From a13cddc1331aa1f5e7dca7d1b44482951d2757bf Mon Sep 17 00:00:00 2001
From: Luke Howard <lukeh@padl.com>
Date: Sun, 13 Nov 2011 17:16:14 +1100
Subject: port to new RADIUS client library

---
 lib/radius/client.h | 202 ++++++++++++++--------------------------------------
 1 file changed, 52 insertions(+), 150 deletions(-)

(limited to 'lib/radius/client.h')

diff --git a/lib/radius/client.h b/lib/radius/client.h
index 591884f..df9f834 100644
--- a/lib/radius/client.h
+++ b/lib/radius/client.h
@@ -29,6 +29,9 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *  \brief Main header file.
  */
 
+#ifndef _RADIUS_CLIENT_H_
+#define _RADIUS_CLIENT_H_ 1
+
 /*
  *  System-specific header files.
  */
@@ -42,10 +45,12 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 #include <netinet/in.h>
 #include <sys/time.h>
 
+#include <radsec/radsec.h>
+
 /*
  *  Definitions of attributes.
  */
-#include <networkradius-devel/radius.h>
+#include <radsec/radius.h>
 
 /** \defgroup build Build Helpers
  *
@@ -135,38 +140,38 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 #endif
 
 #ifdef WITHOUT_OPENSSL
-#ifndef NR_MD5_CTX
-#error NR_MD5_CTX must be defined
+#ifndef RS_MD5_CTX
+#error RS_MD5_CTX must be defined
 #endif
-#ifndef nr_MD5Init
+#ifndef RS_MD5Init
 #error n_rMD5Init must be defined
 #endif
-#ifndef nr_MD5Update
-#error nr_MD5Updyae must be defined
+#ifndef RS_MD5Update
+#error RS_MD5Updyae must be defined
 #endif
-#ifndef nr_MD5Final
-#error nr_MD5Final must be defined
+#ifndef RS_MD5Final
+#error RS_MD5Final must be defined
 #endif
-#ifndef nr_MD5Transform
-#error nr_MD5Transform must be defined
+#ifndef RS_MD5Transform
+#error RS_MD5Transform must be defined
 #endif
 
 #else  /* WITHOUT_OPENSSL */
 
 #include <openssl/md5.h>
 /** Define for compile-time selection of the MD5 functions.  Defaults to using the OpenSSL functions.  \ingroup custom */
-#define NR_MD5_CTX	MD5_CTX
+#define RS_MD5_CTX	MD5_CTX
 /** Define for compile-time selection of the MD5 functions.  Defaults to using the OpenSSL functions. \ingroup custom */
-#define nr_MD5Init	MD5_Init
+#define RS_MD5Init	MD5_Init
 /** Define for compile-time selection of the MD5 functions.  Defaults to using the OpenSSL functions. \ingroup custom */
-#define nr_MD5Update	MD5_Update
+#define RS_MD5Update	MD5_Update
 /** Define for compile-time selection of the MD5 functions.  Defaults to using the OpenSSL functions. \ingroup custom */
-#define nr_MD5Final	MD5_Final
+#define RS_MD5Final	MD5_Final
 /** Define for compile-time selection of the MD5 functions.  Defaults to using the OpenSSL functions. \ingroup custom */
-#define nr_MD5Transform MD5_Transform
+#define RS_MD5Transform MD5_Transform
 #endif
 
-#ifndef NR_MAX_PACKET_LEN
+#ifndef RS_MAX_PACKET_LEN
 /** The maximum size of a packet that the library will send or receive.  \ingroup custom
  *
  *  The RFC requirement is to handle at least 4K packets.  However, if
@@ -176,144 +181,39 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *  Be warned that any packets larger than this value will be ignored
  *  and silently discarded.
  */
-#define NR_MAX_PACKET_LEN (4096)
+#define RS_MAX_PACKET_LEN (4096)
 #endif
 
-#ifndef NR_MAX_ATTRIBUTES
+#ifndef RS_MAX_ATTRIBUTES
 /** The maximum number of attributes that the library will allow in a packet.  \ingroup custom
  *
- *  Packets which contain more than ::NR_MAX_ATTRIBUTES will generate
+ *  Packets which contain more than ::RS_MAX_ATTRIBUTES will generate
  *  an error.  This value is configurable because there may be a need
  *  to accept a large mumber of attributes.
  *
  *  This value is ignored when packets are sent.  The library will
  *  send as many attributes as it is told to send.
  */
-#define NR_MAX_ATTRIBUTES (200)
+#define RS_MAX_ATTRIBUTES (200)
 #endif
 
-#undef NR_MAX_PACKET_CODE
+#undef RS_MAX_PACKET_CODE
 /** The maximum RADIUS_PACKET::code which we can accept. \ingroup dict
  *
  *  \attention This should not be changed, as it is used by other
  *  structures such as ::nr_packet_codes.
  */
-#define NR_MAX_PACKET_CODE PW_COA_NAK
+#define RS_MAX_PACKET_CODE PW_COA_NAK
 
 /**  The maximum vendor number which is permitted. \ingroup dict
  *
  *  The RFCs require that the Vendor Id or Private Enterprise Number
  *  be encoded as 32 bits, with the upper 8 bits being zero.
  */
-#define NR_MAX_VENDOR		(1 << 24)
-
-/**  The maximum length of a RADIUS attribute.
- *
- *  The RFCs require that a RADIUS attribute transport no more than
- *  253 octets of data.  We add an extra byte for a trailing NUL, so
- *  that the VALUE_PAIR::vp_strvalue field can be handled as a C
- *  string.
- */
-#define MAX_STRING_LEN		(254)
+#define RS_MAX_VENDOR		(1 << 24)
 
 /** Data Type Definitions. \ingroup dict
  */
-typedef enum nr_attr_type_t {
-  NR_TYPE_INVALID = 0,		/**< Invalid data type */
-  NR_TYPE_STRING,      		/**< printable-text */
-  NR_TYPE_INTEGER,     		/**< a 32-bit unsigned integer */
-  NR_TYPE_IPADDR,      		/**< an IPv4 address */
-  NR_TYPE_DATE,			/**< a 32-bit date, of seconds since January 1, 1970 */
-  NR_TYPE_OCTETS,   		 /**< a sequence of binary octets */
-  NR_TYPE_IFID,	     		/**< an Interface Id */
-  NR_TYPE_IPV6ADDR,		/**< an IPv6 address */
-  NR_TYPE_IPV6PREFIX,		/**< an IPv6 prefix */
-  NR_TYPE_BYTE,			/**< an 8-bit integer */
-  NR_TYPE_SHORT,		/**< a 16-bit integer */
-} nr_attr_type_t;
-
-#define	PW_ACCESS_REQUEST		1
-#define	PW_ACCESS_ACCEPT		2
-#define	PW_ACCESS_REJECT		3
-#define	PW_ACCOUNTING_REQUEST		4
-#define	PW_ACCOUNTING_RESPONSE		5
-#define	PW_ACCOUNTING_STATUS		6
-#define PW_PASSWORD_REQUEST		7
-#define PW_PASSWORD_ACK			8
-#define PW_PASSWORD_REJECT		9
-#define	PW_ACCOUNTING_MESSAGE		10
-#define PW_ACCESS_CHALLENGE		11
-#define PW_STATUS_SERVER		12
-#define PW_STATUS_CLIENT		13
-#define PW_DISCONNECT_REQUEST		40
-#define PW_DISCONNECT_ACK		41
-#define PW_DISCONNECT_NAK		42
-#define PW_COA_REQUEST			43
-#define PW_COA_ACK			44
-#define PW_COA_NAK			45
-
-/** Error codes \ingroup error
- *
- *  The numerical value of these definitions may change from version
- *  to version of the library.
- */
-typedef enum nr_error_t {
-	/** Invalid argument */
-	NR_ERR_INVALID_ARG = 1,
-	/** Insufficient data to decode the packet */
-	NR_ERR_PACKET_TOO_SMALL,
-	/** The packet header says it is larger than the received data */
-	NR_ERR_PACKET_TOO_LARGE,
-	/** the attribute overflows the packet */
-	NR_ERR_ATTR_OVERFLOW,
-	/** the attribute header "length" field is too small */
-	NR_ERR_ATTR_TOO_SMALL,
-	/** the attribute is more than 256 octets long */
-	NR_ERR_ATTR_TOO_LARGE,
-	/** the attribute is unknown */
-	NR_ERR_ATTR_UNKNOWN,
-	/** the attribute name is improperly formatted */
-	NR_ERR_ATTR_BAD_NAME,
-	/** the attribute value could not be parsed */
-	NR_ERR_ATTR_VALUE_MALFORMED,
-	/** the attribute "type" is invalid */
-	NR_ERR_ATTR_INVALID,
-	/** the packet has too many attributes */
-	NR_ERR_TOO_MANY_ATTRS,
-	/** the attribute has an unsupported data type */
-	NR_ERR_ATTR_TYPE_UNKNOWN,
-	/** the Message-Authenticator has the wrong length */
-	NR_ERR_MSG_AUTH_LEN,
-	/** the Message-Authenticator is wrong */
-	NR_ERR_MSG_AUTH_WRONG,
-	/** we need a request packet to calculate something in the response */
-	NR_ERR_REQUEST_REQUIRED,
-	/** the request code is unsupported */
-	NR_ERR_REQUEST_CODE_INVALID,
-	/** the Authentication Vector is wrong */
-	NR_ERR_AUTH_VECTOR_WRONG,
-	/** the response code is unsupported */
-	NR_ERR_RESPONSE_CODE_INVALID,
-	/** the response ID field is invalid */
-	NR_ERR_RESPONSE_ID_INVALID,
-	/** the response is not from the correct source IP/port */
-	NR_ERR_RESPONSE_SRC_INVALID,
-	/** Look at "errno" for the error */
-	NR_ERR_SYSTEM,
-	/** We cannot encode the packet because of invalid arguments */
-	NR_ERR_NO_PACKET_DATA,
-	/** the vendor is unknown */
-	NR_ERR_VENDOR_UNKNOWN,
-	/** an internal sanity check failed */
-	NR_ERR_INTERNAL_FAILURE,
-	/** the caller requested an unsupported featuer */
-	NR_ERR_UNSUPPORTED,
-	/** we were unable to allocate memory */
-	NR_ERR_NO_MEM,
-	/** Resource is in use */
-	NR_ERR_IN_USE,
-} nr_error_t;
-
 #define TAG_VALID(x)          ((x) < 0x20)
 
 /** The attribute is not encrypted. */
@@ -335,7 +235,7 @@ typedef enum nr_error_t {
 typedef struct attr_flags {
 	unsigned int		has_tag : 1; /**< Attribute has an RFC 2868 tag */
 	unsigned int		unknown : 1; /**< Attribute is unknown */
-#ifdef NR_TYPE_TLV
+#ifdef RS_TYPE_TLV
 	unsigned int		has_tlv : 1; /* has sub attributes */
 	unsigned int		is_tlv : 1; /* is a sub attribute */
 #endif
@@ -358,7 +258,7 @@ typedef struct attr_flags {
  */
 typedef struct nr_dict_attr {
 	unsigned int		attr;		/**< Attribute number  */
-	nr_attr_type_t	      	type;		/**< Data type */
+	rs_attr_type_t	      	type;		/**< Data type */
 	unsigned int		vendor;		/**< Vendor-Id number  */
         ATTR_FLAGS              flags;
 	const char		*name;		/**< Printable name  */
@@ -392,21 +292,21 @@ typedef struct nr_dict_vendor {
  *
  */
 typedef union value_pair_data {
-	char			strvalue[MAX_STRING_LEN]; /* +1 for NUL */
+	char			strvalue[RS_MAX_STRING_LEN]; /* +1 for NUL */
 	uint8_t			octets[253];
 	struct in_addr		ipaddr;
 	struct in6_addr		ipv6addr;
 	uint32_t		date;
 	uint32_t		integer;
-#ifdef NR_TYPE_SIGNED
+#ifdef RS_TYPE_SIGNED
 	int32_t			sinteger;
 #endif
-#ifdef NR_TYPE_ABINARY
+#ifdef RS_TYPE_ABINARY
 	uint8_t			filter[32];
 #endif
 	uint8_t			ifid[8]; /* struct? */
 	uint8_t			ipv6prefix[18]; /* struct? */
-#ifdef NR_TYPE_TLV
+#ifdef RS_TYPE_TLV
 	uint8_t			*tlv;
 #endif
 } VALUE_PAIR_DATA;
@@ -432,23 +332,23 @@ typedef struct value_pair {
 #define vp_ipaddr     data.ipaddr.s_addr
 #define vp_date       data.integer
 #define vp_integer    data.integer
-#ifdef NR_TYPE_ABINARY
+#ifdef RS_TYPE_ABINARY
 #define vp_filter     data.filter
 #endif
-#ifdef NR_TYPE_ETHER
+#ifdef RS_TYPE_ETHER
 #define vp_ether      data.ether
 #endif
-#ifdef NR_TYPE_SIGNED
+#ifdef RS_TYPE_SIGNED
 #define vp_signed     data.sinteger
 #endif
-#ifdef NR_TYPE_TLV
+#ifdef RS_TYPE_TLV
 #define vp_tlv	      data.tlv
 #endif
 
