Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
Achou.Wang
accel-ppp
提交
ab309f45
A
accel-ppp
项目概览
Achou.Wang
/
accel-ppp
通知
6
Star
1
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
A
accel-ppp
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
ab309f45
编写于
11月 05, 2010
作者:
D
Dmitry Kozlov
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
auth: implemented mppe key derivation from ms-chap credentials
上级
5d2364b0
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
137 addition
and
12 deletion
+137
-12
accel-pptpd/auth/auth_mschap_v1.c
accel-pptpd/auth/auth_mschap_v1.c
+34
-0
accel-pptpd/auth/auth_mschap_v2.c
accel-pptpd/auth/auth_mschap_v2.c
+103
-12
未找到文件。
accel-pptpd/auth/auth_mschap_v1.c
浏览文件 @
ab309f45
...
...
@@ -10,9 +10,11 @@
#include <openssl/md4.h>
#include <openssl/des.h>
#include <openssl/sha.h>
#include "log.h"
#include "ppp.h"
#include "events.h"
#include "ppp_auth.h"
#include "ppp_lcp.h"
#include "pwdb.h"
...
...
@@ -97,6 +99,7 @@ static void chap_recv(struct ppp_handler_t *h);
static
int
chap_check_response
(
struct
chap_auth_data_t
*
ad
,
struct
chap_response_t
*
res
,
const
char
*
name
);
static
void
chap_timeout_timer
(
struct
triton_timer_t
*
t
);
static
void
chap_restart_timer
(
struct
triton_timer_t
*
t
);
static
void
set_mppe_keys
(
struct
chap_auth_data_t
*
ad
,
uint8_t
*
z_hash
);
static
void
print_buf
(
const
uint8_t
*
buf
,
int
size
)
{
...
...
@@ -396,6 +399,8 @@ static int chap_check_response(struct chap_auth_data_t *ad, struct chap_response
des_encrypt
(
ad
->
val
,
z_hash
+
7
,
nt_hash
+
8
);
des_encrypt
(
ad
->
val
,
z_hash
+
14
,
nt_hash
+
16
);
set_mppe_keys
(
ad
,
z_hash
);
_free
(
passwd
);
_free
(
u_passwd
);
...
...
@@ -407,6 +412,35 @@ static int chap_check(uint8_t *ptr)
return
*
ptr
==
MSCHAP_V1
;
}
static
void
set_mppe_keys
(
struct
chap_auth_data_t
*
ad
,
uint8_t
*
z_hash
)
{
MD4_CTX
md4_ctx
;
SHA_CTX
sha_ctx
;
uint8_t
digest
[
20
];
struct
ev_mppe_keys_t
ev_mppe
=
{
.
ppp
=
ad
->
ppp
,
.
type
=
1
<<
2
,
.
policy
=
1
,
.
recv_key
=
digest
,
.
send_key
=
digest
,
};
//NtPasswordHashHash
MD4_Init
(
&
md4_ctx
);
MD4_Update
(
&
md4_ctx
,
z_hash
,
16
);
MD4_Final
(
digest
,
&
md4_ctx
);
//Get_Start_Key
SHA1_Init
(
&
sha_ctx
);
SHA1_Update
(
&
sha_ctx
,
digest
,
16
);
SHA1_Update
(
&
sha_ctx
,
digest
,
16
);
SHA1_Update
(
&
sha_ctx
,
ad
->
val
,
VALUE_SIZE
);
SHA1_Final
(
digest
,
&
sha_ctx
);
triton_event_fire
(
EV_MPPE_KEYS
,
&
ev_mppe
);
}
static
int
chap_restart
(
struct
ppp_t
*
ppp
,
struct
auth_data_t
*
auth
)
{
struct
chap_auth_data_t
*
d
=
container_of
(
auth
,
typeof
(
*
d
),
auth
);
...
...
accel-pptpd/auth/auth_mschap_v2.c
浏览文件 @
ab309f45
...
...
@@ -14,6 +14,7 @@
#include "log.h"
#include "ppp.h"
#include "events.h"
#include "ppp_auth.h"
#include "ppp_lcp.h"
#include "pwdb.h"
...
...
