3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2025-01-20 17:54:05 +01:00

eap-mschapv2: Fix domain name usage in username

The domain name must be excluded from the username only for the NT
challenge calculations and left in place for everything else.
This commit is contained in:
Tim Kourt 2019-01-10 14:34:23 -08:00 committed by Denis Kenzior
parent 3a71cf458b
commit bfb69e930f

View File

@ -454,23 +454,6 @@ static bool set_password_from_string(struct eap_mschapv2_state *state,
return mschapv2_nt_password_hash(password, state->password_hash); return mschapv2_nt_password_hash(password, state->password_hash);
} }
static void set_user_name(struct eap_mschapv2_state *state, const char *user)
{
const char *pos;
if (!user)
return;
for (pos = user; *pos; ++pos) {
if (*pos == '\\') {
state->user = l_strdup(pos + 1);
return;
}
}
state->user = l_strdup(user);
}
static int eap_mschapv2_check_settings(struct l_settings *settings, static int eap_mschapv2_check_settings(struct l_settings *settings,
struct l_queue *secrets, struct l_queue *secrets,
const char *prefix, const char *prefix,
@ -555,18 +538,18 @@ static bool eap_mschapv2_load_settings(struct eap_state *eap,
const char *prefix) const char *prefix)
{ {
struct eap_mschapv2_state *state; struct eap_mschapv2_state *state;
L_AUTO_FREE_VAR(char *, identity);
L_AUTO_FREE_VAR(char *, password) = NULL; L_AUTO_FREE_VAR(char *, password) = NULL;
char setting[64]; char setting[64];
state = l_new(struct eap_mschapv2_state, 1); state = l_new(struct eap_mschapv2_state, 1);
snprintf(setting, sizeof(setting), "%sIdentity", prefix); snprintf(setting, sizeof(setting), "%sIdentity", prefix);
identity = l_settings_get_string(settings, "Security", setting); state->user = l_settings_get_string(settings, "Security", setting);
if (!identity) if (!state->user) {
l_error("'%s' setting is missing", setting);
goto error; goto error;
}
set_user_name(state, identity);
state->user_len = strlen(state->user); state->user_len = strlen(state->user);
/* Either read the password-hash from hexdump or password and hash it */ /* Either read the password-hash from hexdump or password and hash it */