| libradius.3 (b4b831ef39a3e2f33a3acd094eac471c502ec259) | libradius.3 (3fc0b61c51969c20551372e9c4adb4943e96dbd3) |
|---|---|
| 1.\" Copyright 1998 Juniper Networks, Inc. | 1.\" Copyright 1998 Juniper Networks, Inc. |
| 2.\" Copyright 2009 Alexander Motin <mav@FreeBSD.org>. |
|
| 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright --- 9 unchanged lines hidden (view full) --- 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" | 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright --- 9 unchanged lines hidden (view full) --- 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.\" $FreeBSD$ 27.\" |
| 27.Dd April 27, 2004 | 28.Dd August 5, 2009 |
| 28.Dt LIBRADIUS 3 29.Os 30.Sh NAME 31.Nm libradius | 29.Dt LIBRADIUS 3 30.Os 31.Sh NAME 32.Nm libradius |
| 32.Nd RADIUS client library | 33.Nd RADIUS client/server library |
| 33.Sh SYNOPSIS 34.In radlib.h 35.Ft "struct rad_handle *" 36.Fn rad_acct_open "void" 37.Ft int 38.Fn rad_add_server "struct rad_handle *h" "const char *host" "int port" "const char *secret" "int timeout" "int max_tries" 39.Ft "struct rad_handle *" 40.Fn rad_auth_open "void" 41.Ft void 42.Fn rad_close "struct rad_handle *h" 43.Ft int 44.Fn rad_config "struct rad_handle *h" "const char *file" 45.Ft int 46.Fn rad_continue_send_request "struct rad_handle *h" "int selected" "int *fd" "struct timeval *tv" 47.Ft int 48.Fn rad_create_request "struct rad_handle *h" "int code" | 34.Sh SYNOPSIS 35.In radlib.h 36.Ft "struct rad_handle *" 37.Fn rad_acct_open "void" 38.Ft int 39.Fn rad_add_server "struct rad_handle *h" "const char *host" "int port" "const char *secret" "int timeout" "int max_tries" 40.Ft "struct rad_handle *" 41.Fn rad_auth_open "void" 42.Ft void 43.Fn rad_close "struct rad_handle *h" 44.Ft int 45.Fn rad_config "struct rad_handle *h" "const char *file" 46.Ft int 47.Fn rad_continue_send_request "struct rad_handle *h" "int selected" "int *fd" "struct timeval *tv" 48.Ft int 49.Fn rad_create_request "struct rad_handle *h" "int code" |
| 50.Ft int 51.Fn rad_create_response "struct rad_handle *h" "int code" |
|
| 49.Ft "struct in_addr" 50.Fn rad_cvt_addr "const void *data" 51.Ft u_int32_t 52.Fn rad_cvt_int "const void *data" 53.Ft char * 54.Fn rad_cvt_string "const void *data" "size_t len" 55.Ft int 56.Fn rad_get_attr "struct rad_handle *h" "const void **data" "size_t *len" --- 17 unchanged lines hidden (view full) --- 74.Fn rad_put_vendor_attr "struct rad_handle *h" "int vendor" "int type" "const void *data" "size_t len" 75.Ft int 76.Fn rad_put_vendor_int "struct rad_handle *h" "int vendor" "int type" "u_int32_t value" 77.Ft int 78.Fn rad_put_vendor_string "struct rad_handle *h" "int vendor" "int type" "const char *str" 79.Ft ssize_t 80.Fn rad_request_authenticator "struct rad_handle *h" "char *buf" "size_t len" 81.Ft int | 52.Ft "struct in_addr" 53.Fn rad_cvt_addr "const void *data" 54.Ft u_int32_t 55.Fn rad_cvt_int "const void *data" 56.Ft char * 57.Fn rad_cvt_string "const void *data" "size_t len" 58.Ft int 59.Fn rad_get_attr "struct rad_handle *h" "const void **data" "size_t *len" --- 17 unchanged lines hidden (view full) --- 77.Fn rad_put_vendor_attr "struct rad_handle *h" "int vendor" "int type" "const void *data" "size_t len" 78.Ft int 79.Fn rad_put_vendor_int "struct rad_handle *h" "int vendor" "int type" "u_int32_t value" 80.Ft int 81.Fn rad_put_vendor_string "struct rad_handle *h" "int vendor" "int type" "const char *str" 82.Ft ssize_t 83.Fn rad_request_authenticator "struct rad_handle *h" "char *buf" "size_t len" 84.Ft int |
| 85.Fn rad_receive_request "struct rad_handle *h" 86.Ft int |
|
| 82.Fn rad_send_request "struct rad_handle *h" | 87.Fn rad_send_request "struct rad_handle *h" |
