summaryrefslogtreecommitdiff
path: root/include/radsec
diff options
context:
space:
mode:
authorSam Hartman <hartmans@debian.org>2014-08-24 13:23:12 -0400
committerSam Hartman <hartmans@debian.org>2014-08-24 13:23:12 -0400
commit25541859118c92a6497b52bba46c6bc4e582fcb2 (patch)
tree6eb7faaa084ef9251b7c9805fc391b46e1aa8bf1 /include/radsec
Import libradsec_0.0.5.orig.tar.gz
[dgit import orig libradsec_0.0.5.orig.tar.gz]
Diffstat (limited to 'include/radsec')
-rw-r--r--include/radsec/radius.h349
-rw-r--r--include/radsec/radsec-impl.h156
-rw-r--r--include/radsec/radsec.h607
-rw-r--r--include/radsec/request-impl.h24
-rw-r--r--include/radsec/request.h50
5 files changed, 1186 insertions, 0 deletions
diff --git a/include/radsec/radius.h b/include/radsec/radius.h
new file mode 100644
index 0000000..6798598
--- /dev/null
+++ b/include/radsec/radius.h
@@ -0,0 +1,349 @@
+/* Automatically generated file. Do not edit */
+
+#define VENDORPEC_JUNIPER 2636
+#define VENDORPEC_MICROSOFT 311
+#define VENDORPEC_UKERNA 25622
+
+
+/* IETF */
+#define PW_USER_NAME 1
+#define PW_USER_PASSWORD 2
+#define PW_CHAP_PASSWORD 3
+#define PW_NAS_IP_ADDRESS 4
+#define PW_NAS_PORT 5
+#define PW_SERVICE_TYPE 6
+#define PW_FRAMED_PROTOCOL 7
+#define PW_FRAMED_IP_ADDRESS 8
+#define PW_FRAMED_IP_NETMASK 9
+#define PW_FRAMED_ROUTING 10
+#define PW_FILTER_ID 11
+#define PW_FRAMED_MTU 12
+#define PW_FRAMED_COMPRESSION 13
+#define PW_LOGIN_IP_HOST 14
+#define PW_LOGIN_SERVICE 15
+#define PW_LOGIN_TCP_PORT 16
+#define PW_REPLY_MESSAGE 18
+#define PW_CALLBACK_NUMBER 19
+#define PW_CALLBACK_ID 20
+#define PW_FRAMED_ROUTE 22
+#define PW_FRAMED_IPX_NETWORK 23
+#define PW_STATE 24
+#define PW_CLASS 25
+#define PW_VENDOR_SPECIFIC 26
+#define PW_SESSION_TIMEOUT 27
+#define PW_IDLE_TIMEOUT 28
+#define PW_TERMINATION_ACTION 29
+#define PW_CALLED_STATION_ID 30
+#define PW_CALLING_STATION_ID 31
+#define PW_NAS_IDENTIFIER 32
+#define PW_PROXY_STATE 33
+#define PW_LOGIN_LAT_SERVICE 34
+#define PW_LOGIN_LAT_NODE 35
+#define PW_LOGIN_LAT_GROUP 36
+#define PW_FRAMED_APPLETALK_LINK 37
+#define PW_FRAMED_APPLETALK_NETWORK 38
+#define PW_FRAMED_APPLETALK_ZONE 39
+#define PW_ACCT_STATUS_TYPE 40
+#define PW_ACCT_DELAY_TIME 41
+#define PW_ACCT_INPUT_OCTETS 42
+#define PW_ACCT_OUTPUT_OCTETS 43
+#define PW_ACCT_SESSION_ID 44
+#define PW_ACCT_AUTHENTIC 45
+#define PW_ACCT_SESSION_TIME 46
+#define PW_ACCT_INPUT_PACKETS 47
+#define PW_ACCT_OUTPUT_PACKETS 48
+#define PW_ACCT_TERMINATE_CAUSE 49
+#define PW_ACCT_MULTI_SESSION_ID 50
+#define PW_ACCT_LINK_COUNT 51
+#define PW_ACCT_INPUT_GIGAWORDS 52
+#define PW_ACCT_OUTPUT_GIGAWORDS 53
+#define PW_EVENT_TIMESTAMP 55
+#define PW_EGRESS_VLANID 56
+#define PW_INGRESS_FILTERS 57
+#define PW_EGRESS_VLAN_NAME 58
+#define PW_USER_PRIORITY_TABLE 59
+#define PW_CHAP_CHALLENGE 60
+#define PW_NAS_PORT_TYPE 61
+#define PW_PORT_LIMIT 62
+#define PW_LOGIN_LAT_PORT 63
+#define PW_TUNNEL_TYPE 64
+#define PW_TUNNEL_MEDIUM_TYPE 65
+#define PW_TUNNEL_CLIENT_ENDPOINT 66
+#define PW_TUNNEL_SERVER_ENDPOINT 67
+#define PW_ACCT_TUNNEL_CONNECTION 68
+#define PW_TUNNEL_PASSWORD 69
+#define PW_ARAP_PASSWORD 70
+#define PW_ARAP_FEATURES 71
+#define PW_ARAP_ZONE_ACCESS 72
+#define PW_ARAP_SECURITY 73
+#define PW_ARAP_SECURITY_DATA 74
+#define PW_PASSWORD_RETRY 75
+#define PW_PROMPT 76
+#define PW_CONNECT_INFO 77
+#define PW_CONFIGURATION_TOKEN 78
+#define PW_EAP_MESSAGE 79
+#define PW_MESSAGE_AUTHENTICATOR 80
+#define PW_TUNNEL_PRIVATE_GROUP_ID 81
+#define PW_TUNNEL_ASSIGNMENT_ID 82
+#define PW_TUNNEL_PREFERENCE 83
+#define PW_ARAP_CHALLENGE_RESPONSE 84
+#define PW_ACCT_INTERIM_INTERVAL 85
+#define PW_ACCT_TUNNEL_PACKETS_LOST 86
+#define PW_NAS_PORT_ID 87
+#define PW_FRAMED_POOL 88
+#define PW_CHARGEABLE_USER_IDENTITY 89
+#define PW_TUNNEL_CLIENT_AUTH_ID 90
+#define PW_TUNNEL_SERVER_AUTH_ID 91
+#define PW_NAS_FILTER_RULE 92
+#define PW_NAS_IPV6_ADDRESS 95
+#define PW_FRAMED_INTERFACE_ID 96
+#define PW_FRAMED_IPV6_PREFIX 97
+#define PW_LOGIN_IPV6_HOST 98
+#define PW_FRAMED_IPV6_ROUTE 99
+#define PW_FRAMED_IPV6_POOL 100
+#define PW_ERROR_CAUSE 101
+#define PW_EAP_KEY_NAME 102
+#define PW_DIGEST_RESPONSE 103
+#define PW_DIGEST_REALM 104
+#define PW_DIGEST_NONCE 105
+#define PW_DIGEST_RESPONSE_AUTH 106
+#define PW_DIGEST_NEXTNONCE 107
+#define PW_DIGEST_METHOD 108
+#define PW_DIGEST_URI 109
+#define PW_DIGEST_QOP 110
+#define PW_DIGEST_ALGORITHM 111
+#define PW_DIGEST_ENTITY_BODY_HASH 112
+#define PW_DIGEST_CNONCE 113
+#define PW_DIGEST_NONCE_COUNT 114
+#define PW_DIGEST_USERNAME 115
+#define PW_DIGEST_OPAQUE 116
+#define PW_DIGEST_AUTH_PARAM 117
+#define PW_DIGEST_AKA_AUTS 118
+#define PW_DIGEST_DOMAIN 119
+#define PW_DIGEST_STALE 120
+#define PW_DIGEST_HA1 121
+#define PW_SIP_AOR 122
+#define PW_DELEGATED_IPV6_PREFIX 123
+#define PW_OPERATOR_NAME 126
+#define PW_LOCATION_INFORMATION 127
+#define PW_LOCATION_DATA 128
+#define PW_BASIC_LOCATION_POLICY_RULES 129
+#define PW_EXTENDED_LOCATION_POLICY_RULES 130