@@ -41,18 +42,6 @@ static int conf_max_failure = 3;
static
int
urandom_fd
;
static
uint8_t
magic1
[
39
]
=
{
0x4D
,
0x61
,
0x67
,
0x69
,
0x63
,
0x20
,
0x73
,
0x65
,
0x72
,
0x76
,
0x65
,
0x72
,
0x20
,
0x74
,
0x6F
,
0x20
,
0x63
,
0x6C
,
0x69
,
0x65
,
0x6E
,
0x74
,
0x20
,
0x73
,
0x69
,
0x67
,
0x6E
,
0x69
,
0x6E
,
0x67
,
0x20
,
0x63
,
0x6F
,
0x6E
,
0x73
,
0x74
,
0x61
,
0x6E
,
0x74
};
static
uint8_t
magic2
[
41
]
=
{
0x50
,
0x61
,
0x64
,
0x20
,
0x74
,
0x6F
,
0x20
,
0x6D
,
0x61
,
0x6B
,
0x65
,
0x20
,
0x69
,
0x74
,
0x20
,
0x64
,
0x6F
,
0x20
,
0x6D
,
0x6F
,
0x72
,
0x65
,
0x20
,
0x74
,
0x68
,
0x61
,
0x6E
,
0x20
,
0x6F
,
0x6E
,
0x65
,
0x20
,
0x69
,
0x74
,
0x65
,
0x72
,
0x61
,
0x74
,
0x69
,
0x6F
,
0x6E
};
struct
chap_hdr_t
{
uint16_t
proto
;
...
...
@@ -111,6 +100,7 @@ static void chap_recv(struct ppp_handler_t *h);
static
int
chap_check_response
(
struct
chap_auth_data_t
*
ad
,
struct
chap_response_t
*
msg
,
const
char
*
name
);
static
void
chap_timeout_timer
(
struct
triton_timer_t
*
t
);
static
void
chap_restart_timer
(
struct
triton_timer_t
*
t
);
static
void
set_mppe_keys
(
struct
chap_auth_data_t
*
ad
,
uint8_t
*
z_hash
,
uint8_t
*
nt_hash
);
static
void
print_buf
(
const
uint8_t
*
buf
,
int
size
)
{
...
...
@@ -248,6 +238,19 @@ static int generate_response(struct chap_auth_data_t *ad, struct chap_response_t
uint8_t
response
[
SHA_DIGEST_LENGTH
];
int
i
;
uint8_t
magic1
[
39
]
=
{
0x4D
,
0x61
,
0x67
,
0x69
,
0x63
,
0x20
,
0x73
,
0x65
,
0x72
,
0x76
,
0x65
,
0x72
,
0x20
,
0x74
,
0x6F
,
0x20
,
0x63
,
0x6C
,
0x69
,
0x65
,
0x6E
,
0x74
,
0x20
,
0x73
,
0x69
,
0x67
,
0x6E
,
0x69
,
0x6E
,
0x67
,
0x20
,
0x63
,
0x6F
,
0x6E
,
0x73
,
0x74
,
0x61
,
0x6E
,
0x74
};
uint8_t
magic2
[
41
]
=
{
0x50
,
0x61
,
0x64
,
0x20
,
0x74
,
0x6F
,
0x20
,
0x6D
,
0x61
,
0x6B
,
0x65
,
0x20
,
0x69
,
0x74
,
0x20
,
0x64
,
0x6F
,
0x20
,
0x6D
,
0x6F
,
0x72
,
0x65
,
0x20
,
0x74
,
0x68
,
0x61
,
0x6E
,
0x20
,
0x6F
,
0x6E
,
0x65
,
0x20
,
0x69
,
0x74
,
0x65
,
0x72
,
0x61
,
0x74
,
0x69
,
0x6F
,
0x6E
};
passwd
=
pwdb_get_passwd
(
ad
->
ppp
,
name
);
if
(
!
passwd
)
return
-
1
;
...
...
@@ -485,12 +488,100 @@ static int chap_check_response(struct chap_auth_data_t *ad, struct chap_response
des_encrypt
(
c_hash
,
z_hash
+
7
,
nt_hash
+
8
);
des_encrypt
(
c_hash
,
z_hash
+
14
,
nt_hash
+
16
);
set_mppe_keys
(
ad
,
z_hash
,
msg
->
nt_hash
);
_free
(
passwd
);
_free
(
u_passwd
);
return
memcmp
(
nt_hash
,
msg
->
nt_hash
,
24
);
}
static
void
set_mppe_keys
(
struct
chap_auth_data_t
*
ad
,
uint8_t
*
z_hash
,
uint8_t
*
nt_hash
)
{
MD4_CTX
md4_ctx
;
SHA_CTX
sha_ctx
;
uint8_t
digest
[
20
];
uint8_t
send_key
[
20
];
uint8_t
recv_key
[
20
];
uint8_t
pad1
[
40
]
=
{
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
};
uint8_t
