527 lines
22 KiB
C
527 lines
22 KiB
C
/* $OpenBSD: radius.h,v 1.4 2024/02/25 06:22:45 yasuoka Exp $ */
|
|
|
|
/*-
|
|
* Copyright (c) 2009 Internet Initiative Japan Inc.
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#ifndef _RADIUS_H
|
|
#define _RADIUS_H
|
|
|
|
#define RADIUS_DEFAULT_PORT 1812
|
|
#define RADIUS_ACCT_DEFAULT_PORT 1813
|
|
|
|
/* RADIUS codes */
|
|
#define RADIUS_CODE_ACCESS_REQUEST 1
|
|
#define RADIUS_CODE_ACCESS_ACCEPT 2
|
|
#define RADIUS_CODE_ACCESS_REJECT 3
|
|
#define RADIUS_CODE_ACCOUNTING_REQUEST 4
|
|
#define RADIUS_CODE_ACCOUNTING_RESPONSE 5
|
|
#define RADIUS_CODE_ACCESS_CHALLENGE 11
|
|
#define RADIUS_CODE_STATUS_SERVER 12
|
|
#define RADIUS_CODE_STATUS_CLIENT 13
|
|
|
|
|
|
/* RADIUS attributes */
|
|
#define RADIUS_TYPE_USER_NAME 1
|
|
#define RADIUS_TYPE_USER_PASSWORD 2
|
|
#define RADIUS_TYPE_CHAP_PASSWORD 3
|
|
#define RADIUS_TYPE_NAS_IP_ADDRESS 4
|
|
#define RADIUS_TYPE_NAS_PORT 5
|
|
#define RADIUS_TYPE_SERVICE_TYPE 6
|
|
#define RADIUS_TYPE_FRAMED_PROTOCOL 7
|
|
#define RADIUS_TYPE_FRAMED_IP_ADDRESS 8
|
|
#define RADIUS_TYPE_FRAMED_IP_NETMASK 9
|
|
#define RADIUS_TYPE_FRAMED_ROUTING 10
|
|
#define RADIUS_TYPE_FILTER_ID 11
|
|
#define RADIUS_TYPE_FRAMED_MTU 12
|
|
#define RADIUS_TYPE_FRAMED_COMPRESSION 13
|
|
#define RADIUS_TYPE_LOGIN_IP_HOST 14
|
|
#define RADIUS_TYPE_LOGIN_SERVICE 15
|
|
#define RADIUS_TYPE_LOGIN_TCP_PORT 16
|
|
/* unassigned 17 */
|
|
#define RADIUS_TYPE_REPLY_MESSAGE 18
|
|
#define RADIUS_TYPE_CALLBACK_NUMBER 19
|
|
#define RADIUS_TYPE_CALLBACK_ID 20
|
|
/* unassigned 21 */
|
|
#define RADIUS_TYPE_FRAMED_ROUTE 22
|
|
#define RADIUS_TYPE_FRAMED_IPX_NETWORK 23
|
|
#define RADIUS_TYPE_STATE 24
|
|
#define RADIUS_TYPE_CLASS 25
|
|
#define RADIUS_TYPE_VENDOR_SPECIFIC 26
|
|
#define RADIUS_TYPE_SESSION_TIMEOUT 27
|
|
#define RADIUS_TYPE_IDLE_TIMEOUT 28
|
|
#define RADIUS_TYPE_TERMINATION_ACTION 29
|
|
#define RADIUS_TYPE_CALLED_STATION_ID 30
|
|
#define RADIUS_TYPE_CALLING_STATION_ID 31
|
|
#define RADIUS_TYPE_NAS_IDENTIFIER 32
|
|
#define RADIUS_TYPE_PROXY_STATE 33
|
|
#define RADIUS_TYPE_LOGIN_LAT_SERVICE 34
|
|
#define RADIUS_TYPE_LOGIN_LAT_NODE 35
|
|
#define RADIUS_TYPE_LOGIN_LAT_GROUP 36
|
|
#define RADIUS_TYPE_FRAMED_APPLETALK_LINK 37
|
|
#define RADIUS_TYPE_FRAMED_APPLETALK_NETWORK 38
|
|
#define RADIUS_TYPE_FRAMED_APPLETALK_ZONE 39
|
|
#define RADIUS_TYPE_ACCT_STATUS_TYPE 40
|
|
#define RADIUS_TYPE_ACCT_DELAY_TIME 41
|
|
#define RADIUS_TYPE_ACCT_INPUT_OCTETS 42
|
|
#define RADIUS_TYPE_ACCT_OUTPUT_OCTETS 43
|
|
#define RADIUS_TYPE_ACCT_SESSION_ID 44
|
|
#define RADIUS_TYPE_ACCT_AUTHENTIC 45
|
|
#define RADIUS_TYPE_ACCT_SESSION_TIME 46
