X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=util_radius.h;h=656f1b792855054e866e329cd5ef2c560e21e7bf;hb=e063ba4e45d12dbc1a397653f9e77228835e4a2b;hp=45878693385e25c754d3ba1eb51594447e65dd24;hpb=4c2ed94fbe850e7914dd8caa1f9023dc466392f9;p=mech_eap.orig diff --git a/util_radius.h b/util_radius.h index 4587869..656f1b7 100644 --- a/util_radius.h +++ b/util_radius.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, JANET(UK) + * Copyright (c) 2011, JANET(UK) * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -30,20 +30,146 @@ * SUCH DAMAGE. */ -#include "gssapiP_eap.h" +/* + * RADIUS attribute provider. + */ #ifndef _UTIL_RADIUS_H_ #define _UTIL_RADIUS_H_ 1 -struct eap_gss_avp_list; +#ifdef __cplusplus + +struct gss_eap_radius_attr_provider : gss_eap_attr_provider { +public: + gss_eap_radius_attr_provider(void); + ~gss_eap_radius_attr_provider(void); + + bool initFromExistingContext(const gss_eap_attr_ctx *source, + const gss_eap_attr_provider *ctx); + bool initFromGssContext(const gss_eap_attr_ctx *source, + const gss_cred_id_t cred, + const gss_ctx_id_t ctx); + + bool getAttributeTypes(gss_eap_attr_enumeration_cb, void *data) const; + bool setAttribute(int complete, + const gss_buffer_t attr, + const gss_buffer_t value); + bool deleteAttribute(const gss_buffer_t attr); + bool getAttribute(const gss_buffer_t attr, + int *authenticated, + int *complete, + gss_buffer_t value, + gss_buffer_t display_value, + int *more) const; + gss_any_t mapToAny(int authenticated, + gss_buffer_t type_id) const; + void releaseAnyNameMapping(gss_buffer_t type_id, + gss_any_t input) const; + + const char *prefix(void) const; + const char *name(void) const; + bool initWithJsonObject(const gss_eap_attr_ctx *manager, + json_t *obj); + json_t *jsonRepresentation(void) const; + + bool getAttribute(uint32_t attribute, + int *authenticated, + int *complete, + gss_buffer_t value, + gss_buffer_t display_value, + int *more) const; + bool getAttribute(uint16_t attribute, + uint16_t vendor, + int *authenticated, + int *complete, + gss_buffer_t value, + gss_buffer_t display_value, + int *more) const; + bool setAttribute(int complete, + uint32_t attribute, + const gss_buffer_t value); + bool deleteAttribute(uint32_t attribute); + + bool getFragmentedAttribute(uint16_t attribute, + uint16_t vendor, + int *authenticated, + int *complete, + gss_buffer_t value) const; + + bool authenticated(void) const { return m_authenticated; } + + time_t getExpiryTime(void) const; + + static bool init(void); + static void finalize(void); + + static gss_eap_attr_provider *createAttrContext(void); + +private: + const VALUE_PAIR *getAvps(void) const { + return m_vps; + } + + VALUE_PAIR *m_vps; + bool m_authenticated; +}; + +/* For now */ +extern "C" { +#endif + +OM_uint32 +gssEapRadiusAddAvp(OM_uint32 *minor, + VALUE_PAIR **vp, + uint16_t type, + uint16_t vendor, + const gss_buffer_t buffer); OM_uint32 -radiusDuplicateAVPs(OM_uint32 *minor, - const struct eap_gss_avp_list *in, - struct eap_gss_avp_list **out); +gssEapRadiusGetAvp(OM_uint32 *minor, + VALUE_PAIR *vps, + uint16_t type, + uint16_t vendor, + gss_buffer_t buffer, + int concat); + +OM_uint32 +gssEapRadiusGetRawAvp(OM_uint32 *minor, + VALUE_PAIR *vps, + uint16_t type, + uint16_t vendor, + VALUE_PAIR **vp); +OM_uint32 +gssEapRadiusFreeAvps(OM_uint32 *minor, + VALUE_PAIR **vps); + +OM_uint32 gssEapRadiusAttrProviderInit(OM_uint32 *minor); +OM_uint32 gssEapRadiusAttrProviderFinalize(OM_uint32 *minor); OM_uint32 -radiusFreeAVPs(OM_uint32 *minor, - struct eap_gss_avp_list *in); +gssEapRadiusMapError(OM_uint32 *minor, + struct rs_error *err); + +#define RS_CONFIG_FILE SYSCONFDIR "/radsec.conf" + +#define VENDORPEC_MS 311 /* RFC 2548 */ + +#define PW_MS_MPPE_SEND_KEY 16 +#define PW_MS_MPPE_RECV_KEY 17 + +#define VENDORPEC_UKERNA 25622 + +#define PW_GSS_ACCEPTOR_SERVICE_NAME 128 +#define PW_GSS_ACCEPTOR_HOST_NAME 129 +#define PW_GSS_ACCEPTOR_SERVICE_SPECIFIC 130 +#define PW_GSS_ACCEPTOR_REALM_NAME 131 +#define PW_SAML_AAA_ASSERTION 132 + +#define IS_RADIUS_ERROR(code) ((code) >= ERROR_TABLE_BASE_rse && \ + (code) <= ERROR_TABLE_BASE_rse + RSE_TIMEOUT_IO) + +#ifdef __cplusplus +} +#endif #endif /* _UTIL_RADIUS_H_ */