client.h File Reference

Main header file. More...

#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <netdb.h>
#include <netinet/in.h>
#include <sys/time.h>
#include <networkradius-devel/radius.h>
#include "md5.h"

Include dependency graph for client.h:

Go to the source code of this file.

Data Structures
struct	attr_flags
struct	nr_dict_attr
struct	nr_dict_value
struct	nr_dict_vendor
union	value_pair_data
struct	value_pair
struct	radius_packet
struct	nr_retransmit_config_t
struct	nr_track_id_t

Macros
#define	NR_MD5_CTX   MD5_CTX
#define	nr_MD5Init   MD5_Init
#define	nr_MD5Update   MD5_Update
#define	nr_MD5Final   MD5_Final
#define	nr_MD5Transform   MD5_Transform
#define	NR_MAX_PACKET_LEN   (4096)
#define	NR_MAX_ATTRIBUTES   (200)
#define	NR_MAX_PACKET_CODE   46
#define	NR_MAX_VENDOR   (1 << 24)
#define	MAX_STRING_LEN   (254)
#define	PW_ACCESS_REQUEST   1
#define	PW_ACCESS_ACCEPT   2
#define	PW_ACCESS_REJECT   3
#define	PW_ACCOUNTING_REQUEST   4
#define	PW_ACCOUNTING_RESPONSE   5
#define	PW_ACCOUNTING_STATUS   6
#define	PW_ACCESS_CHALLENGE   11
#define	PW_STATUS_SERVER   12
#define	PW_DISCONNECT_REQUEST   40
#define	PW_DISCONNECT_ACK   41
#define	PW_DISCONNECT_NAK   42
#define	PW_COA_REQUEST   43
#define	PW_COA_ACK   44
#define	PW_COA_NAK   45
#define	TAG_VALID(x)   ((x) < 0x20)
#define	FLAG_ENCRYPT_NONE   (0)
#define	FLAG_ENCRYPT_USER_PASSWORD   (1)
#define	FLAG_ENCRYPT_TUNNEL_PASSWORD   (2)
#define	vp_strvalue   data.strvalue
#define	vp_octets   data.octets
#define	vp_ipv6addr   data.ipv6addr
#define	vp_ifid   data.ifid
#define	vp_ipv6prefix   data.ipv6prefix
#define	vp_ipaddr   data.ipaddr.s_addr
#define	vp_date   data.integer
#define	vp_integer   data.integer
#define	vp_integer64   data.integer64
#define	NR_PACKET_ENCODED   (1 << 0)
#define	NR_PACKET_HEADER   (1 << 1)
#define	NR_PACKET_SIGNED   (1 << 2)
#define	NR_PACKET_OK   (1 << 3)
#define	NR_PACKET_VERIFIED   (1 << 4)
#define	NR_PACKET_DECODED   (1 << 5)
#define	nr_debug_error   nr_strerror_printf /** @ingroup error */
#define	return_NR_ERR(_x)   return -(NR_ERR_ ## _x)
#define	PRINTF_LIKE(n)
#define	NEVER_RETURNS
#define	UNUSED
#define	BLANK_FORMAT   ""

Typedefs
typedef enum nr_attr_type_t	nr_attr_type_t
typedef enum nr_error_t	nr_error_t
typedef struct attr_flags	ATTR_FLAGS
typedef struct nr_dict_attr	DICT_ATTR
typedef struct nr_dict_value	DICT_VALUE
typedef struct nr_dict_vendor	DICT_VENDOR
typedef union value_pair_data	VALUE_PAIR_DATA
typedef struct value_pair	VALUE_PAIR
typedef enum nr_transmit_state_t	nr_transmit_state_t
typedef struct radius_packet	RADIUS_PACKET
typedef struct nr_retransmit_config_t	nr_retransmit_config_t
typedef struct nr_track_id_t	nr_track_id_t
typedef int(*	nr_packet_walk_func_t) (void *, const DICT_ATTR *, const uint8_t *, size_t)

