X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=radmsg.c;h=258c9f994d4111768e38a7eae36cefb2f462fe21;hb=refs%2Fheads%2Flicensing;hp=422186d50951c80d2071fd62f7c1c95ffc52b218;hpb=4f7c11c9ea5795ac0dd32540e5045d3fc10f0a89;p=radsecproxy.git

diff --git a/radmsg.c b/radmsg.c
index 422186d..258c9f9 100644
--- a/radmsg.c
+++ b/radmsg.c
@@ -1,12 +1,12 @@
-/*
- * Copyright (C) 2006-2008 Stig Venaas <venaas@uninett.no>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- */
+/* Copyright (c) 2006-2010, UNINETT AS
+ * Copyright (c) 2010-2012, NORDUnet A/S */
+/* See LICENSE for licensing information. */
 
+#ifdef SYS_SOLARIS9
+#include <sys/inttypes.h>
+#else
 #include <stdint.h>
+#endif
 #include <stdlib.h>
 #include <string.h>
 #include <arpa/inet.h>
@@ -29,7 +29,7 @@ void radmsg_free(struct radmsg *msg) {
 
 struct radmsg *radmsg_init(uint8_t code, uint8_t id, uint8_t *auth) {
     struct radmsg *msg;
-    
+
     msg = malloc(sizeof(struct radmsg));
     if (!msg)
         return NULL;
@@ -38,7 +38,7 @@ struct radmsg *radmsg_init(uint8_t code, uint8_t id, uint8_t *auth) {
     if (!msg->attrs) {
 	free(msg);
         return NULL;
-    }	
+    }
     msg->code = code;
     msg->id = id;
     if (auth)
@@ -46,7 +46,7 @@ struct radmsg *radmsg_init(uint8_t code, uint8_t id, uint8_t *auth) {
     else if (!RAND_bytes(msg->auth, 16)) {
 	free(msg);
 	return NULL;
-    }	
+    }
     return msg;
 }
 
@@ -79,7 +79,7 @@ int _checkmsgauth(unsigned char *rad, uint8_t *authattr, uint8_t *secret) {
     static HMAC_CTX hmacctx;
     unsigned int md_len;
     uint8_t auth[16], hash[EVP_MAX_MD_SIZE];
-    
+
     pthread_mutex_lock(&lock);
     if (first) {
 	HMAC_CTX_init(&hmacctx);
@@ -103,8 +103,8 @@ int _checkmsgauth(unsigned char *rad, uint8_t *authattr, uint8_t *secret) {
 	debug(DBG_WARN, "message authenticator, wrong value");
 	pthread_mutex_unlock(&lock);
 	return 0;
-    }	
-	
+    }
+
     pthread_mutex_unlock(&lock);
     return 1;
 }
@@ -116,7 +116,7 @@ int _validauth(unsigned char *rad, unsigned char *reqauth, unsigned char *sec) {
     unsigned char hash[EVP_MAX_MD_SIZE];
     unsigned int len;
     int result;
-    
+
     pthread_mutex_lock(&lock);
     if (first) {
 	EVP_MD_CTX_init(&mdctx);
@@ -124,7 +124,7 @@ int _validauth(unsigned char *rad, unsigned char *reqauth, unsigned char *sec) {
     }
 
     len = RADLEN(rad);
-    
+
     result = (EVP_DigestInit_ex(&mdctx, EVP_md5(), NULL) &&
 	      EVP_DigestUpdate(&mdctx, rad, 4) &&
 	      EVP_DigestUpdate(&mdctx, reqauth, 16) &&
@@ -145,7 +145,7 @@ int _createmessageauth(unsigned char *rad, unsigned char *authattrval, uint8_t *
 
     if (!authattrval)
 	return 1;
-    
+
     pthread_mutex_lock(&lock);
     if (first) {
 	HMAC_CTX_init(&hmacctx);
@@ -204,7 +204,7 @@ uint8_t *radmsg2buf(struct radmsg *msg, uint8_t *secret) {
     buf = malloc(size);
     if (!buf)
         return NULL;
-    
+
     p = buf;
     *p++ = msg->code;
     *p++ = msg->id;
@@ -225,9 +225,13 @@ uint8_t *radmsg2buf(struct radmsg *msg, uint8_t *secret) {
 	free(buf);
 	return NULL;
     }
-    if (secret && (msg->code == RAD_Access_Accept || msg->code == RAD_Access_Reject || msg->code == RAD_Access_Challenge || msg->code == RAD_Accounting_Response || msg->code == RAD_Accounting_Request) && !_radsign(buf, secret)) {
-	free(buf);
-	return NULL;
+    if (secret) {
+	if ((msg->code == RAD_Access_Accept || msg->code == RAD_Access_Reject || msg->code == RAD_Access_Challenge || msg->code == RAD_Accounting_Response || msg->code == RAD_Accounting_Request) && !_radsign(buf, secret)) {
+	    free(buf);
+	    return NULL;
+	}
+	if (msg->code == RAD_Accounting_Request)
+	    memcpy(msg->auth, buf + 4, 16);
     }
     return buf;
 }
@@ -238,7 +242,7 @@ struct radmsg *buf2radmsg(uint8_t *buf, uint8_t *secret, uint8_t *rqauth) {
     uint8_t t, l, *v = NULL, *p, auth[16];
     uint16_t len;
     struct tlv *attr;
-    
+
     len = RADLEN(buf);
     if (len < 20)
 	return NULL;
@@ -255,7 +259,7 @@ struct radmsg *buf2radmsg(uint8_t *buf, uint8_t *secret, uint8_t *rqauth) {
 	debug(DBG_WARN, "buf2radmsg: Invalid auth, ignoring reply");
 	return NULL;
     }
-	
+
     msg = radmsg_init(buf[0], buf[1], (uint8_t *)buf + 4);
     if (!msg)
         return NULL;
@@ -279,7 +283,7 @@ struct radmsg *buf2radmsg(uint8_t *buf, uint8_t *secret, uint8_t *rqauth) {
             v = p;
             p += l;
         }
-	
+
 	if (t == RAD_Attr_Message_Authenticator && secret) {
 	    if (rqauth)
 		memcpy(buf + 4, rqauth, 16);
@@ -304,3 +308,7 @@ struct radmsg *buf2radmsg(uint8_t *buf, uint8_t *secret, uint8_t *rqauth) {
     }
     return msg;
 }
+
+/* Local Variables: */
+/* c-file-style: "stroustrup" */
+/* End: */