From cecc3c2356c0e2ae40d6744575ecc0a452fb00a2 Mon Sep 17 00:00:00 2001
From: "Alan T. DeKok" <aland@freeradius.org>
Date: Fri, 20 Jul 2012 21:03:18 -0400
Subject: [PATCH] Completely decode Vendor-Specific inside of Diameter AVPs

---
 src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c | 40 +++++++++++++++++++
 1 file changed, 40 insertions(+)

diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
index 65d23174997..6402bd65110 100644
--- a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
+++ b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
@@ -212,9 +212,49 @@ static VALUE_PAIR *diameter2vp(REQUEST *request, SSL *ssl,
 			goto next_attr;
 		}
 
+		/*
+		 *	RADIUS VSAs are handled as Diameter attributes
+		 *	with Vendor-Id == 0, and the VSA data packed
+		 *	into the "String" field as per normal.
+		 *
+		 *	EXCEPT for the MS-CHAP attributes.
+		 */
+		if ((vendor == 0) && (attr == PW_VENDOR_SPECIFIC)) {
+			ssize_t decoded;
+			uint8_t buffer[256];
+
+			buffer[0] = PW_VENDOR_SPECIFIC;
+			buffer[1] = size + 2;
+			memcpy(buffer + 2, data, size);
+
+			vp = NULL;
+			decoded = rad_attr2vp_vsa(NULL, NULL, NULL,
+						  buffer, size + 2, &vp);
+			if (decoded < 0) {
+				RDEBUG2("ERROR: diameter2vp failed decoding attr: %s",
+					fr_strerror());
+				goto do_octets;
+			}
+
+			if ((size_t) decoded != size + 2) {
+				RDEBUG2("ERROR: diameter2vp failed to entirely decode VSA");
+				pairfree(&vp);
+				goto do_octets;
+			}
+
+			*last = vp;
+			do {
+				last = &(vp->next);
+				vp = vp->next;
+			} while (vp != NULL);
+
+			goto next_attr;
+		}
+
 		/*
 		 *	Create it.  If this fails, it's because we're OOM.
 		 */
+	do_octets:
 		vp = paircreate(attr, vendor, PW_TYPE_OCTETS);
 		if (!vp) {
 			RDEBUG2("Failure in creating VP");
-- 
2.47.3