Lines Matching refs:esp

203 	eap_state *esp = &eap_states[unit];  local
205 BZERO(esp, sizeof (*esp));
206 esp->es_unit = unit;
207 esp->es_server.ea_timeout = EAP_DEFTIMEOUT;
208 esp->es_server.ea_maxrequests = EAP_DEFTRANSMITS;
209 esp->es_server.ea_id = (u_char)(drand48() * 0x100);
210 esp->es_client.ea_timeout = EAP_DEFREQTIME;
211 esp->es_client.ea_maxrequests = EAP_DEFALLOWREQ;
222 eap_state *esp = (eap_state *) arg; local
224 if (!eap_client_active(esp))
228 auth_withpeer_fail(esp->es_unit, PPP_EAP);
229 esp->es_client.ea_state = eapBadAuth;
243 eap_state *esp = &eap_states[unit]; local
246 esp->es_client.ea_name = localname;
247 esp->es_client.ea_namelen = strlen(localname);
249 esp->es_client.ea_state = eapListen;
255 if (esp->es_client.ea_timeout > 0)
256 TIMEOUT(eap_client_timeout, (void *)esp,
257 esp->es_client.ea_timeout);
265 eap_send_failure(esp) in eap_send_failure() argument
266 eap_state *esp; in eap_send_failure()
275 esp->es_server.ea_id++;
276 PUTCHAR(esp->es_server.ea_id, outp);
279 output(esp->es_unit, outpacket_buf, EAP_HEADERLEN + PPP_HDRLEN);
281 esp->es_server.ea_state = eapBadAuth;
282 auth_peer_fail(esp->es_unit, PPP_EAP);
290 eap_send_success(esp) in eap_send_success() argument
291 eap_state *esp; in eap_send_success()
300 esp->es_server.ea_id++;
301 PUTCHAR(esp->es_server.ea_id, outp);
304 output(esp->es_unit, outpacket_buf, PPP_HDRLEN + EAP_HEADERLEN);
306 auth_peer_success(esp->es_unit, PPP_EAP, 0,
307 esp->es_server.ea_peer, esp->es_server.ea_peerlen);
425 eap_figure_next_state(esp, status) in eap_figure_next_state() argument
426 eap_state *esp; in eap_figure_next_state()
440 esp->es_server.ea_timeout = esp->es_savedtime;
441 switch (esp->es_server.ea_state) {
448 ts = (struct t_server *)esp->es_server.ea_session;
451 esp->es_server.ea_session = NULL;
452 esp->es_server.ea_skey = NULL;
456 esp->es_server.ea_state = eapBadAuth;
461 if (esp->es_server.ea_peerlen > SRP_PSEUDO_LEN &&
462 strncmp(esp->es_server.ea_peer, SRP_PSEUDO_ID,
464 (esp->es_server.ea_peerlen - SRP_PSEUDO_LEN) * 3 / 4 <
468 esp->es_server.ea_peer + SRP_PSEUDO_LEN,
469 esp->es_server.ea_peerlen - SRP_PSEUDO_LEN,
492 esp->es_server.ea_peerlen = plen;
493 dp = (unsigned char *)esp->es_server.ea_peer;
504 esp->es_server.ea_peer[
505 esp->es_server.ea_peerlen] = '\0';
507 esp->es_server.ea_peerlen,
508 esp->es_server.ea_peer);
516 if (get_srp_secret(esp->es_unit, esp->es_server.ea_peer,
517 esp->es_server.ea_name, (char *)secbuf, 1) != 0) {
519 esp->es_server.ea_state = eapMD5Chall;
537 if (esp->es_server.ea_timeout > 0 &&
538 esp->es_server.ea_timeout < 30)
539 esp->es_server.ea_timeout = 30;
546 tpw.pebuf.name = esp->es_server.ea_peer;
555 esp->es_server.ea_session = (void *)ts;
556 esp->es_server.ea_state = eapSRP1;
557 vals[0] = esp->es_server.ea_id + 1;
565 esp->es_server.ea_state = eapMD5Chall;
570 ts = (struct t_server *)esp->es_server.ea_session;
573 esp->es_server.ea_session = NULL;
574 esp->es_server.ea_skey = NULL;
578 esp->es_server.ea_state = eapMD5Chall;
579 } else if (status != 0 || esp->es_server.ea_session == NULL) {
580 esp->es_server.ea_state = eapBadAuth;
582 esp->es_server.ea_state = eapSRP2;
588 ts = (struct t_server *)esp->es_server.ea_session;
591 esp->es_server.ea_session = NULL;
592 esp->es_server.ea_skey = NULL;
595 if (status != 0 || esp->es_server.ea_session == NULL) {
596 esp->es_server.ea_state = eapBadAuth;
598 esp->es_server.ea_state = eapSRP3;
605 ts = (struct t_server *)esp->es_server.ea_session;
608 esp->es_server.ea_session = NULL;
609 esp->es_server.ea_skey = NULL;
612 if (status != 0 || esp->es_server.ea_session == NULL) {
613 esp->es_server.ea_state = eapBadAuth;
615 esp->es_server.ea_state = eapOpen;
621 esp->es_server.ea_state = eapBadAuth;
623 esp->es_server.ea_state = eapOpen;
628 esp->es_server.ea_state = eapBadAuth;
631 if (esp->es_server.ea_state == eapBadAuth)
632 eap_send_failure(esp);
640 eap_send_request(esp) in eap_send_request() argument
641 eap_state *esp; in eap_send_request()
658 if (esp->es_server.ea_state < eapIdentify &&
659 esp->es_server.ea_state != eapInitial) {
660 esp->es_server.ea_state = eapIdentify;
667 esp->es_server.ea_peer = remote_name;
668 esp->es_server.ea_peerlen = strlen(remote_name);
669 eap_figure_next_state(esp, 0);
673 if (esp->es_server.ea_maxrequests > 0 &&
674 esp->es_server.ea_requests >= esp->es_server.ea_maxrequests) {
675 if (esp->es_server.ea_responses > 0)
679 eap_send_failure(esp);
688 PUTCHAR(esp->es_server.ea_id, outp);
692 switch (esp->es_server.ea_state) {
711 esp->es_challen = challen;
712 ptr = esp->es_challenge;
715 BCOPY(esp->es_challenge, outp, esp->es_challen);
716 INCPTR(esp->es_challen, outp);
717 BCOPY(esp->es_server.ea_name, outp, esp->es_server.ea_namelen);
718 INCPTR(esp->es_server.ea_namelen, outp);
726 PUTCHAR(esp->es_server.ea_namelen, outp);
727 BCOPY(esp->es_server.ea_name, outp, esp->es_server.ea_namelen);
728 INCPTR(esp->es_server.ea_namelen, outp);
730 ts = (struct t_server *)esp->es_server.ea_session;
755 ts = (struct t_server *)esp->es_server.ea_session;
765 ts = (struct t_server *)esp->es_server.ea_session;
773 cp = (unsigned char *)esp->es_server.ea_peer;
774 if ((j = i = esp->es_server.ea_peerlen) > 7)
818 SHA1Update(&ctxt, &esp->es_server.ea_id, 1);
819 SHA1Update(&ctxt, esp->es_server.ea_skey,
821 SHA1Update(&ctxt, esp->es_server.ea_peer,
822 esp->es_server.ea_peerlen);
829 SHA1Update(&ctxt, &esp->es_server.ea_id, 1);
830 SHA1Update(&ctxt, esp->es_server.ea_skey,
843 esp->es_challen = challen;
844 ptr = esp->es_challenge;
847 BCOPY(esp->es_challenge, outp, esp->es_challen);
848 INCPTR(esp->es_challen, outp);
859 output(esp->es_unit, outpacket_buf, outlen + PPP_HDRLEN);
861 esp->es_server.ea_requests++;
