1*624037c1Szrj /*- 2*624037c1Szrj * Copyright 1998 Juniper Networks, Inc. 3*624037c1Szrj * All rights reserved. 4*624037c1Szrj * 5*624037c1Szrj * Redistribution and use in source and binary forms, with or without 6*624037c1Szrj * modification, are permitted provided that the following conditions 7*624037c1Szrj * are met: 8*624037c1Szrj * 1. Redistributions of source code must retain the above copyright 9*624037c1Szrj * notice, this list of conditions and the following disclaimer. 10*624037c1Szrj * 2. Redistributions in binary form must reproduce the above copyright 11*624037c1Szrj * notice, this list of conditions and the following disclaimer in the 12*624037c1Szrj * documentation and/or other materials provided with the distribution. 13*624037c1Szrj * 14*624037c1Szrj * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15*624037c1Szrj * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16*624037c1Szrj * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17*624037c1Szrj * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18*624037c1Szrj * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19*624037c1Szrj * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20*624037c1Szrj * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21*624037c1Szrj * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22*624037c1Szrj * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23*624037c1Szrj * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24*624037c1Szrj * SUCH DAMAGE. 25*624037c1Szrj * 26*624037c1Szrj * $FreeBSD: src/lib/libradius/radlib_private.h,v 1.7 2009/09/11 11:42:56 mav Exp $ 27*624037c1Szrj */ 28*624037c1Szrj 29*624037c1Szrj #ifndef RADLIB_PRIVATE_H 30*624037c1Szrj #define RADLIB_PRIVATE_H 31*624037c1Szrj 32*624037c1Szrj #include <sys/types.h> 33*624037c1Szrj #include <netinet/in.h> 34*624037c1Szrj 35*624037c1Szrj #include "radlib.h" 36*624037c1Szrj #include "radlib_vs.h" 37*624037c1Szrj 38*624037c1Szrj /* Handle types */ 39*624037c1Szrj #define RADIUS_AUTH 0 /* RADIUS authentication, default */ 40*624037c1Szrj #define RADIUS_ACCT 1 /* RADIUS accounting */ 41*624037c1Szrj #define RADIUS_SERVER 2 /* RADIUS server */ 42*624037c1Szrj 43*624037c1Szrj /* Defaults */ 44*624037c1Szrj #define MAXTRIES 3 45*624037c1Szrj #define PATH_RADIUS_CONF "/etc/radius.conf" 46*624037c1Szrj #define RADIUS_PORT 1812 47*624037c1Szrj #define RADACCT_PORT 1813 48*624037c1Szrj #define TIMEOUT 3 /* In seconds */ 49*624037c1Szrj #define DEAD_TIME 0 50*624037c1Szrj 51*624037c1Szrj /* Limits */ 52*624037c1Szrj #define ERRSIZE 128 /* Maximum error message length */ 53*624037c1Szrj #define MAXCONFLINE 1024 /* Maximum config file line length */ 54*624037c1Szrj #define MAXSERVERS 10 /* Maximum number of servers to try */ 55*624037c1Szrj #define MSGSIZE 4096 /* Maximum RADIUS message */ 56*624037c1Szrj #define PASSSIZE 128 /* Maximum significant password chars */ 57*624037c1Szrj 58*624037c1Szrj /* Positions of fields in RADIUS messages */ 59*624037c1Szrj #define POS_CODE 0 /* Message code */ 60*624037c1Szrj #define POS_IDENT 1 /* Identifier */ 61*624037c1Szrj #define POS_LENGTH 2 /* Message length */ 62*624037c1Szrj #define POS_AUTH 4 /* Authenticator */ 63*624037c1Szrj #define LEN_AUTH 16 /* Length of authenticator */ 64*624037c1Szrj #define POS_ATTRS 20 /* Start of attributes */ 65*624037c1Szrj 66*624037c1Szrj struct rad_server { 67*624037c1Szrj struct sockaddr_in addr; /* Address of server */ 68*624037c1Szrj char *secret; /* Shared secret */ 69*624037c1Szrj int timeout; /* Timeout in seconds */ 70*624037c1Szrj int max_tries; /* Number of tries before giving up */ 71*624037c1Szrj int num_tries; /* Number of tries so far */ 72*624037c1Szrj int is_dead; /* The server did not answer last time */ 73*624037c1Szrj time_t dead_time; /* Don't try this server for the time period if it is dead */ 74*624037c1Szrj time_t next_probe; /* Time of a next probe after failure */ 75*624037c1Szrj in_addr_t bindto; /* Bind to address */ 76*624037c1Szrj }; 77*624037c1Szrj 78*624037c1Szrj struct rad_handle { 79*624037c1Szrj int fd; /* Socket file descriptor */ 80*624037c1Szrj struct rad_server servers[MAXSERVERS]; /* Servers to contact */ 81*624037c1Szrj int num_servers; /* Number of valid server entries */ 82*624037c1Szrj int ident; /* Current identifier value */ 83*624037c1Szrj char errmsg[ERRSIZE]; /* Most recent error message */ 84*624037c1Szrj unsigned char out[MSGSIZE]; /* Request to send */ 85*624037c1Szrj char out_created; /* rad_create_request() called? */ 86*624037c1Szrj int out_len; /* Length of request */ 87*624037c1Szrj char pass[PASSSIZE]; /* Cleartext password */ 88*624037c1Szrj int pass_len; /* Length of cleartext password */ 89*624037c1Szrj int pass_pos; /* Position of scrambled password */ 90*624037c1Szrj char chap_pass; /* Have we got a CHAP_PASSWORD ? */ 91*624037c1Szrj int authentic_pos; /* Position of message authenticator */ 92*624037c1Szrj char eap_msg; /* Are we an EAP Proxy? */ 93*624037c1Szrj unsigned char in[MSGSIZE]; /* Response received */ 94*624037c1Szrj int in_len; /* Length of response */ 95*624037c1Szrj int in_pos; /* Current position scanning attrs */ 96*624037c1Szrj int srv; /* Server number we did last */ 97*624037c1Szrj int type; /* Handle type */ 98*624037c1Szrj in_addr_t bindto; /* Current bind address */ 99*624037c1Szrj }; 100*624037c1Szrj 101*624037c1Szrj struct vendor_attribute { 102*624037c1Szrj u_int32_t vendor_value; 103*624037c1Szrj u_char attrib_type; 104*624037c1Szrj u_char attrib_len; 105*624037c1Szrj u_char attrib_data[1]; 106*624037c1Szrj }; 107*624037c1Szrj 108*624037c1Szrj #endif 109