Kea 3.1.1
radius_access.h
Go to the documentation of this file.
1// Copyright (C) 2020-2025 Internet Systems Consortium, Inc. ("ISC")
2//
3// This Source Code Form is subject to the terms of the Mozilla Public
4// License, v. 2.0. If a copy of the MPL was not distributed with this
5// file, You can obtain one at http://mozilla.org/MPL/2.0/.
6
7#ifndef RADIUS_ACCESS_H
8#define RADIUS_ACCESS_H
9
10#include <hooks/hooks.h>
11#include <dhcp/pkt4.h>
12#include <dhcp/pkt6.h>
13#include <radius_service.h>
14#include <radius_request.h>
15#include <map>
16#include <mutex>
17
18namespace isc {
19namespace radius {
20
24template <class PktPtrType>
25class RadiusAuthPendingRequest {
26public:
27
31 RadiusAuthPendingRequest(PktPtrType query) : query_(query) { }
32
34 PktPtrType query_;
35};
36
40template <class PktPtrType>
41using RadiusAuthPendingRequestPtr =
42 boost::shared_ptr<RadiusAuthPendingRequest<PktPtrType>>;
43
47template <class PktPtrType>
48class RadiusAuthPendingRequests {
49public:
50
54 size_t size() const {
55 return (map_.size());
56 }
57
59 void clear() {
60 map_.clear();
61 }
62
67 RadiusAuthPendingRequestPtr<PktPtrType>
68 get(const std::vector<uint8_t>& id) const {
69 auto const& it = map_.find(id);
70 if (it != map_.end()) {
71 return (it->second);
72 } else {
73 return (RadiusAuthPendingRequestPtr<PktPtrType>());
74 }
75 }
76
83 void set(const std::vector<uint8_t>& id, PktPtrType query) {
84 map_[id] = RadiusAuthPendingRequestPtr<PktPtrType>(
85 new RadiusAuthPendingRequest<PktPtrType>(query));
86 }
87
91 void remove(const std::vector<uint8_t>& id) {
92 static_cast<void>(map_.erase(id));
93 }
94
95private:
97 std::map<std::vector<uint8_t>, RadiusAuthPendingRequestPtr<PktPtrType>> map_;
98
99public:
103 std::mutex mutex_;
104};
105
110class RadiusAuthEnv {
111public:
112
118 RadiusAuthEnv(uint32_t subnet_id,
119 const std::vector<uint8_t>& id,
120 AttributesPtr send_attrs);
121
123 uint32_t subnet_id_;
124
126 const std::vector<uint8_t> id_;
127
129 AttributesPtr send_attrs_;
130};
131
136class RadiusAuthHandler {
137public:
138
143 RadiusAuthHandler(RadiusAuthEnv env, const CallbackAuth& callback);
144
146 virtual ~RadiusAuthHandler() = default;
147
149 void start();
150
152 RadiusAuthEnv env_;
153
154protected:
155
157 RadiusAsyncAuthPtr auth_;
158};
159
161typedef boost::shared_ptr<RadiusAuthHandler> RadiusAuthHandlerPtr;
162
164class RadiusAccess : public RadiusService {
165public:
166
168 RadiusAccess();
169
171 virtual ~RadiusAccess() = default;
172
179 bool getIdentifier(dhcp::Pkt4& query, std::vector<uint8_t>& id,
180 std::string& text);
181
188 bool getIdentifier(dhcp::Pkt6& query, std::vector<uint8_t>& id,
189 std::string& text);
190
198 RadiusAuthHandlerPtr buildAuth(dhcp::Pkt4& query, uint32_t subnet_id,
199 const std::vector<uint8_t>& id,
200 const std::string& text);
201
209 RadiusAuthHandlerPtr buildAuth(dhcp::Pkt6& query, uint32_t subnet_id,
210 const std::vector<uint8_t>& id,
211 const std::string& text);
212
227 static bool reselectSubnet(const dhcp::Pkt4Ptr& query, uint32_t& subnet_id,
228 bool& both_global, const std::string& cclass);
229
244 static bool reselectSubnet(const dhcp::Pkt6Ptr& query, uint32_t& subnet_id,
245 bool& both_global, const std::string& cclass);
246
260 static bool reselectSubnet(const isc::dhcp::Pkt4Ptr& query,
261 uint32_t& subnet_id,
262 bool& both_global,
263 const asiolink::IOAddress& address);
264
278 static bool reselectSubnet(const isc::dhcp::Pkt6Ptr& query,
279 uint32_t& subnet_id,
280 bool& both_global,
281 const asiolink::IOAddress& address);
282
290 static void terminate4(RadiusAuthEnv env, int result,
291 AttributesPtr recv_attrs);
292
300 static void terminate6(RadiusAuthEnv env, int result,
301 AttributesPtr recv_attrs);
302
310 static void terminate4Internal(RadiusAuthEnv& env, int result,
311 AttributesPtr recv_attrs,
312 dhcp::Pkt4Ptr& query, bool& drop);
313
321 static void terminate6Internal(RadiusAuthEnv& env, int result,
322 AttributesPtr recv_attrs,
323 dhcp::Pkt6Ptr& query, bool& drop);
324
326 RadiusAuthPendingRequests<dhcp::Pkt4Ptr> requests4_;
327
329 RadiusAuthPendingRequests<dhcp::Pkt6Ptr> requests6_;
330
331};
332
333} // end of namespace isc::radius
334} // end of namespace isc
335
336#endif
isc::dhcp::Pkt4
Represents DHCPv4 packet.
Definition pkt4.h:37
isc::dhcp::Pkt6
Represents a DHCPv6 packet.
Definition pkt6.h:44
isc::radius::RadiusAccess::terminate6Internal
static void terminate6Internal(RadiusAuthEnv &env, int result, AttributesPtr recv_attrs, dhcp::Pkt6Ptr &query, bool &drop)
Termination callback body - IPv6.
Definition radius_access.cc:771
isc::radius::RadiusAccess::terminate4Internal
static void terminate4Internal(RadiusAuthEnv &env, int result, AttributesPtr recv_attrs, dhcp::Pkt4Ptr &query, bool &drop)
Termination callback body - IPv4.
Definition radius_access.cc:559
isc::radius::RadiusAccess::requests6_
RadiusAuthPendingRequests< dhcp::Pkt6Ptr > requests6_
Pending RADIUS access requests - IPv6.
Definition radius_access.h:329
isc::radius::RadiusAccess::terminate4
static void terminate4(RadiusAuthEnv env, int result, AttributesPtr recv_attrs)
Termination callback - IPv4.
Definition radius_access.cc:730
isc::radius::RadiusAccess::reselectSubnet
static bool reselectSubnet(const dhcp::Pkt4Ptr &query, uint32_t &subnet_id, bool &both_global, const std::string &cclass)
Subnet reselect - class/pool IPv4.
Definition radius_access.cc:385
isc::radius::RadiusAccess::terminate6
static void terminate6(RadiusAuthEnv env, int result, AttributesPtr recv_attrs)
Termination callback - IPv6.
Definition radius_access.cc:975
isc::radius::RadiusAccess::~RadiusAccess
virtual ~RadiusAccess()=default
Destructor.
isc::radius::RadiusAccess::getIdentifier
bool getIdentifier(dhcp::Pkt4 &query, std::vector< uint8_t > &id, std::string &text)
Get Identifier – IPv4.
Definition radius_access.cc:75
isc::radius::RadiusAccess::requests4_
RadiusAuthPendingRequests< dhcp::Pkt4Ptr > requests4_
Pending RADIUS access requests - IPv4.
Definition radius_access.h:326
isc::radius::RadiusAccess::buildAuth
RadiusAuthHandlerPtr buildAuth(dhcp::Pkt4 &query, uint32_t subnet_id, const std::vector< uint8_t > &id, const std::string &text)
Build RadiusAuth handler for Access-Request - IPv4.
Definition radius_access.cc:295
isc::radius::RadiusAuthEnv
Class of Radius access environments.
Definition radius_access.h:110
isc::radius::RadiusAuthEnv::RadiusAuthEnv
RadiusAuthEnv(uint32_t subnet_id, const std::vector< uint8_t > &id, AttributesPtr send_attrs)
Constructor.
