chap.c revision 46686
1/* 2 * PPP CHAP Module 3 * 4 * Written by Toshiharu OHNO (tony-o@iij.ad.jp) 5 * 6 * Copyright (C) 1993, Internet Initiative Japan, Inc. All rights reserverd. 7 * 8 * Redistribution and use in source and binary forms are permitted 9 * provided that the above copyright notice and this paragraph are 10 * duplicated in all such forms and that any documentation, 11 * advertising materials, and other materials related to such 12 * distribution and use acknowledge that the software was developed 13 * by the Internet Initiative Japan, Inc. The name of the 14 * IIJ may not be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 18 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 19 * 20 * $Id: chap.c,v 1.49 1999/04/21 08:03:51 brian Exp $ 21 * 22 * TODO: 23 */ 24#include <sys/param.h> 25#include <netinet/in.h> 26#include <netinet/in_systm.h> 27#include <netinet/ip.h> 28#include <sys/un.h> 29 30#include <errno.h> 31#include <fcntl.h> 32#ifdef HAVE_DES 33#include <md4.h> 34#endif 35#include <md5.h> 36#include <paths.h> 37#include <signal.h> 38#include <stdlib.h> 39#include <string.h> 40#include <sys/wait.h> 41#include <termios.h> 42#include <unistd.h> 43 44#include "layer.h" 45#include "mbuf.h" 46#include "log.h" 47#include "defs.h" 48#include "timer.h" 49#include "fsm.h" 50#include "proto.h" 51#include "lcp.h" 52#include "lqr.h" 53#include "hdlc.h" 54#include "auth.h" 55#include "async.h" 56#include "throughput.h" 57#include "descriptor.h" 58#include "chap.h" 59#include "iplist.h" 60#include "slcompress.h" 61#include "ipcp.h" 62#include "filter.h" 63#include "ccp.h" 64#include "link.h" 65#include "physical.h" 66#include "mp.h" 67#ifndef NORADIUS 68#include "radius.h" 69#endif 70#include "bundle.h" 71#include "chat.h" 72#include "cbcp.h" 73#include "command.h" 74#include "datalink.h" 75#ifdef HAVE_DES 76#include "chap_ms.h" 77#endif 78 79static const char *chapcodes[] = { 80 "???", "CHALLENGE", "RESPONSE", "SUCCESS", "FAILURE" 81}; 82#define MAXCHAPCODE (sizeof chapcodes / sizeof chapcodes[0] - 1) 83 84static void 85ChapOutput(struct physical *physical, u_int code, u_int id, 86 const u_char *ptr, int count, const char *text) 87{ 88 int plen; 89 struct fsmheader lh; 90 struct mbuf *bp; 91 92 plen = sizeof(struct fsmheader) + count; 93 lh.code = code; 94 lh.id = id; 95 lh.length = htons(plen); 96 bp = mbuf_Alloc(plen, MB_FSM); 97 memcpy(MBUF_CTOP(bp), &lh, sizeof(struct fsmheader)); 98 if (count) 99 memcpy(MBUF_CTOP(bp) + sizeof(struct fsmheader), ptr, count); 100 log_DumpBp(LogDEBUG, "ChapOutput", bp); 101 if (text == NULL) 102 log_Printf(LogPHASE, "Chap Output: %s\n", chapcodes[code]); 103 else 104 log_Printf(LogPHASE, "Chap Output: %s (%s)\n", chapcodes[code], text); 105 link_PushPacket(&physical->link, bp, physical->dl->bundle, 106 PRI_LINK, PROTO_CHAP); 107} 108 109static char * 110chap_BuildAnswer(char *name, char *key, u_char id, char *challenge, u_char type 111#ifdef HAVE_DES 112 , int lanman 113#endif 114 ) 115{ 116 char *result, *digest; 117 size_t nlen, klen; 118 119 nlen = strlen(name); 120 klen = strlen(key); 121 122#ifdef HAVE_DES 123 if (type == 0x80) { 124 char expkey[AUTHLEN << 2]; 125 MD4_CTX MD4context; 126 int f; 127 128 if ((result = malloc(1 + nlen + MS_CHAP_RESPONSE_LEN)) == NULL) 129 return result; 130 131 digest = result; /* the response */ 132 *digest++ = MS_CHAP_RESPONSE_LEN; /* 49 */ 133 memcpy(digest + MS_CHAP_RESPONSE_LEN, name, nlen); 134 if (lanman) { 135 memset(digest + 24, '\0', 25); 136 mschap_LANMan(digest, challenge + 1, key); /* LANMan response */ 137 } else { 138 memset(digest, '\0', 25); 139 digest += 24; 140 141 for (f = 0; f < klen; f++) { 142 expkey[2*f] = key[f]; 143 expkey[2*f+1] = '\0'; 144 } 145 /* 146 * ----------- 147 * expkey = | k\0e\0y\0 | 148 * ----------- 149 */ 150 MD4Init(&MD4context); 151 MD4Update(&MD4context, expkey, klen << 1); 152 MD4Final(digest, &MD4context); 153 154 /* 155 * ---- -------- ---------------- ------- ------ 156 * result = | 49 | LANMan | 16 byte digest | 9 * ? | name | 157 * ---- -------- ---------------- ------- ------ 158 */ 159 mschap_NT(digest, challenge + 1); 160 } 161 /* 162 * ---- -------- ------------- ----- ------ 163 * | | struct MS_ChapResponse24 | | 164 * result = | 49 | LANMan | NT digest | 0/1 | name | 165 * ---- -------- ------------- ----- ------ 166 * where only one of LANMan & NT digest are set. 167 */ 168 } else 169#endif 170 if ((result = malloc(nlen + 17)) != NULL) { 171 /* Normal MD5 stuff */ 172 MD5_CTX MD5context; 173 174 digest = result; 175 *digest++ = 16; /* value size */ 176 177 MD5Init(&MD5context); 178 MD5Update(&MD5context, &id, 1); 179 MD5Update(&MD5context, key, klen); 180 MD5Update(&MD5context, challenge + 1, *challenge); 181 MD5Final(digest, &MD5context); 182 183 memcpy(digest + 16, name, nlen); 184 /* 185 * ---- -------- ------ 186 * result = | 16 | digest | name | 187 * ---- -------- ------ 188 */ 189 } 190 191 return result; 192} 193 194static void 195chap_StartChild(struct chap *chap, char *prog, const char *name) 196{ 197 char *argv[MAXARGS], *nargv[MAXARGS]; 198 int argc, fd; 199 int in[2], out[2]; 200 201 if (chap->child.fd != -1) { 202 log_Printf(LogWARN, "Chap: %s: Program already running\n", prog); 203 return; 204 } 205 206 if (pipe(in) == -1) { 207 log_Printf(LogERROR, "Chap: pipe: %s\n", strerror(errno)); 208 return; 209 } 210 211 if (pipe(out) == -1) { 212 log_Printf(LogERROR, "Chap: pipe: %s\n", strerror(errno)); 213 close(in[0]); 214 close(in[1]); 215 return; 216 } 217 218 switch ((chap->child.pid = fork())) { 219 case -1: 220 log_Printf(LogERROR, "Chap: fork: %s\n", strerror(errno)); 221 close(in[0]); 222 close(in[1]); 223 close(out[0]); 224 close(out[1]); 225 chap->child.pid = 0; 226 return; 227 228 case 0: 229 