X-Git-Url: http://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Feap.c;h=082e95343120954abe1de82991387373344e1ba7;hb=8d45443bb5c9372b4c6a362ba2f443d41c5636af;hp=8c228380c860252c66ab052e6f45e424d910e5e5;hpb=953892bd954dca42f61d8b605e30f8f0d78ca445;p=ppp.git diff --git a/pppd/eap.c b/pppd/eap.c index 8c22838..082e953 100644 --- a/pppd/eap.c +++ b/pppd/eap.c @@ -43,7 +43,7 @@ * Based on draft-ietf-pppext-eap-srp-03.txt. */ -#define RCSID "$Id: eap.c,v 1.2 2002/11/14 21:50:12 fcusack Exp $" +#define RCSID "$Id: eap.c,v 1.4 2004/11/09 22:39:25 paulus Exp $" /* * TODO: @@ -63,8 +63,6 @@ #include "pppd.h" #include "pathnames.h" #include "md5.h" -/* For MD5_SIGNATURE_SIZE and MIN/MAX_CHALLENGE_LENGTH; should fix. */ -#include "chap.h" #include "eap.h" #ifdef USE_SRP @@ -78,7 +76,6 @@ #define SHA_DIGESTSIZE 20 #endif -static const char rcsid[] = RCSID; eap_state eap_states[NUM_PPP]; /* EAP state; one for each unit */ #ifdef USE_SRP @@ -1331,6 +1328,12 @@ int len; int fd; #endif /* USE_SRP */ + /* + * Ignore requests if we're not open + */ + if (esp->es_client.ea_state <= eapClosed) + return; + /* * Note: we update es_client.ea_id *only if* a Response * message is being generated. Otherwise, we leave it the @@ -1423,7 +1426,7 @@ int len; } /* Not so likely to happen. */ - if (vallen >= len + sizeof (rhostname)) { + if (len - vallen >= sizeof (rhostname)) { dbglog("EAP: trimming really long peer name down"); BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1); rhostname[sizeof (rhostname) - 1] = '\0'; @@ -1447,13 +1450,13 @@ int len; eap_send_nak(esp, id, EAPT_SRP); break; } - MD5Init(&mdContext); + MD5_Init(&mdContext); typenum = id; - MD5Update(&mdContext, &typenum, 1); - MD5Update(&mdContext, secret, secret_len); + MD5_Update(&mdContext, &typenum, 1); + MD5_Update(&mdContext, (u_char *)secret, secret_len); BZERO(secret, sizeof (secret)); - MD5Update(&mdContext, inp, vallen); - MD5Final(hash, &mdContext); + MD5_Update(&mdContext, inp, vallen); + MD5_Final(hash, &mdContext); eap_chap_response(esp, id, hash, esp->es_client.ea_name, esp->es_client.ea_namelen); break; @@ -1739,6 +1742,12 @@ int len; u_char dig[SHA_DIGESTSIZE]; #endif /* USE_SRP */ + /* + * Ignore responses if we're not open + */ + if (esp->es_server.ea_state <= eapClosed) + return; + if (esp->es_server.ea_id != id) { dbglog("EAP: discarding Response %d; expected ID %d", id, esp->es_server.ea_id); @@ -1849,7 +1858,7 @@ int len; } /* Not so likely to happen. */ - if (vallen >= len + sizeof (rhostname)) { + if (len - vallen >= sizeof (rhostname)) { dbglog("EAP: trimming really long peer name down"); BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1); rhostname[sizeof (rhostname) - 1] = '\0'; @@ -1873,12 +1882,12 @@ int len; eap_send_failure(esp); break; } - MD5Init(&mdContext); - MD5Update(&mdContext, &esp->es_server.ea_id, 1); - MD5Update(&mdContext, secret, secret_len); + MD5_Init(&mdContext); + MD5_Update(&mdContext, &esp->es_server.ea_id, 1); + MD5_Update(&mdContext, (u_char *)secret, secret_len); BZERO(secret, sizeof (secret)); - MD5Update(&mdContext, esp->es_challenge, esp->es_challen); - MD5Final(hash, &mdContext); + MD5_Update(&mdContext, esp->es_challenge, esp->es_challen); + MD5_Final(hash, &mdContext); if (BCMP(hash, inp, MD5_SIGNATURE_SIZE) != 0) { eap_send_failure(esp); break; @@ -2050,6 +2059,12 @@ u_char *inp; int id; int len; { + /* + * Ignore failure messages if we're not open + */ + if (esp->es_client.ea_state <= eapClosed) + return; + if (!eap_client_active(esp)) { dbglog("EAP unexpected failure message in state %s (%d)", eap_state_name(esp->es_client.ea_state),