Merge libradsec-new-client.

6 files changed, 504 insertions, 0 deletions

diff --git a/lib/radius/examples/Makefile b/lib/radius/examples/Makefile
new file mode 100644
index 0000000..f39c343
--- /dev/null
+++ b/lib/radius/examples/Makefile
@@ -0,0 +1,54 @@
+#
+#  GNU Makefile
+#
+.PHONY: all clean install
+
+SRCS = example_1.c example_2.c example_3.c example_4.c
+
+OBJS 	 := ${SRCS:.c=.o}
+PROGRAMS := ${SRCS:.c=}
+
+all: ${PROGRAMS}
+
+HEADERS		:= ../client.h ../radius.h
+
+${OBJS}: ${HEADERS}
+
+$(info ${PROGRAMS} ${OBJS})
+
+${PROGRAMS}: ../libnetworkradius-client.a
+
+
+%.o : %.c
+	$(CC) $(CFLAGS) -I.. -I. -c $<
+
+%.o: ${HEADERS}
+
+LDFLAGS = -L.. -lnetworkradius-client -lcrypto -lssl
+CFLAGS  = -I..
+
+../libnetworkradius-client.a:
+	@${MAKE} -C .. libnetworkradius-client.a
+
+radsample.o: radsample.c ${HEADERS} nr_vp_create.c nr_packet_send.c
+
+#radsample: radsample.o ../libnetworkradius-client.a
+#	${CC} ${LFDLAGS} ${LIBS} -o $@ $^
+
+sample_chap.o: sample_chap.c ${HEADERS}
+
+sample_chap: sample_chap.o ../libnetworkradius-client.a
+	${CC} ${LFDLAGS} ${LIBS} -o $@ $^
+
+radsample2.o: radsample2.c ${HEADERS} nr_vp_create.c
+
+radsample2: radsample2.o ../libnetworkradius-client.a
+	${CC} ${LFDLAGS} ${LIBS} -o $@ $^
+
+radsample3.o: radsample3.c ${HEADERS} nr_transmit.c nr_server_t.c nr_vp_create.c
+
+radsample3: radsample3.o ../libnetworkradius-client.a
+	${CC} ${LFDLAGS} ${LIBS} -o $@ $^
+
+clean:
+	@rm -rf *.o *.a *~
diff --git a/lib/radius/examples/example_1.c b/lib/radius/examples/example_1.c
new file mode 100644
index 0000000..265c880
--- /dev/null
+++ b/lib/radius/examples/example_1.c
@@ -0,0 +1,86 @@
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+    * Neither the name of the <organization> nor the
+      names of its contributors may be used to endorse or promote products
+      derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <networkradius-devel/client.h>
+
+/** \file example_1.c
+ *  \brief Sample code to initialize a RADIUS packet.
+ *
+ *  This example initializes a packet, and then adds User-Name and
+ *  User-Password to it.  The resulting packet is then printed to the
+ *  standard output.
+ */
+
+static const char *secret = "testing123";
+static uint8_t request_buffer[RS_MAX_PACKET_LEN];
+static uint8_t response_buffer[RS_MAX_PACKET_LEN];
+static RADIUS_PACKET request, response;
+
+int main(int argc, const char *argv[])
+{
+	ssize_t rcode;
+	const char *user = "bob";
+	const char *password = "password";
+
+	rcode = nr_packet_init(&request, NULL, secret, PW_ACCESS_REQUEST,
+			       request_buffer, sizeof(request_buffer));
+	if (rcode < 0) {
+	error:
+		fprintf(stderr, "Error: %s\n", nr_strerror(rcode));
+		return 1;
+	}
+
+	if (argc > 1) user = argv[1];
+	if (argc > 2) password = argv[2];
+
+	rcode = nr_packet_attr_append(&request, NULL,
+				      RS_DA_USER_NAME,
+				      user, 0);
+	if (rcode < 0) goto error;
+	
+	rcode = nr_packet_attr_append(&request, NULL,
+				      RS_DA_USER_PASSWORD,
+				      password, 0);
+	if (rcode < 0) goto error;
+
+	/*
+	 *	ALWAYS call nr_packet_sign() before sending the packet
+	 *	to anyone else!
