From 79d36d41a578451a37c134981d5698dec3d5a4d3 Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Wed, 8 May 2013 17:08:14 +0200 Subject: Add rs_packet_add_avp() and use it. rs_packet_create_authn_request() now uses rs_packet_add_avp() instead of rs_packet_append_avp() which makes it possible to create a authentication packet without knowing the shared secret. Calling rs_packet_add_avp() on a packet is incompatible with using rs_packet_append_avp() on the same packet but since rs_packet_create_authn_request() adds attribute-value pairs for user name and password only if those arguments are supplied, code that doesn't use user name and password (i.e. mech_eap) should still be fine. --- lib/include/radsec/radsec.h | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'lib/include') diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h index 230f671..fe6690a 100644 --- a/lib/include/radsec/radsec.h +++ b/lib/include/radsec/radsec.h @@ -321,7 +321,17 @@ int rs_packet_create_authn_request(struct rs_connection *conn, const char *user_name, const char *user_pw); -/*** Append \a tail to packet \a pkt. */ +/** Add a new attribute-value pair to \a pkt. */ +int rs_packet_add_avp(struct rs_packet *pkt, + unsigned int attr, unsigned int vendor, + const void *data, size_t data_len); + +/** Append a new attribute to packet \a pkt. Note that this function + encodes the attribute and therefore might require the secret + shared with the thought recipient to be set in pkt->rpkt. Note + also that this function marks \a pkt as already encoded and can + not be used on packets with non-encoded value-pairs already + added. */ int rs_packet_append_avp(struct rs_packet *pkt, unsigned int attribute, unsigned int vendor, -- cgit v1.1