summaryrefslogtreecommitdiff
path: root/lib/include/radsec
Commit message (Collapse)AuthorAgeFilesLines
* Parenthesise arguments to helper macros.Linus Nordberg2013-02-141-9/+10
|
* Add support for configuring client connections too.Linus Nordberg2013-02-112-6/+14
| | | | | | | | We're moving x509 and psk config from rs_realm to rs_peer while allowing these to be configured on the realm level and overriden at peer level. Also, add support for printing the read configuration, for debugging.
* Merge branch 'rename-packet-to-message' into libradsec-user-dispatchLinus Nordberg2013-01-244-64/+83
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: lib/include/radsec/radsec.h Original commit message (1e3a2613): Rename most 'package' to 'message'. RADIUS (RFC2865) is defined to be transported over UDP so the term "radius packet" makes a lot of sense. RADIUS/TCP (RFC6613) and RADIUS/TLS (RFC6614), a.k.a. RadSec, use stream transport protocols though. The term "message" doesn't imply any kind of transport -- a message can be sent using datagrams as well as in a stream. This (large) commit changes 'package' to 'message' where it makes sense. It does not touch the 'radius' subdirectory. It includes preprocessor directives (#define) to make the public interface compatible with previous releases of the library.
| * Rename most 'package' to 'message'.Linus Nordberg2013-01-244-46/+60
| | | | | | | | | | | | | | | | | | | | | | | | | | RADIUS (RFC2865) is defined to be transported over UDP so the term "radius packet" makes a lot of sense. RADIUS/TCP (RFC6613) and RADIUS/TLS (RFC6614), a.k.a. RadSec, use stream transport protocols though. The term "message" doesn't imply any kind of transport -- a message can be sent using datagrams as well as in a stream. This (large) commit changes 'package' to 'message' where it makes sense. It does not touch the 'radius' subdirectory. It includes preprocessor directives (#define) to make the public interface compatible with previous releases of the library.
| * s/packet/message take oneLinus Nordberg2013-01-241-21/+28
| |
* | user dispatch WIP 0Linus Nordberg2013-01-241-3/+16
|/
* Rename rs_packet_flags members.Linus Nordberg2013-01-241-3/+3
| | | | | | | | | Uppercase to make them appear as the constants they are, as opposed to variables. Remove 'flag' suffix, typically used for variables. Spell out HEADER.
* Fix a doc comment.Linus Nordberg2013-01-161-4/+5
|
* Rename COPYING -> LICENSE.Linus Nordberg2012-12-194-4/+4
| | | | And distribute LICENSE and HACKING.
* Add formal argument 'secret' to two public functions.Linus Nordberg2012-12-172-5/+9
| | | | | | | | | | The functions are rs_packet_create_authn_request() and rs_request_create_authn(). Attributes of type PW_USER_PASSWORD are supposed to be MD5 obfuscated (see vp2data_any()). NOTE: This is a non-backward compatible API change.
* Merge libradsec-new-client.Linus Nordberg2012-04-275-32/+314
|\
| * add rs_attr_display_name/rs_attr_parse_nameLuke Howard2011-11-141-4/+53
| |
| * remove dictionary configuration parameterLuke Howard2011-11-141-1/+0
| |
| * remove rs_packet_frpktLuke Howard2011-11-141-3/+0
| |
| * port new RADIUS library to WindowsLuke Howard2011-11-141-3/+13
| | | | | | | | | | | | | | | | Conflicts: lib/configure.ac lib/include/radsec/radsec.h lib/radius/client.h
| * remove rs_context_init_freeradius_dictLuke Howard2011-11-141-14/+0
| |
| * port to new RADIUS client libraryLuke Howard2011-11-145-15/+257
| |
* | Add an error code.Linus Nordberg2012-04-261-0/+1
| | | | | | | | Also add error text for missing RSE_CRED.
* | Postpone resolving of DNS names of server.Linus Nordberg2012-04-251-6/+3
| | | | | | | | | | | | | | | | | | | | We used to resolve DNS names when reading configuration. We now do it in event_init_socket() and cache the result in the connection object. The imminent need for changing this is to keep host names around for X509 certificate verification (CNAME and subjectAltName). This will also help later when we implement server failover (and later, when people want to do more dynamic configuration, f.ex. NAPTR).
* | Implement TLS-PSK.Linus Nordberg2012-01-312-0/+9
| |
* | Add TLS PSK configuration options.Linus Nordberg2012-01-241-3/+6
|/
* Define RS_FREERADIUS_DICT and use it when missing "dictionary" in config.Linus Nordberg2011-03-211-0/+6
|
* API AND CONFIG CHANGE: rs_context_create() doesn't take DICT any more.Linus Nordberg2011-03-212-10/+30
| | | | | | | Use rs_context_create() to read FreeRADIUS dictionary, possibly by taking dict file from configuration file. CONFIG CHANGE: s/config/realm/g.
