summaryrefslogtreecommitdiff
path: root/accel-pppd/radius
diff options
context:
space:
mode:
authorDmitry Kozlov <xeb@mail.ru>2016-12-10 20:37:25 +0300
committerDmitry Kozlov <xeb@mail.ru>2016-12-10 20:37:25 +0300
commit3f148920318c8eb169d88b800c64272bd1518880 (patch)
tree32b7cfb417a4bc249d99efcc2f0949e2de5db4f8 /accel-pppd/radius
parentac3d0db11524533db1904b315447fefd1296065d (diff)
downloadaccel-ppp-3f148920318c8eb169d88b800c64272bd1518880.tar.gz
accel-ppp-3f148920318c8eb169d88b800c64272bd1518880.zip
radius: extended support for freeradius dictionaries
Diffstat (limited to 'accel-pppd/radius')
-rw-r--r--accel-pppd/radius/dict.c133
-rw-r--r--accel-pppd/radius/dict/dictionary1
-rw-r--r--accel-pppd/radius/dict/dictionary.dhcp442
-rw-r--r--accel-pppd/radius/packet.c164
-rw-r--r--accel-pppd/radius/radius.h13
5 files changed, 640 insertions, 113 deletions
diff --git a/accel-pppd/radius/dict.c b/accel-pppd/radius/dict.c
index 7f4849cd..fa75dd9c 100644
--- a/accel-pppd/radius/dict.c
+++ b/accel-pppd/radius/dict.c
@@ -30,7 +30,7 @@ static int split(char *buf, char **ptr)
{
int i;
- for (i = 0; i < 3; i++) {
+ for (i = 0; i < 4; i++) {
buf = skip_word(buf);
if (!*buf)
return i;
@@ -70,12 +70,13 @@ static char *path, *fname1, *buf;
static int dict_load(const char *fname)
{
FILE *f;
- char *ptr[3], *endptr;
+ char *ptr[4], *endptr;
int r, n = 0;
- struct rad_dict_attr_t *attr;
+ struct rad_dict_attr_t *attr = NULL;
struct rad_dict_value_t *val;
struct rad_dict_vendor_t *vendor;
struct list_head *items;
+ struct list_head *parent_items;
f = fopen(fname, "r");
if (!f) {
@@ -90,48 +91,77 @@ static int dict_load(const char *fname)
if (buf[0] == '#' || buf[0] == '\n' || buf[0] == 0)
continue;
r = split(buf, ptr);
- if (r == 1) {
- if (!strcmp(buf, "BEGIN-VENDOR")) {
+
+ if (*ptr[r - 1] == '#')
+ r--;
+
+ if (!strcmp(buf, "VENDOR")) {
+ if (r < 2)
+ goto out_err_syntax;
+
+ vendor = malloc(sizeof(*vendor));
+ if (!vendor) {
+ log_emerg("radius: out of memory\n");
+ goto out_err;
+ }
+
+ vendor->id = strtol(ptr[1], &endptr, 10);
+ if (*endptr != 0)
+ goto out_err_syntax;
+
+ vendor->name = strdup(ptr[0]);
+ if (!vendor->name) {
+ log_emerg("radius: out of memory\n");
+ goto out_err;
+ }
+
+ if (r == 3) {
+ if (memcmp(ptr[2], "format=", 7))
+ goto out_err_syntax;
+
+ vendor->tag = strtoul(ptr[2] + 7, &endptr, 10);
+ if (*endptr != ',')
+ goto out_err_syntax;
+
+ vendor->len = strtoul(endptr + 1, &endptr, 10);
+ } else {
+ vendor->tag = 1;
+ vendor->len = 1;
+ }
+
+ INIT_LIST_HEAD(&vendor->items);
+ list_add_tail(&vendor->entry, &dict->vendors);
+ } else if (!strcmp(buf, "BEGIN-VENDOR")) {
+ if (r < 1)
+ goto out_err_syntax;
+
vendor = rad_dict_find_vendor_name(ptr[0]);
if (!vendor) {
log_emerg("radius:%s:%i: vendor not found\n", fname, n);
goto out_err;
}
items = &vendor->items;
- } else if (!strcmp(buf, "END-VENDOR"))
- items = &dict->items;
- else if (!strcmp(buf, "$INCLUDE")) {
- for (r = strlen(path) - 1; r; r--)
- if (path[r] == '/') {
- path[r + 1] = 0;
- break;
- }
- strcpy(fname1, path);
- strcat(fname1, ptr[0]);
- if (dict_load(fname1))
- goto out_err;
- } else
+ } else if (!strcmp(buf, "END-VENDOR"))
+ items = &dict->items;
+ else if (!strcmp(buf, "$INCLUDE")) {
+ if (r < 1)
goto out_err_syntax;
- } else if (r == 2) {
- if (!strcmp(buf, "VENDOR")) {
- vendor = malloc(sizeof(*vendor));
- if (!vendor) {
- log_emerg("radius: out of memory\n");
- goto out_err;
- }
- vendor->id = strtol(ptr[1], &endptr, 10);
- if (*endptr != 0)
- goto out_err_syntax;
- vendor->name = strdup(ptr[0]);
- if (!vendor->name) {
- log_emerg("radius: out of memory\n");
- goto out_err;
+
+ for (r = strlen(path) - 1; r; r--)
+ if (path[r] == '/') {
+ path[r + 1] = 0;
+ break;
}
- INIT_LIST_HEAD(&vendor->items);
- list_add_tail(&vendor->entry, &dict->vendors);
- } else
- goto out_err_syntax;
- } else if (r == 3) {
+ strcpy(fname1, path);
+ strcat(fname1, ptr[0]);
+ if (dict_load(fname1))
+ goto out_err;
+ } else if (!strcmp(buf, "BEGIN-TLV")) {
+ parent_items = items;
+ items = &attr->tlv;
+ } else if (!strcmp(buf, "END-TLV")) {
+ items = parent_items;
+ } else if (r > 2) {