863 if (esp->es_server.ea_timeout > 0)
864 TIMEOUT(eap_server_timeout, esp, esp->es_server.ea_timeout);
878 eap_state *esp = &eap_states[unit]; local
881 esp->es_server.ea_name = localname;
882 esp->es_server.ea_namelen = strlen(localname);
884 esp->es_savedtime = esp->es_server.ea_timeout;
887 if (esp->es_server.ea_state == eapInitial ||
888 esp->es_server.ea_state == eapPending) {
889 esp->es_server.ea_state = eapPending;
893 esp->es_server.ea_state = eapPending;
896 eap_send_request(esp);
907 eap_state *esp = (eap_state *) arg; local
909 if (!eap_server_active(esp))
913 eap_send_request(esp);
925 eap_state *esp = (eap_state *)arg; local
927 if (esp->es_server.ea_state != eapOpen &&
928 esp->es_server.ea_state != eapSRP4)
931 esp->es_server.ea_requests = 0;
932 esp->es_server.ea_state = eapIdentify;
933 eap_figure_next_state(esp, 0);
934 esp->es_server.ea_id++;
935 eap_send_request(esp);
942 eap_state *esp = (eap_state *)arg; local
944 if (esp->es_server.ea_state != eapOpen ||
945 esp->es_server.ea_type != EAPT_SRP)
948 esp->es_server.ea_requests = 0;
949 esp->es_server.ea_state = eapSRP4;
950 esp->es_server.ea_id++;
951 eap_send_request(esp);
966 eap_state *esp = &eap_states[unit]; local
969 if (esp->es_server.ea_peer != NULL &&
970 esp->es_server.ea_peer != remote_name)
971 free(esp->es_server.ea_peer);
972 esp->es_server.ea_peer = NULL;
973 if (esp->es_client.ea_peer != NULL)
974 free(esp->es_client.ea_peer);
975 esp->es_client.ea_peer = NULL;
977 esp->es_client.ea_state = eapClosed;
978 esp->es_server.ea_state = eapClosed;
990 eap_state *esp = &eap_states[unit]; local
992 if (eap_client_active(esp) && esp->es_client.ea_timeout > 0) {
993 UNTIMEOUT(eap_client_timeout, (void *)esp);
995 if (eap_server_active(esp)) {
996 if (esp->es_server.ea_timeout > 0) {
997 UNTIMEOUT(eap_server_timeout, (void *)esp);
1000 if ((esp->es_server.ea_state == eapOpen ||
1001 esp->es_server.ea_state == eapSRP4) &&
1002 esp->es_rechallenge > 0) {
1003 UNTIMEOUT(eap_rechallenge, (void *)esp);
1005 if (esp->es_server.ea_state == eapOpen &&
1006 esp->es_lwrechallenge > 0) {
1007 UNTIMEOUT(srp_lwrechallenge, (void *)esp);
1011 esp->es_client.ea_state = esp->es_server.ea_state = eapInitial;
1012 esp->es_client.ea_requests = esp->es_server.ea_requests = 0;
1025 eap_state *esp = &eap_states[unit]; local
1027 if (eap_client_active(esp)) {
1031 if (eap_server_active(esp)) {
1042 eap_send_response(esp, id, typenum, str, lenstr) in eap_send_response() argument
1043 eap_state *esp; in eap_send_response()
1058 esp->es_client.ea_id = id;
1066 output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen);
1073 eap_chap_response(esp, id, hash, name, namelen) in eap_chap_response() argument
1074 eap_state *esp; in eap_chap_response()
1089 esp->es_client.ea_id = id;
1101 output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen);
