Pull digest fix from CVS head

diff --git a/share/dictionary.freeradius.internal b/share/dictionary.freeradius.internal
index a211943..4e1df7e 100644 (file)
--- a/share/dictionary.freeradius.internal
+++ b/share/dictionary.freeradius.internal
@@ -107,7 +107,7 @@ ATTRIBUTE   Module-Failure-Message                  1076    string
 ATTRIBUTE      Rewrite-Rule                            1078    string
 ATTRIBUTE      Sql-Group                               1079    string
 ATTRIBUTE      Response-Packet-Type                    1080    integer
-# 1081 unused
+ATTRIBUTE      Digest-HA1                              1081    octets
 ATTRIBUTE      MS-CHAP-Use-NTLM-Auth                   1082    integer
 ATTRIBUTE      NTLM-User-Name                          1083    string
 ATTRIBUTE      Packet-Src-IP-Address                   1084    ipaddr

diff --git a/src/include/radius.h b/src/include/radius.h
index cf2e438..72020a3 100644 (file)
--- a/src/include/radius.h
+++ b/src/include/radius.h
@@ -111,6 +111,7 @@
 #define PW_ARAP_CHALLENGE_RESPONSE     84
 #define PW_NAS_PORT_ID_STRING                  87
 #define PW_FRAMED_POOL                 88
+#define PW_NAS_IPV6_ADDRESS            95
 
 #define PW_DIGEST_RESPONSE             206
 #define PW_DIGEST_ATTRIBUTES           207
@@ -179,12 +180,26 @@
 #define PW_LDAP_GROUP                  1074
 #define PW_MODULE_SUCCESS_MESSAGE      1075
 #define PW_MODULE_FAILURE_MESSAGE      1076
+#if 0 /* no longer used */
 #define PW_X99_FAST                    1077
+#endif
 #define PW_REWRITE_RULE                        1078
 #define PW_SQL_GROUP                   1079
 #define PW_RESPONSE_PACKET_TYPE                1080
-#define PW_PACKET_DST_PORT             1081
+#define PW_DIGEST_HA1                  1081
 #define PW_MS_CHAP_USE_NTLM_AUTH       1082
+#define PW_PACKET_SRC_IP_ADDRESS       1084
+#define PW_PACKET_DST_IP_ADDRESS       1085
+#define PW_PACKET_SRC_PORT             1086
+#define PW_PACKET_DST_PORT             1087
+#define PW_PACKET_AUTHENTICATION_VECTOR        1088
+#define PW_TIME_OF_DAY                 1089
+
+#define PW_SHA_PASSWORD                        1093
+#define PW_SSHA_PASSWORD               1094
+#define PW_MD5_PASSWORD                        1095
+#define PW_SMD5_PASSWORD               1096
+
 
 /*
  *     Integer Translations

diff --git a/src/modules/rlm_digest/rlm_digest.c b/src/modules/rlm_digest/rlm_digest.c
index d92f467..3024ca1 100644 (file)
--- a/src/modules/rlm_digest/rlm_digest.c
+++ b/src/modules/rlm_digest/rlm_digest.c
@@ -97,9 +97,7 @@ static int digest_authenticate(void *instance, REQUEST *request)
         *      We require access to the plain-text password.
         */
        passwd = pairfind(request->config_items, PW_PASSWORD);
-#ifdef PW_MD5_PASSWORD
-       if (!passwd) passwd = pairfind(request->config_items, PW_MD5_PASSWORD);
-#endif
+       if (!passwd) passwd = pairfind(request->config_items, PW_DIGEST_HA1);
        if (!passwd) {
                radlog(L_AUTH, "rlm_digest: Configuration item \"User-Password\" or MD5-Password is required for authentication.");
                return RLM_MODULE_INVALID;
@@ -236,7 +234,7 @@ static int digest_authenticate(void *instance, REQUEST *request)
                DEBUG2("A1 = %s", a1);
        } else {
                a1[a1_len] = '\0';
-               DEBUG2("A1 = %s (using MD5-Password)", a1);
+               DEBUG2("A1 = %s (using Digest-HA1)", a1);
                a1_len = 16;
        }
 
@@ -248,7 +246,7 @@ static int digest_authenticate(void *instance, REQUEST *request)
        if ((algo == NULL) || 
            (strcasecmp(algo->strvalue, "MD5") == 0)) {
                /*
-                *      Set A1 to MD5-Password if no User-Password found
+                *      Set A1 to Digest-HA1 if no User-Password found
                 */
                if (passwd->attribute != PW_USER_PASSWORD) {
                        memcpy(&a1[0], passwd->strvalue, 16);
@@ -258,7 +256,7 @@ static int digest_authenticate(void *instance, REQUEST *request)
                /*
                 *      K1 = H(A1) : Digest-Nonce ... : H(A2)
                 *
-                *      If we find MD5-Password, we assume it contains
+                *      If we find Digest-HA1, we assume it contains
                 *      H(A1).
                 */
                if (passwd->attribute == PW_USER_PASSWORD) {