From d3341aa5db23a9bba7c8e56b7982031799c82700 Mon Sep 17 00:00:00 2001
From: Gary Jennejohn <gj@FreeBSD.org>
Date: Thu, 1 Jan 1998 21:27:18 +0000
Subject: [PATCH] Reviewed by:	Joerg Wunsch In sppp_chap_input: 1) in the
 CHAP_CHALLENGE case don't output the peer's name if it is not what we
 expected (DEBUG) since it will be printed out in the course of events anyway.
 2) in the CHAP_SUCCESS case test whether the peer is required to authenticate
 himself [(sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO))], otherwise the state
 machine may never switch into the network state. I saw this case against 2
 different ISPs; they never bothered to authenticate themselves to me.

In sppp_pap_input:
in the PAP_ACK case do the same as in 2) above for the same reason.
---
 sys/net/if_spppsubr.c | 13 +++----------
 1 file changed, 3 insertions(+), 10 deletions(-)

diff --git a/sys/net/if_spppsubr.c b/sys/net/if_spppsubr.c
index be5d4a54f9c..cd266a76068 100644
--- a/sys/net/if_spppsubr.c
+++ b/sys/net/if_spppsubr.c
@@ -17,7 +17,7 @@
  *
  * From: Version 2.4, Thu Apr 30 17:17:21 MSD 1997
  *
- * $Id: if_spppsubr.c,v 1.28 1997/10/11 11:25:28 joerg Exp $
+ * $Id: if_spppsubr.c,v 1.29 1997/12/15 20:31:08 eivind Exp $
  */
 
 #include "opt_ipx.h"
@@ -2877,15 +2877,6 @@ sppp_chap_input(struct sppp *sp, struct mbuf *m)
 			}
 			break;
 		}
-		if (name_len != sppp_strnlen(sp->hisauth.name, AUTHNAMELEN)
-		    || bcmp(name, sp->hisauth.name, name_len) != 0) {
-			log(LOG_INFO, "%s%d: chap challenge, his name ");
-			sppp_print_string(name, name_len);
-			addlog(" != expected ");
-			sppp_print_string(sp->hisauth.name,
-					  sppp_strnlen(sp->hisauth.name, AUTHNAMELEN));
-			addlog("\n");
-		}    
 		
 		if (debug) {
 			log(LOG_DEBUG,
@@ -2929,6 +2920,7 @@ sppp_chap_input(struct sppp *sp, struct mbuf *m)
 		x = splimp();
 		sp->pp_flags &= ~PP_NEEDAUTH;
 		if (sp->myauth.proto == PPP_CHAP &&
+		    (sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) &&
 		    (sp->lcp.protos & (1 << IDX_CHAP)) == 0) {
 			/*
 			 * We are authenticator for CHAP but didn't
@@ -3342,6 +3334,7 @@ sppp_pap_input(struct sppp *sp, struct mbuf *m)
 		x = splimp();
 		sp->pp_flags &= ~PP_NEEDAUTH;
 		if (sp->myauth.proto == PPP_PAP &&
+		    (sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) &&
 		    (sp->lcp.protos & (1 << IDX_PAP)) == 0) {
 			/*
 			 * We are authenticator for PAP but didn't