radius.h

gnu 的radius服务器很好用的

/* This file is part of GNU Radius.
   Copyright (C) 2000,2001,2002,2003,2004 Free Software Foundation, Inc.

   Written by Sergey Poznyakoff
  
   GNU Radius is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.
  
   GNU Radius is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
  
   You should have received a copy of the GNU General Public License
   along with GNU Radius; if not, write to the Free Software Foundation,
   Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */

#ifndef _gnu_radius_radius_h
#define _gnu_radius_radius_h

#include <radius/types.h>
#include <radius/list.h>
#include <radius/envar.h>
#include <radius/mem.h>
#include <radius/dictionary.h>
#include <stdarg.h>

#ifdef HAVE_SYS_TIME_H
# include <sys/time.h>
# ifdef TIME_WITH_SYS_TIME
#  include <time.h>
# endif
#else
# include <time.h>
#endif

struct obstack;

/* Length of an IPv4 address in 'dotted-quad' representation including
   null terminator */
#define GRAD_IPV4_STRING_LENGTH        16

/* Length of a RADIUS request authenticator */
#define GRAD_AUTHENTICATOR_LENGTH      16
/* Length of an MD5 digest */
#define GRAD_MD5_DIGEST_LENGTH         16
/* Maximum length of a string that can be carried by a RADIUS A/V pair */
#define GRAD_STRING_LENGTH            253
/* Length of a CHAP digest string */ 
#define GRAD_CHAP_VALUE_LENGTH         16

typedef struct {
        u_char code;            /* Request code (see RT_ macros below)*/ 
        u_char id;              /* Request ID */
        u_short length;         /* Request length */ 
        u_char authenticator[GRAD_AUTHENTICATOR_LENGTH];
	                        /* Request authenticator */
} grad_packet_header_t;

/* Radius data types */
#define GRAD_TYPE_INVALID              -1
#define GRAD_TYPE_STRING                0
#define GRAD_TYPE_INTEGER               1
#define GRAD_TYPE_IPADDR                2
#define GRAD_TYPE_DATE                  3

/* Request types */
#define RT_ACCESS_REQUEST               1
#define RT_ACCESS_ACCEPT                2
#define RT_ACCESS_REJECT                3
#define RT_ACCOUNTING_REQUEST           4
#define RT_ACCOUNTING_RESPONSE          5
#define RT_ACCOUNTING_STATUS            6
#define RT_PASSWORD_REQUEST             7
#define RT_PASSWORD_ACK                 8
#define RT_PASSWORD_REJECT              9
#define RT_ACCOUNTING_MESSAGE           10
#define RT_ACCESS_CHALLENGE             11
#define RT_STATUS_SERVER                12
#define RT_STATUS_CLIENT                13

/* These are not implemented yet */
#define RT_ASCEND_TERMINATE_SESSION     31
#define RT_ASCEND_EVENT_REQUEST         33
#define RT_ASCEND_EVENT_RESPONSE        34
#define RT_ASCEND_ALLOCATE_IP           51
#define RT_ASCEND_RELEASE_IP            52

/* Basic structures */

enum grad_operator {
        grad_operator_equal = 0,             /* = */
        grad_operator_not_equal,             /* != */
        grad_operator_less_than,             /* < */
        grad_operator_greater_than,          /* > */
        grad_operator_less_equal,            /* <= */
        grad_operator_greater_equal,         /* >= */
	grad_operator_invalid                /* Invalid operator */
#define GRAD_NUM_OPERATORS grad_operator_invalid /* number of operators */
};

/* ************************** Data structures ****************************** */

#define GRAD_MAX_DICTNAME  32
#define GRAD_MAX_SECRETLEN 32
#define GRAD_MAX_REALMNAME 256
#define GRAD_MAX_LONGNAME  256
#define GRAD_MAX_SHORTNAME 32

/* Attribute flags and properties:

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | A | E |   P   | LHS | RHS |     USER FLAGS    |               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   A - Additivity bits
   E - Encryption bits
   P - Property flags
   LHS - Syntax flags for LHS
   RHS - Syntax flags for RHS
   
   Bits 7 and 24-31 are unused */

/* Attribute properties */
#define GRAD_AP_ADD_REPLACE   0
#define GRAD_AP_ADD_APPEND    1
#define GRAD_AP_ADD_NONE      2

/* Encryption bits */
#define GRAD_AP_ENCRYPT_RFC2138 0x4 /* Encrypted per RFC 2138 */
#define GRAD_AP_ENCRYPT_RFC2868 0x8 /* Encrypted per RFC 2868 */

#define GRAD_AP_ENCRYPT (GRAD_AP_ENCRYPT_RFC2138|GRAD_AP_ENCRYPT_RFC2868)

#define GRAD_AP_PROPAGATE     0x10 /* Propagate attribute through the proxy
				      chain */
#define GRAD_AP_INTERNAL      0x20 /* Internal attribute. */
#define GRAD_AP_BINARY_STRING 0x40 /* Binary string value. No str..()
				      functions should be used */
#define GRAD_AP_TRANSLATE     0x80 /* Attribute has dictionary translations */
				 
#define GRAD_AP_USER_FLAG(n) (0x4000<<(n))

#define GRAD_GET_ADDITIVITY(val) ((val) & 0x3)
#define GRAD_SET_ADDITIVITY(val,a) ((val) = ((val) & ~0x3) | (a))

/* Configuration files types */
#define GRAD_CF_USERS      0
#define GRAD_CF_HINTS      1
#define GRAD_CF_HUNTGROUPS 2
#define GRAD_CF_MAX        3

