Commit 72731f0b authored by Robert Dubner's avatar Robert Dubner
Browse files

Incorporate DANGEROUS_TESTING_ENABLED switch and warning

parent 75440d2e
Pipeline #3485 failed with stage
in 50 minutes and 13 seconds
...@@ -52,6 +52,10 @@ ldap_pvt_thread_mutex_t libradius_mutex; ...@@ -52,6 +52,10 @@ ldap_pvt_thread_mutex_t libradius_mutex;
static int packet_eat_count = -1; static int packet_eat_count = -1;
#if DANGEROUS_TESTING_ENABLED
#pragma GCC warning "DANGEROUS_TESTING_ENABLED is set to 1, which is a security flaw."
#endif
static void static void
ber_lower(BerValue *bv) ber_lower(BerValue *bv)
{ {
...@@ -609,9 +613,12 @@ radiusov_acceptconn(void *ctx, void *arg) ...@@ -609,9 +613,12 @@ radiusov_acceptconn(void *ctx, void *arg)
switch( search_method ) switch( search_method )
{ {
case TEST_AND_DEVELOPMENT: case TEST_AND_DEVELOPMENT:
rc = radiusov_test_and_development( radius_info, if( DANGEROUS_TESTING_ENABLED )
achSharedSecret, {
incoming_request); rc = radiusov_test_and_development( radius_info,
achSharedSecret,
incoming_request);
}
break; break;
case RADIUS_PROTOCOL: case RADIUS_PROTOCOL:
...@@ -819,6 +826,7 @@ static ConfigTable radiuscfg[] = ...@@ -819,6 +826,7 @@ static ConfigTable radiuscfg[] =
NULL, NULL NULL, NULL
}, },
#if DANGEROUS_TESTING_ENABLED
{ {
"radiustest", "radiustest",
"Search URI for simple testing", "Search URI for simple testing",
...@@ -832,6 +840,7 @@ static ConfigTable radiuscfg[] = ...@@ -832,6 +840,7 @@ static ConfigTable radiuscfg[] =
")", ")",
NULL, NULL NULL, NULL
}, },
#endif
{ NULL, NULL, 0,0,0, ARG_IGNORED } { NULL, NULL, 0,0,0, ARG_IGNORED }
}; };
......
...@@ -33,6 +33,9 @@ ...@@ -33,6 +33,9 @@
#include "tls.h" #include "tls.h"
// The following should be set to zero in production
#define DANGEROUS_TESTING_ENABLED 1
// This is the STATE structure. There is but one SSL_CTX object; it gets // This is the STATE structure. There is but one SSL_CTX object; it gets
// allocated in radiusov.c:radiusov_db_init(). // allocated in radiusov.c:radiusov_db_init().
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment