Make struct radius_msg private to radius.c

This is internal data structure for RADIUS message handling and
external code should not touch it directly.
This commit is contained in:
Jouni Malinen 2009-12-19 17:26:57 +02:00
parent aa235d2ef7
commit 1489e11a94
7 changed files with 112 additions and 78 deletions

View File

@ -425,7 +425,7 @@ accounting_receive(struct radius_msg *msg, struct radius_msg *req,
const u8 *shared_secret, size_t shared_secret_len, const u8 *shared_secret, size_t shared_secret_len,
void *data) void *data)
{ {
if (msg->hdr->code != RADIUS_CODE_ACCOUNTING_RESPONSE) { if (radius_msg_get_hdr(msg)->code != RADIUS_CODE_ACCOUNTING_RESPONSE) {
printf("Unknown RADIUS message code\n"); printf("Unknown RADIUS message code\n");
return RADIUS_RX_UNKNOWN; return RADIUS_RX_UNKNOWN;
} }

View File

@ -401,11 +401,12 @@ hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
struct hostapd_data *hapd = data; struct hostapd_data *hapd = data;
struct hostapd_acl_query_data *query, *prev; struct hostapd_acl_query_data *query, *prev;
struct hostapd_cached_radius_acl *cache; struct hostapd_cached_radius_acl *cache;
struct radius_hdr *hdr = radius_msg_get_hdr(msg);
query = hapd->acl_queries; query = hapd->acl_queries;
prev = NULL; prev = NULL;
while (query) { while (query) {
if (query->radius_id == msg->hdr->identifier) if (query->radius_id == hdr->identifier)
break; break;
prev = query; prev = query;
query = query->next; query = query->next;
@ -422,10 +423,10 @@ hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
return RADIUS_RX_INVALID_AUTHENTICATOR; return RADIUS_RX_INVALID_AUTHENTICATOR;
} }
if (msg->hdr->code != RADIUS_CODE_ACCESS_ACCEPT && if (hdr->code != RADIUS_CODE_ACCESS_ACCEPT &&
msg->hdr->code != RADIUS_CODE_ACCESS_REJECT) { hdr->code != RADIUS_CODE_ACCESS_REJECT) {
wpa_printf(MSG_DEBUG, "Unknown RADIUS message code %d to ACL " wpa_printf(MSG_DEBUG, "Unknown RADIUS message code %d to ACL "
"query", msg->hdr->code); "query", hdr->code);
return RADIUS_RX_UNKNOWN; return RADIUS_RX_UNKNOWN;
} }
@ -437,7 +438,7 @@ hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
} }
time(&cache->timestamp); time(&cache->timestamp);
os_memcpy(cache->addr, query->addr, sizeof(cache->addr)); os_memcpy(cache->addr, query->addr, sizeof(cache->addr));
if (msg->hdr->code == RADIUS_CODE_ACCESS_ACCEPT) { if (hdr->code == RADIUS_CODE_ACCESS_ACCEPT) {
if (radius_msg_get_attr_int32(msg, RADIUS_ATTR_SESSION_TIMEOUT, if (radius_msg_get_attr_int32(msg, RADIUS_ATTR_SESSION_TIMEOUT,
&cache->session_timeout) == 0) &cache->session_timeout) == 0)
cache->accepted = HOSTAPD_ACL_ACCEPT_TIMEOUT; cache->accepted = HOSTAPD_ACL_ACCEPT_TIMEOUT;

