summaryrefslogtreecommitdiff
path: root/radmsg.c
diff options
context:
space:
mode:
authorvenaas <venaas>2008-09-14 14:56:38 +0000
committervenaas <venaas@e88ac4ed-0b26-0410-9574-a7f39faa03bf>2008-09-14 14:56:38 +0000
commit973eaceb232a0038d97cf21c13c53ae33a5e232b (patch)
tree558bfd5987cbf37c0d849af2cb222e8846782b24 /radmsg.c
parent69a0d3aebfa4725c72b4843369d2c0a7c71a569b (diff)
cleaning up code
git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@377 e88ac4ed-0b26-0410-9574-a7f39faa03bf
Diffstat (limited to 'radmsg.c')
-rw-r--r--radmsg.c26
1 files changed, 26 insertions, 0 deletions
diff --git a/radmsg.c b/radmsg.c
index 6f18a1d..0521fc6 100644
--- a/radmsg.c
+++ b/radmsg.c
@@ -166,6 +166,28 @@ int _createmessageauth(unsigned char *rad, unsigned char *authattrval, uint8_t *
return 1;
}
+int _radsign(unsigned char *rad, unsigned char *sec) {
+ static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
+ static unsigned char first = 1;
+ static EVP_MD_CTX mdctx;
+ unsigned int md_len;
+ int result;
+
+ pthread_mutex_lock(&lock);
+ if (first) {
+ EVP_MD_CTX_init(&mdctx);
+ first = 0;
+ }
+
+ result = (EVP_DigestInit_ex(&mdctx, EVP_md5(), NULL) &&
+ EVP_DigestUpdate(&mdctx, rad, RADLEN(rad)) &&
+ EVP_DigestUpdate(&mdctx, sec, strlen((char *)sec)) &&
+ EVP_DigestFinal_ex(&mdctx, rad + 4, &md_len) &&
+ md_len == 16);
+ pthread_mutex_unlock(&lock);
+ return result;
+}
+
uint8_t *radmsg2buf(struct radmsg *msg, uint8_t *secret) {
struct list_node *node;
struct tlv *tlv;
@@ -203,6 +225,10 @@ uint8_t *radmsg2buf(struct radmsg *msg, uint8_t *secret) {
free(buf);
return NULL;
}
+ if (secret && (msg->code == RAD_Access_Accept || msg->code == RAD_Access_Reject || msg->code == RAD_Access_Challenge || msg->code == RAD_Accounting_Response || msg->code == RAD_Accounting_Request) && !_radsign(buf, secret)) {
+ free(buf);
+ return NULL;
+ }
return buf;
}
generated by cgit v1.1 at 2024-12-26 22:12:41 +0000