ReactOS  0.4.15-dev-1207-g698a8e6
auth.c
Go to the documentation of this file.
1 /*****************************************************************************
2 * auth.c - Network Authentication and Phase Control program file.
3 *
4 * Copyright (c) 2003 by Marc Boucher, Services Informatiques (MBSI) inc.
5 * Copyright (c) 1997 by Global Election Systems Inc. All rights reserved.
6 *
7 * The authors hereby grant permission to use, copy, modify, distribute,
8 * and license this software and its documentation for any purpose, provided
9 * that existing copyright notices are retained in all copies and that this
10 * notice and the following disclaimer are included verbatim in any
11 * distributions. No written agreement, license, or royalty fee is required
12 * for any of the authorized uses.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS *AS IS* AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 *
25 ******************************************************************************
26 * REVISION HISTORY
27 *
28 * 03-01-01 Marc Boucher <marc@mbsi.ca>
29 * Ported to lwIP.
30 * 97-12-08 Guy Lancaster <lancasterg@acm.org>, Global Election Systems Inc.
31 * Ported from public pppd code.
32 *****************************************************************************/
33 /*
34  * auth.c - PPP authentication and phase control.
35  *
36  * Copyright (c) 1993 The Australian National University.
37  * All rights reserved.
38  *
39  * Redistribution and use in source and binary forms are permitted
40  * provided that the above copyright notice and this paragraph are
41  * duplicated in all such forms and that any documentation,
42  * advertising materials, and other materials related to such
43  * distribution and use acknowledge that the software was developed
44  * by the Australian National University. The name of the University
45  * may not be used to endorse or promote products derived from this
46  * software without specific prior written permission.
47  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
48  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
49  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
50  *
51  * Copyright (c) 1989 Carnegie Mellon University.
52  * All rights reserved.
53  *
54  * Redistribution and use in source and binary forms are permitted
55  * provided that the above copyright notice and this paragraph are
56  * duplicated in all such forms and that any documentation,
57  * advertising materials, and other materials related to such
58  * distribution and use acknowledge that the software was developed
59  * by Carnegie Mellon University. The name of the
60  * University may not be used to endorse or promote products derived
61  * from this software without specific prior written permission.
62  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
63  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
64  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
65  */
66 
67 #include "lwip/opt.h"
68 
69 #if PPP_SUPPORT /* don't build if not configured for use in lwipopts.h */
70 
71 #include "ppp_impl.h"
72 #include "pppdebug.h"
73 
74 #include "fsm.h"
75 #include "lcp.h"
76 #include "pap.h"
77 #include "chap.h"
78 #include "auth.h"
79 #include "ipcp.h"
80 
81 #if CBCP_SUPPORT
82 #include "cbcp.h"
83 #endif /* CBCP_SUPPORT */
84 
85 #include "lwip/inet.h"
86 
87 #include <string.h>
88 
89 #if 0 /* UNUSED */
90 /* Bits in scan_authfile return value */
91 #define NONWILD_SERVER 1
92 #define NONWILD_CLIENT 2
93 
94 #define ISWILD(word) (word[0] == '*' && word[1] == 0)
95 #endif /* UNUSED */
96 
97 #if PAP_SUPPORT || CHAP_SUPPORT
98 /* The name by which the peer authenticated itself to us. */
99 static char peer_authname[MAXNAMELEN];
100 #endif /* PAP_SUPPORT || CHAP_SUPPORT */
101 
102 /* Records which authentication operations haven't completed yet. */
103 static int auth_pending[NUM_PPP];
104 
105 /* Set if we have successfully called plogin() */
106 static int logged_in;
107 
108 /* Set if we have run the /etc/ppp/auth-up script. */
109 static int did_authup; /* @todo, we don't need this in lwip*/
110 
111 /* List of addresses which the peer may use. */
112 static struct wordlist *addresses[NUM_PPP];
113 
114 #if 0 /* UNUSED */
115 /* Wordlist giving addresses which the peer may use
116  without authenticating itself. */
117 static struct wordlist *noauth_addrs;
118 
119 /* Extra options to apply, from the secrets file entry for the peer. */
120 static struct wordlist *extra_options;
121 #endif /* UNUSED */
122 
123 /* Number of network protocols which we have opened. */
124 static int num_np_open;
125 
126 /* Number of network protocols which have come up. */
127 static int num_np_up;
128 
129 #if PAP_SUPPORT || CHAP_SUPPORT
130 /* Set if we got the contents of passwd[] from the pap-secrets file. */
131 static int passwd_from_file;
132 #endif /* PAP_SUPPORT || CHAP_SUPPORT */
133 
134 #if 0 /* UNUSED */
135 /* Set if we require authentication only because we have a default route. */
136 static bool default_auth;
137 
138 /* Hook to enable a plugin to control the idle time limit */
139 int (*idle_time_hook) __P((struct ppp_idle *)) = NULL;
140 
141 /* Hook for a plugin to say whether we can possibly authenticate any peer */
142 int (*pap_check_hook) __P((void)) = NULL;
143 
144 /* Hook for a plugin to check the PAP user and password */
145 int (*pap_auth_hook) __P((char *user, char *passwd, char **msgp,
146  struct wordlist **paddrs,
147  struct wordlist **popts)) = NULL;
148 
149 /* Hook for a plugin to know about the PAP user logout */
150 void (*pap_logout_hook) __P((void)) = NULL;
151 
152 /* Hook for a plugin to get the PAP password for authenticating us */
153 int (*pap_passwd_hook) __P((char *user, char *passwd)) = NULL;
154 
155 /*
156  * This is used to ensure that we don't start an auth-up/down
157  * script while one is already running.
158  */
159 enum script_state {
160  s_down,
161  s_up
162 };
163 
164 static enum script_state auth_state = s_down;
165 static enum script_state auth_script_state = s_down;
166 static pid_t auth_script_pid = 0;
167 
168 /*
169  * Option variables.
