Index: redir.c
===================================================================
--- redir.c	(revision 213)
+++ redir.c	(working copy)
@@ -70,7 +70,7 @@
   return 0;
 }
 
-static int redir_hextochar2(unsigned char *src, unsigned char * dst, int len) {
+static int redir_hextochar(unsigned char *src, unsigned char * dst, int len) {
   char x[3];
   int n;
   int y;
@@ -89,10 +89,6 @@
   return 0;
 }
 
-static int redir_hextochar(unsigned char *src, unsigned char * dst) {
-  return redir_hextochar2(src, dst, REDIR_MD5LEN);
-}
-
 /* Convert 16 octet unsigned char to 32+1 octet ASCII hex string */
 static int redir_chartohex(unsigned char *src, char *dst) {
   char x[3];
@@ -1407,17 +1403,17 @@
       }
       
       if (!redir_getparam(redir, qs, "ntresponse", bt)) {
-	redir_hextochar2(bt->data, conn->chappassword, 24);
+	redir_hextochar(bt->data, conn->chappassword, 24);
 	conn->chap = 2;
 	conn->password[0] = 0;
       }
       else if (!redir_getparam(redir, qs, "response", bt)) {
-	redir_hextochar(bt->data, conn->chappassword);
+	redir_hextochar(bt->data, conn->chappassword, RADIUS_CHAPSIZE);
 	conn->chap = 1;
 	conn->password[0] = 0;
       }
       else if (!redir_getparam(redir, qs, "password", bt)) {
-	redir_hextochar(bt->data, conn->password);
+	redir_hextochar(bt->data, conn->password, RADIUS_PWSIZE);
 	conn->chap = 0;
 	conn->chappassword[0] = 0;
       } else {
@@ -1641,8 +1637,10 @@
      * decode password - encoded by the UAM portal/script. 
      */
     for (m=0; m < RADIUS_PWSIZE;) 
-      for (n=0; n < REDIR_MD5LEN; m++, n++) 
+      for (n=0; n < REDIR_MD5LEN; m++, n++)  {
 	user_password[m] = conn->password[m] ^ chap_challenge[n];
+//        log_dbg("password[%d] ^ challenge[%d] = %02hhx ^ %02hhx = %02hhx", m, n, conn->password[m], chap_challenge[n], user_password[m]);
+      }
     
     user_password[RADIUS_PWSIZE] = 0;