|
|
#define RADIUS_TYPE_ACCT_INPUT_PACKETS 47
|
|
#define RADIUS_TYPE_ACCT_OUTPUT_PACKETS 48
|
|
#define RADIUS_TYPE_ACCT_TERMINATE_CAUSE 49
|
|
#define RADIUS_TYPE_ACCT_MULTI_SESSION_ID 50
|
|
#define RADIUS_TYPE_ACCT_LINK_COUNT 51
|
|
#define RADIUS_TYPE_ACCT_INPUT_GIGAWORDS 52
|
|
#define RADIUS_TYPE_ACCT_OUTPUT_GIGAWORDS 53
|
|
/* unassigned (for accounting) 54 */
|
|
#define RADIUS_TYPE_EVENT_TIMESTAMP 55
|
|
/* unassigned (for accounting) 56 */
|
|
/* unassigned (for accounting) 57 */
|
|
/* unassigned (for accounting) 58 */
|
|
/* unassigned (for accounting) 59 */
|
|
#define RADIUS_TYPE_CHAP_CHALLENGE 60
|
|
#define RADIUS_TYPE_NAS_PORT_TYPE 61
|
|
#define RADIUS_TYPE_PORT_LIMIT 62
|
|
#define RADIUS_TYPE_LOGIN_LAT_PORT 63
|
|
#define RADIUS_TYPE_TUNNEL_TYPE 64
|
|
#define RADIUS_TYPE_TUNNEL_MEDIUM_TYPE 65
|
|
#define RADIUS_TYPE_TUNNEL_CLIENT_ENDPOINT 66
|
|
#define RADIUS_TYPE_TUNNEL_SERVER_ENDPOINT 67
|
|
#define RADIUS_TYPE_ACCT_TUNNEL_CONNECTION 68
|
|
#define RADIUS_TYPE_TUNNEL_PASSWORD 69
|
|
#define RADIUS_TYPE_ARAP_PASSWORD 70
|
|
#define RADIUS_TYPE_ARAP_FEATURES 71
|
|
#define RADIUS_TYPE_ARAP_ZONE_ACCESS 72
|
|
#define RADIUS_TYPE_ARAP_SECURITY 73
|
|
#define RADIUS_TYPE_ARAP_SECURITY_DATA 74
|
|
#define RADIUS_TYPE_PASSWORD_RETRY 75
|
|
#define RADIUS_TYPE_PROMPT 76
|
|
#define RADIUS_TYPE_CONNECT_INFO 77
|
|
#define RADIUS_TYPE_CONFIGURATION_TOKEN 78
|
|
#define RADIUS_TYPE_EAP_MESSAGE 79
|
|
#define RADIUS_TYPE_MESSAGE_AUTHENTICATOR 80
|
|
#define RADIUS_TYPE_TUNNEL_PRIVATE_GROUP_ID 81
|
|
#define RADIUS_TYPE_TUNNEL_ASSIGNMENT_ID 82
|
|
#define RADIUS_TYPE_TUNNEL_PREFERENCE 83
|
|
#define RADIUS_TYPE_ARAP_CHALLENGE_RESPONSE 84
|
|
#define RADIUS_TYPE_ACCT_INTERIM_INTERVAL 85
|
|
#define RADIUS_TYPE_ACCT_TUNNEL_PACKETS_LOST 86
|
|
#define RADIUS_TYPE_NAS_PORT_ID 87
|
|
#define RADIUS_TYPE_FRAMED_POOL 88
|
|
/* unassigned 89 */
|
|
#define RADIUS_TYPE_TUNNEL_CLIENT_AUTH_ID 90
|
|
#define RADIUS_TYPE_TUNNEL_SERVER_AUTH_ID 91
|
|
/* unassigned 92-94 */
|
|
#define RADIUS_TYPE_NAS_IPV6_ADDRESS 95
|
|
#define RADIUS_TYPE_FRAMED_INTERFACE_ID 96
|
|
#define RADIUS_TYPE_FRAMED_IPV6_PREFIX 97
|
|
#define RADIUS_TYPE_LOGIN_IPV6_HOST 98
|
|
#define RADIUS_TYPE_FRAMED_IPV6_ROUTE 99
|
|
#define RADIUS_TYPE_FRAMED_IPV6_POOL 100
|
|
|
|
/* RFC 6911 3. Attributes */
|
|
#define RADIUS_TYPE_FRAMED_IPV6_ADDRESS 168
|
|
#define RADIUS_TYPE_DNS_SERVER_IPV6_ADDRESS 169
|
|
#define RADIUS_TYPE_ROUTE_IPV6_INFORMATION 170
|
|
#define RADIUS_TYPE_DELEGATED_IPV6_PREFIX_POOL 171
|
|
#define RADIUS_TYPE_STATEFUL_IPV6_ADDRESS_POOL 172
|
|
|
|
|
|
/* RFC 2865 5.7. Framed-Protocol */
|
|
