}
bool
-gss_eap_radius_attr_provider::setAttribute(int complete,
+gss_eap_radius_attr_provider::setAttribute(int complete GSSEAP_UNUSED,
uint32_t attrid,
const gss_buffer_t value)
{
gss_any_t
gss_eap_radius_attr_provider::mapToAny(int authenticated,
- gss_buffer_t type_id) const
+ gss_buffer_t type_id GSSEAP_UNUSED) const
{
if (authenticated && !m_authenticated)
return (gss_any_t)NULL;
}
void
-gss_eap_radius_attr_provider::releaseAnyNameMapping(gss_buffer_t type_id,
+gss_eap_radius_attr_provider::releaseAnyNameMapping(gss_buffer_t type_id GSSEAP_UNUSED,
gss_any_t input) const
{
- pairfree((VALUE_PAIR **)&input);
+ VALUE_PAIR *vp = (VALUE_PAIR *)input;
+ pairfree(&vp);
}
bool
* dictionary, otherwise accepting reauthentication tokens fails unless
* the acceptor has already accepted a normal authentication token.
*/
- if (rs_context_create(&radContext, RS_DICT_FILE) != 0) {
+ if (rs_context_create(&radContext) != 0)
+ return false;
+
+ if (rs_context_read_config(radContext, RS_CONFIG_FILE) != 0) {
+ rs_context_destroy(radContext);
+ return false;
+ }
+
+ if (rs_context_init_freeradius_dict(radContext, NULL)) {
+ rs_context_destroy(radContext);
return false;
}
VALUE_PAIR *vp;
size_t n = remain;
- if (n > MAX_STRING_LEN)
- n = MAX_STRING_LEN;
+ /*
+ * There's an extra byte of padding; RADIUS AVPs can only
+ * be 253 octets.
+ */
+ if (n >= MAX_STRING_LEN)
+ n = MAX_STRING_LEN - 1;
vp = paircreate(attrid, PW_TYPE_OCTETS);
if (vp == NULL) {
gssEapRadiusAttrProviderFinalize(OM_uint32 *minor)
{
gss_eap_radius_attr_provider::finalize();
+
+ *minor = 0;
return GSS_S_COMPLETE;
}
remain -= 5;
break;
case PW_TYPE_STRING:
- /* check enough room to NUL terminate */
- if (p[0] == MAX_STRING_LEN)
- goto fail;
- else
- /* fallthrough */
default:
- if (p[0] > MAX_STRING_LEN)
+ if (p[0] >= MAX_STRING_LEN)
goto fail;
vp->length = (uint32_t)p[0];
*minor = ERROR_TABLE_BASE_rse + code;
- gssEapSaveStatusInfo(*minor, "%s", rs_err_msg(err, 0));
+ gssEapSaveStatusInfo(*minor, "%s", rs_err_msg(err));
rs_err_free(err);
return GSS_S_FAILURE;