X-Git-Url: http://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Fchap_ms.c;h=aec12262ed46375d304b12f9b397acb88be21ba4;hb=2b6310fd24dba8e0fca8999916a162f0a1842a84;hp=05c6225a720612fe01afc43c917c59dd58a37ea3;hpb=6bd2208f408588cab66a4da26ebee1159840db81;p=ppp.git diff --git a/pppd/chap_ms.c b/pppd/chap_ms.c index 05c6225..aec1226 100644 --- a/pppd/chap_ms.c +++ b/pppd/chap_ms.c @@ -74,7 +74,7 @@ * */ -#define RCSID "$Id: chap_ms.c,v 1.34 2004/11/15 22:13:26 paulus Exp $" +#define RCSID "$Id: chap_ms.c,v 1.38 2007/12/01 20:10:51 carlsonj Exp $" #ifdef CHAPMS @@ -98,7 +98,7 @@ static const char rcsid[] = RCSID; static void ascii2unicode __P((char[], int, u_char[])); -static void NTPasswordHash __P((char *, int, u_char[MD4_SIGNATURE_SIZE])); +static void NTPasswordHash __P((u_char *, int, u_char[MD4_SIGNATURE_SIZE])); static void ChallengeResponse __P((u_char *, u_char *, u_char[24])); static void ChapMS_NT __P((u_char *, char *, int, u_char[24])); static void ChapMS2_NT __P((u_char *, u_char[16], char *, char *, int, @@ -390,7 +390,7 @@ chapms_handle_failure(unsigned char *inp, int len) * chapms[2]_verify_response. */ if (!strncmp(p, "E=", 2)) - err = strtol(p, NULL, 10); /* Remember the error code. */ + err = strtol(p+2, NULL, 10); /* Remember the error code. */ else goto print_msg; /* Message is badly formatted. */ @@ -507,7 +507,7 @@ ascii2unicode(char ascii[], int ascii_len, u_char unicode[]) } static void -NTPasswordHash(char *secret, int secret_len, u_char hash[MD4_SIGNATURE_SIZE]) +NTPasswordHash(u_char *secret, int secret_len, u_char hash[MD4_SIGNATURE_SIZE]) { #ifdef __NetBSD__ /* NetBSD uses the libc md4 routines which take bytes instead of bits */ @@ -518,7 +518,13 @@ NTPasswordHash(char *secret, int secret_len, u_char hash[MD4_SIGNATURE_SIZE]) MD4_CTX md4Context; MD4Init(&md4Context); - MD4Update(&md4Context, (unsigned char *)secret, mdlen); + /* MD4Update can take at most 64 bytes at a time */ + while (mdlen > 512) { + MD4Update(&md4Context, secret, 512); + secret += 64; + mdlen -= 512; + } + MD4Update(&md4Context, secret, mdlen); MD4Final(hash, &md4Context); } @@ -532,7 +538,7 @@ ChapMS_NT(u_char *rchallenge, char *secret, int secret_len, /* Hash the Unicode version of the secret (== password). */ ascii2unicode(secret, secret_len, unicodePassword); - NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash); + NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); ChallengeResponse(rchallenge, PasswordHash, NTResponse); } @@ -549,7 +555,7 @@ ChapMS2_NT(u_char *rchallenge, u_char PeerChallenge[16], char *username, /* Hash the Unicode version of the secret (== password). */ ascii2unicode(secret, secret_len, unicodePassword); - NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash); + NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); ChallengeResponse(Challenge, PasswordHash, NTResponse); } @@ -637,8 +643,8 @@ GenerateAuthenticatorResponsePlain /* Hash (x2) the Unicode version of the secret (== password). */ ascii2unicode(secret, secret_len, unicodePassword); - NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash); - NTPasswordHash((char *)PasswordHash, sizeof(PasswordHash), + NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); + NTPasswordHash(PasswordHash, sizeof(PasswordHash), PasswordHashHash); GenerateAuthenticatorResponse(PasswordHashHash, NTResponse, PeerChallenge, @@ -813,7 +819,8 @@ ChapMS(u_char *rchallenge, char *secret, int secret_len, ChapMS_NT(rchallenge, secret, secret_len, &response[MS_CHAP_NTRESP]); #ifdef MSLANMAN - ChapMS_LANMan(rchallenge, secret, secret_len, &response); + ChapMS_LANMan(rchallenge, secret, secret_len, + &response[MS_CHAP_LANMANRESP]); /* preferred method is set by option */ response[MS_CHAP_USENT] = !ms_lanman; @@ -846,7 +853,7 @@ ChapMS2(u_char *rchallenge, u_char *PeerChallenge, u_char *p = &response[MS_CHAP2_PEER_CHALLENGE]; int i; - BZERO(response, sizeof(*response)); + BZERO(response, MS_CHAP2_RESPONSE_LEN); /* Generate the Peer-Challenge if requested, or copy it if supplied. */ if (!PeerChallenge)