timer_TermService(); 230 close(in[1]); 231 close(out[0]); 232 if (out[1] == STDIN_FILENO) { 233 fd = dup(out[1]); 234 close(out[1]); 235 out[1] = fd; 236 } 237 dup2(in[0], STDIN_FILENO); 238 dup2(out[1], STDOUT_FILENO); 239 if ((fd = open(_PATH_DEVNULL, O_RDWR)) == -1) { 240 log_Printf(LogALERT, "Chap: Failed to open %s: %s\n", 241 _PATH_DEVNULL, strerror(errno)); 242 exit(1); 243 } 244 dup2(fd, STDERR_FILENO); 245 fcntl(3, F_SETFD, 1); /* Set close-on-exec flag */ 246 247 setuid(geteuid()); 248 argc = command_Interpret(prog, strlen(prog), argv); 249 command_Expand(nargv, argc, (char const *const *)argv, 250 chap->auth.physical->dl->bundle, 0); 251 execvp(nargv[0], nargv); 252 253 log_Printf(LogWARN, "exec() of %s failed: %s\n", 254 nargv[0], strerror(errno)); 255 exit(255); 256 257 default: 258 close(in[0]); 259 close(out[1]); 260 chap->child.fd = out[0]; 261 chap->child.buf.len = 0; 262 write(in[1], chap->auth.in.name, strlen(chap->auth.in.name)); 263 write(in[1], "\n", 1); 264 write(in[1], chap->challenge.peer + 1, *chap->challenge.peer); 265 write(in[1], "\n", 1); 266 write(in[1], name, strlen(name)); 267 write(in[1], "\n", 1); 268 close(in[1]); 269 break; 270 } 271} 272 273static void 274chap_Cleanup(struct chap *chap, int sig) 275{ 276 if (chap->child.pid) { 277 int status; 278 279 close(chap->child.fd); 280 chap->child.fd = -1; 281 if (sig) 282 kill(chap->child.pid, SIGTERM); 283 chap->child.pid = 0; 284 chap->child.buf.len = 0; 285 286 if (wait(&status) == -1) 287 log_Printf(LogERROR, "Chap: wait: %s\n", strerror(errno)); 288 else if (WIFSIGNALED(status)) 289 log_Printf(LogWARN, "Chap: Child received signal %d\n", WTERMSIG(status)); 290 else if (WIFEXITED(status) && WEXITSTATUS(status)) 291 log_Printf(LogERROR, "Chap: Child exited %d\n", WEXITSTATUS(status)); 292 } 293 *chap->challenge.local = *chap->challenge.peer = '\0'; 294#ifdef HAVE_DES 295 chap->peertries = 0; 296#endif 297} 298 299static void 300chap_Respond(struct chap *chap, char *name, char *key, u_char type 301#ifdef HAVE_DES 302 , int lm 303#endif 304 ) 305{ 306 u_char *ans; 307 308 ans = chap_BuildAnswer(name, key, chap->auth.id, chap->challenge.peer, type 309#ifdef HAVE_DES 310 , lm 311#endif 312 ); 313 314 if (ans) { 315 ChapOutput(chap->auth.physical, CHAP_RESPONSE, chap->auth.id, 316 ans, *ans + 1 + strlen(name), name); 317#ifdef HAVE_DES 318 chap->NTRespSent = !lm; 319#endif 320 free(ans); 321 } else 322 ChapOutput(chap->auth.physical, CHAP_FAILURE, chap->auth.id, 323 "Out of memory!", 14, NULL); 324} 325 326static int 327chap_UpdateSet(struct descriptor *d, fd_set *r, fd_set *w, fd_set *e, int *n) 328{ 329 struct chap *chap = descriptor2chap(d); 330 331 if (r && chap && chap->child.fd != -1) { 332 FD_SET(chap->child.fd, r); 333 if (*n < chap->child.fd + 1) 334 *n = chap->child.fd + 1; 335 log_Printf(LogTIMER, "Chap: fdset(r) %d\n", chap->child.fd); 336 