usr.sbin/ppp/pap.c

78189Sbrian/*-
78189Sbrian * Copyright (c) 1996 - 2001 Brian Somers <brian@Awfulhak.org>
78189Sbrian *          based on work by Toshiharu OHNO <tony-o@iij.ad.jp>
78189Sbrian *                           Internet Initiative Japan, Inc (IIJ)
78189Sbrian * All rights reserved.
6059Samurai *
78189Sbrian * Redistribution and use in source and binary forms, with or without
78189Sbrian * modification, are permitted provided that the following conditions
78189Sbrian * are met:
78189Sbrian * 1. Redistributions of source code must retain the above copyright
78189Sbrian *    notice, this list of conditions and the following disclaimer.
78189Sbrian * 2. Redistributions in binary form must reproduce the above copyright
78189Sbrian *    notice, this list of conditions and the following disclaimer in the
78189Sbrian *    documentation and/or other materials provided with the distribution.
6059Samurai *
78189Sbrian * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
78189Sbrian * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
78189Sbrian * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
78189Sbrian * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
78189Sbrian * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
78189Sbrian * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
78189Sbrian * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
78189Sbrian * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
78189Sbrian * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
78189Sbrian * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
78189Sbrian * SUCH DAMAGE.
6059Samurai *
50479Speter * $FreeBSD$
6059Samurai */
78189Sbrian
43313Sbrian#include <sys/param.h>
30715Sbrian#include <netinet/in.h>
36285Sbrian#include <netinet/in_systm.h>
36285Sbrian#include <netinet/ip.h>
81634Sbrian#include <sys/socket.h>
36285Sbrian#include <sys/un.h>
30715Sbrian
43693Sbrian#include <stdlib.h>
49472Sbrian#include <string.h>		/* strlen/memcpy */
36285Sbrian#include <termios.h>
30715Sbrian
46686Sbrian#include "layer.h"
30715Sbrian#include "mbuf.h"
30715Sbrian#include "log.h"
30715Sbrian#include "defs.h"
30715Sbrian#include "timer.h"
6059Samurai#include "fsm.h"
36285Sbrian#include "auth.h"
6059Samurai#include "pap.h"
36285Sbrian#include "lqr.h"
6059Samurai#include "hdlc.h"
63484Sbrian#include "lcp.h"
46686Sbrian#include "proto.h"
36285Sbrian#include "async.h"
36285Sbrian#include "throughput.h"
36285Sbrian#include "ccp.h"
36285Sbrian#include "link.h"
36285Sbrian#include "descriptor.h"
36285Sbrian#include "physical.h"
36285Sbrian#include "iplist.h"
36285Sbrian#include "slcompress.h"
81634Sbrian#include "ncpaddr.h"
36285Sbrian#include "ipcp.h"
36285Sbrian#include "filter.h"
36285Sbrian#include "mp.h"
43313Sbrian#ifndef NORADIUS
43313Sbrian#include "radius.h"
43313Sbrian#endif
81634Sbrian#include "ipv6cp.h"
81634Sbrian#include "ncp.h"
36285Sbrian#include "bundle.h"
36285Sbrian#include "chat.h"
36285Sbrian#include "chap.h"
38174Sbrian#include "cbcp.h"
36285Sbrian#include "datalink.h"
6059Samurai
55146Sbrianstatic const char * const papcodes[] = {
55146Sbrian  "???", "REQUEST", "SUCCESS", "FAILURE"
55146Sbrian};
43693Sbrian#define MAXPAPCODE (sizeof papcodes / sizeof papcodes[0] - 1)
6059Samurai
43693Sbrianstatic void
43693Sbrianpap_Req(struct authinfo *authp)
6059Samurai{
43693Sbrian  struct bundle *bundle = authp->physical->dl->bundle;
