Kea 3.1.8
radius.h
Go to the documentation of this file.
1// Copyright (C) 2020-2026 Internet Systems Consortium, Inc. ("ISC")
2//
3// This Source Code Form is subject to the terms of the Mozilla Public
4// License, v. 2.0. If a copy of the MPL was not distributed with this
5// file, You can obtain one at http://mozilla.org/MPL/2.0/.
6
7#ifndef RADIUS_H
8#define RADIUS_H
9
10#include <cfg_attribute.h>
11#include <client_exchange.h>
12#include <radius_backend.h>
13#include <exceptions/exceptions.h>
14#include <cc/data.h>
15#include <asiolink/asio_wrapper.h>
16#include <asiolink/io_service.h>
17#include <asiolink/io_service_thread_pool.h>
18#include <dhcpsrv/cache_host_data_source.h>
19#include <dhcpsrv/host.h>
20#include <tcp/tcp_client.h>
21
22#include <boost/noncopyable.hpp>
23#include <boost/shared_ptr.hpp>
24
25#include <atomic>
26#include <list>
27#include <map>
28#include <mutex>
29#include <thread>
30#include <unordered_set>
31#include <vector>
32
33namespace isc {
34namespace radius {
35
39class UdpClient {
40public:
47 UdpClient(const asiolink::IOServicePtr& io_service,
48 unsigned thread_pool_size = 0);
49
51 ~UdpClient();
52
54 void start();
55
60 void stop();
61
67 void checkPermissions();
68
72 void pause();
73
77 void resume();
78
84 const asiolink::IOServicePtr getThreadIOService() const;
85
89 unsigned getThreadPoolSize() const;
90
94 void registerExchange(ExchangePtr exchange);
95
99 void unregisterExchange(ExchangePtr exchange);
100
101private:
103 isc::asiolink::IOServicePtr io_service_;
104
106 unsigned thread_pool_size_;
107
109 isc::asiolink::IOServicePtr thread_io_service_;
110
112 asiolink::IoServiceThreadPoolPtr thread_pool_;
113
115 std::list<ExchangePtr> exchange_list_;
116
118 std::mutex mutex_;
119};
120
122typedef boost::shared_ptr<UdpClient> UdpClientPtr;
123
126static const uint32_t SUBNET_ID_DEFAULT = 0;
127
129class RadiusTls;
130
132class RadiusAccess;
133
135class RadiusAccounting;
136
138class RadiusImpl;
139typedef boost::shared_ptr<RadiusImpl> RadiusImplPtr;
140
142class RadiusImpl : public data::CfgToElement, public boost::noncopyable {
143public:
144
149 static RadiusImpl& instance();
150
152 ~RadiusImpl();
153
155 void reset();
156
161 void init(data::ElementPtr& config);
162
166 void checkEarlyGlobalResvLookup();
167
176 void checkSharedNetworks();
177
189 bool checkHostBackends();
190
194 void startServices();
195
199 bool serveAccess() const;
200
204 bool serveAccounting() const;
205
209 const Servers& getAccessServers() const;
210
214 const Servers& getAccountingServers() const;
215
217 void setAccessIdleTimer();
218
220 void setAccountingIdleTimer();
221
225 isc::asiolink::IOServicePtr getIOContext() {
226 return (io_context_);
227 }
228
232 void setIOContext(isc::asiolink::IOServicePtr io_service) {
233 io_context_ = io_service;
234 }
235
239 isc::asiolink::IOServicePtr getIOService() {
240 return (io_service_);
241 }
242
246 void setIOService(isc::asiolink::IOServicePtr io_service) {
247 io_service_ = io_service;
248 }
249
253 data::ElementPtr toElement() const override;
254
258 void registerExchange(ExchangePtr exchange);
259
263 void unregisterExchange(ExchangePtr exchange);
264
266 std::string dictionary_;
267
269 RadiusProtocol proto_;
270
272 UdpClientPtr udp_client_;
273
275 isc::tcp::TcpClientPtr tcp_client_;
276
278 std::map<uint32_t, uint32_t> remap_;
279
281 boost::shared_ptr<RadiusTls> tls_;
282
284 boost::shared_ptr<RadiusAccess> auth_;
285
287 boost::shared_ptr<RadiusAccounting> acct_;
