Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

243 lines
6.6 KiB

  1. ///////////////////////////////////////////////////////////////////////////////
  2. //
  3. // Copyright (c) Microsoft Corp. All rights reserved.
  4. //
  5. // FILE
  6. //
  7. // radpack.h
  8. //
  9. // SYNOPSIS
  10. //
  11. // Declares functions for packing and unpacking RADIUS packets.
  12. //
  13. // MODIFICATION HISTORY
  14. //
  15. // 02/01/2000 Original version.
  16. //
  17. ///////////////////////////////////////////////////////////////////////////////
  18. #ifndef RADPACK_H
  19. #define RADPACK_H
  20. #if _MSC_VER >= 1000
  21. #pragma once
  22. #endif
  23. #ifndef RADIUS_ATTRIBUTE_DEFINED
  24. #define RADIUS_ATTRIBUTE_DEFINED
  25. struct RadiusAttribute
  26. {
  27. BYTE type;
  28. BYTE length;
  29. BYTE* value;
  30. };
  31. #endif // !RADIUS_ATTRIBUTE_DEFINED
  32. enum RadiusPacketCode
  33. {
  34. RADIUS_ACCESS_REQUEST = 1,
  35. RADIUS_ACCESS_ACCEPT = 2,
  36. RADIUS_ACCESS_REJECT = 3,
  37. RADIUS_ACCOUNTING_REQUEST = 4,
  38. RADIUS_ACCOUNTING_RESPONSE = 5,
  39. RADIUS_ACCESS_CHALLENGE = 11
  40. };
  41. enum RadiusAttributeType
  42. {
  43. RADIUS_USER_NAME = 1,
  44. RADIUS_USER_PASSWORD = 2,
  45. RADIUS_CHAP_PASSWORD = 3,
  46. RADIUS_NAS_IP_ADDRESS = 4,
  47. RADIUS_NAS_PORT = 5,
  48. RADIUS_SERVICE_TYPE = 6,
  49. RADIUS_FRAMED_PROTOCOL = 7,
  50. RADIUS_FRAMED_IP_ADDRESS = 8,
  51. RADIUS_FRAMED_IP_NETMASK = 9,
  52. RADIUS_FRAMED_ROUTING = 10,
  53. RADIUS_FILTER_ID = 11,
  54. RADIUS_FRAMED_MTU = 12,
  55. RADIUS_FRAMED_COMPRESSION = 13,
  56. RADIUS_LOGIN_IP_HOST = 14,
  57. RADIUS_LOGIN_SERVICE = 15,
  58. RADIUS_LOGIN_TCP_PORT = 16,
  59. RADIUS_UNASSIGNED = 17,
  60. RADIUS_REPLY_MESSAGE = 18,
  61. RADIUS_CALLBACK_NUMBER = 19,
  62. RADIUS_CALLBACK_ID = 20,
  63. RADIUS_UNASSIGNED2 = 21,
  64. RADIUS_FRAMED_ROUTE = 22,
  65. RADIUS_FRAMED_IPX_NETWORK = 23,
  66. RADIUS_STATE = 24,
  67. RADIUS_CLASS = 25,
  68. RADIUS_VENDOR_SPECIFIC = 26,
  69. RADIUS_SESSION_TIMEOUT = 27,
  70. RADIUS_IDLE_TIMEOUT = 28,
  71. RADIUS_TERMINATION_ACTION = 29,
  72. RADIUS_CALLED_STATION_ID = 30,
  73. RADIUS_CALLING_STATION_ID = 31,
  74. RADIUS_NAS_IDENTIFIER = 32,
  75. RADIUS_PROXY_STATE = 33,
  76. RADIUS_LOGIN_LAT_SERVICE = 34,
  77. RADIUS_LOGIN_LAT_NODE = 35,
  78. RADIUS_LOGIN_LAT_GROUP = 36,
  79. RADIUS_FRAMED_APPLETALK_LINK = 37,
  80. RADIUS_FRAMED_APPLETALK_NETWORK = 38,
  81. RADIUS_FRAMED_APPLETALK_ZONE = 39,
  82. RADIUS_ACCT_STATUS_TYPE = 40,
  83. RADIUS_ACCT_DELAY_TIME = 41,
  84. RADIUS_ACCT_INPUT_OCTETS = 42,
  85. RADIUS_ACCT_OUTPUT_OCTETS = 43,
  86. RADIUS_ACCT_SESSION_ID = 44,
  87. RADIUS_ACCT_AUTHENTIC = 45,
  88. RADIUS_ACCT_SESSION_TIME = 46,
  89. RADIUS_ACCT_INPUT_PACKETS = 47,
  90. RADIUS_ACCT_OUTPUT_PACKETS = 48,
  91. RADIUS_ACCT_TERMINATE_CAUSE = 49,
  92. RADIUS_ACCT_MULTI_SESSION_ID = 50,
  93. RADIUS_ACCT_LINK_COUNT = 51,
  94. RADIUS_CHAP_CHALLENGE = 60,
  95. RADIUS_NAS_PORT_TYPE = 61,
  96. RADIUS_PORT_LIMIT = 62,
  97. RADIUS_LOGIN_LAT_PORT = 63,
  98. RADIUS_TUNNEL_PASSWORD = 69,
  99. RADIUS_EAP_MESSAGE = 79,
  100. RADIUS_SIGNATURE = 80
  101. };
  102. enum MicrosoftVendorType
  103. {
  104. MS_CHAP_MPPE_KEYS = 12,
  105. MS_CHAP_MPPE_SEND_KEYS = 16,
  106. MS_CHAP_MPPE_RECV_KEYS = 17
  107. };
  108. struct RadiusPacket
  109. {
  110. BYTE code;
  111. BYTE identifier;
  112. USHORT length;
  113. const BYTE* authenticator;
  114. RadiusAttribute* begin;
  115. RadiusAttribute* end;
  116. };
  117. // Returns the number of bytes required to encode the packet or zero if the
  118. // packet is too large.
