|
wpa_supplicant / hostapd 2.0
|
|
wpa_supplicant / hostapd 2.0
|
00001 00010 #ifndef RADIUS_H 00011 #define RADIUS_H 00012 00013 /* RFC 2865 - RADIUS */ 00014 00015 #ifdef _MSC_VER 00016 #pragma pack(push, 1) 00017 #endif /* _MSC_VER */ 00018 00019 struct radius_hdr { 00020 u8 code; 00021 u8 identifier; 00022 u16 length; /* including this header */ 00023 u8 authenticator[16]; 00024 /* followed by length-20 octets of attributes */ 00025 } STRUCT_PACKED; 00026 00027 enum { RADIUS_CODE_ACCESS_REQUEST = 1, 00028 RADIUS_CODE_ACCESS_ACCEPT = 2, 00029 RADIUS_CODE_ACCESS_REJECT = 3, 00030 RADIUS_CODE_ACCOUNTING_REQUEST = 4, 00031 RADIUS_CODE_ACCOUNTING_RESPONSE = 5, 00032 RADIUS_CODE_ACCESS_CHALLENGE = 11, 00033 RADIUS_CODE_STATUS_SERVER = 12, 00034 RADIUS_CODE_STATUS_CLIENT = 13, 00035 RADIUS_CODE_RESERVED = 255 00036 }; 00037 00038 struct radius_attr_hdr { 00039 u8 type; 00040 u8 length; /* including this header */ 00041 /* followed by length-2 octets of attribute value */ 00042 } STRUCT_PACKED; 00043 00044 #define RADIUS_MAX_ATTR_LEN (255 - sizeof(struct radius_attr_hdr)) 00045 00046 enum { RADIUS_ATTR_USER_NAME = 1, 00047 RADIUS_ATTR_USER_PASSWORD = 2, 00048 RADIUS_ATTR_NAS_IP_ADDRESS = 4, 00049 RADIUS_ATTR_NAS_PORT = 5, 00050 RADIUS_ATTR_FRAMED_MTU = 12, 00051 RADIUS_ATTR_REPLY_MESSAGE = 18, 00052 RADIUS_ATTR_STATE = 24, 00053 RADIUS_ATTR_CLASS = 25, 00054 RADIUS_ATTR_VENDOR_SPECIFIC = 26, 00055 RADIUS_ATTR_SESSION_TIMEOUT = 27, 00056 RADIUS_ATTR_IDLE_TIMEOUT = 28, 00057 RADIUS_ATTR_TERMINATION_ACTION = 29, 00058 RADIUS_ATTR_CALLED_STATION_ID = 30, 00059 RADIUS_ATTR_CALLING_STATION_ID = 31, 00060 RADIUS_ATTR_NAS_IDENTIFIER = 32, 00061 RADIUS_ATTR_PROXY_STATE = 33, 00062 RADIUS_ATTR_ACCT_STATUS_TYPE = 40, 00063 RADIUS_ATTR_ACCT_DELAY_TIME = 41, 00064 RADIUS_ATTR_ACCT_INPUT_OCTETS = 42, 00065 RADIUS_ATTR_ACCT_OUTPUT_OCTETS = 43, 00066 RADIUS_ATTR_ACCT_SESSION_ID = 44, 00067 RADIUS_ATTR_ACCT_AUTHENTIC = 45, 00068 RADIUS_ATTR_ACCT_SESSION_TIME = 46, 00069 RADIUS_ATTR_ACCT_INPUT_PACKETS = 47, 00070 RADIUS_ATTR_ACCT_OUTPUT_PACKETS = 48, 00071 RADIUS_ATTR_ACCT_TERMINATE_CAUSE = 49, 00072 RADIUS_ATTR_ACCT_MULTI_SESSION_ID = 50, 00073 RADIUS_ATTR_ACCT_LINK_COUNT = 51, 00074 RADIUS_ATTR_ACCT_INPUT_GIGAWORDS = 52, 00075 RADIUS_ATTR_ACCT_OUTPUT_GIGAWORDS = 53, 00076 RADIUS_ATTR_EVENT_TIMESTAMP = 55, 00077 RADIUS_ATTR_NAS_PORT_TYPE = 61, 00078 RADIUS_ATTR_TUNNEL_TYPE = 64, 00079 RADIUS_ATTR_TUNNEL_MEDIUM_TYPE = 65, 00080 RADIUS_ATTR_TUNNEL_PASSWORD = 69, 00081 RADIUS_ATTR_CONNECT_INFO = 77, 00082 RADIUS_ATTR_EAP_MESSAGE = 79, 00083 RADIUS_ATTR_MESSAGE_AUTHENTICATOR = 80, 00084 RADIUS_ATTR_TUNNEL_PRIVATE_GROUP_ID = 81, 00085 RADIUS_ATTR_ACCT_INTERIM_INTERVAL = 85, 00086 RADIUS_ATTR_CHARGEABLE_USER_IDENTITY = 89, 00087 RADIUS_ATTR_NAS_IPV6_ADDRESS = 95 00088 }; 00089 00090 00091 /* Termination-Action */ 00092 #define RADIUS_TERMINATION_ACTION_DEFAULT 0 00093 #define RADIUS_TERMINATION_ACTION_RADIUS_REQUEST 1 00094 00095 /* NAS-Port-Type */ 00096 #define RADIUS_NAS_PORT_TYPE_IEEE_802_11 19 00097 00098 /* Acct-Status-Type */ 00099 #define RADIUS_ACCT_STATUS_TYPE_START 1 00100 #define RADIUS_ACCT_STATUS_TYPE_STOP 2 00101 #define RADIUS_ACCT_STATUS_TYPE_INTERIM_UPDATE 3 00102 #define RADIUS_ACCT_STATUS_TYPE_ACCOUNTING_ON 7 00103 #define