diff options
-rw-r--r-- | usr.sbin/ppp/ppp/radius.c | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/usr.sbin/ppp/ppp/radius.c b/usr.sbin/ppp/ppp/radius.c index bf27a3e0daa..b149b0c14e2 100644 --- a/usr.sbin/ppp/ppp/radius.c +++ b/usr.sbin/ppp/ppp/radius.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: radius.c,v 1.20 2002/06/17 01:14:08 brian Exp $ + * $OpenBSD: radius.c,v 1.21 2002/07/01 11:14:34 brian Exp $ * */ @@ -419,8 +419,18 @@ radius_Process(struct radius *r, int got) if (len == 0) r->errstr = NULL; else { - if ((r->errstr = rad_cvt_string((const char *)data + 1, - len - 1)) == NULL) { + if (len < 3 || ((const char *)data)[1] != '=') { + /* + * Only point at the String field if we don't think the + * peer has misformatted the response. + */ + ((const char *)data)++; + len--; + } else + log_Printf(LogWARN, "Warning: The MS-CHAP-Error " + "attribute is mis-formatted. Compensating\n"); + if ((r->errstr = rad_cvt_string((const char *)data, + len)) == NULL) { log_Printf(LogERROR, "rad_cvt_string: %s\n", rad_strerror(r->cx.rad)); auth_Failure(r->cx.auth); @@ -436,8 +446,18 @@ radius_Process(struct radius *r, int got) if (len == 0) r->msrepstr = NULL; else { - if ((r->msrepstr = rad_cvt_string((const char *)data + 1, - len - 1)) == NULL) { + if (len < 3 || ((const char *)data)[1] != '=') { + /* + * Only point at the String field if we don't think the + * peer has misformatted the response. + */ + ((const char *)data)++; + len--; + } else + log_Printf(LogWARN, "Warning: The MS-CHAP2-Success " + "attribute is mis-formatted. Compensating\n"); + if ((r->msrepstr = rad_cvt_string((const char *)data, + len)) == NULL) { log_Printf(LogERROR, "rad_cvt_string: %s\n", rad_strerror(r->cx.rad)); auth_Failure(r->cx.auth); |