141118Sjdp/*- 241118Sjdp * Copyright 1998 Juniper Networks, Inc. 341118Sjdp * All rights reserved. 441118Sjdp * 541118Sjdp * Redistribution and use in source and binary forms, with or without 641118Sjdp * modification, are permitted provided that the following conditions 741118Sjdp * are met: 841118Sjdp * 1. Redistributions of source code must retain the above copyright 941118Sjdp * notice, this list of conditions and the following disclaimer. 1041118Sjdp * 2. Redistributions in binary form must reproduce the above copyright 1141118Sjdp * notice, this list of conditions and the following disclaimer in the 1241118Sjdp * documentation and/or other materials provided with the distribution. 1341118Sjdp * 1441118Sjdp * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 1541118Sjdp * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 1641118Sjdp * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 1741118Sjdp * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 1841118Sjdp * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 1941118Sjdp * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2041118Sjdp * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2141118Sjdp * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2241118Sjdp * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2341118Sjdp * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2441118Sjdp * SUCH DAMAGE. 2541118Sjdp * 2641118Sjdp * $FreeBSD$ 2741118Sjdp */ 2841118Sjdp 2941118Sjdp#ifndef RADLIB_PRIVATE_H 3041118Sjdp#define RADLIB_PRIVATE_H 3141118Sjdp 3241118Sjdp#include <sys/types.h> 3341118Sjdp#include <netinet/in.h> 3441118Sjdp 3541118Sjdp#include "radlib.h" 3696154Sbrian#include "radlib_vs.h" 3741118Sjdp 3852709Sjdp/* Handle types */ 3952709Sjdp#define RADIUS_AUTH 0 /* RADIUS authentication, default */ 4052709Sjdp#define RADIUS_ACCT 1 /* RADIUS accounting */ 41197086Smav#define RADIUS_SERVER 2 /* RADIUS server */ 4252709Sjdp 4341118Sjdp/* Defaults */ 4441118Sjdp#define MAXTRIES 3 4541118Sjdp#define PATH_RADIUS_CONF "/etc/radius.conf" 4641118Sjdp#define RADIUS_PORT 1812 4752709Sjdp#define RADACCT_PORT 1813 4841118Sjdp#define TIMEOUT 3 /* In seconds */ 49243956Ssem#define DEAD_TIME 0 5041118Sjdp 5141118Sjdp/* Limits */ 5241118Sjdp#define ERRSIZE 128 /* Maximum error message length */ 5341118Sjdp#define MAXCONFLINE 1024 /* Maximum config file line length */ 5441118Sjdp#define MAXSERVERS 10 /* Maximum number of servers to try */ 5541118Sjdp#define MSGSIZE 4096 /* Maximum RADIUS message */ 5641118Sjdp#define PASSSIZE 128 /* Maximum significant password chars */ 5741118Sjdp 5841118Sjdp/* Positions of fields in RADIUS messages */ 5941118Sjdp#define POS_CODE 0 /* Message code */ 6041118Sjdp#define POS_IDENT 1 /* Identifier */ 6141118Sjdp#define POS_LENGTH 2 /* Message length */ 6241118Sjdp#define POS_AUTH 4 /* Authenticator */ 6341118Sjdp#define LEN_AUTH 16 /* Length of authenticator */ 6441118Sjdp#define POS_ATTRS 20 /* Start of attributes */ 6541118Sjdp 6641118Sjdpstruct rad_server { 6741118Sjdp struct sockaddr_in addr; /* Address of server */ 6841118Sjdp char *secret; /* Shared secret */ 6941118Sjdp int timeout; /* Timeout in seconds */ 7041118Sjdp int max_tries; /* Number of tries before giving up */ 7141118Sjdp int num_tries; /* Number of tries so far */ 72243956Ssem int is_dead; /* The server did not answer last time */ 73243956Ssem time_t dead_time; /* Don't try this server for the time period if it is dead */ 74243956Ssem time_t next_probe; /* Time of a next probe after failure */ 75243956Ssem in_addr_t bindto; /* Bind to address */ 7641118Sjdp}; 7741118Sjdp 7841118Sjdpstruct rad_handle { 7941118Sjdp int fd; /* Socket file descriptor */ 8041118Sjdp struct rad_server servers[MAXSERVERS]; /* Servers to contact */ 8141118Sjdp int num_servers; /* Number of valid server entries */ 8241118Sjdp int ident; /* Current identifier value */ 8341118Sjdp char errmsg[ERRSIZE]; /* Most recent error message */ 84197086Smav unsigned char out[MSGSIZE]; /* Request to send */ 85197086Smav char out_created; /* rad_create_request() called? */ 86197086Smav int out_len; /* Length of request */ 8741118Sjdp char pass[PASSSIZE]; /* Cleartext password */ 8841118Sjdp int pass_len; /* Length of cleartext password */ 8941118Sjdp int pass_pos; /* Position of scrambled password */ 90197086Smav char chap_pass; /* Have we got a CHAP_PASSWORD ? */ 91128684Sru int authentic_pos; /* Position of message authenticator */ 92128684Sru char eap_msg; /* Are we an EAP Proxy? */ 93197086Smav unsigned char in[MSGSIZE]; /* Response received */ 94197086Smav int in_len; /* Length of response */ 95197086Smav int in_pos; /* Current position scanning attrs */ 9643662Sbrian int srv; /* Server number we did last */ 9752709Sjdp int type; /* Handle type */ 98243956Ssem in_addr_t bindto; /* Current bind address */ 9941118Sjdp}; 10041118Sjdp 10196154Sbrianstruct vendor_attribute { 10296154Sbrian u_int32_t vendor_value; 10396154Sbrian u_char attrib_type; 10496154Sbrian u_char attrib_len; 10596154Sbrian u_char attrib_data[1]; 10696154Sbrian}; 10796154Sbrian 10841118Sjdp#endif 109