auth_chap*: use previous challenge value in packet resend instead of generating new one

accel-pppd/auth/auth_chap_md5.c

@@ -79,7 +79,7 @@ struct chap_auth_data_t
 	int started:1;
 };
 
-static void chap_send_challenge(struct chap_auth_data_t *ad);
+static void chap_send_challenge(struct chap_auth_data_t *ad, int new);
 static void chap_recv(struct ppp_handler_t *h);
 static void chap_timeout_timer(struct triton_timer_t *t);
 static void chap_restart_timer(struct triton_timer_t *t);
@@ -134,7 +134,7 @@ static int chap_start(struct ppp_t *ppp, struct auth_data_t *auth)
 
 	ppp_register_chan_handler(ppp, &d->h);
 
-	chap_send_challenge(d);
+	chap_send_challenge(d, 1);
 
 	return 0;
 }
@@ -168,7 +168,7 @@ static void chap_timeout_timer(struct triton_timer_t *t)
 			ppp_auth_failed(d->ppp, NULL);
 	} else {
 		--d->id;
-		chap_send_challenge(d);
+		chap_send_challenge(d, 0);
 	}
 }
 
@@ -176,7 +176,7 @@ static void chap_restart_timer(struct triton_timer_t *t)
 {
 	struct chap_auth_data_t *d = container_of(t, typeof(*d), interval);
 	
-	chap_send_challenge(d);
+	chap_send_challenge(d, 1);
 }
 
 static int lcp_send_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t *ptr)
@@ -224,7 +224,7 @@ static void chap_send_success(struct chap_auth_data_t *ad)
 	ppp_chan_send(ad->ppp, &msg, ntohs(msg.hdr.len) + 2);
 }
 
-static void chap_send_challenge(struct chap_auth_data_t *ad)
+static void chap_send_challenge(struct chap_auth_data_t *ad, int new)
 {
 	struct chap_challenge_t msg =	{
 		.hdr.proto = htons(PPP_CHAP),
@@ -234,7 +234,9 @@ static void chap_send_challenge(struct chap_auth_data_t *ad)
 		.val_size = VALUE_SIZE,
 	};
 
-	read(urandom_fd, ad->val, VALUE_SIZE);
+	if (new)
+		read(urandom_fd, ad->val, VALUE_SIZE);
+
 	memcpy(msg.val, ad->val, VALUE_SIZE);
 
 	if (conf_ppp_verbose) {
@@ -379,7 +381,7 @@ static int chap_restart(struct ppp_t *ppp, struct auth_data_t *auth)
 {
 	struct chap_auth_data_t *d = container_of(auth, typeof(*d), auth);
 	
-	chap_send_challenge(d);
+	chap_send_challenge(d, 1);
 
 	return 0;
 }

accel-pppd/auth/auth_mschap_v1.c

@@ -78,7 +78,7 @@ struct chap_auth_data_t
 	int started:1;
 };
 
-static void chap_send_challenge(struct chap_auth_data_t *ad);
+static void chap_send_challenge(struct chap_auth_data_t *ad, int new);
 static void chap_recv(struct ppp_handler_t *h);
 static int chap_check_response(struct chap_auth_data_t *ad, struct chap_response_t *res, const char *name);
 static void chap_timeout_timer(struct triton_timer_t *t);
@@ -135,7 +135,7 @@ static int chap_start(struct ppp_t *ppp, struct auth_data_t *auth)
 
 	ppp_register_chan_handler(ppp, &d->h);
 
-	chap_send_challenge(d);
+	chap_send_challenge(d, 1);
 
 	return 0;
 }
@@ -169,7 +169,7 @@ static void chap_timeout_timer(struct triton_timer_t *t)
 			ppp_auth_failed(d->ppp, NULL);
 	} else {
 		--d->id;
-		chap_send_challenge(d);
+		chap_send_challenge(d, 0);
 	}
 }
 
@@ -177,7 +177,7 @@ static void chap_restart_timer(struct triton_timer_t *t)
 {
 	struct chap_auth_data_t *d = container_of(t, typeof(*d), interval);
 	
-	chap_send_challenge(d);
+	chap_send_challenge(d, 1);
 }
 
 static int lcp_send_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t *ptr)
@@ -227,7 +227,7 @@ static void chap_send_success(struct chap_auth_data_t *ad)
 	_free(hdr);
 }
 
