Loading...
Searching...
No Matches
Main API
Main API Functions. More...
Data Structures | |
| struct | server |
| struct | dict_attr |
| struct | dict_value |
| struct | dict_vendor |
| struct | rc_value_pair |
| struct | send_data |
Macros | |
| #define | TRUE 1 |
| #define | FALSE 0 |
| #define | AUTH_PASS_LEN (8 * 16) /* multiple of 16 */ |
| #define | AUTH_ID_LEN 64 |
| #define | RC_BUFFER_LEN 8192 |
| #define | RC_MAX_PACKET_LEN 4096 /* RFC 2865: maximum RADIUS packet size */ |
| #define | RC_NAME_LENGTH 64 |
| #define | MAX_SECRET_LENGTH (16 * 16) /* MUST be multiple of 16 */ |
| #define | RADCLI_VENDOR_MASK 0xffffffff |
| #define | VENDOR_BIT_SIZE 32 |
| #define | RADCLI_VENDOR_ATTR_SET(attr, vendor) |
| #define | VENDOR(x) |
| #define | ATTRID(x) |
| #define | PW_MAX_MSG_SIZE 4096 |
| #define | RC_SERVER_MAX 8 |
| #define | AUTH_LOCAL_FST (1<<0) |
| #define | AUTH_RADIUS_FST (1<<1) |
| #define | AUTH_LOCAL_SND (1<<2) |
| #define | AUTH_RADIUS_SND (1<<3) |
| #define | AUTH_HDR_LEN 20 |
| #define | CHAP_VALUE_LENGTH 16 |
| #define | PW_AUTH_UDP_PORT 1812 |
| #define | PW_ACCT_UDP_PORT 1813 |
| #define | PW_DUMB 0 |
| 1 and 2 are defined in FRAMED PROTOCOLS. | |
| #define | PW_AUTH_ONLY 3 |
| #define | PW_ALL 255 |
| #define | MGMT_POLL_SECRET "Hardlyasecret" |
| Default for Merit radiusd. | |
| #define | AUTH_STRING_LEN 253 /* maximum of 253 */ |
| #define | AUTH_VECTOR_LEN 16 |
| #define | RC_MIN(a, b) |
| #define | RC_MAX(a, b) |
| #define | PATH_MAX 1024 |
| #define | ENV_SIZE 128 |
Typedefs | |
| typedef enum rc_type | rc_type |
| typedef struct rc_conf | rc_handle |
| typedef struct server | SERVER |
| typedef enum rc_socket_type | rc_socket_type |
| typedef enum rc_attr_type | rc_attr_type |
| typedef enum rc_standard_codes | rc_standard_codes |
| typedef enum rc_attr_id | rc_attr_id |
| typedef enum rc_service_type | rc_service_type |
| typedef enum rc_framed_protocol | rc_framed_protocol |
| typedef enum rc_framed_routing_type | rc_framed_routing_type |
| typedef enum rc_framed_comp | rc_framed_comp |
| typedef enum rc_login_service_type | rc_login_service_type |
| typedef enum rc_termination_action | rc_termination_action |
| typedef enum rc_acct_status_type | rc_acct_status_type |
| typedef enum rc_acct_terminate_cause | rc_acct_terminate_cause |
| typedef enum rc_nas_port_type | rc_nas_port_type |
| typedef enum rc_acct_auth_type | rc_acct_auth_type |
| typedef enum rc_vendor_pec | rc_vendor_type |
| typedef struct dict_attr | DICT_ATTR |
| typedef struct dict_value | DICT_VALUE |
| typedef struct dict_vendor | DICT_VENDOR |
| typedef enum rc_send_status | rc_send_status |
| typedef struct rc_value_pair | VALUE_PAIR |
| typedef struct send_data | SEND_DATA |
| typedef struct rc_aaa_ctx_st | RC_AAA_CTX |
Enumerations | |
| enum | rc_type { AUTH = 0 , ACCT = 1 } |
| enum | rc_socket_type { RC_SOCKET_UDP = 0 , RC_SOCKET_TLS = 1 , RC_SOCKET_DTLS = 2 , RC_SOCKET_TCP = 3 } |
| enum | rc_attr_type { PW_TYPE_STRING =0 , PW_TYPE_INTEGER =1 , PW_TYPE_IPADDR =2 , PW_TYPE_DATE =3 , PW_TYPE_IPV6ADDR =4 , PW_TYPE_IPV6PREFIX =5 , PW_TYPE_MAX =6 } |
| enum | rc_standard_codes { PW_ACCESS_REQUEST =1 , PW_ACCESS_ACCEPT =2 , PW_ACCESS_REJECT =3 , PW_ACCOUNTING_REQUEST =4 , PW_ACCOUNTING_RESPONSE =5 , PW_ACCOUNTING_STATUS =6 , PW_PASSWORD_REQUEST =7 , PW_PASSWORD_ACK =8 , PW_PASSWORD_REJECT =9 , PW_ACCOUNTING_MESSAGE =10 , PW_ACCESS_CHALLENGE =11 , PW_STATUS_SERVER =12 , PW_STATUS_CLIENT =13 } |
| enum | rc_attr_id { PW_USER_NAME =1 , PW_USER_PASSWORD =2 , PW_CHAP_PASSWORD =3 , PW_NAS_IP_ADDRESS =4 , PW_NAS_PORT =5 , PW_SERVICE_TYPE =6 , PW_FRAMED_PROTOCOL =7 , PW_FRAMED_IP_ADDRESS =8 , PW_FRAMED_IP_NETMASK =9 , PW_FRAMED_ROUTING =10 , PW_FILTER_ID =11 , PW_FRAMED_MTU =12 , PW_FRAMED_COMPRESSION =13 , PW_LOGIN_IP_HOST =14 , PW_LOGIN_SERVICE =15 , PW_LOGIN_PORT =16 , PW_OLD_PASSWORD =17 , PW_REPLY_MESSAGE =18 , PW_LOGIN_CALLBACK_NUMBER =19 , PW_FRAMED_CALLBACK_ID =20 , PW_EXPIRATION =21 , PW_FRAMED_ROUTE =22 , PW_FRAMED_IPX_NETWORK =23 , PW_STATE =24 , PW_CLASS =25 , PW_VENDOR_SPECIFIC =26 , PW_SESSION_TIMEOUT =27 , PW_IDLE_TIMEOUT =28 , PW_TERMINATION_ACTION =29 , PW_CALLED_STATION_ID =30 , PW_CALLING_STATION_ID =31 , PW_NAS_IDENTIFIER =32 , PW_PROXY_STATE =33 , PW_LOGIN_LAT_SERVICE =34 , PW_LOGIN_LAT_NODE =35 , PW_LOGIN_LAT_GROUP =36 , PW_FRAMED_APPLETALK_LINK =37 , PW_FRAMED_APPLETALK_NETWORK =38 , PW_FRAMED_APPLETALK_ZONE =39 , PW_ACCT_STATUS_TYPE =40 , PW_ACCT_DELAY_TIME =41 , PW_ACCT_INPUT_OCTETS =42 , PW_ACCT_OUTPUT_OCTETS =43 , PW_ACCT_SESSION_ID =44 , PW_ACCT_AUTHENTIC =45 , PW_ACCT_SESSION_TIME =46 , PW_ACCT_INPUT_PACKETS =47 , PW_ACCT_OUTPUT_PACKETS =48 , PW_ACCT_TERMINATE_CAUSE =49 , PW_ACCT_MULTI_SESSION_ID =50 , PW_ACCT_LINK_COUNT =51 , PW_ACCT_INPUT_GIGAWORDS =52 , PW_ACCT_OUTPUT_GIGAWORDS =53 , PW_EVENT_TIMESTAMP =55 , PW_EGRESS_VLANID =56 , PW_INGRESS_FILTERS =57 , PW_EGRESS_VLAN_NAME =58 , PW_USER_PRIORITY_TABLE =59 , PW_CHAP_CHALLENGE =60 , PW_NAS_PORT_TYPE =61 , PW_PORT_LIMIT =62 , PW_LOGIN_LAT_PORT =63 , PW_TUNNEL_TYPE =64 , PW_TUNNEL_MEDIUM_TYPE =65 , PW_TUNNEL_CLIENT_ENDPOINT =66 , PW_TUNNEL_SERVER_ENDPOINT =67 , PW_ACCT_TUNNEL_CONNECTION =68 , PW_TUNNEL_PASSWORD =69 , PW_ARAP_PASSWORD =70 , PW_ARAP_FEATURES =71 , PW_ARAP_ZONE_ACCESS =72 , PW_ARAP_SECURITY =73 , PW_ARAP_SECURITY_DATA =74 , PW_PASSWORD_RETRY =75 , PW_PROMPT =76 , PW_CONNECT_INFO =77 , PW_CONFIGURATION_TOKEN =78 , PW_EAP_MESSAGE =79 , PW_MESSAGE_AUTHENTICATOR =80 , PW_TUNNEL_PRIVATE_GROUP_ID =81 , PW_TUNNEL_ASSIGNMENT_ID =82 , PW_TUNNEL_PREFERENCE =83 , PW_ARAP_CHALLENGE_RESPONSE =84 , PW_ACCT_INTERIM_INTERVAL =85 , PW_ACCT_TUNNEL_PACKETS_LOST =86 , PW_NAS_PORT_ID_STRING =87 , PW_FRAMED_POOL =88 , PW_CHARGEABLE_USER_IDENTITY =89 , PW_CUI =89 , PW_TUNNEL_CLIENT_AUTH_ID =90 , PW_TUNNEL_SERVER_AUTH_ID =91 , PW_NAS_FILTER_RULE =92 , PW_ORIGINATING_LINE_INFO =94 , PW_NAS_IPV6_ADDRESS =95 , PW_FRAMED_INTERFACE_ID =96 , PW_FRAMED_IPV6_PREFIX =97 , PW_LOGIN_IPV6_HOST =98 , PW_FRAMED_IPV6_ROUTE =99 , PW_FRAMED_IPV6_POOL =100 , PW_ERROR_CAUSE =101 , PW_EAP_KEY_NAME =102 , PW_DELEGATED_IPV6_PREFIX =123 , PW_FRAMED_IPV6_ADDRESS =168 , PW_DNS_SERVER_IPV6_ADDRESS =169 , PW_ROUTE_IPV6_INFORMATION =170 , PW_DIGEST_RESPONSE =206 , PW_DIGEST_ATTRIBUTES =207 , PW_DIGEST_REALM =1063 , PW_DIGEST_NONCE =1064 , PW_DIGEST_METHOD =1065 , PW_DIGEST_URI =1066 , PW_DIGEST_QOP =1067 , PW_DIGEST_ALGORITHM =1068 , PW_DIGEST_BODY_DIGEST =1069 , PW_DIGEST_CNONCE =1070 , PW_DIGEST_NONCE_COUNT =1071 , PW_DIGEST_USER_NAME =1072 , PW_USER_ID =222 , PW_USER_REALM =223 } |
| enum | rc_service_type { PW_LOGIN =1 , PW_FRAMED =2 , PW_CALLBACK_LOGIN =3 , PW_CALLBACK_FRAMED =4 , PW_OUTBOUND =5 , PW_ADMINISTRATIVE =6 , PW_NAS_PROMPT =7 , PW_AUTHENTICATE_ONLY =8 , PW_CALLBACK_NAS_PROMPT =9 } |
| enum | rc_framed_protocol { PW_PPP =1 , PW_SLIP =2 , PW_ARA = 3 , PW_GANDALF =4 , PW_XYLOGICS =5 } |
| enum | rc_framed_routing_type { PW_NONE =0 , PW_BROADCAST =1 , PW_LISTEN =2 , PW_BROADCAST_LISTEN =3 } |
| enum | rc_framed_comp { PW_COMP_NONE =0 , PW_VAN_JACOBSON_TCP_IP =1 , PW_IPX_HEADER_COMPRESSION =2 , PW_COMP_LZS =3 } |
| enum | rc_login_service_type { PW_TELNET =0 , PW_RLOGIN =1 , PW_TCP_CLEAR =2 , PW_PORTMASTER =3 , PW_LAT =4 , PW_X25_PAD =5 , PW_X25_T3POS =6 } |
| enum | rc_termination_action { PW_DEFAULT =0 , PW_RADIUS_REQUEST =1 } |
| enum | rc_acct_status_type { PW_STATUS_START =1 , PW_STATUS_STOP =2 , PW_STATUS_ALIVE =3 , PW_STATUS_MODEM_START =4 , PW_STATUS_MODEM_STOP =5 , PW_STATUS_CANCEL =6 , PW_ACCOUNTING_ON =7 , PW_ACCOUNTING_OFF =8 } |
| enum | rc_acct_terminate_cause { PW_USER_REQUEST =1 , PW_LOST_CARRIER =2 , PW_LOST_SERVICE =3 , PW_ACCT_IDLE_TIMEOUT =4 , PW_ACCT_SESSION_TIMEOUT =5 , PW_ADMIN_RESET =6 , PW_ADMIN_REBOOT =7 , PW_PORT_ERROR =8 , PW_NAS_ERROR =9 , PW_NAS_REQUEST =10 , PW_NAS_REBOOT =11 , PW_PORT_UNNEEDED =12 , PW_PORT_PREEMPTED =13 , PW_PORT_SUSPENDED =14 , PW_SERVICE_UNAVAILABLE =15 , PW_CALLBACK =16 , PW_USER_ERROR =17 , PW_HOST_REQUEST =18 } |
| enum | rc_nas_port_type { PW_ASYNC =0 , PW_SYNC =1 , PW_ISDN_SYNC =2 , PW_ISDN_SYNC_V120 =3 , PW_ISDN_SYNC_V110 =4 , PW_VIRTUAL =5 } |
| enum | rc_acct_auth_type { PW_RADIUS =1 , PW_LOCAL =2 , PW_REMOTE =3 } |
| enum | rc_vendor_pec { VENDOR_NONE =0 , VENDOR_MICROSOFT = 311 , VENDOR_ROARING_PENGUIN = 10055 } |
| enum | rc_vendor_attr_microsoft { PW_MS_CHAP_CHALLENGE = 11 , PW_MS_CHAP_RESPONSE = 1 , PW_MS_CHAP2_RESPONSE = 25 , PW_MS_CHAP2_SUCCESS = 26 , PW_MS_MPPE_ENCRYPTION_POLICY = 7 , PW_MS_MPPE_ENCRYPTION_TYPE = 8 , PW_MS_MPPE_ENCRYPTION_TYPES =PW_MS_MPPE_ENCRYPTION_TYPE , PW_MS_CHAP_MPPE_KEYS = 12 , PW_MS_MPPE_SEND_KEY = 16 , PW_MS_MPPE_RECV_KEY = 17 , PW_MS_PRIMARY_DNS_SERVER = 28 , PW_MS_SECONDARY_DNS_SERVER = 29 , PW_MS_PRIMARY_NBNS_SERVER = 30 , PW_MS_SECONDARY_NBNS_SERVER = 31 } |
| enum | rc_vendor_attr_roaringpenguin { PW_RP_UPSTREAM_LIMIT =1 , PW_RP_DOWNSTREAM_LIMIT =2 } |
| enum | rc_send_status { NETUNREACH_RC =-4 , BADRESPID_RC =-3 , BADRESP_RC =-2 , ERROR_RC =-1 , OK_RC =0 , TIMEOUT_RC =1 , REJECT_RC =2 , CHALLENGE_RC =3 } |
Functions | |
| const char * | rc_aaa_ctx_get_secret (RC_AAA_CTX *ctx) |
| const void * | rc_aaa_ctx_get_vector (RC_AAA_CTX *ctx) |
| void | rc_aaa_ctx_free (RC_AAA_CTX *ctx) |
