From: Alan T. DeKok <aland@freeradius.org>
Date: Wed, 8 Mar 2023 21:14:00 +0000 (-0500)
Subject: only set secret_len if there's a secret
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=de15cbbf4041089f3a7d5ff84466d277dcc41332;p=thirdparty%2Ffreeradius-server.git

only set secret_len if there's a secret

and secrets may be binary blobs
---

diff --git a/src/listen/bfd/proto_bfd.c b/src/listen/bfd/proto_bfd.c
index 19b75704fbe..ede04ea7c66 100644
--- a/src/listen/bfd/proto_bfd.c
+++ b/src/listen/bfd/proto_bfd.c
@@ -485,11 +485,14 @@ static int mod_bootstrap(module_inst_ctx_t const *mctx)
 			/*
 			 *	Secret and auth_type handling.
 			 */
-			if (c->secret && !*c->secret) {
-				cf_log_err(cs, "Secret cannot be an empty string");
-				goto error;
+			if (c->secret) {
+				if (!*c->secret) {
+					cf_log_err(cs, "Secret cannot be an empty string");
+					goto error;
+				}
+
+				peer->secret_len = talloc_array_length(c->secret) - 1;
 			}
-			peer->secret_len = strlen(c->secret);
 
 			switch (peer->auth_type) {
 			case BFD_AUTH_RESERVED: