1 /* $OpenBSD: radiusd_local.h,v 1.16 2024/07/17 11:31:46 yasuoka Exp $ */ 2 3 /* 4 * Copyright (c) 2013 Internet Initiative Japan Inc. 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 #ifndef RADIUSD_LOCAL_H 20 #define RADIUSD_LOCAL_H 1 21 22 #include <sys/socket.h> /* for struct sockaddr_storage */ 23 #include <sys/queue.h> /* for TAILQ_* */ 24 #include <netinet/in.h> /* for struct sockaddr_in* */ 25 26 #include <event.h> /* for struct event */ 27 #include <imsg.h> /* for struct imsgbuf */ 28 #include <stdarg.h> /* for va_list */ 29 #include <stdbool.h> /* for bool */ 30 31 #include <radius.h> /* for RADIUS_PACKET */ 32 33 #define MODULE_IO_TIMEOUT 2000 34 35 #define CONFFILE "/etc/radiusd.conf" 36 37 struct radius_query; /* forward declaration */ 38 39 struct radiusd_addr { 40 union { 41 struct in_addr ipv4; 42 struct in6_addr ipv6; 43 uint32_t addr32[4]; 44 } addr; 45 }; 46 47 struct radiusd_listen { 48 struct radiusd *radiusd; 49 struct event ev; 50 int sock; 51 int accounting; 52 union { 53 struct sockaddr_in ipv4; 54 struct sockaddr_in6 ipv6; 55 } addr; 56 int stype; 57 int sproto; 58 TAILQ_ENTRY(radiusd_listen) next; 59 }; 60 61 TAILQ_HEAD(radiusd_listen_head, radiusd_listen); 62 63 struct radiusd_client { 64 char secret[RADIUSD_SECRET_MAX]; 65 bool msgauth_required; 66 int af; 67 struct radiusd_addr addr; 68 struct radiusd_addr mask; 69 TAILQ_ENTRY(radiusd_client) next; 70 }; 71 72 struct radiusd_module { 73 char name[RADIUSD_MODULE_NAME_LEN]; 74 struct radiusd *radiusd; 75 pid_t pid; 76 int fd; 77 struct imsgbuf ibuf; 78 struct event ev; 79 bool writeready; 80 bool stopped; 81 uint32_t capabilities; 82 u_char *radpkt; 83 int radpktsiz; 84 int radpktoff; 85 char *secret; 86 TAILQ_ENTRY(radiusd_module) next; 87 int (*request_decoration)(void *, struct radius_query *); 88 int (*response_decoration)(void *, struct radius_query *); 89 }; 90 91 struct radiusd_module_ref { 92 struct radiusd_module *module; 93 unsigned int type; 94 TAILQ_ENTRY(radiusd_module_ref) next; 95 }; 96 97 struct radiusd_authentication { 98 char **username; 99 struct radiusd_module_ref *auth; 100 bool isfilter; 101 TAILQ_HEAD(,radiusd_module_ref) deco; 102 TAILQ_ENTRY(radiusd_authentication) next; 103 }; 104 105 struct radiusd_accounting { 106 char **username; 107 char *secret; 108 struct radiusd_module_ref *acct; 109 int quick; 110 TAILQ_HEAD(,radiusd_module_ref) deco; 111 TAILQ_ENTRY(radiusd_accounting) next; 112 }; 113 114 struct radiusd { 115 struct radiusd_listen_head listen; 116 struct event ev_sigterm; 117 struct event ev_sighup; 118 struct event ev_sigint; 119 struct event ev_sigchld; 120 TAILQ_HEAD(,radiusd_module) module; 121 TAILQ_HEAD(,radiusd_authentication) authen; 122 TAILQ_HEAD(,radiusd_accounting) account; 123 TAILQ_HEAD(,radiusd_client) client; 124 TAILQ_HEAD(,radius_query) query; 125 int error; 