165309e5cSBrian Somers /*- 265309e5cSBrian Somers * Copyright (c) 1996 - 2001 Brian Somers <brian@Awfulhak.org> 365309e5cSBrian Somers * based on work by Toshiharu OHNO <tony-o@iij.ad.jp> 465309e5cSBrian Somers * Internet Initiative Japan, Inc (IIJ) 565309e5cSBrian Somers * All rights reserved. 6af57ed9fSAtsushi Murai * 765309e5cSBrian Somers * Redistribution and use in source and binary forms, with or without 865309e5cSBrian Somers * modification, are permitted provided that the following conditions 965309e5cSBrian Somers * are met: 1065309e5cSBrian Somers * 1. Redistributions of source code must retain the above copyright 1165309e5cSBrian Somers * notice, this list of conditions and the following disclaimer. 1265309e5cSBrian Somers * 2. Redistributions in binary form must reproduce the above copyright 1365309e5cSBrian Somers * notice, this list of conditions and the following disclaimer in the 1465309e5cSBrian Somers * documentation and/or other materials provided with the distribution. 15af57ed9fSAtsushi Murai * 1665309e5cSBrian Somers * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 1765309e5cSBrian Somers * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 1865309e5cSBrian Somers * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 1965309e5cSBrian Somers * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 2065309e5cSBrian Somers * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2165309e5cSBrian Somers * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2265309e5cSBrian Somers * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2365309e5cSBrian Somers * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2465309e5cSBrian Somers * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2565309e5cSBrian Somers * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2665309e5cSBrian Somers * SUCH DAMAGE. 27af57ed9fSAtsushi Murai * 2897d92980SPeter Wemm * $FreeBSD$ 29af57ed9fSAtsushi Murai */ 3065309e5cSBrian Somers 31972a1bcfSBrian Somers #include <sys/param.h> 3275240ed1SBrian Somers #include <netinet/in.h> 33eaa4df37SBrian Somers #include <netinet/in_systm.h> 34eaa4df37SBrian Somers #include <netinet/ip.h> 3530949fd4SBrian Somers #include <sys/socket.h> 361fa665f5SBrian Somers #include <sys/un.h> 3775240ed1SBrian Somers 38f0cdd9c0SBrian Somers #include <stdlib.h> 39eb6e5e05SBrian Somers #include <string.h> /* strlen/memcpy */ 406140ba11SBrian Somers #include <termios.h> 4175240ed1SBrian Somers 425d9e6103SBrian Somers #include "layer.h" 4375240ed1SBrian Somers #include "mbuf.h" 4475240ed1SBrian Somers #include "log.h" 4575240ed1SBrian Somers #include "defs.h" 4675240ed1SBrian Somers #include "timer.h" 47af57ed9fSAtsushi Murai #include "fsm.h" 48e2ebb036SBrian Somers #include "auth.h" 49af57ed9fSAtsushi Murai #include "pap.h" 50879ed6faSBrian Somers #include "lqr.h" 51af57ed9fSAtsushi Murai #include "hdlc.h" 521038894eSBrian Somers #include "lcp.h" 535d9e6103SBrian Somers #include "proto.h" 546140ba11SBrian Somers #include "async.h" 556140ba11SBrian Somers #include "throughput.h" 563b0f8d2eSBrian Somers #include "ccp.h" 576140ba11SBrian Somers #include "link.h" 5842d4d396SBrian Somers #include "descriptor.h" 5963b73463SBrian Somers #include "physical.h" 605828db6dSBrian Somers #include "iplist.h" 61eaa4df37SBrian Somers #include "slcompress.h" 6230949fd4SBrian Somers #include "ncpaddr.h" 6330949fd4SBrian Somers #include "ip.h" 645828db6dSBrian Somers #include "ipcp.h" 655ca5389aSBrian Somers #include "filter.h" 663b0f8d2eSBrian Somers #include "mp.h" 67972a1bcfSBrian Somers #ifndef NORADIUS 68972a1bcfSBrian Somers #include "radius.h" 69972a1bcfSBrian Somers #endif 7030949fd4SBrian Somers #include "ipv6cp.h" 7130949fd4SBrian Somers #include "ncp.h" 72455aabc3SBrian Somers #include "bundle.h" 73e2ebb036SBrian Somers #include "chat.h" 74e2ebb036SBrian Somers #include "chap.h" 7592b09558SBrian Somers #include "cbcp.h" 76e2ebb036SBrian Somers #include "datalink.h" 77af57ed9fSAtsushi Murai 78182c898aSBrian Somers static const char * const papcodes[] = { 79182c898aSBrian Somers "???", "REQUEST", "SUCCESS", "FAILURE" 80182c898aSBrian Somers }; 81f0cdd9c0SBrian Somers #define MAXPAPCODE (sizeof papcodes / sizeof papcodes[0] - 1) 82af57ed9fSAtsushi Murai 83f0cdd9c0SBrian Somers static void 84f0cdd9c0SBrian Somers pap_Req(struct authinfo *authp) 85af57ed9fSAtsushi Murai { 86f0cdd9c0SBrian Somers struct bundle *bundle = authp->physical->dl->bundle; 87af57ed9fSAtsushi Murai struct fsmheader lh; 88af57ed9fSAtsushi Murai struct mbuf *bp; 89af57ed9fSAtsushi Murai u_char *cp; 90af57ed9fSAtsushi Murai int namelen, keylen, plen; 91af57ed9fSAtsushi Murai 92f0cdd9c0SBrian Somers namelen = strlen(bundle->cfg.auth.name); 93f0cdd9c0SBrian Somers keylen = strlen(bundle->cfg.auth.key); 94af57ed9fSAtsushi Murai plen = namelen + keylen + 2; 95f0cdd9c0SBrian Somers log_Printf(LogDEBUG, "pap_Req: namelen = %d, keylen = %d\n", namelen, keylen); 96f0cdd9c0SBrian Somers log_Printf(LogPHASE, "Pap Output: %s ********\n", bundle->cfg.auth.name); 97f0cdd9c0SBrian Somers if (*bundle->cfg.auth.name == '\0') 9893280d73SBrian Somers log_Printf(LogWARN, "Sending empty PAP authname!\n"); 99af57ed9fSAtsushi Murai lh.code = PAP_REQUEST; 100f0cdd9c0SBrian Somers lh.id = authp->id; 101af57ed9fSAtsushi Murai lh.length = htons(plen + sizeof(struct fsmheader)); 10226af0ae9SBrian Somers bp = m_get(plen + sizeof(struct fsmheader), MB_PAPOUT); 10375240ed1SBrian Somers memcpy(MBUF_CTOP(bp), &lh, sizeof(struct fsmheader)); 104af57ed9fSAtsushi Murai cp = MBUF_CTOP(bp) + sizeof(struct fsmheader); 105af57ed9fSAtsushi Murai *cp++ = namelen; 106f0cdd9c0SBrian Somers memcpy(cp, bundle->cfg.auth.name, namelen); 107af57ed9fSAtsushi Murai cp += namelen; 108af57ed9fSAtsushi Murai *cp++ = keylen; 109f0cdd9c0SBrian Somers memcpy(cp, bundle->cfg.auth.key, keylen); 110442f8495SBrian Somers link_PushPacket(&authp->physical->link, bp, bundle, 111442f8495SBrian Somers LINK_QUEUES(&authp->physical->link) - 1, PROTO_PAP); 112af57ed9fSAtsushi Murai } 113af57ed9fSAtsushi Murai 114af57ed9fSAtsushi Murai static void 115f0cdd9c0SBrian Somers SendPapCode(struct authinfo *authp, int code, const char *message) 