diff options
Diffstat (limited to 'lib/radius')
-rw-r--r-- | lib/radius/.gitignore | 1 | ||||
-rw-r--r-- | lib/radius/Makefile | 68 | ||||
-rw-r--r-- | lib/radius/Makefile.am | 37 | ||||
-rw-r--r-- | lib/radius/attrs.c | 214 | ||||
-rw-r--r-- | lib/radius/client.h | 202 | ||||
-rw-r--r-- | lib/radius/common.pl | 2 | ||||
-rwxr-xr-x | lib/radius/convert.pl | 4 | ||||
-rw-r--r-- | lib/radius/crypto.c | 88 | ||||
-rw-r--r-- | lib/radius/custom.c | 2 | ||||
-rw-r--r-- | lib/radius/dict.c | 12 | ||||
-rw-r--r-- | lib/radius/dictionaries.c | 1515 | ||||
-rw-r--r-- | lib/radius/examples/example_1.c | 8 | ||||
-rw-r--r-- | lib/radius/examples/example_2.c | 8 | ||||
-rw-r--r-- | lib/radius/examples/example_3.c | 12 | ||||
-rw-r--r-- | lib/radius/examples/example_4.c | 6 | ||||
-rw-r--r-- | lib/radius/id.c | 36 | ||||
-rw-r--r-- | lib/radius/packet.c | 154 | ||||
-rw-r--r-- | lib/radius/parse.c | 38 | ||||
-rw-r--r-- | lib/radius/print.c | 71 | ||||
-rw-r--r-- | lib/radius/radius.h | 314 | ||||
-rw-r--r-- | lib/radius/share/dictionary.ukerna | 19 | ||||
-rw-r--r-- | lib/radius/static.c | 2 | ||||
-rw-r--r-- | lib/radius/valuepair.c | 24 |
23 files changed, 427 insertions, 2410 deletions
diff --git a/lib/radius/.gitignore b/lib/radius/.gitignore new file mode 100644 index 0000000..1af03df --- /dev/null +++ b/lib/radius/.gitignore @@ -0,0 +1 @@ +dictionaries.c diff --git a/lib/radius/Makefile b/lib/radius/Makefile deleted file mode 100644 index 63eff89..0000000 --- a/lib/radius/Makefile +++ /dev/null @@ -1,68 +0,0 @@ -# -# GNU Makefile -# -.PHONY: all clean install -all: libnetworkradius-client.a - -SRCS := dict.c attrs.c packet.c valuepair.c static.c id.c \ - crypto.c custom.c print.c parse.c - -OBJS := ${SRCS:.c=.o} - -HEADERS := client.h radius.h - -CFLAGS := -I. -g -Wall -Wshadow -Wpointer-arith -Wcast-qual -Wcast-align -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -W -Wredundant-decls -Wundef - -VERSION := 1.0 -NAME := networkradius-client-$(VERSION) - - -# -# The DICTIONARIES variable can be used to point to the FreeRADIUS -# dictionaries. -# -ifeq "${DICTIONARIES}" "" -DICTIONARIES := $(filter-out %~,$(wildcard share/dictionary*)) -endif - -${OBJS}: ${HEADERS} - -radius.h dictionaries.c: ${DICTIONARIES} convert.pl common.pl - ./convert.pl ${DICTIONARIES} - -static.o: static.c dictionaries.c - -%.o : %.c - $(CC) $(CFLAGS) -c $< - -%.o: ${HEADERS} - -.PHONY: networkradius-devel -networkradius-devel: - @[ -e $@ ] || ln -s . $@ - -libnetworkradius-client.a: ${OBJS} - ${AR} ${ARFLAGS} $@ $^ - -LIBS := -lcrypto -lssl -LDFLAGS = -L. -lnetworkradius-client - -.PHONY: html -html: - doxygen doxygen.conf - -clean: - @rm -rf *.o *.a *~ html - -install: libnetworkradius-client.a - -.PHONY: publish -publish: - @scp -r html/* networkradius.com@liberty:www.new/site/clientapi/ - -$(NAME).tar.gz: $(wildcard Makefile *.pl *.txt *.[ch] \ - examples/*.[ch] doc/*.txt share/dictionary*) - git archive --format=tar --prefix=$(NAME)/ bsd | gzip > $@ - -.PHONY: tar -tar: $(NAME).tar.gz diff --git a/lib/radius/Makefile.am b/lib/radius/Makefile.am new file mode 100644 index 0000000..1b66ca6 --- /dev/null +++ b/lib/radius/Makefile.am @@ -0,0 +1,37 @@ +AUTOMAKE_OPTIONS = foreign +ACLOCAL_AMFLAGS = -I m4 + +INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir) +AM_CFLAGS = -Wall -g + +noinst_LTLIBRARIES = libradsec-radius.la + +libradsec_radius_la_SOURCES = \ + attrs.c \ + crypto.c \ + custom.c \ + dict.c \ + id.c \ + packet.c \ + parse.c \ + print.c \ + static.c \ + valuepair.c + +libradsec_radius_la_CFLAGS = $(AM_CFLAGS) + +DICTIONARIES = \ + share/dictionary.txt \ + share/dictionary.microsoft \ + share/dictionary.ukerna + +$(top_srcdir)/include/radsec/radius.h dictionaries.c: ${DICTIONARIES} convert.pl common.pl + $(srcdir)/convert.pl ${DICTIONARIES} + +static.$(OBJEXT): static.c dictionaries.c + +clean-local: + rm -f dictionaries.c + +$(libradsec_radius_la_SOURCES): $(top_srcdir)/include/radsec/radius.h + diff --git a/lib/radius/attrs.c b/lib/radius/attrs.c index 4fd2bf4..d096cc2 100644 --- a/lib/radius/attrs.c +++ b/lib/radius/attrs.c @@ -29,7 +29,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * \brief Attribute encoding and decoding routines. */ -#include <networkradius-devel/client.h> +#include "client.h" /* * Encodes the data portion of an attribute. @@ -48,7 +48,7 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet, uint8_t array[4]; const VALUE_PAIR *vp = *pvp; -#ifdef NR_TYPE_TLV +#ifdef RS_TYPE_TLV /* * See if we need to encode a TLV. The low portion of * the attribute has already been placed into the packer. @@ -73,41 +73,41 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet, len = vp->length; switch(vp->da->type) { - case NR_TYPE_IPV6PREFIX: + case RS_TYPE_IPV6PREFIX: len = sizeof(vp->vp_ipv6prefix); break; - case NR_TYPE_STRING: - case NR_TYPE_OCTETS: - case NR_TYPE_IFID: - case NR_TYPE_IPV6ADDR: -#ifdef NR_TYPE_ABINARY - case NR_TYPE_ABINARY: + case RS_TYPE_STRING: + case RS_TYPE_OCTETS: + case RS_TYPE_IFID: + case RS_TYPE_IPV6ADDR: +#ifdef RS_TYPE_ABINARY + case RS_TYPE_ABINARY: #endif /* nothing more to do */ break; - case NR_TYPE_BYTE: + case RS_TYPE_BYTE: len = 1; /* just in case */ array[0] = vp->vp_integer & 0xff; data = array; break; - case NR_TYPE_SHORT: + case RS_TYPE_SHORT: len = 2; /* just in case */ array[0] = (vp->vp_integer >> 8) & 0xff; array[1] = vp->vp_integer & 0xff; data = array; break; - case NR_TYPE_INTEGER: + case RS_TYPE_INTEGER: len = 4; /* just in case */ lvalue = htonl(vp->vp_integer); memcpy(array, &lvalue, sizeof(lvalue)); data = array; break; - case NR_TYPE_IPADDR: + case RS_TYPE_IPADDR: data = (const uint8_t *) &vp->vp_ipaddr; len = 4; /* just in case */ break; @@ -115,14 +115,14 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet, /* * There are no tagged date attributes. */ - case NR_TYPE_DATE: + case RS_TYPE_DATE: lvalue = htonl(vp->vp_date); data = (const uint8_t *) &lvalue; len = 4; /* just in case */ break; #ifdef VENDORPEC_WIMAX - case NR_TYPE_SIGNED: + case RS_TYPE_SIGNED: { int32_t slvalue; @@ -133,12 +133,12 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet, } #endif -#ifdef NR_TYPE_TLV - case NR_TYPE_TLV: +#ifdef RS_TYPE_TLV + case RS_TYPE_TLV: data = vp->vp_tlv; if (!data) { nr_debug_error("ERROR: Cannot encode NULL TLV"); - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } len = vp->length; break; @@ -146,7 +146,7 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet, default: /* unknown type: ignore it */ nr_debug_error("ERROR: Unknown attribute type %d", vp->da->type); - return -NR_ERR_ATTR_TYPE_UNKNOWN; + return -RSE_ATTR_TYPE_UNKNOWN; } /* @@ -194,7 +194,7 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet, default: if (!original) { nr_debug_error("ERROR: No request packet, cannot encrypt %s attribute in the vp.", vp->da->name); - return -NR_ERR_REQUEST_REQUIRED; + return -RSE_REQUEST_REQUIRED; } if (lvalue) ptr[0] = vp->tag; @@ -230,11 +230,11 @@ static ssize_t vp2data_any(const RADIUS_PACKET *packet, default: if (vp->da->flags.has_tag && TAG_VALID(vp->tag)) { - if (vp->da->type == NR_TYPE_STRING) { + if (vp->da->type == RS_TYPE_STRING) { if (len > ((ssize_t) (room - 1))) len = room - 1; ptr[0] = vp->tag; ptr++; - } else if (vp->da->type == NR_TYPE_INTEGER) { + } else if (vp->da->type == RS_TYPE_INTEGER) { array[0] = vp->tag; } /* else it can't be any other type */ } @@ -300,7 +300,7 @@ static ssize_t vp2attr_vsa(const RADIUS_PACKET *packet, dv = nr_dict_vendor_byvalue(vendor); if (!dv || ( -#ifdef NR_TYPE_TLV +#ifdef RS_TYPE_TLV !(*pvp)->flags.is_tlv && #endif (dv->type == 1) && (dv->length == 1))) { @@ -308,7 +308,7 @@ static ssize_t vp2attr_vsa(const RADIUS_PACKET *packet, attribute, ptr, room); } -#ifdef NR_TYPE_TLV +#ifdef RS_TYPE_TLV if ((*pvp)->flags.is_tlv) { return data2vp_tlvs(packet, original, 0, pvp, ptr, room); @@ -319,7 +319,7 @@ static ssize_t vp2attr_vsa(const RADIUS_PACKET *packet, default: nr_debug_error("vp2attr_vsa: Internal sanity check failed," " type %u", (unsigned) dv->type); - return -NR_ERR_INTERNAL_FAILURE; + return -RSE_INTERNAL; case 4: ptr[0] = 0; /* attr must be 24-bit */ @@ -342,7 +342,7 @@ static ssize_t vp2attr_vsa(const RADIUS_PACKET *packet, default: nr_debug_error("vp2attr_vsa: Internal sanity check failed," " length %u", (unsigned) dv->length); - return -NR_ERR_INTERNAL_FAILURE; + return -RSE_INTERNAL; case 0: break; @@ -392,9 +392,9 @@ ssize_t nr_vp2vsa(const RADIUS_PACKET *packet, const RADIUS_PACKET *original, } #endif - if (vp->da->vendor > NR_MAX_VENDOR) { + if (vp->da->vendor > RS_MAX_VENDOR) { nr_debug_error("nr_vp2vsa: Invalid arguments"); - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } /* @@ -440,17 +440,17 @@ ssize_t nr_vp2rfc(const RADIUS_PACKET *packet, if (vp->da->vendor != 0) { nr_debug_error("nr_vp2rfc called with VSA"); - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } if ((vp->da->attr == 0) || (vp->da->attr > 255)) { nr_debug_error("nr_vp2rfc called with non-standard attribute %u", vp->da->attr); - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } #ifdef PW_CHARGEABLE_USER_IDENTITY if ((vp->length == 0) && - (vp->da != NR_DA_CHARGEABLE_USER_IDENTITY)) { + (vp->da != RS_DA_CHARGEABLE_USER_IDENTITY)) { *pvp = vp->next; return 0; } @@ -471,10 +471,10 @@ static ssize_t nr_chap2rfc(const RADIUS_PACKET *packet, { ssize_t rcode; const VALUE_PAIR *vp = *pvp; - NR_MD5_CTX ctx; - uint8_t buffer[MAX_STRING_LEN*2 + 1], *p; + RS_MD5_CTX ctx; + uint8_t buffer[RS_MAX_STRING_LEN*2 + 1], *p; VALUE_PAIR chap = { - NR_DA_CHAP_PASSWORD, + RS_DA_CHAP_PASSWORD, 17, 0, NULL, @@ -485,9 +485,9 @@ static ssize_t nr_chap2rfc(const RADIUS_PACKET *packet, }, }; - if ((vp->da->vendor != 0) || (vp->da != NR_DA_CHAP_PASSWORD)) { + if ((vp->da->vendor != 0) || (vp->da != RS_DA_CHAP_PASSWORD)) { nr_debug_error("nr_chap2rfc called with non-CHAP"); - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } p = buffer; @@ -505,9 +505,9 @@ static ssize_t nr_chap2rfc(const RADIUS_PACKET *packet, p += sizeof(packet->vector); } - nr_MD5Init(&ctx); - nr_MD5Update(&ctx, buffer, p - buffer); - nr_MD5Final(&chap.vp_octets[1], &ctx); + RS_MD5Init(&ctx); + RS_MD5Update(&ctx, buffer, p - buffer); + RS_MD5Final(&chap.vp_octets[1], &ctx); chap.vp_octets[0] = buffer[0]; vp = &chap; @@ -531,7 +531,7 @@ static ssize_t nr_chap2rfc(const RADIUS_PACKET *packet, * instead use this one, which has the correct length and data. */ static const VALUE_PAIR fake_ma = { - NR_DA_MESSAGE_AUTHENTICATOR, + RS_DA_MESSAGE_AUTHENTICATOR, 16, 0, NULL, @@ -557,7 +557,7 @@ ssize_t nr_vp2attr(const RADIUS_PACKET *packet, const RADIUS_PACKET *original, */ if (vp->da->vendor != 0) { #ifdef VENDORPEC_EXTENDED - if (vp->da->vendor > NR_MAX_VENDOR) { + if (vp->da->vendor > RS_MAX_VENDOR) { return nr_vp2attr_extended(packet, original, pvp, start, room); @@ -575,7 +575,7 @@ ssize_t nr_vp2attr(const RADIUS_PACKET *packet, const RADIUS_PACKET *original, return nr_vp2vsa(packet, original, pvp, start, room); #else nr_debug_error("VSAs are not supported"); - return -NR_ERR_UNSUPPORTED; + return -RSE_UNSUPPORTED; #endif } @@ -593,7 +593,7 @@ ssize_t nr_vp2attr(const RADIUS_PACKET *packet, const RADIUS_PACKET *original, * know how to calculate it, or what the correct values * are. So... create one for him. */ - if (vp->da == NR_DA_MESSAGE_AUTHENTICATOR) { + if (vp->da == RS_DA_MESSAGE_AUTHENTICATOR) { ssize_t rcode; vp = &fake_ma; @@ -610,7 +610,7 @@ ssize_t nr_vp2attr(const RADIUS_PACKET *packet, const RADIUS_PACKET *original, * to calculate it, or what the correct values are. To * help, we calculate it for him. */ - if (vp->da == NR_DA_CHAP_PASSWORD) { + if (vp->da == RS_DA_CHAP_PASSWORD) { int encoded = 0; /* @@ -667,10 +667,10 @@ static ssize_t data2vp_raw(UNUSED const RADIUS_PACKET *packet, { VALUE_PAIR *vp; - if (length > sizeof(vp->vp_octets)) return -NR_ERR_ATTR_OVERFLOW; + if (length > sizeof(vp->vp_octets)) return -RSE_ATTR_OVERFLOW; vp = nr_vp_alloc_raw(attribute, vendor); - if (!vp) return -NR_ERR_NO_MEM; + if (!vp) return -RSE_NOMEM; memcpy(vp->vp_octets, data, length); vp->length = length; @@ -685,9 +685,9 @@ ssize_t nr_attr2vp_raw(const RADIUS_PACKET *packet, VALUE_PAIR **pvp) { - if (length < 2) return -NR_ERR_PACKET_TOO_SMALL; - if (data[1] < 2) return -NR_ERR_ATTR_TOO_SMALL; - if (data[1] > length) return -NR_ERR_ATTR_OVERFLOW; + if (length < 2) return -RSE_PACKET_TOO_SMALL; + if (data[1] < 2) return -RSE_ATTR_TOO_SMALL; + if (data[1] > length) return -RSE_ATTR_OVERFLOW; return data2vp_raw(packet, original, data[0], 0, data + 2, data[1] - 2, pvp); @@ -741,12 +741,12 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet, attribute, vendor, data, length, pvp); } -#ifdef NR_TYPE_TLV +#ifdef RS_TYPE_TLV /* * TLVs are handled first. They can't be tagged, and * they can't be encrypted. */ - if (da->da->type == NR_TYPE_TLV) { + if (da->da->type == RS_TYPE_TLV) { return data2vp_tlvs(packet, original, attribute, vendor, nest, data, length, pvp); @@ -761,7 +761,7 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet, * out of memory. */ vp = nr_vp_alloc(da); - if (!vp) return -NR_ERR_NO_MEM; + if (!vp) return -RSE_NOMEM; /* * Handle tags. @@ -778,8 +778,8 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet, */ vp->tag = data[0]; - if ((vp->da->type == NR_TYPE_STRING) || - (vp->da->type == NR_TYPE_OCTETS)) { + if ((vp->da->type == RS_TYPE_STRING) || + (vp->da->type == RS_TYPE_OCTETS)) { if (length == 0) goto raw; data_offset = 1; } @@ -870,51 +870,51 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet, } switch (vp->da->type) { - case NR_TYPE_STRING: - case NR_TYPE_OCTETS: -#ifdef NR_TYPE_ABINARY - case NR_TYPE_ABINARY: + case RS_TYPE_STRING: + case RS_TYPE_OCTETS: +#ifdef RS_TYPE_ABINARY + case RS_TYPE_ABINARY: #endif /* nothing more to do */ break; - case NR_TYPE_BYTE: + case RS_TYPE_BYTE: vp->vp_integer = vp->vp_octets[0]; break; - case NR_TYPE_SHORT: + case RS_TYPE_SHORT: vp->vp_integer = (vp->vp_octets[0] << 8) | vp->vp_octets[1]; break; - case NR_TYPE_INTEGER: + case RS_TYPE_INTEGER: memcpy(&vp->vp_integer, vp->vp_octets, 4); vp->vp_integer = ntohl(vp->vp_integer); if (vp->da->flags.has_tag) vp->vp_integer &= 0x00ffffff; break; - case NR_TYPE_DATE: + case RS_TYPE_DATE: memcpy(&vp->vp_date, vp->vp_octets, 4); vp->vp_date = ntohl(vp->vp_date); break; - case NR_TYPE_IPADDR: + case RS_TYPE_IPADDR: memcpy(&vp->vp_ipaddr, vp->vp_octets, 4); break; /* * IPv6 interface ID is 8 octets long. */ - case NR_TYPE_IFID: + case RS_TYPE_IFID: /* vp->vp_ifid == vp->vp_octets */ break; /* * IPv6 addresses are 16 octets long */ - case NR_TYPE_IPV6ADDR: + case RS_TYPE_IPV6ADDR: /* vp->vp_ipv6addr == vp->vp_octets */ break; @@ -927,7 +927,7 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet, * * The prefix length can have value 0 to 128. */ - case NR_TYPE_IPV6PREFIX: + case RS_TYPE_IPV6PREFIX: if (vp->length < 2 || vp->length > 18) goto raw; if (vp->vp_octets[1] > 128) goto raw; @@ -942,7 +942,7 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet, break; #ifdef VENDORPEC_WIMAX - case NR_TYPE_SIGNED: + case RS_TYPE_SIGNED: if (vp->length != 4) goto raw; /* @@ -955,22 +955,22 @@ static ssize_t data2vp_any(const RADIUS_PACKET *packet, break; #endif -#ifdef NR_TYPE_TLV - case NR_TYPE_TLV: +#ifdef RS_TYPE_TLV + case RS_TYPE_TLV: nr_vp_free(&vp); nr_debug_error("data2vp_any: Internal sanity check failed"); - return -NR_ERR_ATTR_TYPE_UNKNOWN; + return -RSE_ATTR_TYPE_UNKNOWN; #endif #ifdef VENDORPEC_WIMAX - case NR_TYPE_COMBO_IP: + case RS_TYPE_COMBO_IP: if (vp->length == 4) { - vp->da->type = NR_TYPE_IPADDR; + vp->da->type = RS_TYPE_IPADDR; memcpy(&vp->vp_ipaddr, vp->vp_octets, 4); break; } else if (vp->length == 16) { - vp->da->type = NR_TYPE_IPV6ADDR; + vp->da->type = RS_TYPE_IPV6ADDR; /* vp->vp_ipv6addr == vp->vp_octets */ break; @@ -998,9 +998,9 @@ ssize_t nr_attr2vp_rfc(const RADIUS_PACKET *packet, { ssize_t rcode; - if (length < 2) return -NR_ERR_PACKET_TOO_SMALL; - if (data[1] < 2) return -NR_ERR_ATTR_TOO_SMALL; - if (data[1] > length) return -NR_ERR_ATTR_OVERFLOW; + if (length < 2) return -RSE_PACKET_TOO_SMALL; + if (data[1] < 2) return -RSE_ATTR_TOO_SMALL; + if (data[1] > length) return -RSE_ATTR_OVERFLOW; rcode = data2vp_any(packet, original, 0, data[0], 0, data + 2, data[1] - 2, pvp); @@ -1020,7 +1020,7 @@ int nr_tlv_ok(const uint8_t *data, size_t length, if ((dv_length > 2) || (dv_type == 0) || (dv_type > 4)) { nr_debug_error("nr_tlv_ok: Invalid arguments"); - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } while (data < end) { @@ -1028,7 +1028,7 @@ int nr_tlv_ok(const uint8_t *data, size_t length, if ((data + dv_type + dv_length) > end) { nr_debug_error("Attribute header overflow"); - return -NR_ERR_ATTR_TOO_SMALL; + return -RSE_ATTR_TOO_SMALL; } switch (dv_type) { @@ -1037,12 +1037,12 @@ int nr_tlv_ok(const uint8_t *data, size_t length, (data[2] == 0) && (data[3] == 0)) { zero: nr_debug_error("Invalid attribute 0"); - return -NR_ERR_ATTR_INVALID; + return -RSE_ATTR_INVALID; } if (data[0] != 0) { nr_debug_error("Invalid attribute > 2^24"); - return -NR_ERR_ATTR_INVALID; + return -RSE_ATTR_INVALID; } break; @@ -1056,7 +1056,7 @@ int nr_tlv_ok(const uint8_t *data, size_t length, default: nr_debug_error("Internal sanity check failed"); - return -NR_ERR_INTERNAL_FAILURE; + return -RSE_INTERNAL; } switch (dv_length) { @@ -1066,7 +1066,7 @@ int nr_tlv_ok(const uint8_t *data, size_t length, case 2: if (data[dv_type + 1] != 0) { nr_debug_error("Attribute is longer than 256 octets"); - return -NR_ERR_ATTR_TOO_LARGE; + return -RSE_ATTR_TOO_LARGE; } /* FALL-THROUGH */ case 1: @@ -1076,17 +1076,17 @@ int nr_tlv_ok(const uint8_t *data, size_t length, default: nr_debug_error("Internal sanity check failed"); - return -NR_ERR_INTERNAL_FAILURE; + return -RSE_INTERNAL; } if (attrlen < (dv_type + dv_length)) { nr_debug_error("Attribute header has invalid length"); - return -NR_ERR_PACKET_TOO_SMALL; + return -RSE_PACKET_TOO_SMALL; } if (attrlen > length) { nr_debug_error("Attribute overflows container"); - return -NR_ERR_ATTR_OVERFLOW; + return -RSE_ATTR_OVERFLOW; } data += attrlen; @@ -1113,7 +1113,7 @@ static ssize_t attr2vp_vsa(const RADIUS_PACKET *packet, #ifndef NDEBUG if (length <= (dv_type + dv_length)) { nr_debug_error("attr2vp_vsa: Failure to call nr_tlv_ok"); - return -NR_ERR_PACKET_TOO_SMALL; + return -RSE_PACKET_TOO_SMALL; } #endif @@ -1136,7 +1136,7 @@ static ssize_t attr2vp_vsa(const RADIUS_PACKET *packet, default: nr_debug_error("attr2vp_vsa: Internal sanity check failed"); - return -NR_ERR_INTERNAL_FAILURE; + return -RSE_INTERNAL; } switch (dv_length) { @@ -1155,13 +1155,13 @@ static ssize_t attr2vp_vsa(const RADIUS_PACKET *packet, default: nr_debug_error("attr2vp_vsa: Internal sanity check failed"); - return -NR_ERR_INTERNAL_FAILURE; + return -RSE_INTERNAL; } #ifndef NDEBUG if (attrlen <= (ssize_t) (dv_type + dv_length)) { nr_debug_error("attr2vp_vsa: Failure to call nr_tlv_ok"); - return -NR_ERR_PACKET_TOO_SMALL; + return -RSE_PACKET_TOO_SMALL; } #endif @@ -1177,7 +1177,7 @@ static ssize_t attr2vp_vsa(const RADIUS_PACKET *packet, nr_vp_free(pvp); nr_debug_error("attr2vp_vsa: Incomplete decode %d != %d", (int) my_len, (int) attrlen); - return -NR_ERR_INTERNAL_FAILURE; + return -RSE_INTERNAL; } #endif @@ -1198,13 +1198,13 @@ ssize_t nr_attr2vp_vsa(const RADIUS_PACKET *packet, uint32_t lvalue; const DICT_VENDOR *dv; - if (length < 2) return -NR_ERR_PACKET_TOO_SMALL; - if (data[1] < 2) return -NR_ERR_ATTR_TOO_SMALL; - if (data[1] > length) return -NR_ERR_ATTR_OVERFLOW; + if (length < 2) return -RSE_PACKET_TOO_SMALL; + if (data[1] < 2) return -RSE_ATTR_TOO_SMALL; + if (data[1] > length) return -RSE_ATTR_OVERFLOW; if (data[0] != PW_VENDOR_SPECIFIC) { nr_debug_error("nr_attr2vp_vsa: Invalid attribute"); - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } /* @@ -1256,7 +1256,7 @@ ssize_t nr_attr2vp_vsa(const RADIUS_PACKET *packet, if (my_len != (data[1] - 6)) { nr_vp_free(pvp); nr_debug_error("nr_attr2vp_vsa: Incomplete decode"); - return -NR_ERR_INTERNAL_FAILURE; + return -RSE_INTERNAL; } #endif @@ -1273,9 +1273,9 @@ ssize_t nr_attr2vp(const RADIUS_PACKET *packet, const uint8_t *data, size_t length, VALUE_PAIR **pvp) { - if (length < 2) return -NR_ERR_PACKET_TOO_SMALL; - if (data[1] < 2) return -NR_ERR_ATTR_TOO_SMALL; - if (data[1] > length) return -NR_ERR_ATTR_OVERFLOW; + if (length < 2) return -RSE_PACKET_TOO_SMALL; + if (data[1] < 2) return -RSE_ATTR_TOO_SMALL; + if (data[1] > length) return -RSE_ATTR_OVERFLOW; #ifndef WITHOUT_VSAS /* @@ -1307,18 +1307,18 @@ ssize_t nr_attr2data(const RADIUS_PACKET *packet, ssize_t start, uint8_t *data, *attr; const uint8_t *end; - if (!packet || !pdata || !plength) return -NR_ERR_INVALID_ARG; + if (!packet || !pdata || !plength) return -RSE_INVAL; - if (!packet->data) return -NR_ERR_INVALID_ARG; - if (packet->length < 20) return -NR_ERR_INVALID_ARG; + if (!packet->data) return -RSE_INVAL; + if (packet->length < 20) return -RSE_INVAL; /* * Too long or short, not good. */ if ((start < 0) || - ((start > 0) && (start < 20))) return -NR_ERR_INVALID_ARG; + ((start > 0) && (start < 20))) return -RSE_INVAL; - if ((size_t) start >= (packet->length - 2)) return -NR_ERR_INVALID_ARG; + if ((size_t) start >= (packet->length - 2)) return -RSE_INVAL; end = packet->data + packet->length; @@ -1343,17 +1343,17 @@ ssize_t nr_attr2data(const RADIUS_PACKET *packet, ssize_t start, */ if ((attr + 2) > end) { nr_debug_error("Attribute overflows packet"); - return -NR_ERR_ATTR_OVERFLOW; + return -RSE_ATTR_OVERFLOW; } if (attr[1] < 2) { nr_debug_error("Attribute length is too small"); - return -NR_ERR_ATTR_TOO_SMALL; + return -RSE_ATTR_TOO_SMALL; } if ((attr + attr[1]) > end) { nr_debug_error("Attribute length is too large"); - return -NR_ERR_ATTR_TOO_LARGE; + return -RSE_ATTR_TOO_LARGE; } #endif @@ -1379,7 +1379,7 @@ ssize_t nr_attr2data(const RADIUS_PACKET *packet, ssize_t start, dv = nr_dict_vendor_byvalue(vendor); if (dv && ((dv->type != 1) || (dv->length != 1))) { - return -NR_ERR_VENDOR_UNKNOWN; + return -RSE_VENDOR_UNKNOWN; } } diff --git a/lib/radius/client.h b/lib/radius/client.h index 591884f..df9f834 100644 --- a/lib/radius/client.h +++ b/lib/radius/client.h @@ -29,6 +29,9 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * \brief Main header file. */ +#ifndef _RADIUS_CLIENT_H_ +#define _RADIUS_CLIENT_H_ 1 + /* * System-specific header files. */ @@ -42,10 +45,12 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #include <netinet/in.h> #include <sys/time.h> +#include <radsec/radsec.h> + /* * Definitions of attributes. */ -#include <networkradius-devel/radius.h> +#include <radsec/radius.h> /** \defgroup build Build Helpers * @@ -135,38 +140,38 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #endif #ifdef WITHOUT_OPENSSL -#ifndef NR_MD5_CTX -#error NR_MD5_CTX must be defined +#ifndef RS_MD5_CTX +#error RS_MD5_CTX must be defined #endif -#ifndef nr_MD5Init +#ifndef RS_MD5Init #error n_rMD5Init must be defined #endif -#ifndef nr_MD5Update -#error nr_MD5Updyae must be defined +#ifndef RS_MD5Update +#error RS_MD5Updyae must be defined #endif -#ifndef nr_MD5Final -#error nr_MD5Final must be defined +#ifndef RS_MD5Final +#error RS_MD5Final must be defined #endif -#ifndef nr_MD5Transform -#error nr_MD5Transform must be defined +#ifndef RS_MD5Transform +#error RS_MD5Transform must be defined #endif #else /* WITHOUT_OPENSSL */ #include <openssl/md5.h> /** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */ -#define NR_MD5_CTX MD5_CTX +#define RS_MD5_CTX MD5_CTX /** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */ -#define nr_MD5Init MD5_Init +#define RS_MD5Init MD5_Init /** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */ -#define nr_MD5Update MD5_Update +#define RS_MD5Update MD5_Update /** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */ -#define nr_MD5Final MD5_Final +#define RS_MD5Final MD5_Final /** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */ -#define nr_MD5Transform MD5_Transform +#define RS_MD5Transform MD5_Transform #endif -#ifndef NR_MAX_PACKET_LEN +#ifndef RS_MAX_PACKET_LEN /** The maximum size of a packet that the library will send or receive. \ingroup custom * * The RFC requirement is to handle at least 4K packets. However, if @@ -176,144 +181,39 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * Be warned that any packets larger than this value will be ignored * and silently discarded. */ -#define NR_MAX_PACKET_LEN (4096) +#define RS_MAX_PACKET_LEN (4096) #endif -#ifndef NR_MAX_ATTRIBUTES +#ifndef RS_MAX_ATTRIBUTES /** The maximum number of attributes that the library will allow in a packet. \ingroup custom * - * Packets which contain more than ::NR_MAX_ATTRIBUTES will generate + * Packets which contain more than ::RS_MAX_ATTRIBUTES will generate * an error. This value is configurable because there may be a need * to accept a large mumber of attributes. * * This value is ignored when packets are sent. The library will * send as many attributes as it is told to send. */ -#define NR_MAX_ATTRIBUTES (200) +#define RS_MAX_ATTRIBUTES (200) #endif -#undef NR_MAX_PACKET_CODE +#undef RS_MAX_PACKET_CODE /** The maximum RADIUS_PACKET::code which we can accept. \ingroup dict * * \attention This should not be changed, as it is used by other * structures such as ::nr_packet_codes. */ -#define NR_MAX_PACKET_CODE PW_COA_NAK +#define RS_MAX_PACKET_CODE PW_COA_NAK /** The maximum vendor number which is permitted. \ingroup dict * * The RFCs require that the Vendor Id or Private Enterprise Number * be encoded as 32 bits, with the upper 8 bits being zero. */ -#define NR_MAX_VENDOR (1 << 24) - -/** The maximum length of a RADIUS attribute. - * - * The RFCs require that a RADIUS attribute transport no more than - * 253 octets of data. We add an extra byte for a trailing NUL, so - * that the VALUE_PAIR::vp_strvalue field can be handled as a C - * string. - */ -#define MAX_STRING_LEN (254) +#define RS_MAX_VENDOR (1 << 24) /** Data Type Definitions. \ingroup dict */ -typedef enum nr_attr_type_t { - NR_TYPE_INVALID = 0, /**< Invalid data type */ - NR_TYPE_STRING, /**< printable-text */ - NR_TYPE_INTEGER, /**< a 32-bit unsigned integer */ - NR_TYPE_IPADDR, /**< an IPv4 address */ - NR_TYPE_DATE, /**< a 32-bit date, of seconds since January 1, 1970 */ - NR_TYPE_OCTETS, /**< a sequence of binary octets */ - NR_TYPE_IFID, /**< an Interface Id */ - NR_TYPE_IPV6ADDR, /**< an IPv6 address */ - NR_TYPE_IPV6PREFIX, /**< an IPv6 prefix */ - NR_TYPE_BYTE, /**< an 8-bit integer */ - NR_TYPE_SHORT, /**< a 16-bit integer */ -} nr_attr_type_t; - -#define PW_ACCESS_REQUEST 1 -#define PW_ACCESS_ACCEPT 2 -#define PW_ACCESS_REJECT 3 -#define PW_ACCOUNTING_REQUEST 4 -#define PW_ACCOUNTING_RESPONSE 5 -#define PW_ACCOUNTING_STATUS 6 -#define PW_PASSWORD_REQUEST 7 -#define PW_PASSWORD_ACK 8 -#define PW_PASSWORD_REJECT 9 -#define PW_ACCOUNTING_MESSAGE 10 -#define PW_ACCESS_CHALLENGE 11 -#define PW_STATUS_SERVER 12 -#define PW_STATUS_CLIENT 13 -#define PW_DISCONNECT_REQUEST 40 -#define PW_DISCONNECT_ACK 41 -#define PW_DISCONNECT_NAK 42 -#define PW_COA_REQUEST 43 -#define PW_COA_ACK 44 -#define PW_COA_NAK 45 - -/** Error codes \ingroup error - * - * The numerical value of these definitions may change from version - * to version of the library. - */ -typedef enum nr_error_t { - /** Invalid argument */ - NR_ERR_INVALID_ARG = 1, - /** Insufficient data to decode the packet */ - NR_ERR_PACKET_TOO_SMALL, - /** The packet header says it is larger than the received data */ - NR_ERR_PACKET_TOO_LARGE, - /** the attribute overflows the packet */ - NR_ERR_ATTR_OVERFLOW, - /** the attribute header "length" field is too small */ - NR_ERR_ATTR_TOO_SMALL, - /** the attribute is more than 256 octets long */ - NR_ERR_ATTR_TOO_LARGE, - /** the attribute is unknown */ - NR_ERR_ATTR_UNKNOWN, - /** the attribute name is improperly formatted */ - NR_ERR_ATTR_BAD_NAME, - /** the attribute value could not be parsed */ - NR_ERR_ATTR_VALUE_MALFORMED, - /** the attribute "type" is invalid */ - NR_ERR_ATTR_INVALID, - /** the packet has too many attributes */ - NR_ERR_TOO_MANY_ATTRS, - /** the attribute has an unsupported data type */ - NR_ERR_ATTR_TYPE_UNKNOWN, - /** the Message-Authenticator has the wrong length */ - NR_ERR_MSG_AUTH_LEN, - /** the Message-Authenticator is wrong */ - NR_ERR_MSG_AUTH_WRONG, - /** we need a request packet to calculate something in the response */ - NR_ERR_REQUEST_REQUIRED, - /** the request code is unsupported */ - NR_ERR_REQUEST_CODE_INVALID, - /** the Authentication Vector is wrong */ - NR_ERR_AUTH_VECTOR_WRONG, - /** the response code is unsupported */ - NR_ERR_RESPONSE_CODE_INVALID, - /** the response ID field is invalid */ - NR_ERR_RESPONSE_ID_INVALID, - /** the response is not from the correct source IP/port */ - NR_ERR_RESPONSE_SRC_INVALID, - /** Look at "errno" for the error */ - NR_ERR_SYSTEM, - /** We cannot encode the packet because of invalid arguments */ - NR_ERR_NO_PACKET_DATA, - /** the vendor is unknown */ - NR_ERR_VENDOR_UNKNOWN, - /** an internal sanity check failed */ - NR_ERR_INTERNAL_FAILURE, - /** the caller requested an unsupported featuer */ - NR_ERR_UNSUPPORTED, - /** we were unable to allocate memory */ - NR_ERR_NO_MEM, - /** Resource is in use */ - NR_ERR_IN_USE, -} nr_error_t; - #define TAG_VALID(x) ((x) < 0x20) /** The attribute is not encrypted. */ @@ -335,7 +235,7 @@ typedef enum nr_error_t { typedef struct attr_flags { unsigned int has_tag : 1; /**< Attribute has an RFC 2868 tag */ unsigned int unknown : 1; /**< Attribute is unknown */ -#ifdef NR_TYPE_TLV +#ifdef RS_TYPE_TLV unsigned int has_tlv : 1; /* has sub attributes */ unsigned int is_tlv : 1; /* is a sub attribute */ #endif @@ -358,7 +258,7 @@ typedef struct attr_flags { */ typedef struct nr_dict_attr { unsigned int attr; /**< Attribute number */ - nr_attr_type_t type; /**< Data type */ + rs_attr_type_t type; /**< Data type */ unsigned int vendor; /**< Vendor-Id number */ ATTR_FLAGS flags; const char *name; /**< Printable name */ @@ -392,21 +292,21 @@ typedef struct nr_dict_vendor { * */ typedef union value_pair_data { - char strvalue[MAX_STRING_LEN]; /* +1 for NUL */ + char strvalue[RS_MAX_STRING_LEN]; /* +1 for NUL */ uint8_t octets[253]; struct in_addr ipaddr; struct in6_addr ipv6addr; uint32_t date; uint32_t integer; -#ifdef NR_TYPE_SIGNED +#ifdef RS_TYPE_SIGNED int32_t sinteger; #endif -#ifdef NR_TYPE_ABINARY +#ifdef RS_TYPE_ABINARY uint8_t filter[32]; #endif uint8_t ifid[8]; /* struct? */ uint8_t ipv6prefix[18]; /* struct? */ -#ifdef NR_TYPE_TLV +#ifdef RS_TYPE_TLV uint8_t *tlv; #endif } VALUE_PAIR_DATA; @@ -432,23 +332,23 @@ typedef struct value_pair { #define vp_ipaddr data.ipaddr.s_addr #define vp_date data.integer #define vp_integer data.integer -#ifdef NR_TYPE_ABINARY +#ifdef RS_TYPE_ABINARY #define vp_filter data.filter #endif -#ifdef NR_TYPE_ETHER +#ifdef RS_TYPE_ETHER #define vp_ether data.ether #endif -#ifdef NR_TYPE_SIGNED +#ifdef RS_TYPE_SIGNED #define vp_signed data.sinteger #endif -#ifdef NR_TYPE_TLV +#ifdef RS_TYPE_TLV #define vp_tlv data.tlv #endif -#ifdef NR_TYPE_TLV -#define NR_ATTR_MAX_TLV (4) -extern const int nr_attr_shift[NR_ATTR_MAX_TLV]; -extern const int nr_attr_mask[NR_ATTR_MAX_TLV]; +#ifdef RS_TYPE_TLV +#define RS_ATTR_MAX_TLV (4) +extern const int nr_attr_shift[RS_ATTR_MAX_TLV]; +extern const int nr_attr_mask[RS_ATTR_MAX_TLV]; extern const unsigned int nr_attr_max_tlv; #endif @@ -474,12 +374,12 @@ typedef struct radius_packet { VALUE_PAIR *vps; /**< linked list of ::VALUE_PAIR */ } RADIUS_PACKET; -#define NR_PACKET_ENCODED (1 << 0) -#define NR_PACKET_HEADER (1 << 1) -#define NR_PACKET_SIGNED (1 << 2) -#define NR_PACKET_OK (1 << 3) -#define NR_PACKET_VERIFIED (1 << 4) -#define NR_PACKET_DECODED (1 << 5) +#define RS_PACKET_ENCODED (1 << 0) +#define RS_PACKET_HEADER (1 << 1) +#define RS_PACKET_SIGNED (1 << 2) +#define RS_PACKET_OK (1 << 3) +#define RS_PACKET_VERIFIED (1 << 4) +#define RS_PACKET_DECODED (1 << 5) /** Track packets sent to a server. \ingroup id @@ -634,7 +534,7 @@ extern VALUE_PAIR *nr_vps_find(VALUE_PAIR *head, * packet. * * \attention There is usually no need to call this function. Use - * the NR_DA_* definitions instead. + * the RS_DA_* definitions instead. * * @param[in] attr Value of the attribute * @param[in] vendor Value of the vendor @@ -773,7 +673,7 @@ extern const DICT_ATTR const *nr_dict_attr_names[]; * application. Packet codes which are not handled by the library * have NULL for their names. */ -extern const char *nr_packet_codes[NR_MAX_PACKET_CODE + 1]; +extern const char *nr_packet_codes[RS_MAX_PACKET_CODE + 1]; /** Verifies that a packet is "well formed". \ingroup packet * @@ -1406,3 +1306,5 @@ extern ssize_t nr_vp_sscanf_value(VALUE_PAIR *vp, const char *value); */ # define BLANK_FORMAT "" #endif + +#endif /* _RADIUS_CLIENT_H_ */ diff --git a/lib/radius/common.pl b/lib/radius/common.pl index c08489a..7042fe5 100644 --- a/lib/radius/common.pl +++ b/lib/radius/common.pl @@ -124,7 +124,7 @@ sub do_file() } $type =~ tr/a-z/A-Z/; - $attributes{$index}{'type'} = "NR_TYPE_$type"; + $attributes{$index}{'type'} = "RS_TYPE_$type"; $stuff =~ s/^\s*//; diff --git a/lib/radius/convert.pl b/lib/radius/convert.pl index ce7cccd..9cf8731 100755 --- a/lib/radius/convert.pl +++ b/lib/radius/convert.pl @@ -134,7 +134,7 @@ foreach $attr_val (sort {lc($attributes{$a}{'name'}) cmp lc($attributes{$b}{'nam print DICT "};\n\n"; close DICT; -open HDR, ">radius.h" or die "Failed creating radius.c: $!\n"; +open HDR, ">../include/radsec/radius.h" or die "Failed creating radius.c: $!\n"; print HDR "/* Automatically generated file. Do not edit */\n\n"; @@ -174,7 +174,7 @@ foreach $attr_val (sort {$a <=> $b} keys %attributes) { $name =~ tr/a-z/A-Z/; $name =~ tr/-/_/; - print HDR "#define NR_DA_$name (&nr_dict_attrs[$attributes{$attr_val}{'offset'}])\n"; + print HDR "#define RS_DA_$name (&nr_dict_attrs[$attributes{$attr_val}{'offset'}])\n"; } print HDR "/* Automatically generated file. Do not edit */\n"; diff --git a/lib/radius/crypto.c b/lib/radius/crypto.c index 02a223d..21cc7d0 100644 --- a/lib/radius/crypto.c +++ b/lib/radius/crypto.c @@ -36,7 +36,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. /** \cond PRIVATE */ -#include <networkradius-devel/client.h> +#include "client.h" ssize_t nr_password_encrypt(uint8_t *output, size_t outlen, @@ -45,35 +45,35 @@ ssize_t nr_password_encrypt(uint8_t *output, size_t outlen, { size_t i, j, len; uint8_t digest[16]; - NR_MD5_CTX ctx, secret_ctx; + RS_MD5_CTX ctx, secret_ctx; if (!output || (outlen < 16) || !input || (inlen == 0) || !secret || !vector) { - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } len = inlen; - if (len > 128) return -NR_ERR_ATTR_OVERFLOW; + if (len > 128) return -RSE_ATTR_OVERFLOW; len = (len + 0x0f) & ~0x0f; /* round up to 16 byte boundary */ - if (outlen < len) return -NR_ERR_ATTR_OVERFLOW; + if (outlen < len) return -RSE_ATTR_OVERFLOW; memcpy(output, input, len); memset(output + len, 0, 128 - len); - nr_MD5Init(&secret_ctx); - nr_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret)); + RS_MD5Init(&secret_ctx); + RS_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret)); for (j = 0; j < len; j += 16) { ctx = secret_ctx; if (j == 0) { - nr_MD5Update(&ctx, vector, 16); - nr_MD5Final(digest, &ctx); + RS_MD5Update(&ctx, vector, 16); + RS_MD5Final(digest, &ctx); } else { - nr_MD5Update(&ctx, &output[j - 16], 16); - nr_MD5Final(digest, &ctx); + RS_MD5Update(&ctx, &output[j - 16], 16); + RS_MD5Final(digest, &ctx); } for (i = 0; i < 16; i++) { @@ -90,16 +90,16 @@ ssize_t nr_tunnelpw_encrypt(uint8_t *output, size_t outlen, const char *secret, const uint8_t *vector) { size_t i, j, len; - NR_MD5_CTX ctx, secret_ctx; + RS_MD5_CTX ctx, secret_ctx; uint8_t digest[16]; if (!output || (outlen < 18) || !input || (inlen == 0) || !secret || !vector) { - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } len = ((inlen + 1) + 0x0f) & ~0x0f; - if (len > 251) return -NR_ERR_ATTR_OVERFLOW; + if (len > 251) return -RSE_ATTR_OVERFLOW; output[0] = (nr_rand() & 0xff) | 0x80; output[1] = nr_rand() & 0xff; @@ -108,19 +108,19 @@ ssize_t nr_tunnelpw_encrypt(uint8_t *output, size_t outlen, memcpy(output + 3, input, inlen); memset(output + 3 + inlen, 0, len - inlen - 1); - nr_MD5Init(&secret_ctx); - nr_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret)); + RS_MD5Init(&secret_ctx); + RS_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret)); for (j = 0; j < len; j += 16) { ctx = secret_ctx; if (j == 0) { - nr_MD5Update(&ctx, vector, 16); - nr_MD5Update(&ctx, output, 2); - nr_MD5Final(digest, &ctx); + RS_MD5Update(&ctx, vector, 16); + RS_MD5Update(&ctx, output, 2); + RS_MD5Final(digest, &ctx); } else { - nr_MD5Update(&ctx, &output[j + 2 - 16], 16); - nr_MD5Final(digest, &ctx); + RS_MD5Update(&ctx, &output[j + 2 - 16], 16); + RS_MD5Final(digest, &ctx); } for (i = 0; i < 16; i++) { @@ -136,12 +136,12 @@ ssize_t nr_tunnelpw_decrypt(uint8_t *output, size_t outlen, const char *secret, const uint8_t *vector) { size_t i, j, len, encoded_len; - NR_MD5_CTX ctx, secret_ctx; + RS_MD5_CTX ctx, secret_ctx; uint8_t digest[16]; if (!output || (outlen < 1) || !input || (inlen < 2) || !secret || !vector) { - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } if (inlen <= 3) { @@ -151,20 +151,20 @@ ssize_t nr_tunnelpw_decrypt(uint8_t *output, size_t outlen, len = inlen - 2; - if (outlen < (len - 1)) return -NR_ERR_ATTR_OVERFLOW; + if (outlen < (len - 1)) return -RSE_ATTR_OVERFLOW; - nr_MD5Init(&secret_ctx); - nr_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret)); + RS_MD5Init(&secret_ctx); + RS_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret)); ctx = secret_ctx; - nr_MD5Update(&ctx, vector, 16); /* MD5(secret + vector + salt) */ - nr_MD5Update(&ctx, input, 2); - nr_MD5Final(digest, &ctx); + RS_MD5Update(&ctx, vector, 16); /* MD5(secret + vector + salt) */ + RS_MD5Update(&ctx, input, 2); + RS_MD5Final(digest, &ctx); encoded_len = input[2] ^ digest[0]; if (encoded_len >= len) { - return -NR_ERR_ATTR_TOO_LARGE; + return -RSE_ATTR_TOO_LARGE; } for (i = 0; i < 15; i++) { @@ -174,8 +174,8 @@ ssize_t nr_tunnelpw_decrypt(uint8_t *output, size_t outlen, for (j = 16; j < len; j += 16) { ctx = secret_ctx; - nr_MD5Update(&ctx, input + j - 16 + 2, 16); - nr_MD5Final(digest, &ctx); + RS_MD5Update(&ctx, input + j - 16 + 2, 16); + RS_MD5Final(digest, &ctx); for (i = 0; i < 16; i++) { output[i + j - 1] = input[i + j + 2] ^ digest[i]; @@ -198,12 +198,12 @@ nr_hmac_md5(const uint8_t *data, size_t data_len, uint8_t k_ipad[64]; uint8_t k_opad[64]; uint8_t tk[16]; - NR_MD5_CTX ctx; + RS_MD5_CTX ctx; if (key_len > 64) { - nr_MD5Init(&ctx); - nr_MD5Update(&ctx, key, key_len); - nr_MD5Final(tk, &ctx); + RS_MD5Init(&ctx); + RS_MD5Update(&ctx, key, key_len); + RS_MD5Final(tk, &ctx); key = tk; key_len = 16; @@ -219,15 +219,15 @@ nr_hmac_md5(const uint8_t *data, size_t data_len, k_opad[i] ^= 0x5c; } - nr_MD5Init(&ctx); - nr_MD5Update(&ctx, k_ipad, sizeof(k_ipad)); - nr_MD5Update(&ctx, data, data_len); - nr_MD5Final(digest, &ctx); + RS_MD5Init(&ctx); + RS_MD5Update(&ctx, k_ipad, sizeof(k_ipad)); + RS_MD5Update(&ctx, data, data_len); + RS_MD5Final(digest, &ctx); - nr_MD5Init(&ctx); - nr_MD5Update(&ctx, k_opad, sizeof(k_opad)); - nr_MD5Update(&ctx, digest, 16); - nr_MD5Final(digest, &ctx); + RS_MD5Init(&ctx); + RS_MD5Update(&ctx, k_opad, sizeof(k_opad)); + RS_MD5Update(&ctx, digest, 16); + RS_MD5Final(digest, &ctx); } /** \endcond */ diff --git a/lib/radius/custom.c b/lib/radius/custom.c index e33cf5a..02e2463 100644 --- a/lib/radius/custom.c +++ b/lib/radius/custom.c @@ -29,7 +29,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * \brief Functions which should be customized for your local system. */ -#include <networkradius-devel/client.h> +#include "client.h" #include <unistd.h> #include <fcntl.h> diff --git a/lib/radius/dict.c b/lib/radius/dict.c index 26fe7d0..fc04ee2 100644 --- a/lib/radius/dict.c +++ b/lib/radius/dict.c @@ -25,7 +25,7 @@ ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include <networkradius-devel/client.h> +#include "client.h" #include <ctype.h> /** \file dict.c @@ -56,7 +56,7 @@ const DICT_ATTR *nr_dict_attr_byvalue(unsigned int attr, unsigned int vendor) return &nr_dict_attrs[half]; } - if ((vendor > nr_dict_attrs[half].vendor) && + if ((vendor >= nr_dict_attrs[half].vendor) && (attr > nr_dict_attrs[half].attr)) { start = half + 1; } else { @@ -100,19 +100,19 @@ const DICT_ATTR *nr_dict_attr_byname(const char *name) int nr_dict_attr_2struct(DICT_ATTR *da, unsigned int attr, unsigned int vendor, char *buffer, size_t bufsize) { - if (!da || !buffer) return -NR_ERR_INVALID_ARG; + if (!da || !buffer) return -RSE_INVAL; if (!vendor) { - if (attr > 256) return -NR_ERR_INVALID_ARG; + if (attr > 256) return -RSE_INVAL; } else if (vendor > (1 << 24)) { - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } memset(da, 0, sizeof(*da)); da->attr = attr; da->flags.unknown = 1; - da->type = NR_TYPE_OCTETS; + da->type = RS_TYPE_OCTETS; da->vendor = vendor; if (da->vendor) { diff --git a/lib/radius/dictionaries.c b/lib/radius/dictionaries.c deleted file mode 100644 index d1f4b6f..0000000 --- a/lib/radius/dictionaries.c +++ /dev/null @@ -1,1515 +0,0 @@ -const DICT_VENDOR nr_dict_vendors[] = { - { - .name = "Microsoft", - .vendor = 311, - .type = 1, - .length = 1, - }, - { - .name = "example", - .vendor = 65535, - .type = 1, - .length = 1, - }, - - { .name = NULL, } -}; - -const DICT_ATTR nr_dict_attrs[] = { - { /* 0 */ - .name = NULL, - }, - { /* 1 */ - .name = "User-Name", - .attr = 1, - .type = NR_TYPE_STRING, - }, - { /* 2 */ - .name = "User-Password", - .attr = 2, - .type = NR_TYPE_STRING, - .flags = { - .encrypt = FLAG_ENCRYPT_USER_PASSWORD, - }, - }, - { /* 3 */ - .name = "CHAP-Password", - .attr = 3, - .type = NR_TYPE_OCTETS, - }, - { /* 4 */ - .name = "NAS-IP-Address", - .attr = 4, - .type = NR_TYPE_IPADDR, - .flags = { - .length = 4, - }, - }, - { /* 5 */ - .name = "NAS-Port", - .attr = 5, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 6 */ - .name = "Service-Type", - .attr = 6, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 7 */ - .name = "Framed-Protocol", - .attr = 7, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 8 */ - .name = "Framed-IP-Address", - .attr = 8, - .type = NR_TYPE_IPADDR, - .flags = { - .length = 4, - }, - }, - { /* 9 */ - .name = "Framed-IP-Netmask", - .attr = 9, - .type = NR_TYPE_IPADDR, - .flags = { - .length = 4, - }, - }, - { /* 