Mark shared secret const in RADIUS client routines

16 years ago · 7d02e64157
parent 1c6e69ccda
commit 7d02e64157
7 changed files with 24 additions and 19 deletions
--- a/hostapd/accounting.c
+++ b/hostapd/accounting.c
@ -422,7 +422,8 @@ static void accounting_sta_get_id(struct hostapd_data *hapd,
 */
 static RadiusRxResult
 accounting_receive(struct radius_msg *msg, struct radius_msg *req,
-		   u8 *shared_secret, size_t shared_secret_len, void *data)
+		   const u8 *shared_secret, size_t shared_secret_len,
+		   void *data)
 {
 	if (msg->hdr->code != RADIUS_CODE_ACCOUNTING_RESPONSE) {
 		printf("Unknown RADIUS message code\n");
--- a/hostapd/ieee802_11_auth.c
+++ b/hostapd/ieee802_11_auth.c
@ -383,7 +383,7 @@ static void hostapd_acl_expire(void *eloop_ctx, void *timeout_ctx)
 */
 static RadiusRxResult
 hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
-			u8 *shared_secret, size_t shared_secret_len,
+			const u8 *shared_secret, size_t shared_secret_len,
 			void *data)
 {
 	struct hostapd_data *hapd = data;
--- a/hostapd/ieee802_1x.c
+++ b/hostapd/ieee802_1x.c
@ -1042,7 +1042,8 @@ static void ieee802_1x_decapsulate_radius(struct hostapd_data *hapd,
 static void ieee802_1x_get_keys(struct hostapd_data *hapd,
 				struct sta_info *sta, struct radius_msg *msg,
 				struct radius_msg *req,
-				u8 *shared_secret, size_t shared_secret_len)
+				const u8 *shared_secret,
+				size_t shared_secret_len)
 {
 	struct radius_ms_mppe_keys *keys;
 	struct eapol_state_machine *sm = sta->eapol_sm;
@ -1213,7 +1214,7 @@ ieee802_1x_search_radius_identifier(struct hostapd_data *hapd, u8 identifier)
 */
 static RadiusRxResult
 ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
-			u8 *shared_secret, size_t shared_secret_len,
+			const u8 *shared_secret, size_t shared_secret_len,
 			void *data)
 {
 	struct hostapd_data *hapd = data;
--- a/src/radius/radius.c
+++ b/src/radius/radius.c
@ -293,7 +293,8 @@ void radius_msg_dump(struct radius_msg *msg)
 }


-int radius_msg_finish(struct radius_msg *msg, u8 *secret, size_t secret_len)
+int radius_msg_finish(struct radius_msg *msg, const u8 *secret,
+		      size_t secret_len)
 {
 	if (secret) {
 		u8 auth[MD5_MAC_LEN];
@ -364,7 +365,7 @@ int radius_msg_finish_srv(struct radius_msg *msg, const u8 *secret,
 }


-void radius_msg_finish_acct(struct radius_msg *msg, u8 *secret,
+void radius_msg_finish_acct(struct radius_msg *msg, const u8 *secret,
 			    size_t secret_len)
 {
 	const u8 *addr[2];
@ -899,7 +900,7 @@ static void encrypt_ms_key(const u8 *key, size_t key_len, u16 salt,

 struct radius_ms_mppe_keys *
 radius_msg_get_ms_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
-		       u8 *secret, size_t secret_len)
+		       const u8 *secret, size_t secret_len)
 {
 	u8 *key;
 	size_t keylen;
@ -940,7 +941,7 @@ radius_msg_get_ms_keys(struct radius_msg *msg, struct radius_msg *sent_msg,