| 88.Ft int 89.Fn rad_send_response "struct rad_handle *h" 90.Ft "struct rad_handle *" 91.Fn rad_server_open "int fd" |
|
| 83.Ft "const char *" 84.Fn rad_server_secret "struct rad_handle *h" 85.Ft u_char * 86.Fn rad_demangle "struct rad_handle *h" "const void *mangled" "size_t mlen" 87.Ft u_char * 88.Fn rad_demangle_mppe_key "struct rad_handle *h" "const void *mangled" "size_t mlen" "size_t *len" 89.Ft "const char *" 90.Fn rad_strerror "struct rad_handle *h" 91.Sh DESCRIPTION 92The 93.Nm | 92.Ft "const char *" 93.Fn rad_server_secret "struct rad_handle *h" 94.Ft u_char * 95.Fn rad_demangle "struct rad_handle *h" "const void *mangled" "size_t mlen" 96.Ft u_char * 97.Fn rad_demangle_mppe_key "struct rad_handle *h" "const void *mangled" "size_t mlen" "size_t *len" 98.Ft "const char *" 99.Fn rad_strerror "struct rad_handle *h" 100.Sh DESCRIPTION 101The 102.Nm |
| 94library implements the client side of the Remote Authentication Dial 95In User Service (RADIUS). | 103library implements the Remote Authentication Dial In User Service (RADIUS). |
| 96RADIUS, defined in RFCs 2865 and 2866, 97allows clients to perform authentication and accounting by means of 98network requests to remote servers. 99.Ss Initialization 100To use the library, an application must first call 101.Fn rad_auth_open | 104RADIUS, defined in RFCs 2865 and 2866, 105allows clients to perform authentication and accounting by means of 106network requests to remote servers. 107.Ss Initialization 108To use the library, an application must first call 109.Fn rad_auth_open |
| 102or | 110, |
| 103.Fn rad_acct_open | 111.Fn rad_acct_open |
| 112or 113.Fn rad_server_open |
|
| 104to obtain a 105.Vt "struct rad_handle *" , 106which provides the context for subsequent operations. 107The former function is used for RADIUS authentication and the 108latter is used for RADIUS accounting. 109Calls to 110.Fn rad_auth_open | 114to obtain a 115.Vt "struct rad_handle *" , 116which provides the context for subsequent operations. 117The former function is used for RADIUS authentication and the 118latter is used for RADIUS accounting. 119Calls to 120.Fn rad_auth_open |
| 111and | 121, |
| 112.Fn rad_acct_open | 122.Fn rad_acct_open |
| 123and 124.Fn rad_server_open |
|
| 113always succeed unless insufficient virtual memory is available. 114If 115the necessary memory cannot be allocated, the functions return 116.Dv NULL . 117For compatibility with earlier versions of this library, 118.Fn rad_open 119is provided as a synonym for 120.Fn rad_auth_open . --- 325 unchanged lines hidden (view full) --- 446.Fn rad_strerror . 447The message text is overwritten on each new error for the given 448.Vt "struct rad_handle *" . 449Thus the message must be copied if it is to be preserved through 450subsequent library calls using the same handle. 451.Ss Cleanup 452To free the resources used by the RADIUS library, call 453.Fn rad_close . | 125always succeed unless insufficient virtual memory is available. 126If 127the necessary memory cannot be allocated, the functions return 128.Dv NULL . 129For compatibility with earlier versions of this library, 130.Fn rad_open 131is provided as a synonym for 132.Fn rad_auth_open . --- 325 unchanged lines hidden (view full) --- 458.Fn rad_strerror . 459The message text is overwritten on each new error for the given 460.Vt "struct rad_handle *" . 461Thus the message must be copied if it is to be preserved through 462subsequent library calls using the same handle. 463.Ss Cleanup 464To free the resources used by the RADIUS library, call 465.Fn rad_close . |