+#define PW_LOCATION_CAPABLE 131
+#define PW_REQUESTED_LOCATION_INFO 132
+#define PW_FRAMED_MANAGEMENT 133
+#define PW_MANAGEMENT_TRANSPORT_PROTECTION 134
+#define PW_MANAGEMENT_POLICY_ID 135
+#define PW_MANAGEMENT_PRIVILEGE_LEVEL 136
+#define PW_PKM_SS_CERT 137
+#define PW_PKM_CA_CERT 138
+#define PW_PKM_CONFIG_SETTINGS 139
+#define PW_PKM_CRYPTOSUITE_LIST 140
+#define PW_PKM_SAID 141
+#define PW_PKM_SA_DESCRIPTOR 142
+#define PW_PKM_AUTH_KEY 143
+#define PW_GSS_ACCEPTOR_SERVICE_NAME 164
+#define PW_GSS_ACCEPTOR_HOST_NAME 165
+#define PW_GSS_ACCEPTOR_SERVICE_SPECIFICS 166
+#define PW_GSS_ACCEPTOR_REALM_NAME 167
+
+/* Microsoft */
+#define PW_MS_CHAP_RESPONSE 1
+#define PW_MS_CHAP_ERROR 2
+#define PW_MS_MPPE_ENCRYPTION_POLICY 7
+#define PW_MS_MPPE_ENCRYPTION_TYPES 8
+#define PW_MS_CHAP_DOMAIN 10
+#define PW_MS_CHAP_CHALLENGE 11
+#define PW_MS_CHAP_MPPE_KEYS 12
+#define PW_MS_MPPE_SEND_KEY 16
+#define PW_MS_MPPE_RECV_KEY 17
+#define PW_MS_CHAP2_RESPONSE 25
+#define PW_MS_CHAP2_SUCCESS 26
+
+/* Juniper */
+#define PW_JUNIPER_LOCAL_USER_NAME 1
+#define PW_JUNIPER_ALLOW_COMMANDS 2
+#define PW_JUNIPER_DENY_COMMANDS 3
+#define PW_JUNIPER_ALLOW_CONFIGURATION 4
+#define PW_JUNIPER_DENY_CONFIGURATION 5
+#define PW_JUNIPER_INTERACTIVE_COMMAND 8
+#define PW_JUNIPER_CONFIGURATION_CHANGE 9
+#define PW_JUNIPER_USER_PERMISSIONS 10
+
+/* UKERNA */
+#define PW_GSS_ACCEPTOR_SERVICE_NAME_VS 128
+#define PW_GSS_ACCEPTOR_HOST_NAME_VS 129
+#define PW_GSS_ACCEPTOR_SERVICE_SPECIFIC_VS 130
+#define PW_GSS_ACCEPTOR_REALM_NAME_VS 131
+#define PW_SAML_AAA_ASSERTION 132
+#define PW_MS_WINDOWS_AUTH_DATA 133
+#define PW_MS_WINDOWS_GROUP_SID 134
+
+/* Fixed offsets to dictionary definitions of attributes */
+#define RS_DA_USER_NAME (&nr_dict_attrs[1])
+#define RS_DA_USER_PASSWORD (&nr_dict_attrs[2])
+#define RS_DA_CHAP_PASSWORD (&nr_dict_attrs[3])
+#define RS_DA_NAS_IP_ADDRESS (&nr_dict_attrs[4])
+#define RS_DA_NAS_PORT (&nr_dict_attrs[5])
+#define RS_DA_SERVICE_TYPE (&nr_dict_attrs[6])
+#define RS_DA_FRAMED_PROTOCOL (&nr_dict_attrs[7])
+#define RS_DA_FRAMED_IP_ADDRESS (&nr_dict_attrs[8])
+#define RS_DA_FRAMED_IP_NETMASK (&nr_dict_attrs[9])
+#define RS_DA_FRAMED_ROUTING (&nr_dict_attrs[10])
+#define RS_DA_FILTER_ID (&nr_dict_attrs[11])
+#define RS_DA_FRAMED_MTU (&nr_dict_attrs[12])
+#define RS_DA_FRAMED_COMPRESSION (&nr_dict_attrs[13])
+#define RS_DA_LOGIN_IP_HOST (&nr_dict_attrs[14])
+#define RS_DA_LOGIN_SERVICE (&nr_dict_attrs[15])
+#define RS_DA_LOGIN_TCP_PORT (&nr_dict_attrs[16])
+#define RS_DA_REPLY_MESSAGE (&nr_dict_attrs[18])
+#define RS_DA_CALLBACK_NUMBER (&nr_dict_attrs[19])
+#define RS_DA_CALLBACK_ID (&nr_dict_attrs[20])
+#define RS_DA_FRAMED_ROUTE (&nr_dict_attrs[22])
+#define RS_DA_FRAMED_IPX_NETWORK (&nr_dict_attrs[23])
+#define RS_DA_STATE (&nr_dict_attrs[24])
+#define RS_DA_CLASS (&nr_dict_attrs[25])
+#define RS_DA_VENDOR_SPECIFIC (&nr_dict_attrs[26])
+#define RS_DA_SESSION_TIMEOUT (&nr_dict_attrs[27])
+#define RS_DA_IDLE_TIMEOUT (&nr_dict_attrs[28])
+#define RS_DA_TERMINATION_ACTION (&nr_dict_attrs[29])
+#define RS_DA_CALLED_STATION_ID (&nr_dict_attrs[30])
+#define RS_DA_CALLING_STATION_ID (&nr_dict_attrs[31])
+#define RS_DA_NAS_IDENTIFIER (&nr_dict_attrs[32])
+#define RS_DA_PROXY_STATE (&nr_dict_attrs[33])
+#define RS_DA_LOGIN_LAT_SERVICE (&nr_dict_attrs[34])
+#define RS_DA_LOGIN_LAT_NODE (&nr_dict_attrs[35])
+#define RS_DA_LOGIN_LAT_GROUP (&nr_dict_attrs[36])
+#define RS_DA_FRAMED_APPLETALK_LINK (&nr_dict_attrs[37])
+#define RS_DA_FRAMED_APPLETALK_NETWORK (&nr_dict_attrs[38])
+#define RS_DA_FRAMED_APPLETALK_ZONE (&nr_dict_attrs[39])
+#define RS_DA_ACCT_STATUS_TYPE (&nr_dict_attrs[40])
+#define RS_DA_ACCT_DELAY_TIME (&nr_dict_attrs[41])
+#define RS_DA_ACCT_INPUT_OCTETS (&nr_dict_attrs[42])
+#define RS_DA_ACCT_OUTPUT_OCTETS (&nr_dict_attrs[43])
+#define RS_DA_ACCT_SESSION_ID (&nr_dict_attrs[44])
+#define RS_DA_ACCT_AUTHENTIC (&nr_dict_attrs[45])
+#define RS_DA_ACCT_SESSION_TIME (&nr_dict_attrs[46])
+#define RS_DA_ACCT_INPUT_PACKETS (&nr_dict_attrs[47])
+#define RS_DA_ACCT_OUTPUT_PACKETS (&nr_dict_attrs[48])
+#define RS_DA_ACCT_TERMINATE_CAUSE (&nr_dict_attrs[49])
+#define RS_DA_ACCT_MULTI_SESSION_ID (&nr_dict_attrs[50])
+#define RS_DA_ACCT_LINK_COUNT (&nr_dict_attrs[51])
+#define RS_DA_ACCT_INPUT_GIGAWORDS (&nr_dict_attrs[52])
+#define RS_DA_ACCT_OUTPUT_GIGAWORDS (&nr_dict_attrs[53])
+#define RS_DA_EVENT_TIMESTAMP (&nr_dict_attrs[55])
+#define RS_DA_EGRESS_VLANID (&nr_dict_attrs[56])
+#define RS_DA_INGRESS_FILTERS (&nr_dict_attrs[57])
+#define RS_DA_EGRESS_VLAN_NAME (&nr_dict_attrs[58])
+#define RS_DA_USER_PRIORITY_TABLE (&nr_dict_attrs[59])
+#define RS_DA_CHAP_CHALLENGE (&nr_dict_attrs[60])
+#define RS_DA_NAS_PORT_TYPE (&nr_dict_attrs[61])
+#define RS_DA_PORT_LIMIT (&nr_dict_attrs[62])
+#define RS_DA_LOGIN_LAT_PORT (&nr_dict_attrs[63])
+#define RS_DA_TUNNEL_TYPE (&nr_dict_attrs[64])
+#define RS_DA_TUNNEL_MEDIUM_TYPE (&nr_dict_attrs[65])
+#define RS_DA_TUNNEL_CLIENT_ENDPOINT (&nr_dict_attrs[66])
