Lines Matching +full:multi +full:- +full:attr
3 * Copyright (c) 2002-2009, 2011-2022, Jouni Malinen <j@w1.fi>
19 * struct radius_msg - RADIUS message structure for new and parsed messages
23 * buf - Allocated buffer for RADIUS message
28 * hdr - Pointer to the RADIUS header in buf
33 * attr_pos - Array of indexes to attributes
41 * attr_size - Total size of the attribute pointer array
46 * attr_used - Total number of attributes in the array
54 return msg->hdr; in radius_msg_get_hdr()
60 return msg->buf; in radius_msg_get_buf()
68 (wpabuf_mhead_u8(msg->buf) + msg->attr_pos[idx]); in radius_get_attr_hdr()
74 msg->hdr->code = code; in radius_msg_set_hdr()
75 msg->hdr->identifier = identifier; in radius_msg_set_hdr()
81 msg->attr_pos = os_calloc(RADIUS_DEFAULT_ATTR_COUNT, in radius_msg_initialize()
82 sizeof(*msg->attr_pos)); in radius_msg_initialize()
83 if (msg->attr_pos == NULL) in radius_msg_initialize()
84 return -1; in radius_msg_initialize()
86 msg->attr_size = RADIUS_DEFAULT_ATTR_COUNT; in radius_msg_initialize()
87 msg->attr_used = 0; in radius_msg_initialize()
94 * radius_msg_new - Create a new RADIUS message
110 msg->buf = wpabuf_alloc(RADIUS_DEFAULT_MSG_SIZE); in radius_msg_new()
111 if (msg->buf == NULL || radius_msg_initialize(msg)) { in radius_msg_new()
115 msg->hdr = wpabuf_put(msg->buf, sizeof(struct radius_hdr)); in radius_msg_new()
124 * radius_msg_free - Free a RADIUS message
132 wpabuf_free(msg->buf); in radius_msg_free()
133 os_free(msg->attr_pos); in radius_msg_free()
141 case RADIUS_CODE_ACCESS_REQUEST: return "Access-Request"; in radius_code_string()
142 case RADIUS_CODE_ACCESS_ACCEPT: return "Access-Accept"; in radius_code_string()
143 case RADIUS_CODE_ACCESS_REJECT: return "Access-Reject"; in radius_code_string()
144 case RADIUS_CODE_ACCOUNTING_REQUEST: return "Accounting-Request"; in radius_code_string()
145 case RADIUS_CODE_ACCOUNTING_RESPONSE: return "Accounting-Response"; in radius_code_string()
146 case RADIUS_CODE_ACCESS_CHALLENGE: return "Access-Challenge"; in radius_code_string()
147 case RADIUS_CODE_STATUS_SERVER: return "Status-Server"; in radius_code_string()
148 case RADIUS_CODE_STATUS_CLIENT: return "Status-Client"; in radius_code_string()
150 case RADIUS_CODE_DISCONNECT_REQUEST: return "Disconnect-Request"; in radius_code_string()
151 case RADIUS_CODE_DISCONNECT_ACK: return "Disconnect-ACK"; in radius_code_string()
152 case RADIUS_CODE_DISCONNECT_NAK: return "Disconnect-NAK"; in radius_code_string()
153 case RADIUS_CODE_COA_REQUEST: return "CoA-Request"; in radius_code_string()
154 case RADIUS_CODE_COA_ACK: return "CoA-ACK"; in radius_code_string()
155 case RADIUS_CODE_COA_NAK: return "CoA-NAK"; in radius_code_string()
163 * (241 << 8) | <ext-type> for extended types */
173 { RADIUS_ATTR_USER_NAME, "User-Name", RADIUS_ATTR_TEXT },
174 { RADIUS_ATTR_USER_PASSWORD, "User-Password", RADIUS_ATTR_UNDIST },
175 { RADIUS_ATTR_NAS_IP_ADDRESS, "NAS-IP-Address", RADIUS_ATTR_IP },
176 { RADIUS_ATTR_NAS_PORT, "NAS-Port", RADIUS_ATTR_INT32 },
177 { RADIUS_ATTR_SERVICE_TYPE, "Service-Type", RADIUS_ATTR_INT32 },
178 { RADIUS_ATTR_FRAMED_IP_ADDRESS, "Framed-IP-Address", RADIUS_ATTR_IP },
179 { RADIUS_ATTR_FILTER_ID, "Filter-Id", RADIUS_ATTR_TEXT },
180 { RADIUS_ATTR_FRAMED_MTU, "Framed-MTU", RADIUS_ATTR_INT32 },
181 { RADIUS_ATTR_REPLY_MESSAGE, "Reply-Message", RADIUS_ATTR_TEXT },
184 { RADIUS_ATTR_VENDOR_SPECIFIC, "Vendor-Specific", RADIUS_ATTR_UNDIST },
185 { RADIUS_ATTR_SESSION_TIMEOUT, "Session-Timeout", RADIUS_ATTR_INT32 },
186 { RADIUS_ATTR_IDLE_TIMEOUT, "Idle-Timeout", RADIUS_ATTR_INT32 },
187 { RADIUS_ATTR_TERMINATION_ACTION, "Termination-Action",
189 { RADIUS_ATTR_CALLED_STATION_ID, "Called-Station-Id",
191 { RADIUS_ATTR_CALLING_STATION_ID, "Calling-Station-Id",
