1 /********************************************************************************************************* 2 * Software License Agreement (BSD License) * 3 * Author: Sebastien Decugis <sdecugis@freediameter.net> * 4 * * 5 * Copyright (c) 2013, WIDE Project and NICT * 6 * All rights reserved. * 7 * * 8 * Redistribution and use of this software in source and binary forms, with or without modification, are * 9 * permitted provided that the following conditions are met: * 10 * * 11 * * Redistributions of source code must retain the above * 12 * copyright notice, this list of conditions and the * 13 * following disclaimer. * 14 * * 15 * * Redistributions in binary form must reproduce the above * 16 * copyright notice, this list of conditions and the * 17 * following disclaimer in the documentation and/or other * 18 * materials provided with the distribution. * 19 * * 20 * * Neither the name of the WIDE Project or NICT nor the * 21 * names of its contributors may be used to endorse or * 22 * promote products derived from this software without * 23 * specific prior written permission of WIDE Project and * 24 * NICT. * 25 * * 26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED * 27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * 28 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR * 29 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * 30 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * 31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * 32 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * 33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * 34 *********************************************************************************************************/ 35 36 /* This file contains the definitions for the app_radgw internal use. */ 37 38 #ifndef _RGW_H 39 #define _RGW_H 40 41 /* include the common definitions */ 42 #include "rgw_common.h" 43 44 /* RADIUS messages + metadata */ 45 struct rgw_radius_msg_meta { 46 47 /* The RADIUS message */ 48 struct radius_msg radius; 49 50 /* Metadata */ 51 struct { 52 /* The port it was sent from, in network byte order */ 53 unsigned port :16; 54 55 /* received on ACCT or AUTH port? */ 56 unsigned serv_type :2; 57 58 /* The message has a valid Message-Authenticator attribute */ 59 unsigned valid_mac :1; 60 }; 61 62 /* For Proxy-State attributes: */ 63 int ps_first; /* The index of the first Proxy-State attribute in radius.attr_pos. It is always >= radius.attr_used */ 64 int ps_nb; /* The number of Proxy-State attributes. The real radius.attr_pos size is attr_used + ps_nb */ 65 }; 66 void rgw_msg_free(struct rgw_radius_msg_meta ** msg); 67 int rgw_msg_parse(unsigned char * buf, size_t len, struct rgw_radius_msg_meta ** msg); 68 void rgw_msg_dump(struct rgw_radius_msg_meta * msg, int has_meta); 69 70 /* Local RADIUS server(s) configuration */ 71 struct rgw_serv { 72 unsigned disabled :1; 73 unsigned ip_disabled :1; 74 unsigned ip6_disabled :1; 75 unsigned :13; /* padding */ 76 77 uint16_t port; /* stored in network byte order */ 78 79 struct in_addr ip_endpoint; 80 struct in6_addr ip6_endpoint; 81 }; 82 83 extern struct rgw_servs { 84 struct rgw_serv auth_serv; 85 struct rgw_serv acct_serv; 86 } rgw_servers; 87 88 int rgw_servers_init(void); 89 int rgw_servers_start(void); 90 void rgw_servers_dump(void); 91 int rgw_servers_send(int type, unsigned char *buf, size_t buflen, struct sockaddr *to, uint16_t to_port); 92 void rgw_servers_fini(void); 93 94 95 /* Clients management */ 96 enum rgw_cli_type { RGW_CLI_NAS, RGW_CLI_PXY }; 97 int rgw_clients_auth_check(struct rgw_radius_msg_meta * msg, struct rgw_client * cli, uint8_t * req_auth); 98 int rgw_clients_add( struct sockaddr * ip_port, unsigned char ** key, size_t keylen, enum rgw_cli_type type ); 99 int rgw_clients_getkey(struct rgw_client * cli, unsigned char **key, size_t *key_len); 100 int rgw_clients_gettype(struct rgw_client * cli, enum rgw_cli_type *type); 101 int rgw_clients_search(struct sockaddr * ip_port, struct rgw_client ** ref); 102 int rgw_clients_check_dup(struct rgw_radius_msg_meta **msg, struct rgw_client *cli); 103 int rgw_clients_create_origin(struct rgw_radius_msg_meta *msg, struct rgw_client * cli, struct msg ** diam); 104 int rgw_client_finish_send(struct radius_msg ** msg, struct rgw_radius_msg_meta * req, struct rgw_client * cli); 105 int rgw_client_finish_nosend(struct rgw_radius_msg_meta * req, struct rgw_client * cli); 106 void rgw_clients_dispose(struct rgw_client ** ref); 107 void rgw_clients_dump(void); 108 int rgw_clients_init(void); 109 void rgw_clients_fini(void); 110 int rgw_client_session_add(struct rgw_client * cli, struct session *sess, char * dest_realm, char * dest_host, application_id_t appid); 111 int rgw_client_session_stop(struct rgw_client * cli, struct session * sess, int32_t reason); 112 113 114 /* Management of plugins */ 115 int rgw_plg_add( char * plgfile, char * conffile, int port, unsigned char ** codes_array, size_t codes_sz ); 116 void rgw_plg_dump(void); 117 void rgw_plg_start_cache(void); 118 int rgw_plg_loop_req(struct rgw_radius_msg_meta **rad, struct msg **diam_msg, struct rgw_client * cli); 119 int rgw_plg_loop_ans(struct rgw_radius_msg_meta *req, struct msg **diam_ans, struct radius_msg ** rad_ans, struct rgw_client * cli); 120 void rgw_plg_fini(void); 121 122 123 /* Parse configuration file */ 124 int rgw_conf_handle(char * conffile); 125 126 127 /* Worker module, process incoming RADIUS messages (in separated threads) */ 128 int rgw_work_start(void); 129 int rgw_work_add(struct rgw_radius_msg_meta * msg, struct rgw_client * client); 130 void rgw_work_fini(void); 131 132 133 #endif /* _RGW_H */ 134 135