From 5c96662e1ca8e72e634ec490c9ae8802b0f02c8a Mon Sep 17 00:00:00 2001
From: rswindell <>
Date: Sat, 10 Mar 2018 20:14:02 +0000
Subject: [PATCH] Allow the default CRAM challenge length (16 bytes) to be
 overridden (e.g. for experimental purposes) via binkit.ini:
 cram_challenge_length = <length in bytes>

---
 exec/binkit.js     | 2 ++
 exec/load/binkp.js | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/exec/binkit.js b/exec/binkit.js
index 3e9fbe405a..284fcb593e 100644
--- a/exec/binkit.js
+++ b/exec/binkit.js
@@ -895,6 +895,8 @@ function run_inbound(sock)
 	bp.want_callback = callout_want_callback;
 	if (bp.cb_data.binkitcfg.caps !== undefined)
 		bp.capabilities = bp.cb_data.binkitcfg.caps;
+	if (bp.cb_data.binkitcfg.cram_challenge_length !== undefined)
+		bp.cram_challenge_length = bp.cb_data.binkitcfg.cram_challenge_length;
 
 	// We can't use the defaults since the defaults are only 4D addresses.
 	bp.addr_list = [];
diff --git a/exec/load/binkp.js b/exec/load/binkp.js
index 03b7114070..7bb66066b4 100644
--- a/exec/load/binkp.js
+++ b/exec/load/binkp.js
@@ -79,6 +79,7 @@ function BinkP(name_ver, inbound, rx_callback, tx_callback)
 	this.sent_nr = false;
 	this.ver1_1 = false;
 	this.require_md5 = true;
+	this.cram_challenge_length = 16;
 	this.require_crypt = true;
 	this.timeout = 120;
 	this.addr_list = [];
@@ -523,7 +524,7 @@ BinkP.prototype.accept = function(sock, auth_cb)
 		return false;
 
 	// IREX VER Internet Rex 2.29 Win32 (binkp/1.1) doesn't work with longer challenges
-	for (i=0; i<32; i++)
+	for (i=0; i < this.cram_challenge_length * 2; i++)
 		challenge += random(16).toString(16);
 
 	// Avoid warning from syncjslint by putting this in a closure.
-- 
GitLab