diff options
Diffstat (limited to 'nonworking/ppp')
-rw-r--r-- | nonworking/ppp/ppp/mppe-signed.patch | 284 |
1 files changed, 284 insertions, 0 deletions
diff --git a/nonworking/ppp/ppp/mppe-signed.patch b/nonworking/ppp/ppp/mppe-signed.patch index e69de29bb2..3ba4e42adb 100644 --- a/nonworking/ppp/ppp/mppe-signed.patch +++ b/nonworking/ppp/ppp/mppe-signed.patch @@ -0,0 +1,284 @@ + +# +# Patch managed by http://www.holgerschurig.de/patcher.html +# + +--- ppp/pppd/chap_ms.h~mppe-signed ++++ ppp/pppd/chap_ms.h +@@ -2,6 +2,7 @@ + * chap_ms.h - Challenge Handshake Authentication Protocol definitions. + * + * Copyright (c) 1995 Eric Rosenquist. All rights reserved. ++ * Copyright (c) 2004 Holger Hans Peter Freyther <freyther@inf.fu-berlin.de> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions +--- ppp/pppd/chap_ms.c~mppe-signed ++++ ppp/pppd/chap_ms.c +@@ -2,6 +2,7 @@ + * chap_ms.c - Microsoft MS-CHAP compatible implementation. + * + * Copyright (c) 1995 Eric Rosenquist. All rights reserved. ++ * Copyright (c) 2004 Holger Hans Peter Freyther <freyther@inf.fu-berlin.de> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions +@@ -110,12 +111,12 @@ + static const char rcsid[] = RCSID; + + +-static void ChallengeHash __P((u_char[16], u_char *, char *, u_char[8])); +-static void ascii2unicode __P((char[], int, u_char[])); +-static void NTPasswordHash __P((char *, int, u_char[MD4_SIGNATURE_SIZE])); ++static void ChallengeHash __P((u_char[16], u_char *, u_char *, u_char[8])); ++static void ascii2unicode __P((u_char[], int, u_char[])); ++static void NTPasswordHash __P((u_char *, int, u_char[MD4_SIGNATURE_SIZE])); + static void ChallengeResponse __P((u_char *, u_char *, u_char[24])); + static void ChapMS_NT __P((u_char *, char *, int, u_char[24])); +-static void ChapMS2_NT __P((char *, u_char[16], char *, char *, int, ++static void ChapMS2_NT __P((u_char *, u_char[16], char *, char *, int, + u_char[24])); + static void GenerateAuthenticatorResponse __P((char*, int, u_char[24], + u_char[16], u_char *, +@@ -126,7 +127,7 @@ + + #ifdef MPPE + static void Set_Start_Key __P((u_char *, char *, int)); +-static void SetMasterKeys __P((char *, int, u_char[24], int)); ++static void SetMasterKeys __P((u_char *, int, u_char[24], int)); + #endif + + #ifdef MSLANMAN +@@ -224,7 +225,7 @@ + #endif + + /* Generate the expected response. */ +- ChapMS(challenge, (char *)secret, secret_len, &md); ++ ChapMS(challenge, secret, secret_len, &md); + + #ifdef MSLANMAN + /* Determine which part of response to verify against */ +@@ -255,9 +256,10 @@ + { + MS_Chap2Response *rmd; + MS_Chap2Response md; +- char saresponse[MS_AUTH_RESPONSE_LENGTH+1]; ++ u_char saresponse[MS_AUTH_RESPONSE_LENGTH+1]; + int challenge_len, response_len; + ++ BZERO(&md,sizeof(md)); + challenge_len = *challenge++; /* skip length, is 16 */ + response_len = *response++; + if (response_len != MS_CHAP2_RESPONSE_LEN) +@@ -267,8 +269,8 @@ + + /* Generate the expected response and our mutual auth. */ + ChapMS2(challenge, rmd->PeerChallenge, name, +- (char *)secret, secret_len, &md, +- (unsigned char *)saresponse, MS_CHAP2_AUTHENTICATOR); ++ secret, secret_len, &md, ++ saresponse, MS_CHAP2_AUTHENTICATOR); + + /* compare