1109 eap_srp_response(esp, id, subtypenum, str, lenstr) in eap_srp_response() argument
1110 eap_state *esp; in eap_srp_response()
1125 esp->es_client.ea_id = id;
1134 output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen);
1141 eap_srpval_response(esp, id, flags, str) in eap_srpval_response() argument
1142 eap_state *esp; in eap_srpval_response()
1156 esp->es_client.ea_id = id;
1165 output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen);
1170 eap_send_nak(esp, id, type) in eap_send_nak() argument
1171 eap_state *esp; in eap_send_nak()
1184 esp->es_client.ea_id = id;
1190 output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen);
1248 write_pseudonym(esp, inp, len, id) in write_pseudonym() argument
1249 eap_state *esp; in write_pseudonym()
1271 SHA1Update(&ctxt, esp->es_client.ea_skey, SESSION_KEY_LEN);
1275 SHA1Update(&ctxt, esp->es_client.ea_name,
1276 esp->es_client.ea_namelen);
1298 esp->es_usedpseudo = 0;
1310 eap_request(esp, inp, id, len) in eap_request() argument
1311 eap_state *esp; in eap_request()
1338 esp->es_client.ea_requests++;
1339 if (esp->es_client.ea_maxrequests != 0 &&
1340 esp->es_client.ea_requests > esp->es_client.ea_maxrequests) {
1342 if (esp->es_client.ea_timeout > 0) {
1343 UNTIMEOUT(eap_client_timeout, (void *)esp);
1345 auth_withpeer_fail(esp->es_unit, PPP_EAP);
1362 if (esp->es_usepseudo &&
1363 (esp->es_usedpseudo == 0 ||
1364 (esp->es_usedpseudo == 1 &&
1365 id == esp->es_client.ea_id))) {
1366 esp->es_usedpseudo = 1;
1374 eap_send_response(esp, id, typenum,
1383 if (esp->es_usepseudo && esp->es_usedpseudo != 2) {
1385 esp->es_usedpseudo = 2;
1388 eap_send_response(esp, id, typenum, esp->es_client.ea_name,
1389 esp->es_client.ea_namelen);
1395 eap_send_response(esp, id, typenum, NULL, 0);
1419 eap_send_nak(esp, id, EAPT_SRP);
1442 if (!get_secret(esp->es_unit, esp->es_client.ea_name,
1445 eap_send_nak(esp, id, EAPT_SRP);
1455 eap_chap_response(esp, id, hash, esp->es_client.ea_name,
1456 esp->es_client.ea_namelen);
1473 if (esp->es_client.ea_session != NULL) {
1474 tc = (struct t_client *)esp->es_client.
1481 if (id != esp->es_client.ea_id) {
1483 esp->es_client.ea_session = NULL;
1488 esp->es_client.ea_skey = NULL;
1513 if (esp->es_client.ea_peer != NULL)
1514 free(esp->es_client.ea_peer);
1515 esp->es_client.ea_peer = strdup(rhostname);
1516 esp->es_client.ea_peerlen = strlen(rhostname);
1561 tc = t_clientopen(esp->es_client.ea_name,
1564 eap_send_nak(esp, id, EAPT_MD5CHAP);
1567 esp->es_client.ea_session = (void *)tc;
1575 eap_srp_response(esp, id, EAPSRP_CKEY, Ap->data,
1580 tc = (struct t_client *)esp->es_client.ea_session;
1583 eap_send_nak(esp, id, EAPT_MD5CHAP);
1586 if (esp->es_client.ea_skey != NULL) {
1591 if (id != esp->es_client.ea_id) {
1594 esp->es_client.ea_id, id);
1597 if (get_srp_secret(esp->es_unit,
1598 esp->es_client.ea_name,
1599 esp->es_client.ea_peer, secret, 0) == 0) {