return 1; 337 } 338 339 return 0; 340} 341 342static int 343chap_IsSet(struct descriptor *d, const fd_set *fdset) 344{ 345 struct chap *chap = descriptor2chap(d); 346 347 return chap && chap->child.fd != -1 && FD_ISSET(chap->child.fd, fdset); 348} 349 350static void 351chap_Read(struct descriptor *d, struct bundle *bundle, const fd_set *fdset) 352{ 353 struct chap *chap = descriptor2chap(d); 354 int got; 355 356 got = read(chap->child.fd, chap->child.buf.ptr + chap->child.buf.len, 357 sizeof chap->child.buf.ptr - chap->child.buf.len - 1); 358 if (got == -1) { 359 log_Printf(LogERROR, "Chap: Read: %s\n", strerror(errno)); 360 chap_Cleanup(chap, SIGTERM); 361 } else if (got == 0) { 362 log_Printf(LogWARN, "Chap: Read: Child terminated connection\n"); 363 chap_Cleanup(chap, SIGTERM); 364 } else { 365 char *name, *key, *end; 366 367 chap->child.buf.len += got; 368 chap->child.buf.ptr[chap->child.buf.len] = '\0'; 369 name = chap->child.buf.ptr; 370 name += strspn(name, " \t"); 371 if ((key = strchr(name, '\n')) == NULL) 372 end = NULL; 373 else 374 end = strchr(++key, '\n'); 375 376 if (end == NULL) { 377 if (chap->child.buf.len == sizeof chap->child.buf.ptr - 1) { 378 log_Printf(LogWARN, "Chap: Read: Input buffer overflow\n"); 379 chap_Cleanup(chap, SIGTERM); 380 } 381 } else { 382#ifdef HAVE_DES 383 int lanman = chap->auth.physical->link.lcp.his_authtype == 0x80 && 384 ((chap->NTRespSent && 385 IsAccepted(chap->auth.physical->link.lcp.cfg.chap80lm)) || 386 !IsAccepted(chap->auth.physical->link.lcp.cfg.chap80nt)); 387#endif 388 389 while (end >= name && strchr(" \t\r\n", *end)) 390 *end-- = '\0'; 391 end = key - 1; 392 while (end >= name && strchr(" \t\r\n", *end)) 393 *end-- = '\0'; 394 key += strspn(key, " \t"); 395 396 chap_Respond(chap, name, key, chap->auth.physical->link.lcp.his_authtype 397#ifdef HAVE_DES 398 , lanman 399#endif 400 ); 401 chap_Cleanup(chap, 0); 402 } 403 } 404} 405 406static int 407chap_Write(struct descriptor *d, struct bundle *bundle, const fd_set *fdset) 408{ 409 /* We never want to write here ! */ 410 log_Printf(LogALERT, "chap_Write: Internal error: Bad call !\n"); 411 return 0; 412} 413 414static void 415chap_Challenge(struct authinfo *authp) 416{ 417 struct chap *chap = auth2chap(authp); 418 int len, i; 419 char *cp; 420 421 len = strlen(authp->physical->dl->bundle->cfg.auth.name); 422 423 if (!*chap->challenge.local) { 424 randinit(); 425 cp = chap->challenge.local; 426 427#ifndef NORADIUS 428 if (*authp->physical->dl->bundle->radius.cfg.file) { 429 /* For radius, our challenge is 16 readable NUL terminated bytes :*/ 430 *cp++ = 16; 431 for (i = 0; i < 16; i++) 432 *cp++ = (random() % 10) + '0'; 433 } else 434#endif 435 { 436#ifdef HAVE_DES 437 if (authp->physical->link.lcp.want_authtype == 0x80) 438 *cp++ = 8; /* MS does 8 byte callenges :-/ */ 439 else 440#endif 441 *cp++ = random() % (CHAPCHALLENGELEN-16) + 