summaryrefslogtreecommitdiff
path: root/lib/radius
diff options
context:
space:
mode:
Diffstat (limited to 'lib/radius')
-rw-r--r--lib/radius/.gitignore1
-rw-r--r--lib/radius/Makefile68
-rw-r--r--lib/radius/Makefile.am37
-rw-r--r--lib/radius/attrs.c214
-rw-r--r--lib/radius/client.h202
-rw-r--r--lib/radius/common.pl2
-rwxr-xr-xlib/radius/convert.pl4
-rw-r--r--lib/radius/crypto.c88
-rw-r--r--lib/radius/custom.c2
-rw-r--r--lib/radius/dict.c12
-rw-r--r--lib/radius/dictionaries.c1515
-rw-r--r--lib/radius/examples/example_1.c8
-rw-r--r--lib/radius/examples/example_2.c8
-rw-r--r--lib/radius/examples/example_3.c12
-rw-r--r--lib/radius/examples/example_4.c6
-rw-r--r--lib/radius/id.c36
-rw-r--r--lib/radius/packet.c154
-rw-r--r--lib/radius/parse.c38
-rw-r--r--lib/radius/print.c71
-rw-r--r--lib/radius/radius.h314
-rw-r--r--lib/radius/share/dictionary.ukerna19
-rw-r--r--lib/radius/static.c2
-rw-r--r--lib/radius/valuepair.c24
23 files changed, 427 insertions, 2410 deletions
diff --git a/lib/radius/.gitignore b/lib/radius/.gitignore
new file mode 100644
index 0000000..1af03df
--- /dev/null
+++ b/lib/radius/.gitignore
@@ -0,0 +1 @@
+dictionaries.c
diff --git a/lib/radius/Makefile b/lib/radius/Makefile
deleted file mode 100644
index 63eff89..0000000
--- a/lib/radius/Makefile
+++ /dev/null
@@ -1,68 +0,0 @@
-#
-# GNU Makefile
-#
-.PHONY: all clean install
-all: libnetworkradius-client.a
-
-SRCS := dict.c attrs.c packet.c valuepair.c static.c id.c \
- crypto.c custom.c print.c parse.c
-
-OBJS := ${SRCS:.c=.o}
-
-HEADERS := client.h radius.h
-
-CFLAGS := -I. -g -Wall -Wshadow -Wpointer-arith -Wcast-qual -Wcast-align -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -W -Wredundant-decls -Wundef
-
-VERSION := 1.0
-NAME := networkradius-client-$(VERSION)
-
-
-#
-# The DICTIONARIES variable can be used to point to the FreeRADIUS
-# dictionaries.
-#
-ifeq "${DICTIONARIES}" ""
-DICTIONARIES := $(filter-out %~,$(wildcard share/dictionary*))
-endif
-
-${OBJS}: ${HEADERS}
-
-radius.h dictionaries.c: ${DICTIONARIES} convert.pl common.pl
- ./convert.pl ${DICTIONARIES}
-
-static.o: static.c dictionaries.c
-
-%.o : %.c
- $(CC) $(CFLAGS) -c $<
-
-%.o: ${HEADERS}
-
-.PHONY: networkradius-devel
-networkradius-devel:
- @[ -e $@ ] || ln -s . $@
-
-libnetworkradius-client.a: ${OBJS}
- ${AR} ${ARFLAGS} $@ $^
-
-LIBS := -lcrypto -lssl
-LDFLAGS = -L. -lnetworkradius-client
-
-.PHONY: html
-html:
- doxygen doxygen.conf
-
-clean:
- @rm -rf *.o *.a *~ html
-
-install: libnetworkradius-client.a
-
-.PHONY: publish
-publish:
- @scp -r html/* networkradius.com@liberty:www.new/site/clientapi/
-
-$(NAME).tar.gz: $(wildcard Makefile *.pl *.txt *.[ch] \
- examples/*.[ch] doc/*.txt share/dictionary*)
- git archive --format=tar --prefix=$(NAME)/ bsd | gzip > $@
-
-.PHONY: tar
-tar: $(NAME).tar.gz
diff --git a/lib/radius/Makefile.am b/lib/radius/Makefile.am
new file mode 100644
index 0000000..1b66ca6
--- /dev/null
+++ b/lib/radius/Makefile.am
@@ -0,0 +1,37 @@
+AUTOMAKE_OPTIONS = foreign
+ACLOCAL_AMFLAGS = -I m4
+
+INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)
+AM_CFLAGS = -Wall -g
+
+noinst_LTLIBRARIES = libradsec-radius.la
+
+libradsec_radius_la_SOURCES = \
+ attrs.c \
+ crypto.c \
+ custom.c \
+ dict.c \
+ id.c \
+ packet.c \
+ parse.c \
+ print.c \
+ static.c \
+ valuepair.c
+
+libradsec_radius_la_CFLAGS = $(AM_CFLAGS)
+
+DICTIONARIES = \
+ share/dictionary.txt \
+ share/dictionary.microsoft \
+ share/dictionary.ukerna
+
+$(top_srcdir)/include/radsec/radius.h dictionaries.c: ${DICTIONARIES} convert.pl common.pl
+ $(srcdir)/convert.pl ${DICTIONARIES}
+
+static.$(OBJEXT): static.c dictionaries.c
+
+clean-local:
+ rm -f dictionaries.c
+
+$(libradsec_radius_la_SOURCES): $(top_srcdir)/include/radsec/radius.h
+
diff --git a/lib/radius/attrs.c b/lib/radius/attrs.c
index 4fd2bf4..d096cc2 100644
--- a/lib/radius/attrs.c
+++ b/lib/radius/attrs.c
@@ -29,7 +29,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* \brief Attribute encoding and decoding routines.
*/
-#include <networkradius-devel/client.h>
+#include "client.h"
/*
* Encodes the data portion of an attribute.
@@ -48,7 +48,7 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet,
uint8_t array[4];
const VALUE_PAIR *vp = *pvp;
-#ifdef NR_TYPE_TLV
+#ifdef RS_TYPE_TLV
/*
* See if we need to encode a TLV. The low portion of
* the attribute has already been placed into the packer.
@@ -73,41 +73,41 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet,
len = vp->length;
switch(vp->da->type) {
- case NR_TYPE_IPV6PREFIX:
+ case RS_TYPE_IPV6PREFIX:
len = sizeof(vp->vp_ipv6prefix);
break;
- case NR_TYPE_STRING:
- case NR_TYPE_OCTETS:
- case NR_TYPE_IFID:
- case NR_TYPE_IPV6ADDR:
-#ifdef NR_TYPE_ABINARY
- case NR_TYPE_ABINARY:
+ case RS_TYPE_STRING:
+ case RS_TYPE_OCTETS:
+ case RS_TYPE_IFID:
+ case RS_TYPE_IPV6ADDR:
+#ifdef RS_TYPE_ABINARY
+ case RS_TYPE_ABINARY:
#endif
/* nothing more to do */
break;
- case NR_TYPE_BYTE:
+ case RS_TYPE_BYTE:
len = 1; /* just in case */
array[0] = vp->vp_integer & 0xff;
data = array;
break;
- case NR_TYPE_SHORT:
+ case RS_TYPE_SHORT:
len = 2; /* just in case */
array[0] = (vp->vp_integer >> 8) & 0xff;
array[1] = vp->vp_integer & 0xff;
data = array;
break;
- case NR_TYPE_INTEGER:
+ case RS_TYPE_INTEGER:
len = 4; /* just in case */
lvalue = htonl(vp->vp_integer);
memcpy(array, &lvalue, sizeof(lvalue));
data = array;
break;
- case NR_TYPE_IPADDR:
+ case RS_TYPE_IPADDR:
data = (const uint8_t *) &vp->vp_ipaddr;
len = 4; /* just in case */
break;
@@ -115,14 +115,14 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet,
/*
* There are no tagged date attributes.
*/
- case NR_TYPE_DATE:
+ case RS_TYPE_DATE:
lvalue = htonl(vp->vp_date);
data = (const uint8_t *) &lvalue;
len = 4; /* just in case */
break;
#ifdef VENDORPEC_WIMAX
- case NR_TYPE_SIGNED:
+ case RS_TYPE_SIGNED:
{
int32_t slvalue;
@@ -133,12 +133,12 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet,
}
#endif
-#ifdef NR_TYPE_TLV
- case NR_TYPE_TLV:
+#ifdef RS_TYPE_TLV
+ case RS_TYPE_TLV:
data = vp->vp_tlv;
if (!data) {
nr_debug_error("ERROR: Cannot encode NULL TLV");
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
len = vp->length;
break;
@@ -146,7 +146,7 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet,
default: /* unknown type: ignore it */
nr_debug_error("ERROR: Unknown attribute type %d", vp->da->type);
- return -NR_ERR_ATTR_TYPE_UNKNOWN;
+ return -RSE_ATTR_TYPE_UNKNOWN;
}
/*
@@ -194,7 +194,7 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet,
default:
if (!original) {
nr_debug_error("ERROR: No request packet, cannot encrypt %s attribute in the vp.", vp->da->name);
- return -NR_ERR_REQUEST_REQUIRED;
+ return -RSE_REQUEST_REQUIRED;
}
if (lvalue) ptr[0] = vp->tag;
@@ -230,11 +230,11 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet,
default:
if (vp->da->flags.has_tag && TAG_VALID(vp->tag)) {
- if (vp->da->type == NR_TYPE_STRING) {
+ if (vp->da->type == RS_TYPE_STRING) {
if (len > ((ssize_t) (room - 1))) len = room - 1;
ptr[0] = vp->tag;
ptr++;
- } else if (vp->da->type == NR_TYPE_INTEGER) {
+ } else if (vp->da->type == RS_TYPE_INTEGER) {
array[0] = vp->tag;
} /* else it can't be any other type */
}
@@ -300,7 +300,7 @@ static ssize_t vp2attr_vsa(const RADIUS_PACKET *packet,
dv = nr_dict_vendor_byvalue(vendor);
if (!dv ||
(
-#ifdef NR_TYPE_TLV
+#ifdef RS_TYPE_TLV
!(*pvp)->flags.is_tlv &&
#endif
(dv->type == 1) && (dv->length == 1))) {
@@ -308,7 +308,7 @@ static ssize_t vp2attr_vsa(const RADIUS_PACKET *packet,
attribute, ptr, room);
}
-#ifdef NR_TYPE_TLV
+#ifdef RS_TYPE_TLV
if ((*pvp)->flags.is_tlv) {
return data2vp_tlvs(packet, original, 0, pvp,
ptr, room);
@@ -319,7 +319,7 @@ static ssize_t vp2attr_vsa(const RADIUS_PACKET *packet,
default:
nr_debug_error("vp2attr_vsa: Internal sanity check failed,"
" type %u", (unsigned) dv->type);
- return -NR_ERR_INTERNAL_FAILURE;
+ return -RSE_INTERNAL;
case 4:
ptr[0] = 0; /* attr must be 24-bit */
@@ -342,7 +342,7 @@ static ssize_t vp2attr_vsa(const RADIUS_PACKET *packet,
default:
nr_debug_error("vp2attr_vsa: Internal sanity check failed,"
" length %u", (unsigned) dv->length);
- return -NR_ERR_INTERNAL_FAILURE;
+ return -RSE_INTERNAL;
case 0:
break;
@@ -392,9 +392,9 @@ ssize_t nr_vp2vsa(const RADIUS_PACKET *packet, const RADIUS_PACKET *original,
}
#endif
- if (vp->da->vendor > NR_MAX_VENDOR) {
+ if (vp->da->vendor > RS_MAX_VENDOR) {
nr_debug_error("nr_vp2vsa: Invalid arguments");
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
/*
@@ -440,17 +440,17 @@ ssize_t nr_vp2rfc(const RADIUS_PACKET *packet,
if (vp->da->vendor != 0) {
nr_debug_error("nr_vp2rfc called with VSA");
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
if ((vp->da->attr == 0) || (vp->da->attr > 255)) {
nr_debug_error("nr_vp2rfc called with non-standard attribute %u", vp->da->attr);
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
#ifdef PW_CHARGEABLE_USER_IDENTITY
if ((vp->length == 0) &&
- (vp->da != NR_DA_CHARGEABLE_USER_IDENTITY)) {
+ (vp->da != RS_DA_CHARGEABLE_USER_IDENTITY)) {
*pvp = vp->next;
return 0;
}
@@ -471,10 +471,10 @@ static ssize_t nr_chap2rfc(const RADIUS_PACKET *packet,
{
ssize_t rcode;
const VALUE_PAIR *vp = *pvp;
- NR_MD5_CTX ctx;
- uint8_t buffer[MAX_STRING_LEN*2 + 1], *p;
+ RS_MD5_CTX ctx;
+ uint8_t buffer[RS_MAX_STRING_LEN*2 + 1], *p;
VALUE_PAIR chap = {
- NR_DA_CHAP_PASSWORD,
+ RS_DA_CHAP_PASSWORD,
17,
0,
NULL,
@@ -485,9 +485,9 @@ static ssize_t nr_chap2rfc(const RADIUS_PACKET *packet,
},
};
- if ((vp->da->vendor != 0) || (vp->da != NR_DA_CHAP_PASSWORD)) {
+ if ((vp->da->vendor != 0) || (vp->da != RS_DA_CHAP_PASSWORD)) {
nr_debug_error("nr_chap2rfc called with non-CHAP");
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
p = buffer;
@@ -505,9 +505,9 @@ static ssize_t nr_chap2rfc(const RADIUS_PACKET *packet,
p += sizeof(packet->vector);
}
- nr_MD5Init(&ctx);
- nr_MD5Update(&ctx, buffer, p - buffer);
- nr_MD5Final(&chap.vp_octets[1], &ctx);
+ RS_MD5Init(&ctx);
+ RS_MD5Update(&ctx, buffer, p - buffer);
+ RS_MD5Final(&chap.vp_octets[1], &ctx);
chap.vp_octets[0] = buffer[0];
vp = &chap;
@@ -531,7 +531,7 @@ static ssize_t nr_chap2rfc(const RADIUS_PACKET *packet,
* instead use this one, which has the correct length and data.
*/
static const VALUE_PAIR fake_ma = {
- NR_DA_MESSAGE_AUTHENTICATOR,
+ RS_DA_MESSAGE_AUTHENTICATOR,
16,
0,
NULL,
@@ -557,7 +557,7 @@ ssize_t nr_vp2attr(const RADIUS_PACKET *packet, const RADIUS_PACKET *original,
*/
if (vp->da->vendor != 0) {
#ifdef VENDORPEC_EXTENDED
- if (vp->da->vendor > NR_MAX_VENDOR) {
+ if (vp->da->vendor > RS_MAX_VENDOR) {
return nr_vp2attr_extended(packet, original,
pvp, start, room);
@@ -575,7 +575,7 @@ ssize_t nr_vp2attr(const RADIUS_PACKET *packet, const RADIUS_PACKET *original,
return nr_vp2vsa(packet, original, pvp, start, room);
#else
nr_debug_error("VSAs are not supported");
- return -NR_ERR_UNSUPPORTED;
+ return -RSE_UNSUPPORTED;
#endif
}
@@ -593,7 +593,7 @@ ssize_t nr_vp2attr(const RADIUS_PACKET *packet, const RADIUS_PACKET *original,
* know how to calculate it, or what the correct values
* are. So... create one for him.
*/
- if (vp->da == NR_DA_MESSAGE_AUTHENTICATOR) {
+ if (vp->da == RS_DA_MESSAGE_AUTHENTICATOR) {
ssize_t rcode;
vp = &fake_ma;
@@ -610,7 +610,7 @@ ssize_t nr_vp2attr(const RADIUS_PACKET *packet, const RADIUS_PACKET *original,
* to calculate it, or what the correct values are. To
* help, we calculate it for him.
*/
- if (vp->da == NR_DA_CHAP_PASSWORD) {
+ if (vp->da == RS_DA_CHAP_PASSWORD) {
int encoded = 0;
/*
@@ -667,10 +667,10 @@ static ssize_t data2vp_raw(UNUSED const RADIUS_PACKET *packet,
{
VALUE_PAIR *vp;
- if (length > sizeof(vp->vp_octets)) return -NR_ERR_ATTR_OVERFLOW;
+ if (length > sizeof(vp->vp_octets)) return -RSE_ATTR_OVERFLOW;
vp = nr_vp_alloc_raw(attribute, vendor);
- if (!vp) return -NR_ERR_NO_MEM;
+ if (!vp) return -RSE_NOMEM;
memcpy(vp->vp_octets, data, length);
vp->length = length;
@@ -685,9 +685,9 @@ ssize_t nr_attr2vp_raw(const RADIUS_PACKET *packet,
VALUE_PAIR **pvp)
{
- if (length < 2) return -NR_ERR_PACKET_TOO_SMALL;
- if (data[1] < 2) return -NR_ERR_ATTR_TOO_SMALL;
- if (data[1] > length) return -NR_ERR_ATTR_OVERFLOW;
+ if (length < 2) return -RSE_PACKET_TOO_SMALL;
+ if (data[1] < 2) return -RSE_ATTR_TOO_SMALL;
+ if (data[1] > length) return -RSE_ATTR_OVERFLOW;
return data2vp_raw(packet, original, data[0], 0,
data + 2, data[1] - 2, pvp);
@@ -741,12 +741,12 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet,
attribute, vendor, data, length, pvp);
}
-#ifdef NR_TYPE_TLV
+#ifdef RS_TYPE_TLV
/*
* TLVs are handled first. They can't be tagged, and
* they can't be encrypted.
*/
- if (da->da->type == NR_TYPE_TLV) {
+ if (da->da->type == RS_TYPE_TLV) {
return data2vp_tlvs(packet, original,
attribute, vendor, nest,
data, length, pvp);
@@ -761,7 +761,7 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet,
* out of memory.
*/
vp = nr_vp_alloc(da);
- if (!vp) return -NR_ERR_NO_MEM;
+ if (!vp) return -RSE_NOMEM;
/*
* Handle tags.
@@ -778,8 +778,8 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet,
*/
vp->tag = data[0];
- if ((vp->da->type == NR_TYPE_STRING) ||
- (vp->da->type == NR_TYPE_OCTETS)) {
+ if ((vp->da->type == RS_TYPE_STRING) ||
+ (vp->da->type == RS_TYPE_OCTETS)) {
if (length == 0) goto raw;
data_offset = 1;
}
@@ -870,51 +870,51 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet,
}
switch (vp->da->type) {
- case NR_TYPE_STRING:
- case NR_TYPE_OCTETS:
-#ifdef NR_TYPE_ABINARY
- case NR_TYPE_ABINARY:
+ case RS_TYPE_STRING:
+ case RS_TYPE_OCTETS:
+#ifdef RS_TYPE_ABINARY
+ case RS_TYPE_ABINARY:
#endif
/* nothing more to do */
break;
- case NR_TYPE_BYTE:
+ case RS_TYPE_BYTE:
vp->vp_integer = vp->vp_octets[0];
break;
- case NR_TYPE_SHORT:
+ case RS_TYPE_SHORT:
vp->vp_integer = (vp->vp_octets[0] << 8) | vp->vp_octets[1];
break;
- case NR_TYPE_INTEGER:
+ case RS_TYPE_INTEGER:
memcpy(&vp->vp_integer, vp->vp_octets, 4);
vp->vp_integer = ntohl(vp->vp_integer);
if (vp->da->flags.has_tag) vp->vp_integer &= 0x00ffffff;
break;
- case NR_TYPE_DATE:
+ case RS_TYPE_DATE:
memcpy(&vp->vp_date, vp->vp_octets, 4);
vp->vp_date = ntohl(vp->vp_date);
break;
- case NR_TYPE_IPADDR:
+ case RS_TYPE_IPADDR:
memcpy(&vp->vp_ipaddr, vp->vp_octets, 4);
break;
/*
* IPv6 interface ID is 8 octets long.
