From 7f45a9a839d065ec6b02f684ae5a240f89fe8c8c Mon Sep 17 00:00:00 2001
From: Paul Mackerras <paulus@samba.org>
Date: Sun, 31 Oct 2004 22:23:18 +0000
Subject: [PATCH] Remove dependencies on CHAPMS definition in header files. Fix
 bug in filling in mdtype field when we NAK and suggest CHAP. Ask for/suggest
 MD5 before MSCHAP{v2,} digest.

---
 pppd/auth.c     |  8 +++++---
 pppd/chap-new.c |  7 ++++++-
 pppd/chap-new.h | 11 ++++-------
 pppd/lcp.c      |  6 +++---
 pppd/pppd.h     |  4 +---
 5 files changed, 19 insertions(+), 17 deletions(-)

diff --git a/pppd/auth.c b/pppd/auth.c
index 40cb427..3904d47 100644
--- a/pppd/auth.c
+++ b/pppd/auth.c
@@ -73,7 +73,7 @@
  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-#define RCSID	"$Id: auth.c,v 1.97 2004/10/28 00:33:47 paulus Exp $"
+#define RCSID	"$Id: auth.c,v 1.98 2004/10/31 22:23:18 paulus Exp $"
 
 #include <stdio.h>
 #include <stddef.h>
@@ -1109,12 +1109,14 @@ auth_check_options()
     if (auth_required) {
 	allow_any_ip = 0;
 	if (!wo->neg_chap && !wo->neg_upap && !wo->neg_eap) {
-	    wo->neg_chap = 1; wo->chap_mdtype = MDTYPE_ALL;
+	    wo->neg_chap = 1;
+	    wo->chap_mdtype = chap_mdtype_all;
 	    wo->neg_upap = 1;
 	    wo->neg_eap = 1;
 	}
     } else {
-	wo->neg_chap = 0; wo->chap_mdtype = MDTYPE_NONE;
+	wo->neg_chap = 0;
+	wo->chap_mdtype = MDTYPE_NONE;
 	wo->neg_upap = 0;
 	wo->neg_eap = 0;
     }
diff --git a/pppd/chap-new.c b/pppd/chap-new.c
index c8aa530..367f957 100644
--- a/pppd/chap-new.c
+++ b/pppd/chap-new.c
@@ -33,7 +33,7 @@
  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-#define RCSID	"$Id: chap-new.c,v 1.4 2004/01/17 05:47:55 carlsonj Exp $"
+#define RCSID	"$Id: chap-new.c,v 1.5 2004/10/31 22:23:18 paulus Exp $"
 
 #include <stdlib.h>
 #include <string.h>
@@ -43,8 +43,13 @@
 
 #ifdef CHAPMS
 #include "chap_ms.h"
+#define MDTYPE_ALL (MDTYPE_MICROSOFT_V2 | MDTYPE_MICROSOFT | MDTYPE_MD5)
+#else
+#define MDTYPE_ALL (MDTYPE_MD5)
 #endif
 
+int chap_mdtype_all = MDTYPE_ALL;
+
 /* Hook for a plugin to validate CHAP challenge */
 int (*chap_verify_hook)(char *name, char *ourname, int id,
 			struct chap_digest_type *digest,
diff --git a/pppd/chap-new.h b/pppd/chap-new.h
index 0f38ff4..e6a534d 100644
--- a/pppd/chap-new.h
+++ b/pppd/chap-new.h
@@ -63,19 +63,16 @@
 #define MDTYPE_MICROSOFT_V2	0x1
 #define MDTYPE_MICROSOFT	0x2
 #define MDTYPE_MD5		0x4
+#define MDTYPE_NONE		0
 
-#ifdef CHAPMS
-#define MDTYPE_ALL (MDTYPE_MICROSOFT_V2 | MDTYPE_MICROSOFT | MDTYPE_MD5)
-#else
-#define MDTYPE_ALL (MDTYPE_MD5)
-#endif
-#define MDTYPE_NONE 0
+/* hashes supported by this instance of pppd */
+extern int chap_mdtype_all;
 
 /* Return the digest alg. ID for the most preferred digest type. */
 #define CHAP_DIGEST(mdtype) \
+    ((mdtype) & MDTYPE_MD5)? CHAP_MD5: \
     ((mdtype) & MDTYPE_MICROSOFT_V2)? CHAP_MICROSOFT_V2: \
     ((mdtype) & MDTYPE_MICROSOFT)? CHAP_MICROSOFT: \
-    ((mdtype) & MDTYPE_MD5)? CHAP_MD5: \
     0
 
 /* Return the bit flag (lsb set) for our most preferred digest type. */
diff --git a/pppd/lcp.c b/pppd/lcp.c
index 8d54071..dde1381 100644
--- a/pppd/lcp.c
+++ b/pppd/lcp.c
@@ -40,7 +40,7 @@
  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-#define RCSID	"$Id: lcp.c,v 1.70 2003/07/28 12:25:41 carlsonj Exp $"
+#define RCSID	"$Id: lcp.c,v 1.71 2004/10/31 22:23:18 paulus Exp $"
 
 /*
  * TODO:
@@ -359,7 +359,7 @@ lcp_init(unit)
     ao->mru = MAXMRU;
     ao->neg_asyncmap = 1;
     ao->neg_chap = 1;
-    ao->chap_mdtype = MDTYPE_ALL;
+    ao->chap_mdtype = chap_mdtype_all;
     ao->neg_upap = 1;
     ao->neg_eap = 1;
     ao->neg_magicnumber = 1;
@@ -1670,7 +1670,7 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
 		    if (ao->neg_chap) {
 			PUTCHAR(CILEN_CHAP, nakp);
 			PUTSHORT(PPP_CHAP, nakp);
-			PUTCHAR(ao->chap_mdtype, nakp);
+			PUTCHAR(CHAP_DIGEST(ao->chap_mdtype), nakp);
 		    } else {
 			PUTCHAR(CILEN_SHORT, nakp);
 			PUTSHORT(PPP_PAP, nakp);
diff --git a/pppd/pppd.h b/pppd/pppd.h
index dbb3e87..02f983e 100644
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -39,7 +39,7 @@
  * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  *
- * $Id: pppd.h,v 1.83 2004/10/28 00:32:32 paulus Exp $
+ * $Id: pppd.h,v 1.84 2004/10/31 22:23:18 paulus Exp $
  */
 
 /*
@@ -347,13 +347,11 @@ extern bool	ms_lanman;	/* Use LanMan password instead of NT */
 /* Values for auth_done only */
 #define CHAP_MD5_WITHPEER	0x40
 #define CHAP_MD5_PEER		0x80
-#ifdef CHAPMS
 #define CHAP_MS_SHIFT		8	/* LSB position for MS auths */
 #define CHAP_MS_WITHPEER	0x100
 #define CHAP_MS_PEER		0x200
 #define CHAP_MS2_WITHPEER	0x400
 #define CHAP_MS2_PEER		0x800
-#endif
 
 extern char *current_option;	/* the name of the option being parsed */
 extern int  privileged_option;	/* set iff the current option came from root */
-- 
2.39.2