Add vector_len to fr_radius_encode_chap_password

author Nick Porter <nick@portercomputing.co.uk>

Wed, 30 Aug 2023 08:22:14 +0000 (09:22 +0100)

committer Nick Porter <nick@portercomputing.co.uk>

Wed, 30 Aug 2023 08:22:14 +0000 (09:22 +0100)
author Nick Porter <nick@portercomputing.co.uk>
Wed, 30 Aug 2023 08:22:14 +0000 (09:22 +0100)
committer Nick Porter <nick@portercomputing.co.uk>
Wed, 30 Aug 2023 08:22:14 +0000 (09:22 +0100)
diff --git a/src/bin/radclient.c b/src/bin/radclient.c

index 3f0db6b495b1714863c8757cc92cc79c428602c6..6efb74fb601a6f5de5a9dcd26777e9c0ab4be905 100644 (file)
--- a/src/bin/radclient.c
+++ b/src/bin/radclient.c
@@ -1052,7 +1052,7 @@ static int send_one_packet(rc_request_t *request)
                                 }
  
                                 fr_radius_encode_chap_password(buffer,
-                                                              fr_rand() & 0xff, vector,
+                                                              fr_rand() & 0xff, vector, RADIUS_AUTH_VECTOR_LENGTH,
                                                                request->password->vp_strvalue,
                                                                request->password->vp_length);
                                 fr_pair_value_memdup(vp, buffer, sizeof(buffer), false);
diff --git a/src/modules/rlm_chap/rlm_chap.c b/src/modules/rlm_chap/rlm_chap.c

index 2c6aa0bacd3543003df7afb0eea951cc7748b311..b504f72f38bd8520d711332d99cea05e911820d8 100644 (file)
--- a/src/modules/rlm_chap/rlm_chap.c
+++ b/src/modules/rlm_chap/rlm_chap.c
@@ -97,7 +97,7 @@ static xlat_action_t xlat_func_chap_password(TALLOC_CTX *ctx, fr_dcursor_t *out,
         } else {
                 vector = request->packet->vector;
         }
-       fr_radius_encode_chap_password(chap_password, (uint8_t)(fr_rand() & 0xff), vector,
+       fr_radius_encode_chap_password(chap_password, (uint8_t)(fr_rand() & 0xff), vector, RADIUS_AUTH_VECTOR_LENGTH,
                                        in_head->vb_strvalue, in_head->vb_length);
  
         MEM(vb = fr_value_box_alloc_null(ctx));
@@ -224,7 +224,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result,
         } else {
                 vector = request->packet->vector;
         }
-       fr_radius_encode_chap_password(pass_str, chap->vp_octets[0], vector,
+       fr_radius_encode_chap_password(pass_str, chap->vp_octets[0], vector, RADIUS_AUTH_VECTOR_LENGTH,
                                        known_good->vp_strvalue, known_good->vp_length);
  
         /*
diff --git a/src/protocols/radius/encode.c b/src/protocols/radius/encode.c

index db8d13c7e70ede8e1e6a3002630e5c6ba48c3be0..b6c813e271559d392ddd425965f0e85f6d67d6bc 100644 (file)
--- a/src/protocols/radius/encode.c
+++ b/src/protocols/radius/encode.c
@@ -46,11 +46,12 @@ static ssize_t encode_child(fr_dbuff_t *dbuff,
   * @param[out] out             An output buffer of 17 bytes (id + digest).
   * @param[in] id               CHAP ID, a random ID for request/response matching.
   * @param[in] vector           from the original packet or challenge attribute.
+ * @param[in] vector_len       Length of the vector.
   * @param[in] password         Input password to hash.
   * @param[in] password_len     Length of input password.
   */
  void fr_radius_encode_chap_password(uint8_t out[static 1 + RADIUS_CHAP_CHALLENGE_LENGTH],
-                                   uint8_t id, uint8_t const vector[static RADIUS_AUTH_VECTOR_LENGTH],
+                                   uint8_t id, uint8_t const *vector, size_t vector_len,
                                     char const *password, size_t password_len)
  {
         fr_md5_ctx_t    *md5_ctx;
@@ -63,7 +64,7 @@ void fr_radius_encode_chap_password(uint8_t out[static 1 + RADIUS_CHAP_CHALLENGE
         fr_md5_update(md5_ctx, (uint8_t const *)&id, 1);
         fr_md5_update(md5_ctx, (uint8_t const *)password, password_len);
  
-       fr_md5_update(md5_ctx, vector, RADIUS_AUTH_VECTOR_LENGTH);
+       fr_md5_update(md5_ctx, vector, vector_len);
         out[0] = id;
         fr_md5_final(out + 1, md5_ctx);
         fr_md5_ctx_free_from_list(&md5_ctx);
diff --git a/src/protocols/radius/radius.h b/src/protocols/radius/radius.h

index e92cb7216b69ed1e89facc012e1ac5ce350e8d6e..11817b969abcde60a9a4299c0baef9b812aa1b94 100644 (file)
--- a/src/protocols/radius/radius.h
+++ b/src/protocols/radius/radius.h
@@ -191,8 +191,8 @@ ssize_t             fr_radius_decode_abinary(fr_pair_t *vp, uint8_t const *data, size_t dat
   *     protocols/radius/encode.c
   */
  void           fr_radius_encode_chap_password(uint8_t out[static 1 + RADIUS_CHAP_CHALLENGE_LENGTH],
-                                              uint8_t id, uint8_t const vector[static RADIUS_AUTH_VECTOR_LENGTH],
-                                              char const *password, size_t password_len) CC_HINT(nonnull(1,3,4));
+                                              uint8_t id, uint8_t const *vector, size_t vector_len,
+                                              char const *password, size_t password_len) CC_HINT(nonnull(1,3,5));
  
  ssize_t                fr_radius_encode_pair(fr_dbuff_t *dbuff, fr_dcursor_t *cursor, void *encode_ctx);
author	Nick Porter <nick@portercomputing.co.uk>
	Wed, 30 Aug 2023 08:22:14 +0000 (09:22 +0100)
committer	Nick Porter <nick@portercomputing.co.uk>
	Wed, 30 Aug 2023 08:22:14 +0000 (09:22 +0100)
src/bin/radclient.c		patch \| blob \| blame \| history
src/modules/rlm_chap/rlm_chap.c		patch \| blob \| blame \| history
src/protocols/radius/encode.c		patch \| blob \| blame \| history
src/protocols/radius/radius.h		patch \| blob \| blame \| history