  119. ULONG
  120. WINAPI
  121. GetBufferSizeRequired(
  122. const RadiusPacket& packet,
  123. const RadiusAttribute* proxyState, // May be NULL
  124. BOOL alwaysSign
  125. ) throw ();
  126. // Encodes the packet into 'buffer'. The buffer must be large enough to hold
  127. // the packet and packet.length must be set to the value returned by
  128. // GetBufferSizeRequired.
  129. VOID
  130. WINAPI
  131. PackBuffer(
  132. const BYTE* secret,
  133. ULONG secretLength,
  134. RadiusPacket& packet,
  135. const RadiusAttribute* proxyState,
  136. BOOL alwaysSign,
  137. BYTE* buffer
  138. ) throw ();
  139. // Returns the first occurence of a given attribute type in the packet.
  140. RadiusAttribute*
  141. WINAPI
  142. FindAttribute(
  143. const RadiusPacket& packet,
  144. BYTE type
  145. );
  146. const ULONG MALFORMED_PACKET = (ULONG)-1;
  147. // Returns the number of attributes in the buffer or MALFORMED_PACKET if the
  148. // buffer does not contain a valid RADIUS packet.
  149. ULONG
  150. WINAPI
  151. GetAttributeCount(
  152. const BYTE* buffer,
  153. ULONG bufferLength
  154. ) throw ();
  155. // Unpacks the buffer into packet. packet.begin must point to an array with
  156. // enough room to hold the attributes.
  157. VOID
  158. WINAPI
  159. UnpackBuffer(
  160. BYTE* buffer,
  161. ULONG bufferLength,
  162. RadiusPacket& packet
  163. ) throw ();
  164. // Struct describing how to encrypt an attribute.
  165. struct CryptParameters
  166. {
  167. BOOL encrypted;
  168. BOOL salted;
  169. ULONG offset;
  170. };
  171. // Returns information about how to encrypt/decrypt an attribute.
  172. VOID
  173. WINAPI
  174. GetCryptParameters(
  175. const RadiusAttribute& attr,
  176. CryptParameters& parms
  177. ) throw ();
  178. enum AuthResult
  179. {
  180. AUTH_BAD_AUTHENTICATOR,
  181. AUTH_BAD_SIGNATURE,
  182. AUTH_MISSING_SIGNATURE,
  183. AUTH_UNKNOWN,
  184. AUTH_AUTHENTIC
  185. };
  186. // Authenticates the packet and decrypts the attributes.
  187. AuthResult
  188. WINAPI
  189. AuthenticateAndDecrypt(
  190. const BYTE* requestAuthenticator,
  191. const BYTE* secret,
  192. ULONG secretLength,
  193. BYTE* buffer,
  194. ULONG bufferLength,
  195. RadiusPacket& packet
  196. ) throw ();
  197. // Allocates and initializes a RadiusPacket struct to hold 'nattr' attributes.
  198. #define ALLOC_PACKET(packet, nattr) \
  199. { size_t nbyte = sizeof(RadiusPacket) + (nattr) * sizeof(RadiusAttribute); \
  200. (packet) = (RadiusPacket*)_alloca(nbyte); \
  201. (packet)->begin = (RadiusAttribute*)((packet) + 1); \
  202. (packet)->end = (RadiusAttribute*)((PBYTE)(packet) + nbyte); \
  203. }
  204. // Allocates and initializes a RadiusPacket struct to hold the attributes in
  205. // 'buf'.
  206. #define ALLOC_PACKET_FOR_BUFFER(packet, buf, buflen) \
  207. { size_t nattr = GetAttributeCount(buf, buflen); \
  208. if (nattr != MALFORMED_PACKET) \
  209. ALLOC_PACKET(packet, nattr) \
  210. else \
  211. packet = NULL; \
  212. }
  213. // Allocates a buffer to hold 'packet'.
  214. #define ALLOC_BUFFER_FOR_PACKET(buf, packet, ps, sign) \
  215. { (packet)->length = (USHORT)GetBufferSizeRequired(*(packet), (ps), (sign)); \
  216. (buf) = (PBYTE)((packet)->length ? _alloca((packet)->length) : NULL); \
  217. }
  218. #endif // RADPACK_H