View File

@ -543,7 +543,8 @@ static void ieee802_1x_encapsulate_radius(struct hostapd_data *hapd,
/* State attribute must be copied if and only if this packet is /* State attribute must be copied if and only if this packet is
* Access-Request reply to the previous Access-Challenge */ * Access-Request reply to the previous Access-Challenge */
if (sm->last_recv_radius && sm->last_recv_radius->hdr->code == if (sm->last_recv_radius &&
radius_msg_get_hdr(sm->last_recv_radius)->code ==
RADIUS_CODE_ACCESS_CHALLENGE) { RADIUS_CODE_ACCESS_CHALLENGE) {
int res = radius_msg_copy_attr(msg, sm->last_recv_radius, int res = radius_msg_copy_attr(msg, sm->last_recv_radius,
RADIUS_ATTR_STATE); RADIUS_ATTR_STATE);
@ -1201,8 +1202,9 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
int session_timeout_set, old_vlanid = 0; int session_timeout_set, old_vlanid = 0;
struct eapol_state_machine *sm; struct eapol_state_machine *sm;
int override_eapReq = 0; int override_eapReq = 0;
struct radius_hdr *hdr = radius_msg_get_hdr(msg);
sm = ieee802_1x_search_radius_identifier(hapd, msg->hdr->identifier); sm = ieee802_1x_search_radius_identifier(hapd, hdr->identifier);
if (sm == NULL) { if (sm == NULL) {
wpa_printf(MSG_DEBUG, "IEEE 802.1X: Could not find matching " wpa_printf(MSG_DEBUG, "IEEE 802.1X: Could not find matching "
"station for this RADIUS message"); "station for this RADIUS message");
@ -1212,7 +1214,7 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
/* RFC 2869, Ch. 5.13: valid Message-Authenticator attribute MUST be /* RFC 2869, Ch. 5.13: valid Message-Authenticator attribute MUST be
* present when packet contains an EAP-Message attribute */ * present when packet contains an EAP-Message attribute */
if (msg->hdr->code == RADIUS_CODE_ACCESS_REJECT && if (hdr->code == RADIUS_CODE_ACCESS_REJECT &&
radius_msg_get_attr(msg, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, NULL, radius_msg_get_attr(msg, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, NULL,
0) < 0 && 0) < 0 &&
radius_msg_get_attr(msg, RADIUS_ATTR_EAP_MESSAGE, NULL, 0) < 0) { radius_msg_get_attr(msg, RADIUS_ATTR_EAP_MESSAGE, NULL, 0) < 0) {
@ -1226,9 +1228,9 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
return RADIUS_RX_INVALID_AUTHENTICATOR; return RADIUS_RX_INVALID_AUTHENTICATOR;
} }
if (msg->hdr->code != RADIUS_CODE_ACCESS_ACCEPT && if (hdr->code != RADIUS_CODE_ACCESS_ACCEPT &&
msg->hdr->code != RADIUS_CODE_ACCESS_REJECT && hdr->code != RADIUS_CODE_ACCESS_REJECT &&
msg->hdr->code != RADIUS_CODE_ACCESS_CHALLENGE) { hdr->code != RADIUS_CODE_ACCESS_CHALLENGE) {
printf("Unknown RADIUS message code\n"); printf("Unknown RADIUS message code\n");
return RADIUS_RX_UNKNOWN; return RADIUS_RX_UNKNOWN;
} }
@ -1248,7 +1250,7 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
termination_action = RADIUS_TERMINATION_ACTION_DEFAULT; termination_action = RADIUS_TERMINATION_ACTION_DEFAULT;
if (hapd->conf->acct_interim_interval == 0 && if (hapd->conf->acct_interim_interval == 0 &&
msg->hdr->code == RADIUS_CODE_ACCESS_ACCEPT && hdr->code == RADIUS_CODE_ACCESS_ACCEPT &&
radius_msg_get_attr_int32(msg, RADIUS_ATTR_ACCT_INTERIM_INTERVAL, radius_msg_get_attr_int32(msg, RADIUS_ATTR_ACCT_INTERIM_INTERVAL,
&acct_interim_interval) == 0) { &acct_interim_interval) == 0) {
if (acct_interim_interval < 60) { if (acct_interim_interval < 60) {
@ -1263,7 +1265,7 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
} }
switch (msg->hdr->code) { switch (hdr->code) {
case RADIUS_CODE_ACCESS_ACCEPT: case RADIUS_CODE_ACCESS_ACCEPT:
if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED) if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED)
sta->vlan_id = 0; sta->vlan_id = 0;

View File

@ -21,6 +21,52 @@
#include "radius.h" #include "radius.h"
/**
* struct radius_msg - RADIUS message structure for new and parsed messages
*/
struct radius_msg {
/**
* buf - Allocated buffer for RADIUS message
*/
struct wpabuf *buf;
/**
* hdr - Pointer to the RADIUS header in buf
*/
struct radius_hdr *hdr;
/**
* attr_pos - Array of indexes to attributes
*
* The values are number of bytes from buf to the beginning of
* struct radius_attr_hdr.
*/
size_t *attr_pos;
/**
* attr_size - Total size of the attribute pointer array
*/
size_t attr_size;
/**
* attr_used - Total number of attributes in the array
*/
size_t attr_used;
};
struct radius_hdr * radius_msg_get_hdr(struct radius_msg *msg)
{
return msg->hdr;
}
struct wpabuf * radius_msg_get_buf(struct radius_msg *msg)
{
return msg->buf;
}
static struct radius_attr_hdr * static struct radius_attr_hdr *
radius_get_attr_hdr(struct radius_msg *msg, int idx) radius_get_attr_hdr(struct radius_msg *msg, int idx)
{ {