| VALUE_PAIR * | rc_avpair_add (rc_handle const *rh, VALUE_PAIR **list, uint32_t attrid, void const *pval, int len, uint32_t vendorspec) |
| void | rc_avpair_remove (VALUE_PAIR **list, uint32_t attrid, uint32_t vendorspec) |
| VALUE_PAIR * | rc_avpair_next (VALUE_PAIR *t) |
| int | rc_avpair_assign (VALUE_PAIR *vp, void const *pval, int len) |
| VALUE_PAIR * | rc_avpair_new (rc_handle const *rh, uint32_t attrid, void const *pval, int len, uint32_t vendorspec) |
| VALUE_PAIR * | rc_avpair_gen (rc_handle const *rh, VALUE_PAIR *pair, unsigned char const *ptr, int length, uint32_t vendorspec) |
| VALUE_PAIR * | rc_avpair_get (VALUE_PAIR *vp, uint32_t attrid, uint32_t vendorspec) |
| VALUE_PAIR * | rc_avpair_copy (VALUE_PAIR *p) |
| void | rc_avpair_insert (VALUE_PAIR **a, VALUE_PAIR *p, VALUE_PAIR *b) |
| void | rc_avpair_free (VALUE_PAIR *pair) |
| int | rc_avpair_parse (rc_handle const *rh, char const *buffer, VALUE_PAIR **first_pair) |
| int | rc_avpair_tostr (rc_handle const *rh, VALUE_PAIR *pair, char *name, int ln, char *value, int lv) |
| char * | rc_avpair_log (rc_handle const *rh, VALUE_PAIR *pair, char *buf, size_t buf_len) |
| int | rc_avpair_get_uint32 (VALUE_PAIR *vp, uint32_t *res) |
| int | rc_avpair_get_in6 (VALUE_PAIR *vp, struct in6_addr *res, unsigned *prefix) |
| int | rc_avpair_get_raw (VALUE_PAIR *vp, char **res, unsigned *res_size) |
| void | rc_avpair_get_attr (VALUE_PAIR *vp, unsigned *type, unsigned *id) |
| void | rc_buildreq (rc_handle const *rh, SEND_DATA *data, int code, char *server, unsigned short port, char *secret, int timeout, int retries) |
| int | rc_aaa_ctx (rc_handle *rh, RC_AAA_CTX **ctx, uint32_t nas_port, VALUE_PAIR *send, VALUE_PAIR **received, char *msg, int add_nas_port, rc_standard_codes request_type) |
| int | rc_aaa_ctx_server (rc_handle *rh, RC_AAA_CTX **ctx, SERVER *aaaserver, rc_type type, uint32_t nas_port, VALUE_PAIR *send, VALUE_PAIR **received, char *msg, int add_nas_port, rc_standard_codes request_type) |
| int | rc_aaa (rc_handle *rh, uint32_t nas_port, VALUE_PAIR *send, VALUE_PAIR **received, char *msg, int add_nas_port, rc_standard_codes request_type) |
| int | rc_auth (rc_handle *rh, uint32_t nas_port, VALUE_PAIR *send, VALUE_PAIR **received, char *msg) |
| int | rc_auth_proxy (rc_handle *rh, VALUE_PAIR *send, VALUE_PAIR **received, char *msg) |
| int | rc_acct (rc_handle *rh, uint32_t nas_port, VALUE_PAIR *send) |
| int | rc_acct_proxy (rc_handle *rh, VALUE_PAIR *send) |
| int | rc_check (rc_handle *rh, char *host, char *secret, unsigned short port, char *msg) |
| int | rc_add_config (rc_handle *rh, char const *option_name, char const *option_val, char const *source, int line) |
| rc_handle * | rc_config_init (rc_handle *rh) |
| int | rc_apply_config (rc_handle *rh) |
| rc_handle * | rc_read_config (char const *filename) |
| char * | rc_conf_str (rc_handle const *rh, char const *optname) |
| int | rc_conf_int (rc_handle const *rh, char const *optname) |
| SERVER * | rc_conf_srv (rc_handle const *rh, char const *optname) |
| int | rc_test_config (rc_handle *rh, char const *filename) |
| int | rc_find_server_addr (rc_handle const *rh, char const *server_name, struct addrinfo **info, char *secret, rc_type type) |
| void | rc_config_free (rc_handle *rh) |
| rc_handle * | rc_new (void) |
| void | rc_destroy (rc_handle *rh) |
| rc_socket_type | rc_get_socket_type (rc_handle *rh) |
| DICT_ATTR * | rc_dict_addattr (rc_handle *rh, char const *namestr, uint32_t value, int type, uint32_t vendorspec) |
| DICT_VALUE * | rc_dict_addval (rc_handle *rh, char const *attrstr, char const *namestr, uint32_t value) |
| DICT_VENDOR * | rc_dict_addvend (rc_handle *rh, char const *namestr, uint32_t vendorspec) |
| int | rc_read_dictionary (rc_handle *rh, char const *filename) |
| int | rc_read_dictionary_from_buffer (rc_handle *rh, char const *buf, size_t size) |
| DICT_ATTR * | rc_dict_getattr (rc_handle const *rh, uint64_t attribute) |
| DICT_ATTR * | rc_dict_findattr (rc_handle const *rh, char const *attrname) |
| DICT_VALUE * | rc_dict_findval (rc_handle const *rh, char const *valname) |
| DICT_VENDOR * | rc_dict_findvend (rc_handle const *rh, char const *vendorname) |
| DICT_VENDOR * | rc_dict_getvend (rc_handle const *rh, uint32_t vendorspec) |
| DICT_VALUE * | rc_dict_getval (rc_handle const *rh, uint32_t value, char const *attrname) |
| void | rc_dict_free (rc_handle *rh) |
| int | rc_pack_list (VALUE_PAIR *vp, char *secret, AUTH_HDR *auth, int max_len) |
| int | rc_send_server (rc_handle *rh, SEND_DATA *data, char *msg, rc_type type) |
Detailed Description
Main API Functions.
