# HG changeset patch
# User Sebastien Decugis <sdecugis@nict.go.jp>
# Date 1278492798 -32400
# Node ID 8e26b203e3cb70ed2bbed97dcd04b8fa4caf2636
# Parent  fb9ed45f92178e51e73c622df9594b692ba519fd
Fix issue for buggy RADIUS routeurs that use the same identifier again and again

diff -r fb9ed45f9217 -r 8e26b203e3cb extensions/app_radgw/rgw_clients.c
--- a/extensions/app_radgw/rgw_clients.c	Wed Jul 07 16:52:17 2010 +0900
+++ b/extensions/app_radgw/rgw_clients.c	Wed Jul 07 17:53:18 2010 +0900
@@ -80,6 +80,7 @@
 	struct {
 		uint16_t		port;
 		uint8_t			id;
+		uint8_t			auth[16]; /* we also compare the request authenticator to avoid buggy NASes */
 		struct radius_msg * 	ans; /* to be able to resend a lost answer */
 	} last[2]; /*[0] for auth, [1] for acct. */
 };
@@ -250,7 +251,9 @@
 	else
 		idx = 1;
 	
-	if ((cli->last[idx].id == (*msg)->radius.hdr->identifier) && (cli->last[idx].port == (*msg)->port)) {
+	if ((cli->last[idx].id == (*msg)->radius.hdr->identifier) 
+	 && (cli->last[idx].port == (*msg)->port) 
+	 && !memcmp(&cli->last[idx].auth[0], &(*msg)->radius.hdr->authenticator[0], 16)) {
 		/* Duplicate! */
 		TRACE_DEBUG(INFO, "Received duplicated RADIUS message (id: %02hhx, port: %hu).", (*msg)->radius.hdr->identifier, ntohs((*msg)->port));
 		if (cli->last[idx].ans) {
@@ -265,11 +268,13 @@
 			ASSERT(cli->last[idx].ans == NULL);
 			cli->last[idx].id = (*msg)->radius.hdr->identifier;
 			cli->last[idx].port = (*msg)->port;
+			memcpy(&cli->last[idx].auth[0], &(*msg)->radius.hdr->authenticator[0], 16);
 		} else { 
 			/* We have got previous message(s), update the info only if answered already */
 			if (cli->last[idx].ans) {
 				cli->last[idx].id = (*msg)->radius.hdr->identifier;
 				cli->last[idx].port = (*msg)->port;
+				memcpy(&cli->last[idx].auth[0], &(*msg)->radius.hdr->authenticator[0], 16);
 				/* Free the previous answer */
 				radius_msg_free(cli->last[idx].ans);
 				free(cli->last[idx].ans);