summaryrefslogtreecommitdiff
path: root/lib/radius/client.h
diff options
context:
space:
mode:
authorLuke Howard <lukeh@padl.com>2011-11-13 17:16:14 +1100
committerLuke Howard <lukeh@padl.com>2011-11-14 12:33:38 +1100
commita13cddc1331aa1f5e7dca7d1b44482951d2757bf (patch)
tree2d3b1d48a093af7408034c86d8d38b2c0129f404 /lib/radius/client.h
parent7ec93ff9e4d979e4bbcf33f9c90c94dc9d3cdba9 (diff)
port to new RADIUS client library
Diffstat (limited to 'lib/radius/client.h')
-rw-r--r--lib/radius/client.h202
1 files changed, 52 insertions, 150 deletions
diff --git a/lib/radius/client.h b/lib/radius/client.h
index 591884f..df9f834 100644
--- a/lib/radius/client.h
+++ b/lib/radius/client.h
@@ -29,6 +29,9 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* \brief Main header file.
*/
+#ifndef _RADIUS_CLIENT_H_
+#define _RADIUS_CLIENT_H_ 1
+
/*
* System-specific header files.
*/
@@ -42,10 +45,12 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include <netinet/in.h>
#include <sys/time.h>
+#include <radsec/radsec.h>
+
/*
* Definitions of attributes.
*/
-#include <networkradius-devel/radius.h>
+#include <radsec/radius.h>
/** \defgroup build Build Helpers
*
@@ -135,38 +140,38 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#endif
#ifdef WITHOUT_OPENSSL
-#ifndef NR_MD5_CTX
-#error NR_MD5_CTX must be defined
+#ifndef RS_MD5_CTX
+#error RS_MD5_CTX must be defined
#endif
-#ifndef nr_MD5Init
+#ifndef RS_MD5Init
#error n_rMD5Init must be defined
#endif
-#ifndef nr_MD5Update
-#error nr_MD5Updyae must be defined
+#ifndef RS_MD5Update
+#error RS_MD5Updyae must be defined
#endif
-#ifndef nr_MD5Final
-#error nr_MD5Final must be defined
+#ifndef RS_MD5Final
+#error RS_MD5Final must be defined
#endif
-#ifndef nr_MD5Transform
-#error nr_MD5Transform must be defined
+#ifndef RS_MD5Transform
+#error RS_MD5Transform must be defined
#endif
#else /* WITHOUT_OPENSSL */
#include <openssl/md5.h>
/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
-#define NR_MD5_CTX MD5_CTX
+#define RS_MD5_CTX MD5_CTX
/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
-#define nr_MD5Init MD5_Init
+#define RS_MD5Init MD5_Init
/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
-#define nr_MD5Update MD5_Update
+#define RS_MD5Update MD5_Update
/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
-#define nr_MD5Final MD5_Final
+#define RS_MD5Final MD5_Final
/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
-#define nr_MD5Transform MD5_Transform
+#define RS_MD5Transform MD5_Transform
#endif
-#ifndef NR_MAX_PACKET_LEN
+#ifndef RS_MAX_PACKET_LEN
/** The maximum size of a packet that the library will send or receive. \ingroup custom
*
* The RFC requirement is to handle at least 4K packets. However, if
@@ -176,144 +181,39 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* Be warned that any packets larger than this value will be ignored
* and silently discarded.
*/
-#define NR_MAX_PACKET_LEN (4096)
+#define RS_MAX_PACKET_LEN (4096)
#endif
-#ifndef NR_MAX_ATTRIBUTES
+#ifndef RS_MAX_ATTRIBUTES
/** The maximum number of attributes that the library will allow in a packet. \ingroup custom
*
- * Packets which contain more than ::NR_MAX_ATTRIBUTES will generate
+ * Packets which contain more than ::RS_MAX_ATTRIBUTES will generate
* an error. This value is configurable because there may be a need
* to accept a large mumber of attributes.
*
* This value is ignored when packets are sent. The library will
* send as many attributes as it is told to send.
*/
-#define NR_MAX_ATTRIBUTES (200)
+#define RS_MAX_ATTRIBUTES (200)
#endif
-#undef NR_MAX_PACKET_CODE
+#undef RS_MAX_PACKET_CODE
/** The maximum RADIUS_PACKET::code which we can accept. \ingroup dict
*
* \attention This should not be changed, as it is used by other
* structures such as ::nr_packet_codes.
*/
-#define NR_MAX_PACKET_CODE PW_COA_NAK
+#define RS_MAX_PACKET_CODE PW_COA_NAK
/** The maximum vendor number which is permitted. \ingroup dict
*
* The RFCs require that the Vendor Id or Private Enterprise Number
* be encoded as 32 bits, with the upper 8 bits being zero.
*/
-#define NR_MAX_VENDOR (1 << 24)
-
-/** The maximum length of a RADIUS attribute.
- *
- * The RFCs require that a RADIUS attribute transport no more than
- * 253 octets of data. We add an extra byte for a trailing NUL, so
- * that the VALUE_PAIR::vp_strvalue field can be handled as a C
- * string.
