radius_acct_open> <qdom_tree
Last updated: Mon, 29 Oct 2007

CXXXIV. Radius

简介

This package is based on the libradius of FreeBSD. This PECL adds full support for Radius Authentication (» RFC 2865) and Radius Accounting (» RFC 2866). This package is available for Unix (tested on FreeBSD and Linux) and for Windows.

注意: An exact description for libradius can be found » here. A detailed description of the configuration file can be found » here.

安装

Howto install the package?

  • untar the package (usually into php4/ext)
  • rename radius-x.x to radius
  • run ./buildconf in php4
  • run ./configure --enable-radius
  • make; make install
or if you would like to have it as .so:
  • untar the package
  • run phpize in the radius-x.x directory
  • run ./configure in the radius-x.x directory
  • make; make install

For Windows I recommend to use the php_radius.dll from » http://snaps.php.net/. 可以从不同的 PECL 页面(选择适合自己 PHP 版本的库)取得未绑定的 PECL 扩展:» PECL for PHP 4.3.x» PECL for PHP 5.0.x » PECL Unstable

预定义常量

以下常量由本扩展模块定义,因此只有在本扩展模块被编译到 PHP 中,或者在运行时被动态加载后才有效。

RADIUS_ACCESS_REQUEST ()
Authentication Request
RADIUS_ACCESS_ACCEPT ()
Access accepted
RADIUS_ACCESS_REJECT ()
Access rejected
RADIUS_ACCOUNTING_REQUEST ()
Accounting request
RADIUS_ACCOUNTING_RESPONSE ()
Accounting response
RADIUS_ACCESS_CHALLENGE ()
Accsess challenge
RADIUS_USER_NAME (string)
Username
RADIUS_USER_PASSWORD (string)
Password
RADIUS_CHAP_PASSWORD (string)
Chap Password: chappass = md5(ident + plaintextpass + challenge)
RADIUS_NAS_IP_ADDRESS (string)
NAS IP-Adress
RADIUS_NAS_PORT (int)
NAS Port
RADIUS_SERVICE_TYPE (int)

Type of Service, one of:

RADIUS_LOGIN
RADIUS_FRAMED
RADIUS_CALLBACK_LOGIN
RADIUS_CALLBACK_FRAMED
RADIUS_OUTBOUND
RADIUS_ADMINISTRATIVE
RADIUS_NAS_PROMPT
RADIUS_AUTHENTICATE_ONLY
RADIUS_CALLBACK_NAS_PROMPT

RADIUS_FRAMED_PROTOCOL (int)

Framed Protocol, one of:

RADIUS_PPP
RADIUS_SLIP
RADIUS_ARAP
RADIUS_GANDALF
RADIUS_XYLOGICS

RADIUS_FRAMED_IP_ADDRESS (string)
IP-Address
RADIUS_FRAMED_IP_NETMASK (string)
Netmask
RADIUS_FRAMED_ROUTING (int)
Routing
RADIUS_FILTER_ID (string)
Filter ID
RADIUS_FRAMED_MTU (int)
MTU
RADIUS_FRAMED_COMPRESSION (int)

Compression, one of:

RADIUS_COMP_NONE
RADIUS_COMP_VJ
RADIUS_COMP_IPXHDR

RADIUS_LOGIN_IP_HOST (string)
Login IP Host
RADIUS_LOGIN_SERVICE (int)
Login Service
RADIUS_LOGIN_TCP_PORT (int)
Login TCP Port
RADIUS_REPLY_MESSAGE (string)
Reply Message
RADIUS_CALLBACK_NUMBER (string)
Callback Number
RADIUS_CALLBACK_ID (string)
Callback ID
RADIUS_FRAMED_ROUTE (string)
Framed Route
RADIUS_FRAMED_IPX_NETWORK (string)
Framed IPX Network
RADIUS_STATE (string)
State
RADIUS_CLASS (int)
Class
RADIUS_VENDOR_SPECIFIC (int)
Vendor specific attribute
RADIUS_SESSION_TIMEOUT (int)
Session timeout
RADIUS_IDLE_TIMEOUT (int)
Idle timeout
RADIUS_TERMINATION_ACTION (int)
Termination action
RADIUS_CALLED_STATION_ID (int)
Called Station Id
RADIUS_CALLING_STATION_ID (string)
Calling Station Id
RADIUS_NAS_IDENTIFIER (int)
NAS ID
RADIUS_PROXY_STATE (int)
Proxy State
RADIUS_LOGIN_LAT_SERVICE (int)
Login LAT Service
RADIUS_LOGIN_LAT_NODE (int)
Login LAT Node
RADIUS_LOGIN_LAT_GROUP (int)
Login LAT Group
RADIUS_FRAMED_APPLETALK_LINK (int)
Framed Appletalk Link
RADIUS_FRAMED_APPLETALK_NETWORK (int)
Framed Appletalk Network
RADIUS_FRAMED_APPLETALK_ZONE (int)
Framed Appletalk Zone
RADIUS_CHAP_CHALLENGE (string)
Challenge
RADIUS_NAS_PORT_TYPE (int)

