freebsd-dev/usr.sbin/ppp/chap.c

/*
 *			PPP CHAP Module
 *
 *	    Written by Toshiharu OHNO (tony-o@iij.ad.jp)
 *
 *   Copyright (C) 1993, Internet Initiative Japan, Inc. All rights reserverd.
 *
 * Redistribution and use in source and binary forms are permitted
 * provided that the above copyright notice and this paragraph are
 * duplicated in all such forms and that any documentation,
 * advertising materials, and other materials related to such
 * distribution and use acknowledge that the software was developed
 * by the Internet Initiative Japan, Inc.  The name of the
 * IIJ may not be used to endorse or promote products derived
 * from this software without specific prior written permission.
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
 *
 * $Id: chap.c,v 1.6 1996/05/11 20:48:16 phk Exp $
 *
 *	TODO:
 */
#include <sys/types.h>
#include <time.h>
#include "fsm.h"
#include "chap.h"
#include "lcpproto.h"
#include "lcp.h"
#include "hdlc.h"
#include "phase.h"
#include "vars.h"
#include "auth.h"

static char *chapcodes[] = {
  "???", "CHALLENGE", "RESPONCE", "SUCCESS", "FAILURE"
};

struct authinfo AuthChapInfo  = {
  SendChapChallenge,
};

extern char *AuthGetSecret();

void
ChapOutput(code, id, ptr, count)
u_int code, id;
u_char *ptr;
int count;
{
  int plen;
  struct fsmheader lh;
  struct mbuf *bp;

  plen =  sizeof(struct fsmheader) + count;
  lh.code = code;
  lh.id = id;
  lh.length = htons(plen);
  bp = mballoc(plen, MB_FSM);
  bcopy(&lh, MBUF_CTOP(bp), sizeof(struct fsmheader));
  if (count)
    bcopy(ptr, MBUF_CTOP(bp) + sizeof(struct fsmheader), count);
#ifdef DEBUG
  DumpBp(bp);
#endif
  LogPrintf(LOG_LCP_BIT, "ChapOutput: %s\n", chapcodes[code]);
  HdlcOutput(PRI_LINK, PROTO_CHAP, bp);
}


static char challenge_data[80];
static int  challenge_len;

void
SendChapChallenge(chapid)
int chapid;
{
  int len, i;
  char *cp;

  srandom(time(NULL));

  cp = challenge_data;
  *cp++ = challenge_len = random() % 32 + 16;
  for (i = 0; i < challenge_len; i++)
    *cp++ = random() & 0xff;
  len = strlen(VarAuthName);
  bcopy(VarAuthName, cp, len);
  cp += len;
  ChapOutput(CHAP_CHALLENGE, chapid, challenge_data, cp - challenge_data);
}

#ifdef DEBUG
void
DumpDigest(mes, cp, len)
char *mes;
char *cp;
int len;
{
  int i;

  logprintf("%s: ", mes);
  for (i = 0; i < len; i++) {
    logprintf(" %02x", *cp++ & 0xff);
  }
  logprintf("\n");
}
#endif

void
RecvChapTalk(chp, bp)
struct fsmheader *chp;
struct mbuf *bp;
{
  int valsize, len;
  int arglen, keylen, namelen;
  char *cp, *argp, *ap, *name, *digest;
  char *keyp;
  MD5_CTX context;                            /* context */
  char answer[100];
  char cdigest[16];

  len = ntohs(chp->length);
#ifdef DEBUG
  logprintf("length: %d\n", len);
#endif
  arglen = len - sizeof(struct fsmheader);
  cp = (char *)MBUF_CTOP(bp);
  valsize = *cp++ & 255;
  name = cp + valsize;
  namelen = arglen - valsize - 1;
  name[namelen] = 0;
  LogPrintf(LOG_PHASE_BIT, " Valsize = %d, Name = %s\n", valsize, name);

