Mark shared secret const in RADIUS client routines
This commit is contained in:
parent
1c6e69ccda
commit
7d02e64157
7 changed files with 24 additions and 19 deletions
|
@ -422,7 +422,8 @@ static void accounting_sta_get_id(struct hostapd_data *hapd,
|
||||||
*/
|
*/
|
||||||
static RadiusRxResult
|
static RadiusRxResult
|
||||||
accounting_receive(struct radius_msg *msg, struct radius_msg *req,
|
accounting_receive(struct radius_msg *msg, struct radius_msg *req,
|
||||||
u8 *shared_secret, size_t shared_secret_len, void *data)
|
const u8 *shared_secret, size_t shared_secret_len,
|
||||||
|
void *data)
|
||||||
{
|
{
|
||||||
if (msg->hdr->code != RADIUS_CODE_ACCOUNTING_RESPONSE) {
|
if (msg->hdr->code != RADIUS_CODE_ACCOUNTING_RESPONSE) {
|
||||||
printf("Unknown RADIUS message code\n");
|
printf("Unknown RADIUS message code\n");
|
||||||
|
|
|
@ -383,7 +383,7 @@ static void hostapd_acl_expire(void *eloop_ctx, void *timeout_ctx)
|
||||||
*/
|
*/
|
||||||
static RadiusRxResult
|
static RadiusRxResult
|
||||||
hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
|
hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
|
||||||
u8 *shared_secret, size_t shared_secret_len,
|
const u8 *shared_secret, size_t shared_secret_len,
|
||||||
void *data)
|
void *data)
|
||||||
{
|
{
|
||||||
struct hostapd_data *hapd = data;
|
struct hostapd_data *hapd = data;
|
||||||
|
|
|
@ -1042,7 +1042,8 @@ static void ieee802_1x_decapsulate_radius(struct hostapd_data *hapd,
|
||||||
static void ieee802_1x_get_keys(struct hostapd_data *hapd,
|
static void ieee802_1x_get_keys(struct hostapd_data *hapd,
|
||||||
struct sta_info *sta, struct radius_msg *msg,
|
struct sta_info *sta, struct radius_msg *msg,
|
||||||
struct radius_msg *req,
|
struct radius_msg *req,
|
||||||
u8 *shared_secret, size_t shared_secret_len)
|
const u8 *shared_secret,
|
||||||
|
size_t shared_secret_len)
|
||||||
{
|
{
|
||||||
struct radius_ms_mppe_keys *keys;
|
struct radius_ms_mppe_keys *keys;
|
||||||
struct eapol_state_machine *sm = sta->eapol_sm;
|
struct eapol_state_machine *sm = sta->eapol_sm;
|
||||||
|
@ -1213,7 +1214,7 @@ ieee802_1x_search_radius_identifier(struct hostapd_data *hapd, u8 identifier)
|
||||||
*/
|
*/
|
||||||
static RadiusRxResult
|
static RadiusRxResult
|
||||||
ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
|
ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
|
||||||
u8 *shared_secret, size_t shared_secret_len,
|
const u8 *shared_secret, size_t shared_secret_len,
|
||||||
void *data)
|
void *data)
|
||||||
{
|
{
|
||||||
struct hostapd_data *hapd = data;
|
struct hostapd_data *hapd = data;
|
||||||
|
|
|
@ -293,7 +293,8 @@ void radius_msg_dump(struct radius_msg *msg)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int radius_msg_finish(struct radius_msg *msg, u8 *secret, size_t secret_len)
|
int radius_msg_finish(struct radius_msg *msg, const u8 *secret,
|
||||||
|
size_t secret_len)
|
||||||
{
|
{
|
||||||
if (secret) {
|
if (secret) {
|
||||||
u8 auth[MD5_MAC_LEN];
|
u8 auth[MD5_MAC_LEN];
|
||||||
|
@ -364,7 +365,7 @@ int radius_msg_finish_srv(struct radius_msg *msg, const u8 *secret,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void radius_msg_finish_acct(struct radius_msg *msg, u8 *secret,
|
