diff options
author | brian <brian@FreeBSD.org> | 1999-02-11 10:14:08 +0000 |
---|---|---|
committer | brian <brian@FreeBSD.org> | 1999-02-11 10:14:08 +0000 |
commit | 5dc50d8ed53887553c9cb516e2b7915e55171a9f (patch) | |
tree | f9ab8c0680569eb7727b37072506b8ada5abb174 /usr.sbin/ppp/datalink.c | |
parent | 4ef23fab94c614e2e42029a09de004d3a1613d62 (diff) | |
download | FreeBSD-src-5dc50d8ed53887553c9cb516e2b7915e55171a9f.zip FreeBSD-src-5dc50d8ed53887553c9cb516e2b7915e55171a9f.tar.gz |
When resending chap challenges, resend the same challenge
each time rather than making up a new one.
Increase the authname/authkey max sizes to 100 characters.
Allow ``authkey'' specifications beginning with ``!''.
When a challenge is received, the text following the
``!'' is executed as a program (expanding stuff in the same
way that ``sh'' and ``!bg'' do). The program is passed the
peer name, peer challenge and local ``authname'' on standard
input and is expected to output the name/key combination that
should be used to build the CHAP response.
This provides support for Secure ID cards (guess what I was
given at work recently!) using CHAP.
Examples will follow.
Diffstat (limited to 'usr.sbin/ppp/datalink.c')
-rw-r--r-- | usr.sbin/ppp/datalink.c | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/usr.sbin/ppp/datalink.c b/usr.sbin/ppp/datalink.c index 3b52c04..f5ca431 100644 --- a/usr.sbin/ppp/datalink.c +++ b/usr.sbin/ppp/datalink.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: datalink.c,v 1.28 1999/02/02 09:35:17 brian Exp $ + * $Id: datalink.c,v 1.29 1999/02/06 02:54:44 brian Exp $ */ #include <sys/param.h> @@ -335,7 +335,8 @@ datalink_UpdateSet(struct descriptor *d, fd_set *r, fd_set *w, fd_set *e, case DATALINK_AUTH: case DATALINK_CBCP: case DATALINK_OPEN: - result = descriptor_UpdateSet(&dl->physical->desc, r, w, e, n); + result = descriptor_UpdateSet(&dl->chap.desc, r, w, e, n) + + descriptor_UpdateSet(&dl->physical->desc, r, w, e, n); break; } return result; @@ -367,7 +368,8 @@ datalink_IsSet(struct descriptor *d, const fd_set *fdset) case DATALINK_AUTH: case DATALINK_CBCP: case DATALINK_OPEN: - return descriptor_IsSet(&dl->physical->desc, fdset); + return descriptor_IsSet(&dl->chap.desc, fdset) ? 1 : + descriptor_IsSet(&dl->physical->desc, fdset); } return 0; } @@ -393,7 +395,10 @@ datalink_Read(struct descriptor *d, struct bundle *bundle, const fd_set *fdset) case DATALINK_AUTH: case DATALINK_CBCP: case DATALINK_OPEN: - descriptor_Read(&dl->physical->desc, bundle, fdset); + if (descriptor_IsSet(&dl->chap.desc, fdset)) + descriptor_Read(&dl->chap.desc, bundle, fdset); + if (descriptor_IsSet(&dl->physical->desc, fdset)) + descriptor_Read(&dl->physical->desc, bundle, fdset); break; } } @@ -420,7 +425,10 @@ datalink_Write(struct descriptor *d, struct bundle *bundle, const fd_set *fdset) case DATALINK_AUTH: case DATALINK_CBCP: case DATALINK_OPEN: - result = descriptor_Write(&dl->physical->desc, bundle, fdset); + if (descriptor_IsSet(&dl->chap.desc, fdset)) + result += descriptor_Write(&dl->chap.desc, bundle, fdset); + if (descriptor_IsSet(&dl->physical->desc, fdset)) + result += descriptor_Write(&dl->physical->desc, bundle, fdset); break; } @@ -541,6 +549,7 @@ void datalink_CBCPComplete(struct datalink *dl) { datalink_NewState(dl, DATALINK_LCP); + chap_ReInit(&dl->chap); fsm_Close(&dl->physical->link.lcp.fsm); } @@ -567,6 +576,7 @@ datalink_AuthOk(struct datalink *dl) /* It's not CBCP */ log_Printf(LogPHASE, "%s: Shutdown and await peer callback\n", dl->name); datalink_NewState(dl, DATALINK_LCP); + chap_ReInit(&dl->chap); fsm_Close(&dl->physical->link.lcp.fsm); } else switch (dl->physical->link.lcp.his_callback.opmask) { @@ -591,6 +601,7 @@ datalink_AuthOk(struct datalink *dl) } dl->cbcp.fsm.delay = 0; datalink_NewState(dl, DATALINK_LCP); + chap_ReInit(&dl->chap); fsm_Close(&dl->physical->link.lcp.fsm); break; @@ -603,6 +614,7 @@ datalink_AuthOk(struct datalink *dl) dl->cbcp.required = 1; dl->cbcp.fsm.delay = 0; datalink_NewState(dl, DATALINK_LCP); + chap_ReInit(&dl->chap); fsm_Close(&dl->physical->link.lcp.fsm); break; @@ -610,6 +622,7 @@ datalink_AuthOk(struct datalink *dl) log_Printf(LogPHASE, "%s: Oops - Should have NAK'd peer callback !\n", dl->name); datalink_NewState(dl, DATALINK_LCP); + chap_ReInit(&dl->chap); fsm_Close(&dl->physical->link.lcp.fsm); break; } @@ -619,6 +632,7 @@ void datalink_AuthNotOk(struct datalink *dl) { datalink_NewState(dl, DATALINK_LCP); + chap_ReInit(&dl->chap); fsm_Close(&dl->physical->link.lcp.fsm); } @@ -647,6 +661,7 @@ datalink_LayerDown(void *v, struct fsm *fp) timer_Stop(&dl->chap.auth.authtimer); } datalink_NewState(dl, DATALINK_LCP); + chap_ReInit(&dl->chap); } } @@ -877,6 +892,7 @@ datalink_Close(struct datalink *dl, int how) case DATALINK_CBCP: case DATALINK_AUTH: case DATALINK_LCP: + chap_ReInit(&dl->chap); fsm_Close(&dl->physical->link.lcp.fsm); if (how != CLOSE_NORMAL) { dl->dial_tries = -1; |