summaryrefslogtreecommitdiffstats
path: root/usr.sbin
diff options
context:
space:
mode:
authorbrian <brian@FreeBSD.org>2002-06-12 21:36:07 +0000
committerbrian <brian@FreeBSD.org>2002-06-12 21:36:07 +0000
commit81be549dd2d87fb0009c155abb786442751f5f6d (patch)
tree31fbee9512a0d2ddbfa75db5a73018e7d824a607 /usr.sbin
parent0d05c0dd9cf4ae0953ba607bcf41e2abafebb77d (diff)
downloadFreeBSD-src-81be549dd2d87fb0009c155abb786442751f5f6d.zip
FreeBSD-src-81be549dd2d87fb0009c155abb786442751f5f6d.tar.gz
Don't forget to process the Ident field on the front of
RAD_MICROSOFT_MS_CHAP_ERROR and RAD_MICROSOFT_MS_CHAP2_SUCCESS messages, and remove the hack in chap.c to ignore that ident field on the client side. This anomoly was hacked around during development, and I forgot to go back and fix it properly. Spotted by: Sergey Korolew <ds@rt.balakovo.ru>
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/ppp/chap.c3
-rw-r--r--usr.sbin/ppp/radius.c39
2 files changed, 26 insertions, 16 deletions
diff --git a/usr.sbin/ppp/chap.c b/usr.sbin/ppp/chap.c
index 02ad021..8bce946 100644
--- a/usr.sbin/ppp/chap.c
+++ b/usr.sbin/ppp/chap.c
@@ -926,8 +926,7 @@ chap_Input(struct bundle *bundle, struct link *l, struct mbuf *bp)
if (p->link.lcp.auth_ineed == 0) {
#ifndef NODES
if (p->link.lcp.his_authtype == 0x81) {
- if (strncmp(ans, chap->authresponse, 42) &&
- (*ans != 1 || strncmp(ans + 1, chap->authresponse, 41))) {
+ if (strncmp(ans, chap->authresponse, 42)) {
datalink_AuthNotOk(p->dl);
log_Printf(LogWARN, "CHAP81: AuthenticatorResponse: (%.42s)"
" != ans: (%.42s)\n", chap->authresponse, ans);
diff --git a/usr.sbin/ppp/radius.c b/usr.sbin/ppp/radius.c
index 1f43db2..cd72c4b 100644
--- a/usr.sbin/ppp/radius.c
+++ b/usr.sbin/ppp/radius.c
@@ -417,26 +417,37 @@ radius_Process(struct radius *r, int got)
#ifndef NODES
case RAD_MICROSOFT_MS_CHAP_ERROR:
free(r->errstr);
- if ((r->errstr = rad_cvt_string(data, len)) == NULL) {
- log_Printf(LogERROR, "rad_cvt_string: %s\n",
- rad_strerror(r->cx.rad));
- auth_Failure(r->cx.auth);
- rad_close(r->cx.rad);
- return;
+ if (len == 0)
+ r->errstr = NULL;
+ else {
+ if ((r->errstr = rad_cvt_string((const char *)data + 1,
+ len - 1)) == NULL) {
+ log_Printf(LogERROR, "rad_cvt_string: %s\n",
+ rad_strerror(r->cx.rad));
+ auth_Failure(r->cx.auth);
+ rad_close(r->cx.rad);
+ return;
+ }
+ log_Printf(LogPHASE, " MS-CHAP-Error \"%s\"\n", r->errstr);
}
- log_Printf(LogPHASE, " MS-CHAP-Error \"%s\"\n", r->errstr);
break;
case RAD_MICROSOFT_MS_CHAP2_SUCCESS:
free(r->msrepstr);
- if ((r->msrepstr = rad_cvt_string(data, len)) == NULL) {
- log_Printf(LogERROR, "rad_cvt_string: %s\n",
- rad_strerror(r->cx.rad));
- auth_Failure(r->cx.auth);
- rad_close(r->cx.rad);
- return;
+ if (len == 0)
+ r->msrepstr = NULL;
+ else {
+ if ((r->msrepstr = rad_cvt_string((const char *)data + 1,
+ len - 1)) == NULL) {
+ log_Printf(LogERROR, "rad_cvt_string: %s\n",
+ rad_strerror(r->cx.rad));
+ auth_Failure(r->cx.auth);
+ rad_close(r->cx.rad);
+ return;
+ }
+ log_Printf(LogPHASE, " MS-CHAP2-Success \"%s\"\n",
+ r->msrepstr);
}
- log_Printf(LogPHASE, " MS-CHAP2-Success \"%s\"\n", r->msrepstr);
break;
case RAD_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY:
OpenPOWER on IntegriCloud