diff options
author | brian <brian@FreeBSD.org> | 1997-11-09 03:55:27 +0000 |
---|---|---|
committer | brian <brian@FreeBSD.org> | 1997-11-09 03:55:27 +0000 |
commit | 555986da720ae38415117723b464c86c714d8193 (patch) | |
tree | 75dd14cab4dead70e643cee5400dacea4ba0be0a /usr.sbin/ppp/chap.c | |
parent | df791f575cb36595b361881b6e48fb7d29e50cc3 (diff) | |
download | FreeBSD-src-555986da720ae38415117723b464c86c714d8193.zip FreeBSD-src-555986da720ae38415117723b464c86c714d8193.tar.gz |
When responding to a CHAP challenge, don't try to use
ppp.secret to get a key value based on the peers name,
then send the value of AuthName with the encrypted result.
This is *way* too confusing.
Instead, always use AuthName and AuthKey as the documentation
says.
Diffstat (limited to 'usr.sbin/ppp/chap.c')
-rw-r--r-- | usr.sbin/ppp/chap.c | 20 |
1 files changed, 7 insertions, 13 deletions
diff --git a/usr.sbin/ppp/chap.c b/usr.sbin/ppp/chap.c index 19ea6cd..972e071 100644 --- a/usr.sbin/ppp/chap.c +++ b/usr.sbin/ppp/chap.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: chap.c,v 1.23 1997/09/25 00:52:32 brian Exp $ + * $Id: chap.c,v 1.24 1997/10/26 01:02:16 brian Exp $ * * TODO: */ @@ -131,19 +131,10 @@ RecvChapTalk(struct fsmheader *chp, struct mbuf *bp) name[namelen] = 0; LogPrintf(LogPHASE, " Valsize = %d, Name = %s\n", valsize, name); - /* - * Get a secret key corresponds to the peer - */ - keyp = AuthGetSecret(SECRETFILE, name, namelen, chp->code == CHAP_RESPONSE); - switch (chp->code) { case CHAP_CHALLENGE: - if (keyp) { - keylen = strlen(keyp); - } else { - keylen = strlen(VarAuthKey); - keyp = VarAuthKey; - } + keyp = VarAuthKey; + keylen = strlen(VarAuthKey); name = VarAuthName; namelen = strlen(VarAuthName); @@ -208,8 +199,11 @@ RecvChapTalk(struct fsmheader *chp, struct mbuf *bp) free(argp); break; case CHAP_RESPONSE: + /* + * Get a secret key corresponds to the peer + */ + keyp = AuthGetSecret(SECRETFILE, name, namelen, chp->code == CHAP_RESPONSE); if (keyp) { - /* * Compute correct digest value */ |