* Remove struct rs_attr and all use of it.Linus Nordberg2011-03-142-23/+1
| | | | | | | A new API for attributes will be added once we've decided how to deal with RADIUS packets internally. For now, removing the half baked wrapping seems more sensible than trying to free rs_attr objects and their VALUE_PAIR's.
* Remove unused resp_msg from struct request.Linus Nordberg2011-03-141-1/+0
|
* Add rs_request_get_reqmsg() and update documentation.Linus Nordberg2011-03-141-8/+13
|
* Add Doxygen documentation for public API.Linus Nordberg2011-03-132-7/+162
|
* Add RSE_DISCO.Linus Nordberg2011-03-091-0/+1
|
* Rename and move around a few helper functions.Linus Nordberg2011-03-091-11/+4
|
* Update rs_err_msg() prototype.Linus Nordberg2011-03-081-2/+2
| | | | | Also, rename enum rs_err_code to not collide with the function named the same.
* Timeout implemented in request objects, supported by TCP.Linus Nordberg2011-03-082-3/+7
| | | | TODO: UDP.
* Clean up struct rs_error somewhat.Linus Nordberg2011-03-081-1/+0
| | | | More to be done here!
* Move verification of response packets up to a level where it makes sense.Linus Nordberg2011-03-071-6/+8
| | | | | | | | | | | | | | | | | | | | | Replace the user_dispatch_flag on connections with conn_user_dispatch_p(). Remove the 'original' member from packet and instead have an upper layer verify. Rename packet valid_flag --> received_flag to reflect that we don't verify. Move _close_conn() --> conn_close(). Move packet flags into a single unsigned int, for portability. (_read_packet): Don't verify packet. (rs_conn_receive_packet): Don't touch PKT_OUT if there isn't a packet. (rs_conn_receive_packet): Verify packet using packet_verify_response().
* request: Save callers user_data and do invoke callers callbacks.Linus Nordberg2011-03-061-0/+1
|
* UDP w/o bufferevents, part 1.Linus Nordberg2011-03-061-3/+10
| | | | Sending, no retransmitting and no receiving.
* Don't free config object until we destroy the context.Linus Nordberg2011-03-061-0/+2
|
* Be consistent with naming of formal arguments.Linus Nordberg2011-03-021-1/+1
|
* Error handling cleanup 3.Linus Nordberg2011-03-011-1/+2
| | | | Split timeout errors in connecting and I/O.
* Error handling cleanupLinus Nordberg2011-03-011-1/+0
| | | | | Remove RSE_SOME_ERROR. rs_tls_init: Push SSL error stack on libradsec error stack.
* Add RSE_INVAL.Linus Nordberg2011-03-011-0/+1
|
* Remove last trace of server and client in API.Linus Nordberg2011-02-281-5/+5
|
* Rename relevant functions to reflect authn as opposed to authz.Linus Nordberg2011-02-282-8/+11
| | | | Also add a "bare" create request function.
* API changes: rs_client* --> rs_peer.Linus Nordberg2011-02-281-7/+7
| | | | | Move peer (former server) things to new file peer.c. Update examples.
* Cosmetic header file changes.Linus Nordberg2011-02-282-29/+43
|
* API change. Have the request object create its own request message.Linus Nordberg2011-02-252-4/+4
|
* Get rid of loopbreak as a mean for signalling successful packet handling.Linus Nordberg2011-02-251-0/+2
| | | | | | | | | | | | | In blocking mode, breaking the event loop with loopbreak will probably be needed for exceptions like timeout so we shouldn't use it for breaking the loop and signalling success. In the user callbaks used in blocking mode (_rcb and _wcb), disable read and write events on the event buffer. This will stop the loop. Also, set a flag in the packet struct to signal success. In the "low level callbacks" (_read_cb and _write_cb), enable read or write, accordingly.
* Config file changes and small API changes.Linus Nordberg2011-02-242-13/+17
| | | | | | | | 'timeout' and 'tries' move from 'server' stanza to top. 'tries' is now 'retries'. Moving around in internal data structs, making struct peer strictly config. Bug fixes in configuration code. Adding some more cleanup code, freeing allocated memory (still not done!).
* Improve protocol robustness and invoke user callbacks.Linus Nordberg2011-02-191-8/+10
| | | | | | | | | | | | All aborts are removed, as well as all asserts which aren't programming errors. When an invalid packet is received, the connection is closed, as per draft-ietf-radext-tcp-transport-08 (2.6.4). Use new rs_debug() macro rather than fprintf() for debug printouts. Coding style overhaul.
* Add comments on some error codes.Linus Nordberg2011-02-041-4/+4
|
* Reorder function prototypes.Linus Nordberg2011-02-021-1/+1
|