[pptp-server] Re: Encrypted sessions using NTS Tunnel Builder

[Landy Manderson]

I've included the patch below.  You should able to apply it against source
already patched by ppp-2.3.10-openssl-norc4-mppe.patch, or use it to make
the appropriate mods to the original patch.  The first error looks to be
an "oops".  The second I'm betting was due to misinformation in an earlier
release of the MPPE Key Derivation I-D (draft-ietf-pppext-mppe-keys-02.txt).

On Fri, 02 Jun 2000 09:24:40 +0300 Dragos DOBRE said:
>I think that a patch would be useful for all the people on the list.


diff -rupN ppp-2.3.10.orig/pppd/extra_crypto.c ppp-2.3.10/pppd/extra_crypto.c
--- ppp-2.3.10.orig/pppd/extra_crypto.c Sat May 27 16:30:02 2000
+++ ppp-2.3.10/pppd/extra_crypto.c      Thu Jun  1 14:58:46 2000
@@ -43,7 +43,7 @@ LmPasswordHash(char *password, int len,
     /* LANMan password is case insensitive */
     BZERO(up_pass, sizeof(up_pass));
     for (i = 0; i < len; i++)
-       up_pass[i] = (u_char)toupper(up_pass[i]);
+       up_pass[i] = (u_char)toupper(password[i]);
     DesEncrypt(MSStdText, up_pass + 0, hash + 0);
     DesEncrypt(MSStdText, up_pass + 7, hash + 8);
 }
diff -rupN ppp-2.3.10.orig/pppd/mppe.c ppp-2.3.10/pppd/mppe.c
--- ppp-2.3.10.orig/pppd/mppe.c Sat May 27 16:30:02 2000
+++ ppp-2.3.10/pppd/mppe.c      Thu Jun  1 15:39:55 2000
@@ -121,7 +121,8 @@ mppe_get_start_key(unsigned char *Challe

     SHA1_Init(&Context);
     SHA1_Update(&Context, NtPasswordHashHash, 16);
-    SHA1_Update(&Context, Challenge, 24);
+    SHA1_Update(&Context, NtPasswordHashHash, 16);
+    SHA1_Update(&Context, Challenge, 8);
     SHA1_Final(Digest, &Context);
     BCOPY(Digest, InitialSessionKey, 16);
 }