*/
- case NR_TYPE_IFID:
+ case RS_TYPE_IFID:
/* vp->vp_ifid == vp->vp_octets */
break;
/*
* IPv6 addresses are 16 octets long
*/
- case NR_TYPE_IPV6ADDR:
+ case RS_TYPE_IPV6ADDR:
/* vp->vp_ipv6addr == vp->vp_octets */
break;
@@ -927,7 +927,7 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet,
*
* The prefix length can have value 0 to 128.
*/
- case NR_TYPE_IPV6PREFIX:
+ case RS_TYPE_IPV6PREFIX:
if (vp->length < 2 || vp->length > 18) goto raw;
if (vp->vp_octets[1] > 128) goto raw;
@@ -942,7 +942,7 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet,
break;
#ifdef VENDORPEC_WIMAX
- case NR_TYPE_SIGNED:
+ case RS_TYPE_SIGNED:
if (vp->length != 4) goto raw;
/*
@@ -955,22 +955,22 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet,
break;
#endif
-#ifdef NR_TYPE_TLV
- case NR_TYPE_TLV:
+#ifdef RS_TYPE_TLV
+ case RS_TYPE_TLV:
nr_vp_free(&vp);
nr_debug_error("data2vp_any: Internal sanity check failed");
- return -NR_ERR_ATTR_TYPE_UNKNOWN;
+ return -RSE_ATTR_TYPE_UNKNOWN;
#endif
#ifdef VENDORPEC_WIMAX
- case NR_TYPE_COMBO_IP:
+ case RS_TYPE_COMBO_IP:
if (vp->length == 4) {
- vp->da->type = NR_TYPE_IPADDR;
+ vp->da->type = RS_TYPE_IPADDR;
memcpy(&vp->vp_ipaddr, vp->vp_octets, 4);
break;
} else if (vp->length == 16) {
- vp->da->type = NR_TYPE_IPV6ADDR;
+ vp->da->type = RS_TYPE_IPV6ADDR;
/* vp->vp_ipv6addr == vp->vp_octets */
break;
@@ -998,9 +998,9 @@ ssize_t nr_attr2vp_rfc(const RADIUS_PACKET *packet,
{
ssize_t rcode;
- if (length < 2) return -NR_ERR_PACKET_TOO_SMALL;
- if (data[1] < 2) return -NR_ERR_ATTR_TOO_SMALL;
- if (data[1] > length) return -NR_ERR_ATTR_OVERFLOW;
+ if (length < 2) return -RSE_PACKET_TOO_SMALL;
+ if (data[1] < 2) return -RSE_ATTR_TOO_SMALL;
+ if (data[1] > length) return -RSE_ATTR_OVERFLOW;
rcode = data2vp_any(packet, original, 0,
data[0], 0, data + 2, data[1] - 2, pvp);
@@ -1020,7 +1020,7 @@ int nr_tlv_ok(const uint8_t *data, size_t length,
if ((dv_length > 2) || (dv_type == 0) || (dv_type > 4)) {
nr_debug_error("nr_tlv_ok: Invalid arguments");
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
while (data < end) {
@@ -1028,7 +1028,7 @@ int nr_tlv_ok(const uint8_t *data, size_t length,
if ((data + dv_type + dv_length) > end) {
nr_debug_error("Attribute header overflow");
- return -NR_ERR_ATTR_TOO_SMALL;
+ return -RSE_ATTR_TOO_SMALL;
}
switch (dv_type) {
@@ -1037,12 +1037,12 @@ int nr_tlv_ok(const uint8_t *data, size_t length,
(data[2] == 0) && (data[3] == 0)) {
zero:
nr_debug_error("Invalid attribute 0");
- return -NR_ERR_ATTR_INVALID;
+ return -RSE_ATTR_INVALID;
}
if (data[0] != 0) {
nr_debug_error("Invalid attribute > 2^24");
- return -NR_ERR_ATTR_INVALID;
+ return -RSE_ATTR_INVALID;
}
break;
@@ -1056,7 +1056,7 @@ int nr_tlv_ok(const uint8_t *data, size_t length,
default:
nr_debug_error("Internal sanity check failed");
- return -NR_ERR_INTERNAL_FAILURE;
+ return -RSE_INTERNAL;
}
switch (dv_length) {
@@ -1066,7 +1066,7 @@ int nr_tlv_ok(const uint8_t *data, size_t length,
case 2:
if (data[dv_type + 1] != 0) {
nr_debug_error("Attribute is longer than 256 octets");
- return -NR_ERR_ATTR_TOO_LARGE;
+ return -RSE_ATTR_TOO_LARGE;
}
/* FALL-THROUGH */
case 1:
@@ -1076,17 +1076,17 @@ int nr_tlv_ok(const uint8_t *data, size_t length,
default:
nr_debug_error("Internal sanity check failed");
- return -NR_ERR_INTERNAL_FAILURE;
+ return -RSE_INTERNAL;
}
if (attrlen < (dv_type + dv_length)) {
nr_debug_error("Attribute header has invalid length");
- return -NR_ERR_PACKET_TOO_SMALL;
+ return -RSE_PACKET_TOO_SMALL;
}
if (attrlen > length) {
nr_debug_error("Attribute overflows container");
- return -NR_ERR_ATTR_OVERFLOW;
+ return -RSE_ATTR_OVERFLOW;
}
data += attrlen;
@@ -1113,7 +1113,7 @@ static ssize_t attr2vp_vsa(const RADIUS_PACKET *packet,
#ifndef NDEBUG
if (length <= (dv_type + dv_length)) {
nr_debug_error("attr2vp_vsa: Failure to call nr_tlv_ok");
- return -NR_ERR_PACKET_TOO_SMALL;
+ return -RSE_PACKET_TOO_SMALL;
}
#endif
@@ -1136,7 +1136,7 @@ static ssize_t attr2vp_vsa(const RADIUS_PACKET *packet,
default:
nr_debug_error("attr2vp_vsa: Internal sanity check failed");
- return -NR_ERR_INTERNAL_FAILURE;
+ return -RSE_INTERNAL;
}
switch (dv_length) {
@@ -1155,13 +1155,13 @@ static ssize_t attr2vp_vsa(const RADIUS_PACKET *packet,
default:
nr_debug_error("attr2vp_vsa: Internal sanity check failed");
- return -NR_ERR_INTERNAL_FAILURE;
+ return -RSE_INTERNAL;
}
#ifndef NDEBUG
if (attrlen <= (ssize_t) (dv_type + dv_length)) {
nr_debug_error("attr2vp_vsa: Failure to call nr_tlv_ok");
- return -NR_ERR_PACKET_TOO_SMALL;
+ return -RSE_PACKET_TOO_SMALL;
}
#endif
@@ -1177,7 +1177,7 @@ static ssize_t attr2vp_vsa(const RADIUS_PACKET *packet,
nr_vp_free(pvp);
nr_debug_error("attr2vp_vsa: Incomplete decode %d != %d",
(int) my_len, (int) attrlen);
- return -NR_ERR_INTERNAL_FAILURE;
+ return -RSE_INTERNAL;
}
#endif
@@ -1198,13 +1198,13 @@ ssize_t nr_attr2vp_vsa(const RADIUS_PACKET *packet,
uint32_t lvalue;
const DICT_VENDOR *dv;
- if (length < 2) return -NR_ERR_PACKET_TOO_SMALL;
- if (data[1] < 2) return -NR_ERR_ATTR_TOO_SMALL;
- if (data[1] > length) return -NR_ERR_ATTR_OVERFLOW;
+ if (length < 2) return -RSE_PACKET_TOO_SMALL;
+ if (data[1] < 2) return -RSE_ATTR_TOO_SMALL;
+ if (data[1] > length) return -RSE_ATTR_OVERFLOW;
if (data[0] != PW_VENDOR_SPECIFIC) {
nr_debug_error("nr_attr2vp_vsa: Invalid attribute");
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
/*
@@ -1256,7 +1256,7 @@ ssize_t nr_attr2vp_vsa(const RADIUS_PACKET *packet,
if (my_len != (data[1] - 6)) {
nr_vp_free(pvp);
nr_debug_error("nr_attr2vp_vsa: Incomplete decode");
- return -NR_ERR_INTERNAL_FAILURE;
+ return -RSE_INTERNAL;
}
#endif
@@ -1273,9 +1273,9 @@ ssize_t nr_attr2vp(const RADIUS_PACKET *packet,
const uint8_t *data, size_t length,
VALUE_PAIR **pvp)
{
- if (length < 2) return -NR_ERR_PACKET_TOO_SMALL;
- if (data[1] < 2) return -NR_ERR_ATTR_TOO_SMALL;
- if (data[1] > length) return -NR_ERR_ATTR_OVERFLOW;
+ if (length < 2) return -RSE_PACKET_TOO_SMALL;
+ if (data[1] < 2) return -RSE_ATTR_TOO_SMALL;
+ if (data[1] > length) return -RSE_ATTR_OVERFLOW;
#ifndef WITHOUT_VSAS
/*
@@ -1307,18 +1307,18 @@ ssize_t nr_attr2data(const RADIUS_PACKET *packet, ssize_t start,
uint8_t *data, *attr;
const uint8_t *end;
- if (!packet || !pdata || !plength) return -NR_ERR_INVALID_ARG;
+ if (!packet || !pdata || !plength) return -RSE_INVAL;
- if (!packet->data) return -NR_ERR_INVALID_ARG;
- if (packet->length < 20) return -NR_ERR_INVALID_ARG;
+ if (!packet->data) return -RSE_INVAL;
+ if (packet->length < 20) return -RSE_INVAL;
/*
* Too long or short, not good.
*/
if ((start < 0) ||
- ((start > 0) && (start < 20))) return -NR_ERR_INVALID_ARG;
+ ((start > 0) && (start < 20))) return -RSE_INVAL;
- if ((size_t) start >= (packet->length - 2)) return -NR_ERR_INVALID_ARG;
+ if ((size_t) start >= (packet->length - 2)) return -RSE_INVAL;
end = packet->data + packet->length;
@@ -1343,17 +1343,17 @@ ssize_t nr_attr2data(const RADIUS_PACKET *packet, ssize_t start,
*/
if ((attr + 2) > end) {
nr_debug_error("Attribute overflows packet");
- return -NR_ERR_ATTR_OVERFLOW;
+ return -RSE_ATTR_OVERFLOW;
}
if (attr[1] < 2) {
nr_debug_error("Attribute length is too small");
- return -NR_ERR_ATTR_TOO_SMALL;
+ return -RSE_ATTR_TOO_SMALL;
}
if ((attr + attr[1]) > end) {
nr_debug_error("Attribute length is too large");
- return -NR_ERR_ATTR_TOO_LARGE;
+ return -RSE_ATTR_TOO_LARGE;
}
#endif
@@ -1379,7 +1379,7 @@ ssize_t nr_attr2data(const RADIUS_PACKET *packet, ssize_t start,
dv = nr_dict_vendor_byvalue(vendor);
if (dv &&
((dv->type != 1) || (dv->length != 1))) {
- return -NR_ERR_VENDOR_UNKNOWN;
+ return -RSE_VENDOR_UNKNOWN;
}
}
diff --git a/lib/radius/client.h b/lib/radius/client.h
index 591884f..df9f834 100644
--- a/lib/radius/client.h
+++ b/lib/radius/client.h
@@ -29,6 +29,9 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* \brief Main header file.
*/
+#ifndef _RADIUS_CLIENT_H_
+#define _RADIUS_CLIENT_H_ 1
+
/*
* System-specific header files.
*/
@@ -42,10 +45,12 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include <netinet/in.h>
#include <sys/time.h>
+#include <radsec/radsec.h>
+
/*
* Definitions of attributes.
*/
-#include <networkradius-devel/radius.h>
+#include <radsec/radius.h>
/** \defgroup build Build Helpers
*
@@ -135,38 +140,38 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#endif
#ifdef WITHOUT_OPENSSL
-#ifndef NR_MD5_CTX
-#error NR_MD5_CTX must be defined
+#ifndef RS_MD5_CTX
+#error RS_MD5_CTX must be defined
#endif
-#ifndef nr_MD5Init
+#ifndef RS_MD5Init
#error n_rMD5Init must be defined
#endif
-#ifndef nr_MD5Update
-#error nr_MD5Updyae must be defined
+#ifndef RS_MD5Update
+#error RS_MD5Updyae must be defined
#endif
-#ifndef nr_MD5Final
-#error nr_MD5Final must be defined
+#ifndef RS_MD5Final
+#error RS_MD5Final must be defined
#endif
-#ifndef nr_MD5Transform
-#error nr_MD5Transform must be defined
+#ifndef RS_MD5Transform
+#error RS_MD5Transform must be defined
#endif
#else /* WITHOUT_OPENSSL */
#include <openssl/md5.h>
/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
-#define NR_MD5_CTX MD5_CTX
+#define RS_MD5_CTX MD5_CTX
/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
-#define nr_MD5Init MD5_Init
+#define RS_MD5Init MD5_Init
/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
-#define nr_MD5Update MD5_Update
+#define RS_MD5Update MD5_Update
/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
-#define nr_MD5Final MD5_Final
+#define RS_MD5Final MD5_Final
/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
-#define nr_MD5Transform MD5_Transform
+#define RS_MD5Transform MD5_Transform
#endif
-#ifndef NR_MAX_PACKET_LEN
+#ifndef RS_MAX_PACKET_LEN
/** The maximum size of a packet that the library will send or receive. \ingroup custom
*
* The RFC requirement is to handle at least 4K packets. However, if
@@ -176,144 +181,39 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* Be warned that any packets larger than this value will be ignored
* and silently discarded.
*/
-#define NR_MAX_PACKET_LEN (4096)
+#define RS_MAX_PACKET_LEN (4096)
#endif
-#ifndef NR_MAX_ATTRIBUTES
+#ifndef RS_MAX_ATTRIBUTES
/** The maximum number of attributes that the library will allow in a packet. \ingroup custom
*
- * Packets which contain more than ::NR_MAX_ATTRIBUTES will generate
+ * Packets which contain more than ::RS_MAX_ATTRIBUTES will generate
* an error. This value is configurable because there may be a need
* to accept a large mumber of attributes.
*
* This value is ignored when packets are sent. The library will
* send as many attributes as it is told to send.
*/
-#define NR_MAX_ATTRIBUTES (200)
+#define RS_MAX_ATTRIBUTES (200)
#endif
-#undef NR_MAX_PACKET_CODE
+#undef RS_MAX_PACKET_CODE
/** The maximum RADIUS_PACKET::code which we can accept. \ingroup dict
*
* \attention This should not be changed, as it is used by other
* structures such as ::nr_packet_codes.
*/
-#define NR_MAX_PACKET_CODE PW_COA_NAK
+#define RS_MAX_PACKET_CODE PW_COA_NAK
/** The maximum vendor number which is permitted. \ingroup dict
*
* The RFCs require that the Vendor Id or Private Enterprise Number
* be encoded as 32 bits, with the upper 8 bits being zero.
*/
-#define NR_MAX_VENDOR (1 << 24)
-
-/** The maximum length of a RADIUS attribute.
- *
- * The RFCs require that a RADIUS attribute transport no more than
- * 253 octets of data. We add an extra byte for a trailing NUL, so
- * that the VALUE_PAIR::vp_strvalue field can be handled as a C
- * string.
- */
-#define MAX_STRING_LEN (254)
+#define RS_MAX_VENDOR (1 << 24)
/** Data Type Definitions. \ingroup dict
*/
-typedef enum nr_attr_type_t {
- NR_TYPE_INVALID = 0, /**< Invalid data type */
- NR_TYPE_STRING, /**< printable-text */
- NR_TYPE_INTEGER, /**< a 32-bit unsigned integer */
- NR_TYPE_IPADDR, /**< an IPv4 address */
- NR_TYPE_DATE, /**< a 32-bit date, of seconds since January 1, 1970 */
- NR_TYPE_OCTETS, /**< a sequence of binary octets */
- NR_TYPE_IFID, /**< an Interface Id */
- NR_TYPE_IPV6ADDR, /**< an IPv6 address */
- NR_TYPE_IPV6PREFIX, /**< an IPv6 prefix */
- NR_TYPE_BYTE, /**< an 8-bit integer */
- NR_TYPE_SHORT, /**< a 16-bit integer */
-} nr_attr_type_t;
-
-#define PW_ACCESS_REQUEST 1
-#define PW_ACCESS_ACCEPT 2
-#define PW_ACCESS_REJECT 3
-#define PW_ACCOUNTING_REQUEST 4
-#define PW_ACCOUNTING_RESPONSE 5
-#define PW_ACCOUNTING_STATUS 6
-#define PW_PASSWORD_REQUEST 7
-#define PW_PASSWORD_ACK 8
-#define PW_PASSWORD_REJECT 9
-#define PW_ACCOUNTING_MESSAGE 10
-#define PW_ACCESS_CHALLENGE 11
-#define PW_STATUS_SERVER 12
-#define PW_STATUS_CLIENT 13
-#define PW_DISCONNECT_REQUEST 40
-#define PW_DISCONNECT_ACK 41
-#define PW_DISCONNECT_NAK 42
-#define PW_COA_REQUEST 43
-#define PW_COA_ACK 44
-#define PW_COA_NAK 45
-
-/** Error codes \ingroup error
- *
- * The numerical value of these definitions may change from version
- * to version of the library.
