Share a single Linux ioctl helper fo setting interface up/down
[hostap-gosc2009.git] / src / radius / radius_client.h
blob644ea234fd253c480ee913a81fc8a0b703163dea
1 /*
2 * RADIUS client
3 * Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
12 * See README and COPYING for more details.
15 #ifndef RADIUS_CLIENT_H
16 #define RADIUS_CLIENT_H
18 #include "ip_addr.h"
20 struct radius_msg;
22 /**
23 * struct hostapd_radius_server - RADIUS server information for RADIUS client
25 * This structure contains information about a RADIUS server. The values are
26 * mainly for MIB information. The MIB variable prefix (radiusAuth or
27 * radiusAcc) depends on whether this is an authentication or accounting
28 * server.
30 * radiusAuthClientPendingRequests (or radiusAccClientPendingRequests) is the
31 * number struct radius_client_data::msgs for matching msg_type.
33 struct hostapd_radius_server {
34 /**
35 * addr - radiusAuthServerAddress or radiusAccServerAddress
37 struct hostapd_ip_addr addr;
39 /**
40 * port - radiusAuthClientServerPortNumber or radiusAccClientServerPortNumber
42 int port;
44 /**
45 * shared_secret - Shared secret for authenticating RADIUS messages
47 u8 *shared_secret;
49 /**
50 * shared_secret_len - Length of shared_secret in octets
52 size_t shared_secret_len;
54 /* Dynamic (not from configuration file) MIB data */
56 /**
57 * index - radiusAuthServerIndex or radiusAccServerIndex
59 int index;
61 /**
62 * round_trip_time - radiusAuthClientRoundTripTime or radiusAccClientRoundTripTime
63 * Round-trip time in hundredths of a second.
65 int round_trip_time;
67 /**
68 * requests - radiusAuthClientAccessRequests or radiusAccClientRequests
70 u32 requests;
72 /**
73 * retransmissions - radiusAuthClientAccessRetransmissions or radiusAccClientRetransmissions
75 u32 retransmissions;
77 /**
78 * access_accepts - radiusAuthClientAccessAccepts
80 u32 access_accepts;
82 /**
83 * access_rejects - radiusAuthClientAccessRejects
85 u32 access_rejects;
87 /**
88 * access_challenges - radiusAuthClientAccessChallenges
90 u32 access_challenges;
92 /**
93 * responses - radiusAccClientResponses
95 u32 responses;
97 /**
98 * malformed_responses - radiusAuthClientMalformedAccessResponses or radiusAccClientMalformedResponses
100 u32 malformed_responses;
103 * bad_authenticators - radiusAuthClientBadAuthenticators or radiusAccClientBadAuthenticators
105 u32 bad_authenticators;
108 * timeouts - radiusAuthClientTimeouts or radiusAccClientTimeouts
110 u32 timeouts;
113 * unknown_types - radiusAuthClientUnknownTypes or radiusAccClientUnknownTypes
115 u32 unknown_types;
118 * packets_dropped - radiusAuthClientPacketsDropped or radiusAccClientPacketsDropped
120 u32 packets_dropped;
124 * struct hostapd_radius_servers - RADIUS servers for RADIUS client
126 struct hostapd_radius_servers {
128 * auth_servers - RADIUS Authentication servers in priority order
130 struct hostapd_radius_server *auth_servers;
133 * num_auth_servers - Number of auth_servers entries
135 int num_auth_servers;
138 * auth_server - The current Authentication server
140 struct hostapd_radius_server *auth_server;
143 * acct_servers - RADIUS Accounting servers in priority order
145 struct hostapd_radius_server *acct_servers;
148 * num_acct_servers - Number of acct_servers entries
150 int num_acct_servers;
153 * acct_server - The current Accounting server
155 struct hostapd_radius_server *acct_server;
158 * retry_primary_interval - Retry interval for trying primary server
160 * This specifies a retry interval in sexconds for trying to return to
161 * the primary RADIUS server. RADIUS client code will automatically try
162 * to use the next server when the current server is not replying to
163 * requests. If this interval is set (non-zero), the primary server
164 * will be retried after the specified number of seconds has passed
165 * even if the current used secondary server is still working.
167 int retry_primary_interval;
170 * msg_dumps - Whether RADIUS message details are shown in stdout
172 int msg_dumps;
175 * client_addr - Client (local) address to use if force_client_addr
177 struct hostapd_ip_addr client_addr;
180 * force_client_addr - Whether to force client (local) address
182 int force_client_addr;
187 * RadiusType - RADIUS server type for RADIUS client
189 typedef enum {
191 * RADIUS authentication
193 RADIUS_AUTH,
196 * RADIUS_ACCT - RADIUS accounting
198 RADIUS_ACCT,
201 * RADIUS_ACCT_INTERIM - RADIUS interim accounting message
203 * Used only with radius_client_send(). This behaves just like
204 * RADIUS_ACCT, but removes any pending interim RADIUS Accounting
205 * messages for the same STA before sending the new interim update.
207 RADIUS_ACCT_INTERIM
208 } RadiusType;
211 * RadiusRxResult - RADIUS client RX handler result
213 typedef enum {
215 * RADIUS_RX_PROCESSED - Message processed
217 * This stops handler calls and frees the message.
219 RADIUS_RX_PROCESSED,
222 * RADIUS_RX_QUEUED - Message has been queued
224 * This stops handler calls, but does not free the message; the handler
225 * that returned this is responsible for eventually freeing the
226 * message.
228 RADIUS_RX_QUEUED,
231 * RADIUS_RX_UNKNOWN - Message is not for this handler
233 RADIUS_RX_UNKNOWN,
236 * RADIUS_RX_INVALID_AUTHENTICATOR - Message has invalid Authenticator
238 RADIUS_RX_INVALID_AUTHENTICATOR
239 } RadiusRxResult;
241 struct radius_client_data;
243 int radius_client_register(struct radius_client_data *radius,
244 RadiusType msg_type,
245 RadiusRxResult (*handler)
246 (struct radius_msg *msg, struct radius_msg *req,
247 const u8 *shared_secret, size_t shared_secret_len,
248 void *data),
249 void *data);
250 int radius_client_send(struct radius_client_data *radius,
251 struct radius_msg *msg,
252 RadiusType msg_type, const u8 *addr);
253 u8 radius_client_get_id(struct radius_client_data *radius);
254 void radius_client_flush(struct radius_client_data *radius, int only_auth);
255 struct radius_client_data *
256 radius_client_init(void *ctx, struct hostapd_radius_servers *conf);
257 void radius_client_deinit(struct radius_client_data *radius);
258 void radius_client_flush_auth(struct radius_client_data *radius,
259 const u8 *addr);
260 int radius_client_get_mib(struct radius_client_data *radius, char *buf,
261 size_t buflen);
263 #endif /* RADIUS_CLIENT_H */