+#define RS_DA_TUNNEL_SERVER_ENDPOINT (&nr_dict_attrs[67])
+#define RS_DA_ACCT_TUNNEL_CONNECTION (&nr_dict_attrs[68])
+#define RS_DA_TUNNEL_PASSWORD (&nr_dict_attrs[69])
+#define RS_DA_ARAP_PASSWORD (&nr_dict_attrs[70])
+#define RS_DA_ARAP_FEATURES (&nr_dict_attrs[71])
+#define RS_DA_ARAP_ZONE_ACCESS (&nr_dict_attrs[72])
+#define RS_DA_ARAP_SECURITY (&nr_dict_attrs[73])
+#define RS_DA_ARAP_SECURITY_DATA (&nr_dict_attrs[74])
+#define RS_DA_PASSWORD_RETRY (&nr_dict_attrs[75])
+#define RS_DA_PROMPT (&nr_dict_attrs[76])
+#define RS_DA_CONNECT_INFO (&nr_dict_attrs[77])
+#define RS_DA_CONFIGURATION_TOKEN (&nr_dict_attrs[78])
+#define RS_DA_EAP_MESSAGE (&nr_dict_attrs[79])
+#define RS_DA_MESSAGE_AUTHENTICATOR (&nr_dict_attrs[80])
+#define RS_DA_TUNNEL_PRIVATE_GROUP_ID (&nr_dict_attrs[81])
+#define RS_DA_TUNNEL_ASSIGNMENT_ID (&nr_dict_attrs[82])
+#define RS_DA_TUNNEL_PREFERENCE (&nr_dict_attrs[83])
+#define RS_DA_ARAP_CHALLENGE_RESPONSE (&nr_dict_attrs[84])
+#define RS_DA_ACCT_INTERIM_INTERVAL (&nr_dict_attrs[85])
+#define RS_DA_ACCT_TUNNEL_PACKETS_LOST (&nr_dict_attrs[86])
+#define RS_DA_NAS_PORT_ID (&nr_dict_attrs[87])
+#define RS_DA_FRAMED_POOL (&nr_dict_attrs[88])
+#define RS_DA_CHARGEABLE_USER_IDENTITY (&nr_dict_attrs[89])
+#define RS_DA_TUNNEL_CLIENT_AUTH_ID (&nr_dict_attrs[90])
+#define RS_DA_TUNNEL_SERVER_AUTH_ID (&nr_dict_attrs[91])
+#define RS_DA_NAS_FILTER_RULE (&nr_dict_attrs[92])
+#define RS_DA_NAS_IPV6_ADDRESS (&nr_dict_attrs[95])
+#define RS_DA_FRAMED_INTERFACE_ID (&nr_dict_attrs[96])
+#define RS_DA_FRAMED_IPV6_PREFIX (&nr_dict_attrs[97])
+#define RS_DA_LOGIN_IPV6_HOST (&nr_dict_attrs[98])
+#define RS_DA_FRAMED_IPV6_ROUTE (&nr_dict_attrs[99])
+#define RS_DA_FRAMED_IPV6_POOL (&nr_dict_attrs[100])
+#define RS_DA_ERROR_CAUSE (&nr_dict_attrs[101])
+#define RS_DA_EAP_KEY_NAME (&nr_dict_attrs[102])
+#define RS_DA_DIGEST_RESPONSE (&nr_dict_attrs[103])
+#define RS_DA_DIGEST_REALM (&nr_dict_attrs[104])
+#define RS_DA_DIGEST_NONCE (&nr_dict_attrs[105])
+#define RS_DA_DIGEST_RESPONSE_AUTH (&nr_dict_attrs[106])
+#define RS_DA_DIGEST_NEXTNONCE (&nr_dict_attrs[107])
+#define RS_DA_DIGEST_METHOD (&nr_dict_attrs[108])
+#define RS_DA_DIGEST_URI (&nr_dict_attrs[109])
+#define RS_DA_DIGEST_QOP (&nr_dict_attrs[110])
+#define RS_DA_DIGEST_ALGORITHM (&nr_dict_attrs[111])
+#define RS_DA_DIGEST_ENTITY_BODY_HASH (&nr_dict_attrs[112])
+#define RS_DA_DIGEST_CNONCE (&nr_dict_attrs[113])
+#define RS_DA_DIGEST_NONCE_COUNT (&nr_dict_attrs[114])
+#define RS_DA_DIGEST_USERNAME (&nr_dict_attrs[115])
+#define RS_DA_DIGEST_OPAQUE (&nr_dict_attrs[116])
+#define RS_DA_DIGEST_AUTH_PARAM (&nr_dict_attrs[117])
+#define RS_DA_DIGEST_AKA_AUTS (&nr_dict_attrs[118])
+#define RS_DA_DIGEST_DOMAIN (&nr_dict_attrs[119])
+#define RS_DA_DIGEST_STALE (&nr_dict_attrs[120])
+#define RS_DA_DIGEST_HA1 (&nr_dict_attrs[121])
+#define RS_DA_SIP_AOR (&nr_dict_attrs[122])
+#define RS_DA_DELEGATED_IPV6_PREFIX (&nr_dict_attrs[123])
+#define RS_DA_OPERATOR_NAME (&nr_dict_attrs[126])
+#define RS_DA_LOCATION_INFORMATION (&nr_dict_attrs[127])
+#define RS_DA_LOCATION_DATA (&nr_dict_attrs[128])
+#define RS_DA_BASIC_LOCATION_POLICY_RULES (&nr_dict_attrs[129])
+#define RS_DA_EXTENDED_LOCATION_POLICY_RULES (&nr_dict_attrs[130])
+#define RS_DA_LOCATION_CAPABLE (&nr_dict_attrs[131])
+#define RS_DA_REQUESTED_LOCATION_INFO (&nr_dict_attrs[132])
+#define RS_DA_FRAMED_MANAGEMENT (&nr_dict_attrs[133])
+#define RS_DA_MANAGEMENT_TRANSPORT_PROTECTION (&nr_dict_attrs[134])
+#define RS_DA_MANAGEMENT_POLICY_ID (&nr_dict_attrs[135])
+#define RS_DA_MANAGEMENT_PRIVILEGE_LEVEL (&nr_dict_attrs[136])
+#define RS_DA_PKM_SS_CERT (&nr_dict_attrs[137])
+#define RS_DA_PKM_CA_CERT (&nr_dict_attrs[138])
+#define RS_DA_PKM_CONFIG_SETTINGS (&nr_dict_attrs[139])
+#define RS_DA_PKM_CRYPTOSUITE_LIST (&nr_dict_attrs[140])
+#define RS_DA_PKM_SAID (&nr_dict_attrs[141])
+#define RS_DA_PKM_SA_DESCRIPTOR (&nr_dict_attrs[142])
+#define RS_DA_PKM_AUTH_KEY (&nr_dict_attrs[143])
+#define RS_DA_GSS_ACCEPTOR_SERVICE_NAME (&nr_dict_attrs[164])
+#define RS_DA_GSS_ACCEPTOR_HOST_NAME (&nr_dict_attrs[165])
+#define RS_DA_GSS_ACCEPTOR_SERVICE_SPECIFICS (&nr_dict_attrs[166])
+#define RS_DA_GSS_ACCEPTOR_REALM_NAME (&nr_dict_attrs[167])
+#define RS_DA_MS_CHAP_RESPONSE (&nr_dict_attrs[256])
+#define RS_DA_MS_CHAP_ERROR (&nr_dict_attrs[257])
+#define RS_DA_MS_MPPE_ENCRYPTION_POLICY (&nr_dict_attrs[258])
+#define RS_DA_MS_MPPE_ENCRYPTION_TYPES (&nr_dict_attrs[259])
+#define RS_DA_MS_CHAP_DOMAIN (&nr_dict_attrs[260])
+#define RS_DA_MS_CHAP_CHALLENGE (&nr_dict_attrs[261])
+#define RS_DA_MS_CHAP_MPPE_KEYS (&nr_dict_attrs[262])
+#define RS_DA_MS_MPPE_SEND_KEY (&nr_dict_attrs[263])
+#define RS_DA_MS_MPPE_RECV_KEY (&nr_dict_attrs[264])
+#define RS_DA_MS_CHAP2_RESPONSE (&nr_dict_attrs[265])
+#define RS_DA_MS_CHAP2_SUCCESS (&nr_dict_attrs[266])
+#define RS_DA_JUNIPER_LOCAL_USER_NAME (&nr_dict_attrs[267])
+#define RS_DA_JUNIPER_ALLOW_COMMANDS (&nr_dict_attrs[268])