Macro Definition Documentation
◆ ATTRID
◆ AUTH_HDR_LEN
◆ AUTH_ID_LEN
◆ AUTH_LOCAL_FST
◆ AUTH_LOCAL_SND
◆ AUTH_PASS_LEN
◆ AUTH_RADIUS_FST
◆ AUTH_RADIUS_SND
◆ AUTH_STRING_LEN
◆ AUTH_VECTOR_LEN
◆ CHAP_VALUE_LENGTH
◆ ENV_SIZE
◆ FALSE
◆ MAX_SECRET_LENGTH
| #define MAX_SECRET_LENGTH (16 * 16) /* MUST be multiple of 16 */ |
◆ MGMT_POLL_SECRET
| #define MGMT_POLL_SECRET "Hardlyasecret" |
◆ PATH_MAX
◆ PW_ACCT_UDP_PORT
◆ PW_ALL
◆ PW_AUTH_ONLY
◆ PW_AUTH_UDP_PORT
◆ PW_DUMB
◆ PW_MAX_MSG_SIZE
◆ RADCLI_VENDOR_ATTR_SET
| #define RADCLI_VENDOR_ATTR_SET | ( | attr, | |
| vendor ) |
◆ RADCLI_VENDOR_MASK
◆ RC_BUFFER_LEN
◆ RC_MAX
◆ RC_MAX_PACKET_LEN
| #define RC_MAX_PACKET_LEN 4096 /* RFC 2865: maximum RADIUS packet size */ |
◆ RC_MIN
◆ RC_NAME_LENGTH
◆ RC_SERVER_MAX
◆ TRUE
◆ VENDOR
| #define VENDOR | ( | x | ) |
◆ VENDOR_BIT_SIZE
Typedef Documentation
◆ RC_AAA_CTX
| typedef struct rc_aaa_ctx_st RC_AAA_CTX |
Opaque context returned by rc_aaa_ctx() after a successful request.
Captures the shared secret and the request authenticator vector (AUTH_VECTOR_LEN bytes) that were used in the last request. These can be retrieved with rc_aaa_ctx_get_secret() and rc_aaa_ctx_get_vector().
Pass NULL for the ctx argument to rc_aaa_ctx() if this information is not needed. When a context is no longer needed, free it with rc_aaa_ctx_free().
◆ rc_handle
Enumeration Type Documentation
◆ rc_acct_auth_type
| enum rc_acct_auth_type |
◆ rc_acct_status_type
| enum rc_acct_status_type |
◆ rc_acct_terminate_cause
◆ rc_attr_id
| enum rc_attr_id |
Standard RADIUS attribute-value pair identifiers
◆ rc_attr_type
| enum rc_attr_type |
Attribute types
◆ rc_framed_comp
| enum rc_framed_comp |
◆ rc_framed_protocol
| enum rc_framed_protocol |
◆ rc_framed_routing_type
◆ rc_login_service_type
◆ rc_nas_port_type
| enum rc_nas_port_type |
◆ rc_send_status
| enum rc_send_status |
Return codes for rc_send_server()
◆ rc_service_type
| enum rc_service_type |
◆ rc_socket_type
| enum rc_socket_type |
◆ rc_standard_codes
| enum rc_standard_codes |
◆ rc_termination_action
◆ rc_type
| enum rc_type |
◆ rc_vendor_attr_microsoft
◆ rc_vendor_attr_roaringpenguin
◆ rc_vendor_pec
Function Documentation
◆ rc_aaa()
| int rc_aaa | ( | rc_handle * | rh, |
| uint32_t | nas_port, | ||
| VALUE_PAIR * | send, | ||
| VALUE_PAIR ** | received, | ||
| char * | msg, | ||
| int | add_nas_port, | ||
| rc_standard_codes | request_type ) |
Builds an authentication/accounting request for port id nas_port with the value_pairs send and submits it to a server
- Parameters
-
rh a handle to parsed configuration. nas_port the physical NAS port number to use (may be zero). send a VALUE_PAIR array of values (e.g., PW_USER_NAME). received an allocated array of received values. msg must be an array of PW_MAX_MSG_SIZE or NULL; will contain the concatenation of any PW_REPLY_MESSAGE received. add_nas_port this should be zero; if non-zero it will include PW_NAS_PORT in sent pairs. request_type one of standard RADIUS codes (e.g., PW_ACCESS_REQUEST).
- Returns
- received value_pairs in received, messages from the server in msg and OK_RC (0) on success, CHALLENGE_RC (3) on Access-Challenge received, negative on failure as return value.
Definition at line 232 of file buildreq.c.
◆ rc_aaa_ctx()
| int rc_aaa_ctx | ( | rc_handle * | rh, |
| RC_AAA_CTX ** | ctx, | ||
| uint32_t | nas_port, | ||
| VALUE_PAIR * | send, | ||
| VALUE_PAIR ** | received, | ||
| char * | msg, | ||
| int | add_nas_port, | ||
| rc_standard_codes | request_type ) |
Builds an authentication/accounting request and submits it to a server, optionally returning context
Selects the server list from configuration (authserver or acctserver depending on request_type and transport), sends the request with automatic retry and server failover, and returns the server's response.
- Note
- Use rc_auth() or rc_acct() when no context is needed (they call this with
ctxset to NULL). Pass a non-NULLctxonly when you need to inspect the secret and vector used in the request afterwards.
- Parameters
-
rh a handle to parsed configuration. ctx if non-NULL, receives an allocated RC_AAA_CTX on success; the caller must free it with rc_aaa_ctx_free(). Pass NULL if not needed. nas_port the physical NAS port number to include (may be zero). send VALUE_PAIR list of attributes to send (e.g., PW_USER_NAME). received on success, receives the server's reply VALUE_PAIR list; the caller must free it with rc_avpair_free(). msg if non-NULL, must point to a buffer of PW_MAX_MSG_SIZE bytes; will contain the concatenation of any PW_REPLY_MESSAGE attributes received. add_nas_port if non-zero, PW_NAS_PORT is added to the sent pairs. request_type one of the standard RADIUS codes (e.g., PW_ACCESS_REQUEST).
- Returns
- OK_RC (0) on success, CHALLENGE_RC (3) on Access-Challenge, REJECT_RC (2) on Access-Reject, or a negative error code on failure.
Definition at line 81 of file buildreq.c.
◆ rc_aaa_ctx_free()
| void rc_aaa_ctx_free | ( | RC_AAA_CTX * | ctx | ) |
Deinitializes an RC_AAA_CTX structure.
- Parameters
-
ctx a pointer to a RC_AAA_CTX structure.
◆ rc_aaa_ctx_get_secret()
| const char * rc_aaa_ctx_get_secret | ( | RC_AAA_CTX * | ctx | ) |
Returns the secret available in this context. It is the secret value used in the request.
- Parameters
-
ctx a pointer to a RC_AAA_CTX structure.
- Returns
- a null-terminated string.
◆ rc_aaa_ctx_get_vector()
| const void * rc_aaa_ctx_get_vector | ( | RC_AAA_CTX * | ctx | ) |
Returns a pointer request vector used in the request. It is of AUTH_VECTOR_LEN size.
- Parameters
-
ctx a pointer to a RC_AAA_CTX structure.
- Returns
- a pointer to the vector.
◆ rc_aaa_ctx_server()
| int rc_aaa_ctx_server | ( | rc_handle * | rh, |
| RC_AAA_CTX ** | ctx, | ||
| SERVER * | aaaserver, | ||
| rc_type | type, | ||
| uint32_t | nas_port, | ||
| VALUE_PAIR * | send, | ||
| VALUE_PAIR ** | received, | ||
| char * | msg, | ||
| int | add_nas_port, | ||
| rc_standard_codes | request_type ) |
Builds an authentication/accounting request and submits it to a specific server
Like rc_aaa_ctx() but sends to aaaserver instead of the server list from the configuration. Use this when the caller has already selected the server (e.g., in proxy scenarios).
- Parameters
-
rh a handle to parsed configuration. ctx if non-NULL, receives an allocated RC_AAA_CTX on success; the caller must free it with rc_aaa_ctx_free(). Pass NULL if not needed. aaaserver a non-NULL SERVER describing the target server(s). type AUTH to use the authentication port, ACCT for the accounting port. Under TLS/DTLS only AUTH is valid (both auth and acct share the same TLS connection to the authserver). nas_port the physical NAS port number to include (may be zero). send VALUE_PAIR list of attributes to send (e.g., PW_USER_NAME). received on success, receives the server's reply VALUE_PAIR list; the caller must free it with rc_avpair_free(). msg if non-NULL, must point to a buffer of PW_MAX_MSG_SIZE bytes; will contain the concatenation of any PW_REPLY_MESSAGE attributes received. add_nas_port if non-zero, PW_NAS_PORT is added to the sent pairs. request_type one of the standard RADIUS codes (e.g., PW_ACCESS_REQUEST).
- Returns
- OK_RC (0) on success, CHALLENGE_RC (3) on Access-Challenge, REJECT_RC (2) on Access-Reject, or a negative error code on failure.
Definition at line 128 of file buildreq.c.
◆ rc_acct()
| int rc_acct | ( | rc_handle * | rh, |
| uint32_t | nas_port, | ||
| VALUE_PAIR * | send ) |
Builds an accounting request for port id nas_port with the value_pairs at send
- Note
- NAS-IP-Address, NAS-Port and Acct-Delay-Time get filled in by this function, the rest has to be supplied.
- Parameters
-
rh a handle to parsed configuration. nas_port the physical NAS port number to use (may be zero). send a VALUE_PAIR array of values (e.g., PW_USER_NAME).
- Returns
- received value_pairs in received, and OK_RC (0) on success, CHALLENGE_RC (3) on Access-Challenge received, negative on failure as return value.
Definition at line 291 of file buildreq.c.
◆ rc_acct_proxy()
| int rc_acct_proxy | ( | rc_handle * | rh, |
| VALUE_PAIR * | send ) |
Builds an accounting request with the value_pairs at send
- Parameters
-
rh a handle to parsed configuration. send a VALUE_PAIR array of values (e.g., PW_USER_NAME).
- Returns
- OK_RC (0) on success, CHALLENGE_RC (3) on Access-Challenge received, negative on failure as return value.
Definition at line 304 of file buildreq.c.
◆ rc_add_config()
| int rc_add_config | ( | rc_handle * | rh, |
| char const * | option_name, | ||
| char const * | option_val, | ||
| char const * | source, | ||
| int | line ) |
Allow a config option to be added to rc_handle from inside a program.
That allows programs to setup a handle without loading a configuration file.
- Parameters
-
rh a handle to parsed configuration. option_name the name of the option. option_val the value to be added. source typically should be FILE or func for logging purposes. line LINE for logging purposes.
- Returns
- 0 on success, -1 on failure.
◆ rc_apply_config()
| int rc_apply_config | ( | rc_handle * | rh | ) |
Apply configuration and initialise the transport
Must be called after all rc_add_config() calls when using programmatic configuration (i.e., without a config file). Initialises the transport selected by the serv-type option, including the TLS/DTLS handshake for TLS and DTLS transports.
- Note
- rc_read_config() calls this internally; do not call it again after rc_read_config().
See rc_config_init() for the full programmatic usage example.
- Parameters
-
rh a handle to parsed configuration.
- Returns
- 0 on success, -1 on failure.
◆ rc_auth()
| int rc_auth | ( | rc_handle * | rh, |
| uint32_t | nas_port, | ||
| VALUE_PAIR * | send, | ||
| VALUE_PAIR ** | received, | ||
| char * | msg ) |
Builds an authentication request for port id nas_port with the value_pairs send and submits it to a server
- Parameters
-
rh a handle to parsed configuration. nas_port the physical NAS port number to use (may be zero). send a VALUE_PAIR array of values (e.g., PW_USER_NAME). received an allocated array of received values. msg must be an array of PW_MAX_MSG_SIZE or NULL; will contain the concatenation of any PW_REPLY_MESSAGE received.