6059Samurai  struct fsmheader lh;
6059Samurai  struct mbuf *bp;
6059Samurai  u_char *cp;
6059Samurai  int namelen, keylen, plen;
6059Samurai
43693Sbrian  namelen = strlen(bundle->cfg.auth.name);
43693Sbrian  keylen = strlen(bundle->cfg.auth.key);
6059Samurai  plen = namelen + keylen + 2;
43693Sbrian  log_Printf(LogDEBUG, "pap_Req: namelen = %d, keylen = %d\n", namelen, keylen);
43693Sbrian  log_Printf(LogPHASE, "Pap Output: %s ********\n", bundle->cfg.auth.name);
43693Sbrian  if (*bundle->cfg.auth.name == '\0')
37926Sbrian    log_Printf(LogWARN, "Sending empty PAP authname!\n");
6059Samurai  lh.code = PAP_REQUEST;
43693Sbrian  lh.id = authp->id;
6059Samurai  lh.length = htons(plen + sizeof(struct fsmheader));
54912Sbrian  bp = m_get(plen + sizeof(struct fsmheader), MB_PAPOUT);
30715Sbrian  memcpy(MBUF_CTOP(bp), &lh, sizeof(struct fsmheader));
6059Samurai  cp = MBUF_CTOP(bp) + sizeof(struct fsmheader);
6059Samurai  *cp++ = namelen;
43693Sbrian  memcpy(cp, bundle->cfg.auth.name, namelen);
6059Samurai  cp += namelen;
6059Samurai  *cp++ = keylen;
43693Sbrian  memcpy(cp, bundle->cfg.auth.key, keylen);
50867Sbrian  link_PushPacket(&authp->physical->link, bp, bundle,
50867Sbrian                  LINK_QUEUES(&authp->physical->link) - 1, PROTO_PAP);
6059Samurai}
6059Samurai
6059Samuraistatic void
43693SbrianSendPapCode(struct authinfo *authp, int code, const char *message)
6059Samurai{
6059Samurai  struct fsmheader lh;
6059Samurai  struct mbuf *bp;
6059Samurai  u_char *cp;
6059Samurai  int plen, mlen;
6059Samurai
6059Samurai  lh.code = code;
43693Sbrian  lh.id = authp->id;
6059Samurai  mlen = strlen(message);
6059Samurai  plen = mlen + 1;
6059Samurai  lh.length = htons(plen + sizeof(struct fsmheader));
54912Sbrian  bp = m_get(plen + sizeof(struct fsmheader), MB_PAPOUT);
30715Sbrian  memcpy(MBUF_CTOP(bp), &lh, sizeof(struct fsmheader));
6059Samurai  cp = MBUF_CTOP(bp) + sizeof(struct fsmheader);
53734Sbrian  /*
53734Sbrian   * If our message is longer than 255 bytes, truncate the length to
53734Sbrian   * 255 and send the entire message anyway.  Maybe the other end will
53734Sbrian   * display it... (see pap_Input() !)
53734Sbrian   */
53734Sbrian  *cp++ = mlen > 255 ? 255 : mlen;
30715Sbrian  memcpy(cp, message, mlen);
37926Sbrian  log_Printf(LogPHASE, "Pap Output: %s\n", papcodes[code]);
43693Sbrian
46686Sbrian  link_PushPacket(&authp->physical->link, bp, authp->physical->dl->bundle,
50867Sbrian                  LINK_QUEUES(&authp->physical->link) - 1, PROTO_PAP);
6059Samurai}
6059Samurai
43693Sbrianstatic void
43693Sbrianpap_Success(struct authinfo *authp)
6059Samurai{
96324Sbrian  struct bundle *bundle = authp->physical->dl->bundle;
96324Sbrian
43693Sbrian  datalink_GotAuthname(authp->physical->dl, authp->in.name);
96324Sbrian#ifndef NORADIUS
96324Sbrian  if (*bundle->radius.cfg.file && bundle->radius.repstr)
96324Sbrian    SendPapCode(authp, PAP_ACK, bundle->radius.repstr);
96324Sbrian  else
96324Sbrian#endif
96324Sbrian    SendPapCode(authp, PAP_ACK, "Greetings!!");
43693Sbrian  authp->physical->link.lcp.auth_ineed = 0;
96324Sbrian  if (Enabled(bundle, OPT_UTMP))
43693Sbrian    physical_Login(authp->physical, authp->in.name);
6059Samurai
43693Sbrian  if (authp->physical->link.lcp.auth_iwait == 0)
43693Sbrian    /*
43693Sbrian     * Either I didn't need to authenticate, or I've already been
43693Sbrian     * told that I got the answer right.