193 { RADIUS_ATTR_NAS_IDENTIFIER, "NAS-Identifier", RADIUS_ATTR_TEXT },
194 { RADIUS_ATTR_PROXY_STATE, "Proxy-State", RADIUS_ATTR_UNDIST },
195 { RADIUS_ATTR_ACCT_STATUS_TYPE, "Acct-Status-Type",
197 { RADIUS_ATTR_ACCT_DELAY_TIME, "Acct-Delay-Time", RADIUS_ATTR_INT32 },
198 { RADIUS_ATTR_ACCT_INPUT_OCTETS, "Acct-Input-Octets",
200 { RADIUS_ATTR_ACCT_OUTPUT_OCTETS, "Acct-Output-Octets",
202 { RADIUS_ATTR_ACCT_SESSION_ID, "Acct-Session-Id", RADIUS_ATTR_TEXT },
203 { RADIUS_ATTR_ACCT_AUTHENTIC, "Acct-Authentic", RADIUS_ATTR_INT32 },
204 { RADIUS_ATTR_ACCT_SESSION_TIME, "Acct-Session-Time",
206 { RADIUS_ATTR_ACCT_INPUT_PACKETS, "Acct-Input-Packets",
208 { RADIUS_ATTR_ACCT_OUTPUT_PACKETS, "Acct-Output-Packets",
210 { RADIUS_ATTR_ACCT_TERMINATE_CAUSE, "Acct-Terminate-Cause",
212 { RADIUS_ATTR_ACCT_MULTI_SESSION_ID, "Acct-Multi-Session-Id",
214 { RADIUS_ATTR_ACCT_LINK_COUNT, "Acct-Link-Count", RADIUS_ATTR_INT32 },
215 { RADIUS_ATTR_ACCT_INPUT_GIGAWORDS, "Acct-Input-Gigawords",
217 { RADIUS_ATTR_ACCT_OUTPUT_GIGAWORDS, "Acct-Output-Gigawords",
219 { RADIUS_ATTR_EVENT_TIMESTAMP, "Event-Timestamp",
221 { RADIUS_ATTR_EGRESS_VLANID, "EGRESS-VLANID", RADIUS_ATTR_HEXDUMP },
222 { RADIUS_ATTR_NAS_PORT_TYPE, "NAS-Port-Type", RADIUS_ATTR_INT32 },
223 { RADIUS_ATTR_TUNNEL_TYPE, "Tunnel-Type", RADIUS_ATTR_HEXDUMP },
224 { RADIUS_ATTR_TUNNEL_MEDIUM_TYPE, "Tunnel-Medium-Type",
226 { RADIUS_ATTR_TUNNEL_PASSWORD, "Tunnel-Password",
228 { RADIUS_ATTR_CONNECT_INFO, "Connect-Info", RADIUS_ATTR_TEXT },
229 { RADIUS_ATTR_EAP_MESSAGE, "EAP-Message", RADIUS_ATTR_UNDIST },
230 { RADIUS_ATTR_MESSAGE_AUTHENTICATOR, "Message-Authenticator",
232 { RADIUS_ATTR_TUNNEL_PRIVATE_GROUP_ID, "Tunnel-Private-Group-Id",
234 { RADIUS_ATTR_ACCT_INTERIM_INTERVAL, "Acct-Interim-Interval",
236 { RADIUS_ATTR_CHARGEABLE_USER_IDENTITY, "Chargeable-User-Identity",
238 { RADIUS_ATTR_NAS_IPV6_ADDRESS, "NAS-IPv6-Address", RADIUS_ATTR_IPV6 },
239 { RADIUS_ATTR_ERROR_CAUSE, "Error-Cause", RADIUS_ATTR_INT32 },
240 { RADIUS_ATTR_EAP_KEY_NAME, "EAP-Key-Name", RADIUS_ATTR_HEXDUMP },
241 { RADIUS_ATTR_OPERATOR_NAME, "Operator-Name", RADIUS_ATTR_TEXT },
242 { RADIUS_ATTR_LOCATION_INFO, "Location-Information",
244 { RADIUS_ATTR_LOCATION_DATA, "Location-Data", RADIUS_ATTR_HEXDUMP },
246 "Basic-Location-Policy-Rules", RADIUS_ATTR_HEXDUMP },
248 "Extended-Location-Policy-Rules", RADIUS_ATTR_HEXDUMP },
249 { RADIUS_ATTR_LOCATION_CAPABLE, "Location-Capable", RADIUS_ATTR_INT32 },
250 { RADIUS_ATTR_REQUESTED_LOCATION_INFO, "Requested-Location-Info",
252 { RADIUS_ATTR_MOBILITY_DOMAIN_ID, "Mobility-Domain-Id",
254 { RADIUS_ATTR_WLAN_HESSID, "WLAN-HESSID", RADIUS_ATTR_TEXT },
255 { RADIUS_ATTR_WLAN_REASON_CODE, "WLAN-Reason-Code",
257 { RADIUS_ATTR_WLAN_PAIRWISE_CIPHER, "WLAN-Pairwise-Cipher",
259 { RADIUS_ATTR_WLAN_GROUP_CIPHER, "WLAN-Group-Cipher",
261 { RADIUS_ATTR_WLAN_AKM_SUITE, "WLAN-AKM-Suite",
263 { RADIUS_ATTR_WLAN_GROUP_MGMT_CIPHER, "WLAN-Group-Mgmt-Pairwise-Cipher",
265 { RADIUS_ATTR_EXT_TYPE_1, "Extended-Type-1", RADIUS_ATTR_UNDIST },
266 { RADIUS_ATTR_EXT_TYPE_2, "Extended-Type-2", RADIUS_ATTR_UNDIST },
267 { RADIUS_ATTR_EXT_TYPE_3, "Extended-Type-3", RADIUS_ATTR_UNDIST },
268 { RADIUS_ATTR_EXT_TYPE_4, "Extended-Type-4", RADIUS_ATTR_UNDIST },
269 { RADIUS_ATTR_LONG_EXT_TYPE_1, "Long-Extended-Type-1",
271 { RADIUS_ATTR_LONG_EXT_TYPE_2, "Long-Extended-Type-2",
273 { RADIUS_ATTR_EXT_VENDOR_SPECIFIC_1, "Extended-Vendor-Specific-1",
275 { RADIUS_ATTR_EXT_VENDOR_SPECIFIC_2, "Extended-Vendor-Specific-2",
277 { RADIUS_ATTR_EXT_VENDOR_SPECIFIC_3, "Extended-Vendor-Specific-3",
279 { RADIUS_ATTR_EXT_VENDOR_SPECIFIC_4, "Extended-Vendor-Specific-4",
281 { RADIUS_ATTR_EXT_VENDOR_SPECIFIC_5, "Extended-Vendor-Specific-5",
283 { RADIUS_ATTR_EXT_VENDOR_SPECIFIC_6, "Extended-Vendor-Specific-6",
319 const struct radius_attr_type *attr; in radius_msg_dump_attr() local
324 if (hdr->length < sizeof(struct radius_attr_hdr)) in radius_msg_dump_attr()
327 if (radius_is_ext_type(hdr->type)) { in radius_msg_dump_attr()
328 if (hdr->length < 4) { in radius_msg_dump_attr()
331 hdr->type); in radius_msg_dump_attr()
339 attr = radius_get_attr_type((ext->type << 8) | ext->ext_type); in radius_msg_dump_attr()
341 ext->type, ext->ext_type, in radius_msg_dump_attr()
342 attr ? attr->name : "?Unknown?", ext->length); in radius_msg_dump_attr()
344 len = ext->length - sizeof(struct radius_attr_hdr_ext); in radius_msg_dump_attr()
346 attr = radius_get_attr_type(hdr->type); in radius_msg_dump_attr()
348 hdr->type, attr ? attr->name : "?Unknown?", in radius_msg_dump_attr()
349 hdr->length); in radius_msg_dump_attr()
351 len = hdr->length - sizeof(struct radius_attr_hdr); in radius_msg_dump_attr()
354 if (!attr) in radius_msg_dump_attr()
357 switch (attr->data_type) { in radius_msg_dump_attr()
416 msg->hdr->code, radius_code_string(msg->hdr->code), in radius_msg_dump()
417 msg->hdr->identifier, be_to_host16(msg->hdr->length)); in radius_msg_dump()
419 for (i = 0; i < msg->attr_used; i++) { in radius_msg_dump()
420 struct radius_attr_hdr *attr = radius_get_attr_hdr(msg, i); in radius_msg_dump() local
421 radius_msg_dump_attr(attr); in radius_msg_dump()
429 struct radius_attr_hdr *attr; in radius_msg_add_msg_auth() local
432 attr = radius_msg_add_attr(msg, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, in radius_msg_add_msg_auth()
434 if (!attr) { in radius_msg_add_msg_auth()
436 "WARNING: Could not add Message-Authenticator"); in radius_msg_add_msg_auth()
440 return (u8 *) (attr + 1); in radius_msg_add_msg_auth()
452 /* Use already added Message-Authenticator attribute */ in radius_msg_auth_pos()
456 /* Add a Message-Authenticator attribute */ in radius_msg_auth_pos()
469 return -1; in radius_msg_finish()
470 msg->hdr->length = host_to_be16(wpabuf_len(msg->buf)); in radius_msg_finish()
471 if (hmac_md5(secret, secret_len, wpabuf_head(msg->buf), in radius_msg_finish()
472 wpabuf_len(msg->buf), pos) < 0) in radius_msg_finish()
473 return -1; in radius_msg_finish()
475 msg->hdr->length = host_to_be16(wpabuf_len(msg->buf)); in radius_msg_finish()
477 if (wpabuf_len(msg->buf) > 0xffff) { in radius_msg_finish()
479 (unsigned long) wpabuf_len(msg->buf)); in radius_msg_finish()
480 return -1; in radius_msg_finish()
495 return -1; in radius_msg_finish_srv()
496 msg->hdr->length = host_to_be16(wpabuf_len(msg->buf)); in radius_msg_finish_srv()
497 os_memcpy(msg->hdr->authenticator, req_authenticator, in radius_msg_finish_srv()
498 sizeof(msg->hdr->authenticator)); in radius_msg_finish_srv()
499 if (hmac_md5(secret, secret_len, wpabuf_head(msg->buf), in radius_msg_finish_srv()
500 wpabuf_len(msg->buf), pos) < 0) in radius_msg_finish_srv()
501 return -1; in radius_msg_finish_srv()
504 addr[0] = (u8 *) msg->hdr; in radius_msg_finish_srv()
508 addr[2] = wpabuf_head_u8(msg->buf) + sizeof(struct radius_hdr); in radius_msg_finish_srv()
509 len[2] = wpabuf_len(msg->buf) - sizeof(struct radius_hdr); in radius_msg_finish_srv()
512 md5_vector(4, addr, len, msg->hdr->authenticator); in radius_msg_finish_srv()
514 if (wpabuf_len(msg->buf) > 0xffff) { in radius_msg_finish_srv()
516 (unsigned long) wpabuf_len(msg->buf)); in radius_msg_finish_srv()
517 return -1; in radius_msg_finish_srv()
533 return -1; in radius_msg_finish_das_resp()
535 msg->hdr->length = host_to_be16(wpabuf_len(msg->buf)); in radius_msg_finish_das_resp()
536 os_memcpy(msg->hdr->authenticator, req_hdr->authenticator, 16); in radius_msg_finish_das_resp()
537 if (hmac_md5(secret, secret_len, wpabuf_head(msg->buf), in radius_msg_finish_das_resp()
