-
Notifications
You must be signed in to change notification settings - Fork 201
/
aaa.c
511 lines (486 loc) · 14.7 KB
/
aaa.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
/*
* Layer Two Tunnelling Protocol Daemon
* Copyright (C) 1998 Adtran, Inc.
* Copyright (C) 2002 Jeff McAdams
*
* Mark Spencer
*
* This software is distributed under the terms
* of the GPL, which you should have received
* along with this source.
*
* Authorization, Accounting, and Access control
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <string.h>
#include <errno.h>
#include "l2tp.h"
extern void bufferDump (char *, int);
/* FIXME: Accounting? */
struct addr_ent *uaddr[ADDR_HASH_SIZE];
void init_addr ()
{
int x;
for (x = 0; x < ADDR_HASH_SIZE; x++)
uaddr[x] = NULL;
}
static int ip_used (unsigned int addr)
{
struct addr_ent *tmp;
tmp = uaddr[addr % ADDR_HASH_SIZE];
while (tmp)
{
if (tmp->addr == addr)
return -1;
tmp = tmp->next;
}
return 0;
}
void mk_challenge (unsigned char *c, int length)
{
get_entropy(c, length);
/* int x;
int *s = (int *) c;
for (x = 0; x < length / sizeof (int); x++)
s[x] = rand (); */
}
void reserve_addr (unsigned int addr)
{
/* Mark this address as in use */
struct addr_ent *tmp, *tmp2;
addr = ntohl (addr);
if (ip_used (addr))
return;
tmp = uaddr[addr % ADDR_HASH_SIZE];
tmp2 = malloc (sizeof (struct addr_ent));
uaddr[addr % ADDR_HASH_SIZE] = tmp2;
tmp2->next = tmp;
tmp2->addr = addr;
}
void unreserve_addr (unsigned int addr)
{
struct addr_ent *tmp, *last = NULL, *z;
addr = ntohl (addr);
tmp = uaddr[addr % ADDR_HASH_SIZE];
while (tmp)
{
if (tmp->addr == addr)
{
if (last)
{
last->next = tmp->next;
}
else
{
uaddr[addr % ADDR_HASH_SIZE] = tmp->next;
}
z = tmp;
tmp = tmp->next;
free (z);
}
else
{
last = tmp;
tmp = tmp->next;
}
}
}
unsigned int get_addr (struct iprange *ipr)
{
unsigned int x, y;
int status;
struct iprange *ipr2;
while (ipr)
{
if (ipr->sense == SENSE_ALLOW)
for (x = ntohl (ipr->start); x <= ntohl (ipr->end); x++)
{
/* Found an IP in an ALLOW range, check to be sure it is
consistent through the remaining regions */
if (!ip_used (x))
{
status = SENSE_ALLOW;
ipr2 = ipr->next;
while (ipr2)
{
if ((x >= ntohl (ipr2->start))
&& (x <= ntohl (ipr2->end)))
status = ipr2->sense;
ipr2 = ipr2->next;
}
y = htonl (x);
if (status == SENSE_ALLOW)
return y;
}
};
ipr = ipr->next;
}
return 0;
}
static int get_secret (char *us, char *them, unsigned char *secret, int size)
{
FILE *f;
char buf[STRLEN];
char *u, *t, *s;
int num = 0;
f = fopen (gconfig.authfile, "r");
if (!f)
{
l2tp_log (LOG_WARNING, "%s : Unable to open '%s' for authentication\n",
__FUNCTION__, gconfig.authfile);
return 0;
}
while (!feof (f))
{
num++;
if (NULL == fgets (buf, sizeof (buf), f))
{
/* Error or EOF */
break;
}
/* Strip comments */
for (t = buf; *t; t++)
*t = ((*t == '#') || (*t == ';')) ? 0 : *t;
/* Strip trailing whitespace */
for (t = buf + strlen (buf) - 1; (t >= buf) && (*t < 33); t--)
*t = 0;
if (!strlen (buf))
continue; /* Empty line */
u = buf;