288
290 dhcp::CacheHostDataSourcePtr cache_;
291
293 RadiusBackendPtr backend_;
294
296 std::string bindaddr_;
297
299 bool canonical_mac_address_;
300
302 bool clientid_pop0_;
303
305 bool clientid_printable_;
306
308 unsigned deadtime_;
309
311 bool extract_duid_;
312
314 bool reselect_subnet_pool_;
315
317 bool reselect_subnet_address_;
318
320 unsigned retries_;
321
323 std::string session_history_filename_;
324
326 unsigned thread_pool_size_;
327
329 unsigned timeout_;
330
332 dhcp::Host::IdentifierType id_type4_;
333
335 dhcp::Host::IdentifierType id_type6_;
336
338 bool use_message_authenticator_;
339
341 static std::atomic<bool> shutdown_;
342
343protected:
345 RadiusImpl();
346
350 static const RadiusImplPtr& instancePtr();
351
353 void cleanup();
354
355private:
356
358 isc::asiolink::IOServicePtr io_context_;
359
361 isc::asiolink::IOServicePtr io_service_;
362};
363
365class InHook {
366public:
370 InHook();
371
375 ~InHook();
376
378 static bool check();
379
380private:
382 static std::unordered_set<std::thread::id> set_;
383
385 static std::mutex mutex_;
386};
387
388} // end of namespace isc::radius
389} // end of namespace isc
390
391#endif
asio_wrapper.h
cache_host_data_source.h
cfg_attribute.h
isc::dhcp::Host::IdentifierType
IdentifierType
Type of the host identifier.
Definition host.h:337
isc::radius::InHook::~InHook
~InHook()
Destructor.
Definition radius.cc:684
isc::radius::InHook::check
static bool check()
Check if the current thread is in hook code or not.
Definition radius.cc:693
isc::radius::InHook::InHook
InHook()
Constructor.
Definition radius.cc:675
isc::radius::RadiusAccess
Radius access class.
Definition radius_access.h:164
isc::radius::RadiusAccounting
Radius accounting class.
Definition radius_accounting.h:180
isc::radius::RadiusImpl
Radius hooks library implementation.
Definition radius.h:142
isc::radius::RadiusImpl::shutdown_
static std::atomic< bool > shutdown_
Flag which indicates that the instance is shutting down.
Definition radius.h:341
isc::radius::RadiusImpl::thread_pool_size_
unsigned thread_pool_size_
Thread pool size.
Definition radius.h:326
isc::radius::RadiusImpl::~RadiusImpl
~RadiusImpl()
Destructor.
Definition radius.cc:187
isc::radius::RadiusImpl::checkSharedNetworks
void checkSharedNetworks()
Check shared network server configuration.
Definition radius.cc:497
isc::radius::RadiusImpl::dictionary_
std::string dictionary_
Dictionary path.
Definition radius.h:266
isc::radius::RadiusImpl::checkHostBackends
bool checkHostBackends()
Check host backends (cache and radius).
Definition radius.cc:551
isc::radius::RadiusImpl::RadiusImpl
RadiusImpl()
Protected constructor.
Definition radius.cc:173
isc::radius::RadiusImpl::tls_
boost::shared_ptr< RadiusTls > tls_
Pointer to tls (never null).
Definition radius.h:281
isc::radius::RadiusImpl::cache_
dhcp::CacheHostDataSourcePtr cache_
Host cache.
Definition radius.h:290
isc::radius::RadiusImpl::bindaddr_
std::string bindaddr_
bindaddr.
Definition radius.h:296
isc::radius::RadiusImpl::clientid_pop0_
bool clientid_pop0_
Client Id pop leading zero(s).
Definition radius.h:302
isc::radius::RadiusImpl::getIOContext
isc::asiolink::IOServicePtr getIOContext()
Get the hook I/O service.
Definition radius.h:225
isc::radius::RadiusImpl::setAccountingIdleTimer
void setAccountingIdleTimer()
Set the accounting idle timer.
Definition radius.cc:420
isc::radius::RadiusImpl::getAccessServers
const Servers & getAccessServers() const
Get servers for access.