538 wpabuf_len(msg->buf), pos) < 0) in radius_msg_finish_das_resp()
539 return -1; in radius_msg_finish_das_resp()
542 addr[0] = wpabuf_head_u8(msg->buf); in radius_msg_finish_das_resp()
543 len[0] = wpabuf_len(msg->buf); in radius_msg_finish_das_resp()
546 if (md5_vector(2, addr, len, msg->hdr->authenticator) < 0) in radius_msg_finish_das_resp()
547 return -1; in radius_msg_finish_das_resp()
549 if (wpabuf_len(msg->buf) > 0xffff) { in radius_msg_finish_das_resp()
551 (unsigned long) wpabuf_len(msg->buf)); in radius_msg_finish_das_resp()
552 return -1; in radius_msg_finish_das_resp()
564 msg->hdr->length = host_to_be16(wpabuf_len(msg->buf)); in radius_msg_finish_acct()
565 os_memset(msg->hdr->authenticator, 0, MD5_MAC_LEN); in radius_msg_finish_acct()
566 addr[0] = wpabuf_head(msg->buf); in radius_msg_finish_acct()
567 len[0] = wpabuf_len(msg->buf); in radius_msg_finish_acct()
570 md5_vector(2, addr, len, msg->hdr->authenticator); in radius_msg_finish_acct()
572 if (wpabuf_len(msg->buf) > 0xffff) { in radius_msg_finish_acct()
574 (unsigned long) wpabuf_len(msg->buf)); in radius_msg_finish_acct()
585 msg->hdr->length = host_to_be16(wpabuf_len(msg->buf)); in radius_msg_finish_acct_resp()
586 os_memcpy(msg->hdr->authenticator, req_authenticator, MD5_MAC_LEN); in radius_msg_finish_acct_resp()
587 addr[0] = wpabuf_head(msg->buf); in radius_msg_finish_acct_resp()
588 len[0] = wpabuf_len(msg->buf); in radius_msg_finish_acct_resp()
591 md5_vector(2, addr, len, msg->hdr->authenticator); in radius_msg_finish_acct_resp()
593 if (wpabuf_len(msg->buf) > 0xffff) { in radius_msg_finish_acct_resp()
595 (unsigned long) wpabuf_len(msg->buf)); in radius_msg_finish_acct_resp()
609 addr[0] = (u8 *) msg->hdr; in radius_msg_verify_acct_req()
610 len[0] = sizeof(struct radius_hdr) - MD5_MAC_LEN; in radius_msg_verify_acct_req()
613 addr[2] = (u8 *) (msg->hdr + 1); in radius_msg_verify_acct_req()
614 len[2] = wpabuf_len(msg->buf) - sizeof(struct radius_hdr); in radius_msg_verify_acct_req()
618 return os_memcmp_const(msg->hdr->authenticator, hash, MD5_MAC_LEN) != 0; in radius_msg_verify_acct_req()
633 struct radius_attr_hdr *attr = NULL, *tmp; in radius_msg_verify_das_req() local
637 addr[0] = (u8 *) msg->hdr; in radius_msg_verify_das_req()
638 len[0] = sizeof(struct radius_hdr) - MD5_MAC_LEN; in radius_msg_verify_das_req()
641 addr[2] = (u8 *) (msg->hdr + 1); in radius_msg_verify_das_req()
642 len[2] = wpabuf_len(msg->buf) - sizeof(struct radius_hdr); in radius_msg_verify_das_req()
646 if (os_memcmp_const(msg->hdr->authenticator, hash, MD5_MAC_LEN) != 0) in radius_msg_verify_das_req()
649 for (i = 0; i < msg->attr_used; i++) { in radius_msg_verify_das_req()
651 if (tmp->type == RADIUS_ATTR_MESSAGE_AUTHENTICATOR) { in radius_msg_verify_das_req()
652 if (attr != NULL) { in radius_msg_verify_das_req()
654 "Message-Authenticator attributes " in radius_msg_verify_das_req()
658 attr = tmp; in radius_msg_verify_das_req()
662 if (attr == NULL) { in radius_msg_verify_das_req()
665 "Missing Message-Authenticator attribute in RADIUS message"); in radius_msg_verify_das_req()
671 os_memcpy(orig, attr + 1, MD5_MAC_LEN); in radius_msg_verify_das_req()
672 os_memset(attr + 1, 0, MD5_MAC_LEN); in radius_msg_verify_das_req()
673 os_memcpy(orig_authenticator, msg->hdr->authenticator, in radius_msg_verify_das_req()
675 os_memset(msg->hdr->authenticator, 0, in radius_msg_verify_das_req()
676 sizeof(msg->hdr->authenticator)); in radius_msg_verify_das_req()
677 hmac_md5(secret, secret_len, wpabuf_head(msg->buf), in radius_msg_verify_das_req()
678 wpabuf_len(msg->buf), auth); in radius_msg_verify_das_req()
679 os_memcpy(attr + 1, orig, MD5_MAC_LEN); in radius_msg_verify_das_req()
