*
*/
-#define RCSID "$Id: chap_ms.c,v 1.34 2004/11/15 22:13:26 paulus Exp $"
+#define RCSID "$Id: chap_ms.c,v 1.38 2007/12/01 20:10:51 carlsonj Exp $"
#ifdef CHAPMS
static void ascii2unicode __P((char[], int, u_char[]));
-static void NTPasswordHash __P((char *, int, u_char[MD4_SIGNATURE_SIZE]));
+static void NTPasswordHash __P((u_char *, int, u_char[MD4_SIGNATURE_SIZE]));
static void ChallengeResponse __P((u_char *, u_char *, u_char[24]));
static void ChapMS_NT __P((u_char *, char *, int, u_char[24]));
static void ChapMS2_NT __P((u_char *, u_char[16], char *, char *, int,
* chapms[2]_verify_response.
*/
if (!strncmp(p, "E=", 2))
- err = strtol(p, NULL, 10); /* Remember the error code. */
+ err = strtol(p+2, NULL, 10); /* Remember the error code. */
else
goto print_msg; /* Message is badly formatted. */
}
static void
-NTPasswordHash(char *secret, int secret_len, u_char hash[MD4_SIGNATURE_SIZE])
+NTPasswordHash(u_char *secret, int secret_len, u_char hash[MD4_SIGNATURE_SIZE])
{
#ifdef __NetBSD__
/* NetBSD uses the libc md4 routines which take bytes instead of bits */
MD4_CTX md4Context;
MD4Init(&md4Context);
- MD4Update(&md4Context, (unsigned char *)secret, mdlen);
+ /* MD4Update can take at most 64 bytes at a time */
+ while (mdlen > 512) {
+ MD4Update(&md4Context, secret, 512);
+ secret += 64;
+ mdlen -= 512;
+ }
+ MD4Update(&md4Context, secret, mdlen);
MD4Final(hash, &md4Context);
}
/* Hash the Unicode version of the secret (== password). */
ascii2unicode(secret, secret_len, unicodePassword);
- NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash);
+ NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash);
ChallengeResponse(rchallenge, PasswordHash, NTResponse);
}
/* Hash the Unicode version of the secret (== password). */
ascii2unicode(secret, secret_len, unicodePassword);
- NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash);
+ NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash);
ChallengeResponse(Challenge, PasswordHash, NTResponse);
}
/* Hash (x2) the Unicode version of the secret (== password). */
ascii2unicode(secret, secret_len, unicodePassword);
- NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash);
- NTPasswordHash((char *)PasswordHash, sizeof(PasswordHash),
+ NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash);
+ NTPasswordHash(PasswordHash, sizeof(PasswordHash),
PasswordHashHash);
GenerateAuthenticatorResponse(PasswordHashHash, NTResponse, PeerChallenge,
ChapMS_NT(rchallenge, secret, secret_len, &response[MS_CHAP_NTRESP]);
#ifdef MSLANMAN
- ChapMS_LANMan(rchallenge, secret, secret_len, &response);
+ ChapMS_LANMan(rchallenge, secret, secret_len,
+ &response[MS_CHAP_LANMANRESP]);
/* preferred method is set by option */
response[MS_CHAP_USENT] = !ms_lanman;
u_char *p = &response[MS_CHAP2_PEER_CHALLENGE];
int i;
- BZERO(response, sizeof(*response));
+ BZERO(response, MS_CHAP2_RESPONSE_LEN);
/* Generate the Peer-Challenge if requested, or copy it if supplied. */
if (!PeerChallenge)