  /*
   * Get a secret key corresponds to the peer
   */
  keyp = AuthGetSecret(SECRETFILE, name, namelen, chp->code == CHAP_RESPONSE);

  switch (chp->code) {
  case CHAP_CHALLENGE:
    if (keyp) {
      keylen = strlen(keyp);
    } else {
      keylen = strlen(VarAuthKey);
      keyp = VarAuthKey;
    }
    name = VarAuthName;
    namelen = strlen(VarAuthName);
    argp = malloc(1 + valsize + namelen + 16);
    digest = argp;
    *digest++ = 16;		/* value size */
    ap = answer;
    *ap++ = chp->id;
    bcopy(keyp, ap, keylen);
    ap += keylen;
    bcopy(cp, ap, valsize);
#ifdef DEBUG
    DumpDigest("recv", ap, valsize);
#endif
    ap += valsize;
    MD5Init(&context);
    MD5Update(&context, answer, ap - answer);
    MD5Final(digest, &context);
#ifdef DEBUG
    DumpDigest("answer", digest, 16);
#endif
    bcopy(name, digest + 16, namelen);
    ap += namelen;
    /* Send answer to the peer */
    ChapOutput(CHAP_RESPONSE, chp->id, argp, namelen + 17);
    free(argp);
    break;
  case CHAP_RESPONSE:
    if (keyp) {
      /*
       * Compute correct digest value
       */
      keylen = strlen(keyp);
      ap = answer;
      *ap++ = chp->id;
      bcopy(keyp, ap, keylen);
      ap += keylen;
      MD5Init(&context);
      MD5Update(&context, answer, ap - answer);
      MD5Update(&context, challenge_data+1, challenge_len);
      MD5Final(cdigest, &context);
#ifdef DEBUG
      DumpDigest("got", cp, 16);
      DumpDigest("expect", cdigest, 16);
#endif
      /*
       * Compare with the response
       */
      if (bcmp(cp, cdigest, 16) == 0) {
	ChapOutput(CHAP_SUCCESS, chp->id, "Wellcome!!", 10);
	NewPhase(PHASE_NETWORK);
	break;
      }
    }
    /*
     * Peer is not registerd, or response digest is wrong.
     */
    ChapOutput(CHAP_FAILURE, chp->id, "Invalid!!", 9);
    LcpClose();
    break;
  }
}

void
RecvChapResult(chp, bp)
struct fsmheader *chp;
struct mbuf *bp;
{
  int len;
  struct lcpstate *lcp = &LcpInfo;

  len = ntohs(chp->length);
#ifdef DEBUG
  logprintf("length: %d\n", len);
#endif
  if (chp->code == CHAP_SUCCESS) {
    if (lcp->auth_iwait == PROTO_CHAP) {
      lcp->auth_iwait = 0;
      if (lcp->auth_ineed == 0)
	NewPhase(PHASE_NETWORK);
    }
  } else {
    /*
     * Maybe, we shoud close LCP. Of cause, peer may take close action, too.
     */
    ;
  }
}

void
ChapInput(struct mbuf *bp)
{
  int len = plength(bp);
  struct fsmheader *chp;

  if (len >= sizeof(struct fsmheader)) {
    chp = (struct fsmheader *)MBUF_CTOP(bp);
    if (len >= ntohs(chp->length)) {
      if (chp->code < 1 || chp->code > 4)
	chp->code = 0;
      LogPrintf(LOG_LCP_BIT, "ChapInput: %s\n", chapcodes[chp->code]);

      bp->offset += sizeof(struct fsmheader);
      bp->cnt -= sizeof(struct fsmheader);

