1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
# All attribute lengths are implicit, and are calculated automatically
#
# Input is of the form:
#
# WORD ...
#
# The WORD is a keyword which indicates the format of the following text.
# WORD is one of:
#
# raw - read the grammar defined below, and encode an attribute.
# The grammer supports a trivial way of describing RADIUS
# attributes, without reference to dictionaries or fancy
# parsers
#
# encode - reads "Attribute-Name = value", encodes it, and prints
# the result as text.
# use "-" to encode the output of the last command
#
# decode - reads hex, and decodes it "Attribute-Name = value"
# use "-" to decode the output of the last command
#
# data - the expected output of the previous command, in ASCII form.
# if the actual command output is different, an error message
# is produced, and the program terminates.
#
#
# The "raw" input satisfies the following grammar:
#
# Identifier = 1*DIGIT *( "." 1*DIGIT )
#
# HEXCHAR = HEXDIG HEXDIG
#
# STRING = DQUOTE *CHAR DQUOTE
#
# TLV = "{" 1*DIGIT DATA "}"
#
# DATA = 1*HEXCHAR / 1*TLV / STRING
#
# LINE = Identifier DATA
#
# The "Identifier" is a RADIUS attribute identifier, as given in the draft.
#
# e.g. 1 for User-Name
# 26.9.1 Vendor-Specific, Cisco, Cisco-AVPAir
# 241.1 Extended Attribute, number 1
# 241.2.3 Extended Attribute 2, data type TLV, TLV type 3
# etc.
#
# The "DATA" portion is the contents of the RADIUS Attribute.
#
# 123456789abcdef hex string
# 12 34 56 ab with spaces for clarity
# "hello" Text string
# { 1 abcdef } TLV, TLV-Type 1, data "abcdef"
#
# TLVs can be nested:
#
# { tlv-type { tlv-type data } } { 3 { 4 01020304 } }
#
# TLVs can be concatencated
#
# {tlv-type data } { tlv-type data} { 3 040506 } { 8 aabbcc }
#
# The "raw" data is encoded without reference to dictionaries. Any
# valid string is parsed to a RADIUS attribute. The resulting RADIUS
# attribute *may not* be correctly formatted to the relevant RADIUS
# specifications. i.e. you can use this tool to create attribute 1
# (User-Name), which is encoded as a series of TLVs. That's up to you.
#
# The purpose of the "raw" command is to have a simple way of encoding
# attributes which is independent of any dictionaries or packet processing
# routines.
#
# The output data is the hex version of the encoded attribute.
#
encode User-Name = bob
data 01 05 62 6f 62
decode -
data User-Name = "bob"
decode 01 05 62 6f 62
data User-Name = "bob"
#
# The Type/Length is OK, but the attribute data is of the wrong size.
#
decode 04 04 ab cd
data Attr-4 = 0xabcd
# Zero-length attributes
decode 01 02
data
# don't encode zero-length attributes
#encode User-Name = ""
#data
# except for CUI. Thank you, WiMAX!
decode 59 02
data Chargeable-User-Identity = ""
# Hah! Thought you had it figured out, didn't you?
#encode -
#data 59 02
encode NAS-Port = 10
data 05 06 00 00 00 0a
decode -
data NAS-Port = 10
walk 05 06 00 00 00 0a
data v0 a5 l4
walk 05 06 00 00 00 0a 02 06 00 00 00 0a
data v0 a5 l4,v0 a2 l4
walk 1a 0c 00 00 00 01 05 06 00 00 00 0a
data v1 a5 l4
walk 1a 12 00 00 00 01 05 06 00 00 00 0a 03 06 00 00 00 0a
data v1 a5 l4,v1 a3 l4
# Access-Request, code 1, authentication vector of zero
sign 05 06 00 00 00 0a
data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
code 4
sign 05 06 00 00 00 0a
data 62 63 f1 db 80 70 a6 64 37 31 63 e4 aa 95 5a 68
sign 05 06 00 00 00 0a
data 62 63 f1 db 80 70 a6 64 37 31 63 e4 aa 95 5a 68
secret hello
sign 05 06 00 00 00 0a
data 69 20 c0 b9 e1 2f 12 54 9f 92 16 5e f4 64 9b fd
secret testing123
sign 05 06 00 00 00 0a
data 62 63 f1 db 80 70 a6 64 37 31 63 e4 aa 95 5a 68
|