From 3f148920318c8eb169d88b800c64272bd1518880 Mon Sep 17 00:00:00 2001 From: Dmitry Kozlov Date: Sat, 10 Dec 2016 20:37:25 +0300 Subject: radius: extended support for freeradius dictionaries --- accel-pppd/radius/dict.c | 133 ++++++---- accel-pppd/radius/dict/dictionary | 1 + accel-pppd/radius/dict/dictionary.dhcp | 442 +++++++++++++++++++++++++++++++++ accel-pppd/radius/packet.c | 164 +++++++----- accel-pppd/radius/radius.h | 13 +- 5 files changed, 640 insertions(+), 113 deletions(-) create mode 100644 accel-pppd/radius/dict/dictionary.dhcp (limited to 'accel-pppd/radius') diff --git a/accel-pppd/radius/dict.c b/accel-pppd/radius/dict.c index 7f4849cd..fa75dd9c 100644 --- a/accel-pppd/radius/dict.c +++ b/accel-pppd/radius/dict.c @@ -30,7 +30,7 @@ static int split(char *buf, char **ptr) { int i; - for (i = 0; i < 3; i++) { + for (i = 0; i < 4; i++) { buf = skip_word(buf); if (!*buf) return i; @@ -70,12 +70,13 @@ static char *path, *fname1, *buf; static int dict_load(const char *fname) { FILE *f; - char *ptr[3], *endptr; + char *ptr[4], *endptr; int r, n = 0; - struct rad_dict_attr_t *attr; + struct rad_dict_attr_t *attr = NULL; struct rad_dict_value_t *val; struct rad_dict_vendor_t *vendor; struct list_head *items; + struct list_head *parent_items; f = fopen(fname, "r"); if (!f) { @@ -90,48 +91,77 @@ static int dict_load(const char *fname) if (buf[0] == '#' || buf[0] == '\n' || buf[0] == 0) continue; r = split(buf, ptr); - if (r == 1) { - if (!strcmp(buf, "BEGIN-VENDOR")) { + + if (*ptr[r - 1] == '#') + r--; + + if (!strcmp(buf, "VENDOR")) { + if (r < 2) + goto out_err_syntax; + + vendor = malloc(sizeof(*vendor)); + if (!vendor) { + log_emerg("radius: out of memory\n"); + goto out_err; + } + + vendor->id = strtol(ptr[1], &endptr, 10); + if (*endptr != 0) + goto out_err_syntax; + + vendor->name = strdup(ptr[0]); + if (!vendor->name) { + log_emerg("radius: out of memory\n"); + goto out_err; + } + + if (r == 3) { + if (memcmp(ptr[2], "format=", 7)) + goto out_err_syntax; + + vendor->tag = strtoul(ptr[2] + 7, &endptr, 10); + if (*endptr != ',') + goto out_err_syntax; + + vendor->len = strtoul(endptr + 1, &endptr, 10); + } else { + vendor->tag = 1; + vendor->len = 1; + } + + INIT_LIST_HEAD(&vendor->items); + list_add_tail(&vendor->entry, &dict->vendors); + } else if (!strcmp(buf, "BEGIN-VENDOR")) { + if (r < 1) + goto out_err_syntax; + vendor = rad_dict_find_vendor_name(ptr[0]); if (!vendor) { log_emerg("radius:%s:%i: vendor not found\n", fname, n); goto out_err; } items = &vendor->items; - } else if (!strcmp(buf, "END-VENDOR")) - items = &dict->items; - else if (!strcmp(buf, "$INCLUDE")) { - for (r = strlen(path) - 1; r; r--) - if (path[r] == '/') { - path[r + 1] = 0; - break; - } - strcpy(fname1, path); - strcat(fname1, ptr[0]); - if (dict_load(fname1)) - goto out_err; - } else + } else if (!strcmp(buf, "END-VENDOR")) + items = &dict->items; + else if (!strcmp(buf, "$INCLUDE")) { + if (r < 1) goto out_err_syntax; - } else if (r == 2) { - if (!strcmp(buf, "VENDOR")) { - vendor = malloc(sizeof(*vendor)); - if (!vendor) { - log_emerg("radius: out of memory\n"); - goto out_err; - } - vendor->id = strtol(ptr[1], &endptr, 10); - if (*endptr != 0) - goto out_err_syntax; - vendor->name = strdup(ptr[0]); - if (!vendor->name) { - log_emerg("radius: out of memory\n"); - goto out_err; + + for (r = strlen(path) - 1; r; r--) + if (path[r] == '/') { + path[r + 1] = 0; + break; } - INIT_LIST_HEAD(&vendor->items); - list_add_tail(&vendor->entry, &dict->vendors); - } else - goto out_err_syntax; - } else if (r == 3) { + strcpy(fname1, path); + strcat(fname1, ptr[0]); + if (dict_load(fname1)) + goto out_err; + } else if (!strcmp(buf, "BEGIN-TLV")) { + parent_items = items; + items = &attr->tlv; + } else if (!strcmp(buf, "END-TLV")) { + items = parent_items; + } else if (r > 2) { if (!strcmp(buf, "ATTRIBUTE")) { attr = malloc(sizeof(*attr)); if (!attr) { @@ -140,14 +170,26 @@ static int dict_load(const