Add support for vendor specific RADIUS extensions.

Only the extensions from rfc2548 are specified for now.
svn path=/head/; revision=96154
2002-05-07 10:47:18 +00:00 · 2002-05-07 10:47:18 +00:00 · b49a88f653 · 2020-12-20 02:59:44 +00:00
commit b49a88f653
parent bf1eaec5e8
5 changed files with 158 additions and 1 deletions
--- a/lib/libradius/Makefile
+++ b/lib/libradius/Makefile
@ -26,7 +26,7 @@

 LIB=		radius
 SRCS=		radlib.c
-INCS=		radlib.h
+INCS=		radlib.h radlib_vs.h
 CFLAGS+=	-Wall
 DPADD+=		${LIBMD}
 LDADD+=		-lmd
--- a/lib/libradius/libradius.3
+++ b/lib/libradius/libradius.3
@ -65,6 +65,14 @@
 .Ft int
 .Fn rad_put_string "struct rad_handle *h" "int type" "const char *str"
 .Ft int
+.Fn rad_put_vendor_addr "struct rad_handle *h" "int vendor" "int type" "struct in_addr addr"
+.Ft int
+.Fn rad_put_vendor_attr "struct rad_handle *h" "int vendor" "int type" "const void *data" "size_t len"
+.Ft int
+.Fn rad_put_vendor_int "struct rad_handle *h" "int vendor" "int type" "u_int32_t value"
+.Ft int
+.Fn rad_put_vendor_string "struct rad_handle *h" "int vendor" "int type" "const char *str"
+.Ft int
 .Fn rad_send_request "struct rad_handle *h"
 .Ft const char *
 .Fn rad_strerror "struct rad_handle *h"
@ -183,6 +191,14 @@ Each accepts a
 parameter identifying the attribute, and a value which may be
 an Internet address, an integer, or a NUL-terminated string,
 respectively.
+Alternatively,
+.Fn rad_put_vendor_addr ,
+.Fn rad_put_vendor_int
+or
+.Fn rad_put_vendor_string
+may be used to specify vendor specific attributes.  Vendor specific
+definitions may be found in
+.In radlib_vs.h
 .Pp
 The library also provides a function
 .Fn rad_put_attr
--- a/lib/libradius/radlib.c
+++ b/lib/libradius/radlib.c
@ -864,3 +864,54 @@ split(char *str, char *fields[], int maxfields, char *msg, size_t msglen)
 	}
 	return i;
 }
+
+int
+rad_put_vendor_addr(struct rad_handle *h, int vendor, int type,
+    struct in_addr addr)
+{
+	return (rad_put_vendor_attr(h, vendor, type, &addr.s_addr,
+	    sizeof addr.s_addr));
+}
+
+int
+rad_put_vendor_attr(struct rad_handle *h, int vendor, int type,
+    const void *value, size_t len)
+{
+	struct vendor_attribute *attr;
+	int res;
+
+	if ((attr = malloc(len + 6)) == NULL) {
+		generr(h, "malloc failure (%d bytes)", len + 6);
+		return -1;
+	}
+
+	attr->vendor_value = htonl(vendor);
+	attr->attrib_type = type;
+	attr->attrib_len = len + 2;
+	memcpy(attr->attrib_data, value, len);
+
+	res = put_raw_attr(h, RAD_VENDOR_SPECIFIC, attr, len + 6);
+	free(attr);
+	if (res == 0 && vendor == RAD_VENDOR_MICROSOFT
+	    && (type == RAD_MICROSOFT_MS_CHAP_RESPONSE
+	    || type == RAD_MICROSOFT_MS_CHAP2_RESPONSE)) {
+		h->chap_pass = 1;
+	}
+	return (res);
+}
+
+int
+rad_put_vendor_int(struct rad_handle *h, int vendor, int type, u_int32_t i)
+{
+	u_int32_t value;
+
+	value = htonl(i);
+	return (rad_put_vendor_attr(h, vendor, type, &value, sizeof value));
+}
+
+int
+rad_put_vendor_string(struct rad_handle *h, int vendor, int type,
+    const char *str)
+{
+	return (rad_put_vendor_attr(h, vendor, type, str, strlen(str)));
+}
--- a/lib/libradius/radlib_private.h
+++ b/lib/libradius/radlib_private.h
@ -33,6 +33,7 @@
 #include <netinet/in.h>