      switch (chp->code) {
      case CHAP_RESPONSE:
	StopAuthTimer(&AuthChapInfo);
	/* Fall into.. */
      case CHAP_CHALLENGE:
	RecvChapTalk(chp, bp);
	break;
      case CHAP_SUCCESS:
      case CHAP_FAILURE:
	RecvChapResult(chp, bp);
	break;
      }
    }
  }
  pfree(bp);
}
1995-01-31 06:29:58 +00:00			`/*`
			`* PPP CHAP Module`
			`*`
			`* Written by Toshiharu OHNO (tony-o@iij.ad.jp)`
			`*`
			`* Copyright (C) 1993, Internet Initiative Japan, Inc. All rights reserverd.`
			`*`
			`* Redistribution and use in source and binary forms are permitted`
			`* provided that the above copyright notice and this paragraph are`
			`* duplicated in all such forms and that any documentation,`
			`* advertising materials, and other materials related to such`
			`* distribution and use acknowledge that the software was developed`
			`* by the Internet Initiative Japan, Inc. The name of the`
			`* IIJ may not be used to endorse or promote products derived`
			`* from this software without specific prior written permission.`
			* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
			`* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED`
			`* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.`
Remove trailing whitespace. 1995-05-30 03:57:47 +00:00			`*`
1. Room to calculate MD5 for CHAP negotiation is shorter than required. a core is not dumped at first connecting time and dumped at second or third time. (patch I) 2. A routine for "show route" refers out of allocated space. Values pointed by "lp" should be read as CHAR, I think. there is also no free() for disallocation. (patch II) Here is also a patch for an improvement: In current imprementation, even if PPP connection is disconnected by time out, prompt of interactive mode does not change from "PPP>" to "ppp>" to indicate the disconnection on a terminal. So I modified the code to do that. (patch III) Submitted-By: NAKAMURA Motonori <motonori@econ.kyoto-u.ac.jp> 1996-10-12 16:20:34 +00:00			`* $Id: chap.c,v 1.6 1996/05/11 20:48:16 phk Exp $`
Remove trailing whitespace. 1995-05-30 03:57:47 +00:00			`*`
1995-01-31 06:29:58 +00:00			`* TODO:`
			`*/`
A random bunch of cleanup changes. 1996-01-10 21:28:04 +00:00			`#include <sys/types.h>`
			`#include <time.h>`
1995-01-31 06:29:58 +00:00			`#include "fsm.h"`
			`#include "chap.h"`
			`#include "lcpproto.h"`
			`#include "lcp.h"`
			`#include "hdlc.h"`
			`#include "phase.h"`
			`#include "vars.h"`
New user Process PPP based on iij-ppp0.94beta2. o Supporting SYNC SIO device (But need a device driver) - add "set speed sync" o Fixing bug for Predictor-1 function. o Add new parameter that re-sent interval for set timeout commands. o Improving RTT (Round Trip Time) and reducing processor time. - Previous Timer service was using polling, and now using SIGALRM ;-) - A 0.94beta2 will not work correctly.... -- Follows are additinal feature not including 0.94beta2 o Support Proxy ARP - add "enable/disable proxy" commands o Marging common routine in CHAP/PAP. o Enhancing LCP/IPCP log information. o Support local Authfication connection on port 300x and tty. - You can set up pair of your "hostname -s" and password in ppp.secret. if either ppp.secret file nor your hostname line don't exist, It will notify a message and working as same as previous version.(Backword compatibility) - If you did set up them, It's allow connection but nothing to do except help and passwd command. - add "passwd yourpasswd" commands o Support afilter - keep Alive filter that a packet can send/receiving according to ifilter/ofilter but doesn't count it as preventing idle timer expires. - Same syntax of other filters. o Fixing bugs reported by current user for previous one. Thanks !! Reviewed by: Atsushi Murai (amurai@spec.co.jp) 1995-02-26 12:18:08 +00:00			`#include "auth.h"`
1995-01-31 06:29:58 +00:00
			`static char *chapcodes[] = {`
			`"???", "CHALLENGE", "RESPONCE", "SUCCESS", "FAILURE"`
			`};`

New user Process PPP based on iij-ppp0.94beta2. o Supporting SYNC SIO device (But need a device driver) - add "set speed sync" o Fixing bug for Predictor-1 function. o Add new parameter that re-sent interval for set timeout commands. o Improving RTT (Round Trip Time) and reducing processor time. - Previous Timer service was using polling, and now using SIGALRM ;-) - A 0.94beta2 will not work correctly.... -- Follows are additinal feature not including 0.94beta2 o Support Proxy ARP - add "enable/disable proxy" commands o Marging common routine in CHAP/PAP. o Enhancing LCP/IPCP log information. o Support local Authfication connection on port 300x and tty. - You can set up pair of your "hostname -s" and password in ppp.secret. if either ppp.secret file nor your hostname line don't exist, It will notify a message and working as same as previous version.(Backword compatibility) - If you did set up them, It's allow connection but nothing to do except help and passwd command. - add "passwd yourpasswd" commands o Support afilter - keep Alive filter that a packet can send/receiving according to ifilter/ofilter but doesn't count it as preventing idle timer expires. - Same syntax of other filters. o Fixing bugs reported by current user for previous one. Thanks !! Reviewed by: Atsushi Murai (amurai@spec.co.jp) 1995-02-26 12:18:08 +00:00			`struct authinfo AuthChapInfo = {`
			`SendChapChallenge,`
			`};`

