hostap/src/radius/radius_client.h - nest-learning-thermostat/5.1.6/hostap - Git at Google

 /*
  * RADIUS client
  * Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
  */

 #ifndef RADIUS_CLIENT_H
 #define RADIUS_CLIENT_H

 #include "ip_addr.h"

 struct radius_msg;

 /**
  * struct hostapd_radius_server - RADIUS server information for RADIUS client
  *
  * This structure contains information about a RADIUS server. The values are
  * mainly for MIB information. The MIB variable prefix (radiusAuth or
  * radiusAcc) depends on whether this is an authentication or accounting
  * server.
  *
  * radiusAuthClientPendingRequests (or radiusAccClientPendingRequests) is the
  * number struct radius_client_data::msgs for matching msg_type.
  */
 struct hostapd_radius_server {
 	/**
 	 * addr - radiusAuthServerAddress or radiusAccServerAddress
 	 */
 	struct hostapd_ip_addr addr;

 	/**
 	 * port - radiusAuthClientServerPortNumber or radiusAccClientServerPortNumber
 	 */
 	int port;

 	/**
 	 * shared_secret - Shared secret for authenticating RADIUS messages
 	 */
 	u8 *shared_secret;

 	/**
 	 * shared_secret_len - Length of shared_secret in octets
 	 */
 	size_t shared_secret_len;

 	/* Dynamic (not from configuration file) MIB data */

 	/**
 	 * index - radiusAuthServerIndex or radiusAccServerIndex
 	 */
 	int index;

 	/**
 	 * round_trip_time - radiusAuthClientRoundTripTime or radiusAccClientRoundTripTime
 	 * Round-trip time in hundredths of a second.
 	 */
 	int round_trip_time;

 	/**
 	 * requests - radiusAuthClientAccessRequests or radiusAccClientRequests
 	 */
 	u32 requests;

 	/**
 	 * retransmissions - radiusAuthClientAccessRetransmissions or radiusAccClientRetransmissions
 	 */
 	u32 retransmissions;

 	/**
 	 * access_accepts - radiusAuthClientAccessAccepts
 	 */
 	u32 access_accepts;

 	/**
 	 * access_rejects - radiusAuthClientAccessRejects
 	 */
 	u32 access_rejects;

 	/**
 	 * access_challenges - radiusAuthClientAccessChallenges
 	 */
 	u32 access_challenges;

 	/**
 	 * responses - radiusAccClientResponses
 	 */
 	u32 responses;

 	/**
 	 * malformed_responses - radiusAuthClientMalformedAccessResponses or radiusAccClientMalformedResponses
 	 */
 	u32 malformed_responses;

 	/**
 	 * bad_authenticators - radiusAuthClientBadAuthenticators or radiusAccClientBadAuthenticators
 	 */
 	u32 bad_authenticators;

 	/**
 	 * timeouts - radiusAuthClientTimeouts or radiusAccClientTimeouts
 	 */
 	u32 timeouts;

 	/**
 	 * unknown_types - radiusAuthClientUnknownTypes or radiusAccClientUnknownTypes
 	 */
 	u32 unknown_types;

 	/**
 	 * packets_dropped - radiusAuthClientPacketsDropped or radiusAccClientPacketsDropped
 	 */
 	u32 packets_dropped;
 };

 /**
  * struct hostapd_radius_servers - RADIUS servers for RADIUS client
  */
 struct hostapd_radius_servers {
 	/**
 	 * auth_servers - RADIUS Authentication servers in priority order
 	 */
 	struct hostapd_radius_server *auth_servers;

 	/**
 	 * num_auth_servers - Number of auth_servers entries
 	 */
 	int num_auth_servers;

 	/**
 	 * auth_server - The current Authentication server
 	 */
 	struct hostapd_radius_server *auth_server;

 	/**
 	 * acct_servers - RADIUS Accounting servers in priority order
 	 */
 	struct hostapd_radius_server *acct_servers;

 	/**
 	 * num_acct_servers - Number of acct_servers entries
 	 */
 	int num_acct_servers;

 	/**
 	 * acct_server - The current Accounting server
 	 */
 	struct hostapd_radius_server *acct_server;

 	/**
 	 * retry_primary_interval - Retry interval for trying primary server
 	 *
 	 * This specifies a retry interval in sexconds for trying to return to
 	 * the primary RADIUS server. RADIUS client code will automatically try
 	 * to use the next server when the current server is not replying to
 	 * requests. If this interval is set (non-zero), the primary server
 	 * will be retried after the specified number of seconds has passed
 	 * even if the current used secondary server is still working.
 	 */
 	int retry_primary_interval;

 	/**
 	 * msg_dumps - Whether RADIUS message details are shown in stdout
 	 */
 	int msg_dumps;

 	/**
 	 * client_addr - Client (local) address to use if force_client_addr
 	 */
 	struct hostapd_ip_addr client_addr;

 	/**
 	 * force_client_addr - Whether to force client (local) address
 	 */
 	int force_client_addr;
 };


