aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_server
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-10-11 16:31:48 (GMT)
committerJouni Malinen <j@w1.fi>2014-10-11 16:43:36 (GMT)
commit8c5dfc79a5262b4d305a69bc56b20511d641a7a8 (patch)
tree9f2024c328367bb2c8809a4d44d404ba6a3fff0a /src/eap_server
parent8e3e0b3f573a69ff5b916ee75b369680840734cd (diff)
downloadhostap-8c5dfc79a5262b4d305a69bc56b20511d641a7a8.zip
hostap-8c5dfc79a5262b4d305a69bc56b20511d641a7a8.tar.gz
hostap-8c5dfc79a5262b4d305a69bc56b20511d641a7a8.tar.bz2
EAP-MSCHAPv2 server: Check ms_funcs results more consistently
This makes the code more consistent by checking the somewhat theoretical error cases more consistently (CID 72685). Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_server')
-rw-r--r--src/eap_server/eap_server_mschapv2.c17
1 files changed, 10 insertions, 7 deletions
diff --git a/src/eap_server/eap_server_mschapv2.c b/src/eap_server/eap_server_mschapv2.c
index f7a753d..05848d2 100644
--- a/src/eap_server/eap_server_mschapv2.c
+++ b/src/eap_server/eap_server_mschapv2.c
@@ -414,13 +414,16 @@ static void eap_mschapv2_process_response(struct eap_sm *sm,
}
pw_hash = pw_hash_buf;
}
- generate_authenticator_response_pwhash(
- pw_hash, peer_challenge, data->auth_challenge,
- username, username_len, nt_response,
- data->auth_response);
-
- hash_nt_password_hash(pw_hash, pw_hash_hash);
- get_master_key(pw_hash_hash, nt_response, data->master_key);
+ if (generate_authenticator_response_pwhash(
+ pw_hash, peer_challenge, data->auth_challenge,
+ username, username_len, nt_response,
+ data->auth_response) < 0 ||
+ hash_nt_password_hash(pw_hash, pw_hash_hash) < 0 ||
+ get_master_key(pw_hash_hash, nt_response,
+ data->master_key)) {
+ data->state = FAILURE;
+ return;
+ }
data->master_key_valid = 1;
wpa_hexdump_key(MSG_DEBUG, "EAP-MSCHAPV2: Derived Master Key",
data->master_key, MSCHAPV2_KEY_LEN);