1 files changed, 24 insertions, 21 deletions

diff --git a/contrib/wpa_supplicant/eap_md5.c b/contrib/wpa_supplicant/eap_md5.c
index bcb5558..46a5f55 100644
--- a/contrib/wpa_supplicant/eap_md5.c
+++ b/contrib/wpa_supplicant/eap_md5.c
@@ -20,6 +20,7 @@
 #include "wpa_supplicant.h"
 #include "config_ssid.h"
 #include "md5.h"
+#include "crypto.h"
 
 
 static void * eap_md5_init(struct eap_sm *sm)
@@ -35,15 +36,18 @@ static void eap_md5_deinit(struct eap_sm *sm, void *priv)
 
 static u8 * eap_md5_process(struct eap_sm *sm, void *priv,
 			    struct eap_method_ret *ret,
-			    u8 *reqData, size_t reqDataLen,
+			    const u8 *reqData, size_t reqDataLen,
 			    size_t *respDataLen)
 {
 	struct wpa_ssid *config = eap_get_config(sm);
-	struct eap_hdr *req, *resp;
-	u8 *pos, *challenge;
+	const struct eap_hdr *req;
+	struct eap_hdr *resp;
+	const u8 *pos, *challenge;
+	u8 *rpos;
 	int challenge_len;
-	MD5_CTX context;
 	size_t len;
+	const u8 *addr[3];
+	size_t elen[3];
 
 	if (config == NULL || config->password == NULL) {
 		wpa_printf(MSG_INFO, "EAP-MD5: Password not configured");
@@ -52,18 +56,15 @@ static u8 * eap_md5_process(struct eap_sm *sm, void *priv,
 		return NULL;
 	}
 
-	req = (struct eap_hdr *) reqData;
-	pos = (u8 *) (req + 1);
-	if (reqDataLen < sizeof(*req) + 2 || *pos != EAP_TYPE_MD5 ||
-	    (len = be_to_host16(req->length)) > reqDataLen) {
-		wpa_printf(MSG_INFO, "EAP-MD5: Invalid frame");
+	pos = eap_hdr_validate(EAP_TYPE_MD5, reqData, reqDataLen, &len);
+	if (pos == NULL) {
 		ret->ignore = TRUE;
 		return NULL;
 	}
-	pos++;
+	req = (const struct eap_hdr *) reqData;
 	challenge_len = *pos++;
 	if (challenge_len == 0 ||
-	    challenge_len > len - sizeof(*req) - 2) {
+	    challenge_len > len - 1) {
 		wpa_printf(MSG_INFO, "EAP-MD5: Invalid challenge "
 			   "(challenge_len=%d len=%lu",
 			   challenge_len, (unsigned long) len);
@@ -87,16 +88,18 @@ static u8 * eap_md5_process(struct eap_sm *sm, void *priv,
 	resp->code = EAP_CODE_RESPONSE;
 	resp->identifier = req->identifier;
 	resp->length = host_to_be16(*respDataLen);
-	pos = (u8 *) (resp + 1);
-	*pos++ = EAP_TYPE_MD5;
-	*pos++ = MD5_MAC_LEN; /* Value-Size */
-
-	MD5Init(&context);
-	MD5Update(&context, &resp->identifier, 1);
-	MD5Update(&context, config->password, config->password_len);
-	MD5Update(&context, challenge, challenge_len);
-	MD5Final(pos, &context);
-	wpa_hexdump(MSG_MSGDUMP, "EAP-MD5: Response", pos, MD5_MAC_LEN);
+	rpos = (u8 *) (resp + 1);
+	*rpos++ = EAP_TYPE_MD5;
+	*rpos++ = MD5_MAC_LEN; /* Value-Size */
+
+	addr[0] = &resp->identifier;
+	elen[0] = 1;
+	addr[1] = config->password;
+	elen[1] = config->password_len;
+	addr[2] = challenge;
+	elen[2] = challenge_len;
+	md5_vector(3, addr, elen, rpos);
+	wpa_hexdump(MSG_MSGDUMP, "EAP-MD5: Response", rpos, MD5_MAC_LEN);
 
 	return (u8 *) resp;
 }