- */
-#define MAX_STRING_LEN (254)
+#define RS_MAX_VENDOR (1 << 24)
/** Data Type Definitions. \ingroup dict
*/
-typedef enum nr_attr_type_t {
- NR_TYPE_INVALID = 0, /**< Invalid data type */
- NR_TYPE_STRING, /**< printable-text */
- NR_TYPE_INTEGER, /**< a 32-bit unsigned integer */
- NR_TYPE_IPADDR, /**< an IPv4 address */
- NR_TYPE_DATE, /**< a 32-bit date, of seconds since January 1, 1970 */
- NR_TYPE_OCTETS, /**< a sequence of binary octets */
- NR_TYPE_IFID, /**< an Interface Id */
- NR_TYPE_IPV6ADDR, /**< an IPv6 address */
- NR_TYPE_IPV6PREFIX, /**< an IPv6 prefix */
- NR_TYPE_BYTE, /**< an 8-bit integer */
- NR_TYPE_SHORT, /**< a 16-bit integer */
-} nr_attr_type_t;
-
-#define PW_ACCESS_REQUEST 1
-#define PW_ACCESS_ACCEPT 2
-#define PW_ACCESS_REJECT 3
-#define PW_ACCOUNTING_REQUEST 4
-#define PW_ACCOUNTING_RESPONSE 5
-#define PW_ACCOUNTING_STATUS 6
-#define PW_PASSWORD_REQUEST 7
-#define PW_PASSWORD_ACK 8
-#define PW_PASSWORD_REJECT 9
-#define PW_ACCOUNTING_MESSAGE 10
-#define PW_ACCESS_CHALLENGE 11
-#define PW_STATUS_SERVER 12
-#define PW_STATUS_CLIENT 13
-#define PW_DISCONNECT_REQUEST 40
-#define PW_DISCONNECT_ACK 41
-#define PW_DISCONNECT_NAK 42
-#define PW_COA_REQUEST 43
-#define PW_COA_ACK 44
-#define PW_COA_NAK 45
-
-/** Error codes \ingroup error
- *
- * The numerical value of these definitions may change from version
- * to version of the library.
- */
-typedef enum nr_error_t {
- /** Invalid argument */
- NR_ERR_INVALID_ARG = 1,
- /** Insufficient data to decode the packet */
- NR_ERR_PACKET_TOO_SMALL,
- /** The packet header says it is larger than the received data */
- NR_ERR_PACKET_TOO_LARGE,
- /** the attribute overflows the packet */
- NR_ERR_ATTR_OVERFLOW,
- /** the attribute header "length" field is too small */
- NR_ERR_ATTR_TOO_SMALL,
- /** the attribute is more than 256 octets long */
- NR_ERR_ATTR_TOO_LARGE,
- /** the attribute is unknown */
- NR_ERR_ATTR_UNKNOWN,
- /** the attribute name is improperly formatted */
- NR_ERR_ATTR_BAD_NAME,
- /** the attribute value could not be parsed */
- NR_ERR_ATTR_VALUE_MALFORMED,
- /** the attribute "type" is invalid */
- NR_ERR_ATTR_INVALID,
- /** the packet has too many attributes */
- NR_ERR_TOO_MANY_ATTRS,
- /** the attribute has an unsupported data type */
- NR_ERR_ATTR_TYPE_UNKNOWN,
- /** the Message-Authenticator has the wrong length */
- NR_ERR_MSG_AUTH_LEN,
- /** the Message-Authenticator is wrong */
- NR_ERR_MSG_AUTH_WRONG,
- /** we need a request packet to calculate something in the response */
- NR_ERR_REQUEST_REQUIRED,
- /** the request code is unsupported */
- NR_ERR_REQUEST_CODE_INVALID,
- /** the Authentication Vector is wrong */
- NR_ERR_AUTH_VECTOR_WRONG,
- /** the response code is unsupported */
- NR_ERR_RESPONSE_CODE_INVALID,
- /** the response ID field is invalid */
- NR_ERR_RESPONSE_ID_INVALID,
- /** the response is not from the correct source IP/port */
- NR_ERR_RESPONSE_SRC_INVALID,
- /** Look at "errno" for the error */
- NR_ERR_SYSTEM,
- /** We cannot encode the packet because of invalid arguments */
- NR_ERR_NO_PACKET_DATA,
- /** the vendor is unknown */
- NR_ERR_VENDOR_UNKNOWN,
- /** an internal sanity check failed */
- NR_ERR_INTERNAL_FAILURE,
- /** the caller requested an unsupported featuer */
- NR_ERR_UNSUPPORTED,
- /** we were unable to allocate memory */
- NR_ERR_NO_MEM,
- /** Resource is in use */
- NR_ERR_IN_USE,
-} nr_error_t;
-
#define TAG_VALID(x) ((x) < 0x20)
/** The attribute is not encrypted. */
