auth.c

lwip-1.4.0

      
  if (ret == UPAP_AUTHNAK) {
    if (*msg == (char *) 0) {
      *msg = "Login incorrect";
    }
    *msglen = strlen(*msg);
    /*
     * Frustrate passwd stealer programs.
     * Allow 10 tries, but start backing off after 3 (stolen from login).
     * On 10'th, drop the connection.
     */
    if (attempts++ >= 10) {
      AUTHDEBUG(LOG_WARNING, ("%d LOGIN FAILURES BY %s\n", attempts, user));
      /*ppp_panic("Excess Bad Logins");*/
    }
    if (attempts > 3) {
      /* @todo: this was sleep(), i.e. seconds, not milliseconds
       * I don't think we really need this in lwIP - we would block tcpip_thread!
       */
      /*sys_msleep((attempts - 3) * 5);*/
    }
    if (addrs != NULL) {
      free_wordlist(addrs);
    }
  } else {
    attempts = 0; /* Reset count */
    if (*msg == (char *) 0) {
      *msg = "Login ok";
    }
    *msglen = strlen(*msg);
    set_allowed_addrs(unit, addrs);
  }

  BZERO(passwd, sizeof(passwd));
  BZERO(secret, sizeof(secret));

  return ret;
#endif
}
#endif /* PAP_SUPPORT */

#if 0 /* UNUSED */
/*
 * This function is needed for PAM.
 */

#ifdef USE_PAM

/* lwip does not support PAM*/

#endif  /* USE_PAM */

#endif /* UNUSED */


#if 0 /* UNUSED */
/*
 * plogin - Check the user name and password against the system
 * password database, and login the user if OK.
 *
 * returns:
 *  UPAP_AUTHNAK: Login failed.
 *  UPAP_AUTHACK: Login succeeded.
 * In either case, msg points to an appropriate message.
 */
static int
plogin(char *user, char *passwd, char **msg, int *msglen)
{

  LWIP_UNUSED_ARG(user);
  LWIP_UNUSED_ARG(passwd);
  LWIP_UNUSED_ARG(msg);
  LWIP_UNUSED_ARG(msglen);


 /* The new lines are here align the file when 
  * compared against the pppd 2.3.11 code */
















  /* XXX Fail until we decide that we want to support logins. */
  return (UPAP_AUTHNAK);
}
#endif



/*
 * plogout - Logout the user.
 */
static void
plogout(void)
{
  logged_in = 0;
}

/*
 * null_login - Check if a username of "" and a password of "" are
 * acceptable, and iff so, set the list of acceptable IP addresses
 * and return 1.
 */
static int
null_login(int unit)
{
  LWIP_UNUSED_ARG(unit);
  /* XXX Fail until we decide that we want to support logins. */
  return 0;
}


/*
 * get_pap_passwd - get a password for authenticating ourselves with
 * our peer using PAP.  Returns 1 on success, 0 if no suitable password
 * could be found.
 */
static int
get_pap_passwd(int unit, char *user, char *passwd)
{
  LWIP_UNUSED_ARG(unit);
/* normally we would reject PAP if no password is provided,
   but this causes problems with some providers (like CHT in Taiwan)
   who incorrectly request PAP and expect a bogus/empty password, so
   always provide a default user/passwd of "none"/"none"

   @todo: This should be configured by the user, instead of being hardcoded here!
*/
  if(user) {
    strcpy(user, "none");
  }
  if(passwd) {
    strcpy(passwd, "none");
  }
  return 1;
}

/*
 * have_pap_secret - check whether we have a PAP file with any
 * secrets that we could possibly use for authenticating the peer.
 */
static int
have_pap_secret(void)
{
  /* XXX Fail until we set up our passwords. */
  return 0;
}

/*
 * have_chap_secret - check whether we have a CHAP file with a
 * secret that we could possibly use for authenticating `client'
 * on `server'.  Either can be the null string, meaning we don't
 * know the identity yet.
 */
static int
have_chap_secret(char *client, char *server, u32_t remote)
{
  LWIP_UNUSED_ARG(client);
  LWIP_UNUSED_ARG(server);
  LWIP_UNUSED_ARG(remote);

  /* XXX Fail until we set up our passwords. */
  return 0;
}
#if CHAP_SUPPORT

/*
 * get_secret - open the CHAP secret file and return the secret
 * for authenticating the given client on the given server.
 * (We could be either client or server).
 */
int
get_secret(int unit, char *client, char *server, char *secret, int *secret_len, int save_addrs)
{
#if 1
  int len;
  struct wordlist *addrs;

  LWIP_UNUSED_ARG(unit);
  LWIP_UNUSED_ARG(server);
  LWIP_UNUSED_ARG(save_addrs);

  addrs = NULL;

  if(!client || !client[0] || strcmp(client, ppp_settings.user)) {
    return 0;
  }

  len = (int)strlen(ppp_settings.passwd);
  if (len > MAXSECRETLEN) {
    AUTHDEBUG(LOG_ERR, ("Secret for %s on %s is too long\n", client, server));
    len = MAXSECRETLEN;
  }

  BCOPY(ppp_settings.passwd, secret, len);
  *secret_len = len;

  return 1;
#else
  int ret = 0, len;
  struct wordlist *addrs;
  char secbuf[MAXWORDLEN];
  
  addrs = NULL;
  secbuf[0] = 0;

  /* XXX Find secret. */
  if (ret < 0) {
    return 0;
  }

  if (save_addrs) {
    set_allowed_addrs(unit, addrs);
  }

  len = strlen(secbuf);
  if (len > MAXSECRETLEN) {
    AUTHDEBUG(LOG_ERR, ("Secret for %s on %s is too long\n", client, server));
    len = MAXSECRETLEN;
  }

  BCOPY(secbuf, secret, len);
  BZERO(secbuf, sizeof(secbuf));
  *secret_len = len;

  return 1;
#endif
}
#endif /* CHAP_SUPPORT */


#if 0 /* PAP_SUPPORT || CHAP_SUPPORT */
/*
 * set_allowed_addrs() - set the list of allowed addresses.
 */
static void
set_allowed_addrs(int unit, struct wordlist *addrs)
{
  if (addresses[unit] != NULL) {
    free_wordlist(addresses[unit]);
  }
  addresses[unit] = addrs;

#if 0
  /*
   * If there's only one authorized address we might as well
   * ask our peer for that one right away
   */
  if (addrs != NULL && addrs->next == NULL) {
    char *p = addrs->word;
    struct ipcp_options *wo = &ipcp_wantoptions[unit];
    u32_t a;
    struct hostent *hp;
    
    if (wo->hisaddr == 0 && *p != '!' && *p != '-' && strchr(p, '/') == NULL) {
      hp = gethostbyname(p);
      if (hp != NULL && hp->h_addrtype == AF_INET) {
        a = *(u32_t *)hp->h_addr;
      } else {
        a = inet_addr(p);
      }
      if (a != (u32_t) -1) {
        wo->hisaddr = a;
      }
    }
  }
#endif
}
#endif /* 0 */ /* PAP_SUPPORT || CHAP_SUPPORT */

/*
 * auth_ip_addr - check whether the peer is authorized to use
 * a given IP address.  Returns 1 if authorized, 0 otherwise.
 */
int
auth_ip_addr(int unit, u32_t addr)
{
  return ip_addr_check(addr, addresses[unit]);
}

static int /* @todo: integrate this funtion into auth_ip_addr()*/
ip_addr_check(u32_t addr, struct wordlist *addrs)
{
  /* don't allow loopback or multicast address */
  if (bad_ip_adrs(addr)) {
    return 0;
  }

  if (addrs == NULL) {
    return !ppp_settings.auth_required; /* no addresses authorized */
  }

  /* XXX All other addresses allowed. */
  return 1;
}

/*
 * bad_ip_adrs - return 1 if the IP address is one we don't want
 * to use, such as an address in the loopback net or a multicast address.
 * addr is in network byte order.
 */
int
bad_ip_adrs(u32_t addr)
{
  addr = ntohl(addr);
  return (addr >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET
      || IN_MULTICAST(addr) || IN_BADCLASS(addr);
}

#if 0 /* UNUSED */ /* PAP_SUPPORT || CHAP_SUPPORT */
/*
 * some_ip_ok - check a wordlist to see if it authorizes any
 * IP address(es).
 */
static int
some_ip_ok(struct wordlist *addrs)
{
    for (; addrs != 0; addrs = addrs->next) {
      if (addrs->word[0] == '-')
        break;
      if (addrs->word[0] != '!')
        return 1; /* some IP address is allowed */
    }
    return 0;
}

/*
 * check_access - complain if a secret file has too-liberal permissions.
 */
static void
check_access(FILE *f, char *filename)
{
    struct stat sbuf;

    if (fstat(fileno(f), &sbuf) < 0) {
      warn("cannot stat secret file %s: %m", filename);
    } else if ((sbuf.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
      warn("Warning - secret file %s has world and/or group access",
            filename);
    }
}


/*
 * scan_authfile - Scan an authorization file for a secret suitable
 * for authenticating `client' on `server'.  The return value is -1
 * if no secret is found, otherwise >= 0.  The return value has
 * NONWILD_CLIENT set if the secret didn't have "*" for the client, and
 * NONWILD_SERVER set if the secret didn't have "*" for the server.
 * Any following words on the line up to a "--" (i.e. address authorization
 * info) are placed in a wordlist and returned in *addrs.  Any
 * following words (extra options) are placed in a wordlist and
 * returned in *opts.
 * We assume secret is NULL or points to MAXWORDLEN bytes of space.
 */
static int
scan_authfile(FILE *f, char *client, char *server, char *secret, struct wordlist **addrs, struct wordlist **opts, char *filename)
{
  /* We do not (currently) need this in lwip  */
  return 0; /* dummy */
}
/*
 * free_wordlist - release memory allocated for a wordlist.
 */
static void
free_wordlist(struct wordlist *wp)
{
  struct wordlist *next;

  while (wp != NULL) {
    next = wp->next;
    free(wp);
    wp = next;
  }
}

/*
 * auth_script_done - called when the auth-up or auth-down script
 * has finished.
 */
static void
auth_script_done(void *arg)
{
    auth_script_pid = 0;
    switch (auth_script_state) {
    case s_up:
      if (auth_state == s_down) {
        auth_script_state = s_down;
        auth_script(_PATH_AUTHDOWN);
      }
      break;
    case s_down:
      if (auth_state == s_up) {
        auth_script_state = s_up;
        auth_script(_PATH_AUTHUP);
      }
      break;
    }
}

/*
 * auth_script - execute a script with arguments
 * interface-name peer-name real-user tty speed
 */
static void
auth_script(char *script)
{
    char strspeed[32];
    struct passwd *pw;
    char struid[32];
    char *user_name;
    char *argv[8];

    if ((pw = getpwuid(getuid())) != NULL && pw->pw_name != NULL)
      user_name = pw->pw_name;
    else {
      slprintf(struid, sizeof(struid), "%d", getuid());
      user_name = struid;
    }
    slprintf(strspeed, sizeof(strspeed), "%d", baud_rate);

    argv[0] = script;
    argv[1] = ifname;
    argv[2] = peer_authname;
    argv[3] = user_name;
    argv[4] = devnam;
    argv[5] = strspeed;
    argv[6] = NULL;

    auth_script_pid = run_program(script, argv, 0, auth_script_done, NULL);
}
#endif  /* 0 */ /* PAP_SUPPORT || CHAP_SUPPORT */
#endif /* PPP_SUPPORT */