From fa9cc0ebfb3821fac3240755fae227fa654a37f7 Mon Sep 17 00:00:00 2001
From: brian <brian@FreeBSD.org>
Date: Thu, 1 Apr 1999 11:05:23 +0000
Subject: Drop PAP & CHAP packets if we're not in NETWORK or AUTHENTICATE
 phase.

---
 usr.sbin/ppp/chap.c | 9 ++++++++-
 usr.sbin/ppp/pap.c  | 9 ++++++++-
 2 files changed, 16 insertions(+), 2 deletions(-)

(limited to 'usr.sbin')

diff --git a/usr.sbin/ppp/chap.c b/usr.sbin/ppp/chap.c
index fe76ebc..dde8081 100644
--- a/usr.sbin/ppp/chap.c
+++ b/usr.sbin/ppp/chap.c
@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: chap.c,v 1.46 1999/02/18 19:45:06 brian Exp $
+ * $Id: chap.c,v 1.47 1999/02/20 01:12:45 brian Exp $
  *
  *	TODO:
  */
@@ -543,6 +543,13 @@ chap_Input(struct physical *p, struct mbuf *bp)
   int lanman;
 #endif
 
+  if (bundle_Phase(p->dl->bundle) != PHASE_NETWORK &&
+      bundle_Phase(p->dl->bundle) != PHASE_AUTHENTICATE) {
+    log_Printf(LogPHASE, "Unexpected chap input - dropped !\n");
+    mbuf_Free(bp);
+    return;
+  }
+
   if ((bp = auth_ReadHeader(&chap->auth, bp)) == NULL &&
       ntohs(chap->auth.in.hdr.length) == 0)
     log_Printf(LogWARN, "Chap Input: Truncated header !\n");
diff --git a/usr.sbin/ppp/pap.c b/usr.sbin/ppp/pap.c
index 1459e51..5b3e17a 100644
--- a/usr.sbin/ppp/pap.c
+++ b/usr.sbin/ppp/pap.c
@@ -18,7 +18,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: pap.c,v 1.32 1999/02/20 01:12:45 brian Exp $
+ * $Id: pap.c,v 1.33 1999/03/31 14:21:45 brian Exp $
  *
  *	TODO:
  */
@@ -156,6 +156,13 @@ pap_Input(struct physical *p, struct mbuf *bp)
   struct authinfo *authp = &p->dl->pap;
   u_char nlen, klen, *key;
 
+  if (bundle_Phase(p->dl->bundle) != PHASE_NETWORK &&
+      bundle_Phase(p->dl->bundle) != PHASE_AUTHENTICATE) {
+    log_Printf(LogPHASE, "Unexpected pap input - dropped !\n");
+    mbuf_Free(bp);
+    return;
+  }
+
   if ((bp = auth_ReadHeader(authp, bp)) == NULL &&
       ntohs(authp->in.hdr.length) == 0) {
     log_Printf(LogWARN, "Pap Input: Truncated header !\n");
-- 
cgit v1.1