rename accel-pptp to accel-ppp

author: Dmitry Kozlov <xeb@mail.ru> 2011-01-05 15:18:59 +0300
committer: Dmitry Kozlov <xeb@mail.ru> 2011-01-05 15:18:59 +0300
commit: f28cb1b0a926f1ea98700b7871537ad1793511fd (patch)
tree: baf35570bc6b38b6fab5b6524e8f19f58f71e57f /accel-pptpd/auth/auth_mschap_v2.c
parent: 2fdf3586c13a72c36f9530084962e29d57dc0329 (diff)
download: accel-ppp-f28cb1b0a926f1ea98700b7871537ad1793511fd.tar.gz
accel-ppp-f28cb1b0a926f1ea98700b7871537ad1793511fd.zip
1 files changed, 0 insertions, 639 deletions
diff --git a/accel-pptpd/auth/auth_mschap_v2.c b/accel-pptpd/auth/auth_mschap_v2.c
deleted file mode 100644
index e07c4f7e..00000000
--- a/accel-pptpd/auth/auth_mschap_v2.c
+++ /dev/null
@@ -1,639 +0,0 @@
-#include <stdint.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <string.h>
-#include <fcntl.h>
-#include <errno.h>
-#include <stdio.h>
-#include <byteswap.h>
-#include <arpa/inet.h>
-
-#include <openssl/md4.h>
-#include <openssl/des.h>
-#include <openssl/sha.h>
-
-#include "log.h"
-#include "ppp.h"
-#include "events.h"
-#include "ppp_auth.h"
-#include "ppp_lcp.h"
-#include "pwdb.h"
-
-#include "memdebug.h"
-
-#define MSCHAP_V2 0x81 
-
-#define CHAP_CHALLENGE 1
-#define CHAP_RESPONSE  2
-#define CHAP_SUCCESS   3
-#define CHAP_FAILURE   4
-
-#define VALUE_SIZE 16
-#define RESPONSE_VALUE_SIZE (16+8+24+1)
-
-#define MSG_FAILURE   "E=691 R=0 C=cccccccccccccccccccccccccccccccc V=3 M=Authentication failure"
-#define MSG_SUCCESS   "S=cccccccccccccccccccccccccccccccccccccccc M=Authentication successed"
-
-#define HDR_LEN (sizeof(struct chap_hdr_t)-2)
-
-static int conf_timeout = 5;
-static int conf_interval = 0;
-static int conf_max_failure = 3;
-
-static int urandom_fd;
-
-struct chap_hdr_t
-{
-	uint16_t proto;
-	uint8_t code;
-	uint8_t id;
-	uint16_t len;
-} __attribute__((packed));
-
-struct chap_challenge_t
-{
-	struct chap_hdr_t hdr;
-	uint8_t val_size;
-	uint8_t val[VALUE_SIZE];
-	char name[0];
-} __attribute__((packed));
-
-struct chap_response_t
-{
-	struct chap_hdr_t hdr;
-	uint8_t val_size;
-	uint8_t peer_challenge[16];
-	uint8_t reserved[8];
-	uint8_t nt_hash[24];
-	uint8_t flags;
-	char name[0];
-} __attribute__((packed));
-
-struct chap_failure_t
-{
-	struct chap_hdr_t hdr;
-	char message[sizeof(MSG_FAILURE)];
-} __attribute__((packed));
-
-struct chap_success_t
-{
-	struct chap_hdr_t hdr;
-	char message[sizeof(MSG_SUCCESS)];
-} __attribute__((packed));
-
-
-struct chap_auth_data_t
-{
-	struct auth_data_t auth;
-	struct ppp_handler_t h;
-	struct ppp_t *ppp;
-	int id;
-	uint8_t val[VALUE_SIZE];
-	struct triton_timer_t timeout;
-	struct triton_timer_t interval;
-	int failure;
-	int started:1;
-};
-
-static void chap_send_challenge(struct chap_auth_data_t *ad);
-static void chap_recv(struct ppp_handler_t *h);
-static int chap_check_response(struct chap_auth_data_t *ad, struct chap_response_t *msg, const char *name);
-static void chap_timeout_timer(struct triton_timer_t *t);
-static void chap_restart_timer(struct triton_timer_t *t);
