From af9cb755ab4c1a30c01ef2cfa2e78974983e3510 Mon Sep 17 00:00:00 2001
From: Samuel Thibault <samuel.thibault@ens-lyon.org>
Date: Wed, 14 Dec 2022 19:08:07 +0100
Subject: [PATCH] LCP: accept an auth nack to CHAP with length == 4

It seems at least some products send this:

 {LCP (0xc021), length 12: LCP, Conf-Nack (0x03), id 9, length 10
        encoded length 8 (=Option(s) length 4)
        0x0000:  c021 0309 0008
          Auth-Prot Option (0x03), length 4: CHAP[|lcp]}

If we refuse to nack to CHAP, we'd stay stuck with PAP and eventually
get a reject.
---
 ppp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ppp.c b/ppp.c
index ac244a9..f34a646 100644
--- a/ppp.c
+++ b/ppp.c
@@ -899,7 +899,7 @@ void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 							LOG(3, s, t, "    Remote requested PAP authentication...%sing\n",
 								authtype ? "accept" : "reject");
 						}
-						else if (proto == PPPCHAP && length > 4 && *(o + 4) == 5)
+						else if (proto == PPPCHAP && (length == 4 || (length > 4 && *(o + 4) == 5)))
 						{
 							authtype = config->radius_authtypes & AUTHCHAP;
 							LOG(3, s, t, "    Remote requested CHAP authentication...%sing\n",