eap.c revision 1.6
1 1.5 christos /* $NetBSD: eap.c,v 1.6 2021/01/09 16:39:28 christos Exp $ */ 2 1.1 christos /* 3 1.1 christos * eap.c - Extensible Authentication Protocol for PPP (RFC 2284) 4 1.1 christos * 5 1.1 christos * Copyright (c) 2001 by Sun Microsystems, Inc. 6 1.1 christos * All rights reserved. 7 1.1 christos * 8 1.1 christos * Non-exclusive rights to redistribute, modify, translate, and use 9 1.1 christos * this software in source and binary forms, in whole or in part, is 10 1.1 christos * hereby granted, provided that the above copyright notice is 11 1.1 christos * duplicated in any source form, and that neither the name of the 12 1.1 christos * copyright holder nor the author is used to endorse or promote 13 1.1 christos * products derived from this software. 14 1.1 christos * 15 1.1 christos * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 16 1.1 christos * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 17 1.1 christos * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 18 1.1 christos * 19 1.1 christos * Original version by James Carlson 20 1.1 christos * 21 1.1 christos * This implementation of EAP supports MD5-Challenge and SRP-SHA1 22 1.1 christos * authentication styles. Note that support of MD5-Challenge is a 23 1.1 christos * requirement of RFC 2284, and that it's essentially just a 24 1.1 christos * reimplementation of regular RFC 1994 CHAP using EAP messages. 25 1.1 christos * 26 1.1 christos * As an authenticator ("server"), there are multiple phases for each 27 1.1 christos * style. In the first phase of each style, the unauthenticated peer 28 1.1 christos * name is queried using the EAP Identity request type. If the 29 1.1 christos * "remotename" option is used, then this phase is skipped, because 30 1.1 christos * the peer's name is presumed to be known. 31 1.1 christos * 32 1.1 christos * For MD5-Challenge, there are two phases, and the second phase 33 1.1 christos * consists of sending the challenge itself and handling the 34 1.1 christos * associated response. 35 1.1 christos * 36 1.1 christos * For SRP-SHA1, there are four phases. The second sends 's', 'N', 37 1.1 christos * and 'g'. The reply contains 'A'. The third sends 'B', and the 38 1.1 christos * reply contains 'M1'. The forth sends the 'M2' value. 39 1.1 christos * 40 1.1 christos * As an authenticatee ("client"), there's just a single phase -- 41 1.1 christos * responding to the queries generated by the peer. EAP is an 42 1.1 christos * authenticator-driven protocol. 43 1.1 christos * 44 1.1 christos * Based on draft-ietf-pppext-eap-srp-03.txt. 45 1.1 christos */ 46 1.1 christos 47 1.2 christos #include <sys/cdefs.h> 48 1.5 christos __RCSID("$NetBSD: eap.c,v 1.6 2021/01/09 16:39:28 christos Exp $"); 49 1.1 christos 50 1.1 christos /* 51 1.6 christos * Modification by Beniamino Galvani, Mar 2005 52 1.6 christos * Implemented EAP-TLS authentication 53 1.1 christos */ 54 1.1 christos 55 1.1 christos #include <stdio.h> 56 1.1 christos #include <stdlib.h> 57 1.1 christos #include <string.h> 58 1.1 christos #include <unistd.h> 59 1.1 christos #include <pwd.h> 60 1.1 christos #include <sys/types.h> 61 1.1 christos #include <sys/stat.h> 62 1.1 christos #include <fcntl.h> 63 1.1 christos #include <assert.h> 64 1.1 christos #include <errno.h> 65 1.2 christos #include <md5.h> 66 1.1 christos 67 1.1 christos #include "pppd.h" 68 1.1 christos #include "pathnames.h" 69 1.1 christos #include "eap.h" 70 1.1 christos 71 1.6 christos #ifdef CHAPMS 72 1.6 christos #include "chap_ms.h" 73 1.6 christos #endif 74 1.6 christos 75 1.1 christos #ifdef USE_SRP 76 1.1 christos #include <t_pwd.h> 77 1.1 christos #include <t_server.h> 78 1.1 christos #include <t_client.h> 79 1.1 christos #include "pppcrypt.h" 80 1.1 christos #endif /* USE_SRP */ 81 1.1 christos 82 1.1 christos #ifndef SHA_DIGESTSIZE 83 1.1 christos #define SHA_DIGESTSIZE 20 84 1.1 christos #endif 85 1.1 christos 86 1.6 christos #ifdef USE_EAPTLS 87 1.6 christos #include "eap-tls.h" 88 1.6 christos #endif /* USE_EAPTLS */ 89 1.6 christos #ifdef CHAPMS 90 1.6 christos #include "magic.h" 91 1.6 christos #include "chap_ms.h" 92 1.6 christos #include "chap-new.h" 93 1.6 christos #endif /* CHAPMS */ 94 1.1 christos 95 1.1 christos eap_state eap_states[NUM_PPP]; /* EAP state; one for each unit */ 96 1.1 christos #ifdef USE_SRP 97 1.1 christos static char *pn_secret = NULL; /* Pseudonym generating secret */ 98 1.1 christos #endif 99 1.1 christos 100 1.1 christos /* 101 1.1 christos * Command-line options. 102 1.1 christos */ 103 1.1 christos static option_t eap_option_list[] = { 104 1.1 christos { "eap-restart", o_int, &eap_states[0].es_server.ea_timeout, 105 1.1 christos "Set retransmit timeout for EAP Requests (server)" }, 106 1.1 christos { "eap-max-sreq", o_int, &eap_states[0].es_server.ea_maxrequests, 107 1.1 christos "Set max number of EAP Requests sent (server)" }, 108 1.1 christos { "eap-timeout", o_int, &eap_states[0].es_client.ea_timeout, 109 1.1 christos "Set time limit for peer EAP authentication" }, 110 1.1 christos { "eap-max-rreq", o_int, &eap_states[0].es_client.ea_maxrequests, 111 1.1 christos "Set max number of EAP Requests allows (client)" }, 112 1.1 christos { "eap-interval", o_int, &eap_states[0].es_rechallenge, 113 1.1 christos "Set interval for EAP rechallenge" }, 114 1.1 christos #ifdef USE_SRP 115 1.1 christos { "srp-interval", o_int, &eap_states[0].es_lwrechallenge, 116 1.1 christos "Set interval for SRP lightweight rechallenge" }, 117 1.1 christos { "srp-pn-secret", o_string, &pn_secret, 118 1.1 christos "Long term pseudonym generation secret" }, 119 1.1 christos { "srp-use-pseudonym", o_bool, &eap_states[0].es_usepseudo, 120 1.1 christos "Use pseudonym if offered one by server", 1 }, 121 1.1 christos #endif 122 1.1 christos { NULL } 123 1.1 christos }; 124 1.1 christos 125 1.1 christos /* 126 1.1 christos * Protocol entry points. 127 1.1 christos */ 128 1.6 christos static void eap_init (int unit); 129 1.6 christos static void eap_input (int unit, u_char *inp, int inlen); 130 1.6 christos static void eap_protrej (int unit); 131 1.6 christos static void eap_lowerup (int unit); 132 1.6 christos static void eap_lowerdown (int unit); 133 1.6 christos static int eap_printpkt (u_char *inp, int inlen, 134 1.6 christos void (*)(void *arg, char *fmt, ...), void *arg); 135 1.1 christos 136 1.1 christos struct protent eap_protent = { 137 1.1 christos PPP_EAP, /* protocol number */ 138 1.1 christos eap_init, /* initialization procedure */ 139 1.1 christos eap_input, /* process a received packet */ 140 1.1 christos eap_protrej, /* process a received protocol-reject */ 141 1.1 christos eap_lowerup, /* lower layer has gone up */ 142 1.1 christos eap_lowerdown, /* lower layer has gone down */ 143 1.1 christos NULL, /* open the protocol */ 144 1.1 christos NULL, /* close the protocol */ 145 1.1 christos eap_printpkt, /* print a packet in readable form */ 146 1.1 christos NULL, /* process a received data packet */ 147 1.1 christos 1, /* protocol enabled */ 148 1.1 christos "EAP", /* text name of protocol */ 149 1.1 christos NULL, /* text name of corresponding data protocol */ 150 1.1 christos eap_option_list, /* list of command-line options */ 151 1.1 christos NULL, /* check requested options; assign defaults */ 152 1.1 christos NULL, /* configure interface for demand-dial */ 153 1.1 christos NULL /* say whether to bring up link for this pkt */ 154 1.1 christos }; 155 1.1 christos 156 1.1 christos /* 157 1.1 christos * A well-known 2048 bit modulus. 158 1.1 christos */ 159 1.2 christos #ifdef USE_SRP 160 1.1 christos static const u_char wkmodulus[] = { 161 1.1 christos 0xAC, 0x6B, 0xDB, 0x41, 0x32, 0x4A, 0x9A, 0x9B, 162 1.1 christos 0xF1, 0x66, 0xDE, 0x5E, 0x13, 0x89, 0x58, 0x2F, 163 1.1 christos 0xAF, 0x72, 0xB6, 0x65, 0x19, 0x87, 0xEE, 0x07, 164 1.1 christos 0xFC, 0x31, 0x92, 0x94, 0x3D, 0xB5, 0x60, 0x50, 165 1.1 christos 0xA3, 0x73, 0x29, 0xCB, 0xB4, 0xA0, 0x99, 0xED, 166 1.1 christos 0x81, 0x93, 0xE0, 0x75, 0x77, 0x67, 0xA1, 0x3D, 167 1.1 christos 0xD5, 0x23, 0x12, 0xAB, 0x4B, 0x03, 0x31, 0x0D, 168 1.1 christos 0xCD, 0x7F, 0x48, 0xA9, 0xDA, 0x04, 0xFD, 0x50, 169 1.1 christos 0xE8, 0x08, 0x39, 0x69, 0xED, 0xB7, 0x67, 0xB0, 170 1.1 christos 0xCF, 0x60, 0x95, 0x17, 0x9A, 0x16, 0x3A, 0xB3, 171 1.1 christos 0x66, 0x1A, 0x05, 0xFB, 0xD5, 0xFA, 0xAA, 0xE8, 172 1.1 christos 0x29, 0x18, 0xA9, 0x96, 0x2F, 0x0B, 0x93, 0xB8, 173 1.1 christos 0x55, 0xF9, 0x79, 0x93, 0xEC, 0x97, 0x5E, 0xEA, 174 1.1 christos 0xA8, 0x0D, 0x74, 0x0A, 0xDB, 0xF4, 0xFF, 0x74, 175 1.1 christos 0x73, 0x59, 0xD0, 0x41, 0xD5, 0xC3, 0x3E, 0xA7, 176 1.1 christos 0x1D, 0x28, 0x1E, 0x44, 0x6B, 0x14, 0x77, 0x3B, 177 1.1 christos 0xCA, 0x97, 0xB4, 0x3A, 0x23, 0xFB, 0x80, 0x16, 178 1.1 christos 0x76, 0xBD, 0x20, 0x7A, 0x43, 0x6C, 0x64, 0x81, 179 1.1 christos 0xF1, 0xD2, 0xB9, 0x07, 0x87, 0x17, 0x46, 0x1A, 180 1.1 christos 0x5B, 0x9D, 0x32, 0xE6, 0x88, 0xF8, 0x77, 0x48, 181 1.1 christos 0x54, 0x45, 0x23, 0xB5, 0x24, 0xB0, 0xD5, 0x7D, 182 1.1 christos 0x5E, 0xA7, 0x7A, 0x27, 0x75, 0xD2, 0xEC, 0xFA, 183 1.1 christos 0x03, 0x2C, 0xFB, 0xDB, 0xF5, 0x2F, 0xB3, 0x78, 184 1.1 christos 0x61, 0x60, 0x27, 0x90, 0x04, 0xE5, 0x7A, 0xE6, 185 1.1 christos 0xAF, 0x87, 0x4E, 0x73, 0x03, 0xCE, 0x53, 0x29, 186 1.1 christos 0x9C, 0xCC, 0x04, 0x1C, 0x7B, 0xC3, 0x08, 0xD8, 187 1.1 christos 0x2A, 0x56, 0x98, 0xF3, 0xA8, 0xD0, 0xC3, 0x82, 188 1.1 christos 0x71, 0xAE, 0x35, 0xF8, 0xE9, 0xDB, 0xFB, 0xB6, 189 1.1 christos 0x94, 0xB5, 0xC8, 0x03, 0xD8, 0x9F, 0x7A, 0xE4, 190 1.1 christos 0x35, 0xDE, 0x23, 0x6D, 0x52, 0x5F, 0x54, 0x75, 191 1.1 christos 0x9B, 0x65, 0xE3, 0x72, 0xFC, 0xD6, 0x8E, 0xF2, 192 1.1 christos 0x0F, 0xA7, 0x11, 0x1F, 0x9E, 0x4A, 0xFF, 0x73 193 1.1 christos }; 194 1.6 christos #endif /* USE_SRP */ 195 1.1 christos 196 1.1 christos /* Local forward declarations. */ 197 1.6 christos static void eap_server_timeout (void *arg); 198 1.1 christos 199 1.1 christos /* 200 1.1 christos * Convert EAP state code to printable string for debug. 201 1.1 christos */ 202 1.1 christos static const char * 203 1.6 christos eap_state_name(enum eap_state_code esc) 204 1.1 christos { 205 1.1 christos static const char *state_names[] = { EAP_STATES }; 206 1.1 christos 207 1.1 christos return (state_names[(int)esc]); 208 1.1 christos } 209 1.1 christos 210 1.1 christos /* 211 1.1 christos * eap_init - Initialize state for an EAP user. This is currently 212 1.1 christos * called once by main() during start-up. 213 1.1 christos */ 214 1.1 christos static void 215 1.6 christos eap_init(int unit) 216 1.1 christos { 217 1.1 christos eap_state *esp = &eap_states[unit]; 218 1.1 christos 219 1.1 christos BZERO(esp, sizeof (*esp)); 220 1.1 christos esp->es_unit = unit; 221 1.1 christos esp->es_server.ea_timeout = EAP_DEFTIMEOUT; 222 1.1 christos esp->es_server.ea_maxrequests = EAP_DEFTRANSMITS; 223 1.1 christos esp->es_server.ea_id = (u_char)(drand48() * 0x100); 224 1.1 christos esp->es_client.ea_timeout = EAP_DEFREQTIME; 225 1.1 christos esp->es_client.ea_maxrequests = EAP_DEFALLOWREQ; 226 1.6 christos #ifdef USE_EAPTLS 227 1.6 christos esp->es_client.ea_using_eaptls = 0; 228 1.6 christos #endif /* USE_EAPTLS */ 229 1.6 christos #ifdef CHAPMS 230 1.6 christos esp->es_client.digest = chap_find_digest(CHAP_MICROSOFT_V2); 231 1.6 christos #endif 232 1.1 christos } 233 1.1 christos 234 1.1 christos /* 235 1.1 christos * eap_client_timeout - Give up waiting for the peer to send any 236 1.1 christos * Request messages. 237 1.1 christos */ 238 1.1 christos static void 239 1.6 christos eap_client_timeout(void *arg) 240 1.1 christos { 241 1.1 christos eap_state *esp = (eap_state *) arg; 242 1.1 christos 243 1.1 christos if (!eap_client_active(esp)) 244 1.1 christos return; 245 1.1 christos 246 1.1 christos error("EAP: timeout waiting for Request from peer"); 247 1.1 christos auth_withpeer_fail(esp->es_unit, PPP_EAP); 248 1.1 christos esp->es_client.ea_state = eapBadAuth; 249 1.1 christos } 250 1.1 christos 251 1.1 christos /* 252 1.1 christos * eap_authwithpeer - Authenticate to our peer (behave as client). 253 1.1 christos * 254 1.1 christos * Start client state and wait for requests. This is called only 255 1.1 christos * after eap_lowerup. 256 1.1 christos */ 257 1.1 christos void 258 1.6 christos eap_authwithpeer(int unit, char *localname) 259 1.1 christos { 260 1.1 christos eap_state *esp = &eap_states[unit]; 261 1.1 christos 262 1.1 christos /* Save the peer name we're given */ 263 1.1 christos esp->es_client.ea_name = localname; 264 1.1 christos esp->es_client.ea_namelen = strlen(localname); 265 1.1 christos 266 1.1 christos esp->es_client.ea_state = eapListen; 267 1.1 christos 268 1.1 christos /* 269 1.1 christos * Start a timer so that if the other end just goes 270 1.1 christos * silent, we don't sit here waiting forever. 271 1.1 christos */ 272 1.1 christos if (esp->es_client.ea_timeout > 0) 273 1.1 christos TIMEOUT(eap_client_timeout, (void *)esp, 274 1.1 christos esp->es_client.ea_timeout); 275 1.1 christos } 276 1.1 christos 277 1.1 christos /* 278 1.1 christos * Format a standard EAP Failure message and send it to the peer. 279 1.1 christos * (Server operation) 280 1.1 christos */ 281 1.1 christos static void 282 1.6 christos eap_send_failure(eap_state *esp) 283 1.1 christos { 284 1.1 christos u_char *outp; 285 1.1 christos 286 1.1 christos outp = outpacket_buf; 287 1.1 christos 288 1.1 christos MAKEHEADER(outp, PPP_EAP); 289 1.1 christos 290 1.1 christos PUTCHAR(EAP_FAILURE, outp); 291 1.1 christos esp->es_server.ea_id++; 292 1.1 christos PUTCHAR(esp->es_server.ea_id, outp); 293 1.1 christos PUTSHORT(EAP_HEADERLEN, outp); 294 1.1 christos 295 1.1 christos output(esp->es_unit, outpacket_buf, EAP_HEADERLEN + PPP_HDRLEN); 296 1.1 christos 297 1.1 christos esp->es_server.ea_state = eapBadAuth; 298 1.1 christos auth_peer_fail(esp->es_unit, PPP_EAP); 299 1.1 christos } 300 1.1 christos 301 1.1 christos /* 302 1.1 christos * Format a standard EAP Success message and send it to the peer. 303 1.1 christos * (Server operation) 304 1.1 christos */ 305 1.1 christos static void 306 1.6 christos eap_send_success(eap_state *esp) 307 1.1 christos { 308 1.1 christos u_char *outp; 309 1.1 christos 310 1.1 christos outp = outpacket_buf; 311 1.1 christos 312 1.1 christos MAKEHEADER(outp, PPP_EAP); 313 1.1 christos 314 1.1 christos PUTCHAR(EAP_SUCCESS, outp); 315 1.1 christos esp->es_server.ea_id++; 316 1.1 christos PUTCHAR(esp->es_server.ea_id, outp); 317 1.1 christos PUTSHORT(EAP_HEADERLEN, outp); 318 1.1 christos 319 1.1 christos output(esp->es_unit, outpacket_buf, PPP_HDRLEN + EAP_HEADERLEN); 320 1.1 christos 321 1.1 christos auth_peer_success(esp->es_unit, PPP_EAP, 0, 322 1.1 christos esp->es_server.ea_peer, esp->es_server.ea_peerlen); 323 1.1 christos } 324 1.1 christos 325 1.1 christos #ifdef USE_SRP 326 1.1 christos /* 327 1.1 christos * Set DES key according to pseudonym-generating secret and current 328 1.1 christos * date. 329 1.1 christos */ 330 1.1 christos static bool 331 1.1 christos pncrypt_setkey(int timeoffs) 332 1.1 christos { 333 1.1 christos struct tm *tp; 334 1.1 christos char tbuf[9]; 335 1.1 christos SHA1_CTX ctxt; 336 1.1 christos u_char dig[SHA_DIGESTSIZE]; 337 1.1 christos time_t reftime; 338 1.1 christos 339 1.1 christos if (pn_secret == NULL) 340 1.1 christos return (0); 341 1.1 christos reftime = time(NULL) + timeoffs; 342 1.1 christos tp = localtime(&reftime); 343 1.1 christos SHA1Init(&ctxt); 344 1.1 christos SHA1Update(&ctxt, pn_secret, strlen(pn_secret)); 345 1.1 christos strftime(tbuf, sizeof (tbuf), "%Y%m%d", tp); 346 1.1 christos SHA1Update(&ctxt, tbuf, strlen(tbuf)); 347 1.1 christos SHA1Final(dig, &ctxt); 348 1.1 christos return (DesSetkey(dig)); 349 1.1 christos } 350 1.1 christos 351 1.1 christos static char base64[] = 352 1.1 christos "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; 353 1.1 christos 354 1.1 christos struct b64state { 355 1.1 christos u_int32_t bs_bits; 356 1.1 christos int bs_offs; 357 1.1 christos }; 358 1.1 christos 359 1.1 christos static int 360 1.6 christos b64enc(struct b64state *bs, u_char *inp, int inlen, u_char *outp) 361 1.1 christos { 362 1.1 christos int outlen = 0; 363 1.1 christos 364 1.1 christos while (inlen > 0) { 365 1.1 christos bs->bs_bits = (bs->bs_bits << 8) | *inp++; 366 1.1 christos inlen--; 367 1.1 christos bs->bs_offs += 8; 368 1.1 christos if (bs->bs_offs >= 24) { 369 1.1 christos *outp++ = base64[(bs->bs_bits >> 18) & 0x3F]; 370 1.1 christos *outp++ = base64[(bs->bs_bits >> 12) & 0x3F]; 371 1.1 christos *outp++ = base64[(bs->bs_bits >> 6) & 0x3F]; 372 1.1 christos *outp++ = base64[bs->bs_bits & 0x3F]; 373 1.1 christos outlen += 4; 374 1.1 christos bs->bs_offs = 0; 375 1.1 christos bs->bs_bits = 0; 376 1.1 christos } 377 1.1 christos } 378 1.1 christos return (outlen); 379 1.1 christos } 380 1.1 christos 381 1.1 christos static int 382 1.6 christos b64flush(struct b64state *bs, u_char *outp) 383 1.1 christos { 384 1.1 christos int outlen = 0; 385 1.1 christos 386 1.1 christos if (bs->bs_offs == 8) { 387 1.1 christos *outp++ = base64[(bs->bs_bits >> 2) & 0x3F]; 388 1.1 christos *outp++ = base64[(bs->bs_bits << 4) & 0x3F]; 389 1.1 christos outlen = 2; 390 1.1 christos } else if (bs->bs_offs == 16) { 391 1.1 christos *outp++ = base64[(bs->bs_bits >> 10) & 0x3F]; 392 1.1 christos *outp++ = base64[(bs->bs_bits >> 4) & 0x3F]; 393 1.1 christos *outp++ = base64[(bs->bs_bits << 2) & 0x3F]; 394 1.1 christos outlen = 3; 395 1.1 christos } 396 1.1 christos bs->bs_offs = 0; 397 1.1 christos bs->bs_bits = 0; 398 1.1 christos return (outlen); 399 1.1 christos } 400 1.1 christos 401 1.1 christos static int 402 1.6 christos b64dec(struct b64state *bs, u_char *inp, int inlen, u_char *outp) 403 1.1 christos { 404 1.1 christos int outlen = 0; 405 1.1 christos char *cp; 406 1.1 christos 407 1.1 christos while (inlen > 0) { 408 1.1 christos if ((cp = strchr(base64, *inp++)) == NULL) 409 1.1 christos break; 410 1.1 christos bs->bs_bits = (bs->bs_bits << 6) | (cp - base64); 411 1.1 christos inlen--; 412 1.1 christos bs->bs_offs += 6; 413 1.1 christos if (bs->bs_offs >= 8) { 414 1.1 christos *outp++ = bs->bs_bits >> (bs->bs_offs - 8); 415 1.1 christos outlen++; 416 1.1 christos bs->bs_offs -= 8; 417 1.1 christos } 418 1.1 christos } 419 1.1 christos return (outlen); 420 1.1 christos } 421 1.1 christos #endif /* USE_SRP */ 422 1.1 christos 423 1.1 christos /* 424 1.1 christos * Assume that current waiting server state is complete and figure 425 1.1 christos * next state to use based on available authentication data. 