From 076e2b1c1fc4ac0883a72d3544131ad5cee7adf8 Mon Sep 17 00:00:00 2001
From: mvs <mvs@openbsd.org>
Date: Sun, 14 Jun 2026 05:39:23 +0000
Subject: [PATCH] sppp_pap_input(): do not compare credentials if the lengths
 of received ones is not the same of configured.

ok renaud bluhm
---
 sys/net/if_spppsubr.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/sys/net/if_spppsubr.c b/sys/net/if_spppsubr.c
index 98850eb1b01..ada33cef230 100644
--- a/sys/net/if_spppsubr.c
+++ b/sys/net/if_spppsubr.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: if_spppsubr.c,v 1.201 2026/05/16 13:27:03 daniel Exp $	*/
+/*	$OpenBSD: if_spppsubr.c,v 1.202 2026/06/14 05:39:23 mvs Exp $	*/
 /*
  * Synchronous PPP link level subroutines.
  *
@@ -3813,8 +3813,8 @@ sppp_pap_input(struct sppp *sp, struct mbuf *m)
 			sppp_print_string((char*)passwd, passwd_len);
 			addlog(">\n");
 		}
-		if (name_len > AUTHMAXLEN ||
-		    passwd_len > AUTHMAXLEN ||
+		if (name_len != strlen(sp->hisauth.name) ||
+		    passwd_len != strlen(sp->hisauth.secret) ||
 		    bcmp(name, sp->hisauth.name, name_len) != 0 ||
 		    bcmp(passwd, sp->hisauth.secret, passwd_len) != 0) {
 			/* action scn, tld */