diff options
author | brian <brian@FreeBSD.org> | 2000-10-30 00:15:04 +0000 |
---|---|---|
committer | brian <brian@FreeBSD.org> | 2000-10-30 00:15:04 +0000 |
commit | 06792c58d5296e43c29af28744e2aa418b29c02c (patch) | |
tree | b3faf577f26b4b6238bf2ed28bb1cced590c6645 /usr.sbin/ppp/lcp.c | |
parent | c238c956a4e688205b311cfc63717fc84e6d43eb (diff) | |
download | FreeBSD-src-06792c58d5296e43c29af28744e2aa418b29c02c.zip FreeBSD-src-06792c58d5296e43c29af28744e2aa418b29c02c.tar.gz |
Add MPPE and MSChap v2 support (denied and disabled by default)
Submitted by: Ustimenko Semen <semen@iclub.nsu.ru>
Diffstat (limited to 'usr.sbin/ppp/lcp.c')
-rw-r--r-- | usr.sbin/ppp/lcp.c | 37 |
1 files changed, 32 insertions, 5 deletions
diff --git a/usr.sbin/ppp/lcp.c b/usr.sbin/ppp/lcp.c index b2b56e0..096b59b 100644 --- a/usr.sbin/ppp/lcp.c +++ b/usr.sbin/ppp/lcp.c @@ -193,6 +193,8 @@ lcp_ReportStatus(struct cmdargs const *arg) command_ShowNegval(lcp->cfg.chap80nt)); prompt_Printf(arg->prompt, " LANMan = %s\n", command_ShowNegval(lcp->cfg.chap80lm)); + prompt_Printf(arg->prompt, " CHAP81 = %s\n", + command_ShowNegval(lcp->cfg.chap81)); #endif prompt_Printf(arg->prompt, " LQR = %s\n", command_ShowNegval(lcp->cfg.lqr)); @@ -244,6 +246,7 @@ lcp_Init(struct lcp *lcp, struct bundle *bundle, struct link *l, #ifdef HAVE_DES lcp->cfg.chap80nt = NEG_ACCEPTED; lcp->cfg.chap80lm = NEG_ACCEPTED; + lcp->cfg.chap81 = 0; #endif lcp->cfg.lqr = NEG_ACCEPTED; lcp->cfg.pap = NEG_ACCEPTED; @@ -292,6 +295,9 @@ lcp_Setup(struct lcp *lcp, int openmode) IsEnabled(lcp->cfg.chap80lm)) { lcp->want_auth = PROTO_CHAP; lcp->want_authtype = 0x80; + } else if (IsEnabled(lcp->cfg.chap81)) { + lcp->want_auth = PROTO_CHAP; + lcp->want_authtype = 0x81; #endif } else if (IsEnabled(lcp->cfg.pap)) { lcp->want_auth = PROTO_PAP; @@ -733,6 +739,12 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type, *dec->nakend++ = (unsigned char) (PROTO_CHAP >> 8); *dec->nakend++ = (unsigned char) PROTO_CHAP; *dec->nakend++ = 0x80; + } else if (IsAccepted(lcp->cfg.chap81)) { + *dec->nakend++ = *cp; + *dec->nakend++ = 5; + *dec->nakend++ = (unsigned char) (PROTO_CHAP >> 8); + *dec->nakend++ = (unsigned char) PROTO_CHAP; + *dec->nakend++ = 0x81; #endif } else goto reqreject; @@ -747,6 +759,7 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type, #ifdef HAVE_DES || (cp[4] == 0x80 && (IsAccepted(lcp->cfg.chap80nt) || (IsAccepted(lcp->cfg.chap80lm)))) + || (cp[4] == 0x81 && IsAccepted(lcp->cfg.chap81)) #endif ) { lcp->his_auth = proto; @@ -755,9 +768,11 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type, dec->ackend += length; } else { #ifndef HAVE_DES - if (cp[4] == 0x80) + if (cp[4] == 0x80) { log_Printf(LogWARN, "CHAP 0x80 not available without DES\n"); - else + } else if (cp[4] == 0x81) { + log_Printf(LogWARN, "CHAP 0x81 not available without DES\n"); + } else #endif if (cp[4] != 0x05) log_Printf(LogWARN, "%s not supported\n", @@ -777,6 +792,12 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type, *dec->nakend++ = (unsigned char) (PROTO_CHAP >> 8); *dec->nakend++ = (unsigned char) PROTO_CHAP; *dec->nakend++ = 0x80; + } else if (IsAccepted(lcp->cfg.chap81)) { + *dec->nakend++ = *cp; + *dec->nakend++ = 5; + *dec->nakend++ = (unsigned char) (PROTO_CHAP >> 8); + *dec->nakend++ = (unsigned char) PROTO_CHAP; + *dec->nakend++ = 0x81; #endif } else if (IsAccepted(lcp->cfg.pap)) { *dec->nakend++ = *cp; @@ -816,18 +837,24 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type, IsEnabled(lcp->cfg.chap80lm))) { lcp->want_auth = PROTO_CHAP; lcp->want_authtype = 0x80; + } else if (cp[4] == 0x81 && IsEnabled(lcp->cfg.chap81)) { + lcp->want_auth = PROTO_CHAP; + lcp->want_authtype = 0x81; #endif } else { #ifndef HAVE_DES - if (cp[4] == 0x80) + if (cp[4] == 0x80) { log_Printf(LogLCP, "Peer will only send MSCHAP (not available" " without DES)\n"); - else + } else if (cp[4] == 0x81) { + log_Printf(LogLCP, "Peer will only send MSCHAPV2 (not available" + " without DES)\n"); + } else #endif log_Printf(LogLCP, "Peer will only send %s (not %s)\n", Auth2Nam(PROTO_CHAP, cp[4]), #ifdef HAVE_DES - cp[4] == 0x80 ? "configured" : + (cp[4] == 0x80 || cp[4] == 0x81) ? "configured" : #endif "supported"); lcp->his_reject |= (1 << type); |