From: Alan T. DeKok <aland@freeradius.org>
Date: Wed, 8 Mar 2023 21:38:31 +0000 (-0500)
Subject: more secret checks
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0a56a4d989a73dd72d715b96d817aa20946d9be6;p=thirdparty%2Ffreeradius-server.git

more secret checks
---

diff --git a/src/listen/bfd/proto_bfd.c b/src/listen/bfd/proto_bfd.c
index ede04ea7c66..dfd6d15b29b 100644
--- a/src/listen/bfd/proto_bfd.c
+++ b/src/listen/bfd/proto_bfd.c
@@ -500,6 +500,11 @@ static int mod_bootstrap(module_inst_ctx_t const *mctx)
 				break;
 
 			case BFD_AUTH_SIMPLE:
+				if (!c->secret) {
+					cf_log_err(cs, "A 'secret' must be specified when using 'auth_type = simple'");
+					goto error;
+				}
+
 				if (strlen(c->secret) > 16) {
 					cf_log_err(cs, "Length of 'secret' must be no more than 16 octets for 'auth_type = simple'");
 					goto error;
@@ -510,6 +515,11 @@ static int mod_bootstrap(module_inst_ctx_t const *mctx)
 				 *	Secrets can be any length.
 				 */
 			default:
+				if (!c->secret) {
+					cf_log_err(cs, "A 'secret' must be specified when using 'auth_type = ...'");
+					goto error;
+				}
+
 				break;
 
 			}