Commit 72731f0b authored by Robert Dubner's avatar Robert Dubner
Browse files

Incorporate DANGEROUS_TESTING_ENABLED switch and warning

parent 75440d2e
Pipeline #3485 failed with stage
in 50 minutes and 13 seconds
......@@ -52,6 +52,10 @@ ldap_pvt_thread_mutex_t libradius_mutex;
static int packet_eat_count = -1;
#if DANGEROUS_TESTING_ENABLED
#pragma GCC warning "DANGEROUS_TESTING_ENABLED is set to 1, which is a security flaw."
#endif
static void
ber_lower(BerValue *bv)
{
......@@ -609,9 +613,12 @@ radiusov_acceptconn(void *ctx, void *arg)
switch( search_method )
{
case TEST_AND_DEVELOPMENT:
if( DANGEROUS_TESTING_ENABLED )
{
rc = radiusov_test_and_development( radius_info,
achSharedSecret,
incoming_request);
}
break;
case RADIUS_PROTOCOL:
......@@ -819,6 +826,7 @@ static ConfigTable radiuscfg[] =
NULL, NULL
},
#if DANGEROUS_TESTING_ENABLED
{
"radiustest",
"Search URI for simple testing",
......@@ -832,6 +840,7 @@ static ConfigTable radiuscfg[] =
")",
NULL, NULL
},
#endif
{ NULL, NULL, 0,0,0, ARG_IGNORED }
};
......
......@@ -33,6 +33,9 @@
#include "tls.h"
// The following should be set to zero in production
#define DANGEROUS_TESTING_ENABLED 1
// This is the STATE structure. There is but one SSL_CTX object; it gets
// allocated in radiusov.c:radiusov_db_init().
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment