From: Alan T. DeKok Date: Thu, 30 Jul 2015 18:35:48 +0000 (+0200) Subject: Tests for Tunnel-Password X-Git-Tag: release_3_0_10~273 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f99aaa25a13d93baed08ff3773b586e960642ed9;p=thirdparty%2Ffreeradius-server.git Tests for Tunnel-Password And a fix for when it would encode passwords with the wrong length --- diff --git a/src/lib/radius.c b/src/lib/radius.c index a2c5ec3c438..a7de70c5c69 100644 --- a/src/lib/radius.c +++ b/src/lib/radius.c @@ -972,13 +972,15 @@ static ssize_t vp2data_any(RADIUS_PACKET const *packet, make_tunnel_passwd(ptr + lvalue, &len, data, len, room - lvalue, secret, original->vector); + len += lvalue; break; case PW_CODE_ACCOUNTING_REQUEST: case PW_CODE_DISCONNECT_REQUEST: case PW_CODE_COA_REQUEST: ptr[0] = TAG_VALID(vp->tag) ? vp->tag : TAG_NONE; - make_tunnel_passwd(ptr + 1, &len, data, len - 1, room, + make_tunnel_passwd(ptr + 1, &len, data, len, room - 1, secret, packet->vector); + len += lvalue; break; } break; diff --git a/src/tests/unit/rfc.txt b/src/tests/unit/rfc.txt index e8c37b9d3c3..d89b1742c45 100644 --- a/src/tests/unit/rfc.txt +++ b/src/tests/unit/rfc.txt @@ -135,6 +135,7 @@ data Framed-IPv6-Prefix = 11:22:33:44:55:66:77:88/128 attribute Framed-IPv6-Prefix = * data Framed-IPv6-Prefix = ::/128 +$INCLUDE tunnel.txt $INCLUDE errors.txt $INCLUDE extended.txt $INCLUDE lucent.txt diff --git a/src/tests/unit/tunnel.txt b/src/tests/unit/tunnel.txt new file mode 100644 index 00000000000..6b8cc2533b7 --- /dev/null +++ b/src/tests/unit/tunnel.txt @@ -0,0 +1,71 @@ +# +# We can't look at the data here, because the encoded Tunnel-Password has a 2 byte +# random salt +# +encode Tunnel-Password:0 = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxabc" +decode - +data Tunnel-Password:0 = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxabc" + +encode Tunnel-Password:0 = "0" +decode - +data Tunnel-Password:0 = "0" + +encode Tunnel-Password:0 = "01" +decode - +data Tunnel-Password:0 = "01" + +encode Tunnel-Password:0 = "012" +decode - +data Tunnel-Password:0 = "012" + +encode Tunnel-Password:0 = "0123" +decode - +data Tunnel-Password:0 = "0123" + +encode Tunnel-Password:0 = "01234" +decode - +data Tunnel-Password:0 = "01234" + +encode Tunnel-Password:0 = "012345" +decode - +data Tunnel-Password:0 = "012345" + +encode Tunnel-Password:0 = "0123456" +decode - +data Tunnel-Password:0 = "0123456" + +encode Tunnel-Password:0 = "01234567" +decode - +data Tunnel-Password:0 = "01234567" + +encode Tunnel-Password:0 = "012345678" +decode - +data Tunnel-Password:0 = "012345678" + +encode Tunnel-Password:0 = "0123456789" +decode - +data Tunnel-Password:0 = "0123456789" + +encode Tunnel-Password:0 = "0123456789a" +decode - +data Tunnel-Password:0 = "0123456789a" + +encode Tunnel-Password:0 = "0123456789ab" +decode - +data Tunnel-Password:0 = "0123456789ab" + +encode Tunnel-Password:0 = "0123456789abc" +decode - +data Tunnel-Password:0 = "0123456789abc" + +encode Tunnel-Password:0 = "0123456789abcd" +decode - +data Tunnel-Password:0 = "0123456789abcd" + +encode Tunnel-Password:0 = "0123456789abcde" +decode - +data Tunnel-Password:0 = "0123456789abcde" + +encode Tunnel-Password:0 = "0123456789abcdef" +decode - +data Tunnel-Password:0 = "0123456789abcdef"