#define RADIUS_FRAMED_PROTOCOL_PPP 1 /* PPP */
|
|
#define RADIUS_FRAMED_PROTOCOL_SLIP 2 /* SLIP */
|
|
#define RADIUS_FRAMED_PROTOCOL_ARAP 3 /* AppleTalk Remote Access
|
|
* Protocol (ARAP) */
|
|
#define RADIUS_FRAMED_PROTOCOL_GANDALF 4 /* Gandalf proprietary
|
|
* SingleLink/MultiLink
|
|
* protocol */
|
|
#define RADIUS_FRAMED_PROTOCOL_XYLOGICS 5 /* Xylogics proprietary
|
|
* IPX/SLIP */
|
|
#define RADIUS_FRAMED_PROTOCOL_X75 6 /* X.75 Synchronous */
|
|
|
|
|
|
/* RFC 2865 5.6. Service-Type */
|
|
#define RADIUS_SERVICE_TYPE_LOGIN 1
|
|
#define RADIUS_SERVICE_TYPE_FRAMED 2
|
|
#define RADIUS_SERVICE_TYPE_CB_LOGIN 3
|
|
#define RADIUS_SERVICE_TYPE_CB_FRAMED 4
|
|
#define RADIUS_SERVICE_TYPE_OUTBOUND 5
|
|
#define RADIUS_SERVICE_TYPE_ADMINISTRATIVE 6
|
|
#define RADIUS_SERVICE_TYPE_NAS_PROMPT 7
|
|
#define RADIUS_SERVICE_TYPE_AUTHENTICAT_ONLY 8
|
|
#define RADIUS_SERVICE_TYPE_CB_NAS_PROMPT 9
|
|
#define RADIUS_SERVICE_TYPE_CALL_CHECK 10
|
|
#define RADIUS_SERVICE_TYPE_CB_ADMINISTRATIVE 11
|
|
|
|
|
|
/* Microsoft vendor specific attributes: see RFC2548*/
|
|
#define RADIUS_VENDOR_MICROSOFT 311
|
|
#define RADIUS_VTYPE_MS_CHAP_RESPONSE 1
|
|
#define RADIUS_VTYPE_MS_CHAP_ERROR 2
|
|
#define RADIUS_VTYPE_MS_CHAP_PW_1 3
|
|
#define RADIUS_VTYPE_MS_CHAP_PW_2 4
|
|
#define RADIUS_VTYPE_MS_CHAP_LM_ENC_PW 5
|
|
#define RADIUS_VTYPE_MS_CHAP_NT_ENC_PW 6
|
|
#define RADIUS_VTYPE_MPPE_ENCRYPTION_POLICY 7
|
|
#define RADIUS_VTYPE_MPPE_ENCRYPTION_TYPES 8
|
|
#define RADIUS_VTYPE_MS_RAS_VENDOR 9
|
|
#define RADIUS_VTYPE_MS_CHAP_CHALLENGE 11
|
|
#define RADIUS_VTYPE_MS_CHAP_MPPE_KEYS 12
|
|
#define RADIUS_VTYPE_MS_BAP_USAGE 13
|
|
#define RADIUS_VTYPE_MS_LINK_UTILIZATION_THRESHOLD 14
|
|
#define RADIUS_VTYPE_MS_LINK_DROP_TIME_LIMIT 15
|
|
#define RADIUS_VTYPE_MPPE_SEND_KEY 16
|
|
#define RADIUS_VTYPE_MPPE_RECV_KEY 17
|
|
#define RADIUS_VTYPE_MS_RAS_VERSION 18
|
|
#define RADIUS_VTYPE_MS_OLD_ARAP_PASSWORD 19
|
|
#define RADIUS_VTYPE_MS_NEW_ARAP_PASSWORD 20
|
|
#define RADIUS_VTYPE_MS_ARAP_PASSWORD_CHANGE_REASON 21
|
|
#define RADIUS_VTYPE_MS_FILTER 22
|
|
#define RADIUS_VTYPE_MS_ACCT_AUTH_TYPE 23
|
|
#define RADIUS_VTYPE_MS_ACCT_EAP_TYPE 24
|
|
#define RADIUS_VTYPE_MS_CHAP2_RESPONSE 25
|
|
#define RADIUS_VTYPE_MS_CHAP2_SUCCESS 26
|
|
#define RADIUS_VTYPE_MS_CHAP2_PW 27
|
|
#define RADIUS_VTYPE_MS_PRIMARY_DNS_SERVER 28
|
|
#define RADIUS_VTYPE_MS_SECONDARY_DNS_SERVER 29
|
|
#define RADIUS_VTYPE_MS_PRIMARY_NBNS_SERVER 30
|
|
#define RADIUS_VTYPE_MS_SECONDARY_NBNS_SERVER 31
|
|
/* unassigned? 32 */
|
|
#define RADIUS_VTYPE_MS_ARAP_CHALLENGE 33
|
|
|
|
|
|
/* RFC 2865 5.41. NAS-Port-Type */
|
|
