Navigation


Changeset 395:8e26b203e3cb in freeDiameter


Ignore:
Timestamp:
Jul 7, 2010, 5:53:18 PM (14 years ago)
Author:
Sebastien Decugis <sdecugis@nict.go.jp>
Branch:
default
Phase:
public
Message:

Fix issue for buggy RADIUS routeurs that use the same identifier again and again

File:
1 edited

Legend:

Unmodified
Added
Removed
  • extensions/app_radgw/rgw_clients.c

    r278 r395  
    8181                uint16_t                port;
    8282                uint8_t                 id;
     83                uint8_t                 auth[16]; /* we also compare the request authenticator to avoid buggy NASes */
    8384                struct radius_msg *     ans; /* to be able to resend a lost answer */
    8485        } last[2]; /*[0] for auth, [1] for acct. */
     
    251252                idx = 1;
    252253       
    253         if ((cli->last[idx].id == (*msg)->radius.hdr->identifier) && (cli->last[idx].port == (*msg)->port)) {
     254        if ((cli->last[idx].id == (*msg)->radius.hdr->identifier)
     255         && (cli->last[idx].port == (*msg)->port)
     256         && !memcmp(&cli->last[idx].auth[0], &(*msg)->radius.hdr->authenticator[0], 16)) {
    254257                /* Duplicate! */
    255258                TRACE_DEBUG(INFO, "Received duplicated RADIUS message (id: %02hhx, port: %hu).", (*msg)->radius.hdr->identifier, ntohs((*msg)->port));
     
    266269                        cli->last[idx].id = (*msg)->radius.hdr->identifier;
    267270                        cli->last[idx].port = (*msg)->port;
     271                        memcpy(&cli->last[idx].auth[0], &(*msg)->radius.hdr->authenticator[0], 16);
    268272                } else {
    269273                        /* We have got previous message(s), update the info only if answered already */
     
    271275                                cli->last[idx].id = (*msg)->radius.hdr->identifier;
    272276                                cli->last[idx].port = (*msg)->port;
     277                                memcpy(&cli->last[idx].auth[0], &(*msg)->radius.hdr->authenticator[0], 16);
    273278                                /* Free the previous answer */
    274279                                radius_msg_free(cli->last[idx].ans);
Note: See TracChangeset for help on using the changeset viewer.