char *fname) } memset(attr, 0, sizeof(*attr)); INIT_LIST_HEAD(&attr->values); + INIT_LIST_HEAD(&attr->tlv); list_add_tail(&attr->entry, items); attr->name = strdup(ptr[0]); attr->id = strtol(ptr[1], &endptr, 10); - if (*endptr != 0) - goto out_err_syntax; - if (!strcmp(ptr[2], "integer")) + attr->array = 0; + attr->size = 0; + + if (r > 3 && !strcmp(ptr[3], "array")) + attr->array = 1; + + if (!strcmp(ptr[2], "integer")) { + attr->type = ATTR_TYPE_INTEGER; + attr->size = 4; + } else if (!strcmp(ptr[2], "short")) { + attr->type = ATTR_TYPE_INTEGER; + attr->size = 2; + } else if (!strcmp(ptr[2], "byte")) { attr->type = ATTR_TYPE_INTEGER; - else if (!strcmp(ptr[2], "string")) + attr->size = 1; + } else if (!strcmp(ptr[2], "string")) attr->type = ATTR_TYPE_STRING; else if (!strcmp(ptr[2], "date")) attr->type = ATTR_TYPE_DATE; @@ -161,6 +203,10 @@ static int dict_load(const char *fname) attr->type = ATTR_TYPE_IPV6ADDR; else if (!strcmp(ptr[2], "ipv6prefix")) attr->type = ATTR_TYPE_IPV6PREFIX; + else if (!strcmp(ptr[2], "ether")) + attr->type = ATTR_TYPE_ETHER; + else if (!strcmp(ptr[2], "tlv")) + attr->type = ATTR_TYPE_TLV; else { log_emerg("radius:%s:%i: unknown attribute type\n", fname, n); goto out_err; @@ -181,7 +227,10 @@ static int dict_load(const char *fname) val->name = strdup(ptr[1]); switch (attr->type) { case ATTR_TYPE_INTEGER: - val->val.integer = strtol(ptr[2], &endptr, 10); + if (ptr[2][0] == '0' && ptr[2][1] == 'x') + val->val.integer = strtol(ptr[2] + 2, &endptr, 16); + else + val->val.integer = strtol(ptr[2], &endptr, 10); if (*endptr != 0) goto out_err_syntax; break; diff --git a/accel-pppd/radius/dict/dictionary b/accel-pppd/radius/dict/dictionary index e76b8ded..de056801 100644 --- a/accel-pppd/radius/dict/dictionary +++ b/accel-pppd/radius/dict/dictionary @@ -78,3 +78,4 @@ $INCLUDE dictionary.rfc5176 $INCLUDE dictionary.microsoft $INCLUDE dictionary.cisco $INCLUDE dictionary.alcatel +$INCLUDE dictionary.dhcp diff --git a/accel-pppd/radius/dict/dictionary.dhcp b/accel-pppd/radius/dict/dictionary.dhcp new file mode 100644 index 00000000..de9aec75 --- /dev/null +++ b/accel-pppd/radius/dict/dictionary.dhcp @@ -0,0 +1,442 @@ +# -*- text -*- +# Copyright (C) 2011 The FreeRADIUS Server project and contributors +############################################################################## +# +# DHCP to RADUS gateway dictionary. +# +# http://www.iana.org/assignments/bootp-dhcp-parameters +# +# Also http://www.networksorcery.com/enp/protocol/bootp/options.htm +# +# http://www.bind9.net/rfc-dhcp +# +# $Id: 65ed832e2dfc9dc84e27795ed11492ceecceda84 $ +# +############################################################################## + +# + +# This is really Apollo's number, but since they're out of business, +# I don't think they'll be needing this. +# +# HP owns the Apollo assets, but let's not worry about that. +# +# The vendor codes are 2 octets, because we need 256 numbers +# for the base DHCP options, PLUS a few for the DHCP headers, +# which aren't in option format. +# +# On top of that, a number of options are really TLV's. +# We need to be able to understand them, too. +# +VENDOR DHCP 54 format=2,1 + +BEGIN-VENDOR DHCP + +ATTRIBUTE DHCP-Opcode 256 byte +ATTRIBUTE DHCP-Hardware-Type 257 byte +ATTRIBUTE DHCP-Hardware-Address-Length 258 byte +ATTRIBUTE DHCP-Hop-Count 259 byte +ATTRIBUTE DHCP-Transaction-Id 260 integer +ATTRIBUTE DHCP-Number-of-Seconds 261 short +ATTRIBUTE DHCP-Flags 262 short +ATTRIBUTE DHCP-Client-IP-Address 263 ipaddr +ATTRIBUTE DHCP-Your-IP-Address 264 ipaddr +ATTRIBUTE DHCP-Server-IP-Address 265 ipaddr +ATTRIBUTE DHCP-Gateway-IP-Address 266 ipaddr +ATTRIBUTE DHCP-Client-Hardware-Address 267 ether # 16 octets +ATTRIBUTE DHCP-Server-Host-Name 268 string # 64 octets +ATTRIBUTE DHCP-Boot-Filename 269 string # 128 octets + +ATTRIBUTE DHCP-Relay-To-IP-Address 270 ipaddr +ATTRIBUTE DHCP-Relay-Max-Hop-Count 271 integer + +# This is copied from the