auth: fix re-authentication of peer in all chap modules

If the peer re-authenticates (because of option conf_interval) and pwdb
calls auth_result(), we may add the interval timer again to the session
context. This crashes accel-ppp when deleting the session, because the
interval timer is removed only once and the superfluous timers are
still running. Therefore, when removing the context, triton detects
this issue and calls abort().

To fix this, we need to detect if the session is already started and
just send a CHAP Success message in this case.

Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>

3 files changed, 30 insertions, 18 deletions

diff --git a/accel-pppd/auth/auth_chap_md5.c b/accel-pppd/auth/auth_chap_md5.c
index 309af8a6..ae062f53 100644
--- a/accel-pppd/auth/auth_chap_md5.c
+++ b/accel-pppd/auth/auth_chap_md5.c
@@ -265,14 +265,18 @@ static void auth_result(struct chap_auth_data *ad, int res)
 		} else
 			ppp_auth_failed(ad->ppp, name);
 	} else {
-		if (ppp_auth_succeeded(ad->ppp, name)) {
-			chap_send_failure(ad);
-			ap_session_terminate(&ad->ppp->ses, TERM_AUTH_ERROR, 0);
+		if (!ad->started) {
+			if (ppp_auth_succeeded(ad->ppp, name)) {
+				chap_send_failure(ad);
+				ap_session_terminate(&ad->ppp->ses, TERM_AUTH_ERROR, 0);
+			} else {
+				chap_send_success(ad, ad->id);
+				ad->started = 1;
+				if (conf_interval)
+					triton_timer_add(ad->ppp->ses.ctrl->ctx, &ad->interval, 0);
+			}
 		} else {
 			chap_send_success(ad, ad->id);
-			ad->started = 1;
-			if (conf_interval)
-				triton_timer_add(ad->ppp->ses.ctrl->ctx, &ad->interval, 0);
 		}
 	}
 
diff --git a/accel-pppd/auth/auth_mschap_v1.c b/accel-pppd/auth/auth_mschap_v1.c
index 10424866..67f941c6 100644
--- a/accel-pppd/auth/auth_mschap_v1.c
+++ b/accel-pppd/auth/auth_mschap_v1.c
@@ -268,14 +268,18 @@ static void auth_result(struct chap_auth_data *ad, int res)
 		} else
 			ppp_auth_failed(ad->ppp, name);
 	} else {
-		if (ppp_auth_succeeded(ad->ppp, name)) {
-			chap_send_failure(ad, ad->mschap_error);
-			ap_session_terminate(&ad->ppp->ses, TERM_AUTH_ERROR, 0);
+		if (!ad->started) {
+			if (ppp_auth_succeeded(ad->ppp, name)) {
+				chap_send_failure(ad, ad->mschap_error);
+				ap_session_terminate(&ad->ppp->ses, TERM_AUTH_ERROR, 0);
+			} else {
+				chap_send_success(ad, ad->id);
+				ad->started = 1;
+				if (conf_interval)
+					triton_timer_add(ad->ppp->ses.ctrl->ctx, &ad->interval, 0);
+			}
 		} else {
 			chap_send_success(ad, ad->id);
-			ad->started = 1;
-			if (conf_interval)
-				triton_timer_add(ad->ppp->ses.ctrl->ctx, &ad->interval, 0);
 		}
 	}
 
diff --git a/accel-pppd/auth/auth_mschap_v2.c b/accel-pppd/auth/auth_mschap_v2.c
index 33b95dea..5c82413c 100644
--- a/accel-pppd/auth/auth_mschap_v2.c
+++ b/accel-pppd/auth/auth_mschap_v2.c
@@ -341,14 +341,18 @@ static void auth_result(struct chap_auth_data *ad, int res)
 		} else
 			ppp_auth_failed(ad->ppp, name);
 	} else {
-		if (ppp_auth_succeeded(ad->ppp, name)) {
-			chap_send_failure(ad, ad->mschap_error, ad->reply_msg);
-			ap_session_terminate(&ad->ppp->ses, TERM_AUTH_ERROR, 0);
+		if (!ad->started) {
+			if (ppp_auth_succeeded(ad->ppp, name)) {
+				chap_send_failure(ad, ad->mschap_error, ad->reply_msg);
+				ap_session_terminate(&ad->ppp->ses, TERM_AUTH_ERROR, 0);
+			} else {
+				chap_send_success(ad, ad->id, ad->authenticator);
+				ad->started = 1;
+				if (conf_interval)
+					triton_timer_add(ad->ppp->ses.ctrl->ctx, &ad->interval, 0);
+			}
 		} else {
 			chap_send_success(ad, ad->id, ad->authenticator);
-			ad->started = 1;
-			if (conf_interval)
-				triton_timer_add(ad->ppp->ses.ctrl->ctx, &ad->interval, 0);
 		}
 	}