diff options
author | brian <brian@cvs.openbsd.org> | 2002-07-01 11:14:35 +0000 |
---|---|---|
committer | brian <brian@cvs.openbsd.org> | 2002-07-01 11:14:35 +0000 |
commit | 1ebb95776d0f2c3bb000e1c1e08bb06d4b9021b6 (patch) | |
tree | 915f786bf640d0128b59b8681be128d0ce04ab18 /usr.sbin | |
parent | 8c9f751ddcfa822521133be69ef734f0f32506a7 (diff) |
Handle mis-formatted messages from RADIATOR (now fixed in RADIATOR)
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/ppp/ppp/radius.c | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/usr.sbin/ppp/ppp/radius.c b/usr.sbin/ppp/ppp/radius.c index bf27a3e0daa..b149b0c14e2 100644 --- a/usr.sbin/ppp/ppp/radius.c +++ b/usr.sbin/ppp/ppp/radius.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: radius.c,v 1.20 2002/06/17 01:14:08 brian Exp $ + * $OpenBSD: radius.c,v 1.21 2002/07/01 11:14:34 brian Exp $ * */ @@ -419,8 +419,18 @@ radius_Process(struct radius *r, int got) if (len == 0) r->errstr = NULL; else { - if ((r->errstr = rad_cvt_string((const char *)data + 1, - len - 1)) == NULL) { + if (len < 3 || ((const char *)data)[1] != '=') { + /* + * Only point at the String field if we don't think the + * peer has misformatted the response. + */ + ((const char *)data)++; + len--; + } else + log_Printf(LogWARN, "Warning: The MS-CHAP-Error " + "attribute is mis-formatted. Compensating\n"); + if ((r->errstr = rad_cvt_string((const char *)data, + len)) == NULL) { log_Printf(LogERROR, "rad_cvt_string: %s\n", rad_strerror(r->cx.rad)); auth_Failure(r->cx.auth); @@ -436,8 +446,18 @@ radius_Process(struct radius *r, int got) if (len == 0) r->msrepstr = NULL; else { - if ((r->msrepstr = rad_cvt_string((const char *)data + 1, - len - 1)) == NULL) { + if (len < 3 || ((const char *)data)[1] != '=') { + /* + * Only point at the String field if we don't think the + * peer has misformatted the response. + */ + ((const char *)data)++; + len--; + } else + log_Printf(LogWARN, "Warning: The MS-CHAP2-Success " + "attribute is mis-formatted. Compensating\n"); + if ((r->msrepstr = rad_cvt_string((const char *)data, + len)) == NULL) { log_Printf(LogERROR, "rad_cvt_string: %s\n", rad_strerror(r->cx.rad)); auth_Failure(r->cx.auth); |