sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2025-12-19 11:00:27 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
66b5d1ec81433d4cbc218ed18f2e4ee04d51aa38
ipxe/src/config/config_eap.c
Michael Brown 43e385091a [eap] Add support for the MS-CHAPv2 authentication method 
Add support for EAP-MSCHAPv2 (note that this is not the same as
PEAP-MSCHAPv2), controllable via the build configuration option
EAP_METHOD_MSCHAPV2 in config/general.h.

Our model for EAP does not encompass mutual authentication: we will
starting sending plaintext packets (e.g. DHCP requests) over the link
even before EAP completes, and our only use for an EAP success is to
mark the link as unblocked.

We therefore ignore the content of the EAP-MSCHAPv2 success request
(containing the MS-CHAPv2 authenticator response) and just send back
an EAP-MSCHAPv2 success response, so that the EAP authenticator will
complete the process and send through the real EAP success packet
(which will, in turn, cause us to unblock the link).

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2024-02-23 16:37:07 +00:00

43 lines
1.2 KiB
C
Raw Blame History

/*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*
* You can also choose to distribute this program under the terms of
* the Unmodified Binary Distribution Licence (as given in the file
* COPYING.UBDL), provided that you have satisfied its requirements.
*/
FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
#include <config/general.h>
/** @file
*
* EAP configuration options
*
*/
PROVIDE_REQUIRING_SYMBOL();
/*
* Drag in EAP authentication methods
*/
#ifdef EAP_METHOD_MD5
REQUIRE_OBJECT ( eap_md5 );
#endif
#ifdef EAP_METHOD_MSCHAPV2
REQUIRE_OBJECT ( eap_mschapv2 );
#endif
Reference in New Issue View Git Blame Copy Permalink