2 * $Id: radiusclient.h,v 1.5 2002/03/05 15:14:06 dfs Exp $
4 * Copyright (C) 1995,1996,1997,1998 Lars Fenneberg
6 * Copyright 1992 Livingston Enterprises, Inc.
8 * Copyright 1992,1993, 1994,1995 The Regents of the University of Michigan
9 * and Merit Network, Inc. All Rights Reserved
11 * See the file COPYRIGHT for the respective terms and conditions.
12 * If the file is missing contact me at lf@elemental.net
13 * and I'll send you a copy.
17 #ifndef RADIUSCLIENT_H
18 #define RADIUSCLIENT_H
20 #include <sys/types.h>
27 # define __BEGIN_DECLS extern "C" {
28 # define __END_DECLS }
30 # define __BEGIN_DECLS /* empty */
31 # define __END_DECLS /* empty */
35 #if defined (__STDC__) || defined (_AIX) || (defined (__mips) && defined (_SYSTYPE_SVR4)) || defined(WIN32) || defined(__cplusplus)
36 # define __P(protos) protos
38 # define __P(protos) ()
41 typedef unsigned long UINT4;
44 #define AUTH_VECTOR_LEN 16
45 #define AUTH_PASS_LEN (3 * 16) /* multiple of 16 */
46 #define AUTH_ID_LEN 64
47 #define AUTH_STRING_LEN 128 /* maximum of 253 */
49 #define BUFFER_LEN 8192
51 #define NAME_LENGTH 32
52 #define GETSTR_LENGTH 128 /* must be bigger than AUTH_PASS_LEN */
54 /* codes for radius_buildreq, radius_getport, etc. */
58 /* defines for config.c */
62 #define AUTH_LOCAL_FST (1<<0)
63 #define AUTH_RADIUS_FST (1<<1)
64 #define AUTH_LOCAL_SND (1<<2)
65 #define AUTH_RADIUS_SND (1<<3)
67 typedef struct server {
69 char *name[SERVER_MAX];
70 unsigned short port[SERVER_MAX];
73 typedef struct pw_auth_hdr
78 u_char vector[AUTH_VECTOR_LEN];
82 #define AUTH_HDR_LEN 20
83 #define MAX_SECRET_LENGTH (3 * 16) /* MUST be multiple of 16 */
84 #define CHAP_VALUE_LENGTH 16
86 #define PW_AUTH_UDP_PORT 1812
87 #define PW_ACCT_UDP_PORT 1813
89 #define PW_TYPE_STRING 0
90 #define PW_TYPE_INTEGER 1
91 #define PW_TYPE_IPADDR 2
92 #define PW_TYPE_DATE 3
94 /* standard RADIUS codes */
96 #define PW_ACCESS_REQUEST 1
97 #define PW_ACCESS_ACCEPT 2
98 #define PW_ACCESS_REJECT 3
99 #define PW_ACCOUNTING_REQUEST 4
100 #define PW_ACCOUNTING_RESPONSE 5
101 #define PW_ACCOUNTING_STATUS 6
102 #define PW_PASSWORD_REQUEST 7
103 #define PW_PASSWORD_ACK 8
104 #define PW_PASSWORD_REJECT 9
105 #define PW_ACCOUNTING_MESSAGE 10
106 #define PW_ACCESS_CHALLENGE 11
107 #define PW_STATUS_SERVER 12
108 #define PW_STATUS_CLIENT 13
111 /* standard RADIUS attribute-value pairs */
113 #define PW_USER_NAME 1 /* string */
114 #define PW_USER_PASSWORD 2 /* string */
115 #define PW_CHAP_PASSWORD 3 /* string */
116 #define PW_NAS_IP_ADDRESS 4 /* ipaddr */
117 #define PW_NAS_PORT 5 /* integer */
118 #define PW_SERVICE_TYPE 6 /* integer */
119 #define PW_FRAMED_PROTOCOL 7 /* integer */
120 #define PW_FRAMED_IP_ADDRESS 8 /* ipaddr */
121 #define PW_FRAMED_IP_NETMASK 9 /* ipaddr */
122 #define PW_FRAMED_ROUTING 10 /* integer */
