All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
rlm_yubikey.h
Go to the documentation of this file.
1 #include <freeradius-devel/radiusd.h>
2 #include <freeradius-devel/modules.h>
3 #include <ctype.h>
4 
5 #include "config.h"
6 
7 #ifdef HAVE_YKCLIENT
8 #include <ykclient.h>
9 #endif
10 
11 #ifdef HAVE_YUBIKEY
12 #include <yubikey.h>
13 #endif
14 
15 #define YUBIKEY_TOKEN_LEN 32
16 
17 /*
18  * Define a structure for our module configuration.
19  *
20  * These variables do not need to be in a structure, but it's
21  * a lot cleaner to do so, and a pointer to the structure can
22  * be used as the instance handle.
23  */
24 typedef struct rlm_yubikey_t {
25  char const *name; //!< Instance name.
26  int auth_type; //!< Our Auth-Type.
27  unsigned int id_len; //!< The length of the Public ID portion of the OTP string.
28  bool split; //!< Split password string into components.
29  bool decrypt; //!< Decrypt the OTP string using the yubikey library.
30  bool validate; //!< Validate the OTP string using the ykclient library.
31  char const **uris; //!< Yubicloud URLs to validate the token against.
32 
33 #ifdef HAVE_YKCLIENT
34  unsigned int client_id; //!< Validation API client ID.
35  char const *api_key; //!< Validation API signing key.
36  ykclient_t *ykc; //!< ykclient configuration.
37  fr_connection_pool_t *pool; //!< Connection pool instance.
38 #endif
40 
41 
42 /*
43  * decrypt.c - Decryption functions
44  */
45 rlm_rcode_t rlm_yubikey_decrypt(rlm_yubikey_t *inst, REQUEST *request, char const *passcode);
46 
47 /*
48  * validate.c - Connection pool and validation functions
49  */
51 
53 
54 rlm_rcode_t rlm_yubikey_validate(rlm_yubikey_t *inst, REQUEST *request, char const *passcode);
char const * name
Instance name.
Definition: rlm_yubikey.h:25
rlm_rcode_t rlm_yubikey_validate(rlm_yubikey_t *inst, REQUEST *request, char const *passcode)
int rlm_yubikey_ykclient_detach(rlm_yubikey_t *inst)
bool validate
Validate the OTP string using the ykclient library.
Definition: rlm_yubikey.h:30
bool split
Split password string into components.
Definition: rlm_yubikey.h:28
#define inst
int rlm_yubikey_ykclient_init(CONF_SECTION *conf, rlm_yubikey_t *inst)
char const ** uris
Yubicloud URLs to validate the token against.
Definition: rlm_yubikey.h:31
enum rlm_rcodes rlm_rcode_t
Return codes indicating the result of the module call.
static rs_t * conf
Definition: radsniff.c:46
rlm_rcode_t rlm_yubikey_decrypt(rlm_yubikey_t *inst, REQUEST *request, char const *passcode)
struct rlm_yubikey_t rlm_yubikey_t
A connection pool.
Definition: connection.c:85
int auth_type
Our Auth-Type.
Definition: rlm_yubikey.h:26
unsigned int id_len
The length of the Public ID portion of the OTP string.
Definition: rlm_yubikey.h:27
bool decrypt
Decrypt the OTP string using the yubikey library.
Definition: rlm_yubikey.h:29