pad2
[
40
]
=
{
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
,
0xf2
};
uint8_t
magic1
[
27
]
=
{
0x54
,
0x68
,
0x69
,
0x73
,
0x20
,
0x69
,
0x73
,
0x20
,
0x74
,
0x68
,
0x65
,
0x20
,
0x4d
,
0x50
,
0x50
,
0x45
,
0x20
,
0x4d
,
0x61
,
0x73
,
0x74
,
0x65
,
0x72
,
0x20
,
0x4b
,
0x65
,
0x79
};
uint8_t
magic2
[
84
]
=
{
0x4f
,
0x6e
,
0x20
,
0x74
,
0x68
,
0x65
,
0x20
,
0x63
,
0x6c
,
0x69
,
0x65
,
0x6e
,
0x74
,
0x20
,
0x73
,
0x69
,
0x64
,
0x65
,
0x2c
,
0x20
,
0x74
,
0x68
,
0x69
,
0x73
,
0x20
,
0x69
,
0x73
,
0x20
,
0x74
,
0x68
,
0x65
,
0x20
,
0x73
,
0x65
,
0x6e
,
0x64
,
0x20
,
0x6b
,
0x65
,
0x79
,
0x3b
,
0x20
,
0x6f
,
0x6e
,
0x20
,
0x74
,
0x68
,
0x65
,
0x20
,
0x73
,
0x65
,
0x72
,
0x76
,
0x65
,
0x72
,
0x20
,
0x73
,
0x69
,
0x64
,
0x65
,
0x2c
,
0x20
,
0x69
,
0x74
,
0x20
,
0x69
,
0x73
,
0x20
,
0x74
,
0x68
,
0x65
,
0x20
,
0x72
,
0x65
,
0x63
,
0x65
,
0x69
,
0x76
,
0x65
,
0x20
,
0x6b
,
0x65
,
0x79
,
0x2e
};
uint8_t
magic3
[
84
]
=
{
0x4f
,
0x6e
,
0x20
,
0x74
,
0x68
,
0x65
,
0x20
,
0x63
,
0x6c
,
0x69
,
0x65
,
0x6e
,
0x74
,
0x20
,
0x73
,
0x69
,
0x64
,
0x65
,
0x2c
,
0x20
,
0x74
,
0x68
,
0x69
,
0x73
,
0x20
,
0x69
,
0x73
,
0x20
,
0x74
,
0x68
,
0x65
,
0x20
,
0x72
,
0x65
,
0x63
,
0x65
,
0x69
,
0x76
,
0x65
,
0x20
,
0x6b
,
0x65
,
0x79
,
0x3b
,
0x20
,
0x6f
,
0x6e
,
0x20
,
0x74
,
0x68
,
0x65
,
0x20
,
0x73
,
0x65
,
0x72
,
0x76
,
0x65
,
0x72
,
0x20
,
0x73
,
0x69
,
0x64
,
0x65
,
0x2c
,
0x20
,
0x69
,
0x74
,
0x20
,
0x69
,
0x73
,
0x20
,
0x74
,
0x68
,
0x65
,
0x20
,
0x73
,
0x65
,
0x6e
,
0x64
,
0x20
,
0x6b
,
0x65
,
0x79
,
0x2e
};
struct
ev_mppe_keys_t
ev_mppe
=
{
.
ppp
=
ad
->
ppp
,
.
type
=
1
<<
2
,
.
policy
=
1
,
.
recv_key
=
recv_key
,
.
send_key
=
send_key
,
};
//NtPasswordHashHash
MD4_Init
(
&
md4_ctx
);
MD4_Update
(
&
md4_ctx
,
z_hash
,
16
);
MD4_Final
(
digest
,
&
md4_ctx
);
//GetMasterKey
SHA1_Init
(
&
sha_ctx
);
SHA1_Update
(
&
sha_ctx
,
digest
,
16
);
SHA1_Update
(
&
sha_ctx
,
nt_hash
,
24
);
SHA1_Update
(
&
sha_ctx
,
magic1
,
sizeof
(
magic1
));
SHA1_Final
(
digest
,
&
sha_ctx
);
//send key
SHA1_Init
(
&
sha_ctx
);
SHA1_Update
(
&
sha_ctx
,
digest
,
16
);
SHA1_Update
(
&
sha_ctx
,
pad1
,
sizeof
(
pad1
));
SHA1_Update
(
&
sha_ctx
,
magic3
,
sizeof
(
magic2
));
SHA1_Update
(
&
sha_ctx
,
pad2
,
sizeof
(
pad2
));
SHA1_Final
(
send_key
,
&
sha_ctx
);
//recv key
SHA1_Init
(
&
sha_ctx
);
SHA1_Update
(
&
sha_ctx
,
digest
,
16
);
SHA1_Update
(
&
sha_ctx
,
pad1
,
sizeof
(
pad1
));
SHA1_Update
(
&
sha_ctx
,
magic2
,
sizeof
(
magic3
));
SHA1_Update
(
&
sha_ctx
,
pad2
,
sizeof
(
pad2
));
SHA1_Final
(
recv_key
,
&
sha_ctx
);
triton_event_fire
(
EV_MPPE_KEYS
,
&
ev_mppe
);
}
static
int
chap_check
(
uint8_t
*
ptr
)
{
return
*
ptr
==
MSCHAP_V2
;
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录