 #include "radlib.h"
+#include "radlib_vs.h"

 /* Handle types */
 #define RADIUS_AUTH		0   /* RADIUS authentication, default */
@ -89,4 +90,11 @@ struct rad_handle {
 	int		 type;		/* Handle type */
 };

+struct vendor_attribute {
+	u_int32_t vendor_value;
+	u_char attrib_type;
+	u_char attrib_len;
+	u_char attrib_data[1];
+};
+
 #endif
--- a/lib/libradius/radlib_vs.h
+++ b/lib/libradius/radlib_vs.h
@ -0,0 +1,82 @@
+/*-
+ * Copyright (c) 2002 Brian Somers <brian@Awfulhak.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _RADLIB_VS_H_
+#define _RADLIB_VS_H_
+
+#include <sys/types.h>
+#include <netinet/in.h>
+
+#define	RAD_VENDOR_MICROSOFT	311		/* rfc2548 */
+	#define	RAD_MICROSOFT_MS_CHAP_RESPONSE			1
+	#define	RAD_MICROSOFT_MS_CHAP_ERROR			2
+	#define	RAD_MICROSOFT_MS_CHAP_PW_1			3
+	#define	RAD_MICROSOFT_MS_CHAP_PW_2			4
+	#define	RAD_MICROSOFT_MS_CHAP_LM_ENC_PW			5
+	#define	RAD_MICROSOFT_MS_CHAP_NT_ENC_PW			6
+	#define	RAD_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY		7
+	#define	RAD_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES		8
+	#define	RAD_MICROSOFT_MS_RAS_VENDOR			9
+	#define	RAD_MICROSOFT_MS_CHAP_DOMAIN			10
+	#define	RAD_MICROSOFT_MS_CHAP_CHALLENGE			11
+	#define	RAD_MICROSOFT_MS_CHAP_MPPE_KEYS			12
+	#define	RAD_MICROSOFT_MS_BAP_USAGE			13
+	#define	RAD_MICROSOFT_MS_LINK_UTILIZATION_THRESHOLD	14
+	#define	RAD_MICROSOFT_MS_LINK_DROP_TIME_LIMIT		15
+	#define	RAD_MICROSOFT_MS_MPPE_SEND_KEY			16
+	#define	RAD_MICROSOFT_MS_MPPE_RECV_KEY			17
+	#define	RAD_MICROSOFT_MS_RAS_VERSION			18
+	#define	RAD_MICROSOFT_MS_OLD_ARAP_PASSWORD		19
+	#define	RAD_MICROSOFT_MS_NEW_ARAP_PASSWORD		20
+	#define	RAD_MICROSOFT_MS_ARAP_PASSWORD_CHANGE_REASON	21
+	#define	RAD_MICROSOFT_MS_FILTER				22
+	#define	RAD_MICROSOFT_MS_ACCT_AUTH_TYPE			23
+	#define	RAD_MICROSOFT_MS_ACCT_EAP_TYPE			24
+	#define	RAD_MICROSOFT_MS_CHAP2_RESPONSE			25
+	#define	RAD_MICROSOFT_MS_CHAP2_SUCCESS			26
+	#define	RAD_MICROSOFT_MS_CHAP2_PW			27
+	#define	RAD_MICROSOFT_MS_PRIMARY_DNS_SERVER		28
+	#define	RAD_MICROSOFT_MS_SECONDARY_DNS_SERVER		29
+	#define	RAD_MICROSOFT_MS_PRIMARY_NBNS_SERVER		30
+	#define	RAD_MICROSOFT_MS_SECONDARY_NBNS_SERVER		31
+	#define	RAD_MICROSOFT_MS_ARAP_CHALLENGE			33
+
+struct rad_handle;
+
+__BEGIN_DECLS
+int			 rad_put_vendor_addr(struct rad_handle *, int, int,
+			    struct in_addr);
+int			 rad_put_vendor_attr(struct rad_handle *, int, int,
+			    const void *, size_t);
+int			 rad_put_vendor_int(struct rad_handle *, int, int,
+			    u_int32_t);
+int			 rad_put_vendor_string(struct rad_handle *, int, int,
+			    const char *);
+__END_DECLS
+
+#endif /* _RADLIB_VS_H_ */