+#define RS_DA_JUNIPER_DENY_COMMANDS (&nr_dict_attrs[269])
+#define RS_DA_JUNIPER_ALLOW_CONFIGURATION (&nr_dict_attrs[270])
+#define RS_DA_JUNIPER_DENY_CONFIGURATION (&nr_dict_attrs[271])
+#define RS_DA_JUNIPER_INTERACTIVE_COMMAND (&nr_dict_attrs[272])
+#define RS_DA_JUNIPER_CONFIGURATION_CHANGE (&nr_dict_attrs[273])
+#define RS_DA_JUNIPER_USER_PERMISSIONS (&nr_dict_attrs[274])
+#define RS_DA_GSS_ACCEPTOR_SERVICE_NAME_VS (&nr_dict_attrs[275])
+#define RS_DA_GSS_ACCEPTOR_HOST_NAME_VS (&nr_dict_attrs[276])
+#define RS_DA_GSS_ACCEPTOR_SERVICE_SPECIFIC_VS (&nr_dict_attrs[277])
+#define RS_DA_GSS_ACCEPTOR_REALM_NAME_VS (&nr_dict_attrs[278])
+#define RS_DA_SAML_AAA_ASSERTION (&nr_dict_attrs[279])
+#define RS_DA_MS_WINDOWS_AUTH_DATA (&nr_dict_attrs[280])
+#define RS_DA_MS_WINDOWS_GROUP_SID (&nr_dict_attrs[281])
+/* Automatically generated file. Do not edit */
diff --git a/include/radsec/radsec-impl.h b/include/radsec/radsec-impl.h
new file mode 100644
index 0000000..0ecd631
--- /dev/null
+++ b/include/radsec/radsec-impl.h
@@ -0,0 +1,156 @@
+/** @file libradsec-impl.h
+ @brief Libraray internal header file for libradsec. */
+
+/* Copyright 2010-2013 NORDUnet A/S. All rights reserved.
+ See LICENSE for licensing information. */
+
+#ifndef _RADSEC_RADSEC_IMPL_H_
+#define _RADSEC_RADSEC_IMPL_H_ 1
+
+#include <event2/util.h>
+#include <confuse.h>
+#if defined(RS_ENABLE_TLS)
+#include <openssl/ssl.h>
+#endif
+
+/* Constants. */
+#define RS_HEADER_LEN 4
+
+/* Data types. */
+enum rs_cred_type {
+ RS_CRED_NONE = 0,
+ /* TLS pre-shared keys, RFC 4279. */
+ RS_CRED_TLS_PSK,
+ /* RS_CRED_TLS_DH_PSK, */
+ /* RS_CRED_TLS_RSA_PSK, */
+};
+typedef unsigned int rs_cred_type_t;
+
+enum rs_key_encoding {
+ RS_KEY_ENCODING_UTF8 = 1,
+ RS_KEY_ENCODING_ASCII_HEX = 2,
+};
+typedef unsigned int rs_key_encoding_t;
+
+#if defined (__cplusplus)
+extern "C" {
+#endif
+
+struct rs_credentials {
+ enum rs_cred_type type;
+ char *identity;
+ char *secret;
+ enum rs_key_encoding secret_encoding;
+ unsigned int secret_len;
+};
+
+struct rs_error {
+ int code;
+ char buf[1024];
+};
+
+/** Configuration object for a connection. */
+struct rs_peer {
+ struct rs_connection *conn;
+ struct rs_realm *realm;
+ char *hostname;
+ char *service;
+ char *secret; /* RADIUS secret. */
+ struct evutil_addrinfo *addr_cache;
+ struct rs_peer *next;
+};
+
+/** Configuration object for a RADIUS realm. */
+struct rs_realm {
+ char *name;
+ enum rs_conn_type type;
+ int timeout;
+ int retries;
+ char *cacertfile;
+ char *cacertpath;
+ char *certfile;
+ char *certkeyfile;
+ int disable_hostname_check;
+ struct rs_credentials *transport_cred;
+ struct rs_peer *peers;
+ struct rs_realm *next;
+};
+
+/** Top configuration object. */
+struct rs_config {
+ struct rs_realm *realms;
+ cfg_t *cfg;
+};
+
+struct rs_context {
+ struct rs_config *config;
+ struct rs_alloc_scheme alloc_scheme;
+ struct rs_error *err;
+};
+
+struct rs_connection {
+ struct rs_context *ctx;
+ struct rs_realm *realm; /* Owned by ctx. */
+ struct event_base *evb; /* Event base. */
+ struct event *tev; /* Timeout event. */
+ struct rs_conn_callbacks callbacks;
+ void *user_data;
+ struct rs_peer *peers;
+ struct rs_peer *active_peer;
+ struct rs_error *err;
+ struct timeval timeout;
+ char is_connecting; /* FIXME: replace with a single state member */
+ char is_connected; /* FIXME: replace with a single state member */
+ int fd; /* Socket. */
+ int tryagain; /* For server failover. */
+ int nextid; /* Next RADIUS packet identifier. */
+ /* TCP transport specifics. */
+ struct bufferevent *bev; /* Buffer event. */
+ /* UDP transport specifics. */
+ struct event *wev; /* Write event (for UDP). */
+ struct event *rev; /* Read event (for UDP). */
+ struct rs_packet *out_queue; /* Queue for outgoing UDP packets. */
+#if defined(RS_ENABLE_TLS)
+ /* TLS specifics. */
+ SSL_CTX *tls_ctx;
+ SSL *tls_ssl;
+#endif
+};
+
+enum rs_packet_flags {
+ RS_PACKET_HEADER_READ,
+ RS_PACKET_RECEIVED,
+ RS_PACKET_SENT,
+};
+
+struct radius_packet;
+
+struct rs_packet {
+ struct rs_connection *conn;
+ unsigned int flags;
+ uint8_t hdr[RS_HEADER_LEN];
+ struct radius_packet *rpkt; /* FreeRADIUS object. */
+ struct rs_packet *next; /* Used for UDP output queue. */
+};
+
+#if defined (__cplusplus)
+}
+#endif
+
+/* Convenience macros. */
+#define rs_calloc(h, nmemb, size) \
+ (h->alloc_scheme.calloc ? h->alloc_scheme.calloc : calloc)(nmemb, size)
+#define rs_malloc(h, size) \
+ (h->alloc_scheme.malloc ? h->alloc_scheme.malloc : malloc)(size)
+#define rs_free(h, ptr) \
+ (h->alloc_scheme.free ? h->alloc_scheme.free : free)(ptr)
+#define rs_realloc(h, realloc, ptr, size) \
+ (h->alloc_scheme.realloc ? h->alloc_scheme.realloc : realloc)(ptr, size)
+#define min(a, b) ((a) < (b) ? (a) : (b))
+#define max(a, b) ((a) > (b) ? (a) : (b))
+
+#endif /* _RADSEC_RADSEC_IMPL_H_ */
+
+/* Local Variables: */
+/* c-file-style: "stroustrup" */
+/* End: */