Definition radius.cc:390
isc::radius::RadiusImpl::id_type4_
dhcp::Host::IdentifierType id_type4_
Identifier type for IPv4.
Definition radius.h:332
isc::radius::RadiusImpl::reset
void reset()
Reset the state as it was just created.
Definition radius.cc:263
isc::radius::RadiusImpl::unregisterExchange
void unregisterExchange(ExchangePtr exchange)
Unregister Exchange.
Definition radius.cc:202
isc::radius::RadiusImpl::reselect_subnet_address_
bool reselect_subnet_address_
Reselect subnet using address.
Definition radius.h:317
isc::radius::RadiusImpl::init
void init(data::ElementPtr &config)
Initialize.
Definition radius.cc:269
isc::radius::RadiusImpl::registerExchange
void registerExchange(ExchangePtr exchange)
Register Exchange.
Definition radius.cc:196
isc::radius::RadiusImpl::auth_
boost::shared_ptr< RadiusAccess > auth_
Pointer to access (never null).
Definition radius.h:284
isc::radius::RadiusImpl::extract_duid_
bool extract_duid_
Extract Duid from Client Id.
Definition radius.h:311
isc::radius::RadiusImpl::startServices
void startServices()
Start the I/O mechanisms.
Definition radius.cc:295
isc::radius::RadiusImpl::timeout_
unsigned timeout_
Timeout.
Definition radius.h:329
isc::radius::RadiusImpl::id_type6_
dhcp::Host::IdentifierType id_type6_
Identifier type for IPv6.
Definition radius.h:335
isc::radius::RadiusImpl::canonical_mac_address_
bool canonical_mac_address_
Canonical MAC address.
Definition radius.h:299
isc::radius::RadiusImpl::deadtime_
unsigned deadtime_
Deadtime.
Definition radius.h:308
isc::radius::RadiusImpl::serveAccounting
bool serveAccounting() const
Check if accounting is served.
Definition radius.cc:376
isc::radius::RadiusImpl::backend_
RadiusBackendPtr backend_
Radius backend.
Definition radius.h:293
isc::radius::RadiusImpl::acct_
boost::shared_ptr< RadiusAccounting > acct_
Pointer to accounting (never null).
Definition radius.h:287
isc::radius::RadiusImpl::cleanup
void cleanup()
Clean up members.
Definition radius.cc:208
isc::radius::RadiusImpl::toElement
data::ElementPtr toElement() const override
Unparse implementation configuration.
Definition radius.cc:585
isc::radius::RadiusImpl::retries_
unsigned retries_
Retries.
Definition radius.h:320
isc::radius::RadiusImpl::remap_
std::map< uint32_t, uint32_t > remap_
Subnet ID to NAS port map.
Definition radius.h:278
isc::radius::RadiusImpl::udp_client_
UdpClientPtr udp_client_
UDP client.
Definition radius.h:272
isc::radius::RadiusImpl::instancePtr
static const RadiusImplPtr & instancePtr()
Returns pointer to the sole instance of radius implementation.
Definition radius.cc:168
isc::radius::RadiusImpl::getAccountingServers
const Servers & getAccountingServers() const
Get servers for accounting.
Definition radius.cc:399
isc::radius::RadiusImpl::session_history_filename_
std::string session_history_filename_
Session history filename.
Definition radius.h:323
isc::radius::RadiusImpl::setIOContext
void setIOContext(isc::asiolink::IOServicePtr io_service)
Set the hook I/O service.
Definition radius.h:232
isc::radius::RadiusImpl::setAccessIdleTimer
void setAccessIdleTimer()
Set the access idle timer.
Definition radius.cc:408
isc::radius::RadiusImpl::reselect_subnet_pool_
bool reselect_subnet_pool_
Reselect subnet using pool.
Definition radius.h:314
isc::radius::RadiusImpl::tcp_client_
isc::tcp::TcpClientPtr tcp_client_
TCP client.
Definition radius.h:275
isc::radius::RadiusImpl::checkEarlyGlobalResvLookup
void checkEarlyGlobalResvLookup()
Check the early global host reservations lookup flag.
Definition radius.cc:488
isc::radius::RadiusImpl::clientid_printable_
bool clientid_printable_
Client Id try printable.
