RADIUS server: Place Message-Authenticator attribute as the first one

author Jouni Malinen <j@w1.fi>

Sat, 16 Mar 2024 09:13:32 +0000 (11:13 +0200)

committer Jouni Malinen <j@w1.fi>

Tue, 9 Jul 2024 11:58:39 +0000 (14:58 +0300)
author Jouni Malinen <j@w1.fi>
Sat, 16 Mar 2024 09:13:32 +0000 (11:13 +0200)
committer Jouni Malinen <j@w1.fi>
Tue, 9 Jul 2024 11:58:39 +0000 (14:58 +0300)
diff --git a/src/radius/radius_server.c b/src/radius/radius_server.c

index e02c21540f5dc146c53216670eb59603259b8ab8..fa36915489cbb1306206c09ba25919d29e83d83f 100644 (file)
--- a/src/radius/radius_server.c
+++ b/src/radius/radius_server.c
@@ -920,6 +920,11 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
                 return NULL;
         }
  
+       if (!radius_msg_add_msg_auth(msg)) {
+               radius_msg_free(msg);
+               return NULL;
+       }
+
         sess_id = htonl(sess->sess_id);
         if (code == RADIUS_CODE_ACCESS_CHALLENGE &&
             !radius_msg_add_attr(msg, RADIUS_ATTR_STATE,
@@ -1204,6 +1209,11 @@ radius_server_macacl(struct radius_server_data *data,
                 return NULL;
         }
  
+       if (!radius_msg_add_msg_auth(msg)) {
+               radius_msg_free(msg);
+               return NULL;
+       }
+
         if (radius_msg_copy_attr(msg, request, RADIUS_ATTR_PROXY_STATE) < 0) {
                 RADIUS_DEBUG("Failed to copy Proxy-State attribute(s)");
                 radius_msg_free(msg);
@@ -1253,6 +1263,11 @@ static int radius_server_reject(struct radius_server_data *data,
                 return -1;
         }
  
+       if (!radius_msg_add_msg_auth(msg)) {
+               radius_msg_free(msg);
+               return -1;
+       }
+
         os_memset(&eapfail, 0, sizeof(eapfail));
         eapfail.code = EAP_CODE_FAILURE;
         eapfail.identifier = 0;
author	Jouni Malinen <j@w1.fi>
	Sat, 16 Mar 2024 09:13:32 +0000 (11:13 +0200)
committer	Jouni Malinen <j@w1.fi>
	Tue, 9 Jul 2024 11:58:39 +0000 (14:58 +0300)