#include <ctype.h>
-
-#define SM_AUTHTYPE ((11406<<16)|101)
-#define SM_CHALLENGE ((11406<<16)|102)
-#define SM_RESPONSE ((11406<<16)|103)
+#define VENDORPEC_SM 11406
+#define SM_AUTHTYPE 101
+#define SM_CHALLENGE 102
+#define SM_RESPONSE 103
radlog(L_AUTH, "rlm_cram: Cleartext-Password is required for authentication.");
return RLM_MODULE_INVALID;
}
- authtype = pairfind(request->packet->vps, SM_AUTHTYPE);
+ authtype = pairfind(request->packet->vps, SM_AUTHTYPE, VENDORPEC_SM);
if(!authtype) {
radlog(L_AUTH, "rlm_cram: Required attribute Sandy-Mail-Authtype missed");
return RLM_MODULE_INVALID;
}
- challenge = pairfind(request->packet->vps, SM_CHALLENGE);
+ challenge = pairfind(request->packet->vps, SM_CHALLENGE, VENDORPEC_SM);
if(!challenge) {
radlog(L_AUTH, "rlm_cram: Required attribute Sandy-Mail-Challenge missed");
return RLM_MODULE_INVALID;
}
- response = pairfind(request->packet->vps, SM_RESPONSE);
+ response = pairfind(request->packet->vps, SM_RESPONSE, VENDORPEC_SM);
if(!response) {
radlog(L_AUTH, "rlm_cram: Required attribute Sandy-Mail-Response missed");
return RLM_MODULE_INVALID;
}
- r = paircreate(ATTRIBUTE_EAP_SIM_RAND1 + imsicount, PW_TYPE_OCTETS);
+ r = paircreate(ATTRIBUTE_EAP_SIM_RAND1 + imsicount, 0, PW_TYPE_OCTETS);
r = pairparsevalue(r, chal);
pairadd(reply_pairs, r);
- k = paircreate(ATTRIBUTE_EAP_SIM_KC1 + imsicount, PW_TYPE_OCTETS);
+ k = paircreate(ATTRIBUTE_EAP_SIM_KC1 + imsicount, 0, PW_TYPE_OCTETS);
k = pairparsevalue(k, kc);
rad_assert(k != NULL);
pairadd(reply_pairs, k);
- s = paircreate(ATTRIBUTE_EAP_SIM_SRES1 + imsicount, PW_TYPE_OCTETS);
+ s = paircreate(ATTRIBUTE_EAP_SIM_SRES1 + imsicount, 0, PW_TYPE_OCTETS);
s = pairparsevalue(s, sres);
pairadd(reply_pairs, s);
uint8_t mip_rk_1[EVP_MAX_MD_SIZE], mip_rk_2[EVP_MAX_MD_SIZE];
uint8_t mip_rk[2 * EVP_MAX_MD_SIZE];
- msk = pairfind(request->reply->vps, 1129);
- emsk = pairfind(request->reply->vps, 1130);
+ msk = pairfind(request->reply->vps, 1129, 0);
+ emsk = pairfind(request->reply->vps, 1130, 0);
if (!msk || !emsk) {
RDEBUG("No EAP-MSK or EAP-EMSK. Cannot create WiMAX keys.");
return RLM_MODULE_NOOP;
/*
* Calculate mobility keys
*/
- mn_nai = pairfind(request->packet->vps, 1900);
- if (!mn_nai) mn_nai = pairfind(request->reply->vps, 1900);
+ mn_nai = pairfind(request->packet->vps, 1900, 0);
+ if (!mn_nai) mn_nai = pairfind(request->reply->vps, 1900, 0);
if (!mn_nai) {
RDEBUG("WARNING: WiMAX-MN-NAI was not found in the request or in the reply.");
RDEBUG("WARNING: We cannot calculate MN-HA keys.");
* WiMAX-IP-Technology
*/
vp = NULL;
- if (mn_nai) vp = pairfind(request->reply->vps, WIMAX2ATTR(23));
+ if (mn_nai) vp = pairfind(request->reply->vps, 23, VENDORPEC_WIMAX);
if (!vp) {
RDEBUG("WARNING: WiMAX-IP-Technology not found in reply.");
RDEBUG("WARNING: Not calculating MN-HA keys");
/*
* Generate MN-FA = H(FA-RK, "MN FA" | FA-IP | MN-NAI)
*/
- ip = pairfind(request->reply->vps, 1901);
+ ip = pairfind(request->reply->vps, 1901, 0);
if (fa_rk && ip && mn_nai) {
HMAC_CTX_init(&hmac);
HMAC_Init_ex(&hmac, fa_rk->vp_octets, fa_rk->length,
HMAC_Final(&hmac, &mip_rk_1[0], &rk1_len);
vp = radius_paircreate(request, &request->reply->vps,
- 1902, PW_TYPE_OCTETS);
+ 1902, 0, PW_TYPE_OCTETS);
if (!vp) {
RDEBUG("WARNING: Failed creating WiMAX-MN-FA");
} else {