o Tidy up PAP and CHAP diagnostics. They're now all logged as PHASE

  diagnostics (which are on by default).
o Deal correctly with both sides wanting CHAP.
o Output a warning if we're using an empty ``authname''.  This is
  *not* what we want to do.

2 files changed, 31 insertions, 21 deletions

diff --git a/usr.sbin/ppp/chap.c b/usr.sbin/ppp/chap.c
index 04b866e..bc2ed50 100644
--- a/usr.sbin/ppp/chap.c
+++ b/usr.sbin/ppp/chap.c
@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: chap.c,v 1.33 1998/06/27 14:18:01 brian Exp $
+ * $Id: chap.c,v 1.34 1998/06/27 23:48:41 brian Exp $
  *
  *	TODO:
  */
@@ -70,7 +70,7 @@ static const char *chapcodes[] = {
 
 static void
 ChapOutput(struct physical *physical, u_int code, u_int id,
-	   const u_char * ptr, int count)
+	   const u_char * ptr, int count, const char *text)
 {
   int plen;
   struct fsmheader lh;
@@ -85,7 +85,10 @@ ChapOutput(struct physical *physical, u_int code, u_int id,
   if (count)
     memcpy(MBUF_CTOP(bp) + sizeof(struct fsmheader), ptr, count);
   log_DumpBp(LogDEBUG, "ChapOutput", bp);
-  log_Printf(LogLCP, "ChapOutput: %s\n", chapcodes[code]);
+  if (text == NULL)
+    log_Printf(LogPHASE, "Chap Output: %s\n", chapcodes[code]);
+  else
+    log_Printf(LogPHASE, "Chap Output: %s (%s)\n", chapcodes[code], text);
   hdlc_Output(&physical->link, PRI_LINK, PROTO_CHAP, bp);
 }
 
@@ -105,7 +108,7 @@ chap_SendChallenge(struct authinfo *auth, int chapid, struct physical *physical)
   memcpy(cp, physical->dl->bundle->cfg.auth.name, len);
   cp += len;
   ChapOutput(physical, CHAP_CHALLENGE, chapid, chap->challenge_data,
-	     cp - chap->challenge_data);
+	     cp - chap->challenge_data, NULL);
 }
 
 static void
@@ -132,7 +135,9 @@ RecvChapTalk(struct bundle *bundle, struct fsmheader *chp, struct mbuf *bp,
   name = cp + valsize;
   namelen = arglen - valsize - 1;
   name[namelen] = 0;
-  log_Printf(LogLCP, " Valsize = %d, Name = \"%s\"\n", valsize, name);
+
+  log_Printf(LogPHASE, "Chap Input: %s (from %s)\n",
+             chapcodes[chp->code], name);
 
   switch (chp->code) {
   case CHAP_CHALLENGE:
@@ -149,7 +154,7 @@ RecvChapTalk(struct bundle *bundle, struct fsmheader *chp, struct mbuf *bp,
       argp = malloc(1 + valsize + namelen + 16);
 
     if (argp == NULL) {
-      ChapOutput(physical, CHAP_FAILURE, chp->id, "Out of memory!", 14);
+      ChapOutput(physical, CHAP_FAILURE, chp->id, "Out of memory!", 14, NULL);
       return;
     }
 #ifdef HAVE_DES
@@ -177,7 +182,7 @@ RecvChapTalk(struct bundle *bundle, struct fsmheader *chp, struct mbuf *bp,
       chap_MS(digest, answer + 2 * keylen, valsize);
       log_DumpBuff(LogDEBUG, "answer", digest, 24);
       ChapOutput(physical, CHAP_RESPONSE, chp->id, argp,
-		 namelen + MS_CHAP_RESPONSE_LEN + 1);
+		 namelen + MS_CHAP_RESPONSE_LEN + 1, name);
     } else {
 #endif
       digest = argp;
@@ -196,11 +201,13 @@ RecvChapTalk(struct bundle *bundle, struct fsmheader *chp, struct mbuf *bp,
       memcpy(digest + 16, name, namelen);
       ap += namelen;
       /* Send answer to the peer */
-      ChapOutput(physical, CHAP_RESPONSE, chp->id, argp, namelen + 17);
+      ChapOutput(physical, CHAP_RESPONSE, chp->id, argp, namelen + 17, name);
 #ifdef HAVE_DES
     }
 #endif
     free(argp);
+    if (*name == '\0')
+      log_Printf(LogWARN, "Sending empty CHAP authname!\n");
     break;
   case CHAP_RESPONSE:
     /*
@@ -229,7 +236,8 @@ RecvChapTalk(struct bundle *bundle, struct fsmheader *chp, struct mbuf *bp,
        */
       if (memcmp(cp, cdigest, 16) == 0) {
         datalink_GotAuthname(physical->dl, name, namelen);
-	ChapOutput(physical, CHAP_SUCCESS, chp->id, "Welcome!!", 10);
+	ChapOutput(physical, CHAP_SUCCESS, chp->id, "Welcome!!", 10, NULL);
+	physical->link.lcp.auth_ineed = 0;
         if (Enabled(bundle, OPT_UTMP))
           physical_Login(physical, name);
 