request packet, giaddr, and +# added to the reply packet by the server core. +ATTRIBUTE DHCP-Relay-IP-Address 272 ipaddr + +VALUE DHCP-Flags Broadcast 0x8000 + +VALUE DHCP-Hardware-Type Ethernet 1 +VALUE DHCP-Hardware-Type Experiemental-Ethernet 2 +VALUE DHCP-Hardware-Type AX.25 3 +VALUE DHCP-Hardware-Type Proteon-Token-Ring 4 +VALUE DHCP-Hardware-Type Chaos 5 +VALUE DHCP-Hardware-Type IEEE-802 6 +VALUE DHCP-Hardware-Type Arcnet 7 +VALUE DHCP-Hardware-Type Hyperchannel 8 +VALUE DHCP-Hardware-Type Lanstar 9 +VALUE DHCP-Hardware-Type Autonet-Short-Address 10 +VALUE DHCP-Hardware-Type LocalTalk 11 +VALUE DHCP-Hardware-Type LocalNet 12 +VALUE DHCP-Hardware-Type Ultra-Link 13 +VALUE DHCP-Hardware-Type SMDS 14 +VALUE DHCP-Hardware-Type Frame-Relay 15 +VALUE DHCP-Hardware-Type ATM-16 16 +VALUE DHCP-Hardware-Type HDLC 17 +VALUE DHCP-Hardware-Type Fibre-Channel 18 +VALUE DHCP-Hardware-Type ATM-19 19 +VALUE DHCP-Hardware-Type Serial-Line 20 +VALUE DHCP-Hardware-Type ATM-21 21 +VALUE DHCP-Hardware-Type MIL-STD-188-220 22 +VALUE DHCP-Hardware-Type Metricom 23 +VALUE DHCP-Hardware-Type IEEE-1394 24 +VALUE DHCP-Hardware-Type MAPOS 25 +VALUE DHCP-Hardware-Type Twinaxial 26 +VALUE DHCP-Hardware-Type EUI-64 27 +VALUE DHCP-Hardware-Type HIPARP 28 +VALUE DHCP-Hardware-Type IP-Over-ISO-7816-3 29 +VALUE DHCP-Hardware-Type ARPSec 30 +VALUE DHCP-Hardware-Type IPSec-Tunnel 31 +VALUE DHCP-Hardware-Type Infiniband 32 +VALUE DHCP-Hardware-Type CAI-TIA-102 33 + +############################################################################## +# +# DHCP Options, with comments. For now, many are "octets", +# as FreeRADIUS doesn't handle complex data structures. +# +############################################################################## + +#ATTRIBUTE DHCP-Pad 0 octets +ATTRIBUTE DHCP-Subnet-Mask 1 ipaddr +# Time Offset in twos-complement notation. +ATTRIBUTE DHCP-Time-Offset 2 integer +ATTRIBUTE DHCP-Router-Address 3 ipaddr array +ATTRIBUTE DHCP-Time-Server 4 ipaddr array +ATTRIBUTE DHCP-IEN-116-Name-Server 5 ipaddr array +ATTRIBUTE DHCP-Domain-Name-Server 6 ipaddr array +# Logging-Server addresses +ATTRIBUTE DHCP-Log-Server 7 ipaddr array +ATTRIBUTE DHCP-Quotes-Server 8 ipaddr array +ATTRIBUTE DHCP-LPR-Server 9 ipaddr array +ATTRIBUTE DHCP-Impress-Server 10 ipaddr array +ATTRIBUTE DHCP-RLP-Server 11 ipaddr array +# Hostname string +ATTRIBUTE DHCP-Hostname 12 string +# Size of boot file in 512 byte +ATTRIBUTE DHCP-Boot-File-Size 13 short +# Client to dump and name +ATTRIBUTE DHCP-Merit-Dump-File 14 octets +ATTRIBUTE DHCP-Domain-Name 15 string +ATTRIBUTE DHCP-Swap-Server 16 ipaddr +# Path name for root disk +ATTRIBUTE DHCP-Root-Path 17 string +ATTRIBUTE DHCP-Bootp-Extensions-Path 18 string +ATTRIBUTE DHCP-IP-Forward-Enable 19 byte +ATTRIBUTE DHCP-Source-Route-Enable 20 byte +# Routing Policy Filters +ATTRIBUTE DHCP-Policy-Filter 21 octets +ATTRIBUTE DHCP-Max-Datagram-Reassembly-Sz 22 short +ATTRIBUTE DHCP-Default-IP-TTL 23 octets +ATTRIBUTE DHCP-Path-MTU-Aging-Timeout 24 integer +ATTRIBUTE DHCP-Path-MTU-Plateau-Table 25 short array +ATTRIBUTE DHCP-Interface-MTU-Size 26 short +ATTRIBUTE DHCP-All-Subnets-Are-Local 27 byte +ATTRIBUTE DHCP-Broadcast-Address 28 ipaddr +ATTRIBUTE DHCP-Perform-Mask-Discovery 29 byte +ATTRIBUTE DHCP-Provide-Mask-To-Others 30 byte +ATTRIBUTE DHCP-Perform-Router-Discovery 31 byte +ATTRIBUTE DHCP-Router-Solicitation-Address 32 ipaddr +# first is destination address, second is router. +ATTRIBUTE DHCP-Static-Routes 33 ipaddr array +ATTRIBUTE DHCP-Trailer-Encapsulation 34 byte +ATTRIBUTE DHCP-ARP-Cache-Timeout 35 integer +ATTRIBUTE DHCP-Ethernet-Encapsulation 36 byte +ATTRIBUTE DHCP-Default-TCP-TTL 37 byte +ATTRIBUTE DHCP-Keep-Alive-Interval 38 integer +ATTRIBUTE DHCP-Keep-Alive-Garbage 39 byte +ATTRIBUTE DHCP-NIS-Domain-Name 40 string +ATTRIBUTE DHCP-NIS-Servers 41 ipaddr array +ATTRIBUTE DHCP-NTP-Servers 42 ipaddr array +# N Vendor Specific Information +ATTRIBUTE DHCP-Vendor 43 octets # tlv +ATTRIBUTE DHCP-NETBIOS-Name-Servers 44 ipaddr array +ATTRIBUTE DHCP-NETBIOS-Dgm-Dist-Servers 45 ipaddr array +ATTRIBUTE DHCP-NETBIOS-Node-Type 46 byte +# N NETBIOS Scope +ATTRIBUTE DHCP-NETBIOS 47 octets +ATTRIBUTE DHCP-X-Window-Font-Server 48 ipaddr array +ATTRIBUTE DHCP-X-Window-Display-Mgr 49 ipaddr array +ATTRIBUTE DHCP-Requested-IP-Address 50 ipaddr +ATTRIBUTE DHCP-IP-Address-Lease-Time 51 integer +# Overload "sname" or "file" +ATTRIBUTE DHCP-Overload 52 byte +ATTRIBUTE DHCP-Message-Type 53 byte +ATTRIBUTE DHCP-DHCP-Server-Identifier 54 ipaddr + +# Array of 1-byte numbers indicating which options the client +# would like to see in the response. +ATTRIBUTE DHCP-Parameter-Request-List 55 byte array +ATTRIBUTE DHCP-DHCP-Error-Message 56 octets +ATTRIBUTE DHCP-DHCP-Maximum-Msg-Size 57 short +ATTRIBUTE DHCP-Renewal-Time 58 integer +ATTRIBUTE DHCP-Rebinding-Time 59 integer +ATTRIBUTE DHCP-Vendor-Class-Identifier 60 string + +# Client Identifier +# First octets is DHCP-Hardware-Type, rest are type-specific data, +# e.g. MAC address. +ATTRIBUTE DHCP-Client-Identifier 61 octets +ATTRIBUTE DHCP-Netware-Domain-Name 62 octets +ATTRIBUTE DHCP-Netware-Sub-Options 63 octets +ATTRIBUTE DHCP-NIS-Client-Domain-Name 64 octets +ATTRIBUTE DHCP-NIS-Server-Address 65 ipaddr +ATTRIBUTE DHCP-TFTP-Server-Name 66 string +ATTRIBUTE DHCP-Boot-File-Name 67 string +# Home Agent Addresses +ATTRIBUTE DHCP-Home-Agent-Address 68 octets +ATTRIBUTE DHCP-SMTP-Server-Address 69 ipaddr array +ATTRIBUTE DHCP-POP3-Server-Address 70 ipaddr array +ATTRIBUTE DHCP-NNTP-Server-Address 71 ipaddr array +ATTRIBUTE DHCP-WWW-Server-Address 72 ipaddr array +ATTRIBUTE DHCP-Finger-Server-Address 73 ipaddr array +ATTRIBUTE DHCP-IRC-Server-Address 74 ipaddr array +ATTRIBUTE DHCP-StreetTalk-Server-Address 75 ipaddr array +ATTRIBUTE DHCP-STDA-Server-Address 76 ipaddr array +# User Class Information +ATTRIBUTE DHCP-User-Class 77 octets +# directory agent information +ATTRIBUTE DHCP-Directory-Agent 78 octets +# service location agent scope +ATTRIBUTE DHCP-Service-Scope 79 octets +# Rapid Commit +ATTRIBUTE DHCP-Rapid-Commit 80 octets +# Fully Qualified Domain Name +ATTRIBUTE DHCP-Client-FQDN 81 string +# Relay Agent Information +ATTRIBUTE DHCP-Relay-Agent-Information 82 tlv + +BEGIN-TLV DHCP-Relay-Agent-Information + +ATTRIBUTE DHCP-Agent-Circuit-Id 1 octets +ATTRIBUTE DHCP-Agent-Remote-Id 2 octets + +ATTRIBUTE DHCP-Relay-Circuit-Id 1 octets +ATTRIBUTE DHCP-Relay-Remote-Id 2 octets + +# 3 is reserved and shouldn't be used for anything +ATTRIBUTE DHCP-Docsis-Device-Class 4 integer +ATTRIBUTE DHCP-Relay-Link-Selection 5 ipaddr +ATTRIBUTE DHCP-Subscriber-Id 6 string + +# AGH! RADIUS inside of DHCP! +ATTRIBUTE DHCP-RADIUS-Attributes 7 octets + +# Horribly complicated +ATTRIBUTE DHCP-Authentication-Information 8 octets +ATTRIBUTE DHCP-Vendor-Specific-Information 9 octets +ATTRIBUTE DHCP-Relay-Agent-Flags 10 byte +ATTRIBUTE DHCP-Server-Identifier-Override 11 ipaddr +END-TLV DHCP-Relay-Agent-Information + +# Internet Storage Name Service +ATTRIBUTE DHCP-iSNS 83 octets +# Novell Directory Services +ATTRIBUTE DHCP-NDS-Servers 85 octets +# Novell Directory Services +ATTRIBUTE DHCP-NDS-Tree-Name 86 octets +# Novell Directory Services +ATTRIBUTE DHCP-NDS-Context 87 octets +# Authentication +ATTRIBUTE DHCP-Authentication 90 octets + +ATTRIBUTE DHCP-Client-Last-Txn-Time 91 octets + +ATTRIBUTE DHCP-associated-ip 92 octets +# Client System Architecture +ATTRIBUTE DHCP-Client-System 93 octets +# Client Network Device Interface +ATTRIBUTE DHCP-Client-NDI 94 octets +# Lightweight Directory Access Protocol +ATTRIBUTE DHCP-LDAP 95 octets +# UUID/GUID-based Client Identifier +ATTRIBUTE DHCP-UUID/GUID 97 octets +# Open Group's User Authentication +ATTRIBUTE DHCP-User-Auth 98 octets +# NetInfo Parent-Server Address +ATTRIBUTE DHCP-Netinfo-Address 112 octets +# NetInfo Parent-Server Tag +ATTRIBUTE DHCP-Netinfo-Tag 113 octets +# URL +ATTRIBUTE