#if defined (DEBUG)
fprintf (stderr, "%s: complete packet read\n", __func__);
#endif
- rad_decode (pkt->rpkt, NULL, pkt->conn->active_peer->secret);
+ if (!rad_packet_ok (pkt->rpkt, 0) != 0)
+ return;
+ assert (pkt->original);
+
+ /* Verify header and message authenticator. */
+ if (rad_verify (pkt->rpkt, pkt->original->rpkt,
+ pkt->conn->active_peer->secret))
+ {
+ rs_err_conn_push_fl (pkt->conn, RSE_FR, __FILE__, __LINE__,
+ "rad_verify: %s", fr_strerror ());
+ return;
+ }
+
- /* decode and decrypt */
++ /* Decode and decrypt. */
+ if (rad_decode (pkt->rpkt, pkt->original->rpkt,
+ pkt->conn->active_peer->secret))
+ {
+ rs_err_conn_push_fl (pkt->conn, RSE_FR, __FILE__, __LINE__,
+ "rad_decode: %s", fr_strerror ());
+ return;
+ }
+
+ if (pkt->conn->callbacks.received_cb)
+ pkt->conn->callbacks.received_cb (pkt, pkt->conn->user_data);
+
if (event_base_loopbreak (pkt->conn->evb) < 0)
abort (); /* FIXME */
}