FreeCalypso > hg > fc-magnetite
view src/g23m-fad/ppp/ppp_capf.c @ 702:9394305d4ff5 default tip
etm_audio.c: fix off-by-one error in auw of FIR coefficients
This fix was already made in FC Tourmaline a while back, but it is also
the kind of bugfix that deserves to be backported to Magnetite and
Selenite as well.
author | Mychaela Falconia <falcon@freecalypso.org> |
---|---|
date | Mon, 31 Oct 2022 00:14:44 +0000 |
parents | 90eb61ecd093 |
children |
line wrap: on
line source
/* +----------------------------------------------------------------------------- | Project : | Modul : +----------------------------------------------------------------------------- | Copyright 2002 Texas Instruments Berlin, AG | All rights reserved. | | This file is confidential and a trade secret of Texas | Instruments Berlin, AG | The receipt of or possession of this file does not convey | any rights to reproduce or disclose its contents or to | manufacture, use, or sell anything it may describe, in | whole, or in part, without the specific written consent of | Texas Instruments Berlin, AG. +----------------------------------------------------------------------------- | Purpose : This modul is part of the entity PPP and implements all | procedures and functions as described in the | SDL-documentation (CHAP-statemachine) +----------------------------------------------------------------------------- */ #ifndef PPP_CAPF_C #define PPP_CAPF_C #endif /* !PPP_CAPF_C */ #define ENTITY_PPP /*==== INCLUDES =============================================================*/ #include "typedefs.h" /* to get Condat data types */ #include "vsi.h" /* to get a lot of macros */ #include "macdef.h" /* to get a lot of macros */ #include "custom.h" /* to get a lot of macros */ #include "gsm.h" /* to get a lot of macros */ #include "cnf_ppp.h" /* to get cnf-definitions */ #include "mon_ppp.h" /* to get mon-definitions */ #include "prim.h" /* to get the definitions of used SAP and directions */ #include "dti.h" /* to get the DTILIB definitions */ #include "ppp.h" /* to get the global entity definitions */ #include "ppp_arbf.h" /* to get function interface from arb */ #include <string.h> /* to get memcpy */ #include <stdlib.h> /* to get rand */ #include "cl_md5.h" /* to get MD5 routine from common library */ #ifdef _SIMULATION_ #include <stdio.h> /* to get sprintf */ #endif /* _SIMULATION_ */ /*==== CONST ================================================================*/ #define CHAP_SUCCESS_LENGTH (4) #define CHAP_CHALLENGE_HEADER_SIZE (5) /* * maximum value length is 64 octets and additional packet header is 5 octets */ #define CHAP_CHALLENGE_LEN_MAX_SERVER_MODE (64 + CHAP_CHALLENGE_HEADER_SIZE) /* * maximum value length is 5 octets for packet header + 16 octets for hash value * calculated by MD5 algorithm + login name length */ #define CHAP_RESPONSE_LEN_MAX_CLIENT_MODE (CHAP_CHALLENGE_HEADER_SIZE + \ CHAP_MSG_DIGEST_LEN + \ PPP_LOGIN_NAME_LENGTH) /* * the response packet must be passable to the ISP in protocol configuration * options (pco). The maximum length of pco is * 251 octets (253 - 2 (identification overhead) = 251). There must also be * space for other protocol packet, like LCP and IPCP. * LCP needs * 15 octets (3 (overhead pco) + 4 (overhead packet) + 4 (mru) + 4 * (authentication protocol PAP) = 15) for server packet and * 11 octets (3 (overhead pco) + 4 (overhead packet) + 4 (mru) = 11) for * client packet. * IPCP needs * 31 octets (3 (overhead pco) + 4 (overhead packet) + 6 (IP address) + 6 * (VJ header compression) + 6 (primary DNS) + 6 (secondary DNS) = 31) for * client packet and * 13 octets (3 (overhead pco) + 4 (overhead packet) + 6 * (Gateway address) = 13) for gateway address packet. * CHAP needs * 3 octets for pco overhead