make_passwd: only use 'inlen' bytes of the input string

In some situations (at least a roundtrip through the rlm_perl module)
the User-Password value pair can have extra non-null bytes at the end
so that strlen(vp->data.strvalue) > vp->length.

These extra bytes shold not be used by make_passwd to construct the
Message-Authenticator, so copy just 'inlen' bytes of the input string
before rounding up the length.

diff --git a/src/lib/radius.c b/src/lib/radius.c
index 679e2aeafd4bca612ec7cd9aebe85b809f41ce34..b49f0df2b1a632a1ec588531d65fc2ed77d23aff 100644 (file)
--- a/src/lib/radius.c
+++ b/src/lib/radius.c
@@ -438,10 +438,15 @@ static void make_passwd(uint8_t *output, int *outlen,
         *      If the length is zero, round it up.
         */
        len = inlen;
+
+       if (len > MAX_PASS_LEN) len = MAX_PASS_LEN;
+
+       memcpy(passwd, input, len);
+       memset(passwd + len, 0, sizeof(passwd) - len);
+
        if (len == 0) {
                len = AUTH_PASS_LEN;
        }
-       else if (len > MAX_PASS_LEN) len = MAX_PASS_LEN;
 
        else if ((len & 0x0f) != 0) {
                len += 0x0f;
@@ -449,9 +454,6 @@ static void make_passwd(uint8_t *output, int *outlen,
        }
        *outlen = len;
 
-       memcpy(passwd, input, len);
-       memset(passwd + len, 0, sizeof(passwd) - len);
-
        fr_MD5Init(&context);
        fr_MD5Update(&context, (const uint8_t *) secret, strlen(secret));
        old = context;