From 09844c09843bda15759e258d9ac6377346446454 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Fri, 30 May 2014 20:46:20 +0300 Subject: [PATCH] RADIUS client: Do not flush pending messages if server did not change The re-open socket to the current RADIUS server code path did not work in the expected way here. The pending authentication messages do not need to be flushed in that case and neither should the retransmission parameters be cleared. Fix this by performing these operations only if the server did actually change as a part of a failover operation. Signed-off-by: Jouni Malinen --- src/radius/radius_client.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/radius/radius_client.c b/src/radius/radius_client.c index e876e8f3b..a7f11151d 100644 --- a/src/radius/radius_client.c +++ b/src/radius/radius_client.c @@ -972,9 +972,10 @@ radius_change_server(struct radius_client_data *radius, hostapd_ip_txt(&nserv->addr, abuf, sizeof(abuf)), nserv->port); - if (!oserv || nserv->shared_secret_len != oserv->shared_secret_len || - os_memcmp(nserv->shared_secret, oserv->shared_secret, - nserv->shared_secret_len) != 0) { + if (oserv && oserv != nserv && + (nserv->shared_secret_len != oserv->shared_secret_len || + os_memcmp(nserv->shared_secret, oserv->shared_secret, + nserv->shared_secret_len) != 0)) { /* Pending RADIUS packets used different shared secret, so * they need to be modified. Update accounting message * authenticators here. Authentication messages are removed @@ -992,7 +993,8 @@ radius_change_server(struct radius_client_data *radius, } /* Reset retry counters for the new server */ - for (entry = radius->msgs; entry; entry = entry->next) { + for (entry = radius->msgs; oserv && oserv != nserv && entry; + entry = entry->next) { if ((auth && entry->msg_type != RADIUS_AUTH) || (!auth && entry->msg_type != RADIUS_ACCT)) continue;