#2 RADIUS IPv6

closed-fixed
nobody
None
5
2010-01-16
2010-01-15
No

When pepper receives a radius response, it validates the ip source address of the packet (see radius.c radius_decaps() lines 1829-1830).
But the test is wrong :
if ((IN6_ARE_ADDR_EQUAL(&addr6.sin6_addr, &((struct sockaddr_in6 *)&this->hisaddr0)->sin6_addr)) &&
(IN6_ARE_ADDR_EQUAL(&addr6.sin6_addr, &((struct sockaddr_in6 *)&this->hisaddr1)->sin6_addr))) {
and it sould be :
if (!((IN6_ARE_ADDR_EQUAL(&addr6.sin6_addr, &((struct sockaddr_in6 *)&this->hisaddr0)->sin6_addr)) &&
(IN6_ARE_ADDR_EQUAL(&addr6.sin6_addr, &((struct sockaddr_in6 *)&this->hisaddr1)->sin6_addr)))) {

Discussion

  • I cut and paste too rapidly, the real solution is :
    if (!(IN6_ARE_ADDR_EQUAL(&addr6.sin6_addr, &((struct sockaddr_in6 *)&this->hisaddr0)->sin6_addr)) &&
    !(IN6_ARE_ADDR_EQUAL(&addr6.sin6_addr, &((struct sockaddr_in6 *)&this->hisaddr1)->sin6_addr))) {

     
  • Fixed in trunk revision 47.

     
    • status: open --> closed-fixed