170  * lwip: some of these are present in the ppp_settings structure
171  */
172 bool uselogin = 0; /* Use /etc/passwd for checking PAP */
173 bool cryptpap = 0; /* Passwords in pap-secrets are encrypted */
174 bool refuse_pap = 0; /* Don't wanna auth. ourselves with PAP */
175 bool refuse_chap = 0; /* Don't wanna auth. ourselves with CHAP */
176 bool usehostname = 0; /* Use hostname for our_name */
177 bool auth_required = 0; /* Always require authentication from peer */
178 bool allow_any_ip = 0; /* Allow peer to use any IP address */
179 bool explicit_remote = 0; /* User specified explicit remote name */
180 char remote_name[MAXNAMELEN]; /* Peer's name for authentication */
181 
182 #endif /* UNUSED */
183 
184 /* Bits in auth_pending[] */
185 #define PAP_WITHPEER 1
186 #define PAP_PEER 2
187 #define CHAP_WITHPEER 4
188 #define CHAP_PEER 8
189 
190 /* @todo, move this somewhere */
191 /* Used for storing a sequence of words. Usually malloced. */
192 struct wordlist {
193  struct wordlist *next;
194  char word[1];
195 };
196 
197 
198 extern char *crypt (const char *, const char *);
199 
200 /* Prototypes for procedures local to this file. */
201 
202 static void network_phase (int);
203 static void check_idle (void *);
204 static void connect_time_expired (void *);
205 #if 0
206 static int plogin (char *, char *, char **, int *);
207 #endif
208 static void plogout (void);
209 static int null_login (int);
210 static int get_pap_passwd (int, char *, char *);
211 static int have_pap_secret (void);
212 static int have_chap_secret (char *, char *, u32_t);
213 static int ip_addr_check (u32_t, struct wordlist *);
214 
215 #if 0 /* PAP_SUPPORT || CHAP_SUPPORT */
216 static int scan_authfile (FILE *, char *, char *, char *,
217  struct wordlist **, struct wordlist **,
218  char *);
219 static void free_wordlist (struct wordlist *);
220 static void auth_script (char *);
221 static void auth_script_done (void *);
222 static void set_allowed_addrs (int unit, struct wordlist *addrs);
223 static int some_ip_ok (struct wordlist *);
224 static int setupapfile (char **);
225 static int privgroup (char **);
226 static int set_noauth_addr (char **);
227 static void check_access (FILE *, char *);
228 #endif /* 0 */ /* PAP_SUPPORT || CHAP_SUPPORT */
229 
230 #if 0 /* UNUSED */
231 /*
232  * Authentication-related options.
233  */
234 option_t auth_options[] = {
235  { "require-pap", o_bool, &lcp_wantoptions[0].neg_upap,
236  "Require PAP authentication from peer", 1, &auth_required },
237  { "+pap", o_bool, &lcp_wantoptions[0].neg_upap,
238  "Require PAP authentication from peer", 1, &auth_required },
239  { "refuse-pap", o_bool, &refuse_pap,
240  "Don't agree to auth to peer with PAP", 1 },
241  { "-pap", o_bool, &refuse_pap,
242  "Don't allow PAP authentication with peer", 1 },
243  { "require-chap", o_bool, &lcp_wantoptions[0].neg_chap,
244  "Require CHAP authentication from peer", 1, &auth_required },
245  { "+chap", o_bool, &lcp_wantoptions[0].neg_chap,
246  "Require CHAP authentication from peer", 1, &auth_required },
247  { "refuse-chap", o_bool, &refuse_chap,
248  "Don't agree to auth to peer with CHAP", 1 },
249  { "-chap", o_bool, &refuse_chap,
250  "Don't allow CHAP authentication with peer", 1 },
251  { "name", o_string, our_name,
252  "Set local name for authentication",
253  OPT_PRIV|OPT_STATIC, NULL, MAXNAMELEN },
254  { "user", o_string, user,
255  "Set name for auth with peer", OPT_STATIC, NULL, MAXNAMELEN },
256  { "usehostname", o_bool, &usehostname,
257  "Must use hostname for authentication", 1 },
258  { "remotename", o_string, remote_name,
259  "Set remote name for authentication", OPT_STATIC,
260  &explicit_remote, MAXNAMELEN },
261  { "auth", o_bool, &auth_required,
262  "Require authentication from peer", 1 },
263  { "noauth", o_bool, &auth_required,
264  "Don't require peer to authenticate", OPT_PRIV, &allow_any_ip },
265  { "login", o_bool, &uselogin,
266  "Use system password database for PAP", 1 },
267  { "papcrypt", o_bool, &cryptpap,
268  "PAP passwords are encrypted", 1 },
269  { "+ua", o_special, (void *)setupapfile,
270  "Get PAP user and password from file" },
271  { "password", o_string, passwd,
272  "Password for authenticating us to the peer", OPT_STATIC,
273  NULL, MAXSECRETLEN },
274  { "privgroup", o_special, (void *)privgroup,
275  "Allow group members to use privileged options", OPT_PRIV },
276  { "allow-ip", o_special, (void *)set_noauth_addr,
277  "Set IP address(es) which can be used without authentication",
278  OPT_PRIV },
279  { NULL }
280 };
281 #endif /* UNUSED */
282 #if 0 /* UNUSED */
283 /*
284  * setupapfile - specifies UPAP info for authenticating with peer.
285  */
286 static int
287 setupapfile(char **argv)
288 {
289  FILE * ufile;
290  int l;
291 
292  lcp_allowoptions[0].neg_upap = 1;
293 
294  /* open user info file */
295  seteuid(getuid());
296  ufile = fopen(*argv, "r");
297  seteuid(0);
298  if (ufile == NULL) {
299  option_error("unable to open user login data file %s", *argv);
300  return 0;
301  }
302  check_access(ufile, *argv);
303 
304  /* get username */
305  if (fgets(user, MAXNAMELEN - 1, ufile) == NULL
306  || fgets(passwd, MAXSECRETLEN - 1, ufile) == NULL){
307  option_error("unable to read user login data file %s", *argv);
308  return 0;
309  }
310  fclose(ufile);
311 
312  /* get rid of newlines */
313  l = strlen(user);
314  if (l > 0 && user[l-1] == '\n')
315  user[l-1] = 0;
316  l = strlen(passwd);
317  if (l > 0 && passwd[l-1] == '\n')
318  passwd[l-1] = 0;
319 
320  return (1);
321 }
322 #endif /* UNUSED */
323 
324 #if 0 /* UNUSED */
325 /*
326  * privgroup - allow members of the group to have privileged access.
