Add the following functions:

  rad_request_authenticator()
    Returns the Request-Authenticator relevant to the most recently received
    RADIUS response.

  rad_server_secret()
    Returns the Shared Secret relevant to the most recently received
    RADIUS response.

Neither of these functions should be necessary, however, the
MS-MPPE-Recv-Key and MS-MPPE-Send-Key Microsoft Vendor Specific
attributes are supplied in a mangled (encrypted) format, requiring
this information to demangle.

It's not clear whether these functions should be replaced with a
rad_demangle() function or whether these attributes are one-offs.

Sponsored by: Monzoon

1 files changed, 25 insertions, 0 deletions

diff --git a/lib/libradius/libradius.3 b/lib/libradius/libradius.3
index 24fdd4d..9291c38 100644
--- a/lib/libradius/libradius.3
+++ b/lib/libradius/libradius.3
@@ -74,9 +74,13 @@
 .Fn rad_put_vendor_int "struct rad_handle *h" "int vendor" "int type" "u_int32_t value"
 .Ft int
 .Fn rad_put_vendor_string "struct rad_handle *h" "int vendor" "int type" "const char *str"
+.Ft ssize_t
+.Fn rad_request_authenticator "struct rad_handle *h" "char *buf" "size_t len"
 .Ft int
 .Fn rad_send_request "struct rad_handle *h"
 .Ft const char *
+.Fn rad_server_secret "struct rad_handle *h"
+.Ft const char *
 .Fn rad_strerror "struct rad_handle *h"
 .Sh DESCRIPTION
 The
@@ -343,6 +347,27 @@ returns
 and
 .Fn rad_cvt_int
 cannot fail.
+.Pp
+The
+.Fn rad_request_authenticator
+function may be used to obtain the Request-Authenticator attribute value
+associated with the current RADIUS server according to the supplied
+rad_handle.
+The target buffer
+.Ar buf
+of length
+.Ar len
+must be supplied and should be at least 16 bytes.
+The return value is the number of bytes written to
+.Ar buf
+or -1 to indicate that
+.Ar len
+was not large enough.
+.Pp
+The
+.Fn rad_server_secret
+returns the secret shared with the current RADIUS server according to the
+supplied rad_handle.
 .Sh OBTAINING ERROR MESSAGES
 Those functions which accept a
 .Va struct rad_handle *