xref: /openbsd-src/lib/libradius/radius.h (revision 46035553bfdd96e63c94e32da0210227ec2e3cf1) 
1 /*	$OpenBSD: radius.h,v 1.1 2015/07/20 23:52:29 yasuoka Exp $ */
2 
3 /*-
4  * Copyright (c) 2009 Internet Initiative Japan Inc.
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #ifndef _RADIUS_H
30 #define _RADIUS_H
31 
32 #define RADIUS_DEFAULT_PORT		1812
33 #define RADIUS_ACCT_DEFAULT_PORT	1813
34 
35 /* RADIUS codes */
36 #define RADIUS_CODE_ACCESS_REQUEST             1
37 #define RADIUS_CODE_ACCESS_ACCEPT              2
38 #define RADIUS_CODE_ACCESS_REJECT              3
39 #define RADIUS_CODE_ACCOUNTING_REQUEST         4
40 #define RADIUS_CODE_ACCOUNTING_RESPONSE        5
41 #define RADIUS_CODE_ACCESS_CHALLENGE          11
42 #define RADIUS_CODE_STATUS_SERVER             12
43 #define RADIUS_CODE_STATUS_CLIENT             13
44 
45 
46 /* RADIUS attributes */
47 #define RADIUS_TYPE_USER_NAME                  1
48 #define RADIUS_TYPE_USER_PASSWORD              2
49 #define RADIUS_TYPE_CHAP_PASSWORD              3
50 #define RADIUS_TYPE_NAS_IP_ADDRESS             4
51 #define RADIUS_TYPE_NAS_PORT                   5
52 #define RADIUS_TYPE_SERVICE_TYPE               6
53 #define RADIUS_TYPE_FRAMED_PROTOCOL            7
54 #define RADIUS_TYPE_FRAMED_IP_ADDRESS          8
55 #define RADIUS_TYPE_FRAMED_IP_NETMASK          9
56 #define RADIUS_TYPE_FRAMED_ROUTING            10
57 #define RADIUS_TYPE_FILTER_ID                 11
58 #define RADIUS_TYPE_FRAMED_MTU                12
59 #define RADIUS_TYPE_FRAMED_COMPRESSION        13
60 #define RADIUS_TYPE_LOGIN_IP_HOST             14
61 #define RADIUS_TYPE_LOGIN_SERVICE             15
62 #define RADIUS_TYPE_LOGIN_TCP_PORT            16
63 /*      unassigned                            17 */
64 #define RADIUS_TYPE_REPLY_MESSAGE             18
65 #define RADIUS_TYPE_CALLBACK_NUMBER           19
66 #define RADIUS_TYPE_CALLBACK_ID               20
67 /*      unassigned                            21 */
68 #define RADIUS_TYPE_FRAMED_ROUTE              22
69 #define RADIUS_TYPE_FRAMED_IPX_NETWORK        23
70 #define RADIUS_TYPE_STATE                     24
71 #define RADIUS_TYPE_CLASS                     25
72 #define RADIUS_TYPE_VENDOR_SPECIFIC           26
73 #define RADIUS_TYPE_SESSION_TIMEOUT           27
74 #define RADIUS_TYPE_IDLE_TIMEOUT              28
75 #define RADIUS_TYPE_TERMINATION_ACTION        29
76 #define RADIUS_TYPE_CALLED_STATION_ID         30
77 #define RADIUS_TYPE_CALLING_STATION_ID        31
78 #define RADIUS_TYPE_NAS_IDENTIFIER            32
79 #define RADIUS_TYPE_PROXY_STATE               33
80 #define RADIUS_TYPE_LOGIN_LAT_SERVICE         34
81 #define RADIUS_TYPE_LOGIN_LAT_NODE            35
82 #define RADIUS_TYPE_LOGIN_LAT_GROUP           36
83 #define RADIUS_TYPE_FRAMED_APPLETALK_LINK     37
84 #define RADIUS_TYPE_FRAMED_APPLETALK_NETWORK  38
