d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add a hack to handle RADIUS responses from peers that forget that

Browse Source 
there's an ``Ident'' field in the MS-CHAP2-Response and
MS-CHAP-Error attributes.

The RADIATOR server seems to be guilty of this.
This commit is contained in:
Brian Somers 2002-06-23 23:38:06 +00:00
parent 2f384b348a
commit 99cfc2e2b2
1 changed files with 20 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
usr.sbin/ppp/radius.c
View File

@ -419,8 +419,16 @@ radius_Process(struct radius *r, int got)
if (len == 0)
r->errstr = NULL;
else {
if ((r->errstr = rad_cvt_string((const char *)data + 1,
len - 1)) == NULL) {
if (len < 3 || ((const char *)data)[1] != '=') {
/*
* Only point at the String field if we don't think the
* peer has misformatted the response.
*/
((const char *)data)++;
len--;
}
if ((r->errstr = rad_cvt_string((const char *)data,
len)) == NULL) {
log_Printf(LogERROR, "rad_cvt_string: %s\n",
rad_strerror(r->cx.rad));
auth_Failure(r->cx.auth);
@ -436,8 +444,16 @@ radius_Process(struct radius *r, int got)
if (len == 0)
r->msrepstr = NULL;
else {
if ((r->msrepstr = rad_cvt_string((const char *)data + 1,
len - 1)) == NULL) {
if (len < 3 || ((const char *)data)[1] != '=') {
/*
* Only point at the String field if we don't think the
* peer has misformatted the response.
*/
((const char *)data)++;
len--;
}
if ((r->msrepstr = rad_cvt_string((const char *)data,
len)) == NULL) {
log_Printf(LogERROR, "rad_cvt_string: %s\n",
rad_strerror(r->cx.rad));
auth_Failure(r->cx.auth);