--- freeradius-1.1.0/src/modules/rlm_digest/rlm_digest.c 2005-12-19 22:51:16.000000000 -0200 +++ freeradius-1.1.0-new/src/modules/rlm_digest/rlm_digest.c 2006-04-11 17:18:02.376222111 -0300 @@ -235,9 +235,18 @@ a1[a1_len] = '\0'; DEBUG2("A1 = %s", a1); } else { + /* + * MD5-Password must be 16 chars (MD5 String) or + * 32 chars (MD5 Hexadecimal String) + */ + if ((passwd->length != 16) && (passwd->length != 32)) { + DEBUG("ERROR: MD5-Password length should be 16 or 32 chars"); + DEBUG("ERROR: No MD5-Password: Cannot perform Digest authentication"); + return RLM_MODULE_INVALID; + } a1[a1_len] = '\0'; DEBUG2("A1 = %s (using MD5-Password)", a1); - a1_len = 16; + a1_len = passwd->length; } /* @@ -251,7 +260,11 @@ * Set A1 to MD5-Password if no User-Password found */ if (passwd->attribute != PW_USER_PASSWORD) { - memcpy(&a1[0], passwd->strvalue, 16); + if (a1_len == 16) { + lrad_bin2hex(passwd->strvalue, &a1[0], a1_len); + } else { + memcpy(&a1[0], passwd->strvalue, a1_len); + } } } else if (strcasecmp(algo->strvalue, "MD5-sess") == 0) { @@ -265,7 +278,11 @@ librad_md5_calc(hash, &a1[0], a1_len); lrad_bin2hex(hash, &a1[0], 16); } else { - lrad_bin2hex(passwd->strvalue, &a1[0], 16); + if (a1_len == 16) { + lrad_bin2hex(passwd->strvalue, &a1[0], a1_len); + } else { + memcpy(&a1[0], passwd->strvalue, a1_len); + } } a1_len = 32; @@ -383,10 +400,11 @@ (passwd->attribute == PW_USER_PASSWORD)) { a1[a1_len] = '\0'; librad_md5_calc(&hash[0], &a1[0], a1_len); + lrad_bin2hex(hash, kd, sizeof(hash)); } else { memcpy(&hash[0], &a1[0], a1_len); + memcpy(&kd[0], &a1[0], a1_len); } - lrad_bin2hex(hash, kd, sizeof(hash)); #ifndef NDEBUG if (debug_flag) {