diff --git a/ChangeLog b/ChangeLog new file mode 100644 index 0000000..a822592 --- /dev/null +++ b/ChangeLog @@ -0,0 +1,39 @@ + +The road to JRadius 1.0.0 + + - now using Maven + +==== old changelog === + +2005/August/25: + - Many bug fixes, important fix to rlm_jradius! + - Redid the configurable options of EAPTLSAuthenticator + - New JRadiusSimulator version with EAP-TLS and TTLS support + and support for the Class attribute + - Packet handlers to utilize the Class attribute for better + RadiusSession association and to proxy the proper Class attribute even + for NASes that do not support the attribute + - Packet handler to always rewrite the Acct-Session-Id with the + JRadius session key when proxying + - Added ChilliSpot freeradius dictionary file + +2005/April/13: + - Now verifying RADIUS authenticator checksum from RadiusClient + - Now verifying Message-Authenticator checksum from RadiusClient + - Introduced a couple more exceptions: TimeoutException, RadiusSecurityException + - Made all jradius.exceptions derived from RadiusException + - Introduced RadiusResponse and refactored some methods in RadiusClient to be more + packet type specific, where appropriate + - Initial support of IPDR (very preliminary) + +2005/April/06: + - Refactored some code into java/extended instead of java/src (see dev.html) + - Added a JRadius VSA dictionary.jradius (rebuild your JRadius dictionary with it!) + - Added EAP-TLS and EAP-TTLS client support + - Website updates + +2005/March/25: + - Refactored JRadiusServer.RLM_OP_* to RadiusAttribute.Operator.* + - Refactored JRadius.operator[From|To]String() to RadiusAttribute.Operator + - RadiusClient classes no longer depend on commons-chains (due to refactoring) + - Introduction of JAAS Support diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..8dfa808 --- /dev/null +++ b/LICENSE @@ -0,0 +1,56 @@ +========================================================================== + +Coova JRadius License: + +The Coova extensions to JRadius library are licensed under the The GNU +Library or "Lesser" General Public License (LGPL), while stand-alone +applications within in the JRadius project, listed below, are released under +the standard The GNU General Public License (GPL). For details, visit +http://jradius.net/. See source files for details regarding stand-alone +applications contained herein which are released under the GPL. + +Copyright 2006-2008 David Bird + +See doc/GPL-LICENSE, doc/LGPL-LICENSE, and source files for details. + +========================================================================== + +CoovaEWT License: + +The CoovaEWT user interface and accompanying back-end add-ons (found +in the 'extensions' directory and module) are provided with the right +to use for non-commercial purposes, without modification or reverse +engineering. For intructions on how to customize and extend the +interface, as well as additional licening information, see: + + http://coova.org/wiki/index.php/CoovaEWT + +Copyright 2008 David Bird + +========================================================================== + +Original JRadius License: + +The JRadius core library is licensed under the The GNU Library or "Lesser" +General Public License (LGPL), while stand-alone applications within in the +JRadius project, listed below, are released under the standard The GNU +General Public License (GPL). For details, visit http://jradius.net/ + +This software is OSI Certified Open Source Software. OSI Certified is a +certification mark of the Open Source Initiative. + +Stand-alone JRadius Applications: + + * JRadiusSimulator + * JRadiusWiFiClient + * RadClient + * RadBench + * RadiusDictionary + +Copyright 2004-2006 PicoPoint, B.V. +Copyright 2006-2008 David Bird + +See doc/GPL-LICENSE, doc/LGPL-LICENSE, and source files for details. + +========================================================================== + diff --git a/README b/README new file mode 100644 index 0000000..5ace541 --- /dev/null +++ b/README @@ -0,0 +1,55 @@ + +Welcome to JRadius! + +JRadius should eventually be able to work with multiple underlying RADIUS +servers, however, currently only FreeRADIUS is supported. + +How to get up and running with JRadius: + +- First, you need to compile and configure FreeRADIUS such that it uses + JRadius. See freeradius/README for further instructions. + +- Next, copy the build.properties.template file to build.properties. You + also probably want to edit this file to suite your environment. See the + comments in the file. + +- Next, you need to be sure you have the required dependencies in the + java/lib directory. See the shell script java/lib/getJars which will + download the required jar files (using wget). + +- Next, compile the JRadius code. The following command will build + everything (the base code, the FreeRADIUS dictionary, and some + generic/sample JRadius Handlers: + + ant dist + +- Now you should have both a jradius.jar and a jradius-dictionary.jar in the + dist/ directory. If you already have FreeRADIUS running with rlm_jradius + and want to see _something_ work, you can run an example with: + + ant run-example + +- JRadius also provides a Java RADIUS client API and a Java program called + RadClient. A shell script is provided to run RadClient. To use the script, + create a file containing your attributes, for example: + + echo "User-Name = test" > radius.pkt + echo "User-Password = test" >> radius.pkt + + Now, use the following script with arguments of server, shared secret, + and attributes file: + + bin/radclient localhost sharedsecret radius.pkt + + For more information, see http://jradius.sourceforge.net/radclient.html + + +-- + +JRadius Development Team: + +David Bird + +Contributers: + + diff --git a/applet/pom.xml b/applet/pom.xml new file mode 100644 index 0000000..c63daba --- /dev/null +++ b/applet/pom.xml @@ -0,0 +1,45 @@ + + + + 4.0.0 + net.jradius + jradius-applet + ${project.artifactId}-${project.version} + 1.0.0-SNAPSHOT + Applet classes + + + net.jradius + jradius + 1.0.0-SNAPSHOT + ../pom.xml + + + + + net.jradius + jradius-core + 1.0.0-SNAPSHOT + + + + net.jradius + jradius-dictionary + 1.0.0-SNAPSHOT + + + + applet-dev + sun + 1.0 + + + + applet-dev + ms + 1.0 + + + + diff --git a/applet/src/main/java/Base64.java b/applet/src/main/java/Base64.java new file mode 100644 index 0000000..c6d79b6 --- /dev/null +++ b/applet/src/main/java/Base64.java @@ -0,0 +1,1449 @@ +/** + * Encodes and decodes to and from Base64 notation. + * + *

+ * Change Log: + *

+ *
    + *
  • v2.1 - Cleaned up javadoc comments and unused variables and methods. Added + * some convenience methods for reading and writing to and from files.
    • + *
  • v2.0.2 - Now specifies UTF-8 encoding in places where the code fails on systems + * with other encodings (like EBCDIC).
    • + *
  • v2.0.1 - Fixed an error when decoding a single byte, that is, when the + * encoded data was a single byte.
    • + *
  • v2.0 - I got rid of methods that used booleans to set options. + * Now everything is more consolidated and cleaner. The code now detects + * when data that's being decoded is gzip-compressed and will decompress it + * automatically. Generally things are cleaner. You'll probably have to + * change some method calls that you were making to support the new + * options format (ints that you "OR" together).
    • + *
  • v1.5.1 - Fixed bug when decompressing and decoding to a + * byte[] using decode( String s, boolean gzipCompressed ). + * Added the ability to "suspend" encoding in the Output Stream so + * you can turn on and off the encoding if you need to embed base64 + * data in an otherwise "normal" stream (like an XML file).
    • + *
  • v1.5 - Output stream pases on flush() command but doesn't do anything itself. + * This helps when using GZIP streams. + * Added the ability to GZip-compress objects before encoding them.
    • + *
  • v1.4 - Added helper methods to read/write files.
    • + *
  • v1.3.6 - Fixed OutputStream.flush() so that 'position' is reset.
    • + *
  • v1.3.5 - Added flag to turn on and off line breaks. Fixed bug in input stream + * where last buffer being read, if not completely full, was not returned.
    • + *
  • v1.3.4 - Fixed when "improperly padded stream" error was thrown at the wrong time.
    • + *
  • v1.3.3 - Fixed I/O streams which were totally messed up.
    • + *
+ * + *

+ * I am placing this code in the Public Domain. Do with it as you will. + * This software comes with no guarantees or warranties but with + * plenty of well-wishing instead! + * Please visit http://iharder.net/base64 + * periodically to check for updates or to contribute improvements. + *

+ * + * @author Robert Harder + * @author rob@iharder.net + * @version 2.1 + */ +public class Base64 +{ + +/* ******** P U B L I C F I E L D S ******** */ + + + /** No options specified. Value is zero. */ + public final static int NO_OPTIONS = 0; + + /** Specify encoding. */ + public final static int ENCODE = 1; + + + /** Specify decoding. */ + public final static int DECODE = 0; + + + /** Specify that data should be gzip-compressed. */ + public final static int GZIP = 2; + + + /** Don't break lines when encoding (violates strict Base64 specification) */ + public final static int DONT_BREAK_LINES = 8; + + +/* ******** P R I V A T E F I E L D S ******** */ + + + /** Maximum line length (76) of Base64 output. */ + private final static int MAX_LINE_LENGTH = 76; + + + /** The equals sign (=) as a byte. */ + private final static byte EQUALS_SIGN = (byte)'='; + + + /** The new line character (\n) as a byte. */ + private final static byte NEW_LINE = (byte)'\n'; + + + /** Preferred encoding. */ + private final static String PREFERRED_ENCODING = "UTF-8"; + + + /** The 64 valid Base64 values. */ + private final static byte[] ALPHABET; + private final static byte[] _NATIVE_ALPHABET = /* May be something funny like EBCDIC */ + { + (byte)'A', (byte)'B', (byte)'C', (byte)'D', (byte)'E', (byte)'F', (byte)'G', + (byte)'H', (byte)'I', (byte)'J', (byte)'K', (byte)'L', (byte)'M', (byte)'N', + (byte)'O', (byte)'P', (byte)'Q', (byte)'R', (byte)'S', (byte)'T', (byte)'U', + (byte)'V', (byte)'W', (byte)'X', (byte)'Y', (byte)'Z', + (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f', (byte)'g', + (byte)'h', (byte)'i', (byte)'j', (byte)'k', (byte)'l', (byte)'m', (byte)'n', + (byte)'o', (byte)'p', (byte)'q', (byte)'r', (byte)'s', (byte)'t', (byte)'u', + (byte)'v', (byte)'w', (byte)'x', (byte)'y', (byte)'z', + (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', + (byte)'6', (byte)'7', (byte)'8', (byte)'9', (byte)'+', (byte)'/' + }; + + /** Determine which ALPHABET to use. */ + static + { + byte[] __bytes; + try + { + __bytes = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".getBytes( PREFERRED_ENCODING ); + } // end try + catch (java.io.UnsupportedEncodingException use) + { + __bytes = _NATIVE_ALPHABET; // Fall back to native encoding + } // end catch + ALPHABET = __bytes; + } // end static + + + /** + * Translates a Base64 value to either its 6-bit reconstruction value + * or a negative number indicating some other meaning. + **/ + private final static byte[] DECODABET = + { + -9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 0 - 8 + -5,-5, // Whitespace: Tab and Linefeed + -9,-9, // Decimal 11 - 12 + -5, // Whitespace: Carriage Return + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 14 - 26 + -9,-9,-9,-9,-9, // Decimal 27 - 31 + -5, // Whitespace: Space + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 33 - 42 + 62, // Plus sign at decimal 43 + -9,-9,-9, // Decimal 44 - 46 + 63, // Slash at decimal 47 + 52,53,54,55,56,57,58,59,60,61, // Numbers zero through nine + -9,-9,-9, // Decimal 58 - 60 + -1, // Equals sign at decimal 61 + -9,-9,-9, // Decimal 62 - 64 + 0,1,2,3,4,5,6,7,8,9,10,11,12,13, // Letters 'A' through 'N' + 14,15,16,17,18,19,20,21,22,23,24,25, // Letters 'O' through 'Z' + -9,-9,-9,-9,-9,-9, // Decimal 91 - 96 + 26,27,28,29,30,31,32,33,34,35,36,37,38, // Letters 'a' through 'm' + 39,40,41,42,43,44,45,46,47,48,49,50,51, // Letters 'n' through 'z' + -9,-9,-9,-9 // Decimal 123 - 126 + /*,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 127 - 139 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 140 - 152 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 153 - 165 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 166 - 178 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 179 - 191 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 192 - 204 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 205 - 217 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 218 - 230 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 231 - 243 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9 // Decimal 244 - 255 */ + }; + + // I think I end up not using the BAD_ENCODING indicator. + //private final static byte BAD_ENCODING = -9; // Indicates error in encoding + private final static byte WHITE_SPACE_ENC = -5; // Indicates white space in encoding + private final static byte EQUALS_SIGN_ENC = -1; // Indicates equals sign in encoding + + + /** Defeats instantiation. */ + private Base64(){} + + + +/* ******** E N C O D I N G M E T H O D S ******** */ + + + /** + * Encodes up to the first three bytes of array threeBytes + * and returns a four-byte array in Base64 notation. + * The actual number of significant bytes in your array is + * given by numSigBytes. + * The array threeBytes needs only be as big as + * numSigBytes. + * Code can reuse a byte array by passing a four-byte array as b4. + * + * @param b4 A reusable byte array to reduce array instantiation + * @param threeBytes the array to convert + * @param numSigBytes the number of significant bytes in your array + * @return four byte array in Base64 notation. + * @since 1.5.1 + */ + private static byte[] encode3to4( byte[] b4, byte[] threeBytes, int numSigBytes ) + { + encode3to4( threeBytes, 0, numSigBytes, b4, 0 ); + return b4; + } // end encode3to4 + + + /** + * Encodes up to three bytes of the array source + * and writes the resulting four Base64 bytes to destination. + * The source and destination arrays can be manipulated + * anywhere along their length by specifying + * srcOffset and destOffset. + * This method does not check to make sure your arrays + * are large enough to accomodate srcOffset + 3 for + * the source array or destOffset + 4 for + * the destination array. + * The actual number of significant bytes in your array is + * given by numSigBytes. + * + * @param source the array to convert + * @param srcOffset the index where conversion begins + * @param numSigBytes the number of significant bytes in your array + * @param destination the array to hold the conversion + * @param destOffset the index where output will be put + * @return the destination array + * @since 1.3 + */ + private static byte[] encode3to4( + byte[] source, int srcOffset, int numSigBytes, + byte[] destination, int destOffset ) + { + // 1 2 3 + // 01234567890123456789012345678901 Bit position + // --------000000001111111122222222 Array position from threeBytes + // --------| || || || | Six bit groups to index ALPHABET + // >>18 >>12 >> 6 >> 0 Right shift necessary + // 0x3f 0x3f 0x3f Additional AND + + // Create buffer with zero-padding if there are only one or two + // significant bytes passed in the array. + // We have to shift left 24 in order to flush out the 1's that appear + // when Java treats a value as negative that is cast from a byte to an int. + int inBuff = ( numSigBytes > 0 ? ((source[ srcOffset ] << 24) >>> 8) : 0 ) + | ( numSigBytes > 1 ? ((source[ srcOffset + 1 ] << 24) >>> 16) : 0 ) + | ( numSigBytes > 2 ? ((source[ srcOffset + 2 ] << 24) >>> 24) : 0 ); + + switch( numSigBytes ) + { + case 3: + destination[ destOffset ] = ALPHABET[ (inBuff >>> 18) ]; + destination[ destOffset + 1 ] = ALPHABET[ (inBuff >>> 12) & 0x3f ]; + destination[ destOffset + 2 ] = ALPHABET[ (inBuff >>> 6) & 0x3f ]; + destination[ destOffset + 3 ] = ALPHABET[ (inBuff ) & 0x3f ]; + return destination; + + case 2: + destination[ destOffset ] = ALPHABET[ (inBuff >>> 18) ]; + destination[ destOffset + 1 ] = ALPHABET[ (inBuff >>> 12) & 0x3f ]; + destination[ destOffset + 2 ] = ALPHABET[ (inBuff >>> 6) & 0x3f ]; + destination[ destOffset + 3 ] = EQUALS_SIGN; + return destination; + + case 1: + destination[ destOffset ] = ALPHABET[ (inBuff >>> 18) ]; + destination[ destOffset + 1 ] = ALPHABET[ (inBuff >>> 12) & 0x3f ]; + destination[ destOffset + 2 ] = EQUALS_SIGN; + destination[ destOffset + 3 ] = EQUALS_SIGN; + return destination; + + default: + return destination; + } // end switch + } // end encode3to4 + + + + /** + * Serializes an object and returns the Base64-encoded + * version of that serialized object. If the object + * cannot be serialized or there is another error, + * the method will return null. + * The object is not GZip-compressed before being encoded. + * + * @param serializableObject The object to encode + * @return The Base64-encoded object + * @since 1.4 + */ + public static String encodeObject( java.io.Serializable serializableObject ) + { + return encodeObject( serializableObject, NO_OPTIONS ); + } // end encodeObject + + + + /** + * Serializes an object and returns the Base64-encoded + * version of that serialized object. If the object + * cannot be serialized or there is another error, + * the method will return null. + *

+ * Valid options:

+     *   GZIP: gzip-compresses object before encoding it.
+     *   DONT_BREAK_LINES: don't break lines at 76 characters
+     *     Note: Technically, this makes your encoding non-compliant.
+     *
+ *

+ * Example: encodeObject( myObj, Base64.GZIP ) or + *

+ * Example: encodeObject( myObj, Base64.GZIP | Base64.DONT_BREAK_LINES ) + * + * @param serializableObject The object to encode + * @param options Specified options + * @return The Base64-encoded object + * @see Base64#GZIP + * @see Base64#DONT_BREAK_LINES + * @since 2.0 + */ + public static String encodeObject( java.io.Serializable serializableObject, int options ) + { + // Streams + java.io.ByteArrayOutputStream baos = null; + java.io.OutputStream b64os = null; + java.io.ObjectOutputStream oos = null; + java.util.zip.GZIPOutputStream gzos = null; + + // Isolate options + int gzip = (options & GZIP); + int dontBreakLines = (options & DONT_BREAK_LINES); + + try + { + // ObjectOutputStream -> (GZIP) -> Base64 -> ByteArrayOutputStream + baos = new java.io.ByteArrayOutputStream(); + b64os = new Base64.OutputStream( baos, ENCODE | dontBreakLines ); + + // GZip? + if( gzip == GZIP ) + { + gzos = new java.util.zip.GZIPOutputStream( b64os ); + oos = new java.io.ObjectOutputStream( gzos ); + } // end if: gzip + else + oos = new java.io.ObjectOutputStream( b64os ); + + oos.writeObject( serializableObject ); + } // end try + catch( java.io.IOException e ) + { + e.printStackTrace(); + return null; + } // end catch + finally + { + try{ oos.close(); } catch( Exception e ){} + try{ gzos.close(); } catch( Exception e ){} + try{ b64os.close(); } catch( Exception e ){} + try{ baos.close(); } catch( Exception e ){} + } // end finally + + // Return value according to relevant encoding. + try + { + return new String( baos.toByteArray(), PREFERRED_ENCODING ); + } // end try + catch (java.io.UnsupportedEncodingException uue) + { + return new String( baos.toByteArray() ); + } // end catch + + } // end encode + + + + /** + * Encodes a byte array into Base64 notation. + * Does not GZip-compress data. + * + * @param source The data to convert + * @since 1.4 + */ + public static String encodeBytes( byte[] source ) + { + return encodeBytes( source, 0, source.length, NO_OPTIONS ); + } // end encodeBytes + + + + /** + * Encodes a byte array into Base64 notation. + *

+ * Valid options:

+     *   GZIP: gzip-compresses object before encoding it.
+     *   DONT_BREAK_LINES: don't break lines at 76 characters
+     *     Note: Technically, this makes your encoding non-compliant.
+     *
+ *

+ * Example: encodeBytes( myData, Base64.GZIP ) or + *

+ * Example: encodeBytes( myData, Base64.GZIP | Base64.DONT_BREAK_LINES ) + * + * + * @param source The data to convert + * @param options Specified options + * @see Base64#GZIP + * @see Base64#DONT_BREAK_LINES + * @since 2.0 + */ + public static String encodeBytes( byte[] source, int options ) + { + return encodeBytes( source, 0, source.length, options ); + } // end encodeBytes + + + /** + * Encodes a byte array into Base64 notation. + * Does not GZip-compress data. + * + * @param source The data to convert + * @param off Offset in array where conversion should begin + * @param len Length of data to convert + * @since 1.4 + */ + public static String encodeBytes( byte[] source, int off, int len ) + { + return encodeBytes( source, off, len, NO_OPTIONS ); + } // end encodeBytes + + + + /** + * Encodes a byte array into Base64 notation. + *

+ * Valid options:

+     *   GZIP: gzip-compresses object before encoding it.
+     *   DONT_BREAK_LINES: don't break lines at 76 characters
+     *     Note: Technically, this makes your encoding non-compliant.
+     *
+ *

+ * Example: encodeBytes( myData, Base64.GZIP ) or + *

+ * Example: encodeBytes( myData, Base64.GZIP | Base64.DONT_BREAK_LINES ) + * + * + * @param source The data to convert + * @param off Offset in array where conversion should begin + * @param len Length of data to convert + * @param options Specified options + * @see Base64#GZIP + * @see Base64#DONT_BREAK_LINES + * @since 2.0 + */ + public static String encodeBytes( byte[] source, int off, int len, int options ) + { + // Isolate options + int dontBreakLines = ( options & DONT_BREAK_LINES ); + int gzip = ( options & GZIP ); + + // Compress? + if( gzip == GZIP ) + { + java.io.ByteArrayOutputStream baos = null; + java.util.zip.GZIPOutputStream gzos = null; + Base64.OutputStream b64os = null; + + + try + { + // GZip -> Base64 -> ByteArray + baos = new java.io.ByteArrayOutputStream(); + b64os = new Base64.OutputStream( baos, ENCODE | dontBreakLines ); + gzos = new java.util.zip.GZIPOutputStream( b64os ); + + gzos.write( source, off, len ); + gzos.close(); + } // end try + catch( java.io.IOException e ) + { + e.printStackTrace(); + return null; + } // end catch + finally + { + try{ gzos.close(); } catch( Exception e ){} + try{ b64os.close(); } catch( Exception e ){} + try{ baos.close(); } catch( Exception e ){} + } // end finally + + // Return value according to relevant encoding. + try + { + return new String( baos.toByteArray(), PREFERRED_ENCODING ); + } // end try + catch (java.io.UnsupportedEncodingException uue) + { + return new String( baos.toByteArray() ); + } // end catch + } // end if: compress + + // Else, don't compress. Better not to use streams at all then. + else + { + // Convert option to boolean in way that code likes it. + boolean breakLines = dontBreakLines == 0; + + int len43 = len * 4 / 3; + byte[] outBuff = new byte[ ( len43 ) // Main 4:3 + + ( (len % 3) > 0 ? 4 : 0 ) // Account for padding + + (breakLines ? ( len43 / MAX_LINE_LENGTH ) : 0) ]; // New lines + int d = 0; + int e = 0; + int len2 = len - 2; + int lineLength = 0; + for( ; d < len2; d+=3, e+=4 ) + { + encode3to4( source, d+off, 3, outBuff, e ); + + lineLength += 4; + if( breakLines && lineLength == MAX_LINE_LENGTH ) + { + outBuff[e+4] = NEW_LINE; + e++; + lineLength = 0; + } // end if: end of line + } // en dfor: each piece of array + + if( d < len ) + { + encode3to4( source, d+off, len - d, outBuff, e ); + e += 4; + } // end if: some padding needed + + + // Return value according to relevant encoding. + try + { + return new String( outBuff, 0, e, PREFERRED_ENCODING ); + } // end try + catch (java.io.UnsupportedEncodingException uue) + { + return new String( outBuff, 0, e ); + } // end catch + + } // end else: don't compress + + } // end encodeBytes + + + + + +/* ******** D E C O D I N G M E T H O D S ******** */ + + + /** + * Decodes four bytes from array source + * and writes the resulting bytes (up to three of them) + * to destination. + * The source and destination arrays can be manipulated + * anywhere along their length by specifying + * srcOffset and destOffset. + * This method does not check to make sure your arrays + * are large enough to accomodate srcOffset + 4 for + * the source array or destOffset + 3 for + * the destination array. + * This method returns the actual number of bytes that + * were converted from the Base64 encoding. + * + * + * @param source the array to convert + * @param srcOffset the index where conversion begins + * @param destination the array to hold the conversion + * @param destOffset the index where output will be put + * @return the number of decoded bytes converted + * @since 1.3 + */ + private static int decode4to3( byte[] source, int srcOffset, byte[] destination, int destOffset ) + { + // Example: Dk== + if( source[ srcOffset + 2] == EQUALS_SIGN ) + { + // Two ways to do the same thing. Don't know which way I like best. + //int outBuff = ( ( DECODABET[ source[ srcOffset ] ] << 24 ) >>> 6 ) + // | ( ( DECODABET[ source[ srcOffset + 1] ] << 24 ) >>> 12 ); + int outBuff = ( ( DECODABET[ source[ srcOffset ] ] & 0xFF ) << 18 ) + | ( ( DECODABET[ source[ srcOffset + 1] ] & 0xFF ) << 12 ); + + destination[ destOffset ] = (byte)( outBuff >>> 16 ); + return 1; + } + + // Example: DkL= + else if( source[ srcOffset + 3 ] == EQUALS_SIGN ) + { + // Two ways to do the same thing. Don't know which way I like best. + //int outBuff = ( ( DECODABET[ source[ srcOffset ] ] << 24 ) >>> 6 ) + // | ( ( DECODABET[ source[ srcOffset + 1 ] ] << 24 ) >>> 12 ) + // | ( ( DECODABET[ source[ srcOffset + 2 ] ] << 24 ) >>> 18 ); + int outBuff = ( ( DECODABET[ source[ srcOffset ] ] & 0xFF ) << 18 ) + | ( ( DECODABET[ source[ srcOffset + 1 ] ] & 0xFF ) << 12 ) + | ( ( DECODABET[ source[ srcOffset + 2 ] ] & 0xFF ) << 6 ); + + destination[ destOffset ] = (byte)( outBuff >>> 16 ); + destination[ destOffset + 1 ] = (byte)( outBuff >>> 8 ); + return 2; + } + + // Example: DkLE + else + { + try{ + // Two ways to do the same thing. Don't know which way I like best. + //int outBuff = ( ( DECODABET[ source[ srcOffset ] ] << 24 ) >>> 6 ) + // | ( ( DECODABET[ source[ srcOffset + 1 ] ] << 24 ) >>> 12 ) + // | ( ( DECODABET[ source[ srcOffset + 2 ] ] << 24 ) >>> 18 ) + // | ( ( DECODABET[ source[ srcOffset + 3 ] ] << 24 ) >>> 24 ); + int outBuff = ( ( DECODABET[ source[ srcOffset ] ] & 0xFF ) << 18 ) + | ( ( DECODABET[ source[ srcOffset + 1 ] ] & 0xFF ) << 12 ) + | ( ( DECODABET[ source[ srcOffset + 2 ] ] & 0xFF ) << 6) + | ( ( DECODABET[ source[ srcOffset + 3 ] ] & 0xFF ) ); + + + destination[ destOffset ] = (byte)( outBuff >> 16 ); + destination[ destOffset + 1 ] = (byte)( outBuff >> 8 ); + destination[ destOffset + 2 ] = (byte)( outBuff ); + + return 3; + }catch( Exception e){ + System.out.println(""+source[srcOffset]+ ": " + ( DECODABET[ source[ srcOffset ] ] ) ); + System.out.println(""+source[srcOffset+1]+ ": " + ( DECODABET[ source[ srcOffset + 1 ] ] ) ); + System.out.println(""+source[srcOffset+2]+ ": " + ( DECODABET[ source[ srcOffset + 2 ] ] ) ); + System.out.println(""+source[srcOffset+3]+ ": " + ( DECODABET[ source[ srcOffset + 3 ] ] ) ); + return -1; + } //e nd catch + } + } // end decodeToBytes + + + + + /** + * Very low-level access to decoding ASCII characters in + * the form of a byte array. Does not support automatically + * gunzipping or any other "fancy" features. + * + * @param source The Base64 encoded data + * @param off The offset of where to begin decoding + * @param len The length of characters to decode + * @return decoded data + * @since 1.3 + */ + public static byte[] decode( byte[] source, int off, int len ) + { + int len34 = len * 3 / 4; + byte[] outBuff = new byte[ len34 ]; // Upper limit on size of output + int outBuffPosn = 0; + + byte[] b4 = new byte[4]; + int b4Posn = 0; + int i = 0; + byte sbiCrop = 0; + byte sbiDecode = 0; + for( i = off; i < off+len; i++ ) + { + sbiCrop = (byte)(source[i] & 0x7f); // Only the low seven bits + sbiDecode = DECODABET[ sbiCrop ]; + + if( sbiDecode >= WHITE_SPACE_ENC ) // White space, Equals sign or better + { + if( sbiDecode >= EQUALS_SIGN_ENC ) + { + b4[ b4Posn++ ] = sbiCrop; + if( b4Posn > 3 ) + { + outBuffPosn += decode4to3( b4, 0, outBuff, outBuffPosn ); + b4Posn = 0; + + // If that was the equals sign, break out of 'for' loop + if( sbiCrop == EQUALS_SIGN ) + break; + } // end if: quartet built + + } // end if: equals sign or better + + } // end if: white space, equals sign or better + else + { + System.err.println( "Bad Base64 input character at " + i + ": " + source[i] + "(decimal)" ); + return null; + } // end else: + } // each input character + + byte[] out = new byte[ outBuffPosn ]; + System.arraycopy( outBuff, 0, out, 0, outBuffPosn ); + return out; + } // end decode + + + + + /** + * Decodes data from Base64 notation, automatically + * detecting gzip-compressed data and decompressing it. + * + * @param s the string to decode + * @return the decoded data + * @since 1.4 + */ + public static byte[] decode( String s ) + { + byte[] bytes; + try + { + bytes = s.getBytes( PREFERRED_ENCODING ); + } // end try + catch( java.io.UnsupportedEncodingException uee ) + { + bytes = s.getBytes(); + } // end catch + // + + // Decode + bytes = decode( bytes, 0, bytes.length ); + + + // Check to see if it's gzip-compressed + // GZIP Magic Two-Byte Number: 0x8b1f (35615) + if( bytes != null && bytes.length >= 4 ) + { + + int head = ((int)bytes[0] & 0xff) | ((bytes[1] << 8) & 0xff00); + if( java.util.zip.GZIPInputStream.GZIP_MAGIC == head ) + { + java.io.ByteArrayInputStream bais = null; + java.util.zip.GZIPInputStream gzis = null; + java.io.ByteArrayOutputStream baos = null; + byte[] buffer = new byte[2048]; + int length = 0; + + try + { + baos = new java.io.ByteArrayOutputStream(); + bais = new java.io.ByteArrayInputStream( bytes ); + gzis = new java.util.zip.GZIPInputStream( bais ); + + while( ( length = gzis.read( buffer ) ) >= 0 ) + { + baos.write(buffer,0,length); + } // end while: reading input + + // No error? Get new bytes. + bytes = baos.toByteArray(); + + } // end try + catch( java.io.IOException e ) + { + // Just return originally-decoded bytes + } // end catch + finally + { + try{ baos.close(); } catch( Exception e ){} + try{ gzis.close(); } catch( Exception e ){} + try{ bais.close(); } catch( Exception e ){} + } // end finally + + } // end if: gzipped + } // end if: bytes.length >= 2 + + return bytes; + } // end decode + + + + + /** + * Attempts to decode Base64 data and deserialize a Java + * Object within. Returns null if there was an error. + * + * @param encodedObject The Base64 data to decode + * @return The decoded and deserialized object + * @since 1.5 + */ + public static Object decodeToObject( String encodedObject ) + { + // Decode and gunzip if necessary + byte[] objBytes = decode( encodedObject ); + + java.io.ByteArrayInputStream bais = null; + java.io.ObjectInputStream ois = null; + Object obj = null; + + try + { + bais = new java.io.ByteArrayInputStream( objBytes ); + ois = new java.io.ObjectInputStream( bais ); + + obj = ois.readObject(); + } // end try + catch( java.io.IOException e ) + { + e.printStackTrace(); + obj = null; + } // end catch + catch( java.lang.ClassNotFoundException e ) + { + e.printStackTrace(); + obj = null; + } // end catch + finally + { + try{ bais.close(); } catch( Exception e ){} + try{ ois.close(); } catch( Exception e ){} + } // end finally + + return obj; + } // end decodeObject + + + + /** + * Convenience method for encoding data to a file. + * + * @param dataToEncode byte array of data to encode in base64 form + * @param filename Filename for saving encoded data + * @return true if successful, false otherwise + * + * @since 2.1 + */ + public static boolean encodeToFile( byte[] dataToEncode, String filename ) + { + boolean success = false; + Base64.OutputStream bos = null; + try + { + bos = new Base64.OutputStream( + new java.io.FileOutputStream( filename ), Base64.ENCODE ); + bos.write( dataToEncode ); + success = true; + } // end try + catch( java.io.IOException e ) + { + + success = false; + } // end catch: IOException + finally + { + try{ bos.close(); } catch( Exception e ){} + } // end finally + + return success; + } // end encodeToFile + + + /** + * Convenience method for decoding data to a file. + * + * @param dataToDecode Base64-encoded data as a string + * @param filename Filename for saving decoded data + * @return true if successful, false otherwise + * + * @since 2.1 + */ + public static boolean decodeToFile( String dataToDecode, String filename ) + { + boolean success = false; + Base64.OutputStream bos = null; + try + { + bos = new Base64.OutputStream( + new java.io.FileOutputStream( filename ), Base64.DECODE ); + bos.write( dataToDecode.getBytes( PREFERRED_ENCODING ) ); + success = true; + } // end try + catch( java.io.IOException e ) + { + success = false; + } // end catch: IOException + finally + { + try{ bos.close(); } catch( Exception e ){} + } // end finally + + return success; + } // end decodeToFile + + + + + /** + * Convenience method for reading a base64-encoded + * file and decoding it. + * + * @param filename Filename for reading encoded data + * @return decoded byte array or null if unsuccessful + * + * @since 2.1 + */ + public static byte[] decodeFromFile( String filename ) + { + byte[] decodedData = null; + Base64.InputStream bis = null; + try + { + // Set up some useful variables + java.io.File file = new java.io.File( filename ); + byte[] buffer = null; + int length = 0; + int numBytes = 0; + + // Check for size of file + if( file.length() > Integer.MAX_VALUE ) + { + System.err.println( "File is too big for this convenience method (" + file.length() + " bytes)." ); + return null; + } // end if: file too big for int index + buffer = new byte[ (int)file.length() ]; + + // Open a stream + bis = new Base64.InputStream( + new java.io.BufferedInputStream( + new java.io.FileInputStream( file ) ), Base64.DECODE ); + + // Read until done + while( ( numBytes = bis.read( buffer, length, 4096 ) ) >= 0 ) + length += numBytes; + + // Save in a variable to return + decodedData = new byte[ length ]; + System.arraycopy( buffer, 0, decodedData, 0, length ); + + } // end try + catch( java.io.IOException e ) + { + System.err.println( "Error decoding from file " + filename ); + } // end catch: IOException + finally + { + try{ bis.close(); } catch( Exception e) {} + } // end finally + + return decodedData; + } // end decodeFromFile + + + + /** + * Convenience method for reading a binary file + * and base64-encoding it. + * + * @param filename Filename for reading binary data + * @return base64-encoded string or null if unsuccessful + * + * @since 2.1 + */ + public static String encodeFromFile( String filename ) + { + String encodedData = null; + Base64.InputStream bis = null; + try + { + // Set up some useful variables + java.io.File file = new java.io.File( filename ); + byte[] buffer = new byte[ (int)(file.length() * 1.4) ]; + int length = 0; + int numBytes = 0; + + // Open a stream + bis = new Base64.InputStream( + new java.io.BufferedInputStream( + new java.io.FileInputStream( file ) ), Base64.ENCODE ); + + // Read until done + while( ( numBytes = bis.read( buffer, length, 4096 ) ) >= 0 ) + length += numBytes; + + // Save in a variable to return + encodedData = new String( buffer, 0, length, Base64.PREFERRED_ENCODING ); + + } // end try + catch( java.io.IOException e ) + { + System.err.println( "Error encoding from file " + filename ); + } // end catch: IOException + finally + { + try{ bis.close(); } catch( Exception e) {} + } // end finally + + return encodedData; + } // end encodeFromFile + + + + + /* ******** I N N E R C L A S S I N P U T S T R E A M ******** */ + + + + /** + * A {@link Base64.InputStream} will read data from another + * java.io.InputStream, given in the constructor, + * and encode/decode to/from Base64 notation on the fly. + * + * @see Base64 + * @since 1.3 + */ + public static class InputStream extends java.io.FilterInputStream + { + private boolean encode; // Encoding or decoding + private int position; // Current position in the buffer + private byte[] buffer; // Small buffer holding converted data + private int bufferLength; // Length of buffer (3 or 4) + private int numSigBytes; // Number of meaningful bytes in the buffer + private int lineLength; + private boolean breakLines; // Break lines at less than 80 characters + + + /** + * Constructs a {@link Base64.InputStream} in DECODE mode. + * + * @param in the java.io.InputStream from which to read data. + * @since 1.3 + */ + public InputStream( java.io.InputStream in ) + { + this( in, DECODE ); + } // end constructor + + + /** + * Constructs a {@link Base64.InputStream} in + * either ENCODE or DECODE mode. + *

+ * Valid options:

+         *   ENCODE or DECODE: Encode or Decode as data is read.
+         *   DONT_BREAK_LINES: don't break lines at 76 characters
+         *     (only meaningful when encoding)
+         *     Note: Technically, this makes your encoding non-compliant.
+         *
+ *

+ * Example: new Base64.InputStream( in, Base64.DECODE ) + * + * + * @param in the java.io.InputStream from which to read data. + * @param options Specified options + * @see Base64#ENCODE + * @see Base64#DECODE + * @see Base64#DONT_BREAK_LINES + * @since 2.0 + */ + public InputStream( java.io.InputStream in, int options ) + { + super( in ); + this.breakLines = (options & DONT_BREAK_LINES) != DONT_BREAK_LINES; + this.encode = (options & ENCODE) == ENCODE; + this.bufferLength = encode ? 4 : 3; + this.buffer = new byte[ bufferLength ]; + this.position = -1; + this.lineLength = 0; + } // end constructor + + /** + * Reads enough of the input stream to convert + * to/from Base64 and returns the next byte. + * + * @return next byte + * @since 1.3 + */ + public int read() throws java.io.IOException + { + // Do we need to get data? + if( position < 0 ) + { + if( encode ) + { + byte[] b3 = new byte[3]; + int numBinaryBytes = 0; + for( int i = 0; i < 3; i++ ) + { + try + { + int b = in.read(); + + // If end of stream, b is -1. + if( b >= 0 ) + { + b3[i] = (byte)b; + numBinaryBytes++; + } // end if: not end of stream + + } // end try: read + catch( java.io.IOException e ) + { + // Only a problem if we got no data at all. + if( i == 0 ) + throw e; + + } // end catch + } // end for: each needed input byte + + if( numBinaryBytes > 0 ) + { + encode3to4( b3, 0, numBinaryBytes, buffer, 0 ); + position = 0; + numSigBytes = 4; + } // end if: got data + else + { + return -1; + } // end else + } // end if: encoding + + // Else decoding + else + { + byte[] b4 = new byte[4]; + int i = 0; + for( i = 0; i < 4; i++ ) + { + // Read four "meaningful" bytes: + int b = 0; + do{ b = in.read(); } + while( b >= 0 && DECODABET[ b & 0x7f ] <= WHITE_SPACE_ENC ); + + if( b < 0 ) + break; // Reads a -1 if end of stream + + b4[i] = (byte)b; + } // end for: each needed input byte + + if( i == 4 ) + { + numSigBytes = decode4to3( b4, 0, buffer, 0 ); + position = 0; + } // end if: got four characters + else if( i == 0 ){ + return -1; + } // end else if: also padded correctly + else + { + // Must have broken out from above. + throw new java.io.IOException( "Improperly padded Base64 input." ); + } // end + + } // end else: decode + } // end else: get data + + // Got data? + if( position >= 0 ) + { + // End of relevant data? + if( /*!encode &&*/ position >= numSigBytes ) + return -1; + + if( encode && breakLines && lineLength >= MAX_LINE_LENGTH ) + { + lineLength = 0; + return '\n'; + } // end if + else + { + lineLength++; // This isn't important when decoding + // but throwing an extra "if" seems + // just as wasteful. + + int b = buffer[ position++ ]; + + if( position >= bufferLength ) + position = -1; + + return b & 0xFF; // This is how you "cast" a byte that's + // intended to be unsigned. + } // end else + } // end if: position >= 0 + + // Else error + else + { + // When JDK1.4 is more accepted, use an assertion here. + throw new java.io.IOException( "Error in Base64 code reading stream." ); + } // end else + } // end read + + + /** + * Calls {@link #read()} repeatedly until the end of stream + * is reached or len bytes are read. + * Returns number of bytes read into array or -1 if + * end of stream is encountered. + * + * @param dest array to hold values + * @param off offset for array + * @param len max number of bytes to read into array + * @return bytes read into array or -1 if end of stream is encountered. + * @since 1.3 + */ + public int read( byte[] dest, int off, int len ) throws java.io.IOException + { + int i; + int b; + for( i = 0; i < len; i++ ) + { + b = read(); + + //if( b < 0 && i == 0 ) + // return -1; + + if( b >= 0 ) + dest[off + i] = (byte)b; + else if( i == 0 ) + return -1; + else + break; // Out of 'for' loop + } // end for: each byte read + return i; + } // end read + + } // end inner class InputStream + + + + + + + /* ******** I N N E R C L A S S O U T P U T S T R E A M ******** */ + + + + /** + * A {@link Base64.OutputStream} will write data to another + * java.io.OutputStream, given in the constructor, + * and encode/decode to/from Base64 notation on the fly. + * + * @see Base64 + * @since 1.3 + */ + public static class OutputStream extends java.io.FilterOutputStream + { + private boolean encode; + private int position; + private byte[] buffer; + private int bufferLength; + private int lineLength; + private boolean breakLines; + private byte[] b4; // Scratch used in a few places + private boolean suspendEncoding; + + /** + * Constructs a {@link Base64.OutputStream} in ENCODE mode. + * + * @param out the java.io.OutputStream to which data will be written. + * @since 1.3 + */ + public OutputStream( java.io.OutputStream out ) + { + this( out, ENCODE ); + } // end constructor + + + /** + * Constructs a {@link Base64.OutputStream} in + * either ENCODE or DECODE mode. + *

+ * Valid options:

+         *   ENCODE or DECODE: Encode or Decode as data is read.
+         *   DONT_BREAK_LINES: don't break lines at 76 characters
+         *     (only meaningful when encoding)
+         *     Note: Technically, this makes your encoding non-compliant.
+         *
+ *

+ * Example: new Base64.OutputStream( out, Base64.ENCODE ) + * + * @param out the java.io.OutputStream to which data will be written. + * @param options Specified options. + * @see Base64#ENCODE + * @see Base64#DECODE + * @see Base64#DONT_BREAK_LINES + * @since 1.3 + */ + public OutputStream( java.io.OutputStream out, int options ) + { + super( out ); + this.breakLines = (options & DONT_BREAK_LINES) != DONT_BREAK_LINES; + this.encode = (options & ENCODE) == ENCODE; + this.bufferLength = encode ? 3 : 4; + this.buffer = new byte[ bufferLength ]; + this.position = 0; + this.lineLength = 0; + this.suspendEncoding = false; + this.b4 = new byte[4]; + } // end constructor + + + /** + * Writes the byte to the output stream after + * converting to/from Base64 notation. + * When encoding, bytes are buffered three + * at a time before the output stream actually + * gets a write() call. + * When decoding, bytes are buffered four + * at a time. + * + * @param theByte the byte to write + * @since 1.3 + */ + public void write(int theByte) throws java.io.IOException + { + // Encoding suspended? + if( suspendEncoding ) + { + super.out.write( theByte ); + return; + } // end if: supsended + + // Encode? + if( encode ) + { + buffer[ position++ ] = (byte)theByte; + if( position >= bufferLength ) // Enough to encode. + { + out.write( encode3to4( b4, buffer, bufferLength ) ); + + lineLength += 4; + if( breakLines && lineLength >= MAX_LINE_LENGTH ) + { + out.write( NEW_LINE ); + lineLength = 0; + } // end if: end of line + + position = 0; + } // end if: enough to output + } // end if: encoding + + // Else, Decoding + else + { + // Meaningful Base64 character? + if( DECODABET[ theByte & 0x7f ] > WHITE_SPACE_ENC ) + { + buffer[ position++ ] = (byte)theByte; + if( position >= bufferLength ) // Enough to output. + { + int len = Base64.decode4to3( buffer, 0, b4, 0 ); + out.write( b4, 0, len ); + //out.write( Base64.decode4to3( buffer ) ); + position = 0; + } // end if: enough to output + } // end if: meaningful base64 character + else if( DECODABET[ theByte & 0x7f ] != WHITE_SPACE_ENC ) + { + throw new java.io.IOException( "Invalid character in Base64 data." ); + } // end else: not white space either + } // end else: decoding + } // end write + + + + /** + * Calls {@link #write(int)} repeatedly until len + * bytes are written. + * + * @param theBytes array from which to read bytes + * @param off offset for array + * @param len max number of bytes to read into array + * @since 1.3 + */ + public void write( byte[] theBytes, int off, int len ) throws java.io.IOException + { + // Encoding suspended? + if( suspendEncoding ) + { + super.out.write( theBytes, off, len ); + return; + } // end if: supsended + + for( int i = 0; i < len; i++ ) + { + write( theBytes[ off + i ] ); + } // end for: each byte written + + } // end write + + + + /** + * Method added by PHIL. [Thanks, PHIL. -Rob] + * This pads the buffer without closing the stream. + */ + public void flushBase64() throws java.io.IOException + { + if( position > 0 ) + { + if( encode ) + { + out.write( encode3to4( b4, buffer, position ) ); + position = 0; + } // end if: encoding + else + { + throw new java.io.IOException( "Base64 input not properly padded." ); + } // end else: decoding + } // end if: buffer partially full + + } // end flush + + + /** + * Flushes and closes (I think, in the superclass) the stream. + * + * @since 1.3 + */ + public void close() throws java.io.IOException + { + // 1. Ensure that pending characters are written + flushBase64(); + + // 2. Actually close the stream + // Base class both flushes and closes. + super.close(); + + buffer = null; + out = null; + } // end close + + + + /** + * Suspends encoding of the stream. + * May be helpful if you need to embed a piece of + * base640-encoded data in a stream. + * + * @since 1.5.1 + */ + public void suspendEncoding() throws java.io.IOException + { + flushBase64(); + this.suspendEncoding = true; + } // end suspendEncoding + + + /** + * Resumes encoding of the stream. + * May be helpful if you need to embed a piece of + * base640-encoded data in a stream. + * + * @since 1.5.1 + */ + public void resumeEncoding() + { + this.suspendEncoding = false; + } // end resumeEncoding + + + + } // end inner class OutputStream + + +} // end class Base64 diff --git a/applet/src/main/java/ClientGUI.java b/applet/src/main/java/ClientGUI.java new file mode 100644 index 0000000..3815c87 --- /dev/null +++ b/applet/src/main/java/ClientGUI.java @@ -0,0 +1,142 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +import java.awt.BorderLayout; +import java.awt.GridBagConstraints; +import java.awt.GridBagLayout; +import java.awt.Insets; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; + +import javax.swing.JButton; +import javax.swing.JFrame; +import javax.swing.JLabel; +import javax.swing.JOptionPane; +import javax.swing.JPanel; +import javax.swing.JPasswordField; +import javax.swing.JTextField; + +public class ClientGUI extends JFrame +{ + final JRadiusWiFiClient client; + + JButton loginButton = new JButton("Login"); + JButton logoutButton = new JButton("Logout"); + JLabel statusLabel = new JLabel("Not yet on-line"); + JLabel locationLabel = new JLabel("unknown"); + + public ClientGUI(final JRadiusWiFiClient client) + { + super("JRadius WiFi WISPr Client"); + this.client = client; + + setSize(350, 275); + getContentPane().setLayout(new BorderLayout()); + + GridBagLayout gridBagLayout = new GridBagLayout(); + + JPanel contentPanel = new JPanel(); + contentPanel.setLayout(gridBagLayout); + + GridBagConstraints gbc; + + gbc = new GridBagConstraints(); + gbc.insets = new Insets(25, 25, 10, 25); + contentPanel.add(new JLabel("Status:"), gbc); + + gbc = new GridBagConstraints(); + gbc.fill = GridBagConstraints.HORIZONTAL; + gbc.gridwidth = GridBagConstraints.REMAINDER; + gbc.insets = new Insets(25, 25, 25, 10); + contentPanel.add(statusLabel, gbc); + + gbc = new GridBagConstraints(); + gbc.insets = new Insets(10, 25, 10, 25); + contentPanel.add(new JLabel("Location:"), gbc); + + gbc = new GridBagConstraints(); + gbc.fill = GridBagConstraints.HORIZONTAL; + gbc.gridwidth = GridBagConstraints.REMAINDER; + gbc.insets = new Insets(10, 25, 25, 10); + contentPanel.add(locationLabel, gbc); + + JPanel buttonPanel = new JPanel(); + buttonPanel.add(loginButton); + buttonPanel.add(logoutButton); + + getContentPane().add(contentPanel, BorderLayout.CENTER); + getContentPane().add(buttonPanel, BorderLayout.SOUTH); + + loginButton.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) + { + login(); + } + }); + + logoutButton.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) + { + logoff(); + } + }); + } + + public void login() + { + String username = client.getUsername(); + String password = client.getPassword(); + + JTextField usernameField = new JTextField(username); + + JPasswordField passwordField = new JPasswordField(password); + passwordField.setEchoChar('*'); + + Object[] msg = { "User Name", usernameField, "Password", passwordField }; + + // Showing the Dialog Box + + int result = JOptionPane.showConfirmDialog(this, msg, "WISPr Login", + JOptionPane.OK_CANCEL_OPTION, JOptionPane.PLAIN_MESSAGE); + + if (result == JOptionPane.OK_OPTION) + { + username = usernameField.getText(); + password = new String(passwordField.getPassword()); + } + + client.login(username, password); + } + + public void logoff() + { + client.logoff(); + } + + public void setLocation(String location) + { + locationLabel.setText(location); + } + + public void setStatus(String status) + { + statusLabel.setText(status); + } +} diff --git a/applet/src/main/java/JRadiusWiFiClient.java b/applet/src/main/java/JRadiusWiFiClient.java new file mode 100644 index 0000000..95a4f8f --- /dev/null +++ b/applet/src/main/java/JRadiusWiFiClient.java @@ -0,0 +1,1404 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2007 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +import java.applet.Applet; +import java.applet.AppletContext; +import java.awt.Dimension; +import java.awt.Font; +import java.awt.Graphics; +import java.io.BufferedReader; +import java.io.BufferedWriter; +import java.io.IOException; +import java.io.InputStreamReader; +import java.io.OutputStreamWriter; +import java.net.HttpURLConnection; +import java.net.InetAddress; +import java.net.MalformedURLException; +import java.net.Socket; +import java.net.URL; +import java.net.URLDecoder; +import java.net.URLEncoder; +import java.nio.ByteBuffer; +import java.security.KeyManagementException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.cert.X509Certificate; + +import javax.net.SocketFactory; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.X509TrustManager; + +public class JRadiusWiFiClient extends Applet implements Runnable +{ + static final long serialVersionUID = 0L; + + private Thread guiThread = null; + private String prefixRealm = null; + private String username = null; + private String realm = null; + private String password = null; + + private String WISPrLogin = null; + private String WISPrAbortLogin = null; + private String WISPrLogoff = null; + private String WISPrLocationName = null; + private String[] WISPrXML = new String[2]; + private static String cookie = null; + + private static boolean secureRoaming = false; + private static String otpProxyServer = "ap.coova.org"; + private static String otpProxyPort = "1810"; + private static boolean otpUseSSL = true; + private static boolean otpTrustAnyCert = true; + private static String otpCertChain = null; + + private static boolean isJavaReady = true; + private static boolean isReady = false; + private static boolean isOnline = false; + + private boolean paused; + private final Object pauseLock = new Object(); + private volatile boolean noStopRequested; + + private Dimension d; + private String message = "JRadius WiFi Client"; + private String ENCODING = "utf-8"; + + /** + * The default url we want to get to. + */ + public static String publicURL = "http://www.microsoft.com/en/us/default.aspx"; + public static String titleMatch = "Microsoft Corporation"; + + /** + * The URL we redirect after successful login. + */ + public static String baseURL = "http://ap.coova.org/wifi/"; + public static String welcomeURL = "welcome"; + public static String onlineURL = "online"; + public static String loginURL = "login"; + public static String noWISPrURL = "nowispr"; + public static String badWISPrURL = "badwispr"; + + /** + * Define the debug state. + */ + private static boolean DEBUG = true; + private static StringBuffer debugString = new StringBuffer(); + private boolean isApplet = true; + private static Boolean isCommunicator; + private Boolean haveJavaSecurity = null; + private SecurityManager securityManager; +// private Image bgImg; +// private Graphics bgG; + + private static JRadiusWiFiClient client = null; + private static Thread clientThread = null; + private static ClientGUI clientGUI = null; + private static boolean runLogout = false; + + private static String copy = + "---------------------------------------------------\n" + + " Running JRadius WiFi Client\n" + + " Copyright (c) 2005-2006 PicoPoint B.V.\n"+ + " Copyright (c) 2007 David Bird \n"+ + " All Rights Reserved.\n" + + "--------------------------------------------------\n"; + + public JRadiusWiFiClient getInstance() + { + return new JRadiusWiFiClient(); + } + + public String getAppletInfo() + { + return copy; + } + + public static void main(String args[]) + { + client = new JRadiusWiFiClient(); + client.isApplet(false); + + if (args.length >= 2) + { + client.setUsername(args[0]); + client.setPassword(args[1]); + } + + if (args.length >= 3) + { + otpProxyServer = args[2]; + } + + if (args.length == 4) + { + publicURL = args[3]; + } + + clientGUI = new ClientGUI(client); + client.findWISPrLogin(publicURL); + clientGUI.setVisible(true); + } + + public void run() + { + if (runLogout) + { + doWISPrLogoff(); + } + else + { + doWISPrLogin(); + } + } + + public void login(String username, String password) + { + if (username != null) setUsername(username); + if (password != null) setPassword(password); + if (client != null) + { + runLogout = false; + if (clientThread != null) clientThread.interrupt(); + (clientThread = new Thread(client)).start(); + } + else + { + doWISPrLogin(); + } + } + + public void logoff() + { + if (client != null) + { + runLogout = true; + if (clientThread != null) clientThread.interrupt(); + (clientThread = new Thread(client)).start(); + } + else + { + doWISPrLogoff(); + } + } + + public void reset() + { + findWISPrLogin(publicURL); + } + + public void init() + { + System.err.println(copy); + setFont(new Font("Verdana", Font.PLAIN, 12)); + + securityManager = System.getSecurityManager(); + + if (isCommunicator()) + { + try + { + netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect"); + netscape.security.PrivilegeManager.enablePrivilege("UniversalConnect"); + } + catch (Throwable e) + { } + } + else + { + try + { + com.ms.security.PolicyEngine.assertPermission(com.ms.security.PermissionID.NETIO); + } + catch (Throwable e) + { } + } + + try + { + d = getSize(); + } + catch (NoSuchMethodError e) + { + d = size(); + } + + URL docBase = getCodeBase(); + baseURL = docBase.toExternalForm(); + +// bgImg = createImage(d.width, d.height); +// bgG = bgImg.getGraphics(); + + debugWrite("Version Info:\n" + + System.getProperty("java.vendor") + " " + + System.getProperty("java.version") + " running on " + + System.getProperty("os.name") + " " + + System.getProperty("os.version") + " " + + System.getProperty("os.arch")); + + validate(); + + startGuiThread(); + } + + private void startGuiThread() { + paused = true; + noStopRequested = true; + + Runnable r = new Runnable() + { + public void run() + { + runGui(); + } + }; + guiThread = new Thread(r, "GUI-Thread"); + guiThread.start(); + } + + private void stopGuiThread() + { + noStopRequested = false; + guiThread.interrupt(); + } + + private void runGui() + { + try + { + while (noStopRequested) + { + waitWhilePaused(); + repaint(); + + if (!isOnline && !isReady) + { + addItem("Finding out how to login..."); + findWISPrLogin(publicURL); + } + + Thread.sleep(1000); + } + } + catch (InterruptedException x) + { + Thread.currentThread().interrupt(); + } + } + + private void setPaused(boolean newPauseState) + { + synchronized (pauseLock) + { + if (paused != newPauseState) + { + paused = newPauseState; + pauseLock.notifyAll(); + } + } + } + + private void waitWhilePaused() throws InterruptedException + { + synchronized (pauseLock) + { + while (paused) + { + pauseLock.wait(); + } + } + } + + public void start() + { + setPaused(false); + } + + public void stop() + { + isReady = false; + isOnline = false; + setPaused(true); + } + + public void destroy() + { + stopGuiThread(); + } + + public void update(Graphics g) + { + /* + bgG.setColor(Color.white); + bgG.setFont(getFont()); + bgG.fillRect(0, 0, d.width, d.height); + bgG.setColor(Color.blue); + bgG.drawString(message, 10, d.height / 2 + 5); + g.drawImage(bgImg, 0, 0, this); + */ + } + + public void paint(Graphics g) + { + //update(g); + } + + private void addItem(String newWord) + { + addItem(newWord, true); + } + + private void addItem(String newWord, boolean clean1st) + { + if (clean1st) + { + message = newWord; + } + else + { + message += newWord; + } + setStatus(message); + System.out.println(newWord); + } + + private void debugWrite(String msg) + { + if (DEBUG) + { + System.out.println(msg); + debugString.append(msg).append("\n"); + } + } + + private void redirect(String page) + { + if (!isApplet()) + return; + + try + { + AppletContext context = getAppletContext(); + context.showDocument(new URL("javascript:showPage('"+page+"');")); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + private void setStatus(String s) + { + if (!isApplet()) + { + clientGUI.setStatus(s); + return; + } + try + { + AppletContext context = getAppletContext(); + context.showDocument(new URL("javascript:showStatus('"+s+"');")); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + public void findWISPrLogin(String url) + { + PageResult result = getPage(url, cookie); + + if (result == null) + return; + + if (result.getIsXML()==0) + { + String title = getXMLParam(result.getContent(), null, "title"); + if (title != null && titleMatch.equals(title)) + { + isOnline = true; + addItem("You are already online."); + redirect(onlineURL); + } + else + { + addItem("WISPr is not supported here."); + redirect(noWISPrURL); + } + } + else + { + String xml = WISPrXML[0] = result.getContent(); + debugWrite("Extracted WISPr XML:\n" + xml); + + String xmll = xml.toLowerCase(); + + String responseCode = getXMLParam(xml, xmll, "responsecode"); + if (responseCode == null) { redirect(badWISPrURL); return; } + + if ("200".equals(responseCode)) // Proxy Detection + { + String nextUrl = getXMLParam(xml, xmll, "nexturl"); + if (nextUrl != null && !"".equals(nextUrl)) + { + findWISPrLogin(nextUrl); + } + else + { + redirect(badWISPrURL); + } + } + else if ("201".equals(responseCode)) // Authentication Pending + { + String loginResultsURL = getXMLParam(xml, xmll, "loginresultsurl"); + if (loginResultsURL != null && !"".equals(loginResultsURL)) + { + findWISPrLogin(loginResultsURL); + } + else + { + redirect(badWISPrURL); + } + } + else + { + WISPrLogin = getXMLParam(xml, xmll, "loginurl"); + WISPrAbortLogin = getXMLParam(xml, xmll, "abortloginurl"); + WISPrLocationName = getXMLParam(xml, xmll, "locationname"); + debugWrite("Extracted login URL from WISPr XML:\n" + WISPrLogin); + String msg = "Found WiFi Network"; + if (WISPrLogin != null) + { + isReady = true; + } + if (isApplet()) + { + if (WISPrLocationName != null) + { + msg += " - Location: " + WISPrLocationName; + } + } + else + { + clientGUI.setLocation(WISPrLocationName); + } + addItem(msg); + redirect(loginURL); + } + } + } + + private void doWISPrLogin() + { + StringBuffer responseHtml; + + try + { + if (WISPrLogin == null) + { + return; + } + + if (username.length() < 1) + { + throw new RuntimeException("Please enter username"); + } + + if (password.length() < 1) + { + throw new RuntimeException("Please enter username"); + } + + String wisprUsername = username; + String wisprPassword = password; + + if (secureRoaming) + { + try + { + ControlThread control = new ControlThread(username); + wisprUsername = control.getOtpUsername(); + wisprPassword = control.getOtpPassword(); + control.start(); + + System.out.println("Using OTP " + wisprUsername + "/" + wisprPassword); + } + catch(IOException ioe) + { + System.err.println("Unable to secure username and password!"); + } + } + + StringBuffer loginUrl = new StringBuffer(WISPrLogin); + + if (WISPrLogin.indexOf("?") > 0) + { + loginUrl.append("&"); + } + else + { + loginUrl.append("?"); + } + + if (prefixRealm != null && prefixRealm.length() > 0) + { + wisprUsername = prefixRealm + "/" + wisprUsername; + } + + loginUrl.append("UserName=").append(urlEncode(wisprUsername)); + loginUrl.append("&Password=").append(urlEncode(wisprPassword)); + + String providerUrl = loginUrl.toString(); + + addItem("Logging into the WiFi Network..."); + debugWrite("Login using url " + providerUrl); + + redirect(processWISPrResponse(providerUrl)); + } + catch (Exception rte) + { + debugWrite("Runtime Exception: " + rte.getMessage()); + } + } + + private String processWISPrResponse(String url) + { + PageResult result = getPage(url, cookie); + + if (result.getIsXML()==0) + { + debugWrite("Did not get WISPr XML in: " + result.getContent()); + return badWISPrURL; + } + + String xml = WISPrXML[1] = result.getContent(); + + debugWrite("Extracted WISPr XML:\n" + xml); + + String xmll = xml.toLowerCase(); + String loginResult = getXMLParam(xml, xmll, "responsecode"); + String loginResultsUrl = getXMLParam(xml, xmll, "loginresultsurl"); + String replyMessage = getXMLParam(xml, xmll, "replymessage"); + WISPrLogoff = getXMLParam(xml, xmll, "logoffurl"); + + if (loginResult == null) + { + addItem("Login failed (Bad WISPr XML): " + replyMessage); + return badWISPrURL; + } + + if ("50".equals(loginResult)) + { + isOnline = true; + if (replyMessage == null) + { + addItem("Login Successful!"); + } + else + { + addItem(replyMessage); + } + debugWrite("Successful login: Redirecting user to " + welcomeURL); + return welcomeURL; + } + + if ("201".equals(loginResult)) + { + if (replyMessage == null) + { + addItem("Login pending..."); + } + else + { + addItem(replyMessage); + } + debugWrite("Login pending: resultsUrl " + loginResultsUrl); + return processWISPrResponse(loginResultsUrl); + } + + if (replyMessage == null) + { + addItem("Login failed!"); + } + else + { + addItem("Login failed: " + replyMessage); + } + return loginURL; + } + + private class ControlThread extends Thread + { + private final Socket socket; + private final BufferedWriter writer; + private final BufferedReader reader; + private String otpUsername; + private String otpPassword; + + public ControlThread(String username) throws IOException, NoSuchAlgorithmException, KeyManagementException + { + SocketFactory fact = null; + if (otpUseSSL) + { + SSLContext sslContext = SSLContext.getInstance("SSLv3"); + sslContext.init(null, new X509TrustManager[]{ new X509TrustManager() + { + public void checkClientTrusted(X509Certificate[] chain, String authType) { } + public void checkServerTrusted(X509Certificate[] chain, String authType) { } + public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } + }}, null); + + fact = sslContext.getSocketFactory(); + } + else + { + fact = SocketFactory.getDefault(); + } + + final SocketFactory factory = fact; + + if (haveJavaSecurity()) + { + socket = (Socket) java.security.AccessController.doPrivileged(new java.security.PrivilegedAction() + { + public Object run() + { + try + { + return factory.createSocket(InetAddress.getByName(otpProxyServer), Integer.parseInt(otpProxyPort)); + } + catch(IOException e) + { + return null; + } + } + }); + if (socket == null) throw new IOException("could not connect to host " + otpProxyServer); + } + else socket = factory.createSocket(InetAddress.getByName(otpProxyServer), Integer.parseInt(otpProxyPort)); + + writer = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream())); + writer.write(username); + writer.write("\n"); + writer.flush(); + + reader = new BufferedReader(new InputStreamReader(socket.getInputStream())); + otpUsername = reader.readLine(); + otpPassword = reader.readLine(); + } + + /** + * @return Returns the otpPassword. + */ + public String getOtpPassword() + { + return otpPassword; + } + + /** + * @return Returns the otpUsername. + */ + public String getOtpUsername() + { + return otpUsername; + } + + public void run() + { + try + { + if (getUsername().startsWith("error:")) + { + addItem(getUsername().replaceFirst("error:", "")); + } + else + { + doEAP(socket, reader, writer); + } + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + private void doEAP(Socket socket, BufferedReader reader, BufferedWriter writer) throws Exception + { + // We are just going to do EAP-MD5 for now... + writeBytes(writer, eapResponse(EAP_IDENTITY, (byte) 0, getUsername().getBytes())); + byte[] reply = readBytes(reader); + + while (reply != null) + { + byte[] send = doEAP(reply); + writeBytes(writer, send); + reply = readBytes(reader); + } + } + + private byte[] doEAP(byte[] d) throws Exception + { + ByteBuffer bb = ByteBuffer.wrap(d); + + byte rtype = bb.get(); + byte id = bb.get(); + short dlen = bb.getShort(); + + if (rtype != EAP_REQUEST) + { + throw new Exception("Expecting an EAP-Request.. got code: " + rtype); + } + + byte eapcode = 0; + byte[] data = null; + + if (dlen > EAP_HEADERLEN) + { + eapcode = bb.get(); + dlen = (short) (dlen - EAP_HEADERLEN - 1); + + if (dlen > 0) + { + data = new byte[dlen]; + bb.get(data); + } + } + + if (eapcode == EAP_IDENTITY) + { + return eapResponse(EAP_IDENTITY, id, getUsername().getBytes()); + } + + if (eapcode != EAP_MD5) + { + return eapResponse(EAP_NAK, id, new byte[] { EAP_MD5 }); + } + + return eapResponse(EAP_MD5, id, doEAPMD5(id, data)); + } + + public byte[] doEAPMD5(byte id, byte[] data) throws Exception + { + byte md5len = data[0]; + byte[] md5data = new byte[md5len]; + System.arraycopy(data, 1, md5data, 0, md5len); + + byte[] Response = new byte[17]; + Response[0] = 16; + System.arraycopy(chapMD5(id, getPassword().getBytes(), md5data), 0, Response, 1, 16); + + return Response; + } + + protected byte[] eapResponse(int type, byte id, byte[] data) + { + short length = (short) (1 + EAP_HEADERLEN); + if (data != null) length = (short) (length + data.length); + byte[] Response = new byte[length]; + Response[0] = EAP_RESPONSE; + Response[1] = id; + Response[2] = (byte) (length >> 8 & 0xFF); + Response[3] = (byte) (length & 0xFF); + Response[4] = (byte) (type & 0xFF); + if (data != null) System.arraycopy(data, 0, Response, 1 + EAP_HEADERLEN, data.length); + return Response; + } + + private void writeBytes(BufferedWriter writer, byte[] d) throws IOException + { + String s = Base64.encodeBytes(d, Base64.DONT_BREAK_LINES); + debugWrite("Sending: " + s); + writer.write("eap:"); + writer.write(s); + writer.write("\n"); + writer.flush(); + } + + private byte[] readBytes(BufferedReader reader) throws IOException + { + String line = reader.readLine(); + if (line.startsWith("error:")) + { + addItem(line.substring(6)); + return null; + } + if (line.startsWith("eap:")) + { + String s = line.substring(4); + debugWrite("Recv: " + s); + return Base64.decode(s); + } + return null; + } + + public byte[] chapMD5(byte id, byte[] Password, byte[] Challenge) throws Exception + { + MessageDigest md = MessageDigest.getInstance("MD5"); + md.update(id); + md.update(Password, 0, Password.length); + md.update(Challenge, 0, Challenge.length); + return md.digest(); + } + } + + private void doWISPrLogoff() + { + if (WISPrLogoff == null) + return; + + addItem("Logging out of WiFi Network..."); + + PageResult result = getPage(WISPrLogoff, cookie); + + if (result.getIsXML()==1) + debugWrite("WISPr XML:\n" + result.getContent()); + else + debugWrite("NO WISPr XML in:\n" + result.getContent()); + + reset(); + } + + private PageResult getPage(final String urlString, final String cookieString) throws RuntimeException + { + if (haveJavaSecurity()) + { + PageResult result = (PageResult) java.security.AccessController.doPrivileged(new java.security.PrivilegedAction() + { + public Object run() + { + return JRadiusWiFiClient.doGetPage(urlString, cookieString); + } + }); + return result; + } + return JRadiusWiFiClient.doGetPage(urlString, cookieString); + } + + public static PageResult doGetPage(final String urlString, final String cookieString) + { + StringBuffer sb = new StringBuffer(); + HttpURLConnection conn = null; + String location = null; + + try + { + URL url = new URL(urlString); + conn = (HttpURLConnection) url.openConnection(); + if (conn instanceof HttpsURLConnection) + { + HttpsURLConnection sconn = (HttpsURLConnection)conn; + + SSLContext sslContext = SSLContext.getInstance("SSL"); + sslContext.init(null, new X509TrustManager[]{ new X509TrustManager() + { + public void checkClientTrusted(X509Certificate[] chain, String authType) { } + public void checkServerTrusted(X509Certificate[] chain, String authType) { } + public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } + }}, null); + + sconn.setSSLSocketFactory(sslContext.getSocketFactory()); + sconn.setHostnameVerifier(new HostnameVerifier() { + public boolean verify(String hostname, SSLSession session) { return true; } + }); + } + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setUseCaches(false); + conn.setInstanceFollowRedirects(false); + + if (cookieString != null) + { + conn.setRequestProperty("Cookie", cookieString); + } + + BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream())); + String str; + + int n = 1; + boolean done = false; + while (!done) + { + String headerKey = conn.getHeaderFieldKey(n); + String headerVal = conn.getHeaderField(n); + if (headerKey != null || headerVal != null) + { + if (headerKey.equals("Location")) + { + location = headerVal; + } + else if (headerKey.equals("Set-Cookie")) + { + cookie = headerVal; + } + System.out.println(headerKey + " = " + headerVal); + } + else + { + done = true; + } + n++; + } + + while ((str = in.readLine()) != null) + { + sb.append(str + "\n"); + } + in.close(); + + // Check for WISPr XML + String wisprXml = getWISPrXML(sb.toString()); + + if (wisprXml != null) + return new PageResult(wisprXml,1); + + if (location != null) + { + conn.disconnect(); + return doGetPage(location, cookie); + } + } + catch (MalformedURLException e) + { + e.printStackTrace(); + throw new RuntimeException("getPage: " + e.getClass().getName() + ":" + e.getMessage() + "..."); + } + catch (IOException e) + { + e.printStackTrace(); + throw new RuntimeException("getPage: " + e.getClass().getName() + ":" + e.getMessage() + "..."); + } + catch (Exception e) + { + e.printStackTrace(); + isJavaReady = false; + } + finally + { + if (conn != null) conn.disconnect(); + } + + return new PageResult(sb.toString(), 0); + } + + private static String getWISPrXML(String responseHtml) throws RuntimeException + { + String htmll = responseHtml.toLowerCase(); + int WISPrStartIndex = htmll.indexOf("") + 25; + if (WISPrStartIndex > 0) + { + return responseHtml.substring(WISPrStartIndex, WISPrEndIndex); + } + return null; + } + + private String getXMLParam(String xml, String xmll, String tag) throws RuntimeException + { + if (xmll == null) xmll = xml.toLowerCase(); + int startIndex = xmll.indexOf("<" + tag + ">"); + int endIndex = xmll.indexOf(""); + if (startIndex > 0) + { + startIndex += tag.length() + 2; + String res = urlDecode(xml.substring(startIndex, endIndex)); + res = stringReplaceAll(res, "&", "&"); + return res; + } + return null; + } + + private String urlEncode(String s) + { + String res = s; + try + { + res = URLEncoder.encode(s, ENCODING); + } + catch (NoSuchMethodError e) + { + res = URLEncoder.encode(s); + } + catch (Exception e) + { + res = URLEncoder.encode(s); + } + return res; + } + + private String urlDecode(String s) + { + String res = s; + try + { + res = URLDecoder.decode(s, ENCODING); + } + catch (NoSuchMethodError e) + { + res = URLDecoder.decode(s); + } + catch (Exception e) + { + res = URLDecoder.decode(s); + } + return res; + } + + private String stringReplaceAll(String s, String find, String replace) + { + String result = null; + try + { + result = s.replaceAll(find, replace); + } + catch (NoSuchMethodError e) + { + StringBuffer sb = new StringBuffer(s); + int index = s.length(); + int offset = find.length(); + + while ((index = s.lastIndexOf(find, index - 1)) > -1) + { + sb.replace(index, index + offset, replace); + } + + result = sb.toString(); + } + return result; + } + + private boolean haveJavaSecurity() + { + if (haveJavaSecurity == null) + { + haveJavaSecurity = Boolean.FALSE; + try + { + Class t = Class.forName("java.security.PrivilegedAction"); + haveJavaSecurity = Boolean.TRUE; + } + catch (Exception e) + { + e.printStackTrace(); + } + } + return haveJavaSecurity.booleanValue(); + } + + private boolean isCommunicator() + { + if (isCommunicator == null) + { + isCommunicator = Boolean.FALSE; + try + { + Class t = Class.forName("netscape.security.UserDialogHelper"); + isCommunicator = Boolean.TRUE; + } + catch (Exception e) + { + e.printStackTrace(); + } + } + return isCommunicator.booleanValue(); + } + + public String getPassword() + { + return nonNullString(password); + } + + public void setPassword(String password) + { + this.password = trimString(password); + } + + public String getUsername() + { + return nonNullString(username); + } + + public void setUsername(String username) + { + this.username = trimString(username); + } + + public String getRealm() + { + return nonNullString(realm); + } + + public void setRealm(String realm) + { + this.realm = trimString(realm); + } + + public String getWISPrXML0() + { + return nonNullString(WISPrXML[0]); + } + + public String getWISPrXML1() + { + return nonNullString(WISPrXML[1]); + } + + public String getWISPrLocationName() + { + return nonNullString(WISPrLocationName); + } + + public String getWISPrLogin() + { + return nonNullString(WISPrLogin); + } + + public String getWISPrAbortLogin() + { + return nonNullString(WISPrAbortLogin); + } + + public String getWISPrLogoff() + { + return nonNullString(WISPrLogoff); + } + + public static String getOtpCertChain() + { + return nonNullString(otpCertChain); + } + + public static void setOtpCertChain(String url) + { + otpCertChain = trimString(url); + } + + public static boolean getOtpTrustAnyCert() + { + return otpTrustAnyCert; + } + + public static void setOtpTrustAnyCert(boolean trustAnyCert) + { + otpTrustAnyCert = trustAnyCert; + } + + public static String getOtpProxyServer() + { + return nonNullString(otpProxyServer); + } + + public static void setOtpProxyServer(String server) + { + otpProxyServer = trimString(server); + } + + public static String getOtpProxyPort() + { + return otpProxyPort; + } + + public static void setOtpProxyPort(String port) + { + String s = trimString(port); + if (s != null) otpProxyPort = s; + } + + public static boolean getOtpUseSSL() + { + return otpUseSSL; + } + + public static void setOtpUseSSL(boolean useSSL) + { + otpUseSSL = useSSL; + } + + public static boolean getSecureRoaming() + { + return secureRoaming; + } + + public static void setSecureRoaming(boolean secure) + { + secureRoaming = secure; + } + + public String getPrefixRealm() + { + return nonNullString(prefixRealm); + } + + public void setPrefixRealm(String prefixRealm) + { + this.prefixRealm = trimString(prefixRealm); + } + + public static String getBaseURL() + { + return nonNullString(baseURL); + } + + public static void setBaseURL(String url) + { + baseURL = trimString(url); + } + + public static String getLoginURL() + { + return nonNullString(loginURL); + } + + public static void setLoginURL(String url) + { + loginURL = trimString(url); + } + + public static String getNoWISPrURL() + { + return nonNullString(noWISPrURL); + } + + public static void setNoWISPrURL(String url) + { + noWISPrURL = trimString(url); + } + + public static String getOnlineURL() + { + return nonNullString(onlineURL); + } + + public static void setOnlineURL(String url) + { + onlineURL = trimString(url); + } + + public static String getPublicURL() + { + return nonNullString(publicURL); + } + + public static void setPublicURL(String url) + { + publicURL = trimString(url); + } + + public static String getWelcomeURL() + { + return nonNullString(welcomeURL); + } + + public static void setWelcomeURL(String url) + { + welcomeURL = trimString(url); + } + + public static String getDebugString() + { + return debugString.toString(); + } + + public static void clearDebugString() + { + debugString = new StringBuffer(); + } + + private static String nonNullString(String s) + { + if (s == null) return ""; + s = s.trim(); + return s; + } + + private static String trimString(String s) + { + if (s == null) return null; + s = s.trim(); + if (s.length() == 0) return null; + return s; + } + + public boolean isOnline() + { + return isOnline; + } + + public boolean isReady() + { + return isReady; + } + + public boolean isJavaReady() + { + return isJavaReady; + } + + public static final int EAP_HEADERLEN = 4; + public static final int EAP_REQUEST = 1; + public static final int EAP_RESPONSE = 2; + public static final int EAP_SUCCESS = 3; + public static final int EAP_FAILURE = 4; + public static final int EAP_IDENTITY = 1; + public static final int EAP_NOTIFICATION = 2; + public static final int EAP_NAK = 3; + public static final int EAP_MD5 = 4; + public static final int EAP_OTP = 5; + public static final int EAP_GTC = 6; + public static final int EAP_TLS = 13; + public static final int EAP_LEAP = 17; + public static final int EAP_SIM = 18; + public static final int EAP_TTLS = 21; + public static final int EAP_PEAP = 25; + public static final int EAP_MSCHAPV2 = 26; + public static final int EAP_CISCO_MSCHAPV2 = 29; + public static final int EAP_TLV = 33; + + /** + * @return Returns the isApplet. + */ + public boolean isApplet() + { + return isApplet; + } + + /** + * @param isApplet The isApplet to set. + */ + public void isApplet(boolean isApplet) + { + this.isApplet = isApplet; + } + + public static String getTitleMatch() + { + return titleMatch; + } + + public static void setTitleMatch(String titleMatch) + { + JRadiusWiFiClient.titleMatch = titleMatch; + } +} diff --git a/applet/src/main/java/PageResult.java b/applet/src/main/java/PageResult.java new file mode 100644 index 0000000..4c39905 --- /dev/null +++ b/applet/src/main/java/PageResult.java @@ -0,0 +1,37 @@ +/** + * Copyright (c) 2007 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +public class PageResult +{ + int isXML; + String content; + PageResult(String content, int isXML) + { + this.isXML = isXML; + this.content = content; + } + public String getContent() + { + return content; + } + public int getIsXML() + { + return isXML; + } +} diff --git a/applet/src/main/java/WISPrClient.java b/applet/src/main/java/WISPrClient.java new file mode 100644 index 0000000..5cca1f7 --- /dev/null +++ b/applet/src/main/java/WISPrClient.java @@ -0,0 +1,1227 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2007-2008 David Bird + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +import java.io.BufferedReader; +import java.io.BufferedWriter; +import java.io.IOException; +import java.io.InputStreamReader; +import java.io.OutputStreamWriter; +import java.net.DatagramPacket; +import java.net.DatagramSocket; +import java.net.HttpURLConnection; +import java.net.InetAddress; +import java.net.MalformedURLException; +import java.net.MulticastSocket; +import java.net.Socket; +import java.net.URL; +import java.net.URLDecoder; +import java.net.URLEncoder; +import java.nio.ByteBuffer; +import java.security.KeyManagementException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.cert.X509Certificate; + +import javax.net.SocketFactory; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.X509TrustManager; + +public class WISPrClient +{ + private String DEFAULT_USER_AGENT = "WISPrClient [jradius.net] ("+System.getProperty("java.verrsion")+")"; + private String userAgent; + + private String prefixRealm = null; + private String username = null; + private String realm = null; + private String password = null; + + private String WISPrLogin = null; + private String WISPrAbortLogin = null; + private String WISPrLogoff = null; + private String WISPrLocationName = null; + private String[] WISPrXML = new String[2]; + private String cookie = null; + private String loginResult; + private String loginResultsUrl; + private String replyMessage; + + private boolean secureRoaming = false; + private String otpProxyServer = "ap.coova.org"; + private String otpProxyPort = "1810"; + private boolean otpUseSSL = true; + private boolean otpTrustAnyCert = true; + private String otpCertChain = null; + + private boolean isJavaReady = true; + private boolean isReady = false; + private boolean isOnline = false; + + public String publicURL = "http://www.microsoft.com/en/us/default.aspx"; + public String titleMatch = "Microsoft Corporation"; + + public String welcomeURL = "Success!"; + public String onlineURL = "Online"; + public String loginURL = ""; + public String noWISPrURL = ""; + public String badWISPrURL = ""; + + private StringBuffer debugString = new StringBuffer(); + private Boolean isCommunicator; + private Boolean haveJavaSecurity = null; + private SecurityManager securityManager; + private String ENCODING = "utf-8"; + + private String status = "Loading..."; + + private Thread messageThread; + MulticastSocket socket; + InetAddress group; + + private String copy = + " Running JRadius WiFi Client\n" + + " Copyright (c) 2007-2008 David Bird \n"+ + " Copyright (c) 2005-2006 PicoPoint B.V.\n"+ + " All Rights Reserved.\n"; + + public void login(String username, String password) + { + if (username != null) setUsername(username); + if (password != null) setPassword(password); + doWISPrLogin(); + } + + public void logoff() + { + doWISPrLogoff(); + } + + public void init() + { + securityManager = System.getSecurityManager(); + + if (isCommunicator()) + { + try + { + netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect"); + netscape.security.PrivilegeManager.enablePrivilege("UniversalConnect"); + } + catch (Throwable e) + { } + } + else + { + try + { + com.ms.security.PolicyEngine.assertPermission(com.ms.security.PermissionID.NETIO); + } + catch (Throwable e) + { } + } + + debugWrite("Version Info:\n" + + System.getProperty("java.vendor") + " " + + System.getProperty("java.version") + " running on " + + System.getProperty("os.name") + " " + + System.getProperty("os.version") + " " + + System.getProperty("os.arch")); + + try + { + group = InetAddress.getByName("224.0.0.1"); + socket = new MulticastSocket(40401); + socket.joinGroup(group); + + messageThread = new Thread(new Runnable() + { + boolean running = true; + public void run() + { + DatagramPacket packet; + while(running) + { + byte[] buf = new byte[256]; + packet = new DatagramPacket(buf, buf.length); + try + { + socket.receive(packet); + String received = new String(packet.getData()); + debugWrite("recieved: "+received); + } + catch(Exception e) + { + debugWrite("recieved: "+e.getMessage()); + running = false; + } + } + } + }); + messageThread.start(); + } + catch (Exception e) + { + debugWrite(e.getMessage()); + } + + findWISPrLogin(publicURL); + } + + public void shutdown() + { + try + { + socket.leaveGroup(group); + socket.close(); + messageThread.interrupt(); + } + catch (Exception e) + { + debugWrite(e.getMessage()); + } + } + + public void broadcastMessage(String message) + { + try + { + DatagramSocket socket = new DatagramSocket(); + InetAddress group = InetAddress.getByName("224.0.0.1"); + DatagramPacket packet = new DatagramPacket(message.getBytes(), message.length(), group, 40401); + socket.send(packet); + socket.close(); + } + catch (Exception e) + { + debugWrite(e.getMessage()); + } + } + + private StringBuffer sb; + private void debugWrite(String msg) + { + if (sb == null) sb = new StringBuffer(); + sb.append(msg); + } + + public String getDebug() + { + String s = sb.toString(); + sb = null; + return s; + } + + private void redirect(String page) + { + status = page; + } + + private void setStatus(String s) + { + status = s; + } + + public void checkStatus() + { + findWISPrLogin(publicURL); + } + + public void findWISPrLogin(String url) + { + PageResult result = getPage(url, cookie); + + if (result == null) + return; + + if (result.getIsXML()==0) + { + String title = getXMLParam(result.getContent(), null, "title"); + if (title != null && titleMatch.equals(title)) + { + isOnline = true; + redirect(onlineURL); + } + else + { + //redirect(noWISPrURL); + } + } + else + { + String xml = WISPrXML[0] = result.getContent(); + debugWrite("Extracted WISPr XML:\n" + xml); + + String xmll = xml.toLowerCase(); + + String responseCode = getXMLParam(xml, xmll, "responsecode"); + if (responseCode == null) { redirect(badWISPrURL); return; } + + if ("200".equals(responseCode)) // Proxy Detection + { + String nextUrl = getXMLParam(xml, xmll, "nexturl"); + if (nextUrl != null && !"".equals(nextUrl)) + { + findWISPrLogin(nextUrl); + } + else + { + redirect(badWISPrURL); + } + } + else if ("201".equals(responseCode)) // Authentication Pending + { + String loginResultsURL = getXMLParam(xml, xmll, "loginresultsurl"); + if (loginResultsURL != null && !"".equals(loginResultsURL)) + { + findWISPrLogin(loginResultsURL); + } + else + { + redirect(badWISPrURL); + } + } + else + { + WISPrLogin = getXMLParam(xml, xmll, "loginurl"); + WISPrAbortLogin = getXMLParam(xml, xmll, "abortloginurl"); + WISPrLocationName = getXMLParam(xml, xmll, "locationname"); + debugWrite("Extracted login URL from WISPr XML:\n" + WISPrLogin); + debugWrite("Extracted abort URL from WISPr XML:\n" + WISPrAbortLogin); + String msg = "Found WiFi Network"; + if (WISPrLogin != null) + { + isReady = true; + } + if (WISPrLocationName != null) + { + status = WISPrLocationName.replaceAll("_", " "); + } + else + { + status = msg; + } + } + } + } + + private void doWISPrLogin() + { + StringBuffer responseHtml; + + try + { + if (WISPrLogin == null) + { + return; + } + + if (username.length() < 1) + { + throw new RuntimeException("Please enter username"); + } + + if (password.length() < 1) + { + throw new RuntimeException("Please enter username"); + } + + String wisprUsername = username; + String wisprPassword = password; + + if (secureRoaming) + { + try + { + ControlThread control = new ControlThread(username); + wisprUsername = control.getOtpUsername(); + wisprPassword = control.getOtpPassword(); + control.start(); + + System.out.println("Using OTP " + wisprUsername + "/" + wisprPassword); + } + catch(IOException ioe) + { + System.err.println("Unable to secure username and password!"); + } + } + + StringBuffer loginUrl = new StringBuffer(WISPrLogin); + + if (WISPrLogin.indexOf("?") > 0) + { + loginUrl.append("&"); + } + else + { + loginUrl.append("?"); + } + + if (prefixRealm != null && prefixRealm.length() > 0) + { + wisprUsername = prefixRealm + "/" + wisprUsername; + } + + loginUrl.append("UserName=").append(urlEncode(wisprUsername)); + loginUrl.append("&Password=").append(urlEncode(wisprPassword)); + + String providerUrl = loginUrl.toString(); + + debugWrite("Login using url " + providerUrl); + + redirect(processWISPrResponse(providerUrl)); + } + catch (Exception rte) + { + debugWrite("Runtime Exception: " + rte.getMessage()); + } + } + + private String processWISPrResponse(String url) + { + PageResult result = getPage(url, cookie); + + if (result.getIsXML()==0) + { + debugWrite("Did not get WISPr XML in: " + result.getContent()); + return badWISPrURL; + } + + String xml = WISPrXML[1] = result.getContent(); + + debugWrite("Extracted WISPr XML:\n" + xml); + + String xmll = xml.toLowerCase(); + loginResult = getXMLParam(xml, xmll, "responsecode"); + loginResultsUrl = getXMLParam(xml, xmll, "loginresultsurl"); + replyMessage = getXMLParam(xml, xmll, "replymessage"); + WISPrLogoff = getXMLParam(xml, xmll, "logoffurl"); + + if (loginResult == null) + { + return badWISPrURL; + } + + if ("50".equals(loginResult)) + { + isOnline = true; + if (replyMessage == null) + { + status = "Logged in"; + } + else + { + status = replyMessage; + } + debugWrite("Successful login: Redirecting user to " + welcomeURL); + return welcomeURL; + } + + if ("201".equals(loginResult)) + { + if (replyMessage == null) + { + status = "Logging in..."; + } + else + { + status = replyMessage; + } + debugWrite("Login pending: resultsUrl " + loginResultsUrl); + return processWISPrResponse(loginResultsUrl); + } + + if (replyMessage == null) + { + status = "Login failed"; + } + else + { + status = replyMessage; + } + return loginURL; + } + + private class ControlThread extends Thread + { + private final Socket socket; + private final BufferedWriter writer; + private final BufferedReader reader; + private String otpUsername; + private String otpPassword; + + public ControlThread(String username) throws IOException, NoSuchAlgorithmException, KeyManagementException + { + SocketFactory fact = null; + if (otpUseSSL) + { + SSLContext sslContext = SSLContext.getInstance("SSLv3"); + sslContext.init(null, new X509TrustManager[]{ new X509TrustManager() + { + public void checkClientTrusted(X509Certificate[] chain, String authType) { } + public void checkServerTrusted(X509Certificate[] chain, String authType) { } + public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } + }}, null); + + fact = sslContext.getSocketFactory(); + } + else + { + fact = SocketFactory.getDefault(); + } + + final SocketFactory factory = fact; + + if (haveJavaSecurity()) + { + socket = (Socket) java.security.AccessController.doPrivileged(new java.security.PrivilegedAction() + { + public Object run() + { + try + { + return factory.createSocket(InetAddress.getByName(otpProxyServer), Integer.parseInt(otpProxyPort)); + } + catch(IOException e) + { + return null; + } + } + }); + if (socket == null) throw new IOException("could not connect to host " + otpProxyServer); + } + else socket = factory.createSocket(InetAddress.getByName(otpProxyServer), Integer.parseInt(otpProxyPort)); + + writer = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream())); + writer.write(username); + writer.write("\n"); + writer.flush(); + + reader = new BufferedReader(new InputStreamReader(socket.getInputStream())); + otpUsername = reader.readLine(); + otpPassword = reader.readLine(); + } + + /** + * @return Returns the otpPassword. + */ + public String getOtpPassword() + { + return otpPassword; + } + + /** + * @return Returns the otpUsername. + */ + public String getOtpUsername() + { + return otpUsername; + } + + public void run() + { + try + { + if (getUsername().startsWith("error:")) + { + status = getUsername().replaceFirst("error:", ""); + } + else + { + doEAP(socket, reader, writer); + } + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + private void doEAP(Socket socket, BufferedReader reader, BufferedWriter writer) throws Exception + { + // We are just going to do EAP-MD5 for now... + writeBytes(writer, eapResponse(EAP_IDENTITY, (byte) 0, getUsername().getBytes())); + byte[] reply = readBytes(reader); + + while (reply != null) + { + byte[] send = doEAP(reply); + writeBytes(writer, send); + reply = readBytes(reader); + } + } + + private byte[] doEAP(byte[] d) throws Exception + { + ByteBuffer bb = ByteBuffer.wrap(d); + + byte rtype = bb.get(); + byte id = bb.get(); + short dlen = bb.getShort(); + + if (rtype != EAP_REQUEST) + { + throw new Exception("Expecting an EAP-Request.. got code: " + rtype); + } + + byte eapcode = 0; + byte[] data = null; + + if (dlen > EAP_HEADERLEN) + { + eapcode = bb.get(); + dlen = (short) (dlen - EAP_HEADERLEN - 1); + + if (dlen > 0) + { + data = new byte[dlen]; + bb.get(data); + } + } + + if (eapcode == EAP_IDENTITY) + { + return eapResponse(EAP_IDENTITY, id, getUsername().getBytes()); + } + + if (eapcode != EAP_MD5) + { + return eapResponse(EAP_NAK, id, new byte[] { EAP_MD5 }); + } + + return eapResponse(EAP_MD5, id, doEAPMD5(id, data)); + } + + public byte[] doEAPMD5(byte id, byte[] data) throws Exception + { + byte md5len = data[0]; + byte[] md5data = new byte[md5len]; + System.arraycopy(data, 1, md5data, 0, md5len); + + byte[] Response = new byte[17]; + Response[0] = 16; + System.arraycopy(chapMD5(id, getPassword().getBytes(), md5data), 0, Response, 1, 16); + + return Response; + } + + protected byte[] eapResponse(int type, byte id, byte[] data) + { + short length = (short) (1 + EAP_HEADERLEN); + if (data != null) length = (short) (length + data.length); + byte[] Response = new byte[length]; + Response[0] = EAP_RESPONSE; + Response[1] = id; + Response[2] = (byte) (length >> 8 & 0xFF); + Response[3] = (byte) (length & 0xFF); + Response[4] = (byte) (type & 0xFF); + if (data != null) System.arraycopy(data, 0, Response, 1 + EAP_HEADERLEN, data.length); + return Response; + } + + private void writeBytes(BufferedWriter writer, byte[] d) throws IOException + { + String s = Base64.encodeBytes(d, Base64.DONT_BREAK_LINES); + debugWrite("Sending: " + s); + writer.write("eap:"); + writer.write(s); + writer.write("\n"); + writer.flush(); + } + + private byte[] readBytes(BufferedReader reader) throws IOException + { + String line = reader.readLine(); + if (line.startsWith("error:")) + { + status = line.substring(6); + return null; + } + if (line.startsWith("eap:")) + { + String s = line.substring(4); + debugWrite("Recv: " + s); + return Base64.decode(s); + } + return null; + } + + public byte[] chapMD5(byte id, byte[] Password, byte[] Challenge) throws Exception + { + MessageDigest md = MessageDigest.getInstance("MD5"); + md.update(id); + md.update(Password, 0, Password.length); + md.update(Challenge, 0, Challenge.length); + return md.digest(); + } + } + + private void doWISPrLogoff() + { + if (WISPrLogoff == null || WISPrLogoff.trim().length()==0) + return; + + PageResult result = getPage(WISPrLogoff, cookie); + + if (result.getIsXML()==1) + debugWrite("WISPr XML:\n" + result.getContent()); + else + debugWrite("NO WISPr XML in:\n" + result.getContent()); + + checkStatus(); + } + + private PageResult getPage(final String urlString, final String cookieString) throws RuntimeException + { + if (haveJavaSecurity()) + { + PageResult result = (PageResult) java.security.AccessController.doPrivileged(new java.security.PrivilegedAction() + { + public Object run() + { + return doGetPage(urlString, cookieString); + } + }); + return result; + } + return doGetPage(urlString, cookieString); + } + + public PageResult doGetPage(final String urlString, final String cookieString) + { + StringBuffer sb = new StringBuffer(); + HttpURLConnection conn = null; + String location = null; + + try + { + URL url = new URL(urlString); + conn = (HttpURLConnection) url.openConnection(); + if (conn instanceof HttpsURLConnection) + { + HttpsURLConnection sconn = (HttpsURLConnection)conn; + + SSLContext sslContext = SSLContext.getInstance("SSL"); + sslContext.init(null, new X509TrustManager[]{ new X509TrustManager() + { + public void checkClientTrusted(X509Certificate[] chain, String authType) { } + public void checkServerTrusted(X509Certificate[] chain, String authType) { } + public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } + }}, null); + + sconn.setSSLSocketFactory(sslContext.getSocketFactory()); + sconn.setHostnameVerifier(new HostnameVerifier() { + public boolean verify(String hostname, SSLSession session) { return true; } + }); + } + + conn.setRequestProperty("User-Agent", getUserAgent()); + + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setUseCaches(false); + conn.setInstanceFollowRedirects(false); + conn.setReadTimeout(5000); + conn.setConnectTimeout(7000); + + if (cookieString != null) + { + conn.setRequestProperty("Cookie", cookieString); + } + + BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream())); + String str; + + int n = 1; + boolean done = false; + while (!done) + { + String headerKey = conn.getHeaderFieldKey(n); + String headerVal = conn.getHeaderField(n); + if (headerKey != null || headerVal != null) + { + if (headerKey.equals("Location")) + { + location = headerVal; + } + else if (headerKey.equals("Set-Cookie")) + { + cookie = headerVal; + } + System.out.println(headerKey + " = " + headerVal); + } + else + { + done = true; + } + n++; + } + + while ((str = in.readLine()) != null) + { + sb.append(str + "\n"); + } + in.close(); + + // Check for WISPr XML + String wisprXml = getWISPrXML(sb.toString()); + + if (wisprXml != null) + return new PageResult(wisprXml,1); + + if (location != null) + { + conn.disconnect(); + return doGetPage(location, cookie); + } + } + catch (MalformedURLException e) + { + e.printStackTrace(); + throw new RuntimeException("getPage: " + e.getClass().getName() + ":" + e.getMessage() + "..."); + } + catch (IOException e) + { + e.printStackTrace(); + throw new RuntimeException("getPage: " + e.getClass().getName() + ":" + e.getMessage() + "..."); + } + catch (Exception e) + { + e.printStackTrace(); + isJavaReady = false; + } + finally + { + if (conn != null) conn.disconnect(); + } + + return new PageResult(sb.toString(), 0); + } + + private static String getWISPrXML(String responseHtml) throws RuntimeException + { + String htmll = responseHtml.toLowerCase(); + int WISPrStartIndex = htmll.indexOf("") + 25; + if (WISPrStartIndex > 0) + { + return responseHtml.substring(WISPrStartIndex, WISPrEndIndex); + } + return null; + } + + private String getXMLParam(String xml, String xmll, String tag) throws RuntimeException + { + if (xmll == null) xmll = xml.toLowerCase(); + int startIndex = xmll.indexOf("<" + tag + ">"); + int endIndex = xmll.indexOf(""); + if (startIndex > 0) + { + startIndex += tag.length() + 2; + String res = urlDecode(xml.substring(startIndex, endIndex)); + res = stringReplaceAll(res, "&", "&"); + return res; + } + return null; + } + + private String urlEncode(String s) + { + String res = s; + try + { + res = URLEncoder.encode(s, ENCODING); + } + catch (NoSuchMethodError e) + { + res = URLEncoder.encode(s); + } + catch (Exception e) + { + res = URLEncoder.encode(s); + } + return res; + } + + private String urlDecode(String s) + { + String res = s; + try + { + res = URLDecoder.decode(s, ENCODING); + } + catch (NoSuchMethodError e) + { + res = URLDecoder.decode(s); + } + catch (Exception e) + { + res = URLDecoder.decode(s); + } + return res; + } + + private String stringReplaceAll(String s, String find, String replace) + { + String result = null; + try + { + result = s.replaceAll(find, replace); + } + catch (NoSuchMethodError e) + { + StringBuffer sb = new StringBuffer(s); + int index = s.length(); + int offset = find.length(); + + while ((index = s.lastIndexOf(find, index - 1)) > -1) + { + sb.replace(index, index + offset, replace); + } + + result = sb.toString(); + } + return result; + } + + private boolean haveJavaSecurity() + { + if (haveJavaSecurity == null) + { + haveJavaSecurity = Boolean.FALSE; + try + { + Class t = Class.forName("java.security.PrivilegedAction"); + haveJavaSecurity = Boolean.TRUE; + } + catch (Exception e) + { + e.printStackTrace(); + } + } + return haveJavaSecurity.booleanValue(); + } + + private boolean isCommunicator() + { + if (isCommunicator == null) + { + isCommunicator = Boolean.FALSE; + try + { + Class t = Class.forName("netscape.security.UserDialogHelper"); + isCommunicator = Boolean.TRUE; + } + catch (Exception e) + { + e.printStackTrace(); + } + } + return isCommunicator.booleanValue(); + } + + public String getPassword() + { + return nonNullString(password); + } + + public void setPassword(String password) + { + this.password = trimString(password); + } + + public String getUsername() + { + return nonNullString(username); + } + + public void setUsername(String username) + { + this.username = trimString(username); + } + + public String getRealm() + { + return nonNullString(realm); + } + + public void setRealm(String realm) + { + this.realm = trimString(realm); + } + + public String getWISPrXML0() + { + return nonNullString(WISPrXML[0]); + } + + public String getWISPrXML1() + { + return nonNullString(WISPrXML[1]); + } + + public String getWISPrLocationName() + { + return nonNullString(WISPrLocationName); + } + + public String getWISPrLogin() + { + return nonNullString(WISPrLogin); + } + + public String getWISPrAbortLogin() + { + return nonNullString(WISPrAbortLogin); + } + + public String getWISPrLogoff() + { + return nonNullString(WISPrLogoff); + } + + public String getOtpCertChain() + { + return nonNullString(otpCertChain); + } + + public void setOtpCertChain(String url) + { + otpCertChain = trimString(url); + } + + public boolean getOtpTrustAnyCert() + { + return otpTrustAnyCert; + } + + public void setOtpTrustAnyCert(boolean trustAnyCert) + { + otpTrustAnyCert = trustAnyCert; + } + + public String getOtpProxyServer() + { + return nonNullString(otpProxyServer); + } + + public void setOtpProxyServer(String server) + { + otpProxyServer = trimString(server); + } + + public String getOtpProxyPort() + { + return otpProxyPort; + } + + public void setOtpProxyPort(String port) + { + String s = trimString(port); + if (s != null) otpProxyPort = s; + } + + public boolean getOtpUseSSL() + { + return otpUseSSL; + } + + public void setOtpUseSSL(boolean useSSL) + { + otpUseSSL = useSSL; + } + + public boolean getSecureRoaming() + { + return secureRoaming; + } + + public void setSecureRoaming(boolean secure) + { + secureRoaming = secure; + } + + public String getPrefixRealm() + { + return nonNullString(prefixRealm); + } + + public void setPrefixRealm(String prefixRealm) + { + this.prefixRealm = trimString(prefixRealm); + } + + public String getLoginURL() + { + return nonNullString(loginURL); + } + + public void setLoginURL(String url) + { + loginURL = trimString(url); + } + + public String getNoWISPrURL() + { + return nonNullString(noWISPrURL); + } + + public void setNoWISPrURL(String url) + { + noWISPrURL = trimString(url); + } + + public String getOnlineURL() + { + return nonNullString(onlineURL); + } + + public void setOnlineURL(String url) + { + onlineURL = trimString(url); + } + + public String getPublicURL() + { + return nonNullString(publicURL); + } + + public void setPublicURL(String url) + { + publicURL = trimString(url); + } + + public String getWelcomeURL() + { + return nonNullString(welcomeURL); + } + + public void setWelcomeURL(String url) + { + welcomeURL = trimString(url); + } + + public String getDebugString() + { + return debugString.toString(); + } + + public void clearDebugString() + { + debugString = new StringBuffer(); + } + + private static String nonNullString(String s) + { + if (s == null) return ""; + s = s.trim(); + return s; + } + + private static String trimString(String s) + { + if (s == null) return null; + s = s.trim(); + if (s.length() == 0) return null; + return s; + } + + public boolean isOnline() + { + return isOnline; + } + + public boolean isReady() + { + return isReady; + } + + public boolean isJavaReady() + { + return isJavaReady; + } + + public static final int EAP_HEADERLEN = 4; + public static final int EAP_REQUEST = 1; + public static final int EAP_RESPONSE = 2; + public static final int EAP_SUCCESS = 3; + public static final int EAP_FAILURE = 4; + public static final int EAP_IDENTITY = 1; + public static final int EAP_NOTIFICATION = 2; + public static final int EAP_NAK = 3; + public static final int EAP_MD5 = 4; + public static final int EAP_OTP = 5; + public static final int EAP_GTC = 6; + public static final int EAP_TLS = 13; + public static final int EAP_LEAP = 17; + public static final int EAP_SIM = 18; + public static final int EAP_TTLS = 21; + public static final int EAP_PEAP = 25; + public static final int EAP_MSCHAPV2 = 26; + public static final int EAP_CISCO_MSCHAPV2 = 29; + public static final int EAP_TLV = 33; + + public String getTitleMatch() + { + return titleMatch; + } + + public void setTitleMatch(String titleMatch) + { + this.titleMatch = titleMatch; + } + + public String getCopyright() + { + return copy; + } + + public String getStatus() + { + return status; + } + + public String getLoginResult() + { + return loginResult; + } + + public String getLoginResultsUrl() + { + return loginResultsUrl; + } + + public String getReplyMessage() + { + return replyMessage; + } + + public String getUserAgent() { + if (userAgent != null && userAgent.trim().length() > 0) return userAgent; + return DEFAULT_USER_AGENT; + } + + public void setUserAgent(String userAgent) { + this.userAgent = userAgent; + } +} diff --git a/bin/README b/bin/README new file mode 100644 index 0000000..de14b3f --- /dev/null +++ b/bin/README @@ -0,0 +1,26 @@ + +Welcome to JRadius! + +How to get up and running with JRadius: + +First, you need to compile and configure FreeRADIUS such that it uses +JRadius. Unzip freeradius.zip and see freeradius/README. + +Start the JRadius server with the jradius.sh script. + + sh jradius.sh + +JRadius also provides a Java RADIUS client API and a Java program called +RadClient. A shell script is provided to run RadClient. To use the script, +create a file containing your attributes, for example: + +echo "User-Name = test" > radius.pkt +echo "User-Password = test" >> radius.pkt + +Now, use the following script with arguments of server, shared secret, +and attributes file: + + sh radclient.sh localhost sharedsecret radius.pkt + +For more information, see http://jradius.net/ + diff --git a/bin/build-dictionary.sh b/bin/build-dictionary.sh new file mode 100644 index 0000000..b96a3fd --- /dev/null +++ b/bin/build-dictionary.sh @@ -0,0 +1,18 @@ +#!/bin/sh +dir=`pwd`; cd `dirname $0`; bin=./; + +dictdir=freeradius/dict +srcdir=build/dictionary-src +bindir=build/dictionary + +[ -e "$dictdir" ] || unzip freeradius.zip +[ -e "$srcdir" ] || mkdir -p $srcdir +[ -e "$bindir" ] || mkdir -p $bindir + +classpath="$CLASSPATH:$bin/jradius.jar:$bin/jradius-dictionary.jar" +CLASSPATH="$classpath" java net.sf.jradius.freeradius.RadiusDictionary \ + net.sf.jradius.dictionary $dictdir $srcdir + +CLASSPATH="$classpath" javac -source 1.4 -target 1.4 -d $bindir `find $srcdir|grep .java` + +(cd $bindir; jar cvf $dir/jradius-dictionary.jar *) diff --git a/bin/jRadiusSimulator.sh b/bin/jRadiusSimulator.sh new file mode 100644 index 0000000..f083d17 --- /dev/null +++ b/bin/jRadiusSimulator.sh @@ -0,0 +1,8 @@ +#!/bin/sh +dir=`pwd`; cd `dirname $0`; bin=`pwd`; cd $dir +classpath="$CLASSPATH:$bin/jradius.jar:$bin/jradius-dictionary.jar" +for jar in $bin/lib/*.jar; do + classpath="$classpath:$jar" +done +classpath="$classpath:$bin/lib/" +CLASSPATH="$classpath" java net.jradius.client.gui.JRadiusSimulator $* diff --git a/bin/jradius.sh b/bin/jradius.sh new file mode 100644 index 0000000..ec48251 --- /dev/null +++ b/bin/jradius.sh @@ -0,0 +1,9 @@ +#!/bin/sh +dir=`pwd`; cd `dirname $0`; bin=./; +classpath="$CLASSPATH:$bin/jradius.jar:$bin/jradius-dictionary.jar" +for jar in $bin/lib/*.jar; do + classpath="$classpath:$jar" +done +classpath="$classpath:$bin/lib/" +CLASSPATH="$classpath" java net.jradius.server.Main jradius-config.xml + diff --git a/bin/radclient b/bin/radclient new file mode 100644 index 0000000..e23eddd --- /dev/null +++ b/bin/radclient @@ -0,0 +1,8 @@ +#!/bin/sh +dir=`pwd`; cd `dirname $0`; bin=`pwd`; cd $dir +classpath="$CLASSPATH:$bin/../dist/jradius.jar:$bin/../dist/jradius-dictionary.jar" +classpath="$classpath:$bin/../dist/lib/java-getopt-1.0.13.jar" +classpath="$classpath:$bin/../dist/lib/gnu-crypto-2.0.1.jar" +classpath="$classpath:$bin/../dist/lib/log4j-1.2.9.jar" +classpath="$classpath:$bin/../dist/lib/" +CLASSPATH="$classpath" java -Dgnu.posixly_correct=1 net.jradius.client.RadClient $* diff --git a/bin/radclient.sh b/bin/radclient.sh new file mode 100644 index 0000000..a7731fc --- /dev/null +++ b/bin/radclient.sh @@ -0,0 +1,8 @@ +#!/bin/sh +dir=`pwd`; cd `dirname $0`; bin=`pwd`; cd $dir +classpath="$CLASSPATH:$bin/jradius.jar:$bin/jradius-dictionary.jar" +for jar in $bin/lib/*.jar; do + classpath="$classpath:$jar" +done +classpath="$classpath:$bin/lib/" +CLASSPATH="$classpath" java net.jradius.client.RadClient $* diff --git a/bin/radsimulator b/bin/radsimulator new file mode 100644 index 0000000..b014153 --- /dev/null +++ b/bin/radsimulator @@ -0,0 +1,7 @@ +#!/bin/sh +dir=`pwd`; cd `dirname $0`; bin=`pwd`; cd $dir +classpath="$CLASSPATH:$bin/../dist/jradius.jar:$bin/../dist/jradius-dictionary.jar" +classpath="$classpath:$bin/../java/lib/gnu-crypto.jar" +classpath="$classpath:$bin/../java/lib/log4j-1.2.9.jar" +classpath="$classpath:$bin/../java/lib/" +CLASSPATH="$classpath" java net.jradius.client.gui.JRadiusSimulator $* diff --git a/core/pom.xml b/core/pom.xml new file mode 100644 index 0000000..b4b8456 --- /dev/null +++ b/core/pom.xml @@ -0,0 +1,79 @@ + + + + 4.0.0 + net.jradius + jradius-core + ${project.artifactId}-${project.version} + 1.0.0-SNAPSHOT + Core classes + + + net.jradius + jradius + 1.0.0-SNAPSHOT + ../pom.xml + + + + + org.springframework + spring-context + 2.5.5 + + + + commons-configuration + commons-configuration + 1.5 + + + + commons-chain + commons-chain + 1.2 + + + + net.sf.ehcache + ehcache + 1.5.0-beta2 + + + + org.gnu + java-getopt + 1.0.13 + + + + org.gnu + gnu-crypto + 2.0.1 + + + + + + + + ../java/src + + **/*.xml + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + 1.5 + 1.5 + + + + + + diff --git a/core/src/main/java/net/jradius/JRadiusManager.java b/core/src/main/java/net/jradius/JRadiusManager.java new file mode 100644 index 0000000..f647058 --- /dev/null +++ b/core/src/main/java/net/jradius/JRadiusManager.java @@ -0,0 +1,7 @@ +package net.jradius; + +public interface JRadiusManager +{ + public abstract void start(); + public abstract void stop(); +} \ No newline at end of file diff --git a/core/src/main/java/net/jradius/client/RadBench.java b/core/src/main/java/net/jradius/client/RadBench.java new file mode 100644 index 0000000..d0cd4b5 --- /dev/null +++ b/core/src/main/java/net/jradius/client/RadBench.java @@ -0,0 +1,340 @@ +/** + * RadBench + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client; + +import gnu.getopt.Getopt; + +import java.io.BufferedReader; +import java.io.FileReader; +import java.io.IOException; +import java.net.InetAddress; + +import net.jradius.client.auth.RadiusAuthenticator; +import net.jradius.log.RadiusLog; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.RadiusRequest; +import net.jradius.packet.RadiusResponse; +import net.jradius.packet.attribute.AttributeDictionary; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; + + + +/** + * A Java RADIUS Benchmarking program.
Usage:

+ * 

+ *     RadBench Arguments: [options] server secret file
+ *     	server			= RADIUS server hostname or ip
+ *     	secret			= Shared secret to use
+ *     	file			= File containing the attribute name/value pairs
+ * 
+ *     Options:
+ *     	-d java-class	= Java class name of the attribute dictionary
+ *     	                 (default: net.jradius.dictionary.RadiusDictionaryImpl)
+ *     	-a auth-mode	= Either PAP (default), CHAP, MSCHAP, MSCHAPv2, 
+ *     	                 EAP-MD5, or EAP-MSCHAPv2
+ *     	                 (always provide the plain-text password in User-Password)
+ *
+ *

+ * If the packet attribtue list contains "Acct-Status-Type", then RadClient will know the + * packet is an AccountingRequest. Otherwise, it assumes you are sending a AccessRequest. + * The attribute file can contain multiple packets separated by a single blank line. + * You can optionally also "sleep" for a number of seconds between packets as shown in this + * example attributes file (authentication, following by a start, interim, and stop accounting): + * @author David Bird + */ +public class RadBench +{ + protected static RadiusClient client; + protected static RadiusAuthenticator auth; + + protected static void usage() + { + StringBuffer sb = new StringBuffer(); + sb.append("RadBench Arguments: [options] server secret file\n"); + sb.append("\tserver = RADIUS server hostname or ip\n"); + sb.append("\tsecret = Shared secret to use\n"); + sb.append("\tfile = File containing the attribute name/value pairs\n"); + sb.append("\nOptions:\n"); + sb.append("\t-d java-class = Java class name of the attribute dictionary\n"); + sb.append("\t (default: net.jradius.dictionary.RadiusDictionaryImpl)\n"); + sb.append("\t-a auth-mode = Either PAP (default), CHAP, MSCHAP, MSCHAPv2,\n"); + sb.append("\t EAP-MD5, or EAP-MSCHAPv2\n"); + sb.append("\t (always provide the plain-text password in User-Password)\n"); + sb.append("\n"); + System.out.print(sb.toString()); + } + + protected static boolean loadAttributes(AttributeList list, BufferedReader in) throws IOException + { + String line; + boolean allowLine = true; + + while ((line = in.readLine()) != null) + { + line = line.trim(); + if (line.startsWith("#")) continue; + + if (line.equals("")) + { + if (!allowLine) break; + continue; + } + + if (line.startsWith("sleep ")) + { + allowLine = true; + try + { + int i = Integer.parseInt(line.substring(6)); + if (i > 0) Thread.sleep(i * 1000); + } catch(Exception e) { e.printStackTrace(); } + continue; + } + + allowLine = false; + + try + { + RadiusAttribute a = AttributeFactory.attributeFromString(line); + if (a != null) list.add(a, false); + } + catch(Exception e) + { + e.printStackTrace(); + } + } + + return (line != null); + } + + public static void main(String[] args) + { + Getopt g = new Getopt("RadBench", args, "a:d:t:p:r:c:"); + + String dictClass = "net.jradius.dictionary.AttributeDictionaryImpl"; + + int authPort = 1812; + int acctPort = 1813; + int timeout = 60; + + int requesters = 5; + int requests = 10; + + int op; + while ((op = g.getopt()) != -1) + { + switch(op) + { + case 'd': + { + dictClass = g.getOptarg(); + } + break; + + case 't': + { + timeout = Integer.parseInt(g.getOptarg()); + } + break; + + case 'p': + { + authPort = Integer.parseInt(g.getOptarg()); + acctPort = authPort + 1; + } + break; + + case 'a': + { + String arg = g.getOptarg(); + if ((auth = RadiusClient.getAuthProtocol(arg)) == null) + { + System.err.println("Unsupported authentication protocol " + arg); + } + } + break; + + case 'r': + { + requesters = Integer.parseInt(g.getOptarg()); + } + break; + + case 'c': + { + requests = Integer.parseInt(g.getOptarg()); + } + break; + + default: + { + usage(); + return; + } + } + } + + int gidx = g.getOptind(); + + if (args.length - gidx < 3) + { + usage(); + return; + } + + String host = args[gidx]; + String secret = args[gidx + 1]; + String file = args[gidx + 2]; + + AttributeFactory.loadAttributeDictionary(dictClass); + + try + { + InetAddress inet = InetAddress.getByName(host); + client = new RadiusClient(inet, secret, authPort, acctPort, timeout); + + BenchThread thread[] = new BenchThread[requesters]; + int i = 0; + + RadiusLog.info("Starting Requester Threads..."); + long startTime = System.currentTimeMillis(); + + for (i = 0; i < requesters; i++) + { + (thread[i] = new BenchThread(requests, file)).start(); + } + + int sent = 0; + int received = 0; + + for (i = 0; i < thread.length; i++) + { + thread[i].join(); + sent += thread[i].getSent(); + received += thread[i].getReceived(); + } + + long endTime = System.currentTimeMillis(); + RadiusLog.info("Completed."); + RadiusLog.info("Results:"); + RadiusLog.info(" Requesters: " + requesters); + RadiusLog.info(" Requests: " + requests); + RadiusLog.info(" Packets Sent: " + sent); + RadiusLog.info(" Packets Received: " + received); + RadiusLog.info(" Secconds: " + (double)(endTime - startTime) / 1000); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + private static class BenchThread extends Thread + { + int requests; + String file; + int sent = 0; + int received = 0; + + BenchThread(int requests, String file) + { + this.requests = requests; + this.file = file; + this.setDaemon(true); + } + + public void run() + { + try + { + runRequester(); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + public void runRequester() throws Exception + { + while (requests-- > 0) + { + BufferedReader in = new BufferedReader(new FileReader(file)); + boolean active = true; + + while (active) + { + AttributeList attributes = new AttributeList(); + active = loadAttributes(attributes, in); + if (attributes.getSize() == 0) continue; + + RadiusRequest request; + RadiusResponse reply; + RadiusAttribute attr; + Long status; + + if ((attr = attributes.get(AttributeDictionary.ACCT_STATUS_TYPE)) != null && + (status = (Long)attr.getValue().getValueObject()) != null && + status.intValue() <= 3) + { + request = new AccountingRequest(client, attributes); + reply = (RadiusResponse)client.accounting((AccountingRequest)request, 5); + } + else + { + request = new AccessRequest(client, attributes); + reply = client.authenticate((AccessRequest)request, auth, 5); + } + + sent++; + + if (reply == null) + { + RadiusLog.error("Timed out on request! Not a good benchmark!"); + } + else + { + received++; + } + } + } + } + + /** + * @return Returns the received. + */ + public int getReceived() + { + return received; + } + + /** + * @return Returns the sent. + */ + public int getSent() + { + return sent; + } + } +} diff --git a/core/src/main/java/net/jradius/client/RadClient.java b/core/src/main/java/net/jradius/client/RadClient.java new file mode 100644 index 0000000..270f086 --- /dev/null +++ b/core/src/main/java/net/jradius/client/RadClient.java @@ -0,0 +1,369 @@ +/** + * RadClient + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client; + +import gnu.getopt.Getopt; + +import java.io.BufferedReader; +import java.io.FileReader; +import java.io.IOException; +import java.net.InetAddress; +import java.util.Locale; + +import net.jradius.client.auth.RadiusAuthenticator; +import net.jradius.client.auth.TunnelAuthenticator; +import net.jradius.exception.StandardViolatedException; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.RadiusRequest; +import net.jradius.packet.RadiusResponse; +import net.jradius.packet.attribute.AttributeDictionary; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.standard.RadiusStandard; +import net.jradius.util.RadiusRandom; + + + +/** + * A Java RADIUS Client program.
Usage:

+ * 

+ *     RadClient Arguments: [options] server secret file
+ *     	server			= RADIUS server hostname or ip
+ *     	secret			= Shared secret to use
+ *     	file			= File containing the attribute name/value pairs
+ * 
+ *     Options:
+ *     	-d java-class	= Java class name of the attribute dictionary
+ *     	                 (default: net.jradius.dictionary.RadiusDictionaryImpl)
+ *     	-s java-class	= Java class name of the attribute checker
+ *     	                 (e.g net.jradius.standard.WISPrStandard)
+ *     	-a auth-mode	= Either PAP (default), CHAP, MSCHAP, MSCHAPv2, 
+ *     	                 EAP-MD5, EAP-MSCHAPv2 or EAP-TLS
+ *     	-T tunnel-mode	= Only EAP-TTLS currently supported
+ *      -A              = Generate a unique Acct-Session-Id in Accounting Requests
+ *      -C              = Turn OFF Class attribute support
+ *   
+ *
+ * Also see http://jradius.net/ + *

+ * If the packet attribtue list contains "Acct-Status-Type", then RadClient will know the + * packet is an AccountingRequest. Otherwise, it assumes you are sending a AccessRequest. + * The attribute file can contain multiple packets separated by a single blank line. + * You can optionally also "sleep" for a number of seconds between packets as shown in this + * example attributes file (authentication, following by a start, interim, and stop accounting): + *

+ * 

+ * # Lines starting with a hash are comments
+ * User-Name = test
+ * User-Password = test
+ * 
+ * sleep 1
+ * 
+ * User-Name = test
+ * Acct-Status-Type = Start
+ *
+ * sleep 1
+ * 
+ * User-Name = test
+ * Acct-Status-Type = Interim-Update
+ *
+ * sleep 1
+ * 
+ * User-Name = test
+ * Acct-Status-Type = Stop
+ *

+ * + * @author David Bird + */ +public class RadClient +{ + private static RadiusClient client; + + private static void usage() + { + StringBuffer sb = new StringBuffer(); + sb.append("\n"); + sb.append("RadClient Arguments: [options] server secret file\n"); + sb.append("\tserver = RADIUS server hostname or ip\n"); + sb.append("\tsecret = Shared secret to use\n"); + sb.append("\tfile = File containing the attribute name/value pairs\n"); + sb.append("\nOptions:\n"); + sb.append("\t-d java-class = Java class name of the attribute dictionary\n"); + sb.append("\t (default: net.jradius.dictionary.RadiusDictionaryImpl)\n"); + sb.append("\t-s java-class = Java class name of the attribute checker\n"); + sb.append("\t (e.g net.jradius.standard.WISPrStandard)\n"); + sb.append("\t-a auth-mode = Either PAP (default), CHAP, MSCHAP, MSCHAPv2,\n"); + sb.append("\t EAP-MD5, EAP-MSCHAPv2, or EAP-TLS (see below for format)\n"); + sb.append("\t (provide the plain-text password in User-Password)\n"); + sb.append("\t-T tunnel-mode = Only EAP-TTLS is currently supported (see below for info)\n"); + sb.append("\t-A = Generate a unique Acct-Session-Id in Accounting Requests\n"); + sb.append("\t-C = Turn OFF Class attribute support\n"); + sb.append("\nUsing EAP-TLS and EAP-TTLS:\n"); + sb.append("\n"); + sb.append("More information at http://jradius.net/\n"); + sb.append("\n"); + System.out.print(sb.toString()); + } + + private static boolean loadAttributes(AttributeList list, BufferedReader in) throws IOException + { + String line; + boolean allowLine = true; + + while ((line = in.readLine()) != null) + { + line = line.trim(); + if (line.startsWith("#")) continue; + + if (line.equals("")) + { + if (!allowLine) break; + continue; + } + + if (line.startsWith("sleep ")) + { + allowLine = true; + try + { + int i = Integer.parseInt(line.substring(6)); + if (i > 0) Thread.sleep(i * 1000); + } catch(Exception e) { e.printStackTrace(); } + continue; + } + + allowLine = false; + + try + { + RadiusAttribute a = AttributeFactory.attributeFromString(line); + if (a != null) list.add(a, false); + } + catch(Exception e) + { + e.printStackTrace(); + } + } + + return (line != null); + } + + public static void main(String[] args) + { + Locale.setDefault(Locale.US); + Getopt g = new Getopt("RadClient", args, "s:a:d:t:p:T:A"); + + String dictClass = "net.jradius.dictionary.AttributeDictionaryImpl"; + String check = null; + + RadiusAuthenticator auth = null; + int authPort = 1812; + int acctPort = 1813; + int timeout = 60; + + boolean sendbackClass = true; + boolean tunneledRequest = false; + boolean generateSessionId = false; + RadiusAttribute generatedSessionId = null; + + int op; + while ((op = g.getopt()) != -1) + { + switch(op) + { + case 'A': + { + generateSessionId = true; + } + break; + + case 's': + { + check = g.getOptarg(); + } + break; + + case 'd': + { + dictClass = g.getOptarg(); + } + break; + + case 't': + { + timeout = Integer.parseInt(g.getOptarg()); + } + break; + + case 'p': + { + authPort = Integer.parseInt(g.getOptarg()); + acctPort = authPort + 1; + } + break; + + case 'C': + { + sendbackClass = false; + } + break; + + case 'T': + { + tunneledRequest = true; + } + // fall-through + case 'a': + { + String arg = g.getOptarg(); + if ((auth = RadiusClient.getAuthProtocol(arg)) == null) + { + System.err.println("Unsupported authentication protocol " + arg); + } + } + break; + + default: + { + usage(); + return; + } + } + } + + int gidx = g.getOptind(); + + if (args.length - gidx < 3) + { + usage(); + return; + } + + String host = args[gidx]; + String secret = args[gidx + 1]; + String file = args[gidx + 2]; + + AttributeFactory.loadAttributeDictionary(dictClass); + + try + { + boolean active = true; + InetAddress inet = InetAddress.getByName(host); + BufferedReader in = new BufferedReader(new FileReader(file)); + RadiusStandard standard = null; + + client = new RadiusClient(inet, secret, authPort, acctPort, timeout); + + if (check != null) + { + Class c = Class.forName(check); + try + { + standard = (RadiusStandard)c.newInstance(); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + RadiusAttribute classAttr = null; + + while (active) + { + AttributeList attributes = new AttributeList(); + active = loadAttributes(attributes, in); + if (attributes.getSize() == 0) continue; + if (classAttr != null) attributes.add(classAttr); + + RadiusRequest request; + RadiusResponse reply; + RadiusAttribute attr; + Long status; + + if ((attr = attributes.get(AttributeDictionary.ACCT_STATUS_TYPE)) != null && + (status = (Long)attr.getValue().getValueObject()) != null && + status.intValue() <= 3) + { + request = new AccountingRequest(client, attributes); + if (generateSessionId) + { + if (generatedSessionId == null) + { + generatedSessionId = AttributeFactory.newAttribute("Acct-Session-Id", "JRadius-" + RadiusRandom.getRandomString(16), "="); + } + request.overwriteAttribute(generatedSessionId); + } + reply = (RadiusResponse)client.accounting((AccountingRequest)request, 5); + } + else + { + request = new AccessRequest(client, attributes); + if (tunneledRequest) + { + if (auth instanceof TunnelAuthenticator) + { + AttributeList attrs = new AttributeList(); + active = loadAttributes(attrs, in); + ((TunnelAuthenticator)auth).setTunneledAttributes(attrs); + } + else + { + System.err.println("Error: -T option used with a non-tunnel authenticator: " + auth.getClass().getName()); + } + } + reply = client.authenticate((AccessRequest)request, auth, 5); + if (reply != null) classAttr = reply.findAttribute("Class"); + } + + if (standard != null) + { + try + { + standard.checkPacket(request); + } + catch (StandardViolatedException e) + { + System.err.println("Warning: Access Request Missing " + standard.getName() + " Attributes:\n\t" + e.listAttributes()); + } + + try + { + standard.checkPacket(reply); + } + catch (StandardViolatedException e) + { + System.err.println("Warning: Access Reply Missing " + standard.getName() + " Attributes:\n\t" + e.listAttributes()); + } + } + + if (request != null) System.out.println(request.toString()); + if (reply != null) System.out.println(reply.toString()); + } + } + catch (Exception e) + { + e.printStackTrace(); + } + } +} diff --git a/core/src/main/java/net/jradius/client/RadiusClient.java b/core/src/main/java/net/jradius/client/RadiusClient.java new file mode 100644 index 0000000..a2854d4 --- /dev/null +++ b/core/src/main/java/net/jradius/client/RadiusClient.java @@ -0,0 +1,602 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client; + +import java.beans.Introspector; +import java.beans.PropertyDescriptor; +import java.io.IOException; +import java.lang.reflect.Method; +import java.net.DatagramPacket; +import java.net.DatagramSocket; +import java.net.InetAddress; +import java.net.SocketTimeoutException; +import java.security.MessageDigest; +import java.util.HashMap; +import java.util.LinkedHashMap; + +import net.jradius.client.auth.CHAPAuthenticator; +import net.jradius.client.auth.EAPMD5Authenticator; +import net.jradius.client.auth.EAPMSCHAPv2Authenticator; +import net.jradius.client.auth.MSCHAPv1Authenticator; +import net.jradius.client.auth.MSCHAPv2Authenticator; +import net.jradius.client.auth.PAPAuthenticator; +import net.jradius.client.auth.RadiusAuthenticator; +import net.jradius.exception.RadiusException; +import net.jradius.exception.RadiusSecurityException; +import net.jradius.exception.TimeoutException; +import net.jradius.exception.UnknownAttributeException; +import net.jradius.log.RadiusLog; +import net.jradius.packet.AccessChallenge; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.AccountingResponse; +import net.jradius.packet.CoARequest; +import net.jradius.packet.CoAResponse; +import net.jradius.packet.DisconnectRequest; +import net.jradius.packet.DisconnectResponse; +import net.jradius.packet.PacketFactory; +import net.jradius.packet.RadiusFormat; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.RadiusRequest; +import net.jradius.packet.RadiusResponse; +import net.jradius.packet.attribute.AttributeDictionary; +import net.jradius.session.JRadiusSession; +import net.jradius.util.MessageAuthenticator; + + +/** + * A Radius Client Context + * + * @author David Bird + */ +public class RadiusClient +{ + public static final int defaultAuthPort = 1812; + public static final int defaultAcctPort = 1813; + public static final int defaultTimeout = 60; + + protected InetAddress remoteInetAddress; + protected String sharedSecret; + + protected int authPort = defaultAuthPort; + protected int acctPort = defaultAcctPort; + protected int socketTimeout = defaultTimeout * 1000; + + protected DatagramSocket socket; + private MessageDigest md5Digest; + + protected JRadiusSession session; + + private static final RadiusFormat format = RadiusFormat.getInstance(); + + protected static final LinkedHashMap authenticators = new LinkedHashMap(); + + static + { + // Supported Authentication Protocols + registerAuthenticator("pap", PAPAuthenticator.class); + registerAuthenticator("chap", CHAPAuthenticator.class); + registerAuthenticator("mschapv1", MSCHAPv1Authenticator.class); + registerAuthenticator("mschapv2", MSCHAPv2Authenticator.class); + registerAuthenticator("mschap", MSCHAPv2Authenticator.class); + registerAuthenticator("eap-md5", EAPMD5Authenticator.class); + registerAuthenticator("eap-mschapv2", EAPMSCHAPv2Authenticator.class); + try + { + registerAuthenticator("eap-tls", "net.jradius.client.auth.EAPTLSAuthenticator"); + registerAuthenticator("eap-ttls", "net.jradius.client.auth.EAPTTLSAuthenticator"); + registerAuthenticator("peap", "net.jradius.client.auth.PEAPAuthenticator"); + //registerAuthenticator("eap-aka", "net.jradius.client.auth.EAPAKAAuthenticator"); + } + catch (ClassNotFoundException e) + { + RadiusLog.warn("EAP-TLS and EAP-TTLS are only available with Java 1.5"); + } + // Lets use the Gnu-Crypto Provider + //if (java.security.Security.getProvider("GNU-CRYPTO") == null) + //java.security.Security.addProvider(new gnu.crypto.jce.GnuCrypto()); + } + + /** + * Default constructor + */ + public RadiusClient() + { + try + { + this.socket = new DatagramSocket(); + this.md5Digest = MessageDigest.getInstance("MD5"); + } + catch (Exception e) + { + RadiusLog.error(e.getMessage()); + e.printStackTrace(); + } + } + + /** + * RadiusClient constructor + * @param address The Internet address to send to + * @param secret Our shared secret + * @throws RadiusException + */ + public RadiusClient(InetAddress address, String secret) + { + this(); + setRemoteInetAddress(address); + setSharedSecret(secret); + } + + /** + * RadiusClient constructor + * @param address The Internet address to send to + * @param secret Our shared secret + * @param authPort The authentication port + * @param acctPort The accounting port + * @param timeout Timeout (time to wait for a reply) + * @throws RadiusException + */ + public RadiusClient(InetAddress address, String secret, int authPort, int acctPort, int timeout) + { + this(); + setRemoteInetAddress(address); + setSharedSecret(secret); + setAuthPort(authPort); + setAcctPort(acctPort); + setSocketTimeout(timeout); + } + + public void close() + { + this.socket.close(); + } + + /** + * Registration of supported RadiusAuthenticator protocols + * @param name The authentication protocol name + * @param c The RadiusAuthenticator class that implements the protocol + */ + public static void registerAuthenticator(String name, Class c) + { + authenticators.put(name, c); + } + + public static void registerAuthenticator(String name, String className) throws ClassNotFoundException + { + Class c = Class.forName(className); + authenticators.put(name, c); + } + + /** + * Get a supported RadiusAuthenticator based on the protocol name. If no + * protocol with that name is supported, null is returned. If the authenticator + * class for the named protocol has writable bean properties, these can be set by + * appending a colon separated list of property=value pairs to the protocolName. + * For instance, the EAP-TLS (and EAP-TTLS since it derives from EAP-TLS) authenticator + * class has numerous configurable properties (including keyFile, keyFileType, keyPassword, etc). + *

+ * Examples: + *

    + *
  • getAuthProtocol("pap") returns PAPAuthenticator
    • + *
  • getAuthProtocol("chap") returns CHAPAuthenticator
    • + *
  • getAuthProtocol("eap-md5") returns EAPMD5Authenticator
    • + *
  • getAuthProtocol("eap-ttls") returns default EALTTLSAuthenticator
    • + *
  • getAuthProtocol("eap-tls:keyFile=keystore:keyPassword=mypass") returns EALTLSAuthenticator with setKeyFile("keystore") and setKeyPassword("mypass")
    • + *
  • getAuthProtocol("eap-ttls:trustAll=true") returns EALTTLSAuthenticator with setTrustAll(true)
    • + *
+ * Keep in mind that Java 1.5 is required for EAP-TLS/TTLS and only PAP is usable as the inner protocol + * because of limitations of Java 1.5. + *

