package.xml0000644000076600000240000003645212660365266012544 0ustar aharveystaff radius pecl.php.net Radius client library This package is based on the libradius of FreeBSD, with some modifications and extensions. This PECL provides full support for RADIUS authentication (RFC 2865) and RADIUS accounting (RFC 2866), works on Unix and on Windows. Its an easy way to authenticate your users against the user-database of your OS (for example against Windows Active-Directory via IAS). Michael Bretterklieber mbretter mbretter@php.net yes Adam Harvey aharvey aharvey@php.net yes 2016-02-15 1.4.0b1 1.4.0b1 beta beta BSD - Add PHP 7.0 support. (Adam) - Drop support for PHP < 5.3. 5.3.0 1.4.0b1 radius 1.4.0b1 1.4.0b1 beta beta 2016-02-15 BSD - Add PHP 7.0 support. (Adam) - Drop support for PHP < 5.3. 1.3.0 1.3.0 stable stable 2016-02-15 BSD - Fixed bug #65156 (Please provide LICENSE file). (Adam) - Fixed bug #65378 (radius.c:706: error: too many arguments to function ‘rad_salt_value’). (Adam) - Fixed bug #65599 (Fix compiling for VC11 x64). (Jan Ehrhardt) 1.3.0b1 1.3.0b1 beta beta 2013-07-04 BSD This release adds several new features: - Support for CoA and disconnect packets. - Support for tagged attributes. - Support for salt-encrypted attributes. - Support for Juniper vendor specific attributes. These features are based on code written by Gabriel Blanchard in his fork of PECL radius: https://github.com/gblanchard/pecl-radius. Three new functions have been added to handle these features: - radius_get_tagged_attr_data(string attr) This function returns the data from a tagged attribute. - radius_get_tagged_attr_tag(string attr) This function returns the tag from a tagged attribute. - radius_salt_encrypt_attr(resource radius_handle, string attr) This function salt-encrypts the given attribute. This shouldn't normally need to be called manually, but is available for unusual use cases. Salt encryption is generally achieved through the use of the new RADIUS_OPTION_SALT option. All put functions have been extended to accept an optional options bitfield and an optional tag value, which will be used to tag an attribute if the RADIUS_OPTION_TAGGED option is set. 1.2.7 1.2.7 stable stable 2013-06-27 BSD This release fixes a security issue in radius_get_vendor_attr(). It is strongly recommended that users using vendor specific attributes upgrade immediately, with other users encouraged to upgrade when practical. - Fix a security issue in radius_get_vendor_attr() by enforcing checks of the VSA length field against the buffer size. (Adam) 1.2.6 1.2.6 stable stable 2013-06-20 BSD - Support added for PHP 5.4 and 5.5. (Johannes) - Fixed bug #60885 (Radius module causing Apache segmentation fault). (Adam) - Fixed a crash when calling radius_server_secret() with no servers configured. (Adam) 1.2.5 1.2.5 stable stable 2007-03-18 BSD - Release 1.2.5 - amd64 arch fixes 1.2.4 1.2.4 stable stable 2003-11-17 BSD - Release 1.2.4 - Forgot including updated radius_init_const.h 1.2.3 1.2.3 stable stable 2003-11-04 BSD - Release 1.2.3 - Fixed a typo in radius_init_const.h wich caused RADIUS_ACCT_STATUS_TYPE to be undefined. - Re-added Makefile.in 1.2.2 1.2.2 stable stable 2003-07-17 BSD - Release 1.2.2 - Changed role for example-files to doc - Removed deprecated files - Added IPv6 related attributes defined in RFC3162 1.2.1 1.2.1 stable stable 2003-05-02 BSD - Release 1.2.1 - Change License to BSD - BugFix: The MS-CHAPv2 Authenticator-Challenge has 16 Bytes and not 8 Bytes - BugFix: build under Solaris - Generate better challenges - Many source-code-style fixes - Removed unneeded sources - Some cleanup's 1.2 1.2 stable stable 2003-01-11 BSD - Release 1.2 - BugFix: a to short challenge was generated sometimes (MS-CHAPv1, MS-CHAPv2) - New functions: radius_demangle: demangles radius passwords and mppe MS-CHAPv1 Keys radius_demangle_mppe_key: demangles mppe send- and recvkey (MS-CHAPv2) - Provide examples for radius-accounting - Replaced mcrypt-functions with own des-ecb-encryption function - Some minor changes in radius-auth.php - Added php-script for testing MS-CHAP functions 1.1 1.1 stable stable 2002-12-22 BSD - Release 1.1 - Fixed source code style - added examples directory - added examples for MS-CHAPv1 and MS-CHAPv2 1.0 1.0 stable stable 2002-12-17 BSD - Release 1.0 0.9 0.9 beta beta 2002-12-11 BSD - Well tested under Linux, FreeBSD and Windows radius-1.4.0b1/examples/des.php0000644000076600000240000002737012660365266015700 0ustar aharveystaff All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This code cannot simply be copied and put under the GNU Public License or any other GPL-like (LGPL, GPL2) License. $Id$ */ include_once 'des.php'; function NtPasswordHash($plain) { return mhash (MHASH_MD4, str2unicode($plain)); } function str2unicode($str) { for ($i=0;$i radius-1.4.0b1/examples/mschaptest.php0000644000076600000240000000614512660365266017275 0ustar aharveystaff All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This code cannot simply be copied and put under the GNU Public License or any other GPL-like (LGPL, GPL2) License. $Id$ */ include_once('mschap.php'); echo "MS-CHAPv1 TEST\n"; $pass = 'MyPw'; $challenge = pack('H*', '102DB5DF085D3041'); printf ("Test Challenge: %s\n", bin2hex($challenge)); $unipw = str2unicode($pass); printf ("Unicode PW: %s\nexpected : 4d00790050007700\n", bin2hex($unipw)); $nthash = NtPasswordHash($pass); printf ("NT HASH : %s\nexpected : fc156af7edcd6c0edde3337d427f4eac\n", bin2hex($nthash)); $challresp = ChallengeResponse($challenge, $nthash); printf ("ChallResp : %s\nexpected : 4e9d3c8f9cfd385d5bf4d3246791956ca4c351ab409a3d61\n", bin2hex($challresp)); echo "\n"; echo "MS-CHAPv2 TEST\n"; $user = 'User'; $pass = 'clientPass'; printf ("Username : %s\nexpected : 55736572\n", bin2hex($user)); $challenge = pack('H*', 'd02e4386bce91226'); printf ("Challenge : %s\n", bin2hex($challenge)); $authchallenge = pack('H*', '5b5d7c7d7b3f2f3e3c2c602132262628'); printf ("Auth Challenge: %s\n", bin2hex($authchallenge)); $peerChallenge = pack('H*', '21402324255E262A28295F2B3A337C7E'); printf ("Peer Challenge: %s\n", bin2hex($peerChallenge)); $nthash = NtPasswordHash($pass); printf ("NT HASH : %s\nexpected : 44ebba8d5312b8d611474411f56989ae\n", bin2hex($nthash)); $nthashhash = NtPasswordHashHash($nthash); printf ("NT HASH-HASH : %s\nexpected : 41c00c584bd2d91c4017a2a12fa59f3f\n", bin2hex($nthashhash)); $resp = GenerateNtResponse($authchallenge, $peerChallenge, $user, $pass); printf ("ChallResp : %s\nexpected : 82309ecd8d708b5ea08faa3981cd83544233114a3d85d6df\n", bin2hex($resp)); echo "\n"; ?> radius-1.4.0b1/examples/radius-acct.php0000644000076600000240000001134612660365266017320 0ustar aharveystaff All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This code cannot simply be copied and put under the GNU Public License or any other GPL-like (LGPL, GPL2) License. $Id$ */ if(!extension_loaded('radius')) { if (preg_match('/windows/i', getenv('OS'))) { dl('php_radius.dll'); } else { dl('radius.so'); } } $username = 'sepp'; $radserver = 'localhost'; $radport = 1813; $starttime = time(); $sharedsecret = 'testing123'; if (!isset($REMOTE_ADDR)) $REMOTE_ADDR = '127.0.0.1'; $res = radius_acct_open(); echo "$res
\n"; //if (!radius_config($res, '/etc/radius.conf')) { /*if (!radius_config($res, 'D:/php-devel/pear/PECL/radius/radius.conf')) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; }*/ if (!radius_add_server($res, $radserver, $radport, $sharedsecret, 3, 3)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_create_request($res, RADIUS_ACCOUNTING_REQUEST)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_put_string($res, RADIUS_NAS_IDENTIFIER, isset($HTTP_HOST) ? $HTTP_HOST : 'localhost')) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_put_int($res, RADIUS_SERVICE_TYPE, RADIUS_FRAMED)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_put_int($res, RADIUS_FRAMED_PROTOCOL, RADIUS_PPP)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_put_string($res, RADIUS_CALLING_STATION_ID, isset($REMOTE_HOST) ? $REMOTE_HOST : '127.0.0.1') == -1) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_put_string($res, RADIUS_USER_NAME, $username)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_put_addr($res, RADIUS_FRAMED_IP_ADDRESS, $REMOTE_ADDR)) { echo 'RadiusError1:' . radius_strerror($res). "\n
"; exit; } // RADIUS_START => start accounting // RADIUS_STOP => stop accounting if (!radius_put_int($res, RADIUS_ACCT_STATUS_TYPE, RADIUS_START)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } /* Generate a session ID */ $sessionid = sprintf("%s:%d-%s", $REMOTE_ADDR, getmypid(), get_current_user()); if (!radius_put_string($res, RADIUS_ACCT_SESSION_ID, $sessionid)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } // RADIUS_AUTH_RADIUS => authenticated via Radius // RADIUS_AUTH_LOCAL => authenicated local // RADIUS_AUTH_REMOTE => authenticated remote if (!radius_put_int($res, RADIUS_ACCT_AUTHENTIC, RADIUS_AUTH_LOCAL)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } sleep(3); // if RADIUS_ACCT_STATUS_TYPE == RADIUS_STOP if (!radius_put_int($res, RADIUS_ACCT_TERMINATE_CAUSE, RADIUS_TERM_USER_REQUEST)) { echo 'RadiusError2:' . radius_strerror($res). "\n
"; exit; } if (!radius_put_int($res, RADIUS_ACCT_SESSION_TIME, time() - $starttime)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } // endif $req = radius_send_request($res); if (!$req) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } switch($req) { case RADIUS_ACCOUNTING_RESPONSE: echo "Radius Accounting response
\n"; break; default: echo "Unexpected return value:$req\n
"; } radius_close($res); ?> radius-1.4.0b1/examples/radius-auth.php0000644000076600000240000003031612660365266017345 0ustar aharveystaff All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This code cannot simply be copied and put under the GNU Public License or any other GPL-like (LGPL, GPL2) License. $Id$ */ if(!extension_loaded('radius')) { if (preg_match('/windows/i', getenv('OS'))) { dl('php_radius.dll'); } else { dl('radius.so'); } } $module = 'radius'; $functions = get_extension_funcs($module); echo "Functions available in the test extension:
\n"; foreach($functions as $func) echo $func . "
\n"; $username = 'sepp'; $password = 'sepp'; $radserver = 'localhost'; $radport = 1812; $sharedsecret = 'testing123'; $auth_type = 'pap'; //$auth_type = 'chap'; //$auth_type = 'mschapv1'; //$auth_type = 'mschapv2'; $res = radius_auth_open(); echo "$res
\n"; //if (!radius_config($res, '/etc/radius.conf')) { /*if (!radius_config($res, 'D:/php-devel/pear/PECL/radius/radius.conf')) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; }*/ if (!radius_add_server($res, $radserver, $radport, $sharedsecret, 3, 3)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_add_server($res, $radserver, $radport, 'testing123', 3, 3)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_create_request($res, RADIUS_ACCESS_REQUEST)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_put_string($res, RADIUS_NAS_IDENTIFIER, isset($HTTP_HOST) ? $HTTP_HOST : 'localhost')) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_put_int($res, RADIUS_SERVICE_TYPE, RADIUS_FRAMED)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_put_int($res, RADIUS_FRAMED_PROTOCOL, RADIUS_PPP)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_put_string($res, RADIUS_CALLING_STATION_ID, isset($REMOTE_HOST) ? $REMOTE_HOST : '127.0.0.1') == -1) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_put_string($res, RADIUS_USER_NAME, $username)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if ($auth_type == 'chap') { echo "CHAP
\n"; /* generate Challenge */ mt_srand(time()); $chall = mt_rand(); // FYI: CHAP = md5(ident + plaintextpass + challenge) $chapval = pack('H*', md5(pack('Ca*',1 , $password . $chall))); // $chapval = md5(pack('Ca*',1 , $password . $chall)); // Radius wants the CHAP Ident in the first byte of the CHAP-Password $pass = pack('C', 1) . $chapval; if (!radius_put_attr($res, RADIUS_CHAP_PASSWORD, $pass)) { echo 'RadiusError: RADIUS_CHAP_PASSWORD:' . radius_strerror($res). "
\n"; exit; } if (!radius_put_attr($res, RADIUS_CHAP_CHALLENGE, $chall)) { echo 'RadiusError: RADIUS_CHAP_CHALLENGE:' . radius_strerror($res). "
\n"; exit; } } else if ($auth_type == 'mschapv1') { echo "MS-CHAPv1
\n"; include_once('mschap.php'); $challenge = GenerateChallenge(); printf ("Challenge:%s\n", bin2hex($challenge)); if (!radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_CHAP_CHALLENGE, $challenge)) { echo 'RadiusError: RADIUS_MICROSOFT_MS_CHAP_CHALLENGE:' . radius_strerror($res). "
\n"; exit; } $ntresp = ChallengeResponse($challenge, NtPasswordHash($password)); $lmresp = str_repeat ("\0", 24); printf ("NT Response:%s\n", bin2hex($ntresp)); // Response: chapid, flags (1 = use NT Response), LM Response, NT Response $resp = pack('CCa48',1 , 1, $lmresp . $ntresp); printf ("Response:%d %s\n", strlen($resp), bin2hex($resp)); if (!radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_CHAP_RESPONSE, $resp)) { echo 'RadiusError: RADIUS_MICROSOFT_MS_CHAP_RESPONSE:' . radius_strerror($res). "
\n"; exit; } } else if ($auth_type == 'mschapv2') { echo "MS-CHAPv2
\n"; include_once('mschap.php'); $authChallenge = GenerateChallenge(16); printf ("Auth Challenge:%s\n", bin2hex($authChallenge)); if (!radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_CHAP_CHALLENGE, $authChallenge)) { echo 'RadiusError: RADIUS_MICROSOFT_MS_CHAP_CHALLENGE:' . radius_strerror($res). "
\n"; exit; } // we have no client, therefore we generate the Peer-Challenge $peerChallenge = GeneratePeerChallenge(); printf ("Peer Challenge:%s\n", bin2hex($peerChallenge)); $ntresp = GenerateNTResponse($authChallenge, $peerChallenge, $username, $password); $reserved = str_repeat ("\0", 8); printf ("NT Response:%s\n", bin2hex($ntresp)); // Response: chapid, flags (1 = use NT Response), Peer challenge, reserved, Response $resp = pack('CCa16a8a24',1 , 1, $peerChallenge, $reserved, $ntresp); printf ("Response:%d %s\n", strlen($resp), bin2hex($resp)); if (!radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_CHAP2_RESPONSE, $resp)) { echo 'RadiusError: RADIUS_MICROSOFT_MS_CHAP2_RESPONSE:' . radius_strerror($res). "
\n"; exit; } } else { echo "PAP
\n"; if (!radius_put_string($res, RADIUS_USER_PASSWORD, "sepp")) { echo 'RadiusError:' . radius_strerror($res). "
\n"; exit; } } if (!radius_put_int($res, RADIUS_SERVICE_TYPE, RADIUS_FRAMED)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } if (!radius_put_int($res, RADIUS_FRAMED_PROTOCOL, RADIUS_PPP)) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } $req = radius_send_request($res); if (!$req) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } switch($req) { case RADIUS_ACCESS_ACCEPT: echo "Radius Request accepted
\n"; break; case RADIUS_ACCESS_REJECT: echo "Radius Request rejected
\n"; break; default: echo "Unexpected return value:$req\n
"; } while ($resa = radius_get_attr($res)) { if (!is_array($resa)) { printf ("Error getting attribute: %s\n", radius_strerror($res)); exit; } $attr = $resa['attr']; $data = $resa['data']; //printf("Got Attr:%d %d Bytes %s\n", $attr, strlen($data), bin2hex($data)); switch ($attr) { case RADIUS_FRAMED_IP_ADDRESS: $ip = radius_cvt_addr($data); echo "IP: $ip
\n"; break; case RADIUS_FRAMED_IP_NETMASK: $mask = radius_cvt_addr($data); echo "MASK: $mask
\n"; break; case RADIUS_FRAMED_MTU: $mtu = radius_cvt_int($data); echo "MTU: $mtu
\n"; break; case RADIUS_FRAMED_COMPRESSION: $comp = radius_cvt_int($data); echo "Compression: $comp
\n"; break; case RADIUS_SESSION_TIMEOUT: $time = radius_cvt_int($data); echo "Session timeout: $time
\n"; ini_set('max_execution_time', $time); break; case RADIUS_IDLE_TIMEOUT: $idletime = radius_cvt_int($data); echo "Idle timeout: $idletime
\n"; break; case RADIUS_SERVICE_TYPE: $type = radius_cvt_int($data); echo "Service Type: $type
\n"; break; case RADIUS_CLASS: $class = radius_cvt_int($data); echo "Class: $class
\n"; break; case RADIUS_FRAMED_PROTOCOL: $proto = radius_cvt_int($data); echo "Protocol: $proto
\n"; break; case RADIUS_FRAMED_ROUTING: $rout = radius_cvt_int($data); echo "Routing: $rout
\n"; break; case RADIUS_FILTER_ID: $id = radius_cvt_string($data); echo "Filter ID: $id
\n"; break; case RADIUS_VENDOR_SPECIFIC: //printf ("Vendor specific (%d)
\n", $attr); $resv = radius_get_vendor_attr($data); if (is_array($resv)) { $vendor = $resv['vendor']; $attrv = $resv['attr']; $datav = $resv['data']; if ($vendor == RADIUS_VENDOR_MICROSOFT) { switch ($attrv) { case RADIUS_MICROSOFT_MS_CHAP2_SUCCESS: $mschap2resp = radius_cvt_string($datav); printf ("MS CHAPv2 success: %s
\n", $mschap2resp); break; case RADIUS_MICROSOFT_MS_CHAP_ERROR: $errormsg = radius_cvt_string(substr($datav,1)); echo "MS CHAP Error: $errormsg
\n"; break; case RADIUS_MICROSOFT_MS_CHAP_DOMAIN: $domain = radius_cvt_string($datav); echo "MS CHAP Domain: $domain
\n"; break; case RADIUS_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY: $policy = radius_cvt_int($datav); echo "MS MPPE Policy: $policy
\n"; break; case RADIUS_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES: $type = radius_cvt_int($datav); echo "MS MPPE Type: $type
\n"; break; case RADIUS_MICROSOFT_MS_CHAP_MPPE_KEYS: $demangled = radius_demangle($res, $datav); $lmkey = substr($demangled, 0, 8); $ntkey = substr($demangled, 8, RADIUS_MPPE_KEY_LEN); printf ("MS MPPE Keys: LM-Key: %s NT-Key: %s
\n", bin2hex($lmkey), bin2hex($ntkey)); break; case RADIUS_MICROSOFT_MS_MPPE_SEND_KEY: $demangled = radius_demangle_mppe_key($res, $datav); printf ("MS MPPE Send Key: %s
\n", bin2hex($demangled)); break; case RADIUS_MICROSOFT_MS_MPPE_RECV_KEY: $demangled = radius_demangle_mppe_key($res, $datav); printf ("MS MPPE Send Key: %s
\n", bin2hex($demangled)); break; case RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER: $server = radius_cvt_string($datav); printf ("MS Primary DNS Server: %s
\n", $server); break; default: printf("Unexpected Microsoft attribute: %d
\n", $attrv); } } } else { printf ("Error getting Vendor attribute %s
\n", radius_strerror($res)); } break; default: printf("Unexpected attribute: %d
\n", $attr); } } $secret = radius_server_secret($res); if (!$secret) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } else { echo "Shared Secret:$secret
\n"; } $authent = radius_request_authenticator($res); if (!$authent) { echo 'RadiusError:' . radius_strerror($res). "\n
"; exit; } else { printf ("Request Authenticator:%s Len:%d
\n", bin2hex($authent), strlen($authent)); } radius_close($res); ?> radius-1.4.0b1/pecl-compat/src/misc.h0000644000076600000240000001576312660365266016700 0ustar aharveystaff/* +----------------------------------------------------------------------+ | Compatibility between PHP versions | +----------------------------------------------------------------------+ | Copyright (c) 2015 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | | available through the world-wide-web at the following url: | | http://www.php.net/license/3_01.txt. | | If you did not receive a copy of the PHP license and are unable to | | obtain it through the world-wide-web, please send a note to | | license@php.net so we can mail you a copy immediately. | +----------------------------------------------------------------------+ | Author: Francois Laupretre | +----------------------------------------------------------------------+ */ #ifndef __PECL_COMPAT_MISC_H #define __PECL_COMPAT_MISC_H 1 #ifdef PHP_7 /*============================================================================*/ typedef zend_string * OPENED_PATH_PTR; /* Type of stream opened_path argument */ typedef size_t COMPAT_ARG_SIZE_T; /* Size of string arguments */ typedef zend_long COMPAT_ARG_LONG_T; /* Type of long (integer) arguments */ #define compat_zval_ptr_dtor(zp) zval_ptr_dtor(zp) #else /*== PHP 5 ===================================================================*/ typedef char * OPENED_PATH_PTR; typedef off_t zend_off_t; typedef int COMPAT_ARG_SIZE_T; typedef long COMPAT_ARG_LONG_T; typedef long zend_long; #define compat_zval_ptr_dtor(zp) zval_dtor(zp) #endif /*============================================================================*/ #ifndef MIN # define MIN(a,b) (((a) < (b)) ? (a) : (b)) #endif #ifndef MAX # define MAX(a,b) (((a) > (b)) ? (a) : (b)) #endif /*---------------------------------------------------------------*/ /* (Taken from pcre/pcrelib/internal.h) */ /* To cope with SunOS4 and other systems that lack memmove() but have bcopy(), define a macro for memmove() if HAVE_MEMMOVE is false, provided that HAVE_BCOPY is set. Otherwise, include an emulating function for those systems that have neither (there are some non-Unix environments where this is the case). This assumes that all calls to memmove are moving strings upwards in store, which is the case in this extension. */ #if ! HAVE_MEMMOVE # ifdef memmove # undef memmove /* some systems may have a macro */ # endif # if HAVE_BCOPY # define memmove(a, b, c) bcopy(b, a, c) # else static void *my_memmove(unsigned char *dest, const unsigned char *src, size_t n) { int i; dest += n; src += n; for (i = 0; i < n; ++i) *(--dest) = *(--src); } # define memmove(a, b, c) my_memmove(a, b, c) # endif /* not HAVE_BCOPY */ #endif /* not HAVE_MEMMOVE */ #ifdef _AIX # undef PHP_SHLIB_SUFFIX # define PHP_SHLIB_SUFFIX "a" #endif #ifndef ZVAL_IS_ARRAY #define ZVAL_IS_ARRAY(zp) (Z_TYPE_P((zp))==IS_ARRAY) #endif #ifndef ZVAL_IS_STRING #define ZVAL_IS_STRING(zp) (Z_TYPE_P((zp))==IS_STRING) #endif #ifndef ZVAL_IS_LONG #define ZVAL_IS_LONG(zp) (Z_TYPE_P((zp))==IS_LONG) #endif #ifndef ZVAL_IS_BOOL #define ZVAL_IS_BOOL(zp) (Z_TYPE_P((zp))==IS_BOOL) #endif #ifndef INIT_ZVAL #define INIT_ZVAL(z) memset(&z, 0, sizeof(z)) #endif #ifndef ZVAL_UNDEF #define ZVAL_UNDEF(z) INIT_ZVAL(*(z)) #endif #ifndef MAKE_STD_ZVAL #define MAKE_STD_ZVAL(zp) { zp = emalloc(sizeof(zval)); INIT_ZVAL(*zp); } #endif #ifndef ALLOC_INIT_ZVAL #define ALLOC_INIT_ZVAL(zp) MAKE_STD_ZVAL(zp) #endif #ifndef ZEND_ASSUME #if defined(ZEND_WIN32) && !defined(__clang__) # define ZEND_ASSUME(c) __assume(c) #else # define ZEND_ASSUME(c) #endif #endif #ifndef ZEND_ASSERT #if ZEND_DEBUG # define ZEND_ASSERT(c) assert(c) #else # define ZEND_ASSERT(c) ZEND_ASSUME(c) #endif #endif #ifndef EMPTY_SWITCH_DEFAULT_CASE /* Only use this macro if you know for sure that all of the switches values are covered by its case statements */ #if ZEND_DEBUG # define EMPTY_SWITCH_DEFAULT_CASE() default: ZEND_ASSERT(0); break; #else # define EMPTY_SWITCH_DEFAULT_CASE() default: ZEND_ASSUME(0); break; #endif #endif #ifndef ZEND_IGNORE_VALUE #if defined(__GNUC__) && __GNUC__ >= 4 # define ZEND_IGNORE_VALUE(x) (({ __typeof__ (x) __x = (x); (void) __x; })) #else # define ZEND_IGNORE_VALUE(x) ((void) (x)) #endif #endif #if PHP_API_VERSION >= 20100412 typedef size_t PHP_ESCAPE_HTML_ENTITIES_SIZE; #else typedef int PHP_ESCAPE_HTML_ENTITIES_SIZE; #endif /* Avoid a warning when compiling stream wrapper declarations for openfile/opendir/url_stat */ #if ZEND_EXTENSION_API_NO >= PHP_5_6_X_API_NO # define COMPAT_STREAM_CONST_DECL const #else # define COMPAT_STREAM_CONST_DECL #endif #ifndef ZEND_MODULE_GLOBALS_ACCESSOR # ifdef ZTS # define ZEND_MODULE_GLOBALS_ACCESSOR(module_name, v) \ TSRMG(module_name##_globals_id, zend_##module_name##_globals *, v) # else # define ZEND_MODULE_GLOBALS_ACCESSOR(module_name, v) \ (module_name##_globals.v) # endif #endif #ifndef ZEND_MODULE_GLOBALS_BULK # ifdef ZTS # define ZEND_MODULE_GLOBALS_BULK(module_name) \ ((zend_##module_name##_globals *) \ (*((void ***) tsrm_ls))[module_name##_globals_id - 1]) # else # define ZEND_MODULE_GLOBALS_BULK(module_name) \ (&module_name##_globals) # endif #endif #ifndef ZEND_TSRMLS_CACHE_DEFINE # define ZEND_TSRMLS_CACHE_DEFINE() #endif #ifndef ZEND_TSRMLS_CACHE_UPDATE # define ZEND_TSRMLS_CACHE_UPDATE() #endif #ifndef PHP_FE_END # define PHP_FE_END { NULL, NULL, NULL } #endif #ifndef ZEND_MOD_END /* for php < 5.3.7 */ # define ZEND_MOD_END {NULL, NULL, NULL} #endif /*============================================================================*/ /* Duplicate a memory buffer */ /* Supports zero size (allocates 1 byte) */ static zend_always_inline void *_compat_dup(const void *ptr, size_t size, int persistent) { char *p; if (!ptr) return NULL; if (size) { p = pemalloc(size, persistent); memmove(p, ptr, size); } else { p = pemalloc(1,persistent); (*p) = '\0'; /* Ensures deterministic behavior */ } return p; } /*---------------------------------------------------------------*/ /* Duplicate a string and set terminating null. Input string does not have to be null-terminated */ static zend_always_inline void *_compat_dup_str(const void *ptr, size_t size, int persistent) { char *p; if (!ptr) return NULL; p = pemalloc(size + 1, persistent); if (size) memmove(p, ptr, size); p[size] = '\0'; return p; } /*-----------------------------------------------------*/ /* Fatal error - display message and abort process */ static zend_always_inline void compat_unsupported(char *msg) { php_error(E_CORE_ERROR, "This feature is not supported in this environment : %s", msg); exit(1); } /*============================================================================*/ #endif /* __PECL_COMPAT_MISC_H */ radius-1.4.0b1/pecl-compat/src/zend_API.h0000644000076600000240000000546212660365266017371 0ustar aharveystaff/* +----------------------------------------------------------------------+ | Compatibility macros for different PHP versions | +----------------------------------------------------------------------+ | Copyright (c) 2016 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | | available through the world-wide-web at the following url: | | http://www.php.net/license/3_01.txt. | | If you did not receive a copy of the PHP license and are unable to | | obtain it through the world-wide-web, please send a note to | | license@php.net so we can mail you a copy immediately. | +----------------------------------------------------------------------+ | Author: Adam Harvey | +----------------------------------------------------------------------+ */ #ifndef _COMPAT_ZEND_API_H #define _COMPAT_ZEND_API_H #ifdef PHP_7 /*============================================================================*/ #else /*== PHP 5 ===================================================================*/ /* * Many string-related macros used to take duplicate parameters, which * specified whether the string should be duplicated or not. In practice, * almost all code used 1, so PHP 7 always duplicates. * * This header redefines the relevant macros to match PHP 7. */ #undef ZVAL_STRING #define ZVAL_STRING(z, s) do { \ const char *__s = (s); \ zval *__z = (z); \ Z_STRLEN_P(__z) = strlen(__s); \ Z_STRVAL_P(__z) = estrndup(__s, Z_STRLEN_P(__z)); \ Z_TYPE_P(__z) = IS_STRING; \ } while (0) #undef ZVAL_STRINGL #define ZVAL_STRINGL(z, s, l) do { \ const char *__s = (s); \ int __l = (l); \ zval *__z = (z); \ Z_STRLEN_P(__z) = __l; \ Z_STRVAL_P(__z) = estrndup(__s, __l); \ Z_TYPE_P(__z) = IS_STRING; \ } while (0) #undef RETVAL_STRING #define RETVAL_STRING(s) ZVAL_STRING(return_value, (s)) #undef RETVAL_STRINGL #define RETVAL_STRINGL(s, l) ZVAL_STRINGL(return_value, (s), (l)) #undef RETURN_STRING #define RETURN_STRING(s) { RETVAL_STRING(s); return; } #undef RETURN_STRINGL #define RETURN_STRINGL(s, l) { RETVAL_STRINGL(s, l); return; } #undef add_assoc_string #define add_assoc_string(__arg, __key, __str) add_assoc_string_ex(__arg, __key, strlen(__key)+1, __str, 1) #undef add_assoc_stringl #define add_assoc_stringl(__arg, __key, __str, __len) add_assoc_stringl_ex(__arg, __key, strlen(__key)+1, __str, __len, 1) #endif /* PHP_7 */ /*============================================================================*/ #endif /* _COMPAT_ZEND_API_H */ radius-1.4.0b1/pecl-compat/src/zend_hash.h0000644000076600000240000002566212660365266017707 0ustar aharveystaff/* +----------------------------------------------------------------------+ | zend_hash compatibility layer for PHP 5 & 7 | +----------------------------------------------------------------------+ | Copyright (c) 2005-2007 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | | available through the world-wide-web at the following url: | | http://www.php.net/license/3_01.txt. | | If you did not receive a copy of the PHP license and are unable to | | obtain it through the world-wide-web, please send a note to | | license@php.net so we can mail you a copy immediately. | +----------------------------------------------------------------------+ | Author: Francois Laupretre | +----------------------------------------------------------------------+ */ #ifndef _COMPAT_ZEND_HASH_H #define _COMPAT_ZEND_HASH_H #include "zend_hash.h" #ifdef PHP_7 /*============================================================================*/ #define compat_zend_hash_exists(ht, key) zend_hash_exists(ht, key) #define compat_zend_hash_str_exists(ht, str, len) zend_hash_str_exists(ht, str, len) #define COMPAT_HASH_PTR(_zp) (&(Z_PTR_P(_zp))) /*---------*/ /* Changes from original version: - If numeric key, returned (zend_string *) is set to NULL. - If non null, returned zend_string must be released. */ static zend_always_inline int compat_zend_hash_get_current_key_ex(const HashTable *ht , zend_string **str_index, zend_ulong *num_index, HashPosition *pos) { int status; if (str_index) (*str_index) = NULL; status = zend_hash_get_current_key_ex(ht, str_index, num_index, pos); if (*str_index) zend_string_addref(*str_index); return status; } /*---------*/ /* Added - This function is equivalent to the PHP 5 version of zend_hash_get_current_key_ex() */ static zend_always_inline int compat_zend_hash_str_get_current_key_ex(const HashTable *ht , char **str_index, size_t *str_length, zend_ulong *num_index , zend_bool duplicate, HashPosition *pos) { int status; zend_string *zp; zp = NULL; status = zend_hash_get_current_key_ex(ht, &zp, num_index, pos); if (zp) { if (duplicate) { (*str_index) = estrndup(ZSTR_VAL(zp), ZSTR_LEN(zp)); } else { (*str_index) = ZSTR_VAL(zp); } (*str_length) = ZSTR_LEN(zp); } return status; } /*---------*/ static zend_always_inline void *compat_zend_hash_get_current_data_ptr_ex(HashTable *ht , HashPosition *pos) { zval *zp; zp = zend_hash_get_current_data_ex(ht, pos); return Z_PTR_P(zp); } #define compat_zend_hash_get_current_data_ptr(ht) \ compat_zend_hash_get_current_data_ptr_ex(ht, &(ht)->nInternalPointer) /*---------*/ static zend_always_inline void *compat_zend_hash_get_current_data_ex(HashTable *ht , HashPosition *pos) { return (void *)zend_hash_get_current_data_ex(ht, pos); } #define compat_zend_hash_get_current_data(ht) \ compat_zend_hash_get_current_data_ex(ht, &(ht)->nInternalPointer) #define compat_zend_hash_get_current_zval_ex(ht, pos) \ (zval *)compat_zend_hash_get_current_data_ex(ht, pos) #define compat_zend_hash_get_current_zval(ht) \ compat_zend_hash_get_current_zval_ex(ht, &(ht)->nInternalPointer) #else /*= PHP 5 ====================================================================*/ #ifndef HASH_KEY_NON_EXISTENT #define HASH_KEY_NON_EXISTENT HASH_KEY_NON_EXISTANT #endif #define COMPAT_HASH_PTR(_zp) (_zp) /*------------------------------------------------*/ static zend_always_inline void *zend_hash_add_ptr(HashTable *ht , zend_string *key, void *pData) { int status; status = zend_hash_quick_add(ht, ZSTR_VAL(key), (uint)(ZSTR_LEN(key) + 1) , (ulong)ZSTR_HASH(key), &pData, sizeof(void *), NULL); return (status == SUCCESS ? pData : NULL); } #define zend_hash_add_new_ptr(ht, key, pData) zend_hash_add_ptr(ht, key, pData) #define zend_hash_add_mem(ht, key, pData, size) \ zend_hash_add_ptr(ht, key, _compat_dup(pData, size, ht->persistent)) /*---------*/ static zend_always_inline void *zend_hash_str_add_ptr(HashTable *ht , const char *str, size_t len, void *pData) { int status; char *strn = _compat_dup_str(str, len, 0); status = zend_hash_add(ht, strn, len + 1, &pData, sizeof(void *), NULL); efree(strn); return (status == SUCCESS ? pData : NULL); } #define zend_hash_str_add_new_ptr(ht, str, len, pData) zend_hash_str_add_ptr(ht, str, len, pData) #define zend_hash_str_add_mem(ht, str, len, pData, size) \ zend_hash_str_add_ptr(ht, str, len, _compat_dup(pData, size, ht->persistent)) /*---------*/ static zend_always_inline void *zend_hash_index_add_ptr(HashTable *ht , zend_ulong h, void *pData) { int status; status = zend_hash_index_update(ht, (ulong)h, &pData, sizeof(void *), NULL); return (status == SUCCESS ? pData : NULL); } #define zend_hash_index_add_new_ptr(ht, h, pData) \ zend_hash_index_add_ptr(ht, h, pData) #define zend_hash_index_add_mem(ht, h, pData, size) \ zend_hash_index_add_ptr(ht, h, _compat_dup(pData, size, ht->persistent)) /*---------*/ static zend_always_inline void *zend_hash_next_index_insert_ptr(HashTable *ht , void *pData) { int status; status = zend_hash_next_index_insert(ht, &pData, sizeof(void *), NULL); return (status == SUCCESS ? pData : NULL); } #define zend_hash_next_index_insert_mem(ht, pData, size) \ zend_hash_next_index_insert_ptr(ht, _compat_dup(pData, size, ht->persistent)) /*---------*/ static zend_always_inline void *zend_hash_update_ptr(HashTable *ht , zend_string *key, void *pData) { int status; status = zend_hash_quick_update(ht, ZSTR_VAL(key), (uint)(ZSTR_LEN(key) + 1) , (ulong)ZSTR_HASH(key), &pData, sizeof(void *), NULL); return (status == SUCCESS ? pData : NULL); } #define zend_hash_update_mem(ht, key, pData, size) \ zend_hash_update_ptr(ht, key, _compat_dup(pData, size, ht->persistent)) /*---------*/ static zend_always_inline void *zend_hash_str_update_ptr(HashTable *ht , const char *str, size_t len, void *pData) { int status; char *strn = _compat_dup_str(str, len, 0); status = zend_hash_update(ht, strn, len + 1, &pData, sizeof(void *), NULL); efree(strn); return (status == SUCCESS ? pData : NULL); } #define zend_hash_str_upate_mem(ht, str, len, pData, size) \ zend_hash_str_update_ptr(ht, str, len, _compat_dup(pData, size, ht->persistent)) #define zend_hash_index_update_ptr(ht, h, pData) \ zend_hash_index_add_ptr(ht, h, pData) #define zend_hash_index_update_mem(ht, h, pData, size) \ zend_hash_index_add_mem(ht, h, pData, size) /*---------*/ static zend_always_inline void *zend_hash_find_ptr(const HashTable *ht , zend_string *key) { int status; void **p; status = zend_hash_quick_find(ht, ZSTR_VAL(key), (uint)(ZSTR_LEN(key) + 1) , (ulong)ZSTR_HASH(key), (void **)(&p)); return (status == SUCCESS ? (*p) : NULL); } /*---------*/ static zend_always_inline void *zend_hash_str_find_ptr(const HashTable *ht , const char *str, size_t len) { int status; void **p; char *strn = _compat_dup_str(str, len, 0); status = zend_hash_find(ht, strn, len + 1, (void **)(&p)); efree(strn); return (status == SUCCESS ? (*p) : NULL); } /*---------*/ static zend_always_inline void *zend_hash_index_find_ptr(const HashTable *ht , zend_ulong h) { int status; void **p; status = zend_hash_index_find(ht, h, (void **)(&p)); return (status == SUCCESS ? (*p) : NULL); } /*---------*/ static zend_always_inline zend_bool compat_zend_hash_exists(const HashTable *ht , zend_string *key) { return zend_hash_quick_exists(ht, ZSTR_VAL(key), (uint)(ZSTR_LEN(key) + 1) , (ulong)ZSTR_HASH(key)); } /*---------*/ static zend_always_inline zend_bool compat_zend_hash_str_exists(const HashTable *ht , const char *str, size_t len) { zend_bool status; char *strn = _compat_dup_str(str, len, 0); status = zend_hash_exists(ht, strn, (uint)(len + 1)); efree(strn); return status; } /*---------*/ /* Changes from original version: - Returns a zend_string - If key is a string, returned zend_string must be released. */ static zend_always_inline int compat_zend_hash_get_current_key_ex(const HashTable *ht , zend_string **str_index, zend_ulong *num_index, HashPosition *pos) { int status; char *str; uint str_length; ulong num; status = zend_hash_get_current_key_ex(ht, &str, &str_length, &num, 0, pos); if (status == HASH_KEY_IS_STRING) { (*str_index) = zend_string_init(str, str_length - 1, ht->persistent); } else if (status == HASH_KEY_IS_LONG) { (*num_index) = (zend_ulong)num; } return status; } /*---------*/ /* Diff with original : - Type casts - Return string length, without trailing null */ static zend_always_inline int compat_zend_hash_str_get_current_key_ex(const HashTable *ht , char **str_index, size_t *str_length, zend_ulong *num_index , zend_bool duplicate, HashPosition *pos) { int status; uint length; ulong num; status = zend_hash_get_current_key_ex(ht, str_index, &length, &num, duplicate, pos); if (status == HASH_KEY_IS_STRING) { (*str_length) = (size_t)(length - 1); } else if (status == HASH_KEY_IS_LONG) { (*num_index) = (zend_ulong)num; } return status; } /*---------*/ static zend_always_inline void *compat_zend_hash_get_current_data_ptr_ex(HashTable *ht , HashPosition *pos) { int status; void **p; status = zend_hash_get_current_data_ex(ht, (void **)(&p), pos); return ((status == SUCCESS) ? (*p) : NULL); } #define compat_zend_hash_get_current_data_ptr(ht) \ compat_zend_hash_get_current_data_ptr_ex(ht, NULL) /*---------*/ static zend_always_inline void *compat_zend_hash_get_current_data_ex(HashTable *ht , HashPosition *pos) { int status; void **p; status = zend_hash_get_current_data_ex(ht, (void **)(&p), pos); return ((status == SUCCESS) ? p : NULL); } #define compat_zend_hash_get_current_data(ht) \ compat_zend_hash_get_current_data_ex(ht, NULL) #define compat_zend_hash_get_current_zval_ex(ht, pos) \ *((zval **)compat_zend_hash_get_current_data_ex(ht, pos)) #define compat_zend_hash_get_current_zval(ht) \ compat_zend_hash_get_current_zval_ex(ht, NULL) /*------------------------------------------------------------*/ #define ZEND_HASH_FOREACH(_ht, indirect) do { \ HashPosition _pos; \ for (zend_hash_internal_pointer_reset_ex(_ht, &_pos) \ ;;zend_hash_move_forward_ex(_ht, &_pos)) { \ if (zend_hash_has_more_elements_ex(_ht, &_pos) != SUCCESS) break; #define ZEND_HASH_FOREACH_END() \ } \ } while (0) #define ZEND_HASH_FOREACH_PTR(_ht, _ptr) \ ZEND_HASH_FOREACH(_ht, 0); \ _ptr = compat_zend_hash_get_current_data_ptr_ex(_ht, &_pos); #define ZEND_HASH_FOREACH_NUM_KEY(_ht, _h) \ ZEND_HASH_FOREACH(_ht, 0); \ compat_zend_hash_get_current_key_ex(_ht, NULL, &_h, &_pos); #define ZEND_HASH_FOREACH_NUM_KEY_PTR(_ht, _h, _ptr) \ ZEND_HASH_FOREACH(_ht, 0); \ _ptr = compat_zend_hash_get_current_data_ptr_ex(_ht, &_pos); \ compat_zend_hash_get_current_key_ex(_ht, NULL, &_h, &_pos); /*============================================================================*/ #endif /* PHP_7 */ #endif /* _COMPAT_ZEND_HASH_H */ radius-1.4.0b1/pecl-compat/src/zend_resource.h0000644000076600000240000001163312660365266020604 0ustar aharveystaff/* +----------------------------------------------------------------------+ | Compatibility macros for different PHP versions | +----------------------------------------------------------------------+ | Copyright (c) 2016 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | | available through the world-wide-web at the following url: | | http://www.php.net/license/3_01.txt. | | If you did not receive a copy of the PHP license and are unable to | | obtain it through the world-wide-web, please send a note to | | license@php.net so we can mail you a copy immediately. | +----------------------------------------------------------------------+ | Author: Adam Harvey | +----------------------------------------------------------------------+ */ #ifndef _COMPAT_ZEND_RESOURCE_H #define _COMPAT_ZEND_RESOURCE_H /* * The PHP 5 and PHP 7 resource APIs use the same function names for mutually * incompatible functions, which is unfortunate. A simple version of the PHP 5 * macro API can be implemented on top of the PHP 7 API, but not vice versa * (since, for example, zend_register_resource() in PHP 5 also sets the zval, * which is a separate action in PHP 7). * * Instead of using preprocessor trickery to try to mangle things into a sane * API, I've implemented a minimal API that supports basic resource handling * and delegates appropriately on both versions. * * Destructors should be registered using the normal * zend_register_list_destructors() or zend_register_list_destructors_ex() * functions. The destructor function should take a "zend_resource *" (there is * an appropriate typedef in the PHP 5 section to make this work); as only a * subset of fields are available across PHP versions, this should be treated * as this struct in effect: * * typedef struct { * void *ptr; * int type; * } zend_resource; * * Accessing other fields will likely result in compilation errors and/or * segfaults. */ /** * Deletes the resource. * * On PHP 5, this is equivalent to zend_list_delete(Z_LVAL_P(zv)). * On PHP 7, this is equivalent to zend_list_close(Z_RES_P(zv)). * * @param zv The IS_RESOURCE zval to delete. */ static void compat_zend_delete_resource(const zval *zv TSRMLS_DC); /** * Fetches the resource. * * This API does not support the default ID that's possible with the PHP 5 * zend_fetch_resource() API, and will always set that value to -1. * * @param zv The IS_RESOURCE zval to fetch. * @param rsrc_type_name The type name to use in error messages. * @param rsrc_type The resource type ID. * @return A void pointer to the resource, which needs to be typecast, or NULL * on error. */ static void *compat_zend_fetch_resource(zval *zv, const char *rsrc_type_name, int rsrc_type TSRMLS_DC); /** * Registers a new resource. * * @param zv The zval to set to IS_RESOURCE with the new resource value. * @param ptr A void pointer to the resource. * @param rsrc_type The resource type ID. */ static void compat_zend_register_resource(zval *zv, void *ptr, int rsrc_type TSRMLS_DC); #ifdef PHP_7 /*============================================================================*/ static void compat_zend_delete_resource(const zval *zv TSRMLS_DC) { if (IS_RESOURCE != Z_TYPE_P(zv)) { return; } zend_list_close(Z_RES_P(zv)); } static void *compat_zend_fetch_resource(zval *zv, const char *rsrc_type_name, int rsrc_type TSRMLS_DC) { if (IS_RESOURCE != Z_TYPE_P(zv)) { return NULL; } return zend_fetch_resource(Z_RES_P(zv), rsrc_type_name, rsrc_type); } static void compat_zend_register_resource(zval *zv, void *ptr, int rsrc_type TSRMLS_DC) { ZVAL_RES(zv, zend_register_resource(ptr, rsrc_type)); } #else /*== PHP 5 ===================================================================*/ /* Used for destructors. */ typedef zend_rsrc_list_entry zend_resource; static void compat_zend_delete_resource(const zval *zv TSRMLS_DC) { if (IS_RESOURCE != Z_TYPE_P(zv)) { return; } zend_list_delete(Z_LVAL_P(zv)); } static void *compat_zend_fetch_resource(zval *zv, const char *rsrc_type_name, int rsrc_type TSRMLS_DC) { #if ZEND_MODULE_API_NO >= 20100412 return zend_fetch_resource(&zv TSRMLS_CC, -1, rsrc_type_name, NULL, 1, rsrc_type); #else return zend_fetch_resource(&zv TSRMLS_CC, -1, (char *)rsrc_type_name, NULL, 1, rsrc_type); #endif } static void compat_zend_register_resource(zval *zv, void *ptr, int rsrc_type TSRMLS_DC) { ZEND_REGISTER_RESOURCE(zv, ptr, rsrc_type); } #endif /* PHP_7 */ /*============================================================================*/ #endif /* _COMPAT_ZEND_RESOURCE_H */ radius-1.4.0b1/pecl-compat/src/zend_string.h0000644000076600000240000001601212660365266020257 0ustar aharveystaff/* +----------------------------------------------------------------------+ | zend_string compatibility layer for PHP 5 & 7 | +----------------------------------------------------------------------+ | Copyright (c) 2005-2007 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | | available through the world-wide-web at the following url: | | http://www.php.net/license/3_01.txt. | | If you did not receive a copy of the PHP license and are unable to | | obtain it through the world-wide-web, please