680 os_memcpy(msg->hdr->authenticator, orig_authenticator, in radius_msg_verify_das_req()
688 struct radius_attr_hdr *attr) in radius_msg_add_attr_to_array() argument
690 if (msg->attr_used >= msg->attr_size) { in radius_msg_add_attr_to_array()
692 size_t nlen = msg->attr_size * 2; in radius_msg_add_attr_to_array()
694 nattr_pos = os_realloc_array(msg->attr_pos, nlen, in radius_msg_add_attr_to_array()
695 sizeof(*msg->attr_pos)); in radius_msg_add_attr_to_array()
697 return -1; in radius_msg_add_attr_to_array()
699 msg->attr_pos = nattr_pos; in radius_msg_add_attr_to_array()
700 msg->attr_size = nlen; in radius_msg_add_attr_to_array()
703 msg->attr_pos[msg->attr_used++] = in radius_msg_add_attr_to_array()
704 (unsigned char *) attr - wpabuf_head_u8(msg->buf); in radius_msg_add_attr_to_array()
714 struct radius_attr_hdr *attr = NULL; in radius_msg_add_attr() local
737 size_t plen = 255 - hdr_len; in radius_msg_add_attr()
741 num = (data_len + plen - 1) / plen; in radius_msg_add_attr()
750 buf_needed = sizeof(*attr) + data_len; in radius_msg_add_attr()
759 if (wpabuf_tailroom(msg->buf) < buf_needed) { in radius_msg_add_attr()
761 if (wpabuf_resize(&msg->buf, buf_needed) < 0) in radius_msg_add_attr()
763 msg->hdr = wpabuf_mhead(msg->buf); in radius_msg_add_attr()
767 size_t plen = 255 - sizeof(struct radius_attr_hdr_ext) - 1; in radius_msg_add_attr()
772 ext = wpabuf_put(msg->buf, in radius_msg_add_attr()
774 if (!attr) in radius_msg_add_attr()
775 attr = (struct radius_attr_hdr *) ext; in radius_msg_add_attr()
776 ext->type = type; in radius_msg_add_attr()
777 ext->length = sizeof(*ext) + 1 + alen; in radius_msg_add_attr()
778 ext->ext_type = ext_type; in radius_msg_add_attr()
779 wpabuf_put_u8(msg->buf, data_len > alen ? 0x80 : 0); in radius_msg_add_attr()
780 wpabuf_put_data(msg->buf, data, data_len); in radius_msg_add_attr()
782 data_len -= alen; in radius_msg_add_attr()
788 ext = wpabuf_put(msg->buf, sizeof(struct radius_attr_hdr_ext)); in radius_msg_add_attr()
789 attr = (struct radius_attr_hdr *) ext; in radius_msg_add_attr()
790 ext->type = type; in radius_msg_add_attr()
791 ext->length = sizeof(*ext) + data_len; in radius_msg_add_attr()
792 ext->ext_type = ext_type; in radius_msg_add_attr()
793 wpabuf_put_data(msg->buf, data, data_len); in radius_msg_add_attr()
794 if (radius_msg_add_attr_to_array(msg, attr)) in radius_msg_add_attr()
797 attr = wpabuf_put(msg->buf, sizeof(struct radius_attr_hdr)); in radius_msg_add_attr()
798 attr->type = type; in radius_msg_add_attr()
799 attr->length = sizeof(*attr) + data_len; in radius_msg_add_attr()
800 wpabuf_put_data(msg->buf, data, data_len); in radius_msg_add_attr()
801 if (radius_msg_add_attr_to_array(msg, attr)) in radius_msg_add_attr()
805 return attr; in radius_msg_add_attr()
810 * radius_msg_parse - Parse a RADIUS message
822 struct radius_attr_hdr *attr; in radius_msg_parse() local
831 msg_len = be_to_host16(hdr->length); in radius_msg_parse()
839 "RADIUS message", (unsigned long) len - msg_len); in radius_msg_parse()
846 msg->buf = wpabuf_alloc_copy(data, msg_len); in radius_msg_parse()
847 if (msg->buf == NULL || radius_msg_initialize(msg)) { in radius_msg_parse()
851 msg->hdr = wpabuf_mhead(msg->buf); in radius_msg_parse()
854 pos = wpabuf_mhead_u8(msg->buf) + sizeof(struct radius_hdr); in radius_msg_parse()
855 end = wpabuf_mhead_u8(msg->buf) + wpabuf_len(msg->buf); in radius_msg_parse()
857 if ((size_t) (end - pos) < sizeof(*attr)) in radius_msg_parse()
860 attr = (struct radius_attr_hdr *) pos; in radius_msg_parse()
862 if (attr->length > end - pos || attr->length < sizeof(*attr)) in radius_msg_parse()
865 /* TODO: check that attr->length is suitable for attr->type */ in radius_msg_parse()
867 if (radius_msg_add_attr_to_array(msg, attr)) in radius_msg_parse()
