From: Terry Burton Date: Thu, 26 Jan 2023 14:05:46 +0000 (+0000) Subject: pap: Hoist &control:User-Password check so that it can be found (#4866) X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9b04a3285561185b670b27d4ed691bd50eb87fe6;p=thirdparty%2Ffreeradius-server.git pap: Hoist &control:User-Password check so that it can be found (#4866) Since loop is rooted at &Password. --- diff --git a/src/lib/server/password.c b/src/lib/server/password.c index 3ca87943e14..5a33cc4b7fc 100644 --- a/src/lib/server/password.c +++ b/src/lib/server/password.c @@ -964,6 +964,15 @@ fr_pair_t *password_find(bool *ephemeral, TALLOC_CTX *ctx, request_t *request, fr_dcursor_t cursor; fr_pair_t *known_good; + if (fr_pair_find_by_da(&request->control_pairs, NULL, attr_user) != NULL) { + RWDEBUG("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"); + RWDEBUG("!!! Ignoring control.User-Password. Update your !!!"); + RWDEBUG("!!! configuration so that the \"known good\" clear text !!!"); + RWDEBUG("!!! password is in Password.Cleartext and NOT in !!!"); + RWDEBUG("!!! User-Password. !!!"); + RWDEBUG("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"); + } + for (known_good = fr_pair_dcursor_by_ancestor_init(&cursor, &request->control_pairs, attr_root); known_good; known_good = fr_dcursor_next(&cursor)) { @@ -971,16 +980,6 @@ fr_pair_t *password_find(bool *ephemeral, TALLOC_CTX *ctx, request_t *request, fr_pair_t *out; size_t i; - if (known_good->da == attr_user) { - RWDEBUG("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"); - RWDEBUG("!!! Ignoring control.User-Password. Update your !!!"); - RWDEBUG("!!! configuration so that the \"known good\" clear text !!!"); - RWDEBUG("!!! password is in Password.Cleartext and NOT in !!!"); - RWDEBUG("!!! User-Password. !!!"); - RWDEBUG("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"); - continue; - } - if (known_good->da->attr >= NUM_ELEMENTS(password_info)) continue; info = &password_info[known_good->da->attr];