-static void set_mppe_keys(struct chap_auth_data_t *ad, uint8_t *z_hash, uint8_t *nt_hash);
-
-static void print_buf(const uint8_t *buf, int size)
-{
-	int i;
-	for (i = 0; i < size; i++)
-		log_ppp_info2("%x", buf[i]);
-}
-
-static void print_str(const char *buf, int size)
-{
-	int i;
-	for (i = 0; i < size; i++)
-		log_ppp_info2("%c", buf[i]);
-}
-
-static struct auth_data_t* auth_data_init(struct ppp_t *ppp)
-{
-	struct chap_auth_data_t *d = _malloc(sizeof(*d));
-
-	memset(d, 0, sizeof(*d));
-	d->auth.proto = PPP_CHAP;
-	d->ppp = ppp;
-
-	return &d->auth;
-}
-
-static void auth_data_free(struct ppp_t *ppp, struct auth_data_t *auth)
-{
-	struct chap_auth_data_t *d = container_of(auth, typeof(*d), auth);
-
-	if (d->timeout.tpd)
-		triton_timer_del(&d->timeout);
-
-	if (d->interval.tpd)
-		triton_timer_del(&d->interval);
-
-	_free(d);
-}
-
-static int chap_start(struct ppp_t *ppp, struct auth_data_t *auth)
-{
-	struct chap_auth_data_t *d = container_of(auth, typeof(*d), auth);
-
-	d->h.proto = PPP_CHAP;
-	d->h.recv = chap_recv;
-	d->timeout.expire = chap_timeout_timer;
-	d->timeout.period = conf_timeout * 1000;
-	d->interval.expire = chap_restart_timer;
-	d->interval.period = conf_interval * 1000;
-
-	ppp_register_chan_handler(ppp, &d->h);
-
-	chap_send_challenge(d);
-
-	return 0;
-}
-
-static int chap_finish(struct ppp_t *ppp, struct auth_data_t *auth)
-{
-	struct chap_auth_data_t *d = container_of(auth, typeof(*d), auth);
-
-	if (d->timeout.tpd)
-		triton_timer_del(&d->timeout);
-
-	if (d->interval.tpd)
-		triton_timer_del(&d->interval);
-
-	ppp_unregister_handler(ppp,&d->h);
-
-	return 0;
-}
-
-static void chap_timeout_timer(struct triton_timer_t *t)
-{
-	struct chap_auth_data_t *d = container_of(t, typeof(*d), timeout);
-
-	if (conf_ppp_verbose)
-		log_ppp_warn("mschap-v2: timeout\n");
-
-	if (++d->failure == conf_max_failure) {
-		if (d->started)
-			ppp_terminate(d->ppp, TERM_USER_ERROR, 0);
-		else
-			ppp_auth_failed(d->ppp, NULL);
-	} else {
-		--d->id;
-		chap_send_challenge(d);
-	}
-}
-
-static void chap_restart_timer(struct triton_timer_t *t)
-{
-	struct chap_auth_data_t *d = container_of(t, typeof(*d), interval);
-	
-	chap_send_challenge(d);
-}
-
-static int lcp_send_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t *ptr)
-{
-	*ptr = MSCHAP_V2;
-	return 1;
-}
-
-static int lcp_recv_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t *ptr)
-{
-	if (*ptr == MSCHAP_V2)
-		return LCP_OPT_ACK;
-	return LCP_OPT_NAK;
-}
-
-static void chap_send_failure(struct chap_auth_data_t *ad)
-{
-	struct chap_failure_t msg = {
-		.hdr.proto = htons(PPP_CHAP),
-		.hdr.code = CHAP_FAILURE,
-		.hdr.id = ad->id,
-		.hdr.len = htons(sizeof(msg) - 1 - 2),
-		.message = MSG_FAILURE,
-	};
-	
-	if (conf_ppp_verbose)
-		log_ppp_info2("send [MSCHAP-v2 Failure id=%x \"%s\"]\n", msg.hdr.id, MSG_FAILURE);
-
-	ppp_chan_send(ad->ppp, &msg, ntohs(msg.hdr.len) + 2);
-}
-