+ * @param protocolName The requested authentication protocol + * @return Returns an instance of RadiusAuthenticator or null + */ + public static RadiusAuthenticator getAuthProtocol(String protocolName) + { + RadiusAuthenticator auth = null; + String[] args = null; + int i; + + if ((i = protocolName.indexOf(':')) > 0) + { + if (i < protocolName.length()) + { + args = protocolName.substring(i + 1).split(":"); + } + protocolName = protocolName.substring(0, i); + } + + protocolName = protocolName.toLowerCase(); + + Class c = (Class)authenticators.get(protocolName); + + if (c == null) return null; + try + { + auth = (RadiusAuthenticator)c.newInstance(); + } + catch(Exception e) + { + e.printStackTrace(); + return null; + } + if (args != null) + { + HashMap elements = new HashMap(); + Class clazz = auth.getClass(); + PropertyDescriptor[] props = null; + try + { + props = Introspector.getBeanInfo(clazz).getPropertyDescriptors(); + } + catch (Exception e) + { + RadiusLog.error("Could not instanciate authenticator " + protocolName); + return auth; + } + for (int p = 0; p < props.length; p++) + { + PropertyDescriptor pd = props[p]; + Method m = pd.getWriteMethod(); + if (m != null) + { + elements.put(pd.getName(), pd); + } + } + for (int a = 0; a < args.length; a++) + { + int eq = args[a].indexOf("="); + if (eq > 0) + { + String name = args[a].substring(0, eq); + String value = args[a].substring(eq + 1); + + PropertyDescriptor pd = (PropertyDescriptor)elements.get(name); + Method m = pd.getWriteMethod(); + + if (m == null) + { + RadiusLog.error("Authenticator " + protocolName + " does not have a writable attribute " + name); + } + else + { + Object valueObject = value; + Class cType = pd.getPropertyType(); + if (cType == Boolean.class) + { + valueObject = new Boolean(value); + } + else if (cType == Integer.class) + { + valueObject = new Integer(value); + } + try + { + m.invoke(auth, new Object[]{ valueObject }); + } + catch (Exception e) + { + RadiusLog.error("Error setting attribute " + name + " for authenticator " + protocolName + ": " + e.getMessage()); + } + } + } + } + } + return auth; + } + + /** + * Authenicates using the specified method. For all methods, it is assumed + * that the user's password can be found in the User-Password attribute. All + * authentiation requests automatically contain the Message-Authenticator attribute. + * @param p RadiusPacket to be send (should be AccessRequest) + * @param auth The RadiusAuthenticator instance (if null, PAPAuthenticator is used) + * @param retries Number of times to retry (without response) + * @return Returns the reply RadiusPacket + * @throws RadiusException + * @throws UnknownAttributeException + */ + public RadiusResponse authenticate(AccessRequest p, RadiusAuthenticator auth, int retries) + throws RadiusException, UnknownAttributeException + { + if (auth == null) auth = new PAPAuthenticator(); + + auth.setupRequest(this, p); + auth.processRequest(p); + + while (true) + { + RadiusResponse reply = sendReceive(p, remoteInetAddress, authPort, retries); + + if (reply instanceof AccessChallenge) + { + auth.processChallenge(p, reply); + } + else + { + return reply; + } + } + } + + /** + * Add the Message-Authentivator attribute to the given RadiusPacket + * @param request The RadiusPacket + */ + private void generateMessageAuthenticator(RadiusPacket request) + { + MessageAuthenticator.generateRequest(request, sharedSecret); + } + + /** + * Verify the Message-Authenticator based on RFC 2869 + * @param request The RADIUS request send + * @param reply The RADIUS reply received + * @param required Whether or not the Message-Authenticator is required (as for EAP) + * @return Returns true if there is no Message-Authenticator or if it present and correct + */ + private boolean verifyMessageAuthenticator(RadiusRequest request, RadiusResponse reply, boolean required) + { + Boolean verified = MessageAuthenticator.verifyReply(request, reply, sharedSecret); + if (verified == null && required) return false; + if (verified == null) return true; + return verified.booleanValue(); + } + + /** + * Verify the RADIUS Authenticator + * @param request The RADIUS request send + * @param reply The RADIUS reply received + * @return Returns true if there is no Authenticator is correct + */ + private boolean verifyAuthenticator(RadiusRequest request, RadiusResponse reply) + { + return reply.verifyAuthenticator(request.getAuthenticator(), getSharedSecret()); + } + + /** + * Send an accounting request + * @param p The RadiusPacket to be sent (should be AccountingRequest) + * @param retries Number of times to retry (without a response) + * @return Returns the reply RadiusPacket + * @throws RadiusException + * @throws UnknownAttributeException + */ + public AccountingResponse accounting(AccountingRequest p, int retries) + throws RadiusException + { + RadiusResponse response = sendReceive(p, remoteInetAddress, acctPort, retries); + if (!(response instanceof AccountingResponse)) + throw new RadiusException("Received something other than AccountingResponse to a AccountingRequest"); + return (AccountingResponse)response; + } + + public DisconnectResponse disconnect(DisconnectRequest p, int retries) + throws RadiusException + { + RadiusResponse response = sendReceive(p, remoteInetAddress, authPort, retries); + if (!(response instanceof DisconnectResponse)) + throw new RadiusException("Received something other than DisconnectResponse to a DisconnectRequest"); + return (DisconnectResponse)response; + } + + public CoAResponse changeOfAuth(CoARequest p, int retries) + throws RadiusException + { + RadiusResponse response = sendReceive(p, remoteInetAddress, authPort, retries); + if (!(response instanceof CoAResponse)) + throw new RadiusException("Received something other than CoAResponse to a CoARequest"); + return (CoAResponse)response; + } + + /** + * Send and receive RadiusPackets + * @param p The RadiusPacket being sent + * @param a The Internet Address sending to + * @param port The port sending to + * @param retries Number of times to retry (without response) + * @return Returns the returned RadiusPacket + */ + public RadiusResponse sendReceive(RadiusRequest p, InetAddress a, int port, int retries) + throws RadiusException + { + RadiusResponse r = null; + int tries = 0; + + if (p instanceof AccessRequest) + { + generateMessageAuthenticator(p); + } + + if (retries < 0) retries = 0; retries++; // do at least one + + while (tries < retries) + { + try + { + if (socketTimeout > 0) + { + socket.setSoTimeout(socketTimeout); + } + send(p, a, port, tries); + r = receive(); + break; + } + catch (SocketTimeoutException e) + { + } + catch (IOException e) + { + e.printStackTrace(); + } + tries++; + } + + if (tries == retries) + { + throw new TimeoutException("Timeout: No Response from RADIUS Server"); + } + + if (!verifyAuthenticator(p, r)) + { + throw new RadiusSecurityException("Invalid RADIUS Authenticator"); + } + + if (!verifyMessageAuthenticator(p, r, (r.findAttribute(AttributeDictionary.EAP_MESSAGE) != null))) + { + throw new RadiusSecurityException("Invalid RADIUS Message-Authenticator"); + } + + return r; + } + + protected void send(RadiusPacket p, InetAddress a, int port, int attempt) throws IOException + { + if (attempt > 1) + { + RadiusLog.warn("RadiusClient retrying request (attempt " + attempt + ")..."); + } + byte[] b = format.packPacket(p, sharedSecret); + DatagramPacket request = new DatagramPacket(b, b.length, a, port); + socket.send(request); + } + + protected RadiusResponse receive() throws IOException, RadiusException + { + byte replyBytes[] = new byte[RadiusPacket.MAX_PACKET_LENGTH]; + DatagramPacket reply = new DatagramPacket(replyBytes, replyBytes.length); + + socket.receive(reply); + + RadiusPacket replyPacket = PacketFactory.parse(reply); + + if (!(replyPacket instanceof RadiusResponse)) + { + throw new RadiusException("Received something other than a RADIUS Response to a Request"); + } + + return (RadiusResponse)replyPacket; + } + + /** + * @return Returns the MD5 MessageDigest being used + */ + public MessageDigest getMD() + { + return this.md5Digest; + } + + /** + * @return Returns the RADIUS accounting port + */ + public int getAcctPort() + { + return acctPort; + } + + /** + * @param acctPort The RADIUS accounting port + */ + public void setAcctPort(int acctPort) + { + this.acctPort = acctPort; + } + + /** + * @return Returns the RADIUS authentication port + */ + public int getAuthPort() + { + return authPort; + } + + /** + * @param authPort The RADIUS authentication port + */ + public void setAuthPort(int authPort) + { + this.authPort = authPort; + } + + /** + * @return Returns the socket timeout (in seconds) + */ + public int getSocketTimeout() + { + return socketTimeout / 1000; + } + + /** + * @param socketTimeout The socket timeout (in seconds) + */ + public void setSocketTimeout(int socketTimeout) + { + this.socketTimeout = socketTimeout * 1000; + } + + /** + * @return Returns the remote server IP Address + */ + public InetAddress getRemoteInetAddress() + { + return remoteInetAddress; + } + + /** + * @param remoteInetAddress The remote server IP Address + */ + public void setRemoteInetAddress(InetAddress remoteInetAddress) + { + this.remoteInetAddress = remoteInetAddress; + } + + /** + * @return Returns the local IP Address (bind address) + */ + public InetAddress getLocalInetAddress() + { + return socket.getLocalAddress(); + } + + /** + * @param localInetAddress The local IP Address to bind to + */ + public void setLocalInetAddress(InetAddress localInetAddress) + { + // TODO: create a socket bound to the localInetAddress + } + + /** + * @return Returns the shared secret + */ + public String getSharedSecret() + { + return this.sharedSecret; + } + + /** + * @param sharedSecret The shared secret to set + */ + public void setSharedSecret(String sharedSecret) + { + this.sharedSecret = sharedSecret; + } +} diff --git a/core/src/main/java/net/jradius/client/RadiusClientSession.java b/core/src/main/java/net/jradius/client/RadiusClientSession.java new file mode 100644 index 0000000..6c82c85 --- /dev/null +++ b/core/src/main/java/net/jradius/client/RadiusClientSession.java @@ -0,0 +1,216 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client; + +import java.util.Date; + +import net.jradius.client.auth.RadiusAuthenticator; +import net.jradius.packet.attribute.RadiusAttribute; + + +public class RadiusClientSession implements Runnable +{ + private RadiusClient radiusClient; + + private long octetsIn; + private long octetsOut; + private long packetsIn; + private long packetsOut; + private long sessionTime; + + private long idleTimeout; + private long sessionTimeout; + private long interimInterval; + + private boolean authenticated = false; + private boolean stopped = false; + private RadiusAttribute classAttribute; + private RadiusAuthenticator radiusAuthenticator; + private Date startTime; + private Thread thread; + + /* + * Runs the radius session in a thread sending interim updates until + * we have been told to logout. + * @see java.lang.Runnable#run() + */ + public void run() + { + while (authenticated && !stopped) + { + } + } + + public synchronized void start() + { + if (authenticated) + { + thread = new Thread(this); + thread.start(); + } + } + + public synchronized void stop() + { + stopped = true; + if (thread != null) + { + thread.interrupt(); + } + } + + public synchronized void incrementOctetsIn(long l) + { + octetsIn += l; + } + public synchronized void incrementOctetsOut(long l) + { + octetsOut += l; + } + public synchronized void incrementPacketsIn(long l) + { + packetsIn += l; + } + public synchronized void incrementPacketsOut(long l) + { + packetsOut += l; + } + + class RadiusClientSessionException extends Exception + { + public RadiusClientSessionException(String s) + { + super(s); + } + } + + /* Getters and Setters */ + + public RadiusAttribute getClassAttribute() + { + return classAttribute; + } + + public void setClassAttribute(RadiusAttribute classAttribute) + { + this.classAttribute = classAttribute; + } + + public long getIdleTimeout() + { + return idleTimeout; + } + + public void setIdleTimeout(long idleTimeout) + { + this.idleTimeout = idleTimeout; + } + + public long getInterimInterval() + { + return interimInterval; + } + + public void setInterimInterval(long interimInterval) + { + this.interimInterval = interimInterval; + } + + public long getOctetsIn() + { + return octetsIn; + } + + public void setOctetsIn(long octetsIn) + { + this.octetsIn = octetsIn; + } + + public long getOctetsOut() + { + return octetsOut; + } + + public void setOctetsOut(long octetsOut) + { + this.octetsOut = octetsOut; + } + + public long getPacketsIn() + { + return packetsIn; + } + + public void setPacketsIn(long packetsIn) + { + this.packetsIn = packetsIn; + } + + public long getPacketsOut() + { + return packetsOut; + } + + public void setPacketsOut(long packetsOut) + { + this.packetsOut = packetsOut; + } + + public RadiusAuthenticator getRadiusAuthenticator() + { + return radiusAuthenticator; + } + + public void setRadiusAuthenticator(RadiusAuthenticator radiusAuthenticator) + { + this.radiusAuthenticator = radiusAuthenticator; + } + + public RadiusClient getRadiusClient() + { + return radiusClient; + } + + public void setRadiusClient(RadiusClient radiusClient) + { + this.radiusClient = radiusClient; + } + + public long getSessionTime() + { + return sessionTime; + } + + public void setSessionTime(long sessionTime) + { + this.sessionTime = sessionTime; + } + + public long getSessionTimeout() + { + return sessionTimeout; + } + + public void setSessionTimeout(long sessionTimeout) + { + this.sessionTimeout = sessionTimeout; + } +} diff --git a/core/src/main/java/net/jradius/client/auth/CHAPAuthenticator.java b/core/src/main/java/net/jradius/client/auth/CHAPAuthenticator.java new file mode 100644 index 0000000..bc33b63 --- /dev/null +++ b/core/src/main/java/net/jradius/client/auth/CHAPAuthenticator.java @@ -0,0 +1,67 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import java.util.Arrays; + +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.util.CHAP; +import net.jradius.util.RadiusRandom; + + +/** + * CHAP Authentication. + * + * @author David Bird + */ +public class CHAPAuthenticator extends RadiusAuthenticator +{ + public static final String NAME = "chap"; + + public String getAuthName() + { + return NAME; + } + + public void processRequest(RadiusPacket p) throws RadiusException + { + p.removeAttribute(password); + + RadiusAttribute attr; + byte authChallenge[] = RadiusRandom.getBytes(16); + byte chapResponse[] = CHAP.chapResponse((byte)p.getIdentifier(), password.getValue().getBytes(), authChallenge); + + p.addAttribute(attr = AttributeFactory.newAttribute("CHAP-Challenge")); + attr.setValue(authChallenge); + + p.addAttribute(attr = AttributeFactory.newAttribute("CHAP-Password")); + attr.setValue(chapResponse); + } + + public static boolean verifyPassword(byte[] response, byte[] challenge, byte id, byte[] clearText) + { + byte chapResponse[] = CHAP.chapResponse(id, clearText, challenge); + return Arrays.equals(response, chapResponse); + } +} diff --git a/core/src/main/java/net/jradius/client/auth/EAPAuthenticator.java b/core/src/main/java/net/jradius/client/auth/EAPAuthenticator.java new file mode 100644 index 0000000..2274eff --- /dev/null +++ b/core/src/main/java/net/jradius/client/auth/EAPAuthenticator.java @@ -0,0 +1,325 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import java.nio.ByteBuffer; + +import net.jradius.exception.RadiusException; +import net.jradius.log.RadiusLog; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeDictionary; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.RadiusAttribute; + +/** + * EAP Authentication. This abstract class is extended to + * implement EAP protocols. + * + * @author David Bird + */ +public abstract class EAPAuthenticator extends RadiusAuthenticator +{ + protected boolean peap = false; + private boolean startWithIdentity = true; + private byte eapType; + + /** + * @see net.sf.jradius.client.auth.RadiusAuthenticator#processRequest(net.jradius.packet.RadiusPacket) + */ + public void processRequest(RadiusPacket p) throws RadiusException + { + p.removeAttribute(AttributeDictionary.USER_PASSWORD); + RadiusAttribute a = AttributeFactory.newAttribute(AttributeDictionary.EAP_MESSAGE, + isStartWithIdentity() ? eapResponse(EAP_IDENTITY, (byte)0, getUsername()) : null); + p.overwriteAttribute(a); + } + + /** + * EAP requires a challenge/response. The request packet is reset with a new + * RADIUS itentifier and the EAP-Message is encoded. + * @see net.sf.jradius.client.auth.RadiusAuthenticator#processChallenge(net.jradius.packet.RadiusPacket, net.jradius.packet.RadiusPacket) + */ + public void processChallenge(RadiusPacket p, RadiusPacket r) throws RadiusException + { + p.setIdentifier(-1); + + Object[] aList; + RadiusAttribute a; + + aList = r.findAttributes(AttributeDictionary.EAP_MESSAGE); + + if (aList == null) + { + throw new RadiusException("No EAP-Message in AccessChallenge"); + } + + + // Count how long the EAP-Message is + int eapLength = 0; + for (int i=0; i + * 2.1. Extensions Request Packet + * + * A summary of the Extensions Request packet format is shown below. The + * fields are transmitted from left to right. + * + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Code | Identifier | Length | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Type | Data.... + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * + * @param eapReply The in-coming EAP-Message + * @return Returns the out-bound EAP-Message + */ + public byte[] doEAP(byte[] eapReply) throws RadiusException + { + if (eapReply != null) + { + ByteBuffer bb = ByteBuffer.wrap(eapReply); + byte rtype = EAP_REQUEST; + byte id = 0; + int dlen = 0; + + byte codeOrType = bb.get(); + + if (!peap || codeOrType == EAP_REQUEST) + { + rtype = codeOrType; + id = bb.get(); + dlen = bb.getShort() - EAP_HEADERLEN - 1; + codeOrType = bb.get(); + } + else + { + dlen = bb.remaining(); + } + + if (rtype != EAP_REQUEST) + { + RadiusLog.error("Expecting an EAP-Request.. got code: " + rtype); + return null; + } + + byte eapcode = 0; + byte[] data = null; + + if (dlen > 0) + { + eapcode = codeOrType; + data = new byte[dlen]; + bb.get(data); + } + + if (peap && eapcode == EAP_TLV) + { + return tlvSuccess(id); + } + + if (eapcode == EAP_IDENTITY) + { + return eapResponse(EAP_IDENTITY, id, getUsername()); + } + + if (eapcode != eapType) + { + return negotiateEAPType(id, eapType); + } + + return eapResponse(eapType, id, doEAPType(id, data, eapReply)); + } + + return null; + } + + /** + * Negotiates the EAP Authentication Protocol to use + * @param id The EAP ID + * @param eapType The wanted EAP Protocol Type + * @return Returns the EAP-Message + */ + protected byte[] negotiateEAPType(byte id, byte eapType) + { + return eapResponse(EAP_NAK, id, new byte[] { eapType }); + } + + /** + * Encodes an EAP-Response + * @param type The EAP-Type + * @param id The EAP Packet ID + * @param data The EAP-Message data + * @return Returns the EAP-Message + */ + protected byte[] eapResponse(int type, byte id, byte[] data) + { + int offset, length; + byte[] response; + + if (!peap || type == EAP_TLV) + { + length = 1 + EAP_HEADERLEN + data.length; + response = new byte[length]; + response[0] = EAP_RESPONSE; + response[1] = id; + response[2] = (byte)(length >> 8 & 0xFF); + response[3] = (byte)(length & 0xFF); + offset = 4; + } + else + { + length = 1 + data.length; + response = new byte[length]; + offset = 0; + } + response[offset] = (byte)(type & 0xFF); + if (data != null) System.arraycopy(data, 0, response, offset+1, data.length); + return response; + } + + /* + *

   
+     * 2.3.1.  Result AVP
+     *   
+     *   The Result AVP provides support for acknowledged Success and Failure
+     *   within EAP. It is defined as follows:
+     *   
+     *   0                   1                   2                   3
+     *   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+     *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+     *   |M|R|         AVP Type          |            Length             |
+     *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+     *   |              Status           |
+     *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+     *
+ */ + public byte[] tlvSuccess(byte id) + { + byte[] b = new byte[6]; + b[0] = (byte)0x80; + b[1] = (byte)0x03; + b[2] = (byte)0x00; + b[3] = (byte)0x02; + b[4] = (byte)0x00; + b[5] = (byte)0x01; + return eapResponse(EAP_TLV, id, b); + } + + public static final int EAP_HEADERLEN = 4; + + public static final int EAP_REQUEST = 1; + public static final int EAP_RESPONSE = 2; + public static final int EAP_SUCCESS = 3; + public static final int EAP_FAILURE = 4; + + public static final int EAP_IDENTITY = 1; + public static final int EAP_NOTIFICATION = 2; + public static final int EAP_NAK = 3; + public static final int EAP_MD5 = 4; + public static final int EAP_OTP = 5; + public static final int EAP_GTC = 6; + public static final int EAP_TLS = 13; + public static final int EAP_LEAP = 17; + public static final int EAP_SIM = 18; + public static final int EAP_TTLS = 21; + public static final int EAP_AKA = 23; + public static final int EAP_PEAP = 25; + public static final int EAP_MSCHAPV2 = 26; + public static final int EAP_CISCO_MSCHAPV2 = 29; + public static final int EAP_TLV = 33; + + public boolean isStartWithIdentity() + { + return startWithIdentity; + } + + public void setStartWithIdentity(boolean startWithIdentity) + { + this.startWithIdentity = startWithIdentity; + } +} diff --git a/core/src/main/java/net/jradius/client/auth/EAPMD5Authenticator.java b/core/src/main/java/net/jradius/client/auth/EAPMD5Authenticator.java new file mode 100644 index 0000000..ae8b99e --- /dev/null +++ b/core/src/main/java/net/jradius/client/auth/EAPMD5Authenticator.java @@ -0,0 +1,61 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import net.jradius.util.CHAP; + +/** + * EAP-MD5 Authentication. + * + * @author David Bird + */ +public class EAPMD5Authenticator extends EAPAuthenticator +{ + public static final String NAME = "eap-md5"; + + public EAPMD5Authenticator() + { + setEAPType(EAP_MD5); + } + + /** + * @see net.sf.jradius.client.auth.RadiusAuthenticator#getAuthName() + */ + public String getAuthName() + { + return NAME; + } + + public byte[] doEAPType(byte id, byte[] data) + { + byte md5len = data[0]; + byte[] md5data = new byte[md5len]; + System.arraycopy(data, 1, md5data, 0, md5len); + + byte[] response = new byte[17]; + response[0] = 16; + + System.arraycopy(CHAP.chapMD5(id, getPassword(), md5data), 0, response, 1, 16); + + return response; + } +} diff --git a/core/src/main/java/net/jradius/client/auth/EAPMSCHAPv2Authenticator.java b/core/src/main/java/net/jradius/client/auth/EAPMSCHAPv2Authenticator.java new file mode 100644 index 0000000..a361565 --- /dev/null +++ b/core/src/main/java/net/jradius/client/auth/EAPMSCHAPv2Authenticator.java @@ -0,0 +1,121 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import net.jradius.util.MSCHAP; + +/** + * EAP-MSCHAPv2 Authentication. + * + * @author David Bird + */ +public class EAPMSCHAPv2Authenticator extends EAPAuthenticator +{ + public static final String NAME = "eap-mschapv2"; + + public EAPMSCHAPv2Authenticator() + { + setEAPType(EAP_MSCHAPV2); + } + + public EAPMSCHAPv2Authenticator(boolean peap) + { + setEAPType(EAP_MSCHAPV2); + this.peap = peap; + } + + /** + * @see net.sf.jradius.client.auth.RadiusAuthenticator#getAuthName() + */ + public String getAuthName() + { + return NAME; + } + + public byte[] doEAPType(byte id, byte[] data) + { + byte opCode = data[0]; + switch (opCode) + { + case EAP_MSCHAPV2_CHALLENGE: // EAP-MSCHAPv2-CHALLENGE + { + /* + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Code | Identifier | Length | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Type | OpCode | MS-CHAPv2-ID | MS-Length... + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | MS-Length | Value-Size | Challenge... + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Challenge... + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Name... + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + */ + + byte[] challenge = new byte[16]; + System.arraycopy(data, 5, challenge, 0, 16); + + short length = 55 + EAP_HEADERLEN; + byte[] response = new byte[54]; + response[0] = EAP_MSCHAPV2_RESPONSE; // OpCode + response[1] = (byte) (data[1] + 1); // MS-CHAPv2-ID + response[2] = (byte) (length << 8 & 0xFF); // MS-Length + response[3] = (byte) (length & 0xFF); // MS-Length + response[4] = 49; // Value-Size + System.arraycopy(MSCHAP.doMSCHAPv2(getUsername(), getPassword(), challenge), 2, response, 5, 48); + return response; + } + + case EAP_MSCHAPV2_SUCCESS: // EAP-MSCHAPv2-SUCCESS + { + /* + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Code | Identifier | Length | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Type | OpCode | MS-CHAPv2-ID | MS-Length... + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | MS-Length | Message... + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + */ + byte[] response = new byte[4]; + response[0] = EAP_MSCHAPV2_SUCCESS; + response[1] = data[1]; + response[2] = (byte) 0; + response[3] = (byte) 0; + return response; + } + } + + return null; + } + + private static final byte EAP_MSCHAPV2_ACK = 0; + private static final byte EAP_MSCHAPV2_CHALLENGE = 1; + private static final byte EAP_MSCHAPV2_RESPONSE = 2; + private static final byte EAP_MSCHAPV2_SUCCESS = 3; + private static final byte EAP_MSCHAPV2_FAILURE = 4; +} diff --git a/core/src/main/java/net/jradius/client/auth/MSCHAPv1Authenticator.java b/core/src/main/java/net/jradius/client/auth/MSCHAPv1Authenticator.java new file mode 100644 index 0000000..411ccca --- /dev/null +++ b/core/src/main/java/net/jradius/client/auth/MSCHAPv1Authenticator.java @@ -0,0 +1,59 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.util.MSCHAP; +import net.jradius.util.RadiusRandom; + + +/** + * MSCHAPv1 Authentication. + * + * @author David Bird + */ +public class MSCHAPv1Authenticator extends RadiusAuthenticator +{ + public static final String NAME = "mschapv1"; + + public String getAuthName() + { + return NAME; + } + + public void processRequest(RadiusPacket p) throws RadiusException + { + p.removeAttribute(password); + + RadiusAttribute attr; + byte authChallenge[] = RadiusRandom.getBytes(16); + byte chapResponse[] = MSCHAP.doMSCHAPv1(password.getValue().getBytes(), authChallenge); + + p.addAttribute(attr = AttributeFactory.newAttribute("MS-CHAP-Challenge")); + attr.setValue(authChallenge); + + p.addAttribute(attr = AttributeFactory.newAttribute("MS-CHAP-Response")); + attr.setValue(chapResponse); + } +} diff --git a/core/src/main/java/net/jradius/client/auth/MSCHAPv2Authenticator.java b/core/src/main/java/net/jradius/client/auth/MSCHAPv2Authenticator.java new file mode 100644 index 0000000..ac48916 --- /dev/null +++ b/core/src/main/java/net/jradius/client/auth/MSCHAPv2Authenticator.java @@ -0,0 +1,60 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.util.MSCHAP; +import net.jradius.util.RadiusRandom; + + +/** + * MSCHAPv2 Authentication. + * + * @author David Bird + */ +public class MSCHAPv2Authenticator extends RadiusAuthenticator +{ + public static final String NAME = "mschapv2"; + + public String getAuthName() + { + return NAME; + } + + public void processRequest(RadiusPacket p) throws RadiusException + { + if (password == null) throw new RadiusException("Password required"); + p.removeAttribute(password); + + RadiusAttribute attr; + byte authChallenge[] = RadiusRandom.getBytes(16); + byte chapResponse[] = MSCHAP.doMSCHAPv2(username.getValue().getBytes(), password.getValue().getBytes(), authChallenge); + + p.addAttribute(attr = AttributeFactory.newAttribute("MS-CHAP-Challenge")); + attr.setValue(authChallenge); + + p.addAttribute(attr = AttributeFactory.newAttribute("MS-CHAP2-Response")); + attr.setValue(chapResponse); + } +} diff --git a/core/src/main/java/net/jradius/client/auth/PAPAuthenticator.java b/core/src/main/java/net/jradius/client/auth/PAPAuthenticator.java new file mode 100644 index 0000000..fb2b21b --- /dev/null +++ b/core/src/main/java/net/jradius/client/auth/PAPAuthenticator.java @@ -0,0 +1,58 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import java.util.Arrays; + +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; +import net.jradius.util.RadiusUtils; + + +/** + * PAP (default) Authentication. + * + * @author David Bird + */ +public class PAPAuthenticator extends RadiusAuthenticator +{ + public static final String NAME = "pap"; + + public String getAuthName() + { + return NAME; + } + + public void processRequest(RadiusPacket p) throws RadiusException + { + password.setValue(RadiusUtils.encodePapPassword( + password.getValue().getBytes(), + // Create an authenticator (AccessRequest just needs shared secret) + p.createAuthenticator(null, client.getSharedSecret()), + client.getSharedSecret())); + } + + public static boolean verifyPassword(byte[] userPassword, byte[] requestAuthenticator, byte[] clearText, String sharedSecret) + { + byte[] pw = RadiusUtils.encodePapPassword(clearText, requestAuthenticator, sharedSecret); + return Arrays.equals(pw, userPassword); + } +} diff --git a/core/src/main/java/net/jradius/client/auth/RadiusAuthenticator.java b/core/src/main/java/net/jradius/client/auth/RadiusAuthenticator.java new file mode 100644 index 0000000..980b091 --- /dev/null +++ b/core/src/main/java/net/jradius/client/auth/RadiusAuthenticator.java @@ -0,0 +1,120 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import net.jradius.client.RadiusClient; +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeDictionary; +import net.jradius.packet.attribute.RadiusAttribute; + + + +/** + * RADIUS Authentication Protocol Implementations. All Authenticators + * are extended from this abstract class. + * + * @author David Bird + */ +public abstract class RadiusAuthenticator +{ + protected RadiusClient client; + protected RadiusAttribute username; + protected RadiusAttribute password; + + /** + * @return Returns the name(s) of the protocol(s) provided. + */ + public abstract String getAuthName(); + + /** + * @param c The RadiusClient context being used + * @param p Setup the Authenticator with packet data + * @throws RadiusException + */ + public void setupRequest(RadiusClient c, RadiusPacket p) throws RadiusException + { + client = c; + username = p.findAttribute(AttributeDictionary.USER_NAME); + + if (username == null) + { + throw new RadiusException("You must at least have a User-Name attribute in a Access-Request"); + } + + password = p.findAttribute(AttributeDictionary.USER_PASSWORD); + } + + /** + * @param p The RadiusPacket to be processed + * @throws RadiusException + */ + public abstract void processRequest(RadiusPacket p) throws RadiusException; + + /** + * If the protocol has a request/challenge process, this function must + * be implemented. + * @param request The original AccessRequest RadiusPacket + * @param challenge The AccessChallenge packet + * @throws RadiusException + */ + public void processChallenge(RadiusPacket request, RadiusPacket challenge) throws RadiusException + { + throw new RadiusException("A RequestChallenge was returned for a " + + getAuthName() + " authentication!\n" + + request.toString() + "\n" + challenge.toString()); + } + + /** + * @return Returns the client. + */ + public RadiusClient getClient() + { + return client; + } + + /** + * @param client The client to set. + */ + public void setClient(RadiusClient client) + { + this.client = client; + } + + /** + * @return Returns the username. + */ + protected byte[] getUsername() + { + return username.getValue().getBytes(); + } + + /** + * @return Returns the password. + */ + protected byte[] getPassword() + { + if (password != null) + return password.getValue().getBytes(); + + return null; + } +} diff --git a/core/src/main/java/net/jradius/client/auth/TunnelAuthenticator.java b/core/src/main/java/net/jradius/client/auth/TunnelAuthenticator.java new file mode 100644 index 0000000..bf96ee5 --- /dev/null +++ b/core/src/main/java/net/jradius/client/auth/TunnelAuthenticator.java @@ -0,0 +1,32 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import net.jradius.packet.attribute.AttributeList; + +/** + * Interface implemented by RadiusAuthenticators that provide a TLS tunnel. + * @author David Bird + */ +public interface TunnelAuthenticator +{ + public void setTunneledAttributes(AttributeList attributes); +} diff --git a/core/src/main/java/net/jradius/client/auth/package.html b/core/src/main/java/net/jradius/client/auth/package.html new file mode 100644 index 0000000..af6def2 --- /dev/null +++ b/core/src/main/java/net/jradius/client/auth/package.html @@ -0,0 +1,5 @@ + + +Provides JRadius Client Authenticators including PAP, CHAP, MSCHAP, MSCHAPv2, EAP-MD5, EAP-MSCHAPv2, EAP-TLS, EAP-TTLS. + + diff --git a/core/src/main/java/net/jradius/client/package.html b/core/src/main/java/net/jradius/client/package.html new file mode 100644 index 0000000..1408235 --- /dev/null +++ b/core/src/main/java/net/jradius/client/package.html @@ -0,0 +1,5 @@ + + +Contains the RadiusClient API and the RadClient and RadBench programs. + + diff --git a/core/src/main/java/net/jradius/exception/InvalidParameterException.java b/core/src/main/java/net/jradius/exception/InvalidParameterException.java new file mode 100644 index 0000000..9d139cf --- /dev/null +++ b/core/src/main/java/net/jradius/exception/InvalidParameterException.java @@ -0,0 +1,39 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.exception; + +/** + * Invalid RADIUS Paramater Exception + * + * @author David Bird + */ +public class InvalidParameterException extends RadiusException +{ + public InvalidParameterException() + { + this("An Invalid Parameter was sent to this method!"); + } + + public InvalidParameterException(String message) + { + super(message); + } +} diff --git a/core/src/main/java/net/jradius/exception/NoSuchSessionException.java b/core/src/main/java/net/jradius/exception/NoSuchSessionException.java new file mode 100644 index 0000000..00f0ac8 --- /dev/null +++ b/core/src/main/java/net/jradius/exception/NoSuchSessionException.java @@ -0,0 +1,34 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.exception; + +/** + * No Such Session Exception + * + * @author David Bird + */ +public class NoSuchSessionException extends RadiusException +{ + public NoSuchSessionException(String message) + { + super(message); + } +} diff --git a/core/src/main/java/net/jradius/exception/RadiusException.java b/core/src/main/java/net/jradius/exception/RadiusException.java new file mode 100644 index 0000000..015d2d5 --- /dev/null +++ b/core/src/main/java/net/jradius/exception/RadiusException.java @@ -0,0 +1,44 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.exception; + +/** + * RADIUS Exception + * + * @author David Bird + */ +public class RadiusException extends Exception +{ + public RadiusException(String message) + { + super(message); + } + + public RadiusException(String message, Exception e) + { + super(message, e); + } + + public RadiusException(Exception e) + { + super(e); + } +} diff --git a/core/src/main/java/net/jradius/exception/RadiusSecurityException.java b/core/src/main/java/net/jradius/exception/RadiusSecurityException.java new file mode 100644 index 0000000..014c4b0 --- /dev/null +++ b/core/src/main/java/net/jradius/exception/RadiusSecurityException.java @@ -0,0 +1,34 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.exception; + +/** + * Unknown Attribute Exception + * + * @author David Bird + */ +public class RadiusSecurityException extends RadiusException +{ + public RadiusSecurityException(String message) + { + super(message); + } +} diff --git a/core/src/main/java/net/jradius/exception/StandardViolatedException.java b/core/src/main/java/net/jradius/exception/StandardViolatedException.java new file mode 100644 index 0000000..d73ae11 --- /dev/null +++ b/core/src/main/java/net/jradius/exception/StandardViolatedException.java @@ -0,0 +1,88 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.exception; + +import java.util.Iterator; +import java.util.List; + +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.RadiusAttribute; + + +/** + * The Exception thrown by a RadiusStandard which found missing attributes. + * + * @author David Bird + */ +public class StandardViolatedException extends RadiusException +{ + private final Class standardClass; + private final List missingAttributes; + + public StandardViolatedException(Class standardClass, List missing) + { + super("Standards Violation: " + standardClass.getName()); + this.standardClass = standardClass; + this.missingAttributes = missing; + } + + /** + * @return Returns same as listAttribtues(", ") + */ + public String listAttributes() + { + return listAttributes(", "); + } + + /** + * Provides a listing of the names of the missing attributes + * @param sep delimiter to use between attribute names + * @return Returns the list of attribute names as a String + */ + public String listAttributes(String sep) + { + StringBuffer sb = new StringBuffer(); + for (Iterator i = missingAttributes.iterator(); i.hasNext(); ) + { + Long type = (Long)i.next(); + RadiusAttribute a = AttributeFactory.newAttribute(type.longValue(), null); + if (a != null) sb.append(sep).append(a.getAttributeName()); + } + return sb.substring(sep.length()); + } + + /** + * @return Returns the Class the generated the exception + */ + public Class getStandardClass() + { + return standardClass; + } + + /** + * @return Returns the list of missing attributes (a list of Integers) + */ + public List getMissingAttributes() + { + return missingAttributes; + } +} diff --git a/core/src/main/java/net/jradius/exception/TimeoutException.java b/core/src/main/java/net/jradius/exception/TimeoutException.java new file mode 100644 index 0000000..73cc30a --- /dev/null +++ b/core/src/main/java/net/jradius/exception/TimeoutException.java @@ -0,0 +1,34 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.exception; + +/** + * Unknown Attribute Exception + * + * @author David Bird + */ +public class TimeoutException extends RadiusException +{ + public TimeoutException(String message) + { + super(message); + } +} diff --git a/core/src/main/java/net/jradius/exception/UnknownAttributeException.java b/core/src/main/java/net/jradius/exception/UnknownAttributeException.java new file mode 100644 index 0000000..38acd34 --- /dev/null +++ b/core/src/main/java/net/jradius/exception/UnknownAttributeException.java @@ -0,0 +1,34 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.exception; + +/** + * Unknown Attribute Exception + * + * @author David Bird + */ +public class UnknownAttributeException extends RadiusException +{ + public UnknownAttributeException(String message) + { + super(message); + } +} diff --git a/core/src/main/java/net/jradius/exception/package.html b/core/src/main/java/net/jradius/exception/package.html new file mode 100644 index 0000000..75f9ba8 --- /dev/null +++ b/core/src/main/java/net/jradius/exception/package.html @@ -0,0 +1,5 @@ + + +JRadius Exceptions Types. + + diff --git a/core/src/main/java/net/jradius/freeradius/FreeRadiusFormat.java b/core/src/main/java/net/jradius/freeradius/FreeRadiusFormat.java new file mode 100644 index 0000000..0816caa --- /dev/null +++ b/core/src/main/java/net/jradius/freeradius/FreeRadiusFormat.java @@ -0,0 +1,95 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.freeradius; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; + +import net.jradius.packet.RadiusFormat; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.packet.attribute.value.AttributeValue; + + +/** + * Packs and Unpacks Radius Packets and Attributes for the FreeRADIUS Server. + * + * @author David Bird + */ +public class FreeRadiusFormat extends RadiusFormat +{ + private static final FreeRadiusFormat staticFormat = new FreeRadiusFormat(); + + /** + * @see net.jradius.packet.RadiusFormat#setAttributeBytes(net.jradius.packet.RadiusPacket, byte[]) + */ + public static void setAttributeBytes(RadiusPacket p, byte[] bAttributes) + { + int attributesLength = bAttributes.length; + + if (attributesLength > 0) + { + staticFormat.unpackAttributes(p.getAttributes(), bAttributes, 0, attributesLength); + } + } + + /** + * @see net.jradius.packet.RadiusFormat#packHeader(java.io.OutputStream, net.jradius.packet.RadiusPacket, byte[]) + */ + public void packHeader(OutputStream out, RadiusPacket p, byte[] attributeBytes, String sharedSecret) throws IOException + { + writeUnsignedInt(out, p.getCode()); + writeUnsignedInt(out, p.getIdentifier()); + writeUnsignedInt(out, attributeBytes == null ? 0 : attributeBytes.length); + } + + /** + * @see net.jradius.packet.RadiusFormat#packHeader(java.io.OutputStream, net.jradius.packet.attribute.RadiusAttribute) + */ + public void packHeader(OutputStream out, RadiusAttribute a) throws IOException + { + AttributeValue attributeValue = a.getValue(); + writeUnsignedInt(out, a.getFormattedType()); + writeUnsignedInt(out, attributeValue.getLength()); + writeUnsignedInt(out, a.getAttributeOp()); + } + + /** + * @see net.jradius.packet.RadiusFormat#unpackAttributeHeader(java.io.InputStream, net.jradius.packet.RadiusFormat.AttributeParseContext) + */ + public int unpackAttributeHeader(InputStream in, AttributeParseContext ctx) throws IOException + { + ctx.attributeType = (int)readUnsignedInt(in); + ctx.attributeLength = (int)readUnsignedInt(in); + ctx.attributeOp = (int)readUnsignedInt(in); + + if (ctx.attributeType > (1 << 16)) + { + // FreeRADIUS encodes the vendor number in the type + // with: if (vendor) attr->attr |= (vendor << 16); + ctx.vendorNumber = (ctx.attributeType >> 16) & 0xffff; + ctx.attributeType &= 0xffff; + } + + return 12; + } +} diff --git a/core/src/main/java/net/jradius/freeradius/FreeRadiusListener.java b/core/src/main/java/net/jradius/freeradius/FreeRadiusListener.java new file mode 100644 index 0000000..f9c4091 --- /dev/null +++ b/core/src/main/java/net/jradius/freeradius/FreeRadiusListener.java @@ -0,0 +1,79 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.freeradius; + +import java.io.DataInputStream; +import java.io.IOException; +import java.io.InputStream; + +import net.jradius.exception.RadiusException; +import net.jradius.packet.PacketFactory; +import net.jradius.packet.RadiusFormat; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.server.JRadiusEvent; +import net.jradius.server.TCPListener; + +/** + * FreeRADIUS/rlm_jradius Listener + * + * @author Gert Jan Verhoog + */ +public class FreeRadiusListener extends TCPListener +{ + private static final FreeRadiusFormat format = new FreeRadiusFormat(); + + public JRadiusEvent parseRequest(InputStream inputStream) throws IOException, RadiusException + { + FreeRadiusRequest request = new FreeRadiusRequest(); + DataInputStream in = new DataInputStream(inputStream); + + long nameLength = RadiusFormat.readUnsignedInt(in); + + if (nameLength < 0 || nameLength > 1024) + { + throw new RadiusException("KeepAlive rlm_jradius connection has been closed"); + } + + byte[] nameBytes = new byte[(int)nameLength]; + in.readFully(nameBytes); + + int messageType = RadiusFormat.readUnsignedByte(in); + int packetCount = RadiusFormat.readUnsignedByte(in);; + + RadiusPacket rp[] = PacketFactory.parse(in, packetCount); + + long length = RadiusFormat.readUnsignedInt(in); + byte[] bConfig = new byte[(int)length]; + in.readFully(bConfig); + + AttributeList configItems = new AttributeList(); + format.unpackAttributes(configItems, bConfig, 0, (int)length); + + request.setConfigItems(configItems); + request.setSender(new String(nameBytes)); + request.setType(messageType); + request.setPackets(rp); + + return request; + } +} diff --git a/core/src/main/java/net/jradius/freeradius/FreeRadiusProcessor.java b/core/src/main/java/net/jradius/freeradius/FreeRadiusProcessor.java new file mode 100644 index 0000000..ada9922 --- /dev/null +++ b/core/src/main/java/net/jradius/freeradius/FreeRadiusProcessor.java @@ -0,0 +1,119 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.freeradius; + +import java.io.ByteArrayOutputStream; +import java.io.DataOutputStream; +import java.io.IOException; +import java.io.OutputStream; + +import net.jradius.exception.RadiusException; +import net.jradius.handler.chain.JRCommand; +import net.jradius.log.RadiusLog; +import net.jradius.packet.RadiusFormat; +import net.jradius.packet.RadiusPacket; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; +import net.jradius.server.ListenerRequest; +import net.jradius.server.RadiusProcessor; +import net.jradius.server.config.Configuration; + + +/** + * FreeRADIUS Request Processor + * + * @author Gert Jan Verhoog + * @author David Bird + */ +public class FreeRadiusProcessor extends RadiusProcessor +{ + private static final FreeRadiusFormat format = new FreeRadiusFormat(); + + protected void processRequest(ListenerRequest listenerRequest) throws IOException, RadiusException + { + FreeRadiusRequest request = (FreeRadiusRequest)listenerRequest.getRequestEvent(); + try + { + request.setApplicationContext(getApplicationContext()); + request.setReturnValue(runPacketHandlers(request)); + } + catch (Throwable th) + { + request.setReturnValue(JRadiusServer.RLM_MODULE_FAIL); + th.printStackTrace(); + } + writeResponse(request, listenerRequest.getOutputStream()); + } + + public void writeResponse(JRadiusRequest request, OutputStream outputStream) throws IOException, RadiusException + { + ByteArrayOutputStream outBytes = new ByteArrayOutputStream(); + DataOutputStream out = new DataOutputStream(outBytes); + + if (Configuration.isDebug()) + request.printDebugInfo(System.out); + + RadiusPacket[] rp = request.getPackets(); + int packetCount = rp.length; + + RadiusFormat.writeUnsignedByte(out, request.getReturnValue()); + RadiusFormat.writeUnsignedByte(out, packetCount); + + for (int i=0; i < rp.length; i++) + { + out.write(format.packPacket(rp[i], null)); + } + + byte[] bConfigItems = format.packAttributeList(request.getConfigItems()); + RadiusFormat.writeUnsignedInt(out, bConfigItems.length); + out.write(bConfigItems); + out.close(); + outputStream.write(outBytes.toByteArray()); + outputStream.flush(); + } + + protected void logReturnCode(int result, JRCommand handler) + { + switch (result) + { + case JRadiusServer.RLM_MODULE_INVALID: + case JRadiusServer.RLM_MODULE_NOTFOUND: + case JRadiusServer.RLM_MODULE_FAIL: + RadiusLog.error("Error: Packet handler returned " + JRadiusServer.resultCodeToString(result) + + ". Stopped handling this packet."); + break; + case JRadiusServer.RLM_MODULE_HANDLED: + case JRadiusServer.RLM_MODULE_REJECT: + RadiusLog.info("Packet handler returned " + JRadiusServer.resultCodeToString(result) + + ". Stopped handling this packet."); + break; + case JRadiusServer.RLM_MODULE_OK: + case JRadiusServer.RLM_MODULE_NOOP: + case JRadiusServer.RLM_MODULE_UPDATED: + case JRadiusServer.RLM_MODULE_NUMCODES: + case JRadiusServer.RLM_MODULE_USERLOCK: + default: + RadiusLog.debug("Packet handler " + handler.getName() + " returned " + + JRadiusServer.resultCodeToString(result) + ". Continue handling this packet."); + } + } +} diff --git a/core/src/main/java/net/jradius/freeradius/FreeRadiusRequest.java b/core/src/main/java/net/jradius/freeradius/FreeRadiusRequest.java new file mode 100644 index 0000000..296853a --- /dev/null +++ b/core/src/main/java/net/jradius/freeradius/FreeRadiusRequest.java @@ -0,0 +1,125 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.freeradius; + +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; + + +/** + * A FreeRADIUS Server Request + * + * @author David Bird + */ +public class FreeRadiusRequest extends JRadiusRequest +{ + private int type; + private RadiusPacket packets[]; + private AttributeList configItems; + private int returnValue = JRadiusServer.RLM_MODULE_UPDATED; + + /** + * @return the "config_items" of the request (FreeRADIUS "control" + * attributes) + */ + public AttributeList getConfigItems() + { + return configItems; + } + + /** + * @return the request packet array + */ + public RadiusPacket[] getPackets() + { + return packets; + } + + /** + * @return the request type + */ + public int getType() + { + return type; + } + + /** + * @return Returns the returnValue. + */ + public int getReturnValue() + { + return returnValue; + } + + /** + * Set the "config_items" of the request (FreeRADIUS "control" + * attributes) + * @param configItems + */ + public void setConfigItems(AttributeList configItems) + { + this.configItems = configItems; + } + + /** + * Set the packet array of the request + * @param packets + */ + public void setPackets(RadiusPacket[] packets) + { + this.packets = packets; + } + + /** + * Set the type of the request + * @param type + */ + public void setType(int type) + { + this.type = type; + } + + /** + * @param returnValue The returnValue to set. + */ + public void setReturnValue(int returnValue) + { + this.returnValue = returnValue; + } + + public String getTypeString() + { + switch(getType()) + { + case JRadiusServer.JRADIUS_authenticate: return "authenticate"; + case JRadiusServer.JRADIUS_authorize: return "authorize"; + case JRadiusServer.JRADIUS_preacct: return "preacct"; + case JRadiusServer.JRADIUS_accounting: return "accounting"; + case JRadiusServer.JRADIUS_checksimul: return "checksimul"; + case JRadiusServer.JRADIUS_pre_proxy: return "pre_proxy"; + case JRadiusServer.JRADIUS_post_proxy: return "post_proxy"; + case JRadiusServer.JRADIUS_post_auth: return "post_auth"; + default: return "UNKNOWN"; + } + } +} diff --git a/core/src/main/java/net/jradius/freeradius/RadiusDictionary.java b/core/src/main/java/net/jradius/freeradius/RadiusDictionary.java new file mode 100644 index 0000000..98b111f --- /dev/null +++ b/core/src/main/java/net/jradius/freeradius/RadiusDictionary.java @@ -0,0 +1,693 @@ +/** + * RadiusDictionary (for FreeRADIUS) + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.freeradius; + +import java.io.BufferedReader; +import java.io.File; +import java.io.FileReader; +import java.io.FileWriter; +import java.io.IOException; +import java.io.PrintWriter; +import java.io.Reader; +import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.LinkedList; +import java.util.Map; + +/** + * JRadius Dictionary builder for FreeRADIUS + *

+ * See the comments for the main method for how to build a dictionary + * library. + * + * @author David Bird + */ +public class RadiusDictionary +{ + private static final String ppkg = "net.jradius.packet.attribute"; + private boolean haveSeenJRadius = false; + private final String bpkg; + private final String sdir; + private final String ddir; + + private static String defaultJRadiusDictionary = // trying to make it look nice p;) + "VENDOR\t" + "JRadius\t" + "19211\n" + + "ATTRIBUTE\t" + "JRadius-Request-Id\t" + "1\t" + "string\t" + "JRadius\n" + + "ATTRIBUTE\t" + "JRadius-Session-Id\t" + "2\t" + "string\t" + "JRadius\n" + + "ATTRIBUTE\t" + "JRadius-Proxy-Client\t" + "3\t" + "octets\t" + "JRadius\n"; + + private static String fileHeader = + "// DO NOT EDIT THIS FILE DIRECTLY! - AUTOMATICALLY GENERATED\n" + + "// Generated by: " + RadiusDictionary.class.toString() + "\n" + + "// Generated on: " + new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss Z").format(Calendar.getInstance().getTime()) + "\n"; + + private LinkedHashMap attrMap = new LinkedHashMap(); + private LinkedHashMap vendorMap = new LinkedHashMap(); + private LinkedList seenNames = new LinkedList(); + private String cVendor = null; + + class AttrDesc + { + public String name; + public String num; + public String type; + public String extra; + public String vendor; + public LinkedHashMap values = null; + public AttrDesc(String n, String m, String t, String e, String v) + { + name = n; num = m; type = t; extra = e; vendor = v; + } + } + + class AttrValueDesc + { + public LinkedList names = new LinkedList(); + public String num; + public AttrValueDesc(String n, String m) + { + num = m; + names.add(n); + } + public void addName(String n) + { + for (Iterator i=names.iterator(); i.hasNext(); ) + if (i.next().equals(n)) + return; + names.add(n); + } + } + + class VendorDesc + { + public String name; + public String num; + public String pkg; + public LinkedHashMap attrMap = new LinkedHashMap(); + public VendorDesc(String n, String m, String p) + { + name = n; num = m; pkg = p; + } + } + + public RadiusDictionary(Reader in, String pkgName, String dictDir, String srcDir) throws IOException + { + bpkg = pkgName; + ddir = dictDir; + sdir = srcDir; + readFile(new BufferedReader(in)); + if (!haveSeenJRadius) + { + try + { + readFile(new BufferedReader(new FileReader(dictDir + "/" + "dictionary.jradius"))); + } + catch(Exception e) + { + System.err.println("WARNING!! You have not included the JRadius Dictionary (dictionary.jradius)"); + } + } + } + + public RadiusDictionary(String fileName, String pkgName, String dictDir, String srcDir) throws IOException + { + this(new FileReader(dictDir + "/" + fileName), pkgName, dictDir, srcDir); + } + + public void readFile(BufferedReader in) throws IOException + { + String line; + while ((line = in.readLine()) != null) + { + line = line.trim(); + String upperLine = line.toUpperCase(); + if (upperLine.startsWith("#")) continue; + if (upperLine.startsWith("$INCLUDE")) + { + String parts[] = line.split("[\t ]+"); + String file = parts[1]; + if ("dictionary.jradius".equals(file)) haveSeenJRadius = true; + System.err.println("Including file: " + file); + readFile(new BufferedReader(new FileReader(ddir + "/" + file))); + } + else if (upperLine.startsWith("BEGIN-VENDOR")) + { + String parts[] = line.split("[\t ]+"); + cVendor = parts[1]; + } + else if (upperLine.startsWith("END-VENDOR")) + { + cVendor = null; + } + else if (upperLine.startsWith("ATTRIBUTE")) + { + String parts[] = line.split("[\t ]+"); + String attrName = null; + String attrNum = null; + String attrType = null; + String attrExtra = null; + String attrVendor = null; + VendorDesc vdesc = null; + for (int i = 1; i < parts.length; i++) + { + String p = parts[i].trim(); + if (p.length() == 0) continue; + if (attrName == null) attrName = p; + else if (attrNum == null) attrNum = p; + else if (attrType == null) attrType = p; + else + { + if ((vdesc = (VendorDesc)vendorMap.get(p)) != null) + attrVendor = p; + else + attrExtra = p; + } + } + + if (attrName != null && attrNum != null && attrType != null && !seenNames.contains(attrName.toLowerCase())) + { + Map map = attrMap; + if (attrVendor == null && cVendor != null) + { + attrVendor = cVendor; + vdesc = (VendorDesc)vendorMap.get(cVendor); + } + if (vdesc != null) + { + map = vdesc.attrMap; + } + map.put(attrName, new AttrDesc(attrName, attrNum, attrType, attrExtra, attrVendor)); + //System.err.println(line); + seenNames.add(attrName.toLowerCase()); + } + } + else if (upperLine.startsWith("VALUE")) + { + String parts[] = line.split("[\t ]+"); + String attrName = null; + String attrValueName = null; + String attrValueNum = null; + for (int i = 1; i < parts.length; i++) + { + String p = parts[i].trim(); + if (p.length() == 0) continue; + if (attrName == null) attrName = p; + else if (attrValueName == null) attrValueName = p; + else if (attrValueNum == null) attrValueNum = p; + } + if (attrName != null && attrValueNum != null && attrValueName != null) + { + AttrDesc desc = (AttrDesc)attrMap.get(attrName); + if (desc == null && cVendor != null) + { + VendorDesc vendorDesc = (VendorDesc)vendorMap.get(cVendor); + desc = (AttrDesc)vendorDesc.attrMap.get(attrName); + } + if (desc != null) + { + AttrValueDesc avd; + if (desc.values == null) desc.values = new LinkedHashMap(); + if ((avd = (AttrValueDesc)desc.values.get(attrValueNum)) == null) + desc.values.put(attrValueNum, new AttrValueDesc(attrValueName, attrValueNum)); + else + avd.addName(attrValueName); + } + } + } + else if (upperLine.startsWith("VENDOR")) + { + String parts[] = line.split("[\t ]+"); + String vendorName = null; + String vendorNum = null; + String vendorPkg = null; + for (int i = 1; i < parts.length; i++) + { + String p = parts[i].trim(); + if (p.length() == 0) continue; + if (vendorName == null) vendorName = p; + else if (vendorNum == null) vendorNum = p; + } + if (vendorName != null && vendorNum != null) + { + String vendor = "vsa_" + vendorName.toLowerCase().replaceAll("-","."); + vendorPkg = bpkg + "." + vendor; + + vendorMap.put(vendorName, new VendorDesc(vendorName, vendorNum, vendorPkg)); + //System.err.println(line); + } + } + } + return; + } + + public void writeAttrMap(Map map, String pkg, String vName, String cName, boolean withVendors) + { + String dir = sdir + "/" + pkg.replaceAll("\\.","/"); + Iterator iter = map.values().iterator(); + String dictFile = dir + "/" + cName + ".java"; + PrintWriter dict = null; + + StringBuffer loadAttributes = new StringBuffer(); + StringBuffer loadAttributesNames = new StringBuffer(); + + (new File(dir)).mkdirs(); + + try + { + dict = new PrintWriter(new FileWriter(dictFile)); + dict.println(fileHeader); + dict.println("package " + pkg + ";"); + dict.println(""); + dict.println("import java.util.Map;"); + dict.println(""); + if (withVendors) + { + dict.println("import net.jradius.packet.attribute.AttributeDictionary;"); + } + else + { + dict.println("import net.jradius.packet.attribute.VSADictionary;"); + } + dict.println(""); + dict.println("/**"); + dict.println(" * Dictionary for package " + pkg); + dict.println(" * @author " + RadiusDictionary.class.toString()); + dict.println(" */"); + dict.print("public class " + cName); + if (withVendors) + { + dict.print(" implements AttributeDictionary"); + } + else + { + dict.print(" implements VSADictionary"); + } + dict.println("\n{"); + if (withVendors) + { + dict.println(" public void loadVendorCodes(Map map)"); + dict.println(" {"); + Iterator iter2 = vendorMap.values().iterator(); + while (iter2.hasNext()) + { + VendorDesc vdesc = (VendorDesc)iter2.next(); + dict.println(" map.put(new Long(" + vdesc.num + "L), " + vdesc.pkg + ".VSADictionaryImpl.class);"); + } + dict.println(" }"); + dict.println(""); + } + else + { + dict.println(" public String getVendorName() { return \"" + vName + "\"; }\n"); + } + } + catch (Exception e) + { + e.printStackTrace(); + } + + loadAttributes.append(" public void loadAttributes(Map map)\n"); + loadAttributes.append(" {\n"); + + loadAttributesNames.append(" public void loadAttributesNames(Map map)\n"); + loadAttributesNames.append(" {\n"); + + while (iter.hasNext()) + { + AttrDesc desc = (AttrDesc)iter.next(); + StringBuffer fileSB = new StringBuffer(dir); + String interfaceName = ""; + String pkgPath = pkg; + + if (withVendors && desc.vendor != null) + { + String vendor = "vsa_" + desc.vendor.toLowerCase().replaceAll("-","."); + fileSB.append("/").append(vendor.replaceAll("\\.", "/")); + pkgPath += "." + vendor; + } + + String className = "Attr_" + clean(desc.name); + String parentName = "RadiusAttribute"; + if (!withVendors) parentName = "VSAttribute"; + String valueClass = "OctetsValue"; + String valueArgs = ""; + String extraImport = null; + String extraUtils = null; + int integerLength = 4; + + (new File(fileSB.toString())).mkdirs(); + + fileSB.append("/").append(className).append(".java"); + + String file = fileSB.toString(); + + if (desc.type.startsWith("string")) + { + if (desc.extra != null && "encrypt=1".equals(desc.extra)) + { + valueClass = "EncryptedStringValue"; + } + else + { + valueClass = "StringValue"; + } + } + if (desc.type.startsWith("integer")) + { + valueClass = "IntegerValue"; + } + if (desc.type.startsWith("date")) + { + valueClass = "DateValue"; + extraUtils = "import java.util.Date;\n"; + } + if (desc.type.startsWith("ipaddr")) + { + valueClass = "IPAddrValue"; + extraUtils = "import java.net.InetAddress;\n"; + } + if (desc.type.startsWith("ipv6addr")) + { + valueClass = "IPv6AddrValue"; + extraUtils = "import java.net.InetAddress;\n"; + } + if (desc.type.startsWith("byte")) + { + valueClass = "IntegerValue"; + integerLength = 1; + } + if (desc.type.startsWith("short")) + { + valueClass = "IntegerValue"; + integerLength = 2; + } + if (desc.values != null) + { + valueClass = "NamedValue"; + valueArgs = "map != null ? map : (map = new NamedValueMap())"; + } + if (withVendors && desc.vendor != null) + { + extraImport = valueClass; + valueArgs = "new " + valueClass + "(" + valueArgs + ")"; + valueClass = "VSAValue"; + } + try + { + PrintWriter writer = new PrintWriter(new FileWriter(file)); + writer.println(fileHeader); + writer.println("package " + pkgPath + ";"); + writer.println(""); + writer.println("import java.io.Serializable;"); + if (desc.values != null) + { + writer.println("import java.util.LinkedHashMap;"); + writer.println("import java.util.Map;"); + writer.println(""); + } + if (extraUtils != null) + { + writer.println(extraUtils); + writer.println(""); + } + writer.println("import " + ppkg + "." + parentName + ";"); + writer.println("import " + ppkg + ".value." + valueClass + ";"); + if (desc.values != null && integerLength < 4) + writer.println("import " + ppkg + ".value.IntegerValue;"); + if (extraImport != null) + { + writer.println("import net.jradius.packet.attribute.value." + extraImport + ";"); + } + writer.println(""); + writer.println("/**"); + writer.println(" * Attribute Name: " + desc.name + "
"); + if (withVendors) + { + writer.print(" * Attribute Type: " + desc.num); + if (parseInt(desc.num) > 255) + { + writer.print(" (FreeRADIUS Internal Attribute)
"); + } + writer.println("
"); + } + else + { + writer.println(" * Attribute Type: 26
"); + writer.println(" * Vendor Id: " + ((VendorDesc)vendorMap.get(desc.vendor)).num + "
"); + writer.println(" * VSA Type: " + desc.num + "
"); + } + writer.println(" * Value Type: " + valueClass + "
"); + if (desc.values != null) + { + writer.println(" * Possible Values:
"); + writer.println(" *

    "); + Iterator iter2 = desc.values.values().iterator(); + while (iter2.hasNext()) + { + AttrValueDesc vdesc = (AttrValueDesc)iter2.next(); + for (Iterator i = vdesc.names.iterator(); i.hasNext(); ) + writer.println(" *
  • " + i.next() + " (" + vdesc.num + ")"); + } + writer.println(" *
"); + } + writer.println(" *"); + writer.println(" * @author " + RadiusDictionary.class.toString()); + writer.println(" */"); + writer.println("public final class " + className + " extends " + parentName + interfaceName); + writer.println("{"); + writer.println(" public static final String NAME = \"" + desc.name + "\";"); + + String attributeType = desc.num; + + if (withVendors) + { + writer.println(" public static final long TYPE = " + desc.num + ";"); + } + else + { + attributeType = "26"; + writer.println(" public static final int VENDOR_ID = " + ((VendorDesc)vendorMap.get(desc.vendor)).num + ";"); + writer.println(" public static final int VSA_TYPE = " + desc.num + ";"); + writer.println(" public static final long TYPE = ((VENDOR_ID & 0xFFFF) << 16) | VSA_TYPE;"); + } + writer.println(""); + writer.println(" public static final long serialVersionUID = TYPE;"); + writer.println(""); + if (desc.values != null) + { + Iterator iter2 = desc.values.values().iterator(); + Map names = new LinkedHashMap(); + while (iter2.hasNext()) + { + AttrValueDesc vdesc = (AttrValueDesc)iter2.next(); + for (Iterator i = vdesc.names.iterator(); i.hasNext(); ) + { + String name = clean((String)i.next()); + if (names.get(name) == null) + { + names.put(name, name); + writer.println(" public static final Long " + name + " = new Long(" + vdesc.num + "L);"); + } + } + } + + writer.println(""); + writer.println(" protected class NamedValueMap implements NamedValue.NamedValueMap"); + writer.println(" {"); + + iter2 = desc.values.values().iterator(); + String pvalues=" "; + while (iter2.hasNext()) + { + AttrValueDesc vdesc = (AttrValueDesc)iter2.next(); + pvalues+="new Long("+vdesc.num+"L),"; + } + writer.println(" public Long[] knownValues = {"+pvalues.substring(0, pvalues.length()-1)+"};"); + writer.println(""); + writer.println(" public Long[] getKnownValues() { return knownValues; }"); + writer.println(""); + writer.println(" public Long getNamedValue(String name)"); + writer.println(" {"); + + iter2 = desc.values.values().iterator(); + while (iter2.hasNext()) + { + AttrValueDesc vdesc = (AttrValueDesc)iter2.next(); + for (Iterator i = vdesc.names.iterator(); i.hasNext(); ) + { + String name = (String)i.next(); + writer.println(" if (\""+name+"\".equals(name)) return new Long("+vdesc.num+"L);"); + } + } + writer.println(" return null;"); + writer.println(" }"); + + writer.println(""); + writer.println(" public String getNamedValue(Long value)"); + writer.println(" {"); + iter2 = desc.values.values().iterator(); + while (iter2.hasNext()) + { + AttrValueDesc vdesc = (AttrValueDesc)iter2.next(); + Iterator i = vdesc.names.iterator(); + if (i != null && i.hasNext()) + { + // The last one defined is the one used for number to String lookups! + String name = (String)i.next(); + writer.println(" if (new Long(" + vdesc.num + "L).equals(value)) return \""+name+"\";"); + } + } + writer.println(" return null;"); + writer.println(" }"); + writer.println(" };"); + writer.println(""); + writer.println(" public static NamedValueMap map = null;"); + } + + writer.println(" public void setup()"); + writer.println(" {"); + writer.println(" attributeName = NAME;"); + writer.println(" attributeType = " + attributeType + ";"); + if (!withVendors) + { + writer.println(" vendorId = VENDOR_ID;"); + writer.println(" vsaAttributeType = VSA_TYPE;"); + } + writer.println(" attributeValue = new " + valueClass + "(" + valueArgs + ");"); + if (integerLength < 4) + writer.println(" ((IntegerValue)attributeValue).setLength("+integerLength+");"); + writer.println(" }"); + writer.println(""); + writer.println(" public " + className + "()"); + writer.println(" {"); + writer.println(" setup();"); + writer.println(" }"); + writer.println(""); + writer.println(" public " + className + "(Serializable o)"); + writer.println(" {"); + writer.println(" setup(o);"); + writer.println(" }"); + /*if (desc.values != null) + { + writer.println(""); + writer.println(" public static Map getValueMap()"); + writer.println(" {"); + writer.println(" return valueMap;"); + writer.println(" }"); + }*/ + writer.println("}"); + writer.close(); + if (!withVendors || desc.vendor == null) + { + loadAttributes.append(" map.put(new Long(" + desc.num + "L), " + className + ".class);\n"); + loadAttributesNames.append(" map.put(\"" + desc.name + "\", " + className + ".class);\n"); + } + } + catch (Exception e) + { + e.printStackTrace(); + } + System.err.println(desc.name); + } + + loadAttributes.append(" }\n"); + loadAttributesNames.append(" }\n"); + + dict.println(loadAttributes.toString()); + dict.print(loadAttributesNames.toString()); + + try + { + dict.println("}"); + dict.close(); + } + catch (Exception e) + { + e.printStackTrace(); + } + if (withVendors) + { + Iterator iter2 = vendorMap.values().iterator(); + while (iter2.hasNext()) + { + VendorDesc vdesc = (VendorDesc)iter2.next(); + writeAttrMap(vdesc.attrMap, vdesc.pkg, vdesc.name, "VSADictionaryImpl", false); + } + } + } + + public int parseInt(String s) + { + if (s.startsWith("0x")) + return Integer.parseInt(s.substring(2), 16); + + return Integer.parseInt(s); + } + + public void writeJavaClasses() + { + writeAttrMap(attrMap, bpkg, null, "AttributeDictionaryImpl", true); + } + + private String clean(String s) + { + s = s.replaceAll("-", "_"); + s = s.replaceAll("[^a-zA-Z0-9]+", ""); + if (Character.isDigit(s.charAt(0))) + s = "_" + s; + return s; + } + + /** + * Main method of the dictionary builder. Requires 3 command line + * arguments: package name, dictionary directory, and java source + * directory. For example (on one line): + *
+ * java net.jradius.freeradius.RadiusDictionary net.jradius.dictionary /path-to-freeradius-dictionary /path-to-java-source-directory + *
+ * + * @param args + */ + public static void main(String[] args) + { + if (args.length != 3) + { + System.err.println("Requires 3 arguments: [package-name] [dictionary-dir] [java-src-dir]"); + System.err.println("\tpackage-name: Name of the Java package to be built (e.g. net.jradius.dictionary)"); + System.err.println("\tdictionary-dir: Directory where the FreeRADIUS 'dictionary' file is"); + System.err.println("\tjava-src--dir: Directory where to write Java classes"); + return; + } + String file = "dictionary"; + String pkg = args[0]; + String dDir = args[1]; + String jDir = args[2]; + try + { + RadiusDictionary d = new RadiusDictionary(file, pkg, dDir, jDir); + d.writeJavaClasses(); + } + catch (Exception e) { e.printStackTrace(); } + } +} diff --git a/core/src/main/java/net/jradius/freeradius/package.html b/core/src/main/java/net/jradius/freeradius/package.html new file mode 100644 index 0000000..6db89ac --- /dev/null +++ b/core/src/main/java/net/jradius/freeradius/package.html @@ -0,0 +1,5 @@ + + +The JRadius/FreeRADIUS Adapter. + + diff --git a/core/src/main/java/net/jradius/handler/EventHandler.java b/core/src/main/java/net/jradius/handler/EventHandler.java new file mode 100644 index 0000000..b57a23f --- /dev/null +++ b/core/src/main/java/net/jradius/handler/EventHandler.java @@ -0,0 +1,39 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler; + +import net.jradius.handler.chain.JRCommand; +import net.jradius.server.JRadiusEvent; + + +/** + * The base abstract class of all Event Handlers (the base of all handles) + * + * @author David Bird + * @author Gert Jan Verhoog + */ +public interface EventHandler extends JRCommand +{ + public boolean handle(JRadiusEvent event) throws Exception; + + public void setName(String name); +} + diff --git a/core/src/main/java/net/jradius/handler/EventHandlerBase.java b/core/src/main/java/net/jradius/handler/EventHandlerBase.java new file mode 100644 index 0000000..0d60b6a --- /dev/null +++ b/core/src/main/java/net/jradius/handler/EventHandlerBase.java @@ -0,0 +1,79 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler; + + +import net.jradius.log.RadiusLog; +import net.jradius.server.JRadiusEvent; +import net.jradius.server.config.ConfigurationItem; +import net.jradius.server.config.HandlerConfigurationItem; + +import org.apache.commons.chain.Context; + +/** + * The base abstract class of all Event Handlers (the base of all handles) + * + * @author David Bird + * @author Gert Jan Verhoog + */ +public abstract class EventHandlerBase implements EventHandler +{ + private String name; + + protected HandlerConfigurationItem config; + + public EventHandlerBase() + { + config = null; + } + + public void setConfig(ConfigurationItem cfg) + { + name = cfg.getName(); + config = (HandlerConfigurationItem)cfg; + } + + public boolean doesHandle(JRadiusEvent event) + { + return (config.handlesSender(event.getSender()) && + config.handlesType(event.getTypeString())); + } + + public abstract boolean handle(JRadiusEvent event) throws Exception; + + public boolean execute(Context context) throws Exception + { + JRadiusEvent event = (JRadiusEvent)context; + RadiusLog.debug("Executing command: " + getName()); + return handle(event); + } + + public String getName() + { + return name; + } + + public void setName(String name) + { + this.name = name; + } +} + diff --git a/core/src/main/java/net/jradius/handler/EventHandlerChain.java b/core/src/main/java/net/jradius/handler/EventHandlerChain.java new file mode 100644 index 0000000..7c57d36 --- /dev/null +++ b/core/src/main/java/net/jradius/handler/EventHandlerChain.java @@ -0,0 +1,123 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler; + + +import net.jradius.handler.chain.JRCommand; +import net.jradius.log.RadiusLog; +import net.jradius.server.JRadiusEvent; +import net.jradius.server.config.ConfigurationItem; + +import org.apache.commons.chain.Catalog; +import org.apache.commons.chain.CatalogFactory; + +/** + * The EventHandlerChain is a simple EventHandler that delegates + * the request to a type specific command within a chain catalog, + * if one is found. In the case of accounting, if the 'accounting' + * chain is not found, accounting status specific chains are tried + * (e.g. acct-start, acct-interim, and acct-stop). + * @author David Bird + */ +public class EventHandlerChain extends EventHandlerBase +{ + private Catalog catalog; + private String catalogName; + + private String onTrue; + private String onFalse; + + public void setConfig(ConfigurationItem cfg) + { + super.setConfig(cfg); + setCatalogName(cfg.getName()); + } + + public boolean handle(JRadiusEvent event) throws Exception + { + return execute(event.getTypeString(), event); + } + + protected boolean execute(String commandName, JRadiusEvent event) throws Exception + { + Catalog catalog = getCatalog(); + if (catalog == null) return true; + if ("true".equalsIgnoreCase(commandName)) return true; + if ("false".equalsIgnoreCase(commandName)) return false; + JRCommand command = (JRCommand)catalog.getCommand(commandName); + return execute(command, event); + } + + protected boolean execute(JRCommand command, JRadiusEvent event) throws Exception + { + if (command == null) return false; + boolean result = command.execute(event); + String onTrue = getOnTrue(); + String onFalse = getOnFalse(); + if (result) { if (onTrue != null) return execute(onTrue, event); } + else { if (onFalse != null) return execute(onFalse, event); } + return result; + } + + public void setOnFalse(String onFalse) + { + this.onFalse = onFalse; + } + + public void setOnTrue(String onTrue) + { + this.onTrue = onTrue; + } + + public String getOnFalse() + { + return onFalse; + } + + public String getOnTrue() + { + return onTrue; + } + + public String getCatalogName() + { + return catalogName; + } + + public void setCatalogName(String catalogName) + { + this.catalogName = catalogName; + } + + public Catalog getCatalog() + { + if (this.catalog == null) + { + CatalogFactory factory = CatalogFactory.getInstance(); + this.catalog = factory.getCatalog(getCatalogName()); + if (this.catalog == null) + { + RadiusLog.error("Unknown catalog named: " + getCatalogName()); + } + } + return this.catalog; + } +} diff --git a/core/src/main/java/net/jradius/handler/PacketHandler.java b/core/src/main/java/net/jradius/handler/PacketHandler.java new file mode 100644 index 0000000..02d05aa --- /dev/null +++ b/core/src/main/java/net/jradius/handler/PacketHandler.java @@ -0,0 +1,41 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler; + +import net.jradius.server.JRadiusRequest; + +/** + * The base abstract class of all Packet Handlers + * + * @author David Bird + * @author Gert Jan Verhoog + */ +public interface PacketHandler extends EventHandler +{ + /** + * Derived classes must implement the handle method + * @param request The JRadiusRequest being processed + * @return Returns true of the command is handled (i.e. break the chain) + * @throws Exception + */ + public boolean handle(JRadiusRequest request) throws Exception; +} + diff --git a/core/src/main/java/net/jradius/handler/PacketHandlerBase.java b/core/src/main/java/net/jradius/handler/PacketHandlerBase.java new file mode 100644 index 0000000..53a111c --- /dev/null +++ b/core/src/main/java/net/jradius/handler/PacketHandlerBase.java @@ -0,0 +1,52 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler; + +import net.jradius.server.JRadiusEvent; +import net.jradius.server.JRadiusRequest; + +/** + * The base abstract class of all Packet Handlers + * + * @author David Bird + * @author Gert Jan Verhoog + */ +public abstract class PacketHandlerBase extends EventHandlerBase +{ + /** + * Derived classes must implement the handle method + * @param request The JRadiusRequest being processed + * @return Returns true of the command is handled (i.e. break the chain) + * @throws Exception + */ + public abstract boolean handle(JRadiusRequest request) throws Exception; + + /** + * Implements the handle(JRadiusEvent) by calling handle(JRadiusRequest) + * @see net.jradius.handler.EventHandler#handle(net.jradius.server.JRadiusEvent) + */ + public boolean handle(JRadiusEvent event) throws Exception + { + JRadiusRequest request = (JRadiusRequest)event; + return handle(request); + } +} + diff --git a/core/src/main/java/net/jradius/handler/PacketHandlerChain.java b/core/src/main/java/net/jradius/handler/PacketHandlerChain.java new file mode 100644 index 0000000..b0d8437 --- /dev/null +++ b/core/src/main/java/net/jradius/handler/PacketHandlerChain.java @@ -0,0 +1,81 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler; + + +import net.jradius.handler.chain.JRCommand; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeDictionary; +import net.jradius.server.JRadiusEvent; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; + +import org.apache.commons.chain.Catalog; + +/** + * The Catalog Handler is a simple PacketHandler that delegates + * the request to a type specific command within a chain catalog, + * if one is found. In the case of accounting, if the 'accounting' + * chain is not found, accounting status specific chains are tried + * (e.g. acct-start, acct-interim, and acct-stop). + * @author David Bird + */ +public class PacketHandlerChain extends EventHandlerChain implements PacketHandler +{ + public boolean handle(JRadiusEvent event) throws Exception + { + return handle((JRadiusRequest)event); + } + + public boolean handle(JRadiusRequest request) throws Exception + { + Catalog catalog = getCatalog(); + if (catalog != null) + { + JRCommand command; + + if (request.getType() == JRadiusServer.JRADIUS_accounting) + { + RadiusPacket req = request.getRequestPacket(); + Long i = (Long) req.getAttributeValue(AttributeDictionary.ACCT_STATUS_TYPE); + if (i != null) + { + String com = "other_accounting"; + switch(i.intValue()) + { + case AccountingRequest.ACCT_STATUS_START: com = "start_accounting"; break; + case AccountingRequest.ACCT_STATUS_STOP: com = "stop_accounting"; break; + case AccountingRequest.ACCT_STATUS_INTERIM: com = "interim_accounting"; break; + case AccountingRequest.ACCT_STATUS_ACCOUNTING_ON: com = "accounting_on"; break; + case AccountingRequest.ACCT_STATUS_ACCOUNTING_OFF: com = "accounting_off"; break; + } + command = (JRCommand)catalog.getCommand(com); + if (command != null) return execute(command, request); + } + } + + command = (JRCommand)catalog.getCommand(request.getTypeString()); + return execute(command, request); + } + return true; + } +} diff --git a/core/src/main/java/net/jradius/handler/chain/JRCatalogBase.java b/core/src/main/java/net/jradius/handler/chain/JRCatalogBase.java new file mode 100644 index 0000000..7ea930d --- /dev/null +++ b/core/src/main/java/net/jradius/handler/chain/JRCatalogBase.java @@ -0,0 +1,34 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.chain; + +import org.apache.commons.chain.impl.CatalogBase; + +/** + * The JRadius CatalogBase for Jakarta Commons Chain + * @author David Bird + */ +public class JRCatalogBase extends CatalogBase +{ + public JRCatalogBase() + { + } +} diff --git a/core/src/main/java/net/jradius/handler/chain/JRChainBase.java b/core/src/main/java/net/jradius/handler/chain/JRChainBase.java new file mode 100644 index 0000000..c6847b7 --- /dev/null +++ b/core/src/main/java/net/jradius/handler/chain/JRChainBase.java @@ -0,0 +1,73 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.chain; + + +import net.jradius.log.RadiusLog; +import net.jradius.server.JRadiusEvent; +import net.jradius.server.config.ConfigurationItem; +import net.jradius.server.config.HandlerConfigurationItem; + +import org.apache.commons.chain.Context; +import org.apache.commons.chain.impl.ChainBase; + +/** + * The JRadius ChainBase for Jakarta Commons Chain + * @author David Bird + */ +public class JRChainBase extends ChainBase implements JRCommand +{ + private String name; + + protected HandlerConfigurationItem config; + + public JRChainBase() + { + } + + public void setName(String name) + { + this.name = name; + } + + public String getName() + { + return name; + } + + public void setConfig(ConfigurationItem cfg) + { + config = (HandlerConfigurationItem)cfg; + } + + public boolean doesHandle(JRadiusEvent event) + { + if (config == null) return true; + return (config.handlesSender(event.getSender()) && + config.handlesType(event.getTypeString())); + } + + public boolean execute(Context context) throws Exception + { + RadiusLog.debug("Executing command: " + getName()); + return super.execute(context); + } +} diff --git a/core/src/main/java/net/jradius/handler/chain/JRCommand.java b/core/src/main/java/net/jradius/handler/chain/JRCommand.java new file mode 100644 index 0000000..3bcf30b --- /dev/null +++ b/core/src/main/java/net/jradius/handler/chain/JRCommand.java @@ -0,0 +1,55 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.chain; + + +import net.jradius.server.JRadiusEvent; +import net.jradius.server.config.ConfigurationItem; + +import org.apache.commons.chain.Command; + +/** + * The JRadius Command Interface for Jakarta Commons Chain. This + * class is the foundation of all handlers within JRadius - which + * can be single command, or chains of commands. + * @author David Bird + */ +public interface JRCommand extends Command +{ + /** + * Set the ConfigurationItem of this handler. All JRadius handlers + * have an associated HandlerConfigurationItem associated with it. + * @param cfg The HandlerConfigurationItem to be set + */ + public void setConfig(ConfigurationItem cfg); + + /** + * Tests whether or not this handler handles the given JRadiusEvent. + * @param event The JRadiusEvent (or JRadiusRequest) to be checked + * @return Returns true if this handler should handle the given event + */ + public boolean doesHandle(JRadiusEvent event); + + /** + * @return Returns the name of the handler (as defined in the configuration) + */ + public String getName(); +} diff --git a/core/src/main/java/net/jradius/handler/chain/JRConfigParser.java b/core/src/main/java/net/jradius/handler/chain/JRConfigParser.java new file mode 100644 index 0000000..0acb96f --- /dev/null +++ b/core/src/main/java/net/jradius/handler/chain/JRConfigParser.java @@ -0,0 +1,40 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.chain; + + +import org.apache.commons.chain.config.ConfigParser; + +/** + * The JRadius ConfigParser for Jakarta Commons Chain + * @author David Bird + */ +public class JRConfigParser extends ConfigParser +{ + /** + * Default constructor that configures the ConfigParser with + * our RuleSet. + */ + public JRConfigParser() + { + setRuleSet(new JRConfigRuleSet()); + } +} diff --git a/core/src/main/java/net/jradius/handler/chain/JRConfigRuleSet.java b/core/src/main/java/net/jradius/handler/chain/JRConfigRuleSet.java new file mode 100644 index 0000000..b9df3ba --- /dev/null +++ b/core/src/main/java/net/jradius/handler/chain/JRConfigRuleSet.java @@ -0,0 +1,40 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.chain; + +import org.apache.commons.chain.config.ConfigRuleSet; + +/** + * The JRadius ConfigRuleSet for Jakarta Commons Chain + * @author David Bird + */ +public class JRConfigRuleSet extends ConfigRuleSet +{ + /** + * Default constructor that configures the ConfigRuleSet with + * our Catalog and Chain classes defined. + */ + public JRConfigRuleSet() + { + setCatalogClass("net.jradius.handler.chain.JRCatalogBase"); + setChainClass("net.jradius.handler.chain.JRChainBase"); + } +} diff --git a/core/src/main/java/net/jradius/handler/chain/package.html b/core/src/main/java/net/jradius/handler/chain/package.html new file mode 100644 index 0000000..67f8f82 --- /dev/null +++ b/core/src/main/java/net/jradius/handler/chain/package.html @@ -0,0 +1,5 @@ + + +JRadius Handler Chaining using the Apache Jakarta Commons Chain API. + + diff --git a/core/src/main/java/net/jradius/handler/package.html b/core/src/main/java/net/jradius/handler/package.html new file mode 100644 index 0000000..61148d3 --- /dev/null +++ b/core/src/main/java/net/jradius/handler/package.html @@ -0,0 +1,5 @@ + + +JRadius Packet and Event Handler Interfaces and Handlers. + + diff --git a/core/src/main/java/net/jradius/impl/JRadiusManagerImpl.java b/core/src/main/java/net/jradius/impl/JRadiusManagerImpl.java new file mode 100644 index 0000000..bd510c5 --- /dev/null +++ b/core/src/main/java/net/jradius/impl/JRadiusManagerImpl.java @@ -0,0 +1,76 @@ +package net.jradius.impl; + +import net.jradius.JRadiusManager; +import net.jradius.server.EventDispatcher; +import net.jradius.server.JRadiusServer; +import net.jradius.server.config.Configuration; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.beans.BeansException; +import org.springframework.beans.factory.BeanFactory; +import org.springframework.beans.factory.BeanFactoryAware; +import org.springframework.beans.factory.DisposableBean; +import org.springframework.beans.factory.InitializingBean; + +public class JRadiusManagerImpl implements InitializingBean, BeanFactoryAware, DisposableBean, JRadiusManager +{ + protected final Log log = LogFactory.getLog(getClass()); + private EventDispatcher eventDispatcher; + private BeanFactory beanFactory; + private JRadiusServer jRadiusServer; + private String configFile; + + public void start() + { + jRadiusServer.start(); + } + + public void stop() + { + jRadiusServer.stop(); + } + + public void afterPropertiesSet() throws Exception + { + Configuration.initialize(Thread.currentThread().getContextClassLoader().getResourceAsStream(getConfigFile()), beanFactory); + + if (jRadiusServer == null) + { + jRadiusServer = new JRadiusServer(eventDispatcher); + jRadiusServer.afterPropertiesSet(); + } + + jRadiusServer.start(); + } + + public void setBeanFactory(BeanFactory beanFactory) throws BeansException + { + this.beanFactory = beanFactory; + } + + public String getConfigFile() + { + return configFile; + } + + public void setConfigFile(String configFile) + { + this.configFile = configFile; + } + + public void destroy() throws Exception + { + stop(); + } + + public void setJRadiusServer(JRadiusServer radiusServer) + { + jRadiusServer = radiusServer; + } + + public void setEventDispatcher(EventDispatcher eventDispatcher) { + this.eventDispatcher = eventDispatcher; + } + +} diff --git a/core/src/main/java/net/jradius/log/BaseRadiusLog.java b/core/src/main/java/net/jradius/log/BaseRadiusLog.java new file mode 100644 index 0000000..eaa7e17 --- /dev/null +++ b/core/src/main/java/net/jradius/log/BaseRadiusLog.java @@ -0,0 +1,109 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.log; + + +import net.jradius.exception.RadiusException; +import net.jradius.server.JRadiusRequest; +import net.jradius.session.JRadiusSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * The minimal default RadiusLogger. + * @author David Bird + */ +public class BaseRadiusLog implements RadiusLogger +{ + private Log log = LogFactory.getLog(getClass()); + + public void debug(Object o) + { + log.debug(o); + } + + public void info(Object o) + { + log.info(o); + } + + public void warn(Object o) + { + log.warn(o); + } + + public void error(Object o) + { + log.error(o); + } + + public String problemReport(JRadiusRequest request, JRadiusSession session, RadiusException exception, String mesg) + { + StringBuffer sb = new StringBuffer(); + if (mesg != null) + { + sb.append("Problem: ").append(mesg).append("\n\n"); + } + if (request != null) + { + sb.append("-----------------------------------------------------------\n") + .append("JRadiusRequest: ").append(request.toString()).append("\n") + .append("-----------------------------------------------------------\n"); + try + { + sb.append("RADIUS Request:\n") + .append("-----------------------------------------------------------\n") + .append(request.getRequestPacket().toString()) + .append("-----------------------------------------------------------\n") + .append("RADIUS Reply:\n") + .append("-----------------------------------------------------------\n") + .append(request.getReplyPacket().toString()) + .append("-----------------------------------------------------------\n") + .append("\n\n"); + } + catch (RadiusException e) {} + } + if (session != null) + { + sb.append("-----------------------------------------------------------\n") + .append("RadiusSession:\n") + .append("-----------------------------------------------------------\n") + .append(session.toString()) + .append("\n\n"); + } + if (exception != null) + { + sb.append("-----------------------------------------------------------\n") + .append("RadiusException:\n") + .append("-----------------------------------------------------------\n") + .append(exception.toString()) + .append("\n\n"); + } + return sb.toString(); + } + + + public void problem(JRadiusRequest request, JRadiusSession session, RadiusException exception, String mesg) + { + log.error(problemReport(request, session, exception, mesg)); + } +} diff --git a/core/src/main/java/net/jradius/log/JRadiusLogEntry.java b/core/src/main/java/net/jradius/log/JRadiusLogEntry.java new file mode 100644 index 0000000..e1c0138 --- /dev/null +++ b/core/src/main/java/net/jradius/log/JRadiusLogEntry.java @@ -0,0 +1,60 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.log; + +import java.util.Date; + +import net.jradius.exception.RadiusException; +import net.jradius.server.JRadiusRequest; +import net.jradius.session.JRadiusSession; + + + +/** + * The JRadius Log Entry Object (bean). + * @author David Bird + */ +public interface JRadiusLogEntry +{ + public void init(JRadiusRequest request, JRadiusSession session) throws RadiusException; + + public void setType(String type); + public void setCode(Integer code); + public void setLastUpdate(Date lastUpdate); + public Date getLastUpdate(); + public void addMessage(String message); + + public boolean isFinished(); + public boolean isCommitted(); + public void setCommitted(boolean committed); + + public String getInboundRequest(); + public void setInboundRequest(String string); + + public String getInboundReply(); + public void setInboundReply(String string); + + public String getOutboundRequest(); + public void setOutboundRequest(String string); + + public String getOutboundReply(); + public void setOutboundReply(String string); +} diff --git a/core/src/main/java/net/jradius/log/RadiusLog.java b/core/src/main/java/net/jradius/log/RadiusLog.java new file mode 100644 index 0000000..b2d5aac --- /dev/null +++ b/core/src/main/java/net/jradius/log/RadiusLog.java @@ -0,0 +1,76 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.log; + +import net.jradius.exception.RadiusException; +import net.jradius.server.JRadiusRequest; +import net.jradius.session.JRadiusSession; + + +/** + * JRadius Server Logger Class. + * @author David Bird + */ +public final class RadiusLog +{ + private static RadiusLogger radiusLogger = new BaseRadiusLog(); + + public static void debug(Object o) + { + radiusLogger.debug(o); + } + + public static void info(Object o) + { + radiusLogger.info(o); + } + + public static void warn(Object o) + { + radiusLogger.warn(o); + } + + public static void error(Object o) + { + radiusLogger.error(o); + } + + public static void problem(JRadiusRequest request, JRadiusSession session, RadiusException exception, String mesg) + { + radiusLogger.problem(request, session, exception, mesg); + } + + /** + * @return Returns the radiusLogger. + */ + public static RadiusLogger getRadiusLogger() + { + return radiusLogger; + } + + /** + * @param radiusLogger The radiusLogger to set. + */ + public static void setRadiusLogger(RadiusLogger radiusLogger) + { + RadiusLog.radiusLogger = radiusLogger; + } +} diff --git a/core/src/main/java/net/jradius/log/RadiusLogger.java b/core/src/main/java/net/jradius/log/RadiusLogger.java new file mode 100644 index 0000000..2121ab5 --- /dev/null +++ b/core/src/main/java/net/jradius/log/RadiusLogger.java @@ -0,0 +1,43 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.log; + +import net.jradius.exception.RadiusException; +import net.jradius.server.JRadiusRequest; +import net.jradius.session.JRadiusSession; + + +/** + * JRadius RadiusLogger Interface. + * @author David Bird + */ +public interface RadiusLogger +{ + public void debug(Object o); + + public void info(Object o); + + public void warn(Object o); + + public void error(Object o); + + public void problem(JRadiusRequest request, JRadiusSession session, RadiusException ex, String mesg); +} diff --git a/core/src/main/java/net/jradius/log/RadiusUsageLogger.java b/core/src/main/java/net/jradius/log/RadiusUsageLogger.java new file mode 100644 index 0000000..2b808de --- /dev/null +++ b/core/src/main/java/net/jradius/log/RadiusUsageLogger.java @@ -0,0 +1,32 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.log; + +import net.jradius.session.JRadiusSession; + +/** + * Interface for Logging Usage Records. + * @author David Bird + */ +public interface RadiusUsageLogger +{ + public void logSessionUsage(JRadiusSession radiusSession); +} diff --git a/core/src/main/java/net/jradius/log/package.html b/core/src/main/java/net/jradius/log/package.html new file mode 100644 index 0000000..a49aae8 --- /dev/null +++ b/core/src/main/java/net/jradius/log/package.html @@ -0,0 +1,5 @@ + + +Interfaces and Utilities for JRadius Request and Event Logging. + + diff --git a/core/src/main/java/net/jradius/packet/AccessAccept.java b/core/src/main/java/net/jradius/packet/AccessAccept.java new file mode 100644 index 0000000..ef3b9f8 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/AccessAccept.java @@ -0,0 +1,47 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import net.jradius.packet.attribute.AttributeList; + +/** + * The RADIUS Access-Accept Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class AccessAccept extends RadiusResponse +{ + public static final byte CODE = (byte)2; + private static final long serialVersionUID = (long)CODE; + + public AccessAccept() + { + code = CODE; + } + + public AccessAccept(int id, AttributeList attributes) + { + super(id, attributes); + code = CODE; + } + +} diff --git a/core/src/main/java/net/jradius/packet/AccessChallenge.java b/core/src/main/java/net/jradius/packet/AccessChallenge.java new file mode 100644 index 0000000..94768af --- /dev/null +++ b/core/src/main/java/net/jradius/packet/AccessChallenge.java @@ -0,0 +1,47 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import net.jradius.packet.attribute.AttributeList; + +/** + * The RADIUS Access-Challenge Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class AccessChallenge extends RadiusResponse +{ + public static final byte CODE = (byte)11; + private static final long serialVersionUID = (long)CODE; + + public AccessChallenge() + { + code = CODE; + } + + public AccessChallenge(int id, AttributeList attributes) + { + super(id, attributes); + code = CODE; + } + +} diff --git a/core/src/main/java/net/jradius/packet/AccessReject.java b/core/src/main/java/net/jradius/packet/AccessReject.java new file mode 100644 index 0000000..64853b1 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/AccessReject.java @@ -0,0 +1,46 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import net.jradius.packet.attribute.AttributeList; + +/** + * The RADIUS Access-Reject Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class AccessReject extends RadiusResponse +{ + public static final byte CODE = (byte)3; + private static final long serialVersionUID = (long)CODE; + + public AccessReject() + { + code = CODE; + } + + public AccessReject(int id, AttributeList attributes) + { + super(id, attributes); + code = CODE; + } + } diff --git a/core/src/main/java/net/jradius/packet/AccessRequest.java b/core/src/main/java/net/jradius/packet/AccessRequest.java new file mode 100644 index 0000000..e06c1b0 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/AccessRequest.java @@ -0,0 +1,80 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import java.util.Arrays; + +import net.jradius.client.RadiusClient; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.util.RadiusUtils; + + + +/** + * The RADIUS Access-Request Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class AccessRequest extends RadiusRequest +{ + public static final byte CODE = (byte)1; + private static final long serialVersionUID = (long)CODE; + + public AccessRequest() + { + code = CODE; + } + + public AccessRequest(RadiusClient client) + { + super(client); + code = CODE; + } + + public AccessRequest(AttributeList attributes) + { + super(attributes); + code = CODE; + } + + public AccessRequest(RadiusClient client, AttributeList attributes) + { + super(client, attributes); + code = CODE; + } + + /** + * Creates an Access-Request Authenticator + * @see net.jradius.packet.RadiusPacket#createAuthenticator(byte[]) + */ + public byte[] createAuthenticator(byte[] attributes, String sharedSecret) + { + authenticator = RadiusUtils.makeRFC2865RequestAuthenticator(sharedSecret); + return authenticator; + } + + public boolean verifyAuthenticator(String sharedSecret) { + byte[] authenticator = RadiusUtils.makeRFC2865RequestAuthenticator(sharedSecret); + return Arrays.equals(this.authenticator, authenticator); + } + +} diff --git a/core/src/main/java/net/jradius/packet/AccountingRequest.java b/core/src/main/java/net/jradius/packet/AccountingRequest.java new file mode 100644 index 0000000..47a4988 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/AccountingRequest.java @@ -0,0 +1,116 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import net.jradius.client.RadiusClient; +import net.jradius.packet.attribute.AttributeDictionary; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.packet.attribute.value.NamedValue; +import net.jradius.util.RadiusUtils; + + + +/** + * The RADIUS Accounting-Request Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class AccountingRequest extends RadiusRequest +{ + public static final byte CODE = (byte)4; + private static final long serialVersionUID = (long)CODE; + + /** + * Default constructor + */ + public AccountingRequest() + { + code = CODE; + } + + /** + * Constructor + * @param client The client context to be used (when creating UDP packets) + */ + public AccountingRequest(RadiusClient client) + { + super(client); + code = CODE; + } + + /** + * Constructor + * @param attributes The attribute list to be used + */ + public AccountingRequest(AttributeList attributes) + { + super(attributes); + code = CODE; + } + + /** + * Constructor + * @param client The client context to be used (when creating UDP packets) + * @param attributes The attribute list to be used + */ + public AccountingRequest(RadiusClient client, AttributeList attributes) + { + super(client, attributes); + code = CODE; + } + + public static final int ACCT_STATUS_START = 1; + public static final int ACCT_STATUS_STOP = 2; + public static final int ACCT_STATUS_INTERIM = 3; + public static final int ACCT_STATUS_ACCOUNTING_ON = 7; + public static final int ACCT_STATUS_ACCOUNTING_OFF = 8; + + public int getAccountingStatusType() + { + Long i = (Long)getAttributeValue(AttributeDictionary.ACCT_STATUS_TYPE); + if (i != null) return i.intValue(); + return -1; + } + + public void setAccountingStatusType(int type) + { + RadiusAttribute a = AttributeFactory.newAttribute(AttributeDictionary.ACCT_STATUS_TYPE, null); + NamedValue s = (NamedValue)a.getValue(); + s.setValue(new Long(type)); + overwriteAttribute(a); + } + + /** + * Creates a Accounting-Request Authenticator + * @see net.jradius.packet.RadiusPacket#createAuthenticator(byte[]) + */ + public byte[] createAuthenticator(byte[] attributes, String sharedSecret) + { + this.authenticator = RadiusUtils.makeRFC2866RequestAuthenticator(sharedSecret, + (byte)getCode(), (byte)getIdentifier(), attributes.length + RADIUS_HEADER_LENGTH, attributes); + + return this.authenticator; + } +} diff --git a/core/src/main/java/net/jradius/packet/AccountingResponse.java b/core/src/main/java/net/jradius/packet/AccountingResponse.java new file mode 100644 index 0000000..62b76f1 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/AccountingResponse.java @@ -0,0 +1,47 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import net.jradius.packet.attribute.AttributeList; + + +/** + * The RADIUS Accounting-Response Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class AccountingResponse extends RadiusResponse +{ + public static final byte CODE = (byte)5; + private static final long serialVersionUID = (long)CODE; + + public AccountingResponse() + { + code = CODE; + } + + public AccountingResponse(int id, AttributeList list) + { + super(id, list); + code = CODE; + } +} diff --git a/core/src/main/java/net/jradius/packet/AccountingStatus.java b/core/src/main/java/net/jradius/packet/AccountingStatus.java new file mode 100644 index 0000000..0e8a60e --- /dev/null +++ b/core/src/main/java/net/jradius/packet/AccountingStatus.java @@ -0,0 +1,39 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + + +/** + * The RADIUS Accounting-Status Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class AccountingStatus extends AccountingRequest +{ + public static final byte CODE = (byte)6; + private static final long serialVersionUID = (long)CODE; + + public AccountingStatus() + { + code = CODE; + } +} diff --git a/core/src/main/java/net/jradius/packet/CoAACK.java b/core/src/main/java/net/jradius/packet/CoAACK.java new file mode 100644 index 0000000..7cb2a2e --- /dev/null +++ b/core/src/main/java/net/jradius/packet/CoAACK.java @@ -0,0 +1,38 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +/** + * The RADIUS CoA-ACK Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class CoAACK extends CoAResponse +{ + public static final byte CODE = (byte)44; + private static final long serialVersionUID = (long)CODE; + + public CoAACK() + { + code = CODE; + } + } diff --git a/core/src/main/java/net/jradius/packet/CoANAK.java b/core/src/main/java/net/jradius/packet/CoANAK.java new file mode 100644 index 0000000..243ebb1 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/CoANAK.java @@ -0,0 +1,38 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +/** + * The RADIUS CoA-NAK Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class CoANAK extends CoAResponse +{ + public static final byte CODE = (byte)45; + private static final long serialVersionUID = (long)CODE; + + public CoANAK() + { + code = CODE; + } + } diff --git a/core/src/main/java/net/jradius/packet/CoARequest.java b/core/src/main/java/net/jradius/packet/CoARequest.java new file mode 100644 index 0000000..32b0daa --- /dev/null +++ b/core/src/main/java/net/jradius/packet/CoARequest.java @@ -0,0 +1,48 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + + +import net.jradius.client.RadiusClient; +import net.jradius.packet.attribute.AttributeList; + +/** + * The RADIUS CoA-Request Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class CoARequest extends AccountingRequest +{ + public static final byte CODE = (byte)43; + private static final long serialVersionUID = (long)CODE; + + public CoARequest() + { + code = CODE; + } + public CoARequest(RadiusClient client, AttributeList attributes) + { + super(client, attributes); + code = CODE; + } +} diff --git a/core/src/main/java/net/jradius/packet/CoAResponse.java b/core/src/main/java/net/jradius/packet/CoAResponse.java new file mode 100644 index 0000000..bae6efd --- /dev/null +++ b/core/src/main/java/net/jradius/packet/CoAResponse.java @@ -0,0 +1,27 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +/** + */ +public abstract class CoAResponse extends AccountingResponse +{ +} diff --git a/core/src/main/java/net/jradius/packet/DHCPAck.java b/core/src/main/java/net/jradius/packet/DHCPAck.java new file mode 100644 index 0000000..18ee4f6 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DHCPAck.java @@ -0,0 +1,43 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import net.jradius.packet.attribute.AttributeList; + +/** + * @author David Bird + */ +public class DHCPAck extends DHCPPacket +{ + public static final int CODE = 1024 + 5; + private static final long serialVersionUID = (long)CODE; + + public DHCPAck() + { + code = CODE; + } + + public DHCPAck(AttributeList attributes) + { + code = CODE; + this.attributes.add(attributes); + } + } diff --git a/core/src/main/java/net/jradius/packet/DHCPDecline.java b/core/src/main/java/net/jradius/packet/DHCPDecline.java new file mode 100644 index 0000000..51b84f6 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DHCPDecline.java @@ -0,0 +1,35 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +/** + * @author David Bird + */ +public class DHCPDecline extends DHCPPacket +{ + public static final int CODE = 1024 + 4; + private static final long serialVersionUID = (long)CODE; + + public DHCPDecline() + { + code = CODE; + } + } diff --git a/core/src/main/java/net/jradius/packet/DHCPDiscover.java b/core/src/main/java/net/jradius/packet/DHCPDiscover.java new file mode 100644 index 0000000..00dc102 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DHCPDiscover.java @@ -0,0 +1,35 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +/** + * @author David Bird + */ +public class DHCPDiscover extends DHCPPacket +{ + public static final int CODE = 1024 + 1; + private static final long serialVersionUID = (long)CODE; + + public DHCPDiscover() + { + code = CODE; + } + } diff --git a/core/src/main/java/net/jradius/packet/DHCPForceRenew.java b/core/src/main/java/net/jradius/packet/DHCPForceRenew.java new file mode 100644 index 0000000..26801cc --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DHCPForceRenew.java @@ -0,0 +1,43 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import net.jradius.packet.attribute.AttributeList; + +/** + * @author David Bird + */ +public class DHCPForceRenew extends DHCPPacket +{ + public static final int CODE = 1024 + 9; + private static final long serialVersionUID = (long)CODE; + + public DHCPForceRenew() + { + code = CODE; + } + + public DHCPForceRenew(AttributeList attributes) + { + code = CODE; + this.attributes.add(attributes); + } + } diff --git a/core/src/main/java/net/jradius/packet/DHCPFormat.java b/core/src/main/java/net/jradius/packet/DHCPFormat.java new file mode 100644 index 0000000..8643dc5 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DHCPFormat.java @@ -0,0 +1,60 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; + +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.packet.attribute.VSAttribute; +import net.jradius.packet.attribute.value.AttributeValue; + +/** + * The Diameter Attribute Formatter + * @author David Bird + */ +public class DHCPFormat extends Format +{ + public void packAttribute(OutputStream out, RadiusAttribute a) throws IOException + { + if (a instanceof VSAttribute) + { + packAttribute(out, (VSAttribute)a); + } + } + + public void packAttribute(OutputStream out, VSAttribute a) throws IOException + { + AttributeValue attributeValue = a.getValue(); + writeUnsignedByte(out, (int)a.getVsaAttributeType()); + writeUnsignedByte(out, attributeValue.getLength()); + attributeValue.getBytes(out); + } + + public int unpackAttributeHeader(InputStream in, AttributeParseContext ctx) throws IOException + { + ctx.attributeType = readUnsignedByte(in); + ctx.attributeLength = readUnsignedByte(in); + ctx.headerLength = 2; + return 0; + } +} diff --git a/core/src/main/java/net/jradius/packet/DHCPInform.java b/core/src/main/java/net/jradius/packet/DHCPInform.java new file mode 100644 index 0000000..75bb411 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DHCPInform.java @@ -0,0 +1,43 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import net.jradius.packet.attribute.AttributeList; + +/** + * @author David Bird + */ +public class DHCPInform extends DHCPPacket +{ + public static final int CODE = 1024 + 8; + private static final long serialVersionUID = (long)CODE; + + public DHCPInform() + { + code = CODE; + } + + public DHCPInform(AttributeList attributes) + { + code = CODE; + this.attributes.add(attributes); + } + } diff --git a/core/src/main/java/net/jradius/packet/DHCPNack.java b/core/src/main/java/net/jradius/packet/DHCPNack.java new file mode 100644 index 0000000..4fe0b55 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DHCPNack.java @@ -0,0 +1,43 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import net.jradius.packet.attribute.AttributeList; + +/** + * @author David Bird + */ +public class DHCPNack extends DHCPPacket +{ + public static final int CODE = 1024 + 6; + private static final long serialVersionUID = (long)CODE; + + public DHCPNack() + { + code = CODE; + } + + public DHCPNack(AttributeList attributes) + { + code = CODE; + this.attributes.add(attributes); + } + } diff --git a/core/src/main/java/net/jradius/packet/DHCPOffer.java b/core/src/main/java/net/jradius/packet/DHCPOffer.java new file mode 100644 index 0000000..bd3d992 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DHCPOffer.java @@ -0,0 +1,43 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import net.jradius.packet.attribute.AttributeList; + +/** + * @author David Bird + */ +public class DHCPOffer extends DHCPPacket +{ + public static final int CODE = 1024 + 2; + private static final long serialVersionUID = (long)CODE; + + public DHCPOffer() + { + code = CODE; + } + + public DHCPOffer(AttributeList attributes) + { + super(attributes); + code = CODE; + } + } diff --git a/core/src/main/java/net/jradius/packet/DHCPPacket.java b/core/src/main/java/net/jradius/packet/DHCPPacket.java new file mode 100644 index 0000000..00ef791 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DHCPPacket.java @@ -0,0 +1,40 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import net.jradius.packet.attribute.AttributeList; + + +/** + * @author David Bird + */ +public abstract class DHCPPacket extends RadiusPacket +{ + public DHCPPacket() + { + super(); + } + + public DHCPPacket(AttributeList attributes) + { + super(attributes); + } +} diff --git a/core/src/main/java/net/jradius/packet/DHCPRelease.java b/core/src/main/java/net/jradius/packet/DHCPRelease.java new file mode 100644 index 0000000..c143f55 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DHCPRelease.java @@ -0,0 +1,43 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import net.jradius.packet.attribute.AttributeList; + +/** + * @author David Bird + */ +public class DHCPRelease extends DHCPPacket +{ + public static final int CODE = 1024 + 7; + private static final long serialVersionUID = (long)CODE; + + public DHCPRelease() + { + code = CODE; + } + + public DHCPRelease(AttributeList attributes) + { + code = CODE; + this.attributes.add(attributes); + } + } diff --git a/core/src/main/java/net/jradius/packet/DHCPRequest.java b/core/src/main/java/net/jradius/packet/DHCPRequest.java new file mode 100644 index 0000000..dbf4b5b --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DHCPRequest.java @@ -0,0 +1,35 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +/** + * @author David Bird + */ +public class DHCPRequest extends DHCPPacket +{ + public static final int CODE = 1024 + 3; + private static final long serialVersionUID = (long)CODE; + + public DHCPRequest() + { + code = CODE; + } + } diff --git a/core/src/main/java/net/jradius/packet/DiameterFormat.java b/core/src/main/java/net/jradius/packet/DiameterFormat.java new file mode 100644 index 0000000..092753a --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DiameterFormat.java @@ -0,0 +1,119 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; + +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.packet.attribute.VSAttribute; +import net.jradius.packet.attribute.value.AttributeValue; + +/** + * The Diameter Attribute Formatter + * @author David Bird + */ +public class DiameterFormat extends Format +{ + // Diameter AVP Format Support + + /* + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | AVP Code | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * |V M P r r r r r| AVP Length | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Vendor-ID (opt) | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Data ... + * +-+-+-+-+-+-+-+-+ + */ + + private static final byte AVP_VENDOR = (byte) 0x80; + + //private static final byte AVP_MANDITORY = (byte)0x40; + //private static final byte AVP_ENCRYPTION = (byte)0x20; + + public void packAttribute(OutputStream out, RadiusAttribute a) throws IOException + { + AttributeValue attributeValue = a.getValue(); + int length = attributeValue.getLength(); + int padding = ((length + 0x03) & ~(0x03)) - length; + if (a instanceof VSAttribute) + packHeader(out, (VSAttribute) a); + else + formatHeader(out, a); + attributeValue.getBytes(out); + while (padding-- > 0) out.write(0); + } + + private void formatHeader(OutputStream out, RadiusAttribute a) throws IOException + { + AttributeValue attributeValue = a.getValue(); + writeUnsignedInt(out, a.getType()); + writeUnsignedByte(out, 0); + writeUnsignedByte(out, 0); // part of the AVP Length! + writeUnsignedShort(out, attributeValue.getLength() + 8); + } + + public void packHeader(OutputStream out, RadiusAttribute a) throws IOException + { + if (a instanceof VSAttribute) + { + packHeader(out, (VSAttribute)a); + } + } + + public void packHeader(OutputStream out, VSAttribute a) throws IOException + { + AttributeValue attributeValue = a.getValue(); + writeUnsignedInt(out, a.getVsaAttributeType()); + writeUnsignedByte(out, AVP_VENDOR); + writeUnsignedByte(out, 0); // part of the AVP Length! + writeUnsignedShort(out, attributeValue.getLength() + 12); + writeUnsignedInt(out, a.getVendorId()); + } + + public int unpackAttributeHeader(InputStream in, AttributeParseContext ctx) throws IOException + { + ctx.attributeType = (int)readUnsignedInt(in); + + long flen = readUnsignedInt(in); + byte flags = (byte) ((flen >> 24) & 0xff); + + ctx.attributeLength = (int)(flen & 0x00ffffff); + ctx.headerLength = 8; + + if ((flags & AVP_VENDOR) > 0) + { + ctx.vendorNumber = (int)readUnsignedInt(in); + ctx.headerLength += 4; + } + + ctx.padding = ((ctx.attributeLength + 0x03) & ~(0x03)) - ctx.attributeLength; + + return 0; + } +} diff --git a/core/src/main/java/net/jradius/packet/DisconnectACK.java b/core/src/main/java/net/jradius/packet/DisconnectACK.java new file mode 100644 index 0000000..95fbf6e --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DisconnectACK.java @@ -0,0 +1,38 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +/** + * The RADIUS Disconnect-ACK Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class DisconnectACK extends DisconnectResponse +{ + public static final byte CODE = (byte)41; + private static final long serialVersionUID = (long)CODE; + + public DisconnectACK() + { + code = CODE; + } + } diff --git a/core/src/main/java/net/jradius/packet/DisconnectNAK.java b/core/src/main/java/net/jradius/packet/DisconnectNAK.java new file mode 100644 index 0000000..c62078d --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DisconnectNAK.java @@ -0,0 +1,38 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +/** + * The RADIUS Disconnect-ACK Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class DisconnectNAK extends DisconnectResponse +{ + public static final byte CODE = (byte)42; + private static final long serialVersionUID = (long)CODE; + + public DisconnectNAK() + { + code = CODE; + } + } diff --git a/core/src/main/java/net/jradius/packet/DisconnectRequest.java b/core/src/main/java/net/jradius/packet/DisconnectRequest.java new file mode 100644 index 0000000..33d3bb5 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DisconnectRequest.java @@ -0,0 +1,51 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + + +import net.jradius.client.RadiusClient; +import net.jradius.packet.attribute.AttributeList; + + + +/** + * The RADIUS Disconnect-Request Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class DisconnectRequest extends AccountingRequest +{ + public static final byte CODE = (byte)40; + private static final long serialVersionUID = (long)CODE; + + public DisconnectRequest() + { + code = CODE; + } + + public DisconnectRequest(RadiusClient client, AttributeList attributes) + { + super(client, attributes); + code = CODE; + } +} diff --git a/core/src/main/java/net/jradius/packet/DisconnectResponse.java b/core/src/main/java/net/jradius/packet/DisconnectResponse.java new file mode 100644 index 0000000..d59559a --- /dev/null +++ b/core/src/main/java/net/jradius/packet/DisconnectResponse.java @@ -0,0 +1,27 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +/** + */ +public abstract class DisconnectResponse extends AccountingResponse +{ +} diff --git a/core/src/main/java/net/jradius/packet/Format.java b/core/src/main/java/net/jradius/packet/Format.java new file mode 100644 index 0000000..7451596 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/Format.java @@ -0,0 +1,173 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.util.Iterator; + +import net.jradius.log.RadiusLog; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; + +/** + * @author David Bird + */ +public abstract class Format +{ + abstract public void packAttribute(OutputStream out, RadiusAttribute a) throws IOException; + + abstract public int unpackAttributeHeader(InputStream in, AttributeParseContext ctx) throws IOException; + + /** + * Packs an AttributeList into a byte array + * @param attrs The AttributeList to pack + * @return Returns the packed AttributeList + */ + public byte[] packAttributeList(AttributeList attrs) + { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + + Iterator iterator = attrs.getAttributeList().iterator(); + while (iterator.hasNext()) + { + RadiusAttribute attr = (RadiusAttribute)iterator.next(); + try + { + packAttribute(out, attr); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + try + { + out.close(); + } + catch(Exception e) + { + e.printStackTrace(); + } + + return out.toByteArray(); + } + + + + protected class AttributeParseContext + { + public int attributeType = 0; + public int attributeLength = 0; + public int attributeOp = RadiusAttribute.Operator.EQ; + public byte[] attributeValue = null; + public int headerLength = 0; + public int vendorNumber = -1; + public int padding = 0; + } + + /** + * Unpacks RadiusAttributes from a byte array into an AttributeList + * @param attrs The AttributeList to put unpacked attributes + * @param bytes The bytes to be unpacked + * @param bLength The length of the bytes to be unpacked + */ + public void unpackAttributes(AttributeList attrs, byte[] bytes, int bOffset, int bLength) + { + InputStream attributeInput = new ByteArrayInputStream(bytes, bOffset, bLength); + + try + { + for (int pos = 0; pos < bLength; ) + { + AttributeParseContext ctx = new AttributeParseContext(); + + pos += unpackAttributeHeader(attributeInput, ctx); + + RadiusAttribute attribute = null; + ctx.attributeValue = new byte[(int)(ctx.attributeLength - ctx.headerLength)]; + attributeInput.read(ctx.attributeValue, 0, ctx.attributeLength - ctx.headerLength); + attribute = AttributeFactory.newAttribute(ctx.vendorNumber, ctx.attributeType, ctx.attributeValue, ctx.attributeOp); + if (attribute == null) + { + RadiusLog.warn("Unknown attribute with type = " + ctx.attributeType); + } + else + { + attrs.add(attribute, false); + } + + if (ctx.padding > 0) + { + pos += ctx.padding; + while (ctx.padding-- > 0) + { + readUnsignedByte(attributeInput); + } + } + + pos += ctx.attributeLength; + } + attributeInput.close(); + } + catch (IOException e) + { + e.printStackTrace(); + } + } + + public static long readUnsignedInt(InputStream in) throws IOException + { + return ((long)readUnsignedShort(in) << 16) | (long)readUnsignedShort(in); + } + + public static int readUnsignedShort(InputStream in) throws IOException + { + return (readUnsignedByte(in) << 8) | readUnsignedByte(in); + } + + public static int readUnsignedByte(InputStream in) throws IOException + { + return in.read() & 0xFF; + } + + public static void writeUnsignedByte(OutputStream out, int b) throws IOException + { + out.write(b); + } + + public static void writeUnsignedShort(OutputStream out, int s) throws IOException + { + out.write((s >> 8) & 0xFF); + out.write(s & 0xFF); + } + + public static void writeUnsignedInt(OutputStream out, long i) throws IOException + { + writeUnsignedShort(out, (int)(i >> 16) & 0xFFFF); + writeUnsignedShort(out, (int)i & 0xFFFF); + } +} diff --git a/core/src/main/java/net/jradius/packet/NullPacket.java b/core/src/main/java/net/jradius/packet/NullPacket.java new file mode 100644 index 0000000..118017c --- /dev/null +++ b/core/src/main/java/net/jradius/packet/NullPacket.java @@ -0,0 +1,31 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +/** + * A non-packet + * + * @author David Bird + */ +public class NullPacket extends RadiusPacket +{ + private static final long serialVersionUID = 0L; +} diff --git a/core/src/main/java/net/jradius/packet/NullResponse.java b/core/src/main/java/net/jradius/packet/NullResponse.java new file mode 100644 index 0000000..1c6634e --- /dev/null +++ b/core/src/main/java/net/jradius/packet/NullResponse.java @@ -0,0 +1,31 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +/** + * A non-packet + * + * @author David Bird + */ +public class NullResponse extends RadiusResponse +{ + private static final long serialVersionUID = 0L; +} diff --git a/core/src/main/java/net/jradius/packet/PacketFactory.java b/core/src/main/java/net/jradius/packet/PacketFactory.java new file mode 100644 index 0000000..c3a4324 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/PacketFactory.java @@ -0,0 +1,187 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import java.io.ByteArrayInputStream; +import java.io.DataInputStream; +import java.io.IOException; +import java.net.DatagramPacket; +import java.util.LinkedHashMap; + +import net.jradius.exception.RadiusException; +import net.jradius.freeradius.FreeRadiusFormat; + + +/** + * RADIUS Packet Factor. Parses RADIUS packets and constructs + * the appropriate Java class instance. + * + * @author David Bird + */ +public class PacketFactory +{ + private static LinkedHashMap codeMap = new LinkedHashMap(); + + static + { + codeMap.put(new Integer(AccessRequest.CODE), AccessRequest.class); // 1 + codeMap.put(new Integer(AccessAccept.CODE), AccessAccept.class); // 2 + codeMap.put(new Integer(AccessReject.CODE), AccessReject.class); // 3 + codeMap.put(new Integer(AccountingRequest.CODE), AccountingRequest.class); // 4 + codeMap.put(new Integer(AccountingResponse.CODE), AccountingResponse.class); // 5 + codeMap.put(new Integer(AccountingStatus.CODE), AccountingStatus.class); // 6 + codeMap.put(new Integer(PasswordRequest.CODE), PasswordRequest.class); // 7 + codeMap.put(new Integer(PasswordAck.CODE), PasswordAck.class); // 8 + codeMap.put(new Integer(PasswordReject.CODE), PasswordReject.class); // 9 + codeMap.put(new Integer(AccessChallenge.CODE), AccessChallenge.class); // 11 + codeMap.put(new Integer(DisconnectRequest.CODE), DisconnectRequest.class); // 40 + codeMap.put(new Integer(DisconnectACK.CODE), DisconnectACK.class); // 41 + codeMap.put(new Integer(DisconnectNAK.CODE), DisconnectNAK.class); // 42 + codeMap.put(new Integer(CoARequest.CODE), CoARequest.class); // 43 + codeMap.put(new Integer(CoAACK.CODE), CoAACK.class); // 44 + codeMap.put(new Integer(CoANAK.CODE), CoANAK.class); // 45 + + codeMap.put(new Integer(DHCPDiscover.CODE), DHCPDiscover.class); // 1025 + codeMap.put(new Integer(DHCPOffer.CODE), DHCPOffer.class); // 1026 + codeMap.put(new Integer(DHCPRequest.CODE), DHCPRequest.class); // 1027 + codeMap.put(new Integer(DHCPDecline.CODE), DHCPDecline.class); // 1028 + codeMap.put(new Integer(DHCPAck.CODE), DHCPAck.class); // 1029 + codeMap.put(new Integer(DHCPNack.CODE), DHCPNack.class); // 1030 + codeMap.put(new Integer(DHCPRelease.CODE), DHCPRelease.class); // 1031 + codeMap.put(new Integer(DHCPInform.CODE), DHCPInform.class); // 1032 + codeMap.put(new Integer(DHCPForceRenew.CODE), DHCPForceRenew.class); // 1033 + } + + /** + * Parse a UDP RADIUS message + * @param dp The Datagram to be parsed + * @return Returns the RadiusPacket + * @throws RadiusException + */ + public static RadiusPacket parse(DatagramPacket dp) throws RadiusException + { + ByteArrayInputStream bais = new ByteArrayInputStream(dp.getData()); + DataInputStream input = new DataInputStream(bais); + RadiusPacket rp = null; + + try + { + int code = RadiusFormat.readUnsignedByte(input); + int identifier = RadiusFormat.readUnsignedByte(input); + + Class c = (Class)codeMap.get(new Integer(code)); + + if (c == null) + { + throw new RadiusException("bad radius code"); + } + + int length = RadiusFormat.readUnsignedShort(input); + byte[] bAuthenticator = new byte[16]; + input.readFully(bAuthenticator); + + byte[] bAttributes = new byte[length - RadiusPacket.RADIUS_HEADER_LENGTH]; + input.readFully(bAttributes); + + try + { + rp = (RadiusPacket)c.newInstance(); + //rp.setCode(code); + rp.setIdentifier(identifier); + rp.setAuthenticator(bAuthenticator); + RadiusFormat.setAttributeBytes(rp, bAttributes); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + catch (IOException e) + { + e.printStackTrace(); + } + return rp; + } + + private static RadiusPacket parsePacket(DataInputStream input) throws RadiusException, IOException + { + RadiusPacket rp = null; + int code = (int)RadiusFormat.readUnsignedInt(input); + int identifier = (int)RadiusFormat.readUnsignedInt(input); + + Class c; + if (code == 0) + { + c = NullPacket.class; + } + else + { + c = (Class)codeMap.get(new Integer(code)); + } + + if (c == null) + { + throw new RadiusException("bad radius packet type: " + code); + } + + int length = input.readInt(); + byte[] bAttributes = new byte[length]; + input.readFully(bAttributes); + + try + { + rp = (RadiusPacket)c.newInstance(); + //rp.setCode(code); + rp.setIdentifier(identifier); + FreeRadiusFormat.setAttributeBytes(rp, bAttributes); + } + catch (Exception e) + { + e.printStackTrace(); + } + return rp; + } + + /** + * Parse multiple RadiusPackets from a data stream + * @param input The input data stream + * @param packetCount Number of packets to expect + * @return Returns an array of RadiusPackets + * @throws RadiusException + */ + public static RadiusPacket[] parse(DataInputStream input, int packetCount) throws RadiusException + { + RadiusPacket rp[] = new RadiusPacket[packetCount]; + + try + { + for (int i=0; i < packetCount; i++) + { + rp[i] = parsePacket(input); + } + } + catch (IOException e) + { + e.printStackTrace(); + } + return rp; + } +} diff --git a/core/src/main/java/net/jradius/packet/PasswordAck.java b/core/src/main/java/net/jradius/packet/PasswordAck.java new file mode 100644 index 0000000..f9a466c --- /dev/null +++ b/core/src/main/java/net/jradius/packet/PasswordAck.java @@ -0,0 +1,38 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +/** + * The RADIUS Password-Ack Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class PasswordAck extends RadiusResponse +{ + public static final byte CODE = (byte)8; + private static final long serialVersionUID = (long)CODE; + + public PasswordAck() + { + code = CODE; + } + } diff --git a/core/src/main/java/net/jradius/packet/PasswordReject.java b/core/src/main/java/net/jradius/packet/PasswordReject.java new file mode 100644 index 0000000..a0957d6 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/PasswordReject.java @@ -0,0 +1,38 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +/** + * The RADIUS Password-Reject Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class PasswordReject extends RadiusResponse +{ + public static final byte CODE = (byte)9; + private static final long serialVersionUID = (long)CODE; + + public PasswordReject() + { + code = CODE; + } + } diff --git a/core/src/main/java/net/jradius/packet/PasswordRequest.java b/core/src/main/java/net/jradius/packet/PasswordRequest.java new file mode 100644 index 0000000..bb841c7 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/PasswordRequest.java @@ -0,0 +1,39 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + + +/** + * The RADIUS Password-Request Packet. + * See http://www.iana.org/assignments/radius-types + * + * @author David Bird + */ +public class PasswordRequest extends AccessRequest +{ + public static final byte CODE = (byte)7; + private static final long serialVersionUID = (long)CODE; + + public PasswordRequest() + { + code = CODE; + } +} diff --git a/core/src/main/java/net/jradius/packet/RadiusFormat.java b/core/src/main/java/net/jradius/packet/RadiusFormat.java new file mode 100644 index 0000000..25697ee --- /dev/null +++ b/core/src/main/java/net/jradius/packet/RadiusFormat.java @@ -0,0 +1,179 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; + +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.packet.attribute.VSAttribute; +import net.jradius.packet.attribute.value.AttributeValue; + +/** + * Default RadiusPacket/RadiusAttribute format class. This class formats + * and parses UDP RADIUS Packets. Derived classes implement other formats. + * + * @author David Bird + */ +public class RadiusFormat extends Format +{ + private static final int HEADER_LENGTH = 2; + public static final int VSA_HEADER_LENGTH = 8; + + private static final RadiusFormat staticFormat = new RadiusFormat(); + + /** + * @return Returns a static instnace of this class + */ + public static RadiusFormat getInstance() + { + return staticFormat; + } + + /** + * Parses attributes and places them in a RadiusPacket + * @param packet The RadiusPacket to parse attributes into + * @param bAttributes The attribute bytes to parse + */ + public static void setAttributeBytes(RadiusPacket packet, byte[] bAttributes) + { + if (bAttributes.length > 0) + { + staticFormat.unpackAttributes( + packet.getAttributes(), + bAttributes, 0, + bAttributes.length); + } + } + + /** + * Packs a RadiusPacket into a byte array + * @param packet The RadiusPacket to pack + * @return Returns the packed RadiusPacket + */ + public byte[] packPacket(RadiusPacket packet, String sharedSecret) + { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + byte[] attributeBytes = null; + + if (packet != null) + { + attributeBytes = packAttributeList(packet.getAttributes()); + } + + try + { + packHeader(out, packet, attributeBytes, sharedSecret); + if (attributeBytes != null) out.write(attributeBytes); + out.close(); + } + catch(Exception e) + { + e.printStackTrace(); + } + + return out.toByteArray(); + } + + /** + * Packs the RadiusPacket into a DataOutputStream + * @param out The DataOutputStream to write to + * @param p The RadiusPacket to pack + * @param attributeBytes The RadiusPacket attributes + * @throws IOException + */ + public void packHeader(OutputStream out, RadiusPacket p, byte[] attributeBytes, String sharedSecret) throws IOException + { + int length = attributeBytes.length + RadiusPacket.RADIUS_HEADER_LENGTH; + writeUnsignedByte(out, p.getCode()); + writeUnsignedByte(out, p.getIdentifier()); + writeUnsignedShort(out, length); + out.write(p.getAuthenticator(attributeBytes, sharedSecret)); + } + + /** + * Packs a RadiusAttribute into a DataOutputStream + * @param out The DataOutputStream to write attibutes to + * @param a The RadiusAttribute to pack + * @throws IOException + */ + public void packAttribute(OutputStream out, RadiusAttribute a) throws IOException + { + AttributeValue attributeValue = a.getValue(); + packHeader(out, a); + attributeValue.getBytes(out); + } + + + /** + * Packs a RadiusAttribute header into a DataOutputStream + * @param out The DataOutputStream to write to + * @param a The RadiusAttribute to pack + * @throws IOException + */ + public void packHeader(OutputStream out, RadiusAttribute a) throws IOException + { + if (a instanceof VSAttribute) + { + packHeader(out, (VSAttribute)a); + return; + } + AttributeValue attributeValue = a.getValue(); + writeUnsignedByte(out, (int)a.getType()); + writeUnsignedByte(out, attributeValue.getLength() + HEADER_LENGTH); + } + + /** + * Packs a VSAttribute header into a DataOutputStream + * @param out The DataOutputStream to write to + * @param a The VSAttribute to pack + * @throws IOException + */ + public void packHeader(OutputStream out, VSAttribute a) throws IOException + { + AttributeValue attributeValue = a.getValue(); + writeUnsignedByte(out, (int)a.getType()); + writeUnsignedByte(out, attributeValue.getLength() + VSA_HEADER_LENGTH); + writeUnsignedInt(out, a.getVendorId()); + writeUnsignedByte(out, (int)a.getVsaAttributeType()); + writeUnsignedByte(out, attributeValue.getLength() + 2); + } + + + /** + * Unpacks the header of a RadiusAttribute from a DataInputStream + * @param in The DataInputStream to read from + * @param ctx The Attribute Parser Context + * @return Returns the additional offset length for this header + * @throws IOException + */ + public int unpackAttributeHeader(InputStream in, AttributeParseContext ctx) throws IOException + { + ctx.attributeType = readUnsignedByte(in); + ctx.attributeLength = readUnsignedByte(in); + ctx.headerLength = 2; + + return 0; + } +} diff --git a/core/src/main/java/net/jradius/packet/RadiusPacket.java b/core/src/main/java/net/jradius/packet/RadiusPacket.java new file mode 100644 index 0000000..649fafb --- /dev/null +++ b/core/src/main/java/net/jradius/packet/RadiusPacket.java @@ -0,0 +1,306 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (C) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import java.io.Serializable; + +import net.jradius.exception.UnknownAttributeException; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.packet.attribute.value.AttributeValue; + +/** + * Represents a Radius Packet. All radius packet classes are derived + * from this abstract class. + * + * @author David Bird + */ +public abstract class RadiusPacket implements Serializable +{ + private static final long serialVersionUID = 0L; + public static final int MIN_PACKET_LENGTH = 20; + public static final int MAX_PACKET_LENGTH = 4096; + public static final short RADIUS_HEADER_LENGTH = 20; + + private static Object nextPacketIdLock = new Object(); + private static int nextPacketId = 1; + + protected int code; + protected int identifier = -1; + protected byte[] authenticator; + + protected final AttributeList attributes = new AttributeList(); + + /** + * Default Constructor + */ + public RadiusPacket() + { + } + + /** + * Constructs a RadiusPacket with an AttributeList + * @param list Initial AttributeList + */ + public RadiusPacket(AttributeList list) + { + attributes.add(list); + } + + /** + * @param code The code to set + */ + public void setCode(int code) + { + this.code = (byte)code; + } + + /** + * @return Returns the code of the RadiusPacket + */ + public int getCode() + { + return code; + } + + /** + * Adds an attribute to a RadiusPacket (without overriding any + * existing attributes) + * @param attribute The attribute to add + */ + public void addAttribute(RadiusAttribute attribute) + { + if (null != attribute) attributes.add(attribute, false); + } + + /** + * Adds an attribute to a RadiusPacket overwriting any existing attribute + * @param attribute The attribute to add + */ + public void overwriteAttribute(RadiusAttribute attribute) + { + if (null != attribute) attributes.add(attribute, true); + } + + /** + * Adds the contents of an AttributeList to a RadiusPacket + * @param list The attributes to add + */ + public void addAttributes(AttributeList list) + { + attributes.add(list); + } + + /** + * Removes an attribute + * @param attribute The RadiusAttribute to be removed + */ + public void removeAttribute(RadiusAttribute attribute) + { + attributes.remove(attribute); + } + + /** + * Removes an attribute + * @param attributeType The attribute type to be removed + */ + public void removeAttribute(long attributeType) + { + attributes.remove(attributeType); + } + + /** + * Get the Identifier of the RadiusPacket (creating one if needed) + * @return Returns the RadiusPacket Identifier + */ + public int getIdentifier() + { + if (this.identifier < 0) + { + this.identifier = getNewPacketId(); + } + return this.identifier; + } + + /** + * Set the Identifier byte of a RadiusPacket + * @param i The new Identifier + */ + public void setIdentifier(int i) + { + this.identifier = i; + } + + /** + * Get the attributes of a RadiusPacket + * @return Returns the AttributeList of the packet + */ + public AttributeList getAttributes() + { + return attributes; + } + + /** + * Derived RadiusRequest classes must override this + * @param attributes + * @return Returns 16 bytes + */ + public byte[] createAuthenticator(byte[] attributes, String sharedSecret) + { + return new byte[16]; + } + + public boolean verifyAuthenticator(String sharedSecret) + { + return false; + } + + /** + * @param authenticator The authenticator to set. + */ + public void setAuthenticator(byte[] authenticator) + { + this.authenticator = authenticator; + } + + /** + * @return Returns the packet authenticator + */ + public byte[] getAuthenticator() + { + return this.authenticator; + } + + /** + * Get (or generate) the RADIUS Authenticator + * @param attributes + * @return Returns the packet authenticator + */ + public byte[] getAuthenticator(byte[] attributes, String sharedSecret) + { + if (this.authenticator == null) + { + if (sharedSecret != null) + this.authenticator = createAuthenticator(attributes, sharedSecret); + else + this.authenticator = new byte[16]; + } + + return this.authenticator; + } + + /** + * @param type The attribute type + * @return Returns the attribute, if found + */ + public RadiusAttribute findAttribute(long type) + { + return attributes.get(type); + } + + /** + * @param type The integer type of the attribute to find + * @return Returns an array of RadiusAttributes + */ + public Object[] findAttributes(long type) + { + return attributes.getArray(type); + } + + /** + * @param aName The name of the attribute to find + * @return Returns the RadiusAttribute, null if not found + * @throws UnknownAttributeException + */ + public RadiusAttribute findAttribute(String aName) + throws UnknownAttributeException + { + return attributes.get(aName); + } + + /** + * @param type The integer type of the attribute to find + * @return Returns the Object value of the found attribute, otherwise null + */ + public Object getAttributeValue(long type) + { + RadiusAttribute attribute = findAttribute(type); + if (attribute != null) + { + AttributeValue value = attribute.getValue(); + if (value != null) + { + return value.getValueObject(); + } + } + return null; + } + + /** + * @param aName The name of the attribute to find + * @return Returns the Object value of the found attribute, otherwise null + * @throws UnknownAttributeException + */ + public Object getAttributeValue(String aName) + throws UnknownAttributeException + { + RadiusAttribute attribute = findAttribute(aName); + if (attribute != null) + { + AttributeValue value = attribute.getValue(); + if (value != null) + { + return value.getValueObject(); + } + } + return null; + } + + /** + * @return Returns the next RadiusPacket Identifier to be used + */ + private static int getNewPacketId() + { + synchronized (nextPacketIdLock) + { + nextPacketId = (nextPacketId + 1) % 255; + return nextPacketId; + } + } + + /** + * Formats the RadiusPacket into a String + */ + public String toString(boolean nonStandardAtts, boolean unknownAttrs) + { + StringBuffer sb = new StringBuffer(); + sb.append("Class: ").append(this.getClass().toString()).append("\n"); + sb.append("Attributes:\n"); + sb.append(attributes.toString(nonStandardAtts, unknownAttrs)); + return sb.toString(); + } + + public String toString() + { + return toString(true, true); + } +} diff --git a/core/src/main/java/net/jradius/packet/RadiusRequest.java b/core/src/main/java/net/jradius/packet/RadiusRequest.java new file mode 100644 index 0000000..c706ff6 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/RadiusRequest.java @@ -0,0 +1,73 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import net.jradius.client.RadiusClient; +import net.jradius.packet.attribute.AttributeList; + + + +/** + * A Radius Request (either Access Request or Accounting Request) + * + * @author David Bird + */ +public abstract class RadiusRequest extends RadiusPacket +{ + protected RadiusClient client = null; + + /** + * Default constructor + */ + public RadiusRequest() + { + } + + /** + * Constructor + * @param client The client context to be used (when creating UDP packets) + */ + public RadiusRequest(RadiusClient client) + { + this.client = client; + } + + /** + * Constructor + * @param attributes The attributes to be used + */ + public RadiusRequest(AttributeList attributes) + { + super(attributes); + } + + /** + * Constructor + * @param client The client context to be used (when creating UDP packets) + * @param attributes The attributes to be used + */ + public RadiusRequest(RadiusClient client, AttributeList attributes) + { + super(attributes); + this.client = client; + } +} diff --git a/core/src/main/java/net/jradius/packet/RadiusResponse.java b/core/src/main/java/net/jradius/packet/RadiusResponse.java new file mode 100644 index 0000000..ccf2352 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/RadiusResponse.java @@ -0,0 +1,72 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet; + +import java.util.Arrays; + +import net.jradius.packet.attribute.AttributeList; +import net.jradius.util.RadiusUtils; + + + +/** + * The RADIUS Response Packet + * + * @author David Bird + */ +public abstract class RadiusResponse extends RadiusPacket +{ + public RadiusResponse() + { + super(); + } + + public RadiusResponse(int id, AttributeList list) + { + super(list); + setIdentifier(id); + } + + /** + * Calculates and compares the RADIUS Response Authenticator (per RFC 2865) + * @param client The RadiusClient being used + * @param requestAuthenticator The Authenticator of the request + * @return Returns true of the authenticators match + */ + public boolean verifyAuthenticator(byte[] requestAuthenticator, String sharedSecret) + { + byte[] attribtues = RadiusFormat.getInstance().packAttributeList(getAttributes()); + byte[] hash = RadiusUtils.makeRFC2865ResponseAuthenticator(sharedSecret, + (byte)(getCode() & 0xff), (byte)(getIdentifier() & 0xff), + (short)(attribtues.length + RADIUS_HEADER_LENGTH), + requestAuthenticator, attribtues); + return Arrays.equals(hash, getAuthenticator()); + } + + public void generateAuthenticator(byte[] requestAuthenticator, String sharedSecret) + { + byte[] attribtues = RadiusFormat.getInstance().packAttributeList(getAttributes()); + setAuthenticator(RadiusUtils.makeRFC2865ResponseAuthenticator( sharedSecret, + (byte)(getCode() & 0xff), (byte)(getIdentifier() & 0xff), + (short)(attribtues.length + RADIUS_HEADER_LENGTH), + requestAuthenticator, attribtues)); + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/Attr_UnknownAttribute.java b/core/src/main/java/net/jradius/packet/attribute/Attr_UnknownAttribute.java new file mode 100644 index 0000000..0567229 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/Attr_UnknownAttribute.java @@ -0,0 +1,69 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute; + +import net.jradius.packet.attribute.value.OctetsValue; + +/** + * @author David Bird + */ +public class Attr_UnknownAttribute extends RadiusAttribute implements UnknownAttribute +{ + private static final long serialVersionUID = 0L; + public static final String NAME = "Unknown-Attribute"; + + public void setup() {} + + public void setup(long type) + { + attributeName = NAME + "(" + type + ")"; + attributeType = type; + } + + public Attr_UnknownAttribute(long type) + { + setup(type); + attributeValue = new OctetsValue(); + } + + public Attr_UnknownAttribute(long type, OctetsValue v) + { + setup(type); + attributeValue = v; + } + + public Attr_UnknownAttribute(long type, byte[] v) + { + setup(type); + attributeValue = new OctetsValue(v); + } + + public long getAttributeType() + { + return attributeType; + } + + public void setAttributeName(String attributeName) + { + this.attributeName = attributeName; + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/Attr_UnknownVSAttribute.java b/core/src/main/java/net/jradius/packet/attribute/Attr_UnknownVSAttribute.java new file mode 100644 index 0000000..e5d9f1b --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/Attr_UnknownVSAttribute.java @@ -0,0 +1,71 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute; + +import net.jradius.packet.attribute.value.OctetsValue; + +/** + * @author David Bird + */ +public class Attr_UnknownVSAttribute extends VSAttribute implements UnknownAttribute +{ + public static final long serialVersionUID = 0L; + public static final String NAME = "Unknown-VSAttribute"; + + public void setup() {} + + public void setup(long vendorId, long vsaAttributeType) + { + attributeName = NAME + "(" + vendorId + ":" + vsaAttributeType + ")"; + attributeType = 26; + this.vendorId = vendorId; + this.vsaAttributeType = vsaAttributeType; + } + + public Attr_UnknownVSAttribute(long vendorId, long vsaAttributeType) + { + setup(vendorId, vsaAttributeType); + attributeValue = new OctetsValue(); + } + + public Attr_UnknownVSAttribute(long vendorId, long vsaAttributeType, OctetsValue v) + { + setup(vendorId, vsaAttributeType); + attributeValue = v; + } + + public Attr_UnknownVSAttribute(long vendorId, long vsaAttributeType, byte[] v) + { + setup(vendorId, vsaAttributeType); + attributeValue = new OctetsValue(v); + } + + public long getAttributeType() + { + return ((vendorId & 0xFFFF) << 16) | vsaAttributeType; + } + + public void setAttributeName(String attributeName) + { + this.attributeName = attributeName; + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/AttributeDescription.java b/core/src/main/java/net/jradius/packet/attribute/AttributeDescription.java new file mode 100644 index 0000000..ef7d836 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/AttributeDescription.java @@ -0,0 +1,90 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute; + + +/** + * A simple attribute description bean (stored as triplet of Strings: + * name, operator, and value). + * + * @author David Bird + */ +public final class AttributeDescription +{ + private String name; + private String op; + private String value; + + /** + * Default constructor + */ + public AttributeDescription() + { + } + + /** + * @return Returns the name. + */ + public String getName() + { + return name; + } + + /** + * @param name The name to set. + */ + public void setName(String name) + { + this.name = name; + } + + /** + * @return Returns the op. + */ + public String getOp() + { + return op; + } + + /** + * @param op The op to set. + */ + public void setOp(String op) + { + this.op = op; + } + + /** + * @return Returns the value. + */ + public String getValue() + { + return value; + } + + /** + * @param value The value to set. + */ + public void setValue(String value) + { + this.value = value; + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/AttributeDictionary.java b/core/src/main/java/net/jradius/packet/attribute/AttributeDictionary.java new file mode 100644 index 0000000..5812b8a --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/AttributeDictionary.java @@ -0,0 +1,48 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute; + +import java.util.Map; + +/** + * Attribute Dictionary Interface. Attribute dictionary classes, like + * that built RadiusDictionary, implement this interface. + * + * @author David Bird + */ +public abstract interface AttributeDictionary +{ + // Some commonly used standard RADIUS Attribute types. + // Of course, a dictionary supporing them must also be loaded. + // Values are added as they are used in the jradius package (which + // should not be referencing any attribute class directly). + public static final int USER_NAME = 1; // User-Name + public static final int USER_PASSWORD = 2; // User-Password + public static final int STATE = 24; // State + public static final int NAS_IDENTIFIER = 32; // NAS-Identifier + public static final int ACCT_STATUS_TYPE = 40; // Acct-Status-Type + public static final int EAP_MESSAGE = 79; // EAP-Message + public static final int MESSAGE_AUTHENTICATOR = 80; // Message-Authenticator + + public void loadVendorCodes(Map map); + public void loadAttributes(Map map); + public void loadAttributesNames(Map map); +} diff --git a/core/src/main/java/net/jradius/packet/attribute/AttributeFactory.java b/core/src/main/java/net/jradius/packet/attribute/AttributeFactory.java new file mode 100644 index 0000000..fc65440 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/AttributeFactory.java @@ -0,0 +1,400 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute; + +import java.io.ByteArrayInputStream; +import java.io.DataInputStream; +import java.io.IOException; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.Map; +import java.util.StringTokenizer; + +import net.jradius.exception.RadiusException; +import net.jradius.exception.UnknownAttributeException; +import net.jradius.log.RadiusLog; +import net.jradius.packet.RadiusFormat; +import net.jradius.packet.attribute.RadiusAttribute.Operator; + +/** + * The Attribute Factor. This factor builds the RADIUS attributes + * based on configured dictionaries. + * + * @author David Bird + */ +public final class AttributeFactory +{ + private static LinkedHashMap attributeMap = new LinkedHashMap(); + private static LinkedHashMap vendorMap = new LinkedHashMap(); + private static LinkedHashMap attributeNameMap = new LinkedHashMap(); + + public static final class VendorValue + { + private Class c; + private Map map; + public VendorValue(Class c, Map m) { this.c = c; this.map = m; } + /** + * @return Returns the map. + */ + public Map getAttributeMap() { + return map; + } + /** + * @return Returns the c. + */ + public Class getDictClass() { + return c; + } + } + + /** + * Load an attribute dictionary + * @param className Name of the Java Class derived from AttributeDictionary + * @return Returns true if loading of dictionary was successful + */ + public static boolean loadAttributeDictionary(String className) + { + try + { + Class clazz = Class.forName(className); + Object o = clazz.newInstance(); + return loadAttributeDictionary((AttributeDictionary)o); + } + catch (Exception e) + { + e.printStackTrace(); + return false; + } + } + + public static boolean loadAttributeDictionary(AttributeDictionary dict) + { + dict.loadAttributes(attributeMap); + dict.loadAttributesNames(attributeNameMap); + dict.loadVendorCodes(vendorMap); + + Iterator i = vendorMap.keySet().iterator(); + while (i.hasNext()) + { + Long id = (Long)i.next(); + Class c = (Class)vendorMap.get(id); + try + { + LinkedHashMap map = new LinkedHashMap(); + VSADictionary vsadict = (VSADictionary)c.newInstance(); + vsadict.loadAttributes(map); + vsadict.loadAttributesNames(attributeNameMap); + vendorMap.put(id, new AttributeFactory.VendorValue(c, map)); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + return true; + } + + /** + * Parses a string to create a RadiusAttribute. Will either return the + * attribute, or throw an Exception. + * @param src The source String + * @return Returns the RadiusAttribute parsed from String + * @throws RadiusException + * @throws UnknownAttributeException + */ + public static RadiusAttribute attributeFromString(String src) + throws RadiusException, UnknownAttributeException + { + String parts[] = src.split("=", 2); + if (parts.length == 2) + { + String attribute = parts[0].trim(); + String value = parts[1].trim(); + + char q = value.charAt(0); + if (q == value.charAt(value.length() - 1) && (q == '\'' || q == '"')) + { + value = value.substring(1, value.length() - 1); + } + + return newAttribute(attribute, value, "="); + } + throw new RadiusException("Syntax error for attributes: " + src); + } + + public static void loadAttributesFromString(AttributeList list, String src, String delim, boolean beStrinct) throws RadiusException + { + StringTokenizer st = new StringTokenizer(src, delim); + while (st.hasMoreTokens()) + { + try + { + list.add(attributeFromString(st.nextToken())); + } + catch (RadiusException e) + { + if (beStrinct) throw(e); + } + } + } + + /** + * Creates a new RadiusAttribute + * @param vendor The VendorID of the attribute (if one) + * @param type The Attribute Type + * @param value The Attribute Value + * @param op The Attribute Operator + * @return Returns the newly created RadiusAttribute + */ + public static RadiusAttribute newAttribute(long vendor, long type, byte[] value, int op) + { + Class c = null; + RadiusAttribute attr = null; + + try + { + if (vendor > 1 || type == 26) + { + if (vendor < 1) + { + ByteArrayInputStream bais = new ByteArrayInputStream(value); + DataInputStream input = new DataInputStream(bais); + vendor = (int)RadiusFormat.readUnsignedInt(input); + type = (int)RadiusFormat.readUnsignedByte(input); + int vsaLength = (int)RadiusFormat.readUnsignedByte(input); + byte[] newValue = new byte[vsaLength - 2]; + input.readFully(newValue); + input.close(); + value = newValue; + } + + VendorValue v = (VendorValue)vendorMap.get(new Long(vendor)); + + if (v != null) + { + c = (Class)v.map.get(new Long(type)); + } + + if (c != null) + { + attr = (RadiusAttribute)c.newInstance(); + } + else + { + RadiusLog.warn("Unknown Vendor Specific Attribute: " + vendor+":"+type); + attr = new Attr_UnknownVSAttribute(vendor, type); + } + } + else + { + c = (Class)attributeMap.get(new Long(type)); + if (c != null) + { + attr = (RadiusAttribute)c.newInstance(); + } + else + { + RadiusLog.warn("Unknown Attribute: " + type); + attr = new Attr_UnknownAttribute(type); + } + } + + if (value != null) attr.setValue(value); + if (op > -1) attr.setAttributeOp(op); + } + catch (InstantiationException e) + { + e.printStackTrace(); + } + catch (IllegalAccessException e) + { + e.printStackTrace(); + } + catch (IOException e) + { + e.printStackTrace(); + } + + return attr; + } + + /** + * Creates a new RadiusAttribute + * @param type The type of the attribute + * @param value The value of the attribute + * @return Returns the newly created RadiusAttribute + */ + public static RadiusAttribute newAttribute(long type, byte[] value) + { + return newAttribute((type >> 16), type & 0xFF, value, -1); + } + + /** + * @param type The type of the attribute + * @param value The value of the attribute + * @return Returns the newly created AttributeList + */ + public static AttributeList newAttributeList(long type, byte[] value) + { + AttributeList list = new AttributeList(); + addToAttributeList(list, type, value); + return list; + } + + /** + * @param list The AttributeList to add to + * @param type The type of the attribute + * @param value The value of the attribute + * @return Returns how many attributes created + */ + public static int addToAttributeList(AttributeList list, long type, byte[] value) + { + int left = (value == null) ? 0 : value.length; + int offset = 0; + int cnt = 0; + + long vendor = (type >> 16); + int maxlen = vendor > 0 ? 247 : 253; + type = type & 0xFF; + + while (left > 0) + { + int len = maxlen; + if (left < maxlen) len = left; + byte b[] = new byte[len]; + System.arraycopy(value, offset, b, 0, len); + list.add(AttributeFactory.newAttribute(vendor, type, b, Operator.ADD), false); + offset += len; + left -= len; + cnt++; + } + return cnt; + } + + /** + * Create a RadiusAttribute by name + * @param aName The name of the attribute to create + * @return Returns the newly created RadiusAttribute + * @throws UnknownAttributeException + */ + public static RadiusAttribute newAttribute(String aName) + throws UnknownAttributeException + { + Class c = (Class)attributeNameMap.get(aName); + RadiusAttribute attr = null; + + if (c == null) + throw new UnknownAttributeException("Unknown attribute " + aName); + + try + { + attr = (RadiusAttribute)c.newInstance(); + } + catch (Exception e) + { + e.printStackTrace(); + } + + return attr; + } + + /** + * Create a new RadiusAttribute based on a AttributeDescription + * @param desc The RadiusDescription + * @return Returns the newly created RadiusAttribute + * @throws UnknownAttributeException + */ + public static RadiusAttribute newAttribute(AttributeDescription desc) + throws UnknownAttributeException + { + return newAttribute(desc.getName(), desc.getValue(), desc.getOp()); + } + + /** + * Creates a new RadiusAttribute + * @param aName The name of the attribute to create + * @param aValue The value of the attribute + * @param aOp The "operator" of the attribute + * @return Returns the newly created RadiusAttribute + * @throws UnknownAttributeException + */ + public static RadiusAttribute newAttribute(String aName, String aValue, String aOp) + throws UnknownAttributeException + { + RadiusAttribute attr = newAttribute(aName); + attr.setAttributeOp(aOp); + attr.setValue(aValue); + return attr; + } + + /** + * The the integer type of a RadiusAttribute by name + * @param aName The name of the attribute + * @return Returns the integer type of the attribute + * @throws UnknownAttributeException + */ + public static long getTypeByName(String aName) + throws UnknownAttributeException + { + Class c = (Class)attributeNameMap.get(aName); + RadiusAttribute attr = null; + + if (c == null) + throw new UnknownAttributeException("Unknown attribute " + aName); + + try + { + attr = (RadiusAttribute)c.newInstance(); + return attr.getType(); + } + catch (Exception e) + { + e.printStackTrace(); + } + + return -1; + } + + /** + * @return Returns the attributeMap. + */ + public static LinkedHashMap getAttributeMap() + { + return attributeMap; + } + + /** + * @return Returns the attributeNameMap. + */ + public static LinkedHashMap getAttributeNameMap() + { + return attributeNameMap; + } + + /** + * @return Returns the vendorMap. + */ + public static LinkedHashMap getVendorMap() + { + return vendorMap; + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/AttributeList.java b/core/src/main/java/net/jradius/packet/attribute/AttributeList.java new file mode 100644 index 0000000..f11e7d3 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/AttributeList.java @@ -0,0 +1,277 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute; + +import java.io.Serializable; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; + +import net.jradius.exception.UnknownAttributeException; + +/** + * Represents the Attribute List of a packet. Supports singleton + * and lists of attribute values (building packets with serverl + * of the same attribute). + * + * @author David Bird + */ +public class AttributeList implements Serializable +{ + private static final long serialVersionUID = 0L; + private LinkedList attributeOrderList; + private Map attributeMap; + + /** + * Default constructor + */ + public AttributeList() + { + attributeMap = new LinkedHashMap(); + attributeOrderList = new LinkedList(); + } + + /** + * Add an attribute list to this attribute list + * + * @param list The attribute list to add + */ + public void add(AttributeList list) + { + if (list != null) + { + attributeMap.putAll(list.getMap()); + attributeOrderList.addAll(list.getAttributeList()); + } + } + + /** + * Add an attribute, defaulting to overwriting + * + * @param a The attribute to add + */ + public void add(RadiusAttribute a) + { + add(a, true); + } + + /** + * Add an attribute with option to overwrite. If overwrite is false, + * multiple of the same attribute can be added (building a list) + * + * @param a + * @param overwrite + */ + public void add(RadiusAttribute a, boolean overwrite) + { + Long key = new Long(a.getFormattedType()); + Object o = attributeMap.get(key); + attributeOrderList.add(a); + if (o == null || overwrite) + { + if (o != null) removeFromList(o); + attributeMap.put(key, a); + } + else + { + // If we already have this attribute and are not + // overwriting, then we create a list of attribtues. + if (o instanceof LinkedList) + { + ((LinkedList)o).add(a); + } + else + { + LinkedList l = new LinkedList(); + l.add(o); l.add(a); + attributeMap.put(key, l); + } + } + } + + /** + * Removes attribute(s) by type + * @param a RadiusAttribute to remove + */ + public void remove(RadiusAttribute a) + { + remove(a.getFormattedType()); + } + + /** + * Removes attribute(s) by type + * @param attributeType The attribute type to remove + */ + public void remove(long attributeType) + { + Long key = new Long(attributeType); + Object o = attributeMap.remove(key); + if (o instanceof LinkedList) + { + for (Iterator i = ((LinkedList)o).iterator(); i.hasNext(); ) + removeFromList(i.next()); + } + else removeFromList(o); + } + + public void clear() + { + attributeMap.clear(); + attributeOrderList.clear(); + } + + private void removeFromList(Object o) + { + Object ol[] = attributeOrderList.toArray(); + for (int i = 0; i < ol.length; i++) + { + if (ol[i] == o) + { + attributeOrderList.remove(i); + return; + } + } + } + + /** + * @return Returns the number of attributes in the list + */ + public int getSize() + { + return attributeOrderList.size(); + } + + /** + * Removes all unknown (not in the configured JRadius Dictionary) attribtues. + */ + public void removeUnknown() + { + List list = getAttributeList(); + for (Iterator i = list.iterator(); i.hasNext();) + { + RadiusAttribute a = (RadiusAttribute)i.next(); + if (a instanceof UnknownAttribute) remove(a); + } + } + + /** + * @param type The type of attribute to retrieve + * @param single True if a only a single attribute can be returned; + * false if a List of attributes is also ok + * @return Returns either s single attribute, a list of attributes, or null + */ + public Object get(long type, boolean single) + { + Long key = new Long(type); + Object o = attributeMap.get(key); + if (o == null || !(o instanceof LinkedList)) + { + return o; + } + LinkedList l = (LinkedList)o; + return (single ? l.get(0) : o); + } + + public RadiusAttribute get(long type) { return (RadiusAttribute)get(type, true); } + + public Object get(String name, boolean single) throws UnknownAttributeException + { + return get(AttributeFactory.getTypeByName(name), single); + } + + public RadiusAttribute get(String name) throws UnknownAttributeException + { + return (RadiusAttribute)get(AttributeFactory.getTypeByName(name), true); + } + + /** + * Get all attributes of a certain type returned at an array + * @param type The type of attribute to find + * @return Returns an array of all attributes found of a certain type + */ + public Object[] getArray(long type) + { + Long key = new Long(type); + return toArray(attributeMap.get(key)); + } + + public String toString(boolean nonStandardAttrs, boolean unknownAttrs) + { + StringBuffer sb = new StringBuffer(); + Iterator i = attributeOrderList.iterator(); + while (i.hasNext()) + { + RadiusAttribute attr = (RadiusAttribute)i.next(); + if (!nonStandardAttrs && attr.attributeType > 256) continue; + if (!unknownAttrs && attr instanceof UnknownAttribute) continue; + sb.append(attr.toString()).append("\n"); + } + return sb.toString(); + } + + public String toString() + { + return toString(true, true); + } + + /** + * Returns the attribute hash as a list + * @return Returns a List of all attributes + */ + public List getAttributeList() + { + return attributeOrderList; + } + + /** + * @return Returns the attribute map + */ + public Map getMap() + { + return attributeMap; + } + + /** + * Returns an attribute or list of attributes as an array + * @param o The single attribute or LinkedList of attributes + * @return Returns an array of RadiusAttributes + */ + private Object[] toArray(Object o) + { + if (o == null) return null; + + Object ol[]; + + if (o instanceof LinkedList) + { + ol = ((LinkedList)o).toArray(); + } + else + { + ol = new Object[1]; + ol[0] = o; + } + return ol; + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/RadiusAttribute.java b/core/src/main/java/net/jradius/packet/attribute/RadiusAttribute.java new file mode 100644 index 0000000..0cee12d --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/RadiusAttribute.java @@ -0,0 +1,213 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute; + +import java.io.Serializable; + +import net.jradius.packet.attribute.value.AttributeValue; + +/** + * The RADIUS Attribute. All radius attributes (as build by RadiusDictionary) + * are derived from this abstract class. + * + * @author David Bird + */ +public abstract class RadiusAttribute implements Serializable +{ + private static final long serialVersionUID = 0L; + + protected long attributeType = 0; + protected int attributeOp = Operator.SET; + protected AttributeValue attributeValue = null; + protected String attributeName = "Unknown Attribute"; + + public RadiusAttribute() + { + } + + abstract public void setup(); + + protected void setup(Serializable value) + { + setup(value, Operator.SET); + } + + protected void setup(Serializable o, int op) + { + setup(); + attributeOp = op; + if (o == null) return; + + if (o instanceof AttributeValue) + { + attributeValue = (AttributeValue) o; + } + else + { + attributeValue.setValueObject(o); + } + } + + /** + * @return Returns the attribute type + */ + public long getType() + { + return attributeType; + } + + /** + * @return Returns the (internal) formatted attribute type + */ + public long getFormattedType() + { + return attributeType; + } + + /** + * @return Returns the AttributeValue + */ + public AttributeValue getValue() + { + return attributeValue; + } + + /** + * @return Returns the name of the attribute + */ + public String getAttributeName() + { + return attributeName; + } + + /** + * @return Returns the "operator" of the attribute + */ + public int getAttributeOp() + { + return attributeOp; + } + + /** + * @param attributeOp The new attribute "operator" to be set + */ + public void setAttributeOp(int attributeOp) + { + this.attributeOp = attributeOp; + } + + /** + * @param attributeOp The new attribute "operator" to be set + */ + public void setAttributeOp(String attributeOp) + { + this.attributeOp = Operator.operatorFromString(attributeOp); + } + + /** + * @param b The new attribute value to be set + */ + public void setValue(byte b[]) + { + attributeValue.setValue(b); + } + + /** + * @param value The new attribute value to be set + */ + public void setValue(String value) + { + attributeValue.setValue(value); + } + + /** + * @see java.lang.Object#toString() + */ + public String toString() + { + return attributeName + " " + Operator.operatorToString(attributeOp) + " " + attributeValue.toString(); + } + + /** + * The JRadius RadiusAttribute Operator Type. + * @author David Bird + */ + public final static class Operator + { + public static final int ADD = 8; /* += */ + public static final int SUB = 9; /* -= */ + public static final int SET = 10; /* := */ + public static final int EQ = 11; /* = */ + public static final int NE = 12; /* != */ + public static final int GE = 13; /* >= */ + public static final int GT = 14; /* > */ + public static final int LE = 15; /* <= */ + public static final int LT = 16; /* < */ + public static final int REG_EQ = 17; /* =~ */ + public static final int REG_NE = 18; /* !~ */ + public static final int CMP_TRUE = 19; /* =* */ + public static final int CMP_FALSE = 20; /* !* */ + public static final int CMP_EQ = 21; /* == */ + + public static String operatorToString(int op) + { + switch(op) + { + case ADD: return "+="; + case SUB: return "-="; + case SET: return ":="; + case EQ: return "="; + case NE: return "!="; + case GE: return ">="; + case GT: return ">"; + case LE: return "<="; + case LT: return "<"; + case REG_EQ: return "=~"; + case REG_NE: return "!~"; + case CMP_TRUE: return "=*"; + case CMP_FALSE: return "!*"; + case CMP_EQ: return "=="; + } + return "="; // for display purposes + } + + public static int operatorFromString(String op) + { + if (op == null) return 0; + if (op.equals("+=")) return ADD; + if (op.equals("-=")) return SUB; + if (op.equals(":=")) return SET; + if (op.equals("=")) return EQ; + if (op.equals("!=")) return NE; + if (op.equals(">=")) return GE; + if (op.equals(">")) return GT; + if (op.equals("<=")) return LE; + if (op.equals("<")) return LT; + if (op.equals("=~")) return REG_EQ; + if (op.equals("!~")) return REG_NE; + if (op.equals("=*")) return CMP_TRUE; + if (op.equals("!*")) return CMP_FALSE; + if (op.equals("==")) return CMP_EQ; + return 0; + } + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/UnknownAttribute.java b/core/src/main/java/net/jradius/packet/attribute/UnknownAttribute.java new file mode 100644 index 0000000..b506b32 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/UnknownAttribute.java @@ -0,0 +1,27 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute; + +public interface UnknownAttribute { + public long getAttributeType(); + public void setAttributeName(String attributeName); +} diff --git a/core/src/main/java/net/jradius/packet/attribute/VSADictionary.java b/core/src/main/java/net/jradius/packet/attribute/VSADictionary.java new file mode 100644 index 0000000..95120d9 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/VSADictionary.java @@ -0,0 +1,36 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute; + +import java.util.Map; + +/** + * VSA Attribute Dictionary Interface. Vendor specific attribute dictionary classes, + * like that built RadiusDictionary, implement this interface. + * + * @author David Bird + */ +public abstract interface VSADictionary +{ + public String getVendorName(); + public void loadAttributes(Map map); + public void loadAttributesNames(Map map); +} diff --git a/core/src/main/java/net/jradius/packet/attribute/VSAttribute.java b/core/src/main/java/net/jradius/packet/attribute/VSAttribute.java new file mode 100644 index 0000000..359b4c1 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/VSAttribute.java @@ -0,0 +1,79 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute; + + +/** + * The RADIUS VSA. All radius vendor specific attributes (as build by RadiusDictionary) + * are derived from this abstract class. + * + * @author David Bird + */ +public abstract class VSAttribute extends RadiusAttribute +{ + private static final long serialVersionUID = 0L; + + protected long vendorId; + protected long vsaAttributeType; + + /** + * Returns the VSA type (lower 2 bytes) encoded with the Vendor ID + * (upper 2 bytes) as an integer. + * @see net.jradius.packet.attribute.RadiusAttribute#getFormattedType() + */ + public long getFormattedType() + { + return vsaAttributeType | (vendorId << 16); + } + + /** + * @return Returns the vendorId. + */ + public long getVendorId() + { + return vendorId; + } + + /** + * @param vendorId The vendorId to set. + */ + public void setVendorId(long vendorId) + { + this.vendorId = vendorId; + } + + /** + * @return Returns the vsaAttributeType. + */ + public long getVsaAttributeType() + { + return vsaAttributeType; + } + + /** + * @param vsaAttributeType The vsaAttributeType to set. + */ + public void setVsaAttributeType(long vsaAttributeType) + { + this.vsaAttributeType = vsaAttributeType; + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/package.html b/core/src/main/java/net/jradius/packet/attribute/package.html new file mode 100644 index 0000000..7f1e19c --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/package.html @@ -0,0 +1,5 @@ + + +JRadius Core RADIUS Attribute Objects and Utilities. + + diff --git a/core/src/main/java/net/jradius/packet/attribute/value/AttributeValue.java b/core/src/main/java/net/jradius/packet/attribute/value/AttributeValue.java new file mode 100644 index 0000000..d468f72 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/value/AttributeValue.java @@ -0,0 +1,71 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute.value; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.Serializable; + +import net.jradius.log.RadiusLog; + + +/** + * Base abstract class of all Attribute Value classes. + * + * @author David Bird + */ +public abstract class AttributeValue implements Serializable +{ + private static final long serialVersionUID = 0L; + + public abstract void getBytes(OutputStream io) throws IOException; + + public byte[] getBytes() + { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + try + { + this.getBytes(out); + out.close(); + } + catch (Exception e) + { + RadiusLog.error(e.getMessage()); + e.printStackTrace(); + } + return out.toByteArray(); + } + + public int getLength() { return 0; } + + public Serializable getValueObject() { return null; } + + public abstract void setValue(byte[] b); + + public void setValue(String s) { setValue(s.getBytes()); } + + public abstract void setValueObject(Serializable o); + + public String toString() { return "[Binary Data]"; } + + public String toXMLString() { return ""; } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/value/DateValue.java b/core/src/main/java/net/jradius/packet/attribute/value/DateValue.java new file mode 100644 index 0000000..b5d0619 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/value/DateValue.java @@ -0,0 +1,116 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute.value; + +import java.io.IOException; +import java.io.OutputStream; +import java.io.Serializable; +import java.util.Date; + +/** + * The Date attribute value + * + * @author David Bird + */ +public class DateValue extends IntegerValue +{ + private static final long serialVersionUID = 0L; + private Date dateValue; + + public DateValue() { } + + public DateValue(Date d) + { + dateValue = d; + } + + public void getBytes(OutputStream out) throws IOException + { + integerValue = new Long(dateValue.getTime() / 1000); + super.getBytes(out); + } + + public void setValue(byte[] b) + { + super.setValue(b); + dateValue = new Date(integerValue.longValue() * 1000); + } + + public void setValue(int i) + { + super.setValue(i); + dateValue = new Date(integerValue.longValue() * 1000); + } + + public void setValue(long l) + { + super.setValue(l); + dateValue = new Date(integerValue.longValue() * 1000); + } + + public String toString() + { + if (dateValue != null) + { + return dateValue.toString(); + } + return "[Bad Date Value]"; + } + + public String toXMLString() + { + StringBuffer sb = new StringBuffer(); + sb.append(""); + return sb.toString(); + } + + public void setDate(Date newDate) + { + this.dateValue = newDate; + this.integerValue = new Long(this.dateValue.getTime() / 1000); + } + + public Serializable getValueObject() + { + return dateValue; + } + + public void setValueObject(Serializable o) + { + if (o instanceof Date) + { + setDate((Date)o); + } + else if (o instanceof Number) + { + setDate(new Date(((Number)o).longValue() * 1000)); + } + else + { + setDate(new Date((Long.parseLong(o.toString())) * 1000)); + } + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/value/EncryptedStringValue.java b/core/src/main/java/net/jradius/packet/attribute/value/EncryptedStringValue.java new file mode 100644 index 0000000..6a69334 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/value/EncryptedStringValue.java @@ -0,0 +1,48 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute.value; + +/** + * The Enrypted String attribute value + * + * @author David Bird + */ +public class EncryptedStringValue extends OctetsValue +{ + private static final long serialVersionUID = 0L; + + public EncryptedStringValue() { } + + public EncryptedStringValue(String s) + { + super((s != null) ? s.getBytes() : null); + } + + public EncryptedStringValue(byte[] b) + { + super(b); + } + + public String toString() + { + return "[Encrypted String]"; + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/value/IPAddrValue.java b/core/src/main/java/net/jradius/packet/attribute/value/IPAddrValue.java new file mode 100644 index 0000000..de0e8ee --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/value/IPAddrValue.java @@ -0,0 +1,148 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute.value; + +import java.io.IOException; +import java.io.OutputStream; +import java.io.Serializable; +import java.net.InetAddress; + +import net.jradius.log.RadiusLog; + + +/** + * The IPv4 attribute value + * + * @author David Bird + */ +public class IPAddrValue extends AttributeValue +{ + private static final long serialVersionUID = 0L; + protected InetAddress inetAddressValue; + + public IPAddrValue() { } + + public IPAddrValue(InetAddress i) + { + inetAddressValue = i; + } + + public IPAddrValue(String s) + { + setValue(s); + } + + public IPAddrValue(byte[] bytes) + { + setValue(bytes); + } + + public void setValue(String s) + { + try + { + inetAddressValue = InetAddress.getByName(s); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + public int getLength() + { + return inetAddressValue == null ? 0 : 4; + } + + public void getBytes(OutputStream out) throws IOException + { + if (inetAddressValue != null) + { + out.write(inetAddressValue.getAddress()); + } + } + + public void setValue(byte[] b) + { + if (b == null) return; + try + { + inetAddressValue = InetAddress.getByAddress(b); + } + catch (Exception e) + { + } + } + + public String toString() + { + if (inetAddressValue != null) + { + return inetAddressValue.getHostAddress(); + } + return "[Bad IP Address Value]"; + } + + public String toXMLString() + { + StringBuffer sb = new StringBuffer(); + sb.append(""); + if (inetAddressValue != null) + { + sb.append(inetAddressValue.getHostAddress()); + } + sb.append(""); + return sb.toString(); + } + + public void setInetAddress(InetAddress inet) + { + this.inetAddressValue = inet; + } + + public Serializable getValueObject() + { + return inetAddressValue; + } + + public void setValueObject(Serializable o) + { + if (o instanceof InetAddress) + { + setInetAddress((InetAddress)o); + } + else if (o instanceof byte[]) + { + setValue((byte[])o); + } + else + { + try + { + setInetAddress(InetAddress.getByName(o.toString())); + } + catch(Exception e) + { + RadiusLog.warn(e.getMessage()); + } + } + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/value/IPv6AddrValue.java b/core/src/main/java/net/jradius/packet/attribute/value/IPv6AddrValue.java new file mode 100644 index 0000000..1776623 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/value/IPv6AddrValue.java @@ -0,0 +1,40 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute.value; + +import java.net.InetAddress; + +/** + * The IPv6 attribute value + * + * @author David Bird + */ +public class IPv6AddrValue extends IPAddrValue +{ + private static final long serialVersionUID = 0L; + + public IPv6AddrValue() { } + + public IPv6AddrValue(InetAddress i) + { + super(i); + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/value/IntegerValue.java b/core/src/main/java/net/jradius/packet/attribute/value/IntegerValue.java new file mode 100644 index 0000000..8e16b4b --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/value/IntegerValue.java @@ -0,0 +1,204 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute.value; + +import java.io.IOException; +import java.io.OutputStream; +import java.io.Serializable; + +/** + * The Integer attribute value. Uses a Long as the underlying object since + * this is an unsigned long in RADIUS. + * + * @author David Bird + */ +public class IntegerValue extends AttributeValue +{ + private static final long serialVersionUID = 0L; + private int length = 4; + protected Long integerValue; + + public IntegerValue() { } + + public IntegerValue(Long l) + { + integerValue = l; + } + + public IntegerValue(Integer i) + { + setValue(i.longValue()); + } + + public IntegerValue(int i) + { + setValue(i); + } + + public IntegerValue(long l) + { + setValue(l); + } + + public int getLength() + { + return integerValue == null ? 0 : length; + } + + public void setLength(int length) + { + this.length = length; + } + + public void getBytes(OutputStream out) throws IOException + { + if (integerValue != null) + { + long longValue = integerValue.longValue(); + + if (length == 4) + { + out.write((int)((longValue >> 24) & 0xFF)); + out.write((int)((longValue >> 16) & 0xFF)); + } + + if (length >= 2) + { + out.write((int)((longValue >> 8) & 0xFF)); + } + + out.write((int)(longValue & 0xFF)); + } + } + + public void setValue(byte[] b) + { + if (b == null) return; + try + { + switch(b.length) + { + case 1: // it's really a byte + { + length = 1; + integerValue = new Long((int)b[0]&0xFF); + } + break; + + case 2: + { + length = 2; + long longValue = + (long)((int)b[0] & 0xFF) << 8 | + (long)((int)b[1] & 0xFF); + + integerValue = new Long(longValue); + } + break; + + case 4: + { + long longValue = + (long)((int)b[0] & 0xFF) << 24 | + (long)((int)b[1] & 0xFF) << 16 | + (long)((int)b[2] & 0xFF) << 8 | + (long)((int)b[3] & 0xFF); + + integerValue = new Long(longValue); + } + break; + } + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + public void setValue(String v) + { + setValue(Long.parseLong(v)); + } + + public Long getValue() + { + return integerValue; + } + + public String toString() + { + if (integerValue != null) + { + return integerValue.toString(); + } + return "[Bad Integer Value]"; + } + + public String toXMLString() + { + StringBuffer sb = new StringBuffer(); + sb.append(""); + if (integerValue != null) + { + sb.append(integerValue); + } + sb.append(""); + return sb.toString(); + } + + public void setLong(Long l) + { + this.integerValue = l; + } + + public Serializable getValueObject() + { + return integerValue; + } + + public void setValueObject(Serializable o) + { + if (o instanceof Long) + { + setLong((Long)o); + } + else if (o instanceof Number) + { + setLong(new Long(((Number)o).longValue())); + } + else + { + setLong(new Long(Long.parseLong(o.toString()))); + } + } + + public void setValue(long l) throws NumberFormatException + { + if (isValid(l) == false) throw new NumberFormatException("[bad unsigned integer value: " + String.valueOf(l) + "]"); + integerValue = new Long(l); + } + + public static boolean isValid(long l) + { + if ((l < 0L) || (l > 4294967295L)) return false; + return true; + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/value/NamedValue.java b/core/src/main/java/net/jradius/packet/attribute/value/NamedValue.java new file mode 100644 index 0000000..39c5f87 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/value/NamedValue.java @@ -0,0 +1,118 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (C) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute.value; + +import java.io.Serializable; + +/** + * The "Named Value" attribute value (Integer enumerated attributes) + * + * @author David Bird + */ +public class NamedValue extends IntegerValue +{ + private static final long serialVersionUID = 0L; + + public interface NamedValueMap + { + public String getNamedValue(Long l); + public Long getNamedValue(String s); + public Long[] getKnownValues(); + } + + private NamedValueMap valueMap = null; + + public NamedValue(NamedValueMap map) + { + valueMap = map; + } + + public NamedValue(NamedValueMap map, String s) + { + valueMap = map; + setValue(s); + } + + public NamedValue(NamedValueMap map, Long l) + { + valueMap = map; + setValue(l); + } + + public NamedValue(NamedValueMap map, Integer i) + { + valueMap = map; + setValue(i); + } + + public NamedValue(Integer i) + { + setValue(i); + } + + public void setValue(String s) + { + Long i = valueMap.getNamedValue(s); + if (i != null) + { + this.integerValue = i; + } + else + { + System.err.println("Error: invalid NamedValue string value: " + s); + } + } + + public void setValue(Number l) + { + this.integerValue = new Long(l.longValue()); + } + + public void setValueObject(Serializable o) + { + if (o instanceof Number) + { + setValue((Number)o); + } + else + { + setValue(o.toString()); + } + } + + public String getValueString() + { + return valueMap.getNamedValue(integerValue); + } + + public NamedValueMap getMap() + { + return valueMap; + } + + public String toString() + { + String s = valueMap.getNamedValue(integerValue); + if (s != null) return s; + return "Unknown-" + integerValue; + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/value/OctetsValue.java b/core/src/main/java/net/jradius/packet/attribute/value/OctetsValue.java new file mode 100644 index 0000000..e8ea37d --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/value/OctetsValue.java @@ -0,0 +1,83 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute.value; + +import java.io.IOException; +import java.io.OutputStream; +import java.io.Serializable; + +/** + * Raw Octets attribute value + * + * @author David Bird + */ +public class OctetsValue extends AttributeValue +{ + private static final long serialVersionUID = 0L; + protected byte[] byteValue = null; + + public OctetsValue() { } + + public OctetsValue(byte[] b) + { + byteValue = b; + } + + public void getBytes(OutputStream out) throws IOException + { + if (byteValue != null) + { + out.write(byteValue); + } + } + + public int getLength() + { + return byteValue == null ? 0 : byteValue.length; + } + + public void setValue(byte[] b) + { + byteValue = b; + } + + public String toString() + { + return "[Binary Data (length="+(byteValue == null ? 0 : byteValue.length)+")]"; + } + + public Serializable getValueObject() + { + return byteValue; + } + + public void setValueObject(Serializable o) + { + if (o instanceof byte[]) + { + setValue((byte[])o); + } + else + { + setValue(o.toString().getBytes()); + } + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/value/StringValue.java b/core/src/main/java/net/jradius/packet/attribute/value/StringValue.java new file mode 100644 index 0000000..ac9d23f --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/value/StringValue.java @@ -0,0 +1,78 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute.value; + +import java.io.Serializable; + +/** + * The String attribute value + * + * @author David Bird + */ +public class StringValue extends OctetsValue +{ + private static final long serialVersionUID = 0L; + + public StringValue() { } + + public StringValue(String s) + { + byteValue = s.getBytes(); + } + + public String toString() + { + if (byteValue == null) return null; + String stringValue = new String(byteValue); + return stringValue.trim(); + } + + public String toXMLString() + { + String s = toString(); + StringBuffer sb = new StringBuffer(); + sb.append("").append(s == null ? "" : s).append(""); + return sb.toString(); + } + + public Serializable getValueObject() + { + if (byteValue == null) return byteValue; + return new String(byteValue); + } + + public void setString(String s) + { + byteValue = s.getBytes(); + } + + public void setValueObject(Serializable o) + { + if (o instanceof byte[]) + { + super.setValueObject(o); + } + else + { + setString(o.toString()); + } + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/value/VSAValue.java b/core/src/main/java/net/jradius/packet/attribute/value/VSAValue.java new file mode 100644 index 0000000..340f867 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/value/VSAValue.java @@ -0,0 +1,105 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.packet.attribute.value; + +import java.io.DataOutputStream; +import java.io.IOException; +import java.io.Serializable; + +/** + * The Vendor Specific Attribute (VSA) value + * + * @author David Bird + */ +public abstract class VSAValue extends AttributeValue +{ + private int vendorID; + private AttributeValue vsaValue = null; + + public VSAValue() { } + + public VSAValue(AttributeValue v) + { + vsaValue = v; + } + + public void getBytes(DataOutputStream out) throws IOException + { + if (vsaValue != null) + { + out.writeInt(vendorID); + vsaValue.getBytes(out); + } + } + + public int getLength() + { + if (vsaValue != null) + { + return vsaValue.getLength(); + } + return 0; + } + + public String toString() + { + return vsaValue.toString(); + } + + public String toXMLString() + { + StringBuffer sb = new StringBuffer(); + sb.append(""); + if (vsaValue != null) + { + sb.append(vsaValue.toXMLString()); + } + sb.append(""); + return sb.toString(); + } + + public int getVendorID() + { + return vendorID; + } + + public void setVendorID(int vendorID) + { + this.vendorID = vendorID; + } + + public Serializable getValueObject() + { + if (vsaValue != null) + { + return vsaValue.getValueObject(); + } + return null; + } + + public void setObjectValue(Serializable o) + { + if (vsaValue != null) + { + vsaValue.setValueObject(o); + } + } +} diff --git a/core/src/main/java/net/jradius/packet/attribute/value/package.html b/core/src/main/java/net/jradius/packet/attribute/value/package.html new file mode 100644 index 0000000..fe31f3c --- /dev/null +++ b/core/src/main/java/net/jradius/packet/attribute/value/package.html @@ -0,0 +1,5 @@ + + +JRadius Core RADIUS Attribute Value Objects and Utilities. + + diff --git a/core/src/main/java/net/jradius/packet/package.html b/core/src/main/java/net/jradius/packet/package.html new file mode 100644 index 0000000..3f05679 --- /dev/null +++ b/core/src/main/java/net/jradius/packet/package.html @@ -0,0 +1,5 @@ + + +JRadius Core RADIUS Packet Objects and Utilities. + + diff --git a/core/src/main/java/net/jradius/realm/JRadiusRealm.java b/core/src/main/java/net/jradius/realm/JRadiusRealm.java new file mode 100644 index 0000000..8f9861b --- /dev/null +++ b/core/src/main/java/net/jradius/realm/JRadiusRealm.java @@ -0,0 +1,112 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.realm; + +import java.io.Serializable; + +/** + * Interface defining a RADIUS realm. + * @author David Bird + */ +public interface JRadiusRealm extends Serializable +{ + public boolean isLocal(); + + /** + * @return Returns the acctPort. + */ + public int getAcctPort(); + + /** + * @param acctPort The acctPort to set. + */ + public void setAcctPort(int acctPort); + + /** + * @return Returns the authPort. + */ + public int getAuthPort(); + + /** + * @param authPort The authPort to set. + */ + public void setAuthPort(int authPort); + + /** + * @return Returns the realm. + */ + public String getRealm(); + + /** + * @param realm The realm to set. + */ + public void setRealm(String realm); + + /** + * @return Returns the server. + */ + public String getServer(); + + /** + * @param server The server to set. + */ + public void setServer(String server); + + /** + * @return Returns the sharedSecret. + */ + public String getSharedSecret(); + + /** + * @param sharedSecret The sharedSecret to set. + */ + public void setSharedSecret(String sharedSecret); + + /** + * @return Returns the strip. + */ + public int getStrip(); + + /** + * @param strip The strip to set. + */ + public void setStrip(int strip); + + /** + * @return Returns the source. + */ + public String getSource(); + + /** + * @param source The source to set. + */ + public void setSource(String source); + + /** + * @return Returns the timeStamp. + */ + public int getTimeStamp(); + + /** + * @param timeStamp The timeStamp to set. + */ + public void setTimeStamp(int timeStamp); +} diff --git a/core/src/main/java/net/jradius/realm/JRadiusRealmManager.java b/core/src/main/java/net/jradius/realm/JRadiusRealmManager.java new file mode 100644 index 0000000..0651823 --- /dev/null +++ b/core/src/main/java/net/jradius/realm/JRadiusRealmManager.java @@ -0,0 +1,79 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.realm; + +import java.io.Serializable; +import java.util.LinkedHashMap; + +import net.jradius.exception.RadiusException; + + +/** + * @author David Bird + */ +public class JRadiusRealmManager +{ + private static JRadiusRealmManager defaultManager; + + private LinkedHashMap factories = new LinkedHashMap(); + + static + { + defaultManager = new JRadiusRealmManager(); + } + + public static JRadiusRealmManager getManager() + { + return defaultManager; + } + + public void setRealmFactory(String name, RealmFactory factory) + { + factories.put(name, factory); + } + + public RealmFactory getRealmFactory(Serializable name) + { + RealmFactory factory = factories.get(name); + if (factory == null && name != null) factory = factories.get(null); + return factory; + } + + public JRadiusRealm getRealm(String realm) throws RadiusException + { + for (RealmFactory factory : factories.values()) + { + JRadiusRealm r = factory.getRealm(realm); + if (r != null) return r; + } + return null; + } + + public static JRadiusRealm get(String requestor, String realm) throws RadiusException + { + return defaultManager.getRealmFactory(requestor).getRealm(realm); + } + + public static JRadiusRealm get(String realm) throws RadiusException + { + return defaultManager.getRealm(realm); + } +} diff --git a/core/src/main/java/net/jradius/realm/RadiusRealm.java b/core/src/main/java/net/jradius/realm/RadiusRealm.java new file mode 100644 index 0000000..2bc309e --- /dev/null +++ b/core/src/main/java/net/jradius/realm/RadiusRealm.java @@ -0,0 +1,178 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.realm; + +/** + * + * @author David Bird + */ +public class RadiusRealm implements JRadiusRealm +{ + static final long serialVersionUID = 0L; + + private String source; + private String realm; + private String server; + private int authPort; + private int acctPort; + private String sharedSecret; + private int strip; + + private int timeStamp; + + public boolean isLocal() + { + return "LOCAL".equals(server); + } + + /** + * @return Returns the acctPort. + */ + public int getAcctPort() + { + return acctPort; + } + + /** + * @param acctPort The acctPort to set. + */ + public void setAcctPort(int acctPort) + { + this.acctPort = acctPort; + } + + /** + * @return Returns the authPort. + */ + public int getAuthPort() + { + return authPort; + } + + /** + * @param authPort The authPort to set. + */ + public void setAuthPort(int authPort) + { + this.authPort = authPort; + } + + /** + * @return Returns the realm. + */ + public String getRealm() + { + return realm; + } + + /** + * @param realm The realm to set. + */ + public void setRealm(String realm) + { + this.realm = realm; + } + + /** + * @return Returns the server. + */ + public String getServer() + { + return server; + } + + /** + * @param server The server to set. + */ + public void setServer(String server) + { + this.server = server; + } + + /** + * @return Returns the sharedSecret. + */ + public String getSharedSecret() + { + return sharedSecret; + } + + /** + * @param sharedSecret The sharedSecret to set. + */ + public void setSharedSecret(String sharedSecret) + { + this.sharedSecret = sharedSecret; + } + + /** + * @return Returns the strip. + */ + public int getStrip() + { + return strip; + } + + /** + * @param strip The strip to set. + */ + public void setStrip(int strip) + { + this.strip = strip; + } + + /** + * @return Returns the source. + */ + public String getSource() + { + return source; + } + + /** + * @param source The source to set. + */ + public void setSource(String source) + { + this.source = source; + } + + /** + * @return Returns the timeStamp. + */ + public int getTimeStamp() + { + return timeStamp; + } + + /** + * @param timeStamp The timeStamp to set. + */ + public void setTimeStamp(int timeStamp) + { + this.timeStamp = timeStamp; + } + + public String toString() + { + return getRealm(); + } +} diff --git a/core/src/main/java/net/jradius/realm/RealmFactory.java b/core/src/main/java/net/jradius/realm/RealmFactory.java new file mode 100644 index 0000000..7528809 --- /dev/null +++ b/core/src/main/java/net/jradius/realm/RealmFactory.java @@ -0,0 +1,38 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.realm; + +import java.util.Collection; + +import net.jradius.exception.RadiusException; +import net.jradius.server.config.XMLConfiguration; + +import org.apache.commons.configuration.HierarchicalConfiguration; + +/** + * @author David Bird + */ +public interface RealmFactory +{ + public JRadiusRealm getRealm(String realmName) throws RadiusException; + public Collection getRealms() throws RadiusException; + public void setConfig(XMLConfiguration config, HierarchicalConfiguration.Node root); +} diff --git a/core/src/main/java/net/jradius/realm/StaticRealms.java b/core/src/main/java/net/jradius/realm/StaticRealms.java new file mode 100644 index 0000000..94c6635 --- /dev/null +++ b/core/src/main/java/net/jradius/realm/StaticRealms.java @@ -0,0 +1,69 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.realm; + +import java.util.Collection; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; + +import net.jradius.exception.RadiusException; +import net.jradius.server.config.XMLConfiguration; + +import org.apache.commons.configuration.HierarchicalConfiguration; + +/** + * @author David Bird + */ +public class StaticRealms implements RealmFactory +{ + protected Map realms = new LinkedHashMap(); + + public JRadiusRealm getRealm(String realmName) throws RadiusException + { + return realms.get(realmName); + } + + public Collection getRealms() throws RadiusException + { + return realms.values(); + } + + public void setConfig(XMLConfiguration config, HierarchicalConfiguration.Node root) + { + List list = root.getChildren("realm"); + HierarchicalConfiguration.Node node; + for (Iterator l = list.iterator(); l.hasNext();) + { + node = (HierarchicalConfiguration.Node)l.next(); + config.setRoot(node); + + RadiusRealm realm = new RadiusRealm(); + realm.setRealm(config.getConfigString("name")); + realm.setServer(config.getConfigString("server")); + realm.setSharedSecret(config.getConfigString("sharedSecret")); + realm.setAuthPort(Integer.parseInt(config.getConfigString("authPort"))); + realm.setAcctPort(Integer.parseInt(config.getConfigString("acctPort"))); + realms.put(realm.getRealm(), realm); + } + } +} diff --git a/core/src/main/java/net/jradius/realm/package.html b/core/src/main/java/net/jradius/realm/package.html new file mode 100644 index 0000000..7fae127 --- /dev/null +++ b/core/src/main/java/net/jradius/realm/package.html @@ -0,0 +1,5 @@ + + +JRadius Realm Management. + + diff --git a/core/src/main/java/net/jradius/security/JRadiusPrincipal.java b/core/src/main/java/net/jradius/security/JRadiusPrincipal.java new file mode 100644 index 0000000..cd38f9e --- /dev/null +++ b/core/src/main/java/net/jradius/security/JRadiusPrincipal.java @@ -0,0 +1,68 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.security; + +import java.io.Serializable; +import java.security.Principal; + +/** + * JRadius JAAS Principal. + * @author David Bird + */ +public class JRadiusPrincipal implements Principal, Serializable +{ + private String userName; + + public JRadiusPrincipal(String userName) + { + if (userName == null) throw new NullPointerException("UserName set to null"); + this.userName = userName; + } + + public String getName() + { + return userName; + } + + public String toString() + { + return("RadiusPrincipal: " + userName); + } + + public boolean equals(Object o) { + if (o == null) return false; + if (this == o) return true; + if (!(o instanceof JRadiusPrincipal)) return false; + JRadiusPrincipal that = (JRadiusPrincipal)o; + if (getName().equals(that.getName())) return true; + return false; + } + + /** + * Return a hash code for this JRadiusPrincipal. + *