and * CHAP_CHALLENGE_LENGTH_MAX for challenge packet and * 3 octets for pco overhead for response packet. * The max. user login name legth is * - for client mode 25 octets * - for server mode */ #define CHAP_RESPONSE_LEN_MAX_SERVER_MODE (251 - 15 - 11 - 31 - 13 - 3 - \ CHAP_CHALLENGE_LEN_MAX_SERVER_MODE\ - 3) #define CHAP_CHALLENGE_LEN_MAX_CLIENT_MODE (251 - 15 - 11 - 31 - 13 - 3 - \ CHAP_RESPONSE_LEN_MAX_CLIENT_MODE\ - 3) #define CHAP_FAILURE_TEXT "response packet to long" #define CHAP_FAILURE_TEXT_LENGTH sizeof(CHAP_FAILURE_TEXT) #define CHAP_FAILURE_LENGTH (4 + CHAP_FAILURE_TEXT_LENGTH) /*==== LOCAL VARS ===========================================================*/ /*==== PRIVATE FUNCTIONS ====================================================*/ /*==== PUBLIC FUNCTIONS =====================================================*/ /* +------------------------------------------------------------------------------ | Function : chap_init +------------------------------------------------------------------------------ | Description : The function chap_init() initializes Challenge Handshake | Authentication Protocol | | Parameters : no parameter | +------------------------------------------------------------------------------ */ GLOBAL void chap_init () { T_TIME time_val; TRACE_FUNCTION( "chap_init" ); /* * initialize random generator */ vsi_t_time (VSI_CALLER &time_val); srand((USHORT) time_val); /* * initialize values */ ppp_data->chap.counter = 0; /* counter for timer restart */ ppp_data->chap.nci = 0; /* new challenge identifier */ ppp_data->chap.sc = FALSE; /* indic. for sending of Challenge packet*/ ppp_data->chap.rc = FALSE; /* indic. for receiving of Challenge pack*/ ppp_data->chap.sr = FALSE; /* indic. for sending of Respons packet */ ppp_data->chap.rs = FALSE; /* indic. for receiving of Success packet */ ppp_data->chap.c_packet = NULL; /* CHAP Challenge packet (server mode) */ ppp_data->chap.r_packet = NULL; /* CHAP Response packet (server mode) */ /* CHAP and PAP authentication values */ memset((UBYTE*)&ppp_data->login, 0, sizeof(T_login)); /* * Set CHAP service state to CHAP_DOWN */ INIT_STATE( PPP_SERVICE_CHAP , CHAP_DOWN ); } /* chap_init() */ /* +------------------------------------------------------------------------------ | Function : chap_fill_out_packet +------------------------------------------------------------------------------ | Description : The function chap_fill_out_packet() puts a CHAP Challenge and | a CHAP Response packet into the protocol configuration list | | Parameters : pco_buf - pco list buffer | ptr_pos - position where to write the CHAP packets, this value | must get back to the calling funtion | +------------------------------------------------------------------------------ */ GLOBAL void chap_fill_out_packet (UBYTE pco_buf[], USHORT* ptr_pos) { USHORT pos; TRACE_FUNCTION( "chap_fill_out_packet" ); #ifdef _SIMULATION_ TRACE_EVENT_P3("parameters: pco_buf[]: %08x, ptr_pos: %08x, pos: %d", pco_buf, ptr_pos, *ptr_pos); #endif /* _SIMULATION_ */ /* * copy stored challenge packet */ /* * Protocol ID */ pos = *ptr_pos; pco_buf[pos] = PROTOCOL_CHAP_MSB; pos++; pco_buf[pos] = PROTOCOL_CHAP_LSB; pos++; /* * Length of Protocol contents */ pco_buf[pos] = (UBYTE)ppp_data->chap.c_packet->len; pos++; /* * copy packet */ memcpy(&pco_buf[pos], ppp_data->chap.c_packet->buffer, ppp_data->chap.c_packet->len); pos += ppp_data->chap.c_packet->len; /* * copy stored response packet */ /* * Protocol ID */ pco_buf[pos] = PROTOCOL_CHAP_MSB; pos++; pco_buf[pos] = PROTOCOL_CHAP_LSB; pos++; /* * Length of Protocol contents */ pco_buf[pos] = (UBYTE)ppp_data->chap.r_packet->len; pos++; /* * copy packet */ memcpy(&pco_buf[pos], ppp_data->chap.r_packet->buffer, ppp_data->chap.r_packet->len); pos += ppp_data->chap.r_packet->len; /* * Free memory and clear flags */ arb_discard_packet(ppp_data->chap.r_packet); ppp_data->chap.r_packet = NULL; ppp_data->chap.sr = FALSE; arb_discard_packet(ppp_data->chap.c_packet); ppp_data->chap.c_packet = NULL; ppp_data->chap.rc = FALSE; /* * return new position */ *ptr_pos=pos; } /* chap_fill_out_packet() */ /* +------------------------------------------------------------------------------ | Function : chap_get_sc +------------------------------------------------------------------------------ | Description : The function chap_get_sc() returns a CHAP Challenge packet and | stores a copy of this packet. | | Parameters : ptr_packet - returns the Challenge packet | THE MEMORY FOR THE PACKET WILL BE ALLOCATED BY | THIS FUNCTION | +------------------------------------------------------------------------------ */ GLOBAL void chap_get_sc (T_desc2** ptr_packet) { T_desc2* ret_desc; USHORT len_pos; USHORT pos; UBYTE i; UBYTE value_size; TRACE_FUNCTION( "chap_get_sc" ); /* * set new identifier */ ppp_data->chap.nci++; /* * random value length 16 to 64 octets */ #ifdef _SIMULATION_ value_size = 16; #else /* _SIMULATION_ */ value_size = (UBYTE)(rand() % 49) + 16; #endif /* _SIMULATION_ */ /* * Allocate the necessary size for the data descriptor. The size is * calculated as follows: * - take the size of a descriptor structure * - subtract one because of the array buffer[1] to get the size of * descriptor control information * - add number of octets of descriptor data (value+header) */ MALLOC(ret_desc, (USHORT)(sizeof(T_desc2) - 1 + value_size + CHAP_CHALLENGE_HEADER_SIZE)); /* * fill the packet */ ret_desc->next = (ULONG)NULL; pos = 0; /* * Code field */ ret_desc->buffer[pos] = CODE_CHALLENGE; pos++; /* * Identifier field */ ret_desc->buffer[pos] = ppp_data->chap.nci;/*lint !e415 (Warning -- access of out-of-bounds pointer) */ pos++; /* * Length field (store the position) */ len_pos = pos; pos++; pos++; /* * value length */ ret_desc->buffer[pos] = value_size;/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ pos++; /* * values */ for(i=0; i < value_size; i++) { #ifdef _SIMULATION_ ret_desc->buffer[pos] = (UBYTE)(i); #else /* _SIMULATION_ */ ret_desc->buffer[pos] = (UBYTE)(rand() & 0xff);/*lint !e661 !e662 (Warning -- Possible access/creation of out-of-bounds pointer) */ #endif /* _SIMULATION_ */ pos++; } /* * insert packet length */ ret_desc->len = pos; ret_desc->buffer[len_pos] = (UBYTE)(pos >> 8);/*lint !e661 !e662 (Warning -- Possible access/creation of out-of-bounds pointer) */ len_pos++; ret_desc->buffer[len_pos] = (UBYTE)(pos & 0x00ff);/*lint !e661 !e662 (Warning -- Possible access/creation of out-of-bounds pointer) */ /* * create second packet to store the values */ arb_discard_packet(ppp_data->chap.c_packet); MALLOC (ppp_data->chap.c_packet, (USHORT)(sizeof(T_desc2) - 1 + value_size + CHAP_CHALLENGE_HEADER_SIZE)); /* * make a copy of the first packet */ ppp_data->chap.c_packet->next = ret_desc->next; ppp_data->chap.c_packet->len = ret_desc->len; memcpy(ppp_data->chap.c_packet->buffer, ret_desc->buffer, ret_desc->len); /* * return the first packet */ ppp_data->chap.sc = TRUE; *ptr_packet = ret_desc; } /* chap_get_sc() */ /* +------------------------------------------------------------------------------ | Function : chap_get_sr +------------------------------------------------------------------------------ | Description : The function chap_get_sr() returns a CHAP Response packet and | stores a copy of this packet. | | Parameters : ptr_packet - returns the Response packet | THE MEMORY FOR THE PACKET WILL BE ALLOCATED BY | THIS FUNCTION | +------------------------------------------------------------------------------ */ GLOBAL void chap_get_sr (T_desc2** ptr_packet) { T_desc2 *ret_packet, *md5_pack; USHORT len_pos; USHORT md5_len; USHORT pos; UBYTE value_size; T_desc2* packet = *ptr_packet; TRACE_FUNCTION( "chap_get_sr" ); /* * Allocate the necessary size for the data descriptor. The size is * calculated as follows: * - take the size of a descriptor structure * - subtract one because of the array buffer[1] to get the size of * descriptor control information * - add number of octets of descriptor data */ MALLOC(ret_packet, (USHORT)(sizeof(T_desc2) - 1 + CHAP_MSG_DIGEST_LEN + ppp_data->login.name_len)); /* * fill the packet */ ret_packet->next = (ULONG)NULL; pos = 0; /* * Code field */ ret_packet->buffer[pos] = CODE_RESPONSE; pos++; /* * Identifier field */ ret_packet->buffer[pos] = ppp_data->chap.nci;/*lint !e415 (Warning -- access of out-of-bounds pointer) */ pos++; /* * Length field (store the position) */ len_pos = pos; pos++; pos++; /* * Value length: output of MD5 routine is always * CHAP_MSG_DIGEST_LEN := 16 Bytes */ value_size = CHAP_MSG_DIGEST_LEN; ret_packet->buffer[pos] = value_size;/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ pos++; /* * Values * Message digest */ md5_len = 1 + ppp_data->login.password_len + packet->buffer[4];/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ MALLOC(md5_pack, (USHORT)(sizeof(T_desc2) - 1 + md5_len)); /* * Build string to pass to MD5 routine: * identifier + user password + challenge message */ md5_pack->buffer[0] = ppp_data->chap.nci; memcpy(&md5_pack->buffer[1], ppp_data->login.password, ppp_data->login.password_len); memcpy(&md5_pack->buffer[ppp_data->login.password_len+1], &packet->buffer[5], packet->buffer[4]);/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ /* * Call MD5 routine */ cl_md5(md5_pack->buffer, md5_len, &ret_packet->buffer[pos]);/*lint !e416 (Warning -- creation of out-of-bounds pointer) */ pos += CHAP_MSG_DIGEST_LEN; MFREE(md5_pack); /* * insert user name */ memcpy(&ret_packet->buffer[pos], ppp_data->login.name, ppp_data->login.name_len);/*lint !e416 (Warning -- creation of out-of-bounds pointer) */ pos += ppp_data->login.name_len; /* * insert packet length */ ret_packet->len = pos; ret_packet->buffer[len_pos] = (UBYTE)(pos >> 8);/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ len_pos++; ret_packet->buffer[len_pos] = (UBYTE)(pos & 0x00ff);/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ /* * return the first packet */ ppp_data->chap.sr = TRUE; *ptr_packet = ret_packet; } /* chap_get_sr() */ /* +------------------------------------------------------------------------------ | Function : chap_get_ss +------------------------------------------------------------------------------ | Description : The function chap_get_ss() returns a CHAP Success packet. | | Parameters : ptr_packet - returns the CHAP Success packet | THE MEMORY FOR THE PACKET WILL BE ALLOCATED BY | THIS FUNCTION | +------------------------------------------------------------------------------ */ GLOBAL void chap_get_ss (T_desc2** ptr_packet) { T_desc2* packet; USHORT pos; TRACE_FUNCTION( "chap_get_ss" ); /* * Allocate the necessary size for the data descriptor. The size is * calculated as follows: * - take the size of a descriptor structure * - subtract one because of the array buffer[1] to get the size of * descriptor control information * - add number of octets of descriptor data */ MALLOC (packet, (USHORT)(sizeof(T_desc2) - 1 + CHAP_SUCCESS_LENGTH)); packet->len = CHAP_SUCCESS_LENGTH; packet->next=(ULONG)NULL; pos=0; /* * code field */ packet->buffer[pos] = CODE_SUCCESS; pos++; /* * identifier field */ packet->buffer[pos] = ppp_data->chap.nci;/*lint !e415 (Warning -- creation of out-of-bounds pointer) */ pos++; /* * length field */ packet->buffer[pos] = 0;/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ pos++; packet->buffer[pos] = CHAP_SUCCESS_LENGTH;/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ /* * return created packet */ *ptr_packet = packet; /* * Announce successful CHAP authentification */ TRACE_EVENT("PPP CHAP: authentification successful"); } /* chap_get_ss() */ /* +------------------------------------------------------------------------------ | Function : chap_rc +------------------------------------------------------------------------------ | Description : The function chap_rc() checks whether the given Challenge | packet is valid and if so it returns FORWARD_RC and a | Response packet. | | Parameters : ptr_packet - Challenge packet | forward - returns result of analysis | +------------------------------------------------------------------------------ */ GLOBAL void chap_rc (T_desc2** ptr_packet, UBYTE* forward) { T_desc2* packet; USHORT packet_len; USHORT pos; TRACE_FUNCTION( "chap_rc" ); /* * this packet can only be reveiced in client mode */ if(ppp_data->mode NEQ PPP_CLIENT) { TRACE_EVENT("PPP CHAP: unexpected CHAP challenge packet in client mode"); *forward=FORWARD_DISCARD; return; } /* * check correct length */ packet = *ptr_packet; packet_len = packet->buffer[2] << 8;/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ packet_len |= packet->buffer[3];/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ if((packet_len < 5) || (packet_len > packet->len)) { TRACE_EVENT("PPP CHAP: invalid CHAP challenge packet length"); *forward=FORWARD_DISCARD; return; } /* * check consistence of length of packet and length of log on information, */ pos=4; pos+= packet->buffer[pos];/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ pos++; if(pos > packet_len || packet_len > CHAP_CHALLENGE_LEN_MAX_CLIENT_MODE) { TRACE_EVENT_P1("PPP CHAP: invalid value size %d in CHAP challenge packet", packet_len); *forward=FORWARD_DISCARD; return; } /* * Check if challenge was received already, the length are equal, * the identifier wasn't change or if the challenge value is the same * to the packet before. */ if((ppp_data->chap.rc) && (packet->buffer[4] EQ ppp_data->chap.c_packet->buffer[4]))/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ { if((ppp_data->chap.nci EQ packet->buffer[1]) || (!memcmp(&packet->buffer[5], &ppp_data->chap.c_packet->buffer[5], packet->buffer[4])))/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ { TRACE_EVENT("PPP CHAP: repeated CHAP challenge packet"); *forward=FORWARD_DISCARD; return; } } /* * store identifier */ ppp_data->chap.nci = packet->buffer[1];/*lint !e415 (Warning -- creation of out-of-bounds pointer) */ /* * store challenge packet */ arb_discard_packet(ppp_data->chap.c_packet); ppp_data->chap.c_packet = packet; /* * set indicators */ ppp_data->chap.rc = TRUE; ppp_data->chap.sr = FALSE; ppp_data->chap.rs = FALSE; /* * create Response packet and * set return values */ chap_get_sr(ptr_packet); *forward=FORWARD_RC; } /* chap_rc() */ /* +------------------------------------------------------------------------------ | Function : chap_rr +------------------------------------------------------------------------------ | Description : The function chap_rr() checks whether the given Response | packet is valid and if so it returns FORWARD_RRP and a | Success packet. | | Parameters : ptr_packet - Response packet | forward - returns result of analysis | +------------------------------------------------------------------------------ */ GLOBAL void chap_rr (T_desc2** ptr_packet, UBYTE* forward) { T_desc2* packet; USHORT packet_len; USHORT pos; TRACE_FUNCTION( "chap_rr" ); /* * this packet can only reveiced in server mode */ if(ppp_data->mode NEQ PPP_SERVER) { TRACE_EVENT("PPP CHAP: unexpected CHAP Response Packet in client mode"); *forward=FORWARD_DISCARD; return; } /* * check