-static int generate_response(struct chap_auth_data_t *ad, struct chap_response_t *msg, const char *name, char *authenticator)
-{
-	MD4_CTX md4_ctx;
-	SHA_CTX sha_ctx;
-	char *passwd;
-	char *u_passwd;
-	uint8_t pw_hash[MD4_DIGEST_LENGTH];
-	uint8_t c_hash[SHA_DIGEST_LENGTH];
-	uint8_t response[SHA_DIGEST_LENGTH];
-	int i;
-	
-	uint8_t magic1[39] =
-         {0x4D, 0x61, 0x67, 0x69, 0x63, 0x20, 0x73, 0x65, 0x72, 0x76,
-          0x65, 0x72, 0x20, 0x74, 0x6F, 0x20, 0x63, 0x6C, 0x69, 0x65,
-          0x6E, 0x74, 0x20, 0x73, 0x69, 0x67, 0x6E, 0x69, 0x6E, 0x67,
-          0x20, 0x63, 0x6F, 0x6E, 0x73, 0x74, 0x61, 0x6E, 0x74};
-	uint8_t magic2[41] =
-         {0x50, 0x61, 0x64, 0x20, 0x74, 0x6F, 0x20, 0x6D, 0x61, 0x6B,
-          0x65, 0x20, 0x69, 0x74, 0x20, 0x64, 0x6F, 0x20, 0x6D, 0x6F,
-          0x72, 0x65, 0x20, 0x74, 0x68, 0x61, 0x6E, 0x20, 0x6F, 0x6E,
-          0x65, 0x20, 0x69, 0x74, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6F,
-          0x6E};
-
-
-	passwd = pwdb_get_passwd(ad->ppp,name);
-	if (!passwd)
-		return -1;
-
-	u_passwd=_malloc(strlen(passwd)*2);
-	for(i=0; i<strlen(passwd); i++)
-	{
-		u_passwd[i*2]=passwd[i];
-		u_passwd[i*2+1]=0;
-	}
-
-	MD4_Init(&md4_ctx);
-	MD4_Update(&md4_ctx,u_passwd,strlen(passwd)*2);
-	MD4_Final(pw_hash,&md4_ctx);
-
-	MD4_Init(&md4_ctx);
-	MD4_Update(&md4_ctx,pw_hash,16);
-	MD4_Final(pw_hash,&md4_ctx);
-
-	SHA1_Init(&sha_ctx);
-	SHA1_Update(&sha_ctx,pw_hash,16);
-	SHA1_Update(&sha_ctx,msg->nt_hash,24);
-	SHA1_Update(&sha_ctx,magic1,39);
-	SHA1_Final(response,&sha_ctx);
-
-	SHA1_Init(&sha_ctx);
-	SHA1_Update(&sha_ctx,msg->peer_challenge,16);
-	SHA1_Update(&sha_ctx,ad->val,16);
-	SHA1_Update(&sha_ctx,name,strlen(name));
-	SHA1_Final(c_hash,&sha_ctx);
-
-	SHA1_Init(&sha_ctx);
-	SHA1_Update(&sha_ctx,response,20);
-	SHA1_Update(&sha_ctx,c_hash,8);
-	SHA1_Update(&sha_ctx,magic2,41);
-	SHA1_Final(response,&sha_ctx);
-	
-	for(i=0; i<20; i++)
-		sprintf(authenticator+i*2,"%02X",response[i]);
-	
-	_free(passwd);
-	_free(u_passwd);
-
-	return 0;
-}
-
-static void chap_send_success(struct chap_auth_data_t *ad, struct chap_response_t *res_msg, const char *authenticator)
-{
-	struct chap_success_t msg = {
-		.hdr.proto = htons(PPP_CHAP),
-		.hdr.code = CHAP_SUCCESS,
-		.hdr.id = ad->id,
-		.hdr.len = htons(sizeof(msg) - 1 - 2),
-		.message = MSG_SUCCESS,
-	};
-
-	memcpy(msg.message + 2, authenticator, 40);
-
-	if (conf_ppp_verbose)
-		log_ppp_info2("send [MSCHAP-v2 Success id=%x \"%s\"]\n", msg.hdr.id, msg.message);
-
-	ppp_chan_send(ad->ppp, &msg, ntohs(msg.hdr.len) + 2);
-}
-
-static void chap_send_challenge(struct chap_auth_data_t *ad)
-{
-	struct chap_challenge_t msg =	{
-		.hdr.proto = htons(PPP_CHAP),
-		.hdr.code = CHAP_CHALLENGE,
-		.hdr.id = ++ad->id,
-		.hdr.len = htons(sizeof(msg) - 2),
-		.val_size = VALUE_SIZE,
-	};
-
-	read(urandom_fd, ad->val, VALUE_SIZE);
-	memcpy(msg.val, ad->val, VALUE_SIZE);
-
-	if (conf_ppp_verbose) {
-		log_ppp_info2("send [MSCHAP-v2 Challenge id=%x <", msg.hdr.id);
-		print_buf(msg.val, VALUE_SIZE);
-		log_ppp_info2(">]\n");
