git: 9front

Info  •  Files  •  Log  •  Branches

authsrv: fix chap

use OCHAPREPLYLEN instead of sizeof(reply) (no padding).

exit after sending ticket response to force eof as factotum
unconditionally reads tailing secret hash (as of mschap).

--- a/sys/src/cmd/auth/authsrv.c

+++ b/sys/src/cmd/auth/authsrv.c

@@ -588,8 +588,9 @@

 	/*

 	 *  get chap reply

 	 */

-	if(readn(0, &reply, sizeof(reply)) < 0)

+	if(readn(0, &reply, OCHAPREPLYLEN) < 0)

 		exits(0);

+

 	safecpy(tr->uid, reply.uid, sizeof(tr->uid));

 	if(tr->uid[0] == 0)

 		exits(0);

@@ -625,6 +626,9 @@

 	tickauthreply(tr, &hkey);

 	syslog(0, AUTHLOG, "chap-ok %s %s", tr->uid, raddr);

+

+	/* no secret after ticket */

+	exits(0);

 }

 enum {

-- 

⑨