From: Alan T. DeKok <aland@freeradius.org>
Date: Mon, 28 Apr 2025 12:05:48 +0000 (-0400)
Subject: don't convert the input key to a string
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3de7f1465d2bf8ec3bdc0198335fc27c819c5424;p=thirdparty%2Ffreeradius-server.git

don't convert the input key to a string

we're hashing it for load-balance purposes.  So we can just hash
the raw data.

and since tmpl_expand() now produces errors, we don't need to
---

diff --git a/src/lib/unlang/load_balance.c b/src/lib/unlang/load_balance.c
index ca18dc0db7..0e907dba4f 100644
--- a/src/lib/unlang/load_balance.c
+++ b/src/lib/unlang/load_balance.c
@@ -127,7 +127,6 @@ static unlang_action_t unlang_load_balance(rlm_rcode_t *p_result, request_t *req
 	if (gext && gext->vpt) {
 		uint32_t hash, start;
 		ssize_t slen;
-		char const *p = NULL;
 		char buffer[1024];
 
 		/*
@@ -169,13 +168,16 @@ static unlang_action_t unlang_load_balance(rlm_rcode_t *p_result, request_t *req
 			}
 
 		} else {
-			slen = tmpl_expand(&p, buffer, sizeof(buffer), request, gext->vpt);
-			if (slen < 0) {
-				REDEBUG("Failed expanding template");
-				goto randomly_choose;
-			}
+			uint8_t *octets = NULL;
+
+			/*
+			 *	If the input is an IP address, prefix, etc., we don't need to convert it to a
+			 *	string.  We can just hash the raw data directly.
+			 */
+			slen = tmpl_expand(&octets, buffer, sizeof(buffer), request, gext->vpt);
+			if (slen <= 0) goto randomly_choose;
 
-			hash = fr_hash(p, slen);
+			hash = fr_hash(octets, slen);
 
 			start = hash % g->num_children;
 		}