1995-01-31 06:29:58 +00:00			`extern char *AuthGetSecret();`

			`void`
			`ChapOutput(code, id, ptr, count)`
			`u_int code, id;`
			`u_char *ptr;`
			`int count;`
			`{`
			`int plen;`
			`struct fsmheader lh;`
			`struct mbuf *bp;`

			`plen = sizeof(struct fsmheader) + count;`
			`lh.code = code;`
			`lh.id = id;`
			`lh.length = htons(plen);`
			`bp = mballoc(plen, MB_FSM);`
			`bcopy(&lh, MBUF_CTOP(bp), sizeof(struct fsmheader));`
			`if (count)`
			`bcopy(ptr, MBUF_CTOP(bp) + sizeof(struct fsmheader), count);`
			`#ifdef DEBUG`
			`DumpBp(bp);`
			`#endif`
Here is a diff of /usr/src/usr.sbin/ppp against current. The diffs add some logging functionality which I find very useful. 'set debug link' will record just link up/down and address assignments. 'set debug connect' will record the entire chat dialog 'set debug carrier' will record just chat lines including 'CARRIER' (so that I can be sure I'm getting a 28.8 line). There was a global change required to permit LogPrintf to take a bit mask instead of a bit position value (to permit logging some events on either of two flags, so that no change in 'set debug lcp' would result from the code supporting 'link'. Thus the diffs are rather long for such a small change. The man page is also touched. Oh, and there was a slight syntax problem in route.c Reviewed by: phk Submitted by: Tony Kimball <alk@Think.COM> 1996-05-11 20:48:42 +00:00			`LogPrintf(LOG_LCP_BIT, "ChapOutput: %s\n", chapcodes[code]);`
Some patches to ppp which improve stability. I have been running a ppp based on these patches for about 3 weeks with no downtime. The original submitters comments: Two features iijppp has over kernel ppp that I like are predictor1 compression and demand dialing. Here are a few bug fixes. I expanded the priority queueing scheme and discovered it was broken due to the assignment at ip.c line 300. All packets were being queued at the same priority. Fixing priority queueing broke predictor1 compression. Packets were compressed before being queued and predictor1 worked as long as the packets were popped off the queue in the same order they were pushed onto the queue. There were a few byte order problems in IP header tests also. There is a recursion problem in SendLqrReport(). LcpClose() is called when "Too many echo packets are lost" which winds up in SendLqrReport() again. I believe the original intention was to just stop the LQR timer with the call to StopLqr() but the side effects hurt. Submitted by: John Capo <jc@irbs.com> 1996-01-30 11:08:50 +00:00			`HdlcOutput(PRI_LINK, PROTO_CHAP, bp);`
1995-01-31 06:29:58 +00:00			`}`


			`static char challenge_data[80];`
			`static int challenge_len;`

			`void`
New user Process PPP based on iij-ppp0.94beta2. o Supporting SYNC SIO device (But need a device driver) - add "set speed sync" o Fixing bug for Predictor-1 function. o Add new parameter that re-sent interval for set timeout commands. o Improving RTT (Round Trip Time) and reducing processor time. - Previous Timer service was using polling, and now using SIGALRM ;-) - A 0.94beta2 will not work correctly.... -- Follows are additinal feature not including 0.94beta2 o Support Proxy ARP - add "enable/disable proxy" commands o Marging common routine in CHAP/PAP. o Enhancing LCP/IPCP log information. o Support local Authfication connection on port 300x and tty. - You can set up pair of your "hostname -s" and password in ppp.secret. if either ppp.secret file nor your hostname line don't exist, It will notify a message and working as same as previous version.(Backword compatibility) - If you did set up them, It's allow connection but nothing to do except help and passwd command. - add "passwd yourpasswd" commands o Support afilter - keep Alive filter that a packet can send/receiving according to ifilter/ofilter but doesn't count it as preventing idle timer expires. - Same syntax of other filters. o Fixing bugs reported by current user for previous one. Thanks !! Reviewed by: Atsushi Murai (amurai@spec.co.jp) 1995-02-26 12:18:08 +00:00			`SendChapChallenge(chapid)`
			`int chapid;`
1995-01-31 06:29:58 +00:00			`{`
A random bunch of cleanup changes. 1996-01-10 21:28:04 +00:00			`int len, i;`
1995-01-31 06:29:58 +00:00			`char *cp;`