43693Sbrian     */
43693Sbrian    datalink_AuthOk(authp->physical->dl);
43693Sbrian}
18752Sjkh
43693Sbrianstatic void
43693Sbrianpap_Failure(struct authinfo *authp)
43693Sbrian{
43693Sbrian  SendPapCode(authp, PAP_NAK, "Login incorrect");
43693Sbrian  datalink_AuthNotOk(authp->physical->dl);
6059Samurai}
6059Samurai
6059Samuraivoid
43693Sbrianpap_Init(struct authinfo *pap, struct physical *p)
6059Samurai{
43693Sbrian  auth_Init(pap, p, pap_Req, pap_Success, pap_Failure);
43693Sbrian}
6059Samurai
46686Sbrianstruct mbuf *
46686Sbrianpap_Input(struct bundle *bundle, struct link *l, struct mbuf *bp)
43693Sbrian{
46686Sbrian  struct physical *p = link2physical(l);
43693Sbrian  struct authinfo *authp = &p->dl->pap;
43693Sbrian  u_char nlen, klen, *key;
53734Sbrian  const char *txt;
53734Sbrian  int txtlen;
36285Sbrian
46686Sbrian  if (p == NULL) {
46686Sbrian    log_Printf(LogERROR, "pap_Input: Not a physical link - dropped\n");
54912Sbrian    m_freem(bp);
46686Sbrian    return NULL;
46686Sbrian  }
46686Sbrian
46686Sbrian  if (bundle_Phase(bundle) != PHASE_NETWORK &&
46686Sbrian      bundle_Phase(bundle) != PHASE_AUTHENTICATE) {
45220Sbrian    log_Printf(LogPHASE, "Unexpected pap input - dropped !\n");
54912Sbrian    m_freem(bp);
46686Sbrian    return NULL;
45220Sbrian  }
45220Sbrian
44159Sbrian  if ((bp = auth_ReadHeader(authp, bp)) == NULL &&
44159Sbrian      ntohs(authp->in.hdr.length) == 0) {
44159Sbrian    log_Printf(LogWARN, "Pap Input: Truncated header !\n");
46686Sbrian    return NULL;
44159Sbrian  }
43693Sbrian
43693Sbrian  if (authp->in.hdr.code == 0 || authp->in.hdr.code > MAXPAPCODE) {
43693Sbrian    log_Printf(LogPHASE, "Pap Input: %d: Bad PAP code !\n", authp->in.hdr.code);
54912Sbrian    m_freem(bp);
46686Sbrian    return NULL;
43693Sbrian  }
43693Sbrian
43693Sbrian  if (authp->in.hdr.code != PAP_REQUEST && authp->id != authp->in.hdr.id &&
46686Sbrian      Enabled(bundle, OPT_IDCHECK)) {
43693Sbrian    /* Wrong conversation dude ! */
43693Sbrian    log_Printf(LogPHASE, "Pap Input: %s dropped (got id %d, not %d)\n",
43693Sbrian               papcodes[authp->in.hdr.code], authp->in.hdr.id, authp->id);
54912Sbrian    m_freem(bp);
46686Sbrian    return NULL;
43693Sbrian  }
54912Sbrian  m_settype(bp, MB_PAPIN);
43693Sbrian  authp->id = authp->in.hdr.id;		/* We respond with this id */
43693Sbrian
43693Sbrian  if (bp) {
43693Sbrian    bp = mbuf_Read(bp, &nlen, 1);
53734Sbrian    if (authp->in.hdr.code == PAP_ACK) {
53734Sbrian      /*
53734Sbrian       * Don't restrict the length of our acknowledgement freetext to
53734Sbrian       * nlen (a one-byte length).  Show the rest of the ack packet
53734Sbrian       * instead.  This isn't really part of the protocol.....
53734Sbrian       */
54912Sbrian      bp = m_pullup(bp);
53734Sbrian      txt = MBUF_CTOP(bp);
54912Sbrian      txtlen = m_length(bp);
53734Sbrian    } else {
53734Sbrian      bp = auth_ReadName(authp, bp, nlen);
53734Sbrian      txt = authp->in.name;
53734Sbrian      txtlen = strlen(authp->in.name);
53734Sbrian    }
53734Sbrian  } else {
53734Sbrian    txt = "";
53734Sbrian    txtlen = 0;
43693Sbrian  }
43693Sbrian
53734Sbrian  log_Printf(LogPHASE, "Pap Input: %s (%.*s)\n",
53734Sbrian             papcodes[authp->in.hdr.code], txtlen, txt);
43693Sbrian
43693Sbrian  switch (authp->in.hdr.code) {
43693Sbrian    case PAP_REQUEST:
43693Sbrian      if (bp == NULL) {
43693Sbrian        log_Printf(LogPHASE, "Pap Input: No key given !\n");
43693Sbrian        break;
6059Samurai      }
43693Sbrian      bp = mbuf_Read(bp, &klen, 1);
54912Sbrian      if (m_length(bp) < klen) {
43693Sbrian        log_Printf(LogERROR, "Pap Input: Truncated key !\n");
43693Sbrian        break;
43693Sbrian      }
43693Sbrian      if ((key = malloc(klen+1)) == NULL) {
43693Sbrian        log_Printf(LogERROR, "Pap Input: Out of memory !\n");
43693Sbrian        break;
43693Sbrian      }
43693Sbrian      bp = mbuf_Read(bp, key, klen);
43693Sbrian      key[klen] = '\0';
43693Sbrian
43693Sbrian#ifndef NORADIUS
96730Sbrian      if (*bundle->radius.cfg.file) {
96730Sbrian        if (!radius_Authenticate(&bundle->radius, authp, authp->in.name,
98311Sbrian                                 key, strlen(key), NULL, 0))
96730Sbrian          pap_Failure(authp);
96730Sbrian      } else
43693Sbrian#endif
134789Sbrian      if (auth_Validate(bundle, authp->in.name, key))
43693Sbrian        pap_Success(authp);
43693Sbrian      else
43693Sbrian        pap_Failure(authp);
43693Sbrian
43693Sbrian      free(key);
43693Sbrian      break;
43693Sbrian
43693Sbrian    case PAP_ACK:
43693Sbrian      auth_StopTimer(authp);
43693Sbrian      if (p->link.lcp.auth_iwait == PROTO_PAP) {
43693Sbrian        p->link.lcp.auth_iwait = 0;
43693Sbrian        if (p->link.lcp.auth_ineed == 0)
43693Sbrian          /*
43693Sbrian           * We've succeeded in our ``login''
43693Sbrian           * If we're not expecting  the peer to authenticate (or he already
43693Sbrian           * has), proceed to network phase.
43693Sbrian           */
43693Sbrian          datalink_AuthOk(p->dl);
43693Sbrian      }
43693Sbrian      break;
43693Sbrian
43693Sbrian    case PAP_NAK:
43693Sbrian      auth_StopTimer(authp);
43693Sbrian      datalink_AuthNotOk(p->dl);
43693Sbrian      break;
6059Samurai  }
43693Sbrian
54912Sbrian  m_freem(bp);
46686Sbrian  return NULL;
6059Samurai}