#define RADIUS_NAS_PORT_TYPE_ASYNC 0 /* Async */
|
|
#define RADIUS_NAS_PORT_TYPE_SYNC 1 /* Sync */
|
|
#define RADIUS_NAS_PORT_TYPE_ISDN_SYNC 2 /* ISDN Sync */
|
|
#define RADIUS_NAS_PORT_TYPE_ISDN_ASYNC_V120 3 /* ISDN Async V.120 */
|
|
#define RADIUS_NAS_PORT_TYPE_ISDN_ASYNC_V110 4 /* ISDN Async V.110 */
|
|
#define RADIUS_NAS_PORT_TYPE_VIRTUAL 5 /* Virtual */
|
|
#define RADIUS_NAS_PORT_TYPE_PIAFS 6 /* PIAFS */
|
|
#define RADIUS_NAS_PORT_TYPE_HDLC_CLEAR_CHANNEL 7 /* HDLC Clear Channel */
|
|
#define RADIUS_NAS_PORT_TYPE_X_25 8 /* X.25 */
|
|
#define RADIUS_NAS_PORT_TYPE_X_75 9 /* X.75 */
|
|
#define RADIUS_NAS_PORT_TYPE_G3_FAX 10 /* G.3 Fax */
|
|
#define RADIUS_NAS_PORT_TYPE_SDSL 11 /* SDSL - Symmetric DSL */
|
|
#define RADIUS_NAS_PORT_TYPE_ADSL_CAP 12 /* ADSL-CAP - Asymmetric
|
|
* DSL, Carrierless
|
|
* Amplitude Phase
|
|
* Modulation */
|
|
#define RADIUS_NAS_PORT_TYPE_ADSL_DMT 13 /* ADSL-DMT - Asymmetric
|
|
* DSL, Discrete
|
|
* Multi-Tone */
|
|
#define RADIUS_NAS_PORT_TYPE_IDSL 14 /* IDSL - ISDN Digital
|
|
* Subscriber Line */
|
|
#define RADIUS_NAS_PORT_TYPE_ETHERNET 15 /* Ethernet */
|
|
#define RADIUS_NAS_PORT_TYPE_XDSL 16 /* xDSL - Digital
|
|
* Subscriber Line of
|
|
* unknown type */
|
|
#define RADIUS_NAS_PORT_TYPE_CABLE 17 /* Cable */
|
|
#define RADIUS_NAS_PORT_TYPE_WIRELESS 18 /* Wireless - Other */
|
|
#define RADIUS_NAS_PORT_TYPE_WIRELESS_802_11 19 /* Wireless - IEEE
|
|
* 802.11 */
|
|
|
|
|
|
/* RFC 2866 5.1. Acct-Status-Type */
|
|
#define RADIUS_ACCT_STATUS_TYPE_START 1 /* Start */
|
|
#define RADIUS_ACCT_STATUS_TYPE_STOP 2 /* Stop */
|
|
#define RADIUS_ACCT_STATUS_TYPE_INTERIM_UPDATE 3 /* Interim-Update */
|
|
#define RADIUS_ACCT_STATUS_TYPE_ACCT_ON 7 /* Accounting-On */
|
|
#define RADIUS_ACCT_STATUS_TYPE_ACCT_OFF 8 /* Accounting-Off */
|
|
|
|
|
|
/* RFC 2866 5.6. Acct-Authentic */
|
|
#define RADIUS_ACCT_AUTHENTIC_RADIUS 1 /* RADIUS */
|
|
#define RADIUS_ACCT_AUTHENTIC_LOCAL 2 /* Local */
|
|
#define RADIUS_ACCT_AUTHENTIC_REMOTE 3 /* Remote */
|
|
|
|
|
|
/* RFC 2866 5.10. Acct-Terminate-Cause */
|
|
#define RADIUS_TERMNATE_CAUSE_USER_REQUEST 1 /* User Request */
|
|
#define RADIUS_TERMNATE_CAUSE_LOST_CARRIER 2 /* Lost Carrier */
|
|
#define RADIUS_TERMNATE_CAUSE_LOST_SERVICE 3 /* Lost Service */
|
|
#define RADIUS_TERMNATE_CAUSE_IDLE_TIMEOUT 4 /* Idle Timeout */
|
|
#define RADIUS_TERMNATE_CAUSE_SESSION_TIMEOUT 5 /* Session Timeout */
|
|
#define RADIUS_TERMNATE_CAUSE_ADMIN_RESET 6 /* Admin Reset */
|
|
#define RADIUS_TERMNATE_CAUSE_ADMIN_REBOOT 7 /* Admin Reboot */
|
|
#define RADIUS_TERMNATE_CAUSE_PORT_ERROR 8 /* Port Error */
|
|
#define RADIUS_TERMNATE_CAUSE_NAS_ERROR 9 /* NAS Error */
