mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
RADIUS: Support last_msk with EAP-TLS
This extends the last_msk testing functionality in the RADIUS server to work with EAP-TLS based on "cert-<serial_num>" form user names in the database. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
063cbb87a6
commit
7770a9dd6a
@ -826,18 +826,28 @@ static void db_update_last_msk(struct radius_session *sess, const char *msk)
|
||||
char *id_str = NULL;
|
||||
const u8 *id;
|
||||
size_t id_len;
|
||||
const char *serial_num;
|
||||
|
||||
if (!sess->server->db)
|
||||
return;
|
||||
|
||||
id = eap_get_identity(sess->eap, &id_len);
|
||||
if (!id)
|
||||
return;
|
||||
id_str = os_malloc(id_len + 1);
|
||||
if (!id_str)
|
||||
return;
|
||||
os_memcpy(id_str, id, id_len);
|
||||
id_str[id_len] = '\0';
|
||||
serial_num = eap_get_serial_num(sess->eap);
|
||||
if (serial_num) {
|
||||
id_len = 5 + os_strlen(serial_num) + 1;
|
||||
id_str = os_malloc(id_len);
|
||||
if (!id_str)
|
||||
return;
|
||||
os_snprintf(id_str, id_len, "cert-%s", serial_num);
|
||||
} else {
|
||||
id = eap_get_identity(sess->eap, &id_len);
|
||||
if (!id)
|
||||
return;
|
||||
id_str = os_malloc(id_len + 1);
|
||||
if (!id_str)
|
||||
return;
|
||||
os_memcpy(id_str, id, id_len);
|
||||
id_str[id_len] = '\0';
|
||||
}
|
||||
|
||||
sql = sqlite3_mprintf("UPDATE users SET last_msk=%Q WHERE identity=%Q",
|
||||
msk, id_str);
|
||||
|
Loading…
Reference in New Issue
Block a user