send a note to | | license@php.net so we can mail you a copy immediately. | +----------------------------------------------------------------------+ | Author: Francois Laupretre | +----------------------------------------------------------------------+ */ #ifndef _COMPAT_ZEND_STRING_H #define _COMPAT_ZEND_STRING_H #ifdef PHP_7 /*============================================================================*/ #include "zend_string.h" #ifndef ZSTR_IS_PERSISTENT # define ZSTR_IS_PERSISTENT(s) (GC_FLAGS(s) & IS_STR_PERSISTENT) #endif #else /*============================================================================*/ /*---- zend_string for PHP 5 ----*/ struct _zend_string { int persistent; int hash_is_set; /* needed because computed hash may be null */ zend_ulong h; /* hash value */ uint32_t refcount; size_t len; char val[1]; }; typedef struct _zend_string zend_string; /* Shortcuts */ #define ZSTR_VAL(zstr) (zstr)->val #define ZSTR_LEN(zstr) (zstr)->len #define ZSTR_H(zstr) (zstr)->h #define ZSTR_HASH(zstr) zend_string_hash_val(zstr) #define _ZSTR_HEADER_SIZE XtOffsetOf(zend_string, val) #define _ZSTR_STRUCT_SIZE(len) (_ZSTR_HEADER_SIZE + len + 1) #define ZSTR_IS_PERSISTENT(s) (s->persistent) /*---------*/ static zend_always_inline uint32_t zend_string_refcount(zend_string *s) { return (s->refcount); } /*---------*/ static zend_always_inline uint32_t zend_string_addref(zend_string *s) { return ++(s->refcount); } /*---------*/ static zend_always_inline uint32_t zend_string_delref(zend_string *s) { return --(s->refcount); } /*---------*/ static zend_always_inline zend_ulong zend_string_hash_val(zend_string *s) { char c, *p; if (! s->hash_is_set) { /* Compute with terminating null but preserve string */ p = &(ZSTR_VAL(s)[ZSTR_LEN(s)]); c = (*p); (*p) = '\0'; ZSTR_H(s) = zend_get_hash_value(ZSTR_VAL(s), ZSTR_LEN(s)+1); (*p) = c; s->hash_is_set = 1; } return ZSTR_H(s); } /*---------*/ static zend_always_inline void zend_string_forget_hash_val(zend_string *s) { s->hash_is_set = 0; ZSTR_H(s) = 0; /* Security */ } /*---------*/ static zend_always_inline zend_string *zend_string_alloc(size_t len, int persistent) { zend_string *ret = (zend_string *)pemalloc(ZEND_MM_ALIGNED_SIZE(_ZSTR_STRUCT_SIZE(len)), persistent); ret->persistent = persistent; zend_string_forget_hash_val(ret); ret->refcount = 1; ZSTR_LEN(ret) = len; return ret; } /*---------*/ static zend_always_inline zend_string *zend_string_safe_alloc(size_t n , size_t m, size_t l, int persistent) { zend_string *ret = (zend_string *)safe_pemalloc(n, m, ZEND_MM_ALIGNED_SIZE(_ZSTR_STRUCT_SIZE(l)), persistent); ret->persistent = persistent; zend_string_forget_hash_val(ret); ret->refcount = 1; ZSTR_LEN(ret) = l; return ret; } /*---------*/ static zend_always_inline zend_string *zend_string_init(const char *str, size_t len, int persistent) { zend_string *ret = zend_string_alloc(len, persistent); memcpy(ZSTR_VAL(ret), str, len); ZSTR_VAL(ret)[len] = '\0'; return ret; } /*---------*/ static zend_always_inline zend_string *zend_string_dup(zend_string *s, int persistent) { zend_string *target; target = zend_string_init(ZSTR_VAL(s), ZSTR_LEN(s), persistent); if (s->hash_is_set) { ZSTR_H(target) = ZSTR_H(s); target->hash_is_set = 1; } return target; } /*---------*/ static zend_always_inline zend_string *zend_string_realloc(zend_string *s , size_t len, int persistent) { zend_string *ret; if (EXPECTED(s->refcount == 1)) { ret = (zend_string *)perealloc(s, ZEND_MM_ALIGNED_SIZE(_ZSTR_STRUCT_SIZE(len)), persistent); ZSTR_LEN(ret) = len; zend_string_forget_hash_val(ret); return ret; } zend_string_delref(s); ret = zend_string_alloc(len, persistent); memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), MIN(len, ZSTR_LEN(s)) + 1); return ret; } /*---------*/ static zend_always_inline zend_string *zend_string_extend(zend_string *s , size_t len, int persistent) { zend_string *ret; ZEND_ASSERT(len >= ZSTR_LEN(s)); if (EXPECTED(s->refcount == 1)) { ret = (zend_string *)perealloc(s, ZEND_MM_ALIGNED_SIZE(_ZSTR_STRUCT_SIZE(len)), persistent); ZSTR_LEN(ret) = len; zend_string_forget_hash_val(ret); return ret; } zend_string_delref(s); ret = zend_string_alloc(len, persistent); memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), ZSTR_LEN(s) + 1); return ret; } /*---------*/ static zend_always_inline zend_string *zend_string_truncate(zend_string *s , size_t len, int persistent) { zend_string *ret; ZEND_ASSERT(len <= ZSTR_LEN(s)); if (EXPECTED(s->refcount == 1)) { ret = (zend_string *)perealloc(s, ZEND_MM_ALIGNED_SIZE(_ZSTR_STRUCT_SIZE(len)), persistent); ZSTR_LEN(ret) = len; zend_string_forget_hash_val(ret); return ret; } zend_string_delref(s); ret = zend_string_alloc(len, persistent); memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), len + 1); return ret; } /*---------*/ static zend_always_inline zend_string *zend_string_safe_realloc(zend_string *s , size_t n, size_t m, size_t l, int persistent) { zend_string *ret; if (EXPECTED(s->refcount == 1)) { ret = (zend_string *)safe_perealloc(s, n, m, ZEND_MM_ALIGNED_SIZE(_ZSTR_STRUCT_SIZE(l)), persistent); ZSTR_LEN(ret) = (n * m) + l; zend_string_forget_hash_val(ret); return ret; } zend_string_delref(s); ret = zend_string_safe_alloc(n, m, l, persistent); memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), MIN((n * m) + l, ZSTR_LEN(s)) + 1); return ret; } /*---------*/ static zend_always_inline void zend_string_free(zend_string *s) { if (s) { pefree(s, s->persistent); } } /*---------*/ static zend_always_inline void zend_string_release(zend_string *s) { if (s) { s->refcount--; if (s->refcount == 0) { zend_string_free(s); } } } /*---------*/ static zend_always_inline zend_string *zend_string_copy(zend_string *s) { zend_string_addref(s); return (s); } /*---------*/ static zend_always_inline zend_bool zend_string_equals(zend_string *s1, zend_string *s2) { return s1 == s2 || (s1->len == s2->len && !memcmp(s1->val, s2->val, s1->len)); } #define zend_string_equals_literal(str, literal) \ ((str)->len == sizeof(literal)-1 && !memcmp((str)->val, literal, sizeof(literal) - 1)) #endif /* PHP_7 */ #endif /* _COMPAT_ZEND_STRING_H */ radius-1.4.0b1/pecl-compat/compat.h0000644000076600000240000000532112660365266016426 0ustar aharveystaff/* +----------------------------------------------------------------------+ | Compatibility macros for different PHP versions | +----------------------------------------------------------------------+ | Copyright (c) 2015 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | | available through the world-wide-web at the following url: | | http://www.php.net/license/3_01.txt. | | If you did not receive a copy of the PHP license and are unable to | | obtain it through the world-wide-web, please send a note to | | license@php.net so we can mail you a copy immediately. | +----------------------------------------------------------------------+ | Author: Francois Laupretre | +----------------------------------------------------------------------+ */ #ifndef _COMPAT_H #define _COMPAT_H #define PECL_COMPAT_VERSION 1.2 #include #include #include #include "php.h" #include "zend.h" #include "zend_extensions.h" #include "zend_API.h" #define PHP_5_0_X_API_NO 220040412 #define PHP_5_1_X_API_NO 220051025 #define PHP_5_2_X_API_NO 220060519 #define PHP_5_3_X_API_NO 220090626 #define PHP_5_4_X_API_NO 220100525 #define PHP_5_5_X_API_NO 220121212 #define PHP_5_6_X_API_NO 220131226 #if PHP_MAJOR_VERSION >= 7 # define PHP_7 #endif #ifdef HAVE_CONFIG_H # include "config.h" #endif #if HAVE_STRING_H # include #endif #ifdef HAVE_SYS_TYPES_H # include #endif #ifdef PHP_WIN32 # include "win32/time.h" #elif defined(NETWARE) # include # include #else # include #endif #ifdef HAVE_SYS_RESOURCE_H # include #endif #ifdef HAVE_STDARG_H #include #endif #ifdef HAVE_STDLIB_H # include #endif #ifdef HAVE_UNISTD_H # include #endif #ifdef HAVE_SYS_STAT_H # include #endif #ifdef PHP_WIN32 #include #else #include #endif #if ZEND_EXTENSION_API_NO >= PHP_5_6_X_API_NO #include "zend_virtual_cwd.h" #else #include "TSRM/tsrm_virtual_cwd.h" #endif #ifdef PHP_7 #include "Zend/zend_portability.h" #endif /*-- Include submodules */ #include "src/misc.h" #include "src/zend_string.h" #include "src/zend_hash.h" #include "src/zend_API.h" #include "src/zend_resource.h" #endif /* _COMPAT_H */ radius-1.4.0b1/tests/server/attribute.php0000644000076600000240000001005212660365266017747 0ustar aharveystaff */ namespace RADIUS\FakeServer\Attribute; /** An attribute in a RADIUS request or response. */ class Attribute { /** * The number of bytes consumed when parsing. * * @var integer $consumed */ var $consumed; /** * Whether the attribute is salted. * * @var boolean $salted */ var $salted = false; /** * An optional attribute tag. * * @var integer $tag */ var $tag; /** * The attribute type. * * @var integer $type */ var $type; /** * The attribute value. * * @var string $value */ var $value; /** * Serialises the attribute into the RADIUS wire structure. * * @return string */ function serialise() { return pack('CC', $this->type, strlen($this->value) + 2).$this->value; } } /** * Compares two attributes for equality. * * @param Attribute $expected * @param Attribute $actual * @return boolean */ function compare($expected, $actual) { if (is_a($expected, 'VendorSpecificAttribute')) { if (!is_a($actual, 'VendorSpecificAttribute')) { return false; } if ($expected->salted) { $expectedLength = (16 * ceil(strlen($expected->value) / 16) + 3); if ($expected->tag) { $tag = unpack('Ctag', $actual->value); return (($expected->type == $actual->type) && (strlen($actual->value) == $expectedLength + 1) && ($expected->tag == $tag['tag'])); } else { return (($expected->type == $actual->type) && (strlen($actual->value) == $expectedLength)); } } else { return ($expected->type == $actual->type) && ($expected->value == $actual->value) && ($expected->vendorId == $actual->vendorId) && ($expected->vendorType == $actual->vendorType); } $expectedLength = (16 * ceil(strlen($expected->value) / 16) + 3); if ($expected->tag) { $tag = unpack('Ctag', $actual->value); return (($expected->type == $actual->type) && (strlen($actual->value) == $expectedLength + 1) && ($expected->tag == $tag['tag'])); } else { return (($expected->type == $actual->type) && (strlen($actual->value) == $expectedLength)); } } elseif ($expected->salted) { $expectedLength = (16 * ceil(strlen($expected->value) / 16) + 3); if ($expected->tag) { $tag = unpack('Ctag', $actual->value); return (($expected->type == $actual->type) && (strlen($actual->value) == $expectedLength + 1) && ($expected->tag == $tag['tag'])); } else { return (($expected->type == $actual->type) && (strlen($actual->value) == $expectedLength)); } } else { return ($expected->type == $actual->type) && ($expected->value == $actual->value); } } /** * Creates an attribute with the given type and value. * * @param integer $type * @param string $value * @param integer $tag * @return Attribute */ function expect($type, $value, $tag = null, $salted = false) { $attribute = new Attribute; $attribute->salted = $salted; $attribute->type = $type; if (!is_null($tag)) { $attribute->tag = $tag; $attribute->value = pack('C', $tag).$value; } else { $attribute->value = $value; } return $attribute; } /** * Parses the given attribute from a RADIUS packet. * * The error checking here is minimal, to say the least. We don't even * check the size field is valid. * * @param string $raw * @return Attribute */ function parse($raw) { $attribute = new Attribute; $data = unpack('Ctype/Csize', $raw); if ($data['type'] == RADIUS_VENDOR_SPECIFIC) { return \RADIUS\FakeServer\VendorSpecificAttribute\parse($raw); } $attribute->consumed = $data['size']; $attribute->type = $data['type']; $attribute->value = substr($raw, 2, $data['size'] - 2); return $attribute; } // vim: set ts=4 sw=4 et: radius-1.4.0b1/tests/server/fake_server.php0000644000076600000240000002152412660365266020246 0ustar aharveystaff */ namespace RADIUS\FakeServer; require __DIR__.'/attribute.php'; require __DIR__.'/vsa.php'; /** A RADIUS request. */ class Request { /** * The request attributes. * * @var Attribute[] $attributes */ var $attributes = array(); /** * The authenticator field from the packet. * * @var string $authenticator */ var $authenticator; /** * The request code. * * @var integer $code */ var $code; /** * The request identifier. * * @var integer $id */ var $id; /** * The raw request data. * * @var string $raw */ var $raw; /** * Compares an actual request to its expected values. * * If the comparison fails, the error message is printed. * * @param Request $expected * @param Request $actual * @return boolean */ static function compare($expected, $actual) { if ($expected->code != $actual->code) { printf("Expected code %d does not match actual code %d\n", $expected->code, $actual->code); return false; } foreach ($expected->attributes as $attribute) { $found = false; foreach ($actual->attributes as $actual_attr) { if (\RADIUS\FakeServer\Attribute\compare($attribute, $actual_attr)) { $found = true; break; } } if (!$found) { printf("Expected attribute %d with value '%s' not found in attribute set\n", $attribute->type, bin2hex($attribute->value)); return false; } } return true; } /** * Creates a new Request with the given code and attributes. * * @param integer $code * @param Attribute[] $attributes * @return Request */ static function expect($code, $attributes = array()) { $request = new Request; $request->code = $code; $request->attributes = $attributes; return $request; } /** * Parses a RADIUS request packet. * * @param string $raw * @return Request */ static function parse($raw) { $request = new Request; $data = unpack('Ccode/Cid/nsize', $raw); $request->raw = $raw; $request->code = $data['code']; $request->id = $data['id']; $request->authenticator = substr($raw, 4, 16); $attributes = substr($raw, 20); while (strlen($attributes)) { $attribute = \RADIUS\FakeServer\Attribute\parse($attributes); $attributes = substr($attributes, $attribute->consumed); $request->attributes[] = $attribute; } return $request; } } /** A basic RADIUS response containing arbitrary data. */ class Response { /** * The data to send. * * @var string $data */ var $data; /** * Serialises the data (which in this case means do nothing). * * @param Request $request The request being responded to. * @param string $secret The shared secret. * @return string The RADIUS response packet. */ function serialise($request, $secret) { return $this->data; } } /** A higher level RADIUS response packet that handles encoding and packing. */ class RadiusResponse extends Response { /** * The attributes to include. * * @var Attribute[] $attributes */ var $attributes; /** * The response code. * * @var integer $code */ var $code; /** * Serialises the data into a RADIUS response packet. * * @param Request $request The request being responded to. * @param string $secret The shared secret. * @return string The RADIUS response packet. */ function serialise($request, $secret) { $attributes = ''; if (is_array($this->attributes)) { foreach ($this->attributes as $attribute) { $attributes .= $attribute->serialise(); } } $header = pack('CCn', $this->code, $request->id, 20 + strlen($attributes)); $auth = md5($header.$request->authenticator.$attributes.$secret); $auth = pack('H*', $auth); return $header.$auth.$attributes; } } /** The fake RADIUS server. */ class FakeServer { /** * The address to listen at. * * @var string $address */ var $address = '127.0.0.1'; /** * The port to listen on. * * @var integer $port */ var $port = 63563; /** * The RADIUS shared secret. * * @var string $secret */ var $secret = 'This is a shared secret'; /** * The expected transactions that will occur once the server starts * handing requests. * * @access private * @var array[] $transactions */ var $transactions = array(); /** * Adds an expected transaction. * * @param Request $request The request to expect. * @param Response $response The response to issue in response to the * request. If omitted or NULL, no response will * be sent. * @return void */ function addTransaction($expectedRequest, $response = null) { $this->transactions[] = array( 'request' => clone $expectedRequest, 'response' => clone $response, ); } /** * Convenience method to create an accounting client resource for this * server. * * @return resource */ function getAcctResource() { $res = radius_acct_open(); radius_add_server($res, $this->address, $this->port, $this->secret, 5, 1); return $res; } /** * Convenience method to create an authentication client resource for this * server. * * @return resource */ function getAuthResource() { $res = radius_auth_open(); radius_add_server($res, $this->address, $this->port, $this->secret, 5, 1); return $res; } /** * Forks the server and handles requests. * * @return integer The child PID. */ function handle() { // Hook up the signal handler for the child's signal that it's ready. pcntl_signal(SIGUSR1, array($this, 'signal')); $pid = pcntl_fork(); if ($pid == 0) { $success = true; $socket = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP); socket_bind($socket, $this->address, $this->port); // Tell the parent we're good to go. posix_kill(posix_getppid(), SIGUSR1); while (count($this->transactions)) { $buffer = null; $from = null; $port = null; socket_recvfrom($socket, $buffer, 4096, 0, $from, $port); $request = Request::parse($buffer); $transaction = array_shift($this->transactions); if (Request::compare($transaction['request'], $request)) { if (!is_null($transaction['response'])) { $response = $transaction['response']->serialise($request, $this->secret); socket_sendto($socket, $response, strlen($response), 0, $from, $port); } } else { echo "ERROR: Request did not match\n"; $success = false; break; } } socket_close($socket); exit(!$success); } else { // Wait for SIGUSR1 from the child process to indicate it's // started up. If it takes more than 10 seconds, there are bigger // problems. if (sleep(10) || version_compare(phpversion(), '5.0.0', '<')) { // OK, the child is ready. return $pid; } else { echo "ERROR: Fake RADIUS server never signalled it was ready\n"; posix_kill($pid, SIGINT); return null; } } } /** * Tests if a test involving the fake server should be skipped due to PHP * lacking support for a required feature. * * @return boolean */ function skip() { return !(function_exists('socket_create') && function_exists('pcntl_fork') && function_exists('radius_acct_open')); } /** * The signal handler which does nothing, successfully. * * @param integer $signo * @return void */ function signal($signo) { } /** * Waits for the child process to finish running and returns the exit code. * * @return integer */ function wait() { pcntl_waitpid(-1, $status); return $status; } } radius-1.4.0b1/tests/server/vsa.php0000644000076600000240000000372112660365266016542 0ustar aharveystaff */ namespace RADIUS\FakeServer\VendorSpecificAttribute; use RADIUS\FakeServer\Attribute\Attribute; /** A vendor specific attribute. */ class VendorSpecificAttribute extends Attribute { /** * The vendor ID. * * @var integer $vendorId */ var $vendorId; /** * The vendor type. * * @var integer $vendorType */ var $vendorType; /** {@inheritDoc} */ function serialise() { return pack('CCNCC', $this->type, strlen($this->value) + 8, $this->vendorId, $this->vendorType, strlen($this->value) + 2); } } /** * Creates a vendor specific attribute with the given ID, type and value. * * @param integer $vendorId * @param integer $vendorType * @param string $value * @param integer $tag * @return VendorSpecificAttribute */ function expect($vendorId, $vendorType, $value, $tag = null, $salted = false) { $attribute = new VendorSpecificAttribute; $attribute->salted = $salted; $attribute->type = RADIUS_VENDOR_SPECIFIC; $attribute->vendorId = $vendorId; $attribute->vendorType = $vendorType; if (!is_null($tag)) { $attribute->tag = $tag; $attribute->value = pack('C', $tag).