Enumerations
enum	nr_attr_type_t {   NR_TYPE_INVALID = 0, NR_TYPE_STRING, NR_TYPE_INTEGER, NR_TYPE_IPADDR,   NR_TYPE_DATE, NR_TYPE_OCTETS, NR_TYPE_IFID, NR_TYPE_IPV6ADDR,   NR_TYPE_IPV6PREFIX, NR_TYPE_BYTE, NR_TYPE_SHORT, NR_TYPE_INTEGER64 }
enum	nr_error_t {   NR_ERR_INVALID_ARG = 1, NR_ERR_PACKET_TOO_SMALL, NR_ERR_PACKET_TOO_LARGE, NR_ERR_PACKET_CODE_UNKNOWN,   NR_ERR_ATTR_OVERFLOW, NR_ERR_ATTR_TOO_SMALL, NR_ERR_ATTR_TOO_LARGE, NR_ERR_ATTR_UNKNOWN,   NR_ERR_ATTR_BAD_NAME, NR_ERR_ATTR_VALUE_MALFORMED, NR_ERR_ATTR_INVALID, NR_ERR_TOO_MANY_ATTRS,   NR_ERR_ATTR_TYPE_UNKNOWN, NR_ERR_MSG_AUTH_LEN, NR_ERR_MSG_AUTH_WRONG, NR_ERR_REQUEST_REQUIRED,   NR_ERR_REQUEST_CODE_INVALID, NR_ERR_AUTH_VECTOR_WRONG, NR_ERR_RESPONSE_CODE_INVALID, NR_ERR_RESPONSE_ID_INVALID,   NR_ERR_RESPONSE_SRC_INVALID, NR_ERR_SYSTEM, NR_ERR_NO_PACKET_DATA, NR_ERR_VENDOR_UNKNOWN,   NR_ERR_INTERNAL_FAILURE, NR_ERR_UNSUPPORTED, NR_ERR_NO_FREE_ID, NR_ERR_NO_MEM,   NR_ERR_IN_USE, NR_ERR_PACKET_UNSIGNED }
enum	nr_transmit_state_t {   NR_TRANSMIT_NONE = 0, NR_TRANSMIT_INITIAL, NR_TRANSMIT_TIMEOUT, NR_TRANSMIT_HAVE_RESPONSE,   NR_TRANSMIT_SEND, NR_TRANSMIT_CONTINUE, NR_TRANSMIT_RESPONSE_OK, NR_TRANSMIT_NO_RESPONSE }

