return NULL;
}
- eap_ds->response->packet = (unsigned char *)eap_packet;
+ eap_ds->response->packet = (uint8_t *) eap_packet;
+ talloc_steal(eap_ds, eap_packet);
eap_ds->response->code = eap_packet->code;
eap_ds->response->id = eap_packet->id;
eap_ds->response->type.num = eap_packet->data[0];
/*
* interfaces in eapsimlib.c
*/
-extern int eapsim_checkmac(VALUE_PAIR *rvps,
+extern int eapsim_checkmac(TALLOC_CTX *ctx, VALUE_PAIR *rvps,
uint8_t key[8],
uint8_t *extra, int extralen,
uint8_t calcmac[20]);
extern int eap_basic_compose(RADIUS_PACKET *packet, eap_packet_t *reply);
extern VALUE_PAIR *eap_packet2vp(RADIUS_PACKET *packet,
const eap_packet_raw_t *reply);
-extern eap_packet_raw_t *eap_vp2packet(VALUE_PAIR *vps);
+extern eap_packet_raw_t *eap_vp2packet(TALLOC_CTX *ctx, VALUE_PAIR *vps);
void eap_add_reply(REQUEST *request,
const char *name, const uint8_t *value, int len);
* NOTE: Sometimes Framed-MTU might contain the length of EAP-Message,
* refer fragmentation in rfc2869.
*/
-eap_packet_raw_t *eap_vp2packet(VALUE_PAIR *vps)
+eap_packet_raw_t *eap_vp2packet(TALLOC_CTX *ctx, VALUE_PAIR *vps)
{
VALUE_PAIR *first, *vp;
eap_packet_raw_t *eap_packet;
/*
* Now that we know the lengths are OK, allocate memory.
*/
- eap_packet = (eap_packet_raw_t *) malloc(len);
+ eap_packet = talloc_zero(ctx, eap_packet_raw_t);
if (eap_packet == NULL) {
radlog(L_ERR, "rlm_eap: out of memory");
return NULL;
total_length = EAP_HEADER_LEN + 1 + encoded_size;
hmaclen = total_length + appendlen;
- buffer = (unsigned char *)malloc(hmaclen);
+ buffer = talloc_array(r, uint8_t, hmaclen);
hdr = (eap_packet_raw_t *)buffer;
if (!hdr) {
radlog(L_ERR, "rlm_eap: out of memory");
*
*/
int
-eapsim_checkmac(VALUE_PAIR *rvps,
+eapsim_checkmac(TALLOC_CTX *ctx, VALUE_PAIR *rvps,
uint8_t key[EAPSIM_AUTH_SIZE],
uint8_t *extra, int extralen,
uint8_t calcmac[20])
/* get original copy of EAP message, note that it was sanitized
* to have a valid length, which we depend upon.
*/
- e = eap_vp2packet(rvps);
-
- if(e == NULL)
- {
- return 0;
- }
+ e = eap_vp2packet(ctx, rvps);
+ if (!e) return 0;
/* make copy big enough for everything */
elen = e->length[0] * 256 + e->length[1];
len = elen + extralen;
- buffer = malloc(len);
- if(buffer == NULL)
- {
- free(e);
+ buffer = talloc_array(ctx, uint8_t, len);
+ if (!buffer) {
+ talloc_free(e);
return 0;
}
}
done:
- free(e);
- free(buffer);
+ talloc_free(e);
+ talloc_free(buffer);
return(ret);
}
}
/* verify the MAC, now that we have all the keys. */
- if(eapsim_checkmac(req->vps, eapsim_mk.K_aut,
+ if(eapsim_checkmac(NULL, req->vps, eapsim_mk.K_aut,
eapsim_mk.nonce_mt, sizeof(eapsim_mk.nonce_mt),
calcmac)) {
printf("MAC check succeed\n");
int type;
/* find eap message */
- e = eap_vp2packet(rep->vps);
+ e = eap_vp2packet(NULL, rep->vps);
/* nothing to do! */
if(e == NULL) return;
/*
* Get the eap packet to start with
*/
- eap_packet = eap_vp2packet(request->packet->vps);
+ eap_packet = eap_vp2packet(request, request->packet->vps);
if (eap_packet == NULL) {
radlog_request(L_ERR, 0, request, "Malformed EAP Message");
return RLM_MODULE_FAIL;
return RLM_MODULE_NOOP;
}
- eap_packet = eap_vp2packet(request->packet->vps);
+ eap_packet = eap_vp2packet(request, request->packet->vps);
if (eap_packet == NULL) {
radlog_request(L_ERR, 0, request, "Malformed EAP Message");
return RLM_MODULE_FAIL;
memcpy(srescat +(2*EAPSIM_SRES_SIZE), ess->keys.sres[2], EAPSIM_SRES_SIZE);
/* verify the MAC, now that we have all the keys. */
- if(eapsim_checkmac(vps, ess->keys.K_aut,
+ if(eapsim_checkmac(handler, vps, ess->keys.K_aut,
srescat, sizeof(srescat),
calcmac)) {
DEBUG2("MAC check succeed\n");