No need to check for chap challenge length (#105)

The chap challenge is only read by MD5_update, which accepts input
of any size (given the supplied length is correct). There are no other
uses for the (received) chap challenge; only the chap_response is sent back,
which is implicitly guranteed to be 16 bytes (the output of MD5_finalize).
This commit is contained in:
Istvan Ruzman
2022-07-20 09:43:50 +02:00
committed by GitHub
parent 1560708224
commit 4de1019d53
+3 -3
View File
@@ -907,9 +907,9 @@ bbl_rx_chap(bbl_ethernet_header_t *eth, bbl_interface_s *interface, bbl_session_
if(session->session_state == BBL_PPP_AUTH) {
switch(chap->code) {
case CHAP_CODE_CHALLENGE:
if(chap->challenge_len != CHALLENGE_LEN) {
if(chap->challenge_len == 0) {
/* TODO: Add support for variable CHAP challenge lengths. */
LOG(PPPOE, "CHAP (ID: %u) unsupported CHAP challenge length received (expected 16)\n", session->session_id);
LOG(PPPOE, "CHAP (ID: %u) CHAP challenge length must be greater than 0\n", session->session_id);
bbl_session_update_state(ctx, session, BBL_PPP_TERMINATING);
session->lcp_request_code = PPP_CODE_TERM_REQUEST;
session->lcp_options_len = 0;
@@ -2146,4 +2146,4 @@ bbl_rx_handler_a10nsp(bbl_ethernet_header_t *eth, bbl_interface_s *interface) {
if(session) {
bbl_a10nsp_rx(interface, session, eth);
}
}
}