NAS port type, one of:

RADIUS_ASYNC
RADIUS_SYNC
RADIUS_ISDN_SYNC
RADIUS_ISDN_ASYNC_V120
RADIUS_ISDN_ASYNC_V110
RADIUS_VIRTUAL
RADIUS_PIAFS
RADIUS_HDLC_CLEAR_CHANNEL
RADIUS_X_25
RADIUS_X_75
RADIUS_G_3_FAX
RADIUS_SDSL
RADIUS_ADSL_CAP
RADIUS_ADSL_DMT
RADIUS_IDSL
RADIUS_ETHERNET
RADIUS_XDSL
RADIUS_CABLE
RADIUS_WIRELESS_OTHER
RADIUS_WIRELESS_IEEE_802_11

RADIUS_PORT_LIMIT (int)
Port Limit
RADIUS_LOGIN_LAT_PORT (int)
Login LAT Port
RADIUS_CONNECT_INFO (string)
Connect info
RADIUS_ACCT_STATUS_TYPE (int)

Accounting status type, one of:

RADIUS_START
RADIUS_STOP
RADIUS_ACCOUNTING_ON
RADIUS_ACCOUNTING_OFF

RADIUS_ACCT_DELAY_TIME (int)
Accounting delay time
RADIUS_ACCT_INPUT_OCTETS (int)
Accounting input bytes
RADIUS_ACCT_OUTPUT_OCTETS (int)
Accounting output bytes
RADIUS_ACCT_SESSION_ID (int)
Accounting session ID
RADIUS_ACCT_AUTHENTIC (int)

Accounting authentic, one of:

RADIUS_AUTH_RADIUS
RADIUS_AUTH_LOCAL
RADIUS_AUTH_REMOTE

RADIUS_ACCT_SESSION_TIME (int)
Accounting session time
RADIUS_ACCT_INPUT_PACKETS (int)
Accounting input packets
RADIUS_ACCT_OUTPUT_PACKETS (int)
Accounting output packets
RADIUS_ACCT_TERMINATE_CAUSE (int)

Accounting terminate cause, one of:

RADIUS_TERM_USER_REQUEST
RADIUS_TERM_LOST_CARRIER
RADIUS_TERM_LOST_SERVICE
RADIUS_TERM_IDLE_TIMEOUT
RADIUS_TERM_SESSION_TIMEOUT
RADIUS_TERM_ADMIN_RESET
RADIUS_TERM_ADMIN_REBOOT
RADIUS_TERM_PORT_ERROR
RADIUS_TERM_NAS_ERROR
RADIUS_TERM_NAS_REQUEST
RADIUS_TERM_NAS_REBOOT
RADIUS_TERM_PORT_UNNEEDED
RADIUS_TERM_PORT_PREEMPTED
RADIUS_TERM_PORT_SUSPENDED
RADIUS_TERM_SERVICE_UNAVAILABLE
RADIUS_TERM_CALLBACK
RADIUS_TERM_USER_ERROR
RADIUS_TERM_HOST_REQUEST

RADIUS_ACCT_MULTI_SESSION_ID (string)
Accounting multi session ID
RADIUS_ACCT_LINK_COUNT (int)
Accounting link count
RADIUS_VENDOR_MICROSOFT (int)

Microsoft specific vendor attributes (» RFC 2548), one of:

