--- src/radius.c.orig Tue Sep 28 16:30:19 1999 +++ src/radius.c Fri Mar 31 12:08:03 2000 @@ -22,6 +22,12 @@ #include "radiusd.h" +/*RELAX start*/ +u_char rrnr[32]; +u_char rrnrpool[33]; +u_char clid_rrnr[32]; + +/*RELAX stop*/ /* * Make sure our buffer is aligned. */ @@ -136,10 +142,37 @@ case PW_TYPE_STRING: /* + * This is to hash the Ascend-Send-Secret before + * we send it to the Max. + */ +#ifdef ASCEND_SECRET + if (( strcmp(reply->name, "Ascend-Send-Secret") == 0 ) || + ( strcmp(reply->name, "Ascend-Recv-Secret") == 0 )) { + make_secret( digest, authreq->vector, + authreq->secret, reply->strvalue ); + *ptr++ = AUTH_VECTOR_LEN + 2; + memcpy( ptr, digest, AUTH_VECTOR_LEN ); + ptr += AUTH_VECTOR_LEN; + total_length += AUTH_VECTOR_LEN + 2; + break; + } +#endif + /* * FIXME: this is just to make sure but * should NOT be needed. In fact I have no * idea if it is needed :) */ +/*RELAX start*/ + if (strcmp(reply->name,"Ascend-Dial-Number")== 0 + &&rrnr[0]!='\0') + { + sprintf(rrnrpool,"9%s",rrnr); + strcpy(reply->name,"pusegn"); + strcpy(reply->strvalue,rrnrpool); + reply->length = strlen(reply->strvalue); + } +/*RELAX stop */ + if (reply->length == 0 && reply->strvalue[0] != 0) reply->length = strlen(reply->strvalue); @@ -169,6 +202,17 @@ ptr += sizeof(UINT4); total_length += sizeof(UINT4) + 2; break; + case PW_TYPE_FILTER_BINARY: + + /* The binary representation of the filter is in + reply->strvalue. It's length is in reply->lvalue */ + + *ptr++ = reply->lvalue + 2; + memcpy( ptr, reply->strvalue, reply->lvalue ); + ptr += reply->lvalue; + total_length += reply->lvalue + 2; + break; + default: break; @@ -458,6 +502,30 @@ memset(pair->strvalue, 0, AUTH_STRING_LEN); memcpy(pair->strvalue, ptr, attrlen); debug_pair(stdout, pair); +/*RELAX start*/ + if (strncmp(pair->name,"User-Name",9)==0) + { + char *nwptr; + rrnr[0]='\0'; + nwptr=index(pair->strvalue,':'); + if (nwptr != NULL) + { + *nwptr='\0'; + nwptr++;/* fuer Amt */ + strcpy(rrnr,++nwptr); + } + while (*(pair->strvalue)=='0') + { + char *nwptr; + nwptr=pair->strvalue; + nwptr++; + strcpy(clid_rrnr,nwptr); + strcpy(pair->strvalue,clid_rrnr); + } + } + +/*RELAX stop*/ + if(first_pair == (VALUE_PAIR *)NULL) { first_pair = pair; } @@ -480,7 +548,20 @@ } prev = pair; break; - + + case PW_TYPE_FILTER_BINARY: + memcpy(pair->strvalue, ptr, attrlen); + pair->strvalue[attrlen] = '\0'; + if(first_pair == (VALUE_PAIR *)NULL) { + first_pair = pair; + } + else { + prev->next = pair; + } + prev = pair; + break; + + default: DEBUG(" %s (Unknown Type %d)", attr->name,attr->type); @@ -588,4 +669,32 @@ } #endif +#ifdef ASCEND_SECRET +/************************************************************************* + * + * Function: make_secret + * + * Purpose: Build an encrypted secret value to return in a reply + * packet. The secret is hidden by xoring with a MD5 digest + * created from the shared secret and the authentication + * vector. We put them into MD5 in the reverse order from + * that used when encrypting passwords to RADIUS. + * + *************************************************************************/ + +void make_secret(u_char *digest, u_char *vector, u_char *secret, char *value) +{ + u_char buffer[ AUTH_STRING_LEN ]; + int secretLen = strlen( (const char *)secret ); + int ix; + + memcpy( buffer, vector, AUTH_VECTOR_LEN ); + memcpy( buffer + AUTH_VECTOR_LEN, secret, secretLen ); + md5_calc( digest, buffer, AUTH_VECTOR_LEN + secretLen ); + memset( buffer, 0, AUTH_STRING_LEN ); + for ( ix = 0; ix < AUTH_VECTOR_LEN; ix += 1 ) { + digest[ ix ] ^= value[ ix ]; + } +} +#endif /* ASCEND_SECRET */