1 /*
2  * RADIUS authentication server
3  * Copyright (c) 2005-2009, 2011, Jouni Malinen <j@w1.fi>
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #ifndef RADIUS_SERVER_H
10 #define RADIUS_SERVER_H
11 
12 struct radius_server_data;
13 struct radius_msg;
14 struct eap_user;
15 
16 /**
17  * struct radius_server_conf - RADIUS server configuration
18  */
19 struct radius_server_conf {
20 	/**
21 	 * auth_port - UDP port to listen to as an authentication server
22 	 */
23 	int auth_port;
24 
25 	/**
26 	 * acct_port - UDP port to listen to as an accounting server
27 	 */
28 	int acct_port;
29 
30 	/**
31 	 * client_file - RADIUS client configuration file
32 	 *
33 	 * This file contains the RADIUS clients and the shared secret to be
34 	 * used with them in a format where each client is on its own line. The
35 	 * first item on the line is the IPv4 or IPv6 address of the client
36 	 * with an optional address mask to allow full network to be specified
37 	 * (e.g., 192.168.1.2 or 192.168.1.0/24). This is followed by white
38 	 * space (space or tabulator) and the shared secret. Lines starting
39 	 * with '#' are skipped and can be used as comments.
40 	 */
41 	char *client_file;
42 
43 	/**
44 	 * sqlite_file - SQLite database for storing debug log information
45 	 */
46 	const char *sqlite_file;
47 
48 	/**
49 	 * conf_ctx - Context pointer for callbacks
50 	 *
51 	 * This is used as the ctx argument in get_eap_user() and acct_req_cb()
52 	 * calls.
53 	 */
54 	void *conf_ctx;
55 
56 	const char *erp_domain;
57 
58 	/**
59 	 * ipv6 - Whether to enable IPv6 support in the RADIUS server
60 	 */
61 	int ipv6;
62 
63 	/**
64 	 * get_eap_user - Callback for fetching EAP user information
65 	 * @ctx: Context data from conf_ctx
66 	 * @identity: User identity
67 	 * @identity_len: identity buffer length in octets
68 	 * @phase2: Whether this is for Phase 2 identity
69 	 * @user: Data structure for filling in the user information
70 	 * Returns: 0 on success, -1 on failure
71 	 *
72 	 * This is used to fetch information from user database. The callback
73 	 * will fill in information about allowed EAP methods and the user
74 	 * password. The password field will be an allocated copy of the
75 	 * password data and RADIUS server will free it after use.
76 	 */
77 	int (*get_eap_user)(void *ctx, const u8 *identity, size_t identity_len,
78 			    int phase2, struct eap_user *user);
79 
80 	/**
81 	 * acct_req_cb - Callback for processing received RADIUS accounting
82 	 * requests
83 	 * @ctx: Context data from conf_ctx
84 	 * @msg: Received RADIUS accounting request
85 	 * @status_type: Status type from the message (parsed Acct-Status-Type
86 	 * attribute)
87 	 * Returns: 0 on success, -1 on failure
88 	 *
89 	 * This can be used to log accounting information into file, database,
90 	 * syslog server, etc.
91 	 * Callback should not modify the message.
92 	 * If 0 is returned, response is automatically created. Otherwise,
93 	 * no response is created.
94 	 *
95 	 * acct_req_cb can be set to NULL to omit any custom processing of
96 	 * accounting requests. Statistics counters will be incremented in any
97 	 * case.
98 	 */
99 	int (*acct_req_cb)(void *ctx, struct radius_msg *msg, u32 status_type);
100 
101 	/**
102 	 * eap_req_id_text - Optional data for EAP-Request/Identity
103 	 *
104 	 * This can be used to configure an optional, displayable message that
105 	 * will be sent in EAP-Request/Identity. This string can contain an
106 	 * ASCII-0 character (nul) to separate network infromation per RFC
107 	 * 4284. The actual string length is explicit provided in
108 	 * eap_req_id_text_len since nul character will not be used as a string
109 	 * terminator.
110 	 */
111 	const char *eap_req_id_text;
112 
113 	/**
114 	 * eap_req_id_text_len - Length of eap_req_id_text buffer in octets
115 	 */
116 	size_t eap_req_id_text_len;
117 
118 #ifdef CONFIG_RADIUS_TEST
119 	const char *dump_msk_file;
120 #endif /* CONFIG_RADIUS_TEST */
121 
122 	char *t_c_server_url;
123 
124 	struct eap_config *eap_cfg;
125 };
126 
127 
128 struct radius_server_data *
129 radius_server_init(struct radius_server_conf *conf);
130 
131 void radius_server_erp_flush(struct radius_server_data *data);
132 void radius_server_deinit(struct radius_server_data *data);
133 
134 int radius_server_get_mib(struct radius_server_data *data, char *buf,
135 			  size_t buflen);
136 
137 void radius_server_eap_pending_cb(struct radius_server_data *data, void *ctx);
138 int radius_server_dac_request(struct radius_server_data *data, const char *req);
139 
140 #endif /* RADIUS_SERVER_H */
141