X-Git-Url: https://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Feap.c;h=082e95343120954abe1de82991387373344e1ba7;hb=c319558b8cacad7d27f04c7d612e44b67f273434;hp=cc3bc73dcd2b9ad5ad110848830749407a8197aa;hpb=d741a3b912f17d84dc8dc87474e0b989c775de50;p=ppp.git diff --git a/pppd/eap.c b/pppd/eap.c index cc3bc73..082e953 100644 --- a/pppd/eap.c +++ b/pppd/eap.c @@ -43,7 +43,7 @@ * Based on draft-ietf-pppext-eap-srp-03.txt. */ -#define RCSID "$Id: eap.c,v 1.1 2002/11/02 19:48:12 carlsonj Exp $" +#define RCSID "$Id: eap.c,v 1.4 2004/11/09 22:39:25 paulus Exp $" /* * TODO: @@ -63,8 +63,6 @@ #include "pppd.h" #include "pathnames.h" #include "md5.h" -/* For MD5_SIGNATURE_SIZE and MIN/MAX_CHALLENGE_LENGTH; should fix. */ -#include "chap.h" #include "eap.h" #ifdef USE_SRP @@ -78,10 +76,11 @@ #define SHA_DIGESTSIZE 20 #endif -static const char rcsid[] = RCSID; eap_state eap_states[NUM_PPP]; /* EAP state; one for each unit */ +#ifdef USE_SRP static char *pn_secret = NULL; /* Pseudonym generating secret */ +#endif /* * Command-line options. @@ -1329,6 +1328,12 @@ int len; int fd; #endif /* USE_SRP */ + /* + * Ignore requests if we're not open + */ + if (esp->es_client.ea_state <= eapClosed) + return; + /* * Note: we update es_client.ea_id *only if* a Response * message is being generated. Otherwise, we leave it the @@ -1421,7 +1426,7 @@ int len; } /* Not so likely to happen. */ - if (vallen >= len + sizeof (rhostname)) { + if (len - vallen >= sizeof (rhostname)) { dbglog("EAP: trimming really long peer name down"); BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1); rhostname[sizeof (rhostname) - 1] = '\0'; @@ -1445,13 +1450,13 @@ int len; eap_send_nak(esp, id, EAPT_SRP); break; } - MD5Init(&mdContext); + MD5_Init(&mdContext); typenum = id; - MD5Update(&mdContext, &typenum, 1); - MD5Update(&mdContext, secret, secret_len); + MD5_Update(&mdContext, &typenum, 1); + MD5_Update(&mdContext, (u_char *)secret, secret_len); BZERO(secret, sizeof (secret)); - MD5Update(&mdContext, inp, vallen); - MD5Final(hash, &mdContext); + MD5_Update(&mdContext, inp, vallen); + MD5_Final(hash, &mdContext); eap_chap_response(esp, id, hash, esp->es_client.ea_name, esp->es_client.ea_namelen); break; @@ -1737,6 +1742,12 @@ int len; u_char dig[SHA_DIGESTSIZE]; #endif /* USE_SRP */ + /* + * Ignore responses if we're not open + */ + if (esp->es_server.ea_state <= eapClosed) + return; + if (esp->es_server.ea_id != id) { dbglog("EAP: discarding Response %d; expected ID %d", id, esp->es_server.ea_id); @@ -1847,7 +1858,7 @@ int len; } /* Not so likely to happen. */ - if (vallen >= len + sizeof (rhostname)) { + if (len - vallen >= sizeof (rhostname)) { dbglog("EAP: trimming really long peer name down"); BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1); rhostname[sizeof (rhostname) - 1] = '\0'; @@ -1871,12 +1882,12 @@ int len; eap_send_failure(esp); break; } - MD5Init(&mdContext); - MD5Update(&mdContext, &esp->es_server.ea_id, 1); - MD5Update(&mdContext, secret, secret_len); + MD5_Init(&mdContext); + MD5_Update(&mdContext, &esp->es_server.ea_id, 1); + MD5_Update(&mdContext, (u_char *)secret, secret_len); BZERO(secret, sizeof (secret)); - MD5Update(&mdContext, esp->es_challenge, esp->es_challen); - MD5Final(hash, &mdContext); + MD5_Update(&mdContext, esp->es_challenge, esp->es_challen); + MD5_Final(hash, &mdContext); if (BCMP(hash, inp, MD5_SIGNATURE_SIZE) != 0) { eap_send_failure(esp); break; @@ -2048,6 +2059,12 @@ u_char *inp; int id; int len; { + /* + * Ignore failure messages if we're not open + */ + if (esp->es_client.ea_state <= eapClosed) + return; + if (!eap_client_active(esp)) { dbglog("EAP unexpected failure message in state %s (%d)", eap_state_name(esp->es_client.ea_state),