summaryrefslogtreecommitdiff
path: root/src/libradius
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@corsac.net>2018-02-19 18:17:21 +0100
committerYves-Alexis Perez <corsac@corsac.net>2018-02-20 11:09:03 +0100
commit94218f4dc079e5fcf76b3468b9e40072181246f2 (patch)
tree05db24c85038c8ab49a30c98bd93dc7ff126390b /src/libradius
parentfd2deca589bc3d067f1cbfe59a25d3a90625e02b (diff)
downloadvyos-strongswan-94218f4dc079e5fcf76b3468b9e40072181246f2.tar.gz
vyos-strongswan-94218f4dc079e5fcf76b3468b9e40072181246f2.zip
New upstream version 5.6.2
Diffstat (limited to 'src/libradius')
-rw-r--r--src/libradius/radius_client.h2
-rw-r--r--src/libradius/radius_message.h2
-rw-r--r--src/libradius/radius_socket.c9
3 files changed, 10 insertions, 3 deletions
diff --git a/src/libradius/radius_client.h b/src/libradius/radius_client.h
index cf5f79b6c..2f6c8a43a 100644
--- a/src/libradius/radius_client.h
+++ b/src/libradius/radius_client.h
@@ -30,7 +30,7 @@ typedef struct radius_client_t radius_client_t;
* RADIUS client functionality.
*
* To communicate with a RADIUS server, create a client and send messages over
- * it. The client allocates a socket from the best RADIUS server abailable.
+ * it. The client allocates a socket from the best RADIUS server available.
*/
struct radius_client_t {
diff --git a/src/libradius/radius_message.h b/src/libradius/radius_message.h
index c72773312..eb14bf08e 100644
--- a/src/libradius/radius_message.h
+++ b/src/libradius/radius_message.h
@@ -320,7 +320,7 @@ struct radius_message_t {
radius_message_t *radius_message_create(radius_message_code_t code);
/**
- * Parse and verify a recevied RADIUS message.
+ * Parse and verify a received RADIUS message.
*
* @param data received message data
* @return radius_message_t object, NULL if length invalid
diff --git a/src/libradius/radius_socket.c b/src/libradius/radius_socket.c
index 115be79fb..b3d90d3e5 100644
--- a/src/libradius/radius_socket.c
+++ b/src/libradius/radius_socket.c
@@ -348,7 +348,14 @@ METHOD(radius_socket_t, decrypt_msk, chunk_t,
enumerator->destroy(enumerator);
if (send.ptr && recv.ptr)
{
- return chunk_cat("mm", recv, send);
+ chunk_t pad = chunk_empty;
+
+ if ((send.len + recv.len) < 64)
+ { /* zero-pad MSK to at least 64 bytes */
+ pad = chunk_alloca(64 - send.len - recv.len);
+ memset(pad.ptr, 0, pad.len);
+ }
+ return chunk_cat("mmc", recv, send, pad);
}
chunk_clear(&send);
chunk_clear(&recv);