Definition radius_access.cc:52
isc::radius::RadiusAuthEnv::id_
const std::vector< uint8_t > id_
Identifier.
Definition radius_access.h:126
isc::radius::RadiusAuthEnv::subnet_id_
uint32_t subnet_id_
Subnet Id (aka client/NAS port).
Definition radius_access.h:123
isc::radius::RadiusAuthEnv::send_attrs_
AttributesPtr send_attrs_
Attributes to send.
Definition radius_access.h:129
isc::radius::RadiusAuthHandler::RadiusAuthHandler
RadiusAuthHandler(RadiusAuthEnv env, const CallbackAuth &callback)
Constructor.
Definition radius_access.cc:58
isc::radius::RadiusAuthHandler::~RadiusAuthHandler
virtual ~RadiusAuthHandler()=default
Destructor.
isc::radius::RadiusAuthHandler::env_
RadiusAuthEnv env_
Environment.
Definition radius_access.h:152
isc::radius::RadiusAuthHandler::start
void start()
Start communication.
Definition radius_access.cc:67
isc::radius::RadiusAuthHandler::auth_
RadiusAsyncAuthPtr auth_
Pointer to the communication class.
Definition radius_access.h:157
isc::radius::RadiusAuthPendingRequest
Class of pending Radius access request.
Definition radius_access.h:25
isc::radius::RadiusAuthPendingRequest::query_
PktPtrType query_
The query which triggered the access request.
Definition radius_access.h:34
isc::radius::RadiusAuthPendingRequest::RadiusAuthPendingRequest
RadiusAuthPendingRequest(PktPtrType query)
Constructor.
Definition radius_access.h:31
isc::radius::RadiusAuthPendingRequests
Class of pending Radius access requests.
Definition radius_access.h:48
isc::radius::RadiusAuthPendingRequests::get
RadiusAuthPendingRequestPtr< PktPtrType > get(const std::vector< uint8_t > &id) const
Get a pending access request from the map.
Definition radius_access.h:68
isc::radius::RadiusAuthPendingRequests::set
void set(const std::vector< uint8_t > &id, PktPtrType query)
Set a pending access request into the map.
Definition radius_access.h:83
isc::radius::RadiusAuthPendingRequests::size
size_t size() const
Size of the map.
Definition radius_access.h:54
isc::radius::RadiusAuthPendingRequests::remove
void remove(const std::vector< uint8_t > &id)
Remove a pending access request from the map.
Definition radius_access.h:91
isc::radius::RadiusService::RadiusService
RadiusService(const std::string &name)
Constructor.
Definition radius_service.cc:18
isc::dhcp::Pkt4Ptr
boost::shared_ptr< Pkt4 > Pkt4Ptr
A pointer to Pkt4 object.
Definition pkt4.h:556
isc::dhcp::Pkt6Ptr
boost::shared_ptr< Pkt6 > Pkt6Ptr
A pointer to Pkt6 packet.
Definition pkt6.h:31
isc::radius::RadiusAuthPendingRequestPtr
boost::shared_ptr< RadiusAuthPendingRequest< PktPtrType > > RadiusAuthPendingRequestPtr
Pointer to a pending Radius access request.
Definition radius_access.h:41
isc::radius::AttributesPtr
boost::shared_ptr< Attributes > AttributesPtr
Shared pointers to attribute collection.
Definition client_attribute.h:799
isc::radius::RadiusAsyncAuthPtr
boost::shared_ptr< RadiusAsyncAuth > RadiusAsyncAuthPtr
Pointer to asynchronous authentication.
Definition radius_request.h:192
isc::radius::CallbackAuth
std::function< void(int, AttributesPtr)> CallbackAuth
Type of callback for authentication termination.
Definition radius_request.h:25
isc::radius::RadiusAuthHandlerPtr
boost::shared_ptr< RadiusAuthHandler > RadiusAuthHandlerPtr
Type of pointers to Radius access communication handler.
Definition radius_access.h:161
isc
Defines the logger used by the top-level component of kea-lfc.
Definition agent_parser.cc:148
radius_request.h
radius_service.h