123 #define PW_FILTER_ID 11 /* string */
124 #define PW_FRAMED_MTU 12 /* integer */
125 #define PW_FRAMED_COMPRESSION 13 /* integer */
126 #define PW_LOGIN_IP_HOST 14 /* ipaddr */
127 #define PW_LOGIN_SERVICE 15 /* integer */
128 #define PW_LOGIN_PORT 16 /* integer */
129 #define PW_OLD_PASSWORD 17 /* string */ /* deprecated */
130 #define PW_REPLY_MESSAGE 18 /* string */
131 #define PW_LOGIN_CALLBACK_NUMBER 19 /* string */
132 #define PW_FRAMED_CALLBACK_ID 20 /* string */
133 #define PW_EXPIRATION 21 /* date */ /* deprecated */
134 #define PW_FRAMED_ROUTE 22 /* string */
135 #define PW_FRAMED_IPX_NETWORK 23 /* integer */
136 #define PW_STATE 24 /* string */
137 #define PW_CLASS 25 /* string */
138 #define PW_VENDOR_SPECIFIC 26 /* string */
139 #define PW_SESSION_TIMEOUT 27 /* integer */
140 #define PW_IDLE_TIMEOUT 28 /* integer */
141 #define PW_TERMINATION_ACTION 29 /* integer */
142 #define PW_CALLED_STATION_ID 30 /* string */
143 #define PW_CALLING_STATION_ID 31 /* string */
144 #define PW_NAS_IDENTIFIER 32 /* string */
145 #define PW_PROXY_STATE 33 /* string */
146 #define PW_LOGIN_LAT_SERVICE 34 /* string */
147 #define PW_LOGIN_LAT_NODE 35 /* string */
148 #define PW_LOGIN_LAT_GROUP 36 /* string */
149 #define PW_FRAMED_APPLETALK_LINK 37 /* integer */
150 #define PW_FRAMED_APPLETALK_NETWORK 38 /* integer */
151 #define PW_FRAMED_APPLETALK_ZONE 39 /* string */
152 #define PW_CHAP_CHALLENGE 60 /* string */
153 #define PW_NAS_PORT_TYPE 61 /* integer */
154 #define PW_PORT_LIMIT 62 /* integer */
155 #define PW_LOGIN_LAT_PORT 63 /* string */
157 /* Vendor RADIUS attribute-value pairs */
158 #define PW_MS_CHAP_CHALLENGE 11 /* string */
159 #define PW_MS_CHAP_RESPONSE 1 /* string */
160 #define PW_MS_CHAP2_RESPONSE 25 /* string */
161 #define PW_MS_CHAP2_SUCCESS 26 /* string */
165 #define PW_ACCT_STATUS_TYPE 40 /* integer */
166 #define PW_ACCT_DELAY_TIME 41 /* integer */
167 #define PW_ACCT_INPUT_OCTETS 42 /* integer */
168 #define PW_ACCT_OUTPUT_OCTETS 43 /* integer */
169 #define PW_ACCT_SESSION_ID 44 /* string */
170 #define PW_ACCT_AUTHENTIC 45 /* integer */
171 #define PW_ACCT_SESSION_TIME 46 /* integer */
172 #define PW_ACCT_INPUT_PACKETS 47 /* integer */
173 #define PW_ACCT_OUTPUT_PACKETS 48 /* integer */
174 #define PW_ACCT_TERMINATE_CAUSE 49 /* integer */
175 #define PW_ACCT_MULTI_SESSION_ID 50 /* string */
176 #define PW_ACCT_LINK_COUNT 51 /* integer */
178 /* Merit Experimental Extensions */
180 #define PW_USER_ID 222 /* string */
181 #define PW_USER_REALM 223 /* string */
183 /* Integer Translations */
189 #define PW_CALLBACK_LOGIN 3
190 #define PW_CALLBACK_FRAMED 4
191 #define PW_OUTBOUND 5
192 #define PW_ADMINISTRATIVE 6
193 #define PW_NAS_PROMPT 7
194 #define PW_AUTHENTICATE_ONLY 8
195 #define PW_CALLBACK_NAS_PROMPT 9
197 /* FRAMED PROTOCOLS */
203 #define PW_XYLOGICS 5
