+ if (status) {
+
+ for (i = 0; i < MD5_DIGEST_LENGTH; i++) {
+ plain[i] ^= buf[i];
+ }
+
+ status = 0;
+ ctx = PPP_MD_CTX_new();
+ if (ctx) {
+
+ if (PPP_DigestInit(ctx, PPP_md5())) {
+
+ if (PPP_DigestUpdate(ctx, req_info->secret, strlen(req_info->secret))) {
+
+ if (PPP_DigestUpdate(ctx, vp->strvalue, 16)) {
+
+ buflen = MD5_DIGEST_LENGTH;
+ if (PPP_DigestFinal(ctx, buf, &buflen)) {
+
+ status = 1;
+ }
+ }
+ }
+ }
+ PPP_MD_CTX_free(ctx);
+ }
+
+ if (status) {
+
+ for(i = 0; i < MD5_DIGEST_LENGTH; i++) {
+ plain[i + 16] ^= buf[i];
+ }
+
+ /*
+ * Annoying. The "key" returned is just the NTPasswordHashHash, which
+ * the NAS (us) doesn't need; we only need the start key. So we have
+ * to generate the start key, sigh. NB: We do not support the LM-Key.
+ */
+ mppe_set_chapv1(challenge, &plain[8]);
+ return 0;
+ }
+ }
+
+ return -1;