+ * @return a hash code for this JRadiusPrincipal. + */ + public int hashCode() + { + return userName.hashCode(); + } +} diff --git a/core/src/main/java/net/jradius/security/auth/JRadiusCallback.java b/core/src/main/java/net/jradius/security/auth/JRadiusCallback.java new file mode 100644 index 0000000..de01acc --- /dev/null +++ b/core/src/main/java/net/jradius/security/auth/JRadiusCallback.java @@ -0,0 +1,81 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.security.auth; + +import javax.security.auth.callback.Callback; + +import net.jradius.client.RadiusClient; +import net.jradius.client.auth.RadiusAuthenticator; +import net.jradius.packet.attribute.AttributeList; + + + +/** + * JRadius JAAS Callback. + * @author David Bird + */ +public class JRadiusCallback implements Callback +{ + private final RadiusClient radiusClient; + private RadiusAuthenticator radiusAuthenticator; + private AttributeList authAttributes; + private AttributeList acctAttributes; + + public JRadiusCallback(RadiusClient radiusClient) + { + this.radiusClient = radiusClient; + } + + public RadiusClient getRadiusClient() + { + return radiusClient; + } + + public RadiusAuthenticator getRadiusAuthenticator() + { + return radiusAuthenticator; + } + + public void setRadiusAuthenticator(RadiusAuthenticator radiusAuthenticator) + { + this.radiusAuthenticator = radiusAuthenticator; + } + + public AttributeList getAcctAttributes() + { + return acctAttributes; + } + + public void setAcctAttributes(AttributeList acctAttributes) + { + this.acctAttributes = acctAttributes; + } + + public AttributeList getAuthAttributes() + { + return authAttributes; + } + + public void setAuthAttributes(AttributeList authAttributes) + { + this.authAttributes = authAttributes; + } +} diff --git a/core/src/main/java/net/jradius/security/auth/JRadiusModule.java b/core/src/main/java/net/jradius/security/auth/JRadiusModule.java new file mode 100644 index 0000000..d1f5312 --- /dev/null +++ b/core/src/main/java/net/jradius/security/auth/JRadiusModule.java @@ -0,0 +1,185 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.security.auth; + +import java.io.IOException; +import java.util.Map; + +import javax.security.auth.Subject; +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.UnsupportedCallbackException; +import javax.security.auth.login.CredentialExpiredException; +import javax.security.auth.login.LoginException; +import javax.security.auth.spi.LoginModule; + +import net.jradius.client.RadiusClient; +import net.jradius.log.RadiusLog; +import net.jradius.packet.AccessAccept; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.RadiusResponse; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.security.JRadiusPrincipal; + + + +/** + * JRadius JAAS LoginModule. + * @author David Bird + */ +public class JRadiusModule implements LoginModule +{ + private Subject subject; + private CallbackHandler callbackHandler; + private Map sharedState; + private Map options; + + private String userName; + private JRadiusPrincipal principal; + private RadiusClient radiusClient; + private AttributeList authAttributes; + private AttributeList acctAttributes; + + private boolean debug = false; + private boolean authenticated = false; + private boolean committed = false; + private int retries = 3; + private int attempts = 0; + + public void initialize(Subject subject, CallbackHandler callbackHandler, + Map sharedState, Map options) + { + this.subject = subject; + this.callbackHandler = callbackHandler; + this.sharedState = sharedState; + this.options = options; + + debug = "true".equalsIgnoreCase((String)options.get("debug")); + } + + public boolean commit() throws LoginException + { + if (!authenticated) return false; + principal = new JRadiusPrincipal(userName); + if (!subject.getPrincipals().contains(principal)) + { + subject.getPrincipals().add(principal); + } + attempts = 0; + committed = true; + return true; + } + + public boolean login() throws LoginException + { + if (callbackHandler == null) + { + throw new LoginException("No CallbackHandler for this JRadius LoginModule."); + } + + if (radiusClient == null) + { + radiusClient = new RadiusClient(); + } + + NameCallback nameCallback = new NameCallback("User Name: "); + PasswordCallback passwordCallback = new PasswordCallback("Password: ", true); + JRadiusCallback radiusCallback = new JRadiusCallback(radiusClient); + + Callback[] callbacks = new Callback[3]; + callbacks[0] = nameCallback; + callbacks[1] = passwordCallback; + callbacks[2] = radiusCallback; + + try + { + callbackHandler.handle(callbacks); + } + catch (IOException ioex) + { + throw new LoginException(ioex.getMessage()); + } + catch (UnsupportedCallbackException uscbex) + { + StringBuffer sb = new StringBuffer("Error: Callback "); + sb.append(uscbex.getCallback().toString()); + sb.append(" not supported."); + throw new LoginException(sb.toString()); + } + + userName = nameCallback.getName(); + String password = new String(passwordCallback.getPassword()); + + try + { + AccessRequest request = new AccessRequest(radiusClient, radiusCallback.getAuthAttributes()); + request.addAttribute(AttributeFactory.newAttribute("User-Name", userName, "=")); + request.addAttribute(AttributeFactory.newAttribute("User-Password", password, "=")); + if (debug) + { + RadiusLog.debug("Sending:\n" + request.toString()); + } + RadiusResponse reply = radiusClient.authenticate(request, radiusCallback.getRadiusAuthenticator(), retries); + if (reply == null) throw new LoginException("no reply from remote RADIUS server"); + if (debug) + { + RadiusLog.debug("Received:\n" + reply.toString()); + } + if (!(reply instanceof AccessAccept)) throw new CredentialExpiredException("authentication failed"); + } + catch (Exception ioex) + { + throw new LoginException(ioex.getMessage()); + } + + authenticated = true; + return true; + } + + public boolean logout() throws LoginException + { + subject.getPrincipals().remove(principal); + authenticated = false; + committed = false; + userName = null; + principal = null; + attempts = 0; + return true; + } + + public boolean abort() throws LoginException + { + if (!authenticated) return false; + if (authenticated && !committed) + { + authenticated = false; + attempts = 0; + } + else + { + logout(); + } + return true; + } +} diff --git a/core/src/main/java/net/jradius/security/auth/package.html b/core/src/main/java/net/jradius/security/auth/package.html new file mode 100644 index 0000000..57d1221 --- /dev/null +++ b/core/src/main/java/net/jradius/security/auth/package.html @@ -0,0 +1,5 @@ + + +JRadius Support for java.security. + + diff --git a/core/src/main/java/net/jradius/security/package.html b/core/src/main/java/net/jradius/security/package.html new file mode 100644 index 0000000..57d1221 --- /dev/null +++ b/core/src/main/java/net/jradius/security/package.html @@ -0,0 +1,5 @@ + + +JRadius Support for java.security. + + diff --git a/core/src/main/java/net/jradius/server/EventDispatcher.java b/core/src/main/java/net/jradius/server/EventDispatcher.java new file mode 100644 index 0000000..3eb98e1 --- /dev/null +++ b/core/src/main/java/net/jradius/server/EventDispatcher.java @@ -0,0 +1,140 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server; + +import java.util.LinkedList; +import java.util.List; +import java.util.concurrent.BlockingQueue; +import java.util.concurrent.LinkedBlockingQueue; + +import net.jradius.handler.chain.JRCommand; +import net.jradius.log.RadiusLog; +import net.jradius.server.event.ServerEvent; +import net.jradius.session.JRadiusSession; +import net.jradius.session.JRadiusSessionManager; + +/** + * The JRadius Server Event (JRadiusEvent) Dispatcher. + * + * @author Gert Jan Verhoog + * @author David Bird + */ +public class EventDispatcher extends JRadiusThread +{ + private BlockingQueue eventQueue; + private List eventHandlers; + + public EventDispatcher() + { + super(); + eventQueue = new LinkedBlockingQueue(); + eventHandlers = new LinkedList(); + } + + public void post(JRadiusEvent event) + { + try + { + eventQueue.put(event); + } + catch (InterruptedException e) + { + e.printStackTrace(); + } + } + + public void run() + { + while (true) + { + try + { + Thread.yield(); + dispatchEvent(); + } + catch (InterruptedException e) + { + return; + } + catch (Throwable e) + { + RadiusLog.error(e.getMessage()); + e.printStackTrace(); + } + } + } + + private void dispatchEvent() throws InterruptedException + { + JRadiusEvent event = eventQueue.take(); + if (event != null) + { + JRadiusSessionManager sessionManager = JRadiusSessionManager.getManager(event.getSender()); + JRadiusSession session = null; + + if (event instanceof ServerEvent) + { + session = ((ServerEvent) event).getRequest().getSession(); + } + + if (session != null) + { + sessionManager.lock(session); + } + + try + { + for (JRCommand command : eventHandlers) + { + try + { + if (command.doesHandle(event)) + if (command.execute(event)) + break; + } + catch (Throwable e) + { + RadiusLog.error("Event handler " + command.getName() + " threw an exception:" + e); + e.printStackTrace(); + } + } + } + finally + { + if (session != null) + { + sessionManager.unlock(session); + } + } + } + } + + public List getEventHandlers() + { + return eventHandlers; + } + + public void setEventHandlers(List eventHandlers) + { + this.eventHandlers = eventHandlers; + } +} diff --git a/core/src/main/java/net/jradius/server/JRadiusEvent.java b/core/src/main/java/net/jradius/server/JRadiusEvent.java new file mode 100644 index 0000000..8f7bbac --- /dev/null +++ b/core/src/main/java/net/jradius/server/JRadiusEvent.java @@ -0,0 +1,78 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server; + +import org.apache.commons.chain.impl.ContextBase; +import org.springframework.context.ApplicationContext; + +/** + * The JRadiusEvent is the base class for server events and JRadiusRequests. + * @author Gert Jan Verhoog + * @author David Bird + */ +public abstract class JRadiusEvent extends ContextBase +{ + protected ApplicationContext applicationContext; + private Listener listener; + private Object sender; + + /** + * @return Returns the type of the JRadiusRequest + */ + public abstract int getType(); + + /** + * @return Returns the type of the JRadiusRequest + */ + public abstract String getTypeString(); + + + public Object getSender() + { + return sender; + } + + public void setSender(Object sender) + { + this.sender = sender; + } + + public Listener getListener() + { + return listener; + } + + public void setListener(Listener listener) + { + this.listener = listener; + } + + public ApplicationContext getApplicationContext() + { + return applicationContext; + } + + public void setApplicationContext(ApplicationContext applicationContext) + { + this.applicationContext = applicationContext; + } +} diff --git a/core/src/main/java/net/jradius/server/JRadiusRequest.java b/core/src/main/java/net/jradius/server/JRadiusRequest.java new file mode 100644 index 0000000..022fefd --- /dev/null +++ b/core/src/main/java/net/jradius/server/JRadiusRequest.java @@ -0,0 +1,203 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server; + +import java.io.PrintStream; + +import net.jradius.exception.RadiusException; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.server.config.Configuration; +import net.jradius.session.JRadiusSession; + +/** + * An abstract class representing a JRadius Server Request. + * + * @author David Bird + * @author Gert Jan Verhoog + */ +public abstract class JRadiusRequest extends JRadiusEvent +{ + private JRadiusSession session; + + /** + * @return Returns the return value of the JRadiusRequest + */ + public abstract int getReturnValue(); + + /** + * @param returnValue The new return value to set + */ + public abstract void setReturnValue(int returnValue); + + /** + * @return Returns the RADIUS Server "Configuration Items" as AttributeList + */ + public abstract AttributeList getConfigItems(); + + /** + * @return Returns an array of the RadiusPackets received + */ + public abstract RadiusPacket[] getPackets(); + + /** + * @param configItems The new "Configuration Items" to set in the RADIUS Server + */ + public abstract void setConfigItems(AttributeList configItems); + + /** + * @param packets The RadiusPacket array to return to the RADIUS Server + */ + public abstract void setPackets(RadiusPacket[] packets); + + /** + * Get the RadiusSession assinged to this JRadiusRequest + * @return Returns the session. + */ + public JRadiusSession getSession() + { + return session; + } + + /** + * Assign a RadiusSession to a JRadiusRequest + * @param session The session to set. + */ + public void setSession(JRadiusSession session) + { + this.session = session; + } + + /** + * @return Returns the sessionKey, if one exists + */ + public String getSessionKey() + { + if (session != null) return session.getSessionKey(); + return null; + } + + /** + * Convenience method, returns the Request RadiusPacket of a + * JRadiusRequest. This is the first packet in the packet array. + * @return a RadiusPacket containing the radius request + * @throws RadiusException + */ + public RadiusPacket getRequestPacket() + { + RadiusPacket p[] = getPackets(); + if (p.length == 0) + { + throw new RuntimeException("No Request packet in JRadiusRequest"); + } + return p[0]; + } + + /** + * Convenience method, returns the Reply RadiusPacket of a + * JRadiusRequest. This is the second packet in the packet array. + * Use hasReplyPacket() to ensure there is a reply packet in the JRadiusRequest. + * + * @return RadiusPacket containing the radius reply + * @throws RadiusException + */ + public RadiusPacket getReplyPacket() throws RadiusException + { + RadiusPacket p[] = getPackets(); + if (p.length < 2) + { + throw new RadiusException("No Reply packet in JRadiusRequest"); + } + return p[1]; + } + + public void setReplyPacket(RadiusPacket np) + { + RadiusPacket p[] = getPackets(); + p[1] = np; + } + + /** + * @return True if the JRadiusRequest has a reply packet + */ + public boolean hasReplyPacket() + { + return getPackets().length == 2; + } + + /** + * @return Returns true if the request is an Accounting-Request + */ + public boolean isAccountingRequest() + { + try + { + return (getRequestPacket() instanceof AccountingRequest); + } + catch (Exception e) + { + return false; + } + } + + /** + * Add an attribute to the reply by adding to the reply packet, if one, + * or the configItems. + * @param a The RadiusAttribute + */ + public void addReplyAttribute(RadiusAttribute a) + { + if (hasReplyPacket()) try { getReplyPacket().addAttribute(a); } catch (RadiusException e) {} + else getConfigItems().add(a); + } + + public void printDebugInfo(PrintStream out) + { + if (!Configuration.isDebug()) return; + + RadiusPacket[] rp = getPackets(); + + // debug info: + out.println("\n>>> packets in request from \"" + getSender() + "\":"); + + for (int i=0; i < rp.length; i++) + if (rp[i] != null) + { + System.out.println("--- packet " + (i+1) + " of " + rp.length); + System.out.println(rp[i].toString()); + } + + out.println("Configuration Items:"); + out.println(getConfigItems().toString()); + } + + public String toString() + { + StringBuffer sb = new StringBuffer("{"); + sb.append(" requester = ").append(getSender()); + sb.append(", type = ").append(getTypeString()); + sb.append(" }"); + return sb.toString(); + } +} diff --git a/core/src/main/java/net/jradius/server/JRadiusServer.java b/core/src/main/java/net/jradius/server/JRadiusServer.java new file mode 100644 index 0000000..a408fbd --- /dev/null +++ b/core/src/main/java/net/jradius/server/JRadiusServer.java @@ -0,0 +1,283 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server; + +import java.lang.reflect.InvocationTargetException; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; +import java.util.concurrent.BlockingQueue; +import java.util.concurrent.LinkedBlockingQueue; + +import org.springframework.beans.factory.InitializingBean; + +import net.jradius.handler.chain.JRCommand; +import net.jradius.log.RadiusLog; +import net.jradius.packet.attribute.AttributeDictionary; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.server.config.Configuration; +import net.jradius.server.config.DictionaryConfigurationItem; +import net.jradius.server.config.ListenerConfigurationItem; +import net.jradius.session.JRadiusSessionManager; + +/** + * Constants used in the server. This is currently too FreeRADIUS specific + * and that will change. + * + * @author David Bird + */ +public class JRadiusServer implements InitializingBean +{ + /** + * TODO: + * The following are taken from FreeRADIUS. JRadius should, however, + * define its own (non server specific) values here! + */ + public static final int JRADIUS_authenticate = 1; + public static final int JRADIUS_authorize = 2; + public static final int JRADIUS_preacct = 3; + public static final int JRADIUS_accounting = 4; + public static final int JRADIUS_checksimul = 5; + public static final int JRADIUS_pre_proxy = 6; + public static final int JRADIUS_post_proxy = 7; + public static final int JRADIUS_post_auth = 8; + public static final int JRADIUS_max_request_type = 8; /* the highest numbered request type */ + + public static final int RLM_MODULE_REJECT = 0; /* immediately reject the request */ + public static final int RLM_MODULE_FAIL = 1; /* module failed, don't reply */ + public static final int RLM_MODULE_OK = 2; /* the module is OK, continue */ + public static final int RLM_MODULE_HANDLED = 3; /* the module handled the request, so stop. */ + public static final int RLM_MODULE_INVALID = 4; /* the module considers the request invalid. */ + public static final int RLM_MODULE_USERLOCK = 5; /* reject the request (user is locked out) */ + public static final int RLM_MODULE_NOTFOUND = 6; /* user not found */ + public static final int RLM_MODULE_NOOP = 7; /* module succeeded without doing anything */ + public static final int RLM_MODULE_UPDATED = 8; /* OK (pairs modified) */ + public static final int RLM_MODULE_NUMCODES = 9; /* How many return codes there are */ + + private List processors; + private List listeners; + + private EventDispatcher eventDispatcher; + + /** + * Initializes a new JRadiusServer. The constructor calls initializeServer(), + * the initialization method that reads the configuration file and sets up + * processors and listeners. + * @throws SecurityException + * @throws IllegalArgumentException + * @throws ClassNotFoundException + * @throws NoSuchMethodException + * @throws InstantiationException + * @throws IllegalAccessException + * @throws InvocationTargetException + */ + public JRadiusServer() throws Exception + { + processors = new LinkedList(); + listeners = new LinkedList(); + } + + public JRadiusServer(EventDispatcher eventDispatcher) throws Exception + { + this(); + this.eventDispatcher = eventDispatcher; + } + + public void afterPropertiesSet() throws Exception + { + if (eventDispatcher == null) + eventDispatcher = new EventDispatcher(); + + initializeServer(); + } + + /** + * Start the JRadiusServer. Make sure the server is + * initialized first by calling initializeServer() + */ + public void start() + { + RadiusLog.info("Starting Event Dispatcher..."); + eventDispatcher.start(); + + RadiusLog.info("Starting Processors..."); + for (Iterator i = processors.iterator(); i.hasNext();) + { + Processor processor = (Processor) i.next(); + processor.start(); + RadiusLog.info(" Started processor " + processor.getName()); + } + RadiusLog.info("Processors succesfully started."); + + RadiusLog.info("Starting Listeners..."); + for (Iterator i = listeners.iterator(); i.hasNext();) + { + Listener listener = (Listener) i.next(); + listener.start(); + RadiusLog.info(" Started listener " + listener.getName()); + } + RadiusLog.info("Listeners succesfully started."); + } + + public void stop() + { + for (Iterator i = processors.iterator(); i.hasNext();) + { + Processor processor = (Processor) i.next(); + processor.stop(); + RadiusLog.info("Stopping processor " + processor.getName()); + } + + for (Iterator i = listeners.iterator(); i.hasNext();) + { + Listener listener = (Listener) i.next(); + listener.stop(); + RadiusLog.info("Stopping listener " + listener.getName()); + } + + JRadiusSessionManager.shutdownManagers(); + eventDispatcher.interrupt(); + } + + + /** + * Read the configuration and initialize the JRadiusServer + * @throws SecurityException + * @throws IllegalArgumentException + * @throws ClassNotFoundException + * @throws NoSuchMethodException + * @throws InstantiationException + * @throws IllegalAccessException + * @throws InvocationTargetException + */ + private void initializeServer() throws Exception + { + RadiusLog.info("Initializing JRadius Server...."); + for (Iterator i = Configuration.getDictionaryConfigs().iterator(); i.hasNext();) + { + DictionaryConfigurationItem dictionaryConfig = (DictionaryConfigurationItem) i.next(); + RadiusLog.info(" Loading dictionary: " + dictionaryConfig.getClassName()); + AttributeFactory.loadAttributeDictionary((AttributeDictionary)Configuration.getBean(dictionaryConfig.getClassName())); + } + for (ListenerConfigurationItem listenerConfig : Configuration.getListenerConfigs()) + { + LinkedBlockingQueue queue = new LinkedBlockingQueue(); + createListenerWithConfigAndQueue(listenerConfig, queue); + createProcessorsWithConfigAndQueue(listenerConfig, queue); + } + RadiusLog.info("JRadius Server succesfully Initialized."); + } + + + private void createProcessorsWithConfigAndQueue(ListenerConfigurationItem listenerConfig, BlockingQueue queue) throws Exception + { + for (int j = 0; j < listenerConfig.getNumberOfThreads(); j++) + { + Processor processor = newProcessorForName(listenerConfig.getProcessorClassName()); + processor.setRequestQueue(queue); + RadiusLog.info(" Created processor " + processor.getName()); + setPacketHandlersForProcessor(listenerConfig, processor); + setEventHandlersForProcessor(listenerConfig, eventDispatcher); + processor.setEventDispatcher(eventDispatcher); + processors.add(processor); + } + } + + private void setPacketHandlersForProcessor(ListenerConfigurationItem cfg, Processor processor) + { + List requestHandlers = cfg.getRequestHandlers(); + if (requestHandlers == null) + { + RadiusLog.debug("No packet handlers are configured, maybe using chains instead."); + return; + } + for (JRCommand handler : requestHandlers) + { + RadiusLog.info(" Packet handler " + handler.getClass().getName()); + } + processor.setRequestHandlers(requestHandlers); + } + + private void setEventHandlersForProcessor(ListenerConfigurationItem cfg, EventDispatcher dispatcher) + { + List eventHandlers = cfg.getEventHandlers(); + if (eventHandlers == null) + { + return; + } + for (JRCommand handler : eventHandlers) + { + RadiusLog.info(" Event handler " + handler.getClass().getName()); + } + dispatcher.setEventHandlers(eventHandlers); + } + + private void createListenerWithConfigAndQueue(ListenerConfigurationItem listenerConfig, BlockingQueue queue) throws Exception + { + Listener listener = newListenerWithConfig(listenerConfig); + listener.setRequestQueue(queue); + listeners.add(listener); + RadiusLog.info(" Created listener " + listener.getName()); + } + + private Listener newListenerWithConfig(ListenerConfigurationItem cfg) throws Exception + { + Listener listener = (Listener) Configuration.getBean(cfg.getClassName()); + listener.setConfiguration(cfg); + return listener; + } + + + private Processor newProcessorForName(String className) throws Exception + { + Processor processor = (Processor) Configuration.getBean(className); + return processor; + } + + public static String resultCodeToString(int resultCode) + { + switch(resultCode) + { + case RLM_MODULE_REJECT : return "REJECT"; + case RLM_MODULE_FAIL : return "FAIL"; + case RLM_MODULE_OK : return "OK"; + case RLM_MODULE_HANDLED : return "HANDLED"; + case RLM_MODULE_INVALID : return "INVALID"; + case RLM_MODULE_USERLOCK: return "USERLOCK"; + case RLM_MODULE_NOTFOUND: return "NOTFOUND"; + case RLM_MODULE_NOOP : return "NOOP"; + case RLM_MODULE_UPDATED : return "UPDATED"; + case RLM_MODULE_NUMCODES: return "NUMCODES"; + default: return "UNKNOWN"; + } + } + + public void setEventDispatcher(EventDispatcher eventDispatcher) + { + this.eventDispatcher = eventDispatcher; + } + + public EventDispatcher getEventDispatcher() + { + return eventDispatcher; + } +} diff --git a/core/src/main/java/net/jradius/server/JRadiusThread.java b/core/src/main/java/net/jradius/server/JRadiusThread.java new file mode 100644 index 0000000..6ed80cb --- /dev/null +++ b/core/src/main/java/net/jradius/server/JRadiusThread.java @@ -0,0 +1,42 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server; + +/** + * Thread manager for JRadius. + * @author David Bird + */ +public class JRadiusThread extends Thread +{ + private static int threadCount = 0; + private synchronized int getThreadNumber() { return ++threadCount; } + + public JRadiusThread() + { + setName(this.getClass().getName() + "(" + getThreadNumber() + ")"); + } + + public JRadiusThread(Runnable runnable) + { + super(runnable); + setName(this.getClass().getName() + "(" + getThreadNumber() + ")"); + } +} diff --git a/core/src/main/java/net/jradius/server/KeepAliveListener.java b/core/src/main/java/net/jradius/server/KeepAliveListener.java new file mode 100644 index 0000000..a056b13 --- /dev/null +++ b/core/src/main/java/net/jradius/server/KeepAliveListener.java @@ -0,0 +1,73 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server; + +import java.net.Socket; +import java.util.concurrent.BlockingQueue; + +/** + * @author David Bird + */ +public class KeepAliveListener extends JRadiusThread +{ + private Socket socket; + private TCPListener listener; + private BlockingQueue queue; + + public KeepAliveListener(Socket socket, TCPListener listener, BlockingQueue queue) + { + this.socket = socket; + this.listener = listener; + this.queue = queue; + } + + public void run() + { + try + { + while (true) + { + queue.put(new TCPListenerRequest(socket, listener, true)); + } + } + catch (Exception e) + { + e.printStackTrace(); + } + + shutdown(); + + listener.deadKeepAliveListener(this); + } + + public void shutdown() + { + if (socket == null) return; + try { socket.shutdownInput(); } + catch (Exception e) { } + try { socket.shutdownOutput(); } + catch (Exception e) { } + try { socket.close(); } + catch (Exception e) { } + socket = null; + } +} + diff --git a/core/src/main/java/net/jradius/server/Listener.java b/core/src/main/java/net/jradius/server/Listener.java new file mode 100644 index 0000000..44066d3 --- /dev/null +++ b/core/src/main/java/net/jradius/server/Listener.java @@ -0,0 +1,24 @@ +package net.jradius.server; + +import java.io.IOException; +import java.io.InputStream; +import java.util.concurrent.BlockingQueue; + +import net.jradius.exception.RadiusException; +import net.jradius.server.config.ListenerConfigurationItem; + +public interface Listener { + + public void setConfiguration(ListenerConfigurationItem cfg) throws Exception; + + public void setRequestQueue(BlockingQueue queue); + + public String getName(); + + public JRadiusEvent parseRequest(InputStream inputStream) throws IOException, RadiusException; + + public void start(); + + public void stop(); + +} diff --git a/core/src/main/java/net/jradius/server/ListenerRequest.java b/core/src/main/java/net/jradius/server/ListenerRequest.java new file mode 100644 index 0000000..1c9d692 --- /dev/null +++ b/core/src/main/java/net/jradius/server/ListenerRequest.java @@ -0,0 +1,66 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (C) 2006-2007 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; + +import net.jradius.exception.RadiusException; + +/** + * @author David Bird + */ +public abstract class ListenerRequest +{ + protected JRadiusEvent event; + protected Listener listener; + + public ListenerRequest(Listener listener) + { + this.listener = listener; + } + + public abstract InputStream getInputStream() throws IOException; + + public abstract OutputStream getOutputStream() throws IOException; + + public Listener getListener() + { + return listener; + } + + public JRadiusEvent getEventFromListener() throws IOException, RadiusException + { + JRadiusEvent e = listener.parseRequest(getInputStream()); + e.setListener(listener); + return e; + } + + public JRadiusEvent getRequestEvent() throws IOException, RadiusException + { + if (event == null) + event = getEventFromListener(); + + return event; + } +} diff --git a/core/src/main/java/net/jradius/server/Main.java b/core/src/main/java/net/jradius/server/Main.java new file mode 100644 index 0000000..d59cedc --- /dev/null +++ b/core/src/main/java/net/jradius/server/Main.java @@ -0,0 +1,137 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server; + +import java.io.File; +import java.io.FileNotFoundException; +import java.lang.reflect.InvocationTargetException; + +import net.jradius.server.config.Configuration; + +import org.apache.commons.configuration.ConfigurationException; + +/** + * Main for JRadius server. Reads a configuration file and starts + * the JRadius server. + * + * @author Gert Jan Verhoog + */ +public final class Main +{ + public static void main(String[] args) + { + if (args.length != 1) + { + showUsage(); + System.exit(1); + } + + String configFilePath = args[0]; + + try + { + File file = new File(configFilePath); + Configuration.initialize(file); + JRadiusServer server = new JRadiusServer(); + server.start(); + } + catch (FileNotFoundException e) + { + System.err.println("Error: The configuration file '" + configFilePath + "' does not exist."); + } + catch (ConfigurationException e1) + { + System.err.println("Error: The configuration file could not be read," + + " because the file contains an error: " + + e1.getMessage()); + showStackTrace(e1); + } + catch (SecurityException e2) + { + System.err.println("Error: The configuration file could not be read," + + " because a security error occurred: " + + e2.getMessage()); + showStackTrace(e2); + } + catch (IllegalArgumentException e3) + { + System.err.println("Error: The configuration file could not be read," + + " because an illegal argument error occurred: " + + e3.getMessage()); + showStackTrace(e3); + } + catch (ClassNotFoundException e4) + { + System.err.println("Error: The configuration file could not be read," + + " because a class specified in the configuration file could not be found: " + + e4.getMessage()); + showStackTrace(e4); + } + catch (NoSuchMethodException e5) + { + System.err.println("Error: The configuration file could not be read," + + " because a method does not exist in a class specified in the configuration file: " + + e5.getMessage()); + showStackTrace(e5); + } + catch (InstantiationException e6) + { + System.err.println("Error: The configuration file could not be read," + + " because an object specified in the configuration file could not be instantiated: " + + e6.getMessage()); + showStackTrace(e6); + } + catch (IllegalAccessException e7) + { + System.err.println("Error: The configuration file could not be read," + + " because an illegal access error occurred: " + + e7.getMessage()); + showStackTrace(e7); + } + catch (InvocationTargetException e8) + { + System.err.println("Error: The configuration file could not be read," + + " because an invocation target exception was thrown: " + + e8.getMessage()); + showStackTrace(e8); + } + catch (Exception e) + { + e.printStackTrace(); + } + return; + } + + private static void showStackTrace(Exception e) + { + System.err.println("--- stack trace: ------------------------------"); + e.printStackTrace(System.err); + System.err.println("--- end of stack trace. -----------------------"); + } + + + private static void showUsage() + { + System.err.println("Usage: jradius "); + System.err.println(" where is the filename of the configuration file."); + } +} diff --git a/core/src/main/java/net/jradius/server/Processor.java b/core/src/main/java/net/jradius/server/Processor.java new file mode 100644 index 0000000..731941f --- /dev/null +++ b/core/src/main/java/net/jradius/server/Processor.java @@ -0,0 +1,149 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server; + +import java.io.IOException; +import java.util.List; +import java.util.concurrent.BlockingQueue; + +import net.jradius.exception.RadiusException; +import net.jradius.handler.chain.JRCommand; +import net.jradius.log.RadiusLog; + +import org.springframework.context.ApplicationContext; +import org.springframework.context.ApplicationContextAware; + + +/** + * Base abstract class of all Processors + * + * @author Gert Jan Verhoog + * @author David Bird + */ +public abstract class Processor extends JRadiusThread implements ApplicationContextAware +{ + protected ApplicationContext applicationContext; + private EventDispatcher eventDispatcher; + private List requestHandlers; + private BlockingQueue queue; + private boolean active = true; + + public Processor() + { + super(); + } + + /** + * Sets the request queue for this listener + * + * @param q the RequestQueue; + */ + public void setRequestQueue(BlockingQueue q) + { + queue = q; + } + + public BlockingQueue getRequestQueue() + { + return queue; + } + + public EventDispatcher getEventDispatcher() + { + return eventDispatcher; + } + + public void setEventDispatcher(EventDispatcher eventDispatcher) + { + this.eventDispatcher = eventDispatcher; + } + + public void setRequestHandlers(List handlers) + { + requestHandlers = handlers; + } + + public List getRequestHandlers() + { + return requestHandlers; + } + + protected abstract void processRequest(ListenerRequest listenerRequest) throws IOException, RadiusException; + + public void run() + { + while (isActive()) + { + try + { + Thread.yield(); + process(); + } + catch (InterruptedException e) + { + return; + } + catch (Throwable e) + { + System.err.println(getName() + ": process() method threw an exception: " + e); + RadiusLog.error(e.getMessage()); + e.printStackTrace(); + } + } + } + + public void process() throws Exception, InterruptedException + { + Object queueElement = getRequestQueue().take(); + + if (!(queueElement instanceof ListenerRequest)) + { + throw new IllegalArgumentException("Expected ListenerRequest but found " + queueElement.getClass().getName()); + } + + processRequest((ListenerRequest)queueElement); + } + + public ApplicationContext getApplicationContext() + { + return applicationContext; + } + + public void setApplicationContext(ApplicationContext applicationContext) + { + this.applicationContext = applicationContext; + } + + public boolean isActive() + { + return active; + } + + public void setActive(boolean active) + { + this.active = active; + if (!active) + { + interrupt(); + } + } +} diff --git a/core/src/main/java/net/jradius/server/RadiusProcessor.java b/core/src/main/java/net/jradius/server/RadiusProcessor.java new file mode 100644 index 0000000..a75a9a0 --- /dev/null +++ b/core/src/main/java/net/jradius/server/RadiusProcessor.java @@ -0,0 +1,189 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (C) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server; + +import java.util.List; + +import net.jradius.exception.RadiusException; +import net.jradius.exception.RadiusSecurityException; +import net.jradius.handler.chain.JRCommand; +import net.jradius.log.RadiusLog; +import net.jradius.server.event.HandlerLogEvent; +import net.jradius.session.JRadiusSession; +import net.jradius.session.JRadiusSessionManager; + + +/** + * Base abstract class of all RadiusProcessors + * + * @author David Bird + */ +public abstract class RadiusProcessor extends Processor +{ + public RadiusProcessor() + { + super(); + } + + abstract protected void logReturnCode(int result, JRCommand handler); + + protected int handleRadiusException(JRadiusRequest request, RadiusException e) + { + JRadiusSession session = request.getSession(); + String error = e.getMessage(); + RadiusLog.error(error); + + if (session != null) + { + try + { + session.getLogEntry(request).addMessage(error); + } + catch (RadiusException re) + { + RadiusLog.problem(request, session, re, re.getMessage()); + } + // lets not remove the session and let it expire, or maybe + // this was a RADIUS retransmission that should simply be forgotten + //session.setSessionState(JRadiusSession.RADIUS_ERROR); + //sessionManager.removeSession(session); + } + + return (e instanceof RadiusSecurityException) ? JRadiusServer.RLM_MODULE_REJECT : JRadiusServer.RLM_MODULE_FAIL; + } + + protected int runPacketHandlers(JRadiusRequest request) + { + List handlers = getRequestHandlers(); + + int result = JRadiusServer.RLM_MODULE_NOOP; + boolean exceptionThrown = false; + + RadiusLog.debug("Processing JRadiusRequest: " + request.toString()); + + if (handlers == null) return result; + + JRadiusSessionManager sessionManager = JRadiusSessionManager.getManager(request.getSender()); + + if (sessionManager == null) + { + RadiusLog.error("No JRadiusSessionManager for request: " + request.toString()); + return result; + } + + JRadiusSession session = request.getSession(); + + if (session == null) + { + try + { + session = sessionManager.getSession(request); + } + catch (RadiusException e) + { + String error = e.getMessage(); + String mesg = "Rejecting request: "+request.getRequestPacket().toString(); + + RadiusLog.warn(mesg + ": " + error); + RadiusLog.problem(request, null, e, mesg); + return JRadiusServer.RLM_MODULE_REJECT; + } + } + + if (session == null) + { + RadiusLog.error("Unable to create session"); + return JRadiusServer.RLM_MODULE_REJECT; + } + + request.setSession(session); + + sessionManager.lock(session); + try + { + for (JRCommand handler : handlers) + { + boolean stop = false; + try + { + if (handler.doesHandle(request)) + { + stop = handler.execute(request); + result = request.getReturnValue(); + logReturnCode(result, handler); + if (stop) break; + } + } + catch (RadiusException e) + { + exceptionThrown = true; + result = handleRadiusException(request, e); + logReturnCode(result, handler); + break; + } + catch (Throwable e) + { + exceptionThrown = true; + e.printStackTrace(); + String error = e.getMessage(); + RadiusLog.error("Handler " + handler.getName() + " threw throwable: " + error); + result = JRadiusServer.RLM_MODULE_FAIL; + logReturnCode(result, handler); + break; + } + } + + if (session != null && !exceptionThrown) + { + try + { + session.onPostProcessing(request); + } + catch (RadiusException e) + { + result = handleRadiusException(request, e); + } + catch (Throwable e) + { + e.printStackTrace(); + RadiusLog.error("onPostProcessing threw throwable: " + e.getMessage()); + result = JRadiusServer.RLM_MODULE_FAIL; + } + } + + if (result == JRadiusServer.RLM_MODULE_REJECT && request.isAccountingRequest()) + { + RadiusLog.debug("Ack'ing AccountingRequest that was rejected"); + result = JRadiusServer.RLM_MODULE_OK; + } + + // Send a log-event to the event-dispatcher + HandlerLogEvent log = new HandlerLogEvent(request, request.getSessionKey(), result); + getEventDispatcher().post(log); + } + finally + { + sessionManager.unlock(session); + } + return result; + } +} diff --git a/core/src/main/java/net/jradius/server/TCPListener.java b/core/src/main/java/net/jradius/server/TCPListener.java new file mode 100644 index 0000000..dd42879 --- /dev/null +++ b/core/src/main/java/net/jradius/server/TCPListener.java @@ -0,0 +1,310 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server; + +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.ServerSocket; +import java.net.Socket; +import java.security.KeyManagementException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.Security; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; +import java.util.concurrent.BlockingQueue; + +import javax.net.ServerSocketFactory; +import javax.net.ssl.KeyManager; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactory; +import javax.net.ssl.X509TrustManager; + +import net.jradius.exception.RadiusException; +import net.jradius.log.RadiusLog; +import net.jradius.server.config.ListenerConfigurationItem; + +/** + * The base abstract class of all Listeners + * + * @author Gert Jan Verhoog + * @author David Bird + */ +public abstract class TCPListener extends JRadiusThread implements Listener +{ + private boolean active = false; + protected ListenerConfigurationItem config; + protected BlockingQueue queue; + + private int port = 1814; + private int backlog = 1024; + private boolean usingSSL = false; + private boolean keepAlive; + private ServerSocket serverSocket; + + private List keepAliveListeners = new LinkedList(); + + public abstract JRadiusEvent parseRequest(InputStream inputStream) throws IOException, RadiusException; + + public void setConfiguration(ListenerConfigurationItem cfg) + { + try { + setConfiguration(cfg, false); + } catch (Exception e) { + e.printStackTrace(); + } + } + + public void setConfiguration(ListenerConfigurationItem cfg, boolean noKeepAlive) + throws KeyStoreException, NoSuchAlgorithmException, CertificateException, + UnrecoverableKeyException, KeyManagementException, IOException + { + keepAlive = !noKeepAlive; + config = cfg; + + Map props = config.getProperties(); + + String s = (String) props.get("port"); + if (s != null) port = new Integer(s).intValue(); + + s = (String) props.get("backlog"); + if (s != null) backlog = new Integer(s).intValue(); + + if (keepAlive) + { + s = (String) props.get("keepAlive"); + if (s != null) keepAlive = new Boolean(s).booleanValue(); + } + + String useSSL = (String) props.get("useSSL"); + String trustAll = (String) props.get("trustAll"); + + if ("true".equalsIgnoreCase(useSSL)) + { + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + KeyManager[] keyManagers = null; + TrustManager[] trustManagers = null; + + String keystore = (String) props.get("keyStore"); + String keystoreType = (String) props.get("keyStoreType"); + String keystorePassword = (String) props.get("keyStorePassword"); + String keyPassword = (String) props.get("keyPassword"); + + if (keystore != null) + { + if (keystoreType == null) keystoreType = "pkcs12"; + + KeyStore ks = KeyStore.getInstance(keystoreType); + ks.load(new FileInputStream(keystore), keystorePassword == null ? null : keystorePassword.toCharArray()); + + KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); + kmf.init(ks, keyPassword == null ? null : keyPassword.toCharArray()); + keyManagers = kmf.getKeyManagers(); + } + + if ("true".equalsIgnoreCase(trustAll)) + { + trustManagers = new TrustManager[]{ new X509TrustManager() + { + public void checkClientTrusted(X509Certificate[] chain, String authType) + { + + } + public void checkServerTrusted(X509Certificate[] chain, String authType) + { + + } + public X509Certificate[] getAcceptedIssuers() + { + return new X509Certificate[0]; + } + }}; + } + else + { + keystore = (String) props.get("caStore"); + keystoreType = (String) props.get("caStoreType"); + keystorePassword = (String) props.get("caStorePassword"); + + if (keystore != null) + { + if (keystoreType == null) keystoreType = "pkcs12"; + + KeyStore caKeys = KeyStore.getInstance(keystoreType); + caKeys.load(new FileInputStream(keystore), keystorePassword == null ? null : keystorePassword.toCharArray()); + TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); + tmf.init(caKeys); + trustManagers = tmf.getTrustManagers(); + } + } + + SSLContext sslContext = SSLContext.getInstance("SSLv3"); + sslContext.init(keyManagers, trustManagers, null); + + ServerSocketFactory socketFactory = sslContext.getServerSocketFactory(); + serverSocket = socketFactory.createServerSocket(port, backlog); + usingSSL = true; + } + else + { + serverSocket = new ServerSocket(port, backlog); + } + + serverSocket.setReuseAddress(true); + setActive(serverSocket != null); + } + + /** + * Sets the request queue for this listener + * + * @param q the RequestQueue; + */ + public void setRequestQueue(BlockingQueue q) + { + queue = q; + } + + /** + * Sets the listeners ConfigurationItem + * @param cfg a configuration item + */ + public void setListenerConfigurationItem(ListenerConfigurationItem cfg) + { + config = cfg; + this.setName(config.getName()); + } + + /** + * Listen for one object and place it on the request queue + */ + public void listen() throws IOException, InterruptedException, RadiusException + { + RadiusLog.debug("Listening on socket..."); + Socket socket = serverSocket.accept(); + if (keepAlive) + { + KeepAliveListener keepAliveListener = new KeepAliveListener(socket, this, queue); + keepAliveListener.start(); + + synchronized (keepAliveListeners) + { + keepAliveListeners.add(keepAliveListener); + } + } + else + { + queue.put(new TCPListenerRequest(socket, this, false)); + } + } + + public void deadKeepAliveListener(KeepAliveListener keepAliveListener) + { + } + + public boolean isActive() + { + return active; + } + + public void setActive(boolean active) + { + this.active = active; + if (!active) + { + for (KeepAliveListener listener : keepAliveListeners) + { + try { listener.shutdown(); } + catch (Exception e) { e.printStackTrace(); } + } + for (KeepAliveListener listener : keepAliveListeners) + { + try { listener.interrupt(); } + catch (Exception e) { e.printStackTrace(); } + } + keepAliveListeners.clear(); + try { serverSocket.close(); } + catch (Exception e) { e.printStackTrace(); } + interrupt(); + } + } + + /** + * The thread's run method repeatedly calls listen() + */ + public void run() + { + while (isActive()) + { + try + { + Thread.yield(); + listen(); + } + catch (Throwable e) + { + System.err.println("The Listener's listen() method threw an exception: " + e); + RadiusLog.error(e.getMessage()); + e.printStackTrace(); + } + } + + RadiusLog.error("Listener: " + this.getClass().getName() + " exiting (not active)"); + } + + public boolean isUsingSSL() + { + return usingSSL; + } + + public boolean isKeepAlive() + { + return keepAlive; + } + + public void setBacklog(int backlog) + { + this.backlog = backlog; + } + + public void setKeepAlive(boolean keepAlive) + { + this.keepAlive = keepAlive; + } + + public void setPort(int port) + { + this.port = port; + } + + public void setUsingSSL(boolean usingSSL) + { + this.usingSSL = usingSSL; + } +} diff --git a/core/src/main/java/net/jradius/server/TCPListenerRequest.java b/core/src/main/java/net/jradius/server/TCPListenerRequest.java new file mode 100644 index 0000000..1539358 --- /dev/null +++ b/core/src/main/java/net/jradius/server/TCPListenerRequest.java @@ -0,0 +1,63 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (C) 2006-2007 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.net.Socket; + +import net.jradius.exception.RadiusException; + +/** + * @author David Bird + */ +public class TCPListenerRequest extends ListenerRequest +{ + private Socket socket; + + public TCPListenerRequest(Socket socket, Listener listener, boolean getEvent) throws IOException, RadiusException + { + super(listener); + this.socket = socket; + + if (getEvent) + { + this.event = getEventFromListener(); + } + } + + public InputStream getInputStream() throws IOException + { + return socket.getInputStream(); + } + + public OutputStream getOutputStream() throws IOException + { + return socket.getOutputStream(); + } + + public Socket getSocket() + { + return socket; + } +} diff --git a/core/src/main/java/net/jradius/server/config/Configuration.java b/core/src/main/java/net/jradius/server/config/Configuration.java new file mode 100644 index 0000000..51bcb12 --- /dev/null +++ b/core/src/main/java/net/jradius/server/config/Configuration.java @@ -0,0 +1,509 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server.config; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.util.Collection; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; + +import net.jradius.handler.chain.JRCommand; +import net.jradius.handler.chain.JRConfigParser; +import net.jradius.log.RadiusLog; +import net.jradius.log.RadiusLogger; +import net.jradius.realm.JRadiusRealmManager; +import net.jradius.realm.RealmFactory; +import net.jradius.session.JRadiusSessionManager; +import net.jradius.session.SessionFactory; +import net.jradius.session.SessionKeyProvider; + +import org.apache.commons.chain.Catalog; +import org.apache.commons.chain.CatalogFactory; +import org.apache.commons.chain.Command; +import org.apache.commons.configuration.ConfigurationException; +import org.apache.commons.configuration.HierarchicalConfiguration; +import org.springframework.beans.factory.BeanFactory; +import org.springframework.beans.factory.InitializingBean; + +/** + * Reads JRadius configuration options and provides methods to access them + * + * @author Gert Jan Verhoog + * @author David Bird + */ +public class Configuration +{ + private static XMLConfiguration xmlCfg; + private static HierarchicalConfiguration.Node root; + + private static boolean debug; + private static int timeoutSeconds; + private static File configFile; + private static Map listeners = new LinkedHashMap(); + private static Map packetHandlers = new LinkedHashMap(); + private static Map eventHandlers = new LinkedHashMap(); + private static Map dictionaries = new LinkedHashMap(); + + private static BeanFactory beanFactory; + private static JRConfigParser parser = new JRConfigParser(); + private static CatalogFactory factory = CatalogFactory.getInstance(); + private static LogConfigurationItem logConfig; + + public static void initialize(File file) throws FileNotFoundException, ConfigurationException + { + configFile = file; + initialize(new FileInputStream(file), null); + } + + public static void initialize(InputStream input, BeanFactory factory) throws FileNotFoundException, ConfigurationException + { + beanFactory = factory; + xmlCfg = new XMLConfiguration(new InputStreamReader(input)); + root = xmlCfg.getRoot(); + + RadiusLog.info("Configuring JRadius Server...."); + + setLogConfig(); + setGeneralOptions(); + setRealmManagerConfig(); + setSessionManagerConfig(); + setDictionaryConfigs(); + setPacketHandlersConfigs(); + setEventHandlersConfigs(); + setListenerConfigs(); + } + + /** + * Corresponds to the <debug>true/false</debug> configuration + * option. If set to true, generate log messages for debugging. + * @return true if debugging messages should be generated. + */ + public static boolean isDebug() + { + return debug; + } + + /** + * @return configuration file directory + */ + public static String getConfigFileDir() + { + if (configFile == null) return "."; + String configFileDir = configFile.getParent(); + if (configFileDir == null) return "."; + return configFileDir; + } + + /** + * A collection of PacketHandlerConfigurationItems, corresponding + * to the <packet-handler> elements in the configuration file. + * @return A collection of PacketHandlerConfigurationItems + */ + public static Collection getPacketHandlers() + { + return packetHandlers.values(); + } + + /** + * A collection of HandlerConfigurationItems, corresponding + * to the <event-handler> elements in the configuration file. + * @return A collection of HandlerConfigurationItems + */ + public static Collection getEventHandlers() + { + return eventHandlers.values(); + } + + public static PacketHandlerConfigurationItem packetHandlerConfigurationForName(String name) + { + return (PacketHandlerConfigurationItem) packetHandlers.get(name); + } + + public static HandlerConfigurationItem eventHandlerConfigurationForName(String name) + { + return (HandlerConfigurationItem) eventHandlers.get(name); + } + + public static JRCommand packetHandlerForName(String name) + { + // XXX: our getCommand() will be replaced with factory.getCommand() + return (JRCommand)getCommand(name); + } + + public static JRCommand eventHandlerForName(String name) + { + // XXX: our getCommand() will be replaced with factory.getCommand() + return (JRCommand)getCommand(name); + } + + public static Command getCommand(String commandID) throws IllegalArgumentException + { + // XXX: This function taken from CVS version of CatalogFactory + String DELIMITER = ":"; + String commandName = commandID; + String catalogName = null; + Catalog catalog = null; + + if (commandID != null) + { + int splitPos = commandID.indexOf(DELIMITER); + if (splitPos != -1) + { + catalogName = commandID.substring(0, splitPos); + commandName = commandID.substring(splitPos + DELIMITER.length()); + if (commandName.indexOf(DELIMITER) != -1) + { + throw new IllegalArgumentException("commandID [" + commandID + "] has too many delimiters (reserved for future use)"); + } + } + } + + if (catalogName != null) + { + catalog = factory.getCatalog(catalogName); + if (catalog == null) + { + RadiusLog.warn("No catalog found for name: " + catalogName + "."); + return null; + } + } + else + { + catalog = factory.getCatalog(); + if (catalog == null) + { + RadiusLog.warn("No default catalog found."); + return null; + } + } + + return catalog.getCommand(commandName); + } + + /** + * A collection of ListenerConfigurationItems, corresponding + * to the <listener> elements in the configuration file. + * @return A collection of ListenerConfigurationItems + */ + public static Collection getListenerConfigs() + { + return listeners.values(); + } + + public static ListenerConfigurationItem listenerConfigurationForName(String name) + { + return (ListenerConfigurationItem) listeners.get(name); + } + + /** + * A collection of DictionaryConfigurationItems, corresponding + * to the <load-dictionaries> elements in the configuration file. + * @return A collection of DictionaryConfigurationItems + */ + public static Collection getDictionaryConfigs() + { + return dictionaries.values(); + } + + public static DictionaryConfigurationItem dictionaryConfigurationForName(String name) + { + return (DictionaryConfigurationItem) dictionaries.get(name); + } + + /** + * The number of seconds to wait for packets, corresponding to + * the <timeout> option in the configuration file. If + * this is 0 (zero), wait indefinately (i.e. waiting will + * never time out). + * @return The number of seconds to wait for packets + */ + public static int getTimeoutSeconds() + { + return timeoutSeconds; + } + + private static void setGeneralOptions() + { + debug = xmlCfg.getConfigBoolean("debug"); + timeoutSeconds = xmlCfg.getConfigInt("timeout"); + + List children = root.getChildren("chain-catalog"); + + HierarchicalConfiguration.Node node; + for (Iterator i = children.iterator(); i.hasNext();) + { + node = (HierarchicalConfiguration.Node)i.next(); + xmlCfg.setRoot(node); + + String catalogURL = xmlCfg.getConfigString("name"); + + if (catalogURL != null) + { + try + { + ClassLoader classLoader = Thread.currentThread().getContextClassLoader(); + RadiusLog.debug("Loading Chains URL: " + catalogURL); + parser.parse(classLoader.getResource(catalogURL)); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + xmlCfg.setRoot(root); + } + } + + private static void setDictionaryConfigs() + { + List children = root.getChildren(DictionaryConfigurationItem.XML_KEY); + HierarchicalConfiguration.Node node; + for (Iterator i = children.iterator(); i.hasNext();) + { + node = (HierarchicalConfiguration.Node)i.next(); + xmlCfg.setRoot(node); + DictionaryConfigurationItem item = new DictionaryConfigurationItem(node, xmlCfg); + dictionaries.put(item.getName(), item); + xmlCfg.setRoot(root); + } + } + + private static void setLogConfig() + { + List children = root.getChildren(LogConfigurationItem.XML_KEY); + HierarchicalConfiguration.Node node; + for (Iterator i = children.iterator(); i.hasNext();) + { + node = (HierarchicalConfiguration.Node)i.next(); + xmlCfg.setRoot(node); + if (logConfig != null) + { + RadiusLog.warn("A RadiusLogger is already configured, skipping configuration"); + return; + } + + logConfig = new LogConfigurationItem(node, xmlCfg); + + // Setup the new logger now so that the rest of the configuration + // takes use of the new logger. + try + { + RadiusLogger logger = (RadiusLogger)Configuration.getBean(logConfig.getClassName()); + RadiusLog.setRadiusLogger(logger); + RadiusLog.info(" Configuring RadiusLogger " + logConfig.getName() + ": " + logger.getClass().getName()); + } + catch (Exception e) + { + RadiusLog.error(e.getMessage()); + logConfig = null; + } + + xmlCfg.setRoot(root); + } + } + + private static void setPacketHandlersConfigs() + { + List list = root.getChildren(PacketHandlerConfigurationItem.XML_LIST_KEY); + HierarchicalConfiguration.Node node; + for (Iterator l = list.iterator(); l.hasNext();) + { + node = (HierarchicalConfiguration.Node)l.next(); + List children = node.getChildren(PacketHandlerConfigurationItem.XML_KEY); + for (Iterator i = children.iterator(); i.hasNext();) + { + node = (HierarchicalConfiguration.Node)i.next(); + xmlCfg.setRoot(node); + PacketHandlerConfigurationItem item = new PacketHandlerConfigurationItem(node, xmlCfg); + packetHandlers.put(item.getName(),item); + xmlCfg.setRoot(root); + } + } + } + + private static void setEventHandlersConfigs() + { + List list = root.getChildren(HandlerConfigurationItem.XML_LIST_KEY); + HierarchicalConfiguration.Node node; + for (Iterator l = list.iterator(); l.hasNext();) + { + node = (HierarchicalConfiguration.Node)l.next(); + List children = node.getChildren(HandlerConfigurationItem.XML_KEY); + for (Iterator i = children.iterator(); i.hasNext();) + { + node = (HierarchicalConfiguration.Node)i.next(); + xmlCfg.setRoot(node); + HandlerConfigurationItem item = new HandlerConfigurationItem(node, xmlCfg); + eventHandlers.put(item.getName(),item); + xmlCfg.setRoot(root); + } + } + } + + private static void setListenerConfigs() + { + List list = root.getChildren(ListenerConfigurationItem.XML_LIST_KEY); + HierarchicalConfiguration.Node node; + for (Iterator l = list.iterator(); l.hasNext();) + { + node = (HierarchicalConfiguration.Node)l.next(); + List children = node.getChildren(ListenerConfigurationItem.XML_KEY); + for (Iterator i = children.iterator(); i.hasNext();) + { + node = (HierarchicalConfiguration.Node)i.next(); + xmlCfg.setRoot(node); + ListenerConfigurationItem item = new ListenerConfigurationItem(node, xmlCfg); + listeners.put(item.getName(),item); + xmlCfg.setRoot(root); + } + } + } + + private static final String SESSION_MANAGER_KEY = "session-manager"; + private static final String REALM_MANAGER_KEY = "realm-manager"; + private static final String REQUESTER_KEY = "requester"; + private static final String KEY_PROVIDER_KEY = "key-provider"; + private static final String SESSION_FACTORY_KEY = "session-factory"; + private static final String REALM_FACTORY_KEY = "realm-factory"; + + private static void setSessionManagerConfig() + { + List list = root.getChildren(SESSION_MANAGER_KEY); + + RadiusLog.info(" Initializing session manager"); + + HierarchicalConfiguration.Node node; + for (Iterator l = list.iterator(); l.hasNext();) + { + node = (HierarchicalConfiguration.Node)l.next(); + xmlCfg.setRoot(node); + + String clazz = xmlCfg.getConfigString("class"); + String requester = xmlCfg.getConfigString(REQUESTER_KEY); + String keyProvider = xmlCfg.getConfigString(KEY_PROVIDER_KEY); + String sessionFactory = xmlCfg.getConfigString(SESSION_FACTORY_KEY); + + if (clazz != null) + { + try + { + RadiusLog.info(" Session Manager (" + requester + "): " + clazz); + JRadiusSessionManager manager = (JRadiusSessionManager) getBean(clazz); + JRadiusSessionManager.setManager(requester, manager); + } + catch (Exception e) + { + RadiusLog.error(e.getMessage()); + } + } + + if (keyProvider != null) + { + try + { + RadiusLog.info(" Session Key Provider (" + requester + "): " + keyProvider); + SessionKeyProvider provider = (SessionKeyProvider) getBean(keyProvider); + JRadiusSessionManager.getManager(requester).setSessionKeyProvider(requester, provider); + } + catch (Exception e) + { + RadiusLog.error(e.getMessage()); + } + } + + if (sessionFactory != null) + { + try + { + RadiusLog.info(" Session Factory (" + requester + "): " + sessionFactory); + SessionFactory factory = (SessionFactory) getBean(sessionFactory); + factory.setConfig(xmlCfg, node); + JRadiusSessionManager.getManager(requester).setSessionFactory(requester, factory); + } + catch (Exception e) + { + RadiusLog.error(e.getMessage()); + } + } + } + } + + public static Object getBean(String name) throws IllegalAccessException, ClassNotFoundException, InstantiationException + { + Object o = null; + if (name.startsWith("bean:")) + { + String s[] = name.split(":"); + o = beanFactory.getBean(s[1]); + } + else + { + Class clazz = Class.forName(name); + o = clazz.newInstance(); + if (o instanceof InitializingBean) + { + try { ((InitializingBean)o).afterPropertiesSet(); } + catch (Exception e) { e.printStackTrace(); } + } + } + return o; + } + + private static void setRealmManagerConfig() + { + List list = root.getChildren(REALM_MANAGER_KEY); + + RadiusLog.info(" Initializing realm manager"); + + HierarchicalConfiguration.Node node; + for (Iterator l = list.iterator(); l.hasNext();) + { + node = (HierarchicalConfiguration.Node)l.next(); + xmlCfg.setRoot(node); + + String requester = xmlCfg.getConfigString(REQUESTER_KEY); + String realmFactory = xmlCfg.getConfigString(REALM_FACTORY_KEY); + + if (realmFactory != null) + { + try + { + RadiusLog.info(" Realm Factory (" + requester + "): " + realmFactory); + RealmFactory factory = (RealmFactory) getBean(realmFactory); + factory.setConfig(xmlCfg, node); + JRadiusRealmManager.getManager().setRealmFactory(requester, factory); + } + catch (Exception e) + { + RadiusLog.error(e.getMessage()); + } + } + } + } +} diff --git a/core/src/main/java/net/jradius/server/config/ConfigurationItem.java b/core/src/main/java/net/jradius/server/config/ConfigurationItem.java new file mode 100644 index 0000000..5a19fa1 --- /dev/null +++ b/core/src/main/java/net/jradius/server/config/ConfigurationItem.java @@ -0,0 +1,178 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server.config; + +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; + +import org.apache.commons.configuration.HierarchicalConfiguration; + +/** + * Base class for packet filter and listener configurations. This + * abstract class provides common methods for both configurations, + * since they are very similar in nature. + * + * @author Gert Jan Verhoog + * @author David Bird + * @see PacketHandlerConfigurationItem + * @see ListenerConfigurationItem + */ +public abstract class ConfigurationItem +{ + protected XMLConfiguration hcfg; + protected HierarchicalConfiguration.Node root; + protected String name; + protected String description; + protected String className; + protected Map properties; + + public ConfigurationItem(String name) + { + this.name = name; + } + + public ConfigurationItem(String name, String className) + { + this.name = name; + this.className = className; + } + + /** + * Creates a new configuration item based on the options in the + * xml configuration file. The configuration item is created from + * the xml element in HierarchicalConfiguration config at index + * index. + * @param node the current configuration node being examined + * @param config the configuration + */ + public ConfigurationItem(HierarchicalConfiguration.Node node, XMLConfiguration config) + { + HierarchicalConfiguration.Node pnode = config.getRoot(); + config.setRoot(node); + hcfg = config; + root = node; + name = config.getConfigString("name"); + description = config.getConfigString("description"); + className = config.getConfigString("class"); + setProperties(config); + config.setRoot(pnode); + } + + /** + * Parse the <properties> element containing zero or more + * <key& + * @param config + */ + protected void setProperties(XMLConfiguration config) + { + properties = getPropertiesFromConfig(config, root); + } + + public static HashMap getPropertiesFromConfig(XMLConfiguration config, HierarchicalConfiguration.Node root) + { + HashMap map = new HashMap(); + + List list = root.getChildren("property"); + HierarchicalConfiguration.Node node; + for (Iterator l = list.iterator(); l.hasNext();) + { + node = (HierarchicalConfiguration.Node)l.next(); + config.setRoot(node); + + String name = config.getConfigString("name"); + String value = config.getConfigString("value"); + map.put(name, value); + } + + return map; + } + + public String getClassName() + { + return className; + } + + public String getDescription() + { + return description; + } + + public String getName() + { + return name; + } + + public Map getProperties() + { + return properties; + } + + public XMLConfiguration getXMLConfig() + { + return hcfg; + } + + public HierarchicalConfiguration.Node getRoot() + { + return root; + } + + /** + * @param className The className to set. + */ + public void setClassName(String className) + { + this.className = className; + } + + /** + * @param description The description to set. + */ + public void setDescription(String description) + { + this.description = description; + } + + /** + * @param name The name to set. + */ + public void setName(String name) + { + this.name = name; + } + + /** + * @param properties The properties to set. + */ + public void setProperties(Map properties) + { + this.properties = properties; + } + + public String xmlKey() {return "no such key";} + + public String toString() + { + return name + " [" + className + "]: " + description + " -- " + properties; + } +} diff --git a/core/src/main/java/net/jradius/server/config/DictionaryConfigurationItem.java b/core/src/main/java/net/jradius/server/config/DictionaryConfigurationItem.java new file mode 100644 index 0000000..dc0018d --- /dev/null +++ b/core/src/main/java/net/jradius/server/config/DictionaryConfigurationItem.java @@ -0,0 +1,43 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server.config; + +import org.apache.commons.configuration.HierarchicalConfiguration; + +/** + * Configuration Item for loading dictionaries + * + * @author David Bird + */ +public class DictionaryConfigurationItem extends ConfigurationItem +{ + public static String XML_KEY = "dictionary"; + + public DictionaryConfigurationItem(HierarchicalConfiguration.Node node, XMLConfiguration config) + { + super(node, config); + } + + public String xmlKey() + { + return XML_KEY; + } +} diff --git a/core/src/main/java/net/jradius/server/config/HandlerConfigurationItem.java b/core/src/main/java/net/jradius/server/config/HandlerConfigurationItem.java new file mode 100644 index 0000000..4c990e3 --- /dev/null +++ b/core/src/main/java/net/jradius/server/config/HandlerConfigurationItem.java @@ -0,0 +1,198 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server.config; + +import java.util.LinkedList; +import java.util.List; + +import org.apache.commons.configuration.HierarchicalConfiguration; + +/** + * Configuration Item for Event Handlers. + * @author Gert Jan Verhoog + * @author David Bird + */ +public class HandlerConfigurationItem extends ConfigurationItem +{ + public static final String XML_LIST_KEY = "event-handlers"; + public static final String XML_KEY = "event-handler"; + + public static final String TYPE_KEY = "type"; + public static final String SENDER_KEY = "sender"; + public static final String HANDLER_KEY = "handler"; + public static final String CATALOG_KEY = "catalog"; + + private List possibleTypes; + private List handleTypes; + private List senders; + + String handlerName; + String catalogName; + + public HandlerConfigurationItem(String name) + { + super(name); + } + + public HandlerConfigurationItem(String name, String className) + { + super(name, className); + } + + public HandlerConfigurationItem(HierarchicalConfiguration.Node node, XMLConfiguration config) + { + super(node, config); + possibleTypes = config.getList(".handle.type"); + String type = config.getConfigString(HandlerConfigurationItem.TYPE_KEY); + String sender = config.getConfigString(HandlerConfigurationItem.SENDER_KEY); + handlerName = config.getConfigString(HandlerConfigurationItem.HANDLER_KEY); + catalogName = config.getConfigString(HandlerConfigurationItem.CATALOG_KEY); + setSenders(sender); + setHandleTypes(type); + } + + /** + * @return Returns the handled types + */ + public List getHandleTypes() + { + return handleTypes; + } + + /** + * @param handleTypes The handled types to set. + */ + public void setHandleTypes(List handleTypes) + { + this.handleTypes = handleTypes; + } + + /** + * @param handleTypes The handled types to set. + */ + public void setHandleTypes(String handleTypes) + { + LinkedList list = new LinkedList(); + if (handleTypes == null) handleTypes = ""; + String[] types = handleTypes.split("[ \\t]*,[ \\t]*"); + + if (types != null) + for (int i=0; i < types.length; i++) + if (types[i].length() > 0) + if (possibleTypes == null || + possibleTypes.isEmpty() || + possibleTypes.contains(types[i])) + list.add(types[i]); + + this.handleTypes = list; + } + + /** + * @param sender The requester name(s) allowed for this handler. + */ + public void setSenders(String sender) + { + LinkedList list = new LinkedList(); + if (sender == null) sender = ""; + String[] types = sender.split("[ \\t]*,[ \\t]*"); + + if (types != null) + for (int i=0; i < types.length; i++) + if (types[i].length() > 0) + list.add(types[i]); + + this.senders = list; + } + + /** + * @return Returns the list of requesters serviced by this handler + */ + public List getSenders() + { + return senders; + } + + /** + * @return Returns the possible types to handle. + */ + public List getPossibleTypes() + { + return possibleTypes; + } + + /** + * @param possibleTypes The possible types to set. + */ + public void setPossibleTypes(List possibleTypes) + { + this.possibleTypes = possibleTypes; + } + + public boolean handlesType(String type) + { + if (handleTypes.isEmpty()) return true; + if (handleTypes.contains(type)) return true; + return false; + } + + public boolean handlesSender(Object sender) + { + if (senders.isEmpty()) return true; + if (senders.contains(sender)) return true; + return false; + } + + /** + * @return Returns the catalogName. + */ + public String getCatalogName() + { + return catalogName; + } + /** + * @param catalogName The catalogName to set. + */ + public void setCatalogName(String catalogName) + { + this.catalogName = catalogName; + } + /** + * @return Returns the handlerName. + */ + public String getHandlerName() + { + return handlerName; + } + /** + * @param handlerName The handlerName to set. + */ + public void setHandlerName(String handlerName) + { + this.handlerName = handlerName; + } + /** + * @param senders The senders to set. + */ + public void setSenders(List senders) + { + this.senders = senders; + } +} diff --git a/core/src/main/java/net/jradius/server/config/ListenerConfigurationItem.java b/core/src/main/java/net/jradius/server/config/ListenerConfigurationItem.java new file mode 100644 index 0000000..dd1df3f --- /dev/null +++ b/core/src/main/java/net/jradius/server/config/ListenerConfigurationItem.java @@ -0,0 +1,288 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server.config; + +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; + +import net.jradius.handler.EventHandler; +import net.jradius.handler.EventHandlerChain; +import net.jradius.handler.PacketHandlerChain; +import net.jradius.handler.chain.JRCommand; +import net.jradius.log.RadiusLog; + +import org.apache.commons.configuration.HierarchicalConfiguration; + +/** + * The configuration context of a JRadius Listener + * @author Gert Jan Verhoog + * @author David Bird + */ +public class ListenerConfigurationItem extends ConfigurationItem +{ + public static String XML_LIST_KEY = "listeners"; + public static String XML_KEY = "listener"; + + private List requestHandlers; + private List eventHandlers; + private String processorClassName; + private int numberOfThreads; + + private static final String PROC_CLASS_KEY = "processor-class"; + private static final String PROC_THREADS_KEY = "processor-threads"; + + /** + * Creates a Listener Configuration Context + * @param node The node within the XML configuration where <listner ...> us found + * @param config The XML configuration context + */ + public ListenerConfigurationItem(HierarchicalConfiguration.Node node, XMLConfiguration config) + { + super(node, config); + + processorClassName = config.getConfigString(PROC_CLASS_KEY); + numberOfThreads = config.getConfigInt(PROC_THREADS_KEY, 1); + + // TODO: The following repetitive code could use a re-write + // Indeed, the entire configuration section should really + // use the Digester isntead. + + HierarchicalConfiguration.Node lnode = node; + HierarchicalConfiguration.Node lroot = config.getRoot(); + + List children = lnode.getChildren(PacketHandlerConfigurationItem.XML_KEY); + + for (Iterator l = children.iterator(); l.hasNext();) + { + node = (HierarchicalConfiguration.Node)l.next(); + config.setRoot(node); + + PacketHandlerConfigurationItem cfg = new PacketHandlerConfigurationItem(node, config); + PacketHandlerConfigurationItem preCfg = null; + + // First, look to see if the named handler is a known chain + JRCommand command = Configuration.packetHandlerForName(cfg.getHandlerName()); + + if (command == null) + { + // If not a chain, it must either be a generic "catalog" + // configuration or a pre-configured packet-handler in the + // jradius configuration file. + if (cfg.getCatalogName() != null) + { + cfg.setName(cfg.getCatalogName()); + cfg.setClassName(PacketHandlerChain.class.getName()); + } + else + { + preCfg = Configuration.packetHandlerConfigurationForName(cfg.getHandlerName()); + if (preCfg != null) + { + cfg.setName(preCfg.getName()); + cfg.setHandlerName(preCfg.getHandlerName()); + cfg.setClassName(preCfg.getClassName()); + cfg.getSenders().addAll(preCfg.getSenders()); + cfg.getHandleTypes().addAll(preCfg.getHandleTypes()); + cfg.getProperties().putAll(preCfg.getProperties()); + } + } + + try + { + // Instantiate the PacketHandler + command = (EventHandler) Configuration.getBean(cfg.getClassName()); + } + catch (Exception e) + { + RadiusLog.error(e.getMessage()); + continue; + } + } + + if (preCfg != null) command.setConfig(preCfg); + command.setConfig(cfg); + + if (requestHandlers == null) + requestHandlers = new LinkedList(); + + requestHandlers.add(command); + } + + if (requestHandlers == null) + { + // No packet-handlers defined? Lets check for request-handlers + config.setRoot(lroot); + children = lnode.getChildren(PacketHandlerConfigurationItem.XML_KEY_ALT); + + for (Iterator l = children.iterator(); l.hasNext();) + { + node = (HierarchicalConfiguration.Node)l.next(); + config.setRoot(node); + + HandlerConfigurationItem cfg = new HandlerConfigurationItem(node, config); + HandlerConfigurationItem preCfg = null; + + // First, look to see if the named handler is a known chain + JRCommand command = Configuration.eventHandlerForName(cfg.getHandlerName()); + + if (command == null) + { + // If not a chain, it must either be a generic "catalog" + // configuration or a pre-configured packet-handler in the + // jradius configuration file. + if (cfg.getCatalogName() != null) + { + cfg.setName(cfg.getCatalogName()); + cfg.setClassName(EventHandlerChain.class.getName()); + } + else + { + preCfg = Configuration.eventHandlerConfigurationForName(cfg.getHandlerName()); + if (preCfg != null) + { + cfg.setName(preCfg.getName()); + cfg.setHandlerName(preCfg.getHandlerName()); + cfg.setClassName(preCfg.getClassName()); + cfg.getSenders().addAll(preCfg.getSenders()); + cfg.getHandleTypes().addAll(preCfg.getHandleTypes()); + cfg.getProperties().putAll(preCfg.getProperties()); + } + } + + try + { + command = (EventHandler) Configuration.getBean(cfg.getClassName()); + } + catch (Exception e) + { + RadiusLog.error(e.getMessage()); + continue; + } + } + + if (preCfg != null) command.setConfig(preCfg); + command.setConfig(cfg); + + if (requestHandlers == null) + requestHandlers = new LinkedList(); + + requestHandlers.add(command); + } + } + + config.setRoot(lroot); + children = lnode.getChildren(HandlerConfigurationItem.XML_KEY); + + for (Iterator l = children.iterator(); l.hasNext();) + { + node = (HierarchicalConfiguration.Node)l.next(); + config.setRoot(node); + + HandlerConfigurationItem cfg = new HandlerConfigurationItem(node, config); + HandlerConfigurationItem preCfg = null; + + // First, look to see if the named handler is a known chain + JRCommand command = Configuration.eventHandlerForName(cfg.getHandlerName()); + + if (command == null) + { + // If not a chain, it must either be a generic "catalog" + // configuration or a pre-configured packet-handler in the + // jradius configuration file. + if (cfg.getCatalogName() != null) + { + cfg.setName(cfg.getCatalogName()); + cfg.setClassName(EventHandlerChain.class.getName()); + } + else + { + preCfg = Configuration.eventHandlerConfigurationForName(cfg.getHandlerName()); + if (preCfg != null) + { + cfg.setName(preCfg.getName()); + cfg.setHandlerName(preCfg.getHandlerName()); + cfg.setClassName(preCfg.getClassName()); + cfg.getSenders().addAll(preCfg.getSenders()); + cfg.getHandleTypes().addAll(preCfg.getHandleTypes()); + cfg.getProperties().putAll(preCfg.getProperties()); + } + } + + try + { + command = (EventHandler) Configuration.getBean(cfg.getClassName()); + } + catch (Exception e) + { + RadiusLog.error(e.getMessage()); + continue; + } + } + + if (preCfg != null) command.setConfig(preCfg); + command.setConfig(cfg); + + if (eventHandlers == null) + eventHandlers = new LinkedList(); + + eventHandlers.add(command); + } + } + + /** + * @return Returns the active handlers for this Listener Configuration + */ + public List getRequestHandlers() + { + return requestHandlers; + } + + /** + * @return Returns the eventHandlers. + */ + public List getEventHandlers() + { + return eventHandlers; + } + + /** + * @return Returns the configured number of threads + */ + public int getNumberOfThreads() + { + return numberOfThreads; + } + + /** + * @return Returns the configured class name + */ + public String getProcessorClassName() + { + return processorClassName; + } + + public String xmlKey() + { + return XML_KEY; + } +} diff --git a/core/src/main/java/net/jradius/server/config/LogConfigurationItem.java b/core/src/main/java/net/jradius/server/config/LogConfigurationItem.java new file mode 100644 index 0000000..984fb2f --- /dev/null +++ b/core/src/main/java/net/jradius/server/config/LogConfigurationItem.java @@ -0,0 +1,43 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server.config; + +import org.apache.commons.configuration.HierarchicalConfiguration; + +/** + * Configuration Item for the RadiusLogger + * + * @author David Bird + */ +public class LogConfigurationItem extends ConfigurationItem +{ + public static String XML_KEY = "radius-logger"; + + public LogConfigurationItem(HierarchicalConfiguration.Node node, XMLConfiguration config) + { + super(node, config); + } + + public String xmlKey() + { + return XML_KEY; + } +} diff --git a/core/src/main/java/net/jradius/server/config/PacketHandlerConfigurationItem.java b/core/src/main/java/net/jradius/server/config/PacketHandlerConfigurationItem.java new file mode 100644 index 0000000..e43fefc --- /dev/null +++ b/core/src/main/java/net/jradius/server/config/PacketHandlerConfigurationItem.java @@ -0,0 +1,55 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server.config; + +import org.apache.commons.configuration.HierarchicalConfiguration; + +/** + * Configuration Item for Packet Handlers. + * @author Gert Jan Verhoog + * @author David Bird + */ +public class PacketHandlerConfigurationItem extends HandlerConfigurationItem +{ + public static final String XML_LIST_KEY = "packet-handlers"; + public static final String XML_KEY = "packet-handler"; + public static final String XML_KEY_ALT = "request-handler"; + + public PacketHandlerConfigurationItem(String name) + { + super(name); + } + + public PacketHandlerConfigurationItem(String name, String className) + { + super(name, className); + } + + public PacketHandlerConfigurationItem(HierarchicalConfiguration.Node node, XMLConfiguration config) + { + super(node, config); + } + + public String xmlKey() + { + return XML_KEY; + } +} diff --git a/core/src/main/java/net/jradius/server/config/XMLConfiguration.java b/core/src/main/java/net/jradius/server/config/XMLConfiguration.java new file mode 100644 index 0000000..4b29eba --- /dev/null +++ b/core/src/main/java/net/jradius/server/config/XMLConfiguration.java @@ -0,0 +1,68 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server.config; + +import java.io.Reader; + +import org.apache.commons.configuration.ConfigurationException; +import org.apache.commons.configuration.HierarchicalXMLConfiguration; + +/** + * JRadius XML Configuration Parser. + * @author David Bird + */ +public class XMLConfiguration extends HierarchicalXMLConfiguration +{ + XMLConfiguration(Reader reader) throws ConfigurationException + { + load(reader); + } + + public String getConfigString(String key, String def) + { + return getString(key, getString("[@"+key+"]", def)); + } + + public String getConfigString(String key) + { + return getConfigString(key, null); + } + + public boolean getConfigBoolean(String key, boolean def) + { + return getBoolean(key, getBoolean("[@"+key+"]", def)); + } + + public boolean getConfigBoolean(String key) + { + return getConfigBoolean(key, false); + } + + public int getConfigInt(String key, int def) + { + return getInt(key, getInt("[@"+key+"]", def)); + } + + public int getConfigInt(String key) + { + return getConfigInt(key, 0); + } +} diff --git a/core/src/main/java/net/jradius/server/config/package.html b/core/src/main/java/net/jradius/server/config/package.html new file mode 100644 index 0000000..7d7484c --- /dev/null +++ b/core/src/main/java/net/jradius/server/config/package.html @@ -0,0 +1,5 @@ + + +JRadius Server Configuration Objects and Utilities. + + diff --git a/core/src/main/java/net/jradius/server/event/HandlerLogEvent.java b/core/src/main/java/net/jradius/server/event/HandlerLogEvent.java new file mode 100644 index 0000000..b2a7688 --- /dev/null +++ b/core/src/main/java/net/jradius/server/event/HandlerLogEvent.java @@ -0,0 +1,50 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server.event; + +import net.jradius.server.JRadiusRequest; + +/** + * The Handler Log Event Type. + * @author David Bird + */ +public class HandlerLogEvent extends ServerEvent +{ + private int result; + + public HandlerLogEvent(JRadiusRequest request, String sessionKey, int result) + { + setSender(request.getSender()); + setRequest(request); + setSessionKey(sessionKey); + this.result = result; + } + + public String getTypeString() + { + return "handler-log"; + } + + public int getResult() + { + return result; + } +} diff --git a/core/src/main/java/net/jradius/server/event/ServerEvent.java b/core/src/main/java/net/jradius/server/event/ServerEvent.java new file mode 100644 index 0000000..61014e1 --- /dev/null +++ b/core/src/main/java/net/jradius/server/event/ServerEvent.java @@ -0,0 +1,65 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server.event; + +import net.jradius.server.JRadiusEvent; +import net.jradius.server.JRadiusRequest; + +/** + * Represents A Server Event and holds the associated JRadiusRequest. + * @author David Bird + */ +public abstract class ServerEvent extends JRadiusEvent +{ + private JRadiusRequest request; + private String sessionKey; + + public JRadiusRequest getRequest() + { + return request; + } + + public void setRequest(JRadiusRequest request) + { + this.request = request; + } + + /** + * @return Returns the sessionKey. + */ + public String getSessionKey() + { + return sessionKey; + } + + /** + * @param sessionKey The sessionKey to set. + */ + public void setSessionKey(String sessionKey) + { + this.sessionKey = sessionKey; + } + + public int getType() + { + return 0; + } +} diff --git a/core/src/main/java/net/jradius/server/event/SessionExpiredEvent.java b/core/src/main/java/net/jradius/server/event/SessionExpiredEvent.java new file mode 100644 index 0000000..7544de5 --- /dev/null +++ b/core/src/main/java/net/jradius/server/event/SessionExpiredEvent.java @@ -0,0 +1,57 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.server.event; + +import net.jradius.server.JRadiusEvent; +import net.jradius.session.JRadiusSession; + + +/** + * Session Expired Server Event Type. + * @author David Bird + */ +public class SessionExpiredEvent extends JRadiusEvent +{ + private final JRadiusSession session; + + public SessionExpiredEvent(JRadiusSession session) + { + this.session = session; + } + + public int getType() + { + return 2; + } + + public String getTypeString() + { + return "session-expired"; + } + + /** + * @return Returns the session. + */ + public JRadiusSession getSession() + { + return session; + } +} diff --git a/core/src/main/java/net/jradius/server/event/package.html b/core/src/main/java/net/jradius/server/event/package.html new file mode 100644 index 0000000..68d5064 --- /dev/null +++ b/core/src/main/java/net/jradius/server/event/package.html @@ -0,0 +1,5 @@ + + +JRadius Server Events and Utilities. + + diff --git a/core/src/main/java/net/jradius/server/package.html b/core/src/main/java/net/jradius/server/package.html new file mode 100644 index 0000000..0649e50 --- /dev/null +++ b/core/src/main/java/net/jradius/server/package.html @@ -0,0 +1,5 @@ + + +The JRadius Core Server. + + diff --git a/core/src/main/java/net/jradius/session/JRadiusSession.java b/core/src/main/java/net/jradius/session/JRadiusSession.java new file mode 100644 index 0000000..42955aa --- /dev/null +++ b/core/src/main/java/net/jradius/session/JRadiusSession.java @@ -0,0 +1,482 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (C) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.session; + +import java.io.Serializable; +import java.util.Date; + +import net.jradius.exception.RadiusException; +import net.jradius.log.JRadiusLogEntry; +import net.jradius.server.JRadiusEvent; +import net.jradius.server.JRadiusRequest; + + +/** + * Defines a Radius Session. This bean is here to help with the handling + * of Radius Sessions (an authentication event followed by accounting). + * + * @author David Bird + */ +public interface JRadiusSession extends Serializable +{ + public static final long serialVersionUID = 0L; + + // status values + public static final int RADIUS_ERROR = -1; + public static final int UNKNOWN_STATE = 0; + + public static final int AUTH_PENDING = (1 << 0); + public static final int AUTH_ACCEPTED = (1 << 1); + public static final int AUTH_REJECTED = (1 << 2); + public static final int ACCT_STARTED = (1 << 3); + public static final int ACCT_STOPPED = (1 << 4); + + public static final int SESSION_STARTED = (AUTH_PENDING|AUTH_ACCEPTED|ACCT_STARTED); + public static final int SESSION_STOPPED = (AUTH_PENDING|AUTH_ACCEPTED|ACCT_STARTED|ACCT_STOPPED); + public static final int ACCT_ONLY_STARTED = (ACCT_STARTED); + public static final int ACCT_ONLY_STOPPED = (ACCT_STARTED|ACCT_STOPPED); + + // default attribute map names + public static final String SESSION_ATTRIBUTE_LOCATION_ID = "locationID"; + public static final String SESSION_ATTRIBUTE_LOCATION_TYPE = "locationType"; + public static final String SESSION_ATTRIBUTE_LOCATION_NAME = "locationName"; + public static final String SESSION_ATTRIBUTE_LOCATION_CITY = "locationCity"; + public static final String SESSION_ATTRIBUTE_LOCATION_STATE_PROVINCE = "locationStateProvince"; + public static final String SESSION_ATTRIBUTE_LOCATION_COUNTRY_CODE = "locationCountryCode"; + + public JRadiusLogEntry getLogEntry(JRadiusEvent event, String key); + + public JRadiusLogEntry getLogEntry(JRadiusRequest request) throws RadiusException; + + public void addLogMessage(JRadiusRequest request, String message) throws RadiusException; + + public void commitLogEntry(JRadiusLogEntry entry, int result); + + public void commitLogEntries(int result); + + /** + * This method is kicked off by the InitSessionHandler after a new + * PPRadiusSession has been created. + * @param request The JRadiusRequest + */ + public void initSession(JRadiusRequest request) throws RadiusException; + + public void setAttribute(String name, Object value); + + public Object getAttribute(String name); + + public void onPostProcessing(JRadiusRequest request) throws RadiusException; + + public void onAuthorization(JRadiusRequest request) throws RadiusException; + + public boolean onPreProcessing(JRadiusRequest request) throws RadiusException; + + public void onPostAuthentication(JRadiusRequest request) throws RadiusException; + + /** + * Updates the session with attributes from the accounting request. This method + * is fired off during post processing. + * @param request + * @throws RadiusException + */ + public void onAccounting(JRadiusRequest request) throws RadiusException; + + public boolean onNoAccountingStatusType(JRadiusRequest request) throws RadiusException; + + public void ensureSessionState(JRadiusRequest request, int state) throws RadiusException; + + public boolean isAccountingReversed(); + + /** + * @return Returns the username. + */ + public String getUsername(); + + /** + * @param username The username to set. + */ + public void setUsername(String username); + + /** + * @return Returns the realm. + */ + public String getRealm(); + + /** + * @param realm The realm to set. + */ + public void setRealm(String realm); + + /** + * @return Returns the password. + */ + public String getPassword(); + + /** + * @param password The password to set. + */ + public void setPassword(String password); + + /** + * @return Returns the sessionKey. + */ + public String getSessionKey(); + + /** + * @param sessionKey The sessionKey to set. + */ + public void setSessionKey(String sessionKey); + + /** + * @return Returns the sessionId. + */ + public String getSessionId(); + + /** + * @param sessionId The sessionId to set. + */ + public void setSessionId(String sessionId); + + /** + * @return Returns the serviceType. + */ + public Long getServiceType(); + + /** + * @param serviceType The serviceType to set. + */ + public void setServiceType(Long serviceType); + + /** + * @return Returns the idleTimeout. + */ + public Long getIdleTimeout(); + + /** + * @param idleTimeout The idleTimeout to set. + */ + public void setIdleTimeout(Long idleTimeout); + + /** + * @return Returns the interimInterval. + */ + public Long getInterimInterval(); + + /** + * @param interimInterval The interimInterval to set. + */ + public void setInterimInterval(Long interimInterval); + + /** + * @return Returns the sessionTimeout. + */ + public Long getSessionTimeout(); + + /** + * @param sessionTimeout The sessionTimeout to set. + */ + public void setSessionTimeout(Long sessionTimeout); + + /** + * @return Returns the sessionTime. + */ + public Long getSessionTime(); + + /** + * @param sessionTime The sessionTime to set. + */ + public void setSessionTime(Long sessionTime); + + /** + * @return Returns the startTime. + */ + public Date getStartTime(); + + /** + * @param startTime The startTime to set. + */ + public void setStartTime(Date startTime); + + /** + * @return Returns the lastInterimTime. + */ + public Date getLastInterimTime(); + + /** + * @param lastInterimTime The lastInterimTime to set. + */ + public void setLastInterimTime(Date lastInterimTime); + + /** + * @return Returns the stopTime. + */ + public Date getStopTime(); + + /** + * @param stopTime The stopTime to set. + */ + public void setStopTime(Date stopTime); + + /** + * @return Returns the gigaWordsIn. + */ + public Long getGigaWordsIn(); + + /** + * @param gigaWordsIn The gigaWordsIn to set. + */ + public void setGigaWordsIn(Long gigaWordsIn); + + /** + * @return Returns the gigaWordsOut. + */ + public Long getGigaWordsOut(); + + /** + * @param gigaWordsOut The gigaWordsOut to set. + */ + public void setGigaWordsOut(Long gigaWordsOut); + + /** + * @return Returns the octetsIn. + */ + public Long getOctetsIn(); + + /** + * @param octetsIn The octetsIn to set. + */ + public void setOctetsIn(Long octetsIn); + + /** + * @return Returns the octetsOut. + */ + public Long getOctetsOut(); + + /** + * @param octetsOut The octetsOut to set. + */ + public void setOctetsOut(Long octetsOut); + + public Long getTotalOctetsIn(); + + public Long getTotalOctetsOut(); + + /** + * @return Returns the packetsIn. + */ + public Long getPacketsIn(); + + /** + * @param packetsIn The packetsIn to set. + */ + public void setPacketsIn(Long packetsIn); + + /** + * @return Returns the packetsOut. + */ + public Long getPacketsOut(); + + /** + * @param packetsOut The packetsOut to set. + */ + public void setPacketsOut(Long packetsOut); + + /** + * @return Returns the terminateCause. + */ + public Long getTerminateCause(); + + /** + * @param terminateCause The terminateCause to set. + */ + public void setTerminateCause(Long terminateCause); + + /** + * @return Returns the radiusClass. + */ + public byte[] getRadiusClass(); + + /** + * @param radiusClass The radiusClass to set. + */ + public void setRadiusClass(byte[] radiusClass); + + /** + * @return Returns the sessionState. + */ + public int getSessionState(); + + /** + * @param sessionState The sessionState to set. + */ + public void setSessionState(int sessionState); + + /** + * @return Returns the proxyToRealm. + */ + public String getProxyToRealm(); + + /** + * @param proxyToRealm The proxyToRealm to set. + */ + public void setProxyToRealm(String proxyToRealm); + + /** + * @return Returns the secured. + */ + public boolean isSecured(); + + /** + * @param secured The secured to set. + */ + public void setSecured(boolean secured); + + /** + * @return Returns the calledStationId. + */ + public String getCalledStationId(); + + /** + * @param calledStationId The calledStationId to set. + */ + public void setCalledStationId(String calledStationId); + + /** + * @return Returns the callingStationId. + */ + public String getCallingStationId(); + + /** + * @param callingStationId The callingStationId to set. + */ + public void setCallingStationId(String callingStationId); + + /** + * @return Returns the connectInfo. + */ + public String getConnectInfo(); + + /** + * @param connectInfo The connectInfo to set. + */ + public void setConnectInfo(String connectInfo); + + /** + * @return Returns the clientIPAddress. + */ + public String getClientIPAddress(); + + /** + * @param clientIPAddress The clientIPAddress to set. + */ + public void setClientIPAddress(String clientIPAddress); + + /** + * @return Returns the nasIdentifier. + */ + public String getNasIdentifier(); + + /** + * @param nasIdentifier The nasIdentifier to set. + */ + public void setNasIdentifier(String nasIdentifier); + + /** + * @return Returns the nasIPAddress. + */ + public String getNasIPAddress(); + + /** + * @param nasIPAddress The nasIPAddress to set. + */ + public void setNasIPAddress(String nasIPAddress); + + /** + * @return Returns the framedIPAddress. + */ + public String getFramedIPAddress(); + + /** + * @param framedIPAddress The framedIPAddress to set. + */ + public void setFramedIPAddress(String framedIPAddress); + + /** + * @return Returns the timeStamp. + */ + public long getTimeStamp(); + + /** + * @param timeStamp The timeStamp to set. + */ + public void setTimeStamp(long timeStamp); + + public Long getMaxBandwidthDown(); + + public void setMaxBandwidthDown(Long maxBandwidthDown); + + public Long getMaxBandwidthUp(); + + public void setMaxBandwidthUp(Long maxBandwidthUp); + + public Long getMinBandwidthDown(); + + public void setMinBandwidthDown(Long minBandwidthDown); + + /** + * @return Returns the minBandwidthUp. + */ + public Long getMinBandwidthUp(); + + /** + * @param minBandwidthUp the minBandwidth to set. + */ + public void setMinBandwidthUp(Long minBandwidthUp); + + public Long getMaxOctetsDown(); + + public void setMaxOctetsDown(Long maxOctetsDown); + + public Long getMaxOctetsUp(); + + public void setMaxOctetsUp(Long maxOctetshUp); + + public Long getMaxOctetsTotal(); + + public void setMaxOctetsTotal(Long maxOctetsTotal); + + public String getNasType() ; + + public void setNasType(String nasType); + + public String getRedirectURL(); + + public void setRedirectURL(String redirectURL); + + public String getJRadiusKey(); + + public void setJRadiusKey(String jRadiusKey); + + public JRadiusRequest getLastRadiusRequest(); + + public void setLastRadiusRequest(JRadiusRequest lastRadiusRequest); +} diff --git a/core/src/main/java/net/jradius/session/JRadiusSessionManager.java b/core/src/main/java/net/jradius/session/JRadiusSessionManager.java new file mode 100644 index 0000000..715f982 --- /dev/null +++ b/core/src/main/java/net/jradius/session/JRadiusSessionManager.java @@ -0,0 +1,541 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.session; + +import java.io.Serializable; +import java.util.HashMap; +import java.util.Iterator; + +import net.jradius.exception.RadiusException; +import net.jradius.log.JRadiusLogEntry; +import net.jradius.log.RadiusLog; +import net.jradius.server.EventDispatcher; +import net.jradius.server.JRadiusEvent; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.event.SessionExpiredEvent; +import net.sf.ehcache.Cache; +import net.sf.ehcache.CacheException; +import net.sf.ehcache.CacheManager; +import net.sf.ehcache.Ehcache; +import net.sf.ehcache.Element; +import net.sf.ehcache.Status; +import net.sf.ehcache.event.CacheEventListener; + +import org.springframework.beans.factory.InitializingBean; +import org.springframework.context.ApplicationContext; +import org.springframework.context.ApplicationContextAware; + +public class JRadiusSessionManager implements InitializingBean, ApplicationContextAware, CacheEventListener +{ + private static JRadiusSessionManager defaultManager; + + private static HashMap managers = new HashMap(); + + private HashMap providers = new HashMap(); + private HashMap factories = new HashMap(); + + private ApplicationContext applicationContext; + + private int minInterimInterval = 5 * 60; + private int maxInactiveInterval = 12 * 60; + + private String cacheName = "jradius-session"; + private String logCacheName = "jradius-log"; + + + private CacheManager cacheManager; + private Cache sessionCache; + private Cache logCache; + + private EventDispatcher eventDispatcher; + + /** + * There is a single JRadiusSessionManager available that + * is accessible through this method. Using the default + * application-wide manager is sufficient for most uses. + * For specific needs, it is possible to create a new + * JRadiusSessionManager object. + * @return the default JRadiusSessionManager instance + */ + public static JRadiusSessionManager getManager(Object name) + { + JRadiusSessionManager manager = null; + + if (name != null) + { + manager = (JRadiusSessionManager)managers.get(name); + } + + if (manager == null) + { + if (defaultManager == null) + { + defaultManager = new JRadiusSessionManager(); + try { defaultManager.afterPropertiesSet(); } + catch (Exception e) { e.printStackTrace(); } + } + + manager = defaultManager; + } + + return manager; + } + + public static JRadiusSessionManager setManager(String name, JRadiusSessionManager manager) + { + if (name != null) + { + managers.put(name, manager); + } + else + { + defaultManager = manager; + } + + return manager; + } + + public static void shutdownManagers() + { + if (defaultManager != null) + { + defaultManager.shutdown(); + } + + for (Iterator i = managers.values().iterator(); i.hasNext();) + { + JRadiusSessionManager manager = (JRadiusSessionManager)i.next(); + manager.shutdown(); + } + } + + /** + * Creates a new JRadiusSessionManager instance. This + * sets the key provider and session factory to the + * DefaultSessionKeyProvider and RadiusSessionFactory, + * respectively + */ + public JRadiusSessionManager() + { + initialize(); + } + + private void initialize() + { + try + { + // If we can find the extended JRadius classes, configure + // the default RadiusSessionKeyProvider and RadiusSessionFactory + Class c; + c = Class.forName("net.jradius.session.RadiusSessionKeyProvider"); + providers.put(null, (SessionKeyProvider) c.newInstance()); + c = Class.forName("net.jradius.session.RadiusSessionFactory"); + factories.put(null, (SessionFactory) c.newInstance()); + } + catch (Exception e) + { + RadiusLog.error("Could not find extended JRadius classes - not running JRadiusSessionManager"); + throw new RuntimeException(e); + } + } + + public void shutdown() + { + if (cacheManager.getStatus() == Status.STATUS_ALIVE) + { + cacheManager.shutdown(); + } + } + + public void afterPropertiesSet() throws Exception + { + if (cacheManager == null) + { + cacheManager = CacheManager.create(); + } + + if (sessionCache == null) + { + sessionCache = cacheManager.getCache(cacheName); + + if (sessionCache == null) + { + sessionCache = new Cache(cacheName, 1000000, true, false, 0, maxInactiveInterval); + cacheManager.addCache(sessionCache); + } + } + + if (logCache == null) + { + logCache = cacheManager.getCache(logCacheName); + + if (logCache == null) + { + logCache = new Cache(logCacheName, 1000000, true, false, 0, maxInactiveInterval); + cacheManager.addCache(logCache); + } + } + + sessionCache.getCacheEventNotificationService().registerListener(this); + logCache.getCacheEventNotificationService().registerListener(this); + } + + /** + * Sets the key provider for this session manager. The + * key provider generates a key to store a session with. + * The key is generated based on a JRadiusRequest that is + * passed to the key provider's getSessionKey method. + * Keys are used to retrieve stored sessions from the session + * manager. + * @param name The name of the SessionKeyProvider (null for default) + * @param provider The SessionKeyProvider + * @see SessionKeyProvider + */ + public void setSessionKeyProvider(String name, SessionKeyProvider provider) + { + providers.put(name, provider); + } + + /** + * Sets the session factory for this session manager. The + * session factory generates a new session object, possibly + * initialized based on values of a JRadiusRequest. + * @param name The name of the SessionFactory (null for default) + * @param factory a SessionFactory + * @see SessionFactory + */ + public void setSessionFactory(String name, SessionFactory factory) + { + factories.put(name, factory); + } + + /** + * returns the session manager's key provider + * @param name The name of the SessionKeyProvider (null for default) + * @return the session manager's key provider + */ + public SessionKeyProvider getSessionKeyProvider(Object name) + { + SessionKeyProvider provider = (SessionKeyProvider)providers.get(name); + if (provider == null && name != null) provider = (SessionKeyProvider)providers.get(null); + return provider; + } + + /** + * returns the session manager's session factory + * @param name The name of the SessionFactory (null for default) + * @return the session manager's session factory + */ + public SessionFactory getSessionFactory(Object name) + { + SessionFactory factory = (SessionFactory)factories.get(name); + if (factory == null && name != null) factory = (SessionFactory)factories.get(null); + return factory; + } + + /** + * Returns a session object. First, a key is generated by + * the session manager's key provider, based on the JRadiusRequest. + * If there is a stored session based on the key, this session is + * returned, otherwise a new session created by the session factory + * is returned + * @param request a JRadiusRequest used to retrieve or generate a session with + * @return Returns a RadiusSession + * @throws RadiusException + */ + public JRadiusSession getSession(JRadiusRequest request) throws RadiusException + { + SessionKeyProvider skp = getSessionKeyProvider(request.getSender()); + Serializable key = skp.getAppSessionKey(request); + JRadiusSession session = null; + Serializable nkey = null; + + if (key != null) + { + RadiusLog.debug("** Looking for session: " + key); + session = getSession(request, key); + if (session == null) + { + RadiusLog.error("Broken JRadius-Session-Id implementation for session: " + key); + key = null; + } + } + + if (key == null) + { + key = skp.getClassKey(request); + + if (key != null) + { + RadiusLog.debug("** Looking for session: " + key); + session = getSession(request, key); + if (session == null) + { + RadiusLog.error("Broken Class implementation for session: " + key); + key = null; + } + else + { + if (session.getJRadiusKey() != null && !session.getJRadiusKey().equals(session.getSessionKey())) + { + rehashSession(session, session.getJRadiusKey(), key); + } + } + } + } + + if (key == null) + { + Serializable keys = skp.getRequestSessionKey(request); + + if (keys == null) + { + return null; + } + + if (keys instanceof Serializable[]) + { + key = ((Serializable[])(keys))[0]; + nkey = ((Serializable[])(keys))[1]; + RadiusLog.debug("Rehashing session with key " + key + " under new key " + nkey); + } + else + { + key = keys; + } + + RadiusLog.debug("** Looking for session: " + key); + session = getSession(request, key); + + if (session != null && nkey != null && !nkey.equals(key)) + { + rehashSession(session, key, nkey); + } + } + + if (session == null) + { + session = newSession(request, nkey == null ? key : nkey); + } + + session.setTimeStamp(System.currentTimeMillis()); + session.setLastRadiusRequest(request); + + return session; + } + + public void rehashSession(JRadiusSession session, Serializable okey, Serializable nkey) throws RadiusException + { + remove(okey); + session.setJRadiusKey((String)nkey); + put(session.getJRadiusKey(), session); + } + + public JRadiusSession newSession(JRadiusRequest request, Object key) throws RadiusException + { + JRadiusSession session = (JRadiusSession)getSessionFactory(request.getSender()).newSession(request); + session.setJRadiusKey((String)key); + put(session.getJRadiusKey(), session); + put(session.getSessionKey(), session); + return session; + } + + public JRadiusSession getSession(JRadiusRequest request, Serializable key) throws RadiusException + { + Element element = sessionCache.get(key); + JRadiusSession session = null; + + if (element != null) + { + session = (JRadiusSession)element.getValue(); + } + + if (session == null && request != null) + { + SessionFactory sf = getSessionFactory(request.getSender()); + session = sf.getSession(request, key); + if (session != null) + { + put(session.getJRadiusKey(), session); + put(session.getSessionKey(), session); + } + } + + if (session == null) return null; + + return session; + } + + public void lock(JRadiusSession session) + { + System.err.println("Appropriate session locking must be implemented"); + } + + public void unlock(JRadiusSession session) + { + System.err.println("Appropriate session locking must be implemented"); + } + + public JRadiusLogEntry newLogEntry(JRadiusEvent event, JRadiusSession session, String packetId) + { + Object sender = null; + + if (event != null) + sender = event.getSender(); + + else if (session != null && session.getLastRadiusRequest() != null) + sender = session.getLastRadiusRequest().getSender(); + + return getSessionFactory(sender).newSessionLogEntry(event, session, packetId); + } + + public void removeSession(JRadiusSession session) + { + if (session != null) + { + remove(session.getJRadiusKey()); + remove(session.getSessionKey()); + } + } + + private void remove(Serializable key) + { + RadiusLog.debug("Removing session key: " + key); + sessionCache.remove(key); + } + + private void put(Serializable key, Serializable value) + { + RadiusLog.debug("Adding session key: " + key); + sessionCache.put(new Element(key, value)); + } + + public int getMaxInactiveInterval() + { + return maxInactiveInterval; + } + + public void setMaxInactiveInterval(int maxInactiveInterval) + { + this.maxInactiveInterval = maxInactiveInterval; + } + + public int getMinInterimInterval() + { + return minInterimInterval; + } + + public void setMinInterimInterval(int minInterimInterval) + { + this.minInterimInterval = minInterimInterval; + } + + public CacheManager getCacheManager() + { + return cacheManager; + } + + public void setCacheManager(CacheManager cacheManager) + { + this.cacheManager = cacheManager; + } + + public String getCacheName() + { + return cacheName; + } + + public void setCacheName(String cacheName) + { + this.cacheName = cacheName; + } + + public void dispose() + { + } + + public void notifyElementEvicted(Ehcache cache, Element element) + { + } + + public void notifyElementExpired(Ehcache cache, Element element) + { + Object value = element.getValue(); + if (value instanceof JRadiusSession) + { + JRadiusSession session = (JRadiusSession) value; + RadiusLog.debug("Expired session: " + session.getSessionKey()); + if (eventDispatcher != null) + { + SessionExpiredEvent evt = new SessionExpiredEvent(session); + evt.setApplicationContext(applicationContext); + eventDispatcher.post(evt); + } + } + } + + public void notifyElementPut(Ehcache cache, Element element) throws CacheException + { + } + + public void notifyElementRemoved(Ehcache cache, Element element) throws CacheException + { + } + + public void notifyElementUpdated(Ehcache cache, Element element) throws CacheException + { + } + + public void notifyRemoveAll(Ehcache cache) + { + } + + public Object clone() throws CloneNotSupportedException + { + return super.clone(); + } + + public Ehcache getSessionCache() + { + return sessionCache; + } + + public void setSessionCache(Cache sessionCache) + { + this.sessionCache = sessionCache; + } + + public void setEventDispatcher(EventDispatcher eventDispatcher) + { + this.eventDispatcher = eventDispatcher; + } + + public ApplicationContext getApplicationContext() + { + return applicationContext; + } + + public void setApplicationContext(ApplicationContext applicationContext) + { + this.applicationContext = applicationContext; + } +} diff --git a/core/src/main/java/net/jradius/session/RadiusSessionSupport.java b/core/src/main/java/net/jradius/session/RadiusSessionSupport.java new file mode 100644 index 0000000..37c0a38 --- /dev/null +++ b/core/src/main/java/net/jradius/session/RadiusSessionSupport.java @@ -0,0 +1,35 @@ +package net.jradius.session; + +public class RadiusSessionSupport +{ + /** + * Split the User-Name into username plus realm (checks for prefix realm + * first - realm/username, then postfix realms - username@realm) + * @param username The username to parse + * @return Returns an array of 2 Strings { username, realm } if a realm + * is found, otherwise it returns null + */ + public static String[] splitUserName(String username) + { + int idx; + + if ((idx = username.indexOf("/")) > 0 || + (idx = username.indexOf("\\")) > 0) + { + // Prefix Realm - takes priority over Postfix + return new String[]{ + username.substring(idx + 1), + username.substring(0, idx) }; + } + + if ((idx = username.lastIndexOf("@")) > 0) + { + // Postfix Realm + return new String[]{ + username.substring(0, idx), + username.substring(idx + 1) }; + } + + return null; + } +} diff --git a/core/src/main/java/net/jradius/session/SessionFactory.java b/core/src/main/java/net/jradius/session/SessionFactory.java new file mode 100644 index 0000000..4f20db7 --- /dev/null +++ b/core/src/main/java/net/jradius/session/SessionFactory.java @@ -0,0 +1,44 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.session; + + +import net.jradius.exception.RadiusException; +import net.jradius.log.JRadiusLogEntry; +import net.jradius.server.JRadiusEvent; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.config.XMLConfiguration; + +import org.apache.commons.configuration.HierarchicalConfiguration; + +/** + * An interface for creating new RadiusSession objects + * @author Gert Jan Verhoog + * @author David Bird + */ +public interface SessionFactory +{ + public JRadiusSession getSession(JRadiusRequest request, Object key) throws RadiusException; + public JRadiusSession newSession(JRadiusRequest request) throws RadiusException; + public JRadiusLogEntry newSessionLogEntry(JRadiusEvent event, JRadiusSession session, String packetId); + public void setConfig(XMLConfiguration config, HierarchicalConfiguration.Node root); + public String getConfigValue(String name); +} diff --git a/core/src/main/java/net/jradius/session/SessionKeyProvider.java b/core/src/main/java/net/jradius/session/SessionKeyProvider.java new file mode 100644 index 0000000..702536d --- /dev/null +++ b/core/src/main/java/net/jradius/session/SessionKeyProvider.java @@ -0,0 +1,39 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.session; + +import java.io.Serializable; + +import net.jradius.exception.RadiusException; +import net.jradius.server.JRadiusRequest; + + +/** + * Session Key Provider generates keys in which to store RadiusSessions + * into the Session Manager. + * @author Gert Jan Verhoog + */ +public interface SessionKeyProvider +{ + public Serializable getClassKey(JRadiusRequest request) throws RadiusException; + public Serializable getAppSessionKey(JRadiusRequest request) throws RadiusException; + public Serializable getRequestSessionKey(JRadiusRequest request) throws RadiusException; +} diff --git a/core/src/main/java/net/jradius/session/package.html b/core/src/main/java/net/jradius/session/package.html new file mode 100644 index 0000000..09e41fb --- /dev/null +++ b/core/src/main/java/net/jradius/session/package.html @@ -0,0 +1,5 @@ + + +JRadius Session Management Classes. + + diff --git a/core/src/main/java/net/jradius/standard/RadiusStandard.java b/core/src/main/java/net/jradius/standard/RadiusStandard.java new file mode 100644 index 0000000..0c75169 --- /dev/null +++ b/core/src/main/java/net/jradius/standard/RadiusStandard.java @@ -0,0 +1,82 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.standard; + +import java.util.List; + +import net.jradius.exception.StandardViolatedException; +import net.jradius.packet.RadiusPacket; + +/** + * Interface for RADIUS Standards Checking + * + * @author David Bird + */ +public abstract class RadiusStandard +{ + /** + * @return Returns the name of the standard + */ + public abstract String getName(); + + /** + * Checks the packet for compliance with the implemented standard. If there + * are missing attributes, the StandardViolatedException is thrown containing + * a list of the missing attributes. + * @param p RadiusPacket to be checked + * @param ignore Attribute types to ignore + * @throws StandardViolatedException + */ + public abstract void checkPacket(RadiusPacket p, long[] ignore) throws StandardViolatedException; + + /** + * Same as checkPacket(p, null) + * @param p RadiusPacket to be checked + * @throws StandardViolatedException + */ + public void checkPacket(RadiusPacket p) throws StandardViolatedException + { + checkPacket(p, null); + } + + /** + * Check for missing attributes in a RadiusPacket + * @param p RadiusPacket to be checked + * @param list list to append missing attributes to + * @param check attributes to look for + * @param ignore attributes to ignore + */ + protected static void checkMissing(RadiusPacket p, List list, long[] check, long[] ignore) + { + for (int i=0; i < check.length; i++) + { + if (p.findAttribute(check[i]) == null) + { + if (ignore != null) + for (int j=0; j < ignore.length; j++) + if (check[i] == ignore[j]) + continue; + list.add(new Long(check[i])); + } + } + } +} diff --git a/core/src/main/java/net/jradius/standard/package.html b/core/src/main/java/net/jradius/standard/package.html new file mode 100644 index 0000000..a56dc7c --- /dev/null +++ b/core/src/main/java/net/jradius/standard/package.html @@ -0,0 +1,5 @@ + + +Support for RADIUS Standards Checking in JRadius. + + diff --git a/core/src/main/java/net/jradius/util/Base64.java b/core/src/main/java/net/jradius/util/Base64.java new file mode 100755 index 0000000..1b86d67 --- /dev/null +++ b/core/src/main/java/net/jradius/util/Base64.java @@ -0,0 +1,1450 @@ +package net.jradius.util; +/** + * Encodes and decodes to and from Base64 notation. + * + *