void radius_msg_finish_acct(struct radius_msg *msg, const u8 *secret,
|
||||||
size_t secret_len)
|
size_t secret_len)
|
||||||
{
|
{
|
||||||
const u8 *addr[2];
|
const u8 *addr[2];
|
||||||
|
@ -899,7 +900,7 @@ static void encrypt_ms_key(const u8 *key, size_t key_len, u16 salt,
|
||||||
|
|
||||||
struct radius_ms_mppe_keys *
|
struct radius_ms_mppe_keys *
|
||||||
radius_msg_get_ms_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
|
radius_msg_get_ms_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
|
||||||
u8 *secret, size_t secret_len)
|
const u8 *secret, size_t secret_len)
|
||||||
{
|
{
|
||||||
u8 *key;
|
u8 *key;
|
||||||
size_t keylen;
|
size_t keylen;
|
||||||
|
@ -940,7 +941,7 @@ radius_msg_get_ms_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
|
||||||
|
|
||||||
struct radius_ms_mppe_keys *
|
struct radius_ms_mppe_keys *
|
||||||
radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
|
radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
|
||||||
u8 *secret, size_t secret_len)
|
const u8 *secret, size_t secret_len)
|
||||||
{
|
{
|
||||||
u8 *key;
|
u8 *key;
|
||||||
size_t keylen;
|
size_t keylen;
|
||||||
|
@ -1043,8 +1044,8 @@ int radius_msg_add_mppe_keys(struct radius_msg *msg,
|
||||||
* in RFC 2865, Chap. 5.2 */
|
* in RFC 2865, Chap. 5.2 */
|
||||||
struct radius_attr_hdr *
|
struct radius_attr_hdr *
|
||||||
radius_msg_add_attr_user_password(struct radius_msg *msg,
|
radius_msg_add_attr_user_password(struct radius_msg *msg,
|
||||||
u8 *data, size_t data_len,
|
const u8 *data, size_t data_len,
|
||||||
u8 *secret, size_t secret_len)
|
const u8 *secret, size_t secret_len)
|
||||||
{
|
{
|
||||||
u8 buf[128];
|
u8 buf[128];
|
||||||
int padlen, i;
|
int padlen, i;
|
||||||
|
|
|
@ -207,10 +207,11 @@ int radius_msg_initialize(struct radius_msg *msg, size_t init_len);
|
||||||
void radius_msg_set_hdr(struct radius_msg *msg, u8 code, u8 identifier);
|
void radius_msg_set_hdr(struct radius_msg *msg, u8 code, u8 identifier);
|
||||||
void radius_msg_free(struct radius_msg *msg);
|
void radius_msg_free(struct radius_msg *msg);
|
||||||
void radius_msg_dump(struct radius_msg *msg);
|
void radius_msg_dump(struct radius_msg *msg);
|
||||||
int radius_msg_finish(struct radius_msg *msg, u8 *secret, size_t secret_len);
|
int radius_msg_finish(struct radius_msg *msg, const u8 *secret,
|
||||||
|
size_t secret_len);
|
||||||
int radius_msg_finish_srv(struct radius_msg *msg, const u8 *secret,
|
int radius_msg_finish_srv(struct radius_msg *msg, const u8 *secret,
|
||||||
size_t secret_len, const u8 *req_authenticator);
|
size_t secret_len, const u8 *req_authenticator);
|
||||||
void radius_msg_finish_acct(struct radius_msg *msg, u8 *secret,
|
void radius_msg_finish_acct(struct radius_msg *msg, const u8 *secret,
|
||||||
size_t secret_len);
|
size_t secret_len);
|
||||||
struct radius_attr_hdr *radius_msg_add_attr(struct radius_msg *msg, u8 type,
|
struct radius_attr_hdr *radius_msg_add_attr(struct radius_msg *msg, u8 type,
|
||||||
const u8 *data, size_t data_len);
|
const u8 *data, size_t data_len);
|
||||||
|
@ -229,10 +230,10 @@ void radius_msg_make_authenticator(struct radius_msg *msg,
|
||||||
const u8 *data, size_t len);
|
const u8 *data, size_t len);
|
||||||
struct radius_ms_mppe_keys *
|
