xref: /titanic_41/usr/src/cmd/cmd-inet/usr.bin/pppd/chap.h (revision 72f0806acd90f56fb47a8087c33cfeaec527fdda)
1 /*
2  * chap.h - Challenge Handshake Authentication Protocol definitions.
3  *
4  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
5  * Use is subject to license terms.
6  *
7  * Copyright (c) 1993 The Australian National University.
8  * All rights reserved.
9  *
10  * Redistribution and use in source and binary forms are permitted
11  * provided that the above copyright notice and this paragraph are
12  * duplicated in all such forms and that any documentation,
13  * advertising materials, and other materials related to such
14  * distribution and use acknowledge that the software was developed
15  * by the Australian National University.  The name of the University
16  * may not be used to endorse or promote products derived from this
17  * software without specific prior written permission.
18  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
19  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
20  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
21  *
22  * Copyright (c) 1991 Gregory M. Christy
23  * All rights reserved.
24  *
25  * Redistribution and use in source and binary forms are permitted
26  * provided that the above copyright notice and this paragraph are
27  * duplicated in all such forms and that any documentation,
28  * advertising materials, and other materials related to such
29  * distribution and use acknowledge that the software was developed
30  * by the author.
31  *
32  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
33  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
34  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
35  *
36  * $Id: chap.h,v 1.8 1999/11/15 01:44:41 paulus Exp $
37  */
38 
39 #ifndef __CHAP_INCLUDE__
40 #define __CHAP_INCLUDE__
41 
42 /* Code + ID + length */
43 #define CHAP_HEADERLEN		4
44 
45 #define CHAP_DIGEST_MD5		5	/* use MD5 algorithm */
46 #define MD5_SIGNATURE_SIZE	16	/* 16 bytes in a MD5 message digest */
47 #define CHAP_MICROSOFT		0x80	/* use Microsoft-compatible alg. */
48 #define CHAP_MICROSOFT_V2	0x81	/* use MS-CHAPv2 */
49 
50 #define	CHECK_CHALLENGE_LENGTH	8	/* Minimum acceptable challenge */
51 
52 /*
53  * CHAP message code numbers.
54  */
55 #define CHAP_CHALLENGE		1
56 #define CHAP_RESPONSE		2
57 #define CHAP_SUCCESS		3
58 #define CHAP_FAILURE    	4
59 
60 /*
61  *  Challenge lengths (for challenges we send) and other limits.
62  */
63 #define MIN_CHALLENGE_LENGTH	16
64 #define MAX_CHALLENGE_LENGTH	24
65 #define MAX_RESPONSE_LENGTH	64	/* sufficient for MD5 or MS-CHAP */
66 /* These are here to remind people of the buffer limits */
67 #define	MS_CHAP_RESPONSE_LEN	49	/* Response length for MS-CHAP */
68 #define MS_CHAPV2_RESPONSE_LEN	49	/* Response length for MS-CHAPv2 */
69 
70 /*
71  * Each interface is described by a chap structure.
72  */
73 
74 typedef struct chap_state {
75     int unit;			/* Interface unit number */
76     int clientstate;		/* Client state */
77     int serverstate;		/* Server state */
78     char peercname[MAXNAMELEN];	/* unauthenticated peer name in challenge */
79     u_char challenge[MAX_CHALLENGE_LENGTH]; /* last challenge string sent */
80     u_char chal_len;		/* challenge length */
81     u_char chal_id;		/* ID of last challenge */
82     u_char chal_type;		/* hash algorithm for challenges */
83     u_char id;			/* Current id */
84     char *chal_name;		/* Our name to use with challenge */
85     int chal_interval;		/* Time until we challenge peer again */
86     int timeouttime;		/* Timeout time in seconds */
87     int max_transmits;		/* Maximum # of challenge transmissions */
88     int chal_transmits;		/* Number of transmissions of challenge */
89     int resp_transmits;		/* Number of transmissions of response */
90     u_char response[MAX_RESPONSE_LENGTH];	/* Response to send */
91     u_char resp_length;		/* length of response */
92     u_char resp_id;		/* ID for response messages */
93     u_char resp_type;		/* hash algorithm for responses */
94     u_char stat_length;		/* Length of status message (MS-CHAP) */
95     char *resp_name;		/* Our name to send with response */
96     char *stat_message;		/* per-algorithm status message (MS-CHAP) */
97     int rename_count;		/* number of peer renames seen */
98 } chap_state;
99 
100 
101 /*
102  * Client (authenticatee) states.
103  */
104 #define CHAPCS_INITIAL		0	/* Lower layer down, not opened */
105 #define CHAPCS_CLOSED		1	/* Lower layer up, not opened */
106 #define CHAPCS_PENDING		2	/* Auth us to peer when lower up */
107 #define CHAPCS_LISTEN		3	/* Listening for a challenge */
108 #define CHAPCS_RESPONSE		4	/* Sent response, waiting for status */
109 #define CHAPCS_OPEN		5	/* We've received Success */
110 
111 #define	CHAPCS__LIST	\
112 	"Initial", "Closed", "Pending", "Listen", \
113 	"Response", "Open"
114 
115 /*
116  * Server (authenticator) states.
117  */
118 #define CHAPSS_INITIAL		0	/* Lower layer down, not opened */
119 #define CHAPSS_CLOSED		1	/* Lower layer up, not opened */
120 #define CHAPSS_PENDING		2	/* Auth peer when lower up */
121 #define CHAPSS_INITIAL_CHAL	3	/* We've sent the first challenge */
122 #define CHAPSS_OPEN		4	/* We've sent a Success msg */
123 #define CHAPSS_RECHALLENGE	5	/* We've sent another challenge */
124 #define CHAPSS_BADAUTH		6	/* We've sent a Failure msg */
125 
126 #define	CHAPSS__LIST	\
127 	"Initial", "Closed", "Pending", "InitialChal", \
128 	"Open", "Rechallenge", "BadAuth"
129 
130 /*
131  * Timeouts.
132  */
133 #define CHAP_DEFTIMEOUT		3	/* Timeout time in seconds */
134 #define CHAP_DEFTRANSMITS	10	/* max # times to send challenge */
135 
136 extern chap_state chap[];
137 
138 void ChapAuthWithPeer __P((int, char *, int));
139 void ChapAuthPeer __P((int, char *, int));
140 
141 extern struct protent chap_protent;
142 
143 #endif /* __CHAP_INCLUDE__ */
144