$value; } else { $attribute->value = $value; } return $attribute; } /** {@inheritDoc} */ function parse($raw) { $attribute = new VendorSpecificAttribute; $attribute->type = RADIUS_VENDOR_SPECIFIC; $data = unpack('Ctype/Csize/NvendorId/CvendorType/CvendorSize', $raw); if ($data['type'] != RADIUS_VENDOR_SPECIFIC) { trigger_error('VendorSpecificAttribute::parse() called for a non-VS attribute', E_USER_ERROR); } $attribute->consumed = $data['size']; $attribute->vendorId = $data['vendorId']; $attribute->vendorType = $data['vendorType']; $attribute->value = substr($raw, 8, $data['vendorSize'] - 2); return $attribute; } // vim: set ts=4 sw=4 et: radius-1.4.0b1/tests/coa.phpt0000644000076600000240000000375212660365266015375 0ustar aharveystaff--TEST-- RADIUS: RFC 3576 CoA message support --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo'), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_COA_REQUEST; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_FILTER_ID, 'filter'), ); $server->addTransaction($request, $response); $request = \RADIUS\FakeServer\Request::expect(RADIUS_COA_NAK, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_ERROR_CAUSE, pack('N', RADIUS_ERROR_CAUSE_MISSING_ATTRIBUTE)), )); $server->addTransaction($request, $response); $request = \RADIUS\FakeServer\Request::expect(RADIUS_COA_ACK, array( )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_COA_ACK; $server->addTransaction($request, $response); $server->handle(); radius_create_request($res, RADIUS_ACCESS_REQUEST); radius_put_string($res, RADIUS_USER_NAME, 'foo'); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); var_dump(radius_send_request($res) == RADIUS_COA_REQUEST); var_dump(radius_get_attr($res)); radius_create_request($res, RADIUS_COA_NAK); radius_put_int($res, RADIUS_ERROR_CAUSE, RADIUS_ERROR_CAUSE_MISSING_ATTRIBUTE); var_dump(radius_send_request($res) == RADIUS_COA_REQUEST); var_dump(radius_get_attr($res)); radius_create_request($res, RADIUS_COA_ACK); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- bool(true) array(2) { ["attr"]=> int(11) ["data"]=> string(6) "filter" } bool(true) array(2) { ["attr"]=> int(11) ["data"]=> string(6) "filter" } int(0) radius-1.4.0b1/tests/disconnect.phpt0000644000076600000240000000404512660365266016760 0ustar aharveystaff--TEST-- RADIUS: RFC 3576 disconnect message support --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo'), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_DISCONNECT_REQUEST; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_NAS_IDENTIFIER, 'NAS'), ); $server->addTransaction($request, $response); $request = \RADIUS\FakeServer\Request::expect(RADIUS_DISCONNECT_NAK, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_ERROR_CAUSE, pack('N', RADIUS_ERROR_CAUSE_MISSING_ATTRIBUTE)), )); $server->addTransaction($request, $response); $request = \RADIUS\FakeServer\Request::expect(RADIUS_DISCONNECT_ACK, array( )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_DISCONNECT_ACK; $server->addTransaction($request, $response); $server->handle(); radius_create_request($res, RADIUS_ACCESS_REQUEST); radius_put_string($res, RADIUS_USER_NAME, 'foo'); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); var_dump(radius_send_request($res) == RADIUS_DISCONNECT_REQUEST); var_dump(radius_get_attr($res)); radius_create_request($res, RADIUS_DISCONNECT_NAK); radius_put_int($res, RADIUS_ERROR_CAUSE, RADIUS_ERROR_CAUSE_MISSING_ATTRIBUTE); var_dump(radius_send_request($res) == RADIUS_DISCONNECT_REQUEST); var_dump(radius_get_attr($res)); radius_create_request($res, RADIUS_DISCONNECT_ACK); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- bool(true) array(2) { ["attr"]=> int(32) ["data"]=> string(3) "NAS" } bool(true) array(2) { ["attr"]=> int(32) ["data"]=> string(3) "NAS" } int(0) radius-1.4.0b1/tests/radius_acct_open.phpt0000644000076600000240000000042012660365266020122 0ustar aharveystaff--TEST-- radius_acct_open() --INI-- display_errors=1 error_reporting=-1 --SKIPIF-- --FILE-- --EXPECTF-- resource(%d) of type (rad_handle) radius-1.4.0b1/tests/radius_auth_open.phpt0000644000076600000240000000042012660365266020151 0ustar aharveystaff--TEST-- radius_auth_open() --INI-- display_errors=1 error_reporting=-1 --SKIPIF-- --FILE-- --EXPECTF-- resource(%d) of type (rad_handle) radius-1.4.0b1/tests/radius_close.phpt0000644000076600000240000000103012660365266017272 0ustar aharveystaff--TEST-- radius_close() --INI-- display_errors=1 error_reporting=-1 --SKIPIF-- --FILE-- --EXPECTF-- bool(true) bool(true) Warning: radius_close(): supplied resource is not a valid rad_handle resource in %s on line %d bool(false) radius-1.4.0b1/tests/radius_cvt_addr.phpt0000644000076600000240000000042612660365266017763 0ustar aharveystaff--TEST-- radius_cvt_addr() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- --EXPECT-- string(9) "127.0.0.1" radius-1.4.0b1/tests/radius_cvt_int.phpt0000644000076600000240000000037012660365266017641 0ustar aharveystaff--TEST-- radius_cvt_int() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- --EXPECT-- int(1234) radius-1.4.0b1/tests/radius_cvt_string.phpt0000644000076600000240000000040612660365266020355 0ustar aharveystaff--TEST-- radius_cvt_string() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- --EXPECT-- string(9) "127.0.0.1" radius-1.4.0b1/tests/radius_get_attr.phpt0000644000076600000240000000226712660365266020013 0ustar aharveystaff--TEST-- radius_get_attr() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo'), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); radius_create_request($res, RADIUS_ACCESS_REQUEST); radius_put_string($res, RADIUS_USER_NAME, 'foo'); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); var_dump(radius_get_attr($res)); radius_send_request($res); var_dump(radius_get_attr($res)); var_dump($server->wait()); ?> --EXPECTF-- bool(false) array(2) { ["attr"]=> int(18) ["data"]=> string(7) "Go away" } int(0) radius-1.4.0b1/tests/radius_get_tagged_attr_data.phpt0000644000076600000240000000072212660365266022311 0ustar aharveystaff--TEST-- radius_get_tagged_attr_data() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- --EXPECTF-- Notice: Empty attributes cannot have tags in %s on line %d bool(false) string(0) "" string(3) "foo" radius-1.4.0b1/tests/radius_get_tagged_attr_tag.phpt0000644000076600000240000000070112660365266022150 0ustar aharveystaff--TEST-- radius_get_tagged_attr_tag() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- --EXPECTF-- Notice: Empty attributes cannot have tags in %s on line %d bool(false) int(20) int(20) radius-1.4.0b1/tests/radius_get_vendor_attr.phpt0000644000076600000240000000124512660365266021363 0ustar aharveystaff--TEST-- radius_get_vendor_attr() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- --EXPECT-- bool(false) bool(false) array(3) { ["attr"]=> int(1) ["vendor"]=> int(311) ["data"]=> string(3) "foo" } radius-1.4.0b1/tests/radius_put_addr.phpt0000644000076600000240000000311712660365266017777 0ustar aharveystaff--TEST-- radius_put_addr() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo'), \RADIUS\FakeServer\Attribute\expect(RADIUS_NAS_IP_ADDRESS, pack('N', ip2long('127.0.0.1'))), \RADIUS\FakeServer\Attribute\expect(RADIUS_LOGIN_IP_HOST, pack('N', ip2long('0.0.0.0')), null, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_addr($res, RADIUS_NAS_IP_ADDRESS, '127.0.0.1')); var_dump(radius_put_addr($res, RADIUS_LOGIN_IP_HOST, '0.0.0.0', RADIUS_OPTION_SALT)); radius_create_request($res, RADIUS_ACCESS_REQUEST); radius_put_string($res, RADIUS_USER_NAME, 'foo'); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); var_dump(radius_put_addr($res, RADIUS_NAS_IP_ADDRESS, '127.0.0.1')); var_dump(radius_put_addr($res, RADIUS_LOGIN_IP_HOST, '0.0.0.0', RADIUS_OPTION_SALT)); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_addr_tag.phpt0000644000076600000240000000401212660365266020625 0ustar aharveystaff--TEST-- radius_put_addr() with tag --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo'), \RADIUS\FakeServer\Attribute\expect(RADIUS_NAS_IP_ADDRESS, pack('N', ip2long('127.0.0.1')), 10), \RADIUS\FakeServer\Attribute\expect(RADIUS_LOGIN_IP_HOST, pack('N', ip2long('0.0.0.0')), 10, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_addr($res, RADIUS_NAS_IP_ADDRESS, '127.0.0.1', RADIUS_OPTION_TAGGED, -1)); var_dump(radius_put_addr($res, RADIUS_NAS_IP_ADDRESS, '127.0.0.1', RADIUS_OPTION_TAGGED, 256)); var_dump(radius_put_addr($res, RADIUS_NAS_IP_ADDRESS, '127.0.0.1', RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_addr($res, RADIUS_LOGIN_IP_HOST, '0.0.0.0', RADIUS_OPTION_SALT | RADIUS_OPTION_TAGGED, 10)); radius_create_request($res, RADIUS_ACCESS_REQUEST); radius_put_string($res, RADIUS_USER_NAME, 'foo'); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); var_dump(radius_put_addr($res, RADIUS_NAS_IP_ADDRESS, '127.0.0.1', RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_addr($res, RADIUS_LOGIN_IP_HOST, '0.0.0.0', RADIUS_OPTION_SALT | RADIUS_OPTION_TAGGED, 10)); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- Notice: Tag must be between 0 and 255 in %s on line %d bool(false) Notice: Tag must be between 0 and 255 in %s on line %d bool(false) bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_attr.phpt0000644000076600000240000000260612660365266020041 0ustar aharveystaff--TEST-- radius_put_attr() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo'), \RADIUS\FakeServer\Attribute\expect(RADIUS_LOGIN_IP_HOST, 'bar', null, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_attr($res, RADIUS_USER_NAME, 'foo')); var_dump(radius_put_attr($res, RADIUS_LOGIN_IP_HOST, 'bar', RADIUS_OPTION_SALT)); radius_create_request($res, RADIUS_ACCESS_REQUEST); var_dump(radius_put_attr($res, RADIUS_USER_NAME, 'foo')); var_dump(radius_put_attr($res, RADIUS_LOGIN_IP_HOST, 'bar', RADIUS_OPTION_SALT)); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_attr_tag.phpt0000644000076600000240000000345312660365266020675 0ustar aharveystaff--TEST-- radius_put_attr() with tag --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo', 10), \RADIUS\FakeServer\Attribute\expect(RADIUS_LOGIN_IP_HOST, 'bar', 10, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_attr($res, RADIUS_USER_NAME, 'foo', RADIUS_OPTION_TAGGED, -1)); var_dump(radius_put_attr($res, RADIUS_USER_NAME, 'foo', RADIUS_OPTION_TAGGED, 256)); var_dump(radius_put_attr($res, RADIUS_USER_NAME, 'foo', RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_attr($res, RADIUS_LOGIN_IP_HOST, 'bar', RADIUS_OPTION_SALT | RADIUS_OPTION_TAGGED, 10)); radius_create_request($res, RADIUS_ACCESS_REQUEST); var_dump(radius_put_attr($res, RADIUS_USER_NAME, 'foo', RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_attr($res, RADIUS_LOGIN_IP_HOST, 'bar', RADIUS_OPTION_SALT | RADIUS_OPTION_TAGGED, 10)); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- Notice: Tag must be between 0 and 255 in %s on line %d bool(false) Notice: Tag must be between 0 and 255 in %s on line %d bool(false) bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_int.phpt0000644000076600000240000000300512660365266017653 0ustar aharveystaff--TEST-- radius_put_int() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo'), \RADIUS\FakeServer\Attribute\expect(RADIUS_NAS_PORT, pack('N', 1234)), \RADIUS\FakeServer\Attribute\expect(RADIUS_LOGIN_TCP_PORT, pack('N', 2345), null, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_int($res, RADIUS_NAS_PORT, 1234)); var_dump(radius_put_int($res, RADIUS_LOGIN_TCP_PORT, 2345, RADIUS_OPTION_SALT)); radius_create_request($res, RADIUS_ACCESS_REQUEST); radius_put_string($res, RADIUS_USER_NAME, 'foo'); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); var_dump(radius_put_int($res, RADIUS_NAS_PORT, 1234)); var_dump(radius_put_int($res, RADIUS_LOGIN_TCP_PORT, 2345, RADIUS_OPTION_SALT)); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_int_tag.phpt0000644000076600000240000000364412660365266020517 0ustar aharveystaff--TEST-- radius_put_int() with tag --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo'), \RADIUS\FakeServer\Attribute\expect(RADIUS_NAS_PORT, pack('N', 1234), 10), \RADIUS\FakeServer\Attribute\expect(RADIUS_LOGIN_TCP_PORT, pack('N', 2345), 10, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_int($res, RADIUS_NAS_PORT, 1234, RADIUS_OPTION_TAGGED, -1)); var_dump(radius_put_int($res, RADIUS_NAS_PORT, 1234, RADIUS_OPTION_TAGGED, 256)); var_dump(radius_put_int($res, RADIUS_NAS_PORT, 1234, RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_int($res, RADIUS_LOGIN_TCP_PORT, 2345, RADIUS_OPTION_SALT | RADIUS_OPTION_TAGGED, 10)); radius_create_request($res, RADIUS_ACCESS_REQUEST); radius_put_string($res, RADIUS_USER_NAME, 'foo'); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); var_dump(radius_put_int($res, RADIUS_NAS_PORT, 1234, RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_int($res, RADIUS_LOGIN_TCP_PORT, 2345, RADIUS_OPTION_SALT | RADIUS_OPTION_TAGGED, 10)); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- Notice: Tag must be between 0 and 255 in %s on line %d bool(false) Notice: Tag must be between 0 and 255 in %s on line %d bool(false) bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_string.phpt0000644000076600000240000000272512660365266020377 0ustar aharveystaff--TEST-- radius_put_string() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo'), \RADIUS\FakeServer\Attribute\expect(RADIUS_LOGIN_IP_HOST, 'abcdefghijklmnopqrstuvwxyz', null, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_string($res, RADIUS_USER_NAME, 'foo')); var_dump(radius_put_string($res, RADIUS_LOGIN_IP_HOST, 'abcdefghijklmnopqrstuvwxyz', RADIUS_OPTION_SALT)); radius_create_request($res, RADIUS_ACCESS_REQUEST); var_dump(radius_put_string($res, RADIUS_USER_NAME, 'foo')); var_dump(radius_put_string($res, RADIUS_LOGIN_IP_HOST, 'abcdefghijklmnopqrstuvwxyz', RADIUS_OPTION_SALT)); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_string_tag.phpt0000644000076600000240000000357612660365266021237 0ustar aharveystaff--TEST-- radius_put_string() with tag --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo', 10), \RADIUS\FakeServer\Attribute\expect(RADIUS_LOGIN_IP_HOST, 'abcdefghijklmnopqrstuvwxyz', 10, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_string($res, RADIUS_USER_NAME, 'foo', RADIUS_OPTION_TAGGED, -1)); var_dump(radius_put_string($res, RADIUS_USER_NAME, 'foo', RADIUS_OPTION_TAGGED, 256)); var_dump(radius_put_string($res, RADIUS_USER_NAME, 'foo', RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_string($res, RADIUS_LOGIN_IP_HOST, 'abcdefghijklmnopqrstuvwxyz', RADIUS_OPTION_SALT | RADIUS_OPTION_TAGGED, 10)); radius_create_request($res, RADIUS_ACCESS_REQUEST); var_dump(radius_put_string($res, RADIUS_USER_NAME, 'foo', RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_string($res, RADIUS_LOGIN_IP_HOST, 'abcdefghijklmnopqrstuvwxyz', RADIUS_OPTION_SALT | RADIUS_OPTION_TAGGED, 10)); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- Notice: Tag must be between 0 and 255 in %s on line %d bool(false) Notice: Tag must be between 0 and 255 in %s on line %d bool(false) bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_vendor_addr.phpt0000644000076600000240000000362312660365266021356 0ustar aharveystaff--TEST-- radius_put_vendor_addr() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo'), \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, pack('N', ip2long('127.0.0.1'))), \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, pack('N', ip2long('127.0.0.1')), null, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_vendor_addr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, '127.0.0.1')); var_dump(radius_put_vendor_addr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, '127.0.0.1', RADIUS_OPTION_SALT)); radius_create_request($res, RADIUS_ACCESS_REQUEST); radius_put_string($res, RADIUS_USER_NAME, 'foo'); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); var_dump(radius_put_vendor_addr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, '127.0.0.1')); var_dump(radius_put_vendor_addr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, '127.0.0.1', RADIUS_OPTION_SALT)); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_vendor_addr_tag.phpt0000644000076600000240000000465412660365266022216 0ustar aharveystaff--TEST-- radius_put_vendor_addr() with tag --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo'), \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, pack('N', ip2long('127.0.0.1')), 10), \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, pack('N', ip2long('127.0.0.1')), 10, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_vendor_addr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, '127.0.0.1', RADIUS_OPTION_TAGGED, -1)); var_dump(radius_put_vendor_addr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, '127.0.0.1', RADIUS_OPTION_TAGGED, 256)); var_dump(radius_put_vendor_addr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, '127.0.0.1', RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_vendor_addr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, '127.0.0.1', RADIUS_OPTION_SALT|RADIUS_OPTION_TAGGED, 10)); radius_create_request($res, RADIUS_ACCESS_REQUEST); radius_put_string($res, RADIUS_USER_NAME, 'foo'); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); var_dump(radius_put_vendor_addr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, '127.0.0.1', RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_vendor_addr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, '127.0.0.1', RADIUS_OPTION_SALT|RADIUS_OPTION_TAGGED, 10)); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- Notice: Tag must be between 0 and 255 in %s on line %d bool(false) Notice: Tag must be between 0 and 255 in %s on line %d bool(false) bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_vendor_attr.phpt0000644000076600000240000000326312660365266021416 0ustar aharveystaff--TEST-- radius_put_vendor_attr() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor'), \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', null, 10), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor')); var_dump(radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_SALT)); radius_create_request($res, RADIUS_ACCESS_REQUEST); var_dump(radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor')); var_dump(radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_SALT)); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_vendor_attr_tag.phpt0000644000076600000240000000431212660365266022245 0ustar aharveystaff--TEST-- radius_put_vendor_attr() with tag --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', 10), \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, 'vendor', 10, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_TAGGED, -1)); var_dump(radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_TAGGED, 256)); var_dump(radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, 'foo', RADIUS_OPTION_SALT|RADIUS_OPTION_TAGGED, 10)); radius_create_request($res, RADIUS_ACCESS_REQUEST); var_dump(radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_vendor_attr($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER, 'foo', RADIUS_OPTION_SALT|RADIUS_OPTION_TAGGED, 10)); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- Notice: Tag must be between 0 and 255 in %s on line %d bool(false) Notice: Tag must be between 0 and 255 in %s on line %d bool(false) bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_vendor_int.phpt0000644000076600000240000000345012660365266021234 0ustar aharveystaff--TEST-- radius_put_vendor_int() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo'), \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, pack('N', 1234)), \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, pack('N', 1234), null, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_vendor_int($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, 1234)); var_dump(radius_put_vendor_int($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, 1234, RADIUS_OPTION_SALT)); radius_create_request($res, RADIUS_ACCESS_REQUEST); radius_put_string($res, RADIUS_USER_NAME, 'foo'); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); var_dump(radius_put_vendor_int($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, 1234)); var_dump(radius_put_vendor_int($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, 1234, RADIUS_OPTION_SALT)); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_vendor_int_tag.phpt0000644000076600000240000000444312660365266022072 0ustar aharveystaff--TEST-- radius_put_vendor_int() with tag --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\Attribute\expect(RADIUS_USER_NAME, 'foo'), \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, pack('N', 1234), 10), \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, pack('N', 1234), 10, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_vendor_int($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, 1234, RADIUS_OPTION_TAGGED, -1)); var_dump(radius_put_vendor_int($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, 1234, RADIUS_OPTION_TAGGED, 256)); var_dump(radius_put_vendor_int($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, 1234, RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_vendor_int($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, 1234, RADIUS_OPTION_SALT|RADIUS_OPTION_TAGGED, 10)); radius_create_request($res, RADIUS_ACCESS_REQUEST); radius_put_string($res, RADIUS_USER_NAME, 'foo'); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); var_dump(radius_put_vendor_int($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, 1234, RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_vendor_int($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VERSION, 1234, RADIUS_OPTION_SALT|RADIUS_OPTION_TAGGED, 10)); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- Notice: Tag must be between 0 and 255 in %s on line %d bool(false) Notice: Tag must be between 0 and 255 in %s on line %d bool(false) bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_vendor_string.phpt0000644000076600000240000000327712660365266021757 0ustar aharveystaff--TEST-- radius_put_vendor_string() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor'), \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', null, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_vendor_string($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor')); var_dump(radius_put_vendor_string($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_SALT)); radius_create_request($res, RADIUS_ACCESS_REQUEST); var_dump(radius_put_vendor_string($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor')); var_dump(radius_put_vendor_string($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_SALT)); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_put_vendor_string_tag.phpt0000644000076600000240000000430612660365266022604 0ustar aharveystaff--TEST-- radius_put_vendor_string() with tag --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- getAuthResource(); $request = \RADIUS\FakeServer\Request::expect(RADIUS_ACCESS_REQUEST, array( \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', 10), \RADIUS\FakeServer\VendorSpecificAttribute\expect(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', 10, true), )); $response = new \RADIUS\FakeServer\RadiusResponse; $response->code = RADIUS_ACCESS_REJECT; $response->attributes = array( \RADIUS\FakeServer\Attribute\expect(RADIUS_REPLY_MESSAGE, 'Go away'), ); $server->addTransaction($request, $response); $server->handle(); var_dump(radius_put_vendor_string($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_TAGGED, -1)); var_dump(radius_put_vendor_string($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_TAGGED, 256)); var_dump(radius_put_vendor_string($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_vendor_string($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_SALT|RADIUS_OPTION_TAGGED, 10)); radius_create_request($res, RADIUS_ACCESS_REQUEST); var_dump(radius_put_vendor_string($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_TAGGED, 10)); var_dump(radius_put_vendor_string($res, RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_RAS_VENDOR, 'vendor', RADIUS_OPTION_SALT|RADIUS_OPTION_TAGGED, 10)); radius_put_string($res, RADIUS_USER_PASSWORD, 'bar'); radius_send_request($res); var_dump($server->wait()); ?