while (*u && (*u < 33))
u++;
/* us */
if (!*u)
{
l2tp_log (LOG_WARNING,
"%s: Invalid authentication info (no us), line %d\n",
__FUNCTION__, num);
continue;
}
t = u;
while (*t > 32)
t++;
*(t++) = 0;
while (*t && (*t < 33))
t++;
/* them */
if (!*t)
{
l2tp_log (LOG_WARNING,
"%s: Invalid authentication info (nothem), line %d\n",
__FUNCTION__, num);
continue;
}
s = t;
while (*s > 33)
s++;
*(s++) = 0;
while (*s && (*s < 33))
s++;
if (!*s)
{
l2tp_log (LOG_WARNING,
"%s: Invalid authentication info (no secret), line %d\n",
__FUNCTION__, num);
continue;
}
if ((!strcasecmp (u, us) || !strcasecmp (u, "*")) &&
(!strcasecmp (t, them) || !strcasecmp (t, "*")))
{
#ifdef DEBUG_AUTH
l2tp_log (LOG_DEBUG,
"%s: we are '%s', they are '%s', secret is '%s'\n",
__FUNCTION__, u, t, s);
#endif
strncpy ((char *)secret, s, size);
fclose(f);
return -1;
}
}
fclose(f);
return 0;
}
int handle_challenge (struct tunnel *t, struct challenge *chal)
{
char *us;
char *them;
if (!t->lns && !t->lac)
{
l2tp_log (LOG_DEBUG, "%s: No LNS or LAC to handle challenge!\n",
__FUNCTION__);
return -1;
}
#ifdef DEBUG_AUTH
l2tp_log (LOG_DEBUG, "%s: making response for tunnel: %d\n", __FUNCTION__,
t->ourtid);
#endif
if (t->lns)
{
if (t->lns->hostname[0])
us = t->lns->hostname;
else
us = hostname;
if (t->lns->peername[0])
them = t->lns->peername;
else
them = t->hostname;
}
else
{
if (t->lac->hostname[0])
us = t->lac->hostname;
else
us = hostname;
if (t->lac->peername[0])
them = t->lac->peername;
else
them = t->hostname;
}
if (!get_secret (us, them, chal->secret, sizeof (chal->secret)))
{
l2tp_log (LOG_DEBUG, "%s: no secret found for us='%s' and them='%s'\n",
__FUNCTION__, us, them);
return -1;
}
#if DEBUG_AUTH
l2tp_log (LOG_DEBUG, "*%s: Here comes the chal->ss:\n", __FUNCTION__);
bufferDump (&chal->ss, 1);
l2tp_log (LOG_DEBUG, "%s: Here comes the secret\n", __FUNCTION__);
bufferDump (chal->secret, strlen (chal->secret));
l2tp_log (LOG_DEBUG, "%s: Here comes the challenge\n", __FUNCTION__);
bufferDump (chal->challenge, chal->chal_len);
#endif
memset (chal->response, 0, MD_SIG_SIZE);
MD5Init (&chal->md5);
MD5Update (&chal->md5, &chal->ss, 1);
MD5Update (&chal->md5, chal->secret, strlen ((char *)chal->secret));
MD5Update (&chal->md5, chal->challenge, chal->chal_len);
MD5Final (chal->response, &chal->md5);
#ifdef DEBUG_AUTH
l2tp_log (LOG_DEBUG, "response is %X%X%X%X to '%s' and %X%X%X%X, %d\n",
*((int *) &chal->response[0]),
*((int *) &chal->response[4]),
*((int *) &chal->response[8]),
*((int *) &chal->response[12]),
chal->secret,
*((int *) &chal->challenge[0]),
*((int *) &chal->challenge[4]),
*((int *) &chal->challenge[8]),
*((int *) &chal->challenge[12]), chal->ss);
#endif
chal->state = STATE_CHALLENGED;
return 0;
}
struct lns *get_lns (struct tunnel *t)
{
/*
* Look through our list of LNS's and
* find a reasonable LNS for this call
* if one is available
*/
struct lns *lns;
struct iprange *ipr;
int allow, checkdefault = 0;
/* If access control is disabled, we give the default
