mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-17 08:00:48 +01:00
9c749ffb8b
add some logging functionality which I find very useful. 'set debug link' will record just link up/down and address assignments. 'set debug connect' will record the entire chat dialog 'set debug carrier' will record just chat lines including 'CARRIER' (so that I can be sure I'm getting a 28.8 line). There was a global change required to permit LogPrintf to take a bit mask instead of a bit position value (to permit logging some events on either of two flags, so that no change in 'set debug lcp' would result from the code supporting 'link'. Thus the diffs are rather long for such a small change. The man page is also touched. Oh, and there was a slight syntax problem in route.c Reviewed by: phk Submitted by: Tony Kimball <alk@Think.COM>
208 lines
4.6 KiB
C
208 lines
4.6 KiB
C
/*
|
|
* PPP Secret Key Module
|
|
*
|
|
* Written by Toshiharu OHNO (tony-o@iij.ad.jp)
|
|
*
|
|
* Copyright (C) 1994, Internet Initiative Japan, Inc. All rights reserverd.
|
|
*
|
|
* Redistribution and use in source and binary forms are permitted
|
|
* provided that the above copyright notice and this paragraph are
|
|
* duplicated in all such forms and that any documentation,
|
|
* advertising materials, and other materials related to such
|
|
* distribution and use acknowledge that the software was developed
|
|
* by the Internet Initiative Japan, Inc. The name of the
|
|
* IIJ may not be used to endorse or promote products derived
|
|
* from this software without specific prior written permission.
|
|
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
|
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
|
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
|
*
|
|
* $Id: auth.c,v 1.6 1996/01/11 17:48:36 phk Exp $
|
|
*
|
|
* TODO:
|
|
* o Implement check against with registered IP addresses.
|
|
*/
|
|
#include "fsm.h"
|
|
#include "lcpproto.h"
|
|
#include "ipcp.h"
|
|
#include "vars.h"
|
|
#include "filter.h"
|
|
#include "auth.h"
|
|
#include "chat.h"
|
|
|
|
extern FILE *OpenSecret();
|
|
extern void CloseSecret();
|
|
|
|
LOCAL_AUTH_VALID
|
|
LocalAuthInit(void)
|
|
{
|
|
|
|
char *p;
|
|
|
|
if ( gethostname( VarShortHost, sizeof(VarShortHost))) {
|
|
return(NOT_FOUND);
|
|
}
|
|
p = strchr( VarShortHost, '.' );
|
|
if (p)
|
|
*p = '\0';
|
|
|
|
VarLocalAuth = LOCAL_NO_AUTH;
|
|
return LocalAuthValidate( SECRETFILE, VarShortHost, "" );
|
|
|
|
}
|
|
|
|
LOCAL_AUTH_VALID
|
|
LocalAuthValidate( char *fname, char *system, char *key) {
|
|
FILE *fp;
|
|
int n;
|
|
char *vector[20]; /* XXX */
|
|
char buff[200]; /* XXX */
|
|
LOCAL_AUTH_VALID rc;
|
|
|
|
rc = NOT_FOUND; /* No system entry */
|
|
fp = OpenSecret(fname);
|
|
if (fp == NULL)
|
|
return( rc );
|
|
while (fgets(buff, sizeof(buff), fp)) {
|
|
if (buff[0] == '#')
|
|
continue;
|
|
buff[strlen(buff)-1] = 0;
|
|
bzero(vector, sizeof(vector));
|
|
n = MakeArgs(buff, vector);
|
|
if (n < 1)
|
