d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't trust the MPPE key lengths passed back from the RADIUS server.

Browse Source 
Instead, use the correct values based on the number of bits actually
negotiated.

Spotted by: Sergey Korolew <ds@rt.balakovo.ru>
This commit is contained in:
Brian Somers 2002-07-02 00:47:24 +00:00
parent e0efa79664
commit 3285bb3c97
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
usr.sbin/ppp/mppe.c
View File

@ -691,7 +691,8 @@ MPPEInitInput(struct bundle *bundle, struct fsm_opt *o)
#ifndef NORADIUS
if (*bundle->radius.cfg.file && bundle->radius.mppe.recvkey) {
mip->keylen = bundle->radius.mppe.recvkeylen;
if (mip->keylen > bundle->radius.mppe.recvkeylen)
mip->keylen = bundle->radius.mppe.recvkeylen;
if (mip->keylen > sizeof mip->mastkey)
mip->keylen = sizeof mip->mastkey;
memcpy(mip->mastkey, bundle->radius.mppe.recvkey, mip->keylen);
@ -746,7 +747,8 @@ MPPEInitOutput(struct bundle *bundle, struct fsm_opt *o)
#ifndef NORADIUS
if (*bundle->radius.cfg.file && bundle->radius.mppe.sendkey) {
mop->keylen = bundle->radius.mppe.sendkeylen;
if (mop->keylen > bundle->radius.mppe.sendkeylen)
mop->keylen = bundle->radius.mppe.sendkeylen;
if (mop->keylen > sizeof mop->mastkey)
mop->keylen = sizeof mop->mastkey;
memcpy(mop->mastkey, bundle->radius.mppe.sendkey, mop->keylen);