Commit aa598039 authored by deuce's avatar deuce
Browse files

Don't use a separate OPT line for TLS, it seems to mess up

Radius/4.010/21.01.2005,13:56(Final-Release)/Win32
parent b5316535
...@@ -543,11 +543,10 @@ BinkP.prototype.accept = function(sock, auth_cb) ...@@ -543,11 +543,10 @@ BinkP.prototype.accept = function(sock, auth_cb)
this.cram = {algo:'MD5', challenge:challenge.replace(/[0-9a-fA-F]{2}/g, hex2ascii)}; this.cram = {algo:'MD5', challenge:challenge.replace(/[0-9a-fA-F]{2}/g, hex2ascii)};
this.authenticated = undefined; this.authenticated = undefined;
this.sendCmd(this.command.M_NUL, "OPT TLS"); this.sendCmd(this.command.M_NUL, "OPT CRAM-MD5-"+challenge+(this.wont_crypt?"":" CRYPT")+" TLS");
pkt = this.recvFrame(this.timeout); pkt = this.recvFrame(this.timeout);
if (pkt === undefined) if (pkt === undefined)
return false; return false;
this.sendCmd(this.command.M_NUL, "OPT CRAM-MD5-"+challenge+(this.wont_crypt?"":" CRYPT"));
this.sendCmd(this.command.M_NUL, "SYS "+this.system_name); this.sendCmd(this.command.M_NUL, "SYS "+this.system_name);
this.sendCmd(this.command.M_NUL, "ZYZ "+this.system_operator); this.sendCmd(this.command.M_NUL, "ZYZ "+this.system_operator);
this.sendCmd(this.command.M_NUL, "LOC "+this.system_location); this.sendCmd(this.command.M_NUL, "LOC "+this.system_location);
...@@ -1058,7 +1057,7 @@ BinkP.prototype.recvFrame = function(timeout) ...@@ -1058,7 +1057,7 @@ BinkP.prototype.recvFrame = function(timeout)
this.nonreliable = true; this.nonreliable = true;
break; break;
case 'CRYPT': case 'CRYPT':
if (!this.wont_crypt) { if (!this.wont_crypt && !this.will_tls) {
this.will_crypt = true; this.will_crypt = true;
log(LOG_INFO, "Will encrypt session."); log(LOG_INFO, "Will encrypt session.");
} }
...@@ -1074,6 +1073,7 @@ BinkP.prototype.recvFrame = function(timeout) ...@@ -1074,6 +1073,7 @@ BinkP.prototype.recvFrame = function(timeout)
this.will_tls = true; this.will_tls = true;
this.wont_crypt = true; this.wont_crypt = true;
this.require_crypt = false; this.require_crypt = false;
this.will_crypt = false;
} }
else { else {
this.sendCmd(this.command.M_ERR, "TLS must be negotiated before any other traffic"); this.sendCmd(this.command.M_ERR, "TLS must be negotiated before any other traffic");
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment