Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

243 lines
6.6 KiB

///////////////////////////////////////////////////////////////////////////////
//
// Copyright (c) Microsoft Corp. All rights reserved.
//
// FILE
//
// radpack.h
//
// SYNOPSIS
//
// Declares functions for packing and unpacking RADIUS packets.
//
// MODIFICATION HISTORY
//
// 02/01/2000 Original version.
//
///////////////////////////////////////////////////////////////////////////////
#ifndef RADPACK_H
#define RADPACK_H
#if _MSC_VER >= 1000
#pragma once
#endif
#ifndef RADIUS_ATTRIBUTE_DEFINED
#define RADIUS_ATTRIBUTE_DEFINED
struct RadiusAttribute
{
BYTE type;
BYTE length;
BYTE* value;
};
#endif // !RADIUS_ATTRIBUTE_DEFINED
enum RadiusPacketCode
{
RADIUS_ACCESS_REQUEST = 1,
RADIUS_ACCESS_ACCEPT = 2,
RADIUS_ACCESS_REJECT = 3,
RADIUS_ACCOUNTING_REQUEST = 4,
RADIUS_ACCOUNTING_RESPONSE = 5,
RADIUS_ACCESS_CHALLENGE = 11
};
enum RadiusAttributeType
{
RADIUS_USER_NAME = 1,
RADIUS_USER_PASSWORD = 2,
RADIUS_CHAP_PASSWORD = 3,
RADIUS_NAS_IP_ADDRESS = 4,
RADIUS_NAS_PORT = 5,
RADIUS_SERVICE_TYPE = 6,
RADIUS_FRAMED_PROTOCOL = 7,
RADIUS_FRAMED_IP_ADDRESS = 8,
RADIUS_FRAMED_IP_NETMASK = 9,
RADIUS_FRAMED_ROUTING = 10,
RADIUS_FILTER_ID = 11,
RADIUS_FRAMED_MTU = 12,
RADIUS_FRAMED_COMPRESSION = 13,
RADIUS_LOGIN_IP_HOST = 14,
RADIUS_LOGIN_SERVICE = 15,
RADIUS_LOGIN_TCP_PORT = 16,
RADIUS_UNASSIGNED = 17,
RADIUS_REPLY_MESSAGE = 18,
RADIUS_CALLBACK_NUMBER = 19,
RADIUS_CALLBACK_ID = 20,
RADIUS_UNASSIGNED2 = 21,
RADIUS_FRAMED_ROUTE = 22,
RADIUS_FRAMED_IPX_NETWORK = 23,
RADIUS_STATE = 24,
RADIUS_CLASS = 25,
RADIUS_VENDOR_SPECIFIC = 26,
RADIUS_SESSION_TIMEOUT = 27,
RADIUS_IDLE_TIMEOUT = 28,
RADIUS_TERMINATION_ACTION = 29,
RADIUS_CALLED_STATION_ID = 30,
RADIUS_CALLING_STATION_ID = 31,
RADIUS_NAS_IDENTIFIER = 32,
RADIUS_PROXY_STATE = 33,
RADIUS_LOGIN_LAT_SERVICE = 34,
RADIUS_LOGIN_LAT_NODE = 35,
RADIUS_LOGIN_LAT_GROUP = 36,
RADIUS_FRAMED_APPLETALK_LINK = 37,
RADIUS_FRAMED_APPLETALK_NETWORK = 38,
RADIUS_FRAMED_APPLETALK_ZONE = 39,
RADIUS_ACCT_STATUS_TYPE = 40,
RADIUS_ACCT_DELAY_TIME = 41,
RADIUS_ACCT_INPUT_OCTETS = 42,
RADIUS_ACCT_OUTPUT_OCTETS = 43,
RADIUS_ACCT_SESSION_ID = 44,
RADIUS_ACCT_AUTHENTIC = 45,
RADIUS_ACCT_SESSION_TIME = 46,
RADIUS_ACCT_INPUT_PACKETS = 47,
RADIUS_ACCT_OUTPUT_PACKETS = 48,
RADIUS_ACCT_TERMINATE_CAUSE = 49,
RADIUS_ACCT_MULTI_SESSION_ID = 50,
RADIUS_ACCT_LINK_COUNT = 51,
RADIUS_CHAP_CHALLENGE = 60,
RADIUS_NAS_PORT_TYPE = 61,
RADIUS_PORT_LIMIT = 62,
RADIUS_LOGIN_LAT_PORT = 63,
RADIUS_TUNNEL_PASSWORD = 69,
RADIUS_EAP_MESSAGE = 79,
RADIUS_SIGNATURE = 80
};
enum MicrosoftVendorType
{
MS_CHAP_MPPE_KEYS = 12,
MS_CHAP_MPPE_SEND_KEYS = 16,
MS_CHAP_MPPE_RECV_KEYS = 17
};
struct RadiusPacket
{
BYTE code;
BYTE identifier;
USHORT length;
const BYTE* authenticator;
RadiusAttribute* begin;
RadiusAttribute* end;
};
// Returns the number of bytes required to encode the packet or zero if the
// packet is too large.
ULONG
WINAPI
GetBufferSizeRequired(
const RadiusPacket& packet,
const RadiusAttribute* proxyState, // May be NULL
BOOL alwaysSign
) throw ();
// Encodes the packet into 'buffer'. The buffer must be large enough to hold
// the packet and packet.length must be set to the value returned by
// GetBufferSizeRequired.
VOID
WINAPI
PackBuffer(
const BYTE* secret,
ULONG secretLength,
RadiusPacket& packet,
const RadiusAttribute* proxyState,
BOOL alwaysSign,
BYTE* buffer
) throw ();
// Returns the first occurence of a given attribute type in the packet.
RadiusAttribute*
WINAPI
FindAttribute(
const RadiusPacket& packet,
BYTE type
);
const ULONG MALFORMED_PACKET = (ULONG)-1;
// Returns the number of attributes in the buffer or MALFORMED_PACKET if the
// buffer does not contain a valid RADIUS packet.
ULONG
WINAPI
GetAttributeCount(
const BYTE* buffer,
ULONG bufferLength
) throw ();
// Unpacks the buffer into packet. packet.begin must point to an array with
// enough room to hold the attributes.
VOID
WINAPI
UnpackBuffer(
BYTE* buffer,
ULONG bufferLength,
RadiusPacket& packet
) throw ();
// Struct describing how to encrypt an attribute.
struct CryptParameters
{
BOOL encrypted;
BOOL salted;
ULONG offset;
};
// Returns information about how to encrypt/decrypt an attribute.
VOID
WINAPI
GetCryptParameters(
const RadiusAttribute& attr,
CryptParameters& parms
) throw ();
enum AuthResult
{
AUTH_BAD_AUTHENTICATOR,
AUTH_BAD_SIGNATURE,
AUTH_MISSING_SIGNATURE,
AUTH_UNKNOWN,
AUTH_AUTHENTIC
};
// Authenticates the packet and decrypts the attributes.
AuthResult
WINAPI
AuthenticateAndDecrypt(
const BYTE* requestAuthenticator,
const BYTE* secret,
ULONG secretLength,
BYTE* buffer,
ULONG bufferLength,
RadiusPacket& packet
) throw ();
// Allocates and initializes a RadiusPacket struct to hold 'nattr' attributes.
#define ALLOC_PACKET(packet, nattr) \
{ size_t nbyte = sizeof(RadiusPacket) + (nattr) * sizeof(RadiusAttribute); \
(packet) = (RadiusPacket*)_alloca(nbyte); \
(packet)->begin = (RadiusAttribute*)((packet) + 1); \
(packet)->end = (RadiusAttribute*)((PBYTE)(packet) + nbyte); \
}
// Allocates and initializes a RadiusPacket struct to hold the attributes in
// 'buf'.
#define ALLOC_PACKET_FOR_BUFFER(packet, buf, buflen) \
{ size_t nattr = GetAttributeCount(buf, buflen); \
if (nattr != MALFORMED_PACKET) \
ALLOC_PACKET(packet, nattr) \
else \
packet = NULL; \
}
// Allocates a buffer to hold 'packet'.
#define ALLOC_BUFFER_FOR_PACKET(buf, packet, ps, sign) \
{ (packet)->length = (USHORT)GetBufferSizeRequired(*(packet), (ps), (sign)); \
(buf) = (PBYTE)((packet)->length ? _alloca((packet)->length) : NULL); \
}
#endif // RADPACK_H