Logo Search packages:      
Sourcecode: radiusd-livingston version File versions  Download package

radius.h

/************************************************************************

RADIUS
Remote Authentication Dial In User Service

Lucent Technologies Remote Access
4464 Willow Road
Pleasanton, CA   94588

Copyright 1992-1999 Lucent Technologies Inc.  All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:

   * Redistributions of source code must retain the above copyright
     notice, this list of conditions and the following disclaimer.

   * Redistributions in binary form must reproduce the above
     copyright notice, this list of conditions and the following
     disclaimer in the documentation and/or other materials provided
     with the distribution.

   * All advertising materials mentioning features or use of this
     software must display the following acknowledgement:

        This product includes software developed by Lucent
        Technologies and its contributors.

   * Neither the name of the copyright holder nor the names of its
     contributors may be used to endorse or promote products derived
     from this software without specific prior written permission.

This software is provided by the copyright holders and contributors
``as is'' and any express or implied warranties, including, but not
limited to, the implied warranties of merchantability and fitness for a
particular purpose are disclaimed. In no event shall the copyright
holder or contributors be liable for any direct, indirect, incidental,
special, exemplary, or consequential damages (including, but not
limited to, procurement of substitute goods or services; loss of use,
data, or profits; or business interruption) however caused and on any
theory of liability, whether in contract, strict liability, or tort
(including negligence or otherwise) arising in any way out of the use
of this software, even if advised of the possibility of such damage.

************************************************************************/

/*
 *      $Id: radius.h,v 1.20 1999/06/23 23:40:41 cdr Exp $
 */

#include "conf.h"

#define AUTH_VECTOR_LEN       16
#define AUTH_PASS_LEN         16
#define AUTH_MAXPASS_LEN      48
#define AUTH_STRING_LEN       253   /* maximum of 253 */
#define MAX_LINE_SIZE         256
#define MAX_HOST_SIZE         128

00061 typedef struct pw_auth_hdr {
      u_char            code;
      u_char            id;
      u_short           length;
      char        vector[AUTH_VECTOR_LEN];
      u_char            data[2];
} AUTH_HDR;

#define AUTH_HDR_LEN                20
#define CHAP_VALUE_LENGTH           16

#define PW_AUTH_UDP_PORT            1645
#define PW_ACCT_UDP_PORT            1646
#define PW_PROXY_UDP_PORT           1815
#define PW_PROXYACCT_UDP_PORT       1816

#define PW_TYPE_STRING              0
#define PW_TYPE_INTEGER             1
#define PW_TYPE_IPADDR              2
#define PW_TYPE_DATE                3


#define     PW_AUTHENTICATION_REQUEST     1
#define     PW_AUTHENTICATION_ACK         2
#define     PW_AUTHENTICATION_REJECT      3
#define     PW_ACCOUNTING_REQUEST         4
#define     PW_ACCOUNTING_RESPONSE        5
#ifdef PASSCHANGE
#define PW_PASSWORD_REQUEST         7
#define PW_PASSWORD_ACK             8
#define PW_PASSWORD_REJECT          9
#endif /* PASSCHANGE */
#define PW_ACCESS_CHALLENGE         11

#define     PW_USER_NAME                  1
#define     PW_PASSWORD             2
#define     PW_CHAP_PASSWORD        3
#define     PW_CLIENT_ID                  4
#define     PW_CLIENT_PORT_ID       5
#define     PW_USER_SERVICE_TYPE          6
#define     PW_FRAMED_PROTOCOL            7
#define     PW_FRAMED_ADDRESS       8
#define     PW_FRAMED_NETMASK       9
#define     PW_FRAMED_ROUTING       10
#define     PW_FRAMED_FILTER_ID           11
#define     PW_FRAMED_MTU                 12
#define     PW_FRAMED_COMPRESSION         13
#define     PW_LOGIN_HOST                 14
#define     PW_LOGIN_SERVICE        15
#define     PW_LOGIN_TCP_PORT       16
#ifdef PASSCHANGE
#define PW_OLD_PASSWORD             17
#endif
#define PW_PORT_MESSAGE             18
#define PW_DIALBACK_NO              19
#define PW_DIALBACK_NAME            20
#define PW_FRAMED_ROUTE             22
#define PW_FRAMED_IPXNET            23
#define PW_STATE              24
#define PW_VENDOR             26
#define PW_TERMINATION              29
#define PW_CALLED             30
#define PW_CALLING                  31
#define PW_PROXY              33

