Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 1484574 Details for
Bug 1630684
correct receiving of multiple RADIUS packets through RadSec by freeradius
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
fix: correct receiving of multiple RADIUS packets through RadSec
read-multiple-packet-from-radsec.patch (text/plain), 1.75 KB, created by
Milan Kerslager
on 2018-09-19 05:45:58 UTC
(
hide
)
Description:
fix: correct receiving of multiple RADIUS packets through RadSec
Filename:
MIME Type:
Creator:
Milan Kerslager
Created:
2018-09-19 05:45:58 UTC
Size:
1.75 KB
patch
obsolete
>--- freeradius-server-3.0.15/src/main/tls_listen.c 2017-07-17 14:43:00.000000000 +0200 >+++ freeradius-server/src/main/tls_listen.c 2017-11-05 08:39:50.681941501 +0100 >@@ -188,6 +188,18 @@ > > RDEBUG3("Reading from socket %d", request->packet->sockfd); > PTHREAD_MUTEX_LOCK(&sock->mutex); >+ >+ /* >+ * If there is pending application data, as set up by >+ * SSL_peek(), read that before reading more data from >+ * the socket. >+ */ >+ if (SSL_pending(sock->ssn->ssl)) { >+ RDEBUG3("Reading pending buffered data"); >+ sock->ssn->dirty_in.used = 0; >+ goto get_application_data; >+ } >+ > rcode = read(request->packet->sockfd, > sock->ssn->dirty_in.data, > sizeof(sock->ssn->dirty_in.data)); >@@ -249,6 +261,7 @@ > /* > * Try to get application data. > */ >+get_application_data: > status = tls_application_data(sock->ssn, request); > RDEBUG("Application data status %d", status); > >@@ -332,9 +345,13 @@ > RAD_REQUEST_FUNP fun = NULL; > listen_socket_t *sock = listener->data; > RADCLIENT *client = sock->client; >+ BIO *rbio; >+ int pending; > > if (listener->status != RAD_LISTEN_STATUS_KNOWN) return 0; > >+ >+redo: > if (!tls_socket_recv(listener)) { > return 0; > } >@@ -402,6 +419,27 @@ > return 0; > } > >+ /* >+ * Check for more application data. >+ * >+ * If there is pending SSL data, "peek" at the >+ * application data. If we get at least one byte of >+ * application data, go back to tls_socket_recv(). >+ * SSL_peek() will set SSL_pending(), and >+ * tls_socket_recv() will read another packet. >+ */ >+ rbio = SSL_get_rbio(sock->ssn->ssl); >+ pending = BIO_ctrl_pending(rbio); >+ if (pending) { >+ char buf[1]; >+ int peek = SSL_peek(sock->ssn->ssl, buf, 1); >+ >+ if (peek > 0) { >+ DEBUG("more TLS records after dual_tls_recv"); >+ goto redo; >+ } >+ } >+ > return 1; > } >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1484574">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1630684
: 1484574