Revert "don't use packet->vector for CHAP-Challenge"

author Alan T. DeKok <aland@freeradius.org>

Sun, 11 Aug 2024 20:32:16 +0000 (16:32 -0400)

committer Alan T. DeKok <aland@freeradius.org>

Sun, 11 Aug 2024 20:32:16 +0000 (16:32 -0400)
author Alan T. DeKok <aland@freeradius.org>
Sun, 11 Aug 2024 20:32:16 +0000 (16:32 -0400)
committer Alan T. DeKok <aland@freeradius.org>
Sun, 11 Aug 2024 20:32:16 +0000 (16:32 -0400)
diff --git a/src/modules/rlm_chap/rlm_chap.c b/src/modules/rlm_chap/rlm_chap.c

index 807162a6ba960e4e0f52663e7fc91912e8aa1fb0..770156e5666917114753a2976460ecd582b8837c 100644 (file)
--- a/src/modules/rlm_chap/rlm_chap.c
+++ b/src/modules/rlm_chap/rlm_chap.c
@@ -157,12 +157,10 @@ static xlat_action_t xlat_func_chap_password(TALLOC_CTX *ctx, fr_dcursor_t *out,
             (env_data->chap_challenge.vb_length >= inst->min_challenge_len)) {
                 challenge = env_data->chap_challenge.vb_octets;
                 challenge_len = env_data->chap_challenge.vb_length;
-
         } else {
-               if (env_data->chap_challenge.type == FR_TYPE_OCTETS) {
+               if (env_data->chap_challenge.type == FR_TYPE_OCTETS)
                         RWDEBUG("&request.CHAP-Challenge shorter than minimum length (%ld)", inst->min_challenge_len);
-               }
-               challenge = request->packet->data + 4;
+               challenge = request->packet->vector;
                 challenge_len = RADIUS_AUTH_VECTOR_LENGTH;
         }
         fr_chap_encode(chap_password, (uint8_t)(fr_rand() & 0xff), challenge, challenge_len,
@@ -204,7 +202,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod
                 RDEBUG2("Creating %s from request authenticator", env_data->chap_challenge_tmpl->name);
  
                 MEM(vp = fr_pair_afrom_da(request->request_ctx, tmpl_attr_tail_da(env_data->chap_challenge_tmpl)));
-               fr_pair_value_memdup(vp, request->packet->data + 4, RADIUS_AUTH_VECTOR_LENGTH, true);
+               fr_pair_value_memdup(vp, request->packet->vector, sizeof(request->packet->vector), true);
                 fr_pair_append(&request->request_pairs, vp);
         }
  
@@ -290,10 +288,9 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result,
                 challenge = env_data->chap_challenge.vb_octets;
                 challenge_len = env_data->chap_challenge.vb_length;
         } else {
-               if (env_data->chap_challenge.type == FR_TYPE_OCTETS) {
+               if (env_data->chap_challenge.type == FR_TYPE_OCTETS)
                         RWDEBUG("&request.CHAP-Challenge shorter than minimum length (%ld)", inst->min_challenge_len);
-               }
-               challenge = request->packet->data + 4;
+               challenge = request->packet->vector;
                 challenge_len = RADIUS_AUTH_VECTOR_LENGTH;
         }
         fr_chap_encode(pass_str, env_data->chap_password.vb_octets[0], challenge, challenge_len,
@@ -314,8 +311,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result,
                         length = env_data->chap_challenge.vb_length;
                 } else {
                         RDEBUG2("Using challenge from authenticator field");
-                       p = request->packet->data + 4;
-                       length = RADIUS_AUTH_VECTOR_LENGTH;
+                       p = request->packet->vector;
+                       length = sizeof(request->packet->vector);
                 }
  
                 RINDENT();
diff --git a/src/modules/rlm_radius/rlm_radius.c b/src/modules/rlm_radius/rlm_radius.c

index e91945713762de0b766dab8d1ca21b4a864c3567..8c67924e0135b05aef61758c0f78f49f72468782 100644 (file)
--- a/src/modules/rlm_radius/rlm_radius.c
+++ b/src/modules/rlm_radius/rlm_radius.c
@@ -28,7 +28,6 @@ RCSID("$Id$")
  #include <freeradius-devel/server/modpriv.h>
  #include <freeradius-devel/util/debug.h>
  #include <freeradius-devel/util/dlist.h>
-#include <freeradius-devel/util/chap.h>
  
  #include "rlm_radius.h"
  
@@ -385,7 +384,7 @@ static void radius_fixups(rlm_radius_t const *inst, request_t *request)
         if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_password) &&
             !fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_challenge)) {
                 MEM(pair_append_request(&vp, attr_chap_challenge) >= 0);
-               fr_pair_value_memdup(vp, request->packet->data + 4, FR_CHAP_CHALLENGE_LENGTH, true);
+               fr_pair_value_memdup(vp, request->packet->vector, sizeof(request->packet->vector), true);
         }
  }
author	Alan T. DeKok <aland@freeradius.org>
	Sun, 11 Aug 2024 20:32:16 +0000 (16:32 -0400)
committer	Alan T. DeKok <aland@freeradius.org>
	Sun, 11 Aug 2024 20:32:16 +0000 (16:32 -0400)
src/modules/rlm_chap/rlm_chap.c		patch \| blob \| blame \| history
src/modules/rlm_radius/rlm_radius.c		patch \| blob \| blame \| history