oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Fix ms-chap-v2 mutual response auth code.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20143 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2007-02-02 22:15:52 +00:00
parent cfeb58d7cb
commit e4d855f06d
1 changed files with 75 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
kdc/digest.c
View File

@@ -137,13 +137,13 @@ fill_targetinfo(krb5_context context,
} }
static const unsigned char ms_chap_v1_magic1[39] = { static const unsigned char ms_chap_v2_magic1[39] = {
0x4D, 0x61, 0x67, 0x69, 0x63, 0x20, 0x73, 0x65, 0x72, 0x76, 0x4D, 0x61, 0x67, 0x69, 0x63, 0x20, 0x73, 0x65, 0x72, 0x76,
0x65, 0x72, 0x20, 0x74, 0x6F, 0x20, 0x63, 0x6C, 0x69, 0x65, 0x65, 0x72, 0x20, 0x74, 0x6F, 0x20, 0x63, 0x6C, 0x69, 0x65,
0x6E, 0x74, 0x20, 0x73, 0x69, 0x67, 0x6E, 0x69, 0x6E, 0x67, 0x6E, 0x74, 0x20, 0x73, 0x69, 0x67, 0x6E, 0x69, 0x6E, 0x67,
0x20, 0x63, 0x6F, 0x6E, 0x73, 0x74, 0x61, 0x6E, 0x74 0x20, 0x63, 0x6F, 0x6E, 0x73, 0x74, 0x61, 0x6E, 0x74
}; };
static const unsigned char ms_chap_v1_magic2[41] = { static const unsigned char ms_chap_v2_magic2[41] = {
0x50, 0x61, 0x64, 0x20, 0x74, 0x6F, 0x20, 0x6D, 0x61, 0x6B, 0x50, 0x61, 0x64, 0x20, 0x74, 0x6F, 0x20, 0x6D, 0x61, 0x6B,
0x65, 0x20, 0x69, 0x74, 0x20, 0x64, 0x6F, 0x20, 0x6D, 0x6F, 0x65, 0x20, 0x69, 0x74, 0x20, 0x64, 0x6F, 0x20, 0x6D, 0x6F,
0x72, 0x65, 0x20, 0x74, 0x68, 0x61, 0x6E, 0x20, 0x6F, 0x6E, 0x72, 0x65, 0x20, 0x74, 0x68, 0x61, 0x6E, 0x20, 0x6F, 0x6E,
@@ -872,17 +872,38 @@ _kdc_do_digest(krb5_context context,
r.u.response.success = FALSE; r.u.response.success = FALSE;
} }
if (r.u.response.success) {
unsigned char hashhash[MD4_DIGEST_LENGTH];
/* hashhash */
{
MD4_CTX hctx;
MD4_Init(&hctx);
MD4_Update(&hctx, key->key.keyvalue.data,
key->key.keyvalue.length);
MD4_Final(hashhash, &hctx);
}
/* GenerateAuthenticatorResponse */ /* GenerateAuthenticatorResponse */
SHA1_Init(&ctx); SHA1_Init(&ctx);
SHA1_Update(&ctx, key->key.keyvalue.data, key->key.keyvalue.length); SHA1_Update(&ctx, hashhash, sizeof(hashhash));
SHA1_Update(&ctx, answer.data, answer.length); SHA1_Update(&ctx, answer.data, answer.length);
SHA1_Update(&ctx, ms_chap_v1_magic1, sizeof(ms_chap_v1_magic1)); SHA1_Update(&ctx, ms_chap_v2_magic1,sizeof(ms_chap_v2_magic1));
SHA1_Final(md, &ctx); SHA1_Final(md, &ctx);
{
char *foo;
hex_encode(challange, 8, &foo);
kdc_log(context, config, 0,
"MS-CHAP-V2 challange %s", foo);
free(foo);
}
SHA1_Init(&ctx); SHA1_Init(&ctx);
SHA1_Update(&ctx, md, sizeof(md)); SHA1_Update(&ctx, md, sizeof(md));
SHA1_Update(&ctx, challange, 8); SHA1_Update(&ctx, challange, 8);
SHA1_Update(&ctx, ms_chap_v1_magic2, sizeof(ms_chap_v1_magic2)); SHA1_Update(&ctx, ms_chap_v2_magic2, sizeof(ms_chap_v2_magic2));
SHA1_Final(md, &ctx); SHA1_Final(md, &ctx);
r.u.response.rsp = calloc(1, sizeof(*r.u.response.rsp)); r.u.response.rsp = calloc(1, sizeof(*r.u.response.rsp));
@@ -901,16 +922,6 @@ _kdc_do_digest(krb5_context context,
goto out; goto out;
} }
/* hash hash */
{
MD4_CTX hctx;
MD4_Init(&hctx);
MD4_Update(&hctx, key->key.keyvalue.data,
key->key.keyvalue.length);
MD4_Final(md, &hctx);
}
/* get_master, rfc 3079 3.4 */ /* get_master, rfc 3079 3.4 */
SHA1_Init(&ctx); SHA1_Init(&ctx);
SHA1_Update(&ctx, md, 16); /* md4(hash) */ SHA1_Update(&ctx, md, 16); /* md4(hash) */
@@ -933,6 +944,7 @@ _kdc_do_digest(krb5_context context,
krb5_clear_error_string(context); krb5_clear_error_string(context);
goto out; goto out;
} }
}
} else { } else {
r.element = choice_DigestRepInner_error; r.element = choice_DigestRepInner_error;