl);
160f0cdd9c0SBrian Somers }
161f0cdd9c0SBrian Somers 
162f0cdd9c0SBrian Somers void
163f0cdd9c0SBrian Somers pap_Init(struct authinfo *pap, struct physical *p)
164f0cdd9c0SBrian Somers {
165f0cdd9c0SBrian Somers   auth_Init(pap, p, pap_Req, pap_Success, pap_Failure);
166f0cdd9c0SBrian Somers }
167f0cdd9c0SBrian Somers 
1685d9e6103SBrian Somers struct mbuf *
1695d9e6103SBrian Somers pap_Input(struct bundle *bundle, struct link *l, struct mbuf *bp)
170f0cdd9c0SBrian Somers {
1715d9e6103SBrian Somers   struct physical *p = link2physical(l);
172f0cdd9c0SBrian Somers   struct authinfo *authp = &p->dl->pap;
173f0cdd9c0SBrian Somers   u_char nlen, klen, *key;
174b5c3c9aeSBrian Somers   const char *txt;
175b5c3c9aeSBrian Somers   int txtlen;
176f0cdd9c0SBrian Somers 
1775d9e6103SBrian Somers   if (p == NULL) {
1785d9e6103SBrian Somers     log_Printf(LogERROR, "pap_Input: Not a physical link - dropped\n");
17926af0ae9SBrian Somers     m_freem(bp);
1805d9e6103SBrian Somers     return NULL;
1815d9e6103SBrian Somers   }
1825d9e6103SBrian Somers 
1835d9e6103SBrian Somers   if (bundle_Phase(bundle) != PHASE_NETWORK &&
1845d9e6103SBrian Somers       bundle_Phase(bundle) != PHASE_AUTHENTICATE) {
18529b873f3SBrian Somers     log_Printf(LogPHASE, "Unexpected pap input - dropped !\n");
18626af0ae9SBrian Somers     m_freem(bp);
1875d9e6103SBrian Somers     return NULL;
18829b873f3SBrian Somers   }
18929b873f3SBrian Somers 
190b7ff18adSBrian Somers   if ((bp = auth_ReadHeader(authp, bp)) == NULL &&
191b7ff18adSBrian Somers       ntohs(authp->in.hdr.length) == 0) {
192b7ff18adSBrian Somers     log_Printf(LogWARN, "Pap Input: Truncated header !\n");
1935d9e6103SBrian Somers     return NULL;
194b7ff18adSBrian Somers   }
195f0cdd9c0SBrian Somers 
196f0cdd9c0SBrian Somers   if (authp->in.hdr.code == 0 || authp->in.hdr.code > MAXPAPCODE) {
197f0cdd9c0SBrian Somers     log_Printf(LogPHASE, "Pap Input: %d: Bad PAP code !\n", authp->in.hdr.code);
19826af0ae9SBrian Somers     m_freem(bp);
1995d9e6103SBrian Somers     return NULL;
200f0cdd9c0SBrian Somers   }
201f0cdd9c0SBrian Somers 
202f0cdd9c0SBrian Somers   if (authp->in.hdr.code != PAP_REQUEST && authp->id != authp->in.hdr.id &&
2035d9e6103SBrian Somers       Enabled(bundle, OPT_IDCHECK)) {
204f0cdd9c0SBrian Somers     /* Wrong conversation dude ! */
205f0cdd9c0SBrian Somers     log_Printf(LogPHASE, "Pap Input: %s dropped (got id %d, not %d)\n",
206f0cdd9c0SBrian Somers                papcodes[authp->in.hdr.code], authp->in.hdr.id, authp->id);
20726af0ae9SBrian Somers     m_freem(bp);
2085d9e6103SBrian Somers     return NULL;
209f0cdd9c0SBrian Somers   }
21026af0ae9SBrian Somers   m_settype(bp, MB_PAPIN);
211f0cdd9c0SBrian Somers   authp->id = authp->in.hdr.id;		/* We respond with this id */
212f0cdd9c0SBrian Somers 
213f0cdd9c0SBrian Somers   if (bp) {
214f0cdd9c0SBrian Somers     bp = mbuf_Read(bp, &nlen, 1);
215b5c3c9aeSBrian Somers     if (authp->in.hdr.code == PAP_ACK) {
216b5c3c9aeSBrian Somers       /*
217b5c3c9aeSBrian Somers        * Don't restrict the length of our acknowledgement freetext to
218b5c3c9aeSBrian Somers        * nlen (a one-byte length).  Show the rest of the ack packet
219b5c3c9aeSBrian Somers        * instead.  This isn't really part of the protocol.....
