From: Nick Porter <nick@portercomputing.co.uk>
Date: Tue, 22 Jul 2025 13:30:45 +0000 (+0100)
Subject: Compare received session ID to the one sent
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=701e5e2a088ffae5e4c940f6fb6d9a3f2d954a53;p=thirdparty%2Ffreeradius-server.git

Compare received session ID to the one sent

h->session_id is only used if the packet did not contain a
Packet->Session-Id attribute.
---

diff --git a/src/modules/rlm_tacacs/rlm_tacacs_tcp.c b/src/modules/rlm_tacacs/rlm_tacacs_tcp.c
index a6512ce0ca..3a90b66b60 100644
--- a/src/modules/rlm_tacacs/rlm_tacacs_tcp.c
+++ b/src/modules/rlm_tacacs/rlm_tacacs_tcp.c
@@ -552,11 +552,11 @@ static ssize_t decode(TALLOC_CTX *ctx, fr_pair_list_t *reply, uint8_t *response_
 	*response_code = 0;	/* Initialise to keep the rest of the code happy */
 
 	/*
-	 *	Check the session ID here, because we've lost the original packet.
+	 *	Check the session ID.
 	 */
-	if (h->session_id != fr_nbo_to_uint32(data + 4)) {
+	if (memcmp(data + 4, req->packet + 4, 4) != 0) {
 		REDEBUG("Session ID %08x does not match expected number %08x",
-			fr_nbo_to_uint32(data + 4), h->session_id);
+			fr_nbo_to_uint32(data + 4), fr_nbo_to_uint32(req->packet + 4));
 	}
 
 	/*