+ * Change Log: + *

+ *
    + *
  • v2.1 - Cleaned up javadoc comments and unused variables and methods. Added + * some convenience methods for reading and writing to and from files.
    • + *
  • v2.0.2 - Now specifies UTF-8 encoding in places where the code fails on systems + * with other encodings (like EBCDIC).
    • + *
  • v2.0.1 - Fixed an error when decoding a single byte, that is, when the + * encoded data was a single byte.
    • + *
  • v2.0 - I got rid of methods that used booleans to set options. + * Now everything is more consolidated and cleaner. The code now detects + * when data that's being decoded is gzip-compressed and will decompress it + * automatically. Generally things are cleaner. You'll probably have to + * change some method calls that you were making to support the new + * options format (ints that you "OR" together).
    • + *
  • v1.5.1 - Fixed bug when decompressing and decoding to a + * byte[] using decode( String s, boolean gzipCompressed ). + * Added the ability to "suspend" encoding in the Output Stream so + * you can turn on and off the encoding if you need to embed base64 + * data in an otherwise "normal" stream (like an XML file).
    • + *
  • v1.5 - Output stream pases on flush() command but doesn't do anything itself. + * This helps when using GZIP streams. + * Added the ability to GZip-compress objects before encoding them.
    • + *
  • v1.4 - Added helper methods to read/write files.
    • + *
  • v1.3.6 - Fixed OutputStream.flush() so that 'position' is reset.
    • + *
  • v1.3.5 - Added flag to turn on and off line breaks. Fixed bug in input stream + * where last buffer being read, if not completely full, was not returned.
    • + *
  • v1.3.4 - Fixed when "improperly padded stream" error was thrown at the wrong time.
    • + *
  • v1.3.3 - Fixed I/O streams which were totally messed up.
    • + *
+ * + *

+ * I am placing this code in the Public Domain. Do with it as you will. + * This software comes with no guarantees or warranties but with + * plenty of well-wishing instead! + * Please visit http://iharder.net/base64 + * periodically to check for updates or to contribute improvements. + *

+ * + * @author Robert Harder + * @author rob@iharder.net + * @version 2.1 + */ +public class Base64 +{ + +/* ******** P U B L I C F I E L D S ******** */ + + + /** No options specified. Value is zero. */ + public final static int NO_OPTIONS = 0; + + /** Specify encoding. */ + public final static int ENCODE = 1; + + + /** Specify decoding. */ + public final static int DECODE = 0; + + + /** Specify that data should be gzip-compressed. */ + public final static int GZIP = 2; + + + /** Don't break lines when encoding (violates strict Base64 specification) */ + public final static int DONT_BREAK_LINES = 8; + + +/* ******** P R I V A T E F I E L D S ******** */ + + + /** Maximum line length (76) of Base64 output. */ + private final static int MAX_LINE_LENGTH = 76; + + + /** The equals sign (=) as a byte. */ + private final static byte EQUALS_SIGN = (byte)'='; + + + /** The new line character (\n) as a byte. */ + private final static byte NEW_LINE = (byte)'\n'; + + + /** Preferred encoding. */ + private final static String PREFERRED_ENCODING = "UTF-8"; + + + /** The 64 valid Base64 values. */ + private final static byte[] ALPHABET; + private final static byte[] _NATIVE_ALPHABET = /* May be something funny like EBCDIC */ + { + (byte)'A', (byte)'B', (byte)'C', (byte)'D', (byte)'E', (byte)'F', (byte)'G', + (byte)'H', (byte)'I', (byte)'J', (byte)'K', (byte)'L', (byte)'M', (byte)'N', + (byte)'O', (byte)'P', (byte)'Q', (byte)'R', (byte)'S', (byte)'T', (byte)'U', + (byte)'V', (byte)'W', (byte)'X', (byte)'Y', (byte)'Z', + (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f', (byte)'g', + (byte)'h', (byte)'i', (byte)'j', (byte)'k', (byte)'l', (byte)'m', (byte)'n', + (byte)'o', (byte)'p', (byte)'q', (byte)'r', (byte)'s', (byte)'t', (byte)'u', + (byte)'v', (byte)'w', (byte)'x', (byte)'y', (byte)'z', + (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', + (byte)'6', (byte)'7', (byte)'8', (byte)'9', (byte)'+', (byte)'/' + }; + + /** Determine which ALPHABET to use. */ + static + { + byte[] __bytes; + try + { + __bytes = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".getBytes( PREFERRED_ENCODING ); + } // end try + catch (java.io.UnsupportedEncodingException use) + { + __bytes = _NATIVE_ALPHABET; // Fall back to native encoding + } // end catch + ALPHABET = __bytes; + } // end static + + + /** + * Translates a Base64 value to either its 6-bit reconstruction value + * or a negative number indicating some other meaning. + **/ + private final static byte[] DECODABET = + { + -9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 0 - 8 + -5,-5, // Whitespace: Tab and Linefeed + -9,-9, // Decimal 11 - 12 + -5, // Whitespace: Carriage Return + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 14 - 26 + -9,-9,-9,-9,-9, // Decimal 27 - 31 + -5, // Whitespace: Space + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 33 - 42 + 62, // Plus sign at decimal 43 + -9,-9,-9, // Decimal 44 - 46 + 63, // Slash at decimal 47 + 52,53,54,55,56,57,58,59,60,61, // Numbers zero through nine + -9,-9,-9, // Decimal 58 - 60 + -1, // Equals sign at decimal 61 + -9,-9,-9, // Decimal 62 - 64 + 0,1,2,3,4,5,6,7,8,9,10,11,12,13, // Letters 'A' through 'N' + 14,15,16,17,18,19,20,21,22,23,24,25, // Letters 'O' through 'Z' + -9,-9,-9,-9,-9,-9, // Decimal 91 - 96 + 26,27,28,29,30,31,32,33,34,35,36,37,38, // Letters 'a' through 'm' + 39,40,41,42,43,44,45,46,47,48,49,50,51, // Letters 'n' through 'z' + -9,-9,-9,-9 // Decimal 123 - 126 + /*,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 127 - 139 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 140 - 152 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 153 - 165 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 166 - 178 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 179 - 191 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 192 - 204 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 205 - 217 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 218 - 230 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9, // Decimal 231 - 243 + -9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9,-9 // Decimal 244 - 255 */ + }; + + // I think I end up not using the BAD_ENCODING indicator. + //private final static byte BAD_ENCODING = -9; // Indicates error in encoding + private final static byte WHITE_SPACE_ENC = -5; // Indicates white space in encoding + private final static byte EQUALS_SIGN_ENC = -1; // Indicates equals sign in encoding + + + /** Defeats instantiation. */ + private Base64(){} + + + +/* ******** E N C O D I N G M E T H O D S ******** */ + + + /** + * Encodes up to the first three bytes of array threeBytes + * and returns a four-byte array in Base64 notation. + * The actual number of significant bytes in your array is + * given by numSigBytes. + * The array threeBytes needs only be as big as + * numSigBytes. + * Code can reuse a byte array by passing a four-byte array as b4. + * + * @param b4 A reusable byte array to reduce array instantiation + * @param threeBytes the array to convert + * @param numSigBytes the number of significant bytes in your array + * @return four byte array in Base64 notation. + * @since 1.5.1 + */ + private static byte[] encode3to4( byte[] b4, byte[] threeBytes, int numSigBytes ) + { + encode3to4( threeBytes, 0, numSigBytes, b4, 0 ); + return b4; + } // end encode3to4 + + + /** + * Encodes up to three bytes of the array source + * and writes the resulting four Base64 bytes to destination. + * The source and destination arrays can be manipulated + * anywhere along their length by specifying + * srcOffset and destOffset. + * This method does not check to make sure your arrays + * are large enough to accomodate srcOffset + 3 for + * the source array or destOffset + 4 for + * the destination array. + * The actual number of significant bytes in your array is + * given by numSigBytes. + * + * @param source the array to convert + * @param srcOffset the index where conversion begins + * @param numSigBytes the number of significant bytes in your array + * @param destination the array to hold the conversion + * @param destOffset the index where output will be put + * @return the destination array + * @since 1.3 + */ + private static byte[] encode3to4( + byte[] source, int srcOffset, int numSigBytes, + byte[] destination, int destOffset ) + { + // 1 2 3 + // 01234567890123456789012345678901 Bit position + // --------000000001111111122222222 Array position from threeBytes + // --------| || || || | Six bit groups to index ALPHABET + // >>18 >>12 >> 6 >> 0 Right shift necessary + // 0x3f 0x3f 0x3f Additional AND + + // Create buffer with zero-padding if there are only one or two + // significant bytes passed in the array. + // We have to shift left 24 in order to flush out the 1's that appear + // when Java treats a value as negative that is cast from a byte to an int. + int inBuff = ( numSigBytes > 0 ? ((source[ srcOffset ] << 24) >>> 8) : 0 ) + | ( numSigBytes > 1 ? ((source[ srcOffset + 1 ] << 24) >>> 16) : 0 ) + | ( numSigBytes > 2 ? ((source[ srcOffset + 2 ] << 24) >>> 24) : 0 ); + + switch( numSigBytes ) + { + case 3: + destination[ destOffset ] = ALPHABET[ (inBuff >>> 18) ]; + destination[ destOffset + 1 ] = ALPHABET[ (inBuff >>> 12) & 0x3f ]; + destination[ destOffset + 2 ] = ALPHABET[ (inBuff >>> 6) & 0x3f ]; + destination[ destOffset + 3 ] = ALPHABET[ (inBuff ) & 0x3f ]; + return destination; + + case 2: + destination[ destOffset ] = ALPHABET[ (inBuff >>> 18) ]; + destination[ destOffset + 1 ] = ALPHABET[ (inBuff >>> 12) & 0x3f ]; + destination[ destOffset + 2 ] = ALPHABET[ (inBuff >>> 6) & 0x3f ]; + destination[ destOffset + 3 ] = EQUALS_SIGN; + return destination; + + case 1: + destination[ destOffset ] = ALPHABET[ (inBuff >>> 18) ]; + destination[ destOffset + 1 ] = ALPHABET[ (inBuff >>> 12) & 0x3f ]; + destination[ destOffset + 2 ] = EQUALS_SIGN; + destination[ destOffset + 3 ] = EQUALS_SIGN; + return destination; + + default: + return destination; + } // end switch + } // end encode3to4 + + + + /** + * Serializes an object and returns the Base64-encoded + * version of that serialized object. If the object + * cannot be serialized or there is another error, + * the method will return null. + * The object is not GZip-compressed before being encoded. + * + * @param serializableObject The object to encode + * @return The Base64-encoded object + * @since 1.4 + */ + public static String encodeObject( java.io.Serializable serializableObject ) + { + return encodeObject( serializableObject, NO_OPTIONS ); + } // end encodeObject + + + + /** + * Serializes an object and returns the Base64-encoded + * version of that serialized object. If the object + * cannot be serialized or there is another error, + * the method will return null. + *

+ * Valid options:

+     *   GZIP: gzip-compresses object before encoding it.
+     *   DONT_BREAK_LINES: don't break lines at 76 characters
+     *     Note: Technically, this makes your encoding non-compliant.
+     *
+ *

+ * Example: encodeObject( myObj, Base64.GZIP ) or + *

+ * Example: encodeObject( myObj, Base64.GZIP | Base64.DONT_BREAK_LINES ) + * + * @param serializableObject The object to encode + * @param options Specified options + * @return The Base64-encoded object + * @see Base64#GZIP + * @see Base64#DONT_BREAK_LINES + * @since 2.0 + */ + public static String encodeObject( java.io.Serializable serializableObject, int options ) + { + // Streams + java.io.ByteArrayOutputStream baos = null; + java.io.OutputStream b64os = null; + java.io.ObjectOutputStream oos = null; + java.util.zip.GZIPOutputStream gzos = null; + + // Isolate options + int gzip = (options & GZIP); + int dontBreakLines = (options & DONT_BREAK_LINES); + + try + { + // ObjectOutputStream -> (GZIP) -> Base64 -> ByteArrayOutputStream + baos = new java.io.ByteArrayOutputStream(); + b64os = new Base64.OutputStream( baos, ENCODE | dontBreakLines ); + + // GZip? + if( gzip == GZIP ) + { + gzos = new java.util.zip.GZIPOutputStream( b64os ); + oos = new java.io.ObjectOutputStream( gzos ); + } // end if: gzip + else + oos = new java.io.ObjectOutputStream( b64os ); + + oos.writeObject( serializableObject ); + } // end try + catch( java.io.IOException e ) + { + e.printStackTrace(); + return null; + } // end catch + finally + { + try{ oos.close(); } catch( Exception e ){} + try{ gzos.close(); } catch( Exception e ){} + try{ b64os.close(); } catch( Exception e ){} + try{ baos.close(); } catch( Exception e ){} + } // end finally + + // Return value according to relevant encoding. + try + { + return new String( baos.toByteArray(), PREFERRED_ENCODING ); + } // end try + catch (java.io.UnsupportedEncodingException uue) + { + return new String( baos.toByteArray() ); + } // end catch + + } // end encode + + + + /** + * Encodes a byte array into Base64 notation. + * Does not GZip-compress data. + * + * @param source The data to convert + * @since 1.4 + */ + public static String encodeBytes( byte[] source ) + { + return encodeBytes( source, 0, source.length, NO_OPTIONS ); + } // end encodeBytes + + + + /** + * Encodes a byte array into Base64 notation. + *

+ * Valid options:

+     *   GZIP: gzip-compresses object before encoding it.
+     *   DONT_BREAK_LINES: don't break lines at 76 characters
+     *     Note: Technically, this makes your encoding non-compliant.
+     *
+ *

+ * Example: encodeBytes( myData, Base64.GZIP ) or + *

+ * Example: encodeBytes( myData, Base64.GZIP | Base64.DONT_BREAK_LINES ) + * + * + * @param source The data to convert + * @param options Specified options + * @see Base64#GZIP + * @see Base64#DONT_BREAK_LINES + * @since 2.0 + */ + public static String encodeBytes( byte[] source, int options ) + { + return encodeBytes( source, 0, source.length, options ); + } // end encodeBytes + + + /** + * Encodes a byte array into Base64 notation. + * Does not GZip-compress data. + * + * @param source The data to convert + * @param off Offset in array where conversion should begin + * @param len Length of data to convert + * @since 1.4 + */ + public static String encodeBytes( byte[] source, int off, int len ) + { + return encodeBytes( source, off, len, NO_OPTIONS ); + } // end encodeBytes + + + + /** + * Encodes a byte array into Base64 notation. + *

+ * Valid options:

+     *   GZIP: gzip-compresses object before encoding it.
+     *   DONT_BREAK_LINES: don't break lines at 76 characters
+     *     Note: Technically, this makes your encoding non-compliant.
+     *
+ *

+ * Example: encodeBytes( myData, Base64.GZIP ) or + *

+ * Example: encodeBytes( myData, Base64.GZIP | Base64.DONT_BREAK_LINES ) + * + * + * @param source The data to convert + * @param off Offset in array where conversion should begin + * @param len Length of data to convert + * @param options Specified options + * @see Base64#GZIP + * @see Base64#DONT_BREAK_LINES + * @since 2.0 + */ + public static String encodeBytes( byte[] source, int off, int len, int options ) + { + // Isolate options + int dontBreakLines = ( options & DONT_BREAK_LINES ); + int gzip = ( options & GZIP ); + + // Compress? + if( gzip == GZIP ) + { + java.io.ByteArrayOutputStream baos = null; + java.util.zip.GZIPOutputStream gzos = null; + Base64.OutputStream b64os = null; + + + try + { + // GZip -> Base64 -> ByteArray + baos = new java.io.ByteArrayOutputStream(); + b64os = new Base64.OutputStream( baos, ENCODE | dontBreakLines ); + gzos = new java.util.zip.GZIPOutputStream( b64os ); + + gzos.write( source, off, len ); + gzos.close(); + } // end try + catch( java.io.IOException e ) + { + e.printStackTrace(); + return null; + } // end catch + finally + { + try{ gzos.close(); } catch( Exception e ){} + try{ b64os.close(); } catch( Exception e ){} + try{ baos.close(); } catch( Exception e ){} + } // end finally + + // Return value according to relevant encoding. + try + { + return new String( baos.toByteArray(), PREFERRED_ENCODING ); + } // end try + catch (java.io.UnsupportedEncodingException uue) + { + return new String( baos.toByteArray() ); + } // end catch + } // end if: compress + + // Else, don't compress. Better not to use streams at all then. + else + { + // Convert option to boolean in way that code likes it. + boolean breakLines = dontBreakLines == 0; + + int len43 = len * 4 / 3; + byte[] outBuff = new byte[ ( len43 ) // Main 4:3 + + ( (len % 3) > 0 ? 4 : 0 ) // Account for padding + + (breakLines ? ( len43 / MAX_LINE_LENGTH ) : 0) ]; // New lines + int d = 0; + int e = 0; + int len2 = len - 2; + int lineLength = 0; + for( ; d < len2; d+=3, e+=4 ) + { + encode3to4( source, d+off, 3, outBuff, e ); + + lineLength += 4; + if( breakLines && lineLength == MAX_LINE_LENGTH ) + { + outBuff[e+4] = NEW_LINE; + e++; + lineLength = 0; + } // end if: end of line + } // en dfor: each piece of array + + if( d < len ) + { + encode3to4( source, d+off, len - d, outBuff, e ); + e += 4; + } // end if: some padding needed + + + // Return value according to relevant encoding. + try + { + return new String( outBuff, 0, e, PREFERRED_ENCODING ); + } // end try + catch (java.io.UnsupportedEncodingException uue) + { + return new String( outBuff, 0, e ); + } // end catch + + } // end else: don't compress + + } // end encodeBytes + + + + + +/* ******** D E C O D I N G M E T H O D S ******** */ + + + /** + * Decodes four bytes from array source + * and writes the resulting bytes (up to three of them) + * to destination. + * The source and destination arrays can be manipulated + * anywhere along their length by specifying + * srcOffset and destOffset. + * This method does not check to make sure your arrays + * are large enough to accomodate srcOffset + 4 for + * the source array or destOffset + 3 for + * the destination array. + * This method returns the actual number of bytes that + * were converted from the Base64 encoding. + * + * + * @param source the array to convert + * @param srcOffset the index where conversion begins + * @param destination the array to hold the conversion + * @param destOffset the index where output will be put + * @return the number of decoded bytes converted + * @since 1.3 + */ + private static int decode4to3( byte[] source, int srcOffset, byte[] destination, int destOffset ) + { + // Example: Dk== + if( source[ srcOffset + 2] == EQUALS_SIGN ) + { + // Two ways to do the same thing. Don't know which way I like best. + //int outBuff = ( ( DECODABET[ source[ srcOffset ] ] << 24 ) >>> 6 ) + // | ( ( DECODABET[ source[ srcOffset + 1] ] << 24 ) >>> 12 ); + int outBuff = ( ( DECODABET[ source[ srcOffset ] ] & 0xFF ) << 18 ) + | ( ( DECODABET[ source[ srcOffset + 1] ] & 0xFF ) << 12 ); + + destination[ destOffset ] = (byte)( outBuff >>> 16 ); + return 1; + } + + // Example: DkL= + else if( source[ srcOffset + 3 ] == EQUALS_SIGN ) + { + // Two ways to do the same thing. Don't know which way I like best. + //int outBuff = ( ( DECODABET[ source[ srcOffset ] ] << 24 ) >>> 6 ) + // | ( ( DECODABET[ source[ srcOffset + 1 ] ] << 24 ) >>> 12 ) + // | ( ( DECODABET[ source[ srcOffset + 2 ] ] << 24 ) >>> 18 ); + int outBuff = ( ( DECODABET[ source[ srcOffset ] ] & 0xFF ) << 18 ) + | ( ( DECODABET[ source[ srcOffset + 1 ] ] & 0xFF ) << 12 ) + | ( ( DECODABET[ source[ srcOffset + 2 ] ] & 0xFF ) << 6 ); + + destination[ destOffset ] = (byte)( outBuff >>> 16 ); + destination[ destOffset + 1 ] = (byte)( outBuff >>> 8 ); + return 2; + } + + // Example: DkLE + else + { + try{ + // Two ways to do the same thing. Don't know which way I like best. + //int outBuff = ( ( DECODABET[ source[ srcOffset ] ] << 24 ) >>> 6 ) + // | ( ( DECODABET[ source[ srcOffset + 1 ] ] << 24 ) >>> 12 ) + // | ( ( DECODABET[ source[ srcOffset + 2 ] ] << 24 ) >>> 18 ) + // | ( ( DECODABET[ source[ srcOffset + 3 ] ] << 24 ) >>> 24 ); + int outBuff = ( ( DECODABET[ source[ srcOffset ] ] & 0xFF ) << 18 ) + | ( ( DECODABET[ source[ srcOffset + 1 ] ] & 0xFF ) << 12 ) + | ( ( DECODABET[ source[ srcOffset + 2 ] ] & 0xFF ) << 6) + | ( ( DECODABET[ source[ srcOffset + 3 ] ] & 0xFF ) ); + + + destination[ destOffset ] = (byte)( outBuff >> 16 ); + destination[ destOffset + 1 ] = (byte)( outBuff >> 8 ); + destination[ destOffset + 2 ] = (byte)( outBuff ); + + return 3; + }catch( Exception e){ + System.out.println(""+source[srcOffset]+ ": " + ( DECODABET[ source[ srcOffset ] ] ) ); + System.out.println(""+source[srcOffset+1]+ ": " + ( DECODABET[ source[ srcOffset + 1 ] ] ) ); + System.out.println(""+source[srcOffset+2]+ ": " + ( DECODABET[ source[ srcOffset + 2 ] ] ) ); + System.out.println(""+source[srcOffset+3]+ ": " + ( DECODABET[ source[ srcOffset + 3 ] ] ) ); + return -1; + } //e nd catch + } + } // end decodeToBytes + + + + + /** + * Very low-level access to decoding ASCII characters in + * the form of a byte array. Does not support automatically + * gunzipping or any other "fancy" features. + * + * @param source The Base64 encoded data + * @param off The offset of where to begin decoding + * @param len The length of characters to decode + * @return decoded data + * @since 1.3 + */ + public static byte[] decode( byte[] source, int off, int len ) + { + int len34 = len * 3 / 4; + byte[] outBuff = new byte[ len34 ]; // Upper limit on size of output + int outBuffPosn = 0; + + byte[] b4 = new byte[4]; + int b4Posn = 0; + int i = 0; + byte sbiCrop = 0; + byte sbiDecode = 0; + for( i = off; i < off+len; i++ ) + { + sbiCrop = (byte)(source[i] & 0x7f); // Only the low seven bits + sbiDecode = DECODABET[ sbiCrop ]; + + if( sbiDecode >= WHITE_SPACE_ENC ) // White space, Equals sign or better + { + if( sbiDecode >= EQUALS_SIGN_ENC ) + { + b4[ b4Posn++ ] = sbiCrop; + if( b4Posn > 3 ) + { + outBuffPosn += decode4to3( b4, 0, outBuff, outBuffPosn ); + b4Posn = 0; + + // If that was the equals sign, break out of 'for' loop + if( sbiCrop == EQUALS_SIGN ) + break; + } // end if: quartet built + + } // end if: equals sign or better + + } // end if: white space, equals sign or better + else + { + System.err.println( "Bad Base64 input character at " + i + ": " + source[i] + "(decimal)" ); + return null; + } // end else: + } // each input character + + byte[] out = new byte[ outBuffPosn ]; + System.arraycopy( outBuff, 0, out, 0, outBuffPosn ); + return out; + } // end decode + + + + + /** + * Decodes data from Base64 notation, automatically + * detecting gzip-compressed data and decompressing it. + * + * @param s the string to decode + * @return the decoded data + * @since 1.4 + */ + public static byte[] decode( String s ) + { + byte[] bytes; + try + { + bytes = s.getBytes( PREFERRED_ENCODING ); + } // end try + catch( java.io.UnsupportedEncodingException uee ) + { + bytes = s.getBytes(); + } // end catch + // + + // Decode + bytes = decode( bytes, 0, bytes.length ); + + + // Check to see if it's gzip-compressed + // GZIP Magic Two-Byte Number: 0x8b1f (35615) + if( bytes != null && bytes.length >= 4 ) + { + + int head = ((int)bytes[0] & 0xff) | ((bytes[1] << 8) & 0xff00); + if( java.util.zip.GZIPInputStream.GZIP_MAGIC == head ) + { + java.io.ByteArrayInputStream bais = null; + java.util.zip.GZIPInputStream gzis = null; + java.io.ByteArrayOutputStream baos = null; + byte[] buffer = new byte[2048]; + int length = 0; + + try + { + baos = new java.io.ByteArrayOutputStream(); + bais = new java.io.ByteArrayInputStream( bytes ); + gzis = new java.util.zip.GZIPInputStream( bais ); + + while( ( length = gzis.read( buffer ) ) >= 0 ) + { + baos.write(buffer,0,length); + } // end while: reading input + + // No error? Get new bytes. + bytes = baos.toByteArray(); + + } // end try + catch( java.io.IOException e ) + { + // Just return originally-decoded bytes + } // end catch + finally + { + try{ baos.close(); } catch( Exception e ){} + try{ gzis.close(); } catch( Exception e ){} + try{ bais.close(); } catch( Exception e ){} + } // end finally + + } // end if: gzipped + } // end if: bytes.length >= 2 + + return bytes; + } // end decode + + + + + /** + * Attempts to decode Base64 data and deserialize a Java + * Object within. Returns null if there was an error. + * + * @param encodedObject The Base64 data to decode + * @return The decoded and deserialized object + * @since 1.5 + */ + public static Object decodeToObject( String encodedObject ) + { + // Decode and gunzip if necessary + byte[] objBytes = decode( encodedObject ); + + java.io.ByteArrayInputStream bais = null; + java.io.ObjectInputStream ois = null; + Object obj = null; + + try + { + bais = new java.io.ByteArrayInputStream( objBytes ); + ois = new java.io.ObjectInputStream( bais ); + + obj = ois.readObject(); + } // end try + catch( java.io.IOException e ) + { + e.printStackTrace(); + obj = null; + } // end catch + catch( java.lang.ClassNotFoundException e ) + { + e.printStackTrace(); + obj = null; + } // end catch + finally + { + try{ bais.close(); } catch( Exception e ){} + try{ ois.close(); } catch( Exception e ){} + } // end finally + + return obj; + } // end decodeObject + + + + /** + * Convenience method for encoding data to a file. + * + * @param dataToEncode byte array of data to encode in base64 form + * @param filename Filename for saving encoded data + * @return true if successful, false otherwise + * + * @since 2.1 + */ + public static boolean encodeToFile( byte[] dataToEncode, String filename ) + { + boolean success = false; + Base64.OutputStream bos = null; + try + { + bos = new Base64.OutputStream( + new java.io.FileOutputStream( filename ), Base64.ENCODE ); + bos.write( dataToEncode ); + success = true; + } // end try + catch( java.io.IOException e ) + { + + success = false; + } // end catch: IOException + finally + { + try{ bos.close(); } catch( Exception e ){} + } // end finally + + return success; + } // end encodeToFile + + + /** + * Convenience method for decoding data to a file. + * + * @param dataToDecode Base64-encoded data as a string + * @param filename Filename for saving decoded data + * @return true if successful, false otherwise + * + * @since 2.1 + */ + public static boolean decodeToFile( String dataToDecode, String filename ) + { + boolean success = false; + Base64.OutputStream bos = null; + try + { + bos = new Base64.OutputStream( + new java.io.FileOutputStream( filename ), Base64.DECODE ); + bos.write( dataToDecode.getBytes( PREFERRED_ENCODING ) ); + success = true; + } // end try + catch( java.io.IOException e ) + { + success = false; + } // end catch: IOException + finally + { + try{ bos.close(); } catch( Exception e ){} + } // end finally + + return success; + } // end decodeToFile + + + + + /** + * Convenience method for reading a base64-encoded + * file and decoding it. + * + * @param filename Filename for reading encoded data + * @return decoded byte array or null if unsuccessful + * + * @since 2.1 + */ + public static byte[] decodeFromFile( String filename ) + { + byte[] decodedData = null; + Base64.InputStream bis = null; + try + { + // Set up some useful variables + java.io.File file = new java.io.File( filename ); + byte[] buffer = null; + int length = 0; + int numBytes = 0; + + // Check for size of file + if( file.length() > Integer.MAX_VALUE ) + { + System.err.println( "File is too big for this convenience method (" + file.length() + " bytes)." ); + return null; + } // end if: file too big for int index + buffer = new byte[ (int)file.length() ]; + + // Open a stream + bis = new Base64.InputStream( + new java.io.BufferedInputStream( + new java.io.FileInputStream( file ) ), Base64.DECODE ); + + // Read until done + while( ( numBytes = bis.read( buffer, length, 4096 ) ) >= 0 ) + length += numBytes; + + // Save in a variable to return + decodedData = new byte[ length ]; + System.arraycopy( buffer, 0, decodedData, 0, length ); + + } // end try + catch( java.io.IOException e ) + { + System.err.println( "Error decoding from file " + filename ); + } // end catch: IOException + finally + { + try{ bis.close(); } catch( Exception e) {} + } // end finally + + return decodedData; + } // end decodeFromFile + + + + /** + * Convenience method for reading a binary file + * and base64-encoding it. + * + * @param filename Filename for reading binary data + * @return base64-encoded string or null if unsuccessful + * + * @since 2.1 + */ + public static String encodeFromFile( String filename ) + { + String encodedData = null; + Base64.InputStream bis = null; + try + { + // Set up some useful variables + java.io.File file = new java.io.File( filename ); + byte[] buffer = new byte[ (int)(file.length() * 1.4) ]; + int length = 0; + int numBytes = 0; + + // Open a stream + bis = new Base64.InputStream( + new java.io.BufferedInputStream( + new java.io.FileInputStream( file ) ), Base64.ENCODE ); + + // Read until done + while( ( numBytes = bis.read( buffer, length, 4096 ) ) >= 0 ) + length += numBytes; + + // Save in a variable to return + encodedData = new String( buffer, 0, length, Base64.PREFERRED_ENCODING ); + + } // end try + catch( java.io.IOException e ) + { + System.err.println( "Error encoding from file " + filename ); + } // end catch: IOException + finally + { + try{ bis.close(); } catch( Exception e) {} + } // end finally + + return encodedData; + } // end encodeFromFile + + + + + /* ******** I N N E R C L A S S I N P U T S T R E A M ******** */ + + + + /** + * A {@link Base64.InputStream} will read data from another + * java.io.InputStream, given in the constructor, + * and encode/decode to/from Base64 notation on the fly. + * + * @see Base64 + * @since 1.3 + */ + public static class InputStream extends java.io.FilterInputStream + { + private boolean encode; // Encoding or decoding + private int position; // Current position in the buffer + private byte[] buffer; // Small buffer holding converted data + private int bufferLength; // Length of buffer (3 or 4) + private int numSigBytes; // Number of meaningful bytes in the buffer + private int lineLength; + private boolean breakLines; // Break lines at less than 80 characters + + + /** + * Constructs a {@link Base64.InputStream} in DECODE mode. + * + * @param in the java.io.InputStream from which to read data. + * @since 1.3 + */ + public InputStream( java.io.InputStream in ) + { + this( in, DECODE ); + } // end constructor + + + /** + * Constructs a {@link Base64.InputStream} in + * either ENCODE or DECODE mode. + *

+ * Valid options:

+         *   ENCODE or DECODE: Encode or Decode as data is read.
+         *   DONT_BREAK_LINES: don't break lines at 76 characters
+         *     (only meaningful when encoding)
+         *     Note: Technically, this makes your encoding non-compliant.
+         *
+ *

+ * Example: new Base64.InputStream( in, Base64.DECODE ) + * + * + * @param in the java.io.InputStream from which to read data. + * @param options Specified options + * @see Base64#ENCODE + * @see Base64#DECODE + * @see Base64#DONT_BREAK_LINES + * @since 2.0 + */ + public InputStream( java.io.InputStream in, int options ) + { + super( in ); + this.breakLines = (options & DONT_BREAK_LINES) != DONT_BREAK_LINES; + this.encode = (options & ENCODE) == ENCODE; + this.bufferLength = encode ? 4 : 3; + this.buffer = new byte[ bufferLength ]; + this.position = -1; + this.lineLength = 0; + } // end constructor + + /** + * Reads enough of the input stream to convert + * to/from Base64 and returns the next byte. + * + * @return next byte + * @since 1.3 + */ + public int read() throws java.io.IOException + { + // Do we need to get data? + if( position < 0 ) + { + if( encode ) + { + byte[] b3 = new byte[3]; + int numBinaryBytes = 0; + for( int i = 0; i < 3; i++ ) + { + try + { + int b = in.read(); + + // If end of stream, b is -1. + if( b >= 0 ) + { + b3[i] = (byte)b; + numBinaryBytes++; + } // end if: not end of stream + + } // end try: read + catch( java.io.IOException e ) + { + // Only a problem if we got no data at all. + if( i == 0 ) + throw e; + + } // end catch + } // end for: each needed input byte + + if( numBinaryBytes > 0 ) + { + encode3to4( b3, 0, numBinaryBytes, buffer, 0 ); + position = 0; + numSigBytes = 4; + } // end if: got data + else + { + return -1; + } // end else + } // end if: encoding + + // Else decoding + else + { + byte[] b4 = new byte[4]; + int i = 0; + for( i = 0; i < 4; i++ ) + { + // Read four "meaningful" bytes: + int b = 0; + do{ b = in.read(); } + while( b >= 0 && DECODABET[ b & 0x7f ] <= WHITE_SPACE_ENC ); + + if( b < 0 ) + break; // Reads a -1 if end of stream + + b4[i] = (byte)b; + } // end for: each needed input byte + + if( i == 4 ) + { + numSigBytes = decode4to3( b4, 0, buffer, 0 ); + position = 0; + } // end if: got four characters + else if( i == 0 ){ + return -1; + } // end else if: also padded correctly + else + { + // Must have broken out from above. + throw new java.io.IOException( "Improperly padded Base64 input." ); + } // end + + } // end else: decode + } // end else: get data + + // Got data? + if( position >= 0 ) + { + // End of relevant data? + if( /*!encode &&*/ position >= numSigBytes ) + return -1; + + if( encode && breakLines && lineLength >= MAX_LINE_LENGTH ) + { + lineLength = 0; + return '\n'; + } // end if + else + { + lineLength++; // This isn't important when decoding + // but throwing an extra "if" seems + // just as wasteful. + + int b = buffer[ position++ ]; + + if( position >= bufferLength ) + position = -1; + + return b & 0xFF; // This is how you "cast" a byte that's + // intended to be unsigned. + } // end else + } // end if: position >= 0 + + // Else error + else + { + // When JDK1.4 is more accepted, use an assertion here. + throw new java.io.IOException( "Error in Base64 code reading stream." ); + } // end else + } // end read + + + /** + * Calls {@link #read()} repeatedly until the end of stream + * is reached or len bytes are read. + * Returns number of bytes read into array or -1 if + * end of stream is encountered. + * + * @param dest array to hold values + * @param off offset for array + * @param len max number of bytes to read into array + * @return bytes read into array or -1 if end of stream is encountered. + * @since 1.3 + */ + public int read( byte[] dest, int off, int len ) throws java.io.IOException + { + int i; + int b; + for( i = 0; i < len; i++ ) + { + b = read(); + + //if( b < 0 && i == 0 ) + // return -1; + + if( b >= 0 ) + dest[off + i] = (byte)b; + else if( i == 0 ) + return -1; + else + break; // Out of 'for' loop + } // end for: each byte read + return i; + } // end read + + } // end inner class InputStream + + + + + + + /* ******** I N N E R C L A S S O U T P U T S T R E A M ******** */ + + + + /** + * A {@link Base64.OutputStream} will write data to another + * java.io.OutputStream, given in the constructor, + * and encode/decode to/from Base64 notation on the fly. + * + * @see Base64 + * @since 1.3 + */ + public static class OutputStream extends java.io.FilterOutputStream + { + private boolean encode; + private int position; + private byte[] buffer; + private int bufferLength; + private int lineLength; + private boolean breakLines; + private byte[] b4; // Scratch used in a few places + private boolean suspendEncoding; + + /** + * Constructs a {@link Base64.OutputStream} in ENCODE mode. + * + * @param out the java.io.OutputStream to which data will be written. + * @since 1.3 + */ + public OutputStream( java.io.OutputStream out ) + { + this( out, ENCODE ); + } // end constructor + + + /** + * Constructs a {@link Base64.OutputStream} in + * either ENCODE or DECODE mode. + *

+ * Valid options:

+         *   ENCODE or DECODE: Encode or Decode as data is read.
+         *   DONT_BREAK_LINES: don't break lines at 76 characters
+         *     (only meaningful when encoding)
+         *     Note: Technically, this makes your encoding non-compliant.
+         *
+ *

+ * Example: new Base64.OutputStream( out, Base64.ENCODE ) + * + * @param out the java.io.OutputStream to which data will be written. + * @param options Specified options. + * @see Base64#ENCODE + * @see Base64#DECODE + * @see Base64#DONT_BREAK_LINES + * @since 1.3 + */ + public OutputStream( java.io.OutputStream out, int options ) + { + super( out ); + this.breakLines = (options & DONT_BREAK_LINES) != DONT_BREAK_LINES; + this.encode = (options & ENCODE) == ENCODE; + this.bufferLength = encode ? 3 : 4; + this.buffer = new byte[ bufferLength ]; + this.position = 0; + this.lineLength = 0; + this.suspendEncoding = false; + this.b4 = new byte[4]; + } // end constructor + + + /** + * Writes the byte to the output stream after + * converting to/from Base64 notation. + * When encoding, bytes are buffered three + * at a time before the output stream actually + * gets a write() call. + * When decoding, bytes are buffered four + * at a time. + * + * @param theByte the byte to write + * @since 1.3 + */ + public void write(int theByte) throws java.io.IOException + { + // Encoding suspended? + if( suspendEncoding ) + { + super.out.write( theByte ); + return; + } // end if: supsended + + // Encode? + if( encode ) + { + buffer[ position++ ] = (byte)theByte; + if( position >= bufferLength ) // Enough to encode. + { + out.write( encode3to4( b4, buffer, bufferLength ) ); + + lineLength += 4; + if( breakLines && lineLength >= MAX_LINE_LENGTH ) + { + out.write( NEW_LINE ); + lineLength = 0; + } // end if: end of line + + position = 0; + } // end if: enough to output + } // end if: encoding + + // Else, Decoding + else + { + // Meaningful Base64 character? + if( DECODABET[ theByte & 0x7f ] > WHITE_SPACE_ENC ) + { + buffer[ position++ ] = (byte)theByte; + if( position >= bufferLength ) // Enough to output. + { + int len = Base64.decode4to3( buffer, 0, b4, 0 ); + out.write( b4, 0, len ); + //out.write( Base64.decode4to3( buffer ) ); + position = 0; + } // end if: enough to output + } // end if: meaningful base64 character + else if( DECODABET[ theByte & 0x7f ] != WHITE_SPACE_ENC ) + { + throw new java.io.IOException( "Invalid character in Base64 data." ); + } // end else: not white space either + } // end else: decoding + } // end write + + + + /** + * Calls {@link #write(int)} repeatedly until len + * bytes are written. + * + * @param theBytes array from which to read bytes + * @param off offset for array + * @param len max number of bytes to read into array + * @since 1.3 + */ + public void write( byte[] theBytes, int off, int len ) throws java.io.IOException + { + // Encoding suspended? + if( suspendEncoding ) + { + super.out.write( theBytes, off, len ); + return; + } // end if: supsended + + for( int i = 0; i < len; i++ ) + { + write( theBytes[ off + i ] ); + } // end for: each byte written + + } // end write + + + + /** + * Method added by PHIL. [Thanks, PHIL. -Rob] + * This pads the buffer without closing the stream. + */ + public void flushBase64() throws java.io.IOException + { + if( position > 0 ) + { + if( encode ) + { + out.write( encode3to4( b4, buffer, position ) ); + position = 0; + } // end if: encoding + else + { + throw new java.io.IOException( "Base64 input not properly padded." ); + } // end else: decoding + } // end if: buffer partially full + + } // end flush + + + /** + * Flushes and closes (I think, in the superclass) the stream. + * + * @since 1.3 + */ + public void close() throws java.io.IOException + { + // 1. Ensure that pending characters are written + flushBase64(); + + // 2. Actually close the stream + // Base class both flushes and closes. + super.close(); + + buffer = null; + out = null; + } // end close + + + + /** + * Suspends encoding of the stream. + * May be helpful if you need to embed a piece of + * base640-encoded data in a stream. + * + * @since 1.5.1 + */ + public void suspendEncoding() throws java.io.IOException + { + flushBase64(); + this.suspendEncoding = true; + } // end suspendEncoding + + + /** + * Resumes encoding of the stream. + * May be helpful if you need to embed a piece of + * base640-encoded data in a stream. + * + * @since 1.5.1 + */ + public void resumeEncoding() + { + this.suspendEncoding = false; + } // end resumeEncoding + + + + } // end inner class OutputStream + + +} // end class Base64 diff --git a/core/src/main/java/net/jradius/util/CHAP.java b/core/src/main/java/net/jradius/util/CHAP.java new file mode 100644 index 0000000..bea5c8c --- /dev/null +++ b/core/src/main/java/net/jradius/util/CHAP.java @@ -0,0 +1,63 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.util; + +import gnu.crypto.hash.HashFactory; +import gnu.crypto.hash.IMessageDigest; + +/** + * CHAP Utils. + * + * @author David Bird + */ +public final class CHAP +{ + /** + * @param id The packet identifier + * @param Password The User's Password value in bytes + * @param Challenge The 16 byte authentication challenge + * @return Returns the CHAP-Password + */ + public static byte[] chapMD5(byte id, byte[] Password, byte[] Challenge) + { + IMessageDigest md = HashFactory.getInstance("MD5"); + md.update(id); + md.update(Password, 0, Password.length); + md.update(Challenge, 0, Challenge.length); + return md.digest(); + } + + /** + * Do CHAP + * + * @param id The packet identifier + * @param Password The User's Password value in bytes + * @param Challenge The 16 byte authentication challenge + * @return Returns the CHAP-Password + */ + public static byte[] chapResponse(byte id, byte[] Password, byte[] Challenge) + { + byte[] Response = new byte[17]; + Response[0] = id; + System.arraycopy(chapMD5(id, Password, Challenge), 0, Response, 1, 16); + return Response; + } +} diff --git a/core/src/main/java/net/jradius/util/MD5.java b/core/src/main/java/net/jradius/util/MD5.java new file mode 100644 index 0000000..64f7f7d --- /dev/null +++ b/core/src/main/java/net/jradius/util/MD5.java @@ -0,0 +1,120 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.util; + +import gnu.crypto.hash.HashFactory; +import gnu.crypto.hash.IMessageDigest; +import gnu.crypto.mac.IMac; +import gnu.crypto.mac.MacFactory; + +import java.util.HashMap; + +/** + * MD5 Utils including HMAC-MD5 + * @author David Bird + */ +public class MD5 +{ + private static class ThreadLocalMD5 extends ThreadLocal + { + public IMessageDigest initialValue() + { + return HashFactory.getInstance("MD5"); + } + + public IMessageDigest getMD5() + { + IMessageDigest md = super.get(); + md.reset(); + return md; + } + } + + private static ThreadLocalMD5 md5 = new ThreadLocalMD5(); + + private static class ThreadLocalHMACMD5 extends ThreadLocal + { + public IMac initialValue() + { + return MacFactory.getInstance("HMAC-MD5"); + } + + public IMac getHMACMD5() + { + IMac md = super.get(); + md.reset(); + return md; + } + } + + private static ThreadLocalHMACMD5 hmacmd5 = new ThreadLocalHMACMD5(); + + public static IMessageDigest getMD5() { return md5.getMD5(); } + + public static IMac getHMACMD5() { return hmacmd5.getHMACMD5(); } + + public static byte[] md5(byte[] text) + { + IMessageDigest md = md5.getMD5(); + md.update(text, 0, text.length); + return md.digest(); + } + + public static byte[] md5(byte[] text1, byte[] text2) + { + IMessageDigest md = md5.getMD5(); + md.update(text1, 0, text1.length); + md.update(text2, 0, text2.length); + return md.digest(); + } + + public static byte[] hmac_md5(byte[] text, byte[] key) + { + int minKeyLen = 64; + byte[] digest = new byte[16]; + + if (key.length < minKeyLen) + { + byte[] t = new byte[minKeyLen]; + System.arraycopy(key, 0, t, 0, key.length); + key = t; + } + + IMac mac = hmacmd5.getHMACMD5(); + HashMap attributes = new HashMap(); + + attributes.put(IMac.MAC_KEY_MATERIAL, key); + attributes.put(IMac.TRUNCATED_SIZE, new Integer(16)); + + try + { + mac.init(attributes); + } + catch (Exception e) + { + e.printStackTrace(); + } + + mac.update(text, 0, text.length); + System.arraycopy(mac.digest(), 0, digest, 0, 16); + return digest; + } +} diff --git a/core/src/main/java/net/jradius/util/MSCHAP.java b/core/src/main/java/net/jradius/util/MSCHAP.java new file mode 100644 index 0000000..5e221ce --- /dev/null +++ b/core/src/main/java/net/jradius/util/MSCHAP.java @@ -0,0 +1,228 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.util; + +import gnu.crypto.cipher.CipherFactory; +import gnu.crypto.cipher.IBlockCipher; +import gnu.crypto.cipher.WeakKeyException; +import gnu.crypto.hash.HashFactory; +import gnu.crypto.hash.IMessageDigest; + +import java.util.HashMap; +import java.util.Map; + +/** + * MSCHAP implementation translated into Java from the original + * pseudocode can be found in RFC 2759 and 2433. + * + * @author David Bird + */ +public final class MSCHAP +{ + private static void parity_key(byte[] szOut, final byte[] szIn, final int offset) + { + int i; + int cNext = 0; + int cWorking = 0; + + for (i = 0; i < 7; i++) + { + cWorking = 0xFF & szIn[i + offset]; + szOut[i] = (byte)(((cWorking >> i) | cNext | 1) & 0xff); + cWorking = 0xFF & szIn[i + offset]; + cNext = ((cWorking << (7 - i))); + } + + szOut[i] = (byte) (cNext | 1); + } + + private static byte[] unicode(byte[] in) + { + byte b[] = new byte[in.length * 2]; + for (int i = 0; i < b.length; i++) + b[i] = 0; + for (int i = 0; i < in.length; i++) + b[(2 * i)] = in[i]; + return b; + } + + private static byte[] ChallengeHash(final byte[] PeerChallenge, final byte[] AuthenticatorChallenge, final byte[] UserName) + { + byte Challenge[] = new byte[8]; + IMessageDigest md = HashFactory.getInstance("SHA-1"); + md.update(PeerChallenge, 0, 16); + md.update(AuthenticatorChallenge, 0, 16); + md.update(UserName, 0, UserName.length); + System.arraycopy(md.digest(), 0, Challenge, 0, 8); + return Challenge; + } + + private static byte[] NtPasswordHash(byte[] Password) + { + byte PasswordHash[] = new byte[16]; + byte uniPassword[] = unicode(Password); + IMessageDigest md = HashFactory.getInstance("MD4"); + md.update(uniPassword, 0, uniPassword.length); + System.arraycopy(md.digest(), 0, PasswordHash, 0, 16); + return PasswordHash; + } + + /* not used currently + private static byte[] HashNtPasswordHash(byte[] PasswordHash) + { + byte PasswordHashHash[] = new byte[16]; + IMessageDigest md = HashFactory.getInstance("MD4"); + md.update(PasswordHash, 0, 16); + System.arraycopy(md.digest(), 0, PasswordHashHash, 0, 16); + return PasswordHashHash; + } + */ + + private static void DesEncrypt(byte[] Clear, int clearOffset, byte[] Key, int keyOffset, byte[] Cypher, int cypherOffset) + { + byte szParityKey[] = new byte[8]; + parity_key(szParityKey, Key, keyOffset); + + IBlockCipher cipher = CipherFactory.getInstance("DES"); + Map attributes = new HashMap(); + + attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(8)); + attributes.put(IBlockCipher.KEY_MATERIAL, szParityKey); + + try + { + cipher.init(attributes); + cipher.encryptBlock(Clear, clearOffset, Cypher, cypherOffset); + } + catch (WeakKeyException e) { } + catch (Exception e) + { + e.printStackTrace(); + } + } + + private static byte[] ChallengeResponse(final byte[] Challenge, final byte[] PasswordHash) + { + byte Response[] = new byte[24]; + byte ZPasswordHash[] = new byte[21]; + + for (int i = 0; i < 16; i++) + ZPasswordHash[i] = PasswordHash[i]; + + for (int i = 16; i < 21; i++) + ZPasswordHash[i] = 0; + + DesEncrypt(Challenge, 0, ZPasswordHash, 0, Response, 0); + DesEncrypt(Challenge, 0, ZPasswordHash, 7, Response, 8); + DesEncrypt(Challenge, 0, ZPasswordHash, 14, Response, 16); + + return Response; + } + + private static byte[] NtChallengeResponse(byte[] Challenge, byte[] Password) + { + byte[] PasswordHash = NtPasswordHash(Password); + return ChallengeResponse(Challenge, PasswordHash); + } + + private static byte[] GenerateNTResponse(byte[] AuthenticatorChallenge, byte[] PeerChallenge, byte[] UserName, byte[] Password) + { + byte Challenge[] = ChallengeHash(PeerChallenge, AuthenticatorChallenge, UserName); + byte PasswordHash[] = NtPasswordHash(Password); + return ChallengeResponse(Challenge, PasswordHash); + } + + public static void DesHash(byte[] key, int offsetKey, byte[] Cypher, int offsetCypher) + { + /* + * Make Cypher an irreversibly encrypted form of Clear by + * encrypting known text using Clear as the secret key. + * The known text consists of the string + * + * KGS!@#$% + */ + String ClearText = "KGS!@#$%"; + DesEncrypt(ClearText.getBytes(), 0, key, offsetKey, Cypher, offsetCypher); + } + + public static byte[] LmPasswordHash(byte[] Password) + { + String pString = (new String(Password)).toUpperCase(); + byte[] PasswordHash = new byte[16]; + byte[] pByte = new byte[14]; + + for (int i=0; i<14; i++) pByte[i] = 0; + + Password = pString.getBytes(); + for (int i=0; i < 14 && i < Password.length; i++) + pByte[i] = Password[i]; + + DesHash(pByte, 0, PasswordHash, 0); + DesHash(pByte, 7, PasswordHash, 8); + + return PasswordHash; + } + + public static byte[] LmChallengeResponse(byte[] Challenge, byte[] Password) + { + byte[] PasswordHash = LmPasswordHash(Password); + return ChallengeResponse(Challenge, PasswordHash); + } + + /** + * Do MSCHAPv1 (supports using NT Password) + * + * @param Password The User's Password value in bytes + * @param AuthChallenge The 16 byte authentication challenge + * @return Returns a 50 byte array - the MSCHAP Response + */ + public static byte[] doMSCHAPv1(byte[] Password, byte[] AuthChallenge) + { + byte[] response = new byte[50]; + // There is currently a problem with the LmChallengeResponse value! + byte[] LmResponse = LmChallengeResponse(AuthChallenge, Password); + byte[] NtResponse = NtChallengeResponse(AuthChallenge, Password); + System.arraycopy(LmResponse, 0, response, 2, 24); + System.arraycopy(NtResponse, 0, response, 26, 24); + // Lets only use the NT password + response[1] = 0x01; + return response; + } + + /** + * Do MSCHAPv2 + * + * @param UserName The User-Name attribute value bytes + * @param Password The User's Password value in bytes + * @param AuthChallenge The 16 byte authentication challenge + * @return Returns a 50 byte array - the MSCHAPv2 Response + */ + public static byte[] doMSCHAPv2(byte[] UserName, byte[] Password, byte[] AuthChallenge) + { + byte[] response = new byte[50]; + byte peerChallenge[] = RadiusRandom.getBytes(16); + byte ntResponse[] = GenerateNTResponse(AuthChallenge, peerChallenge, UserName, Password); + System.arraycopy(peerChallenge, 0, response, 2, 16); + System.arraycopy(ntResponse, 0, response, 26, 24); + return response; + } +} diff --git a/core/src/main/java/net/jradius/util/MessageAuthenticator.java b/core/src/main/java/net/jradius/util/MessageAuthenticator.java new file mode 100644 index 0000000..9f091d9 --- /dev/null +++ b/core/src/main/java/net/jradius/util/MessageAuthenticator.java @@ -0,0 +1,40 @@ +package net.jradius.util; + +import java.util.Arrays; + +import net.jradius.packet.RadiusFormat; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeDictionary; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.RadiusAttribute; + +public class MessageAuthenticator +{ + private static final RadiusFormat format = RadiusFormat.getInstance(); + + public static void generateRequest(RadiusPacket request, String sharedSecret) { + byte[] hash = new byte[16]; + request.overwriteAttribute(AttributeFactory.newAttribute(AttributeDictionary.MESSAGE_AUTHENTICATOR, hash)); + System.arraycopy(MD5.hmac_md5(format.packPacket(request, sharedSecret), sharedSecret.getBytes()), 0, hash, 0, 16); + } + + public static Boolean verifyReply(RadiusPacket request, RadiusPacket reply, String sharedSecret) { + byte[] requestAuth = request.getAuthenticator(); + byte[] replyAuth = reply.getAuthenticator(); + byte[] hash = new byte[16]; + + RadiusAttribute attr = reply.findAttribute(AttributeDictionary.MESSAGE_AUTHENTICATOR); + if (attr == null) return null; + + byte[] pval = attr.getValue().getBytes(); + attr.setValue(hash); + + reply.setAuthenticator(requestAuth); + + System.arraycopy(MD5.hmac_md5(format.packPacket(reply, sharedSecret), sharedSecret.getBytes()), 0, hash, 0, 16); + + reply.setAuthenticator(replyAuth); + + return new Boolean(Arrays.equals(pval, hash)); + } +} diff --git a/core/src/main/java/net/jradius/util/RadiusRandom.java b/core/src/main/java/net/jradius/util/RadiusRandom.java new file mode 100644 index 0000000..6d5e4b8 --- /dev/null +++ b/core/src/main/java/net/jradius/util/RadiusRandom.java @@ -0,0 +1,94 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.util; + +import gnu.crypto.prng.IRandom; +import gnu.crypto.prng.MDGenerator; +import gnu.crypto.prng.PRNGFactory; + +import java.util.Calendar; +import java.util.GregorianCalendar; +import java.util.LinkedHashMap; +import java.util.Map; + +/** + * A Random Number Generator (wrapper) for JRadius + * + * @author David Bird + */ +public class RadiusRandom +{ + static final Map attrib = new LinkedHashMap(); + static final IRandom rand = PRNGFactory.getInstance("MD"); + + static + { + Calendar cal = GregorianCalendar.getInstance(); + byte seed[] = Long.toBinaryString(cal.getTimeInMillis()).getBytes(); + attrib.put(MDGenerator.MD_NAME, "MD5"); + attrib.put(MDGenerator.SEEED, seed); + rand.init(attrib); + } + + /** + * Generates an array of random bytes. + * @param length number of random bytes to generate + * @return array of random bytes + */ + public static byte[] getBytes(int length) + { + byte result[] = new byte[length]; + synchronized (rand) + { + for (int i = 0; i < length; i++) + { + try + { + result[i] ^= rand.nextByte(); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + } + return result; + } + + public static String getRandomPassword(int length) + { + String pseudo[] = { "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "m", "n", "o", "p", "q", "r", "u", "s", "t", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z" }; + StringBuffer out = new StringBuffer(length); + byte[] in = getBytes(length); + for (int i=0; i < length; i++) + { + out.append(pseudo[((char)in[i]) % pseudo.length]); + } + String rslt = new String(out); + return rslt; + } + + public static String getRandomString(int length) + { + return RadiusUtils.byteArrayToHexString(getBytes(length)); + } +} diff --git a/core/src/main/java/net/jradius/util/RadiusUtils.java b/core/src/main/java/net/jradius/util/RadiusUtils.java new file mode 100644 index 0000000..a859c9d --- /dev/null +++ b/core/src/main/java/net/jradius/util/RadiusUtils.java @@ -0,0 +1,252 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.util; + +import gnu.crypto.hash.IMessageDigest; + +import java.security.MessageDigest; +import java.util.Random; + +/** + * Radius Utilities + * + * @author David Bird + */ +public final class RadiusUtils +{ + /* + * The make*Authenticator and encodePapPassword functions are + * borrowed from jradius-client, also a sourceforge project + * and under GPL. + */ + /** + * This method encodes the plaintext user password according to RFC 2865 + * @param userPass java.lang.String the password to encrypt + * @param requestAuthenticator byte[] the requestAuthenicator to use in the encryption + * @return byte[] the byte array containing the encrypted password + */ + public static byte[] encodePapPassword( + byte[] userPass, + byte[] requestAuthenticator, + String sharedSecret) + { + IMessageDigest md5 = MD5.getMD5(); + + // encrypt the password. + byte[] userPassBytes = null; + //the password must be a multiple of 16 bytes and less than or equal + //to 128 bytes. If it isn't a multiple of 16 bytes fill it out with zeroes + //to make it a multiple of 16 bytes. If it is greater than 128 bytes + //truncate it at 128 + + if (userPass.length > 128) + { + userPassBytes = new byte[128]; + System.arraycopy(userPass,0,userPassBytes,0,128); + } + else + { + userPassBytes = userPass; + } + + // declare the byte array to hold the final product + byte[] encryptedPass = null; + + if (userPassBytes.length < 128) + { + if (userPassBytes.length % 16 == 0) + { + // It is already a multiple of 16 bytes + encryptedPass = new byte[userPassBytes.length]; + } + else + { + // Make it a multiple of 16 bytes + encryptedPass = new byte[((userPassBytes.length / 16) * 16) + 16]; + } + } + else + { + // the encrypted password must be between 16 and 128 bytes + encryptedPass = new byte[128]; + } + + // copy the userPass into the encrypted pass and then fill it out with zeroes + System.arraycopy(userPassBytes, 0, encryptedPass, 0, userPassBytes.length); + for(int i = userPassBytes.length; i < encryptedPass.length; i++) + { + encryptedPass[i] = 0; //fill it out with zeroes + } + + // add the shared secret + md5.update(sharedSecret.getBytes(), 0, sharedSecret.length()); + // add the Request Authenticator. + md5.update(requestAuthenticator, 0, requestAuthenticator.length); + // get the md5 hash( b1 = MD5(S + RA) ). + byte bn[] = md5.digest(); + + for (int i = 0; i < 16; i++) + { + // perform the XOR as specified by RFC 2865. + encryptedPass[i] = (byte)(bn[i] ^ encryptedPass[i]); + } + + if (encryptedPass.length > 16) + { + for (int i = 16; i < encryptedPass.length; i+=16) + { + md5.reset(); + // add the shared secret + md5.update(sharedSecret.getBytes(), 0, sharedSecret.length()); + //add the previous(encrypted) 16 bytes of the user password + md5.update(encryptedPass, i - 16, 16); + // get the md5 hash( bn = MD5(S + c(i-1)) ). + bn = md5.digest(); + for (int j = 0; j < 16; j++) + { + // perform the XOR as specified by RFC 2865. + encryptedPass[i+j] = (byte)(bn[j] ^ encryptedPass[i+j]); + } + } + } + + return encryptedPass; + } + + /** + * This method builds a Request Authenticator for use in outgoing RADIUS + * Access-Request packets as specified in RFC 2865. + * @return byte[] + */ + public static byte[] makeRFC2865RequestAuthenticator(String sharedSecret) + { + IMessageDigest md5 = MD5.getMD5(); + byte [] requestAuthenticator = new byte [16]; + + Random r = new Random(); + + for (int i = 0; i < 16; i++) + { + requestAuthenticator[i] = (byte) r.nextInt(); + } + + md5.update(sharedSecret.getBytes(), 0, sharedSecret.length()); + md5.update(requestAuthenticator, 0, requestAuthenticator.length); + + return md5.digest(); + } + + /** + * This method builds a Response Authenticator for use in validating + * responses from the RADIUS Authentication process as specified in RFC 2865. + * The byte array returned should match exactly the response authenticator + * recieved in the response packet. + * @param code byte + * @param identifier byte + * @param length short + * @param requestAuthenticator byte[] + * @param responseAttributeBytes byte[] + * @return byte[] + */ + public static byte[] makeRFC2865ResponseAuthenticator( + String sharedSecret, + byte code, + byte identifier, + short length, + byte[] requestAuthenticator, + byte[] responseAttributeBytes) + { + IMessageDigest md5 = MD5.getMD5(); + + md5.update((byte)code); + md5.update((byte)identifier); + md5.update((byte)(length >> 8)); + md5.update((byte)(length & 0xff)); + md5.update(requestAuthenticator, 0, requestAuthenticator.length); + md5.update(responseAttributeBytes, 0, responseAttributeBytes.length); + md5.update(sharedSecret.getBytes(), 0, sharedSecret.length()); + + return md5.digest(); + } + + /** + * This method builds a Request Authenticator for use in RADIUS Accounting + * packets as specified in RFC 2866. + * @param code byte + * @param identifier byte + * @param length short + * @param requestAttributes byte[] + * @return byte[] + */ + public static byte[] makeRFC2866RequestAuthenticator( + String sharedSecret, + byte code, + byte identifier, + int length, + byte[] requestAttributes) + { + IMessageDigest md5 = MD5.getMD5(); + + byte [] requestAuthenticator = new byte [16]; + + for (int i = 0; i < 16; i++) + { + requestAuthenticator[i] = 0; + } + md5.reset(); + + md5.update((byte)code); + md5.update((byte)identifier); + md5.update((byte)(length >> 8)); + md5.update((byte)(length & 0xff)); + md5.update(requestAuthenticator, 0, requestAuthenticator.length); + md5.update(requestAttributes, 0, requestAttributes.length); + md5.update(sharedSecret.getBytes(), 0, sharedSecret.length()); + + return md5.digest(); + } + + /** + * Converts a binary array to a human readable string + * @param in bytes to be hexed + * @return Returns a hex string + */ + public static String byteArrayToHexString(byte in[]) + { + byte ch = 0x00; + int i = 0; + if (in == null || in.length <= 0) return null; + String pseudo[] = { "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f" }; + StringBuffer out = new StringBuffer(in.length * 2); + while (i < in.length) + { + ch = (byte) (in[i] & 0xF0); + ch = (byte) (ch >>> 4); + ch = (byte) (ch & 0x0F); + out.append(pseudo[(int) ch]); + ch = (byte) (in[i] & 0x0F); + out.append(pseudo[(int) ch]); + i++; + } + String rslt = new String(out); + return rslt; + } +} diff --git a/core/src/main/java/net/jradius/util/package.html b/core/src/main/java/net/jradius/util/package.html new file mode 100644 index 0000000..c33badb --- /dev/null +++ b/core/src/main/java/net/jradius/util/package.html @@ -0,0 +1,5 @@ + + +General Utilities used throughout JRadius. + + diff --git a/dictionary/pom.xml b/dictionary/pom.xml new file mode 100644 index 0000000..bedb7de --- /dev/null +++ b/dictionary/pom.xml @@ -0,0 +1,66 @@ + + + + 4.0.0 + net.jradius + jradius-dictionary + ${project.artifactId}-${project.version} + 1.0.0-SNAPSHOT + JRadius Dictionary + + + net.jradius + jradius + 1.0.0-SNAPSHOT + ../pom.xml + + + + + net.jradius + jradius-core + 1.0.0-SNAPSHOT + + + + + target/dictionary-src + + + org.apache.maven.plugins + maven-compiler-plugin + + 1.5 + 1.5 + + + + maven-antrun-plugin + + + generate-sources + + + + + + + + + + + + + + run + + + + + + + + diff --git a/doc/GPL-LICENSE b/doc/GPL-LICENSE new file mode 100644 index 0000000..c44dbe8 --- /dev/null +++ b/doc/GPL-LICENSE @@ -0,0 +1,332 @@ + +The GNU General Public License (GPL) +Version 2, June 1991 + +Copyright (C) 1989, 1991 Free Software Foundation, Inc. +59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +Everyone is permitted to copy and distribute verbatim copies +of this license document, but changing it is not allowed. + +Preamble + +The licenses for most software are designed to take away your freedom to +share and change it. By contrast, the GNU General Public License is intended +to guarantee your freedom to share and change free software--to make sure +the software is free for all its users. This General Public License applies +to most of the Free Software Foundation's software and to any other program +whose authors commit to using it. (Some other Free Software Foundation +software is covered by the GNU Library General Public License instead.) You +can apply it to your programs, too. + +When we speak of free software, we are referring to freedom, not price. Our +General Public Licenses are designed to make sure that you have the freedom +to distribute copies of free software (and charge for this service if you +wish), that you receive source code or can get it if you want it, that you +can change the software or use pieces of it in new free programs; and that +you know you can do these things. + +To protect your rights, we need to make restrictions that forbid anyone to +deny you these rights or to ask you to surrender the rights. These +restrictions translate to certain responsibilities for you if you distribute +copies of the software, or if you modify it. + +For example, if you distribute copies of such a program, whether gratis or +for a fee, you must give the recipients all the rights that you have. You +must make sure that they, too, receive or can get the source code. And you +must show them these terms so they know their rights. + +We protect your rights with two steps: (1) copyright the software, and (2) +offer you this license which gives you legal permission to copy, distribute +and/or modify the software. + +Also, for each author's protection and ours, we want to make certain that +everyone understands that there is no warranty for this free software. If +the software is modified by someone else and passed on, we want its +recipients to know that what they have is not the original, so that any +problems introduced by others will not reflect on the original authors' +reputations. + +Finally, any free program is threatened constantly by software patents. We +wish to avoid the danger that redistributors of a free program will +individually obtain patent licenses, in effect making the program +proprietary. To prevent this, we have made it clear that any patent must be +licensed for everyone's free use or not licensed at all. + +The precise terms and conditions for copying, distribution and modification +follow. + +TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + +0. This License applies to any program or other work which contains a notice + placed by the copyright holder saying it may be distributed under the + terms of this General Public License. The "Program", below, refers to any + such program or work, and a "work based on the Program" means either the + Program or any derivative work under copyright law: that is to say, a + work containing the Program or a portion of it, either verbatim or with + modifications and/or translated into another language. (Hereinafter, + translation is included without limitation in the term "modification".) + Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not covered +by this License; they are outside its scope. The act of running the Program +is not restricted, and the output from the Program is covered only if its +contents constitute a work based on the Program (independent of having been +made by running the Program). Whether that is true depends on what the +Program does. + +1. You may copy and distribute verbatim copies of the Program's source code + as you receive it, in any medium, provided that you conspicuously and + appropriately publish on each copy an appropriate copyright notice and + disclaimer of warranty; keep intact all the notices that refer to this + License and to the absence of any warranty; and give any other recipients + of the Program a copy of this License along with the Program. + +You may charge a fee for the physical act of transferring a copy, and you +may at your option offer warranty protection in exchange for a fee. + +2. You may modify your copy or copies of the Program or any portion of it, + thus forming a work based on the Program, and copy and distribute such + modifications or work under the terms of Section 1 above, provided that + you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices stating + that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in whole + or in part contains or is derived from the Program or any part thereof, + to be licensed as a whole at no charge to all third parties under the + terms of this License. + + c) If the modified program normally reads commands interactively when + run, you must cause it, when started running for such interactive use in + the most ordinary way, to print or display an announcement including an + appropriate copyright notice and a notice that there is no warranty (or + else, saying that you provide a warranty) and that users may + redistribute the program under these conditions, and telling the user + how to view a copy of this License. (Exception: if the Program itself is + interactive but does not normally print such an announcement, your work + based on the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If identifiable +sections of that work are not derived from the Program, and can be +reasonably considered independent and separate works in themselves, then +this License, and its terms, do not apply to those sections when you +distribute them as separate works. But when you distribute the same sections +as part of a whole which is a work based on the Program, the distribution of +the whole must be on the terms of this License, whose permissions for other +licensees extend to the entire whole, and thus to each and every part +regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest your +rights to work written entirely by you; rather, the intent is to exercise +the right to control the distribution of derivative or collective works +based on the Program. + +In addition, mere aggregation of another work not based on the Program with +the Program (or with a work based on the Program) on a volume of a storage +or distribution medium does not bring the other work under the scope of this +License. + +3. You may copy and distribute the Program (or a work based on it, under + Section 2) in object code or executable form under the terms of Sections + 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable source + code, which must be distributed under the terms of Sections 1 and 2 + above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three years, to + give any third party, for a charge no more than your cost of physically + performing source distribution, a complete machine-readable copy of the + corresponding source code, to be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer to + distribute corresponding source code. (This alternative is allowed only + for noncommercial distribution and only if you received the program in + object code or executable form with such an offer, in accord with + Subsection b above.) + +The source code for a work means the preferred form of the work for making +modifications to it. For an executable work, complete source code means all +the source code for all modules it contains, plus any associated interface +definition files, plus the scripts used to control compilation and +installation of the executable. However, as a special exception, the source +code distributed need not include anything that is normally distributed (in +either source or binary form) with the major components (compiler, kernel, +and so on) of the operating system on which the executable runs, unless that +component itself accompanies the executable. + +If distribution of executable or object code is made by offering access to +copy from a designated place, then offering equivalent access to copy the +source code from the same place counts as distribution of the source code, +even though third parties are not compelled to copy the source along with +the object code. + +4. You may not copy, modify, sublicense, or distribute the Program except as + expressly provided under this License. Any attempt otherwise to copy, + modify, sublicense or distribute the Program is void, and will + automatically terminate your rights under this License. However, parties + who have received copies, or rights, from you under this License will not + have their licenses terminated so long as such parties remain in full + compliance. + + 5. You are not required to accept this License, since you have not signed + it. However, nothing else grants you permission to modify or distribute + the Program or its derivative works. These actions are prohibited by law + if you do not accept this License. Therefore, by modifying or + distributing the Program (or any work based on the Program), you + indicate your acceptance of this License to do so, and all its terms and + conditions for copying, distributing or modifying the Program or works + based on it. + +6. Each time you redistribute the Program (or any work based on the + Program), the recipient automatically receives a license from the + original licensor to copy, distribute or modify the Program subject to + these terms and conditions. You may not impose any further restrictions + on the recipients' exercise of the rights granted herein. You are not + responsible for enforcing compliance by third parties to this License. + +7. If, as a consequence of a court judgment or allegation of patent + infringement or for any other reason (not limited to patent issues), + conditions are imposed on you (whether by court order, agreement or + otherwise) that contradict the conditions of this License, they do not + excuse you from the conditions of this License. If you cannot distribute + so as to satisfy simultaneously your obligations under this License and + any other pertinent obligations, then as a consequence you may not + distribute the Program at all. For example, if a patent license would not + permit royalty-free redistribution of the Program by all those who + receive copies directly or indirectly through you, then the only way you + could satisfy both it and this License would be to refrain entirely from + distribution of the Program. + +If any portion of this section is held invalid or unenforceable under any +particular circumstance, the balance of the section is intended to apply and +the section as a whole is intended to apply in other circumstances. + +It is not the purpose of this section to induce you to infringe any patents +or other property right claims or to contest validity of any such claims; +this section has the sole purpose of protecting the integrity of the free +software distribution system, which is implemented by public license +practices. Many people have made generous contributions to the wide range of +software distributed through that system in reliance on consistent +application of that system; it is up to the author/donor to decide if he or +she is willing to distribute software through any other system and a +licensee cannot impose that choice. + +This section is intended to make thoroughly clear what is believed to be a +consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in certain + countries either by patents or by copyrighted interfaces, the original + copyright holder who places the Program under this License may add an + explicit geographical distribution limitation excluding those countries, + so that distribution is permitted only in or among countries not thus + excluded. In such case, this License incorporates the limitation as if + written in the body of this License. + +9. The Free Software Foundation may publish revised and/or new versions of + the General Public License from time to time. Such new versions will be + similar in spirit to the present version, but may differ in detail to + address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + +10. If you wish to incorporate parts of the Program into other free programs + whose distribution conditions are different, write to the author to ask + for permission. For software which is copyrighted by the Free Software + Foundation, write to the Free Software Foundation; we sometimes make + exceptions for this. Our decision will be guided by the two goals of + preserving the free status of all derivatives of our free software and + of promoting the sharing and reuse of software generally. + +NO WARRANTY + +11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR + THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN + OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES + PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER + EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE + ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH + YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL + NECESSARY SERVICING, REPAIR OR CORRECTION. + +12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING + WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR + REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR + DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL + DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM + (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED + INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF + THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR + OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. + +END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + +If you develop a new program, and you want it to be of the greatest possible +use to the public, the best way to achieve this is to make it free software +which everyone can redistribute and change under these terms. + +To do so, attach the following notices to the program. It is safest to +attach them to the start of each source file to most effectively convey the +exclusion of warranty; and each file should have at least the "copyright" +line and a pointer to where the full notice is found. + + One line to give the program's name and a brief idea of what it does. + Copyright (C) + + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by the + Free Software Foundation; either version 2 of the License, or (at your + option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General + Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this when +it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author Gnomovision + comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is + free software, and you are welcome to redistribute it under certain + conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may be +called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + signature of Ty Coon, 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General Public +License instead of this License. diff --git a/doc/LGPL-LICENSE b/doc/LGPL-LICENSE new file mode 100644 index 0000000..4c9c051 --- /dev/null +++ b/doc/LGPL-LICENSE @@ -0,0 +1,475 @@ +GNU Lesser General Public License + +Version 2.1, February 1999 + + Copyright (C) 1991, 1999 Free Software Foundation, Inc. 59 Temple Place, + Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and + distribute verbatim copies of this license document, but changing it is + not allowed. + + [This is the first released version of the Lesser GPL. It also counts as + the successor of the GNU Library Public License, version 2, hence the + version number 2.1.] + +Preamble + +The licenses for most software are designed to take away your freedom to +share and change it. By contrast, the GNU General Public Licenses are +intended to guarantee your freedom to share and change free software--to +make sure the software is free for all its users. + +This license, the Lesser General Public License, applies to some specially +designated software packages--typically libraries--of the Free Software +Foundation and other authors who decide to use it. You can use it too, but +we suggest you first think carefully about whether this license or the +ordinary General Public License is the better strategy to use in any +particular case, based on the explanations below. + +When we speak of free software, we are referring to freedom of use, not +price. Our General Public Licenses are designed to make sure that you have +the freedom to distribute copies of free software (and charge for this +service if you wish); that you receive source code or can get it if you want +it; that you can change the software and use pieces of it in new free +programs; and that you are informed that you can do these things. + +To protect your rights, we need to make restrictions that forbid +distributors to deny you these rights or to ask you to surrender these +rights. These restrictions translate to certain responsibilities for you if +you distribute copies of the library or if you modify it. + +For example, if you distribute copies of the library, whether gratis or for +a fee, you must give the recipients all the rights that we gave you. You +must make sure that they, too, receive or can get the source code. If you +link other code with the library, you must provide complete object files to +the recipients, so that they can relink them with the library after making +changes to the library and recompiling it. And you must show them these +terms so they know their rights. + +We protect your rights with a two-step method: (1) we copyright the library, +and (2) we offer you this license, which gives you legal permission to copy, +distribute and/or modify the library. + +To protect each distributor, we want to make it very clear that there is no +warranty for the free library. Also, if the library is modified by someone +else and passed on, the recipients should know that what they have is not +the original version, so that the original author's reputation will not be +affected by problems that might be introduced by others. + +Finally, software patents pose a constant threat to the existence of any +free program. We wish to make sure that a company cannot effectively +restrict the users of a free program by obtaining a restrictive license from +a patent holder. Therefore, we insist that any patent license obtained for a +version of the library must be consistent with the full freedom of use +specified in this license. + +Most GNU software, including some libraries, is covered by the ordinary GNU +General Public License. This license, the GNU Lesser General Public License, +applies to certain designated libraries, and is quite different from the +ordinary General Public License. We use this license for certain libraries +in order to permit linking those libraries into non-free programs. + +When a program is linked with a library, whether statically or using a +shared library, the combination of the two is legally speaking a combined +work, a derivative of the original library. The ordinary General Public +License therefore permits such linking only if the entire combination fits +its criteria of freedom. The Lesser General Public License permits more lax +criteria for linking other code with the library. + +We call this license the "Lesser" General Public License because it does +Less to protect the user's freedom than the ordinary General Public +License. It also provides other free software developers Less of an +advantage over competing non-free programs. These disadvantages are the +reason we use the ordinary General Public License for many +libraries. However, the Lesser license provides advantages in certain +special circumstances. + +For example, on rare occasions, there may be a special need to encourage the +widest possible use of a certain library, so that it becomes a de-facto +standard. To achieve this, non-free programs must be allowed to use the +library. A more frequent case is that a free library does the same job as +widely used non-free libraries. In this case, there is little to gain by +limiting the free library to free software only, so we use the Lesser +General Public License. + +In other cases, permission to use a particular library in non-free programs +enables a greater number of people to use a large body of free software. For +example, permission to use the GNU C Library in non-free programs enables +many more people to use the whole GNU operating system, as well as its +variant, the GNU/Linux operating system. + +Although the Lesser General Public License is Less protective of the users' +freedom, it does ensure that the user of a program that is linked with the +Library has the freedom and the wherewithal to run that program using a +modified version of the Library. + +The precise terms and conditions for copying, distribution and modification +follow. Pay close attention to the difference between a "work based on the +library" and a "work that uses the library". The former contains code +derived from the library, whereas the latter must be combined with the +library in order to run. TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND +MODIFICATION + +0. This License Agreement applies to any software library or other program +which contains a notice placed by the copyright holder or other authorized +party saying it may be distributed under the terms of this Lesser General +Public License (also called "this License"). Each licensee is addressed as +"you". + +A "library" means a collection of software functions and/or data prepared so +as to be conveniently linked with application programs (which use some of +those functions and data) to form executables. + +The "Library", below, refers to any such software library or work which has +been distributed under these terms. A "work based on the Library" means +either the Library or any derivative work under copyright law: that is to +say, a work containing the Library or a portion of it, either verbatim or +with modifications and/or translated straightforwardly into another +language. (Hereinafter, translation is included without limitation in the +term "modification".) + +"Source code" for a work means the preferred form of the work for making +modifications to it. For a library, complete source code means all the +source code for all modules it contains, plus any associated interface +definition files, plus the scripts used to control compilation and +installation of the library. + +Activities other than copying, distribution and modification are not covered +by this License; they are outside its scope. The act of running a program +using the Library is not restricted, and output from such a program is +covered only if its contents constitute a work based on the Library +(independent of the use of the Library in a tool for writing it). Whether +that is true depends on what the Library does and what the program that uses +the Library does. + +1. You may copy and distribute verbatim copies of the Library's complete +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the notices +that refer to this License and to the absence of any warranty; and +distribute a copy of this License along with the Library. + +You may charge a fee for the physical act of transferring a copy, and you +may at your option offer warranty protection in exchange for a fee. + +2. You may modify your copy or copies of the Library or any portion of it, +thus forming a work based on the Library, and copy and distribute such +modifications or work under the terms of Section 1 above, provided that you +also meet all of these conditions: + + a) The modified work must itself be a software library. + + b) You must cause the files modified to carry prominent notices stating + that you changed the files and the date of any change. + + c) You must cause the whole of the work to be licensed at no charge to + all third parties under the terms of this License. + + d) If a facility in the modified Library refers to a function or a table + of data to be supplied by an application program that uses the facility, + other than as an argument passed when the facility is invoked, then you + must make a good faith effort to ensure that, in the event an + application does not supply such function or table, the facility still + operates, and performs whatever part of its purpose remains meaningful. + + (For example, a function in a library to compute square roots has a + purpose that is entirely well-defined independent of the + application. Therefore, Subsection 2d requires that any + application-supplied function or table used by this function must be + optional: if the application does not supply it, the square root + function must still compute square roots.) + + These requirements apply to the modified work as a whole. If + identifiable sections of that work are not derived from the Library, and + can be reasonably considered independent and separate works in + themselves, then this License, and its terms, do not apply to those + sections when you distribute them as separate works. But when you + distribute the same sections as part of a whole which is a work based on + the Library, the distribution of the whole must be on the terms of this + License, whose permissions for other licensees extend to the entire + whole, and thus to each and every part regardless of who wrote it. + + Thus, it is not the intent of this section to claim rights or contest + your rights to work written entirely by you; rather, the intent is to + exercise the right to control the distribution of derivative or + collective works based on the Library. + + In addition, mere aggregation of another work not based on the Library + with the Library (or with a work based on the Library) on a volume of a + storage or distribution medium does not bring the other work under the + scope of this License. + +3. You may opt to apply the terms of the ordinary GNU General Public License +instead of this License to a given copy of the Library. To do this, you must +alter all the notices that refer to this License, so that they refer to the +ordinary GNU General Public License, version 2, instead of to this +License. (If a newer version than version 2 of the ordinary GNU General +Public License has appeared, then you can specify that version instead if +you wish.) Do not make any other change in these notices. + +Once this change is made in a given copy, it is irreversible for that copy, +so the ordinary GNU General Public License applies to all subsequent copies +and derivative works made from that copy. + +This option is useful when you wish to copy part of the code of the Library +into a program that is not a library. + +4. You may copy and distribute the Library (or a portion or derivative of +it, under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you accompany it with the complete +corresponding machine-readable source code, which must be distributed under +the terms of Sections 1 and 2 above on a medium customarily used for +software interchange. + +If distribution of object code is made by offering access to copy from a +designated place, then offering equivalent access to copy the source code +from the same place satisfies the requirement to distribute the source code, +even though third parties are not compelled to copy the source along with +the object code. + +5. A program that contains no derivative of any portion of the Library, but +is designed to work with the Library by being compiled or linked with it, is +called a "work that uses the Library". Such a work, in isolation, is not a +derivative work of the Library, and therefore falls outside the scope of +this License. + +However, linking a "work that uses the Library" with the Library creates an +executable that is a derivative of the Library (because it contains portions +of the Library), rather than a "work that uses the library". The executable +is therefore covered by this License. Section 6 states terms for +distribution of such executables. + +When a "work that uses the Library" uses material from a header file that is +part of the Library, the object code for the work may be a derivative work +of the Library even though the source code is not. Whether this is true is +especially significant if the work can be linked without the Library, or if +the work is itself a library. The threshold for this to be true is not +precisely defined by law. + +If such an object file uses only numerical parameters, data structure +layouts and accessors, and small macros and small inline functions (ten +lines or less in length), then the use of the object file is unrestricted, +regardless of whether it is legally a derivative work. (Executables +containing this object code plus portions of the Library will still fall +under Section 6.) + +Otherwise, if the work is a derivative of the Library, you may distribute +the object code for the work under the terms of Section 6. Any executables +containing that work also fall under Section 6, whether or not they are +linked directly with the Library itself. + +6. As an exception to the Sections above, you may also combine or link a +"work that uses the Library" with the Library to produce a work containing +portions of the Library, and distribute that work under terms of your +choice, provided that the terms permit modification of the work for the +customer's own use and reverse engineering for debugging such modifications. + +You must give prominent notice with each copy of the work that the Library +is used in it and that the Library and its use are covered by this +License. You must supply a copy of this License. If the work during +execution displays copyright notices, you must include the copyright notice +for the Library among them, as well as a reference directing the user to the +copy of this License. Also, you must do one of these things: + + a) Accompany the work with the complete corresponding machine-readable + source code for the Library including whatever changes were used in the + work (which must be distributed under Sections 1 and 2 above); and, if + the work is an executable linked with the Library, with the complete + machine-readable "work that uses the Library", as object code and/or + source code, so that the user can modify the Library and then relink to + produce a modified executable containing the modified Library. (It is + understood that the user who changes the contents of definitions files + in the Library will not necessarily be able to recompile the application + to use the modified definitions.) + + b) Use a suitable shared library mechanism for linking with the + Library. A suitable mechanism is one that (1) uses at run time a copy of + the library already present on the user's computer system, rather than + copying library functions into the executable, and (2) will operate + properly with a modified version of the library, if the user installs + one, as long as the modified version is interface-compatible with the + version that the work was made with. + + c) Accompany the work with a written offer, valid for at least three + years, to give the same user the materials specified in Subsection 6a, + above, for a charge no more than the cost of performing this + distribution. + + d) If distribution of the work is made by offering access to copy from a + designated place, offer equivalent access to copy the above specified + materials from the same place. + + e) Verify that the user has already received a copy of these materials + or that you have already sent this user a copy. + +For an executable, the required form of the "work that uses the Library" +must include any data and utility programs needed for reproducing the +executable from it. However, as a special exception, the materials to be +distributed need not include anything that is normally distributed (in +either source or binary form) with the major components (compiler, kernel, +and so on) of the operating system on which the executable runs, unless that +component itself accompanies the executable. + +It may happen that this requirement contradicts the license restrictions of +other proprietary libraries that do not normally accompany the operating +system. Such a contradiction means you cannot use both them and the Library +together in an executable that you distribute. + +7. You may place library facilities that are a work based on the Library +side-by-side in a single library together with other library facilities not +covered by this License, and distribute such a combined library, provided +that the separate distribution of the work based on the Library and of the +other library facilities is otherwise permitted, and provided that you do +these two things: + + a) Accompany the combined library with a copy of the same work based on + the Library, uncombined with any other library facilities. This must be + distributed under the terms of the Sections above. + + b) Give prominent notice with the combined library of the fact that part + of it is a work based on the Library, and explaining where to find the + accompanying uncombined form of the same work. + +8. You may not copy, modify, sublicense, link with, or distribute the +Library except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense, link with, or distribute the Library +is void, and will automatically terminate your rights under this +License. However, parties who have received copies, or rights, from you +under this License will not have their licenses terminated so long as such +parties remain in full compliance. + +9. You are not required to accept this License, since you have not signed +it. However, nothing else grants you permission to modify or distribute the +Library or its derivative works. These actions are prohibited by law if you +do not accept this License. Therefore, by modifying or distributing the +Library (or any work based on the Library), you indicate your acceptance of +this License to do so, and all its terms and conditions for copying, +distributing or modifying the Library or works based on it. + +10. Each time you redistribute the Library (or any work based on the +Library), the recipient automatically receives a license from the original +licensor to copy, distribute, link with or modify the Library subject to +these terms and conditions. You may not impose any further restrictions on +the recipients' exercise of the rights granted herein. You are not +responsible for enforcing compliance by third parties with this License. + +11. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot distribute so +as to satisfy simultaneously your obligations under this License and any +other pertinent obligations, then as a consequence you may not distribute +the Library at all. For example, if a patent license would not permit +royalty-free redistribution of the Library by all those who receive copies +directly or indirectly through you, then the only way you could satisfy both +it and this License would be to refrain entirely from distribution of the +Library. + +If any portion of this section is held invalid or unenforceable under any +particular circumstance, the balance of the section is intended to apply, +and the section as a whole is intended to apply in other circumstances. + +It is not the purpose of this section to induce you to infringe any patents +or other property right claims or to contest validity of any such claims; +this section has the sole purpose of protecting the integrity of the free +software distribution system which is implemented by public license +practices. Many people have made generous contributions to the wide range of +software distributed through that system in reliance on consistent +application of that system; it is up to the author/donor to decide if he or +she is willing to distribute software through any other system and a +licensee cannot impose that choice. + +This section is intended to make thoroughly clear what is believed to be a +consequence of the rest of this License. + +12. If the distribution and/or use of the Library is restricted in certain +countries either by patents or by copyrighted interfaces, the original +copyright holder who places the Library under this License may add an +explicit geographical distribution limitation excluding those countries, so +that distribution is permitted only in or among countries not thus +excluded. In such case, this License incorporates the limitation as if +written in the body of this License. + +13. The Free Software Foundation may publish revised and/or new versions of +the Lesser General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Library +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Library does not specify a license version +number, you may choose any version ever published by the Free Software +Foundation. + +14. If you wish to incorporate parts of the Library into other free programs +whose distribution conditions are incompatible with these, write to the +author to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals of +preserving the free status of all derivatives of our free software and of +promoting the sharing and reuse of software generally. + +NO WARRANTY + +15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR +THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO +THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY +PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR +CORRECTION. + +16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO +LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR +THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER +SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These +Terms to Your New Libraries If you develop a new library, and you want it to +be of the greatest possible use to the public, we recommend making it free +software that everyone can redistribute and change. You can do so by +permitting redistribution under these terms (or, alternatively, under the +terms of the ordinary General Public License). + +To apply these terms, attach the following notices to the library. It is +safest to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least the +"copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This library is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or (at + your option) any later version. + + This library is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser + General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with this library; if not, write to the Free Software Foundation, + Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +Also add information on how to contact you by electronic and paper mail. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the library, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the library + `Frob' (a library for tweaking knobs) written by James Random Hacker. + + signature of Ty Coon, 1 April 1990 + Ty Coon, President of Vice + +That's all there is to it! diff --git a/example/pom.xml b/example/pom.xml new file mode 100644 index 0000000..e640974 --- /dev/null +++ b/example/pom.xml @@ -0,0 +1,53 @@ + + + + 4.0.0 + net.jradius + jradius-example + ${project.artifactId}-${project.version} + 1.0.0-SNAPSHOT + Example classes + + + net.jradius + jradius + 1.0.0-SNAPSHOT + ../pom.xml + + + + + net.jradius + jradius-core + 1.0.0-SNAPSHOT + + + + net.jradius + jradius-dictionary + 1.0.0-SNAPSHOT + + + + net.jradius + jradius-extended + 1.0.0-SNAPSHOT + + + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + 1.5 + 1.5 + + + + + + diff --git a/example/src/main/java/net/jradius/StartSpring.java b/example/src/main/java/net/jradius/StartSpring.java new file mode 100644 index 0000000..be81065 --- /dev/null +++ b/example/src/main/java/net/jradius/StartSpring.java @@ -0,0 +1,12 @@ +package net.jradius; + +import org.springframework.context.ApplicationContext; +import org.springframework.context.support.ClassPathXmlApplicationContext; + +public class StartSpring +{ + public static void main(String argv[]) + { + ApplicationContext ac = new ClassPathXmlApplicationContext(new String[] { "spring-config.xml" }); + } +} diff --git a/example/src/main/java/net/jradius/example/ExampleRadiusClient.java b/example/src/main/java/net/jradius/example/ExampleRadiusClient.java new file mode 100644 index 0000000..49cca8e --- /dev/null +++ b/example/src/main/java/net/jradius/example/ExampleRadiusClient.java @@ -0,0 +1,143 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.example; + +import java.net.InetAddress; + +import net.jradius.client.RadiusClient; +import net.jradius.client.auth.MSCHAPv2Authenticator; +import net.jradius.dictionary.Attr_AcctInputOctets; +import net.jradius.dictionary.Attr_AcctOutputOctets; +import net.jradius.dictionary.Attr_AcctSessionId; +import net.jradius.dictionary.Attr_AcctSessionTime; +import net.jradius.dictionary.Attr_AcctStatusType; +import net.jradius.dictionary.Attr_AcctTerminateCause; +import net.jradius.dictionary.Attr_NASPort; +import net.jradius.dictionary.Attr_NASPortType; +import net.jradius.dictionary.Attr_ReplyMessage; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.dictionary.Attr_UserPassword; +import net.jradius.packet.AccessAccept; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.RadiusRequest; +import net.jradius.packet.RadiusResponse; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.util.RadiusRandom; + +/** + * An example use of the JRadius RADIUS Client API + * + * @author David Bird + */ +public class ExampleRadiusClient +{ + public static void main(String[] args) + { + try + { + AttributeFactory.loadAttributeDictionary("net.jradius.dictionary.AttributeDictionaryImpl"); + + InetAddress host = InetAddress.getByName("localhost"); + RadiusClient rc = new RadiusClient(host, "test", 1812, 1813, 1000); + + AttributeList attrs = new AttributeList(); + attrs.add(new Attr_UserName("test")); + attrs.add(new Attr_NASPortType(Attr_NASPortType.Wireless80211)); + attrs.add(new Attr_NASPort(new Long(1))); + + RadiusRequest request = new AccessRequest(rc, attrs); + request.addAttribute(new Attr_UserPassword("test")); + + System.out.println("Sending:\n" + request.toString()); + + RadiusResponse reply = rc.authenticate((AccessRequest)request, new MSCHAPv2Authenticator(), 5); + + System.out.println("Received:\n" + reply.toString()); + + + boolean isAuthenticated = (reply instanceof AccessAccept); + + String replyMessage = (String)reply.getAttributeValue(Attr_ReplyMessage.TYPE); + + if (replyMessage != null) + { + System.out.println("Reply Message: " + replyMessage); + } + + + if (!isAuthenticated) return; + + attrs.add(new Attr_AcctSessionId(RadiusRandom.getRandomString(24))); + + request = new AccountingRequest(rc, attrs); + request.addAttribute(new Attr_AcctStatusType("Start")); + + System.out.println("Sending:\n" + request.toString()); + + reply = rc.accounting((AccountingRequest)request, 5); + + System.out.println("Received:\n" + reply.toString()); + + request = new AccountingRequest(rc, attrs); + request.addAttribute(new Attr_AcctStatusType("Interim-Update")); + request.addAttribute(new Attr_AcctInputOctets(new Long(42949670L))); + request.addAttribute(new Attr_AcctOutputOctets(new Long(5))); + request.addAttribute(new Attr_AcctSessionTime(new Long(10))); + + System.out.println("Sending:\n" + request.toString()); + + reply = rc.accounting((AccountingRequest)request, 5); + + System.out.println("Received:\n" + reply.toString()); + + request = new AccountingRequest(rc, attrs); + request.addAttribute(new Attr_AcctStatusType("Interim-Update")); + request.addAttribute(new Attr_AcctInputOctets(new Long(429496700L))); + request.addAttribute(new Attr_AcctOutputOctets(new Long(5))); + request.addAttribute(new Attr_AcctSessionTime(new Long(30))); + + System.out.println("Sending:\n" + request.toString()); + + reply = rc.accounting((AccountingRequest)request, 5); + + System.out.println("Received:\n" + reply.toString()); + + request = new AccountingRequest(rc, attrs); + request.addAttribute(new Attr_AcctStatusType("Stop")); + request.addAttribute(new Attr_AcctInputOctets(new Long(4294967000L))); + request.addAttribute(new Attr_AcctOutputOctets(new Long(10))); + request.addAttribute(new Attr_AcctSessionTime(new Long(60))); + request.addAttribute(new Attr_AcctTerminateCause(Attr_AcctTerminateCause.UserRequest)); + + System.out.println("Sending:\n" + request.toString()); + + reply = rc.accounting((AccountingRequest)request, 5); + + System.out.println("Received:\n" + reply.toString()); +} + catch (Exception e) + { + e.printStackTrace(); + } + } +} diff --git a/example/src/main/java/net/jradius/example/LocalUsersHandler.java b/example/src/main/java/net/jradius/example/LocalUsersHandler.java new file mode 100644 index 0000000..7677d8c --- /dev/null +++ b/example/src/main/java/net/jradius/example/LocalUsersHandler.java @@ -0,0 +1,275 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.example; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.StringReader; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.List; + +import net.jradius.dictionary.Attr_AuthType; +import net.jradius.dictionary.Attr_CleartextPassword; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.dictionary.Attr_UserPassword; +import net.jradius.exception.RadiusException; +import net.jradius.handler.PacketHandlerBase; +import net.jradius.log.RadiusLog; +import net.jradius.packet.AccessAccept; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; +import net.jradius.server.config.ConfigurationItem; +import net.jradius.session.JRadiusSession; + +import org.apache.commons.configuration.HierarchicalConfiguration; + + +/** + * A simple Local Users implementation where users and attributes + * are defined in the JRadius XML configuration. + * + * @author David Bird + */ +public class LocalUsersHandler extends PacketHandlerBase +{ + /** + * A "Local Users" class used by this Handler + */ + private class LocalUser + { + public String username; + public String realm; + public String password; + public String attributes; + public AttributeList attrList; + + /** + * @return Returns the formatted username (with realm, if provided) + */ + public String getUserName() + { + if (realm != null) return username + "@" + realm; + return username; + } + + /** + * @return Returns the AttributeList for this user generated, if not already, + * based on the attribute list provided in the configuration. + */ + public AttributeList getAttributeList() + { + if (attrList == null) + { + if (attributes != null) + { + BufferedReader in = new BufferedReader(new StringReader(attributes)); + String line; + + attrList = new AttributeList(); + + try + { + while ((line = in.readLine()) != null) + { + line = line.trim(); + if (line.equals("")) continue; + String parts[] = line.split("[^a-zA-Z-]", 2); + if (parts.length == 2) + { + String attribute = parts[0]; + line = parts[1].trim(); + parts = line.split("[^\\+=:-]", 2); + if (parts.length == 2) + { + String op = parts[0]; + String value = parts[1]; + try + { + RadiusAttribute attr = AttributeFactory.newAttribute(attribute, value, op); + if (attr != null) + { + attrList.add(attr, false); + } + } + catch(Exception e) + { + e.printStackTrace(); + } + } + } + } + } + catch (IOException e) + { + e.printStackTrace(); + } + } + + } + return attrList; + } + }; + + /* + * Hash map of local users + */ + private final LinkedHashMap users = new LinkedHashMap(); + + public void setConfig(ConfigurationItem cfg) + { + super.setConfig(cfg); + HierarchicalConfiguration.Node root = cfg.getRoot(); + HierarchicalConfiguration xmlCfg = cfg.getXMLConfig(); + + /* + * Look for ... in the configuration + */ + List usersList = root.getChildren("users"); + HierarchicalConfiguration.Node node; + + for (Iterator l = usersList.iterator(); l.hasNext();) + { + /* + * Iterate the ... blocks + */ + node = (HierarchicalConfiguration.Node)l.next(); + List children = node.getChildren("user"); + for (Iterator i = children.iterator(); i.hasNext();) + { + node = (HierarchicalConfiguration.Node)i.next(); + root = xmlCfg.getRoot(); + xmlCfg.setRoot(node); + + LocalUser user = new LocalUser(); + + /* + * A user is defined in the configuration with the following XML syntax example: + * + * + * + * Reply-Message = Hello test user! + * + * + * + * The contents of the ... block are the attributes to use in the + * AccessAccept reply. + */ + user.username = xmlCfg.getString("[@username]"); + user.realm = xmlCfg.getString("[@realm]"); + user.password = xmlCfg.getString("[@password]"); + Object v = node.getValue(); + + if (v != null) + { + user.attributes = v.toString(); + } + + RadiusLog.debug(" -> Configured local user: " + user.getUserName()); + users.put(user.getUserName(), user); + xmlCfg.setRoot(root); + } + } + } + + public boolean handle(JRadiusRequest jRequest) + { + try + { + /* + * Gather some information about the JRadius request + */ + int type = jRequest.getType(); + AttributeList ci = jRequest.getConfigItems(); + RadiusPacket req = jRequest.getRequestPacket(); + RadiusPacket rep = jRequest.getReplyPacket(); + + JRadiusSession session = jRequest.getSession(); + + /* + * Find the username in the request packet + */ + String username = (String)req.getAttributeValue(Attr_UserName.TYPE); + + /* + * See if this is a local user, otherwise we will reject (though, you may + * want to return "ok" if you have modules configured after jradius in FreeRADIUS) + */ + LocalUser u = (LocalUser)users.get(username); + + if (u == null) + { + // Unknown username, so let the RADIUS server sort it out. + RadiusLog.info("Ignoring unknown username: " + username); + return false; + } + + switch (type) + { + case JRadiusServer.JRADIUS_authorize: + { + /* + * We know the user, lets inform FreeRADIUS of the user's + * password so that FreeRADIUS may perform the required + * authentication checks. + */ + //ci.add(new Attr_AuthType(Attr_AuthType.Local)); // Auth locally + ci.add(new Attr_UserPassword(u.password)); // FreeRADIUS 1.0 + ci.add(new Attr_CleartextPassword(u.password)); // FreeRADIUS 2.0 + } + break; + + case JRadiusServer.JRADIUS_post_auth: + { + if (rep instanceof AccessAccept) + { + /* + * FreeRADIUS has returned after the authentication checks and the + * user's credentials worked. Since we are now returning an AccessAccept, + * we will the packet with the attributes configured for the user. + */ + rep.addAttributes(u.getAttributeList()); + RadiusLog.info("Authentication successful for username: " + username); + } + else + { + RadiusLog.info("Authentication failed for username: " + username); + } + } + break; + } + } + catch (RadiusException e) + { + e.printStackTrace(); + } + + /* + * Everything worked out well, from the perspective of this module. + */ + jRequest.setReturnValue(JRadiusServer.RLM_MODULE_UPDATED); + return false; + } +} diff --git a/example/src/main/java/net/jradius/example/WPACaptivePortal.java b/example/src/main/java/net/jradius/example/WPACaptivePortal.java new file mode 100644 index 0000000..c3af3cf --- /dev/null +++ b/example/src/main/java/net/jradius/example/WPACaptivePortal.java @@ -0,0 +1,99 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.example; + +import net.jradius.dictionary.Attr_AuthType; +import net.jradius.dictionary.Attr_EAPMessage; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.dictionary.vsa_chillispot.Attr_ChilliSpotConfig; +import net.jradius.dictionary.vsa_freeradius.Attr_FreeRADIUSProxiedTo; +import net.jradius.exception.RadiusException; +import net.jradius.handler.PacketHandlerBase; +import net.jradius.log.RadiusLog; +import net.jradius.packet.AccessAccept; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; + +/** + * An example using CoovaAP (and Coova Chilli) with WPA authentication. It allows + * for "guest" users, those not presenting valid credentials, WPA access, but subject + * to a captive-portal/walled-garden. Users with valid credentials get immediate Internet + * access. + * + * @author David Bird + */ +public class WPACaptivePortal extends PacketHandlerBase +{ + public boolean handle(JRadiusRequest request) + { + try + { + /* + * Gather some information about the JRadius request + */ + AttributeList ci = request.getConfigItems(); + RadiusPacket req = request.getRequestPacket(); + RadiusPacket rep = request.getReplyPacket(); + + /* + * Find the username in the request packet + */ + String username = (String)req.getAttributeValue(Attr_UserName.TYPE); + + if (rep instanceof AccessAccept) + { + RadiusLog.info("Allowing WPA access for username: " + username); + } + else + { // Is an Access-Reject + if ("allow-wpa-guests". + equals((String)req.getAttributeValue(Attr_ChilliSpotConfig.TYPE))) + { // Allowing WPA "guest" access + if (req.findAttribute(Attr_EAPMessage.TYPE) != null) + { // Is EAP (802.1x) + if (req.findAttribute(Attr_FreeRADIUSProxiedTo.TYPE) != null) + { // Is the inner request, TLS termianted + rep = new AccessAccept(); + rep.addAttribute(new Attr_ChilliSpotConfig("require-uam-auth")); + request.setReplyPacket(rep); + + ci.add(new Attr_AuthType("Accept")); + request.setReturnValue(JRadiusServer.RLM_MODULE_UPDATED); + + RadiusLog.error("Allowing Guest WPA access for username: " + username); + return true; + } + } + } + RadiusLog.info("Authentication failed for username: " + username); + } + } + catch (RadiusException e) + { + e.printStackTrace(); + } + + request.setReturnValue(JRadiusServer.RLM_MODULE_UPDATED); + return false; + } +} diff --git a/example/src/main/java/net/jradius/example/package.html b/example/src/main/java/net/jradius/example/package.html new file mode 100644 index 0000000..67fa218 --- /dev/null +++ b/example/src/main/java/net/jradius/example/package.html @@ -0,0 +1,5 @@ + + +JRadius Client API and Handler Examples. + + diff --git a/example/src/main/resources/net/jradius/example/catalog.xml b/example/src/main/resources/net/jradius/example/catalog.xml new file mode 100644 index 0000000..4c38d76 --- /dev/null +++ b/example/src/main/resources/net/jradius/example/catalog.xml @@ -0,0 +1,117 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/example/src/test/java/net/jradius/tests/AppTestCase.java b/example/src/test/java/net/jradius/tests/AppTestCase.java new file mode 100644 index 0000000..398953f --- /dev/null +++ b/example/src/test/java/net/jradius/tests/AppTestCase.java @@ -0,0 +1,48 @@ +package net.jradius.tests; + +import junit.framework.TestCase; + +import org.springframework.context.ApplicationContext; +import org.springframework.context.support.ClassPathXmlApplicationContext; + +public abstract class AppTestCase extends TestCase +{ + private ApplicationContext ac; + + /** + * Loads the relevant ApplicationContext and is responsible + * for setting up a Hibernate session. This ensures that the + * lazy-loading mechanism works in our unit tests. + */ + public void setUp() throws Exception + { + setUp(new String[] { "spring-config.xml" }); + } + + + /** + * Loads the relevant ApplicationContext and is responsible + * for setting up a Hibernate session. This ensures that the + * lazy-loading mechanism works in our unit tests. + */ + public void setUp(String[] appContexts) throws Exception + { + ac = new ClassPathXmlApplicationContext(appContexts); + } + + /** + * Closes the hibernate session. + */ + public void tearDown() throws Exception + { + } + + public ApplicationContext getAc() + { + return ac; + } + public void setAc(ApplicationContext ac) + { + this.ac = ac; + } +} diff --git a/example/src/test/java/net/jradius/tests/JAASAuthenticationTest.java b/example/src/test/java/net/jradius/tests/JAASAuthenticationTest.java new file mode 100644 index 0000000..01dd551 --- /dev/null +++ b/example/src/test/java/net/jradius/tests/JAASAuthenticationTest.java @@ -0,0 +1,266 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.tests; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.PushbackInputStream; +import java.net.InetAddress; +import java.security.Principal; +import java.security.PrivilegedAction; +import java.util.Arrays; +import java.util.Iterator; + +import javax.security.auth.Subject; +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.TextOutputCallback; +import javax.security.auth.callback.UnsupportedCallbackException; +import javax.security.auth.login.LoginContext; +import javax.security.auth.login.LoginException; + +import net.jradius.client.RadiusClient; +import net.jradius.log.RadiusLog; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.security.auth.JRadiusCallback; + + + +public class JAASAuthenticationTest +{ + public static void main(String[] args) + { + AttributeFactory.loadAttributeDictionary("net.jradius.dictionary.AttributeDictionaryImpl"); + + LoginContext lc = null; + + try + { + lc = new LoginContext("JRadius", new MyCallbackHandler()); + } + catch (LoginException le) + { + System.err.println("Cannot create LoginContext: " + le.getMessage()); + System.exit(-1); + } + catch (SecurityException se) + { + System.err.println("Cannot create LoginContext: " + se.getMessage()); + System.exit(-1); + } + + int i; + for (i = 0; i < 3; i++) + { + try + { + lc.login(); + break; + } + catch (LoginException le) + { + System.err.println("Authentication failed:"); + System.err.println(" " + le.getMessage()); + try + { + Thread.sleep(3000); + } + catch (Exception e) + { + } + } + } + + if (i == 3) + { + System.out.println("Sorry"); + System.exit(-1); + } + + System.out.println("Authentication succeeded!"); + + Subject mySubject = lc.getSubject(); + + Iterator principalIterator = mySubject.getPrincipals().iterator(); + System.out.println("Authenticated user has the following Principals:"); + + while (principalIterator.hasNext()) + { + Principal p = (Principal)principalIterator.next(); + System.out.println("\t" + p.toString()); + } + + System.out.println("User has " + mySubject.getPublicCredentials().size() + " Public Credential(s)"); + + PrivilegedAction action = new TestAction(); + Subject.doAsPrivileged(mySubject, action, null); + System.exit(0); + } +} + +class MyCallbackHandler implements CallbackHandler +{ + public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException + { + for (int i = 0; i < callbacks.length; i++) + { + if (callbacks[i] instanceof TextOutputCallback) + { + TextOutputCallback toc = (TextOutputCallback)callbacks[i]; + switch (toc.getMessageType()) + { + case TextOutputCallback.INFORMATION: + System.out.println(toc.getMessage()); + break; + case TextOutputCallback.ERROR: + System.out.println("ERROR: " + toc.getMessage()); + break; + case TextOutputCallback.WARNING: + System.out.println("WARNING: " + toc.getMessage()); + break; + default: + throw new IOException("Unsupported message type: " + toc.getMessageType()); + } + } + else if (callbacks[i] instanceof NameCallback) + { + NameCallback nc = (NameCallback)callbacks[i]; + System.err.print(nc.getPrompt()); + System.err.flush(); + nc.setName((new BufferedReader(new InputStreamReader(System.in))).readLine()); + } + else if (callbacks[i] instanceof PasswordCallback) + { + PasswordCallback pc = (PasswordCallback)callbacks[i]; + System.err.print(pc.getPrompt()); + System.err.flush(); + pc.setPassword(readPassword(System.in)); + } + else if (callbacks[i] instanceof JRadiusCallback) + { + JRadiusCallback rcb = (JRadiusCallback)callbacks[i]; + RadiusClient rc = rcb.getRadiusClient(); + AttributeList list = new AttributeList(); + + rcb.setAuthAttributes(list); + rcb.setAcctAttributes(list); + + System.err.print("Radius Server: "); + System.err.flush(); + rc.setRemoteInetAddress(InetAddress.getByName((new BufferedReader(new InputStreamReader(System.in))).readLine())); + + System.err.print("Shared Secret: "); + System.err.flush(); + rc.setSharedSecret((new BufferedReader(new InputStreamReader(System.in))).readLine()); + + System.err.print("Auth Protocol: "); + System.err.flush(); + String input = new BufferedReader(new InputStreamReader(System.in)).readLine(); + rcb.setRadiusAuthenticator(RadiusClient.getAuthProtocol(input)); + + promptAttribute("NAS-Identifier", list); + } + else + { + throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); + } + } + } + + private void promptAttribute(String attr, AttributeList list) + { + try + { + // Standard Attributes: + System.err.print(attr + ": "); + System.err.flush(); + String input = new BufferedReader(new InputStreamReader(System.in)).readLine(); + list.add(AttributeFactory.newAttribute(attr, input, "=")); + } + catch (Exception e) + { + RadiusLog.error(e.getMessage()); + } + } + + private char[] readPassword(InputStream in) throws IOException + { + char[] lineBuffer; + char[] buf; + + buf = lineBuffer = new char[128]; + + int room = buf.length; + int offset = 0; + int c; + + loop: while (true) + { + switch (c = in.read()) + { + case -1: + case '\n': + break loop; + + case '\r': + int c2 = in.read(); + if ((c2 != '\n') && (c2 != -1)) + { + if (!(in instanceof PushbackInputStream)) + { + in = new PushbackInputStream(in); + } + ((PushbackInputStream) in).unread(c2); + } + else + break loop; + + default: + if (--room < 0) + { + buf = new char[offset + 128]; + room = buf.length - offset - 1; + System.arraycopy(lineBuffer, 0, buf, 0, offset); + Arrays.fill(lineBuffer, ' '); + lineBuffer = buf; + } + buf[offset++] = (char) c; + break; + } + } + + if (offset == 0) + { + return null; + } + + char[] ret = new char[offset]; + System.arraycopy(buf, 0, ret, 0, offset); + Arrays.fill(buf, ' '); + + return ret; + } +} diff --git a/example/src/test/java/net/jradius/tests/RunRadius.java b/example/src/test/java/net/jradius/tests/RunRadius.java new file mode 100644 index 0000000..6244db9 --- /dev/null +++ b/example/src/test/java/net/jradius/tests/RunRadius.java @@ -0,0 +1,19 @@ +package net.jradius.tests; + +public class RunRadius extends AppTestCase +{ + + public void setUp() throws Exception + { + super.setUp(); + } + + public void testRadius() + { + while(true) try { + Thread.sleep(1000 * 60 * 60); + //JRadiusManager jradius = (JRadiusManager) getAc().getBean("jRadiusManager"); + //jradius.stop(); + } catch (Exception e) { } + } +} diff --git a/example/src/test/java/net/jradius/tests/TestAction.java b/example/src/test/java/net/jradius/tests/TestAction.java new file mode 100644 index 0000000..366a74c --- /dev/null +++ b/example/src/test/java/net/jradius/tests/TestAction.java @@ -0,0 +1,33 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.tests; + +import java.security.PrivilegedAction; + +/** + * @author David Bird + */ +class TestAction implements PrivilegedAction { + public Object run() { + System.out.println("Running TestAction..."); + return null; + } +} \ No newline at end of file diff --git a/example/src/test/java/net/jradius/tests/jaas_auth.policy b/example/src/test/java/net/jradius/tests/jaas_auth.policy new file mode 100644 index 0000000..103d3a3 --- /dev/null +++ b/example/src/test/java/net/jradius/tests/jaas_auth.policy @@ -0,0 +1,5 @@ + +grant { + permission javax.security.auth.AuthPermission "modifyPrincipals"; + permission javax.security.auth.AuthPermission "createLoginContext.JRadius"; +}; diff --git a/example/src/test/java/net/jradius/tests/jradius_jaas.config b/example/src/test/java/net/jradius/tests/jradius_jaas.config new file mode 100644 index 0000000..305f1a3 --- /dev/null +++ b/example/src/test/java/net/jradius/tests/jradius_jaas.config @@ -0,0 +1,5 @@ +/** Login Configuration for the JAAS Sample Application **/ + +JRadius { + net.jradius.security.auth.JRadiusModule required debug=true; +}; diff --git a/example/src/test/java/net/jradius/tests/package.html b/example/src/test/java/net/jradius/tests/package.html new file mode 100644 index 0000000..ec08f6a --- /dev/null +++ b/example/src/test/java/net/jradius/tests/package.html @@ -0,0 +1,5 @@ + + +JRadius JUnit Testing and Utilities. + + diff --git a/extended/pom.xml b/extended/pom.xml new file mode 100644 index 0000000..f07b156 --- /dev/null +++ b/extended/pom.xml @@ -0,0 +1,65 @@ + + + + 4.0.0 + net.jradius + jradius-extended + ${project.artifactId}-${project.version} + 1.0.0-SNAPSHOT + Extended classes + + + net.jradius + jradius + 1.0.0-SNAPSHOT + ../pom.xml + + + + + net.jradius + jradius-core + 1.0.0-SNAPSHOT + + + + net.jradius + jradius-dictionary + 1.0.0-SNAPSHOT + + + + ipdr + ipdrbase + 2.0.0 + + + + hsqldb + hsqldb + 1.8.0.7 + + + + bouncycastle + bcprov-jdk15 + 140 + + + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + 1.5 + 1.5 + + + + + + diff --git a/extended/src/main/java/net/jradius/client/auth/EAPAKAAuthenticator.java b/extended/src/main/java/net/jradius/client/auth/EAPAKAAuthenticator.java new file mode 100644 index 0000000..c65dd9c --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/EAPAKAAuthenticator.java @@ -0,0 +1,263 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import java.math.BigInteger; +import java.security.MessageDigest; +import java.security.Signature; +import java.security.interfaces.DSAParams; +import java.security.interfaces.DSAPrivateKey; + +import net.jradius.client.RadiusClient; +import net.jradius.dictionary.Attr_EAPAkaCK; +import net.jradius.dictionary.Attr_EAPAkaIK; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; + +import org.bouncycastle.jce.provider.BouncyCastleProvider; + + +/** + * EAP-AKA Authentication. + * http://www.rfc-editor.org/rfc/rfc4187.txt + * + * @author David Bird + */ +public class EAPAKAAuthenticator extends EAPAuthenticator +{ + public static final String NAME = "eap-aka"; + + public EAPAKAAuthenticator() + { + setEAPType(EAP_AKA); + } + + /** + * @see net.jradius.client.auth.RadiusAuthenticator#getAuthName() + */ + public String getAuthName() + { + return NAME; + } + + private String username; + private byte[] rand; + private byte[] autn; + private byte[] mac; + + private byte[] ik; + private byte[] ck; + + private byte[] masterKey; + private byte[] K_enc; + private byte[] K_aut; + private byte[] msk; + private byte[] emsk; + + private byte[] lastEapMessage; + + public byte[] doEAPType(byte id, byte[] data, byte[] fullEAPPacket) throws RadiusException + { + lastEapMessage = new byte[fullEAPPacket.length]; + System.arraycopy(fullEAPPacket, 0, lastEapMessage, 0, fullEAPPacket.length); + return doEAPType(id, data); + } + + /* + * @see net.jradius.client.auth.EAPAuthenticator#doEAPType(byte, byte[]) + */ + public byte[] doEAPType(byte id, byte[] data) throws RadiusException + { + int len = data.length; + if (len <= 3) throw new RadiusException("EAP-AKA too short"); + int subType = data[0] & 0xFF; + int macOffset = 0; + + // data[1], data[2]: reserved + switch(subType) + { + case AKA_CHALLENGE: + { + for (int i=3; i < len; ) + { + int attributeType = data[i++] & 0xFF; + int attributeLength = data[i++] & 0xFF; + attributeLength = (attributeLength * 4) - 2; + byte[] attribute = new byte[attributeLength]; + System.arraycopy(data, i, attribute, 0, attributeLength); + switch(attributeType) + { + case AT_RAND: + rand = attribute; + break; + case AT_AUTN: + autn = attribute; + break; + case AT_MAC: + macOffset = i; + mac = attribute; + break; + } + i += attributeLength; + } + } + break; + + default: throw new RadiusException("Unhandled EAP AKA subType "+subType); + } + + if (rand == null || autn == null || mac == null) + throw new RadiusException("AUTN, RAND, and MAC needed in AKA challenge"); + + try + { + // zero out mac in original eap message + System.arraycopy(new byte[18], 0, lastEapMessage, macOffset+5, 18); + // hmac_sha1 the eap message and compaire with AT_MAC attribute + // if mac do not equal throw new RadiusException("Could not authenticate home server"); + } + catch (Exception e) + { + throw new RadiusException(e); + } + + return null; + } + + /** + * @see net.jradius.client.auth.RadiusAuthenticator#setupRequest(net.jradius.client.RadiusClient, net.jradius.packet.RadiusPacket) + */ + public void setupRequest(RadiusClient c, RadiusPacket p) throws RadiusException + { + super.setupRequest(c, p); + + username = (String)p.getAttributeValue(Attr_UserName.TYPE); + + ik = (byte[])p.getAttributeValue(Attr_EAPAkaIK.TYPE); + p.removeAttribute(Attr_EAPAkaIK.TYPE); + + ck = (byte[])p.getAttributeValue(Attr_EAPAkaCK.TYPE); + p.removeAttribute(Attr_EAPAkaCK.TYPE); + + if (username == null || ik == null || ck == null) + throw new RadiusException("Request must have a User-Name, EAP-Aka-IK, and EAP-Aka-CK attributes"); + + try + { + MessageDigest md = MessageDigest.getInstance("SHA"); + + md.update(username.getBytes()); + md.update(ik); + md.update(ck); + + masterKey = md.digest(); + + Signature sig = Signature.getInstance("NONEwithDSA", new BouncyCastleProvider()); + + sig.initSign(new DSAPrivateKey() + { + public BigInteger getX() + { + return null; + } + + public String getAlgorithm() + { + return null; + } + + public byte[] getEncoded() + { + return masterKey; + } + + public String getFormat() + { + return null; + } + + public DSAParams getParams() + { + return null; + } + }); + + sig.update(masterKey); + + byte[] result = sig.sign(); + + K_enc = new byte[16]; + System.arraycopy(result, 0, K_enc, 0, 16); + + K_aut = new byte[16]; + System.arraycopy(result, 16, K_aut, 0, 16); + + msk = new byte[64]; + System.arraycopy(result, 32, msk, 0, 64); + + emsk = new byte[64]; + System.arraycopy(result, 96, emsk, 0, 64); + } + catch (Exception e) + { + throw new RadiusException("Requires NONEwithDSA from crypto provider", e); + } + } + + // eap aka lengths + public final static int AKA_IK_LENGTH = 16; + public final static int AKA_CK_LENGTH = 16; + public final static int AKA_MASTER_KEY = 20; + + // eap aka subTypes + public final static int AKA_CHALLENGE = 1; + public final static int AKA_REJECT = 2; + public final static int AKA_NOTIFICATION = 12; + public final static int AKA_REAUTH = 13; + public final static int AKA_CLIENT_ERROR = 14; + + // eap aka attributes + public final static int AT_RAND = 1; + public final static int AT_AUTN = 2; + public final static int AT_RES = 3; + public final static int AT_AUTS = 4; + public final static int AT_PADDING = 6; + public final static int AT_NONCE_MT = 7; + public final static int AT_PERMANENT_ID_REQ = 10; + public final static int AT_MAC = 11; + public final static int AT_NOTIFICATION = 12; + public final static int AT_ANY_ID_REQ = 13; + public final static int AT_IDENTITY = 14; + public final static int AT_VERSION_LIST = 15; + public final static int AT_SELECTED_VERSION = 16; + public final static int AT_FULLAUTH_ID_REQ = 17; + public final static int AT_COUNTER = 19; + public final static int AT_COUNTER_TOO_SMALL = 20; + public final static int AT_NONCE_S = 21; + public final static int AT_CLIENT_ERROR_CODE = 22; + public final static int AT_IV = 129; + public final static int AT_ENCR_DATA = 130; + public final static int AT_NEXT_PSEUDONYM = 132; + public final static int AT_NEXT_REAUTH_ID = 133; + public final static int AT_CHECKCODE = 134; + public final static int AT_RESULT_IND = 135; +} diff --git a/extended/src/main/java/net/jradius/client/auth/EAPTLS2Authenticator.java b/extended/src/main/java/net/jradius/client/auth/EAPTLS2Authenticator.java new file mode 100644 index 0000000..4837878 --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/EAPTLS2Authenticator.java @@ -0,0 +1,385 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.nio.ByteBuffer; + +import net.jradius.client.RadiusClient; +import net.jradius.client.auth.tls.TlsProtocolHandler; +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; + +import org.bouncycastle.crypto.tls.AlwaysValidVerifyer; + + +/** + * EAP-TLS Authentication (and TLS Tunnel support). + * + * @author David Bird + */ +public class EAPTLS2Authenticator extends EAPAuthenticator +{ + public static final String NAME = "eap-tls"; + + private String keyFileType; + private String keyFile; + private String keyPassword; + + private String caFileType; + private String caFile; + private String caPassword; + + private Boolean trustAll = Boolean.FALSE; + + private TlsProtocolHandler handler = new TlsProtocolHandler(); + private AlwaysValidVerifyer verifyer = new AlwaysValidVerifyer(); + + private ByteBuffer receivedEAP = ByteBuffer.allocate(10000000); + + public EAPTLS2Authenticator() + { + setEAPType(EAP_TLS); + + keyFileType = "pkcs12"; + keyPassword = ""; + caFileType = "pkcs12"; + caPassword = ""; + } + + /* (non-Javadoc) + * @see net.sf.jradius.client.auth.RadiusAuthenticator#setupRequest(net.sf.jradius.client.RadiusClient, net.sf.jradius.packet.RadiusPacket) + */ + public void setupRequest(RadiusClient c, RadiusPacket p) throws RadiusException + { + super.setupRequest(c, p); + init(); + } + + /** + * Initializs the SSL layer. + * @throws RadiusException + */ + protected void init() throws RadiusException + { + /* + try + { + KeyManager keyManagers[] = null; + TrustManager trustManagers[] = null; + + if (getKeyFile() != null) + { + KeyStore ksKeys = KeyStore.getInstance(getKeyFileType()); + ksKeys.load(new FileInputStream(getKeyFile()), getKeyPassword().toCharArray()); + KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); + kmf.init(ksKeys, getKeyPassword().toCharArray()); + + keyManagers = kmf.getKeyManagers(); + } + + if (getCaFile() != null) + { + KeyStore caKeys = KeyStore.getInstance(getCaFileType()); + caKeys.load(new FileInputStream(getCaFile()), getCaPassword().toCharArray()); + TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); + tmf.init(caKeys); + + trustManagers = tmf.getTrustManagers(); + } + else + { + if (getTrustAll().booleanValue()) + { + trustManagers = new TrustManager[]{ new NoopX509TrustManager() }; + } + } + } + catch (Exception e) + { + throw new RadiusException(e); + } + */ + } + + /** + * @see net.sf.jradius.client.auth.RadiusAuthenticator#getAuthName() + */ + public String getAuthName() + { + return NAME; + } + + int state = 0; + protected static final short TLS_START = 0x20; + protected static final short TLS_MORE_FRAGMENTS = 0x40; + protected static final short TLS_HAS_LENGTH = 0x80; + + protected static final int TLS_CLIENT_HELLO = 0; + protected static final int TLS_SERVER_HELLO = 1; + protected static final int TLS_APP_DATA = 2; + + protected byte[] eapFragmentedReply = null; + protected int eapFragmentedOffset = 0; + + ByteArrayOutputStream appOutput = new ByteArrayOutputStream(); + + public void putAppBuffer(byte []b) + { + try { appOutput.write(b); } catch (Exception e) { e.printStackTrace(); } + } + + protected byte[] getAppBuffer() + { + byte b[] = appOutput.toByteArray(); + appOutput = new ByteArrayOutputStream(); + return b; + } + + public byte[] doEAPType(byte id, byte[] data) throws RadiusException + { + ByteBuffer bb = ByteBuffer.wrap(data); + + byte dflags = bb.get(); + byte flags = 0; + int dlen = 0; + + try + { + if ((dflags & TLS_HAS_LENGTH) != 0) + { + dlen = bb.getInt(); + } + + if (bb.hasRemaining()) + { + receivedEAP.put(bb.array(), bb.position(), bb.remaining()); + } + else + { + // We were sent a NAK, lets see if we are fragmenting + if (eapFragmentedReply != null) + { + return nextFragment(); + } + } + + if ((dflags & TLS_MORE_FRAGMENTS) != 0) + { + return tlsResponse(flags, null); + } + + switch(state) + { + case TLS_CLIENT_HELLO: + { + ByteArrayOutputStream os = new ByteArrayOutputStream(); + handler.clientHello(os, verifyer); + data = os.toByteArray(); + state = TLS_SERVER_HELLO; + } + break; + + case TLS_SERVER_HELLO: + { + receivedEAP.flip(); + ByteArrayOutputStream os = new ByteArrayOutputStream(); + handler.serverHello(new ByteArrayInputStream(receivedEAP.array(), receivedEAP.position(), receivedEAP.remaining()), os); + data = os.toByteArray(); + state = TLS_APP_DATA; + receivedEAP.clear(); + } + break; + + case TLS_APP_DATA: + { + receivedEAP.flip(); + ByteArrayInputStream is = new ByteArrayInputStream(receivedEAP.array(), receivedEAP.position(), receivedEAP.remaining()); + ByteArrayOutputStream os = new ByteArrayOutputStream(); + + byte []in = handler.readApplicationData(is, os); + + try + { + doTunnelAuthentication(id, in); + } + catch(Throwable e) + { + e.printStackTrace(); + } + + handler.writeApplicationData(is, os, getAppBuffer()); + + data = os.toByteArray(); + receivedEAP.clear(); + } + break; + } + + if (data != null && data.length > 1024) + { + eapFragmentedReply = data; + return nextFragment(); + } + + return tlsResponse(flags, data); + } + catch (Exception e) + { + throw new RadiusException(e); + } + } + + protected byte[] nextFragment() + { + int left = eapFragmentedReply.length - eapFragmentedOffset; + byte flags = (byte)0; + + if (left > 1024) + { + left = 1024; + flags |= TLS_MORE_FRAGMENTS; + } + + byte[] data = new byte[left]; + System.arraycopy(eapFragmentedReply, eapFragmentedOffset, data, 0, data.length); + eapFragmentedOffset += data.length; + + if (eapFragmentedReply.length == eapFragmentedOffset) + { + eapFragmentedReply = null; + eapFragmentedOffset = 0; + } + + return tlsResponse(flags, data); + } + + protected byte[] tlsResponse(byte flags, byte[] data) + { + int length = 1; + + if (data != null && data.length > 0) + { + length += data.length + 4; + flags |= TLS_HAS_LENGTH; + } + + byte[] response = new byte[length]; + response[0] = flags; + + if (data != null && data.length > 0) + { + length -= 1; + response[1] = (byte) (length >> 24 & 0xFF); + response[2] = (byte) (length >> 16 & 0xFF); + response[3] = (byte) (length >> 8 & 0xFF); + response[4] = (byte) (length & 0xFF); + System.arraycopy(data, 0, response, 5, data.length); + } + + return response; + } + + protected void doTunnelAuthentication(byte id, byte[] in) throws Throwable + { + // Not needed for EAP-TLS, but dependent protocols (PEAP, EAP-TTLS) implement this + } + + public String getCaFile() + { + return caFile; + } + + public void setCaFile(String caFile) + { + this.caFile = caFile; + } + + public String getCaFileType() + { + return caFileType; + } + + public void setCaFileType(String caFileType) + { + this.caFileType = caFileType; + } + + public String getKeyFile() + { + return keyFile; + } + + public void setKeyFile(String keyFile) + { + this.keyFile = keyFile; + } + + public String getKeyFileType() + { + return keyFileType; + } + + public void setKeyFileType(String keyFileType) + { + this.keyFileType = keyFileType; + } + + public String getKeyPassword() + { + return keyPassword; + } + + public void setKeyPassword(String keyPassword) + { + this.keyPassword = keyPassword; + } + + public String getCaPassword() + { + return caPassword; + } + + public void setCaPassword(String caPassword) + { + this.caPassword = caPassword; + } + + public Boolean getTrustAll() + { + return trustAll; + } + + public void setTrustAll(Boolean trustAll) + { + this.trustAll = trustAll; + } + + /* + private class NoopX509TrustManager implements X509TrustManager + { + public void checkClientTrusted(X509Certificate[] chain, String authType) { } + public void checkServerTrusted(X509Certificate[] chain, String authType) { } + public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } + } + */ +} diff --git a/extended/src/main/java/net/jradius/client/auth/EAPTLSAuthenticator.java b/extended/src/main/java/net/jradius/client/auth/EAPTLSAuthenticator.java new file mode 100644 index 0000000..d364a4a --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/EAPTLSAuthenticator.java @@ -0,0 +1,620 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import java.io.ByteArrayOutputStream; +import java.io.FileInputStream; +import java.io.IOException; +import java.nio.ByteBuffer; +import java.security.KeyStore; +import java.security.cert.X509Certificate; + +import javax.net.ssl.KeyManager; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLEngine; +import javax.net.ssl.SSLEngineResult; +import javax.net.ssl.SSLException; +import javax.net.ssl.SSLSession; +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactory; +import javax.net.ssl.X509TrustManager; + +import net.jradius.client.RadiusClient; +import net.jradius.exception.RadiusException; +import net.jradius.log.RadiusLog; +import net.jradius.packet.RadiusPacket; + + +/** + * EAP-TLS Authentication (and TLS Tunnel support). + * + * @author David Bird + */ +public class EAPTLSAuthenticator extends EAPAuthenticator +{ + public static final String NAME = "eap-tls"; + + private SSLContext sslContext; + private SSLEngine sslEngine; + private SSLSession sslSession; + + private ByteBuffer appInBuffer; + private ByteBuffer appOutBuffer; + private ByteBuffer packetInBuffer; + private ByteBuffer packetOutBuffer; + + private ByteArrayOutputStream packetInput = new ByteArrayOutputStream(); + private ByteArrayOutputStream packetOutput = new ByteArrayOutputStream(); + private ByteArrayOutputStream appOutput = new ByteArrayOutputStream(); + + private String keyFileType; + private String keyFile; + private String keyPassword; + + private String caFileType; + private String caFile; + private String caPassword; + + private Boolean trustAll = Boolean.FALSE; + + public EAPTLSAuthenticator() + { + setEAPType(EAP_TLS); + + keyFileType = "pkcs12"; + keyPassword = ""; + caFileType = "pkcs12"; + caPassword = ""; + } + + /* (non-Javadoc) + * @see net.sf.jradius.client.auth.RadiusAuthenticator#setupRequest(net.sf.jradius.client.RadiusClient, net.sf.jradius.packet.RadiusPacket) + */ + public void setupRequest(RadiusClient c, RadiusPacket p) throws RadiusException + { + super.setupRequest(c, p); + init(); + } + + /** + * Initializs the SSL layer. + * @throws RadiusException + */ + protected void init() throws RadiusException + { + try + { + KeyManager keyManagers[] = null; + TrustManager trustManagers[] = null; + + if (getKeyFile() != null) + { + KeyStore ksKeys = KeyStore.getInstance(getKeyFileType()); + ksKeys.load(new FileInputStream(getKeyFile()), getKeyPassword().toCharArray()); + KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); + kmf.init(ksKeys, getKeyPassword().toCharArray()); + + keyManagers = kmf.getKeyManagers(); + } + + if (getCaFile() != null) + { + KeyStore caKeys = KeyStore.getInstance(getCaFileType()); + caKeys.load(new FileInputStream(getCaFile()), getCaPassword().toCharArray()); + TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); + tmf.init(caKeys); + + trustManagers = tmf.getTrustManagers(); + } + else + { + if (getTrustAll().booleanValue()) + { + trustManagers = new TrustManager[]{ new NoopX509TrustManager() }; + } + } + + /* + for (Enumeration e = ksKeys.aliases() ; e.hasMoreElements() ;) { + String alias = e.nextElement().toString(); + System.out.println("CERTIFICATE: " + alias); + System.out.println(ksKeys.getCertificate(alias)); + } + */ + + sslContext = SSLContext.getInstance("TLS"); + sslContext.init(keyManagers, trustManagers, null); + + sslEngine = sslContext.createSSLEngine(); + + /* + String[] cs = sslEngine.getSupportedCipherSuites(); + for (int i=0; i 0; offset += chunk) + { + if (left < chunk) chunk = left; + left -= chunk; + + packetInBuffer.put(d, offset, chunk); + + if (tlsState == Finished) + { + packetInBuffer.flip(); + + SSLEngineResult result = null; + + while ((result == null || result.getStatus() == SSLEngineResult.Status.OK) && + packetInBuffer.hasRemaining()) + { + result = sslEngine.unwrap(packetInBuffer, appInBuffer); + + if (result.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_TASK) + { + while ((task = sslEngine.getDelegatedTask()) != null) task.run(); + } + + appInBuffer.flip(); + + if (appInBuffer.hasRemaining()) + { + appOutput.write( + appInBuffer.array(), + appInBuffer.arrayOffset(), + appInBuffer.remaining()); + } + + appInBuffer.clear(); + } + packetInBuffer.clear(); + } + } + } + + protected byte[] getPacketInputBuffer() + { + byte b[] = packetInput.toByteArray(); + packetInput = new ByteArrayOutputStream(); + return b; + } + + protected byte[] getPacketOutputBuffer() + { + packetOutBuffer.flip(); + if (packetOutBuffer.hasRemaining()) + { + packetOutput.write( + packetOutBuffer.array(), + packetOutBuffer.arrayOffset(), + packetOutBuffer.remaining()); + } + packetOutBuffer.clear(); + byte b[] = packetOutput.toByteArray(); + packetOutput = new ByteArrayOutputStream(); + return b; + } + + protected void putAppBuffer(byte[] d) throws SSLException + { + SSLEngineResult result = null; + Runnable task; + + int chunk = appOutBuffer.capacity(); + int left = d.length; + + for (int offset = 0; left > 0; offset += chunk) + { + if (left < chunk) chunk = left; + left -= chunk; + + appOutBuffer.clear(); + appOutBuffer.put(d, offset, chunk); + appOutBuffer.flip(); + + while (appOutBuffer.hasRemaining()) + { + result = sslEngine.wrap(appOutBuffer, packetOutBuffer); + + if (result.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_TASK) + { + while ((task = sslEngine.getDelegatedTask()) != null) task.run(); + } + + if (tlsState == Finished) + { + packetOutBuffer.flip(); + if (packetOutBuffer.hasRemaining()) + { + packetOutput.write( + packetOutBuffer.array(), + packetOutBuffer.arrayOffset(), + packetOutBuffer.remaining()); + } + packetOutBuffer.clear(); + } + else + { + } + } + + packetInBuffer.clear(); + } + } + + protected byte[] getAppBuffer() throws SSLException + { + byte b[] = appOutput.toByteArray(); + appOutput = new ByteArrayOutputStream(); + return b; + } + + protected static final short TLS_START = 0x20; + protected static final short TLS_MORE_FRAGMENTS = 0x40; + protected static final short TLS_HAS_LENGTH = 0x80; + + protected byte[] eapFragmentedReply = null; + protected int eapFragmentedOffset = 0; + + public byte[] doEAPType(byte id, byte[] data) throws RadiusException + { + ByteBuffer bb = ByteBuffer.wrap(data); + + byte dflags = bb.get(); + byte flags = 0; + int dlen = 0; + + try + { + if ((dflags & TLS_HAS_LENGTH) != 0) + { + dlen = bb.getInt(); + } + + if (bb.hasRemaining()) + { + byte b[] = new byte[bb.remaining()]; + bb.get(b, 0, b.length); + updatePacketBuffer(b); + } + else + { + // We were sent a NAK, lets see if we are fragmenting + if (eapFragmentedReply != null) + { + return nextFragment(); + } + } + + if ((dflags & TLS_MORE_FRAGMENTS) != 0) + { + return tlsResponse(flags, null); + } + + if (tlsHandshake() == Finished) + { + try + { + byte[] in = getAppBuffer(); + + doTunnelAuthentication(id, in); + } + catch (Throwable e) + { + e.printStackTrace(); + } + } + + data = getPacketInputBuffer(); + + if (data != null && data.length > 0) + { + putPacketBuffer(data); + } + + data = getPacketOutputBuffer(); + + if (data != null && data.length > 1024) + { + eapFragmentedReply = data; + return nextFragment(); + } + + return tlsResponse(flags, data); + } + catch (SSLException e) + { + throw new RadiusException(e); + } + } + + protected byte[] nextFragment() + { + int left = eapFragmentedReply.length - eapFragmentedOffset; + byte flags = (byte)0; + + if (left > 1024) + { + left = 1024; + flags |= TLS_MORE_FRAGMENTS; + } + + byte[] data = new byte[left]; + System.arraycopy(eapFragmentedReply, eapFragmentedOffset, data, 0, data.length); + eapFragmentedOffset += data.length; + + if (eapFragmentedReply.length == eapFragmentedOffset) + { + eapFragmentedReply = null; + eapFragmentedOffset = 0; + } + + return tlsResponse(flags, data); + } + + protected byte[] tlsResponse(byte flags, byte[] data) + { + int length = 1; + + if (data != null && data.length > 0) + { + length += data.length + 4; + flags |= TLS_HAS_LENGTH; + } + + byte[] response = new byte[length]; + response[0] = flags; + + if (data != null && data.length > 0) + { + length -= 1; + response[1] = (byte) (length >> 24 & 0xFF); + response[2] = (byte) (length >> 16 & 0xFF); + response[3] = (byte) (length >> 8 & 0xFF); + response[4] = (byte) (length & 0xFF); + System.arraycopy(data, 0, response, 5, data.length); + } + + return response; + } + + protected void doTunnelAuthentication(byte id, byte[] in) throws Throwable + { + // Not needed for EAP-TLS, but dependent protocols (PEAP, EAP-TTLS) implement this + } + + public String getCaFile() + { + return caFile; + } + + public void setCaFile(String caFile) + { + this.caFile = caFile; + } + + public String getCaFileType() + { + return caFileType; + } + + public void setCaFileType(String caFileType) + { + this.caFileType = caFileType; + } + + public String getKeyFile() + { + return keyFile; + } + + public void setKeyFile(String keyFile) + { + this.keyFile = keyFile; + } + + public String getKeyFileType() + { + return keyFileType; + } + + public void setKeyFileType(String keyFileType) + { + this.keyFileType = keyFileType; + } + + public String getKeyPassword() + { + return keyPassword; + } + + public void setKeyPassword(String keyPassword) + { + this.keyPassword = keyPassword; + } + + public String getCaPassword() + { + return caPassword; + } + + public void setCaPassword(String caPassword) + { + this.caPassword = caPassword; + } + + public Boolean getTrustAll() + { + return trustAll; + } + + public void setTrustAll(Boolean trustAll) + { + this.trustAll = trustAll; + } + + private class NoopX509TrustManager implements X509TrustManager + { + public void checkClientTrusted(X509Certificate[] chain, String authType) { } + public void checkServerTrusted(X509Certificate[] chain, String authType) { } + public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } + } +} diff --git a/extended/src/main/java/net/jradius/client/auth/EAPTTLSAuthenticator.java b/extended/src/main/java/net/jradius/client/auth/EAPTTLSAuthenticator.java new file mode 100644 index 0000000..f9c49fb --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/EAPTTLSAuthenticator.java @@ -0,0 +1,138 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import javax.net.ssl.SSLException; + +import net.jradius.client.RadiusClient; +import net.jradius.dictionary.Attr_EAPMessage; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.dictionary.Attr_UserPassword; +import net.jradius.exception.RadiusException; +import net.jradius.log.RadiusLog; +import net.jradius.packet.AccessChallenge; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.DiameterFormat; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeList; + + +/** + * EAP-TTLS Authentication. + * + * @author David Bird + */ +public class EAPTTLSAuthenticator extends EAPTLSAuthenticator implements TunnelAuthenticator +{ + public static final String NAME = "eap-ttls"; + private String innerProtocol = "pap"; + private RadiusAuthenticator tunnelAuth; + private RadiusPacket tunnelRequest; + private RadiusPacket tunnelChallenge; + private AttributeList tunneledAttributes; + + private static final DiameterFormat diameterFormat = new DiameterFormat(); + + public EAPTTLSAuthenticator() + { + setEAPType(EAP_TTLS); + } + + /* (non-Javadoc) + * @see net.jradius.client.auth.EAPTLSAuthenticator#init() + */ + protected void init() throws RadiusException + { + super.init(); + tunnelAuth = RadiusClient.getAuthProtocol(getInnerProtocol()); + + if (tunnelAuth == null || + tunnelAuth instanceof MSCHAPv2Authenticator || + tunnelAuth instanceof MSCHAPv1Authenticator || + tunnelAuth instanceof CHAPAuthenticator) + { + throw new RadiusException("You can not currently use " + tunnelAuth.getAuthName() +" within a TLS Tunnel because of limitations in Java 1.5."); + } + } + + /** + * @see net.jradius.client.auth.RadiusAuthenticator#getAuthName() + */ + public String getAuthName() + { + return NAME; + } + + /** + * @param tunneledAttributes The tunneledAttributes to set. + */ + public void setTunneledAttributes(AttributeList tunneledAttributes) + { + this.tunneledAttributes = tunneledAttributes; + } + + /** + * @see net.jradius.client.auth.RadiusAuthenticator#setupRequest(net.jradius.client.RadiusClient, net.jradius.packet.RadiusPacket) + */ + public void setupRequest(RadiusClient c, RadiusPacket p) throws RadiusException + { + super.setupRequest(c, p); + tunnelRequest = new AccessRequest(tunneledAttributes); + AttributeList attrs = tunnelRequest.getAttributes(); + if (attrs.get(Attr_UserName.TYPE) == null) attrs.add(username); + if (attrs.get(Attr_UserPassword.TYPE) == null) attrs.add(password); + tunnelAuth.setupRequest(c, tunnelRequest); + if (!(tunnelAuth instanceof PAPAuthenticator)) // do not encode pap password + { + tunnelAuth.processRequest(tunnelRequest); + } + } + + protected void doTunnelAuthentication(byte id, byte[] in) throws RadiusException, SSLException + { + if (tunnelChallenge != null && in != null) + { + AttributeList list = tunnelChallenge.getAttributes(); + list.clear(); + + diameterFormat.unpackAttributes(list, in, 0, in.length); + if (tunnelAuth instanceof EAPAuthenticator && tunnelChallenge.findAttribute(Attr_EAPMessage.TYPE) == null) + tunnelAuth.setupRequest(client, tunnelRequest); + else + tunnelAuth.processChallenge(tunnelRequest, tunnelChallenge); + } + else tunnelChallenge = new AccessChallenge(); + + putAppBuffer(diameterFormat.packAttributeList(tunnelRequest.getAttributes())); + RadiusLog.debug("Tunnel Request:\n" + tunnelRequest.toString()); + } + + public String getInnerProtocol() + { + return innerProtocol; + } + + public void setInnerProtocol(String innerProtocol) + { + this.innerProtocol = innerProtocol; + } +} diff --git a/extended/src/main/java/net/jradius/client/auth/PEAPAuthenticator.java b/extended/src/main/java/net/jradius/client/auth/PEAPAuthenticator.java new file mode 100644 index 0000000..68d8ce7 --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/PEAPAuthenticator.java @@ -0,0 +1,96 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.auth; + +import javax.net.ssl.SSLException; + +import net.jradius.client.RadiusClient; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.dictionary.Attr_UserPassword; +import net.jradius.exception.RadiusException; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeList; + + +/** + * EAP-TTLS Authentication. + * + * @author David Bird + */ +public class PEAPAuthenticator extends EAPTLS2Authenticator +{ + public static final String NAME = "peap"; + private EAPAuthenticator tunnelAuth; + private RadiusPacket tunnelRequest; + + public PEAPAuthenticator() + { + setEAPType(EAP_PEAP); + } + + /* (non-Javadoc) + * @see net.jradius.client.auth.EAPTLSAuthenticator#init() + */ + protected void init() throws RadiusException + { + super.init(); + tunnelAuth = new EAPMSCHAPv2Authenticator(true); + } + + /** + * @see net.jradius.client.auth.RadiusAuthenticator#getAuthName() + */ + public String getAuthName() + { + return NAME; + } + + /** + * @see net.jradius.client.auth.RadiusAuthenticator#setupRequest(net.jradius.client.RadiusClient, net.jradius.packet.RadiusPacket) + */ + public void setupRequest(RadiusClient c, RadiusPacket p) throws RadiusException + { + super.setupRequest(c, p); + tunnelRequest = new AccessRequest(); + AttributeList attrs = tunnelRequest.getAttributes(); + if (attrs.get(Attr_UserName.TYPE) == null) attrs.add(username); + if (attrs.get(Attr_UserPassword.TYPE) == null) attrs.add(password); + tunnelAuth.setupRequest(c, tunnelRequest); + tunnelAuth.processRequest(tunnelRequest); + } + + protected void doTunnelAuthentication(byte id, byte[] in) throws RadiusException, SSLException + { + byte []out; + + if (in != null && in.length > 0) + { + out = tunnelAuth.doEAP(in); + } + else + { + out = tunnelAuth.eapResponse(EAP_IDENTITY, (byte)0, getUsername()); + } + + putAppBuffer(out); + } +} diff --git a/extended/src/main/java/net/jradius/client/auth/tls/Certificate.java b/extended/src/main/java/net/jradius/client/auth/tls/Certificate.java new file mode 100644 index 0000000..83269d6 --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/tls/Certificate.java @@ -0,0 +1,77 @@ +package net.jradius.client.auth.tls; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.Vector; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.DERObject; +import org.bouncycastle.asn1.x509.X509CertificateStructure; + +/** + * A representation for a certificate chain as used by an tls server. + */ +public class Certificate +{ + /** + * The certificates. + */ + protected X509CertificateStructure[] certs; + + /** + * Parse the ServerCertificate message. + * + * @param is The stream where to parse from. + * @return A Certificate object with the certs, the server has sended. + * @throws IOException If something goes wrong during parsing. + */ + protected static Certificate parse(InputStream is) throws IOException + { + X509CertificateStructure[] certs; + int left = TlsUtils.readUint24(is); + Vector tmp = new Vector(); + while (left > 0) + { + int size = TlsUtils.readUint24(is); + left -= 3 + size; + byte[] buf = new byte[size]; + TlsUtils.readFully(buf, is); + ByteArrayInputStream bis = new ByteArrayInputStream(buf); + ASN1InputStream ais = new ASN1InputStream(bis); + DERObject o = ais.readObject(); + tmp.addElement(X509CertificateStructure.getInstance(o)); + if (bis.available() > 0) + { + throw new IllegalArgumentException("Sorry, there is garbage data left after the certificate"); + } + } + certs = new X509CertificateStructure[tmp.size()]; + for (int i = 0; i < tmp.size(); i++) + { + certs[i] = (X509CertificateStructure)tmp.elementAt(i); + } + return new Certificate(certs); + } + + /** + * Private constructure from an cert array. + * + * @param certs The certs the chain should contain. + */ + private Certificate(X509CertificateStructure[] certs) + { + this.certs = certs; + } + + /** + * @return An array which contains the certs, this chain contains. + */ + public X509CertificateStructure[] getCerts() + { + X509CertificateStructure[] result = new X509CertificateStructure[certs.length]; + System.arraycopy(certs, 0, result, 0, certs.length); + return result; + } + +} diff --git a/extended/src/main/java/net/jradius/client/auth/tls/RecordStream.java b/extended/src/main/java/net/jradius/client/auth/tls/RecordStream.java new file mode 100644 index 0000000..bd56b54 --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/tls/RecordStream.java @@ -0,0 +1,112 @@ +package net.jradius.client.auth.tls; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; + +import org.bouncycastle.crypto.tls.CombinedHash; + +/** + * An implementation of the TLS 1.0 record layer. + */ +public class RecordStream +{ + private TlsProtocolHandler handler; + private ByteArrayInputStream is; + private ByteArrayOutputStream os; + protected CombinedHash hash1; + protected CombinedHash hash2; + protected TlsCipherSuite readSuite = null; + protected TlsCipherSuite writeSuite = null; + + protected RecordStream(TlsProtocolHandler handler) + { + this.handler = handler; + hash1 = new CombinedHash(); + hash2 = new CombinedHash(); + this.readSuite = new TlsNullCipherSuite(); + this.writeSuite = this.readSuite; + } + + public void setInputStream(ByteArrayInputStream stream) + { + is = stream; + } + + public void setOutputStream(ByteArrayOutputStream stream) + { + os = stream; + } + + public boolean hasMore() throws IOException + { + return (is.available() > 0); + } + + public void readData() throws IOException + { + short type = TlsUtils.readUint8(is); + TlsUtils.checkVersion(is, handler); + int size = TlsUtils.readUint16(is); + byte[] buf = decodeAndVerify(type, is, size); + handler.processData(type, buf, 0, buf.length); + } + + protected byte[] decodeAndVerify(short type, InputStream is, int len) throws IOException + { + byte[] buf = new byte[len]; + TlsUtils.readFully(buf, is); + byte[] result = readSuite.decodeCiphertext(type, buf, 0, buf.length, handler); + return result; + } + + protected void writeMessage(short type, byte[] message, int offset, int len) throws IOException + { + if (type == 22) + { + hash1.update(message, offset, len); + hash2.update(message, offset, len); + } + byte[] ciphertext = writeSuite.encodePlaintext(type, message, offset, len); + byte[] writeMessage = new byte[ciphertext.length + 5]; + TlsUtils.writeUint8(type, writeMessage, 0); + TlsUtils.writeUint8((short)3, writeMessage, 1); + TlsUtils.writeUint8((short)1, writeMessage, 2); + TlsUtils.writeUint16(ciphertext.length, writeMessage, 3); + System.arraycopy(ciphertext, 0, writeMessage, 5, ciphertext.length); + os.write(writeMessage); + os.flush(); + } + + protected void close() throws IOException + { + IOException e = null; + try + { + is.close(); + } + catch (IOException ex) + { + e = ex; + } + try + { + os.close(); + } + catch (IOException ex) + { + e = ex; + } + if (e != null) + { + throw e; + } + } + + protected void flush() throws IOException + { + os.flush(); + } + +} diff --git a/extended/src/main/java/net/jradius/client/auth/tls/TlsBlockCipherCipherSuite.java b/extended/src/main/java/net/jradius/client/auth/tls/TlsBlockCipherCipherSuite.java new file mode 100644 index 0000000..c08f114 --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/tls/TlsBlockCipherCipherSuite.java @@ -0,0 +1,190 @@ +package net.jradius.client.auth.tls; + +import java.io.IOException; + +import org.bouncycastle.crypto.BlockCipher; +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.params.KeyParameter; +import org.bouncycastle.crypto.params.ParametersWithIV; + +/** + * A generic TLS 1.0 block cipher suite. This can be used for AES or 3DES for + * example. + */ +public class TlsBlockCipherCipherSuite extends TlsCipherSuite +{ + + private BlockCipher encryptCipher; + + private BlockCipher decryptCipher; + + private Digest writeDigest; + + private Digest readDigest; + + private int cipherKeySize; + + private short keyExchange; + + private TlsMac writeMac; + + private TlsMac readMac; + + protected TlsBlockCipherCipherSuite(BlockCipher encrypt, + BlockCipher decrypt, Digest writeDigest, Digest readDigest, + int cipherKeySize, short keyExchange) + { + this.encryptCipher = encrypt; + this.decryptCipher = decrypt; + this.writeDigest = writeDigest; + this.readDigest = readDigest; + this.cipherKeySize = cipherKeySize; + this.keyExchange = keyExchange; + } + + protected void init(byte[] ms, byte[] cr, byte[] sr) + { + int prfSize = (2 * cipherKeySize) + (2 * writeDigest.getDigestSize()) + + (2 * encryptCipher.getBlockSize()); + byte[] key_block = new byte[prfSize]; + byte[] random = new byte[cr.length + sr.length]; + System.arraycopy(cr, 0, random, sr.length, cr.length); + System.arraycopy(sr, 0, random, 0, sr.length); + TlsUtils.PRF(ms, TlsUtils.toByteArray("key expansion"), random, key_block); + + int offset = 0; + + // Init MACs + writeMac = new TlsMac(writeDigest, key_block, offset, writeDigest + .getDigestSize()); + offset += writeDigest.getDigestSize(); + readMac = new TlsMac(readDigest, key_block, offset, readDigest + .getDigestSize()); + offset += readDigest.getDigestSize(); + + // Init Ciphers + this.initCipher(true, encryptCipher, key_block, cipherKeySize, offset, + offset + (cipherKeySize * 2)); + offset += cipherKeySize; + this.initCipher(false, decryptCipher, key_block, cipherKeySize, offset, + offset + cipherKeySize + decryptCipher.getBlockSize()); + } + + private void initCipher(boolean forEncryption, BlockCipher cipher, + byte[] key_block, int key_size, int key_offset, int iv_offset) + { + KeyParameter key_parameter = new KeyParameter(key_block, key_offset, + key_size); + ParametersWithIV parameters_with_iv = new ParametersWithIV( + key_parameter, key_block, iv_offset, cipher.getBlockSize()); + cipher.init(forEncryption, parameters_with_iv); + } + + protected byte[] encodePlaintext(short type, byte[] plaintext, int offset, + int len) + { + int blocksize = encryptCipher.getBlockSize(); + int paddingsize = blocksize + - ((len + writeMac.getSize() + 1) % blocksize); + int totalsize = len + writeMac.getSize() + paddingsize + 1; + byte[] outbuf = new byte[totalsize]; + System.arraycopy(plaintext, offset, outbuf, 0, len); + byte[] mac = writeMac.calculateMac(type, plaintext, offset, len); + System.arraycopy(mac, 0, outbuf, len, mac.length); + int paddoffset = len + mac.length; + for (int i = 0; i <= paddingsize; i++) + { + outbuf[i + paddoffset] = (byte)paddingsize; + } + for (int i = 0; i < totalsize; i += blocksize) + { + encryptCipher.processBlock(outbuf, i, outbuf, i); + } + return outbuf; + + } + + protected byte[] decodeCiphertext(short type, byte[] ciphertext, + int offset, int len, TlsProtocolHandler handler) throws IOException + { + int blocksize = decryptCipher.getBlockSize(); + boolean decrypterror = false; + + /* + * Decrypt all the ciphertext using the blockcipher + */ + for (int i = 0; i < len; i += blocksize) + { + decryptCipher.processBlock(ciphertext, i + offset, ciphertext, i + + offset); + } + + /* + * Check if padding is correct + */ + int paddingsize = ciphertext[offset + len - 1]; + if (offset + len - 1 - paddingsize < 0) + { + /* + * This would lead to an negativ array index, so this padding + * must be incorrect! + */ + decrypterror = true; + paddingsize = 0; + } + else + { + /* + * Now, check all the padding-bytes. + */ + for (int i = 0; i <= paddingsize; i++) + { + if (ciphertext[offset + len - 1 - i] != paddingsize) + { + /* Wrong padding */ + decrypterror = true; + } + } + } + + /* + * We now don't care if padding verification has failed or not, + * we will calculate the mac to give an attacker no kind of timing + * profile he can use to find out if mac verification failed or + * padding verification failed. + */ + int plaintextlength = len - readMac.getSize() - paddingsize - 1; + byte[] calculatedMac = readMac.calculateMac(type, ciphertext, offset, + plaintextlength); + + /* + * Check all bytes in the mac. + */ + for (int i = 0; i < calculatedMac.length; i++) + { + if (ciphertext[offset + plaintextlength + i] != calculatedMac[i]) + { + decrypterror = true; + } + } + + /* + * Now, it is save to fail. + */ + if (decrypterror) + { + handler.failWithError(TlsProtocolHandler.AL_fatal, + TlsProtocolHandler.AP_bad_record_mac); + } + byte[] plaintext = new byte[plaintextlength]; + System.arraycopy(ciphertext, offset, plaintext, 0, plaintextlength); + return plaintext; + + } + + protected short getKeyExchangeAlgorithm() + { + return this.keyExchange; + } + +} diff --git a/extended/src/main/java/net/jradius/client/auth/tls/TlsCipherSuite.java b/extended/src/main/java/net/jradius/client/auth/tls/TlsCipherSuite.java new file mode 100644 index 0000000..f3aeb9b --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/tls/TlsCipherSuite.java @@ -0,0 +1,29 @@ +package net.jradius.client.auth.tls; + +import java.io.IOException; + +/** + * A generic class for ciphersuites in TLS 1.0. + */ +public abstract class TlsCipherSuite +{ + + protected static final short KE_RSA = 1; + protected static final short KE_RSA_EXPORT = 2; + protected static final short KE_DHE_DSS = 3; + protected static final short KE_DHE_DSS_EXPORT = 4; + protected static final short KE_DHE_RSA = 5; + protected static final short KE_DHE_RSA_EXPORT = 6; + protected static final short KE_DH_DSS = 7; + protected static final short KE_DH_RSA = 8; + protected static final short KE_DH_anon = 9; + + protected abstract void init(byte[] ms, byte[] cr, byte[] sr); + + protected abstract byte[] encodePlaintext(short type, byte[] plaintext, int offset, int len); + + protected abstract byte[] decodeCiphertext(short type, byte[] plaintext, int offset, int len, TlsProtocolHandler handler) throws IOException; + + protected abstract short getKeyExchangeAlgorithm(); + +} diff --git a/extended/src/main/java/net/jradius/client/auth/tls/TlsCipherSuiteManager.java b/extended/src/main/java/net/jradius/client/auth/tls/TlsCipherSuiteManager.java new file mode 100644 index 0000000..395cc4e --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/tls/TlsCipherSuiteManager.java @@ -0,0 +1,73 @@ +package net.jradius.client.auth.tls; + +import java.io.IOException; +import java.io.OutputStream; + +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.crypto.engines.AESFastEngine; +import org.bouncycastle.crypto.engines.DESedeEngine; +import org.bouncycastle.crypto.modes.CBCBlockCipher; + +/** + * A manager for ciphersuite. This class does manage all ciphersuites + * which are used by MicroTLS. + */ +public class TlsCipherSuiteManager +{ + private static final int TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000a; + private static final int TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016; + private static final int TLS_RSA_WITH_AES_128_CBC_SHA = 0x002f; + private static final int TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033; + private static final int TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035; + private static final int TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039; + + + protected static void writeCipherSuites(OutputStream os) throws IOException + { + TlsUtils.writeUint16(2 * 6, os); + + TlsUtils.writeUint16(TLS_DHE_RSA_WITH_AES_256_CBC_SHA, os); + TlsUtils.writeUint16(TLS_DHE_RSA_WITH_AES_128_CBC_SHA, os); + TlsUtils.writeUint16(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, os); + + TlsUtils.writeUint16(TLS_RSA_WITH_AES_256_CBC_SHA, os); + TlsUtils.writeUint16(TLS_RSA_WITH_AES_128_CBC_SHA, os); + TlsUtils.writeUint16(TLS_RSA_WITH_3DES_EDE_CBC_SHA, os); + + } + + protected static TlsCipherSuite getCipherSuite(int number, TlsProtocolHandler handler) throws IOException + { + switch (number) + { + case TLS_RSA_WITH_3DES_EDE_CBC_SHA: + return new TlsBlockCipherCipherSuite(new CBCBlockCipher(new DESedeEngine()), new CBCBlockCipher(new DESedeEngine()), new SHA1Digest(), new SHA1Digest(), 24, TlsCipherSuite.KE_RSA); + + case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: + return new TlsBlockCipherCipherSuite(new CBCBlockCipher(new DESedeEngine()), new CBCBlockCipher(new DESedeEngine()), new SHA1Digest(), new SHA1Digest(), 24, TlsCipherSuite.KE_DHE_RSA); + + case TLS_RSA_WITH_AES_128_CBC_SHA: + return new TlsBlockCipherCipherSuite(new CBCBlockCipher(new AESFastEngine()), new CBCBlockCipher(new AESFastEngine()), new SHA1Digest(), new SHA1Digest(), 16, TlsCipherSuite.KE_RSA); + + case TLS_DHE_RSA_WITH_AES_128_CBC_SHA: + return new TlsBlockCipherCipherSuite(new CBCBlockCipher(new AESFastEngine()), new CBCBlockCipher(new AESFastEngine()), new SHA1Digest(), new SHA1Digest(), 16, TlsCipherSuite.KE_DHE_RSA); + + case TLS_RSA_WITH_AES_256_CBC_SHA: + return new TlsBlockCipherCipherSuite(new CBCBlockCipher(new AESFastEngine()), new CBCBlockCipher(new AESFastEngine()), new SHA1Digest(), new SHA1Digest(), 32, TlsCipherSuite.KE_RSA); + + case TLS_DHE_RSA_WITH_AES_256_CBC_SHA: + return new TlsBlockCipherCipherSuite(new CBCBlockCipher(new AESFastEngine()), new CBCBlockCipher(new AESFastEngine()), new SHA1Digest(), new SHA1Digest(), 32, TlsCipherSuite.KE_DHE_RSA); + + default: + handler.failWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_handshake_failure); + + /* + * Unreachable Code, failWithError will always throw an exception! + */ + return null; + + + } + } + +} diff --git a/extended/src/main/java/net/jradius/client/auth/tls/TlsMac.java b/extended/src/main/java/net/jradius/client/auth/tls/TlsMac.java new file mode 100644 index 0000000..9dfb03f --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/tls/TlsMac.java @@ -0,0 +1,78 @@ +package net.jradius.client.auth.tls; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; + +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.crypto.params.KeyParameter; + +/** + * A generic TLS MAC implementation, which can be used with any kind of + * Digest to act as an HMAC. + */ +public class TlsMac +{ + private long seqNo; + private HMac mac; + + /** + * Generate a new instance of an TlsMac. + * + * @param digest The digest to use. + * @param key_block A byte-array where the key for this mac is located. + * @param offset The number of bytes to skip, before the key starts in the buffer. + * @param len The length of the key. + */ + protected TlsMac(Digest digest, byte[] key_block, int offset, int len) + { + this.mac = new HMac(digest); + KeyParameter param = new KeyParameter(key_block, offset, len); + this.mac.init(param); + this.seqNo = 0; + } + + /** + * @return The Keysize of the mac. + */ + protected int getSize() + { + return mac.getMacSize(); + } + + /** + * Calculate the mac for some given data. + *

