From 79d36d41a578451a37c134981d5698dec3d5a4d3 Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Wed, 8 May 2013 17:08:14 +0200 Subject: Add rs_packet_add_avp() and use it. rs_packet_create_authn_request() now uses rs_packet_add_avp() instead of rs_packet_append_avp() which makes it possible to create a authentication packet without knowing the shared secret. Calling rs_packet_add_avp() on a packet is incompatible with using rs_packet_append_avp() on the same packet but since rs_packet_create_authn_request() adds attribute-value pairs for user name and password only if those arguments are supplied, code that doesn't use user name and password (i.e. mech_eap) should still be fine. --- lib/radius/radpkt.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'lib/radius') diff --git a/lib/radius/radpkt.c b/lib/radius/radpkt.c index bb8f75e..d9486ea 100644 --- a/lib/radius/radpkt.c +++ b/lib/radius/radpkt.c @@ -871,7 +871,11 @@ ssize_t nr_packet_attr_append(RADIUS_PACKET *packet, data_len = strlen(data); } - packet->flags |= RS_PACKET_ENCODED; /* ignore any VPs */ + /* We're going to mark the whole packet as encoded so we + better not have any unencoded value-pairs attached. */ + if (packet->vps) + return -RSE_INVAL; + packet->flags |= RS_PACKET_ENCODED; attr = packet->data + packet->length; end = attr + packet->sizeof_data; -- cgit v1.1