Functions
const char *	nr_strerror (int error)
VALUE_PAIR *	nr_vp_alloc (const DICT_ATTR *da)
void	nr_vp_free (VALUE_PAIR **head)
VALUE_PAIR *	nr_vp_init (VALUE_PAIR *vp, const DICT_ATTR *da)
VALUE_PAIR *	nr_vp_alloc_raw (unsigned int attr, unsigned int vendor)
int	nr_vp_set_data (VALUE_PAIR *vp, const void *data, size_t data_len)
int	nr_vp_set_raw_data (VALUE_PAIR *vp, const void *data, size_t data_len)
VALUE_PAIR *	nr_vp_create (int attr, int vendor, const void *data, size_t data_len)
void	nr_vps_append (VALUE_PAIR **head, VALUE_PAIR *vp)
VALUE_PAIR *	nr_vps_find (VALUE_PAIR *head, unsigned int attr, unsigned int vendor)
const DICT_ATTR *	nr_dict_attr_byvalue (unsigned int attr, unsigned int vendor)
const DICT_ATTR *	nr_dict_attr_byname (const char *name)
int	nr_dict_attr_2struct (DICT_ATTR *da, unsigned int attr, unsigned int vendor, char *buffer, size_t bufsize)
const DICT_VALUE *	nr_dict_value_byattr (unsigned int attr, unsigned int vendor, int value)
const DICT_VALUE *	nr_dict_value_byname (unsigned int attr, unsigned int vendor, const char *name)
int	nr_dict_vendor_byname (const char *name)
const DICT_VENDOR *	nr_dict_vendor_byvalue (unsigned int vendor)
ssize_t	nr_socket_recv (RADIUS_PACKET *packet)
int	nr_socket_send (RADIUS_PACKET *packet)
ssize_t	nr_socket_recv_response (RADIUS_PACKET *response, const RADIUS_PACKET *request)
int	nr_socket_send_response (RADIUS_PACKET *packet, const RADIUS_PACKET *original)
int	nr_packet_ok (RADIUS_PACKET *packet)
int	nr_packet_ok_raw (const uint8_t *data, size_t sizeof_data)
ssize_t	nr_packet_encode (RADIUS_PACKET *packet, const RADIUS_PACKET *original)
int	nr_packet_decode (RADIUS_PACKET *packet, const RADIUS_PACKET *original)
int	nr_packet_sign (RADIUS_PACKET *packet, const RADIUS_PACKET *original)
int	nr_packet_verify (RADIUS_PACKET *packet, const RADIUS_PACKET *original)
void	nr_packet_print_hex (RADIUS_PACKET *packet)
int	nr_packet_can_encode (RADIUS_PACKET *packet, const RADIUS_PACKET *original)
int	nr_transmit_init (nr_track_id_t *s, RADIUS_PACKET *request)
int	nr_transmit (nr_track_id_t *s, struct timeval *when, RADIUS_PACKET *request, RADIUS_PACKET *response)
struct sockaddr_storage *	nr_ipv42sockaddr (uint32_t ipaddr, int port, struct sockaddr_storage *s)
int	sockaddr_cmp (const struct sockaddr_storage *a, const struct sockaddr_storage *b)
int	nr_socket_open (struct sockaddr_storage *s)
int	nr_track_id_socket (nr_track_id_t *s, struct sockaddr_storage *src, struct sockaddr_storage *dst)
ssize_t	nr_rand_bytes (uint8_t *data, size_t data_len)
uint32_t	nr_rand (void)
void	nr_timeval_add (struct timeval *t, unsigned int seconds, unsigned int usec)
int	nr_timeval_cmp (const struct timeval *a, const struct timeval *b)
int	nr_track_id_init (nr_track_id_t *s, int code, const char *secret)
int	nr_track_id_close (const nr_track_id_t *s)
int	nr_track_id_alloc (nr_track_id_t *s, RADIUS_PACKET *packet)
int	nr_track_id_realloc (nr_track_id_t *s, RADIUS_PACKET *packet)
int	nr_track_id_release (nr_track_id_t *s, RADIUS_PACKET *packet)
int	nr_track_id_packet_alloc (nr_track_id_t *s, RADIUS_PACKET **packet_p, RADIUS_PACKET *original, size_t sizeof_data)
void	nr_track_id_packet_free (nr_track_id_t *s, RADIUS_PACKET *packet)
void	nr_strerror_printf (const char *fmt,...)
ssize_t	nr_password_encrypt (uint8_t *output, size_t outlen, const uint8_t *input, size_t inlen, const char *secret, const uint8_t *vector)
ssize_t	nr_tunnelpw_encrypt (uint8_t *output, size_t outlen, const uint8_t *input, size_t inlen, const char *secret, const uint8_t *vector)
ssize_t	nr_tunnelpw_decrypt (uint8_t *output, size_t outlen, const uint8_t *input, size_t inlen, const char *secret, const uint8_t *vector)
void	nr_hmac_md5 (const uint8_t *data, size_t data_len, const uint8_t *key, size_t key_len, uint8_t digest[16])
int	nr_tlv_ok (const uint8_t *data, size_t length, size_t dv_type, size_t dv_length)
int	nr_packet_walk (RADIUS_PACKET *packet, void *ctx, nr_packet_walk_func_t callback)
int	nr_packet_init (RADIUS_PACKET *packet, const RADIUS_PACKET *original, const char *secret, int code, void *data, size_t sizeof_data)
ssize_t	nr_packet_attr_append (RADIUS_PACKET *packet, const RADIUS_PACKET *original, const DICT_ATTR *da, const void *data, size_t data_len)
ssize_t	nr_packet_vps_append (RADIUS_PACKET *packet, const RADIUS_PACKET *original, const VALUE_PAIR *vps)
int	nr_packet_response_ok (RADIUS_PACKET const *packet, RADIUS_PACKET const *response)
ssize_t	nr_vp2attr (const RADIUS_PACKET *packet, const RADIUS_PACKET *original, const VALUE_PAIR **pvp, uint8_t *data, size_t room)
ssize_t	nr_vp2rfc (const RADIUS_PACKET *packet, const RADIUS_PACKET *original, const VALUE_PAIR **pvp, uint8_t *data, size_t room)
ssize_t	nr_attr2vp (const RADIUS_PACKET *packet, const RADIUS_PACKET *original, const uint8_t *data, size_t length, VALUE_PAIR **pvp)
ssize_t	nr_attr2vp_rfc (const RADIUS_PACKET *packet, const RADIUS_PACKET *original, const uint8_t *data, size_t length, VALUE_PAIR **pvp)
ssize_t	nr_attr2vp_vsa (const RADIUS_PACKET *packet, const RADIUS_PACKET *original, const uint8_t *data, size_t length, VALUE_PAIR **pvp)
ssize_t	nr_attr2vp_raw (const RADIUS_PACKET *packet, const RADIUS_PACKET *original, const uint8_t *data, size_t length, VALUE_PAIR **pvp)
ssize_t	nr_vp2vsa (const RADIUS_PACKET *packet, const RADIUS_PACKET *original, const VALUE_PAIR **pvp, uint8_t *data, size_t room)
ssize_t	nr_attr2data (const RADIUS_PACKET *packet, ssize_t start, unsigned int attr, unsigned int vendor, const uint8_t **pdata, size_t *plength)
size_t	nr_vp_snprintf (char *buffer, size_t bufsize, const VALUE_PAIR *vp)
size_t	nr_vp_snprintf_value (char *buffer, size_t bufsize, const VALUE_PAIR *vp)
void	nr_vp_fprintf_list (FILE *fp, const VALUE_PAIR *vps)
int	nr_vp_sscanf (const char *string, VALUE_PAIR **pvp)
ssize_t	nr_vp_sscanf_value (VALUE_PAIR *vp, const char *value)