16; 442 for (i = 0; i < *chap->challenge.local; i++) 443 *cp++ = random() & 0xff; 444 } 445 memcpy(cp, authp->physical->dl->bundle->cfg.auth.name, len); 446 } 447 ChapOutput(authp->physical, CHAP_CHALLENGE, authp->id, chap->challenge.local, 448 1 + *chap->challenge.local + len, NULL); 449} 450 451static void 452chap_Success(struct authinfo *authp) 453{ 454 datalink_GotAuthname(authp->physical->dl, authp->in.name); 455 ChapOutput(authp->physical, CHAP_SUCCESS, authp->id, "Welcome!!", 10, NULL); 456 authp->physical->link.lcp.auth_ineed = 0; 457 if (Enabled(authp->physical->dl->bundle, OPT_UTMP)) 458 physical_Login(authp->physical, authp->in.name); 459 460 if (authp->physical->link.lcp.auth_iwait == 0) 461 /* 462 * Either I didn't need to authenticate, or I've already been 463 * told that I got the answer right. 464 */ 465 datalink_AuthOk(authp->physical->dl); 466} 467 468static void 469chap_Failure(struct authinfo *authp) 470{ 471 ChapOutput(authp->physical, CHAP_FAILURE, authp->id, "Invalid!!", 9, NULL); 472 datalink_AuthNotOk(authp->physical->dl); 473} 474 475static int 476chap_Cmp(u_char type, char *myans, int mylen, char *hisans, int hislen 477#ifdef HAVE_DES 478 , int lm 479#endif 480 ) 481{ 482 if (mylen != hislen) 483 return 0; 484#ifdef HAVE_DES 485 else if (type == 0x80) { 486 int off = lm ? 0 : 24; 487 488 if (memcmp(myans + off, hisans + off, 24)) 489 return 0; 490 } 491#endif 492 else if (memcmp(myans, hisans, mylen)) 493 return 0; 494 495 return 1; 496} 497 498#ifdef HAVE_DES 499static int 500chap_HaveAnotherGo(struct chap *chap) 501{ 502 if (++chap->peertries < 3) { 503 /* Give the peer another shot */ 504 *chap->challenge.local = '\0'; 505 chap_Challenge(&chap->auth); 506 return 1; 507 } 508 509 return 0; 510} 511#endif 512 513void 514chap_Init(struct chap *chap, struct physical *p) 515{ 516 chap->desc.type = CHAP_DESCRIPTOR; 517 chap->desc.UpdateSet = chap_UpdateSet; 518 chap->desc.IsSet = chap_IsSet; 519 chap->desc.Read = chap_Read; 520 chap->desc.Write = chap_Write; 521 chap->child.pid = 0; 522 chap->child.fd = -1; 523 auth_Init(&chap->auth, p, chap_Challenge, chap_Success, chap_Failure); 524 *chap->challenge.local = *chap->challenge.peer = '\0'; 525#ifdef HAVE_DES 526 chap->NTRespSent = 0; 527 chap->peertries = 0; 528#endif 529} 530 531void 532chap_ReInit(struct chap *chap) 533{ 534 chap_Cleanup(chap, SIGTERM); 535} 536 537struct mbuf * 538chap_Input(struct bundle *bundle, struct link *l, struct mbuf *bp) 539{ 540 struct physical *p = link2physical(l); 541 struct chap *chap = &p->dl->chap; 542 char *name, *key, *ans; 543 int len, nlen; 544 u_char alen, end; 545#ifdef HAVE_DES 546 int lanman; 547#endif 548 549 if (p == NULL) { 550 log_Printf(LogERROR, "chap_Input: Not a physical link - dropped\n"); 551 mbuf_Free(bp); 552 return NULL; 553 } 554 555 if (bundle_Phase(bundle) != PHASE_NETWORK && 556 bundle_Phase(bundle) != PHASE_AUTHENTICATE) { 557 log_Printf(LogPHASE, "Unexpected chap input - dropped !