Lines Matching refs:h
76 clear_password(struct rad_handle *h) in clear_password() argument
78 if (h->pass_len != 0) { in clear_password()
79 explicit_bzero(h->pass, h->pass_len); in clear_password()
80 h->pass_len = 0; in clear_password()
82 h->pass_pos = 0; in clear_password()
86 generr(struct rad_handle *h, const char *format, ...) in generr() argument
91 vsnprintf(h->errmsg, ERRSIZE, format, ap); in generr()
96 insert_scrambled_password(struct rad_handle *h, int srv) in insert_scrambled_password() argument
104 srvp = &h->servers[srv]; in insert_scrambled_password()
105 padded_len = h->pass_len == 0 ? 16 : (h->pass_len+15) & ~0xf; in insert_scrambled_password()
107 memcpy(md5, &h->out[POS_AUTH], LEN_AUTH); in insert_scrambled_password()
124 h->out[h->pass_pos + pos + i] = in insert_scrambled_password()
125 md5[i] ^= h->pass[pos + i]; in insert_scrambled_password()
130 insert_request_authenticator(struct rad_handle *h, int resp) in insert_request_authenticator() argument
135 srvp = &h->servers[h->srv]; in insert_request_authenticator()
139 MD5Update(&ctx, &h->out[POS_CODE], POS_AUTH - POS_CODE); in insert_request_authenticator()
141 MD5Update(&ctx, &h->in[POS_AUTH], LEN_AUTH); in insert_request_authenticator()
143 MD5Update(&ctx, &h->out[POS_AUTH], LEN_AUTH); in insert_request_authenticator()
144 MD5Update(&ctx, &h->out[POS_ATTRS], h->out_len - POS_ATTRS); in insert_request_authenticator()
146 MD5Final(&h->out[POS_AUTH], &ctx); in insert_request_authenticator()
150 insert_message_authenticator(struct rad_handle *h, int resp) in insert_message_authenticator() argument
157 srvp = &h->servers[h->srv]; in insert_message_authenticator()
159 if (h->authentic_pos != 0) { in insert_message_authenticator()
162 HMAC_Update(ctx, &h->out[POS_CODE], POS_AUTH - POS_CODE); in insert_message_authenticator()
164 HMAC_Update(ctx, &h->in[POS_AUTH], LEN_AUTH); in insert_message_authenticator()
166 HMAC_Update(ctx, &h->out[POS_AUTH], LEN_AUTH); in insert_message_authenticator()
167 HMAC_Update(ctx, &h->out[POS_ATTRS], in insert_message_authenticator()
168 h->out_len - POS_ATTRS); in insert_message_authenticator()
171 memcpy(&h->out[h->authentic_pos + 2], md, md_len); in insert_message_authenticator()
181 is_valid_response(struct rad_handle *h, int srv, in is_valid_response() argument
197 srvp = &h->servers[srv]; in is_valid_response()
206 if (h->in_len < POS_ATTRS) in is_valid_response()
208 len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; in is_valid_response()
209 if (len < POS_ATTRS || len > h->in_len) in is_valid_response()
214 MD5Update(&ctx, &h->in[POS_CODE], POS_AUTH - POS_CODE); in is_valid_response()
215 MD5Update(&ctx, &h->out[POS_AUTH], LEN_AUTH); in is_valid_response()
216 MD5Update(&ctx, &h->in[POS_ATTRS], len - POS_ATTRS); in is_valid_response()
219 if (memcmp(&h->in[POS_AUTH], md5, sizeof md5) != 0) in is_valid_response()
227 if (h->in[POS_CODE] != RAD_ACCOUNTING_RESPONSE) { in is_valid_response()
229 memcpy(resp, h->in, MSGSIZE); in is_valid_response()
235 if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { in is_valid_response()
236 if (h->in[pos + 1] != MD5_DIGEST_LENGTH + 2) { in is_valid_response()
249 HMAC_Update(hctx, &h->in[POS_CODE], in is_valid_response()
251 HMAC_Update(hctx, &h->out[POS_AUTH], in is_valid_response()
254 h->in_len - POS_ATTRS); in is_valid_response()
257 if (memcmp(md, &h->in[pos + 2], in is_valid_response()
264 alen = h->in[pos + 1]; in is_valid_response()
281 is_valid_request(struct rad_handle *h) in is_valid_request() argument
295 srvp = &h->servers[h->srv]; in is_valid_request()
298 if (h->in_len < POS_ATTRS) in is_valid_request()
300 len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; in is_valid_request()
301 if (len < POS_ATTRS || len > h->in_len) in is_valid_request()
304 if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) { in is_valid_request()
308 MD5Update(&ctx, &h->in[POS_CODE], POS_AUTH - POS_CODE); in is_valid_request()
310 MD5Update(&ctx, &h->in[POS_ATTRS], len - POS_ATTRS); in is_valid_request()
313 if (memcmp(&h->in[POS_AUTH], md5, sizeof md5) != 0) in is_valid_request()
322 alen = h->in[pos + 1]; in is_valid_request()
327 if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { in is_valid_request()
336 memcpy(resp, h->in, MSGSIZE); in is_valid_request()
338 if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) in is_valid_request()
345 HMAC_Update(hctx, resp, h->in_len); in is_valid_request()
348 if (memcmp(md, &h->in[pos + 2], in is_valid_request()
363 put_password_attr(struct rad_handle *h, int type, const void *value, size_t len) in put_password_attr() argument
368 if (h->pass_pos != 0) { in put_password_attr()
369 generr(h, "Multiple User-Password attributes specified"); in put_password_attr()
381 clear_password(h); in put_password_attr()
382 put_raw_attr(h, type, h->pass, padded_len); in put_password_attr()
383 h->pass_pos = h->out_len - padded_len; in put_password_attr()
386 memcpy(h->pass, value, len); in put_password_attr()
387 h->pass_len = len; in put_password_attr()
388 memset(h->pass + len, 0, pad_len); in put_password_attr()
393 put_raw_attr(struct rad_handle *h, int type, const void *value, size_t len) in put_raw_attr() argument
396 generr(h, "Attribute too long"); in put_raw_attr()
399 if (h->out_len + 2 + len > MSGSIZE) { in put_raw_attr()
400 generr(h, "Maximum message length exceeded"); in put_raw_attr()
403 h->out[h->out_len++] = type; in put_raw_attr()
404 h->out[h->out_len++] = len + 2; in put_raw_attr()
405 memcpy(&h->out[h->out_len], value, len); in put_raw_attr()
406 h->out_len += len; in put_raw_attr()
411 rad_add_server(struct rad_handle *h, const char *host, int port, in rad_add_server() argument
417 return rad_add_server_ex(h, host, port, secret, timeout, tries, in rad_add_server()
422 rad_add_server_ex(struct rad_handle *h, const char *host, int port, in rad_add_server_ex() argument
428 if (h->num_servers >= MAXSERVERS) { in rad_add_server_ex()
429 generr(h, "Too many RADIUS servers specified"); in rad_add_server_ex()
432 srvp = &h->servers[h->num_servers]; in rad_add_server_ex()
441 generr(h, "%s: host not found", host); in rad_add_server_ex()
452 if (h->type == RADIUS_AUTH) in rad_add_server_ex()
462 generr(h, "Out of memory"); in rad_add_server_ex()
472 h->num_servers++; in rad_add_server_ex()
477 rad_close(struct rad_handle *h) in rad_close() argument
481 if (h->fd != -1) in rad_close()
482 close(h->fd); in rad_close()
483 for (srv = 0; srv < h->num_servers; srv++) { in rad_close()
484 memset(h->servers[srv].secret, 0, in rad_close()
485 strlen(h->servers[srv].secret)); in rad_close()
486 free(h->servers[srv].secret); in rad_close()
488 clear_password(h); in rad_close()
489 free(h); in rad_close()
493 rad_bind_to(struct rad_handle *h, in_addr_t addr) in rad_bind_to() argument
496 h->bindto = addr; in rad_bind_to()
500 rad_config(struct rad_handle *h, const char *path) in rad_config() argument