RADIUS_ACCT_STATUS_TYPE_ACCOUNTING_OFF 8 00104 00105 /* Acct-Authentic */ 00106 #define RADIUS_ACCT_AUTHENTIC_RADIUS 1 00107 #define RADIUS_ACCT_AUTHENTIC_LOCAL 2 00108 #define RADIUS_ACCT_AUTHENTIC_REMOTE 3 00109 00110 /* Acct-Terminate-Cause */ 00111 #define RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST 1 00112 #define RADIUS_ACCT_TERMINATE_CAUSE_LOST_CARRIER 2 00113 #define RADIUS_ACCT_TERMINATE_CAUSE_LOST_SERVICE 3 00114 #define RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT 4 00115 #define RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT 5 00116 #define RADIUS_ACCT_TERMINATE_CAUSE_ADMIN_RESET 6 00117 #define RADIUS_ACCT_TERMINATE_CAUSE_ADMIN_REBOOT 7 00118 #define RADIUS_ACCT_TERMINATE_CAUSE_PORT_ERROR 8 00119 #define RADIUS_ACCT_TERMINATE_CAUSE_NAS_ERROR 9 00120 #define RADIUS_ACCT_TERMINATE_CAUSE_NAS_REQUEST 10 00121 #define RADIUS_ACCT_TERMINATE_CAUSE_NAS_REBOOT 11 00122 #define RADIUS_ACCT_TERMINATE_CAUSE_PORT_UNNEEDED 12 00123 #define RADIUS_ACCT_TERMINATE_CAUSE_PORT_PREEMPTED 13 00124 #define RADIUS_ACCT_TERMINATE_CAUSE_PORT_SUSPENDED 14 00125 #define RADIUS_ACCT_TERMINATE_CAUSE_SERVICE_UNAVAILABLE 15 00126 #define RADIUS_ACCT_TERMINATE_CAUSE_CALLBACK 16 00127 #define RADIUS_ACCT_TERMINATE_CAUSE_USER_ERROR 17 00128 #define RADIUS_ACCT_TERMINATE_CAUSE_HOST_REQUEST 18 00129 00130 #define RADIUS_TUNNEL_TAGS 32 00131 00132 /* Tunnel-Type */ 00133 #define RADIUS_TUNNEL_TYPE_PPTP 1 00134 #define RADIUS_TUNNEL_TYPE_L2TP 3 00135 #define RADIUS_TUNNEL_TYPE_IPIP 7 00136 #define RADIUS_TUNNEL_TYPE_GRE 10 00137 #define RADIUS_TUNNEL_TYPE_VLAN 13 00138 00139 /* Tunnel-Medium-Type */ 00140 #define RADIUS_TUNNEL_MEDIUM_TYPE_IPV4 1 00141 #define RADIUS_TUNNEL_MEDIUM_TYPE_IPV6 2 00142 #define RADIUS_TUNNEL_MEDIUM_TYPE_802 6 00143 00144 00145 struct radius_attr_vendor { 00146 u8 vendor_type; 00147 u8 vendor_length; 00148 } STRUCT_PACKED; 00149 00150 #define RADIUS_VENDOR_ID_CISCO 9 00151 #define RADIUS_CISCO_AV_PAIR 1 00152 00153 /* RFC 2548 - Microsoft Vendor-specific RADIUS Attributes */ 00154 #define RADIUS_VENDOR_ID_MICROSOFT 311 00155 00156 enum { RADIUS_VENDOR_ATTR_MS_MPPE_SEND_KEY = 16, 00157 RADIUS_VENDOR_ATTR_MS_MPPE_RECV_KEY = 17 00158 }; 00159 00160 #ifdef _MSC_VER 00161 #pragma pack(pop) 00162 #endif /* _MSC_VER */ 00163 00164 struct radius_ms_mppe_keys { 00165 u8 *send; 00166 size_t send_len; 00167 u8 *recv; 00168 size_t recv_len; 00169 }; 00170 00171 00172 struct radius_msg; 00173 00174 /* Default size to be allocated for new RADIUS messages */ 00175 #define RADIUS_DEFAULT_MSG_SIZE 1024 00176 00177 /* Default size to be allocated for attribute array */ 00178 #define RADIUS_DEFAULT_ATTR_COUNT 16 00179 00180 00181 /* MAC address ASCII format for IEEE 802.1X use 00182 * (draft-congdon-radius-8021x-20.txt) */ 00183 #define RADIUS_802_1X_ADDR_FORMAT "%02X-%02X-%02X-%02X-%02X-%02X" 00184 /* MAC address ASCII format for non-802.1X use */ 00185 #define RADIUS_ADDR_FORMAT "%02x%02x%02x%02x%02x%02x" 00186 00187 struct radius_hdr * radius_msg_get_hdr(struct radius_msg *msg); 00188 struct wpabuf * radius_msg_get_buf(struct radius_msg *msg); 00189 struct radius_msg * radius_msg_new(u8 code, u8 identifier); 00190 void radius_msg_free(struct radius_msg *msg); 00191 void radius_msg_dump(struct radius_msg *msg); 