+ * TlsMac will keep track of the sequence number internally. + * + * @param type The message type of the message. + * @param message A byte-buffer containing the message. + * @param offset The number of bytes to skip, before the message starts. + * @param len The length of the message. + * @return A new byte-buffer containing the mac value. + */ + protected byte[] calculateMac(short type, byte[] message, int offset, int len) + { + try + { + ByteArrayOutputStream bosMac = new ByteArrayOutputStream(); + TlsUtils.writeUint64(seqNo++, bosMac); + TlsUtils.writeUint8(type, bosMac); + TlsUtils.writeVersion(bosMac); + TlsUtils.writeUint16(len, bosMac); + bosMac.write(message, offset, len); + byte[] macData = bosMac.toByteArray(); + mac.update(macData, 0, macData.length); + byte[] result = new byte[mac.getMacSize()]; + mac.doFinal(result, 0); + mac.reset(); + return result; + } + catch (IOException e) + { + // This should never happen + throw new IllegalStateException("Internal error during mac calculation"); + } + } + +} diff --git a/extended/src/main/java/net/jradius/client/auth/tls/TlsNullCipherSuite.java b/extended/src/main/java/net/jradius/client/auth/tls/TlsNullCipherSuite.java new file mode 100644 index 0000000..660d24c --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/tls/TlsNullCipherSuite.java @@ -0,0 +1,35 @@ +package net.jradius.client.auth.tls; + +import org.bouncycastle.crypto.tls.TlsRuntimeException; + +/** + * A NULL CipherSuite in java, this should only be used during handshake. + */ +public class TlsNullCipherSuite extends TlsCipherSuite +{ + + protected void init(byte[] ms, byte[] cr, byte[] sr) + { + throw new TlsRuntimeException("Sorry, init of TLS_NULL_WITH_NULL_NULL is forbidden"); + } + + protected byte[] encodePlaintext(short type, byte[] plaintext, int offset, int len) + { + byte[] result = new byte[len]; + System.arraycopy(plaintext, offset, result, 0, len); + return result; + } + + protected byte[] decodeCiphertext(short type, byte[] plaintext, int offset, int len, TlsProtocolHandler handler) + { + byte[] result = new byte[len]; + System.arraycopy(plaintext, offset, result, 0, len); + return result; + } + + protected short getKeyExchangeAlgorithm() + { + return 0; + } + +} diff --git a/extended/src/main/java/net/jradius/client/auth/tls/TlsProtocolHandler.java b/extended/src/main/java/net/jradius/client/auth/tls/TlsProtocolHandler.java new file mode 100644 index 0000000..66acc5b --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/tls/TlsProtocolHandler.java @@ -0,0 +1,1101 @@ +package net.jradius.client.auth.tls; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.SecureRandom; + +import org.bouncycastle.asn1.x509.RSAPublicKeyStructure; +import org.bouncycastle.crypto.InvalidCipherTextException; +import org.bouncycastle.crypto.encodings.PKCS1Encoding; +import org.bouncycastle.crypto.engines.RSABlindedEngine; +import org.bouncycastle.crypto.params.ParametersWithRandom; +import org.bouncycastle.crypto.params.RSAKeyParameters; +import org.bouncycastle.crypto.prng.ThreadedSeedGenerator; +import org.bouncycastle.crypto.tls.ByteQueue; +import org.bouncycastle.crypto.tls.CertificateVerifyer; +import org.bouncycastle.crypto.tls.CombinedHash; + +/** + * An implementation of all high level protocols in TLS 1.0. + */ +public class TlsProtocolHandler +{ + private static final short RL_CHANGE_CIPHER_SPEC = 20; + + private static final short RL_ALERT = 21; + + private static final short RL_HANDSHAKE = 22; + + private static final short RL_APPLICATION_DATA = 23; + + private static final short HP_HELLO_REQUEST = 0; + + private static final short HP_CLIENT_HELLO = 1; + + private static final short HP_SERVER_HELLO = 2; + + private static final short HP_CERTIFICATE = 11; + + private static final short HP_SERVER_KEY_EXCHANGE = 12; + + private static final short HP_CERTIFICATE_REQUEST = 13; + + private static final short HP_SERVER_HELLO_DONE = 14; + + private static final short HP_CERTIFICATE_VERIFY = 15; + + private static final short HP_CLIENT_KEY_EXCHANGE = 16; + + private static final short HP_FINISHED = 20; + + private static final short CS_CLIENT_HELLO_SEND = 1; + + private static final short CS_SERVER_HELLO_RECEIVED = 2; + + private static final short CS_SERVER_CERTIFICATE_RECEIVED = 3; + + private static final short CS_SERVER_KEY_EXCHANGE_RECEIVED = 4; + + private static final short CS_SERVER_HELLO_DONE_RECEIVED = 5; + + private static final short CS_CLIENT_KEY_EXCHANGE_SEND = 6; + + private static final short CS_CLIENT_CHANGE_CIPHER_SPEC_SEND = 7; + + private static final short CS_CLIENT_FINISHED_SEND = 8; + + private static final short CS_SERVER_CHANGE_CIPHER_SPEC_RECEIVED = 9; + + private static final short CS_DONE = 10; + + protected static final short AP_close_notify = 0; + + protected static final short AP_unexpected_message = 10; + + protected static final short AP_bad_record_mac = 20; + + protected static final short AP_decryption_failed = 21; + + protected static final short AP_record_overflow = 22; + + protected static final short AP_decompression_failure = 30; + + protected static final short AP_handshake_failure = 40; + + protected static final short AP_bad_certificate = 42; + + protected static final short AP_unsupported_certificate = 43; + + protected static final short AP_certificate_revoked = 44; + + protected static final short AP_certificate_expired = 45; + + protected static final short AP_certificate_unknown = 46; + + protected static final short AP_illegal_parameter = 47; + + protected static final short AP_unknown_ca = 48; + + protected static final short AP_access_denied = 49; + + protected static final short AP_decode_error = 50; + + protected static final short AP_decrypt_error = 51; + + protected static final short AP_export_restriction = 60; + + protected static final short AP_protocol_version = 70; + + protected static final short AP_insufficient_security = 71; + + protected static final short AP_internal_error = 80; + + protected static final short AP_user_canceled = 90; + + protected static final short AP_no_renegotiation = 100; + + protected static final short AL_warning = 1; + + protected static final short AL_fatal = 2; + + private static final byte[] emptybuf = new byte[0]; + + private static final String TLS_ERROR_MESSAGE = "Internal TLS error"; + + /* + * Queues for data from some protocolls. + */ + + private ByteQueue applicationDataQueue = new ByteQueue(); + + private ByteQueue changeCipherSpecQueue = new ByteQueue(); + + private ByteQueue alertQueue = new ByteQueue(); + + private ByteQueue handshakeQueue = new ByteQueue(); + + /* + * The Record Stream we use + */ + + private RecordStream rs; + + private SecureRandom random; + + /* + * The public rsa-key of the server. + */ + + private RSAKeyParameters serverRsaKey = null; + + private boolean closed = false; + + private boolean failedWithError = false; + + private boolean appDataReady = false; + + private byte[] clientRandom; + + private byte[] serverRandom; + + private byte[] ms; + + private TlsCipherSuite choosenCipherSuite = null; + + private BigInteger Yc; + + private byte[] pms; + + private CertificateVerifyer verifyer = null; + + public TlsProtocolHandler() + { + /* + * We use our threaded seed generator to generate a good random seed. If + * the user has a better random seed, he should use the constructor with + * a SecureRandom. + */ + ThreadedSeedGenerator tsg = new ThreadedSeedGenerator(); + this.random = new SecureRandom(); + /* + * Hopefully, 20 bytes in fast mode are good enough. + */ + this.random.setSeed(tsg.generateSeed(20, true)); + + this.rs = new RecordStream(this); + } + + public TlsProtocolHandler(SecureRandom sr) + { + this.random = sr; + this.rs = new RecordStream(this); + } + + private short connection_state; + + protected void processData(short protocol, byte[] buf, int offset, int len) throws IOException + { + /* + * Have a look at the protocol type, and add it to the correct queue. + */ + switch (protocol) + { + case RL_CHANGE_CIPHER_SPEC: + changeCipherSpecQueue.addData(buf, offset, len); + processChangeCipherSpec(); + break; + case RL_ALERT: + alertQueue.addData(buf, offset, len); + processAlert(); + break; + case RL_HANDSHAKE: + handshakeQueue.addData(buf, offset, len); + processHandshake(); + break; + case RL_APPLICATION_DATA: + if (!appDataReady) + { + this.failWithError(AL_fatal, AP_unexpected_message); + } + applicationDataQueue.addData(buf, offset, len); + processApplicationData(); + break; + default: + /* + * Uh, we don't know this protocol. RFC2246 defines on page 13, that + * we should ignore this. + */ + + } + } + + private void processHandshake() throws IOException + { + boolean read; + do + { + read = false; + + /* + * We need the first 4 bytes, they contain type and length of the + * message. + */ + if (handshakeQueue.size() >= 4) + { + byte[] beginning = new byte[4]; + handshakeQueue.read(beginning, 0, 4, 0); + ByteArrayInputStream bis = new ByteArrayInputStream(beginning); + short type = TlsUtils.readUint8(bis); + int len = TlsUtils.readUint24(bis); + + /* + * Check if we have enough bytes in the buffer to read the full + * message. + */ + if (handshakeQueue.size() >= (len + 4)) + { + /* + * Read the message. + */ + byte[] buf = new byte[len]; + handshakeQueue.read(buf, 0, len, 4); + handshakeQueue.removeData(len + 4); + + /* + * If it is not a finished message, update our hashes we + * prepare for the finish message. + */ + if (type != HP_FINISHED) + { + rs.hash1.update(beginning, 0, 4); + rs.hash2.update(beginning, 0, 4); + rs.hash1.update(buf, 0, len); + rs.hash2.update(buf, 0, len); + } + + /* + * Now, parse the message. + */ + ByteArrayInputStream is = new ByteArrayInputStream(buf); + + /* + * Check the type. + */ + switch (type) + { + case HP_CERTIFICATE: + switch (connection_state) + { + case CS_SERVER_HELLO_RECEIVED: + /* + * Parse the certificates. + */ + Certificate cert = Certificate.parse(is); + assertEmpty(is); + + /* + * Verify them. + */ + if (!this.verifyer.isValid(cert.getCerts())) + { + this.failWithError(AL_fatal, AP_user_canceled); + } + + /* + * We only support RSA certificates. Lets hope this + * is one. + */ + RSAPublicKeyStructure rsaKey = null; + try + { + rsaKey = RSAPublicKeyStructure.getInstance(cert.certs[0].getTBSCertificate().getSubjectPublicKeyInfo().getPublicKey()); + } + catch (Exception e) + { + /* + * Sorry, we have to fail ;-( + */ + this.failWithError(AL_fatal, AP_unsupported_certificate); + } + + /* + * Parse the servers public RSA key. + */ + this.serverRsaKey = new RSAKeyParameters(false, rsaKey.getModulus(), rsaKey.getPublicExponent()); + + connection_state = CS_SERVER_CERTIFICATE_RECEIVED; + read = true; + break; + default: + this.failWithError(AL_fatal, AP_unexpected_message); + } + break; + case HP_FINISHED: + switch (connection_state) + { + case CS_SERVER_CHANGE_CIPHER_SPEC_RECEIVED: + /* + * Read the checksum from the finished message, it + * has always 12 bytes. + */ + byte[] receivedChecksum = new byte[12]; + TlsUtils.readFully(receivedChecksum, is); + assertEmpty(is); + + /* + * Calculate our owne checksum. + */ + byte[] checksum = new byte[12]; + byte[] md5andsha1 = new byte[16 + 20]; + rs.hash2.doFinal(md5andsha1, 0); + TlsUtils.PRF(this.ms, TlsUtils.toByteArray("server finished"), md5andsha1, checksum); + + /* + * Compare both checksums. + */ + for (int i = 0; i < receivedChecksum.length; i++) + { + if (receivedChecksum[i] != checksum[i]) + { + /* + * Wrong checksum in the finished message. + */ + this.failWithError(AL_fatal, AP_handshake_failure); + } + } + + connection_state = CS_DONE; + + /* + * We are now ready to receive application data. + */ + this.appDataReady = true; + read = true; + break; + default: + this.failWithError(AL_fatal, AP_unexpected_message); + } + break; + case HP_SERVER_HELLO: + switch (connection_state) + { + case CS_CLIENT_HELLO_SEND: + /* + * Read the server hello message + */ + TlsUtils.checkVersion(is, this); + + /* + * Read the server random + */ + this.serverRandom = new byte[32]; + TlsUtils.readFully(this.serverRandom, is); + + /* + * Currenty, we don't support session ids + */ + short sessionIdLength = TlsUtils.readUint8(is); + byte[] sessionId = new byte[sessionIdLength]; + TlsUtils.readFully(sessionId, is); + + /* + * Find out which ciphersuite the server has + * choosen. If we don't support this ciphersuite, + * the TlsCipherSuiteManager will throw an + * exception. + */ + this.choosenCipherSuite = TlsCipherSuiteManager.getCipherSuite(TlsUtils.readUint16(is), this); + + /* + * We support only the null compression which means + * no compression. + */ + short compressionMethod = TlsUtils.readUint8(is); + if (compressionMethod != 0) + { + this.failWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_illegal_parameter); + } + assertEmpty(is); + + connection_state = CS_SERVER_HELLO_RECEIVED; + read = true; + break; + default: + this.failWithError(AL_fatal, AP_unexpected_message); + } + break; + case HP_SERVER_HELLO_DONE: + switch (connection_state) + { + + case CS_SERVER_CERTIFICATE_RECEIVED: + /* + * There was no server key exchange message, check + * that we are doing RSA key exchange. + */ + if (this.choosenCipherSuite.getKeyExchangeAlgorithm() != TlsCipherSuite.KE_RSA) + { + this.failWithError(AL_fatal, AP_unexpected_message); + } + + /* + * NB: Fall through to next case label to continue + * RSA key exchange + */ + + case CS_SERVER_KEY_EXCHANGE_RECEIVED: + + assertEmpty(is); + connection_state = CS_SERVER_HELLO_DONE_RECEIVED; + + /* + * Send the client key exchange message, depending + * on the key exchange we are using in our + * ciphersuite. + */ + short ke = this.choosenCipherSuite.getKeyExchangeAlgorithm(); + + switch (ke) + { + case TlsCipherSuite.KE_RSA: + /* + * We are doing RSA key exchange. We will choose + * a pre master secret and send it rsa encrypted + * to the server. Prepare pre master secret. + */ + pms = new byte[48]; + pms[0] = 3; + pms[1] = 1; + for (int i = 2; i < 48; i++) + { + pms[i] = (byte) random.nextInt(); + } + + /* + * Encode the pms and send it to the server. + * Prepare an PKCS1Encoding with good random + * padding. + */ + RSABlindedEngine rsa = new RSABlindedEngine(); + PKCS1Encoding encoding = new PKCS1Encoding(rsa); + encoding.init(true, new ParametersWithRandom(this.serverRsaKey, this.random)); + byte[] encrypted = null; + try + { + encrypted = encoding.processBlock(pms, 0, pms.length); + } + catch (InvalidCipherTextException e) + { + /* + * This should never happen, only during + * decryption. + */ + this.failWithError(AL_fatal, AP_internal_error); + } + + /* + * Send the encrypted pms. + */ + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + TlsUtils.writeUint8(HP_CLIENT_KEY_EXCHANGE, bos); + TlsUtils.writeUint24(encrypted.length + 2, bos); + TlsUtils.writeUint16(encrypted.length, bos); + bos.write(encrypted); + byte[] message = bos.toByteArray(); + + rs.writeMessage((short) RL_HANDSHAKE, message, 0, message.length); + break; + case TlsCipherSuite.KE_DHE_RSA: + /* + * Send the Client Key Exchange message for DHE + * key exchange. + */ + byte[] YcByte = this.Yc.toByteArray(); + ByteArrayOutputStream DHbos = new ByteArrayOutputStream(); + TlsUtils.writeUint8(HP_CLIENT_KEY_EXCHANGE, DHbos); + TlsUtils.writeUint24(YcByte.length + 2, DHbos); + TlsUtils.writeUint16(YcByte.length, DHbos); + DHbos.write(YcByte); + byte[] DHmessage = DHbos.toByteArray(); + + rs.writeMessage((short) RL_HANDSHAKE, DHmessage, 0, DHmessage.length); + + break; + default: + /* + * Proble during handshake, we don't know how to + * thandle this key exchange method. + */ + this.failWithError(AL_fatal, AP_unexpected_message); + + } + + connection_state = CS_CLIENT_KEY_EXCHANGE_SEND; + + /* + * Now, we send change cipher state + */ + byte[] cmessage = new byte[1]; + cmessage[0] = 1; + rs.writeMessage((short) RL_CHANGE_CIPHER_SPEC, cmessage, 0, cmessage.length); + + connection_state = CS_CLIENT_CHANGE_CIPHER_SPEC_SEND; + + /* + * Calculate the ms + */ + this.ms = new byte[48]; + byte[] random = new byte[clientRandom.length + serverRandom.length]; + System.arraycopy(clientRandom, 0, random, 0, clientRandom.length); + System.arraycopy(serverRandom, 0, random, clientRandom.length, serverRandom.length); + TlsUtils.PRF(pms, TlsUtils.toByteArray("master secret"), random, this.ms); + + /* + * Initialize our cipher suite + */ + rs.writeSuite = this.choosenCipherSuite; + rs.writeSuite.init(this.ms, clientRandom, serverRandom); + + /* + * Send our finished message. + */ + byte[] checksum = new byte[12]; + byte[] md5andsha1 = new byte[16 + 20]; + rs.hash1.doFinal(md5andsha1, 0); + TlsUtils.PRF(this.ms, TlsUtils.toByteArray("client finished"), md5andsha1, checksum); + + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + TlsUtils.writeUint8(HP_FINISHED, bos); + TlsUtils.writeUint24(12, bos); + bos.write(checksum); + byte[] message = bos.toByteArray(); + + rs.writeMessage((short) RL_HANDSHAKE, message, 0, message.length); + + this.connection_state = CS_CLIENT_FINISHED_SEND; + read = true; + break; + default: + this.failWithError(AL_fatal, AP_handshake_failure); + } + break; + case HP_SERVER_KEY_EXCHANGE: + switch (connection_state) + { + case CS_SERVER_CERTIFICATE_RECEIVED: + /* + * Check that we are doing DHE key exchange + */ + if (this.choosenCipherSuite.getKeyExchangeAlgorithm() != TlsCipherSuite.KE_DHE_RSA) + { + this.failWithError(AL_fatal, AP_unexpected_message); + } + + /* + * Parse the Structure + */ + int pLength = TlsUtils.readUint16(is); + byte[] pByte = new byte[pLength]; + TlsUtils.readFully(pByte, is); + + int gLength = TlsUtils.readUint16(is); + byte[] gByte = new byte[gLength]; + TlsUtils.readFully(gByte, is); + + int YsLength = TlsUtils.readUint16(is); + byte[] YsByte = new byte[YsLength]; + TlsUtils.readFully(YsByte, is); + + int sigLength = TlsUtils.readUint16(is); + byte[] sigByte = new byte[sigLength]; + TlsUtils.readFully(sigByte, is); + + this.assertEmpty(is); + + /* + * Verify the Signature. First, calculate the hash. + */ + CombinedHash sigDigest = new CombinedHash(); + ByteArrayOutputStream signedData = new ByteArrayOutputStream(); + TlsUtils.writeUint16(pLength, signedData); + signedData.write(pByte); + TlsUtils.writeUint16(gLength, signedData); + signedData.write(gByte); + TlsUtils.writeUint16(YsLength, signedData); + signedData.write(YsByte); + byte[] signed = signedData.toByteArray(); + + sigDigest.update(this.clientRandom, 0, this.clientRandom.length); + sigDigest.update(this.serverRandom, 0, this.serverRandom.length); + sigDigest.update(signed, 0, signed.length); + byte[] hash = new byte[sigDigest.getDigestSize()]; + sigDigest.doFinal(hash, 0); + + /* + * Now, do the RSA operation + */ + RSABlindedEngine rsa = new RSABlindedEngine(); + PKCS1Encoding encoding = new PKCS1Encoding(rsa); + encoding.init(false, this.serverRsaKey); + + /* + * The data which was signed + */ + byte[] sigHash = null; + + try + { + sigHash = encoding.processBlock(sigByte, 0, sigByte.length); + } + catch (InvalidCipherTextException e) + { + this.failWithError(AL_fatal, AP_bad_certificate); + } + + /* + * Check if the data which was signed is equal to + * the hash we calculated. + */ + if (sigHash.length != hash.length) + { + this.failWithError(AL_fatal, AP_bad_certificate); + } + + for (int i = 0; i < sigHash.length; i++) + { + if (sigHash[i] != hash[i]) + { + this.failWithError(AL_fatal, AP_bad_certificate); + } + } + + /* + * OK, Signature was correct. Do the DH calculation. + */ + BigInteger p = new BigInteger(1, pByte); + BigInteger g = new BigInteger(1, gByte); + BigInteger Ys = new BigInteger(1, YsByte); + BigInteger x = new BigInteger(p.bitLength() - 1, this.random); + Yc = g.modPow(x, p); + this.pms = (Ys.modPow(x, p)).toByteArray(); + + /* + * Remove leading zero byte, if present. + */ + if (this.pms[0] == 0) + { + byte[] tmp = new byte[this.pms.length - 1]; + System.arraycopy(this.pms, 1, tmp, 0, tmp.length); + this.pms = tmp; + } + + this.connection_state = CS_SERVER_KEY_EXCHANGE_RECEIVED; + read = true; + break; + default: + this.failWithError(AL_fatal, AP_unexpected_message); + } + break; + case HP_HELLO_REQUEST: + case HP_CLIENT_KEY_EXCHANGE: + case HP_CERTIFICATE_REQUEST: + case HP_CERTIFICATE_VERIFY: + case HP_CLIENT_HELLO: + default: + // We do not support this! + this.failWithError(AL_fatal, AP_unexpected_message); + break; + + } + + } + } + } + while (read); + + } + + private void processApplicationData() + { + /* + * There is nothing we need to do here. This function could be used for + * callbacks when application data arrives in the future. + */ + } + + private void processAlert() throws IOException + { + while (alertQueue.size() >= 2) + { + /* + * An alert is always 2 bytes. Read the alert. + */ + byte[] tmp = new byte[2]; + alertQueue.read(tmp, 0, 2, 0); + alertQueue.removeData(2); + short level = tmp[0]; + short description = tmp[1]; + if (level == AL_fatal) + { + /* + * This is a fatal error. + */ + this.failedWithError = true; + this.closed = true; + /* + * Now try to close the stream, ignore errors. + */ + try + { + rs.close(); + } + catch (Exception e) + { + + } + throw new IOException(TLS_ERROR_MESSAGE); + } + else + { + /* + * This is just a warning. + */ + if (description == AP_close_notify) + { + /* + * Close notify + */ + this.failWithError(AL_warning, AP_close_notify); + } + /* + * If it is just a warning, we continue. + */ + } + } + + } + + /** + * This method is called, when a change cipher spec message is received. + * + * @throws IOException If the message has an invalid content or the + * handshake is not in the correct state. + */ + private void processChangeCipherSpec() throws IOException + { + while (changeCipherSpecQueue.size() > 0) + { + /* + * A change cipher spec message is only one byte with the value 1. + */ + byte[] b = new byte[1]; + changeCipherSpecQueue.read(b, 0, 1, 0); + changeCipherSpecQueue.removeData(1); + if (b[0] != 1) + { + /* + * This should never happen. + */ + this.failWithError(AL_fatal, AP_unexpected_message); + + } + else + { + /* + * Check if we are in the correct connection state. + */ + if (this.connection_state == CS_CLIENT_FINISHED_SEND) + { + rs.readSuite = rs.writeSuite; + this.connection_state = CS_SERVER_CHANGE_CIPHER_SPEC_RECEIVED; + } + else + { + /* + * We are not in the correct connection state. + */ + this.failWithError(AL_fatal, AP_handshake_failure); + } + + } + } + + } + + /** + * Connects to the remote system. + * + * @param verifyer Will be used when a certificate is received to verify + * that this certificate is accepted by the client. + * @throws IOException If handshake was not successfull. + */ + public void clientHello(ByteArrayOutputStream dest, CertificateVerifyer verifyer) throws IOException + { + this.verifyer = verifyer; + + /* + * Send Client hello First, generate some random data. + */ + this.clientRandom = new byte[32]; + int t = (int) (System.currentTimeMillis() / 1000); + this.clientRandom[0] = (byte) (t >> 24); + this.clientRandom[1] = (byte) (t >> 16); + this.clientRandom[2] = (byte) (t >> 8); + this.clientRandom[3] = (byte) t; + + for (int i = 4; i < clientRandom.length; i++) + { + this.clientRandom[i] = (byte) random.nextInt(); + } + + ByteArrayOutputStream os = new ByteArrayOutputStream(); + TlsUtils.writeVersion(os); + os.write(this.clientRandom); + + /* + * Length of Session id + */ + TlsUtils.writeUint8((short) 0, os); + + /* + * Cipher suites + */ + TlsCipherSuiteManager.writeCipherSuites(os); + + /* + * Compression methods, just the null method. + */ + byte[] compressionMethods = new byte[] { 0x00 }; + TlsUtils.writeUint8((short) compressionMethods.length, os); + os.write(compressionMethods); + + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + TlsUtils.writeUint8(HP_CLIENT_HELLO, bos); + TlsUtils.writeUint24(os.size(), bos); + bos.write(os.toByteArray()); + byte[] message = bos.toByteArray(); + rs.setOutputStream(dest); + rs.writeMessage(RL_HANDSHAKE, message, 0, message.length); + connection_state = CS_CLIENT_HELLO_SEND; + } + + public void serverHello(ByteArrayInputStream is, ByteArrayOutputStream os) throws IOException + { + /* + * We will now read data, until we have completed the handshake. + */ + rs.setInputStream(is); + rs.setOutputStream(os); + while (is.available() > 0) + { + rs.readData(); + } + } + + public void writeApplicationData(ByteArrayInputStream is, ByteArrayOutputStream os, byte[] b) throws IOException + { + /* + * We will now read data, until we have completed the handshake. + */ + rs.setInputStream(is); + rs.setOutputStream(os); + writeData(b, 0, b.length); + } + + public byte[] readApplicationData(ByteArrayInputStream is, ByteArrayOutputStream os) throws IOException + { + /* + * We will now read data, until we have completed the handshake. + */ + rs.setInputStream(is); + rs.setOutputStream(os); + return readApplicationData(); + } + + /** + * Read data from the network. The method will return immed, if there is + * still some data left in the buffer, or block untill some application data + * has been read from the network. + * + * @param buf The buffer where the data will be copied to. + * @param offset The position where the data will be placed in the buffer. + * @param len The maximum number of bytes to read. + * @return The number of bytes read. + * @throws IOException If something goes wrong during reading data. + */ + protected byte[] readApplicationData() throws IOException + { + while (rs.hasMore()) + { + /* + * We need to read some data. + */ + if (this.failedWithError) + { + /* + * Something went terribly wrong, we should throw an IOException + */ + throw new IOException(TLS_ERROR_MESSAGE); + } + if (this.closed) + { + /* + * Connection has been closed, there is no more data to read. + */ + return null; + } + + try + { + rs.readData(); + } + catch (IOException e) + { + if (!this.closed) + { + this.failWithError(AL_fatal, AP_internal_error); + } + } + catch (RuntimeException e) + { + if (!this.closed) + { + this.failWithError(AL_fatal, AP_internal_error); + } + throw e; + } + } + int len = applicationDataQueue.size(); + byte[] b = new byte[len]; + applicationDataQueue.read(b, 0, len, 0); + applicationDataQueue.removeData(len); + return b; + } + + /** + * Send some application data to the remote system.

The method will + * handle fragmentation internally. + * + * @param buf The buffer with the data. + * @param offset The position in the buffer where the data is placed. + * @param len The length of the data. + * @throws IOException If something goes wrong during sending. + */ + protected void writeData(byte[] buf, int offset, int len) throws IOException + { + if (this.failedWithError) + { + throw new IOException(TLS_ERROR_MESSAGE); + } + if (this.closed) + { + throw new IOException("Sorry, connection has been closed, you cannot write more data"); + } + + /* + * Protect against known IV attack! DO NOT REMOVE THIS LINE, EXCEPT YOU + * KNOW EXACTLY WHAT YOU ARE DOING HERE. + */ + rs.writeMessage(RL_APPLICATION_DATA, emptybuf, 0, 0); + + do + { + /* + * We are only allowed to write fragments up to 2^14 bytes. + */ + int toWrite = Math.min(len, 1 << 14); + + try + { + rs.writeMessage(RL_APPLICATION_DATA, buf, offset, toWrite); + } + catch (IOException e) + { + if (!closed) + { + this.failWithError(AL_fatal, AP_internal_error); + } + throw e; + } + catch (RuntimeException e) + { + if (!closed) + { + this.failWithError(AL_fatal, AP_internal_error); + } + throw e; + } + + offset += toWrite; + len -= toWrite; + } + while (len > 0); + + } + + /** + * Terminate this connection whith an alert.

Can be used for normal + * closure too. + * + * @param alertLevel The level of the alert, an be AL_fatal or AL_warning. + * @param alertDescription The exact alert message. + * @throws IOException If alert was fatal. + */ + protected void failWithError(short alertLevel, short alertDescription) throws IOException + { + /* + * Check if the connection is still open. + */ + if (!closed) + { + /* + * Prepare the message + */ + byte[] error = new byte[2]; + error[0] = (byte) alertLevel; + error[1] = (byte) alertDescription; + this.closed = true; + + if (alertLevel == AL_fatal) + { + /* + * This is a fatal message. + */ + this.failedWithError = true; + } + rs.writeMessage(RL_ALERT, error, 0, 2); + rs.close(); + if (alertLevel == AL_fatal) + { + throw new IOException(TLS_ERROR_MESSAGE); + } + + } + else + { + throw new IOException(TLS_ERROR_MESSAGE); + } + + } + + /** + * Make sure the InputStream is now empty. Fail otherwise. + * + * @param is The InputStream to check. + * @throws IOException If is is not empty. + */ + protected void assertEmpty(ByteArrayInputStream is) throws IOException + { + if (is.available() > 0) + { + this.failWithError(AL_fatal, AP_decode_error); + } + } + + protected void flush() throws IOException + { + rs.flush(); + } +} diff --git a/extended/src/main/java/net/jradius/client/auth/tls/TlsUtils.java b/extended/src/main/java/net/jradius/client/auth/tls/TlsUtils.java new file mode 100644 index 0000000..e371e88 --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/tls/TlsUtils.java @@ -0,0 +1,240 @@ +package net.jradius.client.auth.tls; + +import java.io.EOFException; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; + +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.digests.MD5Digest; +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.crypto.params.KeyParameter; + +/** + * Some helper fuctions for MicroTLS. + */ +public class TlsUtils +{ + static byte[] toByteArray(String str) + { + char[] chars = str.toCharArray(); + byte[] bytes = new byte[chars.length]; + + for (int i = 0; i != bytes.length; i++) + { + bytes[i] = (byte)chars[i]; + } + + return bytes; + } + + protected static void writeUint8(short i, OutputStream os) throws IOException + { + os.write(i); + } + + protected static void writeUint8(short i, byte[] buf, int offset) + { + buf[offset] = (byte)i; + } + + protected static void writeUint16(int i, OutputStream os) throws IOException + { + os.write(i >> 8); + os.write(i); + } + + protected static void writeUint16(int i, byte[] buf, int offset) + { + buf[offset] = (byte)(i >> 8); + buf[offset + 1] = (byte)i; + } + + protected static void writeUint24(int i, OutputStream os) throws IOException + { + os.write(i >> 16); + os.write(i >> 8); + os.write(i); + } + + protected static void writeUint24(int i, byte[] buf, int offset) + { + buf[offset] = (byte)(i >> 16); + buf[offset + 1] = (byte)(i >> 8); + buf[offset + 2] = (byte)(i); + } + + protected static void writeUint32(long i, OutputStream os) throws IOException + { + os.write((int)(i >> 24)); + os.write((int)(i >> 16)); + os.write((int)(i >> 8)); + os.write((int)(i)); + } + + protected static void writeUint32(long i, byte[] buf, int offset) + { + buf[offset] = (byte)(i >> 24); + buf[offset + 1] = (byte)(i >> 16); + buf[offset + 2] = (byte)(i >> 8); + buf[offset + 3] = (byte)(i); + } + + protected static void writeUint64(long i, OutputStream os) throws IOException + { + os.write((int)(i >> 56)); + os.write((int)(i >> 48)); + os.write((int)(i >> 40)); + os.write((int)(i >> 32)); + os.write((int)(i >> 24)); + os.write((int)(i >> 16)); + os.write((int)(i >> 8)); + os.write((int)(i)); + } + + + protected static void writeUint64(long i, byte[] buf, int offset) + { + buf[offset] = (byte)(i >> 56); + buf[offset + 1] = (byte)(i >> 48); + buf[offset + 2] = (byte)(i >> 40); + buf[offset + 3] = (byte)(i >> 32); + buf[offset + 4] = (byte)(i >> 24); + buf[offset + 5] = (byte)(i >> 16); + buf[offset + 6] = (byte)(i >> 8); + buf[offset + 7] = (byte)(i); + } + + + protected static short readUint8(InputStream is) throws IOException + { + int i = is.read(); + if (i == -1) + { + throw new EOFException(); + } + return (short)i; + } + + protected static int readUint16(InputStream is) throws IOException + { + int i1 = is.read(); + int i2 = is.read(); + if ((i1 | i2) < 0) + { + throw new EOFException(); + } + return i1 << 8 | i2; + } + + protected static int readUint24(InputStream is) throws IOException + { + int i1 = is.read(); + int i2 = is.read(); + int i3 = is.read(); + if ((i1 | i2 | i3) < 0) + { + throw new EOFException(); + } + return (i1 << 16) | (i2 << 8) | i3; + } + + protected static long readUint32(InputStream is) throws IOException + { + int i1 = is.read(); + int i2 = is.read(); + int i3 = is.read(); + int i4 = is.read(); + if ((i1 | i2 | i3 | i4) < 0) + { + throw new EOFException(); + } + return (((long)i1) << 24) | (((long)i2) << 16) | (((long)i3) << 8) | ((long)i4); + } + + protected static void readFully(byte[] buf, InputStream is) throws IOException + { + int read = 0; + int i = 0; + do + { + i = is.read(buf, read, (buf.length - read)); + if (i == -1) + { + throw new EOFException(); + } + read += i; + } + while (read != buf.length); + } + + protected static void checkVersion(byte[] readVersion, TlsProtocolHandler handler) throws IOException + { + if ((readVersion[0] != 3) || (readVersion[1] != 1)) + { + handler.failWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_protocol_version); + } + } + + protected static void checkVersion(InputStream is, TlsProtocolHandler handler) throws IOException + { + int i1 = is.read(); + int i2 = is.read(); + if ((i1 != 3) || (i2 != 1)) + { + handler.failWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_protocol_version); + } + } + + protected static void writeVersion(OutputStream os) throws IOException + { + os.write(3); + os.write(1); + } + + private static void hmac_hash(Digest digest, byte[] secret, byte[] seed, byte[] out) + { + HMac mac = new HMac(digest); + KeyParameter param = new KeyParameter(secret); + byte[] a = seed; + int size = digest.getDigestSize(); + int iterations = (out.length + size - 1) / size; + byte[] buf = new byte[mac.getMacSize()]; + byte[] buf2 = new byte[mac.getMacSize()]; + for (int i = 0; i < iterations; i++) + { + mac.init(param); + mac.update(a, 0, a.length); + mac.doFinal(buf, 0); + a = buf; + mac.init(param); + mac.update(a, 0, a.length); + mac.update(seed, 0, seed.length); + mac.doFinal(buf2, 0); + System.arraycopy(buf2, 0, out, (size * i), Math.min(size, out.length - (size * i))); + } + } + + protected static void PRF(byte[] secret, byte[] label, byte[] seed, byte[] buf) + { + int s_half = (secret.length + 1) / 2; + byte[] s1 = new byte[s_half]; + byte[] s2 = new byte[s_half]; + System.arraycopy(secret, 0, s1, 0, s_half); + System.arraycopy(secret, secret.length - s_half, s2, 0, s_half); + + byte[] ls = new byte[label.length + seed.length]; + System.arraycopy(label, 0, ls, 0, label.length); + System.arraycopy(seed, 0, ls, label.length, seed.length); + + byte[] prf = new byte[buf.length]; + hmac_hash(new MD5Digest(), s1, ls, prf); + hmac_hash(new SHA1Digest(), s2, ls, buf); + for (int i = 0; i < buf.length; i++) + { + buf[i] ^= prf[i]; + } + } + +} diff --git a/extended/src/main/java/net/jradius/client/auth/tls/package.html b/extended/src/main/java/net/jradius/client/auth/tls/package.html new file mode 100644 index 0000000..0f6ff68 --- /dev/null +++ b/extended/src/main/java/net/jradius/client/auth/tls/package.html @@ -0,0 +1,26 @@ + + +This package is a copy (with modifications) of the Bouncy Castle TLS package. It was copied +here for modification since the BC API was not built around interfaces and required the given +TlsProtocolHandler, which was simply not very suitable for this application. However, not much +had to change, just the handling of the i/o. +

+Copyright (c) 2000-2006 The Legion Of The Bouncy Castle (http://www.bouncycastle.org) +

+Permission is hereby granted, free of charge, to any person obtaining a copy of this software +and associated documentation files (the "Software"), to deal in the Software without restriction, +including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, +and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: +

+The above copyright notice and this permission notice shall be included in all copies or substantial +portions of the Software. +

+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, +INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR +PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. + + diff --git a/extended/src/main/java/net/jradius/client/gui/AttributesTableEntry.java b/extended/src/main/java/net/jradius/client/gui/AttributesTableEntry.java new file mode 100644 index 0000000..8913d6c --- /dev/null +++ b/extended/src/main/java/net/jradius/client/gui/AttributesTableEntry.java @@ -0,0 +1,159 @@ +/** + * JRadiusSimulator + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.gui; + +import java.io.Serializable; + +/** + * An Entry in the JRadiusSimulator Attributes Table. + * @author David Bird + */ +public class AttributesTableEntry implements Serializable { + + private static final long serialVersionUID = (long)0; + + private String attributeName = ""; + private String attributeValue = ""; + private Boolean accessRequest = Boolean.FALSE; + private Boolean tunnelRequest = Boolean.FALSE; + private Boolean accountingStart = Boolean.FALSE; + private Boolean accountingUpdate = Boolean.FALSE; + private Boolean accountingStop = Boolean.FALSE; + private Class valueClass; + + public AttributesTableEntry() + { + } + + /** + * @return Returns the accessRequest. + */ + public Boolean getAccessRequest() { + return accessRequest; + } + + /** + * @param accessRequest The accessRequest to set. + */ + public void setAccessRequest(Boolean accessRequest) { + this.accessRequest = accessRequest; + } + + /** + * @return Returns the accountingStart. + */ + public Boolean getAccountingStart() { + return accountingStart; + } + + /** + * @param accountingStart The accountingStart to set. + */ + public void setAccountingStart(Boolean accountingStart) { + this.accountingStart = accountingStart; + } + + /** + * @return Returns the accountingUpdate. + */ + public Boolean getAccountingUpdate() { + return accountingUpdate; + } + + /** + * @param accountingUpdate The accountingUpdate to set. + */ + public void setAccountingUpdate(Boolean accountingUpdate) { + this.accountingUpdate = accountingUpdate; + } + + /** + * @return Returns the accountingStop. + */ + public Boolean getAccountingStop() { + return accountingStop; + } + + /** + * @param accountingStop The accountingStop to set. + */ + public void setAccountingStop(Boolean accountingStop) { + this.accountingStop = accountingStop; + } + + /** + * @return Returns the attributeName. + */ + public String getAttributeName() { + return attributeName; + } + + /** + * @param attributeName The attributeName to set. + */ + public void setAttributeName(String attributeName) { + this.attributeName = attributeName; + } + + /** + * @return Returns the attributeValue. + */ + public String getAttributeValue() { + return attributeValue; + } + + /** + * @param attributeValue The attributeValue to set. + */ + public void setAttributeValue(String attributeValue) { + this.attributeValue = attributeValue; + } + + /** + * @return Returns the tunnelRequest. + */ + public Boolean getTunnelRequest() { + return tunnelRequest; + } + + /** + * @param tunnelRequest The tunnelRequest to set. + */ + public void setTunnelRequest(Boolean tunnelRequest) { + this.tunnelRequest = tunnelRequest; + } + + /** + * @return Returns the valueClass. + */ + public Class getValueClass() { + return valueClass; + } + + /** + * @param valueClass The valueClass to set. + */ + public void setValueClass(Class valueClass) { + this.valueClass = valueClass; + } + +}; + diff --git a/extended/src/main/java/net/jradius/client/gui/AttributesTableModel.java b/extended/src/main/java/net/jradius/client/gui/AttributesTableModel.java new file mode 100644 index 0000000..3036997 --- /dev/null +++ b/extended/src/main/java/net/jradius/client/gui/AttributesTableModel.java @@ -0,0 +1,158 @@ +/** + * JRadiusSimulator + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.gui; + +import java.util.ArrayList; + +import javax.swing.table.AbstractTableModel; + +import net.jradius.exception.RadiusException; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.RadiusAttribute; + + +/** + * TableModel for the AttributesTable in the JRadiusClient. + * @author David Bird + */ +public class AttributesTableModel extends AbstractTableModel { + + private static final long serialVersionUID = (long)0; + + private final String headers[] = { + "Attribute Name", + "AccessReq", + "TunnelReq", + "AcctStart", + "AcctUpdate", + "AcctStop", + "Attribute Value" + }; + + private ArrayList entries = new ArrayList(); + + /* (non-Javadoc) + * @see javax.swing.table.AbstractTableModel#getColumnName(int) + */ + public String getColumnName(int count) { + return headers[count]; + } + + /* (non-Javadoc) + * @see javax.swing.table.TableModel#getColumnCount() + */ + public int getColumnCount() { + return headers.length; + } + + /* (non-Javadoc) + * @see javax.swing.table.TableModel#getRowCount() + */ + public int getRowCount() { + return entries.size(); + } + + /* (non-Javadoc) + * @see javax.swing.table.TableModel#getValueAt(int, int) + */ + public Object getValueAt(int row, int col) { + AttributesTableEntry entry = (AttributesTableEntry)entries.get(row); + switch(col) { + case 0: return entry.getAttributeName(); + case 1: return entry.getAccessRequest(); + case 2: return entry.getTunnelRequest(); + case 3: return entry.getAccountingStart(); + case 4: return entry.getAccountingUpdate(); + case 5: return entry.getAccountingStop(); + case 6: return entry.getAttributeValue(); + } + return null; + } + + /* (non-Javadoc) + * @see javax.swing.table.AbstractTableModel#getColumnClass(int) + */ + public Class getColumnClass(int col) { + if (col == 0 || col == 6) return String.class; + return Boolean.class; + } + + /* + * Don't need to implement this method unless your table's + * editable. + */ + public boolean isCellEditable(int row, int col) { + if (col == 0) return false; + return true; + } + + /* (non-Javadoc) + * @see javax.swing.table.AbstractTableModel#setValueAt(java.lang.Object, int, int) + */ + public void setValueAt(Object v, int row, int col) { + AttributesTableEntry entry = (AttributesTableEntry)entries.get(row); + switch(col) { + case 0: entry.setAttributeName((String)v); break; + case 1: entry.setAccessRequest((Boolean)v); break; + case 2: entry.setTunnelRequest((Boolean)v); break; + case 3: entry.setAccountingStart((Boolean)v); break; + case 4: entry.setAccountingUpdate((Boolean)v); break; + case 5: entry.setAccountingStop((Boolean)v); break; + case 6: entry.setAttributeValue((String)v); break; + } + fireTableCellUpdated(row, col); + } + + public AttributesTableEntry addAttribute(String attributeName) throws RadiusException + { + RadiusAttribute attribute = AttributeFactory.newAttribute(attributeName); + AttributesTableEntry entry = new AttributesTableEntry(); + entry.setAttributeName(attributeName); + entry.setValueClass(attribute.getValue().getClass()); + entries.add(entry); + return entry; + } + + public AttributesTableEntry addAttribute(RadiusAttribute attribute) throws RadiusException + { + AttributesTableEntry entry = new AttributesTableEntry(); + entry.setAttributeName(attribute.getAttributeName()); + entry.setValueClass(attribute.getValue().getClass()); + entries.add(entry); + return entry; + } + + /** + * @return Returns the entries. + */ + public ArrayList getEntries() + { + return entries; + } + + /** + * @param entries The entries to set. + */ + public void setEntries(ArrayList entries) + { + if (entries != null) this.entries = entries; + } +} diff --git a/extended/src/main/java/net/jradius/client/gui/JRadiusSimulator.java b/extended/src/main/java/net/jradius/client/gui/JRadiusSimulator.java new file mode 100644 index 0000000..e3e03e4 --- /dev/null +++ b/extended/src/main/java/net/jradius/client/gui/JRadiusSimulator.java @@ -0,0 +1,2352 @@ +/** + * JRadiusSimulator + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (C) 2006-2007 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.gui; + +import java.awt.BorderLayout; +import java.awt.Component; +import java.awt.Event; +import java.awt.GridBagConstraints; +import java.awt.GridBagLayout; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.awt.event.KeyEvent; +import java.io.File; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.PrintStream; +import java.net.ConnectException; +import java.net.InetAddress; +import java.net.URL; +import java.text.NumberFormat; +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.LinkedList; +import java.util.Map; +import java.util.Properties; + +import javax.swing.AbstractButton; +import javax.swing.AbstractCellEditor; +import javax.swing.JButton; +import javax.swing.JCheckBox; +import javax.swing.JComboBox; +import javax.swing.JComponent; +import javax.swing.JDialog; +import javax.swing.JFileChooser; +import javax.swing.JFormattedTextField; +import javax.swing.JFrame; +import javax.swing.JLabel; +import javax.swing.JMenu; +import javax.swing.JMenuBar; +import javax.swing.JMenuItem; +import javax.swing.JOptionPane; +import javax.swing.JPanel; +import javax.swing.JScrollPane; +import javax.swing.JTabbedPane; +import javax.swing.JTable; +import javax.swing.JTextField; +import javax.swing.JToggleButton; +import javax.swing.JTree; +import javax.swing.KeyStroke; +import javax.swing.table.TableCellEditor; +import javax.swing.table.TableColumn; +import javax.swing.text.NumberFormatter; +import javax.swing.tree.DefaultMutableTreeNode; +import javax.swing.tree.TreePath; + +import net.jradius.client.RadiusClient; +import net.jradius.client.auth.EAPAKAAuthenticator; +import net.jradius.client.auth.RadiusAuthenticator; +import net.jradius.client.auth.TunnelAuthenticator; +import net.jradius.dictionary.Attr_AcctSessionId; +import net.jradius.dictionary.Attr_AcctStatusType; +import net.jradius.dictionary.Attr_Class; +import net.jradius.dictionary.Attr_EAPAkaCK; +import net.jradius.dictionary.Attr_EAPAkaIK; +import net.jradius.dictionary.Attr_ReplyMessage; +import net.jradius.exception.RadiusException; +import net.jradius.exception.StandardViolatedException; +import net.jradius.packet.AccessReject; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.CoARequest; +import net.jradius.packet.DisconnectRequest; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.RadiusRequest; +import net.jradius.packet.RadiusResponse; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.packet.attribute.VSADictionary; +import net.jradius.packet.attribute.AttributeFactory.VendorValue; +import net.jradius.packet.attribute.value.IntegerValue; +import net.jradius.packet.attribute.value.NamedValue; +import net.jradius.packet.attribute.value.NamedValue.NamedValueMap; +import net.jradius.standard.IRAPStandard; +import net.jradius.standard.RadiusStandard; +import net.jradius.standard.WISPrStandard; +import net.jradius.util.Base64; +import net.jradius.util.RadiusRandom; + +/** + * Java Swing Graphical User Interface for the JRadius RADIUS Client. + * @author David Bird + */ +public class JRadiusSimulator extends JFrame implements Runnable +{ + private static final long serialVersionUID = (long)0; + public static final String logSepLine = "----------------------------------------------------------"; + private static String configFileUrl = "file:///" + System.getProperty("user.home") + "/.jRadiusSimulator"; + private String[] authTypeNames = { "PAP", "CHAP", "MSCHAPv1", "MSCHAPv2", "EAP-MD5", "EAP-MSCHAPv2", "EAP-TLS", "PEAP", "EAP-TTLS/PAP" }; + private String[] keystoreTypes = { "PKCS12", "JKS" }; + private Properties properties; + private Thread[] simulationThreads = null; + boolean interactiveSession = false; + private final HashMap namedValueComponentCache = new HashMap(); + private NumberFormatter numberFormatter; + private PrintStream logSent; + private PrintStream logRecv; + private PrintStream logErr; + private AttributesTableModel attributesTableModel = new AttributesTableModel(); + private JMenuBar jJMenuBar = null; + private JMenu fileMenu = null; + private JMenu helpMenu = null; + private JMenuItem exitMenuItem = null; + private JMenuItem aboutMenuItem = null; + private JMenuItem saveMenuItem = null; + private JMenuItem saveAsMenuItem = null; + private JMenuItem openMenuItem = null; + private JMenuItem openUrlMenuItem = null; + private JTabbedPane mainTabPane = null; + private JPanel radiusPanel = null; + private JPanel diameterPanel = null; + private JPanel dhcpPanel = null; + private JPanel logPanel = null; + private JPanel runStatusPanel = null; + private LogConsole logConsole = null; + private JPanel logButtonPanel = null; + private JPanel mainContentPane = null; + private JButton clearLogButton = null; + private JButton saveLogButton = null; + private JToggleButton runButton = null; + private JScrollPane attributesTableScrollPane = null; + private JTable attributesTable = null; + private JPanel sendOptionsPanel = null; + private JButton addAttributeButton = null; + private JDialog addAttributeDialog = null; + private JPanel addAttributeContentPane = null; + private JTree attributeTree = null; + private JPanel addAttributePanel = null; + private JComboBox authTypeComboBox = null; + private JComboBox checkStandardComboBox = null; + private JPanel attributesPanel = null; + private JPanel keysPanel = null; + private JPanel keysOptionsPanel = null; + private JTextField radiusServerTextField = null; + private JTextField tlsKeyFileTextField = null; + private JTextField tlsKeyPasswordTextField = null; + private JTextField tlsCAFileTextField = null; + private JTextField tlsCAPasswordTextField = null; + private JTextField akaIKTextField = null; + private JTextField akaCKTextField = null; + private JFormattedTextField requestersTextField = null; + private JFormattedTextField requestsTextField = null; + private JComboBox tlsKeyFileTypeComboBox = null; + private JComboBox tlsCAFileTypeComboBox = null; + private JCheckBox tlsTrustAll = null; + private JCheckBox tlsUseJavaRootCA = null; + private JLabel radiusServerLabel = null; + private JTextField sharedSecretTextField = null; + private JButton doneButton = null; + private JScrollPane attributeTreeScrollPane = null; + private JPanel attributeTreeScrollPanel = null; + private JButton addButton = null; + private JComboBox simulationTypeComboBox = null; + private JPanel attributesButtonPanel = null; + private JButton removeAttributeButton = null; + private JButton moveUpButton = null; + private JButton moveDownButton = null; + private JFormattedTextField radiusAuthPortTextField = null; + private JFormattedTextField radiusAcctPortTextField = null; + private JFormattedTextField radiusRetriesTextField = null; + private JFormattedTextField radiusTimeoutTextField = null; + private JFormattedTextField radiusInterimIntervalTextField = null; + private JFormattedTextField sessionTimeTextField = null; + private JCheckBox generateAcctSessionIdCheckBox = null; + private JCheckBox notStopOnRejectCheckBox = null; + private JCheckBox notSendClassAttribute = null; + private JDialog openUrlDialog = null; + private JPanel openUrlContentPane = null; + private JTextField openUrlTextField = null; + private JButton openUrlButton = null; + private JLabel openUrlStatusLabel = null; + private JButton cancelUrlButton = null; + private JLabel statusLabel = null; + private boolean isJava14 = false; + + /** + * This is the default constructor + */ + public JRadiusSimulator() { + super(); + + // Security.addProvider(new BouncyCastleProvider()); + String version = System.getProperty("java.version"); + if (version.startsWith("1.4")) + { + isJava14 = true; + for (int i = 0; i < authTypeNames.length; i++) + { + if (authTypeNames[i].startsWith("EAP-T")) + { + authTypeNames[i] += " (requires Java 1.5)"; + } + } + } + initialize(); + } + + private boolean windows; + + /** + * This method initializes this + * + * @return void + */ + private void initialize() { + this.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); + this.setJMenuBar(getJJMenuBar()); + this.setSize(650, 500); + this.setContentPane(getMainContentPane()); + this.setTitle("JRadiusSimulator"); + this.setVisible(true); + + String osName = System.getProperty("os.name"); + if (osName.indexOf("Windows") != -1) windows = true; + else windows = false; + + logSent = new PrintStream(logConsole.createFilteredStream(LogConsole.CATEGORY_PACKETS_SENT)); + logRecv = new PrintStream(logConsole.createFilteredStream(LogConsole.CATEGORY_PACKETS_RECV)); + logErr = new PrintStream(logConsole.createFilteredStream(LogConsole.CATEGORY_ERROR)); + + AttributeFactory.loadAttributeDictionary("net.jradius.dictionary.AttributeDictionaryImpl"); + try { loadConfigFile(configFileUrl); } catch (Exception e) { e.printStackTrace(); } + statusLabel.setText("Ready"); + fileMenu.setEnabled(true); + mainTabPane.setEnabled(true); + runButton.setEnabled(true); + } + + private void loadConfigFile(String url) throws IOException + { + this.properties = new Properties(); + loadConfigFile(new URL(url).openStream()); + } + + private void loadConfigFile(InputStream inputStream) throws IOException + { + this.properties.load(inputStream); + + String s = this.properties.getProperty("AttributesTableEntries"); + if (s != null) + { + attributesTableModel.setEntries((ArrayList)Base64.decodeToObject(s)); + attributesTableModel.fireTableDataChanged(); + } + + s = this.properties.getProperty("RadiusServer"); + if (s != null) radiusServerTextField.setText(s); + + s = this.properties.getProperty("SharedSecret"); + if (s != null) sharedSecretTextField.setText(s); + + s = this.properties.getProperty("AuthPort"); + if (s != null) radiusAuthPortTextField.setValue(new Integer(s)); + + s = this.properties.getProperty("AcctPort"); + if (s != null) radiusAcctPortTextField.setValue(new Integer(s)); + + s = this.properties.getProperty("Retries"); + if (s != null) radiusRetriesTextField.setValue(new Integer(s)); + + s = this.properties.getProperty("Timeout"); + if (s != null) radiusTimeoutTextField.setValue(new Integer(s)); + + s = this.properties.getProperty("Requesters"); + if (s != null) requestersTextField.setValue(new Integer(s)); + + s = this.properties.getProperty("Requests"); + if (s != null) requestsTextField.setValue(new Integer(s)); + + s = this.properties.getProperty("SimulationType"); + if (s != null) try { simulationTypeComboBox.setSelectedIndex(Integer.parseInt(s)); } catch (Exception e) { } + + s = this.properties.getProperty("AuthType"); + if (s != null) try { authTypeComboBox.setSelectedIndex(Integer.parseInt(s)); } catch (Exception e) { } + + s = this.properties.getProperty("CheckStandard"); + if (s != null) try { checkStandardComboBox.setSelectedIndex(Integer.parseInt(s)); } catch (Exception e) { } + + s = this.properties.getProperty("GenerateAcctSessionId"); + if (s != null) try { generateAcctSessionIdCheckBox.setSelected(new Boolean(s).booleanValue()); } catch (Exception e) { } + + s = this.properties.getProperty("StopOnReject"); + if (s != null) try { notStopOnRejectCheckBox.setSelected(new Boolean(s).booleanValue()); } catch (Exception e) { } + + s = this.properties.getProperty("SendClassAttr"); + if (s != null) try { notSendClassAttribute.setSelected(new Boolean(s).booleanValue()); } catch (Exception e) { } + + s = this.properties.getProperty("AKAIK"); + if (s != null) akaIKTextField.setText(s); + + s = this.properties.getProperty("AKACK"); + if (s != null) akaCKTextField.setText(s); + + s = this.properties.getProperty("TLSKeyFile"); + if (s != null) tlsKeyFileTextField.setText(s); + + s = this.properties.getProperty("TLSKeyPassword"); + if (s != null) tlsKeyPasswordTextField.setText(s); + + s = this.properties.getProperty("TLSCAFile"); + if (s != null) tlsCAFileTextField.setText(s); + + s = this.properties.getProperty("TLSCAPassword"); + if (s != null) tlsCAPasswordTextField.setText(s); + + s = this.properties.getProperty("TLSKeyFileType"); + if (s != null) try { tlsKeyFileTypeComboBox.setSelectedIndex(Integer.parseInt(s)); } catch (Exception e) { } + + s = this.properties.getProperty("TLSCAFileType"); + if (s != null) try { tlsCAFileTypeComboBox.setSelectedIndex(Integer.parseInt(s)); } catch (Exception e) { } + + s = this.properties.getProperty("TLSTrustAll"); + if (s != null) try { tlsTrustAll.setSelected(new Boolean(s).booleanValue()); } catch (Exception e) { } + + //s = this.properties.getProperty("TLSUseJavaCA"); + //if (s != null) try { tlsUseJavaRootCA.setSelected(new Boolean(s).booleanValue()); } catch (Exception e) { } + } + + private void saveConfigFile(String fileName) + { + try + { + String encodedAttributes = Base64.encodeObject(attributesTableModel.getEntries(), Base64.GZIP | Base64.DONT_BREAK_LINES); + this.properties.setProperty("AttributesTableEntries", encodedAttributes); + this.properties.setProperty("RadiusServer", radiusServerTextField.getText()); + this.properties.setProperty("SharedSecret", sharedSecretTextField.getText()); + this.properties.setProperty("SimulationType", "" + simulationTypeComboBox.getSelectedIndex()); + this.properties.setProperty("AuthType", "" + authTypeComboBox.getSelectedIndex()); + this.properties.setProperty("CheckStandard", "" + checkStandardComboBox.getSelectedIndex()); + this.properties.setProperty("AuthPort", ((Integer)radiusAuthPortTextField.getValue()).toString()); + this.properties.setProperty("AcctPort", ((Integer)radiusAcctPortTextField.getValue()).toString()); + this.properties.setProperty("Retries", ((Integer)radiusRetriesTextField.getValue()).toString()); + this.properties.setProperty("Timeout", ((Integer)radiusTimeoutTextField.getValue()).toString()); + this.properties.setProperty("Requesters", ((Integer)requestersTextField.getValue()).toString()); + this.properties.setProperty("Requests", ((Integer)requestsTextField.getValue()).toString()); + this.properties.setProperty("GenerateAcctSessionId", Boolean.toString(generateAcctSessionIdCheckBox.isSelected())); + this.properties.setProperty("StopOnReject", Boolean.toString(notStopOnRejectCheckBox.isSelected())); + this.properties.setProperty("SendClassAttr", Boolean.toString(notSendClassAttribute.isSelected())); + this.properties.setProperty("AKAIK", akaIKTextField.getText()); + this.properties.setProperty("AKACK", akaCKTextField.getText()); + this.properties.setProperty("TLSKeyFile", tlsKeyFileTextField.getText()); + this.properties.setProperty("TLSKeyPassword", tlsKeyPasswordTextField.getText()); + this.properties.setProperty("TLSCAFile", tlsCAFileTextField.getText()); + this.properties.setProperty("TLSCAPassword", tlsCAPasswordTextField.getText()); + this.properties.setProperty("TLSKeyFileType", "" + tlsKeyFileTypeComboBox.getSelectedIndex()); + this.properties.setProperty("TLSCAFileType", "" + tlsCAFileTypeComboBox.getSelectedIndex()); + this.properties.setProperty("TLSTrustAll", Boolean.toString(tlsTrustAll.isSelected())); + //this.properties.setProperty("TLSUseJavaCA", Boolean.toString(tlsUseJavaRootCA.isSelected())); + FileOutputStream fileOutputStream = new FileOutputStream(fileName); + this.properties.store(fileOutputStream, "JRadiusSimulator"); + } + catch(Exception e) { e.printStackTrace(); } + } + + public static void setConfigFileUrl(String fileName) + { + configFileUrl = fileName; + } + + /** + * This method initializes jJMenuBar + * + * @return javax.swing.JMenuBar + */ + private JMenuBar getJJMenuBar() { + if (jJMenuBar == null) { + jJMenuBar = new JMenuBar(); + jJMenuBar.add(getFileMenu()); + jJMenuBar.add(getHelpMenu()); + } + return jJMenuBar; + } + + /** + * This method initializes jMenu + * + * @return javax.swing.JMenu + */ + private JMenu getFileMenu() { + if (fileMenu == null) { + fileMenu = new JMenu(); + fileMenu.setText("File"); + fileMenu.add(getSaveMenuItem()); + fileMenu.add(getSaveAsMenuItem()); + fileMenu.add(getOpenMenuItem()); + fileMenu.add(getOpenUrlMenuItem()); + fileMenu.add(getExitMenuItem()); + fileMenu.setEnabled(false); + } + return fileMenu; + } + + /** + * This method initializes jMenu + * + * @return javax.swing.JMenu + */ + private JMenu getHelpMenu() { + if (helpMenu == null) { + helpMenu = new JMenu(); + helpMenu.setText("Help"); + helpMenu.add(getAboutMenuItem()); + } + return helpMenu; + } + + /** + * This method initializes jMenuItem + * + * @return javax.swing.JMenuItem + */ + private JMenuItem getExitMenuItem() { + if (exitMenuItem == null) { + exitMenuItem = new JMenuItem(); + exitMenuItem.setText("Exit"); + exitMenuItem.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) { + System.exit(0); + } + }); + } + return exitMenuItem; + } + + /** + * This method initializes jMenuItem + * + * @return javax.swing.JMenuItem + */ + private JMenuItem getAboutMenuItem() { + if (aboutMenuItem == null) { + aboutMenuItem = new JMenuItem(); + aboutMenuItem.setText("About"); + aboutMenuItem.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) { + JOptionPane.showMessageDialog(JRadiusSimulator.this, + "Version 1.1.0\n\n" + + "For help, go to http://jradius.net/\n" + + "Licensed under the GNU Public License (GPL).\n" + + "Copyright (c) 2006 PicoPoint B.V.\n" + + "Copyright (c) 2007-2008 David Bird\n", + "About JRadiusSimulator", JOptionPane.INFORMATION_MESSAGE, null); + } + }); + } + return aboutMenuItem; + } + + /** + * This method initializes jMenuItem + * + * @return javax.swing.JMenuItem + */ + private JMenuItem getSaveMenuItem() { + if (saveMenuItem == null) { + saveMenuItem = new JMenuItem(); + saveMenuItem.setText("Save"); + saveMenuItem.setAccelerator(KeyStroke.getKeyStroke(KeyEvent.VK_S, Event.CTRL_MASK, true)); + saveMenuItem.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) { + if (configFileUrl.startsWith("file:///")) + saveConfigFile(configFileUrl.substring(7)); + else + doSaveAs(); + } + }); + } + return saveMenuItem; + } + + /** + * This method initializes jMenuItem + * + * @return javax.swing.JMenuItem + */ + private JMenuItem getSaveAsMenuItem() { + if (saveAsMenuItem == null) { + saveAsMenuItem = new JMenuItem(); + saveAsMenuItem.setText("Save As"); + saveAsMenuItem.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) { + doSaveAs(); + } + }); + } + return saveAsMenuItem; + } + + private void doSaveAs() + { + JFileChooser chooser = new JFileChooser(); + int returnVal = chooser.showSaveDialog(JRadiusSimulator.this); + if (returnVal == JFileChooser.APPROVE_OPTION) { + File file = chooser.getSelectedFile(); + saveConfigFile(file.getAbsolutePath()); + } + } + + /** + * This method initializes jMenuItem + * + * @return javax.swing.JMenuItem + */ + private JMenuItem getOpenMenuItem() { + if (openMenuItem == null) { + openMenuItem = new JMenuItem(); + openMenuItem.setText("Open"); + openMenuItem.setAccelerator(KeyStroke.getKeyStroke(KeyEvent.VK_O, Event.CTRL_MASK, true)); + openMenuItem.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) { + JFileChooser chooser = new JFileChooser(); + int returnVal = chooser.showOpenDialog(JRadiusSimulator.this); + if (returnVal == JFileChooser.APPROVE_OPTION) { + File file = chooser.getSelectedFile(); + try + { + loadConfigFile("file:///" + file.getAbsolutePath()); + } + catch(Exception ex) + { + JOptionPane.showMessageDialog(null, ex.getMessage(), "Error", JOptionPane.ERROR_MESSAGE); + ex.printStackTrace(); + } + } + } + }); + } + return openMenuItem; + } + + /** + * This method initializes jMenuItem + * + * @return javax.swing.JMenuItem + */ + private JMenuItem getOpenUrlMenuItem() { + if (openUrlMenuItem == null) { + openUrlMenuItem = new JMenuItem(); + openUrlMenuItem.setText("Open Url"); + openUrlMenuItem.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) { + getOpenUrlDialog().setVisible(true); + } + }); + } + return openUrlMenuItem; + } + + /** + * This method initializes mainTabPane + * + * @return javax.swing.JTabbedPane + */ + private JTabbedPane getMainTabPane() { + if (mainTabPane == null) { + mainTabPane = new JTabbedPane(); + mainTabPane.addTab("RADIUS", null, getRADIUSPanel(), null); + //mainTabPane.addTab("Diameter", null, getDiameterPanel(), null); + //mainTabPane.addTab("DHCP", null, getDHCPPanel(), null); + mainTabPane.addTab("Attributes", null, getAttributesPanel(), null); + mainTabPane.addTab("Keys", null, getKeysPanel(), null); + mainTabPane.addTab("Log", null, getLogPanel(), null); + mainTabPane.setEnabled(false); + } + return mainTabPane; + } + + /** + * This method initializes radiusPanel + * + * @return javax.swing.JPanel + */ + private JPanel getRADIUSPanel() { + if (radiusPanel == null) { + radiusPanel = new JPanel(); + radiusPanel.setLayout(new BorderLayout()); + radiusPanel.add(getRunStatusPanel(), java.awt.BorderLayout.SOUTH); + radiusPanel.add(getSendOptionsPanel(), java.awt.BorderLayout.NORTH); + } + return radiusPanel; + } + + /** + * This method initializes diameterPanel + * + * @return javax.swing.JPanel + */ + private JPanel getDHCPPanel() { + if (dhcpPanel == null) { + dhcpPanel = new JPanel(); + dhcpPanel.setLayout(new BorderLayout()); + } + return dhcpPanel; + } + + /** + * This method initializes diameterPanel + * + * @return javax.swing.JPanel + */ + private JPanel getDiameterPanel() { + if (diameterPanel == null) { + diameterPanel = new JPanel(); + diameterPanel.setLayout(new BorderLayout()); + } + return diameterPanel; + } + + /** + * This method initializes logPanel + * + * @return javax.swing.JPanel + */ + private JPanel getLogPanel() { + if (logPanel == null) { + logPanel = new JPanel(); + logPanel.setLayout(new BorderLayout()); + logPanel.add(getLogConsole(), BorderLayout.CENTER); + logPanel.add(getLogButtonPanel(), java.awt.BorderLayout.SOUTH); + } + return logPanel; + } + + /** + * This method initializes progressBarPanel + * + * @return javax.swing.JPanel + */ + private JPanel getRunStatusPanel() { + if (runStatusPanel == null) { + statusLabel = new JLabel(); + statusLabel.setText("Initializing..."); + runStatusPanel = new JPanel(); + runStatusPanel.setLayout(new BorderLayout()); + runStatusPanel.add(getRunButton(), java.awt.BorderLayout.EAST); + runStatusPanel.add(statusLabel, java.awt.BorderLayout.CENTER); + } + return runStatusPanel; + } + + /** + * This method initializes logConsole + * + * @return javax.swing.JTextPane + */ + private LogConsole getLogConsole() { + if (logConsole == null) { + logConsole = new LogConsole(); + } + return logConsole; + } + + /** + * This method initializes logButtonPanel + * + * @return javax.swing.JPanel + */ + private JPanel getLogButtonPanel() { + if (logButtonPanel == null) { + logButtonPanel = new JPanel(); + logButtonPanel.add(getClearLogButton(), null); + logButtonPanel.add(getSaveLogButton(), null); + } + return logButtonPanel; + } + + /** + * This method initializes mainContentPane + * + * @return javax.swing.JPanel + */ + private JPanel getMainContentPane() { + if (mainContentPane == null) { + mainContentPane = new JPanel(); + mainContentPane.setLayout(new BorderLayout()); + mainContentPane.add(getMainTabPane(), java.awt.BorderLayout.CENTER); + } + return mainContentPane; + } + + /** + * This method initializes clearLogButton + * + * @return javax.swing.JButton + */ + private JButton getClearLogButton() { + if (clearLogButton == null) { + clearLogButton = new JButton(); + clearLogButton.setText("Clear"); + clearLogButton.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent e) { + logConsole.setText(""); + } + }); + } + return clearLogButton; + } + + /** + * This method initializes saveLogButton + * + * @return javax.swing.JButton + */ + private JButton getSaveLogButton() { + if (saveLogButton == null) { + saveLogButton = new JButton(); + saveLogButton.setText("Save"); + saveLogButton.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent e) { + JFileChooser chooser = new JFileChooser(); + int returnVal = chooser.showSaveDialog(JRadiusSimulator.this); + if (returnVal == JFileChooser.APPROVE_OPTION) { + File file = chooser.getSelectedFile(); + try + { + FileOutputStream out = new FileOutputStream(file); + out.write(logConsole.getText().getBytes()); + out.close(); + } + catch(Exception ex) + { + System.err.println(ex.getMessage()); + } + } + } + }); + } + return saveLogButton; + } + + /** + * This method initializes sendButton + * + * @return javax.swing.JButton + */ + private JToggleButton getRunButton() { + if (runButton == null) { + runButton = new JToggleButton(); + runButton.setText("Start"); + + runButton.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent e) { + AbstractButton ab = (AbstractButton)e.getSource(); + if (ab.isSelected()) + { + simulationThreads = new Thread[(Integer)requestersTextField.getValue()]; + for (int i=0; i < simulationThreads.length; i++) + { + simulationThreads[i] = new Thread(JRadiusSimulator.this); + simulationThreads[i].start(); + } + runButton.setText("Stop"); + } + else + { + if (simulationThreads != null) + { + for (int i=0; i < simulationThreads.length; i++) + { + simulationThreads[i].interrupt(); + } + } + simulationThreads = null; + statusLabel.setText("Ready"); + runButton.setText("Start"); + } + } + }); + + runButton.setEnabled(false); + } + return runButton; + } + + /** + * This method initializes attributesTableScrollPane + * + * @return javax.swing.JScrollPane + */ + private JScrollPane getAttributesTableScrollPane() + { + if (attributesTableScrollPane == null) + { + attributesTableScrollPane = new JScrollPane(); + attributesTableScrollPane.setViewportView(getAttributesTable()); + } + return attributesTableScrollPane; + } + + private class ValueTableCellEditor extends AbstractCellEditor implements TableCellEditor + { + private static final long serialVersionUID = (long)0; + private JComponent component; + + public Component getTableCellEditorComponent(JTable table, Object value, + boolean isSelected, int rowIndex, int colIndex) { + + if (isSelected) { + + } + + AttributesTableEntry entry = (AttributesTableEntry)attributesTableModel.getEntries().get(rowIndex); + if (entry.getValueClass().equals(NamedValue.class)) + { + component = createNamedValueCellEditor(entry.getAttributeName()); + ((JComboBox)component).setSelectedItem(value); + } + else if (entry.getValueClass().equals(IntegerValue.class)) + { + JFormattedTextField ftf = new JFormattedTextField(getNumberFormatter()); + Integer iValue = null; + try { iValue = new Integer((String)value); } catch (Exception e) { iValue = new Integer(0); } + ftf.setValue(iValue); + component = ftf; + } + else + { + component = new JTextField(); + ((JTextField)component).setText((String)value); + } + + component.setBorder(null); + return component; + } + + public Object getCellEditorValue() + { + if (component instanceof JComboBox) return ((JComboBox)component).getSelectedItem(); + if (component instanceof JFormattedTextField) return ((Integer)((JFormattedTextField)component).getValue()).toString(); + return ((JTextField)component).getText(); + } + + public boolean stopCellEditing() + { + if (component instanceof JFormattedTextField) + { + JFormattedTextField ftf = (JFormattedTextField)component; + if (ftf.isEditValid()) + { + try { ftf.commitEdit(); } catch (java.text.ParseException exc) { } + } + else + { + return false; + } + } + return super.stopCellEditing(); + } + } + + /** + * This method initializes attributesTable + * + * @return javax.swing.JTable + */ + private JTable getAttributesTable() { + if (attributesTable == null) { + attributesTable = new JTable(attributesTableModel); + TableColumn col = attributesTable.getColumnModel().getColumn(6); + col.setCellEditor(new ValueTableCellEditor()); + for (int i = 0; i < attributesTableModel.getColumnCount(); i++) { + col = attributesTable.getColumnModel().getColumn(i); + if (i == 0 || i == 6) { + col.setPreferredWidth(120); + } else { + col.setPreferredWidth(40); + } + } + } + return attributesTable; + } + + private JComboBox createNamedValueCellEditor(String attributeName) + { + JComboBox comboBox = (JComboBox)namedValueComponentCache.get(attributeName); + if (comboBox != null) return comboBox; + try + { + RadiusAttribute attribute = AttributeFactory.newAttribute(attributeName); + NamedValue namedValue = (NamedValue)attribute.getValue(); + NamedValueMap valueMap = namedValue.getMap(); + Long[] possibleValues = valueMap.getKnownValues(); + comboBox = new JComboBox(); + for (int i=0; i= (list.size() - 1)) return; + ArrayList newList = new ArrayList(); + Object[] oList = list.toArray(); + Object selectedObject = null; + for (int i = 0; i < oList.length; i++) + { + if (i == selectedIndex) { selectedObject = oList[i]; } + else if (i == (selectedIndex + 1)) { newList.add(oList[i]); newList.add(selectedObject); } + else { newList.add(oList[i]); } + } + attributesTableModel.setEntries(newList); + attributesTableModel.fireTableDataChanged(); + attributesTable.setRowSelectionInterval(++selectedIndex, selectedIndex); + } + }); + } + return moveDownButton; + } + + /** + * This method initializes generateAcctSessionIdCheckBox + * + * @return javax.swing.JCheckBox + */ + private JCheckBox getGenerateAcctSessionIdCheckBox() { + if (generateAcctSessionIdCheckBox == null) { + generateAcctSessionIdCheckBox = new JCheckBox(); + generateAcctSessionIdCheckBox.setText("Generate Unique Acct-Session-Id"); + } + return generateAcctSessionIdCheckBox; + } + + /** + * This method initializes tlsUseJavaRootCA + * + * @return javax.swing.JCheckBox + */ + private JCheckBox getUseJavaRootCAChainCheckBox() { + if (tlsUseJavaRootCA == null) { + tlsUseJavaRootCA = new JCheckBox(); + tlsUseJavaRootCA.setText("Use Java's Root CA Chain"); + } + return tlsUseJavaRootCA; + } + + /** + * This method initializes tlsTrustAll + * + * @return javax.swing.JCheckBox + */ + private JCheckBox getTLSTrustAllCheckBox() { + if (tlsTrustAll == null) { + tlsTrustAll = new JCheckBox(); + tlsTrustAll.setText("Trust All Server Certificates"); + } + return tlsTrustAll; + } + + /** + * This method initializes notStopOnRejectCheckBox + * + * @return javax.swing.JCheckBox + */ + private JCheckBox getNotStopOnRejectCheckBox() { + if (notStopOnRejectCheckBox == null) { + notStopOnRejectCheckBox = new JCheckBox(); + notStopOnRejectCheckBox.setText("Don't Stop Simulation On AccessReject"); + } + return notStopOnRejectCheckBox; + } + + /** + * This method initializes notSendClassAttribute + * + * @return javax.swing.JCheckBox + */ + private JCheckBox getSendClassAttributeCheckBox() { + if (notSendClassAttribute == null) { + notSendClassAttribute = new JCheckBox(); + notSendClassAttribute.setText("Don't Send The Received Class Attribute"); + } + return notSendClassAttribute; + } + + /** + * @return Returns the numberFormatter. + */ + public NumberFormatter getNumberFormatter() + { + if (numberFormatter == null) + { + numberFormatter = new NumberFormatter(NumberFormat.getIntegerInstance()); + numberFormatter.setValueClass(Integer.class); + } + return numberFormatter; + } + + /** + * This method initializes radiusAuthPortTextField + * + * @return javax.swing.JTextField + */ + private JFormattedTextField getRadiusAuthPortTextField() { + if (radiusAuthPortTextField == null) { + radiusAuthPortTextField = new JFormattedTextField(getNumberFormatter()); + radiusAuthPortTextField.setValue(new Integer(1812)); + } + return radiusAuthPortTextField; + } + + /** + * This method initializes radiusAcctPortTextField + * + * @return javax.swing.JTextField + */ + private JFormattedTextField getRadiusAcctPortTextField() { + if (radiusAcctPortTextField == null) { + radiusAcctPortTextField = new JFormattedTextField(getNumberFormatter()); + radiusAcctPortTextField.setValue(new Integer(1813)); + } + return radiusAcctPortTextField; + } + + /** + * This method initializes radiusRetriesTextField + * + * @return javax.swing.JTextField + */ + private JFormattedTextField getRadiusRetriesTextField() { + if (radiusRetriesTextField == null) { + radiusRetriesTextField = new JFormattedTextField(getNumberFormatter()); + radiusRetriesTextField.setValue(new Integer(0)); + } + return radiusRetriesTextField; + } + + /** + * This method initializes requestersTextField + * + * @return javax.swing.JTextField + */ + private JFormattedTextField getRequestersTextField() { + if (requestersTextField == null) { + requestersTextField = new JFormattedTextField(getNumberFormatter()); + requestersTextField.setValue(new Integer(1)); + } + return requestersTextField; + } + + /** + * This method initializes radiusRetriesTextField + * + * @return javax.swing.JTextField + */ + private JFormattedTextField getRequestsTextField() { + if (requestsTextField == null) { + requestsTextField = new JFormattedTextField(getNumberFormatter()); + requestsTextField.setValue(new Integer(1)); + } + return requestsTextField; + } + + /** + * This method initializes radiusRetriesTextField + * + * @return javax.swing.JTextField + */ + private JFormattedTextField getRadiusTimeoutTextField() { + if (radiusTimeoutTextField == null) { + radiusTimeoutTextField = new JFormattedTextField(getNumberFormatter()); + radiusTimeoutTextField.setValue(new Integer(10)); + } + return radiusTimeoutTextField; + } + + /** + * This method initializes radiusInterimIntervalTextField + * + * @return javax.swing.JTextField + */ + private JFormattedTextField getRadiusInterimIntervalTextField() { + if (radiusInterimIntervalTextField == null) { + radiusInterimIntervalTextField = new JFormattedTextField(getNumberFormatter()); + radiusInterimIntervalTextField.setValue(new Integer(60)); + } + return radiusInterimIntervalTextField; + } + + /** + * This method initializes sessionTimeTextField + * + * @return javax.swing.JTextField + */ + private JFormattedTextField getSessionTimeTextField() { + if (sessionTimeTextField == null) { + sessionTimeTextField = new JFormattedTextField(getNumberFormatter()); + sessionTimeTextField.setValue(new Integer(60)); + } + return sessionTimeTextField; + } + + private void checkStandard(RadiusStandard radiusStandard, RadiusPacket p) + { + if (radiusStandard != null) + { + try + { + radiusStandard.checkPacket(p); + } + catch (StandardViolatedException e) + { + statusLabel.setText(radiusStandard.getName() + " standard violated"); + logErr.println(radiusStandard.getName() + " Standard Violated: " + p.getClass().getName()); + logErr.println(logSepLine); + logErr.println("Missing attributes:"); + logErr.println(e.listAttributes("\n") + "\n"); + logErr.flush(); + } + } + } + + private RadiusStandard getRadiusStandard() + { + switch (checkStandardComboBox.getSelectedIndex()) + { + case 1: return new IRAPStandard(); + case 2: return new WISPrStandard(); + } + return null; + } + + public void run() + { + String radiusServer = radiusServerTextField.getText(); + String sharedSecret = sharedSecretTextField.getText(); + + Integer authPort = (Integer)radiusAuthPortTextField.getValue(); + Integer acctPort = (Integer)radiusAcctPortTextField.getValue(); + Integer timeout = (Integer)radiusTimeoutTextField.getValue(); + Integer retries = (Integer)radiusRetriesTextField.getValue(); + Integer requests = (Integer)requestsTextField.getValue(); + + byte[] bClass = null; + + if (radiusServer == null || sharedSecret == null || "".equals(radiusServer) || "".equals(sharedSecret)) + { + statusLabel.setText("The RADIUS Server and Shared Secret are required"); + return; + } + + if (authPort == null || acctPort == null) + { + statusLabel.setText("The Auth Port and Acct Port must be set"); + return; + } + + for (int r=0; r 0) + { + String url = args[0]; + File file = new File(url); + if (file.exists()) url = "file:///" + file.getAbsolutePath(); + JRadiusSimulator.setConfigFileUrl(url); + } + JRadiusSimulator application = new JRadiusSimulator(); + application.setVisible(true); + } + + public boolean isWindows() + { + return windows; + } + + public byte[] toBinArray(String hexStr) + { + hexStr = hexStr.replace("0x", ""); + byte bArray[] = new byte[hexStr.length()/2]; + for (int i=0; i<(hexStr.length()/2); i++) + { + byte firstNibble = Byte.parseByte(hexStr.substring(2*i,2*i+1),16); + byte secondNibble = Byte.parseByte(hexStr.substring(2*i+1,2*i+2),16); + int finalByte = (secondNibble) | (firstNibble << 4 ); + bArray[i] = (byte) finalByte; + } + return bArray; + } + +} // @jve:decl-index=0:visual-constraint="10,10" diff --git a/extended/src/main/java/net/jradius/client/gui/LogConsole.java b/extended/src/main/java/net/jradius/client/gui/LogConsole.java new file mode 100644 index 0000000..b9ac09e --- /dev/null +++ b/extended/src/main/java/net/jradius/client/gui/LogConsole.java @@ -0,0 +1,249 @@ +/** + * JRadiusSimulator + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.client.gui; + +import java.awt.BorderLayout; +import java.awt.Color; +import java.awt.event.AdjustmentEvent; +import java.awt.event.AdjustmentListener; +import java.io.FileDescriptor; +import java.io.FileOutputStream; +import java.io.OutputStream; +import java.io.PrintStream; +import java.text.SimpleDateFormat; +import java.util.Date; + +import javax.swing.JComponent; +import javax.swing.JScrollBar; +import javax.swing.JScrollPane; +import javax.swing.JTextPane; +import javax.swing.SwingUtilities; +import javax.swing.text.Document; +import javax.swing.text.SimpleAttributeSet; +import javax.swing.text.StyleConstants; + +/** + * Console Log JComponent. + * @author David Bird + */ +public final class LogConsole extends JComponent implements AdjustmentListener { + private static final long serialVersionUID = (long)0; + private static LogConsole singleton = null; + + public static LogConsole getInstance() { return singleton; } + + public static final String CATEGORY_DEFAULT = "sent"; + public static final String CATEGORY_PACKETS_SENT = "sent"; + public static final String CATEGORY_PACKETS_RECV = "recv"; + public static final String CATEGORY_ERROR = "err"; + + private static final PrintStream out = new PrintStream( + new FileOutputStream(FileDescriptor.out)); + + private static final PrintStream err = new PrintStream( + new FileOutputStream(FileDescriptor.err)); + + private JTextPane console = new JTextPane(); + + private JScrollPane container = new JScrollPane(console); + + private String TSPattern = null; + + private SimpleDateFormat sdf = null; + + private Color clrSent = Color.BLUE; + private Color clrRecv = Color.MAGENTA; + private Color clrError = Color.RED; + + private String defaultText = null; + + private boolean autoScroll = true; + + public LogConsole() { + this(""); + } + + public LogConsole(String defaultText) { + this.defaultText = defaultText; + setLayout(new BorderLayout()); + add(container, BorderLayout.CENTER); + console.setEditable(false); + console.getCaret().setBlinkRate(0); + container.setHorizontalScrollBarPolicy(JScrollPane.HORIZONTAL_SCROLLBAR_NEVER); + container.setVerticalScrollBarPolicy(JScrollPane.VERTICAL_SCROLLBAR_ALWAYS); + container.getVerticalScrollBar().addAdjustmentListener(this); + singleton = this; + } + + public Document getDocument() { + return console.getDocument(); + } + + public String getText() { + return console.getText(); + } + + public void append(String category, String s) { + SimpleAttributeSet sas = new SimpleAttributeSet(); + + if (s == null) + return; + if (s.trim().length() == 0) + return; + + Document doc = getDocument(); + synchronized (doc) { + + StyleConstants.setFontFamily(sas, getFont().getFamily()); + StyleConstants.setFontSize(sas, getFont().getSize()); + StyleConstants.setBold(sas, getFont().isBold()); + StyleConstants.setItalic(sas, getFont().isItalic()); + StyleConstants.setBackground(sas, getBackground()); + + if (TSPattern != null && sdf != null + && !s.equalsIgnoreCase(defaultText)) { + String ts = sdf.format(new Date()); + StyleConstants.setForeground(sas, getForeground()); + ts = ts.concat(" "); + try { + doc.insertString(doc.getLength(), ts, sas); + } catch (Exception e) { + } + } + + if (CATEGORY_PACKETS_SENT.equalsIgnoreCase(category)) { + StyleConstants.setForeground(sas, (clrSent == null ? getForeground() : clrSent)); + } else if (CATEGORY_PACKETS_RECV.equalsIgnoreCase(category)) { + StyleConstants.setForeground(sas, (clrRecv == null ? getForeground() : clrRecv)); + } else if (CATEGORY_ERROR.equalsIgnoreCase(category)) { + StyleConstants.setForeground(sas, (clrError == null ? getForeground() : clrError)); + } + + try { + doc.insertString(doc.getLength(), s, sas); + } catch (Exception e) { + e.printStackTrace(); + } + } + + if (autoScroll) { + try { + int length = doc.getLength(); + console.setCaretPosition(length); + scrollRectToVisible(console.modelToView(length - 1)); + } catch (Exception e) { + e.printStackTrace(); + } + + JScrollBar vs = container.getVerticalScrollBar(); + vs.setValue(vs.getMaximum()); + } + + console.invalidate(); + repaint(); + } + + public void append(String s) { + append(CATEGORY_PACKETS_SENT, s); + } + + public void setText(String text) { + if (text == null) + return; + try { + getDocument().remove(0, getDocument().getLength()); + if (text.trim().length() == 0) { + append((defaultText == null ? "" : defaultText)); + } else { + append(text); + } + } catch (Exception e) { + } + } + + public OutputStream createFilteredStream(String category) { + return new ConsoleOutputStream(this, category); + } + + /* + * (non-Javadoc) + * @see java.awt.event.AdjustmentListener#adjustmentValueChanged(java.awt.event.AdjustmentEvent) + */ + public void adjustmentValueChanged(AdjustmentEvent e) { + autoScroll = !e.getValueIsAdjusting(); + } + + private static class ConsoleOutputStream extends OutputStream { + private StringBuffer buf = new StringBuffer(""); + private String category = null; + private LogConsole reference; + + public ConsoleOutputStream(LogConsole owner, String category) { + reference = owner; + if (category != null) this.category = category; + else this.category = CATEGORY_DEFAULT; + } + + public synchronized void write(int b) { + buf.append(Character.toString((char) b)); + } + + public synchronized void write(byte[] b, int offset, int length) { + buf.append(new String(b, offset, length)); + } + + public synchronized void write(byte[] b) { + buf.append(new String(b)); + } + + public synchronized void flush() { + synchronized (buf) { + if (buf.length() > 0) { + char last = buf.charAt(buf.length() - 1); + if (last == '\n' || last == '\r') { + String text = buf.toString(); + SwingUtilities.invokeLater(new Appender(reference, category, text)); + buf.setLength(0); + } + } + } + } + } + + private static class Appender implements Runnable { + LogConsole textView = null; + String category = null; + String line = null; + + public Appender(LogConsole console, String category, String line) { + this.textView = console; + this.category = category; + this.line = line; + } + + public void run() { + try { + textView.append(category, line); + } catch (Throwable t) { + } + } + } +} \ No newline at end of file diff --git a/extended/src/main/java/net/jradius/client/gui/LogFactory.java b/extended/src/main/java/net/jradius/client/gui/LogFactory.java new file mode 100644 index 0000000..ce09520 --- /dev/null +++ b/extended/src/main/java/net/jradius/client/gui/LogFactory.java @@ -0,0 +1,108 @@ +package net.jradius.client.gui; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogConfigurationException; +import org.apache.commons.logging.impl.LogFactoryImpl; + +public class LogFactory extends LogFactoryImpl +{ + public Log getInstance(Class c) throws LogConfigurationException + { + return new LogImpl(); + } + + public class LogImpl implements Log + { + private void append(String text) + { + if (LogConsole.getInstance() != null) + LogConsole.getInstance().append(LogConsole.CATEGORY_ERROR, text); + } + + public void debug(Object o, Throwable arg1) + { + } + + public void debug(Object o) + { + } + + public void error(Object o, Throwable arg1) + { + append(o.toString()); + } + + public void error(Object o) + { + append(o.toString()); + } + + public void fatal(Object o, Throwable arg1) + { + append(o.toString()); + } + + public void fatal(Object o) + { + append(o.toString()); + } + + public void info(Object o, Throwable arg1) + { + } + + public void info(Object o) + { + } + + public boolean isDebugEnabled() + { + return true; + } + + public boolean isErrorEnabled() + { + return true; + } + + public boolean isFatalEnabled() + { + return true; + } + + public boolean isInfoEnabled() + { + return true; + } + + public boolean isTraceEnabled() + { + return true; + } + + public boolean isWarnEnabled() + { + return true; + } + + public void trace(Object o, Throwable arg1) + { + append(o.toString()); + } + + public void trace(Object o) + { + append(o.toString()); + } + + public void warn(Object o, Throwable arg1) + { + append(o.toString()); + } + + public void warn(Object o) + { + append(o.toString()); + } + } +}; diff --git a/extended/src/main/java/net/jradius/client/gui/package.html b/extended/src/main/java/net/jradius/client/gui/package.html new file mode 100644 index 0000000..92f6c2f --- /dev/null +++ b/extended/src/main/java/net/jradius/client/gui/package.html @@ -0,0 +1,5 @@ + + +Contains the JRadiusSimulator Java Swing Application. + + diff --git a/extended/src/main/java/net/jradius/handler/InitSessionHandler.java b/extended/src/main/java/net/jradius/handler/InitSessionHandler.java new file mode 100644 index 0000000..14ad240 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/InitSessionHandler.java @@ -0,0 +1,65 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (C) 2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler; + +import net.jradius.dictionary.vsa_jradius.Attr_JRadiusRequestId; +import net.jradius.dictionary.vsa_jradius.Attr_JRadiusSessionId; +import net.jradius.exception.RadiusException; +import net.jradius.log.JRadiusLogEntry; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.server.JRadiusRequest; +import net.jradius.session.JRadiusSession; + +/** + * Initializes and configures the JRadiusSession for the request. + * @author David Bird + */ +public class InitSessionHandler extends RadiusSessionHandler +{ + /* (non-Javadoc) + * @see net.jradius.handler.PacketHandler#handle(net.jradius.server.JRadiusRequest) + */ + public boolean handle(JRadiusRequest request) throws RadiusException + { + RadiusPacket req = request.getRequestPacket(); + AttributeList ci = request.getConfigItems(); + + JRadiusSession session = request.getSession(); + JRadiusLogEntry logEntry = session.getLogEntry(request); + + // We set the type at every stage... the function, in fact, + // only really sets the type when appropriate. + logEntry.init(request, session); + + // Put some internal values into the ConfigItems for + // easy processing of JRadius reuqests/sessions. + + if (ci.get(Attr_JRadiusSessionId.TYPE) == null) + ci.add(new Attr_JRadiusSessionId(session.getSessionKey())); + + if (ci.get(Attr_JRadiusRequestId.TYPE) == null) + ci.add(new Attr_JRadiusRequestId(Integer.toString(req.getIdentifier()))); + + return session.onPreProcessing(request); + } +} diff --git a/extended/src/main/java/net/jradius/handler/RadiusSessionHandler.java b/extended/src/main/java/net/jradius/handler/RadiusSessionHandler.java new file mode 100644 index 0000000..944a1c6 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/RadiusSessionHandler.java @@ -0,0 +1,95 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (C) 2007-2008 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler; + +import net.jradius.dictionary.Attr_AcctInputGigawords; +import net.jradius.dictionary.Attr_AcctInputOctets; +import net.jradius.dictionary.Attr_AcctInputPackets; +import net.jradius.dictionary.Attr_AcctOutputGigawords; +import net.jradius.dictionary.Attr_AcctOutputOctets; +import net.jradius.dictionary.Attr_AcctOutputPackets; +import net.jradius.dictionary.Attr_CleartextPassword; +import net.jradius.dictionary.Attr_UserPassword; +import net.jradius.exception.RadiusException; +import net.jradius.log.RadiusLog; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.server.JRadiusRequest; + + +/** + * Extended from PacketHandler, this type of handler is required to have a JRadiusSession + * @author David Bird + */ +public abstract class RadiusSessionHandler extends PacketHandlerChain +{ + public static final String ClassPrefix = "JRADIUS-CLASS:"; + + protected boolean noSessionFound(JRadiusRequest request) throws RadiusException + { + RadiusPacket req = request.getRequestPacket(); + RadiusLog.error("No session found for packet:\n" + req.toString()); + return true; + } + + protected void setPlainTextPassword(JRadiusRequest request, String password) + { + setPlainTextPassword(request, password, true); + } + + protected void setPlainTextPassword(JRadiusRequest request, String password, boolean overwrite) + { + AttributeList ci = request.getConfigItems(); + ci.add(new Attr_CleartextPassword(password), overwrite); + ci.add(new Attr_UserPassword(password), overwrite); + } + + protected void reverseAccounting(RadiusPacket req) throws RadiusException + { + Long octetsIn = (Long)req.getAttributeValue(Attr_AcctInputOctets.TYPE); + Long octetsOut = (Long)req.getAttributeValue(Attr_AcctOutputOctets.TYPE); + + Long gigaIn = (Long)req.getAttributeValue(Attr_AcctInputGigawords.TYPE); + Long gigaOut = (Long)req.getAttributeValue(Attr_AcctOutputGigawords.TYPE); + + Long packetsIn = (Long)req.getAttributeValue(Attr_AcctInputPackets.TYPE); + Long packetsOut = (Long)req.getAttributeValue(Attr_AcctOutputPackets.TYPE); + + if (octetsIn != null && octetsOut != null) + { + req.overwriteAttribute(new Attr_AcctInputOctets(octetsOut)); + req.overwriteAttribute(new Attr_AcctOutputOctets(octetsIn)); + } + + if (gigaIn != null && gigaOut != null) + { + req.overwriteAttribute(new Attr_AcctInputGigawords(gigaOut)); + req.overwriteAttribute(new Attr_AcctOutputGigawords(gigaIn)); + } + + if (packetsIn != null && packetsOut != null) + { + req.overwriteAttribute(new Attr_AcctInputPackets(packetsOut)); + req.overwriteAttribute(new Attr_AcctOutputPackets(packetsIn)); + } + } +} diff --git a/extended/src/main/java/net/jradius/handler/RunChainHandler.java b/extended/src/main/java/net/jradius/handler/RunChainHandler.java new file mode 100644 index 0000000..4b6ba36 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/RunChainHandler.java @@ -0,0 +1,62 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler; + + +import net.jradius.handler.chain.JRCommand; +import net.jradius.log.RadiusLog; +import net.jradius.server.JRadiusEvent; + +import org.apache.commons.chain.Catalog; + +/** + * @author David Bird + */ +public class RunChainHandler extends EventHandlerChain +{ + private String chainName; + + public boolean handle(JRadiusEvent event) throws Exception + { + Catalog catalog = getCatalog(); + if (catalog != null && chainName != null) + { + JRCommand c = (JRCommand)catalog.getCommand(chainName); + if (c == null) + { + RadiusLog.error("There is no command '" + chainName + "' in catalog " + getCatalogName()); + return false; + } + return execute(c, event); + } + return false; + } + + public String getChainName() + { + return chainName; + } + + public void setChainName(String chain) + { + this.chainName = chain; + } +} diff --git a/extended/src/main/java/net/jradius/handler/SessionLogHandler.java b/extended/src/main/java/net/jradius/handler/SessionLogHandler.java new file mode 100644 index 0000000..e7e7ada --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/SessionLogHandler.java @@ -0,0 +1,103 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler; + +import net.jradius.exception.RadiusException; +import net.jradius.log.JRadiusLogEntry; +import net.jradius.packet.RadiusPacket; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; +import net.jradius.session.JRadiusSession; + +public class SessionLogHandler extends RadiusSessionHandler +{ + private boolean isReply = false; // request or reply + private boolean isOutbound = false; // inbound or outbound + + public boolean handle(JRadiusRequest request) throws RadiusException + { + JRadiusSession session = request.getSession(); + if (session == null) return noSessionFound(request); + + RadiusPacket p = null; + + JRadiusLogEntry logEntry = session.getLogEntry(request); + + if (isReply) + { + p = request.getReplyPacket(); + } + else + { + p = request.getRequestPacket(); + } + + if (!isReply) + { + if (!isOutbound) + { + if (logEntry.getInboundRequest() == null) + logEntry.setInboundRequest(p.toString(false, true)); + } + else + { + if (logEntry.getOutboundRequest() == null) + logEntry.setOutboundRequest(p.toString(false, true)); + } + } + else + { + if (!isOutbound) + { + if (logEntry.getInboundReply() == null) + logEntry.setInboundReply(p.toString(false, true)); + } + else + { + if (logEntry.getOutboundReply() == null) + logEntry.setOutboundReply(p.toString(false, true)); + } + } + + request.setReturnValue(JRadiusServer.RLM_MODULE_UPDATED); + return false; + } + + public String getDirection() + { + return isOutbound ? "outbound" : "inbound"; + } + + public void setDirection(String direction) + { + isOutbound = "outbound".equals(direction); + } + + public String getPacketType() + { + return isReply ? "reply" : "request"; + } + + public void setPacketType(String packetType) + { + isReply = "reply".equals(packetType) || "response".equals(packetType); + } +} diff --git a/extended/src/main/java/net/jradius/handler/StandardCheckingHandler.java b/extended/src/main/java/net/jradius/handler/StandardCheckingHandler.java new file mode 100644 index 0000000..f1276f0 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/StandardCheckingHandler.java @@ -0,0 +1,116 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler; + +import net.jradius.exception.RadiusException; +import net.jradius.exception.StandardViolatedException; +import net.jradius.log.RadiusLog; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.RadiusRequest; +import net.jradius.packet.RadiusResponse; +import net.jradius.server.JRadiusRequest; +import net.jradius.standard.RadiusStandard; + + +/** + * A handler to verify a request complies with a standard (requires a + * standardName configuration) + * @author David Bird + */ +public class StandardCheckingHandler extends PacketHandlerBase +{ + private RadiusStandard standard; + + /** + * This handler checks the request against the configured standard. If + * the StandardViolationException is thrown, a problem report is genereate + * and sent to the RadiusLog. + * @see net.jradius.handler.PacketHandler#handle(net.jradius.server.JRadiusRequest) + */ + public boolean handle(JRadiusRequest request) throws Exception + { + if (standard == null) return false; + RadiusPacket req = request.getRequestPacket(); + RadiusPacket rep = request.getReplyPacket(); + String errMessage = ""; + RadiusException ex = null; + + if (req instanceof RadiusRequest) + { + try + { + standard.checkPacket(req); + } + catch (StandardViolatedException e) + { + errMessage += ": Request Missing: " + e.listAttributes(); + ex = e; + } + } + if (rep instanceof RadiusResponse) + { + try + { + standard.checkPacket(rep); + } + catch (StandardViolatedException e) + { + errMessage += ": Response Missing: " + e.listAttributes(); + ex = e; + } + } + if (ex != null) + { + RadiusLog.problem(request, request.getSession(), ex, errMessage.substring(2)); + } + + return false; + } + + /** + * This bean method is to support the chain configuration "standardName" + * @param name The Class Name of the standard to check against. + */ + public void setStandardName(String name) + { + try + { + Class clazz = Class.forName(name); + setStandard((RadiusStandard)clazz.newInstance()); + } + catch (Exception e) + { + RadiusLog.error("Could not initialize RadiusStandard " + name + ": " + e.getMessage()); + } + } + /** + * @return Returns the standard. + */ + public RadiusStandard getStandard() { + return standard; + } + /** + * @param standard The standard to set. + */ + public void setStandard(RadiusStandard standard) { + this.standard = standard; + } +} diff --git a/extended/src/main/java/net/jradius/handler/accounting/AccountingClassHandler.java b/extended/src/main/java/net/jradius/handler/accounting/AccountingClassHandler.java new file mode 100644 index 0000000..3ccea13 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/accounting/AccountingClassHandler.java @@ -0,0 +1,69 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.accounting; + +import net.jradius.dictionary.Attr_Class; +import net.jradius.exception.RadiusException; +import net.jradius.handler.RadiusSessionHandler; +import net.jradius.packet.RadiusPacket; +import net.jradius.server.JRadiusRequest; +import net.jradius.session.JRadiusSession; + +/** + * Check for the Class Attribute set by PostAuthorizeClassHandler. If not found, + * then add a log message stating the NAS did not support this attribute. After + * this handler, the attribute is no longer needed and is deleted. + * + * @author David Bird + * @see net.jradius.handler.authorize.PostAuthorizeClassHandler + */ +public class AccountingClassHandler extends RadiusSessionHandler +{ + public boolean handle(JRadiusRequest request) throws RadiusException + { + JRadiusSession session = request.getSession(); + if (session == null) return noSessionFound(request); + + RadiusPacket req = request.getRequestPacket(); + + byte[] bClass = (byte[]) req.getAttributeValue(Attr_Class.TYPE); + if (bClass != null) + { + String sClass = new String(bClass); + if (sClass.startsWith(ClassPrefix)) + { + if (session.getRadiusClass() != null) + { + req.overwriteAttribute(new Attr_Class(session.getRadiusClass())); + } + else + { + req.removeAttribute(Attr_Class.TYPE); + } + return false; + } + } + + session.addLogMessage(request, "Accounting without Class Attribute"); + + return false; + } +} diff --git a/extended/src/main/java/net/jradius/handler/accounting/package.html b/extended/src/main/java/net/jradius/handler/accounting/package.html new file mode 100644 index 0000000..ae464a6 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/accounting/package.html @@ -0,0 +1,5 @@ + + +Standard JRadius Accounting Packet Handlers. + + diff --git a/extended/src/main/java/net/jradius/handler/authorize/MonitoringRequestHandler.java b/extended/src/main/java/net/jradius/handler/authorize/MonitoringRequestHandler.java new file mode 100644 index 0000000..4ebe8f4 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/authorize/MonitoringRequestHandler.java @@ -0,0 +1,123 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.authorize; + +import net.jradius.dictionary.Attr_AuthType; +import net.jradius.dictionary.Attr_NASIdentifier; +import net.jradius.dictionary.Attr_ReplyMessage; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.handler.PacketHandlerBase; +import net.jradius.log.RadiusLog; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; + +/** + * A handler to reply to monitoring requests. + * + * Requests are sent back an AccessReject with an configurable Reply-Message to indicate + * a positive reply. + * + * @author David Bird + */ +public class MonitoringRequestHandler extends PacketHandlerBase +{ + private String replyMessage; + private String username; + private String nasid; + + /* (non-Javadoc) + * @see net.jradius.handler.PacketHandler#handle(net.jradius.server.JRadiusRequest) + */ + public boolean handle(JRadiusRequest request) throws Exception + { + RadiusPacket req = request.getRequestPacket(); + RadiusPacket rep = request.getReplyPacket(); + AttributeList ci = request.getConfigItems(); + + String u = (String) req.getAttributeValue(Attr_UserName.TYPE); + String n = (String) req.getAttributeValue(Attr_NASIdentifier.TYPE); + + if ((username != null && username.equals(u)) || + (nasid != null && nasid.equals(n))) + { + if (request.getType() == JRadiusServer.JRADIUS_authorize) + { + // Reject the user (which should be fine for monitoring) + // and stop processing the current handler chain + RadiusLog.info("Answering monitoring request: {User-Name = " + username + ", NAS-Identifier = " + nasid + "}"); + if (replyMessage != null) + { + rep.addAttribute(new Attr_ReplyMessage(replyMessage)); + } + ci.add(new Attr_AuthType(Attr_AuthType.Reject)); + } + return true; + } + + return false; + } + + /** + * @return Returns the nasid. + */ + public String getNasid() + { + return nasid; + } + /** + * @param nasid The nasid to set. + */ + public void setNasid(String nasid) + { + this.nasid = nasid; + } + /** + * @return Returns the replyMessage. + */ + public String getReplyMessage() + { + return replyMessage; + } + /** + * @param replyMessage The replyMessage to set. + */ + public void setReplyMessage(String replyMessage) + { + this.replyMessage = replyMessage; + } + /** + * @return Returns the username. + */ + public String getUsername() + { + return username; + } + /** + * @param username The username to set. + */ + public void setUsername(String username) + { + this.username = username; + } +} diff --git a/extended/src/main/java/net/jradius/handler/authorize/PostAuthorizeClassHandler.java b/extended/src/main/java/net/jradius/handler/authorize/PostAuthorizeClassHandler.java new file mode 100644 index 0000000..0d47342 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/authorize/PostAuthorizeClassHandler.java @@ -0,0 +1,59 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.authorize; + +import net.jradius.dictionary.Attr_Class; +import net.jradius.exception.RadiusException; +import net.jradius.handler.RadiusSessionHandler; +import net.jradius.packet.AccessAccept; +import net.jradius.packet.RadiusPacket; +import net.jradius.server.JRadiusRequest; +import net.jradius.session.JRadiusSession; + +/** + * Post-Authorize Class Attribute Handler. + * + * @author David Bird + */ +public class PostAuthorizeClassHandler extends RadiusSessionHandler +{ + public boolean handle(JRadiusRequest request) throws RadiusException + { + JRadiusSession session = request.getSession(); + if (session == null) return noSessionFound(request); + + RadiusPacket rep = request.getReplyPacket(); + + if (!(rep instanceof AccessAccept)) return false; + + byte[] spClass = (byte[]) rep.getAttributeValue(Attr_Class.TYPE); + + if (spClass != null && session.getRadiusClass() == null) + { + session.setRadiusClass(spClass); + } + + rep.overwriteAttribute(new Attr_Class((ClassPrefix + session.getSessionKey()).getBytes())); + + return false; + } +} diff --git a/extended/src/main/java/net/jradius/handler/authorize/package.html b/extended/src/main/java/net/jradius/handler/authorize/package.html new file mode 100644 index 0000000..db51c7f --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/authorize/package.html @@ -0,0 +1,5 @@ + + +Standard JRadius Packet Handlers. + + diff --git a/extended/src/main/java/net/jradius/handler/dhcp/AddressPool.java b/extended/src/main/java/net/jradius/handler/dhcp/AddressPool.java new file mode 100644 index 0000000..dcd030f --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/dhcp/AddressPool.java @@ -0,0 +1,34 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2008 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.dhcp; + +import java.net.InetAddress; +import java.net.UnknownHostException; + +public interface AddressPool +{ + public InetAddress getIP(byte[] hwa, InetAddress requested, boolean forceNew) throws UnknownHostException; + public int getLeaseTime(); + public InetAddress getNetmask(); + public InetAddress getNetwork(); + public InetAddress getRouter(); + public InetAddress[] getDns(); +} diff --git a/extended/src/main/java/net/jradius/handler/dhcp/AddressPoolImpl.java b/extended/src/main/java/net/jradius/handler/dhcp/AddressPoolImpl.java new file mode 100644 index 0000000..fd044e6 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/dhcp/AddressPoolImpl.java @@ -0,0 +1,407 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2008 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.dhcp; + +import java.io.File; +import java.io.FileWriter; +import java.io.PrintWriter; +import java.io.Serializable; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.util.Arrays; + +import net.jradius.util.RadiusRandom; +import net.jradius.util.RadiusUtils; +import net.sf.ehcache.Cache; +import net.sf.ehcache.CacheException; +import net.sf.ehcache.Ehcache; +import net.sf.ehcache.Element; +import net.sf.ehcache.event.CacheEventListener; + +public class AddressPoolImpl implements AddressPool, CacheEventListener +{ + protected String leaseFile = "/tmp/leases.dhcp"; + protected InetAddress network; + protected InetAddress netmask; + protected InetAddress router; + protected InetAddress[] dns; + protected byte next = RadiusRandom.getBytes(1)[0]; + protected int fudge = 10; + protected int leaseTime; + protected AddressPoolListener listener; + protected Cache leases; + + class MACKey implements Serializable + { + private static final long serialVersionUID = 0L; + byte[] mac; + + public MACKey(byte[] b) { mac = b; } + public byte[] getMAC() { return mac; } + + public boolean equals(Object o) + { + if (!(o instanceof MACKey)) + return false; + + if (this == o) + return true; + + byte[] omac = ((MACKey) o).getMAC(); + + if (mac.length != omac.length) + return false; + + for (int i = 0; i < mac.length; i++) + { + if (mac[i] != omac[i]) + return false; + } + + return true; + } + + public int hashCode() + { + return Arrays.hashCode(mac); + } + } + + public AddressPoolImpl() + { + } + + public AddressPoolImpl(InetAddress network, InetAddress netmask, InetAddress router, int leaseTime) + { + this.network = network; + this.netmask = netmask; + this.router = router; + this.leaseTime = leaseTime; + } + + public boolean contains(InetAddress ip) + { + if (getNetwork() == null || getNetmask() == null) + throw new RuntimeException("network/netmask requierd"); + + byte[] networkBytes = getNetwork().getAddress(); + byte[] netmaskBytes = getNetmask().getAddress(); + byte[] ipBytes = ip.getAddress(); + + if (networkBytes.length != netmaskBytes.length || netmaskBytes.length != ipBytes.length) + { + return false; + } + + for (int i=0; i < netmaskBytes.length; i++) + { + int mask = netmaskBytes[i] & 0xff; + if ((networkBytes[i] & mask) != (ipBytes[i] & mask)) + { + return false; + } + } + + return true; + } + + public InetAddress nextIP() throws UnknownHostException + { + if (getNetwork() == null || getNetmask() == null) + throw new RuntimeException("network/netmask requierd"); + + InetAddress nextAddress = null; + + do + { + byte b[] = getNetwork().getAddress(); + b[b.length-1] = next++; + nextAddress = InetAddress.getByAddress(b); + } + while(leases.get(nextAddress) != null || + (router != null && nextAddress.equals(router))); + + return nextAddress; + } + + private static InetAddress anyIPAddress; + + static { + try { anyIPAddress = InetAddress.getByAddress(new byte[] { 0, 0, 0, 0 }); } + catch (Exception e) { } + } + + public InetAddress getIP(byte[] hwa, InetAddress requested, boolean forceNew) throws UnknownHostException + { + if (leases == null) throw new RuntimeException("leases not set"); + + MACKey hwKey = new MACKey(hwa); + Element eHW = leases.get(hwKey); + Element eIP = leases.get(requested); + + if (anyIPAddress.equals(requested)) + requested = null; + + if (eHW == null) + { + /** + * Client does not yet have a leased IP address + */ + + if (requested != null) + { + /** + * Client is requesting an IP + */ + + if (!contains(requested)) + { + /** + * IP address not in our range! + */ + + return null; + } + + if (eIP != null && hwKey.equals(eIP.getValue())) + { + /** + * We owned the lease, so let's go ahead and update the IP + */ + + leases.remove(eIP.getKey()); + } + else + { + /** + * IP address is already leased + */ + + return null; + } + + eHW = new Element(hwKey, requested); + } + else + { + eHW = new Element(hwKey, nextIP()); + } + } + else + { + /** + * Client already has a leased IP + */ + + if (forceNew) + { + if (eIP != null && hwKey.equals(eIP.getValue())) + { + /** + * We owned the lease, so let's go ahead and update the IP + */ + + leases.remove(eIP.getKey()); + } + + eHW = new Element(hwKey, nextIP()); + } + else if (requested != null) + { + if (!requested.equals(eHW.getValue())) + { + /** + * Requested IP address does not match leased IP + */ + + if (eIP != null && hwKey.equals(eIP.getValue())) + { + /** + * We owned the lease, so let's go ahead and update the IP + */ + + leases.remove(eIP.getKey()); + } + else + { + return null; + } + } + } + } + + eIP = new Element(eHW.getValue(), eHW.getKey()); + + leases.put(eHW); + leases.put(eIP); + + writeLeaseFile(); + + return (InetAddress) eHW.getValue(); + } + + public void writeLeaseFile() + { + if (getLeaseFile() == null) return; + try + { + File file = new File(getLeaseFile()); + PrintWriter writer = new PrintWriter(new FileWriter(file)); + + for (Object o : leases.getKeys()) + { + if (o instanceof MACKey) + { + InetAddress inet = (InetAddress)leases.get(o).getValue(); + MACKey macKey = (MACKey)o; + + writer.print(inet.getHostAddress()); + writer.print(" "); + writer.println(RadiusUtils.byteArrayToHexString(macKey.getMAC())); + } + } + + writer.close(); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + public void notifyElementEvicted(Ehcache cache, Element e) + { + } + + public void notifyElementExpired(Ehcache cache, Element e) + { + } + + public void notifyElementPut(Ehcache cache, Element e) throws CacheException + { + } + + public void notifyElementRemoved(Ehcache cache, Element e) throws CacheException + { + } + + public void notifyElementUpdated(Ehcache cache, Element e) throws CacheException + { + } + + public void notifyRemoveAll(Ehcache cache) + { + } + + public Object clone() throws CloneNotSupportedException + { + return super.clone(); + } + + public void dispose() + { + } + + public void setFudge(int fudge) + { + this.fudge = fudge; + } + + public void setLeaseFile(String leaseFile) + { + this.leaseFile = leaseFile; + } + + public void setLeases(Cache leases) + { + this.leases = leases; + } + + public void setLeaseTime(int leaseTime) + { + this.leaseTime = leaseTime; + } + + public void setNetmask(InetAddress netmask) + { + this.netmask = netmask; + } + + public void setNetwork(InetAddress network) + { + this.network = network; + } + + public void setRouter(InetAddress router) + { + this.router = router; + } + + public String getLeaseFile() + { + return leaseFile; + } + + public Ehcache getLeases() + { + return leases; + } + + public int getLeaseTime() + { + return leaseTime; + } + + public InetAddress getNetmask() + { + return netmask; + } + + public InetAddress getNetwork() + { + return network; + } + + public InetAddress getRouter() + { + return router; + } + + public InetAddress[] getDns() + { + return dns; + } + + public void setDns(InetAddress[] dns) + { + this.dns = dns; + } + + public AddressPoolListener getListener() + { + return listener; + } + + public void setListener(AddressPoolListener listener) + { + this.listener = listener; + } +} diff --git a/extended/src/main/java/net/jradius/handler/dhcp/AddressPoolListener.java b/extended/src/main/java/net/jradius/handler/dhcp/AddressPoolListener.java new file mode 100644 index 0000000..6a94bad --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/dhcp/AddressPoolListener.java @@ -0,0 +1,32 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2008 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.dhcp; + +import java.net.InetAddress; + +import net.jradius.packet.RadiusPacket; + +public interface AddressPoolListener +{ + public InetAddress leaseFind(byte[] chaddr, InetAddress gwaddr, InetAddress requestedIp, AddressPool pool); + public void leaseSave(byte[] chaddr, InetAddress gwaddr, InetAddress yiaddr, AddressPool pool, RadiusPacket req); + public void leaseExpired(byte[] chaddr, InetAddress gwaddr, InetAddress yiaddr, AddressPool pool); +} diff --git a/extended/src/main/java/net/jradius/handler/dhcp/DHCPException.java b/extended/src/main/java/net/jradius/handler/dhcp/DHCPException.java new file mode 100644 index 0000000..ddb1ff0 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/dhcp/DHCPException.java @@ -0,0 +1,31 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2008 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.dhcp; + +public class DHCPException extends Exception +{ + private static final long serialVersionUID = 0L; + + public DHCPException(String s) + { + super(s); + } +} diff --git a/extended/src/main/java/net/jradius/handler/dhcp/DHCPPoolHandler.java b/extended/src/main/java/net/jradius/handler/dhcp/DHCPPoolHandler.java new file mode 100644 index 0000000..ec10ae6 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/dhcp/DHCPPoolHandler.java @@ -0,0 +1,197 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (c) 2006-2008 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.dhcp; + +import java.net.InetAddress; + +import net.jradius.dictionary.vsa_dhcp.Attr_DHCPClientHardwareAddress; +import net.jradius.dictionary.vsa_dhcp.Attr_DHCPClientIPAddress; +import net.jradius.dictionary.vsa_dhcp.Attr_DHCPDHCPServerIdentifier; +import net.jradius.dictionary.vsa_dhcp.Attr_DHCPDomainNameServer; +import net.jradius.dictionary.vsa_dhcp.Attr_DHCPIPAddressLeaseTime; +import net.jradius.dictionary.vsa_dhcp.Attr_DHCPMessageType; +import net.jradius.dictionary.vsa_dhcp.Attr_DHCPRequestedIPAddress; +import net.jradius.dictionary.vsa_dhcp.Attr_DHCPRouterAddress; +import net.jradius.dictionary.vsa_dhcp.Attr_DHCPSubnetMask; +import net.jradius.dictionary.vsa_dhcp.Attr_DHCPYourIPAddress; +import net.jradius.handler.PacketHandlerChain; +import net.jradius.packet.DHCPAck; +import net.jradius.packet.DHCPDecline; +import net.jradius.packet.DHCPDiscover; +import net.jradius.packet.DHCPInform; +import net.jradius.packet.DHCPNack; +import net.jradius.packet.DHCPOffer; +import net.jradius.packet.DHCPRelease; +import net.jradius.packet.DHCPRequest; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.server.JRadiusRequest; +import net.sf.ehcache.Cache; +import net.sf.ehcache.CacheManager; + +/** + * Simple DHCP IP Pool Handler for FreeRADIUS. + * + * @author David Bird + */ +public class DHCPPoolHandler extends PacketHandlerChain +{ + + public DHCPPoolHandler() + { + } + + private AddressPoolImpl _pool; + private AddressPool getDefaultPool() + { + if (_pool != null) return _pool; + + try + { + InetAddress[] dns = new InetAddress[1]; + dns[0] = InetAddress.getByName("10.1.0.1"); + + _pool = new AddressPoolImpl(); + _pool.setNetwork(InetAddress.getByName("10.1.0.0")); + _pool.setNetmask(InetAddress.getByName("255.255.0.0")); + _pool.setRouter(InetAddress.getByName("10.1.0.1")); + _pool.setLeaseTime(900); + _pool.setDns(dns); + + CacheManager cacheManager = CacheManager.create(); + Cache _leases = new Cache("ippool", 10000, true, false, 0, _pool.getLeaseTime() + 30); + cacheManager.addCache(_leases); + _pool.setLeases(_leases); + + //pool.addOption(Attr_DHCPProxyAutoDiscovery.VSA_TYPE, wpadURL); + return _pool; + } + catch (Exception e) + { + e.printStackTrace(); + } + + return null; + } + + public boolean handle(JRadiusRequest request) throws Exception + { + RadiusPacket req = request.getRequestPacket(); + + if (req.getCode() < 1024) return false; + + byte[] hwAddress = (byte[])req.getAttributeValue(Attr_DHCPClientHardwareAddress.TYPE); + if (hwAddress == null) throw new DHCPException("no hardware address"); + + return handle(request, hwAddress, getDefaultPool()); + } + + public boolean handle(JRadiusRequest request, byte[] hwAddress, AddressPool pool) throws Exception + { + RadiusPacket req = request.getRequestPacket(); + RadiusPacket rep = request.getReplyPacket(); + //AttributeList ci = request.getConfigItems(); + + InetAddress requested = (InetAddress)req.getAttributeValue(Attr_DHCPRequestedIPAddress.TYPE); + if (requested == null) requested = (InetAddress)req.getAttributeValue(Attr_DHCPClientIPAddress.TYPE); + + boolean forceRenew = req.getCode() == DHCPDecline.CODE; + + InetAddress ipAddress = pool.getIP(hwAddress, requested, forceRenew); + + // Get the reply attributes before overwriting the reply + // with the correct response, based on code. + AttributeList attributes = rep.getAttributes(); + + switch(req.getCode()) + { + case DHCPDiscover.CODE: + if (ipAddress == null && requested != null) + { + // Try to get a new IP if we did not like the request IP + ipAddress = pool.getIP(hwAddress, null, true); + } + + rep = (ipAddress == null) ? new DHCPNack() : new DHCPOffer(); + break; + + case DHCPRequest.CODE: + rep = (ipAddress == null) ? new DHCPNack() : new DHCPAck(); + break; + + case DHCPDecline.CODE: + rep = (ipAddress == null) ? new DHCPNack() : new DHCPOffer(); + break; + + case DHCPInform.CODE: + rep = new DHCPAck(); + break; + + case DHCPRelease.CODE: + rep = new DHCPAck(); + break; + + default: + return true; + } + + attributes.add(new Attr_DHCPMessageType(rep.getCode() - 1024)); + + if (ipAddress != null) + { + switch(req.getCode()) + { + case DHCPDiscover.CODE: + case DHCPRequest.CODE: + attributes.add(new Attr_DHCPYourIPAddress(ipAddress)); + attributes.add(new Attr_DHCPIPAddressLeaseTime(pool.getLeaseTime())); + attributes.add(new Attr_DHCPDHCPServerIdentifier(pool.getRouter())); + + InetAddress[] dns = pool.getDns(); + if (dns != null) + { + for (int i=0; i + +Standard JRadius Event Handlers. + + diff --git a/extended/src/main/java/net/jradius/handler/proxy/ProxyClassHandler.java b/extended/src/main/java/net/jradius/handler/proxy/ProxyClassHandler.java new file mode 100644 index 0000000..633cb1c --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/proxy/ProxyClassHandler.java @@ -0,0 +1,72 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.proxy; + +import java.util.Arrays; + +import net.jradius.dictionary.Attr_Class; +import net.jradius.handler.RadiusSessionHandler; +import net.jradius.packet.RadiusPacket; +import net.jradius.server.JRadiusRequest; +import net.jradius.session.JRadiusSession; + +/** + * Rewrites the Class Attribute with the Session Class (for use in pre-proxy). This handler + * works in cooperation with the PostAuthorizeClassHandler and will rewrite the out-going + * Class attribute to be the appropriate value for the session (the value returned to us and + * captured in the PostAuthorizeClassHandler) + * + * @author David Bird + * @see net.jradius.handler.authorize.PostAuthorizeClassHandler + */ +public class ProxyClassHandler extends RadiusSessionHandler +{ + public boolean handle(JRadiusRequest request) throws Exception + { + JRadiusSession session = request.getSession(); + if (session == null) return noSessionFound(request); + + RadiusPacket req = request.getRequestPacket(); + + byte[] packetClass = (byte[])req.getAttributeValue(Attr_Class.TYPE); + byte[] sessionClass = session.getRadiusClass(); + + if (packetClass != null || sessionClass != null) + { + if (sessionClass == null) + { + session.addLogMessage(request, "Request has Class attribute when it should not"); + } + else if (packetClass == null) + { + session.addLogMessage(request, "Missing Class Attribute (added)"); + req.overwriteAttribute(new Attr_Class(sessionClass)); + } + else if (!Arrays.equals(packetClass, sessionClass)) + { + session.addLogMessage(request, "Bad Class Attribute (replaced)"); + req.overwriteAttribute(new Attr_Class(sessionClass)); + } + } + + return false; + } +} diff --git a/extended/src/main/java/net/jradius/handler/proxy/RewriteSessionIdHandler.java b/extended/src/main/java/net/jradius/handler/proxy/RewriteSessionIdHandler.java new file mode 100644 index 0000000..babb70c --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/proxy/RewriteSessionIdHandler.java @@ -0,0 +1,40 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.proxy; + +import net.jradius.dictionary.Attr_AcctSessionId; +import net.jradius.handler.PacketHandlerBase; +import net.jradius.packet.RadiusPacket; +import net.jradius.server.JRadiusRequest; + +/** + * Rewrites the Acct-Session-Id with the session key (for use in pre-proxy). + * @author David Bird + */ +public class RewriteSessionIdHandler extends PacketHandlerBase +{ + public boolean handle(JRadiusRequest request) throws Exception + { + RadiusPacket req = request.getRequestPacket(); + req.overwriteAttribute(new Attr_AcctSessionId(request.getSession().getSessionKey())); + return false; + } +} diff --git a/extended/src/main/java/net/jradius/handler/proxy/package.html b/extended/src/main/java/net/jradius/handler/proxy/package.html new file mode 100644 index 0000000..d035c97 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/proxy/package.html @@ -0,0 +1,5 @@ + + +Standard JRadius Proxy Packet Handlers. + + diff --git a/extended/src/main/java/net/jradius/handler/tlstunnel/AuthorizeHandler.java b/extended/src/main/java/net/jradius/handler/tlstunnel/AuthorizeHandler.java new file mode 100644 index 0000000..0795bb7 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/tlstunnel/AuthorizeHandler.java @@ -0,0 +1,156 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.tlstunnel; + +import java.util.HashMap; +import java.util.StringTokenizer; + +import net.jradius.dictionary.Attr_EAPType; +import net.jradius.dictionary.Attr_ProxyToRealm; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.handler.RadiusSessionHandler; +import net.jradius.handler.chain.JRCommand; +import net.jradius.log.RadiusLog; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.value.NamedValue; +import net.jradius.server.JRadiusRequest; +import net.jradius.session.JRadiusSession; +import net.jradius.session.JRadiusSessionManager; +import net.jradius.session.RadiusSessionKeyProvider; +import net.sf.ehcache.Cache; +import net.sf.ehcache.Element; + +import org.apache.commons.chain.Catalog; + +/** + * TLS Tunnel Termination Authorization Handler + * @author David Bird + */ +public class AuthorizeHandler extends RadiusSessionHandler +{ + private HashMap terminatedRealms = new HashMap(); + private Cache tlsTunnels; + private String anonUserName; + private String chainName; + + public boolean handle(JRadiusRequest request) throws Exception + { + RadiusPacket req = request.getRequestPacket(); + AttributeList ci = request.getConfigItems(); + + JRadiusSession session = request.getSession(); + + String username = (String) req.getAttributeValue(Attr_UserName.TYPE); + String realm = session.getRealm(); + + Attr_EAPType eap = (Attr_EAPType) req.findAttribute(Attr_EAPType.TYPE); + + if (eap != null) + { + NamedValue eapv = (NamedValue)eap.getValue(); + String eapType = eapv.getValueString(); + + if (session.isSecured()) + { + Catalog catalog = getCatalog(); + if (catalog != null && chainName != null) + { + JRCommand c = (JRCommand)catalog.getCommand(chainName); + if (c == null) + { + RadiusLog.error("There is no command '" + chainName + "' in catalog " + getCatalogName()); + return false; + } + return execute(c, request); + } + } + else if ((Attr_EAPType.Identity.equals(eapType) || + Attr_EAPType.NAK.equals(eapType) || + Attr_EAPType.EAPTTLS.equals(eapType) || + Attr_EAPType.PEAP.equals(eapType)) && + ((anonUserName != null && anonUserName.equals(username)) || + terminatedRealms.containsKey(realm))) + { + // Here we are returning NOOP so that TTLS or PEAP tunnels + // can terminate at this radius server and we can proxy the tunneled credentials. + RadiusSessionKeyProvider skp = (RadiusSessionKeyProvider)JRadiusSessionManager.getManager(request.getSender()).getSessionKeyProvider(request.getSender()); + + // Rewrite the log type (not an authorization, but a tunnel + // termination) + session.getLogEntry(request).setType("tls-tunnel"); + + // Force the local handling of the tunnel (do not proxy) + ci.remove(Attr_ProxyToRealm.TYPE); + + // Record the session as a tls tunnel + tlsTunnels.put(new Element(skp.getTunneledRequestKey(request), session.getSessionKey())); + + RadiusLog.info("EAP-TTLS Termination: username = " + username + ", session = " + session.getSessionKey()); + + return true; + } + } + + return false; + } + + /** + * @return Returns the anonUserName. + */ + public String getAnonUserName() + { + return anonUserName; + } + + /** + * @param anonUserName The anonUserName to set. + */ + public void setAnonUserName(String anonUserName) + { + this.anonUserName = anonUserName; + } + + public void setTerminatedRealms(String realms) + { + StringTokenizer st = new StringTokenizer(realms, ","); + while (st.hasMoreTokens()) + { + String realm = st.nextToken(); + terminatedRealms.put(realm.trim().toLowerCase(), realm); + } + } + + public String getChainName() + { + return chainName; + } + + public void setChainName(String chainName) + { + this.chainName = chainName; + } + + public void setTlsTunnels(Cache tlsTunnels) + { + this.tlsTunnels = tlsTunnels; + } +} diff --git a/extended/src/main/java/net/jradius/handler/tlstunnel/InitTunnelSessionHandler.java b/extended/src/main/java/net/jradius/handler/tlstunnel/InitTunnelSessionHandler.java new file mode 100644 index 0000000..c0314d8 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/tlstunnel/InitTunnelSessionHandler.java @@ -0,0 +1,158 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.tlstunnel; + +import java.util.HashMap; +import java.util.StringTokenizer; + +import net.jradius.dictionary.Attr_Realm; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.dictionary.vsa_freeradius.Attr_FreeRADIUSProxiedTo; +import net.jradius.exception.RadiusException; +import net.jradius.handler.RadiusSessionHandler; +import net.jradius.packet.RadiusPacket; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; +import net.jradius.session.JRadiusSession; +import net.jradius.session.JRadiusSessionManager; +import net.jradius.session.RadiusSessionKeyProvider; +import net.jradius.session.RadiusSessionSupport; +import net.sf.ehcache.Cache; +import net.sf.ehcache.Element; + +/** + * Tunnel Session Initialization Handler. + * @author David Bird + */ +public class InitTunnelSessionHandler extends RadiusSessionHandler +{ + private Cache tlsTunnels; + private HashMap realms = new HashMap(); + + /** + * This handler is to be chained before the actual InitSessionHandler. + * In the event the request is the inner request of a TLS tunnel, the associated + * session if found and configured. + * @see net.jradius.handler.PacketHandler#handle(net.jradius.server.JRadiusRequest) + */ + public boolean handle(JRadiusRequest request) throws RadiusException + { + int type = request.getType(); + RadiusPacket req = request.getRequestPacket(); + + String fullUserName = (String) req.getAttributeValue(Attr_UserName.TYPE); + String stripUserName = null; + String realm = null; + + JRadiusSession session = request.getSession(); + + if (fullUserName == null) return false; + + stripUserName = fullUserName; + + String[] s = RadiusSessionSupport.splitUserName(stripUserName); + + if (s != null && s.length == 2) + { + stripUserName = s[0]; + realm = s[1]; + } + + if (type == JRadiusServer.JRADIUS_authorize && + req.findAttribute(Attr_FreeRADIUSProxiedTo.TYPE) != null) + { + // If we are proxy-ing the request to ourselves, + // this is an inner-tunnel authentication. + RadiusSessionKeyProvider skp = (RadiusSessionKeyProvider)JRadiusSessionManager.getManager(request.getSender()).getSessionKeyProvider(request.getSender()); + Element element = tlsTunnels.get(skp.getTunneledRequestKey(request)); + if (element == null) return false; + String sessionKey = (String)element.getValue(); + if (sessionKey == null) + { + request.setReturnValue(JRadiusServer.RLM_MODULE_REJECT); + return true; + } + + session = JRadiusSessionManager.getManager(request.getSender()).getSession(request, sessionKey); + if (session == null) throw new RadiusException("Could not find on-going tunneled session: " + sessionKey); + + session.setSecured(true); + session.setUsername(stripUserName); + session.setRealm(realm); + + request.setSession(session); + + String r = (String)req.getAttributeValue(Attr_Realm.TYPE); + if (r != null) + { + if ("DEFAULT".equals(r)) + { + r = realm; + } + if (!isLocalRealm(r)) + { + session.setProxyToRealm(r); + } + } + } + + return false; + } + + public void setLocalRealms(String localRealms) + { + StringTokenizer st = new StringTokenizer(localRealms, ","); + while (st.hasMoreTokens()) + { + String realm = st.nextToken(); + realms.put(realm.trim().toLowerCase(), "local"); + } + } + + public void setSecureRealms(String localRealms) + { + StringTokenizer st = new StringTokenizer(localRealms, ","); + while (st.hasMoreTokens()) + { + String realm = st.nextToken(); + realms.put(realm.trim().toLowerCase(), "secure"); + } + } + + public boolean isLocalRealm(String realm) + { + String s = (String)realms.get(realm.trim().toLowerCase()); + if (s == null) return false; + return "local".equals(s); + } + + public boolean isSecureRealm(String realm) + { + String s = (String)realms.get(realm.trim().toLowerCase()); + if (s == null) return false; + return "secure".equals(s); + } + + public void setTlsTunnels(Cache tlsTunnels) + { + this.tlsTunnels = tlsTunnels; + } +} diff --git a/extended/src/main/java/net/jradius/handler/tlstunnel/PreAcctHandler.java b/extended/src/main/java/net/jradius/handler/tlstunnel/PreAcctHandler.java new file mode 100644 index 0000000..aeab41d --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/tlstunnel/PreAcctHandler.java @@ -0,0 +1,70 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.handler.tlstunnel; + +import net.jradius.dictionary.Attr_ProxyToRealm; +import net.jradius.dictionary.Attr_Realm; +import net.jradius.dictionary.Attr_StrippedUserName; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.exception.RadiusException; +import net.jradius.handler.PacketHandlerBase; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; +import net.jradius.session.JRadiusSession; + +/** + * TLS Tunnel Termination Pre-Accounting Handler + * @author David Bird + */ +public class PreAcctHandler extends PacketHandlerBase +{ + public boolean handle(JRadiusRequest request) throws RadiusException + { + RadiusPacket req = request.getRequestPacket(); + AttributeList ci = request.getConfigItems(); + + JRadiusSession session = request.getSession(); + if (session == null) return false; + + String proxyToRealm = session.getProxyToRealm(); + + if (proxyToRealm != null) + { + /* + * If this session was the result of a terminated EAP Tunnel, + * then proxy accounting to the home realm after adjusting + * the User-Name to that in the EAP Tunnel. + */ + RadiusAttribute a; + if ((a = req.findAttribute(Attr_StrippedUserName.TYPE)) != null) req.removeAttribute(a); + if ((a = req.findAttribute(Attr_Realm.TYPE)) != null) req.removeAttribute(a); + req.overwriteAttribute(new Attr_UserName(session.getUsername() + "@" + session.getRealm())); + ci.add(new Attr_ProxyToRealm(proxyToRealm)); + request.setReturnValue(JRadiusServer.RLM_MODULE_UPDATED); + return true; + } + + return false; + } +} diff --git a/extended/src/main/java/net/jradius/handler/tlstunnel/package.html b/extended/src/main/java/net/jradius/handler/tlstunnel/package.html new file mode 100644 index 0000000..767f7b2 --- /dev/null +++ b/extended/src/main/java/net/jradius/handler/tlstunnel/package.html @@ -0,0 +1,5 @@ + + +Handlers to Assist with Early TLS Tunnel Termination. + + diff --git a/extended/src/main/java/net/jradius/ipdr/IPDRLogger.java b/extended/src/main/java/net/jradius/ipdr/IPDRLogger.java new file mode 100644 index 0000000..89c84bd --- /dev/null +++ b/extended/src/main/java/net/jradius/ipdr/IPDRLogger.java @@ -0,0 +1,72 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.ipdr; + +import java.util.LinkedHashMap; + +import net.jradius.log.RadiusLog; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.RadiusPacket; +import net.jradius.session.JRadiusSession; + + +/** + * IPDR Logger (work in progress) + * @author David Bird + */ +public class IPDRLogger +{ + private static final LinkedHashMap ipdrList = new LinkedHashMap(); + + static + { + try + { + ipdrList.put("pwlan", new IPDR_PublicWLANAccess()); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + public static String buildIPDR(String groupId, JRadiusSession radiusSession) throws Exception + { + RadiusPacket p = radiusSession.getLastRadiusRequest().getRequestPacket(); + + if (!(p instanceof AccountingRequest)) + { + RadiusLog.error("Can not build IPDR for session without accounting"); + return null; + } + + if (((AccountingRequest)p).getAccountingStatusType() != AccountingRequest.ACCT_STATUS_STOP) + { + RadiusLog.error("Can not build IPDR for session without STOP record"); + return null; + } + + IPDR_Base ipdr = (IPDR_Base)ipdrList.get(groupId); + if (ipdr == null) return null; + + return ipdr.toXML(radiusSession); + } +} diff --git a/extended/src/main/java/net/jradius/ipdr/IPDR_Base.java b/extended/src/main/java/net/jradius/ipdr/IPDR_Base.java new file mode 100644 index 0000000..09b55cb --- /dev/null +++ b/extended/src/main/java/net/jradius/ipdr/IPDR_Base.java @@ -0,0 +1,279 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.ipdr; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.util.ArrayList; +import java.util.LinkedHashMap; + +import net.jradius.exception.UnknownAttributeException; +import net.jradius.log.RadiusLog; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.session.JRadiusSession; + +import org.ipdr.common.BadCompositeException; +import org.ipdr.common.Descriptor; +import org.ipdr.common.DescriptorContentHandler; +import org.ipdr.common.FNFData; +import org.ipdr.common.FNFType; +import org.ipdr.common.IPDRDocWriter; +import org.ipdr.common.NameSpaceInfo; +import org.ipdr.common.OpenType; +import org.ipdr.common.Schema; +import org.ipdr.utils.IPDRException; +import org.ipdr.utils.UUIDUtil; +import org.xml.sax.SAXException; + +/** + * The base class of IPDR conversion classes (work in progress). + * @author David Bird + */ +public abstract class IPDR_Base +{ + private class TypeIndex + { + public int index; + public OpenType openType; + public TypeIndex(int i, OpenType t) { index = i; openType = t; } + } + + private static final LinkedHashMap typeIndexMap = new LinkedHashMap(); + + protected static final String defaultNameSpaceBase = "http://www.ipdr.org/namespaces/"; + protected static final String defaultNameSpaceURI = defaultNameSpaceBase + "ipdr"; + protected static final String defaultIPDRBaseURI = "http://www.ipdr.org/public/"; + + protected OpenType[] openType; + protected String serviceType; + protected String schemaURI; + protected int openTypeLength; + + protected IPDR_Base(String schemaURI) throws IOException, IPDRException, SAXException + { + this.schemaURI = schemaURI; + Descriptor descriptor = new Descriptor(); + ArrayList schemaArray = descriptor.parseSchema(schemaURI); + DescriptorContentHandler dch = descriptor.getContentHandler(); + + ArrayList location = dch.getSchemaLocation(); + serviceType = descriptor.getServType(); + + for (int uriPos = 0; uriPos < location.size(); uriPos++) { + String extn = dch.getExtensionBase(); + if (!(extn.equalsIgnoreCase("ipdr:IPDRType"))) { + schemaArray.addAll(0, descriptor.parseSchema(location.get(uriPos).toString())); + } + } + + ArrayList nameSpaceInfo = dch.getURIStorage(); + String nameSpaceURI = null; + String nameSpaceID = null; + + ArrayList localNameSpaceInfo = new ArrayList(); + + for (int count = 0; count < nameSpaceInfo.size(); count++) { + nameSpaceURI = ((NameSpaceInfo)nameSpaceInfo.get(count)).getNameSpaceURI(); + nameSpaceID = ((NameSpaceInfo)nameSpaceInfo.get(count)).getNameSpaceID(); + if (!(nameSpaceID.equals("")) && !(nameSpaceID.equals("ipdr"))) { + NameSpaceInfo NSInfo = new NameSpaceInfo(nameSpaceURI, nameSpaceID); + localNameSpaceInfo.add(NSInfo); + } + } + + String name = null; + for (int i = 0; i < schemaArray.size(); i += 3) { + name = (String)schemaArray.get(i); + + int colonPos = name.indexOf("$"); + String fnfURI = name.substring(0, colonPos); + String fnfNSID = new String(); + for (int j = 0; j < localNameSpaceInfo.size(); j++) { + if ((((NameSpaceInfo)localNameSpaceInfo.get(j)).getNameSpaceURI()).equals(fnfURI)) { + fnfNSID = ((NameSpaceInfo)localNameSpaceInfo.get(j)).getNameSpaceID(); + } + } + if (!(fnfNSID.equals(""))) { + name = name.substring((colonPos + 1), name.length()); + name = fnfNSID + ":" + name; + schemaArray.add(i, name); + schemaArray.remove(i + 1); + } else { + name = name.substring((colonPos + 1), name.length()); + schemaArray.add(i, name); + schemaArray.remove(i + 1); + } + } + + try + { + openType = descriptor.createOpenTypes(schemaArray); + openTypeLength = openType.length; + for (int i=0; i + +Support for IPDR in JRadius (work in progress). + + diff --git a/extended/src/main/java/net/jradius/log/RadiusLogEntry.java b/extended/src/main/java/net/jradius/log/RadiusLogEntry.java new file mode 100644 index 0000000..0649ec3 --- /dev/null +++ b/extended/src/main/java/net/jradius/log/RadiusLogEntry.java @@ -0,0 +1,392 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2007-2008 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.log; + +import java.net.InetAddress; +import java.util.Date; + +import net.jradius.dictionary.Attr_ClientIPAddress; +import net.jradius.dictionary.Attr_NASIdentifier; +import net.jradius.exception.RadiusException; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.RadiusPacket; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; +import net.jradius.session.JRadiusSession; + + +/** + * The JRadius Log Entry Object (bean). + * @author David Bird + */ +public class RadiusLogEntry implements JRadiusLogEntry +{ + protected JRadiusSession session; + protected Integer code; + protected String type; + protected String message; + protected String packetId; + protected String clientIPAddress; + protected String nasIdentifier; + protected String userName; + protected String realm; + protected Integer userId; + + protected String inboundRequest; + protected String outboundRequest; + protected String inboundReply; + protected String outboundReply; + + protected boolean finished = true; + protected boolean committed = false; + + protected Date lastUpdate; + + public RadiusLogEntry() + { + } + + public RadiusLogEntry(JRadiusSession session, String packetId) + { + this.session = session; + setPacketId(packetId); + } + + public void init(JRadiusRequest request, JRadiusSession session) throws RadiusException + { + RadiusPacket req = request.getRequestPacket(); + + setType(request); + + // The client IP should never be changing + if (getClientIPAddress() == null) + { + InetAddress clientAddress = (InetAddress) req.getAttributeValue(Attr_ClientIPAddress.TYPE); + if (clientAddress != null) + setClientIPAddress(clientAddress.getHostAddress()); + } + + // We want the original NAS-Identifier, not any rewrite + // Grab the value at the first call to InitHandler + if (getNasIdentifier() == null) + { + String nasId = (String) req.getAttributeValue(Attr_NASIdentifier.TYPE); + setNasIdentifier(nasId); + } + + if (getUserName() == null) + setUserName(session.getUsername()); + + if (getRealm() == null) + setRealm(session.getRealm()); + + // The inbound request should be got at the preacct or authorize + // at the first position in the chain + if (getInboundRequest() == null) + setInboundRequest(req.toString(false, true)); + } + + protected Object setValue(Object n, Object o) + { + if (o == null || !o.equals(n)) { committed = false; return n; } + return o; + } + + /** + * @return Returns the sessionKey. + */ + public String getSessionKey() + { + return session.getSessionKey(); + } + + /** + * @return Returns the code. + */ + public Integer getCode() + { + return code; + } + /** + * @param code The code to set. + */ + public void setCode(Integer code) + { + this.code = (Integer)setValue(code, this.code); + } + /** + * @return Returns the type. + */ + public String getType() + { + return type; + } + /** + * @param type The type to set. + */ + public void setType(String type) + { + this.type = (String)setValue(type, this.type); + } + + public void setType(JRadiusRequest request) throws RadiusException + { + switch(request.getType()) + { + case JRadiusServer.JRADIUS_pre_proxy: + case JRadiusServer.JRADIUS_post_proxy: + case JRadiusServer.JRADIUS_post_auth: + case JRadiusServer.JRADIUS_checksimul: + break; + case JRadiusServer.JRADIUS_preacct: + case JRadiusServer.JRADIUS_accounting: + { + AccountingRequest req = (AccountingRequest)request.getRequestPacket(); + switch(req.getAccountingStatusType()) + { + case AccountingRequest.ACCT_STATUS_START: + case AccountingRequest.ACCT_STATUS_ACCOUNTING_ON: + setType("start"); + break; + case AccountingRequest.ACCT_STATUS_STOP: + case AccountingRequest.ACCT_STATUS_ACCOUNTING_OFF: + setType("stop"); + break; + case AccountingRequest.ACCT_STATUS_INTERIM: + setType("interim"); + break; + default: + setType("accounting"); + break; + } + } + break; + default: + { + setType(request.getTypeString()); + } + } + } + + /** + * @return Returns the message. + */ + public String getMessage() + { + return message; + } + + /** + * @param message The message to set. + */ + public void setMessage(String message) + { + this.message = (String)setValue(message, this.message); + } + + public void addMessage(String message) + { + StringBuffer sb = new StringBuffer(); + if (this.message != null) sb.append(this.message).append(", "); + sb.append(message); + setMessage(sb.toString()); + } + + /** + * @return Returns the clientIP. + */ + public String getClientIPAddress() + { + return clientIPAddress; + } + + /** + * @param clientIP The clientIP to set. + */ + public void setClientIPAddress(String clientIP) + { + this.clientIPAddress = (String)setValue(clientIP, this.clientIPAddress); + } + + /** + * @return Returns the nasId. + */ + public String getNasIdentifier() + { + return nasIdentifier; + } + /** + * @param nasId The nasId to set. + */ + public void setNasIdentifier(String nasId) + { + this.nasIdentifier = (String)setValue(nasId, this.nasIdentifier); + } + + public String getUserName() + { + return userName; + } + public void setUserName(String userName) + { + this.userName = userName; + } + + public String getRealm() + { + return realm; + } + public void setRealm(String realm) + { + this.realm = realm; + } + /** + * @return Returns the userId. + */ + public Integer getUserId() + { + return userId; + } + /** + * @param userId The userId to set. + */ + public void setUserId(Integer userId) + { + this.userId = (Integer)setValue(userId, this.userId); + } + + /** + * @return Returns the packetId. + */ + public String getPacketId() + { + return packetId; + } + /** + * @param packetId The packetId to set. + */ + public void setPacketId(String packetId) + { + this.packetId = packetId; + } + /** + * @return Returns the inboundReply. + */ + public String getInboundReply() + { + return inboundReply; + } + /** + * @param inboundReply The inboundReply to set. + */ + public void setInboundReply(String inboundReply) + { + this.inboundReply = (String)setValue(inboundReply, this.inboundReply); + } + /** + * @return Returns the inboundRequest. + */ + public String getInboundRequest() + { + return inboundRequest; + } + /** + * @param inboundRequest The inboundRequest to set. + */ + public void setInboundRequest(String inboundRequest) + { + this.inboundRequest = (String)setValue(inboundRequest, this.inboundRequest); + } + /** + * @return Returns the outboundReply. + */ + public String getOutboundReply() + { + return outboundReply; + } + /** + * @param outboundReply The outboundReply to set. + */ + public void setOutboundReply(String outboundReply) + { + this.outboundReply = (String)setValue(outboundReply, this.outboundReply); + } + /** + * @return Returns the outboundRequest. + */ + public String getOutboundRequest() + { + return outboundRequest; + } + /** + * @param outboundRequest The outboundRequest to set. + */ + public void setOutboundRequest(String outboundRequest) + { + this.outboundRequest = (String)setValue(outboundRequest, this.outboundRequest); + } + + /** + * @return Returns the finished. + */ + public boolean isFinished() + { + return finished; + } + /** + * @param finished The finished to set. + */ + public void setFinished(boolean finished) + { + this.finished = finished; + } + + /** + * @return Returns the committed. + */ + public boolean isCommitted() + { + return committed; + } + /** + * @param committed The committed to set. + */ + public void setCommitted(boolean committed) + { + this.committed = committed; + } + + public String toString() + { + return "RadiusLogEntry: { type = " + type + ", packetId = " + packetId + " }: " + getMessage(); + } + + public Date getLastUpdate() + { + return lastUpdate; + } + + public void setLastUpdate(Date lastUpdate) + { + this.lastUpdate = lastUpdate; + } +} diff --git a/extended/src/main/java/net/jradius/session/RadiusSession.java b/extended/src/main/java/net/jradius/session/RadiusSession.java new file mode 100644 index 0000000..54f05fb --- /dev/null +++ b/extended/src/main/java/net/jradius/session/RadiusSession.java @@ -0,0 +1,1158 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.session; + +import java.io.Serializable; +import java.net.InetAddress; +import java.util.Date; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; + +import net.jradius.dictionary.Attr_AcctAuthentic; +import net.jradius.dictionary.Attr_AcctInputGigawords; +import net.jradius.dictionary.Attr_AcctInputOctets; +import net.jradius.dictionary.Attr_AcctInputPackets; +import net.jradius.dictionary.Attr_AcctInterimInterval; +import net.jradius.dictionary.Attr_AcctOutputGigawords; +import net.jradius.dictionary.Attr_AcctOutputOctets; +import net.jradius.dictionary.Attr_AcctOutputPackets; +import net.jradius.dictionary.Attr_AcctSessionId; +import net.jradius.dictionary.Attr_AcctSessionTime; +import net.jradius.dictionary.Attr_AcctTerminateCause; +import net.jradius.dictionary.Attr_CalledStationId; +import net.jradius.dictionary.Attr_CallingStationId; +import net.jradius.dictionary.Attr_ConnectInfo; +import net.jradius.dictionary.Attr_FramedIPAddress; +import net.jradius.dictionary.Attr_IdleTimeout; +import net.jradius.dictionary.Attr_NASIPAddress; +import net.jradius.dictionary.Attr_NASIdentifier; +import net.jradius.dictionary.Attr_NASPortType; +import net.jradius.dictionary.Attr_ProxyToRealm; +import net.jradius.dictionary.Attr_Realm; +import net.jradius.dictionary.Attr_ServiceType; +import net.jradius.dictionary.Attr_SessionTimeout; +import net.jradius.dictionary.Attr_StrippedUserName; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.dictionary.vsa_jradius.Attr_JRadiusRequestId; +import net.jradius.exception.RadiusException; +import net.jradius.exception.RadiusSecurityException; +import net.jradius.log.JRadiusLogEntry; +import net.jradius.log.RadiusLog; +import net.jradius.packet.AccessAccept; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.server.JRadiusEvent; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; + +/** + * The Default Radius Session Base Class. + * + * @author David Bird + */ +public class RadiusSession implements JRadiusSession, Serializable +{ + public static final long serialVersionUID = 0L; + + // Internal "State" Attributes + private int sessionState = JRadiusSession.UNKNOWN_STATE; + private String sessionKey; + private String jRadiusKey; + private boolean newSession = true; + private long timeStamp; + + private JRadiusRequest lastRadiusRequest; + private Map logEntryMap = new HashMap(); + private Map attributeMap = new HashMap(); + + // Basic Session Configuration + private String username; + private String realm; + private String password; + private String sessionId; + private String proxyToRealm; + private String redirectURL; + private boolean secured; + + // Relevant Attributes + private String connectInfo; + private String callingStationId; + private String calledStationId; + private String nasIdentifier; + private String nasIPAddress; + private String clientIPAddress; + private String framedIPAddress; + private byte[] radiusClass; + + // Session Accounting Configuration + private Long idleTimeout; + private Long sessionTimeout; + private Long interimInterval; + + // Session Bandwidth & Data Limit Configurations + private Long maxBandwidthUp; + private Long maxBandwidthDown; + private Long minBandwidthUp; + private Long minBandwidthDown; + private Long maxOctetsUp; + private Long maxOctetsDown; + private Long maxOctetsTotal; + + private String nasType; + private Long nasPortType; + private Long acctAuthentic; + + // Session Accounting Data + private Long serviceType; + private Long sessionTime; + private Long packetsIn; + private Long packetsOut; + private Long octetsIn; + private Long octetsOut; + private Long gigaWordsIn; + private Long gigaWordsOut; + private Long terminateCause; + private Date authorizeTime; + private Date startTime; + private Date lastInterimTime; + private Date stopTime; + + public RadiusSession () + { + } + + public RadiusSession(String session) + { + this(); + setSessionKey(session); + RadiusLog.debug("Creating new session: " + session); + } + + + public boolean isAccountingReversed() { + // TODO Auto-generated method stub + return false; + } + + public void setAttribute(String name, Object value) { + attributeMap.put(name, value); + } + + public Object getAttribute(String name) { + return attributeMap.get(name); + } + + public JRadiusLogEntry getLogEntry(JRadiusEvent event, String key) + { + JRadiusLogEntry entry = logEntryMap.get(key); + + if (entry == null) + { + RadiusLog.debug("Creating new Session/LogEntry: " + getSessionKey() + "/" + key); + entry = JRadiusSessionManager.getManager(event.getSender()).newLogEntry(event, this, key); + logEntryMap.put(key, entry); + } + + RadiusLog.debug("Retreived Session/LogEntry: " + getSessionKey() + "/" + key); + entry.setLastUpdate(new Date()); + return entry; + } + + public JRadiusLogEntry getLogEntry(JRadiusRequest request) throws RadiusException + { + AttributeList ci = request.getConfigItems(); + RadiusAttribute a = ci.get(Attr_JRadiusRequestId.TYPE); + String key; + + if (a != null) key = (String)a.getValue().getValueObject(); + else key = Integer.toString((char)request.getRequestPacket().getIdentifier()); + + JRadiusLogEntry entry = getLogEntry(request, key); + entry.setCode(new Integer(request.getReturnValue())); + return entry; + } + + public void addLogMessage(JRadiusRequest request, String message) throws RadiusException + { + getLogEntry(request).addMessage(message); + } + + public void commitLogEntries(int result) + { + Iterator> it = logEntryMap.entrySet().iterator(); + + long now = new Date().getTime(); + long threshold = 180; + + while (it.hasNext()) + { + Map.Entry mapEntry = it.next(); + JRadiusLogEntry entry = mapEntry.getValue(); + if (entry.isFinished() && !entry.isCommitted()) + { + entry.setCode(new Integer(result)); + commitLogEntry(entry, result); + entry.setCommitted(true); + } + if (entry.getLastUpdate().getTime() < (now - threshold)) + { + it.remove(); + } + } + } + + public void commitLogEntry(JRadiusLogEntry entry, int result) + { + String mesg = entry.toString(); + if (mesg != null) RadiusLog.info(mesg); + } + + public boolean onPreProcessing(JRadiusRequest request) throws RadiusException + { + switch(request.getType()) + { + case JRadiusServer.JRADIUS_authorize: + { + if (getSessionState() == UNKNOWN_STATE) + setSessionState(AUTH_PENDING); + } + break; + + case JRadiusServer.JRADIUS_preacct: + { + if (!request.isAccountingRequest()) break; + AccountingRequest accountingRequest = (AccountingRequest) request.getRequestPacket(); + + switch (accountingRequest.getAccountingStatusType()) + { + case -1: + { + return onNoAccountingStatusType(request); + } + + case AccountingRequest.ACCT_STATUS_START: + case AccountingRequest.ACCT_STATUS_ACCOUNTING_ON: + { + ensureSessionState(request, AUTH_ACCEPTED); + setSessionState(ACCT_STARTED); + } + break; + + case AccountingRequest.ACCT_STATUS_STOP: + case AccountingRequest.ACCT_STATUS_ACCOUNTING_OFF: + { + ensureSessionState(request, ACCT_STARTED); + setSessionState(ACCT_STOPPED); + } + break; + + case AccountingRequest.ACCT_STATUS_INTERIM: + { + ensureSessionState(request, ACCT_STARTED); + } + break; + } + } + break; + } + + return false; + } + + public void onPostProcessing(JRadiusRequest request) throws RadiusException + { + // If we have a session, fire off events + switch(request.getType()) + { + case JRadiusServer.JRADIUS_authorize: + onAuthorization(request); + break; + case JRadiusServer.JRADIUS_post_auth: + onPostAuthentication(request); + break; + case JRadiusServer.JRADIUS_preacct: + onAccounting(request); + break; + } + } + + public void onAuthorization(JRadiusRequest request) throws RadiusException + { + if (!checkSessionState(AUTH_PENDING | AUTH_ACCEPTED | ACCT_STARTED)) + setSessionState(AUTH_PENDING); + } + + public void onPostAuthentication(JRadiusRequest request) throws RadiusException + { + RadiusPacket rep = request.getReplyPacket(); + boolean success = (rep instanceof AccessAccept && request.getReturnValue() != JRadiusServer.RLM_MODULE_REJECT); + RadiusLog.debug("Authentication: " + request + " was" + (success ? "" : " NOT") + " sucessful"); + if (success) + { + Long sessionTimeout = (Long)rep.getAttributeValue(Attr_SessionTimeout.TYPE); + if (checkSessionState(ACCT_STARTED)) + { + if (sessionTimeout != null) + { + Long sessionTime = getSessionTime(); + if (sessionTime != null) + { + // Compensate the sessionTimeout for re-authentications + sessionTimeout = new Long(sessionTimeout.longValue() - sessionTime.longValue()); + } + } + } + else + { + setSessionState(AUTH_ACCEPTED); + } + setIdleTimeout((Long)rep.getAttributeValue(Attr_IdleTimeout.TYPE)); + setInterimInterval((Long)rep.getAttributeValue(Attr_AcctInterimInterval.TYPE)); + setSessionTimeout(sessionTimeout); + } + else + { + setSessionState(AUTH_REJECTED); + } + } + + public void stopSession(boolean force) + { + setSessionState(JRadiusSession.ACCT_STOPPED); + } + + public void initSession(JRadiusRequest request) throws RadiusException + { + RadiusPacket req = request.getRequestPacket(); + + String username = (String)req.getAttributeValue(Attr_UserName.TYPE); + String realm = (String)req.getAttributeValue(Attr_Realm.TYPE); + String stripUsername = null; + + if (username != null) + { + stripUsername = username; + + if (realm == null) + { + String[] s = RadiusSessionSupport.splitUserName(username); + if (s != null && s.length == 2) + { + stripUsername = s[0]; + realm = s[1]; + } + } + else + { + stripUsername = (String)req.getAttributeValue(Attr_StrippedUserName.TYPE); + if (stripUsername == null) stripUsername = username; + } + } + + setUsername(stripUsername); + setRealm(realm); + + Long zero = new Long(0); + + setSessionTime(zero); + setPacketsIn(zero); + setPacketsOut(zero); + setOctetsIn(zero); + setOctetsOut(zero); + setGigaWordsIn(zero); + setGigaWordsOut(zero); + + setServiceType((Long)req.getAttributeValue(Attr_ServiceType.TYPE)); + setNasPortType((Long)req.getAttributeValue(Attr_NASPortType.TYPE)); + setConnectInfo((String)req.getAttributeValue(Attr_ConnectInfo.TYPE)); + setCallingStationId((String)req.getAttributeValue(Attr_CallingStationId.TYPE)); + setCalledStationId((String)req.getAttributeValue(Attr_CalledStationId.TYPE)); + setSessionId((String) req.getAttributeValue(Attr_AcctSessionId.TYPE)); + setNasIdentifier((String)req.getAttributeValue(Attr_NASIdentifier.TYPE)); + + InetAddress inet = (InetAddress) req.getAttributeValue(Attr_NASIPAddress.TYPE); + if (inet != null) setNasIPAddress(inet.getHostAddress()); + + inet = (InetAddress) req.getAttributeValue(Attr_FramedIPAddress.TYPE); + if (inet != null) setFramedIPAddress(inet.getHostAddress()); + + if (getNasIdentifier() == null) setNasIdentifier(getNasIPAddress()); + } + + public void onAccounting(JRadiusRequest request) throws RadiusException + { + RadiusPacket req = request.getRequestPacket(); + Long i; + + if ((i = (Long)req.getAttributeValue(Attr_AcctAuthentic.TYPE)) != null) setAcctAuthentic(i); + if ((i = (Long)req.getAttributeValue(Attr_AcctSessionTime.TYPE)) != null) setSessionTime(i); + if ((i = (Long)req.getAttributeValue(Attr_AcctInputPackets.TYPE)) != null) setPacketsIn(i); + if ((i = (Long)req.getAttributeValue(Attr_AcctOutputPackets.TYPE)) != null) setPacketsOut(i); + if ((i = (Long)req.getAttributeValue(Attr_AcctTerminateCause.TYPE)) != null) setTerminateCause(i); + + Long octsIn = (Long)req.getAttributeValue(Attr_AcctInputOctets.TYPE); + Long octsOut = (Long)req.getAttributeValue(Attr_AcctOutputOctets.TYPE); + Long gigaIn = (Long)req.getAttributeValue(Attr_AcctInputGigawords.TYPE); + Long gigaOut = (Long)req.getAttributeValue(Attr_AcctOutputGigawords.TYPE); + + Long cOctsIn = getOctetsIn(); + Long cOctsOut = getOctetsOut(); + + if (octsIn != null && octsOut != null && cOctsIn != null && cOctsOut != null) + { + if (octsIn.longValue() < cOctsIn.longValue()) + { + Long cGigaIn = getGigaWordsIn(); + long currentGigawords = (cGigaIn == null) ? 0 : cGigaIn.longValue(); + long newGigawords = (gigaIn == null) ? 0 : gigaIn.longValue(); + if (newGigawords != (currentGigawords + 1)) + { + addLogMessage(request, "Fixing Gigawords-In"); + req.overwriteAttribute(new Attr_AcctInputGigawords(gigaIn = new Long(currentGigawords + 1))); + } + } + if (octsOut.longValue() < cOctsOut.longValue()) + { + Long cGigaOut = getGigaWordsOut(); + long currentGigawords = (cGigaOut == null) ? 0 : cGigaOut.longValue(); + long newGigawords = (gigaOut == null) ? 0 : gigaOut.longValue(); + if (newGigawords != (currentGigawords + 1)) + { + addLogMessage(request, "Fixing Gigawords-Out"); + req.overwriteAttribute(new Attr_AcctOutputGigawords(gigaOut = new Long(currentGigawords + 1))); + } + } + } + + if (octsIn != null) setOctetsIn(octsIn); + if (octsOut != null) setOctetsOut(octsOut); + if (gigaIn != null) setGigaWordsIn(gigaIn); + if (gigaOut != null) setGigaWordsOut(gigaOut); + } + + protected boolean checkSessionState(int state) + { + return !((getSessionState() & state) == 0); + } + + public void ensureSessionState(JRadiusRequest request, int state) throws RadiusException + { + if (!checkSessionState(state)) + { + // Remove any Proxy-To-Realm in the control items to prevent the proxy + request.getConfigItems().remove(Attr_ProxyToRealm.TYPE); + throw new RadiusSecurityException("Received unexpected packet for session: " + getSessionKey() + " (" + getSessionState() + " != " + state + ")"); + } + } + + public boolean onNoAccountingStatusType(JRadiusRequest request) throws RadiusException + { + JRadiusLogEntry logEntry = getLogEntry(request); + String error = "Accounting packet without a Acct-Status-Type!"; + RadiusLog.error(error); + logEntry.addMessage(error); + request.setReturnValue(JRadiusServer.RLM_MODULE_REJECT); + return true; + } + + /** + * @return Returns the username. + */ + public String getUsername() + { + return username; + } + + /** + * @param username The username to set. + */ + public void setUsername(String username) + { + this.username = username; + } + + /** + * @return Returns the realm. + */ + public String getRealm() + { + return realm; + } + + /** + * @param realm The realm to set. + */ + public void setRealm(String realm) + { + this.realm = realm; + } + + /** + * @return Returns the password. + */ + public String getPassword() + { + return password; + } + + /** + * @param password The password to set. + */ + public void setPassword(String password) + { + this.password = password; + } + + /** + * @return Returns the sessionKey. + */ + public String getSessionKey() + { + return sessionKey; + } + + /** + * @param sessionKey The sessionKey to set. + */ + public void setSessionKey(String sessionKey) + { + this.sessionKey = sessionKey; + } + + /** + * @return Returns the sessionId. + */ + public String getSessionId() + { + return sessionId; + } + + /** + * @param sessionId The sessionId to set. + */ + public void setSessionId(String sessionId) + { + this.sessionId = sessionId; + } + + /** + * @return Returns the serviceType. + */ + public Long getServiceType() + { + return serviceType; + } + + /** + * @param serviceType The serviceType to set. + */ + public void setServiceType(Long serviceType) + { + this.serviceType = serviceType; + } + + /** + * @return Returns the idleTimeout. + */ + public Long getIdleTimeout() + { + return idleTimeout; + } + + /** + * @param idleTimeout The idleTimeout to set. + */ + public void setIdleTimeout(Long idleTimeout) + { + this.idleTimeout = idleTimeout; + } + + /** + * @return Returns the interimInterval. + */ + public Long getInterimInterval() + { + return interimInterval; + } + + /** + * @param interimInterval The interimInterval to set. + */ + public void setInterimInterval(Long interimInterval) + { + this.interimInterval = interimInterval; + } + + /** + * @return Returns the sessionTimeout. + */ + public Long getSessionTimeout() + { + return sessionTimeout; + } + + /** + * @param sessionTimeout The sessionTimeout to set. + */ + public void setSessionTimeout(Long sessionTimeout) + { + this.sessionTimeout = sessionTimeout; + } + + /** + * @return Returns the sessionTime. + */ + public Long getSessionTime() + { + return sessionTime; + } + + /** + * @param sessionTime The sessionTime to set. + */ + public void setSessionTime(Long sessionTime) + { + this.sessionTime = sessionTime; + } + + /** + * @return Returns the startTime. + */ + public Date getStartTime() + { + return startTime; + } + + /** + * @param startTime The startTime to set. + */ + public void setStartTime(Date startTime) + { + this.startTime = startTime; + } + + /** + * @return Returns the lastInterimTime. + */ + public Date getLastInterimTime() + { + return lastInterimTime; + } + /** + * @param lastInterimTime The lastInterimTime to set. + */ + public void setLastInterimTime(Date lastInterimTime) + { + this.lastInterimTime = lastInterimTime; + } + /** + * @return Returns the stopTime. + */ + public Date getStopTime() + { + return stopTime; + } + /** + * @param stopTime The stopTime to set. + */ + public void setStopTime(Date stopTime) + { + this.stopTime = stopTime; + } + /** + * @return Returns the gigaWordsIn. + */ + public Long getGigaWordsIn() + { + return gigaWordsIn; + } + + /** + * @param gigaWordsIn The gigaWordsIn to set. + */ + public void setGigaWordsIn(Long gigaWordsIn) + { + this.gigaWordsIn = gigaWordsIn; + } + + /** + * @return Returns the gigaWordsOut. + */ + public Long getGigaWordsOut() + { + return gigaWordsOut; + } + + /** + * @param gigaWordsOut The gigaWordsOut to set. + */ + public void setGigaWordsOut(Long gigaWordsOut) + { + this.gigaWordsOut = gigaWordsOut; + } + + /** + * @return Returns the octetsIn. + */ + public Long getOctetsIn() + { + return octetsIn; + } + + /** + * @param octetsIn The octetsIn to set. + */ + public void setOctetsIn(Long octetsIn) + { + this.octetsIn = octetsIn; + } + + /** + * @return Returns the octetsOut. + */ + public Long getOctetsOut() + { + return octetsOut; + } + + /** + * @param octetsOut The octetsOut to set. + */ + public void setOctetsOut(Long octetsOut) + { + this.octetsOut = octetsOut; + } + + public Long getTotalOctetsIn() + { + if (octetsIn == null) return null; + long l = octetsIn.longValue(); + if (gigaWordsIn != null) + { + l |= gigaWordsIn.longValue() << 32; + } + return new Long(l); + } + + public Long getTotalOctetsOut() + { + if (octetsOut == null) return null; + long l = octetsOut.longValue(); + if (gigaWordsOut != null) + { + l |= gigaWordsOut.longValue() << 32; + } + return new Long(l); + } + + /** + * @return Returns the packetsIn. + */ + public Long getPacketsIn() + { + return packetsIn; + } + + /** + * @param packetsIn The packetsIn to set. + */ + public void setPacketsIn(Long packetsIn) + { + this.packetsIn = packetsIn; + } + + /** + * @return Returns the packetsOut. + */ + public Long getPacketsOut() + { + return packetsOut; + } + + /** + * @param packetsOut The packetsOut to set. + */ + public void setPacketsOut(Long packetsOut) + { + this.packetsOut = packetsOut; + } + + /** + * @return Returns the terminateCause. + */ + public Long getTerminateCause() + { + return terminateCause; + } + + /** + * @param terminateCause The terminateCause to set. + */ + public void setTerminateCause(Long terminateCause) + { + this.terminateCause = terminateCause; + } + + /** + * @return Returns the radiusClass. + */ + public byte[] getRadiusClass() + { + return radiusClass; + } + + /** + * @param radiusClass The radiusClass to set. + */ + public void setRadiusClass(byte[] radiusClass) + { + this.radiusClass = radiusClass; + } + + /** + * @return Returns the sessionState. + */ + public int getSessionState() + { + return sessionState; + } + + /** + * @param sessionState The sessionState to set. + */ + public void setSessionState(int sessionState) + { + this.sessionState |= sessionState; + } + + /** + * @return Returns the proxyToRealm. + */ + public String getProxyToRealm() + { + return proxyToRealm; + } + + /** + * @param proxyToRealm The proxyToRealm to set. + */ + public void setProxyToRealm(String proxyToRealm) + { + this.proxyToRealm = proxyToRealm; + } + + /** + * @return Returns the secured. + */ + public boolean isSecured() + { + return secured; + } + + /** + * @param secured The secured to set. + */ + public void setSecured(boolean secured) + { + this.secured = secured; + } + + /** + * @return Returns the calledStation. + */ + public String getCalledStationId() + { + return calledStationId; + } + /** + * @param calledStation The calledStation to set. + */ + public void setCalledStationId(String calledStation) + { + this.calledStationId = calledStation; + } + /** + * @return Returns the callingStation. + */ + public String getCallingStationId() + { + return callingStationId; + } + /** + * @param callingStation The callingStation to set. + */ + public void setCallingStationId(String callingStation) + { + this.callingStationId = callingStation; + } + /** + * @return Returns the connectInfo. + */ + public String getConnectInfo() + { + return connectInfo; + } + /** + * @param connectInfo The connectInfo to set. + */ + public void setConnectInfo(String connectInfo) + { + this.connectInfo = connectInfo; + } + + /** + * @return Returns the clientIP. + */ + public String getClientIPAddress() + { + return clientIPAddress; + } + + /** + * @return Returns the framedIPAddress. + */ + public String getFramedIPAddress() + { + return framedIPAddress; + } + /** + * @param framedIPAddress The framedIPAddress to set. + */ + public void setFramedIPAddress(String framedIPAddress) + { + this.framedIPAddress = framedIPAddress; + } + /** + * @param clientIP The clientIP to set. + */ + public void setClientIPAddress(String clientIP) + { + this.clientIPAddress = clientIP; + } + /** + * @return Returns the nasID. + */ + public String getNasIdentifier() + { + return nasIdentifier; + } + /** + * @param nasID The nasID to set. + */ + public void setNasIdentifier(String nasID) + { + this.nasIdentifier = nasID; + } + /** + * @return Returns the nasIP. + */ + public String getNasIPAddress() + { + return nasIPAddress; + } + /** + * @param nasIP The nasIP to set. + */ + public void setNasIPAddress(String nasIP) + { + this.nasIPAddress = nasIP; + } + + public Long getMaxBandwidthDown() + { + return maxBandwidthDown; + } + + public void setMaxBandwidthDown(Long maxBandwidthDown) + { + this.maxBandwidthDown = maxBandwidthDown; + } + + public Long getMaxBandwidthUp() + { + return maxBandwidthUp; + } + + public void setMaxBandwidthUp(Long maxBandwidthUp) + { + this.maxBandwidthUp = maxBandwidthUp; + } + + public Long getMinBandwidthDown() + { + return minBandwidthDown; + } + + public void setMinBandwidthDown(Long minBandwidthDown) + { + this.minBandwidthDown = minBandwidthDown; + } + + public Long getMinBandwidthUp() + { + return minBandwidthUp; + } + + public void setMinBandwidthUp(Long minBandwidthUp) + { + this.minBandwidthUp = minBandwidthUp; + } + /** + * @return Returns the timeStamp. + */ + public long getTimeStamp() + { + return timeStamp; + } + + /** + * @param timeStamp The timeStamp to set. + */ + public void setTimeStamp(long timeStamp) + { + this.timeStamp = timeStamp; + } + + /** + * @return Returns the newSession. + */ + public boolean isNewSession() + { + return newSession; + } + + /** + * @param newSession The newSession to set. + */ + public void setNewSession(boolean newSession) + { + this.newSession = newSession; + } + + public String getJRadiusKey() + { + return jRadiusKey; + } + + public void setJRadiusKey(String jRadiusKey) + { + this.jRadiusKey = jRadiusKey; + } + + public JRadiusRequest getLastRadiusRequest() + { + return lastRadiusRequest; + } + + public void setLastRadiusRequest(JRadiusRequest lastRadiusRequest) + { + this.lastRadiusRequest = lastRadiusRequest; + } + + public Long getMaxOctetsDown() + { + return maxOctetsDown; + } + + public void setMaxOctetsDown(Long maxOctetsDown) + { + this.maxOctetsDown = maxOctetsDown; + } + + public Long getMaxOctetsUp() + { + return maxOctetsUp; + } + + public void setMaxOctetsUp(Long maxOctetsUp) + { + this.maxOctetsUp = maxOctetsUp; + } + + public Long getMaxOctetsTotal() + { + return maxOctetsTotal; + } + + public void setMaxOctetsTotal(Long maxOctetsTotal) + { + this.maxOctetsTotal = maxOctetsTotal; + } + + public String getNasType() + { + return nasType; + } + + public void setNasType(String nasType) + { + this.nasType = nasType; + } + + public String getRedirectURL() + { + return redirectURL; + } + + public void setRedirectURL(String redirectURL) + { + this.redirectURL = redirectURL; + } + + public String toString() + { + return getSessionKey(); + } + + public Date getAuthorizeTime() + { + return authorizeTime; + } + + public void setAuthorizeTime(Date authorizeTime) + { + this.authorizeTime = authorizeTime; + } + + public Long getNasPortType() + { + return nasPortType; + } + + public void setNasPortType(Long nasPortType) + { + this.nasPortType = nasPortType; + } + + public Long getAcctAuthentic() + { + return acctAuthentic; + } + + public void setAcctAuthentic(Long acctAuthentic) + { + this.acctAuthentic = acctAuthentic; + } +} diff --git a/extended/src/main/java/net/jradius/session/RadiusSessionFactory.java b/extended/src/main/java/net/jradius/session/RadiusSessionFactory.java new file mode 100644 index 0000000..b7c86d3 --- /dev/null +++ b/extended/src/main/java/net/jradius/session/RadiusSessionFactory.java @@ -0,0 +1,75 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.session; + +import java.util.Map; + +import net.jradius.exception.RadiusException; +import net.jradius.log.JRadiusLogEntry; +import net.jradius.log.RadiusLogEntry; +import net.jradius.server.JRadiusEvent; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.config.ConfigurationItem; +import net.jradius.server.config.XMLConfiguration; +import net.jradius.util.RadiusRandom; + +import org.apache.commons.configuration.HierarchicalConfiguration; + +/** + * The Default SessionFactory. + * @author Gert Jan Verhoog + * @author David Bird + */ +public class RadiusSessionFactory implements SessionFactory +{ + private Map configMap = null; + + public JRadiusSession getSession(JRadiusRequest request, Object key) throws RadiusException + { + return null; + } + + public JRadiusSession newSession(JRadiusRequest request) throws RadiusException + { + return new RadiusSession(createNewSessionID()); + } + + public JRadiusLogEntry newSessionLogEntry(JRadiusEvent event, JRadiusSession session, String packetId) + { + return new RadiusLogEntry(session, packetId); + } + + protected String createNewSessionID() + { + return RadiusRandom.getRandomString(16); + } + + public String getConfigValue(String name) + { + if (configMap == null) return null; + return (String)configMap.get(name); + } + + public void setConfig(XMLConfiguration config, HierarchicalConfiguration.Node root) + { + this.configMap = ConfigurationItem.getPropertiesFromConfig(config, root); + } +} diff --git a/extended/src/main/java/net/jradius/session/RadiusSessionKeyProvider.java b/extended/src/main/java/net/jradius/session/RadiusSessionKeyProvider.java new file mode 100644 index 0000000..c32930a --- /dev/null +++ b/extended/src/main/java/net/jradius/session/RadiusSessionKeyProvider.java @@ -0,0 +1,234 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.session; + +import java.io.Serializable; + +import net.jradius.dictionary.Attr_AcctSessionId; +import net.jradius.dictionary.Attr_CalledStationId; +import net.jradius.dictionary.Attr_CallingStationId; +import net.jradius.dictionary.Attr_Class; +import net.jradius.dictionary.Attr_NASIPAddress; +import net.jradius.dictionary.Attr_NASIdentifier; +import net.jradius.dictionary.Attr_ServiceType; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.dictionary.vsa_dhcp.Attr_DHCPClientHardwareAddress; +import net.jradius.dictionary.vsa_dhcp.Attr_DHCPGatewayIPAddress; +import net.jradius.dictionary.vsa_dhcp.Attr_DHCPTransactionId; +import net.jradius.dictionary.vsa_jradius.Attr_JRadiusSessionId; +import net.jradius.exception.RadiusException; +import net.jradius.handler.RadiusSessionHandler; +import net.jradius.log.RadiusLog; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.DHCPPacket; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.packet.attribute.value.AttributeValue; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; + +/** + * The Default SessionKeyProvider. + * @author David Bird + */ +public class RadiusSessionKeyProvider implements SessionKeyProvider +{ + /** + * Generates the session key for the given session. If the key is changing, as + * in the case when we move from authentication to accounting, this method will + * return an Object[2] which instructs the session manage to "rehash" the session + * under a new key (for uniqueness). + * + * @param request The JRadiusRequest + * @return the session key, or an array of 2 keys, the second replacing the first + * as the session hash key. + * @throws RadiusException + */ + public Serializable getRequestSessionKey(JRadiusRequest request) throws RadiusException + { + RadiusPacket req = request.getRequestPacket(); + + if (req == null) + { + return null; + } + else if (req instanceof AccessRequest) + { + return getAccessRequestKey(request); + } + else if (req instanceof DHCPPacket) + { + return getDHCPRequestKey(request); + } + else if (req instanceof AccountingRequest) + { + int type = request.getType(); + int status = ((AccountingRequest)req).getAccountingStatusType(); + + Serializable key = getAccountingRequestKey(request); + + if (type == JRadiusServer.JRADIUS_preacct && + ( status == AccountingRequest.ACCT_STATUS_START || + status == AccountingRequest.ACCT_STATUS_ACCOUNTING_ON) ) + { + // rekey the request during pre-accounting + return new Serializable[] { getAccessRequestKey(request), key }; + } + + return key; + } + + return null; + } + + + /** + * Generates a session hash key based on access-request attributes. + * @param request The JRadiusRequest + * @return the session key + * @throws RadiusException + */ + public Serializable getAccessRequestKey(JRadiusRequest request) throws RadiusException + { + RadiusPacket req = request.getRequestPacket(); + StringBuffer sb = new StringBuffer((String)request.getSender()); + sb.append(":").append(getKeyFromAttributeType(req, Attr_NASIPAddress.TYPE, true)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_NASIdentifier.TYPE, false)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_UserName.TYPE, false)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_CallingStationId.TYPE, false)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_CalledStationId.TYPE, false)); + return sb.toString(); + } + + /** + * Generates a session hash key based on dhcp-packet attributes. + * @param request The JRadiusRequest + * @return the session key + * @throws RadiusException + */ + public Serializable getDHCPRequestKey(JRadiusRequest request) throws RadiusException + { + RadiusPacket req = request.getRequestPacket(); + StringBuffer sb = new StringBuffer((String)request.getSender()); + sb.append(":").append(getKeyFromAttributeType(req, Attr_DHCPGatewayIPAddress.TYPE, true)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_DHCPTransactionId.TYPE, true)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_DHCPClientHardwareAddress.TYPE, true)); + return sb.toString(); + } + + /** + * Gets the JRadius Class attribute containing the session key, if attribute exists. + * @param request The JRadiusRequest + * @return the session key + * @throws RadiusException + */ + public Serializable getClassKey(JRadiusRequest request) throws RadiusException + { + RadiusPacket req = request.getRequestPacket(); + // Look for our own Class attribute value + byte[] bClass = (byte[]) req.getAttributeValue(Attr_Class.TYPE); + if (bClass != null) + { + String sClass = new String(bClass); + if (sClass.startsWith(RadiusSessionHandler.ClassPrefix)) + { + RadiusLog.debug("Using " + sClass); + return sClass.substring(RadiusSessionHandler.ClassPrefix.length()); + } + } + return null; + } + + /** + * Generates a session hash key based on accounting-request attribtues. + * @param request The JRadiusRequest + * @return the session key + * @throws RadiusException + */ + public Serializable getAccountingRequestKey(JRadiusRequest request) throws RadiusException + { + RadiusPacket req = request.getRequestPacket(); + StringBuffer sb = new StringBuffer((String)request.getSender()); + sb.append(":").append(getKeyFromAttributeType(req, Attr_NASIPAddress.TYPE, true)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_AcctSessionId.TYPE, true)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_NASIdentifier.TYPE, false)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_UserName.TYPE, false)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_CallingStationId.TYPE, false)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_CalledStationId.TYPE, false)); + return sb.toString(); + } + + /** + * Gets the session key based on the JRadiusSessionId attribute in the configItems. + * @param request The JRadiusRequest + * @return the session key + * @throws RadiusException + */ + public Serializable getAppSessionKey(JRadiusRequest request) throws RadiusException + { + AttributeList ci = request.getConfigItems(); + + // If we already have seen this packet (in the chain or + // within the same FreeRADIUS request - multiple calls to JRadius) + // we can grab the JRadius-Session-Id. + RadiusAttribute a = ci.get(Attr_JRadiusSessionId.TYPE); + if (a != null) return a.getValue().getValueObject(); + + return null; + } + + public Serializable getTunneledRequestKey(JRadiusRequest request) throws RadiusException + { + RadiusPacket req = request.getRequestPacket(); + StringBuffer sb = new StringBuffer((String)request.getSender()); + + sb.append(":").append(getKeyFromAttributeType(req, Attr_NASIdentifier.TYPE, true)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_NASIPAddress.TYPE, true)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_AcctSessionId.TYPE, false)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_CallingStationId.TYPE, false)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_CalledStationId.TYPE, false)); + sb.append(":").append(getKeyFromAttributeType(req, Attr_ServiceType.TYPE, false)); + + return sb.toString(); + } + + protected Serializable getKeyFromAttributeType(RadiusPacket req, long type, boolean required) throws RadiusException + { + RadiusAttribute a = req.findAttribute(type); + + if (a == null) + { + if (required) + { + a = AttributeFactory.newAttribute(type, null); + throw new RadiusException("Missing required attribute: " + a.getAttributeName()); + } + return null; + } + + AttributeValue v = a.getValue(); + return v.toString(); + } +} diff --git a/extended/src/main/java/net/jradius/session/RadiusSessionSupportExt.java b/extended/src/main/java/net/jradius/session/RadiusSessionSupportExt.java new file mode 100644 index 0000000..01dd059 --- /dev/null +++ b/extended/src/main/java/net/jradius/session/RadiusSessionSupportExt.java @@ -0,0 +1,37 @@ +package net.jradius.session; + +import net.jradius.dictionary.Attr_AcctInterimInterval; +import net.jradius.dictionary.Attr_IdleTimeout; +import net.jradius.dictionary.Attr_SessionTimeout; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.packet.attribute.AttributeList; + +public class RadiusSessionSupportExt +{ + public static void addAccessAcceptAttribtues(JRadiusSession session, AttributeList attrs) + { + String s; + Long i; + + if ((s = session.getUsername()) != null) + { + attrs.remove(Attr_UserName.TYPE); + attrs.add(new Attr_UserName(s)); + } + if ((i = session.getSessionTimeout()) != null) + { + attrs.remove(Attr_SessionTimeout.TYPE); + attrs.add(new Attr_SessionTimeout(i)); + } + if ((i = session.getIdleTimeout()) != null && i.longValue() > 0) + { + attrs.remove(Attr_IdleTimeout.TYPE); + attrs.add(new Attr_IdleTimeout(i)); + } + if ((i = session.getInterimInterval()) != null && i.longValue() > 0) + { + attrs.remove(Attr_AcctInterimInterval.TYPE); + attrs.add(new Attr_AcctInterimInterval(i)); + } + } +} diff --git a/extended/src/main/java/net/jradius/standard/IRAPStandard.java b/extended/src/main/java/net/jradius/standard/IRAPStandard.java new file mode 100644 index 0000000..0c05751 --- /dev/null +++ b/extended/src/main/java/net/jradius/standard/IRAPStandard.java @@ -0,0 +1,200 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.standard; + +import java.util.LinkedList; + +import net.jradius.dictionary.Attr_AcctDelayTime; +import net.jradius.dictionary.Attr_AcctInputOctets; +import net.jradius.dictionary.Attr_AcctInputPackets; +import net.jradius.dictionary.Attr_AcctOutputOctets; +import net.jradius.dictionary.Attr_AcctOutputPackets; +import net.jradius.dictionary.Attr_AcctSessionId; +import net.jradius.dictionary.Attr_AcctSessionTime; +import net.jradius.dictionary.Attr_AcctStatusType; +import net.jradius.dictionary.Attr_AcctTerminateCause; +import net.jradius.dictionary.Attr_CalledStationId; +import net.jradius.dictionary.Attr_CallingStationId; +import net.jradius.dictionary.Attr_EAPMessage; +import net.jradius.dictionary.Attr_FramedIPAddress; +import net.jradius.dictionary.Attr_MessageAuthenticator; +import net.jradius.dictionary.Attr_NASIPAddress; +import net.jradius.dictionary.Attr_NASIdentifier; +import net.jradius.dictionary.Attr_NASPort; +import net.jradius.dictionary.Attr_NASPortType; +import net.jradius.dictionary.Attr_TerminationAction; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.dictionary.Attr_UserPassword; +import net.jradius.dictionary.vsa_microsoft.Attr_MSMPPERecvKey; +import net.jradius.dictionary.vsa_microsoft.Attr_MSMPPESendKey; +import net.jradius.exception.StandardViolatedException; +import net.jradius.packet.AccessAccept; +import net.jradius.packet.AccessChallenge; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.RadiusPacket; + +/** + * Implementation of the IRAP Interface 2 & 3 requirements for RADIUS. + * See http://www.goirap.org/ for more details and documenation. + * + * @author David Bird + */ +public class IRAPStandard extends RadiusStandard +{ + static final long[] requiredAccessRequest = { + Attr_UserName.TYPE, + Attr_NASIPAddress.TYPE, + Attr_NASPort.TYPE, + Attr_NASPortType.TYPE, + Attr_NASIdentifier.TYPE, + Attr_CalledStationId.TYPE, + Attr_CallingStationId.TYPE, + }; + + static final long[] requiredUAMAccessRequest = { + Attr_UserPassword.TYPE, + }; + + static final long[] requiredEAPAccessRequest = { + Attr_EAPMessage.TYPE, + Attr_MessageAuthenticator.TYPE, + }; + + static final long[] requiredEAPAccessChallenge = { + Attr_EAPMessage.TYPE, + Attr_MessageAuthenticator.TYPE, + }; + + static final long[] requiredEAPAccessReject = { + Attr_EAPMessage.TYPE, + Attr_MessageAuthenticator.TYPE, + }; + + static final long[] requiredAccessAccept = { + Attr_UserName.TYPE, + }; + + static final long[] requiredEAPAccessAccept = { + Attr_EAPMessage.TYPE, + Attr_MessageAuthenticator.TYPE, + Attr_TerminationAction.TYPE, + Attr_MSMPPERecvKey.TYPE, + Attr_MSMPPESendKey.TYPE, + }; + + static final long[] requiredAccountingRequest = { + Attr_UserName.TYPE, + Attr_NASIPAddress.TYPE, + Attr_NASPort.TYPE, + Attr_NASPortType.TYPE, + Attr_NASIdentifier.TYPE, + Attr_AcctStatusType.TYPE, + Attr_AcctDelayTime.TYPE, + Attr_AcctSessionId.TYPE, + Attr_FramedIPAddress.TYPE, + Attr_CalledStationId.TYPE, + Attr_CallingStationId.TYPE, + }; + + static final long[] requiredAccountingInterimRequest = { + Attr_AcctInputOctets.TYPE, + Attr_AcctOutputOctets.TYPE, + Attr_AcctInputPackets.TYPE, + Attr_AcctOutputPackets.TYPE, + Attr_AcctSessionTime.TYPE, + }; + + static final long[] requiredAccountingStopRequest = { + Attr_AcctTerminateCause.TYPE, + }; + + private boolean IEEE8021XRequired = false; + + public String getName() { return "IRAP"; } + + /** + * @see net.jradius.standard.RadiusStandard#checkPacket(net.jradius.packet.RadiusPacket) + */ + public void checkPacket(RadiusPacket p, long[] ignore) throws StandardViolatedException + { + LinkedList missing = new LinkedList(); + boolean testAs8021X = false; + + if (isIEEE8021XRequired()) testAs8021X = true; + else testAs8021X = p.findAttribute(Attr_EAPMessage.TYPE) != null; + + switch(p.getCode()) + { + case AccessRequest.CODE: + checkMissing(p, missing, requiredAccessRequest, ignore); + checkMissing(p, missing, testAs8021X ? requiredEAPAccessRequest : requiredUAMAccessRequest, ignore); + break; + + case AccessChallenge.CODE: + if (testAs8021X) checkMissing(p, missing, requiredEAPAccessChallenge, ignore); + break; + + case AccessAccept.CODE: + checkMissing(p, missing, requiredAccessAccept, ignore); + if (testAs8021X) checkMissing(p, missing, requiredEAPAccessAccept, ignore); + break; + + case AccountingRequest.CODE: + { + checkMissing(p, missing, requiredAccountingRequest, ignore); + + switch(((AccountingRequest)p).getAccountingStatusType()) + { + case AccountingRequest.ACCT_STATUS_START: + // no additional requirements + break; + case AccountingRequest.ACCT_STATUS_STOP: + checkMissing(p, missing, requiredAccountingStopRequest, ignore); + // fall through + case AccountingRequest.ACCT_STATUS_INTERIM: + checkMissing(p, missing, requiredAccountingInterimRequest, ignore); + break; + } + } + break; + } + + if (!missing.isEmpty()) + throw new StandardViolatedException(this.getClass(), missing); + } + + /** + * @return Returns the iEEE8021XRequired. + */ + public boolean isIEEE8021XRequired() + { + return IEEE8021XRequired; + } + /** + * @param required The iEEE8021XRequired to set. + */ + public void setIEEE8021XRequired(boolean required) + { + IEEE8021XRequired = required; + } +} diff --git a/extended/src/main/java/net/jradius/standard/WISPrStandard.java b/extended/src/main/java/net/jradius/standard/WISPrStandard.java new file mode 100644 index 0000000..be1e2fa --- /dev/null +++ b/extended/src/main/java/net/jradius/standard/WISPrStandard.java @@ -0,0 +1,173 @@ +/** + * JRadius - A RADIUS Server Java Adapter + * Copyright (C) 2004-2005 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.standard; + +import java.util.LinkedList; + +import net.jradius.dictionary.Attr_AcctDelayTime; +import net.jradius.dictionary.Attr_AcctInputOctets; +import net.jradius.dictionary.Attr_AcctInputPackets; +import net.jradius.dictionary.Attr_AcctInterimInterval; +import net.jradius.dictionary.Attr_AcctOutputOctets; +import net.jradius.dictionary.Attr_AcctOutputPackets; +import net.jradius.dictionary.Attr_AcctSessionId; +import net.jradius.dictionary.Attr_AcctSessionTime; +import net.jradius.dictionary.Attr_AcctStatusType; +import net.jradius.dictionary.Attr_CalledStationId; +import net.jradius.dictionary.Attr_Class; +import net.jradius.dictionary.Attr_FramedIPAddress; +import net.jradius.dictionary.Attr_IdleTimeout; +import net.jradius.dictionary.Attr_NASIPAddress; +import net.jradius.dictionary.Attr_NASIdentifier; +import net.jradius.dictionary.Attr_NASPortType; +import net.jradius.dictionary.Attr_ReplyMessage; +import net.jradius.dictionary.Attr_ServiceType; +import net.jradius.dictionary.Attr_SessionTimeout; +import net.jradius.dictionary.Attr_State; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.dictionary.Attr_UserPassword; +import net.jradius.exception.StandardViolatedException; +import net.jradius.packet.AccessAccept; +import net.jradius.packet.AccessReject; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.RadiusPacket; + +/** + * Implementation of the WISPr requirements for RADIUS packets as defined below: + * 

