]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: da0f062)
better handle re-enabling connection are TLS connection check
authorAlan T. DeKok <aland@freeradius.org>
Fri, 12 Apr 2024 16:04:01 +0000 (12:04 -0400)
committerAlan T. DeKok <aland@freeradius.org>
Fri, 12 Apr 2024 16:04:01 +0000 (12:04 -0400)
src/main/listen.c patch | blob | blame | history
src/main/tls_listen.c patch | blob | blame | history

diff --git a/src/main/listen.c b/src/main/listen.c
index 8a0bff5ebf47e38f755c2b91d95e6f0faf1d57ec..c7617010b04710d6a822e400fe48d24e0fc860bc 100644 (file)
--- a/src/main/listen.c
+++ b/src/main/listen.c
@@ -385,6 +385,7 @@ int rad_status_server(REQUEST *request)
                if (sock->state == LISTEN_TLS_CHECKING) {
                        int autz_type = PW_AUTZ_TYPE;
                        char const *name = "Autz-Type";
+                       rad_listen_t *listener = request->listener;
 
                        if (request->listener->type == RAD_LISTEN_ACCT) {
                                autz_type = PW_ACCT_TYPE;
@@ -404,11 +405,22 @@ int rad_status_server(REQUEST *request)
                        if ((rcode == RLM_MODULE_OK) || (rcode == RLM_MODULE_UPDATED)) {
                                RDEBUG("(TLS) Connection is authorized");
                                request->reply->code = PW_CODE_ACCESS_ACCEPT;
+
+                               listener->status = RAD_LISTEN_STATUS_RESUME;
+
+                               rad_assert(sock->request->packet != request->packet);
+
+                               sock->state = LISTEN_TLS_SETUP;
+
                        } else {
                                RWDEBUG("(TLS) Connection is not authorized - closing TCP socket.");
                                request->reply->code = PW_CODE_ACCESS_REJECT;
+
+                               listener->status = RAD_LISTEN_STATUS_EOL;
+                               listener->tls = NULL; /* parent owns this! */
                        }
 
+                       radius_update_listener(listener);
                        return 0;
                }
        }
diff --git a/src/main/tls_listen.c b/src/main/tls_listen.c
index 41c1b2b92069c92b9f67352d79feb1eb17623538..351cbf1297879b2abca45f789300ef57011fced8 100644 (file)
--- a/src/main/tls_listen.c
+++ b/src/main/tls_listen.c
@@ -580,6 +580,7 @@ check_for_setup:
                 *      or any other contents.
                 */
                request->packet->code = PW_CODE_STATUS_SERVER;
+               request->packet->id = request->reply->id = 0;
                request->packet->data = talloc_zero_array(request->packet, uint8_t, 20);
                request->packet->data[0] = PW_CODE_STATUS_SERVER;
                request->packet->data[3] = 20;
Mirror of https://github.com/FreeRADIUS/freeradius-server.git