X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=radmsg.c;h=0a46e71442d11df77be922851115e2e4b77b7a4e;hb=c1f196080a7cb867afd3dee50e2910899cbf5f46;hp=0521fc6ab27e3ea12392a729ed7caf196e5513b1;hpb=973eaceb232a0038d97cf21c13c53ae33a5e232b;p=libradsec.git

diff --git a/radmsg.c b/radmsg.c
index 0521fc6..0a46e71 100644
--- a/radmsg.c
+++ b/radmsg.c
@@ -6,7 +6,11 @@
  * copyright notice and this permission notice appear in all copies.
  */
 
+#ifdef SYS_SOLARIS9
+#include <sys/inttypes.h>
+#else
 #include <stdint.h>
+#endif
 #include <stdlib.h>
 #include <string.h>
 #include <arpa/inet.h>
@@ -29,7 +33,7 @@ void radmsg_free(struct radmsg *msg) {
 
 struct radmsg *radmsg_init(uint8_t code, uint8_t id, uint8_t *auth) {
     struct radmsg *msg;
-    
+
     msg = malloc(sizeof(struct radmsg));
     if (!msg)
         return NULL;
@@ -38,7 +42,7 @@ struct radmsg *radmsg_init(uint8_t code, uint8_t id, uint8_t *auth) {
     if (!msg->attrs) {
 	free(msg);
         return NULL;
-    }	
+    }
     msg->code = code;
     msg->id = id;
     if (auth)
@@ -46,7 +50,7 @@ struct radmsg *radmsg_init(uint8_t code, uint8_t id, uint8_t *auth) {
     else if (!RAND_bytes(msg->auth, 16)) {
 	free(msg);
 	return NULL;
-    }	
+    }
     return msg;
 }
 
@@ -79,7 +83,7 @@ int _checkmsgauth(unsigned char *rad, uint8_t *authattr, uint8_t *secret) {
     static HMAC_CTX hmacctx;
     unsigned int md_len;
     uint8_t auth[16], hash[EVP_MAX_MD_SIZE];
-    
+
     pthread_mutex_lock(&lock);
     if (first) {
 	HMAC_CTX_init(&hmacctx);
@@ -103,8 +107,8 @@ int _checkmsgauth(unsigned char *rad, uint8_t *authattr, uint8_t *secret) {
 	debug(DBG_WARN, "message authenticator, wrong value");
 	pthread_mutex_unlock(&lock);
 	return 0;
-    }	
-	
+    }
+
     pthread_mutex_unlock(&lock);
     return 1;
 }
@@ -116,7 +120,7 @@ int _validauth(unsigned char *rad, unsigned char *reqauth, unsigned char *sec) {
     unsigned char hash[EVP_MAX_MD_SIZE];
     unsigned int len;
     int result;
-    
+
     pthread_mutex_lock(&lock);
     if (first) {
 	EVP_MD_CTX_init(&mdctx);
@@ -124,7 +128,7 @@ int _validauth(unsigned char *rad, unsigned char *reqauth, unsigned char *sec) {
     }
 
     len = RADLEN(rad);
-    
+
     result = (EVP_DigestInit_ex(&mdctx, EVP_md5(), NULL) &&
 	      EVP_DigestUpdate(&mdctx, rad, 4) &&
 	      EVP_DigestUpdate(&mdctx, reqauth, 16) &&
@@ -145,7 +149,7 @@ int _createmessageauth(unsigned char *rad, unsigned char *authattrval, uint8_t *
 
     if (!authattrval)
 	return 1;
-    
+
     pthread_mutex_lock(&lock);
     if (first) {
 	HMAC_CTX_init(&hmacctx);
@@ -204,7 +208,7 @@ uint8_t *radmsg2buf(struct radmsg *msg, uint8_t *secret) {
     buf = malloc(size);
     if (!buf)
         return NULL;
-    
+
     p = buf;
     *p++ = msg->code;
     *p++ = msg->id;
@@ -225,9 +229,13 @@ uint8_t *radmsg2buf(struct radmsg *msg, uint8_t *secret) {
 	free(buf);
 	return NULL;
     }
-    if (secret && (msg->code == RAD_Access_Accept || msg->code == RAD_Access_Reject || msg->code == RAD_Access_Challenge || msg->code == RAD_Accounting_Response || msg->code == RAD_Accounting_Request) && !_radsign(buf, secret)) {
-	free(buf);
-	return NULL;
+    if (secret) {
+	if ((msg->code == RAD_Access_Accept || msg->code == RAD_Access_Reject || msg->code == RAD_Access_Challenge || msg->code == RAD_Accounting_Response || msg->code == RAD_Accounting_Request) && !_radsign(buf, secret)) {
+	    free(buf);
+	    return NULL;
+	}
+	if (msg->code == RAD_Accounting_Request)
+	    memcpy(msg->auth, buf + 4, 16);
     }
     return buf;
 }
@@ -235,10 +243,10 @@ uint8_t *radmsg2buf(struct radmsg *msg, uint8_t *secret) {
 /* if secret set we also validate message authenticator if present */
 struct radmsg *buf2radmsg(uint8_t *buf, uint8_t *secret, uint8_t *rqauth) {
     struct radmsg *msg;
-    uint8_t t, l, *v, *p, auth[16];
+    uint8_t t, l, *v = NULL, *p, auth[16];
     uint16_t len;
     struct tlv *attr;
-    
+
     len = RADLEN(buf);
     if (len < 20)
 	return NULL;
@@ -255,7 +263,7 @@ struct radmsg *buf2radmsg(uint8_t *buf, uint8_t *secret, uint8_t *rqauth) {
 	debug(DBG_WARN, "buf2radmsg: Invalid auth, ignoring reply");
 	return NULL;
     }
-	
+
     msg = radmsg_init(buf[0], buf[1], (uint8_t *)buf + 4);
     if (!msg)
         return NULL;
@@ -279,7 +287,7 @@ struct radmsg *buf2radmsg(uint8_t *buf, uint8_t *secret, uint8_t *rqauth) {
             v = p;
             p += l;
         }
-	
+
 	if (t == RAD_Attr_Message_Authenticator && secret) {
 	    if (rqauth)
 		memcpy(buf + 4, rqauth, 16);
@@ -304,3 +312,7 @@ struct radmsg *buf2radmsg(uint8_t *buf, uint8_t *secret, uint8_t *rqauth) {
     }
     return msg;
 }
+
+/* Local Variables: */
+/* c-file-style: "stroustrup" */
+/* End: */