+ *   Attribute              Type     Au R Ac  (Au=Auth Req, R=Auth Reply, Ac=Acct Req)
+ * ------------------------------------------------------------------------------------
+ *   User-Name              1 String  X   X User enters full NAI
+ *   User-Password          2 String  X
+ *   NAS-IP-Address         4 Ipaddr  X   X IP Address of the Access Gateway
+ *   Service-Type           6 Integer X     Must be set to Login (1)
+ *   Framed-IP-Address      8 Ipaddr  X   X IP Address of the User
+ *   Reply-Message         18 String    X   Text of reject reason if present
+ *   State                 24 String  X X
+ *   Class                 25 String    X X
+ *   Session-Timeout       27 Integer   X   Forced logout once timeout period
+ *                                          reached (seconds)
+ *   Idle-Timeout          28 Integer   X   Implicit logout inactivity timeout period
+ *                                          (seconds)
+ *   Called-Station-ID     30 String  X   X This field should contain the MAC
+ *                                          address or other information identifying
+ *                                          the Access Gateway
+ *   NAS-ID                32 String  X   X
+ *   Acct-Status-Type      40 Integer     X 1 = Start, 2 = Stop, 3 = Interim Update
+ *   Acct-Delay-Time       41 Integer     X Delay (seconds) between Acctg Event
+ *                                          and when Acct-Req sent (doesn't
+ *                                          include estimated network transit time)
+ *   Acct-Input-Octets     42 Integer     X
+ *   Acct-Output-Octets    43 Integer     X
+ *   Acct-Session-ID       44 String  X X X
+ *   Acct-Session-Time     46 Integer     X Call duration in seconds (already
+ *                                          compensated for idle timeout)
+ *   Acct-Input-Packets    47 Integer     X
+ *   Acct-Output-Packets   48 Integer     X
+ *   Acct-Terminate-Cause  49 Integer     X 1 = Explicit Logoff, 4 = Idle Timeout,
+ *                                          5 = Session Timeout, 6 = Admin Reset,
+ *                                          9 = NAS Error, 10 = NAS Request,
+ *                                          11 = NAS Reboot
+ *   NAS-Port-Type         61 Integer X   X 15 = Ethernet, 19 = 802.11
+ *   Acct-Interim-Interval 85 Integer   X   Interval (seconds) to send accounting
+ *                                          updates
+ * ------------------------------------------------------------------------------------
+ *
+ * + * @author David Bird + */ +public class WISPrStandard extends RadiusStandard +{ + // TODO: use the class TYPEs instead of the raw numbers... see example below + static final long[] requiredAccessRequest = + { + Attr_UserName.TYPE, + Attr_UserPassword.TYPE, + Attr_NASIPAddress.TYPE, + Attr_ServiceType.TYPE, + Attr_FramedIPAddress.TYPE, + Attr_State.TYPE, + Attr_CalledStationId.TYPE, + Attr_NASIdentifier.TYPE, + Attr_AcctSessionId.TYPE, + Attr_NASPortType.TYPE + }; + + static final long[] requiredAccessAccept = { + Attr_ReplyMessage.TYPE, + Attr_State.TYPE, + Attr_Class.TYPE, + Attr_SessionTimeout.TYPE, + Attr_IdleTimeout.TYPE, + Attr_AcctSessionId.TYPE, + Attr_AcctInterimInterval.TYPE + }; + + static final long[] requiredAccounting = { + Attr_UserName.TYPE, + Attr_NASIPAddress.TYPE, + Attr_FramedIPAddress.TYPE, + Attr_Class.TYPE, + Attr_CalledStationId.TYPE, + Attr_NASIdentifier.TYPE, + Attr_AcctStatusType.TYPE, + Attr_AcctDelayTime.TYPE, + Attr_AcctInputOctets.TYPE, + Attr_AcctOutputOctets.TYPE, + Attr_AcctSessionId.TYPE, + Attr_AcctSessionTime.TYPE, + Attr_AcctInputPackets.TYPE, + Attr_AcctOutputPackets.TYPE, + Attr_NASPortType.TYPE + }; + + public String getName() { return "WISPr"; } + + /** + * @see net.jradius.standard.RadiusStandard#checkPacket(net.jradius.packet.RadiusPacket) + */ + public void checkPacket(RadiusPacket p, long[] ignore) throws StandardViolatedException + { + LinkedList missing = new LinkedList(); + + switch(p.getCode()) + { + case AccessRequest.CODE: + checkMissing(p, missing, requiredAccessRequest, ignore); + break; + + case AccessAccept.CODE: + checkMissing(p, missing, requiredAccessAccept, ignore); + break; + + case AccessReject.CODE: + break; + + case AccountingRequest.CODE: + checkMissing(p, missing, requiredAccounting, ignore); + break; + } + if (!missing.isEmpty()) + throw new StandardViolatedException(this.getClass(), missing); + } +} diff --git a/extended/src/main/java/net/jradius/webservice/OTPProxyException.java b/extended/src/main/java/net/jradius/webservice/OTPProxyException.java new file mode 100644 index 0000000..0a0b5ed --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/OTPProxyException.java @@ -0,0 +1,32 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.webservice; + +/** + * @author David Bird + */ +public class OTPProxyException extends WebServiceException +{ + public OTPProxyException(String s) + { + super(s); + } +} diff --git a/extended/src/main/java/net/jradius/webservice/OTPProxyProcessor.java b/extended/src/main/java/net/jradius/webservice/OTPProxyProcessor.java new file mode 100644 index 0000000..9e93632 --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/OTPProxyProcessor.java @@ -0,0 +1,101 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.webservice; + +import java.io.BufferedReader; +import java.io.BufferedWriter; +import java.io.IOException; +import java.io.InputStreamReader; +import java.io.OutputStreamWriter; +import java.net.Socket; + +import net.jradius.exception.RadiusException; +import net.jradius.realm.JRadiusRealm; +import net.jradius.realm.JRadiusRealmManager; +import net.jradius.server.ListenerRequest; +import net.jradius.server.Processor; +import net.jradius.server.TCPListenerRequest; + +/** + * @author David Bird + */ +public class OTPProxyProcessor extends Processor +{ + protected void processRequest(ListenerRequest listenerRequest) throws IOException, RadiusException + { + Socket socket = ((TCPListenerRequest)listenerRequest).getSocket(); + try + { + WebServiceListener wsListener = (WebServiceListener)listenerRequest.getListener(); + socket.setSoTimeout(7000); // 7 second read timeout + + BufferedReader reader = new BufferedReader(new InputStreamReader(socket.getInputStream())); + BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream())); + + String userName = reader.readLine(); + + String realmName = realmFromUserName(userName); + if (realmName == null) error(writer,"No realm given"); + + JRadiusRealm realm = JRadiusRealmManager.get(realmName); + if (realm == null) error(writer, "Unrecognized realm: " + realmName); + + OTPProxyRequest request = new OTPProxyRequest(wsListener, userName, realm, socket, reader, writer); + + request.start(); + wsListener.put(request); + } + catch (Exception e) + { + socket.close(); + throw new RadiusException(e); + } + } + + protected void error(BufferedWriter writer, String e) throws IOException, RadiusException + { + writer.write("error:"+e+"\n"); + writer.flush(); + + throw new OTPProxyException(e); + } + + protected String realmFromUserName(String username) throws OTPProxyException + { + int idx; + + if ((idx = username.indexOf("/")) > 0 || + (idx = username.indexOf("\\")) > 0) + { + // Prefix Realm - takes priority over Postfix + return username.substring(0, idx); + } + + if ((idx = username.indexOf("@")) > 0) + { + // Postfix Realm + return username.substring(idx + 1); + } + + return null; + } +} diff --git a/extended/src/main/java/net/jradius/webservice/OTPProxyRequest.java b/extended/src/main/java/net/jradius/webservice/OTPProxyRequest.java new file mode 100644 index 0000000..2b32d3e --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/OTPProxyRequest.java @@ -0,0 +1,352 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2007 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.webservice; + +import java.io.BufferedReader; +import java.io.BufferedWriter; +import java.io.IOException; +import java.net.InetAddress; +import java.net.Socket; +import java.net.UnknownHostException; +import java.util.Iterator; + +import net.jradius.client.RadiusClient; +import net.jradius.client.auth.EAPAuthenticator; +import net.jradius.dictionary.Attr_AcctDelayTime; +import net.jradius.dictionary.Attr_AcctInputGigawords; +import net.jradius.dictionary.Attr_AcctInputOctets; +import net.jradius.dictionary.Attr_AcctInputPackets; +import net.jradius.dictionary.Attr_AcctOutputGigawords; +import net.jradius.dictionary.Attr_AcctOutputOctets; +import net.jradius.dictionary.Attr_AcctOutputPackets; +import net.jradius.dictionary.Attr_AcctSessionId; +import net.jradius.dictionary.Attr_AcctSessionStartTime; +import net.jradius.dictionary.Attr_AcctSessionTime; +import net.jradius.dictionary.Attr_AcctStatusType; +import net.jradius.dictionary.Attr_AcctTerminateCause; +import net.jradius.dictionary.Attr_CalledStationId; +import net.jradius.dictionary.Attr_CallingStationId; +import net.jradius.dictionary.Attr_NASIPAddress; +import net.jradius.dictionary.Attr_NASIdentifier; +import net.jradius.dictionary.Attr_NASPort; +import net.jradius.dictionary.Attr_NASPortType; +import net.jradius.dictionary.Attr_ServiceType; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.dictionary.vsa_jradius.Attr_JRadiusSessionId; +import net.jradius.exception.RadiusException; +import net.jradius.log.RadiusLog; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.RadiusRequest; +import net.jradius.packet.RadiusResponse; +import net.jradius.packet.attribute.AttributeDictionary; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.realm.JRadiusRealm; +import net.jradius.server.JRadiusThread; +import net.jradius.util.Base64; +import net.jradius.util.RadiusRandom; + +/** + * OTP Proxy Web Service Request. This thread give the client a one-time + * username and password and does the EAP proxy in a RadiusClient for the request. + * + * @author David Bird + */ +public class OTPProxyRequest extends JRadiusThread implements WebServiceRequestObject +{ + private final WebServiceListener wsListener; + private String userName; + private JRadiusRealm radiusRealm; + private String otpName; + private String otpPassword; + private Socket socket; + private BufferedReader reader; + private BufferedWriter writer; + private RadiusClient radiusClient; + private AttributeList reqList = new AttributeList(); + + private long timeout = 30000; + + private class PacketLocker + { + RadiusPacket packet; + public synchronized RadiusPacket getPacket() throws InterruptedException + { + if (packet == null) wait(timeout); + return packet; + } + public synchronized void setPacket(RadiusPacket packet) + { + this.packet = packet; + notify(); + } + } + + private PacketLocker accessRequest = new PacketLocker(); + private PacketLocker accessResponse = new PacketLocker(); + + public OTPProxyRequest(WebServiceListener wsListener, String userName, JRadiusRealm realm, Socket socket, BufferedReader reader, BufferedWriter writer) throws OTPProxyException + { + this.wsListener = wsListener; + this.userName = userName; + this.otpName = RadiusRandom.getRandomString(16); + this.otpPassword = RadiusRandom.getRandomString(16); + this.socket = socket; + this.reader = reader; + this.writer = writer; + this.radiusRealm = realm; + + try + { + radiusClient = new RadiusClient(InetAddress.getByName(this.radiusRealm.getServer()), this.radiusRealm.getSharedSecret()); + } + catch (UnknownHostException e) + { + throw new OTPProxyException(e.getMessage()); + } + } + + public void delete() + { + shutdown(); + } + + public String getKey() + { + return getOtpName(); + } + + public void run() + { + try + { + writer.write(getOtpName()); + writer.write("\n"); + writer.write(getOtpPassword()); + writer.write("\n"); + writer.flush(); + + RadiusRequest request = getAccessRequest(); + + if (request == null) + { + RadiusLog.error("we never got the access request"); + abort(null); + return; + } + + AttributeList attrs = request.getAttributes(); + + for (Iterator i=attrs.getAttributeList().iterator(); i.hasNext();) + { + RadiusAttribute at = (RadiusAttribute)i.next(); + long type = at.getFormattedType(); + if (type == Attr_CalledStationId.TYPE || + type == Attr_CallingStationId.TYPE || + type == Attr_NASIPAddress.TYPE || + type == Attr_NASIdentifier.TYPE || + type == Attr_ServiceType.TYPE || + type == Attr_JRadiusSessionId.TYPE || + type == Attr_NASPortType.TYPE || + type == Attr_NASPort.TYPE) + reqList.add(AttributeFactory.newAttribute(type, at.getValue().getBytes())); + } + + reqList.add(new Attr_UserName(userName)); + reqList.add(new Attr_AcctSessionId(RadiusRandom.getRandomString(16))); + + AccessRequest realRequest = new AccessRequest(radiusClient, reqList); + + RadiusLog.debug( + "------------------------------------------------\n"+ + "OTP Proxy Request:\n" + realRequest.toString()+ + "------------------------------------------------\n"); + + RadiusResponse reply = radiusClient.authenticate(realRequest, new EAPRelayAuthenticator(), 5); + + setAccessResponse(reply); + } + catch (Exception e) + { + e.printStackTrace(); + abort(e); + } + } + + public String getOtpName() + { + return otpName; + } + + public String getOtpPassword() + { + return otpPassword; + } + + public String getUserName() + { + return userName; + } + + public JRadiusRealm getRadiusRealm() + { + return radiusRealm; + } + + public void setAccessRequest(RadiusRequest accessRequest) + { + this.accessRequest.setPacket(accessRequest); + } + + public void setAccessResponse(RadiusResponse accessResponse) + { + this.accessResponse.setPacket(accessResponse); + } + + public RadiusRequest getAccessRequest() throws InterruptedException + { + RadiusPacket p = this.accessRequest.getPacket(); + if (p == null) + { + RadiusLog.error("we never got the access request"); + abort(null); + } + return (RadiusRequest)p; + } + + public RadiusResponse getAccessResponse() throws InterruptedException + { + RadiusPacket p = this.accessResponse.getPacket(); + if (p == null) + { + RadiusLog.error("we never got the access response"); + abort(null); + } + return (RadiusResponse)p; + } + + public void updateAccounting(AccountingRequest acctRequest) throws RadiusException + { + AccountingRequest newRequest = new AccountingRequest(radiusClient, reqList); + + AttributeList attrs = acctRequest.getAttributes(); + for (Iterator i=attrs.getAttributeList().iterator(); i.hasNext();) + { + RadiusAttribute at = (RadiusAttribute)i.next(); + long type = at.getFormattedType(); + if (type == Attr_AcctInputOctets.TYPE || + type == Attr_AcctOutputOctets.TYPE || + type == Attr_AcctInputGigawords.TYPE || + type == Attr_AcctOutputGigawords.TYPE || + type == Attr_AcctInputPackets.TYPE || + type == Attr_AcctOutputPackets.TYPE || + type == Attr_AcctTerminateCause.TYPE || + type == Attr_AcctSessionStartTime.TYPE || + type == Attr_AcctDelayTime.TYPE || + type == Attr_AcctSessionTime.TYPE || + type == Attr_AcctStatusType.TYPE) + newRequest.addAttribute(AttributeFactory.newAttribute(type, at.getValue().getBytes())); + } + radiusClient.accounting(newRequest, 2); + } + + private byte[] readData() + { + try + { + String line = reader.readLine(); + RadiusLog.debug("OtpProxy: read-"+line); + if (line.startsWith("eap:")) + { + return Base64.decode(line.substring(4)); + } + } + catch (Exception e) + { + abort(e); + } + return null; + } + + private byte[] relayEAP(byte[] eapIn) + { + try + { + String line = "eap:"+Base64.encodeBytes(eapIn, Base64.DONT_BREAK_LINES)+"\n"; + writer.write(line); + writer.flush(); + RadiusLog.debug("OtpProxy: write-"+line); + return readData(); + } + catch (IOException e) + { + abort(e); + } + return null; + } + + public void abort(Exception e) + { + if (e==null) RadiusLog.error("aborting otp proxy request"); + else e.printStackTrace(); + wsListener.remove(this); + shutdown(); + } + + public void shutdown() + { + try + { + writer.close(); + reader.close(); + socket.close(); + radiusClient.close(); + } + catch (IOException e) { } + } + + private class EAPRelayAuthenticator extends EAPAuthenticator + { + public void processRequest(RadiusPacket p) throws RadiusException + { + p.addAttribute(AttributeFactory.newAttribute(AttributeDictionary.EAP_MESSAGE, readData())); + } + + public byte[] doEAP(byte[] eapReply) + { + return relayEAP(eapReply); + } + + public byte[] doEAPType(byte id, byte[] data) + { + return null; + } + + public String getAuthName() + { + return "OTPProxy-EAP-Callback"; + } + } +} diff --git a/extended/src/main/java/net/jradius/webservice/SSOProxyService.java b/extended/src/main/java/net/jradius/webservice/SSOProxyService.java new file mode 100644 index 0000000..5bcac03 --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/SSOProxyService.java @@ -0,0 +1,137 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.webservice; + +import gnu.crypto.cipher.CipherFactory; +import gnu.crypto.cipher.IBlockCipher; +import gnu.crypto.util.Base64; + +import java.net.URLDecoder; +import java.security.InvalidKeyException; +import java.util.HashMap; +import java.util.Map; + +import net.jradius.handler.EventHandlerBase; +import net.jradius.log.RadiusLog; +import net.jradius.server.JRadiusEvent; +import net.jradius.session.JRadiusSession; +import net.jradius.session.JRadiusSessionManager; + + +public class SSOProxyService extends EventHandlerBase +{ + private String defaultURL = "http://jradius.net/"; + private String cipherType = "Blowfish"; + private String cipherKey = "changeme"; + + public boolean doesHandle(JRadiusEvent event) + { + WebServiceRequest request = (WebServiceRequest) event; + String path = request.getUri().getPath(); + return path.startsWith("/sso/"); + } + + public boolean handle(JRadiusEvent event) throws Exception + { + WebServiceRequest request = (WebServiceRequest) event; + + String path = request.getUri().getRawPath(); + RadiusLog.debug("SSO Proxy Request: " + path); + + String[] parts = path.split("/", 3); + if (parts.length != 3) throw new WebServiceException("invalid request"); + + String command = parts[1]; + String payload = parts[2]; + + if (!"sso".equals(command)) throw new WebServiceException("invalid command"); + if (payload == null) throw new WebServiceException("invalid security"); + + IBlockCipher cipher = CipherFactory.getInstance(cipherType); + Map attributes = new HashMap(); + attributes.put(IBlockCipher.KEY_MATERIAL, cipherKey.getBytes()); + + try + { + cipher.init(attributes); + } + catch(InvalidKeyException e) + { + e.printStackTrace(); + } + + int bs = cipher.currentBlockSize(); + byte[] data = Base64.decode(payload); + byte[] plaintext = new byte[(data.length / bs + 1) * bs]; + + for (int i = 0; i + bs < data.length; i += bs) + { + cipher.decryptBlock(data, i, plaintext, i); + } + + String scommand = URLDecoder.decode(new String(plaintext).trim(), "US-ASCII"); + RadiusLog.debug("Secure command: " + scommand); + String session = scommand.substring("session=".length()); + + JRadiusSession radiusSession = (JRadiusSession)JRadiusSessionManager.getManager(request.getSender()).getSession(null, session); + + WebServiceResponse response = new WebServiceResponse(); + Map headers = response.getHeaders(); + + String url = radiusSession.getRedirectURL(); + if (url == null) url = defaultURL; + headers.put("Location", url); + + request.setResponse(response); + + return false; + } + + public String getCipherKey() + { + return cipherKey; + } + + public void setCipherKey(String cipherKey) + { + this.cipherKey = cipherKey; + } + + public String getCipherType() + { + return cipherType; + } + + public void setCipherType(String cipherType) + { + this.cipherType = cipherType; + } + + public String getDefaultURL() + { + return defaultURL; + } + + public void setDefaultURL(String defaultURL) + { + this.defaultURL = defaultURL; + } +} diff --git a/extended/src/main/java/net/jradius/webservice/WebServiceException.java b/extended/src/main/java/net/jradius/webservice/WebServiceException.java new file mode 100644 index 0000000..0dfd560 --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/WebServiceException.java @@ -0,0 +1,34 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.webservice; + +import net.jradius.exception.RadiusException; + +/** + * @author David Bird + */ +public class WebServiceException extends RadiusException +{ + public WebServiceException(String s) + { + super(s); + } +} diff --git a/extended/src/main/java/net/jradius/webservice/WebServiceListener.java b/extended/src/main/java/net/jradius/webservice/WebServiceListener.java new file mode 100644 index 0000000..0d2b152 --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/WebServiceListener.java @@ -0,0 +1,272 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2006 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.webservice; + +import java.io.DataInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.URI; +import java.net.URISyntaxException; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; +import java.util.StringTokenizer; + +import net.jradius.server.JRadiusEvent; +import net.jradius.server.TCPListener; +import net.sf.ehcache.Cache; +import net.sf.ehcache.CacheException; +import net.sf.ehcache.CacheManager; +import net.sf.ehcache.Ehcache; +import net.sf.ehcache.Element; +import net.sf.ehcache.event.CacheEventListener; + +import org.springframework.beans.factory.InitializingBean; + + +/** + * JRadius TCP/SSL Proxy Listen + * + * @author David Bird + */ +public class WebServiceListener extends TCPListener implements InitializingBean, CacheEventListener +{ + private String cacheName = "ws-requests"; + private Map requestMap; + private CacheManager cacheManager; + private Ehcache requestCache; + private Integer timeToLive; + private Integer idleTime; + + public JRadiusEvent parseRequest(InputStream inputStream) throws IOException, WebServiceException + { + DataInputStream reader = new DataInputStream(inputStream); + WebServiceRequest request = new WebServiceRequest(); + + String line = reader.readLine(); + if (line == null) throw new WebServiceException("Invalid relay request"); + + StringTokenizer tokens = new StringTokenizer(line); + String method = tokens.nextToken(); + String uri = tokens.nextToken(); + String httpVersion = tokens.nextToken(); + + if ("GET".equals(method)) request.setMethod(WebServiceRequest.GET); + else if ("POST".equals(method)) request.setMethod(WebServiceRequest.POST); + else if ("PUT".equals(method)) request.setMethod(WebServiceRequest.PUT); + else throw new WebServiceException("Does not handle HTTP request method: " + method); + + request.setHttpVersion(httpVersion); + + try + { + request.setUri(new URI(uri)); + } + catch (URISyntaxException e) + { + throw new WebServiceException(e.getMessage()); + } + + Map headers = getHeaders(reader); + request.setHeaderMap(headers); + + String clen = headers.get("content-length"); + if (clen != null) + { + request.setContent(getContent(reader, Integer.parseInt(clen))); + } + + return request; + } + + private Map getHeaders(DataInputStream reader) throws IOException + { + LinkedHashMap map = new LinkedHashMap(); + String line; + do + { + line = reader.readLine().trim(); + if (line != null && line.length() > 0) + { + String[] parts = line.split(":", 2); + if (parts != null && parts.length == 2) + { + map.put(parts[0].toLowerCase().trim(), parts[1].trim()); + } + else break; + } + else break; + } + while (true); + + return map; + } + + private byte[] getContent(DataInputStream reader, int clen) throws IOException + { + byte[] buf = new byte[clen]; + reader.readFully(buf); + return buf; + } + + public void remove(OTPProxyRequest request) + { + request.interrupt(); + if (requestMap != null) + requestMap.remove(request.getOtpName()); + else + requestCache.remove(request.getOtpName()); + } + + public void put(WebServiceRequestObject obj) + { + if (requestMap != null) + requestMap.put(obj.getKey(), obj); + else + requestCache.put(new Element(obj.getKey(), obj)); + } + + public WebServiceRequestObject get(String username) + { + if (requestMap != null) + return (WebServiceRequestObject)requestMap.get(username); + Element e = requestCache.get(username); + return e == null ? null : (WebServiceRequestObject)e.getValue(); + } + + private void deleteElement(Element e) + { + if (e==null) return; + WebServiceRequestObject o = (WebServiceRequestObject)e.getValue(); + if (o==null) return; + o.delete(); + } + + public Object clone() throws CloneNotSupportedException + { + return super.clone(); + } + + public void dispose() + { + } + + public void notifyElementEvicted(Ehcache cache, Element element) + { + deleteElement(element); + } + + public void notifyElementExpired(Ehcache cache, Element element) + { + deleteElement(element); + } + + public void notifyElementPut(Ehcache cache, Element element) throws CacheException + { + } + + public void notifyElementRemoved(Ehcache cache, Element element) throws CacheException + { + deleteElement(element); + } + + public void notifyElementUpdated(Ehcache cache, Element element) throws CacheException + { + } + + public void notifyRemoveAll(Ehcache cache) + { + List keys = cache.getKeys(); + for (Iterator i=keys.iterator(); i.hasNext();) + deleteElement(cache.get(i.next())); + } + + public void afterPropertiesSet() throws Exception + { + if (idleTime == null) idleTime = new Integer(120); + if (timeToLive == null) timeToLive = new Integer(180); + if (requestMap != null) return; + if (requestCache == null) { + if (cacheManager == null) + cacheManager = CacheManager.create(); + requestCache = cacheManager.getCache(cacheName); + if (requestCache == null) + { + requestCache = new Cache(cacheName, 1000000, true, true, timeToLive.intValue(), idleTime.intValue()); + cacheManager.addCache(requestCache); + } + } + requestCache.getCacheEventNotificationService().registerListener(this); + } + + public CacheManager getCacheManager() + { + return cacheManager; + } + public void setCacheManager(CacheManager cacheManager) + { + this.cacheManager = cacheManager; + } + public String getCacheName() + { + return cacheName; + } + public void setCacheName(String cacheName) + { + this.cacheName = cacheName; + } + public Integer getIdleTime() + { + return idleTime; + } + public void setIdleTime(Integer idleTime) + { + this.idleTime = idleTime; + } + public Ehcache getRequestCache() + { + return requestCache; + } + public void setRequestCache(Ehcache requestCache) + { + this.requestCache = requestCache; + } + public Integer getTimeToLive() + { + return timeToLive; + } + public void setTimeToLive(Integer timeToLive) + { + this.timeToLive = timeToLive; + } + + public Map getRequestMap() + { + return requestMap; + } + + public void setRequestMap(Map requestMap) + { + this.requestMap = requestMap; + } +} diff --git a/extended/src/main/java/net/jradius/webservice/WebServiceProcessor.java b/extended/src/main/java/net/jradius/webservice/WebServiceProcessor.java new file mode 100644 index 0000000..5cfe3b0 --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/WebServiceProcessor.java @@ -0,0 +1,232 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.webservice; + +import java.io.IOException; +import java.io.OutputStream; +import java.io.UnsupportedEncodingException; +import java.net.Socket; +import java.security.cert.Certificate; +import java.security.cert.X509Certificate; +import java.util.Iterator; +import java.util.List; +import java.util.Map; + +import javax.net.ssl.HandshakeCompletedEvent; +import javax.net.ssl.HandshakeCompletedListener; +import javax.net.ssl.SSLPeerUnverifiedException; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocket; + +import net.jradius.exception.RadiusException; +import net.jradius.handler.chain.JRCommand; +import net.jradius.log.RadiusLog; +import net.jradius.server.ListenerRequest; +import net.jradius.server.Processor; +import net.jradius.server.TCPListenerRequest; + + +/** + * JRadius Relay Request Processor + * + * @author David Bird + */ +public class WebServiceProcessor extends Processor +{ + protected static final byte[] newline = toHTTPBytes("\r\n"); + protected static final byte[] ctype = toHTTPBytes("Content-Type: text/xml\r\n"); + protected static final byte[] clength = toHTTPBytes("Content-Length: "); + protected static final byte[] server = toHTTPBytes("Server: JRadius\r\n"); + protected static final byte[] conclose = toHTTPBytes("Connection: close\r\n"); + protected static final byte[] ok = toHTTPBytes(" 200 OK\r\n"); + protected static final byte[] found = toHTTPBytes(" 302 Found\r\n"); + protected static final byte[] unauthorized = toHTTPBytes(" 401 Unauthorized\r\n"); + + private boolean wantClientCertificates = true; + + protected void processRequest(ListenerRequest listenerRequest) throws IOException, RadiusException + { + Socket socket = ((TCPListenerRequest)listenerRequest).getSocket(); + socket.setSoTimeout(5000); // 5 second read timeout + + X509Certificate x509 = null; + + if (socket instanceof SSLSocket && wantClientCertificates) + { + SSLSocket sslSocket = (SSLSocket) socket; + sslSocket.setWantClientAuth(true); + SSLSession sslSession = sslSocket.getSession(); + try + { + Certificate[] certs = sslSession.getPeerCertificates(); + if (certs != null) + { + Certificate cert = certs[0]; + if (cert instanceof X509Certificate) + x509 = (X509Certificate) cert; + } + } + catch (Exception e) + { + } + } + + WebServiceRequest request = null; + OutputStream os = null; + + try + { + request = (WebServiceRequest) listenerRequest.getRequestEvent(); + request.setCertificate(x509); + processRequest(request); + + os = socket.getOutputStream(); + sendResponse(request, os); + } + finally + { + if (os != null) + { + os.flush(); + os.close(); + } + socket.close(); + } + } + + protected void runHandlers(WebServiceRequest request) + { + RadiusLog.debug("Processing WebServiceRequest: " + request.toString()); + List handlers = getRequestHandlers(); + if (handlers == null) return; + + for (JRCommand handler : handlers) + { + boolean stop = false; + try + { + if (handler.doesHandle(request)) + { + stop = handler.execute(request); + if (stop) break; + } + } + catch (WebServiceException e) + { + e.printStackTrace(); + break; + } + catch (RadiusException e) + { + RadiusLog.error(e.getMessage()); + e.printStackTrace(); + break; + } + catch (Throwable e) + { + e.printStackTrace(); + break; + } + } + } + + protected void processRequest(WebServiceRequest request) + { + runHandlers(request); + } + + private void sendResponse(WebServiceRequest request, OutputStream out) throws IOException + { + WebServiceResponse response = request.getResponse(); + + if (response == null) + { + RadiusLog.error("No response found for WebServiceRequest: " + request.toString()); + writeBadRequest(out, request.getHttpVersion()); + return; + } + + writeResponse(out, request.getHttpVersion(), response.getHeaders(), response.getContent()); + } + + private void writeResponse(OutputStream writer, String httpVersion, Map headers, byte[] payload) throws IOException + { + boolean wroteCT = false; + boolean wroteCL = false; + + writer.write(toHTTPBytes(httpVersion)); + + if (headers.get("Location") != null) + writer.write(found); + else if (headers.get("WWW-Authenticate") != null) + writer.write(unauthorized); + else + writer.write(ok); + + writer.write(server); + writer.write(conclose); + for (Iterator i = headers.entrySet().iterator(); i.hasNext();) + { + Map.Entry entry = (Map.Entry)i.next(); + String key = (String)entry.getKey(); + writer.write(toHTTPBytes(key)); + writer.write(toHTTPBytes(": ")); + writer.write(toHTTPBytes((String)entry.getValue())); + writer.write(newline); + if (key.equalsIgnoreCase("content-type")) wroteCT = true; + else if (key.equalsIgnoreCase("content-length")) wroteCL = true; + } + if (!wroteCT) writer.write(ctype); + if (!wroteCL) + { + writer.write(clength); + writer.write(toHTTPBytes(Integer.toString(payload.length))); + writer.write(newline); + } + writer.write(newline); + writer.write(payload); + } + + private void writeBadRequest(OutputStream writer, String httpVersion) throws IOException + { + writer.write(toHTTPBytes(httpVersion)); + writer.write(toHTTPBytes(" 400 Bad Request")); + writer.write(newline); + writer.write(server); + writer.write(newline); + writer.write(toHTTPBytes("Invalid request")); + } + + protected static final byte[] toHTTPBytes(String text) + { + if (text == null) text = ""; + + try + { + return text.getBytes("US-ASCII"); + } + catch (UnsupportedEncodingException e) + { + throw new Error(e.getMessage()); + } + } +} diff --git a/extended/src/main/java/net/jradius/webservice/WebServiceRequest.java b/extended/src/main/java/net/jradius/webservice/WebServiceRequest.java new file mode 100644 index 0000000..868a167 --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/WebServiceRequest.java @@ -0,0 +1,226 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2006-2007 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.webservice; + +import java.io.UnsupportedEncodingException; +import java.net.URI; +import java.net.URLDecoder; +import java.security.cert.X509Certificate; +import java.util.HashMap; +import java.util.Map; +import java.util.StringTokenizer; + +import net.jradius.server.JRadiusEvent; + + +/** + * A Web Service Server Request + * + * @author David Bird + */ +public class WebServiceRequest extends JRadiusEvent +{ + public static final long serialVersionUID = 0L; + public static final int GET = 1; + public static final int POST = 2; + public static final int PUT = 3; + + private int type; + private int method; + private String httpVersion; + private URI uri; + private byte[] content; + private Map headerMap; + + private X509Certificate clientCertificate; + + private WebServiceResponse response; + + private Object sessionObject; + + /** + * @return the request type + */ + public int getType() + { + return type; + } + + /** + * Set the type of the request + * @param type + */ + public void setType(int type) + { + this.type = type; + } + + public String getTypeString() + { + return "ws"; + } + + public String getContentAsString() throws UnsupportedEncodingException + { + return getContent() == null ? null : new String(getContent(), "UTF-8"); + } + + /** + * @return Returns the content. + */ + public byte[] getContent() + { + return content; + } + /** + * @param content The content to set. + */ + public void setContent(byte[] content) + { + this.content = content; + } + /** + * @return Returns the headerMap. + */ + public Map getHeaderMap() + { + return headerMap; + } + /** + * @param headerMap The headerMap to set. + */ + public void setHeaderMap(Map headerMap) + { + this.headerMap = headerMap; + } + /** + * @return Returns the method. + */ + public int getMethod() + { + return method; + } + /** + * @param method The method to set. + */ + public void setMethod(int method) + { + this.method = method; + } + /** + * @return Returns the uri. + */ + public URI getUri() + { + return uri; + } + /** + * @param uri The uri to set. + */ + public void setUri(URI uri) + { + this.uri = uri; + } + + /** + * @return Returns the httpVersion. + */ + public String getHttpVersion() + { + return httpVersion; + } + /** + * @param httpVersion The httpVersion to set. + */ + public void setHttpVersion(String httpVersion) + { + this.httpVersion = httpVersion; + } + /** + * @return Returns the response. + */ + public WebServiceResponse getResponse() + { + return response; + } + /** + * @param response The response to set. + */ + public void setResponse(WebServiceResponse reply) + { + this.response = reply; + } + + public Object getSessionObject() { + return sessionObject; + } + + public void setSessionObject(Object sessionObject) { + this.sessionObject = sessionObject; + } + + public Map getParameterMap() { + /** + * Get the query string parameters + */ + String qs = getUri().getQuery(); + HashMap map = new HashMap(); + if (qs != null) + { + StringTokenizer st = new StringTokenizer(qs, "&"); + while (st.hasMoreTokens()) + { + String param = st.nextToken(); + int i = param.indexOf("="); + if (i != -1) + { + String k = param.substring(0, i); + String v = param.substring(i+1, param.length()); + try + { + map.put(k, URLDecoder.decode(v)); + } + catch (Exception e) + { + map.put(k, v); + } + } + } + } + return map; + } + + public String toString() + { + return getHeaderMap().toString(); + } + + public void setCertificate(X509Certificate x509) + { + clientCertificate = x509; + } + + public X509Certificate getCertificate() + { + return clientCertificate; + } +} diff --git a/extended/src/main/java/net/jradius/webservice/WebServiceRequestObject.java b/extended/src/main/java/net/jradius/webservice/WebServiceRequestObject.java new file mode 100644 index 0000000..9c99b21 --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/WebServiceRequestObject.java @@ -0,0 +1,29 @@ +/** + * JRadius - Java RADIUS client and server framework + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.webservice; + +import java.io.Serializable; + +public interface WebServiceRequestObject extends Serializable +{ + public String getKey(); + public void delete(); +} diff --git a/extended/src/main/java/net/jradius/webservice/WebServiceResponse.java b/extended/src/main/java/net/jradius/webservice/WebServiceResponse.java new file mode 100644 index 0000000..b39215f --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/WebServiceResponse.java @@ -0,0 +1,70 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.webservice; + +import java.util.LinkedHashMap; +import java.util.Map; + +import net.jradius.server.JRadiusEvent; + +/** + * @author David Bird + */ +public class WebServiceResponse extends JRadiusEvent +{ + private static final long serialVersionUID = 0L; + private byte[] content; + private int type; + + private LinkedHashMap headers = new LinkedHashMap(); + + public int getType() + { + return type; + } + + public String getTypeString() + { + return "ws"; + } + + /** + * @return Returns the content. + */ + public byte[] getContent() + { + if (content == null) return "".getBytes(); + return content; + } + + /** + * @param content The content to set. + */ + public void setContent(byte[] content) + { + this.content = content; + } + + public Map getHeaders() + { + return this.headers; + } +} diff --git a/extended/src/main/java/net/jradius/webservice/handler/OTPProxyAccountingHandler.java b/extended/src/main/java/net/jradius/webservice/handler/OTPProxyAccountingHandler.java new file mode 100644 index 0000000..3bcd43c --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/handler/OTPProxyAccountingHandler.java @@ -0,0 +1,64 @@ +/** + * JRadius - Java RADIUS client and server framework + * Copyright (c) 2006-2007 David Bird + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at + * your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.webservice.handler; + +import net.jradius.dictionary.Attr_UserName; +import net.jradius.handler.RadiusSessionHandler; +import net.jradius.log.RadiusLog; +import net.jradius.packet.AccountingRequest; +import net.jradius.packet.RadiusPacket; +import net.jradius.server.JRadiusRequest; +import net.jradius.session.JRadiusSession; +import net.jradius.webservice.OTPProxyRequest; +import net.jradius.webservice.WebServiceListener; + +/** + * @author David Bird + */ +public class OTPProxyAccountingHandler extends RadiusSessionHandler +{ + private String listenerBean = "otpListener"; + + public boolean handle(JRadiusRequest request) throws Exception + { + JRadiusSession session = (JRadiusSession) request.getSession(); + if (session == null) return noSessionFound(request); + + RadiusPacket req = request.getRequestPacket(); + + String username = (String)req.getAttributeValue(Attr_UserName.TYPE); + + if (request.getApplicationContext() == null) + { + RadiusLog.error(this.getClass().getName()+" can only run when configured with Spring"); + return false; + } + + WebServiceListener wsListener = (WebServiceListener)request.getApplicationContext().getBean(listenerBean); + if (wsListener == null) return false; + OTPProxyRequest otpRequest = (OTPProxyRequest)wsListener.get(username); + if (otpRequest == null) return false; + + otpRequest.updateAccounting((AccountingRequest)req); + + return false; + } +} diff --git a/extended/src/main/java/net/jradius/webservice/handler/OTPProxyAuthHandler.java b/extended/src/main/java/net/jradius/webservice/handler/OTPProxyAuthHandler.java new file mode 100644 index 0000000..06cfe6f --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/handler/OTPProxyAuthHandler.java @@ -0,0 +1,77 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2007 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.webservice.handler; + +import net.jradius.dictionary.Attr_UserName; +import net.jradius.handler.RadiusSessionHandler; +import net.jradius.log.RadiusLog; +import net.jradius.packet.RadiusPacket; +import net.jradius.server.JRadiusRequest; +import net.jradius.session.JRadiusSession; +import net.jradius.webservice.OTPProxyRequest; +import net.jradius.webservice.WebServiceListener; + +/** + * @author David Bird + */ +public class OTPProxyAuthHandler extends RadiusSessionHandler +{ + private String listenerBean = "otpListener"; + + public boolean handle(JRadiusRequest request) throws Exception + { + JRadiusSession session = (JRadiusSession) request.getSession(); + if (session == null) return noSessionFound(request); + + RadiusPacket req = request.getRequestPacket(); + + String username = (String)req.getAttributeValue(Attr_UserName.TYPE); + + if (request.getApplicationContext() == null) + { + RadiusLog.error(this.getClass().getName()+" can only run when configured with Spring"); + return false; + } + + WebServiceListener wsListener = (WebServiceListener)request.getApplicationContext().getBean(listenerBean); + if (wsListener == null) return false; + OTPProxyRequest otpRequest = (OTPProxyRequest)wsListener.get(username); + if (otpRequest == null) return false; + + RadiusLog.debug("OTP Auth received: "+username+"/"+otpRequest.getUserName()); + session.setUsername("OTP("+otpRequest.getUserName()+")"); + session.setRealm(otpRequest.getRadiusRealm().getRealm()); + + setPlainTextPassword(request, otpRequest.getOtpPassword()); + return false; + } + + public String getListenerBean() + { + return listenerBean; + } + + public void setListenerBean(String listenerBean) + { + this.listenerBean = listenerBean; + } +} diff --git a/extended/src/main/java/net/jradius/webservice/handler/OTPProxyPostAuthHandler.java b/extended/src/main/java/net/jradius/webservice/handler/OTPProxyPostAuthHandler.java new file mode 100644 index 0000000..7ffe56a --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/handler/OTPProxyPostAuthHandler.java @@ -0,0 +1,106 @@ +/** + * JRadius - A Radius Server Java Adapter + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2007 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.webservice.handler; + +import net.jradius.dictionary.Attr_AuthType; +import net.jradius.dictionary.Attr_Class; +import net.jradius.dictionary.Attr_EAPMessage; +import net.jradius.dictionary.Attr_MessageAuthenticator; +import net.jradius.dictionary.Attr_State; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.dictionary.vsa_jradius.Attr_JRadiusSessionId; +import net.jradius.handler.RadiusSessionHandler; +import net.jradius.log.RadiusLog; +import net.jradius.packet.AccessAccept; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.RadiusRequest; +import net.jradius.packet.RadiusResponse; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; +import net.jradius.session.JRadiusSession; +import net.jradius.webservice.OTPProxyRequest; +import net.jradius.webservice.WebServiceListener; + +/** + * @author David Bird + */ +public class OTPProxyPostAuthHandler extends RadiusSessionHandler +{ + private String listenerBean = "otpListener"; + + public boolean handle(JRadiusRequest request) throws Exception + { + JRadiusSession session = (JRadiusSession) request.getSession(); + if (session == null) return noSessionFound(request); + + RadiusPacket req = request.getRequestPacket(); + RadiusPacket rep = request.getReplyPacket(); + AttributeList ci = request.getConfigItems(); + + String username = (String)req.getAttributeValue(Attr_UserName.TYPE); + + if (request.getApplicationContext() == null) + { + RadiusLog.error(this.getClass().getName()+" can only run when configured with Spring"); + return false; + } + + WebServiceListener wsListener = (WebServiceListener)request.getApplicationContext().getBean(listenerBean); + if (wsListener == null) return false; + OTPProxyRequest otpRequest = (OTPProxyRequest)wsListener.get(username); + if (otpRequest == null) return false; + + req.addAttribute(new Attr_JRadiusSessionId(session.getSessionKey())); + + otpRequest.setAccessRequest((RadiusRequest)req); + + RadiusResponse resp = otpRequest.getAccessResponse(); + + if (resp == null) + { + ci.add(new Attr_AuthType(Attr_AuthType.Reject)); + request.setReturnValue(JRadiusServer.RLM_MODULE_REJECT); + return true; + } + + RadiusLog.debug( + "------------------------------------------------\n"+ + "OTP Proxy Response:\n" + resp.toString()+ + "------------------------------------------------\n"); + + if (resp instanceof AccessAccept) + { + AttributeList attrs = resp.getAttributes(); + attrs.remove(Attr_Class.TYPE); + attrs.remove(Attr_State.TYPE); + attrs.remove(Attr_EAPMessage.TYPE); + attrs.remove(Attr_MessageAuthenticator.TYPE); + rep.addAttributes(attrs); + return false; + } + + ci.add(new Attr_AuthType(Attr_AuthType.Reject)); + request.setReturnValue(JRadiusServer.RLM_MODULE_REJECT); + return true; + } +} diff --git a/extended/src/main/java/net/jradius/webservice/handler/package.html b/extended/src/main/java/net/jradius/webservice/handler/package.html new file mode 100644 index 0000000..a5fafc7 --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/handler/package.html @@ -0,0 +1,5 @@ + + +JRadius Packet Handlers for associated Web Services. + + diff --git a/extended/src/main/java/net/jradius/webservice/package.html b/extended/src/main/java/net/jradius/webservice/package.html new file mode 100644 index 0000000..f54ba29 --- /dev/null +++ b/extended/src/main/java/net/jradius/webservice/package.html @@ -0,0 +1,5 @@ + + +JRadius Web Services including two-phase and proxy authentication schemes. + + diff --git a/extended/src/main/resources/net/jradius/handler/catalog.xml b/extended/src/main/resources/net/jradius/handler/catalog.xml new file mode 100644 index 0000000..05271c1 --- /dev/null +++ b/extended/src/main/resources/net/jradius/handler/catalog.xml @@ -0,0 +1,41 @@ + + + + + + + + + + + + + + + + + + + + + + + diff --git a/extensions/dal/files/abatorConfig.xml b/extensions/dal/files/abatorConfig.xml new file mode 100644 index 0000000..8ec6fd9 --- /dev/null +++ b/extensions/dal/files/abatorConfig.xml @@ -0,0 +1,81 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + + +
+ + + +
+ + + +
+ + + +
+ + + +
+ + + +
+ + + +
+ + + +
+ + + + +
+ + + + + diff --git a/extensions/dal/pom.xml b/extensions/dal/pom.xml new file mode 100644 index 0000000..2739ec2 --- /dev/null +++ b/extensions/dal/pom.xml @@ -0,0 +1,97 @@ + + + + 4.0.0 + net.jradius + jradius-dal + ${project.artifactId}-${project.version} + 1.0.0-SNAPSHOT + JRadius data access layer + + + net.jradius + jradius-extensions + 1.0.0-SNAPSHOT + ../pom.xml + + + + + + net.jradius + jradius-db + 1.0.0-SNAPSHOT + + + + org.springframework + spring-context-support + 2.5.5 + + + + org.springframework + spring-orm + 2.5.5 + + + + + + + generate-dal + + antrun:run + + + org.apache.maven.plugins + maven-antrun-plugin + + + + + + + + + + + + + + + + + run + + + + + + + ant-contrib + ant-contrib + 1.0b2 + + + com.coova + coova-ewt-server + 1.0.0-SNAPSHOT + + + net.jradius + jradius-db + 1.0.0-SNAPSHOT + + + com.mysql + mysql-connector + 5.1.6 + + + + + + diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/NASDAO.java b/extensions/dal/src/main/java/net/jradius/dal/dao/NASDAO.java new file mode 100644 index 0000000..850cdcb --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/NASDAO.java @@ -0,0 +1,87 @@ +package net.jradius.dal.dao; + +import java.util.List; +import net.jradius.dal.model.NAS; +import net.jradius.dal.model.NASExample; + +public interface NASDAO { + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + Long insert(NAS record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKey(NAS record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKeySelective(NAS record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + List selectByExample(NASExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + NAS selectByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByExample(NASExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int countByExample(NASExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExampleSelective(NAS record, NASExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExample(NAS record, NASExample example); +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/NASDAOImpl.java b/extensions/dal/src/main/java/net/jradius/dal/dao/NASDAOImpl.java new file mode 100644 index 0000000..524aefd --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/NASDAOImpl.java @@ -0,0 +1,155 @@ +package net.jradius.dal.dao; + +import com.coova.dal.SqlMapClientWrapper; +import java.util.List; +import net.jradius.dal.model.NAS; +import net.jradius.dal.model.NASExample; + +public class NASDAOImpl extends SqlMapClientWrapper implements NASDAO { + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public NASDAOImpl() { + super(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long insert(NAS record) { + Object newKey = insert("nas", "abatorgenerated_insert", record); + return (Long) newKey; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKey(NAS record) { + int rows = update("nas", "abatorgenerated_updateByPrimaryKey", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKeySelective(NAS record) { + int rows = update("nas", "abatorgenerated_updateByPrimaryKeySelective", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + @SuppressWarnings("unchecked") + public List selectByExample(NASExample example) { + List list = (List) queryForList("nas", "abatorgenerated_selectByExample", example); + return list; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public NAS selectByPrimaryKey(Long id) { + NAS key = new NAS(); + key.setId(id); + NAS record = (NAS) queryForObject("nas", "abatorgenerated_selectByPrimaryKey", key); + return record; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByExample(NASExample example) { + int rows = delete("nas", "abatorgenerated_deleteByExample", example); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByPrimaryKey(Long id) { + NAS key = new NAS(); + key.setId(id); + int rows = delete("nas", "abatorgenerated_deleteByPrimaryKey", key); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int countByExample(NASExample example) { + Integer count = (Integer) queryForObject("nas", "abatorgenerated_countByExample", example); + return count; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExampleSelective(NAS record, NASExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("nas", "abatorgenerated_updateByExampleSelective", parms); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExample(NAS record, NASExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("nas", "abatorgenerated_updateByExample", parms); + return rows; + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private static class UpdateByExampleParms extends NASExample { + private Object record; + + public UpdateByExampleParms(Object record, NASExample example) { + super(example); + this.record = record; + } + + public Object getRecord() { + return record; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadAcctDAO.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadAcctDAO.java new file mode 100644 index 0000000..56f6a90 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadAcctDAO.java @@ -0,0 +1,87 @@ +package net.jradius.dal.dao; + +import java.util.List; +import net.jradius.dal.model.RadAcct; +import net.jradius.dal.model.RadAcctExample; + +public interface RadAcctDAO { + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + Long insert(RadAcct record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKey(RadAcct record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKeySelective(RadAcct record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + List selectByExample(RadAcctExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + RadAcct selectByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByExample(RadAcctExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int countByExample(RadAcctExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExampleSelective(RadAcct record, RadAcctExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExample(RadAcct record, RadAcctExample example); +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadAcctDAOImpl.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadAcctDAOImpl.java new file mode 100644 index 0000000..a35cc21 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadAcctDAOImpl.java @@ -0,0 +1,155 @@ +package net.jradius.dal.dao; + +import com.coova.dal.SqlMapClientWrapper; +import java.util.List; +import net.jradius.dal.model.RadAcct; +import net.jradius.dal.model.RadAcctExample; + +public class RadAcctDAOImpl extends SqlMapClientWrapper implements RadAcctDAO { + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadAcctDAOImpl() { + super(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long insert(RadAcct record) { + Object newKey = insert("radacct", "abatorgenerated_insert", record); + return (Long) newKey; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKey(RadAcct record) { + int rows = update("radacct", "abatorgenerated_updateByPrimaryKey", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKeySelective(RadAcct record) { + int rows = update("radacct", "abatorgenerated_updateByPrimaryKeySelective", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + @SuppressWarnings("unchecked") + public List selectByExample(RadAcctExample example) { + List list = (List) queryForList("radacct", "abatorgenerated_selectByExample", example); + return list; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadAcct selectByPrimaryKey(Long id) { + RadAcct key = new RadAcct(); + key.setId(id); + RadAcct record = (RadAcct) queryForObject("radacct", "abatorgenerated_selectByPrimaryKey", key); + return record; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByExample(RadAcctExample example) { + int rows = delete("radacct", "abatorgenerated_deleteByExample", example); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByPrimaryKey(Long id) { + RadAcct key = new RadAcct(); + key.setId(id); + int rows = delete("radacct", "abatorgenerated_deleteByPrimaryKey", key); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int countByExample(RadAcctExample example) { + Integer count = (Integer) queryForObject("radacct", "abatorgenerated_countByExample", example); + return count; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExampleSelective(RadAcct record, RadAcctExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radacct", "abatorgenerated_updateByExampleSelective", parms); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExample(RadAcct record, RadAcctExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radacct", "abatorgenerated_updateByExample", parms); + return rows; + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private static class UpdateByExampleParms extends RadAcctExample { + private Object record; + + public UpdateByExampleParms(Object record, RadAcctExample example) { + super(example); + this.record = record; + } + + public Object getRecord() { + return record; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadCheckDAO.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadCheckDAO.java new file mode 100644 index 0000000..a855a16 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadCheckDAO.java @@ -0,0 +1,87 @@ +package net.jradius.dal.dao; + +import java.util.List; +import net.jradius.dal.model.RadCheck; +import net.jradius.dal.model.RadCheckExample; + +public interface RadCheckDAO { + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + Long insert(RadCheck record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKey(RadCheck record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKeySelective(RadCheck record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + List selectByExample(RadCheckExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + RadCheck selectByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByExample(RadCheckExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int countByExample(RadCheckExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExampleSelective(RadCheck record, RadCheckExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExample(RadCheck record, RadCheckExample example); +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadCheckDAOImpl.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadCheckDAOImpl.java new file mode 100644 index 0000000..7a2c0bb --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadCheckDAOImpl.java @@ -0,0 +1,155 @@ +package net.jradius.dal.dao; + +import com.coova.dal.SqlMapClientWrapper; +import java.util.List; +import net.jradius.dal.model.RadCheck; +import net.jradius.dal.model.RadCheckExample; + +public class RadCheckDAOImpl extends SqlMapClientWrapper implements RadCheckDAO { + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadCheckDAOImpl() { + super(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long insert(RadCheck record) { + Object newKey = insert("radcheck", "abatorgenerated_insert", record); + return (Long) newKey; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKey(RadCheck record) { + int rows = update("radcheck", "abatorgenerated_updateByPrimaryKey", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKeySelective(RadCheck record) { + int rows = update("radcheck", "abatorgenerated_updateByPrimaryKeySelective", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + @SuppressWarnings("unchecked") + public List selectByExample(RadCheckExample example) { + List list = (List) queryForList("radcheck", "abatorgenerated_selectByExample", example); + return list; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadCheck selectByPrimaryKey(Long id) { + RadCheck key = new RadCheck(); + key.setId(id); + RadCheck record = (RadCheck) queryForObject("radcheck", "abatorgenerated_selectByPrimaryKey", key); + return record; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByExample(RadCheckExample example) { + int rows = delete("radcheck", "abatorgenerated_deleteByExample", example); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByPrimaryKey(Long id) { + RadCheck key = new RadCheck(); + key.setId(id); + int rows = delete("radcheck", "abatorgenerated_deleteByPrimaryKey", key); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int countByExample(RadCheckExample example) { + Integer count = (Integer) queryForObject("radcheck", "abatorgenerated_countByExample", example); + return count; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExampleSelective(RadCheck record, RadCheckExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radcheck", "abatorgenerated_updateByExampleSelective", parms); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExample(RadCheck record, RadCheckExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radcheck", "abatorgenerated_updateByExample", parms); + return rows; + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private static class UpdateByExampleParms extends RadCheckExample { + private Object record; + + public UpdateByExampleParms(Object record, RadCheckExample example) { + super(example); + this.record = record; + } + + public Object getRecord() { + return record; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadGroupCheckDAO.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadGroupCheckDAO.java new file mode 100644 index 0000000..d0c4276 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadGroupCheckDAO.java @@ -0,0 +1,87 @@ +package net.jradius.dal.dao; + +import java.util.List; +import net.jradius.dal.model.RadGroupCheck; +import net.jradius.dal.model.RadGroupCheckExample; + +public interface RadGroupCheckDAO { + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + Long insert(RadGroupCheck record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKey(RadGroupCheck record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKeySelective(RadGroupCheck record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + List selectByExample(RadGroupCheckExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + RadGroupCheck selectByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByExample(RadGroupCheckExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int countByExample(RadGroupCheckExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExampleSelective(RadGroupCheck record, RadGroupCheckExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExample(RadGroupCheck record, RadGroupCheckExample example); +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadGroupCheckDAOImpl.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadGroupCheckDAOImpl.java new file mode 100644 index 0000000..7045161 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadGroupCheckDAOImpl.java @@ -0,0 +1,155 @@ +package net.jradius.dal.dao; + +import com.coova.dal.SqlMapClientWrapper; +import java.util.List; +import net.jradius.dal.model.RadGroupCheck; +import net.jradius.dal.model.RadGroupCheckExample; + +public class RadGroupCheckDAOImpl extends SqlMapClientWrapper implements RadGroupCheckDAO { + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadGroupCheckDAOImpl() { + super(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long insert(RadGroupCheck record) { + Object newKey = insert("radgroupcheck", "abatorgenerated_insert", record); + return (Long) newKey; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKey(RadGroupCheck record) { + int rows = update("radgroupcheck", "abatorgenerated_updateByPrimaryKey", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKeySelective(RadGroupCheck record) { + int rows = update("radgroupcheck", "abatorgenerated_updateByPrimaryKeySelective", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + @SuppressWarnings("unchecked") + public List selectByExample(RadGroupCheckExample example) { + List list = (List) queryForList("radgroupcheck", "abatorgenerated_selectByExample", example); + return list; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadGroupCheck selectByPrimaryKey(Long id) { + RadGroupCheck key = new RadGroupCheck(); + key.setId(id); + RadGroupCheck record = (RadGroupCheck) queryForObject("radgroupcheck", "abatorgenerated_selectByPrimaryKey", key); + return record; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByExample(RadGroupCheckExample example) { + int rows = delete("radgroupcheck", "abatorgenerated_deleteByExample", example); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByPrimaryKey(Long id) { + RadGroupCheck key = new RadGroupCheck(); + key.setId(id); + int rows = delete("radgroupcheck", "abatorgenerated_deleteByPrimaryKey", key); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int countByExample(RadGroupCheckExample example) { + Integer count = (Integer) queryForObject("radgroupcheck", "abatorgenerated_countByExample", example); + return count; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExampleSelective(RadGroupCheck record, RadGroupCheckExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radgroupcheck", "abatorgenerated_updateByExampleSelective", parms); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExample(RadGroupCheck record, RadGroupCheckExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radgroupcheck", "abatorgenerated_updateByExample", parms); + return rows; + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private static class UpdateByExampleParms extends RadGroupCheckExample { + private Object record; + + public UpdateByExampleParms(Object record, RadGroupCheckExample example) { + super(example); + this.record = record; + } + + public Object getRecord() { + return record; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadGroupReplyDAO.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadGroupReplyDAO.java new file mode 100644 index 0000000..cb46e49 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadGroupReplyDAO.java @@ -0,0 +1,87 @@ +package net.jradius.dal.dao; + +import java.util.List; +import net.jradius.dal.model.RadGroupReply; +import net.jradius.dal.model.RadGroupReplyExample; + +public interface RadGroupReplyDAO { + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + Long insert(RadGroupReply record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKey(RadGroupReply record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKeySelective(RadGroupReply record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + List selectByExample(RadGroupReplyExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + RadGroupReply selectByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByExample(RadGroupReplyExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int countByExample(RadGroupReplyExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExampleSelective(RadGroupReply record, RadGroupReplyExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExample(RadGroupReply record, RadGroupReplyExample example); +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadGroupReplyDAOImpl.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadGroupReplyDAOImpl.java new file mode 100644 index 0000000..b21fd93 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadGroupReplyDAOImpl.java @@ -0,0 +1,155 @@ +package net.jradius.dal.dao; + +import com.coova.dal.SqlMapClientWrapper; +import java.util.List; +import net.jradius.dal.model.RadGroupReply; +import net.jradius.dal.model.RadGroupReplyExample; + +public class RadGroupReplyDAOImpl extends SqlMapClientWrapper implements RadGroupReplyDAO { + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadGroupReplyDAOImpl() { + super(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long insert(RadGroupReply record) { + Object newKey = insert("radgroupreply", "abatorgenerated_insert", record); + return (Long) newKey; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKey(RadGroupReply record) { + int rows = update("radgroupreply", "abatorgenerated_updateByPrimaryKey", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKeySelective(RadGroupReply record) { + int rows = update("radgroupreply", "abatorgenerated_updateByPrimaryKeySelective", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + @SuppressWarnings("unchecked") + public List selectByExample(RadGroupReplyExample example) { + List list = (List) queryForList("radgroupreply", "abatorgenerated_selectByExample", example); + return list; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadGroupReply selectByPrimaryKey(Long id) { + RadGroupReply key = new RadGroupReply(); + key.setId(id); + RadGroupReply record = (RadGroupReply) queryForObject("radgroupreply", "abatorgenerated_selectByPrimaryKey", key); + return record; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByExample(RadGroupReplyExample example) { + int rows = delete("radgroupreply", "abatorgenerated_deleteByExample", example); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByPrimaryKey(Long id) { + RadGroupReply key = new RadGroupReply(); + key.setId(id); + int rows = delete("radgroupreply", "abatorgenerated_deleteByPrimaryKey", key); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int countByExample(RadGroupReplyExample example) { + Integer count = (Integer) queryForObject("radgroupreply", "abatorgenerated_countByExample", example); + return count; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExampleSelective(RadGroupReply record, RadGroupReplyExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radgroupreply", "abatorgenerated_updateByExampleSelective", parms); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExample(RadGroupReply record, RadGroupReplyExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radgroupreply", "abatorgenerated_updateByExample", parms); + return rows; + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private static class UpdateByExampleParms extends RadGroupReplyExample { + private Object record; + + public UpdateByExampleParms(Object record, RadGroupReplyExample example) { + super(example); + this.record = record; + } + + public Object getRecord() { + return record; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadIPPoolDAO.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadIPPoolDAO.java new file mode 100644 index 0000000..5a8077d --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadIPPoolDAO.java @@ -0,0 +1,87 @@ +package net.jradius.dal.dao; + +import java.util.List; +import net.jradius.dal.model.RadIPPool; +import net.jradius.dal.model.RadIPPoolExample; + +public interface RadIPPoolDAO { + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + Long insert(RadIPPool record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKey(RadIPPool record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKeySelective(RadIPPool record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + List selectByExample(RadIPPoolExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + RadIPPool selectByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByExample(RadIPPoolExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int countByExample(RadIPPoolExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExampleSelective(RadIPPool record, RadIPPoolExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExample(RadIPPool record, RadIPPoolExample example); +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadIPPoolDAOImpl.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadIPPoolDAOImpl.java new file mode 100644 index 0000000..c805a0c --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadIPPoolDAOImpl.java @@ -0,0 +1,155 @@ +package net.jradius.dal.dao; + +import com.coova.dal.SqlMapClientWrapper; +import java.util.List; +import net.jradius.dal.model.RadIPPool; +import net.jradius.dal.model.RadIPPoolExample; + +public class RadIPPoolDAOImpl extends SqlMapClientWrapper implements RadIPPoolDAO { + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadIPPoolDAOImpl() { + super(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long insert(RadIPPool record) { + Object newKey = insert("radippool", "abatorgenerated_insert", record); + return (Long) newKey; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKey(RadIPPool record) { + int rows = update("radippool", "abatorgenerated_updateByPrimaryKey", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKeySelective(RadIPPool record) { + int rows = update("radippool", "abatorgenerated_updateByPrimaryKeySelective", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + @SuppressWarnings("unchecked") + public List selectByExample(RadIPPoolExample example) { + List list = (List) queryForList("radippool", "abatorgenerated_selectByExample", example); + return list; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadIPPool selectByPrimaryKey(Long id) { + RadIPPool key = new RadIPPool(); + key.setId(id); + RadIPPool record = (RadIPPool) queryForObject("radippool", "abatorgenerated_selectByPrimaryKey", key); + return record; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByExample(RadIPPoolExample example) { + int rows = delete("radippool", "abatorgenerated_deleteByExample", example); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByPrimaryKey(Long id) { + RadIPPool key = new RadIPPool(); + key.setId(id); + int rows = delete("radippool", "abatorgenerated_deleteByPrimaryKey", key); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int countByExample(RadIPPoolExample example) { + Integer count = (Integer) queryForObject("radippool", "abatorgenerated_countByExample", example); + return count; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExampleSelective(RadIPPool record, RadIPPoolExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radippool", "abatorgenerated_updateByExampleSelective", parms); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExample(RadIPPool record, RadIPPoolExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radippool", "abatorgenerated_updateByExample", parms); + return rows; + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private static class UpdateByExampleParms extends RadIPPoolExample { + private Object record; + + public UpdateByExampleParms(Object record, RadIPPoolExample example) { + super(example); + this.record = record; + } + + public Object getRecord() { + return record; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadPostAuthDAO.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadPostAuthDAO.java new file mode 100644 index 0000000..953b920 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadPostAuthDAO.java @@ -0,0 +1,87 @@ +package net.jradius.dal.dao; + +import java.util.List; +import net.jradius.dal.model.RadPostAuth; +import net.jradius.dal.model.RadPostAuthExample; + +public interface RadPostAuthDAO { + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + Long insert(RadPostAuth record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKey(RadPostAuth record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKeySelective(RadPostAuth record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + List selectByExample(RadPostAuthExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + RadPostAuth selectByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByExample(RadPostAuthExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int countByExample(RadPostAuthExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExampleSelective(RadPostAuth record, RadPostAuthExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExample(RadPostAuth record, RadPostAuthExample example); +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadPostAuthDAOImpl.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadPostAuthDAOImpl.java new file mode 100644 index 0000000..5a68e83 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadPostAuthDAOImpl.java @@ -0,0 +1,155 @@ +package net.jradius.dal.dao; + +import com.coova.dal.SqlMapClientWrapper; +import java.util.List; +import net.jradius.dal.model.RadPostAuth; +import net.jradius.dal.model.RadPostAuthExample; + +public class RadPostAuthDAOImpl extends SqlMapClientWrapper implements RadPostAuthDAO { + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadPostAuthDAOImpl() { + super(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long insert(RadPostAuth record) { + Object newKey = insert("radpostauth", "abatorgenerated_insert", record); + return (Long) newKey; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKey(RadPostAuth record) { + int rows = update("radpostauth", "abatorgenerated_updateByPrimaryKey", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKeySelective(RadPostAuth record) { + int rows = update("radpostauth", "abatorgenerated_updateByPrimaryKeySelective", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + @SuppressWarnings("unchecked") + public List selectByExample(RadPostAuthExample example) { + List list = (List) queryForList("radpostauth", "abatorgenerated_selectByExample", example); + return list; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadPostAuth selectByPrimaryKey(Long id) { + RadPostAuth key = new RadPostAuth(); + key.setId(id); + RadPostAuth record = (RadPostAuth) queryForObject("radpostauth", "abatorgenerated_selectByPrimaryKey", key); + return record; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByExample(RadPostAuthExample example) { + int rows = delete("radpostauth", "abatorgenerated_deleteByExample", example); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByPrimaryKey(Long id) { + RadPostAuth key = new RadPostAuth(); + key.setId(id); + int rows = delete("radpostauth", "abatorgenerated_deleteByPrimaryKey", key); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int countByExample(RadPostAuthExample example) { + Integer count = (Integer) queryForObject("radpostauth", "abatorgenerated_countByExample", example); + return count; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExampleSelective(RadPostAuth record, RadPostAuthExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radpostauth", "abatorgenerated_updateByExampleSelective", parms); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExample(RadPostAuth record, RadPostAuthExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radpostauth", "abatorgenerated_updateByExample", parms); + return rows; + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private static class UpdateByExampleParms extends RadPostAuthExample { + private Object record; + + public UpdateByExampleParms(Object record, RadPostAuthExample example) { + super(example); + this.record = record; + } + + public Object getRecord() { + return record; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadReplyDAO.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadReplyDAO.java new file mode 100644 index 0000000..2a91e46 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadReplyDAO.java @@ -0,0 +1,87 @@ +package net.jradius.dal.dao; + +import java.util.List; +import net.jradius.dal.model.RadReply; +import net.jradius.dal.model.RadReplyExample; + +public interface RadReplyDAO { + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + Long insert(RadReply record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKey(RadReply record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKeySelective(RadReply record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + List selectByExample(RadReplyExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + RadReply selectByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByExample(RadReplyExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int countByExample(RadReplyExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExampleSelective(RadReply record, RadReplyExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExample(RadReply record, RadReplyExample example); +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadReplyDAOImpl.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadReplyDAOImpl.java new file mode 100644 index 0000000..c3cd83d --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadReplyDAOImpl.java @@ -0,0 +1,155 @@ +package net.jradius.dal.dao; + +import com.coova.dal.SqlMapClientWrapper; +import java.util.List; +import net.jradius.dal.model.RadReply; +import net.jradius.dal.model.RadReplyExample; + +public class RadReplyDAOImpl extends SqlMapClientWrapper implements RadReplyDAO { + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadReplyDAOImpl() { + super(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long insert(RadReply record) { + Object newKey = insert("radreply", "abatorgenerated_insert", record); + return (Long) newKey; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKey(RadReply record) { + int rows = update("radreply", "abatorgenerated_updateByPrimaryKey", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKeySelective(RadReply record) { + int rows = update("radreply", "abatorgenerated_updateByPrimaryKeySelective", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + @SuppressWarnings("unchecked") + public List selectByExample(RadReplyExample example) { + List list = (List) queryForList("radreply", "abatorgenerated_selectByExample", example); + return list; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadReply selectByPrimaryKey(Long id) { + RadReply key = new RadReply(); + key.setId(id); + RadReply record = (RadReply) queryForObject("radreply", "abatorgenerated_selectByPrimaryKey", key); + return record; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByExample(RadReplyExample example) { + int rows = delete("radreply", "abatorgenerated_deleteByExample", example); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByPrimaryKey(Long id) { + RadReply key = new RadReply(); + key.setId(id); + int rows = delete("radreply", "abatorgenerated_deleteByPrimaryKey", key); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int countByExample(RadReplyExample example) { + Integer count = (Integer) queryForObject("radreply", "abatorgenerated_countByExample", example); + return count; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExampleSelective(RadReply record, RadReplyExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radreply", "abatorgenerated_updateByExampleSelective", parms); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExample(RadReply record, RadReplyExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radreply", "abatorgenerated_updateByExample", parms); + return rows; + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private static class UpdateByExampleParms extends RadReplyExample { + private Object record; + + public UpdateByExampleParms(Object record, RadReplyExample example) { + super(example); + this.record = record; + } + + public Object getRecord() { + return record; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadUserGroupDAO.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadUserGroupDAO.java new file mode 100644 index 0000000..f4b9442 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadUserGroupDAO.java @@ -0,0 +1,87 @@ +package net.jradius.dal.dao; + +import java.util.List; +import net.jradius.dal.model.RadUserGroup; +import net.jradius.dal.model.RadUserGroupExample; + +public interface RadUserGroupDAO { + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + Long insert(RadUserGroup record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKey(RadUserGroup record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKeySelective(RadUserGroup record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + List selectByExample(RadUserGroupExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + RadUserGroup selectByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByExample(RadUserGroupExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int countByExample(RadUserGroupExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExampleSelective(RadUserGroup record, RadUserGroupExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExample(RadUserGroup record, RadUserGroupExample example); +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/RadUserGroupDAOImpl.java b/extensions/dal/src/main/java/net/jradius/dal/dao/RadUserGroupDAOImpl.java new file mode 100644 index 0000000..cb125ad --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/RadUserGroupDAOImpl.java @@ -0,0 +1,155 @@ +package net.jradius.dal.dao; + +import com.coova.dal.SqlMapClientWrapper; +import java.util.List; +import net.jradius.dal.model.RadUserGroup; +import net.jradius.dal.model.RadUserGroupExample; + +public class RadUserGroupDAOImpl extends SqlMapClientWrapper implements RadUserGroupDAO { + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadUserGroupDAOImpl() { + super(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long insert(RadUserGroup record) { + Object newKey = insert("radusergroup", "abatorgenerated_insert", record); + return (Long) newKey; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKey(RadUserGroup record) { + int rows = update("radusergroup", "abatorgenerated_updateByPrimaryKey", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKeySelective(RadUserGroup record) { + int rows = update("radusergroup", "abatorgenerated_updateByPrimaryKeySelective", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + @SuppressWarnings("unchecked") + public List selectByExample(RadUserGroupExample example) { + List list = (List) queryForList("radusergroup", "abatorgenerated_selectByExample", example); + return list; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadUserGroup selectByPrimaryKey(Long id) { + RadUserGroup key = new RadUserGroup(); + key.setId(id); + RadUserGroup record = (RadUserGroup) queryForObject("radusergroup", "abatorgenerated_selectByPrimaryKey", key); + return record; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByExample(RadUserGroupExample example) { + int rows = delete("radusergroup", "abatorgenerated_deleteByExample", example); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByPrimaryKey(Long id) { + RadUserGroup key = new RadUserGroup(); + key.setId(id); + int rows = delete("radusergroup", "abatorgenerated_deleteByPrimaryKey", key); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int countByExample(RadUserGroupExample example) { + Integer count = (Integer) queryForObject("radusergroup", "abatorgenerated_countByExample", example); + return count; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExampleSelective(RadUserGroup record, RadUserGroupExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radusergroup", "abatorgenerated_updateByExampleSelective", parms); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExample(RadUserGroup record, RadUserGroupExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("radusergroup", "abatorgenerated_updateByExample", parms); + return rows; + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private static class UpdateByExampleParms extends RadUserGroupExample { + private Object record; + + public UpdateByExampleParms(Object record, RadUserGroupExample example) { + super(example); + this.record = record; + } + + public Object getRecord() { + return record; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/UIHelpDAO.java b/extensions/dal/src/main/java/net/jradius/dal/dao/UIHelpDAO.java new file mode 100644 index 0000000..1365aec --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/UIHelpDAO.java @@ -0,0 +1,87 @@ +package net.jradius.dal.dao; + +import java.util.List; +import net.jradius.dal.model.UIHelp; +import net.jradius.dal.model.UIHelpExample; + +public interface UIHelpDAO { + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + Long insert(UIHelp record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKey(UIHelp record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByPrimaryKeySelective(UIHelp record); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + List selectByExample(UIHelpExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + UIHelp selectByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByExample(UIHelpExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int deleteByPrimaryKey(Long id); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int countByExample(UIHelpExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExampleSelective(UIHelp record, UIHelpExample example); + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + int updateByExample(UIHelp record, UIHelpExample example); +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/dao/UIHelpDAOImpl.java b/extensions/dal/src/main/java/net/jradius/dal/dao/UIHelpDAOImpl.java new file mode 100644 index 0000000..a543426 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/dao/UIHelpDAOImpl.java @@ -0,0 +1,155 @@ +package net.jradius.dal.dao; + +import com.coova.dal.SqlMapClientWrapper; +import java.util.List; +import net.jradius.dal.model.UIHelp; +import net.jradius.dal.model.UIHelpExample; + +public class UIHelpDAOImpl extends SqlMapClientWrapper implements UIHelpDAO { + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public UIHelpDAOImpl() { + super(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long insert(UIHelp record) { + Object newKey = insert("uihelp", "abatorgenerated_insert", record); + return (Long) newKey; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKey(UIHelp record) { + int rows = update("uihelp", "abatorgenerated_updateByPrimaryKey", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByPrimaryKeySelective(UIHelp record) { + int rows = update("uihelp", "abatorgenerated_updateByPrimaryKeySelective", record); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + @SuppressWarnings("unchecked") + public List selectByExample(UIHelpExample example) { + List list = (List) queryForList("uihelp", "abatorgenerated_selectByExample", example); + return list; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public UIHelp selectByPrimaryKey(Long id) { + UIHelp key = new UIHelp(); + key.setId(id); + UIHelp record = (UIHelp) queryForObject("uihelp", "abatorgenerated_selectByPrimaryKey", key); + return record; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByExample(UIHelpExample example) { + int rows = delete("uihelp", "abatorgenerated_deleteByExample", example); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int deleteByPrimaryKey(Long id) { + UIHelp key = new UIHelp(); + key.setId(id); + int rows = delete("uihelp", "abatorgenerated_deleteByPrimaryKey", key); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int countByExample(UIHelpExample example) { + Integer count = (Integer) queryForObject("uihelp", "abatorgenerated_countByExample", example); + return count; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExampleSelective(UIHelp record, UIHelpExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("uihelp", "abatorgenerated_updateByExampleSelective", parms); + return rows; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public int updateByExample(UIHelp record, UIHelpExample example) { + UpdateByExampleParms parms = new UpdateByExampleParms(record, example); + int rows = update("uihelp", "abatorgenerated_updateByExample", parms); + return rows; + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private static class UpdateByExampleParms extends UIHelpExample { + private Object record; + + public UpdateByExampleParms(Object record, UIHelpExample example) { + super(example); + this.record = record; + } + + public Object getRecord() { + return record; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/json/NASConvert.java b/extensions/dal/src/main/java/net/jradius/dal/json/NASConvert.java new file mode 100644 index 0000000..e9344b9 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/json/NASConvert.java @@ -0,0 +1,145 @@ +package net.jradius.dal.json; + +import java.util.*; +import org.json.*; + +import net.jradius.dal.dao.NASDAO; +import net.jradius.dal.model.NAS; +import net.jradius.dal.model.NASExample; +import net.jradius.dal.model.NASExample.Criteria; + + +import com.coova.ewt.server.EWTException; +import com.coova.json.JSONConverter; + +public class NASConvert extends JSONConverter +{ + private final NASDAO dao; + + public NASConvert(NASDAO dao) + { + this.dao = dao; + } + + public NAS fromJSON(NAS nas, JSONObject jsonObject) throws EWTException + { + nas.setNasname(convertString(jsonObject, "nasname", false)); + nas.setNastype(convertString(jsonObject, "nastype", true)); + nas.setCalledstationid(convertString(jsonObject, "calledstationid", true)); + nas.setShortname(convertString(jsonObject, "shortname", true)); + nas.setPorts(convertInteger(jsonObject, "ports", true)); + nas.setSecret(convertString(jsonObject, "secret", true)); + nas.setCommunity(convertString(jsonObject, "community", true)); + nas.setDescription(convertString(jsonObject, "description", true)); + nas.setLatitude(convertDouble(jsonObject, "latitude", true)); + nas.setLongitude(convertDouble(jsonObject, "longitude", true)); + return nas; + } + + public JSONObject toJSON(NAS nas, JSONObject jsonObject) throws JSONException + { + jsonObject.put("uid", nas.getId()); + jsonObject.put("nasname", nas.getNasname()); + jsonObject.put("nastype", nas.getNastype()); + jsonObject.put("calledstationid", nas.getCalledstationid()); + jsonObject.put("shortname", nas.getShortname()); + jsonObject.put("ports", nas.getPorts()); + jsonObject.put("secret", nas.getSecret()); + jsonObject.put("community", nas.getCommunity()); + jsonObject.put("description", nas.getDescription()); + jsonObject.put("latitude", nas.getLatitude()); + jsonObject.put("longitude", nas.getLongitude()); + return jsonObject; + } + + public JSONObject toRefJSON(NAS nas, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("name", beanField(nas, nameColumn, encodeId)); + jsonObject.put("value", nas.getId()); + return jsonObject; + } + + public JSONObject toSuggestJSON(NAS nas, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("suggest", beanField(nas, nameColumn, encodeId)); + return jsonObject; + } + + public void insertFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.insert(fromJSON(new NAS(), jsonObject)); + } + + public void updateFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + Long id = jsonObject.optLong("uid"); + NAS record = dao.selectByPrimaryKey(id); + if (record != null) dao.updateByPrimaryKey(fromJSON(record, jsonObject)); + } + + public void deleteFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.deleteByPrimaryKey(jsonObject.getLong("uid")); + } + + public void listAsArray(JSONArray array, Map requestMap, JSONObject metaObject, Integer startRow, Integer rowCount, String orderByClause) throws JSONException + { + NASExample example = new NASExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + if (metaObject != null) + { + metaObject.put("count", dao.countByExample(example)); + } + example.setStartRow(startRow); + example.setRowCount(rowCount); + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (NAS nas : list) + { + array.put(array.length(), toJSON(nas, new JSONObject())); + } + } + + public void listAsRefArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + NASExample example = new NASExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (NAS nas : list) + { + array.put(array.length(), toRefJSON(nas, nameColumn, encodeId, new JSONObject())); + } + } + + public void listAsSuggestArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + NASExample example = new NASExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (NAS nas : list) + { + array.put(array.length(), toSuggestJSON(nas, nameColumn, encodeId, new JSONObject())); + } + } + + public String getActualColumnName(String name) + { + if ("uid".equals(name)) return "id"; + return name; + } + +} diff --git a/extensions/dal/src/main/java/net/jradius/dal/json/RadAcctConvert.java b/extensions/dal/src/main/java/net/jradius/dal/json/RadAcctConvert.java new file mode 100644 index 0000000..e1fa18d --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/json/RadAcctConvert.java @@ -0,0 +1,177 @@ +package net.jradius.dal.json; + +import java.util.*; +import org.json.*; + +import net.jradius.dal.dao.RadAcctDAO; +import net.jradius.dal.model.RadAcct; +import net.jradius.dal.model.RadAcctExample; +import net.jradius.dal.model.RadAcctExample.Criteria; + + +import com.coova.ewt.server.EWTException; +import com.coova.json.JSONConverter; + +public class RadAcctConvert extends JSONConverter +{ + private final RadAcctDAO dao; + + public RadAcctConvert(RadAcctDAO dao) + { + this.dao = dao; + } + + public RadAcct fromJSON(RadAcct radacct, JSONObject jsonObject) throws EWTException + { + radacct.setAcctsessionid(convertString(jsonObject, "acctsessionid", false)); + radacct.setAcctuniqueid(convertString(jsonObject, "acctuniqueid", false)); + radacct.setUsername(convertString(jsonObject, "username", false)); + radacct.setGroupname(convertString(jsonObject, "groupname", false)); + radacct.setRealm(convertString(jsonObject, "realm", true)); + radacct.setNasipaddress(convertString(jsonObject, "nasipaddress", false)); + radacct.setNasportid(convertString(jsonObject, "nasportid", true)); + radacct.setNasporttype(convertString(jsonObject, "nasporttype", true)); + radacct.setAcctstarttime(stringToDate(jsonObject.optString("Acctstarttime"),null)); + radacct.setAcctstoptime(stringToDate(jsonObject.optString("Acctstoptime"),null)); + radacct.setAcctsessiontime(convertInteger(jsonObject, "acctsessiontime", true)); + radacct.setAcctauthentic(convertString(jsonObject, "acctauthentic", true)); + radacct.setConnectinfoStart(convertString(jsonObject, "connectinfoStart", true)); + radacct.setConnectinfoStop(convertString(jsonObject, "connectinfoStop", true)); + radacct.setAcctinputoctets(convertLong(jsonObject, "acctinputoctets", true)); + radacct.setAcctoutputoctets(convertLong(jsonObject, "acctoutputoctets", true)); + radacct.setCalledstationid(convertString(jsonObject, "calledstationid", false)); + radacct.setCallingstationid(convertString(jsonObject, "callingstationid", false)); + radacct.setAcctterminatecause(convertString(jsonObject, "acctterminatecause", false)); + radacct.setServicetype(convertString(jsonObject, "servicetype", true)); + radacct.setFramedprotocol(convertString(jsonObject, "framedprotocol", true)); + radacct.setFramedipaddress(convertString(jsonObject, "framedipaddress", false)); + radacct.setAcctstartdelay(convertInteger(jsonObject, "acctstartdelay", true)); + radacct.setAcctstopdelay(convertInteger(jsonObject, "acctstopdelay", true)); + radacct.setXascendsessionsvrkey(convertString(jsonObject, "xascendsessionsvrkey", true)); + return radacct; + } + + public JSONObject toJSON(RadAcct radacct, JSONObject jsonObject) throws JSONException + { + jsonObject.put("uid", radacct.getId()); + jsonObject.put("acctsessionid", radacct.getAcctsessionid()); + jsonObject.put("acctuniqueid", radacct.getAcctuniqueid()); + jsonObject.put("username", radacct.getUsername()); + jsonObject.put("groupname", radacct.getGroupname()); + jsonObject.put("realm", radacct.getRealm()); + jsonObject.put("nasipaddress", radacct.getNasipaddress()); + jsonObject.put("nasportid", radacct.getNasportid()); + jsonObject.put("nasporttype", radacct.getNasporttype()); + jsonObject.put("acctstarttime", radacct.getAcctstarttime()); + jsonObject.put("acctstoptime", radacct.getAcctstoptime()); + jsonObject.put("acctsessiontime", radacct.getAcctsessiontime()); + jsonObject.put("acctauthentic", radacct.getAcctauthentic()); + jsonObject.put("connectinfoStart", radacct.getConnectinfoStart()); + jsonObject.put("connectinfoStop", radacct.getConnectinfoStop()); + jsonObject.put("acctinputoctets", radacct.getAcctinputoctets()); + jsonObject.put("acctoutputoctets", radacct.getAcctoutputoctets()); + jsonObject.put("calledstationid", radacct.getCalledstationid()); + jsonObject.put("callingstationid", radacct.getCallingstationid()); + jsonObject.put("acctterminatecause", radacct.getAcctterminatecause()); + jsonObject.put("servicetype", radacct.getServicetype()); + jsonObject.put("framedprotocol", radacct.getFramedprotocol()); + jsonObject.put("framedipaddress", radacct.getFramedipaddress()); + jsonObject.put("acctstartdelay", radacct.getAcctstartdelay()); + jsonObject.put("acctstopdelay", radacct.getAcctstopdelay()); + jsonObject.put("xascendsessionsvrkey", radacct.getXascendsessionsvrkey()); + return jsonObject; + } + + public JSONObject toRefJSON(RadAcct radacct, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("name", beanField(radacct, nameColumn, encodeId)); + jsonObject.put("value", radacct.getId()); + return jsonObject; + } + + public JSONObject toSuggestJSON(RadAcct radacct, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("suggest", beanField(radacct, nameColumn, encodeId)); + return jsonObject; + } + + public void insertFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.insert(fromJSON(new RadAcct(), jsonObject)); + } + + public void updateFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + Long id = jsonObject.optLong("uid"); + RadAcct record = dao.selectByPrimaryKey(id); + if (record != null) dao.updateByPrimaryKey(fromJSON(record, jsonObject)); + } + + public void deleteFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.deleteByPrimaryKey(jsonObject.getLong("uid")); + } + + public void listAsArray(JSONArray array, Map requestMap, JSONObject metaObject, Integer startRow, Integer rowCount, String orderByClause) throws JSONException + { + RadAcctExample example = new RadAcctExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + if (metaObject != null) + { + metaObject.put("count", dao.countByExample(example)); + } + example.setStartRow(startRow); + example.setRowCount(rowCount); + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadAcct radacct : list) + { + array.put(array.length(), toJSON(radacct, new JSONObject())); + } + } + + public void listAsRefArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadAcctExample example = new RadAcctExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadAcct radacct : list) + { + array.put(array.length(), toRefJSON(radacct, nameColumn, encodeId, new JSONObject())); + } + } + + public void listAsSuggestArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadAcctExample example = new RadAcctExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadAcct radacct : list) + { + array.put(array.length(), toSuggestJSON(radacct, nameColumn, encodeId, new JSONObject())); + } + } + + public String getActualColumnName(String name) + { + if ("uid".equals(name)) return "id"; + if ("connectinfoStart".equals(name)) return "connectinfo_start"; + if ("connectinfoStop".equals(name)) return "connectinfo_stop"; + return name; + } + +} diff --git a/extensions/dal/src/main/java/net/jradius/dal/json/RadCheckConvert.java b/extensions/dal/src/main/java/net/jradius/dal/json/RadCheckConvert.java new file mode 100644 index 0000000..5046b15 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/json/RadCheckConvert.java @@ -0,0 +1,133 @@ +package net.jradius.dal.json; + +import java.util.*; +import org.json.*; + +import net.jradius.dal.dao.RadCheckDAO; +import net.jradius.dal.model.RadCheck; +import net.jradius.dal.model.RadCheckExample; +import net.jradius.dal.model.RadCheckExample.Criteria; + + +import com.coova.ewt.server.EWTException; +import com.coova.json.JSONConverter; + +public class RadCheckConvert extends JSONConverter +{ + private final RadCheckDAO dao; + + public RadCheckConvert(RadCheckDAO dao) + { + this.dao = dao; + } + + public RadCheck fromJSON(RadCheck radcheck, JSONObject jsonObject) throws EWTException + { + radcheck.setUsername(convertString(jsonObject, "username", false)); + radcheck.setAttribute(convertString(jsonObject, "attribute", false)); + radcheck.setOp(convertString(jsonObject, "op", false)); + radcheck.setValue(convertString(jsonObject, "value", false)); + return radcheck; + } + + public JSONObject toJSON(RadCheck radcheck, JSONObject jsonObject) throws JSONException + { + jsonObject.put("uid", radcheck.getId()); + jsonObject.put("username", radcheck.getUsername()); + jsonObject.put("attribute", radcheck.getAttribute()); + jsonObject.put("op", radcheck.getOp()); + jsonObject.put("value", radcheck.getValue()); + return jsonObject; + } + + public JSONObject toRefJSON(RadCheck radcheck, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("name", beanField(radcheck, nameColumn, encodeId)); + jsonObject.put("value", radcheck.getId()); + return jsonObject; + } + + public JSONObject toSuggestJSON(RadCheck radcheck, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("suggest", beanField(radcheck, nameColumn, encodeId)); + return jsonObject; + } + + public void insertFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.insert(fromJSON(new RadCheck(), jsonObject)); + } + + public void updateFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + Long id = jsonObject.optLong("uid"); + RadCheck record = dao.selectByPrimaryKey(id); + if (record != null) dao.updateByPrimaryKey(fromJSON(record, jsonObject)); + } + + public void deleteFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.deleteByPrimaryKey(jsonObject.getLong("uid")); + } + + public void listAsArray(JSONArray array, Map requestMap, JSONObject metaObject, Integer startRow, Integer rowCount, String orderByClause) throws JSONException + { + RadCheckExample example = new RadCheckExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + if (metaObject != null) + { + metaObject.put("count", dao.countByExample(example)); + } + example.setStartRow(startRow); + example.setRowCount(rowCount); + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadCheck radcheck : list) + { + array.put(array.length(), toJSON(radcheck, new JSONObject())); + } + } + + public void listAsRefArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadCheckExample example = new RadCheckExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadCheck radcheck : list) + { + array.put(array.length(), toRefJSON(radcheck, nameColumn, encodeId, new JSONObject())); + } + } + + public void listAsSuggestArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadCheckExample example = new RadCheckExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadCheck radcheck : list) + { + array.put(array.length(), toSuggestJSON(radcheck, nameColumn, encodeId, new JSONObject())); + } + } + + public String getActualColumnName(String name) + { + if ("uid".equals(name)) return "id"; + return name; + } + +} diff --git a/extensions/dal/src/main/java/net/jradius/dal/json/RadGroupCheckConvert.java b/extensions/dal/src/main/java/net/jradius/dal/json/RadGroupCheckConvert.java new file mode 100644 index 0000000..adcc69f --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/json/RadGroupCheckConvert.java @@ -0,0 +1,133 @@ +package net.jradius.dal.json; + +import java.util.*; +import org.json.*; + +import net.jradius.dal.dao.RadGroupCheckDAO; +import net.jradius.dal.model.RadGroupCheck; +import net.jradius.dal.model.RadGroupCheckExample; +import net.jradius.dal.model.RadGroupCheckExample.Criteria; + + +import com.coova.ewt.server.EWTException; +import com.coova.json.JSONConverter; + +public class RadGroupCheckConvert extends JSONConverter +{ + private final RadGroupCheckDAO dao; + + public RadGroupCheckConvert(RadGroupCheckDAO dao) + { + this.dao = dao; + } + + public RadGroupCheck fromJSON(RadGroupCheck radgroupcheck, JSONObject jsonObject) throws EWTException + { + radgroupcheck.setGroupname(convertString(jsonObject, "groupname", false)); + radgroupcheck.setAttribute(convertString(jsonObject, "attribute", false)); + radgroupcheck.setOp(convertString(jsonObject, "op", false)); + radgroupcheck.setValue(convertString(jsonObject, "value", false)); + return radgroupcheck; + } + + public JSONObject toJSON(RadGroupCheck radgroupcheck, JSONObject jsonObject) throws JSONException + { + jsonObject.put("uid", radgroupcheck.getId()); + jsonObject.put("groupname", radgroupcheck.getGroupname()); + jsonObject.put("attribute", radgroupcheck.getAttribute()); + jsonObject.put("op", radgroupcheck.getOp()); + jsonObject.put("value", radgroupcheck.getValue()); + return jsonObject; + } + + public JSONObject toRefJSON(RadGroupCheck radgroupcheck, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("name", beanField(radgroupcheck, nameColumn, encodeId)); + jsonObject.put("value", radgroupcheck.getId()); + return jsonObject; + } + + public JSONObject toSuggestJSON(RadGroupCheck radgroupcheck, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("suggest", beanField(radgroupcheck, nameColumn, encodeId)); + return jsonObject; + } + + public void insertFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.insert(fromJSON(new RadGroupCheck(), jsonObject)); + } + + public void updateFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + Long id = jsonObject.optLong("uid"); + RadGroupCheck record = dao.selectByPrimaryKey(id); + if (record != null) dao.updateByPrimaryKey(fromJSON(record, jsonObject)); + } + + public void deleteFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.deleteByPrimaryKey(jsonObject.getLong("uid")); + } + + public void listAsArray(JSONArray array, Map requestMap, JSONObject metaObject, Integer startRow, Integer rowCount, String orderByClause) throws JSONException + { + RadGroupCheckExample example = new RadGroupCheckExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + if (metaObject != null) + { + metaObject.put("count", dao.countByExample(example)); + } + example.setStartRow(startRow); + example.setRowCount(rowCount); + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadGroupCheck radgroupcheck : list) + { + array.put(array.length(), toJSON(radgroupcheck, new JSONObject())); + } + } + + public void listAsRefArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadGroupCheckExample example = new RadGroupCheckExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadGroupCheck radgroupcheck : list) + { + array.put(array.length(), toRefJSON(radgroupcheck, nameColumn, encodeId, new JSONObject())); + } + } + + public void listAsSuggestArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadGroupCheckExample example = new RadGroupCheckExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadGroupCheck radgroupcheck : list) + { + array.put(array.length(), toSuggestJSON(radgroupcheck, nameColumn, encodeId, new JSONObject())); + } + } + + public String getActualColumnName(String name) + { + if ("uid".equals(name)) return "id"; + return name; + } + +} diff --git a/extensions/dal/src/main/java/net/jradius/dal/json/RadGroupReplyConvert.java b/extensions/dal/src/main/java/net/jradius/dal/json/RadGroupReplyConvert.java new file mode 100644 index 0000000..603d6a0 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/json/RadGroupReplyConvert.java @@ -0,0 +1,133 @@ +package net.jradius.dal.json; + +import java.util.*; +import org.json.*; + +import net.jradius.dal.dao.RadGroupReplyDAO; +import net.jradius.dal.model.RadGroupReply; +import net.jradius.dal.model.RadGroupReplyExample; +import net.jradius.dal.model.RadGroupReplyExample.Criteria; + + +import com.coova.ewt.server.EWTException; +import com.coova.json.JSONConverter; + +public class RadGroupReplyConvert extends JSONConverter +{ + private final RadGroupReplyDAO dao; + + public RadGroupReplyConvert(RadGroupReplyDAO dao) + { + this.dao = dao; + } + + public RadGroupReply fromJSON(RadGroupReply radgroupreply, JSONObject jsonObject) throws EWTException + { + radgroupreply.setGroupname(convertString(jsonObject, "groupname", false)); + radgroupreply.setAttribute(convertString(jsonObject, "attribute", false)); + radgroupreply.setOp(convertString(jsonObject, "op", false)); + radgroupreply.setValue(convertString(jsonObject, "value", false)); + return radgroupreply; + } + + public JSONObject toJSON(RadGroupReply radgroupreply, JSONObject jsonObject) throws JSONException + { + jsonObject.put("uid", radgroupreply.getId()); + jsonObject.put("groupname", radgroupreply.getGroupname()); + jsonObject.put("attribute", radgroupreply.getAttribute()); + jsonObject.put("op", radgroupreply.getOp()); + jsonObject.put("value", radgroupreply.getValue()); + return jsonObject; + } + + public JSONObject toRefJSON(RadGroupReply radgroupreply, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("name", beanField(radgroupreply, nameColumn, encodeId)); + jsonObject.put("value", radgroupreply.getId()); + return jsonObject; + } + + public JSONObject toSuggestJSON(RadGroupReply radgroupreply, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("suggest", beanField(radgroupreply, nameColumn, encodeId)); + return jsonObject; + } + + public void insertFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.insert(fromJSON(new RadGroupReply(), jsonObject)); + } + + public void updateFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + Long id = jsonObject.optLong("uid"); + RadGroupReply record = dao.selectByPrimaryKey(id); + if (record != null) dao.updateByPrimaryKey(fromJSON(record, jsonObject)); + } + + public void deleteFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.deleteByPrimaryKey(jsonObject.getLong("uid")); + } + + public void listAsArray(JSONArray array, Map requestMap, JSONObject metaObject, Integer startRow, Integer rowCount, String orderByClause) throws JSONException + { + RadGroupReplyExample example = new RadGroupReplyExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + if (metaObject != null) + { + metaObject.put("count", dao.countByExample(example)); + } + example.setStartRow(startRow); + example.setRowCount(rowCount); + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadGroupReply radgroupreply : list) + { + array.put(array.length(), toJSON(radgroupreply, new JSONObject())); + } + } + + public void listAsRefArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadGroupReplyExample example = new RadGroupReplyExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadGroupReply radgroupreply : list) + { + array.put(array.length(), toRefJSON(radgroupreply, nameColumn, encodeId, new JSONObject())); + } + } + + public void listAsSuggestArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadGroupReplyExample example = new RadGroupReplyExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadGroupReply radgroupreply : list) + { + array.put(array.length(), toSuggestJSON(radgroupreply, nameColumn, encodeId, new JSONObject())); + } + } + + public String getActualColumnName(String name) + { + if ("uid".equals(name)) return "id"; + return name; + } + +} diff --git a/extensions/dal/src/main/java/net/jradius/dal/json/RadIPPoolConvert.java b/extensions/dal/src/main/java/net/jradius/dal/json/RadIPPoolConvert.java new file mode 100644 index 0000000..e642f5b --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/json/RadIPPoolConvert.java @@ -0,0 +1,144 @@ +package net.jradius.dal.json; + +import java.util.*; +import org.json.*; + +import net.jradius.dal.dao.RadIPPoolDAO; +import net.jradius.dal.model.RadIPPool; +import net.jradius.dal.model.RadIPPoolExample; +import net.jradius.dal.model.RadIPPoolExample.Criteria; + + +import com.coova.ewt.server.EWTException; +import com.coova.json.JSONConverter; + +public class RadIPPoolConvert extends JSONConverter +{ + private final RadIPPoolDAO dao; + + public RadIPPoolConvert(RadIPPoolDAO dao) + { + this.dao = dao; + } + + public RadIPPool fromJSON(RadIPPool radippool, JSONObject jsonObject) throws EWTException + { + radippool.setPoolName(convertString(jsonObject, "poolName", false)); + radippool.setFramedipaddress(convertString(jsonObject, "framedipaddress", false)); + radippool.setNasipaddress(convertString(jsonObject, "nasipaddress", false)); + radippool.setCalledstationid(convertString(jsonObject, "calledstationid", false)); + radippool.setCallingstationid(convertString(jsonObject, "callingstationid", false)); + radippool.setExpiryTime(stringToDate(jsonObject.optString("ExpiryTime"),null)); + radippool.setUsername(convertString(jsonObject, "username", false)); + radippool.setPoolKey(convertString(jsonObject, "poolKey", false)); + return radippool; + } + + public JSONObject toJSON(RadIPPool radippool, JSONObject jsonObject) throws JSONException + { + jsonObject.put("uid", radippool.getId()); + jsonObject.put("poolName", radippool.getPoolName()); + jsonObject.put("framedipaddress", radippool.getFramedipaddress()); + jsonObject.put("nasipaddress", radippool.getNasipaddress()); + jsonObject.put("calledstationid", radippool.getCalledstationid()); + jsonObject.put("callingstationid", radippool.getCallingstationid()); + jsonObject.put("expiryTime", radippool.getExpiryTime()); + jsonObject.put("username", radippool.getUsername()); + jsonObject.put("poolKey", radippool.getPoolKey()); + return jsonObject; + } + + public JSONObject toRefJSON(RadIPPool radippool, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("name", beanField(radippool, nameColumn, encodeId)); + jsonObject.put("value", radippool.getId()); + return jsonObject; + } + + public JSONObject toSuggestJSON(RadIPPool radippool, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("suggest", beanField(radippool, nameColumn, encodeId)); + return jsonObject; + } + + public void insertFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.insert(fromJSON(new RadIPPool(), jsonObject)); + } + + public void updateFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + Long id = jsonObject.optLong("uid"); + RadIPPool record = dao.selectByPrimaryKey(id); + if (record != null) dao.updateByPrimaryKey(fromJSON(record, jsonObject)); + } + + public void deleteFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.deleteByPrimaryKey(jsonObject.getLong("uid")); + } + + public void listAsArray(JSONArray array, Map requestMap, JSONObject metaObject, Integer startRow, Integer rowCount, String orderByClause) throws JSONException + { + RadIPPoolExample example = new RadIPPoolExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + if (metaObject != null) + { + metaObject.put("count", dao.countByExample(example)); + } + example.setStartRow(startRow); + example.setRowCount(rowCount); + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadIPPool radippool : list) + { + array.put(array.length(), toJSON(radippool, new JSONObject())); + } + } + + public void listAsRefArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadIPPoolExample example = new RadIPPoolExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadIPPool radippool : list) + { + array.put(array.length(), toRefJSON(radippool, nameColumn, encodeId, new JSONObject())); + } + } + + public void listAsSuggestArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadIPPoolExample example = new RadIPPoolExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadIPPool radippool : list) + { + array.put(array.length(), toSuggestJSON(radippool, nameColumn, encodeId, new JSONObject())); + } + } + + public String getActualColumnName(String name) + { + if ("uid".equals(name)) return "id"; + if ("poolName".equals(name)) return "pool_name"; + if ("expiryTime".equals(name)) return "expiry_time"; + if ("poolKey".equals(name)) return "pool_key"; + return name; + } + +} diff --git a/extensions/dal/src/main/java/net/jradius/dal/json/RadPostAuthConvert.java b/extensions/dal/src/main/java/net/jradius/dal/json/RadPostAuthConvert.java new file mode 100644 index 0000000..cfa242c --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/json/RadPostAuthConvert.java @@ -0,0 +1,133 @@ +package net.jradius.dal.json; + +import java.util.*; +import org.json.*; + +import net.jradius.dal.dao.RadPostAuthDAO; +import net.jradius.dal.model.RadPostAuth; +import net.jradius.dal.model.RadPostAuthExample; +import net.jradius.dal.model.RadPostAuthExample.Criteria; + + +import com.coova.ewt.server.EWTException; +import com.coova.json.JSONConverter; + +public class RadPostAuthConvert extends JSONConverter +{ + private final RadPostAuthDAO dao; + + public RadPostAuthConvert(RadPostAuthDAO dao) + { + this.dao = dao; + } + + public RadPostAuth fromJSON(RadPostAuth radpostauth, JSONObject jsonObject) throws EWTException + { + radpostauth.setUsername(convertString(jsonObject, "username", false)); + radpostauth.setPass(convertString(jsonObject, "pass", false)); + radpostauth.setReply(convertString(jsonObject, "reply", false)); + radpostauth.setAuthdate(stringToDate(jsonObject.optString("Authdate"),new Date())); + return radpostauth; + } + + public JSONObject toJSON(RadPostAuth radpostauth, JSONObject jsonObject) throws JSONException + { + jsonObject.put("uid", radpostauth.getId()); + jsonObject.put("username", radpostauth.getUsername()); + jsonObject.put("pass", radpostauth.getPass()); + jsonObject.put("reply", radpostauth.getReply()); + jsonObject.put("authdate", radpostauth.getAuthdate()); + return jsonObject; + } + + public JSONObject toRefJSON(RadPostAuth radpostauth, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("name", beanField(radpostauth, nameColumn, encodeId)); + jsonObject.put("value", radpostauth.getId()); + return jsonObject; + } + + public JSONObject toSuggestJSON(RadPostAuth radpostauth, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("suggest", beanField(radpostauth, nameColumn, encodeId)); + return jsonObject; + } + + public void insertFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.insert(fromJSON(new RadPostAuth(), jsonObject)); + } + + public void updateFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + Long id = jsonObject.optLong("uid"); + RadPostAuth record = dao.selectByPrimaryKey(id); + if (record != null) dao.updateByPrimaryKey(fromJSON(record, jsonObject)); + } + + public void deleteFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.deleteByPrimaryKey(jsonObject.getLong("uid")); + } + + public void listAsArray(JSONArray array, Map requestMap, JSONObject metaObject, Integer startRow, Integer rowCount, String orderByClause) throws JSONException + { + RadPostAuthExample example = new RadPostAuthExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + if (metaObject != null) + { + metaObject.put("count", dao.countByExample(example)); + } + example.setStartRow(startRow); + example.setRowCount(rowCount); + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadPostAuth radpostauth : list) + { + array.put(array.length(), toJSON(radpostauth, new JSONObject())); + } + } + + public void listAsRefArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadPostAuthExample example = new RadPostAuthExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadPostAuth radpostauth : list) + { + array.put(array.length(), toRefJSON(radpostauth, nameColumn, encodeId, new JSONObject())); + } + } + + public void listAsSuggestArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadPostAuthExample example = new RadPostAuthExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadPostAuth radpostauth : list) + { + array.put(array.length(), toSuggestJSON(radpostauth, nameColumn, encodeId, new JSONObject())); + } + } + + public String getActualColumnName(String name) + { + if ("uid".equals(name)) return "id"; + return name; + } + +} diff --git a/extensions/dal/src/main/java/net/jradius/dal/json/RadReplyConvert.java b/extensions/dal/src/main/java/net/jradius/dal/json/RadReplyConvert.java new file mode 100644 index 0000000..5e3f505 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/json/RadReplyConvert.java @@ -0,0 +1,133 @@ +package net.jradius.dal.json; + +import java.util.*; +import org.json.*; + +import net.jradius.dal.dao.RadReplyDAO; +import net.jradius.dal.model.RadReply; +import net.jradius.dal.model.RadReplyExample; +import net.jradius.dal.model.RadReplyExample.Criteria; + + +import com.coova.ewt.server.EWTException; +import com.coova.json.JSONConverter; + +public class RadReplyConvert extends JSONConverter +{ + private final RadReplyDAO dao; + + public RadReplyConvert(RadReplyDAO dao) + { + this.dao = dao; + } + + public RadReply fromJSON(RadReply radreply, JSONObject jsonObject) throws EWTException + { + radreply.setUsername(convertString(jsonObject, "username", false)); + radreply.setAttribute(convertString(jsonObject, "attribute", false)); + radreply.setOp(convertString(jsonObject, "op", false)); + radreply.setValue(convertString(jsonObject, "value", false)); + return radreply; + } + + public JSONObject toJSON(RadReply radreply, JSONObject jsonObject) throws JSONException + { + jsonObject.put("uid", radreply.getId()); + jsonObject.put("username", radreply.getUsername()); + jsonObject.put("attribute", radreply.getAttribute()); + jsonObject.put("op", radreply.getOp()); + jsonObject.put("value", radreply.getValue()); + return jsonObject; + } + + public JSONObject toRefJSON(RadReply radreply, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("name", beanField(radreply, nameColumn, encodeId)); + jsonObject.put("value", radreply.getId()); + return jsonObject; + } + + public JSONObject toSuggestJSON(RadReply radreply, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("suggest", beanField(radreply, nameColumn, encodeId)); + return jsonObject; + } + + public void insertFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.insert(fromJSON(new RadReply(), jsonObject)); + } + + public void updateFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + Long id = jsonObject.optLong("uid"); + RadReply record = dao.selectByPrimaryKey(id); + if (record != null) dao.updateByPrimaryKey(fromJSON(record, jsonObject)); + } + + public void deleteFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.deleteByPrimaryKey(jsonObject.getLong("uid")); + } + + public void listAsArray(JSONArray array, Map requestMap, JSONObject metaObject, Integer startRow, Integer rowCount, String orderByClause) throws JSONException + { + RadReplyExample example = new RadReplyExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + if (metaObject != null) + { + metaObject.put("count", dao.countByExample(example)); + } + example.setStartRow(startRow); + example.setRowCount(rowCount); + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadReply radreply : list) + { + array.put(array.length(), toJSON(radreply, new JSONObject())); + } + } + + public void listAsRefArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadReplyExample example = new RadReplyExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadReply radreply : list) + { + array.put(array.length(), toRefJSON(radreply, nameColumn, encodeId, new JSONObject())); + } + } + + public void listAsSuggestArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadReplyExample example = new RadReplyExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadReply radreply : list) + { + array.put(array.length(), toSuggestJSON(radreply, nameColumn, encodeId, new JSONObject())); + } + } + + public String getActualColumnName(String name) + { + if ("uid".equals(name)) return "id"; + return name; + } + +} diff --git a/extensions/dal/src/main/java/net/jradius/dal/json/RadUserGroupConvert.java b/extensions/dal/src/main/java/net/jradius/dal/json/RadUserGroupConvert.java new file mode 100644 index 0000000..b86b272 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/json/RadUserGroupConvert.java @@ -0,0 +1,131 @@ +package net.jradius.dal.json; + +import java.util.*; +import org.json.*; + +import net.jradius.dal.dao.RadUserGroupDAO; +import net.jradius.dal.model.RadUserGroup; +import net.jradius.dal.model.RadUserGroupExample; +import net.jradius.dal.model.RadUserGroupExample.Criteria; + + +import com.coova.ewt.server.EWTException; +import com.coova.json.JSONConverter; + +public class RadUserGroupConvert extends JSONConverter +{ + private final RadUserGroupDAO dao; + + public RadUserGroupConvert(RadUserGroupDAO dao) + { + this.dao = dao; + } + + public RadUserGroup fromJSON(RadUserGroup radusergroup, JSONObject jsonObject) throws EWTException + { + radusergroup.setUsername(convertString(jsonObject, "username", false)); + radusergroup.setGroupname(convertString(jsonObject, "groupname", false)); + radusergroup.setPriority(convertInteger(jsonObject, "priority", false)); + return radusergroup; + } + + public JSONObject toJSON(RadUserGroup radusergroup, JSONObject jsonObject) throws JSONException + { + jsonObject.put("uid", radusergroup.getId()); + jsonObject.put("username", radusergroup.getUsername()); + jsonObject.put("groupname", radusergroup.getGroupname()); + jsonObject.put("priority", radusergroup.getPriority()); + return jsonObject; + } + + public JSONObject toRefJSON(RadUserGroup radusergroup, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("name", beanField(radusergroup, nameColumn, encodeId)); + jsonObject.put("value", radusergroup.getId()); + return jsonObject; + } + + public JSONObject toSuggestJSON(RadUserGroup radusergroup, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("suggest", beanField(radusergroup, nameColumn, encodeId)); + return jsonObject; + } + + public void insertFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.insert(fromJSON(new RadUserGroup(), jsonObject)); + } + + public void updateFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + Long id = jsonObject.optLong("uid"); + RadUserGroup record = dao.selectByPrimaryKey(id); + if (record != null) dao.updateByPrimaryKey(fromJSON(record, jsonObject)); + } + + public void deleteFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.deleteByPrimaryKey(jsonObject.getLong("uid")); + } + + public void listAsArray(JSONArray array, Map requestMap, JSONObject metaObject, Integer startRow, Integer rowCount, String orderByClause) throws JSONException + { + RadUserGroupExample example = new RadUserGroupExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + if (metaObject != null) + { + metaObject.put("count", dao.countByExample(example)); + } + example.setStartRow(startRow); + example.setRowCount(rowCount); + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadUserGroup radusergroup : list) + { + array.put(array.length(), toJSON(radusergroup, new JSONObject())); + } + } + + public void listAsRefArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadUserGroupExample example = new RadUserGroupExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadUserGroup radusergroup : list) + { + array.put(array.length(), toRefJSON(radusergroup, nameColumn, encodeId, new JSONObject())); + } + } + + public void listAsSuggestArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadUserGroupExample example = new RadUserGroupExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (RadUserGroup radusergroup : list) + { + array.put(array.length(), toSuggestJSON(radusergroup, nameColumn, encodeId, new JSONObject())); + } + } + + public String getActualColumnName(String name) + { + if ("uid".equals(name)) return "id"; + return name; + } + +} diff --git a/extensions/dal/src/main/java/net/jradius/dal/json/UIHelpConvert.java b/extensions/dal/src/main/java/net/jradius/dal/json/UIHelpConvert.java new file mode 100644 index 0000000..fb4f5ed --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/json/UIHelpConvert.java @@ -0,0 +1,129 @@ +package net.jradius.dal.json; + +import java.util.*; +import org.json.*; + +import net.jradius.dal.dao.UIHelpDAO; +import net.jradius.dal.model.UIHelp; +import net.jradius.dal.model.UIHelpExample; +import net.jradius.dal.model.UIHelpExample.Criteria; + + +import com.coova.ewt.server.EWTException; +import com.coova.json.JSONConverter; + +public class UIHelpConvert extends JSONConverter +{ + private final UIHelpDAO dao; + + public UIHelpConvert(UIHelpDAO dao) + { + this.dao = dao; + } + + public UIHelp fromJSON(UIHelp uihelp, JSONObject jsonObject) throws EWTException + { + uihelp.setKeyid(convertString(jsonObject, "keyid", true)); + uihelp.setHelptext(convertString(jsonObject, "helptext", true)); + return uihelp; + } + + public JSONObject toJSON(UIHelp uihelp, JSONObject jsonObject) throws JSONException + { + jsonObject.put("uid", uihelp.getId()); + jsonObject.put("keyid", uihelp.getKeyid()); + jsonObject.put("helptext", uihelp.getHelptext()); + return jsonObject; + } + + public JSONObject toRefJSON(UIHelp uihelp, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("name", beanField(uihelp, nameColumn, encodeId)); + jsonObject.put("value", uihelp.getId()); + return jsonObject; + } + + public JSONObject toSuggestJSON(UIHelp uihelp, String nameColumn, boolean encodeId, JSONObject jsonObject) throws JSONException + { + jsonObject.put("suggest", beanField(uihelp, nameColumn, encodeId)); + return jsonObject; + } + + public void insertFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.insert(fromJSON(new UIHelp(), jsonObject)); + } + + public void updateFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + Long id = jsonObject.optLong("uid"); + UIHelp record = dao.selectByPrimaryKey(id); + if (record != null) dao.updateByPrimaryKey(fromJSON(record, jsonObject)); + } + + public void deleteFromJSON(JSONObject jsonObject) throws EWTException, JSONException + { + dao.deleteByPrimaryKey(jsonObject.getLong("uid")); + } + + public void listAsArray(JSONArray array, Map requestMap, JSONObject metaObject, Integer startRow, Integer rowCount, String orderByClause) throws JSONException + { + UIHelpExample example = new UIHelpExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + if (metaObject != null) + { + metaObject.put("count", dao.countByExample(example)); + } + example.setStartRow(startRow); + example.setRowCount(rowCount); + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (UIHelp uihelp : list) + { + array.put(array.length(), toJSON(uihelp, new JSONObject())); + } + } + + public void listAsRefArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + UIHelpExample example = new UIHelpExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (UIHelp uihelp : list) + { + array.put(array.length(), toRefJSON(uihelp, nameColumn, encodeId, new JSONObject())); + } + } + + public void listAsSuggestArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + UIHelpExample example = new UIHelpExample(); + if (requestMap != null) + { + Criteria criteria = example.createCriteria(); + criteriaBeanMapper(criteria, requestMap); + } + example.setOrderByClause(orderByClause); + List list = dao.selectByExample(example); + for (UIHelp uihelp : list) + { + array.put(array.length(), toSuggestJSON(uihelp, nameColumn, encodeId, new JSONObject())); + } + } + + public String getActualColumnName(String name) + { + if ("uid".equals(name)) return "id"; + return name; + } + +} diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/NAS.java b/extensions/dal/src/main/java/net/jradius/dal/model/NAS.java new file mode 100644 index 0000000..86fe6fe --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/NAS.java @@ -0,0 +1,361 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; + +public class NAS extends Record { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column nas.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Long id; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column nas.nasname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String nasname; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column nas.nastype + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String nastype = "other"; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column nas.calledstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String calledstationid; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column nas.shortname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String shortname; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column nas.ports + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Integer ports; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column nas.secret + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String secret; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column nas.community + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String community; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column nas.description + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String description = "RADIUS Client"; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column nas.latitude + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Double latitude; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column nas.longitude + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Double longitude; + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column nas.id + * + * @return the value of nas.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long getId() { + return id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column nas.id + * + * @param id the value for nas.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setId(Long id) { + this.id = id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column nas.nasname + * + * @return the value of nas.nasname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getNasname() { + return nasname; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column nas.nasname + * + * @param nasname the value for nas.nasname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setNasname(String nasname) { + this.nasname = nasname == null ? null : nasname.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column nas.nastype + * + * @return the value of nas.nastype + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getNastype() { + return nastype; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column nas.nastype + * + * @param nastype the value for nas.nastype + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setNastype(String nastype) { + this.nastype = nastype == null ? null : nastype.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column nas.calledstationid + * + * @return the value of nas.calledstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getCalledstationid() { + return calledstationid; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column nas.calledstationid + * + * @param calledstationid the value for nas.calledstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setCalledstationid(String calledstationid) { + this.calledstationid = calledstationid == null ? null : calledstationid.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column nas.shortname + * + * @return the value of nas.shortname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getShortname() { + return shortname; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column nas.shortname + * + * @param shortname the value for nas.shortname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setShortname(String shortname) { + this.shortname = shortname == null ? null : shortname.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column nas.ports + * + * @return the value of nas.ports + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Integer getPorts() { + return ports; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column nas.ports + * + * @param ports the value for nas.ports + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setPorts(Integer ports) { + this.ports = ports; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column nas.secret + * + * @return the value of nas.secret + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getSecret() { + return secret; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column nas.secret + * + * @param secret the value for nas.secret + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setSecret(String secret) { + this.secret = secret == null ? null : secret.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column nas.community + * + * @return the value of nas.community + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getCommunity() { + return community; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column nas.community + * + * @param community the value for nas.community + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setCommunity(String community) { + this.community = community == null ? null : community.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column nas.description + * + * @return the value of nas.description + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getDescription() { + return description; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column nas.description + * + * @param description the value for nas.description + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setDescription(String description) { + this.description = description == null ? null : description.