welterde/l2tpns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix the password used when acting as LAC

Browse source 
When acting as LNS, we have to answer challenges with our own secret, but
when acting as LAC, we have to answer challenges with the LNS secret, not
ours.
This commit is contained in:
Samuel Thibault 2023-03-26 18:01:00 +02:00
parent 8e7bfa9a77
commit 7bf791816c
3 changed files with 44 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

40
l2tpns.c
View file

@ -249,7 +249,7 @@ static void dump_acct_info(int all);
static void sighup_handler(int sig);
static void shutdown_handler(int sig);
static void sigchild_handler(int sig);
static void build_chap_response(uint8_t *challenge, uint8_t id, uint16_t challenge_length, uint8_t **challenge_response);
static void build_chap_response(uint16_t t, uint8_t *challenge, uint8_t id, uint16_t challenge_length, int we_are_lac, uint8_t **challenge_response);
static void update_config(void);
static void read_config_file(void);
static void initplugins(void);
@ -2887,11 +2887,18 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
break;
case 11: // Request Challenge
{
LOG(4, s, t, " LAC requested CHAP authentication for tunnel\n");
if (message == 1)
build_chap_response(b, 2, n, &sendchalresponse);
{
LOG(4, s, t, " LAC requested CHAP authentication for tunnel\n");
// We are LNS
build_chap_response(t, b, 2, n, 0, &sendchalresponse);
}
else if (message == 2)
build_chap_response(b, 3, n, &sendchalresponse);
{
LOG(4, s, t, " LNS requested CHAP authentication for tunnel\n");
// We are LAC
build_chap_response(t, b, 3, n, 1, &sendchalresponse);
}
}
break;
case 13: // receive challenge Response
@ -5306,14 +5313,14 @@ static void sigchild_handler(int sig)
;
}
static void build_chap_response(uint8_t *challenge, uint8_t id, uint16_t challenge_length, uint8_t **challenge_response)
static void build_chap_response(uint16_t t, uint8_t *challenge, uint8_t id, uint16_t challenge_length, int we_are_lac, uint8_t **challenge_response)
{
MD5_CTX ctx;
*challenge_response = NULL;
if (!*config->l2tp_secret)
if (!we_are_lac && !*config->l2tp_secret)
{
LOG(0, 0, 0, "LNS requested CHAP authentication, but no l2tp secret is defined\n");
LOG(0, 0, 0, "LAC requested CHAP authentication, but no l2tp secret is defined\n");
return;
}
@ -5321,11 +5328,20 @@ static void build_chap_response(uint8_t *challenge, uint8_t id, uint16_t challen
*challenge_response = calloc(17, 1);
MD5_Init(&ctx);
MD5_Update(&ctx, &id, 1);
MD5_Update(&ctx, config->l2tp_secret, strlen(config->l2tp_secret));
MD5_Update(&ctx, challenge, challenge_length);
MD5_Final(*challenge_response, &ctx);
if (we_are_lac)
{
// Use the LNS secret
lac_calc_our_auth(t, challenge, id, challenge_length, *challenge_response);
}
else
{
// Use our LNS secret
MD5_Init(&ctx);
MD5_Update(&ctx, &id, 1);
MD5_Update(&ctx, config->l2tp_secret, strlen(config->l2tp_secret));
MD5_Update(&ctx, challenge, challenge_length);
MD5_Final(*challenge_response, &ctx);
}
return;
}