From a13cddc1331aa1f5e7dca7d1b44482951d2757bf Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Sun, 13 Nov 2011 17:16:14 +1100 Subject: port to new RADIUS client library --- lib/include/Makefile.am | 7 +- lib/include/radsec/.gitignore | 1 + lib/include/radsec/radsec-impl.h | 15 ++- lib/include/radsec/radsec.h | 246 ++++++++++++++++++++++++++++++++++++-- lib/include/radsec/request-impl.h | 5 + lib/include/radsec/request.h | 5 + 6 files changed, 263 insertions(+), 16 deletions(-) create mode 100644 lib/include/radsec/.gitignore (limited to 'lib/include') diff --git a/lib/include/Makefile.am b/lib/include/Makefile.am index 5b02eb2..33b898c 100644 --- a/lib/include/Makefile.am +++ b/lib/include/Makefile.am @@ -2,6 +2,11 @@ RADSEC_EXPORT = \ radsec/radsec.h \ radsec/radsec-impl.h \ radsec/request.h \ - radsec/request-impl.h + radsec/request-impl.h \ + radsec/radius.h EXTRA_SRC = $(RADSEC_EXPORT) nobase_include_HEADERS = $(RADSEC_EXPORT) + +clean-local: + rm -f radsec/radius.h + diff --git a/lib/include/radsec/.gitignore b/lib/include/radsec/.gitignore new file mode 100644 index 0000000..c20d18b --- /dev/null +++ b/lib/include/radsec/.gitignore @@ -0,0 +1 @@ +radius.h diff --git a/lib/include/radsec/radsec-impl.h b/lib/include/radsec/radsec-impl.h index f8891ee..2df632a 100644 --- a/lib/include/radsec/radsec-impl.h +++ b/lib/include/radsec/radsec-impl.h @@ -3,7 +3,9 @@ /* See the file COPYING for licensing information. */ -#include +#ifndef _RADSEC_RADSEC_IMPL_H_ +#define _RADSEC_RADSEC_IMPL_H_ 1 + #include #include #if defined(RS_ENABLE_TLS) @@ -69,7 +71,6 @@ struct rs_context { struct rs_config *config; struct rs_alloc_scheme alloc_scheme; struct rs_error *err; - fr_randctx fr_randctx; }; struct rs_connection { @@ -108,11 +109,13 @@ enum rs_packet_flags { rs_packet_sent_flag, }; +struct radius_packet; + struct rs_packet { struct rs_connection *conn; unsigned int flags; uint8_t hdr[RS_HEADER_LEN]; - RADIUS_PACKET *rpkt; /* FreeRADIUS object. */ + struct radius_packet *rpkt; /* FreeRADIUS object. */ struct rs_packet *next; /* Used for UDP output queue. */ }; @@ -121,6 +124,10 @@ struct rs_error *rs_resolv (struct evutil_addrinfo **addr, rs_conn_type_t type, const char *hostname, const char *service); + +/** Return the internal packet associated with packet \a pkt. */ +struct radius_packet *rs_packet_frpkt(struct rs_packet *pkt); + #if defined (__cplusplus) } #endif @@ -137,6 +144,8 @@ struct rs_error *rs_resolv (struct evutil_addrinfo **addr, #define min(a, b) ((a) < (b) ? (a) : (b)) #define max(a, b) ((a) > (b) ? (a) : (b)) +#endif /* _RADSEC_RADSEC_IMPL_H_ */ + /* Local Variables: */ /* c-file-style: "stroustrup" */ /* End: */ diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h index 2744cd2..1aef6bb 100644 --- a/lib/include/radsec/radsec.h +++ b/lib/include/radsec/radsec.h @@ -3,14 +3,14 @@ /* See the file COPYING for licensing information. */ +#ifndef _RADSEC_RADSEC_H_ +#define _RADSEC_RADSEC_H_ 1 + #include -#include +#include -#ifdef SYSCONFDIR -#define RS_FREERADIUS_DICT SYSCONFDIR "/raddb/dictionary" -#else /* !SYSCONFDIR */ -#define RS_FREERADIUS_DICT "/usr/local/raddb/dictionary" -#endif /* !SYSCONFDIR */ +#include +#include enum rs_error_code { RSE_OK = 0, @@ -19,7 +19,7 @@ enum