From 7ec93ff9e4d979e4bbcf33f9c90c94dc9d3cdba9 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Sun, 13 Nov 2011 16:16:05 +1100 Subject: add new RADIUS client library --- lib/radius/share/dictionary.microsoft | 17 +++++ lib/radius/share/dictionary.txt | 136 ++++++++++++++++++++++++++++++++++ lib/radius/share/dictionary.vendor | 10 +++ 3 files changed, 163 insertions(+) create mode 100644 lib/radius/share/dictionary.microsoft create mode 100644 lib/radius/share/dictionary.txt create mode 100644 lib/radius/share/dictionary.vendor (limited to 'lib/radius/share') diff --git a/lib/radius/share/dictionary.microsoft b/lib/radius/share/dictionary.microsoft new file mode 100644 index 0000000..034e5f0 --- /dev/null +++ b/lib/radius/share/dictionary.microsoft @@ -0,0 +1,17 @@ +# A minimal dictionary for Microsoft VSAs +# +VENDOR Microsoft 311 + +BEGIN-VENDOR Microsoft +ATTRIBUTE MS-CHAP-Response 1 octets +ATTRIBUTE MS-CHAP-Error 2 string +ATTRIBUTE MS-MPPE-Encryption-Policy 7 octets +ATTRIBUTE MS-MPPE-Encryption-Types 8 octets +ATTRIBUTE MS-CHAP-Domain 10 string +ATTRIBUTE MS-CHAP-Challenge 11 octets +ATTRIBUTE MS-CHAP-MPPE-Keys 12 octets encrypt=1 +ATTRIBUTE MS-MPPE-Send-Key 16 octets encrypt=2 +ATTRIBUTE MS-MPPE-Recv-Key 17 octets encrypt=2 +ATTRIBUTE MS-CHAP2-Response 25 octets +ATTRIBUTE MS-CHAP2-Success 26 octets +END-VENDOR Microsoft diff --git a/lib/radius/share/dictionary.txt b/lib/radius/share/dictionary.txt new file mode 100644 index 0000000..e62f8b3 --- /dev/null +++ b/lib/radius/share/dictionary.txt @@ -0,0 +1,136 @@ +ATTRIBUTE User-Name 1 string +ATTRIBUTE User-Password 2 string encrypt=1 +ATTRIBUTE CHAP-Password 3 octets +ATTRIBUTE NAS-IP-Address 4 ipaddr +ATTRIBUTE NAS-Port 5 integer +ATTRIBUTE Service-Type 6 integer +ATTRIBUTE Framed-Protocol 7 integer +ATTRIBUTE Framed-IP-Address 8 ipaddr +ATTRIBUTE Framed-IP-Netmask 9 ipaddr +ATTRIBUTE Framed-Routing 10 integer +ATTRIBUTE Filter-Id 11 string +ATTRIBUTE Framed-MTU 12 integer +ATTRIBUTE Framed-Compression 13 integer +ATTRIBUTE Login-IP-Host 14 ipaddr +ATTRIBUTE Login-Service 15 integer +ATTRIBUTE Login-TCP-Port 16 integer +ATTRIBUTE Reply-Message 18 string +ATTRIBUTE Callback-Number 19 string +ATTRIBUTE Callback-Id 20 string +ATTRIBUTE Framed-Route 22 string +ATTRIBUTE Framed-IPX-Network 23 ipaddr +ATTRIBUTE State 24 octets +ATTRIBUTE Class 25 octets +ATTRIBUTE Vendor-Specific 26 octets +ATTRIBUTE Session-Timeout 27 integer +ATTRIBUTE Idle-Timeout 28 integer +ATTRIBUTE Termination-Action 29 integer +ATTRIBUTE Called-Station-Id 30 string +ATTRIBUTE Calling-Station-Id 31 string +ATTRIBUTE NAS-Identifier 32 string +ATTRIBUTE Proxy-State 33 octets +ATTRIBUTE Login-LAT-Service 34 string +ATTRIBUTE Login-LAT-Node 35 string +ATTRIBUTE Login-LAT-Group 36 octets +ATTRIBUTE Framed-AppleTalk-Link 37 integer +ATTRIBUTE Framed-AppleTalk-Network 38 integer +ATTRIBUTE Framed-AppleTalk-Zone 39 string +ATTRIBUTE CHAP-Challenge 60 octets +ATTRIBUTE NAS-Port-Type 61 integer +ATTRIBUTE Port-Limit 62 integer +ATTRIBUTE Login-LAT-Port 63 string +ATTRIBUTE Acct-Status-Type 40 integer +ATTRIBUTE Acct-Delay-Time 41 integer +ATTRIBUTE Acct-Input-Octets 42 integer +ATTRIBUTE Acct-Output-Octets 43 integer +ATTRIBUTE Acct-Session-Id 44 string +ATTRIBUTE Acct-Authentic 45 integer +ATTRIBUTE Acct-Session-Time 46 integer +ATTRIBUTE Acct-Input-Packets 47 integer +ATTRIBUTE