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column nas.latitude + * + * @return the value of nas.latitude + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Double getLatitude() { + return latitude; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column nas.latitude + * + * @param latitude the value for nas.latitude + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setLatitude(Double latitude) { + this.latitude = latitude; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column nas.longitude + * + * @return the value of nas.longitude + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Double getLongitude() { + return longitude; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column nas.longitude + * + * @param longitude the value for nas.longitude + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setLongitude(Double longitude) { + this.longitude = longitude; + } + + public Record synchronizedRecord() { + return new SynchronizedNAS(this); + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/NASExample.java b/extensions/dal/src/main/java/net/jradius/dal/model/NASExample.java new file mode 100644 index 0000000..10409d0 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/NASExample.java @@ -0,0 +1,972 @@ +package net.jradius.dal.model; + +import com.coova.dal.Example; +import com.coova.dal.ExampleCriteria; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class NASExample extends Example { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected String orderByClause; + + protected Integer startRow; + + protected Integer rowCount; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected List oredCriteria; + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public NASExample() { + oredCriteria = new ArrayList(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected NASExample(NASExample example) { + this.orderByClause = example.orderByClause; + this.oredCriteria = example.oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOrderByClause(String orderByClause) { + this.orderByClause = orderByClause; + } + + public void setStartRow(Integer startRow) { + this.startRow = startRow; + } + + public void setRowCount(Integer rowCount) { + this.rowCount = rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOrderByClause() { + return orderByClause; + } + + public Integer getStartRow() { + return startRow; + } + + public Integer getRowCount() { + return rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public List getOredCriteria() { + return oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void or(Criteria criteria) { + oredCriteria.add(criteria); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria createCriteria() { + Criteria criteria = createCriteriaInternal(); + if (oredCriteria.size() == 0) { + oredCriteria.add(criteria); + } + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria appendCriteria() { + if (oredCriteria.size() == 0) { + return createCriteria(); + } + return oredCriteria.get(0); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected Criteria createCriteriaInternal() { + Criteria criteria = new Criteria(); + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void clear() { + oredCriteria.clear(); + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table nas + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public static class Criteria extends ExampleCriteria { + protected List criteriaWithoutValue; + + protected List> criteriaWithSingleValue; + + protected List> criteriaWithListValue; + + protected List> criteriaWithBetweenValue; + + protected Criteria() { + super(); + criteriaWithoutValue = new ArrayList(); + criteriaWithSingleValue = new ArrayList>(); + criteriaWithListValue = new ArrayList>(); + criteriaWithBetweenValue = new ArrayList>(); + } + + public boolean isValid() { + return criteriaWithoutValue.size() > 0 + || criteriaWithSingleValue.size() > 0 + || criteriaWithListValue.size() > 0 + || criteriaWithBetweenValue.size() > 0; + } + + public List getCriteriaWithoutValue() { + return criteriaWithoutValue; + } + + public List> getCriteriaWithSingleValue() { + return criteriaWithSingleValue; + } + + public List> getCriteriaWithListValue() { + return criteriaWithListValue; + } + + public List> getCriteriaWithBetweenValue() { + return criteriaWithBetweenValue; + } + + protected void addCriterion(String condition) { + if (condition == null) { + throw new RuntimeException("Value for condition cannot be null"); + } + criteriaWithoutValue.add(condition); + } + + protected void addCriterion(String condition, Object value, String property) { + if (value == null) { + throw new RuntimeException("Value for " + property + " cannot be null"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("value", value); + criteriaWithSingleValue.add(map); + } + + protected void addCriterion(String condition, List values, String property) { + if (values == null || values.size() == 0) { + throw new RuntimeException("Value list for " + property + " cannot be null or empty"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", values); + criteriaWithListValue.add(map); + } + + protected void addCriterion(String condition, Object value1, Object value2, String property) { + if (value1 == null || value2 == null) { + throw new RuntimeException("Between values for " + property + " cannot be null"); + } + List list = new ArrayList(); + list.add(value1); + list.add(value2); + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", list); + criteriaWithBetweenValue.add(map); + } + + public Criteria andIdIsNull() { + addCriterion("id is null"); + return this; + } + + public Criteria andIdIsNotNull() { + addCriterion("id is not null"); + return this; + } + + public Criteria andIdEqualTo(Long value) { + addCriterion("id =", value, "id"); + return this; + } + + public Criteria andIdNotEqualTo(Long value) { + addCriterion("id <>", value, "id"); + return this; + } + + public Criteria andIdGreaterThan(Long value) { + addCriterion("id >", value, "id"); + return this; + } + + public Criteria andIdGreaterThanOrEqualTo(Long value) { + addCriterion("id >=", value, "id"); + return this; + } + + public Criteria andIdLessThan(Long value) { + addCriterion("id <", value, "id"); + return this; + } + + public Criteria andIdLessThanOrEqualTo(Long value) { + addCriterion("id <=", value, "id"); + return this; + } + + public Criteria andIdIn(List values) { + addCriterion("id in", values, "id"); + return this; + } + + public Criteria andIdNotIn(List values) { + addCriterion("id not in", values, "id"); + return this; + } + + public Criteria andIdBetween(Long value1, Long value2) { + addCriterion("id between", value1, value2, "id"); + return this; + } + + public Criteria andIdNotBetween(Long value1, Long value2) { + addCriterion("id not between", value1, value2, "id"); + return this; + } + + public Criteria andNasnameIsNull() { + addCriterion("nasname is null"); + return this; + } + + public Criteria andNasnameIsNotNull() { + addCriterion("nasname is not null"); + return this; + } + + public Criteria andNasnameEqualTo(String value) { + addCriterion("nasname =", value, "nasname"); + return this; + } + + public Criteria andNasnameNotEqualTo(String value) { + addCriterion("nasname <>", value, "nasname"); + return this; + } + + public Criteria andNasnameGreaterThan(String value) { + addCriterion("nasname >", value, "nasname"); + return this; + } + + public Criteria andNasnameGreaterThanOrEqualTo(String value) { + addCriterion("nasname >=", value, "nasname"); + return this; + } + + public Criteria andNasnameLessThan(String value) { + addCriterion("nasname <", value, "nasname"); + return this; + } + + public Criteria andNasnameLessThanOrEqualTo(String value) { + addCriterion("nasname <=", value, "nasname"); + return this; + } + + public Criteria andNasnameLike(String value) { + addCriterion("nasname like", value, "nasname"); + return this; + } + + public Criteria andNasnameNotLike(String value) { + addCriterion("nasname not like", value, "nasname"); + return this; + } + + public Criteria andNasnameIn(List values) { + addCriterion("nasname in", values, "nasname"); + return this; + } + + public Criteria andNasnameNotIn(List values) { + addCriterion("nasname not in", values, "nasname"); + return this; + } + + public Criteria andNasnameBetween(String value1, String value2) { + addCriterion("nasname between", value1, value2, "nasname"); + return this; + } + + public Criteria andNasnameNotBetween(String value1, String value2) { + addCriterion("nasname not between", value1, value2, "nasname"); + return this; + } + + public Criteria andNastypeIsNull() { + addCriterion("nastype is null"); + return this; + } + + public Criteria andNastypeIsNotNull() { + addCriterion("nastype is not null"); + return this; + } + + public Criteria andNastypeEqualTo(String value) { + addCriterion("nastype =", value, "nastype"); + return this; + } + + public Criteria andNastypeNotEqualTo(String value) { + addCriterion("nastype <>", value, "nastype"); + return this; + } + + public Criteria andNastypeGreaterThan(String value) { + addCriterion("nastype >", value, "nastype"); + return this; + } + + public Criteria andNastypeGreaterThanOrEqualTo(String value) { + addCriterion("nastype >=", value, "nastype"); + return this; + } + + public Criteria andNastypeLessThan(String value) { + addCriterion("nastype <", value, "nastype"); + return this; + } + + public Criteria andNastypeLessThanOrEqualTo(String value) { + addCriterion("nastype <=", value, "nastype"); + return this; + } + + public Criteria andNastypeLike(String value) { + addCriterion("nastype like", value, "nastype"); + return this; + } + + public Criteria andNastypeNotLike(String value) { + addCriterion("nastype not like", value, "nastype"); + return this; + } + + public Criteria andNastypeIn(List values) { + addCriterion("nastype in", values, "nastype"); + return this; + } + + public Criteria andNastypeNotIn(List values) { + addCriterion("nastype not in", values, "nastype"); + return this; + } + + public Criteria andNastypeBetween(String value1, String value2) { + addCriterion("nastype between", value1, value2, "nastype"); + return this; + } + + public Criteria andNastypeNotBetween(String value1, String value2) { + addCriterion("nastype not between", value1, value2, "nastype"); + return this; + } + + public Criteria andCalledstationidIsNull() { + addCriterion("calledstationid is null"); + return this; + } + + public Criteria andCalledstationidIsNotNull() { + addCriterion("calledstationid is not null"); + return this; + } + + public Criteria andCalledstationidEqualTo(String value) { + addCriterion("calledstationid =", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidNotEqualTo(String value) { + addCriterion("calledstationid <>", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidGreaterThan(String value) { + addCriterion("calledstationid >", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidGreaterThanOrEqualTo(String value) { + addCriterion("calledstationid >=", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidLessThan(String value) { + addCriterion("calledstationid <", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidLessThanOrEqualTo(String value) { + addCriterion("calledstationid <=", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidLike(String value) { + addCriterion("calledstationid like", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidNotLike(String value) { + addCriterion("calledstationid not like", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidIn(List values) { + addCriterion("calledstationid in", values, "calledstationid"); + return this; + } + + public Criteria andCalledstationidNotIn(List values) { + addCriterion("calledstationid not in", values, "calledstationid"); + return this; + } + + public Criteria andCalledstationidBetween(String value1, String value2) { + addCriterion("calledstationid between", value1, value2, "calledstationid"); + return this; + } + + public Criteria andCalledstationidNotBetween(String value1, String value2) { + addCriterion("calledstationid not between", value1, value2, "calledstationid"); + return this; + } + + public Criteria andShortnameIsNull() { + addCriterion("shortname is null"); + return this; + } + + public Criteria andShortnameIsNotNull() { + addCriterion("shortname is not null"); + return this; + } + + public Criteria andShortnameEqualTo(String value) { + addCriterion("shortname =", value, "shortname"); + return this; + } + + public Criteria andShortnameNotEqualTo(String value) { + addCriterion("shortname <>", value, "shortname"); + return this; + } + + public Criteria andShortnameGreaterThan(String value) { + addCriterion("shortname >", value, "shortname"); + return this; + } + + public Criteria andShortnameGreaterThanOrEqualTo(String value) { + addCriterion("shortname >=", value, "shortname"); + return this; + } + + public Criteria andShortnameLessThan(String value) { + addCriterion("shortname <", value, "shortname"); + return this; + } + + public Criteria andShortnameLessThanOrEqualTo(String value) { + addCriterion("shortname <=", value, "shortname"); + return this; + } + + public Criteria andShortnameLike(String value) { + addCriterion("shortname like", value, "shortname"); + return this; + } + + public Criteria andShortnameNotLike(String value) { + addCriterion("shortname not like", value, "shortname"); + return this; + } + + public Criteria andShortnameIn(List values) { + addCriterion("shortname in", values, "shortname"); + return this; + } + + public Criteria andShortnameNotIn(List values) { + addCriterion("shortname not in", values, "shortname"); + return this; + } + + public Criteria andShortnameBetween(String value1, String value2) { + addCriterion("shortname between", value1, value2, "shortname"); + return this; + } + + public Criteria andShortnameNotBetween(String value1, String value2) { + addCriterion("shortname not between", value1, value2, "shortname"); + return this; + } + + public Criteria andPortsIsNull() { + addCriterion("ports is null"); + return this; + } + + public Criteria andPortsIsNotNull() { + addCriterion("ports is not null"); + return this; + } + + public Criteria andPortsEqualTo(Integer value) { + addCriterion("ports =", value, "ports"); + return this; + } + + public Criteria andPortsNotEqualTo(Integer value) { + addCriterion("ports <>", value, "ports"); + return this; + } + + public Criteria andPortsGreaterThan(Integer value) { + addCriterion("ports >", value, "ports"); + return this; + } + + public Criteria andPortsGreaterThanOrEqualTo(Integer value) { + addCriterion("ports >=", value, "ports"); + return this; + } + + public Criteria andPortsLessThan(Integer value) { + addCriterion("ports <", value, "ports"); + return this; + } + + public Criteria andPortsLessThanOrEqualTo(Integer value) { + addCriterion("ports <=", value, "ports"); + return this; + } + + public Criteria andPortsIn(List values) { + addCriterion("ports in", values, "ports"); + return this; + } + + public Criteria andPortsNotIn(List values) { + addCriterion("ports not in", values, "ports"); + return this; + } + + public Criteria andPortsBetween(Integer value1, Integer value2) { + addCriterion("ports between", value1, value2, "ports"); + return this; + } + + public Criteria andPortsNotBetween(Integer value1, Integer value2) { + addCriterion("ports not between", value1, value2, "ports"); + return this; + } + + public Criteria andSecretIsNull() { + addCriterion("secret is null"); + return this; + } + + public Criteria andSecretIsNotNull() { + addCriterion("secret is not null"); + return this; + } + + public Criteria andSecretEqualTo(String value) { + addCriterion("secret =", value, "secret"); + return this; + } + + public Criteria andSecretNotEqualTo(String value) { + addCriterion("secret <>", value, "secret"); + return this; + } + + public Criteria andSecretGreaterThan(String value) { + addCriterion("secret >", value, "secret"); + return this; + } + + public Criteria andSecretGreaterThanOrEqualTo(String value) { + addCriterion("secret >=", value, "secret"); + return this; + } + + public Criteria andSecretLessThan(String value) { + addCriterion("secret <", value, "secret"); + return this; + } + + public Criteria andSecretLessThanOrEqualTo(String value) { + addCriterion("secret <=", value, "secret"); + return this; + } + + public Criteria andSecretLike(String value) { + addCriterion("secret like", value, "secret"); + return this; + } + + public Criteria andSecretNotLike(String value) { + addCriterion("secret not like", value, "secret"); + return this; + } + + public Criteria andSecretIn(List values) { + addCriterion("secret in", values, "secret"); + return this; + } + + public Criteria andSecretNotIn(List values) { + addCriterion("secret not in", values, "secret"); + return this; + } + + public Criteria andSecretBetween(String value1, String value2) { + addCriterion("secret between", value1, value2, "secret"); + return this; + } + + public Criteria andSecretNotBetween(String value1, String value2) { + addCriterion("secret not between", value1, value2, "secret"); + return this; + } + + public Criteria andCommunityIsNull() { + addCriterion("community is null"); + return this; + } + + public Criteria andCommunityIsNotNull() { + addCriterion("community is not null"); + return this; + } + + public Criteria andCommunityEqualTo(String value) { + addCriterion("community =", value, "community"); + return this; + } + + public Criteria andCommunityNotEqualTo(String value) { + addCriterion("community <>", value, "community"); + return this; + } + + public Criteria andCommunityGreaterThan(String value) { + addCriterion("community >", value, "community"); + return this; + } + + public Criteria andCommunityGreaterThanOrEqualTo(String value) { + addCriterion("community >=", value, "community"); + return this; + } + + public Criteria andCommunityLessThan(String value) { + addCriterion("community <", value, "community"); + return this; + } + + public Criteria andCommunityLessThanOrEqualTo(String value) { + addCriterion("community <=", value, "community"); + return this; + } + + public Criteria andCommunityLike(String value) { + addCriterion("community like", value, "community"); + return this; + } + + public Criteria andCommunityNotLike(String value) { + addCriterion("community not like", value, "community"); + return this; + } + + public Criteria andCommunityIn(List values) { + addCriterion("community in", values, "community"); + return this; + } + + public Criteria andCommunityNotIn(List values) { + addCriterion("community not in", values, "community"); + return this; + } + + public Criteria andCommunityBetween(String value1, String value2) { + addCriterion("community between", value1, value2, "community"); + return this; + } + + public Criteria andCommunityNotBetween(String value1, String value2) { + addCriterion("community not between", value1, value2, "community"); + return this; + } + + public Criteria andDescriptionIsNull() { + addCriterion("description is null"); + return this; + } + + public Criteria andDescriptionIsNotNull() { + addCriterion("description is not null"); + return this; + } + + public Criteria andDescriptionEqualTo(String value) { + addCriterion("description =", value, "description"); + return this; + } + + public Criteria andDescriptionNotEqualTo(String value) { + addCriterion("description <>", value, "description"); + return this; + } + + public Criteria andDescriptionGreaterThan(String value) { + addCriterion("description >", value, "description"); + return this; + } + + public Criteria andDescriptionGreaterThanOrEqualTo(String value) { + addCriterion("description >=", value, "description"); + return this; + } + + public Criteria andDescriptionLessThan(String value) { + addCriterion("description <", value, "description"); + return this; + } + + public Criteria andDescriptionLessThanOrEqualTo(String value) { + addCriterion("description <=", value, "description"); + return this; + } + + public Criteria andDescriptionLike(String value) { + addCriterion("description like", value, "description"); + return this; + } + + public Criteria andDescriptionNotLike(String value) { + addCriterion("description not like", value, "description"); + return this; + } + + public Criteria andDescriptionIn(List values) { + addCriterion("description in", values, "description"); + return this; + } + + public Criteria andDescriptionNotIn(List values) { + addCriterion("description not in", values, "description"); + return this; + } + + public Criteria andDescriptionBetween(String value1, String value2) { + addCriterion("description between", value1, value2, "description"); + return this; + } + + public Criteria andDescriptionNotBetween(String value1, String value2) { + addCriterion("description not between", value1, value2, "description"); + return this; + } + + public Criteria andLatitudeIsNull() { + addCriterion("latitude is null"); + return this; + } + + public Criteria andLatitudeIsNotNull() { + addCriterion("latitude is not null"); + return this; + } + + public Criteria andLatitudeEqualTo(Double value) { + addCriterion("latitude =", value, "latitude"); + return this; + } + + public Criteria andLatitudeNotEqualTo(Double value) { + addCriterion("latitude <>", value, "latitude"); + return this; + } + + public Criteria andLatitudeGreaterThan(Double value) { + addCriterion("latitude >", value, "latitude"); + return this; + } + + public Criteria andLatitudeGreaterThanOrEqualTo(Double value) { + addCriterion("latitude >=", value, "latitude"); + return this; + } + + public Criteria andLatitudeLessThan(Double value) { + addCriterion("latitude <", value, "latitude"); + return this; + } + + public Criteria andLatitudeLessThanOrEqualTo(Double value) { + addCriterion("latitude <=", value, "latitude"); + return this; + } + + public Criteria andLatitudeIn(List values) { + addCriterion("latitude in", values, "latitude"); + return this; + } + + public Criteria andLatitudeNotIn(List values) { + addCriterion("latitude not in", values, "latitude"); + return this; + } + + public Criteria andLatitudeBetween(Double value1, Double value2) { + addCriterion("latitude between", value1, value2, "latitude"); + return this; + } + + public Criteria andLatitudeNotBetween(Double value1, Double value2) { + addCriterion("latitude not between", value1, value2, "latitude"); + return this; + } + + public Criteria andLongitudeIsNull() { + addCriterion("longitude is null"); + return this; + } + + public Criteria andLongitudeIsNotNull() { + addCriterion("longitude is not null"); + return this; + } + + public Criteria andLongitudeEqualTo(Double value) { + addCriterion("longitude =", value, "longitude"); + return this; + } + + public Criteria andLongitudeNotEqualTo(Double value) { + addCriterion("longitude <>", value, "longitude"); + return this; + } + + public Criteria andLongitudeGreaterThan(Double value) { + addCriterion("longitude >", value, "longitude"); + return this; + } + + public Criteria andLongitudeGreaterThanOrEqualTo(Double value) { + addCriterion("longitude >=", value, "longitude"); + return this; + } + + public Criteria andLongitudeLessThan(Double value) { + addCriterion("longitude <", value, "longitude"); + return this; + } + + public Criteria andLongitudeLessThanOrEqualTo(Double value) { + addCriterion("longitude <=", value, "longitude"); + return this; + } + + public Criteria andLongitudeIn(List values) { + addCriterion("longitude in", values, "longitude"); + return this; + } + + public Criteria andLongitudeNotIn(List values) { + addCriterion("longitude not in", values, "longitude"); + return this; + } + + public Criteria andLongitudeBetween(Double value1, Double value2) { + addCriterion("longitude between", value1, value2, "longitude"); + return this; + } + + public Criteria andLongitudeNotBetween(Double value1, Double value2) { + addCriterion("longitude not between", value1, value2, "longitude"); + return this; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadAcct.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadAcct.java new file mode 100644 index 0000000..9c40085 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadAcct.java @@ -0,0 +1,842 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; +import java.util.Date; + +public class RadAcct extends Record { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Long id; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.acctsessionid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String acctsessionid = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.acctuniqueid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String acctuniqueid = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String username = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.groupname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String groupname = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.realm + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String realm = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.nasipaddress + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String nasipaddress = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.nasportid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String nasportid; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.nasporttype + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String nasporttype; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.acctstarttime + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Date acctstarttime; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.acctstoptime + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Date acctstoptime; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.acctsessiontime + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Integer acctsessiontime; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.acctauthentic + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String acctauthentic; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.connectinfo_start + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String connectinfoStart; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.connectinfo_stop + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String connectinfoStop; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.acctinputoctets + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Long acctinputoctets; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.acctoutputoctets + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Long acctoutputoctets; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.calledstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String calledstationid = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.callingstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String callingstationid = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.acctterminatecause + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String acctterminatecause = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.servicetype + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String servicetype; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.framedprotocol + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String framedprotocol; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.framedipaddress + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String framedipaddress = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.acctstartdelay + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Integer acctstartdelay; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.acctstopdelay + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Integer acctstopdelay; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radacct.xascendsessionsvrkey + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String xascendsessionsvrkey; + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.id + * + * @return the value of radacct.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long getId() { + return id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.id + * + * @param id the value for radacct.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setId(Long id) { + this.id = id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.acctsessionid + * + * @return the value of radacct.acctsessionid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getAcctsessionid() { + return acctsessionid; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.acctsessionid + * + * @param acctsessionid the value for radacct.acctsessionid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAcctsessionid(String acctsessionid) { + this.acctsessionid = acctsessionid == null ? null : acctsessionid.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.acctuniqueid + * + * @return the value of radacct.acctuniqueid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getAcctuniqueid() { + return acctuniqueid; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.acctuniqueid + * + * @param acctuniqueid the value for radacct.acctuniqueid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAcctuniqueid(String acctuniqueid) { + this.acctuniqueid = acctuniqueid == null ? null : acctuniqueid.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.username + * + * @return the value of radacct.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getUsername() { + return username; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.username + * + * @param username the value for radacct.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setUsername(String username) { + this.username = username == null ? null : username.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.groupname + * + * @return the value of radacct.groupname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getGroupname() { + return groupname; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.groupname + * + * @param groupname the value for radacct.groupname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setGroupname(String groupname) { + this.groupname = groupname == null ? null : groupname.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.realm + * + * @return the value of radacct.realm + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getRealm() { + return realm; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.realm + * + * @param realm the value for radacct.realm + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setRealm(String realm) { + this.realm = realm == null ? null : realm.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.nasipaddress + * + * @return the value of radacct.nasipaddress + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getNasipaddress() { + return nasipaddress; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.nasipaddress + * + * @param nasipaddress the value for radacct.nasipaddress + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setNasipaddress(String nasipaddress) { + this.nasipaddress = nasipaddress == null ? null : nasipaddress.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.nasportid + * + * @return the value of radacct.nasportid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getNasportid() { + return nasportid; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.nasportid + * + * @param nasportid the value for radacct.nasportid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setNasportid(String nasportid) { + this.nasportid = nasportid == null ? null : nasportid.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.nasporttype + * + * @return the value of radacct.nasporttype + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getNasporttype() { + return nasporttype; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.nasporttype + * + * @param nasporttype the value for radacct.nasporttype + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setNasporttype(String nasporttype) { + this.nasporttype = nasporttype == null ? null : nasporttype.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.acctstarttime + * + * @return the value of radacct.acctstarttime + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Date getAcctstarttime() { + return acctstarttime; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.acctstarttime + * + * @param acctstarttime the value for radacct.acctstarttime + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAcctstarttime(Date acctstarttime) { + this.acctstarttime = acctstarttime; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.acctstoptime + * + * @return the value of radacct.acctstoptime + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Date getAcctstoptime() { + return acctstoptime; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.acctstoptime + * + * @param acctstoptime the value for radacct.acctstoptime + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAcctstoptime(Date acctstoptime) { + this.acctstoptime = acctstoptime; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.acctsessiontime + * + * @return the value of radacct.acctsessiontime + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Integer getAcctsessiontime() { + return acctsessiontime; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.acctsessiontime + * + * @param acctsessiontime the value for radacct.acctsessiontime + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAcctsessiontime(Integer acctsessiontime) { + this.acctsessiontime = acctsessiontime; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.acctauthentic + * + * @return the value of radacct.acctauthentic + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getAcctauthentic() { + return acctauthentic; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.acctauthentic + * + * @param acctauthentic the value for radacct.acctauthentic + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAcctauthentic(String acctauthentic) { + this.acctauthentic = acctauthentic == null ? null : acctauthentic.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.connectinfo_start + * + * @return the value of radacct.connectinfo_start + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getConnectinfoStart() { + return connectinfoStart; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.connectinfo_start + * + * @param connectinfoStart the value for radacct.connectinfo_start + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setConnectinfoStart(String connectinfoStart) { + this.connectinfoStart = connectinfoStart == null ? null : connectinfoStart.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.connectinfo_stop + * + * @return the value of radacct.connectinfo_stop + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getConnectinfoStop() { + return connectinfoStop; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.connectinfo_stop + * + * @param connectinfoStop the value for radacct.connectinfo_stop + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setConnectinfoStop(String connectinfoStop) { + this.connectinfoStop = connectinfoStop == null ? null : connectinfoStop.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.acctinputoctets + * + * @return the value of radacct.acctinputoctets + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long getAcctinputoctets() { + return acctinputoctets; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.acctinputoctets + * + * @param acctinputoctets the value for radacct.acctinputoctets + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAcctinputoctets(Long acctinputoctets) { + this.acctinputoctets = acctinputoctets; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.acctoutputoctets + * + * @return the value of radacct.acctoutputoctets + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long getAcctoutputoctets() { + return acctoutputoctets; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.acctoutputoctets + * + * @param acctoutputoctets the value for radacct.acctoutputoctets + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAcctoutputoctets(Long acctoutputoctets) { + this.acctoutputoctets = acctoutputoctets; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.calledstationid + * + * @return the value of radacct.calledstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getCalledstationid() { + return calledstationid; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.calledstationid + * + * @param calledstationid the value for radacct.calledstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setCalledstationid(String calledstationid) { + this.calledstationid = calledstationid == null ? null : calledstationid.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.callingstationid + * + * @return the value of radacct.callingstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getCallingstationid() { + return callingstationid; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.callingstationid + * + * @param callingstationid the value for radacct.callingstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setCallingstationid(String callingstationid) { + this.callingstationid = callingstationid == null ? null : callingstationid.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.acctterminatecause + * + * @return the value of radacct.acctterminatecause + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getAcctterminatecause() { + return acctterminatecause; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.acctterminatecause + * + * @param acctterminatecause the value for radacct.acctterminatecause + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAcctterminatecause(String acctterminatecause) { + this.acctterminatecause = acctterminatecause == null ? null : acctterminatecause.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.servicetype + * + * @return the value of radacct.servicetype + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getServicetype() { + return servicetype; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.servicetype + * + * @param servicetype the value for radacct.servicetype + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setServicetype(String servicetype) { + this.servicetype = servicetype == null ? null : servicetype.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.framedprotocol + * + * @return the value of radacct.framedprotocol + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getFramedprotocol() { + return framedprotocol; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.framedprotocol + * + * @param framedprotocol the value for radacct.framedprotocol + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setFramedprotocol(String framedprotocol) { + this.framedprotocol = framedprotocol == null ? null : framedprotocol.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.framedipaddress + * + * @return the value of radacct.framedipaddress + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getFramedipaddress() { + return framedipaddress; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.framedipaddress + * + * @param framedipaddress the value for radacct.framedipaddress + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setFramedipaddress(String framedipaddress) { + this.framedipaddress = framedipaddress == null ? null : framedipaddress.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.acctstartdelay + * + * @return the value of radacct.acctstartdelay + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Integer getAcctstartdelay() { + return acctstartdelay; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.acctstartdelay + * + * @param acctstartdelay the value for radacct.acctstartdelay + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAcctstartdelay(Integer acctstartdelay) { + this.acctstartdelay = acctstartdelay; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.acctstopdelay + * + * @return the value of radacct.acctstopdelay + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Integer getAcctstopdelay() { + return acctstopdelay; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.acctstopdelay + * + * @param acctstopdelay the value for radacct.acctstopdelay + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAcctstopdelay(Integer acctstopdelay) { + this.acctstopdelay = acctstopdelay; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radacct.xascendsessionsvrkey + * + * @return the value of radacct.xascendsessionsvrkey + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getXascendsessionsvrkey() { + return xascendsessionsvrkey; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radacct.xascendsessionsvrkey + * + * @param xascendsessionsvrkey the value for radacct.xascendsessionsvrkey + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setXascendsessionsvrkey(String xascendsessionsvrkey) { + this.xascendsessionsvrkey = xascendsessionsvrkey == null ? null : xascendsessionsvrkey.trim(); + } + + public Record synchronizedRecord() { + return new SynchronizedRadAcct(this); + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadAcctExample.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadAcctExample.java new file mode 100644 index 0000000..e61cba7 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadAcctExample.java @@ -0,0 +1,1983 @@ +package net.jradius.dal.model; + +import com.coova.dal.Example; +import com.coova.dal.ExampleCriteria; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class RadAcctExample extends Example { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected String orderByClause; + + protected Integer startRow; + + protected Integer rowCount; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected List oredCriteria; + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadAcctExample() { + oredCriteria = new ArrayList(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected RadAcctExample(RadAcctExample example) { + this.orderByClause = example.orderByClause; + this.oredCriteria = example.oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOrderByClause(String orderByClause) { + this.orderByClause = orderByClause; + } + + public void setStartRow(Integer startRow) { + this.startRow = startRow; + } + + public void setRowCount(Integer rowCount) { + this.rowCount = rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOrderByClause() { + return orderByClause; + } + + public Integer getStartRow() { + return startRow; + } + + public Integer getRowCount() { + return rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public List getOredCriteria() { + return oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void or(Criteria criteria) { + oredCriteria.add(criteria); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria createCriteria() { + Criteria criteria = createCriteriaInternal(); + if (oredCriteria.size() == 0) { + oredCriteria.add(criteria); + } + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria appendCriteria() { + if (oredCriteria.size() == 0) { + return createCriteria(); + } + return oredCriteria.get(0); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected Criteria createCriteriaInternal() { + Criteria criteria = new Criteria(); + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void clear() { + oredCriteria.clear(); + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radacct + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public static class Criteria extends ExampleCriteria { + protected List criteriaWithoutValue; + + protected List> criteriaWithSingleValue; + + protected List> criteriaWithListValue; + + protected List> criteriaWithBetweenValue; + + protected Criteria() { + super(); + criteriaWithoutValue = new ArrayList(); + criteriaWithSingleValue = new ArrayList>(); + criteriaWithListValue = new ArrayList>(); + criteriaWithBetweenValue = new ArrayList>(); + } + + public boolean isValid() { + return criteriaWithoutValue.size() > 0 + || criteriaWithSingleValue.size() > 0 + || criteriaWithListValue.size() > 0 + || criteriaWithBetweenValue.size() > 0; + } + + public List getCriteriaWithoutValue() { + return criteriaWithoutValue; + } + + public List> getCriteriaWithSingleValue() { + return criteriaWithSingleValue; + } + + public List> getCriteriaWithListValue() { + return criteriaWithListValue; + } + + public List> getCriteriaWithBetweenValue() { + return criteriaWithBetweenValue; + } + + protected void addCriterion(String condition) { + if (condition == null) { + throw new RuntimeException("Value for condition cannot be null"); + } + criteriaWithoutValue.add(condition); + } + + protected void addCriterion(String condition, Object value, String property) { + if (value == null) { + throw new RuntimeException("Value for " + property + " cannot be null"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("value", value); + criteriaWithSingleValue.add(map); + } + + protected void addCriterion(String condition, List values, String property) { + if (values == null || values.size() == 0) { + throw new RuntimeException("Value list for " + property + " cannot be null or empty"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", values); + criteriaWithListValue.add(map); + } + + protected void addCriterion(String condition, Object value1, Object value2, String property) { + if (value1 == null || value2 == null) { + throw new RuntimeException("Between values for " + property + " cannot be null"); + } + List list = new ArrayList(); + list.add(value1); + list.add(value2); + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", list); + criteriaWithBetweenValue.add(map); + } + + public Criteria andIdIsNull() { + addCriterion("id is null"); + return this; + } + + public Criteria andIdIsNotNull() { + addCriterion("id is not null"); + return this; + } + + public Criteria andIdEqualTo(Long value) { + addCriterion("id =", value, "id"); + return this; + } + + public Criteria andIdNotEqualTo(Long value) { + addCriterion("id <>", value, "id"); + return this; + } + + public Criteria andIdGreaterThan(Long value) { + addCriterion("id >", value, "id"); + return this; + } + + public Criteria andIdGreaterThanOrEqualTo(Long value) { + addCriterion("id >=", value, "id"); + return this; + } + + public Criteria andIdLessThan(Long value) { + addCriterion("id <", value, "id"); + return this; + } + + public Criteria andIdLessThanOrEqualTo(Long value) { + addCriterion("id <=", value, "id"); + return this; + } + + public Criteria andIdIn(List values) { + addCriterion("id in", values, "id"); + return this; + } + + public Criteria andIdNotIn(List values) { + addCriterion("id not in", values, "id"); + return this; + } + + public Criteria andIdBetween(Long value1, Long value2) { + addCriterion("id between", value1, value2, "id"); + return this; + } + + public Criteria andIdNotBetween(Long value1, Long value2) { + addCriterion("id not between", value1, value2, "id"); + return this; + } + + public Criteria andAcctsessionidIsNull() { + addCriterion("acctsessionid is null"); + return this; + } + + public Criteria andAcctsessionidIsNotNull() { + addCriterion("acctsessionid is not null"); + return this; + } + + public Criteria andAcctsessionidEqualTo(String value) { + addCriterion("acctsessionid =", value, "acctsessionid"); + return this; + } + + public Criteria andAcctsessionidNotEqualTo(String value) { + addCriterion("acctsessionid <>", value, "acctsessionid"); + return this; + } + + public Criteria andAcctsessionidGreaterThan(String value) { + addCriterion("acctsessionid >", value, "acctsessionid"); + return this; + } + + public Criteria andAcctsessionidGreaterThanOrEqualTo(String value) { + addCriterion("acctsessionid >=", value, "acctsessionid"); + return this; + } + + public Criteria andAcctsessionidLessThan(String value) { + addCriterion("acctsessionid <", value, "acctsessionid"); + return this; + } + + public Criteria andAcctsessionidLessThanOrEqualTo(String value) { + addCriterion("acctsessionid <=", value, "acctsessionid"); + return this; + } + + public Criteria andAcctsessionidLike(String value) { + addCriterion("acctsessionid like", value, "acctsessionid"); + return this; + } + + public Criteria andAcctsessionidNotLike(String value) { + addCriterion("acctsessionid not like", value, "acctsessionid"); + return this; + } + + public Criteria andAcctsessionidIn(List values) { + addCriterion("acctsessionid in", values, "acctsessionid"); + return this; + } + + public Criteria andAcctsessionidNotIn(List values) { + addCriterion("acctsessionid not in", values, "acctsessionid"); + return this; + } + + public Criteria andAcctsessionidBetween(String value1, String value2) { + addCriterion("acctsessionid between", value1, value2, "acctsessionid"); + return this; + } + + public Criteria andAcctsessionidNotBetween(String value1, String value2) { + addCriterion("acctsessionid not between", value1, value2, "acctsessionid"); + return this; + } + + public Criteria andAcctuniqueidIsNull() { + addCriterion("acctuniqueid is null"); + return this; + } + + public Criteria andAcctuniqueidIsNotNull() { + addCriterion("acctuniqueid is not null"); + return this; + } + + public Criteria andAcctuniqueidEqualTo(String value) { + addCriterion("acctuniqueid =", value, "acctuniqueid"); + return this; + } + + public Criteria andAcctuniqueidNotEqualTo(String value) { + addCriterion("acctuniqueid <>", value, "acctuniqueid"); + return this; + } + + public Criteria andAcctuniqueidGreaterThan(String value) { + addCriterion("acctuniqueid >", value, "acctuniqueid"); + return this; + } + + public Criteria andAcctuniqueidGreaterThanOrEqualTo(String value) { + addCriterion("acctuniqueid >=", value, "acctuniqueid"); + return this; + } + + public Criteria andAcctuniqueidLessThan(String value) { + addCriterion("acctuniqueid <", value, "acctuniqueid"); + return this; + } + + public Criteria andAcctuniqueidLessThanOrEqualTo(String value) { + addCriterion("acctuniqueid <=", value, "acctuniqueid"); + return this; + } + + public Criteria andAcctuniqueidLike(String value) { + addCriterion("acctuniqueid like", value, "acctuniqueid"); + return this; + } + + public Criteria andAcctuniqueidNotLike(String value) { + addCriterion("acctuniqueid not like", value, "acctuniqueid"); + return this; + } + + public Criteria andAcctuniqueidIn(List values) { + addCriterion("acctuniqueid in", values, "acctuniqueid"); + return this; + } + + public Criteria andAcctuniqueidNotIn(List values) { + addCriterion("acctuniqueid not in", values, "acctuniqueid"); + return this; + } + + public Criteria andAcctuniqueidBetween(String value1, String value2) { + addCriterion("acctuniqueid between", value1, value2, "acctuniqueid"); + return this; + } + + public Criteria andAcctuniqueidNotBetween(String value1, String value2) { + addCriterion("acctuniqueid not between", value1, value2, "acctuniqueid"); + return this; + } + + public Criteria andUsernameIsNull() { + addCriterion("username is null"); + return this; + } + + public Criteria andUsernameIsNotNull() { + addCriterion("username is not null"); + return this; + } + + public Criteria andUsernameEqualTo(String value) { + addCriterion("username =", value, "username"); + return this; + } + + public Criteria andUsernameNotEqualTo(String value) { + addCriterion("username <>", value, "username"); + return this; + } + + public Criteria andUsernameGreaterThan(String value) { + addCriterion("username >", value, "username"); + return this; + } + + public Criteria andUsernameGreaterThanOrEqualTo(String value) { + addCriterion("username >=", value, "username"); + return this; + } + + public Criteria andUsernameLessThan(String value) { + addCriterion("username <", value, "username"); + return this; + } + + public Criteria andUsernameLessThanOrEqualTo(String value) { + addCriterion("username <=", value, "username"); + return this; + } + + public Criteria andUsernameLike(String value) { + addCriterion("username like", value, "username"); + return this; + } + + public Criteria andUsernameNotLike(String value) { + addCriterion("username not like", value, "username"); + return this; + } + + public Criteria andUsernameIn(List values) { + addCriterion("username in", values, "username"); + return this; + } + + public Criteria andUsernameNotIn(List values) { + addCriterion("username not in", values, "username"); + return this; + } + + public Criteria andUsernameBetween(String value1, String value2) { + addCriterion("username between", value1, value2, "username"); + return this; + } + + public Criteria andUsernameNotBetween(String value1, String value2) { + addCriterion("username not between", value1, value2, "username"); + return this; + } + + public Criteria andGroupnameIsNull() { + addCriterion("groupname is null"); + return this; + } + + public Criteria andGroupnameIsNotNull() { + addCriterion("groupname is not null"); + return this; + } + + public Criteria andGroupnameEqualTo(String value) { + addCriterion("groupname =", value, "groupname"); + return this; + } + + public Criteria andGroupnameNotEqualTo(String value) { + addCriterion("groupname <>", value, "groupname"); + return this; + } + + public Criteria andGroupnameGreaterThan(String value) { + addCriterion("groupname >", value, "groupname"); + return this; + } + + public Criteria andGroupnameGreaterThanOrEqualTo(String value) { + addCriterion("groupname >=", value, "groupname"); + return this; + } + + public Criteria andGroupnameLessThan(String value) { + addCriterion("groupname <", value, "groupname"); + return this; + } + + public Criteria andGroupnameLessThanOrEqualTo(String value) { + addCriterion("groupname <=", value, "groupname"); + return this; + } + + public Criteria andGroupnameLike(String value) { + addCriterion("groupname like", value, "groupname"); + return this; + } + + public Criteria andGroupnameNotLike(String value) { + addCriterion("groupname not like", value, "groupname"); + return this; + } + + public Criteria andGroupnameIn(List values) { + addCriterion("groupname in", values, "groupname"); + return this; + } + + public Criteria andGroupnameNotIn(List values) { + addCriterion("groupname not in", values, "groupname"); + return this; + } + + public Criteria andGroupnameBetween(String value1, String value2) { + addCriterion("groupname between", value1, value2, "groupname"); + return this; + } + + public Criteria andGroupnameNotBetween(String value1, String value2) { + addCriterion("groupname not between", value1, value2, "groupname"); + return this; + } + + public Criteria andRealmIsNull() { + addCriterion("realm is null"); + return this; + } + + public Criteria andRealmIsNotNull() { + addCriterion("realm is not null"); + return this; + } + + public Criteria andRealmEqualTo(String value) { + addCriterion("realm =", value, "realm"); + return this; + } + + public Criteria andRealmNotEqualTo(String value) { + addCriterion("realm <>", value, "realm"); + return this; + } + + public Criteria andRealmGreaterThan(String value) { + addCriterion("realm >", value, "realm"); + return this; + } + + public Criteria andRealmGreaterThanOrEqualTo(String value) { + addCriterion("realm >=", value, "realm"); + return this; + } + + public Criteria andRealmLessThan(String value) { + addCriterion("realm <", value, "realm"); + return this; + } + + public Criteria andRealmLessThanOrEqualTo(String value) { + addCriterion("realm <=", value, "realm"); + return this; + } + + public Criteria andRealmLike(String value) { + addCriterion("realm like", value, "realm"); + return this; + } + + public Criteria andRealmNotLike(String value) { + addCriterion("realm not like", value, "realm"); + return this; + } + + public Criteria andRealmIn(List values) { + addCriterion("realm in", values, "realm"); + return this; + } + + public Criteria andRealmNotIn(List values) { + addCriterion("realm not in", values, "realm"); + return this; + } + + public Criteria andRealmBetween(String value1, String value2) { + addCriterion("realm between", value1, value2, "realm"); + return this; + } + + public Criteria andRealmNotBetween(String value1, String value2) { + addCriterion("realm not between", value1, value2, "realm"); + return this; + } + + public Criteria andNasipaddressIsNull() { + addCriterion("nasipaddress is null"); + return this; + } + + public Criteria andNasipaddressIsNotNull() { + addCriterion("nasipaddress is not null"); + return this; + } + + public Criteria andNasipaddressEqualTo(String value) { + addCriterion("nasipaddress =", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressNotEqualTo(String value) { + addCriterion("nasipaddress <>", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressGreaterThan(String value) { + addCriterion("nasipaddress >", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressGreaterThanOrEqualTo(String value) { + addCriterion("nasipaddress >=", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressLessThan(String value) { + addCriterion("nasipaddress <", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressLessThanOrEqualTo(String value) { + addCriterion("nasipaddress <=", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressLike(String value) { + addCriterion("nasipaddress like", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressNotLike(String value) { + addCriterion("nasipaddress not like", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressIn(List values) { + addCriterion("nasipaddress in", values, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressNotIn(List values) { + addCriterion("nasipaddress not in", values, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressBetween(String value1, String value2) { + addCriterion("nasipaddress between", value1, value2, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressNotBetween(String value1, String value2) { + addCriterion("nasipaddress not between", value1, value2, "nasipaddress"); + return this; + } + + public Criteria andNasportidIsNull() { + addCriterion("nasportid is null"); + return this; + } + + public Criteria andNasportidIsNotNull() { + addCriterion("nasportid is not null"); + return this; + } + + public Criteria andNasportidEqualTo(String value) { + addCriterion("nasportid =", value, "nasportid"); + return this; + } + + public Criteria andNasportidNotEqualTo(String value) { + addCriterion("nasportid <>", value, "nasportid"); + return this; + } + + public Criteria andNasportidGreaterThan(String value) { + addCriterion("nasportid >", value, "nasportid"); + return this; + } + + public Criteria andNasportidGreaterThanOrEqualTo(String value) { + addCriterion("nasportid >=", value, "nasportid"); + return this; + } + + public Criteria andNasportidLessThan(String value) { + addCriterion("nasportid <", value, "nasportid"); + return this; + } + + public Criteria andNasportidLessThanOrEqualTo(String value) { + addCriterion("nasportid <=", value, "nasportid"); + return this; + } + + public Criteria andNasportidLike(String value) { + addCriterion("nasportid like", value, "nasportid"); + return this; + } + + public Criteria andNasportidNotLike(String value) { + addCriterion("nasportid not like", value, "nasportid"); + return this; + } + + public Criteria andNasportidIn(List values) { + addCriterion("nasportid in", values, "nasportid"); + return this; + } + + public Criteria andNasportidNotIn(List values) { + addCriterion("nasportid not in", values, "nasportid"); + return this; + } + + public Criteria andNasportidBetween(String value1, String value2) { + addCriterion("nasportid between", value1, value2, "nasportid"); + return this; + } + + public Criteria andNasportidNotBetween(String value1, String value2) { + addCriterion("nasportid not between", value1, value2, "nasportid"); + return this; + } + + public Criteria andNasporttypeIsNull() { + addCriterion("nasporttype is null"); + return this; + } + + public Criteria andNasporttypeIsNotNull() { + addCriterion("nasporttype is not null"); + return this; + } + + public Criteria andNasporttypeEqualTo(String value) { + addCriterion("nasporttype =", value, "nasporttype"); + return this; + } + + public Criteria andNasporttypeNotEqualTo(String value) { + addCriterion("nasporttype <>", value, "nasporttype"); + return this; + } + + public Criteria andNasporttypeGreaterThan(String value) { + addCriterion("nasporttype >", value, "nasporttype"); + return this; + } + + public Criteria andNasporttypeGreaterThanOrEqualTo(String value) { + addCriterion("nasporttype >=", value, "nasporttype"); + return this; + } + + public Criteria andNasporttypeLessThan(String value) { + addCriterion("nasporttype <", value, "nasporttype"); + return this; + } + + public Criteria andNasporttypeLessThanOrEqualTo(String value) { + addCriterion("nasporttype <=", value, "nasporttype"); + return this; + } + + public Criteria andNasporttypeLike(String value) { + addCriterion("nasporttype like", value, "nasporttype"); + return this; + } + + public Criteria andNasporttypeNotLike(String value) { + addCriterion("nasporttype not like", value, "nasporttype"); + return this; + } + + public Criteria andNasporttypeIn(List values) { + addCriterion("nasporttype in", values, "nasporttype"); + return this; + } + + public Criteria andNasporttypeNotIn(List values) { + addCriterion("nasporttype not in", values, "nasporttype"); + return this; + } + + public Criteria andNasporttypeBetween(String value1, String value2) { + addCriterion("nasporttype between", value1, value2, "nasporttype"); + return this; + } + + public Criteria andNasporttypeNotBetween(String value1, String value2) { + addCriterion("nasporttype not between", value1, value2, "nasporttype"); + return this; + } + + public Criteria andAcctstarttimeIsNull() { + addCriterion("acctstarttime is null"); + return this; + } + + public Criteria andAcctstarttimeIsNotNull() { + addCriterion("acctstarttime is not null"); + return this; + } + + public Criteria andAcctstarttimeEqualTo(Date value) { + addCriterion("acctstarttime =", value, "acctstarttime"); + return this; + } + + public Criteria andAcctstarttimeNotEqualTo(Date value) { + addCriterion("acctstarttime <>", value, "acctstarttime"); + return this; + } + + public Criteria andAcctstarttimeGreaterThan(Date value) { + addCriterion("acctstarttime >", value, "acctstarttime"); + return this; + } + + public Criteria andAcctstarttimeGreaterThanOrEqualTo(Date value) { + addCriterion("acctstarttime >=", value, "acctstarttime"); + return this; + } + + public Criteria andAcctstarttimeLessThan(Date value) { + addCriterion("acctstarttime <", value, "acctstarttime"); + return this; + } + + public Criteria andAcctstarttimeLessThanOrEqualTo(Date value) { + addCriterion("acctstarttime <=", value, "acctstarttime"); + return this; + } + + public Criteria andAcctstarttimeIn(List values) { + addCriterion("acctstarttime in", values, "acctstarttime"); + return this; + } + + public Criteria andAcctstarttimeNotIn(List values) { + addCriterion("acctstarttime not in", values, "acctstarttime"); + return this; + } + + public Criteria andAcctstarttimeBetween(Date value1, Date value2) { + addCriterion("acctstarttime between", value1, value2, "acctstarttime"); + return this; + } + + public Criteria andAcctstarttimeNotBetween(Date value1, Date value2) { + addCriterion("acctstarttime not between", value1, value2, "acctstarttime"); + return this; + } + + public Criteria andAcctstoptimeIsNull() { + addCriterion("acctstoptime is null"); + return this; + } + + public Criteria andAcctstoptimeIsNotNull() { + addCriterion("acctstoptime is not null"); + return this; + } + + public Criteria andAcctstoptimeEqualTo(Date value) { + addCriterion("acctstoptime =", value, "acctstoptime"); + return this; + } + + public Criteria andAcctstoptimeNotEqualTo(Date value) { + addCriterion("acctstoptime <>", value, "acctstoptime"); + return this; + } + + public Criteria andAcctstoptimeGreaterThan(Date value) { + addCriterion("acctstoptime >", value, "acctstoptime"); + return this; + } + + public Criteria andAcctstoptimeGreaterThanOrEqualTo(Date value) { + addCriterion("acctstoptime >=", value, "acctstoptime"); + return this; + } + + public Criteria andAcctstoptimeLessThan(Date value) { + addCriterion("acctstoptime <", value, "acctstoptime"); + return this; + } + + public Criteria andAcctstoptimeLessThanOrEqualTo(Date value) { + addCriterion("acctstoptime <=", value, "acctstoptime"); + return this; + } + + public Criteria andAcctstoptimeIn(List values) { + addCriterion("acctstoptime in", values, "acctstoptime"); + return this; + } + + public Criteria andAcctstoptimeNotIn(List values) { + addCriterion("acctstoptime not in", values, "acctstoptime"); + return this; + } + + public Criteria andAcctstoptimeBetween(Date value1, Date value2) { + addCriterion("acctstoptime between", value1, value2, "acctstoptime"); + return this; + } + + public Criteria andAcctstoptimeNotBetween(Date value1, Date value2) { + addCriterion("acctstoptime not between", value1, value2, "acctstoptime"); + return this; + } + + public Criteria andAcctsessiontimeIsNull() { + addCriterion("acctsessiontime is null"); + return this; + } + + public Criteria andAcctsessiontimeIsNotNull() { + addCriterion("acctsessiontime is not null"); + return this; + } + + public Criteria andAcctsessiontimeEqualTo(Integer value) { + addCriterion("acctsessiontime =", value, "acctsessiontime"); + return this; + } + + public Criteria andAcctsessiontimeNotEqualTo(Integer value) { + addCriterion("acctsessiontime <>", value, "acctsessiontime"); + return this; + } + + public Criteria andAcctsessiontimeGreaterThan(Integer value) { + addCriterion("acctsessiontime >", value, "acctsessiontime"); + return this; + } + + public Criteria andAcctsessiontimeGreaterThanOrEqualTo(Integer value) { + addCriterion("acctsessiontime >=", value, "acctsessiontime"); + return this; + } + + public Criteria andAcctsessiontimeLessThan(Integer value) { + addCriterion("acctsessiontime <", value, "acctsessiontime"); + return this; + } + + public Criteria andAcctsessiontimeLessThanOrEqualTo(Integer value) { + addCriterion("acctsessiontime <=", value, "acctsessiontime"); + return this; + } + + public Criteria andAcctsessiontimeIn(List values) { + addCriterion("acctsessiontime in", values, "acctsessiontime"); + return this; + } + + public Criteria andAcctsessiontimeNotIn(List values) { + addCriterion("acctsessiontime not in", values, "acctsessiontime"); + return this; + } + + public Criteria andAcctsessiontimeBetween(Integer value1, Integer value2) { + addCriterion("acctsessiontime between", value1, value2, "acctsessiontime"); + return this; + } + + public Criteria andAcctsessiontimeNotBetween(Integer value1, Integer value2) { + addCriterion("acctsessiontime not between", value1, value2, "acctsessiontime"); + return this; + } + + public Criteria andAcctauthenticIsNull() { + addCriterion("acctauthentic is null"); + return this; + } + + public Criteria andAcctauthenticIsNotNull() { + addCriterion("acctauthentic is not null"); + return this; + } + + public Criteria andAcctauthenticEqualTo(String value) { + addCriterion("acctauthentic =", value, "acctauthentic"); + return this; + } + + public Criteria andAcctauthenticNotEqualTo(String value) { + addCriterion("acctauthentic <>", value, "acctauthentic"); + return this; + } + + public Criteria andAcctauthenticGreaterThan(String value) { + addCriterion("acctauthentic >", value, "acctauthentic"); + return this; + } + + public Criteria andAcctauthenticGreaterThanOrEqualTo(String value) { + addCriterion("acctauthentic >=", value, "acctauthentic"); + return this; + } + + public Criteria andAcctauthenticLessThan(String value) { + addCriterion("acctauthentic <", value, "acctauthentic"); + return this; + } + + public Criteria andAcctauthenticLessThanOrEqualTo(String value) { + addCriterion("acctauthentic <=", value, "acctauthentic"); + return this; + } + + public Criteria andAcctauthenticLike(String value) { + addCriterion("acctauthentic like", value, "acctauthentic"); + return this; + } + + public Criteria andAcctauthenticNotLike(String value) { + addCriterion("acctauthentic not like", value, "acctauthentic"); + return this; + } + + public Criteria andAcctauthenticIn(List values) { + addCriterion("acctauthentic in", values, "acctauthentic"); + return this; + } + + public Criteria andAcctauthenticNotIn(List values) { + addCriterion("acctauthentic not in", values, "acctauthentic"); + return this; + } + + public Criteria andAcctauthenticBetween(String value1, String value2) { + addCriterion("acctauthentic between", value1, value2, "acctauthentic"); + return this; + } + + public Criteria andAcctauthenticNotBetween(String value1, String value2) { + addCriterion("acctauthentic not between", value1, value2, "acctauthentic"); + return this; + } + + public Criteria andConnectinfoStartIsNull() { + addCriterion("connectinfo_start is null"); + return this; + } + + public Criteria andConnectinfoStartIsNotNull() { + addCriterion("connectinfo_start is not null"); + return this; + } + + public Criteria andConnectinfoStartEqualTo(String value) { + addCriterion("connectinfo_start =", value, "connectinfoStart"); + return this; + } + + public Criteria andConnectinfoStartNotEqualTo(String value) { + addCriterion("connectinfo_start <>", value, "connectinfoStart"); + return this; + } + + public Criteria andConnectinfoStartGreaterThan(String value) { + addCriterion("connectinfo_start >", value, "connectinfoStart"); + return this; + } + + public Criteria andConnectinfoStartGreaterThanOrEqualTo(String value) { + addCriterion("connectinfo_start >=", value, "connectinfoStart"); + return this; + } + + public Criteria andConnectinfoStartLessThan(String value) { + addCriterion("connectinfo_start <", value, "connectinfoStart"); + return this; + } + + public Criteria andConnectinfoStartLessThanOrEqualTo(String value) { + addCriterion("connectinfo_start <=", value, "connectinfoStart"); + return this; + } + + public Criteria andConnectinfoStartLike(String value) { + addCriterion("connectinfo_start like", value, "connectinfoStart"); + return this; + } + + public Criteria andConnectinfoStartNotLike(String value) { + addCriterion("connectinfo_start not like", value, "connectinfoStart"); + return this; + } + + public Criteria andConnectinfoStartIn(List values) { + addCriterion("connectinfo_start in", values, "connectinfoStart"); + return this; + } + + public Criteria andConnectinfoStartNotIn(List values) { + addCriterion("connectinfo_start not in", values, "connectinfoStart"); + return this; + } + + public Criteria andConnectinfoStartBetween(String value1, String value2) { + addCriterion("connectinfo_start between", value1, value2, "connectinfoStart"); + return this; + } + + public Criteria andConnectinfoStartNotBetween(String value1, String value2) { + addCriterion("connectinfo_start not between", value1, value2, "connectinfoStart"); + return this; + } + + public Criteria andConnectinfoStopIsNull() { + addCriterion("connectinfo_stop is null"); + return this; + } + + public Criteria andConnectinfoStopIsNotNull() { + addCriterion("connectinfo_stop is not null"); + return this; + } + + public Criteria andConnectinfoStopEqualTo(String value) { + addCriterion("connectinfo_stop =", value, "connectinfoStop"); + return this; + } + + public Criteria andConnectinfoStopNotEqualTo(String value) { + addCriterion("connectinfo_stop <>", value, "connectinfoStop"); + return this; + } + + public Criteria andConnectinfoStopGreaterThan(String value) { + addCriterion("connectinfo_stop >", value, "connectinfoStop"); + return this; + } + + public Criteria andConnectinfoStopGreaterThanOrEqualTo(String value) { + addCriterion("connectinfo_stop >=", value, "connectinfoStop"); + return this; + } + + public Criteria andConnectinfoStopLessThan(String value) { + addCriterion("connectinfo_stop <", value, "connectinfoStop"); + return this; + } + + public Criteria andConnectinfoStopLessThanOrEqualTo(String value) { + addCriterion("connectinfo_stop <=", value, "connectinfoStop"); + return this; + } + + public Criteria andConnectinfoStopLike(String value) { + addCriterion("connectinfo_stop like", value, "connectinfoStop"); + return this; + } + + public Criteria andConnectinfoStopNotLike(String value) { + addCriterion("connectinfo_stop not like", value, "connectinfoStop"); + return this; + } + + public Criteria andConnectinfoStopIn(List values) { + addCriterion("connectinfo_stop in", values, "connectinfoStop"); + return this; + } + + public Criteria andConnectinfoStopNotIn(List values) { + addCriterion("connectinfo_stop not in", values, "connectinfoStop"); + return this; + } + + public Criteria andConnectinfoStopBetween(String value1, String value2) { + addCriterion("connectinfo_stop between", value1, value2, "connectinfoStop"); + return this; + } + + public Criteria andConnectinfoStopNotBetween(String value1, String value2) { + addCriterion("connectinfo_stop not between", value1, value2, "connectinfoStop"); + return this; + } + + public Criteria andAcctinputoctetsIsNull() { + addCriterion("acctinputoctets is null"); + return this; + } + + public Criteria andAcctinputoctetsIsNotNull() { + addCriterion("acctinputoctets is not null"); + return this; + } + + public Criteria andAcctinputoctetsEqualTo(Long value) { + addCriterion("acctinputoctets =", value, "acctinputoctets"); + return this; + } + + public Criteria andAcctinputoctetsNotEqualTo(Long value) { + addCriterion("acctinputoctets <>", value, "acctinputoctets"); + return this; + } + + public Criteria andAcctinputoctetsGreaterThan(Long value) { + addCriterion("acctinputoctets >", value, "acctinputoctets"); + return this; + } + + public Criteria andAcctinputoctetsGreaterThanOrEqualTo(Long value) { + addCriterion("acctinputoctets >=", value, "acctinputoctets"); + return this; + } + + public Criteria andAcctinputoctetsLessThan(Long value) { + addCriterion("acctinputoctets <", value, "acctinputoctets"); + return this; + } + + public Criteria andAcctinputoctetsLessThanOrEqualTo(Long value) { + addCriterion("acctinputoctets <=", value, "acctinputoctets"); + return this; + } + + public Criteria andAcctinputoctetsIn(List values) { + addCriterion("acctinputoctets in", values, "acctinputoctets"); + return this; + } + + public Criteria andAcctinputoctetsNotIn(List values) { + addCriterion("acctinputoctets not in", values, "acctinputoctets"); + return this; + } + + public Criteria andAcctinputoctetsBetween(Long value1, Long value2) { + addCriterion("acctinputoctets between", value1, value2, "acctinputoctets"); + return this; + } + + public Criteria andAcctinputoctetsNotBetween(Long value1, Long value2) { + addCriterion("acctinputoctets not between", value1, value2, "acctinputoctets"); + return this; + } + + public Criteria andAcctoutputoctetsIsNull() { + addCriterion("acctoutputoctets is null"); + return this; + } + + public Criteria andAcctoutputoctetsIsNotNull() { + addCriterion("acctoutputoctets is not null"); + return this; + } + + public Criteria andAcctoutputoctetsEqualTo(Long value) { + addCriterion("acctoutputoctets =", value, "acctoutputoctets"); + return this; + } + + public Criteria andAcctoutputoctetsNotEqualTo(Long value) { + addCriterion("acctoutputoctets <>", value, "acctoutputoctets"); + return this; + } + + public Criteria andAcctoutputoctetsGreaterThan(Long value) { + addCriterion("acctoutputoctets >", value, "acctoutputoctets"); + return this; + } + + public Criteria andAcctoutputoctetsGreaterThanOrEqualTo(Long value) { + addCriterion("acctoutputoctets >=", value, "acctoutputoctets"); + return this; + } + + public Criteria andAcctoutputoctetsLessThan(Long value) { + addCriterion("acctoutputoctets <", value, "acctoutputoctets"); + return this; + } + + public Criteria andAcctoutputoctetsLessThanOrEqualTo(Long value) { + addCriterion("acctoutputoctets <=", value, "acctoutputoctets"); + return this; + } + + public Criteria andAcctoutputoctetsIn(List values) { + addCriterion("acctoutputoctets in", values, "acctoutputoctets"); + return this; + } + + public Criteria andAcctoutputoctetsNotIn(List values) { + addCriterion("acctoutputoctets not in", values, "acctoutputoctets"); + return this; + } + + public Criteria andAcctoutputoctetsBetween(Long value1, Long value2) { + addCriterion("acctoutputoctets between", value1, value2, "acctoutputoctets"); + return this; + } + + public Criteria andAcctoutputoctetsNotBetween(Long value1, Long value2) { + addCriterion("acctoutputoctets not between", value1, value2, "acctoutputoctets"); + return this; + } + + public Criteria andCalledstationidIsNull() { + addCriterion("calledstationid is null"); + return this; + } + + public Criteria andCalledstationidIsNotNull() { + addCriterion("calledstationid is not null"); + return this; + } + + public Criteria andCalledstationidEqualTo(String value) { + addCriterion("calledstationid =", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidNotEqualTo(String value) { + addCriterion("calledstationid <>", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidGreaterThan(String value) { + addCriterion("calledstationid >", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidGreaterThanOrEqualTo(String value) { + addCriterion("calledstationid >=", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidLessThan(String value) { + addCriterion("calledstationid <", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidLessThanOrEqualTo(String value) { + addCriterion("calledstationid <=", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidLike(String value) { + addCriterion("calledstationid like", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidNotLike(String value) { + addCriterion("calledstationid not like", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidIn(List values) { + addCriterion("calledstationid in", values, "calledstationid"); + return this; + } + + public Criteria andCalledstationidNotIn(List values) { + addCriterion("calledstationid not in", values, "calledstationid"); + return this; + } + + public Criteria andCalledstationidBetween(String value1, String value2) { + addCriterion("calledstationid between", value1, value2, "calledstationid"); + return this; + } + + public Criteria andCalledstationidNotBetween(String value1, String value2) { + addCriterion("calledstationid not between", value1, value2, "calledstationid"); + return this; + } + + public Criteria andCallingstationidIsNull() { + addCriterion("callingstationid is null"); + return this; + } + + public Criteria andCallingstationidIsNotNull() { + addCriterion("callingstationid is not null"); + return this; + } + + public Criteria andCallingstationidEqualTo(String value) { + addCriterion("callingstationid =", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidNotEqualTo(String value) { + addCriterion("callingstationid <>", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidGreaterThan(String value) { + addCriterion("callingstationid >", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidGreaterThanOrEqualTo(String value) { + addCriterion("callingstationid >=", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidLessThan(String value) { + addCriterion("callingstationid <", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidLessThanOrEqualTo(String value) { + addCriterion("callingstationid <=", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidLike(String value) { + addCriterion("callingstationid like", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidNotLike(String value) { + addCriterion("callingstationid not like", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidIn(List values) { + addCriterion("callingstationid in", values, "callingstationid"); + return this; + } + + public Criteria andCallingstationidNotIn(List values) { + addCriterion("callingstationid not in", values, "callingstationid"); + return this; + } + + public Criteria andCallingstationidBetween(String value1, String value2) { + addCriterion("callingstationid between", value1, value2, "callingstationid"); + return this; + } + + public Criteria andCallingstationidNotBetween(String value1, String value2) { + addCriterion("callingstationid not between", value1, value2, "callingstationid"); + return this; + } + + public Criteria andAcctterminatecauseIsNull() { + addCriterion("acctterminatecause is null"); + return this; + } + + public Criteria andAcctterminatecauseIsNotNull() { + addCriterion("acctterminatecause is not null"); + return this; + } + + public Criteria andAcctterminatecauseEqualTo(String value) { + addCriterion("acctterminatecause =", value, "acctterminatecause"); + return this; + } + + public Criteria andAcctterminatecauseNotEqualTo(String value) { + addCriterion("acctterminatecause <>", value, "acctterminatecause"); + return this; + } + + public Criteria andAcctterminatecauseGreaterThan(String value) { + addCriterion("acctterminatecause >", value, "acctterminatecause"); + return this; + } + + public Criteria andAcctterminatecauseGreaterThanOrEqualTo(String value) { + addCriterion("acctterminatecause >=", value, "acctterminatecause"); + return this; + } + + public Criteria andAcctterminatecauseLessThan(String value) { + addCriterion("acctterminatecause <", value, "acctterminatecause"); + return this; + } + + public Criteria andAcctterminatecauseLessThanOrEqualTo(String value) { + addCriterion("acctterminatecause <=", value, "acctterminatecause"); + return this; + } + + public Criteria andAcctterminatecauseLike(String value) { + addCriterion("acctterminatecause like", value, "acctterminatecause"); + return this; + } + + public Criteria andAcctterminatecauseNotLike(String value) { + addCriterion("acctterminatecause not like", value, "acctterminatecause"); + return this; + } + + public Criteria andAcctterminatecauseIn(List values) { + addCriterion("acctterminatecause in", values, "acctterminatecause"); + return this; + } + + public Criteria andAcctterminatecauseNotIn(List values) { + addCriterion("acctterminatecause not in", values, "acctterminatecause"); + return this; + } + + public Criteria andAcctterminatecauseBetween(String value1, String value2) { + addCriterion("acctterminatecause between", value1, value2, "acctterminatecause"); + return this; + } + + public Criteria andAcctterminatecauseNotBetween(String value1, String value2) { + addCriterion("acctterminatecause not between", value1, value2, "acctterminatecause"); + return this; + } + + public Criteria andServicetypeIsNull() { + addCriterion("servicetype is null"); + return this; + } + + public Criteria andServicetypeIsNotNull() { + addCriterion("servicetype is not null"); + return this; + } + + public Criteria andServicetypeEqualTo(String value) { + addCriterion("servicetype =", value, "servicetype"); + return this; + } + + public Criteria andServicetypeNotEqualTo(String value) { + addCriterion("servicetype <>", value, "servicetype"); + return this; + } + + public Criteria andServicetypeGreaterThan(String value) { + addCriterion("servicetype >", value, "servicetype"); + return this; + } + + public Criteria andServicetypeGreaterThanOrEqualTo(String value) { + addCriterion("servicetype >=", value, "servicetype"); + return this; + } + + public Criteria andServicetypeLessThan(String value) { + addCriterion("servicetype <", value, "servicetype"); + return this; + } + + public Criteria andServicetypeLessThanOrEqualTo(String value) { + addCriterion("servicetype <=", value, "servicetype"); + return this; + } + + public Criteria andServicetypeLike(String value) { + addCriterion("servicetype like", value, "servicetype"); + return this; + } + + public Criteria andServicetypeNotLike(String value) { + addCriterion("servicetype not like", value, "servicetype"); + return this; + } + + public Criteria andServicetypeIn(List values) { + addCriterion("servicetype in", values, "servicetype"); + return this; + } + + public Criteria andServicetypeNotIn(List values) { + addCriterion("servicetype not in", values, "servicetype"); + return this; + } + + public Criteria andServicetypeBetween(String value1, String value2) { + addCriterion("servicetype between", value1, value2, "servicetype"); + return this; + } + + public Criteria andServicetypeNotBetween(String value1, String value2) { + addCriterion("servicetype not between", value1, value2, "servicetype"); + return this; + } + + public Criteria andFramedprotocolIsNull() { + addCriterion("framedprotocol is null"); + return this; + } + + public Criteria andFramedprotocolIsNotNull() { + addCriterion("framedprotocol is not null"); + return this; + } + + public Criteria andFramedprotocolEqualTo(String value) { + addCriterion("framedprotocol =", value, "framedprotocol"); + return this; + } + + public Criteria andFramedprotocolNotEqualTo(String value) { + addCriterion("framedprotocol <>", value, "framedprotocol"); + return this; + } + + public Criteria andFramedprotocolGreaterThan(String value) { + addCriterion("framedprotocol >", value, "framedprotocol"); + return this; + } + + public Criteria andFramedprotocolGreaterThanOrEqualTo(String value) { + addCriterion("framedprotocol >=", value, "framedprotocol"); + return this; + } + + public Criteria andFramedprotocolLessThan(String value) { + addCriterion("framedprotocol <", value, "framedprotocol"); + return this; + } + + public Criteria andFramedprotocolLessThanOrEqualTo(String value) { + addCriterion("framedprotocol <=", value, "framedprotocol"); + return this; + } + + public Criteria andFramedprotocolLike(String value) { + addCriterion("framedprotocol like", value, "framedprotocol"); + return this; + } + + public Criteria andFramedprotocolNotLike(String value) { + addCriterion("framedprotocol not like", value, "framedprotocol"); + return this; + } + + public Criteria andFramedprotocolIn(List values) { + addCriterion("framedprotocol in", values, "framedprotocol"); + return this; + } + + public Criteria andFramedprotocolNotIn(List values) { + addCriterion("framedprotocol not in", values, "framedprotocol"); + return this; + } + + public Criteria andFramedprotocolBetween(String value1, String value2) { + addCriterion("framedprotocol between", value1, value2, "framedprotocol"); + return this; + } + + public Criteria andFramedprotocolNotBetween(String value1, String value2) { + addCriterion("framedprotocol not between", value1, value2, "framedprotocol"); + return this; + } + + public Criteria andFramedipaddressIsNull() { + addCriterion("framedipaddress is null"); + return this; + } + + public Criteria andFramedipaddressIsNotNull() { + addCriterion("framedipaddress is not null"); + return this; + } + + public Criteria andFramedipaddressEqualTo(String value) { + addCriterion("framedipaddress =", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressNotEqualTo(String value) { + addCriterion("framedipaddress <>", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressGreaterThan(String value) { + addCriterion("framedipaddress >", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressGreaterThanOrEqualTo(String value) { + addCriterion("framedipaddress >=", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressLessThan(String value) { + addCriterion("framedipaddress <", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressLessThanOrEqualTo(String value) { + addCriterion("framedipaddress <=", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressLike(String value) { + addCriterion("framedipaddress like", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressNotLike(String value) { + addCriterion("framedipaddress not like", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressIn(List values) { + addCriterion("framedipaddress in", values, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressNotIn(List values) { + addCriterion("framedipaddress not in", values, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressBetween(String value1, String value2) { + addCriterion("framedipaddress between", value1, value2, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressNotBetween(String value1, String value2) { + addCriterion("framedipaddress not between", value1, value2, "framedipaddress"); + return this; + } + + public Criteria andAcctstartdelayIsNull() { + addCriterion("acctstartdelay is null"); + return this; + } + + public Criteria andAcctstartdelayIsNotNull() { + addCriterion("acctstartdelay is not null"); + return this; + } + + public Criteria andAcctstartdelayEqualTo(Integer value) { + addCriterion("acctstartdelay =", value, "acctstartdelay"); + return this; + } + + public Criteria andAcctstartdelayNotEqualTo(Integer value) { + addCriterion("acctstartdelay <>", value, "acctstartdelay"); + return this; + } + + public Criteria andAcctstartdelayGreaterThan(Integer value) { + addCriterion("acctstartdelay >", value, "acctstartdelay"); + return this; + } + + public Criteria andAcctstartdelayGreaterThanOrEqualTo(Integer value) { + addCriterion("acctstartdelay >=", value, "acctstartdelay"); + return this; + } + + public Criteria andAcctstartdelayLessThan(Integer value) { + addCriterion("acctstartdelay <", value, "acctstartdelay"); + return this; + } + + public Criteria andAcctstartdelayLessThanOrEqualTo(Integer value) { + addCriterion("acctstartdelay <=", value, "acctstartdelay"); + return this; + } + + public Criteria andAcctstartdelayIn(List values) { + addCriterion("acctstartdelay in", values, "acctstartdelay"); + return this; + } + + public Criteria andAcctstartdelayNotIn(List values) { + addCriterion("acctstartdelay not in", values, "acctstartdelay"); + return this; + } + + public Criteria andAcctstartdelayBetween(Integer value1, Integer value2) { + addCriterion("acctstartdelay between", value1, value2, "acctstartdelay"); + return this; + } + + public Criteria andAcctstartdelayNotBetween(Integer value1, Integer value2) { + addCriterion("acctstartdelay not between", value1, value2, "acctstartdelay"); + return this; + } + + public Criteria andAcctstopdelayIsNull() { + addCriterion("acctstopdelay is null"); + return this; + } + + public Criteria andAcctstopdelayIsNotNull() { + addCriterion("acctstopdelay is not null"); + return this; + } + + public Criteria andAcctstopdelayEqualTo(Integer value) { + addCriterion("acctstopdelay =", value, "acctstopdelay"); + return this; + } + + public Criteria andAcctstopdelayNotEqualTo(Integer value) { + addCriterion("acctstopdelay <>", value, "acctstopdelay"); + return this; + } + + public Criteria andAcctstopdelayGreaterThan(Integer value) { + addCriterion("acctstopdelay >", value, "acctstopdelay"); + return this; + } + + public Criteria andAcctstopdelayGreaterThanOrEqualTo(Integer value) { + addCriterion("acctstopdelay >=", value, "acctstopdelay"); + return this; + } + + public Criteria andAcctstopdelayLessThan(Integer value) { + addCriterion("acctstopdelay <", value, "acctstopdelay"); + return this; + } + + public Criteria andAcctstopdelayLessThanOrEqualTo(Integer value) { + addCriterion("acctstopdelay <=", value, "acctstopdelay"); + return this; + } + + public Criteria andAcctstopdelayIn(List values) { + addCriterion("acctstopdelay in", values, "acctstopdelay"); + return this; + } + + public Criteria andAcctstopdelayNotIn(List values) { + addCriterion("acctstopdelay not in", values, "acctstopdelay"); + return this; + } + + public Criteria andAcctstopdelayBetween(Integer value1, Integer value2) { + addCriterion("acctstopdelay between", value1, value2, "acctstopdelay"); + return this; + } + + public Criteria andAcctstopdelayNotBetween(Integer value1, Integer value2) { + addCriterion("acctstopdelay not between", value1, value2, "acctstopdelay"); + return this; + } + + public Criteria andXascendsessionsvrkeyIsNull() { + addCriterion("xascendsessionsvrkey is null"); + return this; + } + + public Criteria andXascendsessionsvrkeyIsNotNull() { + addCriterion("xascendsessionsvrkey is not null"); + return this; + } + + public Criteria andXascendsessionsvrkeyEqualTo(String value) { + addCriterion("xascendsessionsvrkey =", value, "xascendsessionsvrkey"); + return this; + } + + public Criteria andXascendsessionsvrkeyNotEqualTo(String value) { + addCriterion("xascendsessionsvrkey <>", value, "xascendsessionsvrkey"); + return this; + } + + public Criteria andXascendsessionsvrkeyGreaterThan(String value) { + addCriterion("xascendsessionsvrkey >", value, "xascendsessionsvrkey"); + return this; + } + + public Criteria andXascendsessionsvrkeyGreaterThanOrEqualTo(String value) { + addCriterion("xascendsessionsvrkey >=", value, "xascendsessionsvrkey"); + return this; + } + + public Criteria andXascendsessionsvrkeyLessThan(String value) { + addCriterion("xascendsessionsvrkey <", value, "xascendsessionsvrkey"); + return this; + } + + public Criteria andXascendsessionsvrkeyLessThanOrEqualTo(String value) { + addCriterion("xascendsessionsvrkey <=", value, "xascendsessionsvrkey"); + return this; + } + + public Criteria andXascendsessionsvrkeyLike(String value) { + addCriterion("xascendsessionsvrkey like", value, "xascendsessionsvrkey"); + return this; + } + + public Criteria andXascendsessionsvrkeyNotLike(String value) { + addCriterion("xascendsessionsvrkey not like", value, "xascendsessionsvrkey"); + return this; + } + + public Criteria andXascendsessionsvrkeyIn(List values) { + addCriterion("xascendsessionsvrkey in", values, "xascendsessionsvrkey"); + return this; + } + + public Criteria andXascendsessionsvrkeyNotIn(List values) { + addCriterion("xascendsessionsvrkey not in", values, "xascendsessionsvrkey"); + return this; + } + + public Criteria andXascendsessionsvrkeyBetween(String value1, String value2) { + addCriterion("xascendsessionsvrkey between", value1, value2, "xascendsessionsvrkey"); + return this; + } + + public Criteria andXascendsessionsvrkeyNotBetween(String value1, String value2) { + addCriterion("xascendsessionsvrkey not between", value1, value2, "xascendsessionsvrkey"); + return this; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadCheck.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadCheck.java new file mode 100644 index 0000000..1ff6675 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadCheck.java @@ -0,0 +1,169 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; + +public class RadCheck extends Record { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radcheck.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Long id; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radcheck.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String username = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radcheck.attribute + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String attribute = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radcheck.op + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String op = "=="; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radcheck.value + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String value = ""; + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radcheck.id + * + * @return the value of radcheck.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long getId() { + return id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radcheck.id + * + * @param id the value for radcheck.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setId(Long id) { + this.id = id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radcheck.username + * + * @return the value of radcheck.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getUsername() { + return username; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radcheck.username + * + * @param username the value for radcheck.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setUsername(String username) { + this.username = username == null ? null : username.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radcheck.attribute + * + * @return the value of radcheck.attribute + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getAttribute() { + return attribute; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radcheck.attribute + * + * @param attribute the value for radcheck.attribute + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAttribute(String attribute) { + this.attribute = attribute == null ? null : attribute.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radcheck.op + * + * @return the value of radcheck.op + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOp() { + return op; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radcheck.op + * + * @param op the value for radcheck.op + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOp(String op) { + this.op = op == null ? null : op.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radcheck.value + * + * @return the value of radcheck.value + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getValue() { + return value; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radcheck.value + * + * @param value the value for radcheck.value + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setValue(String value) { + this.value = value == null ? null : value.trim(); + } + + public Record synchronizedRecord() { + return new SynchronizedRadCheck(this); + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadCheckExample.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadCheckExample.java new file mode 100644 index 0000000..4fa72a3 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadCheckExample.java @@ -0,0 +1,582 @@ +package net.jradius.dal.model; + +import com.coova.dal.Example; +import com.coova.dal.ExampleCriteria; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class RadCheckExample extends Example { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected String orderByClause; + + protected Integer startRow; + + protected Integer rowCount; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected List oredCriteria; + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadCheckExample() { + oredCriteria = new ArrayList(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected RadCheckExample(RadCheckExample example) { + this.orderByClause = example.orderByClause; + this.oredCriteria = example.oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOrderByClause(String orderByClause) { + this.orderByClause = orderByClause; + } + + public void setStartRow(Integer startRow) { + this.startRow = startRow; + } + + public void setRowCount(Integer rowCount) { + this.rowCount = rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOrderByClause() { + return orderByClause; + } + + public Integer getStartRow() { + return startRow; + } + + public Integer getRowCount() { + return rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public List getOredCriteria() { + return oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void or(Criteria criteria) { + oredCriteria.add(criteria); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria createCriteria() { + Criteria criteria = createCriteriaInternal(); + if (oredCriteria.size() == 0) { + oredCriteria.add(criteria); + } + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria appendCriteria() { + if (oredCriteria.size() == 0) { + return createCriteria(); + } + return oredCriteria.get(0); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected Criteria createCriteriaInternal() { + Criteria criteria = new Criteria(); + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void clear() { + oredCriteria.clear(); + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public static class Criteria extends ExampleCriteria { + protected List criteriaWithoutValue; + + protected List> criteriaWithSingleValue; + + protected List> criteriaWithListValue; + + protected List> criteriaWithBetweenValue; + + protected Criteria() { + super(); + criteriaWithoutValue = new ArrayList(); + criteriaWithSingleValue = new ArrayList>(); + criteriaWithListValue = new ArrayList>(); + criteriaWithBetweenValue = new ArrayList>(); + } + + public boolean isValid() { + return criteriaWithoutValue.size() > 0 + || criteriaWithSingleValue.size() > 0 + || criteriaWithListValue.size() > 0 + || criteriaWithBetweenValue.size() > 0; + } + + public List getCriteriaWithoutValue() { + return criteriaWithoutValue; + } + + public List> getCriteriaWithSingleValue() { + return criteriaWithSingleValue; + } + + public List> getCriteriaWithListValue() { + return criteriaWithListValue; + } + + public List> getCriteriaWithBetweenValue() { + return criteriaWithBetweenValue; + } + + protected void addCriterion(String condition) { + if (condition == null) { + throw new RuntimeException("Value for condition cannot be null"); + } + criteriaWithoutValue.add(condition); + } + + protected void addCriterion(String condition, Object value, String property) { + if (value == null) { + throw new RuntimeException("Value for " + property + " cannot be null"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("value", value); + criteriaWithSingleValue.add(map); + } + + protected void addCriterion(String condition, List values, String property) { + if (values == null || values.size() == 0) { + throw new RuntimeException("Value list for " + property + " cannot be null or empty"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", values); + criteriaWithListValue.add(map); + } + + protected void addCriterion(String condition, Object value1, Object value2, String property) { + if (value1 == null || value2 == null) { + throw new RuntimeException("Between values for " + property + " cannot be null"); + } + List list = new ArrayList(); + list.add(value1); + list.add(value2); + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", list); + criteriaWithBetweenValue.add(map); + } + + public Criteria andIdIsNull() { + addCriterion("id is null"); + return this; + } + + public Criteria andIdIsNotNull() { + addCriterion("id is not null"); + return this; + } + + public Criteria andIdEqualTo(Long value) { + addCriterion("id =", value, "id"); + return this; + } + + public Criteria andIdNotEqualTo(Long value) { + addCriterion("id <>", value, "id"); + return this; + } + + public Criteria andIdGreaterThan(Long value) { + addCriterion("id >", value, "id"); + return this; + } + + public Criteria andIdGreaterThanOrEqualTo(Long value) { + addCriterion("id >=", value, "id"); + return this; + } + + public Criteria andIdLessThan(Long value) { + addCriterion("id <", value, "id"); + return this; + } + + public Criteria andIdLessThanOrEqualTo(Long value) { + addCriterion("id <=", value, "id"); + return this; + } + + public Criteria andIdIn(List values) { + addCriterion("id in", values, "id"); + return this; + } + + public Criteria andIdNotIn(List values) { + addCriterion("id not in", values, "id"); + return this; + } + + public Criteria andIdBetween(Long value1, Long value2) { + addCriterion("id between", value1, value2, "id"); + return this; + } + + public Criteria andIdNotBetween(Long value1, Long value2) { + addCriterion("id not between", value1, value2, "id"); + return this; + } + + public Criteria andUsernameIsNull() { + addCriterion("username is null"); + return this; + } + + public Criteria andUsernameIsNotNull() { + addCriterion("username is not null"); + return this; + } + + public Criteria andUsernameEqualTo(String value) { + addCriterion("username =", value, "username"); + return this; + } + + public Criteria andUsernameNotEqualTo(String value) { + addCriterion("username <>", value, "username"); + return this; + } + + public Criteria andUsernameGreaterThan(String value) { + addCriterion("username >", value, "username"); + return this; + } + + public Criteria andUsernameGreaterThanOrEqualTo(String value) { + addCriterion("username >=", value, "username"); + return this; + } + + public Criteria andUsernameLessThan(String value) { + addCriterion("username <", value, "username"); + return this; + } + + public Criteria andUsernameLessThanOrEqualTo(String value) { + addCriterion("username <=", value, "username"); + return this; + } + + public Criteria andUsernameLike(String value) { + addCriterion("username like", value, "username"); + return this; + } + + public Criteria andUsernameNotLike(String value) { + addCriterion("username not like", value, "username"); + return this; + } + + public Criteria andUsernameIn(List values) { + addCriterion("username in", values, "username"); + return this; + } + + public Criteria andUsernameNotIn(List values) { + addCriterion("username not in", values, "username"); + return this; + } + + public Criteria andUsernameBetween(String value1, String value2) { + addCriterion("username between", value1, value2, "username"); + return this; + } + + public Criteria andUsernameNotBetween(String value1, String value2) { + addCriterion("username not between", value1, value2, "username"); + return this; + } + + public Criteria andAttributeIsNull() { + addCriterion("attribute is null"); + return this; + } + + public Criteria andAttributeIsNotNull() { + addCriterion("attribute is not null"); + return this; + } + + public Criteria andAttributeEqualTo(String value) { + addCriterion("attribute =", value, "attribute"); + return this; + } + + public Criteria andAttributeNotEqualTo(String value) { + addCriterion("attribute <>", value, "attribute"); + return this; + } + + public Criteria andAttributeGreaterThan(String value) { + addCriterion("attribute >", value, "attribute"); + return this; + } + + public Criteria andAttributeGreaterThanOrEqualTo(String value) { + addCriterion("attribute >=", value, "attribute"); + return this; + } + + public Criteria andAttributeLessThan(String value) { + addCriterion("attribute <", value, "attribute"); + return this; + } + + public Criteria andAttributeLessThanOrEqualTo(String value) { + addCriterion("attribute <=", value, "attribute"); + return this; + } + + public Criteria andAttributeLike(String value) { + addCriterion("attribute like", value, "attribute"); + return this; + } + + public Criteria andAttributeNotLike(String value) { + addCriterion("attribute not like", value, "attribute"); + return this; + } + + public Criteria andAttributeIn(List values) { + addCriterion("attribute in", values, "attribute"); + return this; + } + + public Criteria andAttributeNotIn(List values) { + addCriterion("attribute not in", values, "attribute"); + return this; + } + + public Criteria andAttributeBetween(String value1, String value2) { + addCriterion("attribute between", value1, value2, "attribute"); + return this; + } + + public Criteria andAttributeNotBetween(String value1, String value2) { + addCriterion("attribute not between", value1, value2, "attribute"); + return this; + } + + public Criteria andOpIsNull() { + addCriterion("op is null"); + return this; + } + + public Criteria andOpIsNotNull() { + addCriterion("op is not null"); + return this; + } + + public Criteria andOpEqualTo(String value) { + addCriterion("op =", value, "op"); + return this; + } + + public Criteria andOpNotEqualTo(String value) { + addCriterion("op <>", value, "op"); + return this; + } + + public Criteria andOpGreaterThan(String value) { + addCriterion("op >", value, "op"); + return this; + } + + public Criteria andOpGreaterThanOrEqualTo(String value) { + addCriterion("op >=", value, "op"); + return this; + } + + public Criteria andOpLessThan(String value) { + addCriterion("op <", value, "op"); + return this; + } + + public Criteria andOpLessThanOrEqualTo(String value) { + addCriterion("op <=", value, "op"); + return this; + } + + public Criteria andOpLike(String value) { + addCriterion("op like", value, "op"); + return this; + } + + public Criteria andOpNotLike(String value) { + addCriterion("op not like", value, "op"); + return this; + } + + public Criteria andOpIn(List values) { + addCriterion("op in", values, "op"); + return this; + } + + public Criteria andOpNotIn(List values) { + addCriterion("op not in", values, "op"); + return this; + } + + public Criteria andOpBetween(String value1, String value2) { + addCriterion("op between", value1, value2, "op"); + return this; + } + + public Criteria andOpNotBetween(String value1, String value2) { + addCriterion("op not between", value1, value2, "op"); + return this; + } + + public Criteria andValueIsNull() { + addCriterion("value is null"); + return this; + } + + public Criteria andValueIsNotNull() { + addCriterion("value is not null"); + return this; + } + + public Criteria andValueEqualTo(String value) { + addCriterion("value =", value, "value"); + return this; + } + + public Criteria andValueNotEqualTo(String value) { + addCriterion("value <>", value, "value"); + return this; + } + + public Criteria andValueGreaterThan(String value) { + addCriterion("value >", value, "value"); + return this; + } + + public Criteria andValueGreaterThanOrEqualTo(String value) { + addCriterion("value >=", value, "value"); + return this; + } + + public Criteria andValueLessThan(String value) { + addCriterion("value <", value, "value"); + return this; + } + + public Criteria andValueLessThanOrEqualTo(String value) { + addCriterion("value <=", value, "value"); + return this; + } + + public Criteria andValueLike(String value) { + addCriterion("value like", value, "value"); + return this; + } + + public Criteria andValueNotLike(String value) { + addCriterion("value not like", value, "value"); + return this; + } + + public Criteria andValueIn(List values) { + addCriterion("value in", values, "value"); + return this; + } + + public Criteria andValueNotIn(List values) { + addCriterion("value not in", values, "value"); + return this; + } + + public Criteria andValueBetween(String value1, String value2) { + addCriterion("value between", value1, value2, "value"); + return this; + } + + public Criteria andValueNotBetween(String value1, String value2) { + addCriterion("value not between", value1, value2, "value"); + return this; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadGroupCheck.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadGroupCheck.java new file mode 100644 index 0000000..a59cf3c --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadGroupCheck.java @@ -0,0 +1,169 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; + +public class RadGroupCheck extends Record { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radgroupcheck.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Long id; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radgroupcheck.groupname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String groupname = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radgroupcheck.attribute + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String attribute = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radgroupcheck.op + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String op = "=="; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radgroupcheck.value + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String value = ""; + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radgroupcheck.id + * + * @return the value of radgroupcheck.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long getId() { + return id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radgroupcheck.id + * + * @param id the value for radgroupcheck.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setId(Long id) { + this.id = id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radgroupcheck.groupname + * + * @return the value of radgroupcheck.groupname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getGroupname() { + return groupname; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radgroupcheck.groupname + * + * @param groupname the value for radgroupcheck.groupname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setGroupname(String groupname) { + this.groupname = groupname == null ? null : groupname.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radgroupcheck.attribute + * + * @return the value of radgroupcheck.attribute + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getAttribute() { + return attribute; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radgroupcheck.attribute + * + * @param attribute the value for radgroupcheck.attribute + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAttribute(String attribute) { + this.attribute = attribute == null ? null : attribute.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radgroupcheck.op + * + * @return the value of radgroupcheck.op + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOp() { + return op; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radgroupcheck.op + * + * @param op the value for radgroupcheck.op + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOp(String op) { + this.op = op == null ? null : op.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radgroupcheck.value + * + * @return the value of radgroupcheck.value + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getValue() { + return value; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radgroupcheck.value + * + * @param value the value for radgroupcheck.value + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setValue(String value) { + this.value = value == null ? null : value.trim(); + } + + public Record synchronizedRecord() { + return new SynchronizedRadGroupCheck(this); + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadGroupCheckExample.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadGroupCheckExample.java new file mode 100644 index 0000000..d7ac46d --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadGroupCheckExample.java @@ -0,0 +1,582 @@ +package net.jradius.dal.model; + +import com.coova.dal.Example; +import com.coova.dal.ExampleCriteria; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class RadGroupCheckExample extends Example { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected String orderByClause; + + protected Integer startRow; + + protected Integer rowCount; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected List oredCriteria; + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadGroupCheckExample() { + oredCriteria = new ArrayList(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected RadGroupCheckExample(RadGroupCheckExample example) { + this.orderByClause = example.orderByClause; + this.oredCriteria = example.oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOrderByClause(String orderByClause) { + this.orderByClause = orderByClause; + } + + public void setStartRow(Integer startRow) { + this.startRow = startRow; + } + + public void setRowCount(Integer rowCount) { + this.rowCount = rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOrderByClause() { + return orderByClause; + } + + public Integer getStartRow() { + return startRow; + } + + public Integer getRowCount() { + return rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public List getOredCriteria() { + return oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void or(Criteria criteria) { + oredCriteria.add(criteria); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria createCriteria() { + Criteria criteria = createCriteriaInternal(); + if (oredCriteria.size() == 0) { + oredCriteria.add(criteria); + } + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria appendCriteria() { + if (oredCriteria.size() == 0) { + return createCriteria(); + } + return oredCriteria.get(0); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected Criteria createCriteriaInternal() { + Criteria criteria = new Criteria(); + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void clear() { + oredCriteria.clear(); + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radgroupcheck + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public static class Criteria extends ExampleCriteria { + protected List criteriaWithoutValue; + + protected List> criteriaWithSingleValue; + + protected List> criteriaWithListValue; + + protected List> criteriaWithBetweenValue; + + protected Criteria() { + super(); + criteriaWithoutValue = new ArrayList(); + criteriaWithSingleValue = new ArrayList>(); + criteriaWithListValue = new ArrayList>(); + criteriaWithBetweenValue = new ArrayList>(); + } + + public boolean isValid() { + return criteriaWithoutValue.size() > 0 + || criteriaWithSingleValue.size() > 0 + || criteriaWithListValue.size() > 0 + || criteriaWithBetweenValue.size() > 0; + } + + public List getCriteriaWithoutValue() { + return criteriaWithoutValue; + } + + public List> getCriteriaWithSingleValue() { + return criteriaWithSingleValue; + } + + public List> getCriteriaWithListValue() { + return criteriaWithListValue; + } + + public List> getCriteriaWithBetweenValue() { + return criteriaWithBetweenValue; + } + + protected void addCriterion(String condition) { + if (condition == null) { + throw new RuntimeException("Value for condition cannot be null"); + } + criteriaWithoutValue.add(condition); + } + + protected void addCriterion(String condition, Object value, String property) { + if (value == null) { + throw new RuntimeException("Value for " + property + " cannot be null"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("value", value); + criteriaWithSingleValue.add(map); + } + + protected void addCriterion(String condition, List values, String property) { + if (values == null || values.size() == 0) { + throw new RuntimeException("Value list for " + property + " cannot be null or empty"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", values); + criteriaWithListValue.add(map); + } + + protected void addCriterion(String condition, Object value1, Object value2, String property) { + if (value1 == null || value2 == null) { + throw new RuntimeException("Between values for " + property + " cannot be null"); + } + List list = new ArrayList(); + list.add(value1); + list.add(value2); + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", list); + criteriaWithBetweenValue.add(map); + } + + public Criteria andIdIsNull() { + addCriterion("id is null"); + return this; + } + + public Criteria andIdIsNotNull() { + addCriterion("id is not null"); + return this; + } + + public Criteria andIdEqualTo(Long value) { + addCriterion("id =", value, "id"); + return this; + } + + public Criteria andIdNotEqualTo(Long value) { + addCriterion("id <>", value, "id"); + return this; + } + + public Criteria andIdGreaterThan(Long value) { + addCriterion("id >", value, "id"); + return this; + } + + public Criteria andIdGreaterThanOrEqualTo(Long value) { + addCriterion("id >=", value, "id"); + return this; + } + + public Criteria andIdLessThan(Long value) { + addCriterion("id <", value, "id"); + return this; + } + + public Criteria andIdLessThanOrEqualTo(Long value) { + addCriterion("id <=", value, "id"); + return this; + } + + public Criteria andIdIn(List values) { + addCriterion("id in", values, "id"); + return this; + } + + public Criteria andIdNotIn(List values) { + addCriterion("id not in", values, "id"); + return this; + } + + public Criteria andIdBetween(Long value1, Long value2) { + addCriterion("id between", value1, value2, "id"); + return this; + } + + public Criteria andIdNotBetween(Long value1, Long value2) { + addCriterion("id not between", value1, value2, "id"); + return this; + } + + public Criteria andGroupnameIsNull() { + addCriterion("groupname is null"); + return this; + } + + public Criteria andGroupnameIsNotNull() { + addCriterion("groupname is not null"); + return this; + } + + public Criteria andGroupnameEqualTo(String value) { + addCriterion("groupname =", value, "groupname"); + return this; + } + + public Criteria andGroupnameNotEqualTo(String value) { + addCriterion("groupname <>", value, "groupname"); + return this; + } + + public Criteria andGroupnameGreaterThan(String value) { + addCriterion("groupname >", value, "groupname"); + return this; + } + + public Criteria andGroupnameGreaterThanOrEqualTo(String value) { + addCriterion("groupname >=", value, "groupname"); + return this; + } + + public Criteria andGroupnameLessThan(String value) { + addCriterion("groupname <", value, "groupname"); + return this; + } + + public Criteria andGroupnameLessThanOrEqualTo(String value) { + addCriterion("groupname <=", value, "groupname"); + return this; + } + + public Criteria andGroupnameLike(String value) { + addCriterion("groupname like", value, "groupname"); + return this; + } + + public Criteria andGroupnameNotLike(String value) { + addCriterion("groupname not like", value, "groupname"); + return this; + } + + public Criteria andGroupnameIn(List values) { + addCriterion("groupname in", values, "groupname"); + return this; + } + + public Criteria andGroupnameNotIn(List values) { + addCriterion("groupname not in", values, "groupname"); + return this; + } + + public Criteria andGroupnameBetween(String value1, String value2) { + addCriterion("groupname between", value1, value2, "groupname"); + return this; + } + + public Criteria andGroupnameNotBetween(String value1, String value2) { + addCriterion("groupname not between", value1, value2, "groupname"); + return this; + } + + public Criteria andAttributeIsNull() { + addCriterion("attribute is null"); + return this; + } + + public Criteria andAttributeIsNotNull() { + addCriterion("attribute is not null"); + return this; + } + + public Criteria andAttributeEqualTo(String value) { + addCriterion("attribute =", value, "attribute"); + return this; + } + + public Criteria andAttributeNotEqualTo(String value) { + addCriterion("attribute <>", value, "attribute"); + return this; + } + + public Criteria andAttributeGreaterThan(String value) { + addCriterion("attribute >", value, "attribute"); + return this; + } + + public Criteria andAttributeGreaterThanOrEqualTo(String value) { + addCriterion("attribute >=", value, "attribute"); + return this; + } + + public Criteria andAttributeLessThan(String value) { + addCriterion("attribute <", value, "attribute"); + return this; + } + + public Criteria andAttributeLessThanOrEqualTo(String value) { + addCriterion("attribute <=", value, "attribute"); + return this; + } + + public Criteria andAttributeLike(String value) { + addCriterion("attribute like", value, "attribute"); + return this; + } + + public Criteria andAttributeNotLike(String value) { + addCriterion("attribute not like", value, "attribute"); + return this; + } + + public Criteria andAttributeIn(List values) { + addCriterion("attribute in", values, "attribute"); + return this; + } + + public Criteria andAttributeNotIn(List values) { + addCriterion("attribute not in", values, "attribute"); + return this; + } + + public Criteria andAttributeBetween(String value1, String value2) { + addCriterion("attribute between", value1, value2, "attribute"); + return this; + } + + public Criteria andAttributeNotBetween(String value1, String value2) { + addCriterion("attribute not between", value1, value2, "attribute"); + return this; + } + + public Criteria andOpIsNull() { + addCriterion("op is null"); + return this; + } + + public Criteria andOpIsNotNull() { + addCriterion("op is not null"); + return this; + } + + public Criteria andOpEqualTo(String value) { + addCriterion("op =", value, "op"); + return this; + } + + public Criteria andOpNotEqualTo(String value) { + addCriterion("op <>", value, "op"); + return this; + } + + public Criteria andOpGreaterThan(String value) { + addCriterion("op >", value, "op"); + return this; + } + + public Criteria andOpGreaterThanOrEqualTo(String value) { + addCriterion("op >=", value, "op"); + return this; + } + + public Criteria andOpLessThan(String value) { + addCriterion("op <", value, "op"); + return this; + } + + public Criteria andOpLessThanOrEqualTo(String value) { + addCriterion("op <=", value, "op"); + return this; + } + + public Criteria andOpLike(String value) { + addCriterion("op like", value, "op"); + return this; + } + + public Criteria andOpNotLike(String value) { + addCriterion("op not like", value, "op"); + return this; + } + + public Criteria andOpIn(List values) { + addCriterion("op in", values, "op"); + return this; + } + + public Criteria andOpNotIn(List values) { + addCriterion("op not in", values, "op"); + return this; + } + + public Criteria andOpBetween(String value1, String value2) { + addCriterion("op between", value1, value2, "op"); + return this; + } + + public Criteria andOpNotBetween(String value1, String value2) { + addCriterion("op not between", value1, value2, "op"); + return this; + } + + public Criteria andValueIsNull() { + addCriterion("value is null"); + return this; + } + + public Criteria andValueIsNotNull() { + addCriterion("value is not null"); + return this; + } + + public Criteria andValueEqualTo(String value) { + addCriterion("value =", value, "value"); + return this; + } + + public Criteria andValueNotEqualTo(String value) { + addCriterion("value <>", value, "value"); + return this; + } + + public Criteria andValueGreaterThan(String value) { + addCriterion("value >", value, "value"); + return this; + } + + public Criteria andValueGreaterThanOrEqualTo(String value) { + addCriterion("value >=", value, "value"); + return this; + } + + public Criteria andValueLessThan(String value) { + addCriterion("value <", value, "value"); + return this; + } + + public Criteria andValueLessThanOrEqualTo(String value) { + addCriterion("value <=", value, "value"); + return this; + } + + public Criteria andValueLike(String value) { + addCriterion("value like", value, "value"); + return this; + } + + public Criteria andValueNotLike(String value) { + addCriterion("value not like", value, "value"); + return this; + } + + public Criteria andValueIn(List values) { + addCriterion("value in", values, "value"); + return this; + } + + public Criteria andValueNotIn(List values) { + addCriterion("value not in", values, "value"); + return this; + } + + public Criteria andValueBetween(String value1, String value2) { + addCriterion("value between", value1, value2, "value"); + return this; + } + + public Criteria andValueNotBetween(String value1, String value2) { + addCriterion("value not between", value1, value2, "value"); + return this; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadGroupReply.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadGroupReply.java new file mode 100644 index 0000000..2c4c637 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadGroupReply.java @@ -0,0 +1,169 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; + +public class RadGroupReply extends Record { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radgroupreply.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Long id; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radgroupreply.groupname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String groupname = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radgroupreply.attribute + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String attribute = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radgroupreply.op + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String op = "="; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radgroupreply.value + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String value = ""; + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radgroupreply.id + * + * @return the value of radgroupreply.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long getId() { + return id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radgroupreply.id + * + * @param id the value for radgroupreply.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setId(Long id) { + this.id = id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radgroupreply.groupname + * + * @return the value of radgroupreply.groupname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getGroupname() { + return groupname; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radgroupreply.groupname + * + * @param groupname the value for radgroupreply.groupname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setGroupname(String groupname) { + this.groupname = groupname == null ? null : groupname.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radgroupreply.attribute + * + * @return the value of radgroupreply.attribute + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getAttribute() { + return attribute; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radgroupreply.attribute + * + * @param attribute the value for radgroupreply.attribute + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAttribute(String attribute) { + this.attribute = attribute == null ? null : attribute.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radgroupreply.op + * + * @return the value of radgroupreply.op + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOp() { + return op; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radgroupreply.op + * + * @param op the value for radgroupreply.op + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOp(String op) { + this.op = op == null ? null : op.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radgroupreply.value + * + * @return the value of radgroupreply.value + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getValue() { + return value; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radgroupreply.value + * + * @param value the value for radgroupreply.value + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setValue(String value) { + this.value = value == null ? null : value.trim(); + } + + public Record synchronizedRecord() { + return new SynchronizedRadGroupReply(this); + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadGroupReplyExample.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadGroupReplyExample.java new file mode 100644 index 0000000..544a45a --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadGroupReplyExample.java @@ -0,0 +1,582 @@ +package net.jradius.dal.model; + +import com.coova.dal.Example; +import com.coova.dal.ExampleCriteria; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class RadGroupReplyExample extends Example { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected String orderByClause; + + protected Integer startRow; + + protected Integer rowCount; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected List oredCriteria; + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadGroupReplyExample() { + oredCriteria = new ArrayList(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected RadGroupReplyExample(RadGroupReplyExample example) { + this.orderByClause = example.orderByClause; + this.oredCriteria = example.oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOrderByClause(String orderByClause) { + this.orderByClause = orderByClause; + } + + public void setStartRow(Integer startRow) { + this.startRow = startRow; + } + + public void setRowCount(Integer rowCount) { + this.rowCount = rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOrderByClause() { + return orderByClause; + } + + public Integer getStartRow() { + return startRow; + } + + public Integer getRowCount() { + return rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public List getOredCriteria() { + return oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void or(Criteria criteria) { + oredCriteria.add(criteria); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria createCriteria() { + Criteria criteria = createCriteriaInternal(); + if (oredCriteria.size() == 0) { + oredCriteria.add(criteria); + } + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria appendCriteria() { + if (oredCriteria.size() == 0) { + return createCriteria(); + } + return oredCriteria.get(0); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected Criteria createCriteriaInternal() { + Criteria criteria = new Criteria(); + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void clear() { + oredCriteria.clear(); + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radgroupreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public static class Criteria extends ExampleCriteria { + protected List criteriaWithoutValue; + + protected List> criteriaWithSingleValue; + + protected List> criteriaWithListValue; + + protected List> criteriaWithBetweenValue; + + protected Criteria() { + super(); + criteriaWithoutValue = new ArrayList(); + criteriaWithSingleValue = new ArrayList>(); + criteriaWithListValue = new ArrayList>(); + criteriaWithBetweenValue = new ArrayList>(); + } + + public boolean isValid() { + return criteriaWithoutValue.size() > 0 + || criteriaWithSingleValue.size() > 0 + || criteriaWithListValue.size() > 0 + || criteriaWithBetweenValue.size() > 0; + } + + public List getCriteriaWithoutValue() { + return criteriaWithoutValue; + } + + public List> getCriteriaWithSingleValue() { + return criteriaWithSingleValue; + } + + public List> getCriteriaWithListValue() { + return criteriaWithListValue; + } + + public List> getCriteriaWithBetweenValue() { + return criteriaWithBetweenValue; + } + + protected void addCriterion(String condition) { + if (condition == null) { + throw new RuntimeException("Value for condition cannot be null"); + } + criteriaWithoutValue.add(condition); + } + + protected void addCriterion(String condition, Object value, String property) { + if (value == null) { + throw new RuntimeException("Value for " + property + " cannot be null"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("value", value); + criteriaWithSingleValue.add(map); + } + + protected void addCriterion(String condition, List values, String property) { + if (values == null || values.size() == 0) { + throw new RuntimeException("Value list for " + property + " cannot be null or empty"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", values); + criteriaWithListValue.add(map); + } + + protected void addCriterion(String condition, Object value1, Object value2, String property) { + if (value1 == null || value2 == null) { + throw new RuntimeException("Between values for " + property + " cannot be null"); + } + List list = new ArrayList(); + list.add(value1); + list.add(value2); + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", list); + criteriaWithBetweenValue.add(map); + } + + public Criteria andIdIsNull() { + addCriterion("id is null"); + return this; + } + + public Criteria andIdIsNotNull() { + addCriterion("id is not null"); + return this; + } + + public Criteria andIdEqualTo(Long value) { + addCriterion("id =", value, "id"); + return this; + } + + public Criteria andIdNotEqualTo(Long value) { + addCriterion("id <>", value, "id"); + return this; + } + + public Criteria andIdGreaterThan(Long value) { + addCriterion("id >", value, "id"); + return this; + } + + public Criteria andIdGreaterThanOrEqualTo(Long value) { + addCriterion("id >=", value, "id"); + return this; + } + + public Criteria andIdLessThan(Long value) { + addCriterion("id <", value, "id"); + return this; + } + + public Criteria andIdLessThanOrEqualTo(Long value) { + addCriterion("id <=", value, "id"); + return this; + } + + public Criteria andIdIn(List values) { + addCriterion("id in", values, "id"); + return this; + } + + public Criteria andIdNotIn(List values) { + addCriterion("id not in", values, "id"); + return this; + } + + public Criteria andIdBetween(Long value1, Long value2) { + addCriterion("id between", value1, value2, "id"); + return this; + } + + public Criteria andIdNotBetween(Long value1, Long value2) { + addCriterion("id not between", value1, value2, "id"); + return this; + } + + public Criteria andGroupnameIsNull() { + addCriterion("groupname is null"); + return this; + } + + public Criteria andGroupnameIsNotNull() { + addCriterion("groupname is not null"); + return this; + } + + public Criteria andGroupnameEqualTo(String value) { + addCriterion("groupname =", value, "groupname"); + return this; + } + + public Criteria andGroupnameNotEqualTo(String value) { + addCriterion("groupname <>", value, "groupname"); + return this; + } + + public Criteria andGroupnameGreaterThan(String value) { + addCriterion("groupname >", value, "groupname"); + return this; + } + + public Criteria andGroupnameGreaterThanOrEqualTo(String value) { + addCriterion("groupname >=", value, "groupname"); + return this; + } + + public Criteria andGroupnameLessThan(String value) { + addCriterion("groupname <", value, "groupname"); + return this; + } + + public Criteria andGroupnameLessThanOrEqualTo(String value) { + addCriterion("groupname <=", value, "groupname"); + return this; + } + + public Criteria andGroupnameLike(String value) { + addCriterion("groupname like", value, "groupname"); + return this; + } + + public Criteria andGroupnameNotLike(String value) { + addCriterion("groupname not like", value, "groupname"); + return this; + } + + public Criteria andGroupnameIn(List values) { + addCriterion("groupname in", values, "groupname"); + return this; + } + + public Criteria andGroupnameNotIn(List values) { + addCriterion("groupname not in", values, "groupname"); + return this; + } + + public Criteria andGroupnameBetween(String value1, String value2) { + addCriterion("groupname between", value1, value2, "groupname"); + return this; + } + + public Criteria andGroupnameNotBetween(String value1, String value2) { + addCriterion("groupname not between", value1, value2, "groupname"); + return this; + } + + public Criteria andAttributeIsNull() { + addCriterion("attribute is null"); + return this; + } + + public Criteria andAttributeIsNotNull() { + addCriterion("attribute is not null"); + return this; + } + + public Criteria andAttributeEqualTo(String value) { + addCriterion("attribute =", value, "attribute"); + return this; + } + + public Criteria andAttributeNotEqualTo(String value) { + addCriterion("attribute <>", value, "attribute"); + return this; + } + + public Criteria andAttributeGreaterThan(String value) { + addCriterion("attribute >", value, "attribute"); + return this; + } + + public Criteria andAttributeGreaterThanOrEqualTo(String value) { + addCriterion("attribute >=", value, "attribute"); + return this; + } + + public Criteria andAttributeLessThan(String value) { + addCriterion("attribute <", value, "attribute"); + return this; + } + + public Criteria andAttributeLessThanOrEqualTo(String value) { + addCriterion("attribute <=", value, "attribute"); + return this; + } + + public Criteria andAttributeLike(String value) { + addCriterion("attribute like", value, "attribute"); + return this; + } + + public Criteria andAttributeNotLike(String value) { + addCriterion("attribute not like", value, "attribute"); + return this; + } + + public Criteria andAttributeIn(List values) { + addCriterion("attribute in", values, "attribute"); + return this; + } + + public Criteria andAttributeNotIn(List values) { + addCriterion("attribute not in", values, "attribute"); + return this; + } + + public Criteria andAttributeBetween(String value1, String value2) { + addCriterion("attribute between", value1, value2, "attribute"); + return this; + } + + public Criteria andAttributeNotBetween(String value1, String value2) { + addCriterion("attribute not between", value1, value2, "attribute"); + return this; + } + + public Criteria andOpIsNull() { + addCriterion("op is null"); + return this; + } + + public Criteria andOpIsNotNull() { + addCriterion("op is not null"); + return this; + } + + public Criteria andOpEqualTo(String value) { + addCriterion("op =", value, "op"); + return this; + } + + public Criteria andOpNotEqualTo(String value) { + addCriterion("op <>", value, "op"); + return this; + } + + public Criteria andOpGreaterThan(String value) { + addCriterion("op >", value, "op"); + return this; + } + + public Criteria andOpGreaterThanOrEqualTo(String value) { + addCriterion("op >=", value, "op"); + return this; + } + + public Criteria andOpLessThan(String value) { + addCriterion("op <", value, "op"); + return this; + } + + public Criteria andOpLessThanOrEqualTo(String value) { + addCriterion("op <=", value, "op"); + return this; + } + + public Criteria andOpLike(String value) { + addCriterion("op like", value, "op"); + return this; + } + + public Criteria andOpNotLike(String value) { + addCriterion("op not like", value, "op"); + return this; + } + + public Criteria andOpIn(List values) { + addCriterion("op in", values, "op"); + return this; + } + + public Criteria andOpNotIn(List values) { + addCriterion("op not in", values, "op"); + return this; + } + + public Criteria andOpBetween(String value1, String value2) { + addCriterion("op between", value1, value2, "op"); + return this; + } + + public Criteria andOpNotBetween(String value1, String value2) { + addCriterion("op not between", value1, value2, "op"); + return this; + } + + public Criteria andValueIsNull() { + addCriterion("value is null"); + return this; + } + + public Criteria andValueIsNotNull() { + addCriterion("value is not null"); + return this; + } + + public Criteria andValueEqualTo(String value) { + addCriterion("value =", value, "value"); + return this; + } + + public Criteria andValueNotEqualTo(String value) { + addCriterion("value <>", value, "value"); + return this; + } + + public Criteria andValueGreaterThan(String value) { + addCriterion("value >", value, "value"); + return this; + } + + public Criteria andValueGreaterThanOrEqualTo(String value) { + addCriterion("value >=", value, "value"); + return this; + } + + public Criteria andValueLessThan(String value) { + addCriterion("value <", value, "value"); + return this; + } + + public Criteria andValueLessThanOrEqualTo(String value) { + addCriterion("value <=", value, "value"); + return this; + } + + public Criteria andValueLike(String value) { + addCriterion("value like", value, "value"); + return this; + } + + public Criteria andValueNotLike(String value) { + addCriterion("value not like", value, "value"); + return this; + } + + public Criteria andValueIn(List values) { + addCriterion("value in", values, "value"); + return this; + } + + public Criteria andValueNotIn(List values) { + addCriterion("value not in", values, "value"); + return this; + } + + public Criteria andValueBetween(String value1, String value2) { + addCriterion("value between", value1, value2, "value"); + return this; + } + + public Criteria andValueNotBetween(String value1, String value2) { + addCriterion("value not between", value1, value2, "value"); + return this; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadIPPool.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadIPPool.java new file mode 100644 index 0000000..0e6d714 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadIPPool.java @@ -0,0 +1,298 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; +import java.util.Date; + +public class RadIPPool extends Record { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radippool.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Long id; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radippool.pool_name + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String poolName; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radippool.framedipaddress + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String framedipaddress = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radippool.nasipaddress + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String nasipaddress = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radippool.calledstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String calledstationid; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radippool.callingstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String callingstationid; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radippool.expiry_time + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Date expiryTime; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radippool.