 struct radius_ms_mppe_keys *
 radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
-			  u8 *secret, size_t secret_len)
+			  const u8 *secret, size_t secret_len)
 {
 	u8 *key;
 	size_t keylen;
@ -1043,8 +1044,8 @@ int radius_msg_add_mppe_keys(struct radius_msg *msg,
 * in RFC 2865, Chap. 5.2 */
 struct radius_attr_hdr *
 radius_msg_add_attr_user_password(struct radius_msg *msg,
-				  u8 *data, size_t data_len,
-				  u8 *secret, size_t secret_len)
+				  const u8 *data, size_t data_len,
+				  const u8 *secret, size_t secret_len)
 {
 	u8 buf[128];
 	int padlen, i;
--- a/src/radius/radius.h
+++ b/src/radius/radius.h
@ -207,10 +207,11 @@ int radius_msg_initialize(struct radius_msg *msg, size_t init_len);
 void radius_msg_set_hdr(struct radius_msg *msg, u8 code, u8 identifier);
 void radius_msg_free(struct radius_msg *msg);
 void radius_msg_dump(struct radius_msg *msg);
-int radius_msg_finish(struct radius_msg *msg, u8 *secret, size_t secret_len);
+int radius_msg_finish(struct radius_msg *msg, const u8 *secret,
+		      size_t secret_len);
 int radius_msg_finish_srv(struct radius_msg *msg, const u8 *secret,
 			  size_t secret_len, const u8 *req_authenticator);
-void radius_msg_finish_acct(struct radius_msg *msg, u8 *secret,
+void radius_msg_finish_acct(struct radius_msg *msg, const u8 *secret,
 			    size_t secret_len);
 struct radius_attr_hdr *radius_msg_add_attr(struct radius_msg *msg, u8 type,
 					    const u8 *data, size_t data_len);
@ -229,10 +230,10 @@ void radius_msg_make_authenticator(struct radius_msg *msg,
 				   const u8 *data, size_t len);
 struct radius_ms_mppe_keys *
 radius_msg_get_ms_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
-		       u8 *secret, size_t secret_len);
+		       const u8 *secret, size_t secret_len);
 struct radius_ms_mppe_keys *
 radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
-			  u8 *secret, size_t secret_len);
+			  const u8 *secret, size_t secret_len);
 int radius_msg_add_mppe_keys(struct radius_msg *msg,
 			     const u8 *req_authenticator,
 			     const u8 *secret, size_t secret_len,
@ -240,8 +241,8 @@ int radius_msg_add_mppe_keys(struct radius_msg *msg,
 			     const u8 *recv_key, size_t recv_key_len);
 struct radius_attr_hdr *
 radius_msg_add_attr_user_password(struct radius_msg *msg,
-				  u8 *data, size_t data_len,
-				  u8 *secret, size_t secret_len);
+				  const u8 *data, size_t data_len,
+				  const u8 *secret, size_t secret_len);
 int radius_msg_get_attr(struct radius_msg *msg, u8 type, u8 *buf, size_t len);
 int radius_msg_get_vlanid(struct radius_msg *msg);

--- a/src/radius/radius_client.c
+++ b/src/radius/radius_client.c
@ -35,7 +35,8 @@
 struct radius_rx_handler {
 	RadiusRxResult (*handler)(struct radius_msg *msg,
 				  struct radius_msg *req,
-				  u8 *shared_secret, size_t shared_secret_len,
+				  const u8 *shared_secret,
+				  size_t shared_secret_len,
 				  void *data);
 	void *data;
 };
@ -106,7 +107,7 @@ int radius_client_register(struct radius_client_data *radius,
 			   RadiusType msg_type,
 			   RadiusRxResult (*handler)(struct radius_msg *msg,
 						     struct radius_msg *req,
-						     u8 *shared_secret,
+						     const u8 *shared_secret,
 						     size_t shared_secret_len,
 						     void *data),
 			   void *data)
--- a/src/radius/radius_client.h
+++ b/src/radius/radius_client.h
@ -85,7 +85,7 @@ int radius_client_register(struct radius_client_data *radius,
 			   RadiusType msg_type,
 			   RadiusRxResult (*handler)
 			   (struct radius_msg *msg, struct radius_msg *req,
-			    u8 *shared_secret, size_t shared_secret_len,
+			    const u8 *shared_secret, size_t shared_secret_len,
 			    void *data),
 			   void *data);
 int radius_client_send(struct radius_client_data *radius,