if (use_request_object_flag)
{
- if (rs_request_create_authn (conn, &request, USER_NAME, USER_PW))
+ if (rs_request_create_authn (conn, &request, USER_NAME, USER_PW, SECRET))
goto cleanup;
if (rs_request_send (request, &resp))
goto cleanup;
}
else
{
- if (rs_packet_create_authn_request (conn, &req, USER_NAME, USER_PW))
+ if (rs_packet_create_authn_request (conn, &req, USER_NAME, USER_PW, SECRET))
goto cleanup;
if (rs_packet_send (req, NULL))
goto cleanup;
/** Create a RADIUS authentication request packet associated with
connection \a conn. Optionally, User-Name and User-Password
- attributes are added to the packet using the data in \a user_name
- and \a user_pw. */
+ attributes are added to the packet using the data in \a user_name,
+ \a user_pw and \a secret where \secret is the RADIUS shared
+ secret. */
int rs_packet_create_authn_request(struct rs_connection *conn,
struct rs_packet **pkt,
const char *user_name,
- const char *user_pw);
+ const char *user_pw,
+ const char *secret);
/*** Append \a tail to packet \a pkt. */
int
/** Create a request associated with connection \a conn containing a
newly created RADIUS authentication message, possibly with \a
user_name and \a user_pw attributes. \a user_name and _user_pw
- are optional and can be NULL. */
+ are optional and can be NULL. If they are present, \a secret must
+ also be given and is used for "hiding" the password. */
int rs_request_create_authn(struct rs_connection *conn,
struct rs_request **req_out,
const char *user_name,
- const char *user_pw);
+ const char *user_pw,
+ const char *secret);
/** Send request \a req and wait for a matching response. The
response is put in \a resp_msg (if not NULL). NOTE: At present,
int
rs_packet_create_authn_request (struct rs_connection *conn,
struct rs_packet **pkt_out,
- const char *user_name, const char *user_pw)
+ const char *user_name,
+ const char *user_pw,
+ const char *secret)
{
struct rs_packet *pkt;
int err;
if (user_pw)
{
+ pkt->rpkt->secret = secret;
err = rs_packet_append_avp (pkt, PW_USER_PASSWORD, 0, user_pw, 0);
if (err)
return err;
rs_request_create_authn (struct rs_connection *conn,
struct rs_request **req_out,
const char *user_name,
- const char *user_pw)
+ const char *user_pw,
+ const char *secret)
{
struct rs_request *req = NULL;
assert (req_out);
if (rs_request_create (conn, &req))
return -1;
- if (rs_packet_create_authn_request (conn, &req->req_msg, user_name, user_pw))
+ if (rs_packet_create_authn_request (conn, &req->req_msg, user_name, user_pw, secret))
return -1;
if (req_out)