- int rchallenge_len;
- u_char *rchallenge;
- int secret_len;
- char secret[MAXSECRETLEN];
- char rhostname[256];
- MD5_CTX mdContext;
- u_char hash[MD5_SIGNATURE_SIZE];
-
- if (cstate->clientstate == CHAPCS_CLOSED ||
- cstate->clientstate == CHAPCS_PENDING) {
- CHAPDEBUG(("ChapReceiveChallenge: in state %d", cstate->clientstate));
- return;
- }
-
- if (len < 2) {
- CHAPDEBUG(("ChapReceiveChallenge: rcvd short packet."));
- return;
- }
-
- GETCHAR(rchallenge_len, inp);
- len -= sizeof (u_char) + rchallenge_len; /* now name field length */
- if (len < 0) {
- CHAPDEBUG(("ChapReceiveChallenge: rcvd short packet."));
- return;
- }
- rchallenge = inp;
- INCPTR(rchallenge_len, inp);
-
- /* Null terminate and clean remote name. */
- slprintf(rhostname, sizeof(rhostname), "%.*v", len, inp);
-
- /* Microsoft doesn't send their name back in the PPP packet */
- if (explicit_remote || (remote_name[0] != 0 && rhostname[0] == 0)) {
- strlcpy(rhostname, remote_name, sizeof(rhostname));
- CHAPDEBUG(("ChapReceiveChallenge: using '%q' as remote name",
- rhostname));
- }
-
- /* get secret for authenticating ourselves with the specified host */
- if (!get_secret(cstate->unit, cstate->resp_name, rhostname,
- secret, &secret_len, 0)) {
- secret_len = 0; /* assume null secret if can't find one */
- warn("No CHAP secret found for authenticating us to %q", rhostname);
- }
-
- /* cancel response send timeout if necessary */
- if (cstate->clientstate == CHAPCS_RESPONSE)
- UNTIMEOUT(ChapResponseTimeout, cstate);
-
- cstate->resp_id = id;
- cstate->resp_transmits = 0;
-
- /* generate MD based on negotiated type */
- switch (cstate->resp_type) {
-
- case CHAP_DIGEST_MD5:
- MD5Init(&mdContext);
- MD5Update(&mdContext, &cstate->resp_id, 1);
- MD5Update(&mdContext, secret, secret_len);
- MD5Update(&mdContext, rchallenge, rchallenge_len);
- MD5Final(hash, &mdContext);
- BCOPY(hash, cstate->response, MD5_SIGNATURE_SIZE);
- cstate->resp_length = MD5_SIGNATURE_SIZE;
- break;
-
-#ifdef CHAPMS
- case CHAP_MICROSOFT:
- ChapMS(cstate, rchallenge, secret, secret_len,
- (MS_ChapResponse *) cstate->response);
- break;
-
- case CHAP_MICROSOFT_V2:
- ChapMS2(cstate, rchallenge,
- mschap2_peer_challenge? mschap2_peer_challenge: NULL,
- cstate->resp_name, secret, secret_len,
- (MS_Chap2Response *) cstate->response, cstate->earesponse,
- MS_CHAP2_AUTHENTICATEE);
- break;
-#endif /* CHAPMS */
-
- default:
- CHAPDEBUG(("unknown digest type %d", cstate->resp_type));
- return;
- }
-
- BZERO(secret, sizeof(secret));
- ChapSendResponse(cstate);