upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-11 09:41:03 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Handle empty PAP & CHAP packets (containing only an FSM header).

Browse source 
Some CHAP implementations send no welcome message with their
SUCCESS/FAILURE packets.  This was being mis-identified as
a truncated packet by the new authentication code :-(
This commit is contained in:
Brian Somers 1999-02-20 01:12:45 +00:00
parent d894d5dedb
commit b7ff18add2
3 changed files with 14 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
usr.sbin/ppp/auth.c
View file

@ -17,7 +17,7 @@
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $Id: auth.c,v 1.39 1999/02/18 00:52:12 brian Exp $
* $Id: auth.c,v 1.40 1999/02/19 10:48:42 brian Exp $
*
* TODO:
* o Implement check against with registered IP addresses.
@ -327,11 +327,14 @@ auth_ReadHeader(struct authinfo *authp, struct mbuf *bp)
bp = mbuf_Read(bp, (u_char *)&authp->in.hdr, sizeof authp->in.hdr);
if (len >= ntohs(authp->in.hdr.length))
return bp;
authp->in.hdr.length = htons(0);
log_Printf(LogWARN, "auth_ReadHeader: Short packet (%d > %d) !\n",
ntohs(authp->in.hdr.length), len);
} else
} else {
authp->in.hdr.length = htons(0);
log_Printf(LogWARN, "auth_ReadHeader: Short packet header (%d > %d) !\n",
sizeof authp->in.hdr, len);
}
mbuf_Free(bp);
return NULL;

7
usr.sbin/ppp/chap.c
View file

@ -17,7 +17,7 @@
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $Id: chap.c,v 1.45 1999/02/18 19:11:46 brian Exp $
* $Id: chap.c,v 1.46 1999/02/18 19:45:06 brian Exp $
*
* TODO:
*/
@ -543,8 +543,9 @@ chap_Input(struct physical *p, struct mbuf *bp)
int lanman;
#endif
if ((bp = auth_ReadHeader(&chap->auth, bp)) == NULL)
log_Printf(LogERROR, "Chap Input: Truncated header !\n");
if ((bp = auth_ReadHeader(&chap->auth, bp)) == NULL &&
ntohs(chap->auth.in.hdr.length) == 0)
log_Printf(LogWARN, "Chap Input: Truncated header !\n");
else if (chap->auth.in.hdr.code == 0 || chap->auth.in.hdr.code > MAXCHAPCODE)
log_Printf(LogPHASE, "Chap Input: %d: Bad CHAP code !\n",
chap->auth.in.hdr.code);

7
usr.sbin/ppp/pap.c
View file

@ -18,7 +18,7 @@
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $Id: pap.c,v 1.30 1999/02/02 09:35:17 brian Exp $
* $Id: pap.c,v 1.31 1999/02/06 02:54:47 brian Exp $
*
* TODO:
*/
@ -155,8 +155,11 @@ pap_Input(struct physical *p, struct mbuf *bp)
struct authinfo *authp = &p->dl->pap;
u_char nlen, klen, *key;
if ((bp = auth_ReadHeader(authp, bp)) == NULL)
if ((bp = auth_ReadHeader(authp, bp)) == NULL &&
ntohs(authp->in.hdr.length) == 0) {
log_Printf(LogWARN, "Pap Input: Truncated header !\n");
return;
}
if (authp->in.hdr.code == 0 || authp->in.hdr.code > MAXPAPCODE) {
log_Printf(LogPHASE, "Pap Input: %d: Bad PAP code !\n", authp->in.hdr.code);