327  */
328 static int
329 privgroup(char **argv)
330 {
331  struct group *g;
332  int i;
333 
334  g = getgrnam(*argv);
335  if (g == 0) {
336  option_error("group %s is unknown", *argv);
337  return 0;
338  }
339  for (i = 0; i < ngroups; ++i) {
340  if (groups[i] == g->gr_gid) {
341  privileged = 1;
342  break;
343  }
344  }
345  return 1;
346 }
347 #endif
348 
349 #if 0 /* UNUSED */
350 /*
351  * set_noauth_addr - set address(es) that can be used without authentication.
352  * Equivalent to specifying an entry like `"" * "" addr' in pap-secrets.
353  */
354 static int
355 set_noauth_addr(char **argv)
356 {
357  char *addr = *argv;
358  int l = strlen(addr);
359  struct wordlist *wp;
360 
361  wp = (struct wordlist *) malloc(sizeof(struct wordlist) + l + 1);
362  if (wp == NULL)
363  novm("allow-ip argument");
364  wp->word = (char *) (wp + 1);
365  wp->next = noauth_addrs;
366  BCOPY(addr, wp->word, l);
367  noauth_addrs = wp;
368  return 1;
369 }
370 #endif /* UNUSED */
371 
372 /*
373  * An Open on LCP has requested a change from Dead to Establish phase.
374  * Do what's necessary to bring the physical layer up.
375  */
376 void
377 link_required(int unit)
378 {
380 
381  AUTHDEBUG(LOG_INFO, ("link_required: %d\n", unit));
382 }
383 
384 /*
385  * LCP has terminated the link; go to the Dead phase and take the
386  * physical layer down.
387  */
388 void
390 {
391  AUTHDEBUG(LOG_INFO, ("link_terminated: %d\n", unit));
392  if (lcp_phase[unit] == PHASE_DEAD) {
393  return;
394  }
395  if (logged_in) {
396  plogout();
397  }
399  AUTHDEBUG(LOG_NOTICE, ("Connection terminated.\n"));
400  pppLinkTerminated(unit);
401 }
402 
403 /*
404  * LCP has gone down; it will either die or try to re-establish.
405  */
406 void
407 link_down(int unit)
408 {
409  int i;
410  struct protent *protp;
411 
412  AUTHDEBUG(LOG_INFO, ("link_down: %d\n", unit));
413 
414  if (did_authup) {
415  /* XXX Do link down processing. */
416  did_authup = 0;
417  }
418  for (i = 0; (protp = ppp_protocols[i]) != NULL; ++i) {
419  if (!protp->enabled_flag) {
420  continue;
421  }
422  if (protp->protocol != PPP_LCP && protp->lowerdown != NULL) {
423  (*protp->lowerdown)(unit);
424  }
425  if (protp->protocol < 0xC000 && protp->close != NULL) {
426  (*protp->close)(unit, "LCP down");
427  }
428  }
429  num_np_open = 0; /* number of network protocols we have opened */
430  num_np_up = 0; /* Number of network protocols which have come up */
431 
432  if (lcp_phase[unit] != PHASE_DEAD) {
434  }
435  pppLinkDown(unit);
436 }
437 
438 /*
439  * The link is established.
440  * Proceed to the Dead, Authenticate or Network phase as appropriate.
441  */
442 void
444 {
445  int auth;
446  int i;
447  struct protent *protp;
450 #if PAP_SUPPORT || CHAP_SUPPORT
452 #endif /* PAP_SUPPORT || CHAP_SUPPORT */
453 
454  AUTHDEBUG(LOG_INFO, ("link_established: unit %d; Lowering up all protocols...\n", unit));
455  /*
456  * Tell higher-level protocols that LCP is up.
457  */
458  for (i = 0; (protp = ppp_protocols[i]) != NULL; ++i) {
459  if (protp->protocol != PPP_LCP && protp->enabled_flag && protp->lowerup != NULL) {
460  (*protp->lowerup)(unit);
461  }
462  }
463  if (ppp_settings.auth_required && !(go->neg_chap || go->neg_upap)) {
464  /*
465  * We wanted the peer to authenticate itself, and it refused:
466  * treat it as though it authenticated with PAP using a username
467  * of "" and a password of "". If that's not OK, boot it out.
468  */
469  if (!wo->neg_upap || !null_login(unit)) {
470  AUTHDEBUG(LOG_WARNING, ("peer refused to authenticate\n"));
471  lcp_close(unit, "peer refused to authenticate");
472  return;
473  }
474  }
475 
477  auth = 0;
478 #if CHAP_SUPPORT
479  if (go->neg_chap) {
480  ChapAuthPeer(unit, ppp_settings.our_name, go->chap_mdtype);
481  auth |= CHAP_PEER;
482  }
483 #endif /* CHAP_SUPPORT */
484 #if PAP_SUPPORT && CHAP_SUPPORT
485  else
486 #endif /* PAP_SUPPORT && CHAP_SUPPORT */
487 #if PAP_SUPPORT
488  if (go->neg_upap) {
489  upap_authpeer(unit);
490  auth |= PAP_PEER;
491  }
492 #endif /* PAP_SUPPORT */
493 #if CHAP_SUPPORT
494  if (ho->neg_chap) {
495  ChapAuthWithPeer(unit, ppp_settings.user, ho->chap_mdtype);
496  auth |= CHAP_WITHPEER;
497  }
498 #endif /* CHAP_SUPPORT */
499 #if PAP_SUPPORT && CHAP_SUPPORT
500  else
501 #endif /* PAP_SUPPORT && CHAP_SUPPORT */
502 #if PAP_SUPPORT
503  if (ho->neg_upap) {
504  if (ppp_settings.passwd[0] == 0) {
505  passwd_from_file = 1;
506  if (!get_pap_passwd(unit, ppp_settings.user, ppp_settings.passwd)) {
507  AUTHDEBUG(LOG_ERR, ("No secret found for PAP login\n"));
508  }
509  }
510  upap_authwithpeer(unit, ppp_settings.user, ppp_settings.passwd);
511  auth |= PAP_WITHPEER;
512  }
513 #endif /* PAP_SUPPORT */
514  auth_pending[unit] = auth;
515 
516  if (!auth) {
517  network_phase(unit);
518  }
519 }
520 
521 /*
522  * Proceed to the network phase.
523  */
524 static void
525 network_phase(int unit)
526 {
527  int i;
528  struct protent *protp;
530 
531  /*
532  * If the peer had to authenticate, run the auth-up script now.