510 generr(h, "Cannot open \"%s\": %s", path, strerror(errno)); in rad_config()
542 generr(h, "%s:%d: line too long", path, in rad_config()
545 generr(h, "%s:%d: missing newline", path, in rad_config()
555 generr(h, "%s:%d: %s", path, linenum, msg); in rad_config()
570 generr(h, "%s:%d: invalid service type", path, in rad_config()
581 generr(h, "%s:%d: missing shared secret", path, in rad_config()
595 wanttype = h->type == RADIUS_AUTH ? "auth" : "acct"; in rad_config()
606 generr(h, "%s:%d: invalid port", path, in rad_config()
616 generr(h, "%s:%d: invalid timeout", path, in rad_config()
626 generr(h, "%s:%d: invalid maxtries", path, in rad_config()
637 generr(h, "%s:%d: invalid dead_time", path, in rad_config()
648 generr(h, "%s:%d: invalid bindto", path, in rad_config()
656 if (rad_add_server_ex(h, host, port, secret, timeout, maxtries, in rad_config()
658 strcpy(msg, h->errmsg); in rad_config()
659 generr(h, "%s:%d: %s", path, linenum, msg); in rad_config()
679 rad_continue_send_request(struct rad_handle *h, int selected, int *fd, in rad_continue_send_request() argument
686 if (h->type == RADIUS_SERVER) { in rad_continue_send_request()
687 generr(h, "denied function call"); in rad_continue_send_request()
695 h->in_len = recvfrom(h->fd, h->in, in rad_continue_send_request()
697 if (h->in_len == -1) { in rad_continue_send_request()
698 generr(h, "recvfrom: %s", strerror(errno)); in rad_continue_send_request()
701 if (is_valid_response(h, h->srv, &from)) { in rad_continue_send_request()
702 h->in_len = h->in[POS_LENGTH] << 8 | in rad_continue_send_request()
703 h->in[POS_LENGTH+1]; in rad_continue_send_request()
704 h->in_pos = POS_ATTRS; in rad_continue_send_request()
705 return h->in[POS_CODE]; in rad_continue_send_request()
714 cur_srv = h->srv; in rad_continue_send_request()
716 if (h->servers[h->srv].num_tries >= h->servers[h->srv].max_tries) { in rad_continue_send_request()
718 if (h->servers[h->srv].dead_time) { in rad_continue_send_request()
719 h->servers[h->srv].is_dead = 1; in rad_continue_send_request()
720 h->servers[h->srv].next_probe = now + in rad_continue_send_request()
721 h->servers[h->srv].dead_time; in rad_continue_send_request()
724 h->srv++; in rad_continue_send_request()
725 if (h->srv >= h->num_servers) in rad_continue_send_request()
726 h->srv = 0; in rad_continue_send_request()
727 if (h->servers[h->srv].is_dead == 0) in rad_continue_send_request()
729 if (h->servers[h->srv].dead_time && in rad_continue_send_request()
730 h->servers[h->srv].next_probe <= now) { in rad_continue_send_request()
731 h->servers[h->srv].is_dead = 0; in rad_continue_send_request()
732 h->servers[h->srv].num_tries = 0; in rad_continue_send_request()
735 } while (h->srv != cur_srv); in rad_continue_send_request()
737 if (h->srv == cur_srv) { in rad_continue_send_request()
738 generr(h, "No valid RADIUS responses received"); in rad_continue_send_request()
744 if (h->bindto != h->servers[h->srv].bindto) { in rad_continue_send_request()
745 h->bindto = h->servers[h->srv].bindto; in rad_continue_send_request()
746 close(h->fd); in rad_continue_send_request()
747 if ((h->fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1) { in rad_continue_send_request()
748 generr(h, "Cannot create socket: %s", strerror(errno)); in rad_continue_send_request()
754 sin.sin_addr.s_addr = h->bindto; in rad_continue_send_request()
756 if (bind(h->fd, (const struct sockaddr *)&sin, in rad_continue_send_request()
