Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2024-11-25 08:48:31 -05:00
Code Issues Projects Releases Wiki Activity

MSCHAPv2: Check operation success for NT response generation

Browse Source 
These functions could fail (e.g., if MD4 is disabled in the security
policy).

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2012-08-16 18:42:27 +03:00
parent eb4b6fe04d
commit ce7daaae53
1 changed files with 21 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/eap_peer/mschapv2.c
View File

@ -63,22 +63,28 @@ int mschapv2_derive_response(const u8 *identity, size_t identity_len,
if (pwhash) { if (pwhash) {
wpa_hexdump_key(MSG_DEBUG, "MSCHAPV2: password hash", wpa_hexdump_key(MSG_DEBUG, "MSCHAPV2: password hash",
password, password_len); password, password_len);
generate_nt_response_pwhash(auth_challenge, peer_challenge, if (generate_nt_response_pwhash(auth_challenge, peer_challenge,
username, username_len, username, username_len,
password, nt_response); password, nt_response) ||
generate_authenticator_response_pwhash( generate_authenticator_response_pwhash(
password, peer_challenge, auth_challenge, password, peer_challenge, auth_challenge,
username, username_len, nt_response, auth_response); username, username_len, nt_response,
auth_response))
return -1;
} else { } else {
wpa_hexdump_ascii_key(MSG_DEBUG, "MSCHAPV2: password", wpa_hexdump_ascii_key(MSG_DEBUG, "MSCHAPV2: password",
password, password_len); password, password_len);
generate_nt_response(auth_challenge, peer_challenge, if (generate_nt_response(auth_challenge, peer_challenge,
username, username_len, username, username_len,
password, password_len, nt_response); password, password_len,
generate_authenticator_response(password, password_len, nt_response) ||
peer_challenge, auth_challenge, generate_authenticator_response(password, password_len,
username, username_len, peer_challenge,
nt_response, auth_response); auth_challenge,
username, username_len,
nt_response,
auth_response))
return -1;
} }
wpa_hexdump(MSG_DEBUG, "MSCHAPV2: NT Response", wpa_hexdump(MSG_DEBUG, "MSCHAPV2: NT Response",
nt_response, MSCHAPV2_NT_RESPONSE_LEN); nt_response, MSCHAPV2_NT_RESPONSE_LEN);
@ -94,7 +100,8 @@ int mschapv2_derive_response(const u8 *identity, size_t identity_len,
hash_nt_password_hash(password_hash, password_hash_hash)) hash_nt_password_hash(password_hash, password_hash_hash))
return -1; return -1;
} }
get_master_key(password_hash_hash, nt_response, master_key); if (get_master_key(password_hash_hash, nt_response, master_key))
return -1;
wpa_hexdump_key(MSG_DEBUG, "MSCHAPV2: Master Key", wpa_hexdump_key(MSG_DEBUG, "MSCHAPV2: Master Key",
master_key, MSCHAPV2_MASTER_KEY_LEN); master_key, MSCHAPV2_MASTER_KEY_LEN);