rs_error_code { RSE_INVALID_CTX = 3, RSE_INVALID_CONN = 4, RSE_CONN_TYPE_MISMATCH = 5, - RSE_FR = 6, /* FreeRADIUS error. */ + RSE_FR = 6, RSE_BADADDR = 7, RSE_NOPEER = 8, RSE_EVENT = 9, /* libevent error. */ @@ -32,8 +32,31 @@ enum rs_error_code { RSE_TIMEOUT_CONN = 16, /* Connection timeout. */ RSE_INVAL = 17, /* Invalid argument. */ RSE_TIMEOUT_IO = 18, /* I/O timeout. */ - RSE_TIMEOUT = 19, /* High level timeout. */ + RSE_TIMEOUT= 19, /* High level timeout. */ RSE_DISCO = 20, + RSE_INUSE = 21, + RSE_PACKET_TOO_SMALL = 22, + RSE_PACKET_TOO_LARGE = 23, + RSE_ATTR_OVERFLOW = 24, + RSE_ATTR_TOO_SMALL = 25, + RSE_ATTR_TOO_LARGE = 26, + RSE_ATTR_UNKNOWN = 27, + RSE_ATTR_BAD_NAME = 28, + RSE_ATTR_VALUE_MALFORMED = 29, + RSE_ATTR_INVALID = 30, + RSE_TOO_MANY_ATTRS = 31, + RSE_ATTR_TYPE_UNKNOWN = 32, + RSE_MSG_AUTH_LEN = 33, + RSE_MSG_AUTH_WRONG = 34, + RSE_REQUEST_REQUIRED = 35, + RSE_INVALID_REQUEST_CODE = 36, + RSE_AUTH_VECTOR_WRONG = 37, + RSE_INVALID_RESPONSE_CODE = 38, + RSE_INVALID_RESPONSE_ID = 39, + RSE_INVALID_RESPONSE_SRC = 40, + RSE_NO_PACKET_DATA = 41, + RSE_VENDOR_UNKNOWN = 42, + RSE_MAX = RSE_VENDOR_UNKNOWN }; enum rs_conn_type { @@ -45,6 +68,39 @@ enum rs_conn_type { }; typedef unsigned int rs_conn_type_t; +typedef enum rs_attr_type_t { + RS_TYPE_INVALID = 0, /**< Invalid data type */ + RS_TYPE_STRING, /**< printable-text */ + RS_TYPE_INTEGER, /**< a 32-bit unsigned integer */ + RS_TYPE_IPADDR, /**< an IPv4 address */ + RS_TYPE_DATE, /**< a 32-bit date, of seconds since January 1, 1970 */ + RS_TYPE_OCTETS, /**< a sequence of binary octets */ + RS_TYPE_IFID, /**< an Interface Id */ + RS_TYPE_IPV6ADDR, /**< an IPv6 address */ + RS_TYPE_IPV6PREFIX, /**< an IPv6 prefix */ + RS_TYPE_BYTE, /**< an 8-bit integer */ + RS_TYPE_SHORT, /**< a 16-bit integer */ +} rs_attr_type_t; + +#define PW_ACCESS_REQUEST 1 +#define PW_ACCESS_ACCEPT 2 +#define PW_ACCESS_REJECT 3 +#define PW_ACCOUNTING_REQUEST 4 +#define PW_ACCOUNTING_RESPONSE 5 +#define PW_ACCOUNTING_STATUS 6 +#define PW_PASSWORD_REQUEST 7 +#define PW_PASSWORD_ACK 8 +#define PW_PASSWORD_REJECT 9 +#define PW_ACCOUNTING_MESSAGE 10 +#define PW_ACCESS_CHALLENGE 11 +#define PW_STATUS_SERVER 12 +#define PW_STATUS_CLIENT 13 +#define PW_DISCONNECT_REQUEST 40 +#define PW_DISCONNECT_ACK 41 +#define PW_DISCONNECT_NAK 42 +#define PW_COA_REQUEST 43 +#define PW_COA_ACK 44 +#define PW_COA_NAK 45 #if defined (__cplusplus) extern "C" { @@ -57,7 +113,8 @@ struct rs_packet; /* radsec-impl.h */ struct rs_conn; /* radsec-impl.h */ struct rs_error; /* radsec-impl.h */ struct rs_peer; /* radsec-impl.h */ -struct radius_packet; /* */ +struct radius_packet; /* */ +struct value_pair; /* */ struct event_base; /* */ typedef void *(*rs_calloc_fp) (size_t nmemb, size_t size); @@ -87,6 +144,8 @@ struct rs_conn_callbacks { rs_conn_packet_sent_cb sent_cb; }; +typedef struct value_pair rs_avp; +typedef const struct value_pair rs_const_avp; /* Function prototypes. */ @@ -251,9 +310,6 @@ void rs_packet_destroy(struct rs_packet *pkt); rs_err_conn_pop. */ int rs_packet_send(struct rs_packet *pkt, void *user_data); -/** Return the FreeRADIUS packet associated with packet \a pkt. */ -struct radius_packet *rs_packet_frpkt(struct rs_packet *pkt); - /** Create a RADIUS authentication request