Variables
const DICT_VENDOR	nr_dict_vendors []
const int	nr_dict_num_attrs
const DICT_ATTR	nr_dict_attrs []
const int	nr_dict_num_names
DICT_ATTR const *	nr_dict_attr_names []
const char *	nr_packet_codes [NR_MAX_PACKET_CODE+1]

Detailed Description

Main header file.

Macro Definition Documentation

#define FLAG_ENCRYPT_NONE   (0)

The attribute is not encrypted.

#define FLAG_ENCRYPT_TUNNEL_PASSWORD   (2)

The attribute is encrypted using the RFC 2868 Tunnel-Password method

#define FLAG_ENCRYPT_USER_PASSWORD   (1)

The attribute is encrypted using the RFC 2865 User-Password method

#define MAX_STRING_LEN   (254)

The maximum length of a RADIUS attribute.

The RFCs require that a RADIUS attribute transport no more than 253 octets of data. We add an extra byte for a trailing NUL, so that the VALUE_PAIR::vp_strvalue field can be handled as a C string.

#define nr_debug_error   nr_strerror_printf /** @ingroup error */

Referenced by nr_attr2data(), nr_attr2vp_vsa(), nr_packet_decode(), nr_packet_sign(), nr_socket_recv(), nr_socket_send(), nr_tlv_ok(), nr_vp2attr(), nr_vp2rfc(), nr_vp2vsa(), nr_vp_sscanf(), and nr_vp_sscanf_value().

#define NR_PACKET_DECODED   (1 << 5)

Referenced by nr_packet_decode().