-	}
-
-	ppp_chan_send(ad->ppp, &msg, ntohs(msg.hdr.len) + 2);
-
-	if (conf_timeout && !ad->timeout.tpd)
-		triton_timer_add(ad->ppp->ctrl->ctx, &ad->timeout, 0);
-}
-
-static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *hdr)
-{
-	struct chap_response_t *msg = (struct chap_response_t*)hdr;
-	char *name;
-	char authenticator[41];
-	int r;
-
-	if (ad->timeout.tpd)
-		triton_timer_del(&ad->timeout);
-
-	if (conf_ppp_verbose) {
-		log_ppp_info2("recv [MSCHAP-v2 Response id=%x <", msg->hdr.id);
-		print_buf(msg->peer_challenge,16);
-		log_ppp_info2(">, <");
-		print_buf(msg->nt_hash, 24);
-		log_ppp_info2(">, F=%i, name=\"", msg->flags);
-		print_str(msg->name, ntohs(msg->hdr.len) - sizeof(*msg) + 2);
-		log_ppp_info2("\"]\n");
-	}
-
-	if (msg->hdr.id != ad->id) {
-		if (conf_ppp_verbose)
-			log_ppp_error("mschap-v2: id mismatch\n");
-		chap_send_failure(ad);
-		if (ad->started)
-			ppp_terminate(ad->ppp, TERM_USER_ERROR, 0);
-		else
-			ppp_auth_failed(ad->ppp, NULL);
-	}
-
-	if (msg->val_size != RESPONSE_VALUE_SIZE) {
-		log_ppp_error("mschap-v2: incorrect value-size (%i)\n", msg->val_size);
-		chap_send_failure(ad);
-		if (ad->started)
-			ppp_terminate(ad->ppp, TERM_USER_ERROR, 0);
-		else
-			ppp_auth_failed(ad->ppp, NULL);
-	}
-
-	name = _strndup(msg->name, ntohs(msg->hdr.len) - sizeof(*msg) + 2);
-	if (!name) {
-		log_emerg("mschap-v2: out of memory\n");
-		if (ad->started)
-			ppp_terminate(ad->ppp, TERM_NAS_ERROR, 0);
-		else
-			ppp_auth_failed(ad->ppp, NULL);
-		return;
-	}
-	
-	r = pwdb_check(ad->ppp, name, PPP_CHAP, MSCHAP_V2, ad->id, ad->val, msg->peer_challenge, msg->reserved, msg->nt_hash, msg->flags, authenticator);
-
-	if (r == PWDB_NO_IMPL) {	
-		r = chap_check_response(ad, msg, name);
-		if (r)
-			r = PWDB_DENIED;
-		else if (generate_response(ad, msg, name, authenticator))
-			r = PWDB_DENIED;
-	}
-
-	if (r == PWDB_DENIED) {
-		chap_send_failure(ad);
-		if (ad->started)
-			ppp_terminate(ad->ppp, TERM_AUTH_ERROR, 0);
-		else
-			ppp_auth_failed(ad->ppp, name);
-		_free(name);
-	} else {
-		chap_send_success(ad, msg, authenticator);
-		if (!ad->started) {
-			ad->started = 1;
-			if (conf_interval)
-				triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0);
-			ppp_auth_successed(ad->ppp, name);
-		} else
-			_free(name);
-	}
-}
-
-static void des_encrypt(const uint8_t *input, const uint8_t *key, uint8_t *output)
-{
-	int i,j,parity;
-	union
-	{
-		uint64_t u64;
-		uint8_t buf[8];
-	} p_key;
-	DES_cblock cb;
-	DES_cblock res;
-	DES_key_schedule ks;
-
-	memcpy(p_key.buf,key,7);
-	p_key.u64=bswap_64(p_key.u64);
-
-	for(i=0;i<8;i++)
-	{
-		cb[i]=(((p_key.u64<<(7*i))>>56)&0xfe);
-		for(j=0, parity=0; j<7; j++)
-			if ((cb[i]>>(j+1))&1) parity++;
-		cb[i]|=(~parity)&1;
-	}
-
-	DES_set_key_checked(&cb, &ks);
-	memcpy(cb,input,8);
-	DES_ecb_encrypt(&cb,&res,&ks,DES_ENCRYPT);
-	memcpy(output,res,8);	
-}
-
-static int chap_check_response(struct chap_auth_data_t *ad, struct chap_response_t *msg, const char *name)