870 pos += attr->length; in radius_msg_parse()
898 left -= len; in radius_msg_add_eap()
909 struct radius_attr_hdr *attr; in radius_msg_get_eap() local
915 for (i = 0; i < msg->attr_used; i++) { in radius_msg_get_eap()
916 attr = radius_get_attr_hdr(msg, i); in radius_msg_get_eap()
917 if (attr->type == RADIUS_ATTR_EAP_MESSAGE && in radius_msg_get_eap()
918 attr->length > sizeof(struct radius_attr_hdr)) in radius_msg_get_eap()
919 len += attr->length - sizeof(struct radius_attr_hdr); in radius_msg_get_eap()
929 for (i = 0; i < msg->attr_used; i++) { in radius_msg_get_eap()
930 attr = radius_get_attr_hdr(msg, i); in radius_msg_get_eap()
931 if (attr->type == RADIUS_ATTR_EAP_MESSAGE && in radius_msg_get_eap()
932 attr->length > sizeof(struct radius_attr_hdr)) { in radius_msg_get_eap()
933 int flen = attr->length - sizeof(*attr); in radius_msg_get_eap()
934 wpabuf_put_data(eap, attr + 1, flen); in radius_msg_get_eap()
947 struct radius_attr_hdr *attr = NULL, *tmp; in radius_msg_verify_msg_auth() local
950 for (i = 0; i < msg->attr_used; i++) { in radius_msg_verify_msg_auth()
952 if (tmp->type == RADIUS_ATTR_MESSAGE_AUTHENTICATOR) { in radius_msg_verify_msg_auth()
953 if (attr != NULL) { in radius_msg_verify_msg_auth()
954 wpa_printf(MSG_INFO, "Multiple Message-Authenticator attributes in RADIUS message"); in radius_msg_verify_msg_auth()
957 attr = tmp; in radius_msg_verify_msg_auth()
961 if (attr == NULL) { in radius_msg_verify_msg_auth()
962 wpa_printf(MSG_INFO, "No Message-Authenticator attribute found"); in radius_msg_verify_msg_auth()
966 os_memcpy(orig, attr + 1, MD5_MAC_LEN); in radius_msg_verify_msg_auth()
967 os_memset(attr + 1, 0, MD5_MAC_LEN); in radius_msg_verify_msg_auth()
969 os_memcpy(orig_authenticator, msg->hdr->authenticator, in radius_msg_verify_msg_auth()
971 os_memcpy(msg->hdr->authenticator, req_auth, in radius_msg_verify_msg_auth()
972 sizeof(msg->hdr->authenticator)); in radius_msg_verify_msg_auth()
974 if (hmac_md5(secret, secret_len, wpabuf_head(msg->buf), in radius_msg_verify_msg_auth()
975 wpabuf_len(msg->buf), auth) < 0) in radius_msg_verify_msg_auth()
977 os_memcpy(attr + 1, orig, MD5_MAC_LEN); in radius_msg_verify_msg_auth()
979 os_memcpy(msg->hdr->authenticator, orig_authenticator, in radius_msg_verify_msg_auth()
984 wpa_printf(MSG_INFO, "Invalid Message-Authenticator!"); in radius_msg_verify_msg_auth()
1000 wpa_printf(MSG_INFO, "No matching Access-Request message found"); in radius_msg_verify()
1011 /* Check the Message-Authenticator attribute since it in radius_msg_verify()
1020 sent_msg->hdr->authenticator)) { in radius_msg_verify()
1025 addr[0] = (u8 *) msg->hdr; in radius_msg_verify()
1027 addr[1] = sent_msg->hdr->authenticator; in radius_msg_verify()
1029 addr[2] = wpabuf_head_u8(msg->buf) + sizeof(struct radius_hdr); in radius_msg_verify()
1030 len[2] = wpabuf_len(msg->buf) - sizeof(struct radius_hdr); in radius_msg_verify()
1034 os_memcmp_const(hash, msg->hdr->authenticator, MD5_MAC_LEN) != 0) { in radius_msg_verify()
1046 struct radius_attr_hdr *attr; in radius_msg_copy_attr() local
1050 for (i = 0; i < src->attr_used; i++) { in radius_msg_copy_attr()
1051 attr = radius_get_attr_hdr(src, i); in radius_msg_copy_attr()
1052 if (attr->type == type && attr->length >= sizeof(*attr)) { in radius_msg_copy_attr()
1053 if (!radius_msg_add_attr(dst, type, (u8 *) (attr + 1), in radius_msg_copy_attr()
1054 attr->length - sizeof(*attr))) in radius_msg_copy_attr()
1055 return -1; in radius_msg_copy_attr()
1069 return os_get_random((u8 *) &msg->hdr->authenticator, in radius_msg_make_authenticator()
1070 sizeof(msg->hdr->authenticator)); in radius_msg_make_authenticator()
1074 /* Get Vendor-specific RADIUS Attribute from a parsed RADIUS message.
