mirror of
https://git.FreeBSD.org/src.git
synced 2025-01-27 16:39:08 +00:00
Reviewed by: Joerg Wunsch
In sppp_chap_input: 1) in the CHAP_CHALLENGE case don't output the peer's name if it is not what we expected (DEBUG) since it will be printed out in the course of events anyway. 2) in the CHAP_SUCCESS case test whether the peer is required to authenticate himself [(sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO))], otherwise the state machine may never switch into the network state. I saw this case against 2 different ISPs; they never bothered to authenticate themselves to me. In sppp_pap_input: in the PAP_ACK case do the same as in 2) above for the same reason.
This commit is contained in:
parent
8c6d2f42e1
commit
d3341aa5db
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=32169
@ -17,7 +17,7 @@
|
||||
*
|
||||
* From: Version 2.4, Thu Apr 30 17:17:21 MSD 1997
|
||||
*
|
||||
* $Id: if_spppsubr.c,v 1.28 1997/10/11 11:25:28 joerg Exp $
|
||||
* $Id: if_spppsubr.c,v 1.29 1997/12/15 20:31:08 eivind Exp $
|
||||
*/
|
||||
|
||||
#include "opt_ipx.h"
|
||||
@ -2877,15 +2877,6 @@ sppp_chap_input(struct sppp *sp, struct mbuf *m)
|
||||
}
|
||||
break;
|
||||
}
|
||||
if (name_len != sppp_strnlen(sp->hisauth.name, AUTHNAMELEN)
|
||||
|| bcmp(name, sp->hisauth.name, name_len) != 0) {
|
||||
log(LOG_INFO, "%s%d: chap challenge, his name ");
|
||||
sppp_print_string(name, name_len);
|
||||
addlog(" != expected ");
|
||||
sppp_print_string(sp->hisauth.name,
|
||||
sppp_strnlen(sp->hisauth.name, AUTHNAMELEN));
|
||||
addlog("\n");
|
||||
}
|
||||
|
||||
if (debug) {
|
||||
log(LOG_DEBUG,
|
||||
@ -2929,6 +2920,7 @@ sppp_chap_input(struct sppp *sp, struct mbuf *m)
|
||||
x = splimp();
|
||||
sp->pp_flags &= ~PP_NEEDAUTH;
|
||||
if (sp->myauth.proto == PPP_CHAP &&
|
||||
(sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) &&
|
||||
(sp->lcp.protos & (1 << IDX_CHAP)) == 0) {
|
||||
/*
|
||||
* We are authenticator for CHAP but didn't
|
||||
@ -3342,6 +3334,7 @@ sppp_pap_input(struct sppp *sp, struct mbuf *m)
|
||||
x = splimp();
|
||||
sp->pp_flags &= ~PP_NEEDAUTH;
|
||||
if (sp->myauth.proto == PPP_PAP &&
|
||||
(sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) &&
|
||||
(sp->lcp.protos & (1 << IDX_PAP)) == 0) {
|
||||
/*
|
||||
* We are authenticator for PAP but didn't
|
||||
|
Loading…
Reference in New Issue
Block a user