- Returns
- received value_pairs in received, messages from the server in msg (if non-NULL), and OK_RC (0) on success,CHALLENGE_RC (3) on Access-Challenge received, negative on failure as return value.
- Examples
- radexample.c.
Definition at line 252 of file buildreq.c.
◆ rc_auth_proxy()
| int rc_auth_proxy | ( | rc_handle * | rh, |
| VALUE_PAIR * | send, | ||
| VALUE_PAIR ** | received, | ||
| char * | msg ) |
Builds an authentication request for proxying
Builds an authentication request with the value_pairs send and submits it to a server. Works for a proxy; does not add IP address, and does does not rely on config file.
- Parameters
-
rh a handle to parsed configuration. send a VALUE_PAIR array of values (e.g., PW_USER_NAME). received an allocated array of received values. msg must be an array of PW_MAX_MSG_SIZE or NULL; will contain the concatenation of any PW_REPLY_MESSAGE received.
- Returns
- received value_pairs in received, messages from the server in msg (if non-NULL) and OK_RC (0) on success, CHALLENGE_RC (3) on Access-Challenge received, negative on failure as return value.
Definition at line 274 of file buildreq.c.
◆ rc_avpair_add()
| VALUE_PAIR * rc_avpair_add | ( | rc_handle const * | rh, |
| VALUE_PAIR ** | list, | ||
| uint32_t | attrid, | ||
| void const * | pval, | ||
| int | len, | ||
| uint32_t | vendorspec ) |
Adds an attribute-value pair to the given list
See rc_avpair_assign() for the format of the data.
- Note
- It always appends the new pair to the end of the list.
- Parameters
-
rh a handle to parsed configuration. list a VALUE_PAIR array of values; initially must be NULL. attrid The attribute of the pair to add (e.g., PW_USER_NAME). pval the value (e.g., the actual username). len the length of pval, or -1 if to calculate (in case of strings). vendorspec The vendor ID in case of a vendor specific value - 0 otherwise.
- Returns
- pointer to added a/v pair upon success, NULL pointer upon failure.
- Examples
- radexample.c.
◆ rc_avpair_assign()
| int rc_avpair_assign | ( | VALUE_PAIR * | vp, |
| void const * | pval, | ||
| int | len ) |
Assigns the given value to an attribute-value pair
If the value is of type PW_TYPE_STRING it must either be a null terminated string with len set to -1, or raw data with length properly set. For PW_TYPE_DATE, PW_TYPE_INTEGER, and PW_TYPE_IPADDR an uint32_t number should be set at pval. For IPv4 addresses it should be in host byte order.
For PW_TYPE_IPV6ADDR type a 16-byte long address is expected, and for PW_TYPE_IPV6PREFIX the rfc3162 prefix format is expected. Simply that is a zero byte, a byte with the value of prefix (e.g., 112), and the remaining bytes are the IPv6 address.
- Parameters
-
vp a pointer to a VALUE_PAIR structure. pval the value (e.g., the actual username). len the length of pval, or -1 if to calculate (in case of strings).
- Returns
- 0 on success or -1 on failure.
◆ rc_avpair_copy()
| VALUE_PAIR * rc_avpair_copy | ( | VALUE_PAIR * | p | ) |
◆ rc_avpair_free()
| void rc_avpair_free | ( | VALUE_PAIR * | pair | ) |
Frees all value_pairs in the list
- Parameters
-
pair a pointer to a VALUE_PAIR structure.
- Examples
- radexample.c.
◆ rc_avpair_gen()
| VALUE_PAIR * rc_avpair_gen | ( | rc_handle const * | rh, |
| VALUE_PAIR * | pair, | ||
| unsigned char const * | ptr, | ||
| int | length, | ||
| uint32_t | vendorspec ) |
Decode a raw RADIUS attribute buffer into a VALUE_PAIR list
- Note
- This is a low-level function retained for ABI compatibility with freeradius-client and radiusclient-ng. Application code should not call it directly; build requests with rc_avpair_add() and send them with rc_auth() or rc_acct(), which handle wire encoding and decoding internally.
Decodes the attribute/value region of a received RADIUS packet (the bytes that follow the 20-byte fixed header) into a linked list of VALUE_PAIR structures. Unknown attributes are logged and skipped; they are not a hard error.
- Parameters
-
rh a handle to parsed configuration (used for dictionary lookups). pair optional existing VALUE_PAIR list to append decoded attributes to; pass NULL to start a fresh list. ptr pointer to the start of the attribute data region. length number of bytes in the attribute region. vendorspec vendor PEN when decoding a vendor-specific sub-attribute block; pass 0 for top-level packet attributes.
- Returns
- head of the (possibly extended) VALUE_PAIR list, or NULL on a hard decode error (malformed length field, allocation failure).
◆ rc_avpair_get()
| VALUE_PAIR * rc_avpair_get | ( | VALUE_PAIR * | vp, |
| uint32_t | attrid, | ||
| uint32_t | vendorspec ) |
Find the first attribute value-pair (which matches the given attribute) from the specified value-pair list
- Parameters
-
vp a pointer to a VALUE_PAIR structure. attrid The attribute of the pair to find (e.g., PW_USER_NAME). vendorspec The vendor ID in case of a vendor specific value - 0 otherwise.
- Returns
- the value pair found.
◆ rc_avpair_get_attr()
| void rc_avpair_get_attr | ( | VALUE_PAIR * | vp, |
| unsigned * | type, | ||
| unsigned * | id ) |
Get the attribute ID and type of the given attribute value-pair
- Parameters
-
vp a pointer to a VALUE_PAIR structure. type The attribute type, of type rc_attr_type id The attribute identifier, of type rc_attr_id
◆ rc_avpair_get_in6()
| int rc_avpair_get_in6 | ( | VALUE_PAIR * | vp, |
| struct in6_addr * | res, | ||
| unsigned * | prefix ) |
Get the IPv6 address and prefix value of the given attribute value-pair
This function is valid for PW_TYPE_IPV6ADDR, PW_TYPE_IPV6PREFIX.
- Parameters
-
vp a pointer to a VALUE_PAIR structure. res An in6_addr structure for result to be copied in. prefix If of type PW_TYPE_IPV6PREFIX the prefix will be copied (may be NULL).
- Returns
- zero on success or -1 on failure.
◆ rc_avpair_get_raw()
| int rc_avpair_get_raw | ( | VALUE_PAIR * | vp, |
| char ** | res, | ||
| unsigned * | res_size ) |
Get the raw value of the given attribute value-pair
This function is valid for PW_TYPE_STRING, PW_TYPE_IPV6ADDR, PW_TYPE_IPV6PREFIX.
- Parameters
-
vp a pointer to a VALUE_PAIR structure. res Will contain pointer to the data value. res_size Will contain the data size.