533  */
534  if ((go->neg_chap || go->neg_upap) && !did_authup) {
535  /* XXX Do setup for peer authentication. */
536  did_authup = 1;
537  }
538 
539 #if CBCP_SUPPORT
540  /*
541  * If we negotiated callback, do it now.
542  */
543  if (go->neg_cbcp) {
545  (*cbcp_protent.open)(unit);
546  return;
547  }
548 #endif /* CBCP_SUPPORT */
549 
551  for (i = 0; (protp = ppp_protocols[i]) != NULL; ++i) {
552  if (protp->protocol < 0xC000 && protp->enabled_flag && protp->open != NULL) {
553  (*protp->open)(unit);
554  if (protp->protocol != PPP_CCP) {
555  ++num_np_open;
556  }
557  }
558  }
559 
560  if (num_np_open == 0) {
561  /* nothing to do */
562  lcp_close(0, "No network protocols running");
563  }
564 }
565 /* @todo: add void start_networks(void) here (pppd 2.3.11) */
566 
567 /*
568  * The peer has failed to authenticate himself using `protocol'.
569  */
570 void
572 {
574 
575  AUTHDEBUG(LOG_INFO, ("auth_peer_fail: %d proto=%X\n", unit, protocol));
576  /*
577  * Authentication failure: take the link down
578  */
579  lcp_close(unit, "Authentication failed");
580 }
581 
582 
583 #if PAP_SUPPORT || CHAP_SUPPORT
584 /*
585  * The peer has been successfully authenticated using `protocol'.
586  */
587 void
589 {
590  int pbit;
591 
592  AUTHDEBUG(LOG_INFO, ("auth_peer_success: %d proto=%X\n", unit, protocol));
593  switch (protocol) {
594  case PPP_CHAP:
595  pbit = CHAP_PEER;
596  break;
597  case PPP_PAP:
598  pbit = PAP_PEER;
599  break;
600  default:
601  AUTHDEBUG(LOG_WARNING, ("auth_peer_success: unknown protocol %x\n", protocol));
602  return;
603  }
604 
605  /*
606  * Save the authenticated name of the peer for later.
607  */
608  if (namelen > (int)sizeof(peer_authname) - 1) {
609  namelen = sizeof(peer_authname) - 1;
610  }
611  BCOPY(name, peer_authname, namelen);
612  peer_authname[namelen] = 0;
613 
614  /*
615  * If there is no more authentication still to be done,
616  * proceed to the network (or callback) phase.
617  */
618  if ((auth_pending[unit] &= ~pbit) == 0) {
619  network_phase(unit);
620  }
621 }
622 
623 /*
624  * We have failed to authenticate ourselves to the peer using `protocol'.
625  */
626 void
628 {
629  int errCode = PPPERR_AUTHFAIL;
630 
632 
633  AUTHDEBUG(LOG_INFO, ("auth_withpeer_fail: %d proto=%X\n", unit, protocol));
634  if (passwd_from_file) {
635  BZERO(ppp_settings.passwd, MAXSECRETLEN);
636  }
637 
638  /*
639  * We've failed to authenticate ourselves to our peer.
640  * He'll probably take the link down, and there's not much
641  * we can do except wait for that.
642  */
643  pppIOCtl(unit, PPPCTLS_ERRCODE, &errCode);
644  lcp_close(unit, "Failed to authenticate ourselves to peer");
645 }
646 
647 /*
648  * We have successfully authenticated ourselves with the peer using `protocol'.
649  */
650 void
652 {
653  int pbit;
654 
655  AUTHDEBUG(LOG_INFO, ("auth_withpeer_success: %d proto=%X\n", unit, protocol));
656  switch (protocol) {
657  case PPP_CHAP:
658  pbit = CHAP_WITHPEER;
659  break;
660  case PPP_PAP:
661  if (passwd_from_file) {
662  BZERO(ppp_settings.passwd, MAXSECRETLEN);
663  }
664  pbit = PAP_WITHPEER;
665  break;
666  default:
667  AUTHDEBUG(LOG_WARNING, ("auth_peer_success: unknown protocol %x\n", protocol));
668  pbit = 0;
669  }
670 
671  /*
672  * If there is no more authentication still being done,
673  * proceed to the network (or callback) phase.
674  */
675  if ((auth_pending[unit] &= ~pbit) == 0) {
676  network_phase(unit);
677  }
678 }
679 #endif /* PAP_SUPPORT || CHAP_SUPPORT */
680 
681 
682 /*
683  * np_up - a network protocol has come up.
684  */
685 void
686 np_up(int unit, u16_t proto)
687 {
690 
691  AUTHDEBUG(LOG_INFO, ("np_up: %d proto=%X\n", unit, proto));
692  if (num_np_up == 0) {
693  AUTHDEBUG(LOG_INFO, ("np_up: maxconnect=%d idle_time_limit=%d\n",ppp_settings.maxconnect,ppp_settings.idle_time_limit));
694  /*
695  * At this point we consider that the link has come up successfully.
696  */
697  if (ppp_settings.idle_time_limit > 0) {
698  TIMEOUT(check_idle, NULL, ppp_settings.idle_time_limit);
699  }
700 
701  /*
702  * Set a timeout to close the connection once the maximum
703  * connect time has expired.
704  */
705  if (ppp_settings.maxconnect > 0) {
706  TIMEOUT(connect_time_expired, 0, ppp_settings.maxconnect);
707  }
708  }
709  ++num_np_up;
710 }
711 
712 /*
713  * np_down - a network protocol has gone down.
714  */
715 void
716 np_down(int unit, u16_t proto)
717 {
720 
721  AUTHDEBUG(LOG_INFO, ("np_down: %d proto=%X\n", unit, proto));
722  if (--num_np_up == 0 && ppp_settings.idle_time_limit > 0) {
723  UNTIMEOUT(check_idle, NULL);
724  }
725 }
726 
727 /*
728  * np_finished - a network protocol has finished using the link.
729  */
730 void
732 {
735 
736  AUTHDEBUG(LOG_INFO, ("np_finished: %d proto=%X\n", unit, proto));
737  if (--num_np_open <= 0) {
738  /* no further use for the link: shut up shop. */
739  lcp_close(0, "No network protocols running");
740  }
741 }
742 
743 /*
744  * check_idle - check whether the link has been idle for long
745  * enough that we can shut it down.
