Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Mark shared secret const in RADIUS client routines

Jouni Malinen 16 years ago
parent
1c6e69ccda
commit
7d02e64157
7 changed files with 24 additions and 19 deletions
Split View Show Diff Stats
  1. 2 1
      hostapd/accounting.c
  2. 1 1
      hostapd/ieee802_11_auth.c
  3. 3 2
      hostapd/ieee802_1x.c
  4. 7 6
      src/radius/radius.c
  5. 7 6
      src/radius/radius.h
  6. 3 2
      src/radius/radius_client.c
  7. 1 1
      src/radius/radius_client.h

+ 2 - 1
hostapd/accounting.c
View File 

@@ -422,7 +422,8 @@ static void accounting_sta_get_id(struct hostapd_data *hapd,
 
  */
 
 static RadiusRxResult
 
 accounting_receive(struct radius_msg *msg, struct radius_msg *req,
 
-		   u8 *shared_secret, size_t shared_secret_len, void *data)
 
+		   const u8 *shared_secret, size_t shared_secret_len,
 
+		   void *data)
 
 {
 
 	if (msg->hdr->code != RADIUS_CODE_ACCOUNTING_RESPONSE) {
 
 		printf("Unknown RADIUS message code\n");

+ 1 - 1
hostapd/ieee802_11_auth.c
View File 

@@ -383,7 +383,7 @@ static void hostapd_acl_expire(void *eloop_ctx, void *timeout_ctx)
 
  */
 
 static RadiusRxResult
 
 hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
 
-			u8 *shared_secret, size_t shared_secret_len,
 
+			const u8 *shared_secret, size_t shared_secret_len,
 
 			void *data)
 
 {
 
 	struct hostapd_data *hapd = data;

+ 3 - 2
hostapd/ieee802_1x.c
View File 

@@ -1042,7 +1042,8 @@ static void ieee802_1x_decapsulate_radius(struct hostapd_data *hapd,
 
 static void ieee802_1x_get_keys(struct hostapd_data *hapd,
 
 				struct sta_info *sta, struct radius_msg *msg,
 
 				struct radius_msg *req,
 
-				u8 *shared_secret, size_t shared_secret_len)
 
+				const u8 *shared_secret,
 
+				size_t shared_secret_len)
 
 {
 
 	struct radius_ms_mppe_keys *keys;
 
 	struct eapol_state_machine *sm = sta->eapol_sm;
 
@@ -1213,7 +1214,7 @@ ieee802_1x_search_radius_identifier(struct hostapd_data *hapd, u8 identifier)
 
  */
 
 static RadiusRxResult
 
 ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
 
-			u8 *shared_secret, size_t shared_secret_len,
 
+			const u8 *shared_secret, size_t shared_secret_len,
 
 			void *data)
 
 {
 
 	struct hostapd_data *hapd = data;

+ 7 - 6
src/radius/radius.c
View File 

@@ -293,7 +293,8 @@ void radius_msg_dump(struct radius_msg *msg)
 
 }
 
 
 
-int radius_msg_finish(struct radius_msg *msg, u8 *secret, size_t secret_len)
 
+int radius_msg_finish(struct radius_msg *msg, const u8 *secret,
 
+		      size_t secret_len)
 
 {
 
 	if (secret) {
 
 		u8 auth[MD5_MAC_LEN];
 
@@ -364,7 +365,7 @@ int radius_msg_finish_srv(struct radius_msg *msg, const u8 *secret,
 
 }
 
 
 
-void radius_msg_finish_acct(struct radius_msg *msg, u8 *secret,
 
+void radius_msg_finish_acct(struct radius_msg *msg, const u8 *secret,
 
 			    size_t secret_len)
 
 {
 
 	const u8 *addr[2];
 
@@ -899,7 +900,7 @@ static void encrypt_ms_key(const u8 *key, size_t key_len, u16 salt,
 
 
 struct radius_ms_mppe_keys *
 
 radius_msg_get_ms_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
 
-		       u8 *secret, size_t secret_len)
 
+		       const u8 *secret, size_t secret_len)
 
 {
 
 	u8 *key;
 
 	size_t keylen;
 
@@ -940,7 +941,7 @@ radius_msg_get_ms_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
 
 
 struct radius_ms_mppe_keys *
 
 radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
 
-			  u8 *secret, size_t secret_len)
 
+			  const u8 *secret, size_t secret_len)
 
 {
 
 	u8 *key;
 
 	size_t keylen;
 
@@ -1043,8 +1044,8 @@ int radius_msg_add_mppe_keys(struct radius_msg *msg,
 
  * in RFC 2865, Chap. 5.2 */
 
 struct radius_attr_hdr *
 
 radius_msg_add_attr_user_password(struct radius_msg *msg,
 
-				  u8 *data, size_t data_len,
 
-				  u8 *secret, size_t secret_len)
 
+				  const u8 *data, size_t data_len,
 
+				  const u8 *secret, size_t secret_len)
 
 {
 
 	u8 buf[128];
 
 	int padlen, i;

+ 7 - 6
src/radius/radius.h
View File 

@@ -207,10 +207,11 @@ int radius_msg_initialize(struct radius_msg *msg, size_t init_len);
 
 void radius_msg_set_hdr(struct radius_msg *msg, u8 code, u8 identifier);
 
 void radius_msg_free(struct radius_msg *msg);
 
 void radius_msg_dump(struct radius_msg *msg);
 
-int radius_msg_finish(struct radius_msg *msg, u8 *secret, size_t secret_len);
 
+int radius_msg_finish(struct radius_msg *msg, const u8 *secret,
 
+		      size_t secret_len);
 
 int radius_msg_finish_srv(struct radius_msg *msg, const u8 *secret,
 
 			  size_t secret_len, const u8 *req_authenticator);
 
-void radius_msg_finish_acct(struct radius_msg *msg, u8 *secret,
 
+void radius_msg_finish_acct(struct radius_msg *msg, const u8 *secret,
 
 			    size_t secret_len);
 
 struct radius_attr_hdr *radius_msg_add_attr(struct radius_msg *msg, u8 type,
 
 					    const u8 *data, size_t data_len);
 
@@ -229,10 +230,10 @@ void radius_msg_make_authenticator(struct radius_msg *msg,
 
 				   const u8 *data, size_t len);
 
 struct radius_ms_mppe_keys *
 
 radius_msg_get_ms_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
 
-		       u8 *secret, size_t secret_len);
 
+		       const u8 *secret, size_t secret_len);
 
 struct radius_ms_mppe_keys *
 
 radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
 
-			  u8 *secret, size_t secret_len);
 
+			  const u8 *secret, size_t secret_len);
 
 int radius_msg_add_mppe_keys(struct radius_msg *msg,
 
 			     const u8 *req_authenticator,
 
 			     const u8 *secret, size_t secret_len,
 
@@ -240,8 +241,8 @@ int radius_msg_add_mppe_keys(struct radius_msg *msg,
 
 			     const u8 *recv_key, size_t recv_key_len);
 
 struct radius_attr_hdr *
 
 radius_msg_add_attr_user_password(struct radius_msg *msg,
 
-				  u8 *data, size_t data_len,
 
-				  u8 *secret, size_t secret_len);
 
+				  const u8 *data, size_t data_len,
 
+				  const u8 *secret, size_t secret_len);
 
 int radius_msg_get_attr(struct radius_msg *msg, u8 type, u8 *buf, size_t len);
 
 int radius_msg_get_vlanid(struct radius_msg *msg);

+ 3 - 2
src/radius/radius_client.c
View File 

@@ -35,7 +35,8 @@
 
 struct radius_rx_handler {
 
 	RadiusRxResult (*handler)(struct radius_msg *msg,
 
 				  struct radius_msg *req,
 
-				  u8 *shared_secret, size_t shared_secret_len,
 
+				  const u8 *shared_secret,
 
+				  size_t shared_secret_len,
 
 				  void *data);
 
 	void *data;
 
 };
 
@@ -106,7 +107,7 @@ int radius_client_register(struct radius_client_data *radius,
 
 			   RadiusType msg_type,
 
 			   RadiusRxResult (*handler)(struct radius_msg *msg,
 
 						     struct radius_msg *req,
 
-						     u8 *shared_secret,
 
+						     const u8 *shared_secret,
 
 						     size_t shared_secret_len,
 
 						     void *data),
 
 			   void *data)

+ 1 - 1
src/radius/radius_client.h
View File 

@@ -85,7 +85,7 @@ int radius_client_register(struct radius_client_data *radius,
 
 			   RadiusType msg_type,
 
 			   RadiusRxResult (*handler)
 
 			   (struct radius_msg *msg, struct radius_msg *req,
 
-			    u8 *shared_secret, size_t shared_secret_len,
 
+			    const u8 *shared_secret, size_t shared_secret_len,
 
 			    void *data),
 
 			   void *data);
 
 int radius_client_send(struct radius_client_data *radius,