139beb93cSSam Leffler /* 2e28a4053SRui Paulo * RADIUS authentication server 3f05cddf9SRui Paulo * Copyright (c) 2005-2009, 2011, Jouni Malinen <j@w1.fi> 439beb93cSSam Leffler * 5f05cddf9SRui Paulo * This software may be distributed under the terms of the BSD license. 6f05cddf9SRui Paulo * See README for more details. 739beb93cSSam Leffler */ 839beb93cSSam Leffler 939beb93cSSam Leffler #ifndef RADIUS_SERVER_H 1039beb93cSSam Leffler #define RADIUS_SERVER_H 1139beb93cSSam Leffler 1239beb93cSSam Leffler struct radius_server_data; 1339beb93cSSam Leffler struct eap_user; 1439beb93cSSam Leffler 15e28a4053SRui Paulo /** 16e28a4053SRui Paulo * struct radius_server_conf - RADIUS server configuration 17e28a4053SRui Paulo */ 1839beb93cSSam Leffler struct radius_server_conf { 19e28a4053SRui Paulo /** 20e28a4053SRui Paulo * auth_port - UDP port to listen to as an authentication server 21e28a4053SRui Paulo */ 2239beb93cSSam Leffler int auth_port; 23e28a4053SRui Paulo 24e28a4053SRui Paulo /** 255b9c547cSRui Paulo * acct_port - UDP port to listen to as an accounting server 265b9c547cSRui Paulo */ 275b9c547cSRui Paulo int acct_port; 285b9c547cSRui Paulo 295b9c547cSRui Paulo /** 30e28a4053SRui Paulo * client_file - RADIUS client configuration file 31e28a4053SRui Paulo * 32e28a4053SRui Paulo * This file contains the RADIUS clients and the shared secret to be 33e28a4053SRui Paulo * used with them in a format where each client is on its own line. The 34e28a4053SRui Paulo * first item on the line is the IPv4 or IPv6 address of the client 35e28a4053SRui Paulo * with an optional address mask to allow full network to be specified 36e28a4053SRui Paulo * (e.g., 192.168.1.2 or 192.168.1.0/24). This is followed by white 37e28a4053SRui Paulo * space (space or tabulator) and the shared secret. Lines starting 38e28a4053SRui Paulo * with '#' are skipped and can be used as comments. 39e28a4053SRui Paulo */ 4039beb93cSSam Leffler char *client_file; 41e28a4053SRui Paulo 42e28a4053SRui Paulo /** 435b9c547cSRui Paulo * sqlite_file - SQLite database for storing debug log information 445b9c547cSRui Paulo */ 455b9c547cSRui Paulo const char *sqlite_file; 465b9c547cSRui Paulo 475b9c547cSRui Paulo /** 48e28a4053SRui Paulo * conf_ctx - Context pointer for callbacks 49e28a4053SRui Paulo * 50e28a4053SRui Paulo * This is used as the ctx argument in get_eap_user() calls. 51e28a4053SRui Paulo */ 5239beb93cSSam Leffler void *conf_ctx; 53e28a4053SRui Paulo 545b9c547cSRui Paulo const char *erp_domain; 555b9c547cSRui Paulo 56e28a4053SRui Paulo /** 57e28a4053SRui Paulo * ipv6 - Whether to enable IPv6 support in the RADIUS server 58e28a4053SRui Paulo */ 5939beb93cSSam Leffler int ipv6; 60e28a4053SRui Paulo 61e28a4053SRui Paulo /** 62e28a4053SRui Paulo * get_eap_user - Callback for fetching EAP user information 63e28a4053SRui Paulo * @ctx: Context data from conf_ctx 64e28a4053SRui Paulo * @identity: User identity 65e28a4053SRui Paulo * @identity_len: identity buffer length in octets 66e28a4053SRui Paulo * @phase2: Whether this is for Phase 2 identity 67e28a4053SRui Paulo * @user: Data structure for filling in the user information 68e28a4053SRui Paulo * Returns: 0 on success, -1 on failure 69e28a4053SRui Paulo * 70e28a4053SRui Paulo * This is used to fetch information from user database. The callback 71e28a4053SRui Paulo * will fill in information about allowed EAP methods and the user 72e28a4053SRui Paulo * password. The password field will be an allocated copy of the 73e28a4053SRui Paulo * password data and RADIUS server will free it after use. 74e28a4053SRui Paulo */ 7539beb93cSSam Leffler int (*get_eap_user)(void *ctx, const u8 *identity, size_t identity_len, 7639beb93cSSam Leffler int phase2, struct eap_user *user); 77e28a4053SRui Paulo 78e28a4053SRui Paulo /** 79e28a4053SRui Paulo * eap_req_id_text - Optional data for EAP-Request/Identity 80e28a4053SRui Paulo * 81e28a4053SRui Paulo * This can be used to configure an optional, displayable message that 82e28a4053SRui Paulo * will be sent in EAP-Request/Identity. This string can contain an 83e28a4053SRui Paulo * ASCII-0 character (nul) to separate network infromation per RFC 84e28a4053SRui Paulo * 4284. The actual string length is explicit provided in 85e28a4053SRui Paulo * eap_req_id_text_len since nul character will not be used as a string 86e28a4053SRui Paulo * terminator. 87e28a4053SRui Paulo */ 8839beb93cSSam Leffler const char *eap_req_id_text; 89e28a4053SRui Paulo 90e28a4053SRui Paulo /** 91e28a4053SRui Paulo * eap_req_id_text_len - Length of eap_req_id_text buffer in octets 92e28a4053SRui Paulo */ 9339beb93cSSam Leffler size_t eap_req_id_text_len; 94e28a4053SRui Paulo 95f05cddf9SRui Paulo #ifdef CONFIG_RADIUS_TEST 96f05cddf9SRui Paulo const char *dump_msk_file; 97f05cddf9SRui Paulo #endif /* CONFIG_RADIUS_TEST */ 985b9c547cSRui Paulo 995b9c547cSRui Paulo char *subscr_remediation_url; 1005b9c547cSRui Paulo u8 subscr_remediation_method; 1014bc52338SCy Schubert char *hs20_sim_provisioning_url; 10285732ac8SCy Schubert 10385732ac8SCy Schubert char *t_c_server_url; 104*c1d255d3SCy Schubert 105*c1d255d3SCy Schubert struct eap_config *eap_cfg; 10639beb93cSSam Leffler }; 10739beb93cSSam Leffler 10839beb93cSSam Leffler 10939beb93cSSam Leffler struct radius_server_data * 11039beb93cSSam Leffler radius_server_init(struct radius_server_conf *conf); 11139beb93cSSam Leffler 1125b9c547cSRui Paulo void radius_server_erp_flush(struct radius_server_data *data); 11339beb93cSSam Leffler void radius_server_deinit(struct radius_server_data *data); 11439beb93cSSam Leffler 11539beb93cSSam Leffler int radius_server_get_mib(struct radius_server_data *data, char *buf, 11639beb93cSSam Leffler size_t buflen); 11739beb93cSSam Leffler 11839beb93cSSam Leffler void radius_server_eap_pending_cb(struct radius_server_data *data, void *ctx); 11985732ac8SCy Schubert int radius_server_dac_request(struct radius_server_data *data, const char *req); 12039beb93cSSam Leffler 12139beb93cSSam Leffler #endif /* RADIUS_SERVER_H */ 122