126 }; 127 128 struct radius_query { 129 u_int id; 130 struct radiusd *radiusd; 131 struct sockaddr_storage clientaddr; 132 int clientaddrlen; 133 int req_id; 134 u_char req_auth[16]; 135 struct radiusd_listen *listen; 136 struct radiusd_client *client; 137 struct radiusd_authentication *authen; 138 RADIUS_PACKET *req; 139 RADIUS_PACKET *res; 140 int req_modified; 141 char username[256]; /* original username */ 142 TAILQ_ENTRY(radius_query) next; 143 struct radiusd_module_ref *deco; 144 struct radius_query *prev; 145 }; 146 147 struct imsgev { 148 struct imsgbuf ibuf; 149 void (*handler)(int, short, void *); 150 struct event ev; 151 short events; 152 }; 153 154 extern struct radiusd *radiusd_s; 155 156 #ifndef nitems 157 #define nitems(_x) (sizeof((_x)) / sizeof((_x)[0])) 158 #endif 159 160 #ifdef RADIUSD_DEBUG 161 #define RADIUSD_DBG(x) log_debug x 162 #else 163 #define RADIUSD_DBG(x) ((void)0) 164 #endif 165 #define RADIUSD_ASSERT(_cond) \ 166 do { \ 167 if (!(_cond)) { \ 168 log_warnx( \ 169 "ASSERT(%s) failed in %s() at %s:%d",\ 170 #_cond, __func__, __FILE__, __LINE__);\ 171 if (debug) abort(); \ 172 } \ 173 } while (0/* CONSTCOND */) 174 175 176 #define MODULE_DO_USERPASS(_m) \ 177 ((_m)->fd >= 0 && \ 178 ((_m)->capabilities & RADIUSD_MODULE_CAP_USERPASS) != 0) 179 #define MODULE_DO_ACCSREQ(_m) \ 180 ((_m)->fd >= 0 && \ 181 ((_m)->capabilities & RADIUSD_MODULE_CAP_ACCSREQ) != 0) 182 #define MODULE_DO_ACCTREQ(_m) \ 183 ((_m)->fd >= 0 && \ 184 ((_m)->capabilities & RADIUSD_MODULE_CAP_ACCTREQ) != 0) 185 #define MODULE_DO_REQDECO(_m) \ 186 ((_m)->fd >= 0 && \ 187 ((_m)->capabilities & RADIUSD_MODULE_CAP_REQDECO) != 0) 188 #define MODULE_DO_RESDECO(_m) \ 189 ((_m)->fd >= 0 && \ 190 ((_m)->capabilities & RADIUSD_MODULE_CAP_RESDECO) != 0) 191 #define MODULE_DO_NEXTRES(_m) \ 192 ((_m)->fd >= 0 && \ 193 ((_m)->capabilities & RADIUSD_MODULE_CAP_NEXTRES) != 0) 194 195 int parse_config(const char *, struct radiusd *); 196 void radiusd_conf_init(struct radiusd *); 197 198 199 struct radiusd_module *radiusd_module_load(struct radiusd *, const char *, 200 const char *); 201 void radiusd_module_unload(struct radiusd_module *); 202 203 void radiusd_access_request_answer(struct radius_query *); 204 void radiusd_access_request_next(struct radius_query *, RADIUS_PACKET *); 205 void radiusd_access_request_aborted(struct radius_query *); 206 int radiusd_imsg_compose_module(struct radiusd *, const char *, 207 uint32_t, uint32_t, pid_t, int, void *, size_t); 208 209 int radiusd_module_set(struct radiusd_module *, const char *, int, 210 char * const *); 211 212 void imsg_event_add(struct imsgev *); 213 int imsg_compose_event(struct imsgev *, uint32_t, uint32_t, pid_t, 214 int, void *, size_t); 215 int imsg_composev_event (struct imsgev *, uint32_t, uint32_t, 216 pid_t, int, struct iovec *, int); 217 218 #endif 219