📄 auth.c
字号:
pHdr->Code = PAPCODE_ACK;
pHdr->Length = HNC16(SIZE_LCPHDR);
// Send the packet
FragSetBufParams( hFrag, SIZE_LCPHDR, Offset );
p->SICtrl(p->hSI, SI_MSG_SENDPACKET, PPPPROT_PAP, hPkt );
hPkt = 0;
p->auth.State = PROT_STATE_CONNECTED;
pppEvent( (HANDLE)p, PPP_EVENT_AUTH_CONNECT );
break;
}
AUTH_REJECT:
pHdr->Code = PAPCODE_NAK;
pHdr->Length = HNC16(SIZE_LCPHDR);
// Send the packet
FragSetBufParams( hFrag, SIZE_LCPHDR, Offset );
p->SICtrl(p->hSI, SI_MSG_SENDPACKET, PPPPROT_PAP, hPkt );
hPkt = 0;
p->auth.State = PROT_STATE_STOPPED;
pppEvent( (HANDLE)p, PPP_EVENT_AUTH_STOPPED );
break;
case PAPCODE_ACK:
if( (p->Flags & PPPFLG_CLIENT) && pHdr->Id == p->auth.LastId )
{
p->auth.State = PROT_STATE_CONNECTED;
pppEvent( (HANDLE)p, PPP_EVENT_AUTH_CONNECT );
}
break;
case PAPCODE_NAK:
if( pHdr->Id == p->auth.LastId )
{
p->auth.State = PROT_STATE_STOPPED;
pppEvent( (HANDLE)p, PPP_EVENT_AUTH_STOPPED );
}
break;
default:
break;
}
PAPExit:
if( hPkt )
PktFree( hPkt );
}
//--------------------------------------------------------------------
// chapSendMsg()
//
// Send a CHAP message
//--------------------------------------------------------------------
static void chapSendMsg( PPP_SESSION *p, UINT8 Message, UINT8 Id )
{
HANDLE hPkt,hFrag;
uint Offset;
UINT8 *pb;
LCPHDR *pHdr;
UINT16 Len,wTmp;
UINT8 *pTagData;
UINT32 dwTmp;
char *pstrTmp;
// Create the packet (use size of 100 for now)
if( !(hPkt = IFCreatePacket( 100, 0, 0 )) )
return;
// Get the frag
hFrag = PktGetFrag( hPkt );
// Get a pointer to the new header
pb = FragGetBufParams( hFrag, 0, 0, 0 );
Offset = PktGetSizeLLC( hPkt );
pHdr = (LCPHDR *)(pb + Offset);
// Build the CFG packet
pHdr->Code = Message;
pHdr->Id = Id;
// Add options
pTagData = pHdr->TagData;
Len = SIZE_LCPHDR;
if( pHdr->Code <= CHAPCODE_RESPONSE )
{
// Reset the timeout
p->auth.Timer = AUTH_TIMER_CFGRETRY;
// If this is a challenge, re-seed the challenge data
if( pHdr->Code == CHAPCODE_CHALLENGE )
{
dwTmp = llTimerGetTime(0);
mmCopy( p->auth.SeedData, &dwTmp, 4);
mmCopy( p->auth.SeedData+4, &dwTmp, 4);
mmCopy( p->auth.SeedData+8, p->auth.SeedData, 8);
p->auth.SeedLen = 16;
pstrTmp = "DSPIP";
}
else
pstrTmp = p->UserId;
// Challenge data
*pTagData++ = p->auth.SeedLen;
mmCopy( pTagData, p->auth.SeedData, p->auth.SeedLen );
pTagData += p->auth.SeedLen;
Len += p->auth.SeedLen + 1;
// Userid
wTmp = strlen( pstrTmp );
mmCopy( pTagData, pstrTmp, wTmp );
pTagData += wTmp;
Len += wTmp;
}
pHdr->Length = HNC16(Len);
// Send the packet
FragSetBufParams( hFrag, Len, Offset );
p->SICtrl(p->hSI, SI_MSG_SENDPACKET, PPPPROT_CHAP, hPkt );
}
//--------------------------------------------------------------------
// chapInput()
//
// Packet input function for CHAP
//--------------------------------------------------------------------
void chapInput( PPP_SESSION *p, HANDLE hPkt )
{
LCPHDR *pHdr;
HANDLE hFrag;
UINT8 *pb;
uint Size,Offset;
int TagLen;
UINT16 Len;
UINT8 *pTagData;
UINT8 c;
UINT8 KeyResults[16];
UINT8 KeyInput[16+PPPNAMELEN+2];
UINT8 *pKeyData;
int KeyLen;
MD5_CTX context; /* context */
// If we're not open or connected, discard packet
if( p->auth.State != PROT_STATE_CLOSED &&
p->auth.State == PROT_STATE_CONNECTED )
goto CHAPExit;
// We know we have a Frag...