'status' 426 1.1 christos * indicates if there was an error in handling the last query. It is 427 1.1 christos * 0 for success and non-zero for failure. 428 1.1 christos */ 429 1.1 christos static void 430 1.6 christos eap_figure_next_state(eap_state *esp, int status) 431 1.1 christos { 432 1.1 christos #ifdef USE_SRP 433 1.1 christos unsigned char secbuf[MAXWORDLEN], clear[8], *sp, *dp; 434 1.1 christos struct t_pw tpw; 435 1.1 christos struct t_confent *tce, mytce; 436 1.1 christos char *cp, *cp2; 437 1.1 christos struct t_server *ts; 438 1.1 christos int id, i, plen, toffs; 439 1.1 christos u_char vals[2]; 440 1.1 christos struct b64state bs; 441 1.1 christos #endif /* USE_SRP */ 442 1.6 christos #ifdef USE_EAPTLS 443 1.6 christos struct eaptls_session *ets; 444 1.6 christos int secret_len; 445 1.6 christos char secret[MAXWORDLEN]; 446 1.6 christos #endif /* USE_EAPTLS */ 447 1.1 christos 448 1.1 christos esp->es_server.ea_timeout = esp->es_savedtime; 449 1.6 christos #ifdef USE_EAPTLS 450 1.6 christos esp->es_server.ea_prev_state = esp->es_server.ea_state; 451 1.6 christos #endif /* USE_EAPTLS */ 452 1.1 christos switch (esp->es_server.ea_state) { 453 1.1 christos case eapBadAuth: 454 1.1 christos return; 455 1.1 christos 456 1.1 christos case eapIdentify: 457 1.1 christos #ifdef USE_SRP 458 1.1 christos /* Discard any previous session. */ 459 1.1 christos ts = (struct t_server *)esp->es_server.ea_session; 460 1.1 christos if (ts != NULL) { 461 1.1 christos t_serverclose(ts); 462 1.1 christos esp->es_server.ea_session = NULL; 463 1.1 christos esp->es_server.ea_skey = NULL; 464 1.1 christos } 465 1.1 christos #endif /* USE_SRP */ 466 1.1 christos if (status != 0) { 467 1.1 christos esp->es_server.ea_state = eapBadAuth; 468 1.1 christos break; 469 1.1 christos } 470 1.1 christos #ifdef USE_SRP 471 1.1 christos /* If we've got a pseudonym, try to decode to real name. */ 472 1.1 christos if (esp->es_server.ea_peerlen > SRP_PSEUDO_LEN && 473 1.1 christos strncmp(esp->es_server.ea_peer, SRP_PSEUDO_ID, 474 1.1 christos SRP_PSEUDO_LEN) == 0 && 475 1.1 christos (esp->es_server.ea_peerlen - SRP_PSEUDO_LEN) * 3 / 4 < 476 1.1 christos sizeof (secbuf)) { 477 1.1 christos BZERO(&bs, sizeof (bs)); 478 1.1 christos plen = b64dec(&bs, 479 1.1 christos esp->es_server.ea_peer + SRP_PSEUDO_LEN, 480 1.1 christos esp->es_server.ea_peerlen - SRP_PSEUDO_LEN, 481 1.1 christos secbuf); 482 1.1 christos toffs = 0; 483 1.1 christos for (i = 0; i < 5; i++) { 484 1.1 christos pncrypt_setkey(toffs); 485 1.1 christos toffs -= 86400; 486 1.1 christos if (!DesDecrypt(secbuf, clear)) { 487 1.1 christos dbglog("no DES here; cannot decode " 488 1.1 christos "pseudonym"); 489 1.1 christos return; 490 1.1 christos } 491 1.1 christos id = *(unsigned char *)clear; 492 1.1 christos if (id + 1 <= plen && id + 9 > plen) 493 1.1 christos break; 494 1.1 christos } 495 1.1 christos if (plen % 8 == 0 && i < 5) { 496 1.1 christos /* 497 1.1 christos * Note that this is always shorter than the 498 1.1 christos * original stored string, so there's no need 499 1.1 christos * to realloc. 500 1.1 christos */ 501 1.1 christos if ((i = plen = *(unsigned char *)clear) > 7) 502 1.1 christos i = 7; 503 1.1 christos esp->es_server.ea_peerlen = plen; 504 1.1 christos dp = (unsigned char *)esp->es_server.ea_peer; 505 1.1 christos BCOPY(clear + 1, dp, i); 506 1.1 christos plen -= i; 507 1.1 christos dp += i; 508 1.1 christos sp = secbuf + 8; 509 1.1 christos while (plen > 0) { 510 1.1 christos (void) DesDecrypt(sp, dp); 511 1.1 christos sp += 8; 512 1.1 christos dp += 8; 513 1.1 christos plen -= 8; 514 1.1 christos } 515 1.1 christos esp->es_server.ea_peer[ 516 1.1 christos esp->es_server.ea_peerlen] = '\0'; 517 1.1 christos dbglog("decoded pseudonym to \"%.*q\"", 518 1.1 christos esp->es_server.ea_peerlen, 519 1.1 christos esp->es_server.ea_peer); 520 1.1 christos } else { 521 1.1 christos dbglog("failed to decode real name"); 522 1.1 christos /* Stay in eapIdentfy state; requery */ 523 1.1 christos break; 524 1.1 christos } 525 1.1 christos } 526 1.1 christos /* Look up user in secrets database. */ 527 1.1 christos if (get_srp_secret(esp->es_unit, esp->es_server.ea_peer, 528 1.1 christos esp->es_server.ea_name, (char *)secbuf, 1) != 0) { 529 1.1 christos /* Set up default in case SRP entry is bad */ 530 1.1 christos esp->es_server.ea_state = eapMD5Chall; 531 1.1 christos /* Get t_confent based on index in srp-secrets */ 532 1.1 christos id = strtol((char *)secbuf, &cp, 10); 533 1.1 christos if (*cp++ != ':' || id < 0) 534 1.1 christos break; 535 1.1 christos if (id == 0) { 536 1.1 christos mytce.index = 0; 537 1.1 christos mytce.modulus.data = (u_char *)wkmodulus; 538 1.1 christos mytce.modulus.len = sizeof (wkmodulus); 539 1.1 christos mytce.generator.data = (u_char *)"\002"; 540 1.1 christos mytce.generator.len = 1; 541 1.1 christos tce = &mytce; 542 1.1 christos } else if ((tce = gettcid(id)) != NULL) { 543 1.1 christos /* 544 1.1 christos * Client will have to verify this modulus/ 545 1.1 christos * generator combination, and that will take 546 1.1 christos * a while. Lengthen the timeout here. 547 1.1 christos */ 548 1.1 christos if (esp->es_server.ea_timeout > 0 && 549 1.1 christos esp->es_server.ea_timeout < 30) 550 1.1 christos esp->es_server.ea_timeout = 30; 551 1.1 christos } else { 552 1.1 christos break; 553 1.1 christos } 554 1.1 christos if ((cp2 = strchr(cp, ':')) == NULL) 555 1.1 christos break; 556 1.1 christos *cp2++ = '\0'; 557 1.1 christos tpw.pebuf.name = esp->es_server.ea_peer; 558 1.1 christos tpw.pebuf.password.len = t_fromb64((char *)tpw.pwbuf, 559 1.1 christos cp); 560 1.1 christos tpw.pebuf.password.data = tpw.pwbuf; 561 1.1 christos tpw.pebuf.salt.len = t_fromb64((char *)tpw.saltbuf, 562 1.1 christos cp2); 563 1.1 christos tpw.pebuf.salt.data = tpw.saltbuf; 564 1.1 christos if ((ts = t_serveropenraw(&tpw.pebuf, tce)) == NULL) 565 1.1 christos break; 566 1.1 christos esp->es_server.ea_session = (void *)ts; 567 1.1 christos esp->es_server.ea_state = eapSRP1; 568 1.1 christos vals[0] = esp->es_server.ea_id + 1; 569 1.1 christos vals[1] = EAPT_SRP; 570 1.1 christos t_serveraddexdata(ts, vals, 2); 571 1.1 christos /* Generate B; must call before t_servergetkey() */ 572 1.1 christos t_servergenexp(ts); 573 1.1 christos break; 574 1.1 christos } 575 1.1 christos #endif /* USE_SRP */ 576 1.6 christos #ifdef USE_EAPTLS 577 1.6 christos if (!get_secret(esp->es_unit, esp->es_server.ea_peer, 578 1.6 christos esp->es_server.ea_name, secret, &secret_len, 1)) { 579 1.6 christos 580 1.6 christos esp->es_server.ea_state = eapTlsStart; 581 1.6 christos break; 582 1.6 christos } 583 1.6 christos #endif /* USE_EAPTLS */ 584 1.6 christos 585 1.1 christos esp->es_server.ea_state = eapMD5Chall; 586 1.1 christos break; 587 1.1 christos 588 1.6 christos #ifdef USE_EAPTLS 589 1.6 christos case eapTlsStart: 590 1.6 christos /* Initialize ssl session */ 591 1.6 christos if(!eaptls_init_ssl_server(esp)) { 592 1.6 christos esp->es_server.ea_state = eapBadAuth; 593 1.6 christos break; 594 1.6 christos } 595 1.6 christos 596 1.6 christos esp->es_server.ea_state = eapTlsRecv; 597 1.6 christos break; 598 1.6 christos 599 1.6 christos case eapTlsRecv: 600 1.6 christos ets = (struct eaptls_session *) esp->es_server.ea_session; 601 1.6 christos 602 1.6 christos if(ets->alert_sent) { 603 1.6 christos esp->es_server.ea_state = eapTlsSendAlert; 604 1.6 christos break; 605 1.6 christos } 606 1.6 christos 607 1.6 christos if (status) { 608 1.6 christos esp->es_server.ea_state = eapBadAuth; 609 1.6 christos break; 610 1.6 christos } 611 1.6 christos ets = (struct eaptls_session *) esp->es_server.ea_session; 612 1.6 christos 613 1.6 christos if(ets->frag) 614 1.6 christos esp->es_server.ea_state = eapTlsSendAck; 615 1.6 christos else 616 1.6 christos esp->es_server.ea_state = eapTlsSend; 617 1.6 christos break; 618 1.6 christos 619 1.6 christos case eapTlsSend: 620 1.6 christos ets = (struct eaptls_session *) esp->es_server.ea_session; 621 1.6 christos 622 1.6 christos if(ets->frag) 623 1.6 christos esp->es_server.ea_state = eapTlsRecvAck; 624 1.6 christos else 625 1.6 christos if(SSL_is_init_finished(ets->ssl)) 626 1.6 christos esp->es_server.ea_state = eapTlsRecvClient; 627 1.6 christos else 628 1.6 christos /* JJK Add "TLS empty record" message here ??? */ 629 1.6 christos esp->es_server.ea_state = eapTlsRecv; 630 1.6 christos break; 631 1.6 christos 632 1.6 christos case eapTlsSendAck: 633 1.6 christos esp->es_server.ea_state = eapTlsRecv; 634 1.6 christos break; 635 1.6 christos 636 1.6 christos case eapTlsRecvAck: 637 1.6 christos if (status) 638 1.6 christos { 639 1.6 christos esp->es_server.ea_state = eapBadAuth; 640 1.6 christos break; 641 1.6 christos } 642 1.6 christos 643 1.6 christos esp->es_server.ea_state = eapTlsSend; 644 1.6 christos break; 645 1.6 christos 646 1.6 christos case eapTlsSendAlert: 647 1.6 christos esp->es_server.ea_state = eapTlsRecvAlertAck; 648 1.6 christos break; 649 1.6 christos #endif /* USE_EAPTLS */ 650 1.6 christos 651 1.1 christos case eapSRP1: 652 1.1 christos #ifdef USE_SRP 653 1.1 christos ts = (struct t_server *)esp->es_server.ea_session; 654 1.1 christos if (ts != NULL && status != 0) { 655 1.1 christos t_serverclose(ts); 656 1.1 christos esp->es_server.ea_session = NULL; 657 1.1 christos esp->es_server.ea_skey = NULL; 658 1.1 christos } 659 1.1 christos #endif /* USE_SRP */ 660 1.1 christos if (status == 1) { 661 1.1 christos esp->es_server.ea_state = eapMD5Chall; 662 1.1 christos } else if (status != 0 || esp->es_server.ea_session == NULL) { 663 1.1 christos esp->es_server.ea_state = eapBadAuth; 664 1.1 christos } else { 665 1.1 christos esp->es_server.ea_state = eapSRP2; 666 1.1 christos } 667 1.1 christos break; 668 1.1 christos 669 1.1 christos case eapSRP2: 670 1.1 christos #ifdef USE_SRP 671 1.1 christos ts = (struct t_server *)esp->es_server.ea_session; 672 1.1 christos if (ts != NULL && status != 0) { 673 1.1 christos t_serverclose(ts); 674 1.1 christos esp->es_server.ea_session = NULL; 675 1.1 christos esp->es_server.ea_skey = NULL; 676 1.1 christos } 677 1.1 christos #endif /* USE_SRP */ 678 1.1 christos if (status != 0 || esp->es_server.ea_session == NULL) { 679 1.1 christos esp->es_server.ea_state = eapBadAuth; 680 1.1 christos } else { 681 1.1 christos esp->es_server.ea_state = eapSRP3; 682 1.1 christos } 683 1.1 christos break; 684 1.1 christos 685 1.1 christos case eapSRP3: 686 1.1 christos case eapSRP4: 687 1.1 christos #ifdef USE_SRP 688 1.1 christos ts = (struct t_server *)esp->es_server.ea_session; 689 1.1 christos if (ts != NULL && status != 0) { 690 1.1 christos t_serverclose(ts); 691 1.1 christos esp->es_server.ea_session = NULL; 692 1.1 christos esp->es_server.ea_skey = NULL; 693 1.1 christos } 694 1.1 christos #endif /* USE_SRP */ 695 1.1 christos if (status != 0 || esp->es_server.ea_session == NULL) { 696 1.1 christos esp->es_server.ea_state = eapBadAuth; 697 1.1 christos } else { 698 1.1 christos esp->es_server.ea_state = eapOpen; 699 1.1 christos } 700 1.1 christos break; 701 1.1 christos 702 1.6 christos #ifdef CHAPMS 703 1.6 christos case eapMSCHAPv2Chall: 704 1.6 christos #endif 705 1.1 christos case eapMD5Chall: 706 1.1 christos if (status != 0) { 707 1.1 christos esp->es_server.ea_state = eapBadAuth; 708 1.1 christos } else { 709 1.1 christos esp->es_server.ea_state = eapOpen; 710 1.1 christos } 711 1.1 christos break; 712 1.1 christos 713 1.1 christos default: 714 1.1 christos esp->es_server.ea_state = eapBadAuth; 715 1.1 christos break; 716 1.1 christos } 717 1.1 christos if (esp->es_server.ea_state == eapBadAuth) 718 1.1 christos eap_send_failure(esp); 719 1.6 christos 720 1.6 christos #ifdef USE_EAPTLS 721 1.6 christos dbglog("EAP id=0x%2x '%s' -> '%s'", esp->es_server.ea_id, eap_state_name(esp->es_server.ea_prev_state), eap_state_name(esp->es_server.ea_state)); 722 1.6 christos #endif /* USE_EAPTLS */ 723 1.6 christos } 724 1.6 christos 725 1.6 christos #if CHAPMS 726 1.6 christos static int 727 1.6 christos eap_chapms2_verify_response(int id, char *name, 728 1.6 christos unsigned char *secret, int secret_len, 729 1.6 christos unsigned char *challenge, unsigned char *response, 730 1.6 christos char *message, int message_space) 731 1.6 christos { 732 1.6 christos unsigned char md[MS_CHAP2_RESPONSE_LEN]; 733 1.6 christos char saresponse[MS_AUTH_RESPONSE_LENGTH+1]; 734 1.6 christos int challenge_len, response_len; 735 1.6 christos 736 1.6 christos challenge_len = *challenge++; /* skip length, is 16 */ 737 1.6 christos response_len = *response++; 738 1.6 christos if (response_len != MS_CHAP2_RESPONSE_LEN) 739 1.6 christos goto bad; /* not even the right length */ 740 1.6 christos 741 1.6 christos /* Generate the expected response and our mutual auth. */ 742 1.6 christos ChapMS2(challenge, &response[MS_CHAP2_PEER_CHALLENGE], name, 743 1.6 christos (char *)secret, secret_len, md, 744 1.6 christos (unsigned char *)saresponse, MS_CHAP2_AUTHENTICATOR); 745 1.6 christos 746 1.6 christos /* compare MDs and send the appropriate status */ 747 1.6 christos /* 748 1.6 christos * Per RFC 2759, success message must be formatted as 749 1.6 christos * "S=<auth_string> M=<message>" 750 1.6 christos * where 751 1.6 christos * <auth_string> is the Authenticator Response (mutual auth) 752 1.6 christos * <message> is a text message 753 1.6 christos * 754 1.6 christos * However, some versions of Windows (win98 tested) do not know 755 1.6 christos * about the M=<message> part (required per RFC 2759) and flag 756 1.6 christos * it as an error (reported incorrectly as an encryption error 757 1.6 christos * to the user). Since the RFC requires it, and it can be 758 1.6 christos * useful information, we supply it if the peer is a conforming 759 1.6 christos * system. Luckily (?), win98 sets the Flags field to 0x04 760 1.6 christos * (contrary to RFC requirements) so we can use that to 761 1.6 christos * distinguish between conforming and non-conforming systems. 762 1.6 christos * 763 1.6 christos * Special thanks to Alex Swiridov <say (at) real.kharkov.ua> for 764 1.6 christos * help debugging this. 765 1.6 christos */ 766 1.6 christos if (memcmp(&md[MS_CHAP2_NTRESP], &response[MS_CHAP2_NTRESP], 767 1.6 christos MS_CHAP2_NTRESP_LEN) == 0) { 768 1.6 christos if (response[MS_CHAP2_FLAGS]) 769 1.6 christos slprintf(message, message_space, "S=%s", saresponse); 770 1.6 christos else 771 1.6 christos slprintf(message, message_space, "S=%s M=%s", 772 1.6 christos saresponse, "Access granted"); 773 1.6 christos return 1; 774 1.6 christos } 775 1.6 christos 776 1.6 christos bad: 777 1.6 christos /* 778 1.6 christos * Failure message must be formatted as 779 1.6 christos * "E=e R=r C=c V=v M=m" 780 1.6 christos * where 781 1.6 christos * e = error code (we use 691, ERROR_AUTHENTICATION_FAILURE) 782 1.6 christos * r = retry (we use 1, ok to retry) 783 1.6 christos * c = challenge to use for next response, we reuse previous 784 1.6 christos * v = Change Password version supported, we use 0 785 1.6 christos * m = text message 786 1.6 christos * 787 1.6 christos * The M=m part is only for MS-CHAPv2. Neither win2k nor 788 1.6 christos * win98 (others untested) display the message to the user anyway. 