10 */ - .name = "Framed-Routing", - .attr = 10, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 11 */ - .name = "Filter-Id", - .attr = 11, - .type = NR_TYPE_STRING, - }, - { /* 12 */ - .name = "Framed-MTU", - .attr = 12, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 13 */ - .name = "Framed-Compression", - .attr = 13, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 14 */ - .name = "Login-IP-Host", - .attr = 14, - .type = NR_TYPE_IPADDR, - .flags = { - .length = 4, - }, - }, - { /* 15 */ - .name = "Login-Service", - .attr = 15, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 16 */ - .name = "Login-TCP-Port", - .attr = 16, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 17 */ - .name = NULL, - }, - { /* 18 */ - .name = "Reply-Message", - .attr = 18, - .type = NR_TYPE_STRING, - }, - { /* 19 */ - .name = "Callback-Number", - .attr = 19, - .type = NR_TYPE_STRING, - }, - { /* 20 */ - .name = "Callback-Id", - .attr = 20, - .type = NR_TYPE_STRING, - }, - { /* 21 */ - .name = NULL, - }, - { /* 22 */ - .name = "Framed-Route", - .attr = 22, - .type = NR_TYPE_STRING, - }, - { /* 23 */ - .name = "Framed-IPX-Network", - .attr = 23, - .type = NR_TYPE_IPADDR, - .flags = { - .length = 4, - }, - }, - { /* 24 */ - .name = "State", - .attr = 24, - .type = NR_TYPE_OCTETS, - }, - { /* 25 */ - .name = "Class", - .attr = 25, - .type = NR_TYPE_OCTETS, - }, - { /* 26 */ - .name = "Vendor-Specific", - .attr = 26, - .type = NR_TYPE_OCTETS, - }, - { /* 27 */ - .name = "Session-Timeout", - .attr = 27, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 28 */ - .name = "Idle-Timeout", - .attr = 28, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 29 */ - .name = "Termination-Action", - .attr = 29, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 30 */ - .name = "Called-Station-Id", - .attr = 30, - .type = NR_TYPE_STRING, - }, - { /* 31 */ - .name = "Calling-Station-Id", - .attr = 31, - .type = NR_TYPE_STRING, - }, - { /* 32 */ - .name = "NAS-Identifier", - .attr = 32, - .type = NR_TYPE_STRING, - }, - { /* 33 */ - .name = "Proxy-State", - .attr = 33, - .type = NR_TYPE_OCTETS, - }, - { /* 34 */ - .name = "Login-LAT-Service", - .attr = 34, - .type = NR_TYPE_STRING, - }, - { /* 35 */ - .name = "Login-LAT-Node", - .attr = 35, - .type = NR_TYPE_STRING, - }, - { /* 36 */ - .name = "Login-LAT-Group", - .attr = 36, - .type = NR_TYPE_OCTETS, - }, - { /* 37 */ - .name = "Framed-AppleTalk-Link", - .attr = 37, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 38 */ - .name = "Framed-AppleTalk-Network", - .attr = 38, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 39 */ - .name = "Framed-AppleTalk-Zone", - .attr = 39, - .type = NR_TYPE_STRING, - }, - { /* 40 */ - .name = "Acct-Status-Type", - .attr = 40, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 41 */ - .name = "Acct-Delay-Time", - .attr = 41, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 42 */ - .name = "Acct-Input-Octets", - .attr = 42, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 43 */ - .name = "Acct-Output-Octets", - .attr = 43, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 44 */ - .name = "Acct-Session-Id", - .attr = 44, - .type = NR_TYPE_STRING, - }, - { /* 45 */ - .name = "Acct-Authentic", - .attr = 45, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 46 */ - .name = "Acct-Session-Time", - .attr = 46, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 47 */ - .name = "Acct-Input-Packets", - .attr = 47, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 48 */ - .name = "Acct-Output-Packets", - .attr = 48, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 49 */ - .name = "Acct-Terminate-Cause", - .attr = 49, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 50 */ - .name = "Acct-Multi-Session-Id", - .attr = 50, - .type = NR_TYPE_STRING, - }, - { /* 51 */ - .name = "Acct-Link-Count", - .attr = 51, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 52 */ - .name = "Acct-Input-Gigawords", - .attr = 52, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 53 */ - .name = "Acct-Output-Gigawords", - .attr = 53, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 54 */ - .name = NULL, - }, - { /* 55 */ - .name = "Event-Timestamp", - .attr = 55, - .type = NR_TYPE_DATE, - .flags = { - .length = 4, - }, - }, - { /* 56 */ - .name = "Egress-VLANID", - .attr = 56, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 57 */ - .name = "Ingress-Filters", - .attr = 57, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 58 */ - .name = "Egress-VLAN-Name", - .attr = 58, - .type = NR_TYPE_STRING, - }, - { /* 59 */ - .name = "User-Priority-Table", - .attr = 59, - .type = NR_TYPE_OCTETS, - }, - { /* 60 */ - .name = "CHAP-Challenge", - .attr = 60, - .type = NR_TYPE_OCTETS, - }, - { /* 61 */ - .name = "NAS-Port-Type", - .attr = 61, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 62 */ - .name = "Port-Limit", - .attr = 62, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 63 */ - .name = "Login-LAT-Port", - .attr = 63, - .type = NR_TYPE_STRING, - }, - { /* 64 */ - .name = "Tunnel-Type", - .attr = 64, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - .has_tag = 1, - }, - }, - { /* 65 */ - .name = "Tunnel-Medium-Type", - .attr = 65, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - .has_tag = 1, - }, - }, - { /* 66 */ - .name = "Tunnel-Client-Endpoint", - .attr = 66, - .type = NR_TYPE_STRING, - .flags = { - .has_tag = 1, - }, - }, - { /* 67 */ - .name = "Tunnel-Server-Endpoint", - .attr = 67, - .type = NR_TYPE_STRING, - .flags = { - .has_tag = 1, - }, - }, - { /* 68 */ - .name = "Acct-Tunnel-Connection", - .attr = 68, - .type = NR_TYPE_STRING, - }, - { /* 69 */ - .name = "Tunnel-Password", - .attr = 69, - .type = NR_TYPE_STRING, - .flags = { - .encrypt = FLAG_ENCRYPT_TUNNEL_PASSWORD, - .has_tag = 1, - }, - }, - { /* 70 */ - .name = "ARAP-Password", - .attr = 70, - .type = NR_TYPE_OCTETS, - .flags = { - .length = 16, - }, - }, - { /* 71 */ - .name = "ARAP-Features", - .attr = 71, - .type = NR_TYPE_OCTETS, - .flags = { - .length = 14, - }, - }, - { /* 72 */ - .name = "ARAP-Zone-Access", - .attr = 72, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 73 */ - .name = "ARAP-Security", - .attr = 73, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 74 */ - .name = "ARAP-Security-Data", - .attr = 74, - .type = NR_TYPE_STRING, - }, - { /* 75 */ - .name = "Password-Retry", - .attr = 75, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 76 */ - .name = "Prompt", - .attr = 76, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 77 */ - .name = "Connect-Info", - .attr = 77, - .type = NR_TYPE_STRING, - }, - { /* 78 */ - .name = "Configuration-Token", - .attr = 78, - .type = NR_TYPE_STRING, - }, - { /* 79 */ - .name = "EAP-Message", - .attr = 79, - .type = NR_TYPE_OCTETS, - }, - { /* 80 */ - .name = "Message-Authenticator", - .attr = 80, - .type = NR_TYPE_OCTETS, - }, - { /* 81 */ - .name = "Tunnel-Private-Group-Id", - .attr = 81, - .type = NR_TYPE_STRING, - .flags = { - .has_tag = 1, - }, - }, - { /* 82 */ - .name = "Tunnel-Assignment-Id", - .attr = 82, - .type = NR_TYPE_STRING, - .flags = { - .has_tag = 1, - }, - }, - { /* 83 */ - .name = "Tunnel-Preference", - .attr = 83, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - .has_tag = 1, - }, - }, - { /* 84 */ - .name = "ARAP-Challenge-Response", - .attr = 84, - .type = NR_TYPE_OCTETS, - .flags = { - .length = 8, - }, - }, - { /* 85 */ - .name = "Acct-Interim-Interval", - .attr = 85, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 86 */ - .name = "Acct-Tunnel-Packets-Lost", - .attr = 86, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 87 */ - .name = "NAS-Port-Id", - .attr = 87, - .type = NR_TYPE_STRING, - }, - { /* 88 */ - .name = "Framed-Pool", - .attr = 88, - .type = NR_TYPE_STRING, - }, - { /* 89 */ - .name = "Chargeable-User-Identity", - .attr = 89, - .type = NR_TYPE_STRING, - }, - { /* 90 */ - .name = "Tunnel-Client-Auth-Id", - .attr = 90, - .type = NR_TYPE_STRING, - .flags = { - .has_tag = 1, - }, - }, - { /* 91 */ - .name = "Tunnel-Server-Auth-Id", - .attr = 91, - .type = NR_TYPE_STRING, - .flags = { - .has_tag = 1, - }, - }, - { /* 92 */ - .name = "NAS-Filter-Rule", - .attr = 92, - .type = NR_TYPE_STRING, - }, - { /* 93 */ - .name = NULL, - }, - { /* 94 */ - .name = NULL, - }, - { /* 95 */ - .name = "NAS-IPv6-Address", - .attr = 95, - .type = NR_TYPE_IPV6ADDR, - .flags = { - .length = 16, - }, - }, - { /* 96 */ - .name = "Framed-Interface-Id", - .attr = 96, - .type = NR_TYPE_IFID, - .flags = { - .length = 8, - }, - }, - { /* 97 */ - .name = "Framed-IPv6-Prefix", - .attr = 97, - .type = NR_TYPE_IPV6PREFIX, - }, - { /* 98 */ - .name = "Login-IPv6-Host", - .attr = 98, - .type = NR_TYPE_IPV6ADDR, - .flags = { - .length = 16, - }, - }, - { /* 99 */ - .name = "Framed-IPv6-Route", - .attr = 99, - .type = NR_TYPE_STRING, - }, - { /* 100 */ - .name = "Framed-IPv6-Pool", - .attr = 100, - .type = NR_TYPE_STRING, - }, - { /* 101 */ - .name = "Error-Cause", - .attr = 101, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 102 */ - .name = "EAP-Key-Name", - .attr = 102, - .type = NR_TYPE_STRING, - }, - { /* 103 */ - .name = "Digest-Response", - .attr = 103, - .type = NR_TYPE_STRING, - }, - { /* 104 */ - .name = "Digest-Realm", - .attr = 104, - .type = NR_TYPE_STRING, - }, - { /* 105 */ - .name = "Digest-Nonce", - .attr = 105, - .type = NR_TYPE_STRING, - }, - { /* 106 */ - .name = "Digest-Response-Auth", - .attr = 106, - .type = NR_TYPE_STRING, - }, - { /* 107 */ - .name = "Digest-Nextnonce", - .attr = 107, - .type = NR_TYPE_STRING, - }, - { /* 108 */ - .name = "Digest-Method", - .attr = 108, - .type = NR_TYPE_STRING, - }, - { /* 109 */ - .name = "Digest-URI", - .attr = 109, - .type = NR_TYPE_STRING, - }, - { /* 110 */ - .name = "Digest-Qop", - .attr = 110, - .type = NR_TYPE_STRING, - }, - { /* 111 */ - .name = "Digest-Algorithm", - .attr = 111, - .type = NR_TYPE_STRING, - }, - { /* 112 */ - .name = "Digest-Entity-Body-Hash", - .attr = 112, - .type = NR_TYPE_STRING, - }, - { /* 113 */ - .name = "Digest-CNonce", - .attr = 113, - .type = NR_TYPE_STRING, - }, - { /* 114 */ - .name = "Digest-Nonce-Count", - .attr = 114, - .type = NR_TYPE_STRING, - }, - { /* 115 */ - .name = "Digest-Username", - .attr = 115, - .type = NR_TYPE_STRING, - }, - { /* 116 */ - .name = "Digest-Opaque", - .attr = 116, - .type = NR_TYPE_STRING, - }, - { /* 117 */ - .name = "Digest-Auth-Param", - .attr = 117, - .type = NR_TYPE_STRING, - }, - { /* 118 */ - .name = "Digest-AKA-Auts", - .attr = 118, - .type = NR_TYPE_STRING, - }, - { /* 119 */ - .name = "Digest-Domain", - .attr = 119, - .type = NR_TYPE_STRING, - }, - { /* 120 */ - .name = "Digest-Stale", - .attr = 120, - .type = NR_TYPE_STRING, - }, - { /* 121 */ - .name = "Digest-HA1", - .attr = 121, - .type = NR_TYPE_STRING, - }, - { /* 122 */ - .name = "SIP-AOR", - .attr = 122, - .type = NR_TYPE_STRING, - }, - { /* 123 */ - .name = "Delegated-IPv6-Prefix", - .attr = 123, - .type = NR_TYPE_IPV6PREFIX, - }, - { /* 124 */ - .name = NULL, - }, - { /* 125 */ - .name = NULL, - }, - { /* 126 */ - .name = "Operator-Name", - .attr = 126, - .type = NR_TYPE_STRING, - }, - { /* 127 */ - .name = "Location-Information", - .attr = 127, - .type = NR_TYPE_OCTETS, - }, - { /* 128 */ - .name = "Location-Data", - .attr = 128, - .type = NR_TYPE_OCTETS, - }, - { /* 129 */ - .name = "Basic-Location-Policy-Rules", - .attr = 129, - .type = NR_TYPE_OCTETS, - }, - { /* 130 */ - .name = "Extended-Location-Policy-Rules", - .attr = 130, - .type = NR_TYPE_OCTETS, - }, - { /* 131 */ - .name = "Location-Capable", - .attr = 131, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 132 */ - .name = "Requested-Location-Info", - .attr = 132, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 133 */ - .name = "Framed-Management", - .attr = 133, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 134 */ - .name = "Management-Transport-Protection", - .attr = 134, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 135 */ - .name = "Management-Policy-Id", - .attr = 135, - .type = NR_TYPE_STRING, - }, - { /* 136 */ - .name = "Management-Privilege-Level", - .attr = 136, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 137 */ - .name = "PKM-SS-Cert", - .attr = 137, - .type = NR_TYPE_OCTETS, - }, - { /* 138 */ - .name = "PKM-CA-Cert", - .attr = 138, - .type = NR_TYPE_OCTETS, - }, - { /* 139 */ - .name = "PKM-Config-Settings", - .attr = 139, - .type = NR_TYPE_OCTETS, - }, - { /* 140 */ - .name = "PKM-Cryptosuite-List", - .attr = 140, - .type = NR_TYPE_OCTETS, - }, - { /* 141 */ - .name = "PKM-SAID", - .attr = 141, - .type = NR_TYPE_SHORT, - .flags = { - .length = 2, - }, - }, - { /* 142 */ - .name = "PKM-SA-Descriptor", - .attr = 142, - .type = NR_TYPE_OCTETS, - }, - { /* 143 */ - .name = "PKM-Auth-Key", - .attr = 143, - .type = NR_TYPE_OCTETS, - }, - { /* 144 */ - .name = NULL, - }, - { /* 145 */ - .name = NULL, - }, - { /* 146 */ - .name = NULL, - }, - { /* 147 */ - .name = NULL, - }, - { /* 148 */ - .name = NULL, - }, - { /* 149 */ - .name = NULL, - }, - { /* 150 */ - .name = NULL, - }, - { /* 151 */ - .name = NULL, - }, - { /* 152 */ - .name = NULL, - }, - { /* 153 */ - .name = NULL, - }, - { /* 154 */ - .name = NULL, - }, - { /* 155 */ - .name = NULL, - }, - { /* 156 */ - .name = NULL, - }, - { /* 157 */ - .name = NULL, - }, - { /* 158 */ - .name = NULL, - }, - { /* 159 */ - .name = NULL, - }, - { /* 160 */ - .name = NULL, - }, - { /* 161 */ - .name = NULL, - }, - { /* 162 */ - .name = NULL, - }, - { /* 163 */ - .name = NULL, - }, - { /* 164 */ - .name = NULL, - }, - { /* 165 */ - .name = NULL, - }, - { /* 166 */ - .name = NULL, - }, - { /* 167 */ - .name = NULL, - }, - { /* 168 */ - .name = NULL, - }, - { /* 169 */ - .name = NULL, - }, - { /* 170 */ - .name = NULL, - }, - { /* 171 */ - .name = NULL, - }, - { /* 172 */ - .name = NULL, - }, - { /* 173 */ - .name = NULL, - }, - { /* 174 */ - .name = NULL, - }, - { /* 175 */ - .name = NULL, - }, - { /* 176 */ - .name = NULL, - }, - { /* 177 */ - .name = NULL, - }, - { /* 178 */ - .name = NULL, - }, - { /* 179 */ - .name = NULL, - }, - { /* 180 */ - .name = NULL, - }, - { /* 181 */ - .name = NULL, - }, - { /* 182 */ - .name = NULL, - }, - { /* 183 */ - .name = NULL, - }, - { /* 184 */ - .name = NULL, - }, - { /* 185 */ - .name = NULL, - }, - { /* 186 */ - .name = NULL, - }, - { /* 187 */ - .name = NULL, - }, - { /* 188 */ - .name = NULL, - }, - { /* 189 */ - .name = NULL, - }, - { /* 190 */ - .name = NULL, - }, - { /* 191 */ - .name = NULL, - }, - { /* 192 */ - .name = NULL, - }, - { /* 193 */ - .name = NULL, - }, - { /* 194 */ - .name = NULL, - }, - { /* 195 */ - .name = NULL, - }, - { /* 196 */ - .name = NULL, - }, - { /* 197 */ - .name = NULL, - }, - { /* 198 */ - .name = NULL, - }, - { /* 199 */ - .name = NULL, - }, - { /* 200 */ - .name = NULL, - }, - { /* 201 */ - .name = NULL, - }, - { /* 202 */ - .name = NULL, - }, - { /* 203 */ - .name = NULL, - }, - { /* 204 */ - .name = NULL, - }, - { /* 205 */ - .name = NULL, - }, - { /* 206 */ - .name = NULL, - }, - { /* 207 */ - .name = NULL, - }, - { /* 208 */ - .name = NULL, - }, - { /* 209 */ - .name = NULL, - }, - { /* 210 */ - .name = NULL, - }, - { /* 211 */ - .name = NULL, - }, - { /* 212 */ - .name = NULL, - }, - { /* 213 */ - .name = NULL, - }, - { /* 214 */ - .name = NULL, - }, - { /* 215 */ - .name = NULL, - }, - { /* 216 */ - .name = NULL, - }, - { /* 217 */ - .name = NULL, - }, - { /* 218 */ - .name = NULL, - }, - { /* 219 */ - .name = NULL, - }, - { /* 220 */ - .name = NULL, - }, - { /* 221 */ - .name = NULL, - }, - { /* 222 */ - .name = NULL, - }, - { /* 223 */ - .name = NULL, - }, - { /* 224 */ - .name = NULL, - }, - { /* 225 */ - .name = NULL, - }, - { /* 226 */ - .name = NULL, - }, - { /* 227 */ - .name = NULL, - }, - { /* 228 */ - .name = NULL, - }, - { /* 229 */ - .name = NULL, - }, - { /* 230 */ - .name = NULL, - }, - { /* 231 */ - .name = NULL, - }, - { /* 232 */ - .name = NULL, - }, - { /* 233 */ - .name = NULL, - }, - { /* 234 */ - .name = NULL, - }, - { /* 235 */ - .name = NULL, - }, - { /* 236 */ - .name = NULL, - }, - { /* 237 */ - .name = NULL, - }, - { /* 238 */ - .name = NULL, - }, - { /* 239 */ - .name = NULL, - }, - { /* 240 */ - .name = NULL, - }, - { /* 241 */ - .name = NULL, - }, - { /* 242 */ - .name = NULL, - }, - { /* 243 */ - .name = NULL, - }, - { /* 244 */ - .name = NULL, - }, - { /* 245 */ - .name = NULL, - }, - { /* 246 */ - .name = NULL, - }, - { /* 247 */ - .name = NULL, - }, - { /* 248 */ - .name = NULL, - }, - { /* 249 */ - .name = NULL, - }, - { /* 250 */ - .name = NULL, - }, - { /* 251 */ - .name = NULL, - }, - { /* 252 */ - .name = NULL, - }, - { /* 253 */ - .name = NULL, - }, - { /* 254 */ - .name = NULL, - }, - { /* 255 */ - .name = NULL, - }, - { /* 256 */ - .name = "MS-CHAP-Response", - .vendor = 311, - .attr = 1, - .type = NR_TYPE_OCTETS, - }, - { /* 257 */ - .name = "MS-CHAP-Error", - .vendor = 311, - .attr = 2, - .type = NR_TYPE_STRING, - }, - { /* 258 */ - .name = "MS-MPPE-Encryption-Policy", - .vendor = 311, - .attr = 7, - .type = NR_TYPE_OCTETS, - }, - { /* 259 */ - .name = "MS-MPPE-Encryption-Types", - .vendor = 311, - .attr = 8, - .type = NR_TYPE_OCTETS, - }, - { /* 260 */ - .name = "MS-CHAP-Domain", - .vendor = 311, - .attr = 10, - .type = NR_TYPE_STRING, - }, - { /* 261 */ - .name = "MS-CHAP-Challenge", - .vendor = 311, - .attr = 11, - .type = NR_TYPE_OCTETS, - }, - { /* 262 */ - .name = "MS-CHAP-MPPE-Keys", - .vendor = 311, - .attr = 12, - .type = NR_TYPE_OCTETS, - .flags = { - .encrypt = FLAG_ENCRYPT_USER_PASSWORD, - }, - }, - { /* 263 */ - .name = "MS-MPPE-Send-Key", - .vendor = 311, - .attr = 16, - .type = NR_TYPE_OCTETS, - .flags = { - .encrypt = FLAG_ENCRYPT_TUNNEL_PASSWORD, - }, - }, - { /* 264 */ - .name = "MS-MPPE-Recv-Key", - .vendor = 311, - .attr = 17, - .type = NR_TYPE_OCTETS, - .flags = { - .encrypt = FLAG_ENCRYPT_TUNNEL_PASSWORD, - }, - }, - { /* 265 */ - .name = "MS-CHAP2-Response", - .vendor = 311, - .attr = 25, - .type = NR_TYPE_OCTETS, - }, - { /* 266 */ - .name = "MS-CHAP2-Success", - .vendor = 311, - .attr = 26, - .type = NR_TYPE_OCTETS, - }, - { /* 267 */ - .name = "Example-Integer", - .vendor = 65535, - .attr = 1, - .type = NR_TYPE_INTEGER, - .flags = { - .length = 4, - }, - }, - { /* 268 */ - .name = "Example-String", - .vendor = 65535, - .attr = 2, - .type = NR_TYPE_STRING, - }, - { /* 269 */ - .name = "Example-IP-Address", - .vendor = 65535, - .attr = 3, - .type = NR_TYPE_IPADDR, - .flags = { - .length = 4, - }, - }, -}; - -const int nr_dict_num_attrs = 269; - -const int nr_dict_num_names = 149; - -const DICT_ATTR *nr_dict_attr_names[] = { - &nr_dict_attrs[45], /* Acct-Authentic */ - &nr_dict_attrs[41], /* Acct-Delay-Time */ - &nr_dict_attrs[52], /* Acct-Input-Gigawords */ - &nr_dict_attrs[42], /* Acct-Input-Octets */ - &nr_dict_attrs[47], /* Acct-Input-Packets */ - &nr_dict_attrs[85], /* Acct-Interim-Interval */ - &nr_dict_attrs[51], /* Acct-Link-Count */ - &nr_dict_attrs[50], /* Acct-Multi-Session-Id */ - &nr_dict_attrs[53], /* Acct-Output-Gigawords */ - &nr_dict_attrs[43], /* Acct-Output-Octets */ - &nr_dict_attrs[48], /* Acct-Output-Packets */ - &nr_dict_attrs[44], /* Acct-Session-Id */ - &nr_dict_attrs[46], /* Acct-Session-Time */ - &nr_dict_attrs[40], /* Acct-Status-Type */ - &nr_dict_attrs[49], /* Acct-Terminate-Cause */ - &nr_dict_attrs[68], /* Acct-Tunnel-Connection */ - &nr_dict_attrs[86], /* Acct-Tunnel-Packets-Lost */ - &nr_dict_attrs[84], /* ARAP-Challenge-Response */ - &nr_dict_attrs[71], /* ARAP-Features */ - &nr_dict_attrs[70], /* ARAP-Password */ - &nr_dict_attrs[73], /* ARAP-Security */ - &nr_dict_attrs[74], /* ARAP-Security-Data */ - &nr_dict_attrs[72], /* ARAP-Zone-Access */ - &nr_dict_attrs[129], /* Basic-Location-Policy-Rules */ - &nr_dict_attrs[20], /* Callback-Id */ - &nr_dict_attrs[19], /* Callback-Number */ - &nr_dict_attrs[30], /* Called-Station-Id */ - &nr_dict_attrs[31], /* Calling-Station-Id */ - &nr_dict_attrs[60], /* CHAP-Challenge */ - &nr_dict_attrs[3], /* CHAP-Password */ - &nr_dict_attrs[89], /* Chargeable-User-Identity */ - &nr_dict_attrs[25], /* Class */ - &nr_dict_attrs[78], /* Configuration-Token */ - &nr_dict_attrs[77], /* Connect-Info */ - &nr_dict_attrs[123], /* Delegated-IPv6-Prefix */ - &nr_dict_attrs[118], /* Digest-AKA-Auts */ - &nr_dict_attrs[111], /* Digest-Algorithm */ - &nr_dict_attrs[117], /* Digest-Auth-Param */ - &nr_dict_attrs[113], /* Digest-CNonce */ - &nr_dict_attrs[119], /* Digest-Domain */ - &nr_dict_attrs[112], /* Digest-Entity-Body-Hash */ - &nr_dict_attrs[121], /* Digest-HA1 */ - &nr_dict_attrs[108], /* Digest-Method */ - &nr_dict_attrs[107], /* Digest-Nextnonce */ - &nr_dict_attrs[105], /* Digest-Nonce */ - &nr_dict_attrs[114], /* Digest-Nonce-Count */ - &nr_dict_attrs[116], /* Digest-Opaque */ - &nr_dict_attrs[110], /* Digest-Qop */ - &nr_dict_attrs[104], /* Digest-Realm */ - &nr_dict_attrs[103], /* Digest-Response */ - &nr_dict_attrs[106], /* Digest-Response-Auth */ - &nr_dict_attrs[120], /* Digest-Stale */ - &nr_dict_attrs[109], /* Digest-URI */ - &nr_dict_attrs[115], /* Digest-Username */ - &nr_dict_attrs[102], /* EAP-Key-Name */ - &nr_dict_attrs[79], /* EAP-Message */ - &nr_dict_attrs[58], /* Egress-VLAN-Name */ - &nr_dict_attrs[56], /* Egress-VLANID */ - &nr_dict_attrs[101], /* Error-Cause */ - &nr_dict_attrs[55], /* Event-Timestamp */ - &nr_dict_attrs[267], /* Example-Integer */ - &nr_dict_attrs[269], /* Example-IP-Address */ - &nr_dict_attrs[268], /* Example-String */ - &nr_dict_attrs[130], /* Extended-Location-Policy-Rules */ - &nr_dict_attrs[11], /* Filter-Id */ - &nr_dict_attrs[37], /* Framed-AppleTalk-Link */ - &nr_dict_attrs[38], /* Framed-AppleTalk-Network */ - &nr_dict_attrs[39], /* Framed-AppleTalk-Zone */ - &nr_dict_attrs[13], /* Framed-Compression */ - &nr_dict_attrs[96], /* Framed-Interface-Id */ - &nr_dict_attrs[8], /* Framed-IP-Address */ - &nr_dict_attrs[9], /* Framed-IP-Netmask */ - &nr_dict_attrs[100], /* Framed-IPv6-Pool */ - &nr_dict_attrs[97], /* Framed-IPv6-Prefix */ - &nr_dict_attrs[99], /* Framed-IPv6-Route */ - &nr_dict_attrs[23], /* Framed-IPX-Network */ - &nr_dict_attrs[133], /* Framed-Management */ - &nr_dict_attrs[12], /* Framed-MTU */ - &nr_dict_attrs[88], /* Framed-Pool */ - &nr_dict_attrs[7], /* Framed-Protocol */ - &nr_dict_attrs[22], /* Framed-Route */ - &nr_dict_attrs[10], /* Framed-Routing */ - &nr_dict_attrs[28], /* Idle-Timeout */ - &nr_dict_attrs[57], /* Ingress-Filters */ - &nr_dict_attrs[131], /* Location-Capable */ - &nr_dict_attrs[128], /* Location-Data */ - &nr_dict_attrs[127], /* Location-Information */ - &nr_dict_attrs[14], /* Login-IP-Host */ - &nr_dict_attrs[98], /* Login-IPv6-Host */ - &nr_dict_attrs[36], /* Login-LAT-Group */ - &nr_dict_attrs[35], /* Login-LAT-Node */ - &nr_dict_attrs[63], /* Login-LAT-Port */ - &nr_dict_attrs[34], /* Login-LAT-Service */ - &nr_dict_attrs[15], /* Login-Service */ - &nr_dict_attrs[16], /* Login-TCP-Port */ - &nr_dict_attrs[135], /* Management-Policy-Id */ - &nr_dict_attrs[136], /* Management-Privilege-Level */ - &nr_dict_attrs[134], /* Management-Transport-Protection */ - &nr_dict_attrs[80], /* Message-Authenticator */ - &nr_dict_attrs[261], /* MS-CHAP-Challenge */ - &nr_dict_attrs[260], /* MS-CHAP-Domain */ - &nr_dict_attrs[257], /* MS-CHAP-Error */ - &nr_dict_attrs[262], /* MS-CHAP-MPPE-Keys */ - &nr_dict_attrs[256], /* MS-CHAP-Response */ - &nr_dict_attrs[265], /* MS-CHAP2-Response */ - &nr_dict_attrs[266], /* MS-CHAP2-Success */ - &nr_dict_attrs[258], /* MS-MPPE-Encryption-Policy */ - &nr_dict_attrs[259], /* MS-MPPE-Encryption-Types */ - &nr_dict_attrs[264], /* MS-MPPE-Recv-Key */ - &nr_dict_attrs[263], /* MS-MPPE-Send-Key */ - &nr_dict_attrs[92], /* NAS-Filter-Rule */ - &nr_dict_attrs[32], /* NAS-Identifier */ - &nr_dict_attrs[4], /* NAS-IP-Address */ - &nr_dict_attrs[95], /* NAS-IPv6-Address */ - &nr_dict_attrs[5], /* NAS-Port */ - &nr_dict_attrs[87], /* NAS-Port-Id */ - &nr_dict_attrs[61], /* NAS-Port-Type */ - &nr_dict_attrs[126], /* Operator-Name */ - &nr_dict_attrs[75], /* Password-Retry */ - &nr_dict_attrs[143], /* PKM-Auth-Key */ - &nr_dict_attrs[138], /* PKM-CA-Cert */ - &nr_dict_attrs[139], /* PKM-Config-Settings */ - &nr_dict_attrs[140], /* PKM-Cryptosuite-List */ - &nr_dict_attrs[142], /* PKM-SA-Descriptor */ - &nr_dict_attrs[141], /* PKM-SAID */ - &nr_dict_attrs[137], /* PKM-SS-Cert */ - &nr_dict_attrs[62], /* Port-Limit */ - &nr_dict_attrs[76], /* Prompt */ - &nr_dict_attrs[33], /* Proxy-State */ - &nr_dict_attrs[18], /* Reply-Message */ - &nr_dict_attrs[132], /* Requested-Location-Info */ - &nr_dict_attrs[6], /* Service-Type */ - &nr_dict_attrs[27], /* Session-Timeout */ - &nr_dict_attrs[122], /* SIP-AOR */ - &nr_dict_attrs[24], /* State */ - &nr_dict_attrs[29], /* Termination-Action */ - &nr_dict_attrs[82], /* Tunnel-Assignment-Id */ - &nr_dict_attrs[90], /* Tunnel-Client-Auth-Id */ - &nr_dict_attrs[66], /* Tunnel-Client-Endpoint */ - &nr_dict_attrs[65], /* Tunnel-Medium-Type */ - &nr_dict_attrs[69], /* Tunnel-Password */ - &nr_dict_attrs[83], /* Tunnel-Preference */ - &nr_dict_attrs[81], /* Tunnel-Private-Group-Id */ - &nr_dict_attrs[91], /* Tunnel-Server-Auth-Id */ - &nr_dict_attrs[67], /* Tunnel-Server-Endpoint */ - &nr_dict_attrs[64], /* Tunnel-Type */ - &nr_dict_attrs[1], /* User-Name */ - &nr_dict_attrs[2], /* User-Password */ - &nr_dict_attrs[59], /* User-Priority-Table */ - &nr_dict_attrs[26], /* Vendor-Specific */ -}; - diff --git a/lib/radius/examples/example_1.c b/lib/radius/examples/example_1.c index 503d927..265c880 100644 --- a/lib/radius/examples/example_1.c +++ b/lib/radius/examples/example_1.c @@ -36,8 +36,8 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ static const char *secret = "testing123"; -static uint8_t request_buffer[NR_MAX_PACKET_LEN]; -static uint8_t response_buffer[NR_MAX_PACKET_LEN]; +static uint8_t request_buffer[RS_MAX_PACKET_LEN]; +static uint8_t response_buffer[RS_MAX_PACKET_LEN]; static RADIUS_PACKET request, response; int main(int argc, const char *argv[]) @@ -58,12 +58,12 @@ int main(int argc, const char *argv[]) if (argc > 2) password = argv[2]; rcode = nr_packet_attr_append(&request, NULL, - NR_DA_USER_NAME, + RS_DA_USER_NAME, user, 0); if (rcode < 0) goto error; rcode = nr_packet_attr_append(&request, NULL, - NR_DA_USER_PASSWORD, + RS_DA_USER_PASSWORD, password, 0); if (rcode < 0) goto error; diff --git a/lib/radius/examples/example_2.c b/lib/radius/examples/example_2.c index 1065c8e..0a58523 100644 --- a/lib/radius/examples/example_2.c +++ b/lib/radius/examples/example_2.c @@ -36,8 +36,8 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ static const char *secret = "testing123"; -static uint8_t request_buffer[NR_MAX_PACKET_LEN]; -static uint8_t response_buffer[NR_MAX_PACKET_LEN]; +static uint8_t request_buffer[RS_MAX_PACKET_LEN]; +static uint8_t response_buffer[RS_MAX_PACKET_LEN]; static RADIUS_PACKET request, response; int main(int argc, const char *argv[]) @@ -58,12 +58,12 @@ int main(int argc, const char *argv[]) if (argc > 2) password = argv[2]; rcode = nr_packet_attr_append(&request, NULL, - NR_DA_USER_NAME, + RS_DA_USER_NAME, user, 0); if (rcode < 0) goto error; rcode = nr_packet_attr_append(&request, NULL, - NR_DA_CHAP_PASSWORD, + RS_DA_CHAP_PASSWORD, password, strlen(password)); if (rcode < 0) goto error; diff --git a/lib/radius/examples/example_3.c b/lib/radius/examples/example_3.c index 6104f6f..33fc671 100644 --- a/lib/radius/examples/example_3.c +++ b/lib/radius/examples/example_3.c @@ -39,8 +39,8 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ static const char *secret = "testing123"; -static uint8_t request_buffer[NR_MAX_PACKET_LEN]; -static uint8_t response_buffer[NR_MAX_PACKET_LEN]; +static uint8_t request_buffer[RS_MAX_PACKET_LEN]; +static uint8_t response_buffer[RS_MAX_PACKET_LEN]; static RADIUS_PACKET request, response; int main(int argc, const char *argv[]) @@ -61,12 +61,12 @@ int main(int argc, const char *argv[]) if (argc > 2) password = argv[2]; rcode = nr_packet_attr_append(&request, NULL, - NR_DA_USER_NAME, + RS_DA_USER_NAME, user, 0); if (rcode < 0) goto error; rcode = nr_packet_attr_append(&request, NULL, - NR_DA_USER_PASSWORD, + RS_DA_USER_PASSWORD, password, 0); if (rcode < 0) goto error; @@ -84,12 +84,12 @@ int main(int argc, const char *argv[]) if (rcode < 0) goto error; rcode = nr_packet_attr_append(&response, &request, - NR_DA_REPLY_MESSAGE, + RS_DA_REPLY_MESSAGE, "Success!", 0); if (rcode < 0) goto error; rcode = nr_packet_attr_append(&response, &request, - NR_DA_TUNNEL_PASSWORD, + RS_DA_TUNNEL_PASSWORD, password, 0); if (rcode < 0) goto error; rcode = nr_packet_sign(&response, &request); diff --git a/lib/radius/examples/example_4.c b/lib/radius/examples/example_4.c index f93764c..2dadc89 100644 --- a/lib/radius/examples/example_4.c +++ b/lib/radius/examples/example_4.c @@ -52,12 +52,12 @@ int main(int argc, const char *argv[]) if (argc > 2) password = argv[2]; rcode = nr_packet_attr_append(&request, NULL, - NR_DA_USER_NAME, + RS_DA_USER_NAME, user, 0); if (rcode < 0) goto error; rcode = nr_packet_attr_append(&request, NULL, - NR_DA_USER_PASSWORD, + RS_DA_USER_PASSWORD, password, 0); if (rcode < 0) goto error; @@ -75,7 +75,7 @@ int main(int argc, const char *argv[]) if (rcode < 0) goto error; rcode = nr_packet_attr_append(&response, &request, - NR_DA_REPLY_MESSAGE, + RS_DA_REPLY_MESSAGE, "Success!", 0); if (rcode < 0) goto error; diff --git a/lib/radius/id.c b/lib/radius/id.c index 4fbe631..2b956f2 100644 --- a/lib/radius/id.c +++ b/lib/radius/id.c @@ -25,7 +25,7 @@ ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include <networkradius-devel/client.h> +#include "client.h" #include <unistd.h> /** \file id.c @@ -38,7 +38,7 @@ static int find_id(nr_server_t *s) int i; uint32_t lvalue; - if ((s->used < 0) || (s->used > 256)) return -NR_ERR_INTERNAL_FAILURE; + if ((s->used < 0) || (s->used > 256)) return -RSE_INTERNAL; /* * Ensure that the ID allocation is random. @@ -59,7 +59,7 @@ int nr_server_id_alloc(nr_server_t *s, RADIUS_PACKET *packet) { int new_id; - if (!s || !packet) return -NR_ERR_INVALID_ARG; + if (!s || !packet) return -RSE_INVAL; new_id = find_id(s); if (new_id < 0) return -new_id; @@ -77,13 +77,13 @@ int nr_server_id_alloc(nr_server_t *s, RADIUS_PACKET *packet) int nr_server_id_free(nr_server_t *s, RADIUS_PACKET *packet) { - if (!s || !packet) return -NR_ERR_INVALID_ARG; + if (!s || !packet) return -RSE_INVAL; if ((packet->id < 0) || (packet->id > 255) || !s->ids[packet->id]) { - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } - if (s->ids[packet->id] != packet) return -NR_ERR_INTERNAL_FAILURE; + if (s->ids[packet->id] != packet) return -RSE_INTERNAL; s->ids[packet->id] = NULL; s->used--; @@ -96,13 +96,13 @@ int nr_server_id_realloc(nr_server_t *s, RADIUS_PACKET *packet) { int new_id; - if (!s || !packet) return -NR_ERR_INVALID_ARG; + if (!s || !packet) return -RSE_INVAL; if ((packet->id < 0) || (packet->id > 255) || !s->ids[packet->id]) { - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } - if (s->ids[packet->id] != packet) return -NR_ERR_INTERNAL_FAILURE; + if (s->ids[packet->id] != packet) return -RSE_INTERNAL; new_id = find_id(s); if (new_id < 0) return new_id; @@ -118,8 +118,8 @@ int nr_server_id_realloc(nr_server_t *s, RADIUS_PACKET *packet) int nr_server_init(nr_server_t *s, int code, const char *secret) { if (!s || !secret || !*secret || - (code == 0) || (code > NR_MAX_PACKET_CODE)) { - return -NR_ERR_INVALID_ARG; + (code == 0) || (code > RS_MAX_PACKET_CODE)) { + return -RSE_INVAL; } memset(s, 0, sizeof(*s)); @@ -137,9 +137,9 @@ int nr_server_init(nr_server_t *s, int code, const char *secret) int nr_server_close(const nr_server_t *s) { - if (!s) return -NR_ERR_INVALID_ARG; + if (!s) return -RSE_INVAL; - if (s->used > 0) return -NR_ERR_IN_USE; + if (s->used > 0) return -RSE_INUSE; if (s->sockfd >= 0) close(s->sockfd); @@ -151,23 +151,23 @@ int nr_server_packet_alloc(const nr_server_t *s, RADIUS_PACKET **packet_p) int rcode; RADIUS_PACKET *packet; - if (!packet_p) return -NR_ERR_INVALID_ARG; + if (!packet_p) return -RSE_INVAL; - packet = malloc(sizeof(*packet) + NR_MAX_PACKET_LEN); - if (!packet) return -NR_ERR_NO_MEM; + packet = malloc(sizeof(*packet) + RS_MAX_PACKET_LEN); + if (!packet) return -RSE_NOMEM; memset(packet, 0, sizeof(*packet)); if (!s) { packet->data = (uint8_t *)(packet + 1); - packet->sizeof_data = NR_MAX_PACKET_LEN; + packet->sizeof_data = RS_MAX_PACKET_LEN; *packet_p = packet; return 0; } rcode = nr_packet_init(packet, NULL, s->secret, s->code, - (uint8_t *)(packet + 1), NR_MAX_PACKET_LEN); + (uint8_t *)(packet + 1), RS_MAX_PACKET_LEN); if (rcode < 0) { free(packet); return rcode; diff --git a/lib/radius/packet.c b/lib/radius/packet.c index 77e3d14..c5d3bc4 100644 --- a/lib/radius/packet.c +++ b/lib/radius/packet.c @@ -29,17 +29,17 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * \brief Encoding and decoding packets */ -#include <networkradius-devel/client.h> +#include "client.h" -#if NR_MAX_PACKET_LEN < 64 -#error NR_MAX_PACKET_LEN is too small. It should be at least 64. +#if RS_MAX_PACKET_LEN < 64 +#error RS_MAX_PACKET_LEN is too small. It should be at least 64. #endif -#if NR_MAX_PACKET_LEN > 16384 -#error NR_MAX_PACKET_LEN is too large. It should be smaller than 16K. +#if RS_MAX_PACKET_LEN > 16384 +#error RS_MAX_PACKET_LEN is too large. It should be smaller than 16K. #endif -const char *nr_packet_codes[NR_MAX_PACKET_CODE + 1] = { +const char *nr_packet_codes[RS_MAX_PACKET_CODE + 1] = { NULL, "Access-Request", "Access-Accept", @@ -61,7 +61,7 @@ const char *nr_packet_codes[NR_MAX_PACKET_CODE + 1] = { }; -static uint64_t allowed_responses[NR_MAX_PACKET_CODE + 1] = { +static uint64_t allowed_responses[RS_MAX_PACKET_CODE + 1] = { 0, (1 << PW_ACCESS_ACCEPT) | (1 << PW_ACCESS_REJECT) | (1 << PW_ACCESS_CHALLENGE), 0, 0, @@ -89,18 +89,18 @@ int nr_packet_ok_raw(const uint8_t *data, size_t sizeof_data) if (!data || (sizeof_data < 20)) { nr_debug_error("Invalid argument"); - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } packet_len = (data[2] << 8) | data[3]; if (packet_len < 20) { nr_debug_error("Packet length is too small"); - return -NR_ERR_PACKET_TOO_SMALL; + return -RSE_PACKET_TOO_SMALL; } if (packet_len > sizeof_data) { nr_debug_error("Packet length overflows received data"); - return -NR_ERR_PACKET_TOO_LARGE; + return -RSE_PACKET_TOO_LARGE; } /* @@ -112,17 +112,17 @@ int nr_packet_ok_raw(const uint8_t *data, size_t sizeof_data) for (attr = data + 20; attr < end; attr += attr[1]) { if ((attr + 2) > end) { nr_debug_error("Attribute overflows packet"); - return -NR_ERR_ATTR_OVERFLOW; + return -RSE_ATTR_OVERFLOW; } if (attr[1] < 2) { nr_debug_error("Attribute length is too small"); - return -NR_ERR_ATTR_TOO_SMALL; + return -RSE_ATTR_TOO_SMALL; } if ((attr + attr[1]) > end) { nr_debug_error("Attribute length is too large"); - return -NR_ERR_ATTR_TOO_LARGE; + return -RSE_ATTR_TOO_LARGE; } } @@ -133,14 +133,14 @@ int nr_packet_ok(RADIUS_PACKET *packet) { int rcode; - if (!packet) return -NR_ERR_INVALID_ARG; + if (!packet) return -RSE_INVAL; - if ((packet->flags & NR_PACKET_OK) != 0) return 0; + if ((packet->flags & RS_PACKET_OK) != 0) return 0; rcode = nr_packet_ok_raw(packet->data, packet->length); if (rcode < 0) return rcode; - packet->flags |= NR_PACKET_OK; + packet->flags |= RS_PACKET_OK; return 0; } @@ -176,7 +176,7 @@ static int msg_auth_ok(const RADIUS_PACKET *original, if (ma[1] != 18) { nr_debug_error("Message-Authenticator has invalid length"); - return -NR_ERR_MSG_AUTH_LEN; + return -RSE_MSG_AUTH_LEN; } memcpy(packet_vector, data + 4, sizeof(packet_vector)); @@ -203,7 +203,7 @@ static int msg_auth_ok(const RADIUS_PACKET *original, case PW_ACCESS_CHALLENGE: if (!original) { nr_debug_error("Cannot validate response without request"); - return -NR_ERR_REQUEST_REQUIRED; + return -RSE_REQUEST_REQUIRED; } memcpy(data + 4, original->vector, sizeof(original->vector)); break; @@ -219,7 +219,7 @@ static int msg_auth_ok(const RADIUS_PACKET *original, if (digest_cmp(calc_auth_vector, msg_auth_vector, sizeof(calc_auth_vector)) != 0) { nr_debug_error("Invalid Message-Authenticator"); - return -NR_ERR_MSG_AUTH_WRONG; + return -RSE_MSG_AUTH_WRONG; } return 1; @@ -234,7 +234,7 @@ static int packet_auth_ok(const RADIUS_PACKET *original, { uint8_t packet_vector[sizeof(original->vector)]; uint8_t calc_digest[sizeof(original->vector)]; - NR_MD5_CTX ctx; + RS_MD5_CTX ctx; if ((data[0] == PW_ACCESS_REQUEST) || (data[0] == PW_STATUS_SERVER)) return 1; @@ -247,17 +247,17 @@ static int packet_auth_ok(const RADIUS_PACKET *original, memcpy(data + 4, original->vector, sizeof(original->vector)); } - nr_MD5Init(&ctx); - nr_MD5Update(&ctx, data, length); - nr_MD5Update(&ctx, original->secret, original->sizeof_secret); - nr_MD5Final(calc_digest, &ctx); + RS_MD5Init(&ctx); + RS_MD5Update(&ctx, data, length); + RS_MD5Update(&ctx, original->secret, original->sizeof_secret); + RS_MD5Final(calc_digest, &ctx); memcpy(data + 4, packet_vector, sizeof(packet_vector)); if (digest_cmp(calc_digest, packet_vector, sizeof(packet_vector)) != 0) { nr_debug_error("Invalid authentication vector"); - return -NR_ERR_AUTH_VECTOR_WRONG; + return -RSE_AUTH_VECTOR_WRONG; } return 0; @@ -274,10 +274,10 @@ int nr_packet_verify(RADIUS_PACKET *packet, const RADIUS_PACKET *original) if (!packet || !packet->data || !packet->secret) { nr_debug_error("Invalid argument"); - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } - if ((packet->flags & NR_PACKET_VERIFIED) != 0) return 0; + if ((packet->flags & RS_PACKET_VERIFIED) != 0) return 0; /* * Packet isn't well formed. Ignore it. @@ -291,16 +291,16 @@ int nr_packet_verify(RADIUS_PACKET *packet, const RADIUS_PACKET *original) if (original) { uint64_t mask; - if (original->code > NR_MAX_PACKET_CODE) { + if (original->code > RS_MAX_PACKET_CODE) { nr_debug_error("Invalid original code %u", original->code); - return -NR_ERR_REQUEST_CODE_INVALID; + return -RSE_INVALID_REQUEST_CODE; } if (packet->data[1] != original->id) { nr_debug_error("Ignoring response with wrong ID %u", packet->data[1]); - return -NR_ERR_RESPONSE_ID_INVALID; + return -RSE_INVALID_RESPONSE_CODE; } mask = 1; @@ -309,18 +309,18 @@ int nr_packet_verify(RADIUS_PACKET *packet, const RADIUS_PACKET *original) if ((allowed_responses[original->code] & mask) == 0) { nr_debug_error("Ignoring response with wrong code %u", packet->data[0]); - return -NR_ERR_RESPONSE_CODE_INVALID; + return -RSE_INVALID_RESPONSE_CODE; } if ((memcmp(&packet->src, &original->dst, sizeof(packet->src)) != 0) && - (sockaddr_cmp(&(packet->src), &(original->dst)) != 0)) { + (evutil_sockaddr_cmp(&(packet->src), &(original->dst)) != 0)) { nr_debug_error("Ignoring response from wrong IP/port"); - return -NR_ERR_RESPONSE_SRC_INVALID; + return -RSE_INVALID_RESPONSE_SRC; } } else if (allowed_responses[packet->data[0]] != 0) { nr_debug_error("Ignoring response without original"); - return -NR_ERR_RESPONSE_CODE_INVALID; + return -RSE_INVALID_RESPONSE_CODE; } #ifdef PW_MESSAGE_AUTHENTICATOR @@ -344,7 +344,7 @@ int nr_packet_verify(RADIUS_PACKET *packet, const RADIUS_PACKET *original) rcode = packet_auth_ok(original, packet->data, packet->length); if (rcode < 0) return rcode; - packet->flags |= NR_PACKET_VERIFIED; + packet->flags |= RS_PACKET_VERIFIED; return 0; } @@ -357,9 +357,9 @@ int nr_packet_decode(RADIUS_PACKET *packet, const RADIUS_PACKET *original) const uint8_t *end; VALUE_PAIR **tail, *vp; - if (!packet) return -NR_ERR_INVALID_ARG; + if (!packet) return -RSE_INVAL; - if ((packet->flags & NR_PACKET_DECODED) != 0) return 0; + if ((packet->flags & RS_PACKET_DECODED) != 0) return 0; rcode = nr_packet_ok(packet); if (rcode < 0) return rcode; @@ -387,10 +387,10 @@ int nr_packet_decode(RADIUS_PACKET *packet, const RADIUS_PACKET *original) vp = vp->next; } - if (num_attributes > NR_MAX_ATTRIBUTES) { + if (num_attributes > RS_MAX_ATTRIBUTES) { nr_debug_error("Too many attributes"); nr_vp_free(&packet->vps); - return -NR_ERR_TOO_MANY_ATTRS; + return -RSE_TOO_MANY_ATTRS; } } @@ -398,7 +398,7 @@ int nr_packet_decode(RADIUS_PACKET *packet, const RADIUS_PACKET *original) packet->id = data[1]; memcpy(packet->vector, data + 4, sizeof(packet->vector)); - packet->flags |= NR_PACKET_DECODED; + packet->flags |= RS_PACKET_DECODED; return 0; } @@ -411,9 +411,9 @@ int nr_packet_sign(RADIUS_PACKET *packet, const RADIUS_PACKET *original) const uint8_t *attr, *end; #endif - if ((packet->flags & NR_PACKET_SIGNED) != 0) return 0; + if ((packet->flags & RS_PACKET_SIGNED) != 0) return 0; - if ((packet->flags & NR_PACKET_ENCODED) == 0) { + if ((packet->flags & RS_PACKET_ENCODED) == 0) { int rcode; rcode = nr_packet_encode(packet, original); @@ -426,7 +426,7 @@ int nr_packet_sign(RADIUS_PACKET *packet, const RADIUS_PACKET *original) #ifdef PW_MESSAGE_AUTHENTICATOR if (!original) { nr_debug_error("Original packet is required to create the Message-Authenticator"); - return -NR_ERR_REQUEST_REQUIRED; + return -RSE_REQUEST_REQUIRED; } #endif @@ -483,18 +483,18 @@ int nr_packet_sign(RADIUS_PACKET *packet, const RADIUS_PACKET *original) */ if (!