- */
-typedef enum nr_error_t {
- /** Invalid argument */
- NR_ERR_INVALID_ARG = 1,
- /** Insufficient data to decode the packet */
- NR_ERR_PACKET_TOO_SMALL,
- /** The packet header says it is larger than the received data */
- NR_ERR_PACKET_TOO_LARGE,
- /** the attribute overflows the packet */
- NR_ERR_ATTR_OVERFLOW,
- /** the attribute header "length" field is too small */
- NR_ERR_ATTR_TOO_SMALL,
- /** the attribute is more than 256 octets long */
- NR_ERR_ATTR_TOO_LARGE,
- /** the attribute is unknown */
- NR_ERR_ATTR_UNKNOWN,
- /** the attribute name is improperly formatted */
- NR_ERR_ATTR_BAD_NAME,
- /** the attribute value could not be parsed */
- NR_ERR_ATTR_VALUE_MALFORMED,
- /** the attribute "type" is invalid */
- NR_ERR_ATTR_INVALID,
- /** the packet has too many attributes */
- NR_ERR_TOO_MANY_ATTRS,
- /** the attribute has an unsupported data type */
- NR_ERR_ATTR_TYPE_UNKNOWN,
- /** the Message-Authenticator has the wrong length */
- NR_ERR_MSG_AUTH_LEN,
- /** the Message-Authenticator is wrong */
- NR_ERR_MSG_AUTH_WRONG,
- /** we need a request packet to calculate something in the response */
- NR_ERR_REQUEST_REQUIRED,
- /** the request code is unsupported */
- NR_ERR_REQUEST_CODE_INVALID,
- /** the Authentication Vector is wrong */
- NR_ERR_AUTH_VECTOR_WRONG,
- /** the response code is unsupported */
- NR_ERR_RESPONSE_CODE_INVALID,
- /** the response ID field is invalid */
- NR_ERR_RESPONSE_ID_INVALID,
- /** the response is not from the correct source IP/port */
- NR_ERR_RESPONSE_SRC_INVALID,
- /** Look at "errno" for the error */
- NR_ERR_SYSTEM,
- /** We cannot encode the packet because of invalid arguments */
- NR_ERR_NO_PACKET_DATA,
- /** the vendor is unknown */
- NR_ERR_VENDOR_UNKNOWN,
- /** an internal sanity check failed */
- NR_ERR_INTERNAL_FAILURE,
- /** the caller requested an unsupported featuer */
- NR_ERR_UNSUPPORTED,
- /** we were unable to allocate memory */
- NR_ERR_NO_MEM,
- /** Resource is in use */
- NR_ERR_IN_USE,
-} nr_error_t;
-
#define TAG_VALID(x) ((x) < 0x20)
/** The attribute is not encrypted. */
@@ -335,7 +235,7 @@ typedef enum nr_error_t {
typedef struct attr_flags {
unsigned int has_tag : 1; /**< Attribute has an RFC 2868 tag */
unsigned int unknown : 1; /**< Attribute is unknown */
-#ifdef NR_TYPE_TLV
+#ifdef RS_TYPE_TLV
unsigned int has_tlv : 1; /* has sub attributes */
unsigned int is_tlv : 1; /* is a sub attribute */
#endif
@@ -358,7 +258,7 @@ typedef struct attr_flags {
*/
typedef struct nr_dict_attr {
unsigned int attr; /**< Attribute number */
- nr_attr_type_t type; /**< Data type */
+ rs_attr_type_t type; /**< Data type */
unsigned int vendor; /**< Vendor-Id number */
ATTR_FLAGS flags;
const char *name; /**< Printable name */
@@ -392,21 +292,21 @@ typedef struct nr_dict_vendor {
*
*/
typedef union value_pair_data {
- char strvalue[MAX_STRING_LEN]; /* +1 for NUL */
+ char strvalue[RS_MAX_STRING_LEN]; /* +1 for NUL */
uint8_t octets[253];
struct in_addr ipaddr;
struct in6_addr ipv6addr;
uint32_t date;
uint32_t integer;
-#ifdef NR_TYPE_SIGNED
+#ifdef RS_TYPE_SIGNED
int32_t sinteger;
#endif
-#ifdef NR_TYPE_ABINARY
+#ifdef RS_TYPE_ABINARY
uint8_t filter[32];
#endif
uint8_t ifid[8]; /* struct? */
uint8_t ipv6prefix[18]; /* struct? */
-#ifdef NR_TYPE_TLV
+#ifdef RS_TYPE_TLV
uint8_t *tlv;
#endif
} VALUE_PAIR_DATA;
@@ -432,23 +332,23 @@ typedef struct value_pair {
#define vp_ipaddr data.ipaddr.s_addr
#define vp_date data.integer
#define vp_integer data.integer
-#ifdef NR_TYPE_ABINARY
+#ifdef RS_TYPE_ABINARY
#define vp_filter data.filter
#endif
-#ifdef NR_TYPE_ETHER
+#ifdef RS_TYPE_ETHER
#define vp_ether data.ether
#endif
-#ifdef NR_TYPE_SIGNED
+#ifdef RS_TYPE_SIGNED
#define vp_signed data.sinteger
#endif
-#ifdef NR_TYPE_TLV
+#ifdef RS_TYPE_TLV
#define vp_tlv data.tlv
#endif
-#ifdef NR_TYPE_TLV
-#define NR_ATTR_MAX_TLV (4)
-extern const int nr_attr_shift[NR_ATTR_MAX_TLV];
-extern const int nr_attr_mask[NR_ATTR_MAX_TLV];
+#ifdef RS_TYPE_TLV
+#define RS_ATTR_MAX_TLV (4)
+extern const int nr_attr_shift[RS_ATTR_MAX_TLV];
+extern const int nr_attr_mask[RS_ATTR_MAX_TLV];
extern const unsigned int nr_attr_max_tlv;
#endif
@@ -474,12 +374,12 @@ typedef struct radius_packet {
VALUE_PAIR *vps; /**< linked list of ::VALUE_PAIR */
} RADIUS_PACKET;
-#define NR_PACKET_ENCODED (1 << 0)
-#define NR_PACKET_HEADER (1 << 1)
-#define NR_PACKET_SIGNED (1 << 2)
-#define NR_PACKET_OK (1 << 3)
-#define NR_PACKET_VERIFIED (1 << 4)
-#define NR_PACKET_DECODED (1 << 5)
+#define RS_PACKET_ENCODED (1 << 0)
+#define RS_PACKET_HEADER (1 << 1)
+#define RS_PACKET_SIGNED (1 << 2)
+#define RS_PACKET_OK (1 << 3)
+#define RS_PACKET_VERIFIED (1 << 4)
+#define RS_PACKET_DECODED (1 << 5)
/** Track packets sent to a server. \ingroup id
@@ -634,7 +534,7 @@ extern VALUE_PAIR *nr_vps_find(VALUE_PAIR *head,
* packet.
*
* \attention There is usually no need to call this function. Use
- * the NR_DA_* definitions instead.
+ * the RS_DA_* definitions instead.
*
* @param[in] attr Value of the attribute
* @param[in] vendor Value of the vendor
@@ -773,7 +673,7 @@ extern const DICT_ATTR const *nr_dict_attr_names[];
* application. Packet codes which are not handled by the library
* have NULL for their names.
*/
-extern const char *nr_packet_codes[NR_MAX_PACKET_CODE + 1];
+extern const char *nr_packet_codes[RS_MAX_PACKET_CODE + 1];
/** Verifies that a packet is "well formed". \ingroup packet
*
@@ -1406,3 +1306,5 @@ extern ssize_t nr_vp_sscanf_value(VALUE_PAIR *vp, const char *value);
*/
# define BLANK_FORMAT ""
#endif
+
+#endif /* _RADIUS_CLIENT_H_ */
diff --git a/lib/radius/common.pl b/lib/radius/common.pl
index c08489a..7042fe5 100644
--- a/lib/radius/common.pl
+++ b/lib/radius/common.pl
@@ -124,7 +124,7 @@ sub do_file()
}
$type =~ tr/a-z/A-Z/;
- $attributes{$index}{'type'} = "NR_TYPE_$type";
+ $attributes{$index}{'type'} = "RS_TYPE_$type";
$stuff =~ s/^\s*//;
diff --git a/lib/radius/convert.pl b/lib/radius/convert.pl
index ce7cccd..9cf8731 100755
--- a/lib/radius/convert.pl
+++ b/lib/radius/convert.pl
@@ -134,7 +134,7 @@ foreach $attr_val (sort {lc($attributes{$a}{'name'}) cmp lc($attributes{$b}{'nam
print DICT "};\n\n";
close DICT;
-open HDR, ">radius.h" or die "Failed creating radius.c: $!\n";
+open HDR, ">../include/radsec/radius.h" or die "Failed creating radius.c: $!\n";
print HDR "/* Automatically generated file. Do not edit */\n\n";
@@ -174,7 +174,7 @@ foreach $attr_val (sort {$a <=> $b} keys %attributes) {
$name =~ tr/a-z/A-Z/;
$name =~ tr/-/_/;
- print HDR "#define NR_DA_$name (&nr_dict_attrs[$attributes{$attr_val}{'offset'}])\n";
+ print HDR "#define RS_DA_$name (&nr_dict_attrs[$attributes{$attr_val}{'offset'}])\n";
}
print HDR "/* Automatically generated file. Do not edit */\n";
diff --git a/lib/radius/crypto.c b/lib/radius/crypto.c
index 02a223d..21cc7d0 100644
--- a/lib/radius/crypto.c
+++ b/lib/radius/crypto.c
@@ -36,7 +36,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
/** \cond PRIVATE */
-#include <networkradius-devel/client.h>
+#include "client.h"
ssize_t nr_password_encrypt(uint8_t *output, size_t outlen,
@@ -45,35 +45,35 @@ ssize_t nr_password_encrypt(uint8_t *output, size_t outlen,
{
size_t i, j, len;
uint8_t digest[16];
- NR_MD5_CTX ctx, secret_ctx;
+ RS_MD5_CTX ctx, secret_ctx;
if (!output || (outlen < 16) || !input || (inlen == 0) ||
!secret || !vector) {
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
len = inlen;
- if (len > 128) return -NR_ERR_ATTR_OVERFLOW;
+ if (len > 128) return -RSE_ATTR_OVERFLOW;
len = (len + 0x0f) & ~0x0f; /* round up to 16 byte boundary */
- if (outlen < len) return -NR_ERR_ATTR_OVERFLOW;
+ if (outlen < len) return -RSE_ATTR_OVERFLOW;
memcpy(output, input, len);
memset(output + len, 0, 128 - len);
- nr_MD5Init(&secret_ctx);
- nr_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret));
+ RS_MD5Init(&secret_ctx);
+ RS_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret));
for (j = 0; j < len; j += 16) {
ctx = secret_ctx;
if (j == 0) {
- nr_MD5Update(&ctx, vector, 16);
- nr_MD5Final(digest, &ctx);
+ RS_MD5Update(&ctx, vector, 16);
+ RS_MD5Final(digest, &ctx);
} else {
- nr_MD5Update(&ctx, &output[j - 16], 16);
- nr_MD5Final(digest, &ctx);
+ RS_MD5Update(&ctx, &output[j - 16], 16);
+ RS_MD5Final(digest, &ctx);
}
for (i = 0; i < 16; i++) {
@@ -90,16 +90,16 @@ ssize_t nr_tunnelpw_encrypt(uint8_t *output, size_t outlen,
const char *secret, const uint8_t *vector)
{
size_t i, j, len;
- NR_MD5_CTX ctx, secret_ctx;
+ RS_MD5_CTX ctx, secret_ctx;
uint8_t digest[16];
if (!output || (outlen < 18) || !input || (inlen == 0) ||
!secret || !vector) {
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
len = ((inlen + 1) + 0x0f) & ~0x0f;
- if (len > 251) return -NR_ERR_ATTR_OVERFLOW;
+ if (len > 251) return -RSE_ATTR_OVERFLOW;
output[0] = (nr_rand() & 0xff) | 0x80;
output[1] = nr_rand() & 0xff;
@@ -108,19 +108,19 @@ ssize_t nr_tunnelpw_encrypt(uint8_t *output, size_t outlen,
memcpy(output + 3, input, inlen);
memset(output + 3 + inlen, 0, len - inlen - 1);
- nr_MD5Init(&secret_ctx);
- nr_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret));
+ RS_MD5Init(&secret_ctx);
+ RS_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret));
for (j = 0; j < len; j += 16) {
ctx = secret_ctx;
if (j == 0) {
- nr_MD5Update(&ctx, vector, 16);
- nr_MD5Update(&ctx, output, 2);
- nr_MD5Final(digest, &ctx);
+ RS_MD5Update(&ctx, vector, 16);
+ RS_MD5Update(&ctx, output, 2);
+ RS_MD5Final(digest, &ctx);
} else {
- nr_MD5Update(&ctx, &output[j + 2 - 16], 16);
- nr_MD5Final(digest, &ctx);
+ RS_MD5Update(&ctx, &output[j + 2 - 16], 16);
+ RS_MD5Final(digest, &ctx);
}
for (i = 0; i < 16; i++) {
@@ -136,12 +136,12 @@ ssize_t nr_tunnelpw_decrypt(uint8_t *output, size_t outlen,
const char *secret, const uint8_t *vector)
{
size_t i, j, len, encoded_len;
- NR_MD5_CTX ctx, secret_ctx;
+ RS_MD5_CTX ctx, secret_ctx;
uint8_t digest[16];
if (!output || (outlen < 1) || !input || (inlen < 2) ||
!secret || !vector) {
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
if (inlen <= 3) {
@@ -151,20 +151,20 @@ ssize_t nr_tunnelpw_decrypt(uint8_t *output, size_t outlen,
len = inlen - 2;
- if (outlen < (len - 1)) return -NR_ERR_ATTR_OVERFLOW;
+ if (outlen < (len - 1)) return -RSE_ATTR_OVERFLOW;
- nr_MD5Init(&secret_ctx);
- nr_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret));
+ RS_MD5Init(&secret_ctx);
+ RS_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret));
ctx = secret_ctx;
- nr_MD5Update(&ctx, vector, 16); /* MD5(secret + vector + salt) */
- nr_MD5Update(&ctx, input, 2);
- nr_MD5Final(digest, &ctx);
+ RS_MD5Update(&ctx, vector, 16); /* MD5(secret + vector + salt) */
+ RS_MD5Update(&ctx, input, 2);
+ RS_MD5Final(digest, &ctx);
encoded_len = input[2] ^ digest[0];
if (encoded_len >= len) {
- return -NR_ERR_ATTR_TOO_LARGE;
+ return -RSE_ATTR_TOO_LARGE;
}
for (i = 0; i < 15; i++) {
@@ -174,8 +174,8 @@ ssize_t nr_tunnelpw_decrypt(uint8_t *output, size_t outlen,
for (j = 16; j < len; j += 16) {
ctx = secret_ctx;
- nr_MD5Update(&ctx, input + j - 16 + 2, 16);
- nr_MD5Final(digest, &ctx);
+ RS_MD5Update(&ctx, input + j - 16 + 2, 16);
+ RS_MD5Final(digest, &ctx);
for (i = 0; i < 16; i++) {
output[i + j - 1] = input[i + j + 2] ^ digest[i];
@@ -198,12 +198,12 @@ nr_hmac_md5(const uint8_t *data, size_t data_len,
uint8_t k_ipad[64];
uint8_t k_opad[64];
uint8_t tk[16];
- NR_MD5_CTX ctx;
+ RS_MD5_CTX ctx;
if (key_len > 64) {
- nr_MD5Init(&ctx);
- nr_MD5Update(&ctx, key, key_len);
- nr_MD5Final(tk, &ctx);
+ RS_MD5Init(&ctx);
+ RS_MD5Update(&ctx, key, key_len);
+ RS_MD5Final(tk, &ctx);
key = tk;
key_len = 16;
@@ -219,15 +219,15 @@ nr_hmac_md5(const uint8_t *data, size_t data_len,
k_opad[i] ^= 0x5c;
}
- nr_MD5Init(&ctx);
- nr_MD5Update(&ctx, k_ipad, sizeof(k_ipad));
- nr_MD5Update(&ctx, data, data_len);
- nr_MD5Final(digest, &ctx);
+ RS_MD5Init(&ctx);
+ RS_MD5Update(&ctx, k_ipad, sizeof(k_ipad));
+ RS_MD5Update(&ctx, data, data_len);
+ RS_MD5Final(digest, &ctx);
- nr_MD5Init(&ctx);
- nr_MD5Update(&ctx, k_opad, sizeof(k_opad));
- nr_MD5Update(&ctx, digest, 16);
- nr_MD5Final(digest, &ctx);
+ RS_MD5Init(&ctx);
+ RS_MD5Update(&ctx, k_opad, sizeof(k_opad));
+ RS_MD5Update(&ctx, digest, 16);
+ RS_MD5Final(digest, &ctx);
}
/** \endcond */
diff --git a/lib/radius/custom.c b/lib/radius/custom.c
index e33cf5a..02e2463 100644
--- a/lib/radius/custom.c
+++ b/lib/radius/custom.c
@@ -29,7 +29,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* \brief Functions which should be customized for your local system.