@@ -335,7 +235,7 @@ typedef enum nr_error_t {
typedef struct attr_flags {
unsigned int has_tag : 1; /**< Attribute has an RFC 2868 tag */
unsigned int unknown : 1; /**< Attribute is unknown */
-#ifdef NR_TYPE_TLV
+#ifdef RS_TYPE_TLV
unsigned int has_tlv : 1; /* has sub attributes */
unsigned int is_tlv : 1; /* is a sub attribute */
#endif
@@ -358,7 +258,7 @@ typedef struct attr_flags {
*/
typedef struct nr_dict_attr {
unsigned int attr; /**< Attribute number */
- nr_attr_type_t type; /**< Data type */
+ rs_attr_type_t type; /**< Data type */
unsigned int vendor; /**< Vendor-Id number */
ATTR_FLAGS flags;
const char *name; /**< Printable name */
@@ -392,21 +292,21 @@ typedef struct nr_dict_vendor {
*
*/
typedef union value_pair_data {
- char strvalue[MAX_STRING_LEN]; /* +1 for NUL */
+ char strvalue[RS_MAX_STRING_LEN]; /* +1 for NUL */
uint8_t octets[253];
struct in_addr ipaddr;
struct in6_addr ipv6addr;
uint32_t date;
uint32_t integer;
-#ifdef NR_TYPE_SIGNED
+#ifdef RS_TYPE_SIGNED
int32_t sinteger;
#endif
-#ifdef NR_TYPE_ABINARY
+#ifdef RS_TYPE_ABINARY
uint8_t filter[32];
#endif
uint8_t ifid[8]; /* struct? */
uint8_t ipv6prefix[18]; /* struct? */
-#ifdef NR_TYPE_TLV
+#ifdef RS_TYPE_TLV
uint8_t *tlv;
#endif
} VALUE_PAIR_DATA;
@@ -432,23 +332,23 @@ typedef struct value_pair {
#define vp_ipaddr data.ipaddr.s_addr
#define vp_date data.integer
#define vp_integer data.integer
-#ifdef NR_TYPE_ABINARY
+#ifdef RS_TYPE_ABINARY
#define vp_filter data.filter
#endif
-#ifdef NR_TYPE_ETHER
+#ifdef RS_TYPE_ETHER
#define vp_ether data.ether
#endif
-#ifdef NR_TYPE_SIGNED
+#ifdef RS_TYPE_SIGNED
#define vp_signed data.sinteger
#endif
-#ifdef NR_TYPE_TLV
+#ifdef RS_TYPE_TLV
#define vp_tlv data.tlv
#endif
-#ifdef NR_TYPE_TLV
-#define NR_ATTR_MAX_TLV (4)
-extern const int nr_attr_shift[NR_ATTR_MAX_TLV];
-extern const int nr_attr_mask[NR_ATTR_MAX_TLV];
+#ifdef RS_TYPE_TLV
+#define RS_ATTR_MAX_TLV (4)
+extern const int nr_attr_shift[RS_ATTR_MAX_TLV];
+extern const int nr_attr_mask[RS_ATTR_MAX_TLV];
extern const unsigned int nr_attr_max_tlv;
#endif
@@ -474,12 +374,12 @@ typedef struct radius_packet {
VALUE_PAIR *vps; /**< linked list of ::VALUE_PAIR */
} RADIUS_PACKET;
-#define NR_PACKET_ENCODED (1 << 0)
-#define NR_PACKET_HEADER (1 << 1)
-#define NR_PACKET_SIGNED (1 << 2)
-#define NR_PACKET_OK (1 << 3)
-#define NR_PACKET_VERIFIED (1 << 4)
-#define NR_PACKET_DECODED (1 << 5)
+#define RS_PACKET_ENCODED (1 << 0)
+#define RS_PACKET_HEADER (1 << 1)
+#define RS_PACKET_SIGNED (1 << 2)
+#define RS_PACKET_OK (1 << 3)
+#define RS_PACKET_VERIFIED (1 << 4)
+#define RS_PACKET_DECODED (1 << 5)
/** Track packets sent to a server. \ingroup id
@@ -634,7 +534,7 @@ extern VALUE_PAIR *nr_vps_find(VALUE_PAIR *head,
* packet.
*
* \attention There is usually no need to call this function. Use
- * the NR_DA_* definitions instead.
+ * the RS_DA_* definitions instead.
*
* @param[in] attr Value of the attribute
* @param[in] vendor Value of the vendor
@@ -773,7 +673,7 @@ extern const DICT_ATTR const *nr_dict_attr_names[];
* application. Packet codes which are not handled by the library
* have NULL for their names.
*/
-extern const char *nr_packet_codes[NR_MAX_PACKET_CODE + 1];
+extern const char *nr_packet_codes[RS_MAX_PACKET_CODE + 1];
/** Verifies that a packet is "well formed". \ingroup packet
*
@@ -1406,3 +1306,5 @@ extern ssize_t nr_vp_sscanf_value(VALUE_PAIR *vp, const char *value);
*/
# define BLANK_FORMAT ""
#endif
+
+#endif /* _RADIUS_CLIENT_H_ */