MDs and send the appropriate status */ + /* +@@ -341,8 +343,13 @@ + unsigned char *challenge, char *secret, int secret_len, + unsigned char *private) + { ++ MS_Chap2Response resp; + challenge++; /* skip length, should be 16 */ + *response++ = MS_CHAP2_RESPONSE_LEN; ++ ++ BZERO(&resp,sizeof(resp)); /* initialize */ ++ ++ + ChapMS2(challenge, + #ifdef DEBUGMPPEKEY + mschap2_peer_challenge, +@@ -350,15 +357,18 @@ + NULL, + #endif + our_name, secret, secret_len, +- (MS_Chap2Response *) response, private, ++ &resp, private, + MS_CHAP2_AUTHENTICATEE); ++ ++ /* Copy the response back */ ++ BCOPY(&resp,response,MS_CHAP2_RESPONSE_LEN); + } + + static int + chapms2_check_success(unsigned char *msg, int len, unsigned char *private) + { + if ((len < MS_AUTH_RESPONSE_LENGTH + 2) || +- strncmp((char *)msg, "S=", 2) != 0) { ++ strncmp((char*)msg, "S=", 2) != 0) { + /* Packet does not start with "S=" */ + error("MS-CHAPv2 Success packet is badly formed."); + return 0; +@@ -484,8 +494,8 @@ + + static void + ChallengeHash(u_char PeerChallenge[16], u_char *rchallenge, +- char *username, u_char Challenge[8]) +- ++ u_char *username, u_char Challenge[8]) ++ + { + SHA1_CTX sha1Context; + u_char sha1Hash[SHA1_SIGNATURE_SIZE]; +@@ -500,7 +510,7 @@ + SHA1_Init(&sha1Context); + SHA1_Update(&sha1Context, PeerChallenge, 16); + SHA1_Update(&sha1Context, rchallenge, 16); +- SHA1_Update(&sha1Context, (unsigned char *)user, strlen(user)); ++ SHA1_Update(&sha1Context, user, strlen(user)); + SHA1_Final(sha1Hash, &sha1Context); + + BCOPY(sha1Hash, Challenge, 8); +@@ -514,17 +524,17 @@ + * is machine-dependent.) + */ + static void +-ascii2unicode(char ascii[], int ascii_len, u_char unicode[]) ++ascii2unicode(u_char ascii[], int ascii_len, u_char unicode[]) + { + int i; + + BZERO(unicode, ascii_len * 2); + for (i = 0; i < ascii_len; i++) +- unicode[i * 2] = (u_char) ascii[i]; ++ unicode[i * 2] = ascii[i]; + } + + static void +-NTPasswordHash(char *secret, int secret_len, u_char hash[MD4_SIGNATURE_SIZE]) ++NTPasswordHash(u_char *secret, int secret_len, u_char hash[MD4_SIGNATURE_SIZE]) + { + #if defined __NetBSD__ || defined USE_OPENSSL + /* NetBSD uses the libc md4 routines which take bytes instead of bits */ +@@ -535,7 +545,7 @@ + MD4_CTX md4Context; + + MD4Init(&md4Context); +- MD4Update(&md4Context, (unsigned char *)secret, mdlen); ++ MD4Update(&md4Context, secret, mdlen); + MD4Final(hash, &md4Context); + + } +@@ -549,25 +559,25 @@ + + /* Hash the Unicode version of the secret (== password). */ + ascii2unicode(secret, secret_len, unicodePassword); +- NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash); ++ NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); + + ChallengeResponse(rchallenge, PasswordHash, NTResponse); + } + + static void +-ChapMS2_NT(char *rchallenge, u_char PeerChallenge[16], char *username, ++ChapMS2_NT(u_char *rchallenge, u_char PeerChallenge[16], char *username, + char *secret, int secret_len, u_char NTResponse[24]) + { + u_char unicodePassword[MAX_NT_PASSWORD * 2]; + u_char PasswordHash[MD4_SIGNATURE_SIZE]; + u_char Challenge[8]; + +- ChallengeHash(PeerChallenge, (unsigned char *)rchallenge, username, ++ ChallengeHash(PeerChallenge, rchallenge, username, + Challenge); + + /* Hash the Unicode version of the secret (== password). */ + ascii2unicode(secret, secret_len, unicodePassword); +- NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash); ++ NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); + + ChallengeResponse(Challenge, PasswordHash, NTResponse); + } +@@ -627,8 +637,8 @@ + + /* Hash (x2) the Unicode version of the secret (== password). */ + ascii2unicode(secret, secret_len, unicodePassword); +- NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash); +- NTPasswordHash((char *)PasswordHash, sizeof(PasswordHash), ++ NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); ++ NTPasswordHash(PasswordHash, sizeof(PasswordHash), + PasswordHashHash); + + SHA1_Init(&sha1Context); +@@ -647,7 +657,7 @@ + + /* Convert to ASCII hex string. */ + for (i = 0; i < MAX((MS_AUTH_RESPONSE_LENGTH / 2), sizeof(Digest)); i++) +- sprintf((char *)&authResponse[i * 2], "%02X", Digest[i]); ++ sprintf(&authResponse[i * 2], "%02X", Digest[i]); + } + + +@@ -695,7 +705,7 @@ + * Set mppe_xxxx_key from MS-CHAPv2 credentials. (see RFC 3079) + */ + static void +-SetMasterKeys(char *secret, int secret_len, u_char NTResponse[24], int IsServer) ++SetMasterKeys(u_char *secret, int secret_len, u_char NTResponse[24], int IsServer) + { + SHA1_CTX sha1Context; + u_char unicodePassword[MAX_NT_PASSWORD * 2]; +@@ -832,36 +842,44 @@ + */ + void + ChapMS2(u_char *rchallenge, u_char *PeerChallenge, +- char *user, char *secret, int secret_len, MS_Chap2Response *response, ++ char *user, char *secret, int secret_len, MS_Chap2Response *_response, + u_char authResponse[], int authenticator) + { ++ + /* ARGSUSED */ +- u_char *p = response->PeerChallenge; ++ u_char resp[16]; ++ u_char ntresp[24]; + int i; + +- BZERO(response, sizeof(*response)); ++ /* initialize the strings */ ++ BZERO(resp, sizeof(resp)); ++ BZERO(ntresp, sizeof(ntresp)); + + /* Generate the Peer-Challenge if requested, or copy it if supplied. */ + if (!PeerChallenge) +- for (i = 0; i < sizeof(response->PeerChallenge); i++) +- *p++ = (u_char) (drand48() * 0xff); ++ for (i = 0; i < 16; i++) ++ resp[i] = (u_char) (drand48() * 0xff); + else +- BCOPY(PeerChallenge, response->PeerChallenge, +- sizeof(response->PeerChallenge)); ++ BCOPY(PeerChallenge, resp, ++ sizeof(resp)); + + /* Generate the NT-Response */ +- ChapMS2_NT((char *)rchallenge, response->PeerChallenge, user, +- secret, secret_len, response->NTResp); ++ ChapMS2_NT(rchallenge, resp, user, ++ secret, secret_len, ntresp); + + /* Generate the Authenticator Response. */ +- GenerateAuthenticatorResponse(secret, secret_len, response->NTResp, +- response->PeerChallenge, rchallenge, ++ GenerateAuthenticatorResponse(secret, secret_len, ntresp, ++ resp, rchallenge, + user, authResponse); + + #ifdef MPPE +- SetMasterKeys(secret, secret_len, response->NTResp, authenticator); ++ SetMasterKeys(secret, secret_len, ntresp, authenticator); + mppe_keys_set = 1; + #endif ++ ++ /* Copy the strings back */ ++ BCOPY(resp,_response->PeerChallenge,sizeof(_response->PeerChallenge)); ++ BCOPY(ntresp,_response->NTResp,sizeof(_response->NTResp)); + } + + #ifdef MPPE |