116af57ed9fSAtsushi Murai { 117af57ed9fSAtsushi Murai struct fsmheader lh; 118af57ed9fSAtsushi Murai struct mbuf *bp; 119af57ed9fSAtsushi Murai u_char *cp; 120af57ed9fSAtsushi Murai int plen, mlen; 121af57ed9fSAtsushi Murai 122af57ed9fSAtsushi Murai lh.code = code; 123f0cdd9c0SBrian Somers lh.id = authp->id; 124af57ed9fSAtsushi Murai mlen = strlen(message); 125af57ed9fSAtsushi Murai plen = mlen + 1; 126af57ed9fSAtsushi Murai lh.length = htons(plen + sizeof(struct fsmheader)); 12726af0ae9SBrian Somers bp = m_get(plen + sizeof(struct fsmheader), MB_PAPOUT); 12875240ed1SBrian Somers memcpy(MBUF_CTOP(bp), &lh, sizeof(struct fsmheader)); 129af57ed9fSAtsushi Murai cp = MBUF_CTOP(bp) + sizeof(struct fsmheader); 130b5c3c9aeSBrian Somers /* 131b5c3c9aeSBrian Somers * If our message is longer than 255 bytes, truncate the length to 132b5c3c9aeSBrian Somers * 255 and send the entire message anyway. Maybe the other end will 133b5c3c9aeSBrian Somers * display it... (see pap_Input() !) 134b5c3c9aeSBrian Somers */ 135b5c3c9aeSBrian Somers *cp++ = mlen > 255 ? 255 : mlen; 13675240ed1SBrian Somers memcpy(cp, message, mlen); 137dd7e2610SBrian Somers log_Printf(LogPHASE, "Pap Output: %s\n", papcodes[code]); 138f0cdd9c0SBrian Somers 1395d9e6103SBrian Somers link_PushPacket(&authp->physical->link, bp, authp->physical->dl->bundle, 140442f8495SBrian Somers LINK_QUEUES(&authp->physical->link) - 1, PROTO_PAP); 141af57ed9fSAtsushi Murai } 142af57ed9fSAtsushi Murai 143f0cdd9c0SBrian Somers static void 144f0cdd9c0SBrian Somers pap_Success(struct authinfo *authp) 145af57ed9fSAtsushi Murai { 146ff8e577bSBrian Somers struct bundle *bundle = authp->physical->dl->bundle; 147ff8e577bSBrian Somers 148f0cdd9c0SBrian Somers datalink_GotAuthname(authp->physical->dl, authp->in.name); 149ff8e577bSBrian Somers #ifndef NORADIUS 150ff8e577bSBrian Somers if (*bundle->radius.cfg.file && bundle->radius.repstr) 151ff8e577bSBrian Somers SendPapCode(authp, PAP_ACK, bundle->radius.repstr); 152ff8e577bSBrian Somers else 153ff8e577bSBrian Somers #endif 154f0cdd9c0SBrian Somers SendPapCode(authp, PAP_ACK, "Greetings!!"); 155f0cdd9c0SBrian Somers authp->physical->link.lcp.auth_ineed = 0; 156ff8e577bSBrian Somers if (Enabled(bundle, OPT_UTMP)) 157f0cdd9c0SBrian Somers physical_Login(authp->physical, authp->in.name); 158af57ed9fSAtsushi Murai 159f0cdd9c0SBrian Somers if (authp->physical->link.lcp.auth_iwait == 0) 160455aabc3SBrian Somers /* 161455aabc3SBrian Somers * Either I didn't need to authenticate, or I've already been 162455aabc3SBrian Somers * told that I got the answer right. 163455aabc3SBrian Somers */ 164f0cdd9c0SBrian Somers datalink_AuthOk(authp->physical->dl); 165af57ed9fSAtsushi Murai } 166f0cdd9c0SBrian Somers 167f0cdd9c0SBrian Somers static void 168f0cdd9c0SBrian Somers pap_Failure(struct authinfo *authp) 169f0cdd9c0SBrian Somers { 170f0cdd9c0SBrian Somers SendPapCode(authp, PAP_NAK, "Login incorrect"); 171f0cdd9c0SBrian Somers datalink_AuthNotOk(authp->physical->dl); 172f0cdd9c0SBrian Somers } 173f0cdd9c0SBrian Somers 174f0cdd9c0SBrian Somers void 175f0cdd9c0SBrian