#define GRAD_AF_LHS(cf) (0x0100<<(cf))
#define GRAD_AF_RHS(cf) (0x0800<<(cf))

#define GRAD_AF_DEFAULT_FLAGS (GRAD_AF_LHS(0)|GRAD_AF_LHS(1)|GRAD_AF_LHS(2)\
                               |GRAD_AF_RHS(0)|GRAD_AF_RHS(1)|GRAD_AF_RHS(2))
#define GRAD_AP_DEFAULT_ADD   GRAD_AP_ADD_APPEND


#define GRAD_PORT_AUTH 0
#define GRAD_PORT_ACCT 1
#define GRAD_PORT_MAX  2

typedef struct {                
	char *file;             /* File name */
	size_t line;            /* Line number */
} grad_locus_t;

typedef struct {
	grad_uint32_t addr;     /* Server IP address */
	u_char id;              /* Current id */
} grad_server_id_t;

typedef struct netdef grad_netdef_t;
struct netdef {
        grad_uint32_t ipaddr;        /* IP address */
        grad_uint32_t netmask;       /* Network mask */
};

typedef struct radius_server grad_server_t;
struct radius_server {
        char   *name;           /* Symbolic name of this server */
        grad_uint32_t addr;     /* IP address of it */
        int    port[GRAD_PORT_MAX];  /* Ports to use */
        char   *secret;         /* Shared secret */
	off_t  id_offset;       /* Offset of the grad_server_id_t in the id
				   file */
};

typedef struct {
        grad_uint32_t source_ip; /* Source IP address for xmits */
        unsigned timeout;        /* Amount of time to wait for the response */
        unsigned retries;        /* Number of re-sends to each server before
				    giving up */
	size_t buffer_size;      /* Size of the recv buffer */
        grad_list_t   *servers;  /* List of servers */
} grad_server_queue_t;    

struct grad_value_pair;
typedef int (*grad_attr_parser_fp)(struct grad_value_pair *p, char **s);

/* Dictionary attribute */

typedef struct dict_attr grad_dict_attr_t;
struct dict_attr {
        char   *name;          /* Attribute name */
	int    value;          /* Attribute value */
	int    type;           /* Data type */
	int    vendor;         /* Vendor index */
	int    prop;           /* Properties */
	grad_attr_parser_fp parser; /* Not-NULL for "abinary" */
};

/* Dictionary value */
typedef struct dict_value {
        char *name;             /* Symbolic name */
        grad_dict_attr_t *attr; /* Attribute for which this value is defined */
        int value;              /* Numeric value */
} grad_dict_value_t;

/* Dictionary vendor information */
typedef struct dict_vendor {
        char *vendorname;       /* Symbolic name */
        int  vendorpec;         /* PEC */
        int  vendorcode;        /* Internal code of this vendor */
} grad_dict_vendor_t;

/* Attribute evaluation type */
enum grad_avp_eval_type {
	grad_eval_const,     /* Value is a constant */  
	grad_eval_interpret, /* avp_strvalue contains a Rewrite expression that
				must be interpreted */
	grad_eval_compiled   /* avp_strvalue contains a symbolic name of a
				compiled Rewrite expression. Use rewrite_eval()
				to evaluate it */
};

/* An attribute/value pair */
typedef struct grad_value_pair {
        struct grad_value_pair  *next;      /* Link to next A/V pair in list */
        char                    *name;      /* Attribute name */
        int                     attribute;  /* Attribute value */
        int                     type;       /* Data type */
        enum grad_avp_eval_type eval_type;  /* Evaluation flag */
        int                     prop;       /* Properties */ 
        enum grad_operator operator;        /* Comparison operator */
        union {
                grad_uint32_t   ival;       /* integer value */
                struct {
                        int     s_length;   /* length of s_value w/o
                                             * trailing 0
                                             */
                        char    *s_value;   /* string value */
                } string;
        } v;
        
#define avp_lvalue v.ival
#define avp_strvalue v.string.s_value
#define avp_strlength v.string.s_length

} grad_avp_t;

typedef struct grad_nas {
	grad_netdef_t netdef;
        char longname[GRAD_MAX_LONGNAME+1];
        char shortname[GRAD_MAX_SHORTNAME+1];
        char nastype[GRAD_MAX_DICTNAME+1];
        grad_envar_t *args;
        void *app_data;
} grad_nas_t;

typedef struct grad_realm {
        char realm[GRAD_MAX_REALMNAME+1];
	grad_envar_t *args;
	grad_server_queue_t *queue;
} grad_realm_t;

typedef struct grad_request {
        grad_uint32_t ipaddr;       /* Source IP address */
        u_short       udp_port;     /* Source port */
        u_char        id;           /* Request identifier */
        u_char        code;         /* Request code */
        u_char        authenticator[GRAD_AUTHENTICATOR_LENGTH];
	                            /* Request authenticator */
        u_char        *secret;      /* Shared secret */
        grad_avp_t    *avlist;      /* Request pairs */
} grad_request_t;

typedef struct grad_keyword grad_keyword_t;
struct grad_keyword {
        char *name;
        int tok;
};

typedef struct grad_matching_rule grad_matching_rule_t;
struct grad_matching_rule {
        char *name;
        grad_avp_t *lhs;
        grad_avp_t *rhs;
	grad_locus_t loc;
};

/* External variables */

extern char *radius_dir;
extern char *radlog_dir;
extern char *radacct_dir;