packet associated with connection \a conn. Optionally, User-Name and User-Password attributes are added to the packet using the data in \a user_name @@ -263,6 +319,28 @@ int rs_packet_create_authn_request(struct rs_connection *conn, const char *user_name, const char *user_pw); +/*** Append \a tail to packet \a pkt. */ +int +rs_packet_append_avp(struct rs_packet *pkt, + unsigned int attribute, unsigned int vendor, + const void *data, size_t data_len); + +/*** Get pointer to \a pkt attribute value pairs. */ +void +rs_packet_avps(struct rs_packet *pkt, rs_avp ***vps); + +/*** Get RADIUS packet type of \a pkt. */ +unsigned int +rs_packet_code(struct rs_packet *pkt); + +/*** Get RADIUS AVP from \a pkt. */ +rs_const_avp * +rs_packet_find_avp(struct rs_packet *pkt, unsigned int attr, unsigned int vendor); + +/*** Set packet identifier in \a pkt; returns old identifier */ +int +rs_packet_set_id (struct rs_packet *pkt, int id); + /************/ /* Config. */ /************/ @@ -309,10 +387,154 @@ void rs_err_free(struct rs_error *err); char *rs_err_msg(struct rs_error *err); int rs_err_code(struct rs_error *err, int dofree_flag); +/************/ +/* AVPs. */ +/************/ +#define rs_avp_is_string(vp) (rs_avp_typeof(vp) == RS_TYPE_STRING) +#define rs_avp_is_integer(vp) (rs_avp_typeof(vp) == RS_TYPE_INTEGER) +#define rs_avp_is_ipaddr(vp) (rs_avp_typeof(vp) == RS_TYPE_IPADDR) +#define rs_avp_is_date(vp) (rs_avp_typeof(vp) == RS_TYPE_DATE) +#define rs_avp_is_octets(vp) (rs_avp_typeof(vp) == RS_TYPE_OCTETS) +#define rs_avp_is_ifid(vp) (rs_avp_typeof(vp) == RS_TYPE_IFID) +#define rs_avp_is_ipv6addr(vp) (rs_avp_typeof(vp) == RS_TYPE_IPV6ADDR) +#define rs_avp_is_ipv6prefix(vp) (rs_avp_typeof(vp) == RS_TYPE_IPV6PREFIX) +#define rs_avp_is_byte(vp) (rs_avp_typeof(vp) == RS_TYPE_BYTE) +#define rs_avp_is_short(vp) (rs_avp_typeof(vp) == RS_TYPE_SHORT) +#define rs_avp_is_tlv(vp) (rs_avp_typeof(vp) == RS_TYPE_TLV) + +/** The maximum length of a RADIUS attribute. + * + * The RFCs require that a RADIUS attribute transport no more than + * 253 octets of data. We add an extra byte for a trailing NUL, so + * that the VALUE_PAIR::vp_strvalue field can be handled as a C + * string. + */ +#define RS_MAX_STRING_LEN 254 + +void +rs_avp_free(rs_avp **vps); + +size_t +rs_avp_length(rs_const_avp *vp); + +rs_attr_type_t +rs_avp_typeof(rs_const_avp *vp); + +void +rs_avp_attrid(rs_const_avp *vp, unsigned int *attr, unsigned int *vendor); + + +void +rs_avp_append(rs_avp **head, rs_avp *tail); + +rs_avp * +rs_avp_find(rs_avp *vp, unsigned int attr, unsigned int vendor); + +rs_const_avp * +rs_avp_find_const(rs_const_avp *vp, unsigned int attr, unsigned int vendor); + +rs_avp * +rs_avp_alloc(unsigned int attr, unsigned int vendor); + +rs_avp * +rs_avp_dup(rs_const_avp *vp); + +int +rs_avp_delete(rs_avp **first, unsigned int attr, unsigned int vendor); + +rs_avp * +rs_avp_next(rs_avp *avp); + +rs_const_avp * +rs_avp_next_const(rs_const_avp *avp); + +const char * +rs_avp_string_value(rs_const_avp *vp); + +int +rs_avp_string_set(rs_avp *vp, const char *str); + +uint32_t +rs_avp_integer_value(rs_const_avp *vp); + +int +rs_avp_integer_set(rs_avp *vp, uint32_t val); + +uint32_t +rs_avp_ipaddr_value(rs_const_avp *vp); + +int +rs_avp_ipaddr_set(rs_avp *vp, struct in_addr in); + +time_t +rs_avp_date_value(rs_const_avp *vp); + +int +rs_avp_date_set(rs_avp *vp, time_t date); + +const unsigned char * +rs_avp_octets_value_const_ptr(rs_const_avp *vp); + +unsigned char * +rs_avp_octets_value_ptr(rs_avp *vp); + +int +rs_avp_octets_value_byref(rs_avp *vp, + unsigned char **p, + size_t *len); + +int +rs_avp_octets_value(rs_const_avp *vp, + unsigned char *buf, + size_t *len); + +int +rs_avp_fragmented_value(rs_const_avp *vps, + unsigned char *buf, + size_t *len); + +int +rs_avp_octets_set(rs_avp *vp, + const unsigned char *buf, + size_t len); + +int +rs_avp_ifid_value(rs_const_avp *vp, uint8_t val[8]); + +int +rs_avp_ifid_set(rs_avp *vp, const uint8_t val[8]); + +uint8_t +rs_avp_byte_value(rs_const_avp *vp); + +int +rs_avp_byte_set(rs_avp *vp, uint8_t val); + +uint16_t +rs_avp_short_value(rs_const_avp *vp); + +int +rs_avp_short_set(rs_avp *vp, uint16_t val); + +size_t +rs_avp_display_value(rs_const_avp *vp, + char *buffer, + size_t buflen); + +int +rs_attr_find(const char *name, + unsigned int *attr, + unsigned int *vendor); + +const char * +rs_avp_name(rs_const_avp *vp); + #if defined (__cplusplus) } #endif +#endif /* _RADSEC_RADSEC_H_ */ + /* Local Variables: */ /* c-file-style: "stroustrup" */ /* End: */ diff --git a/lib/include/radsec/request-impl.h b/lib/include/radsec/request-impl.h index 8bcac60..d2c14dd 100644 --- a/lib/include/radsec/request-impl.h +++ b/lib/include/radsec/request-impl.h @@ -1,5 +1,8 @@ /* See the file COPYING for licensing information. */ +#ifndef _RADSEC_REQUEST_IMPL_H_ +#define _RADSEC_REQUEST_IMPL_H_ 1 + #if defined (__cplusplus) extern "C" { #endif @@ -16,3 +19,5 @@ struct rs_request #if defined (__cplusplus) } #endif + +#endif /* _RADSEC_REQUEST_IMPL_H_ */ diff --git a/lib/include/radsec/request.h b/lib/include/radsec/request.h index e914164..f124373 100644 --- a/lib/include/radsec/request.h +++ b/lib/include/radsec/request.h @@ -3,6 +3,9 @@ /* See the file COPYING for licensing information. */ +#ifndef _RADSEC_REQUEST_H_ +#define _RADSEC_REQUEST_H_ 1 + struct rs_request; #if defined (__cplusplus) @@ -42,3 +45,5 @@ struct rs_packet *rs_request_get_reqmsg(const struct rs_request *req); #if defined (__cplusplus) } #endif + +#endif /* _RADSEC_REQUEST_H_ */ -- cgit v1.1 From 3fd136cdbc85ddff5ed0a5953ee1827b9a948748 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Mon, 14 Nov 2011 12:43:48 +1100 Subject: remove rs_context_init_freeradius_dict --- lib/include/radsec/radsec.h | 14 -------------- 1 file changed, 14 deletions(-) (limited to 'lib/include') diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h index 1aef6bb..4e5e426 100644 --- a/lib/include/radsec/radsec.h +++ b/lib/include/radsec/radsec.h @@ -166,20 +166,6 @@ int rs_context_create(struct rs_context **ctx); all other libradsec objects have been freed. */ void rs_context_destroy(struct rs_context *ctx); -/** Initialize FreeRADIUS dictionary needed for creating packets. - - \a ctx Context. - - \a dict Optional string with full path to FreeRADIUS dictionary. - If \a dict is NULL the path to the dictionary file is taken from - the "dictionary" configuration directive. Note that the - configuration file must be read prior to using this option (see \a - rs_context_read_config). - - \return RSE_OK (0) on success, RSE_NOMEM on memory allocation - error and RSE_FR on FreeRADIUS error. */ -int rs_context_init_freeradius_dict(struct rs_context *ctx, const char *dict); - /** Set allocation scheme to use. \a scheme is the allocation scheme to use, see \a rs_alloc_scheme. \return On success, RSE_OK (0) is returned. On error, !0 is returned and a struct \a rs_error is -- cgit v1.1 From ac17a556bd50969c8157d50761449b702afa4af8 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Mon, 14 Nov 2011 16:59:55 +1100 Subject: port new RADIUS library to Windows Conflicts: lib/configure.ac lib/include/radsec/radsec.h lib/radius/client.h --- lib/include/radsec/radsec.h | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) (limited to 'lib/include') diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h index 4e5e426..33d7990 100644 --- a/lib/include/radsec/radsec.h +++ b/lib/include/radsec/radsec.h @@ -6,11 +6,21 @@ #ifndef _RADSEC_RADSEC_H_ #define _RADSEC_RADSEC_H_ 1 +#ifdef HAVE_CONFIG_H +#include +#endif +#ifdef HAVE_SYS_TIME_H +#include +#endif +#ifdef HAVE_ARPA_INET_H +#include +#endif +#ifdef HAVE_UNISTD_H #include +#endif +#ifdef HAVE_STDINT_H #include - -#include -#include +#endif enum rs_error_code { RSE_OK = 0, -- cgit v1.1 From 34747348ee53e02bb6faa6a6e26c1440e327ff60 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Mon, 14 Nov 2011 17:05:17 +1100 Subject: remove rs_packet_frpkt --- lib/include/radsec/radsec-impl.h | 3 --- 1 file changed, 3 deletions(-) (limited to 'lib/include') diff --git a/lib/include/radsec/radsec-impl.h b/lib/include/radsec/radsec-impl.h index 2df632a..da4e99c 100644 --- a/lib/include/radsec/radsec-impl.h +++ b/lib/include/radsec/radsec-impl.h @@ -125,9 +125,6 @@ struct rs_error *rs_resolv (struct evutil_addrinfo **addr, const char *hostname, const char *service); -/** Return the internal packet associated with packet \a pkt. */ -struct radius_packet *rs_packet_frpkt(struct rs_packet *pkt); - #if defined (__cplusplus) } #endif -- cgit v1.1 From f780ff204e39420aabf94a7fab4e2c37790b658f Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Mon, 14 Nov 2011 17:05:55 +1100 Subject: remove dictionary configuration parameter --- lib/include/radsec/radsec-impl.h | 1 - 1 file changed, 1 deletion(-) (limited to 'lib/include') diff --git a/lib/include/radsec/radsec-impl.h b/lib/include/radsec/radsec-impl.h index da4e99c..2274a99 100644 --- a/lib/include/radsec/radsec-impl.h +++ b/lib/include/radsec/radsec-impl.h @@ -62,7 +62,6 @@ struct rs_realm { /** Top configuration object. */ struct rs_config { - char *dictionary; struct rs_realm *realms; cfg_t *cfg; }; -- cgit v1.1 From d9ae6534eed05639403584b7b2733ec36c08f1a4 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Mon, 14 Nov 2011 18:54:44 +1100 Subject: add rs_attr_display_name/rs_attr_parse_name --- lib/include/radsec/radsec.h | 57 +++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 53 insertions(+), 4 deletions(-) (limited to 'lib/include') diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h index 33d7990..6e967af 100644 --- a/lib/include/radsec/radsec.h +++ b/lib/include/radsec/radsec.h @@ -407,121 +407,170 @@ int rs_err_code(struct rs_error *err, int dofree_flag); */ #define