|
|
#define RADIUS_TERMNATE_CAUSE_NAS_RESET 10 /* NAS Request */
|
|
#define RADIUS_TERMNATE_CAUSE_NAS_REBOOT 11 /* NAS Reboot */
|
|
#define RADIUS_TERMNATE_CAUSE_PORT_UNNEEDED 12 /* Port Unneeded */
|
|
#define RADIUS_TERMNATE_CAUSE_PORT_PREEMPTED 13 /* Port Preempted */
|
|
#define RADIUS_TERMNATE_CAUSE_PORT_SUSPENDED 14 /* Port Suspended */
|
|
#define RADIUS_TERMNATE_CAUSE_SERVICE_UNAVAIL 15 /* Service Unavailable */
|
|
#define RADIUS_TERMNATE_CAUSE_CALLBACK 16 /* Callback */
|
|
#define RADIUS_TERMNATE_CAUSE_USER_ERROR 17 /* User Error */
|
|
#define RADIUS_TERMNATE_CAUSE_HOST_REQUEST 18 /* Host Request */
|
|
|
|
|
|
/* RFC 2868 3.1. Tunnel-Type */
|
|
#define RADIUS_TUNNEL_TYPE_PPTP 1 /* Point-to-Point Tunneling
|
|
* Protocol (PPTP) */
|
|
#define RADIUS_TUNNEL_TYPE_L2F 2 /* Layer Two Forwarding (L2F) */
|
|
#define RADIUS_TUNNEL_TYPE_L2TP 3 /* Layer Two Tunneling
|
|
* Protocol (L2TP) */
|
|
#define RADIUS_TUNNEL_TYPE_ATMP 4 /* Ascend Tunnel Management
|
|
* Protocol (ATMP) */
|
|
#define RADIUS_TUNNEL_TYPE_VTP 5 /* Virtual Tunneling Protocol
|
|
* (VTP) */
|
|
#define RADIUS_TUNNEL_TYPE_AH 6 /* IP Authentication Header in
|
|
* the Tunnel-mode (AH) */
|
|
#define RADIUS_TUNNEL_TYPE_IP 7 /* IP-in-IP Encapsulation
|
|
* (IP-IP) */
|
|
#define RADIUS_TUNNEL_TYPE_MOBILE 8 /* Minimal IP-in-IP
|
|
* Encapsulation (MIN-IP-IP) */
|
|
#define RADIUS_TUNNEL_TYPE_ESP 9 /* IP Encapsulating Security
|
|
* Payload in the Tunnel-mode
|
|
* (ESP) */
|
|
#define RADIUS_TUNNEL_TYPE_GRE 10 /* Generic Route Encapsulation
|
|
* (GRE) */
|
|
#define RADIUS_TUNNEL_TYPE_VDS 11 /* Bay Dial Virtual Services
|
|
* (DVS) */
|
|
#define RADIUS_TUNNEL_TYPE_IPIP 12 /* IP-in-IP Tunneling */
|
|
|
|
|
|
/* RFC 2868 3.2. Tunnel-Medium-Type */
|
|
#define RADIUS_TUNNEL_MEDIUM_TYPE_IPV4 1 /* IPv4 (IP version 4) */
|
|
#define RADIUS_TUNNEL_MEDIUM_TYPE_IPV6 2 /* IPv6 (IP version 6) */
|
|
#define RADIUS_TUNNEL_MEDIUM_TYPE_NSAP 3 /* NSAP */
|
|
#define RADIUS_TUNNEL_MEDIUM_TYPE_HDLC 4 /* HDLC (8-bit
|
|
* multidrop) */
|
|
#define RADIUS_TUNNEL_MEDIUM_TYPE_BBN1822 5 /* BBN 1822 */
|
|
#define RADIUS_TUNNEL_MEDIUM_TYPE_802 6 /* 802 (includes all 802
|
|
* media plus Ethernet
|
|
* "canonical format")*/
|
|
#define RADIUS_TUNNEL_MEDIUM_TYPE_E163 7 /* E.163 (POTS) */
|
|
#define RADIUS_TUNNEL_MEDIUM_TYPE_E164 8 /* E.164 (SMDS, Frame
|
|
* Relay, ATM) */
|
|
#include <sys/socket.h>
|
|
#include <sys/cdefs.h>
|
|
|
|
#include <stdbool.h>
|
|
#include <stdint.h>
|
|
|
|
struct in_addr;
|
|
struct in6_addr;
|
|
|
|
__BEGIN_DECLS
|
|
|
|
/******* packet manipulation support *******/
|
|
|
|
