|
||||
File indexing completed on 2024-05-18 08:30:06
0001 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ 0002 /* 0003 * Copyright 2013 Red Hat, Inc. All rights reserved. 0004 * 0005 * Redistribution and use in source and binary forms, with or without 0006 * modification, are permitted provided that the following conditions are met: 0007 * 0008 * 1. Redistributions of source code must retain the above copyright 0009 * notice, this list of conditions and the following disclaimer. 0010 * 0011 * 2. Redistributions in binary form must reproduce the above copyright 0012 * notice, this list of conditions and the following disclaimer in 0013 * the documentation and/or other materials provided with the 0014 * distribution. 0015 * 0016 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS 0017 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 0018 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 0019 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER 0020 * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 0021 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 0022 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 0023 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 0024 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 0025 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 0026 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 0027 */ 0028 0029 /* 0030 * This API is not considered as stable as the main krb5 API. 0031 * 0032 * - We may make arbitrary incompatible changes between feature releases 0033 * (e.g. from 1.12 to 1.13). 0034 * - We will make some effort to avoid making incompatible changes for 0035 * bugfix releases, but will make them if necessary. 0036 */ 0037 0038 #ifndef KRAD_H_ 0039 #define KRAD_H_ 0040 0041 #include <krb5.h> 0042 #include <verto.h> 0043 #include <stddef.h> 0044 #include <stdio.h> 0045 0046 #define KRAD_PACKET_SIZE_MAX 4096 0047 0048 #define KRAD_SERVICE_TYPE_LOGIN 1 0049 #define KRAD_SERVICE_TYPE_FRAMED 2 0050 #define KRAD_SERVICE_TYPE_CALLBACK_LOGIN 3 0051 #define KRAD_SERVICE_TYPE_CALLBACK_FRAMED 4 0052 #define KRAD_SERVICE_TYPE_OUTBOUND 5 0053 #define KRAD_SERVICE_TYPE_ADMINISTRATIVE 6 0054 #define KRAD_SERVICE_TYPE_NAS_PROMPT 7 0055 #define KRAD_SERVICE_TYPE_AUTHENTICATE_ONLY 8 0056 #define KRAD_SERVICE_TYPE_CALLBACK_NAS_PROMPT 9 0057 #define KRAD_SERVICE_TYPE_CALL_CHECK 10 0058 #define KRAD_SERVICE_TYPE_CALLBACK_ADMINISTRATIVE 11 0059 0060 typedef struct krad_attrset_st krad_attrset; 0061 typedef struct krad_packet_st krad_packet; 0062 typedef struct krad_client_st krad_client; 0063 typedef unsigned char krad_code; 0064 typedef unsigned char krad_attr; 0065 0066 /* Called when a response is received or the request times out. */ 0067 typedef void 0068 (*krad_cb)(krb5_error_code retval, const krad_packet *request, 0069 const krad_packet *response, void *data); 0070 0071 /* 0072 * Called to iterate over a set of requests. Either the callback will be 0073 * called until it returns NULL, or it will be called with cancel = TRUE to 0074 * terminate in the middle of an iteration. 0075 */ 0076 typedef const krad_packet * 0077 (*krad_packet_iter_cb)(void *data, krb5_boolean cancel); 0078 0079 /* 0080 * Code 0081 */ 0082 0083 /* Convert a code name to its number. Only works for codes defined 0084 * by RFC 2875 or 2882. Returns 0 if the name was not found. */ 0085 krad_code 0086 krad_code_name2num(const char *name); 0087 0088 /* Convert a code number to its name. Only works for attributes defined 0089 * by RFC 2865 or 2882. Returns NULL if the name was not found. */ 0090 const char * 0091 krad_code_num2name(krad_code code); 0092 0093 /* 0094 * Attribute 0095 */ 0096 0097 /* Convert an attribute name to its number. Only works for attributes defined 0098 * by RFC 2865. Returns 0 if the name was not found. */ 0099 krad_attr 0100 krad_attr_name2num(const char *name); 0101 0102 /* Convert an attribute number to its name. Only works for attributes defined 0103 * by RFC 2865. Returns NULL if the name was not found. */ 0104 const char * 0105 krad_attr_num2name(krad_attr type); 0106 0107 /* 0108 * Attribute set 0109 */ 0110 0111 /* Create a new attribute set. */ 0112 krb5_error_code 0113 krad_attrset_new(krb5_context ctx, krad_attrset **set); 0114 0115 /* Create a deep copy of an attribute set. */ 0116 krb5_error_code 0117 krad_attrset_copy(const krad_attrset *set, krad_attrset **copy); 0118 0119 /* Free an attribute set. */ 0120 void 0121 krad_attrset_free(krad_attrset *set); 0122 0123 /* Add an attribute to a set. */ 0124 krb5_error_code 0125 krad_attrset_add(krad_attrset *set, krad_attr type, const krb5_data *data); 0126 0127 /* Add a four-octet unsigned number attribute to the given set. */ 0128 krb5_error_code 0129 krad_attrset_add_number(krad_attrset *set, krad_attr type, krb5_ui_4 num); 0130 0131 /* Delete the specified attribute. */ 0132 void 0133 krad_attrset_del(krad_attrset *set, krad_attr type, size_t indx); 0134 0135 /* Get the specified attribute. */ 0136 const krb5_data * 0137 krad_attrset_get(const krad_attrset *set, krad_attr type, size_t indx); 0138 0139 /* 0140 * Packet 0141 */ 0142 0143 /* Determine the bytes needed from the socket to get the whole packet. Don't 0144 * cache the return value as it can change! Returns -1 on EBADMSG. */ 0145 ssize_t 0146 krad_packet_bytes_needed(const krb5_data *buffer); 0147 0148 /* Free a packet. */ 0149 void 0150 krad_packet_free(krad_packet *pkt); 0151 0152 /* 0153 * Create a new request packet. 