- u_char *remmd, remmd_len;
- int secret_len, old_state;
- int code;
- char rhostname[256];
- MD5_CTX mdContext;
- char secret[MAXSECRETLEN];
- u_char hash[MD5_SIGNATURE_SIZE];
-
- CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: Rcvd id %d.", id));
-
- if (cstate->serverstate == CHAPSS_CLOSED ||
- cstate->serverstate == CHAPSS_PENDING) {
- CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: in state %d",
- cstate->serverstate));
- return;
- }
-
- if (id != cstate->chal_id)
- return; /* doesn't match ID of last challenge */
-
- /*
- * If we have received a duplicate or bogus Response,
- * we have to send the same answer (Success/Failure)
- * as we did for the first Response we saw.
- */
- if (cstate->serverstate == CHAPSS_OPEN) {
- ChapSendStatus(cstate, CHAP_SUCCESS);
- return;
- }
- if (cstate->serverstate == CHAPSS_BADAUTH) {
- ChapSendStatus(cstate, CHAP_FAILURE);
- return;
- }
-
- if (len < 2) {
- CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: rcvd short packet."));
- return;
- }
- GETCHAR(remmd_len, inp); /* get length of MD */
- remmd = inp; /* get pointer to MD */
- INCPTR(remmd_len, inp);
-
- len -= sizeof (u_char) + remmd_len;
- if (len < 0) {
- CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: rcvd short packet."));
- return;
- }
-
- UNTIMEOUT(ChapChallengeTimeout, cstate);
-
- if (len >= sizeof(rhostname))
- len = sizeof(rhostname) - 1;
- BCOPY(inp, rhostname, len);
- rhostname[len] = '\000';
-
- CHAPDEBUG((LOG_INFO, "ChapReceiveResponse: received name field: %s",
- rhostname));
-
- /*
- * Get secret for authenticating them with us,
- * do the hash ourselves, and compare the result.
- */
- code = CHAP_FAILURE;
- if (!get_secret(cstate->unit, rhostname, cstate->chal_name,
- secret, &secret_len, 1)) {
- syslog(LOG_WARNING, "No CHAP secret found for authenticating %s",
- rhostname);
- } else {
-
- /* generate MD based on negotiated type */
- switch (cstate->chal_type) {
-
- case CHAP_DIGEST_MD5: /* only MD5 is defined for now */
- if (remmd_len != MD5_SIGNATURE_SIZE)
- break; /* it's not even the right length */
- MD5Init(&mdContext);
- MD5Update(&mdContext, &cstate->chal_id, 1);
- MD5Update(&mdContext, secret, secret_len);
- MD5Update(&mdContext, cstate->challenge, cstate->chal_len);
- MD5Final(hash, &mdContext);
-
- /* compare local and remote MDs and send the appropriate status */
- if (memcmp (hash, remmd, MD5_SIGNATURE_SIZE) == 0)
- code = CHAP_SUCCESS; /* they are the same! */
- break;
-
- default:
- CHAPDEBUG((LOG_INFO, "unknown digest type %d", cstate->chal_type));
- }
- }
-
- BZERO(secret, sizeof(secret));
- ChapSendStatus(cstate, code);
-
- if (code == CHAP_SUCCESS) {
- old_state = cstate->serverstate;
- cstate->serverstate = CHAPSS_OPEN;
- if (old_state == CHAPSS_INITIAL_CHAL) {
- auth_peer_success(cstate->unit, PPP_CHAP, rhostname, len);
- }
- if (cstate->chal_interval != 0)
- TIMEOUT(ChapRechallenge, cstate, cstate->chal_interval);
-
- } else {
- syslog(LOG_ERR, "CHAP peer authentication failed");
- cstate->serverstate = CHAPSS_BADAUTH;
- auth_peer_fail(cstate->unit, PPP_CHAP);
- }