View File

@ -173,39 +173,7 @@ struct radius_ms_mppe_keys {
}; };
/** struct radius_msg;
* struct radius_msg - RADIUS message structure for new and parsed messages
*/
struct radius_msg {
/**
* buf - Allocated buffer for RADIUS message
*/
struct wpabuf *buf;
/**
* hdr - Pointer to the RADIUS header in buf
*/
struct radius_hdr *hdr;
/**
* attr_pos - Array of indexes to attributes
*
* The values are number of bytes from buf to the beginning of
* struct radius_attr_hdr.
*/
size_t *attr_pos;
/**
* attr_size - Total size of the attribute pointer array
*/
size_t attr_size;
/**
* attr_used - Total number of attributes in the array
*/
size_t attr_used;
};
/* Default size to be allocated for new RADIUS messages */ /* Default size to be allocated for new RADIUS messages */
#define RADIUS_DEFAULT_MSG_SIZE 1024 #define RADIUS_DEFAULT_MSG_SIZE 1024
@ -220,6 +188,8 @@ struct radius_msg {
/* MAC address ASCII format for non-802.1X use */ /* MAC address ASCII format for non-802.1X use */
#define RADIUS_ADDR_FORMAT "%02x%02x%02x%02x%02x%02x" #define RADIUS_ADDR_FORMAT "%02x%02x%02x%02x%02x%02x"
struct radius_hdr * radius_msg_get_hdr(struct radius_msg *msg);
struct wpabuf * radius_msg_get_buf(struct radius_msg *msg);
struct radius_msg * radius_msg_new(u8 code, u8 identifier); struct radius_msg * radius_msg_new(u8 code, u8 identifier);
void radius_msg_free(struct radius_msg *msg); void radius_msg_free(struct radius_msg *msg);
void radius_msg_dump(struct radius_msg *msg); void radius_msg_dump(struct radius_msg *msg);