1605 eap_send_nak(esp, id, EAPT_MD5CHAP);
1612 esp->es_client.ea_skey =
1614 if (esp->es_client.ea_skey == NULL) {
1620 eap_srpval_response(esp, id, SRPVAL_EBIT,
1625 tc = (struct t_client *)esp->es_client.ea_session;
1626 if (tc == NULL || esp->es_client.ea_skey == NULL) {
1628 eap_send_nak(esp, id, EAPT_MD5CHAP);
1636 if (esp->es_client.ea_state == eapOpen) {
1637 if (id != esp->es_client.ea_id) {
1640 esp->es_client.ea_id, id);
1650 GETLONG(esp->es_client.ea_keyflags, inp);
1652 if (len > 0 && esp->es_usepseudo) {
1654 write_pseudonym(esp, inp, len, id);
1662 eap_srp_response(esp, id, EAPSRP_ACK, NULL, 0);
1673 SHA1Update(&ctxt, esp->es_client.ea_skey,
1676 SHA1Update(&ctxt, esp->es_client.ea_name,
1677 esp->es_client.ea_namelen);
1679 eap_srp_response(esp, id, EAPSRP_LWRECHALLENGE, dig,
1685 eap_send_nak(esp, id, EAPT_MD5CHAP);
1693 eap_send_nak(esp, id, EAPT_SRP);
1697 if (esp->es_client.ea_timeout > 0) {
1698 UNTIMEOUT(eap_client_timeout, (void *)esp);
1699 TIMEOUT(eap_client_timeout, (void *)esp,
1700 esp->es_client.ea_timeout);
1706 esp->es_client.ea_state = eapBadAuth;
1707 if (esp->es_client.ea_timeout > 0) {
1708 UNTIMEOUT(eap_client_timeout, (void *)esp);
1710 esp->es_client.ea_session = NULL;
1712 auth_withpeer_fail(esp->es_unit, PPP_EAP);
1720 eap_response(esp, inp, id, len) in eap_response() argument
1721 eap_state *esp; in eap_response()
1740 if (esp->es_server.ea_id != id) {
1742 esp->es_server.ea_id);
1746 esp->es_server.ea_responses++;
1758 if (esp->es_server.ea_state != eapIdentify) {
1764 if (esp->es_server.ea_peer != NULL &&
1765 esp->es_server.ea_peer != remote_name)
1766 free(esp->es_server.ea_peer);
1767 esp->es_server.ea_peer = malloc(len + 1);
1768 if (esp->es_server.ea_peer == NULL) {
1769 esp->es_server.ea_peerlen = 0;
1770 eap_figure_next_state(esp, 1);
1773 BCOPY(inp, esp->es_server.ea_peer, len);
1774 esp->es_server.ea_peer[len] = '\0';
1775 esp->es_server.ea_peerlen = len;
1776 eap_figure_next_state(esp, 0);
1786 eap_figure_next_state(esp, 1);
1793 if (!explicit_remote && esp->es_server.ea_state == eapIdentify){
1795 eap_figure_next_state(esp, 1);
1802 esp->es_server.ea_state = eapIdentify;
1803 eap_figure_next_state(esp, 0);
1807 esp->es_server.ea_state = eapMD5Chall;
1812 switch (esp->es_server.ea_state) {
1816 esp->es_server.ea_state = eapMD5Chall;
1820 esp->es_server.ea_state = eapIdentify;
1821 eap_figure_next_state(esp, 0);
1831 if (esp->es_server.ea_state != eapMD5Chall) {
1833 eap_figure_next_state(esp, 1);
1838 eap_figure_next_state(esp, 1);
1845 eap_figure_next_state(esp, 1);
1868 if (!get_secret(esp->es_unit, rhostname,
1869 esp->es_server.ea_name, secret, &secret_len, 1)) {
1871 eap_send_failure(esp);
1875 MD5_Update(&mdContext, &esp->es_server.ea_id, 1);
1878 MD5_Update(&mdContext, esp->es_challenge, esp->es_challen);
1881 eap_send_failure(esp);