> --EXPECTF-- Notice: Tag must be between 0 and 255 in %s on line %d bool(false) Notice: Tag must be between 0 and 255 in %s on line %d bool(false) bool(false) bool(false) bool(true) bool(true) int(0) radius-1.4.0b1/tests/radius_request_authenticator.phpt0000644000076600000240000000045312660365266022617 0ustar aharveystaff--TEST-- radius_request_authenticator() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- --EXPECTF-- string(16) "%s" radius-1.4.0b1/tests/radius_salt_encrypt_attr.phpt0000644000076600000240000000366112660365266021742 0ustar aharveystaff--TEST-- radius_salt_encrypt_attr() --INI-- display_errors=1 error_reporting=22527 --SKIPIF-- --FILE-- --EXPECTF-- string(0) "" Warning: Cannot obtain the RADIUS server secret in %s on line %f bool(false) string(0) "" bool(true) bool(true) radius-1.4.0b1/tests/radius_server_secret.phpt0000644000076600000240000000151412660365266021047 0ustar aharveystaff--TEST-- radius_server_secret(): load from radius_add_server() --INI-- display_errors=1 error_reporting=-1 --SKIPIF-- --FILE-- --EXPECTF-- string(15) "a shared secret" bool(false) string(27) "No RADIUS servers specified" bool(false) radius-1.4.0b1/tests/radius_server_secret_config.phpt0000644000076600000240000000171512660365266022377 0ustar aharveystaff--TEST-- radius_server_secret(): load from configuration file --INI-- display_errors=1 error_reporting=-1 --SKIPIF-- --FILE-- --CLEAN-- --EXPECTF-- string(15) "a shared secret" bool(false) radius-1.4.0b1/config.m40000644000076600000240000000066012660365266014276 0ustar aharveystaffdnl $Id$ dnl config.m4 for extension radius PHP_ARG_ENABLE(radius, whether to enable radius support, dnl Make sure that the comment is aligned: [ --enable-radius Enable radius support]) if test "$PHP_RADIUS" != "no"; then AC_TRY_COMPILE([ #include ], [ u_int32_t ulongint; ulongint = 1; ], [ AC_DEFINE(HAVE_U_INT32_T, 1, [ ]) ]) PHP_NEW_EXTENSION(radius, radius.c radlib.c, $ext_shared) fi radius-1.4.0b1/config.w320000644000076600000240000000033712660365266014372 0ustar aharveystaff// $Id$ // vim:ft=javascript ARG_WITH("radius", "Radius Support", "no"); if (PHP_RADIUS == "yes") { EXTENSION("radius", "radius.c radlib.c radlib_compat.c"); AC_DEFINE('HAVE_RADIUS', 1, 'Have Radius support', false); } radius-1.4.0b1/CREDITS0000644000076600000240000000020112660365266013576 0ustar aharveystaffRADIUS Michael Bretterklieber, The FreeBSD Project http://www.freebsd.org RFC3576 support Gabriel Blanchard radius-1.4.0b1/LICENSE0000644000076600000240000000273412660365266013600 0ustar aharveystaffCopyright (c) 2003, Michael Bretterklieber All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. radius-1.4.0b1/Makefile.in0000644000076600000240000000037712660365266014641 0ustar aharveystaff# $Id$ LTLIBRARY_NAME = libradius.la LTLIBRARY_SOURCES = radius.c radlib.c LTLIBRARY_SHARED_NAME = radius.la LTLIBRARY_LIBADD = $(RADIUS_LIBADD) LTLIBRARY_SHARED_LIBADD = $(RADIUS_SHARED_LIBADD) include $(top_srcdir)/build/dynlib.mkradius-1.4.0b1/php_radius.h0000644000076600000240000000663012660365266015101 0ustar aharveystaff/* Copyright (c) 2003, Michael Bretterklieber All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This code cannot simply be copied and put under the GNU Public License or any other GPL-like (LGPL, GPL2) License. $Id$ */ #include "radlib.h" #include "radlib_private.h" #ifndef PHP_RADIUS_H #define PHP_RADIUS_H #define phpext_radius_ptr &radius_module_entry #define PHP_RADIUS_VERSION "1.4.0b1" #ifdef PHP_WIN32 #define PHP_RADIUS_API __declspec(dllexport) #else #define PHP_RADIUS_API #endif #ifdef ZTS #include "TSRM.h" #endif extern zend_module_entry radius_module_entry; PHP_MINIT_FUNCTION(radius); PHP_MSHUTDOWN_FUNCTION(radius); PHP_MINFO_FUNCTION(radius); PHP_FUNCTION(radius_auth_open); PHP_FUNCTION(radius_acct_open); PHP_FUNCTION(radius_close); PHP_FUNCTION(radius_strerror); PHP_FUNCTION(radius_config); PHP_FUNCTION(radius_add_server); PHP_FUNCTION(radius_create_request); PHP_FUNCTION(radius_put_string); PHP_FUNCTION(radius_put_int); PHP_FUNCTION(radius_put_attr); PHP_FUNCTION(radius_put_addr); PHP_FUNCTION(radius_put_vendor_string); PHP_FUNCTION(radius_put_vendor_int); PHP_FUNCTION(radius_put_vendor_attr); PHP_FUNCTION(radius_put_vendor_addr); PHP_FUNCTION(radius_send_request); PHP_FUNCTION(radius_get_attr); PHP_FUNCTION(radius_get_tagged_attr_data); PHP_FUNCTION(radius_get_tagged_attr_tag); PHP_FUNCTION(radius_get_vendor_attr); PHP_FUNCTION(radius_cvt_addr); PHP_FUNCTION(radius_cvt_int); PHP_FUNCTION(radius_cvt_string); PHP_FUNCTION(radius_salt_encrypt_attr); PHP_FUNCTION(radius_request_authenticator); PHP_FUNCTION(radius_server_secret); PHP_FUNCTION(radius_demangle); PHP_FUNCTION(radius_demangle_mppe_key); #ifdef ZTS #define RADIUS_G(v) TSRMG(radius_globals_id, zend_radius_globals *, v) #else #define RADIUS_G(v) (radius_globals.v) #endif #define RADIUS_OPTION_NONE RAD_OPTION_NONE #define RADIUS_OPTION_TAGGED RAD_OPTION_TAG #define RADIUS_OPTION_SALT RAD_OPTION_SALT #endif /* PHP_RADIUS_H */ /* * Local variables: * tab-width: 4 * c-basic-offset: 4 * indent-tabs-mode: t * End: */ /* vim: set ts=8 sw=8 noet: */ radius-1.4.0b1/radius.c0000644000076600000240000004652012660365266014227 0ustar aharveystaff/* Copyright (c) 2003, Michael Bretterklieber All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This code cannot simply be copied and put under the GNU Public License or any other GPL-like (LGPL, GPL2) License. $Id$ */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #include "php.h" #include "php_ini.h" #include "php_network.h" #include "ext/standard/info.h" #include "php_radius.h" #include "radlib.h" #include "radlib_private.h" #ifndef PHP_WIN32 #include #include #include #endif #include "pecl-compat/compat.h" void _radius_close(zend_resource *res TSRMLS_DC); static int _init_options(struct rad_attr_options *out, int options, int tag); #define RADIUS_FETCH_RESOURCE(radh, zv) \ radh = (struct rad_handle *)compat_zend_fetch_resource(zv, "rad_handle", le_radius TSRMLS_CC); \ if (!radh) { \ RETURN_FALSE; \ } /* If you declare any globals in php_radius.h uncomment this: ZEND_DECLARE_MODULE_GLOBALS(radius) */ /* True global resources - no need for thread safety here */ static int le_radius; /* {{{ radius_functions[] * * Every user visible function must have an entry in radius_functions[]. */ zend_function_entry radius_functions[] = { PHP_FE(radius_auth_open, NULL) PHP_FE(radius_acct_open, NULL) PHP_FE(radius_close, NULL) PHP_FE(radius_strerror, NULL) PHP_FE(radius_config, NULL) PHP_FE(radius_add_server, NULL) PHP_FE(radius_create_request, NULL) PHP_FE(radius_put_string, NULL) PHP_FE(radius_put_int, NULL) PHP_FE(radius_put_attr, NULL) PHP_FE(radius_put_addr, NULL) PHP_FE(radius_put_vendor_string, NULL) PHP_FE(radius_put_vendor_int, NULL) PHP_FE(radius_put_vendor_attr, NULL) PHP_FE(radius_put_vendor_addr, NULL) PHP_FE(radius_send_request, NULL) PHP_FE(radius_get_attr, NULL) PHP_FE(radius_get_tagged_attr_data, NULL) PHP_FE(radius_get_tagged_attr_tag, NULL) PHP_FE(radius_get_vendor_attr, NULL) PHP_FE(radius_cvt_addr, NULL) PHP_FE(radius_cvt_int, NULL) PHP_FE(radius_cvt_string, NULL) PHP_FE(radius_salt_encrypt_attr, NULL) PHP_FE(radius_request_authenticator, NULL) PHP_FE(radius_server_secret, NULL) PHP_FE(radius_demangle, NULL) PHP_FE(radius_demangle_mppe_key, NULL) {NULL, NULL, NULL} /* Must be the last line in radius_functions[] */ }; /* }}} */ /* {{{ radius_module_entry */ zend_module_entry radius_module_entry = { #if ZEND_MODULE_API_NO >= 20010901 STANDARD_MODULE_HEADER, #endif "radius", radius_functions, PHP_MINIT(radius), PHP_MSHUTDOWN(radius), NULL, NULL, PHP_MINFO(radius), #if ZEND_MODULE_API_NO >= 20010901 PHP_RADIUS_VERSION, #endif STANDARD_MODULE_PROPERTIES }; /* }}} */ #ifdef COMPILE_DL_RADIUS ZEND_GET_MODULE(radius) #endif /* {{{ PHP_MINIT_FUNCTION */ PHP_MINIT_FUNCTION(radius) { le_radius = zend_register_list_destructors_ex(_radius_close, NULL, "rad_handle", module_number); #include "radius_init_const.h" REGISTER_LONG_CONSTANT("RADIUS_MPPE_KEY_LEN", MPPE_KEY_LEN, CONST_PERSISTENT); return SUCCESS; } /* }}} */ /* {{{ PHP_MSHUTDOWN_FUNCTION */ PHP_MSHUTDOWN_FUNCTION(radius) { return SUCCESS; } /* }}} */ /* {{{ PHP_MINFO_FUNCTION */ PHP_MINFO_FUNCTION(radius) { php_info_print_table_start(); php_info_print_table_header(2, "radius support", "enabled"); php_info_print_table_row(2, "version", PHP_RADIUS_VERSION); php_info_print_table_end(); } /* }}} */ /* {{{ proto resource radius_auth_open(string arg) */ PHP_FUNCTION(radius_auth_open) { struct rad_handle *radh = rad_auth_open(); if (radh != NULL) { compat_zend_register_resource(return_value, radh, le_radius TSRMLS_CC); } else { RETURN_FALSE; } } /* }}} */ /* {{{ proto resource radius_acct_open(string arg) */ PHP_FUNCTION(radius_acct_open) { struct rad_handle *radh = rad_acct_open(); if (radh != NULL) { compat_zend_register_resource(return_value, radh, le_radius TSRMLS_CC); } else { RETURN_FALSE; } } /* }}} */ /* {{{ proto bool radius_close(radh) */ PHP_FUNCTION(radius_close) { struct rad_handle *radh; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &z_radh) == FAILURE) { return; } /* Fetch the resource to verify it. */ RADIUS_FETCH_RESOURCE(radh, z_radh); compat_zend_delete_resource(z_radh TSRMLS_CC); RETURN_TRUE; } /* }}} */ /* {{{ proto string radius_strerror(radh) */ PHP_FUNCTION(radius_strerror) { char *msg; struct rad_handle *radh; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &z_radh) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); msg = (char *)rad_strerror(radh); RETURN_STRINGL(msg, strlen(msg)); } /* }}} */ /* {{{ proto bool radius_config(desc, configfile) */ PHP_FUNCTION(radius_config) { char *filename; COMPAT_ARG_SIZE_T filename_len; struct rad_handle *radh; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs", &z_radh, &filename, &filename_len) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); if (rad_config(radh, filename) == -1) { RETURN_FALSE; } else { RETURN_TRUE; } } /* }}} */ /* {{{ proto bool radius_add_server(desc, hostname, port, secret, timeout, maxtries) */ PHP_FUNCTION(radius_add_server) { char *hostname, *secret; COMPAT_ARG_SIZE_T hostname_len, secret_len; long port, timeout, maxtries; struct rad_handle *radh; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rslsll", &z_radh, &hostname, &hostname_len, &port, &secret, &secret_len, &timeout, &maxtries) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); if (rad_add_server(radh, hostname, port, secret, timeout, maxtries) == -1) { RETURN_FALSE; } else { RETURN_TRUE; } } /* }}} */ /* {{{ proto bool radius_create_request(desc, code) */ PHP_FUNCTION(radius_create_request) { long code; struct rad_handle *radh; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rl", &z_radh, &code) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); if (rad_create_request(radh, code) == -1) { RETURN_FALSE; } else { RETURN_TRUE; } } /* }}} */ /* {{{ proto bool radius_put_string(desc, type, str, options, tag) */ PHP_FUNCTION(radius_put_string) { char *str; COMPAT_ARG_SIZE_T str_len; long type, options = 0, tag = 0; struct rad_attr_options attr_options; struct rad_handle *radh; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rls|ll", &z_radh, &type, &str, &str_len, &options, &tag) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); if (_init_options(&attr_options, options, tag) == -1) { RETURN_FALSE; } else if (rad_put_string(radh, type, str, &attr_options) == -1) { RETURN_FALSE; } RETURN_TRUE; } /* }}} */ /* {{{ proto bool radius_put_int(desc, type, int, options, tag) */ PHP_FUNCTION(radius_put_int) { long type, val, options = 0, tag = 0; struct rad_attr_options attr_options; struct rad_handle *radh; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rll|ll", &z_radh, &type, &val, &options, &tag) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); if (_init_options(&attr_options, options, tag) == -1) { RETURN_FALSE; } else if (rad_put_int(radh, type, val, &attr_options) == -1) { RETURN_FALSE; } RETURN_TRUE; } /* }}} */ /* {{{ proto bool radius_put_attr(desc, type, data, options, tag) */ PHP_FUNCTION(radius_put_attr) { long type, options = 0, tag = 0; COMPAT_ARG_SIZE_T len; char *data; struct rad_attr_options attr_options; struct rad_handle *radh; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rls|ll", &z_radh, &type, &data, &len, &options, &tag) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); if (_init_options(&attr_options, options, tag) == -1) { RETURN_FALSE; } else if (rad_put_attr(radh, type, data, len, &attr_options) == -1) { RETURN_FALSE; } RETURN_TRUE; } /* }}} */ /* {{{ proto bool radius_put_addr(desc, type, addr, options, tag) */ PHP_FUNCTION(radius_put_addr) { COMPAT_ARG_SIZE_T addrlen; long type, options = 0, tag = 0; char *addr; struct rad_attr_options attr_options; struct rad_handle *radh; zval *z_radh; struct in_addr intern_addr; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rls|ll", &z_radh, &type, &addr, &addrlen, &options, &tag) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); if (inet_aton(addr, &intern_addr) == 0) { zend_error(E_ERROR, "Error converting Address"); RETURN_FALSE; } if (_init_options(&attr_options, options, tag) == -1) { RETURN_FALSE; } else if (rad_put_addr(radh, type, intern_addr, &attr_options) == -1) { RETURN_FALSE; } RETURN_TRUE; } /* }}} */ /* {{{ proto bool radius_put_vendor_string(desc, vendor, type, str, options, tag) */ PHP_FUNCTION(radius_put_vendor_string) { char *str; COMPAT_ARG_SIZE_T str_len; long type, vendor, options = 0, tag = 0; struct rad_attr_options attr_options; struct rad_handle *radh; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rlls|ll", &z_radh, &vendor, &type, &str, &str_len, &options, &tag) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); if (_init_options(&attr_options, options, tag) == -1) { RETURN_FALSE; } else if (rad_put_vendor_string(radh, vendor, type, str, &attr_options) == -1) { RETURN_FALSE; } RETURN_TRUE; } /* }}} */ /* {{{ proto bool radius_put_vendor_int(desc, vendor, type, int, options, tag) */ PHP_FUNCTION(radius_put_vendor_int) { long type, vendor, val, options = 0, tag = 0; struct rad_attr_options attr_options; struct rad_handle *radh; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rlll|ll", &z_radh, &vendor, &type, &val, &options, &tag) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); if (_init_options(&attr_options, options, tag) == -1) { RETURN_FALSE; } else if (rad_put_vendor_int(radh, vendor, type, val, &attr_options) == -1) { RETURN_FALSE; } RETURN_TRUE; } /* }}} */ /* {{{ proto bool radius_put_vendor_attr(desc, vendor, type, data, options, tag) */ PHP_FUNCTION(radius_put_vendor_attr) { long type, vendor, options = 0, tag = 0; COMPAT_ARG_SIZE_T len; char *data; struct rad_attr_options attr_options; struct rad_handle *radh; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rlls|ll", &z_radh, &vendor, &type, &data, &len, &options, &tag) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); if (_init_options(&attr_options, options, tag) == -1) { RETURN_FALSE; } else if (rad_put_vendor_attr(radh, vendor, type, data, len, &attr_options) == -1) { RETURN_FALSE; } RETURN_TRUE; } /* }}} */ /* {{{ proto bool radius_put_vendor_addr(desc, vendor, type, addr) */ PHP_FUNCTION(radius_put_vendor_addr) { long type, vendor, options = 0, tag = 0; COMPAT_ARG_SIZE_T addrlen; char *addr; struct rad_attr_options attr_options; struct rad_handle *radh; zval *z_radh; struct in_addr intern_addr; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rlls|ll", &z_radh, &vendor, &type, &addr, &addrlen, &options, &tag) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); if (inet_aton(addr, &intern_addr) == 0) { zend_error(E_ERROR, "Error converting Address"); RETURN_FALSE; } if (_init_options(&attr_options, options, tag) == -1) { RETURN_FALSE; } else if (rad_put_vendor_addr(radh, vendor, type, intern_addr, &attr_options) == -1) { RETURN_FALSE; } RETURN_TRUE; } /* }}} */ /* {{{ proto bool radius_send_request(desc) */ PHP_FUNCTION(radius_send_request) { struct rad_handle *radh; zval *z_radh; int res; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &z_radh) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); res = rad_send_request(radh); if (res == -1) { RETURN_FALSE; } else { RETURN_LONG(res); } } /* }}} */ /* {{{ proto string radius_get_attr(desc) */ PHP_FUNCTION(radius_get_attr) { struct rad_handle *radh; int res; const void *data; size_t len; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &z_radh) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); res = rad_get_attr(radh, &data, &len); if (res == -1) { RETURN_FALSE; } else { if (res > 0) { array_init(return_value); add_assoc_long(return_value, "attr", res); add_assoc_stringl(return_value, "data", (char *) data, len); return; } RETURN_LONG(res); } } /* }}} */ /* {{{ proto string radius_get_tagged_attr_data(string attr) */ PHP_FUNCTION(radius_get_tagged_attr_data) { const char *attr; COMPAT_ARG_SIZE_T len; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &attr, &len) == FAILURE) { return; } if (len < 1) { zend_error(E_NOTICE, "Empty attributes cannot have tags"); RETURN_FALSE; } else if (len == 1) { RETURN_EMPTY_STRING(); } RETURN_STRINGL(attr + 1, len - 1); } /* }}} */ /* {{{ proto string radius_get_tagged_attr_tag(string attr) */ PHP_FUNCTION(radius_get_tagged_attr_tag) { const char *attr; COMPAT_ARG_SIZE_T len; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &attr, &len) == FAILURE) { return; } if (len < 1) { zend_error(E_NOTICE, "Empty attributes cannot have tags"); RETURN_FALSE; } RETURN_LONG((long) *attr); } /* }}} */ /* {{{ proto string radius_get_vendor_attr(data) */ PHP_FUNCTION(radius_get_vendor_attr) { const void *data, *raw; COMPAT_ARG_SIZE_T len; u_int32_t vendor; unsigned char type; size_t data_len; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &raw, &len) == FAILURE) { return; } if (rad_get_vendor_attr(&vendor, &type, &data, &data_len, raw, len) == -1) { RETURN_FALSE; } else { array_init(return_value); add_assoc_long(return_value, "attr", type); add_assoc_long(return_value, "vendor", vendor); add_assoc_stringl(return_value, "data", (char *) data, data_len); return; } } /* }}} */ /* {{{ proto string radius_cvt_addr(data) */ PHP_FUNCTION(radius_cvt_addr) { const void *data; char *addr_dot; COMPAT_ARG_SIZE_T len; struct in_addr addr; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &data, &len) == FAILURE) { return; } addr = rad_cvt_addr(data); addr_dot = inet_ntoa(addr); RETURN_STRINGL(addr_dot, strlen(addr_dot)); } /* }}} */ /* {{{ proto int radius_cvt_int(data) */ PHP_FUNCTION(radius_cvt_int) { const void *data; COMPAT_ARG_SIZE_T len; int val; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &data, &len) == FAILURE) { return; } val = rad_cvt_int(data); RETURN_LONG(val); } /* }}} */ /* {{{ proto string radius_cvt_string(data) */ PHP_FUNCTION(radius_cvt_string) { const void *data; char *val; COMPAT_ARG_SIZE_T len; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &data, &len) == FAILURE) { return; } val = rad_cvt_string(data, len); if (val == NULL) RETURN_FALSE; RETVAL_STRINGL(val, strlen(val)); free(val); return; } /* }}} */ /* {{{ proto string radius_salt_encrypt_attr(resource radh, string data) */ PHP_FUNCTION(radius_salt_encrypt_attr) { char *data; COMPAT_ARG_SIZE_T len; struct rad_handle *radh; struct rad_salted_value salted; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs", &z_radh, &data, &len) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); if (rad_salt_value(radh, data, len, &salted) == -1) { zend_error(E_WARNING, "%s", rad_strerror(radh)); RETURN_FALSE; } else if (salted.len == 0) { RETURN_EMPTY_STRING(); } RETVAL_STRINGL(salted.data, salted.len); efree(salted.data); } /* }}} */ /* {{{ proto string radius_request_authenticator(radh) */ PHP_FUNCTION(radius_request_authenticator) { struct rad_handle *radh; ssize_t res; char buf[LEN_AUTH]; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &z_radh) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); res = rad_request_authenticator(radh, buf, sizeof buf); if (res == -1) { RETURN_FALSE; } else { RETURN_STRINGL(buf, res); } } /* }}} */ /* {{{ proto string radius_server_secret(radh) */ PHP_FUNCTION(radius_server_secret) { char *secret; struct rad_handle *radh; zval *z_radh; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &z_radh) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); secret = (char *)rad_server_secret(radh); if (secret) { RETURN_STRINGL(secret, strlen(secret)); } RETURN_FALSE; } /* }}} */ /* {{{ proto string radius_demangle(radh, mangled) */ PHP_FUNCTION(radius_demangle) { struct rad_handle *radh; zval *z_radh; const void *mangled; unsigned char *buf; COMPAT_ARG_SIZE_T len; int res; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs", &z_radh, &mangled, &len) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); buf = emalloc(len); res = rad_demangle(radh, mangled, len, buf); if (res == -1) { efree(buf); RETURN_FALSE; } else { RETVAL_STRINGL((char *) buf, len); efree(buf); return; } } /* }}} */ /* {{{ proto string radius_demangle_mppe_key(radh, mangled) */ PHP_FUNCTION(radius_demangle_mppe_key) { struct rad_handle *radh; zval *z_radh; const void *mangled; unsigned char *buf; size_t dlen; COMPAT_ARG_SIZE_T len; int res; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs", &z_radh, &mangled, &len) == FAILURE) { return; } RADIUS_FETCH_RESOURCE(radh, z_radh); buf = emalloc(len); res = rad_demangle_mppe_key(radh, mangled, len, buf, &dlen); if (res == -1) { efree(buf); RETURN_FALSE; } else { RETVAL_STRINGL((char *) buf, dlen); efree(buf); return; } } /* }}} */ /* {{{ _init_options() */ int _init_options(struct rad_attr_options *out, int options, int tag) { memset(out, 0, sizeof(struct rad_attr_options)); if (options & RADIUS_OPTION_SALT) { out->options |= RAD_OPTION_SALT; } if (options & RADIUS_OPTION_TAGGED) { if (tag < 0 || tag > 255) { zend_error(E_NOTICE, "Tag must be between 0 and 255"); return -1; } out->options |= RAD_OPTION_TAG; out->tag = tag; } return 0; } /* }}} */ /* {{{ _radius_close() */ void _radius_close(zend_resource *res TSRMLS_DC) { struct rad_handle *radh = (struct rad_handle *)res->ptr; rad_close(radh); res->ptr = NULL; } /* }}} */ /* * Local variables: * tab-width: 4 * c-basic-offset: 4 * End: * vim600: noet sw=8 ts=8 fdm=marker * vim<600: noet sw=8 ts=8 */ radius-1.4.0b1/radius.conf0000644000076600000240000000061412660365266014724 0ustar aharveystaff# Service-type Server Shared-secret Timeout Retries #auth|acct host[:port] secret 3 3 # A simple entry using all the defaults: #acct radius1.domain.com OurLittleSecret # A server still using the obsolete RADIUS port, with increased # timeout and maximum tries: #auth auth.domain.com:1645 "I can't see you" 5 4 # A server specified by its IP address: #auth 192.168.27.81 $X*#..38947ax-+=radius-1.4.0b1/radius.dsp0000644000076600000240000001274212660365266014572 0ustar aharveystaff# Microsoft Developer Studio Project File - Name="radius" - Package Owner=<4> # Microsoft Developer Studio Generated Build File, Format Version 6.00 # ** DO NOT EDIT ** # TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 CFG=radius - Win32 Debug_TS !MESSAGE This is not a valid makefile. To build this project using NMAKE, !MESSAGE use the Export Makefile command and run !MESSAGE !MESSAGE NMAKE /f "radius.mak". !MESSAGE !MESSAGE You can specify a configuration when running NMAKE !MESSAGE by defining the macro CFG on the command line. For example: !MESSAGE !MESSAGE NMAKE /f "radius.mak" CFG="radius - Win32 Debug_TS" !MESSAGE !MESSAGE Possible choices for configuration are: !MESSAGE !MESSAGE "radius - Win32 Debug_TS" (based on "Win32 (x86) Dynamic-Link Library") !MESSAGE "radius - Win32 Release_TS" (based on "Win32 (x86) Dynamic-Link Library") !MESSAGE # Begin Project # PROP AllowPerConfigDependencies 0 # PROP Scc_ProjName "" # PROP Scc_LocalPath "" CPP=cl.exe MTL=midl.exe RSC=rc.exe !IF "$(CFG)" == "radius - Win32 Debug_TS" # PROP BASE Use_MFC 0 # PROP BASE Use_Debug_Libraries 1 # PROP BASE Output_Dir "radius___Win32_Debug_TS" # PROP BASE Intermediate_Dir "radius___Win32_Debug_TS" # PROP BASE Ignore_Export_Lib 0 # PROP BASE Target_Dir "" # PROP Use_MFC 0 # PROP Use_Debug_Libraries 1 # PROP Output_Dir "Debug_TS" # PROP Intermediate_Dir "Debug_TS" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" # ADD BASE CPP /nologo /MDd /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "ZEND_WIN32" /D "_MBCS" /D "_USRDLL" /D "RADIUS_EXPORTS" /D HAVE_SOCKETS=1 /D ZEND_DEBUG=0 /D "PHP_EXPORTS" /YX /FD /GZ /c # ADD CPP /nologo /MDd /W3 /Gm /GX /ZI /Od /I "..