typedef struct _RADIUS_PACKET RADIUS_PACKET;
|
|
|
|
/* constructors */
|
|
RADIUS_PACKET *radius_new_request_packet(uint8_t);
|
|
RADIUS_PACKET *radius_new_response_packet(uint8_t, const RADIUS_PACKET *);
|
|
RADIUS_PACKET *radius_convert_packet(const void *, size_t);
|
|
|
|
/* destructor */
|
|
int radius_delete_packet(RADIUS_PACKET *);
|
|
|
|
/* accessors - header values */
|
|
uint8_t radius_get_id(const RADIUS_PACKET *);
|
|
void radius_update_id(RADIUS_PACKET * packet);
|
|
void radius_set_id(RADIUS_PACKET *, uint8_t);
|
|
uint8_t radius_get_code(const RADIUS_PACKET *);
|
|
void radius_get_authenticator(const RADIUS_PACKET *, void *);
|
|
void radius_set_request_packet(RADIUS_PACKET *,
|
|
const RADIUS_PACKET *);
|
|
const RADIUS_PACKET *
|
|
radius_get_request_packet(const RADIUS_PACKET *);
|
|
int radius_check_response_authenticator(const RADIUS_PACKET *,
|
|
const char *);
|
|
int radius_check_accounting_request_authenticator(
|
|
const RADIUS_PACKET *, const char *);
|
|
uint8_t *radius_get_authenticator_retval(const RADIUS_PACKET *);
|
|
uint8_t *radius_get_request_authenticator_retval(const RADIUS_PACKET *);
|
|
void radius_set_accounting_request_authenticator(RADIUS_PACKET *,
|
|
const char *);
|
|
void radius_set_response_authenticator(RADIUS_PACKET *,
|
|
const char *);
|
|
uint16_t radius_get_length(const RADIUS_PACKET *);
|
|
const void *radius_get_data(const RADIUS_PACKET *);
|
|
|
|
int radius_get_raw_attr(const RADIUS_PACKET *, uint8_t, void *,
|
|
size_t *);
|
|
int radius_get_vs_raw_attr(const RADIUS_PACKET *, uint32_t,
|
|
uint8_t, void *, size_t *);
|
|
int radius_put_raw_attr(RADIUS_PACKET *, uint8_t, const void *,
|
|
size_t);
|
|
int radius_put_vs_raw_attr(RADIUS_PACKET *, uint32_t, uint8_t,
|
|
const void *, size_t);
|
|
int radius_get_raw_attr_ptr(const RADIUS_PACKET *, uint8_t,
|
|
const void **, size_t *);
|
|
int radius_get_vs_raw_attr_ptr(const RADIUS_PACKET *, uint32_t,
|
|
uint8_t, const void **, size_t *);
|
|
int radius_get_raw_attr_cat(const RADIUS_PACKET *, uint8_t,
|
|
void *, size_t *);
|
|
int radius_get_vs_raw_attr_cat(const RADIUS_PACKET *, uint32_t,
|
|
uint8_t, void *, size_t *);
|
|
int radius_put_raw_attr_cat(RADIUS_PACKET *, uint8_t,
|
|
const void *, size_t);
|
|
int radius_put_vs_raw_attr_cat(RADIUS_PACKET *, uint32_t, uint8_t,
|
|
const void *, size_t);
|
|
int radius_set_raw_attr(RADIUS_PACKET *, uint8_t, const void *,
|
|
size_t);
|
|
int radius_set_vs_raw_attr(RADIUS_PACKET *, uint32_t, uint8_t,
|
|
const void *, size_t);
|
|
|
|
int radius_del_attr_all(RADIUS_PACKET *, uint8_t);
|
|
int radius_del_vs_attr_all(RADIUS_PACKET *, uint32_t, uint8_t);
|
|
|
|