if (!strcmp(buf, "ATTRIBUTE")) {
attr = malloc(sizeof(*attr));
if (!attr) {
@@ -140,14 +170,26 @@ static int dict_load(const char *fname)
}
memset(attr, 0, sizeof(*attr));
INIT_LIST_HEAD(&attr->values);
+ INIT_LIST_HEAD(&attr->tlv);
list_add_tail(&attr->entry, items);
attr->name = strdup(ptr[0]);
attr->id = strtol(ptr[1], &endptr, 10);
- if (*endptr != 0)
- goto out_err_syntax;
- if (!strcmp(ptr[2], "integer"))
+ attr->array = 0;
+ attr->size = 0;
+
+ if (r > 3 && !strcmp(ptr[3], "array"))
+ attr->array = 1;
+
+ if (!strcmp(ptr[2], "integer")) {
+ attr->type = ATTR_TYPE_INTEGER;
+ attr->size = 4;
+ } else if (!strcmp(ptr[2], "short")) {
+ attr->type = ATTR_TYPE_INTEGER;
+ attr->size = 2;
+ } else if (!strcmp(ptr[2], "byte")) {
attr->type = ATTR_TYPE_INTEGER;
- else if (!strcmp(ptr[2], "string"))
+ attr->size = 1;
+ } else if (!strcmp(ptr[2], "string"))
attr->type = ATTR_TYPE_STRING;
else if (!strcmp(ptr[2], "date"))
attr->type = ATTR_TYPE_DATE;
@@ -161,6 +203,10 @@ static int dict_load(const char *fname)
attr->type = ATTR_TYPE_IPV6ADDR;
else if (!strcmp(ptr[2], "ipv6prefix"))
attr->type = ATTR_TYPE_IPV6PREFIX;
+ else if (!strcmp(ptr[2], "ether"))
+ attr->type = ATTR_TYPE_ETHER;
+ else if (!strcmp(ptr[2], "tlv"))
+ attr->type = ATTR_TYPE_TLV;
else {
log_emerg("radius:%s:%i: unknown attribute type\n", fname, n);
goto out_err;
@@ -181,7 +227,10 @@ static int dict_load(const char *fname)
val->name = strdup(ptr[1]);
switch (attr->type) {
case ATTR_TYPE_INTEGER:
- val->val.integer = strtol(ptr[2], &endptr, 10);
+ if (ptr[2][0] == '0' && ptr[2][1] == 'x')
+ val->val.integer = strtol(ptr[2] + 2, &endptr, 16);
+ else
+ val->val.integer = strtol(ptr[2], &endptr, 10);
if (*endptr != 0)
goto out_err_syntax;
break;
diff --git a/accel-pppd/radius/dict/dictionary b/accel-pppd/radius/dict/dictionary
index e76b8ded..de056801 100644
--- a/accel-pppd/radius/dict/dictionary
+++ b/accel-pppd/radius/dict/dictionary
@@ -78,3 +78,4 @@ $INCLUDE dictionary.rfc5176
$INCLUDE dictionary.microsoft
$INCLUDE dictionary.cisco
$INCLUDE dictionary.alcatel
+$INCLUDE dictionary.dhcp
diff --git a/accel-pppd/radius/dict/dictionary.dhcp b/accel-pppd/radius/dict/dictionary.dhcp
new file mode 100644
index 00000000..de9aec75
--- /dev/null
+++ b/accel-pppd/radius/dict/dictionary.dhcp
@@ -0,0 +1,442 @@
+# -*- text -*-
+# Copyright (C) 2011 The FreeRADIUS Server project and contributors
+##############################################################################
+#
+# DHCP to RADUS gateway dictionary.
+#
+# http://www.iana.org/assignments/bootp-dhcp-parameters
+#
+# Also http://www.networksorcery.com/enp/protocol/bootp/options.htm
+#
+# http://www.bind9.net/rfc-dhcp
+#
+# $Id: 65ed832e2dfc9dc84e27795ed11492ceecceda84 $
+#
+##############################################################################
+
+#
+
+# This is really Apollo's number, but since they're out of business,
+# I don't think they'll be needing this.
+#
+# HP owns the Apollo assets, but let's not worry about that.
+#
+# The vendor codes are 2 octets, because we need 256 numbers
+# for the base DHCP options, PLUS a few for the DHCP headers,
+# which aren't in option format.
+#
+# On top of that, a number of options are really TLV's.
+# We need to be able to understand them, too.
+#
+VENDOR DHCP 54 format=2,1
+
+BEGIN-VENDOR DHCP
+
+ATTRIBUTE DHCP-Opcode 256 byte
+ATTRIBUTE DHCP-Hardware-Type 257 byte
+ATTRIBUTE DHCP-Hardware-Address-Length 258 byte
+ATTRIBUTE DHCP-Hop-Count 259 byte
+ATTRIBUTE DHCP-Transaction-Id 260 integer
+ATTRIBUTE DHCP-Number-of-Seconds 261 short
+ATTRIBUTE DHCP-Flags 262 short
+ATTRIBUTE DHCP-Client-IP-Address 263 ipaddr
+ATTRIBUTE DHCP-Your-IP-Address 264 ipaddr
+ATTRIBUTE DHCP-Server-IP-Address 265 ipaddr
+ATTRIBUTE DHCP-Gateway-IP-Address 266 ipaddr
+ATTRIBUTE DHCP-Client-Hardware-Address 267 ether # 16 octets
+ATTRIBUTE DHCP-Server-Host-Name 268 string # 64 octets
+ATTRIBUTE DHCP-Boot-Filename 269 string # 128 octets
+
+ATTRIBUTE DHCP-Relay-To-IP-Address 270 ipaddr
+ATTRIBUTE DHCP-Relay-Max-Hop-Count 271 integer
+
+# This is copied from the request packet, giaddr, and
+# added to the reply packet by the server core.
+ATTRIBUTE DHCP-Relay-IP-Address 272 ipaddr
+
+VALUE DHCP-Flags Broadcast 0x8000
+
+VALUE DHCP-Hardware-Type Ethernet 1
+VALUE DHCP-Hardware-Type Experiemental-Ethernet 2
+VALUE DHCP-Hardware-Type AX.25 3
+VALUE DHCP-Hardware-Type Proteon-Token-Ring 4
+VALUE DHCP-Hardware-Type Chaos 5
+VALUE DHCP-Hardware-Type IEEE-802 6
+VALUE DHCP-Hardware-Type Arcnet 7
+VALUE DHCP-Hardware-Type Hyperchannel 8
+VALUE DHCP-Hardware-Type Lanstar 9
+VALUE DHCP-Hardware-Type Autonet-Short-Address 10
+VALUE DHCP-Hardware-Type LocalTalk 11
+VALUE DHCP-Hardware-Type LocalNet 12
+VALUE DHCP-Hardware-Type Ultra-Link 13
+VALUE DHCP-Hardware-Type SMDS 14
+VALUE DHCP-Hardware-Type Frame-Relay 15
+VALUE DHCP-Hardware-Type ATM-16 16
+VALUE DHCP-Hardware-Type HDLC 17
+VALUE DHCP-Hardware-Type Fibre-Channel 18
+VALUE DHCP-Hardware-Type ATM-19 19
+VALUE DHCP-Hardware-Type Serial-Line 20
+VALUE DHCP-Hardware-Type ATM-21 21
+VALUE DHCP-Hardware-Type MIL-STD-188-220 22
+VALUE DHCP-Hardware-Type Metricom 23
+VALUE DHCP-Hardware-Type IEEE-1394 24
+VALUE DHCP-Hardware-Type MAPOS 25
+VALUE DHCP-Hardware-Type Twinaxial 26
+VALUE DHCP-Hardware-Type EUI-64 27
+VALUE DHCP-Hardware-Type HIPARP 28
+VALUE DHCP-Hardware-Type IP-Over-ISO-7816-3 29
+VALUE DHCP-Hardware-Type ARPSec 30
+VALUE DHCP-Hardware-Type IPSec-Tunnel 31
+VALUE DHCP-Hardware-Type Infiniband 32
+VALUE DHCP-Hardware-Type CAI-TIA-102 33
+
+##############################################################################
+#
+# DHCP Options, with comments. For now, many are "octets",
+# as FreeRADIUS doesn't handle complex data structures.
+#
+##############################################################################
+
+#ATTRIBUTE DHCP-Pad 0 octets
+ATTRIBUTE DHCP-Subnet-Mask 1 ipaddr
+# Time Offset in twos-complement notation.
+ATTRIBUTE DHCP-Time-Offset 2 integer
+ATTRIBUTE DHCP-Router-Address 3 ipaddr array
+ATTRIBUTE DHCP-Time-Server 4 ipaddr array
+ATTRIBUTE DHCP-IEN-116-Name-Server 5 ipaddr array
+ATTRIBUTE DHCP-Domain-Name-Server 6 ipaddr array
+# Logging-Server addresses
+ATTRIBUTE DHCP-Log-Server 7 ipaddr array
+ATTRIBUTE DHCP-Quotes-Server 8 ipaddr array
+ATTRIBUTE DHCP-LPR-Server 9 ipaddr array
+ATTRIBUTE DHCP-Impress-Server 10 ipaddr array
+ATTRIBUTE DHCP-RLP-Server 11 ipaddr array
+# Hostname string
+ATTRIBUTE DHCP-Hostname 12 string
+# Size of boot file in 512 byte
+ATTRIBUTE DHCP-Boot-File-Size 13 short
+# Client to dump and name
+ATTRIBUTE DHCP-Merit-Dump-File 14 octets
+ATTRIBUTE DHCP-Domain-Name 15 string
+ATTRIBUTE DHCP-Swap-Server 16 ipaddr
+# Path name for root disk
+ATTRIBUTE DHCP-Root-Path 17 string
+ATTRIBUTE DHCP-Bootp-Extensions-Path 18 string
+ATTRIBUTE DHCP-IP-Forward-Enable 19 byte
+ATTRIBUTE DHCP-Source-Route-Enable 20 byte
+# Routing Policy Filters
+ATTRIBUTE DHCP-Policy-Filter 21 octets
+ATTRIBUTE DHCP-Max-Datagram-Reassembly-Sz 22 short
+ATTRIBUTE DHCP-Default-IP-TTL 23 octets
+ATTRIBUTE DHCP-Path-MTU-Aging-Timeout 24 integer
+ATTRIBUTE DHCP-Path-MTU-Plateau-Table 25 short array
+ATTRIBUTE DHCP-Interface-MTU-Size 26 short
+ATTRIBUTE DHCP-All-Subnets-Are-Local 27 byte
+ATTRIBUTE DHCP-Broadcast-Address 28 ipaddr
+ATTRIBUTE DHCP-Perform-Mask-Discovery 29 byte
+ATTRIBUTE DHCP-Provide-Mask-To-Others 30 byte
+ATTRIBUTE DHCP-Perform-Router-Discovery 31 byte
+ATTRIBUTE DHCP-Router-Solicitation-Address 32 ipaddr
+# first is destination address, second is router.
