All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
Macros | Functions | Variables
rlm_mschap.c File Reference

Implemented mschap authentication. More...

#include <freeradius-devel/radiusd.h>
#include <freeradius-devel/modules.h>
#include <freeradius-devel/rad_assert.h>
#include <freeradius-devel/md5.h>
#include <freeradius-devel/sha1.h>
#include <ctype.h>
#include "rlm_mschap.h"
#include "mschap.h"
#include "smbdes.h"
#include "auth_wbclient.h"
+ Include dependency graph for rlm_mschap.c:

Go to the source code of this file.

Macros

#define ACB_AUTOLOCK   0x04000000
 Account auto locked. More...
 
#define ACB_DISABLED   0x00010000
 User account disabled. More...
 
#define ACB_DOMTRUST   0x00400000
 Interdomain trust account. More...
 
#define ACB_HOMDIRREQ   0x00020000
 Home directory required. More...
 
#define ACB_MNS   0x00200000
 MNS logon user account. More...
 
#define ACB_NORMAL   0x00100000
 Normal user account. More...
 
#define ACB_PW_EXPIRED   0x00020000
 Password Expired. More...
 
#define ACB_PWNOEXP   0x02000000
 User password does not expire. More...
 
#define ACB_PWNOTREQ   0x00040000
 User password not required. More...
 
#define ACB_SVRTRUST   0x01000000
 Server trust account. More...
 
#define ACB_TEMPDUP   0x00080000
 Temporary duplicate account. More...
 
#define ACB_WSTRUST   0x00800000
 Workstation trust account. More...
 

Functions

static int CC_HINT (nonnull(1, 2, 4, 5))
 
static int CC_HINT (nonnull(1, 2, 4, 5, 6))
 
static rlm_rcode_t CC_HINT (nonnull)
 
static int mod_bootstrap (CONF_SECTION *conf, void *instance)
 
static int mod_detach (UNUSED void *instance)
 
static int mod_instantiate (CONF_SECTION *conf, void *instance)
 
static void mppe_add_reply (REQUEST *request, char const *name, uint8_t const *value, size_t len)
 
static void mppe_chap2_gen_keys128 (uint8_t const *nt_hashhash, uint8_t const *response, uint8_t *sendkey, uint8_t *recvkey)
 
static void mppe_chap2_get_keys128 (uint8_t const *nt_hashhash, uint8_t const *nt_response, uint8_t *sendkey, uint8_t *recvkey)
 
static void mppe_GetAsymmetricStartKey (uint8_t *masterkey, uint8_t *sesskey, int keylen, int issend)
 
static void mppe_GetMasterKey (uint8_t const *nt_hashhash, uint8_t const *nt_response, uint8_t *masterkey)
 
void mschap_add_reply (REQUEST *request, unsigned char ident, char const *name, char const *value, size_t len)
 
static rlm_rcode_t mschap_error (rlm_mschap_t *inst, REQUEST *request, unsigned char ident, int mschap_result, int mschap_version, VALUE_PAIR *smb_ctrl)
 
static ssize_t mschap_xlat (char **out, size_t outlen, void const *mod_inst, UNUSED void const *xlat_inst, REQUEST *request, char const *fmt)
 
static int pdb_decode_acct_ctrl (char const *p)
 
static int write_all (int fd, char const *buf, int len)
 

Variables

static const uint8_t magic1 [27]
 
static const uint8_t magic2 [84]
 
static const uint8_t magic3 [84]
 
static const CONF_PARSER module_config []
 
static const CONF_PARSER passchange_config []
 
module_t rlm_mschap
 
static const uint8_t SHSpad1 [40]
 
static const uint8_t SHSpad2 [40]
 

Detailed Description

Implemented mschap authentication.

Id:
aa5683ce561bdfd9b0ecd15ac1898d8f1afd63e9

Definition in file rlm_mschap.c.

Macro Definition Documentation

#define ACB_AUTOLOCK   0x04000000

Account auto locked.

