Subversion Repositories ALCASAR

Rev

Details | Last modification | View Log

Rev Author Line No. Line
3085 rexy 1
--- src/redir.c	2022-10-12 15:35:35.352336574 +0200
2
+++ src/redir.c	2022-10-11 14:01:22.000000000 +0200
3
@@ -28,6 +28,8 @@
4
 #endif
5
 #include "json/json.h"
6
 
7
+
8
+
9
 static int optionsdebug = 0; /* TODO: Should be changed to instance */
10
 
11
 static int termstate = REDIR_TERM_INIT;    /* When we were terminated */
12
@@ -2709,6 +2711,7 @@
13
 			struct redir_conn_t *conn, char reauth) {
14
   uint8_t user_password[RADIUS_PWSIZE + 1];
15
   uint8_t chap_password[REDIR_MD5LEN + 2];
16
+  uint8_t pap_challenge[REDIR_SHA256LEN];
17
   uint8_t chap_challenge[REDIR_MD5LEN];
18
   struct radius_packet_t radius_pack;
19
   struct radius_t *radius;      /* Radius client instance */
20
@@ -2718,7 +2721,7 @@
21
   fd_set fds;			/* For select() */
22
   int status;
23
 
24
-  MD5_CTX context;
25
+  SHA256_CONTEXT context;
26
 
27
   char url[REDIR_URL_LEN];
28
   int n, m;
29
@@ -2761,10 +2764,10 @@
30
   if (redir->secret && *redir->secret) {
31
     //syslog(LOG_DEBUG, "SECRET: [%s]",redir->secret);
32
     /* Get MD5 hash on challenge and uamsecret */
33
-    MD5Init(&context);
34
-    MD5Update(&context, conn->s_state.redir.uamchal, REDIR_MD5LEN);
35
-    MD5Update(&context, (uint8_t *) redir->secret, strlen(redir->secret));
36
-    MD5Final(chap_challenge, &context);
37
+    SHA256Init(&context);
38
+    SHA256Update(&context, conn->s_state.redir.uamchal, REDIR_MD5LEN);
39
+    SHA256Update(&context, (uint8_t *) redir->secret, strlen(redir->secret));
40
+    SHA256Final(&context, pap_challenge);
41
   }
42
   else {
43
     memcpy(chap_challenge, conn->s_state.redir.uamchal, REDIR_MD5LEN);
44
@@ -2780,9 +2783,9 @@
45
                 sizeof(user_password));
46
       } else {
47
         for (m=0; m < RADIUS_PWSIZE;) {
48
-          for (n=0; n < REDIR_MD5LEN; m++, n++) {
49
+          for (n=0; n < REDIR_SHA256LEN; m++, n++) {
50
             user_password[m] =
51
-                conn->authdata.v.papmsg.password[m] ^ chap_challenge[n];
52
+                conn->authdata.v.papmsg.password[m] ^ pap_challenge[n];
53
           }
54
         }
55
       }
56
@@ -2963,6 +2966,7 @@
57
 
58
 int is_local_user(struct redir_t *redir, struct redir_conn_t *conn) {
59
   uint8_t user_password[RADIUS_PWSIZE+1];
60
+  uint8_t pap_challenge[REDIR_SHA256LEN];
61
   uint8_t chap_challenge[REDIR_MD5LEN];
62
   char u[256]; char p[256];
63
   size_t usernamelen, sz=1024;
64
@@ -2970,6 +2974,7 @@
65
   int match=0;
66
   char *line=0;
67
   MD5_CTX context;
68
+  SHA256_CONTEXT SHA256context;
69
   FILE *f;
70
 
71
   if (!_options.localusers) return 0;
72
@@ -2990,10 +2995,10 @@
73
   }/**/
74
 
75
   if (redir->secret && *redir->secret) {
76
-    MD5Init(&context);
77
-    MD5Update(&context, (uint8_t*)conn->s_state.redir.uamchal, REDIR_MD5LEN);
78
-    MD5Update(&context, (uint8_t*)redir->secret, strlen(redir->secret));
79
-    MD5Final(chap_challenge, &context);
80
+    SHA256Init(&SHA256context);
81
+    SHA256Update(&SHA256context, (uint8_t*)conn->s_state.redir.uamchal, REDIR_MD5LEN);
82
+    SHA256Update(&SHA256context, (uint8_t*)redir->secret, strlen(redir->secret));
83
+    SHA256Final(&SHA256context, pap_challenge);
84
   }
85
   else {
86
     memcpy(chap_challenge, conn->s_state.redir.uamchal, REDIR_MD5LEN);
87
@@ -3015,9 +3020,9 @@
88
       } else {
89
         int n, m;
90
         for (m=0; m < RADIUS_PWSIZE;)
91
-          for (n=0; n < REDIR_MD5LEN; m++, n++)
92
+          for (n=0; n < REDIR_SHA256LEN; m++, n++)
93
             user_password[m] =
94
-                conn->authdata.v.papmsg.password[m] ^ chap_challenge[n];
95
+                conn->authdata.v.papmsg.password[m] ^ pap_challenge[n];
96
       }
97
       break;
98
     case REDIR_AUTH_CHAP: