summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordberg.se>2013-05-17 10:50:11 +0200
committerLinus Nordberg <linus@nordberg.se>2013-05-17 10:50:11 +0200
commitbc7b85e8e4fa2e0e8d31bca161b2ad1a01ccafc5 (patch)
tree8b0808a9b8b72608134ae505d997ddb73dfdfaff /lib
parentb920acc2f69c099e8b9f1e97001f03b42d4c97c7 (diff)
parent9ac979d07ab5ddbc283daf3e469f7ae756c2a351 (diff)
Merge branch 'libradsec-add-avp-2' into libradsec
Conflicts: lib/Makefile.am
Diffstat (limited to 'lib')
-rw-r--r--lib/Makefile.am2
-rw-r--r--lib/include/radsec/radsec.h12
-rw-r--r--lib/packet.c45
-rw-r--r--lib/radius/radpkt.c6
-rw-r--r--lib/radsec.sym1
5 files changed, 61 insertions, 5 deletions
diff --git a/lib/Makefile.am b/lib/Makefile.am
index 237294a..769e7ab 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -67,5 +67,5 @@ EXTRA_DIST = HACKING LICENSE libradsec.spec radsec.sym
AM_DISTCHECK_CONFIGURE_FLAGS = --enable-tls --enable-tls-psk
libradsec_la_LIBADD = radsecproxy/libradsec-radsecproxy.la radius/libradsec-radius.la
-libradsec_la_LDFLAGS = -version-info 0:0:0 -export-symbols $(srcdir)/radsec.sym
+libradsec_la_LDFLAGS = -version-info 1:0:1 -export-symbols $(srcdir)/radsec.sym
libradsec_la_CFLAGS = $(AM_CFLAGS) -DHAVE_CONFIG_H -Werror # -DDEBUG -DDEBUG_LEVENT
diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h
index d6150bf..bc061e0 100644
--- a/lib/include/radsec/radsec.h
+++ b/lib/include/radsec/radsec.h
@@ -322,7 +322,17 @@ int rs_packet_create_authn_request(struct rs_connection *conn,
const char *user_name,
const char *user_pw);
-/*** Append \a tail to packet \a pkt. */
+/** Add a new attribute-value pair to \a pkt. */
+int rs_packet_add_avp(struct rs_packet *pkt,
+ unsigned int attr, unsigned int vendor,
+ const void *data, size_t data_len);
+
+/** Append a new attribute to packet \a pkt. Note that this function
+ encodes the attribute and therefore might require the secret
+ shared with the thought recipient to be set in pkt->rpkt. Note
+ also that this function marks \a pkt as already encoded and can
+ not be used on packets with non-encoded value-pairs already
+ added. */
int
rs_packet_append_avp(struct rs_packet *pkt,
unsigned int attribute, unsigned int vendor,
diff --git a/lib/packet.c b/lib/packet.c
index a0b3eb2..5daad25 100644
--- a/lib/packet.c
+++ b/lib/packet.c
@@ -173,14 +173,16 @@ rs_packet_create_authn_request (struct rs_connection *conn,
if (user_name)
{
- err = rs_packet_append_avp (pkt, PW_USER_NAME, 0, user_name, 0);
+ err = rs_packet_add_avp (pkt, PW_USER_NAME, 0, user_name,
+ strlen (user_name));
if (err)
return err;
}
if (user_pw)
{
- err = rs_packet_append_avp (pkt, PW_USER_PASSWORD, 0, user_pw, 0);
+ err = rs_packet_add_avp (pkt, PW_USER_PASSWORD, 0, user_pw,
+ strlen (user_pw));
if (err)
return err;
}
@@ -201,6 +203,45 @@ rs_packet_destroy (struct rs_packet *pkt)
}
int
+rs_packet_add_avp (struct rs_packet *pkt,
+ unsigned int attr, unsigned int vendor,
+ const void *data, size_t data_len)
+
+{
+ const DICT_ATTR *da;
+ VALUE_PAIR *vp;
+ int err;
+
+ assert (pkt);
+ assert (pkt->conn);
+ assert (pkt->conn->ctx);
+
+ da = nr_dict_attr_byvalue (attr, vendor);
+ if (da == NULL)
+ return rs_err_conn_push (pkt->conn, RSE_ATTR_TYPE_UNKNOWN,
+ "nr_dict_attr_byvalue");
+ vp = rs_malloc (pkt->conn->ctx, sizeof(*vp));
+ if (vp == NULL)
+ return rs_err_conn_push (pkt->conn, RSE_NOMEM, NULL);
+ if (nr_vp_init (vp, da) == NULL)
+ {
+ nr_vp_free (&vp);
+ return rs_err_conn_push (pkt->conn, RSE_INTERNAL, NULL);
+ }
+ err = nr_vp_set_data (vp, data, data_len);
+ if (err < 0)
+ {
+ nr_vp_free (&vp);
+ return rs_err_conn_push (pkt->conn, -err, "nr_vp_set_data");
+ }
+ nr_vps_append (&pkt->rpkt->vps, vp);
+
+ return RSE_OK;
+}
+
+/* TODO: Rename rs_packet_append_avp, indicating that encoding is
+ being done. */
+int
rs_packet_append_avp (struct rs_packet *pkt,
unsigned int attr, unsigned int vendor,
const void *data, size_t data_len)
diff --git a/lib/radius/radpkt.c b/lib/radius/radpkt.c
index bb8f75e..d9486ea 100644
--- a/lib/radius/radpkt.c
+++ b/lib/radius/radpkt.c
@@ -871,7 +871,11 @@ ssize_t nr_packet_attr_append(RADIUS_PACKET *packet,
data_len = strlen(data);
}
- packet->flags |= RS_PACKET_ENCODED; /* ignore any VPs */
+ /* We're going to mark the whole packet as encoded so we
+ better not have any unencoded value-pairs attached. */
+ if (packet->vps)
+ return -RSE_INVAL;
+ packet->flags |= RS_PACKET_ENCODED;
attr = packet->data + packet->length;
end = attr + packet->sizeof_data;
diff --git a/lib/radsec.sym b/lib/radsec.sym
index f234082..77fcacc 100644
--- a/lib/radsec.sym
+++ b/lib/radsec.sym
@@ -65,6 +65,7 @@ rs_err_ctx_push
rs_err_ctx_push_fl
rs_err_free
rs_err_msg
+rs_packet_add_avp
rs_packet_append_avp
rs_packet_avps
rs_packet_code