-{
-	MD4_CTX md4_ctx;
-	SHA_CTX sha_ctx;
-	uint8_t z_hash[21];
-	uint8_t c_hash[SHA_DIGEST_LENGTH];
-	uint8_t nt_hash[24];
-	char *passwd;
-	char *u_passwd;
-	int i;
-	
-	passwd = pwdb_get_passwd(ad->ppp, name);
-	if (!passwd) {
-		if (conf_ppp_verbose)
-			log_ppp_warn("mschap-v2: user not found\n");
-		chap_send_failure(ad);
-		return -1;
-	}
-
-	u_passwd=_malloc(strlen(passwd)*2);
-	for(i=0; i<strlen(passwd); i++)
-	{
-		u_passwd[i*2]=passwd[i];
-		u_passwd[i*2+1]=0;
-	}
-
-	SHA1_Init(&sha_ctx);
-	SHA1_Update(&sha_ctx,msg->peer_challenge,16);
-	SHA1_Update(&sha_ctx,ad->val,16);
-	SHA1_Update(&sha_ctx,name,strlen(name));
-	SHA1_Final(c_hash,&sha_ctx);
-
-	memset(z_hash,0,sizeof(z_hash));
-	MD4_Init(&md4_ctx);
-	MD4_Update(&md4_ctx,u_passwd,strlen(passwd)*2);
-	MD4_Final(z_hash,&md4_ctx);
-
-	des_encrypt(c_hash,z_hash,nt_hash);
-	des_encrypt(c_hash,z_hash+7,nt_hash+8);
-	des_encrypt(c_hash,z_hash+14,nt_hash+16);
-
-	set_mppe_keys(ad, z_hash, msg->nt_hash);
-
-	_free(passwd);
-	_free(u_passwd);
-
-	return memcmp(nt_hash,msg->nt_hash,24);
-}
-
-static void set_mppe_keys(struct chap_auth_data_t *ad, uint8_t *z_hash, uint8_t *nt_hash)
-{
-	MD4_CTX md4_ctx;
-	SHA_CTX sha_ctx;
-	uint8_t digest[20];
-	uint8_t send_key[20];
-	uint8_t recv_key[20];
-	
-	uint8_t pad1[40] =
-   {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
-
-	uint8_t pad2[40] =
-   {0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
-    0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
-    0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
-    0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2};
-
-	uint8_t magic1[27] =
-   {0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74,
-    0x68, 0x65, 0x20, 0x4d, 0x50, 0x50, 0x45, 0x20, 0x4d,
-    0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x4b, 0x65, 0x79};
-
-	uint8_t magic2[84] =
-   {0x4f, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x69,
-    0x65, 0x6e, 0x74, 0x20, 0x73, 0x69, 0x64, 0x65, 0x2c, 0x20,
-    0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68,
-    0x65, 0x20, 0x73, 0x65, 0x6e, 0x64, 0x20, 0x6b, 0x65, 0x79,
-    0x3b, 0x20, 0x6f, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x73,
-    0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x73, 0x69, 0x64, 0x65,
-    0x2c, 0x20, 0x69, 0x74, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68,
-    0x65, 0x20, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x20,
-    0x6b, 0x65, 0x79, 0x2e};
-
-	uint8_t magic3[84] =
-   {0x4f, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x69,
-    0x65, 0x6e, 0x74, 0x20, 0x73, 0x69, 0x64, 0x65, 0x2c, 0x20,
-    0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68,
-    0x65, 0x20, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x20,
-    0x6b, 0x65, 0x79, 0x3b, 0x20, 0x6f, 0x6e, 0x20, 0x74, 0x68,
-    0x65, 0x20, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x73,
-    0x69, 0x64, 0x65, 0x2c, 0x20, 0x69, 0x74, 0x20, 0x69, 0x73,
