pluto: Fix for null-terminated XAuth secrets (as sent by Android 4).

2025-10-07 00:01:49 -04:00 · 2012-04-24 09:25:38 +02:00 · 2012-04-24 09:25:38 +02:00 · 7d85bebc49
commit 7d85bebc49
parent 5ff8fe5d48
1 changed files with 7 additions and 0 deletions
--- a/src/pluto/plugins/xauth/xauth_default_verifier.c
+++ b/src/pluto/plugins/xauth/xauth_default_verifier.c
@ -43,6 +43,13 @@ METHOD(xauth_verifier_t, verify_secret, bool,
 	if (get_xauth_secret(user, server, &xauth_secret))
 	{
 		success = chunk_equals(secret, xauth_secret);
 		if (!success && secret.len && secret.ptr[secret.len - 1] == 0)
 		{	/* fix for null-terminated passwords (e.g. from Android 4) */
 			secret.len--;
 			success = chunk_equals(secret, xauth_secret);
 		}
 		chunk_clear(&xauth_secret);
 	}
 	return success;