In preparation for DEBUG -> RDEBUG changes.
Also made rlm_soh return FAIL on bad SoH packets.
#include <freeradius-devel/ident.h>
RCSIDH(soh_h, "$Id$")
-#include <freeradius-devel/libradius.h>
-
#ifdef __cplusplus
extern "C" {
#endif
-int soh_verify(VALUE_PAIR *sohvp, const uint8_t *data, unsigned int data_len);
+ int soh_verify(REQUEST *request, VALUE_PAIR *sohvp, const uint8_t *data, unsigned int data_len);
uint16_t soh_pull_be_16(const uint8_t *p);
uint32_t soh_pull_be_24(const uint8_t *p);
uint32_t soh_pull_be_32(const uint8_t *p);
* unknown types; we need to know their length ahead of time. Therefore, we abort
* if we find an unknown type.
*/
-static int eapsoh_mstlv(VALUE_PAIR *sohvp, const uint8_t *p, unsigned int data_len) {
+static int eapsoh_mstlv(REQUEST *request, VALUE_PAIR *sohvp, const uint8_t *p, unsigned int data_len) {
VALUE_PAIR *vp;
uint8_t c;
int t;
return NULL;
}
-int soh_verify(VALUE_PAIR *sohvp, const uint8_t *data, unsigned int data_len) {
+int soh_verify(REQUEST *request, VALUE_PAIR *sohvp, const uint8_t *data, unsigned int data_len) {
VALUE_PAIR *vp;
eap_soh hdr;
*/
if (curr_shid==0x137 && curr_shid_c==0) {
DEBUG("SoH MS type-value payload");
- eapsoh_mstlv(sohvp, data + 4, tlv.tlv_len - 4);
+ eapsoh_mstlv(request, sohvp, data + 4, tlv.tlv_len - 4);
} else {
DEBUG("SoH unhandled vendor-specific TLV %08x/component=%i %i bytes payload", curr_shid, curr_shid_c, tlv.tlv_len);
}
}
- rv = soh_verify(vp, data, data_len - 8);
+ rv = soh_verify(request, vp, data, data_len - 8);
if (rv<0) {
RDEBUG("SoH - error decoding payload: %s", fr_strerror());
} else {
static int soh_postauth(UNUSED void * instance, REQUEST *request)
{
#ifdef WITH_DHCP
+ int rcode;
VALUE_PAIR *vp;
vp = pairfind(request->packet->vps, DHCP2ATTR(43));
} else {
RDEBUG("SoH decoding NAP from DHCP request");
/* SoH payload */
- soh_verify(request->packet->vps, data, vlen);
+ rcode = soh_verify(request, request->packet->vps, data, vlen);
+ if (rcode < 0) {
+ return RLM_MODULE_FAIL;
+ }
}
break;
default:
RDEBUG("SoH radius VP found");
/* decode it */
- rv = soh_verify(request->packet->vps, vp->vp_octets, vp->length);
+ rv = soh_verify(request, request->packet->vps, vp->vp_octets, vp->length);
+ if (rv < 0) {
+ return RLM_MODULE_FAIL;
+ }
return RLM_MODULE_OK;
}