From 624da03badb91e9a81d7ed9659cf0de88ae3e0df Mon Sep 17 00:00:00 2001 From: Sylvain Rochet Date: Sun, 20 May 2012 20:40:08 +0200 Subject: [PATCH] Revert "modified auth_reset() so that we can choose which auth we want" This reverts commit bf10a27db89eb64a50df40a173b2d012b47586e3. Licence issue, we cannot include GPLed source code. --- src/netif/ppp/auth.c | 58 +++++++++------------------------------- src/netif/ppp/chap-new.c | 10 +++++-- src/netif/ppp/chap_ms.c | 15 ++++++++++- src/netif/ppp/pppmy.c | 9 ------- src/netif/ppp/pppmy.h | 3 +-- 5 files changed, 35 insertions(+), 60 deletions(-) diff --git a/src/netif/ppp/auth.c b/src/netif/ppp/auth.c index 08410fd0..3036721d 100644 --- a/src/netif/ppp/auth.c +++ b/src/netif/ppp/auth.c @@ -1292,42 +1292,21 @@ void auth_reset(unit) int unit; { - lcp_options *go = &lcp_gotoptions[unit]; - lcp_options *ao = &lcp_allowoptions[unit]; - - if( ppp_settings.passwd[0] ) { - - ao->neg_upap = !ppp_settings.refuse_pap; - - ao->neg_eap = !ppp_settings.refuse_eap; - - ao->chap_mdtype = MDTYPE_NONE; - if(!ppp_settings.refuse_chap) - ao->chap_mdtype |= MDTYPE_MD5; - if(!ppp_settings.refuse_mschap) - ao->chap_mdtype |= MDTYPE_MICROSOFT; - if(!ppp_settings.refuse_mschap_v2) - ao->chap_mdtype |= MDTYPE_MICROSOFT_V2; - - ao->neg_chap = (ao->chap_mdtype != MDTYPE_NONE); - - } else { - ao->neg_upap = 0; - ao->neg_chap = 0; - ao->neg_eap = 0; - ao->chap_mdtype = MDTYPE_NONE; - } - - - printf("neg_upap: %d\n", ao->neg_upap); - printf("neg_chap: %d\n", ao->neg_chap); - printf("neg_chap_md5: %d\n", !!(ao->chap_mdtype&MDTYPE_MD5) ); - printf("neg_chap_ms: %d\n", !!(ao->chap_mdtype&MDTYPE_MICROSOFT) ); - printf("neg_chap_ms2: %d\n", !!(ao->chap_mdtype&MDTYPE_MICROSOFT_V2) ); - printf("neg_eap: %d\n", ao->neg_eap); + lcp_options *go = &lcp_gotoptions[unit]; + lcp_options *ao = &lcp_allowoptions[unit]; + int hadchap; + hadchap = -1; //ao->neg_upap = !ppp_settings.refuse_pap && (ppp_settings.passwd[0] != 0 || get_pap_passwd(NULL)); + ao->neg_upap = !ppp_settings.refuse_pap && ppp_settings.passwd[0] != 0; + + ao->neg_chap = (!ppp_settings.refuse_chap || !ppp_settings.refuse_mschap || !ppp_settings.refuse_mschap_v2) && ppp_settings.passwd[0]; + + ao->neg_eap = !ppp_settings.refuse_eap && ppp_settings.passwd[0] != 0; + + return; + /* ao->neg_chap = (!ppp_settings.refuse_chap || !refuse_mschap || !refuse_mschap_v2) && (passwd[0] != 0 || @@ -1340,26 +1319,15 @@ auth_reset(unit) (explicit_remote? remote_name: NULL), 0, NULL))) || have_srp_secret(ppp_settings.user, (explicit_remote? remote_name: NULL), 0, NULL)); */ - go->neg_upap = 0; - go->neg_chap = 0; - go->neg_eap = 0; - go->chap_mdtype = MDTYPE_NONE; - return; - /* FIXME: find what the below stuff do */ - int hadchap; - hadchap = -1; - hadchap = -1; if (go->neg_upap && !uselogin && !have_pap_secret(NULL)) go->neg_upap = 0; - if (go->neg_chap) { if (!(hadchap = have_chap_secret((explicit_remote? remote_name: NULL), our_name, 1, NULL))) go->neg_chap = 0; } - if (go->neg_eap && (hadchap == 0 || (hadchap == -1 && !have_chap_secret((explicit_remote? remote_name: NULL), our_name, @@ -1763,8 +1731,6 @@ get_secret(unit, client, server, secret, secret_len, am_server) *secret_len = len; return 1; - -/* FIXME: clean that */ #if 0 // strlcpy(rname, ppp_settings.user, sizeof(rname)); diff --git a/src/netif/ppp/chap-new.c b/src/netif/ppp/chap-new.c index 7d773537..5fe183f8 100644 --- a/src/netif/ppp/chap-new.c +++ b/src/netif/ppp/chap-new.c @@ -456,8 +456,14 @@ chap_respond(struct chap_client_state *cs, int id, slprintf(rname, sizeof(rname), "%.