diff --git a/lib/libradius/Makefile b/lib/libradius/Makefile index acc3fa3e3220..ec8bdf72fe06 100644 --- a/lib/libradius/Makefile +++ b/lib/libradius/Makefile @@ -35,7 +35,7 @@ MAN3+= libradius.3 MAN5+= radius.conf.5 beforeinstall: - ${INSTALL} ${COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \ + ${INSTALL} -C -o ${BINOWN} -g ${BINGRP} -m 444 \ ${.CURDIR}/radlib.h ${DESTDIR}/usr/include .include diff --git a/lib/libradius/radlib.c b/lib/libradius/radlib.c index 2825c3dae786..4537373e1108 100644 --- a/lib/libradius/radlib.c +++ b/lib/libradius/radlib.c @@ -472,6 +472,7 @@ rad_open(void) memset(h->pass, 0, sizeof h->pass); h->pass_len = 0; h->pass_pos = 0; + h->chap_pass = 0; } return h; } @@ -485,9 +486,17 @@ rad_put_addr(struct rad_handle *h, int type, struct in_addr addr) int rad_put_attr(struct rad_handle *h, int type, const void *value, size_t len) { - return type == RAD_USER_PASSWORD ? - put_password_attr(h, type, value, len) : - put_raw_attr(h, type, value, len); + int result; + + if (type == RAD_USER_PASSWORD) + result = put_password_attr(h, type, value, len); + else { + result = put_raw_attr(h, type, value, len); + if (result == 0 && type == RAD_CHAP_PASSWORD) + h->chap_pass = 1; + } + + return result; } int @@ -540,8 +549,13 @@ rad_send_request(struct rad_handle *h) } /* Make sure the user gave us a password */ - if (h->pass_pos == 0) { - generr(h, "No User-Password attribute given"); + if (h->pass_pos == 0 && !h->chap_pass) { + generr(h, "No User or Chap Password attributes given"); + return -1; + } + + if (h->pass_pos != 0 && h->chap_pass) { + generr(h, "Both User and Chap Password attributes given"); return -1; } @@ -580,7 +594,8 @@ rad_send_request(struct rad_handle *h) srv = 0; /* Insert the scrambled password into the request */ - insert_scrambled_password(h, srv); + if (h->pass_pos != 0) + insert_scrambled_password(h, srv); /* Send the request */ n = sendto(h->fd, h->request, h->req_len, 0, diff --git a/lib/libradius/radlib_private.h b/lib/libradius/radlib_private.h index d3301e326192..ec181f6edc5c 100644 --- a/lib/libradius/radlib_private.h +++ b/lib/libradius/radlib_private.h @@ -74,6 +74,7 @@ struct rad_handle { char pass[PASSSIZE]; /* Cleartext password */ int pass_len; /* Length of cleartext password */ int pass_pos; /* Position of scrambled password */ + unsigned chap_pass : 1; /* Have we got a CHAP_PASSWORD ? */ unsigned char response[MSGSIZE]; /* Response received */ int resp_len; /* Length of response */ int resp_pos; /* Current position scanning attrs */