revert "ensure that proxies don't mangle State". helps with #5288

However, we still need a fix for the underlying issue of proxies which are reported to mangle the State attribute
FreeRADIUS · Feb 1, 2024 · 30939db · 30939db
1 parent ad32829
commit 30939db
Showing 1 changed file with 2 additions and 31 deletions.
diff --git a/src/main/state.c b/src/main/state.c
@@ -40,7 +40,6 @@ typedef struct state_entry_t {
 	struct state_entry_t *next;
 
 	int		tries;
-	bool		proxied;
 
 	TALLOC_CTX		*ctx;
 	VALUE_PAIR		*vps;
@@ -448,8 +447,6 @@ static state_entry_t *fr_state_entry_create(fr_state_t *state, REQUEST *request,
 			entry->state[8] = entry->state[2] ^ (((uint32_t) HEXIFY(RADIUSD_VERSION)) & 0xff);
 			entry->state[10] = entry->state[2] ^ ((((uint32_t) HEXIFY(RADIUSD_VERSION)) >> 8) & 0xff);
 			entry->state[12] = entry->state[2] ^ ((((uint32_t) HEXIFY(RADIUSD_VERSION)) >> 16) & 0xff);
-
-			fr_assert(!entry->proxied);
 		}
 
 		/*
@@ -466,13 +463,6 @@ static state_entry_t *fr_state_entry_create(fr_state_t *state, REQUEST *request,
 			x = fr_rand();
 			memcpy(entry->state + (i * 4), &x, sizeof(x));
 		}
-	} else {
-		/*
-		 *	There is a pre-existing State.  It may be from
-		 *	another server, in which case we don't want to
-		 *	mangle external State
-		 */
-		entry->proxied = (request->proxy && (request->proxy->dst_port != 0));
 	}
 
 	/*
@@ -509,7 +499,7 @@ static state_entry_t *fr_state_entry_create(fr_state_t *state, REQUEST *request,
 
 	/*	Make unique for different virtual servers handling same request
 	 */
-	if (request->server && !entry->proxied) {
+	if (request->server) {
 		/*
 		 *	Make unique for different virtual servers handling same request
 		 */
@@ -677,7 +667,7 @@ bool fr_state_put_vps(REQUEST *request, RADIUS_PACKET *original, RADIUS_PACKET *
 		if (vp) return true;
 
 		/*
-		 *	Create a State and add it to the packet.
+		 *
 		 */
 		for (i = 0; i < sizeof(buffer) / sizeof(x); i++) {
 			x = fr_rand();
@@ -724,25 +714,6 @@ bool fr_state_put_vps(REQUEST *request, RADIUS_PACKET *original, RADIUS_PACKET *
 	PTHREAD_MUTEX_UNLOCK(&state->mutex);
 	fr_state_cleanup(cleanup_list);
 
-#ifdef WITH_VERIFY_PTR
-	if (request->proxy_reply && (request->proxy_reply->dst_port != 0)) {
-		VALUE_PAIR *vp, *proxy;
-
-		vp = fr_pair_find_by_num(request->reply->vps, PW_STATE, 0, TAG_ANY);
-		fr_assert(vp != NULL);
-
-		proxy = fr_pair_find_by_num(request->proxy_reply->vps, PW_STATE, 0, TAG_ANY);
-
-		/*
-		 *	We can't delete state, and we can't change it when proxying.
-		 */
-		if (proxy && vp) {
-			fr_assert(vp->vp_length == proxy->vp_length);
-			fr_assert(memcmp(vp->vp_octets, proxy->vp_octets, vp->vp_length) == 0);
-		}
-	}
-#endif
-
 	VERIFY_REQUEST(request);
 	return true;
 }