# HG changeset patch # User Sebastien Decugis # Date 1242800071 -32400 # Node ID 505a9ee1244b119dcdeec3bcfb398c944a66f685 # Parent 6c2198aa037c8c4950c9866d12c210b14cbde80d Separated attributes and codes string definitions to inc files diff -r 6c2198aa037c -r 505a9ee1244b extensions/radius_gw/radius-types --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extensions/radius_gw/radius-types Wed May 20 15:14:31 2009 +0900 @@ -0,0 +1,615 @@ + +Radius Types + +(last updated 2009-04-24) + +Registries included below: +- Radius Attribute Types + - Radius Attribute Values +- Radius Packet Type Codes + - Radius Codes + +Note: +The RFC "Remote Authentication Dial In User Service (RADIUS)" +[RFC2058][RFC2865] defines a Packet Type Code and an Attribute +Type Code. The IANA registry of these codes and subordinate +assigned values is listed here according to [RFC3575]. + + +Registry Name: Radius Attribute Types +Reference: [RFC2865][RFC3575] +Range Registration Procedures Notes +-------- -------------------------------- ---------- +1-191 IETF Consensus +192-240 Reserved for Privated Use +224-240 Implementation Specific +241-255 Reserved + +Registry: +Value Description Reference +-------- --------------------------------------- --------- +1 User-Name +2 User-Password +3 CHAP-Password +4 NAS-IP-Address +5 NAS-Port +6 Service-Type +7 Framed-Protocol +8 Framed-IP-Address +9 Framed-IP-Netmask +10 Framed-Routing +11 Filter-Id +12 Framed-MTU +13 Framed-Compression +14 Login-IP-Host +15 Login-Service +16 Login-TCP-Port +17 Unassigned +18 Reply-Message +19 Callback-Number +20 Callback-Id +21 Unassigned +22 Framed-Route +23 Framed-IPX-Network +24 State +25 Class +26 Vendor-Specific +27 Session-Timeout +28 Idle-Timeout +29 Termination-Action +30 Called-Station-Id +31 Calling-Station-Id +32 NAS-Identifier +33 Proxy-State +34 Login-LAT-Service +35 Login-LAT-Node +36 Login-LAT-Group +37 Framed-AppleTalk-Link +38 Framed-AppleTalk-Network +39 Framed-AppleTalk-Zone +40 Acct-Status-Type [RFC2866] +41 Acct-Delay-Time [RFC2866] +42 Acct-Input-Octets [RFC2866] +43 Acct-Output-Octets [RFC2866] +44 Acct-Session-Id [RFC2866] +45 Acct-Authentic [RFC2866] +46 Acct-Session-Time [RFC2866] +47 Acct-Input-Packets [RFC2866] +48 Acct-Output-Packets [RFC2866] +49 Acct-Terminate-Cause [RFC2866] +50 Acct-Multi-Session-Id [RFC2866] +51 Acct-Link-Count [RFC2866] +52 Acct-Input-Gigawords [RFC2869] +53 Acct-Output-Gigawords [RFC2869] +54 Unassigned +55 Event-Timestamp [RFC2869] +56 Egress-VLANID [RFC4675] +57 Ingress-Filters [RFC4675] +58 Egress-VLAN-Name [RFC4675] +59 User-Priority-Table [RFC4675] +60 CHAP-Challenge +61 NAS-Port-Type +62 Port-Limit +63 Login-LAT-Port +64 Tunnel-Type [RFC2868] +65 Tunnel-Medium-Type [RFC2868] +66 Tunnel-Client-Endpoint [RFC2868] +67 Tunnel-Server-Endpoint [RFC2868] +68 Acct-Tunnel-Connection [RFC2867] +69 Tunnel-Password [RFC2868] +70 ARAP-Password [RFC2869] +71 ARAP-Features [RFC2869] +72 ARAP-Zone-Access [RFC2869] +73 ARAP-Security [RFC2869] +74 ARAP-Security-Data [RFC2869] +75 Password-Retry [RFC2869] +76 Prompt [RFC2869] +77 Connect-Info [RFC2869] +78 Configuration-Token [RFC2869] +79 EAP-Message [RFC2869] +80 Message-Authenticator [RFC2869] +81 Tunnel-Private-Group-ID [RFC2868] +82 Tunnel-Assignment-ID [RFC2868] +83 Tunnel-Preference [RFC2868] +84 ARAP-Challenge-Response [RFC2869] +85 Acct-Interim-Interval [RFC2869] +86 Acct-Tunnel-Packets-Lost [RFC2867] +87 NAS-Port-Id [RFC2869] +88 Framed-Pool [RFC2869] +89 CUI [RFC4372] +90 Tunnel-Client-Auth-ID [RFC2868] +91 Tunnel-Server-Auth-ID [RFC2868] +92 NAS-Filter-Rule [RFC4849] +93 Unassigned +94 Originating-Line-Info [RFC4005] +95 NAS-IPv6-Address [RFC3162] +96 Framed-Interface-Id [RFC3162] +97 Framed-IPv6-Prefix [RFC3162] +98 Login-IPv6-Host [RFC3162] +99 Framed-IPv6-Route [RFC3162] +100 Framed-IPv6-Pool [RFC3162] +101 Error-Cause Attribute [RFC3576] +102 EAP-Key-Name [RFC4072] +103 Digest-Response [RFC5090] +104 Digest-Realm [RFC5090] +105 Digest-Nonce [RFC5090] +106 Digest-Response-Auth [RFC5090] +107 Digest-Nextnonce [RFC5090] +108 Digest-Method [RFC5090] +109 Digest-URI [RFC5090] +110 Digest-Qop [RFC5090] +111 Digest-Algorithm [RFC5090] +112 Digest-Entity-Body-Hash [RFC5090] +113 Digest-CNonce [RFC5090] +114 Digest-Nonce-Count [RFC5090] +115 Digest-Username [RFC5090] +116 Digest-Opaque [RFC5090] +117 Digest-Auth-Param [RFC5090] +118 Digest-AKA-Auts [RFC5090] +119 Digest-Domain [RFC5090] +120 Digest-Stale [RFC5090] +121 Digest-HA1 [RFC5090] +122 SIP-AOR [RFC5090] +123 Delegated-IPv6-Prefix [RFC4818] +124 MIP6-Feature-Vector [RFC5447] +125 MIP6-Home-Link-Prefix [RFC5447] +126-191 Unassigned +192-223 Experimental Use [RFC3575] +224-240 Implementation Specific [RFC3575] +241-255 Reserved [RFC3575] + + +Registry Name: Radius Attribute Values +Reference: [RFC2865][RFC3575] + +Sub-registry: Values for RADIUS Attribute 6, Service-Type +Reference: [RFC2865][RFC3575] +Registration Procedures: Not defined + +Registry: +Value Description Reference +----- ------------------------------- --------- +1 Login +2 Framed +3 Callback Login +4 Callback Framed +5 Outbound +6 Administrative +7 NAS Prompt +8 Authenticate Only +9 Callback NAS Prompt +10 Call Check +11 Callback Administrative +12 Voice [Chiba] +13 Fax [Chiba] +14 Modem Relay [Chiba] +15 IAPP-Register [IEEE 802.11f][Kerry] +16 IAPP-AP-Check [IEEE 802.11f][Kerry] +17 Authorize Only [RFC3576] + +Sub-registry: Values for RADIUS Attribute 7, Framed-Protocol +Reference: [RFC2865] +Registration Procedures: Not defined + +Registry: +Value Description Reference +----- -------------------------------------------------- --------- +1 PPP +2 SLIP +3 AppleTalk Remote Access Protocol (ARAP) +4 Gandalf proprietary SingleLink/MultiLink protocol +5 Xylogics proprietary IPX/SLIP +6 X.75 Synchronous +7 GPRS PDP Context [Moore] + + +Sub-registry: Values for RADIUS Attribute 10, Framed-Routing +Reference: [RFC2865] +Registration Procedures: Not defined + +Registry: +Value Description Reference +----- ------------------------------------- --------- +0 None +1 Send routing packets +2 Listen for routing packets +3 Send and Listen + +Sub-registry: Values for RADIUS Attribute 13, Framed-Compression +Reference: [RFC2865] +Registration Procedures: Not defined + +Registry: +Value Description Reference +----- ----------------------------------------- --------- +0 None +1 VJ TCP/IP header compression +2 IPX header compression +3 Stac-LZS compression + +Sub-registry: Values for RADIUS Attribute 15, Login-Service +Reference: [RFC2865] +Registration Procedures: Not defined + +Registry: +Value Description Reference +----- ------------------------------------------------------------- --------- +0 Telnet +1 Rlogin +2 TCP Clear +3 PortMaster (proprietary) +4 LAT +5 X25-PAD +6 X25-T3POS +7 Unassigned +8 TCP Clear Quiet (suppresses any NAS-generated connect string) + + +Sub-registry: Values for RADIUS Attribute 29, Termination-Action +Reference: [RFC2865] +Registration Procedures: Not defined + +Registry: +Value Description Reference +----- ------------------------------------- --------- +0 Default +1 RADIUS-Request + +Sub-registry: Values for RADIUS Attribute 40, Acct-Status-Type +Reference: [RFC2866] +Registration Procedures: Not defined + +Registry: +Value Description Reference +----- ------------------------------------- --------- +1 Start [RFC2866] +2 Stop [RFC2866] +3 Interim-Update [RFC2866] +4-6 Unassigned +7 Accounting-On [RFC2866] +8 Accounting-Off [RFC2866] +9 Tunnel-Start [RFC2867] +10 Tunnel-Stop [RFC2867] +11 Tunnel-Reject [RFC2867] +12 Tunnel-Link-Start [RFC2867] +13 Tunnel-Link-Stop [RFC2867] +14 Tunnel-Link-Reject [RFC2867] +15 Failed [RFC2866] + +Sub-registry: Values for RADIUS Attribute 45, Acct-Authentic +Reference: [RFC2866] +Registration Procedures: Not defined + +Registry: +Value Description Reference +----- ------------------------------------- --------- +1 RADIUS [RFC2866] +2 Local [RFC2866] +3 Remote [RFC2866] +4 Diameter [Calhoun] + +Sub-registry: Values for RADIUS Attribute 49, Acct-Terminate-Cause +Reference: [RFC2866] +Registration Procedures: Not defined + +Registry: +Value Description Reference +----- ----------------------------------------- --------- +1 User Request [RFC2866] +2 Lost Carrier [RFC2866] +3 Lost Service [RFC2866] +4 Idle Timeout [RFC2866] +5 Session Timeout [RFC2866] +6 Admin Reset [RFC2866] +7 Admin Reboot [RFC2866] +8 Port Error [RFC2866] +9 NAS Error [RFC2866] +10 NAS Request [RFC2866] +11 NAS Reboot [RFC2866] +12 Port Unneeded [RFC2866] +13 Port Preempted [RFC2866] +14 Port Suspended [RFC2866] +15 Service Unavailable [RFC2866] +16 Callback [RFC2866] +17 User Error [RFC2866] +18 Host Request [RFC2866] +19 Supplicant Restart [RFC3580] +20 Reauthentication Failure [RFC3580] +21 Port Reinitialized [RFC3580] +22 Port Administratively Disabled [RFC3580] + +Sub-registry: Values for RADIUS Attribute 61, NAS-Port-Type +Reference: [RFC2865] +Registration Procedures: Not defined + +Registry: +Value Description Reference Registration Date +----- ------------------------------------------------------------------ --------------------- ----------------- +0 Async [RFC2865] +1 Sync [RFC2865] +2 ISDN Sync [RFC2865] +3 ISDN Async V.120 [RFC2865] +4 ISDN Async V.110 [RFC2865] +5 Virtual [RFC2865] +6 PIAFS [RFC2865] +7 HDLC Clear Channel [RFC2865] +8 X.25 [RFC2865] +9 X.75 [RFC2865] +10 G.3 Fax [RFC2865] +11 SDSL - Symmetric DSL [RFC2865] +12 ADSL-CAP - Asymmetric DSL, Carrierless Amplitude Phase Modulation [RFC2865] +13 ADSL-DMT - Asymmetric DSL, Discrete Multi-Tone [RFC2865] +14 IDSL - ISDN Digital Subscriber Line [RFC2865] +15 Ethernet [RFC2865] +16 xDSL - Digital Subscriber Line of unknown type [RFC2865] +17 Cable [RFC2865] +18 Wireless - Other [RFC2865] +19 Wireless - IEEE 802.11 [RFC2865] +20 Token-Ring [RFC3580] +21 FDDI [RFC3580] +22 Wireless - CDMA2000 [McCann] +23 Wireless - UMTS [McCann] +24 Wireless - 1X-EV [McCann] +25 IAPP [IEEE 802.11F][Kerry] +26 FTTP - Fiber to the Premises [Nyce] +27 Wireless - IEEE 802.16 [IEEE 802.16] 12 December 2006 +28 Wireless - IEEE 802.20 [IEEE 802.20] 12 December 2006 +29 Wireless - IEEE 802.22 [IEEE 802.22] 12 December 2006 +30 PPPoA - PPP over ATM [RFC4603] +31 PPPoEoA - PPP over Ethernet over ATM [RFC4603] +32 PPPoEoE - PPP over Ethernet over Ethernet [RFC4603] +33 PPPoEoVLAN - PPP over Ethernet over VLAN [RFC4603] +34 PPPoEoQinQ - PPP over Ethernet over IEEE 802.1QinQ [RFC4603] +35 xPON - Passive Optical Network [Hublet][Yan] 19 June 2007 + +Sub-registry: Values for RADIUS Attribute 64, Tunnel-Type +Reference: [RFC2868] +Registration Procedures: IETF Consensus + +Registry: +Value Description Reference +----- ------------------------------------------------------------ --------- +1 Point-to-Point Tunneling Protocol (PPTP) [RFC2868] +2 Layer Two Forwarding (L2F) [RFC2868] +3 Layer Two Tunneling Protocol (L2TP) [RFC2868] +4 Ascend Tunnel Management Protocol (ATMP) [RFC2868] +5 Virtual Tunneling Protocol (VTP) [RFC2868] +6 IP Authentication Header in the Tunnel-mode (AH) [RFC2868] +7 IP-in-IP Encapsulation (IP-IP) [RFC2868] +8 Minimal IP-in-IP Encapsulation (MIN-IP-IP) [RFC2868] +9 IP Encapsulating Security Payload in the Tunnel-mode (ESP) [RFC2868] +10 Generic Route Encapsulation (GRE) [RFC2868] +11 Bay Dial Virtual Services (DVS) [RFC2868] +12 IP-in-IP Tunneling [RFC2868] +13 Virtual LANs (VLAN) [RFC3580] + +Sub-registry: Values for RADIUS Attribute 65, Tunnel-Medium-Type +Reference: [RFC2868] +Registration Procedures: IETF Consensus + +Registry: +Value Description Reference +----- ---------------------------------------------------------------- --------- +1 IPv4 (IP version 4) [RFC2868] +2 IPv6 (IP version 6) [RFC2868] +3 NSAP [RFC2868] +4 HDLC (8-bit multidrop) [RFC2868] +5 BBN 1822 [RFC2868] +6 802 (includes all 802 media plus Ethernet "canonical format") [RFC2868] +7 E.163 (POTS) [RFC2868] +8 E.164 (SMDS, Frame Relay, ATM) [RFC2868] +9 F.69 (Telex) [RFC2868] +10 X.121 (X.25, Frame Relay) [RFC2868] +11 IPX [RFC2868] +12 Appletalk [RFC2868] +13 Decnet IV [RFC2868] +14 Banyan Vines [RFC2868] +15 E.164 with NSAP format subaddress [RFC2868] + +Sub-registry: Values for RADIUS Attribute 72, ARAP-Zone-Access +Reference: [RFC2869] +Registration Procedures: Not defined + +Registry: +Value Description Reference +----- ------------------------------------------------- --------- +1 Only allow access to default zone [RFC2869] +2 Use zone filter inclusively [RFC2869] +3 Not used [RFC2869] +4 Use zone filter exclusively [RFC2869] + +Sub-registry: Values for RADIUS Attribute 76, Prompt +Reference: [RFC2869] +Registration Procedures: Not defined + +Registry: +Value Description Reference +----- ------------------------------- --------- +0 No Echo [RFC2869] +1 Echo [RFC2869] + +Sub-registry: Values for RADIUS Attribute 101, Error-Cause Attribute +Reference: [RFC5176] +Registration Procedures: Not defined + +Registry: +Value Description Reference +----- ------------------------------------------------------ --------- +201 Residual Session Context Removed +202 Invalid EAP Packet (Ignored) +401 Unsupported Attribute +402 Missing Attribute +403 NAS Identification Mismatch +404 Invalid Request +405 Unsupported Service +406 Unsupported Extension +407 Invalid Attribute Value [RFC5176] +501 Administratively Prohibited +502 Request Not Routable (Proxy) +503 Session Context Not Found +504 Session Context Not Removable +505 Other Proxy Processing Error +506 Resources Unavailable +507 Request Initiated +508 Multiple Session Selection Unsupported [RFC5176] + + +Registry Name: RADIUS Packet Type Codes +Reference: [RFC3575] +Registration Procedures: IESG Approval + +Registry: +Decimal Message Reference +------- --------------------------------------- --------- +1 Access-Request [RFC2865] +2 Access-Accept [RFC2865] +3 Access-Reject [RFC2865] +4 Accounting-Request [RFC2865] +5 Accounting-Response [RFC2865] +6 Accounting-Status [RFC3575] + (now Interim Accounting) +7 Password-Request [RFC3575] +8 Password-Ack [RFC3575] +9 Password-Reject [RFC3575] +10 Accounting-Message [RFC3575] +11 Access-Challenge [RFC2865] +12 Status-Server (experimental) [RFC2865] +13 Status-Client (experimental) [RFC2865] +21 Resource-Free-Request [RFC3575] +22 Resource-Free-Response [RFC3575] +23 Resource-Query-Request [RFC3575] +24 Resource-Query-Response [RFC3575] +25 Alternate-Resource-Reclaim-Request [RFC3575] +26 NAS-Reboot-Request [RFC3575] +27 NAS-Reboot-Response [RFC3575] +28 Reserved +29 Next-Passcode [RFC3575] +30 New-Pin [RFC3575] +31 Terminate-Session [RFC3575] +32 Password-Expired [RFC3575] +33 Event-Request [RFC3575] +34 Event-Response [RFC3575] +40 Disconnect-Request [RFC3575][RFC5176] +41 Disconnect-ACK [RFC3575][RFC5176] +42 Disconnect-NAK [RFC3575][RFC5176] +43 CoA-Request [RFC3575][RFC5176] +44 CoA-ACK [RFC3575][RFC5176] +45 CoA-NAK [RFC3575][RFC5176] +50 IP-Address-Allocate [RFC3575] +51 IP-Address-Release [RFC3575] +52-249 Unassigned +250-253 Experimental Use [RFC3575] +254 Reserved [RFC3575] +255 Reserved [RFC3575] + + +References +-------------- +[IEEE 802.11F] + +[IEEE 802.16] + "IEEE Standard for Local and metropolitan area networks, + Part 16: Air Interface for Fixed and Mobile Broadband + Wireless Access Systems, Amendment2: Physical and Medium + Access Control Layers for Combined Fixed and Mobile + Operation in Licensed Bands", February 2006. + +[IEEE 802.20] + Mobile Broadband Wireless Access (MBWA), IEEE Standard, + Work in Progress. + +[IEEE 802.22] + Wireless Regional Area Networks (WRAN), IEEE Standard, + Work in Progress. + +[RFC2058] Rigney, C., A. Rubens, W. Simpson, and S. Willens, "Remote + Authentication Dial In User Service (RADIUS)", RFC 2058, + Livingston, Merit, Daydreamer, January 1997. + +[RFC2059] Rigney, C., "RADIUS Accounting", RFC 2059, Livingston, + November 1996. + +[RFC2865] Rigney, W., S. Willens, A. Rubens, and W. Simpson, + "Remote Authentication Dial In User Service (RADIUS)", + RFC 2865, June 2000. + +[RFC2866] Rigney, C., "RADIUS Accounting", RFC 2865, June 2000. + +[RFC2867] Zorn, G., B. Aboba, D. Mitton, "RADIUS Accounting + Modifications for Tunnel Protocol Support", RFC 2867, + June 2000. + +[RFC2868] Zorn, G., D. Leifer, A. Rubens, J. Shriver, M. Holdrege, + I. Goyret, "RADIUS Attributes for Tunnel Protocol Support", + RFC 2868, June 2000. + +[RFC2869] Rigney, C., W. Willats, P. Calhoun, "RADIUS Extensions", + RFC 2869, June 2000. + +[RFC3162] B. Aboba, G. Zorn, and D. Mitton, "RADIUS and IPv6", + RFC 3162, August 2001. + +[RFC3336] B. Thompson, T. Koren and B. Buffam, "PPP Over Asynchronous + Transfer Mode Adaptation Layer 2 (AAL2)", RFC 3336, + December 2002. + +[RFC3575] B. Aboba, "IANA Considerations for RADIUS (Remote Authentication + Dial In User Service)", RFC 3575, July 2003. + +[RFC3580] P. Congdon, B. Aboba, A. Smith, G. Zorn, and J. Roese, + "IEEE 802.1X RADIUS Usage Guidelines", RFC 3580, September 2003. + +[RFC4072] P. Eronen, Ed., T. Hiller, and G. Zorn, "Diameter Extensible + Authentication Protocol (EAP) Application", RFC 4072, August 2005. + +[RFC4372] F. Adrangi, A. Lior, J. Korhonen and J. Loughney, "Chargeable User + Identity", RFC 4372, January 2006. + +[RFC4603] G. Zorn, G. Weber and R. Foltak, "Additional Values for the NAS-Port-Type + Attribute", RFC 4603, July 2006. + +[RFC4590] B. Sterman, D. Sadolevsky, D. Schwartz, D. Williams and W. Beck, + "RADIUS Extension for Digest Authentication", RFC 4590, July 2006 + +[RFC4675] P. Congdon, M. Sanchez, B. Aboba, "RADIUS Attributes for + Virtual LAN and Priority Support", RFC 4675, September 2006. + +[RFC4818] J. Salowey, R. Droms, "RADIUS Delegated-IPv6-Prefix Attribute", + RFC 4818, April 2007. + +[RFC4849] P. Congdon, M. Sanchez, B. Aboba, "RADIUS Filter Rule Attribute", + RFC 4849, April 2007. + +[RFC5090] B. Sterman, D. Sadolevsky, D. Schwartz, D. Williams, W. Beck, + "RADIUS Extension for Digest Authentication", RFC 5090, + February 2008. + +[RFC5176] M. Chiba, G. Dommety, M. Eklund, D. Mitton, B. Aboba, "Dynamic + Authorization Extensions to Remote Authentication Dial In User + Service (RADIUS)", RFC 5176, January 2008. + +[RFC5447] J. Korhonen, Ed., J. Bournelle, H. Tschofenig, C. Perkins, K. + Chowdhury, "Diameter Mobile IPv6: Support for Network Access Server + to Diameter Server Interaction", RFC 5447, February 2009. + +People +------ +[Calhoun] Pat Calhoun, , May 2001. + +[Chiba] Murtaza Chiba, , June 2001. + +[Hublet] Christian Hublet, , 21 June 2007. + +[Kerry] Stuart Kerry, stuart.kerry&philips.com>, January 2003. + +[McCann] Pete McCann, , March 2002. + +[Moore] Jeff Moore, , February 2001. + +[Nyce] Tim Nyce, , March 2004 + +[Trifunovic] Nenad Trifunovic, , October 1998. + +[Yan] Renxiang Yan, , 19 June 2007. + +[] diff -r 6c2198aa037c -r 505a9ee1244b extensions/radius_gw/radius-types-attrtypes --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extensions/radius_gw/radius-types-attrtypes Wed May 20 15:14:31 2009 +0900 @@ -0,0 +1,129 @@ +1 User-Name +2 User-Password +3 CHAP-Password +4 NAS-IP-Address +5 NAS-Port +6 Service-Type +7 Framed-Protocol +8 Framed-IP-Address +9 Framed-IP-Netmask +10 Framed-Routing +11 Filter-Id +12 Framed-MTU +13 Framed-Compression +14 Login-IP-Host +15 Login-Service +16 Login-TCP-Port +17 Unassigned +18 Reply-Message +19 Callback-Number +20 Callback-Id +21 Unassigned +22 Framed-Route +23 Framed-IPX-Network +24 State +25 Class +26 Vendor-Specific +27 Session-Timeout +28 Idle-Timeout +29 Termination-Action +30 Called-Station-Id +31 Calling-Station-Id +32 NAS-Identifier +33 Proxy-State +34 Login-LAT-Service +35 Login-LAT-Node +36 Login-LAT-Group +37 Framed-AppleTalk-Link +38 Framed-AppleTalk-Network +39 Framed-AppleTalk-Zone +40 Acct-Status-Type [RFC2866] +41 Acct-Delay-Time [RFC2866] +42 Acct-Input-Octets [RFC2866] +43 Acct-Output-Octets [RFC2866] +44 Acct-Session-Id [RFC2866] +45 Acct-Authentic [RFC2866] +46 Acct-Session-Time [RFC2866] +47 Acct-Input-Packets [RFC2866] +48 Acct-Output-Packets [RFC2866] +49 Acct-Terminate-Cause [RFC2866] +50 Acct-Multi-Session-Id [RFC2866] +51 Acct-Link-Count [RFC2866] +52 Acct-Input-Gigawords [RFC2869] +53 Acct-Output-Gigawords [RFC2869] +54 Unassigned +55 Event-Timestamp [RFC2869] +56 Egress-VLANID [RFC4675] +57 Ingress-Filters [RFC4675] +58 Egress-VLAN-Name [RFC4675] +59 User-Priority-Table [RFC4675] +60 CHAP-Challenge +61 NAS-Port-Type +62 Port-Limit +63 Login-LAT-Port +64 Tunnel-Type [RFC2868] +65 Tunnel-Medium-Type [RFC2868] +66 Tunnel-Client-Endpoint [RFC2868] +67 Tunnel-Server-Endpoint [RFC2868] +68 Acct-Tunnel-Connection [RFC2867] +69 Tunnel-Password [RFC2868] +70 ARAP-Password [RFC2869] +71 ARAP-Features [RFC2869] +72 ARAP-Zone-Access [RFC2869] +73 ARAP-Security [RFC2869] +74 ARAP-Security-Data [RFC2869] +75 Password-Retry [RFC2869] +76 Prompt [RFC2869] +77 Connect-Info [RFC2869] +78 Configuration-Token [RFC2869] +79 EAP-Message [RFC2869] +80 Message-Authenticator [RFC2869] +81 Tunnel-Private-Group-ID [RFC2868] +82 Tunnel-Assignment-ID [RFC2868] +83 Tunnel-Preference [RFC2868] +84 ARAP-Challenge-Response [RFC2869] +85 Acct-Interim-Interval [RFC2869] +86 Acct-Tunnel-Packets-Lost [RFC2867] +87 NAS-Port-Id [RFC2869] +88 Framed-Pool [RFC2869] +89 CUI [RFC4372] +90 Tunnel-Client-Auth-ID [RFC2868] +91 Tunnel-Server-Auth-ID [RFC2868] +92 NAS-Filter-Rule [RFC4849] +93 Unassigned +94 Originating-Line-Info [RFC4005] +95 NAS-IPv6-Address [RFC3162] +96 Framed-Interface-Id [RFC3162] +97 Framed-IPv6-Prefix [RFC3162] +98 Login-IPv6-Host [RFC3162] +99 Framed-IPv6-Route [RFC3162] +100 Framed-IPv6-Pool [RFC3162] +101 Error-Cause Attribute [RFC3576] +102 EAP-Key-Name [RFC4072] +103 Digest-Response [RFC5090] +104 Digest-Realm [RFC5090] +105 Digest-Nonce [RFC5090] +106 Digest-Response-Auth [RFC5090] +107 Digest-Nextnonce [RFC5090] +108 Digest-Method [RFC5090] +109 Digest-URI [RFC5090] +110 Digest-Qop [RFC5090] +111 Digest-Algorithm [RFC5090] +112 Digest-Entity-Body-Hash [RFC5090] +113 Digest-CNonce [RFC5090] +114 Digest-Nonce-Count [RFC5090] +115 Digest-Username [RFC5090] +116 Digest-Opaque [RFC5090] +117 Digest-Auth-Param [RFC5090] +118 Digest-AKA-Auts [RFC5090] +119 Digest-Domain [RFC5090] +120 Digest-Stale [RFC5090] +121 Digest-HA1 [RFC5090] +122 SIP-AOR [RFC5090] +123 Delegated-IPv6-Prefix [RFC4818] +124 MIP6-Feature-Vector [RFC5447] +125 MIP6-Home-Link-Prefix [RFC5447] +126-191 Unassigned +192-223 Experimental Use [RFC3575] +224-240 Implementation Specific [RFC3575] +241-255 Reserved [RFC3575] diff -r 6c2198aa037c -r 505a9ee1244b extensions/radius_gw/radius-types-codes --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extensions/radius_gw/radius-types-codes Wed May 20 15:14:31 2009 +0900 @@ -0,0 +1,39 @@ +1 Access-Request [RFC2865] +2 Access-Accept [RFC2865] +3 Access-Reject [RFC2865] +4 Accounting-Request [RFC2865] +5 Accounting-Response [RFC2865] +6 Accounting-Status [RFC3575] +7 Password-Request [RFC3575] +8 Password-Ack [RFC3575] +9 Password-Reject [RFC3575] +10 Accounting-Message [RFC3575] +11 Access-Challenge [RFC2865] +12 Status-Server (experimental) [RFC2865] +13 Status-Client (experimental) [RFC2865] +21 Resource-Free-Request [RFC3575] +22 Resource-Free-Response [RFC3575] +23 Resource-Query-Request [RFC3575] +24 Resource-Query-Response [RFC3575] +25 Alternate-Resource-Reclaim-Request [RFC3575] +26 NAS-Reboot-Request [RFC3575] +27 NAS-Reboot-Response [RFC3575] +28 Reserved +29 Next-Passcode [RFC3575] +30 New-Pin [RFC3575] +31 Terminate-Session [RFC3575] +32 Password-Expired [RFC3575] +33 Event-Request [RFC3575] +34 Event-Response [RFC3575] +40 Disconnect-Request [RFC3575][RFC5176] +41 Disconnect-ACK [RFC3575][RFC5176] +42 Disconnect-NAK [RFC3575][RFC5176] +43 CoA-Request [RFC3575][RFC5176] +44 CoA-ACK [RFC3575][RFC5176] +45 CoA-NAK [RFC3575][RFC5176] +50 IP-Address-Allocate [RFC3575] +51 IP-Address-Release [RFC3575] +52-249 Unassigned +250-253 Experimental Use [RFC3575] +254 Reserved [RFC3575] +255 Reserved [RFC3575] diff -r 6c2198aa037c -r 505a9ee1244b extensions/radius_gw/radius_gw.h --- a/extensions/radius_gw/radius_gw.h Wed May 20 10:24:46 2009 +0900 +++ b/extensions/radius_gw/radius_gw.h Wed May 20 15:14:31 2009 +0900 @@ -135,6 +135,9 @@ /* Radius message */ void rg_msg_free(rad_t * msg); +char * rg_msg_code_str(uint8_t c); +char * rg_msg_attrtype_str(uint8_t c); +void rg_msg_dump(int level, rad_t * msg); /****************************************/ diff -r 6c2198aa037c -r 505a9ee1244b extensions/radius_gw/rebuild_inc.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extensions/radius_gw/rebuild_inc.sh Wed May 20 15:14:31 2009 +0900 @@ -0,0 +1,33 @@ +#/bin/bash + +# This script rebuilds the files rg_utils_*.inc. +# It should be called when the radius-types file is updated with: +# wget http://www.iana.org/assignments/radius-types + +if [ ! -f radius-types ]; +then echo "Missing file radius-types, please get a fresh copy first."; +exit 2; +fi + +if [ -f rg_utils_codes.inc ]; +then mv -f rg_utils_codes.inc rg_utils_codes.inc.bak; +fi + +if [ -f rg_utils_attrtype.inc ]; +then mv -f rg_utils_attrtype.inc rg_utils_attrtype.inc.bak; +fi + +echo "Rebuilding rg_utils_codes.inc..." + +# Not too sure how to rebuid radius-types-codes from radius-types, skipping... +echo "WARNING: radius-types-codes has not been rebuilt" + +awk -f register-parse.awk radius-types-codes > rg_utils_codes.inc + +echo "Rebuilding rg_utils_attrtype.inc..." +echo "WARNING: radius-types-attrtypes has not been rebuilt" + +awk -f register-parse.awk radius-types-attrtypes > rg_utils_attrtype.inc + +echo "Finished." + diff -r 6c2198aa037c -r 505a9ee1244b extensions/radius_gw/register-parse.awk --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extensions/radius_gw/register-parse.awk Wed May 20 15:14:31 2009 +0900 @@ -0,0 +1,4 @@ + { print "\t\t/*", $0, "*/" } # Add commented line of input + { if ($1 ~ /^[0-9][0-9]?[0-9]?$/) print "\tif ( c == " $1 ") return \"" $2, $3, $4, $5 "\";" } + { if ($1 ~ /^([0-9][0-9]?[0-9]?)-([0-9][0-9]?[0-9]?)$/) { split($1, a, "-"); + print "\tif ((c >= " a[1] ") && (c <= " a[2] ")) return \"" $2, $3, $4, $5 "\";" }} diff -r 6c2198aa037c -r 505a9ee1244b extensions/radius_gw/rg_utils.c --- a/extensions/radius_gw/rg_utils.c Wed May 20 10:24:46 2009 +0900 +++ b/extensions/radius_gw/rg_utils.c Wed May 20 15:14:31 2009 +0900 @@ -99,3 +99,38 @@ } free(msg); } + +char * rg_msg_code_str(uint8_t c) +{ + /* Include generated source file, see rebuild_inc.sh script */ +#include "rg_utils_codes.inc" + return "[unknown]"; +} +char * rg_msg_attrtype_str(uint8_t c) +{ + /* Include generated source file, see rebuild_inc.sh script */ +#include "rg_utils_attrtype.inc" + return "[unknown]"; +} + +void rg_msg_dump(int level, rad_t * msg) +{ + struct rg_list * attr; + + if ( ! TRACE_BOOL(level) ) + return; + + log_debug("------ RADIUS msg dump -------\n"); + log_debug(" id: %02hhx, code: %hhd (%s)\n", msg->identifier, msg->code, rg_msg_code_str(msg->code)); + log_debug(" auth: %02hhx %02hhx %02hhx %02hhx %02hhx %02hhx %02hhx %02hhx\n", + msg->authenticator[0], msg->authenticator[1], msg->authenticator[2], msg->authenticator[3], + msg->authenticator[4], msg->authenticator[5], msg->authenticator[6], msg->authenticator[7]); + log_debug(" %02hhx %02hhx %02hhx %02hhx %02hhx %02hhx %02hhx %02hhx\n", + msg->authenticator[8], msg->authenticator[9], msg->authenticator[10], msg->authenticator[11], + msg->authenticator[12], msg->authenticator[13], msg->authenticator[14], msg->authenticator[15]); + for (attr = msg->attributes.next; attr != &msg->attributes; attr = attr->next) { + struct rad_attr * loc = (struct rad_attr *)attr; + log_debug(" attr: len:%3hhd, type:%02hhx (%s)\n", loc->length, loc->type, rg_msg_attrtype_str(loc->type)); + } + log_debug("-----------------------------\n"); +} diff -r 6c2198aa037c -r 505a9ee1244b extensions/radius_gw/rg_utils_attrtype.inc --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extensions/radius_gw/rg_utils_attrtype.inc Wed May 20 15:14:31 2009 +0900 @@ -0,0 +1,258 @@ + /* 1 User-Name */ + if ( c == 1) return "User-Name "; + /* 2 User-Password */ + if ( c == 2) return "User-Password "; + /* 3 CHAP-Password */ + if ( c == 3) return "CHAP-Password "; + /* 4 NAS-IP-Address */ + if ( c == 4) return "NAS-IP-Address "; + /* 5 NAS-Port */ + if ( c == 5) return "NAS-Port "; + /* 6 Service-Type */ + if ( c == 6) return "Service-Type "; + /* 7 Framed-Protocol */ + if ( c == 7) return "Framed-Protocol "; + /* 8 Framed-IP-Address */ + if ( c == 8) return "Framed-IP-Address "; + /* 9 Framed-IP-Netmask */ + if ( c == 9) return "Framed-IP-Netmask "; + /* 10 Framed-Routing */ + if ( c == 10) return "Framed-Routing "; + /* 11 Filter-Id */ + if ( c == 11) return "Filter-Id "; + /* 12 Framed-MTU */ + if ( c == 12) return "Framed-MTU "; + /* 13 Framed-Compression */ + if ( c == 13) return "Framed-Compression "; + /* 14 Login-IP-Host */ + if ( c == 14) return "Login-IP-Host "; + /* 15 Login-Service */ + if ( c == 15) return "Login-Service "; + /* 16 Login-TCP-Port */ + if ( c == 16) return "Login-TCP-Port "; + /* 17 Unassigned */ + if ( c == 17) return "Unassigned "; + /* 18 Reply-Message */ + if ( c == 18) return "Reply-Message "; + /* 19 Callback-Number */ + if ( c == 19) return "Callback-Number "; + /* 20 Callback-Id */ + if ( c == 20) return "Callback-Id "; + /* 21 Unassigned */ + if ( c == 21) return "Unassigned "; + /* 22 Framed-Route */ + if ( c == 22) return "Framed-Route "; + /* 23 Framed-IPX-Network */ + if ( c == 23) return "Framed-IPX-Network "; + /* 24 State */ + if ( c == 24) return "State "; + /* 25 Class */ + if ( c == 25) return "Class "; + /* 26 Vendor-Specific */ + if ( c == 26) return "Vendor-Specific "; + /* 27 Session-Timeout */ + if ( c == 27) return "Session-Timeout "; + /* 28 Idle-Timeout */ + if ( c == 28) return "Idle-Timeout "; + /* 29 Termination-Action */ + if ( c == 29) return "Termination-Action "; + /* 30 Called-Station-Id */ + if ( c == 30) return "Called-Station-Id "; + /* 31 Calling-Station-Id */ + if ( c == 31) return "Calling-Station-Id "; + /* 32 NAS-Identifier */ + if ( c == 32) return "NAS-Identifier "; + /* 33 Proxy-State */ + if ( c == 33) return "Proxy-State "; + /* 34 Login-LAT-Service */ + if ( c == 34) return "Login-LAT-Service "; + /* 35 Login-LAT-Node */ + if ( c == 35) return "Login-LAT-Node "; + /* 36 Login-LAT-Group */ + if ( c == 36) return "Login-LAT-Group "; + /* 37 Framed-AppleTalk-Link */ + if ( c == 37) return "Framed-AppleTalk-Link "; + /* 38 Framed-AppleTalk-Network */ + if ( c == 38) return "Framed-AppleTalk-Network "; + /* 39 Framed-AppleTalk-Zone */ + if ( c == 39) return "Framed-AppleTalk-Zone "; + /* 40 Acct-Status-Type [RFC2866] */ + if ( c == 40) return "Acct-Status-Type [RFC2866] "; + /* 41 Acct-Delay-Time [RFC2866] */ + if ( c == 41) return "Acct-Delay-Time [RFC2866] "; + /* 42 Acct-Input-Octets [RFC2866] */ + if ( c == 42) return "Acct-Input-Octets [RFC2866] "; + /* 43 Acct-Output-Octets [RFC2866] */ + if ( c == 43) return "Acct-Output-Octets [RFC2866] "; + /* 44 Acct-Session-Id [RFC2866] */ + if ( c == 44) return "Acct-Session-Id [RFC2866] "; + /* 45 Acct-Authentic [RFC2866] */ + if ( c == 45) return "Acct-Authentic [RFC2866] "; + /* 46 Acct-Session-Time [RFC2866] */ + if ( c == 46) return "Acct-Session-Time [RFC2866] "; + /* 47 Acct-Input-Packets [RFC2866] */ + if ( c == 47) return "Acct-Input-Packets [RFC2866] "; + /* 48 Acct-Output-Packets [RFC2866] */ + if ( c == 48) return "Acct-Output-Packets [RFC2866] "; + /* 49 Acct-Terminate-Cause [RFC2866] */ + if ( c == 49) return "Acct-Terminate-Cause [RFC2866] "; + /* 50 Acct-Multi-Session-Id [RFC2866] */ + if ( c == 50) return "Acct-Multi-Session-Id [RFC2866] "; + /* 51 Acct-Link-Count [RFC2866] */ + if ( c == 51) return "Acct-Link-Count [RFC2866] "; + /* 52 Acct-Input-Gigawords [RFC2869] */ + if ( c == 52) return "Acct-Input-Gigawords [RFC2869] "; + /* 53 Acct-Output-Gigawords [RFC2869] */ + if ( c == 53) return "Acct-Output-Gigawords [RFC2869] "; + /* 54 Unassigned */ + if ( c == 54) return "Unassigned "; + /* 55 Event-Timestamp [RFC2869] */ + if ( c == 55) return "Event-Timestamp [RFC2869] "; + /* 56 Egress-VLANID [RFC4675] */ + if ( c == 56) return "Egress-VLANID [RFC4675] "; + /* 57 Ingress-Filters [RFC4675] */ + if ( c == 57) return "Ingress-Filters [RFC4675] "; + /* 58 Egress-VLAN-Name [RFC4675] */ + if ( c == 58) return "Egress-VLAN-Name [RFC4675] "; + /* 59 User-Priority-Table [RFC4675] */ + if ( c == 59) return "User-Priority-Table [RFC4675] "; + /* 60 CHAP-Challenge */ + if ( c == 60) return "CHAP-Challenge "; + /* 61 NAS-Port-Type */ + if ( c == 61) return "NAS-Port-Type "; + /* 62 Port-Limit */ + if ( c == 62) return "Port-Limit "; + /* 63 Login-LAT-Port */ + if ( c == 63) return "Login-LAT-Port "; + /* 64 Tunnel-Type [RFC2868] */ + if ( c == 64) return "Tunnel-Type [RFC2868] "; + /* 65 Tunnel-Medium-Type [RFC2868] */ + if ( c == 65) return "Tunnel-Medium-Type [RFC2868] "; + /* 66 Tunnel-Client-Endpoint [RFC2868] */ + if ( c == 66) return "Tunnel-Client-Endpoint [RFC2868] "; + /* 67 Tunnel-Server-Endpoint [RFC2868] */ + if ( c == 67) return "Tunnel-Server-Endpoint [RFC2868] "; + /* 68 Acct-Tunnel-Connection [RFC2867] */ + if ( c == 68) return "Acct-Tunnel-Connection [RFC2867] "; + /* 69 Tunnel-Password [RFC2868] */ + if ( c == 69) return "Tunnel-Password [RFC2868] "; + /* 70 ARAP-Password [RFC2869] */ + if ( c == 70) return "ARAP-Password [RFC2869] "; + /* 71 ARAP-Features [RFC2869] */ + if ( c == 71) return "ARAP-Features [RFC2869] "; + /* 72 ARAP-Zone-Access [RFC2869] */ + if ( c == 72) return "ARAP-Zone-Access [RFC2869] "; + /* 73 ARAP-Security [RFC2869] */ + if ( c == 73) return "ARAP-Security [RFC2869] "; + /* 74 ARAP-Security-Data [RFC2869] */ + if ( c == 74) return "ARAP-Security-Data [RFC2869] "; + /* 75 Password-Retry [RFC2869] */ + if ( c == 75) return "Password-Retry [RFC2869] "; + /* 76 Prompt [RFC2869] */ + if ( c == 76) return "Prompt [RFC2869] "; + /* 77 Connect-Info [RFC2869] */ + if ( c == 77) return "Connect-Info [RFC2869] "; + /* 78 Configuration-Token [RFC2869] */ + if ( c == 78) return "Configuration-Token [RFC2869] "; + /* 79 EAP-Message [RFC2869] */ + if ( c == 79) return "EAP-Message [RFC2869] "; + /* 80 Message-Authenticator [RFC2869] */ + if ( c == 80) return "Message-Authenticator [RFC2869] "; + /* 81 Tunnel-Private-Group-ID [RFC2868] */ + if ( c == 81) return "Tunnel-Private-Group-ID [RFC2868] "; + /* 82 Tunnel-Assignment-ID [RFC2868] */ + if ( c == 82) return "Tunnel-Assignment-ID [RFC2868] "; + /* 83 Tunnel-Preference [RFC2868] */ + if ( c == 83) return "Tunnel-Preference [RFC2868] "; + /* 84 ARAP-Challenge-Response [RFC2869] */ + if ( c == 84) return "ARAP-Challenge-Response [RFC2869] "; + /* 85 Acct-Interim-Interval [RFC2869] */ + if ( c == 85) return "Acct-Interim-Interval [RFC2869] "; + /* 86 Acct-Tunnel-Packets-Lost [RFC2867] */ + if ( c == 86) return "Acct-Tunnel-Packets-Lost [RFC2867] "; + /* 87 NAS-Port-Id [RFC2869] */ + if ( c == 87) return "NAS-Port-Id [RFC2869] "; + /* 88 Framed-Pool [RFC2869] */ + if ( c == 88) return "Framed-Pool [RFC2869] "; + /* 89 CUI [RFC4372] */ + if ( c == 89) return "CUI [RFC4372] "; + /* 90 Tunnel-Client-Auth-ID [RFC2868] */ + if ( c == 90) return "Tunnel-Client-Auth-ID [RFC2868] "; + /* 91 Tunnel-Server-Auth-ID [RFC2868] */ + if ( c == 91) return "Tunnel-Server-Auth-ID [RFC2868] "; + /* 92 NAS-Filter-Rule [RFC4849] */ + if ( c == 92) return "NAS-Filter-Rule [RFC4849] "; + /* 93 Unassigned */ + if ( c == 93) return "Unassigned "; + /* 94 Originating-Line-Info [RFC4005] */ + if ( c == 94) return "Originating-Line-Info [RFC4005] "; + /* 95 NAS-IPv6-Address [RFC3162] */ + if ( c == 95) return "NAS-IPv6-Address [RFC3162] "; + /* 96 Framed-Interface-Id [RFC3162] */ + if ( c == 96) return "Framed-Interface-Id [RFC3162] "; + /* 97 Framed-IPv6-Prefix [RFC3162] */ + if ( c == 97) return "Framed-IPv6-Prefix [RFC3162] "; + /* 98 Login-IPv6-Host [RFC3162] */ + if ( c == 98) return "Login-IPv6-Host [RFC3162] "; + /* 99 Framed-IPv6-Route [RFC3162] */ + if ( c == 99) return "Framed-IPv6-Route [RFC3162] "; + /* 100 Framed-IPv6-Pool [RFC3162] */ + if ( c == 100) return "Framed-IPv6-Pool [RFC3162] "; + /* 101 Error-Cause Attribute [RFC3576] */ + if ( c == 101) return "Error-Cause Attribute [RFC3576] "; + /* 102 EAP-Key-Name [RFC4072] */ + if ( c == 102) return "EAP-Key-Name [RFC4072] "; + /* 103 Digest-Response [RFC5090] */ + if ( c == 103) return "Digest-Response [RFC5090] "; + /* 104 Digest-Realm [RFC5090] */ + if ( c == 104) return "Digest-Realm [RFC5090] "; + /* 105 Digest-Nonce [RFC5090] */ + if ( c == 105) return "Digest-Nonce [RFC5090] "; + /* 106 Digest-Response-Auth [RFC5090] */ + if ( c == 106) return "Digest-Response-Auth [RFC5090] "; + /* 107 Digest-Nextnonce [RFC5090] */ + if ( c == 107) return "Digest-Nextnonce [RFC5090] "; + /* 108 Digest-Method [RFC5090] */ + if ( c == 108) return "Digest-Method [RFC5090] "; + /* 109 Digest-URI [RFC5090] */ + if ( c == 109) return "Digest-URI [RFC5090] "; + /* 110 Digest-Qop [RFC5090] */ + if ( c == 110) return "Digest-Qop [RFC5090] "; + /* 111 Digest-Algorithm [RFC5090] */ + if ( c == 111) return "Digest-Algorithm [RFC5090] "; + /* 112 Digest-Entity-Body-Hash [RFC5090] */ + if ( c == 112) return "Digest-Entity-Body-Hash [RFC5090] "; + /* 113 Digest-CNonce [RFC5090] */ + if ( c == 113) return "Digest-CNonce [RFC5090] "; + /* 114 Digest-Nonce-Count [RFC5090] */ + if ( c == 114) return "Digest-Nonce-Count [RFC5090] "; + /* 115 Digest-Username [RFC5090] */ + if ( c == 115) return "Digest-Username [RFC5090] "; + /* 116 Digest-Opaque [RFC5090] */ + if ( c == 116) return "Digest-Opaque [RFC5090] "; + /* 117 Digest-Auth-Param [RFC5090] */ + if ( c == 117) return "Digest-Auth-Param [RFC5090] "; + /* 118 Digest-AKA-Auts [RFC5090] */ + if ( c == 118) return "Digest-AKA-Auts [RFC5090] "; + /* 119 Digest-Domain [RFC5090] */ + if ( c == 119) return "Digest-Domain [RFC5090] "; + /* 120 Digest-Stale [RFC5090] */ + if ( c == 120) return "Digest-Stale [RFC5090] "; + /* 121 Digest-HA1 [RFC5090] */ + if ( c == 121) return "Digest-HA1 [RFC5090] "; + /* 122 SIP-AOR [RFC5090] */ + if ( c == 122) return "SIP-AOR [RFC5090] "; + /* 123 Delegated-IPv6-Prefix [RFC4818] */ + if ( c == 123) return "Delegated-IPv6-Prefix [RFC4818] "; + /* 124 MIP6-Feature-Vector [RFC5447] */ + if ( c == 124) return "MIP6-Feature-Vector [RFC5447] "; + /* 125 MIP6-Home-Link-Prefix [RFC5447] */ + if ( c == 125) return "MIP6-Home-Link-Prefix [RFC5447] "; + /* 126-191 Unassigned */ + if ((c >= 126) && (c <= 191)) return "Unassigned "; + /* 192-223 Experimental Use [RFC3575] */ + if ((c >= 192) && (c <= 223)) return "Experimental Use [RFC3575] "; + /* 224-240 Implementation Specific [RFC3575] */ + if ((c >= 224) && (c <= 240)) return "Implementation Specific [RFC3575] "; + /* 241-255 Reserved [RFC3575] */ + if ((c >= 241) && (c <= 255)) return "Reserved [RFC3575] "; diff -r 6c2198aa037c -r 505a9ee1244b extensions/radius_gw/rg_utils_codes.inc --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extensions/radius_gw/rg_utils_codes.inc Wed May 20 15:14:31 2009 +0900 @@ -0,0 +1,78 @@ + /* 1 Access-Request [RFC2865] */ + if ( c == 1) return "Access-Request [RFC2865] "; + /* 2 Access-Accept [RFC2865] */ + if ( c == 2) return "Access-Accept [RFC2865] "; + /* 3 Access-Reject [RFC2865] */ + if ( c == 3) return "Access-Reject [RFC2865] "; + /* 4 Accounting-Request [RFC2865] */ + if ( c == 4) return "Accounting-Request [RFC2865] "; + /* 5 Accounting-Response [RFC2865] */ + if ( c == 5) return "Accounting-Response [RFC2865] "; + /* 6 Accounting-Status [RFC3575] */ + if ( c == 6) return "Accounting-Status [RFC3575] "; + /* 7 Password-Request [RFC3575] */ + if ( c == 7) return "Password-Request [RFC3575] "; + /* 8 Password-Ack [RFC3575] */ + if ( c == 8) return "Password-Ack [RFC3575] "; + /* 9 Password-Reject [RFC3575] */ + if ( c == 9) return "Password-Reject [RFC3575] "; + /* 10 Accounting-Message [RFC3575] */ + if ( c == 10) return "Accounting-Message [RFC3575] "; + /* 11 Access-Challenge [RFC2865] */ + if ( c == 11) return "Access-Challenge [RFC2865] "; + /* 12 Status-Server (experimental) [RFC2865] */ + if ( c == 12) return "Status-Server (experimental) [RFC2865] "; + /* 13 Status-Client (experimental) [RFC2865] */ + if ( c == 13) return "Status-Client (experimental) [RFC2865] "; + /* 21 Resource-Free-Request [RFC3575] */ + if ( c == 21) return "Resource-Free-Request [RFC3575] "; + /* 22 Resource-Free-Response [RFC3575] */ + if ( c == 22) return "Resource-Free-Response [RFC3575] "; + /* 23 Resource-Query-Request [RFC3575] */ + if ( c == 23) return "Resource-Query-Request [RFC3575] "; + /* 24 Resource-Query-Response [RFC3575] */ + if ( c == 24) return "Resource-Query-Response [RFC3575] "; + /* 25 Alternate-Resource-Reclaim-Request [RFC3575] */ + if ( c == 25) return "Alternate-Resource-Reclaim-Request [RFC3575] "; + /* 26 NAS-Reboot-Request [RFC3575] */ + if ( c == 26) return "NAS-Reboot-Request [RFC3575] "; + /* 27 NAS-Reboot-Response [RFC3575] */ + if ( c == 27) return "NAS-Reboot-Response [RFC3575] "; + /* 28 Reserved */ + if ( c == 28) return "Reserved "; + /* 29 Next-Passcode [RFC3575] */ + if ( c == 29) return "Next-Passcode [RFC3575] "; + /* 30 New-Pin [RFC3575] */ + if ( c == 30) return "New-Pin [RFC3575] "; + /* 31 Terminate-Session [RFC3575] */ + if ( c == 31) return "Terminate-Session [RFC3575] "; + /* 32 Password-Expired [RFC3575] */ + if ( c == 32) return "Password-Expired [RFC3575] "; + /* 33 Event-Request [RFC3575] */ + if ( c == 33) return "Event-Request [RFC3575] "; + /* 34 Event-Response [RFC3575] */ + if ( c == 34) return "Event-Response [RFC3575] "; + /* 40 Disconnect-Request [RFC3575][RFC5176] */ + if ( c == 40) return "Disconnect-Request [RFC3575][RFC5176] "; + /* 41 Disconnect-ACK [RFC3575][RFC5176] */ + if ( c == 41) return "Disconnect-ACK [RFC3575][RFC5176] "; + /* 42 Disconnect-NAK [RFC3575][RFC5176] */ + if ( c == 42) return "Disconnect-NAK [RFC3575][RFC5176] "; + /* 43 CoA-Request [RFC3575][RFC5176] */ + if ( c == 43) return "CoA-Request [RFC3575][RFC5176] "; + /* 44 CoA-ACK [RFC3575][RFC5176] */ + if ( c == 44) return "CoA-ACK [RFC3575][RFC5176] "; + /* 45 CoA-NAK [RFC3575][RFC5176] */ + if ( c == 45) return "CoA-NAK [RFC3575][RFC5176] "; + /* 50 IP-Address-Allocate [RFC3575] */ + if ( c == 50) return "IP-Address-Allocate [RFC3575] "; + /* 51 IP-Address-Release [RFC3575] */ + if ( c == 51) return "IP-Address-Release [RFC3575] "; + /* 52-249 Unassigned */ + if ((c >= 52) && (c <= 249)) return "Unassigned "; + /* 250-253 Experimental Use [RFC3575] */ + if ((c >= 250) && (c <= 253)) return "Experimental Use [RFC3575] "; + /* 254 Reserved [RFC3575] */ + if ( c == 254) return "Reserved [RFC3575] "; + /* 255 Reserved [RFC3575] */ + if ( c == 255) return "Reserved [RFC3575] "; diff -r 6c2198aa037c -r 505a9ee1244b extensions/radius_gw/rgw_servers.c --- a/extensions/radius_gw/rgw_servers.c Wed May 20 10:24:46 2009 +0900 +++ b/extensions/radius_gw/rgw_servers.c Wed May 20 15:14:31 2009 +0900 @@ -122,7 +122,26 @@ /* read the next message */ CHECK_SYS_DO( len = recvfrom( me->sock, buf, RADIUS_MAX_MSG_LEN, 0, (struct sockaddr *) &from, &fromlen), break ); - TRACE_DEBUG(FULL, "Received %d bytes", len); + { + char ipstr[INET6_ADDRSTRLEN]; + uint16_t port; + + switch (from.ss_family) { + case AF_INET: + inet_ntop(AF_INET, &((struct sockaddr_in *)&from)->sin_addr,ipstr,sizeof(ipstr)); + port = ((struct sockaddr_in *)&from)->sin_port; + break; + case AF_INET6: + inet_ntop(AF_INET6, &((struct sockaddr_in6 *)&from)->sin6_addr,ipstr,sizeof(ipstr)); + port = ((struct sockaddr_in6 *)&from)->sin6_port; + break; + default: + snprintf(ipstr,sizeof(ipstr),"(unknown AF:%d)", from.ss_family); + port = 0; + } + + TRACE_DEBUG(FULL, "Received %d bytes from [%s]:%hu", len, ipstr, ntohs(port)); + } /* parse the message or loop if message is bad */ CHECK_FCT_DO( rgw_msg_parse(buf, len, &msg), @@ -135,6 +154,8 @@ /* Free the buffer, we don't need it anymore */ free(buf); + rg_msg_dump(FULL, msg); + /* Search the associated client definition, if any */ CHECK_FCT_DO( rgw_clients_search((struct sockaddr *) &from, &nas_info), { @@ -176,7 +197,7 @@ return 0; } -#define UDPSERV( type, portval, family ) { \ +#define UDPSERV( type, portval, family ) { \ if ( (! rgw_servers. type ## _serv.disabled) \ && ( ! rgw_servers.auth_serv.ip ## family ## _disabled ) ) { \ struct sockaddr_in ## family sin ## family; \ @@ -187,14 +208,14 @@ memcpy( &sin ## family.sin ## family ## _addr, \ &rgw_servers. type ## _serv . ip ## family ## _endpoint, \ sizeof(struct in ## family ## _addr) ); \ - TRACE_DEBUG(FULL, "Setting socket options..."); \ + TRACE_DEBUG(ANNOYING, "Setting socket options..."); \ CHECK_FCT( _udp_setsockopt(AF_INET ## family, SERVERS[idx].sock) ); \ - TRACE_DEBUG(FULL, "Binding " #type " ip" #family " server..."); \ + TRACE_DEBUG(ANNOYING, "Binding " #type " ip" #family " server..."); \ CHECK_SYS( bind( SERVERS[idx].sock, \ (struct sockaddr *)&sin ## family, \ sizeof(struct sockaddr_in ## family) ) ); \ SERVERS[idx].port = portval; \ - snprintf(&SERVERS[idx].name[0], sizeof(SERVERS[idx].name), # type " ip" #family); \ + snprintf(&SERVERS[idx].name[0], sizeof(SERVERS[idx].name), # type "/ip" #family); \ CHECK_POSIX( pthread_create(&SERVERS[idx].th, NULL, server_thread, &SERVERS[idx]) ); \ idx++; \ } \