Merge branch 'v3.0.x' into tr-upgrade

author Kevin Wasserman <krwasserman@painless-security.com>

Tue, 22 Jul 2014 17:30:38 +0000 (13:30 -0400)

committer Kevin Wasserman <krwasserman@painless-security.com>

Tue, 22 Jul 2014 17:30:38 +0000 (13:30 -0400)
author Kevin Wasserman <krwasserman@painless-security.com>
Tue, 22 Jul 2014 17:30:38 +0000 (13:30 -0400)
committer Kevin Wasserman <krwasserman@painless-security.com>
Tue, 22 Jul 2014 17:30:38 +0000 (13:30 -0400)
diff --git a/configure b/configure

index 8ec93a7..f54c784 100755 (executable)
--- a/configure
+++ b/configure
@@ -7239,7 +7239,7 @@ case "$host" in
      CFLAGS="$CFLAGS -DDARWIN"
      LIBS="-framework DirectoryService $LIBS"
  
-$as_echo "#define __APPLE_USE_RFC_2292 1" >>confdefs.h
+$as_echo "#define __APPLE_USE_RFC_3542 1" >>confdefs.h
  
      ;;
  esac
@@ -7607,6 +7607,7 @@ for ac_header in \
    syslog.h \
    inttypes.h \
    stdint.h \
+  stdbool.h \
    stdio.h \
    netdb.h \
    semaphore.h \
diff --git a/configure.ac b/configure.ac

index 5d6a027..819e441 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -890,7 +890,7 @@ case "$host" in
    *-darwin*)
      CFLAGS="$CFLAGS -DDARWIN"
      LIBS="-framework DirectoryService $LIBS"
-    AC_DEFINE([__APPLE_USE_RFC_2292], 1, [Force OSX >= 10.7 Lion to use RFC2292 IPv6 socket options])
+    AC_DEFINE([__APPLE_USE_RFC_3542], 1, [Force OSX >= 10.7 Lion to use RFC2292 IPv6 socket options])
      ;;
  esac
  
@@ -915,6 +915,7 @@ AC_CHECK_HEADERS( \
    syslog.h \
    inttypes.h \
    stdint.h \
+  stdbool.h \
    stdio.h \
    netdb.h \
    semaphore.h \
diff --git a/raddb/clients.conf b/raddb/clients.conf

index 63f03dc..76b300d 100644 (file)
--- a/raddb/clients.conf
+++ b/raddb/clients.conf
@@ -217,10 +217,10 @@ client localhost {
  }
  
  # IPv6 Client
-#client localhost_ipv6 {
-#      ipv6addr        = ::1
-#      secret          = testing123
-#}
+client localhost_ipv6 {
+       ipv6addr        = ::1
+       secret          = testing123
+}
  
  # All IPv6 Site-local clients
  #client sitelocal_ipv6 {
diff --git a/raddb/sites-available/tls b/raddb/sites-available/tls

index 7918d87..1ba8767 100644 (file)
--- a/raddb/sites-available/tls
+++ b/raddb/sites-available/tls
@@ -371,7 +371,7 @@ home_server tls {
         ipaddr = 127.0.0.1
         port = 2083
         type = auth
-       secret = testing123
+       secret = radsec
         proto = tcp
         status_check = none
  
diff --git a/src/include/autoconf.h.in b/src/include/autoconf.h.in

index 26273d8..204051b 100644 (file)
--- a/src/include/autoconf.h.in
+++ b/src/include/autoconf.h.in
@@ -312,6 +312,9 @@
  /* Define to 1 if you have the `snprintf' function. */
  #undef HAVE_SNPRINTF
  
+/* Define to 1 if you have the <stdbool.h> header file. */
+#undef HAVE_STDBOOL_H
+
  /* Define to 1 if you have the <stddef.h> header file. */
  #undef HAVE_STDDEF_H
  
@@ -569,7 +572,7 @@
  #undef _POSIX_SOURCE
  
  /* Force OSX >= 10.7 Lion to use RFC2292 IPv6 socket options */
-#undef __APPLE_USE_RFC_2292
+#undef __APPLE_USE_RFC_3542
  
  /* Define to empty if `const' does not conform to ANSI C. */
  #undef const
diff --git a/src/lib/debug.c b/src/lib/debug.c

index 0c6235e..8af6432 100644 (file)
--- a/src/lib/debug.c
+++ b/src/lib/debug.c
@@ -47,9 +47,6 @@
  #  if !defined(PTRACE_ATTACH) && defined(PT_ATTACH)
  #    define PTRACE_ATTACH PT_ATTACH
  #  endif
-#  if !defined(PTRACE_CONT) && defined(PT_CONTINUE)
-#    define PTRACE_CONT PT_CONTINUE
-#  endif
  #  if !defined(PTRACE_DETACH) && defined(PT_DETACH)
  #    define PTRACE_DETACH PT_DETACH
  #  endif
@@ -143,30 +140,37 @@ static int fr_debugger_attached(void)
         /* Child */
         if (pid == 0) {
                 int8_t ret = 0;
-               int ppid = getppid();
+               int ppid = getppid();
  
                 /* Close parent's side */
                 close(from_child[0]);
  
-               if (_PTRACE(PTRACE_ATTACH, ppid) == 0) {
-                       /* If we attached then we're not running under a debugger */
-                       if (write(from_child[1], &ret, sizeof(ret)) < 0) {
-                               fprintf(stderr, "Writing ptrace status to parent failed: %s", fr_syserror(errno));
-                       }
-
-                       /* Wait for the parent to stop and continue it */
+               /*
+                *      FreeBSD is extremely picky about the order of operations here
+                *      we need to attach, wait *then* write whilst the parent is still
+                *      suspended, then detach, continuing the process.
+                *
+                *      If we don't do it in that order the read in the parent triggers
+                *      a SIGKILL.
+                */
+               if (_PTRACE(PTRACE_ATTACH, ppid) == 0) {
+                       /* Wait for the parent to stop */
                         waitpid(ppid, NULL, 0);
-                       _PTRACE(PTRACE_CONT, ppid);
  
-                       /* Detach */
+                       /* Tell the parent what happened */
+                       if (write(from_child[1], &ret, sizeof(ret)) < 0) {
+                               fprintf(stderr, "Writing ptrace status to parent failed: %s", fr_syserror(errno));
+                       }
+
+                       /* Detach */
                         _PTRACE(PTRACE_DETACH, ppid);
                         exit(0);
                 }
  
                 ret = 1;
-               /* Something is already attached */
+               /* Tell the parent what happened */
                 if (write(from_child[1], &ret, sizeof(ret)) < 0) {
-                       fprintf(stderr, "Writing ptrace status to parent failed: %s", fr_syserror(errno));
+                       fprintf(stderr, "Writing ptrace status to parent failed: %s", fr_syserror(errno));
                 }
  
                 exit(0);
@@ -185,7 +189,7 @@ static int fr_debugger_attached(void)
                 /* Ret not updated */
                 if (ret < 0) {
                         fr_strerror_printf("Debugger check failed: Error getting status from child: %s",
-                                          fr_syserror(errno));
+                       fr_syserror(errno));
                 }
  
                 /* Close the pipes here (if we did it above, it might race with pattach) */
diff --git a/src/lib/udpfromto.c b/src/lib/udpfromto.c

index beda5cf..bafe495 100644 (file)
--- a/src/lib/udpfromto.c
+++ b/src/lib/udpfromto.c
@@ -43,14 +43,14 @@ RCSID("$Id$")
  #endif
  
  /*
- * glibc 2.4 and uClibc 0.9.29 introduce IPV6_RECVPKTINFO etc. and
- * change IPV6_PKTINFO This is only supported in Linux kernel >=
- * 2.6.14
+ *  glibc 2.4 and uClibc 0.9.29 introduce IPV6_RECVPKTINFO etc. and
+ *  change IPV6_PKTINFO This is only supported in Linux kernel >=
+ *  2.6.14
   *
- * This is only an approximation because the kernel version that libc
- * was compiled against could be older or newer than the one being
- * run.  But this should not be a problem -- we just keep using the
- * old kernel interface.
+ *  This is only an approximation because the kernel version that libc
+ *  was compiled against could be older or newer than the one being
+ *  run.  But this should not be a problem -- we just keep using the
+ *  old kernel interface.
   */
  #ifdef __linux__
  #  ifdef IPV6_RECVPKTINFO
@@ -67,26 +67,26 @@ RCSID("$Id$")
  #  elif defined(IPV6_2292PKTINFO)
  #      define IPV6_RECVPKTINFO IPV6_2292PKTINFO
  #  endif
-#endif
+#else
  
  /*
- *     Linux requires IPV6_RECVPKTINFO for the setsockopt() call,
- *     but sendmsg() and recvmsg() require IPV6_PKTINFO. <sigh>
+ *  For everything that's not Linux we assume RFC 3542 compliance
+ *  - setsockopt() takes IPV6_RECVPKTINFO
+ *  - cmsg_type is IPV6_PKTINFO (in sendmsg, recvmsg)
   *
- *     We want all *other* (i.e. sane) systems to use IPV6_PKTINFO
- *     for all three calls.
+ *  If we don't have IPV6_RECVPKTINFO defined but do have IPV6_PKTINFO
+ *  defined, chances are the API is RFC2292 compliant and we need to use
+ *  IPV6_PKTINFO for both.
   */
-#ifdef IPV6_PKTINFO
-#  ifdef __linux__
-#    ifdef IPV6_RECVPKTINFO
-#      define FR_IPV6_RECVPKTINFO IPV6_RECVPKTINFO
-/* Fallback to to using recvfrom */
-#    else
-#      undef IPV6_RECVPKTINFO
-#      undef IPV6_PKTINFO
-#    endif
-#  else
-#    define FR_IPV6_RECVPKTINFO IPV6_PKTINFO
+#  if !defined(IPV6_RECVPKTINFO) && defined(IPV6_PKTINFO)
+#    define IPV6_RECVPKTINFO IPV6_PKTINFO
+
+/*
+ *  Ensure IPV6_RECVPKTINFO is not defined somehow if we have we
+ *  don't have IPV6_PKTINFO.
+ */
+#  elif !defined(IPV6_PKTINFO)
+#    undef IPV6_RECVPKTINFO
  #  endif
  #endif
  
@@ -142,7 +142,7 @@ int udpfromto_init(int s)
                 /*
                  *      Work around Linux-specific hackery.
                  */
-               flag = FR_IPV6_RECVPKTINFO;
+               flag = IPV6_RECVPKTINFO;
  #else
  #  ifdef EPROTONOSUPPORT
                 errno = EPROTONOSUPPORT;
diff --git a/src/main/listen.c b/src/main/listen.c

index 840561c..60cad6d 100644 (file)
--- a/src/main/listen.c
+++ b/src/main/listen.c
@@ -724,10 +724,7 @@ static void common_socket_free(rad_listen_t *this)
         }
  }
  #else
-static void common_socket_free(UNUSED rad_listen_t *this)
-{
-       return;
-}
+#define common_socket_free NULL
  #endif
  
  /*
@@ -2053,7 +2050,7 @@ static fr_protocol_t master_listen[RAD_LISTEN_MAX] = {
  #ifdef WITH_PROXY
         /* proxying */
         { RLM_MODULE_INIT, "proxy", sizeof(listen_socket_t), NULL,
-         common_socket_parse, NULL,
+         common_socket_parse, common_socket_free,
           proxy_socket_recv, proxy_socket_send,
           common_socket_print, proxy_socket_encode, proxy_socket_decode },
  #endif
@@ -2750,6 +2747,7 @@ static rad_listen_t *listen_parse(CONF_SECTION *cs, char const *server)
         CONF_PAIR       *cp;
         char const      *value;
         lt_dlhandle     handle;
+       CONF_SECTION    *server_cs;
         char            buffer[32];
  
         cp = cf_pair_find(cs, "type");
@@ -2864,6 +2862,15 @@ static rad_listen_t *listen_parse(CONF_SECTION *cs, char const *server)
                 return NULL;
         }
  
+
+       server_cs = cf_section_sub_find_name2(main_config.config, "server",
+                                             this->server);
+       if (!server_cs) {
+               cf_log_err_cs(cs, "No such server \"%s\"", this->server);
+               listen_free(&this);
+               return NULL;
+       }
+
         cf_log_info(cs, "}");
  
         return this;
diff --git a/src/main/modules.c b/src/main/modules.c

index cb9dda2..a670006 100644 (file)
--- a/src/main/modules.c
+++ b/src/main/modules.c
@@ -1547,7 +1547,6 @@ int modules_init(CONF_SECTION *config)
  {
         CONF_ITEM       *ci, *next;
         CONF_SECTION    *cs, *modules;
-       rad_listen_t    *listener;
  
         /*
          *      Set up the internal module struct.
@@ -1746,29 +1745,6 @@ int modules_init(CONF_SECTION *config)
         }
         cf_log_info(cs, " } # modules");
  
-       /*
-        *      Loop over the listeners, figuring out which sections
-        *      to load.
-        */
-       for (listener = main_config.listen;
-            listener != NULL;
-            listener = listener->next) {
-               char buffer[256];
-
-#ifdef WITH_PROXY
-               if (listener->type == RAD_LISTEN_PROXY) continue;
-#endif
-
-               cs = cf_section_sub_find_name2(config,
-                                              "server", listener->server);
-               if (!cs && (listener->server != NULL)) {
-                       listener->print(listener, buffer, sizeof(buffer));
-
-                       ERROR("No server has been defined for %s", buffer);
-                       return -1;
-               }
-       }
-
         if (virtual_servers_load(config) < 0) return -1;
  
         return 0;
diff --git a/src/main/process.c b/src/main/process.c

index 3edde82..9cfb732 100644 (file)
--- a/src/main/process.c
+++ b/src/main/process.c
@@ -4214,7 +4214,8 @@ static void listener_free_cb(void *ctx)
  
         this->print(this, buffer, sizeof(buffer));
         DEBUG("... cleaning up socket %s", buffer);
-       listen_free(&this);
+       rad_assert(this->next == NULL);
+       talloc_free(this);
  }
  #endif
  
diff --git a/src/modules/rlm_eap/types/rlm_eap_ikev2/logging_impl.h b/src/modules/rlm_eap/types/rlm_eap_ikev2/logging_impl.h

index f680fa8..923cd04 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_ikev2/logging_impl.h
+++ b/src/modules/rlm_eap/types/rlm_eap_ikev2/logging_impl.h
@@ -31,6 +31,5 @@
  
  #define IKEv2_LOG_PREFIX "    rlm_eap_ikev2: "
  
-void vxlogf(int iklevel, char const * fmt,va_list ap);
-
+void CC_HINT(format (printf, 2, 0)) vxlogf(int iklevel, char const * fmt, va_list ap);
  #endif //LOGGING_IMPL_H
diff --git a/src/modules/rlm_perl/rlm_perl.c b/src/modules/rlm_perl/rlm_perl.c

index 0d9013f..b6b94f4 100644 (file)
--- a/src/modules/rlm_perl/rlm_perl.c
+++ b/src/modules/rlm_perl/rlm_perl.c
@@ -557,7 +557,8 @@ static int mod_instantiate(CONF_SECTION *conf, void *instance)
   *     Example for this is Cisco-AVPair that holds multiple values.
   *     Which will be available as array_ref in $RAD_REQUEST{'Cisco-AVPair'}
   */
-static void perl_store_vps(UNUSED TALLOC_CTX *ctx, REQUEST *request, VALUE_PAIR *vps, HV *rad_hv)
+static void perl_store_vps(UNUSED TALLOC_CTX *ctx, REQUEST *request, VALUE_PAIR *vps, HV *rad_hv,
+                          const char *hashname, const char *list_name)
  {
         VALUE_PAIR *vp;
  
@@ -565,6 +566,7 @@ static void perl_store_vps(UNUSED TALLOC_CTX *ctx, REQUEST *request, VALUE_PAIR
  
         vp_cursor_t cursor;
  
+       RINDENT();
         pairsort(&vps, attrtagcmp);
         for (vp = fr_cursor_init(&cursor, &vps);
              vp;
@@ -594,21 +596,24 @@ static void perl_store_vps(UNUSED TALLOC_CTX *ctx, REQUEST *request, VALUE_PAIR
                  *      same type/tag should follow on from each other.
                  */
                 if ((next = fr_cursor_next_peek(&cursor)) && ATTRIBUTE_EQ(vp, next)) {
+                       int i;
                         AV *av;
  
                         av = newAV();
-                       for (next = fr_cursor_first(&cursor);
+                       for (next = fr_cursor_first(&cursor), i = 0;
                              next;
-                            next = fr_cursor_next_by_da(&cursor, vp->da, vp->tag)) {
+                            next = fr_cursor_next_by_da(&cursor, vp->da, vp->tag), i++) {
                                 switch (vp->da->type) {
                                 case PW_TYPE_STRING:
-                                       RDEBUG("<--  %s = %s", next->da->name, next->vp_strvalue);
+                                       RDEBUG("$%s{'%s'}[%i] = &%s:%s -> '%s'", hashname, next->da->name, i,
+                                              list_name, next->da->name, next->vp_strvalue);
                                         av_push(av, newSVpvn(next->vp_strvalue, next->length));
                                         break;
  
                                 default:
                                         len = vp_prints_value(buffer, sizeof(buffer), next, 0);
-                                       RDEBUG("<--  %s = %s", next->da->name, buffer);
+                                       RDEBUG("$%s{'%s'}[%i] = &%s:%s -> '%s'", hashname, next->da->name, i,
+                                              list_name, next->da->name, buffer);
                                         av_push(av, newSVpvn(buffer, truncate_len(len, sizeof(buffer))));
                                         break;
                                 }
@@ -623,18 +628,21 @@ static void perl_store_vps(UNUSED TALLOC_CTX *ctx, REQUEST *request, VALUE_PAIR
                  */
                 switch (vp->da->type) {
                 case PW_TYPE_STRING:
-                       RDEBUG("<--  %s = %s", vp->da->name, vp->vp_strvalue);
+                       RDEBUG("$%s{'%s'} = &%s:%s -> '%s'", hashname, vp->da->name, list_name,
+                              vp->da->name, vp->vp_strvalue);
                         (void)hv_store(rad_hv, name, strlen(name), newSVpvn(vp->vp_strvalue, vp->length), 0);
                         break;
  
                 default:
                         len = vp_prints_value(buffer, sizeof(buffer), vp, 0);
-                       RDEBUG("<--  %s = %s", vp->da->name, buffer);
+                       RDEBUG("$%s{'%s'} = &%s:%s -> '%s'", hashname, vp->da->name,
+                              list_name, vp->da->name, buffer);
                         (void)hv_store(rad_hv, name, strlen(name),
                                        newSVpvn(buffer, truncate_len(len, sizeof(buffer))), 0);
                         break;
                 }
         }
+       REXDENT();
  }
  
  /*
@@ -643,7 +651,8 @@ static void perl_store_vps(UNUSED TALLOC_CTX *ctx, REQUEST *request, VALUE_PAIR
   *     Value Pair Format
   *
   */
-static int pairadd_sv(TALLOC_CTX *ctx, REQUEST *request, VALUE_PAIR **vps, char *key, SV *sv, FR_TOKEN op)
+static int pairadd_sv(TALLOC_CTX *ctx, REQUEST *request, VALUE_PAIR **vps, char *key, SV *sv, FR_TOKEN op,
+                     const char *hashname, const char *list_name)
  {
         char        *val;
         VALUE_PAIR      *vp;
@@ -654,32 +663,38 @@ static int pairadd_sv(TALLOC_CTX *ctx, REQUEST *request, VALUE_PAIR **vps, char
                 vp = pairmake(ctx, vps, key, NULL, op);
                 if (!vp) {
                 fail:
-                       REDEBUG("Failed to create pair %s = %s", key, val);
-                       return 0;
+                       REDEBUG("Failed to create pair %s:%s %s %s", list_name, key,
+                               fr_int2str(fr_tokens, op, "<INVALID>"), val);
+                       return -1;
                 }
  
