as draft-ietf-radext-deprecating-radius-02 suggests.
-/* $OpenBSD: radius_attr.c,v 1.2 2023/07/08 08:53:26 yasuoka Exp $ */
+/* $OpenBSD: radius_attr.c,v 1.3 2024/07/24 08:19:16 yasuoka Exp $ */
/*-
* Copyright (c) 2009 Internet Initiative Japan Inc.
return (0);
}
+int
+radius_unshift_raw_attr(RADIUS_PACKET * packet, uint8_t type, const void *buf,
+ size_t length)
+{
+ RADIUS_ATTRIBUTE *newattr;
+
+ if (length > 255 - 2)
+ return (-1);
+
+ if (radius_ensure_add_capacity(packet, length + 2) != 0)
+ return (-1);
+
+ memmove(packet->pdata->attributes + length + 2,
+ packet->pdata->attributes,
+ radius_get_length(packet) - sizeof(RADIUS_PACKET_DATA));
+
+ newattr = ATTRS_BEGIN(packet->pdata);
+ newattr->type = type;
+ newattr->length = length + 2;
+ memcpy(newattr->data, buf, length);
+ packet->pdata->length = htons(radius_get_length(packet) + length + 2);
+
+ return (0);
+}
+
int
radius_put_vs_raw_attr(RADIUS_PACKET * packet, uint32_t vendor, uint8_t vtype,
const void *buf, size_t length)
-/* $OpenBSD: radius_local.h,v 1.1 2015/07/20 23:52:29 yasuoka Exp $ */
+/* $OpenBSD: radius_local.h,v 1.2 2024/07/24 08:19:16 yasuoka Exp $ */
/*-
* Copyright (c) 2009 Internet Initiative Japan Inc.
#define ATTRS_ADVANCE(x) (x = ATTRS_NEXT(x))
int radius_ensure_add_capacity(RADIUS_PACKET * packet, size_t capacity);
+int radius_unshift_raw_attr(RADIUS_PACKET * packet, uint8_t type,
+ const void *buf, size_t length);
#define ROUNDUP(a, b) ((((a) + (b) - 1) / (b)) * (b))
#define MINIMUM(a, b) (((a) < (b))? (a) : (b))
-/* $OpenBSD: radius_msgauth.c,v 1.2 2021/12/16 17:32:51 tb Exp $ */
+/* $OpenBSD: radius_msgauth.c,v 1.3 2024/07/24 08:19:16 yasuoka Exp $ */
/*-
* Copyright (c) 2009 Internet Initiative Japan Inc.
* because content of Message-Authenticator attribute is assumed zero
* during calculation.
*/
- if (radius_put_raw_attr(packet, RADIUS_TYPE_MESSAGE_AUTHENTICATOR,
- ma, sizeof(ma)) != 0)
+ if (radius_unshift_raw_attr(packet, RADIUS_TYPE_MESSAGE_AUTHENTICATOR,
+ ma, sizeof(ma)) != 0)
return (-1);
return (radius_set_message_authenticator(packet, secret));
-.\" $OpenBSD: radius_new_request_packet.3,v 1.6 2022/09/11 06:38:11 jmc Exp $
+.\" $OpenBSD: radius_new_request_packet.3,v 1.7 2024/07/24 08:19:16 yasuoka Exp $
.\"
.\" Copyright (c) 2009 Internet Initiative Japan Inc.
.\" All rights reserved.
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd $Mdocdate: September 11 2022 $
+.Dd $Mdocdate: July 24 2024 $
.Dt RADIUS_NEW_REQUEST_PACKET 3
.Os
.Sh NAME
and
.Fn radius_set_message_authenticator
calculate a Message-Authenticator and put or set it to packet, respectively.
+When
+.Fn radius_put_message_authenticator
+is used,
+the Message-Authenticator attribute is placed at the first in the attributes.
.Pp
.Fn radius_check_message_authenticator
checks a Message-Authenticator.
.Sh HISTORY
The
.Nm radius+
-library was first written by UMEZAWA Takeshi in 2002 for the ID gateway service
-of Internet Initiative Japan.
-YASUOKA Masahiko added support for Message-Authentication attributes in 2008.
+library was first written by UMEZAWA Takeshi in 2002 for the ID Gateway service
+of Internet Initiative Japan Inc.
+YASUOKA Masahiko added support for Message-Authenticator attributes in 2008.
.Ox
project rewrote C++ code to pure C code in 2010.
The
projects / openbsd / commitdiff