+	 */
+	rcode = nr_packet_sign(&request, NULL);
+	if (rcode < 0) goto error;
+
+	nr_packet_print_hex(&request);
+
+	rcode = nr_packet_decode(&request, NULL);
+	if (rcode < 0) goto error;
+
+	nr_vp_fprintf_list(stdout, request.vps);
+	nr_vp_free(&request.vps);
+
+	return 0;
+}
diff --git a/lib/radius/examples/example_2.c b/lib/radius/examples/example_2.c
new file mode 100644
index 0000000..0a58523
--- /dev/null
+++ b/lib/radius/examples/example_2.c
@@ -0,0 +1,86 @@
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+    * Neither the name of the <organization> nor the
+      names of its contributors may be used to endorse or promote products
+      derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <networkradius-devel/client.h>
+
+/** \file example_2.c
+ *  \brief Sample code to initialize a RADIUS packet.
+ *
+ *  This example initializes a packet, and then adds User-Name and
+ *  CHAP-Password to it.  The resulting packet is then printed to the
+ *  standard output.
+ */
+
+static const char *secret = "testing123";
+static uint8_t request_buffer[RS_MAX_PACKET_LEN];
+static uint8_t response_buffer[RS_MAX_PACKET_LEN];
+static RADIUS_PACKET request, response;
+
+int main(int argc, const char *argv[])
+{
+	int rcode;
+	const char *user = "bob";
+	const char *password = "password";
+
+	rcode = nr_packet_init(&request, NULL, secret, PW_ACCESS_REQUEST,
+			       request_buffer, sizeof(request_buffer));
+	if (rcode < 0) {
+	error:
+		fprintf(stderr, "Error: %s\n", nr_strerror(rcode));
+		return 1;
+	}
+
+	if (argc > 1) user = argv[1];
+	if (argc > 2) password = argv[2];
+
+	rcode = nr_packet_attr_append(&request, NULL,
+				      RS_DA_USER_NAME,
+				      user, 0);
+	if (rcode < 0) goto error;
+	
+	rcode = nr_packet_attr_append(&request, NULL,
+				      RS_DA_CHAP_PASSWORD,
+				      password, strlen(password));
+	if (rcode < 0) goto error;
+
+	/*
+	 *	ALWAYS call nr_packet_sign() before sending the packet
+	 *	to anyone else!
+	 */
+	rcode = nr_packet_sign(&request, NULL);
+	if (rcode < 0) goto error;
+
+	nr_packet_print_hex(&request);
+
+	rcode = nr_packet_decode(&request, NULL);
+	if (rcode < 0) goto error;
+
+	nr_vp_fprintf_list(stdout, request.vps);
+	nr_vp_free(&request.vps);
+
+	return 0;
+}
diff --git a/lib/radius/examples/example_3.c b/lib/radius/examples/example_3.c
new file mode 100644
index 0000000..33fc671
--- /dev/null
+++ b/lib/radius/examples/example_3.c
@@ -0,0 +1,123 @@
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+    * Neither the name of the <organization> nor the
+      names of its contributors may be used to endorse or promote products
+      derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <networkradius-devel/client.h>
+
+/** \file example_3.c
+ *  \brief Sample code to initialize a RADIUS packet and a response to it.
+ *
+ *  This example initializes a packet, and then adds User-Name and
+ *  User-Password to it.  The resulting packet is then printed to the
+ *  standard output.
+ *
+ *  As a next step, it then creates the response, and prints that,
+ *  too.