correct length */ packet = *ptr_packet; packet_len = packet->buffer[2];/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ packet_len = packet_len << 8; packet_len+= packet->buffer[3];/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ if((packet_len < 5) || (packet_len > packet->len)) { *forward=FORWARD_DISCARD; TRACE_EVENT_P1("PPP CHAP: invalid Response Packet length %d",packet_len); return; } /* * check consistence of length of packet and length of log on information, * check for identifier field and whether a Challenge packet was sent * */ pos=4; pos+= packet->buffer[pos];/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ pos++; #ifdef TRACE_USER_NAME { UBYTE *user_name; USHORT i; USHORT name_len = packet_len - 5 - packet->buffer[4]; MALLOC(user_name, name_len); memcpy(user_name, &packet->buffer[packet_len - name_len - 1], name_len); TRACE_EVENT("PPP CHAP: user name:"); for(i = 0; i < name_len; i++) { TRACE_EVENT_P1(" *%c* ", user_name[i]); } } #endif /*TRACE_USER_NAME */ if((pos > packet_len) || (packet->buffer[1] NEQ ppp_data->chap.nci) || (ppp_data->chap.sc EQ FALSE))/*lint !e415 (Warning -- creation of out-of-bounds pointer) */ { TRACE_EVENT("PPP CHAP: invalid value size or unexpected Response Packet"); *forward=FORWARD_DISCARD; return; } #ifdef TEST_MD5 { /* * For testing set dual-up connection password to "test password" */ UBYTE test_pwd[14] = "test password"; T_desc2 *md5_pack, *c_pack; USHORT md5_len; UBYTE digest[16]; /* * Values * Message digest */ c_pack = ppp_data->chap.c_packet; md5_len = 1 + 13 + c_pack->buffer[4]; MALLOC(md5_pack, (USHORT)(sizeof(T_desc2) - 1 + md5_len)); /* * Build string to pass to MD5 routine: * identifier + user password + challenge message */ md5_pack->buffer[0] = ppp_data->chap.nci; memcpy(&md5_pack->buffer[1], test_pwd, 14); memcpy(&md5_pack->buffer[14+1], &c_pack->buffer[5], c_pack->buffer[4]); /* * Call MD5 routine */ cl_md5(md5_pack->buffer, md5_len, &digest[0]); if(memcmp(&packet->buffer[5], digest, 16)) { TRACE_EVENT("CHAP ERROR: invalid msg digest in received response"); } else { TRACE_EVENT("CHAP INFO: MD5 test OK"); } MFREE(md5_pack); } #endif /* TEST_MD5 */ /* * store authentication packet */ if(packet_len > CHAP_RESPONSE_LEN_MAX_SERVER_MODE) { TRACE_EVENT_P1("PPP CHAP: invalid Response Packet length %d, send failure", packet_len); /* * create Failure packet */ /* * change code field */ packet->buffer[0] = CODE_FAILURE; /* * change length field */ packet->buffer[2] = 0;/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ packet->buffer[3] = CHAP_FAILURE_LENGTH;/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ packet->len = CHAP_FAILURE_LENGTH; /* * fill out Message */ /*lint -e419 (Warning -- data overrun) */ memcpy(&packet->buffer[4], CHAP_FAILURE_TEXT, CHAP_FAILURE_TEXT_LENGTH);/*lint !e416 (Warning -- creation of out-of-bounds pointer) */ /*lint +e419 (Warning -- data overrun) */ /* * set return values */ *forward=FORWARD_RRN; *ptr_packet = packet; return; } arb_discard_packet(ppp_data->chap.r_packet); ppp_data->chap.r_packet = packet; /* * create Success packet and * set return values */ chap_get_ss(ptr_packet); *forward=FORWARD_RRP; } /* chap_rr() */ /* +------------------------------------------------------------------------------ | Function : chap_rs +------------------------------------------------------------------------------ | Description : The function chap_rs() checks whether the given Success | packet is valid and if so it returns FORWARD_RS. | | Parameters : packet - Success packet | forward - returns result of analysis | +------------------------------------------------------------------------------ */ GLOBAL void chap_rs (T_desc2* packet, UBYTE* forward) { USHORT