\n"); 558 mbuf_Free(bp); 559 return NULL; 560 } 561 562 if ((bp = auth_ReadHeader(&chap->auth, bp)) == NULL && 563 ntohs(chap->auth.in.hdr.length) == 0) 564 log_Printf(LogWARN, "Chap Input: Truncated header !\n"); 565 else if (chap->auth.in.hdr.code == 0 || chap->auth.in.hdr.code > MAXCHAPCODE) 566 log_Printf(LogPHASE, "Chap Input: %d: Bad CHAP code !\n", 567 chap->auth.in.hdr.code); 568 else { 569 len = mbuf_Length(bp); 570 ans = NULL; 571 572 if (chap->auth.in.hdr.code != CHAP_CHALLENGE && 573 chap->auth.id != chap->auth.in.hdr.id && 574 Enabled(bundle, OPT_IDCHECK)) { 575 /* Wrong conversation dude ! */ 576 log_Printf(LogPHASE, "Chap Input: %s dropped (got id %d, not %d)\n", 577 chapcodes[chap->auth.in.hdr.code], chap->auth.in.hdr.id, 578 chap->auth.id); 579 mbuf_Free(bp); 580 return NULL; 581 } 582 chap->auth.id = chap->auth.in.hdr.id; /* We respond with this id */ 583 584#ifdef HAVE_DES 585 lanman = 0; 586#endif 587 switch (chap->auth.in.hdr.code) { 588 case CHAP_CHALLENGE: 589 bp = mbuf_Read(bp, &alen, 1); 590 len -= alen + 1; 591 if (len < 0) { 592 log_Printf(LogERROR, "Chap Input: Truncated challenge !\n"); 593 mbuf_Free(bp); 594 return NULL; 595 } 596 *chap->challenge.peer = alen; 597 bp = mbuf_Read(bp, chap->challenge.peer + 1, alen); 598 bp = auth_ReadName(&chap->auth, bp, len); 599#ifdef HAVE_DES 600 lanman = p->link.lcp.his_authtype == 0x80 && 601 ((chap->NTRespSent && IsAccepted(p->link.lcp.cfg.chap80lm)) || 602 !IsAccepted(p->link.lcp.cfg.chap80nt)); 603#endif 604 break; 605 606 case CHAP_RESPONSE: 607 auth_StopTimer(&chap->auth); 608 bp = mbuf_Read(bp, &alen, 1); 609 len -= alen + 1; 610 if (len < 0) { 611 log_Printf(LogERROR, "Chap Input: Truncated response !\n"); 612 mbuf_Free(bp); 613 return NULL; 614 } 615 if ((ans = malloc(alen + 2)) == NULL) { 616 log_Printf(LogERROR, "Chap Input: Out of memory !\n"); 617 mbuf_Free(bp); 618 return NULL; 619 } 620 *ans = chap->auth.id; 621 bp = mbuf_Read(bp, ans + 1, alen); 622 ans[alen+1] = '\0'; 623 bp = auth_ReadName(&chap->auth, bp, len); 624#ifdef HAVE_DES 625 lanman = alen == 49 && ans[alen] == 0; 626#endif 627 break; 628 629 case CHAP_SUCCESS: 630 case CHAP_FAILURE: 631 /* chap->auth.in.name is already set up at CHALLENGE time */ 632 if ((ans = malloc(len + 1)) == NULL) { 633 log_Printf(LogERROR, "Chap Input: Out of memory !\n"); 634 mbuf_Free(bp); 635 return NULL; 636 } 637 bp = mbuf_Read(bp, ans, len); 638 ans[len] = '\0'; 639 break; 640 } 641 642 switch (chap->auth.in.hdr.code) { 643 case CHAP_CHALLENGE: 644 case CHAP_RESPONSE: 645 if (*chap->auth.in.name) 646 log_Printf(LogPHASE, "Chap Input: %s (%d bytes from %s%s)\n", 647 chapcodes[chap->auth.in.hdr.code], alen, 648 chap->auth.in.name, 649#ifdef HAVE_DES 650 lanman && chap->auth.in.hdr.code == CHAP_RESPONSE ? 