+ATTRIBUTE DHCP-Static-Routes 33 ipaddr array
+ATTRIBUTE DHCP-Trailer-Encapsulation 34 byte
+ATTRIBUTE DHCP-ARP-Cache-Timeout 35 integer
+ATTRIBUTE DHCP-Ethernet-Encapsulation 36 byte
+ATTRIBUTE DHCP-Default-TCP-TTL 37 byte
+ATTRIBUTE DHCP-Keep-Alive-Interval 38 integer
+ATTRIBUTE DHCP-Keep-Alive-Garbage 39 byte
+ATTRIBUTE DHCP-NIS-Domain-Name 40 string
+ATTRIBUTE DHCP-NIS-Servers 41 ipaddr array
+ATTRIBUTE DHCP-NTP-Servers 42 ipaddr array
+# N Vendor Specific Information
+ATTRIBUTE DHCP-Vendor 43 octets # tlv
+ATTRIBUTE DHCP-NETBIOS-Name-Servers 44 ipaddr array
+ATTRIBUTE DHCP-NETBIOS-Dgm-Dist-Servers 45 ipaddr array
+ATTRIBUTE DHCP-NETBIOS-Node-Type 46 byte
+# N NETBIOS Scope
+ATTRIBUTE DHCP-NETBIOS 47 octets
+ATTRIBUTE DHCP-X-Window-Font-Server 48 ipaddr array
+ATTRIBUTE DHCP-X-Window-Display-Mgr 49 ipaddr array
+ATTRIBUTE DHCP-Requested-IP-Address 50 ipaddr
+ATTRIBUTE DHCP-IP-Address-Lease-Time 51 integer
+# Overload "sname" or "file"
+ATTRIBUTE DHCP-Overload 52 byte
+ATTRIBUTE DHCP-Message-Type 53 byte
+ATTRIBUTE DHCP-DHCP-Server-Identifier 54 ipaddr
+
+# Array of 1-byte numbers indicating which options the client
+# would like to see in the response.
+ATTRIBUTE DHCP-Parameter-Request-List 55 byte array
+ATTRIBUTE DHCP-DHCP-Error-Message 56 octets
+ATTRIBUTE DHCP-DHCP-Maximum-Msg-Size 57 short
+ATTRIBUTE DHCP-Renewal-Time 58 integer
+ATTRIBUTE DHCP-Rebinding-Time 59 integer
+ATTRIBUTE DHCP-Vendor-Class-Identifier 60 string
+
+# Client Identifier
+# First octets is DHCP-Hardware-Type, rest are type-specific data,
+# e.g. MAC address.
+ATTRIBUTE DHCP-Client-Identifier 61 octets
+ATTRIBUTE DHCP-Netware-Domain-Name 62 octets
+ATTRIBUTE DHCP-Netware-Sub-Options 63 octets
+ATTRIBUTE DHCP-NIS-Client-Domain-Name 64 octets
+ATTRIBUTE DHCP-NIS-Server-Address 65 ipaddr
+ATTRIBUTE DHCP-TFTP-Server-Name 66 string
+ATTRIBUTE DHCP-Boot-File-Name 67 string
+# Home Agent Addresses
+ATTRIBUTE DHCP-Home-Agent-Address 68 octets
+ATTRIBUTE DHCP-SMTP-Server-Address 69 ipaddr array
+ATTRIBUTE DHCP-POP3-Server-Address 70 ipaddr array
+ATTRIBUTE DHCP-NNTP-Server-Address 71 ipaddr array
+ATTRIBUTE DHCP-WWW-Server-Address 72 ipaddr array
+ATTRIBUTE DHCP-Finger-Server-Address 73 ipaddr array
+ATTRIBUTE DHCP-IRC-Server-Address 74 ipaddr array
+ATTRIBUTE DHCP-StreetTalk-Server-Address 75 ipaddr array
+ATTRIBUTE DHCP-STDA-Server-Address 76 ipaddr array
+# User Class Information
+ATTRIBUTE DHCP-User-Class 77 octets
+# directory agent information
+ATTRIBUTE DHCP-Directory-Agent 78 octets
+# service location agent scope
+ATTRIBUTE DHCP-Service-Scope 79 octets
+# Rapid Commit
+ATTRIBUTE DHCP-Rapid-Commit 80 octets
+# Fully Qualified Domain Name
+ATTRIBUTE DHCP-Client-FQDN 81 string
+# Relay Agent Information
+ATTRIBUTE DHCP-Relay-Agent-Information 82 tlv
+
+BEGIN-TLV DHCP-Relay-Agent-Information
+
+ATTRIBUTE DHCP-Agent-Circuit-Id 1 octets
+ATTRIBUTE DHCP-Agent-Remote-Id 2 octets
+
+ATTRIBUTE DHCP-Relay-Circuit-Id 1 octets
+ATTRIBUTE DHCP-Relay-Remote-Id 2 octets
+
+# 3 is reserved and shouldn't be used for anything
+ATTRIBUTE DHCP-Docsis-Device-Class 4 integer
+ATTRIBUTE DHCP-Relay-Link-Selection 5 ipaddr
+ATTRIBUTE DHCP-Subscriber-Id 6 string
+
+# AGH! RADIUS inside of DHCP!
+ATTRIBUTE DHCP-RADIUS-Attributes 7 octets
+
+# Horribly complicated
+ATTRIBUTE DHCP-Authentication-Information 8 octets
+ATTRIBUTE DHCP-Vendor-Specific-Information 9 octets
+ATTRIBUTE DHCP-Relay-Agent-Flags 10 byte
+ATTRIBUTE DHCP-Server-Identifier-Override 11 ipaddr
+END-TLV DHCP-Relay-Agent-Information
+
+# Internet Storage Name Service
+ATTRIBUTE DHCP-iSNS 83 octets
+# Novell Directory Services
+ATTRIBUTE DHCP-NDS-Servers 85 octets
+# Novell Directory Services
+ATTRIBUTE DHCP-NDS-Tree-Name 86 octets
+# Novell Directory Services
+ATTRIBUTE DHCP-NDS-Context 87 octets
+# Authentication
+ATTRIBUTE DHCP-Authentication 90 octets
+
+ATTRIBUTE DHCP-Client-Last-Txn-Time 91 octets
+
+ATTRIBUTE DHCP-associated-ip 92 octets
+# Client System Architecture
+ATTRIBUTE DHCP-Client-System 93 octets
+# Client Network Device Interface
+ATTRIBUTE DHCP-Client-NDI 94 octets
+# Lightweight Directory Access Protocol
+ATTRIBUTE DHCP-LDAP 95 octets
+# UUID/GUID-based Client Identifier
+ATTRIBUTE DHCP-UUID/GUID 97 octets
+# Open Group's User Authentication
+ATTRIBUTE DHCP-User-Auth 98 octets
+# NetInfo Parent-Server Address
+ATTRIBUTE DHCP-Netinfo-Address 112 octets
+# NetInfo Parent-Server Tag
+ATTRIBUTE DHCP-Netinfo-Tag 113 octets
+# URL
+ATTRIBUTE DHCP-URL 114 octets
+# DHCP Auto-Configuration
+ATTRIBUTE DHCP-Auto-Config 116 byte
+# Name Service Search
+ATTRIBUTE DHCP-Name-Service-Search 117 octets
+# Subnet Selection Option
+ATTRIBUTE DHCP-Subnet-Selection-Option 118 octets
+# DNS domain serach list
+ATTRIBUTE DHCP-Domain-Search 119 octets
+# SIP-Servers DHCP Option
+ATTRIBUTE DHCP-SIP-Servers-DHCP-Option 120 octets
+# Classless Static Route Option
+ATTRIBUTE DHCP-Classless-Static-Route 121 octets
+# CableLabs Client Configuration
+ATTRIBUTE DHCP-CCC 122 octets
+# 16 GeoConf Option
+ATTRIBUTE DHCP-GeoConf-Option 123 octets
+
+# Vendor Class
+#
+# String name that defines the vendor space used for the TLV's
+# in option 125.
