/*
* chap.h - New CHAP implementation.
*
* Copyright (c) 2003-2024 Paul Mackerras. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
*    notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
*    notice, this list of conditions and the following disclaimer in
*    the documentation and/or other materials provided with the
*    distribution.
*
* THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
* THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
* SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
* AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/

#ifndef PPP_CHAP_NEW_H
#define PPP_CHAP_NEW_H

#include "pppdconf.h"

#ifdef  __cplusplus
extern "C" {
#endif

/*
* CHAP packets begin with a standard header with code, id, len (2 bytes).
*/
#define CHAP_HDRLEN     4

/*
* Values for the code field.
*/
#define CHAP_CHALLENGE  1
#define CHAP_RESPONSE   2
#define CHAP_SUCCESS    3
#define CHAP_FAILURE    4

/*
* CHAP digest codes.
*/
#define CHAP_MD5                5
#define CHAP_MICROSOFT          0x80
#define CHAP_MICROSOFT_V2       0x81

/*
* Semi-arbitrary limits on challenge and response fields.
*/
#define MAX_CHALLENGE_LEN       64
#define MAX_RESPONSE_LEN        64

/* bitmask of supported algorithms */
#define MDTYPE_MICROSOFT_V2     0x1
#define MDTYPE_MICROSOFT        0x2
#define MDTYPE_MD5              0x4
#define MDTYPE_NONE             0

/* hashes supported by this instance of pppd */
extern int chap_mdtype_all;

/* Return the digest alg. ID for the most preferred digest type. */
#define CHAP_DIGEST(mdtype) \
   ((mdtype) & MDTYPE_MD5)? CHAP_MD5: \
   ((mdtype) & MDTYPE_MICROSOFT_V2)? CHAP_MICROSOFT_V2: \
   ((mdtype) & MDTYPE_MICROSOFT)? CHAP_MICROSOFT: \
   0

/* Return the bit flag (lsb set) for our most preferred digest type. */
#define CHAP_MDTYPE(mdtype) ((mdtype) ^ ((mdtype) - 1)) & (mdtype)

/* Return the bit flag for a given digest algorithm ID. */
#define CHAP_MDTYPE_D(digest) \
   ((digest) == CHAP_MICROSOFT_V2)? MDTYPE_MICROSOFT_V2: \
   ((digest) == CHAP_MICROSOFT)? MDTYPE_MICROSOFT: \
   ((digest) == CHAP_MD5)? MDTYPE_MD5: \
   0

/* Can we do the requested digest? */
#define CHAP_CANDIGEST(mdtype, digest) \
   ((digest) == CHAP_MICROSOFT_V2)? (mdtype) & MDTYPE_MICROSOFT_V2: \
   ((digest) == CHAP_MICROSOFT)? (mdtype) & MDTYPE_MICROSOFT: \
   ((digest) == CHAP_MD5)? (mdtype) & MDTYPE_MD5: \
   0


/*
* The code for each digest type has to supply one of these.
*/
struct chap_digest_type {
       int code;

       /*
        * Note: challenge and response arguments below are formatted as
        * a length byte followed by the actual challenge/response data.
        */
       void (*generate_challenge)(unsigned char *challenge);
       int (*verify_response)(int id, char *name,
               unsigned char *secret, int secret_len,
               unsigned char *challenge, unsigned char *response,
               char *message, int message_space);
       void (*make_response)(unsigned char *response, int id, char *our_name,
               unsigned char *challenge, char *secret, int secret_len,
               unsigned char *priv);
       int (*check_success)(int id, unsigned char *pkt, int len);
       void (*handle_failure)(unsigned char *pkt, int len);

       struct chap_digest_type *next;
};

/*
* This function will return a value of 1 to indicate that a plugin intend to supply
*   a username or a password to pppd through the chap_passwd_hook callback.
*
* Return a value > 0 to avoid parsing the chap-secrets file.
*/
typedef int (chap_check_hook_fn)(void);
extern chap_check_hook_fn *chap_check_hook;

/*
* A plugin can chose to supply its own user and password overriding whatever
*   has been provided by the configuration. Hook is only valid when pppd is
*   acting as a client.
*
* The maximum size of the user argument is always MAXNAMELEN
* The length of the password is always MAXWORDLEN, however; secrets can't be
*   longer than MAXSECRETLEN
*
* Return a value < 0 to fail the connection.
*/
typedef int (chap_passwd_hook_fn)(char *user, char *password);
extern chap_passwd_hook_fn *chap_passwd_hook;

/*
* A plugin can chose to replace the default chap_verify_response function with
*   one of their own.
*/
typedef int (chap_verify_hook_fn)(char *name, char *ourname, int id,
                       struct chap_digest_type *digest,
                       unsigned char *challenge, unsigned char *response,
                       char *message, int message_space);
extern chap_verify_hook_fn *chap_verify_hook;

/* Called by digest code to register a digest type */
extern void chap_register_digest(struct chap_digest_type *);

/* Lookup a digest handler by type */
extern struct chap_digest_type *chap_find_digest(int digest_code);

/* Called by authentication code to start authenticating the peer. */
extern void chap_auth_peer(int unit, char *our_name, int digest_code);

/* Called by auth. code to start authenticating us to the peer. */
extern void chap_auth_with_peer(int unit, char *our_name, int digest_code);

/* Represents the CHAP protocol to the main pppd code */
extern struct protent chap_protent;

#ifdef  __cplusplus
}
#endif

#endif // PPP_CHAP_NEW_H

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.