RADCLIENT *client = sock->client;
if (!sock->packet) {
- sock->packet = rad_alloc(sock, 0);
+ sock->packet = rad_alloc(sock, false);
if (!sock->packet) return 0;
sock->packet->sockfd = listener->fd;
sock->packet->dst_port = sock->my_port;
if (sock->request) {
- (void) talloc_steal(sock->request, sock->packet);
- sock->request->packet = sock->packet;
+ sock->request->packet = talloc_steal(sock->request, sock->packet);
}
}
rad_assert(request->packet == NULL);
rad_assert(sock->packet != NULL);
- request->packet = sock->packet;
+ request->packet = talloc_steal(request, sock->packet);
request->component = "<core>";
request->component = "<tls-connect>";
/*
* Not sure if we should do this on every packet...
*/
- request->reply = rad_alloc(request, 0);
+ request->reply = rad_alloc(request, false);
if (!request->reply) return 0;
rad_assert(sock->ssn == NULL);
- sock->ssn = tls_new_session(listener->tls, sock->request,
+ sock->ssn = tls_new_session(listener->tls, listener->tls, sock->request,
listener->tls->require_client_cert);
if (!sock->ssn) {
- request_free(&sock->request);
+ TALLOC_FREE(sock->request);
sock->packet = NULL;
return 0;
}
return 0;
}
- dump_hex("TUNNELED DATA", sock->ssn->clean_out.data, sock->ssn->clean_out.used);
+ dump_hex("TUNNELED DATA > ", sock->ssn->clean_out.data, sock->ssn->clean_out.used);
/*
* If the packet is a complete RADIUS packet, return it to
* set.
*/
switch(packet->code) {
- case PW_CODE_AUTHENTICATION_REQUEST:
+ case PW_CODE_ACCESS_REQUEST:
if (listener->type != RAD_LISTEN_AUTH) goto bad_packet;
FR_STATS_INC(auth, total_requests);
fun = rad_authenticate;
}
PTHREAD_MUTEX_LOCK(&sock->mutex);
+
/*
* Write the packet to the SSL buffers.
*/
sock->ssn->record_plus(&sock->ssn->clean_in,
request->reply->data, request->reply->data_len);
+ dump_hex("TUNNELED DATA < ", sock->ssn->clean_in.data, sock->ssn->clean_in.used);
+
/*
* Do SSL magic to get encrypted data.
*/
data = sock->data;
- packet = rad_alloc(sock, 0);
+ packet = rad_alloc(sock, false);
packet->sockfd = listener->fd;
packet->src_ipaddr = sock->other_ipaddr;
packet->src_port = sock->other_port;
* FIXME: Client MIB updates?
*/
switch(packet->code) {
- case PW_CODE_AUTHENTICATION_ACK:
+ case PW_CODE_ACCESS_ACCEPT:
case PW_CODE_ACCESS_CHALLENGE:
- case PW_CODE_AUTHENTICATION_REJECT:
+ case PW_CODE_ACCESS_REJECT:
break;
#ifdef WITH_ACCOUNTING