((packet->code == PW_ACCESS_REQUEST) || (packet->code == PW_STATUS_SERVER))) { - NR_MD5_CTX ctx; + RS_MD5_CTX ctx; - nr_MD5Init(&ctx); - nr_MD5Update(&ctx, packet->data, packet->length); - nr_MD5Update(&ctx, packet->secret, packet->sizeof_secret); - nr_MD5Final(packet->vector, &ctx); + RS_MD5Init(&ctx); + RS_MD5Update(&ctx, packet->data, packet->length); + RS_MD5Update(&ctx, packet->secret, packet->sizeof_secret); + RS_MD5Final(packet->vector, &ctx); } memcpy(packet->data + 4, packet->vector, sizeof(packet->vector)); packet->attempts = 0; - packet->flags |= NR_PACKET_SIGNED; + packet->flags |= RS_PACKET_SIGNED; return 0; } @@ -504,28 +504,28 @@ static int can_encode_packet(RADIUS_PACKET *packet, const RADIUS_PACKET *original) { if ((packet->code == 0) || - (packet->code > NR_MAX_PACKET_CODE) || - (original && (original->code > NR_MAX_PACKET_CODE))) { + (packet->code > RS_MAX_PACKET_CODE) || + (original && (original->code > RS_MAX_PACKET_CODE))) { nr_debug_error("Cannot send unknown packet code"); - return -NR_ERR_REQUEST_CODE_INVALID; + return -RSE_INVALID_REQUEST_CODE; } if (!nr_packet_codes[packet->code]) { nr_debug_error("Cannot handle packet code %u", packet->code); - return -NR_ERR_REQUEST_CODE_INVALID; + return -RSE_INVALID_REQUEST_CODE; } #ifdef NR_NO_MALLOC if (!packet->data) { nr_debug_error("No place to put packet"); - return -NR_ERR_NO_PACKET_DATA; + return -RSE_NO_PACKET_DATA; } #endif if (packet->sizeof_data < 20) { nr_debug_error("The buffer is too small to encode the packet"); - return -NR_ERR_PACKET_TOO_SMALL; + return -RSE_PACKET_TOO_SMALL; } /* @@ -540,14 +540,14 @@ static int can_encode_packet(RADIUS_PACKET *packet, if ((allowed_responses[original->code] & mask) == 0) { nr_debug_error("Cannot encode response %u to packet %u", packet->code, original->code); - return -NR_ERR_RESPONSE_CODE_INVALID; + return -RSE_INVALID_RESPONSE_CODE; } packet->id = original->id; } else if (allowed_responses[packet->code] == 0) { nr_debug_error("Cannot encode response %u without original", packet->code); - return -NR_ERR_REQUEST_REQUIRED; + return -RSE_REQUEST_REQUIRED; } return 0; @@ -555,7 +555,7 @@ static int can_encode_packet(RADIUS_PACKET *packet, static void encode_header(RADIUS_PACKET *packet) { - if ((packet->flags & NR_PACKET_HEADER) != 0) return; + if ((packet->flags & RS_PACKET_HEADER) != 0) return; memset(packet->data, 0, 20); packet->data[0] = packet->code; @@ -576,7 +576,7 @@ static void encode_header(RADIUS_PACKET *packet) memcpy(packet->data + 4, packet->vector, sizeof(packet->vector)); - packet->flags |= NR_PACKET_HEADER; + packet->flags |= RS_PACKET_HEADER; } int nr_packet_encode(RADIUS_PACKET *packet, const RADIUS_PACKET *original) @@ -589,7 +589,7 @@ int nr_packet_encode(RADIUS_PACKET *packet, const RADIUS_PACKET *original) const VALUE_PAIR *vp; uint8_t *data, *end; - if ((packet->flags & NR_PACKET_ENCODED) != 0) return 0; + if ((packet->flags & RS_PACKET_ENCODED) != 0) return 0; rcode = can_encode_packet(packet, original); if (rcode < 0) return rcode; @@ -642,7 +642,7 @@ int nr_packet_encode(RADIUS_PACKET *packet, const RADIUS_PACKET *original) packet->data[2] = (packet->length >> 8) & 0xff; packet->data[3] = packet->length & 0xff; - packet->flags |= NR_PACKET_ENCODED; + packet->flags |= RS_PACKET_ENCODED; return packet->length; } @@ -696,7 +696,7 @@ int nr_packet_walk(RADIUS_PACKET *packet, void *ctx, uint8_t *attr; const uint8_t *end; - if (!packet || !callback) return -NR_ERR_INVALID_ARG; + if (!packet || !callback) return -RSE_INVAL; rcode = nr_packet_ok(packet); if (rcode < 0) return rcode; @@ -760,7 +760,7 @@ int nr_packet_walk(RADIUS_PACKET *packet, void *ctx, break; default: - return -NR_ERR_INTERNAL_FAILURE; + return -RSE_INTERNAL; } switch (dv_length) { @@ -774,7 +774,7 @@ int nr_packet_walk(RADIUS_PACKET *packet, void *ctx, break; default: - return -NR_ERR_INTERNAL_FAILURE; + return -RSE_INTERNAL; } rcode = do_callback(ctx, callback, @@ -794,17 +794,15 @@ int nr_packet_init(RADIUS_PACKET *packet, const RADIUS_PACKET *original, { int rcode; - if ((code < 0) || (code > NR_MAX_PACKET_CODE)) { - return -NR_ERR_REQUEST_CODE_INVALID; + if ((code < 0) || (code > RS_MAX_PACKET_CODE)) { + return -RSE_INVALID_REQUEST_CODE; } - if (!data || (sizeof_data < 20)) return -NR_ERR_INVALID_ARG; - - if (!secret || !*secret) return -NR_ERR_INVALID_ARG; + if (!data || (sizeof_data < 20)) return -RSE_INVAL; memset(packet, 0, sizeof(*packet)); packet->secret = secret; - packet->sizeof_secret = strlen(secret); + packet->sizeof_secret = secret ? strlen(secret) : 0; packet->code = code; packet->id = 0; packet->data = data; @@ -832,7 +830,7 @@ static int pack_eap(RADIUS_PACKET *packet, end = attr + packet->sizeof_data; while (left > 253) { - if ((attr + 255) > end) return -NR_ERR_ATTR_OVERFLOW; + if ((attr + 255) > end) return -RSE_ATTR_OVERFLOW; attr[0] = PW_EAP_MESSAGE; attr[1] = 255; @@ -842,7 +840,7 @@ static int pack_eap(RADIUS_PACKET *packet, left -= 253; } - if ((attr + (2 + left)) > end) return -NR_ERR_ATTR_OVERFLOW; + if ((attr + (2 + left)) > end) return -RSE_ATTR_OVERFLOW; attr[0] = PW_EAP_MESSAGE; attr[1] = 2 + left; @@ -864,27 +862,27 @@ ssize_t nr_packet_attr_append(RADIUS_PACKET *packet, const VALUE_PAIR *vp; if (!packet || !da || !data) { - return -NR_ERR_INVALID_ARG; + return -RSE_INVAL; } if (data_len == 0) { - if (da->type != NR_TYPE_STRING) return -NR_ERR_ATTR_TOO_SMALL; + if (da->type != RS_TYPE_STRING) return -RSE_ATTR_TOO_SMALL; data_len = strlen(data); } - packet->flags |= NR_PACKET_ENCODED; /* ignore any VPs */ + packet->flags |= RS_PACKET_ENCODED; /* ignore any VPs */ attr = packet->data + packet->length; end = attr + packet->sizeof_data; if ((attr + 2 + data_len) > end) { - return -NR_ERR_ATTR_OVERFLOW; + return -RSE_ATTR_OVERFLOW; } if ((da->flags.length != 0) && (data_len != da->flags.length)) { - return -NR_ERR_ATTR_VALUE_MALFORMED; + return -RSE_ATTR_VALUE_MALFORMED; } #ifdef PW_EAP_MESSAGE @@ -897,7 +895,7 @@ ssize_t nr_packet_attr_append(RADIUS_PACKET *packet, } #endif - if (data_len > 253) return -NR_ERR_ATTR_TOO_LARGE; + if (data_len > 253) return -RSE_ATTR_TOO_LARGE; vp = nr_vp_init(&my_vp, da); rcode = nr_vp_set_data(&my_vp, data, data_len); diff --git a/lib/radius/parse.c b/lib/radius/parse.c index 6b593a8..cd7491a 100644 --- a/lib/radius/parse.c +++ b/lib/radius/parse.c @@ -29,7 +29,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * \brief Routines to parse strings into internal data structures */ -#include <networkradius-devel/client.h> +#include "client.h" #include <arpa/inet.h> ssize_t nr_vp_sscanf_value(VALUE_PAIR *vp, const char *value) @@ -37,43 +37,43 @@ ssize_t nr_vp_sscanf_value(VALUE_PAIR *vp, const char *value) char *end; switch (vp->da->type) { - case NR_TYPE_STRING: + case RS_TYPE_STRING: strlcpy(vp->vp_strvalue, value, sizeof(vp->vp_strvalue)); vp->length = strlen(vp->vp_strvalue); return vp->length; - case NR_TYPE_DATE: - case NR_TYPE_INTEGER: + case RS_TYPE_DATE: + case RS_TYPE_INTEGER: vp->vp_integer = strtoul(value, &end, 10); if ((value == end) || (*end != '\0')) { nr_debug_error("Invalid value"); - return -NR_ERR_ATTR_VALUE_MALFORMED; + return -RSE_ATTR_VALUE_MALFORMED; } return (end - value); - case NR_TYPE_IPADDR: + case RS_TYPE_IPADDR: if (inet_pton(AF_INET, value, &vp->vp_ipaddr) < 0) { - return -NR_ERR_SYSTEM; + return -RSE_NOSYS; } return strlen(value); -#ifdef NR_TYPE_IPV6ADDR - case NR_TYPE_IPV6ADDR: +#ifdef RS_TYPE_IPV6ADDR + case RS_TYPE_IPV6ADDR: if (inet_pton(AF_INET6, value, &vp-vp>ipv6addr) < 0) { - return -NR_ERR_SYSTEM; + return -RSE_NOSYS; } return strlen(value); #endif -#ifdef NR_TYPE_IFID - case NR_TYPE_IFID: +#ifdef RS_TYPE_IFID + case RS_TYPE_IFID: { int i, array[8]; if (sscanf(value, "%02x%02x%02x%02x%02x%02x%02x%02x", &array[0], &array[1], &array[2], &array[3], &array[4], &array[5], &array[6], &array[7]) != 8) { - return -NR_ERR_SYSTEM; + return -RSE_SYSTEM; } for (i = 0; i < 8; i++) vp->vp_ifid[i] = array[i] & 0xff; @@ -84,7 +84,7 @@ ssize_t nr_vp_sscanf_value(VALUE_PAIR *vp, const char *value) default: nr_debug_error("Invalid type"); - return -NR_ERR_ATTR_TYPE_UNKNOWN; + return -RSE_ATTR_TYPE_UNKNOWN; } return 0; @@ -99,7 +99,7 @@ int nr_vp_sscanf(const char *string, VALUE_PAIR **pvp) VALUE_PAIR *vp; char buffer[256]; - if (!string || !pvp) return -NR_ERR_INVALID_ARG; + if (!string || !pvp) return -RSE_INVAL; p = string; q = buffer; @@ -110,26 +110,26 @@ int nr_vp_sscanf(const char *string, VALUE_PAIR **pvp) if (q == buffer) { nr_debug_error("No Attribute name"); - return -NR_ERR_ATTR_BAD_NAME; + return -RSE_ATTR_BAD_NAME; } da = nr_dict_attr_byname(buffer); if (!da) { nr_debug_error("Unknown attribute \"%s\"", buffer); - return -NR_ERR_ATTR_UNKNOWN; + return -RSE_ATTR_UNKNOWN; } while (*p == ' ') p++; if (*p != '=') { nr_debug_error("Unexpected text after attribute name"); - return -NR_ERR_ATTR_BAD_NAME; + return -RSE_ATTR_BAD_NAME; } p++; while (*p == ' ') p++; vp = nr_vp_alloc(da); - if (!vp) return -NR_ERR_NO_MEM; + if (!vp) return -RSE_NOMEM; rcode = nr_vp_sscanf_value(vp, p); if (rcode < 0) { diff --git a/lib/radius/print.c b/lib/radius/print.c index abe4255..28dd0a6 100644 --- a/lib/radius/print.c +++ b/lib/radius/print.c @@ -29,9 +29,9 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * \brief Functions to print things. */ -#include <networkradius-devel/client.h> +#include "client.h" #include <string.h> -#ifdef NR_TYPE_IPV6ADDR +#ifdef RS_TYPE_IPV6ADDR #include <arpa/inet.h> #endif @@ -51,7 +51,7 @@ void nr_packet_print_hex(RADIUS_PACKET *packet) printf("%02x", packet->data[i]); } printf("\n"); - if ((packet->flags & NR_PACKET_SIGNED) == 0) printf("\t\tWARNING: nr_packet_sign() was not called!\n"); + if ((packet->flags & RS_PACKET_SIGNED) == 0) printf("\t\tWARNING: nr_packet_sign() was not called!\n"); if (packet->length > 20) { int total; @@ -106,21 +106,21 @@ size_t nr_vp_snprintf_value(char *buffer, size_t buflen, const VALUE_PAIR *vp) char *p = buffer; switch (vp->da->type) { - case NR_TYPE_STRING: + case RS_TYPE_STRING: /* * FIXME: escape backslash && quotes! */ - len = snprintf(p, buflen, "\"%s\"", vp->vp_strvalue); + len = snprintf(p, buflen, "%s", vp->vp_strvalue); break; - case NR_TYPE_DATE: - case NR_TYPE_INTEGER: - case NR_TYPE_SHORT: - case NR_TYPE_BYTE: + case RS_TYPE_DATE: + case RS_TYPE_INTEGER: + case RS_TYPE_SHORT: + case RS_TYPE_BYTE: len = snprintf(p, buflen, "%u", vp->vp_integer); break; - case NR_TYPE_IPADDR: + case RS_TYPE_IPADDR: len = snprintf(p, buflen, "%u.%u.%u.%u", (vp->vp_ipaddr >> 24) & 0xff, (vp->vp_ipaddr >> 16) & 0xff, @@ -128,16 +128,16 @@ size_t nr_vp_snprintf_value(char *buffer, size_t buflen, const VALUE_PAIR *vp) vp->vp_ipaddr & 0xff); break; -#ifdef NR_TYPE_IPV6ADDR - case NR_TYPE_IPV6ADDR: +#ifdef RS_TYPE_IPV6ADDR + case RS_TYPE_IPV6ADDR: if (!inet_ntop(AF_INET6, &vp->vp_ipv6addr, buffer, buflen)) { - return -NR_ERR_SYSTEM; + return -RSE_SYSTEM; } break; #endif -#ifdef NR_TYPE_IFID - case NR_TYPE_IFID: +#ifdef RS_TYPE_IFID + case RS_TYPE_IFID: len = snprintf(p, buflen, "%02x%02x%02x%02x%02x%02x%02x%02x", vp->vp_ifid[0], vp->vp_ifid[1], vp->vp_ifid[2], vp->vp_ifid[3], @@ -146,7 +146,7 @@ size_t nr_vp_snprintf_value(char *buffer, size_t buflen, const VALUE_PAIR *vp) break; #endif - case NR_TYPE_OCTETS: + case RS_TYPE_OCTETS: len = snprintf(p, buflen, "0x"); if (len >= buflen) return 0; @@ -224,42 +224,3 @@ void nr_strerror_printf(const char *fmt, ...) } /** \endcond */ -const char *nr_strerror(int error) -{ - if (error == 0) return nr_strerror_buffer; - - if (error < 0) error = -error; - - switch (error) { - default: return "Unknown error"; - case NR_ERR_SYSTEM: return strerror(errno); - - case NR_ERR_INVALID_ARG: return "Invalid argument"; - case NR_ERR_PACKET_TOO_SMALL: return "Packet is too small"; - case NR_ERR_PACKET_TOO_LARGE: return "Packet is too large"; - case NR_ERR_ATTR_OVERFLOW: return "Attribute overflows packet"; - case NR_ERR_ATTR_TOO_SMALL: return "Attribute is too small"; - case NR_ERR_ATTR_TOO_LARGE: return "Attribute is too large"; - case NR_ERR_ATTR_UNKNOWN: return "Unknown attribute"; - case NR_ERR_ATTR_BAD_NAME: return "Invalid name for attribute"; - case NR_ERR_ATTR_VALUE_MALFORMED: return "Invalid value for attribute"; - case NR_ERR_ATTR_INVALID: return "Invalid attribute"; - case NR_ERR_TOO_MANY_ATTRS: return "Too many attributes in the packet"; - case NR_ERR_ATTR_TYPE_UNKNOWN: return "Attribute type unknown"; - case NR_ERR_MSG_AUTH_LEN: return "Invalid Message-Authenticator"; - case NR_ERR_MSG_AUTH_WRONG: return "Incorrect Message-Authenticator"; - case NR_ERR_REQUEST_REQUIRED: return "Request is required"; - case NR_ERR_REQUEST_CODE_INVALID: return "Invalid request code"; - case NR_ERR_AUTH_VECTOR_WRONG: return "Incorrect Request Authenticator"; - case NR_ERR_RESPONSE_CODE_INVALID: return "Response code is unsupported"; - case NR_ERR_RESPONSE_ID_INVALID: return "Response ID is invalid"; - case NR_ERR_RESPONSE_SRC_INVALID: return "Response from the wrong src ip/port"; - case NR_ERR_NO_PACKET_DATA: return "Cannot encode the packet"; - case NR_ERR_VENDOR_UNKNOWN: return "Vendor is unknown"; - case NR_ERR_INTERNAL_FAILURE: return "Internal failure"; - case NR_ERR_UNSUPPORTED: return "Unsupported feature"; - case NR_ERR_NO_MEM: return "Out of memory"; - case NR_ERR_IN_USE: return "Resource is in use"; - - } -} diff --git a/lib/radius/radius.h b/lib/radius/radius.h deleted file mode 100644 index cfc16b7..0000000 --- a/lib/radius/radius.h +++ /dev/null @@ -1,314 +0,0 @@ -/* Automatically generated file. Do not edit */ - -#define VENDORPEC_MICROSOFT 311 -#define VENDORPEC_EXAMPLE 65535 - - -/* IETF */ -#define PW_USER_NAME 1 -#define PW_USER_PASSWORD 2 -#define PW_CHAP_PASSWORD 3 -#define PW_NAS_IP_ADDRESS 4 -#define PW_NAS_PORT 5 -#define PW_SERVICE_TYPE 6 -#define PW_FRAMED_PROTOCOL 7 -#define PW_FRAMED_IP_ADDRESS 8 -#define PW_FRAMED_IP_NETMASK 9 -#define PW_FRAMED_ROUTING 10 -#define PW_FILTER_ID 11 -#define PW_FRAMED_MTU 12 -#define PW_FRAMED_COMPRESSION 13 -#define PW_LOGIN_IP_HOST 14 -#define PW_LOGIN_SERVICE 15 -#define PW_LOGIN_TCP_PORT 16 -#define PW_REPLY_MESSAGE 18 -#define PW_CALLBACK_NUMBER 19 -#define PW_CALLBACK_ID 20 -#define PW_FRAMED_ROUTE 22 -#define PW_FRAMED_IPX_NETWORK 23 -#define PW_STATE 24 -#define PW_CLASS 25 -#define PW_VENDOR_SPECIFIC 26 -#define PW_SESSION_TIMEOUT 27 -#define PW_IDLE_TIMEOUT 28 -#define PW_TERMINATION_ACTION 29 -#define PW_CALLED_STATION_ID 30 -#define PW_CALLING_STATION_ID 31 -#define PW_NAS_IDENTIFIER 32 -#define PW_PROXY_STATE 33 -#define PW_LOGIN_LAT_SERVICE 34 -#define PW_LOGIN_LAT_NODE 35 -#define PW_LOGIN_LAT_GROUP 36 -#define PW_FRAMED_APPLETALK_LINK 37 -#define PW_FRAMED_APPLETALK_NETWORK 38 -#define PW_FRAMED_APPLETALK_ZONE 39 -#define PW_ACCT_STATUS_TYPE 40 -#define PW_ACCT_DELAY_TIME 41 -#define PW_ACCT_INPUT_OCTETS 42 -#define PW_ACCT_OUTPUT_OCTETS 43 -#define PW_ACCT_SESSION_ID 44 -#define PW_ACCT_AUTHENTIC 45 -#define PW_ACCT_SESSION_TIME 46 -#define PW_ACCT_INPUT_PACKETS 47 -#define PW_ACCT_OUTPUT_PACKETS 48 -#define PW_ACCT_TERMINATE_CAUSE 49 -#define PW_ACCT_MULTI_SESSION_ID 50 -#define PW_ACCT_LINK_COUNT 51 -#define PW_ACCT_INPUT_GIGAWORDS 52 -#define PW_ACCT_OUTPUT_GIGAWORDS 53 -#define PW_EVENT_TIMESTAMP 55 -#define PW_EGRESS_VLANID 56 -#define PW_INGRESS_FILTERS 57 -#define PW_EGRESS_VLAN_NAME 58 -#define PW_USER_PRIORITY_TABLE 59 -#define PW_CHAP_CHALLENGE 60 -#define PW_NAS_PORT_TYPE 61 -#define PW_PORT_LIMIT 62 -#define PW_LOGIN_LAT_PORT 63 -#define PW_TUNNEL_TYPE 64 -#define PW_TUNNEL_MEDIUM_TYPE 65 -#define