From f6dc1d4206f58405add2a7a21761f4ea4ed840f2 Mon Sep 17 00:00:00 2001 From: jdp Date: Sun, 31 Oct 1999 04:47:59 +0000 Subject: Add support for RADIUS accounting. Note, this changes the format of the /etc/radius.conf file. But the code contains hacks for backward compatibility, so old files will continue to work. I updated the man pages and made a couple of minor changes, but everything else was submitted by Oleg. PR: misc/14284 Submitted by: Oleg Semyonov --- lib/libradius/libradius.3 | 56 +++++++++++++++++++++++++++++++++-------------- 1 file changed, 39 insertions(+), 17 deletions(-) (limited to 'lib/libradius/libradius.3') diff --git a/lib/libradius/libradius.3 b/lib/libradius/libradius.3 index 15e6851..cd06e7e 100644 --- a/lib/libradius/libradius.3 +++ b/lib/libradius/libradius.3 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 29, 1998 +.Dd October 30, 1999 .Dt LIBRADIUS 3 .Os FreeBSD .Sh NAME @@ -32,8 +32,12 @@ .Nd RADIUS client library .Sh SYNOPSIS .Fd #include +.Ft struct rad_handle * +.Fn rad_acct_open "void" .Ft int .Fn rad_add_server "struct rad_handle *h" "const char *host" "int port" "const char *secret" "int timeout" "int max_tries" +.Ft struct rad_handle * +.Fn rad_auth_open "void" .Ft void .Fn rad_close "struct rad_handle *h" .Ft int @@ -52,8 +56,6 @@ .Fn rad_get_attr "struct rad_handle *h" "const void **data" "size_t *len" .Ft int .Fn rad_init_send_request "struct rad_handle *h" "int *fd" "struct timeval *tv" -.Ft struct rad_handle * -.Fn rad_open "void" .Ft int .Fn rad_put_addr "struct rad_handle *h" "int type" "struct in_addr addr" .Ft int @@ -69,23 +71,31 @@ .Sh DESCRIPTION The .Nm -library implements the client side of the Remote Authentication -Dial In User Service (RADIUS). RADIUS, defined in RFC 2138, allows -clients to perform authentication by means of network requests to -remote authentication servers. +library implements the client side of the Remote Authentication Dial +In User Service (RADIUS). RADIUS, defined in RFCs 2138 and 2139, +allows clients to perform authentication and accounting by means of +network requests to remote servers. .Sh INITIALIZATION To use the library, an application must first call -.Fn rad_open +.Fn rad_auth_open +or +.Fn rad_acct_open to obtain a .Va struct rad_handle * , which provides the context for subsequent operations. +The former function is used for RADIUS authentication and the +latter is used for RADIUS accounting. Calls to -.Fn rad_open +.Fn rad_auth_open +and +.Fn rad_acct_open always succeed unless insufficient virtual memory is available. If -the necessary memory cannot be allocated, -.Fn rad_open -returns +the necessary memory cannot be allocated, the functions return .Dv NULL . +For compatibility with earlier versions of this library, +.Fn rad_open +is provided as a synonym for +.Fn rad_auth_open . .Pp Before issuing any RADIUS requests, the library must be made aware of the servers it can contact. The easiest way to configure the @@ -119,9 +129,12 @@ parameter specifies the UDP port to contact on the server. If .Va port is given as 0, the library looks up the .Ql radius/udp +or +.Ql radacct/udp service in the network services database, and uses the port found -there. If no entry is found, the library uses port 1812, the standard -RADIUS port. The shared secret for the server host is passed to the +there. If no entry is found, the library uses the standard RADIUS +ports, 1812 for authentication and 1813 for accounting. +The shared secret for the server host is passed to the .Va secret parameter. It may be any NUL-terminated string of bytes. The RADIUS protocol @@ -346,9 +359,11 @@ without recording an error message. .Pp .Bl -item -offset indent -compact .It -.Fn rad_cvt_string +.Fn rad_acct_open .It -.Fn rad_open +.Fn rad_auth_open +.It +.Fn rad_cvt_string .El .Sh FILES .Pa /etc/radius.conf @@ -359,7 +374,14 @@ without recording an error message. .%T Remote Authentication Dial In User Service (RADIUS) .%O RFC 2138 .Re +.Rs +.%A C. Rigney +.%T RADIUS Accounting +.%O RFC 2139 +.Re .Sh AUTHORS -This software was written by +This software was originally written by .An John Polstra , and donated to the FreeBSD project by Juniper Networks, Inc. +Oleg Semyonov subsequently added the ability to perform RADIUS +accounting. -- cgit v1.1