- Returns
- zero on success or -1 on failure.
◆ rc_avpair_get_uint32()
| int rc_avpair_get_uint32 | ( | VALUE_PAIR * | vp, |
| uint32_t * | res ) |
Get the integer value of the given attribute value-pair
This function is valid for PW_TYPE_INTEGER, PW_TYPE_IPADDR. PW_TYPE_DATE. In PW_TYPE_IPADDR this value will contain the IPv4 address in host by order.
- Parameters
-
vp a pointer to a VALUE_PAIR structure. res The integer value returned.
- Returns
- zero on success or -1 on failure.
◆ rc_avpair_insert()
| void rc_avpair_insert | ( | VALUE_PAIR ** | a, |
| VALUE_PAIR * | p, | ||
| VALUE_PAIR * | b ) |
Insert a VALUE_PAIR into a list
Given the address of an existing list "a" and a pointer to an entry "p" in that list, add the value pair "b" to the "a" list after the "p" entry. If "p" is NULL, add the value pair "b" to the end of "a".
- Parameters
-
a a VALUE_PAIR array of values. p a pointer to a VALUE_PAIR in a. b The VALUE_PAIR pointer to add in a.
◆ rc_avpair_log()
| char * rc_avpair_log | ( | rc_handle const * | rh, |
| VALUE_PAIR * | pair, | ||
| char * | buf, | ||
| size_t | buf_len ) |
Format a sequence of attribute value pairs into a printable string
The caller should provide a storage buffer and the buffer length.
- Parameters
-
rh a handle to parsed configuration. pair a pointer to a VALUE_PAIR structure. buf will hold the string output of the pair. buf_len the size of buf.
- Returns
- a pointer to provided storage buffer.
◆ rc_avpair_new()
| VALUE_PAIR * rc_avpair_new | ( | rc_handle const * | rh, |
| uint32_t | attrid, | ||
| void const * | pval, | ||
| int | len, | ||
| uint32_t | vendorspec ) |
Make a new attribute-value pair with given parameters
See rc_avpair_assign() for the format of the data.
- Parameters
-
rh a handle to parsed configuration. attrid The attribute of the pair to add (e.g., PW_USER_NAME). pval the value (e.g., the actual username). len the length of pval, or -1 if to calculate (in case of strings). vendorspec The vendor ID in case of a vendor specific value - 0 otherwise.
- Returns
- pointer to generated a/v pair when successful, NULL when failure.
◆ rc_avpair_next()
| VALUE_PAIR * rc_avpair_next | ( | VALUE_PAIR * | t | ) |
Iterates through the attribute-value pairs
The attribute-value are organized in a linked-list, and this function provides a way to iterate them given the first element initially.
- Parameters
-
t the current pair.
- Returns
- pointer to the next pair, or NULL when finished.
- Examples
- radexample.c.
◆ rc_avpair_parse()
| int rc_avpair_parse | ( | rc_handle const * | rh, |
| char const * | buffer, | ||
| VALUE_PAIR ** | first_pair ) |
Parses the buffer to extract the attribute-value pairs
- Parameters
-
rh a handle to parsed configuration. buffer the buffer to be parsed. first_pair an allocated array of values.
- Returns
- 0 on successful parse of attribute-value pair, or -1 on syntax (or other) error detected.
◆ rc_avpair_remove()
| void rc_avpair_remove | ( | VALUE_PAIR ** | list, |
| uint32_t | attrid, | ||
| uint32_t | vendorspec ) |
Removes an attribute-value pair from the given list
See rc_avpair_assign() for the format of the data.
- Parameters
-
list a VALUE_PAIR array of values attrid The attribute of the pair to remove (e.g., PW_USER_NAME). vendorspec The vendor ID in case of a vendor specific value - 0 otherwise.
◆ rc_avpair_tostr()
| int rc_avpair_tostr | ( | rc_handle const * | rh, |
| VALUE_PAIR * | pair, | ||
| char * | name, | ||
| int | ln, | ||
| char * | value, | ||
| int | lv ) |
Translate an av_pair into printable strings
- Parameters
-
rh a handle to parsed configuration. pair a pointer to a VALUE_PAIR structure. name the name of the pair. ln the size of name. value the value of the pair. lv the size of value.
- Returns
- 0 on success, -1 on failure.
- Examples
- radexample.c.
◆ rc_buildreq()
| void rc_buildreq | ( | rc_handle const * | rh, |
| SEND_DATA * | data, | ||
| int | code, | ||
| char * | server, | ||
| unsigned short | port, | ||
| char * | secret, | ||
| int | timeout, | ||
| int | retries ) |
Build a skeleton RADIUS request using information from the config file
- Note
- This is a low-level helper used internally by rc_aaa_ctx_server(). Normal applications should call rc_auth() or rc_acct() instead of constructing SEND_DATA directly.
- Parameters
-
rh a handle to parsed configuration. data a pointer to a SEND_DATA structure. code one of standard RADIUS codes (e.g., PW_ACCESS_REQUEST). server the name of the server. port the server's port number. secret the secret used by the server. timeout the timeout in seconds of a message. retries the number of retries.
Definition at line 45 of file buildreq.c.
◆ rc_check()
| int rc_check | ( | rc_handle * | rh, |
| char * | host, | ||
| char * | secret, | ||
| unsigned short | port, | ||
| char * | msg ) |
Asks the server hostname on the specified port for a status message
- Parameters
-
rh a handle to parsed configuration. host the name of the server. secret the secret used by the server. port the server's port number. msg must be an array of PW_MAX_MSG_SIZE or NULL; will contain the concatenation of any PW_REPLY_MESSAGE received.
- Returns
- OK_RC (0) on success, negative on failure as return value.
Definition at line 320 of file buildreq.c.
◆ rc_conf_int()
| int rc_conf_int | ( | rc_handle const * | rh, |
| char const * | optname ) |
◆ rc_conf_srv()
| SERVER * rc_conf_srv | ( | rc_handle const * | rh, |
| char const * | optname ) |
◆ rc_conf_str()
| char * rc_conf_str | ( | rc_handle const * | rh, |
| char const * | optname ) |
◆ rc_config_free()
| void rc_config_free | ( | rc_handle * | rh | ) |
rc_config_free:
- Parameters
-
rh a handle to parsed configuration
Free allocated config values. For legacy compatibility reasons this will not release any dictionary entries. To release all memory from the handle use rc_destroy() instead.
◆ rc_config_init()
| rc_handle * rc_config_init | ( | rc_handle * | rh | ) |
Initialise a configuration structure for programmatic configuration
Use this when you want to configure radcli from code rather than from a file. The full call sequence is:
rc_handle *rh = rc_new();
rh = rc_config_init(rh);
__FILE__, __LINE__);
rc_apply_config(rh);
// rh is now ready for rc_auth() / rc_acct()
int rc_add_config(rc_handle *rh, char const *option_name, char const *option_val, char const *source, int line)
Definition config.c:295
The provided handle must have been allocated with rc_new(). Call rc_apply_config() after all rc_add_config() calls to activate the configuration and initialise the transport.