Definition at line 61 of file rlm_mschap.c.

#define ACB_DISABLED   0x00010000

User account disabled.

Definition at line 51 of file rlm_mschap.c.

#define ACB_DOMTRUST   0x00400000

Interdomain trust account.

Definition at line 57 of file rlm_mschap.c.

#define ACB_HOMDIRREQ   0x00020000

Home directory required.

Definition at line 52 of file rlm_mschap.c.

#define ACB_MNS   0x00200000

MNS logon user account.

Definition at line 56 of file rlm_mschap.c.

#define ACB_NORMAL   0x00100000

Normal user account.

Definition at line 55 of file rlm_mschap.c.

#define ACB_PW_EXPIRED   0x00020000

Password Expired.

Definition at line 62 of file rlm_mschap.c.

#define ACB_PWNOEXP   0x02000000

User password does not expire.

Definition at line 60 of file rlm_mschap.c.

#define ACB_PWNOTREQ   0x00040000

User password not required.

Definition at line 53 of file rlm_mschap.c.

#define ACB_SVRTRUST   0x01000000

Server trust account.

Definition at line 59 of file rlm_mschap.c.

#define ACB_TEMPDUP   0x00080000

Temporary duplicate account.

Definition at line 54 of file rlm_mschap.c.

#define ACB_WSTRUST   0x00800000

Workstation trust account.

Definition at line 58 of file rlm_mschap.c.

Function Documentation

static int CC_HINT ( nonnull(1, 2, 4, 5)  )
static

Definition at line 741 of file rlm_mschap.c.

+ Here is the call graph for this function:

static int CC_HINT ( nonnull(1, 2, 4, 5,6)  )
static

Definition at line 1104 of file rlm_mschap.c.

+ Here is the call graph for this function:

static rlm_rcode_t CC_HINT ( nonnull  )
static

Definition at line 1361 of file rlm_mschap.c.

+ Here is the call graph for this function:

static int mod_bootstrap ( CONF_SECTION conf,
void *  instance 
)
static

Definition at line 570 of file rlm_mschap.c.

+ Here is the call graph for this function:

static int mod_detach ( UNUSED void *  instance)
static

Definition at line 665 of file rlm_mschap.c.

+ Here is the call graph for this function:

static int mod_instantiate ( CONF_SECTION conf,
void *  instance 
)
static

Definition at line 590 of file rlm_mschap.c.

+ Here is the call graph for this function:

static void mppe_add_reply ( REQUEST request,
char const *  name,
uint8_t const *  value,
size_t  len 
)
static

Definition at line 712 of file rlm_mschap.c.

+ Here is the call graph for this function:

static void mppe_chap2_gen_keys128 ( uint8_t const *  nt_hashhash,
uint8_t const *  response,
uint8_t *  sendkey,
uint8_t *  recvkey 
)
static

Definition at line 1337 of file rlm_mschap.c.

+ Here is the call graph for this function:

static void mppe_chap2_get_keys128 ( uint8_t const *  nt_hashhash,
uint8_t const *  nt_response,
uint8_t *  sendkey,
uint8_t *  recvkey 
)
static

Definition at line 1323 of file rlm_mschap.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static void mppe_GetAsymmetricStartKey ( uint8_t *  masterkey,
uint8_t *  sesskey,
int  keylen,
int  issend 
)
static

Definition at line 1297 of file rlm_mschap.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static void mppe_GetMasterKey ( uint8_t const *  nt_hashhash,
uint8_t const *  nt_response,
uint8_t *  masterkey 
)
static

Definition at line 1281 of file rlm_mschap.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

void mschap_add_reply ( REQUEST request,
unsigned char  ident,
char const *  name,
char const *  value,
size_t  len 
)

Definition at line 680 of file rlm_mschap.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static rlm_rcode_t mschap_error ( rlm_mschap_t inst,
REQUEST request,
unsigned char  ident,
int  mschap_result,
int  mschap_version,
VALUE_PAIR smb_ctrl 
)
static

Definition at line 1397 of file rlm_mschap.c.