789 1.6 christos * They also both ignore the E=e code. 790 1.6 christos * 791 1.6 christos * Note that it's safe to reuse the same challenge as we don't 792 1.6 christos * actually accept another response based on the error message 793 1.6 christos * (and no clients try to resend a response anyway). 794 1.6 christos * 795 1.6 christos * Basically, this whole bit is useless code, even the small 796 1.6 christos * implementation here is only because of overspecification. 797 1.6 christos */ 798 1.6 christos slprintf(message, message_space, "E=691 R=1 C=%0.*B V=0 M=%s", 799 1.6 christos challenge_len, challenge, "Access denied"); 800 1.6 christos return 0; 801 1.6 christos } 802 1.6 christos 803 1.6 christos static struct chap_digest_type eap_chapms2_digest = { 804 1.6 christos CHAP_MICROSOFT_V2, /* code */ 805 1.6 christos NULL, /* chapms2_generate_challenge, */ 806 1.6 christos eap_chapms2_verify_response, 807 1.6 christos NULL, /* chapms2_make_response, */ 808 1.6 christos NULL, /* chapms2_check_success, */ 809 1.6 christos NULL, /* chapms_handle_failure, */ 810 1.6 christos }; 811 1.6 christos 812 1.6 christos /* 813 1.6 christos * eap_chap_verify_response - check whether the peer's response matches 814 1.6 christos * what we think it should be. Returns 1 if it does (authentication 815 1.6 christos * succeeded), or 0 if it doesn't. 816 1.6 christos */ 817 1.6 christos static int 818 1.6 christos eap_chap_verify_response(char *name, char *ourname, int id, 819 1.6 christos struct chap_digest_type *digest, 820 1.6 christos unsigned char *challenge, unsigned char *response, 821 1.6 christos char *message, int message_space) 822 1.6 christos { 823 1.6 christos int ok; 824 1.6 christos unsigned char secret[MAXSECRETLEN]; 825 1.6 christos int secret_len; 826 1.6 christos 827 1.6 christos /* Get the secret that the peer is supposed to know */ 828 1.6 christos if (!get_secret(0, name, ourname, (char *)secret, &secret_len, 1)) { 829 1.6 christos error("No CHAP secret found for authenticating %q", name); 830 1.6 christos return 0; 831 1.6 christos } 832 1.6 christos 833 1.6 christos ok = digest->verify_response(id, name, secret, secret_len, challenge, 834 1.6 christos response, message, message_space); 835 1.6 christos memset(secret, 0, sizeof(secret)); 836 1.6 christos 837 1.6 christos return ok; 838 1.1 christos } 839 1.1 christos 840 1.1 christos /* 841 1.6 christos * Format and send an CHAPV2-Success/Failure EAP Request message. 842 1.6 christos */ 843 1.6 christos static void 844 1.6 christos eap_chapms2_send_request(eap_state *esp, u_char id, 845 1.6 christos u_char opcode, u_char chapid, 846 1.6 christos char *message, int message_len) 847 1.6 christos { 848 1.6 christos u_char *outp; 849 1.6 christos int msglen; 850 1.6 christos 851 1.6 christos outp = outpacket_buf; 852 1.6 christos 853 1.6 christos MAKEHEADER(outp, PPP_EAP); 854 1.6 christos 855 1.6 christos msglen = EAP_HEADERLEN + 5 * sizeof (u_char); 856 1.6 christos msglen += message_len; 857 1.6 christos 858 1.6 christos PUTCHAR(EAP_REQUEST, outp); 859 1.6 christos PUTCHAR(id, outp); 860 1.6 christos PUTSHORT(msglen, outp); 861 1.6 christos PUTCHAR(EAPT_MSCHAPV2, outp); 862 1.6 christos PUTCHAR(opcode, outp); 863 1.6 christos PUTCHAR(chapid, outp); 864 1.6 christos /* MS len */ 865 1.6 christos PUTSHORT(msglen - 5, outp); 866 1.6 christos BCOPY(message, outp, message_len); 867 1.6 christos 868 1.6 christos output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen); 869 1.6 christos 870 1.6 christos if (opcode == CHAP_SUCCESS) { 871 1.6 christos auth_peer_success(esp->es_unit, PPP_EAP, 0, 872 1.6 christos esp->es_server.ea_peer, esp->es_server.ea_peerlen); 873 1.6 christos } 874 1.6 christos else { 875 1.6 christos esp->es_server.ea_state = eapBadAuth; 876 1.6 christos auth_peer_fail(esp->es_unit, PPP_EAP); 877 1.6 christos } 878 1.6 christos } 879 1.6 christos #endif /* CHAPMS */ 880 1.6 christos 881 1.6 christos /* 882 1.1 christos * Format an EAP Request message and send it to the peer. Message 883 1.1 christos * type depends on current state. (Server operation) 884 1.1 christos */ 885 1.1 christos static void 886 1.6 christos eap_send_request(eap_state *esp) 887 1.1 christos { 888 1.1 christos u_char *outp; 889 1.1 christos u_char *lenloc; 890 1.1 christos u_char *ptr; 891 1.1 christos int outlen; 892 1.1 christos int challen; 893 1.1 christos char *str; 894 1.1 christos #ifdef USE_SRP 895 1.1 christos struct t_server *ts; 896 1.1 christos u_char clear[8], cipher[8], dig[SHA_DIGESTSIZE], *optr, *cp; 897 1.1 christos int i, j; 898 1.1 christos struct b64state b64; 899 1.1 christos SHA1_CTX ctxt; 900 1.1 christos #endif /* USE_SRP */ 901 1.1 christos 902 1.1 christos /* Handle both initial auth and restart */ 903 1.1 christos if (esp->es_server.ea_state < eapIdentify && 904 1.1 christos esp->es_server.ea_state != eapInitial) { 905 1.1 christos esp->es_server.ea_state = eapIdentify; 906 1.1 christos if (explicit_remote) { 907 1.1 christos /* 908 1.1 christos * If we already know the peer's 909 1.1 christos * unauthenticated name, then there's no 910 1.1 christos * reason to ask. Go to next state instead. 911 1.1 christos */ 912 1.1 christos esp->es_server.ea_peer = remote_name; 913 1.1 christos esp->es_server.ea_peerlen = strlen(remote_name); 914 1.1 christos eap_figure_next_state(esp, 0); 915 1.1 christos } 916 1.1 christos } 917 1.1 christos 918 1.1 christos if (esp->es_server.ea_maxrequests > 0 && 919 1.1 christos esp->es_server.ea_requests >= esp->es_server.ea_maxrequests) { 920 1.1 christos if (esp->es_server.ea_responses > 0) 921 1.1 christos error("EAP: too many Requests sent"); 922 1.1 christos else 923 1.1 christos error("EAP: no response to Requests"); 924 1.1 christos eap_send_failure(esp); 925 1.1 christos return; 926 1.1 christos } 927 1.1 christos 928 1.1 christos outp = outpacket_buf; 929 1.1 christos 930 1.1 christos MAKEHEADER(outp, PPP_EAP); 931 1.1 christos 932 1.1 christos PUTCHAR(EAP_REQUEST, outp); 933 1.1 christos PUTCHAR(esp->es_server.ea_id, outp); 934 1.1 christos lenloc = outp; 935 1.1 christos INCPTR(2, outp); 936 1.1 christos 937 1.1 christos switch (esp->es_server.ea_state) { 938 1.1 christos case eapIdentify: 939 1.1 christos PUTCHAR(EAPT_IDENTITY, outp); 940 1.1 christos str = "Name"; 941 1.1 christos challen = strlen(str); 942 1.1 christos BCOPY(str, outp, challen); 943 1.1 christos INCPTR(challen, outp); 944 1.1 christos break; 945 1.1 christos 946 1.1 christos case eapMD5Chall: 947 1.1 christos PUTCHAR(EAPT_MD5CHAP, outp); 948 1.1 christos /* 949 1.1 christos * pick a random challenge length between 950 1.1 christos * MIN_CHALLENGE_LENGTH and MAX_CHALLENGE_LENGTH 951 1.1 christos */ 952 1.1 christos challen = (drand48() * 953 1.1 christos (MAX_CHALLENGE_LENGTH - MIN_CHALLENGE_LENGTH)) + 954 1.1 christos MIN_CHALLENGE_LENGTH; 955 1.1 christos PUTCHAR(challen, outp); 956 1.1 christos esp->es_challen = challen; 957 1.1 christos ptr = esp->es_challenge; 958 1.1 christos while (--challen >= 0) 959 1.1 christos *ptr++ = (u_char) (drand48() * 0x100); 960 1.1 christos BCOPY(esp->es_challenge, outp, esp->es_challen); 961 1.1 christos INCPTR(esp->es_challen, outp); 962 1.1 christos BCOPY(esp->es_server.ea_name, outp, esp->es_server.ea_namelen); 963 1.1 christos INCPTR(esp->es_server.ea_namelen, outp); 964 1.1 christos break; 965 1.1 christos 966 1.6 christos #ifdef CHAPMS 967 1.6 christos case eapMSCHAPv2Chall: 968 1.6 christos challen = 0x10; 969 1.6 christos esp->es_challen = challen; 970 1.6 christos esp->es_challenge[0] = challen; 971 1.6 christos random_bytes(&esp->es_challenge[1], challen); 972 1.6 christos 973 1.6 christos PUTCHAR(EAPT_MSCHAPV2, outp); 974 1.6 christos PUTCHAR(CHAP_CHALLENGE, outp); 975 1.6 christos PUTCHAR(esp->es_server.ea_id, outp); 976 1.6 christos /* MS len */ 977 1.6 christos PUTSHORT(5 + challen + 978 1.6 christos esp->es_server.ea_namelen, 979 1.6 christos outp); 980 1.6 christos /* challen + challenge */ 981 1.6 christos BCOPY(esp->es_challenge, outp, challen+1); 982 1.6 christos INCPTR(challen+1, outp); 983 1.6 christos BCOPY(esp->es_server.ea_name, 984 1.6 christos outp, 985 1.6 christos esp->es_server.ea_namelen); 986 1.6 christos INCPTR(esp->es_server.ea_namelen, outp); 987 1.6 christos break; 988 1.6 christos #endif /* CHAPMS */ 989 1.6 christos 990 1.6 christos #ifdef USE_EAPTLS 991 1.6 christos case eapTlsStart: 992 1.6 christos PUTCHAR(EAPT_TLS, outp); 993 1.6 christos PUTCHAR(EAP_TLS_FLAGS_START, outp); 994 1.6 christos eap_figure_next_state(esp, 0); 995 1.6 christos break; 996 1.6 christos 997 1.6 christos case eapTlsSend: 998 1.6 christos eaptls_send(esp->es_server.ea_session, &outp); 999 1.6 christos eap_figure_next_state(esp, 0); 1000 1.6 christos break; 1001 1.6 christos 1002 1.6 christos case eapTlsSendAck: 1003 1.6 christos PUTCHAR(EAPT_TLS, outp); 1004 1.6 christos PUTCHAR(0, outp); 1005 1.6 christos eap_figure_next_state(esp, 0); 1006 1.6 christos break; 1007 1.6 christos 1008 1.6 christos case eapTlsSendAlert: 1009 1.6 christos eaptls_send(esp->es_server.ea_session, &outp); 1010 1.6 christos eap_figure_next_state(esp, 0); 1011 1.6 christos break; 1012 1.6 christos #endif /* USE_EAPTLS */ 1013 1.6 christos 1014 1.1 christos #ifdef USE_SRP 1015 1.1 christos case eapSRP1: 1016 1.1 christos PUTCHAR(EAPT_SRP, outp); 1017 1.1 christos PUTCHAR(EAPSRP_CHALLENGE, outp); 1018 1.1 christos 1019 1.1 christos PUTCHAR(esp->es_server.ea_namelen, outp); 1020 1.1 christos BCOPY(esp->es_server.ea_name, outp, esp->es_server.ea_namelen); 1021 1.1 christos INCPTR(esp->es_server.ea_namelen, outp); 1022 1.1 christos 1023 1.1 christos ts = (struct t_server *)esp->es_server.ea_session; 1024 1.1 christos assert(ts != NULL); 1025 1.1 christos PUTCHAR(ts->s.len, outp); 1026 1.1 christos BCOPY(ts->s.data, outp, ts->s.len); 1027 1.1 christos INCPTR(ts->s.len, outp); 1028 1.1 christos 1029 1.1 christos if (ts->g.len == 1 && ts->g.data[0] == 2) { 1030 1.1 christos PUTCHAR(0, outp); 1031 1.1 christos } else { 1032 1.1 christos PUTCHAR(ts->g.len, outp); 1033 1.1 christos BCOPY(ts->g.data, outp, ts->g.len); 1034 1.1 christos INCPTR(ts->g.len, outp); 1035 1.1 christos } 1036 1.1 christos 1037 1.1 christos if (ts->n.len != sizeof (wkmodulus) || 1038 1.1 christos BCMP(ts->n.data, wkmodulus, sizeof (wkmodulus)) != 0) { 1039 1.1 christos BCOPY(ts->n.data, outp, ts->n.len); 1040 1.1 christos INCPTR(ts->n.len, outp); 1041 1.1 christos } 1042 1.1 christos break; 1043 1.1 christos 1044 1.1 christos case eapSRP2: 1045 1.1 christos PUTCHAR(EAPT_SRP, outp); 1046 1.1 christos PUTCHAR(EAPSRP_SKEY, outp); 1047 1.1 christos 1048 1.1 christos ts = (struct t_server *)esp->es_server.ea_session; 1049 1.1 christos assert(ts != NULL); 1050 1.1 christos BCOPY(ts->B.data, outp, ts->B.len); 1051 1.1 christos INCPTR(ts->B.len, outp); 1052 1.1 christos break; 1053 1.1 christos 1054 1.1 christos case eapSRP3: 1055 1.1 christos PUTCHAR(EAPT_SRP, outp); 1056 1.1 christos PUTCHAR(EAPSRP_SVALIDATOR, outp); 1057 1.1 christos PUTLONG(SRPVAL_EBIT, outp); 1058 1.1 christos ts = (struct t_server *)esp->es_server.ea_session; 1059 1.1 christos assert(ts != NULL); 1060 1.1 christos BCOPY(t_serverresponse(ts), outp, SHA_DIGESTSIZE); 1061 1.1 christos INCPTR(SHA_DIGESTSIZE, outp); 1062 1.1 christos 1063 1.1 christos if (pncrypt_setkey(0)) { 1064 1.1 christos /* Generate pseudonym */ 1065 1.1 christos optr = outp; 1066 1.1 christos cp = (unsigned char *)esp->es_server.ea_peer; 1067 1.1 christos if ((j = i = esp->es_server.ea_peerlen) > 7) 1068 1.1 christos j = 7; 1069 1.1 christos clear[0] = i; 1070 1.1 christos BCOPY(cp, clear + 1, j); 1071 1.1 christos i -= j; 1072 1.1 christos cp += j; 1073 1.1 christos if (!DesEncrypt(clear, cipher)) { 1074 1.1 christos dbglog("no DES here; not generating pseudonym"); 1075 1.1 christos break; 1076 1.1 christos } 1077 1.1 christos BZERO(&b64, sizeof (b64)); 1078 1.1 christos outp++; /* space for pseudonym length */ 1079 1.1 christos outp += b64enc(&b64, cipher, 8, outp); 1080 1.1 christos while (i >= 8) { 1081 1.1 christos (void) DesEncrypt(cp, cipher); 1082 1.1 christos outp += b64enc(&b64, cipher, 8, outp); 1083 1.1 christos cp += 8; 1084 1.1 christos i -= 8; 1085 1.1 christos } 1086 1.1 christos if (i > 0) { 1087 1.1 christos BCOPY(cp, clear, i); 1088 1.1 christos cp += i; 1089 1.1 christos while (i < 8) { 1090 1.1 christos *cp++ = drand48() * 0x100; 1091 1.1 christos i++; 1092 1.1 christos } 1093 1.1 christos (void) DesEncrypt(clear, cipher); 1094 1.1 christos outp += b64enc(&b64, cipher, 8, outp); 1095 1.1 christos } 1096 1.1 christos outp += b64flush(&b64, outp); 1097 1.1 christos 1098 1.1 christos /* Set length and pad out to next 20 octet boundary */ 1099 1.1 christos i = outp - optr - 1; 1100 1.1 christos *optr = i; 1101 1.1 christos i %= SHA_DIGESTSIZE; 1102 1.1 christos if (i != 0) { 1103 1.1 christos while (i < SHA_DIGESTSIZE) { 1104 1.1 christos *outp++ = drand48() * 0x100; 1105 1.1 christos i++; 1106 1.1 christos } 1107 1.1 christos } 1108 1.1 christos 1109 1.1 christos /* Obscure the pseudonym with SHA1 hash */ 1110 1.1 christos SHA1Init(&ctxt); 1111 1.1 christos SHA1Update(&ctxt, &esp->es_server.ea_id, 1); 1112 1.1 christos SHA1Update(&ctxt, esp->es_server.ea_skey, 1113 1.1 christos SESSION_KEY_LEN); 1114 1.1 christos SHA1Update(&ctxt, esp->es_server.ea_peer, 1115 1.1 christos esp->es_server.ea_peerlen); 1116 1.1 christos while (optr < outp) { 1117 1.1 christos SHA1Final(dig, &ctxt); 1118 1.1 christos cp = dig; 1119 1.1 christos while (cp < dig + SHA_DIGESTSIZE) 1120 1.1 christos *optr++ ^= *cp++; 1121 1.1 christos SHA1Init(&ctxt); 1122 1.1 christos SHA1Update(&ctxt, &esp->es_server.ea_id, 1); 1123 1.1 christos SHA1Update(&ctxt, esp->es_server.ea_skey, 1124 1.1 christos SESSION_KEY_LEN); 1125 1.1 christos SHA1Update(&ctxt, optr - SHA_DIGESTSIZE, 1126 1.1 christos SHA_DIGESTSIZE); 1127 1.1 christos } 1128 1.1 christos } 1129 1.1 christos break; 1130 1.1 christos 1131 1.1 christos case eapSRP4: 1132 1.1 christos PUTCHAR(EAPT_SRP, outp); 1133 1.1 christos PUTCHAR(EAPSRP_LWRECHALLENGE, outp); 1134 1.1 christos challen = MIN_CHALLENGE_LENGTH + 1135 1.1 christos ((MAX_CHALLENGE_LENGTH - MIN_CHALLENGE_LENGTH) * drand48()); 1136 1.1 christos esp->es_challen = challen; 1137 1.1 christos ptr = esp->es_challenge; 1138 1.1 christos while (--challen >= 0) 1139 1.1 christos *ptr++ = drand48() * 0x100; 1140 1.1 christos BCOPY(esp->es_challenge, outp, esp->es_challen); 1141 1.1 christos INCPTR(esp->es_challen, outp); 1142 1.1 christos break; 1143 1.1 christos #endif /* USE_SRP */ 1144 1.1 christos 1145 1.1 christos default: 1146 1.1 christos return; 1147 1.1 christos } 1148 1.1 christos 1149 1.1 christos outlen = (outp - outpacket_buf) - PPP_HDRLEN; 1150 1.1 christos PUTSHORT(outlen, lenloc); 1151 1.1 christos 1152 1.1 christos output(esp->es_unit, outpacket_buf, outlen + PPP_HDRLEN); 1153 1.1 christos 1154 1.1 christos esp->es_server.ea_requests++; 1155 1.1 christos 1156 1.1 christos if (esp->es_server.ea_timeout > 0) 1157 1.1 christos TIMEOUT(eap_server_timeout, esp, esp->es_server.ea_timeout); 1158 1.1 christos } 1159 1.1 christos 1160 1.1 christos /* 1161 1.1 christos * eap_authpeer - Authenticate our peer (behave as server). 1162 1.1 christos * 1163 1.1 christos * Start server state and send first request. This is called only 1164 1.1 christos * after eap_lowerup. 1165 1.1 christos */ 1166 1.1 christos void 1167 1.6 christos eap_authpeer(int unit, char *localname) 1168 1.1 christos { 1169 1.1 christos eap_state *esp = &eap_states[unit]; 1170 1.1 christos 1171 1.1 christos /* Save the name we're given. */ 1172 1.1 christos esp->es_server.ea_name = localname; 1173 1.1 christos esp->es_server.ea_namelen = strlen(localname); 1174 1.1 christos 1175 1.1 christos esp->es_savedtime = esp->es_server.ea_timeout; 1176 1.1 christos 1177 1.1 christos /* Lower layer up yet? */ 1178 1.1 christos if (esp->es_server.ea_state == eapInitial || 1179 1.1 christos esp->es_server.ea_state == eapPending) { 1180 1.1 christos esp->es_server.ea_state = eapPending; 1181 1.1 christos return; 1182 1.1 christos } 1183 1.1 christos 1184 1.1 christos esp->es_server.ea_state = eapPending; 1185 1.1 christos 1186 1.1 christos /* ID number not updated here intentionally; hashed into M1 */ 1187 1.1 christos eap_send_request(esp); 1188 1.1 christos } 1189 1.1 christos 1190 1.1 christos /* 1191 1.1 christos * eap_server_timeout - Retransmission timer for sending Requests 1192 1.1 christos * expired. 1193 1.1 christos */ 1194 1.1 christos static void 1195 1.6 christos eap_server_timeout(void *arg) 1196 1.1 christos { 1197 1.6 christos #ifdef USE_EAPTLS 1198 1.6 christos u_char *outp; 1199 1.6 christos u_char *lenloc; 1200 1.6 christos int outlen; 1201 1.6 christos #endif /* USE_EAPTLS */ 1202 1.6 christos 1203 1.1 christos eap_state *esp = (eap_state *) arg; 1204 1.1 christos 1205 1.1 christos if (!eap_server_active(esp)) 1206 1.1 christos return; 1207 1.1 christos 1208 1.6 christos #ifdef USE_EAPTLS 1209 1.6 christos switch(esp->es_server.ea_prev_state) { 1210 1.6 christos 1211 1.6 christos /* 1212 1.6 christos * In eap-tls the state changes after a request, so we return to 1213 1.6 christos * previous state ... 