X-Git-Url: http://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Feap.c;h=70154664432e8e90904d901bf311aa6511036a57;hb=04f851936555d7157e2d518fa233778eb96d3f23;hp=8e0a4497f756b678c05fb12d574161554be01e80;hpb=774440c7f0a2b633bae02980927e36ad371604dc;p=ppp.git diff --git a/pppd/eap.c b/pppd/eap.c index 8e0a449..7015466 100644 --- a/pppd/eap.c +++ b/pppd/eap.c @@ -63,9 +63,11 @@ #include #include -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" #include "pathnames.h" -#include "ppp-crypto.h" +#include "crypto.h" +#include "crypto_ms.h" #include "eap.h" #ifdef PPP_WITH_PEAP #include "peap.h" @@ -80,17 +82,13 @@ #include #endif /* PPP_WITH_SRP */ -#ifndef SHA_DIGESTSIZE -#define SHA_DIGESTSIZE 20 -#endif - #ifdef PPP_WITH_EAPTLS #include "eap-tls.h" #endif /* PPP_WITH_EAPTLS */ #ifdef PPP_WITH_CHAPMS +#include "chap.h" #include "chap_ms.h" -#include "chap-new.h" extern int chapms_strip_domain; #endif /* PPP_WITH_CHAPMS */ @@ -103,7 +101,7 @@ static char *pn_secret = NULL; /* Pseudonym generating secret */ /* * Command-line options. */ -static option_t eap_option_list[] = { +static struct option eap_option_list[] = { { "eap-restart", o_int, &eap_states[0].es_server.ea_timeout, "Set retransmit timeout for EAP Requests (server)" }, { "eap-max-sreq", o_int, &eap_states[0].es_server.ea_maxrequests, @@ -332,34 +330,33 @@ eap_send_success(eap_state *esp) * date. */ static bool -pncrypt_setkey(int timeoffs) +pncrypt_getkey(int timeoffs, unsigned char *key, int keylen) { struct tm *tp; char tbuf[9]; - PPP_MD_CTX *ctxt; - u_char dig[SHA_DIGESTSIZE]; - int diglen = sizeof(dig); + PPP_MD_CTX *ctxt; time_t reftime; if (pn_secret == NULL) return (0); reftime = time(NULL) + timeoffs; tp = localtime(&reftime); - ctxt = PPP_MD_CTX_new(); - if (ctxt) { + + ctxt = PPP_MD_CTX_new(); + if (ctxt) { strftime(tbuf, sizeof (tbuf), "%Y%m%d", tp); - PPP_DigestInit(ctxt, PPP_sha1()); - PPP_DigestUpdate(ctxt, pn_secret, strlen(pn_secret)); - PPP_DigestUpdate(ctxt, tbuf, strlen(tbuf)); - PPP_DigestFinal(ctxt, dig, &diglen); + PPP_DigestInit(ctxt, PPP_sha1()); + PPP_DigestUpdate(ctxt, pn_secret, strlen(pn_secret)); + PPP_DigestUpdate(ctxt, tbuf, strlen(tbuf)); + PPP_DigestFinal(ctxt, key, &keylen); - PPP_MD_CTX_free(ctxt); - return (DesSetkey(dig)); - } + PPP_MD_CTX_free(ctxt); + return 1; + } - return (0); + return (0); } static char base64[] = @@ -444,12 +441,12 @@ static void eap_figure_next_state(eap_state *esp, int status) { #ifdef PPP_WITH_SRP - unsigned char secbuf[MAXWORDLEN], clear[8], *sp, *dp; + unsigned char secbuf[MAXWORDLEN], clear[8], *sp, *dp, key[SHA_DIGEST_LENGTH]; struct t_pw tpw; struct t_confent *tce, mytce; char *cp, *cp2; struct t_server *ts; - int id, i, plen, toffs; + int id, i, plen, clen, toffs, keylen; u_char vals[2]; struct b64state bs; #endif /* PPP_WITH_SRP */ @@ -495,11 +492,12 @@ eap_figure_next_state(eap_state *esp, int status) secbuf); toffs = 0; for (i = 0; i < 5; i++) { - pncrypt_setkey(toffs); + pncrypt_getkey(toffs, key, keylen); toffs -= 86400; - if (!DesDecrypt(secbuf, clear)) { + + if (!DesDecrypt(secbuf, key, clear)) { dbglog("no DES here; cannot decode " - "pseudonym"); + "pseudonym"); return; } id = *(unsigned char *)clear; @@ -521,7 +519,7 @@ eap_figure_next_state(eap_state *esp, int status) dp += i; sp = secbuf + 8; while (plen > 0) { - (void) DesDecrypt(sp, dp); + DesDecrypt(sp, key, dp); sp += 8; dp += 8; plen -= 8; @@ -821,8 +819,8 @@ eap_send_request(eap_state *esp) char *str; #ifdef PPP_WITH_SRP struct t_server *ts; - u_char clear[8], cipher[8], dig[SHA_DIGESTSIZE], *optr, *cp; - int i, j, diglen; + u_char clear[8], cipher[8], dig[SHA_DIGEST_LENGTH], *optr, *cp, key[SHA_DIGEST_LENGTH]; + int i, j, diglen, clen, keylen = sizeof(key); struct b64state b64; PPP_MD_CTX *ctxt; #endif /* PPP_WITH_SRP */ @@ -984,10 +982,10 @@ eap_send_request(eap_state *esp) PUTLONG(SRPVAL_EBIT, outp); ts = (struct t_server *)esp->es_server.ea_session; assert(ts != NULL); - BCOPY(t_serverresponse(ts), outp, SHA_DIGESTSIZE); - INCPTR(SHA_DIGESTSIZE, outp); + BCOPY(t_serverresponse(ts), outp, SHA_DIGEST_LENGTH); + INCPTR(SHA_DIGEST_LENGTH, outp); - if (pncrypt_setkey(0)) { + if (pncrypt_getkey(0, key, keylen)) { /* Generate pseudonym */ optr = outp; cp = (unsigned char *)esp->es_server.ea_peer; @@ -997,15 +995,17 @@ eap_send_request(eap_state *esp) BCOPY(cp, clear + 1, j); i -= j; cp += j; - if (!DesEncrypt(clear, cipher)) { + + if (!DesEncrypt(clear, key, cipher)) { dbglog("no DES here; not generating pseudonym"); break; - } + } + BZERO(&b64, sizeof (b64)); outp++; /* space for pseudonym length */ outp += b64enc(&b64, cipher, 8, outp); while (i >= 8) { - (void) DesEncrypt(cp, cipher); + DesEncrypt(cp, key, cipher); outp += b64enc(&b64, cipher, 8, outp); cp += 8; i -= 8; @@ -1017,7 +1017,8 @@ eap_send_request(eap_state *esp) *cp++ = drand48() * 0x100; i++; } - (void) DesEncrypt(clear, cipher); + + DesEncrypt(clear, key, cipher); outp += b64enc(&b64, cipher, 8, outp); } outp += b64flush(&b64, outp); @@ -1025,42 +1026,41 @@ eap_send_request(eap_state *esp) /* Set length and pad out to next 20 octet boundary */ i = outp - optr - 1; *optr = i; - i %= SHA_DIGESTSIZE; + i %= SHA_DIGEST_LENGTH; if (i != 0) { - while (i < SHA_DIGESTSIZE) { + while (i < SHA_DIGEST_LENGTH) { *outp++ = drand48() * 0x100; i++; } } /* Obscure the pseudonym with SHA1 hash */ - ctxt = PPP_MD_CTX_new(); - if (ctxt) { - - PPP_DigestInit(ctxt, PPP_sha1()); - PPP_DigestUpdate(ctxt, &esp->es_server.ea_id, 1); - PPP_DigestUpdate(ctxt, &esp->es_server.ea_skey, - SESSION_KEY_LEN); - PPP_DigestUpdate(ctxt, esp->es_server.ea_peer, - esp->es_server.ea_peerlen); - - while (optr < outp) { - diglen = SHA_DIGEST_LENGTH; - PPP_DigestFinal(ctxt, dig, &diglen); - cp = dig; - while (cp < dig + SHA_DIGEST_LENGTH) - *optr++ ^= *cp++; - - PPP_DigestInit(ctxt, PPP_sha1()); - PPP_DigestUpdate(ctxt, &esp->es_server.ea_id, 1); - PPP_DigestUpdate(ctxt, esp->es_server.ea_skey, - SESSION_KEY_LEN); - PPP_DigestUpdate(ctxt, optr - SHA_DIGEST_LENGTH, - SHA_DIGEST_LENGTH); - } - - PPP_MD_CTX_free(ctxt); - } + ctxt = PPP_MD_CTX_new(); + if (ctxt) { + + PPP_DigestInit(ctxt, PPP_sha1()); + PPP_DigestUpdate(ctxt, &esp->es_server.ea_id, 1); + PPP_DigestUpdate(ctxt, &esp->es_server.ea_skey, + SESSION_KEY_LEN); + PPP_DigestUpdate(ctxt, esp->es_server.ea_peer, + esp->es_server.ea_peerlen); + while (optr < outp) { + diglen = SHA_DIGEST_LENGTH; + PPP_DigestFinal(ctxt, dig, &diglen); + cp = dig; + while (cp < dig + SHA_DIGEST_LENGTH) + *optr++ ^= *cp++; + + PPP_DigestInit(ctxt, PPP_sha1()); + PPP_DigestUpdate(ctxt, &esp->es_server.ea_id, 1); + PPP_DigestUpdate(ctxt, esp->es_server.ea_skey, + SESSION_KEY_LEN); + PPP_DigestUpdate(ctxt, optr - SHA_DIGEST_LENGTH, + SHA_DIGEST_LENGTH); + } + + PPP_MD_CTX_free(ctxt); + } } break; @@ -1346,13 +1346,13 @@ eap_chap_response(eap_state *esp, u_char id, u_char *hash, PUTCHAR(EAP_RESPONSE, outp); PUTCHAR(id, outp); esp->es_client.ea_id = id; - msglen = EAP_HEADERLEN + 2 * sizeof (u_char) + MD5_SIGNATURE_SIZE + + msglen = EAP_HEADERLEN + 2 * sizeof (u_char) + MD5_DIGEST_LENGTH + namelen; PUTSHORT(msglen, outp); PUTCHAR(EAPT_MD5CHAP, outp); - PUTCHAR(MD5_SIGNATURE_SIZE, outp); - BCOPY(hash, outp, MD5_SIGNATURE_SIZE); - INCPTR(MD5_SIGNATURE_SIZE, outp); + PUTCHAR(MD5_DIGEST_LENGTH, outp); + BCOPY(hash, outp, MD5_DIGEST_LENGTH); + INCPTR(MD5_DIGEST_LENGTH, outp); if (namelen > 0) { BCOPY(name, outp, namelen); } @@ -1406,12 +1406,12 @@ eap_srpval_response(eap_state *esp, u_char id, u_int32_t flags, u_char *str) PUTCHAR(id, outp); esp->es_client.ea_id = id; msglen = EAP_HEADERLEN + 2 * sizeof (u_char) + sizeof (u_int32_t) + - SHA_DIGESTSIZE; + SHA_DIGEST_LENGTH; PUTSHORT(msglen, outp); PUTCHAR(EAPT_SRP, outp); PUTCHAR(EAPSRP_CVALIDATOR, outp); PUTLONG(flags, outp); - BCOPY(str, outp, SHA_DIGESTSIZE); + BCOPY(str, outp, SHA_DIGEST_LENGTH); output(esp->es_unit, outpacket_buf, PPP_HDRLEN + msglen); } @@ -1566,7 +1566,7 @@ write_pseudonym(eap_state *esp, u_char *inp, int len, int id) u_char val; u_char *datp, *digp; PPP_MD_CTX *ctxt; - u_char