From aceaed9283449f3538a8db3ed6e9f6051e68d14c Mon Sep 17 00:00:00 2001 From: Brian Somers Date: Tue, 2 Feb 1999 09:35:17 +0000 Subject: [PATCH] Reimplement the previous fix (no response to PAP requests) at the authentication layer rather than at the PAP layer so that it also applies to CHAP (no response to CHAP challenges). --- usr.sbin/ppp/auth.c | 19 +++++++++++++------ usr.sbin/ppp/auth.h | 6 ++---- usr.sbin/ppp/datalink.c | 8 +++----- usr.sbin/ppp/pap.c | 10 +--------- usr.sbin/ppp/pap.h | 3 +-- 5 files changed, 20 insertions(+), 26 deletions(-) diff --git a/usr.sbin/ppp/auth.c b/usr.sbin/ppp/auth.c index c857e02767e4..ceeb8137367f 100644 --- a/usr.sbin/ppp/auth.c +++ b/usr.sbin/ppp/auth.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: auth.c,v 1.35 1999/01/28 01:56:30 brian Exp $ + * $Id: auth.c,v 1.36 1999/02/01 13:42:24 brian Exp $ * * TODO: * o Implement check against with registered IP addresses. @@ -31,10 +31,12 @@ #include #include #include +#include #include #include "mbuf.h" #include "defs.h" +#include "log.h" #include "timer.h" #include "fsm.h" #include "iplist.h" @@ -56,6 +58,11 @@ #ifndef NORADIUS #include "radius.h" #endif +#include "cbcp.h" +#include "chap.h" +#include "async.h" +#include "physical.h" +#include "datalink.h" #include "bundle.h" const char * @@ -273,8 +280,10 @@ AuthTimeout(void *vauthp) if (--authp->retry > 0) { timer_Start(&authp->authtimer); (*authp->ChallengeFunc)(authp, ++authp->id, authp->physical); - } else if (authp->FailedFunc) - (*authp->FailedFunc)(authp->physical); + } else { + log_Printf(LogPHASE, "Auth: No response from server\n"); + datalink_AuthNotOk(authp->physical->dl); + } } void @@ -286,11 +295,9 @@ auth_Init(struct authinfo *authinfo) void auth_StartChallenge(struct authinfo *authp, struct physical *physical, - void (*chal)(struct authinfo *, int, struct physical *), - void (*fail)(struct physical *)) + void (*chal)(struct authinfo *, int, struct physical *)) { authp->ChallengeFunc = chal; - authp->FailedFunc = fail; authp->physical = physical; timer_Stop(&authp->authtimer); authp->authtimer.func = AuthTimeout; diff --git a/usr.sbin/ppp/auth.h b/usr.sbin/ppp/auth.h index 7ac577df90eb..cf4bb3e009df 100644 --- a/usr.sbin/ppp/auth.h +++ b/usr.sbin/ppp/auth.h @@ -15,7 +15,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: auth.h,v 1.12 1998/08/07 18:42:47 brian Exp $ + * $Id: auth.h,v 1.13 1999/02/01 13:42:24 brian Exp $ * * TODO: */ @@ -25,7 +25,6 @@ struct bundle; struct authinfo { void (*ChallengeFunc)(struct authinfo *, int, struct physical *); - void (*FailedFunc)(struct physical *); struct pppTimer authtimer; int retry; int id; @@ -41,8 +40,7 @@ extern void auth_Init(struct authinfo *); extern void auth_StopTimer(struct authinfo *); extern void auth_StartChallenge(struct authinfo *, struct physical *, void (*)(struct authinfo *, int, - struct physical *), - void (*)(struct physical *)); + struct physical *)); extern int auth_Validate(struct bundle *, const char *, const char *, struct physical *); extern char *auth_GetSecret(struct bundle *, const char *, int, diff --git a/usr.sbin/ppp/datalink.c b/usr.sbin/ppp/datalink.c index 617cc1d2f9d2..7aa88cf7e0cb 100644 --- a/usr.sbin/ppp/datalink.c +++ b/usr.sbin/ppp/datalink.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: datalink.c,v 1.26 1999/01/28 01:56:31 brian Exp $ + * $Id: datalink.c,v 1.27 1999/02/01 13:42:24 brian Exp $ */ #include @@ -479,11 +479,9 @@ datalink_LayerUp(void *v, struct fsm *fp) Auth2Nam(dl->physical->link.lcp.his_auth), Auth2Nam(dl->physical->link.lcp.want_auth)); if (dl->physical->link.lcp.his_auth == PROTO_PAP) - auth_StartChallenge(&dl->pap, dl->physical, pap_SendChallenge, - pap_Failed); + auth_StartChallenge(&dl->pap, dl->physical, pap_SendChallenge); if (dl->physical->link.lcp.want_auth == PROTO_CHAP) - auth_StartChallenge(&dl->chap.auth, dl->physical, chap_SendChallenge, - NULL); + auth_StartChallenge(&dl->chap.auth, dl->physical, chap_SendChallenge); } else datalink_AuthOk(dl); } diff --git a/usr.sbin/ppp/pap.c b/usr.sbin/ppp/pap.c index 02fb3292c212..a87cc8233481 100644 --- a/usr.sbin/ppp/pap.c +++ b/usr.sbin/ppp/pap.c @@ -18,7 +18,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: pap.c,v 1.28 1999/01/28 01:56:33 brian Exp $ + * $Id: pap.c,v 1.29 1999/02/01 13:42:25 brian Exp $ * * TODO: */ @@ -137,14 +137,6 @@ PapValidate(struct bundle *bundle, u_char *name, u_char *key, return auth_Validate(bundle, name, key, physical); } -void -pap_Failed(struct physical *p) -{ - auth_StopTimer(&p->dl->pap); - log_Printf(LogPHASE, "Pap: No response from server\n"); - datalink_AuthNotOk(p->dl); -} - void pap_Input(struct bundle *bundle, struct mbuf *bp, struct physical *physical) { diff --git a/usr.sbin/ppp/pap.h b/usr.sbin/ppp/pap.h index f0cd5e8ef068..ac08b8ba905b 100644 --- a/usr.sbin/ppp/pap.h +++ b/usr.sbin/ppp/pap.h @@ -15,7 +15,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: pap.h,v 1.6 1998/05/21 21:47:21 brian Exp $ + * $Id: pap.h,v 1.7 1999/02/01 13:42:25 brian Exp $ * * TODO: */ @@ -29,6 +29,5 @@ struct physical; struct authinfo; struct bundle; -extern void pap_Failed(struct physical *); extern void pap_Input(struct bundle *, struct mbuf *, struct physical *); extern void pap_SendChallenge(struct authinfo *, int, struct physical *);