View File

@ -330,6 +330,7 @@ static int radius_client_retransmit(struct radius_client_data *radius,
{ {
struct hostapd_radius_servers *conf = radius->conf; struct hostapd_radius_servers *conf = radius->conf;
int s; int s;
struct wpabuf *buf;
if (entry->msg_type == RADIUS_ACCT || if (entry->msg_type == RADIUS_ACCT ||
entry->msg_type == RADIUS_ACCT_INTERIM) { entry->msg_type == RADIUS_ACCT_INTERIM) {
@ -354,11 +355,11 @@ static int radius_client_retransmit(struct radius_client_data *radius,
entry->attempts++; entry->attempts++;
hostapd_logger(radius->ctx, entry->addr, HOSTAPD_MODULE_RADIUS, hostapd_logger(radius->ctx, entry->addr, HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_DEBUG, "Resending RADIUS message (id=%d)", HOSTAPD_LEVEL_DEBUG, "Resending RADIUS message (id=%d)",
entry->msg->hdr->identifier); radius_msg_get_hdr(entry->msg)->identifier);
os_get_time(&entry->last_attempt); os_get_time(&entry->last_attempt);
if (send(s, wpabuf_head(entry->msg->buf), wpabuf_len(entry->msg->buf), buf = radius_msg_get_buf(entry->msg);
0) < 0) if (send(s, wpabuf_head(buf), wpabuf_len(buf), 0) < 0)
radius_client_handle_send_error(radius, s, entry->msg_type); radius_client_handle_send_error(radius, s, entry->msg_type);
entry->next_try = now + entry->next_wait; entry->next_try = now + entry->next_wait;
@ -632,6 +633,7 @@ int radius_client_send(struct radius_client_data *radius,
size_t shared_secret_len; size_t shared_secret_len;
char *name; char *name;
int s, res; int s, res;
struct wpabuf *buf;
if (msg_type == RADIUS_ACCT_INTERIM) { if (msg_type == RADIUS_ACCT_INTERIM) {
/* Remove any pending interim acct update for the same STA. */ /* Remove any pending interim acct update for the same STA. */
@ -674,7 +676,8 @@ int radius_client_send(struct radius_client_data *radius,
if (conf->msg_dumps) if (conf->msg_dumps)
radius_msg_dump(msg); radius_msg_dump(msg);
res = send(s, wpabuf_head(msg->buf), wpabuf_len(msg->buf), 0); buf = radius_msg_get_buf(msg);
res = send(s, wpabuf_head(buf), wpabuf_len(buf), 0);
if (res < 0) if (res < 0)
radius_client_handle_send_error(radius, s, msg_type); radius_client_handle_send_error(radius, s, msg_type);
@ -693,6 +696,7 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
int len, roundtrip; int len, roundtrip;
unsigned char buf[3000]; unsigned char buf[3000];
struct radius_msg *msg; struct radius_msg *msg;
struct radius_hdr *hdr;
struct radius_rx_handler *handlers; struct radius_rx_handler *handlers;
size_t num_handlers, i; size_t num_handlers, i;
struct radius_msg_list *req, *prev_req; struct radius_msg_list *req, *prev_req;
@ -730,13 +734,14 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
rconf->malformed_responses++; rconf->malformed_responses++;
return; return;
} }
hdr = radius_msg_get_hdr(msg);
hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_DEBUG, "Received RADIUS message"); HOSTAPD_LEVEL_DEBUG, "Received RADIUS message");
if (conf->msg_dumps) if (conf->msg_dumps)
radius_msg_dump(msg); radius_msg_dump(msg);
switch (msg->hdr->code) { switch (hdr->code) {
case RADIUS_CODE_ACCESS_ACCEPT: case RADIUS_CODE_ACCESS_ACCEPT:
rconf->access_accepts++; rconf->access_accepts++;
break; break;
@ -759,7 +764,8 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
if ((req->msg_type == msg_type || if ((req->msg_type == msg_type ||
(req->msg_type == RADIUS_ACCT_INTERIM && (req->msg_type == RADIUS_ACCT_INTERIM &&
msg_type == RADIUS_ACCT)) && msg_type == RADIUS_ACCT)) &&
req->msg->hdr->identifier == msg->hdr->identifier) radius_msg_get_hdr(req->msg)->identifier ==
hdr->identifier)
break; break;
prev_req = req; prev_req = req;
@ -771,7 +777,7 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
HOSTAPD_LEVEL_DEBUG, HOSTAPD_LEVEL_DEBUG,
"No matching RADIUS request found (type=%d " "No matching RADIUS request found (type=%d "
"id=%d) - dropping packet", "id=%d) - dropping packet",
msg_type, msg->hdr->identifier); msg_type, hdr->identifier);
goto fail; goto fail;
} }
@ -820,7 +826,7 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
hostapd_logger(radius->ctx, req->addr, HOSTAPD_MODULE_RADIUS, hostapd_logger(radius->ctx, req->addr, HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_DEBUG, "No RADIUS RX handler found " HOSTAPD_LEVEL_DEBUG, "No RADIUS RX handler found "
"(type=%d code=%d id=%d)%s - dropping packet", "(type=%d code=%d id=%d)%s - dropping packet",
msg_type, msg->hdr->code, msg->hdr->identifier, msg_type, hdr->code, hdr->identifier,
invalid_authenticator ? " [INVALID AUTHENTICATOR]" : invalid_authenticator ? " [INVALID AUTHENTICATOR]" :
""); "");
radius_client_msg_free(req); radius_client_msg_free(req);
@ -848,7 +854,7 @@ u8 radius_client_get_id(struct radius_client_data *radius)
entry = radius->msgs; entry = radius->msgs;
prev = NULL; prev = NULL;
while (entry) { while (entry) {
if (entry->msg->hdr->identifier == id) { if (radius_msg_get_hdr(entry->msg)->identifier == id) {
hostapd_logger(radius->ctx, entry->addr, hostapd_logger(radius->ctx, entry->addr,
HOSTAPD_MODULE_RADIUS, HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_DEBUG, HOSTAPD_LEVEL_DEBUG,

View File

@ -527,6 +527,7 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
struct radius_msg *msg; struct radius_msg *msg;
int code; int code;
unsigned int sess_id; unsigned int sess_id;
struct radius_hdr *hdr = radius_msg_get_hdr(request);
if (sess->eap_if->eapFail) { if (sess->eap_if->eapFail) {
sess->eap_if->eapFail = FALSE; sess->eap_if->eapFail = FALSE;
@ -539,7 +540,7 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
code = RADIUS_CODE_ACCESS_CHALLENGE; code = RADIUS_CODE_ACCESS_CHALLENGE;
} }
msg = radius_msg_new(code, request->hdr->identifier); msg = radius_msg_new(code, hdr->identifier);
if (msg == NULL) { if (msg == NULL) {
RADIUS_DEBUG("Failed to allocate reply message"); RADIUS_DEBUG("Failed to allocate reply message");
return NULL; return NULL;
@ -565,7 +566,7 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
} else { } else {
len = sess->eap_if->eapKeyDataLen / 2; len = sess->eap_if->eapKeyDataLen / 2;
} }
if (!radius_msg_add_mppe_keys(msg, request->hdr->authenticator, if (!radius_msg_add_mppe_keys(msg, hdr->authenticator,
(u8 *) client->shared_secret, (u8 *) client->shared_secret,
client->shared_secret_len, client->shared_secret_len,
sess->eap_if->eapKeyData + len, sess->eap_if->eapKeyData + len,
@ -583,7 +584,7 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
if (radius_msg_finish_srv(msg, (u8 *) client->shared_secret, if (radius_msg_finish_srv(msg, (u8 *) client->shared_secret,
client->shared_secret_len, client->shared_secret_len,
request->hdr->authenticator) < 0) { hdr->authenticator) < 0) {
RADIUS_DEBUG("Failed to add Message-Authenticator attribute"); RADIUS_DEBUG("Failed to add Message-Authenticator attribute");
} }
@ -600,12 +601,13 @@ static int radius_server_reject(struct radius_server_data *data,
struct radius_msg *msg; struct radius_msg *msg;
int ret = 0; int ret = 0;
struct eap_hdr eapfail; struct eap_hdr eapfail;
struct wpabuf *buf;
struct radius_hdr *hdr = radius_msg_get_hdr(request);
RADIUS_DEBUG("Reject invalid request from %s:%d", RADIUS_DEBUG("Reject invalid request from %s:%d",
from_addr, from_port); from_addr, from_port);
msg = radius_msg_new(RADIUS_CODE_ACCESS_REJECT, msg = radius_msg_new(RADIUS_CODE_ACCESS_REJECT, hdr->identifier);
request->hdr->identifier);
if (msg == NULL) { if (msg == NULL) {
return -1; return -1;
} }
@ -627,7 +629,8 @@ static int radius_server_reject(struct radius_server_data *data,
if (radius_msg_finish_srv(msg, (u8 *) client->shared_secret, if (radius_msg_finish_srv(msg, (u8 *) client->shared_secret,
client->shared_secret_len, client->shared_secret_len,
request->hdr->authenticator) < 0) { hdr->authenticator) <
0) {
RADIUS_DEBUG("Failed to add Message-Authenticator attribute"); RADIUS_DEBUG("Failed to add Message-Authenticator attribute");
} }
@ -637,8 +640,8 @@ static int radius_server_reject(struct radius_server_data *data,
data->counters.access_rejects++; data->counters.access_rejects++;
client->counters.access_rejects++; client->counters.access_rejects++;
if (sendto(data->auth_sock, wpabuf_head(msg->buf), buf = radius_msg_get_buf(msg);
wpabuf_len(msg->buf), 0, if (sendto(data->auth_sock, wpabuf_head(buf), wpabuf_len(buf), 0,
(struct sockaddr *) from, sizeof(*from)) < 0) { (struct sockaddr *) from, sizeof(*from)) < 0) {
perror("sendto[RADIUS SRV]"); perror("sendto[RADIUS SRV]");
ret = -1; ret = -1;
@ -698,17 +701,18 @@ static int radius_server_request(struct radius_server_data *data,
} }
if (sess->last_from_port == from_port && if (sess->last_from_port == from_port &&