Acct-Output-Packets 48 integer +ATTRIBUTE Acct-Terminate-Cause 49 integer +ATTRIBUTE Acct-Multi-Session-Id 50 string +ATTRIBUTE Acct-Link-Count 51 integer +ATTRIBUTE Acct-Tunnel-Connection 68 string +ATTRIBUTE Acct-Tunnel-Packets-Lost 86 integer +ATTRIBUTE Tunnel-Type 64 integer has_tag +ATTRIBUTE Tunnel-Medium-Type 65 integer has_tag +ATTRIBUTE Tunnel-Client-Endpoint 66 string has_tag +ATTRIBUTE Tunnel-Server-Endpoint 67 string has_tag +ATTRIBUTE Tunnel-Password 69 string has_tag,encrypt=2 +ATTRIBUTE Tunnel-Private-Group-Id 81 string has_tag +ATTRIBUTE Tunnel-Assignment-Id 82 string has_tag +ATTRIBUTE Tunnel-Preference 83 integer has_tag +ATTRIBUTE Tunnel-Client-Auth-Id 90 string has_tag +ATTRIBUTE Tunnel-Server-Auth-Id 91 string has_tag +ATTRIBUTE Acct-Input-Gigawords 52 integer +ATTRIBUTE Acct-Output-Gigawords 53 integer +ATTRIBUTE Event-Timestamp 55 date +ATTRIBUTE ARAP-Password 70 octets[16] +ATTRIBUTE ARAP-Features 71 octets[14] +ATTRIBUTE ARAP-Zone-Access 72 integer +ATTRIBUTE ARAP-Security 73 integer +ATTRIBUTE ARAP-Security-Data 74 string +ATTRIBUTE Password-Retry 75 integer +ATTRIBUTE Prompt 76 integer +ATTRIBUTE Connect-Info 77 string +ATTRIBUTE Configuration-Token 78 string +ATTRIBUTE EAP-Message 79 octets +ATTRIBUTE Message-Authenticator 80 octets +ATTRIBUTE ARAP-Challenge-Response 84 octets[8] +ATTRIBUTE Acct-Interim-Interval 85 integer +ATTRIBUTE NAS-Port-Id 87 string +ATTRIBUTE Framed-Pool 88 string +ATTRIBUTE NAS-IPv6-Address 95 ipv6addr +ATTRIBUTE Framed-Interface-Id 96 ifid +ATTRIBUTE Framed-IPv6-Prefix 97 ipv6prefix +ATTRIBUTE Login-IPv6-Host 98 ipv6addr +ATTRIBUTE Framed-IPv6-Route 99 string +ATTRIBUTE Framed-IPv6-Pool 100 string +ATTRIBUTE Error-Cause 101 integer +ATTRIBUTE EAP-Key-Name 102 string +ATTRIBUTE Chargeable-User-Identity 89 string +ATTRIBUTE Egress-VLANID 56 integer +ATTRIBUTE Ingress-Filters 57 integer +ATTRIBUTE Egress-VLAN-Name 58 string +ATTRIBUTE User-Priority-Table 59 octets +ATTRIBUTE Delegated-IPv6-Prefix 123 ipv6prefix +ATTRIBUTE NAS-Filter-Rule 92 string +ATTRIBUTE Digest-Response 103 string +ATTRIBUTE Digest-Realm 104 string +ATTRIBUTE Digest-Nonce 105 string +ATTRIBUTE Digest-Response-Auth 106 string +ATTRIBUTE Digest-Nextnonce 107 string +ATTRIBUTE Digest-Method 108 string +ATTRIBUTE Digest-URI 109 string +ATTRIBUTE Digest-Qop 110 string +ATTRIBUTE Digest-Algorithm 111 string +ATTRIBUTE Digest-Entity-Body-Hash 112 string +ATTRIBUTE Digest-CNonce 113 string +ATTRIBUTE Digest-Nonce-Count 114 string +ATTRIBUTE Digest-Username 115 string +ATTRIBUTE Digest-Opaque 116 string +ATTRIBUTE Digest-Auth-Param 117 string +ATTRIBUTE Digest-AKA-Auts 118 string +ATTRIBUTE Digest-Domain 119 string +ATTRIBUTE Digest-Stale 120 string +ATTRIBUTE Digest-HA1 121 string +ATTRIBUTE SIP-AOR 122 string +ATTRIBUTE Operator-Name 126 string +ATTRIBUTE Location-Information 127 octets +ATTRIBUTE Location-Data 128 octets +ATTRIBUTE Basic-Location-Policy-Rules 129 octets +ATTRIBUTE Extended-Location-Policy-Rules 130 octets +ATTRIBUTE Location-Capable 131 integer +ATTRIBUTE Requested-Location-Info 132 integer +ATTRIBUTE Framed-Management 133 integer +ATTRIBUTE Management-Transport-Protection 134 integer +ATTRIBUTE Management-Policy-Id 135 string +ATTRIBUTE Management-Privilege-Level 136 integer +ATTRIBUTE PKM-SS-Cert 137 octets +ATTRIBUTE PKM-CA-Cert 138 octets +ATTRIBUTE PKM-Config-Settings 139 octets +ATTRIBUTE PKM-Cryptosuite-List 140 octets +ATTRIBUTE PKM-SAID 141 short +ATTRIBUTE PKM-SA-Descriptor 142 octets +ATTRIBUTE PKM-Auth-Key 143 octets diff --git a/lib/radius/share/dictionary.vendor b/lib/radius/share/dictionary.vendor new file mode 100644 index 0000000..571dbc4 --- /dev/null +++ b/lib/radius/share/dictionary.vendor @@ -0,0 +1,10 @@ +# a sample vendor-specific dictionary + +VENDOR example 65535 + +BEGIN-VENDOR example +ATTRIBUTE Example-Integer 1 integer +ATTRIBUTE Example-String 2 string +ATTRIBUTE Example-IP-Address 3 ipaddr + +END-VENDOR example -- cgit v1.1 From a13cddc1331aa1f5e7dca7d1b44482951d2757bf Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Sun, 13 Nov 2011 17:16:14 +1100 Subject: port to new RADIUS client library --- lib/radius/share/dictionary.ukerna | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 lib/radius/share/dictionary.ukerna (limited to 'lib/radius/share') diff --git a/lib/radius/share/dictionary.ukerna b/lib/radius/share/dictionary.ukerna new file mode 100644 index 0000000..1694566 --- /dev/null +++ b/lib/radius/share/dictionary.ukerna @@ -0,0 +1,19 @@ +# -*- text -*- +# +# GSS-EAP VSAs +# +# $Id$ +# + +VENDOR UKERNA 25622 + +BEGIN-VENDOR UKERNA + +ATTRIBUTE GSS-Acceptor-Service-Name 128 string +ATTRIBUTE GSS-Acceptor-Host-Name 129 string +ATTRIBUTE GSS-Acceptor-Service-Specific 130 string +ATTRIBUTE GSS-Acceptor-Realm-Name 131 string +ATTRIBUTE SAML-AAA-Assertion 132 string +ATTRIBUTE MS-Windows-Auth-Data 133 octets + +END-VENDOR UKERNA -- cgit v1.1 From d9ae6534eed05639403584b7b2733ec36c08f1a4 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Mon, 14 Nov 2011 18:54:44 +1100 Subject: add rs_attr_display_name/rs_attr_parse_name --- lib/radius/share/dictionary.juniper | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 lib/radius/share/dictionary.juniper (limited to 'lib/radius/share') diff --git a/lib/radius/share/dictionary.juniper b/lib/radius/share/dictionary.juniper new file mode 100644 index 0000000..9aa5df4 --- /dev/null +++ b/lib/radius/share/dictionary.juniper @@ -0,0 +1,23 @@ +# -*- text -*- +# +# dictionary.juniper +# +# As posted to the list by Eric Kilfoil +# +# Version: $Id$ +# + +VENDOR Juniper 2636 + +BEGIN-VENDOR Juniper + +ATTRIBUTE Juniper-Local-User-Name 1 string +ATTRIBUTE Juniper-Allow-Commands 2 string +ATTRIBUTE Juniper-Deny-Commands 3 string +ATTRIBUTE Juniper-Allow-Configuration 4 string +ATTRIBUTE Juniper-Deny-Configuration 5 string +ATTRIBUTE Juniper-Interactive-Command 8 string +ATTRIBUTE Juniper-Configuration-Change 9 string +ATTRIBUTE Juniper-User-Permissions 10 string + +END-VENDOR Juniper -- cgit v1.1 From 42ec70d2b6c2a8a63250111e4a81b75ca554ddfa Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Thu, 1 Dec 2011 14:19:46 +1100 Subject: add MS-Windows-Group-Sid --- lib/radius/share/dictionary.ukerna | 1 + 1 file changed, 1 insertion(+) (limited to 'lib/radius/share') diff --git a/lib/radius/share/dictionary.ukerna b/lib/radius/share/dictionary.ukerna index 1694566..0e35d43 100644 --- a/lib/radius/share/dictionary.ukerna +++ b/lib/radius/share/dictionary.ukerna @@ -15,5 +15,6 @@ ATTRIBUTE GSS-Acceptor-Service-Specific 130 string ATTRIBUTE GSS-Acceptor-Realm-Name 131 string ATTRIBUTE SAML-AAA-Assertion 132 string ATTRIBUTE MS-Windows-Auth-Data 133 octets +ATTRIBUTE MS-Windows-Group-Sid 134 string END-VENDOR UKERNA -- cgit v1.1