1214 1.6 christos */ 1215 1.6 christos case(eapTlsStart): 1216 1.6 christos case(eapTlsSendAck): 1217 1.6 christos esp->es_server.ea_state = esp->es_server.ea_prev_state; 1218 1.6 christos break; 1219 1.6 christos 1220 1.6 christos /* 1221 1.6 christos * ... or resend the stored data 1222 1.6 christos */ 1223 1.6 christos case(eapTlsSend): 1224 1.6 christos case(eapTlsSendAlert): 1225 1.6 christos outp = outpacket_buf; 1226 1.6 christos MAKEHEADER(outp, PPP_EAP); 1227 1.6 christos PUTCHAR(EAP_REQUEST, outp); 1228 1.6 christos PUTCHAR(esp->es_server.ea_id, outp); 1229 1.6 christos lenloc = outp; 1230 1.6 christos INCPTR(2, outp); 1231 1.6 christos 1232 1.6 christos eaptls_retransmit(esp->es_server.ea_session, &outp); 1233 1.6 christos 1234 1.6 christos outlen = (outp - outpacket_buf) - PPP_HDRLEN; 1235 1.6 christos PUTSHORT(outlen, lenloc); 1236 1.6 christos output(esp->es_unit, outpacket_buf, outlen + PPP_HDRLEN); 1237 1.6 christos esp->es_server.ea_requests++; 1238 1.6 christos 1239 1.6 christos if (esp->es_server.ea_timeout > 0) 1240 1.6 christos TIMEOUT(eap_server_timeout, esp, esp->es_server.ea_timeout); 1241 1.6 christos 1242 1.6 christos return; 1243 1.6 christos default: 1244 1.6 christos break; 1245 1.6 christos } 1246 1.6 christos #endif /* USE_EAPTLS */ 1247 1.6 christos 1248 1.1 christos /* EAP ID number must not change on timeout. */ 1249 1.1 christos eap_send_request(esp); 1250 1.1 christos } 1251 1.1 christos 1252 1.1 christos /* 1253 1.1 christos * When it's time to send rechallenge the peer, this timeout is 1254 1.1 christos * called. Once the rechallenge is successful, the response handler 1255 1.1 christos * will restart the timer. If it fails, then the link is dropped. 1256 1.1 christos */ 1257 1.1 christos static void 1258 1.6 christos eap_rechallenge(void *arg) 1259 1.1 christos { 1260 1.1 christos eap_state *esp = (eap_state *)arg; 1261 1.1 christos 1262 1.1 christos if (esp->es_server.ea_state != eapOpen && 1263 1.1 christos esp->es_server.ea_state != eapSRP4) 1264 1.1 christos return; 1265 1.1 christos 1266 1.1 christos esp->es_server.ea_requests = 0; 1267 1.1 christos esp->es_server.ea_state = eapIdentify; 1268 1.1 christos eap_figure_next_state(esp, 0); 1269 1.1 christos esp->es_server.ea_id++; 1270 1.1 christos eap_send_request(esp); 1271 1.1 christos } 1272 1.1 christos 1273 1.1 christos static void 1274 1.6 christos srp_lwrechallenge(void *arg) 1275 1.1 christos { 1276 1.1 christos eap_state *esp = (eap_state *)arg; 1277 1.1 christos 1278 1.1 christos if (esp->es_server.ea_state != eapOpen || 1279 1.1 christos esp->es_server.ea_type != EAPT_SRP) 1280 1.1 christos return; 1281 1.1 christos 1282 1.1 christos esp->es_server.ea_requests = 0; 1283 1.1 christos esp->es_server.ea_state = eapSRP4; 1284 1.1 christos esp->es_server.ea_id++; 1285 1.1 christos eap_send_request(esp); 1286 1.1 christos } 1287 1.1 christos 1288 1.1 christos /* 1289 1.1 christos * eap_lowerup - The lower layer is now up. 1290 1.1 christos * 1291 1.1 christos * This is called before either eap_authpeer or eap_authwithpeer. See 1292 1.1 christos * link_established() in auth.c. All that's necessary here is to 1293 1.1 christos * return to closed state so that those two routines will do the right 1294 1.1 christos * thing. 1295 1.1 christos */ 1296 1.1 christos static void 1297 1.6 christos eap_lowerup(int unit) 1298 1.1 christos { 1299 1.1 christos eap_state *esp = &eap_states[unit]; 1300 1.1 christos 1301 1.1 christos /* Discard any (possibly authenticated) peer name. */ 1302 1.1 christos if (esp->es_server.ea_peer != NULL && 1303 1.1 christos esp->es_server.ea_peer != remote_name) 1304 1.1 christos free(esp->es_server.ea_peer); 1305 1.1 christos esp->es_server.ea_peer = NULL; 1306 1.1 christos if (esp->es_client.ea_peer != NULL) 1307 1.1 christos free(esp->es_client.ea_peer); 1308 1.1 christos esp->es_client.ea_peer = NULL; 1309 1.1 christos 1310 1.1 christos esp->es_client.ea_state = eapClosed; 1311 1.1 christos esp->es_server.ea_state = eapClosed; 1312 1.1 christos } 1313 1.1 christos 1314 1.1 christos /* 1315 1.1 christos * eap_lowerdown - The lower layer is now down. 1316 1.1 christos * 1317 1.1 christos * Cancel all timeouts and return to initial state. 1318 1.1 christos */ 1319 1.1 christos static void 1320 1.6 christos eap_lowerdown(int unit) 1321 1.1 christos { 1322 1.1 christos eap_state *esp = &eap_states[unit]; 1323 1.1 christos 1324 1.1 christos if (eap_client_active(esp) && esp->es_client.ea_timeout > 0) { 1325 1.1 christos UNTIMEOUT(eap_client_timeout, (void *)esp); 1326 1.1 christos } 1327 1.1 christos if (eap_server_active(esp)) { 1328 1.1 christos if (esp->es_server.ea_timeout > 0) { 1329 1.1 christos UNTIMEOUT(eap_server_timeout, (void *)esp); 1330 1.1 christos } 1331 1.1 christos } else { 1332 1.1 christos if ((esp->es_server.ea_state == eapOpen || 1333 1.1 christos esp->es_server.ea_state == eapSRP4) && 1334 1.1 christos esp->es_rechallenge > 0) { 1335 1.1 christos UNTIMEOUT(eap_rechallenge, (void *)esp); 1336 1.1 christos } 1337 1.1 christos if (esp->es_server.ea_state == eapOpen && 1338 1.1 christos esp->es_lwrechallenge > 0) { 1339 1.1 christos UNTIMEOUT(srp_lwrechallenge, (void *)esp); 1340 1.1 christos } 1341 1.1 christos } 1342 1.1 christos 1343 1.1 christos esp->es_client.ea_state = esp->es_server.ea_state = eapInitial; 1344 1.1 christos esp->es_client.ea_requests = esp->es_server.ea_requests = 0; 1345 1.1 christos } 1346 1.1 christos 1347 1.1 christos /* 1348 1.1 christos * eap_protrej - Peer doesn't speak this protocol. 1349 1.1 christos * 1350 1.1 christos * This shouldn't happen. If it does, it represents authentication 1351 1.1 christos * failure. 1352 1.1 christos */ 1353 1.1 christos static void 1354 1.6 christos eap_protrej(int unit) 1355 1.1 christos { 1356 1.1 christos eap_state *esp = &eap_states[unit]; 1357 1.1 christos 1358 1.1 christos if (eap_client_active(esp)) { 1359 1.1 christos error("EAP authentication failed due to Protocol-Reject"); 1360 1.1 christos auth_withpeer_fail(unit, PPP_EAP); 1361 1.1 christos } 1362 1.1 christos if (eap_server_active(esp)) { 1363 1.1 christos error("EAP authentication of peer failed on Protocol-Reject"); 1364 1.1 christos auth_peer_fail(unit, PPP_EAP); 1365 1.1 christos } 1366 1.1 christos eap_lowerdown(unit); 1367 1.1 christos } 1368 1.1 christos 1369 1.1 christos /* 1370 1.1 christos * Format and send a regular EAP Response message. 1371 1.1 christos */ 1372 1.1 christos static void 1373 1.2 christos eap_send_response(eap_state *esp, u_char id, u_char typenum, 1374 1.6 christos u_char *str, int lenstr) 1375 1.1 christos { 1376 1.1 christos u_char *outp; 1377 1.1 christos int msglen; 1378 1.1 christos 1379 1.1 christos outp = outpacket_buf; 1380 1.1 christos 1381 1.1 christos MAKEHEADER(outp, PPP_EAP); 1382 1.1 christos 1383 1.1 christos PUTCHAR(EAP_RESPONSE, outp); 1384 1.1 christos PUTCHAR(id, outp); 1385 1.1 christos esp->es_client.ea_id = id; 1386 1.1 christos msglen = EAP_HEADERLEN + sizeof (u_char) + lenstr; 1387 1.1 christos PUTSHORT(msglen, outp); 1388 1.1 christos PUTCHAR(typenum, outp); 1389 1.1 christos if (lenstr > 0) { 1390 1.1 christos BCOPY(str, outp, lenstr); 1391 1.1 christos } 1392 1.1 christos 1393 1.1 christos output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen); 1394 1.1 christos } 1395 1.1 christos 1396 1.1 christos /* 1397 1.1 christos * Format and send an MD5-Challenge EAP Response message. 1398 1.1 christos */ 1399 1.1 christos static void 1400 1.6 christos eap_chap_response(eap_state *esp, u_char id, u_char *hash, 1401 1.6 christos char *name, int namelen) 1402 1.1 christos { 1403 1.1 christos u_char *outp; 1404 1.1 christos int msglen; 1405 1.1 christos 1406 1.1 christos outp = outpacket_buf; 1407 1.1 christos 1408 1.1 christos MAKEHEADER(outp, PPP_EAP); 1409 1.1 christos 1410 1.1 christos PUTCHAR(EAP_RESPONSE, outp); 1411 1.1 christos PUTCHAR(id, outp); 1412 1.1 christos esp->es_client.ea_id = id; 1413 1.1 christos msglen = EAP_HEADERLEN + 2 * sizeof (u_char) + MD5_SIGNATURE_SIZE + 1414 1.1 christos namelen; 1415 1.1 christos PUTSHORT(msglen, outp); 1416 1.1 christos PUTCHAR(EAPT_MD5CHAP, outp); 1417 1.1 christos PUTCHAR(MD5_SIGNATURE_SIZE, outp); 1418 1.1 christos BCOPY(hash, outp, MD5_SIGNATURE_SIZE); 1419 1.1 christos INCPTR(MD5_SIGNATURE_SIZE, outp); 1420 1.1 christos if (namelen > 0) { 1421 1.1 christos BCOPY(name, outp, namelen); 1422 1.1 christos } 1423 1.1 christos 1424 1.1 christos output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen); 1425 1.1 christos } 1426 1.1 christos 1427 1.1 christos #ifdef USE_SRP 1428 1.1 christos /* 1429 1.1 christos * Format and send a SRP EAP Response message. 1430 1.1 christos */ 1431 1.1 christos static void 1432 1.6 christos eap_srp_response(eap_state *esp, u_char id, u_char subtypenum, 1433 1.6 christos u_char *str, int lenstr) 1434 1.1 christos { 1435 1.1 christos u_char *outp; 1436 1.1 christos int msglen; 1437 1.1 christos 1438 1.1 christos outp = outpacket_buf; 1439 1.1 christos 1440 1.1 christos MAKEHEADER(outp, PPP_EAP); 1441 1.1 christos 1442 1.1 christos PUTCHAR(EAP_RESPONSE, outp); 1443 1.1 christos PUTCHAR(id, outp); 1444 1.1 christos esp->es_client.ea_id = id; 1445 1.1 christos msglen = EAP_HEADERLEN + 2 * sizeof (u_char) + lenstr; 1446 1.1 christos PUTSHORT(msglen, outp); 1447 1.1 christos PUTCHAR(EAPT_SRP, outp); 1448 1.1 christos PUTCHAR(subtypenum, outp); 1449 1.1 christos if (lenstr > 0) { 1450 1.1 christos BCOPY(str, outp, lenstr); 1451 1.1 christos } 1452 1.1 christos 1453 1.1 christos output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen); 1454 1.1 christos } 1455 1.1 christos 1456 1.1 christos /* 1457 1.1 christos * Format and send a SRP EAP Client Validator Response message. 1458 1.1 christos */ 1459 1.1 christos static void 1460 1.6 christos eap_srpval_response(eap_state *esp, u_char id, u_int32_t flags, u_char *str) 1461 1.1 christos { 1462 1.1 christos u_char *outp; 1463 1.1 christos int msglen; 1464 1.1 christos 1465 1.1 christos outp = outpacket_buf; 1466 1.1 christos 1467 1.1 christos MAKEHEADER(outp, PPP_EAP); 1468 1.1 christos 1469 1.1 christos PUTCHAR(EAP_RESPONSE, outp); 1470 1.1 christos PUTCHAR(id, outp); 1471 1.1 christos esp->es_client.ea_id = id; 1472 1.1 christos msglen = EAP_HEADERLEN + 2 * sizeof (u_char) + sizeof (u_int32_t) + 1473 1.1 christos SHA_DIGESTSIZE; 1474 1.1 christos PUTSHORT(msglen, outp); 1475 1.1 christos PUTCHAR(EAPT_SRP, outp); 1476 1.1 christos PUTCHAR(EAPSRP_CVALIDATOR, outp); 1477 1.1 christos PUTLONG(flags, outp); 1478 1.1 christos BCOPY(str, outp, SHA_DIGESTSIZE); 1479 1.1 christos 1480 1.1 christos output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen); 1481 1.1 christos } 1482 1.1 christos #endif /* USE_SRP */ 1483 1.1 christos 1484 1.6 christos #ifdef USE_EAPTLS 1485 1.6 christos /* 1486 1.6 christos * Send an EAP-TLS response message with tls data 1487 1.6 christos */ 1488 1.6 christos static void 1489 1.6 christos eap_tls_response(eap_state *esp, u_char id) 1490 1.6 christos { 1491 1.6 christos u_char *outp; 1492 1.6 christos int outlen; 1493 1.6 christos u_char *lenloc; 1494 1.6 christos 1495 1.6 christos outp = outpacket_buf; 1496 1.6 christos 1497 1.6 christos MAKEHEADER(outp, PPP_EAP); 1498 1.6 christos 1499 1.6 christos PUTCHAR(EAP_RESPONSE, outp); 1500 1.6 christos PUTCHAR(id, outp); 1501 1.6 christos 1502 1.6 christos lenloc = outp; 1503 1.6 christos INCPTR(2, outp); 1504 1.6 christos 1505 1.6 christos /* 1506 1.6 christos If the id in the request is unchanged, we must retransmit 1507 1.6 christos the old data 1508 1.6 christos */ 1509 1.6 christos if(id == esp->es_client.ea_id) 1510 1.6 christos eaptls_retransmit(esp->es_client.ea_session, &outp); 1511 1.6 christos else 1512 1.6 christos eaptls_send(esp->es_client.ea_session, &outp); 1513 1.6 christos 1514 1.6 christos outlen = (outp - outpacket_buf) - PPP_HDRLEN; 1515 1.6 christos PUTSHORT(outlen, lenloc); 1516 1.6 christos 1517 1.6 christos output(esp->es_unit, outpacket_buf, PPP_HDRLEN + outlen); 1518 1.6 christos 1519 1.6 christos esp->es_client.ea_id = id; 1520 1.6 christos } 1521 1.6 christos 1522 1.6 christos /* 1523 1.6 christos * Send an EAP-TLS ack 1524 1.6 christos */ 1525 1.6 christos static void 1526 1.6 christos eap_tls_sendack(eap_state *esp, u_char id) 1527 1.6 christos { 1528 1.6 christos u_char *outp; 1529 1.6 christos int outlen; 1530 1.6 christos u_char *lenloc; 1531 1.6 christos 1532 1.6 christos outp = outpacket_buf; 1533 1.6 christos 1534 1.6 christos MAKEHEADER(outp, PPP_EAP); 1535 1.6 christos 1536 1.6 christos PUTCHAR(EAP_RESPONSE, outp); 1537 1.6 christos PUTCHAR(id, outp); 1538 1.6 christos esp->es_client.ea_id = id; 1539 1.6 christos 1540 1.6 christos lenloc = outp; 1541 1.6 christos INCPTR(2, outp); 1542 1.6 christos 1543 1.6 christos PUTCHAR(EAPT_TLS, outp); 1544 1.6 christos PUTCHAR(0, outp); 1545 1.6 christos 1546 1.6 christos outlen = (outp - outpacket_buf) - PPP_HDRLEN; 1547 1.6 christos PUTSHORT(outlen, lenloc); 1548 1.6 christos 1549 1.6 christos output(esp->es_unit, outpacket_buf, PPP_HDRLEN + outlen); 1550 1.6 christos } 1551 1.6 christos #endif /* USE_EAPTLS */ 1552 1.6 christos 1553 1.1 christos static void 1554 1.2 christos eap_send_nak(eap_state *esp, u_char id, u_char type) 1555 1.1 christos { 1556 1.1 christos u_char *outp; 1557 1.1 christos int msglen; 1558 1.1 christos 1559 1.1 christos outp = outpacket_buf; 1560 1.1 christos 1561 1.1 christos MAKEHEADER(outp, PPP_EAP); 1562 1.1 christos 1563 1.1 christos PUTCHAR(EAP_RESPONSE, outp); 1564 1.1 christos PUTCHAR(id, outp); 1565 1.1 christos esp->es_client.ea_id = id; 1566 1.1 christos msglen = EAP_HEADERLEN + 2 * sizeof (u_char); 1567 1.1 christos PUTSHORT(msglen, outp); 1568 1.1 christos PUTCHAR(EAPT_NAK, outp); 1569 1.1 christos PUTCHAR(type, outp); 1570 1.1 christos 1571 1.1 christos output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen); 1572 1.1 christos } 1573 1.1 christos 1574 1.1 christos #ifdef USE_SRP 1575 1.1 christos static char * 1576 1.6 christos name_of_pn_file(void) 1577 1.1 christos { 1578 1.1 christos char *user, *path, *file; 1579 1.1 christos struct passwd *pw; 1580 1.1 christos size_t pl; 1581 1.1 christos static bool pnlogged = 0; 1582 1.1 christos 1583 1.1 christos pw = getpwuid(getuid()); 1584 1.1 christos if (pw == NULL || (user = pw->pw_dir) == NULL || user[0] == 0) { 1585 1.1 christos errno = EINVAL; 1586 1.1 christos return (NULL); 1587 1.1 christos } 1588 1.1 christos file = _PATH_PSEUDONYM; 1589 1.1 christos pl = strlen(user) + strlen(file) + 2; 1590 1.1 christos path = malloc(pl); 1591 1.1 christos if (path == NULL) 1592 1.1 christos return (NULL); 1593 1.1 christos (void) slprintf(path, pl, "%s/%s", user, file); 1594 1.1 christos if (!pnlogged) { 1595 1.1 christos dbglog("pseudonym file: %s", path); 1596 1.1 christos pnlogged = 1; 1597 1.1 christos } 1598 1.1 christos return (path); 1599 1.1 christos } 1600 1.1 christos 1601 1.1 christos static int 1602 1.6 christos open_pn_file(mode_t modebits) 1603 1.1 christos { 1604 1.1 christos char *path; 1605 1.1 christos int fd, err; 1606 1.1 christos 1607 1.1 christos if ((path = name_of_pn_file()) == NULL) 1608 1.1 christos return (-1); 1609 1.1 christos fd = open(path, modebits, S_IRUSR | S_IWUSR); 1610 1.1 christos err = errno; 1611 1.1 christos free(path); 1612 1.1 christos errno = err; 1613 1.1 christos return (fd); 1614 1.1 christos } 1615 1.1 christos 1616 1.1 christos static void 1617 1.6 christos remove_pn_file(void) 1618 1.1 christos { 1619 1.1 christos char *path; 1620 1.1 christos 1621 1.1 christos if ((path = name_of_pn_file()) != NULL) { 1622 1.1 christos (void) unlink(path); 1623 1.1 christos (void) free(path); 1624 1.1 christos } 1625 1.1 christos } 1626 1.1 christos 1627 1.1 christos static void 1628 1.6 christos write_pseudonym(eap_state *esp, u_char *inp, int len, int id) 1629 1.1 christos { 1630 1.1 christos u_char val; 1631 1.1 christos u_char *datp, *digp; 1632 1.1 christos SHA1_CTX ctxt; 1633 1.1 christos u_char dig[SHA_DIGESTSIZE]; 1634 1.1 christos int dsize, fd, olen = len; 1635 1.1 christos 1636 1.1 christos /* 1637 1.1 christos * Do the decoding by working backwards. This eliminates the need 1638 1.1 christos * to save the decoded output in a separate buffer. 