 /**
  * RadiusType - RADIUS server type for RADIUS client
  */
 typedef enum {
 	/**
 	 * RADIUS authentication
 	 */
 	RADIUS_AUTH,

 	/**
 	 * RADIUS_ACCT - RADIUS accounting
 	 */
 	RADIUS_ACCT,

 	/**
 	 * RADIUS_ACCT_INTERIM - RADIUS interim accounting message
 	 *
 	 * Used only with radius_client_send(). This behaves just like
 	 * RADIUS_ACCT, but removes any pending interim RADIUS Accounting
 	 * messages for the same STA before sending the new interim update.
 	 */
 	RADIUS_ACCT_INTERIM
 } RadiusType;

 /**
  * RadiusRxResult - RADIUS client RX handler result
  */
 typedef enum {
 	/**
 	 * RADIUS_RX_PROCESSED - Message processed
 	 *
 	 * This stops handler calls and frees the message.
 	 */
 	RADIUS_RX_PROCESSED,

 	/**
 	 * RADIUS_RX_QUEUED - Message has been queued
 	 *
 	 * This stops handler calls, but does not free the message; the handler
 	 * that returned this is responsible for eventually freeing the
 	 * message.
 	 */
 	RADIUS_RX_QUEUED,

 	/**
 	 * RADIUS_RX_UNKNOWN - Message is not for this handler
 	 */
 	RADIUS_RX_UNKNOWN,

 	/**
 	 * RADIUS_RX_INVALID_AUTHENTICATOR - Message has invalid Authenticator
 	 */
 	RADIUS_RX_INVALID_AUTHENTICATOR
 } RadiusRxResult;

 struct radius_client_data;

 int radius_client_register(struct radius_client_data *radius,
 			   RadiusType msg_type,
 			   RadiusRxResult (*handler)
 			   (struct radius_msg *msg, struct radius_msg *req,
 			    const u8 *shared_secret, size_t shared_secret_len,
 			    void *data),
 			   void *data);
 int radius_client_send(struct radius_client_data *radius,
 		       struct radius_msg *msg,
 		       RadiusType msg_type, const u8 *addr);
 u8 radius_client_get_id(struct radius_client_data *radius);
 void radius_client_flush(struct radius_client_data *radius, int only_auth);
 struct radius_client_data *
 radius_client_init(void *ctx, struct hostapd_radius_servers *conf);
 void radius_client_deinit(struct radius_client_data *radius);
 void radius_client_flush_auth(struct radius_client_data *radius,
 			      const u8 *addr);
 int radius_client_get_mib(struct radius_client_data *radius, char *buf,
 			  size_t buflen);
 void radius_client_reconfig(struct radius_client_data *radius,
 			    struct hostapd_radius_servers *conf);

 #endif /* RADIUS_CLIENT_H */
	/*
	* RADIUS client
	* Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
	*
	* This software may be distributed under the terms of the BSD license.
	* See README for more details.
	*/

	#ifndef RADIUS_CLIENT_H
	#define RADIUS_CLIENT_H

	#include "ip_addr.h"

	struct radius_msg;

	/**
	* struct hostapd_radius_server - RADIUS server information for RADIUS client
	*
	* This structure contains information about a RADIUS server. The values are
	* mainly for MIB information. The MIB variable prefix (radiusAuth or
	* radiusAcc) depends on whether this is an authentication or accounting
	* server.
	*
	* radiusAuthClientPendingRequests (or radiusAccClientPendingRequests) is the
	* number struct radius_client_data::msgs for matching msg_type.
	*/
	struct hostapd_radius_server {
	/**
	* addr - radiusAuthServerAddress or radiusAccServerAddress
	*/
	struct hostapd_ip_addr addr;

	/**
	* port - radiusAuthClientServerPortNumber or radiusAccClientServerPortNumber
	*/
	int port;

	/**
	* shared_secret - Shared secret for authenticating RADIUS messages
	*/
	u8 *shared_secret;

	/**
	* shared_secret_len - Length of shared_secret in octets
	*/
	size_t shared_secret_len;

	/* Dynamic (not from configuration file) MIB data */

	/**
	* index - radiusAuthServerIndex or radiusAccServerIndex
	*/
	int index;

	/**
	* round_trip_time - radiusAuthClientRoundTripTime or radiusAccClientRoundTripTime
	* Round-trip time in hundredths of a second.
	*/
	int round_trip_time;

	/**
	* requests - radiusAuthClientAccessRequests or radiusAccClientRequests
	*/
	u32 requests;

	/**
	* retransmissions - radiusAuthClientAccessRetransmissions or radiusAccClientRetransmissions
	*/
	u32 retransmissions;

	/**
	* access_accepts - radiusAuthClientAccessAccepts
	*/
	u32 access_accepts;

	/**
	* access_rejects - radiusAuthClientAccessRejects
	*/
	u32 access_rejects;

	/**
	* access_challenges - radiusAuthClientAccessChallenges
	*/
	u32 access_challenges;

