coa->home_server may be NULL. Fixes #4929

It's not clear _why_ home_server==NULL.  Nothing resets it.
And it should only be NULL if the CoA packet is sent through a
virtual home server

diff --git a/src/main/process.c b/src/main/process.c
index be2211f7481b971079734a7fee109483a8d8f507..80f91aa5db63e840611862c05c6ef7dda9e10f4c 100644 (file)
--- a/src/main/process.c
+++ b/src/main/process.c
@@ -2784,11 +2784,17 @@ int request_proxy_reply(RADIUS_PACKET *packet)
         *      ignore it.  This does the MD5 calculations in the
         *      server core, but I guess we can fix that later.
         */
-       if (!request->proxy_reply &&
-           (rad_verify(packet, request->proxy,
-                       request->home_server->secret) != 0)) {
-               DEBUG("Ignoring spoofed proxy reply.  Signature is invalid");
-               return 0;
+       if (!request->proxy_reply) {
+               if (!request->home_server) {
+                       proxy_reply_too_late(request);
+                       return 0;
+               }
+
+               if (rad_verify(packet, request->proxy,
+                              request->home_server->secret) != 0) {
+                       DEBUG("Ignoring spoofed proxy reply.  Signature is invalid");
+                       return 0;
+               }
        }
 
        /*