*/
-#include <networkradius-devel/client.h>
+#include "client.h"
#include <unistd.h>
#include <fcntl.h>
diff --git a/lib/radius/dict.c b/lib/radius/dict.c
index 26fe7d0..fc04ee2 100644
--- a/lib/radius/dict.c
+++ b/lib/radius/dict.c
@@ -25,7 +25,7 @@ ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#include <networkradius-devel/client.h>
+#include "client.h"
#include <ctype.h>
/** \file dict.c
@@ -56,7 +56,7 @@ const DICT_ATTR *nr_dict_attr_byvalue(unsigned int attr, unsigned int vendor)
return &nr_dict_attrs[half];
}
- if ((vendor > nr_dict_attrs[half].vendor) &&
+ if ((vendor >= nr_dict_attrs[half].vendor) &&
(attr > nr_dict_attrs[half].attr)) {
start = half + 1;
} else {
@@ -100,19 +100,19 @@ const DICT_ATTR *nr_dict_attr_byname(const char *name)
int nr_dict_attr_2struct(DICT_ATTR *da, unsigned int attr, unsigned int vendor,
char *buffer, size_t bufsize)
{
- if (!da || !buffer) return -NR_ERR_INVALID_ARG;
+ if (!da || !buffer) return -RSE_INVAL;
if (!vendor) {
- if (attr > 256) return -NR_ERR_INVALID_ARG;
+ if (attr > 256) return -RSE_INVAL;
} else if (vendor > (1 << 24)) {
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
memset(da, 0, sizeof(*da));
da->attr = attr;
da->flags.unknown = 1;
- da->type = NR_TYPE_OCTETS;
+ da->type = RS_TYPE_OCTETS;
da->vendor = vendor;
if (da->vendor) {
diff --git a/lib/radius/dictionaries.c b/lib/radius/dictionaries.c
deleted file mode 100644
index d1f4b6f..0000000
--- a/lib/radius/dictionaries.c
+++ /dev/null
@@ -1,1515 +0,0 @@
-const DICT_VENDOR nr_dict_vendors[] = {
- {
- .name = "Microsoft",
- .vendor = 311,
- .type = 1,
- .length = 1,
- },
- {
- .name = "example",
- .vendor = 65535,
- .type = 1,
- .length = 1,
- },
-
- { .name = NULL, }
-};
-
-const DICT_ATTR nr_dict_attrs[] = {
- { /* 0 */
- .name = NULL,
- },
- { /* 1 */
- .name = "User-Name",
- .attr = 1,
- .type = NR_TYPE_STRING,
- },
- { /* 2 */
- .name = "User-Password",
- .attr = 2,
- .type = NR_TYPE_STRING,
- .flags = {
- .encrypt = FLAG_ENCRYPT_USER_PASSWORD,
- },
- },
- { /* 3 */
- .name = "CHAP-Password",
- .attr = 3,
- .type = NR_TYPE_OCTETS,
- },
- { /* 4 */
- .name = "NAS-IP-Address",
- .attr = 4,
- .type = NR_TYPE_IPADDR,
- .flags = {
- .length = 4,
- },
- },
- { /* 5 */
- .name = "NAS-Port",
- .attr = 5,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 6 */
- .name = "Service-Type",
- .attr = 6,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 7 */
- .name = "Framed-Protocol",
- .attr = 7,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 8 */
- .name = "Framed-IP-Address",
- .attr = 8,
- .type = NR_TYPE_IPADDR,
- .flags = {
- .length = 4,
- },
- },
- { /* 9 */
- .name = "Framed-IP-Netmask",
- .attr = 9,
- .type = NR_TYPE_IPADDR,
- .flags = {
- .length = 4,
- },
- },
- { /* 10 */
- .name = "Framed-Routing",
- .attr = 10,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 11 */
- .name = "Filter-Id",
- .attr = 11,
- .type = NR_TYPE_STRING,
- },
- { /* 12 */
- .name = "Framed-MTU",
- .attr = 12,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 13 */
- .name = "Framed-Compression",
- .attr = 13,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 14 */
- .name = "Login-IP-Host",
- .attr = 14,
- .type = NR_TYPE_IPADDR,
- .flags = {
- .length = 4,
- },
- },
- { /* 15 */
- .name = "Login-Service",
- .attr = 15,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 16 */
- .name = "Login-TCP-Port",
- .attr = 16,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 17 */
- .name = NULL,
- },
- { /* 18 */
- .name = "Reply-Message",
- .attr = 18,
- .type = NR_TYPE_STRING,
- },
- { /* 19 */
- .name = "Callback-Number",
- .attr = 19,
- .type = NR_TYPE_STRING,
- },
- { /* 20 */
- .name = "Callback-Id",
- .attr = 20,
- .type = NR_TYPE_STRING,
- },
- { /* 21 */
- .name = NULL,
- },
- { /* 22 */
- .name = "Framed-Route",
- .attr = 22,
- .type = NR_TYPE_STRING,
- },
- { /* 23 */
- .name = "Framed-IPX-Network",
- .attr = 23,
- .type = NR_TYPE_IPADDR,
- .flags = {
- .length = 4,
- },
- },
- { /* 24 */
- .name = "State",
- .attr = 24,
- .type = NR_TYPE_OCTETS,
- },
- { /* 25 */
- .name = "Class",
- .attr = 25,
- .type = NR_TYPE_OCTETS,
- },
- { /* 26 */
- .name = "Vendor-Specific",
- .attr = 26,
- .type = NR_TYPE_OCTETS,
- },
- { /* 27 */
- .name = "Session-Timeout",
- .attr = 27,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 28 */
- .name = "Idle-Timeout",
- .attr = 28,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 29 */
- .name = "Termination-Action",
- .attr = 29,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 30 */
- .name = "Called-Station-Id",
- .attr = 30,
- .type = NR_TYPE_STRING,
- },
- { /* 31 */
- .name = "Calling-Station-Id",
- .attr = 31,
- .type = NR_TYPE_STRING,
- },
- { /* 32 */
- .name = "NAS-Identifier",
- .attr = 32,
- .type = NR_TYPE_STRING,
- },
- { /* 33 */
- .name = "Proxy-State",
- .attr = 33,
- .type = NR_TYPE_OCTETS,
- },
- { /* 34 */
- .name = "Login-LAT-Service",
- .attr = 34,
- .type = NR_TYPE_STRING,
- },
- { /* 35 */
- .name = "Login-LAT-Node",
- .attr = 35,
- .type = NR_TYPE_STRING,
- },
- { /* 36 */
- .name = "Login-LAT-Group",
- .attr = 36,
- .type = NR_TYPE_OCTETS,
- },
- { /* 37 */
- .name = "Framed-AppleTalk-Link",
- .attr = 37,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 38 */
- .name = "Framed-AppleTalk-Network",
- .attr = 38,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 39 */
- .name = "Framed-AppleTalk-Zone",
- .attr = 39,
- .type = NR_TYPE_STRING,
- },
- { /* 40 */
- .name = "Acct-Status-Type",
- .attr = 40,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 41 */
- .name = "Acct-Delay-Time",
- .attr = 41,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 42 */
- .name = "Acct-Input-Octets",
- .attr = 42,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 43 */
- .name = "Acct-Output-Octets",
- .attr = 43,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 44 */
- .name = "Acct-Session-Id",
- .attr = 44,
- .type = NR_TYPE_STRING,
- },
- { /* 45 */
- .name = "Acct-Authentic",
- .attr = 45,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 46 */
- .name = "Acct-Session-Time",
- .attr = 46,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 47 */
- .name = "Acct-Input-Packets",
- .attr = 47,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 48 */
- .name = "Acct-Output-Packets",
- .attr = 48,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 49 */
- .name = "Acct-Terminate-Cause",
- .attr = 49,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 50 */
- .name = "Acct-Multi-Session-Id",
- .attr = 50,
- .type = NR_TYPE_STRING,
- },
- { /* 51 */
- .name = "Acct-Link-Count",
- .attr = 51,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 52 */
- .name = "Acct-Input-Gigawords",
- .attr = 52,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 53 */
- .name = "Acct-Output-Gigawords",
- .attr = 53,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 54 */
- .name = NULL,
- },
- { /* 55 */
- .name = "Event-Timestamp",
- .attr = 55,
- .type = NR_TYPE_DATE,
- .flags = {
- .length = 4,
- },
- },
- { /* 56 */
- .name = "Egress-VLANID",
- .attr = 56,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 57 */
- .name = "Ingress-Filters",
- .attr = 57,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 58 */
- .name = "Egress-VLAN-Name",
- .attr = 58,
- .type = NR_TYPE_STRING,
- },
- { /* 59 */
- .name = "User-Priority-Table",
- .attr = 59,
- .type = NR_TYPE_OCTETS,
- },
- { /* 60 */
- .name = "CHAP-Challenge",
- .attr = 60,
- .type = NR_TYPE_OCTETS,
- },
- { /* 61 */
- .name = "NAS-Port-Type",
- .attr = 61,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 62 */
- .name = "Port-Limit",
- .attr = 62,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 63 */
- .name = "Login-LAT-Port",
- .attr = 63,
- .type = NR_TYPE_STRING,
- },
- { /* 64 */
- .name = "Tunnel-Type",
- .attr = 64,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- .has_tag = 1,
- },
- },
- { /* 65 */
- .name = "Tunnel-Medium-Type",
- .attr = 65,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- .has_tag = 1,
- },
- },
- { /* 66 */
- .name = "Tunnel-Client-Endpoint",
- .attr = 66,
- .type = NR_TYPE_STRING,
- .flags = {
- .has_tag = 1,
- },
- },
- { /* 67 */
- .name = "Tunnel-Server-Endpoint",
- .attr = 67,
- .type = NR_TYPE_STRING,
- .flags = {
- .has_tag = 1,
- },
- },
- { /* 68 */
- .name = "Acct-Tunnel-Connection",
- .attr = 68,
- .type = NR_TYPE_STRING,
- },
- { /* 69 */
- .name = "Tunnel-Password",
- .attr = 69,
- .type = NR_TYPE_STRING,
- .flags = {
- .encrypt = FLAG_ENCRYPT_TUNNEL_PASSWORD,
- .has_tag = 1,
- },
- },
- { /* 70 */
- .name = "ARAP-Password",
- .attr = 70,
- .type = NR_TYPE_OCTETS,
- .flags = {
- .length = 16,
- },
- },
- { /* 71 */
- .name = "ARAP-Features",
- .attr = 71,
- .type = NR_TYPE_OCTETS,
- .flags = {
- .length = 14,
- },
- },
- { /* 72 */
- .name = "ARAP-Zone-Access",
- .attr = 72,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 73 */
- .name = "ARAP-Security",
- .attr = 73,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 74 */
- .name = "ARAP-Security-Data",
- .attr = 74,
- .type = NR_TYPE_STRING,
- },
- { /* 75 */
- .name = "Password-Retry",
- .attr = 75,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 76 */
- .name = "Prompt",
- .attr = 76,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 77 */
- .name = "Connect-Info",
- .attr = 77,
- .type = NR_TYPE_STRING,
- },
- { /* 78 */
- .name = "Configuration-Token",
- .attr = 78,
- .type = NR_TYPE_STRING,
- },
- { /* 79 */
- .name = "EAP-Message",
- .attr = 79,
- .type = NR_TYPE_OCTETS,
- },
- { /* 80 */
- .name = "Message-Authenticator",
- .attr = 80,
- .type = NR_TYPE_OCTETS,
- },
- { /* 81 */
- .name = "Tunnel-Private-Group-Id",
- .attr = 81,
- .type = NR_TYPE_STRING,
- .flags = {
- .has_tag = 1,
- },
- },
- { /* 82 */
- .name = "Tunnel-Assignment-Id",
- .attr = 82,
- .type = NR_TYPE_STRING,
- .flags = {
- .has_tag = 1,
- },
- },
- { /* 83 */
- .name = "Tunnel-Preference",
- .attr = 83,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- .has_tag = 1,
- },
- },
- { /* 84 */
- .name = "ARAP-Challenge-Response",
- .attr = 84,
- .type = NR_TYPE_OCTETS,
- .flags = {
- .length = 8,
- },
- },
- { /* 85 */
- .name = "Acct-Interim-Interval",
- .attr = 85,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 86 */
- .name = "Acct-Tunnel-Packets-Lost",
- .attr = 86,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 87 */
- .name = "NAS-Port-Id",
- .attr = 87,
- .type = NR_TYPE_STRING,
- },
- { /* 88 */
- .name = "Framed-Pool",
- .attr = 88,
- .type = NR_TYPE_STRING,
- },
- { /* 89 */
- .name = "Chargeable-User-Identity",
- .attr = 89,
- .type = NR_TYPE_STRING,
- },
- { /* 90 */
- .name = "Tunnel-Client-Auth-Id",
- .attr = 90,
- .type = NR_TYPE_STRING,
- .flags = {
- .has_tag = 1,
- },
- },
- { /* 91 */
- .name = "Tunnel-Server-Auth-Id",
- .attr = 91,
- .type = NR_TYPE_STRING,
- .flags = {
- .has_tag = 1,
- },
- },
- { /* 92 */
- .name = "NAS-Filter-Rule",
- .attr = 92,
- .type = NR_TYPE_STRING,
- },
- { /* 93 */
- .name = NULL,
- },
- { /* 94 */
- .name = NULL,
- },
- { /* 95 */
- .name = "NAS-IPv6-Address",
- .attr = 95,
- .type = NR_TYPE_IPV6ADDR,
- .flags = {
- .length = 16,
- },
- },
- { /* 96 */
- .name = "Framed-Interface-Id",
- .attr = 96,
- .type = NR_TYPE_IFID,
- .flags = {
- .length = 8,
- },
- },
- { /* 97 */
- .name = "Framed-IPv6-Prefix",
- .attr = 97,
- .type = NR_TYPE_IPV6PREFIX,
- },
- { /* 98 */
- .name = "Login-IPv6-Host",
- .attr = 98,
- .type = NR_TYPE_IPV6ADDR,
- .flags = {
- .length = 16,
- },
- },
- { /* 99 */
- .name = "Framed-IPv6-Route",
- .attr = 99,
- .type = NR_TYPE_STRING,
- },
- { /* 100 */
- .name = "Framed-IPv6-Pool",
- .attr = 100,
- .type = NR_TYPE_STRING,
- },
- { /* 101 */
- .name = "Error-Cause",
- .attr = 101,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 102 */
- .name = "EAP-Key-Name",
- .attr = 102,
- .type = NR_TYPE_STRING,
- },
- { /* 103 */
- .name = "Digest-Response",
- .attr = 103,
- .type = NR_TYPE_STRING,
- },
- { /* 104 */
- .name = "Digest-Realm",
- .attr = 104,
- .type = NR_TYPE_STRING,
- },
- { /* 105 */
- .name = "Digest-Nonce",
- .attr = 105,
- .type = NR_TYPE_STRING,
- },
- { /* 106 */
- .name = "Digest-Response-Auth",
- .attr = 106,
- .type = NR_TYPE_STRING,
- },
- { /* 107 */
- .name = "Digest-Nextnonce",
- .attr = 107,
- .type = NR_TYPE_STRING,
- },
- { /* 108 */
- .name = "Digest-Method",
- .attr = 108,
- .type = NR_TYPE_STRING,
- },
- { /* 109 */
- .name = "Digest-URI",
- .attr = 109,
- .type = NR_TYPE_STRING,
- },
- { /* 110 */
- .name = "Digest-Qop",
- .attr = 110,
- .type = NR_TYPE_STRING,
- },
- { /* 111 */
- .name = "Digest-Algorithm",
- .attr = 111,
- .type = NR_TYPE_STRING,
- },
- { /* 112 */
- .name = "Digest-Entity-Body-Hash",
- .attr = 112,
- .type = NR_TYPE_STRING,
- },
- { /* 113 */
- .name = "Digest-CNonce",
- .attr = 113,
- .type = NR_TYPE_STRING,
- },
- { /* 114 */
- .name = "Digest-Nonce-Count",
- .attr = 114,
- .type = NR_TYPE_STRING,
- },
- { /* 115 */
- .name = "Digest-Username",
- .attr = 115,
- .type = NR_TYPE_STRING,
- },
- { /* 116 */
- .name = "Digest-Opaque",
- .attr = 116,
- .type = NR_TYPE_STRING,
- },
- { /* 117 */
- .name = "Digest-Auth-Param",
- .attr = 117,
- .type = NR_TYPE_STRING,
- },
- { /* 118 */
- .name = "Digest-AKA-Auts",
- .attr = 118,
- .type = NR_TYPE_STRING,
- },
- { /* 119 */
- .name = "Digest-Domain",
- .attr = 119,
- .type = NR_TYPE_STRING,
- },
- { /* 120 */
- .name = "Digest-Stale",
- .attr = 120,
- .type = NR_TYPE_STRING,
- },
- { /* 121 */
- .name = "Digest-HA1",
- .attr = 121,
- .type = NR_TYPE_STRING,
- },
- { /* 122 */
- .name = "SIP-AOR",
- .attr = 122,
- .type = NR_TYPE_STRING,
- },
- { /* 123 */
- .name = "Delegated-IPv6-Prefix",
- .attr = 123,
- .type = NR_TYPE_IPV6PREFIX,
- },
- { /* 124 */
- .name = NULL,
- },
- { /* 125 */
- .name = NULL,
- },
- { /* 126 */
- .name = "Operator-Name",
- .attr = 126,
- .type = NR_TYPE_STRING,
- },
- { /* 127 */
- .name = "Location-Information",
- .attr = 127,
- .type = NR_TYPE_OCTETS,
- },
- { /* 128 */
- .name = "Location-Data",
- .attr = 128,
- .type = NR_TYPE_OCTETS,
- },
- { /* 129 */
- .name = "Basic-Location-Policy-Rules",
- .attr = 129,
- .type = NR_TYPE_OCTETS,
- },
- { /* 130 */
- .name = "Extended-Location-Policy-Rules",
- .attr = 130,
- .type = NR_TYPE_OCTETS,
- },
- { /* 131 */
- .name = "Location-Capable",
- .attr = 131,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 132 */
- .name = "Requested-Location-Info",
- .attr = 132,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 133 */
- .name = "Framed-Management",
- .attr = 133,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 134 */
- .name = "Management-Transport-Protection",
- .attr = 134,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 135 */
- .name = "Management-Policy-Id",
- .attr = 135,
- .type = NR_TYPE_STRING,
- },
- { /* 136 */
- .name = "Management-Privilege-Level",
- .attr = 136,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 137 */
- .name = "PKM-SS-Cert",
- .attr = 137,
- .type = NR_TYPE_OCTETS,
- },
- { /* 138 */
- .name = "PKM-CA-Cert",
- .attr = 138,
- .type = NR_TYPE_OCTETS,
- },
- { /* 139 */
- .name = "PKM-Config-Settings",
- .attr = 139,
- .type = NR_TYPE_OCTETS,
- },
- { /* 140 */
- .name = "PKM-Cryptosuite-List",
- .attr = 140,
- .type = NR_TYPE_OCTETS,
- },
- { /* 141 */
- .name = "PKM-SAID",
- .attr = 141,
- .type = NR_TYPE_SHORT,
- .flags = {
- .length = 2,
- },
- },
- { /* 142 */
- .name = "PKM-SA-Descriptor",
- .attr = 142,
- .type = NR_TYPE_OCTETS,
- },
- { /* 143 */
- .name = "PKM-Auth-Key",
- .attr = 143,
- .type = NR_TYPE_OCTETS,
- },
- { /* 144 */
- .name = NULL,
- },
- { /* 145 */
- .name = NULL,
- },
- { /* 146 */
- .name = NULL,
- },
- { /* 147 */
- .name = NULL,
- },
- { /* 148 */
- .name = NULL,
- },
- { /* 149 */
- .name = NULL,
- },
- { /* 150 */
- .name = NULL,
- },
- { /* 151 */
- .name = NULL,
- },
- { /* 152 */
- .name = NULL,
- },
- { /* 153 */
- .name = NULL,
- },
- { /* 154 */
- .name = NULL,
- },
- { /* 155 */
- .name = NULL,
- },
- { /* 156 */
- .name = NULL,
- },
- { /* 157 */
- .name = NULL,
- },
- { /* 158 */
- .name = NULL,
- },
- { /* 159 */
- .name = NULL,
- },
- { /* 160 */
- .name = NULL,
- },
- { /* 161 */
- .name = NULL,
- },
- { /* 162 */
- .name = NULL,
- },
- { /* 163 */
- .name = NULL,
- },
- { /* 164 */
- .name = NULL,
- },
- { /* 165 */
- .name = NULL,