struct radius_ms_mppe_keys *
|
||||||
radius_msg_get_ms_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
|
radius_msg_get_ms_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
|
||||||
u8 *secret, size_t secret_len);
|
const u8 *secret, size_t secret_len);
|
||||||
struct radius_ms_mppe_keys *
|
struct radius_ms_mppe_keys *
|
||||||
radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
|
radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
|
||||||
u8 *secret, size_t secret_len);
|
const u8 *secret, size_t secret_len);
|
||||||
int radius_msg_add_mppe_keys(struct radius_msg *msg,
|
int radius_msg_add_mppe_keys(struct radius_msg *msg,
|
||||||
const u8 *req_authenticator,
|
const u8 *req_authenticator,
|
||||||
const u8 *secret, size_t secret_len,
|
const u8 *secret, size_t secret_len,
|
||||||
|
@ -240,8 +241,8 @@ int radius_msg_add_mppe_keys(struct radius_msg *msg,
|
||||||
const u8 *recv_key, size_t recv_key_len);
|
const u8 *recv_key, size_t recv_key_len);
|
||||||
struct radius_attr_hdr *
|
struct radius_attr_hdr *
|
||||||
radius_msg_add_attr_user_password(struct radius_msg *msg,
|
radius_msg_add_attr_user_password(struct radius_msg *msg,
|
||||||
u8 *data, size_t data_len,
|
const u8 *data, size_t data_len,
|
||||||
u8 *secret, size_t secret_len);
|
const u8 *secret, size_t secret_len);
|
||||||
int radius_msg_get_attr(struct radius_msg *msg, u8 type, u8 *buf, size_t len);
|
int radius_msg_get_attr(struct radius_msg *msg, u8 type, u8 *buf, size_t len);
|
||||||
int radius_msg_get_vlanid(struct radius_msg *msg);
|
int radius_msg_get_vlanid(struct radius_msg *msg);
|
||||||
|
|
||||||
|
|
|
@ -35,7 +35,8 @@
|
||||||
struct radius_rx_handler {
|
struct radius_rx_handler {
|
||||||
RadiusRxResult (*handler)(struct radius_msg *msg,
|
RadiusRxResult (*handler)(struct radius_msg *msg,
|
||||||
struct radius_msg *req,
|
struct radius_msg *req,
|
||||||
u8 *shared_secret, size_t shared_secret_len,
|
const u8 *shared_secret,
|
||||||
|
size_t shared_secret_len,
|
||||||
void *data);
|
void *data);
|
||||||
void *data;
|
void *data;
|
||||||
};
|
};
|
||||||
|
@ -106,7 +107,7 @@ int radius_client_register(struct radius_client_data *radius,
|
||||||
RadiusType msg_type,
|
RadiusType msg_type,
|
||||||
RadiusRxResult (*handler)(struct radius_msg *msg,
|
RadiusRxResult (*handler)(struct radius_msg *msg,
|
||||||
struct radius_msg *req,
|
struct radius_msg *req,
|
||||||
u8 *shared_secret,
|
const u8 *shared_secret,
|
||||||
size_t shared_secret_len,
|
size_t shared_secret_len,
|
||||||
void *data),
|
void *data),
|
||||||
void *data)
|
void *data)
|
||||||
|
|
|
@ -85,7 +85,7 @@ int radius_client_register(struct radius_client_data *radius,
|
||||||
RadiusType msg_type,
|
RadiusType msg_type,
|
||||||
RadiusRxResult (*handler)
|
RadiusRxResult (*handler)
|
||||||
(struct radius_msg *msg, struct radius_msg *req,
|
(struct radius_msg *msg, struct radius_msg *req,
|
||||||
u8 *shared_secret, size_t shared_secret_len,
|
const u8 *shared_secret, size_t shared_secret_len,
|
||||||
void *data),
|
void *data),
|
||||||
void *data);
|
void *data);
|
||||||
int radius_client_send(struct radius_client_data *radius,
|
int radius_client_send(struct radius_client_data *radius,
|
||||||
|
|
Loading…
Reference in a new issue