diff options
author | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2013-09-20 07:29:20 +0000 |
---|---|---|
committer | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2013-09-20 07:29:20 +0000 |
commit | 6295f3e67de635a1da2d857d6f35c6b2f5d1f7c0 (patch) | |
tree | 9999b9bd2e6950aa0560b303b06a0309297cdb20 /usr.sbin | |
parent | 1acbf0efbaf6fd4a83a6da1f1a0353b16329ea0f (diff) |
Don't assume the length of chap challenges.
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/npppd/npppd/chap.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/usr.sbin/npppd/npppd/chap.c b/usr.sbin/npppd/npppd/chap.c index 73aaf3e64e3..8c6d4509f2c 100644 --- a/usr.sbin/npppd/npppd/chap.c +++ b/usr.sbin/npppd/npppd/chap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: chap.c,v 1.9 2013/04/20 23:32:32 yasuoka Exp $ */ +/* $OpenBSD: chap.c,v 1.10 2013/09/20 07:29:19 yasuoka Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -36,7 +36,7 @@ * </ul></p> */ /* RFC 1994, 2433 */ -/* $Id: chap.c,v 1.9 2013/04/20 23:32:32 yasuoka Exp $ */ +/* $Id: chap.c,v 1.10 2013/09/20 07:29:19 yasuoka Exp $ */ #include <sys/types.h> #include <sys/param.h> #include <sys/socket.h> @@ -563,7 +563,7 @@ md5chap_authenticate(chap *_this, int id, char *username, u_char *challenge, passlen = strlen(password); MD5Init(&md5ctx); MD5Update(&md5ctx, buf, passlen + 1); - MD5Update(&md5ctx, challenge, 16); + MD5Update(&md5ctx, challenge, lchallenge); MD5Final(digest, &md5ctx); if (memcmp(response, digest, 16) == 0) { @@ -763,7 +763,7 @@ chap_radius_authenticate(chap *_this, int id, char *username, RADIUS_TYPE_CHAP_PASSWORD, md5response, 17) != 0) goto fail; if (radius_put_raw_attr(radpkt, - RADIUS_TYPE_CHAP_CHALLENGE, challenge, 16) != 0) + RADIUS_TYPE_CHAP_CHALLENGE, challenge, lchallenge) != 0) goto fail; break; } |