|
continue;
|
|
if (strcmp(vector[0], system) == 0) {
|
|
if ( vector[1] != (char *) NULL && strcmp(vector[1], key) == 0) {
|
|
rc = VALID; /* Valid */
|
|
} else {
|
|
rc = INVALID; /* Invalid */
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
CloseSecret(fp);
|
|
return( rc );
|
|
}
|
|
|
|
int
|
|
AuthValidate(fname, system, key)
|
|
char *fname, *system, *key;
|
|
{
|
|
FILE *fp;
|
|
int n;
|
|
char *vector[20];
|
|
char buff[200];
|
|
char passwd[100];
|
|
|
|
fp = OpenSecret(fname);
|
|
if (fp == NULL)
|
|
return(0);
|
|
while (fgets(buff, sizeof(buff), fp)) {
|
|
if (buff[0] == '#')
|
|
continue;
|
|
buff[strlen(buff)-1] = 0;
|
|
bzero(vector, sizeof(vector));
|
|
n = MakeArgs(buff, vector);
|
|
if (n < 2)
|
|
continue;
|
|
if (strcmp(vector[0], system) == 0) {
|
|
ExpandString(vector[1], passwd, 0);
|
|
if (strcmp(passwd, key) == 0) {
|
|
CloseSecret(fp);
|
|
bzero(&DefHisAddress, sizeof(DefHisAddress));
|
|
n -= 2;
|
|
if (n > 0) {
|
|
ParseAddr(n--, &vector[2],
|
|
&DefHisAddress.ipaddr, &DefHisAddress.mask, &DefHisAddress.width);
|
|
}
|
|
IpcpInit();
|
|
return(1); /* Valid */
|
|
}
|
|
}
|
|
}
|
|
CloseSecret(fp);
|
|
return(0); /* Invalid */
|
|
}
|
|
|
|
char *
|
|
AuthGetSecret(fname, system, len, setaddr)
|
|
char *fname, *system;
|
|
int len, setaddr;
|
|
{
|
|
FILE *fp;
|
|
int n;
|
|
char *vector[20];
|
|
char buff[200];
|
|
static char passwd[100];
|
|
|
|
fp = OpenSecret(fname);
|
|
if (fp == NULL)
|
|
return(NULL);
|
|
while (fgets(buff, sizeof(buff), fp)) {
|
|
if (buff[0] == '#')
|
|
continue;
|
|
buff[strlen(buff)-1] = 0;
|
|
bzero(vector, sizeof(vector));
|
|
n = MakeArgs(buff, vector);
|
|
if (n < 2)
|
|
continue;
|
|
if (strlen(vector[0]) == len && strncmp(vector[0], system, len) == 0) {
|
|
ExpandString(vector[1], passwd, 0);
|
|
if (setaddr) {
|
|
bzero(&DefHisAddress, sizeof(DefHisAddress));
|
|
}
|
|
n -= 2;
|
|
if (n > 0 && setaddr) {
|
|
#ifdef DEBUG
|
|
LogPrintf(LOG_LCP_BIT, "*** n = %d, %s\n", n, vector[2]);
|
|
#endif
|
|
ParseAddr(n--, &vector[2],
|
|
&DefHisAddress.ipaddr, &DefHisAddress.mask, &DefHisAddress.width);
|
|
IpcpInit();
|
|
}
|
|
return(passwd);
|
|
}
|
|
}
|
|
CloseSecret(fp);
|
|
return(NULL); /* Invalid */
|
|
}
|
|
|
|
static void
|
|
AuthTimeout(authp)
|
|
struct authinfo *authp;
|
|
{
|
|
struct pppTimer *tp;
|
|
|
|
tp = &authp->authtimer;
|
|
StopTimer(tp);
|
|
if (--authp->retry > 0) {
|
|
StartTimer(tp);
|
|
(authp->ChallengeFunc)(++authp->id);
|
|
}
|
|
}
|
|
|
|
void
|
|
StartAuthChallenge(authp)
|
|
struct authinfo *authp;
|
|
{
|
|
struct pppTimer *tp;
|
|
|
|
tp = &authp->authtimer;
|
|
StopTimer(tp);
|
|
tp->func = AuthTimeout;
|
|
tp->load = VarRetryTimeout * SECTICKS;
|
|
tp->state = TIMER_STOPPED;
|
|
tp->arg = (void *)authp;
|
|
StartTimer(tp);
|
|
authp->retry = 3;
|
|
authp->id = 1;
|
|
(authp->ChallengeFunc)(authp->id);
|
|
}
|
|
|
|
void
|
|
StopAuthTimer(authp)
|
|
struct authinfo *authp;
|
|
{
|
|
StopTimer(&authp->authtimer);
|
|
}
|