1089 for (i = 0; i < msg->attr_used; i++) { in radius_msg_get_vendor_attr()
1090 struct radius_attr_hdr *attr = radius_get_attr_hdr(msg, i); in radius_msg_get_vendor_attr() local
1095 if (attr->type != RADIUS_ATTR_VENDOR_SPECIFIC || in radius_msg_get_vendor_attr()
1096 attr->length < sizeof(*attr)) in radius_msg_get_vendor_attr()
1099 left = attr->length - sizeof(*attr); in radius_msg_get_vendor_attr()
1103 pos = (u8 *) (attr + 1); in radius_msg_get_vendor_attr()
1107 left -= 4; in radius_msg_get_vendor_attr()
1114 if (vhdr->vendor_length > left || in radius_msg_get_vendor_attr()
1115 vhdr->vendor_length < sizeof(*vhdr)) { in radius_msg_get_vendor_attr()
1118 if (vhdr->vendor_type != subtype) { in radius_msg_get_vendor_attr()
1119 pos += vhdr->vendor_length; in radius_msg_get_vendor_attr()
1120 left -= vhdr->vendor_length; in radius_msg_get_vendor_attr()
1124 len = vhdr->vendor_length - sizeof(*vhdr); in radius_msg_get_vendor_attr()
1150 /* key: 16-bit salt followed by encrypted key info */ in decrypt_ms_key()
1159 left = len - 2; in decrypt_ms_key()
1173 /* b(1) = MD5(Secret + Request-Authenticator + Salt) in decrypt_ms_key()
1174 * b(i) = MD5(Secret + c(i - 1)) for i > 1 */ in decrypt_ms_key()
1184 addr[1] = pos - MD5_MAC_LEN; in decrypt_ms_key()
1195 left -= MD5_MAC_LEN; in decrypt_ms_key()
1198 if (plain[0] == 0 || plain[0] > plen - 1) { in decrypt_ms_key()
1240 /* b(1) = MD5(Secret + Request-Authenticator + Salt) in encrypt_ms_key()
1241 * b(i) = MD5(Secret + c(i - 1)) for i > 1 */ in encrypt_ms_key()
1250 addr[1] = pos - MD5_MAC_LEN; in encrypt_ms_key()
1259 len -= MD5_MAC_LEN; in encrypt_ms_key()
1283 keys->send = decrypt_ms_key(key, keylen, in radius_msg_get_ms_keys()
1284 sent_msg->hdr->authenticator, in radius_msg_get_ms_keys()
1286 &keys->send_len); in radius_msg_get_ms_keys()
1287 if (!keys->send) { in radius_msg_get_ms_keys()
1298 keys->recv = decrypt_ms_key(key, keylen, in radius_msg_get_ms_keys()
1299 sent_msg->hdr->authenticator, in radius_msg_get_ms_keys()
1301 &keys->recv_len); in radius_msg_get_ms_keys()
1302 if (!keys->recv) { in radius_msg_get_ms_keys()
1331 os_memcmp(key, "leap:session-key=", 17) == 0) { in radius_msg_get_cisco_keys()
1332 keys->recv = decrypt_ms_key(key + 17, keylen - 17, in radius_msg_get_cisco_keys()
1333 sent_msg->hdr->authenticator, in radius_msg_get_cisco_keys()
1335 &keys->recv_len); in radius_msg_get_cisco_keys()
1349 struct radius_attr_hdr *attr; in radius_msg_add_mppe_keys() local
1360 /* MS-MPPE-Send-Key */ in radius_msg_add_mppe_keys()
1369 vhdr->vendor_type = RADIUS_VENDOR_ATTR_MS_MPPE_SEND_KEY; in radius_msg_add_mppe_keys()
1380 vhdr->vendor_length = hlen + elen - sizeof(vendor_id); in radius_msg_add_mppe_keys()
1382 attr = radius_msg_add_attr(msg, RADIUS_ATTR_VENDOR_SPECIFIC, in radius_msg_add_mppe_keys()
1385 if (attr == NULL) { in radius_msg_add_mppe_keys()
1389 /* MS-MPPE-Recv-Key */ in radius_msg_add_mppe_keys()
1398 vhdr->vendor_type = RADIUS_VENDOR_ATTR_MS_MPPE_RECV_KEY; in radius_msg_add_mppe_keys()
1405 vhdr->vendor_length = hlen + elen - sizeof(vendor_id); in radius_msg_add_mppe_keys()
1407 attr = radius_msg_add_attr(msg, RADIUS_ATTR_VENDOR_SPECIFIC, in radius_msg_add_mppe_keys()
1410 if (attr == NULL) { in radius_msg_add_mppe_keys()
1421 struct radius_attr_hdr *attr; in radius_msg_add_wfa() local
1435 attr = radius_msg_add_attr(msg, RADIUS_ATTR_VENDOR_SPECIFIC, in radius_msg_add_wfa()
1438 if (attr == NULL) in radius_msg_add_wfa()
1448 struct radius_attr_hdr *attr; in radius_msg_add_ext_vs() local
1461 attr = radius_msg_add_attr(msg, type, buf, alen); in radius_msg_add_ext_vs()
1463 return attr != NULL; in radius_msg_add_ext_vs()
1478 return -1; in radius_user_password_hide()
1484 padlen = 16 - padlen; in radius_user_password_hide()
1493 addr[1] = msg->hdr->authenticator; in radius_user_password_hide()
1504 addr[1] = &buf[pos - 16]; in radius_user_password_hide()
1518 /* Add User-Password attribute to a RADIUS message and encrypt it as specified
1540 struct radius_attr_hdr *attr = NULL, *tmp; in radius_msg_get_attr() local
1543 for (i = 0; i < msg->attr_used; i++) { in radius_msg_get_attr()
1545 if (tmp->type == type) { in radius_msg_get_attr()
1546 attr = tmp; in radius_msg_get_attr()
1551 if (!attr || attr->length < sizeof(*attr)) in radius_msg_get_attr()
1552 return -1; in radius_msg_get_attr()
1554 dlen = attr->length - sizeof(*attr); in radius_msg_get_attr()
1556 os_memcpy(buf, (attr + 1), dlen > len ? len : dlen); in radius_msg_get_attr()
1565 struct radius_attr_hdr *attr = NULL, *tmp; in radius_msg_get_attr_ptr() local
1567 for (i = 0; i < msg->attr_used; i++) { in radius_msg_get_attr_ptr()
1569 if (tmp->type == type && in radius_msg_get_attr_ptr()
1571 attr = tmp; in radius_msg_get_attr_ptr()