0154 * 0155 * This function takes the attributes specified in set and converts them into a 0156 * radius packet. The packet will have a randomized id. If cb is not NULL, it 0157 * will be called passing data as the argument to iterate over a set of 0158 * outstanding requests. In this case, the id will be both random and unique 0159 * across the set of requests. 0160 */ 0161 krb5_error_code 0162 krad_packet_new_request(krb5_context ctx, const char *secret, krad_code code, 0163 const krad_attrset *set, krad_packet_iter_cb cb, 0164 void *data, krad_packet **request); 0165 0166 /* 0167 * Create a new response packet. 0168 * 0169 * This function is similar to krad_packet_new_requst() except that it crafts a 0170 * packet in response to a request packet. This new packet will borrow values 0171 * from the request such as the id and the authenticator. 0172 */ 0173 krb5_error_code 0174 krad_packet_new_response(krb5_context ctx, const char *secret, krad_code code, 0175 const krad_attrset *set, const krad_packet *request, 0176 krad_packet **response); 0177 0178 /* 0179 * Decode a request radius packet from krb5_data. 0180 * 0181 * The resulting decoded packet will be a request packet stored in *reqpkt. 0182 * 0183 * If cb is NULL, *duppkt will always be NULL. 0184 * 0185 * If cb is not NULL, it will be called (with the data argument) to iterate 0186 * over a set of requests currently being processed. In this case, if the 0187 * packet is a duplicate of an already received request, the original request 0188 * will be set in *duppkt. 0189 */ 0190 krb5_error_code 0191 krad_packet_decode_request(krb5_context ctx, const char *secret, 0192 const krb5_data *buffer, krad_packet_iter_cb cb, 0193 void *data, const krad_packet **duppkt, 0194 krad_packet **reqpkt); 0195 0196 /* 0197 * Decode a response radius packet from krb5_data. 0198 * 0199 * The resulting decoded packet will be a response packet stored in *rsppkt. 0200 * 0201 * If cb is NULL, *reqpkt will always be NULL. 0202 * 0203 * If cb is not NULL, it will be called (with the data argument) to iterate 0204 * over a set of requests awaiting responses. In this case, if the response 0205 * packet matches one of these requests, the original request will be set in 0206 * *reqpkt. 0207 */ 0208 krb5_error_code 0209 krad_packet_decode_response(krb5_context ctx, const char *secret, 0210 const krb5_data *buffer, krad_packet_iter_cb cb, 0211 void *data, const krad_packet **reqpkt, 0212 krad_packet **rsppkt); 0213 0214 /* Encode packet. */ 0215 const krb5_data * 0216 krad_packet_encode(const krad_packet *pkt); 0217 0218 /* Get the code for the given packet. */ 0219 krad_code 0220 krad_packet_get_code(const krad_packet *pkt); 0221 0222 /* Get the specified attribute. */ 0223 const krb5_data * 0224 krad_packet_get_attr(const krad_packet *pkt, krad_attr type, size_t indx); 0225 0226 /* 0227 * Client 0228 */ 0229 0230 /* Create a new client. */ 0231 krb5_error_code 0232 krad_client_new(krb5_context kctx, verto_ctx *vctx, krad_client **client); 0233 0234 /* Free the client. */ 0235 void 0236 krad_client_free(krad_client *client); 0237 0238 /* 0239 * Send a request to a radius server. 0240 * 0241 * The remote host may be specified by one of the following formats: 0242 * - /path/to/unix.socket 0243 * - IPv4 0244 * - IPv4:port 0245 * - IPv4:service 0246 * - [IPv6] 0247 * - [IPv6]:port 0248 * - [IPv6]:service 0249 * - hostname 0250 * - hostname:port 0251 * - hostname:service 0252 * 0253 * The timeout parameter (milliseconds) is the total timeout across all remote 0254 * hosts (when DNS returns multiple entries) and all retries. For stream 0255 * sockets, the retries parameter is ignored and no retries are performed. 0256 * 0257 * The cb function will be called with the data argument when either a response 0258 * is received or the request times out on all possible remote hosts. 0259 */ 0260 krb5_error_code 0261 krad_client_send(krad_client *rc, krad_code code, const krad_attrset *attrs, 0262 const char *remote, const char *secret, int timeout, 0263 size_t retries, krad_cb cb, void *data); 0264 0265 #endif /* KRAD_H_ */
[ Source navigation ] | [ Diff markup ] | [ Identifier search ] | [ general search ] |
This page was automatically generated by the 2.3.5 LXR engine. The LXR team |