-static void chap_send_challenge(struct chap_auth_data_t *ad)
+static void chap_send_challenge(struct chap_auth_data_t *ad, int new)
 {
 	struct chap_challenge_t msg = {
 		.hdr.proto = htons(PPP_CHAP),
@@ -237,7 +237,9 @@ static void chap_send_challenge(struct chap_auth_data_t *ad)
 		.val_size = VALUE_SIZE,
 	};
 
-	read(urandom_fd, ad->val, VALUE_SIZE);
+	if (new)
+		read(urandom_fd, ad->val, VALUE_SIZE);
+
 	memcpy(msg.val, ad->val, VALUE_SIZE);
 
 	if (conf_ppp_verbose) {
@@ -446,7 +448,7 @@ static int chap_restart(struct ppp_t *ppp, struct auth_data_t *auth)
 {
 	struct chap_auth_data_t *d = container_of(auth, typeof(*d), auth);
 	
-	chap_send_challenge(d);
+	chap_send_challenge(d, 1);
 
 	return 0;
 }

accel-pppd/auth/auth_mschap_v2.c

@@ -78,7 +78,7 @@ struct chap_auth_data_t
 	int started:1;
 };
 
-static void chap_send_challenge(struct chap_auth_data_t *ad);
+static void chap_send_challenge(struct chap_auth_data_t *ad, int new);
 static void chap_recv(struct ppp_handler_t *h);
 static int chap_check_response(struct chap_auth_data_t *ad, struct chap_response_t *msg, const char *name);
 static void chap_timeout_timer(struct triton_timer_t *t);
@@ -136,7 +136,7 @@ static int chap_start(struct ppp_t *ppp, struct auth_data_t *auth)
 
 	ppp_register_chan_handler(ppp, &d->h);
 
-	chap_send_challenge(d);
+	chap_send_challenge(d, 1);
 
 	return 0;
 }
@@ -170,7 +170,7 @@ static void chap_timeout_timer(struct triton_timer_t *t)
 			ppp_auth_failed(d->ppp, NULL);
 	} else {
 		--d->id;
-		chap_send_challenge(d);
+		chap_send_challenge(d, 0);
 	}
 }
 
@@ -178,7 +178,7 @@ static void chap_restart_timer(struct triton_timer_t *t)
 {
 	struct chap_auth_data_t *d = container_of(t, typeof(*d), interval);
 	
-	chap_send_challenge(d);
+	chap_send_challenge(d, 1);
 }
 
 static int lcp_send_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t *ptr)
@@ -300,7 +300,7 @@ static int generate_response(struct chap_auth_data_t *ad, struct chap_response_t
 	return 0;
 }
 
-static void chap_send_challenge(struct chap_auth_data_t *ad)
+static void chap_send_challenge(struct chap_auth_data_t *ad, int new)
 {
 	struct chap_challenge_t msg =	{
 		.hdr.proto = htons(PPP_CHAP),
@@ -310,7 +310,9 @@ static void chap_send_challenge(struct chap_auth_data_t *ad)
 		.val_size = VALUE_SIZE,
 	};
 
-	read(urandom_fd, ad->val, VALUE_SIZE);
+	if (new)
+		read(urandom_fd, ad->val, VALUE_SIZE);
+
 	memcpy(msg.val, ad->val, VALUE_SIZE);
 
 	if (conf_ppp_verbose) {
@@ -582,7 +584,7 @@ static int chap_restart(struct ppp_t *ppp, struct auth_data_t *auth)
 {
 	struct chap_auth_data_t *d = container_of(auth, typeof(*d), auth);
 	
-	chap_send_challenge(d);
+	chap_send_challenge(d, 1);
 
 	return 0;
 }
@@ -604,12 +606,16 @@ static void chap_recv(struct ppp_handler_t *h)
 {
 	struct chap_auth_data_t *d = container_of(h, typeof(*d), h);
 	struct chap_hdr_t *hdr = (struct chap_hdr_t *)d->ppp->buf;
+	static int drop=1;
 
 	if (d->ppp->buf_size < sizeof(*hdr) || ntohs(hdr->len) < HDR_LEN || ntohs(hdr->len) < d->ppp->buf_size - 2) {
 		log_ppp_warn("mschap-v2: short packet received\n");
 		return;
 	}
 
+	if (drop-- == 1)
+		return;
+
 	if (hdr->code == CHAP_RESPONSE)
 		chap_recv_response(d, hdr);
 	else