← Back to branch summary

~ubuntu-branches/ubuntu/hardy/freeradius/hardy-proposed

« back to all changes in this revision

Viewing changes to src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c

  • Committer: Bazaar Package Importer
  • Author(s): Mark Hymers
  • Date: 2006-12-16 20:45:11 UTC
  • mfrom: (3.1.10 feisty)
  • Revision ID: james.westby@ubuntu.com-20061216204511-3pbbsu4s8jtehsor
Tags: 1.1.3-3
http://bugs.debian.org/403384
Fix POSIX compliance problem in init script.  Closes: #403384. 

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
1
1
/*
2
2
 * rlm_eap_ttls.c  contains the interfaces that are called from eap
3
3
 *
4
 
 * Version:     $Id: ttls.c,v 1.17 2004/04/19 20:21:19 aland Exp $
 
4
 * Version:     $Id: ttls.c,v 1.17.2.2.2.2 2006/07/17 19:07:37 aland Exp $
5
5
 *
6
6
 *   This program is free software; you can redistribute it and/or modify
7
7
 *   it under the terms of the GNU General Public License as published by
19
19
 *
20
20
 *   Copyright 2003 Alan DeKok <aland@freeradius.org>
21
21
 */
22
 
#include "eap_tls.h"
23
22
#include "eap_ttls.h"
24
23
 
25
24
/*
47
46
        unsigned int data_left = data_len;
48
47
 
49
48
        while (data_left > 0) {
 
49
                if (data_len < 12) {
 
50
                        DEBUG2("  rlm_eap_ttls:  Diameter attribute is too small to contain a Diameter header");
 
51
                        return 0;
 
52
                }
 
53
 
50
54
                rad_assert(data_left <= data_len);
51
55
                memcpy(&attr, data, sizeof(attr));
52
56
                data += 4;
540
544
                }
541
545
#endif
542
546
 
543
 
                record_plus(&tls_session->clean_in, buffer, total);
 
547
                (tls_session->record_plus)(&tls_session->clean_in, buffer, total);
544
548
 
545
549
                /*
546
550
                 *      FIXME: Check the return code.
547
551
                 */
548
552
                tls_handshake_send(tls_session);
549
 
                record_init(&tls_session->clean_in);
550
553
        }
551
554
 
552
555
        /*
630
633
                         */
631
634
                        pairmove2(&vp, &reply->vps, PW_EAP_MESSAGE);
632
635
                        pairfree(&vp);
633
 
 
634
 
                        /*
635
 
                         *      If we've been told to use the attributes from
636
 
                         *      the reply, then do so.
637
 
                         *
638
 
                         *      WARNING: This may leak information about the
639
 
                         *      tunneled user!
640
 
                         */
641
 
                        if (t->use_tunneled_reply) {
642
 
                                pairadd(&request->reply->vps, reply->vps);
643
 
                                reply->vps = NULL;
644
 
                        }
645
636
                }
646
637
 
647
638
                /*
652
643
                        vp2diameter(tls_session, vp);
653
644
                        pairfree(&vp);
654
645
                }
 
646
 
 
647
                /*
 
648
                 *      If we've been told to use the attributes from
 
649
                 *      the reply, then do so.
 
650
                 *
 
651
                 *      WARNING: This may leak information about the
 
652
                 *      tunneled user!
 
653
                 */
 
654
                if (t->use_tunneled_reply) {
 
655
                        pairdelete(&reply->vps, PW_PROXY_STATE);
 
656
                        pairadd(&request->reply->vps, reply->vps);
 
657
                        reply->vps = NULL;
 
658
                }
655
659
                break;
656
660
 
657
661
 
710
714
 
711
715
        default:
712
716
                DEBUG2("  TTLS: Unknown RADIUS packet type %d: rejecting tunneled user", reply->code);
713
 
                rcode = RLM_MODULE_REJECT;
 
717
                rcode = RLM_MODULE_INVALID;
714
718
                break;
715
719
        }
716
720
 
817
821
        switch (rcode) {
818
822
        case RLM_MODULE_REJECT:
819
823
                DEBUG2("  TTLS: Reply was rejected");
820
 
                return 0;
 
824
                break;
821
825
 
822
826
        case RLM_MODULE_HANDLED:
823
827
                DEBUG2("  TTLS: Reply was handled");
873
877
         *
874
878
         *      I *really* don't like these 'record_t' things...
875
879
         */
876
 
        data_len = record_minus(&tls_session->dirty_in, buffer, sizeof(buffer));
 
880
        data_len = (tls_session->record_minus)(&tls_session->dirty_in, buffer, sizeof(buffer));
877
881
        data = buffer;
878
882
 
879
883
        /*
888
892
         *      go there, too...
889
893
         */
890
894
        BIO_write(tls_session->into_ssl, buffer, data_len);
891
 
        record_init(&tls_session->clean_out);
 
895
        (tls_session->record_init)(&tls_session->clean_out);
892
896
 
893
897
        /*
894
898
         *      Read (and decrypt) the tunneled data from the SSL session,