1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
|
#
# Patch managed by http://www.holgerschurig.de/patcher.html
#
--- ppp/pppd/chap_ms.h~mppe-signed
+++ ppp/pppd/chap_ms.h
@@ -2,6 +2,7 @@
* chap_ms.h - Challenge Handshake Authentication Protocol definitions.
*
* Copyright (c) 1995 Eric Rosenquist. All rights reserved.
+ * Copyright (c) 2004 Holger Hans Peter Freyther <freyther@inf.fu-berlin.de>
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
--- ppp/pppd/chap_ms.c~mppe-signed
+++ ppp/pppd/chap_ms.c
@@ -2,6 +2,7 @@
* chap_ms.c - Microsoft MS-CHAP compatible implementation.
*
* Copyright (c) 1995 Eric Rosenquist. All rights reserved.
+ * Copyright (c) 2004 Holger Hans Peter Freyther <freyther@inf.fu-berlin.de>
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -110,12 +111,12 @@
static const char rcsid[] = RCSID;
-static void ChallengeHash __P((u_char[16], u_char *, char *, u_char[8]));
-static void ascii2unicode __P((char[], int, u_char[]));
-static void NTPasswordHash __P((char *, int, u_char[MD4_SIGNATURE_SIZE]));
+static void ChallengeHash __P((u_char[16], u_char *, u_char *, u_char[8]));
+static void ascii2unicode __P((u_char[], int, u_char[]));
+static void NTPasswordHash __P((u_char *, int, u_char[MD4_SIGNATURE_SIZE]));
static void ChallengeResponse __P((u_char *, u_char *, u_char[24]));
static void ChapMS_NT __P((u_char *, char *, int, u_char[24]));
-static void ChapMS2_NT __P((char *, u_char[16], char *, char *, int,
+static void ChapMS2_NT __P((u_char *, u_char[16], char *, char *, int,
u_char[24]));
static void GenerateAuthenticatorResponse __P((char*, int, u_char[24],
u_char[16], u_char *,
@@ -126,7 +127,7 @@
#ifdef MPPE
static void Set_Start_Key __P((u_char *, char *, int));
-static void SetMasterKeys __P((char *, int, u_char[24], int));
+static void SetMasterKeys __P((u_char *, int, u_char[24], int));
#endif
#ifdef MSLANMAN
@@ -224,7 +225,7 @@
#endif
/* Generate the expected response. */
- ChapMS(challenge, (char *)secret, secret_len, &md);
+ ChapMS(challenge, secret, secret_len, &md);
#ifdef MSLANMAN
/* Determine which part of response to verify against */
@@ -255,9 +256,10 @@
{
MS_Chap2Response *rmd;
MS_Chap2Response md;
- char saresponse[MS_AUTH_RESPONSE_LENGTH+1];
+ u_char saresponse[MS_AUTH_RESPONSE_LENGTH+1];
int challenge_len, response_len;
+ BZERO(&md,sizeof(md));
challenge_len = *challenge++; /* skip length, is 16 */
response_len = *response++;
if (response_len != MS_CHAP2_RESPONSE_LEN)
@@ -267,8 +269,8 @@
/* Generate the expected response and our mutual auth. */
ChapMS2(challenge, rmd->PeerChallenge, name,
- (char *)secret, secret_len, &md,
- (unsigned char *)saresponse, MS_CHAP2_AUTHENTICATOR);
+ secret, secret_len, &md,
+ saresponse, MS_CHAP2_AUTHENTICATOR);
/* compare MDs and send the appropriate status */
/*
@@ -341,8 +343,13 @@
unsigned char *challenge, char *secret, int secret_len,
unsigned char *private)
{
+ MS_Chap2Response resp;
challenge++; /* skip length, should be 16 */
*response++ = MS_CHAP2_RESPONSE_LEN;
+
+ BZERO(&resp,sizeof(resp)); /* initialize */
+
+
ChapMS2(challenge,
#ifdef DEBUGMPPEKEY
mschap2_peer_challenge,
@@ -350,15 +357,18 @@
NULL,
#endif
our_name, secret, secret_len,
- (MS_Chap2Response *) response, private,
+ &resp, private,
MS_CHAP2_AUTHENTICATEE);
+
+ /* Copy the response back */
+ BCOPY(&resp,response,MS_CHAP2_RESPONSE_LEN);
}
static int
chapms2_check_success(unsigned char *msg, int len, unsigned char *private)
{
if ((len < MS_AUTH_RESPONSE_LENGTH + 2) ||
- strncmp((char *)msg, "S=", 2) != 0) {
+ strncmp((char*)msg, "S=", 2) != 0) {
/* Packet does not start with "S=" */
error("MS-CHAPv2 Success packet is badly formed.");
return 0;
@@ -484,8 +494,8 @@
static void
ChallengeHash(u_char PeerChallenge[16], u_char *rchallenge,
- char *username, u_char Challenge[8])
-
+ u_char *username, u_char Challenge[8])
+
{
SHA1_CTX sha1Context;
u_char sha1Hash[SHA1_SIGNATURE_SIZE];
@@ -500,7 +510,7 @@
SHA1_Init(&sha1Context);
SHA1_Update(&sha1Context, PeerChallenge, 16);
SHA1_Update(&sha1Context, rchallenge, 16);
- SHA1_Update(&sha1Context, (unsigned char *)user, strlen(user));
+ SHA1_Update(&sha1Context, user, strlen(user));
SHA1_Final(sha1Hash, &sha1Context);
BCOPY(sha1Hash, Challenge, 8);
@@ -514,17 +524,17 @@
* is machine-dependent.)