#define PW_ACCT_STATUS_TYPE         40
#define PW_ACCT_DELAY_TIME          41
#define PW_ACCT_INPUT_OCTETS        42
#define PW_ACCT_OUTPUT_OCTETS       43
#define PW_ACCT_SESSION_ID          44
#define PW_ACCT_AUTHENTIC           45
#define PW_ACCT_SESSION_TIME        46
#
#define PW_CHAP_CHALLENGE           60
#define PW_CONNECT_INFO             77
/*
 * Non-Protocol Attributes
 */
#define PW_EXPIRATION                 21
#define PW_AUTHTYPE                 1000
#define PW_MENU                     1001
#define PW_TERMINATION_MENU         1002
#define PW_PREFIX             1003
#define PW_SUFFIX             1004
#define PW_GROUP              1005
#define PW_CRYPT_PASSWORD           1006
#define PW_CONNECT_RATE             1007

#define PW_ANONYMOUS                2000

/*
 *    INTEGER TRANSLATIONS
 */

/*    USER TYPES  */

#define     PW_LOGIN_USER                 1
#define     PW_FRAMED_USER                2
#define     PW_DIALBACK_LOGIN_USER        3
#define     PW_DIALBACK_FRAMED_USER       4
#define     PW_OUTBOUND_USER        5
#define     PW_ADMIN_USER                 6
#define     PW_PROMPT_USER                7
#define PW_CALL_CHECK_USER          10
#define PW_OLD_CALL_CHECK_USER            129

/*    FRAMED PROTOCOLS  */

#define     PW_PPP                        1
#define     PW_SLIP                       2

/*    FRAMED ROUTING VALUES   */

#define     PW_NONE                       0
#define     PW_BROADCAST                  1
#define     PW_LISTEN               2
#define     PW_BROADCAST_LISTEN           3

/*    FRAMED COMPRESSION TYPES      */

#define     PW_VAN_JACOBSON_TCP_IP        1

/*    LOGIN SERVICES    */

#define     PW_TELNET               0
#define     PW_RLOGIN               1
#define     PW_TCP_CLEAR                  2
#define     PW_PORTMASTER                 3

/*    AUTHENTICATION LEVEL    */

#define PW_AUTH_NONE                0
#define PW_AUTH_RADIUS              1
#define PW_AUTH_LOCAL               2

/*    STATUS TYPES      */

#define PW_STATUS_START             1
#define PW_STATUS_STOP              2

/*    TERMINATION OPTIONS     */

#define PW_TERM_DEFAULT             0
#define PW_TERM_RADIUS_REQUEST            1

/*    Internal Authentication Types */

#define PW_AUTHTYPE_NONE            -1
#define PW_AUTHTYPE_LOCAL           0
#define PW_AUTHTYPE_UNIX            1
#define PW_AUTHTYPE_SECURID         2
#define PW_AUTHTYPE_CRYPT           3
#define PW_AUTHTYPE_REJECT          4
#define PW_AUTHTYPE_ACTIVCARD       5

/*    Proxy Flags             */

#define PEER_NOPROXY                1  /* do not include Proxy-State */
#define PEER_OLDACCT                2  /* do not check sig on acct-response */
#define PEER_ADMINOK                4  /* allow admin logins by proxy */
#define PEER_IPASS                  8  /* forward using ipass protocol */

/*    AUTH_REQ Flags                */

#define REQ_PROXY             1  /* packet was forwarded */
#define REQ_DUP                     2  /* packet is a duplicate */
#define REQ_ERR                     4  /* packet is in error */
#define REQ_FREE              8  /* packet can be freed */

