Validate an accepted reconfigure key if we don't require authentication.

author Roy Marples <roy@marples.name>

Tue, 11 Mar 2014 09:39:23 +0000 (09:39 +0000)

committer Roy Marples <roy@marples.name>

Tue, 11 Mar 2014 09:39:23 +0000 (09:39 +0000)
author Roy Marples <roy@marples.name>
Tue, 11 Mar 2014 09:39:23 +0000 (09:39 +0000)
committer Roy Marples <roy@marples.name>
Tue, 11 Mar 2014 09:39:23 +0000 (09:39 +0000)
diff --git a/auth.c b/auth.c

index e877be66f40ced6f5b831a214cf23ec615509eda..9aeff931765803b04bcbe12f29400f530bd3ea3b 100644 (file)
--- a/auth.c
+++ b/auth.c
@@ -139,8 +139,14 @@ dhcp_auth_validate(struct authstate *state, const struct auth *auth,
                     algorithm != auth->algorithm ||
                     rdm != auth->rdm)
         {
-               errno = EPERM;
-               return NULL;
+               /* As we don't require authentication, we should still
+                * accept a reconfigure key */
+               if (protocol != AUTH_PROTO_RECONFKEY ||
+                   auth->options & DHCPCD_AUTH_REQUIRE)
+               {
+                       errno = EPERM;
+                       return NULL;
+               }
         }
         dlen -= 3;
author	Roy Marples <roy@marples.name>
	Tue, 11 Mar 2014 09:39:23 +0000 (09:39 +0000)
committer	Roy Marples <roy@marples.name>
	Tue, 11 Mar 2014 09:39:23 +0000 (09:39 +0000)