diff --git a/include/radsec/radsec.h b/include/radsec/radsec.h
new file mode 100644
index 0000000..1d718a0
--- /dev/null
+++ b/include/radsec/radsec.h
@@ -0,0 +1,607 @@
+/** \file radsec.h
+ \brief Public interface for libradsec. */
+
+/* Copyright 2010-2013 NORDUnet A/S. All rights reserved.
+ See LICENSE for licensing information. */
+
+#ifndef _RADSEC_RADSEC_H_
+#define _RADSEC_RADSEC_H_ 1
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#ifdef HAVE_ARPA_INET_H
+#include <arpa/inet.h>
+#endif
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+
+enum rs_error_code {
+ RSE_OK = 0,
+ RSE_NOMEM = 1,
+ RSE_NOSYS = 2,
+ RSE_INVALID_CTX = 3,
+ RSE_INVALID_CONN = 4,
+ RSE_CONN_TYPE_MISMATCH = 5,
+ RSE_BADADDR = 7,
+ RSE_NOPEER = 8,
+ RSE_EVENT = 9, /* libevent error. */
+ RSE_SOCKERR = 10,
+ RSE_CONFIG = 11,
+ RSE_BADAUTH = 12,
+ RSE_INTERNAL = 13,
+ RSE_SSLERR = 14, /* OpenSSL error. */
+ RSE_INVALID_PKT = 15,
+ RSE_TIMEOUT_CONN = 16, /* Connection timeout. */
+ RSE_INVAL = 17, /* Invalid argument. */
+ RSE_TIMEOUT_IO = 18, /* I/O timeout. */
+ RSE_TIMEOUT = 19, /* High level timeout. */
+ RSE_DISCO = 20,
+ RSE_INUSE = 21,
+ RSE_PACKET_TOO_SMALL = 22,
+ RSE_PACKET_TOO_LARGE = 23,
+ RSE_ATTR_OVERFLOW = 24,
+ RSE_ATTR_TOO_SMALL = 25,
+ RSE_ATTR_TOO_LARGE = 26,
+ RSE_ATTR_UNKNOWN = 27,
+ RSE_ATTR_BAD_NAME = 28,
+ RSE_ATTR_VALUE_MALFORMED = 29,
+ RSE_ATTR_INVALID = 30,
+ RSE_TOO_MANY_ATTRS = 31,
+ RSE_ATTR_TYPE_UNKNOWN = 32,
+ RSE_MSG_AUTH_LEN = 33,
+ RSE_MSG_AUTH_WRONG = 34,
+ RSE_REQUEST_REQUIRED = 35,
+ RSE_INVALID_REQUEST_CODE = 36,
+ RSE_AUTH_VECTOR_WRONG = 37,
+ RSE_INVALID_RESPONSE_CODE = 38,
+ RSE_INVALID_RESPONSE_ID = 39,
+ RSE_INVALID_RESPONSE_SRC = 40,
+ RSE_NO_PACKET_DATA = 41,
+ RSE_VENDOR_UNKNOWN = 42,
+ RSE_CRED = 43,
+ RSE_CERT = 44,
+ RSE_MAX = RSE_CERT
+};
+
+enum rs_conn_type {
+ RS_CONN_TYPE_NONE = 0,
+ RS_CONN_TYPE_UDP,
+ RS_CONN_TYPE_TCP,
+ RS_CONN_TYPE_TLS,
+ RS_CONN_TYPE_DTLS,
+};
+typedef unsigned int rs_conn_type_t;
+
+typedef enum rs_attr_type_t {
+ RS_TYPE_INVALID = 0, /**< Invalid data type */
+ RS_TYPE_STRING, /**< printable-text */
+ RS_TYPE_INTEGER, /**< a 32-bit unsigned integer */
+ RS_TYPE_IPADDR, /**< an IPv4 address */
+ RS_TYPE_DATE, /**< a 32-bit date, of seconds since January 1, 1970 */
+ RS_TYPE_OCTETS, /**< a sequence of binary octets */
+ RS_TYPE_IFID, /**< an Interface Id */
+ RS_TYPE_IPV6ADDR, /**< an IPv6 address */
+ RS_TYPE_IPV6PREFIX, /**< an IPv6 prefix */
+ RS_TYPE_BYTE, /**< an 8-bit integer */
+ RS_TYPE_SHORT, /**< a 16-bit integer */
+} rs_attr_type_t;
+
+#define PW_ACCESS_REQUEST 1
+#define PW_ACCESS_ACCEPT 2
+#define PW_ACCESS_REJECT 3
+#define PW_ACCOUNTING_REQUEST 4
+#define PW_ACCOUNTING_RESPONSE 5
+#define PW_ACCOUNTING_STATUS 6
+#define PW_PASSWORD_REQUEST 7
+#define PW_PASSWORD_ACK 8
+#define PW_PASSWORD_REJECT 9
+#define PW_ACCOUNTING_MESSAGE 10
+#define PW_ACCESS_CHALLENGE 11
+#define PW_STATUS_SERVER 12
+#define PW_STATUS_CLIENT 13
+#define PW_DISCONNECT_REQUEST 40
+#define PW_DISCONNECT_ACK 41
+#define PW_DISCONNECT_NAK 42
+#define PW_COA_REQUEST 43
+#define PW_COA_ACK 44
+#define PW_COA_NAK 45
+
+#if defined (__cplusplus)
+extern "C" {
+#endif
+
+/* Data types. */
+struct rs_context; /* radsec-impl.h */
+struct rs_connection; /* radsec-impl.h */
+struct rs_packet; /* radsec-impl.h */
+struct rs_conn; /* radsec-impl.h */
+struct rs_error; /* radsec-impl.h */
+struct rs_peer; /* radsec-impl.h */
+struct radius_packet; /* <radius/client.h> */
+struct value_pair; /* <radius/client.h> */
+struct event_base; /* <event2/event-internal.h> */
+
+typedef void *(*rs_calloc_fp) (size_t nmemb, size_t size);
+typedef void *(*rs_malloc_fp) (size_t size);
+typedef void (*rs_free_fp) (void *ptr);
+typedef void *(*rs_realloc_fp) (void *ptr, size_t size);
+struct rs_alloc_scheme {
+ rs_calloc_fp calloc;
+ rs_malloc_fp malloc;
+ rs_free_fp free;
+ rs_realloc_fp realloc;
+};
+
+typedef void (*rs_conn_connected_cb) (void *user_data /* FIXME: peer? */ );
+typedef void (*rs_conn_disconnected_cb) (void *user_data /* FIXME: reason? */ );
+typedef void (*rs_conn_packet_received_cb) (struct rs_packet *packet,
+ void *user_data);
+typedef void (*rs_conn_packet_sent_cb) (void *user_data);
+struct rs_conn_callbacks {
+ /** Callback invoked when the connection has been established. */
+ rs_conn_connected_cb connected_cb;
+ /** Callback invoked when the connection has been torn down. */
+ rs_conn_disconnected_cb disconnected_cb;
+ /** Callback invoked when a packet was received. */
+ rs_conn_packet_received_cb received_cb;
+ /** Callback invoked when a packet was successfully sent. */
+ rs_conn_packet_sent_cb sent_cb;
+};
+
+typedef struct value_pair rs_avp;
+typedef const struct value_pair rs_const_avp;
+
+/* Function prototypes. */
+
+/*************/
+/* Context. */
+/*************/
+/** Create a context. Freed by calling \a rs_context_destroy. Note
+ that the context must not be freed before all other libradsec
+ objects have been freed.