Definition radius.h:305
isc::radius::RadiusImpl::setIOService
void setIOService(isc::asiolink::IOServicePtr io_service)
Set the hook I/O service.
Definition radius.h:246
isc::radius::RadiusImpl::proto_
RadiusProtocol proto_
Transport protocol.
Definition radius.h:269
isc::radius::RadiusImpl::getIOService
isc::asiolink::IOServicePtr getIOService()
Get the hook I/O service.
Definition radius.h:239
isc::radius::RadiusImpl::instance
static RadiusImpl & instance()
RadiusImpl is a singleton class.
Definition radius.cc:163
isc::radius::RadiusImpl::serveAccess
bool serveAccess() const
Check if access is served.
Definition radius.cc:362
isc::radius::RadiusImpl::use_message_authenticator_
bool use_message_authenticator_
Use Message-Authenticator attribute.
Definition radius.h:338
isc::radius::RadiusTls
Radius service for TLS transport.
Definition radius_tls.h:16
isc::radius::UdpClient::registerExchange
void registerExchange(ExchangePtr exchange)
Register Exchange.
Definition radius.cc:149
isc::radius::UdpClient::unregisterExchange
void unregisterExchange(ExchangePtr exchange)
Unregister Exchange.
Definition radius.cc:155
isc::radius::UdpClient::~UdpClient
~UdpClient()
Destructor.
Definition radius.cc:56
isc::radius::UdpClient::getThreadIOService
const asiolink::IOServicePtr getThreadIOService() const
Fetches a pointer to the internal IOService used to drive the thread-pool in multi-threaded mode.
Definition radius.cc:66
isc::radius::UdpClient::checkPermissions
void checkPermissions()
Check if the current thread can perform thread pool state transition.
Definition radius.cc:100
isc::radius::UdpClient::resume
void resume()
Resumes running the client's thread pool.
Definition radius.cc:135
isc::radius::UdpClient::stop
void stop()
Halts client-side IO activity.
Definition radius.cc:81
isc::radius::UdpClient::UdpClient
UdpClient(const asiolink::IOServicePtr &io_service, unsigned thread_pool_size=0)
Constructor.
Definition radius.cc:36
isc::radius::UdpClient::pause
void pause()
Pauses the client's thread pool.
Definition radius.cc:120
isc::radius::UdpClient::start
void start()
Starts running the client's thread pool, if multi-threaded.
Definition radius.cc:71
isc::radius::UdpClient::getThreadPoolSize
unsigned getThreadPoolSize() const
Fetches the maximum size of the thread pool.
Definition radius.cc:61
client_exchange.h
io_service.h
io_service_thread_pool.h
isc::data::ElementPtr
boost::shared_ptr< Element > ElementPtr
Definition data.h:29
isc::dhcp::CacheHostDataSourcePtr
boost::shared_ptr< CacheHostDataSource > CacheHostDataSourcePtr
CacheHostDataSource pointer.
Definition cache_host_data_source.h:63
isc::radius::RadiusImplPtr
boost::shared_ptr< RadiusImpl > RadiusImplPtr
Definition radius.h:139
isc::radius::UdpClientPtr
boost::shared_ptr< UdpClient > UdpClientPtr
Pointer to UDP client.
Definition radius.h:122
isc::radius::RadiusProtocol
RadiusProtocol
Transport protocols.
Definition client_server.h:44
isc::radius::Servers
std::vector< ServerPtr > Servers
Type of RADIUS server collection.
Definition client_server.h:228
isc::radius::ExchangePtr
boost::shared_ptr< Exchange > ExchangePtr
Type of shared pointers to RADIUS exchange object.
Definition client_exchange.h:55
isc::radius::RadiusBackendPtr
boost::shared_ptr< RadiusBackend > RadiusBackendPtr
Pointer to host backend.
Definition radius_backend.h:349
isc::tcp::TcpClientPtr
boost::shared_ptr< TcpClient > TcpClientPtr
Defines a pointer to an TcpClient instance.
Definition tcp_client.h:346
isc
Defines the logger used by the top-level component of kea-lfc.
Definition check_exists_add.cc:18
radius_backend.h
isc::data::CfgToElement
Abstract class for configuration Cfg_* classes.
Definition cfg_to_element.h:29
tcp_client.h