00192 int radius_msg_finish(struct radius_msg *msg, const u8 *secret, 00193 size_t secret_len); 00194 int radius_msg_finish_srv(struct radius_msg *msg, const u8 *secret, 00195 size_t secret_len, const u8 *req_authenticator); 00196 void radius_msg_finish_acct(struct radius_msg *msg, const u8 *secret, 00197 size_t secret_len); 00198 struct radius_attr_hdr * radius_msg_add_attr(struct radius_msg *msg, u8 type, 00199 const u8 *data, size_t data_len); 00200 struct radius_msg * radius_msg_parse(const u8 *data, size_t len); 00201 int radius_msg_add_eap(struct radius_msg *msg, const u8 *data, 00202 size_t data_len); 00203 u8 *radius_msg_get_eap(struct radius_msg *msg, size_t *len); 00204 int radius_msg_verify(struct radius_msg *msg, const u8 *secret, 00205 size_t secret_len, struct radius_msg *sent_msg, 00206 int auth); 00207 int radius_msg_verify_msg_auth(struct radius_msg *msg, const u8 *secret, 00208 size_t secret_len, const u8 *req_auth); 00209 int radius_msg_copy_attr(struct radius_msg *dst, struct radius_msg *src, 00210 u8 type); 00211 void radius_msg_make_authenticator(struct radius_msg *msg, 00212 const u8 *data, size_t len); 00213 struct radius_ms_mppe_keys * 00214 radius_msg_get_ms_keys(struct radius_msg *msg, struct radius_msg *sent_msg, 00215 const u8 *secret, size_t secret_len); 00216 struct radius_ms_mppe_keys * 00217 radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg, 00218 const u8 *secret, size_t secret_len); 00219 int radius_msg_add_mppe_keys(struct radius_msg *msg, 00220 const u8 *req_authenticator, 00221 const u8 *secret, size_t secret_len, 00222 const u8 *send_key, size_t send_key_len, 00223 const u8 *recv_key, size_t recv_key_len); 00224 struct radius_attr_hdr * 00225 radius_msg_add_attr_user_password(struct radius_msg *msg, 00226 const u8 *data, size_t data_len, 00227 const u8 *secret, size_t secret_len); 00228 int radius_msg_get_attr(struct radius_msg *msg, u8 type, u8 *buf, size_t len); 00229 int radius_msg_get_vlanid(struct radius_msg *msg); 00230 char * radius_msg_get_tunnel_password(struct radius_msg *msg, int *keylen, 00231 const u8 *secret, size_t secret_len, 00232 struct radius_msg *sent_msg); 00233 00234 static inline int radius_msg_add_attr_int32(struct radius_msg *msg, u8 type, 00235 u32 value) 00236 { 00237 u32 val = htonl(value); 00238 return radius_msg_add_attr(msg, type, (u8 *) &val, 4) != NULL; 00239 } 00240 00241 static inline int radius_msg_get_attr_int32(struct radius_msg *msg, u8 type, 00242 u32 *value) 00243 { 00244 u32 val; 00245 int res; 00246 res = radius_msg_get_attr(msg, type, (u8 *) &val, 4); 00247 if (res != 4) 00248 return -1; 00249 00250 *value = ntohl(val); 00251 return 0; 00252 } 00253 int radius_msg_get_attr_ptr(struct radius_msg *msg, u8 type, u8 **buf, 00254 size_t *len, const u8 *start); 00255 int radius_msg_count_attr(struct radius_msg *msg, u8 type, int min_len); 00256 00257 00258 struct radius_attr_data { 00259 u8 *data; 00260 size_t len; 00261 }; 00262 00263 struct radius_class_data { 00264 struct radius_attr_data *attr; 00265 size_t count; 00266 }; 00267 00268 void radius_free_class(struct radius_class_data *c); 00269 int radius_copy_class(struct radius_class_data *dst, 00270 const struct radius_class_data *src); 00271 00272 #endif /* RADIUS_H */ 00273
1.7.3
