xref: /titanic_50/usr/src/cmd/cmd-inet/usr.bin/pppd/chap.h (revision 2df1fe9ca32bb227b9158c67f5c00b54c20b10fd)
1 /*
2  * chap.h - Challenge Handshake Authentication Protocol definitions.
3  *
4  * Copyright (c) 2000 by Sun Microsystems, Inc.
5  * All rights reserved.
6  *
7  * Copyright (c) 1993 The Australian National University.
8  * All rights reserved.
9  *
10  * Redistribution and use in source and binary forms are permitted
11  * provided that the above copyright notice and this paragraph are
12  * duplicated in all such forms and that any documentation,
13  * advertising materials, and other materials related to such
14  * distribution and use acknowledge that the software was developed
15  * by the Australian National University.  The name of the University
16  * may not be used to endorse or promote products derived from this
17  * software without specific prior written permission.
18  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
19  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
20  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
21  *
22  * Copyright (c) 1991 Gregory M. Christy
23  * All rights reserved.
24  *
25  * Redistribution and use in source and binary forms are permitted
26  * provided that the above copyright notice and this paragraph are
27  * duplicated in all such forms and that any documentation,
28  * advertising materials, and other materials related to such
29  * distribution and use acknowledge that the software was developed
30  * by the author.
31  *
32  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
33  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
34  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
35  *
36  * $Id: chap.h,v 1.8 1999/11/15 01:44:41 paulus Exp $
37  */
38 
39 #pragma ident	"%Z%%M%	%I%	%E% SMI"
40 
41 #ifndef __CHAP_INCLUDE__
42 #define __CHAP_INCLUDE__
43 
44 /* Code + ID + length */
45 #define CHAP_HEADERLEN		4
46 
47 #define CHAP_DIGEST_MD5		5	/* use MD5 algorithm */
48 #define MD5_SIGNATURE_SIZE	16	/* 16 bytes in a MD5 message digest */
49 #define CHAP_MICROSOFT		0x80	/* use Microsoft-compatible alg. */
50 #define CHAP_MICROSOFT_V2	0x81	/* use MS-CHAPv2 */
51 
52 #define	CHECK_CHALLENGE_LENGTH	8	/* Minimum acceptable challenge */
53 
54 /*
55  * CHAP message code numbers.
56  */
57 #define CHAP_CHALLENGE		1
58 #define CHAP_RESPONSE		2
59 #define CHAP_SUCCESS		3
60 #define CHAP_FAILURE    	4
61 
62 /*
63  *  Challenge lengths (for challenges we send) and other limits.
64  */
65 #define MIN_CHALLENGE_LENGTH	16
66 #define MAX_CHALLENGE_LENGTH	24
67 #define MAX_RESPONSE_LENGTH	64	/* sufficient for MD5 or MS-CHAP */
68 /* These are here to remind people of the buffer limits */
69 #define	MS_CHAP_RESPONSE_LEN	49	/* Response length for MS-CHAP */
70 #define MS_CHAPV2_RESPONSE_LEN	49	/* Response length for MS-CHAPv2 */
71 
72 /*
73  * Each interface is described by a chap structure.
74  */
75 
76 typedef struct chap_state {
77     int unit;			/* Interface unit number */
78     int clientstate;		/* Client state */
79     int serverstate;		/* Server state */
80     char peercname[MAXNAMELEN];	/* unauthenticated peer name in challenge */
81     u_char challenge[MAX_CHALLENGE_LENGTH]; /* last challenge string sent */
82     u_char chal_len;		/* challenge length */
83     u_char chal_id;		/* ID of last challenge */
84     u_char chal_type;		/* hash algorithm for challenges */
85     u_char id;			/* Current id */
86     char *chal_name;		/* Our name to use with challenge */
87     int chal_interval;		/* Time until we challenge peer again */
88     int timeouttime;		/* Timeout time in seconds */
89     int max_transmits;		/* Maximum # of challenge transmissions */
90     int chal_transmits;		/* Number of transmissions of challenge */
91     int resp_transmits;		/* Number of transmissions of response */
92     u_char response[MAX_RESPONSE_LENGTH];	/* Response to send */
93     u_char resp_length;		/* length of response */
94     u_char resp_id;		/* ID for response messages */
95     u_char resp_type;		/* hash algorithm for responses */
96     u_char stat_length;		/* Length of status message (MS-CHAP) */
97     char *resp_name;		/* Our name to send with response */
98     char *stat_message;		/* per-algorithm status message (MS-CHAP) */
99 } chap_state;
100 
101 
102 /*
103  * Client (authenticatee) states.
104  */
105 #define CHAPCS_INITIAL		0	/* Lower layer down, not opened */
106 #define CHAPCS_CLOSED		1	/* Lower layer up, not opened */
107 #define CHAPCS_PENDING		2	/* Auth us to peer when lower up */
108 #define CHAPCS_LISTEN		3	/* Listening for a challenge */
109 #define CHAPCS_RESPONSE		4	/* Sent response, waiting for status */
110 #define CHAPCS_OPEN		5	/* We've received Success */
111 
112 #define	CHAPCS__LIST	\
113 	"Initial", "Closed", "Pending", "Listen", \
114 	"Response", "Open"
115 
116 /*
117  * Server (authenticator) states.
118  */
119 #define CHAPSS_INITIAL		0	/* Lower layer down, not opened */
120 #define CHAPSS_CLOSED		1	/* Lower layer up, not opened */
121 #define CHAPSS_PENDING		2	/* Auth peer when lower up */
122 #define CHAPSS_INITIAL_CHAL	3	/* We've sent the first challenge */
123 #define CHAPSS_OPEN		4	/* We've sent a Success msg */
124 #define CHAPSS_RECHALLENGE	5	/* We've sent another challenge */
125 #define CHAPSS_BADAUTH		6	/* We've sent a Failure msg */
126 
127 #define	CHAPSS__LIST	\
128 	"Initial", "Closed", "Pending", "InitialChal", \
129 	"Open", "Rechallenge", "BadAuth"
130 
131 /*
132  * Timeouts.
133  */
134 #define CHAP_DEFTIMEOUT		3	/* Timeout time in seconds */
135 #define CHAP_DEFTRANSMITS	10	/* max # times to send challenge */
136 
137 extern chap_state chap[];
138 
139 void ChapAuthWithPeer __P((int, char *, int));
140 void ChapAuthPeer __P((int, char *, int));
141 
142 extern struct protent chap_protent;
143 
144 #endif /* __CHAP_INCLUDE__ */
145