746  */
747 static void
748 check_idle(void *arg)
749 {
750  struct ppp_idle idle;
751  u_short itime;
752 
754  if (!get_idle_time(0, &idle)) {
755  return;
756  }
757  itime = LWIP_MIN(idle.xmit_idle, idle.recv_idle);
758  if (itime >= ppp_settings.idle_time_limit) {
759  /* link is idle: shut it down. */
760  AUTHDEBUG(LOG_INFO, ("Terminating connection due to lack of activity.\n"));
761  lcp_close(0, "Link inactive");
762  } else {
763  TIMEOUT(check_idle, NULL, ppp_settings.idle_time_limit - itime);
764  }
765 }
766 
767 /*
768  * connect_time_expired - log a message and close the connection.
769  */
770 static void
771 connect_time_expired(void *arg)
772 {
774 
775  AUTHDEBUG(LOG_INFO, ("Connect time expired\n"));
776  lcp_close(0, "Connect time expired"); /* Close connection */
777 }
778 
779 #if 0 /* UNUSED */
780 /*
781  * auth_check_options - called to check authentication options.
782  */
783 void
784 auth_check_options(void)
785 {
786  lcp_options *wo = &lcp_wantoptions[0];
787  int can_auth;
788  ipcp_options *ipwo = &ipcp_wantoptions[0];
789  u32_t remote;
790 
791  /* Default our_name to hostname, and user to our_name */
792  if (ppp_settings.our_name[0] == 0 || ppp_settings.usehostname) {
793  strcpy(ppp_settings.our_name, ppp_settings.hostname);
794  }
795 
796  if (ppp_settings.user[0] == 0) {
797  strcpy(ppp_settings.user, ppp_settings.our_name);
798  }
799 
800  /* If authentication is required, ask peer for CHAP or PAP. */
801  if (ppp_settings.auth_required && !wo->neg_chap && !wo->neg_upap) {
802  wo->neg_chap = 1;
803  wo->neg_upap = 1;
804  }
805 
806  /*
807  * Check whether we have appropriate secrets to use
808  * to authenticate the peer.
809  */
810  can_auth = wo->neg_upap && have_pap_secret();
811  if (!can_auth && wo->neg_chap) {
812  remote = ipwo->accept_remote? 0: ipwo->hisaddr;
813  can_auth = have_chap_secret(ppp_settings.remote_name, ppp_settings.our_name, remote);
814  }
815 
816  if (ppp_settings.auth_required && !can_auth) {
817  ppp_panic("No auth secret");
818  }
819 }
820 #endif /* UNUSED */
821 
822 /*
823  * auth_reset - called when LCP is starting negotiations to recheck
824  * authentication options, i.e. whether we have appropriate secrets
825  * to use for authenticating ourselves and/or the peer.
826  */
827 void
828 auth_reset(int unit)
829 {
831  lcp_options *ao = &lcp_allowoptions[0];
832  ipcp_options *ipwo = &ipcp_wantoptions[0];
833  u32_t remote;
834 
835  AUTHDEBUG(LOG_INFO, ("auth_reset: %d\n", unit));
836  ao->neg_upap = !ppp_settings.refuse_pap && (ppp_settings.passwd[0] != 0 || get_pap_passwd(unit, NULL, NULL));
837  ao->neg_chap = !ppp_settings.refuse_chap && ppp_settings.passwd[0] != 0 /*have_chap_secret(ppp_settings.user, ppp_settings.remote_name, (u32_t)0)*/;
838 
839  if (go->neg_upap && !have_pap_secret()) {
840  go->neg_upap = 0;
841  }
842  if (go->neg_chap) {
843  remote = ipwo->accept_remote? 0: ipwo->hisaddr;
844  if (!have_chap_secret(ppp_settings.remote_name, ppp_settings.our_name, remote)) {
845  go->neg_chap = 0;
846  }
847  }
848 }
849 
850 #if PAP_SUPPORT
851 /*
852  * check_passwd - Check the user name and passwd against the PAP secrets
853  * file. If requested, also check against the system password database,
854  * and login the user if OK.
855  *
856  * returns:
857  * UPAP_AUTHNAK: Authentication failed.
858  * UPAP_AUTHACK: Authentication succeeded.
859  * In either case, msg points to an appropriate message.
860  */
861 u_char
862 check_passwd( int unit, char *auser, int userlen, char *apasswd, int passwdlen, char **msg, int *msglen)
863 {
864 #if 1 /* XXX Assume all entries OK. */
866  LWIP_UNUSED_ARG(auser);
867  LWIP_UNUSED_ARG(userlen);
868  LWIP_UNUSED_ARG(apasswd);
869  LWIP_UNUSED_ARG(passwdlen);
870  LWIP_UNUSED_ARG(msglen);
871  *msg = (char *) 0;
872  return UPAP_AUTHACK; /* XXX Assume all entries OK. */
873 #else
874  u_char ret = 0;
875  struct wordlist *addrs = NULL;
876  char passwd[256], user[256];
877  char secret[MAXWORDLEN];
878  static u_short attempts = 0;
879 
880  /*
881  * Make copies of apasswd and auser, then null-terminate them.
882  */
883  BCOPY(apasswd, passwd, passwdlen);
884  passwd[passwdlen] = '\0';
885  BCOPY(auser, user, userlen);
886  user[userlen] = '\0';
887  *msg = (char *) 0;
888 
889  /* XXX Validate user name and password. */
890  ret = UPAP_AUTHACK; /* XXX Assume all entries OK. */
891 
892  if (ret == UPAP_AUTHNAK) {
893  if (*msg == (char *) 0) {
894  *msg = "Login incorrect";
895  }
896  *msglen = strlen(*msg);
897  /*
898  * Frustrate passwd stealer programs.
899  * Allow 10 tries, but start backing off after 3 (stolen from login).
900  * On 10'th, drop the connection.
901  */
902  if (attempts++ >= 10) {
903  AUTHDEBUG(LOG_WARNING, ("%d LOGIN FAILURES BY %s\n", attempts, user));
904  /*ppp_panic("Excess Bad Logins");*/
905  }
906  if (attempts > 3) {
907  /* @todo: this was sleep(), i.e. seconds, not milliseconds
908  * I don't think we really need this in lwIP - we would block tcpip_thread!