hFrag = PktGetFrag( hPkt );
// Get the buffer parameters
pb = FragGetBufParams( hFrag, 0, &Size, &Offset );
pb += Offset;
// Get the LCPHDR
pHdr = (LCPHDR *)pb;
// Get packet length
Len = HNC16( pHdr->Length );
// Verify that we have the entire packet
if( Len > (UINT16)Size )
goto CHAPExit;
// Get pointer to tag data and length
pTagData = pHdr->TagData;
TagLen = (int)(Len - SIZE_LCPHDR);
switch( pHdr->Code )
{
case CHAPCODE_CHALLENGE:
// Only handle challenge request if client
if( !(p->Flags & PPPFLG_CLIENT) )
break;
// Get challenge data
c = *pTagData++;
// We expect 16 bytes
if( c != 16 )
break;
// Copy Id and Password into key input
pKeyData = KeyInput;
*pKeyData++ = pHdr->Id;
KeyLen = strlen( p->Password );
mmCopy( pKeyData, p->Password, KeyLen );
// Apply encryption
MD5Init( &context );
MD5Update( &context, KeyInput, KeyLen+1 );
MD5Update( &context, pTagData, 16 );
MD5Final( p->auth.SeedData, &context );
p->auth.SeedLen = 16;
// Send response
p->auth.Count = 5; // Retry Count
p->auth.LastId = pHdr->Id;
chapSendMsg( p, CHAPCODE_RESPONSE, p->auth.LastId );
break;
case CHAPCODE_RESPONSE:
// Only handle challenge response if server
if( !(p->Flags & PPPFLG_SERVER) )
break;
// Only examine response to most recent challenge
if( pHdr->Id != p->auth.LastId )
break;
// Get challenge data
c = *pTagData++;
// We expect 16 bytes
if( c != 16 )
goto AUTH_FAIL;
// Get UserId
TagLen -= 17;
if( TagLen<1 || TagLen>=PPPNAMELEN )
goto AUTH_FAIL;
mmCopy( p->UserId, pTagData+16, TagLen );
p->UserId[TagLen] = 0;
// Get the password for this user
if( !authGetPassword(p) )
goto AUTH_FAIL;
// Copy Id and Password into key input
pKeyData = KeyInput;
*pKeyData++ = pHdr->Id;
KeyLen = strlen( p->Password );
mmCopy( pKeyData, p->Password, KeyLen );
// Apply encryption
MD5Init( &context );
MD5Update( &context, KeyInput, KeyLen+1 );
MD5Update( &context, p->auth.SeedData, 16 );
MD5Final( KeyResults, &context );
// Compare
for( c=0; c<16; c++ )
if( KeyResults[c] != *(pTagData+c) )
goto AUTH_FAIL;
// Send success
chapSendMsg( p, CHAPCODE_SUCCESS, p->auth.LastId );
if( p->auth.State == PROT_STATE_OPEN )
{
p->auth.State = PROT_STATE_CONNECTED;
pppEvent( (HANDLE)p, PPP_EVENT_AUTH_CONNECT );
}
break;
AUTH_FAIL:
chapSendMsg( p, CHAPCODE_FAILURE, p->auth.LastId );
p->auth.State = PROT_STATE_STOPPED;
pppEvent( (HANDLE)p, PPP_EVENT_AUTH_STOPPED );
break;
case CHAPCODE_SUCCESS:
if( (p->Flags & PPPFLG_CLIENT) &&
pHdr->Id == p->auth.LastId &&
p->auth.State == PROT_STATE_OPEN )
{
p->auth.State = PROT_STATE_CONNECTED;
pppEvent( (HANDLE)p, PPP_EVENT_AUTH_CONNECT );
}
break;
case CHAPCODE_FAILURE:
if( pHdr->Id == p->auth.LastId )
{
p->auth.State = PROT_STATE_STOPPED;
pppEvent( (HANDLE)p, PPP_EVENT_AUTH_STOPPED );
}
break;
default:
break;
}
CHAPExit:
PktFree( hPkt );
}
#endif
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -