diff options
| author | Linus Nordberg <linus@nordberg.se> | 2012-12-17 16:11:14 +0100 |
|---|---|---|
| committer | Linus Nordberg <linus@nordberg.se> | 2012-12-17 16:11:14 +0100 |
| commit | 09d1cff2418a900b587b2113f508984f2417cc11 (patch) | |
| tree | 95dce8da09eccdeb8e70f10adcb285d7047b3120 /lib | |
| parent | 5b117878698519e798f928cef18eafc9dad4c15a (diff) | |
Add formal argument 'secret' to two public functions.
The functions are rs_packet_create_authn_request() and
rs_request_create_authn().
Attributes of type PW_USER_PASSWORD are supposed to be MD5
obfuscated (see vp2data_any()).
NOTE: This is a non-backward compatible API change.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/examples/client-blocking.c | 4 | ||||
| -rw-r--r-- | lib/include/radsec/radsec.h | 8 | ||||
| -rw-r--r-- | lib/include/radsec/request.h | 6 | ||||
| -rw-r--r-- | lib/packet.c | 5 | ||||
| -rw-r--r-- | lib/request.c | 5 |
5 files changed, 18 insertions, 10 deletions
diff --git a/lib/examples/client-blocking.c b/lib/examples/client-blocking.c index 1b77de3..773a26c 100644 --- a/lib/examples/client-blocking.c +++ b/lib/examples/client-blocking.c @@ -59,14 +59,14 @@ blocking_client (const char *config_fn, const char *configuration, if (use_request_object_flag) { - if (rs_request_create_authn (conn, &request, USER_NAME, USER_PW)) + if (rs_request_create_authn (conn, &request, USER_NAME, USER_PW, SECRET)) goto cleanup; if (rs_request_send (request, &resp)) goto cleanup; } else { - if (rs_packet_create_authn_request (conn, &req, USER_NAME, USER_PW)) + if (rs_packet_create_authn_request (conn, &req, USER_NAME, USER_PW, SECRET)) goto cleanup; if (rs_packet_send (req, NULL)) goto cleanup; diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h index 6c4f6a7..b45aea1 100644 --- a/lib/include/radsec/radsec.h +++ b/lib/include/radsec/radsec.h @@ -310,12 +310,14 @@ int rs_packet_send(struct rs_packet *pkt, void *user_data); /** Create a RADIUS authentication request packet associated with connection \a conn. Optionally, User-Name and User-Password - attributes are added to the packet using the data in \a user_name - and \a user_pw. */ + attributes are added to the packet using the data in \a user_name, + \a user_pw and \a secret where \secret is the RADIUS shared + secret. */ int rs_packet_create_authn_request(struct rs_connection *conn, struct rs_packet **pkt, const char *user_name, - const char *user_pw); + const char *user_pw, + const char *secret); /*** Append \a tail to packet \a pkt. */ int diff --git a/lib/include/radsec/request.h b/lib/include/radsec/request.h index f124373..574f395 100644 --- a/lib/include/radsec/request.h +++ b/lib/include/radsec/request.h @@ -22,11 +22,13 @@ void rs_request_add_reqpkt(struct rs_request *req, struct rs_packet *req_msg); /** Create a request associated with connection \a conn containing a newly created RADIUS authentication message, possibly with \a user_name and \a user_pw attributes. \a user_name and _user_pw - are optional and can be NULL. */ + are optional and can be NULL. If they are present, \a secret must + also be given and is used for "hiding" the password. */ int rs_request_create_authn(struct rs_connection *conn, struct rs_request **req_out, const char *user_name, - const char *user_pw); + const char *user_pw, + const char *secret); /** Send request \a req and wait for a matching response. The response is put in \a resp_msg (if not NULL). NOTE: At present, diff --git a/lib/packet.c b/lib/packet.c index ce68bea..fe87bfd 100644 --- a/lib/packet.c +++ b/lib/packet.c @@ -169,7 +169,9 @@ rs_packet_create (struct rs_connection *conn, struct rs_packet **pkt_out) int rs_packet_create_authn_request (struct rs_connection *conn, struct rs_packet **pkt_out, - const char *user_name, const char *user_pw) + const char *user_name, + const char *user_pw, + const char *secret) { struct rs_packet *pkt; int err; @@ -189,6 +191,7 @@ rs_packet_create_authn_request (struct rs_connection *conn, if (user_pw) { + pkt->rpkt->secret = secret; err = rs_packet_append_avp (pkt, PW_USER_PASSWORD, 0, user_pw, 0); if (err) return err; diff --git a/lib/request.c b/lib/request.c index b964bea..d624162 100644 --- a/lib/request.c +++ b/lib/request.c @@ -51,7 +51,8 @@ int rs_request_create_authn (struct rs_connection *conn, struct rs_request **req_out, const char *user_name, - const char *user_pw) + const char *user_pw, + const char *secret) { struct rs_request *req = NULL; assert (req_out); @@ -59,7 +60,7 @@ rs_request_create_authn (struct rs_connection *conn, if (rs_request_create (conn, &req)) return -1; - if (rs_packet_create_authn_request (conn, &req->req_msg, user_name, user_pw)) + if (rs_packet_create_authn_request (conn, &req->req_msg, user_name, user_pw, secret)) return -1; if (req_out) |