RS_MAX_STRING_LEN 254 +/** Free the AVP list \a vps */ void rs_avp_free(rs_avp **vps); +/** Return the length of AVP \a vp in bytes */ size_t rs_avp_length(rs_const_avp *vp); +/** Return the type of \a vp */ rs_attr_type_t rs_avp_typeof(rs_const_avp *vp); +/** Retrieve the attribute and vendor ID of \a vp */ void rs_avp_attrid(rs_const_avp *vp, unsigned int *attr, unsigned int *vendor); - +/** Add \a vp to the list pointed to by \a head */ void -rs_avp_append(rs_avp **head, rs_avp *tail); +rs_avp_append(rs_avp **head, rs_avp *vp); +/** Find an AVP in \a vp that matches \a attr and \a vendor */ rs_avp * rs_avp_find(rs_avp *vp, unsigned int attr, unsigned int vendor); +/** Find an AVP in \a vp that matches \a attr and \a vendor */ rs_const_avp * rs_avp_find_const(rs_const_avp *vp, unsigned int attr, unsigned int vendor); +/** Alloc a new AVP for \a attr and \a vendor */ rs_avp * rs_avp_alloc(unsigned int attr, unsigned int vendor); +/** Duplicate existing AVP \a vp */ rs_avp * rs_avp_dup(rs_const_avp *vp); +/** Remove matching AVP from list \a vps */ int -rs_avp_delete(rs_avp **first, unsigned int attr, unsigned int vendor); +rs_avp_delete(rs_avp **vps, unsigned int attr, unsigned int vendor); +/** Return next AVP in list */ rs_avp * -rs_avp_next(rs_avp *avp); +rs_avp_next(rs_avp *vp); +/** Return next AVP in list */ rs_const_avp * rs_avp_next_const(rs_const_avp *avp); +/** Return string value of \a vp */ const char * rs_avp_string_value(rs_const_avp *vp); +/** Set AVP \a vp to string \a str */ int rs_avp_string_set(rs_avp *vp, const char *str); +/** Return integer value of \a vp */ uint32_t rs_avp_integer_value(rs_const_avp *vp); +/** Set AVP \a vp to integer \a val */ int rs_avp_integer_set(rs_avp *vp, uint32_t val); +/** Return IPv4 value of \a vp */ uint32_t rs_avp_ipaddr_value(rs_const_avp *vp); +/** Set AVP \a vp to IPv4 address \a in */ int rs_avp_ipaddr_set(rs_avp *vp, struct in_addr in); +/** Return POSIX time value of \a vp */ time_t rs_avp_date_value(rs_const_avp *vp); +/** Set AVP \a vp to POSIX time \a date */ int rs_avp_date_set(rs_avp *vp, time_t date); +/** Return constant pointer to octets in \a vp */ const unsigned char * rs_avp_octets_value_const_ptr(rs_const_avp *vp); +/** Return pointer to octets in \a vp */ unsigned char * rs_avp_octets_value_ptr(rs_avp *vp); +/** Retrieve octet pointer \a p and length \a len from \a vp */ int rs_avp_octets_value_byref(rs_avp *vp, unsigned char **p, size_t *len); +/** Copy octets from \a vp into \a buf and \a len */ int rs_avp_octets_value(rs_const_avp *vp, unsigned char *buf, size_t *len); +/** + * Copy octets possibly fragmented across multiple VPs + * into \a buf and \a len + */ int rs_avp_fragmented_value(rs_const_avp *vps, unsigned char *buf, size_t *len); +/** Copy \a len octets in \a buf to AVP \a vp */ int rs_avp_octets_set(rs_avp *vp, const unsigned char *buf, size_t len); +/** Return IFID value of \a vp */ int rs_avp_ifid_value(rs_const_avp *vp, uint8_t val[8]); int rs_avp_ifid_set(rs_avp *vp, const uint8_t val[8]); +/** Return byte value of \a vp */ uint8_t rs_avp_byte_value(rs_const_avp *vp); +/** Set AVP \a vp to byte \a val */ int rs_avp_byte_set(rs_avp *vp, uint8_t val); +/** Return short value of \a vp */ uint16_t rs_avp_short_value(rs_const_avp *vp); +/** Set AVP \a vp to short integer \a val */ int rs_avp_short_set(rs_avp *vp, uint16_t val); +/** Display possibly \a canonical attribute name into \a buffer */ +int +rs_attr_display_name (unsigned int attr, + unsigned int vendor, + char *buffer, + size_t bufsize, + int canonical); + +/** Display AVP \a vp into \a buffer */ size_t rs_avp_display_value(rs_const_avp *vp, char *buffer, size_t buflen); int +rs_attr_parse_name (const char *name, + unsigned int *attr, + unsigned int *vendor); + +/** Lookup attribute \a name */ +int rs_attr_find(const char *name, unsigned int *attr, unsigned int *vendor); +/** Return dictionary name for AVP \a vp */ const char * rs_avp_name(rs_const_avp *vp); -- cgit v1.1 From 09d1cff2418a900b587b2113f508984f2417cc11 Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Mon, 17 Dec 2012 16:11:14 +0100 Subject: Add formal argument 'secret' to two public functions. The functions are rs_packet_create_authn_request() and rs_request_create_authn(). Attributes of type PW_USER_PASSWORD are supposed to be MD5 obfuscated (see vp2data_any()). NOTE: This is a non-backward compatible API change. --- lib/include/radsec/radsec.h | 8 +++++--- lib/include/radsec/request.h | 6 ++++-- 2 files changed, 9 insertions(+), 5 deletions(-) (limited to 'lib/include') diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h index 6c4f6a7..b45aea1 100644 --- a/lib/include/radsec/radsec.h +++ b/lib/include/radsec/radsec.h @@ -310,12 +310,14 @@ int rs_packet_send(struct rs_packet *pkt, void *user_data); /** Create a RADIUS authentication request packet associated with connection \a conn. Optionally, User-Name and User-Password - attributes are added to the packet using the data in \a user_name - and \a user_pw. */ + attributes are added to the packet using the data in \a user_name, + \a user_pw and \a secret where \secret is the RADIUS shared + secret. */ int rs_packet_create_authn_request(struct rs_connection *conn, struct rs_packet **pkt, const char *user_name, - const char *user_pw); + const char *user_pw, + const char *secret); /*** Append \a tail to packet \a pkt. */ int diff --git a/lib/include/radsec/request.h b/lib/include/radsec/request.h index f124373..574f395 100644 --- a/lib/include/radsec/request.h +++ b/lib/include/radsec/request.h @@ -22,11 +22,13 @@ void rs_request_add_reqpkt(struct rs_request *req, struct rs_packet *req_msg); /** Create a request associated with connection \a conn containing a newly created RADIUS authentication message, possibly with \a user_name and \a user_pw attributes. \a user_name and _user_pw - are optional and can be NULL. */ + are optional and can be NULL. If they are present, \a secret must + also be given and is used for "hiding" the password. */ int rs_request_create_authn(struct rs_connection *conn, struct rs_request **req_out, const char *user_name, - const char *user_pw); + const char *user_pw, + const char *secret); /** Send request \a req and wait for a matching response. The response is put in \a resp_msg (if not NULL). NOTE: At present, -- cgit v1.1 From 937144b230752ac640e611cabb57387f613997bc Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Wed, 19 Dec 2012 10:41:57 +0100 Subject: Rename COPYING -> LICENSE. And distribute LICENSE and HACKING. --- lib/include/radsec/radsec-impl.h | 2 +- lib/include/radsec/radsec.h | 2 +- lib/include/radsec/request-impl.h | 2 +- lib/include/radsec/request.h | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) (limited to 'lib/include') diff --git a/lib/include/radsec/radsec-impl.h b/lib/include/radsec/radsec-impl.h index 6339e74..a4d97f0 100644 --- a/lib/include/radsec/radsec-impl.h +++ b/lib/include/radsec/radsec-impl.h @@ -1,7 +1,7 @@ /** @file libradsec-impl.h @brief Libraray internal header file for libradsec. */ -/* See the file COPYING for licensing information. */ +/* See LICENSE for licensing information. */ #ifndef _RADSEC_RADSEC_IMPL_H_ #define _RADSEC_RADSEC_IMPL_H_ 1 diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h index b45aea1..7bd7f10 100644 --- a/lib/include/radsec/radsec.h +++ b/lib/include/radsec/radsec.h @@ -1,7 +1,7 @@ /** \file radsec.h \brief Public interface for libradsec. */ -/* See the file COPYING for licensing information. */ +/* See LICENSE for licensing information. */ #ifndef _RADSEC_RADSEC_H_ #define _RADSEC_RADSEC_H_ 1 diff --git a/lib/include/radsec/request-impl.h b/lib/include/radsec/request-impl.h index d2c14dd..bb61dd6 100644 --- a/lib/include/radsec/request-impl.h +++ b/lib/include/radsec/request-impl.h @@ -1,4 +1,4 @@ -/* See the file COPYING for licensing information. */ +/* See LICENSE for licensing information. */ #ifndef _RADSEC_REQUEST_IMPL_H_ #define _RADSEC_REQUEST_IMPL_H_ 1 diff --git a/lib/include/radsec/request.h b/lib/include/radsec/request.h index 574f395..d3caffe 100644 --- a/lib/include/radsec/request.h +++ b/lib/include/radsec/request.h @@ -1,7 +1,7 @@ /** \file request.h \brief Public interface for libradsec request's. */ -/* See the file COPYING for licensing information. */ +/* See LICENSE for licensing information. */ #ifndef _RADSEC_REQUEST_H_ #define _RADSEC_REQUEST_H_ 1 -- cgit v1.1 From 8f6155f3fa89f0b8c16bdc3b73db2d479105aab4 Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Wed, 16 Jan 2013 15:39:53 +0100 Subject: Fix a doc comment. --- lib/include/radsec/request.h | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'lib/include') diff --git a/lib/include/radsec/request.h b/lib/include/radsec/request.h index d3caffe..f0151f8 100644 --- a/lib/include/radsec/request.h +++ b/lib/include/radsec/request.h @@ -20,10 +20,11 @@ int rs_request_create(struct rs_connection *conn, struct rs_request **req_out); void rs_request_add_reqpkt(struct rs_request *req, struct rs_packet *req_msg); /** Create a request associated with connection \a conn containing a - newly created RADIUS authentication message, possibly with \a - user_name and \a user_pw attributes. \a user_name and _user_pw - are optional and can be NULL. If they are present, \a secret must - also be given and is used for "hiding" the password. */ + newly created RADIUS authentication message, possibly with + \a user_name and \a user_pw attributes. \a user_name and \a user_pw + are optional and can be NULL. If \a user_name and \a user_pw are provided, + \a secret must also be provided. \a secret is used for "hiding" the + password. */ int rs_request_create_authn(struct rs_connection *conn, struct rs_request **req_out, const char *user_name, -- cgit v1.1