* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#include <freeradius-devel/ident.h>
+
RCSID("$Id$")
#include "eap_chbind.h"
/* Set-up the fake request */
fake = request_alloc_fake(req);
rad_assert(fake->packet->vps == NULL);
- vp = pairmake("Freeradius-Proxied-To", "127.0.0.1", T_OP_EQ);
- if (vp) {
- pairadd(&fake->packet->vps, vp);
- }
+ pairmake(fake, &fake->packet->vps, "Freeradius-Proxied-To", "127.0.0.1", T_OP_EQ);
/* Add the username to the fake request */
if (chbind_req->username) {
- vp = paircreate(PW_USER_NAME, 0);
+ uint8_t *octets = NULL;
+ vp = paircreate(fake, PW_USER_NAME, 0);
rad_assert(vp);
- memcpy(vp->vp_octets, chbind_req->username, chbind_req->username_len);
+ octets = talloc_array(vp, uint8_t, chbind_req->username_len+1);
+ rad_assert(octets);
+ memcpy(octets, chbind_req->username, chbind_req->username_len);
+ vp->vp_octets = octets;
vp->length = chbind_req->username_len;
pairadd(&fake->packet->vps, vp);
#ifndef _EAP_CHBIND_H
#define _EAP_CHBIND_H
-#include <freeradius-devel/ident.h>
RCSIDH(eap_chbind_h, "$Id$")
#include <stdio.h>
extern eap_packet_raw_t *eap_vp2packet(TALLOC_CTX *ctx, VALUE_PAIR *vps);
void eap_add_reply(REQUEST *request,
char const *name, uint8_t const *value, int len);
-extern VALUE_PAIR *eap_chbind_packet2vp(const eap_chbind_packet_t *packet, size_t len);
+extern VALUE_PAIR *eap_chbind_packet2vp(REQUEST *, const eap_chbind_packet_t *packet, size_t len);
extern size_t eap_chbind_vp2packet(VALUE_PAIR *vps, eap_chbind_packet_t **packet);
#endif /* _EAP_TYPES_H */
RCSID("$Id$")
#include <freeradius-devel/libradius.h>
+#include <freeradius-devel/rad_assert.h>
#include "eap_types.h"
const FR_NAME_NUMBER eap_rcode_table[] = {
pairmemcpy(vp, value, len);
}
-VALUE_PAIR *eap_chbind_packet2vp(const eap_chbind_packet_t *packet, size_t len)
+VALUE_PAIR *eap_chbind_packet2vp(REQUEST *request, const eap_chbind_packet_t *packet, size_t len)
{
size_t size;
const uint8_t *ptr;
VALUE_PAIR *head = NULL;
+ uint8_t *octets = NULL;
+
VALUE_PAIR **tail = &head;
VALUE_PAIR *vp;
size = len;
if (size > 247) size = 247;
- vp = paircreate(PW_UKERNA_CHBIND, VENDORPEC_UKERNA);
+ vp = paircreate(request, PW_UKERNA_CHBIND, VENDORPEC_UKERNA);
if (!vp) {
pairfree(&head);
return NULL;
}
- memcpy(vp->vp_octets, ptr, size);
+ octets = talloc_array(vp, uint8_t, size);
+ rad_assert(octets);
+ memcpy(octets, ptr, size);
+ vp->vp_octets = octets;
vp->length = size;
*tail = vp;
*result = eap_chbind_packet;
return len;
+}
}
/* move channel binding responses; we need to send them */
- pairmove2(&vp, &reply->vps, PW_UKERNA_CHBIND, VENDORPEC_UKERNA, TAG_ANY);
+ pairfilter(tls_session, &vp, &reply->vps, PW_UKERNA_CHBIND, VENDORPEC_UKERNA, TAG_ANY);
if (pairfind(vp, PW_UKERNA_CHBIND, VENDORPEC_UKERNA, TAG_ANY) != NULL) {
- t->authenticated = TRUE;
+ t->authenticated = true;
/*
* Use the tunneled reply, but not now.
*/
if (t->use_tunneled_reply) {
- t->accept_vps = reply->vps;
- reply->vps = NULL;
+ rad_assert(!t->accept_vps);
+ pairfilter(t, &t->accept_vps, &reply->vps,
+ 0, 0, TAG_ANY);
+ rad_assert(!reply->vps);
}
rcode = RLM_MODULE_HANDLED;
}
pairfilter(t, &vp, &reply->vps, PW_REPLY_MESSAGE, 0, TAG_ANY);
/* also move chbind messages, if any */
- pairmove2(&vp, &reply->vps, PW_UKERNA_CHBIND, VENDORPEC_UKERNA,
+ pairfilter(t, &vp, &reply->vps, PW_UKERNA_CHBIND, VENDORPEC_UKERNA,
TAG_ANY);
/*
if (req->chbind_resp_len > 0) {
RDEBUG("sending chbind response");
pairadd(&fake->reply->vps,
- eap_chbind_packet2vp((eap_chbind_packet_t *)req->chbind_resp,
+ eap_chbind_packet2vp(fake, (eap_chbind_packet_t *)req->chbind_resp,
req->chbind_resp_len));
} else {
RDEBUG("no chbind response");