cat <<\_ACEOF
+Optional Packages:
+ --with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
+ --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
+ --with-rlm-otp-lib-dir directory for otp libs
+ --with-rlm-otp-include-dir directory for otp includes
+ --with-openssl-includes=DIR Directory to look for OpenSSL include files
+
Some influential environment variables:
CC C compiler command
CFLAGS C compiler flags
- if test "x$OPENSSL_LIBS" = "x"; then
- fail="$fail OpenSSL"
- fi
+
+# Check whether --with-rlm-otp-lib-dir or --without-rlm-otp-lib-dir was given.
+if test "${with_rlm_otp_lib_dir+set}" = set; then
+ withval="$with_rlm_otp_lib_dir"
+ otp_ldflags="$otp_ldflags -L$withval"
+fi;
+
+# Check whether --with-rlm-otp-include-dir or --without-rlm-otp-include-dir was given.
+if test "${with_rlm_otp_include_dir+set}" = set; then
+ withval="$with_rlm_otp_include_dir"
+ otp_cflags="$otp_cflags -I$withval"
+fi;
+
+
+# Check whether --with-openssl-includes or --without-openssl-includes was given.
+if test "${with_openssl_includes+set}" = set; then
+ withval="$with_openssl_includes"
+ case "$withval" in
+ *)
+ SMART_CFLAGS="$SMART_CFLAGS -I$withval"
+ ;;
+ esac
+
+fi;
targetname=rlm_otp # keep this! Don't change!
else
#ifdef FREERADIUS
#define _LRAD_MD4_H
#define _LRAD_SHA1_H
-#include <freeradius-devel/rad_assert.h>
+#include <rad_assert.h>
#endif
#include "otp.h"
#include "otp_pwe.h"
switch(pwattr[attr]) {
case PW_PASSWORD:
DEBUG("%s: %s: handling PW_PASSWORD", log_prefix, __func__);
- nmatch = strcmp(password, resp_vp->vp_strvalue);
+ nmatch = strcmp(password, resp_vp->strvalue);
break;
case PW_CHAP_PASSWORD:
nmatch = -1;
break;
}
- input[0] = *(resp_vp->vp_strvalue);
+ input[0] = *(resp_vp->strvalue);
(void) memcpy(&input[1], password, strlen(password));
- (void) memcpy(&input[1+strlen(password)], chal_vp->vp_strvalue,
+ (void) memcpy(&input[1+strlen(password)], chal_vp->strvalue,
chal_vp->length);
(void) MD5(input, 1 + strlen(password) + chal_vp->length, output);
- nmatch = memcmp(output, &(resp_vp->vp_strvalue)[1], MD5_DIGEST_LENGTH);
+ nmatch = memcmp(output, &(resp_vp->strvalue)[1], MD5_DIGEST_LENGTH);
} /* case PW_CHAP_PASSWORD */
break;
nmatch = -1;
break;
}
- if ((resp_vp->vp_strvalue)[1] != 1) {
+ if ((resp_vp->strvalue)[1] != 1) {
otp_log(OTP_LOG_AUTH,
"%s: %s: MS-CHAP-Response bad flags (LM not supported)",
log_prefix, __func__);
(void) MD4(input, 2 * password_len, nt_keys);
/* The challenge gets encrypted. */
- (void) memcpy(input, chal_vp->vp_strvalue, 8);
+ (void) memcpy(input, chal_vp->strvalue, 8);
/* Convert the password hash to keys, and do the encryptions. */
for (i = 0; i < 3; ++i) {
ks, DES_ENCRYPT);
}
- nmatch = memcmp(output, resp_vp->vp_strvalue + 26, 24);
+ nmatch = memcmp(output, resp_vp->strvalue + 26, 24);
if (nmatch || !vps)
break;
{
SHA_CTX ctx;
unsigned char md[SHA_DIGEST_LENGTH];
- char *username = request->username->vp_strvalue;
+ char *username = request->username->strvalue;
int username_len = request->username->length;
SHA1_Init(&ctx);
- SHA1_Update(&ctx, resp_vp->vp_strvalue + 2, 16);
- SHA1_Update(&ctx, chal_vp->vp_strvalue, 16);
+ SHA1_Update(&ctx, resp_vp->strvalue + 2, 16);
+ SHA1_Update(&ctx, chal_vp->strvalue, 16);
SHA1_Update(&ctx, username, username_len);
SHA1_Final(md, &ctx);
ks, DES_ENCRYPT);
}
- nmatch = memcmp(output, resp_vp->vp_strvalue + 26, 24);
+ nmatch = memcmp(output, resp_vp->strvalue + 26, 24);