758 generr(h, "bind: %s", strerror(errno)); in rad_continue_send_request()
759 close(h->fd); in rad_continue_send_request()
760 h->fd = -1; in rad_continue_send_request()
765 if (h->out[POS_CODE] == RAD_ACCESS_REQUEST) { in rad_continue_send_request()
767 if (h->pass_pos != 0) in rad_continue_send_request()
768 insert_scrambled_password(h, h->srv); in rad_continue_send_request()
770 insert_message_authenticator(h, 0); in rad_continue_send_request()
772 if (h->out[POS_CODE] != RAD_ACCESS_REQUEST) { in rad_continue_send_request()
774 memset(&h->out[POS_AUTH], 0, LEN_AUTH); in rad_continue_send_request()
775 insert_request_authenticator(h, 0); in rad_continue_send_request()
779 n = sendto(h->fd, h->out, h->out_len, 0, in rad_continue_send_request()
780 (const struct sockaddr *)&h->servers[h->srv].addr, in rad_continue_send_request()
781 sizeof h->servers[h->srv].addr); in rad_continue_send_request()
782 if (n != h->out_len) in rad_continue_send_request()
785 tv->tv_sec = h->servers[h->srv].timeout; in rad_continue_send_request()
786 h->servers[h->srv].num_tries++; in rad_continue_send_request()
788 *fd = h->fd; in rad_continue_send_request()
794 rad_receive_request(struct rad_handle *h) in rad_receive_request() argument
800 if (h->type != RADIUS_SERVER) { in rad_receive_request()
801 generr(h, "denied function call"); in rad_receive_request()
804 h->srv = -1; in rad_receive_request()
806 h->in_len = recvfrom(h->fd, h->in, in rad_receive_request()
808 if (h->in_len == -1) { in rad_receive_request()
809 generr(h, "recvfrom: %s", strerror(errno)); in rad_receive_request()
812 for (n = 0; n < h->num_servers; n++) { in rad_receive_request()
813 if (h->servers[n].addr.sin_addr.s_addr == from.sin_addr.s_addr) { in rad_receive_request()
814 h->servers[n].addr.sin_port = from.sin_port; in rad_receive_request()
815 h->srv = n; in rad_receive_request()
819 if (h->srv == -1) in rad_receive_request()
821 if (is_valid_request(h)) { in rad_receive_request()
822 h->in_len = h->in[POS_LENGTH] << 8 | in rad_receive_request()
823 h->in[POS_LENGTH+1]; in rad_receive_request()
824 h->in_pos = POS_ATTRS; in rad_receive_request()
825 return (h->in[POS_CODE]); in rad_receive_request()
831 rad_send_response(struct rad_handle *h) in rad_send_response() argument
835 if (h->type != RADIUS_SERVER) { in rad_send_response()
836 generr(h, "denied function call"); in rad_send_response()
840 h->out[POS_LENGTH] = h->out_len >> 8; in rad_send_response()
841 h->out[POS_LENGTH+1] = h->out_len; in rad_send_response()
843 insert_message_authenticator(h, in rad_send_response()
844 (h->in[POS_CODE] == RAD_ACCESS_REQUEST) ? 1 : 0); in rad_send_response()
845 insert_request_authenticator(h, 1); in rad_send_response()
848 n = sendto(h->fd, h->out, h->out_len, 0, in rad_send_response()
849 (const struct sockaddr *)&h->servers[h->srv].addr, in rad_send_response()
850 sizeof h->servers[h->srv].addr); in rad_send_response()
851 if (n != h->out_len) { in rad_send_response()
853 generr(h, "sendto: %s", strerror(errno)); in rad_send_response()
855 generr(h, "sendto: short write"); in rad_send_response()
863 rad_create_request(struct rad_handle *h, int code) in rad_create_request() argument
867 if (h->type == RADIUS_SERVER) { in rad_create_request()
868 generr(h, "denied function call"); in rad_create_request()
871 if (h->num_servers == 0) { in rad_create_request()
872 generr(h, "No RADIUS servers specified"); in rad_create_request()
875 h->out[POS_CODE] = code; in rad_create_request()
