From: Alan T. DeKok <aland@freeradius.org>
Date: Wed, 30 Aug 2023 15:09:49 +0000 (-0400)
Subject: don't depend on CHAP length.  Use MD5 length.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f1c9f9c42943b063bdf168dd9cf97a45cfe05767;p=thirdparty%2Ffreeradius-server.git

don't depend on CHAP length.  Use MD5 length.

It's all 16 octets, but this removes an unnecessary dependency
on CHAP
---

diff --git a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c
index 3722ff2d400..0cae0f6ea5e 100644
--- a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c
+++ b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c
@@ -509,20 +509,20 @@ static rlm_rcode_t CC_HINT(nonnull) process_reply(UNUSED eap_session_t *eap_sess
 			/* FIXME must be a better way to capture/re-derive this later for ISK */
 			switch (vp->da->attr) {
 			case FR_MSCHAP_MPPE_SEND_KEY:
-				if (vp->vp_length != RADIUS_CHAP_CHALLENGE_LENGTH) {
+				if (vp->vp_length != MD5_DIGEST_LENGTH) {
 				wrong_length:
 					REDEBUG("Found %s with incorrect length.  Expected %u, got %zu",
-						vp->da->name, RADIUS_CHAP_CHALLENGE_LENGTH, vp->vp_length);
+						vp->da->name, MD5_DIGEST_LENGTH, vp->vp_length);
 					rcode = RLM_MODULE_INVALID;
 					break;
 				}
 
-				memcpy(t->isk.mppe_send, vp->vp_octets, RADIUS_CHAP_CHALLENGE_LENGTH);
+				memcpy(t->isk.mppe_send, vp->vp_octets, MD5_DIGEST_LENGTH);
 				break;
 
 			case FR_MSCHAP_MPPE_RECV_KEY:
-				if (vp->vp_length != RADIUS_CHAP_CHALLENGE_LENGTH) goto wrong_length;
-				memcpy(t->isk.mppe_recv, vp->vp_octets, RADIUS_CHAP_CHALLENGE_LENGTH);
+				if (vp->vp_length != MD5_DIGEST_LENGTH) goto wrong_length;
+				memcpy(t->isk.mppe_recv, vp->vp_octets, MD5_DIGEST_LENGTH);
 				break;
 
 			case FR_MSCHAP2_SUCCESS:
@@ -535,7 +535,7 @@ static rlm_rcode_t CC_HINT(nonnull) process_reply(UNUSED eap_session_t *eap_sess
 				break;
 			}
 		}
-		RHEXDUMP3((uint8_t *)&t->isk, 2 * RADIUS_CHAP_CHALLENGE_LENGTH, "ISK[j]"); /* FIXME (part of above) */
+		RHEXDUMP3((uint8_t *)&t->isk, 2 * MD5_DIGEST_LENGTH, "ISK[j]"); /* FIXME (part of above) */
 		break;
 
 	case FR_RADIUS_CODE_ACCESS_REJECT:
@@ -650,14 +650,14 @@ static fr_radius_packet_code_t eap_fast_eap_payload(request_t *request, eap_sess
 		 */
 		if (t->mode == EAP_FAST_PROVISIONING_ANON) {
 			MEM(tvp = fr_pair_afrom_da(fake, attr_ms_chap_challenge));
-			fr_pair_value_memdup(tvp, t->keyblock->server_challenge, RADIUS_CHAP_CHALLENGE_LENGTH, false);
+			fr_pair_value_memdup(tvp, t->keyblock->server_challenge, MD5_DIGEST_LENGTH, false);
 			fr_pair_append(&fake->control_pairs, tvp);
-			RHEXDUMP3(t->keyblock->server_challenge, RADIUS_CHAP_CHALLENGE_LENGTH, "MSCHAPv2 auth_challenge");
+			RHEXDUMP3(t->keyblock->server_challenge, MD5_DIGEST_LENGTH, "MSCHAPv2 auth_challenge");
 
 			MEM(tvp = fr_pair_afrom_da(fake, attr_ms_chap_peer_challenge));
-			fr_pair_value_memdup(tvp, t->keyblock->client_challenge, RADIUS_CHAP_CHALLENGE_LENGTH, false);
+			fr_pair_value_memdup(tvp, t->keyblock->client_challenge, MD5_DIGEST_LENGTH, false);
 			fr_pair_append(&fake->control_pairs, tvp);
-			RHEXDUMP3(t->keyblock->client_challenge, RADIUS_CHAP_CHALLENGE_LENGTH, "MSCHAPv2 peer_challenge");
+			RHEXDUMP3(t->keyblock->client_challenge, MD5_DIGEST_LENGTH, "MSCHAPv2 peer_challenge");
 		}
 	}
 
diff --git a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.h b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.h
index f649b539d10..d54b0f868ec 100644
--- a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.h
+++ b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.h
@@ -29,6 +29,7 @@ RCSIDH(eap_fast_h, "$Id$")
 
 #include <freeradius-devel/eap/tls.h>
 #include <freeradius-devel/radius/radius.h>
+#include <freeradius-devel/util/chap.h>
 
 #define EAP_FAST_VERSION			1
 
@@ -158,8 +159,8 @@ typedef enum eap_fast_tlv_crypto_binding_tlv_subtype_t {
 /* RFC 5422: Section 3.3 - Key Derivations Used in the EAP-FAST Provisioning Exchange */
 typedef struct {
 	uint8_t	session_key_seed[EAP_FAST_SKS_LEN];
-	uint8_t	server_challenge[RADIUS_CHAP_CHALLENGE_LENGTH];
-	uint8_t	client_challenge[RADIUS_CHAP_CHALLENGE_LENGTH];
+	uint8_t	server_challenge[MD5_DIGEST_LENGTH];
+	uint8_t	client_challenge[MD5_DIGEST_LENGTH];
 } CC_HINT(__packed__) eap_fast_keyblock_t;
 
 typedef struct {
@@ -174,8 +175,8 @@ typedef struct {
 	uint8_t			*cmk;
 	int			imck_count;
 	struct {
-		uint8_t		mppe_send[RADIUS_CHAP_CHALLENGE_LENGTH];
-		uint8_t		mppe_recv[RADIUS_CHAP_CHALLENGE_LENGTH];
+		uint8_t		mppe_send[MD5_DIGEST_LENGTH];
+		uint8_t		mppe_recv[MD5_DIGEST_LENGTH];
 	} CC_HINT(__packed__)	isk;
 	uint8_t			*msk;
 	uint8_t			*emsk;