1576 if (!attr || attr->length < sizeof(*attr)) in radius_msg_get_attr_ptr()
1577 return -1; in radius_msg_get_attr_ptr()
1579 *buf = (u8 *) (attr + 1); in radius_msg_get_attr_ptr()
1580 *len = attr->length - sizeof(*attr); in radius_msg_get_attr_ptr()
1590 for (count = 0, i = 0; i < msg->attr_used; i++) { in radius_msg_count_attr()
1591 struct radius_attr_hdr *attr = radius_get_attr_hdr(msg, i); in radius_msg_count_attr() local
1592 if (attr->type == type && in radius_msg_count_attr()
1593 attr->length >= sizeof(struct radius_attr_hdr) + min_len) in radius_msg_count_attr()
1603 int type; /* Tunnel-Type */
1604 int medium_type; /* Tunnel-Medium-Type */
1615 return (x - y); in cmp_int()
1620 * radius_msg_get_vlanid - Parse RADIUS attributes for VLAN tunnel information
1636 struct radius_attr_hdr *attr = NULL; in radius_msg_get_vlanid() local
1647 for (i = 0; i < msg->attr_used; i++) { in radius_msg_get_vlanid()
1648 attr = radius_get_attr_hdr(msg, i); in radius_msg_get_vlanid()
1649 if (attr->length < sizeof(*attr)) in radius_msg_get_vlanid()
1650 return -1; in radius_msg_get_vlanid()
1651 data = (const u8 *) (attr + 1); in radius_msg_get_vlanid()
1652 dlen = attr->length - sizeof(*attr); in radius_msg_get_vlanid()
1653 if (attr->length < 3) in radius_msg_get_vlanid()
1660 switch (attr->type) { in radius_msg_get_vlanid()
1662 if (attr->length != 6) in radius_msg_get_vlanid()
1664 tun->tag_used++; in radius_msg_get_vlanid()
1665 tun->type = WPA_GET_BE24(data + 1); in radius_msg_get_vlanid()
1668 if (attr->length != 6) in radius_msg_get_vlanid()
1670 tun->tag_used++; in radius_msg_get_vlanid()
1671 tun->medium_type = WPA_GET_BE24(data + 1); in radius_msg_get_vlanid()
1676 dlen--; in radius_msg_get_vlanid()
1685 tun->tag_used++; in radius_msg_get_vlanid()
1686 tun->vlanid = vlan_id; in radius_msg_get_vlanid()
1689 if (attr->length != 6) in radius_msg_get_vlanid()
1706 if (tun->tag_used && in radius_msg_get_vlanid()
1707 tun->type == RADIUS_TUNNEL_TYPE_VLAN && in radius_msg_get_vlanid()
1708 tun->medium_type == RADIUS_TUNNEL_MEDIUM_TYPE_802 && in radius_msg_get_vlanid()
1709 tun->vlanid > 0) { in radius_msg_get_vlanid()
1710 *untagged = tun->vlanid; in radius_msg_get_vlanid()
1725 * radius_msg_get_tunnel_password - Parse RADIUS attribute Tunnel-Password
1732 * Returns: Pointer to n-th password (free with os_free) or %NULL
1747 struct radius_attr_hdr *attr; in radius_msg_get_tunnel_password() local
1751 size_t fdlen = -1; in radius_msg_get_tunnel_password()
1754 /* find n-th valid Tunnel-Password attribute */ in radius_msg_get_tunnel_password()
1755 for (i = 0; i < msg->attr_used; i++) { in radius_msg_get_tunnel_password()
1756 attr = radius_get_attr_hdr(msg, i); in radius_msg_get_tunnel_password()
1757 if (attr == NULL || in radius_msg_get_tunnel_password()
1758 attr->type != RADIUS_ATTR_TUNNEL_PASSWORD) { in radius_msg_get_tunnel_password()
1761 if (attr->length <= 5) in radius_msg_get_tunnel_password()
1763 data = (const u8 *) (attr + 1); in radius_msg_get_tunnel_password()
1764 dlen = attr->length - sizeof(*attr); in radius_msg_get_tunnel_password()
1789 pos = buf + buflen - 16; /* last block */ in radius_msg_get_tunnel_password()
1793 addr[1] = pos - 16; in radius_msg_get_tunnel_password()
1800 pos -= 16; in radius_msg_get_tunnel_password()
1808 addr[1] = sent_msg->hdr->authenticator; in radius_msg_get_tunnel_password()
1820 /* decryption error - invalid key length */ in radius_msg_get_tunnel_password()
1845 for (i = 0; i < c->count; i++) in radius_free_class()
1846 os_free(c->attr[i].data); in radius_free_class()
1847 os_free(c->attr); in radius_free_class()
1848 c->attr = NULL; in radius_free_class()
1849 c->count = 0; in radius_free_class()
1858 if (src->attr == NULL) in radius_copy_class()
1861 dst->attr = os_calloc(src->count, sizeof(struct radius_attr_data)); in radius_copy_class()
1862 if (dst->attr == NULL) in radius_copy_class()
1863 return -1; in radius_copy_class()
1865 dst->count = 0; in radius_copy_class()
1867 for (i = 0; i < src->count; i++) { in radius_copy_class()
1868 dst->attr[i].data = os_memdup(src->attr[i].data, in radius_copy_class()
1869 src->attr[i].len); in radius_copy_class()
1870 if (dst->attr[i].data == NULL) in radius_copy_class()
1872 dst->count++; in radius_copy_class()
1873 dst->attr[i].len = src->attr[i].len; in radius_copy_class()
1883 struct radius_attr_hdr *attr; in radius_msg_find_unlisted_attr() local
1885 for (i = 0; i < msg->attr_used; i++) { in radius_msg_find_unlisted_attr()
1886 attr = radius_get_attr_hdr(msg, i); in radius_msg_find_unlisted_attr()
1889 if (attr->type == attrs[j]) in radius_msg_find_unlisted_attr()
1894 return attr->type; /* unlisted attr */ in radius_msg_find_unlisted_attr()
1904 * Acct-Session-Id and Acct-Multi-Session-Id should be globally and in radius_gen_session_id()