[src/netbsd-1-6]: src/sys/net Pull up revision 1.52 (requested by groo in tic...

[lukem <lukem%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/a8d1200fc66d
branches:  netbsd-1-6
changeset: 529002:a8d1200fc66d
user:      lukem <lukem%NetBSD.org@localhost>
date:      Sat Aug 17 05:22:08 2002 +0000

description:
Pull up revision 1.52 (requested by groo in ticket #669):
Use strcmp() instead of memcmp() because if we get passed a 0 length name
and secret, we'll authenticate successfully! While there, rename passwd to
secret so that code looks nicer.

diffstat:

 sys/net/if_spppsubr.c |  28 ++++++++++++++++++----------
 1 files changed, 18 insertions(+), 10 deletions(-)

diffs (73 lines):

diff -r 0ebc03547686 -r a8d1200fc66d sys/net/if_spppsubr.c
--- a/sys/net/if_spppsubr.c     Sat Aug 17 05:20:39 2002 +0000
+++ b/sys/net/if_spppsubr.c     Sat Aug 17 05:22:08 2002 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: if_spppsubr.c,v 1.46 2002/04/29 16:29:29 martin Exp $   */
+/*     $NetBSD: if_spppsubr.c,v 1.46.4.1 2002/08/17 05:22:08 lukem Exp $        */
 
 /*
  * Synchronous PPP/Cisco link level subroutines.
@@ -28,7 +28,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_spppsubr.c,v 1.46 2002/04/29 16:29:29 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_spppsubr.c,v 1.46.4.1 2002/08/17 05:22:08 lukem Exp $");
 
 #include "opt_inet.h"
 #include "opt_ipx.h"
@@ -4184,8 +4184,8 @@
        struct lcp_header *h;
        int len, x;
        u_char mlen;
-       char *name, *passwd;
-       int name_len, passwd_len;
+       char *name, *secret, sname, ssecret;
+       int name_len, secret_len;
 
        len = m->m_pkthdr.len;
        if (len < 5) {
@@ -4209,9 +4209,9 @@
                }
                name = 1 + (u_char*)(h+1);
                name_len = name[-1];
-               passwd = name + name_len + 1;
+               secret = name + name_len + 1;
                if (name_len > len - 6 ||
-                   (passwd_len = passwd[-1]) > len - 6 - name_len) {
+                   (secret_len = secret[-1]) > len - 6 - name_len) {
                        if (debug) {
                                log(LOG_DEBUG, SPP_FMT "pap corrupted input "
                                    "<%s id=0x%x len=%d",
@@ -4232,12 +4232,18 @@
                            sppp_auth_type_name(PPP_PAP, h->type),
                            h->ident, ntohs(h->len));
                        sppp_print_string((char*)name, name_len);
-                       addlog(" passwd=");
-                       sppp_print_string((char*)passwd, passwd_len);
+                       addlog(" secret=");
+                       sppp_print_string((char*)secret, secret_len);
                        addlog(">\n");
                }
-               if (memcmp(name, sp->hisauth.name, name_len) != 0 ||
-                   memcmp(passwd, sp->hisauth.secret, passwd_len) != 0) {
+               sname = name[name_len];
+               ssecret = secret[secret_len];
+               name[name_len] = '\0';
+               secret[secret_len] = '\0';
+               if (strcmp(name, sp->hisauth.name) != 0 ||
+                   strcmp(secret, sp->hisauth.secret) != 0) {
+                       name[name_len] = sname;
+                       secret[secret_len] = ssecret;
                        /* action scn, tld */
                        sp->pp_auth_failures++;
                        mlen = sizeof(FAILMSG) - 1;
@@ -4248,6 +4254,8 @@
                        pap.tld(sp);
                        break;
                }
+               name[name_len] = sname;
+               secret[secret_len] = ssecret;
                /* action sca, perhaps tlu */
                if (sp->state[IDX_PAP] == STATE_REQ_SENT ||
                    sp->state[IDX_PAP] == STATE_OPENED) {