+ Here is the call graph for this function:

static ssize_t mschap_xlat ( char **  out,
size_t  outlen,
void const *  mod_inst,
UNUSED void const *  xlat_inst,
REQUEST request,
char const *  fmt 
)
static

Definition at line 149 of file rlm_mschap.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static int pdb_decode_acct_ctrl ( char const *  p)
static

Definition at line 64 of file rlm_mschap.c.

static int write_all ( int  fd,
char const *  buf,
int  len 
)
static

Definition at line 725 of file rlm_mschap.c.

+ Here is the caller graph for this function:

Variable Documentation

const uint8_t magic1[27]
static
Initial value:
=
{ 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74,
0x68, 0x65, 0x20, 0x4d, 0x50, 0x50, 0x45, 0x20, 0x4d,
0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x4b, 0x65, 0x79 }

Definition at line 1253 of file rlm_mschap.c.

const uint8_t magic2[84]
static
Initial value:
=
{ 0x4f, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x69,
0x65, 0x6e, 0x74, 0x20, 0x73, 0x69, 0x64, 0x65, 0x2c, 0x20,
0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68,
0x65, 0x20, 0x73, 0x65, 0x6e, 0x64, 0x20, 0x6b, 0x65, 0x79,
0x3b, 0x20, 0x6f, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x73,
0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x73, 0x69, 0x64, 0x65,
0x2c, 0x20, 0x69, 0x74, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68,
0x65, 0x20, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x20,
0x6b, 0x65, 0x79, 0x2e }

Definition at line 1258 of file rlm_mschap.c.

const uint8_t magic3[84]
static
Initial value:
=
{ 0x4f, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x69,
0x65, 0x6e, 0x74, 0x20, 0x73, 0x69, 0x64, 0x65, 0x2c, 0x20,
0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68,
0x65, 0x20, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x20,
0x6b, 0x65, 0x79, 0x3b, 0x20, 0x6f, 0x6e, 0x20, 0x74, 0x68,
0x65, 0x20, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x73,
0x69, 0x64, 0x65, 0x2c, 0x20, 0x69, 0x74, 0x20, 0x69, 0x73,
0x20, 0x74, 0x68, 0x65, 0x20, 0x73, 0x65, 0x6e, 0x64, 0x20,
0x6b, 0x65, 0x79, 0x2e }

Definition at line 1269 of file rlm_mschap.c.

const CONF_PARSER module_config[]
static
Initial value:
= {
{ FR_CONF_OFFSET("use_mppe", PW_TYPE_BOOLEAN, rlm_mschap_t, use_mppe), .dflt = "yes" },
{ FR_CONF_OFFSET("require_encryption", PW_TYPE_BOOLEAN, rlm_mschap_t, require_encryption), .dflt = "no" },
{ FR_CONF_OFFSET("require_strong", PW_TYPE_BOOLEAN, rlm_mschap_t, require_strong), .dflt = "no" },
{ FR_CONF_OFFSET("with_ntdomain_hack", PW_TYPE_BOOLEAN, rlm_mschap_t, with_ntdomain_hack), .dflt = "yes" },
{ FR_CONF_OFFSET("ntlm_auth", PW_TYPE_STRING | PW_TYPE_XLAT, rlm_mschap_t, ntlm_auth) },
{ FR_CONF_OFFSET("ntlm_auth_timeout", PW_TYPE_INTEGER, rlm_mschap_t, ntlm_auth_timeout) },
{ FR_CONF_POINTER("passchange", PW_TYPE_SUBSECTION, NULL), .dflt = (void const *) passchange_config },
{ FR_CONF_OFFSET("allow_retry", PW_TYPE_BOOLEAN, rlm_mschap_t, allow_retry), .dflt = "yes" },
{ FR_CONF_OFFSET("retry_msg", PW_TYPE_STRING, rlm_mschap_t, retry_msg) },
{ FR_CONF_OFFSET("winbind_username", PW_TYPE_TMPL, rlm_mschap_t, wb_username) },
{ FR_CONF_OFFSET("winbind_domain", PW_TYPE_TMPL, rlm_mschap_t, wb_domain) },
}
#define CONF_PARSER_TERMINATOR
Definition: conffile.h:289
#define PW_TYPE_SUBSECTION
Definition: conffile.h:188
static const CONF_PARSER passchange_config[]
Definition: rlm_mschap.c:540
#define PW_TYPE_XLAT
string will be dynamically expanded.
Definition: conffile.h:207
A truth value.
Definition: radius.h:56
32 Bit unsigned integer.
Definition: radius.h:34
#define FR_CONF_OFFSET(_n, _t, _s, _f)
Definition: conffile.h:168
String of printable characters.
Definition: radius.h:33
#define FR_CONF_POINTER(_n, _t, _p)
Definition: conffile.h:172
#define PW_TYPE_TMPL
CONF_PAIR should be parsed as a template.
Definition: conffile.h:208

