Add rs_packet_add_avp() and use it.

rs_packet_create_authn_request() now uses rs_packet_add_avp() instead of rs_packet_append_avp() which makes it possible to create a authentication packet without knowing the shared secret. Calling rs_packet_add_avp() on a packet is incompatible with using rs_packet_append_avp() on the same packet but since rs_packet_create_authn_request() adds attribute-value pairs for user name and password only if those arguments are supplied, code that doesn't use user name and password (i.e. mech_eap) should still be fine.
author: Linus Nordberg <linus@nordberg.se> 2013-05-08 17:08:14 +0200
committer: Linus Nordberg <linus@nordberg.se> 2013-05-08 17:13:46 +0200
commit: 79d36d41a578451a37c134981d5698dec3d5a4d3 (patch)
tree: e3aa2e4cf84a02bb5d89631988026fde786e29a1 /lib/radius/radpkt.c
parent: f71f1bdd87e58fb6fb5abc90a1b2119a4f35f1b3 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/radius/radpkt.c b/lib/radius/radpkt.c
index bb8f75e..d9486ea 100644
--- a/lib/radius/radpkt.c
+++ b/lib/radius/radpkt.c
@@ -871,7 +871,11 @@ ssize_t nr_packet_attr_append(RADIUS_PACKET *packet,
 		data_len = strlen(data);
 	}
 
-	packet->flags |= RS_PACKET_ENCODED; /* ignore any VPs */
+        /* We're going to mark the whole packet as encoded so we
+           better not have any unencoded value-pairs attached. */
+        if (packet->vps)
+                return -RSE_INVAL;
+	packet->flags |= RS_PACKET_ENCODED;
 
 	attr = packet->data + packet->length;
 	end = attr + packet->sizeof_data;
author	Linus Nordberg <linus@nordberg.se>	2013-05-08 17:08:14 +0200
committer	Linus Nordberg <linus@nordberg.se>	2013-05-08 17:13:46 +0200
commit	79d36d41a578451a37c134981d5698dec3d5a4d3 (patch)
tree	e3aa2e4cf84a02bb5d89631988026fde786e29a1 /lib/radius/radpkt.c
parent	f71f1bdd87e58fb6fb5abc90a1b2119a4f35f1b3 (diff)