X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=src%2Finclude%2Flibradius.h;h=bbf5e79e01f240da683c14810be76145afaa7a08;hb=bca85674a83f94b9cfae0ebdc129bbaf645c8f7d;hp=e618e5e977240a2ca5059b1c62214e50099e4542;hpb=ba1d0b8d3beace046e11276dbeb3af49818053ef;p=freeradius.git diff --git a/src/include/libradius.h b/src/include/libradius.h index e618e5e..bbf5e79 100644 --- a/src/include/libradius.h +++ b/src/include/libradius.h @@ -21,7 +21,7 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA * - * Copyright 2001,2002,2003,2004,2005,2006 The FreeRADIUS server project + * Copyright 1999,2000,2001,2002,2003,2004,2005,2006,2007,2008 The FreeRADIUS server project */ #include @@ -53,24 +53,27 @@ RCSIDH(libradius_h, "$Id$") #include #include +#ifndef WITHOUT_TCP +#define WITH_TCP (1) +#endif + #define EAP_START 2 #define AUTH_VECTOR_LEN 16 #define CHAP_VALUE_LENGTH 16 #define MAX_STRING_LEN 254 /* RFC2138: string 0-253 octets */ - -# define VENDOR(x) ((x >> 16) & 0x7fff) +#define FR_MAX_VENDOR (1 << 24) /* RFC limitations */ #ifdef _LIBRADIUS # define AUTH_HDR_LEN 20 # define VENDORPEC_USR 429 #define VENDORPEC_LUCENT 4846 #define VENDORPEC_STARENT 8164 -# define DEBUG if (librad_debug) printf -# define debug_pair(vp) do { if (librad_debug) { \ - putchar('\t'); \ - vp_print(stdout, vp); \ - putchar('\n'); \ +# define DEBUG if (fr_debug_flag && fr_log_fp) fr_printf_log +# define debug_pair(vp) do { if (fr_debug_flag && fr_log_fp) { \ + fputc('\t', fr_log_fp); \ + vp_print(fr_log_fp, vp); \ + fputc('\n', fr_log_fp); \ } \ } while(0) # define TAG_VALID(x) ((x) > 0 && (x) < 0x20) @@ -94,13 +97,19 @@ typedef struct attr_flags { unsigned int addport : 1; /* add NAS-Port to IP address */ unsigned int has_tag : 1; /* tagged attribute */ unsigned int do_xlat : 1; /* strvalue is dynamic */ - unsigned int caseless : 1; /* case insensitive compares */ + unsigned int unknown_attr : 1; /* not in dictionary */ unsigned int array : 1; /* pack multiples into 1 attr */ unsigned int has_value : 1; /* has a value */ unsigned int has_value_alias : 1; /* has a value alias */ + unsigned int has_tlv : 1; /* has sub attributes */ + unsigned int is_tlv : 1; /* is a sub attribute */ + unsigned int encoded : 1; /* has been put into packet */ + unsigned int extended : 1; /* extended attribute */ + unsigned int extended_flags : 1; /* with flag */ int8_t tag; /* tag for tunneled attributes */ uint8_t encrypt; /* encryption method */ + uint8_t length; } ATTR_FLAGS; /* @@ -112,23 +121,25 @@ typedef struct attr_flags { #define FLAG_ENCRYPT_ASCEND_SECRET (3) typedef struct dict_attr { - char name[40]; - int attr; + unsigned int attr; int type; int vendor; ATTR_FLAGS flags; + char name[1]; } DICT_ATTR; typedef struct dict_value { - int attr; + unsigned int attr; + unsigned int vendor; int value; char name[1]; } DICT_VALUE; typedef struct dict_vendor { int vendorpec; - int type; /* length of type data */ - int length; /* length of length data */ + size_t type; /* length of type data */ + size_t length; /* length of length data */ + size_t flags; char name[1]; } DICT_VENDOR; @@ -139,18 +150,21 @@ typedef union value_pair_data { struct in6_addr ipv6addr; uint32_t date; uint32_t integer; + int32_t sinteger; uint8_t filter[32]; uint8_t ifid[8]; /* struct? */ uint8_t ipv6prefix[18]; /* struct? */ + uint8_t ether[6]; + uint8_t *tlv; } VALUE_PAIR_DATA; typedef struct value_pair { - char name[40]; - int attribute; - int vendor; + const char *name; + unsigned int attribute; + unsigned int vendor; int type; - int length; /* of data */ - LRAD_TOKEN operator; + size_t length; /* of data */ + FR_TOKEN operator; ATTR_FLAGS flags; struct value_pair *next; uint32_t lvalue; @@ -162,6 +176,9 @@ typedef struct value_pair { #define vp_ifid data.ifid #define vp_ipv6prefix data.ipv6prefix #define vp_filter data.filter +#define vp_ether data.ether +#define vp_signed data.sinteger +#define vp_tlv data.tlv #if 0 #define vp_ipaddr data.ipaddr.s_addr @@ -178,13 +195,14 @@ typedef struct value_pair { #endif -typedef struct lrad_ipaddr_t { +typedef struct fr_ipaddr_t { int af; /* address family */ union { struct in_addr ip4addr; struct in6_addr ip6addr; /* maybe defined in missing.h */ } ipaddr; -} lrad_ipaddr_t; + uint32_t scope; /* for IPv6 */ +} fr_ipaddr_t; /* * vector: Request authenticator from access-request packet @@ -197,8 +215,8 @@ typedef struct lrad_ipaddr_t { */ typedef struct radius_packet { int sockfd; - lrad_ipaddr_t src_ipaddr; - lrad_ipaddr_t dst_ipaddr; + fr_ipaddr_t src_ipaddr; + fr_ipaddr_t dst_ipaddr; uint16_t src_port; uint16_t dst_port; int id; @@ -207,17 +225,24 @@ typedef struct radius_packet { uint8_t vector[AUTH_VECTOR_LEN]; time_t timestamp; uint8_t *data; - int data_len; + ssize_t data_len; VALUE_PAIR *vps; ssize_t offset; +#ifdef WITH_TCP + ssize_t partial; +#endif } RADIUS_PACKET; /* * Printing functions. */ -void librad_safeprint(char *in, int inlen, char *out, int outlen); -int vp_prints_value(char *out, int outlen, VALUE_PAIR *vp,int delimitst); -int vp_prints(char *out, int outlen, VALUE_PAIR *vp); +int fr_utf8_char(const uint8_t *str); +void fr_print_string(const char *in, size_t inlen, + char *out, size_t outlen); +int vp_prints_value(char *out, size_t outlen, + VALUE_PAIR *vp, int delimitst); +const char *vp_print_name(char *buffer, size_t bufsize, int attr, int vendor); +int vp_prints(char *out, size_t outlen, VALUE_PAIR *vp); void vp_print(FILE *, VALUE_PAIR *); void vp_printlist(FILE *, VALUE_PAIR *); #define fprint_attr_val vp_print @@ -226,14 +251,14 @@ void vp_printlist(FILE *, VALUE_PAIR *); * Dictionary functions. */ int dict_addvendor(const char *name, int value); -int dict_addattr(const char *name, int vendor, int type, int value, ATTR_FLAGS flags); +int dict_addattr(const char *name, int attr, int vendor, int type, ATTR_FLAGS flags); int dict_addvalue(const char *namestr, const char *attrstr, int value); int dict_init(const char *dir, const char *fn); void dict_free(void); -DICT_ATTR *dict_attrbyvalue(int attr); +DICT_ATTR *dict_attrbyvalue(unsigned int attr, unsigned int vendor); DICT_ATTR *dict_attrbyname(const char *attr); -DICT_VALUE *dict_valbyattr(int attr, int val); -DICT_VALUE *dict_valbyname(int attr, const char *val); +DICT_VALUE *dict_valbyattr(unsigned int attr, unsigned int vendor, int val); +DICT_VALUE *dict_valbyname(unsigned int attr, unsigned int vendor, const char *val); int dict_vendorbyname(const char *name); DICT_VENDOR *dict_vendorbyvalue(int vendor); @@ -257,26 +282,27 @@ DICT_VENDOR *dict_vendorbyvalue(int vendor); /* md5.c */ -void librad_md5_calc(uint8_t *, const uint8_t *, unsigned int); +void fr_md5_calc(uint8_t *, const uint8_t *, unsigned int); /* hmac.c */ -void lrad_hmac_md5(const uint8_t *text, int text_len, +void fr_hmac_md5(const uint8_t *text, int text_len, const uint8_t *key, int key_len, unsigned char *digest); /* hmacsha1.c */ -void lrad_hmac_sha1(const uint8_t *text, int text_len, +void fr_hmac_sha1(const uint8_t *text, int text_len, const uint8_t *key, int key_len, uint8_t *digest); /* radius.c */ int rad_send(RADIUS_PACKET *, const RADIUS_PACKET *, const char *secret); -int rad_packet_ok(RADIUS_PACKET *packet); -RADIUS_PACKET *rad_recv(int fd); -ssize_t rad_recv_header(int sockfd, lrad_ipaddr_t *src_ipaddr, int *src_port, +int rad_packet_ok(RADIUS_PACKET *packet, int flags); +RADIUS_PACKET *rad_recv(int fd, int flags); +ssize_t rad_recv_header(int sockfd, fr_ipaddr_t *src_ipaddr, int *src_port, int *code); +void rad_recv_discard(int sockfd); int rad_verify(RADIUS_PACKET *packet, RADIUS_PACKET *original, const char *secret); int rad_decode(RADIUS_PACKET *packet, RADIUS_PACKET *original, const char *secret); @@ -286,62 +312,74 @@ int rad_sign(RADIUS_PACKET *packet, const RADIUS_PACKET *original, const char *secret); RADIUS_PACKET *rad_alloc(int newvector); +RADIUS_PACKET *rad_alloc_reply(RADIUS_PACKET *); void rad_free(RADIUS_PACKET **); -int rad_pwencode(char *encpw, int *len, const char *secret, +int rad_pwencode(char *encpw, size_t *len, const char *secret, const uint8_t *vector); -int rad_pwdecode(char *encpw, int len, const char *secret, +int rad_pwdecode(char *encpw, size_t len, const char *secret, const uint8_t *vector); -int rad_tunnel_pwencode(char *encpw, int *len, const char *secret, +int rad_tunnel_pwencode(char *encpw, size_t *len, const char *secret, const uint8_t *vector); -int rad_tunnel_pwdecode(uint8_t *encpw, int *len, +int rad_tunnel_pwdecode(uint8_t *encpw, size_t *len, const char *secret, const uint8_t *vector); int rad_chap_encode(RADIUS_PACKET *packet, uint8_t *output, int id, VALUE_PAIR *password); VALUE_PAIR *rad_attr2vp(const RADIUS_PACKET *packet, const RADIUS_PACKET *original, - const char *secret, int attribute, int length, - const uint8_t *data); + const char *secret, int attribute, int vendor, + int length, const uint8_t *data); int rad_vp2attr(const RADIUS_PACKET *packet, const RADIUS_PACKET *original, const char *secret, - const VALUE_PAIR *vp, uint8_t *ptr); + const VALUE_PAIR *vp, uint8_t *ptr, size_t room); /* valuepair.c */ -VALUE_PAIR *paircreate(int attr, int type); +VALUE_PAIR *pairalloc(DICT_ATTR *da); +VALUE_PAIR *paircreate_raw(int attr, int vendor, int type, VALUE_PAIR *); +VALUE_PAIR *paircreate(int attr, int vendor, int type); void pairfree(VALUE_PAIR **); void pairbasicfree(VALUE_PAIR *pair); -VALUE_PAIR *pairfind(VALUE_PAIR *, int); -void pairdelete(VALUE_PAIR **, int); +VALUE_PAIR *pairfind(VALUE_PAIR *, unsigned int attr, unsigned int vendor); +void pairdelete(VALUE_PAIR **, unsigned int attr, unsigned int vendor); void pairadd(VALUE_PAIR **, VALUE_PAIR *); void pairreplace(VALUE_PAIR **first, VALUE_PAIR *add); int paircmp(VALUE_PAIR *check, VALUE_PAIR *data); +VALUE_PAIR *paircopyvp(const VALUE_PAIR *vp); VALUE_PAIR *paircopy(VALUE_PAIR *vp); -VALUE_PAIR *paircopy2(VALUE_PAIR *vp, int attr); +VALUE_PAIR *paircopy2(VALUE_PAIR *vp, unsigned int attr, unsigned int vendor); void pairmove(VALUE_PAIR **to, VALUE_PAIR **from); -void pairmove2(VALUE_PAIR **to, VALUE_PAIR **from, int attr); +void pairmove2(VALUE_PAIR **to, VALUE_PAIR **from, unsigned int attr, unsigned int vendor); VALUE_PAIR *pairparsevalue(VALUE_PAIR *vp, const char *value); VALUE_PAIR *pairmake(const char *attribute, const char *value, int operator); -VALUE_PAIR *pairread(char **ptr, LRAD_TOKEN *eol); -LRAD_TOKEN userparse(char *buffer, VALUE_PAIR **first_pair); +VALUE_PAIR *pairread(const char **ptr, FR_TOKEN *eol); +FR_TOKEN userparse(const char *buffer, VALUE_PAIR **first_pair); VALUE_PAIR *readvp2(FILE *fp, int *pfiledone, const char *errprefix); /* * Error functions. */ #ifdef _LIBRADIUS -void librad_log(const char *, ...) +void fr_strerror_printf(const char *, ...) #ifdef __GNUC__ __attribute__ ((format (printf, 1, 2))) #endif ; #endif -void librad_perror(const char *, ...) +void fr_perror(const char *, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 1, 2))) +#endif +; +extern const char *fr_strerror(void); +extern int fr_dns_lookups; /* 0 = no dns lookups */ +extern int fr_debug_flag; /* 0 = no debugging information */ +extern int fr_max_attributes; /* per incoming packet */ +#define FR_MAX_PACKET_CODE (52) +extern const char *fr_packet_codes[FR_MAX_PACKET_CODE]; +extern FILE *fr_log_fp; +void fr_printf_log(const char *, ...) #ifdef __GNUC__ __attribute__ ((format (printf, 1, 2))) #endif ; -extern char librad_errstr[]; -extern int librad_dodns; /* 0 = no dns lookups */ -extern int librad_debug; /* 0 = no debugging information */ -extern int librad_max_attributes; /* per incoming packet */ /* * Several handy miscellaneous functions. @@ -352,8 +390,8 @@ uint8_t *ifid_aton(const char *ifid_str, uint8_t *ifid); int rad_lockfd(int fd, int lock_len); int rad_lockfd_nonblock(int fd, int lock_len); int rad_unlockfd(int fd, int lock_len); -void lrad_bin2hex(const uint8_t *bin, char *hex, int len); -int lrad_hex2bin(const char *hex, uint8_t *bin, int len); +void fr_bin2hex(const uint8_t *bin, char *hex, size_t len); +size_t fr_hex2bin(const char *hex, uint8_t *bin, size_t len); #ifndef HAVE_INET_PTON int inet_pton(int af, const char *src, void *dst); #endif @@ -363,38 +401,41 @@ const char *inet_ntop(int af, const void *src, char *dst, size_t cnt); #ifndef HAVE_CLOSEFROM int closefrom(int fd); #endif -int lrad_ipaddr_cmp(const lrad_ipaddr_t *a, const lrad_ipaddr_t *b); - -int ip_hton(const char *src, int af, lrad_ipaddr_t *dst); -const char *ip_ntoh(const lrad_ipaddr_t *src, char *dst, size_t cnt); +int fr_ipaddr_cmp(const fr_ipaddr_t *a, const fr_ipaddr_t *b); +int ip_hton(const char *src, int af, fr_ipaddr_t *dst); +const char *ip_ntoh(const fr_ipaddr_t *src, char *dst, size_t cnt); +int fr_ipaddr2sockaddr(const fr_ipaddr_t *ipaddr, int port, + struct sockaddr_storage *sa, socklen_t *salen); +int fr_sockaddr2ipaddr(const struct sockaddr_storage *sa, socklen_t salen, + fr_ipaddr_t *ipaddr, int * port); #ifdef ASCEND_BINARY /* filters.c */ int ascend_parse_filter(VALUE_PAIR *pair); -void print_abinary(VALUE_PAIR *vp, char *buffer, int len); +void print_abinary(VALUE_PAIR *vp, char *buffer, size_t len); #endif /*ASCEND_BINARY*/ /* random numbers in isaac.c */ /* context of random number generator */ -typedef struct lrad_randctx { +typedef struct fr_randctx { uint32_t randcnt; uint32_t randrsl[256]; uint32_t randmem[256]; uint32_t randa; uint32_t randb; uint32_t randc; -} lrad_randctx; +} fr_randctx; -void lrad_isaac(lrad_randctx *ctx); -void lrad_randinit(lrad_randctx *ctx, int flag); -uint32_t lrad_rand(void); /* like rand(), but better. */ -void lrad_rand_seed(const void *, size_t ); /* seed the random pool */ +void fr_isaac(fr_randctx *ctx); +void fr_randinit(fr_randctx *ctx, int flag); +uint32_t fr_rand(void); /* like rand(), but better. */ +void fr_rand_seed(const void *, size_t ); /* seed the random pool */ /* crypt wrapper from crypt.c */ -int lrad_crypt_check(const char *key, const char *salt); +int fr_crypt_check(const char *key, const char *salt); /* rbtree.c */ typedef struct rbtree_t rbtree_t; @@ -433,15 +474,19 @@ int rbtree_walk(rbtree_t *tree, RBTREE_ORDER order, int (*callback)(void *, void /* * FIFOs */ -typedef struct lrad_fifo_t lrad_fifo_t; -typedef void (*lrad_fifo_free_t)(void *); -lrad_fifo_t *lrad_fifo_create(int max_entries, lrad_fifo_free_t freeNode); -void lrad_fifo_free(lrad_fifo_t *fi); -int lrad_fifo_push(lrad_fifo_t *fi, void *data); -void *lrad_fifo_pop(lrad_fifo_t *fi); -void *lrad_fifo_peek(lrad_fifo_t *fi); -int lrad_fifo_num_elements(lrad_fifo_t *fi); +typedef struct fr_fifo_t fr_fifo_t; +typedef void (*fr_fifo_free_t)(void *); +fr_fifo_t *fr_fifo_create(int max_entries, fr_fifo_free_t freeNode); +void fr_fifo_free(fr_fifo_t *fi); +int fr_fifo_push(fr_fifo_t *fi, void *data); +void *fr_fifo_pop(fr_fifo_t *fi); +void *fr_fifo_peek(fr_fifo_t *fi); +int fr_fifo_num_elements(fr_fifo_t *fi); #include +#ifdef WITH_TCP +#include +#endif + #endif /*LIBRADIUS_H*/