- },
- { /* 166 */
- .name = NULL,
- },
- { /* 167 */
- .name = NULL,
- },
- { /* 168 */
- .name = NULL,
- },
- { /* 169 */
- .name = NULL,
- },
- { /* 170 */
- .name = NULL,
- },
- { /* 171 */
- .name = NULL,
- },
- { /* 172 */
- .name = NULL,
- },
- { /* 173 */
- .name = NULL,
- },
- { /* 174 */
- .name = NULL,
- },
- { /* 175 */
- .name = NULL,
- },
- { /* 176 */
- .name = NULL,
- },
- { /* 177 */
- .name = NULL,
- },
- { /* 178 */
- .name = NULL,
- },
- { /* 179 */
- .name = NULL,
- },
- { /* 180 */
- .name = NULL,
- },
- { /* 181 */
- .name = NULL,
- },
- { /* 182 */
- .name = NULL,
- },
- { /* 183 */
- .name = NULL,
- },
- { /* 184 */
- .name = NULL,
- },
- { /* 185 */
- .name = NULL,
- },
- { /* 186 */
- .name = NULL,
- },
- { /* 187 */
- .name = NULL,
- },
- { /* 188 */
- .name = NULL,
- },
- { /* 189 */
- .name = NULL,
- },
- { /* 190 */
- .name = NULL,
- },
- { /* 191 */
- .name = NULL,
- },
- { /* 192 */
- .name = NULL,
- },
- { /* 193 */
- .name = NULL,
- },
- { /* 194 */
- .name = NULL,
- },
- { /* 195 */
- .name = NULL,
- },
- { /* 196 */
- .name = NULL,
- },
- { /* 197 */
- .name = NULL,
- },
- { /* 198 */
- .name = NULL,
- },
- { /* 199 */
- .name = NULL,
- },
- { /* 200 */
- .name = NULL,
- },
- { /* 201 */
- .name = NULL,
- },
- { /* 202 */
- .name = NULL,
- },
- { /* 203 */
- .name = NULL,
- },
- { /* 204 */
- .name = NULL,
- },
- { /* 205 */
- .name = NULL,
- },
- { /* 206 */
- .name = NULL,
- },
- { /* 207 */
- .name = NULL,
- },
- { /* 208 */
- .name = NULL,
- },
- { /* 209 */
- .name = NULL,
- },
- { /* 210 */
- .name = NULL,
- },
- { /* 211 */
- .name = NULL,
- },
- { /* 212 */
- .name = NULL,
- },
- { /* 213 */
- .name = NULL,
- },
- { /* 214 */
- .name = NULL,
- },
- { /* 215 */
- .name = NULL,
- },
- { /* 216 */
- .name = NULL,
- },
- { /* 217 */
- .name = NULL,
- },
- { /* 218 */
- .name = NULL,
- },
- { /* 219 */
- .name = NULL,
- },
- { /* 220 */
- .name = NULL,
- },
- { /* 221 */
- .name = NULL,
- },
- { /* 222 */
- .name = NULL,
- },
- { /* 223 */
- .name = NULL,
- },
- { /* 224 */
- .name = NULL,
- },
- { /* 225 */
- .name = NULL,
- },
- { /* 226 */
- .name = NULL,
- },
- { /* 227 */
- .name = NULL,
- },
- { /* 228 */
- .name = NULL,
- },
- { /* 229 */
- .name = NULL,
- },
- { /* 230 */
- .name = NULL,
- },
- { /* 231 */
- .name = NULL,
- },
- { /* 232 */
- .name = NULL,
- },
- { /* 233 */
- .name = NULL,
- },
- { /* 234 */
- .name = NULL,
- },
- { /* 235 */
- .name = NULL,
- },
- { /* 236 */
- .name = NULL,
- },
- { /* 237 */
- .name = NULL,
- },
- { /* 238 */
- .name = NULL,
- },
- { /* 239 */
- .name = NULL,
- },
- { /* 240 */
- .name = NULL,
- },
- { /* 241 */
- .name = NULL,
- },
- { /* 242 */
- .name = NULL,
- },
- { /* 243 */
- .name = NULL,
- },
- { /* 244 */
- .name = NULL,
- },
- { /* 245 */
- .name = NULL,
- },
- { /* 246 */
- .name = NULL,
- },
- { /* 247 */
- .name = NULL,
- },
- { /* 248 */
- .name = NULL,
- },
- { /* 249 */
- .name = NULL,
- },
- { /* 250 */
- .name = NULL,
- },
- { /* 251 */
- .name = NULL,
- },
- { /* 252 */
- .name = NULL,
- },
- { /* 253 */
- .name = NULL,
- },
- { /* 254 */
- .name = NULL,
- },
- { /* 255 */
- .name = NULL,
- },
- { /* 256 */
- .name = "MS-CHAP-Response",
- .vendor = 311,
- .attr = 1,
- .type = NR_TYPE_OCTETS,
- },
- { /* 257 */
- .name = "MS-CHAP-Error",
- .vendor = 311,
- .attr = 2,
- .type = NR_TYPE_STRING,
- },
- { /* 258 */
- .name = "MS-MPPE-Encryption-Policy",
- .vendor = 311,
- .attr = 7,
- .type = NR_TYPE_OCTETS,
- },
- { /* 259 */
- .name = "MS-MPPE-Encryption-Types",
- .vendor = 311,
- .attr = 8,
- .type = NR_TYPE_OCTETS,
- },
- { /* 260 */
- .name = "MS-CHAP-Domain",
- .vendor = 311,
- .attr = 10,
- .type = NR_TYPE_STRING,
- },
- { /* 261 */
- .name = "MS-CHAP-Challenge",
- .vendor = 311,
- .attr = 11,
- .type = NR_TYPE_OCTETS,
- },
- { /* 262 */
- .name = "MS-CHAP-MPPE-Keys",
- .vendor = 311,
- .attr = 12,
- .type = NR_TYPE_OCTETS,
- .flags = {
- .encrypt = FLAG_ENCRYPT_USER_PASSWORD,
- },
- },
- { /* 263 */
- .name = "MS-MPPE-Send-Key",
- .vendor = 311,
- .attr = 16,
- .type = NR_TYPE_OCTETS,
- .flags = {
- .encrypt = FLAG_ENCRYPT_TUNNEL_PASSWORD,
- },
- },
- { /* 264 */
- .name = "MS-MPPE-Recv-Key",
- .vendor = 311,
- .attr = 17,
- .type = NR_TYPE_OCTETS,
- .flags = {
- .encrypt = FLAG_ENCRYPT_TUNNEL_PASSWORD,
- },
- },
- { /* 265 */
- .name = "MS-CHAP2-Response",
- .vendor = 311,
- .attr = 25,
- .type = NR_TYPE_OCTETS,
- },
- { /* 266 */
- .name = "MS-CHAP2-Success",
- .vendor = 311,
- .attr = 26,
- .type = NR_TYPE_OCTETS,
- },
- { /* 267 */
- .name = "Example-Integer",
- .vendor = 65535,
- .attr = 1,
- .type = NR_TYPE_INTEGER,
- .flags = {
- .length = 4,
- },
- },
- { /* 268 */
- .name = "Example-String",
- .vendor = 65535,
- .attr = 2,
- .type = NR_TYPE_STRING,
- },
- { /* 269 */
- .name = "Example-IP-Address",
- .vendor = 65535,
- .attr = 3,
- .type = NR_TYPE_IPADDR,
- .flags = {
- .length = 4,
- },
- },
-};
-
-const int nr_dict_num_attrs = 269;
-
-const int nr_dict_num_names = 149;
-
-const DICT_ATTR *nr_dict_attr_names[] = {
- &nr_dict_attrs[45], /* Acct-Authentic */
- &nr_dict_attrs[41], /* Acct-Delay-Time */
- &nr_dict_attrs[52], /* Acct-Input-Gigawords */
- &nr_dict_attrs[42], /* Acct-Input-Octets */
- &nr_dict_attrs[47], /* Acct-Input-Packets */
- &nr_dict_attrs[85], /* Acct-Interim-Interval */
- &nr_dict_attrs[51], /* Acct-Link-Count */
- &nr_dict_attrs[50], /* Acct-Multi-Session-Id */
- &nr_dict_attrs[53], /* Acct-Output-Gigawords */
- &nr_dict_attrs[43], /* Acct-Output-Octets */
- &nr_dict_attrs[48], /* Acct-Output-Packets */
- &nr_dict_attrs[44], /* Acct-Session-Id */
- &nr_dict_attrs[46], /* Acct-Session-Time */
- &nr_dict_attrs[40], /* Acct-Status-Type */
- &nr_dict_attrs[49], /* Acct-Terminate-Cause */
- &nr_dict_attrs[68], /* Acct-Tunnel-Connection */
- &nr_dict_attrs[86], /* Acct-Tunnel-Packets-Lost */
- &nr_dict_attrs[84], /* ARAP-Challenge-Response */
- &nr_dict_attrs[71], /* ARAP-Features */
- &nr_dict_attrs[70], /* ARAP-Password */
- &nr_dict_attrs[73], /* ARAP-Security */
- &nr_dict_attrs[74], /* ARAP-Security-Data */
- &nr_dict_attrs[72], /* ARAP-Zone-Access */
- &nr_dict_attrs[129], /* Basic-Location-Policy-Rules */
- &nr_dict_attrs[20], /* Callback-Id */
- &nr_dict_attrs[19], /* Callback-Number */
- &nr_dict_attrs[30], /* Called-Station-Id */
- &nr_dict_attrs[31], /* Calling-Station-Id */
- &nr_dict_attrs[60], /* CHAP-Challenge */
- &nr_dict_attrs[3], /* CHAP-Password */
- &nr_dict_attrs[89], /* Chargeable-User-Identity */
- &nr_dict_attrs[25], /* Class */
- &nr_dict_attrs[78], /* Configuration-Token */
- &nr_dict_attrs[77], /* Connect-Info */
- &nr_dict_attrs[123], /* Delegated-IPv6-Prefix */
- &nr_dict_attrs[118], /* Digest-AKA-Auts */
- &nr_dict_attrs[111], /* Digest-Algorithm */
- &nr_dict_attrs[117], /* Digest-Auth-Param */
- &nr_dict_attrs[113], /* Digest-CNonce */
- &nr_dict_attrs[119], /* Digest-Domain */
- &nr_dict_attrs[112], /* Digest-Entity-Body-Hash */
- &nr_dict_attrs[121], /* Digest-HA1 */
- &nr_dict_attrs[108], /* Digest-Method */
- &nr_dict_attrs[107], /* Digest-Nextnonce */
- &nr_dict_attrs[105], /* Digest-Nonce */
- &nr_dict_attrs[114], /* Digest-Nonce-Count */
- &nr_dict_attrs[116], /* Digest-Opaque */
- &nr_dict_attrs[110], /* Digest-Qop */
- &nr_dict_attrs[104], /* Digest-Realm */
- &nr_dict_attrs[103], /* Digest-Response */
- &nr_dict_attrs[106], /* Digest-Response-Auth */
- &nr_dict_attrs[120], /* Digest-Stale */
- &nr_dict_attrs[109], /* Digest-URI */
- &nr_dict_attrs[115], /* Digest-Username */
- &nr_dict_attrs[102], /* EAP-Key-Name */
- &nr_dict_attrs[79], /* EAP-Message */
- &nr_dict_attrs[58], /* Egress-VLAN-Name */
- &nr_dict_attrs[56], /* Egress-VLANID */
- &nr_dict_attrs[101], /* Error-Cause */
- &nr_dict_attrs[55], /* Event-Timestamp */
- &nr_dict_attrs[267], /* Example-Integer */
- &nr_dict_attrs[269], /* Example-IP-Address */
- &nr_dict_attrs[268], /* Example-String */
- &nr_dict_attrs[130], /* Extended-Location-Policy-Rules */
- &nr_dict_attrs[11], /* Filter-Id */
- &nr_dict_attrs[37], /* Framed-AppleTalk-Link */
- &nr_dict_attrs[38], /* Framed-AppleTalk-Network */
- &nr_dict_attrs[39], /* Framed-AppleTalk-Zone */
- &nr_dict_attrs[13], /* Framed-Compression */
- &nr_dict_attrs[96], /* Framed-Interface-Id */
- &nr_dict_attrs[8], /* Framed-IP-Address */
- &nr_dict_attrs[9], /* Framed-IP-Netmask */
- &nr_dict_attrs[100], /* Framed-IPv6-Pool */
- &nr_dict_attrs[97], /* Framed-IPv6-Prefix */
- &nr_dict_attrs[99], /* Framed-IPv6-Route */
- &nr_dict_attrs[23], /* Framed-IPX-Network */
- &nr_dict_attrs[133], /* Framed-Management */
- &nr_dict_attrs[12], /* Framed-MTU */
- &nr_dict_attrs[88], /* Framed-Pool */
- &nr_dict_attrs[7], /* Framed-Protocol */
- &nr_dict_attrs[22], /* Framed-Route */
- &nr_dict_attrs[10], /* Framed-Routing */
- &nr_dict_attrs[28], /* Idle-Timeout */
- &nr_dict_attrs[57], /* Ingress-Filters */
- &nr_dict_attrs[131], /* Location-Capable */
- &nr_dict_attrs[128], /* Location-Data */
- &nr_dict_attrs[127], /* Location-Information */
- &nr_dict_attrs[14], /* Login-IP-Host */
- &nr_dict_attrs[98], /* Login-IPv6-Host */
- &nr_dict_attrs[36], /* Login-LAT-Group */
- &nr_dict_attrs[35], /* Login-LAT-Node */
- &nr_dict_attrs[63], /* Login-LAT-Port */
- &nr_dict_attrs[34], /* Login-LAT-Service */
- &nr_dict_attrs[15], /* Login-Service */
- &nr_dict_attrs[16], /* Login-TCP-Port */
- &nr_dict_attrs[135], /* Management-Policy-Id */
- &nr_dict_attrs[136], /* Management-Privilege-Level */
- &nr_dict_attrs[134], /* Management-Transport-Protection */
- &nr_dict_attrs[80], /* Message-Authenticator */
- &nr_dict_attrs[261], /* MS-CHAP-Challenge */
- &nr_dict_attrs[260], /* MS-CHAP-Domain */
- &nr_dict_attrs[257], /* MS-CHAP-Error */
- &nr_dict_attrs[262], /* MS-CHAP-MPPE-Keys */
- &nr_dict_attrs[256], /* MS-CHAP-Response */
- &nr_dict_attrs[265], /* MS-CHAP2-Response */
- &nr_dict_attrs[266], /* MS-CHAP2-Success */
- &nr_dict_attrs[258], /* MS-MPPE-Encryption-Policy */
- &nr_dict_attrs[259], /* MS-MPPE-Encryption-Types */
- &nr_dict_attrs[264], /* MS-MPPE-Recv-Key */
- &nr_dict_attrs[263], /* MS-MPPE-Send-Key */
- &nr_dict_attrs[92], /* NAS-Filter-Rule */
- &nr_dict_attrs[32], /* NAS-Identifier */
- &nr_dict_attrs[4], /* NAS-IP-Address */
- &nr_dict_attrs[95], /* NAS-IPv6-Address */
- &nr_dict_attrs[5], /* NAS-Port */
- &nr_dict_attrs[87], /* NAS-Port-Id */
- &nr_dict_attrs[61], /* NAS-Port-Type */
- &nr_dict_attrs[126], /* Operator-Name */
- &nr_dict_attrs[75], /* Password-Retry */
- &nr_dict_attrs[143], /* PKM-Auth-Key */
- &nr_dict_attrs[138], /* PKM-CA-Cert */
- &nr_dict_attrs[139], /* PKM-Config-Settings */
- &nr_dict_attrs[140], /* PKM-Cryptosuite-List */
- &nr_dict_attrs[142], /* PKM-SA-Descriptor */
- &nr_dict_attrs[141], /* PKM-SAID */
- &nr_dict_attrs[137], /* PKM-SS-Cert */
- &nr_dict_attrs[62], /* Port-Limit */
- &nr_dict_attrs[76], /* Prompt */
- &nr_dict_attrs[33], /* Proxy-State */
- &nr_dict_attrs[18], /* Reply-Message */
- &nr_dict_attrs[132], /* Requested-Location-Info */
- &nr_dict_attrs[6], /* Service-Type */
- &nr_dict_attrs[27], /* Session-Timeout */
- &nr_dict_attrs[122], /* SIP-AOR */
- &nr_dict_attrs[24], /* State */
- &nr_dict_attrs[29], /* Termination-Action */
- &nr_dict_attrs[82], /* Tunnel-Assignment-Id */
- &nr_dict_attrs[90], /* Tunnel-Client-Auth-Id */
- &nr_dict_attrs[66], /* Tunnel-Client-Endpoint */
- &nr_dict_attrs[65], /* Tunnel-Medium-Type */
- &nr_dict_attrs[69], /* Tunnel-Password */
- &nr_dict_attrs[83], /* Tunnel-Preference */
- &nr_dict_attrs[81], /* Tunnel-Private-Group-Id */
- &nr_dict_attrs[91], /* Tunnel-Server-Auth-Id */
- &nr_dict_attrs[67], /* Tunnel-Server-Endpoint */
- &nr_dict_attrs[64], /* Tunnel-Type */
- &nr_dict_attrs[1], /* User-Name */
- &nr_dict_attrs[2], /* User-Password */
- &nr_dict_attrs[59], /* User-Priority-Table */
- &nr_dict_attrs[26], /* Vendor-Specific */
-};
-
diff --git a/lib/radius/examples/example_1.c b/lib/radius/examples/example_1.c
index 503d927..265c880 100644
--- a/lib/radius/examples/example_1.c
+++ b/lib/radius/examples/example_1.c
@@ -36,8 +36,8 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
static const char *secret = "testing123";
-static uint8_t request_buffer[NR_MAX_PACKET_LEN];
-static uint8_t response_buffer[NR_MAX_PACKET_LEN];
+static uint8_t request_buffer[RS_MAX_PACKET_LEN];
+static uint8_t response_buffer[RS_MAX_PACKET_LEN];
static RADIUS_PACKET request, response;
int main(int argc, const char *argv[])
@@ -58,12 +58,12 @@ int main(int argc, const char *argv[])
if (argc > 2) password = argv[2];
rcode = nr_packet_attr_append(&request, NULL,
- NR_DA_USER_NAME,
+ RS_DA_USER_NAME,
user, 0);
if (rcode < 0) goto error;
rcode = nr_packet_attr_append(&request, NULL,
- NR_DA_USER_PASSWORD,
+ RS_DA_USER_PASSWORD,
password, 0);
if (rcode < 0) goto error;
diff --git a/lib/radius/examples/example_2.c b/lib/radius/examples/example_2.c
index 1065c8e..0a58523 100644
--- a/lib/radius/examples/example_2.c
+++ b/lib/radius/examples/example_2.c
@@ -36,8 +36,8 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
static const char *secret = "testing123";
-static uint8_t request_buffer[NR_MAX_PACKET_LEN];
-static uint8_t response_buffer[NR_MAX_PACKET_LEN];
+static uint8_t request_buffer[RS_MAX_PACKET_LEN];
+static uint8_t response_buffer[RS_MAX_PACKET_LEN];
static RADIUS_PACKET request, response;
int main(int argc, const char *argv[])
@@ -58,12 +58,12 @@ int main(int argc, const char *argv[])
if (argc > 2) password = argv[2];
rcode = nr_packet_attr_append(&request, NULL,
- NR_DA_USER_NAME,
+ RS_DA_USER_NAME,
user, 0);
if (rcode < 0) goto error;
rcode = nr_packet_attr_append(&request, NULL,
- NR_DA_CHAP_PASSWORD,
+ RS_DA_CHAP_PASSWORD,
password, strlen(password));
if (rcode < 0) goto error;
diff --git a/lib/radius/examples/example_3.c b/lib/radius/examples/example_3.c
index 6104f6f..33fc671 100644
--- a/lib/radius/examples/example_3.c
+++ b/lib/radius/examples/example_3.c
@@ -39,8 +39,8 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
static const char *secret = "testing123";
-static uint8_t request_buffer[NR_MAX_PACKET_LEN];
-static uint8_t response_buffer[NR_MAX_PACKET_LEN];
+static uint8_t request_buffer[RS_MAX_PACKET_LEN];
+static uint8_t response_buffer[RS_MAX_PACKET_LEN];
static RADIUS_PACKET request, response;
int main(int argc, const char *argv[])
@@ -61,12 +61,12 @@ int main(int argc, const char *argv[])
if (argc > 2) password = argv[2];
rcode = nr_packet_attr_append(&request, NULL,
- NR_DA_USER_NAME,
+ RS_DA_USER_NAME,
user, 0);
if (rcode < 0) goto error;
rcode = nr_packet_attr_append(&request, NULL,
- NR_DA_USER_PASSWORD,
+ RS_DA_USER_PASSWORD,
password, 0);
if (rcode < 0) goto error;
@@ -84,12 +84,12 @@ int main(int argc, const char *argv[])
if (rcode < 0) goto error;
rcode = nr_packet_attr_append(&response, &request,
- NR_DA_REPLY_MESSAGE,
+ RS_DA_REPLY_MESSAGE,
"Success!", 0);
if (rcode < 0) goto error;
rcode = nr_packet_attr_append(&response, &request,
- NR_DA_TUNNEL_PASSWORD,
+ RS_DA_TUNNEL_PASSWORD,
password, 0);
if (rcode < 0) goto error;
rcode = nr_packet_sign(&response, &request);
diff --git a/lib/radius/examples/example_4.c b/lib/radius/examples/example_4.c
index f93764c..2dadc89 100644
--- a/lib/radius/examples/example_4.c
+++ b/lib/radius/examples/example_4.c
@@ -52,12 +52,12 @@ int main(int argc, const char *argv[])
if (argc > 2) password = argv[2];
rcode = nr_packet_attr_append(&request, NULL,
- NR_DA_USER_NAME,
+ RS_DA_USER_NAME,
user, 0);
if (rcode < 0) goto error;
rcode = nr_packet_attr_append(&request, NULL,
- NR_DA_USER_PASSWORD,
+ RS_DA_USER_PASSWORD,
password, 0);
if (rcode < 0) goto error;
@@ -75,7 +75,7 @@ int main(int argc, const char *argv[])
if (rcode < 0) goto error;
rcode = nr_packet_attr_append(&response, &request,
- NR_DA_REPLY_MESSAGE,
+ RS_DA_REPLY_MESSAGE,
"Success!", 0);
if (rcode < 0) goto error;
diff --git a/lib/radius/id.c b/lib/radius/id.c
index 4fbe631..2b956f2 100644
--- a/lib/radius/id.c
+++ b/lib/radius/id.c
@@ -25,7 +25,7 @@ ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#include <networkradius-devel/client.h>
+#include "client.h"
#include <unistd.h>
/** \file id.c
@@ -38,7 +38,7 @@ static int find_id(nr_server_t *s)
int i;
uint32_t lvalue;
- if ((s->used < 0) || (s->used > 256)) return -NR_ERR_INTERNAL_FAILURE;
+ if ((s->used < 0) || (s->used > 256)) return -RSE_INTERNAL;
/*
* Ensure that the ID allocation is random.
