I want server, that can handle two clients with different secret behind one IP. Freeradius cant halp me. It uses static ip-secret binding for dynamic clients.
Cant hook own module in Freeradius 2 and 3.
How I can use freeradius libs to parse raw udp packet and change Message-Authenticator? Whre is parser functions?
I want make proxy-pass like server..
Client requests with secret1, my proxy auth packet with secret1, copy data to new packet encrypt it with localhost constant secret2 and send it to freeradius. Freeradius reply will be recoded and sent to client back.
Now trying to link to libradius-radius...
FreeRADIUS 4 will support dynamic binding of IP/Port tuples to secrets which effectively solves your issue. If you wanted to build something yourself, then you could use libfreeradius, but honestly, it's meant for internal consumption by the utilities that ship with FreeRADIUS and the radiusd binary, the API (let alone the ABI) is extremely volatile and often changes between minor releases, so you may find you need to spend a lot of time maintaining whatever you come up with.
If you're set on doing this, you might find it easier to work with FreeRADIUS 4 HEAD, as the protocol parsers are split into separate independent libraries which are very easy to initialise outside of the main server.
The main functions you'd need to call are fr_radius_init to initialise the protocol library, and then fr_radius_encode to encode packets and fr_radius_decode to decode packets.
You'll need to come up with your own IO functions, though there are some in src/lib/util/socket.c that offer basic abstractions.