diff -ru ppp-2.4.4.orig/pppd/chap_ms.c ppp-2.4.4+ldap/pppd/chap_ms.c --- ppp-2.4.4.orig/pppd/chap_ms.c 2006-05-21 07:56:40.000000000 -0400 +++ ppp-2.4.4+ldap/pppd/chap_ms.c 2006-11-17 16:47:11.000000000 -0500 @@ -529,17 +529,73 @@ } +/* From libsmb - From SAMBA */ +/* + * Routine to get the 32 hex characters and turn them + * into a 16 byte array. + */ +int gethexpwd(unsigned char *p, unsigned char *pwd) +{ + + int i; + unsigned char lonybble, hinybble; + char *hexchars = "0123456789ABCDEF"; + char *p1, *p2; + + for (i = 0; i < 32; i += 2) + { + + hinybble = toupper(p[i]); + lonybble = toupper(p[i + 1]); + + p1 = strchr(hexchars, hinybble); + p2 = strchr(hexchars, lonybble); + + if (!p1 || !p2) + { + + return (0); + + } + + hinybble = (p1 - hexchars); + lonybble = (p2 - hexchars); + + pwd[i / 2] = (hinybble << 4) | lonybble; + + } + + return (1); + +} + +/* + * Hash the Unicode version of the secret (== password). + * Or get the binary representation of the secret + * if it already looks like a hash + */ +void +HashorBin(char secret[], int secret_len, u_char PasswordHash[]) +{ + u_char unicodePassword[MAX_NT_PASSWORD * 2]; + if (secret_len != 32) + { + ascii2unicode(secret, secret_len, unicodePassword); + NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); + } + else + { + gethexpwd(secret, PasswordHash); + } +} + static void ChapMS_NT(u_char *rchallenge, char *secret, int secret_len, u_char NTResponse[24]) { - u_char unicodePassword[MAX_NT_PASSWORD * 2]; u_char PasswordHash[MD4_SIGNATURE_SIZE]; - /* Hash the Unicode version of the secret (== password). */ - ascii2unicode(secret, secret_len, unicodePassword); - NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); - + HashorBin(secret, secret_len, PasswordHash); ChallengeResponse(rchallenge, PasswordHash, NTResponse); } @@ -547,16 +603,12 @@ ChapMS2_NT(u_char *rchallenge, u_char PeerChallenge[16], char *username, char *secret, int secret_len, u_char NTResponse[24]) { - u_char unicodePassword[MAX_NT_PASSWORD * 2]; u_char PasswordHash[MD4_SIGNATURE_SIZE]; u_char Challenge[8]; ChallengeHash(PeerChallenge, rchallenge, username, Challenge); - /* Hash the Unicode version of the secret (== password). */ - ascii2unicode(secret, secret_len, unicodePassword); - NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); - + HashorBin(secret, secret_len, PasswordHash); ChallengeResponse(Challenge, PasswordHash, NTResponse); } @@ -637,13 +689,10 @@ u_char *rchallenge, char *username, u_char authResponse[MS_AUTH_RESPONSE_LENGTH+1]) { - u_char unicodePassword[MAX_NT_PASSWORD * 2]; u_char PasswordHash[MD4_SIGNATURE_SIZE]; u_char PasswordHashHash[MD4_SIGNATURE_SIZE]; - /* Hash (x2) the Unicode version of the secret (== password). */ - ascii2unicode(secret, secret_len, unicodePassword); - NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); + HashorBin(secret, secret_len, PasswordHash); NTPasswordHash(PasswordHash, sizeof(PasswordHash), PasswordHashHash); @@ -682,13 +731,10 @@ static void Set_Start_Key(u_char *rchallenge, char *secret, int secret_len) { - u_char unicodePassword[MAX_NT_PASSWORD * 2]; u_char PasswordHash[MD4_SIGNATURE_SIZE]; u_char PasswordHashHash[MD4_SIGNATURE_SIZE]; - /* Hash (x2) the Unicode version of the secret (== password). */ - ascii2unicode(secret, secret_len, unicodePassword); - NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); + HashorBin(secret, secret_len, PasswordHash); NTPasswordHash(PasswordHash, sizeof(PasswordHash), PasswordHashHash); mppe_set_keys(rchallenge, PasswordHashHash); @@ -797,12 +843,10 @@ static void SetMasterKeys(char *secret, int secret_len, u_char NTResponse[24], int IsServer) { - u_char unicodePassword[MAX_NT_PASSWORD * 2]; u_char PasswordHash[MD4_SIGNATURE_SIZE]; u_char PasswordHashHash[MD4_SIGNATURE_SIZE]; - /* Hash (x2) the Unicode version of the secret (== password). */ - ascii2unicode(secret, secret_len, unicodePassword); - NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); + + HashorBin(secret, secret_len, PasswordHash); NTPasswordHash(PasswordHash, sizeof(PasswordHash), PasswordHashHash); mppe_set_keys2(PasswordHashHash, NTResponse, IsServer); }