+#
+ATTRIBUTE DHCP-V-I-Vendor-Class 124 octets
+# Vendor-Specific
+ATTRIBUTE DHCP-V-I-Vendor-Specific 125 octets # tlv
+ATTRIBUTE DHCP-Etherboot 128 ether
+# (for IP Phone software load)
+ATTRIBUTE DHCP-TFTP-Server-IP-Address 128 octets
+
+ATTRIBUTE DHCP-Call-Server-IP-address 129 octets
+
+ATTRIBUTE DHCP-Ethernet-Interface 130 octets
+
+ATTRIBUTE DHCP-Vendor-Discrimination-Str 130 octets
+
+ATTRIBUTE DHCP-Remote-Stats-Svr-IP-Address 131 octets
+
+ATTRIBUTE DHCP-IEEE-802.1Q-L2-Priority 132 octets
+
+ATTRIBUTE DHCP-IEEE-802.1P-VLAN-ID 133 octets
+
+ATTRIBUTE DHCP-Diffserv-Code-Point 134 octets
+
+ATTRIBUTE DHCP-HTTP-Proxy 135 octets
+
+ATTRIBUTE DHCP-Cisco-TFTP-Server-IP-Addresses 150 ipaddr array
+
+ATTRIBUTE DHCP-End-Of-Options 255 byte
+
+VALUE DHCP-Opcode Client-Message 1
+VALUE DHCP-Opcode Server-Message 2
+
+VALUE DHCP-Message-Type DHCP-Discover 1
+VALUE DHCP-Message-Type DHCP-Offer 2
+VALUE DHCP-Message-Type DHCP-Request 3
+VALUE DHCP-Message-Type DHCP-Decline 4
+VALUE DHCP-Message-Type DHCP-Ack 5
+VALUE DHCP-Message-Type DHCP-NAK 6
+VALUE DHCP-Message-Type DHCP-Release 7
+VALUE DHCP-Message-Type DHCP-Inform 8
+VALUE DHCP-Message-Type DHCP-Force-Renew 9
+
+VALUE DHCP-Parameter-Request-List DHCP-Subnet-Mask 1
+VALUE DHCP-Parameter-Request-List DHCP-Time-Offset 2
+VALUE DHCP-Parameter-Request-List DHCP-Router-Address 3
+VALUE DHCP-Parameter-Request-List DHCP-Time-Server 4
+VALUE DHCP-Parameter-Request-List DHCP-IEN-116-Name-Server 5
+VALUE DHCP-Parameter-Request-List DHCP-Domain-Name-Server 6
+VALUE DHCP-Parameter-Request-List DHCP-Log-Server 7
+VALUE DHCP-Parameter-Request-List DHCP-Quotes-Server 8
+VALUE DHCP-Parameter-Request-List DHCP-LPR-Server 9
+VALUE DHCP-Parameter-Request-List DHCP-Impress-Server 10
+VALUE DHCP-Parameter-Request-List DHCP-RLP-Server 11
+VALUE DHCP-Parameter-Request-List DHCP-Hostname 12
+VALUE DHCP-Parameter-Request-List DHCP-Boot-File-Size 13
+VALUE DHCP-Parameter-Request-List DHCP-Merit-Dump-File 14
+VALUE DHCP-Parameter-Request-List DHCP-Domain-Name 15
+VALUE DHCP-Parameter-Request-List DHCP-Swap-Server 16
+VALUE DHCP-Parameter-Request-List DHCP-Root-Path 17
+VALUE DHCP-Parameter-Request-List DHCP-Bootp-Extensions-Path 18
+VALUE DHCP-Parameter-Request-List DHCP-IP-Forward-Enable 19
+VALUE DHCP-Parameter-Request-List DHCP-Source-Route-Enable 20
+VALUE DHCP-Parameter-Request-List DHCP-Policy-Filter 21
+VALUE DHCP-Parameter-Request-List DHCP-Max-Datagram-Reassembly-Sz 22
+VALUE DHCP-Parameter-Request-List DHCP-Default-IP-TTL 23
+VALUE DHCP-Parameter-Request-List DHCP-Path-MTU-Aging-Timeout 24
+VALUE DHCP-Parameter-Request-List DHCP-Path-MTU-Plateau-Table 25
+VALUE DHCP-Parameter-Request-List DHCP-Interface-MTU-Size 26
+VALUE DHCP-Parameter-Request-List DHCP-All-Subnets-Are-Local 27
+VALUE DHCP-Parameter-Request-List DHCP-Broadcast-Address 28
+VALUE DHCP-Parameter-Request-List DHCP-Perform-Mask-Discovery 29
+VALUE DHCP-Parameter-Request-List DHCP-Provide-Mask-To-Others 30
+VALUE DHCP-Parameter-Request-List DHCP-Perform-Router-Discovery 31
+VALUE DHCP-Parameter-Request-List DHCP-Router-Solicitation-Address 32
+VALUE DHCP-Parameter-Request-List DHCP-Static-Routes 33
+VALUE DHCP-Parameter-Request-List DHCP-Trailer-Encapsulation 34
+VALUE DHCP-Parameter-Request-List DHCP-ARP-Cache-Timeout 35
+VALUE DHCP-Parameter-Request-List DHCP-Ethernet-Encapsulation 36
+VALUE DHCP-Parameter-Request-List DHCP-Default-TCP-TTL 37
+VALUE DHCP-Parameter-Request-List DHCP-Keep-Alive-Interval 38
+VALUE DHCP-Parameter-Request-List DHCP-Keep-Alive-Garbage 39
+VALUE DHCP-Parameter-Request-List DHCP-NIS-Domain-Name 40
+VALUE DHCP-Parameter-Request-List DHCP-NIS-Servers 41
+VALUE DHCP-Parameter-Request-List DHCP-NTP-Servers 42
+VALUE DHCP-Parameter-Request-List DHCP-Vendor 43