otherwise, we give nothing */
allow = 0;
lns = lnslist;
if (!lns)
{
lns = deflns;
checkdefault = -1;
}
while (lns)
{
ipr = lns->lacs;
while (ipr)
{
if ((ntohl (t->peer.sin_addr.s_addr) >= ntohl (ipr->start)) &&
(ntohl (t->peer.sin_addr.s_addr) <= ntohl (ipr->end)))
{
#ifdef DEBUG_AAA
l2tp_log (LOG_DEBUG,
"$s: Rule %s to %s, sense %s matched %s\n", __FUNCTION__,
IPADDY (ipr->start), IPADDY (ipr->end),
(ipr->sense ? "allow" : "deny"), IPADDY (t->peer.sin_addr.s_addr));
#endif
allow = ipr->sense;
}
ipr = ipr->next;
}
if (allow)
return lns;
lns = lns->next;
if (!lns && !checkdefault)
{
lns = deflns;
checkdefault = -1;
}
}
if (gconfig.accesscontrol)
return NULL;
else
return deflns;
}
#ifdef DEBUG_HIDDEN
static void print_md5 (void * const md5)
{
int *i = (int *) md5;
l2tp_log (LOG_DEBUG, "%X%X%X%X\n", i[0], i[1], i[2], i[3], i[4]);
}
static inline void print_challenge (struct challenge *chal)
{
l2tp_log (LOG_DEBUG, "vector: ");
print_md5 (chal->vector);
l2tp_log (LOG_DEBUG, "secret: %s\n", chal->secret);
}
#endif
void encrypt_avp (struct buffer *buf, _u16 len, struct tunnel *t)
{
/* Encrypts an AVP of len, at data. We assume there
are two "spare bytes" before the data pointer,l but otherwise
this is just a normal AVP that is about to be returned from
an avpsend routine */
struct avp_hdr *new_hdr =
(struct avp_hdr *) (buf->start + buf->len - len);
struct avp_hdr *old_hdr =
(struct avp_hdr *) (buf->start + buf->len - len + 2);
_u16 length, flags, attr; /* New length, old flags */
unsigned char *ptr, *end;
int cnt;
unsigned char digest[MD_SIG_SIZE];
unsigned char *previous_segment;
/* FIXME: Should I pad more randomly? Right now I pad to nearest 16 bytes */
length =
((len - sizeof (struct avp_hdr) + 1) / 16 + 1) * 16 +
sizeof (struct avp_hdr);
flags = htons (old_hdr->length) & 0xF000;
new_hdr->length = htons (length | flags | HBIT);
new_hdr->vendorid = old_hdr->vendorid;
new_hdr->attr = attr = old_hdr->attr;
/* This is really the length field of the hidden sub-format */
old_hdr->attr = htons (len - sizeof (struct avp_hdr));
/* Okay, now we've rewritten the header, as it should be. Let's start
encrypting the actual data now */
buf->len -= len;
buf->len += length;
/* Back to the beginning of real data, including the original length AVP */
MD5Init (&t->chal_them.md5);
MD5Update (&t->chal_them.md5, (void *) &attr, 2);
MD5Update (&t->chal_them.md5, t->chal_them.secret,
strlen ((char *)t->chal_them.secret));
MD5Update (&t->chal_them.md5, t->chal_them.vector, VECTOR_SIZE);
MD5Final (digest, &t->chal_them.md5);
/* Though not a "MUST" in the spec, our subformat length is always a multiple of 16 */
ptr = ((unsigned char *) new_hdr) + sizeof (struct avp_hdr);
end = ((unsigned char *) new_hdr) + length;
previous_segment = ptr;
while (ptr < end)
{
#if DEBUG_HIDDEN
l2tp_log (LOG_DEBUG, "%s: The digest to be XOR'ed\n", __FUNCTION__);
bufferDump (digest, MD_SIG_SIZE);
l2tp_log (LOG_DEBUG, "%s: The plaintext to be XOR'ed\n", __FUNCTION__);
