Moving charon to libcharon.
[strongswan.git] / src / libcharon / plugins / eap_radius / radius_client.h
1 /*
2 * Copyright (C) 2009 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 /**
17 * @defgroup radius_client radius_client
18 * @{ @ingroup eap_radius
19 */
20
21 #ifndef RADIUS_CLIENT_H_
22 #define RADIUS_CLIENT_H_
23
24 #include "radius_message.h"
25
26 typedef struct radius_client_t radius_client_t;
27
28 /**
29 * RADIUS client functionality.
30 *
31 * To communicate with a RADIUS server, create a client and send messages over
32 * it. All instances share a fixed size pool of sockets. The client reserves
33 * a socket during request() and releases it afterwards.
34 */
35 struct radius_client_t {
36
37 /**
38 * Send a RADIUS request and wait for the response.
39 *
40 * The client fills in RADIUS Message identifier, NAS-Identifier,
41 * NAS-Port-Type, builds a Request-Authenticator and calculates the
42 * Message-Authenticator attribute.
43 * The received response gets verified using the Response-Identifier
44 * and the Message-Authenticator attribute.
45 *
46 * @param msg RADIUS request message to send
47 * @return response, NULL if timed out/verification failed
48 */
49 radius_message_t* (*request)(radius_client_t *this, radius_message_t *msg);
50
51 /**
52 * Decrypt the MSK encoded in a messages MS-MPPE-Send/Recv-Key.
53 *
54 * @param response RADIUS response message containing attributes
55 * @param request associated RADIUS request message
56 * @return allocated MSK, empty chunk if none found
57 */
58 chunk_t (*decrypt_msk)(radius_client_t *this, radius_message_t *response,
59 radius_message_t *request);
60
61 /**
62 * Destroy the client, release the socket.
63 */
64 void (*destroy)(radius_client_t *this);
65 };
66
67 /**
68 * Create a RADIUS client, acquire a socket.
69 *
70 * This call might block if the socket pool is empty.
71 *
72 * @return radius_client_t object
73 */
74 radius_client_t *radius_client_create();
75
76 /**
77 * Initialize the socket pool.
78 *
79 * @return TRUE if initialization successful
80 */
81 bool radius_client_init();
82
83 /**
84 * Cleanup the socket pool.
85 */
86 void radius_client_cleanup();
87
88 #endif /** RADIUS_CLIENT_H_ @}*/