909  */
910  /*sys_msleep((attempts - 3) * 5);*/
911  }
912  if (addrs != NULL) {
913  free_wordlist(addrs);
914  }
915  } else {
916  attempts = 0; /* Reset count */
917  if (*msg == (char *) 0) {
918  *msg = "Login ok";
919  }
920  *msglen = strlen(*msg);
921  set_allowed_addrs(unit, addrs);
922  }
923 
924  BZERO(passwd, sizeof(passwd));
925  BZERO(secret, sizeof(secret));
926 
927  return ret;
928 #endif
929 }
930 #endif /* PAP_SUPPORT */
931 
932 #if 0 /* UNUSED */
933 /*
934  * This function is needed for PAM.
935  */
936 
937 #ifdef USE_PAM
938 
939 /* lwip does not support PAM*/
940 
941 #endif /* USE_PAM */
942 
943 #endif /* UNUSED */
944 
945 
946 #if 0 /* UNUSED */
947 /*
948  * plogin - Check the user name and password against the system
949  * password database, and login the user if OK.
950  *
951  * returns:
952  * UPAP_AUTHNAK: Login failed.
953  * UPAP_AUTHACK: Login succeeded.
954  * In either case, msg points to an appropriate message.
955  */
956 static int
957 plogin(char *user, char *passwd, char **msg, int *msglen)
958 {
959 
961  LWIP_UNUSED_ARG(passwd);
963  LWIP_UNUSED_ARG(msglen);
964 
965 
966  /* The new lines are here align the file when
967  * compared against the pppd 2.3.11 code */
968 
969 
970 
971 
972 
973 
974 
975 
976 
977 
978 
979 
980 
981 
982 
983 
984  /* XXX Fail until we decide that we want to support logins. */
985  return (UPAP_AUTHNAK);
986 }
987 #endif
988 
989 
990 
991 /*
992  * plogout - Logout the user.
993  */
994 static void
995 plogout(void)
996 {
997  logged_in = 0;
998 }
999 
1000 /*
1001  * null_login - Check if a username of "" and a password of "" are
1002  * acceptable, and iff so, set the list of acceptable IP addresses
1003  * and return 1.
1004  */
1005 static int
1006 null_login(int unit)
1007 {
1009  /* XXX Fail until we decide that we want to support logins. */
1010  return 0;
1011 }
1012 
1013 
1014 /*
1015  * get_pap_passwd - get a password for authenticating ourselves with
1016  * our peer using PAP. Returns 1 on success, 0 if no suitable password
1017  * could be found.
1018  */
1019 static int
1020 get_pap_passwd(int unit, char *user, char *passwd)
1021 {
1023 /* normally we would reject PAP if no password is provided,
1024  but this causes problems with some providers (like CHT in Taiwan)
1025  who incorrectly request PAP and expect a bogus/empty password, so
1026  always provide a default user/passwd of "none"/"none"
1027 
1028  @todo: This should be configured by the user, instead of being hardcoded here!
1029 */
1030  if(user) {
1031  strcpy(user, "none");
1032  }
1033  if(passwd) {
1034  strcpy(passwd, "none");
1035  }
1036  return 1;
1037 }
1038 
1039 /*
1040  * have_pap_secret - check whether we have a PAP file with any
1041  * secrets that we could possibly use for authenticating the peer.
1042  */
1043 static int
1044 have_pap_secret(void)
1045 {
1046  /* XXX Fail until we set up our passwords. */
1047  return 0;
1048 }
1049 
1050 /*
1051  * have_chap_secret - check whether we have a CHAP file with a
1052  * secret that we could possibly use for authenticating `client'
1053  * on `server'. Either can be the null string, meaning we don't
1054  * know the identity yet.
1055  */
1056 static int
1057 have_chap_secret(char *client, char *server, u32_t remote)
1058 {
1061  LWIP_UNUSED_ARG(remote);
1062 
1063  /* XXX Fail until we set up our passwords. */
1064  return 0;
1065 }
1066 #if CHAP_SUPPORT
1067 
1068 /*
1069  * get_secret - open the CHAP secret file and return the secret
1070  * for authenticating the given client on the given server.
1071  * (We could be either client or server).
1072  */
1073 int
1074 get_secret(int unit, char *client, char *server, char *secret, int *secret_len, int save_addrs)
1075 {
1076 #if 1
1077  int len;
1078  struct wordlist *addrs;
1079 
1082  LWIP_UNUSED_ARG(save_addrs);
1083 
1084  addrs = NULL;
1085 
1086  if(!client || !client[0] || strcmp(client, ppp_settings.user)) {
1087  return 0;
1088  }
1089 
1090  len = (int)strlen(ppp_settings.passwd);
1091  if (len > MAXSECRETLEN) {
1092  AUTHDEBUG(LOG_ERR, ("Secret for %s on %s is too long\n", client, server));
1093  len = MAXSECRETLEN;
1094  }
1095 
1096  BCOPY(ppp_settings.passwd, secret, len);
1097  *secret_len = len;
1098 
1099  return 1;
1100 #else
1101  int ret = 0, len;
1102  struct wordlist *addrs;
1103  char secbuf[MAXWORDLEN];
1104 
1105  addrs = NULL;
1106  secbuf[0] = 0;
1107 
1108  /* XXX Find secret. */
1109  if (ret < 0) {
1110  return 0;
1111  }
1112 
1113  if (save_addrs) {
1114  set_allowed_addrs(unit, addrs);
1115  }
1116 
1117  len = strlen(secbuf);
1118  if (len > MAXSECRETLEN) {
1119  AUTHDEBUG(LOG_ERR, ("Secret for %s on %s is too long\n", client, server));
1120  len = MAXSECRETLEN;
1121  }
1122 
1123  BCOPY(secbuf, secret, len);
1124  BZERO(secbuf, sizeof(secbuf));
1125  *secret_len = len;
1126 
1127  return 1;
1128 #endif
1129 }
1130 #endif /* CHAP_SUPPORT */
1131 
1132 
1133 #if 0 /* PAP_SUPPORT || CHAP_SUPPORT */
1134 /*
1135  * set_allowed_addrs() - set the list of allowed addresses.