#define NR_PACKET_ENCODED   (1 << 0)

Referenced by nr_packet_attr_append(), nr_packet_encode(), nr_packet_sign(), and nr_packet_vps_append().

#define NR_PACKET_HEADER   (1 << 1)

#define NR_PACKET_OK   (1 << 3)

Referenced by nr_packet_ok().

#define NR_PACKET_SIGNED   (1 << 2)

Referenced by nr_packet_print_hex(), nr_packet_sign(), and nr_socket_send().

#define NR_PACKET_VERIFIED   (1 << 4)

Referenced by nr_packet_print_hex(), and nr_packet_verify().

#define PW_ACCESS_ACCEPT   2

Referenced by main(), nr_packet_response_ok(), nr_packet_sign(), and nr_track_id_packet_alloc().

#define PW_ACCESS_CHALLENGE   11

Referenced by nr_packet_response_ok(), and nr_packet_sign().

#define PW_ACCESS_REJECT   3

Referenced by nr_packet_response_ok(), and nr_packet_sign().

#define PW_ACCESS_REQUEST   1

Referenced by main(), nr_packet_response_ok(), nr_packet_sign(), and nr_track_id_packet_alloc().

#define PW_ACCOUNTING_REQUEST   4

Referenced by nr_packet_response_ok(), nr_track_id_init(), and nr_track_id_packet_alloc().

#define PW_ACCOUNTING_RESPONSE   5

Referenced by nr_packet_response_ok(), and nr_track_id_packet_alloc().

#define PW_ACCOUNTING_STATUS   6

#define PW_COA_ACK   44

Referenced by nr_packet_response_ok(), and nr_track_id_packet_alloc().

#define PW_COA_NAK   45

Referenced by nr_packet_response_ok().

#define PW_COA_REQUEST   43

Referenced by nr_packet_response_ok(), and nr_track_id_packet_alloc().

#define PW_DISCONNECT_ACK   41

Referenced by nr_packet_response_ok(), and nr_track_id_packet_alloc().

#define PW_DISCONNECT_NAK   42

Referenced by nr_packet_response_ok().

#define PW_DISCONNECT_REQUEST   40

Referenced by nr_packet_response_ok(), and nr_track_id_packet_alloc().

#define PW_STATUS_SERVER   12

Referenced by nr_packet_response_ok(), and nr_packet_sign().

#define TAG_VALID

(

x

)

((x) < 0x20)

#define vp_date   data.integer

#define vp_ifid   data.ifid

#define vp_integer   data.integer

#define vp_integer64   data.integer64

#define vp_ipaddr   data.ipaddr.s_addr

#define vp_ipv6addr   data.ipv6addr

#define vp_ipv6prefix   data.ipv6prefix

#define vp_octets   data.octets

#define vp_strvalue   data.strvalue

Typedef Documentation

typedef struct attr_flags ATTR_FLAGS

A set of flags which determine how the attribute should be handled.

Most attributes are "normal", and do not require special handling. However, some require "encryption", tagging, or have other special formats. This structure contains the various options for the attribute formats.

Function Documentation

ssize_t nr_packet_attr_append	(	RADIUS_PACKET *	packet,
		const RADIUS_PACKET *	original,
		const DICT_ATTR *	da,
		const void *	data,
		size_t	data_len
	)

Add one attribute to the packet.

This function can be used to add "raw" data to a packet. It allows the caller to extend the RADIUS packet without using a VALUE_PAIR data structure.

Some attributes are handled specially by this function.

EAP-Message. This attribute is automatically split into 253-octet chunks.

User-Password, CHAP-Password, and Message-Authenticator. These attributes are automatically encrypted, as is done by nr_packet_encode().

Parameters

[in]	packet	The packet to edit
[in]	original	The original request (if any)
[in]	da	Pointer to the attribute definition
[in]	data	Data to append to the packet
[in]	data_len	Length of data to append to the packet

Returns

<0 for error, >= 0 for "successfully appended data" The function returns the number of octets appended to the packet.

