From: Alan T. DeKok <aland@freeradius.org>
Date: Thu, 4 Jul 2024 19:52:10 +0000 (-0400)
Subject: typos and clarifications
X-Git-Tag: release_3_0_27~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0aada8c9b784ae6ee995565ffff4233c4eee1671;p=thirdparty%2Ffreeradius-server.git

typos and clarifications
---

diff --git a/src/main/listen.c b/src/main/listen.c
index 2a8c7ecac5..6429bc7384 100644
--- a/src/main/listen.c
+++ b/src/main/listen.c
@@ -513,7 +513,7 @@ static void blastradius_checks(RADIUS_PACKET *packet, RADCLIENT *client)
 			ERROR("Setting \"require_message_authenticator = false\" for client %s", client->shortname);
 			ERROR("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
 			ERROR("UPGRADE THE CLIENT AS YOUR NETWORK IS VULNERABLE TO THE BLASTRADIUS ATTACK.");
-			ERROR("Once the client is upgraded, set \"require_message_authenticator = true\" for this client.");
+			ERROR("Once the client is upgraded, set \"require_message_authenticator = true\" for  client %s", client->shortname);
 			ERROR("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
 			client->require_ma = FR_BOOL_FALSE;
 
@@ -538,8 +538,8 @@ static void blastradius_checks(RADIUS_PACKET *packet, RADCLIENT *client)
 			ERROR("BlastRADIUS check: Received packet with Message-Authenticator.");
 			ERROR("Setting \"require_message_authenticator = true\" for client %s", client->shortname);
 			ERROR("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
-			ERROR("It looks like the client has been uppdated to protect from the BlastRADIUS attack.");
-			ERROR("Please set \"require_message_authenticator = true\" for this client.");
+			ERROR("It looks like the client has been updated to protect from the BlastRADIUS attack.");
+			ERROR("Please set \"require_message_authenticator = true\" for client %s", client->shortname);
 			ERROR("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
 
 			client->require_ma = FR_BOOL_TRUE;
@@ -566,7 +566,7 @@ static void blastradius_checks(RADIUS_PACKET *packet, RADCLIENT *client)
 		DEBUG("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
 		DEBUG("The packet does not contain Message-Authenticator, which is a security issue");
 		DEBUG("UPGRADE THE CLIENT AS YOUR NETWORK IS VULNERABLE TO THE BLASTRADIUS ATTACK.");
-		DEBUG("Once the client is upgraded, set \"require_message_authenticator = true\" for this client.");
+		DEBUG("Once the client is upgraded, set \"require_message_authenticator = true\" for client %s", client->shortname);
 		DEBUG("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
 		return;
 	}
@@ -588,7 +588,7 @@ static void blastradius_checks(RADIUS_PACKET *packet, RADCLIENT *client)
 		ERROR("Setting \"limit_proxy_state = false\" for client %s", client->shortname);
 		ERROR("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
 		ERROR("UPGRADE THE CLIENT AS YOUR NETWORK IS VULNERABLE TO THE BLASTRADIUS ATTACK.");
-		ERROR("Once the client is upgraded, set \"require_message_authenticator = true\" for this client.");
+		ERROR("Once the client is upgraded, set \"require_message_authenticator = true\" for client %s", client->shortname);
 		ERROR("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
 
 		client->limit_proxy_state = FR_BOOL_FALSE;
@@ -609,11 +609,11 @@ static void blastradius_checks(RADIUS_PACKET *packet, RADCLIENT *client)
 		if (!packet->message_authenticator) {
 			ERROR("The packet does not contain Message-Authenticator, which is a security issue.");
 			ERROR("UPGRADE THE CLIENT AS YOUR NETWORK MAY BE VULNERABLE TO THE BLASTRADIUS ATTACK.");
-			ERROR("Once the client is upgraded, set \"require_message_authenticator = true\" for this client.");
+			ERROR("Once the client is upgraded, set \"require_message_authenticator = true\" for client %s", client->shortname);
 		} else {
 			ERROR("The packet contains Message-Authenticator.");
 			if (!packet->eap_message) ERROR("The client has likely been upgraded to protect from the attack.");
-			ERROR("Please set \"require_message_authenticator = true\" for this client");
+			ERROR("Please set \"require_message_authenticator = true\" for client %s", client->shortname);
 		}
 		ERROR("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
 	}
diff --git a/src/main/process.c b/src/main/process.c
index 9db24e31e7..2d20ebf552 100644
--- a/src/main/process.c
+++ b/src/main/process.c
@@ -2743,7 +2743,7 @@ int request_proxy_reply(RADIUS_PACKET *packet)
 					RERROR("Setting \"require_message_authenticator = false\" for home_server %s", request->home_server->name);
 					RERROR("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
 					RERROR("UPGRADE THE HOME SERVER AS YOUR NETWORK IS VULNERABLE TO THE BLASTRADIUS ATTACK.");
-					RERROR("Once the home_server is upgraded, set \"require_message_authenticator = true\" for this home_server.");
+					RERROR("Once the home_server is upgraded, set \"require_message_authenticator = true\" for home_server %s.", request->home_server->name);
 					RERROR("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
 
 					request->home_server->require_ma = FR_BOOL_FALSE;
@@ -2752,8 +2752,8 @@ int request_proxy_reply(RADIUS_PACKET *packet)
 					RERROR("BlastRADIUS check: Received response to Access-Request with Message-Authenticator.");
 					RERROR("Setting \"require_message_authenticator = true\" for home_server %s", request->home_server->name);
 					RERROR("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
-					RERROR("It looks like the home server has been uppdated to protect from the BlastRADIUS attack.");
-					RERROR("Please set \"require_message_authenticator = true\" for this home_server.");
+					RERROR("It looks like the home server has been updated to protect from the BlastRADIUS attack.");
+					RERROR("Please set \"require_message_authenticator = true\" for home_server %s", request->home_server->name);
 					RERROR("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
 
 					request->home_server->require_ma = FR_BOOL_TRUE;
@@ -2768,7 +2768,7 @@ int request_proxy_reply(RADIUS_PACKET *packet)
 				RDEBUG("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
 				RDEBUG("The packet does not contain Message-Authenticator, which is a security issue");
 				RDEBUG("UPGRADE THE HOME SERVER AS YOUR NETWORK IS VULNERABLE TO THE BLASTRADIUS ATTACK.");
-				RDEBUG("Once the home server is upgraded, set \"require_message_authenticator = true\" for this home_server.");
+				RDEBUG("Once the home server is upgraded, set \"require_message_authenticator = true\" for home_server %s", request->home_server->name);
 				RDEBUG("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
 			}
 		}