X-Git-Url: http://git.ozlabs.org/?p=ppp.git;a=blobdiff_plain;f=pppd%2Fchap_ms.c;h=0a5c126159b71c304daea125b46558992909104c;hp=68026299bff1a50031d08c870c567a32f7030b9d;hb=61ebd9732d40eade1a74d55302bdb02c2865cb6c;hpb=36fd2fc5935d930a724007be7990b5b82d53e72a

diff --git a/pppd/chap_ms.c b/pppd/chap_ms.c
index 6802629..0a5c126 100644
--- a/pppd/chap_ms.c
+++ b/pppd/chap_ms.c
@@ -32,22 +32,31 @@
  */
 
 #ifndef lint
-static char rcsid[] = "$Id: chap_ms.c,v 1.3 1997/04/30 05:51:40 paulus Exp $";
+static char rcsid[] = "$Id: chap_ms.c,v 1.12 1998/11/24 19:38:05 christos Exp $";
 #endif
 
 #ifdef CHAPMS
 
 #include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
 #include <sys/types.h>
 #include <sys/time.h>
 #include <syslog.h>
+#include <unistd.h>
+#ifdef HAVE_CRYPT_H
+#include <crypt.h>
+#endif
 
 #include "pppd.h"
 #include "chap.h"
 #include "chap_ms.h"
 #include "md4.h"
 
+#ifndef USE_CRYPT
 #include <des.h>
+#endif
 
 typedef struct {
     u_char LANManResp[24];
@@ -58,14 +67,25 @@ typedef struct {
    in case this struct gets padded. */
 
 
+static void	ChallengeResponse __P((u_char *, u_char *, u_char *));
 static void	DesEncrypt __P((u_char *, u_char *, u_char *));
 static void	MakeKey __P((u_char *, u_char *));
+static u_char	Get7Bits __P((u_char *, int));
+static void	ChapMS_NT __P((char *, int, char *, int, MS_ChapResponse *));
+#ifdef MSLANMAN
+static void	ChapMS_LANMan __P((char *, int, char *, int, MS_ChapResponse *));
+#endif
 
 #ifdef USE_CRYPT
 static void	Expand __P((u_char *, u_char *));
 static void	Collapse __P((u_char *, u_char *));
 #endif
 
+#ifdef MSLANMAN
+bool	ms_lanman = 0;    	/* Use LanMan password instead of NT */
+			  	/* Has meaning only with MS-CHAP challenges */
+#endif
+
 static void
 ChallengeResponse(challenge, pwHash, response)
     u_char *challenge;	/* IN   8 octets */
@@ -75,7 +95,7 @@ ChallengeResponse(challenge, pwHash, response)
     char    ZPasswordHash[21];
 
     BZERO(ZPasswordHash, sizeof(ZPasswordHash));
-    BCOPY(pwHash, ZPasswordHash, 16);
+    BCOPY(pwHash, ZPasswordHash, MD4_SIGNATURE_SIZE);
 
 #if 0
     log_packet(ZPasswordHash, sizeof(ZPasswordHash), "ChallengeResponse - ZPasswordHash", LOG_DEBUG);
@@ -241,9 +261,15 @@ ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, response)
     MS_ChapResponse    *response;
 {
     int			i;
-    MDstruct		md4Context;
+#ifdef __NetBSD__
+    /* NetBSD uses the libc md4 routines which take bytes instead of bits */
+    int			mdlen = secret_len * 2;
+#else
+    int			mdlen = secret_len * 2 * 8;
+#endif
+    MD4_CTX		md4Context;
+    u_char		hash[MD4_SIGNATURE_SIZE];
     u_char		unicodePassword[MAX_NT_PASSWORD * 2];
-    static int		low_byte_first = -1;
 
     /* Initialize the Unicode version of the secret (== password). */
     /* This implicitly supports 8-bit ISO8859/1 characters. */
@@ -251,22 +277,19 @@ ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, response)
     for (i = 0; i < secret_len; i++)
 	unicodePassword[i * 2] = (u_char)secret[i];
 
-    MDbegin(&md4Context);
-    MDupdate(&md4Context, unicodePassword, secret_len * 2 * 8);	/* Unicode is 2 bytes/char, *8 for bit count */
-
-    if (low_byte_first == -1)
-	low_byte_first = (htons((unsigned short int)1) != 1);
-    if (low_byte_first == 0)
-	MDreverse(&md4Context);  /*  sfb 961105 */
+    MD4Init(&md4Context);
+    MD4Update(&md4Context, unicodePassword, mdlen);
 
-    MDupdate(&md4Context, NULL, 0);	/* Tell MD4 we're done */
+    MD4Final(hash, &md4Context); 	/* Tell MD4 we're done */
 
-    ChallengeResponse(rchallenge, (char *)md4Context.buffer, response->NTResp);
+    ChallengeResponse(rchallenge, hash, response->NTResp);
 }
 
-static u_char *StdText = "KGS!@#$%"; /* key from rasapi32.dll */
+#ifdef MSLANMAN
+static u_char *StdText = (u_char *)"KGS!@#$%"; /* key from rasapi32.dll */
 
-static ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, response)
+static void
+ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, response)
     char *rchallenge;
     int rchallenge_len;
     char *secret;
@@ -275,7 +298,7 @@ static ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, response)
 {
     int			i;
     u_char		UcasePassword[MAX_NT_PASSWORD]; /* max is actually 14 */
-    u_char		PasswordHash[16];
+    u_char		PasswordHash[MD4_SIGNATURE_SIZE];
 
     /* LANMan password is case insensitive */
     BZERO(UcasePassword, sizeof(UcasePassword));
@@ -285,6 +308,7 @@ static ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, response)
     DesEncrypt( StdText, UcasePassword + 7, PasswordHash + 8 );
     ChallengeResponse(rchallenge, PasswordHash, response->LANManResp);
 }
+#endif
 
 void
 ChapMS(cstate, rchallenge, rchallenge_len, secret, secret_len)
@@ -303,10 +327,15 @@ ChapMS(cstate, rchallenge, rchallenge_len, secret, secret_len)
 
     /* Calculate both always */
     ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, &response);
+
+#ifdef MSLANMAN
     ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, &response);
 
     /* prefered method is set by option  */
     response.UseNT = !ms_lanman;
+#else
+    response.UseNT = 1;
+#endif
 
     BCOPY(&response, cstate->response, MS_CHAP_RESPONSE_LEN);
     cstate->resp_length = MS_CHAP_RESPONSE_LEN;