peap_phase2.cpp

source_code 实现无线局域网中的802.1x功能

/**************************************************************************/
/* WIRE1x Version 1.0: A client-side 802.1x implementation                */
/* based on xsupplicant of Open1x for Windows XP, 2000, 98, and Me        */
/*                                                                        */
/* This code is released under both the GPL version 2 and BSD licenses.   */
/* Either license may be used.  The respective licenses are found below.  */
/*                                                                        */
/* Copyright (C) 2004, WIRE Lab, National Tsing Hua Univ., Hsinchu, Taiwan*/
/* All Rights Reserved                                                    */
/**************************************************************************/
/*
 * --- GPL Version 2 License ---
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 *
 * --- BSD License ---
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 *  - Redistributions of source code must retain the above copyright notice,
 *    this list of conditions and the following disclaimer.
 *  - Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *  - All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *       This product includes software developed by the University of
 *       Maryland at College Park and its contributors.
 *  - Neither the name of the University nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */
#include <stdafx.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <winsock.h>
#include "peap_phase2.h"
#include "eap.h"
#include "userconf.h"

#define VALID_EAP_TYPE  EAP_TYPE_MSCHAP
#define HIGHEST_PEAP_SUPPORTED   1

int inphase2_peap_version = 1;  // By default, use version 0

int set_peap_version(int new_version)
{
  if (new_version > HIGHEST_PEAP_SUPPORTED) 
    {
      inphase2_peap_version = HIGHEST_PEAP_SUPPORTED;
      return HIGHEST_PEAP_SUPPORTED;
    }

  if (inphase2_peap_version != new_version)
    {
      inphase2_peap_version = new_version;
    }
  return inphase2_peap_version;
}

int get_peap_version()
{
  return inphase2_peap_version;
}

// Remove the beginning 18 bytes.
void peap_unpad_frame(u_char *in, int in_size, u_char *out, int *out_size)
{
  int i;

  *out_size = in_size - 4;

  for (i=0;i<=*out_size;i++)
    {
      out[i] = in[4+i];
    }
}

// Pad out the beginning with 18 bytes.  (Probably 0s.)
void peap_pad_frame(u_char *in, int in_size, u_char *out, int *out_size)
{
  int i;

  *out_size = in_size + 4;

  memset(out, 0, *out_size);
  for (i=0;i<=in_size;i++)
    {
      out[4+i] = in[i];
    }
}

void do_peap_version1(u_char *in, int in_size, u_char *out, int *out_size)
{
  char *new_frame = NULL, *username = NULL;
  int eapvalue, new_frame_size;
  uint16_t i;

  eapvalue = in[4];

  new_frame = (char *)malloc(1024);
  if (new_frame == NULL)
    {
      return;
    }
  memset(new_frame, 0, 1024);

  switch (eapvalue)
    {
    case EAP_REQUEST:
	// In version 1, we answer with an EAP header.
	out[0] = EAP_RESPONSE;
	out[1] = in[1];  // Use the same ID #

	username = get_phase2id();
	i = htons(strlen(username)+5);
	memcpy((char *)&out[2], (uint16_t *)&i, 2);  // The length of the username + header.
	out[4] = EAP_TYPE_ID;
	memcpy(&out[5], username, strlen(username)+1);
	*out_size = strlen(username)+5;

      break;

    case EAP_SUCCESS:
      printf("Got a phase 2 success!\n");
      break;

    case EAP_FAILURE:
      printf("Got a phase 2 failure!\n");
      break;

    case EAP_TYPE_PEAP:  // Is this a PEAP inner request?
      out[0] = EAP_RESPONSE;
      out[1] = in[1];
      out[2] = 0;
      out[3] = 6;
      out[4]=EAP_TYPE_NAK;  // NAK
      out[5]=EAP_TYPE_MSCHAP; // MS-CHAPv2
      *out_size = 6;
      break;

    case EAP_TYPE_MSCHAP: 
      eapmschap_auth_setup();  // Make sure we have everything we need.
      eapmschap_decode_packet(&in[5],in_size-5,(u_char *)new_frame, &new_frame_size);
      out[0] = EAP_RESPONSE;
      out[1] = in[1];

      i = ntohs(6+new_frame_size); // 6 bytes header, plus out answer
      memcpy(&out[2], (uint16_t *)&i, 2);
      out[4] = EAP_TYPE_MSCHAP;  // We have an MSCHAPv2 answer

      memcpy(&out[5], new_frame, new_frame_size);
      *out_size = new_frame_size+5;
      break;

    case PEAP_EAP_EXTENSION: // EAP Extension
      out[0] = EAP_RESPONSE;
      memcpy(&out[1], &in[1], in_size-1);
      *out_size = in_size;
      break;

    default:
      printf("Not sure how to handle this request! (We will now crash!)\n");
      break;

    }

}

void do_peap_version0(u_char *in, int in_size, u_char *out, int *out_size)
{
  char *padded_frame, *new_frame;
  int padded_size, new_frame_size, eframe = 0;

  padded_size = in_size;

  padded_frame = (char *)malloc(in_size+19);  // It is 19 bytes to pad out.
  if (padded_frame == NULL)
    {
      return;
    }



  if ((in[4] == 0x21) && (in[5] = 0x80))  
    {
      eframe = 1;
      memcpy(padded_frame, in, in_size);
    }

  if (eframe != 1) 
    {
      peap_pad_frame(in, in_size, (u_char *)padded_frame, &padded_size);
    }

  new_frame = (char *)malloc(1024);
  if (new_frame == NULL)
    {
      return;
    }
 
  do_peap_version1((u_char *)padded_frame, padded_size, (u_char *)new_frame, &new_frame_size);
  if (eframe !=1) 
    {
      peap_unpad_frame((u_char *)new_frame, new_frame_size, out, out_size);
    } else {
      memcpy(out, new_frame, new_frame_size);
      *out_size = new_frame_size;
    }

  eframe = 0;
}


void peap_do_phase2(u_char *in, int in_size, u_char *out, int *out_size)
{
  if (in[0] == 0x00) 
    {
      // If we are handed an ACK, then just return an ACK.
	  memset(out, 0, 10);
      *out_size = 0;
      return;
    }

  memset(out, 0, 100);
  switch (get_peap_version())
    {
    case 0:
      do_peap_version0(in, in_size, out, out_size);
      break;
    case 1:
      do_peap_version1(in, in_size, out, out_size);
      break;
    }
}