@@ -59,7 +59,7 @@ int nr_server_id_alloc(nr_server_t *s, RADIUS_PACKET *packet)
{
int new_id;
- if (!s || !packet) return -NR_ERR_INVALID_ARG;
+ if (!s || !packet) return -RSE_INVAL;
new_id = find_id(s);
if (new_id < 0) return -new_id;
@@ -77,13 +77,13 @@ int nr_server_id_alloc(nr_server_t *s, RADIUS_PACKET *packet)
int nr_server_id_free(nr_server_t *s, RADIUS_PACKET *packet)
{
- if (!s || !packet) return -NR_ERR_INVALID_ARG;
+ if (!s || !packet) return -RSE_INVAL;
if ((packet->id < 0) || (packet->id > 255) || !s->ids[packet->id]) {
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
- if (s->ids[packet->id] != packet) return -NR_ERR_INTERNAL_FAILURE;
+ if (s->ids[packet->id] != packet) return -RSE_INTERNAL;
s->ids[packet->id] = NULL;
s->used--;
@@ -96,13 +96,13 @@ int nr_server_id_realloc(nr_server_t *s, RADIUS_PACKET *packet)
{
int new_id;
- if (!s || !packet) return -NR_ERR_INVALID_ARG;
+ if (!s || !packet) return -RSE_INVAL;
if ((packet->id < 0) || (packet->id > 255) || !s->ids[packet->id]) {
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
- if (s->ids[packet->id] != packet) return -NR_ERR_INTERNAL_FAILURE;
+ if (s->ids[packet->id] != packet) return -RSE_INTERNAL;
new_id = find_id(s);
if (new_id < 0) return new_id;
@@ -118,8 +118,8 @@ int nr_server_id_realloc(nr_server_t *s, RADIUS_PACKET *packet)
int nr_server_init(nr_server_t *s, int code, const char *secret)
{
if (!s || !secret || !*secret ||
- (code == 0) || (code > NR_MAX_PACKET_CODE)) {
- return -NR_ERR_INVALID_ARG;
+ (code == 0) || (code > RS_MAX_PACKET_CODE)) {
+ return -RSE_INVAL;
}
memset(s, 0, sizeof(*s));
@@ -137,9 +137,9 @@ int nr_server_init(nr_server_t *s, int code, const char *secret)
int nr_server_close(const nr_server_t *s)
{
- if (!s) return -NR_ERR_INVALID_ARG;
+ if (!s) return -RSE_INVAL;
- if (s->used > 0) return -NR_ERR_IN_USE;
+ if (s->used > 0) return -RSE_INUSE;
if (s->sockfd >= 0) close(s->sockfd);
@@ -151,23 +151,23 @@ int nr_server_packet_alloc(const nr_server_t *s, RADIUS_PACKET **packet_p)
int rcode;
RADIUS_PACKET *packet;
- if (!packet_p) return -NR_ERR_INVALID_ARG;
+ if (!packet_p) return -RSE_INVAL;
- packet = malloc(sizeof(*packet) + NR_MAX_PACKET_LEN);
- if (!packet) return -NR_ERR_NO_MEM;
+ packet = malloc(sizeof(*packet) + RS_MAX_PACKET_LEN);
+ if (!packet) return -RSE_NOMEM;
memset(packet, 0, sizeof(*packet));
if (!s) {
packet->data = (uint8_t *)(packet + 1);
- packet->sizeof_data = NR_MAX_PACKET_LEN;
+ packet->sizeof_data = RS_MAX_PACKET_LEN;
*packet_p = packet;
return 0;
}
rcode = nr_packet_init(packet, NULL, s->secret, s->code,
- (uint8_t *)(packet + 1), NR_MAX_PACKET_LEN);
+ (uint8_t *)(packet + 1), RS_MAX_PACKET_LEN);
if (rcode < 0) {
free(packet);
return rcode;
diff --git a/lib/radius/packet.c b/lib/radius/packet.c
index 77e3d14..c5d3bc4 100644
--- a/lib/radius/packet.c
+++ b/lib/radius/packet.c
@@ -29,17 +29,17 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* \brief Encoding and decoding packets
*/
-#include <networkradius-devel/client.h>
+#include "client.h"
-#if NR_MAX_PACKET_LEN < 64
-#error NR_MAX_PACKET_LEN is too small. It should be at least 64.
+#if RS_MAX_PACKET_LEN < 64
+#error RS_MAX_PACKET_LEN is too small. It should be at least 64.
#endif
-#if NR_MAX_PACKET_LEN > 16384
-#error NR_MAX_PACKET_LEN is too large. It should be smaller than 16K.
+#if RS_MAX_PACKET_LEN > 16384
+#error RS_MAX_PACKET_LEN is too large. It should be smaller than 16K.
#endif
-const char *nr_packet_codes[NR_MAX_PACKET_CODE + 1] = {
+const char *nr_packet_codes[RS_MAX_PACKET_CODE + 1] = {
NULL,
"Access-Request",
"Access-Accept",
@@ -61,7 +61,7 @@ const char *nr_packet_codes[NR_MAX_PACKET_CODE + 1] = {
};
-static uint64_t allowed_responses[NR_MAX_PACKET_CODE + 1] = {
+static uint64_t allowed_responses[RS_MAX_PACKET_CODE + 1] = {
0,
(1 << PW_ACCESS_ACCEPT) | (1 << PW_ACCESS_REJECT) | (1 << PW_ACCESS_CHALLENGE),
0, 0,
@@ -89,18 +89,18 @@ int nr_packet_ok_raw(const uint8_t *data, size_t sizeof_data)
if (!data || (sizeof_data < 20)) {
nr_debug_error("Invalid argument");
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
packet_len = (data[2] << 8) | data[3];
if (packet_len < 20) {
nr_debug_error("Packet length is too small");
- return -NR_ERR_PACKET_TOO_SMALL;
+ return -RSE_PACKET_TOO_SMALL;
}
if (packet_len > sizeof_data) {
nr_debug_error("Packet length overflows received data");
- return -NR_ERR_PACKET_TOO_LARGE;
+ return -RSE_PACKET_TOO_LARGE;
}
/*
@@ -112,17 +112,17 @@ int nr_packet_ok_raw(const uint8_t *data, size_t sizeof_data)
for (attr = data + 20; attr < end; attr += attr[1]) {
if ((attr + 2) > end) {
nr_debug_error("Attribute overflows packet");
- return -NR_ERR_ATTR_OVERFLOW;
+ return -RSE_ATTR_OVERFLOW;
}
if (attr[1] < 2) {
nr_debug_error("Attribute length is too small");
- return -NR_ERR_ATTR_TOO_SMALL;
+ return -RSE_ATTR_TOO_SMALL;
}
if ((attr + attr[1]) > end) {
nr_debug_error("Attribute length is too large");
- return -NR_ERR_ATTR_TOO_LARGE;
+ return -RSE_ATTR_TOO_LARGE;
}
}
@@ -133,14 +133,14 @@ int nr_packet_ok(RADIUS_PACKET *packet)
{
int rcode;
- if (!packet) return -NR_ERR_INVALID_ARG;
+ if (!packet) return -RSE_INVAL;
- if ((packet->flags & NR_PACKET_OK) != 0) return 0;
+ if ((packet->flags & RS_PACKET_OK) != 0) return 0;
rcode = nr_packet_ok_raw(packet->data, packet->length);
if (rcode < 0) return rcode;
- packet->flags |= NR_PACKET_OK;
+ packet->flags |= RS_PACKET_OK;
return 0;
}
@@ -176,7 +176,7 @@ static int msg_auth_ok(const RADIUS_PACKET *original,
if (ma[1] != 18) {
nr_debug_error("Message-Authenticator has invalid length");
- return -NR_ERR_MSG_AUTH_LEN;
+ return -RSE_MSG_AUTH_LEN;
}
memcpy(packet_vector, data + 4, sizeof(packet_vector));
@@ -203,7 +203,7 @@ static int msg_auth_ok(const RADIUS_PACKET *original,
case PW_ACCESS_CHALLENGE:
if (!original) {
nr_debug_error("Cannot validate response without request");
- return -NR_ERR_REQUEST_REQUIRED;
+ return -RSE_REQUEST_REQUIRED;
}
memcpy(data + 4, original->vector, sizeof(original->vector));
break;
@@ -219,7 +219,7 @@ static int msg_auth_ok(const RADIUS_PACKET *original,
if (digest_cmp(calc_auth_vector, msg_auth_vector,
sizeof(calc_auth_vector)) != 0) {
nr_debug_error("Invalid Message-Authenticator");
- return -NR_ERR_MSG_AUTH_WRONG;
+ return -RSE_MSG_AUTH_WRONG;
}
return 1;
@@ -234,7 +234,7 @@ static int packet_auth_ok(const RADIUS_PACKET *original,
{
uint8_t packet_vector[sizeof(original->vector)];
uint8_t calc_digest[sizeof(original->vector)];
- NR_MD5_CTX ctx;
+ RS_MD5_CTX ctx;
if ((data[0] == PW_ACCESS_REQUEST) ||
(data[0] == PW_STATUS_SERVER)) return 1;
@@ -247,17 +247,17 @@ static int packet_auth_ok(const RADIUS_PACKET *original,
memcpy(data + 4, original->vector, sizeof(original->vector));
}
- nr_MD5Init(&ctx);
- nr_MD5Update(&ctx, data, length);
- nr_MD5Update(&ctx, original->secret, original->sizeof_secret);
- nr_MD5Final(calc_digest, &ctx);
+ RS_MD5Init(&ctx);
+ RS_MD5Update(&ctx, data, length);
+ RS_MD5Update(&ctx, original->secret, original->sizeof_secret);
+ RS_MD5Final(calc_digest, &ctx);
memcpy(data + 4, packet_vector, sizeof(packet_vector));
if (digest_cmp(calc_digest, packet_vector,
sizeof(packet_vector)) != 0) {
nr_debug_error("Invalid authentication vector");
- return -NR_ERR_AUTH_VECTOR_WRONG;
+ return -RSE_AUTH_VECTOR_WRONG;
}
return 0;
@@ -274,10 +274,10 @@ int nr_packet_verify(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
if (!packet || !packet->data || !packet->secret) {
nr_debug_error("Invalid argument");
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
- if ((packet->flags & NR_PACKET_VERIFIED) != 0) return 0;
+ if ((packet->flags & RS_PACKET_VERIFIED) != 0) return 0;
/*
* Packet isn't well formed. Ignore it.
@@ -291,16 +291,16 @@ int nr_packet_verify(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
if (original) {
uint64_t mask;
- if (original->code > NR_MAX_PACKET_CODE) {
+ if (original->code > RS_MAX_PACKET_CODE) {
nr_debug_error("Invalid original code %u",
original->code);
- return -NR_ERR_REQUEST_CODE_INVALID;
+ return -RSE_INVALID_REQUEST_CODE;
}
if (packet->data[1] != original->id) {
nr_debug_error("Ignoring response with wrong ID %u",
packet->data[1]);
- return -NR_ERR_RESPONSE_ID_INVALID;
+ return -RSE_INVALID_RESPONSE_CODE;
}
mask = 1;
@@ -309,18 +309,18 @@ int nr_packet_verify(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
if ((allowed_responses[original->code] & mask) == 0) {
nr_debug_error("Ignoring response with wrong code %u",
packet->data[0]);
- return -NR_ERR_RESPONSE_CODE_INVALID;
+ return -RSE_INVALID_RESPONSE_CODE;
}
if ((memcmp(&packet->src, &original->dst, sizeof(packet->src)) != 0) &&
- (sockaddr_cmp(&(packet->src), &(original->dst)) != 0)) {
+ (evutil_sockaddr_cmp(&(packet->src), &(original->dst)) != 0)) {
nr_debug_error("Ignoring response from wrong IP/port");
- return -NR_ERR_RESPONSE_SRC_INVALID;
+ return -RSE_INVALID_RESPONSE_SRC;
}
} else if (allowed_responses[packet->data[0]] != 0) {
nr_debug_error("Ignoring response without original");
- return -NR_ERR_RESPONSE_CODE_INVALID;
+ return -RSE_INVALID_RESPONSE_CODE;
}
#ifdef PW_MESSAGE_AUTHENTICATOR
@@ -344,7 +344,7 @@ int nr_packet_verify(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
rcode = packet_auth_ok(original, packet->data, packet->length);
if (rcode < 0) return rcode;
- packet->flags |= NR_PACKET_VERIFIED;
+ packet->flags |= RS_PACKET_VERIFIED;
return 0;
}
@@ -357,9 +357,9 @@ int nr_packet_decode(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
const uint8_t *end;
VALUE_PAIR **tail, *vp;
- if (!packet) return -NR_ERR_INVALID_ARG;
+ if (!packet) return -RSE_INVAL;
- if ((packet->flags & NR_PACKET_DECODED) != 0) return 0;
+ if ((packet->flags & RS_PACKET_DECODED) != 0) return 0;
rcode = nr_packet_ok(packet);
if (rcode < 0) return rcode;
@@ -387,10 +387,10 @@ int nr_packet_decode(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
vp = vp->next;
}
- if (num_attributes > NR_MAX_ATTRIBUTES) {
+ if (num_attributes > RS_MAX_ATTRIBUTES) {
nr_debug_error("Too many attributes");
nr_vp_free(&packet->vps);
- return -NR_ERR_TOO_MANY_ATTRS;
+ return -RSE_TOO_MANY_ATTRS;
}
}
@@ -398,7 +398,7 @@ int nr_packet_decode(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
packet->id = data[1];
memcpy(packet->vector, data + 4, sizeof(packet->vector));
- packet->flags |= NR_PACKET_DECODED;
+ packet->flags |= RS_PACKET_DECODED;
return 0;
}
@@ -411,9 +411,9 @@ int nr_packet_sign(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
const uint8_t *attr, *end;
#endif
- if ((packet->flags & NR_PACKET_SIGNED) != 0) return 0;
+ if ((packet->flags & RS_PACKET_SIGNED) != 0) return 0;
- if ((packet->flags & NR_PACKET_ENCODED) == 0) {
+ if ((packet->flags & RS_PACKET_ENCODED) == 0) {
int rcode;
rcode = nr_packet_encode(packet, original);
@@ -426,7 +426,7 @@ int nr_packet_sign(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
#ifdef PW_MESSAGE_AUTHENTICATOR
if (!original) {
nr_debug_error("Original packet is required to create the Message-Authenticator");
- return -NR_ERR_REQUEST_REQUIRED;
+ return -RSE_REQUEST_REQUIRED;
}
#endif
@@ -483,18 +483,18 @@ int nr_packet_sign(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
*/
if (!((packet->code == PW_ACCESS_REQUEST) ||
(packet->code == PW_STATUS_SERVER))) {
- NR_MD5_CTX ctx;
+ RS_MD5_CTX ctx;
- nr_MD5Init(&ctx);
- nr_MD5Update(&ctx, packet->data, packet->length);
- nr_MD5Update(&ctx, packet->secret, packet->sizeof_secret);
- nr_MD5Final(packet->vector, &ctx);
+ RS_MD5Init(&ctx);
+ RS_MD5Update(&ctx, packet->data, packet->length);
+ RS_MD5Update(&ctx, packet->secret, packet->sizeof_secret);
+ RS_MD5Final(packet->vector, &ctx);
}
memcpy(packet->data + 4, packet->vector, sizeof(packet->vector));
packet->attempts = 0;
- packet->flags |= NR_PACKET_SIGNED;
+ packet->flags |= RS_PACKET_SIGNED;
return 0;
}
@@ -504,28 +504,28 @@ static int can_encode_packet(RADIUS_PACKET *packet,
const RADIUS_PACKET *original)
{
if ((packet->code == 0) ||
- (packet->code > NR_MAX_PACKET_CODE) ||
- (original && (original->code > NR_MAX_PACKET_CODE))) {
+ (packet->code > RS_MAX_PACKET_CODE) ||
+ (original && (original->code > RS_MAX_PACKET_CODE))) {
nr_debug_error("Cannot send unknown packet code");
- return -NR_ERR_REQUEST_CODE_INVALID;
+ return -RSE_INVALID_REQUEST_CODE;
}
if (!nr_packet_codes[packet->code]) {
nr_debug_error("Cannot handle packet code %u",
packet->code);
- return -NR_ERR_REQUEST_CODE_INVALID;
+ return -RSE_INVALID_REQUEST_CODE;
}
#ifdef NR_NO_MALLOC
if (!packet->data) {
nr_debug_error("No place to put packet");
- return -NR_ERR_NO_PACKET_DATA;
+ return -RSE_NO_PACKET_DATA;
}
#endif
if (packet->sizeof_data < 20) {
nr_debug_error("The buffer is too small to encode the packet");
- return -NR_ERR_PACKET_TOO_SMALL;
+ return -RSE_PACKET_TOO_SMALL;
}
/*
@@ -540,14 +540,14 @@ static int can_encode_packet(RADIUS_PACKET *packet,
if ((allowed_responses[original->code] & mask) == 0) {
nr_debug_error("Cannot encode response %u to packet %u",
packet->code, original->code);
- return -NR_ERR_RESPONSE_CODE_INVALID;
+ return -RSE_INVALID_RESPONSE_CODE;
}
packet->id = original->id;
} else if (allowed_responses[packet->code] == 0) {
nr_debug_error("Cannot encode response %u without original",
packet->code);
- return -NR_ERR_REQUEST_REQUIRED;
+ return -RSE_REQUEST_REQUIRED;
}
return 0;
@@ -555,7 +555,7 @@ static int can_encode_packet(RADIUS_PACKET *packet,
static void encode_header(RADIUS_PACKET *packet)
{
- if ((packet->flags & NR_PACKET_HEADER) != 0) return;
+ if ((packet->flags & RS_PACKET_HEADER) != 0) return;
memset(packet->data, 0, 20);
packet->data[0] = packet->code;
@@ -576,7 +576,7 @@ static void encode_header(RADIUS_PACKET *packet)