sess->last_identifier == msg->hdr->identifier && sess->last_identifier == radius_msg_get_hdr(msg)->identifier &&
os_memcmp(sess->last_authenticator, msg->hdr->authenticator, 16) == os_memcmp(sess->last_authenticator,
0) { radius_msg_get_hdr(msg)->authenticator, 16) == 0) {
RADIUS_DEBUG("Duplicate message from %s", from_addr); RADIUS_DEBUG("Duplicate message from %s", from_addr);
data->counters.dup_access_requests++; data->counters.dup_access_requests++;
client->counters.dup_access_requests++; client->counters.dup_access_requests++;
if (sess->last_reply) { if (sess->last_reply) {
res = sendto(data->auth_sock, struct wpabuf *buf;
wpabuf_head(sess->last_reply->buf), buf = radius_msg_get_buf(sess->last_reply);
wpabuf_len(sess->last_reply->buf), 0, res = sendto(data->auth_sock, wpabuf_head(buf),
wpabuf_len(buf), 0,
(struct sockaddr *) from, fromlen); (struct sockaddr *) from, fromlen);
if (res < 0) { if (res < 0) {
perror("sendto[RADIUS SRV]"); perror("sendto[RADIUS SRV]");
@ -779,12 +783,15 @@ static int radius_server_request(struct radius_server_data *data,
reply = radius_server_encapsulate_eap(data, client, sess, msg); reply = radius_server_encapsulate_eap(data, client, sess, msg);
if (reply) { if (reply) {
struct wpabuf *buf;
struct radius_hdr *hdr;
RADIUS_DEBUG("Reply to %s:%d", from_addr, from_port); RADIUS_DEBUG("Reply to %s:%d", from_addr, from_port);
if (wpa_debug_level <= MSG_MSGDUMP) { if (wpa_debug_level <= MSG_MSGDUMP) {
radius_msg_dump(reply); radius_msg_dump(reply);
} }
switch (reply->hdr->code) { switch (radius_msg_get_hdr(reply)->code) {
case RADIUS_CODE_ACCESS_ACCEPT: case RADIUS_CODE_ACCESS_ACCEPT:
data->counters.access_accepts++; data->counters.access_accepts++;
client->counters.access_accepts++; client->counters.access_accepts++;
@ -798,8 +805,9 @@ static int radius_server_request(struct radius_server_data *data,
client->counters.access_challenges++; client->counters.access_challenges++;
break; break;
} }
res = sendto(data->auth_sock, wpabuf_head(reply->buf), buf = radius_msg_get_buf(reply);
wpabuf_len(reply->buf), 0, res = sendto(data->auth_sock, wpabuf_head(buf),
wpabuf_len(buf), 0,
(struct sockaddr *) from, fromlen); (struct sockaddr *) from, fromlen);
if (res < 0) { if (res < 0) {
perror("sendto[RADIUS SRV]"); perror("sendto[RADIUS SRV]");
@ -807,9 +815,9 @@ static int radius_server_request(struct radius_server_data *data,
radius_msg_free(sess->last_reply); radius_msg_free(sess->last_reply);
sess->last_reply = reply; sess->last_reply = reply;
sess->last_from_port = from_port; sess->last_from_port = from_port;
sess->last_identifier = msg->hdr->identifier; hdr = radius_msg_get_hdr(msg);
os_memcpy(sess->last_authenticator, msg->hdr->authenticator, sess->last_identifier = hdr->identifier;
16); os_memcpy(sess->last_authenticator, hdr->authenticator, 16);
} else { } else {
data->counters.packets_dropped++; data->counters.packets_dropped++;
client->counters.packets_dropped++; client->counters.packets_dropped++;
@ -908,8 +916,9 @@ static void radius_server_receive_auth(int sock, void *eloop_ctx,
radius_msg_dump(msg); radius_msg_dump(msg);
} }
if (msg->hdr->code != RADIUS_CODE_ACCESS_REQUEST) { if (radius_msg_get_hdr(msg)->code != RADIUS_CODE_ACCESS_REQUEST) {
RADIUS_DEBUG("Unexpected RADIUS code %d", msg->hdr->code); RADIUS_DEBUG("Unexpected RADIUS code %d",
radius_msg_get_hdr(msg)->code);
data->counters.unknown_types++; data->counters.unknown_types++;
client->counters.unknown_types++; client->counters.unknown_types++;
goto fail; goto fail;