+
+ If support for POSIX threads was detected at configure and build
+ time \a rs_context_create will use mutexes to protect multiple
+ threads from stomping on each other in OpenSSL.
+
+ \a ctx Address of pointer to a struct rs_context. This is the
+ output of this function.
+
+ \return RSE_OK (0) on success, RSE_SSLERR on TLS library
+ initialisation error and RSE_NOMEM on out of memory. */
+int rs_context_create(struct rs_context **ctx);
+
+/** Free a context. Note that the context must not be freed before
+ all other libradsec objects have been freed. */
+void rs_context_destroy(struct rs_context *ctx);
+
+/** Set allocation scheme to use. \a scheme is the allocation scheme
+ to use, see \a rs_alloc_scheme. \return On success, RSE_OK (0) is
+ returned. On error, !0 is returned and a struct \a rs_error is
+ pushed on the error stack for the context. The error can be
+ accessed using \a rs_err_ctx_pop. */
+int rs_context_set_alloc_scheme(struct rs_context *ctx,
+ struct rs_alloc_scheme *scheme);
+
+/** Read configuration file. \a config_file is the path of the
+ configuration file to read. \return On success, RSE_OK (0) is
+ returned. On error, !0 is returned and a struct \a rs_error is
+ pushed on the error stack for the context. The error can be
+ accessed using \a rs_err_ctx_pop. */
+int rs_context_read_config(struct rs_context *ctx, const char *config_file);
+
+/****************/
+/* Connection. */
+/****************/
+/** Create a connection. \a conn is the address of a pointer to an \a
+ rs_connection, the output. Free the connection using \a
+ rs_conn_destroy. Note that a connection must not be freed before
+ all packets associated with the connection have been freed. A
+ packet is associated with a connection when it's created (\a
+ rs_packet_create) or received (\a rs_conn_receive_packet).
+
+ If \a config is not NULL it should be the name of a configuration
+ found in the config file read in using \a rs_context_read_config.
+ \return On success, RSE_OK (0) is returned. On error, !0 is
+ returned and a struct \a rs_error is pushed on the error stack for
+ the context. The error can be accessed using \a
+ rs_err_ctx_pop. */
+int rs_conn_create(struct rs_context *ctx,
+ struct rs_connection **conn,
+ const char *config);
+
+/** Not implemented. */
+int rs_conn_add_listener(struct rs_connection *conn,
+ rs_conn_type_t type,
+ const char *hostname,
+ int port);
+/** Disconnect connection \a conn. \return RSE_OK (0) on success, !0
+ * on error. On error, errno is set appropriately. */
+int rs_conn_disconnect (struct rs_connection *conn);
+
+/** Disconnect and free memory allocated for connection \a conn. Note
+ that a connection must not be freed before all packets associated
+ with the connection have been freed. A packet is associated with
+ a connection when it's created (\a rs_packet_create) or received
+ (\a rs_conn_receive_packet). \return RSE_OK (0) on success, !0 *
+ on error. On error, errno is set appropriately. */
+int rs_conn_destroy(struct rs_connection *conn);
+
+/** Set connection type for \a conn. */
+void rs_conn_set_type(struct rs_connection *conn, rs_conn_type_t type);
+
+/** Not implemented. */
+int rs_conn_set_eventbase(struct rs_connection *conn, struct event_base *eb);
+
+/** Register callbacks \a cb for connection \a conn. */
+void rs_conn_set_callbacks(struct rs_connection *conn,
+ struct rs_conn_callbacks *cb);
+
+/** Remove callbacks for connection \a conn. */
+void rs_conn_del_callbacks(struct rs_connection *conn);
+
+/** Return callbacks registered for connection \a conn. \return
+ Installed callbacks are returned. */
+struct rs_conn_callbacks *rs_conn_get_callbacks(struct rs_connection *conn);
+
+/** Not implemented. */
+int rs_conn_select_peer(struct rs_connection *conn, const char *name);
+
+/** Not implemented. */
+int rs_conn_get_current_peer(struct rs_connection *conn,
+ const char *name,
+ size_t buflen);
+
+/** Special function used in blocking mode, i.e. with no callbacks
+ registered. For any other use of libradsec, a \a received_cb
+ callback should be registered using \a rs_conn_set_callbacks.
+
+ If \a req_msg is not NULL, a successfully received RADIUS message
+ is verified against it. If \a pkt_out is not NULL it will upon
+ return contain a pointer to an \a rs_packet containing the new
+ message.
+
+ \return On error or if the connect (TCP only) or read times out,
+ \a pkt_out will not be changed and one or more errors are pushed
+ on \a conn (available through \a rs_err_conn_pop). */
+int rs_conn_receive_packet(struct rs_connection *conn,
+ struct rs_packet *request,
+ struct rs_packet **pkt_out);
+
+/** Get the file descriptor associated with connection \a conn.
+ * \return File descriptor. */
+int rs_conn_fd(struct rs_connection *conn);
+
+/** Set the timeout value for connection \a conn. */
+void rs_conn_set_timeout(struct rs_connection *conn, struct timeval *tv);
+
+/* Peer -- client and server. */
+int rs_peer_create(struct rs_connection *conn, struct rs_peer **peer_out);
+int rs_peer_set_address(struct rs_peer *peer,
+ const char *hostname,
+ const char *service);
+int rs_peer_set_secret(struct rs_peer *peer, const char *secret);
+void rs_peer_set_timeout(struct rs_peer *peer, int timeout);
+void rs_peer_set_retries(struct rs_peer *peer, int retries);
+
+/************/
+/* Packet. */
+/************/
+/** Create a packet associated with connection \a conn. */
+int rs_packet_create(struct rs_connection *conn, struct rs_packet **pkt_out);
+
+/** Free all memory allocated for packet \a pkt. */
+void rs_packet_destroy(struct rs_packet *pkt);
+
+/** Send packet \a pkt on the connection associated with \a pkt.
+ \a user_data is passed to the \a rs_conn_packet_received_cb callback
+ registered with the connection. If no callback is registered with
+ the connection, the event loop is run by \a rs_packet_send and it
+ blocks until the full packet has been sent. Note that sending can
+ fail in several ways, f.ex. if the transmission protocol in use
+ is connection oriented (\a RS_CONN_TYPE_TCP and \a RS_CONN_TYPE_TLS)
+ and the connection can not be established. Also note that no
+ retransmission is done, something that is required for connectionless
+ transport protocols (\a RS_CONN_TYPE_UDP and \a RS_CONN_TYPE_DTLS).
+ The "request" API with \a rs_request_send can help with this.
+
+ \return On success, RSE_OK (0) is returned. On error, !0 is
+ returned and a struct \a rs_error is pushed on the error stack for
+ the connection. The error can be accessed using \a rs_err_conn_pop. */
+int rs_packet_send(struct rs_packet *pkt, void *user_data);
+
+/** Create a RADIUS authentication request packet associated with
+ connection \a conn. Optionally, User-Name and User-Password
+ attributes are added to the packet using the data in \a user_name
+ and \a user_pw. */
+int rs_packet_create_authn_request(struct rs_connection *conn,
+ struct rs_packet **pkt,
+ const char *user_name,
+ const char *user_pw);
+
+/** Add a new attribute-value pair to \a pkt. */
+int rs_packet_add_avp(struct rs_packet *pkt,
+ unsigned int attr, unsigned int vendor,
+ const void *data, size_t data_len);
+
+/** Append a new attribute to packet \a pkt. Note that this function
+ encodes the attribute and therefore might require the secret
+ shared with the thought recipient to be set in pkt->rpkt. Note
+ also that this function marks \a pkt as already encoded and can
+ not be used on packets with non-encoded value-pairs already
+ added. */
+int
+rs_packet_append_avp(struct rs_packet *pkt,
+ unsigned int attribute, unsigned int vendor,
+ const void *data, size_t data_len);
+
+/*** Get pointer to \a pkt attribute value pairs. */
+void
+rs_packet_avps(struct rs_packet *pkt, rs_avp ***vps);
+
+/*** Get RADIUS packet type of \a pkt. */
+unsigned int
+rs_packet_code(struct rs_packet *pkt);
+
+/*** Get RADIUS AVP from \a pkt. */
+rs_const_avp *
+rs_packet_find_avp(struct rs_packet *pkt, unsigned int attr, unsigned int vendor);
+
+/*** Set packet identifier in \a pkt; returns old identifier */
+int
+rs_packet_set_id (struct rs_packet *pkt, int id);
+
+/************/
+/* Config. */
+/************/
+/** Find the realm named \a name in the configuration file previoiusly
+ read in using \a rs_context_read_config. */
+struct rs_realm *rs_conf_find_realm(struct rs_context *ctx, const char *name);
+
+/***********/
+/* Error. */
+/***********/
+/** Create a struct \a rs_error and push it on a FIFO associated with
+ context \a ctx. Note: The depth of the error stack is one (1) at
+ the moment. This will change in a future release. */
+int rs_err_ctx_push(struct rs_context *ctx, int code, const char *fmt, ...);
+int rs_err_ctx_push_fl(struct rs_context *ctx,
+ int code,
+ const char *file,
+ int line,
+ const char *fmt,
+ ...);
+/** Pop the first error from the error FIFO associated with context \a
+ ctx or NULL if there are no errors in the FIFO. */
+struct rs_error *rs_err_ctx_pop(struct rs_context *ctx);
+
+/** Create a struct \a rs_error and push it on a FIFO associated with
+ connection \a conn. Note: The depth of the error stack is one (1)
+ at the moment. This will change in a future release. */
+int rs_err_conn_push(struct rs_connection *conn,
+ int code,
+ const char *fmt,
+ ...);
+int rs_err_conn_push_fl(struct rs_connection *conn,
+ int code,
+ const char *file,
+ int line,
+ const char *fmt,
+ ...);
+/** Pop the first error from the error FIFO associated with connection
+ \a conn or NULL if there are no errors in the FIFO. */
+struct rs_error *rs_err_conn_pop(struct rs_connection *conn);
+
+int rs_err_conn_peek_code (struct rs_connection *conn);
+void rs_err_free(struct rs_error *err);
+char *rs_err_msg(struct rs_error *err);
+int rs_err_code(struct rs_error *err, int dofree_flag);
+
+/************/
+/* AVPs. */
+/************/
+#define rs_avp_is_string(vp) (rs_avp_typeof(vp) == RS_TYPE_STRING)
+#define rs_avp_is_integer(vp) (rs_avp_typeof(vp) == RS_TYPE_INTEGER)
+#define rs_avp_is_ipaddr(vp) (rs_avp_typeof(vp) == RS_TYPE_IPADDR)
+#define rs_avp_is_date(vp) (rs_avp_typeof(vp) == RS_TYPE_DATE)
+#define rs_avp_is_octets(vp) (rs_avp_typeof(vp) == RS_TYPE_OCTETS)
+#define rs_avp_is_ifid(vp) (rs_avp_typeof(vp) == RS_TYPE_IFID)
+#define rs_avp_is_ipv6addr(vp) (rs_avp_typeof(vp) == RS_TYPE_IPV6ADDR)
+#define rs_avp_is_ipv6prefix(vp) (rs_avp_typeof(vp) == RS_TYPE_IPV6PREFIX)
+#define rs_avp_is_byte(vp) (rs_avp_typeof(vp) == RS_TYPE_BYTE)
+#define rs_avp_is_short(vp) (rs_avp_typeof(vp) == RS_TYPE_SHORT)
+#define rs_avp_is_tlv(vp) (rs_avp_typeof(vp) == RS_TYPE_TLV)
+
+/** The maximum length of a RADIUS attribute.
+ *
+ * The RFCs require that a RADIUS attribute transport no more than
+ * 253 octets of data. We add an extra byte for a trailing NUL, so
+ * that the VALUE_PAIR::vp_strvalue field can be handled as a C
+ * string.