*/
static void
-ascii2unicode(char ascii[], int ascii_len, u_char unicode[])
+ascii2unicode(u_char ascii[], int ascii_len, u_char unicode[])
{
int i;
BZERO(unicode, ascii_len * 2);
for (i = 0; i < ascii_len; i++)
- unicode[i * 2] = (u_char) ascii[i];
+ unicode[i * 2] = ascii[i];
}
static void
-NTPasswordHash(char *secret, int secret_len, u_char hash[MD4_SIGNATURE_SIZE])
+NTPasswordHash(u_char *secret, int secret_len, u_char hash[MD4_SIGNATURE_SIZE])
{
#if defined __NetBSD__ || defined USE_OPENSSL
/* NetBSD uses the libc md4 routines which take bytes instead of bits */
@@ -535,7 +545,7 @@
MD4_CTX md4Context;
MD4Init(&md4Context);
- MD4Update(&md4Context, (unsigned char *)secret, mdlen);
+ MD4Update(&md4Context, secret, mdlen);
MD4Final(hash, &md4Context);
}
@@ -549,25 +559,25 @@
/* Hash the Unicode version of the secret (== password). */
ascii2unicode(secret, secret_len, unicodePassword);
- NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash);
+ NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash);
ChallengeResponse(rchallenge, PasswordHash, NTResponse);
}
static void
-ChapMS2_NT(char *rchallenge, u_char PeerChallenge[16], char *username,
+ChapMS2_NT(u_char *rchallenge, u_char PeerChallenge[16], char *username,
char *secret, int secret_len, u_char NTResponse[24])
{
u_char unicodePassword[MAX_NT_PASSWORD * 2];
u_char PasswordHash[MD4_SIGNATURE_SIZE];
u_char Challenge[8];
- ChallengeHash(PeerChallenge, (unsigned char *)rchallenge, username,
+ ChallengeHash(PeerChallenge, rchallenge, username,
Challenge);
/* Hash the Unicode version of the secret (== password). */
ascii2unicode(secret, secret_len, unicodePassword);
- NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash);
+ NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash);
ChallengeResponse(Challenge, PasswordHash, NTResponse);
}
@@ -627,8 +637,8 @@
/* Hash (x2) the Unicode version of the secret (== password). */
ascii2unicode(secret, secret_len, unicodePassword);
- NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash);
- NTPasswordHash((char *)PasswordHash, sizeof(PasswordHash),
+ NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash);
+ NTPasswordHash(PasswordHash, sizeof(PasswordHash),
PasswordHashHash);
SHA1_Init(&sha1Context);
@@ -647,7 +657,7 @@
/* Convert to ASCII hex string. */
for (i = 0; i < MAX((MS_AUTH_RESPONSE_LENGTH / 2), sizeof(Digest)); i++)
- sprintf((char *)&authResponse[i * 2], "%02X", Digest[i]);
+ sprintf(&authResponse[i * 2], "%02X", Digest[i]);
}
@@ -695,7 +705,7 @@
* Set mppe_xxxx_key from MS-CHAPv2 credentials. (see RFC 3079)
*/
static void
-SetMasterKeys(char *secret, int secret_len, u_char NTResponse[24], int IsServer)
+SetMasterKeys(u_char *secret, int secret_len, u_char NTResponse[24], int IsServer)
{
SHA1_CTX sha1Context;
u_char unicodePassword[MAX_NT_PASSWORD * 2];
@@ -832,36 +842,44 @@
*/
void
ChapMS2(u_char *rchallenge, u_char *PeerChallenge,
- char *user, char *secret, int secret_len, MS_Chap2Response *response,
+ char *user, char *secret, int secret_len, MS_Chap2Response *_response,
u_char authResponse[], int authenticator)
{
+
/* ARGSUSED */
- u_char *p = response->PeerChallenge;
+ u_char resp[16];
+ u_char ntresp[24];
int i;
- BZERO(response, sizeof(*response));
+ /* initialize the strings */
+ BZERO(resp, sizeof(resp));
+ BZERO(ntresp, sizeof(ntresp));
/* Generate the Peer-Challenge if requested, or copy it if supplied. */
if (!PeerChallenge)
- for (i = 0; i < sizeof(response->PeerChallenge); i++)
- *p++ = (u_char) (drand48() * 0xff);
+ for (i = 0; i < 16; i++)
+ resp[i] = (u_char) (drand48() * 0xff);
else
- BCOPY(PeerChallenge, response->PeerChallenge,
- sizeof(response->PeerChallenge));
+ BCOPY(PeerChallenge, resp,
+ sizeof(resp));
/* Generate the NT-Response */
- ChapMS2_NT((char *)rchallenge, response->PeerChallenge, user,
- secret, secret_len, response->NTResp);
+ ChapMS2_NT(rchallenge, resp, user,
+ secret, secret_len, ntresp);
/* Generate the Authenticator Response. */
- GenerateAuthenticatorResponse(secret, secret_len, response->NTResp,
- response->PeerChallenge, rchallenge,
+ GenerateAuthenticatorResponse(secret, secret_len, ntresp,
+ resp, rchallenge,
user, authResponse);
#ifdef MPPE
- SetMasterKeys(secret, secret_len, response->NTResp, authenticator);
+ SetMasterKeys(secret, secret_len, ntresp, authenticator);
mppe_keys_set = 1;
#endif
+
+ /* Copy the strings back */
+ BCOPY(resp,_response->PeerChallenge,sizeof(_response->PeerChallenge));
+ BCOPY(ntresp,_response->NTResp,sizeof(_response->NTResp));
}
#ifdef MPPE
|