RADIUS_MICROSOFT_MS_CHAP_RESPONSE
RADIUS_MICROSOFT_MS_CHAP_ERROR
RADIUS_MICROSOFT_MS_CHAP_PW_1
RADIUS_MICROSOFT_MS_CHAP_PW_2
RADIUS_MICROSOFT_MS_CHAP_LM_ENC_PW
RADIUS_MICROSOFT_MS_CHAP_NT_ENC_PW
RADIUS_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY
RADIUS_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES
RADIUS_MICROSOFT_MS_RAS_VENDOR
RADIUS_MICROSOFT_MS_CHAP_DOMAIN
RADIUS_MICROSOFT_MS_CHAP_CHALLENGE
RADIUS_MICROSOFT_MS_CHAP_MPPE_KEYS
RADIUS_MICROSOFT_MS_BAP_USAGE
RADIUS_MICROSOFT_MS_LINK_UTILIZATION_THRESHOLD
RADIUS_MICROSOFT_MS_LINK_DROP_TIME_LIMIT
RADIUS_MICROSOFT_MS_MPPE_SEND_KEY
RADIUS_MICROSOFT_MS_MPPE_RECV_KEY
RADIUS_MICROSOFT_MS_RAS_VERSION
RADIUS_MICROSOFT_MS_OLD_ARAP_PASSWORD
RADIUS_MICROSOFT_MS_NEW_ARAP_PASSWORD
RADIUS_MICROSOFT_MS_ARAP_PASSWORD_CHANGE_REASON
RADIUS_MICROSOFT_MS_FILTER
RADIUS_MICROSOFT_MS_ACCT_AUTH_TYPE
RADIUS_MICROSOFT_MS_ACCT_EAP_TYPE
RADIUS_MICROSOFT_MS_CHAP2_RESPONSE
RADIUS_MICROSOFT_MS_CHAP2_SUCCESS
RADIUS_MICROSOFT_MS_CHAP2_PW
RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER
RADIUS_MICROSOFT_MS_SECONDARY_DNS_SERVER
RADIUS_MICROSOFT_MS_PRIMARY_NBNS_SERVER
RADIUS_MICROSOFT_MS_SECONDARY_NBNS_SERVER
RADIUS_MICROSOFT_MS_ARAP_CHALLENGE

Quickstart

Howto start?

  • get a radius resource
  • configure the library
  • create the request
  • put attributes
  • send the request
  • receive attributes
  • close the radius resource (optional)
Take also a look at the examples in this package.

The package contains an example php script. This script demonstrates howto authenticate with radius using PAP or CHAP (md5). If you authenticate with Microsoft Radius servers then its not possible to use CHAP (md5). If you would like to authenticate with Microsoft Servers you have to use MS-CHAPv1 or MS-CHAPv2, but its more complicated, because you need md4, sha1 and des to generate the right data. The enclosed examples demonstrate all authentication-methods, including MS-CHAPv1 and MS-CHAPv2. To get the MS-CHAP to work you need the mcrypt and the mhash extension, starting with version 1.2 of the package, the mcrypt extension is no longer needed.

Contact Information

If you have comments, bugfixes, enhancements or want to help to develop this you can send me a mail at » mbretter@php.net. Binaries for Windows can be downloaded from » here.

目录

radius_acct_open Creates a Radius handle for accounting
radius_add_server Adds a server
radius_auth_open Creates a Radius handle for authentication
radius_close Frees all ressources
radius_config Causes the library to read the given configuration file
radius_create_request Create accounting or authentication request
radius_cvt_addr Converts raw data to IP-Address
radius_cvt_int Converts raw data to integer
radius_cvt_string Converts raw data to string
radius_demangle_mppe_key Derives mppe-keys from mangled data
radius_demangle Demangles data
radius_get_attr Extracts an attribute
radius_get_vendor_attr Extracts a vendor specific attribute
radius_put_addr Attaches an IP-Address attribute
radius_put_attr Attaches a binary attribute
radius_put_int Attaches an integer attribute
radius_put_string Attaches a string attribute
radius_put_vendor_addr Attaches a vendor specific IP-Address attribute
radius_put_vendor_attr Attaches a vendor specific binary attribute
radius_put_vendor_int Attaches a vendor specific integer attribute
radius_put_vendor_string Attaches a vendor specific string attribute
radius_request_authenticator Returns the request authenticator
radius_send_request Sends the request and waites for a reply
radius_server_secret Returns the shared secret
radius_strerror Returns an error message


add a note add a note User Contributed Notes
Radius
There are no user contributed notes for this page.

radius_acct_open> <qdom_tree
Last updated: Mon, 29 Oct 2007