			`srandom(time(NULL));`

			`cp = challenge_data;`
			`*cp++ = challenge_len = random() % 32 + 16;`
			`for (i = 0; i < challenge_len; i++)`
			`*cp++ = random() & 0xff;`
			`len = strlen(VarAuthName);`
			`bcopy(VarAuthName, cp, len);`
			`cp += len;`
			`ChapOutput(CHAP_CHALLENGE, chapid, challenge_data, cp - challenge_data);`
			`}`

			`#ifdef DEBUG`
			`void`
			`DumpDigest(mes, cp, len)`
			`char *mes;`
			`char *cp;`
New user Process PPP based on iij-ppp0.94beta2. o Supporting SYNC SIO device (But need a device driver) - add "set speed sync" o Fixing bug for Predictor-1 function. o Add new parameter that re-sent interval for set timeout commands. o Improving RTT (Round Trip Time) and reducing processor time. - Previous Timer service was using polling, and now using SIGALRM ;-) - A 0.94beta2 will not work correctly.... -- Follows are additinal feature not including 0.94beta2 o Support Proxy ARP - add "enable/disable proxy" commands o Marging common routine in CHAP/PAP. o Enhancing LCP/IPCP log information. o Support local Authfication connection on port 300x and tty. - You can set up pair of your "hostname -s" and password in ppp.secret. if either ppp.secret file nor your hostname line don't exist, It will notify a message and working as same as previous version.(Backword compatibility) - If you did set up them, It's allow connection but nothing to do except help and passwd command. - add "passwd yourpasswd" commands o Support afilter - keep Alive filter that a packet can send/receiving according to ifilter/ofilter but doesn't count it as preventing idle timer expires. - Same syntax of other filters. o Fixing bugs reported by current user for previous one. Thanks !! Reviewed by: Atsushi Murai (amurai@spec.co.jp) 1995-02-26 12:18:08 +00:00			`int len;`
1995-01-31 06:29:58 +00:00			`{`
			`int i;`

			`logprintf("%s: ", mes);`
			`for (i = 0; i < len; i++) {`
			`logprintf(" %02x", *cp++ & 0xff);`
			`}`
			`logprintf("\n");`
			`}`
			`#endif`

			`void`
			`RecvChapTalk(chp, bp)`
			`struct fsmheader *chp;`
			`struct mbuf *bp;`
			`{`
			`int valsize, len;`
			`int arglen, keylen, namelen;`
			`char cp, argp, ap, name, *digest;`
			`char *keyp;`
			`MD5_CTX context; /* context */`
			`char answer[100];`
			`char cdigest[16];`

			`len = ntohs(chp->length);`
			`#ifdef DEBUG`
			`logprintf("length: %d\n", len);`
			`#endif`
			`arglen = len - sizeof(struct fsmheader);`
			`cp = (char *)MBUF_CTOP(bp);`
			`valsize = *cp++ & 255;`
			`name = cp + valsize;`
			`namelen = arglen - valsize - 1;`
			`name[namelen] = 0;`
Here is a diff of /usr/src/usr.sbin/ppp against current. The diffs add some logging functionality which I find very useful. 'set debug link' will record just link up/down and address assignments. 'set debug connect' will record the entire chat dialog 'set debug carrier' will record just chat lines including 'CARRIER' (so that I can be sure I'm getting a 28.8 line). There was a global change required to permit LogPrintf to take a bit mask instead of a bit position value (to permit logging some events on either of two flags, so that no change in 'set debug lcp' would result from the code supporting 'link'. Thus the diffs are rather long for such a small change. The man page is also touched. Oh, and there was a slight syntax problem in route.c Reviewed by: phk Submitted by: Tony Kimball <alk@Think.COM> 1996-05-11 20:48:42 +00:00			`LogPrintf(LOG_PHASE_BIT, " Valsize = %d, Name = %s\n", valsize, name);`
1995-01-31 06:29:58 +00:00
			`/*`
			`* Get a secret key corresponds to the peer`
			`*/`
			`keyp = AuthGetSecret(SECRETFILE, name, namelen, chp->code == CHAP_RESPONSE);`