1136  */
1137 static void
1138 set_allowed_addrs(int unit, struct wordlist *addrs)
1139 {
1140  if (addresses[unit] != NULL) {
1141  free_wordlist(addresses[unit]);
1142  }
1143  addresses[unit] = addrs;
1144 
1145 #if 0
1146  /*
1147  * If there's only one authorized address we might as well
1148  * ask our peer for that one right away
1149  */
1150  if (addrs != NULL && addrs->next == NULL) {
1151  char *p = addrs->word;
1152  struct ipcp_options *wo = &ipcp_wantoptions[unit];
1153  u32_t a;
1154  struct hostent *hp;
1155 
1156  if (wo->hisaddr == 0 && *p != '!' && *p != '-' && strchr(p, '/') == NULL) {
1157  hp = gethostbyname(p);
1158  if (hp != NULL && hp->h_addrtype == AF_INET) {
1159  a = *(u32_t *)hp->h_addr;
1160  } else {
1161  a = inet_addr(p);
1162  }
1163  if (a != (u32_t) -1) {
1164  wo->hisaddr = a;
1165  }
1166  }
1167  }
1168 #endif
1169 }
1170 #endif /* 0 */ /* PAP_SUPPORT || CHAP_SUPPORT */
1171 
1172 /*
1173  * auth_ip_addr - check whether the peer is authorized to use
1174  * a given IP address. Returns 1 if authorized, 0 otherwise.
1175  */
1176 int
1178 {
1179  return ip_addr_check(addr, addresses[unit]);
1180 }
1181 
1182 static int /* @todo: integrate this funtion into auth_ip_addr()*/
1183 ip_addr_check(u32_t addr, struct wordlist *addrs)
1184 {
1185  /* don't allow loopback or multicast address */
1186  if (bad_ip_adrs(addr)) {
1187  return 0;
1188  }
1189 
1190  if (addrs == NULL) {
1191  return !ppp_settings.auth_required; /* no addresses authorized */
1192  }
1193 
1194  /* XXX All other addresses allowed. */
1195  return 1;
1196 }
1197 
1198 /*
1199  * bad_ip_adrs - return 1 if the IP address is one we don't want
1200  * to use, such as an address in the loopback net or a multicast address.
1201  * addr is in network byte order.
1202  */
1203 int
1205 {
1206  addr = ntohl(addr);
1207  return (addr >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET
1209 }
1210 
1211 #if 0 /* UNUSED */ /* PAP_SUPPORT || CHAP_SUPPORT */
1212 /*
1213  * some_ip_ok - check a wordlist to see if it authorizes any
1214  * IP address(es).
1215  */
1216 static int
1217 some_ip_ok(struct wordlist *addrs)
1218 {
1219  for (; addrs != 0; addrs = addrs->next) {
1220  if (addrs->word[0] == '-')
1221  break;
1222  if (addrs->word[0] != '!')
1223  return 1; /* some IP address is allowed */
1224  }
1225  return 0;
1226 }
1227 
1228 /*
1229  * check_access - complain if a secret file has too-liberal permissions.
1230  */
1231 static void
1232 check_access(FILE *f, char *filename)
1233 {
1234  struct stat sbuf;
1235 
1236  if (fstat(fileno(f), &sbuf) < 0) {
1237  warn("cannot stat secret file %s: %m", filename);
1238  } else if ((sbuf.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
1239  warn("Warning - secret file %s has world and/or group access",
1240  filename);
1241  }
1242 }
1243 
1244 
1245 /*
1246  * scan_authfile - Scan an authorization file for a secret suitable
1247  * for authenticating `client' on `server'. The return value is -1
1248  * if no secret is found, otherwise >= 0. The return value has
1249  * NONWILD_CLIENT set if the secret didn't have "*" for the client, and
1250  * NONWILD_SERVER set if the secret didn't have "*" for the server.
1251  * Any following words on the line up to a "--" (i.e. address authorization
1252  * info) are placed in a wordlist and returned in *addrs. Any
1253  * following words (extra options) are placed in a wordlist and
1254  * returned in *opts.
1255  * We assume secret is NULL or points to MAXWORDLEN bytes of space.
1256  */
1257 static int
1258 scan_authfile(FILE *f, char *client, char *server, char *secret, struct wordlist **addrs, struct wordlist **opts, char *filename)
1259 {
1260  /* We do not (currently) need this in lwip */
1261  return 0; /* dummy */
1262 }
1263 /*
1264  * free_wordlist - release memory allocated for a wordlist.
1265  */
1266 static void
1267 free_wordlist(struct wordlist *wp)
1268 {
1269  struct wordlist *next;
1270 
1271  while (wp != NULL) {
1272  next = wp->next;
1273  free(wp);
1274  wp = next;
1275  }
1276 }
1277 
1278 /*
1279  * auth_script_done - called when the auth-up or auth-down script
1280  * has finished.
1281  */
1282 static void
1283 auth_script_done(void *arg)
1284 {
1285  auth_script_pid = 0;
1286  switch (auth_script_state) {
1287  case s_up:
1288  if (auth_state == s_down) {
1289  auth_script_state = s_down;
1290  auth_script(_PATH_AUTHDOWN);
1291  }
1292  break;
1293  case s_down:
1294  if (auth_state == s_up) {
1295  auth_script_state = s_up;
1296  auth_script(_PATH_AUTHUP);
1297  }
1298  break;
1299  }
1300 }
1301 
1302 /*
1303  * auth_script - execute a script with arguments
1304  * interface-name peer-name real-user tty speed
1305  */
1306 static void
1307 auth_script(char *script)
1308 {
1309  char strspeed[32];
1310  struct passwd *pw;
1311  char struid[32];
1312  char *user_name;
1313  char *argv[8];
1314 
1315  if ((pw = getpwuid(getuid())) != NULL && pw->pw_name != NULL)
1316  user_name = pw->pw_name;
1317  else {
1318  slprintf(struid, sizeof(struid), "%d", getuid());
1319  user_name = struid;
1320  }
1321  slprintf(strspeed, sizeof(strspeed), "%d", baud_rate);
1322 
1323  argv[0] = script;
1324  argv[1] = ifname;
1325  argv[2] = peer_authname;
1326  argv[3] = user_name;
1327  argv[4] = devnam;
1328  argv[5] = strspeed;
1329  argv[6] = NULL;
1330 
1331  auth_script_pid = run_program(script, argv, 0, auth_script_done, NULL);
1332 }
1333 #endif /* 0 */ /* PAP_SUPPORT || CHAP_SUPPORT */
1334 #endif /* PPP_SUPPORT */
u_char check_passwd(int, char *, int, char *, int, char **, int *)
u_int accept_remote
Definition: ipcp.h:87
ipcp_options ipcp_wantoptions[]
void link_down(int)
void np_up(int, u16_t)
int bad_ip_adrs(u32_t)
void auth_reset(int)
void np_down(int, u16_t)
void link_required(int)
struct png_info_def **typedef void(__cdecl typeof(png_destroy_read_struct))(struct png_struct_def **
Definition: typeof.h:49
static rfbScreenInfoPtr server
Definition: vnc.c:74
#define inet_addr(cp)
Definition: inet.h:98
#define warn(...)