@@ -247,7 +255,7 @@ RecvChapTalk(struct bundle *bundle, struct fsmheader *chp, struct mbuf *bp,
     /*
      * Peer is not registerd, or response digest is wrong.
      */
-    ChapOutput(physical, CHAP_FAILURE, chp->id, "Invalid!!", 9);
+    ChapOutput(physical, CHAP_FAILURE, chp->id, "Invalid!!", 9, NULL);
     datalink_AuthNotOk(physical->dl);
     break;
   }
@@ -274,7 +282,7 @@ RecvChapResult(struct bundle *bundle, struct fsmheader *chp, struct mbuf *bp,
     }
   } else {
     /* CHAP failed - it's not going to get any better */
-    log_Printf(LogPHASE, "Received CHAP_FAILURE\n");
+    log_Printf(LogPHASE, "Chap Input: Giving up after name/key FAILURE\n");
     datalink_AuthNotOk(physical->dl);
   }
 }
@@ -290,8 +298,6 @@ chap_Input(struct bundle *bundle, struct mbuf *bp, struct physical *physical)
     if (len >= ntohs(chp->length)) {
       if (chp->code < 1 || chp->code > 4)
 	chp->code = 0;
-      log_Printf(LogLCP, "chap_Input: %s\n", chapcodes[chp->code]);
-
       bp->offset += sizeof(struct fsmheader);
       bp->cnt -= sizeof(struct fsmheader);
 
@@ -304,6 +310,7 @@ chap_Input(struct bundle *bundle, struct mbuf *bp, struct physical *physical)
 	break;
       case CHAP_SUCCESS:
       case CHAP_FAILURE:
+        log_Printf(LogPHASE, "Chap Input: %s\n", chapcodes[chp->code]);
 	RecvChapResult(bundle, chp, bp, physical);
 	break;
       }
diff --git a/usr.sbin/ppp/pap.c b/usr.sbin/ppp/pap.c
index 79a89c7..afbc3a2 100644
--- a/usr.sbin/ppp/pap.c
+++ b/usr.sbin/ppp/pap.c
@@ -18,7 +18,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: pap.c,v 1.23 1998/05/21 21:47:18 brian Exp $
+ * $Id: pap.c,v 1.24 1998/06/27 23:48:51 brian Exp $
  *
  *	TODO:
  */
@@ -58,7 +58,7 @@
 #include "chap.h"
 #include "datalink.h"
 
-static const char *papcodes[] = { "???", "REQUEST", "ACK", "NAK" };
+static const char *papcodes[] = { "???", "REQUEST", "SUCCESS", "FAILURE" };
 
 void
 pap_SendChallenge(struct authinfo *auth, int papid, struct physical *physical)
@@ -73,7 +73,10 @@ pap_SendChallenge(struct authinfo *auth, int papid, struct physical *physical)
   plen = namelen + keylen + 2;
   log_Printf(LogDEBUG, "pap_SendChallenge: namelen = %d, keylen = %d\n",
 	    namelen, keylen);
-  log_Printf(LogPHASE, "PAP: %s\n", physical->dl->bundle->cfg.auth.name);
+  log_Printf(LogPHASE, "Pap Output: %s ********\n",
+             physical->dl->bundle->cfg.auth.name);
+  if (*physical->dl->bundle->cfg.auth.name == '\0')
+    log_Printf(LogWARN, "Sending empty PAP authname!\n");
   lh.code = PAP_REQUEST;
   lh.id = papid;
   lh.length = htons(plen + sizeof(struct fsmheader));
@@ -107,7 +110,7 @@ SendPapCode(int id, int code, const char *message, struct physical *physical)
   cp = MBUF_CTOP(bp) + sizeof(struct fsmheader);
   *cp++ = mlen;
   memcpy(cp, message, mlen);
-  log_Printf(LogPHASE, "PapOutput: %s\n", papcodes[code]);
+  log_Printf(LogPHASE, "Pap Output: %s\n", papcodes[code]);
   hdlc_Output(&physical->link, PRI_LINK, PROTO_PAP, bp);
 }
 
@@ -142,11 +145,11 @@ pap_Input(struct bundle *bundle, struct mbuf *bp, struct physical *physical)
     if (len >= ntohs(php->length)) {
       if (php->code < PAP_REQUEST || php->code > PAP_NAK)
 	php->code = 0;
-      log_Printf(LogPHASE, "pap_Input: %s\n", papcodes[php->code]);
-
       switch (php->code) {
       case PAP_REQUEST:
 	cp = (u_char *) (php + 1);
+        log_Printf(LogPHASE, "Pap Input: %s (%.*s)\n",
+                   papcodes[php->code], *cp, cp + 1);
 	if (PapValidate(bundle, cp, cp + *cp + 1, physical)) {
           datalink_GotAuthname(physical->dl, cp+1, *cp);
 	  SendPapCode(php->id, PAP_ACK, "Greetings!!", physical);
@@ -171,7 +174,7 @@ pap_Input(struct bundle *bundle, struct mbuf *bp, struct physical *physical)
 	cp = (u_char *) (php + 1);
 	len = *cp++;
 	cp[len] = 0;
-	log_Printf(LogPHASE, "Received PAP_ACK (%s)\n", cp);
+	log_Printf(LogPHASE, "Pap Input: %s (%s)\n", papcodes[php->code], cp);
 	if (physical->link.lcp.auth_iwait == PROTO_PAP) {
 	  physical->link.lcp.auth_iwait = 0;
 	  if (physical->link.lcp.auth_ineed == 0)
@@ -188,7 +191,7 @@ pap_Input(struct bundle *bundle, struct mbuf *bp, struct physical *physical)
 	cp = (u_char *) (php + 1);
 	len = *cp++;
 	cp[len] = 0;
-	log_Printf(LogPHASE, "Received PAP_NAK (%s)\n", cp);
+	log_Printf(LogPHASE, "Pap Input: %s (%s)\n", papcodes[php->code], cp);
         datalink_AuthNotOk(physical->dl);
 	break;
       }