aaa.h revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright (c) 1999-2001 by Sun Microsystems, Inc.
* All rights reserved.
*/
#ifndef _AAA_H
#define _AAA_H
#pragma ident "%Z%%M% %I% %E% SMI"
/*
* aaa.h -- AAA defines and structures (Diameter interface)
*/
#ifdef __cplusplus
extern "C" {
#endif
/*
* If the following is defined, the foreign agent will communicate directly
* with the home agent, (using a proxy) but will still use the diameter API
* protocol. The only changes to the code will be the handling the different
* messages, and the generation of keys.
*
* #define TEST_DIAMETER
*/
/*
* These constants are used to control where AAA looks for the diameter
* server.
*/
#define LOOPBACK "127.0.0.1"
#define AAA_PORT 769
#define MAX_SERVER_NAME_LEN 1024
#ifndef MIN
#define MIN(x, y) (((x) > (y))?(y):(x))
#endif
/*
* Maximum lengths of NAIs and challenges
*/
#define MAX_NAI_LEN 256
#define MAX_CHALLENGE_LEN 16
/* Max size of an incomming or outgoing tcp packet. */
#define MAX_TCP_LEN 4096
/* biggest key to generate (for debug testing) */
#define MAX_GENERATE_KEY_LEN 16
/*
* SPI values to be used with AAA protocols.
* Currently only Radius is used.
*/
#define RADIUS_SPI 2
/*
* Diameter API defines. (from the specification
*/
typedef enum {
MOBILE_IP_OPEN_SESSION_ANSWER, /* 02 */
MOBILE_IP_OPEN_SESSION_INDICATION, /* 03 */
MOBILE_IP_ACCOUNTING_START_REQUEST, /* 05 */
MOBILE_IP_ACCOUNTING_START_ANSWER, /* 06 */
MOBILE_IP_ACCOUNTING_INTERIM_REQUEST, /* 07 */
MOBILE_IP_ACCOUNTING_INTERIM_ANSWER, /* 08 */
MOBILE_IP_ACCOUNTING_STOP_REQUEST, /* 09 */
MOBILE_IP_ACCOUNTING_STOP_ANSWER, /* 10 */
MOBILE_IP_CLOSE_SESSION_REQUEST, /* 11 */
MOBILE_IP_CLOSE_SESSION_ANSWER /* 12 */
typedef enum {
FOREIGN_AGENT_NAI, /* 02 */
REGISTRATION_REQUEST, /* 03 */
NUMBER_OF_CHALLENGE_BYTES_IN_RR, /* 04 */
MOBILE_NODE_RESPONSE, /* 05 */
MOBILE_NODE_HOME_ADDRESS, /* 06 */
HOME_AGENT_ADDRESS, /* 07 */
RESULT_CODE, /* 08 */
REGISTRATION_REPLY, /* 09 */
MN_FA_SPI, /* 10 */
MN_FA_KEY, /* 11 */
FA_HA_SPI, /* 12 */
FA_HA_KEY, /* 13 */
SESSION_TIMEOUT, /* 14 */
HA_FA_KEY, /* 15 */
FA_MN_KEY, /* 16 */
MN_HA_SPI, /* 17 */
MN_HA_KEY, /* 18 */
HA_MN_KEY, /* 19 */
SESSION_TIMEOUT_1, /* 20 */
SESSION_TIME, /* 21 */
FOREIGN_AGENT_ADDRESS, /* 22 */
MN_AAA_SPI, /* 23 */
IS_FROM_HA, /* 24 */
REV_TUN, /* 25 */
MN_HANDLE, /* 26 */
RELEASE_INDICATOR, /* 27 */
MN_FA_CHALLENGE_VALUE /* 28 */
} AAA_AVPCode;
/*
* This structure is the header of a diameter API message.
* All items are sent in network-byte-ordering.
*/
typedef struct {
} AAA_Packet;
/*
* AAA protocols API defines. (from the specification)
*/
typedef enum {
AAA_NONE = 0, /* 00 */
DIAMETER, /* 01 */
RADIUS /* 02 */
/*
* MIPResultCode is used in the protocol to communicate Mobile-IP
* specific errors. Per AAA specification.
*/
typedef enum {
MIP_SUCCESS = 0,
/*
* This structure refers to an Attribute Value Pair. The last field, data
* is really a place holder, rather than a data item. This structure is either
* allocated without a sizeof: malloc( sizeof(uint32_t) * 2 + dataLen),
* or it is used to point to the structure being returned:
* avpPtr = (AAA_AVP *)buffer;
*
* When this is used to point to a buffer, it can be moved along, byte by byte
* and the data place holder will be able to retrieve the data. This is
* necessary, since packets are variable length:
*
*
* Buffer:
*
* +-----------------------+
* | Header |
* +-----------------------+
* | First Record |
* | |
* |_________|-------------|
* | Second Record |
* |______________|--------|
*
* So, to parse the above, an AAA_AVP pointer would be set to the first record,
* the avpCode and Length would be read, and the data copied form the data
* portion of the record. Basically, this method is used so that the data
* Can be read as follows:
*
* AAA_Avp_p = (AAA_AVP *)&buffer[offset];
* code = AAA_Avp_p->code;
* length = AAA_Avp_p->length);
* memcpy(data, AAA_Avp_p->data, length - (2 * sizeof (uint32_t));
* offset += length;
*
* It could have also been done with pointer arrithmetic, but I thought it
* was harder to read/understand:
*
* code = *((uint32_t *)&buffer[offset]);
* ofset += sizeof (uint32_t);
* length = *((uint32_t *)&buffer[offset]);
* offset += sizeof (uint32_t);
* memcpy(data, &buffer[offset], length - (2 * sizeof (uint32_t));
* offset += length;
*
* (by the way -- the above code does not take into account byte alignment or
* network byte ordering, so don't cut and paste from these comments!)
*/
typedef struct {
unsigned char data[1];
} AAA_AVP;
/* This enum defines the current state of the hash node */
typedef enum {
Initialized = 0,
} AAA_State;
/* This structure is the structure that is kept in the hash */
typedef struct {
char mnNAI[MAX_NAI_LEN];
unsigned char mnChallenge[MAX_CHALLENGE_LEN];
void *messageHdr; /* RegReq from MN, used for Radius */
int startAAATaskThread();
int AAAAuthenticateRegReq(unsigned char *, uint32_t, unsigned char *,
#ifdef __cplusplus
}
#endif
#endif /* _AAA_H */