memcpy(packet->data + 4, packet->vector, sizeof(packet->vector));
- packet->flags |= NR_PACKET_HEADER;
+ packet->flags |= RS_PACKET_HEADER;
}
int nr_packet_encode(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
@@ -589,7 +589,7 @@ int nr_packet_encode(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
const VALUE_PAIR *vp;
uint8_t *data, *end;
- if ((packet->flags & NR_PACKET_ENCODED) != 0) return 0;
+ if ((packet->flags & RS_PACKET_ENCODED) != 0) return 0;
rcode = can_encode_packet(packet, original);
if (rcode < 0) return rcode;
@@ -642,7 +642,7 @@ int nr_packet_encode(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
packet->data[2] = (packet->length >> 8) & 0xff;
packet->data[3] = packet->length & 0xff;
- packet->flags |= NR_PACKET_ENCODED;
+ packet->flags |= RS_PACKET_ENCODED;
return packet->length;
}
@@ -696,7 +696,7 @@ int nr_packet_walk(RADIUS_PACKET *packet, void *ctx,
uint8_t *attr;
const uint8_t *end;
- if (!packet || !callback) return -NR_ERR_INVALID_ARG;
+ if (!packet || !callback) return -RSE_INVAL;
rcode = nr_packet_ok(packet);
if (rcode < 0) return rcode;
@@ -760,7 +760,7 @@ int nr_packet_walk(RADIUS_PACKET *packet, void *ctx,
break;
default:
- return -NR_ERR_INTERNAL_FAILURE;
+ return -RSE_INTERNAL;
}
switch (dv_length) {
@@ -774,7 +774,7 @@ int nr_packet_walk(RADIUS_PACKET *packet, void *ctx,
break;
default:
- return -NR_ERR_INTERNAL_FAILURE;
+ return -RSE_INTERNAL;
}
rcode = do_callback(ctx, callback,
@@ -794,17 +794,15 @@ int nr_packet_init(RADIUS_PACKET *packet, const RADIUS_PACKET *original,
{
int rcode;
- if ((code < 0) || (code > NR_MAX_PACKET_CODE)) {
- return -NR_ERR_REQUEST_CODE_INVALID;
+ if ((code < 0) || (code > RS_MAX_PACKET_CODE)) {
+ return -RSE_INVALID_REQUEST_CODE;
}
- if (!data || (sizeof_data < 20)) return -NR_ERR_INVALID_ARG;
-
- if (!secret || !*secret) return -NR_ERR_INVALID_ARG;
+ if (!data || (sizeof_data < 20)) return -RSE_INVAL;
memset(packet, 0, sizeof(*packet));
packet->secret = secret;
- packet->sizeof_secret = strlen(secret);
+ packet->sizeof_secret = secret ? strlen(secret) : 0;
packet->code = code;
packet->id = 0;
packet->data = data;
@@ -832,7 +830,7 @@ static int pack_eap(RADIUS_PACKET *packet,
end = attr + packet->sizeof_data;
while (left > 253) {
- if ((attr + 255) > end) return -NR_ERR_ATTR_OVERFLOW;
+ if ((attr + 255) > end) return -RSE_ATTR_OVERFLOW;
attr[0] = PW_EAP_MESSAGE;
attr[1] = 255;
@@ -842,7 +840,7 @@ static int pack_eap(RADIUS_PACKET *packet,
left -= 253;
}
- if ((attr + (2 + left)) > end) return -NR_ERR_ATTR_OVERFLOW;
+ if ((attr + (2 + left)) > end) return -RSE_ATTR_OVERFLOW;
attr[0] = PW_EAP_MESSAGE;
attr[1] = 2 + left;
@@ -864,27 +862,27 @@ ssize_t nr_packet_attr_append(RADIUS_PACKET *packet,
const VALUE_PAIR *vp;
if (!packet || !da || !data) {
- return -NR_ERR_INVALID_ARG;
+ return -RSE_INVAL;
}
if (data_len == 0) {
- if (da->type != NR_TYPE_STRING) return -NR_ERR_ATTR_TOO_SMALL;
+ if (da->type != RS_TYPE_STRING) return -RSE_ATTR_TOO_SMALL;
data_len = strlen(data);
}
- packet->flags |= NR_PACKET_ENCODED; /* ignore any VPs */
+ packet->flags |= RS_PACKET_ENCODED; /* ignore any VPs */
attr = packet->data + packet->length;
end = attr + packet->sizeof_data;
if ((attr + 2 + data_len) > end) {
- return -NR_ERR_ATTR_OVERFLOW;
+ return -RSE_ATTR_OVERFLOW;
}
if ((da->flags.length != 0) &&
(data_len != da->flags.length)) {
- return -NR_ERR_ATTR_VALUE_MALFORMED;
+ return -RSE_ATTR_VALUE_MALFORMED;
}
#ifdef PW_EAP_MESSAGE
@@ -897,7 +895,7 @@ ssize_t nr_packet_attr_append(RADIUS_PACKET *packet,
}
#endif
- if (data_len > 253) return -NR_ERR_ATTR_TOO_LARGE;
+ if (data_len > 253) return -RSE_ATTR_TOO_LARGE;
vp = nr_vp_init(&my_vp, da);
rcode = nr_vp_set_data(&my_vp, data, data_len);
diff --git a/lib/radius/parse.c b/lib/radius/parse.c
index 6b593a8..cd7491a 100644
--- a/lib/radius/parse.c
+++ b/lib/radius/parse.c
@@ -29,7 +29,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* \brief Routines to parse strings into internal data structures
*/
-#include <networkradius-devel/client.h>
+#include "client.h"
#include <arpa/inet.h>
ssize_t nr_vp_sscanf_value(VALUE_PAIR *vp, const char *value)
@@ -37,43 +37,43 @@ ssize_t nr_vp_sscanf_value(VALUE_PAIR *vp, const char *value)
char *end;
switch (vp->da->type) {
- case NR_TYPE_STRING:
+ case RS_TYPE_STRING:
strlcpy(vp->vp_strvalue, value, sizeof(vp->vp_strvalue));
vp->length = strlen(vp->vp_strvalue);
return vp->length;
- case NR_TYPE_DATE:
- case NR_TYPE_INTEGER:
+ case RS_TYPE_DATE:
+ case RS_TYPE_INTEGER:
vp->vp_integer = strtoul(value, &end, 10);
if ((value == end) || (*end != '\0')) {
nr_debug_error("Invalid value");
- return -NR_ERR_ATTR_VALUE_MALFORMED;
+ return -RSE_ATTR_VALUE_MALFORMED;
}
return (end - value);
- case NR_TYPE_IPADDR:
+ case RS_TYPE_IPADDR:
if (inet_pton(AF_INET, value, &vp->vp_ipaddr) < 0) {
- return -NR_ERR_SYSTEM;
+ return -RSE_NOSYS;
}
return strlen(value);
-#ifdef NR_TYPE_IPV6ADDR
- case NR_TYPE_IPV6ADDR:
+#ifdef RS_TYPE_IPV6ADDR
+ case RS_TYPE_IPV6ADDR:
if (inet_pton(AF_INET6, value, &vp-vp>ipv6addr) < 0) {
- return -NR_ERR_SYSTEM;
+ return -RSE_NOSYS;
}
return strlen(value);
#endif
-#ifdef NR_TYPE_IFID
- case NR_TYPE_IFID:
+#ifdef RS_TYPE_IFID
+ case RS_TYPE_IFID:
{
int i, array[8];
if (sscanf(value, "%02x%02x%02x%02x%02x%02x%02x%02x",
&array[0], &array[1], &array[2], &array[3],
&array[4], &array[5], &array[6], &array[7]) != 8) {
- return -NR_ERR_SYSTEM;
+ return -RSE_SYSTEM;
}
for (i = 0; i < 8; i++) vp->vp_ifid[i] = array[i] & 0xff;
@@ -84,7 +84,7 @@ ssize_t nr_vp_sscanf_value(VALUE_PAIR *vp, const char *value)
default:
nr_debug_error("Invalid type");
- return -NR_ERR_ATTR_TYPE_UNKNOWN;
+ return -RSE_ATTR_TYPE_UNKNOWN;
}
return 0;
@@ -99,7 +99,7 @@ int nr_vp_sscanf(const char *string, VALUE_PAIR **pvp)
VALUE_PAIR *vp;
char buffer[256];
- if (!string || !pvp) return -NR_ERR_INVALID_ARG;
+ if (!string || !pvp) return -RSE_INVAL;
p = string;
q = buffer;
@@ -110,26 +110,26 @@ int nr_vp_sscanf(const char *string, VALUE_PAIR **pvp)
if (q == buffer) {
nr_debug_error("No Attribute name");
- return -NR_ERR_ATTR_BAD_NAME;
+ return -RSE_ATTR_BAD_NAME;
}
da = nr_dict_attr_byname(buffer);
if (!da) {
nr_debug_error("Unknown attribute \"%s\"", buffer);
- return -NR_ERR_ATTR_UNKNOWN;
+ return -RSE_ATTR_UNKNOWN;
}
while (*p == ' ') p++;
if (*p != '=') {
nr_debug_error("Unexpected text after attribute name");
- return -NR_ERR_ATTR_BAD_NAME;
+ return -RSE_ATTR_BAD_NAME;
}
p++;
while (*p == ' ') p++;
vp = nr_vp_alloc(da);
- if (!vp) return -NR_ERR_NO_MEM;
+ if (!vp) return -RSE_NOMEM;
rcode = nr_vp_sscanf_value(vp, p);
if (rcode < 0) {
diff --git a/lib/radius/print.c b/lib/radius/print.c
index abe4255..28dd0a6 100644
--- a/lib/radius/print.c
+++ b/lib/radius/print.c
@@ -29,9 +29,9 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* \brief Functions to print things.
*/
-#include <networkradius-devel/client.h>
+#include "client.h"
#include <string.h>
-#ifdef NR_TYPE_IPV6ADDR
+#ifdef RS_TYPE_IPV6ADDR
#include <arpa/inet.h>
#endif
@@ -51,7 +51,7 @@ void nr_packet_print_hex(RADIUS_PACKET *packet)
printf("%02x", packet->data[i]);
}
printf("\n");
- if ((packet->flags & NR_PACKET_SIGNED) == 0) printf("\t\tWARNING: nr_packet_sign() was not called!\n");
+ if ((packet->flags & RS_PACKET_SIGNED) == 0) printf("\t\tWARNING: nr_packet_sign() was not called!\n");
if (packet->length > 20) {
int total;
@@ -106,21 +106,21 @@ size_t nr_vp_snprintf_value(char *buffer, size_t buflen, const VALUE_PAIR *vp)
char *p = buffer;
switch (vp->da->type) {
- case NR_TYPE_STRING:
+ case RS_TYPE_STRING:
/*
* FIXME: escape backslash && quotes!
*/
- len = snprintf(p, buflen, "\"%s\"", vp->vp_strvalue);
+ len = snprintf(p, buflen, "%s", vp->vp_strvalue);
break;
- case NR_TYPE_DATE:
- case NR_TYPE_INTEGER:
- case NR_TYPE_SHORT:
- case NR_TYPE_BYTE:
+ case RS_TYPE_DATE:
+ case RS_TYPE_INTEGER:
+ case RS_TYPE_SHORT:
+ case RS_TYPE_BYTE:
len = snprintf(p, buflen, "%u", vp->vp_integer);
break;
- case NR_TYPE_IPADDR:
+ case RS_TYPE_IPADDR:
len = snprintf(p, buflen, "%u.%u.%u.%u",
(vp->vp_ipaddr >> 24) & 0xff,
(vp->vp_ipaddr >> 16) & 0xff,
@@ -128,16 +128,16 @@ size_t nr_vp_snprintf_value(char *buffer, size_t buflen, const VALUE_PAIR *vp)
vp->vp_ipaddr & 0xff);
break;
-#ifdef NR_TYPE_IPV6ADDR
- case NR_TYPE_IPV6ADDR:
+#ifdef RS_TYPE_IPV6ADDR
+ case RS_TYPE_IPV6ADDR:
if (!inet_ntop(AF_INET6, &vp->vp_ipv6addr, buffer, buflen)) {
- return -NR_ERR_SYSTEM;
+ return -RSE_SYSTEM;
}
break;
#endif
-#ifdef NR_TYPE_IFID
- case NR_TYPE_IFID:
+#ifdef RS_TYPE_IFID
+ case RS_TYPE_IFID:
len = snprintf(p, buflen, "%02x%02x%02x%02x%02x%02x%02x%02x",
vp->vp_ifid[0], vp->vp_ifid[1],
vp->vp_ifid[2], vp->vp_ifid[3],
@@ -146,7 +146,7 @@ size_t nr_vp_snprintf_value(char *buffer, size_t buflen, const VALUE_PAIR *vp)
break;
#endif
- case NR_TYPE_OCTETS:
+ case RS_TYPE_OCTETS:
len = snprintf(p, buflen, "0x");
if (len >= buflen) return 0;
@@ -224,42 +224,3 @@ void nr_strerror_printf(const char *fmt, ...)
}
/** \endcond */
-const char *nr_strerror(int error)
-{
- if (error == 0) return nr_strerror_buffer;
-
- if (error < 0) error = -error;
-
- switch (error) {
- default: return "Unknown error";
- case NR_ERR_SYSTEM: return strerror(errno);
-
- case NR_ERR_INVALID_ARG: return "Invalid argument";
- case NR_ERR_PACKET_TOO_SMALL: return "Packet is too small";
- case NR_ERR_PACKET_TOO_LARGE: return "Packet is too large";
- case NR_ERR_ATTR_OVERFLOW: return "Attribute overflows packet";
- case NR_ERR_ATTR_TOO_SMALL: return "Attribute is too small";
- case NR_ERR_ATTR_TOO_LARGE: return "Attribute is too large";
- case NR_ERR_ATTR_UNKNOWN: return "Unknown attribute";
- case NR_ERR_ATTR_BAD_NAME: return "Invalid name for attribute";
- case NR_ERR_ATTR_VALUE_MALFORMED: return "Invalid value for attribute";
- case NR_ERR_ATTR_INVALID: return "Invalid attribute";
- case NR_ERR_TOO_MANY_ATTRS: return "Too many attributes in the packet";
- case NR_ERR_ATTR_TYPE_UNKNOWN: return "Attribute type unknown";
- case NR_ERR_MSG_AUTH_LEN: return "Invalid Message-Authenticator";
- case NR_ERR_MSG_AUTH_WRONG: return "Incorrect Message-Authenticator";
- case NR_ERR_REQUEST_REQUIRED: return "Request is required";
- case NR_ERR_REQUEST_CODE_INVALID: return "Invalid request code";
- case NR_ERR_AUTH_VECTOR_WRONG: return "Incorrect Request Authenticator";
- case NR_ERR_RESPONSE_CODE_INVALID: return "Response code is unsupported";
- case NR_ERR_RESPONSE_ID_INVALID: return "Response ID is invalid";
- case NR_ERR_RESPONSE_SRC_INVALID: return "Response from the wrong src ip/port";
- case NR_ERR_NO_PACKET_DATA: return "Cannot encode the packet";
- case NR_ERR_VENDOR_UNKNOWN: return "Vendor is unknown";
- case NR_ERR_INTERNAL_FAILURE: return "Internal failure";
- case NR_ERR_UNSUPPORTED: return "Unsupported feature";
- case NR_ERR_NO_MEM: return "Out of memory";
- case NR_ERR_IN_USE: return "Resource is in use";
-
- }
-}
diff --git a/lib/radius/radius.h b/lib/radius/radius.h
deleted file mode 100644
index cfc16b7..0000000
--- a/lib/radius/radius.h
+++ /dev/null
@@ -1,314 +0,0 @@
-/* Automatically generated file. Do not edit */
-
-#define VENDORPEC_MICROSOFT 311
-#define VENDORPEC_EXAMPLE 65535
-
-
-/* IETF */
-#define PW_USER_NAME 1
-#define PW_USER_PASSWORD 2
-#define PW_CHAP_PASSWORD 3
-#define PW_NAS_IP_ADDRESS 4
-#define PW_NAS_PORT 5
-#define PW_SERVICE_TYPE 6
-#define PW_FRAMED_PROTOCOL 7
-#define PW_FRAMED_IP_ADDRESS 8
-#define PW_FRAMED_IP_NETMASK 9
-#define PW_FRAMED_ROUTING 10
-#define PW_FILTER_ID 11
-#define PW_FRAMED_MTU 12
-#define PW_FRAMED_COMPRESSION 13
-#define PW_LOGIN_IP_HOST 14
-#define PW_LOGIN_SERVICE 15
-#define PW_LOGIN_TCP_PORT 16
-#define PW_REPLY_MESSAGE 18
-#define PW_CALLBACK_NUMBER 19
-#define PW_CALLBACK_ID 20
-#define PW_FRAMED_ROUTE 22
-#define PW_FRAMED_IPX_NETWORK 23
-#define PW_STATE 24
-#define PW_CLASS 25
-#define PW_VENDOR_SPECIFIC 26
-#define PW_SESSION_TIMEOUT 27
-#define PW_IDLE_TIMEOUT 28
-#define PW_TERMINATION_ACTION 29
-#define PW_CALLED_STATION_ID 30
-#define PW_CALLING_STATION_ID 31
-#define PW_NAS_IDENTIFIER 32
-#define PW_PROXY_STATE 33
-#define PW_LOGIN_LAT_SERVICE 34
-#define PW_LOGIN_LAT_NODE 35
-#define PW_LOGIN_LAT_GROUP 36
-#define PW_FRAMED_APPLETALK_LINK 37
-#define PW_FRAMED_APPLETALK_NETWORK 38
-#define PW_FRAMED_APPLETALK_ZONE 39
-#define PW_ACCT_STATUS_TYPE 40
-#define PW_ACCT_DELAY_TIME 41
-#define PW_ACCT_INPUT_OCTETS 42
-#define PW_ACCT_OUTPUT_OCTETS 43
-#define PW_ACCT_SESSION_ID 44
-#define PW_ACCT_AUTHENTIC 45
-#define PW_ACCT_SESSION_TIME 46
-#define PW_ACCT_INPUT_PACKETS 47
-#define PW_ACCT_OUTPUT_PACKETS 48
-#define PW_ACCT_TERMINATE_CAUSE 49
-#define PW_ACCT_MULTI_SESSION_ID 50
-#define PW_ACCT_LINK_COUNT 51
-#define PW_ACCT_INPUT_GIGAWORDS 52
-#define PW_ACCT_OUTPUT_GIGAWORDS 53
-#define PW_EVENT_TIMESTAMP 55
-#define PW_EGRESS_VLANID 56
-#define PW_INGRESS_FILTERS 57
-#define PW_EGRESS_VLAN_NAME 58
-#define PW_USER_PRIORITY_TABLE 59
-#define PW_CHAP_CHALLENGE 60
-#define PW_NAS_PORT_TYPE 61
-#define PW_PORT_LIMIT 62
-#define PW_LOGIN_LAT_PORT 63
-#define PW_TUNNEL_TYPE 64
-#define PW_TUNNEL_MEDIUM_TYPE 65
-#define PW_TUNNEL_CLIENT_ENDPOINT 66
-#define PW_TUNNEL_SERVER_ENDPOINT 67
-#define PW_ACCT_TUNNEL_CONNECTION 68
-#define PW_TUNNEL_PASSWORD 69
-#define PW_ARAP_PASSWORD 70
-#define PW_ARAP_FEATURES 71
-#define PW_ARAP_ZONE_ACCESS 72
-#define PW_ARAP_SECURITY 73
-#define PW_ARAP_SECURITY_DATA 74
-#define PW_PASSWORD_RETRY 75
-#define PW_PROMPT 76
-#define PW_CONNECT_INFO 77
-#define PW_CONFIGURATION_TOKEN 78
-#define PW_EAP_MESSAGE 79
-#define PW_MESSAGE_AUTHENTICATOR 80
-#define PW_TUNNEL_PRIVATE_GROUP_ID 81
-#define PW_TUNNEL_ASSIGNMENT_ID 82
