diff options
| author | Gary Jennejohn <gj@FreeBSD.org> | 1998-01-01 21:27:18 +0000 |
|---|---|---|
| committer | Gary Jennejohn <gj@FreeBSD.org> | 1998-01-01 21:27:18 +0000 |
| commit | d3341aa5db23a9bba7c8e56b7982031799c82700 (patch) | |
| tree | 8c8c6ab0a0361300ced15933fdb879013943aed6 /sys/net | |
| parent | 8c6d2f42e1780917ba89400da7b7c084e56d7c49 (diff) | |
| download | src-d3341aa5db23a9bba7c8e56b7982031799c82700.tar.gz src-d3341aa5db23a9bba7c8e56b7982031799c82700.zip | |
Reviewed by: Joerg Wunsch
In sppp_chap_input:
1) in the CHAP_CHALLENGE case don't output the peer's name if it is not
what we expected (DEBUG) since it will be printed out in the course
of events anyway.
2) in the CHAP_SUCCESS case test whether the peer is required to
authenticate himself [(sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO))],
otherwise the state machine may never switch into the network state.
I saw this case against 2 different ISPs; they never bothered to
authenticate themselves to me.
In sppp_pap_input:
in the PAP_ACK case do the same as in 2) above for the same reason.
Notes
Notes:
svn path=/head/; revision=32169
Diffstat (limited to 'sys/net')
| -rw-r--r-- | sys/net/if_spppsubr.c | 13 |
1 files changed, 3 insertions, 10 deletions
diff --git a/sys/net/if_spppsubr.c b/sys/net/if_spppsubr.c index be5d4a54f9c9..cd266a760680 100644 --- a/sys/net/if_spppsubr.c +++ b/sys/net/if_spppsubr.c @@ -17,7 +17,7 @@ * * From: Version 2.4, Thu Apr 30 17:17:21 MSD 1997 * - * $Id: if_spppsubr.c,v 1.28 1997/10/11 11:25:28 joerg Exp $ + * $Id: if_spppsubr.c,v 1.29 1997/12/15 20:31:08 eivind Exp $ */ #include "opt_ipx.h" @@ -2877,15 +2877,6 @@ sppp_chap_input(struct sppp *sp, struct mbuf *m) } break; } - if (name_len != sppp_strnlen(sp->hisauth.name, AUTHNAMELEN) - || bcmp(name, sp->hisauth.name, name_len) != 0) { - log(LOG_INFO, "%s%d: chap challenge, his name "); - sppp_print_string(name, name_len); - addlog(" != expected "); - sppp_print_string(sp->hisauth.name, - sppp_strnlen(sp->hisauth.name, AUTHNAMELEN)); - addlog("\n"); - } if (debug) { log(LOG_DEBUG, @@ -2929,6 +2920,7 @@ sppp_chap_input(struct sppp *sp, struct mbuf *m) x = splimp(); sp->pp_flags &= ~PP_NEEDAUTH; if (sp->myauth.proto == PPP_CHAP && + (sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) && (sp->lcp.protos & (1 << IDX_CHAP)) == 0) { /* * We are authenticator for CHAP but didn't @@ -3342,6 +3334,7 @@ sppp_pap_input(struct sppp *sp, struct mbuf *m) x = splimp(); sp->pp_flags &= ~PP_NEEDAUTH; if (sp->myauth.proto == PPP_PAP && + (sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO)) && (sp->lcp.protos & (1 << IDX_PAP)) == 0) { /* * We are authenticator for PAP but didn't |