diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2012-03-13 23:26:15 +0100 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2012-03-13 23:26:15 +0100 |
| commit | 6fd612913ea5d4b46a4bf53688300a90e126965e (patch) | |
| tree | e796fa5b719fc1185038683513bf9735448a6494 /src/libradius/radius_socket.c | |
| parent | 5fdb8492937a9351960e44d8b26a8f105ed5d36e (diff) | |
| download | strongswan-6fd612913ea5d4b46a4bf53688300a90e126965e.tar.bz2 strongswan-6fd612913ea5d4b46a4bf53688300a90e126965e.tar.xz | |
implemented MS_MPPE encryption
Diffstat (limited to 'src/libradius/radius_socket.c')
| -rw-r--r-- | src/libradius/radius_socket.c | 28 |
1 files changed, 8 insertions, 20 deletions
diff --git a/src/libradius/radius_socket.c b/src/libradius/radius_socket.c index 6313595be..048c8814e 100644 --- a/src/libradius/radius_socket.c +++ b/src/libradius/radius_socket.c @@ -14,6 +14,7 @@ */ #include "radius_socket.h" +#include "radius_mppe.h" #include <errno.h> #include <unistd.h> @@ -21,12 +22,6 @@ #include <pen/pen.h> #include <debug.h> -/** - * Microsoft specific vendor attributes - */ -#define MS_MPPE_SEND_KEY 16 -#define MS_MPPE_RECV_KEY 17 - typedef struct private_radius_socket_t private_radius_socket_t; /** @@ -286,13 +281,7 @@ METHOD(radius_socket_t, decrypt_msk, chunk_t, private_radius_socket_t *this, radius_message_t *request, radius_message_t *response) { - struct { - u_int32_t id; - u_int8_t type; - u_int8_t length; - u_int16_t salt; - u_int8_t key[]; - } __attribute__((packed)) *mppe_key; + mppe_key_t *mppe_key; enumerator_t *enumerator; chunk_t data, send = chunk_empty, recv = chunk_empty; int type; @@ -300,14 +289,13 @@ METHOD(radius_socket_t, decrypt_msk, chunk_t, enumerator = response->create_enumerator(response); while (enumerator->enumerate(enumerator, &type, &data)) { - if (type == RAT_VENDOR_SPECIFIC && - data.len > sizeof(*mppe_key)) + if (type == RAT_VENDOR_SPECIFIC && data.len > sizeof(mppe_key_t)) { - mppe_key = (void*)data.ptr; + mppe_key = (mppe_key_t*)data.ptr; if (ntohl(mppe_key->id) == PEN_MICROSOFT && mppe_key->length == data.len - sizeof(mppe_key->id)) { - data = chunk_create(mppe_key->key, data.len - sizeof(*mppe_key)); + data = chunk_create(mppe_key->key, data.len - sizeof(mppe_key_t)); if (mppe_key->type == MS_MPPE_SEND_KEY) { send = decrypt_mppe_key(this, mppe_key->salt, data, request); @@ -365,11 +353,11 @@ radius_socket_t *radius_socket_create(char *address, u_int16_t auth_port, .auth_fd = -1, .acct_port = acct_port, .acct_fd = -1, + .hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5), + .signer = lib->crypto->create_signer(lib->crypto, AUTH_HMAC_MD5_128), + .rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK), ); - this->hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5); - this->signer = lib->crypto->create_signer(lib->crypto, AUTH_HMAC_MD5_128); - this->rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK); if (!this->hasher || !this->signer || !this->rng) { DBG1(DBG_CFG, "RADIUS initialization failed, HMAC/MD5/RNG required"); |