\..\..\php4" /I "..\..\..\php4\main" /I "..\..\..\php4\Zend" /I "..\..\..\php4\TSRM" /I "..\..\..\php4\win32" /I "..\..\..\\bindlib_w32" /D ZEND_DEBUG=1 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "PHP_EXPORTS" /D "COMPILE_DL_SOCKETS" /D ZTS=1 /D "ZEND_WIN32" /D "PHP_WIN32" /D HAVE_RADIUS=1 /YX /FD /GZ /c # ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32 # ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 # ADD BASE RSC /l 0xc07 /d "_DEBUG" # ADD RSC /l 0xc07 /d "_DEBUG" BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe # ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /pdbtype:sept # ADD LINK32 php4ts_debug.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /out:"..\..\Debug_TS\php_radius.dll" /pdbtype:sept /libpath:"..\..\..\php4\Debug_TS" !ELSEIF "$(CFG)" == "radius - Win32 Release_TS" # PROP BASE Use_MFC 0 # PROP BASE Use_Debug_Libraries 0 # PROP BASE Output_Dir "radius___Win32_Release_TS" # PROP BASE Intermediate_Dir "radius___Win32_Release_TS" # PROP BASE Target_Dir "" # PROP Use_MFC 0 # PROP Use_Debug_Libraries 0 # PROP Output_Dir "Release_TS" # PROP Intermediate_Dir "Release_TS" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" # ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "RADIUS_EXPORTS" /YX /FD /c # ADD CPP /nologo /MD /W3 /GX /O2 /I "..\..\..\php4" /I "..\..\..\php4\main" /I "..\..\..\php4\Zend" /I "..\..\..\php4\TSRM" /I "..\..\..\php4\win32" /I "..\..\..\\bindlib_w32" /D ZEND_DEBUG=0 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "PHP_EXPORTS" /D "COMPILE_DL_RADIUS" /D ZTS=1 /D "ZEND_WIN32" /D "PHP_WIN32" /D "HAVE_RADIUS" /FR /YX /FD /c # ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32 # ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 # ADD BASE RSC /l 0xc07 /d "NDEBUG" # ADD RSC /l 0xc07 /d "NDEBUG" BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe # ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /machine:I386 # ADD LINK32 php4ts.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /machine:I386 /out:"..\..\Release_TS\php_radius.dll" /libpath:"..\..\..\php4\Release_TS" /libpath:"..\..\..\php4\Release_TS_Inline" # SUBTRACT LINK32 /pdb:none !ENDIF # Begin Target # Name "radius - Win32 Debug_TS" # Name "radius - Win32 Release_TS" # Begin Group "Quellcodedateien" # PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" # Begin Source File SOURCE=.\radius.c # End Source File # Begin Source File SOURCE=.\radlib.c # End Source File # Begin Source File SOURCE=.\radlib_compat.c # End Source File # End Group # Begin Group "Header-Dateien" # PROP Default_Filter "h;hpp;hxx;hm;inl" # Begin Source File SOURCE=.\php_radius.h # End Source File # Begin Source File SOURCE=.\radius_init_const.h # End Source File # Begin Source File SOURCE=.\radlib.h # End Source File # Begin Source File SOURCE=.\radlib_compat.h # End Source File # Begin Source File SOURCE=.\radlib_md5.h # End Source File # Begin Source File SOURCE=.\radlib_private.h # End Source File # Begin Source File SOURCE=.\radlib_vs.h # End Source File # End Group # Begin Group "Ressourcendateien" # PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe" # End Group # End Target # End Project radius-1.4.0b1/radius.dsw0000644000076600000240000000106512660365266014575 0ustar aharveystaffMicrosoft Developer Studio Workspace File, Format Version 6.00 # WARNUNG: DIESE ARBEITSBEREICHSDATEI DARF NICHT BEARBEITET ODER GELÖSCHT WERDEN! ############################################################################### Project: "radius"=".\radius.dsp" - Package Owner=<4> Package=<5> {{{ }}} Package=<4> {{{ }}} ############################################################################### Global: Package=<5> {{{ }}} Package=<3> {{{ }}} ############################################################################### radius-1.4.0b1/radius_init_const.h0000644000076600000240000003503312660365266016462 0ustar aharveystaffREGISTER_LONG_CONSTANT("RADIUS_ACCESS_REQUEST", 1, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ACCESS_ACCEPT", 2, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ACCESS_REJECT", 3, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ACCOUNTING_REQUEST", 4, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ACCOUNTING_RESPONSE", 5, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ACCESS_CHALLENGE", 11, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_DISCONNECT_REQUEST", 40, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_DISCONNECT_ACK", 41, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_DISCONNECT_NAK", 42, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_COA_REQUEST", 43, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_COA_ACK", 44, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_COA_NAK", 45, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_USER_NAME", 1, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_USER_PASSWORD", 2, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_CHAP_PASSWORD", 3, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_NAS_IP_ADDRESS", 4, CONST_PERSISTENT); /* IP address */ REGISTER_LONG_CONSTANT("RADIUS_NAS_PORT", 5, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_SERVICE_TYPE", 6, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_LOGIN", 1, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_FRAMED", 2, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_CALLBACK_LOGIN", 3, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_CALLBACK_FRAMED", 4, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_OUTBOUND", 5, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ADMINISTRATIVE", 6, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_NAS_PROMPT", 7, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_AUTHENTICATE_ONLY", 8, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_CALLBACK_NAS_PROMPT", 9, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_FRAMED_PROTOCOL", 7, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_PPP", 1, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_SLIP", 2, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ARAP", 3, CONST_PERSISTENT); /* Appletalk */ REGISTER_LONG_CONSTANT("RADIUS_GANDALF", 4, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_XYLOGICS", 5, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_FRAMED_IP_ADDRESS", 8, CONST_PERSISTENT); /* IP address */ REGISTER_LONG_CONSTANT("RADIUS_FRAMED_IP_NETMASK", 9, CONST_PERSISTENT); /* IP address */ REGISTER_LONG_CONSTANT("RADIUS_FRAMED_ROUTING", 10, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_FILTER_ID", 11, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_FRAMED_MTU", 12, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_FRAMED_COMPRESSION", 13, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_COMP_NONE", 0, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_COMP_VJ", 1, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_COMP_IPXHDR", 2, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_LOGIN_IP_HOST", 14, CONST_PERSISTENT); /* IP address */ REGISTER_LONG_CONSTANT("RADIUS_LOGIN_SERVICE", 15, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_LOGIN_TCP_PORT", 16, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_REPLY_MESSAGE", 18, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_CALLBACK_NUMBER", 19, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_CALLBACK_ID", 20, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_FRAMED_ROUTE", 22, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_FRAMED_IPX_NETWORK", 23, CONST_PERSISTENT); /* IP address */ REGISTER_LONG_CONSTANT("RADIUS_STATE", 24, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_CLASS", 25, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_VENDOR_SPECIFIC", 26, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_SESSION_TIMEOUT", 27, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_IDLE_TIMEOUT", 28, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_TERMINATION_ACTION", 29, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_CALLED_STATION_ID", 30, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_CALLING_STATION_ID", 31, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_NAS_IDENTIFIER", 32, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_PROXY_STATE", 33, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_LOGIN_LAT_SERVICE", 34, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_LOGIN_LAT_NODE", 35, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_LOGIN_LAT_GROUP", 36, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_FRAMED_APPLETALK_LINK", 37, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_FRAMED_APPLETALK_NETWORK", 38, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_FRAMED_APPLETALK_ZONE", 39, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_CHAP_CHALLENGE", 60, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_NAS_PORT_TYPE", 61, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_ASYNC", 0, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_SYNC", 1, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ISDN_SYNC", 2, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ISDN_ASYNC_V120", 3, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ISDN_ASYNC_V110", 4, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_VIRTUAL", 5, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_PIAFS", 6, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_HDLC_CLEAR_CHANNEL", 7, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_X_25", 8, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_X_75", 9, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_G_3_FAX", 10, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_SDSL", 11, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ADSL_CAP", 12, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ADSL_DMT", 13, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_IDSL", 14, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ETHERNET", 15, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_XDSL", 16, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_CABLE", 17, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_WIRELESS_OTHER", 18, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_WIRELESS_IEEE_802_11", 19, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_PORT_LIMIT", 62, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_LOGIN_LAT_PORT", 63, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_CONNECT_INFO", 77, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_NAS_IPV6_ADDRESS", 95, CONST_PERSISTENT); /* IPv6 address */ REGISTER_LONG_CONSTANT("RADIUS_FRAMED_INTERFACE_ID", 96, CONST_PERSISTENT); /* 8 octets */ REGISTER_LONG_CONSTANT("RADIUS_FRAMED_IPV6_PREFIX", 97, CONST_PERSISTENT); /* Octets */ REGISTER_LONG_CONSTANT("RADIUS_LOGIN_IPV6_HOST", 98, CONST_PERSISTENT); /* IPv6 address */ REGISTER_LONG_CONSTANT("RADIUS_FRAMED_IPV6_ROUTE", 99, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_FRAMED_IPV6_POOL", 100, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE", 101, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_RESIDUAL_SESSION_CONTEXT_REMOVED", 201, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_INVALID_EAP_PACKET", 202, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_UNSUPPORTED_ATTRIBUTE", 401, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_MISSING_ATTRIBUTE", 402, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_NAS_IDENTIFICATION_MISMATCH", 403, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_INVALID_REQUEST", 404, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_UNSUPPORTED_SERVICE", 405, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_UNSUPPORTED_EXCEPTION", 406, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_ADMINISTRATIVELY_PROHIBITED", 501, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_REQUEST_NOT_ROUTABLE", 502, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_SESSION_CONTEXT_NOT_FOUND", 503, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_SESSION_CONTEXT_NOT_REMOVABLE", 504, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_OTHER_PROXY_PROCESSING_ERROR", 505, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_RESOURCES_UNAVAILABLE", 506, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ERROR_CAUSE_REQUEST_INITIATED", 507, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ACCT_STATUS_TYPE", 40, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_START", 1, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_STOP", 2, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ACCOUNTING_ON", 7, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ACCOUNTING_OFF", 8, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ACCT_DELAY_TIME", 41, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_ACCT_INPUT_OCTETS", 42, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_ACCT_OUTPUT_OCTETS", 43, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_ACCT_SESSION_ID", 44, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_ACCT_AUTHENTIC", 45, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_AUTH_RADIUS", 1, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_AUTH_LOCAL", 2, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_AUTH_REMOTE", 3, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ACCT_SESSION_TIME", 46, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_ACCT_INPUT_PACKETS", 47, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_ACCT_OUTPUT_PACKETS", 48, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_ACCT_TERMINATE_CAUSE", 49, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_TERM_USER_REQUEST", 1, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_LOST_CARRIER", 2, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_LOST_SERVICE", 3, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_IDLE_TIMEOUT", 4, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_SESSION_TIMEOUT", 5, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_ADMIN_RESET", 6, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_ADMIN_REBOOT", 7, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_PORT_ERROR", 8, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_NAS_ERROR", 9, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_NAS_REQUEST", 10, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_NAS_REBOOT", 11, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_PORT_UNNEEDED", 12, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_PORT_PREEMPTED", 13, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_PORT_SUSPENDED", 14, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_SERVICE_UNAVAILABLE", 15, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_CALLBACK", 16, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_USER_ERROR", 17, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_TERM_HOST_REQUEST", 18, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_ACCT_MULTI_SESSION_ID", 50, CONST_PERSISTENT); /* String */ REGISTER_LONG_CONSTANT("RADIUS_ACCT_LINK_COUNT", 51, CONST_PERSISTENT); /* Integer */ REGISTER_LONG_CONSTANT("RADIUS_VENDOR_MICROSOFT", 311, CONST_PERSISTENT); /* rfc2548 */ REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_CHAP_RESPONSE", 1, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_CHAP_ERROR", 2, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_CHAP_PW_1", 3, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_CHAP_PW_2", 4, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_CHAP_LM_ENC_PW", 5, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_CHAP_NT_ENC_PW", 6, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY", 7, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES", 8, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_RAS_VENDOR", 9, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_CHAP_DOMAIN", 10, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_CHAP_CHALLENGE", 11, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_CHAP_MPPE_KEYS", 12, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_BAP_USAGE", 13, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_LINK_UTILIZATION_THRESHOLD", 14, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_LINK_DROP_TIME_LIMIT", 15, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_MPPE_SEND_KEY", 16, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_MPPE_RECV_KEY", 17, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_RAS_VERSION", 18, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_OLD_ARAP_PASSWORD", 19, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_NEW_ARAP_PASSWORD", 20, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_ARAP_PASSWORD_CHANGE_REASON", 21, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_FILTER", 22, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_ACCT_AUTH_TYPE", 23, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_ACCT_EAP_TYPE", 24, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_CHAP2_RESPONSE", 25, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_CHAP2_SUCCESS", 26, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_CHAP2_PW", 27, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER", 28, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_SECONDARY_DNS_SERVER", 29, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_PRIMARY_NBNS_SERVER", 30, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_SECONDARY_NBNS_SERVER", 31, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_MICROSOFT_MS_ARAP_CHALLENGE", 33, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_OPTION_NONE", RADIUS_OPTION_NONE, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_OPTION_TAGGED", RADIUS_OPTION_TAGGED, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("RADIUS_OPTION_SALT", RADIUS_OPTION_SALT, CONST_PERSISTENT); /* vim: set ts=8 sw=8 noet: */ radius-1.4.0b1/radlib.c0000644000076600000240000007674012660365266014204 0ustar aharveystaff/*- * Copyright 1998 Juniper Networks, Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD: src/lib/libradius/radlib.c,v 1.4.2.3 2002/06/17 02:24:57 brian Exp $ */ #include #ifndef PHP_WIN32 #include #include #include #include #include #else #include #include "win32/time.h" #endif #include #include #include #include #include #include #ifndef PHP_WIN32 #include #endif #include "radlib_compat.h" #include "radlib_md5.h" #include "radlib_private.h" static void clear_password(struct rad_handle *); static void generr(struct rad_handle *, const char *, ...) __printflike(2, 3); static void insert_scrambled_password(struct rad_handle *, int); static void insert_request_authenticator(struct rad_handle *, int); static int is_valid_response(struct rad_handle *, int, const struct sockaddr_in *); static int put_password_attr(struct rad_handle *, int, const void *, size_t, const struct rad_attr_options *); static int put_raw_attr(struct rad_handle *, int, const void *, size_t, const struct rad_attr_options *); static int split(char *, char *[], int, char *, size_t); static void clear_password(struct rad_handle *h) { if (h->pass_len != 0) { memset(h->pass, 0, h->pass_len); h->pass_len = 0; } h->pass_pos = 0; } static void generr(struct rad_handle *h, const char *format, ...) { va_list ap; va_start(ap, format); vsnprintf(h->errmsg, ERRSIZE, format, ap); va_end(ap); } static void insert_scrambled_password(struct rad_handle *h, int srv) { MD5_CTX ctx; unsigned char md5[16]; const struct rad_server *srvp; int padded_len; int pos; srvp = &h->servers[srv]; padded_len = h->pass_len == 0 ? 