bool radius_has_attr(const RADIUS_PACKET *, uint8_t);
|
|
bool radius_has_vs_attr(const RADIUS_PACKET *, uint32_t, uint8_t);
|
|
|
|
/* typed attribute accessor (string) */
|
|
int radius_get_string_attr(const RADIUS_PACKET *, uint8_t, char *,
|
|
size_t);
|
|
int radius_get_vs_string_attr(const RADIUS_PACKET *, uint32_t,
|
|
uint8_t, char *, size_t);
|
|
int radius_put_string_attr(RADIUS_PACKET *, uint8_t, const char *);
|
|
int radius_put_vs_string_attr(RADIUS_PACKET *, uint32_t, uint8_t,
|
|
const char *);
|
|
|
|
/* typed attribute accessor (uint16_t) */
|
|
int radius_get_uint16_attr(const RADIUS_PACKET *,
|
|
uint8_t, uint16_t *);
|
|
int radius_get_vs_uint16_attr(const RADIUS_PACKET *,
|
|
uint32_t, uint8_t, uint16_t *);
|
|
int radius_put_uint16_attr(RADIUS_PACKET *,
|
|
uint8_t, const uint16_t);
|
|
int radius_put_vs_uint16_attr(RADIUS_PACKET *,
|
|
uint32_t, uint8_t, const uint16_t);
|
|
int radius_set_uint16_attr(RADIUS_PACKET *,
|
|
uint8_t, const uint16_t);
|
|
int radius_set_vs_uint16_attr(RADIUS_PACKET *,
|
|
uint32_t, uint8_t, const uint16_t);
|
|
|
|
/* typed attribute accessor (uint32_t) */
|
|
int radius_get_uint32_attr(const RADIUS_PACKET *,
|
|
uint8_t, uint32_t *);
|
|
int radius_get_vs_uint32_attr(const RADIUS_PACKET *,
|
|
uint32_t, uint8_t, uint32_t *);
|
|
int radius_put_uint32_attr(RADIUS_PACKET *,
|
|
uint8_t, const uint32_t);
|
|
int radius_put_vs_uint32_attr(RADIUS_PACKET *,
|
|
uint32_t, uint8_t, const uint32_t);
|
|
int radius_set_uint32_attr(RADIUS_PACKET *,
|
|
uint8_t, const uint32_t);
|
|
int radius_set_vs_uint32_attr(RADIUS_PACKET *,
|
|
uint32_t, uint8_t, const uint32_t);
|
|
|
|
/* typed attribute accessor (uint64_t) */
|
|
int radius_get_uint64_attr(const RADIUS_PACKET *,
|
|
uint8_t, uint64_t *);
|
|
int radius_get_vs_uint64_attr(const RADIUS_PACKET *,
|
|
uint32_t, uint8_t, uint64_t *);
|
|
int radius_put_uint64_attr(RADIUS_PACKET *,
|
|
uint8_t, const uint64_t);
|
|
int radius_put_vs_uint64_attr(RADIUS_PACKET *,
|
|
uint32_t, uint8_t, const uint64_t);
|
|
int radius_set_uint64_attr(RADIUS_PACKET *,
|
|
uint8_t, const uint64_t);
|
|
int radius_set_vs_uint64_attr(RADIUS_PACKET *,
|
|
uint32_t, uint8_t, const uint64_t);
|
|
|
|
/* typed attribute accessor (ipv4) */
|
|
int radius_get_ipv4_attr(const RADIUS_PACKET *,
|
|
uint8_t, struct in_addr *);
|
|
int radius_get_vs_ipv4_attr(const RADIUS_PACKET *,
|
|
uint32_t, uint8_t, struct in_addr *);
|
|
int radius_put_ipv4_attr(RADIUS_PACKET *,
|
|
uint8_t, const struct in_addr);
|
|
int radius_put_vs_ipv4_attr(RADIUS_PACKET *,
|
|
uint32_t, uint8_t, const struct in_addr);
|
|
int radius_set_ipv4_attr(RADIUS_PACKET *,
