aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libcharon/plugins/eap_radius/radius_message.c9
-rw-r--r--src/libcharon/plugins/eap_radius/radius_message.h4
2 files changed, 10 insertions, 3 deletions
diff --git a/src/libcharon/plugins/eap_radius/radius_message.c b/src/libcharon/plugins/eap_radius/radius_message.c
index 7fa95e39d..8a2074b2f 100644
--- a/src/libcharon/plugins/eap_radius/radius_message.c
+++ b/src/libcharon/plugins/eap_radius/radius_message.c
@@ -319,7 +319,14 @@ METHOD(radius_message_t, verify, bool,
/* replace Response by Request Authenticator for verification */
memcpy(res_auth, this->msg->authenticator, HASH_SIZE_MD5);
- memcpy(this->msg->authenticator, req_auth, HASH_SIZE_MD5);
+ if (req_auth)
+ {
+ memcpy(this->msg->authenticator, req_auth, HASH_SIZE_MD5);
+ }
+ else
+ {
+ memset(this->msg->authenticator, 0, HASH_SIZE_MD5);
+ }
msg = chunk_create((u_char*)this->msg, ntohs(this->msg->length));
/* verify Response-Authenticator */
diff --git a/src/libcharon/plugins/eap_radius/radius_message.h b/src/libcharon/plugins/eap_radius/radius_message.h
index eede40120..7f1c456da 100644
--- a/src/libcharon/plugins/eap_radius/radius_message.h
+++ b/src/libcharon/plugins/eap_radius/radius_message.h
@@ -251,9 +251,9 @@ struct radius_message_t {
hasher_t *hasher, chunk_t secret);
/**
- * Verify the integrity of a received RADIUS response.
+ * Verify the integrity of a received RADIUS message.
*
- * @param req_auth 16 byte Authenticator of the corresponding request
+ * @param req_auth 16 byte Authenticator of request, or NULL
* @param secret shared RADIUS secret
* @param hasher hasher to verify Response-Authenticator
* @param signer signer to verify Message-Authenticator attribute
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-21 23:27:39 +0000