+ ChapMS(challenge, secret, secret_len, response);
+}
+
+struct chapms2_response_cache_entry {
+ int id;
+ unsigned char challenge[16];
+ unsigned char response[MS_CHAP2_RESPONSE_LEN];
+ unsigned char auth_response[MS_AUTH_RESPONSE_LENGTH];
+};
+
+#define CHAPMS2_MAX_RESPONSE_CACHE_SIZE 10
+static struct chapms2_response_cache_entry
+ chapms2_response_cache[CHAPMS2_MAX_RESPONSE_CACHE_SIZE];
+static int chapms2_response_cache_next_index = 0;
+static int chapms2_response_cache_size = 0;
+
+static void
+chapms2_add_to_response_cache(int id, unsigned char *challenge,
+ unsigned char *response,
+ unsigned char *auth_response)
+{
+ int i = chapms2_response_cache_next_index;
+
+ chapms2_response_cache[i].id = id;
+ memcpy(chapms2_response_cache[i].challenge, challenge, 16);
+ memcpy(chapms2_response_cache[i].response, response,
+ MS_CHAP2_RESPONSE_LEN);
+ memcpy(chapms2_response_cache[i].auth_response,
+ auth_response, MS_AUTH_RESPONSE_LENGTH);
+ chapms2_response_cache_next_index =
+ (i + 1) % CHAPMS2_MAX_RESPONSE_CACHE_SIZE;
+ if (chapms2_response_cache_next_index > chapms2_response_cache_size)
+ chapms2_response_cache_size = chapms2_response_cache_next_index;
+ dbglog("added response cache entry %d", i);
+}
+
+static struct chapms2_response_cache_entry*
+chapms2_find_in_response_cache(int id, unsigned char *challenge,
+ unsigned char *auth_response)
+{
+ int i;
+
+ for (i = 0; i < chapms2_response_cache_size; i++) {
+ if (id == chapms2_response_cache[i].id
+ && (!challenge
+ || memcmp(challenge,
+ chapms2_response_cache[i].challenge,
+ 16) == 0)
+ && (!auth_response
+ || memcmp(auth_response,
+ chapms2_response_cache[i].auth_response,
+ MS_AUTH_RESPONSE_LENGTH) == 0)) {
+ dbglog("response found in cache (entry %d)", i);
+ return &chapms2_response_cache[i];
+ }
+ }
+ return NULL; /* not found */