-#define PW_TUNNEL_PREFERENCE 83
-#define PW_ARAP_CHALLENGE_RESPONSE 84
-#define PW_ACCT_INTERIM_INTERVAL 85
-#define PW_ACCT_TUNNEL_PACKETS_LOST 86
-#define PW_NAS_PORT_ID 87
-#define PW_FRAMED_POOL 88
-#define PW_CHARGEABLE_USER_IDENTITY 89
-#define PW_TUNNEL_CLIENT_AUTH_ID 90
-#define PW_TUNNEL_SERVER_AUTH_ID 91
-#define PW_NAS_FILTER_RULE 92
-#define PW_NAS_IPV6_ADDRESS 95
-#define PW_FRAMED_INTERFACE_ID 96
-#define PW_FRAMED_IPV6_PREFIX 97
-#define PW_LOGIN_IPV6_HOST 98
-#define PW_FRAMED_IPV6_ROUTE 99
-#define PW_FRAMED_IPV6_POOL 100
-#define PW_ERROR_CAUSE 101
-#define PW_EAP_KEY_NAME 102
-#define PW_DIGEST_RESPONSE 103
-#define PW_DIGEST_REALM 104
-#define PW_DIGEST_NONCE 105
-#define PW_DIGEST_RESPONSE_AUTH 106
-#define PW_DIGEST_NEXTNONCE 107
-#define PW_DIGEST_METHOD 108
-#define PW_DIGEST_URI 109
-#define PW_DIGEST_QOP 110
-#define PW_DIGEST_ALGORITHM 111
-#define PW_DIGEST_ENTITY_BODY_HASH 112
-#define PW_DIGEST_CNONCE 113
-#define PW_DIGEST_NONCE_COUNT 114
-#define PW_DIGEST_USERNAME 115
-#define PW_DIGEST_OPAQUE 116
-#define PW_DIGEST_AUTH_PARAM 117
-#define PW_DIGEST_AKA_AUTS 118
-#define PW_DIGEST_DOMAIN 119
-#define PW_DIGEST_STALE 120
-#define PW_DIGEST_HA1 121
-#define PW_SIP_AOR 122
-#define PW_DELEGATED_IPV6_PREFIX 123
-#define PW_OPERATOR_NAME 126
-#define PW_LOCATION_INFORMATION 127
-#define PW_LOCATION_DATA 128
-#define PW_BASIC_LOCATION_POLICY_RULES 129
-#define PW_EXTENDED_LOCATION_POLICY_RULES 130
-#define PW_LOCATION_CAPABLE 131
-#define PW_REQUESTED_LOCATION_INFO 132
-#define PW_FRAMED_MANAGEMENT 133
-#define PW_MANAGEMENT_TRANSPORT_PROTECTION 134
-#define PW_MANAGEMENT_POLICY_ID 135
-#define PW_MANAGEMENT_PRIVILEGE_LEVEL 136
-#define PW_PKM_SS_CERT 137
-#define PW_PKM_CA_CERT 138
-#define PW_PKM_CONFIG_SETTINGS 139
-#define PW_PKM_CRYPTOSUITE_LIST 140
-#define PW_PKM_SAID 141
-#define PW_PKM_SA_DESCRIPTOR 142
-#define PW_PKM_AUTH_KEY 143
-
-/* Microsoft */
-#define PW_MS_CHAP_RESPONSE 1
-#define PW_MS_CHAP_ERROR 2
-#define PW_MS_MPPE_ENCRYPTION_POLICY 7
-#define PW_MS_MPPE_ENCRYPTION_TYPES 8
-#define PW_MS_CHAP_DOMAIN 10
-#define PW_MS_CHAP_CHALLENGE 11
-#define PW_MS_CHAP_MPPE_KEYS 12
-#define PW_MS_MPPE_SEND_KEY 16
-#define PW_MS_MPPE_RECV_KEY 17
-#define PW_MS_CHAP2_RESPONSE 25
-#define PW_MS_CHAP2_SUCCESS 26
-
-/* example */
-#define PW_EXAMPLE_INTEGER 1
-#define PW_EXAMPLE_STRING 2
-#define PW_EXAMPLE_IP_ADDRESS 3
-
-/* Fixed offsets to dictionary definitions of attributes */
-#define NR_DA_USER_NAME (&nr_dict_attrs[1])
-#define NR_DA_USER_PASSWORD (&nr_dict_attrs[2])
-#define NR_DA_CHAP_PASSWORD (&nr_dict_attrs[3])
-#define NR_DA_NAS_IP_ADDRESS (&nr_dict_attrs[4])
-#define NR_DA_NAS_PORT (&nr_dict_attrs[5])
-#define NR_DA_SERVICE_TYPE (&nr_dict_attrs[6])
-#define NR_DA_FRAMED_PROTOCOL (&nr_dict_attrs[7])
-#define NR_DA_FRAMED_IP_ADDRESS (&nr_dict_attrs[8])
-#define NR_DA_FRAMED_IP_NETMASK (&nr_dict_attrs[9])
-#define NR_DA_FRAMED_ROUTING (&nr_dict_attrs[10])
-#define NR_DA_FILTER_ID (&nr_dict_attrs[11])
-#define NR_DA_FRAMED_MTU (&nr_dict_attrs[12])
-#define NR_DA_FRAMED_COMPRESSION (&nr_dict_attrs[13])
-#define NR_DA_LOGIN_IP_HOST (&nr_dict_attrs[14])
-#define NR_DA_LOGIN_SERVICE (&nr_dict_attrs[15])
-#define NR_DA_LOGIN_TCP_PORT (&nr_dict_attrs[16])
-#define NR_DA_REPLY_MESSAGE (&nr_dict_attrs[18])
-#define NR_DA_CALLBACK_NUMBER (&nr_dict_attrs[19])
-#define NR_DA_CALLBACK_ID (&nr_dict_attrs[20])
-#define NR_DA_FRAMED_ROUTE (&nr_dict_attrs[22])
-#define NR_DA_FRAMED_IPX_NETWORK (&nr_dict_attrs[23])
-#define NR_DA_STATE (&nr_dict_attrs[24])
-#define NR_DA_CLASS (&nr_dict_attrs[25])
-#define NR_DA_VENDOR_SPECIFIC (&nr_dict_attrs[26])
-#define NR_DA_SESSION_TIMEOUT (&nr_dict_attrs[27])
-#define NR_DA_IDLE_TIMEOUT (&nr_dict_attrs[28])
-#define NR_DA_TERMINATION_ACTION (&nr_dict_attrs[29])
-#define NR_DA_CALLED_STATION_ID (&nr_dict_attrs[30])
-#define NR_DA_CALLING_STATION_ID (&nr_dict_attrs[31])
-#define NR_DA_NAS_IDENTIFIER (&nr_dict_attrs[32])
-#define NR_DA_PROXY_STATE (&nr_dict_attrs[33])
-#define NR_DA_LOGIN_LAT_SERVICE (&nr_dict_attrs[34])
-#define NR_DA_LOGIN_LAT_NODE (&nr_dict_attrs[35])
-#define NR_DA_LOGIN_LAT_GROUP (&nr_dict_attrs[36])
-#define NR_DA_FRAMED_APPLETALK_LINK (&nr_dict_attrs[37])
-#define NR_DA_FRAMED_APPLETALK_NETWORK (&nr_dict_attrs[38])
-#define NR_DA_FRAMED_APPLETALK_ZONE (&nr_dict_attrs[39])
-#define NR_DA_ACCT_STATUS_TYPE (&nr_dict_attrs[40])
-#define NR_DA_ACCT_DELAY_TIME (&nr_dict_attrs[41])
-#define NR_DA_ACCT_INPUT_OCTETS (&nr_dict_attrs[42])
-#define NR_DA_ACCT_OUTPUT_OCTETS (&nr_dict_attrs[43])
-#define NR_DA_ACCT_SESSION_ID (&nr_dict_attrs[44])
-#define NR_DA_ACCT_AUTHENTIC (&nr_dict_attrs[45])
-#define NR_DA_ACCT_SESSION_TIME (&nr_dict_attrs[46])
-#define NR_DA_ACCT_INPUT_PACKETS (&nr_dict_attrs[47])
-#define NR_DA_ACCT_OUTPUT_PACKETS (&nr_dict_attrs[48])
-#define NR_DA_ACCT_TERMINATE_CAUSE (&nr_dict_attrs[49])
-#define NR_DA_ACCT_MULTI_SESSION_ID (&nr_dict_attrs[50])
-#define NR_DA_ACCT_LINK_COUNT (&nr_dict_attrs[51])
-#define NR_DA_ACCT_INPUT_GIGAWORDS (&nr_dict_attrs[52])
-#define NR_DA_ACCT_OUTPUT_GIGAWORDS (&nr_dict_attrs[53])
-#define NR_DA_EVENT_TIMESTAMP (&nr_dict_attrs[55])
-#define NR_DA_EGRESS_VLANID (&nr_dict_attrs[56])
-#define NR_DA_INGRESS_FILTERS (&nr_dict_attrs[57])
-#define NR_DA_EGRESS_VLAN_NAME (&nr_dict_attrs[58])
-#define NR_DA_USER_PRIORITY_TABLE (&nr_dict_attrs[59])
-#define NR_DA_CHAP_CHALLENGE (&nr_dict_attrs[60])
-#define NR_DA_NAS_PORT_TYPE (&nr_dict_attrs[61])
-#define NR_DA_PORT_LIMIT (&nr_dict_attrs[62])
-#define NR_DA_LOGIN_LAT_PORT (&nr_dict_attrs[63])
-#define NR_DA_TUNNEL_TYPE (&nr_dict_attrs[64])
-#define NR_DA_TUNNEL_MEDIUM_TYPE (&nr_dict_attrs[65])
-#define NR_DA_TUNNEL_CLIENT_ENDPOINT (&nr_dict_attrs[66])
-#define NR_DA_TUNNEL_SERVER_ENDPOINT (&nr_dict_attrs[67])
-#define NR_DA_ACCT_TUNNEL_CONNECTION (&nr_dict_attrs[68])
-#define NR_DA_TUNNEL_PASSWORD (&nr_dict_attrs[69])
-#define NR_DA_ARAP_PASSWORD (&nr_dict_attrs[70])
-#define NR_DA_ARAP_FEATURES (&nr_dict_attrs[71])
-#define NR_DA_ARAP_ZONE_ACCESS (&nr_dict_attrs[72])
-#define NR_DA_ARAP_SECURITY (&nr_dict_attrs[73])
-#define NR_DA_ARAP_SECURITY_DATA (&nr_dict_attrs[74])
-#define NR_DA_PASSWORD_RETRY (&nr_dict_attrs[75])
-#define NR_DA_PROMPT (&nr_dict_attrs[76])
-#define NR_DA_CONNECT_INFO (&nr_dict_attrs[77])
-#define NR_DA_CONFIGURATION_TOKEN (&nr_dict_attrs[78])
-#define NR_DA_EAP_MESSAGE (&nr_dict_attrs[79])
-#define NR_DA_MESSAGE_AUTHENTICATOR (&nr_dict_attrs[80])
-#define NR_DA_TUNNEL_PRIVATE_GROUP_ID (&nr_dict_attrs[81])
-#define NR_DA_TUNNEL_ASSIGNMENT_ID (&nr_dict_attrs[82])
-#define NR_DA_TUNNEL_PREFERENCE (&nr_dict_attrs[83])
-#define NR_DA_ARAP_CHALLENGE_RESPONSE (&nr_dict_attrs[84])
-#define NR_DA_ACCT_INTERIM_INTERVAL (&nr_dict_attrs[85])
-#define NR_DA_ACCT_TUNNEL_PACKETS_LOST (&nr_dict_attrs[86])
-#define NR_DA_NAS_PORT_ID (&nr_dict_attrs[87])
-#define NR_DA_FRAMED_POOL (&nr_dict_attrs[88])
-#define NR_DA_CHARGEABLE_USER_IDENTITY (&nr_dict_attrs[89])
-#define NR_DA_TUNNEL_CLIENT_AUTH_ID (&nr_dict_attrs[90])
-#define NR_DA_TUNNEL_SERVER_AUTH_ID (&nr_dict_attrs[91])
-#define NR_DA_NAS_FILTER_RULE (&nr_dict_attrs[92])
-#define NR_DA_NAS_IPV6_ADDRESS (&nr_dict_attrs[95])
-#define NR_DA_FRAMED_INTERFACE_ID (&nr_dict_attrs[96])
-#define NR_DA_FRAMED_IPV6_PREFIX (&nr_dict_attrs[97])
-#define NR_DA_LOGIN_IPV6_HOST (&nr_dict_attrs[98])
-#define NR_DA_FRAMED_IPV6_ROUTE (&nr_dict_attrs[99])
-#define NR_DA_FRAMED_IPV6_POOL (&nr_dict_attrs[100])
-#define NR_DA_ERROR_CAUSE (&nr_dict_attrs[101])
-#define NR_DA_EAP_KEY_NAME (&nr_dict_attrs[102])
-#define NR_DA_DIGEST_RESPONSE (&nr_dict_attrs[103])
-#define NR_DA_DIGEST_REALM (&nr_dict_attrs[104])
-#define NR_DA_DIGEST_NONCE (&nr_dict_attrs[105])
-#define NR_DA_DIGEST_RESPONSE_AUTH (&nr_dict_attrs[106])
-#define NR_DA_DIGEST_NEXTNONCE (&nr_dict_attrs[107])
-#define NR_DA_DIGEST_METHOD (&nr_dict_attrs[108])
-#define NR_DA_DIGEST_URI (&nr_dict_attrs[109])
-#define NR_DA_DIGEST_QOP (&nr_dict_attrs[110])
-#define NR_DA_DIGEST_ALGORITHM (&nr_dict_attrs[111])
-#define NR_DA_DIGEST_ENTITY_BODY_HASH (&nr_dict_attrs[112])
-#define NR_DA_DIGEST_CNONCE (&nr_dict_attrs[113])
-#define NR_DA_DIGEST_NONCE_COUNT (&nr_dict_attrs[114])
-#define NR_DA_DIGEST_USERNAME (&nr_dict_attrs[115])
-#define NR_DA_DIGEST_OPAQUE (&nr_dict_attrs[116])
-#define NR_DA_DIGEST_AUTH_PARAM (&nr_dict_attrs[117])
-#define NR_DA_DIGEST_AKA_AUTS (&nr_dict_attrs[118])
-#define NR_DA_DIGEST_DOMAIN (&nr_dict_attrs[119])
-#define NR_DA_DIGEST_STALE (&nr_dict_attrs[120])
-#define NR_DA_DIGEST_HA1 (&nr_dict_attrs[121])
-#define NR_DA_SIP_AOR (&nr_dict_attrs[122])
-#define NR_DA_DELEGATED_IPV6_PREFIX (&nr_dict_attrs[123])
-#define NR_DA_OPERATOR_NAME (&nr_dict_attrs[126])
-#define NR_DA_LOCATION_INFORMATION (&nr_dict_attrs[127])
-#define NR_DA_LOCATION_DATA (&nr_dict_attrs[128])
-#define NR_DA_BASIC_LOCATION_POLICY_RULES (&nr_dict_attrs[129])
-#define NR_DA_EXTENDED_LOCATION_POLICY_RULES (&nr_dict_attrs[130])
-#define NR_DA_LOCATION_CAPABLE (&nr_dict_attrs[131])
-#define NR_DA_REQUESTED_LOCATION_INFO (&nr_dict_attrs[132])
-#define NR_DA_FRAMED_MANAGEMENT (&nr_dict_attrs[133])
-#define NR_DA_MANAGEMENT_TRANSPORT_PROTECTION (&nr_dict_attrs[134])
-#define NR_DA_MANAGEMENT_POLICY_ID (&nr_dict_attrs[135])
-#define NR_DA_MANAGEMENT_PRIVILEGE_LEVEL (&nr_dict_attrs[136])
-#define NR_DA_PKM_SS_CERT (&nr_dict_attrs[137])
-#define NR_DA_PKM_CA_CERT (&nr_dict_attrs[138])
-#define NR_DA_PKM_CONFIG_SETTINGS (&nr_dict_attrs[139])
-#define NR_DA_PKM_CRYPTOSUITE_LIST (&nr_dict_attrs[140])
-#define NR_DA_PKM_SAID (&nr_dict_attrs[141])
-#define NR_DA_PKM_SA_DESCRIPTOR (&nr_dict_attrs[142])
-#define NR_DA_PKM_AUTH_KEY (&nr_dict_attrs[143])
-#define NR_DA_MS_CHAP_RESPONSE (&nr_dict_attrs[256])
-#define NR_DA_MS_CHAP_ERROR (&nr_dict_attrs[257])
-#define NR_DA_MS_MPPE_ENCRYPTION_POLICY (&nr_dict_attrs[258])
-#define NR_DA_MS_MPPE_ENCRYPTION_TYPES (&nr_dict_attrs[259])
-#define NR_DA_MS_CHAP_DOMAIN (&nr_dict_attrs[260])
-#define NR_DA_MS_CHAP_CHALLENGE (&nr_dict_attrs[261])
-#define NR_DA_MS_CHAP_MPPE_KEYS (&nr_dict_attrs[262])
-#define NR_DA_MS_MPPE_SEND_KEY (&nr_dict_attrs[263])
-#define NR_DA_MS_MPPE_RECV_KEY (&nr_dict_attrs[264])
-#define NR_DA_MS_CHAP2_RESPONSE (&nr_dict_attrs[265])
-#define NR_DA_MS_CHAP2_SUCCESS (&nr_dict_attrs[266])
-#define NR_DA_EXAMPLE_INTEGER (&nr_dict_attrs[267])
-#define NR_DA_EXAMPLE_STRING (&nr_dict_attrs[268])
-#define NR_DA_EXAMPLE_IP_ADDRESS (&nr_dict_attrs[269])
-/* Automatically generated file. Do not edit */
diff --git a/lib/radius/share/dictionary.ukerna b/lib/radius/share/dictionary.ukerna
new file mode 100644
index 0000000..1694566
--- /dev/null
+++ b/lib/radius/share/dictionary.ukerna
@@ -0,0 +1,19 @@
+# -*- text -*-
+#
+# GSS-EAP VSAs
+#
+# $Id$
+#
+
+VENDOR UKERNA 25622
+
+BEGIN-VENDOR UKERNA
+
+ATTRIBUTE GSS-Acceptor-Service-Name 128 string
+ATTRIBUTE GSS-Acceptor-Host-Name 129 string
+ATTRIBUTE GSS-Acceptor-Service-Specific 130 string
+ATTRIBUTE GSS-Acceptor-Realm-Name 131 string
+ATTRIBUTE SAML-AAA-Assertion 132 string
+ATTRIBUTE MS-Windows-Auth-Data 133 octets
+
+END-VENDOR UKERNA
diff --git a/lib/radius/static.c b/lib/radius/static.c
index d633e5b..bd87272 100644
--- a/lib/radius/static.c
+++ b/lib/radius/static.c
@@ -29,7 +29,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* \brief Dummy file to include auto-generating static dictionary mappings.
*/
-#include <networkradius-devel/client.h>
+#include "client.h"
/*
* Include the dynamically generated dictionaries.
diff --git a/lib/radius/valuepair.c b/lib/radius/valuepair.c
index 603a970..b374fdd 100644
--- a/lib/radius/valuepair.c
+++ b/lib/radius/valuepair.c
@@ -29,7 +29,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* \brief Functions to manipulate C structure versions of RADIUS attributes.
*/
-#include <networkradius-devel/client.h>
+#include "client.h"
void nr_vp_free(VALUE_PAIR **head)
{
@@ -71,9 +71,7 @@ VALUE_PAIR *nr_vp_alloc(const DICT_ATTR *da)
return NULL;
}
-#ifndef NR_NO_MALLOC
vp = malloc(sizeof(*vp));
-#endif
if (!vp) {
nr_strerror_printf("Out of memory");
return NULL;
@@ -87,9 +85,7 @@ VALUE_PAIR *nr_vp_alloc_raw(unsigned int attr, unsigned int vendor)
VALUE_PAIR *vp = NULL;
DICT_ATTR *da;
-#ifndef NR_NO_MALLOC
vp = malloc(sizeof(*vp) + sizeof(*da) + 64);
-#endif
if (!vp) {
nr_strerror_printf("Out of memory");
return NULL;
@@ -112,24 +108,24 @@ int nr_vp_set_data(VALUE_PAIR *vp, const void *data, size_t sizeof_data)
{
int rcode = 1; /* OK */
- if (!vp || !data || (sizeof_data == 0)) return -NR_ERR_INVALID_ARG;
+ if (!vp || !data || (sizeof_data == 0)) return -RSE_INVAL;
switch (vp->da->type) {
- case NR_TYPE_BYTE:
+ case RS_TYPE_BYTE:
vp->vp_integer = *(const uint8_t *) data;
break;
- case NR_TYPE_SHORT:
+ case RS_TYPE_SHORT:
vp->vp_integer = *(const uint16_t *) data;
break;
- case NR_TYPE_INTEGER:
- case NR_TYPE_DATE:
- case NR_TYPE_IPADDR:
+ case RS_TYPE_INTEGER:
+ case RS_TYPE_DATE:
+ case RS_TYPE_IPADDR:
vp->vp_integer = *(const uint32_t *) data;
break;
- case NR_TYPE_STRING:
+ case RS_TYPE_STRING:
if (sizeof_data >= sizeof(vp->vp_strvalue)) {
sizeof_data = sizeof(vp->vp_strvalue) - 1;
rcode = 0; /* truncated */
@@ -140,7 +136,7 @@ int nr_vp_set_data(VALUE_PAIR *vp, const void *data, size_t sizeof_data)
vp->length = sizeof_data;
break;
- case NR_TYPE_OCTETS:
+ case RS_TYPE_OCTETS:
if (sizeof_data > sizeof(vp->vp_octets)) {
sizeof_data = sizeof(vp->vp_octets);
rcode = 0; /* truncated */
@@ -150,7 +146,7 @@ int nr_vp_set_data(VALUE_PAIR *vp, const void *data, size_t sizeof_data)
break;
default:
- return -NR_ERR_ATTR_TYPE_UNKNOWN;
+ return -RSE_ATTR_TYPE_UNKNOWN;
}
return rcode;