#define LOG_WARNING
Definition: syslog.h:49
ACPI_SIZE strlen(const char *String)
Definition: utclib.c:269
#define free
Definition: debug_ros.c:5
#define IN_LOOPBACKNET
Definition: inet.h:90
lcp_options lcp_allowoptions[]
DWORD pid_t
Definition: types.h:91
void auth_withpeer_fail(int, u16_t)
u_int neg_chap
Definition: lcp.h:90
#define MAXNAMELEN
Definition: maxpath.h:119
#define argv
Definition: mplay32.c:18
const char * filename
Definition: ioapi.h:135
GLint namelen
Definition: glext.h:7232
void ChapAuthPeer(int, char *, u_char)
void auth_withpeer_success(int, u16_t)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
u_int neg_cbcp
Definition: lcp.h:95
GLsizei GLuint * groups
Definition: glext.h:11113
#define a
Definition: ke_i.h:78
int get_secret(int, char *, char *, char *, int *, int)
#define IN_CLASSA_NSHIFT
Definition: winsock.h:299
#define LWIP_MIN(x, y)
Definition: def.h:44
lcp_options lcp_wantoptions[]
png_const_structrp png_const_inforp int * unit
Definition: png.h:2161
smooth NULL
Definition: ftsmooth.c:416
static void check_access(LPCWSTR filename, const struct lock_test *current, DWORD access, DWORD sharing, const char *desc, DWORD open_mode, BOOL *any_failure)
Definition: storage32.c:3465
script
Definition: msipriv.h:374
#define S_IRWXG
Definition: ext2fs.h:383
#define IN_BADCLASS(a)
Definition: inet.h:88
void link_terminated(int)
r l[0]
Definition: byte_order.h:167
#define TIMEOUT
Definition: ntpclient.c:12
GLboolean GLuint group
Definition: glext.h:11120
GLboolean GLboolean g
Definition: glext.h:6204
PHOSTENT WSAAPI gethostbyname(IN const char FAR *name)
Definition: getxbyxx.c:221
GLfloat f
Definition: glext.h:7540
void np_finished(int, u16_t)
_Check_return_ _CRTIMP int __cdecl fileno(_In_ FILE *_File)
unsigned long u32_t
Definition: cc.h:25
EXPORT int seteuid(uid_t uid)
Definition: uid.c:58
static FILE * client
Definition: client.c:41
#define LOG_ERR
Definition: syslog.h:48
unsigned short u_short
Definition: types.h:81
void idle(int argc, const char *argv[])
Definition: cmds.c:1581
static UCHAR * secret
Definition: bcrypt.c:29
int ret
GLenum const GLvoid * addr
Definition: glext.h:9621
#define LOG_NOTICE
Definition: syslog.h:50
Definition: stat.h:55
GLenum GLsizei len
Definition: glext.h:6722
lcp_options lcp_gotoptions[]
_Check_return_opt_ _CRTIMP int __cdecl fclose(_Inout_ FILE *_File)
_Check_return_ _CRTIMP FILE *__cdecl fopen(_In_z_ const char *_Filename, _In_z_ const char *_Mode)
u_int neg_upap
Definition: lcp.h:89
short h_addrtype
Definition: winsock.h:136
u32_t hisaddr
Definition: ipcp.h:93
_Check_return_opt_ _CRTIMP char *__cdecl fgets(_Out_writes_z_(_MaxCount) char *_Buf, _In_ int _MaxCount, _Inout_ FILE *_File)
static unsigned __int64 next
Definition: rand_nt.c:6
#define IN_MULTICAST(i)
Definition: ws2def.h:269
uid_t getuid()
Definition: uid.c:27
#define S_IRWXO
Definition: ext2fs.h:389
const WCHAR * word
Definition: lex.c:36
char * strchr(const char *String, int ch)
Definition: utclib.c:501
void ChapAuthWithPeer(int, char *, u_char)
void auth_peer_success(int, u16_t, char *, int)
#define msg(x)
Definition: auth_time.c:54
Definition: name.c:38
_CRTIMP int __cdecl fstat(int _Desc, struct stat *_Stat)
Definition: stat.h:341
char * strcpy(char *DstString, const char *SrcString)
Definition: utclib.c:388
#define AF_INET
Definition: tcpip.h:117
int strcmp(const char *String1, const char *String2)
Definition: utclib.c:469
void lcp_close(int, char *)
#define malloc
Definition: debug_ros.c:4
void link_established(int)
unsigned short u16_t
Definition: cc.h:24
GLboolean GLboolean GLboolean GLboolean a
Definition: glext.h:6204
GLfloat GLfloat p
Definition: glext.h:8902
void auth_peer_fail(int, u16_t)
lcp_options lcp_hisoptions[]
UCHAR u_char
Definition: types.h:80
int auth_ip_addr(int, u32_t)
#define __P(x)
Definition: various.h:10
#define LWIP_UNUSED_ARG(x)
Definition: arch.h:73
u_char chap_mdtype
Definition: lcp.h:105
void user(int argc, const char *argv[])
Definition: cmds.c:1350
LinkPhase lcp_phase[NUM_PPP]
#define LOG_INFO
Definition: syslog.h:51
void auth_check_options(void)
#define AUTHDEBUG(a, b)
Definition: pppdebug.h:63
unsigned int(__cdecl typeof(jpeg_read_scanlines))(struct jpeg_decompress_struct *
Definition: typeof.h:31
#define ntohl(x)
Definition: module.h:203
static WCHAR user_name[UNLEN+1]
Definition: access.c:32