+VALUE DHCP-Parameter-Request-List DHCP-NETBIOS-Name-Servers 44
+VALUE DHCP-Parameter-Request-List DHCP-NETBIOS-Dgm-Dist-Servers 45
+VALUE DHCP-Parameter-Request-List DHCP-NETBIOS-Node-Type 46
+VALUE DHCP-Parameter-Request-List DHCP-NETBIOS 47
+VALUE DHCP-Parameter-Request-List DHCP-X-Window-Font-Server 48
+VALUE DHCP-Parameter-Request-List DHCP-X-Window-Display-Mgr 49
+VALUE DHCP-Parameter-Request-List DHCP-Requested-IP-Address 50
+VALUE DHCP-Parameter-Request-List DHCP-IP-Address-Lease-Time 51
+VALUE DHCP-Parameter-Request-List DHCP-Overload 52
+VALUE DHCP-Parameter-Request-List DHCP-Message-Type 53
+VALUE DHCP-Parameter-Request-List DHCP-DHCP-Server-Identifier 54
+VALUE DHCP-Parameter-Request-List DHCP-Parameter-Request-List 55
+VALUE DHCP-Parameter-Request-List DHCP-DHCP-Error-Message 56
+VALUE DHCP-Parameter-Request-List DHCP-DHCP-Maximum-Msg-Size 57
+VALUE DHCP-Parameter-Request-List DHCP-Renewal-Time 58
+VALUE DHCP-Parameter-Request-List DHCP-Rebinding-Time 59
+VALUE DHCP-Parameter-Request-List DHCP-Class-Identifier 60
+VALUE DHCP-Parameter-Request-List DHCP-Client-Identifier 61
+VALUE DHCP-Parameter-Request-List DHCP-Netware-Domain-Name 62
+VALUE DHCP-Parameter-Request-List DHCP-Netware-Sub-Options 63
+VALUE DHCP-Parameter-Request-List DHCP-NIS-Client-Domain-Name 64
+VALUE DHCP-Parameter-Request-List DHCP-NIS-Server-Address 65
+VALUE DHCP-Parameter-Request-List DHCP-TFTP-Server-Name 66
+VALUE DHCP-Parameter-Request-List DHCP-Boot-File-Name 67
+VALUE DHCP-Parameter-Request-List DHCP-Home-Agent-Address 68
+VALUE DHCP-Parameter-Request-List DHCP-SMTP-Server-Address 69
+VALUE DHCP-Parameter-Request-List DHCP-POP3-Server-Address 70
+VALUE DHCP-Parameter-Request-List DHCP-NNTP-Server-Address 71
+VALUE DHCP-Parameter-Request-List DHCP-WWW-Server-Address 72
+VALUE DHCP-Parameter-Request-List DHCP-Finger-Server-Address 73
+VALUE DHCP-Parameter-Request-List DHCP-IRC-Server-Address 74
+VALUE DHCP-Parameter-Request-List DHCP-StreetTalk-Server-Address 75
+VALUE DHCP-Parameter-Request-List DHCP-STDA-Server-Address 76
+VALUE DHCP-Parameter-Request-List DHCP-User-Class 77
+VALUE DHCP-Parameter-Request-List DHCP-Directory-Agent 78
+VALUE DHCP-Parameter-Request-List DHCP-Service-Scope 79
+VALUE DHCP-Parameter-Request-List DHCP-Rapid-Commit 80
+VALUE DHCP-Parameter-Request-List DHCP-Client-FQDN 81
+VALUE DHCP-Parameter-Request-List DHCP-Relay-Agent-Information 82
+VALUE DHCP-Parameter-Request-List DHCP-iSNS 83
+VALUE DHCP-Parameter-Request-List DHCP-NDS-Servers 85
+VALUE DHCP-Parameter-Request-List DHCP-NDS-Tree-Name 86
+VALUE DHCP-Parameter-Request-List DHCP-NDS-Context 87
+VALUE DHCP-Parameter-Request-List DHCP-Authentication 90
+VALUE DHCP-Parameter-Request-List DHCP-Client-Last-Txn-Time 91
+VALUE DHCP-Parameter-Request-List DHCP-associated-ip 92
+VALUE DHCP-Parameter-Request-List DHCP-Client-System 93
+VALUE DHCP-Parameter-Request-List DHCP-Client-NDI 94
+VALUE DHCP-Parameter-Request-List DHCP-LDAP 95
+VALUE DHCP-Parameter-Request-List DHCP-UUID/GUID 97
+VALUE DHCP-Parameter-Request-List DHCP-User-Auth 98
+VALUE DHCP-Parameter-Request-List DHCP-Netinfo-Address 112
+VALUE DHCP-Parameter-Request-List DHCP-Netinfo-Tag 113
+VALUE DHCP-Parameter-Request-List DHCP-URL 114
+VALUE DHCP-Parameter-Request-List DHCP-Auto-Config 116
+VALUE DHCP-Parameter-Request-List DHCP-Name-Service-Search 117
+VALUE DHCP-Parameter-Request-List DHCP-Subnet-Selection-Option 118
+VALUE DHCP-Parameter-Request-List DHCP-Domain-Search 119
+VALUE DHCP-Parameter-Request-List DHCP-SIP-Servers-DHCP-Option 120
+VALUE DHCP-Parameter-Request-List DHCP-Classless-Static-Route 121
+VALUE DHCP-Parameter-Request-List DHCP-CCC 122
+VALUE DHCP-Parameter-Request-List DHCP-GeoConf-Option 123
+VALUE DHCP-Parameter-Request-List DHCP-V-I-Vendor-Class 124
+VALUE DHCP-Parameter-Request-List DHCP-V-I-Vendor-Specific 125
