minix/lib/liblwip/dist/src/include/netif/ppp/chap-new.h

   1 /*
   2  * chap-new.c - New CHAP implementation.
   3  *
   4  * Copyright (c) 2003 Paul Mackerras. All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  *
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  *
  13  * 2. The name(s) of the authors of this software must not be used to
  14  *    endorse or promote products derived from this software without
  15  *    prior written permission.
  16  *
  17  * 3. Redistributions of any form whatsoever must retain the following
  18  *    acknowledgment:
  19  *    "This product includes software developed by Paul Mackerras
  20  *     <paulus@samba.org>".
  21  *
  22  * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
  23  * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
  24  * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
  25  * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  26  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
  27  * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
  28  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  29  */
  30
  31 #include "netif/ppp/ppp_opts.h"
  32 #if PPP_SUPPORT && CHAP_SUPPORT  /* don't build if not configured for use in lwipopts.h */
  33
  34 #ifndef CHAP_H
  35 #define CHAP_H
  36
  37 #include "ppp.h"
  38
  39 /*
  40  * CHAP packets begin with a standard header with code, id, len (2 bytes).
  41  */
  42 #define CHAP_HDRLEN     4
  43
  44 /*
  45  * Values for the code field.
  46  */
  47 #define CHAP_CHALLENGE  1
  48 #define CHAP_RESPONSE   2
  49 #define CHAP_SUCCESS    3
  50 #define CHAP_FAILURE    4
  51
  52 /*
  53  * CHAP digest codes.
  54  */
  55 #define CHAP_MD5                5
  56 #if MSCHAP_SUPPORT
  57 #define CHAP_MICROSOFT          0x80
  58 #define CHAP_MICROSOFT_V2       0x81
  59 #endif /* MSCHAP_SUPPORT */
  60
  61 /*
  62  * Semi-arbitrary limits on challenge and response fields.
  63  */
  64 #define MAX_CHALLENGE_LEN       64
  65 #define MAX_RESPONSE_LEN        64
  66
  67 /*
  68  * These limits apply to challenge and response packets we send.
  69  * The +4 is the +1 that we actually need rounded up.
  70  */
  71 #define CHAL_MAX_PKTLEN (PPP_HDRLEN + CHAP_HDRLEN + 4 + MAX_CHALLENGE_LEN + MAXNAMELEN)
  72 #define RESP_MAX_PKTLEN (PPP_HDRLEN + CHAP_HDRLEN + 4 + MAX_RESPONSE_LEN + MAXNAMELEN)
  73
  74 /* bitmask of supported algorithms */
  75 #if MSCHAP_SUPPORT
  76 #define MDTYPE_MICROSOFT_V2     0x1
  77 #define MDTYPE_MICROSOFT        0x2
  78 #endif /* MSCHAP_SUPPORT */
  79 #define MDTYPE_MD5              0x4
  80 #define MDTYPE_NONE             0
  81
  82 #if MSCHAP_SUPPORT
  83 /* Return the digest alg. ID for the most preferred digest type. */
  84 #define CHAP_DIGEST(mdtype) \
  85     ((mdtype) & MDTYPE_MD5)? CHAP_MD5: \
  86     ((mdtype) & MDTYPE_MICROSOFT_V2)? CHAP_MICROSOFT_V2: \
  87     ((mdtype) & MDTYPE_MICROSOFT)? CHAP_MICROSOFT: \
  88     0
  89 #else /* !MSCHAP_SUPPORT */
  90 #define CHAP_DIGEST(mdtype) \
  91     ((mdtype) & MDTYPE_MD5)? CHAP_MD5: \
  92     0
  93 #endif /* MSCHAP_SUPPORT */
  94
  95 /* Return the bit flag (lsb set) for our most preferred digest type. */
  96 #define CHAP_MDTYPE(mdtype) ((mdtype) ^ ((mdtype) - 1)) & (mdtype)
  97
  98 /* Return the bit flag for a given digest algorithm ID. */
  99 #if MSCHAP_SUPPORT
 100 #define CHAP_MDTYPE_D(digest) \
 101     ((digest) == CHAP_MICROSOFT_V2)? MDTYPE_MICROSOFT_V2: \
 102     ((digest) == CHAP_MICROSOFT)? MDTYPE_MICROSOFT: \
 103     ((digest) == CHAP_MD5)? MDTYPE_MD5: \