1639 1.1 christos */ 1640 1.1 christos val = id; 1641 1.1 christos while (len > 0) { 1642 1.1 christos if ((dsize = len % SHA_DIGESTSIZE) == 0) 1643 1.1 christos dsize = SHA_DIGESTSIZE; 1644 1.1 christos len -= dsize; 1645 1.1 christos datp = inp + len; 1646 1.1 christos SHA1Init(&ctxt); 1647 1.1 christos SHA1Update(&ctxt, &val, 1); 1648 1.1 christos SHA1Update(&ctxt, esp->es_client.ea_skey, SESSION_KEY_LEN); 1649 1.1 christos if (len > 0) { 1650 1.1 christos SHA1Update(&ctxt, datp, SHA_DIGESTSIZE); 1651 1.1 christos } else { 1652 1.1 christos SHA1Update(&ctxt, esp->es_client.ea_name, 1653 1.1 christos esp->es_client.ea_namelen); 1654 1.1 christos } 1655 1.1 christos SHA1Final(dig, &ctxt); 1656 1.1 christos for (digp = dig; digp < dig + SHA_DIGESTSIZE; digp++) 1657 1.1 christos *datp++ ^= *digp; 1658 1.1 christos } 1659 1.1 christos 1660 1.1 christos /* Now check that the result is sane */ 1661 1.1 christos if (olen <= 0 || *inp + 1 > olen) { 1662 1.1 christos dbglog("EAP: decoded pseudonym is unusable <%.*B>", olen, inp); 1663 1.1 christos return; 1664 1.1 christos } 1665 1.1 christos 1666 1.1 christos /* Save it away */ 1667 1.1 christos fd = open_pn_file(O_WRONLY | O_CREAT | O_TRUNC); 1668 1.1 christos if (fd < 0) { 1669 1.1 christos dbglog("EAP: error saving pseudonym: %m"); 1670 1.1 christos return; 1671 1.1 christos } 1672 1.1 christos len = write(fd, inp + 1, *inp); 1673 1.1 christos if (close(fd) != -1 && len == *inp) { 1674 1.1 christos dbglog("EAP: saved pseudonym"); 1675 1.1 christos esp->es_usedpseudo = 0; 1676 1.1 christos } else { 1677 1.1 christos dbglog("EAP: failed to save pseudonym"); 1678 1.1 christos remove_pn_file(); 1679 1.1 christos } 1680 1.1 christos } 1681 1.1 christos #endif /* USE_SRP */ 1682 1.1 christos 1683 1.6 christos #if CHAPMS 1684 1.6 christos /* 1685 1.6 christos * Format and send an CHAPV2-Challenge EAP Response message. 1686 1.6 christos */ 1687 1.6 christos static void 1688 1.6 christos eap_chapv2_response(eap_state *esp, u_char id, u_char chapid, u_char *response, char *user, int user_len) 1689 1.6 christos { 1690 1.6 christos u_char *outp; 1691 1.6 christos int msglen; 1692 1.6 christos 1693 1.6 christos outp = outpacket_buf; 1694 1.6 christos 1695 1.6 christos MAKEHEADER(outp, PPP_EAP); 1696 1.6 christos 1697 1.6 christos PUTCHAR(EAP_RESPONSE, outp); 1698 1.6 christos PUTCHAR(id, outp); 1699 1.6 christos esp->es_client.ea_id = id; 1700 1.6 christos msglen = EAP_HEADERLEN + 6 * sizeof (u_char) + MS_CHAP2_RESPONSE_LEN + user_len; 1701 1.6 christos PUTSHORT(msglen, outp); 1702 1.6 christos PUTCHAR(EAPT_MSCHAPV2, outp); 1703 1.6 christos PUTCHAR(CHAP_RESPONSE, outp); 1704 1.6 christos PUTCHAR(chapid, outp); 1705 1.6 christos PUTCHAR(0, outp); 1706 1.6 christos /* len */ 1707 1.6 christos PUTCHAR(5 + user_len + MS_CHAP2_RESPONSE_LEN, outp); 1708 1.6 christos BCOPY(response, outp, MS_CHAP2_RESPONSE_LEN+1); // VLEN + VALUE 1709 1.6 christos INCPTR(MS_CHAP2_RESPONSE_LEN+1, outp); 1710 1.6 christos BCOPY(user, outp, user_len); 1711 1.6 christos 1712 1.6 christos output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen); 1713 1.6 christos } 1714 1.6 christos #endif 1715 1.6 christos 1716 1.1 christos /* 1717 1.1 christos * eap_request - Receive EAP Request message (client mode). 1718 1.1 christos */ 1719 1.1 christos static void 1720 1.6 christos eap_request(eap_state *esp, u_char *inp, int id, int len) 1721 1.1 christos { 1722 1.1 christos u_char typenum; 1723 1.1 christos u_char vallen; 1724 1.1 christos int secret_len; 1725 1.1 christos char secret[MAXWORDLEN]; 1726 1.1 christos char rhostname[256]; 1727 1.1 christos MD5_CTX mdContext; 1728 1.1 christos u_char hash[MD5_SIGNATURE_SIZE]; 1729 1.6 christos #ifdef USE_EAPTLS 1730 1.6 christos u_char flags; 1731 1.6 christos struct eaptls_session *ets = esp->es_client.ea_session; 1732 1.6 christos #endif /* USE_EAPTLS */ 1733 1.6 christos 1734 1.1 christos #ifdef USE_SRP 1735 1.1 christos struct t_client *tc; 1736 1.1 christos struct t_num sval, gval, Nval, *Ap, Bval; 1737 1.1 christos u_char vals[2]; 1738 1.1 christos SHA1_CTX ctxt; 1739 1.1 christos u_char dig[SHA_DIGESTSIZE]; 1740 1.1 christos int fd; 1741 1.1 christos #endif /* USE_SRP */ 1742 1.1 christos 1743 1.1 christos /* 1744 1.6 christos * Ignore requests if we're not open 1745 1.6 christos */ 1746 1.6 christos if (esp->es_client.ea_state <= eapClosed) 1747 1.6 christos return; 1748 1.6 christos 1749 1.6 christos /* 1750 1.1 christos * Note: we update es_client.ea_id *only if* a Response 1751 1.1 christos * message is being generated. Otherwise, we leave it the 1752 1.1 christos * same for duplicate detection purposes. 1753 1.1 christos */ 1754 1.1 christos 1755 1.1 christos esp->es_client.ea_requests++; 1756 1.1 christos if (esp->es_client.ea_maxrequests != 0 && 1757 1.1 christos esp->es_client.ea_requests > esp->es_client.ea_maxrequests) { 1758 1.1 christos info("EAP: received too many Request messages"); 1759 1.1 christos if (esp->es_client.ea_timeout > 0) { 1760 1.1 christos UNTIMEOUT(eap_client_timeout, (void *)esp); 1761 1.1 christos } 1762 1.1 christos auth_withpeer_fail(esp->es_unit, PPP_EAP); 1763 1.1 christos return; 1764 1.1 christos } 1765 1.1 christos 1766 1.1 christos if (len <= 0) { 1767 1.1 christos error("EAP: empty Request message discarded"); 1768 1.1 christos return; 1769 1.1 christos } 1770 1.1 christos 1771 1.1 christos GETCHAR(typenum, inp); 1772 1.1 christos len--; 1773 1.1 christos 1774 1.1 christos switch (typenum) { 1775 1.1 christos case EAPT_IDENTITY: 1776 1.1 christos if (len > 0) 1777 1.1 christos info("EAP: Identity prompt \"%.*q\"", len, inp); 1778 1.1 christos #ifdef USE_SRP 1779 1.1 christos if (esp->es_usepseudo && 1780 1.1 christos (esp->es_usedpseudo == 0 || 1781 1.1 christos (esp->es_usedpseudo == 1 && 1782 1.1 christos id == esp->es_client.ea_id))) { 1783 1.1 christos esp->es_usedpseudo = 1; 1784 1.1 christos /* Try to get a pseudonym */ 1785 1.1 christos if ((fd = open_pn_file(O_RDONLY)) >= 0) { 1786 1.1 christos strcpy(rhostname, SRP_PSEUDO_ID); 1787 1.1 christos len = read(fd, rhostname + SRP_PSEUDO_LEN, 1788 1.1 christos sizeof (rhostname) - SRP_PSEUDO_LEN); 1789 1.1 christos /* XXX NAI unsupported */ 1790 1.1 christos if (len > 0) { 1791 1.1 christos eap_send_response(esp, id, typenum, 1792 1.1 christos rhostname, len + SRP_PSEUDO_LEN); 1793 1.1 christos } 1794 1.1 christos (void) close(fd); 1795 1.1 christos if (len > 0) 1796 1.1 christos break; 1797 1.1 christos } 1798 1.1 christos } 1799 1.1 christos /* Stop using pseudonym now. */ 1800 1.1 christos if (esp->es_usepseudo && esp->es_usedpseudo != 2) { 1801 1.1 christos remove_pn_file(); 1802 1.1 christos esp->es_usedpseudo = 2; 1803 1.1 christos } 1804 1.1 christos #endif /* USE_SRP */ 1805 1.6 christos eap_send_response(esp, id, typenum, (u_char *)esp->es_client.ea_name, 1806 1.1 christos esp->es_client.ea_namelen); 1807 1.1 christos break; 1808 1.1 christos 1809 1.1 christos case EAPT_NOTIFICATION: 1810 1.1 christos if (len > 0) 1811 1.1 christos info("EAP: Notification \"%.*q\"", len, inp); 1812 1.1 christos eap_send_response(esp, id, typenum, NULL, 0); 1813 1.1 christos break; 1814 1.1 christos 1815 1.1 christos case EAPT_NAK: 1816 1.1 christos /* 1817 1.1 christos * Avoid the temptation to send Response Nak in reply 1818 1.1 christos * to Request Nak here. It can only lead to trouble. 1819 1.1 christos */ 1820 1.1 christos warn("EAP: unexpected Nak in Request; ignored"); 1821 1.1 christos /* Return because we're waiting for something real. */ 1822 1.1 christos return; 1823 1.1 christos 1824 1.1 christos case EAPT_MD5CHAP: 1825 1.1 christos if (len < 1) { 1826 1.1 christos error("EAP: received MD5-Challenge with no data"); 1827 1.1 christos /* Bogus request; wait for something real. */ 1828 1.1 christos return; 1829 1.1 christos } 1830 1.1 christos GETCHAR(vallen, inp); 1831 1.1 christos len--; 1832 1.1 christos if (vallen < 8 || vallen > len) { 1833 1.1 christos error("EAP: MD5-Challenge with bad length %d (8..%d)", 1834 1.1 christos vallen, len); 1835 1.1 christos /* Try something better. */ 1836 1.1 christos eap_send_nak(esp, id, EAPT_SRP); 1837 1.1 christos break; 1838 1.1 christos } 1839 1.1 christos 1840 1.1 christos /* Not so likely to happen. */ 1841 1.5 christos if (len - vallen >= sizeof (rhostname)) { 1842 1.1 christos dbglog("EAP: trimming really long peer name down"); 1843 1.1 christos BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1); 1844 1.1 christos rhostname[sizeof (rhostname) - 1] = '\0'; 1845 1.1 christos } else { 1846 1.1 christos BCOPY(inp + vallen, rhostname, len - vallen); 1847 1.1 christos rhostname[len - vallen] = '\0'; 1848 1.1 christos } 1849 1.1 christos 1850 1.1 christos /* In case the remote doesn't give us his name. */ 1851 1.1 christos if (explicit_remote || 1852 1.1 christos (remote_name[0] != '\0' && vallen == len)) 1853 1.1 christos strlcpy(rhostname, remote_name, sizeof (rhostname)); 1854 1.1 christos 1855 1.1 christos /* 1856 1.1 christos * Get the secret for authenticating ourselves with 1857 1.1 christos * the specified host. 1858 1.1 christos */ 1859 1.1 christos if (!get_secret(esp->es_unit, esp->es_client.ea_name, 1860 1.1 christos rhostname, secret, &secret_len, 0)) { 1861 1.1 christos dbglog("EAP: no MD5 secret for auth to %q", rhostname); 1862 1.1 christos eap_send_nak(esp, id, EAPT_SRP); 1863 1.1 christos break; 1864 1.1 christos } 1865 1.2 christos MD5Init(&mdContext); 1866 1.1 christos typenum = id; 1867 1.2 christos MD5Update(&mdContext, &typenum, 1); 1868 1.2 christos MD5Update(&mdContext, secret, secret_len); 1869 1.1 christos BZERO(secret, sizeof (secret)); 1870 1.2 christos MD5Update(&mdContext, inp, vallen); 1871 1.2 christos MD5Final(hash, &mdContext); 1872 1.1 christos eap_chap_response(esp, id, hash, esp->es_client.ea_name, 1873 1.1 christos esp->es_client.ea_namelen); 1874 1.1 christos break; 1875 1.1 christos 1876 1.6 christos #ifdef USE_EAPTLS 1877 1.6 christos case EAPT_TLS: 1878 1.6 christos 1879 1.6 christos switch(esp->es_client.ea_state) { 1880 1.6 christos 1881 1.6 christos case eapListen: 1882 1.6 christos 1883 1.6 christos if (len < 1) { 1884 1.6 christos error("EAP: received EAP-TLS Listen packet with no data"); 1885 1.6 christos /* Bogus request; wait for something real. */ 1886 1.6 christos return; 1887 1.6 christos } 1888 1.6 christos GETCHAR(flags, inp); 1889 1.6 christos if(flags & EAP_TLS_FLAGS_START){ 1890 1.6 christos 1891 1.6 christos esp->es_client.ea_using_eaptls = 1; 1892 1.6 christos 1893 1.6 christos if (explicit_remote){ 1894 1.6 christos esp->es_client.ea_peer = strdup(remote_name); 1895 1.6 christos esp->es_client.ea_peerlen = strlen(remote_name); 1896 1.6 christos } else 1897 1.6 christos esp->es_client.ea_peer = NULL; 1898 1.6 christos 1899 1.6 christos /* Init ssl session */ 1900 1.6 christos if(!eaptls_init_ssl_client(esp)) { 1901 1.6 christos dbglog("cannot init ssl"); 1902 1.6 christos eap_send_nak(esp, id, EAPT_MSCHAPV2); 1903 1.6 christos esp->es_client.ea_using_eaptls = 0; 1904 1.6 christos break; 1905 1.6 christos } 1906 1.6 christos 1907 1.6 christos ets = esp->es_client.ea_session; 1908 1.6 christos eap_tls_response(esp, id); 1909 1.6 christos esp->es_client.ea_state = (ets->frag ? eapTlsRecvAck : eapTlsRecv); 1910 1.6 christos break; 1911 1.6 christos } 1912 1.6 christos 1913 1.6 christos /* The server has sent a bad start packet. */ 1914 1.6 christos eap_send_nak(esp, id, EAPT_MSCHAPV2); 1915 1.6 christos break; 1916 1.6 christos 1917 1.6 christos case eapTlsRecvAck: 1918 1.6 christos eap_tls_response(esp, id); 1919 1.6 christos esp->es_client.ea_state = (ets->frag ? eapTlsRecvAck : eapTlsRecv); 1920 1.6 christos break; 1921 1.6 christos 1922 1.6 christos case eapTlsRecv: 1923 1.6 christos if (len < 1) { 1924 1.6 christos error("EAP: discarding EAP-TLS Receive packet with no data"); 1925 1.6 christos /* Bogus request; wait for something real. */ 1926 1.6 christos return; 1927 1.6 christos } 1928 1.6 christos eaptls_receive(ets, inp, len); 1929 1.6 christos 1930 1.6 christos if(ets->frag) { 1931 1.6 christos eap_tls_sendack(esp, id); 1932 1.6 christos esp->es_client.ea_state = eapTlsRecv; 1933 1.6 christos break; 1934 1.6 christos } 1935 1.6 christos 1936 1.6 christos if(ets->alert_recv) { 1937 1.6 christos eap_tls_sendack(esp, id); 1938 1.6 christos esp->es_client.ea_state = eapTlsRecvFailure; 1939 1.6 christos break; 1940 1.6 christos } 1941 1.6 christos 1942 1.6 christos /* Check if TLS handshake is finished */ 1943 1.6 christos if(eaptls_is_init_finished(ets)) { 1944 1.6 christos #ifdef MPPE 1945 1.6 christos eaptls_gen_mppe_keys(ets, 1); 1946 1.6 christos #endif 1947 1.6 christos eaptls_free_session(ets); 1948 1.6 christos eap_tls_sendack(esp, id); 1949 1.6 christos esp->es_client.ea_state = eapTlsRecvSuccess; 1950 1.6 christos break; 1951 1.6 christos } 1952 1.6 christos 1953 1.6 christos eap_tls_response(esp,id); 1954 1.6 christos esp->es_client.ea_state = (ets->frag ? eapTlsRecvAck : eapTlsRecv); 1955 1.6 christos break; 1956 1.6 christos 1957 1.6 christos default: 1958 1.6 christos eap_send_nak(esp, id, EAPT_MSCHAPV2); 1959 1.6 christos esp->es_client.ea_using_eaptls = 0; 1960 1.6 christos break; 1961 1.6 christos } 1962 1.6 christos 1963 1.6 christos break; 1964 1.6 christos #endif /* USE_EAPTLS */ 1965 1.6 christos 1966 1.1 christos #ifdef USE_SRP 1967 1.1 christos case EAPT_SRP: 1968 1.1 christos if (len < 1) { 1969 1.1 christos error("EAP: received empty SRP Request"); 1970 1.1 christos /* Bogus request; wait for something real. */ 1971 1.1 christos return; 1972 1.1 christos } 1973 1.1 christos 1974 1.1 christos /* Get subtype */ 1975 1.1 christos GETCHAR(vallen, inp); 1976 1.1 christos len--; 1977 1.1 christos switch (vallen) { 1978 1.1 christos case EAPSRP_CHALLENGE: 1979 1.1 christos tc = NULL; 1980 1.1 christos if (esp->es_client.ea_session != NULL) { 1981 1.1 christos tc = (struct t_client *)esp->es_client. 1982 1.1 christos ea_session; 1983 1.1 christos /* 1984 1.1 christos * If this is a new challenge, then start 1985 1.1 christos * over with a new client session context. 1986 1.1 christos * Otherwise, just resend last response. 1987 1.1 christos */ 1988 1.1 christos if (id != esp->es_client.ea_id) { 1989 1.1 christos t_clientclose(tc); 1990 1.1 christos esp->es_client.ea_session = NULL; 1991 1.1 christos tc = NULL; 1992 1.1 christos } 1993 1.1 christos } 1994 1.1 christos /* No session key just yet */ 1995 1.1 christos esp->es_client.ea_skey = NULL; 1996 1.1 christos if (tc == NULL) { 1997 1.1 christos GETCHAR(vallen, inp); 1998 1.1 christos len--; 1999 1.1 christos if (vallen >= len) { 2000 1.1 christos error("EAP: badly-formed SRP Challenge" 2001 1.1 christos " (name)"); 2002 1.1 christos /* Ignore badly-formed messages */ 2003 1.1 christos return; 2004 1.1 christos } 2005 1.1 christos BCOPY(inp, rhostname, vallen); 2006 1.1 christos rhostname[vallen] = '\0'; 2007 1.1 christos INCPTR(vallen, inp); 2008 1.1 christos len -= vallen; 2009 1.1 christos 2010 1.1 christos /* 2011 1.1 christos * In case the remote doesn't give us his name, 2012 1.1 christos * use configured name. 2013 1.1 christos */ 2014 1.1 christos if (explicit_remote || 2015 1.1 christos (remote_name[0] != '\0' && vallen == 0)) { 2016 1.1 christos strlcpy(rhostname, remote_name, 2017 1.1 christos sizeof (rhostname)); 2018 1.1 christos } 2019 1.1 christos 2020 1.1 christos if (esp->es_client.ea_peer != NULL) 2021 1.1 christos free(esp->es_client.ea_peer); 2022 1.1 christos esp->es_client.ea_peer = strdup(rhostname); 2023 1.1 christos esp->es_client.ea_peerlen = strlen(rhostname); 2024 1.1 christos 2025 1.1 christos GETCHAR(vallen, inp); 2026 1.1 christos len--; 2027 1.1 christos if (vallen >= len) { 2028 1.1 christos error("EAP: badly-formed SRP Challenge" 2029 1.1 christos " (s)"); 2030 1.1 christos /* Ignore badly-formed messages */ 2031 1.1 christos return; 2032 1.1 christos } 2033 1.1 christos sval.data = inp; 2034 1.1 christos sval.len = vallen; 2035 1.1 christos INCPTR(vallen, inp); 2036 1.1 christos len -= vallen; 2037 1.1 christos 2038 1.1 christos GETCHAR(vallen, inp); 2039 1.1 christos len--; 2040 1.1 christos if (vallen > len) { 2041 1.1 christos error("EAP: badly-formed SRP Challenge" 2042 1.1 christos " (g)"); 2043 1.1 christos /* Ignore badly-formed messages */ 2044 1.1 christos return; 2045 1.1 christos } 2046 1.1 christos /* If no generator present, then use value 2 */ 2047 1.1 christos if (vallen == 0) { 2048 1.1 christos gval.data = (u_char *)"\002"; 2049 1.1 christos gval.len = 1; 2050 1.1 christos } else { 2051 1.1 christos gval.data = inp; 2052 1.1 christos gval.len = vallen; 2053 1.1 christos } 2054 1.1 christos INCPTR(vallen, inp); 2055 1.1 christos len -= vallen; 2056 1.1 christos 2057 1.1 christos /* 2058 1.1 christos * If no modulus present, then use well-known 2059 1.1 christos * value. 2060 1.1 christos */ 2061 1.1 christos if (len == 0) { 2062 1.1 christos Nval.data = (u_char *)wkmodulus; 2063 1.1 christos Nval.len = sizeof (wkmodulus); 2064 1.1 christos } else { 2065 1.1 christos Nval.data = inp; 2066 1.1 christos Nval.len = len; 2067 1.1 christos } 2068 1.1 christos tc = t_clientopen(esp->es_client.ea_name, 2069 1.1 christos &Nval, &gval, &sval); 2070 1.1 christos if (tc == NULL) { 2071 1.1 christos eap_send_nak(esp, id, EAPT_MD5CHAP); 2072 1.1 christos break; 2073 1.1 christos } 2074 1.1 christos esp->es_client.ea_session = (void *)tc; 2075 1.1 christos 2076 1.1 christos /* Add Challenge ID & type to verifier */ 2077 1.1 christos vals[0] = id; 2078 1.1 christos vals[1] = EAPT_SRP; 2079 1.1 christos t_clientaddexdata(tc, vals, 2); 2080 1.1 christos } 2081 1.1 christos Ap = t_clientgenexp(tc); 2082 1.1 christos eap_srp_response(esp, id, EAPSRP_CKEY, Ap->data, 2083 1.1 christos Ap->len); 2084 1.1 christos break; 2085 1.1 christos 2086 1.1 christos case EAPSRP_SKEY: 2087 1.1 christos tc = (struct t_client *)esp->es_client.ea_session; 2088 1.1 christos if (tc == NULL) { 2089 1.1 christos warn("EAP: peer sent Subtype 2 without 1"); 2090 1.1 christos eap_send_nak(esp, id, EAPT_MD5CHAP); 2091 1.1 christos break; 2092 1.1 christos } 2093 1.1 christos if (esp->es_client.ea_skey != NULL) { 2094 1.1 christos /* 2095 1.1 christos * ID number should not change here. Warn 2096 1.1 christos * if it does (but otherwise ignore). 2097 1.1 christos */ 2098 1.1 christos if (id != esp->es_client.ea_id) { 2099 1.1 christos warn("EAP: ID changed from %d to %d " 2100 1.1 christos "in SRP Subtype 2 rexmit", 2101 1.1 christos esp->es_client.ea_id, id); 2102 1.1 christos } 2103 1.1 christos } else { 2104 1.1 christos if (get_srp_secret(esp->es_unit, 2105 1.1 christos esp->es_client.ea_name, 2106 1.1 christos esp->es_client.ea_peer, secret, 0) == 0) { 2107 1.1 christos /* 2108 1.1 christos * Can't work with this peer because 2109 1.1 christos * the secret is missing. Just give 2110 1.1 christos * up. 2111 1.1 christos */ 2112 1.1 christos eap_send_nak(esp, id, EAPT_MD5CHAP); 2113 1.1 christos break; 2114 1.1 christos } 2115 1.1 christos Bval.data = inp; 2116 1.1 christos Bval.len = len; 2117 1.1 christos t_clientpasswd(tc, secret); 2118 1.1 christos BZERO(secret, sizeof (secret)); 2119 1.1 christos esp->es_client.ea_skey = 2120 1.1 christos t_clientgetkey(tc, &Bval); 2121 1.1 christos if (esp->es_client.ea_skey == NULL) { 2122 1.1 christos /* Server is rogue; stop now */ 2123 1.1 christos error("EAP: SRP server is rogue"); 2124 1.1 christos goto client_failure; 2125 1.1 christos } 2126 1.1 christos } 2127 1.1 christos eap_srpval_response(esp, id, SRPVAL_EBIT, 2128 1.1 christos t_clientresponse(tc)); 2129 1.1 christos break; 2130 1.1 christos 2131 1.1 christos case EAPSRP_SVALIDATOR: 2132 1.1 christos tc = (struct t_client *)esp->es_client.ea_session; 2133 1.1 christos if (tc == NULL || esp->es_client.ea_skey == NULL) { 2134 1.1 christos warn("EAP: peer sent Subtype 3 without 1/2"); 2135 1.1 christos eap_send_nak(esp, id, EAPT_MD5CHAP); 2136 1.1 christos break; 2137 1.1 christos } 2138 1.1 christos /* 2139 1.1 christos * If we're already open, then this ought to be a 2140 1.1 christos * duplicate. Otherwise, check that the server is 2141 1.1 christos * who we think it is. 2142 1.1 christos */ 2143 1.1 christos if (esp->es_client.ea_state == eapOpen) { 2144 1.1 christos if (id != esp->es_client.ea_id) { 2145 1.1 christos warn("EAP: ID changed from %d to %d " 2146 1.1 christos "in SRP Subtype 3 rexmit", 2147 1.1 christos esp->es_client.ea_id, id); 2148 1.1 christos } 2149 1.1 christos } else { 2150 1.1 christos len -= sizeof (u_int32_t) + SHA_DIGESTSIZE; 2151 1.1 christos if (len < 0 || t_clientverify(tc, inp + 2152 1.1 christos sizeof (u_int32_t)) != 0) { 2153 1.1 christos error("EAP: SRP server verification " 2154 1.1 christos "failed"); 2155 1.1 christos goto client_failure; 2156 1.1 christos } 2157 1.1 christos GETLONG(esp->es_client.ea_keyflags, inp); 2158 1.1 christos /* Save pseudonym if user wants it. */ 2159 1.1 christos if (len > 0 && esp->es_usepseudo) { 2160 1.1 christos INCPTR(SHA_DIGESTSIZE, inp); 2161 1.1 christos write_pseudonym(esp, inp, len, id); 2162 1.1 christos } 2163 1.1 christos } 2164 1.1 christos /* 2165 1.1 christos * We've verified our peer. We're now mostly done, 2166 1.1 christos * except for waiting on the regular EAP Success 2167 1.1 christos * message. 2168 1.1 christos */ 2169 1.1 christos eap_srp_response(esp, id, EAPSRP_ACK, NULL, 0); 2170 1.1 christos break; 2171 1.1 christos 2172 1.1 christos case EAPSRP_LWRECHALLENGE: 2173 1.1 christos if (len < 4) { 2174 1.1 christos warn("EAP: malformed Lightweight rechallenge"); 2175 1.1 christos return; 2176 1.1 christos } 2177 1.1 christos SHA1Init(&ctxt); 2178 1.1 christos vals[0] = id; 2179 1.1 christos SHA1Update(&ctxt, vals, 1); 2180 1.1 christos SHA1Update(&ctxt, esp->es_client.ea_skey, 2181 1.1 christos SESSION_KEY_LEN); 2182 1.1 christos SHA1Update(&ctxt, inp, len); 2183 1.1 christos SHA1Update(&ctxt, esp->es_client.ea_name, 2184 1.1 christos esp->es_client.ea_namelen); 2185 1.1 christos SHA1Final(dig, &ctxt); 2186 1.1 christos eap_srp_response(esp, id, EAPSRP_LWRECHALLENGE, dig, 2187 1.1 christos SHA_DIGESTSIZE); 2188 1.1 christos break; 2189 1.1 christos 2190 1.1 christos default: 2191 1.1 christos error("EAP: unknown SRP Subtype %d", vallen); 2192 1.1 christos eap_send_nak(esp, id, EAPT_MD5CHAP); 2193 1.1 christos break; 2194 1.1 christos } 2195 1.1 christos break; 2196 1.1 christos #endif /* USE_SRP */ 2197 1.6 christos 2198 1.6 christos #ifdef CHAPMS 2199 1.6 christos case EAPT_MSCHAPV2: 2200 1.6 christos if (len < 4) { 2201 1.6 christos error("EAP: received invalid MSCHAPv2 packet, too short"); 2202 1.6 christos return; 2203 1.6 christos } 2204 1.6 christos unsigned char opcode; 2205 1.6 christos GETCHAR(opcode, inp); 2206 1.6 christos unsigned char chapid; /* Chapv2-ID */ 2207 1.6 christos GETCHAR(chapid, inp); 2208 1.6 christos short mssize; 2209 1.6 christos GETSHORT(mssize, inp); 2210 1.6 christos 2211 1.6 christos /* Validate the mssize field */ 2212 1.6 christos if (len != mssize) { 2213 1.6 christos error("EAP: received invalid MSCHAPv2 packet, invalid length"); 2214 1.6 christos return; 2215 1.6 christos } 2216 1.6 christos len -= 4; 2217 1.6 christos 2218 1.6 christos /* If MSCHAPv2 digest was not found, NAK the packet */ 2219 1.6 christos if (!esp->es_client.digest) { 2220 1.6 christos error("EAP MSCHAPv2 not supported"); 2221 1.6 christos eap_send_nak(esp, id, EAPT_SRP); 2222 1.6 christos return; 2223 1.6 christos } 2224 1.6 christos 2225 1.6 christos switch (opcode) { 2226 1.6 christos case CHAP_CHALLENGE: { 2227 1.6 christos 2228 1.6 christos /* make_response() expects: VLEN + VALUE */ 2229 1.6 christos u_char *challenge = inp; 2230 1.6 christos 2231 1.6 christos unsigned char vsize; 2232 1.6 christos GETCHAR(vsize, inp); 2233 1.6 christos len -= 1; 2234 1.6 christos 2235 1.6 christos /* Validate the VALUE field */ 2236 1.6 christos if (vsize != MS_CHAP2_PEER_CHAL_LEN || len < MS_CHAP2_PEER_CHAL_LEN) { 2237 1.6 christos error("EAP: received invalid MSCHAPv2 packet, invalid value-length: %d", vsize); 2238 1.6 christos return; 2239 1.6 christos } 2240 1.6 christos 2241 1.6 christos /* Increment past the VALUE field */ 2242 1.6 christos INCPTR(MS_CHAP2_PEER_CHAL_LEN, inp); 2243 1.6 christos len -= MS_CHAP2_PEER_CHAL_LEN; 2244 1.6 christos 2245 1.6 christos /* Extract the hostname */ 2246 1.6 christos rhostname[0] = '\0'; 2247 1.6 christos if (len > 0) { 2248 1.6 christos if (len >= sizeof (rhostname)) { 2249 1.6 christos dbglog("EAP: trimming really long peer name down"); 2250 1.6 christos len = sizeof(rhostname) - 1; 2251 1.6 christos } 2252 1.6 christos BCOPY(inp, rhostname, len); 2253 1.6 christos rhostname[len] = '\0'; 2254 1.6 christos } 2255 1.6 christos 2256 1.6 christos /* In case the remote doesn't give us his name. */ 2257 1.6 christos if (explicit_remote || (remote_name[0] != '\0' && len == 0)) 2258 1.6 christos strlcpy(rhostname, remote_name, sizeof(rhostname)); 2259 1.6 christos 2260 1.6 christos /* Get the secret for authenticating ourselves with the specified host. */ 2261 1.6 christos if (!get_secret(esp->es_unit, esp->es_client.ea_name, 2262 1.6 christos rhostname, secret, &secret_len, 0)) { 2263 1.6 christos dbglog("EAP: no CHAP secret for auth to %q", rhostname); 2264 1.6 christos eap_send_nak(esp, id, EAPT_SRP); 2265 1.6 christos break; 2266 1.6 christos } 2267 1.6 christos 2268 1.6 christos /* Create the MSCHAPv2 response (and add to cache) */ 2269 1.6 christos unsigned char response[MS_CHAP2_RESPONSE_LEN+1]; // VLEN + VALUE 2270 1.6 christos esp->es_client.digest->make_response(response, chapid, esp->es_client.ea_name, 2271 1.6 christos challenge, secret, secret_len, NULL); 2272 1.6 christos 2273 1.6 christos eap_chapv2_response(esp, id, chapid, response, esp->es_client.ea_name, esp->es_client.ea_namelen); 2274 1.6 christos break; 2275 1.6 christos } 2276 1.6 christos case CHAP_SUCCESS: { 2277 1.6 christos 2278 1.6 christos /* Check response for mutual authentication */ 2279 1.6 christos u_char status = CHAP_FAILURE; 2280 1.6 christos if (esp->es_client.digest->check_success(chapid, inp, len) == 1) { 2281 1.6 christos info("Chap authentication succeeded! %.*v", len, inp); 2282 1.6 christos status = CHAP_SUCCESS; 2283 1.6 christos } 2284 1.6 christos eap_send_response(esp, id, EAPT_MSCHAPV2, &status, sizeof(status)); 2285 1.6 christos break; 2286 1.6 christos } 2287 1.6 christos case CHAP_FAILURE: { 2288 1.6 christos 2289 1.6 christos /* Process the failure string, and log appropriate information */ 2290 1.6 christos esp->es_client.digest->handle_failure(inp, len); 2291 1.6 christos 2292 1.6 christos u_char status = CHAP_FAILURE; 2293 1.6 christos eap_send_response(esp, id, EAPT_MSCHAPV2, &status, sizeof(status)); 2294 1.6 christos goto client_failure; /* force termination */ 2295 1.6 christos } 2296 1.6 christos default: 2297 1.6 christos 2298 1.6 christos error("EAP: received invalid MSCHAPv2 packet, invalid or unsupported opcode: %d", opcode); 2299 1.6 christos eap_send_nak(esp, id, EAPT_SRP); 2300 1.6 christos } 2301 1.6 christos 2302 1.6 christos break; 2303 1.6 christos #endif /* CHAPMS */ 2304 1.1 christos 2305 1.1 christos default: 2306 1.1 christos info("EAP: unknown authentication type %d; Naking", typenum); 2307 1.1 christos eap_send_nak(esp, id, EAPT_SRP); 2308 1.1 christos break; 2309 1.1 christos } 2310 1.1 christos 2311 1.1 christos if (esp->es_client.ea_timeout > 0) { 2312 1.1 christos UNTIMEOUT(eap_client_timeout, (void *)esp); 2313 1.1 christos TIMEOUT(eap_client_timeout, (void *)esp, 2314 1.1 christos esp->es_client.ea_timeout); 2315 1.1 christos } 2316 1.1 christos return; 2317 1.1 christos 2318 1.1 christos client_failure: 2319 1.1 christos esp->es_client.ea_state = eapBadAuth; 2320 1.1 christos if (esp->es_client.ea_timeout > 0) { 2321 1.1 christos UNTIMEOUT(eap_client_timeout, (void *)esp); 2322 1.1 christos } 2323 1.1 christos esp->es_client.ea_session = NULL; 2324 1.6 christos #ifdef USE_SRP 2325 1.1 christos t_clientclose(tc); 2326 1.1 christos auth_withpeer_fail(esp->es_unit, PPP_EAP); 2327 1.1 christos #endif /* USE_SRP */ 2328 1.1 christos } 2329 1.1 christos 2330 1.1 christos /* 2331 1.1 christos * eap_response - Receive EAP Response message (server mode). 2332 1.1 christos */ 2333 1.1 christos static void 2334 1.6 christos eap_response(eap_state *esp, u_char *inp, int id, int len) 2335 1.1 christos { 2336 1.1 christos u_char typenum; 2337 1.1 christos u_char vallen; 2338 1.1 christos int secret_len; 2339 1.1 christos char secret[MAXSECRETLEN]; 2340 1.1 christos char rhostname[256]; 2341 1.1 christos MD5_CTX mdContext; 2342 1.1 christos u_char hash[MD5_SIGNATURE_SIZE]; 2343 1.1 christos #ifdef USE_SRP 2344 1.1 christos struct t_server *ts; 2345 1.1 christos struct t_num A; 2346 1.1 christos SHA1_CTX ctxt; 2347 1.1 christos u_char dig[SHA_DIGESTSIZE]; 2348 1.6 christos SHA1_CTX ctxt; 2349 1.6 christos u_char dig[SHA_DIGESTSIZE]; 2350 1.1 christos #endif /* USE_SRP */ 2351 1.1 christos 2352 1.6 christos #ifdef USE_EAPTLS 2353 1.6 christos struct eaptls_session *ets; 2354 1.6 christos u_char flags; 2355 1.6 christos #endif /* USE_EAPTLS */ 2356 1.6 christos #ifdef CHAPMS 2357 1.6 christos u_char opcode; 2358 1.6 christos int (*chap_verifier)(char *, char *, int, struct chap_digest_type *, 2359 1.6 christos unsigned char *, unsigned char *, char *, int); 2360 1.6 christos char response_message[256]; 2361 1.6 christos #endif /* CHAPMS */ 2362 1.6 christos 2363 1.6 christos /* 2364 1.6 christos * Ignore responses if we're not open 2365 1.6 christos */ 2366 1.6 christos if (esp->es_server.ea_state <= eapClosed) 2367 1.6 christos return; 2368 1.6 christos 2369 1.1 christos if (esp->es_server.ea_id != id) { 2370 1.1 christos dbglog("EAP: discarding Response %d; expected ID %d", id, 2371 1.1 christos esp->es_server.ea_id); 2372 1.1 christos return; 2373 1.1 christos } 2374 1.1 christos 2375 1.1 christos esp->es_server.ea_responses++; 2376 1.1 christos 2377 1.1 christos if (len <= 0) { 2378 1.1 christos error("EAP: empty Response message discarded"); 2379 1.1 christos return; 2380 1.1 christos } 2381 1.1 christos 2382 1.1 christos GETCHAR(typenum, inp); 2383 1.1 christos len--; 2384 1.1 christos 2385 1.1 christos switch (typenum) { 2386 1.1 christos case EAPT_IDENTITY: 2387 1.1 christos if (esp->es_server.ea_state != eapIdentify) { 2388 1.1 christos dbglog("EAP discarding unwanted Identify \"%.q\"", len, 2389 1.1 christos inp); 2390 1.1 christos break; 2391 1.1 christos } 2392 1.1 christos info("EAP: unauthenticated peer name \"%.*q\"", len, inp); 2393 1.1 christos if (esp->es_server.ea_peer != NULL && 2394 1.1 christos esp->es_server.ea_peer != remote_name) 2395 1.1 christos free(esp->es_server.ea_peer); 2396 1.1 christos esp->es_server.ea_peer = malloc(len + 1); 2397 1.1 christos if (esp->es_server.ea_peer == NULL) { 2398 1.1 christos esp->es_server.ea_peerlen = 0; 2399 1.1 christos eap_figure_next_state(esp, 1); 2400 1.1 christos break; 2401 1.1 christos } 2402 1.1 christos BCOPY(inp, esp->es_server.ea_peer, len); 2403 1.1 christos esp->es_server.ea_peer[len] = '\0'; 2404 1.1 christos esp->es_server.ea_peerlen = len; 2405 1.1 christos eap_figure_next_state(esp, 0); 2406 1.1 christos break; 2407 1.1 christos 2408 1.6 christos #ifdef USE_EAPTLS 2409 1.6 christos case EAPT_TLS: 2410 1.6 christos switch(esp->es_server.ea_state) { 2411 1.6 christos 2412 1.6 christos case eapTlsRecv: 2413 1.6 christos 2414 1.6 christos ets = (struct eaptls_session *) esp->es_server.ea_session; 2415 1.6 christos 2416 1.6 christos eap_figure_next_state(esp, 2417 1.6 christos eaptls_receive(esp->es_server.ea_session, inp, len)); 2418 1.6 christos 2419 1.6 christos if(ets->alert_recv) { 2420 1.6 christos eap_send_failure(esp); 2421 1.6 christos break; 2422 1.6 christos } 2423 1.6 christos break; 2424 1.6 christos 2425 1.6 christos case eapTlsRecvAck: 2426 1.6 christos if(len > 1) { 2427 1.6 christos dbglog("EAP-TLS ACK with extra data"); 2428 1.6 christos } 2429 1.6 christos eap_figure_next_state(esp, 0); 2430 1.6 christos break; 2431 1.6 christos 2432 1.6 christos case eapTlsRecvClient: 2433 1.6 christos /* Receive authentication response from client */ 2434 1.6 christos if (len > 0) { 2435 1.6 christos GETCHAR(flags, inp); 2436 1.6 christos 2437 1.6 christos if(len == 1 && !flags) { /* Ack = ok */ 2438 1.6 christos #ifdef MPPE 2439 1.6 christos eaptls_gen_mppe_keys( esp->es_server.ea_session, 0 ); 2440 1.6 christos #endif 2441 1.6 christos eap_send_success(esp); 2442 1.6 christos } 2443 1.6 christos else { /* failure */ 2444 1.6 christos warn("Server authentication failed"); 2445 1.6 christos eap_send_failure(esp); 2446 1.6 christos } 2447 1.6 christos } 2448 1.6 christos else 2449 1.6 christos warn("Bogus EAP-TLS packet received from client"); 2450 1.6 christos 2451 1.6 christos eaptls_free_session(esp->es_server.ea_session); 2452 1.6 christos 2453 1.6 christos break; 2454 1.6 christos 2455 1.6 christos case eapTlsRecvAlertAck: 2456 1.6 christos eap_send_failure(esp); 2457 1.6 christos break; 2458 1.6 christos 2459 1.6 christos default: 2460 1.6 christos eap_figure_next_state(esp, 1); 2461 1.6 christos break; 2462 1.6 christos } 2463 1.6 christos break; 2464 1.6 christos #endif /* USE_EAPTLS */ 2465 1.6 christos 2466 1.1 christos case EAPT_NOTIFICATION: 2467 1.1 christos dbglog("EAP unexpected Notification; response discarded"); 2468 1.1 christos break; 2469 1.1 christos 2470 1.1 christos case EAPT_NAK: 2471 1.1 christos if (len < 1) { 2472 1.1 christos info("EAP: Nak Response with no suggested protocol"); 2473 1.1 christos eap_figure_next_state(esp, 1); 2474 1.1 christos break; 2475 1.1 christos } 2476 1.1 christos 2477 1.1 christos GETCHAR(vallen, inp); 2478 1.1 christos len--; 2479 1.1 christos 2480 1.1 christos if (!explicit_remote && esp->es_server.ea_state == eapIdentify){ 2481 1.1 christos /* Peer cannot Nak Identify Request */ 2482 1.1 christos eap_figure_next_state(esp, 1); 2483 1.1 christos break; 2484 1.1 christos } 2485 1.1 christos 2486 1.1 christos switch (vallen) { 2487 1.1 christos case EAPT_SRP: 2488 1.1 christos /* Run through SRP validator selection again. */ 2489 1.1 christos esp->es_server.ea_state = eapIdentify; 2490 1.1 christos eap_figure_next_state(esp, 