From d884034c9f905c8fe066316113d0f2bbb047f025 Mon Sep 17 00:00:00 2001
From: Sylvain Rochet <gradator@gradator.net>
Date: Sat, 28 Feb 2015 19:50:25 +0100
Subject: [PATCH] PPP, replaced drand48() with magic_pow()

---
 src/include/netif/ppp/chap-new.h |  2 +-
 src/include/netif/ppp/eap.h      |  3 ++-
 src/netif/ppp/chap-md5.c         |  6 +++---
 src/netif/ppp/chap-new.c         |  3 ++-
 src/netif/ppp/chap_ms.c          |  2 +-
 src/netif/ppp/eap.c              | 18 +++++++++---------
 6 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/src/include/netif/ppp/chap-new.h b/src/include/netif/ppp/chap-new.h
index 5753fb60..d2cc7dee 100644
--- a/src/include/netif/ppp/chap-new.h
+++ b/src/include/netif/ppp/chap-new.h
@@ -159,7 +159,7 @@ typedef struct chap_client_state {
 #if PPP_SERVER
 typedef struct chap_server_state {
 	u8_t flags;
-	int id;
+	u8_t id;
 	const char *name;
 	const struct chap_digest_type *digest;
 	int challenge_xmits;
diff --git a/src/include/netif/ppp/eap.h b/src/include/netif/ppp/eap.h
index cab69018..7d5852ba 100644
--- a/src/include/netif/ppp/eap.h
+++ b/src/include/netif/ppp/eap.h
@@ -80,8 +80,9 @@ extern "C" {
 #define	SRP_PSEUDO_LEN	7
 
 #define MD5_SIGNATURE_SIZE	16
-#define EAP_MIN_CHALLENGE_LENGTH	16
+#define EAP_MIN_CHALLENGE_LENGTH	17
 #define EAP_MAX_CHALLENGE_LENGTH	24
+#define EAP_MIN_MAX_POWER_OF_TWO_CHALLENGE_LENGTH     3   /* 2^3-1 = 7, 17+7 = 24 */
 
 #define	EAP_STATES	\
 	"Initial", "Pending", "Closed", "Listen", "Identify", \
diff --git a/src/netif/ppp/chap-md5.c b/src/netif/ppp/chap-md5.c
index 70b879a1..9a15621c 100644
--- a/src/netif/ppp/chap-md5.c
+++ b/src/netif/ppp/chap-md5.c
@@ -49,15 +49,15 @@
 #endif
 
 #define MD5_HASH_SIZE		16
-#define MD5_MIN_CHALLENGE	16
+#define MD5_MIN_CHALLENGE	17
 #define MD5_MAX_CHALLENGE	24
+#define MD5_MIN_MAX_POWER_OF_TWO_CHALLENGE     3   /* 2^3-1 = 7, 17+7 = 24 */
 
 #if PPP_SERVER
 static void chap_md5_generate_challenge(unsigned char *cp) {
 	int clen;
 
-	clen = (int)(drand48() * (MD5_MAX_CHALLENGE - MD5_MIN_CHALLENGE))
-		+ MD5_MIN_CHALLENGE;
+	clen = MD5_MIN_CHALLENGE + magic_pow(MD5_MIN_MAX_POWER_OF_TWO_CHALLENGE);
 	*cp++ = clen;
 	random_bytes(cp, clen);
 }
diff --git a/src/netif/ppp/chap-new.c b/src/netif/ppp/chap-new.c
index e9cf6835..7cc4310a 100644
--- a/src/netif/ppp/chap-new.c
+++ b/src/netif/ppp/chap-new.c
@@ -47,6 +47,7 @@
 #if MSCHAP_SUPPORT
 #include "netif/ppp/chap_ms.h"
 #endif
+#include "netif/ppp/magic.h"
 