-#ifdef NR_TYPE_TLV
-#define NR_ATTR_MAX_TLV (4)
-extern const int nr_attr_shift[NR_ATTR_MAX_TLV];
-extern const int nr_attr_mask[NR_ATTR_MAX_TLV];
+#ifdef RS_TYPE_TLV
+#define RS_ATTR_MAX_TLV (4)
+extern const int nr_attr_shift[RS_ATTR_MAX_TLV];
+extern const int nr_attr_mask[RS_ATTR_MAX_TLV];
 extern const unsigned int nr_attr_max_tlv;
 #endif
 
@@ -474,12 +374,12 @@ typedef struct radius_packet {
 	VALUE_PAIR		*vps;	/**< linked list of ::VALUE_PAIR */
 } RADIUS_PACKET;
 
-#define NR_PACKET_ENCODED  (1 << 0)
-#define NR_PACKET_HEADER   (1 << 1)
-#define NR_PACKET_SIGNED   (1 << 2)
-#define NR_PACKET_OK	   (1 << 3)
-#define NR_PACKET_VERIFIED (1 << 4)
-#define NR_PACKET_DECODED  (1 << 5)
+#define RS_PACKET_ENCODED  (1 << 0)
+#define RS_PACKET_HEADER   (1 << 1)
+#define RS_PACKET_SIGNED   (1 << 2)
+#define RS_PACKET_OK	   (1 << 3)
+#define RS_PACKET_VERIFIED (1 << 4)
+#define RS_PACKET_DECODED  (1 << 5)
 
 
 /** Track packets sent to a server. \ingroup id
@@ -634,7 +534,7 @@ extern VALUE_PAIR *nr_vps_find(VALUE_PAIR *head,
  *  packet.
  *
  *  \attention There is usually no need to call this function.  Use
- *  the NR_DA_* definitions instead.
+ *  the RS_DA_* definitions instead.
  *
  * @param[in] attr    Value of the attribute
  * @param[in] vendor  Value of the vendor
@@ -773,7 +673,7 @@ extern const DICT_ATTR const *nr_dict_attr_names[];
  *  application.  Packet codes which are not handled by the library
  *  have NULL for their names.
  */
-extern const char *nr_packet_codes[NR_MAX_PACKET_CODE + 1];
+extern const char *nr_packet_codes[RS_MAX_PACKET_CODE + 1];
 
 /** Verifies that a packet is "well formed".  \ingroup packet
  *
@@ -1406,3 +1306,5 @@ extern ssize_t nr_vp_sscanf_value(VALUE_PAIR *vp, const char *value);
  */
 # define BLANK_FORMAT ""
 #endif
+
+#endif /* _RADIUS_CLIENT_H_ */
-- 
cgit v1.1