	/**
	* responses - radiusAccClientResponses
	*/
	u32 responses;

	/**
	* malformed_responses - radiusAuthClientMalformedAccessResponses or radiusAccClientMalformedResponses
	*/
	u32 malformed_responses;

	/**
	* bad_authenticators - radiusAuthClientBadAuthenticators or radiusAccClientBadAuthenticators
	*/
	u32 bad_authenticators;

	/**
	* timeouts - radiusAuthClientTimeouts or radiusAccClientTimeouts
	*/
	u32 timeouts;

	/**
	* unknown_types - radiusAuthClientUnknownTypes or radiusAccClientUnknownTypes
	*/
	u32 unknown_types;

	/**
	* packets_dropped - radiusAuthClientPacketsDropped or radiusAccClientPacketsDropped
	*/
	u32 packets_dropped;
	};

	/**
	* struct hostapd_radius_servers - RADIUS servers for RADIUS client
	*/
	struct hostapd_radius_servers {
	/**
	* auth_servers - RADIUS Authentication servers in priority order
	*/
	struct hostapd_radius_server *auth_servers;

	/**
	* num_auth_servers - Number of auth_servers entries
	*/
	int num_auth_servers;

	/**
	* auth_server - The current Authentication server
	*/
	struct hostapd_radius_server *auth_server;

	/**
	* acct_servers - RADIUS Accounting servers in priority order
	*/
	struct hostapd_radius_server *acct_servers;

	/**
	* num_acct_servers - Number of acct_servers entries
	*/
	int num_acct_servers;

	/**
	* acct_server - The current Accounting server
	*/
	struct hostapd_radius_server *acct_server;

	/**
	* retry_primary_interval - Retry interval for trying primary server
	*
	* This specifies a retry interval in sexconds for trying to return to
	* the primary RADIUS server. RADIUS client code will automatically try
	* to use the next server when the current server is not replying to
	* requests. If this interval is set (non-zero), the primary server
	* will be retried after the specified number of seconds has passed
	* even if the current used secondary server is still working.
	*/
	int retry_primary_interval;

	/**
	* msg_dumps - Whether RADIUS message details are shown in stdout
	*/
	int msg_dumps;

	/**
	* client_addr - Client (local) address to use if force_client_addr
	*/
	struct hostapd_ip_addr client_addr;

	/**
	* force_client_addr - Whether to force client (local) address
	*/
	int force_client_addr;
	};


	/**
	* RadiusType - RADIUS server type for RADIUS client
	*/
	typedef enum {
	/**
	* RADIUS authentication
	*/
	RADIUS_AUTH,

	/**
	* RADIUS_ACCT - RADIUS accounting
	*/
	RADIUS_ACCT,

	/**
	* RADIUS_ACCT_INTERIM - RADIUS interim accounting message
	*
	* Used only with radius_client_send(). This behaves just like
	* RADIUS_ACCT, but removes any pending interim RADIUS Accounting
	* messages for the same STA before sending the new interim update.
	*/
	RADIUS_ACCT_INTERIM
	} RadiusType;

	/**
	* RadiusRxResult - RADIUS client RX handler result
	*/
	typedef enum {
	/**
	* RADIUS_RX_PROCESSED - Message processed
	*
	* This stops handler calls and frees the message.
	*/
	RADIUS_RX_PROCESSED,

	/**
	* RADIUS_RX_QUEUED - Message has been queued
	*
	* This stops handler calls, but does not free the message; the handler
	* that returned this is responsible for eventually freeing the
	* message.
	*/
	RADIUS_RX_QUEUED,

	/**
	* RADIUS_RX_UNKNOWN - Message is not for this handler
	*/
	RADIUS_RX_UNKNOWN,

	/**
	* RADIUS_RX_INVALID_AUTHENTICATOR - Message has invalid Authenticator
	*/
	RADIUS_RX_INVALID_AUTHENTICATOR
	} RadiusRxResult;

	struct radius_client_data;

	int radius_client_register(struct radius_client_data *radius,
	RadiusType msg_type,
	RadiusRxResult (*handler)
	(struct radius_msg msg, struct radius_msg req,
	const u8 *shared_secret, size_t shared_secret_len,
	void *data),
	void *data);
	int radius_client_send(struct radius_client_data *radius,
	struct radius_msg *msg,
	RadiusType msg_type, const u8 *addr);
	u8 radius_client_get_id(struct radius_client_data *radius);
	void radius_client_flush(struct radius_client_data *radius, int only_auth);
	struct radius_client_data *
	radius_client_init(void ctx, struct hostapd_radius_servers conf);
	void radius_client_deinit(struct radius_client_data *radius);
	void radius_client_flush_auth(struct radius_client_data *radius,
	const u8 *addr);
	int radius_client_get_mib(struct radius_client_data radius, char buf,
	size_t buflen);
	void radius_client_reconfig(struct radius_client_data *radius,
	struct hostapd_radius_servers *conf);

	#endif /* RADIUS_CLIENT_H */