auth.c revision 31070
1/* 2 * PPP Secret Key Module 3 * 4 * Written by Toshiharu OHNO (tony-o@iij.ad.jp) 5 * 6 * Copyright (C) 1994, Internet Initiative Japan, Inc. All rights reserverd. 7 * 8 * Redistribution and use in source and binary forms are permitted 9 * provided that the above copyright notice and this paragraph are 10 * duplicated in all such forms and that any documentation, 11 * advertising materials, and other materials related to such 12 * distribution and use acknowledge that the software was developed 13 * by the Internet Initiative Japan, Inc. The name of the 14 * IIJ may not be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 18 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 19 * 20 * $Id: auth.c,v 1.18 1997/10/26 01:02:07 brian Exp $ 21 * 22 * TODO: 23 * o Implement check against with registered IP addresses. 24 */ 25#include <sys/param.h> 26#include <netinet/in.h> 27 28#include <stdio.h> 29#include <string.h> 30#include <unistd.h> 31 32#include "mbuf.h" 33#include "log.h" 34#include "defs.h" 35#include "timer.h" 36#include "fsm.h" 37#include "lcpproto.h" 38#include "ipcp.h" 39#include "loadalias.h" 40#include "command.h" 41#include "vars.h" 42#include "filter.h" 43#include "auth.h" 44#include "chat.h" 45#include "systems.h" 46 47void 48LocalAuthInit() 49{ 50 char *p; 51 52 if (gethostname(VarShortHost, sizeof(VarShortHost))) { 53 VarLocalAuth = LOCAL_DENY; 54 return; 55 } 56 57 p = strchr(VarShortHost, '.'); 58 if (p) 59 *p = '\0'; 60 61 if (!(mode&(MODE_AUTO|MODE_DEDICATED|MODE_DIRECT))) 62 /* We're allowed in interactive and direct */ 63 VarLocalAuth = LOCAL_AUTH; 64 else 65 VarLocalAuth = LocalAuthValidate(SECRETFILE, VarShortHost, "") 66 == NOT_FOUND ? LOCAL_DENY : LOCAL_NO_AUTH; 67} 68 69LOCAL_AUTH_VALID 70LocalAuthValidate(char *fname, char *system, char *key) 71{ 72 FILE *fp; 73 int n; 74 char *vector[3]; 75 char buff[LINE_LEN]; 76 LOCAL_AUTH_VALID rc; 77 78 rc = NOT_FOUND; /* No system entry */ 79 fp = OpenSecret(fname); 80 if (fp == NULL) 81 return (rc); 82 while (fgets(buff, sizeof(buff), fp)) { 83 if (buff[0] == '#') 84 continue; 85 buff[strlen(buff) - 1] = 0; 86 memset(vector, '\0', sizeof(vector)); 87 n = MakeArgs(buff, vector, VECSIZE(vector)); 88 if (n < 1) 89 continue; 90 if (strcmp(vector[0], system) == 0) { 91 if ((vector[1] == (char *) NULL && (key == NULL || *key == '\0')) || 92 (vector[1] != (char *) NULL && strcmp(vector[1], key) == 0)) { 93 rc = VALID; /* Valid */ 94 } else { 95 rc = INVALID; /* Invalid */ 96 } 97 break; 98 } 99 } 100 CloseSecret(fp); 101 return (rc); 102} 103 104int 105AuthValidate(char *fname, char *system, char *key) 106{ 107 FILE *fp; 108 int n; 109 char *vector[4]; 110 char buff[LINE_LEN]; 111 char passwd[100]; 112 113 fp = OpenSecret(fname); 114 if (fp == NULL) 115 return (0); 116 while (fgets(buff, sizeof(buff), fp)) { 117 if (buff[0] == '#') 118 continue; 119 buff[strlen(buff) - 1] = 0; 120 memset(vector, '\0', sizeof(vector)); 121 n = MakeArgs(buff, vector, VECSIZE(vector)); 122 if (n < 2) 123 continue; 124 if (strcmp(vector[0], system) == 0) { 125 ExpandString(vector[1], passwd, sizeof(passwd), 0); 126 if (strcmp(passwd, key) == 0) { 127 CloseSecret(fp); 128 memset(&DefHisAddress, '\0', sizeof(DefHisAddress)); 129 n -= 2; 130 if (n > 0) { 131 if (ParseAddr(n--, &vector[2], 132 &DefHisAddress.ipaddr, 133 &DefHisAddress.mask, 134 &DefHisAddress.width) == 0) { 135 return (0); /* Invalid */ 136 } 137 } 138 IpcpInit(); 139 return (1); /* Valid */ 140 } 141 } 142 } 143 CloseSecret(fp); 144 return (0); /* Invalid */ 145} 146 147char * 148AuthGetSecret(char *fname, char *system, int len, int setaddr) 149{ 150 FILE *fp; 151 int n; 152 char *vector[4]; 153 char buff[LINE_LEN]; 154 static char passwd[100]; 155 156 fp = OpenSecret(fname); 157 if (fp == NULL) 158 return (NULL); 159 while (fgets(buff, sizeof(buff), fp)) { 160 if (buff[0] == '#') 161 continue; 162 buff[strlen(buff) - 1] = 0; 163 memset(vector, '\0', sizeof(vector)); 164 n = MakeArgs(buff, vector, VECSIZE(vector)); 165 if (n < 2) 166 continue; 167 if (strlen(vector[0]) == len && strncmp(vector[0], system, len) == 0) { 168 ExpandString(vector[1], passwd, sizeof(passwd), 0); 169 if (setaddr) { 170 memset(&DefHisAddress, '\0', sizeof(DefHisAddress)); 171 } 172 n -= 2; 173 if (n > 0 && setaddr) { 174 LogPrintf(LogDEBUG, "AuthGetSecret: n = %d, %s\n", n, vector[2]); 175 if (ParseAddr(n--, &vector[2], 176 &DefHisAddress.ipaddr, 177 &DefHisAddress.mask, 178 &DefHisAddress.width) != 0) 179 IpcpInit(); 180 } 181 return (passwd); 182 } 183 } 184 CloseSecret(fp); 185 return (NULL); /* Invalid */ 186} 187 188static void 189AuthTimeout(struct authinfo *authp) 190{ 191 struct pppTimer *tp; 192 193 tp = &authp->authtimer; 194 StopTimer(tp); 195 if (--authp->retry > 0) { 196 StartTimer(tp); 197 (authp->ChallengeFunc) (++authp->id); 198 } 199} 200 201void 202StartAuthChallenge(struct authinfo *authp) 203{ 204 struct pppTimer *tp; 205 206 tp = &authp->authtimer; 207 StopTimer(tp); 208 tp->func = AuthTimeout; 209 tp->load = VarRetryTimeout * SECTICKS; 210 tp->state = TIMER_STOPPED; 211 tp->arg = (void *) authp; 212 StartTimer(tp); 213 authp->retry = 3; 214 authp->id = 1; 215 (authp->ChallengeFunc) (authp->id); 216} 217 218void 219StopAuthTimer(struct authinfo *authp) 220{ 221 StopTimer(&authp->authtimer); 222} 223