Imported Upstream version 4.5.2

3 files changed, 31 insertions, 6 deletions

diff --git a/src/libcharon/plugins/eap_md5/Makefile.in b/src/libcharon/plugins/eap_md5/Makefile.in
index 4e01d96cc..e828fbc3e 100644
--- a/src/libcharon/plugins/eap_md5/Makefile.in
+++ b/src/libcharon/plugins/eap_md5/Makefile.in
@@ -242,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@
 oldincludedir = @oldincludedir@
 openac_plugins = @openac_plugins@
 p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
 piddir = @piddir@
 pki_plugins = @pki_plugins@
@@ -265,6 +267,7 @@ soup_LIBS = @soup_LIBS@
 srcdir = @srcdir@
 strongswan_conf = @strongswan_conf@
 sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
 target_alias = @target_alias@
 top_build_prefix = @top_build_prefix@
 top_builddir = @top_builddir@
diff --git a/src/libcharon/plugins/eap_md5/eap_md5.c b/src/libcharon/plugins/eap_md5/eap_md5.c
index f70754abb..b0a234527 100644
--- a/src/libcharon/plugins/eap_md5/eap_md5.c
+++ b/src/libcharon/plugins/eap_md5/eap_md5.c
@@ -147,12 +147,12 @@ METHOD(eap_method_t, process_peer, status_t,
 
 	this->identifier = in->get_identifier(in);
 	data = in->get_data(in);
-	this->challenge = chunk_clone(chunk_skip(data, 6));
-	if (data.len < 6 || this->challenge.len < *(data.ptr + 5))
+	if (data.len < 6 || data.ptr[5] + 6 > data.len)
 	{
 		DBG1(DBG_IKE, "received invalid EAP-MD5 message");
 		return FAILED;
 	}
+	this->challenge = chunk_clone(chunk_create(data.ptr + 6, data.ptr[5]));
 	if (hash_challenge(this, &response, this->peer, this->server) != SUCCESS)
 	{
 		return FAILED;
@@ -176,7 +176,9 @@ METHOD(eap_method_t, process_server, status_t,
 	chunk_t response, expected;
 	chunk_t data;
 
-	if (this->identifier != in->get_identifier(in))
+	data = in->get_data(in);
+	if (this->identifier != in->get_identifier(in) ||
+		data.len < 6 || data.ptr[5] + 6 > data.len)
 	{
 		DBG1(DBG_IKE, "received invalid EAP-MD5 message");
 		return FAILED;
@@ -185,9 +187,7 @@ METHOD(eap_method_t, process_server, status_t,
 	{
 		return FAILED;
 	}
-	data = in->get_data(in);
-	response = chunk_skip(data, 6);
-
+	response = chunk_create(data.ptr + 6, data.ptr[5]);
 	if (response.len < expected.len ||
 		!memeq(response.ptr, expected.ptr, expected.len))
 	{
@@ -218,6 +218,18 @@ METHOD(eap_method_t, is_mutual, bool,
 	return FALSE;
 }
 
+METHOD(eap_method_t, get_identifier, u_int8_t,
+	private_eap_md5_t *this)
+{
+	return this->identifier;
+}
+
+METHOD(eap_method_t, set_identifier, void,
+	private_eap_md5_t *this, u_int8_t identifier)
+{
+	this->identifier = identifier;
+}
+
 METHOD(eap_method_t, destroy, void,
 	private_eap_md5_t *this)
 {
@@ -242,6 +254,8 @@ eap_md5_t *eap_md5_create_server(identification_t *server, identification_t *pee
 				.get_type = _get_type,
 				.is_mutual = _is_mutual,
 				.get_msk = _get_msk,
+				.get_identifier = _get_identifier,
+				.set_identifier = _set_identifier,
 				.destroy = _destroy,
 			},
 		},
diff --git a/src/libcharon/plugins/eap_md5/eap_md5_plugin.c b/src/libcharon/plugins/eap_md5/eap_md5_plugin.c
index 39a6f5731..fe5ae51bf 100644
--- a/src/libcharon/plugins/eap_md5/eap_md5_plugin.c
+++ b/src/libcharon/plugins/eap_md5/eap_md5_plugin.c
@@ -18,6 +18,12 @@
 
 #include <daemon.h>
 
+METHOD(plugin_t, get_name, char*,
+	eap_md5_plugin_t *this)
+{
+	return "eap-md5";
+}
+
 METHOD(plugin_t, destroy, void,
 	eap_md5_plugin_t *this)
 {
@@ -37,6 +43,8 @@ plugin_t *eap_md5_plugin_create()
 
 	INIT(this,
 		.plugin = {
+			.get_name = _get_name,
+			.reload = (void*)return_false,
 			.destroy = _destroy,
 		},
 	);