DHCP-URL 114 octets +# DHCP Auto-Configuration +ATTRIBUTE DHCP-Auto-Config 116 byte +# Name Service Search +ATTRIBUTE DHCP-Name-Service-Search 117 octets +# Subnet Selection Option +ATTRIBUTE DHCP-Subnet-Selection-Option 118 octets +# DNS domain serach list +ATTRIBUTE DHCP-Domain-Search 119 octets +# SIP-Servers DHCP Option +ATTRIBUTE DHCP-SIP-Servers-DHCP-Option 120 octets +# Classless Static Route Option +ATTRIBUTE DHCP-Classless-Static-Route 121 octets +# CableLabs Client Configuration +ATTRIBUTE DHCP-CCC 122 octets +# 16 GeoConf Option +ATTRIBUTE DHCP-GeoConf-Option 123 octets + +# Vendor Class +# +# String name that defines the vendor space used for the TLV's +# in option 125. +# +ATTRIBUTE DHCP-V-I-Vendor-Class 124 octets +# Vendor-Specific +ATTRIBUTE DHCP-V-I-Vendor-Specific 125 octets # tlv +ATTRIBUTE DHCP-Etherboot 128 ether +# (for IP Phone software load) +ATTRIBUTE DHCP-TFTP-Server-IP-Address 128 octets + +ATTRIBUTE DHCP-Call-Server-IP-address 129 octets + +ATTRIBUTE DHCP-Ethernet-Interface 130 octets + +ATTRIBUTE DHCP-Vendor-Discrimination-Str 130 octets + +ATTRIBUTE DHCP-Remote-Stats-Svr-IP-Address 131 octets + +ATTRIBUTE DHCP-IEEE-802.1Q-L2-Priority 132 octets + +ATTRIBUTE DHCP-IEEE-802.1P-VLAN-ID 133 octets + +ATTRIBUTE DHCP-Diffserv-Code-Point 134 octets + +ATTRIBUTE DHCP-HTTP-Proxy 135 octets + +ATTRIBUTE DHCP-Cisco-TFTP-Server-IP-Addresses 150 ipaddr array + +ATTRIBUTE DHCP-End-Of-Options 255 byte + +VALUE DHCP-Opcode Client-Message 1 +VALUE DHCP-Opcode Server-Message 2 + +VALUE DHCP-Message-Type DHCP-Discover 1 +VALUE DHCP-Message-Type DHCP-Offer 2 +VALUE DHCP-Message-Type DHCP-Request 3 +VALUE DHCP-Message-Type DHCP-Decline 4 +VALUE DHCP-Message-Type DHCP-Ack 5 +VALUE DHCP-Message-Type DHCP-NAK 6 +VALUE DHCP-Message-Type DHCP-Release 7 +VALUE DHCP-Message-Type DHCP-Inform 8 +VALUE DHCP-Message-Type DHCP-Force-Renew 9 + +VALUE DHCP-Parameter-Request-List DHCP-Subnet-Mask 1 +VALUE DHCP-Parameter-Request-List DHCP-Time-Offset 2 +VALUE DHCP-Parameter-Request-List DHCP-Router-Address 3 +VALUE DHCP-Parameter-Request-List DHCP-Time-Server 4 +VALUE DHCP-Parameter-Request-List DHCP-IEN-116-Name-Server 5 +VALUE DHCP-Parameter-Request-List DHCP-Domain-Name-Server 6 +VALUE DHCP-Parameter-Request-List DHCP-Log-Server 7 +VALUE DHCP-Parameter-Request-List DHCP-Quotes-Server 8 +VALUE DHCP-Parameter-Request-List DHCP-LPR-Server 9 +VALUE DHCP-Parameter-Request-List DHCP-Impress-Server 10 +VALUE DHCP-Parameter-Request-List DHCP-RLP-Server 11 +VALUE DHCP-Parameter-Request-List DHCP-Hostname 12 +VALUE DHCP-Parameter-Request-List DHCP-Boot-File-Size 13 +VALUE DHCP-Parameter-Request-List DHCP-Merit-Dump-File 14 +VALUE DHCP-Parameter-Request-List DHCP-Domain-Name 15 +VALUE DHCP-Parameter-Request-List DHCP-Swap-Server 16 +VALUE DHCP-Parameter-Request-List DHCP-Root-Path 17 +VALUE DHCP-Parameter-Request-List DHCP-Bootp-Extensions-Path 18 +VALUE DHCP-Parameter-Request-List DHCP-IP-Forward-Enable 19 +VALUE DHCP-Parameter-Request-List DHCP-Source-Route-Enable 20 +VALUE DHCP-Parameter-Request-List DHCP-Policy-Filter 21 +VALUE DHCP-Parameter-Request-List DHCP-Max-Datagram-Reassembly-Sz 22 +VALUE DHCP-Parameter-Request-List DHCP-Default-IP-TTL 23 +VALUE DHCP-Parameter-Request-List DHCP-Path-MTU-Aging-Timeout 24 +VALUE DHCP-Parameter-Request-List DHCP-Path-MTU-Plateau-Table 25 +VALUE DHCP-Parameter-Request-List DHCP-Interface-MTU-Size 26 +VALUE DHCP-Parameter-Request-List DHCP-All-Subnets-Are-Local 27 +VALUE DHCP-Parameter-Request-List DHCP-Broadcast-Address 28 +VALUE DHCP-Parameter-Request-List DHCP-Perform-Mask-Discovery 29 +VALUE DHCP-Parameter-Request-List DHCP-Provide-Mask-To-Others 30 +VALUE DHCP-Parameter-Request-List DHCP-Perform-Router-Discovery 31 +VALUE DHCP-Parameter-Request-List DHCP-Router-Solicitation-Address 32 +VALUE DHCP-Parameter-Request-List DHCP-Static-Routes 33 +VALUE DHCP-Parameter-Request-List DHCP-Trailer-Encapsulation 34 +VALUE DHCP-Parameter-Request-List