*v", nlen, pkt + clen + 1); /* Microsoft doesn't send their name back in the PPP packet */ - if (explicit_remote || (remote_name[0] != 0 && rname[0] == 0)) - strlcpy(rname, remote_name, sizeof(rname)); + if (ppp_settings.remote_name[0] != 0 && (ppp_settings.explicit_remote || rname[0] == 0)) { + strncpy(rname, ppp_settings.remote_name, sizeof(rname)); + rname[sizeof(rname) - 1] = 0; + } + +// /* Microsoft doesn't send their name back in the PPP packet */ +// if (explicit_remote || (remote_name[0] != 0 && rname[0] == 0)) +// strlcpy(rname, remote_name, sizeof(rname)); /* get secret for authenticating ourselves with the specified host */ if (!get_secret(0, cs->name, rname, secret, &secret_len, 0)) { diff --git a/src/netif/ppp/chap_ms.c b/src/netif/ppp/chap_ms.c index 188e721b..9efa2066 100644 --- a/src/netif/ppp/chap_ms.c +++ b/src/netif/ppp/chap_ms.c @@ -512,11 +512,24 @@ ascii2unicode(char ascii[], int ascii_len, u_char unicode[]) static void NTPasswordHash(u_char *secret, int secret_len, u_char hash[MD4_SIGNATURE_SIZE]) { +#ifdef __NetBSD__ + /* NetBSD uses the libc md4 routines which take bytes instead of bits */ + int mdlen = secret_len; +#else + int mdlen = secret_len * 8; +#endif md4_context md4Context; md4_starts(&md4Context); - md4_update(&md4Context, secret, secret_len); + /* MD4Update can take at most 64 bytes at a time */ + while (mdlen > 512) { + md4_update(&md4Context, secret, 512); + secret += 64; + mdlen -= 512; + } + md4_update(&md4Context, secret, mdlen); md4_finish(&md4Context, hash); + } static void diff --git a/src/netif/ppp/pppmy.c b/src/netif/ppp/pppmy.c index 3352b2ba..8085741b 100644 --- a/src/netif/ppp/pppmy.c +++ b/src/netif/ppp/pppmy.c @@ -435,14 +435,6 @@ int ppp_init(void) { void pppSetAuth(enum pppAuthType authType, const char *user, const char *passwd) { - ppp_settings.refuse_pap = 1; - ppp_settings.refuse_chap = 1; - ppp_settings.refuse_mschap = 1; - ppp_settings.refuse_mschap_v2 = 0; - ppp_settings.refuse_eap = 1; - -/* FIXME: re-enable that */ -#if 0 switch(authType) { case PPPAUTHTYPE_NONE: default: @@ -489,7 +481,6 @@ pppSetAuth(enum pppAuthType authType, const char *user, const char *passwd) ppp_settings.refuse_chap = 0; break; } -#endif if(user) { strncpy(ppp_settings.user, user, sizeof(ppp_settings.user)-1); diff --git a/src/netif/ppp/pppmy.h b/src/netif/ppp/pppmy.h index 07099ecd..e79f43fa 100644 --- a/src/netif/ppp/pppmy.h +++ b/src/netif/ppp/pppmy.h @@ -58,8 +58,7 @@ struct ppp_settings { char user [MAXNAMELEN + 1]; /* Username for PAP */ char passwd [MAXSECRETLEN + 1]; /* Password for PAP, secret for CHAP */ char our_name [MAXNAMELEN + 1]; /* Our name for authentication purposes */ - // FIXME: re-enable that - // char remote_name[MAXNAMELEN + 1]; /* Peer's name for authentication */ + char remote_name[MAXNAMELEN + 1]; /* Peer's name for authentication */ }; struct ppp_settings ppp_settings;