 104     0
 105 #else /* !MSCHAP_SUPPORT */
 106 #define CHAP_MDTYPE_D(digest) \
 107     ((digest) == CHAP_MD5)? MDTYPE_MD5: \
 108     0
 109 #endif /* MSCHAP_SUPPORT */
 110
 111 /* Can we do the requested digest? */
 112 #if MSCHAP_SUPPORT
 113 #define CHAP_CANDIGEST(mdtype, digest) \
 114     ((digest) == CHAP_MICROSOFT_V2)? (mdtype) & MDTYPE_MICROSOFT_V2: \
 115     ((digest) == CHAP_MICROSOFT)? (mdtype) & MDTYPE_MICROSOFT: \
 116     ((digest) == CHAP_MD5)? (mdtype) & MDTYPE_MD5: \
 117     0
 118 #else /* !MSCHAP_SUPPORT */
 119 #define CHAP_CANDIGEST(mdtype, digest) \
 120     ((digest) == CHAP_MD5)? (mdtype) & MDTYPE_MD5: \
 121     0
 122 #endif /* MSCHAP_SUPPORT */
 123
 124 /*
 125  * The code for each digest type has to supply one of these.
 126  */
 127 struct chap_digest_type {
 128         int code;
 129
 130 #if PPP_SERVER
 131         /*
 132          * Note: challenge and response arguments below are formatted as
 133          * a length byte followed by the actual challenge/response data.
 134          */
 135         void (*generate_challenge)(ppp_pcb *pcb, unsigned char *challenge);
 136         int (*verify_response)(ppp_pcb *pcb, int id, const char *name,
 137                 const unsigned char *secret, int secret_len,
 138                 const unsigned char *challenge, const unsigned char *response,
 139                 char *message, int message_space);
 140 #endif /* PPP_SERVER */
 141         void (*make_response)(ppp_pcb *pcb, unsigned char *response, int id, const char *our_name,
 142                 const unsigned char *challenge, const char *secret, int secret_len,
 143                 unsigned char *priv);
 144         int (*check_success)(ppp_pcb *pcb, unsigned char *pkt, int len, unsigned char *priv);
 145         void (*handle_failure)(ppp_pcb *pcb, unsigned char *pkt, int len);
 146 };
 147
 148 /*
 149  * Each interface is described by chap structure.
 150  */
 151 #if CHAP_SUPPORT
 152 typedef struct chap_client_state {
 153         u8_t flags;
 154         const char *name;
 155         const struct chap_digest_type *digest;
 156         unsigned char priv[64];         /* private area for digest's use */
 157 } chap_client_state;
 158
 159 #if PPP_SERVER
 160 typedef struct chap_server_state {
 161         u8_t flags;
 162         u8_t id;
 163         const char *name;
 164         const struct chap_digest_type *digest;
 165         int challenge_xmits;
 166         int challenge_pktlen;
 167         unsigned char challenge[CHAL_MAX_PKTLEN];
 168 } chap_server_state;
 169 #endif /* PPP_SERVER */
 170 #endif /* CHAP_SUPPORT */
 171
 172 #if 0 /* UNUSED */
 173 /* Hook for a plugin to validate CHAP challenge */
 174 extern int (*chap_verify_hook)(char *name, char *ourname, int id,
 175                         const struct chap_digest_type *digest,
 176                         unsigned char *challenge, unsigned char *response,
 177                         char *message, int message_space);
 178 #endif /* UNUSED */
 179
 180 #if PPP_SERVER
 181 /* Called by authentication code to start authenticating the peer. */
 182 extern void chap_auth_peer(ppp_pcb *pcb, const char *our_name, int digest_code);
 183 #endif /* PPP_SERVER */
 184
 185 /* Called by auth. code to start authenticating us to the peer. */
 186 extern void chap_auth_with_peer(ppp_pcb *pcb, const char *our_name, int digest_code);
 187
 188 /* Represents the CHAP protocol to the main pppd code */
 189 extern const struct protent chap_protent;
 190
 191 #endif /* CHAP_H */
 192 #endif /* PPP_SUPPORT && CHAP_SUPPORT */