if (nmatch || !vps)
break;
/* 0x (ID) ( ASCII("S="ASCII(auth_md))) */
char auth_octet_string[2 + 2 + (2 * sizeof(auth_md_string))];
- char *username = request->username->vp_strvalue;
+ char *username = request->username->strvalue;
int username_len = request->username->length;
/* "Magic server to client signing constant" */
(void) MD4(nt_keys, MD4_DIGEST_LENGTH, password_md_md);
SHA1_Init(&ctx);
SHA1_Update(&ctx, password_md_md, MD4_DIGEST_LENGTH);
- SHA1_Update(&ctx, resp_vp->vp_strvalue + 26, 24);
+ SHA1_Update(&ctx, resp_vp->strvalue + 26, 24);
SHA1_Update(&ctx, magic1, sizeof(magic1));
SHA1_Final(md1, &ctx);
/* MD2 */
SHA1_Init(&ctx);
- SHA1_Update(&ctx, resp_vp->vp_strvalue + 2, 16);
- SHA1_Update(&ctx, chal_vp->vp_strvalue, 16);
+ SHA1_Update(&ctx, resp_vp->strvalue + 2, 16);
+ SHA1_Update(&ctx, chal_vp->strvalue, 16);
SHA1_Update(&ctx, username, username_len);
SHA1_Final(md2, &ctx);
/* And then octet conversion. Ugh! */
auth_octet_string[0] = '0';
auth_octet_string[1] = 'x';
- (void) sprintf(&auth_octet_string[2], "%02X", resp_vp->vp_strvalue[0]);
+ (void) sprintf(&auth_octet_string[2], "%02X", resp_vp->strvalue[0]);
for (i = 0; i < sizeof(auth_md_string) - 1; ++i)
(void) sprintf(&auth_octet_string[i * 2 +4], "%02X", auth_md_string[i]);
/* Generate the master session key. */
SHA1_Init(&ctx);
SHA1_Update(&ctx, password_md_md, MD4_DIGEST_LENGTH);
- SHA1_Update(&ctx, resp_vp->vp_strvalue + 26, 24);
+ SHA1_Update(&ctx, resp_vp->strvalue + 26, 24);
SHA1_Update(&ctx, Magic1, sizeof(Magic1));
SHA1_Final(sha_md, &ctx);
(void) memcpy(MasterKey, sha_md, 16);
#include "otp.h"
#ifdef FREERADIUS
-#include <freeradius-devel/modules.h>
+#include <modules.h>
#endif
static const char rcsid[] = "$Id$";
auth_type_found = 0;
if ((vp = pairfind(request->config_items, PW_AUTHTYPE)) != NULL) {
auth_type_found = 1;
- if (strcmp(vp->vp_strvalue, inst->name))
+ if (strcmp(vp->strvalue, inst->name))
return RLM_MODULE_NOOP;
}
}
log_prefix, __func__);
return RLM_MODULE_INVALID;
}
- username = request->username->vp_strvalue;
+ username = request->username->strvalue;
if ((data.pwattr = otp_pwe_present(request, log_prefix)) == 0) {
otp_log(OTP_LOG_AUTH, "%s: %s: Attribute \"User-Password\" "
if (inst->allow_async) {
/* Verify the state. */
- (void) memcpy(challenge, vp->vp_strvalue, inst->chal_len);
- (void) memcpy(&sflags, vp->vp_strvalue + inst->chal_len, 4);
- (void) memcpy(&then, vp->vp_strvalue + inst->chal_len + 4, 4);
+ (void) memcpy(challenge, vp->strvalue, inst->chal_len);
+ (void) memcpy(&sflags, vp->strvalue + inst->chal_len, 4);
+ (void) memcpy(&then, vp->strvalue + inst->chal_len + 4, 4);
if (otp_gen_state(NULL, &state, challenge, inst->chal_len,
sflags, then, hmac_key) != 0) {
otp_log(OTP_LOG_ERR, "%s: %s: failed to generate state",
log_prefix, __func__);
return RLM_MODULE_FAIL;
}
- if (memcmp(state, vp->vp_strvalue, vp->length)) {
+ if (memcmp(state, vp->strvalue, vp->length)) {
otp_log(OTP_LOG_AUTH, "%s: %s: bad state for [%s]: hmac",
log_prefix, __func__, username);
free(state);
* is single-threaded.
*/
module_t rlm_otp = {
- RLM_MODULE_INIT,
"otp",
RLM_TYPE_THREAD_SAFE, /* type */
+ NULL, /* initialization */
otp_instantiate, /* instantiation */
- otp_detach, /* detach */
{
otp_authenticate, /* authentication */
otp_authorize, /* authorization */
NULL, /* post-proxy */
NULL /* post-auth */
},
+ otp_detach, /* detach */
+ NULL, /* destroy */
};