16 : (h->pass_len+15) & ~0xf; memcpy(md5, &h->request[POS_AUTH], LEN_AUTH); for (pos = 0; pos < padded_len; pos += 16) { int i; /* Calculate the new scrambler */ MD5Init(&ctx); MD5Update(&ctx, srvp->secret, strlen(srvp->secret)); MD5Update(&ctx, md5, 16); MD5Final(md5, &ctx); /* * Mix in the current chunk of the password, and copy * the result into the right place in the request. Also * modify the scrambler in place, since we will use this * in calculating the scrambler for next time. */ for (i = 0; i < 16; i++) h->request[h->pass_pos + pos + i] = md5[i] ^= h->pass[pos + i]; } } static void insert_request_authenticator(struct rad_handle *h, int srv) { MD5_CTX ctx; const struct rad_server *srvp; srvp = &h->servers[srv]; /* Create the request authenticator */ MD5Init(&ctx); MD5Update(&ctx, &h->request[POS_CODE], POS_AUTH - POS_CODE); MD5Update(&ctx, memset(&h->request[POS_AUTH], 0, LEN_AUTH), LEN_AUTH); MD5Update(&ctx, &h->request[POS_ATTRS], h->req_len - POS_ATTRS); MD5Update(&ctx, srvp->secret, strlen(srvp->secret)); MD5Final(&h->request[POS_AUTH], &ctx); } /* * Return true if the current response is valid for a request to the * specified server. */ static int is_valid_response(struct rad_handle *h, int srv, const struct sockaddr_in *from) { MD5_CTX ctx; unsigned char md5[16]; const struct rad_server *srvp; int len; srvp = &h->servers[srv]; /* Check the source address */ if (from->sin_family != srvp->addr.sin_family || from->sin_addr.s_addr != srvp->addr.sin_addr.s_addr || from->sin_port != srvp->addr.sin_port) return 0; /* Check the message length */ if (h->resp_len < POS_ATTRS) return 0; len = h->response[POS_LENGTH] << 8 | h->response[POS_LENGTH+1]; if (len > h->resp_len) return 0; /* Check the response authenticator */ MD5Init(&ctx); MD5Update(&ctx, &h->response[POS_CODE], POS_AUTH - POS_CODE); MD5Update(&ctx, &h->request[POS_AUTH], LEN_AUTH); MD5Update(&ctx, &h->response[POS_ATTRS], len - POS_ATTRS); MD5Update(&ctx, srvp->secret, strlen(srvp->secret)); MD5Final(md5, &ctx); if (memcmp(&h->response[POS_AUTH], md5, sizeof md5) != 0) return 0; return 1; } static int put_password_attr(struct rad_handle *h, int type, const void *value, size_t len, const struct rad_attr_options *options) { int padded_len; int pad_len; if (options->options & RAD_OPTION_SALT) { generr(h, "User-Password attributes cannot be salt-encrypted"); return -1; } if (options->options & RAD_OPTION_TAG) { generr(h, "User-Password attributes cannot be tagged"); return -1; } if (h->pass_pos != 0) { generr(h, "Multiple User-Password attributes specified"); return -1; } if (len > PASSSIZE) len = PASSSIZE; padded_len = len == 0 ? 16 : (len+15) & ~0xf; pad_len = padded_len - len; /* * Put in a place-holder attribute containing all zeros, and * remember where it is so we can fill it in later. */ clear_password(h); put_raw_attr(h, type, h->pass, padded_len, options); h->pass_pos = h->req_len - padded_len; /* Save the cleartext password, padded as necessary */ memcpy(h->pass, value, len); h->pass_len = len; memset(h->pass + len, 0, pad_len); return 0; } static int put_raw_attr(struct rad_handle *h, int type, const void *value, size_t len, const struct rad_attr_options *options) { const void *actual_value = value; size_t full_len = 2 + len; int res = -1; struct rad_salted_value *salted = NULL; if (options->options & RAD_OPTION_SALT) { salted = emalloc(sizeof(struct rad_salted_value)); if (rad_salt_value(h, value, len, salted) == -1) { goto end; } else { actual_value = salted->data; len = salted->len; full_len = 2 + len; } } if (options->options & RAD_OPTION_TAG) { full_len++; } if (full_len > 255) { generr(h, "Attribute too long"); goto end; } if (h->req_len + full_len > MSGSIZE) { generr(h, "Maximum message length exceeded"); goto end; } h->request[h->req_len++] = type; h->request[h->req_len++] = full_len; if (options->options & RAD_OPTION_TAG) { h->request[h->req_len++] = options->tag; } memcpy(&h->request[h->req_len], actual_value, len); h->req_len += len; res = 0; end: if (salted) { efree(salted->data); efree(salted); } return res; } int rad_add_server(struct rad_handle *h, const char *host, int port, const char *secret, int timeout, int tries) { struct rad_server *srvp; if (h->num_servers >= MAXSERVERS) { generr(h, "Too many RADIUS servers specified"); return -1; } srvp = &h->servers[h->num_servers]; memset(&srvp->addr, 0, sizeof srvp->addr); srvp->addr.sin_family = AF_INET; if (!inet_aton(host, &srvp->addr.sin_addr)) { struct hostent *hent; if ((hent = gethostbyname(host)) == NULL) { generr(h, "%s: host not found", host); return -1; } memcpy(&srvp->addr.sin_addr, hent->h_addr, sizeof srvp->addr.sin_addr); } if (port != 0) srvp->addr.sin_port = htons((short) port); else { struct servent *sent; if (h->type == RADIUS_AUTH) srvp->addr.sin_port = (sent = getservbyname("radius", "udp")) != NULL ? sent->s_port : htons(RADIUS_PORT); else srvp->addr.sin_port = (sent = getservbyname("radacct", "udp")) != NULL ? sent->s_port : htons(RADACCT_PORT); } if ((srvp->secret = strdup(secret)) == NULL) { generr(h, "Out of memory"); return -1; } srvp->timeout = timeout; srvp->max_tries = tries; srvp->num_tries = 0; h->num_servers++; return 0; } void rad_close(struct rad_handle *h) { int srv; if (h->fd != -1) close(h->fd); for (srv = 0; srv < h->num_servers; srv++) { memset(h->servers[srv].secret, 0, strlen(h->servers[srv].secret)); free(h->servers[srv].secret); } clear_password(h); free(h); } int rad_config(struct rad_handle *h, const char *path) { FILE *fp; char buf[MAXCONFLINE]; int linenum; int retval; if (path == NULL) path = PATH_RADIUS_CONF; if ((fp = fopen(path, "r")) == NULL) { generr(h, "Cannot open \"%s\": %s", path, strerror(errno)); return -1; } retval = 0; linenum = 0; while (fgets(buf, sizeof buf, fp) != NULL) { int len; char *fields[5]; int nfields; char msg[ERRSIZE]; char *type; char *host, *res; char *port_str; char *secret; char *timeout_str; char *maxtries_str; char *end; char *wanttype; unsigned long timeout; unsigned long maxtries; int port; int i; linenum++; len = strlen(buf); /* We know len > 0, else fgets would have returned NULL. */ if (buf[len - 1] != '\n' && !(buf[len - 2] != '\r' && buf[len - 1] != '\n')) { if (len == sizeof buf - 1) generr(h, "%s:%d: line too long", path, linenum); else generr(h, "%s:%d: missing newline", path, linenum); retval = -1; break; } buf[len - 1] = '\0'; /* Extract the fields from the line. */ nfields = split(buf, fields, 5, msg, sizeof msg); if (nfields == -1) { generr(h, "%s:%d: %s", path, linenum, msg); retval = -1; break; } if (nfields == 0) continue; /* * The first field should contain "auth" or "acct" for * authentication or accounting, respectively. But older * versions of the file didn't have that field. Default * it to "auth" for backward compatibility. */ if (strcmp(fields[0], "auth") != 0 && strcmp(fields[0], "acct") != 0) { if (nfields >= 5) { generr(h, "%s:%d: invalid service type", path, linenum); retval = -1; break; } nfields++; for (i = nfields; --i > 0; ) fields[i] = fields[i - 1]; fields[0] = "auth"; } if (nfields < 3) { generr(h, "%s:%d: missing shared secret", path, linenum); retval = -1; break; } type = fields[0]; host = fields[1]; secret = fields[2]; timeout_str = fields[3]; maxtries_str = fields[4]; /* Ignore the line if it is for the wrong service type. */ wanttype = h->type == RADIUS_AUTH ? "auth" : "acct"; if (strcmp(type, wanttype) != 0) continue; /* Parse and validate the fields. */ res = host; host = strsep(&res, ":"); port_str = strsep(&res, ":"); if (port_str != NULL) { port = strtoul(port_str, &end, 10); if (*end != '\0') { generr(h, "%s:%d: invalid port", path, linenum); retval = -1; break; } } else port = 0; if (timeout_str != NULL) { timeout = strtoul(timeout_str, &end, 10); if (*end != '\0') { generr(h, "%s:%d: invalid timeout", path, linenum); retval = -1; break; } } else timeout = TIMEOUT; if (maxtries_str != NULL) { maxtries = strtoul(maxtries_str, &end, 10); if (*end != '\0') { generr(h, "%s:%d: invalid maxtries", path, linenum); retval = -1; break; } } else maxtries = MAXTRIES; if (rad_add_server(h, host, port, secret, timeout, maxtries) == -1) { strcpy(msg, h->errmsg); generr(h, "%s:%d: %s", path, linenum, msg); retval = -1; break; } } /* Clear out the buffer to wipe a possible copy of a shared secret */ memset(buf, 0, sizeof buf); fclose(fp); return retval; } /* * rad_init_send_request() must have previously been called. * Returns: * 0 The application should select on *fd with a timeout of tv before * calling rad_continue_send_request again. * < 0 Failure * > 0 Success */ int rad_continue_send_request(struct rad_handle *h, int selected, int *fd, struct timeval *tv) { int n; if (selected) { struct sockaddr_in from; int fromlen; fromlen = sizeof from; h->resp_len = recvfrom(h->fd, h->response, MSGSIZE, MSG_WAITALL, (struct sockaddr *)&from, &fromlen); if (h->resp_len == -1) { #ifdef PHP_WIN32 generr(h, "recfrom: %d", WSAGetLastError()); #else generr(h, "recvfrom: %s", strerror(errno)); #endif return -1; } if (is_valid_response(h, h->srv, &from)) { h->resp_len = h->response[POS_LENGTH] << 8 | h->response[POS_LENGTH+1]; h->resp_pos = POS_ATTRS; return h->response[POS_CODE]; } } if (h->try == h->total_tries) { generr(h, "No valid RADIUS responses received"); return -1; } /* * Scan round-robin to the next server that has some * tries left. There is guaranteed to be one, or we * would have exited this loop by now. */ while (h->servers[h->srv].num_tries >= h->servers[h->srv].max_tries) if (++h->srv >= h->num_servers) h->srv = 0; if (h->request[POS_CODE] == RAD_ACCOUNTING_REQUEST || h->request[POS_CODE] == RAD_COA_REQUEST || h->request[POS_CODE] == RAD_COA_ACK || h->request[POS_CODE] == RAD_COA_NAK || h->request[POS_CODE] == RAD_DISCONNECT_REQUEST || h->request[POS_CODE] == RAD_DISCONNECT_ACK || h->request[POS_CODE] == RAD_DISCONNECT_NAK) /* Insert the request authenticator into the request */ insert_request_authenticator(h, h->srv); else /* Insert the scrambled password into the request */ if (h->pass_pos != 0) insert_scrambled_password(h, h->srv); /* Send the request */ n = sendto(h->fd, h->request, h->req_len, 0, (const struct sockaddr *)&h->servers[h->srv].addr, sizeof h->servers[h->srv].addr); if (n != h->req_len) { if (n == -1) #ifdef PHP_WIN32 generr(h, "sendto: %d", WSAGetLastError()); #else generr(h, "sendto: %s", strerror(errno)); #endif else generr(h, "sendto: short write"); return -1; } h->try++; h->servers[h->srv].num_tries++; tv->tv_sec = h->servers[h->srv].timeout; tv->tv_usec = 0; *fd = h->fd; return 0; } int rad_create_request(struct rad_handle *h, int code) { int i; h->request[POS_CODE] = code; h->request[POS_IDENT] = ++h->ident; /* Create a random authenticator */ for (i = 0; i < LEN_AUTH; i += 2) { long r; TSRMLS_FETCH(); r = php_rand(TSRMLS_C); h->request[POS_AUTH+i] = (unsigned char) r; h->request[POS_AUTH+i+1] = (unsigned char) (r >> 8); } h->req_len = POS_ATTRS; h->request_created = 1; clear_password(h); return 0; } struct in_addr rad_cvt_addr(const void *data) { struct in_addr value; memcpy(&value.s_addr, data, sizeof value.s_addr); return value; } u_int32_t rad_cvt_int(const void *data) { u_int32_t value; memcpy(&value, data, sizeof value); return ntohl(value); } char * rad_cvt_string(const void *data, size_t len) { char *s; s = malloc(len + 1); if (s != NULL) { memcpy(s, data, len); s[len] = '\0'; } return s; } /* * Returns the attribute type. If none are left, returns 0. On failure, * returns -1. */ int rad_get_attr(struct rad_handle *h, const void **value, size_t *len) { int type; if (h->resp_len == 0) { generr(h, "No response has been received"); return -1; } if (h->resp_pos >= h->resp_len) return 0; if (h->resp_pos + 2 > h->resp_len) { generr(h, "Malformed attribute in response"); return -1; } type = h->response[h->resp_pos++]; *len = h->response[h->resp_pos++] - 2; if (h->resp_pos + (int) *len > h->resp_len) { generr(h, "Malformed attribute in response"); return -1; } *value = &h->response[h->resp_pos]; h->resp_pos += *len; return type; } /* * Returns -1 on error, 0 to indicate no event and >0 for success */ int rad_init_send_request(struct rad_handle *h, int *fd, struct timeval *tv) { int srv; /* Make sure we have a socket to use */ if (h->fd == -1) { struct sockaddr_in sin; if ((h->fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1) { #ifdef PHP_WIN32 generr(h, "Cannot create socket: %d", WSAGetLastError()); #else generr(h, "Cannot create socket: %s", strerror(errno)); #endif return -1; } memset(&sin, 0, sizeof sin); sin.sin_family = AF_INET; sin.sin_addr.s_addr = INADDR_ANY; sin.sin_port = htons(0); if (bind(h->fd, (const struct sockaddr *)&sin, sizeof sin) == -1) { #ifdef PHP_WIN32 generr(h, "bind: %d", WSAGetLastError()); #else generr(h, "bind: %s", strerror(errno)); #endif close(h->fd); h->fd = -1; return -1; } } if (h->request[POS_CODE] == RAD_ACCOUNTING_REQUEST || h->request[POS_CODE] == RAD_COA_REQUEST || h->request[POS_CODE] == RAD_COA_ACK || h->request[POS_CODE] == RAD_COA_NAK || h->request[POS_CODE] == RAD_DISCONNECT_REQUEST || h->request[POS_CODE] == RAD_DISCONNECT_ACK || h->request[POS_CODE] == RAD_DISCONNECT_NAK) { /* Make sure no password given */ if (h->pass_pos || h->chap_pass) { generr(h, "User or Chap Password in non-access request"); return -1; } } else { /* Make sure the user gave us a password */ if (h->pass_pos == 0 && !h->chap_pass) { generr(h, "No User or Chap Password attributes given"); return -1; } if (h->pass_pos != 0 && h->chap_pass) { generr(h, "Both User and Chap Password attributes given"); return -1; } } /* Fill in the length field in the message */ h->request[POS_LENGTH] = h->req_len >> 8; h->request[POS_LENGTH+1] = h->req_len; /* * Count the total number of tries we will make, and zero the * counter for each server. */ h->total_tries = 0; for (srv = 0; srv < h->num_servers; srv++) { h->total_tries += h->servers[srv].max_tries; h->servers[srv].num_tries = 0; } if (h->total_tries == 0) { generr(h, "No RADIUS servers specified"); return -1; } h->try = h->srv = 0; return rad_continue_send_request(h, 0, fd, tv); } /* * Create and initialize a rad_handle structure, and return it to the * caller. Can fail only if the necessary memory cannot be allocated. * In that case, it returns NULL. */ struct rad_handle * rad_auth_open(void) { struct rad_handle *h; h = (struct rad_handle *)malloc(sizeof(struct rad_handle)); if (h != NULL) { TSRMLS_FETCH(); php_srand(time(NULL) * getpid() * (unsigned long) (php_combined_lcg(TSRMLS_C) * 10000.0) TSRMLS_CC); h->fd = -1; h->num_servers = 0; h->ident = php_rand(TSRMLS_C); h->errmsg[0] = '\0'; memset(h->request, 0, sizeof h->request); h->req_len = 0; memset(h->pass, 0, sizeof h->pass); h->pass_len = 0; h->pass_pos = 0; h->chap_pass = 0; h->type = RADIUS_AUTH; h->request_created = 0; h->resp_len = 0; h->srv = 0; } return h; } struct rad_handle * rad_acct_open(void) { struct rad_handle *h; h = rad_open(); if (h != NULL) h->type = RADIUS_ACCT; return h; } struct rad_handle * rad_open(void) { return rad_auth_open(); } int rad_put_addr(struct rad_handle *h, int type, struct in_addr addr, const struct rad_attr_options *options) { return rad_put_attr(h, type, &addr.s_addr, sizeof addr.s_addr, options); } int rad_put_attr(struct rad_handle *h, int type, const void *value, size_t len, const struct rad_attr_options *options) { int result; if (!h->request_created) { generr(h, "Please call rad_create_request()"); return -1; } if (type == RAD_USER_PASSWORD) result = put_password_attr(h, type, value, len, options); else { result = put_raw_attr(h, type, value, len, options); if (result == 0 && type == RAD_CHAP_PASSWORD) h->chap_pass = 1; } return result; } int rad_put_int(struct rad_handle *h, int type, u_int32_t value, const struct rad_attr_options *options) { u_int32_t nvalue; nvalue = htonl(value); return rad_put_attr(h, type, &nvalue, sizeof nvalue, options); } int rad_put_string(struct rad_handle *h, int type, const char *str, const struct rad_attr_options *options) { return rad_put_attr(h, type, str, strlen(str), options); } /* * Returns the response type code on success, or -1 on failure. */ int rad_send_request(struct rad_handle *h) { struct timeval timelimit; struct timeval tv; int fd; int n; n = rad_init_send_request(h, &fd, &tv); if (n != 0) return n; gettimeofday(&timelimit, NULL); timeradd(&tv, &timelimit, &timelimit); for ( ; ; ) { fd_set readfds; FD_ZERO(&readfds); FD_SET(fd, &readfds); n = select(fd + 1, &readfds, NULL, NULL, &tv); if (n == -1) { generr(h, "select: %s", strerror(errno)); return -1; } if (!FD_ISSET(fd, &readfds)) { /* Compute a new timeout */ gettimeofday(&tv, NULL); timersub(&timelimit, &tv, &tv); if (tv.tv_sec > 0 || (tv.tv_sec == 0 && tv.tv_usec > 0)) /* Continue the select */ continue; } n = rad_continue_send_request(h, n, &fd, &tv); if (n != 0) return n; gettimeofday(&timelimit, NULL); timeradd(&tv, &timelimit, &timelimit); } } const char * rad_strerror(struct rad_handle *h) { return h->errmsg; } /* * Destructively split a string into fields separated by white space. * `#' at the beginning of a field begins a comment that extends to the * end of the string. Fields may be quoted with `"'. Inside quoted * strings, the backslash escapes `\"' and `\\' are honored. * * Pointers to up to the first maxfields fields are stored in the fields * array. Missing fields get NULL pointers. * * The return value is the actual number of fields parsed, and is always * <= maxfields. * * On a syntax error, places a message in the msg string, and returns -1. */ static int split(char *str, char *fields[], int maxfields, char *msg, size_t msglen) { char *p; int i; static const char ws[] = " \t"; for (i = 0; i < maxfields; i++) fields[i] = NULL; p = str; i = 0; while (*p != '\0') { p += strspn(p, ws); if (*p == '#' || *p == '\0') break; if (i >= maxfields) { snprintf(msg, msglen, "line has too many fields"); return -1; } if (*p == '"') { char *dst; dst = ++p; fields[i] = dst; while (*p != '"') { if (*p == '\\') { p++; if (*p != '"' && *p != '\\' && *p != '\0') { snprintf(msg, msglen, "invalid `\\' escape"); return -1; } } if (*p == '\0') { snprintf(msg, msglen, "unterminated quoted string"); return -1; } *dst++ = *p++; } *dst = '\0'; p++; if (*fields[i] == '\0') { snprintf(msg, msglen, "empty quoted string not permitted"); return -1; } if (*p != '\0' && strspn(p, ws) == 0) { snprintf(msg, msglen, "quoted string not" " followed by white space"); return -1; } } else { fields[i] = p; p += strcspn(p, ws); if (*p != '\0') *p++ = '\0'; } i++; } return i; } int rad_get_vendor_attr(u_int32_t *vendor, unsigned char *type, const void **data, size_t *len, const void *raw, size_t raw_len) { struct vendor_attribute *attr; if (raw_len < sizeof(struct vendor_attribute)) { return -1; } attr = (struct vendor_attribute *) raw; *vendor = ntohl(attr->vendor_value); *type = attr->attrib_type; *data = attr->attrib_data; *len = attr->attrib_len - 2; if ((attr->attrib_len + 4) > raw_len) { return -1; } return (attr->attrib_type); } int rad_put_vendor_addr(struct rad_handle *h, int vendor, int type, struct in_addr addr, const struct rad_attr_options *options) { return (rad_put_vendor_attr(h, vendor, type, &addr.s_addr, sizeof addr.s_addr, options)); } int rad_put_vendor_attr(struct rad_handle *h, int vendor, int type, const void *value, size_t len, const struct rad_attr_options *options) { const void *actual_value = value; struct vendor_attribute *attr = NULL; struct rad_attr_options generic_options; int res = -1; struct rad_salted_value *salted = NULL; size_t va_len = len + 6; if (!h->request_created) { generr(h, "Please call rad_create_request()"); return -1; } /* Initialise the options that will be passed through to * put_raw_attr(). */ generic_options.options = options->options; generic_options.tag = 0; /* Salting needs to be done on the vendor specific attribute. */ if (options->options & RAD_OPTION_SALT) { generic_options.options &= ~RAD_OPTION_SALT; salted = emalloc(sizeof(struct rad_salted_value)); if (rad_salt_value(h, value, len, salted) == -1) { goto end; } else { actual_value = salted->data; len = salted->len; va_len = len + 6; } } if (options->options & RAD_OPTION_TAG) { va_len++; } /* OK, allocate and start building the attribute. */ attr = emalloc(va_len); if (attr == NULL) { generr(h, "malloc failure (%d bytes)", va_len); goto end; } attr->vendor_value = htonl(vendor); attr->attrib_type = type; attr->attrib_len = va_len - 4; /* Similarly, tagging needs to occur within the vendor specific * attribute, rather than the generic attribute. */ if (options->options & RAD_OPTION_TAG) { generic_options.options &= ~RAD_OPTION_TAG; attr->attrib_data[0] = options->tag; memcpy(attr->attrib_data + 1, actual_value, len); } else { memcpy(attr->attrib_data, actual_value, len); } res = put_raw_attr(h, RAD_VENDOR_SPECIFIC, attr, va_len, &generic_options); if (res == 0 && vendor == RAD_VENDOR_MICROSOFT && (type == RAD_MICROSOFT_MS_CHAP_RESPONSE || type == RAD_MICROSOFT_MS_CHAP2_RESPONSE)) { h->chap_pass = 1; } end: if (attr) { efree(attr); } if (salted) { efree(salted->data); efree(salted); } return