0); 2491 1.1 christos break; 2492 1.1 christos 2493 1.1 christos case EAPT_MD5CHAP: 2494 1.1 christos esp->es_server.ea_state = eapMD5Chall; 2495 1.1 christos break; 2496 1.1 christos 2497 1.6 christos #ifdef USE_EAPTLS 2498 1.6 christos /* Send EAP-TLS start packet */ 2499 1.6 christos case EAPT_TLS: 2500 1.6 christos esp->es_server.ea_state = eapTlsStart; 2501 1.6 christos break; 2502 1.6 christos #endif /* USE_EAPTLS */ 2503 1.6 christos 2504 1.6 christos #ifdef CHAPMS 2505 1.6 christos case EAPT_MSCHAPV2: 2506 1.6 christos info("EAP: peer proposes MSCHAPv2"); 2507 1.6 christos esp->es_server.ea_state = eapMSCHAPv2Chall; 2508 1.6 christos break; 2509 1.6 christos #endif /* CHAPMS */ 2510 1.6 christos 2511 1.1 christos default: 2512 1.1 christos dbglog("EAP: peer requesting unknown Type %d", vallen); 2513 1.1 christos switch (esp->es_server.ea_state) { 2514 1.1 christos case eapSRP1: 2515 1.1 christos case eapSRP2: 2516 1.1 christos case eapSRP3: 2517 1.1 christos esp->es_server.ea_state = eapMD5Chall; 2518 1.1 christos break; 2519 1.1 christos case eapMD5Chall: 2520 1.1 christos case eapSRP4: 2521 1.1 christos esp->es_server.ea_state = eapIdentify; 2522 1.1 christos eap_figure_next_state(esp, 0); 2523 1.1 christos break; 2524 1.1 christos default: 2525 1.1 christos break; 2526 1.1 christos } 2527 1.1 christos break; 2528 1.1 christos } 2529 1.1 christos break; 2530 1.1 christos 2531 1.1 christos case EAPT_MD5CHAP: 2532 1.1 christos if (esp->es_server.ea_state != eapMD5Chall) { 2533 1.1 christos error("EAP: unexpected MD5-Response"); 2534 1.1 christos eap_figure_next_state(esp, 1); 2535 1.1 christos break; 2536 1.1 christos } 2537 1.1 christos if (len < 1) { 2538 1.1 christos error("EAP: received MD5-Response with no data"); 2539 1.1 christos eap_figure_next_state(esp, 1); 2540 1.1 christos break; 2541 1.1 christos } 2542 1.1 christos GETCHAR(vallen, inp); 2543 1.1 christos len--; 2544 1.1 christos if (vallen != 16 || vallen > len) { 2545 1.1 christos error("EAP: MD5-Response with bad length %d", vallen); 2546 1.1 christos eap_figure_next_state(esp, 1); 2547 1.1 christos break; 2548 1.1 christos } 2549 1.1 christos 2550 1.1 christos /* Not so likely to happen. */ 2551 1.5 christos if (len - vallen >= sizeof (rhostname)) { 2552 1.1 christos dbglog("EAP: trimming really long peer name down"); 2553 1.1 christos BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1); 2554 1.1 christos rhostname[sizeof (rhostname) - 1] = '\0'; 2555 1.1 christos } else { 2556 1.1 christos BCOPY(inp + vallen, rhostname, len - vallen); 2557 1.1 christos rhostname[len - vallen] = '\0'; 2558 1.1 christos } 2559 1.1 christos 2560 1.1 christos /* In case the remote doesn't give us his name. */ 2561 1.1 christos if (explicit_remote || 2562 1.1 christos (remote_name[0] != '\0' && vallen == len)) 2563 1.1 christos strlcpy(rhostname, remote_name, sizeof (rhostname)); 2564 1.1 christos 2565 1.1 christos /* 2566 1.1 christos * Get the secret for authenticating the specified 2567 1.1 christos * host. 2568 1.1 christos */ 2569 1.1 christos if (!get_secret(esp->es_unit, rhostname, 2570 1.1 christos esp->es_server.ea_name, secret, &secret_len, 1)) { 2571 1.1 christos dbglog("EAP: no MD5 secret for auth of %q", rhostname); 2572 1.1 christos eap_send_failure(esp); 2573 1.1 christos break; 2574 1.1 christos } 2575 1.2 christos MD5Init(&mdContext); 2576 1.2 christos MD5Update(&mdContext, &esp->es_server.ea_id, 1); 2577 1.2 christos MD5Update(&mdContext, secret, secret_len); 2578 1.1 christos BZERO(secret, sizeof (secret)); 2579 1.2 christos MD5Update(&mdContext, esp->es_challenge, esp->es_challen); 2580 1.2 christos MD5Final(hash, &mdContext); 2581 1.1 christos if (BCMP(hash, inp, MD5_SIGNATURE_SIZE) != 0) { 2582 1.1 christos eap_send_failure(esp); 2583 1.1 christos break; 2584 1.1 christos } 2585 1.1 christos esp->es_server.ea_type = EAPT_MD5CHAP; 2586 1.1 christos eap_send_success(esp); 2587 1.1 christos eap_figure_next_state(esp, 0); 2588 1.1 christos if (esp->es_rechallenge != 0) 2589 1.1 christos TIMEOUT(eap_rechallenge, esp, esp->es_rechallenge); 2590 1.1 christos break; 2591 1.1 christos 2592 1.6 christos #ifdef CHAPMS 2593 1.6 christos case EAPT_MSCHAPV2: 2594 1.6 christos if (len < 1) { 2595 1.6 christos error("EAP: received MSCHAPv2 with no data"); 2596 1.6 christos eap_figure_next_state(esp, 1); 2597 1.6 christos break; 2598 1.6 christos } 2599 1.6 christos GETCHAR(opcode, inp); 2600 1.6 christos len--; 2601 1.6 christos 2602 1.6 christos switch (opcode) { 2603 1.6 christos case CHAP_RESPONSE: 2604 1.6 christos if (esp->es_server.ea_state != eapMSCHAPv2Chall) { 2605 1.6 christos error("EAP: unexpected MSCHAPv2-Response"); 2606 1.6 christos eap_figure_next_state(esp, 1); 2607 1.6 christos break; 2608 1.6 christos } 2609 1.6 christos /* skip MS ID + len */ 2610 1.6 christos INCPTR(3, inp); 2611 1.6 christos GETCHAR(vallen, inp); 2612 1.6 christos len -= 4; 2613 1.6 christos 2614 1.6 christos if (vallen != MS_CHAP2_RESPONSE_LEN || vallen > len) { 2615 1.6 christos error("EAP: Invalid MSCHAPv2-Response " 2616 1.6 christos "length %d", vallen); 2617 1.6 christos eap_figure_next_state(esp, 1); 2618 1.6 christos break; 2619 1.6 christos } 2620 1.6 christos 2621 1.6 christos /* Not so likely to happen. */ 2622 1.6 christos if (len - vallen >= sizeof (rhostname)) { 2623 1.6 christos dbglog("EAP: trimming really long peer name down"); 2624 1.6 christos BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1); 2625 1.6 christos rhostname[sizeof (rhostname) - 1] = '\0'; 2626 1.6 christos } else { 2627 1.6 christos BCOPY(inp + vallen, rhostname, len - vallen); 2628 1.6 christos rhostname[len - vallen] = '\0'; 2629 1.6 christos } 2630 1.6 christos 2631 1.6 christos /* In case the remote doesn't give us his name. */ 2632 1.6 christos if (explicit_remote || 2633 1.6 christos (remote_name[0] != '\0' && vallen == len)) 2634 1.6 christos strlcpy(rhostname, remote_name, sizeof (rhostname)); 2635 1.6 christos 2636 1.6 christos if (chap_verify_hook) 2637 1.6 christos chap_verifier = chap_verify_hook; 2638 1.6 christos else 2639 1.6 christos chap_verifier = eap_chap_verify_response; 2640 1.6 christos 2641 1.6 christos esp->es_server.ea_id += 1; 2642 1.6 christos if ((*chap_verifier)(rhostname, 2643 1.6 christos esp->es_server.ea_name, 2644 1.6 christos id, 2645 1.6 christos &eap_chapms2_digest, 2646 1.6 christos esp->es_challenge, 2647 1.6 christos inp - 1, 2648 1.6 christos response_message, 2649 1.6 christos sizeof(response_message))) 2650 1.6 christos { 2651 1.6 christos info("EAP: MSCHAPv2 success for peer %q", 2652 1.6 christos rhostname); 2653 1.6 christos esp->es_server.ea_type = EAPT_MSCHAPV2; 2654 1.6 christos eap_chapms2_send_request(esp, 2655 1.6 christos esp->es_server.ea_id, 2656 1.6 christos CHAP_SUCCESS, 2657 1.6 christos esp->es_server.ea_id, 2658 1.6 christos response_message, 2659 1.6 christos strlen(response_message)); 2660 1.6 christos eap_figure_next_state(esp, 0); 2661 1.6 christos if (esp->es_rechallenge != 0) 2662 1.6 christos TIMEOUT(eap_rechallenge, esp, esp->es_rechallenge); 2663 1.6 christos } 2664 1.6 christos else { 2665 1.6 christos warn("EAP: MSCHAPv2 failure for peer %q", 2666 1.6 christos rhostname); 2667 1.6 christos eap_chapms2_send_request(esp, 2668 1.6 christos esp->es_server.ea_id, 2669 1.6 christos CHAP_FAILURE, 2670 1.6 christos esp->es_server.ea_id, 2671 1.6 christos response_message, 2672 1.6 christos strlen(response_message)); 2673 1.6 christos } 2674 1.6 christos break; 2675 1.6 christos case CHAP_SUCCESS: 2676 1.6 christos info("EAP: MSCHAPv2 success confirmed"); 2677 1.6 christos break; 2678 1.6 christos case CHAP_FAILURE: 2679 1.6 christos info("EAP: MSCHAPv2 failure confirmed"); 2680 1.6 christos break; 2681 1.6 christos default: 2682 1.6 christos error("EAP: Unhandled MSCHAPv2 opcode %d", opcode); 2683 1.6 christos eap_send_nak(esp, id, EAPT_SRP); 2684 1.6 christos } 2685 1.6 christos 2686 1.6 christos break; 2687 1.6 christos #endif /* CHAPMS */ 2688 1.6 christos 2689 1.1 christos #ifdef USE_SRP 2690 1.1 christos case EAPT_SRP: 2691 1.1 christos if (len < 1) { 2692 1.1 christos error("EAP: empty SRP Response"); 2693 1.1 christos eap_figure_next_state(esp, 1); 2694 1.1 christos break; 2695 1.1 christos } 2696 1.1 christos GETCHAR(typenum, inp); 2697 1.1 christos len--; 2698 1.1 christos switch (typenum) { 2699 1.1 christos case EAPSRP_CKEY: 2700 1.1 christos if (esp->es_server.ea_state != eapSRP1) { 2701 1.1 christos error("EAP: unexpected SRP Subtype 1 Response"); 2702 1.1 christos eap_figure_next_state(esp, 1); 2703 1.1 christos break; 2704 1.1 christos } 2705 1.1 christos A.data = inp; 2706 1.1 christos A.len = len; 2707 1.1 christos ts = (struct t_server *)esp->es_server.ea_session; 2708 1.1 christos assert(ts != NULL); 2709 1.1 christos esp->es_server.ea_skey = t_servergetkey(ts, &A); 2710 1.1 christos if (esp->es_server.ea_skey == NULL) { 2711 1.1 christos /* Client's A value is bogus; terminate now */ 2712 1.1 christos error("EAP: bogus A value from client"); 2713 1.1 christos eap_send_failure(esp); 2714 1.1 christos } else { 2715 1.1 christos eap_figure_next_state(esp, 0); 2716 1.1 christos } 2717 1.1 christos break; 2718 1.1 christos 2719 1.1 christos case EAPSRP_CVALIDATOR: 2720 1.1 christos if (esp->es_server.ea_state != eapSRP2) { 2721 1.1 christos error("EAP: unexpected SRP Subtype 2 Response"); 2722 1.1 christos eap_figure_next_state(esp, 1); 2723 1.1 christos break; 2724 1.1 christos } 2725 1.1 christos if (len < sizeof (u_int32_t) + SHA_DIGESTSIZE) { 2726 1.1 christos error("EAP: M1 length %d < %d", len, 2727 1.1 christos sizeof (u_int32_t) + SHA_DIGESTSIZE); 2728 1.1 christos eap_figure_next_state(esp, 1); 2729 1.1 christos break; 2730 1.1 christos } 2731 1.1 christos GETLONG(esp->es_server.ea_keyflags, inp); 2732 1.1 christos ts = (struct t_server *)esp->es_server.ea_session; 2733 1.1 christos assert(ts != NULL); 2734 1.1 christos if (t_serververify(ts, inp)) { 2735 1.1 christos info("EAP: unable to validate client identity"); 2736 1.1 christos eap_send_failure(esp); 2737 1.1 christos break; 2738 1.1 christos } 2739 1.1 christos eap_figure_next_state(esp, 0); 2740 1.1 christos break; 2741 1.1 christos 2742 1.1 christos case EAPSRP_ACK: 2743 1.1 christos if (esp->es_server.ea_state != eapSRP3) { 2744 1.1 christos error("EAP: unexpected SRP Subtype 3 Response"); 2745 1.1 christos eap_send_failure(esp); 2746 1.1 christos break; 2747 1.1 christos } 2748 1.1 christos esp->es_server.ea_type = EAPT_SRP; 2749 1.1 christos eap_send_success(esp); 2750 1.1 christos eap_figure_next_state(esp, 0); 2751 1.1 christos if (esp->es_rechallenge != 0) 2752 1.1 christos TIMEOUT(eap_rechallenge, esp, 2753 1.1 christos esp->es_rechallenge); 2754 1.1 christos if (esp->es_lwrechallenge != 0) 2755 1.1 christos TIMEOUT(srp_lwrechallenge, esp, 2756 1.1 christos esp->es_lwrechallenge); 2757 1.1 christos break; 2758 1.1 christos 2759 1.1 christos case EAPSRP_LWRECHALLENGE: 2760 1.1 christos if (esp->es_server.ea_state != eapSRP4) { 2761 1.1 christos info("EAP: unexpected SRP Subtype 4 Response"); 2762 1.1 christos return; 2763 1.1 christos } 2764 1.1 christos if (len != SHA_DIGESTSIZE) { 2765 1.1 christos error("EAP: bad Lightweight rechallenge " 2766 1.1 christos "response"); 2767 1.1 christos return; 2768 1.1 christos } 2769 1.1 christos SHA1Init(&ctxt); 2770 1.1 christos vallen = id; 2771 1.1 christos SHA1Update(&ctxt, &vallen, 1); 2772 1.1 christos SHA1Update(&ctxt, esp->es_server.ea_skey, 2773 1.1 christos SESSION_KEY_LEN); 2774 1.1 christos SHA1Update(&ctxt, esp->es_challenge, esp->es_challen); 2775 1.1 christos SHA1Update(&ctxt, esp->es_server.ea_peer, 2776 1.1 christos esp->es_server.ea_peerlen); 2777 1.1 christos SHA1Final(dig, &ctxt); 2778 1.1 christos if (BCMP(dig, inp, SHA_DIGESTSIZE) != 0) { 2779 1.1 christos error("EAP: failed Lightweight rechallenge"); 2780 1.1 christos eap_send_failure(esp); 2781 1.1 christos break; 2782 1.1 christos } 2783 1.1 christos esp->es_server.ea_state = eapOpen; 2784 1.1 christos if (esp->es_lwrechallenge != 0) 2785 1.1 christos TIMEOUT(srp_lwrechallenge, esp, 2786 1.1 christos esp->es_lwrechallenge); 2787 1.1 christos break; 2788 1.1 christos } 2789 1.1 christos break; 2790 1.1 christos #endif /* USE_SRP */ 2791 1.1 christos 2792 1.1 christos default: 2793 1.1 christos /* This can't happen. */ 2794 1.1 christos error("EAP: unknown Response type %d; ignored", typenum); 2795 1.1 christos return; 2796 1.1 christos } 2797 1.1 christos 2798 1.1 christos if (esp->es_server.ea_timeout > 0) { 2799 1.1 christos UNTIMEOUT(eap_server_timeout, (void *)esp); 2800 1.1 christos } 2801 1.1 christos 2802 1.1 christos if (esp->es_server.ea_state != eapBadAuth && 2803 1.1 christos esp->es_server.ea_state != eapOpen) { 2804 1.1 christos esp->es_server.ea_id++; 2805 1.1 christos eap_send_request(esp); 2806 1.1 christos } 2807 1.1 christos } 2808 1.1 christos 2809 1.1 christos /* 2810 1.1 christos * eap_success - Receive EAP Success message (client mode). 2811 1.1 christos */ 2812 1.1 christos static void 2813 1.6 christos eap_success(eap_state *esp, u_char *inp, int id, int len) 2814 1.1 christos { 2815 1.6 christos if (esp->es_client.ea_state != eapOpen && !eap_client_active(esp) 2816 1.6 christos #ifdef USE_EAPTLS 2817 1.6 christos && esp->es_client.ea_state != eapTlsRecvSuccess 2818 1.6 christos #endif /* USE_EAPTLS */ 2819 1.6 christos ) { 2820 1.1 christos dbglog("EAP unexpected success message in state %s (%d)", 2821 1.1 christos eap_state_name(esp->es_client.ea_state), 2822 1.1 christos esp->es_client.ea_state); 2823 1.1 christos return; 2824 1.1 christos } 2825 1.1 christos 2826 1.6 christos #ifdef USE_EAPTLS 2827 1.6 christos if(esp->es_client.ea_using_eaptls && esp->es_client.ea_state != 2828 1.6 christos eapTlsRecvSuccess) { 2829 1.6 christos dbglog("EAP-TLS unexpected success message in state %s (%d)", 2830 1.6 christos eap_state_name(esp->es_client.ea_state), 2831 1.6 christos esp->es_client.ea_state); 2832 1.6 christos return; 2833 1.6 christos } 2834 1.6 christos #endif /* USE_EAPTLS */ 2835 1.6 christos 2836 1.1 christos if (esp->es_client.ea_timeout > 0) { 2837 1.1 christos UNTIMEOUT(eap_client_timeout, (void *)esp); 2838 1.1 christos } 2839 1.1 christos 2840 1.1 christos if (len > 0) { 2841 1.1 christos /* This is odd. The spec doesn't allow for this. */ 2842 1.1 christos PRINTMSG(inp, len); 2843 1.1 christos } 2844 1.1 christos 2845 1.1 christos esp->es_client.ea_state = eapOpen; 2846 1.1 christos auth_withpeer_success(esp->es_unit, PPP_EAP, 0); 2847 1.1 christos } 2848 1.1 christos 2849 1.1 christos /* 2850 1.1 christos * eap_failure - Receive EAP Failure message (client mode). 2851 1.1 christos */ 2852 1.1 christos static void 2853 1.6 christos eap_failure(eap_state *esp, u_char *inp, int id, int len) 2854 1.1 christos { 2855 1.6 christos /* 2856 1.6 christos * Ignore failure messages if we're not open 2857 1.6 christos */ 2858 1.6 christos if (esp->es_client.ea_state <= eapClosed) 2859 1.6 christos return; 2860 1.6 christos 2861 1.1 christos if (!eap_client_active(esp)) { 2862 1.1 christos dbglog("EAP unexpected failure message in state %s (%d)", 2863 1.1 christos eap_state_name(esp->es_client.ea_state), 2864 1.1 christos esp->es_client.ea_state); 2865 1.1 christos } 2866 1.1 christos 2867 1.1 christos if (esp->es_client.ea_timeout > 0) { 2868 1.1 christos UNTIMEOUT(eap_client_timeout, (void *)esp); 2869 1.1 christos } 2870 1.1 christos 2871 1.1 christos if (len > 0) { 2872 1.1 christos /* This is odd. The spec doesn't allow for this. */ 2873 1.1 christos PRINTMSG(inp, len); 2874 1.1 christos } 2875 1.1 christos 2876 1.1 christos esp->es_client.ea_state = eapBadAuth; 2877 1.1 christos 2878 1.1 christos error("EAP: peer reports authentication failure"); 2879 1.1 christos auth_withpeer_fail(esp->es_unit, PPP_EAP); 2880 1.1 christos } 2881 1.1 christos 2882 1.1 christos /* 2883 1.1 christos * eap_input - Handle received EAP message. 2884 1.1 christos */ 2885 1.1 christos static void 2886 1.6 christos eap_input(int unit, u_char *inp, int inlen) 2887 1.1 christos { 2888 1.1 christos eap_state *esp = &eap_states[unit]; 2889 1.1 christos u_char code, id; 2890 1.1 christos int len; 2891 1.1 christos 2892 1.1 christos /* 2893 1.1 christos * Parse header (code, id and length). If packet too short, 2894 1.1 christos * drop it. 2895 1.1 christos */ 2896 1.1 christos if (inlen < EAP_HEADERLEN) { 2897 1.1 christos error("EAP: packet too short: %d < %d", inlen, EAP_HEADERLEN); 2898 1.1 christos return; 2899 1.1 christos } 2900 1.1 christos GETCHAR(code, inp); 2901 1.1 christos GETCHAR(id, inp); 2902 1.1 christos GETSHORT(len, inp); 2903 1.1 christos if (len < EAP_HEADERLEN || len > inlen) { 2904 1.1 christos error("EAP: packet has illegal length field %d (%d..