85 #define RADIUS_TYPE_FRAMED_APPLETALK_ZONE     39
86 #define RADIUS_TYPE_ACCT_STATUS_TYPE          40
87 #define RADIUS_TYPE_ACCT_DELAY_TIME           41
88 #define RADIUS_TYPE_ACCT_INPUT_OCTETS         42
89 #define RADIUS_TYPE_ACCT_OUTPUT_OCTETS        43
90 #define RADIUS_TYPE_ACCT_SESSION_ID           44
91 #define RADIUS_TYPE_ACCT_AUTHENTIC            45
92 #define RADIUS_TYPE_ACCT_SESSION_TIME         46
93 #define RADIUS_TYPE_ACCT_INPUT_PACKETS        47
94 #define RADIUS_TYPE_ACCT_OUTPUT_PACKETS       48
95 #define RADIUS_TYPE_ACCT_TERMINATE_CAUSE      49
96 #define RADIUS_TYPE_ACCT_MULTI_SESSION_ID     50
97 #define RADIUS_TYPE_ACCT_LINK_COUNT           51
98 #define RADIUS_TYPE_ACCT_INPUT_GIGAWORDS      52
99 #define RADIUS_TYPE_ACCT_OUTPUT_GIGAWORDS     53
100 /*      unassigned (for accounting)           54 */
101 #define RADIUS_TYPE_EVENT_TIMESTAMP           55
102 /*      unassigned (for accounting)           56 */
103 /*      unassigned (for accounting)           57 */
104 /*      unassigned (for accounting)           58 */
105 /*      unassigned (for accounting)           59 */
106 #define RADIUS_TYPE_CHAP_CHALLENGE            60
107 #define RADIUS_TYPE_NAS_PORT_TYPE             61
108 #define RADIUS_TYPE_PORT_LIMIT                62
109 #define RADIUS_TYPE_LOGIN_LAT_PORT            63
110 #define RADIUS_TYPE_TUNNEL_TYPE               64
111 #define RADIUS_TYPE_TUNNEL_MEDIUM_TYPE        65
112 #define RADIUS_TYPE_TUNNEL_CLIENT_ENDPOINT    66
113 #define RADIUS_TYPE_TUNNEL_SERVER_ENDPOINT    67
114 #define RADIUS_TYPE_ACCT_TUNNEL_CONNECTION    68
115 #define RADIUS_TYPE_TUNNEL_PASSWORD           69
116 #define RADIUS_TYPE_ARAP_PASSWORD             70
117 #define RADIUS_TYPE_ARAP_FEATURES             71
118 #define RADIUS_TYPE_ARAP_ZONE_ACCESS          72
119 #define RADIUS_TYPE_ARAP_SECURITY             73
120 #define RADIUS_TYPE_ARAP_SECURITY_DATA        74
121 #define RADIUS_TYPE_PASSWORD_RETRY            75
122 #define RADIUS_TYPE_PROMPT                    76
123 #define RADIUS_TYPE_CONNECT_INFO              77
124 #define RADIUS_TYPE_CONFIGURATION_TOKEN       78
125 #define RADIUS_TYPE_EAP_MESSAGE               79
126 #define RADIUS_TYPE_MESSAGE_AUTHENTICATOR     80
127 #define RADIUS_TYPE_TUNNEL_PRIVATE_GROUP_ID   81
128 #define RADIUS_TYPE_TUNNEL_ASSIGNMENT_ID      82
129 #define RADIUS_TYPE_TUNNEL_PREFERENCE         83
130 #define RADIUS_TYPE_ARAP_CHALLENGE_RESPONSE   84
131 #define RADIUS_TYPE_ACCT_INTERIM_INTERVAL     85
132 #define RADIUS_TYPE_ACCT_TUNNEL_PACKETS_LOST  86
133 #define RADIUS_TYPE_NAS_PORT_ID               87
134 #define RADIUS_TYPE_FRAMED_POOL               88
135 /*      unassigned                            89 */
136 #define RADIUS_TYPE_TUNNEL_CLIENT_AUTH_ID     90
137 #define RADIUS_TYPE_TUNNEL_SERVER_AUTH_ID     91
138 /*	unassigned                            92-94 */
139 #define RADIUS_TYPE_NAS_IPV6_ADDRESS          95
140 #define RADIUS_TYPE_FRAMED_INTERFACE_ID       96
141 #define RADIUS_TYPE_FRAMED_IPV6_PREFIX        97
142 #define RADIUS_TYPE_LOGIN_IPV6_HOST           98
143 #define RADIUS_TYPE_FRAMED_IPV6_ROUTE         99
144 #define RADIUS_TYPE_FRAMED_IPV6_POOL          100
145 
146 
147 /* RFC 2865 5.7. Framed-Protocol */
148 #define RADIUS_FRAMED_PROTOCOL_PPP	1	/* PPP */
149 #define RADIUS_FRAMED_PROTOCOL_SLIP	2	/* SLIP */
150 #define RADIUS_FRAMED_PROTOCOL_ARAP	3	/* AppleTalk Remote Access
151 						 * Protocol (ARAP) */
152 #define RADIUS_FRAMED_PROTOCOL_GANDALF	4	/* Gandalf proprietary
153 						 * SingleLink/MultiLink
154 						 * protocol */
155 #define RADIUS_FRAMED_PROTOCOL_XYLOGICS	5	/* Xylogics proprietary
156 						 * IPX/SLIP */
157 #define RADIUS_FRAMED_PROTOCOL_X75	6	/* X.75 Synchronous */
158 
159 
160 /* RFC 2865 5.6. Service-Type */
161 #define RADIUS_SERVICE_TYPE_LOGIN             1
162 #define RADIUS_SERVICE_TYPE_FRAMED            2
163 #define RADIUS_SERVICE_TYPE_CB_LOGIN          3
164 #define RADIUS_SERVICE_TYPE_CB_FRAMED         4
165 #define RADIUS_SERVICE_TYPE_OUTBOUND          5
166 #define RADIUS_SERVICE_TYPE_ADMINISTRATIVE    6
167 #define RADIUS_SERVICE_TYPE_NAS_PROMPT        7
168 #define RADIUS_SERVICE_TYPE_AUTHENTICAT_ONLY  8
169 #define RADIUS_SERVICE_TYPE_CB_NAS_PROMPTi    9
170 #define RADIUS_SERVICE_TYPE_CALL_CHECK        10
171 #define RADIUS_SERVICE_TYPE_CB_ADMINISTRATIVE 11
172 
173 
174 /* Microsoft vendor specific attributes: see RFC2548*/
175 #define RADIUS_VENDOR_MICROSOFT              311
176 #define RADIUS_VTYPE_MS_CHAP_RESPONSE          1
177 #define RADIUS_VTYPE_MS_CHAP_ERROR             2
178 #define RADIUS_VTYPE_MS_CHAP_PW_1              3
179 #define RADIUS_VTYPE_MS_CHAP_PW_2              4
180 #define RADIUS_VTYPE_MS_CHAP_LM_ENC_PW         5
181 #define RADIUS_VTYPE_MS_CHAP_NT_ENC_PW         6
182 #define RADIUS_VTYPE_MPPE_ENCRYPTION_POLICY    7
183 #define RADIUS_VTYPE_MPPE_ENCRYPTION_TYPES     8
184 #define RADIUS_VTYPE_MS_RAS_VENDOR             9
185 #define RADIUS_VTYPE_MS_CHAP_CHALLENGE        11
186 #define RADIUS_VTYPE_MS_CHAP_MPPE_KEYS        12
187 #define RADIUS_VTYPE_MS_BAP_USAGE             13
188 #define RADIUS_VTYPE_MS_LINK_UTILIZATION_THRESHOLD 14
189 #define RADIUS_VTYPE_MS_LINK_DROP_TIME_LIMIT  15
190 #define RADIUS_VTYPE_MPPE_SEND_KEY            16
191 #define RADIUS_VTYPE_MPPE_RECV_KEY            17
192 #define RADIUS_VTYPE_MS_RAS_VERSION           18
193 #define RADIUS_VTYPE_MS_OLD_ARAP_PASSWORD     19
194 #define RADIUS_VTYPE_MS_NEW_ARAP_PASSWORD     20
195 #define RADIUS_VTYPE_MS_ARAP_PASSWORD_CHANGE_REASON 21
196 #define RADIUS_VTYPE_MS_FILTER                22
197 #define RADIUS_VTYPE_MS_ACCT_AUTH_TYPE        23
198 #define RADIUS_VTYPE_MS_ACCT_EAP_TYPE         24
199 #define RADIUS_VTYPE_MS_CHAP2_RESPONSE        25
200 #define RADIUS_VTYPE_MS_CHAP2_SUCCESS         26
201 #define RADIUS_VTYPE_MS_CHAP2_PW              27
202 #define RADIUS_VTYPE_MS_PRIMARY_DNS_SERVER    28
203 #define RADIUS_VTYPE_MS_SECONDARY_DNS_SERVER  29
204 #define RADIUS_VTYPE_MS_PRIMARY_NBNS_SERVER   30
205 #define RADIUS_VTYPE_MS_SECONDARY_NBNS_SERVER 31
206 /*      unassigned?                           32 */
207 #define RADIUS_VTYPE_MS_ARAP_CHALLENGE        33
208 
209 
210 /* RFC 2865 5.41. NAS-Port-Type */
211 #define RADIUS_NAS_PORT_TYPE_ASYNC		0	/* Async */
212 #define RADIUS_NAS_PORT_TYPE_SYNC		1	/* Sync */
213 #define RADIUS_NAS_PORT_TYPE_ISDN_SYNC		2	/* ISDN Sync */
214 #define RADIUS_NAS_PORT_TYPE_ISDN_ASYNC_V120	3	/* ISDN Async V.120 */
215 #define RADIUS_NAS_PORT_TYPE_ISDN_ASYNC_V110	4	/* ISDN Async V.110 */
216 #define RADIUS_NAS_PORT_TYPE_VIRTUAL		5	/* Virtual */
217 #define RADIUS_NAS_PORT_TYPE_PIAFS		6	/* PIAFS */
218 #define RADIUS_NAS_PORT_TYPE_HDLC_CLEAR_CHANNEL	7	/* HDLC Clear Channel */
219 #define RADIUS_NAS_PORT_TYPE_X_25		8	/* X.25 */
220 #define RADIUS_NAS_PORT_TYPE_X_75		9	/* X.75 */
221 #define RADIUS_NAS_PORT_TYPE_G3_FAX		10	/* G.3 Fax */
222 #define RADIUS_NAS_PORT_TYPE_SDSL		11	/* SDSL - Symmetric DSL */
223 #define RADIUS_NAS_PORT_TYPE_ADSL_CAP		12	/* ADSL-CAP - Asymmetric
224 							 * DSL, Carrierless
225 							 * Amplitude Phase
226 							 * Modulation */
227 #define RADIUS_NAS_PORT_TYPE_ADSL_DMT		13	/* ADSL-DMT - Asymmetric
228 							 * DSL, Discrete
229 							 * Multi-Tone */
230 #define RADIUS_NAS_PORT_TYPE_IDSL		14	/* IDSL - ISDN Digital
231 							 * Subscriber Line */
232 #define RADIUS_NAS_PORT_TYPE_ETHERNET		15	/* Ethernet */
233 #define RADIUS_NAS_PORT_TYPE_XDSL		16	/* xDSL - Digital
234 							 * Subscriber Line of
235 							 * unknown type */
236 #define RADIUS_NAS_PORT_TYPE_CABLE		17	/* Cable */
237 #define RADIUS_NAS_PORT_TYPE_WIRELESS		18	/* Wireless - Other */
238 #define RADIUS_NAS_PORT_TYPE_WIRELESS_802_11	19	/* Wireless - IEEE
239 							 * 802.11 */
240 
241 
242 /* RFC 2866 5.1.  Acct-Status-Type */
243 #define RADIUS_ACCT_STATUS_TYPE_START		1	/* Start */
244 #define RADIUS_ACCT_STATUS_TYPE_STOP		2	/* Stop */
245 #define RADIUS_ACCT_STATUS_TYPE_INTERIM_UPDATE	3	/* Interim-Update */
246 #define RADIUS_ACCT_STATUS_TYPE_ACCT_ON		7	/* Accounting-On */
247 #define RADIUS_ACCT_STATUS_TYPE_ACCT_OFF	8	/* Accounting-Off */
248 
249 
250 /* RFC 2866 5.6.  Acct-Authentic */
251 #define RADIUS_ACCT_AUTHENTIC_RADIUS		1	/* RADIUS */
252 #define RADIUS_ACCT_AUTHENTIC_LOCAL		2	/* Local */
253 #define RADIUS_ACCT_AUTHENTIC_REMOTE		3	/* Remote */
254 
255 
256 /* RFC 2866 5.10.  Acct-Terminate-Cause */
257 #define RADIUS_TERMNATE_CAUSE_USER_REQUEST	1	/* User Request */
258 #define RADIUS_TERMNATE_CAUSE_LOST_CARRIER	2	/* Lost Carrier */
259 #define RADIUS_TERMNATE_CAUSE_LOST_SERVICE	3	/* Lost Service */
260 #define RADIUS_TERMNATE_CAUSE_IDLE_TIMEOUT	4	/* Idle Timeout */
261 #define RADIUS_TERMNATE_CAUSE_SESSION_TIMEOUT	5	/* Session Timeout */
262 #define RADIUS_TERMNATE_CAUSE_ADMIN_RESET	6	/* Admin Reset */
263 #define RADIUS_TERMNATE_CAUSE_ADMIN_REBOOT	7	/* Admin Reboot */
264 #define RADIUS_TERMNATE_CAUSE_PORT_ERROR	8	/* Port Error */
265 #define RADIUS_TERMNATE_CAUSE_NAS_ERROR		9	/* NAS Error */
266 #define RADIUS_TERMNATE_CAUSE_NAS_RESET		10	/* NAS Request */
267 #define RADIUS_TERMNATE_CAUSE_NAS_REBOOT	11	/* NAS Reboot */
268 #define RADIUS_TERMNATE_CAUSE_PORT_UNNEEDED	12	/* Port Unneeded */
269 #define RADIUS_TERMNATE_CAUSE_PORT_PREEMPTED	13	/* Port Preempted */
270 #define RADIUS_TERMNATE_CAUSE_PORT_SUSPENDED	14	/* Port Suspended */
271 #define RADIUS_TERMNATE_CAUSE_SERVICE_UNAVAIL	15	/* Service Unavailable */
272 #define RADIUS_TERMNATE_CAUSE_CALLBACK		16	/* Callback */
273 #define RADIUS_TERMNATE_CAUSE_USER_ERROR	17	/* User Error */
274 #define RADIUS_TERMNATE_CAUSE_HOST_REQUEST	18	/* Host Request */
275 
276 
277 /* RFC 2868 3.1. Tunnel-Type */
278 #define RADIUS_TUNNEL_TYPE_PPTP		1	/* Point-to-Point Tunneling
279 						 * Protocol (PPTP) */
280 #define RADIUS_TUNNEL_TYPE_L2F		2	/* Layer Two Forwarding (L2F) */
281 #define RADIUS_TUNNEL_TYPE_L2TP		3	/* Layer Two Tunneling
282 						 * Protocol (L2TP) */
283 #define RADIUS_TUNNEL_TYPE_ATMP		4	/* Ascend Tunnel Management
284 						 * Protocol (ATMP) */
285 #define RADIUS_TUNNEL_TYPE_VTP		5	/* Virtual Tunneling Protocol
286 						 * (VTP) */
287 #define RADIUS_TUNNEL_TYPE_AH		6	/* IP Authentication Header in
288 						 * the Tunnel-mode (AH) */
289 #define RADIUS_TUNNEL_TYPE_IP		7	/* IP-in-IP Encapsulation
290 						 * (IP-IP) */
291 #define RADIUS_TUNNEL_TYPE_MOBILE	8	/* Minimal IP-in-IP
292 						 * Encapsulation (MIN-IP-IP) */
293 #define RADIUS_TUNNEL_TYPE_ESP		9	/* IP Encapsulating Security
294 						 * Payload in the Tunnel-mode
295 						 * (ESP) */
296 #define RADIUS_TUNNEL_TYPE_GRE		10	/* Generic Route Encapsulation
297 						 * (GRE) */
298 #define RADIUS_TUNNEL_TYPE_VDS		11	/* Bay Dial Virtual Services
299 						 * (DVS) */
300 #define RADIUS_TUNNEL_TYPE_IPIP		12	/* IP-in-IP Tunneling */
301 
302 
303 /* RFC 2868 3.2. Tunnel-Medium-Type */
304 #define RADIUS_TUNNEL_MEDIUM_TYPE_IPV4		1	/* IPv4 (IP version 4) */
305 #define RADIUS_TUNNEL_MEDIUM_TYPE_IPV6		2	/* IPv6 (IP version 6) */
306 #define RADIUS_TUNNEL_MEDIUM_TYPE_NSAP		3	/* NSAP */
307 #define RADIUS_TUNNEL_MEDIUM_TYPE_HDLC		4	/* HDLC (8-bit
308 							 * multidrop) */
309 #define RADIUS_TUNNEL_MEDIUM_TYPE_BBN1822	5	/* BBN 1822 */
310 #define RADIUS_TUNNEL_MEDIUM_TYPE_802		6	/* 802 (includes all 802
311 							 * media plus Ethernet
312 							 * "canonical format")*/
313 #define RADIUS_TUNNEL_MEDIUM_TYPE_E163		7	/* E.163 (POTS) */
314 #define RADIUS_TUNNEL_MEDIUM_TYPE_E164		8	/* E.164 (SMDS, Frame
315 							 * Relay, ATM) */
316 
317 
318 
319 #include <sys/cdefs.h>
320 
321 __BEGIN_DECLS
322 
323 /******* packet manipulation support *******/
324 
325 typedef struct _RADIUS_PACKET RADIUS_PACKET;
326 
327 /* constructors */
328 RADIUS_PACKET	*radius_new_request_packet(uint8_t);
329 RADIUS_PACKET	*radius_new_response_packet(uint8_t, const RADIUS_PACKET *);
330 RADIUS_PACKET	*radius_convert_packet(const void *, size_t);
331 
332 /* destructor */
333 int		 radius_delete_packet(RADIUS_PACKET *);
334 
335 /* accessors - header values */
336 uint8_t		 radius_get_id(const RADIUS_PACKET *);
337 void		 radius_update_id(RADIUS_PACKET * packet);
338 void		 radius_set_id(RADIUS_PACKET *, uint8_t);
339 uint8_t		 radius_get_code(const RADIUS_PACKET *);
340 void		 radius_get_authenticator(const RADIUS_PACKET *, void *);
341 void		 radius_set_request_packet(RADIUS_PACKET *,
342 		    const RADIUS_PACKET *);
343 const RADIUS_PACKET *
344 		 radius_get_request_packet(const RADIUS_PACKET *);
345 int		 radius_check_response_authenticator(const RADIUS_PACKET *,
346 		    const char *);
347 int		 radius_check_accounting_request_authenticator(
348 		    const RADIUS_PACKET *, const char *);
349 uint8_t		*radius_get_authenticator_retval(const RADIUS_PACKET *);
350 uint8_t		*radius_get_request_authenticator_retval(const RADIUS_PACKET *);
351 void		 radius_set_accounting_request_authenticator(RADIUS_PACKET *,
352 		    const char *);
353 void		 radius_set_response_authenticator(RADIUS_PACKET *,
354 		    const char *);
355 uint16_t	 radius_get_length(const RADIUS_PACKET *);
356 const void	*radius_get_data(const RADIUS_PACKET *);
357 
358 int		 radius_get_raw_attr(const RADIUS_PACKET *, uint8_t, void *,
359 		    size_t *);
360 int		 radius_get_vs_raw_attr(const RADIUS_PACKET *, uint32_t,
361 		    uint8_t, void *, size_t *);
362 int		 radius_put_raw_attr(RADIUS_PACKET *, uint8_t, const void *,
363 		    size_t);
364 int		 radius_put_vs_raw_attr(RADIUS_PACKET *, uint32_t, uint8_t,
365 		    const void *, size_t);
366 int		 radius_get_raw_attr_ptr(const RADIUS_PACKET *, uint8_t,
367 		    const void **, size_t *);
368 int		 radius_get_vs_raw_attr_ptr(const RADIUS_PACKET *, uint32_t,
369 		    uint8_t, const void **, size_t *);
370 int		 radius_get_raw_attr_cat(const RADIUS_PACKET *, uint8_t,
371 		    void *, size_t *);
372 int		 radius_get_vs_raw_attr_cat(const RADIUS_PACKET *, uint32_t,
373 		    uint8_t, void *, size_t *);
374 int		 radius_put_raw_attr_cat(RADIUS_PACKET *, uint8_t,
375 		    const void *, size_t);
376 int		 radius_put_vs_raw_attr_cat(RADIUS_PACKET *, uint32_t, uint8_t,
377 		    const void *, size_t);
378 int		 radius_set_raw_attr(RADIUS_PACKET *, uint8_t, const void *,
379 		    size_t);
380 int		 radius_set_vs_raw_attr(RADIUS_PACKET *, uint32_t, uint8_t,
381 		    const void *, size_t);
382 
383 int		 radius_del_attr_all(RADIUS_PACKET *, uint8_t);
384 int		 radius_del_vs_attr_all(RADIUS_PACKET *, uint32_t, uint8_t);
385 
386 bool		 radius_has_attr(const RADIUS_PACKET *, uint8_t);
387 bool		 radius_has_vs_attr(const RADIUS_PACKET *, uint32_t, uint8_t);
388 
389 /* typed attribute accessor (string) */
390 int		 radius_get_string_attr(const RADIUS_PACKET *, uint8_t, char *,
391 		    size_t);
392 int		 radius_get_vs_string_attr(const RADIUS_PACKET *, uint32_t,
393 		    uint8_t, char *, size_t);
394 int		 radius_put_string_attr(RADIUS_PACKET *, uint8_t, const char *);
395 int		 radius_put_vs_string_attr(RADIUS_PACKET *, uint32_t, uint8_t,
396 		    const char *);
397 
398 /* typed attribute accessor (uint16_t) */
399 int		 radius_get_uint16_attr(const RADIUS_PACKET *,
400 		    uint8_t, uint16_t *);
401 int		 radius_get_vs_uint16_attr(const RADIUS_PACKET *,
402 		    uint32_t, uint8_t, uint16_t *);
403 int		 radius_put_uint16_attr(RADIUS_PACKET *,
404 		    uint8_t, const uint16_t);
405 int		 radius_put_vs_uint16_attr(RADIUS_PACKET *,
406 		    uint32_t, uint8_t, const uint16_t);
407 int		 radius_set_uint16_attr(RADIUS_PACKET *,
408 		    uint8_t, const uint16_t);
409 int		 radius_set_vs_uint16_attr(RADIUS_PACKET *,
410 		    uint32_t, uint8_t, const uint16_t);
411 
412 /* typed attribute accessor (uint32_t) */
413 int		 radius_get_uint32_attr(const RADIUS_PACKET *,
414 		    uint8_t, uint32_t *);
415 int		 radius_get_vs_uint32_attr(const RADIUS_PACKET *,
416 		    uint32_t, uint8_t, uint32_t *);
417 int		 radius_put_uint32_attr(RADIUS_PACKET *,
418 		    uint8_t, const uint32_t);
419 int		 radius_put_vs_uint32_attr(RADIUS_PACKET *,
420 		    uint32_t, uint8_t, const uint32_t);
421 int		 radius_set_uint32_attr(RADIUS_PACKET *,
422 		    uint8_t, const uint32_t);
423 int		 radius_set_vs_uint32_attr(RADIUS_PACKET *,
424 		    uint32_t, uint8_t, const uint32_t);
425 
426 /* typed attribute accessor (uint64_t) */
427 int		 radius_get_uint64_attr(const RADIUS_PACKET *,
428 		    uint8_t, uint64_t *);
429 int		 radius_get_vs_uint64_attr(const RADIUS_PACKET *,
430 		    uint32_t, uint8_t, uint64_t *);
431 int		 radius_put_uint64_attr(RADIUS_PACKET *,
432 		    uint8_t, const uint64_t);
433 int		 radius_put_vs_uint64_attr(RADIUS_PACKET *,
434 		    uint32_t, uint8_t, const uint64_t);
435 int		 radius_set_uint64_attr(RADIUS_PACKET *,
436 		    uint8_t, const uint64_t);
437 int		 radius_set_vs_uint64_attr(RADIUS_PACKET *,
438 		    uint32_t, uint8_t, const uint64_t);
439 
440 /* typed attribute accessor (ipv4) */
441 int		 radius_get_ipv4_attr(const RADIUS_PACKET *,
442 		    uint8_t, struct in_addr *);
443 int		 radius_get_vs_ipv4_attr(const RADIUS_PACKET *,
444 		    uint32_t, uint8_t, struct in_addr *);
445 int		 radius_put_ipv4_attr(RADIUS_PACKET *,
446 		    uint8_t, const struct in_addr);
447 int		 radius_put_vs_ipv4_attr(RADIUS_PACKET *,
448 		    uint32_t, uint8_t, const struct in_addr);