651 " - lanman" : 652#endif 653 ""); 654 else 655 log_Printf(LogPHASE, "Chap Input: %s (%d bytes%s)\n", 656 chapcodes[chap->auth.in.hdr.code], alen, 657#ifdef HAVE_DES 658 lanman && chap->auth.in.hdr.code == CHAP_RESPONSE ? 659 " - lanman" : 660#endif 661 ""); 662 break; 663 664 case CHAP_SUCCESS: 665 case CHAP_FAILURE: 666 if (*ans) 667 log_Printf(LogPHASE, "Chap Input: %s (%s)\n", 668 chapcodes[chap->auth.in.hdr.code], ans); 669 else 670 log_Printf(LogPHASE, "Chap Input: %s\n", 671 chapcodes[chap->auth.in.hdr.code]); 672 break; 673 } 674 675 switch (chap->auth.in.hdr.code) { 676 case CHAP_CHALLENGE: 677 if (*bundle->cfg.auth.key == '!') 678 chap_StartChild(chap, bundle->cfg.auth.key + 1, 679 bundle->cfg.auth.name); 680 else 681 chap_Respond(chap, bundle->cfg.auth.name, 682 bundle->cfg.auth.key, p->link.lcp.his_authtype 683#ifdef HAVE_DES 684 , lanman 685#endif 686 ); 687 break; 688 689 case CHAP_RESPONSE: 690 name = chap->auth.in.name; 691 nlen = strlen(name); 692#ifndef NORADIUS 693 if (*bundle->radius.cfg.file) { 694 end = chap->challenge.local[*chap->challenge.local+1]; 695 chap->challenge.local[*chap->challenge.local+1] = '\0'; 696 radius_Authenticate(&bundle->radius, &chap->auth, 697 chap->auth.in.name, ans, 698 chap->challenge.local + 1); 699 chap->challenge.local[*chap->challenge.local+1] = end; 700 } else 701#endif 702 { 703 key = auth_GetSecret(bundle, name, nlen, p); 704 if (key) { 705 char *myans; 706#ifdef HAVE_DES 707 if (lanman && !IsEnabled(p->link.lcp.cfg.chap80lm)) { 708 log_Printf(LogPHASE, "Auth failure: LANMan not enabled\n"); 709 if (chap_HaveAnotherGo(chap)) 710 break; 711 key = NULL; 712 } else if (!lanman && !IsEnabled(p->link.lcp.cfg.chap80nt) && 713 p->link.lcp.want_authtype == 0x80) { 714 log_Printf(LogPHASE, "Auth failure: mschap not enabled\n"); 715 if (chap_HaveAnotherGo(chap)) 716 break; 717 key = NULL; 718 } else 719#endif 720 { 721 myans = chap_BuildAnswer(name, key, chap->auth.id, 722 chap->challenge.local, 723 p->link.lcp.want_authtype 724#ifdef HAVE_DES 725 , lanman 726#endif 727 ); 728 if (myans == NULL) 729 key = NULL; 730 else { 731 if (!chap_Cmp(p->link.lcp.want_authtype, myans + 1, *myans, 732 ans + 1, alen 733#ifdef HAVE_DES 734 , lanman 735#endif 736 )) 737 key = NULL; 738 free(myans); 739 } 740 } 741 } 742 743 if (key) 744 chap_Success(&chap->auth); 745 else 746 chap_Failure(&chap->auth); 747 } 748 749 break; 750 751 case CHAP_SUCCESS: 752 if (p->link.lcp.auth_iwait == PROTO_CHAP) { 753 p->link.lcp.auth_iwait = 0; 754 if (p->link.lcp.auth_ineed == 0) 755 /* 756 * We've succeeded in our ``login'' 757 * If we're not expecting the peer to authenticate (or he already 758 * has), proceed to network phase. 759 */ 760 datalink_AuthOk(p->dl); 761 } 762 break; 763 764 case CHAP_FAILURE: 765 datalink_AuthNotOk(p->dl); 766 break; 767 } 768 free(ans); 769 } 770 771 mbuf_Free(bp); 772 return NULL; 773} 774