%d)", len, 2905 1.1 christos EAP_HEADERLEN, inlen); 2906 1.1 christos return; 2907 1.1 christos } 2908 1.1 christos len -= EAP_HEADERLEN; 2909 1.1 christos 2910 1.1 christos /* Dispatch based on message code */ 2911 1.1 christos switch (code) { 2912 1.1 christos case EAP_REQUEST: 2913 1.1 christos eap_request(esp, inp, id, len); 2914 1.1 christos break; 2915 1.1 christos 2916 1.1 christos case EAP_RESPONSE: 2917 1.1 christos eap_response(esp, inp, id, len); 2918 1.1 christos break; 2919 1.1 christos 2920 1.1 christos case EAP_SUCCESS: 2921 1.1 christos eap_success(esp, inp, id, len); 2922 1.1 christos break; 2923 1.1 christos 2924 1.1 christos case EAP_FAILURE: 2925 1.1 christos eap_failure(esp, inp, id, len); 2926 1.1 christos break; 2927 1.1 christos 2928 1.1 christos default: /* XXX Need code reject */ 2929 1.1 christos /* Note: it's not legal to send EAP Nak here. */ 2930 1.1 christos warn("EAP: unknown code %d received", code); 2931 1.1 christos break; 2932 1.1 christos } 2933 1.1 christos } 2934 1.1 christos 2935 1.1 christos /* 2936 1.1 christos * eap_printpkt - print the contents of an EAP packet. 2937 1.1 christos */ 2938 1.1 christos static char *eap_codenames[] = { 2939 1.1 christos "Request", "Response", "Success", "Failure" 2940 1.1 christos }; 2941 1.1 christos 2942 1.1 christos static char *eap_typenames[] = { 2943 1.1 christos "Identity", "Notification", "Nak", "MD5-Challenge", 2944 1.1 christos "OTP", "Generic-Token", NULL, NULL, 2945 1.1 christos "RSA", "DSS", "KEA", "KEA-Validate", 2946 1.1 christos "TLS", "Defender", "Windows 2000", "Arcot", 2947 1.6 christos "Cisco", "Nokia", "SRP", NULL, 2948 1.6 christos "TTLS", "RAS", "AKA", "3COM", "PEAP", 2949 1.6 christos "MSCHAPv2" 2950 1.1 christos }; 2951 1.1 christos 2952 1.1 christos static int 2953 1.6 christos eap_printpkt(u_char *inp, int inlen, 2954 1.6 christos void (*printer) (void *, char *, ...), void *arg) 2955 1.1 christos { 2956 1.1 christos int code, id, len, rtype, vallen; 2957 1.1 christos u_char *pstart; 2958 1.1 christos u_int32_t uval; 2959 1.6 christos #ifdef USE_EAPTLS 2960 1.6 christos u_char flags; 2961 1.6 christos #endif /* USE_EAPTLS */ 2962 1.6 christos #ifdef CHAPMS 2963 1.6 christos u_char opcode; 2964 1.6 christos #endif /* CHAPMS */ 2965 1.1 christos 2966 1.1 christos if (inlen < EAP_HEADERLEN) 2967 1.1 christos return (0); 2968 1.1 christos pstart = inp; 2969 1.1 christos GETCHAR(code, inp); 2970 1.1 christos GETCHAR(id, inp); 2971 1.1 christos GETSHORT(len, inp); 2972 1.1 christos if (len < EAP_HEADERLEN || len > inlen) 2973 1.1 christos return (0); 2974 1.1 christos 2975 1.1 christos if (code >= 1 && code <= sizeof(eap_codenames) / sizeof(char *)) 2976 1.1 christos printer(arg, " %s", eap_codenames[code-1]); 2977 1.1 christos else 2978 1.1 christos printer(arg, " code=0x%x", code); 2979 1.1 christos printer(arg, " id=0x%x", id); 2980 1.1 christos len -= EAP_HEADERLEN; 2981 1.1 christos switch (code) { 2982 1.1 christos case EAP_REQUEST: 2983 1.1 christos if (len < 1) { 2984 1.1 christos printer(arg, " <missing type>"); 2985 1.1 christos break; 2986 1.1 christos } 2987 1.1 christos GETCHAR(rtype, inp); 2988 1.1 christos len--; 2989 1.1 christos if (rtype >= 1 && 2990 1.1 christos rtype <= sizeof (eap_typenames) / sizeof (char *)) 2991 1.1 christos printer(arg, " %s", eap_typenames[rtype-1]); 2992 1.1 christos else 2993 1.1 christos printer(arg, " type=0x%x", rtype); 2994 1.1 christos switch (rtype) { 2995 1.1 christos case EAPT_IDENTITY: 2996 1.1 christos case EAPT_NOTIFICATION: 2997 1.1 christos if (len > 0) { 2998 1.1 christos printer(arg, " <Message "); 2999 1.1 christos print_string((char *)inp, len, printer, arg); 3000 1.1 christos printer(arg, ">"); 3001 1.1 christos INCPTR(len, inp); 3002 1.1 christos len = 0; 3003 1.1 christos } else { 3004 1.1 christos printer(arg, " <No message>"); 3005 1.1 christos } 3006 1.1 christos break; 3007 1.1 christos 3008 1.1 christos case EAPT_MD5CHAP: 3009 1.1 christos if (len <= 0) 3010 1.1 christos break; 3011 1.1 christos GETCHAR(vallen, inp); 3012 1.1 christos len--; 3013 1.1 christos if (vallen > len) 3014 1.1 christos goto truncated; 3015 1.1 christos printer(arg, " <Value%.*B>", vallen, inp); 3016 1.1 christos INCPTR(vallen, inp); 3017 1.1 christos len -= vallen; 3018 1.1 christos if (len > 0) { 3019 1.1 christos printer(arg, " <Name "); 3020 1.1 christos print_string((char *)inp, len, printer, arg); 3021 1.1 christos printer(arg, ">"); 3022 1.1 christos INCPTR(len, inp); 3023 1.1 christos len = 0; 3024 1.1 christos } else { 3025 1.1 christos printer(arg, " <No name>"); 3026 1.1 christos } 3027 1.1 christos break; 3028 1.1 christos 3029 1.6 christos #ifdef CHAPMS 3030 1.6 christos case EAPT_MSCHAPV2: 3031 1.6 christos if (len <= 0) 3032 1.6 christos break; 3033 1.6 christos GETCHAR(opcode, inp); 3034 1.6 christos len--; 3035 1.6 christos switch (opcode) { 3036 1.6 christos case CHAP_CHALLENGE: 3037 1.6 christos INCPTR(3, inp); 3038 1.6 christos len -= 3; 3039 1.6 christos GETCHAR(vallen, inp); 3040 1.6 christos len--; 3041 1.6 christos if (vallen > len) 3042 1.6 christos goto truncated; 3043 1.6 christos len -= vallen; 3044 1.6 christos printer(arg, " Challenge <"); 3045 1.6 christos for (; vallen > 0; --vallen) { 3046 1.6 christos u_char val; 3047 1.6 christos GETCHAR(val, inp); 3048 1.6 christos printer(arg, "%.2x", val); 3049 1.6 christos } 3050 1.6 christos printer(arg, ">"); 3051 1.6 christos if (len > 0) { 3052 1.6 christos printer(arg, ", <Name "); 3053 1.6 christos print_string((char *)inp, len, printer, arg); 3054 1.6 christos printer(arg, ">"); 3055 1.6 christos INCPTR(len, inp); 3056 1.6 christos len = 0; 3057 1.6 christos } else { 3058 1.6 christos printer(arg, ", <No name>"); 3059 1.6 christos } 3060 1.6 christos break; 3061 1.6 christos case CHAP_SUCCESS: 3062 1.6 christos INCPTR(3, inp); 3063 1.6 christos len -= 3; 3064 1.6 christos printer(arg, " Success <Message "); 3065 1.6 christos print_string((char *)inp, len, printer, arg); 3066 1.6 christos printer(arg, ">"); 3067 1.6 christos break; 3068 1.6 christos case CHAP_FAILURE: 3069 1.6 christos INCPTR(3, inp); 3070 1.6 christos len -= 3; 3071 1.6 christos printer(arg, " Failure <Message "); 3072 1.6 christos print_string((char *)inp, len, printer, arg); 3073 1.6 christos printer(arg, ">"); 3074 1.6 christos break; 3075 1.6 christos default: 3076 1.6 christos INCPTR(3, inp); 3077 1.6 christos len -= 3; 3078 1.6 christos printer(arg, " opcode=0x%x <%.*B>", opcode, len, inp); 3079 1.6 christos break; 3080 1.6 christos } 3081 1.6 christos break; 3082 1.6 christos #endif /* CHAPMS */ 3083 1.6 christos 3084 1.6 christos #ifdef USE_EAPTLS 3085 1.6 christos case EAPT_TLS: 3086 1.6 christos if (len < 1) 3087 1.6 christos break; 3088 1.6 christos GETCHAR(flags, inp); 3089 1.6 christos len--; 3090 1.6 christos 3091 1.6 christos if(flags == 0 && len == 0){ 3092 1.6 christos printer(arg, " Ack"); 3093 1.6 christos break; 3094 1.6 christos } 3095 1.6 christos 3096 1.6 christos printer(arg, flags & EAP_TLS_FLAGS_LI ? " L":" -"); 3097 1.6 christos printer(arg, flags & EAP_TLS_FLAGS_MF ? "M":"-"); 3098 1.6 christos printer(arg, flags & EAP_TLS_FLAGS_START ? "S":"- "); 3099 1.6 christos break; 3100 1.6 christos #endif /* USE_EAPTLS */ 3101 1.6 christos 3102 1.1 christos case EAPT_SRP: 3103 1.1 christos if (len < 3) 3104 1.1 christos goto truncated; 3105 1.1 christos GETCHAR(vallen, inp); 3106 1.1 christos len--; 3107 1.1 christos printer(arg, "-%d", vallen); 3108 1.1 christos switch (vallen) { 3109 1.1 christos case EAPSRP_CHALLENGE: 3110 1.1 christos GETCHAR(vallen, inp); 3111 1.1 christos len--; 3112 1.1 christos if (vallen >= len) 3113 1.1 christos goto truncated; 3114 1.1 christos if (vallen > 0) { 3115 1.1 christos printer(arg, " <Name "); 3116 1.1 christos print_string((char *)inp, vallen, printer, 3117 1.1 christos arg); 3118 1.1 christos printer(arg, ">"); 3119 1.1 christos } else { 3120 1.1 christos printer(arg, " <No name>"); 3121 1.1 christos } 3122 1.1 christos INCPTR(vallen, inp); 3123 1.1 christos len -= vallen; 3124 1.1 christos GETCHAR(vallen, inp); 3125 1.1 christos len--; 3126 1.1 christos if (vallen >= len) 3127 1.1 christos goto truncated; 3128 1.1 christos printer(arg, " <s%.*B>", vallen, inp); 3129 1.1 christos INCPTR(vallen, inp); 3130 1.1 christos len -= vallen; 3131 1.1 christos GETCHAR(vallen, inp); 3132 1.1 christos len--; 3133 1.1 christos if (vallen > len) 3134 1.1 christos goto truncated; 3135 1.1 christos if (vallen == 0) { 3136 1.1 christos printer(arg, " <Default g=2>"); 3137 1.1 christos } else { 3138 1.1 christos printer(arg, " <g%.*B>", vallen, inp); 3139 1.1 christos } 3140 1.1 christos INCPTR(vallen, inp); 3141 1.1 christos len -= vallen; 3142 1.1 christos if (len == 0) { 3143 1.1 christos printer(arg, " <Default N>"); 3144 1.1 christos } else { 3145 1.1 christos printer(arg, " <N%.*B>", len, inp); 3146 1.1 christos INCPTR(len, inp); 3147 1.1 christos len = 0; 3148 1.1 christos } 3149 1.1 christos break; 3150 1.1 christos 3151 1.1 christos case EAPSRP_SKEY: 3152 1.1 christos printer(arg, " <B%.*B>", len, inp); 3153 1.1 christos INCPTR(len, inp); 3154 1.1 christos len = 0; 3155 1.1 christos break; 3156 1.1 christos 3157 1.1 christos case EAPSRP_SVALIDATOR: 3158 1.1 christos if (len < sizeof (u_int32_t)) 3159 1.1 christos break; 3160 1.1 christos GETLONG(uval, inp); 3161 1.1 christos len -= sizeof (u_int32_t); 3162 1.1 christos if (uval & SRPVAL_EBIT) { 3163 1.1 christos printer(arg, " E"); 3164 1.1 christos uval &= ~SRPVAL_EBIT; 3165 1.1 christos } 3166 1.1 christos if (uval != 0) { 3167 1.1 christos printer(arg, " f<%X>", uval); 3168 1.1 christos } 3169 1.1 christos if ((vallen = len) > SHA_DIGESTSIZE) 3170 1.1 christos vallen = SHA_DIGESTSIZE; 3171 1.1 christos printer(arg, " <M2%.*B%s>", len, inp, 3172 1.1 christos len < SHA_DIGESTSIZE ? "?" : ""); 3173 1.1 christos INCPTR(vallen, inp); 3174 1.1 christos len -= vallen; 3175 1.1 christos if (len > 0) { 3176 1.1 christos printer(arg, " <PN%.*B>", len, inp); 3177 1.1 christos INCPTR(len, inp); 3178 1.1 christos len = 0; 3179 1.1 christos } 3180 1.1 christos break; 3181 1.1 christos 3182 1.1 christos case EAPSRP_LWRECHALLENGE: 3183 1.1 christos printer(arg, " <Challenge%.*B>", len, inp); 3184 1.1 christos INCPTR(len, inp); 3185 1.1 christos len = 0; 3186 1.1 christos break; 3187 1.1 christos } 3188 1.1 christos break; 3189 1.1 christos } 3190 1.1 christos break; 3191 1.1 christos 3192 1.1 christos case EAP_RESPONSE: 3193 1.1 christos if (len < 1) 3194 1.1 christos break; 3195 1.1 christos GETCHAR(rtype, inp); 3196 1.1 christos len--; 3197 1.1 christos if (rtype >= 1 && 3198 1.1 christos rtype <= sizeof (eap_typenames) / sizeof (char *)) 3199 1.1 christos printer(arg, " %s", eap_typenames[rtype-1]); 3200 1.1 christos else 3201 1.1 christos printer(arg, " type=0x%x", rtype); 3202 1.1 christos switch (rtype) { 3203 1.1 christos case EAPT_IDENTITY: 3204 1.1 christos if (len > 0) { 3205 1.1 christos printer(arg, " <Name "); 3206 1.1 christos print_string((char *)inp, len, printer, arg); 3207 1.1 christos printer(arg, ">"); 3208 1.1 christos INCPTR(len, inp); 3209 1.1 christos len = 0; 3210 1.1 christos } 3211 1.1 christos break; 3212 1.1 christos 3213 1.6 christos #ifdef USE_EAPTLS 3214 1.6 christos case EAPT_TLS: 3215 1.6 christos if (len < 1) 3216 1.6 christos break; 3217 1.6 christos GETCHAR(flags, inp); 3218 1.6 christos len--; 3219 1.6 christos 3220 1.6 christos if(flags == 0 && len == 0){ 3221 1.6 christos printer(arg, " Ack"); 3222 1.6 christos break; 3223 1.6 christos } 3224 1.6 christos 3225 1.6 christos printer(arg, flags & EAP_TLS_FLAGS_LI ? " L":" -"); 3226 1.6 christos printer(arg, flags & EAP_TLS_FLAGS_MF ? "M":"-"); 3227 1.6 christos printer(arg, flags & EAP_TLS_FLAGS_START ? "S":"- "); 3228 1.6 christos 3229 1.6 christos break; 3230 1.6 christos #endif /* USE_EAPTLS */ 3231 1.6 christos 3232 1.1 christos case EAPT_NAK: 3233 1.1 christos if (len <= 0) { 3234 1.1 christos printer(arg, " <missing hint>"); 3235 1.1 christos break; 3236 1.1 christos } 3237 1.1 christos GETCHAR(rtype, inp); 3238 1.1 christos len--; 3239 1.1 christos printer(arg, " <Suggested-type %02X", rtype); 3240 1.1 christos if (rtype >= 1 && 3241 1.6 christos rtype <= sizeof (eap_typenames) / sizeof (char *)) 3242 1.1 christos printer(arg, " (%s)", eap_typenames[rtype-1]); 3243 1.1 christos printer(arg, ">"); 3244 1.1 christos break; 3245 1.1 christos 3246 1.1 christos case EAPT_MD5CHAP: 3247 1.1 christos if (len <= 0) { 3248 1.1 christos printer(arg, " <missing length>"); 3249 1.1 christos break; 3250 1.1 christos } 3251 1.1 christos GETCHAR(vallen, inp); 3252 1.1 christos len--; 3253 1.1 christos if (vallen > len) 3254 1.1 christos goto truncated; 3255 1.1 christos printer(arg, " <Value%.*B>", vallen, inp); 3256 1.1 christos INCPTR(vallen, inp); 3257 1.1 christos len -= vallen; 3258 1.1 christos if (len > 0) { 3259 1.1 christos printer(arg, " <Name "); 3260 1.1 christos print_string((char *)inp, len, printer, arg); 3261 1.1 christos printer(arg, ">"); 3262 1.1 christos INCPTR(len, inp); 3263 1.1 christos len = 0; 3264 1.1 christos } else { 3265 1.1 christos printer(arg, " <No name>"); 3266 1.1 christos } 3267 1.1 christos break; 3268 1.1 christos 3269 1.6 christos #ifdef CHAPMS 3270 1.6 christos case EAPT_MSCHAPV2: 3271 1.6 christos if (len <= 0) 3272 1.6 christos break; 3273 1.6 christos GETCHAR(opcode, inp); 3274 1.6 christos len--; 3275 1.6 christos switch (opcode) { 3276 1.6 christos case CHAP_RESPONSE: 3277 1.6 christos INCPTR(3, inp); 3278 1.6 christos len -= 3; 3279 1.6 christos GETCHAR(vallen, inp); 3280 1.6 christos len--; 3281 1.6 christos if (vallen > len) 3282 1.6 christos goto truncated; 3283 1.6 christos len -= vallen; 3284 1.6 christos printer(arg, " Response <"); 3285 1.6 christos for (; vallen > 0; --vallen) { 3286 1.6 christos u_char val; 3287 1.6 christos GETCHAR(val, inp); 3288 1.6 christos printer(arg, "%.2x", val); 3289 1.6 christos } 3290 1.6 christos printer(arg, ">"); 3291 1.6 christos if (len > 0) { 3292 1.6 christos printer(arg, ", <Name "); 3293 1.6 christos print_string((char *)inp, len, printer, arg); 3294 1.6 christos printer(arg, ">"); 3295 1.6 christos INCPTR(len, inp); 3296 1.6 christos len = 0; 3297 1.6 christos } else { 3298 1.6 christos printer(arg, ", <No name>"); 3299 1.6 christos } 3300 1.6 christos break; 3301 1.6 christos case CHAP_SUCCESS: 3302 1.6 christos printer(arg, " Success"); 3303 1.6 christos break; 3304 1.6 christos case CHAP_FAILURE: 3305 1.6 christos printer(arg, " Failure"); 3306 1.6 christos break; 3307 1.6 christos default: 3308 1.6 christos printer(arg, " opcode=0x%x <%.*B>", opcode, len, inp); 3309 1.6 christos break; 3310 1.6 christos } 3311 1.6 christos break; 3312 1.6 christos #endif /* CHAPMS */ 3313 1.6 christos 3314 1.1 christos case EAPT_SRP: 3315 1.1 christos if (len < 1) 3316 1.1 christos goto truncated; 3317 1.1 christos GETCHAR(vallen, inp); 3318 1.1 christos len--; 3319 1.1 christos printer(arg, "-%d", vallen); 3320 1.1 christos switch (vallen) { 3321 1.1 christos case EAPSRP_CKEY: 3322 1.1 christos printer(arg, " <A%.*B>", len, inp); 3323 1.1 christos INCPTR(len, inp); 3324 1.1 christos len = 0; 3325 1.1 christos break; 3326 1.1 christos 3327 1.1 christos case EAPSRP_CVALIDATOR: 3328 1.1 christos if (len < sizeof (u_int32_t)) 3329 1.1 christos break; 3330 1.1 christos GETLONG(uval, inp); 3331 1.1 christos len -= sizeof (u_int32_t); 3332 1.1 christos if (uval & SRPVAL_EBIT) { 3333 1.1 christos printer(arg, " E"); 3334 1.1 christos uval &= ~SRPVAL_EBIT; 3335 1.1 christos } 3336 1.1 christos if (uval != 0) { 3337 1.1 christos printer(arg, " f<%X>", uval); 3338 1.1 christos } 3339 1.1 christos printer(arg, " <M1%.*B%s>", len, inp, 3340 1.1 christos len == SHA_DIGESTSIZE ? "" : "?"); 3341 1.1 christos INCPTR(len, inp); 3342 1.1 christos len = 0; 3343 1.1 christos break; 3344 1.1 christos 3345 1.1 christos case EAPSRP_ACK: 3346 1.1 christos break; 3347 1.1 christos 3348 1.1 christos case EAPSRP_LWRECHALLENGE: 3349 1.1 christos printer(arg, " <Response%.*B%s>", len, inp, 3350 1.1 christos len == SHA_DIGESTSIZE ? "" : "?"); 3351 1.1 christos if ((vallen = len) > SHA_DIGESTSIZE) 3352 1.1 christos vallen = SHA_DIGESTSIZE; 3353 1.1 christos INCPTR(vallen, inp); 3354 1.1 christos len -= vallen; 3355 1.1 christos break; 3356 1.1 christos } 3357 1.1 christos break; 3358 1.1 christos } 3359 1.1 christos break; 3360 1.1 christos 3361 1.1 christos case EAP_SUCCESS: /* No payload expected for these! */ 3362 1.1 christos case EAP_FAILURE: 3363 1.1 christos break; 3364 1.1 christos 3365 1.1 christos truncated: 3366 1.1 christos printer(arg, " <truncated>"); 3367 1.1 christos break; 3368 1.1 christos } 3369 1.1 christos 3370 1.1 christos if (len > 8) 3371 1.1 christos printer(arg, "%8B...", inp); 3372 1.1 christos else if (len > 0) 3373 1.1 christos printer(arg, "%.*B", len, inp); 3374 1.1 christos INCPTR(len, inp); 3375 1.1 christos 3376 1.1 christos return (inp - pstart); 3377 1.1 christos } 3378
Indexes created Fri May 01 00:23:41 UTC 2026