205 /* FRAMED ROUTING VALUES */
208 #define PW_BROADCAST 1
210 #define PW_BROADCAST_LISTEN 3
212 /* FRAMED COMPRESSION TYPES */
214 #define PW_VAN_JACOBSON_TCP_IP 1
215 #define PW_IPX_HEADER_COMPRESSION 2
221 #define PW_TCP_CLEAR 2
222 #define PW_PORTMASTER 3
225 #define PW_X25_T3POS 6
227 /* TERMINATION ACTIONS */
230 #define PW_RADIUS_REQUEST 1
232 /* PROHIBIT PROTOCOL */
234 #define PW_DUMB 0 /* 1 and 2 are defined in FRAMED PROTOCOLS */
235 #define PW_AUTH_ONLY 3
238 /* ACCOUNTING STATUS TYPES */
240 #define PW_STATUS_START 1
241 #define PW_STATUS_STOP 2
242 #define PW_STATUS_ALIVE 3
243 #define PW_STATUS_MODEM_START 4
244 #define PW_STATUS_MODEM_STOP 5
245 #define PW_STATUS_CANCEL 6
246 #define PW_ACCOUNTING_ON 7
247 #define PW_ACCOUNTING_OFF 8
249 /* ACCOUNTING TERMINATION CAUSES */
251 #define PW_USER_REQUEST 1
252 #define PW_LOST_CARRIER 2
253 #define PW_LOST_SERVICE 3
254 #define PW_ACCT_IDLE_TIMEOUT 4
255 #define PW_ACCT_SESSION_TIMEOUT 5
256 #define PW_ADMIN_RESET 6
257 #define PW_ADMIN_REBOOT 7
258 #define PW_PORT_ERROR 8
259 #define PW_NAS_ERROR 9
260 #define PW_NAS_REQUEST 10
261 #define PW_NAS_REBOOT 11
262 #define PW_PORT_UNNEEDED 12
263 #define PW_PORT_PREEMPTED 13
264 #define PW_PORT_SUSPENDED 14
265 #define PW_SERVICE_UNAVAILABLE 15
266 #define PW_CALLBACK 16
267 #define PW_USER_ERROR 17
268 #define PW_HOST_REQUEST 18
274 #define PW_ISDN_SYNC 2
275 #define PW_ISDN_SYNC_V120 3
276 #define PW_ISDN_SYNC_V110 4
279 /* AUTHENTIC TYPES */
285 #define VENDOR_NONE (-1)
286 #define VENDOR_MICROSOFT 311
288 /* Server data structures */
290 typedef struct dict_attr
292 char name[NAME_LENGTH + 1]; /* attribute name */
293 int value; /* attribute index */
294 int type; /* string, int, etc. */
295 int vendorcode; /* vendor code */
296 struct dict_attr *next;
299 typedef struct dict_value
301 char attrname[NAME_LENGTH +1];
302 char name[NAME_LENGTH + 1];
304 struct dict_value *next;
307 typedef struct vendor_dict
309 char vendorname[NAME_LENGTH + 1];
311 DICT_ATTR *attributes;
312 struct vendor_dict *next;
315 typedef struct value_pair
317 char name[NAME_LENGTH + 1];
322 char strvalue[AUTH_STRING_LEN + 1];
323 struct value_pair *next;
326 /* don't change this, as it has to be the same as in the Merit radiusd code */
327 #define MGMT_POLL_SECRET "Hardlyasecret"
329 /* Define return codes from "SendServer" utility */
331 #define BADRESP_RC -2
336 typedef struct send_data /* Used to pass information to sendserver() function */
338 u_char code; /* RADIUS packet code */
339 u_char seq_nbr; /* Packet sequence number */
340 char *server; /* Name/addrress of RADIUS server */
341 int svc_port; /* RADIUS protocol destination port */
342 int timeout; /* Session timeout in seconds */
344 VALUE_PAIR *send_pairs; /* More a/v pairs to send */
345 VALUE_PAIR *receive_pairs; /* Where to place received a/v pairs */