			`switch (chp->code) {`
			`case CHAP_CHALLENGE:`
			`if (keyp) {`
			`keylen = strlen(keyp);`
			`} else {`
			`keylen = strlen(VarAuthKey);`
			`keyp = VarAuthKey;`
			`}`
			`name = VarAuthName;`
			`namelen = strlen(VarAuthName);`
1. Room to calculate MD5 for CHAP negotiation is shorter than required. a core is not dumped at first connecting time and dumped at second or third time. (patch I) 2. A routine for "show route" refers out of allocated space. Values pointed by "lp" should be read as CHAR, I think. there is also no free() for disallocation. (patch II) Here is also a patch for an improvement: In current imprementation, even if PPP connection is disconnected by time out, prompt of interactive mode does not change from "PPP>" to "ppp>" to indicate the disconnection on a terminal. So I modified the code to do that. (patch III) Submitted-By: NAKAMURA Motonori <motonori@econ.kyoto-u.ac.jp> 1996-10-12 16:20:34 +00:00			`argp = malloc(1 + valsize + namelen + 16);`
1995-01-31 06:29:58 +00:00			`digest = argp;`
			`digest++ = 16; / value size */`
			`ap = answer;`
			`*ap++ = chp->id;`
			`bcopy(keyp, ap, keylen);`
			`ap += keylen;`
			`bcopy(cp, ap, valsize);`
			`#ifdef DEBUG`
			`DumpDigest("recv", ap, valsize);`
			`#endif`
			`ap += valsize;`
			`MD5Init(&context);`
			`MD5Update(&context, answer, ap - answer);`
			`MD5Final(digest, &context);`
			`#ifdef DEBUG`
			`DumpDigest("answer", digest, 16);`
			`#endif`
			`bcopy(name, digest + 16, namelen);`
			`ap += namelen;`
			`/* Send answer to the peer */`
			`ChapOutput(CHAP_RESPONSE, chp->id, argp, namelen + 17);`
1. Room to calculate MD5 for CHAP negotiation is shorter than required. a core is not dumped at first connecting time and dumped at second or third time. (patch I) 2. A routine for "show route" refers out of allocated space. Values pointed by "lp" should be read as CHAR, I think. there is also no free() for disallocation. (patch II) Here is also a patch for an improvement: In current imprementation, even if PPP connection is disconnected by time out, prompt of interactive mode does not change from "PPP>" to "ppp>" to indicate the disconnection on a terminal. So I modified the code to do that. (patch III) Submitted-By: NAKAMURA Motonori <motonori@econ.kyoto-u.ac.jp> 1996-10-12 16:20:34 +00:00			`free(argp);`
1995-01-31 06:29:58 +00:00			`break;`
			`case CHAP_RESPONSE:`
			`if (keyp) {`
			`/*`
			`* Compute correct digest value`
			`*/`
			`keylen = strlen(keyp);`
			`ap = answer;`
			`*ap++ = chp->id;`
			`bcopy(keyp, ap, keylen);`
			`ap += keylen;`
			`MD5Init(&context);`
			`MD5Update(&context, answer, ap - answer);`
			`MD5Update(&context, challenge_data+1, challenge_len);`
			`MD5Final(cdigest, &context);`
			`#ifdef DEBUG`
			`DumpDigest("got", cp, 16);`
			`DumpDigest("expect", cdigest, 16);`
			`#endif`
			`/*`
			`* Compare with the response`
			`*/`
			`if (bcmp(cp, cdigest, 16) == 0) {`
			`ChapOutput(CHAP_SUCCESS, chp->id, "Wellcome!!", 10);`
			`NewPhase(PHASE_NETWORK);`
			`break;`
			`}`
			`}`
			`/*`
			`* Peer is not registerd, or response digest is wrong.`
			`*/`
			`ChapOutput(CHAP_FAILURE, chp->id, "Invalid!!", 9);`
			`LcpClose();`
			`break;`
			`}`
			`}`

