Commit 7e72085a authored by Robert Dubner's avatar Robert Dubner
Browse files

Finish HMACMD5 changes

parent 0a2ab7ff
......@@ -35,6 +35,8 @@ LIBS = $(LDAP_LIB)
ALLH = $(wildcard *.h)
$(info $(ALLH))
prefix=/usr/local
exec_prefix=$(prefix)
ldap_subdir=/openldap
......@@ -56,9 +58,9 @@ OBJS = radiusov.lo radius.lo md5.lo hmacmd5.lo rpacket.lo reap.lo tls.lo md4.lo
.c.lo:
$(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
$(OBJS): $(ALLH)
$(OBJS): $(ALLH)
radiusov.la: $(OBJS) $(XOBJS)
radiusov.la: $(OBJS) $(XOBJS) $(ALLH)
$(LIBTOOL) --mode=link $(CC) $(OPT) -version-info 0:0:0 \
-rpath $(moduledir) -module -o $@ $(OBJS) $(XOBJS) $(LIBS)
......
......@@ -24,6 +24,7 @@
#include "mschap.h"
#include "md4.h"
#include "sha1.h"
#include "hmacmd5.h"
//#define TEST_NT_RESPONSE 1
......
......@@ -148,43 +148,8 @@ int radiusov_protocol( RADIUS_INFO *radius_info,
void clobber_state(STATE *state);
#define MD5_DIGEST_LENGTH 16
#define MD5_BLOCK_LENGTH 64
typedef struct MD5Context
{
uint32_t state[4]; //!< State.
uint32_t count[2]; //!< Number of bits, mod 2^64.
uint8_t buffer[MD5_BLOCK_LENGTH]; //!< Input buffer.
uint8_t key[64];
size_t key_len;
} MD5_CTX;
extern ldap_pvt_thread_mutex_t libradius_mutex;
// By rights, the md5 and hmac calls should have their own .h files
// But I couldn't muster the energy to do anything but just put the declarations
// here.
void md5_calc(uint8_t *out, uint8_t const *in, size_t inlen);
void md5_init(MD5_CTX *ctx);
void md5_update(MD5_CTX *ctx, uint8_t const *in, size_t inlen);
void md5_final(uint8_t out[MD5_DIGEST_LENGTH], MD5_CTX *ctx);
void md5_transform(uint32_t state[4], uint8_t const block[MD5_BLOCK_LENGTH]);
void hmac_md5( uint8_t digest[MD5_DIGEST_LENGTH],
uint8_t const *text,
size_t text_len,
uint8_t const *key,
size_t key_len);
void hmac_md5_init( MD5_CTX *context,
uint8_t const *key,
size_t key_len);
void hmac_md5_update(MD5_CTX *context,
uint8_t const *text,
size_t text_len);
void hmac_md5_final( MD5_CTX *context,
uint8_t *digest);
int radiusov_get_password_from_uid( RADIUS_INFO *radius_info,
char *pszUsername,
char *password,
......
......@@ -19,6 +19,7 @@
#include "lber-int.h"
#include "rpacket.h"
#include "reap.h"
#include "hmacmd5.h"
const RADIUS_ATTRIBUTE_TYPE radius_attribute_types[] =
{
......@@ -706,7 +707,7 @@ AdjustServerPacketForSending( RADIUS_PACKET *response,
// For the purposes of the calculation, the sixteen bytes of the Message-Authenticator are set to zero,
// which they are at this point.
MD5_CTX context;
HMAC_MD5_CTX context;
hmac_md5_init( &context, (uint8_t *)shared_secret, strlen(shared_secret) );
hmac_md5_update(&context, response->packet_data, 4); // Type, Identifier, Length
hmac_md5_update(&context, request-> packet_data + AUTHENTICATOR_OFFSET, AUTHENTICATOR_LENGTH);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment