diff options
| author | Guillaume Nault <g.nault@alphalink.fr> | 2013-04-09 21:43:16 +0200 |
|---|---|---|
| committer | Dmitry Kozlov <xeb@mail.ru> | 2013-04-17 09:06:35 +0400 |
| commit | 967f5689f8a38e7ac5e095e6c26edd765611f0e3 (patch) | |
| tree | 25e99ffec4f9035e4c673dcb747180a0c9365c3e /accel-pppd | |
| parent | 9ec0d6beda4249ca0483e461bd5fb361f7a28efa (diff) | |
| download | accel-ppp-967f5689f8a38e7ac5e095e6c26edd765611f0e3.tar.gz accel-ppp-967f5689f8a38e7ac5e095e6c26edd765611f0e3.zip | |
l2tp: Use random length Challenge AVP
Set Challenge attribute using a random length so that its size can't
be guessed when hide-avps is on.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
Diffstat (limited to 'accel-pppd')
| -rw-r--r-- | accel-pppd/ctrl/l2tp/l2tp.c | 33 |
1 files changed, 31 insertions, 2 deletions
diff --git a/accel-pppd/ctrl/l2tp/l2tp.c b/accel-pppd/ctrl/l2tp/l2tp.c index d2c6982d..19b90ab4 100644 --- a/accel-pppd/ctrl/l2tp/l2tp.c +++ b/accel-pppd/ctrl/l2tp/l2tp.c @@ -1507,6 +1507,8 @@ static void l2tp_send_SCCRQ(void *peer_addr) { struct l2tp_conn_t *conn = l2tp_tunnel_self(); struct l2tp_packet_t *pack = NULL; + uint16_t chall_len; + int err; log_tunnel(log_info2, conn, "sending SCCRQ\n"); @@ -1548,7 +1550,19 @@ static void l2tp_send_SCCRQ(void *peer_addr) goto pack_err; } - if (l2tp_tunnel_genchall(MD5_DIGEST_LENGTH, conn, pack) < 0) { + if (u_randbuf(&chall_len, sizeof(chall_len), &err) < 0) { + if (err) + log_tunnel(log_error, conn, "impossible to send SCCRQ:" + " reading from urandom failed: %s\n", + strerror(err)); + else + log_tunnel(log_error, conn, "impossible to send SCCRQ:" + " end of file reached while reading" + " from urandom\n"); + goto pack_err; + } + chall_len = (chall_len & 0x007F) + MD5_DIGEST_LENGTH; + if (l2tp_tunnel_genchall(chall_len, conn, pack) < 0) { log_tunnel(log_error, conn, "impossible to send SCCRQ:" " Challenge generation failed\n"); goto pack_err; @@ -1573,6 +1587,8 @@ err: static void l2tp_send_SCCRP(struct l2tp_conn_t *conn) { struct l2tp_packet_t *pack; + uint16_t chall_len; + int err; log_tunnel(log_info2, conn, "sending SCCRP\n"); @@ -1620,7 +1636,20 @@ static void l2tp_send_SCCRP(struct l2tp_conn_t *conn) " Challenge Response generation failed\n"); goto out_err; } - if (l2tp_tunnel_genchall(MD5_DIGEST_LENGTH, conn, pack) < 0) { + + if (u_randbuf(&chall_len, sizeof(chall_len), &err) < 0) { + if (err) + log_tunnel(log_error, conn, "impossible to send SCCRP:" + " reading from urandom failed: %s\n", + strerror(err)); + else + log_tunnel(log_error, conn, "impossible to send SCCRP:" + " end of file reached while reading" + " from urandom\n"); + goto out_err; + } + chall_len = (chall_len & 0x007F) + MD5_DIGEST_LENGTH; + if (l2tp_tunnel_genchall(chall_len, conn, pack) < 0) { log_tunnel(log_error, conn, "impossible to send SCCRP:" " Challenge generation failed\n"); goto out_err; |