| 466.Ss Server operation 467Server mode operates much alike to client mode, except packet send and receieve 468steps are swapped. To operate as server you should obtain server context with 469.Fn rad_server_open 470function, passing opened and bound UDP socket file descriptor as argument. 471You should define allowed clients and their secrets using 472.Fn rad_add_server 473function. port, timeout and max_tries arguments are ignored in server mode. 474You should call 475.Fn rad_receive_request 476function to receive request from client. If you do not want to block on socket 477read, you are free to use any poll(), select() or non-blocking sockets for 478the socket. 479Received request can be parsed with same parsing functions as for client. 480To respond to the request you should call 481.Fn rad_create_response 482and fill response content with same packet writing functions as for client. 483When packet is ready, it should be sent with 484.Fn rad_send_response |
|
| 454.Sh RETURN VALUES 455The following functions return a non-negative value on success. 456If 457they detect an error, they return \-1 and record an error message 458which can be retrieved using 459.Fn rad_strerror . 460.Pp 461.Bl -item -offset indent -compact 462.It 463.Fn rad_add_server 464.It 465.Fn rad_config 466.It 467.Fn rad_create_request 468.It | 485.Sh RETURN VALUES 486The following functions return a non-negative value on success. 487If 488they detect an error, they return \-1 and record an error message 489which can be retrieved using 490.Fn rad_strerror . 491.Pp 492.Bl -item -offset indent -compact 493.It 494.Fn rad_add_server 495.It 496.Fn rad_config 497.It 498.Fn rad_create_request 499.It |
| 500.Fn rad_create_response 501.It |
|
| 469.Fn rad_get_attr 470.It 471.Fn rad_put_addr 472.It 473.Fn rad_put_attr 474.It 475.Fn rad_put_int 476.It 477.Fn rad_put_string 478.It 479.Fn rad_put_message_authentic 480.It 481.Fn rad_init_send_request 482.It 483.Fn rad_continue_send_request 484.It 485.Fn rad_send_request | 502.Fn rad_get_attr 503.It 504.Fn rad_put_addr 505.It 506.Fn rad_put_attr 507.It 508.Fn rad_put_int 509.It 510.Fn rad_put_string 511.It 512.Fn rad_put_message_authentic 513.It 514.Fn rad_init_send_request 515.It 516.Fn rad_continue_send_request 517.It 518.Fn rad_send_request |
| 519.It 520.Fn rad_send_response |
|
| 486.El 487.Pp 488The following functions return a 489.No non- Ns Dv NULL 490pointer on success. 491If they are unable to allocate sufficient 492virtual memory, they return 493.Dv NULL , 494without recording an error message. 495.Pp 496.Bl -item -offset indent -compact 497.It 498.Fn rad_acct_open 499.It 500.Fn rad_auth_open 501.It | 521.El 522.Pp 523The following functions return a 524.No non- Ns Dv NULL 525pointer on success. 526If they are unable to allocate sufficient 527virtual memory, they return 528.Dv NULL , 529without recording an error message. 530.Pp 531.Bl -item -offset indent -compact 532.It 533.Fn rad_acct_open 534.It 535.Fn rad_auth_open 536.It |
| 537.Fn rad_server_open 538.It |
|
| 502.Fn rad_cvt_string 503.El 504.Pp 505The following functions return a 506.No non- Ns Dv NULL 507pointer on success. 508If they fail, they return 509.Dv NULL , --- 38 unchanged lines hidden (view full) --- 548and donated to the 549.Fx 550project by Juniper Networks, Inc. 551.An Oleg Semyonov 552subsequently added the ability to perform RADIUS 553accounting. 554Later additions and changes by 555.An Michael Bretterklieber . | 539.Fn rad_cvt_string 540.El 541.Pp 542The following functions return a 543.No non- Ns Dv NULL 544pointer on success. 545If they fail, they return 546.Dv NULL , --- 38 unchanged lines hidden (view full) --- 585and donated to the 586.Fx 587project by Juniper Networks, Inc. 588.An Oleg Semyonov 589subsequently added the ability to perform RADIUS 590accounting. 591Later additions and changes by 592.An Michael Bretterklieber . |
| 593Server mode support was added by 594.An Alexander Motin . |
|