876 h->out[POS_IDENT] = ++h->ident; in rad_create_request()
882 h->out[POS_AUTH+i] = (u_char)r; in rad_create_request()
883 h->out[POS_AUTH+i+1] = (u_char)(r >> 8); in rad_create_request()
886 memset(&h->out[POS_AUTH], 0, LEN_AUTH); in rad_create_request()
887 h->out_len = POS_ATTRS; in rad_create_request()
888 clear_password(h); in rad_create_request()
889 h->authentic_pos = 0; in rad_create_request()
890 h->out_created = 1; in rad_create_request()
895 rad_create_response(struct rad_handle *h, int code) in rad_create_response() argument
898 if (h->type != RADIUS_SERVER) { in rad_create_response()
899 generr(h, "denied function call"); in rad_create_response()
902 h->out[POS_CODE] = code; in rad_create_response()
903 h->out[POS_IDENT] = h->in[POS_IDENT]; in rad_create_response()
904 memset(&h->out[POS_AUTH], 0, LEN_AUTH); in rad_create_response()
905 h->out_len = POS_ATTRS; in rad_create_response()
906 clear_password(h); in rad_create_response()
907 h->authentic_pos = 0; in rad_create_response()
908 h->out_created = 1; in rad_create_response()
957 rad_get_attr(struct rad_handle *h, const void **value, size_t *lenp) in rad_get_attr() argument
961 if (h->in_pos >= h->in_len) in rad_get_attr()
963 if (h->in_pos + 2 > h->in_len) { in rad_get_attr()
964 generr(h, "Malformed attribute in response"); in rad_get_attr()
967 type = h->in[h->in_pos++]; in rad_get_attr()
968 len = h->in[h->in_pos++]; in rad_get_attr()
970 generr(h, "Malformed attribute in response"); in rad_get_attr()
974 if (h->in_pos + len > h->in_len) { in rad_get_attr()
975 generr(h, "Malformed attribute in response"); in rad_get_attr()
979 *value = &h->in[h->in_pos]; in rad_get_attr()
980 h->in_pos += len; in rad_get_attr()
988 rad_init_send_request(struct rad_handle *h, int *fd, struct timeval *tv) in rad_init_send_request() argument
994 if (h->type == RADIUS_SERVER) { in rad_init_send_request()
995 generr(h, "denied function call"); in rad_init_send_request()
999 if (h->fd == -1) { in rad_init_send_request()
1000 if ((h->fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1) { in rad_init_send_request()
1001 generr(h, "Cannot create socket: %s", strerror(errno)); in rad_init_send_request()
1007 sin.sin_addr.s_addr = h->bindto; in rad_init_send_request()
1009 if (bind(h->fd, (const struct sockaddr *)&sin, in rad_init_send_request()
1011 generr(h, "bind: %s", strerror(errno)); in rad_init_send_request()
1012 close(h->fd); in rad_init_send_request()
1013 h->fd = -1; in rad_init_send_request()
1018 if (h->out[POS_CODE] != RAD_ACCESS_REQUEST) { in rad_init_send_request()
1020 if (h->pass_pos || h->chap_pass) { in rad_init_send_request()
1021 generr(h, "User or Chap Password" in rad_init_send_request()
1026 if (h->eap_msg == 0) { in rad_init_send_request()
1028 if (h->pass_pos == 0 && !h->chap_pass) { in rad_init_send_request()
1029 generr(h, "No User or Chap Password" in rad_init_send_request()
1033 if (h->pass_pos != 0 && h->chap_pass) { in rad_init_send_request()
1034 generr(h, "Both User and Chap Password" in rad_init_send_request()
1042 h->out[POS_LENGTH] = h->out_len >> 8; in rad_init_send_request()
1043 h->out[POS_LENGTH+1] = h->out_len; in rad_init_send_request()
1045 h->srv = 0; in rad_init_send_request()
1047 for (srv = 0; srv < h->num_servers; srv++) in rad_init_send_request()
1048 h->servers[srv].num_tries = 0; in rad_init_send_request()
1050 for (srv = 0; srv < h->num_servers; srv++) { in rad_init_send_request()
