From: Nick Porter <nick@portercomputing.co.uk>
Date: Mon, 16 Jun 2025 10:35:56 +0000 (+0100)
Subject: Create CHAP-Challenge attribute if not set
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b1937403bb6a03e535bdbe3fb666c5011318d225;p=thirdparty%2Ffreeradius-server.git

Create CHAP-Challenge attribute if not set

fr_packet_sign() re-calculates the request authenticator, so it can't be
used as CHAP-Challenge
---

diff --git a/src/bin/radclient-ng.c b/src/bin/radclient-ng.c
index 60fc4d04dcc..dfdb57d3f90 100644
--- a/src/bin/radclient-ng.c
+++ b/src/bin/radclient-ng.c
@@ -1004,22 +1004,21 @@ static int send_one_packet(fr_bio_packet_t *client, rc_request_t *request)
 		if ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_password)) != NULL) {
 			uint8_t		buffer[17];
 			fr_pair_t	*challenge;
-			uint8_t	const	*vector;
 
 			/*
-			 *	Use Chap-Challenge pair if present,
-			 *	Request Authenticator otherwise.
+			 *	Use CHAP-Challenge pair if present, otherwise create CHAP-Challenge and
+			 *	populate with current Request Authenticator.
+			 *
+			 *	Request Authenticator is re-calculated by fr_packet_sign
 			 */
 			challenge = fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_challenge);
-			if (challenge && (challenge->vp_length >= 7)) {
-				vector = challenge->vp_octets;
-			} else {
-				vector = request->packet->vector;
+			if (!challenge || (challenge->vp_length < 7)) {
+				pair_update_request(challenge, attr_chap_challenge);
+				fr_pair_value_memdup(challenge, request->packet->vector, RADIUS_AUTH_VECTOR_LENGTH, false);
 			}
 
 			fr_chap_encode(buffer,
-				       fr_rand() & 0xff, vector,
-				       challenge ? challenge->vp_length : RADIUS_AUTH_VECTOR_LENGTH,
+				       fr_rand() & 0xff, challenge->vp_octets, challenge->vp_length,
 				       request->password->vp_strvalue,
 				       request->password->vp_length);
 			fr_pair_value_memdup(vp, buffer, sizeof(buffer), false);
diff --git a/src/bin/radclient.c b/src/bin/radclient.c
index 727d9fef7b7..f67fc443ff8 100644
--- a/src/bin/radclient.c
+++ b/src/bin/radclient.c
@@ -1010,22 +1010,21 @@ static int send_one_packet(rc_request_t *request)
 			if ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_password)) != NULL) {
 				uint8_t		buffer[17];
 				fr_pair_t	*challenge;
-				uint8_t	const	*vector;
 
 				/*
-				 *	Use Chap-Challenge pair if present,
-				 *	Request Authenticator otherwise.
+				 *	Use CHAP-Challenge pair if present, otherwise create CHAP-Challenge and
+				 *	populate with current Request Authenticator.
+				 *
+				 *	Request Authenticator is re-calculated by fr_packet_sign
 				 */
 				challenge = fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_challenge);
-				if (challenge && (challenge->vp_length >= 7)) {
-					vector = challenge->vp_octets;
-				} else {
-					vector = request->packet->vector;
+				if (!challenge || (challenge->vp_length < 7)) {
+					pair_update_request(challenge, attr_chap_challenge);
+					fr_pair_value_memdup(challenge, request->packet->vector, RADIUS_AUTH_VECTOR_LENGTH, false);
 				}
 
 				fr_chap_encode(buffer,
-					       fr_rand() & 0xff, vector,
-					       challenge ? challenge->vp_length : RADIUS_AUTH_VECTOR_LENGTH,
+					       fr_rand() & 0xff, challenge->vp_octets, challenge->vp_length,
 					       request->password->vp_strvalue,
 					       request->password->vp_length);
 				fr_pair_value_memdup(vp, buffer, sizeof(buffer), false);