+ */
+
+static const char *secret = "testing123";
+static uint8_t request_buffer[RS_MAX_PACKET_LEN];
+static uint8_t response_buffer[RS_MAX_PACKET_LEN];
+static RADIUS_PACKET request, response;
+
+int main(int argc, const char *argv[])
+{
+	int rcode;
+	const char *user = "bob";
+	const char *password = "password";
+
+	rcode = nr_packet_init(&request, NULL, secret, PW_ACCESS_REQUEST,
+			       request_buffer, sizeof(request_buffer));
+	if (rcode < 0) {
+	error:
+		fprintf(stderr, "Error :%s\n",  nr_strerror(rcode));
+		return 1;
+	}
+
+	if (argc > 1) user = argv[1];
+	if (argc > 2) password = argv[2];
+
+	rcode = nr_packet_attr_append(&request, NULL,
+				      RS_DA_USER_NAME,
+				      user, 0);
+	if (rcode < 0) goto error;
+	
+	rcode = nr_packet_attr_append(&request, NULL,
+				      RS_DA_USER_PASSWORD,
+				      password, 0);
+	if (rcode < 0) goto error;
+
+	/*
+	 *	ALWAYS call nr_packet_sign() before sending the packet
+	 *	to anyone else!
+	 */
+	rcode = nr_packet_sign(&request, NULL);
+	if (rcode < 0) goto error;
+
+	nr_packet_print_hex(&request);
+
+	rcode = nr_packet_init(&response, &request, secret, PW_ACCESS_ACCEPT,
+			       response_buffer, sizeof(response_buffer));
+	if (rcode < 0) goto error;
+
+	rcode = nr_packet_attr_append(&response, &request,
+				      RS_DA_REPLY_MESSAGE,
+				      "Success!", 0);
+	if (rcode < 0) goto error;
+
+	rcode = nr_packet_attr_append(&response, &request,
+				      RS_DA_TUNNEL_PASSWORD,
+				      password, 0);
+	if (rcode < 0) goto error;
+	rcode = nr_packet_sign(&response, &request);
+	if (rcode < 0) goto error;
+
+	nr_packet_print_hex(&response);
+
+	/*
+	 *	Check that the response is well-formed.  The
+	 *	nr_packet_verify() function also calls nr_packet_ok().
+	 *	However, it is sometimes useful to separate "malformed
+	 *	packet" errors from "packet is not a response to a
+	 *	reqeust" errors.
+	 */
+	rcode = nr_packet_ok(&response);
+	if (rcode < 0) goto error;
+
+	/*
+	 *	Double-check the signature of the response.
+	 */
+	rcode = nr_packet_verify(&response, &request);
+	if (rcode < 0) goto error;
+
+	rcode = nr_packet_decode(&response, &request);
+	if (rcode < 0) goto error;
+
+	nr_vp_fprintf_list(stdout, response.vps);
+	nr_vp_free(&response.vps);
+
+	return 0;
+}
diff --git a/lib/radius/examples/example_4.c b/lib/radius/examples/example_4.c
new file mode 100644
index 0000000..2dadc89
--- /dev/null
+++ b/lib/radius/examples/example_4.c
@@ -0,0 +1,94 @@
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+    * Neither the name of the <organization> nor the
+      names of its contributors may be used to endorse or promote products
+      derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <networkradius-devel/client.h>
+
+/** \file example_4.c
+ *  \brief Allocate and manage multiple packets.
+ */
+
+static const char *secret = "testing123";
+static nr_server_t server;
+
+int main(int argc, const char *argv[])
+{
+	int rcode;
+	const char *user = "bob";
+	const char *password = "password";
+
+	rcode = nr_packet_init(&request, NULL, secret, PW_ACCESS_REQUEST,
+			       request_buffer, sizeof(request_buffer));
+	if (rcode < 0) {
+	error:
+		fprintf(stderr, "Error :%s\n",  nr_strerror(rcode));
+		return 1;
+	}
+
+	if (argc > 1) user = argv[1];
+	if (argc > 2) password = argv[2];
+
+	rcode = nr_packet_attr_append(&request, NULL,
+				      RS_DA_USER_NAME,
+				      user, 0);
+	if (rcode < 0) goto error;
+	
+	rcode = nr_packet_attr_append(&request, NULL,
+				      RS_DA_USER_PASSWORD,
+				      password, 0);
+	if (rcode < 0) goto error;
+
+	/*
+	 *	ALWAYS call nr_packet_sign() before sending the packet
+	 *	to anyone else!
