Add MPPE and MSChap v2 support (denied and disabled by default)

Submitted by: Ustimenko Semen <semen@iclub.nsu.ru>
author: brian <brian@FreeBSD.org> 2000-10-30 00:15:04 +0000
committer: brian <brian@FreeBSD.org> 2000-10-30 00:15:04 +0000
commit: 06792c58d5296e43c29af28744e2aa418b29c02c (patch)
tree: b3faf577f26b4b6238bf2ed28bb1cced590c6645 /usr.sbin/ppp/lcp.c
parent: c238c956a4e688205b311cfc63717fc84e6d43eb (diff)
download: FreeBSD-src-06792c58d5296e43c29af28744e2aa418b29c02c.zip
FreeBSD-src-06792c58d5296e43c29af28744e2aa418b29c02c.tar.gz
1 files changed, 32 insertions, 5 deletions
diff --git a/usr.sbin/ppp/lcp.c b/usr.sbin/ppp/lcp.c
index b2b56e0..096b59b 100644
--- a/usr.sbin/ppp/lcp.c
+++ b/usr.sbin/ppp/lcp.c
@@ -193,6 +193,8 @@ lcp_ReportStatus(struct cmdargs const *arg)
                 command_ShowNegval(lcp->cfg.chap80nt));
   prompt_Printf(arg->prompt, "           LANMan =    %s\n",
                 command_ShowNegval(lcp->cfg.chap80lm));
+  prompt_Printf(arg->prompt, "           CHAP81 =    %s\n",
+                command_ShowNegval(lcp->cfg.chap81));
 #endif
   prompt_Printf(arg->prompt, "           LQR =       %s\n",
                 command_ShowNegval(lcp->cfg.lqr));
@@ -244,6 +246,7 @@ lcp_Init(struct lcp *lcp, struct bundle *bundle, struct link *l,
 #ifdef HAVE_DES
   lcp->cfg.chap80nt = NEG_ACCEPTED;
   lcp->cfg.chap80lm = NEG_ACCEPTED;
+  lcp->cfg.chap81 = 0;
 #endif
   lcp->cfg.lqr = NEG_ACCEPTED;
   lcp->cfg.pap = NEG_ACCEPTED;
@@ -292,6 +295,9 @@ lcp_Setup(struct lcp *lcp, int openmode)
                IsEnabled(lcp->cfg.chap80lm)) {
       lcp->want_auth = PROTO_CHAP;
       lcp->want_authtype = 0x80;
+    } else if (IsEnabled(lcp->cfg.chap81)) {
+      lcp->want_auth = PROTO_CHAP;
+      lcp->want_authtype = 0x81;
 #endif
     } else if (IsEnabled(lcp->cfg.pap)) {
       lcp->want_auth = PROTO_PAP;
@@ -733,6 +739,12 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,
 	    *dec->nakend++ = (unsigned char) (PROTO_CHAP >> 8);
 	    *dec->nakend++ = (unsigned char) PROTO_CHAP;
 	    *dec->nakend++ = 0x80;
+	  } else if (IsAccepted(lcp->cfg.chap81)) {
+	    *dec->nakend++ = *cp;
+	    *dec->nakend++ = 5;
+	    *dec->nakend++ = (unsigned char) (PROTO_CHAP >> 8);
+	    *dec->nakend++ = (unsigned char) PROTO_CHAP;
+	    *dec->nakend++ = 0x81;
 #endif
 	  } else
 	    goto reqreject;
@@ -747,6 +759,7 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,
 #ifdef HAVE_DES
               || (cp[4] == 0x80 && (IsAccepted(lcp->cfg.chap80nt) ||
                                    (IsAccepted(lcp->cfg.chap80lm))))
+              || (cp[4] == 0x81 && IsAccepted(lcp->cfg.chap81))
 #endif
              ) {
 	    lcp->his_auth = proto;
@@ -755,9 +768,11 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,
 	    dec->ackend += length;
 	  } else {
 #ifndef HAVE_DES
-            if (cp[4] == 0x80)
+            if (cp[4] == 0x80) {
               log_Printf(LogWARN, "CHAP 0x80 not available without DES\n");
-            else
+            } else if (cp[4] == 0x81) {
+              log_Printf(LogWARN, "CHAP 0x81 not available without DES\n");
+            } else
 #endif
             if (cp[4] != 0x05)
               log_Printf(LogWARN, "%s not supported\n",
@@ -777,6 +792,12 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,
 	      *dec->nakend++ = (unsigned char) (PROTO_CHAP >> 8);
 	      *dec->nakend++ = (unsigned char) PROTO_CHAP;
 	      *dec->nakend++ = 0x80;
+            } else if (IsAccepted(lcp->cfg.chap81)) {
+	      *dec->nakend++ = *cp;
+	      *dec->nakend++ = 5;
+	      *dec->nakend++ = (unsigned char) (PROTO_CHAP >> 8);
+	      *dec->nakend++ = (unsigned char) PROTO_CHAP;
+	      *dec->nakend++ = 0x81;
 #endif
             } else if (IsAccepted(lcp->cfg.pap)) {
 	      *dec->nakend++ = *cp;
@@ -816,18 +837,24 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,
                                        IsEnabled(lcp->cfg.chap80lm))) {
             lcp->want_auth = PROTO_CHAP;
             lcp->want_authtype = 0x80;
+          } else if (cp[4] == 0x81 && IsEnabled(lcp->cfg.chap81)) {
+            lcp->want_auth = PROTO_CHAP;
+            lcp->want_authtype = 0x81;
 #endif
           } else {
 #ifndef HAVE_DES
-            if (cp[4] == 0x80)
+            if (cp[4] == 0x80) {
               log_Printf(LogLCP, "Peer will only send MSCHAP (not available"
                          " without DES)\n");
-            else
+            } else if (cp[4] == 0x81) {
+              log_Printf(LogLCP, "Peer will only send MSCHAPV2 (not available"
+                         " without DES)\n");
+            } else
 #endif
             log_Printf(LogLCP, "Peer will only send %s (not %s)\n",
                        Auth2Nam(PROTO_CHAP, cp[4]),
 #ifdef HAVE_DES
-                       cp[4] == 0x80 ? "configured" :
+                       (cp[4] == 0x80 || cp[4] == 0x81) ? "configured" :
 #endif
                        "supported");
 	    lcp->his_reject |= (1 << type);
author	brian <brian@FreeBSD.org>	2000-10-30 00:15:04 +0000
committer	brian <brian@FreeBSD.org>	2000-10-30 00:15:04 +0000
commit	06792c58d5296e43c29af28744e2aa418b29c02c (patch)
tree	b3faf577f26b4b6238bf2ed28bb1cced590c6645 /usr.sbin/ppp/lcp.c
parent	c238c956a4e688205b311cfc63717fc84e6d43eb (diff)
download	FreeBSD-src-06792c58d5296e43c29af28744e2aa418b29c02c.zip FreeBSD-src-06792c58d5296e43c29af28744e2aa418b29c02c.tar.gz