449 int		 radius_set_ipv4_attr(RADIUS_PACKET *,
450 		    uint8_t, const struct in_addr);
451 int		 radius_set_vs_ipv4_attr(RADIUS_PACKET *,
452 		    uint32_t, uint8_t, const struct in_addr);
453 
454 /* typed attribute accessor (ipv6) */
455 int		 radius_get_ipv6_attr(const RADIUS_PACKET *,
456 		    uint8_t, struct in6_addr *);
457 int		 radius_get_vs_ipv6_attr(const RADIUS_PACKET *,
458 		    uint32_t, uint8_t, struct in6_addr *);
459 int		 radius_put_ipv6_attr(RADIUS_PACKET *,
460 		    uint8_t, const struct in6_addr *);
461 int		 radius_put_vs_ipv6_attr(RADIUS_PACKET *,
462 		    uint32_t, uint8_t, const struct in6_addr *);
463 int		 radius_set_ipv6_attr(RADIUS_PACKET *,
464 		    uint8_t, const struct in6_addr *);
465 int		 radius_set_vs_ipv6_attr(RADIUS_PACKET *,
466 		    uint32_t, uint8_t, const struct in6_addr *);
467 
468 /* message authenticator */
469 int		 radius_put_message_authenticator(RADIUS_PACKET *,
470 		    const char *);
471 int		 radius_set_message_authenticator(RADIUS_PACKET *,
472 		    const char *);
473 int		 radius_check_message_authenticator(RADIUS_PACKET *,
474 		    const char *);
475 
476 /* encryption */
477 int		 radius_encrypt_user_password_attr(void *, size_t *,
478 		    const char *, const void *, const char *);
479 int		 radius_decrypt_user_password_attr(char *, size_t,
480 		    const void *, size_t, const void *, const char *);
481 int		 radius_encrypt_mppe_key_attr(void *, size_t *,
482 		    const void *, size_t, const void *, const char *);
483 int		 radius_decrypt_mppe_key_attr(void *, size_t *, const void *,
484 		    size_t, const void *, const char *);
485 
486 /* encrypted attribute */
487 int		 radius_get_user_password_attr(const RADIUS_PACKET *,
488 		    char *, size_t, const char *);
489 int		 radius_put_user_password_attr(RADIUS_PACKET *,
490 		    const char *, const char *);
491 int		 radius_get_mppe_send_key_attr(const RADIUS_PACKET *, void *,
492 		    size_t *, const char *);
493 int		 radius_put_mppe_send_key_attr(RADIUS_PACKET *,
494 		    const void *, size_t, const char *);
495 int		 radius_get_mppe_recv_key_attr(const RADIUS_PACKET *,
496 		    void *, size_t *, const char *);
497 int		 radius_put_mppe_recv_key_attr(RADIUS_PACKET *, const void *,
498 		    size_t, const char *);
499 
500 int		 radius_get_eap_msk(const RADIUS_PACKET *, void *, size_t *,
501 		    const char *);
502 
503 /* helpers */
504 RADIUS_PACKET	*radius_recvfrom(int, int, struct sockaddr *, socklen_t *);
505 int		 radius_sendto(int, const RADIUS_PACKET *, int flags,
506 		    const struct sockaddr *, socklen_t);
507 RADIUS_PACKET	*radius_recv(int, int);
508 int		 radius_send(int, const RADIUS_PACKET *, int);
509 RADIUS_PACKET	*radius_recvmsg(int, struct msghdr *, int);
510 int		 radius_sendmsg(int, const RADIUS_PACKET *,
511 		    const struct msghdr *, int);
512 
513 __END_DECLS
514 
515 #endif
516