- Parameters
-
rh a handle allocated by rc_new().
- Returns
rhon success, NULL on failure (rh is freed on failure).
◆ rc_destroy()
| void rc_destroy | ( | rc_handle * | rh | ) |
Destroys Radius Client handle reclaiming all memory
- Parameters
-
rh The Radius client handle to free.
- Examples
- radexample.c.
◆ rc_dict_addattr()
| DICT_ATTR * rc_dict_addattr | ( | rc_handle * | rh, |
| char const * | namestr, | ||
| uint32_t | value, | ||
| int | type, | ||
| uint32_t | vendorspec ) |
◆ rc_dict_addval()
| DICT_VALUE * rc_dict_addval | ( | rc_handle * | rh, |
| char const * | attrstr, | ||
| char const * | namestr, | ||
| uint32_t | value ) |
◆ rc_dict_addvend()
| DICT_VENDOR * rc_dict_addvend | ( | rc_handle * | rh, |
| char const * | namestr, | ||
| uint32_t | vendorspec ) |
◆ rc_dict_findattr()
| DICT_ATTR * rc_dict_findattr | ( | rc_handle const * | rh, |
| char const * | attrname ) |
◆ rc_dict_findval()
| DICT_VALUE * rc_dict_findval | ( | rc_handle const * | rh, |
| char const * | valname ) |
◆ rc_dict_findvend()
| DICT_VENDOR * rc_dict_findvend | ( | rc_handle const * | rh, |
| char const * | vendorname ) |
◆ rc_dict_free()
| void rc_dict_free | ( | rc_handle * | rh | ) |
◆ rc_dict_getattr()
| DICT_ATTR * rc_dict_getattr | ( | rc_handle const * | rh, |
| uint64_t | attribute ) |
◆ rc_dict_getval()
| DICT_VALUE * rc_dict_getval | ( | rc_handle const * | rh, |
| uint32_t | value, | ||
| char const * | attrname ) |
◆ rc_dict_getvend()
| DICT_VENDOR * rc_dict_getvend | ( | rc_handle const * | rh, |
| uint32_t | vendorspec ) |
◆ rc_find_server_addr()
| int rc_find_server_addr | ( | rc_handle const * | rh, |
| char const * | server_name, | ||
| struct addrinfo ** | info, | ||
| char * | secret, | ||
| rc_type | type ) |
Locate a server in the rh config or if not found, check for a servers file
- Parameters
-
rh a handle to parsed configuration. server_name the name of the server. info will hold a pointer to addrinfo secret will hold the server's secret (of MAX_SECRET_LENGTH). type AUTH or ACCT
- Returns
- 0 on success, -1 on failure.
◆ rc_get_socket_type()
| rc_socket_type rc_get_socket_type | ( | rc_handle * | rh | ) |
◆ rc_new()
| rc_handle * rc_new | ( | void | ) |
◆ rc_pack_list()
| int rc_pack_list | ( | VALUE_PAIR * | vp, |
| char * | secret, | ||
| AUTH_HDR * | auth, | ||
| int | max_len ) |
Packs an attribute value pair list into a buffer
- Parameters
-
vp a pointer to a VALUE_PAIR. secret the secret used by the server. auth a pointer to AUTH_HDR. max_len maximum total packet length in bytes (header + attributes); callers must subtract any bytes appended after this call (e.g. 18 bytes for Message-Authenticator on auth requests).
- Returns
- The number of octets packed, or -1 if any attribute value exceeds 253 bytes or the packet would exceed max_len.
Definition at line 56 of file sendserver.c.
◆ rc_read_config()
| rc_handle * rc_read_config | ( | char const * | filename | ) |
Read the global config file
This is the primary way to initialise radcli. Loads the configuration file, initialises the transport (including TLS/DTLS handshake when applicable), and returns an opaque handle for use in subsequent calls. The format is compatible with radiusclient-ng and freeradius-client.
Standard RFC 2865/2866/2869 attributes are built into the library; the dictionary option is only needed for vendor-specific attributes.
Recognised configuration options:
Server address:
- authserver: authentication server; format is
host[:port[:secret]] (may be repeated for failover, comma-separated). - acctserver: accounting server; same format as authserver.
Transport:
- serv-type: one of
udp(default),tcp,tls,dtls. - namespace: Linux network namespace name to use for socket operations.
TLS/DTLS credentials (required when serv-type is tls or dtls):
- tls-ca-file: PEM file of the CA certificate used to verify the server.
- tls-cert-file: PEM file of the client certificate.
- tls-key-file: PEM file of the client private key.
- tls-verify-hostname: set to
falseto skip server hostname verification (not recommended).
Security:
- require-message-authenticator: set to
noto accept responses that lack the Message-Authenticator attribute. Enabled by default per draft-ietf-radext-deprecating-radius (CVE-2024-3596 / BLAST RADIUS); only disable for legacy servers that predate RFC 3579.
Tuning:
- radius_timeout: request timeout in seconds (integer, default 3).
- radius_retries: number of retries per server (integer, default 3).
- nas-ip: source IP address to bind to when sending requests.
- nas-identifier: NAS-Identifier string sent in requests.
- dictionary: path to an additional attribute dictionary file.
- clientdebug: debug verbosity level (integer; 0 = off).
- Parameters
-
filename path to the configuration file.
- Returns
- new rc_handle on success, NULL on failure.
- Examples
- radexample.c.
◆ rc_read_dictionary()
| int rc_read_dictionary | ( | rc_handle * | rh, |
| char const * | filename ) |
◆ rc_read_dictionary_from_buffer()
| int rc_read_dictionary_from_buffer | ( | rc_handle * | rh, |
| char const * | buf, | ||
| size_t | size ) |
Initialize the dictionary from Buffer
Read all ATTRIBUTES into the dictionary_attributes list. Read all VALUES into the dictionary_values list.
- Parameters
-
rh a handle to parsed configuration. buf buffer holding Dictionary info size size of buffer
- Returns
- 0 on success, -1 on failure.
◆ rc_send_server()
Sends a request to a RADIUS server and waits for the reply
- Parameters
-
rh a handle to parsed configuration data a pointer to a SEND_DATA structure msg must be an array of PW_MAX_MSG_SIZE or NULL; will contain the concatenation of any PW_REPLY_MESSAGE received. type must be AUTH or ACCT
- Returns
- OK_RC (0) on success, TIMEOUT_RC on timeout REJECT_RC on access reject, or negative on failure as return value.
Definition at line 221 of file sendserver.c.
◆ rc_test_config()
Generated by
1.14.0