* Based on draft-ietf-pppext-eap-srp-03.txt.
*/
-#define RCSID "$Id: eap.c,v 1.3 2003/06/11 23:56:26 paulus Exp $"
+#define RCSID "$Id: eap.c,v 1.4 2004/11/09 22:39:25 paulus Exp $"
/*
* TODO:
#define SHA_DIGESTSIZE 20
#endif
-static const char rcsid[] = RCSID;
eap_state eap_states[NUM_PPP]; /* EAP state; one for each unit */
#ifdef USE_SRP
int fd;
#endif /* USE_SRP */
+ /*
+ * Ignore requests if we're not open
+ */
+ if (esp->es_client.ea_state <= eapClosed)
+ return;
+
/*
* Note: we update es_client.ea_id *only if* a Response
* message is being generated. Otherwise, we leave it the
}
/* Not so likely to happen. */
- if (vallen >= len + sizeof (rhostname)) {
+ if (len - vallen >= sizeof (rhostname)) {
dbglog("EAP: trimming really long peer name down");
BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
rhostname[sizeof (rhostname) - 1] = '\0';
eap_send_nak(esp, id, EAPT_SRP);
break;
}
- MD5Init(&mdContext);
+ MD5_Init(&mdContext);
typenum = id;
- MD5Update(&mdContext, &typenum, 1);
- MD5Update(&mdContext, secret, secret_len);
+ MD5_Update(&mdContext, &typenum, 1);
+ MD5_Update(&mdContext, (u_char *)secret, secret_len);
BZERO(secret, sizeof (secret));
- MD5Update(&mdContext, inp, vallen);
- MD5Final(hash, &mdContext);
+ MD5_Update(&mdContext, inp, vallen);
+ MD5_Final(hash, &mdContext);
eap_chap_response(esp, id, hash, esp->es_client.ea_name,
esp->es_client.ea_namelen);
break;
u_char dig[SHA_DIGESTSIZE];
#endif /* USE_SRP */
+ /*
+ * Ignore responses if we're not open
+ */
+ if (esp->es_server.ea_state <= eapClosed)
+ return;
+
if (esp->es_server.ea_id != id) {
dbglog("EAP: discarding Response %d; expected ID %d", id,
esp->es_server.ea_id);
}
/* Not so likely to happen. */
- if (vallen >= len + sizeof (rhostname)) {
+ if (len - vallen >= sizeof (rhostname)) {
dbglog("EAP: trimming really long peer name down");
BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
rhostname[sizeof (rhostname) - 1] = '\0';
eap_send_failure(esp);
break;
}
- MD5Init(&mdContext);
- MD5Update(&mdContext, &esp->es_server.ea_id, 1);
- MD5Update(&mdContext, secret, secret_len);
+ MD5_Init(&mdContext);
+ MD5_Update(&mdContext, &esp->es_server.ea_id, 1);
+ MD5_Update(&mdContext, (u_char *)secret, secret_len);
BZERO(secret, sizeof (secret));
- MD5Update(&mdContext, esp->es_challenge, esp->es_challen);
- MD5Final(hash, &mdContext);
+ MD5_Update(&mdContext, esp->es_challenge, esp->es_challen);
+ MD5_Final(hash, &mdContext);
if (BCMP(hash, inp, MD5_SIGNATURE_SIZE) != 0) {
eap_send_failure(esp);
break;
int id;
int len;
{
+ /*
+ * Ignore failure messages if we're not open
+ */
+ if (esp->es_client.ea_state <= eapClosed)
+ return;
+
if (!eap_client_active(esp)) {
dbglog("EAP unexpected failure message in state %s (%d)",
eap_state_name(esp->es_client.ea_state),