Malcolm Smith's patch to support CHAP (digest-based) authentication

when talking to SOCKS 5 proxies. Configures itself transparently (if
the proxy offers CHAP it will use it, otherwise it falls back to
ordinary cleartext passwords).

[originally from svn r4517]

cproxy.c

@@ -0,0 +1,190 @@
+/*
+ * Routines to do cryptographic interaction with proxies in PuTTY.
+ * This is in a separate module from proxy.c, so that it can be
+ * conveniently removed in PuTTYtel by replacing this module with
+ * the stub version nocproxy.c.
+ */
+
+#include <assert.h>
+#include <ctype.h>
+#include <string.h>
+
+#define DEFINE_PLUG_METHOD_MACROS
+#include "putty.h"
+#include "ssh.h" /* For MD5 support */
+#include "network.h"
+#include "proxy.h"
+
+static void hmacmd5_chap(const unsigned char *challenge, int challen,
+			 const char *passwd, unsigned char *response)
+{
+    void *hmacmd5_ctx;
+    int pwlen;
+
+    hmacmd5_ctx = hmacmd5_make_context();
+
+    pwlen = strlen(passwd);
+    if (pwlen>64) {
+	unsigned char md5buf[16];
+	MD5Simple(passwd, pwlen, md5buf);
+	hmacmd5_key(hmacmd5_ctx, md5buf, 16);
+    } else {
+	hmacmd5_key(hmacmd5_ctx, passwd, pwlen);
+    }
+
+    hmacmd5_do_hmac(hmacmd5_ctx, challenge, challen, response);
+    hmacmd5_free_context(hmacmd5_ctx);
+}
+
+void proxy_socks5_offerencryptedauth(char *command, int *len)
+{
+    command[*len] = 0x03; /* CHAP */
+    (*len)++;
+}
+
+int proxy_socks5_handlechap (Proxy_Socket p)
+{
+
+    /* CHAP authentication reply format:
+     *  version number (1 bytes) = 1
+     *  number of commands (1 byte)
+     *
+     * For each command:
+     *  command identifier (1 byte)
+     *  data length (1 byte)
+     */
+    unsigned char data[260];
+    unsigned char outbuf[20];
+
+    while(p->chap_num_attributes == 0 ||
+	  p->chap_num_attributes_processed < p->chap_num_attributes) {
+	if (p->chap_num_attributes == 0 ||
+	    p->chap_current_attribute == -1) {
+	    /* CHAP normally reads in two bytes, either at the
+	     * beginning or for each attribute/value pair.  But if
+	     * we're waiting for the value's data, we might not want
+	     * to read 2 bytes.
+	     */
+ 
+	    if (bufchain_size(&p->pending_input_data) < 2)
+		return 1;	       /* not got anything yet */
+
+	    /* get the response */
+	    bufchain_fetch(&p->pending_input_data, data, 2);
+	    bufchain_consume(&p->pending_input_data, 2);
+	}
+
+	if (p->chap_num_attributes == 0) {
+	    /* If there are no attributes, this is our first msg
+	     * with the server, where we negotiate version and 
+	     * number of attributes
+	     */
+	    if (data[0] != 0x01) {
+		plug_closing(p->plug, "Proxy error: SOCKS proxy wants"
+			     " a different CHAP version",
+			     PROXY_ERROR_GENERAL, 0);
+		return 1;
+	    }
+	    if (data[1] == 0x00) {
+		plug_closing(p->plug, "Proxy error: SOCKS proxy won't"
+			     " negotiate CHAP with us",
+			     PROXY_ERROR_GENERAL, 0);
+		return 1;
+	    }
+	    p->chap_num_attributes = data[1];
+	} else {
+	    if (p->chap_current_attribute == -1) {
+		/* We have to read in each attribute/value pair -
+		 * those we don't understand can be ignored, but
+		 * there are a few we'll need to handle.
+		 */
+		p->chap_current_attribute = data[0];
+		p->chap_current_datalen = data[1];
+	    }
+	    if (bufchain_size(&p->pending_input_data) <
+		p->chap_current_datalen)
+		return 1;	       /* not got everything yet */
+
+	    /* get the response */
+	    bufchain_fetch(&p->pending_input_data, data,
+			   p->chap_current_datalen);
+
+	    bufchain_consume(&p->pending_input_data,
+			     p->chap_current_datalen);
+
+	    switch (p->chap_current_attribute) {
+	      case 0x00:
+		/* Successful authentication */
+		if (data[0] == 0x00)
+		    p->state = 2;
+		else {
+		    plug_closing(p->plug, "Proxy error: SOCKS proxy"
+				 " refused CHAP authentication",
+				 PROXY_ERROR_GENERAL, 0);
+		    return 1;
+		}
+	      break;
+	      case 0x03:
+		outbuf[0] = 0x01; /* Version */
+		outbuf[1] = 0x01; /* One attribute */
+		outbuf[2] = 0x04; /* Response */
+		outbuf[3] = 0x10; /* Length */
+		hmacmd5_chap(data, p->chap_current_datalen,
+			     p->cfg.proxy_password, &outbuf[4]);
+		sk_write(p->sub_socket, outbuf, 20);
+	      break;
+	      case 0x11:
+	        /* Chose a protocol */
+		if (data[0] != 0x85) {
+		    plug_closing(p->plug, "Proxy error: Server chose "
+				 "CHAP of other than HMAC-MD5 but we "
+				 "didn't offer it!",
+				 PROXY_ERROR_GENERAL, 0);
+		    return 1;
+		}
+	      break;
+	    }
+	    p->chap_current_attribute = -1;
+	    p->chap_num_attributes_processed++;
+	}
+	if (p->state == 8 &&
+	    p->chap_num_attributes_processed >= p->chap_num_attributes) {
+	    p->chap_num_attributes = 0;
+	    p->chap_num_attributes_processed = 0;
+	    p->chap_current_datalen = 0;
+	}
+    }
+    return 0;
+}
+
+int proxy_socks5_selectchap(Proxy_Socket p)
+{
+    if (p->cfg.proxy_username[0] || p->cfg.proxy_password[0]) {
+	char chapbuf[514];
+	int ulen;
+	chapbuf[0] = '\x01'; /* Version */
+	chapbuf[1] = '\x02'; /* Number of attributes sent */
+	chapbuf[2] = '\x11'; /* First attribute - algorithms list */
+	chapbuf[3] = '\x01'; /* Only one CHAP algorithm */
+	chapbuf[4] = '\x85'; /* ...and it's HMAC-MD5, the core one */
+	chapbuf[5] = '\x02'; /* Second attribute - username */
+
+	ulen = strlen(p->cfg.proxy_username);
+	if (ulen > 255) ulen = 255; if (ulen < 1) ulen = 1;
+
+	chapbuf[6] = ulen;
+	memcpy(chapbuf+7, p->cfg.proxy_username, ulen);
+
+	sk_write(p->sub_socket, chapbuf, ulen + 7);
+	p->chap_num_attributes = 0;
+	p->chap_num_attributes_processed = 0;
+	p->chap_current_attribute = -1;
+	p->chap_current_datalen = 0;
+
+	p->state = 8;
+    } else 
+	plug_closing(p->plug, "Proxy error: Server chose "
+		     "CHAP authentication but we didn't offer it!",
+		 PROXY_ERROR_GENERAL, 0);
+    return 1;
+}