+VALUE DHCP-Parameter-Request-List DHCP-Etherboot 128
+VALUE DHCP-Parameter-Request-List DHCP-TFTP-Server-IP-Address 128
+VALUE DHCP-Parameter-Request-List DHCP-Call-Server-IP-address 129
+VALUE DHCP-Parameter-Request-List DHCP-Ethernet-Interface 130
+VALUE DHCP-Parameter-Request-List DHCP-Vendor-Discrimination-Str 130
+VALUE DHCP-Parameter-Request-List DHCP-Remote-Stats-Svr-IP-Address 131
+VALUE DHCP-Parameter-Request-List DHCP-IEEE-802.1P-VLAN-ID 132
+VALUE DHCP-Parameter-Request-List DHCP-IEEE-802.1Q-L2-Priority 133
+VALUE DHCP-Parameter-Request-List DHCP-Diffserv-Code-Point 134
+VALUE DHCP-Parameter-Request-List DHCP-HTTP-Proxy 135
+
+END-VENDOR DHCP
diff --git a/accel-pppd/radius/packet.c b/accel-pppd/radius/packet.c
index e23b23cc..26284b5c 100644
--- a/accel-pppd/radius/packet.c
+++ b/accel-pppd/radius/packet.c
@@ -188,9 +188,24 @@ int rad_packet_recv(int fd, struct rad_packet_t **p, struct sockaddr_in *addr)
vendor = rad_dict_find_vendor_id(vendor_id);
if (vendor) {
ptr += 4;
- id = *ptr; ptr++;
- len = *ptr - 2; ptr++;
- n -= 2 + 4;
+
+ if (vendor->tag == 2)
+ id = (uint16_t)ntohs(*(uint16_t *)ptr);
+ else
+ id = *ptr;
+
+ ptr += vendor->tag;
+
+ if (vendor->len == 2)
+ len = (uint16_t)ntohs(*(uint16_t *)ptr);
+ else
+ len = *ptr;
+
+ ptr += vendor->len;
+
+ len -= vendor->tag + vendor->len;
+
+ n -= 4 + vendor->tag + vendor->len;
} else
log_ppp_warn("radius:packet: vendor %i not found\n", id);
} else
@@ -206,40 +221,47 @@ int rad_packet_recv(int fd, struct rad_packet_t **p, struct sockaddr_in *addr)
attr->vendor = vendor;
attr->attr = da;
attr->len = len;
- switch (da->type) {
- case ATTR_TYPE_STRING:
- attr->val.string = _malloc(len+1);
- if (!attr->val.string) {
- log_emerg("radius:packet: out of memory\n");
- _free(attr);
- goto out_err;
- }
- memcpy(attr->val.string, ptr, len);
- attr->val.string[len] = 0;
- break;
- case ATTR_TYPE_OCTETS:
- attr->val.octets = _malloc(len);
- if (!attr->val.octets) {
- log_emerg("radius:packet: out of memory\n");
- _free(attr);
- goto out_err;
- }
- memcpy(attr->val.octets, ptr, len);
- break;
- case ATTR_TYPE_DATE:
- case ATTR_TYPE_INTEGER:
- attr->val.integer = ntohl(*(uint32_t*)ptr);
- break;
- case ATTR_TYPE_IPADDR:
- case ATTR_TYPE_IFID:
- case ATTR_TYPE_IPV6ADDR:
- memcpy(&attr->val.integer, ptr, len);
- break;
- case ATTR_TYPE_IPV6PREFIX:
- attr->val.ipv6prefix.len = ptr[1];
- memset(&attr->val.ipv6prefix.prefix, 0, sizeof(attr->val.ipv6prefix.prefix));
- memcpy(&attr->val.ipv6prefix.prefix, ptr + 2, len - 2);
- break;
+ attr->raw = ptr;
+
+ if (!da->array) {
+ switch (da->type) {
+ case ATTR_TYPE_STRING:
+ attr->val.string = _malloc(len+1);
+ if (!attr->val.string) {
+ log_emerg("radius:packet: out of memory\n");
+ _free(attr);
+ goto out_err;
+ }
+ memcpy(attr->val.string, ptr, len);
+ attr->val.string[len] = 0;
+ break;
+ case ATTR_TYPE_OCTETS:
+ case ATTR_TYPE_ETHER:
+ case ATTR_TYPE_TLV:
+ attr->val.octets = ptr;
+ break;
+ case ATTR_TYPE_INTEGER:
+ if (len != da->size)
+ log_ppp_warn("radius:packet: attribute %s has invalid length %i (must be %i)\n", da->name, len, da->size);
+ case ATTR_TYPE_DATE:
+ if (len == 4)
+ attr->val.integer = ntohl(*(uint32_t*)ptr);
+ else if (len == 2)
+ attr->val.integer = ntohs(*(uint16_t*)ptr);
+ else if (len == 1)
+ attr->val.integer = *ptr;
+ break;
+ case ATTR_TYPE_IPADDR:
+ case ATTR_TYPE_IFID:
+ case ATTR_TYPE_IPV6ADDR:
+ memcpy(&attr->val.integer, ptr, len);
+ break;
+ case ATTR_TYPE_IPV6PREFIX:
+ attr->val.ipv6prefix.len = ptr[1];
+ memset(&attr->val.ipv6prefix.prefix, 0, sizeof(attr->val.ipv6prefix.prefix));
+ memcpy(&attr->val.ipv6prefix.prefix, ptr + 2, len - 2);
+ break;
+ }
}
list_add_tail(&attr->entry, &pack->attrs);
} else
@@ -268,7 +290,7 @@ void rad_packet_free(struct rad_packet_t *pack)
