tac_plus-ng/headers.h: no need for dedicated radius_key pointer in 's…

…truct context'
MarcJHuber · Dec 10, 2024 · 5e89bdc · 5e89bdc
1 parent 0249f9a
commit 5e89bdc
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 9 deletions.
diff --git a/tac_plus-ng/config.c b/tac_plus-ng/config.c
@@ -1519,7 +1519,7 @@ int rad_get_password(tac_session *session, char **val, size_t *val_len)
 	    for (int i = 0; i <= p[1]; i++) {
 		if (!(i & 0xf)) {
 		    struct iovec iov[2] = {
-			{.iov_base = session->ctx->radius_key->key,.iov_len = session->ctx->radius_key->len },
+			{.iov_base = session->ctx->key->key,.iov_len = session->ctx->key->len },
 			{.iov_base = i ? (p + i + 2 - 16) : session->radius_data->pak_in->authenticator,.iov_len = 16 }
 		    };
 		    md5v(digest, 16, iov, 2);

diff --git a/tac_plus-ng/headers.h b/tac_plus-ng/headers.h
@@ -898,7 +898,6 @@ struct context {
     union pak_hdr hdr;
     ssize_t hdroff;
     struct tac_key *key;
-    struct tac_key *radius_key;
     time_t last_io;
     struct radius_data *radius_data;
 #ifdef WITH_SSL

diff --git a/tac_plus-ng/main.c b/tac_plus-ng/main.c
@@ -1291,7 +1291,7 @@ static void complete_host_mavis_udp(struct context *ctx)
     }
 
     if (ctx->host)
-	ctx->radius_key = ctx->host->radius_key;
+	ctx->key = ctx->host->radius_key;
 
 #define S "CONN-START"
     ctx->msgid = S;

diff --git a/tac_plus-ng/packet.c b/tac_plus-ng/packet.c
@@ -321,7 +321,7 @@ static void set_response_authenticator(tac_session *session, rad_pak_hdr *pak)
 	{.iov_base = pak, 4 },
 	{.iov_base = session->radius_data->pak_in->authenticator,.iov_len = 16 },
 	{.iov_base = session->radius_data->data,.iov_len = session->radius_data->data_len },
-	{.iov_base = session->ctx->radius_key->key,.iov_len = session->ctx->radius_key->len }
+	{.iov_base = session->ctx->key->key,.iov_len = session->ctx->key->len }
     };
     md5v(pak->authenticator, MD5_LEN, iov, 4);
 }
@@ -560,7 +560,7 @@ void tac_read(struct context *ctx, int cur)
 	    key_radsec->len = 6;
 	    strcpy(key_radsec->key, "radsec");
 	}
-	ctx->radius_key = key_radsec;
+	ctx->key = key_radsec;
 
 	io_set_cb_i(ctx->io, ctx->sock, (void *) rad_read);
 	return;
@@ -811,18 +811,18 @@ static int rad_check_failed(struct context *ctx, u_char *p, u_char *e)
 #ifdef WITH_SSL
 // Packet looks sane, check message authentiator, if present
     if (message_authenticator) {
-	for (; ctx->radius_key; ctx->radius_key = ctx->radius_key->next) {
+	for (; ctx->key; ctx->key = ctx->key->next) {
 	    u_char ma_original[16];
 	    u_char ma_calculated[16];
 	    memcpy(ma_original, message_authenticator, 16);
 	    memset(message_authenticator, 0, 16);
 	    u_int ma_calculated_len = sizeof(ma_calculated);
-	    HMAC(EVP_md5(), ctx->radius_key->key, ctx->radius_key->len, (const unsigned char *) &ctx->in->pak.uchar, ntohs(ctx->in->pak.rad.length),
+	    HMAC(EVP_md5(), ctx->key->key, ctx->key->len, (const unsigned char *) &ctx->in->pak.uchar, ntohs(ctx->in->pak.rad.length),
 		 ma_calculated, &ma_calculated_len);
 	    memcpy(message_authenticator, ma_original, 16);
 	    if (!memcmp(ma_original, ma_calculated, 16)) {
-		if (ctx->radius_key->warn)
-		    report(NULL, LOG_INFO, ~0, "%s uses deprecated radius key (line %d)", ctx->device_addr_ascii, ctx->radius_key->line);
+		if (ctx->key->warn)
+		    report(NULL, LOG_INFO, ~0, "%s uses deprecated radius key (line %d)", ctx->device_addr_ascii, ctx->key->line);
 		return 0;
 	    }
 	}