Somers pap_Init(struct authinfo *pap, struct physical *p) 176f0cdd9c0SBrian Somers { 177f0cdd9c0SBrian Somers auth_Init(pap, p, pap_Req, pap_Success, pap_Failure); 178f0cdd9c0SBrian Somers } 179f0cdd9c0SBrian Somers 1805d9e6103SBrian Somers struct mbuf * 1815d9e6103SBrian Somers pap_Input(struct bundle *bundle, struct link *l, struct mbuf *bp) 182f0cdd9c0SBrian Somers { 1835d9e6103SBrian Somers struct physical *p = link2physical(l); 184f0cdd9c0SBrian Somers struct authinfo *authp = &p->dl->pap; 185f0cdd9c0SBrian Somers u_char nlen, klen, *key; 186b5c3c9aeSBrian Somers const char *txt; 187b5c3c9aeSBrian Somers int txtlen; 188f0cdd9c0SBrian Somers 1895d9e6103SBrian Somers if (p == NULL) { 1905d9e6103SBrian Somers log_Printf(LogERROR, "pap_Input: Not a physical link - dropped\n"); 19126af0ae9SBrian Somers m_freem(bp); 1925d9e6103SBrian Somers return NULL; 1935d9e6103SBrian Somers } 1945d9e6103SBrian Somers 1955d9e6103SBrian Somers if (bundle_Phase(bundle) != PHASE_NETWORK && 1965d9e6103SBrian Somers bundle_Phase(bundle) != PHASE_AUTHENTICATE) { 19729b873f3SBrian Somers log_Printf(LogPHASE, "Unexpected pap input - dropped !\n"); 19826af0ae9SBrian Somers m_freem(bp); 1995d9e6103SBrian Somers return NULL; 20029b873f3SBrian Somers } 20129b873f3SBrian Somers 202b7ff18adSBrian Somers if ((bp = auth_ReadHeader(authp, bp)) == NULL && 203b7ff18adSBrian Somers ntohs(authp->in.hdr.length) == 0) { 204b7ff18adSBrian Somers log_Printf(LogWARN, "Pap Input: Truncated header !\n"); 2055d9e6103SBrian Somers return NULL; 206b7ff18adSBrian Somers } 207f0cdd9c0SBrian Somers 208f0cdd9c0SBrian Somers if (authp->in.hdr.code == 0 || authp->in.hdr.code > MAXPAPCODE) { 209f0cdd9c0SBrian Somers log_Printf(LogPHASE, "Pap Input: %d: Bad PAP code !\n", authp->in.hdr.code); 21026af0ae9SBrian Somers m_freem(bp); 2115d9e6103SBrian Somers return NULL; 212f0cdd9c0SBrian Somers } 213f0cdd9c0SBrian Somers 214f0cdd9c0SBrian Somers if (authp->in.hdr.code != PAP_REQUEST && authp->id != authp->in.hdr.id && 2155d9e6103SBrian Somers Enabled(bundle, OPT_IDCHECK)) { 216f0cdd9c0SBrian Somers /* Wrong conversation dude ! */ 217f0cdd9c0SBrian Somers log_Printf(LogPHASE, "Pap Input: %s dropped (got id %d, not %d)\n", 218f0cdd9c0SBrian Somers papcodes[authp->in.hdr.code], authp->in.hdr.id, authp->id); 21926af0ae9SBrian Somers m_freem(bp); 2205d9e6103SBrian Somers return NULL; 221f0cdd9c0SBrian Somers } 22226af0ae9SBrian Somers m_settype(bp, MB_PAPIN); 223f0cdd9c0SBrian Somers authp->id = authp->in.hdr.id; /* We respond with this id */ 224f0cdd9c0SBrian Somers 225f0cdd9c0SBrian Somers if (bp) { 226f0cdd9c0SBrian Somers bp = mbuf_Read(bp, &nlen, 1); 227b5c3c9aeSBrian Somers if (authp->in.hdr.code == PAP_ACK) { 228b5c3c9aeSBrian Somers /* 229b5c3c9aeSBrian Somers * Don't restrict the length of our acknowledgement freetext to 230b5c3c9aeSBrian Somers * nlen (a one-byte length). Show the rest of the ack packet 231b5c3c9aeSBrian Somers * instead. This isn't really part of the protocol..... 