-               if (vp->da->type != PW_TYPE_STRING) {
-                       if (pairparsevalue(vp, val, 0) < 0) goto fail;
-               } else {
+               switch (vp->da->type) {
+               case PW_TYPE_STRING:
                         pairstrncpy(vp, val, len);
+                       break;
+
+               default:
+                       if (pairparsevalue(vp, val, len) < 0) goto fail;
                 }
  
-               RDEBUG("-->  %s = %s", key, val);
-               return 1;
+               RDEBUG("&%s:%s %s $%s{'%s'} -> '%s'", list_name, key, fr_int2str(fr_tokens, op, "<INVALID>"),
+                      hashname, key, val);
+               return 0;
         }
-       return 0;
+       return -1;
  }
  
  /*
   *     Gets the content from hashes
   */
-static int get_hv_content(TALLOC_CTX *ctx, REQUEST *request, HV *my_hv, VALUE_PAIR **vps)
+static int get_hv_content(TALLOC_CTX *ctx, REQUEST *request, HV *my_hv, VALUE_PAIR **vps,
+                         const char *hashname, const char *list_name)
  {
         SV              *res_sv, **av_sv;
         AV              *av;
         char            *key;
         I32             key_len, len, i, j;
-       int             ret=0;
+       int             ret = 0;
  
         *vps = NULL;
         for (i = hv_iterinit(my_hv); i > 0; i--) {
@@ -689,9 +704,9 @@ static int get_hv_content(TALLOC_CTX *ctx, REQUEST *request, HV *my_hv, VALUE_PA
                         len = av_len(av);
                         for (j = 0; j <= len; j++) {
                                 av_sv = av_fetch(av, j, 0);
-                               ret = pairadd_sv(ctx, request, vps, key, *av_sv, T_OP_ADD) + ret;
+                               ret = pairadd_sv(ctx, request, vps, key, *av_sv, T_OP_ADD, hashname, list_name) + ret;
                         }
-               } else ret = pairadd_sv(ctx, request, vps, key, res_sv, T_OP_EQ) + ret;
+               } else ret = pairadd_sv(ctx, request, vps, key, res_sv, T_OP_EQ, hashname, list_name) + ret;
         }
  
         return ret;
@@ -747,28 +762,30 @@ static int do_perl(void *instance, REQUEST *request, char const *function_name)
                 ENTER;
                 SAVETMPS;
  
-               rad_reply_hv = get_hv("RAD_REPLY",1);
-               rad_check_hv = get_hv("RAD_CHECK",1);
-               rad_config_hv = get_hv("RAD_CONFIG",1);
-               rad_request_hv = get_hv("RAD_REQUEST",1);
+               rad_reply_hv = get_hv("RAD_REPLY", 1);
+               rad_check_hv = get_hv("RAD_CHECK", 1);
+               rad_config_hv = get_hv("RAD_CONFIG", 1);
+               rad_request_hv = get_hv("RAD_REQUEST", 1);
  
-               perl_store_vps(request->reply, request, request->reply->vps, rad_reply_hv);
-               perl_store_vps(request, request, request->config_items, rad_check_hv);
-               perl_store_vps(request->packet, request, request->packet->vps, rad_request_hv);
-               perl_store_vps(request, request, request->config_items, rad_config_hv);
+               perl_store_vps(request->reply, request, request->reply->vps, rad_reply_hv, "RAD_REPLY", "reply");
+               perl_store_vps(request, request, request->config_items, rad_check_hv, "RAD_CHECK", "control");
+               perl_store_vps(request->packet, request, request->packet->vps, rad_request_hv, "RAD_REQUEST", "request");
+               perl_store_vps(request, request, request->config_items, rad_config_hv, "RAD_CONFIG", "control");
  
  #ifdef WITH_PROXY
                 rad_request_proxy_hv = get_hv("RAD_REQUEST_PROXY",1);
                 rad_request_proxy_reply_hv = get_hv("RAD_REQUEST_PROXY_REPLY",1);
  
                 if (request->proxy != NULL) {
-                       perl_store_vps(request->proxy, request, request->proxy->vps, rad_request_proxy_hv);
+                       perl_store_vps(request->proxy, request, request->proxy->vps, rad_request_proxy_hv,
+                                      "RAD_REQUEST_PROXY", "proxy-request");
                 } else {
                         hv_undef(rad_request_proxy_hv);
                 }
  