packet_len; TRACE_FUNCTION( "chap_rs" ); /* * this packet can only reveiced in client mode */ if(ppp_data->mode NEQ PPP_CLIENT) { *forward=FORWARD_DISCARD; return; } /* * check correct length and identifier */ packet_len = packet->buffer[2];/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ packet_len = packet_len << 8; packet_len+= packet->buffer[3];/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ if(packet_len > packet->len || ppp_data->chap.nci != packet->buffer[1])/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ { TRACE_EVENT("PPP CHAP: invalid CHAP Success"); *forward=FORWARD_DISCARD; return; } /* * check if Response was sent. */ if(!ppp_data->chap.sr) { TRACE_EVENT("PPP CHAP: unexpected CHAP Success"); *forward=FORWARD_DISCARD; return; } /* * free authentication packet */ arb_discard_packet(packet); /* * set return value */ ppp_data->chap.rs = TRUE; *forward=FORWARD_RS; /* * Announce successful CHAP authentification */ TRACE_EVENT("PPP CHAP: authentification successful"); } /* chap_rs() */ /* +------------------------------------------------------------------------------ | Function : chap_rf +------------------------------------------------------------------------------ | Description : The function chap_rf() checks whether the given Failure | packet is valid and if so it returns FORWARD_RF. | | Parameters : packet - Failure packet | forward - returns result of analysis | +------------------------------------------------------------------------------ */ GLOBAL void chap_rf (T_desc2* packet, UBYTE* forward) { USHORT packet_len; TRACE_FUNCTION( "chap_rf" ); /* * this packet can only reveiced in client mode */ if(ppp_data->mode NEQ PPP_CLIENT) { TRACE_EVENT("PPP CHAP: unexpected Failure packet in server mode"); *forward=FORWARD_DISCARD; return; } /* * check correct length */ packet_len = packet->buffer[2];/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ packet_len = packet_len << 8; packet_len+= packet->buffer[3];/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ if(packet_len > packet->len) { TRACE_EVENT("PPP CHAP: invalid Failure packet length"); *forward=FORWARD_DISCARD; return; } /* * Check identifier */ if(ppp_data->chap.nci != packet->buffer[1])/*lint !e415 !e416 (Warning -- access/creation of out-of-bounds pointer) */ { TRACE_EVENT("PPP CHAP: invalid identifier in Failure packet"); *forward=FORWARD_DISCARD; return; } /* * Check if Success was already received * or if Response was not sent yet */ if(ppp_data->chap.rs || !ppp_data->chap.sr) { TRACE_EVENT("PPP CHAP: unexpected Failure"); *forward=FORWARD_DISCARD; return; } /* * free Failure packet and reset Response receiving flag */ arb_discard_packet(packet); ppp_data->chap.sr = FALSE; /* * set return value */ *forward=FORWARD_RF; /* * Announce failed CHAP authentification */ TRACE_EVENT("PPP CHAP: authentification failed"); } /* chap_rf() */ #ifdef _SIMULATION_ /* +------------------------------------------------------------------------------ | Function : ppp_trace_desc +------------------------------------------------------------------------------ | Description : The function traces desc | | Parameters : packet - tracing packet | +------------------------------------------------------------------------------ */ GLOBAL void ppp_trace_desc (T_desc2* packet) { UINT i=0; UBYTE *buf=&packet->buffer[0]; while(i < packet->len) { if((i+4) < packet->len){ TRACE_EVENT_P4("0x%02x, 0x%02x, 0x%02x, 0x%02x,", buf[i], buf[i+1],buf[i+2],buf[i+3]); i+=4; } else if((i+3) < packet->len){ TRACE_EVENT_P3("0x%02x, 0x%02x, 0x%02x,", buf[i], buf[i+1],buf[i+2]); i+=3; } else if((i+2) < packet->len){ TRACE_EVENT_P2("0x%02x, 0x%02x,",buf[i],buf[i+1]); i+=2; } else if((i+1) <= packet->len){ TRACE_EVENT_P1("0x%02x, ",buf[i]); i+=1; } } } #endif /* _SIMULATION_ */