PW_TUNNEL_CLIENT_ENDPOINT 66 -#define PW_TUNNEL_SERVER_ENDPOINT 67 -#define PW_ACCT_TUNNEL_CONNECTION 68 -#define PW_TUNNEL_PASSWORD 69 -#define PW_ARAP_PASSWORD 70 -#define PW_ARAP_FEATURES 71 -#define PW_ARAP_ZONE_ACCESS 72 -#define PW_ARAP_SECURITY 73 -#define PW_ARAP_SECURITY_DATA 74 -#define PW_PASSWORD_RETRY 75 -#define PW_PROMPT 76 -#define PW_CONNECT_INFO 77 -#define PW_CONFIGURATION_TOKEN 78 -#define PW_EAP_MESSAGE 79 -#define PW_MESSAGE_AUTHENTICATOR 80 -#define PW_TUNNEL_PRIVATE_GROUP_ID 81 -#define PW_TUNNEL_ASSIGNMENT_ID 82 -#define PW_TUNNEL_PREFERENCE 83 -#define PW_ARAP_CHALLENGE_RESPONSE 84 -#define PW_ACCT_INTERIM_INTERVAL 85 -#define PW_ACCT_TUNNEL_PACKETS_LOST 86 -#define PW_NAS_PORT_ID 87 -#define PW_FRAMED_POOL 88 -#define PW_CHARGEABLE_USER_IDENTITY 89 -#define PW_TUNNEL_CLIENT_AUTH_ID 90 -#define PW_TUNNEL_SERVER_AUTH_ID 91 -#define PW_NAS_FILTER_RULE 92 -#define PW_NAS_IPV6_ADDRESS 95 -#define PW_FRAMED_INTERFACE_ID 96 -#define PW_FRAMED_IPV6_PREFIX 97 -#define PW_LOGIN_IPV6_HOST 98 -#define PW_FRAMED_IPV6_ROUTE 99 -#define PW_FRAMED_IPV6_POOL 100 -#define PW_ERROR_CAUSE 101 -#define PW_EAP_KEY_NAME 102 -#define PW_DIGEST_RESPONSE 103 -#define PW_DIGEST_REALM 104 -#define PW_DIGEST_NONCE 105 -#define PW_DIGEST_RESPONSE_AUTH 106 -#define PW_DIGEST_NEXTNONCE 107 -#define PW_DIGEST_METHOD 108 -#define PW_DIGEST_URI 109 -#define PW_DIGEST_QOP 110 -#define PW_DIGEST_ALGORITHM 111 -#define PW_DIGEST_ENTITY_BODY_HASH 112 -#define PW_DIGEST_CNONCE 113 -#define PW_DIGEST_NONCE_COUNT 114 -#define PW_DIGEST_USERNAME 115 -#define PW_DIGEST_OPAQUE 116 -#define PW_DIGEST_AUTH_PARAM 117 -#define PW_DIGEST_AKA_AUTS 118 -#define PW_DIGEST_DOMAIN 119 -#define PW_DIGEST_STALE 120 -#define PW_DIGEST_HA1 121 -#define PW_SIP_AOR 122 -#define PW_DELEGATED_IPV6_PREFIX 123 -#define PW_OPERATOR_NAME 126 -#define PW_LOCATION_INFORMATION 127 -#define PW_LOCATION_DATA 128 -#define PW_BASIC_LOCATION_POLICY_RULES 129 -#define PW_EXTENDED_LOCATION_POLICY_RULES 130 -#define PW_LOCATION_CAPABLE 131 -#define PW_REQUESTED_LOCATION_INFO 132 -#define PW_FRAMED_MANAGEMENT 133 -#define PW_MANAGEMENT_TRANSPORT_PROTECTION 134 -#define PW_MANAGEMENT_POLICY_ID 135 -#define PW_MANAGEMENT_PRIVILEGE_LEVEL 136 -#define PW_PKM_SS_CERT 137 -#define PW_PKM_CA_CERT 138 -#define PW_PKM_CONFIG_SETTINGS 139 -#define PW_PKM_CRYPTOSUITE_LIST 140 -#define PW_PKM_SAID 141 -#define PW_PKM_SA_DESCRIPTOR 142 -#define PW_PKM_AUTH_KEY 143 - -/* Microsoft */ -#define PW_MS_CHAP_RESPONSE 1 -#define PW_MS_CHAP_ERROR 2 -#define PW_MS_MPPE_ENCRYPTION_POLICY 7 -#define PW_MS_MPPE_ENCRYPTION_TYPES 8 -#define PW_MS_CHAP_DOMAIN 10 -#define PW_MS_CHAP_CHALLENGE 11 -#define PW_MS_CHAP_MPPE_KEYS 12 -#define PW_MS_MPPE_SEND_KEY 16 -#define PW_MS_MPPE_RECV_KEY 17 -#define PW_MS_CHAP2_RESPONSE 25 -#define PW_MS_CHAP2_SUCCESS 26 - -/* example */ -#define PW_EXAMPLE_INTEGER 1 -#define PW_EXAMPLE_STRING 2 -#define PW_EXAMPLE_IP_ADDRESS 3 - -/* Fixed offsets to dictionary definitions of attributes */ -#define NR_DA_USER_NAME (&nr_dict_attrs[1]) -#define NR_DA_USER_PASSWORD (&nr_dict_attrs[2]) -#define NR_DA_CHAP_PASSWORD (&nr_dict_attrs[3]) -#define NR_DA_NAS_IP_ADDRESS (&nr_dict_attrs[4]) -#define NR_DA_NAS_PORT (&nr_dict_attrs[5]) -#define NR_DA_SERVICE_TYPE (&nr_dict_attrs[6]) -#define NR_DA_FRAMED_PROTOCOL (&nr_dict_attrs[7]) -#define NR_DA_FRAMED_IP_ADDRESS (&nr_dict_attrs[8]) -#define NR_DA_FRAMED_IP_NETMASK (&nr_dict_attrs[9]) -#define NR_DA_FRAMED_ROUTING (&nr_dict_attrs[10]) -#define NR_DA_FILTER_ID (&nr_dict_attrs[11]) -#define NR_DA_FRAMED_MTU (&nr_dict_attrs[12]) -#define NR_DA_FRAMED_COMPRESSION (&nr_dict_attrs[13]) -#define NR_DA_LOGIN_IP_HOST (&nr_dict_attrs[14]) -#define NR_DA_LOGIN_SERVICE (&nr_dict_attrs[15]) -#define NR_DA_LOGIN_TCP_PORT (&nr_dict_attrs[16]) -#define NR_DA_REPLY_MESSAGE (&nr_dict_attrs[18]) -#define NR_DA_CALLBACK_NUMBER (&nr_dict_attrs[19]) -#define NR_DA_CALLBACK_ID (&nr_dict_attrs[20]) -#define NR_DA_FRAMED_ROUTE (&nr_dict_attrs[22]) -#define NR_DA_FRAMED_IPX_NETWORK (&nr_dict_attrs[23]) -#define NR_DA_STATE (&nr_dict_attrs[24]) -#define NR_DA_CLASS (&nr_dict_attrs[25]) -#define NR_DA_VENDOR_SPECIFIC (&nr_dict_attrs[26]) -#define NR_DA_SESSION_TIMEOUT (&nr_dict_attrs[27]) -#define NR_DA_IDLE_TIMEOUT (&nr_dict_attrs[28]) -#define NR_DA_TERMINATION_ACTION (&nr_dict_attrs[29]) -#define NR_DA_CALLED_STATION_ID (&nr_dict_attrs[30]) -#define NR_DA_CALLING_STATION_ID (&nr_dict_attrs[31]) -#define NR_DA_NAS_IDENTIFIER (&nr_dict_attrs[32]) -#define NR_DA_PROXY_STATE (&nr_dict_attrs[33]) -#define NR_DA_LOGIN_LAT_SERVICE (&nr_dict_attrs[34]) -#define NR_DA_LOGIN_LAT_NODE (&nr_dict_attrs[35]) -#define NR_DA_LOGIN_LAT_GROUP (&nr_dict_attrs[36]) -#define NR_DA_FRAMED_APPLETALK_LINK (&nr_dict_attrs[37]) -#define NR_DA_FRAMED_APPLETALK_NETWORK (&nr_dict_attrs[38]) -#define NR_DA_FRAMED_APPLETALK_ZONE (&nr_dict_attrs[39]) -#define NR_DA_ACCT_STATUS_TYPE (&nr_dict_attrs[40]) -#define NR_DA_ACCT_DELAY_TIME (&nr_dict_attrs[41]) -#define NR_DA_ACCT_INPUT_OCTETS (&nr_dict_attrs[42]) -#define NR_DA_ACCT_OUTPUT_OCTETS (&nr_dict_attrs[43]) -#define NR_DA_ACCT_SESSION_ID (&nr_dict_attrs[44]) -#define NR_DA_ACCT_AUTHENTIC (&nr_dict_attrs[45]) -#define NR_DA_ACCT_SESSION_TIME (&nr_dict_attrs[46]) -#define NR_DA_ACCT_INPUT_PACKETS (&nr_dict_attrs[47]) -#define NR_DA_ACCT_OUTPUT_PACKETS (&nr_dict_attrs[48]) -#define NR_DA_ACCT_TERMINATE_CAUSE (&nr_dict_attrs[49]) -#define NR_DA_ACCT_MULTI_SESSION_ID (&nr_dict_attrs[50]) -#define NR_DA_ACCT_LINK_COUNT (&nr_dict_attrs[51]) -#define NR_DA_ACCT_INPUT_GIGAWORDS (&nr_dict_attrs[52]) -#define NR_DA_ACCT_OUTPUT_GIGAWORDS (&nr_dict_attrs[53]) -#define NR_DA_EVENT_TIMESTAMP (&nr_dict_attrs[55]) -#define NR_DA_EGRESS_VLANID (&nr_dict_attrs[56]) -#define NR_DA_INGRESS_FILTERS (&nr_dict_attrs[57]) -#define NR_DA_EGRESS_VLAN_NAME (&nr_dict_attrs[58]) -#define NR_DA_USER_PRIORITY_TABLE (&nr_dict_attrs[59]) -#define NR_DA_CHAP_CHALLENGE (&nr_dict_attrs[60]) -#define NR_DA_NAS_PORT_TYPE (&nr_dict_attrs[61]) -#define NR_DA_PORT_LIMIT (&nr_dict_attrs[62]) -#define NR_DA_LOGIN_LAT_PORT (&nr_dict_attrs[63]) -#define NR_DA_TUNNEL_TYPE (&nr_dict_attrs[64]) -#define NR_DA_TUNNEL_MEDIUM_TYPE (&nr_dict_attrs[65]) -#define NR_DA_TUNNEL_CLIENT_ENDPOINT (&nr_dict_attrs[66]) -#define NR_DA_TUNNEL_SERVER_ENDPOINT (&nr_dict_attrs[67]) -#define NR_DA_ACCT_TUNNEL_CONNECTION (&nr_dict_attrs[68]) -#define NR_DA_TUNNEL_PASSWORD (&nr_dict_attrs[69]) -#define NR_DA_ARAP_PASSWORD (&nr_dict_attrs[70]) -#define NR_DA_ARAP_FEATURES (&nr_dict_attrs[71]) -#define NR_DA_ARAP_ZONE_ACCESS (&nr_dict_attrs[72]) -#define NR_DA_ARAP_SECURITY (&nr_dict_attrs[73]) -#define NR_DA_ARAP_SECURITY_DATA (&nr_dict_attrs[74]) -#define NR_DA_PASSWORD_RETRY (&nr_dict_attrs[75]) -#define NR_DA_PROMPT (&nr_dict_attrs[76]) -#define NR_DA_CONNECT_INFO (&nr_dict_attrs[77]) -#define NR_DA_CONFIGURATION_TOKEN (&nr_dict_attrs[78]) -#define NR_DA_EAP_MESSAGE (&nr_dict_attrs[79]) -#define NR_DA_MESSAGE_AUTHENTICATOR (&nr_dict_attrs[80]) -#define NR_DA_TUNNEL_PRIVATE_GROUP_ID (&nr_dict_attrs[81]) -#define NR_DA_TUNNEL_ASSIGNMENT_ID (&nr_dict_attrs[82]) -#define NR_DA_TUNNEL_PREFERENCE (&nr_dict_attrs[83]) -#define NR_DA_ARAP_CHALLENGE_RESPONSE (&nr_dict_attrs[84]) -#define NR_DA_ACCT_INTERIM_INTERVAL (&nr_dict_attrs[85]) -#define NR_DA_ACCT_TUNNEL_PACKETS_LOST (&nr_dict_attrs[86]) -#define NR_DA_NAS_PORT_ID (&nr_dict_attrs[87]) -#define NR_DA_FRAMED_POOL (&nr_dict_attrs[88]) -#define NR_DA_CHARGEABLE_USER_IDENTITY (&nr_dict_attrs[89]) -#define NR_DA_TUNNEL_CLIENT_AUTH_ID (&nr_dict_attrs[90]) -#define NR_DA_TUNNEL_SERVER_AUTH_ID (&nr_dict_attrs[91]) -#define NR_DA_NAS_FILTER_RULE (&nr_dict_attrs[92]) -#define NR_DA_NAS_IPV6_ADDRESS (&nr_dict_attrs[95]) -#define NR_DA_FRAMED_INTERFACE_ID (&nr_dict_attrs[96]) -#define NR_DA_FRAMED_IPV6_PREFIX (&nr_dict_attrs[97]) -#define NR_DA_LOGIN_IPV6_HOST (&nr_dict_attrs[98]) -#define NR_DA_FRAMED_IPV6_ROUTE (&nr_dict_attrs[99]) -#define NR_DA_FRAMED_IPV6_POOL (&nr_dict_attrs[100]) -#define NR_DA_ERROR_CAUSE (&nr_dict_attrs[101]) -#define NR_DA_EAP_KEY_NAME (&nr_dict_attrs[102]) -#define NR_DA_DIGEST_RESPONSE (&nr_dict_attrs[103]) -#define NR_DA_DIGEST_REALM (&nr_dict_attrs[104]) -#define NR_DA_DIGEST_NONCE (&nr_dict_attrs[105]) -#define NR_DA_DIGEST_RESPONSE_AUTH (&nr_dict_attrs[106]) -#define NR_DA_DIGEST_NEXTNONCE (&nr_dict_attrs[107]) -#define NR_DA_DIGEST_METHOD (&nr_dict_attrs[108]) -#define NR_DA_DIGEST_URI (&nr_dict_attrs[109]) -#define NR_DA_DIGEST_QOP (&nr_dict_attrs[110]) -#define NR_DA_DIGEST_ALGORITHM (&nr_dict_attrs[111]) -#define NR_DA_DIGEST_ENTITY_BODY_HASH (&nr_dict_attrs[112]) -#define NR_DA_DIGEST_CNONCE (&nr_dict_attrs[113]) -#define NR_DA_DIGEST_NONCE_COUNT (&nr_dict_attrs[114]) -#define NR_DA_DIGEST_USERNAME (&nr_dict_attrs[115]) -#define NR_DA_DIGEST_OPAQUE (&nr_dict_attrs[116]) -#define NR_DA_DIGEST_AUTH_PARAM (&nr_dict_attrs[117]) -#define NR_DA_DIGEST_AKA_AUTS (&nr_dict_attrs[118]) -#define NR_DA_DIGEST_DOMAIN (&nr_dict_attrs[119]) -#define NR_DA_DIGEST_STALE (&nr_dict_attrs[120]) -#define NR_DA_DIGEST_HA1 (&nr_dict_attrs[121]) -#define NR_DA_SIP_AOR (&nr_dict_attrs[122]) -#define NR_DA_DELEGATED_IPV6_PREFIX (&nr_dict_attrs[123]) -#define NR_DA_OPERATOR_NAME (&nr_dict_attrs[126]) -#define NR_DA_LOCATION_INFORMATION (&nr_dict_attrs[127]) -#define NR_DA_LOCATION_DATA (&nr_dict_attrs[128]) -#define NR_DA_BASIC_LOCATION_POLICY_RULES (&nr_dict_attrs[129]) -#define NR_DA_EXTENDED_LOCATION_POLICY_RULES (&nr_dict_attrs[130]) -#define NR_DA_LOCATION_CAPABLE (&nr_dict_attrs[131]) -#define NR_DA_REQUESTED_LOCATION_INFO (&nr_dict_attrs[132]) -#define NR_DA_FRAMED_MANAGEMENT (&nr_dict_attrs[133]) -#define NR_DA_MANAGEMENT_TRANSPORT_PROTECTION (&nr_dict_attrs[134]) -#define NR_DA_MANAGEMENT_POLICY_ID (&nr_dict_attrs[135]) -#define NR_DA_MANAGEMENT_PRIVILEGE_LEVEL (&nr_dict_attrs[136]) -#define NR_DA_PKM_SS_CERT (&nr_dict_attrs[137]) -#define NR_DA_PKM_CA_CERT (&nr_dict_attrs[138]) -#define NR_DA_PKM_CONFIG_SETTINGS (&nr_dict_attrs[139]) -#define NR_DA_PKM_CRYPTOSUITE_LIST (&nr_dict_attrs[140]) -#define NR_DA_PKM_SAID (&nr_dict_attrs[141]) -#define NR_DA_PKM_SA_DESCRIPTOR (&nr_dict_attrs[142]) -#define NR_DA_PKM_AUTH_KEY (&nr_dict_attrs[143]) -#define NR_DA_MS_CHAP_RESPONSE (&nr_dict_attrs[256]) -#define NR_DA_MS_CHAP_ERROR (&nr_dict_attrs[257]) -#define NR_DA_MS_MPPE_ENCRYPTION_POLICY (&nr_dict_attrs[258]) -#define NR_DA_MS_MPPE_ENCRYPTION_TYPES (&nr_dict_attrs[259]) -#define NR_DA_MS_CHAP_DOMAIN (&nr_dict_attrs[260]) -#define NR_DA_MS_CHAP_CHALLENGE (&nr_dict_attrs[261]) -#define NR_DA_MS_CHAP_MPPE_KEYS (&nr_dict_attrs[262]) -#define NR_DA_MS_MPPE_SEND_KEY (&nr_dict_attrs[263]) -#define NR_DA_MS_MPPE_RECV_KEY (&nr_dict_attrs[264]) -#define NR_DA_MS_CHAP2_RESPONSE (&nr_dict_attrs[265]) -#define NR_DA_MS_CHAP2_SUCCESS (&nr_dict_attrs[266]) -#define NR_DA_EXAMPLE_INTEGER (&nr_dict_attrs[267]) -#define NR_DA_EXAMPLE_STRING (&nr_dict_attrs[268]) -#define NR_DA_EXAMPLE_IP_ADDRESS (&nr_dict_attrs[269]) -/* Automatically generated file. Do not edit */ diff --git a/lib/radius/share/dictionary.ukerna b/lib/radius/share/dictionary.ukerna new file mode 100644 index 0000000..1694566 --- /dev/null +++ b/lib/radius/share/dictionary.ukerna @@ -0,0 +1,19 @@ +# -*- text -*- +# +# GSS-EAP VSAs +# +# $Id$ +# + +VENDOR UKERNA 25622 + +BEGIN-VENDOR UKERNA + +ATTRIBUTE GSS-Acceptor-Service-Name 128 string +ATTRIBUTE GSS-Acceptor-Host-Name 129 string +ATTRIBUTE GSS-Acceptor-Service-Specific 130 string +ATTRIBUTE GSS-Acceptor-Realm-Name 131 string +ATTRIBUTE SAML-AAA-Assertion 132 string +ATTRIBUTE MS-Windows-Auth-Data 133 octets + +END-VENDOR UKERNA diff --git a/lib/radius/static.c b/lib/radius/static.c index d633e5b..bd87272 100644 --- a/lib/radius/static.c +++ b/lib/radius/static.c @@ -29,7 +29,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * \brief Dummy file to include auto-generating static dictionary mappings. */ -#include <networkradius-devel/client.h> +#include "client.h" /* * Include the dynamically generated dictionaries. diff --git a/lib/radius/valuepair.c b/lib/radius/valuepair.c index 603a970..b374fdd 100644 --- a/lib/radius/valuepair.c +++ b/lib/radius/valuepair.c @@ -29,7 +29,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * \brief Functions to manipulate C structure versions of RADIUS attributes. */ -#include <networkradius-devel/client.h> +#include "client.h" void nr_vp_free(VALUE_PAIR **head) { @@ -71,9 +71,7 @@ VALUE_PAIR *nr_vp_alloc(const DICT_ATTR *da) return NULL; } -#ifndef NR_NO_MALLOC vp = malloc(sizeof(*vp)); -#endif if (!vp) { nr_strerror_printf("Out of memory"); return NULL; @@ -87,9 +85,7 @@ VALUE_PAIR *nr_vp_alloc_raw(unsigned int attr, unsigned int vendor) VALUE_PAIR *vp = NULL; DICT_ATTR *da; -#ifndef NR_NO_MALLOC vp = malloc(sizeof(*vp) + sizeof(*da) + 64); -#endif if (!vp) { nr_strerror_printf("Out of memory"); return NULL; @@ -112,24 +108,24 @@ int nr_vp_set_data(VALUE_PAIR *vp, const void *data, size_t sizeof_data) { int rcode = 1; /* OK */ - if (!vp || !data || (sizeof_data == 0)) return -NR_ERR_INVALID_ARG; + if (!vp || !data || (sizeof_data == 0)) return -RSE_INVAL; switch (vp->da->type) { - case NR_TYPE_BYTE: + case RS_TYPE_BYTE: vp->vp_integer = *(const uint8_t *) data; break; - case NR_TYPE_SHORT: + case RS_TYPE_SHORT: vp->vp_integer = *(const uint16_t *) data; break; - case NR_TYPE_INTEGER: - case NR_TYPE_DATE: - case NR_TYPE_IPADDR: + case RS_TYPE_INTEGER: + case RS_TYPE_DATE: + case RS_TYPE_IPADDR: vp->vp_integer = *(const uint32_t *) data; break; - case NR_TYPE_STRING: + case RS_TYPE_STRING: if (sizeof_data >= sizeof(vp->vp_strvalue)) { sizeof_data = sizeof(vp->vp_strvalue) - 1; rcode = 0; /* truncated */ @@ -140,7 +136,7 @@ int nr_vp_set_data(VALUE_PAIR *vp, const void *data, size_t sizeof_data) vp->length = sizeof_data; break; - case NR_TYPE_OCTETS: + case RS_TYPE_OCTETS: if (sizeof_data > sizeof(vp->vp_octets)) { sizeof_data = sizeof(vp->vp_octets); rcode = 0; /* truncated */ @@ -150,7 +146,7 @@ int nr_vp_set_data(VALUE_PAIR *vp, const void *data, size_t sizeof_data) break; default: - return -NR_ERR_ATTR_TYPE_UNKNOWN; + return -RSE_ATTR_TYPE_UNKNOWN; } return rcode; |