- left -= attr[RAD_Attr_Length];
- attr += attr[RAD_Attr_Length];
- }
-
- /* handle MS MPPE */
- left = RADLEN(buf) - 20;
- attr = buf + 20;
- while (left > 1) {
- if (attr[RAD_Attr_Type] == RAD_Attr_Vendor_Specific &&
- ((uint16_t *)attr)[1] == 0 && ntohs(((uint16_t *)attr)[2]) == 311) { /* 311 == MS */
- subleft = attr[RAD_Attr_Length] - 6;
- subattr = attr + 6;
- while (subleft > 1) {
- subleft -= subattr[RAD_Attr_Length];
- if (subleft < 0)
- break;
- if (subattr[RAD_Attr_Type] != RAD_VS_ATTR_MS_MPPE_Send_Key &&
- subattr[RAD_Attr_Type] != RAD_VS_ATTR_MS_MPPE_Recv_Key)
- continue;
- debug(DBG_DBG, "clientrd: Got MS MPPE");
- if (subattr[RAD_Attr_Length] < 20)
- continue;
-
- if (!msmppdecrypt(subattr + 4, subattr[RAD_Attr_Length] - 4, (unsigned char *)server->peer.secret,
- strlen(server->peer.secret), server->requests[i].buf + 4, subattr + 2)) {
- debug(DBG_WARN, "clientrd: failed to decrypt msppe key");
- continue;
- }
-
- if (!msmppencrypt(subattr + 4, subattr[RAD_Attr_Length] - 4, (unsigned char *)from->peer.secret,
- strlen(from->peer.secret), (unsigned char *)server->requests[i].origauth, subattr + 2)) {
- debug(DBG_WARN, "clientrd: failed to encrypt msppe key");
- continue;
- }
+
+ attrval = attrget(subattrs, sublen, RAD_VS_ATTR_MS_MPPE_Recv_Key, &attrvallen);
+ if (attrval) {
+ debug(DBG_DBG, "clientrd: Got MS MPPE");
+ if (attrvallen < 18)
+ continue;
+ if (!msmppdecrypt(attrval + 2, attrvallen - 2, (unsigned char *)server->peer.secret,
+ strlen(server->peer.secret), server->requests[i].buf + 4, attrval)) {
+ debug(DBG_WARN, "clientrd: failed to decrypt msppe key");
+ continue;