1051 if (h->servers[srv].is_dead == 0) in rad_init_send_request()
1053 if (h->servers[srv].dead_time && in rad_init_send_request()
1054 h->servers[srv].next_probe <= now) { in rad_init_send_request()
1055 h->servers[srv].is_dead = 0; in rad_init_send_request()
1058 h->srv++; in rad_init_send_request()
1062 if (h->srv == h->num_servers) { in rad_init_send_request()
1063 for (srv = 0; srv < h->num_servers; srv++) { in rad_init_send_request()
1064 h->servers[srv].is_dead = 0; in rad_init_send_request()
1065 h->servers[srv].next_probe = 0; in rad_init_send_request()
1067 h->srv = 0; in rad_init_send_request()
1070 return rad_continue_send_request(h, 0, fd, tv); in rad_init_send_request()
1081 struct rad_handle *h; in rad_auth_open() local
1083 h = (struct rad_handle *)malloc(sizeof(struct rad_handle)); in rad_auth_open()
1084 if (h != NULL) { in rad_auth_open()
1085 h->fd = -1; in rad_auth_open()
1086 h->num_servers = 0; in rad_auth_open()
1087 h->ident = arc4random(); in rad_auth_open()
1088 h->errmsg[0] = '\0'; in rad_auth_open()
1089 memset(h->pass, 0, sizeof h->pass); in rad_auth_open()
1090 h->pass_len = 0; in rad_auth_open()
1091 h->pass_pos = 0; in rad_auth_open()
1092 h->chap_pass = 0; in rad_auth_open()
1093 h->authentic_pos = 0; in rad_auth_open()
1094 h->type = RADIUS_AUTH; in rad_auth_open()
1095 h->out_created = 0; in rad_auth_open()
1096 h->eap_msg = 0; in rad_auth_open()
1097 h->bindto = INADDR_ANY; in rad_auth_open()
1099 return h; in rad_auth_open()
1105 struct rad_handle *h; in rad_acct_open() local
1107 h = rad_open(); in rad_acct_open()
1108 if (h != NULL) in rad_acct_open()
1109 h->type = RADIUS_ACCT; in rad_acct_open()
1110 return h; in rad_acct_open()
1116 struct rad_handle *h; in rad_server_open() local
1118 h = rad_open(); in rad_server_open()
1119 if (h != NULL) { in rad_server_open()
1120 h->type = RADIUS_SERVER; in rad_server_open()
1121 h->fd = fd; in rad_server_open()
1123 return h; in rad_server_open()
1133 rad_put_addr(struct rad_handle *h, int type, struct in_addr addr) in rad_put_addr() argument
1135 return rad_put_attr(h, type, &addr.s_addr, sizeof addr.s_addr); in rad_put_addr()
1139 rad_put_addr6(struct rad_handle *h, int type, struct in6_addr addr) in rad_put_addr6() argument
1142 return rad_put_attr(h, type, &addr.s6_addr, sizeof addr.s6_addr); in rad_put_addr6()
1146 rad_put_attr(struct rad_handle *h, int type, const void *value, size_t len) in rad_put_attr() argument
1150 if (!h->out_created) { in rad_put_attr()
1151 generr(h, "Please call rad_create_request()" in rad_put_attr()
1156 if (h->out[POS_CODE] == RAD_ACCOUNTING_REQUEST) { in rad_put_attr()
1158 generr(h, "EAP-Message attribute is not valid" in rad_put_attr()
1169 if (rad_put_message_authentic(h) == -1) in rad_put_attr()
1174 result = put_password_attr(h, type, value, len); in rad_put_attr()
1176 result = rad_put_message_authentic(h); in rad_put_attr()
1178 result = put_raw_attr(h, type, value, len); in rad_put_attr()
1181 h->chap_pass = 1; in rad_put_attr()
1183 h->eap_msg = 1; in rad_put_attr()
1191 rad_put_int(struct rad_handle *h, int type, u_int32_t value) in rad_put_int() argument
1196 return rad_put_attr(h, type, &nvalue, sizeof nvalue); in rad_put_int()
1200 rad_put_string(struct rad_handle *h, int type, const char *str) in rad_put_string() argument
1202 return rad_put_attr(h, type, str, strlen(str)); in rad_put_string()
1206 rad_put_message_authentic(struct rad_handle *h) in rad_put_message_authentic() argument