-    0x20, 0x74, 0x68, 0x65, 0x20, 0x73, 0x65, 0x6e, 0x64, 0x20,
-    0x6b, 0x65, 0x79, 0x2e};
-
-	struct ev_mppe_keys_t ev_mppe = {
-		.ppp = ad->ppp,
-		.type = 1 << 2,
-		.policy = 1,
-		.recv_key = recv_key,
-		.send_key = send_key,
-	};
-	
-	//NtPasswordHashHash
-	MD4_Init(&md4_ctx);
-	MD4_Update(&md4_ctx, z_hash, 16);
-	MD4_Final(digest, &md4_ctx);
-
-	//GetMasterKey
-	SHA1_Init(&sha_ctx);
-	SHA1_Update(&sha_ctx, digest, 16);
-	SHA1_Update(&sha_ctx, nt_hash, 24);
-	SHA1_Update(&sha_ctx, magic1, sizeof(magic1));
-	SHA1_Final(digest, &sha_ctx);
-
-	//send key
-	SHA1_Init(&sha_ctx);
-	SHA1_Update(&sha_ctx, digest, 16);
-	SHA1_Update(&sha_ctx, pad1, sizeof(pad1));
-	SHA1_Update(&sha_ctx, magic3, sizeof(magic2));
-	SHA1_Update(&sha_ctx, pad2, sizeof(pad2));
-	SHA1_Final(send_key, &sha_ctx);
-
-	//recv key
-	SHA1_Init(&sha_ctx);
-	SHA1_Update(&sha_ctx, digest, 16);
-	SHA1_Update(&sha_ctx, pad1, sizeof(pad1));
-	SHA1_Update(&sha_ctx, magic2, sizeof(magic3));
-	SHA1_Update(&sha_ctx, pad2, sizeof(pad2));
-	SHA1_Final(recv_key, &sha_ctx);
-
-	triton_event_fire(EV_MPPE_KEYS, &ev_mppe);
-}
-
-static int chap_check(uint8_t *ptr)
-{
-	return *ptr == MSCHAP_V2;
-}
-
-static int chap_restart(struct ppp_t *ppp, struct auth_data_t *auth)
-{
-	struct chap_auth_data_t *d = container_of(auth, typeof(*d), auth);
-	
-	chap_send_challenge(d);
-
-	return 0;
-}
-
-static struct ppp_auth_handler_t chap=
-{
-	.name          = "MSCHAP-v2",
-	.init          = auth_data_init,
-	.free          = auth_data_free,
-	.send_conf_req = lcp_send_conf_req,
-	.recv_conf_req = lcp_recv_conf_req,
-	.start         = chap_start,
-	.finish        = chap_finish,
-	.check         = chap_check,
-	.restart       = chap_restart,
-};
-
-static void chap_recv(struct ppp_handler_t *h)
-{
-	struct chap_auth_data_t *d = container_of(h, typeof(*d), h);
-	struct chap_hdr_t *hdr = (struct chap_hdr_t *)d->ppp->chan_buf;
-
-	if (d->ppp->chan_buf_size < sizeof(*hdr) || ntohs(hdr->len) < HDR_LEN || ntohs(hdr->len) < d->ppp->chan_buf_size - 2) {
-		log_ppp_warn("mschap-v2: short packet received\n");
-		return;
-	}
-
-	if (hdr->code == CHAP_RESPONSE)
-		chap_recv_response(d, hdr);
-	else
-		log_ppp_warn("mschap-v2: unknown code received %x\n",hdr->code);
-}
-
-static void __init auth_mschap_v2_init()
-{
-	urandom_fd = open("/dev/urandom", O_RDONLY);
-	if (urandom_fd < 0) {
-		log_emerg("mschap-v2: failed to open /dev/urandom: %s\n", strerror(errno));
-		return;
-	}
-
-	if (ppp_auth_register_handler(&chap))
-		log_emerg("mschap-v2: failed to register handler\n");
-}
-
author	Dmitry Kozlov <xeb@mail.ru>	2011-01-05 15:18:59 +0300
committer	Dmitry Kozlov <xeb@mail.ru>	2011-01-05 15:18:59 +0300
commit	f28cb1b0a926f1ea98700b7871537ad1793511fd (patch)
tree	baf35570bc6b38b6fab5b6524e8f19f58f71e57f /accel-pptpd/auth/auth_mschap_v2.c
parent	2fdf3586c13a72c36f9530084962e29d57dc0329 (diff)
download	accel-ppp-f28cb1b0a926f1ea98700b7871537ad1793511fd.tar.gz accel-ppp-f28cb1b0a926f1ea98700b7871537ad1793511fd.zip