 #if 0 /* UNUSED */
 /* Hook for a plugin to validate CHAP challenge */
@@ -175,7 +176,7 @@ void chap_auth_peer(ppp_pcb *pcb, const char *our_name, int digest_code) {
 	pcb->chap_server.digest = dp;
 	pcb->chap_server.name = our_name;
 	/* Start with a random ID value */
-	pcb->chap_server.id = (unsigned char)(drand48() * 256);
+	pcb->chap_server.id = (u8_t)magic_pow(8);
 	pcb->chap_server.flags |= AUTH_STARTED;
 	if (pcb->chap_server.flags & LOWERUP)
 		chap_timeout(pcb);
diff --git a/src/netif/ppp/chap_ms.c b/src/netif/ppp/chap_ms.c
index e0b67d43..3313eafd 100644
--- a/src/netif/ppp/chap_ms.c
+++ b/src/netif/ppp/chap_ms.c
@@ -836,7 +836,7 @@ void ChapMS2(u_char *rchallenge, u_char *PeerChallenge,
     /* Generate the Peer-Challenge if requested, or copy it if supplied. */
     if (!PeerChallenge)
 	for (i = 0; i < MS_CHAP2_PEER_CHAL_LEN; i++)
-	    *p++ = (u_char) (drand48() * 0xff);
+	    *p++ = (u_char)magic_pow(8);
     else
 	MEMCPY(&response[MS_CHAP2_PEER_CHALLENGE], PeerChallenge,
 	      MS_CHAP2_PEER_CHAL_LEN);
diff --git a/src/netif/ppp/eap.c b/src/netif/ppp/eap.c
index 2169be70..c5b07ab8 100644
--- a/src/netif/ppp/eap.c
+++ b/src/netif/ppp/eap.c
@@ -55,6 +55,7 @@
 #endif
 
 #include "netif/ppp/eap.h"
+#include "netif/ppp/magic.h"
 
 #ifdef USE_SRP
 #include <t_pwd.h>
@@ -203,7 +204,7 @@ static void eap_init(ppp_pcb *pcb) {
 
 	BZERO(&pcb->eap, sizeof(eap_state));
 #if PPP_SERVER
-	pcb->eap.es_server.ea_id = (u_char)(drand48() * 0x100); /* FIXME: use magic.c random function */
+	pcb->eap.es_server.ea_id = (u_char)magic_pow(8);
 #endif /* PPP_SERVER */
 }
 
@@ -717,14 +718,13 @@ static void eap_send_request(ppp_pcb *pcb) {
 		 * pick a random challenge length between
 		 * EAP_MIN_CHALLENGE_LENGTH and EAP_MAX_CHALLENGE_LENGTH
 		 */
-		challen = (drand48() *
-		    (EAP_MAX_CHALLENGE_LENGTH - EAP_MIN_CHALLENGE_LENGTH)) +
-			    EAP_MIN_CHALLENGE_LENGTH;
+		challen = EAP_MIN_CHALLENGE_LENGTH +
+		    magic_pow(EAP_MIN_MAX_POWER_OF_TWO_CHALLENGE_LENGTH);
 		PUTCHAR(challen, outp);
 		pcb->eap.es_challen = challen;
 		ptr = pcb->eap.es_challenge;
 		while (--challen >= 0)
-			*ptr++ = (u_char) (drand48() * 0x100);
+			*ptr++ = (u_char)magic_pow(8);
 		MEMCPY(outp, pcb->eap.es_challenge, pcb->eap.es_challen);
 		INCPTR(pcb->eap.es_challen, outp);
 		MEMCPY(outp, pcb->eap.es_server.ea_name, pcb->eap.es_server.ea_namelen);
@@ -809,7 +809,7 @@ static void eap_send_request(ppp_pcb *pcb) {
 				MEMCPY(clear, cp, i);
 				cp += i;
 				while (i < 8) {
-					*cp++ = drand48() * 0x100;
+					*cp++ = magic_pow(8);
 					i++;
 				}
 				/* FIXME: if we want to do SRP, we need to find a way to pass the PolarSSL des_context instead of using static memory */
@@ -824,7 +824,7 @@ static void eap_send_request(ppp_pcb *pcb) {
 			i %= SHA_DIGESTSIZE;
 			if (i != 0) {
 				while (i < SHA_DIGESTSIZE) {
-					*outp++ = drand48() * 0x100;
+					*outp++ = magic_pow(8);
 					i++;
 				}
 			}
@@ -855,11 +855,11 @@ static void eap_send_request(ppp_pcb *pcb) {
 		PUTCHAR(EAPT_SRP, outp);
 		PUTCHAR(EAPSRP_LWRECHALLENGE, outp);
 		challen = EAP_MIN_CHALLENGE_LENGTH +
-		    ((EAP_MAX_CHALLENGE_LENGTH - EAP_MIN_CHALLENGE_LENGTH) * drand48());
+		    magic_pow(EAP_MIN_MAX_POWER_OF_TWO_CHALLENGE_LENGTH);
 		pcb->eap.es_challen = challen;
 		ptr = pcb->eap.es_challenge;
 		while (--challen >= 0)
-			*ptr++ = drand48() * 0x100;
+			*ptr++ = magic_pow(8);
 		MEMCPY(outp, pcb->eap.es_challenge, pcb->eap.es_challen);
 		INCPTR(pcb->eap.es_challen, outp);
 		break;