From: fcusack Date: Wed, 8 Feb 2006 21:19:04 +0000 (+0000) Subject: import from HEAD: X-Git-Tag: release_1_1_1~39 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=freeradius.git;a=commitdiff_plain;h=7aca5769e9e1c24b889e0c3b11ccdb7bbeae8274 import from HEAD: otp_authenticate(): generate State as ASCII to workaround Cisco bug --- 7aca5769e9e1c24b889e0c3b11ccdb7bbeae8274 diff --cc src/modules/rlm_otp/otp_rlm.c index 959759b,0f82394..6314a36 --- a/src/modules/rlm_otp/otp_rlm.c +++ b/src/modules/rlm_otp/otp_rlm.c @@@ -492,17 -493,33 +493,33 @@@ otp_authenticate(void *instance, REQUES } if (inst->allow_async) { - /* Verify the state. */ - (void) memcpy(challenge, vp->strvalue, inst->chal_len); - (void) memcpy(&sflags, vp->strvalue + inst->chal_len, 4); - (void) memcpy(&then, vp->strvalue + inst->chal_len + 4, 4); + /* + * Verify the state. + */ + + /* ASCII decode */ + rad_state = rad_malloc(e_length + 1); - (void) memcpy(rad_state, vp->vp_strvalue, vp->length); ++ (void) memcpy(rad_state, vp->strvalue, vp->length); + rad_state[e_length] = '\0'; + (void) otp_keystring2keyblock(rad_state, raw_state); + free(rad_state); + + /* extract data from State */ + raw_state = rad_malloc(e_length / 2); + (void) memcpy(challenge, raw_state, inst->chal_len); + (void) memcpy(&sflags, raw_state + inst->chal_len, 4); + (void) memcpy(&then, raw_state + inst->chal_len + 4, 4); + free(raw_state); + + /* generate new state from returned input data */ if (otp_gen_state(NULL, &state, challenge, inst->chal_len, sflags, then, hmac_key) != 0) { otp_log(OTP_LOG_ERR, "%s: %s: failed to generate state", log_prefix, __func__); return RLM_MODULE_FAIL; } + /* compare generated state against returned state to verify hmac */ - if (memcmp(state, vp->vp_strvalue, vp->length)) { + if (memcmp(state, vp->strvalue, vp->length)) { otp_log(OTP_LOG_AUTH, "%s: %s: bad state for [%s]: hmac", log_prefix, __func__, username); free(state);