220b5c3c9aeSBrian Somers        */
22126af0ae9SBrian Somers       bp = m_pullup(bp);
222b5c3c9aeSBrian Somers       txt = MBUF_CTOP(bp);
22326af0ae9SBrian Somers       txtlen = m_length(bp);
224b5c3c9aeSBrian Somers     } else {
225f0cdd9c0SBrian Somers       bp = auth_ReadName(authp, bp, nlen);
226b5c3c9aeSBrian Somers       txt = authp->in.name;
227b5c3c9aeSBrian Somers       txtlen = strlen(authp->in.name);
228b5c3c9aeSBrian Somers     }
229b5c3c9aeSBrian Somers   } else {
230b5c3c9aeSBrian Somers     txt = "";
231b5c3c9aeSBrian Somers     txtlen = 0;
232f0cdd9c0SBrian Somers   }
233f0cdd9c0SBrian Somers 
234b5c3c9aeSBrian Somers   log_Printf(LogPHASE, "Pap Input: %s (%.*s)\n",
235b5c3c9aeSBrian Somers              papcodes[authp->in.hdr.code], txtlen, txt);
236f0cdd9c0SBrian Somers 
237f0cdd9c0SBrian Somers   switch (authp->in.hdr.code) {
238f0cdd9c0SBrian Somers     case PAP_REQUEST:
239f0cdd9c0SBrian Somers       if (bp == NULL) {
240f0cdd9c0SBrian Somers         log_Printf(LogPHASE, "Pap Input: No key given !\n");
241af57ed9fSAtsushi Murai         break;
242f0cdd9c0SBrian Somers       }
243f0cdd9c0SBrian Somers       bp = mbuf_Read(bp, &klen, 1);
24426af0ae9SBrian Somers       if (m_length(bp) < klen) {
245f0cdd9c0SBrian Somers         log_Printf(LogERROR, "Pap Input: Truncated key !\n");
246f0cdd9c0SBrian Somers         break;
247f0cdd9c0SBrian Somers       }
248f0cdd9c0SBrian Somers       if ((key = malloc(klen+1)) == NULL) {
249f0cdd9c0SBrian Somers         log_Printf(LogERROR, "Pap Input: Out of memory !\n");
250f0cdd9c0SBrian Somers         break;
251f0cdd9c0SBrian Somers       }
252f0cdd9c0SBrian Somers       bp = mbuf_Read(bp, key, klen);
253f0cdd9c0SBrian Somers       key[klen] = '\0';
254f0cdd9c0SBrian Somers 
255f0cdd9c0SBrian Somers #ifndef NORADIUS
2565d9e6103SBrian Somers       if (*bundle->radius.cfg.file)
2575d9e6103SBrian Somers         radius_Authenticate(&bundle->radius, authp, authp->in.name,
25850ca6ec3SBrian Somers                             key, strlen(key), NULL, 0);
259f0cdd9c0SBrian Somers       else
260f0cdd9c0SBrian Somers #endif
2615d9e6103SBrian Somers       if (auth_Validate(bundle, authp->in.name, key, p))
262f0cdd9c0SBrian Somers         pap_Success(authp);
263f0cdd9c0SBrian Somers       else
264f0cdd9c0SBrian Somers         pap_Failure(authp);
265f0cdd9c0SBrian Somers 
266f0cdd9c0SBrian Somers       free(key);
267f0cdd9c0SBrian Somers       break;
268f0cdd9c0SBrian Somers 
269af57ed9fSAtsushi Murai     case PAP_ACK:
270f0cdd9c0SBrian Somers       auth_StopTimer(authp);
271f0cdd9c0SBrian Somers       if (p->link.lcp.auth_iwait == PROTO_PAP) {
272f0cdd9c0SBrian Somers         p->link.lcp.auth_iwait = 0;
273f0cdd9c0SBrian Somers         if (p->link.lcp.auth_ineed == 0)
274455aabc3SBrian Somers           /*
275455aabc3SBrian Somers            * We've succeeded in our ``login''
276455aabc3SBrian Somers            * If we're not expecting  the peer to authenticate (or he already
277455aabc3SBrian Somers            * has), proceed to network phase.
278455aabc3SBrian Somers            */
279f0cdd9c0SBrian Somers           datalink_AuthOk(p->dl);
280af57ed9fSAtsushi Murai       }
281af57ed9fSAtsushi Murai       break;
282f0cdd9c0SBrian Somers 
283af57ed9fSAtsushi Murai     case PAP_NAK:
284f0cdd9c0SBrian Somers       auth_StopTimer(authp);
285f0cdd9c0SBrian Somers       datalink_AuthNotOk(p->dl);
286af57ed9fSAtsushi Murai       break;
287af57ed9fSAtsushi Murai   }
288f0cdd9c0SBrian Somers 
28926af0ae9SBrian Somers   m_freem(bp);
2905d9e6103SBrian Somers   return NULL;
291af57ed9fSAtsushi Murai }
292