1884 esp->es_server.ea_type = EAPT_MD5CHAP;
1885 eap_send_success(esp);
1886 eap_figure_next_state(esp, 0);
1887 if (esp->es_rechallenge != 0)
1888 TIMEOUT(eap_rechallenge, esp, esp->es_rechallenge);
1895 eap_figure_next_state(esp, 1);
1902 if (esp->es_server.ea_state != eapSRP1) {
1904 eap_figure_next_state(esp, 1);
1909 ts = (struct t_server *)esp->es_server.ea_session;
1911 esp->es_server.ea_skey = t_servergetkey(ts, &A);
1912 if (esp->es_server.ea_skey == NULL) {
1915 eap_send_failure(esp);
1917 eap_figure_next_state(esp, 0);
1922 if (esp->es_server.ea_state != eapSRP2) {
1924 eap_figure_next_state(esp, 1);
1930 eap_figure_next_state(esp, 1);
1933 GETLONG(esp->es_server.ea_keyflags, inp);
1934 ts = (struct t_server *)esp->es_server.ea_session;
1938 eap_send_failure(esp);
1941 eap_figure_next_state(esp, 0);
1945 if (esp->es_server.ea_state != eapSRP3) {
1947 eap_send_failure(esp);
1950 esp->es_server.ea_type = EAPT_SRP;
1951 eap_send_success(esp);
1952 eap_figure_next_state(esp, 0);
1953 if (esp->es_rechallenge != 0)
1954 TIMEOUT(eap_rechallenge, esp,
1955 esp->es_rechallenge);
1956 if (esp->es_lwrechallenge != 0)
1957 TIMEOUT(srp_lwrechallenge, esp,
1958 esp->es_lwrechallenge);
1962 if (esp->es_server.ea_state != eapSRP4) {
1974 SHA1Update(&ctxt, esp->es_server.ea_skey,
1976 SHA1Update(&ctxt, esp->es_challenge, esp->es_challen);
1977 SHA1Update(&ctxt, esp->es_server.ea_peer,
1978 esp->es_server.ea_peerlen);
1982 eap_send_failure(esp);
1985 esp->es_server.ea_state = eapOpen;
1986 if (esp->es_lwrechallenge != 0)
1987 TIMEOUT(srp_lwrechallenge, esp,
1988 esp->es_lwrechallenge);
2000 if (esp->es_server.ea_timeout > 0) {
2001 UNTIMEOUT(eap_server_timeout, (void *)esp);
2004 if (esp->es_server.ea_state != eapBadAuth &&
2005 esp->es_server.ea_state != eapOpen) {
2006 esp->es_server.ea_id++;
2007 eap_send_request(esp);
2015 eap_success(esp, inp, id, len) in eap_success() argument
2016 eap_state *esp; in eap_success()
2021 if (esp->es_client.ea_state != eapOpen && !eap_client_active(esp)) {
2023 eap_state_name(esp->es_client.ea_state),
2024 esp->es_client.ea_state);
2028 if (esp->es_client.ea_timeout > 0) {
2029 UNTIMEOUT(eap_client_timeout, (void *)esp);
2037 esp->es_client.ea_state = eapOpen;
2038 auth_withpeer_success(esp->es_unit, PPP_EAP, 0);
2045 eap_failure(esp, inp, id, len) in eap_failure() argument
2046 eap_state *esp; in eap_failure()
2051 if (!eap_client_active(esp)) {
2053 eap_state_name(esp->es_client.ea_state),
2054 esp->es_client.ea_state);
2057 if (esp->es_client.ea_timeout > 0) {
2058 UNTIMEOUT(eap_client_timeout, (void *)esp);
2066 esp->es_client.ea_state = eapBadAuth;
2069 auth_withpeer_fail(esp->es_unit, PPP_EAP);
2081 eap_state *esp = &eap_states[unit]; local
2106 eap_request(esp, inp, id, len);
2110 eap_response(esp, inp, id, len);
2114 eap_success(esp, inp, id, len);
2118 eap_failure(esp, inp, id, len);