+	 */
+	rcode = nr_packet_sign(&request, NULL);
+	if (rcode < 0) goto error;
+
+	nr_packet_print_hex(&request);
+
+	rcode = nr_packet_init(&response, &request, secret, PW_ACCESS_ACCEPT,
+			       response_buffer, sizeof(response_buffer));
+	if (rcode < 0) goto error;
+
+	rcode = nr_packet_attr_append(&response, &request,
+				      RS_DA_REPLY_MESSAGE,
+				      "Success!", 0);
+	if (rcode < 0) goto error;
+
+	rcode = nr_packet_sign(&response, &request);
+	if (rcode < 0) goto error;
+
+	nr_packet_print_hex(&response);
+
+	/*
+	 *	Double-check the signature of the response.
+	 */
+	rcode = nr_packet_verify(&response, &request);
+	if (rcode < 0) goto error;
+
+	return 0;
+}
diff --git a/lib/radius/examples/nr_vp_create.c b/lib/radius/examples/nr_vp_create.c
new file mode 100644
index 0000000..bd04f17
--- /dev/null
+++ b/lib/radius/examples/nr_vp_create.c
@@ -0,0 +1,61 @@
+/*
+ * The person or persons who have associated work with this document
+ * (the "Dedicator" or "Certifier") hereby either (a) certifies that,
+ * to the best of his knowledge, the work of authorship identified is
+ * in the public domain of the country from which the work is
+ * published, or (b) hereby dedicates whatever copyright the
+ * dedicators holds in the work of authorship identified below (the
+ * "Work") to the public domain. A certifier, moreover, dedicates any
+ * copyright interest he may have in the associated work, and for
+ * these purposes, is described as a "dedicator" below.
+ *
+ * A certifier has taken reasonable steps to verify the copyright
+ * status of this work. Certifier recognizes that his good faith
+ * efforts may not shield him from liability if in fact the work
+ * certified is not in the public domain.
+ *
+ * Dedicator makes this dedication for the benefit of the public at
+ * large and to the detriment of the Dedicator's heirs and
+ * successors. Dedicator intends this dedication to be an overt act of
+ * relinquishment in perpetuity of all present and future rights under
+ * copyright law, whether vested or contingent, in the Work. Dedicator
+ * understands that such relinquishment of all rights includes the
+ * relinquishment of all rights to enforce (by lawsuit or otherwise)
+ * those copyrights in the Work.
+ *
+ * Dedicator recognizes that, once placed in the public domain, the
+ * Work may be freely reproduced, distributed, transmitted, used,
+ * modified, built upon, or otherwise exploited by anyone for any
+ * purpose, commercial or non-commercial, and in any way, including by
+ * methods that have not yet been invented or conceived.
+ */
+
+static VALUE_PAIR *example_nr_vp_create(void)
+{
+	VALUE_PAIR *vp;
+	VALUE_PAIR *head = NULL;
+
+	/*
+	 *	Create the request contents.
+	 */
+	vp = nr_vp_create(PW_USER_NAME, 0, "bob", 4);
+	if (!vp) {
+		fprintf(stderr, "User-Name: %s\n", nr_strerror(0));
+		exit(1);
+	}
+	nr_vps_append(&head, vp);
+
+	/*
+	 *	The User-Password attribute is automatically encrypted
+	 *	when being placed in the packet.  This version stays
+	 *	untouched, and should be "plain text".
+	 */
+	vp = nr_vp_create(PW_USER_PASSWORD, 0, "hello", 6);
+	if (!vp) {
+		fprintf(stderr, "User-Password: %s\n", nr_strerror(0));
+		exit(1);
+	}
+	nr_vps_append(&head, vp);
+
+	return head;
+}