jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Extend radius_msg_get_tunnel_password() to support multiple passwords

Browse source 
The new function parameter can now be used to specify which password to
return.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
This commit is contained in:
Michael Braun 2012-11-25 17:19:04 +02:00 committed by Jouni Malinen
parent 1a2d22a242
commit 14e919478e
3 changed files with 10 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/ap/ieee802_11_auth.c
View file

@ -482,7 +482,7 @@ hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
msg, &passphraselen, msg, &passphraselen,
hapd->conf->radius->auth_server->shared_secret, hapd->conf->radius->auth_server->shared_secret,
hapd->conf->radius->auth_server->shared_secret_len, hapd->conf->radius->auth_server->shared_secret_len,
req); req, 0);
cache->has_psk = passphrase != NULL; cache->has_psk = passphrase != NULL;
if (passphrase != NULL) { if (passphrase != NULL) {
/* passphrase does not contain the NULL termination. /* passphrase does not contain the NULL termination.

13
src/radius/radius.c
View file

@ -1406,11 +1406,12 @@ int radius_msg_get_vlanid(struct radius_msg *msg)
* @secret: RADIUS shared secret * @secret: RADIUS shared secret
* @secret_len: Length of secret * @secret_len: Length of secret
* @sent_msg: Sent RADIUS message * @sent_msg: Sent RADIUS message
* Returns: pointer to password (free with os_free) or %NULL * @n: Number of password attribute to return (starting with 0)
* Returns: Pointer to n-th password (free with os_free) or %NULL
*/ */
char * radius_msg_get_tunnel_password(struct radius_msg *msg, int *keylen, char * radius_msg_get_tunnel_password(struct radius_msg *msg, int *keylen,
const u8 *secret, size_t secret_len, const u8 *secret, size_t secret_len,
struct radius_msg *sent_msg) struct radius_msg *sent_msg, size_t n)
{ {
u8 *buf = NULL; u8 *buf = NULL;
size_t buflen; size_t buflen;
@ -1420,7 +1421,7 @@ char * radius_msg_get_tunnel_password(struct radius_msg *msg, int *keylen,
size_t len[3]; size_t len[3];
u8 hash[16]; u8 hash[16];
u8 *pos; u8 *pos;
size_t i; size_t i, j = 0;
struct radius_attr_hdr *attr; struct radius_attr_hdr *attr;
const u8 *data; const u8 *data;
size_t dlen; size_t dlen;
@ -1428,7 +1429,7 @@ char * radius_msg_get_tunnel_password(struct radius_msg *msg, int *keylen,
size_t fdlen = -1; size_t fdlen = -1;
char *ret = NULL; char *ret = NULL;
/* find attribute with lowest tag and check it */ /* find n-th valid Tunnel-Password attribute */
for (i = 0; i < msg->attr_used; i++) { for (i = 0; i < msg->attr_used; i++) {
attr = radius_get_attr_hdr(msg, i); attr = radius_get_attr_hdr(msg, i);
if (attr == NULL || if (attr == NULL ||
@ -1441,11 +1442,13 @@ char * radius_msg_get_tunnel_password(struct radius_msg *msg, int *keylen,
dlen = attr->length - sizeof(*attr); dlen = attr->length - sizeof(*attr);
if (dlen <= 3 || dlen % 16 != 3) if (dlen <= 3 || dlen % 16 != 3)
continue; continue;
if (fdata != NULL && fdata[0] <= data[0]) j++;
if (j <= n)
continue; continue;
fdata = data; fdata = data;
fdlen = dlen; fdlen = dlen;
break;
} }
if (fdata == NULL) if (fdata == NULL)
goto out; goto out;

2
src/radius/radius.h
View file

@ -242,7 +242,7 @@ int radius_msg_get_attr(struct radius_msg *msg, u8 type, u8 *buf, size_t len);
int radius_msg_get_vlanid(struct radius_msg *msg); int radius_msg_get_vlanid(struct radius_msg *msg);
char * radius_msg_get_tunnel_password(struct radius_msg *msg, int *keylen, char * radius_msg_get_tunnel_password(struct radius_msg *msg, int *keylen,
const u8 *secret, size_t secret_len, const u8 *secret, size_t secret_len,
struct radius_msg *sent_msg); struct radius_msg *sent_msg, size_t n);
static inline int radius_msg_add_attr_int32(struct radius_msg *msg, u8 type, static inline int radius_msg_add_attr_int32(struct radius_msg *msg, u8 type,
u32 value) u32 value)