DHCP-ARP-Cache-Timeout 35 +VALUE DHCP-Parameter-Request-List DHCP-Ethernet-Encapsulation 36 +VALUE DHCP-Parameter-Request-List DHCP-Default-TCP-TTL 37 +VALUE DHCP-Parameter-Request-List DHCP-Keep-Alive-Interval 38 +VALUE DHCP-Parameter-Request-List DHCP-Keep-Alive-Garbage 39 +VALUE DHCP-Parameter-Request-List DHCP-NIS-Domain-Name 40 +VALUE DHCP-Parameter-Request-List DHCP-NIS-Servers 41 +VALUE DHCP-Parameter-Request-List DHCP-NTP-Servers 42 +VALUE DHCP-Parameter-Request-List DHCP-Vendor 43 +VALUE DHCP-Parameter-Request-List DHCP-NETBIOS-Name-Servers 44 +VALUE DHCP-Parameter-Request-List DHCP-NETBIOS-Dgm-Dist-Servers 45 +VALUE DHCP-Parameter-Request-List DHCP-NETBIOS-Node-Type 46 +VALUE DHCP-Parameter-Request-List DHCP-NETBIOS 47 +VALUE DHCP-Parameter-Request-List DHCP-X-Window-Font-Server 48 +VALUE DHCP-Parameter-Request-List DHCP-X-Window-Display-Mgr 49 +VALUE DHCP-Parameter-Request-List DHCP-Requested-IP-Address 50 +VALUE DHCP-Parameter-Request-List DHCP-IP-Address-Lease-Time 51 +VALUE DHCP-Parameter-Request-List DHCP-Overload 52 +VALUE DHCP-Parameter-Request-List DHCP-Message-Type 53 +VALUE DHCP-Parameter-Request-List DHCP-DHCP-Server-Identifier 54 +VALUE DHCP-Parameter-Request-List DHCP-Parameter-Request-List 55 +VALUE DHCP-Parameter-Request-List DHCP-DHCP-Error-Message 56 +VALUE DHCP-Parameter-Request-List DHCP-DHCP-Maximum-Msg-Size 57 +VALUE DHCP-Parameter-Request-List DHCP-Renewal-Time 58 +VALUE DHCP-Parameter-Request-List DHCP-Rebinding-Time 59 +VALUE DHCP-Parameter-Request-List DHCP-Class-Identifier 60 +VALUE DHCP-Parameter-Request-List DHCP-Client-Identifier 61 +VALUE DHCP-Parameter-Request-List DHCP-Netware-Domain-Name 62 +VALUE DHCP-Parameter-Request-List DHCP-Netware-Sub-Options 63 +VALUE DHCP-Parameter-Request-List DHCP-NIS-Client-Domain-Name 64 +VALUE DHCP-Parameter-Request-List DHCP-NIS-Server-Address 65 +VALUE DHCP-Parameter-Request-List DHCP-TFTP-Server-Name 66 +VALUE DHCP-Parameter-Request-List DHCP-Boot-File-Name 67 +VALUE DHCP-Parameter-Request-List DHCP-Home-Agent-Address 68 +VALUE DHCP-Parameter-Request-List DHCP-SMTP-Server-Address 69 +VALUE DHCP-Parameter-Request-List DHCP-POP3-Server-Address 70 +VALUE DHCP-Parameter-Request-List DHCP-NNTP-Server-Address 71 +VALUE DHCP-Parameter-Request-List DHCP-WWW-Server-Address 72 +VALUE DHCP-Parameter-Request-List DHCP-Finger-Server-Address 73 +VALUE DHCP-Parameter-Request-List DHCP-IRC-Server-Address 74 +VALUE DHCP-Parameter-Request-List DHCP-StreetTalk-Server-Address 75 +VALUE DHCP-Parameter-Request-List DHCP-STDA-Server-Address 76 +VALUE DHCP-Parameter-Request-List DHCP-User-Class 77 +VALUE DHCP-Parameter-Request-List DHCP-Directory-Agent 78 +VALUE DHCP-Parameter-Request-List DHCP-Service-Scope 79 +VALUE DHCP-Parameter-Request-List DHCP-Rapid-Commit 80 +VALUE DHCP-Parameter-Request-List DHCP-Client-FQDN 81 +VALUE DHCP-Parameter-Request-List DHCP-Relay-Agent-Information 82 +VALUE DHCP-Parameter-Request-List DHCP-iSNS 83 +VALUE DHCP-Parameter-Request-List DHCP-NDS-Servers 85 +VALUE DHCP-Parameter-Request-List DHCP-NDS-Tree-Name 86 +VALUE DHCP-Parameter-Request-List DHCP-NDS-Context 87 +VALUE DHCP-Parameter-Request-List DHCP-Authentication 90 +VALUE DHCP-Parameter-Request-List DHCP-Client-Last-Txn-Time 91 +VALUE DHCP-Parameter-Request-List DHCP-associated-ip 92 +VALUE DHCP-Parameter-Request-List DHCP-Client-System 93 +VALUE DHCP-Parameter-Request-List DHCP-Client-NDI 94 +VALUE DHCP-Parameter-Request-List DHCP-LDAP 95 +VALUE DHCP-Parameter-Request-List DHCP-UUID/GUID 97 +VALUE DHCP-Parameter-Request-List DHCP-User-Auth 98 +VALUE DHCP-Parameter-Request-List DHCP-Netinfo-Address 112 +VALUE DHCP-Parameter-Request-List DHCP-Netinfo-Tag 113 +VALUE DHCP-Parameter-Request-List DHCP-URL 114 +VALUE DHCP-Parameter-Request-List DHCP-Auto-Config 116 +VALUE DHCP-Parameter-Request-List DHCP-Name-Service-Search 117 +VALUE DHCP-Parameter-Request-List DHCP-Subnet-Selection-Option 118 +VALUE DHCP-Parameter-Request-List DHCP-Domain-Search 119 +VALUE DHCP-Parameter-Request-List DHCP-SIP-Servers-DHCP-Option 120 +VALUE DHCP-Parameter-Request-List DHCP-Classless-Static-Route 121 +VALUE DHCP-Parameter-Request-List DHCP-CCC 122 +VALUE DHCP-Parameter-Request-List DHCP-GeoConf-Option 123 +VALUE DHCP-Parameter-Request-List DHCP-V-I-Vendor-Class 124 +VALUE DHCP-Parameter-Request-List DHCP-V-I-Vendor-Specific 125 +VALUE DHCP-Parameter-Request-List DHCP-Etherboot 128 +VALUE DHCP-Parameter-Request-List DHCP-TFTP-Server-IP-Address 128 +VALUE DHCP-Parameter-Request-List DHCP-Call-Server-IP-address 129 +VALUE DHCP-Parameter-Request-List DHCP-Ethernet-Interface 130 +VALUE DHCP-Parameter-Request-List DHCP-Vendor-Discrimination-Str 130 +VALUE DHCP-Parameter-Request-List DHCP-Remote-Stats-Svr-IP-Address 131 +VALUE DHCP-Parameter-Request-List DHCP-IEEE-802.1P-VLAN-ID 132 +VALUE DHCP-Parameter-Request-List DHCP-IEEE-802.1Q-L2-Priority 133 +VALUE DHCP-Parameter-Request-List DHCP-Diffserv-Code-Point 134 +VALUE DHCP-Parameter-Request-List DHCP-HTTP-Proxy 135 + +END-VENDOR DHCP diff --git a/accel-pppd/radius/packet.c b/accel-pppd/radius/packet.c index e23b23cc..26284b5c 100644 --- a/accel-pppd/radius/packet.c +++ b/accel-pppd/radius/packet.c @@ -188,9 +188,24 @@ int rad_packet_recv(int fd, struct rad_packet_t **p, struct sockaddr_in *addr) vendor = rad_dict_find_vendor_id(vendor_id); if (vendor) { ptr += 4; - id = *ptr; ptr++; - len = *ptr - 2; ptr++; - n -= 2 + 4; + + if (vendor->tag == 2) + id = (uint16_t)ntohs(*(uint16_t *)ptr); + else + id = *ptr; + + ptr += vendor->tag; + + if (vendor->len == 2) + len = (uint16_t)ntohs(*(uint16_t *)ptr); + else + len = *ptr; + + ptr += vendor->len; + + len -= vendor->tag + vendor->len; + + n -= 4 + vendor->tag + vendor->len; } else log_ppp_warn("radius:packet: vendor %i not found\n", id); } else @@ -206,40 +221,47 @@ int rad_packet_recv(int fd, struct rad_packet_t **p, struct sockaddr_in *addr) attr->vendor = vendor; attr->attr = da; attr->len = len; - switch (da->type) { - case ATTR_TYPE_STRING: - attr->val.string = _malloc(len+1); - if (!attr->val.string) { - log_emerg("radius:packet: out of memory\n"); - _free(attr); - goto out_err; - } - memcpy(attr->val.string, ptr, len); - attr->val.string[len] = 0; - break; - case ATTR_TYPE_OCTETS: - attr->val.octets = _malloc(len); - if (!attr->val.octets) { - log_emerg("radius:packet: out of memory\n"); - _free(attr); - goto out_err; - } - memcpy(attr->val.octets, ptr, len); - break; - case ATTR_TYPE_DATE: - case ATTR_TYPE_INTEGER: - attr->val.integer = ntohl(*(uint32_t*)ptr); - break; - case ATTR_TYPE_IPADDR: - case ATTR_TYPE_IFID: - case ATTR_TYPE_IPV6ADDR: - memcpy(&attr->val.integer, ptr, len); - break; - case ATTR_TYPE_IPV6PREFIX: - attr->val.ipv6prefix.len = ptr[1]; - memset(&attr->val.ipv6prefix.prefix, 0, sizeof(attr->val.ipv6prefix.prefix)); - memcpy(&attr->val.ipv6prefix.prefix, ptr + 2, len - 2); - break; + attr->raw = ptr; + + if (!da->array) { + switch (da->type) { + case ATTR_TYPE_STRING: + attr->val.string = _malloc(len+1); + if (!attr->val.string) { + log_emerg("radius:packet: out of memory\n"); + _free(attr); + goto out_err; + } + memcpy(attr->val.string, ptr, len); + attr->val.string[len] = 0; + break; + case ATTR_TYPE_OCTETS: + case ATTR_TYPE_ETHER: + case ATTR_TYPE_TLV: + attr->val.octets = ptr; + break; + case ATTR_TYPE_INTEGER: + if (len != da->size) + log_ppp_warn("radius:packet: attribute %s has invalid length %i (must be %i)\n", da->name, len, da->size); + case ATTR_TYPE_DATE: + if (len == 4) + attr->val.integer = ntohl(*(uint32_t*)ptr); + else if (len == 2) + attr->val.integer = ntohs(*(uint16_t*)ptr); + else if (len == 1) + attr->val.integer = *ptr; + break; + case ATTR_TYPE_IPADDR: + case ATTR_TYPE_IFID: + case ATTR_TYPE_IPV6ADDR: + memcpy(&attr->val.integer, ptr, len); + break; + case ATTR_TYPE_IPV6PREFIX: + attr->val.ipv6prefix.len = ptr[1]; + memset(&attr->val.ipv6prefix.prefix, 0, sizeof(attr->val.ipv6prefix.prefix)); + memcpy(&attr->val.ipv6prefix.prefix, ptr + 2, len - 2); + break; + } } list_add_tail(&attr->entry, &pack->attrs); } else @@ -268,7 +290,7 @@ void rad_packet_free(struct rad_packet_t *pack) while(!list_empty(&pack->attrs)) { attr = list_entry(pack->attrs.next, typeof(*attr), entry); list_del(&attr->entry); - if (attr->attr->type == ATTR_TYPE_STRING || attr->attr->type == ATTR_TYPE_OCTETS) + if (attr->attr->type == ATTR_TYPE_STRING) _free(attr->val.string); mempool_free(attr); } @@ -291,6 +313,7 @@ void rad_packet_print(struct rad_packet_t *pack, struct rad_server_t *s, void (* print("[RADIUS(%i) ", s->id); else print("[RADIUS "); + switch(pack->code) { case CODE_ACCESS_REQUEST: print("Access-Request"); @@ -331,43 +354,46 @@ void rad_packet_print(struct rad_packet_t *pack, struct rad_server_t *s, void (* default: print("Unknown (%i)", pack->code); } + print(" id=%x", pack->id); list_for_each_entry(attr, &pack->attrs, entry) { - if (attr->vendor) - print("<%s %s ", attr->vendor->name, attr->attr->name); - else - print(" <%s ", attr->attr->name); - switch (attr->attr->type) { - case ATTR_TYPE_INTEGER: - val = rad_dict_find_val(attr->attr, attr->val); - if (val) - print("%s", val->name); - else - print("%u", attr->val.integer); - break; - case ATTR_TYPE_STRING: - print("\"%s\"", attr->val.string); - break; - case ATTR_TYPE_IPADDR: - addr = ntohl(attr->val.ipaddr); - print("%i.%i.%i.%i", (addr >> 24) & 0xff, (addr >> 16) & 0xff, (addr >> 8) & 0xff, addr & 0xff); - break; - case ATTR_TYPE_IFID: - ifid_u.ifid = attr->val.ifid; - print("%x:%x:%x:%x", ntohs(ifid_u.u16[0]), ntohs(ifid_u.u16[1]), ntohs(ifid_u.u16[2]), ntohs(ifid_u.u16[3])); - break; - case ATTR_TYPE_IPV6ADDR: - inet_ntop(AF_INET6, &attr->val.ipv6addr, ip_str, sizeof(ip_str)); - print("%s", ip_str); - break; - case ATTR_TYPE_IPV6PREFIX: - inet_ntop(AF_INET6, &attr->val.ipv6prefix.prefix, ip_str, sizeof(ip_str)); - print("%s/%i", ip_str, attr->val.ipv6prefix.len); - break; + print(" <%s", attr->attr->name); + + if (!attr->attr->array) { + switch (attr->attr->type) { + case ATTR_TYPE_INTEGER: + val = rad_dict_find_val(attr->attr, attr->val); + if (val) + print(" %s", val->name); + else + print(" %u", attr->val.integer); + break; + case ATTR_TYPE_STRING: + print(" \"%s\"", attr->val.string); + break; + case ATTR_TYPE_IPADDR: + addr = ntohl(attr->val.ipaddr); + print(" %i.%i.%i.%i", (addr >> 24) & 0xff, (addr >> 16) & 0xff, (addr >> 8) & 0xff, addr & 0xff); + break; + case ATTR_TYPE_IFID: + ifid_u.ifid = attr->val.ifid; + print(" %x:%x:%x:%x", ntohs(ifid_u.u16[0]), ntohs(ifid_u.u16[1]), ntohs(ifid_u.u16[2]), ntohs(ifid_u.u16[3])); + break; + case ATTR_TYPE_IPV6ADDR: + inet_ntop(AF_INET6, &attr->val.ipv6addr, ip_str, sizeof(ip_str)); + print(" %s", ip_str); + break; + case ATTR_TYPE_IPV6PREFIX: + inet_ntop(AF_INET6, &attr->val.ipv6prefix.prefix, ip_str, sizeof(ip_str)); + print(" %s/%i", ip_str, attr->val.ipv6prefix.len); + break; + } } + print(">"); } + print("]\n"); } diff --git a/accel-pppd/radius/radius.h b/accel-pppd/radius/radius.h index ad27b898..3176f53b 100644 --- a/accel-pppd/radius/radius.h +++ b/accel-pppd/radius/radius.h @@ -14,6 +14,8 @@ #define ATTR_TYPE_IFID 5 #define ATTR_TYPE_IPV6ADDR 6 #define ATTR_TYPE_IPV6PREFIX 7 +#define ATTR_TYPE_ETHER 8 +#define ATTR_TYPE_TLV 9 #define CODE_ACCESS_REQUEST 1 #define CODE_ACCESS_ACCEPT 2 @@ -55,6 +57,8 @@ struct rad_dict_vendor_t { struct list_head entry; int id; + int tag; + int len; const char *name; struct list_head items; }; @@ -71,8 +75,11 @@ struct rad_dict_attr_t struct list_head entry; const char *name; int id; - int type; + int type:31; + int array:1; + int size; struct list_head values; + struct list_head tlv; }; struct rad_attr_t @@ -81,8 +88,10 @@ struct rad_attr_t struct rad_dict_attr_t *attr; struct rad_dict_vendor_t *vendor; //struct rad_dict_value_t *val; - rad_value_t val; int len; + int cnt; + void *raw; + rad_value_t val; }; struct rad_packet_t -- cgit v1.2.3