1211 if (h->out[POS_CODE] == RAD_ACCOUNTING_REQUEST) { in rad_put_message_authentic()
1212 generr(h, "Message-Authenticator is not valid" in rad_put_message_authentic()
1217 if (h->authentic_pos == 0) { in rad_put_message_authentic()
1218 h->authentic_pos = h->out_len; in rad_put_message_authentic()
1220 return (put_raw_attr(h, RAD_MESSAGE_AUTHENTIC, md_zero, in rad_put_message_authentic()
1225 generr(h, "Message Authenticator not supported," in rad_put_message_authentic()
1235 rad_send_request(struct rad_handle *h) in rad_send_request() argument
1242 n = rad_init_send_request(h, &fd, &tv); in rad_send_request()
1259 generr(h, "select: %s", strerror(errno)); in rad_send_request()
1272 n = rad_continue_send_request(h, n, &fd, &tv); in rad_send_request()
1283 rad_strerror(struct rad_handle *h) in rad_strerror() argument
1285 return h->errmsg; in rad_strerror()
1380 rad_put_vendor_addr(struct rad_handle *h, int vendor, int type, in rad_put_vendor_addr() argument
1383 return (rad_put_vendor_attr(h, vendor, type, &addr.s_addr, in rad_put_vendor_addr()
1388 rad_put_vendor_addr6(struct rad_handle *h, int vendor, int type, in rad_put_vendor_addr6() argument
1392 return (rad_put_vendor_attr(h, vendor, type, &addr.s6_addr, in rad_put_vendor_addr6()
1397 rad_put_vendor_attr(struct rad_handle *h, int vendor, int type, in rad_put_vendor_attr() argument
1403 if (!h->out_created) { in rad_put_vendor_attr()
1404 generr(h, "Please call rad_create_request()" in rad_put_vendor_attr()
1410 generr(h, "malloc failure (%zu bytes)", len + 6); in rad_put_vendor_attr()
1419 res = put_raw_attr(h, RAD_VENDOR_SPECIFIC, attr, len + 6); in rad_put_vendor_attr()
1424 h->chap_pass = 1; in rad_put_vendor_attr()
1430 rad_put_vendor_int(struct rad_handle *h, int vendor, int type, u_int32_t i) in rad_put_vendor_int() argument
1435 return (rad_put_vendor_attr(h, vendor, type, &value, sizeof value)); in rad_put_vendor_int()
1439 rad_put_vendor_string(struct rad_handle *h, int vendor, int type, in rad_put_vendor_string() argument
1442 return (rad_put_vendor_attr(h, vendor, type, str, strlen(str))); in rad_put_vendor_string()
1446 rad_request_authenticator(struct rad_handle *h, char *buf, size_t len) in rad_request_authenticator() argument
1450 memcpy(buf, h->out + POS_AUTH, LEN_AUTH); in rad_request_authenticator()
1457 rad_demangle(struct rad_handle *h, const void *mangled, size_t mlen) in rad_demangle() argument
1466 generr(h, "Cannot interpret mangled data of length %lu", in rad_demangle()
1474 S = rad_server_secret(h); in rad_demangle()
1477 if (rad_request_authenticator(h, R, sizeof R) != LEN_AUTH) { in rad_demangle()
1478 generr(h, "Cannot obtain the RADIUS request authenticator"); in rad_demangle()
1511 rad_demangle_mppe_key(struct rad_handle *h, const void *mangled, in rad_demangle_mppe_key() argument
1523 generr(h, "Cannot interpret mangled data of length %lu", in rad_demangle_mppe_key()
1529 if (rad_request_authenticator(h, R, sizeof R) != LEN_AUTH) { in rad_demangle_mppe_key()
1530 generr(h, "Cannot obtain the RADIUS request authenticator"); in rad_demangle_mppe_key()
1537 S = rad_server_secret(h); /* We need the RADIUS secret */ in rad_demangle_mppe_key()
1570 generr(h, "Mangled data seems to be garbage %zu %zu", in rad_demangle_mppe_key()
1576 generr(h, "Key to long (%zu) for me max. %d", in rad_demangle_mppe_key()
1589 rad_server_secret(struct rad_handle *h) in rad_server_secret() argument
1591 return (h->servers[h->srv].secret); in rad_server_secret()