|
|
uint8_t, const struct in_addr);
|
|
int radius_set_vs_ipv4_attr(RADIUS_PACKET *,
|
|
uint32_t, uint8_t, const struct in_addr);
|
|
|
|
/* typed attribute accessor (ipv6) */
|
|
int radius_get_ipv6_attr(const RADIUS_PACKET *,
|
|
uint8_t, struct in6_addr *);
|
|
int radius_get_vs_ipv6_attr(const RADIUS_PACKET *,
|
|
uint32_t, uint8_t, struct in6_addr *);
|
|
int radius_put_ipv6_attr(RADIUS_PACKET *,
|
|
uint8_t, const struct in6_addr *);
|
|
int radius_put_vs_ipv6_attr(RADIUS_PACKET *,
|
|
uint32_t, uint8_t, const struct in6_addr *);
|
|
int radius_set_ipv6_attr(RADIUS_PACKET *,
|
|
uint8_t, const struct in6_addr *);
|
|
int radius_set_vs_ipv6_attr(RADIUS_PACKET *,
|
|
uint32_t, uint8_t, const struct in6_addr *);
|
|
|
|
/* message authenticator */
|
|
int radius_put_message_authenticator(RADIUS_PACKET *,
|
|
const char *);
|
|
int radius_set_message_authenticator(RADIUS_PACKET *,
|
|
const char *);
|
|
int radius_check_message_authenticator(RADIUS_PACKET *,
|
|
const char *);
|
|
|
|
/* encryption */
|
|
int radius_encrypt_user_password_attr(void *, size_t *,
|
|
const char *, const void *, const char *);
|
|
int radius_decrypt_user_password_attr(char *, size_t,
|
|
const void *, size_t, const void *, const char *);
|
|
int radius_encrypt_mppe_key_attr(void *, size_t *,
|
|
const void *, size_t, const void *, const char *);
|
|
int radius_decrypt_mppe_key_attr(void *, size_t *, const void *,
|
|
size_t, const void *, const char *);
|
|
|
|
/* encrypted attribute */
|
|
int radius_get_user_password_attr(const RADIUS_PACKET *,
|
|
char *, size_t, const char *);
|
|
int radius_put_user_password_attr(RADIUS_PACKET *,
|
|
const char *, const char *);
|
|
int radius_get_mppe_send_key_attr(const RADIUS_PACKET *, void *,
|
|
size_t *, const char *);
|
|
int radius_put_mppe_send_key_attr(RADIUS_PACKET *,
|
|
const void *, size_t, const char *);
|
|
int radius_get_mppe_recv_key_attr(const RADIUS_PACKET *,
|
|
void *, size_t *, const char *);
|
|
int radius_put_mppe_recv_key_attr(RADIUS_PACKET *, const void *,
|
|
size_t, const char *);
|
|
|
|
int radius_get_eap_msk(const RADIUS_PACKET *, void *, size_t *,
|
|
const char *);
|
|
|
|
/* helpers */
|
|
RADIUS_PACKET *radius_recvfrom(int, int, struct sockaddr *, socklen_t *);
|
|
int radius_sendto(int, const RADIUS_PACKET *, int flags,
|
|
const struct sockaddr *, socklen_t);
|
|
RADIUS_PACKET *radius_recv(int, int);
|
|
int radius_send(int, const RADIUS_PACKET *, int);
|
|
RADIUS_PACKET *radius_recvmsg(int, struct msghdr *, int);
|
|
int radius_sendmsg(int, const RADIUS_PACKET *,
|
|
const struct msghdr *, int);
|
|
|
|
__END_DECLS
|
|
|
|
#endif
|