dig[SHA_DIGESTSIZE]; + u_char dig[SHA_DIGEST_LENGTH]; int dsize, fd, olen = len, diglen = sizeof(dig); /* @@ -1575,30 +1575,30 @@ write_pseudonym(eap_state *esp, u_char *inp, int len, int id) */ val = id; while (len > 0) { - if ((dsize = len % SHA_DIGESTSIZE) == 0) - dsize = SHA_DIGESTSIZE; + if ((dsize = len % SHA_DIGEST_LENGTH) == 0) + dsize = SHA_DIGEST_LENGTH; len -= dsize; datp = inp + len; - ctxt = PPP_MD_CTX_new(); - if (ctxt) { - - PPP_DigestInit(ctxt, PPP_sha1()); - PPP_DigestUpdate(ctxt, &val, 1); - PPP_DigestUpdate(ctxt, esp->es_client.ea_skey, - SESSION_KEY_LEN); - if (len > 0) { - PPP_DigestUpdate(ctxt, datp, SHA_DIGESTSIZE); - } else { - PPP_DigestUpdate(ctxt, esp->es_client.ea_name, - esp->es_client.ea_namelen); - } - PPP_DigestFinal(ctxt, dig, &diglen); + ctxt = PPP_MD_CTX_new(); + if (ctxt) { - for (digp = dig; digp < dig + SHA_DIGEST_LENGTH; digp++) - *datp++ ^= *digp; + PPP_DigestInit(ctxt, PPP_sha1()); + PPP_DigestUpdate(ctxt, &val, 1); + PPP_DigestUpdate(ctxt, esp->es_client.ea_skey, + SESSION_KEY_LEN); + if (len > 0) { + PPP_DigestUpdate(ctxt, datp, SHA_DIGEST_LENGTH); + } else { + PPP_DigestUpdate(ctxt, esp->es_client.ea_name, + esp->es_client.ea_namelen); + } + PPP_DigestFinal(ctxt, dig, &diglen); + + for (digp = dig; digp < dig + SHA_DIGEST_LENGTH; digp++) + *datp++ ^= *digp; - PPP_MD_CTX_free(ctxt); - } + PPP_MD_CTX_free(ctxt); + } } /* Now check that the result is sane */ @@ -1668,9 +1668,9 @@ eap_request(eap_state *esp, u_char *inp, int id, int len) int secret_len; char secret[MAXWORDLEN]; char rhostname[256]; - PPP_MD_CTX *mdctx; - u_char hash[MD5_SIGNATURE_SIZE]; - int hashlen = MD5_SIGNATURE_SIZE; + PPP_MD_CTX *mdctx; + u_char hash[MD5_DIGEST_LENGTH]; + int hashlen = MD5_DIGEST_LENGTH; #ifdef PPP_WITH_EAPTLS u_char flags; struct eaptls_session *ets = esp->es_client.ea_session; @@ -1681,8 +1681,8 @@ eap_request(eap_state *esp, u_char *inp, int id, int len) struct t_num sval, gval, Nval, *Ap, Bval; u_char vals[2]; PPP_MD_CTX *ctxt; - u_char dig[SHA_DIGESTSIZE]; - int diglen = sizeof(dig); + u_char dig[SHA_DIGEST_LENGTH]; + int diglen = sizeof(dig); int fd; #endif /* PPP_WITH_SRP */ @@ -1809,27 +1809,27 @@ eap_request(eap_state *esp, u_char *inp, int id, int len) break; } - mdctx = PPP_MD_CTX_new(); - if (mdctx != NULL) { - if (PPP_DigestInit(mdctx, PPP_md5())) { - typenum = id; - if (PPP_DigestUpdate(mdctx, &typenum, 1)) { - if (PPP_DigestUpdate(mdctx, secret, secret_len)) { - BZERO(secret, sizeof(secret)); - if (PPP_DigestUpdate(mdctx, inp, vallen)) { - if (PPP_DigestFinal(mdctx, hash, &hashlen)) { - eap_chap_response(esp, id, hash, esp->es_client.ea_name, - esp->es_client.ea_namelen); - PPP_MD_CTX_free(mdctx); - break; - } - } - } - } - } - PPP_MD_CTX_free(mdctx); - } - dbglog("EAP: Invalid MD5 checksum"); + mdctx = PPP_MD_CTX_new(); + if (mdctx != NULL) { + if (PPP_DigestInit(mdctx, PPP_md5())) { + typenum = id; + if (PPP_DigestUpdate(mdctx, &typenum, 1)) { + if (PPP_DigestUpdate(mdctx, secret, secret_len)) { + BZERO(secret, sizeof(secret)); + if (PPP_DigestUpdate(mdctx, inp, vallen)) { + if (PPP_DigestFinal(mdctx, hash, &hashlen)) { + eap_chap_response(esp, id, hash, esp->es_client.ea_name, + esp->es_client.ea_namelen); + PPP_MD_CTX_free(mdctx); + break; + } + } + } + } + } + PPP_MD_CTX_free(mdctx); + } + dbglog("EAP: Invalid MD5 checksum"); eap_send_nak(esp, id, EAPT_SRP); break; @@ -2107,7 +2107,7 @@ eap_request(eap_state *esp, u_char *inp, int id, int len) esp->es_client.ea_id, id); } } else { - len -= sizeof (u_int32_t) + SHA_DIGESTSIZE; + len -= sizeof (u_int32_t) + SHA_DIGEST_LENGTH; if (len < 0 || t_clientverify(tc, inp + sizeof (u_int32_t)) != 0) { error("EAP: SRP server verification " @@ -2117,7 +2117,7 @@ eap_request(eap_state *esp, u_char *inp, int id, int len) GETLONG(esp->es_client.ea_keyflags, inp); /* Save pseudonym if user wants it. */ if (len > 0 && esp->es_usepseudo) { - INCPTR(SHA_DIGESTSIZE, inp); + INCPTR(SHA_DIGEST_LENGTH, inp); write_pseudonym(esp, inp, len, id); } } @@ -2135,24 +2135,24 @@ eap_request(eap_state *esp, u_char *inp, int id, int len) return; } ctxt = PPP_MD_CTX_new(); - if (ctxt) { - - vals[0] = id; - PPP_DigestInit(ctxt, PPP_sha1()); - PPP_DigestUpdate(ctxt, vals, 1); - PPP_DigestUpdate(ctxt, esp->es_client.ea_skey, - SESSION_KEY_LEN); - PPP_DigestUpdate(ctxt, inp, len); - PPP_DigestUpdate(ctxt, esp->es_client.ea_name, - esp->es_client.ea_namelen); - PPP_DigestFinal(ctxt, dig, &diglen); - - PPP_MD_CTX_free(ctxt); - - eap_srp_response(esp, id, EAPSRP_LWRECHALLENGE, dig, - SHA_DIGESTSIZE); + if (ctxt) { + + vals[0] = id; + PPP_DigestInit(ctxt, PPP_sha1()); + PPP_DigestUpdate(ctxt, vals, 1); + PPP_DigestUpdate(ctxt, esp->es_client.ea_skey, + SESSION_KEY_LEN); + PPP_DigestUpdate(ctxt, inp, len); + PPP_DigestUpdate(ctxt, esp->es_client.ea_name, + esp->es_client.ea_namelen); + PPP_DigestFinal(ctxt, dig, &diglen); + + PPP_MD_CTX_free(ctxt); + + eap_srp_response(esp, id, EAPSRP_LWRECHALLENGE, dig, + SHA_DIGEST_LENGTH); } - break; + break; default: error("EAP: unknown SRP Subtype %d", vallen); @@ -2328,15 +2328,15 @@ eap_response(eap_state *esp, u_char *inp, int id, int len) int secret_len; char secret[MAXSECRETLEN]; char rhostname[256]; - PPP_MD_CTX *mdctx; - u_char hash[MD5_SIGNATURE_SIZE]; - int hashlen = MD5_SIGNATURE_SIZE; + PPP_MD_CTX *mdctx; + u_char hash[MD5_DIGEST_LENGTH]; + int hashlen = MD5_DIGEST_LENGTH; #ifdef PPP_WITH_SRP struct t_server *ts; struct t_num A; PPP_MD_CTX *ctxt; - u_char dig[SHA_DIGESTSIZE]; - int diglen = sizeof(dig); + u_char dig[SHA_DIGEST_LENGTH]; + int diglen = sizeof(dig); #endif /* PPP_WITH_SRP */ #ifdef PPP_WITH_EAPTLS @@ -2345,8 +2345,7 @@ eap_response(eap_state *esp, u_char *inp, int id, int len) #endif /* PPP_WITH_EAPTLS */ #ifdef PPP_WITH_CHAPMS u_char opcode; - int (*chap_verifier)(char *, char *, int, struct chap_digest_type *, - unsigned char *, unsigned char *, char *, int); + chap_verify_hook_fn *chap_verifier; char response_message[256]; #endif /* PPP_WITH_CHAPMS */ @@ -2569,40 +2568,39 @@ eap_response(eap_state *esp, u_char *inp, int id, int len) break; } - mdctx = PPP_MD_CTX_new(); - if (mdctx != NULL) { + mdctx = PPP_MD_CTX_new(); + if (mdctx != NULL) { - if (PPP_DigestInit(mdctx, PPP_md5())) { + if (PPP_DigestInit(mdctx, PPP_md5())) { - if (PPP_DigestUpdate(mdctx, &esp->es_server.ea_id, 1)) { + if (PPP_DigestUpdate(mdctx, &esp->es_server.ea_id, 1)) { - if (PPP_DigestUpdate(mdctx, &secret, secret_len)) { + if (PPP_DigestUpdate(mdctx, &secret, secret_len)) { - BZERO(secret, sizeof(secret)); - if (PPP_DigestUpdate(mdctx, esp->es_challenge, esp->es_challen)) { + BZERO(secret, sizeof(secret)); + if (PPP_DigestUpdate(mdctx, esp->es_challenge, esp->es_challen)) { - if (PPP_DigestFinal(mdctx, hash, &hashlen)) { + if (PPP_DigestFinal(mdctx, hash, &hashlen)) { - if (BCMP(hash, inp, MD5_SIGNATURE_SIZE) == 0) { + if (BCMP(hash, inp, MD5_DIGEST_LENGTH) == 0) { + esp->es_server.ea_type = EAPT_MD5CHAP; + eap_send_success(esp); + eap_figure_next_state(esp, 0); - esp->es_server.ea_type = EAPT_MD5CHAP; - eap_send_success(esp); - eap_figure_next_state(esp, 0); - - if (esp->es_rechallenge != 0) { - TIMEOUT(eap_rechallenge, esp, esp->es_rechallenge); - } - PPP_MD_CTX_free(mdctx); - break; - } - } - } - } - } - } + if (esp->es_rechallenge != 0) { + TIMEOUT(eap_rechallenge, esp, esp->es_rechallenge); + } + PPP_MD_CTX_free(mdctx); + break; + } + } + } + } + } + } - PPP_MD_CTX_free(mdctx); - } + PPP_MD_CTX_free(mdctx); + } eap_send_failure(esp); break; @@ -2656,7 +2654,7 @@ eap_response(eap_state *esp, u_char *inp, int id, int len) char tmp[MAXNAMELEN+1]; strcpy(tmp, strrchr(rhostname, '\\') + 1); - strcpy(rhostname, tmp); + strlcpy(rhostname, tmp, sizeof(rhostname)); } if (chap_verify_hook) @@ -2748,9 +2746,9 @@ eap_response(eap_state *esp, u_char *inp, int id, int len) eap_figure_next_state(esp, 1); break; } - if (len < sizeof (u_int32_t) + SHA_DIGESTSIZE) { + if (len < sizeof (u_int32_t) + SHA_DIGEST_LENGTH) { error("EAP: M1 length %d < %d", len, - sizeof (u_int32_t) + SHA_DIGESTSIZE); + sizeof (u_int32_t) + SHA_DIGEST_LENGTH); eap_figure_next_state(esp, 1); break; } @@ -2787,37 +2785,37 @@ eap_response(eap_state *esp, u_char *inp, int id, int len) info("EAP: unexpected SRP Subtype 4 Response"); return; } - if (len != SHA_DIGESTSIZE) { + if (len != SHA_DIGEST_LENGTH) { error("EAP: bad Lightweight rechallenge " "response"); return; } - ctxt = PPP_MD_CTX_new(); - if (ctxt) { - vallen = id; - - PPP_DigestInit(ctxt, PPP_sha1()); - PPP_DigestUpdate(ctxt, &vallen, 1); - PPP_DigestUpdate(ctxt, esp->es_server.ea_skey, - SESSION_KEY_LEN); - PPP_DigestUpdate(ctxt, esp->es_challenge, esp->es_challen); - PPP_DigestUpdate(ctxt, esp->es_server.ea_peer, - esp->es_server.ea_peerlen); - PPP_DigestFinal(ctxt, dig, &diglen); - - PPP_MD_CTX_free(ctxt); - - if (BCMP(dig, inp, SHA_DIGEST_LENGTH) != 0) { - error("EAP: failed Lightweight rechallenge"); - eap_send_failure(esp); - break; - } + ctxt = PPP_MD_CTX_new(); + if (ctxt) { + vallen = id; + + PPP_DigestInit(ctxt, PPP_sha1()); + PPP_DigestUpdate(ctxt, &vallen, 1); + PPP_DigestUpdate(ctxt, esp->es_server.ea_skey, + SESSION_KEY_LEN); + PPP_DigestUpdate(ctxt, esp->es_challenge, esp->es_challen); + PPP_DigestUpdate(ctxt, esp->es_server.ea_peer, + esp->es_server.ea_peerlen); + PPP_DigestFinal(ctxt, dig, &diglen); + + PPP_MD_CTX_free(ctxt); + + if (BCMP(dig, inp, SHA_DIGEST_LENGTH) != 0) { + error("EAP: failed Lightweight rechallenge"); + eap_send_failure(esp); + break; + } - esp->es_server.ea_state = eapOpen; - if (esp->es_lwrechallenge != 0) - TIMEOUT(srp_lwrechallenge, esp, - esp->es_lwrechallenge); - } + esp->es_server.ea_state = eapOpen; + if (esp->es_lwrechallenge != 0) + TIMEOUT(srp_lwrechallenge, esp, + esp->es_lwrechallenge); + } break; } break; @@ -3210,10 +3208,10 @@ eap_printpkt(u_char *inp, int inlen, if (uval != 0) { printer(arg, " f<%X>", uval); } - if ((vallen = len) > SHA_DIGESTSIZE) - vallen = SHA_DIGESTSIZE; + if ((vallen = len) > SHA_DIGEST_LENGTH) + vallen = SHA_DIGEST_LENGTH; printer(arg, " ", len, inp, - len < SHA_DIGESTSIZE ? "?" : ""); + len < SHA_DIGEST_LENGTH ? "?" : ""); INCPTR(vallen, inp); len -= vallen; if (len > 0) { @@ -3383,7 +3381,7 @@ eap_printpkt(u_char *inp, int inlen, printer(arg, " f<%X>", uval); } printer(arg, " ", len, inp, - len == SHA_DIGESTSIZE ? "" : "?"); + len == SHA_DIGEST_LENGTH ? "" : "?"); INCPTR(len, inp); len = 0; break; @@ -3393,9 +3391,9 @@ eap_printpkt(u_char *inp, int inlen, case EAPSRP_LWRECHALLENGE: printer(arg, " ", len, inp, - len == SHA_DIGESTSIZE ? "" : "?"); - if ((vallen = len) > SHA_DIGESTSIZE) - vallen = SHA_DIGESTSIZE; + len == SHA_DIGEST_LENGTH ? "" : "?"); + if ((vallen = len) > SHA_DIGEST_LENGTH) + vallen = SHA_DIGEST_LENGTH; INCPTR(vallen, inp); len -= vallen; break;