summaryrefslogtreecommitdiff
path: root/src/libcharon/plugins/eap_radius/radius_socket.h
blob: fe8491a8feb3feab22923e46e10467781adff8fc (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
/*
 * Copyright (C) 2010 Martin Willi
 * Copyright (C) 2010 revosec AG
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

/**
 * @defgroup radius_socket radius_socket
 * @{ @ingroup eap_radius
 */

#ifndef RADIUS_SOCKET_H_
#define RADIUS_SOCKET_H_

typedef struct radius_socket_t radius_socket_t;

#include "radius_message.h"

#include <utils/host.h>

/**
 * RADIUS socket to a server.
 */
struct radius_socket_t {

	/**
	 * Send a RADIUS request, wait for response.

	 * The socket fills in RADIUS Message identifier, builds a
	 * Request-Authenticator and calculates the Message-Authenticator
	 * attribute.
	 * The received response gets verified using the Response-Identifier
	 * and the Message-Authenticator attribute.
	 *
	 * @param request		request message
	 * @return				response message, NULL if timed out
	 */
	radius_message_t* (*request)(radius_socket_t *this,
								 radius_message_t *request);

	/**
	 * Decrypt the MSK encoded in a messages MS-MPPE-Send/Recv-Key.
	 *
	 * @param request		associated RADIUS request message
	 * @param response		RADIUS response message containing attributes
	 * @return				allocated MSK, empty chunk if none found
	 */
	chunk_t (*decrypt_msk)(radius_socket_t *this, radius_message_t *request,
						   radius_message_t *response);

	/**
	 * Destroy a radius_socket_t.
	 */
	void (*destroy)(radius_socket_t *this);
};

/**
 * Create a radius_socket instance.
 *
 * @param host		RADIUS server address to connect to
 * @param secret	RADIUS secret
 */
radius_socket_t *radius_socket_create(host_t *host, chunk_t secret);

#endif /** RADIUS_SOCKET_H_ @}*/