			`void`
			`RecvChapResult(chp, bp)`
			`struct fsmheader *chp;`
			`struct mbuf *bp;`
			`{`
			`int len;`
			`struct lcpstate *lcp = &LcpInfo;`

			`len = ntohs(chp->length);`
			`#ifdef DEBUG`
			`logprintf("length: %d\n", len);`
			`#endif`
			`if (chp->code == CHAP_SUCCESS) {`
			`if (lcp->auth_iwait == PROTO_CHAP) {`
			`lcp->auth_iwait = 0;`
			`if (lcp->auth_ineed == 0)`
			`NewPhase(PHASE_NETWORK);`
			`}`
			`} else {`
			`/*`
			`* Maybe, we shoud close LCP. Of cause, peer may take close action, too.`
			`*/`
			`;`
			`}`
			`}`

			`void`
			`ChapInput(struct mbuf *bp)`
			`{`
			`int len = plength(bp);`
			`struct fsmheader *chp;`

			`if (len >= sizeof(struct fsmheader)) {`
			`chp = (struct fsmheader *)MBUF_CTOP(bp);`
			`if (len >= ntohs(chp->length)) {`
			`if (chp->code < 1 \|\| chp->code > 4)`
			`chp->code = 0;`
Here is a diff of /usr/src/usr.sbin/ppp against current. The diffs add some logging functionality which I find very useful. 'set debug link' will record just link up/down and address assignments. 'set debug connect' will record the entire chat dialog 'set debug carrier' will record just chat lines including 'CARRIER' (so that I can be sure I'm getting a 28.8 line). There was a global change required to permit LogPrintf to take a bit mask instead of a bit position value (to permit logging some events on either of two flags, so that no change in 'set debug lcp' would result from the code supporting 'link'. Thus the diffs are rather long for such a small change. The man page is also touched. Oh, and there was a slight syntax problem in route.c Reviewed by: phk Submitted by: Tony Kimball <alk@Think.COM> 1996-05-11 20:48:42 +00:00			`LogPrintf(LOG_LCP_BIT, "ChapInput: %s\n", chapcodes[chp->code]);`
1995-01-31 06:29:58 +00:00
			`bp->offset += sizeof(struct fsmheader);`
			`bp->cnt -= sizeof(struct fsmheader);`

			`switch (chp->code) {`
			`case CHAP_RESPONSE:`
New user Process PPP based on iij-ppp0.94beta2. o Supporting SYNC SIO device (But need a device driver) - add "set speed sync" o Fixing bug for Predictor-1 function. o Add new parameter that re-sent interval for set timeout commands. o Improving RTT (Round Trip Time) and reducing processor time. - Previous Timer service was using polling, and now using SIGALRM ;-) - A 0.94beta2 will not work correctly.... -- Follows are additinal feature not including 0.94beta2 o Support Proxy ARP - add "enable/disable proxy" commands o Marging common routine in CHAP/PAP. o Enhancing LCP/IPCP log information. o Support local Authfication connection on port 300x and tty. - You can set up pair of your "hostname -s" and password in ppp.secret. if either ppp.secret file nor your hostname line don't exist, It will notify a message and working as same as previous version.(Backword compatibility) - If you did set up them, It's allow connection but nothing to do except help and passwd command. - add "passwd yourpasswd" commands o Support afilter - keep Alive filter that a packet can send/receiving according to ifilter/ofilter but doesn't count it as preventing idle timer expires. - Same syntax of other filters. o Fixing bugs reported by current user for previous one. Thanks !! Reviewed by: Atsushi Murai (amurai@spec.co.jp) 1995-02-26 12:18:08 +00:00			`StopAuthTimer(&AuthChapInfo);`
			`/* Fall into.. */`
			`case CHAP_CHALLENGE:`
1995-01-31 06:29:58 +00:00			`RecvChapTalk(chp, bp);`
			`break;`
			`case CHAP_SUCCESS:`
			`case CHAP_FAILURE:`
			`RecvChapResult(chp, bp);`
			`break;`
			`}`
			`}`
			`}`
			`pfree(bp);`
			`}`