From: Alan T. DeKok <aland@freeradius.org>
Date: Sun, 11 Aug 2024 20:32:16 +0000 (-0400)
Subject: Revert "don't use packet->vector for CHAP-Challenge"
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c082d8dbcd27f7b634ea576dbdfa3e71c88b648d;p=thirdparty%2Ffreeradius-server.git

Revert "don't use packet->vector for CHAP-Challenge"

This reverts commit 1df03034d952d9fa473fd9da6fae22308945d194.
---

diff --git a/src/modules/rlm_chap/rlm_chap.c b/src/modules/rlm_chap/rlm_chap.c
index 807162a6ba9..770156e5666 100644
--- a/src/modules/rlm_chap/rlm_chap.c
+++ b/src/modules/rlm_chap/rlm_chap.c
@@ -157,12 +157,10 @@ static xlat_action_t xlat_func_chap_password(TALLOC_CTX *ctx, fr_dcursor_t *out,
 	    (env_data->chap_challenge.vb_length >= inst->min_challenge_len)) {
 		challenge = env_data->chap_challenge.vb_octets;
 		challenge_len = env_data->chap_challenge.vb_length;
-
 	} else {
-		if (env_data->chap_challenge.type == FR_TYPE_OCTETS) {
+		if (env_data->chap_challenge.type == FR_TYPE_OCTETS)
 			RWDEBUG("&request.CHAP-Challenge shorter than minimum length (%ld)", inst->min_challenge_len);
-		}
-		challenge = request->packet->data + 4;
+		challenge = request->packet->vector;
 		challenge_len = RADIUS_AUTH_VECTOR_LENGTH;
 	}
 	fr_chap_encode(chap_password, (uint8_t)(fr_rand() & 0xff), challenge, challenge_len,
@@ -204,7 +202,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod
 		RDEBUG2("Creating %s from request authenticator", env_data->chap_challenge_tmpl->name);
 
 		MEM(vp = fr_pair_afrom_da(request->request_ctx, tmpl_attr_tail_da(env_data->chap_challenge_tmpl)));
-		fr_pair_value_memdup(vp, request->packet->data + 4, RADIUS_AUTH_VECTOR_LENGTH, true);
+		fr_pair_value_memdup(vp, request->packet->vector, sizeof(request->packet->vector), true);
 		fr_pair_append(&request->request_pairs, vp);
 	}
 
@@ -290,10 +288,9 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result,
 		challenge = env_data->chap_challenge.vb_octets;
 		challenge_len = env_data->chap_challenge.vb_length;
 	} else {
-		if (env_data->chap_challenge.type == FR_TYPE_OCTETS) {
+		if (env_data->chap_challenge.type == FR_TYPE_OCTETS)
 			RWDEBUG("&request.CHAP-Challenge shorter than minimum length (%ld)", inst->min_challenge_len);
-		}
-		challenge = request->packet->data + 4;
+		challenge = request->packet->vector;
 		challenge_len = RADIUS_AUTH_VECTOR_LENGTH;
 	}
 	fr_chap_encode(pass_str, env_data->chap_password.vb_octets[0], challenge, challenge_len,
@@ -314,8 +311,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result,
 			length = env_data->chap_challenge.vb_length;
 		} else {
 			RDEBUG2("Using challenge from authenticator field");
-			p = request->packet->data + 4;
-			length = RADIUS_AUTH_VECTOR_LENGTH;
+			p = request->packet->vector;
+			length = sizeof(request->packet->vector);
 		}
 
 		RINDENT();
diff --git a/src/modules/rlm_radius/rlm_radius.c b/src/modules/rlm_radius/rlm_radius.c
index e9194571376..8c67924e013 100644
--- a/src/modules/rlm_radius/rlm_radius.c
+++ b/src/modules/rlm_radius/rlm_radius.c
@@ -28,7 +28,6 @@ RCSID("$Id$")
 #include <freeradius-devel/server/modpriv.h>
 #include <freeradius-devel/util/debug.h>
 #include <freeradius-devel/util/dlist.h>
-#include <freeradius-devel/util/chap.h>
 
 #include "rlm_radius.h"
 
@@ -385,7 +384,7 @@ static void radius_fixups(rlm_radius_t const *inst, request_t *request)
 	if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_password) &&
 	    !fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_challenge)) {
 	    	MEM(pair_append_request(&vp, attr_chap_challenge) >= 0);
-		fr_pair_value_memdup(vp, request->packet->data + 4, FR_CHAP_CHALLENGE_LENGTH, true);
+		fr_pair_value_memdup(vp, request->packet->vector, sizeof(request->packet->vector), true);
 	}
 }