cleanup unused parameter warnings

[mech_eap.git] / util_radius.cpp

diff --git a/util_radius.cpp b/util_radius.cpp
index 9d9df42..083b3e7 100644 (file)
--- a/util_radius.cpp
+++ b/util_radius.cpp
@@ -263,7 +263,7 @@ getAttributeId(const gss_buffer_t attr)
 }
 
 bool
-gss_eap_radius_attr_provider::setAttribute(int complete,
+gss_eap_radius_attr_provider::setAttribute(int complete GSSEAP_UNUSED,
                                            uint32_t attrid,
                                            const gss_buffer_t value)
 {
@@ -428,7 +428,7 @@ gss_eap_radius_attr_provider::getAttribute(uint16_t attribute,
 
 gss_any_t
 gss_eap_radius_attr_provider::mapToAny(int authenticated,
-                                       gss_buffer_t type_id) const
+                                       gss_buffer_t type_id GSSEAP_UNUSED) const
 {
     if (authenticated && !m_authenticated)
         return (gss_any_t)NULL;
@@ -437,7 +437,7 @@ gss_eap_radius_attr_provider::mapToAny(int authenticated,
 }
 
 void
-gss_eap_radius_attr_provider::releaseAnyNameMapping(gss_buffer_t type_id,
+gss_eap_radius_attr_provider::releaseAnyNameMapping(gss_buffer_t type_id GSSEAP_UNUSED,
                                                     gss_any_t input) const
 {
     pairfree((VALUE_PAIR **)&input);
@@ -446,9 +446,25 @@ gss_eap_radius_attr_provider::releaseAnyNameMapping(gss_buffer_t type_id,
 bool
 gss_eap_radius_attr_provider::init(void)
 {
+    struct rs_context *radContext;
+
     gss_eap_attr_ctx::registerProvider(ATTR_TYPE_RADIUS,
                                        "urn:ietf:params:gss-eap:radius-avp",
                                        createAttrContext);
+
+#if 1
+    /*
+     * This hack is necessary in order to force the loading of the global
+     * dictionary, otherwise accepting reauthentication tokens fails unless
+     * the acceptor has already accepted a normal authentication token.
+     */
+    if (rs_context_create(&radContext, RS_DICT_FILE) != 0) {
+        return false;
+    }
+
+    rs_context_destroy(radContext);
+#endif
+
     return true;
 }
 
@@ -479,8 +495,12 @@ gssEapRadiusAddAvp(OM_uint32 *minor,
         VALUE_PAIR *vp;
         size_t n = remain;
 
-        if (n > MAX_STRING_LEN)
-            n = MAX_STRING_LEN;
+       /*
+         * There's an extra byte of padding; RADIUS AVPs can only
+         * be 253 octets.
+         */
+        if (n >= MAX_STRING_LEN)
+            n = MAX_STRING_LEN - 1;
 
         vp = paircreate(attrid, PW_TYPE_OCTETS);
         if (vp == NULL) {
@@ -586,6 +606,8 @@ OM_uint32
 gssEapRadiusAttrProviderFinalize(OM_uint32 *minor)
 {
     gss_eap_radius_attr_provider::finalize();
+
+    *minor = 0;
     return GSS_S_COMPLETE;
 }
 
@@ -656,10 +678,11 @@ avpImport(VALUE_PAIR **pVp,
     remain -= 4;
 
     da = dict_attrbyvalue(attrid);
-    if (da == NULL)
-        goto fail;
-
-    vp = pairalloc(da);
+    if (da != NULL) {
+        vp = pairalloc(da);
+    } else {
+        vp = paircreate(attrid, PW_TYPE_STRING);
+    }
     if (vp == NULL) {
         throw new std::bad_alloc;
         goto fail;
@@ -681,13 +704,8 @@ avpImport(VALUE_PAIR **pVp,
         remain -= 5;
         break;
     case PW_TYPE_STRING:
-        /* check enough room to NUL terminate */
-        if (p[0] == MAX_STRING_LEN)
-            goto fail;
-        else
-        /* fallthrough */
     default:
-        if (p[0] > MAX_STRING_LEN)
+        if (p[0] >= MAX_STRING_LEN)
             goto fail;
 
         vp->length = (uint32_t)p[0];
@@ -710,6 +728,7 @@ avpImport(VALUE_PAIR **pVp,
 fail:
     if (vp != NULL)
         pairbasicfree(vp);
+    *pVp = NULL;
     return false;
 }
 
@@ -793,7 +812,7 @@ gssEapRadiusMapError(OM_uint32 *minor,
 
     *minor = ERROR_TABLE_BASE_rse + code;
 
-    gssEapSaveStatusInfo(*minor, "%s", rs_err_msg(err, 0));
+    gssEapSaveStatusInfo(*minor, "%s", rs_err_msg(err));
     rs_err_free(err);
 
     return GSS_S_FAILURE;