/*    build_packet Flags            */

/*    Report Indices                */

#define FW_REPLY              0  /* reply to client */
#define FW_SERVER             1  /* forward to server */
#define FW_CLIENT             2  /* forward reply to client */


#define     RR_PORT1                1 /* packets received on RADIUS port */
#define     RR_PORT2                2 /* packets received on RADIUS accounting port */
#define     RR_PORT3                3 /* packets received on RADIUS proxy port */
#define     RR_PORT4                4 /* packets received on RADIUS acct proxy port */
#define     RR_ACCEPT               5 /* access-accepts sent */
#define     RR_REJECT               6 /* access-rejects sent */
#define     RR_CHALLENGE                  7 /* access-challenges sent */
#define     RR_ACCOUNT              8 /* accounting-responses sent */

#define RR_MAX                      20

/* Default Database File Names */

#define RADIUS_DIR            "/etc/radiusd-livingston"
#define RADACCT_DIR           "/var/log/radiusd-livingston"

#define RADIUS_DICTIONARY     "dictionary"
#define RADIUS_CLIENTS        "clients"
#define RADIUS_CLIENT_CACHE   "clcache"
#define RADIUS_PROXY          "proxy"
#define RADIUS_USERS          "users"
#ifdef VPORTS
#define RADIUS_VPORTS           "vports"
#endif
#ifdef PASSCHANGE
#define RADIUS_HOLD           "holdusers"
#endif
#ifdef ACTIVCARD
#define ACTIVCARD_CONFIG      "config.aeg"
#endif

/* Server data structures */

00272 typedef struct dict_attr {
      char              name[32];
      int               value;
      int               type;
      int               vendor;     /* non-zero for Vendor-Specific */
      int               vsvalue;
      struct dict_attr  *next;
} DICT_ATTR;

00281 typedef struct dict_value {
      char              attrname[32];
      char              name[32];
      int               value;
      struct dict_value *next;
} DICT_VALUE;

00288 typedef struct value_pair {
      char              name[32];
      int               attribute;
      int               type;
      int               vendor;
      int               vsattribute;
      UINT4             lvalue;     /* length of strvalue if present */
      char              strvalue[AUTH_STRING_LEN];
      struct value_pair *next;
} VALUE_PAIR;

00299 typedef struct auth_req {
      UINT4             ipaddr;
      u_short                 udp_port;
      u_char                  id;
      u_char                  code;
      char              vector[AUTH_VECTOR_LEN];
      char              secret[20]; /* max length supported is 16 */
      VALUE_PAIR        *request;
      int               child_pid;  /* Process ID of child */
      UINT4             timestamp;
      struct auth_req         *next;            /* Next active request */
      UINT4             forw_addr;
      u_short                 forw_port;
      u_char                  forw_id;
      u_char                  flags;
      char              forw_vector[AUTH_VECTOR_LEN];
      char              forw_secret[20];
      char              name[64];
      char              realm[64];
      char              *packet;
} AUTH_REQ;

00321 typedef struct peer {
      UINT4             ipaddr;
      struct peer       *next;
      u_short                 radport;
      u_short                 acctport;
      char              realm[64];
      char              secret[20];
      u_char                  id;
      u_char                  flags;
} PEER;


#define DEBUG     if(debug_flag)log_debug

#define SECONDS_PER_DAY       86400
#define CLEANUP_DELAY         5
#define MAX_REQUESTS          100   /* -q */
#if defined(SECURID)
#define MAX_REQUEST_TIME      120
#else 
#define MAX_REQUEST_TIME      30    /* -t */
#endif
#define MAX_PROXY_TIME        30    /* -w */

#define RADIUS_MSG_KEY(pid)   (('r' << 24) + ((pid) & 0x00ffffff))

extern int debug_flag;
extern void debug_pair (VALUE_PAIR * pair);

void  log_debug(), log_err(), pairfree(), reqfree();


Generated by  Doxygen 1.6.0   Back to index