232b5c3c9aeSBrian Somers */ 23326af0ae9SBrian Somers bp = m_pullup(bp); 234b5c3c9aeSBrian Somers txt = MBUF_CTOP(bp); 23526af0ae9SBrian Somers txtlen = m_length(bp); 236b5c3c9aeSBrian Somers } else { 237f0cdd9c0SBrian Somers bp = auth_ReadName(authp, bp, nlen); 238b5c3c9aeSBrian Somers txt = authp->in.name; 239b5c3c9aeSBrian Somers txtlen = strlen(authp->in.name); 240b5c3c9aeSBrian Somers } 241b5c3c9aeSBrian Somers } else { 242b5c3c9aeSBrian Somers txt = ""; 243b5c3c9aeSBrian Somers txtlen = 0; 244f0cdd9c0SBrian Somers } 245f0cdd9c0SBrian Somers 246b5c3c9aeSBrian Somers log_Printf(LogPHASE, "Pap Input: %s (%.*s)\n", 247b5c3c9aeSBrian Somers papcodes[authp->in.hdr.code], txtlen, txt); 248f0cdd9c0SBrian Somers 249f0cdd9c0SBrian Somers switch (authp->in.hdr.code) { 250f0cdd9c0SBrian Somers case PAP_REQUEST: 251f0cdd9c0SBrian Somers if (bp == NULL) { 252f0cdd9c0SBrian Somers log_Printf(LogPHASE, "Pap Input: No key given !\n"); 253af57ed9fSAtsushi Murai break; 254f0cdd9c0SBrian Somers } 255f0cdd9c0SBrian Somers bp = mbuf_Read(bp, &klen, 1); 25626af0ae9SBrian Somers if (m_length(bp) < klen) { 257f0cdd9c0SBrian Somers log_Printf(LogERROR, "Pap Input: Truncated key !\n"); 258f0cdd9c0SBrian Somers break; 259f0cdd9c0SBrian Somers } 260f0cdd9c0SBrian Somers if ((key = malloc(klen+1)) == NULL) { 261f0cdd9c0SBrian Somers log_Printf(LogERROR, "Pap Input: Out of memory !\n"); 262f0cdd9c0SBrian Somers break; 263f0cdd9c0SBrian Somers } 264f0cdd9c0SBrian Somers bp = mbuf_Read(bp, key, klen); 265f0cdd9c0SBrian Somers key[klen] = '\0'; 266f0cdd9c0SBrian Somers 267f0cdd9c0SBrian Somers #ifndef NORADIUS 2685d9e6103SBrian Somers if (*bundle->radius.cfg.file) 2695d9e6103SBrian Somers radius_Authenticate(&bundle->radius, authp, authp->in.name, 27050ca6ec3SBrian Somers key, strlen(key), NULL, 0); 271f0cdd9c0SBrian Somers else 272f0cdd9c0SBrian Somers #endif 2735d9e6103SBrian Somers if (auth_Validate(bundle, authp->in.name, key, p)) 274f0cdd9c0SBrian Somers pap_Success(authp); 275f0cdd9c0SBrian Somers else 276f0cdd9c0SBrian Somers pap_Failure(authp); 277f0cdd9c0SBrian Somers 278f0cdd9c0SBrian Somers free(key); 279f0cdd9c0SBrian Somers break; 280f0cdd9c0SBrian Somers 281af57ed9fSAtsushi Murai case PAP_ACK: 282f0cdd9c0SBrian Somers auth_StopTimer(authp); 283f0cdd9c0SBrian Somers if (p->link.lcp.auth_iwait == PROTO_PAP) { 284f0cdd9c0SBrian Somers p->link.lcp.auth_iwait = 0; 285f0cdd9c0SBrian Somers if (p->link.lcp.auth_ineed == 0) 286455aabc3SBrian Somers /* 287455aabc3SBrian Somers * We've succeeded in our ``login'' 288455aabc3SBrian Somers * If we're not expecting the peer to authenticate (or he already 289455aabc3SBrian Somers * has), proceed to network phase. 290455aabc3SBrian Somers */ 291f0cdd9c0SBrian Somers datalink_AuthOk(p->dl); 292af57ed9fSAtsushi Murai } 293af57ed9fSAtsushi Murai break; 294f0cdd9c0SBrian Somers 295af57ed9fSAtsushi Murai case PAP_NAK: 296f0cdd9c0SBrian Somers auth_StopTimer(authp); 297f0cdd9c0SBrian Somers datalink_AuthNotOk(p->dl); 298af57ed9fSAtsushi Murai break; 299af57ed9fSAtsushi Murai } 300f0cdd9c0SBrian Somers 30126af0ae9SBrian Somers m_freem(bp); 3025d9e6103SBrian Somers return NULL; 303af57ed9fSAtsushi Murai } 304