+ */
+#define RS_MAX_STRING_LEN 254
+
+/** Free the AVP list \a vps */
+void
+rs_avp_free(rs_avp **vps);
+
+/** Return the length of AVP \a vp in bytes */
+size_t
+rs_avp_length(rs_const_avp *vp);
+
+/** Return the type of \a vp */
+rs_attr_type_t
+rs_avp_typeof(rs_const_avp *vp);
+
+/** Retrieve the attribute and vendor ID of \a vp */
+void
+rs_avp_attrid(rs_const_avp *vp, unsigned int *attr, unsigned int *vendor);
+
+/** Add \a vp to the list pointed to by \a head */
+void
+rs_avp_append(rs_avp **head, rs_avp *vp);
+
+/** Find an AVP in \a vp that matches \a attr and \a vendor */
+rs_avp *
+rs_avp_find(rs_avp *vp, unsigned int attr, unsigned int vendor);
+
+/** Find an AVP in \a vp that matches \a attr and \a vendor */
+rs_const_avp *
+rs_avp_find_const(rs_const_avp *vp, unsigned int attr, unsigned int vendor);
+
+/** Alloc a new AVP for \a attr and \a vendor */
+rs_avp *
+rs_avp_alloc(unsigned int attr, unsigned int vendor);
+
+/** Duplicate existing AVP \a vp */
+rs_avp *
+rs_avp_dup(rs_const_avp *vp);
+
+/** Remove matching AVP from list \a vps */
+int
+rs_avp_delete(rs_avp **vps, unsigned int attr, unsigned int vendor);
+
+/** Return next AVP in list */
+rs_avp *
+rs_avp_next(rs_avp *vp);
+
+/** Return next AVP in list */
+rs_const_avp *
+rs_avp_next_const(rs_const_avp *avp);
+
+/** Return string value of \a vp */
+const char *
+rs_avp_string_value(rs_const_avp *vp);
+
+/** Set AVP \a vp to string \a str */
+int
+rs_avp_string_set(rs_avp *vp, const char *str);
+
+/** Return integer value of \a vp */
+uint32_t
+rs_avp_integer_value(rs_const_avp *vp);
+
+/** Set AVP \a vp to integer \a val */
+int
+rs_avp_integer_set(rs_avp *vp, uint32_t val);
+
+/** Return IPv4 value of \a vp */
+uint32_t
+rs_avp_ipaddr_value(rs_const_avp *vp);
+
+/** Set AVP \a vp to IPv4 address \a in */
+int
+rs_avp_ipaddr_set(rs_avp *vp, struct in_addr in);
+
+/** Return POSIX time value of \a vp */
+time_t
+rs_avp_date_value(rs_const_avp *vp);
+
+/** Set AVP \a vp to POSIX time \a date */
+int
+rs_avp_date_set(rs_avp *vp, time_t date);
+
+/** Return constant pointer to octets in \a vp */
+const unsigned char *
+rs_avp_octets_value_const_ptr(rs_const_avp *vp);
+
+/** Return pointer to octets in \a vp */
+unsigned char *
+rs_avp_octets_value_ptr(rs_avp *vp);
+
+/** Retrieve octet pointer \a p and length \a len from \a vp */
+int
+rs_avp_octets_value_byref(rs_avp *vp,
+ unsigned char **p,
+ size_t *len);
+
+/** Copy octets from \a vp into \a buf and \a len */
+int
+rs_avp_octets_value(rs_const_avp *vp,
+ unsigned char *buf,
+ size_t *len);
+
+/**
+ * Copy octets possibly fragmented across multiple VPs
+ * into \a buf and \a len
+ */
+int
+rs_avp_fragmented_value(rs_const_avp *vps,
+ unsigned char *buf,
+ size_t *len);
+
+/** Copy \a len octets in \a buf to AVP \a vp */
+int
+rs_avp_octets_set(rs_avp *vp,
+ const unsigned char *buf,
+ size_t len);
+
+/** Return IFID value of \a vp */
+int
+rs_avp_ifid_value(rs_const_avp *vp, uint8_t val[8]);
+
+int
+rs_avp_ifid_set(rs_avp *vp, const uint8_t val[8]);
+
+/** Return byte value of \a vp */
+uint8_t
+rs_avp_byte_value(rs_const_avp *vp);
+
+/** Set AVP \a vp to byte \a val */
+int
+rs_avp_byte_set(rs_avp *vp, uint8_t val);
+
+/** Return short value of \a vp */
+uint16_t
+rs_avp_short_value(rs_const_avp *vp);
+
+/** Set AVP \a vp to short integer \a val */
+int
+rs_avp_short_set(rs_avp *vp, uint16_t val);
+
+/** Display possibly \a canonical attribute name into \a buffer */
+int
+rs_attr_display_name (unsigned int attr,
+ unsigned int vendor,
+ char *buffer,
+ size_t bufsize,
+ int canonical);
+
+/** Display AVP \a vp into \a buffer */
+size_t
+rs_avp_display_value(rs_const_avp *vp,
+ char *buffer,
+ size_t buflen);
+
+int
+rs_attr_parse_name (const char *name,
+ unsigned int *attr,
+ unsigned int *vendor);
+
+/** Lookup attribute \a name */
+int
+rs_attr_find(const char *name,
+ unsigned int *attr,
+ unsigned int *vendor);
+
+/** Return dictionary name for AVP \a vp */
+const char *
+rs_avp_name(rs_const_avp *vp);
+
+#if defined (__cplusplus)
+}
+#endif
+
+#endif /* _RADSEC_RADSEC_H_ */
+
+/* Local Variables: */
+/* c-file-style: "stroustrup" */
+/* End: */
diff --git a/include/radsec/request-impl.h b/include/radsec/request-impl.h
new file mode 100644
index 0000000..97335e5
--- /dev/null
+++ b/include/radsec/request-impl.h
@@ -0,0 +1,24 @@
+/* Copyright 2010-2011 NORDUnet A/S. All rights reserved.
+ See LICENSE for licensing information. */
+
+#ifndef _RADSEC_REQUEST_IMPL_H_
+#define _RADSEC_REQUEST_IMPL_H_ 1
+
+#if defined (__cplusplus)
+extern "C" {
+#endif
+
+struct rs_request
+{
+ struct rs_connection *conn;
+ struct event *timer;
+ struct rs_packet *req_msg;
+ struct rs_conn_callbacks saved_cb;
+ void *saved_user_data;
+};
+
+#if defined (__cplusplus)
+}
+#endif
+
+#endif /* _RADSEC_REQUEST_IMPL_H_ */
diff --git a/include/radsec/request.h b/include/radsec/request.h
new file mode 100644
index 0000000..d4c72b3
--- /dev/null
+++ b/include/radsec/request.h
@@ -0,0 +1,50 @@
+/** \file request.h
+ \brief Public interface for libradsec request's. */
+
+/* Copyright 2010-2013 NORDUnet A/S. All rights reserved.
+ See LICENSE for licensing information. */
+
+#ifndef _RADSEC_REQUEST_H_
+#define _RADSEC_REQUEST_H_ 1
+
+struct rs_request;
+
+#if defined (__cplusplus)
+extern "C" {
+#endif
+
+/** Create a request associated with connection \a conn. */
+int rs_request_create(struct rs_connection *conn, struct rs_request **req_out);
+
+/** Add RADIUS request message \a req_msg to request \a req.
+ FIXME: Rename to rs_request_add_reqmsg? */
+void rs_request_add_reqpkt(struct rs_request *req, struct rs_packet *req_msg);
+
+/** Create a request associated with connection \a conn containing a
+ newly created RADIUS authentication message, possibly with \a
+ user_name and \a user_pw attributes. \a user_name and _user_pw
+ are optional and can be NULL. */
+int rs_request_create_authn(struct rs_connection *conn,
+ struct rs_request **req_out,
+ const char *user_name,
+ const char *user_pw);
+
+/** Send request \a req and wait for a matching response. The
+ response is put in \a resp_msg (if not NULL). NOTE: At present,
+ no more than one outstanding request to a given realm is
+ supported. This will change in a future version. */
+int rs_request_send(struct rs_request *req, struct rs_packet **resp_msg);
+
+/** Free all memory allocated by request \a req including any request
+ packet associated with the request. Note that a request must be
+ freed before its associated connection can be freed. */
+void rs_request_destroy(struct rs_request *req);
+
+/** Return request message in request \a req. */
+struct rs_packet *rs_request_get_reqmsg(const struct rs_request *req);
+
+#if defined (__cplusplus)
+}
+#endif
+
+#endif /* _RADSEC_REQUEST_H_ */
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-27 17:10:56 +0000