References nr_dict_attr::attr, radius_packet::data, nr_dict_attr::flags, radius_packet::flags, attr_flags::length, radius_packet::length, NR_PACKET_ENCODED, NR_TYPE_STRING, nr_vp2attr(), nr_vp_init(), nr_vp_set_data(), PW_EAP_MESSAGE, return_NR_ERR, radius_packet::sizeof_data, nr_dict_attr::type, and nr_dict_attr::vendor.

Referenced by main().

Here is the call graph for this function:

int nr_packet_init	(	RADIUS_PACKET *	packet,
		const RADIUS_PACKET *	original,
		const char *	secret,
		int	code,
		void *	data,
		size_t	sizeof_data
	)

Initialize a packet

If original is specified, the packet is initialized as a response to the original request.

Parameters

[in,out]	packet	The packet to initialize
[in]	original	The original request (if any) to use as a template
[in]	secret	Shared secret
[in]	code	RADIUS Code field.
[in]	data	Buffer where packets will be stored (RADIUS_PACKET::data)
[in]	sizeof_data	Size of buffer (RADIUS_PACKET::sizeof_data)

Returns

<0 on error, 0 for success.

References radius_packet::code, radius_packet::data, radius_packet::id, radius_packet::length, NR_MAX_PACKET_CODE, nr_packet_can_encode(), return_NR_ERR, radius_packet::secret, radius_packet::sizeof_data, and radius_packet::sizeof_secret.

Referenced by main(), and nr_track_id_packet_alloc().

Here is the call graph for this function:

ssize_t nr_packet_vps_append	(	RADIUS_PACKET *	packet,
		const RADIUS_PACKET *	original,
		const VALUE_PAIR *	vps
	)

Add many VALUE_PAIR structures to a packet

Some attributes are handled specially by this function.

User-Password, CHAP-Password, and Message-Authenticator. These attributes are automatically encrypted, as is done by nr_packet_encode().

Parameters

[in]	packet	The packet to edit
[in]	original	The original request (if any)
[in]	vps	The VALUE_PAIR list to append to the packet

Returns

<0 for error, >= 0 for "successfully appended data" The function returns the number of octets appended to the packet.

References radius_packet::data, radius_packet::flags, radius_packet::length, NR_PACKET_ENCODED, nr_vp2attr(), return_NR_ERR, and radius_packet::sizeof_data.

Referenced by nr_packet_encode().

Here is the call graph for this function:

void nr_track_id_packet_free	(	nr_track_id_t *	s,
		RADIUS_PACKET *	packet
	)

Frees a RADIUS_PACKET structure, and its contents

This function is the counterpart to nr_track_id_packet_alloc() If the pointer passed here was not allocated by nr_track_id_packet_alloc(), this function does nothing, and likely leaks memory.

The RADIUS_PACKET::vp field is also freed.

Parameters

[in]	s	The server structure
[in]	packet	The packet which is to be freed.

References radius_packet::data, nr_track_id_release(), nr_vp_free(), and radius_packet::vps.

Referenced by main().

Here is the call graph for this function:

ssize_t nr_vp2vsa	(	const RADIUS_PACKET *	packet,
		const RADIUS_PACKET *	original,
		const VALUE_PAIR **	pvp,
		uint8_t *	data,
		size_t	room
	)

Encodes a Vendor-Specific VALUE_PAIR into an attribute.

Attention

This function should not be called.

Parameters

[in]	packet	Where to place the encoded attribute.
[in]	original	The original request (optional), if "packet" is a response
[in,out]	pvp	The VALUE_PAIR to encode. On any return >=0, it is updated to point to the "next" VALUE_PAIR which should be encoded.
[in]	data	Where the attribute is to be encoded.
[in]	room	How many octets are available for attribute encoding.

Returns

<0 for error, or the number of octets used to encode the attribute.

References nr_dict_attr::attr, value_pair::da, value_pair::next, nr_debug_error, NR_MAX_VENDOR, PW_VENDOR_SPECIFIC, return_NR_ERR, and nr_dict_attr::vendor.

Referenced by nr_vp2attr().