-               if (request->proxy_reply !=NULL) {
-                       perl_store_vps(request->proxy_reply, request, request->proxy_reply->vps, rad_request_proxy_reply_hv);
+               if (request->proxy_reply != NULL) {
+                       perl_store_vps(request->proxy_reply, request, request->proxy_reply->vps,
+                                      rad_request_proxy_reply_hv, "RAD_REQUEST_PROXY_REPLY", "proxy-reply");
                 } else {
                         hv_undef(rad_request_proxy_reply_hv);
                 }
@@ -807,7 +824,7 @@ static int do_perl(void *instance, REQUEST *request, char const *function_name)
                 LEAVE;
  
                 vp = NULL;
-               if ((get_hv_content(request->packet, request, rad_request_hv, &vp)) > 0 ) {
+               if ((get_hv_content(request->packet, request, rad_request_hv, &vp, "RAD_REQUEST", "request")) == 0) {
                         pairfree(&request->packet->vps);
                         request->packet->vps = vp;
                         vp = NULL;
@@ -821,13 +838,13 @@ static int do_perl(void *instance, REQUEST *request, char const *function_name)
                                 request->password = pairfind(request->packet->vps, PW_CHAP_PASSWORD, 0, TAG_ANY);
                 }
  
-               if ((get_hv_content(request->reply, request, rad_reply_hv, &vp)) > 0 ) {
+               if ((get_hv_content(request->reply, request, rad_reply_hv, &vp, "RAD_REPLY", "reply")) == 0) {
                         pairfree(&request->reply->vps);
                         request->reply->vps = vp;
                         vp = NULL;
                 }
  
-               if ((get_hv_content(request, request, rad_check_hv, &vp)) > 0 ) {
+               if ((get_hv_content(request, request, rad_check_hv, &vp, "RAD_CHECK", "control")) == 0) {
                         pairfree(&request->config_items);
                         request->config_items = vp;
                         vp = NULL;
@@ -835,14 +852,16 @@ static int do_perl(void *instance, REQUEST *request, char const *function_name)
  
  #ifdef WITH_PROXY
                 if (request->proxy &&
-                   (get_hv_content(request->proxy, request, rad_request_proxy_hv, &vp) > 0)) {
+                   (get_hv_content(request->proxy, request, rad_request_proxy_hv, &vp,
+                                   "RAD_REQUEST_PROXY", "proxy-request") == 0)) {
                         pairfree(&request->proxy->vps);
                         request->proxy->vps = vp;
                         vp = NULL;
                 }
  
                 if (request->proxy_reply &&
-                   (get_hv_content(request->proxy_reply, request, rad_request_proxy_reply_hv, &vp) > 0)) {
+                   (get_hv_content(request->proxy_reply, request, rad_request_proxy_reply_hv, &vp,
+                                   "RAD_REQUEST_PROXY_REPLY", "proxy-reply") == 0)) {
                         pairfree(&request->proxy_reply->vps);
                         request->proxy_reply->vps = vp;
                         vp = NULL;
author	Kevin Wasserman <krwasserman@painless-security.com>
	Tue, 22 Jul 2014 17:30:38 +0000 (13:30 -0400)
committer	Kevin Wasserman <krwasserman@painless-security.com>
	Tue, 22 Jul 2014 17:30:38 +0000 (13:30 -0400)
configure		patch \| blob \| history
configure.ac		patch \| blob \| history
raddb/clients.conf		patch \| blob \| history
raddb/sites-available/tls		patch \| blob \| history
src/include/autoconf.h.in		patch \| blob \| history
src/lib/debug.c		patch \| blob \| history
src/lib/udpfromto.c		patch \| blob \| history
src/main/listen.c		patch \| blob \| history
src/main/modules.c		patch \| blob \| history
src/main/process.c		patch \| blob \| history
src/modules/rlm_eap/types/rlm_eap_ikev2/logging_impl.h		patch \| blob \| history
src/modules/rlm_perl/rlm_perl.c		patch \| blob \| history