bufferDump (ptr, MD_SIG_SIZE);
#endif
for (cnt = 0; cnt < MD_SIG_SIZE; cnt++, ptr++)
{
*ptr = *ptr ^ digest[cnt];
}
#if DEBUG_HIDDEN
l2tp_log (LOG_DEBUG, "%s: The result of XOR\n", __FUNCTION__);
bufferDump (previous_segment, MD_SIG_SIZE);
#endif
if (ptr < end)
{
MD5Init (&t->chal_them.md5);
MD5Update (&t->chal_them.md5, t->chal_them.secret,
strlen ((char *)t->chal_them.secret));
MD5Update (&t->chal_them.md5, previous_segment, MD_SIG_SIZE);
MD5Final (digest, &t->chal_them.md5);
}
previous_segment = ptr;
}
}
int decrypt_avp (char *buf, struct tunnel *t)
{
/* Decrypts a hidden AVP pointed to by buf. The
new header will be expected to be two characters
offset from the old */
int cnt = 0;
int len, olen, flags;
unsigned char digest[MD_SIG_SIZE];
char *ptr, *end;
_u16 attr;
struct avp_hdr *old_hdr = (struct avp_hdr *) buf;
struct avp_hdr *new_hdr = (struct avp_hdr *) (buf + 2);
int saved_segment_len; /* maybe less 16; may be used if the cipher is longer than 16 octets */
unsigned char saved_segment[MD_SIG_SIZE];
ptr = ((char *) old_hdr) + sizeof (struct avp_hdr);
olen = old_hdr->length & 0x0FFF;
end = buf + olen;
if (!t->chal_us.vector)
{
l2tp_log (LOG_DEBUG,
"%s: Hidden bit set, but no random vector specified!\n", __FUNCTION__);
return -EINVAL;
}
/* First, let's decrypt all the data. We're not guaranteed
that it will be padded to a 16 byte boundary, so we
have to be more careful than when encrypting */
attr = ntohs (old_hdr->attr);
MD5Init (&t->chal_us.md5);
MD5Update (&t->chal_us.md5, (void *) &attr, 2);
MD5Update (&t->chal_us.md5, t->chal_us.secret,
strlen ((char *)t->chal_us.secret));
MD5Update (&t->chal_us.md5, t->chal_us.vector, t->chal_us.vector_len);
MD5Final (digest, &t->chal_us.md5);
#ifdef DEBUG_HIDDEN
l2tp_log (LOG_DEBUG, "attribute is %d and challenge is: ", attr);
print_challenge (&t->chal_us);
l2tp_log (LOG_DEBUG, "md5 is: ");
print_md5 (digest);
#endif
while (ptr < end)
{
if (cnt >= MD_SIG_SIZE)
{
MD5Init (&t->chal_us.md5);
MD5Update (&t->chal_us.md5, t->chal_us.secret,
strlen ((char *)t->chal_us.secret));
MD5Update (&t->chal_us.md5, saved_segment, MD_SIG_SIZE);
MD5Final (digest, &t->chal_us.md5);
cnt = 0;
}
/* at the beginning of each segment, we save the current segment (16 octets or less) of cipher
* so that the next round of MD5 (if there is a next round) hash could use it
*/
if (cnt == 0)
{
saved_segment_len =
(end - ptr < MD_SIG_SIZE) ? (end - ptr) : MD_SIG_SIZE;
memcpy (saved_segment, ptr, saved_segment_len);
}
*ptr = *ptr ^ digest[cnt++];
ptr++;
}
/* Hopefully we're all nice and decrypted now. Let's rewrite the header.
First save the old flags, and get the new stuff */
flags = old_hdr->length & 0xF000 & ~HBIT;
len = ntohs (new_hdr->attr) + sizeof (struct avp_hdr);
if (len > olen - 2)
{
l2tp_log (LOG_DEBUG,
"%s: Decrypted length is too long (%d > %d)\n", __FUNCTION__, len,
olen - 2);
return -EINVAL;
}
new_hdr->attr = old_hdr->attr;
new_hdr->vendorid = old_hdr->vendorid;
new_hdr->length = len | flags;
return 0;
}