*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*
- * Copyright 2003 The FreeRADIUS server project
+ * Copyright 2003,2006 The FreeRADIUS server project
*/
+#include <freeradius-devel/ident.h>
+RCSID("$Id$")
+
#include <freeradius-devel/autoconf.h>
#include <stdio.h>
{
rlm_eap_gtc_t *inst = (rlm_eap_gtc_t *) arg;
- if (inst->challenge) free(inst->challenge);
- if (inst->auth_type_name) free(inst->auth_type_name);
free(inst);
return -1;
}
- dval = dict_valbyname(PW_AUTH_TYPE, inst->auth_type_name);
+ dval = dict_valbyname(PW_AUTH_TYPE, 0, inst->auth_type_name);
if (!dval) {
radlog(L_ERR, "rlm_eap_gtc: Unknown Auth-Type %s",
inst->auth_type_name);
*/
static int gtc_initiate(void *type_data, EAP_HANDLER *handler)
{
+ char challenge_str[1024];
int length;
EAP_DS *eap_ds = handler->eap_ds;
rlm_eap_gtc_t *inst = (rlm_eap_gtc_t *) type_data;
- /*
- * FIXME: call radius_xlat on the challenge
- */
- length = strlen(inst->challenge);
+ if (!radius_xlat(challenge_str, sizeof(challenge_str), inst->challenge, handler->request, NULL)) {
+ radlog(L_ERR, "rlm_eap_gtc: xlat failed.", inst->challenge);
+ return 0;
+ }
+
+ length = strlen(challenge_str);
/*
* We're sending a request...
return 0;
}
- memcpy(eap_ds->request->type.data, inst->challenge, length);
+ memcpy(eap_ds->request->type.data, challenge_str, length);
eap_ds->request->type.length = length;
/*
rlm_eap_gtc_t *inst = (rlm_eap_gtc_t *) type_data;
/*
- * Get the User-Password for this user.
+ * Get the Cleartext-Password for this user.
*/
rad_assert(handler->request != NULL);
rad_assert(handler->stage == AUTHENTICATE);
}
#if 0
- if (debug_flag > 2) {
+ if ((debug_flag > 2) && fr_log_fp) {
int i;
for (i = 0; i < eap_ds->response->length - 4; i++) {
- if ((i & 0x0f) == 0) printf("%d: ", i);
+ if ((i & 0x0f) == 0) fprintf(fr_log_fp, "%d: ", i);
- printf("%02x ", eap_ds->response->type.data[i]);
+ fprintf(fr_log_fp, "%02x ", eap_ds->response->type.data[i]);
- if ((i & 0x0f) == 0x0f) printf("\n");
+ if ((i & 0x0f) == 0x0f) fprintf(fr_log_fp, "\n");
}
}
#endif
/*
* For now, do clear-text password authentication.
*/
- vp = pairfind(handler->request->config_items, PW_PASSWORD);
+ vp = pairfind(handler->request->config_items, PW_CLEARTEXT_PASSWORD, 0);
if (!vp) {
- DEBUG2(" rlm_eap_gtc: ERROR: Clear-test User-Password is required for authentication.");
+ DEBUG2(" rlm_eap_gtc: ERROR: Cleartext-Password is required for authentication.");
eap_ds->request->code = PW_EAP_FAILURE;
return 0;
}
if (eap_ds->response->type.length != vp->length) {
- DEBUG2(" rlm_eap_gtc: ERROR: Passwords are of different length. %d %d", eap_ds->response->type.length, vp->length);
+ DEBUG2(" rlm_eap_gtc: ERROR: Passwords are of different length. %d %d", (int) eap_ds->response->type.length, (int) vp->length);
eap_ds->request->code = PW_EAP_FAILURE;
return 0;
}
* If there was a User-Password in the request,
* why the heck are they using EAP-GTC?
*/
- rad_assert(handler->request->password == NULL);
+ pairdelete(&handler->request->packet->vps, PW_USER_PASSWORD, 0);
vp = pairmake("User-Password", "", T_OP_EQ);
if (!vp) {