Definition at line 548 of file rlm_mschap.c.

const CONF_PARSER passchange_config[]
static
Initial value:
= {
{ FR_CONF_OFFSET("ntlm_auth", PW_TYPE_STRING | PW_TYPE_XLAT, rlm_mschap_t, ntlm_cpw) },
{ FR_CONF_OFFSET("ntlm_auth_username", PW_TYPE_STRING | PW_TYPE_XLAT, rlm_mschap_t, ntlm_cpw_username) },
{ FR_CONF_OFFSET("ntlm_auth_domain", PW_TYPE_STRING | PW_TYPE_XLAT, rlm_mschap_t, ntlm_cpw_domain) },
{ FR_CONF_OFFSET("local_cpw", PW_TYPE_STRING | PW_TYPE_XLAT, rlm_mschap_t, local_cpw) },
}
#define CONF_PARSER_TERMINATOR
Definition: conffile.h:289
#define PW_TYPE_XLAT
string will be dynamically expanded.
Definition: conffile.h:207
#define FR_CONF_OFFSET(_n, _t, _s, _f)
Definition: conffile.h:168
String of printable characters.
Definition: radius.h:33

Definition at line 540 of file rlm_mschap.c.

module_t rlm_mschap
Initial value:
= {
.magic = RLM_MODULE_INIT,
.name = "mschap",
.type = 0,
.inst_size = sizeof(rlm_mschap_t),
.config = module_config,
.bootstrap = mod_bootstrap,
.instantiate = mod_instantiate,
.detach = mod_detach,
.methods = {
},
}
struct rlm_mschap_t rlm_mschap_t
static rlm_rcode_t mod_authorize(void *instance, REQUEST *request)
Handle authorization requests using Couchbase document data.
static int mod_bootstrap(CONF_SECTION *conf, void *instance)
Definition: rlm_mschap.c:570
#define RLM_MODULE_INIT
Definition: modules.h:86
static rlm_rcode_t mod_authenticate(void *instance, REQUEST *request) CC_HINT(nonnull)
static int mod_instantiate(CONF_SECTION *conf, void *instance)
Definition: rlm_mschap.c:590
0 methods index for authenticate section.
Definition: modules.h:41
static const CONF_PARSER module_config[]
Definition: rlm_mschap.c:548
1 methods index for authorize section.
Definition: modules.h:42
static int mod_detach(UNUSED void *instance)
Definition: rlm_mschap.c:665

Definition at line 2032 of file rlm_mschap.c.

const uint8_t SHSpad1[40]
static
Initial value:
=
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }

Definition at line 1241 of file rlm_mschap.c.

const uint8_t SHSpad2[40]
static
Initial value:
=
{ 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2 }

Definition at line 1247 of file rlm_mschap.c.