From: Alan T. DeKok <aland@freeradius.org>
Date: Wed, 10 Jun 2026 08:25:55 +0000 (+0300)
Subject: return underlying error rather than over-writing it
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1ec2a04bae122bcdef80c665e852f93ccbe807cf;p=thirdparty%2Ffreeradius-server.git

return underlying error rather than over-writing it
---

diff --git a/src/protocols/radius/encode.c b/src/protocols/radius/encode.c
index fb6af876afd..1cf5e464993 100644
--- a/src/protocols/radius/encode.c
+++ b/src/protocols/radius/encode.c
@@ -565,10 +565,7 @@ static ssize_t encode_value(fr_dbuff_t *dbuff,
 		}
 
 		slen = encode_tunnel_password(&work_dbuff, &value_start, fr_dbuff_used(&value_dbuff), packet_ctx);
-		if (slen < 0) {
-			fr_strerror_printf("%s too long", vp->da->name);
-			return slen;
-		}
+		if (slen < 0) return slen;
 
 		encrypted = true;
 		break;
diff --git a/src/tests/unit/protocols/radius/tunnel.txt b/src/tests/unit/protocols/radius/tunnel.txt
index 9f4b574ddb1..e996bb9279d 100644
--- a/src/tests/unit/protocols/radius/tunnel.txt
+++ b/src/tests/unit/protocols/radius/tunnel.txt
@@ -96,7 +96,7 @@ match Tunnel-Password = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 #  250 octets is not OK.
 #
 encode-pair Tunnel-Password = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx123456789a"
-match Tunnel-Password too long
+match Input password is too large for tunnel password encoding
 
 returned
 match -253