You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
156 lines
4.1 KiB
156 lines
4.1 KiB
/* Copyright (c) 1993, Microsoft Corporation, all rights reserved
|
|
**
|
|
** raspap.h
|
|
** Remote Access PPP Password Authentication Protocol
|
|
**
|
|
** 11/05/93 Steve Cobb
|
|
*/
|
|
|
|
#ifndef _RASPAP_H_
|
|
#define _RASPAP_H_
|
|
|
|
#include "wincrypt.h"
|
|
|
|
//General macros
|
|
#define GEN_RAND_ENCODE_SEED ((CHAR) ( 1 + rand() % 250 ))
|
|
/* PAP packet codes from PAP spec.
|
|
*/
|
|
#define PAPCODE_Req 1
|
|
#define PAPCODE_Ack 2
|
|
#define PAPCODE_Nak 3
|
|
|
|
#define MAXPAPCODE 3
|
|
|
|
/* Returned by receive buffer parsing routines that discover the packet is
|
|
** corrupt, usually because the length fields don't make sense.
|
|
*/
|
|
#define ERRORBADPACKET (DWORD )-1
|
|
|
|
/* Defines states within the PAP protocol.
|
|
*/
|
|
#define PAPSTATE enum tagPAPSTATE
|
|
|
|
PAPSTATE
|
|
{
|
|
PS_Initial,
|
|
PS_RequestSent,
|
|
PS_WaitForRequest,
|
|
PS_WaitForAuthenticationToComplete,
|
|
PS_Done
|
|
};
|
|
|
|
|
|
/* Defines the WorkBuf stored for us by the PPP engine.
|
|
*/
|
|
#define PAPWB struct tagPAPWB
|
|
|
|
PAPWB
|
|
{
|
|
/* True if role is server, false if client.
|
|
*/
|
|
BOOL fServer;
|
|
|
|
/* The domain\username and password (applies to client only).
|
|
*/
|
|
CHAR szAccount[ DNLEN + 1 + UNLEN + 1 ];
|
|
CHAR szPassword[ PWLEN ];
|
|
|
|
/* The current state in the PAP protocol.
|
|
*/
|
|
PAPSTATE state;
|
|
|
|
/* Last sequencing ID sent on this port. Incremented for each
|
|
** Authenticate-Req packet sent. Client side only.
|
|
*/
|
|
BYTE bIdSent;
|
|
|
|
HPORT hPort;
|
|
|
|
/* Id of the last Authenticate-Req packet received on this port.
|
|
** Server side only.
|
|
*/
|
|
BYTE bLastIdReceived;
|
|
|
|
//
|
|
// Used to get information to send to back-end server.
|
|
//
|
|
|
|
RAS_AUTH_ATTRIBUTE * pUserAttributes;
|
|
|
|
/* The final result, used to duplicate the original response for all
|
|
** subsequent Authenticate-Req packets. This is per PAP spec to cover
|
|
** lost Ack/Nak case without allowing malicious client to discover
|
|
** alternative identities under the covers during a connection. (applies
|
|
** to server only)
|
|
*/
|
|
PPPAP_RESULT result;
|
|
// CHAR chSeed; //Used to encode password. Strange. We
|
|
//send password cleartext on the line
|
|
//and encode it in the program...
|
|
|
|
DATA_BLOB DBPassword;
|
|
};
|
|
|
|
|
|
/* Prototypes.
|
|
*/
|
|
DWORD CheckCredentials( CHAR*, CHAR*, CHAR*, DWORD*, BOOL*, CHAR*,
|
|
BYTE*, CHAR*, HANDLE* );
|
|
DWORD PapCMakeMessage( PAPWB*, PPP_CONFIG*, PPP_CONFIG*, DWORD, PPPAP_RESULT* );
|
|
DWORD GetCredentialsFromRequest( PPP_CONFIG*, CHAR*, CHAR* );
|
|
DWORD GetErrorFromNak( PPP_CONFIG* );
|
|
VOID PapMakeRequestMessage( PAPWB*, PPP_CONFIG*, DWORD );
|
|
VOID PapMakeResultMessage( DWORD, BYTE, PPP_CONFIG*, DWORD, RAS_AUTH_ATTRIBUTE* );
|
|
DWORD PapBegin( VOID**, VOID* );
|
|
DWORD PapEnd( VOID* );
|
|
DWORD PapMakeMessage( VOID*, PPP_CONFIG*, PPP_CONFIG*, DWORD, PPPAP_RESULT*,
|
|
PPPAP_INPUT* pInput );
|
|
VOID PapExtractMessage(PPP_CONFIG*, PPPAP_RESULT*);
|
|
DWORD PapSMakeMessage( PAPWB*, PPP_CONFIG*, PPP_CONFIG*, DWORD, PPPAP_INPUT* pInput, PPPAP_RESULT* );
|
|
|
|
|
|
/* Globals.
|
|
*/
|
|
#ifdef RASPAPGLOBALS
|
|
#define GLOBALS
|
|
#define EXTERN
|
|
#else
|
|
#define EXTERN extern
|
|
#endif
|
|
|
|
/* Next packet identifier to assign. Unlike CPs, APs must handle updating
|
|
** this sequence number themselves because the engine can't make as many
|
|
** assumptions about the protocol. It is stored global to all ports and
|
|
** authentication sessions to make it less likely that an ID will be used in
|
|
** sequential authentication sessions. Not to be confused with the 'bIdSent'
|
|
** updated on a per-port basis and used for matching.
|
|
*/
|
|
EXTERN BYTE BNextIdPap
|
|
#ifdef GLOBALS
|
|
= 0
|
|
#endif
|
|
;
|
|
|
|
/* This value indicates whether or not to follow strict sequencing as defined
|
|
** in the PPP RFC for PAP. The RFC says that the PAP client MUST increase the
|
|
** sequence number for every new CONFIG_REQ packet sent out. However this
|
|
** causes problems with slow servers. See bug # 22508. Default is FALSE.
|
|
*/
|
|
EXTERN BOOL fFollowStrictSequencing
|
|
#ifdef GLOBALS
|
|
= FALSE
|
|
#endif
|
|
;
|
|
|
|
EXTERN
|
|
DWORD g_dwTraceIdPap
|
|
#ifdef GLOBALS
|
|
= INVALID_TRACEID;
|
|
#endif
|
|
;
|
|
|
|
#undef EXTERN
|
|
#undef GLOBALS
|
|
|
|
|
|
#endif // _RASPAP_H_
|