while(!list_empty(&pack->attrs)) {
attr = list_entry(pack->attrs.next, typeof(*attr), entry);
list_del(&attr->entry);
- if (attr->attr->type == ATTR_TYPE_STRING || attr->attr->type == ATTR_TYPE_OCTETS)
+ if (attr->attr->type == ATTR_TYPE_STRING)
_free(attr->val.string);
mempool_free(attr);
}
@@ -291,6 +313,7 @@ void rad_packet_print(struct rad_packet_t *pack, struct rad_server_t *s, void (*
print("[RADIUS(%i) ", s->id);
else
print("[RADIUS ");
+
switch(pack->code) {
case CODE_ACCESS_REQUEST:
print("Access-Request");
@@ -331,43 +354,46 @@ void rad_packet_print(struct rad_packet_t *pack, struct rad_server_t *s, void (*
default:
print("Unknown (%i)", pack->code);
}
+
print(" id=%x", pack->id);
list_for_each_entry(attr, &pack->attrs, entry) {
- if (attr->vendor)
- print("<%s %s ", attr->vendor->name, attr->attr->name);
- else
- print(" <%s ", attr->attr->name);
- switch (attr->attr->type) {
- case ATTR_TYPE_INTEGER:
- val = rad_dict_find_val(attr->attr, attr->val);
- if (val)
- print("%s", val->name);
- else
- print("%u", attr->val.integer);
- break;
- case ATTR_TYPE_STRING:
- print("\"%s\"", attr->val.string);
- break;
- case ATTR_TYPE_IPADDR:
- addr = ntohl(attr->val.ipaddr);
- print("%i.%i.%i.%i", (addr >> 24) & 0xff, (addr >> 16) & 0xff, (addr >> 8) & 0xff, addr & 0xff);
- break;
- case ATTR_TYPE_IFID:
- ifid_u.ifid = attr->val.ifid;
- print("%x:%x:%x:%x", ntohs(ifid_u.u16[0]), ntohs(ifid_u.u16[1]), ntohs(ifid_u.u16[2]), ntohs(ifid_u.u16[3]));
- break;
- case ATTR_TYPE_IPV6ADDR:
- inet_ntop(AF_INET6, &attr->val.ipv6addr, ip_str, sizeof(ip_str));
- print("%s", ip_str);
- break;
- case ATTR_TYPE_IPV6PREFIX:
- inet_ntop(AF_INET6, &attr->val.ipv6prefix.prefix, ip_str, sizeof(ip_str));
- print("%s/%i", ip_str, attr->val.ipv6prefix.len);
- break;
+ print(" <%s", attr->attr->name);
+
+ if (!attr->attr->array) {
+ switch (attr->attr->type) {
+ case ATTR_TYPE_INTEGER:
+ val = rad_dict_find_val(attr->attr, attr->val);
+ if (val)
+ print(" %s", val->name);
+ else
+ print(" %u", attr->val.integer);
+ break;
+ case ATTR_TYPE_STRING:
+ print(" \"%s\"", attr->val.string);
+ break;
+ case ATTR_TYPE_IPADDR:
+ addr = ntohl(attr->val.ipaddr);
+ print(" %i.%i.%i.%i", (addr >> 24) & 0xff, (addr >> 16) & 0xff, (addr >> 8) & 0xff, addr & 0xff);
+ break;
+ case ATTR_TYPE_IFID:
+ ifid_u.ifid = attr->val.ifid;
+ print(" %x:%x:%x:%x", ntohs(ifid_u.u16[0]), ntohs(ifid_u.u16[1]), ntohs(ifid_u.u16[2]), ntohs(ifid_u.u16[3]));
+ break;
+ case ATTR_TYPE_IPV6ADDR:
+ inet_ntop(AF_INET6, &attr->val.ipv6addr, ip_str, sizeof(ip_str));
+ print(" %s", ip_str);
+ break;
+ case ATTR_TYPE_IPV6PREFIX:
+ inet_ntop(AF_INET6, &attr->val.ipv6prefix.prefix, ip_str, sizeof(ip_str));
+ print(" %s/%i", ip_str, attr->val.ipv6prefix.len);
+ break;
+ }
}
+
print(">");
}
+
print("]\n");
}
diff --git a/accel-pppd/radius/radius.h b/accel-pppd/radius/radius.h
index ad27b898..3176f53b 100644
--- a/accel-pppd/radius/radius.h
+++ b/accel-pppd/radius/radius.h
@@ -14,6 +14,8 @@
#define ATTR_TYPE_IFID 5
#define ATTR_TYPE_IPV6ADDR 6
#define ATTR_TYPE_IPV6PREFIX 7
+#define ATTR_TYPE_ETHER 8
+#define ATTR_TYPE_TLV 9
#define CODE_ACCESS_REQUEST 1
#define CODE_ACCESS_ACCEPT 2
@@ -55,6 +57,8 @@ struct rad_dict_vendor_t
{
struct list_head entry;
int id;
+ int tag;
+ int len;
const char *name;
struct list_head items;
};
@@ -71,8 +75,11 @@ struct rad_dict_attr_t
struct list_head entry;
const char *name;
int id;
- int type;
+ int type:31;
+ int array:1;
+ int size;
struct list_head values;
+ struct list_head tlv;
};
struct rad_attr_t
@@ -81,8 +88,10 @@ struct rad_attr_t
struct rad_dict_attr_t *attr;
struct rad_dict_vendor_t *vendor;
//struct rad_dict_value_t *val;
- rad_value_t val;
int len;
+ int cnt;
+ void *raw;
+ rad_value_t val;
};
struct rad_packet_t