349 #define MIN(a, b) ((a) < (b) ? (a) : (b))
352 #define MAX(a, b) ((a) > (b) ? (a) : (b))
356 #define PATH_MAX 1024
369 /* Function prototypes */
373 VALUE_PAIR *rc_avpair_add __P((VALUE_PAIR **, int, void *, int, int));
374 int rc_avpair_assign __P((VALUE_PAIR *, void *, int));
375 VALUE_PAIR *rc_avpair_new __P((int, void *, int, int));
376 VALUE_PAIR *rc_avpair_gen __P((AUTH_HDR *));
377 VALUE_PAIR *rc_avpair_get __P((VALUE_PAIR *, UINT4));
378 void rc_avpair_insert __P((VALUE_PAIR **, VALUE_PAIR *, VALUE_PAIR *));
379 void rc_avpair_free __P((VALUE_PAIR *));
380 int rc_avpair_parse __P((char *, VALUE_PAIR **));
381 int rc_avpair_tostr __P((VALUE_PAIR *, char *, int, char *, int));
382 VALUE_PAIR *rc_avpair_readin __P((FILE *));
386 void rc_buildreq __P((SEND_DATA *, int, char *, unsigned short, int, int));
387 unsigned char rc_get_seqnbr __P((void));
388 int rc_auth __P((UINT4, VALUE_PAIR *, VALUE_PAIR **, char *));
389 int rc_auth_using_server __P((SERVER *, UINT4, VALUE_PAIR *, VALUE_PAIR **, char *));
390 int rc_auth_proxy __P((VALUE_PAIR *, VALUE_PAIR **, char *));
391 int rc_acct __P((UINT4, VALUE_PAIR *));
392 int rc_acct_using_server __P((SERVER *, UINT4, VALUE_PAIR *));
393 int rc_acct_proxy __P((VALUE_PAIR *));
394 int rc_check __P((char *, unsigned short, char *));
398 int rc_read_mapfile __P((char *));
399 UINT4 rc_map2id __P((char *));
403 int rc_read_config __P((char *));
404 char *rc_conf_str __P((char *));
405 int rc_conf_int __P((char *));
406 SERVER *rc_conf_srv __P((char *));
407 int rc_find_server __P((char *, UINT4 *, char *));
411 int rc_read_dictionary __P((char *));
412 DICT_ATTR *rc_dict_getattr __P((int, int));
413 DICT_ATTR *rc_dict_findattr __P((char *));
414 DICT_VALUE *rc_dict_findval __P((char *));
415 DICT_VALUE * rc_dict_getval __P((UINT4, char *));
416 VENDOR_DICT * rc_dict_findvendor __P((char *));
417 VENDOR_DICT * rc_dict_getvendor __P((int));
421 UINT4 rc_get_ipaddr __P((char *));
422 int rc_good_ipaddr __P((char *));
423 const char *rc_ip_hostname __P((UINT4));
424 unsigned short rc_getport __P((int));
425 int rc_own_hostname __P((char *, int));
426 UINT4 rc_own_ipaddress __P((void));
431 void rc_openlog __P((char *));
432 void rc_log __P((int, const char *, ...));
436 int rc_send_server __P((SEND_DATA *, char *));
440 void rc_str2tm __P((char *, struct tm *));
441 char *rc_mksid __P((void));
442 char *rc_getifname __P((char *));
443 char *rc_getstr __P((char *, int));
444 void rc_mdelay __P((int));
445 char *rc_mksid __P((void));
449 struct env *rc_new_env __P((int));
450 void rc_free_env __P((struct env *));
451 int rc_add_env __P((struct env *, char *, char *));
452 int rc_import_env __P((struct env *, char **));
456 void rc_md5_calc __P((unsigned char *, unsigned char *, unsigned int));
460 #endif /* RADIUSCLIENT_H */