res; } int rad_put_vendor_int(struct rad_handle *h, int vendor, int type, u_int32_t i, const struct rad_attr_options *options) { u_int32_t value; value = htonl(i); return (rad_put_vendor_attr(h, vendor, type, &value, sizeof value, options)); } int rad_put_vendor_string(struct rad_handle *h, int vendor, int type, const char *str, const struct rad_attr_options *options) { return (rad_put_vendor_attr(h, vendor, type, str, strlen(str), options)); } ssize_t rad_request_authenticator(struct rad_handle *h, char *buf, size_t len) { if (len < LEN_AUTH) return (-1); memcpy(buf, h->request + POS_AUTH, LEN_AUTH); if (len > LEN_AUTH) buf[LEN_AUTH] = '\0'; return (LEN_AUTH); } const char * rad_server_secret(struct rad_handle *h) { if (h->srv >= h->num_servers) { generr(h, "No RADIUS servers specified"); return NULL; } return (h->servers[h->srv].secret); } int rad_demangle(struct rad_handle *h, const void *mangled, size_t mlen, u_char *demangled) { char R[LEN_AUTH]; const char *S; int i, Ppos; MD5_CTX Context; u_char b[16], *C; if ((mlen % 16 != 0) || (mlen > 128)) { generr(h, "Cannot interpret mangled data of length %ld", (u_long)mlen); return -1; } C = (u_char *)mangled; /* We need the shared secret as Salt */ S = rad_server_secret(h); /* We need the request authenticator */ if (rad_request_authenticator(h, R, sizeof R) != LEN_AUTH) { generr(h, "Cannot obtain the RADIUS request authenticator"); return -1; } MD5Init(&Context); MD5Update(&Context, S, strlen(S)); MD5Update(&Context, R, LEN_AUTH); MD5Final(b, &Context); Ppos = 0; while (mlen) { mlen -= 16; for (i = 0; i < 16; i++) demangled[Ppos++] = C[i] ^ b[i]; if (mlen) { MD5Init(&Context); MD5Update(&Context, S, strlen(S)); MD5Update(&Context, C, 16); MD5Final(b, &Context); } C += 16; } return 0; } int rad_demangle_mppe_key(struct rad_handle *h, const void *mangled, size_t mlen, u_char *demangled, size_t *len) { char R[LEN_AUTH]; /* variable names as per rfc2548 */ const char *S; u_char b[16]; const u_char *A, *C; MD5_CTX Context; int Slen, i, Clen, Ppos; u_char *P; if (mlen % 16 != SALT_LEN) { generr(h, "Cannot interpret mangled data of length %ld", (u_long)mlen); return -1; } /* We need the RADIUS Request-Authenticator */ if (rad_request_authenticator(h, R, sizeof R) != LEN_AUTH) { generr(h, "Cannot obtain the RADIUS request authenticator"); return -1; } A = (const u_char *)mangled; /* Salt comes first */ C = (const u_char *)mangled + SALT_LEN; /* Then the ciphertext */ Clen = mlen - SALT_LEN; S = rad_server_secret(h); /* We need the RADIUS secret */ Slen = strlen(S); P = alloca(Clen); /* We derive our plaintext */ MD5Init(&Context); MD5Update(&Context, S, Slen); MD5Update(&Context, R, LEN_AUTH); MD5Update(&Context, A, SALT_LEN); MD5Final(b, &Context); Ppos = 0; while (Clen) { Clen -= 16; for (i = 0; i < 16; i++) P[Ppos++] = C[i] ^ b[i]; if (Clen) { MD5Init(&Context); MD5Update(&Context, S, Slen); MD5Update(&Context, C, 16); MD5Final(b, &Context); } C += 16; } /* * The resulting plain text consists of a one-byte length, the text and * maybe some padding. */ *len = *P; if (*len > mlen - 1) { generr(h, "Mangled data seems to be garbage %d %d", *len, mlen-1); return -1; } if (*len > MPPE_KEY_LEN) { generr(h, "Key to long (%d) for me max. %d", *len, MPPE_KEY_LEN); return -1; } memcpy(demangled, P + 1, *len); return 0; } int rad_salt_value(struct rad_handle *h, const char *in, size_t len, struct rad_salted_value *out) { char authenticator[16]; size_t i; char intermediate[16]; const char *in_pos; MD5_CTX md5; char *out_pos; php_uint32 random; size_t salted_len; const char *secret; TSRMLS_FETCH(); if (len == 0) { out->len = 0; out->data = NULL; return 0; } /* Calculate the padded salted value length. */ salted_len = len; if ((salted_len & 0x0f) != 0) { salted_len += 0x0f; salted_len &= ~0x0f; } /* 250 because there's a five byte overhead: one byte for type, one for * length, two for the salt, and one for the encrypted value length, * and the maximum RADIUS attribute size is 255 bytes. */ if (salted_len > 250) { generr(h, "Value is too long to be salt-encrypted"); return -1; } /* Actually allocate the buffer. */ out->len = salted_len + 3; out->data = emalloc(out->len); if (out->data == NULL) { return -1; } memset(out->data, 0, out->len); /* Grab the request authenticator. */ if (rad_request_authenticator(h, authenticator, sizeof authenticator) != sizeof authenticator) { generr(h, "Cannot obtain the RADIUS request authenticator"); goto err; } /* Grab the server secret. */ secret = rad_server_secret(h); if (secret == NULL) { generr(h, "Cannot obtain the RADIUS server secret"); goto err; } /* Generate a random number to use as the salt. */ random = php_rand(TSRMLS_C); /* The RFC requires that the high bit of the salt be 1. Otherwise, * let's set up the header. */ out->data[0] = (unsigned char) random | 0x80; out->data[1] = (unsigned char) (random >> 8); out->data[2] = (unsigned char) salted_len; /* OK, let's get cracking on this. We have to calculate what the RFC * calls b1 first. */ MD5Init(&md5); MD5Update(&md5, secret, strlen(secret)); MD5Update(&md5, authenticator, sizeof authenticator); MD5Update(&md5, out->data, 2); MD5Final(intermediate, &md5); /* XOR the first chunk. */ in_pos = in - 1; out_pos = out->data + 2; for (i = 0; i < 16; i++) { if (in_pos < (in + len)) { *(++out_pos) = *(++in_pos) ^ intermediate[i]; } else { *(++out_pos) = '\0' ^ intermediate[i]; } } /* Now walk over the rest of the input. */ while (in_pos < (in + len)) { MD5Init(&md5); MD5Update(&md5, secret, strlen(secret)); MD5Update(&md5, out_pos - 15, 16); MD5Final(intermediate, &md5); for (i = 0; i < 16; i++) { if (in_pos < (in + len)) { *(++out_pos) = *(++in_pos) ^ intermediate[i]; } else { *(++out_pos) = '\0' ^ intermediate[i]; } } } return 0; err: efree(out->data); out->data = NULL; out->len = 0; return -1; } /* vim: set ts=8 sw=8 noet: */ radius-1.4.0b1/radlib.h0000644000076600000240000002240112660365266014172 0ustar aharveystaff/*- * Copyright 1998 Juniper Networks, Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD: src/lib/libradius/radlib.h,v 1.3.2.1 2002/06/17 02:24:57 brian Exp $ */ #ifndef _RADLIB_H_ #define _RADLIB_H_ #ifndef PHP_WIN32 #include #include #endif #include "radlib_compat.h" /* Message types */ #define RAD_ACCESS_REQUEST 1 #define RAD_ACCESS_ACCEPT 2 #define RAD_ACCESS_REJECT 3 #define RAD_ACCOUNTING_REQUEST 4 #define RAD_ACCOUNTING_RESPONSE 5 #define RAD_ACCESS_CHALLENGE 11 #define RAD_DISCONNECT_REQUEST 40 #define RAD_DISCONNECT_ACK 41 #define RAD_DISCONNECT_NAK 42 #define RAD_COA_REQUEST 43 #define RAD_COA_ACK 44 #define RAD_COA_NAK 45 /* Attribute types and values */ #define RAD_USER_NAME 1 /* String */ #define RAD_USER_PASSWORD 2 /* String */ #define RAD_CHAP_PASSWORD 3 /* String */ #define RAD_NAS_IP_ADDRESS 4 /* IP address */ #define RAD_NAS_PORT 5 /* Integer */ #define RAD_SERVICE_TYPE 6 /* Integer */ #define RAD_LOGIN 1 #define RAD_FRAMED 2 #define RAD_CALLBACK_LOGIN 3 #define RAD_CALLBACK_FRAMED 4 #define RAD_OUTBOUND 5 #define RAD_ADMINISTRATIVE 6 #define RAD_NAS_PROMPT 7 #define RAD_AUTHENTICATE_ONLY 8 #define RAD_CALLBACK_NAS_PROMPT 9 #define RAD_FRAMED_PROTOCOL 7 /* Integer */ #define RAD_PPP 1 #define RAD_SLIP 2 #define RAD_ARAP 3 /* Appletalk */ #define RAD_GANDALF 4 #define RAD_XYLOGICS 5 #define RAD_FRAMED_IP_ADDRESS 8 /* IP address */ #define RAD_FRAMED_IP_NETMASK 9 /* IP address */ #define RAD_FRAMED_ROUTING 10 /* Integer */ #define RAD_FILTER_ID 11 /* String */ #define RAD_FRAMED_MTU 12 /* Integer */ #define RAD_FRAMED_COMPRESSION 13 /* Integer */ #define RAD_COMP_NONE 0 #define RAD_COMP_VJ 1 #define RAD_COMP_IPXHDR 2 #define RAD_LOGIN_IP_HOST 14 /* IP address */ #define RAD_LOGIN_SERVICE 15 /* Integer */ #define RAD_LOGIN_TCP_PORT 16 /* Integer */ /* unassiged 17 */ #define RAD_REPLY_MESSAGE 18 /* String */ #define RAD_CALLBACK_NUMBER 19 /* String */ #define RAD_CALLBACK_ID 20 /* String */ /* unassiged 21 */ #define RAD_FRAMED_ROUTE 22 /* String */ #define RAD_FRAMED_IPX_NETWORK 23 /* IP address */ #define RAD_STATE 24 /* String */ #define RAD_CLASS 25 /* Integer */ #define RAD_VENDOR_SPECIFIC 26 /* Integer */ #define RAD_SESSION_TIMEOUT 27 /* Integer */ #define RAD_IDLE_TIMEOUT 28 /* Integer */ #define RAD_TERMINATION_ACTION 29 /* Integer */ #define RAD_CALLED_STATION_ID 30 /* String */ #define RAD_CALLING_STATION_ID 31 /* String */ #define RAD_NAS_IDENTIFIER 32 /* Integer */ #define RAD_PROXY_STATE 33 /* Integer */ #define RAD_LOGIN_LAT_SERVICE 34 /* Integer */ #define RAD_LOGIN_LAT_NODE 35 /* Integer */ #define RAD_LOGIN_LAT_GROUP 36 /* Integer */ #define RAD_FRAMED_APPLETALK_LINK 37 /* Integer */ #define RAD_FRAMED_APPLETALK_NETWORK 38 /* Integer */ #define RAD_FRAMED_APPLETALK_ZONE 39 /* Integer */ /* reserved for accounting 40-59 */ #define RAD_CHAP_CHALLENGE 60 /* String */ #define RAD_NAS_PORT_TYPE 61 /* Integer */ #define RAD_ASYNC 0 #define RAD_SYNC 1 #define RAD_ISDN_SYNC 2 #define RAD_ISDN_ASYNC_V120 3 #define RAD_ISDN_ASYNC_V110 4 #define RAD_VIRTUAL 5 #define RAD_PIAFS 6 #define RAD_HDLC_CLEAR_CHANNEL 7 #define RAD_X_25 8 #define RAD_X_75 9 #define RAD_G_3_FAX 10 #define RAD_SDSL 11 #define RAD_ADSL_CAP 12 #define RAD_ADSL_DMT 13 #define RAD_IDSL 14 #define RAD_ETHERNET 15 #define RAD_XDSL 16 #define RAD_CABLE 17 #define RAD_WIRELESS_OTHER 18 #define RAD_WIRELESS_IEEE_802_11 19 #define RAD_PORT_LIMIT 62 /* Integer */ #define RAD_LOGIN_LAT_PORT 63 /* Integer */ #define RAD_CONNECT_INFO 77 /* String */ #define RAD_NAS_IPV6_ADDRESS 95 /* IPv6 address */ #define RAD_FRAMED_INTERFACE_ID 96 /* 8 octets */ #define RAD_FRAMED_IPV6_PREFIX 97 /* Octets */ #define RAD_LOGIN_IPV6_HOST 98 /* IPv6 address */ #define RAD_FRAMED_IPV6_ROUTE 99 /* String */ #define RAD_FRAMED_IPV6_POOL 100 /* String */ /* Accounting attribute types and values */ #define RAD_ACCT_STATUS_TYPE 40 /* Integer */ #define RAD_START 1 #define RAD_STOP 2 #define RAD_ACCOUNTING_ON 7 #define RAD_ACCOUNTING_OFF 8 #define RAD_ACCT_DELAY_TIME 41 /* Integer */ #define RAD_ACCT_INPUT_OCTETS 42 /* Integer */ #define RAD_ACCT_OUTPUT_OCTETS 43 /* Integer */ #define RAD_ACCT_SESSION_ID 44 /* String */ #define RAD_ACCT_AUTHENTIC 45 /* Integer */ #define RAD_AUTH_RADIUS 1 #define RAD_AUTH_LOCAL 2 #define RAD_AUTH_REMOTE 3 #define RAD_ACCT_SESSION_TIME 46 /* Integer */ #define RAD_ACCT_INPUT_PACKETS 47 /* Integer */ #define RAD_ACCT_OUTPUT_PACKETS 48 /* Integer */ #define RAD_ACCT_TERMINATE_CAUSE 49 /* Integer */ #define RAD_TERM_USER_REQUEST 1 #define RAD_TERM_LOST_CARRIER 2 #define RAD_TERM_LOST_SERVICE 3 #define RAD_TERM_IDLE_TIMEOUT 4 #define RAD_TERM_SESSION_TIMEOUT 5 #define RAD_TERM_ADMIN_RESET 6 #define RAD_TERM_ADMIN_REBOOT 7 #define RAD_TERM_PORT_ERROR 8 #define RAD_TERM_NAS_ERROR 9 #define RAD_TERM_NAS_REQUEST 10 #define RAD_TERM_NAS_REBOOT 11 #define RAD_TERM_PORT_UNNEEDED 12 #define RAD_TERM_PORT_PREEMPTED 13 #define RAD_TERM_PORT_SUSPENDED 14 #define RAD_TERM_SERVICE_UNAVAILABLE 15 #define RAD_TERM_CALLBACK 16 #define RAD_TERM_USER_ERROR 17 #define RAD_TERM_HOST_REQUEST 18 #define RAD_ACCT_MULTI_SESSION_ID 50 /* String */ #define RAD_ACCT_LINK_COUNT 51 /* Integer */ /* Disconnect and CoA attributes */ #define RAD_ERROR_CAUSE 101 /* Integer */ #define RAD_ERROR_CAUSE_RESIDUAL_SESSION_CONTEXT_REMOVED 201 #define RAD_ERROR_CAUSE_INVALID_EAP_PACKET 202 #define RAD_ERROR_CAUSE_UNSUPPORTED_ATTRIBUTE 401 #define RAD_ERROR_CAUSE_MISSING_ATTRIBUTE 402 #define RAD_ERROR_CAUSE_NAS_IDENTIFICATION_MISMATCH 403 #define RAD_ERROR_CAUSE_INVALID_REQUEST 404 #define RAD_ERROR_CAUSE_UNSUPPORTED_SERVICE 405 #define RAD_ERROR_CAUSE_UNSUPPORTED_EXCEPTION 406 #define RAD_ERROR_CAUSE_ADMINISTRATIVELY_PROHIBITED 501 #define RAD_ERROR_CAUSE_REQUEST_NOT_ROUTABLE 502 #define RAD_ERROR_CAUSE_SESSION_CONTEXT_NOT_FOUND 503 #define RAD_ERROR_CAUSE_SESSION_CONTEXT_NOT_REMOVABLE 504 #define RAD_ERROR_CAUSE_OTHER_PROXY_PROCESSING_ERROR 505 #define RAD_ERROR_CAUSE_RESOURCES_UNAVAILABLE 506 #define RAD_ERROR_CAUSE_REQUEST_INITIATED 507 #define RAD_OPTION_NONE 0 #define RAD_OPTION_TAG (1 << 0) #define RAD_OPTION_SALT (1 << 1) struct rad_handle; struct timeval; struct rad_attr_options { int options; unsigned char tag; }; struct rad_salted_value { size_t len; char *data; }; struct rad_handle *rad_acct_open(void); int rad_add_server(struct rad_handle *, const char *, int, const char *, int, int); struct rad_handle *rad_auth_open(void); void rad_close(struct rad_handle *); int rad_config(struct rad_handle *, const char *); int rad_continue_send_request(struct rad_handle *, int, int *, struct timeval *); int rad_create_request(struct rad_handle *, int); struct in_addr rad_cvt_addr(const void *); u_int32_t rad_cvt_int(const void *); char *rad_cvt_string(const void *, size_t); int rad_get_attr(struct rad_handle *, const void **, size_t *); int rad_init_send_request(struct rad_handle *, int *, struct timeval *); struct rad_handle *rad_open(void); /* Deprecated, == rad_auth_open */ int rad_put_addr(struct rad_handle *, int, struct in_addr, const struct rad_attr_options *); int rad_put_attr(struct rad_handle *, int, const void *, size_t, const struct rad_attr_options *); int rad_put_int(struct rad_handle *, int, u_int32_t, const struct rad_attr_options *); int rad_put_string(struct rad_handle *, int, const char *, const struct rad_attr_options *); ssize_t rad_request_authenticator(struct rad_handle *, char *, size_t); int rad_send_request(struct rad_handle *); const char *rad_server_secret(struct rad_handle *); const char *rad_strerror(struct rad_handle *); int rad_demangle(struct rad_handle *, const void *, size_t, u_char *); int rad_salt_value(struct rad_handle *, const char *, size_t, struct rad_salted_value *); #endif /* _RADLIB_H_ */ /* vim: set ts=8 sw=8 noet: */ radius-1.4.0b1/radlib_compat.c0000644000076600000240000000431312660365266015532 0ustar aharveystaff/* Copyright (c) 2003, Michael Bretterklieber All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This code cannot simply be copied and put under the GNU Public License or any other GPL-like (LGPL, GPL2) License. $Id$ */ #include #include "php.h" #include "time.h" int inet_aton(const char *cp, struct in_addr *inp) { inp->s_addr = inet_addr(cp); if (inp->s_addr == INADDR_NONE) { return 0; } return 1; } char *strsep(char **stringp, const char *delim) { char *s; const char *spanp; int c, sc; char *tok; if ((s = *stringp) == NULL) return (NULL); for (tok = s;;) { c = *s++; spanp = delim; do { if ((sc = *spanp++) == c) { if (c == 0) s = NULL; else s[-1] = 0; *stringp = s; return (tok); } } while (sc != 0); } /* NOTREACHED */ } /* vim: set ts=8 sw=8 noet: */ radius-1.4.0b1/radlib_compat.h0000644000076600000240000000532712660365266015545 0ustar aharveystaff/* Copyright (c) 2003, Michael Bretterklieber All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This code cannot simply be copied and put under the GNU Public License or any other GPL-like (LGPL, GPL2) License. $Id$ */ #ifndef _RADLIB_COMPAT_H_ #define _RADLIB_COMPAT_H_ #ifdef HAVE_CONFIG_H #include "config.h" #endif #include "php.h" #include "ext/standard/php_rand.h" #include "ext/standard/php_standard.h" #define MPPE_KEY_LEN 16 #ifndef HAVE_U_INT32_T typedef unsigned int u_int32_t; #endif #ifdef PHP_WIN32 int inet_aton(const char *cp, struct in_addr *inp); char *strsep(char **stringp, const char *delim); #define MSG_WAITALL 0 #include "php_network.h" #endif #ifndef __printflike #define __printflike(fmtarg, firstvararg) #endif #ifndef timeradd #define timeradd(tvp, uvp, vvp) \ do { \ (vvp)->tv_sec = (tvp)->tv_sec + (uvp)->tv_sec; \ (vvp)->tv_usec = (tvp)->tv_usec + (uvp)->tv_usec; \ if ((vvp)->tv_usec >= 1000000) { \ (vvp)->tv_sec++; \ (vvp)->tv_usec -= 1000000; \ } \ } while (0) #endif #ifndef timersub #define timersub(tvp, uvp, vvp) \ do { \ (vvp)->tv_sec = (tvp)->tv_sec - (uvp)->tv_sec; \ (vvp)->tv_usec = (tvp)->tv_usec - (uvp)->tv_usec; \ if ((vvp)->tv_usec < 0) { \ (vvp)->tv_sec--; \ (vvp)->tv_usec += 1000000; \ } \ } while (0) #endif #endif /* vim: set ts=8 sw=8 noet: */ radius-1.4.0b1/radlib_md5.h0000644000076600000240000000345012660365266014742 0ustar aharveystaff/* Copyright (c) 2003, Michael Bretterklieber All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This code cannot simply be copied and put under the GNU Public License or any other GPL-like (LGPL, GPL2) License. $Id$ */ #include "php.h" #include "ext/standard/md5.h" #define MD5Init PHP_MD5Init #define MD5Update PHP_MD5Update #define MD5Final PHP_MD5Final #define MD5_CTX PHP_MD5_CTX /* vim: set ts=8 sw=8 noet: */ radius-1.4.0b1/radlib_private.h0000644000076600000240000001004012660365266015720 0ustar aharveystaff/*- * Copyright 1998 Juniper Networks, Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD: src/lib/libradius/radlib_private.h,v 1.4.2.1 2002/06/17 02:24:57 brian Exp $ */ #ifndef RADLIB_PRIVATE_H #define RADLIB_PRIVATE_H #include #ifndef PHP_WIN32 #include #endif #include "radlib_compat.h" #include "radlib.h" #include "radlib_vs.h" /* Handle types */ #define RADIUS_AUTH 0 /* RADIUS authentication, default */ #define RADIUS_ACCT 1 /* RADIUS accounting */ /* Defaults */ #define MAXTRIES 3 #define PATH_RADIUS_CONF "/etc/radius.conf" #define RADIUS_PORT 1812 #define RADACCT_PORT 1813 #define TIMEOUT 3 /* In seconds */ /* Limits */ #define ERRSIZE 128 /* Maximum error message length */ #define MAXCONFLINE 1024 /* Maximum config file line length */ #define MAXSERVERS 10 /* Maximum number of servers to try */ #define MSGSIZE 4096 /* Maximum RADIUS message */ #define PASSSIZE 128 /* Maximum significant password chars */ /* Positions of fields in RADIUS messages */ #define POS_CODE 0 /* Message code */ #define POS_IDENT 1 /* Identifier */ #define POS_LENGTH 2 /* Message length */ #define POS_AUTH 4 /* Authenticator */ #define LEN_AUTH 16 /* Length of authenticator */ #define POS_ATTRS 20 /* Start of attributes */ struct rad_server { struct sockaddr_in addr; /* Address of server */ char *secret; /* Shared secret */ int timeout; /* Timeout in seconds */ int max_tries; /* Number of tries before giving up */ int num_tries; /* Number of tries so far */ }; struct rad_handle { int fd; /* Socket file descriptor */ struct rad_server servers[MAXSERVERS]; /* Servers to contact */ int num_servers; /* Number of valid server entries */ int ident; /* Current identifier value */ char errmsg[ERRSIZE]; /* Most recent error message */ unsigned char request[MSGSIZE]; /* Request to send */ char request_created; /* rad_create_request() called? */ int req_len; /* Length of request */ char pass[PASSSIZE]; /* Cleartext password */ int pass_len; /* Length of cleartext password */ int pass_pos; /* Position of scrambled password */ char chap_pass; /* Have we got a CHAP_PASSWORD ? */ unsigned char response[MSGSIZE]; /* Response received */ int resp_len; /* Length of response */ int resp_pos; /* Current position scanning attrs */ int total_tries; /* How many requests we'll send */ int try; /* How many requests we've sent */ int srv; /* Server number we did last */ int type; /* Handle type */ }; struct vendor_attribute { u_int32_t vendor_value; u_char attrib_type; u_char attrib_len; u_char attrib_data[1]; }; struct vendor_attribute_tag { u_int32_t vendor_value; u_char attrib_type; u_char attrib_len; u_char attrib_tag; u_char attrib_data[1]; }; #endif /* vim: set ts=8 sw=8 noet: */ radius-1.4.0b1/radlib_vs.h0000644000076600000240000000745112660365266014712 0ustar aharveystaff/*- * Copyright (c) 2002-2003 Brian Somers * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD: src/lib/libradius/radlib_vs.h,v 1.2.2.1 2002/06/17 02:24:57 brian Exp $ */ #ifndef _RADLIB_VS_H_ #define _RADLIB_VS_H_ #include #ifndef PHP_WIN32 #include #endif #include "radlib_compat.h" #define RAD_VENDOR_MICROSOFT 311 /* rfc2548 */ #define RAD_MICROSOFT_MS_CHAP_RESPONSE 1 #define RAD_MICROSOFT_MS_CHAP_ERROR 2 #define RAD_MICROSOFT_MS_CHAP_PW_1 3 #define RAD_MICROSOFT_MS_CHAP_PW_2 4 #define RAD_MICROSOFT_MS_CHAP_LM_ENC_PW 5 #define RAD_MICROSOFT_MS_CHAP_NT_ENC_PW 6 #define RAD_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY 7 #define RAD_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES 8 #define RAD_MICROSOFT_MS_RAS_VENDOR 9 #define RAD_MICROSOFT_MS_CHAP_DOMAIN 10 #define RAD_MICROSOFT_MS_CHAP_CHALLENGE 11 #define RAD_MICROSOFT_MS_CHAP_MPPE_KEYS 12 #define RAD_MICROSOFT_MS_BAP_USAGE 13 #define RAD_MICROSOFT_MS_LINK_UTILIZATION_THRESHOLD 14 #define RAD_MICROSOFT_MS_LINK_DROP_TIME_LIMIT 15 #define RAD_MICROSOFT_MS_MPPE_SEND_KEY 16 #define RAD_MICROSOFT_MS_MPPE_RECV_KEY 17 #define RAD_MICROSOFT_MS_RAS_VERSION 18 #define RAD_MICROSOFT_MS_OLD_ARAP_PASSWORD 19 #define RAD_MICROSOFT_MS_NEW_ARAP_PASSWORD 20 #define RAD_MICROSOFT_MS_ARAP_PASSWORD_CHANGE_REASON 21 #define RAD_MICROSOFT_MS_FILTER 22 #define RAD_MICROSOFT_MS_ACCT_AUTH_TYPE 23 #define RAD_MICROSOFT_MS_ACCT_EAP_TYPE 24 #define RAD_MICROSOFT_MS_CHAP2_RESPONSE 25 #define RAD_MICROSOFT_MS_CHAP2_SUCCESS 26 #define RAD_MICROSOFT_MS_CHAP2_PW 27 #define RAD_MICROSOFT_MS_PRIMARY_DNS_SERVER 28 #define RAD_MICROSOFT_MS_SECONDARY_DNS_SERVER 29 #define RAD_MICROSOFT_MS_PRIMARY_NBNS_SERVER 30 #define RAD_MICROSOFT_MS_SECONDARY_NBNS_SERVER 31 #define RAD_MICROSOFT_MS_ARAP_CHALLENGE 33 #define SALT_LEN 2 struct rad_attr_options; struct rad_handle; int rad_get_vendor_attr(u_int32_t *, unsigned char *, const void **, size_t *, const void *, size_t); int rad_put_vendor_addr(struct rad_handle *, int, int, struct in_addr, const struct rad_attr_options *); int rad_put_vendor_attr(struct rad_handle *, int, int, const void *, size_t, const struct rad_attr_options *); int rad_put_vendor_int(struct rad_handle *, int, int, u_int32_t, const struct rad_attr_options *); int rad_put_vendor_string(struct rad_handle *, int, int, const char *, const struct rad_attr_options *); int rad_demangle_mppe_key(struct rad_handle *, const void *, size_t, u_char *, size_t *); #endif /* _RADLIB_VS_H_ */ /* vim: set ts=8 sw=8 noet: */