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String username = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radippool.pool_key + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String poolKey; + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radippool.id + * + * @return the value of radippool.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long getId() { + return id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radippool.id + * + * @param id the value for radippool.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setId(Long id) { + this.id = id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radippool.pool_name + * + * @return the value of radippool.pool_name + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getPoolName() { + return poolName; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radippool.pool_name + * + * @param poolName the value for radippool.pool_name + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setPoolName(String poolName) { + this.poolName = poolName == null ? null : poolName.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radippool.framedipaddress + * + * @return the value of radippool.framedipaddress + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getFramedipaddress() { + return framedipaddress; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radippool.framedipaddress + * + * @param framedipaddress the value for radippool.framedipaddress + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setFramedipaddress(String framedipaddress) { + this.framedipaddress = framedipaddress == null ? null : framedipaddress.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radippool.nasipaddress + * + * @return the value of radippool.nasipaddress + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getNasipaddress() { + return nasipaddress; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radippool.nasipaddress + * + * @param nasipaddress the value for radippool.nasipaddress + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setNasipaddress(String nasipaddress) { + this.nasipaddress = nasipaddress == null ? null : nasipaddress.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radippool.calledstationid + * + * @return the value of radippool.calledstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getCalledstationid() { + return calledstationid; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radippool.calledstationid + * + * @param calledstationid the value for radippool.calledstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setCalledstationid(String calledstationid) { + this.calledstationid = calledstationid == null ? null : calledstationid.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radippool.callingstationid + * + * @return the value of radippool.callingstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getCallingstationid() { + return callingstationid; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radippool.callingstationid + * + * @param callingstationid the value for radippool.callingstationid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setCallingstationid(String callingstationid) { + this.callingstationid = callingstationid == null ? null : callingstationid.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radippool.expiry_time + * + * @return the value of radippool.expiry_time + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Date getExpiryTime() { + return expiryTime; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radippool.expiry_time + * + * @param expiryTime the value for radippool.expiry_time + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setExpiryTime(Date expiryTime) { + this.expiryTime = expiryTime; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radippool.username + * + * @return the value of radippool.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getUsername() { + return username; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radippool.username + * + * @param username the value for radippool.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setUsername(String username) { + this.username = username == null ? null : username.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radippool.pool_key + * + * @return the value of radippool.pool_key + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getPoolKey() { + return poolKey; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radippool.pool_key + * + * @param poolKey the value for radippool.pool_key + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setPoolKey(String poolKey) { + this.poolKey = poolKey == null ? null : poolKey.trim(); + } + + public Record synchronizedRecord() { + return new SynchronizedRadIPPool(this); + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadIPPoolExample.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadIPPoolExample.java new file mode 100644 index 0000000..a8b5d76 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadIPPoolExample.java @@ -0,0 +1,853 @@ +package net.jradius.dal.model; + +import com.coova.dal.Example; +import com.coova.dal.ExampleCriteria; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class RadIPPoolExample extends Example { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected String orderByClause; + + protected Integer startRow; + + protected Integer rowCount; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected List oredCriteria; + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadIPPoolExample() { + oredCriteria = new ArrayList(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected RadIPPoolExample(RadIPPoolExample example) { + this.orderByClause = example.orderByClause; + this.oredCriteria = example.oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOrderByClause(String orderByClause) { + this.orderByClause = orderByClause; + } + + public void setStartRow(Integer startRow) { + this.startRow = startRow; + } + + public void setRowCount(Integer rowCount) { + this.rowCount = rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOrderByClause() { + return orderByClause; + } + + public Integer getStartRow() { + return startRow; + } + + public Integer getRowCount() { + return rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public List getOredCriteria() { + return oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void or(Criteria criteria) { + oredCriteria.add(criteria); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria createCriteria() { + Criteria criteria = createCriteriaInternal(); + if (oredCriteria.size() == 0) { + oredCriteria.add(criteria); + } + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria appendCriteria() { + if (oredCriteria.size() == 0) { + return createCriteria(); + } + return oredCriteria.get(0); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected Criteria createCriteriaInternal() { + Criteria criteria = new Criteria(); + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void clear() { + oredCriteria.clear(); + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radippool + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public static class Criteria extends ExampleCriteria { + protected List criteriaWithoutValue; + + protected List> criteriaWithSingleValue; + + protected List> criteriaWithListValue; + + protected List> criteriaWithBetweenValue; + + protected Criteria() { + super(); + criteriaWithoutValue = new ArrayList(); + criteriaWithSingleValue = new ArrayList>(); + criteriaWithListValue = new ArrayList>(); + criteriaWithBetweenValue = new ArrayList>(); + } + + public boolean isValid() { + return criteriaWithoutValue.size() > 0 + || criteriaWithSingleValue.size() > 0 + || criteriaWithListValue.size() > 0 + || criteriaWithBetweenValue.size() > 0; + } + + public List getCriteriaWithoutValue() { + return criteriaWithoutValue; + } + + public List> getCriteriaWithSingleValue() { + return criteriaWithSingleValue; + } + + public List> getCriteriaWithListValue() { + return criteriaWithListValue; + } + + public List> getCriteriaWithBetweenValue() { + return criteriaWithBetweenValue; + } + + protected void addCriterion(String condition) { + if (condition == null) { + throw new RuntimeException("Value for condition cannot be null"); + } + criteriaWithoutValue.add(condition); + } + + protected void addCriterion(String condition, Object value, String property) { + if (value == null) { + throw new RuntimeException("Value for " + property + " cannot be null"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("value", value); + criteriaWithSingleValue.add(map); + } + + protected void addCriterion(String condition, List values, String property) { + if (values == null || values.size() == 0) { + throw new RuntimeException("Value list for " + property + " cannot be null or empty"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", values); + criteriaWithListValue.add(map); + } + + protected void addCriterion(String condition, Object value1, Object value2, String property) { + if (value1 == null || value2 == null) { + throw new RuntimeException("Between values for " + property + " cannot be null"); + } + List list = new ArrayList(); + list.add(value1); + list.add(value2); + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", list); + criteriaWithBetweenValue.add(map); + } + + public Criteria andIdIsNull() { + addCriterion("id is null"); + return this; + } + + public Criteria andIdIsNotNull() { + addCriterion("id is not null"); + return this; + } + + public Criteria andIdEqualTo(Long value) { + addCriterion("id =", value, "id"); + return this; + } + + public Criteria andIdNotEqualTo(Long value) { + addCriterion("id <>", value, "id"); + return this; + } + + public Criteria andIdGreaterThan(Long value) { + addCriterion("id >", value, "id"); + return this; + } + + public Criteria andIdGreaterThanOrEqualTo(Long value) { + addCriterion("id >=", value, "id"); + return this; + } + + public Criteria andIdLessThan(Long value) { + addCriterion("id <", value, "id"); + return this; + } + + public Criteria andIdLessThanOrEqualTo(Long value) { + addCriterion("id <=", value, "id"); + return this; + } + + public Criteria andIdIn(List values) { + addCriterion("id in", values, "id"); + return this; + } + + public Criteria andIdNotIn(List values) { + addCriterion("id not in", values, "id"); + return this; + } + + public Criteria andIdBetween(Long value1, Long value2) { + addCriterion("id between", value1, value2, "id"); + return this; + } + + public Criteria andIdNotBetween(Long value1, Long value2) { + addCriterion("id not between", value1, value2, "id"); + return this; + } + + public Criteria andPoolNameIsNull() { + addCriterion("pool_name is null"); + return this; + } + + public Criteria andPoolNameIsNotNull() { + addCriterion("pool_name is not null"); + return this; + } + + public Criteria andPoolNameEqualTo(String value) { + addCriterion("pool_name =", value, "poolName"); + return this; + } + + public Criteria andPoolNameNotEqualTo(String value) { + addCriterion("pool_name <>", value, "poolName"); + return this; + } + + public Criteria andPoolNameGreaterThan(String value) { + addCriterion("pool_name >", value, "poolName"); + return this; + } + + public Criteria andPoolNameGreaterThanOrEqualTo(String value) { + addCriterion("pool_name >=", value, "poolName"); + return this; + } + + public Criteria andPoolNameLessThan(String value) { + addCriterion("pool_name <", value, "poolName"); + return this; + } + + public Criteria andPoolNameLessThanOrEqualTo(String value) { + addCriterion("pool_name <=", value, "poolName"); + return this; + } + + public Criteria andPoolNameLike(String value) { + addCriterion("pool_name like", value, "poolName"); + return this; + } + + public Criteria andPoolNameNotLike(String value) { + addCriterion("pool_name not like", value, "poolName"); + return this; + } + + public Criteria andPoolNameIn(List values) { + addCriterion("pool_name in", values, "poolName"); + return this; + } + + public Criteria andPoolNameNotIn(List values) { + addCriterion("pool_name not in", values, "poolName"); + return this; + } + + public Criteria andPoolNameBetween(String value1, String value2) { + addCriterion("pool_name between", value1, value2, "poolName"); + return this; + } + + public Criteria andPoolNameNotBetween(String value1, String value2) { + addCriterion("pool_name not between", value1, value2, "poolName"); + return this; + } + + public Criteria andFramedipaddressIsNull() { + addCriterion("framedipaddress is null"); + return this; + } + + public Criteria andFramedipaddressIsNotNull() { + addCriterion("framedipaddress is not null"); + return this; + } + + public Criteria andFramedipaddressEqualTo(String value) { + addCriterion("framedipaddress =", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressNotEqualTo(String value) { + addCriterion("framedipaddress <>", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressGreaterThan(String value) { + addCriterion("framedipaddress >", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressGreaterThanOrEqualTo(String value) { + addCriterion("framedipaddress >=", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressLessThan(String value) { + addCriterion("framedipaddress <", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressLessThanOrEqualTo(String value) { + addCriterion("framedipaddress <=", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressLike(String value) { + addCriterion("framedipaddress like", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressNotLike(String value) { + addCriterion("framedipaddress not like", value, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressIn(List values) { + addCriterion("framedipaddress in", values, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressNotIn(List values) { + addCriterion("framedipaddress not in", values, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressBetween(String value1, String value2) { + addCriterion("framedipaddress between", value1, value2, "framedipaddress"); + return this; + } + + public Criteria andFramedipaddressNotBetween(String value1, String value2) { + addCriterion("framedipaddress not between", value1, value2, "framedipaddress"); + return this; + } + + public Criteria andNasipaddressIsNull() { + addCriterion("nasipaddress is null"); + return this; + } + + public Criteria andNasipaddressIsNotNull() { + addCriterion("nasipaddress is not null"); + return this; + } + + public Criteria andNasipaddressEqualTo(String value) { + addCriterion("nasipaddress =", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressNotEqualTo(String value) { + addCriterion("nasipaddress <>", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressGreaterThan(String value) { + addCriterion("nasipaddress >", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressGreaterThanOrEqualTo(String value) { + addCriterion("nasipaddress >=", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressLessThan(String value) { + addCriterion("nasipaddress <", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressLessThanOrEqualTo(String value) { + addCriterion("nasipaddress <=", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressLike(String value) { + addCriterion("nasipaddress like", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressNotLike(String value) { + addCriterion("nasipaddress not like", value, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressIn(List values) { + addCriterion("nasipaddress in", values, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressNotIn(List values) { + addCriterion("nasipaddress not in", values, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressBetween(String value1, String value2) { + addCriterion("nasipaddress between", value1, value2, "nasipaddress"); + return this; + } + + public Criteria andNasipaddressNotBetween(String value1, String value2) { + addCriterion("nasipaddress not between", value1, value2, "nasipaddress"); + return this; + } + + public Criteria andCalledstationidIsNull() { + addCriterion("calledstationid is null"); + return this; + } + + public Criteria andCalledstationidIsNotNull() { + addCriterion("calledstationid is not null"); + return this; + } + + public Criteria andCalledstationidEqualTo(String value) { + addCriterion("calledstationid =", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidNotEqualTo(String value) { + addCriterion("calledstationid <>", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidGreaterThan(String value) { + addCriterion("calledstationid >", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidGreaterThanOrEqualTo(String value) { + addCriterion("calledstationid >=", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidLessThan(String value) { + addCriterion("calledstationid <", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidLessThanOrEqualTo(String value) { + addCriterion("calledstationid <=", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidLike(String value) { + addCriterion("calledstationid like", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidNotLike(String value) { + addCriterion("calledstationid not like", value, "calledstationid"); + return this; + } + + public Criteria andCalledstationidIn(List values) { + addCriterion("calledstationid in", values, "calledstationid"); + return this; + } + + public Criteria andCalledstationidNotIn(List values) { + addCriterion("calledstationid not in", values, "calledstationid"); + return this; + } + + public Criteria andCalledstationidBetween(String value1, String value2) { + addCriterion("calledstationid between", value1, value2, "calledstationid"); + return this; + } + + public Criteria andCalledstationidNotBetween(String value1, String value2) { + addCriterion("calledstationid not between", value1, value2, "calledstationid"); + return this; + } + + public Criteria andCallingstationidIsNull() { + addCriterion("callingstationid is null"); + return this; + } + + public Criteria andCallingstationidIsNotNull() { + addCriterion("callingstationid is not null"); + return this; + } + + public Criteria andCallingstationidEqualTo(String value) { + addCriterion("callingstationid =", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidNotEqualTo(String value) { + addCriterion("callingstationid <>", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidGreaterThan(String value) { + addCriterion("callingstationid >", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidGreaterThanOrEqualTo(String value) { + addCriterion("callingstationid >=", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidLessThan(String value) { + addCriterion("callingstationid <", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidLessThanOrEqualTo(String value) { + addCriterion("callingstationid <=", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidLike(String value) { + addCriterion("callingstationid like", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidNotLike(String value) { + addCriterion("callingstationid not like", value, "callingstationid"); + return this; + } + + public Criteria andCallingstationidIn(List values) { + addCriterion("callingstationid in", values, "callingstationid"); + return this; + } + + public Criteria andCallingstationidNotIn(List values) { + addCriterion("callingstationid not in", values, "callingstationid"); + return this; + } + + public Criteria andCallingstationidBetween(String value1, String value2) { + addCriterion("callingstationid between", value1, value2, "callingstationid"); + return this; + } + + public Criteria andCallingstationidNotBetween(String value1, String value2) { + addCriterion("callingstationid not between", value1, value2, "callingstationid"); + return this; + } + + public Criteria andExpiryTimeIsNull() { + addCriterion("expiry_time is null"); + return this; + } + + public Criteria andExpiryTimeIsNotNull() { + addCriterion("expiry_time is not null"); + return this; + } + + public Criteria andExpiryTimeEqualTo(Date value) { + addCriterion("expiry_time =", value, "expiryTime"); + return this; + } + + public Criteria andExpiryTimeNotEqualTo(Date value) { + addCriterion("expiry_time <>", value, "expiryTime"); + return this; + } + + public Criteria andExpiryTimeGreaterThan(Date value) { + addCriterion("expiry_time >", value, "expiryTime"); + return this; + } + + public Criteria andExpiryTimeGreaterThanOrEqualTo(Date value) { + addCriterion("expiry_time >=", value, "expiryTime"); + return this; + } + + public Criteria andExpiryTimeLessThan(Date value) { + addCriterion("expiry_time <", value, "expiryTime"); + return this; + } + + public Criteria andExpiryTimeLessThanOrEqualTo(Date value) { + addCriterion("expiry_time <=", value, "expiryTime"); + return this; + } + + public Criteria andExpiryTimeIn(List values) { + addCriterion("expiry_time in", values, "expiryTime"); + return this; + } + + public Criteria andExpiryTimeNotIn(List values) { + addCriterion("expiry_time not in", values, "expiryTime"); + return this; + } + + public Criteria andExpiryTimeBetween(Date value1, Date value2) { + addCriterion("expiry_time between", value1, value2, "expiryTime"); + return this; + } + + public Criteria andExpiryTimeNotBetween(Date value1, Date value2) { + addCriterion("expiry_time not between", value1, value2, "expiryTime"); + return this; + } + + public Criteria andUsernameIsNull() { + addCriterion("username is null"); + return this; + } + + public Criteria andUsernameIsNotNull() { + addCriterion("username is not null"); + return this; + } + + public Criteria andUsernameEqualTo(String value) { + addCriterion("username =", value, "username"); + return this; + } + + public Criteria andUsernameNotEqualTo(String value) { + addCriterion("username <>", value, "username"); + return this; + } + + public Criteria andUsernameGreaterThan(String value) { + addCriterion("username >", value, "username"); + return this; + } + + public Criteria andUsernameGreaterThanOrEqualTo(String value) { + addCriterion("username >=", value, "username"); + return this; + } + + public Criteria andUsernameLessThan(String value) { + addCriterion("username <", value, "username"); + return this; + } + + public Criteria andUsernameLessThanOrEqualTo(String value) { + addCriterion("username <=", value, "username"); + return this; + } + + public Criteria andUsernameLike(String value) { + addCriterion("username like", value, "username"); + return this; + } + + public Criteria andUsernameNotLike(String value) { + addCriterion("username not like", value, "username"); + return this; + } + + public Criteria andUsernameIn(List values) { + addCriterion("username in", values, "username"); + return this; + } + + public Criteria andUsernameNotIn(List values) { + addCriterion("username not in", values, "username"); + return this; + } + + public Criteria andUsernameBetween(String value1, String value2) { + addCriterion("username between", value1, value2, "username"); + return this; + } + + public Criteria andUsernameNotBetween(String value1, String value2) { + addCriterion("username not between", value1, value2, "username"); + return this; + } + + public Criteria andPoolKeyIsNull() { + addCriterion("pool_key is null"); + return this; + } + + public Criteria andPoolKeyIsNotNull() { + addCriterion("pool_key is not null"); + return this; + } + + public Criteria andPoolKeyEqualTo(String value) { + addCriterion("pool_key =", value, "poolKey"); + return this; + } + + public Criteria andPoolKeyNotEqualTo(String value) { + addCriterion("pool_key <>", value, "poolKey"); + return this; + } + + public Criteria andPoolKeyGreaterThan(String value) { + addCriterion("pool_key >", value, "poolKey"); + return this; + } + + public Criteria andPoolKeyGreaterThanOrEqualTo(String value) { + addCriterion("pool_key >=", value, "poolKey"); + return this; + } + + public Criteria andPoolKeyLessThan(String value) { + addCriterion("pool_key <", value, "poolKey"); + return this; + } + + public Criteria andPoolKeyLessThanOrEqualTo(String value) { + addCriterion("pool_key <=", value, "poolKey"); + return this; + } + + public Criteria andPoolKeyLike(String value) { + addCriterion("pool_key like", value, "poolKey"); + return this; + } + + public Criteria andPoolKeyNotLike(String value) { + addCriterion("pool_key not like", value, "poolKey"); + return this; + } + + public Criteria andPoolKeyIn(List values) { + addCriterion("pool_key in", values, "poolKey"); + return this; + } + + public Criteria andPoolKeyNotIn(List values) { + addCriterion("pool_key not in", values, "poolKey"); + return this; + } + + public Criteria andPoolKeyBetween(String value1, String value2) { + addCriterion("pool_key between", value1, value2, "poolKey"); + return this; + } + + public Criteria andPoolKeyNotBetween(String value1, String value2) { + addCriterion("pool_key not between", value1, value2, "poolKey"); + return this; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadPostAuth.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadPostAuth.java new file mode 100644 index 0000000..0cd12ca --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadPostAuth.java @@ -0,0 +1,170 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; +import java.util.Date; + +public class RadPostAuth extends Record { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radpostauth.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Long id; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radpostauth.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String username = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radpostauth.pass + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String pass = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radpostauth.reply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String reply = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radpostauth.authdate + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Date authdate; + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radpostauth.id + * + * @return the value of radpostauth.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long getId() { + return id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radpostauth.id + * + * @param id the value for radpostauth.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setId(Long id) { + this.id = id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radpostauth.username + * + * @return the value of radpostauth.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getUsername() { + return username; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radpostauth.username + * + * @param username the value for radpostauth.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setUsername(String username) { + this.username = username == null ? null : username.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radpostauth.pass + * + * @return the value of radpostauth.pass + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getPass() { + return pass; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radpostauth.pass + * + * @param pass the value for radpostauth.pass + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setPass(String pass) { + this.pass = pass == null ? null : pass.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radpostauth.reply + * + * @return the value of radpostauth.reply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getReply() { + return reply; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radpostauth.reply + * + * @param reply the value for radpostauth.reply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setReply(String reply) { + this.reply = reply == null ? null : reply.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radpostauth.authdate + * + * @return the value of radpostauth.authdate + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Date getAuthdate() { + return authdate; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radpostauth.authdate + * + * @param authdate the value for radpostauth.authdate + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAuthdate(Date authdate) { + this.authdate = authdate; + } + + public Record synchronizedRecord() { + return new SynchronizedRadPostAuth(this); + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadPostAuthExample.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadPostAuthExample.java new file mode 100644 index 0000000..c86574c --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadPostAuthExample.java @@ -0,0 +1,573 @@ +package net.jradius.dal.model; + +import com.coova.dal.Example; +import com.coova.dal.ExampleCriteria; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class RadPostAuthExample extends Example { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected String orderByClause; + + protected Integer startRow; + + protected Integer rowCount; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected List oredCriteria; + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadPostAuthExample() { + oredCriteria = new ArrayList(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected RadPostAuthExample(RadPostAuthExample example) { + this.orderByClause = example.orderByClause; + this.oredCriteria = example.oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOrderByClause(String orderByClause) { + this.orderByClause = orderByClause; + } + + public void setStartRow(Integer startRow) { + this.startRow = startRow; + } + + public void setRowCount(Integer rowCount) { + this.rowCount = rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOrderByClause() { + return orderByClause; + } + + public Integer getStartRow() { + return startRow; + } + + public Integer getRowCount() { + return rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public List getOredCriteria() { + return oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void or(Criteria criteria) { + oredCriteria.add(criteria); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria createCriteria() { + Criteria criteria = createCriteriaInternal(); + if (oredCriteria.size() == 0) { + oredCriteria.add(criteria); + } + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria appendCriteria() { + if (oredCriteria.size() == 0) { + return createCriteria(); + } + return oredCriteria.get(0); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected Criteria createCriteriaInternal() { + Criteria criteria = new Criteria(); + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void clear() { + oredCriteria.clear(); + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radpostauth + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public static class Criteria extends ExampleCriteria { + protected List criteriaWithoutValue; + + protected List> criteriaWithSingleValue; + + protected List> criteriaWithListValue; + + protected List> criteriaWithBetweenValue; + + protected Criteria() { + super(); + criteriaWithoutValue = new ArrayList(); + criteriaWithSingleValue = new ArrayList>(); + criteriaWithListValue = new ArrayList>(); + criteriaWithBetweenValue = new ArrayList>(); + } + + public boolean isValid() { + return criteriaWithoutValue.size() > 0 + || criteriaWithSingleValue.size() > 0 + || criteriaWithListValue.size() > 0 + || criteriaWithBetweenValue.size() > 0; + } + + public List getCriteriaWithoutValue() { + return criteriaWithoutValue; + } + + public List> getCriteriaWithSingleValue() { + return criteriaWithSingleValue; + } + + public List> getCriteriaWithListValue() { + return criteriaWithListValue; + } + + public List> getCriteriaWithBetweenValue() { + return criteriaWithBetweenValue; + } + + protected void addCriterion(String condition) { + if (condition == null) { + throw new RuntimeException("Value for condition cannot be null"); + } + criteriaWithoutValue.add(condition); + } + + protected void addCriterion(String condition, Object value, String property) { + if (value == null) { + throw new RuntimeException("Value for " + property + " cannot be null"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("value", value); + criteriaWithSingleValue.add(map); + } + + protected void addCriterion(String condition, List values, String property) { + if (values == null || values.size() == 0) { + throw new RuntimeException("Value list for " + property + " cannot be null or empty"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", values); + criteriaWithListValue.add(map); + } + + protected void addCriterion(String condition, Object value1, Object value2, String property) { + if (value1 == null || value2 == null) { + throw new RuntimeException("Between values for " + property + " cannot be null"); + } + List list = new ArrayList(); + list.add(value1); + list.add(value2); + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", list); + criteriaWithBetweenValue.add(map); + } + + public Criteria andIdIsNull() { + addCriterion("id is null"); + return this; + } + + public Criteria andIdIsNotNull() { + addCriterion("id is not null"); + return this; + } + + public Criteria andIdEqualTo(Long value) { + addCriterion("id =", value, "id"); + return this; + } + + public Criteria andIdNotEqualTo(Long value) { + addCriterion("id <>", value, "id"); + return this; + } + + public Criteria andIdGreaterThan(Long value) { + addCriterion("id >", value, "id"); + return this; + } + + public Criteria andIdGreaterThanOrEqualTo(Long value) { + addCriterion("id >=", value, "id"); + return this; + } + + public Criteria andIdLessThan(Long value) { + addCriterion("id <", value, "id"); + return this; + } + + public Criteria andIdLessThanOrEqualTo(Long value) { + addCriterion("id <=", value, "id"); + return this; + } + + public Criteria andIdIn(List values) { + addCriterion("id in", values, "id"); + return this; + } + + public Criteria andIdNotIn(List values) { + addCriterion("id not in", values, "id"); + return this; + } + + public Criteria andIdBetween(Long value1, Long value2) { + addCriterion("id between", value1, value2, "id"); + return this; + } + + public Criteria andIdNotBetween(Long value1, Long value2) { + addCriterion("id not between", value1, value2, "id"); + return this; + } + + public Criteria andUsernameIsNull() { + addCriterion("username is null"); + return this; + } + + public Criteria andUsernameIsNotNull() { + addCriterion("username is not null"); + return this; + } + + public Criteria andUsernameEqualTo(String value) { + addCriterion("username =", value, "username"); + return this; + } + + public Criteria andUsernameNotEqualTo(String value) { + addCriterion("username <>", value, "username"); + return this; + } + + public Criteria andUsernameGreaterThan(String value) { + addCriterion("username >", value, "username"); + return this; + } + + public Criteria andUsernameGreaterThanOrEqualTo(String value) { + addCriterion("username >=", value, "username"); + return this; + } + + public Criteria andUsernameLessThan(String value) { + addCriterion("username <", value, "username"); + return this; + } + + public Criteria andUsernameLessThanOrEqualTo(String value) { + addCriterion("username <=", value, "username"); + return this; + } + + public Criteria andUsernameLike(String value) { + addCriterion("username like", value, "username"); + return this; + } + + public Criteria andUsernameNotLike(String value) { + addCriterion("username not like", value, "username"); + return this; + } + + public Criteria andUsernameIn(List values) { + addCriterion("username in", values, "username"); + return this; + } + + public Criteria andUsernameNotIn(List values) { + addCriterion("username not in", values, "username"); + return this; + } + + public Criteria andUsernameBetween(String value1, String value2) { + addCriterion("username between", value1, value2, "username"); + return this; + } + + public Criteria andUsernameNotBetween(String value1, String value2) { + addCriterion("username not between", value1, value2, "username"); + return this; + } + + public Criteria andPassIsNull() { + addCriterion("pass is null"); + return this; + } + + public Criteria andPassIsNotNull() { + addCriterion("pass is not null"); + return this; + } + + public Criteria andPassEqualTo(String value) { + addCriterion("pass =", value, "pass"); + return this; + } + + public Criteria andPassNotEqualTo(String value) { + addCriterion("pass <>", value, "pass"); + return this; + } + + public Criteria andPassGreaterThan(String value) { + addCriterion("pass >", value, "pass"); + return this; + } + + public Criteria andPassGreaterThanOrEqualTo(String value) { + addCriterion("pass >=", value, "pass"); + return this; + } + + public Criteria andPassLessThan(String value) { + addCriterion("pass <", value, "pass"); + return this; + } + + public Criteria andPassLessThanOrEqualTo(String value) { + addCriterion("pass <=", value, "pass"); + return this; + } + + public Criteria andPassLike(String value) { + addCriterion("pass like", value, "pass"); + return this; + } + + public Criteria andPassNotLike(String value) { + addCriterion("pass not like", value, "pass"); + return this; + } + + public Criteria andPassIn(List values) { + addCriterion("pass in", values, "pass"); + return this; + } + + public Criteria andPassNotIn(List values) { + addCriterion("pass not in", values, "pass"); + return this; + } + + public Criteria andPassBetween(String value1, String value2) { + addCriterion("pass between", value1, value2, "pass"); + return this; + } + + public Criteria andPassNotBetween(String value1, String value2) { + addCriterion("pass not between", value1, value2, "pass"); + return this; + } + + public Criteria andReplyIsNull() { + addCriterion("reply is null"); + return this; + } + + public Criteria andReplyIsNotNull() { + addCriterion("reply is not null"); + return this; + } + + public Criteria andReplyEqualTo(String value) { + addCriterion("reply =", value, "reply"); + return this; + } + + public Criteria andReplyNotEqualTo(String value) { + addCriterion("reply <>", value, "reply"); + return this; + } + + public Criteria andReplyGreaterThan(String value) { + addCriterion("reply >", value, "reply"); + return this; + } + + public Criteria andReplyGreaterThanOrEqualTo(String value) { + addCriterion("reply >=", value, "reply"); + return this; + } + + public Criteria andReplyLessThan(String value) { + addCriterion("reply <", value, "reply"); + return this; + } + + public Criteria andReplyLessThanOrEqualTo(String value) { + addCriterion("reply <=", value, "reply"); + return this; + } + + public Criteria andReplyLike(String value) { + addCriterion("reply like", value, "reply"); + return this; + } + + public Criteria andReplyNotLike(String value) { + addCriterion("reply not like", value, "reply"); + return this; + } + + public Criteria andReplyIn(List values) { + addCriterion("reply in", values, "reply"); + return this; + } + + public Criteria andReplyNotIn(List values) { + addCriterion("reply not in", values, "reply"); + return this; + } + + public Criteria andReplyBetween(String value1, String value2) { + addCriterion("reply between", value1, value2, "reply"); + return this; + } + + public Criteria andReplyNotBetween(String value1, String value2) { + addCriterion("reply not between", value1, value2, "reply"); + return this; + } + + public Criteria andAuthdateIsNull() { + addCriterion("authdate is null"); + return this; + } + + public Criteria andAuthdateIsNotNull() { + addCriterion("authdate is not null"); + return this; + } + + public Criteria andAuthdateEqualTo(Date value) { + addCriterion("authdate =", value, "authdate"); + return this; + } + + public Criteria andAuthdateNotEqualTo(Date value) { + addCriterion("authdate <>", value, "authdate"); + return this; + } + + public Criteria andAuthdateGreaterThan(Date value) { + addCriterion("authdate >", value, "authdate"); + return this; + } + + public Criteria andAuthdateGreaterThanOrEqualTo(Date value) { + addCriterion("authdate >=", value, "authdate"); + return this; + } + + public Criteria andAuthdateLessThan(Date value) { + addCriterion("authdate <", value, "authdate"); + return this; + } + + public Criteria andAuthdateLessThanOrEqualTo(Date value) { + addCriterion("authdate <=", value, "authdate"); + return this; + } + + public Criteria andAuthdateIn(List values) { + addCriterion("authdate in", values, "authdate"); + return this; + } + + public Criteria andAuthdateNotIn(List values) { + addCriterion("authdate not in", values, "authdate"); + return this; + } + + public Criteria andAuthdateBetween(Date value1, Date value2) { + addCriterion("authdate between", value1, value2, "authdate"); + return this; + } + + public Criteria andAuthdateNotBetween(Date value1, Date value2) { + addCriterion("authdate not between", value1, value2, "authdate"); + return this; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadReply.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadReply.java new file mode 100644 index 0000000..8020ae1 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadReply.java @@ -0,0 +1,169 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; + +public class RadReply extends Record { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radreply.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Long id; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radreply.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String username = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radreply.attribute + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String attribute = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radreply.op + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String op = "="; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radreply.value + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String value = ""; + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radreply.id + * + * @return the value of radreply.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long getId() { + return id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radreply.id + * + * @param id the value for radreply.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setId(Long id) { + this.id = id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radreply.username + * + * @return the value of radreply.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getUsername() { + return username; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radreply.username + * + * @param username the value for radreply.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setUsername(String username) { + this.username = username == null ? null : username.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radreply.attribute + * + * @return the value of radreply.attribute + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getAttribute() { + return attribute; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radreply.attribute + * + * @param attribute the value for radreply.attribute + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setAttribute(String attribute) { + this.attribute = attribute == null ? null : attribute.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radreply.op + * + * @return the value of radreply.op + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOp() { + return op; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radreply.op + * + * @param op the value for radreply.op + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOp(String op) { + this.op = op == null ? null : op.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radreply.value + * + * @return the value of radreply.value + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getValue() { + return value; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radreply.value + * + * @param value the value for radreply.value + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setValue(String value) { + this.value = value == null ? null : value.trim(); + } + + public Record synchronizedRecord() { + return new SynchronizedRadReply(this); + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadReplyExample.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadReplyExample.java new file mode 100644 index 0000000..8068747 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadReplyExample.java @@ -0,0 +1,582 @@ +package net.jradius.dal.model; + +import com.coova.dal.Example; +import com.coova.dal.ExampleCriteria; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class RadReplyExample extends Example { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected String orderByClause; + + protected Integer startRow; + + protected Integer rowCount; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected List oredCriteria; + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadReplyExample() { + oredCriteria = new ArrayList(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected RadReplyExample(RadReplyExample example) { + this.orderByClause = example.orderByClause; + this.oredCriteria = example.oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOrderByClause(String orderByClause) { + this.orderByClause = orderByClause; + } + + public void setStartRow(Integer startRow) { + this.startRow = startRow; + } + + public void setRowCount(Integer rowCount) { + this.rowCount = rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOrderByClause() { + return orderByClause; + } + + public Integer getStartRow() { + return startRow; + } + + public Integer getRowCount() { + return rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public List getOredCriteria() { + return oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void or(Criteria criteria) { + oredCriteria.add(criteria); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria createCriteria() { + Criteria criteria = createCriteriaInternal(); + if (oredCriteria.size() == 0) { + oredCriteria.add(criteria); + } + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria appendCriteria() { + if (oredCriteria.size() == 0) { + return createCriteria(); + } + return oredCriteria.get(0); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected Criteria createCriteriaInternal() { + Criteria criteria = new Criteria(); + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void clear() { + oredCriteria.clear(); + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radreply + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public static class Criteria extends ExampleCriteria { + protected List criteriaWithoutValue; + + protected List> criteriaWithSingleValue; + + protected List> criteriaWithListValue; + + protected List> criteriaWithBetweenValue; + + protected Criteria() { + super(); + criteriaWithoutValue = new ArrayList(); + criteriaWithSingleValue = new ArrayList>(); + criteriaWithListValue = new ArrayList>(); + criteriaWithBetweenValue = new ArrayList>(); + } + + public boolean isValid() { + return criteriaWithoutValue.size() > 0 + || criteriaWithSingleValue.size() > 0 + || criteriaWithListValue.size() > 0 + || criteriaWithBetweenValue.size() > 0; + } + + public List getCriteriaWithoutValue() { + return criteriaWithoutValue; + } + + public List> getCriteriaWithSingleValue() { + return criteriaWithSingleValue; + } + + public List> getCriteriaWithListValue() { + return criteriaWithListValue; + } + + public List> getCriteriaWithBetweenValue() { + return criteriaWithBetweenValue; + } + + protected void addCriterion(String condition) { + if (condition == null) { + throw new RuntimeException("Value for condition cannot be null"); + } + criteriaWithoutValue.add(condition); + } + + protected void addCriterion(String condition, Object value, String property) { + if (value == null) { + throw new RuntimeException("Value for " + property + " cannot be null"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("value", value); + criteriaWithSingleValue.add(map); + } + + protected void addCriterion(String condition, List values, String property) { + if (values == null || values.size() == 0) { + throw new RuntimeException("Value list for " + property + " cannot be null or empty"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", values); + criteriaWithListValue.add(map); + } + + protected void addCriterion(String condition, Object value1, Object value2, String property) { + if (value1 == null || value2 == null) { + throw new RuntimeException("Between values for " + property + " cannot be null"); + } + List list = new ArrayList(); + list.add(value1); + list.add(value2); + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", list); + criteriaWithBetweenValue.add(map); + } + + public Criteria andIdIsNull() { + addCriterion("id is null"); + return this; + } + + public Criteria andIdIsNotNull() { + addCriterion("id is not null"); + return this; + } + + public Criteria andIdEqualTo(Long value) { + addCriterion("id =", value, "id"); + return this; + } + + public Criteria andIdNotEqualTo(Long value) { + addCriterion("id <>", value, "id"); + return this; + } + + public Criteria andIdGreaterThan(Long value) { + addCriterion("id >", value, "id"); + return this; + } + + public Criteria andIdGreaterThanOrEqualTo(Long value) { + addCriterion("id >=", value, "id"); + return this; + } + + public Criteria andIdLessThan(Long value) { + addCriterion("id <", value, "id"); + return this; + } + + public Criteria andIdLessThanOrEqualTo(Long value) { + addCriterion("id <=", value, "id"); + return this; + } + + public Criteria andIdIn(List values) { + addCriterion("id in", values, "id"); + return this; + } + + public Criteria andIdNotIn(List values) { + addCriterion("id not in", values, "id"); + return this; + } + + public Criteria andIdBetween(Long value1, Long value2) { + addCriterion("id between", value1, value2, "id"); + return this; + } + + public Criteria andIdNotBetween(Long value1, Long value2) { + addCriterion("id not between", value1, value2, "id"); + return this; + } + + public Criteria andUsernameIsNull() { + addCriterion("username is null"); + return this; + } + + public Criteria andUsernameIsNotNull() { + addCriterion("username is not null"); + return this; + } + + public Criteria andUsernameEqualTo(String value) { + addCriterion("username =", value, "username"); + return this; + } + + public Criteria andUsernameNotEqualTo(String value) { + addCriterion("username <>", value, "username"); + return this; + } + + public Criteria andUsernameGreaterThan(String value) { + addCriterion("username >", value, "username"); + return this; + } + + public Criteria andUsernameGreaterThanOrEqualTo(String value) { + addCriterion("username >=", value, "username"); + return this; + } + + public Criteria andUsernameLessThan(String value) { + addCriterion("username <", value, "username"); + return this; + } + + public Criteria andUsernameLessThanOrEqualTo(String value) { + addCriterion("username <=", value, "username"); + return this; + } + + public Criteria andUsernameLike(String value) { + addCriterion("username like", value, "username"); + return this; + } + + public Criteria andUsernameNotLike(String value) { + addCriterion("username not like", value, "username"); + return this; + } + + public Criteria andUsernameIn(List values) { + addCriterion("username in", values, "username"); + return this; + } + + public Criteria andUsernameNotIn(List values) { + addCriterion("username not in", values, "username"); + return this; + } + + public Criteria andUsernameBetween(String value1, String value2) { + addCriterion("username between", value1, value2, "username"); + return this; + } + + public Criteria andUsernameNotBetween(String value1, String value2) { + addCriterion("username not between", value1, value2, "username"); + return this; + } + + public Criteria andAttributeIsNull() { + addCriterion("attribute is null"); + return this; + } + + public Criteria andAttributeIsNotNull() { + addCriterion("attribute is not null"); + return this; + } + + public Criteria andAttributeEqualTo(String value) { + addCriterion("attribute =", value, "attribute"); + return this; + } + + public Criteria andAttributeNotEqualTo(String value) { + addCriterion("attribute <>", value, "attribute"); + return this; + } + + public Criteria andAttributeGreaterThan(String value) { + addCriterion("attribute >", value, "attribute"); + return this; + } + + public Criteria andAttributeGreaterThanOrEqualTo(String value) { + addCriterion("attribute >=", value, "attribute"); + return this; + } + + public Criteria andAttributeLessThan(String value) { + addCriterion("attribute <", value, "attribute"); + return this; + } + + public Criteria andAttributeLessThanOrEqualTo(String value) { + addCriterion("attribute <=", value, "attribute"); + return this; + } + + public Criteria andAttributeLike(String value) { + addCriterion("attribute like", value, "attribute"); + return this; + } + + public Criteria andAttributeNotLike(String value) { + addCriterion("attribute not like", value, "attribute"); + return this; + } + + public Criteria andAttributeIn(List values) { + addCriterion("attribute in", values, "attribute"); + return this; + } + + public Criteria andAttributeNotIn(List values) { + addCriterion("attribute not in", values, "attribute"); + return this; + } + + public Criteria andAttributeBetween(String value1, String value2) { + addCriterion("attribute between", value1, value2, "attribute"); + return this; + } + + public Criteria andAttributeNotBetween(String value1, String value2) { + addCriterion("attribute not between", value1, value2, "attribute"); + return this; + } + + public Criteria andOpIsNull() { + addCriterion("op is null"); + return this; + } + + public Criteria andOpIsNotNull() { + addCriterion("op is not null"); + return this; + } + + public Criteria andOpEqualTo(String value) { + addCriterion("op =", value, "op"); + return this; + } + + public Criteria andOpNotEqualTo(String value) { + addCriterion("op <>", value, "op"); + return this; + } + + public Criteria andOpGreaterThan(String value) { + addCriterion("op >", value, "op"); + return this; + } + + public Criteria andOpGreaterThanOrEqualTo(String value) { + addCriterion("op >=", value, "op"); + return this; + } + + public Criteria andOpLessThan(String value) { + addCriterion("op <", value, "op"); + return this; + } + + public Criteria andOpLessThanOrEqualTo(String value) { + addCriterion("op <=", value, "op"); + return this; + } + + public Criteria andOpLike(String value) { + addCriterion("op like", value, "op"); + return this; + } + + public Criteria andOpNotLike(String value) { + addCriterion("op not like", value, "op"); + return this; + } + + public Criteria andOpIn(List values) { + addCriterion("op in", values, "op"); + return this; + } + + public Criteria andOpNotIn(List values) { + addCriterion("op not in", values, "op"); + return this; + } + + public Criteria andOpBetween(String value1, String value2) { + addCriterion("op between", value1, value2, "op"); + return this; + } + + public Criteria andOpNotBetween(String value1, String value2) { + addCriterion("op not between", value1, value2, "op"); + return this; + } + + public Criteria andValueIsNull() { + addCriterion("value is null"); + return this; + } + + public Criteria andValueIsNotNull() { + addCriterion("value is not null"); + return this; + } + + public Criteria andValueEqualTo(String value) { + addCriterion("value =", value, "value"); + return this; + } + + public Criteria andValueNotEqualTo(String value) { + addCriterion("value <>", value, "value"); + return this; + } + + public Criteria andValueGreaterThan(String value) { + addCriterion("value >", value, "value"); + return this; + } + + public Criteria andValueGreaterThanOrEqualTo(String value) { + addCriterion("value >=", value, "value"); + return this; + } + + public Criteria andValueLessThan(String value) { + addCriterion("value <", value, "value"); + return this; + } + + public Criteria andValueLessThanOrEqualTo(String value) { + addCriterion("value <=", value, "value"); + return this; + } + + public Criteria andValueLike(String value) { + addCriterion("value like", value, "value"); + return this; + } + + public Criteria andValueNotLike(String value) { + addCriterion("value not like", value, "value"); + return this; + } + + public Criteria andValueIn(List values) { + addCriterion("value in", values, "value"); + return this; + } + + public Criteria andValueNotIn(List values) { + addCriterion("value not in", values, "value"); + return this; + } + + public Criteria andValueBetween(String value1, String value2) { + addCriterion("value between", value1, value2, "value"); + return this; + } + + public Criteria andValueNotBetween(String value1, String value2) { + addCriterion("value not between", value1, value2, "value"); + return this; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadUserGroup.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadUserGroup.java new file mode 100644 index 0000000..1ff5db7 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadUserGroup.java @@ -0,0 +1,137 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; + +public class RadUserGroup extends Record { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radusergroup.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Long id; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radusergroup.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String username = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radusergroup.groupname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String groupname = ""; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column radusergroup.priority + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Integer priority; + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radusergroup.id + * + * @return the value of radusergroup.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long getId() { + return id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radusergroup.id + * + * @param id the value for radusergroup.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setId(Long id) { + this.id = id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radusergroup.username + * + * @return the value of radusergroup.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getUsername() { + return username; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radusergroup.username + * + * @param username the value for radusergroup.username + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setUsername(String username) { + this.username = username == null ? null : username.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radusergroup.groupname + * + * @return the value of radusergroup.groupname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getGroupname() { + return groupname; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radusergroup.groupname + * + * @param groupname the value for radusergroup.groupname + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setGroupname(String groupname) { + this.groupname = groupname == null ? null : groupname.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column radusergroup.priority + * + * @return the value of radusergroup.priority + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Integer getPriority() { + return priority; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column radusergroup.priority + * + * @param priority the value for radusergroup.priority + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setPriority(Integer priority) { + this.priority = priority; + } + + public Record synchronizedRecord() { + return new SynchronizedRadUserGroup(this); + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/RadUserGroupExample.java b/extensions/dal/src/main/java/net/jradius/dal/model/RadUserGroupExample.java new file mode 100644 index 0000000..1199183 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/RadUserGroupExample.java @@ -0,0 +1,502 @@ +package net.jradius.dal.model; + +import com.coova.dal.Example; +import com.coova.dal.ExampleCriteria; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class RadUserGroupExample extends Example { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected String orderByClause; + + protected Integer startRow; + + protected Integer rowCount; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected List oredCriteria; + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public RadUserGroupExample() { + oredCriteria = new ArrayList(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected RadUserGroupExample(RadUserGroupExample example) { + this.orderByClause = example.orderByClause; + this.oredCriteria = example.oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOrderByClause(String orderByClause) { + this.orderByClause = orderByClause; + } + + public void setStartRow(Integer startRow) { + this.startRow = startRow; + } + + public void setRowCount(Integer rowCount) { + this.rowCount = rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOrderByClause() { + return orderByClause; + } + + public Integer getStartRow() { + return startRow; + } + + public Integer getRowCount() { + return rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public List getOredCriteria() { + return oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void or(Criteria criteria) { + oredCriteria.add(criteria); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria createCriteria() { + Criteria criteria = createCriteriaInternal(); + if (oredCriteria.size() == 0) { + oredCriteria.add(criteria); + } + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria appendCriteria() { + if (oredCriteria.size() == 0) { + return createCriteria(); + } + return oredCriteria.get(0); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected Criteria createCriteriaInternal() { + Criteria criteria = new Criteria(); + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void clear() { + oredCriteria.clear(); + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table radusergroup + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public static class Criteria extends ExampleCriteria { + protected List criteriaWithoutValue; + + protected List> criteriaWithSingleValue; + + protected List> criteriaWithListValue; + + protected List> criteriaWithBetweenValue; + + protected Criteria() { + super(); + criteriaWithoutValue = new ArrayList(); + criteriaWithSingleValue = new ArrayList>(); + criteriaWithListValue = new ArrayList>(); + criteriaWithBetweenValue = new ArrayList>(); + } + + public boolean isValid() { + return criteriaWithoutValue.size() > 0 + || criteriaWithSingleValue.size() > 0 + || criteriaWithListValue.size() > 0 + || criteriaWithBetweenValue.size() > 0; + } + + public List getCriteriaWithoutValue() { + return criteriaWithoutValue; + } + + public List> getCriteriaWithSingleValue() { + return criteriaWithSingleValue; + } + + public List> getCriteriaWithListValue() { + return criteriaWithListValue; + } + + public List> getCriteriaWithBetweenValue() { + return criteriaWithBetweenValue; + } + + protected void addCriterion(String condition) { + if (condition == null) { + throw new RuntimeException("Value for condition cannot be null"); + } + criteriaWithoutValue.add(condition); + } + + protected void addCriterion(String condition, Object value, String property) { + if (value == null) { + throw new RuntimeException("Value for " + property + " cannot be null"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("value", value); + criteriaWithSingleValue.add(map); + } + + protected void addCriterion(String condition, List values, String property) { + if (values == null || values.size() == 0) { + throw new RuntimeException("Value list for " + property + " cannot be null or empty"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", values); + criteriaWithListValue.add(map); + } + + protected void addCriterion(String condition, Object value1, Object value2, String property) { + if (value1 == null || value2 == null) { + throw new RuntimeException("Between values for " + property + " cannot be null"); + } + List list = new ArrayList(); + list.add(value1); + list.add(value2); + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", list); + criteriaWithBetweenValue.add(map); + } + + public Criteria andIdIsNull() { + addCriterion("id is null"); + return this; + } + + public Criteria andIdIsNotNull() { + addCriterion("id is not null"); + return this; + } + + public Criteria andIdEqualTo(Long value) { + addCriterion("id =", value, "id"); + return this; + } + + public Criteria andIdNotEqualTo(Long value) { + addCriterion("id <>", value, "id"); + return this; + } + + public Criteria andIdGreaterThan(Long value) { + addCriterion("id >", value, "id"); + return this; + } + + public Criteria andIdGreaterThanOrEqualTo(Long value) { + addCriterion("id >=", value, "id"); + return this; + } + + public Criteria andIdLessThan(Long value) { + addCriterion("id <", value, "id"); + return this; + } + + public Criteria andIdLessThanOrEqualTo(Long value) { + addCriterion("id <=", value, "id"); + return this; + } + + public Criteria andIdIn(List values) { + addCriterion("id in", values, "id"); + return this; + } + + public Criteria andIdNotIn(List values) { + addCriterion("id not in", values, "id"); + return this; + } + + public Criteria andIdBetween(Long value1, Long value2) { + addCriterion("id between", value1, value2, "id"); + return this; + } + + public Criteria andIdNotBetween(Long value1, Long value2) { + addCriterion("id not between", value1, value2, "id"); + return this; + } + + public Criteria andUsernameIsNull() { + addCriterion("username is null"); + return this; + } + + public Criteria andUsernameIsNotNull() { + addCriterion("username is not null"); + return this; + } + + public Criteria andUsernameEqualTo(String value) { + addCriterion("username =", value, "username"); + return this; + } + + public Criteria andUsernameNotEqualTo(String value) { + addCriterion("username <>", value, "username"); + return this; + } + + public Criteria andUsernameGreaterThan(String value) { + addCriterion("username >", value, "username"); + return this; + } + + public Criteria andUsernameGreaterThanOrEqualTo(String value) { + addCriterion("username >=", value, "username"); + return this; + } + + public Criteria andUsernameLessThan(String value) { + addCriterion("username <", value, "username"); + return this; + } + + public Criteria andUsernameLessThanOrEqualTo(String value) { + addCriterion("username <=", value, "username"); + return this; + } + + public Criteria andUsernameLike(String value) { + addCriterion("username like", value, "username"); + return this; + } + + public Criteria andUsernameNotLike(String value) { + addCriterion("username not like", value, "username"); + return this; + } + + public Criteria andUsernameIn(List values) { + addCriterion("username in", values, "username"); + return this; + } + + public Criteria andUsernameNotIn(List values) { + addCriterion("username not in", values, "username"); + return this; + } + + public Criteria andUsernameBetween(String value1, String value2) { + addCriterion("username between", value1, value2, "username"); + return this; + } + + public Criteria andUsernameNotBetween(String value1, String value2) { + addCriterion("username not between", value1, value2, "username"); + return this; + } + + public Criteria andGroupnameIsNull() { + addCriterion("groupname is null"); + return this; + } + + public Criteria andGroupnameIsNotNull() { + addCriterion("groupname is not null"); + return this; + } + + public Criteria andGroupnameEqualTo(String value) { + addCriterion("groupname =", value, "groupname"); + return this; + } + + public Criteria andGroupnameNotEqualTo(String value) { + addCriterion("groupname <>", value, "groupname"); + return this; + } + + public Criteria andGroupnameGreaterThan(String value) { + addCriterion("groupname >", value, "groupname"); + return this; + } + + public Criteria andGroupnameGreaterThanOrEqualTo(String value) { + addCriterion("groupname >=", value, "groupname"); + return this; + } + + public Criteria andGroupnameLessThan(String value) { + addCriterion("groupname <", value, "groupname"); + return this; + } + + public Criteria andGroupnameLessThanOrEqualTo(String value) { + addCriterion("groupname <=", value, "groupname"); + return this; + } + + public Criteria andGroupnameLike(String value) { + addCriterion("groupname like", value, "groupname"); + return this; + } + + public Criteria andGroupnameNotLike(String value) { + addCriterion("groupname not like", value, "groupname"); + return this; + } + + public Criteria andGroupnameIn(List values) { + addCriterion("groupname in", values, "groupname"); + return this; + } + + public Criteria andGroupnameNotIn(List values) { + addCriterion("groupname not in", values, "groupname"); + return this; + } + + public Criteria andGroupnameBetween(String value1, String value2) { + addCriterion("groupname between", value1, value2, "groupname"); + return this; + } + + public Criteria andGroupnameNotBetween(String value1, String value2) { + addCriterion("groupname not between", value1, value2, "groupname"); + return this; + } + + public Criteria andPriorityIsNull() { + addCriterion("priority is null"); + return this; + } + + public Criteria andPriorityIsNotNull() { + addCriterion("priority is not null"); + return this; + } + + public Criteria andPriorityEqualTo(Integer value) { + addCriterion("priority =", value, "priority"); + return this; + } + + public Criteria andPriorityNotEqualTo(Integer value) { + addCriterion("priority <>", value, "priority"); + return this; + } + + public Criteria andPriorityGreaterThan(Integer value) { + addCriterion("priority >", value, "priority"); + return this; + } + + public Criteria andPriorityGreaterThanOrEqualTo(Integer value) { + addCriterion("priority >=", value, "priority"); + return this; + } + + public Criteria andPriorityLessThan(Integer value) { + addCriterion("priority <", value, "priority"); + return this; + } + + public Criteria andPriorityLessThanOrEqualTo(Integer value) { + addCriterion("priority <=", value, "priority"); + return this; + } + + public Criteria andPriorityIn(List values) { + addCriterion("priority in", values, "priority"); + return this; + } + + public Criteria andPriorityNotIn(List values) { + addCriterion("priority not in", values, "priority"); + return this; + } + + public Criteria andPriorityBetween(Integer value1, Integer value2) { + addCriterion("priority between", value1, value2, "priority"); + return this; + } + + public Criteria andPriorityNotBetween(Integer value1, Integer value2) { + addCriterion("priority not between", value1, value2, "priority"); + return this; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedNAS.java b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedNAS.java new file mode 100644 index 0000000..caa1a27 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedNAS.java @@ -0,0 +1,113 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; +import com.coova.dal.SynchronizedRecord; + +public class SynchronizedNAS extends NAS implements SynchronizedRecord { + + public SynchronizedNAS(NAS o) { + super.setId(o.getId()); + super.setNasname(o.getNasname()); + super.setNastype(o.getNastype()); + super.setCalledstationid(o.getCalledstationid()); + super.setShortname(o.getShortname()); + super.setPorts(o.getPorts()); + super.setSecret(o.getSecret()); + super.setCommunity(o.getCommunity()); + super.setDescription(o.getDescription()); + super.setLatitude(o.getLatitude()); + super.setLongitude(o.getLongitude()); + } + + public synchronized Long getId() { + return super.getId(); + } + + public synchronized void setId(Long id) { + super.setId(id); + } + + public synchronized String getNasname() { + return super.getNasname(); + } + + public synchronized void setNasname(String nasname) { + super.setNasname(nasname); + } + + public synchronized String getNastype() { + return super.getNastype(); + } + + public synchronized void setNastype(String nastype) { + super.setNastype(nastype); + } + + public synchronized String getCalledstationid() { + return super.getCalledstationid(); + } + + public synchronized void setCalledstationid(String calledstationid) { + super.setCalledstationid(calledstationid); + } + + public synchronized String getShortname() { + return super.getShortname(); + } + + public synchronized void setShortname(String shortname) { + super.setShortname(shortname); + } + + public synchronized Integer getPorts() { + return super.getPorts(); + } + + public synchronized void setPorts(Integer ports) { + super.setPorts(ports); + } + + public synchronized String getSecret() { + return super.getSecret(); + } + + public synchronized void setSecret(String secret) { + super.setSecret(secret); + } + + public synchronized String getCommunity() { + return super.getCommunity(); + } + + public synchronized void setCommunity(String community) { + super.setCommunity(community); + } + + public synchronized String getDescription() { + return super.getDescription(); + } + + public synchronized void setDescription(String description) { + super.setDescription(description); + } + + public synchronized Double getLatitude() { + return super.getLatitude(); + } + + public synchronized void setLatitude(Double latitude) { + super.setLatitude(latitude); + } + + public synchronized Double getLongitude() { + return super.getLongitude(); + } + + public synchronized void setLongitude(Double longitude) { + super.setLongitude(longitude); + } + + public Record synchronizedRecord() { + return this; + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadAcct.java b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadAcct.java new file mode 100644 index 0000000..fcb205c --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadAcct.java @@ -0,0 +1,249 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; +import com.coova.dal.SynchronizedRecord; +import java.util.Date; + +public class SynchronizedRadAcct extends RadAcct implements SynchronizedRecord { + + public SynchronizedRadAcct(RadAcct o) { + super.setId(o.getId()); + super.setAcctsessionid(o.getAcctsessionid()); + super.setAcctuniqueid(o.getAcctuniqueid()); + super.setUsername(o.getUsername()); + super.setGroupname(o.getGroupname()); + super.setRealm(o.getRealm()); + super.setNasipaddress(o.getNasipaddress()); + super.setNasportid(o.getNasportid()); + super.setNasporttype(o.getNasporttype()); + super.setAcctstarttime(o.getAcctstarttime()); + super.setAcctstoptime(o.getAcctstoptime()); + super.setAcctsessiontime(o.getAcctsessiontime()); + super.setAcctauthentic(o.getAcctauthentic()); + super.setConnectinfoStart(o.getConnectinfoStart()); + super.setConnectinfoStop(o.getConnectinfoStop()); + super.setAcctinputoctets(o.getAcctinputoctets()); + super.setAcctoutputoctets(o.getAcctoutputoctets()); + super.setCalledstationid(o.getCalledstationid()); + super.setCallingstationid(o.getCallingstationid()); + super.setAcctterminatecause(o.getAcctterminatecause()); + super.setServicetype(o.getServicetype()); + super.setFramedprotocol(o.getFramedprotocol()); + super.setFramedipaddress(o.getFramedipaddress()); + super.setAcctstartdelay(o.getAcctstartdelay()); + super.setAcctstopdelay(o.getAcctstopdelay()); + super.setXascendsessionsvrkey(o.getXascendsessionsvrkey()); + } + + public synchronized Long getId() { + return super.getId(); + } + + public synchronized void setId(Long id) { + super.setId(id); + } + + public synchronized String getAcctsessionid() { + return super.getAcctsessionid(); + } + + public synchronized void setAcctsessionid(String acctsessionid) { + super.setAcctsessionid(acctsessionid); + } + + public synchronized String getAcctuniqueid() { + return super.getAcctuniqueid(); + } + + public synchronized void setAcctuniqueid(String acctuniqueid) { + super.setAcctuniqueid(acctuniqueid); + } + + public synchronized String getUsername() { + return super.getUsername(); + } + + public synchronized void setUsername(String username) { + super.setUsername(username); + } + + public synchronized String getGroupname() { + return super.getGroupname(); + } + + public synchronized void setGroupname(String groupname) { + super.setGroupname(groupname); + } + + public synchronized String getRealm() { + return super.getRealm(); + } + + public synchronized void setRealm(String realm) { + super.setRealm(realm); + } + + public synchronized String getNasipaddress() { + return super.getNasipaddress(); + } + + public synchronized void setNasipaddress(String nasipaddress) { + super.setNasipaddress(nasipaddress); + } + + public synchronized String getNasportid() { + return super.getNasportid(); + } + + public synchronized void setNasportid(String nasportid) { + super.setNasportid(nasportid); + } + + public synchronized String getNasporttype() { + return super.getNasporttype(); + } + + public synchronized void setNasporttype(String nasporttype) { + super.setNasporttype(nasporttype); + } + + public synchronized Date getAcctstarttime() { + return super.getAcctstarttime(); + } + + public synchronized void setAcctstarttime(Date acctstarttime) { + super.setAcctstarttime(acctstarttime); + } + + public synchronized Date getAcctstoptime() { + return super.getAcctstoptime(); + } + + public synchronized void setAcctstoptime(Date acctstoptime) { + super.setAcctstoptime(acctstoptime); + } + + public synchronized Integer getAcctsessiontime() { + return super.getAcctsessiontime(); + } + + public synchronized void setAcctsessiontime(Integer acctsessiontime) { + super.setAcctsessiontime(acctsessiontime); + } + + public synchronized String getAcctauthentic() { + return super.getAcctauthentic(); + } + + public synchronized void setAcctauthentic(String acctauthentic) { + super.setAcctauthentic(acctauthentic); + } + + public synchronized String getConnectinfoStart() { + return super.getConnectinfoStart(); + } + + public synchronized void setConnectinfoStart(String connectinfoStart) { + super.setConnectinfoStart(connectinfoStart); + } + + public synchronized String getConnectinfoStop() { + return super.getConnectinfoStop(); + } + + public synchronized void setConnectinfoStop(String connectinfoStop) { + super.setConnectinfoStop(connectinfoStop); + } + + public synchronized Long getAcctinputoctets() { + return super.getAcctinputoctets(); + } + + public synchronized void setAcctinputoctets(Long acctinputoctets) { + super.setAcctinputoctets(acctinputoctets); + } + + public synchronized Long getAcctoutputoctets() { + return super.getAcctoutputoctets(); + } + + public synchronized void setAcctoutputoctets(Long acctoutputoctets) { + super.setAcctoutputoctets(acctoutputoctets); + } + + public synchronized String getCalledstationid() { + return super.getCalledstationid(); + } + + public synchronized void setCalledstationid(String calledstationid) { + super.setCalledstationid(calledstationid); + } + + public synchronized String getCallingstationid() { + return super.getCallingstationid(); + } + + public synchronized void setCallingstationid(String callingstationid) { + super.setCallingstationid(callingstationid); + } + + public synchronized String getAcctterminatecause() { + return super.getAcctterminatecause(); + } + + public synchronized void setAcctterminatecause(String acctterminatecause) { + super.setAcctterminatecause(acctterminatecause); + } + + public synchronized String getServicetype() { + return super.getServicetype(); + } + + public synchronized void setServicetype(String servicetype) { + super.setServicetype(servicetype); + } + + public synchronized String getFramedprotocol() { + return super.getFramedprotocol(); + } + + public synchronized void setFramedprotocol(String framedprotocol) { + super.setFramedprotocol(framedprotocol); + } + + public synchronized String getFramedipaddress() { + return super.getFramedipaddress(); + } + + public synchronized void setFramedipaddress(String framedipaddress) { + super.setFramedipaddress(framedipaddress); + } + + public synchronized Integer getAcctstartdelay() { + return super.getAcctstartdelay(); + } + + public synchronized void setAcctstartdelay(Integer acctstartdelay) { + super.setAcctstartdelay(acctstartdelay); + } + + public synchronized Integer getAcctstopdelay() { + return super.getAcctstopdelay(); + } + + public synchronized void setAcctstopdelay(Integer acctstopdelay) { + super.setAcctstopdelay(acctstopdelay); + } + + public synchronized String getXascendsessionsvrkey() { + return super.getXascendsessionsvrkey(); + } + + public synchronized void setXascendsessionsvrkey(String xascendsessionsvrkey) { + super.setXascendsessionsvrkey(xascendsessionsvrkey); + } + + public Record synchronizedRecord() { + return this; + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadCheck.java b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadCheck.java new file mode 100644 index 0000000..f5f2517 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadCheck.java @@ -0,0 +1,59 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; +import com.coova.dal.SynchronizedRecord; + +public class SynchronizedRadCheck extends RadCheck implements SynchronizedRecord { + + public SynchronizedRadCheck(RadCheck o) { + super.setId(o.getId()); + super.setUsername(o.getUsername()); + super.setAttribute(o.getAttribute()); + super.setOp(o.getOp()); + super.setValue(o.getValue()); + } + + public synchronized Long getId() { + return super.getId(); + } + + public synchronized void setId(Long id) { + super.setId(id); + } + + public synchronized String getUsername() { + return super.getUsername(); + } + + public synchronized void setUsername(String username) { + super.setUsername(username); + } + + public synchronized String getAttribute() { + return super.getAttribute(); + } + + public synchronized void setAttribute(String attribute) { + super.setAttribute(attribute); + } + + public synchronized String getOp() { + return super.getOp(); + } + + public synchronized void setOp(String op) { + super.setOp(op); + } + + public synchronized String getValue() { + return super.getValue(); + } + + public synchronized void setValue(String value) { + super.setValue(value); + } + + public Record synchronizedRecord() { + return this; + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadGroupCheck.java b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadGroupCheck.java new file mode 100644 index 0000000..7aecaa9 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadGroupCheck.java @@ -0,0 +1,59 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; +import com.coova.dal.SynchronizedRecord; + +public class SynchronizedRadGroupCheck extends RadGroupCheck implements SynchronizedRecord { + + public SynchronizedRadGroupCheck(RadGroupCheck o) { + super.setId(o.getId()); + super.setGroupname(o.getGroupname()); + super.setAttribute(o.getAttribute()); + super.setOp(o.getOp()); + super.setValue(o.getValue()); + } + + public synchronized Long getId() { + return super.getId(); + } + + public synchronized void setId(Long id) { + super.setId(id); + } + + public synchronized String getGroupname() { + return super.getGroupname(); + } + + public synchronized void setGroupname(String groupname) { + super.setGroupname(groupname); + } + + public synchronized String getAttribute() { + return super.getAttribute(); + } + + public synchronized void setAttribute(String attribute) { + super.setAttribute(attribute); + } + + public synchronized String getOp() { + return super.getOp(); + } + + public synchronized void setOp(String op) { + super.setOp(op); + } + + public synchronized String getValue() { + return super.getValue(); + } + + public synchronized void setValue(String value) { + super.setValue(value); + } + + public Record synchronizedRecord() { + return this; + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadGroupReply.java b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadGroupReply.java new file mode 100644 index 0000000..1330243 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadGroupReply.java @@ -0,0 +1,59 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; +import com.coova.dal.SynchronizedRecord; + +public class SynchronizedRadGroupReply extends RadGroupReply implements SynchronizedRecord { + + public SynchronizedRadGroupReply(RadGroupReply o) { + super.setId(o.getId()); + super.setGroupname(o.getGroupname()); + super.setAttribute(o.getAttribute()); + super.setOp(o.getOp()); + super.setValue(o.getValue()); + } + + public synchronized Long getId() { + return super.getId(); + } + + public synchronized void setId(Long id) { + super.setId(id); + } + + public synchronized String getGroupname() { + return super.getGroupname(); + } + + public synchronized void setGroupname(String groupname) { + super.setGroupname(groupname); + } + + public synchronized String getAttribute() { + return super.getAttribute(); + } + + public synchronized void setAttribute(String attribute) { + super.setAttribute(attribute); + } + + public synchronized String getOp() { + return super.getOp(); + } + + public synchronized void setOp(String op) { + super.setOp(op); + } + + public synchronized String getValue() { + return super.getValue(); + } + + public synchronized void setValue(String value) { + super.setValue(value); + } + + public Record synchronizedRecord() { + return this; + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadIPPool.java b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadIPPool.java new file mode 100644 index 0000000..4f5c824 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadIPPool.java @@ -0,0 +1,96 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; +import com.coova.dal.SynchronizedRecord; +import java.util.Date; + +public class SynchronizedRadIPPool extends RadIPPool implements SynchronizedRecord { + + public SynchronizedRadIPPool(RadIPPool o) { + super.setId(o.getId()); + super.setPoolName(o.getPoolName()); + super.setFramedipaddress(o.getFramedipaddress()); + super.setNasipaddress(o.getNasipaddress()); + super.setCalledstationid(o.getCalledstationid()); + super.setCallingstationid(o.getCallingstationid()); + super.setExpiryTime(o.getExpiryTime()); + super.setUsername(o.getUsername()); + super.setPoolKey(o.getPoolKey()); + } + + public synchronized Long getId() { + return super.getId(); + } + + public synchronized void setId(Long id) { + super.setId(id); + } + + public synchronized String getPoolName() { + return super.getPoolName(); + } + + public synchronized void setPoolName(String poolName) { + super.setPoolName(poolName); + } + + public synchronized String getFramedipaddress() { + return super.getFramedipaddress(); + } + + public synchronized void setFramedipaddress(String framedipaddress) { + super.setFramedipaddress(framedipaddress); + } + + public synchronized String getNasipaddress() { + return super.getNasipaddress(); + } + + public synchronized void setNasipaddress(String nasipaddress) { + super.setNasipaddress(nasipaddress); + } + + public synchronized String getCalledstationid() { + return super.getCalledstationid(); + } + + public synchronized void setCalledstationid(String calledstationid) { + super.setCalledstationid(calledstationid); + } + + public synchronized String getCallingstationid() { + return super.getCallingstationid(); + } + + public synchronized void setCallingstationid(String callingstationid) { + super.setCallingstationid(callingstationid); + } + + public synchronized Date getExpiryTime() { + return super.getExpiryTime(); + } + + public synchronized void setExpiryTime(Date expiryTime) { + super.setExpiryTime(expiryTime); + } + + public synchronized String getUsername() { + return super.getUsername(); + } + + public synchronized void setUsername(String username) { + super.setUsername(username); + } + + public synchronized String getPoolKey() { + return super.getPoolKey(); + } + + public synchronized void setPoolKey(String poolKey) { + super.setPoolKey(poolKey); + } + + public Record synchronizedRecord() { + return this; + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadPostAuth.java b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadPostAuth.java new file mode 100644 index 0000000..2268e01 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadPostAuth.java @@ -0,0 +1,60 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; +import com.coova.dal.SynchronizedRecord; +import java.util.Date; + +public class SynchronizedRadPostAuth extends RadPostAuth implements SynchronizedRecord { + + public SynchronizedRadPostAuth(RadPostAuth o) { + super.setId(o.getId()); + super.setUsername(o.getUsername()); + super.setPass(o.getPass()); + super.setReply(o.getReply()); + super.setAuthdate(o.getAuthdate()); + } + + public synchronized Long getId() { + return super.getId(); + } + + public synchronized void setId(Long id) { + super.setId(id); + } + + public synchronized String getUsername() { + return super.getUsername(); + } + + public synchronized void setUsername(String username) { + super.setUsername(username); + } + + public synchronized String getPass() { + return super.getPass(); + } + + public synchronized void setPass(String pass) { + super.setPass(pass); + } + + public synchronized String getReply() { + return super.getReply(); + } + + public synchronized void setReply(String reply) { + super.setReply(reply); + } + + public synchronized Date getAuthdate() { + return super.getAuthdate(); + } + + public synchronized void setAuthdate(Date authdate) { + super.setAuthdate(authdate); + } + + public Record synchronizedRecord() { + return this; + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadReply.java b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadReply.java new file mode 100644 index 0000000..dfcda6c --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadReply.java @@ -0,0 +1,59 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; +import com.coova.dal.SynchronizedRecord; + +public class SynchronizedRadReply extends RadReply implements SynchronizedRecord { + + public SynchronizedRadReply(RadReply o) { + super.setId(o.getId()); + super.setUsername(o.getUsername()); + super.setAttribute(o.getAttribute()); + super.setOp(o.getOp()); + super.setValue(o.getValue()); + } + + public synchronized Long getId() { + return super.getId(); + } + + public synchronized void setId(Long id) { + super.setId(id); + } + + public synchronized String getUsername() { + return super.getUsername(); + } + + public synchronized void setUsername(String username) { + super.setUsername(username); + } + + public synchronized String getAttribute() { + return super.getAttribute(); + } + + public synchronized void setAttribute(String attribute) { + super.setAttribute(attribute); + } + + public synchronized String getOp() { + return super.getOp(); + } + + public synchronized void setOp(String op) { + super.setOp(op); + } + + public synchronized String getValue() { + return super.getValue(); + } + + public synchronized void setValue(String value) { + super.setValue(value); + } + + public Record synchronizedRecord() { + return this; + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadUserGroup.java b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadUserGroup.java new file mode 100644 index 0000000..868aae6 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedRadUserGroup.java @@ -0,0 +1,50 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; +import com.coova.dal.SynchronizedRecord; + +public class SynchronizedRadUserGroup extends RadUserGroup implements SynchronizedRecord { + + public SynchronizedRadUserGroup(RadUserGroup o) { + super.setId(o.getId()); + super.setUsername(o.getUsername()); + super.setGroupname(o.getGroupname()); + super.setPriority(o.getPriority()); + } + + public synchronized Long getId() { + return super.getId(); + } + + public synchronized void setId(Long id) { + super.setId(id); + } + + public synchronized String getUsername() { + return super.getUsername(); + } + + public synchronized void setUsername(String username) { + super.setUsername(username); + } + + public synchronized String getGroupname() { + return super.getGroupname(); + } + + public synchronized void setGroupname(String groupname) { + super.setGroupname(groupname); + } + + public synchronized Integer getPriority() { + return super.getPriority(); + } + + public synchronized void setPriority(Integer priority) { + super.setPriority(priority); + } + + public Record synchronizedRecord() { + return this; + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedUIHelp.java b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedUIHelp.java new file mode 100644 index 0000000..8be4689 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/SynchronizedUIHelp.java @@ -0,0 +1,41 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; +import com.coova.dal.SynchronizedRecord; + +public class SynchronizedUIHelp extends UIHelp implements SynchronizedRecord { + + public SynchronizedUIHelp(UIHelp o) { + super.setId(o.getId()); + super.setKeyid(o.getKeyid()); + super.setHelptext(o.getHelptext()); + } + + public synchronized Long getId() { + return super.getId(); + } + + public synchronized void setId(Long id) { + super.setId(id); + } + + public synchronized String getKeyid() { + return super.getKeyid(); + } + + public synchronized void setKeyid(String keyid) { + super.setKeyid(keyid); + } + + public synchronized String getHelptext() { + return super.getHelptext(); + } + + public synchronized void setHelptext(String helptext) { + super.setHelptext(helptext); + } + + public Record synchronizedRecord() { + return this; + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/UIHelp.java b/extensions/dal/src/main/java/net/jradius/dal/model/UIHelp.java new file mode 100644 index 0000000..40eb375 --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/UIHelp.java @@ -0,0 +1,105 @@ +package net.jradius.dal.model; + +import com.coova.dal.Record; + +public class UIHelp extends Record { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column uihelp.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private Long id; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column uihelp.keyid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String keyid; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database column uihelp.helptext + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + private String helptext; + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column uihelp.id + * + * @return the value of uihelp.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Long getId() { + return id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column uihelp.id + * + * @param id the value for uihelp.id + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setId(Long id) { + this.id = id; + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column uihelp.keyid + * + * @return the value of uihelp.keyid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getKeyid() { + return keyid; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column uihelp.keyid + * + * @param keyid the value for uihelp.keyid + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setKeyid(String keyid) { + this.keyid = keyid == null ? null : keyid.trim(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method returns the value of the database column uihelp.helptext + * + * @return the value of uihelp.helptext + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getHelptext() { + return helptext; + } + + /** + * This method was generated by Abator for iBATIS. + * This method sets the value of the database column uihelp.helptext + * + * @param helptext the value for uihelp.helptext + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setHelptext(String helptext) { + this.helptext = helptext == null ? null : helptext.trim(); + } + + public Record synchronizedRecord() { + return new SynchronizedUIHelp(this); + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/java/net/jradius/dal/model/UIHelpExample.java b/extensions/dal/src/main/java/net/jradius/dal/model/UIHelpExample.java new file mode 100644 index 0000000..911819a --- /dev/null +++ b/extensions/dal/src/main/java/net/jradius/dal/model/UIHelpExample.java @@ -0,0 +1,442 @@ +package net.jradius.dal.model; + +import com.coova.dal.Example; +import com.coova.dal.ExampleCriteria; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class UIHelpExample extends Example { + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected String orderByClause; + + protected Integer startRow; + + protected Integer rowCount; + + /** + * This field was generated by Abator for iBATIS. + * This field corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected List oredCriteria; + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public UIHelpExample() { + oredCriteria = new ArrayList(); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected UIHelpExample(UIHelpExample example) { + this.orderByClause = example.orderByClause; + this.oredCriteria = example.oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void setOrderByClause(String orderByClause) { + this.orderByClause = orderByClause; + } + + public void setStartRow(Integer startRow) { + this.startRow = startRow; + } + + public void setRowCount(Integer rowCount) { + this.rowCount = rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public String getOrderByClause() { + return orderByClause; + } + + public Integer getStartRow() { + return startRow; + } + + public Integer getRowCount() { + return rowCount; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public List getOredCriteria() { + return oredCriteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void or(Criteria criteria) { + oredCriteria.add(criteria); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria createCriteria() { + Criteria criteria = createCriteriaInternal(); + if (oredCriteria.size() == 0) { + oredCriteria.add(criteria); + } + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public Criteria appendCriteria() { + if (oredCriteria.size() == 0) { + return createCriteria(); + } + return oredCriteria.get(0); + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + protected Criteria createCriteriaInternal() { + Criteria criteria = new Criteria(); + return criteria; + } + + /** + * This method was generated by Abator for iBATIS. + * This method corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public void clear() { + oredCriteria.clear(); + } + + /** + * This class was generated by Abator for iBATIS. + * This class corresponds to the database table uihelp + * + * @abatorgenerated Wed Sep 10 13:54:28 CEST 2008 + */ + public static class Criteria extends ExampleCriteria { + protected List criteriaWithoutValue; + + protected List> criteriaWithSingleValue; + + protected List> criteriaWithListValue; + + protected List> criteriaWithBetweenValue; + + protected Criteria() { + super(); + criteriaWithoutValue = new ArrayList(); + criteriaWithSingleValue = new ArrayList>(); + criteriaWithListValue = new ArrayList>(); + criteriaWithBetweenValue = new ArrayList>(); + } + + public boolean isValid() { + return criteriaWithoutValue.size() > 0 + || criteriaWithSingleValue.size() > 0 + || criteriaWithListValue.size() > 0 + || criteriaWithBetweenValue.size() > 0; + } + + public List getCriteriaWithoutValue() { + return criteriaWithoutValue; + } + + public List> getCriteriaWithSingleValue() { + return criteriaWithSingleValue; + } + + public List> getCriteriaWithListValue() { + return criteriaWithListValue; + } + + public List> getCriteriaWithBetweenValue() { + return criteriaWithBetweenValue; + } + + protected void addCriterion(String condition) { + if (condition == null) { + throw new RuntimeException("Value for condition cannot be null"); + } + criteriaWithoutValue.add(condition); + } + + protected void addCriterion(String condition, Object value, String property) { + if (value == null) { + throw new RuntimeException("Value for " + property + " cannot be null"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("value", value); + criteriaWithSingleValue.add(map); + } + + protected void addCriterion(String condition, List values, String property) { + if (values == null || values.size() == 0) { + throw new RuntimeException("Value list for " + property + " cannot be null or empty"); + } + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", values); + criteriaWithListValue.add(map); + } + + protected void addCriterion(String condition, Object value1, Object value2, String property) { + if (value1 == null || value2 == null) { + throw new RuntimeException("Between values for " + property + " cannot be null"); + } + List list = new ArrayList(); + list.add(value1); + list.add(value2); + Map map = new HashMap(); + map.put("condition", condition); + map.put("values", list); + criteriaWithBetweenValue.add(map); + } + + public Criteria andIdIsNull() { + addCriterion("id is null"); + return this; + } + + public Criteria andIdIsNotNull() { + addCriterion("id is not null"); + return this; + } + + public Criteria andIdEqualTo(Long value) { + addCriterion("id =", value, "id"); + return this; + } + + public Criteria andIdNotEqualTo(Long value) { + addCriterion("id <>", value, "id"); + return this; + } + + public Criteria andIdGreaterThan(Long value) { + addCriterion("id >", value, "id"); + return this; + } + + public Criteria andIdGreaterThanOrEqualTo(Long value) { + addCriterion("id >=", value, "id"); + return this; + } + + public Criteria andIdLessThan(Long value) { + addCriterion("id <", value, "id"); + return this; + } + + public Criteria andIdLessThanOrEqualTo(Long value) { + addCriterion("id <=", value, "id"); + return this; + } + + public Criteria andIdIn(List values) { + addCriterion("id in", values, "id"); + return this; + } + + public Criteria andIdNotIn(List values) { + addCriterion("id not in", values, "id"); + return this; + } + + public Criteria andIdBetween(Long value1, Long value2) { + addCriterion("id between", value1, value2, "id"); + return this; + } + + public Criteria andIdNotBetween(Long value1, Long value2) { + addCriterion("id not between", value1, value2, "id"); + return this; + } + + public Criteria andKeyidIsNull() { + addCriterion("keyid is null"); + return this; + } + + public Criteria andKeyidIsNotNull() { + addCriterion("keyid is not null"); + return this; + } + + public Criteria andKeyidEqualTo(String value) { + addCriterion("keyid =", value, "keyid"); + return this; + } + + public Criteria andKeyidNotEqualTo(String value) { + addCriterion("keyid <>", value, "keyid"); + return this; + } + + public Criteria andKeyidGreaterThan(String value) { + addCriterion("keyid >", value, "keyid"); + return this; + } + + public Criteria andKeyidGreaterThanOrEqualTo(String value) { + addCriterion("keyid >=", value, "keyid"); + return this; + } + + public Criteria andKeyidLessThan(String value) { + addCriterion("keyid <", value, "keyid"); + return this; + } + + public Criteria andKeyidLessThanOrEqualTo(String value) { + addCriterion("keyid <=", value, "keyid"); + return this; + } + + public Criteria andKeyidLike(String value) { + addCriterion("keyid like", value, "keyid"); + return this; + } + + public Criteria andKeyidNotLike(String value) { + addCriterion("keyid not like", value, "keyid"); + return this; + } + + public Criteria andKeyidIn(List values) { + addCriterion("keyid in", values, "keyid"); + return this; + } + + public Criteria andKeyidNotIn(List values) { + addCriterion("keyid not in", values, "keyid"); + return this; + } + + public Criteria andKeyidBetween(String value1, String value2) { + addCriterion("keyid between", value1, value2, "keyid"); + return this; + } + + public Criteria andKeyidNotBetween(String value1, String value2) { + addCriterion("keyid not between", value1, value2, "keyid"); + return this; + } + + public Criteria andHelptextIsNull() { + addCriterion("helptext is null"); + return this; + } + + public Criteria andHelptextIsNotNull() { + addCriterion("helptext is not null"); + return this; + } + + public Criteria andHelptextEqualTo(String value) { + addCriterion("helptext =", value, "helptext"); + return this; + } + + public Criteria andHelptextNotEqualTo(String value) { + addCriterion("helptext <>", value, "helptext"); + return this; + } + + public Criteria andHelptextGreaterThan(String value) { + addCriterion("helptext >", value, "helptext"); + return this; + } + + public Criteria andHelptextGreaterThanOrEqualTo(String value) { + addCriterion("helptext >=", value, "helptext"); + return this; + } + + public Criteria andHelptextLessThan(String value) { + addCriterion("helptext <", value, "helptext"); + return this; + } + + public Criteria andHelptextLessThanOrEqualTo(String value) { + addCriterion("helptext <=", value, "helptext"); + return this; + } + + public Criteria andHelptextLike(String value) { + addCriterion("helptext like", value, "helptext"); + return this; + } + + public Criteria andHelptextNotLike(String value) { + addCriterion("helptext not like", value, "helptext"); + return this; + } + + public Criteria andHelptextIn(List values) { + addCriterion("helptext in", values, "helptext"); + return this; + } + + public Criteria andHelptextNotIn(List values) { + addCriterion("helptext not in", values, "helptext"); + return this; + } + + public Criteria andHelptextBetween(String value1, String value2) { + addCriterion("helptext between", value1, value2, "helptext"); + return this; + } + + public Criteria andHelptextNotBetween(String value1, String value2) { + addCriterion("helptext not between", value1, value2, "helptext"); + return this; + } + } +} \ No newline at end of file diff --git a/extensions/dal/src/main/resources/net/jradius/dal/xml/nas_SqlMap.xml b/extensions/dal/src/main/resources/net/jradius/dal/xml/nas_SqlMap.xml new file mode 100644 index 0000000..07c12c9 --- /dev/null +++ b/extensions/dal/src/main/resources/net/jradius/dal/xml/nas_SqlMap.xml @@ -0,0 +1,249 @@ + + + + + + + + + + + + + + + + + + + + + + ( + + $oredCriteria[].criteriaWithoutValue[]$ + + + $oredCriteria[].criteriaWithSingleValue[].condition$ + #oredCriteria[].criteriaWithSingleValue[].value# + + + $oredCriteria[].criteriaWithListValue[].condition$ + + #oredCriteria[].criteriaWithListValue[].values[]# + + + + $oredCriteria[].criteriaWithBetweenValue[].condition$ + #oredCriteria[].criteriaWithBetweenValue[].values[0]# and + #oredCriteria[].criteriaWithBetweenValue[].values[1]# + + ) + + + + + + + + delete from nas + where id = #id:BIGINT# + + + + delete from nas + + + + + insert into nas (nasname, nastype, calledstationid, shortname, ports, secret, community, + description, latitude, longitude) + values (#nasname:VARCHAR#, #nastype:VARCHAR#, #calledstationid:VARCHAR#, #shortname:VARCHAR#, + #ports:INTEGER#, #secret:VARCHAR#, #community:VARCHAR#, #description:VARCHAR#, + #latitude:DOUBLE#, #longitude:DOUBLE#) + + SELECT LAST_INSERT_ID() + + + + + update nas + set nasname = #nasname:VARCHAR#, + nastype = #nastype:VARCHAR#, + calledstationid = #calledstationid:VARCHAR#, + shortname = #shortname:VARCHAR#, + ports = #ports:INTEGER#, + secret = #secret:VARCHAR#, + community = #community:VARCHAR#, + description = #description:VARCHAR#, + latitude = #latitude:DOUBLE#, + longitude = #longitude:DOUBLE# + where id = #id:BIGINT# + + + + update nas + + + nasname = #nasname:VARCHAR# + + + nastype = #nastype:VARCHAR# + + + calledstationid = #calledstationid:VARCHAR# + + + shortname = #shortname:VARCHAR# + + + ports = #ports:INTEGER# + + + secret = #secret:VARCHAR# + + + community = #community:VARCHAR# + + + description = #description:VARCHAR# + + + latitude = #latitude:DOUBLE# + + + longitude = #longitude:DOUBLE# + + + where id = #id:BIGINT# + + + + + update nas + + + id = #record.id:BIGINT# + + + nasname = #record.nasname:VARCHAR# + + + nastype = #record.nastype:VARCHAR# + + + calledstationid = #record.calledstationid:VARCHAR# + + + shortname = #record.shortname:VARCHAR# + + + ports = #record.ports:INTEGER# + + + secret = #record.secret:VARCHAR# + + + community = #record.community:VARCHAR# + + + description = #record.description:VARCHAR# + + + latitude = #record.latitude:DOUBLE# + + + longitude = #record.longitude:DOUBLE# + + + + + + + + + update nas + set id = #record.id:BIGINT#, + nasname = #record.nasname:VARCHAR#, + nastype = #record.nastype:VARCHAR#, + calledstationid = #record.calledstationid:VARCHAR#, + shortname = #record.shortname:VARCHAR#, + ports = #record.ports:INTEGER#, + secret = #record.secret:VARCHAR#, + community = #record.community:VARCHAR#, + description = #record.description:VARCHAR#, + latitude = #record.latitude:DOUBLE#, + longitude = #record.longitude:DOUBLE# + + + + + \ No newline at end of file diff --git a/extensions/dal/src/main/resources/net/jradius/dal/xml/radacct_SqlMap.xml b/extensions/dal/src/main/resources/net/jradius/dal/xml/radacct_SqlMap.xml new file mode 100644 index 0000000..ea3f346 --- /dev/null +++ b/extensions/dal/src/main/resources/net/jradius/dal/xml/radacct_SqlMap.xml @@ -0,0 +1,398 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ( + + $oredCriteria[].criteriaWithoutValue[]$ + + + $oredCriteria[].criteriaWithSingleValue[].condition$ + #oredCriteria[].criteriaWithSingleValue[].value# + + + $oredCriteria[].criteriaWithListValue[].condition$ + + #oredCriteria[].criteriaWithListValue[].values[]# + + + + $oredCriteria[].criteriaWithBetweenValue[].condition$ + #oredCriteria[].criteriaWithBetweenValue[].values[0]# and + #oredCriteria[].criteriaWithBetweenValue[].values[1]# + + ) + + + + + + + + delete from radacct + where id = #id:BIGINT# + + + + delete from radacct + + + + + insert into radacct (acctsessionid, acctuniqueid, username, groupname, realm, nasipaddress, + nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, + connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, + callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, + acctstartdelay, acctstopdelay, xascendsessionsvrkey) + values (#acctsessionid:VARCHAR#, #acctuniqueid:VARCHAR#, #username:VARCHAR#, + #groupname:VARCHAR#, #realm:VARCHAR#, #nasipaddress:VARCHAR#, #nasportid:VARCHAR#, + #nasporttype:VARCHAR#, #acctstarttime:TIMESTAMP#, #acctstoptime:TIMESTAMP#, + #acctsessiontime:INTEGER#, #acctauthentic:VARCHAR#, #connectinfoStart:VARCHAR#, + #connectinfoStop:VARCHAR#, #acctinputoctets:BIGINT#, #acctoutputoctets:BIGINT#, + #calledstationid:VARCHAR#, #callingstationid:VARCHAR#, #acctterminatecause:VARCHAR#, + #servicetype:VARCHAR#, #framedprotocol:VARCHAR#, #framedipaddress:VARCHAR#, + #acctstartdelay:INTEGER#, #acctstopdelay:INTEGER#, #xascendsessionsvrkey:VARCHAR#) + + SELECT LAST_INSERT_ID() + + + + + update radacct + set acctsessionid = #acctsessionid:VARCHAR#, + acctuniqueid = #acctuniqueid:VARCHAR#, + username = #username:VARCHAR#, + groupname = #groupname:VARCHAR#, + realm = #realm:VARCHAR#, + nasipaddress = #nasipaddress:VARCHAR#, + nasportid = #nasportid:VARCHAR#, + nasporttype = #nasporttype:VARCHAR#, + acctstarttime = #acctstarttime:TIMESTAMP#, + acctstoptime = #acctstoptime:TIMESTAMP#, + acctsessiontime = #acctsessiontime:INTEGER#, + acctauthentic = #acctauthentic:VARCHAR#, + connectinfo_start = #connectinfoStart:VARCHAR#, + connectinfo_stop = #connectinfoStop:VARCHAR#, + acctinputoctets = #acctinputoctets:BIGINT#, + acctoutputoctets = #acctoutputoctets:BIGINT#, + calledstationid = #calledstationid:VARCHAR#, + callingstationid = #callingstationid:VARCHAR#, + acctterminatecause = #acctterminatecause:VARCHAR#, + servicetype = #servicetype:VARCHAR#, + framedprotocol = #framedprotocol:VARCHAR#, + framedipaddress = #framedipaddress:VARCHAR#, + acctstartdelay = #acctstartdelay:INTEGER#, + acctstopdelay = #acctstopdelay:INTEGER#, + xascendsessionsvrkey = #xascendsessionsvrkey:VARCHAR# + where id = #id:BIGINT# + + + + update radacct + + + acctsessionid = #acctsessionid:VARCHAR# + + + acctuniqueid = #acctuniqueid:VARCHAR# + + + username = #username:VARCHAR# + + + groupname = #groupname:VARCHAR# + + + realm = #realm:VARCHAR# + + + nasipaddress = #nasipaddress:VARCHAR# + + + nasportid = #nasportid:VARCHAR# + + + nasporttype = #nasporttype:VARCHAR# + + + acctstarttime = #acctstarttime:TIMESTAMP# + + + acctstoptime = #acctstoptime:TIMESTAMP# + + + acctsessiontime = #acctsessiontime:INTEGER# + + + acctauthentic = #acctauthentic:VARCHAR# + + + connectinfo_start = #connectinfoStart:VARCHAR# + + + connectinfo_stop = #connectinfoStop:VARCHAR# + + + acctinputoctets = #acctinputoctets:BIGINT# + + + acctoutputoctets = #acctoutputoctets:BIGINT# + + + calledstationid = #calledstationid:VARCHAR# + + + callingstationid = #callingstationid:VARCHAR# + + + acctterminatecause = #acctterminatecause:VARCHAR# + + + servicetype = #servicetype:VARCHAR# + + + framedprotocol = #framedprotocol:VARCHAR# + + + framedipaddress = #framedipaddress:VARCHAR# + + + acctstartdelay = #acctstartdelay:INTEGER# + + + acctstopdelay = #acctstopdelay:INTEGER# + + + xascendsessionsvrkey = #xascendsessionsvrkey:VARCHAR# + + + where id = #id:BIGINT# + + + + + update radacct + + + id = #record.id:BIGINT# + + + acctsessionid = #record.acctsessionid:VARCHAR# + + + acctuniqueid = #record.acctuniqueid:VARCHAR# + + + username = #record.username:VARCHAR# + + + groupname = #record.groupname:VARCHAR# + + + realm = #record.realm:VARCHAR# + + + nasipaddress = #record.nasipaddress:VARCHAR# + + + nasportid = #record.nasportid:VARCHAR# + + + nasporttype = #record.nasporttype:VARCHAR# + + + acctstarttime = #record.acctstarttime:TIMESTAMP# + + + acctstoptime = #record.acctstoptime:TIMESTAMP# + + + acctsessiontime = #record.acctsessiontime:INTEGER# + + + acctauthentic = #record.acctauthentic:VARCHAR# + + + connectinfo_start = #record.connectinfoStart:VARCHAR# + + + connectinfo_stop = #record.connectinfoStop:VARCHAR# + + + acctinputoctets = #record.acctinputoctets:BIGINT# + + + acctoutputoctets = #record.acctoutputoctets:BIGINT# + + + calledstationid = #record.calledstationid:VARCHAR# + + + callingstationid = #record.callingstationid:VARCHAR# + + + acctterminatecause = #record.acctterminatecause:VARCHAR# + + + servicetype = #record.servicetype:VARCHAR# + + + framedprotocol = #record.framedprotocol:VARCHAR# + + + framedipaddress = #record.framedipaddress:VARCHAR# + + + acctstartdelay = #record.acctstartdelay:INTEGER# + + + acctstopdelay = #record.acctstopdelay:INTEGER# + + + xascendsessionsvrkey = #record.xascendsessionsvrkey:VARCHAR# + + + + + + + + + update radacct + set id = #record.id:BIGINT#, + acctsessionid = #record.acctsessionid:VARCHAR#, + acctuniqueid = #record.acctuniqueid:VARCHAR#, + username = #record.username:VARCHAR#, + groupname = #record.groupname:VARCHAR#, + realm = #record.realm:VARCHAR#, + nasipaddress = #record.nasipaddress:VARCHAR#, + nasportid = #record.nasportid:VARCHAR#, + nasporttype = #record.nasporttype:VARCHAR#, + acctstarttime = #record.acctstarttime:TIMESTAMP#, + acctstoptime = #record.acctstoptime:TIMESTAMP#, + acctsessiontime = #record.acctsessiontime:INTEGER#, + acctauthentic = #record.acctauthentic:VARCHAR#, + connectinfo_start = #record.connectinfoStart:VARCHAR#, + connectinfo_stop = #record.connectinfoStop:VARCHAR#, + acctinputoctets = #record.acctinputoctets:BIGINT#, + acctoutputoctets = #record.acctoutputoctets:BIGINT#, + calledstationid = #record.calledstationid:VARCHAR#, + callingstationid = #record.callingstationid:VARCHAR#, + acctterminatecause = #record.acctterminatecause:VARCHAR#, + servicetype = #record.servicetype:VARCHAR#, + framedprotocol = #record.framedprotocol:VARCHAR#, + framedipaddress = #record.framedipaddress:VARCHAR#, + acctstartdelay = #record.acctstartdelay:INTEGER#, + acctstopdelay = #record.acctstopdelay:INTEGER#, + xascendsessionsvrkey = #record.xascendsessionsvrkey:VARCHAR# + + + + + \ No newline at end of file diff --git a/extensions/dal/src/main/resources/net/jradius/dal/xml/radcheck_SqlMap.xml b/extensions/dal/src/main/resources/net/jradius/dal/xml/radcheck_SqlMap.xml new file mode 100644 index 0000000..9184116 --- /dev/null +++ b/extensions/dal/src/main/resources/net/jradius/dal/xml/radcheck_SqlMap.xml @@ -0,0 +1,190 @@ + + + + + + + + + + + + + + + + ( + + $oredCriteria[].criteriaWithoutValue[]$ + + + $oredCriteria[].criteriaWithSingleValue[].condition$ + #oredCriteria[].criteriaWithSingleValue[].value# + + + $oredCriteria[].criteriaWithListValue[].condition$ + + #oredCriteria[].criteriaWithListValue[].values[]# + + + + $oredCriteria[].criteriaWithBetweenValue[].condition$ + #oredCriteria[].criteriaWithBetweenValue[].values[0]# and + #oredCriteria[].criteriaWithBetweenValue[].values[1]# + + ) + + + + + + + + delete from radcheck + where id = #id:BIGINT# + + + + delete from radcheck + + + + + insert into radcheck (username, attribute, op, value) + values (#username:VARCHAR#, #attribute:VARCHAR#, #op:CHAR#, #value:VARCHAR#) + + SELECT LAST_INSERT_ID() + + + + + update radcheck + set username = #username:VARCHAR#, + attribute = #attribute:VARCHAR#, + op = #op:CHAR#, + value = #value:VARCHAR# + where id = #id:BIGINT# + + + + update radcheck + + + username = #username:VARCHAR# + + + attribute = #attribute:VARCHAR# + + + op = #op:CHAR# + + + value = #value:VARCHAR# + + + where id = #id:BIGINT# + + + + + update radcheck + + + id = #record.id:BIGINT# + + + username = #record.username:VARCHAR# + + + attribute = #record.attribute:VARCHAR# + + + op = #record.op:CHAR# + + + value = #record.value:VARCHAR# + + + + + + + + + update radcheck + set id = #record.id:BIGINT#, + username = #record.username:VARCHAR#, + attribute = #record.attribute:VARCHAR#, + op = #record.op:CHAR#, + value = #record.value:VARCHAR# + + + + + \ No newline at end of file diff --git a/extensions/dal/src/main/resources/net/jradius/dal/xml/radgroupcheck_SqlMap.xml b/extensions/dal/src/main/resources/net/jradius/dal/xml/radgroupcheck_SqlMap.xml new file mode 100644 index 0000000..ed88c5a --- /dev/null +++ b/extensions/dal/src/main/resources/net/jradius/dal/xml/radgroupcheck_SqlMap.xml @@ -0,0 +1,190 @@ + + + + + + + + + + + + + + + + ( + + $oredCriteria[].criteriaWithoutValue[]$ + + + $oredCriteria[].criteriaWithSingleValue[].condition$ + #oredCriteria[].criteriaWithSingleValue[].value# + + + $oredCriteria[].criteriaWithListValue[].condition$ + + #oredCriteria[].criteriaWithListValue[].values[]# + + + + $oredCriteria[].criteriaWithBetweenValue[].condition$ + #oredCriteria[].criteriaWithBetweenValue[].values[0]# and + #oredCriteria[].criteriaWithBetweenValue[].values[1]# + + ) + + + + + + + + delete from radgroupcheck + where id = #id:BIGINT# + + + + delete from radgroupcheck + + + + + insert into radgroupcheck (groupname, attribute, op, value) + values (#groupname:VARCHAR#, #attribute:VARCHAR#, #op:CHAR#, #value:VARCHAR#) + + SELECT LAST_INSERT_ID() + + + + + update radgroupcheck + set groupname = #groupname:VARCHAR#, + attribute = #attribute:VARCHAR#, + op = #op:CHAR#, + value = #value:VARCHAR# + where id = #id:BIGINT# + + + + update radgroupcheck + + + groupname = #groupname:VARCHAR# + + + attribute = #attribute:VARCHAR# + + + op = #op:CHAR# + + + value = #value:VARCHAR# + + + where id = #id:BIGINT# + + + + + update radgroupcheck + + + id = #record.id:BIGINT# + + + groupname = #record.groupname:VARCHAR# + + + attribute = #record.attribute:VARCHAR# + + + op = #record.op:CHAR# + + + value = #record.value:VARCHAR# + + + + + + + + + update radgroupcheck + set id = #record.id:BIGINT#, + groupname = #record.groupname:VARCHAR#, + attribute = #record.attribute:VARCHAR#, + op = #record.op:CHAR#, + value = #record.value:VARCHAR# + + + + + \ No newline at end of file diff --git a/extensions/dal/src/main/resources/net/jradius/dal/xml/radgroupreply_SqlMap.xml b/extensions/dal/src/main/resources/net/jradius/dal/xml/radgroupreply_SqlMap.xml new file mode 100644 index 0000000..a055776 --- /dev/null +++ b/extensions/dal/src/main/resources/net/jradius/dal/xml/radgroupreply_SqlMap.xml @@ -0,0 +1,190 @@ + + + + + + + + + + + + + + + + ( + + $oredCriteria[].criteriaWithoutValue[]$ + + + $oredCriteria[].criteriaWithSingleValue[].condition$ + #oredCriteria[].criteriaWithSingleValue[].value# + + + $oredCriteria[].criteriaWithListValue[].condition$ + + #oredCriteria[].criteriaWithListValue[].values[]# + + + + $oredCriteria[].criteriaWithBetweenValue[].condition$ + #oredCriteria[].criteriaWithBetweenValue[].values[0]# and + #oredCriteria[].criteriaWithBetweenValue[].values[1]# + + ) + + + + + + + + delete from radgroupreply + where id = #id:BIGINT# + + + + delete from radgroupreply + + + + + insert into radgroupreply (groupname, attribute, op, value) + values (#groupname:VARCHAR#, #attribute:VARCHAR#, #op:CHAR#, #value:VARCHAR#) + + SELECT LAST_INSERT_ID() + + + + + update radgroupreply + set groupname = #groupname:VARCHAR#, + attribute = #attribute:VARCHAR#, + op = #op:CHAR#, + value = #value:VARCHAR# + where id = #id:BIGINT# + + + + update radgroupreply + + + groupname = #groupname:VARCHAR# + + + attribute = #attribute:VARCHAR# + + + op = #op:CHAR# + + + value = #value:VARCHAR# + + + where id = #id:BIGINT# + + + + + update radgroupreply + + + id = #record.id:BIGINT# + + + groupname = #record.groupname:VARCHAR# + + + attribute = #record.attribute:VARCHAR# + + + op = #record.op:CHAR# + + + value = #record.value:VARCHAR# + + + + + + + + + update radgroupreply + set id = #record.id:BIGINT#, + groupname = #record.groupname:VARCHAR#, + attribute = #record.attribute:VARCHAR#, + op = #record.op:CHAR#, + value = #record.value:VARCHAR# + + + + + \ No newline at end of file diff --git a/extensions/dal/src/main/resources/net/jradius/dal/xml/radippool_SqlMap.xml b/extensions/dal/src/main/resources/net/jradius/dal/xml/radippool_SqlMap.xml new file mode 100644 index 0000000..8da2357 --- /dev/null +++ b/extensions/dal/src/main/resources/net/jradius/dal/xml/radippool_SqlMap.xml @@ -0,0 +1,231 @@ + + + + + + + + + + + + + + + + + + + + ( + + $oredCriteria[].criteriaWithoutValue[]$ + + + $oredCriteria[].criteriaWithSingleValue[].condition$ + #oredCriteria[].criteriaWithSingleValue[].value# + + + $oredCriteria[].criteriaWithListValue[].condition$ + + #oredCriteria[].criteriaWithListValue[].values[]# + + + + $oredCriteria[].criteriaWithBetweenValue[].condition$ + #oredCriteria[].criteriaWithBetweenValue[].values[0]# and + #oredCriteria[].criteriaWithBetweenValue[].values[1]# + + ) + + + + + + + + delete from radippool + where id = #id:BIGINT# + + + + delete from radippool + + + + + insert into radippool (pool_name, framedipaddress, nasipaddress, calledstationid, + callingstationid, expiry_time, username, pool_key) + values (#poolName:VARCHAR#, #framedipaddress:VARCHAR#, #nasipaddress:VARCHAR#, + #calledstationid:VARCHAR#, #callingstationid:VARCHAR#, #expiryTime:TIMESTAMP#, + #username:VARCHAR#, #poolKey:VARCHAR#) + + SELECT LAST_INSERT_ID() + + + + + update radippool + set pool_name = #poolName:VARCHAR#, + framedipaddress = #framedipaddress:VARCHAR#, + nasipaddress = #nasipaddress:VARCHAR#, + calledstationid = #calledstationid:VARCHAR#, + callingstationid = #callingstationid:VARCHAR#, + expiry_time = #expiryTime:TIMESTAMP#, + username = #username:VARCHAR#, + pool_key = #poolKey:VARCHAR# + where id = #id:BIGINT# + + + + update radippool + + + pool_name = #poolName:VARCHAR# + + + framedipaddress = #framedipaddress:VARCHAR# + + + nasipaddress = #nasipaddress:VARCHAR# + + + calledstationid = #calledstationid:VARCHAR# + + + callingstationid = #callingstationid:VARCHAR# + + + expiry_time = #expiryTime:TIMESTAMP# + + + username = #username:VARCHAR# + + + pool_key = #poolKey:VARCHAR# + + + where id = #id:BIGINT# + + + + + update radippool + + + id = #record.id:BIGINT# + + + pool_name = #record.poolName:VARCHAR# + + + framedipaddress = #record.framedipaddress:VARCHAR# + + + nasipaddress = #record.nasipaddress:VARCHAR# + + + calledstationid = #record.calledstationid:VARCHAR# + + + callingstationid = #record.callingstationid:VARCHAR# + + + expiry_time = #record.expiryTime:TIMESTAMP# + + + username = #record.username:VARCHAR# + + + pool_key = #record.poolKey:VARCHAR# + + + + + + + + + update radippool + set id = #record.id:BIGINT#, + pool_name = #record.poolName:VARCHAR#, + framedipaddress = #record.framedipaddress:VARCHAR#, + nasipaddress = #record.nasipaddress:VARCHAR#, + calledstationid = #record.calledstationid:VARCHAR#, + callingstationid = #record.callingstationid:VARCHAR#, + expiry_time = #record.expiryTime:TIMESTAMP#, + username = #record.username:VARCHAR#, + pool_key = #record.poolKey:VARCHAR# + + + + + \ No newline at end of file diff --git a/extensions/dal/src/main/resources/net/jradius/dal/xml/radpostauth_SqlMap.xml b/extensions/dal/src/main/resources/net/jradius/dal/xml/radpostauth_SqlMap.xml new file mode 100644 index 0000000..ede8351 --- /dev/null +++ b/extensions/dal/src/main/resources/net/jradius/dal/xml/radpostauth_SqlMap.xml @@ -0,0 +1,190 @@ + + + + + + + + + + + + + + + + ( + + $oredCriteria[].criteriaWithoutValue[]$ + + + $oredCriteria[].criteriaWithSingleValue[].condition$ + #oredCriteria[].criteriaWithSingleValue[].value# + + + $oredCriteria[].criteriaWithListValue[].condition$ + + #oredCriteria[].criteriaWithListValue[].values[]# + + + + $oredCriteria[].criteriaWithBetweenValue[].condition$ + #oredCriteria[].criteriaWithBetweenValue[].values[0]# and + #oredCriteria[].criteriaWithBetweenValue[].values[1]# + + ) + + + + + + + + delete from radpostauth + where id = #id:BIGINT# + + + + delete from radpostauth + + + + + insert into radpostauth (username, pass, reply, authdate) + values (#username:VARCHAR#, #pass:VARCHAR#, #reply:VARCHAR#, #authdate:TIMESTAMP#) + + SELECT LAST_INSERT_ID() + + + + + update radpostauth + set username = #username:VARCHAR#, + pass = #pass:VARCHAR#, + reply = #reply:VARCHAR#, + authdate = #authdate:TIMESTAMP# + where id = #id:BIGINT# + + + + update radpostauth + + + username = #username:VARCHAR# + + + pass = #pass:VARCHAR# + + + reply = #reply:VARCHAR# + + + authdate = #authdate:TIMESTAMP# + + + where id = #id:BIGINT# + + + + + update radpostauth + + + id = #record.id:BIGINT# + + + username = #record.username:VARCHAR# + + + pass = #record.pass:VARCHAR# + + + reply = #record.reply:VARCHAR# + + + authdate = #record.authdate:TIMESTAMP# + + + + + + + + + update radpostauth + set id = #record.id:BIGINT#, + username = #record.username:VARCHAR#, + pass = #record.pass:VARCHAR#, + reply = #record.reply:VARCHAR#, + authdate = #record.authdate:TIMESTAMP# + + + + + \ No newline at end of file diff --git a/extensions/dal/src/main/resources/net/jradius/dal/xml/radreply_SqlMap.xml b/extensions/dal/src/main/resources/net/jradius/dal/xml/radreply_SqlMap.xml new file mode 100644 index 0000000..9015c6f --- /dev/null +++ b/extensions/dal/src/main/resources/net/jradius/dal/xml/radreply_SqlMap.xml @@ -0,0 +1,190 @@ + + + + + + + + + + + + + + + + ( + + $oredCriteria[].criteriaWithoutValue[]$ + + + $oredCriteria[].criteriaWithSingleValue[].condition$ + #oredCriteria[].criteriaWithSingleValue[].value# + + + $oredCriteria[].criteriaWithListValue[].condition$ + + #oredCriteria[].criteriaWithListValue[].values[]# + + + + $oredCriteria[].criteriaWithBetweenValue[].condition$ + #oredCriteria[].criteriaWithBetweenValue[].values[0]# and + #oredCriteria[].criteriaWithBetweenValue[].values[1]# + + ) + + + + + + + + delete from radreply + where id = #id:BIGINT# + + + + delete from radreply + + + + + insert into radreply (username, attribute, op, value) + values (#username:VARCHAR#, #attribute:VARCHAR#, #op:CHAR#, #value:VARCHAR#) + + SELECT LAST_INSERT_ID() + + + + + update radreply + set username = #username:VARCHAR#, + attribute = #attribute:VARCHAR#, + op = #op:CHAR#, + value = #value:VARCHAR# + where id = #id:BIGINT# + + + + update radreply + + + username = #username:VARCHAR# + + + attribute = #attribute:VARCHAR# + + + op = #op:CHAR# + + + value = #value:VARCHAR# + + + where id = #id:BIGINT# + + + + + update radreply + + + id = #record.id:BIGINT# + + + username = #record.username:VARCHAR# + + + attribute = #record.attribute:VARCHAR# + + + op = #record.op:CHAR# + + + value = #record.value:VARCHAR# + + + + + + + + + update radreply + set id = #record.id:BIGINT#, + username = #record.username:VARCHAR#, + attribute = #record.attribute:VARCHAR#, + op = #record.op:CHAR#, + value = #record.value:VARCHAR# + + + + + \ No newline at end of file diff --git a/extensions/dal/src/main/resources/net/jradius/dal/xml/radusergroup_SqlMap.xml b/extensions/dal/src/main/resources/net/jradius/dal/xml/radusergroup_SqlMap.xml new file mode 100644 index 0000000..3623e26 --- /dev/null +++ b/extensions/dal/src/main/resources/net/jradius/dal/xml/radusergroup_SqlMap.xml @@ -0,0 +1,181 @@ + + + + + + + + + + + + + + + ( + + $oredCriteria[].criteriaWithoutValue[]$ + + + $oredCriteria[].criteriaWithSingleValue[].condition$ + #oredCriteria[].criteriaWithSingleValue[].value# + + + $oredCriteria[].criteriaWithListValue[].condition$ + + #oredCriteria[].criteriaWithListValue[].values[]# + + + + $oredCriteria[].criteriaWithBetweenValue[].condition$ + #oredCriteria[].criteriaWithBetweenValue[].values[0]# and + #oredCriteria[].criteriaWithBetweenValue[].values[1]# + + ) + + + + + + + + delete from radusergroup + where id = #id:BIGINT# + + + + delete from radusergroup + + + + + insert into radusergroup (username, groupname, priority) + values (#username:VARCHAR#, #groupname:VARCHAR#, #priority:INTEGER#) + + SELECT LAST_INSERT_ID() + + + + + update radusergroup + set username = #username:VARCHAR#, + groupname = #groupname:VARCHAR#, + priority = #priority:INTEGER# + where id = #id:BIGINT# + + + + update radusergroup + + + username = #username:VARCHAR# + + + groupname = #groupname:VARCHAR# + + + priority = #priority:INTEGER# + + + where id = #id:BIGINT# + + + + + update radusergroup + + + id = #record.id:BIGINT# + + + username = #record.username:VARCHAR# + + + groupname = #record.groupname:VARCHAR# + + + priority = #record.priority:INTEGER# + + + + + + + + + update radusergroup + set id = #record.id:BIGINT#, + username = #record.username:VARCHAR#, + groupname = #record.groupname:VARCHAR#, + priority = #record.priority:INTEGER# + + + + + \ No newline at end of file diff --git a/extensions/dal/src/main/resources/net/jradius/dal/xml/uihelp_SqlMap.xml b/extensions/dal/src/main/resources/net/jradius/dal/xml/uihelp_SqlMap.xml new file mode 100644 index 0000000..93c63ae --- /dev/null +++ b/extensions/dal/src/main/resources/net/jradius/dal/xml/uihelp_SqlMap.xml @@ -0,0 +1,172 @@ + + + + + + + + + + + + + + ( + + $oredCriteria[].criteriaWithoutValue[]$ + + + $oredCriteria[].criteriaWithSingleValue[].condition$ + #oredCriteria[].criteriaWithSingleValue[].value# + + + $oredCriteria[].criteriaWithListValue[].condition$ + + #oredCriteria[].criteriaWithListValue[].values[]# + + + + $oredCriteria[].criteriaWithBetweenValue[].condition$ + #oredCriteria[].criteriaWithBetweenValue[].values[0]# and + #oredCriteria[].criteriaWithBetweenValue[].values[1]# + + ) + + + + + + + + delete from uihelp + where id = #id:BIGINT# + + + + delete from uihelp + + + + + insert into uihelp (keyid, helptext) + values (#keyid:VARCHAR#, #helptext:VARCHAR#) + + SELECT LAST_INSERT_ID() + + + + + update uihelp + set keyid = #keyid:VARCHAR#, + helptext = #helptext:VARCHAR# + where id = #id:BIGINT# + + + + update uihelp + + + keyid = #keyid:VARCHAR# + + + helptext = #helptext:VARCHAR# + + + where id = #id:BIGINT# + + + + + update uihelp + + + id = #record.id:BIGINT# + + + keyid = #record.keyid:VARCHAR# + + + helptext = #record.helptext:VARCHAR# + + + + + + + + + update uihelp + set id = #record.id:BIGINT#, + keyid = #record.keyid:VARCHAR#, + helptext = #record.helptext:VARCHAR# + + + + + \ No newline at end of file diff --git a/extensions/db/pom.xml b/extensions/db/pom.xml new file mode 100644 index 0000000..91a4734 --- /dev/null +++ b/extensions/db/pom.xml @@ -0,0 +1,34 @@ + + + + 4.0.0 + net.jradius + jradius-db + ${project.artifactId}-${project.version} + 1.0.0-SNAPSHOT + JRadius data access layer utils + + + net.jradius + jradius-extensions + 1.0.0-SNAPSHOT + ../pom.xml + + + + + com.coova + abator + 1.1.0-coova + + + + org.apache.ibatis + ibatis-sqlmap + 2.3.2 + + + + + diff --git a/extensions/db/src/main/java/net/jradius/db/JavaDAOGenerator.java b/extensions/db/src/main/java/net/jradius/db/JavaDAOGenerator.java new file mode 100644 index 0000000..0204f4e --- /dev/null +++ b/extensions/db/src/main/java/net/jradius/db/JavaDAOGenerator.java @@ -0,0 +1,6 @@ +package net.jradius.db; + +public class JavaDAOGenerator extends com.coova.abator.JavaDAOGenerator +{ + +} diff --git a/extensions/db/src/main/java/net/jradius/db/JavaModelGenerator.java b/extensions/db/src/main/java/net/jradius/db/JavaModelGenerator.java new file mode 100644 index 0000000..b11f517 --- /dev/null +++ b/extensions/db/src/main/java/net/jradius/db/JavaModelGenerator.java @@ -0,0 +1,9 @@ +package net.jradius.db; + +public class JavaModelGenerator extends com.coova.abator.JavaModelGenerator +{ + public JavaModelGenerator() + { + super("src/main/java/net/jradius", "net.jradius"); + } +} diff --git a/extensions/db/src/main/java/net/jradius/db/SqlMapGenerator.java b/extensions/db/src/main/java/net/jradius/db/SqlMapGenerator.java new file mode 100644 index 0000000..db5a374 --- /dev/null +++ b/extensions/db/src/main/java/net/jradius/db/SqlMapGenerator.java @@ -0,0 +1,6 @@ +package net.jradius.db; + +public class SqlMapGenerator extends com.coova.abator.SqlMapGenerator +{ + +} diff --git a/extensions/ewt-client/README.txt b/extensions/ewt-client/README.txt new file mode 100644 index 0000000..c070a04 --- /dev/null +++ b/extensions/ewt-client/README.txt @@ -0,0 +1,4 @@ + +The JRadius client interface is provided in 'binary' format +(obfuscated JavaScript) here as to generate the interface requires +Coova proprietary code. The binary version is available as Freeware. diff --git a/extensions/ewt-client/pom.xml b/extensions/ewt-client/pom.xml new file mode 100644 index 0000000..1eec0dc --- /dev/null +++ b/extensions/ewt-client/pom.xml @@ -0,0 +1,57 @@ + + + + 4.0.0 + net.jradius + jradius-ewt-client + ${project.artifactId}-${project.version} + 1.0.0-SNAPSHOT + EWT Client classes + + + net.jradius + jradius-extensions + 1.0.0-SNAPSHOT + ../pom.xml + + + + + com.coova + coova-ewt-client-ui + 1.0.0-snapshot-103 + + + + + + + src/main/resources + + **/*.css + **/*.xml + **/*.html + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + 1.5 + 1.5 + + + + + + + + gwt-maven + http://gwt-maven.googlecode.com/svn/trunk/mavenrepo + + + + diff --git a/extensions/ewt-client/src/main/resources/com.coova.ewt.Home/JRadius.html b/extensions/ewt-client/src/main/resources/com.coova.ewt.Home/JRadius.html new file mode 100644 index 0000000..b12abce --- /dev/null +++ b/extensions/ewt-client/src/main/resources/com.coova.ewt.Home/JRadius.html @@ -0,0 +1,73 @@ + + +JRadius + + + + + + + + + + + diff --git a/extensions/ewt-client/src/main/resources/com.coova.ewt.Home/jradius.css b/extensions/ewt-client/src/main/resources/com.coova.ewt.Home/jradius.css new file mode 100644 index 0000000..4a7520b --- /dev/null +++ b/extensions/ewt-client/src/main/resources/com.coova.ewt.Home/jradius.css @@ -0,0 +1,77 @@ + +.gwt-DialogBox input { + width: 120px; + border: 1px solid black; +} + +.gwt-DialogBox { + border: 2px solid black; + padding: 10px; + background-color: white; +} + +.gwt-TabBar .gwt-TabBarItem { + border-top: 2px solid white; + border-left: 2px solid white; + border-right: 2px solid white; +} + +.gwt-TabBar .gwt-TabBarItem-selected { + background-color: #ccc; +} + +.gwt-TabPanelBottom .gwt-TabBar { + background-color: #ccc; +} + +.gwt-TabPanelBottom .gwt-TabBarItem { + border-top: 2px solid #ccc; + border-left: 2px solid #ccc; + border-right: 2px solid #ccc; + border-bottom: 2px solid #ccc; +} + +.gwt-TabPanelBottom .gwt-TabBarRest { + background-color: #ccc; +} + +.gwt-TabPanelBottom .gwt-TabBarItem-selected { + border-top: 2px solid #ccc; + border-left: 2px solid #ccc; + border-right: 2px solid #ccc; + border-bottom: 2px solid white; + background-color: white; +} + +.inputform { + border: 2px solid #ccc; +} + +.inputform-box { + border: 2px solid #ccc; +} + +.fieldset-title { + border-bottom: solid 2px #ccc; +} + +.calendar-viewer { + padding-top: 12px; +} + +.calendar-viewer-deck { + border-top: 0; +} + +.calendar-viewer-deck table.navbar { + width: 100%; +} + +.calendar-viewer-deck table.navbar .gwt-Label{ + padding: 7px; + font-size: 200%; +} + +div.event { + background-color: #ccf; +} \ No newline at end of file diff --git a/extensions/ewt-server/pom.xml b/extensions/ewt-server/pom.xml new file mode 100644 index 0000000..f257edf --- /dev/null +++ b/extensions/ewt-server/pom.xml @@ -0,0 +1,69 @@ + + + + 4.0.0 + net.jradius + jradius-ewt-server + ${project.artifactId}-${project.version} + 1.0.0-SNAPSHOT + EWT Server classes + + + net.jradius + jradius-extensions + 1.0.0-SNAPSHOT + ../pom.xml + + + + + net.jradius + jradius-core + 1.0.0-SNAPSHOT + + + + net.jradius + jradius-dictionary + 1.0.0-SNAPSHOT + + + + net.jradius + jradius-extended + 1.0.0-SNAPSHOT + + + + net.jradius + jradius-dal + 1.0.0-SNAPSHOT + + + + com.coova + coova-ewt-server + 1.0.0-snapshot-103 + + + com.coova + coova-ewt-tools + 1.0.0-snapshot-103 + + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + 1.5 + 1.5 + + + + + + diff --git a/extensions/ewt-server/src/main/java/net/jradius/ewt/EWTServerSupport.java b/extensions/ewt-server/src/main/java/net/jradius/ewt/EWTServerSupport.java new file mode 100644 index 0000000..795e1e0 --- /dev/null +++ b/extensions/ewt-server/src/main/java/net/jradius/ewt/EWTServerSupport.java @@ -0,0 +1,226 @@ +package net.jradius.ewt; + +import java.io.ByteArrayOutputStream; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; + +import net.jradius.dal.dao.NASDAO; +import net.jradius.dal.dao.RadAcctDAO; +import net.jradius.dal.dao.RadCheckDAO; +import net.jradius.dal.dao.RadGroupCheckDAO; +import net.jradius.dal.dao.RadGroupReplyDAO; +import net.jradius.dal.dao.RadIPPoolDAO; +import net.jradius.dal.dao.RadPostAuthDAO; +import net.jradius.dal.dao.RadReplyDAO; +import net.jradius.dal.dao.RadUserGroupDAO; +import net.jradius.dal.dao.UIHelpDAO; +import net.jradius.dal.json.NASConvert; +import net.jradius.dal.json.RadAcctConvert; +import net.jradius.dal.json.RadCheckConvert; +import net.jradius.dal.json.RadGroupCheckConvert; +import net.jradius.dal.json.RadGroupReplyConvert; +import net.jradius.dal.json.RadIPPoolConvert; +import net.jradius.dal.json.RadPostAuthConvert; +import net.jradius.dal.json.RadReplyConvert; +import net.jradius.dal.json.RadUserGroupConvert; +import net.jradius.dal.json.UIHelpConvert; +import net.jradius.ewt.handler.AttributeSearchTree; +import net.jradius.ewt.handler.SQLUserConvert; + +import org.json.JSONArray; +import org.json.JSONObject; +import org.springframework.beans.factory.InitializingBean; + +import com.coova.ewt.handler.JavaStatusService; +import com.coova.service.EWTService; + +public class EWTServerSupport extends com.coova.ewt.server.EWTServerSupport implements InitializingBean +{ + private NASDAO nasDAO; + private RadAcctDAO radAcctDAO; + private RadCheckDAO radCheckDAO; + private RadGroupCheckDAO radGroupCheckDAO; + private RadReplyDAO radReplyDAO; + private RadGroupReplyDAO radGroupReplyDAO; + private RadPostAuthDAO radPostAuthDAO; + private RadUserGroupDAO radUserGroupDAO; + private RadIPPoolDAO radIPPoolDAO; + private UIHelpDAO uiHelpDAO; + + private AttributeSearchTree attributeSearchTree; + + public void afterPropertiesSet() throws Exception + { + registerService("java-status", new JavaStatusService()); + + // Extended FreeRADIUS Support + registerConverter("user", new SQLUserConvert(getRadCheckDAO())); + + registerService("attributes", new EWTService() + { + + public String getServiceName() { + return "attributes"; + } + + public Object handle(Map parameterMap, JSONObject jsonObject, Object sessionObject) throws Exception + { + JSONArray newarray = new JSONArray(); + + String query = parameterMap.get("query"); + String limit = parameterMap.get("limit"); + + List results = new LinkedList(); + + int resultsLimit; + try { resultsLimit = Integer.parseInt(limit); } + catch (Exception e) { resultsLimit = 20; } + + attributeSearchTree.prefixSearch(query, results, resultsLimit); + for (String suggestion : results) + { + JSONObject obj; + newarray.put(newarray.length(), obj = new JSONObject()); + obj.put("suggest", suggestion); + } + + return newarray; + } + }); + + registerService("radiusd-config", new EWTService() + { + public String getServiceName() { + return "radiusd-config"; + } + + public Object handle(Map parameterMap, JSONObject jsonObject, Object sessionObject) throws Exception + { + parameterMap.put("responseType", txtType); + ByteArrayOutputStream out = new ByteArrayOutputStream(); + doTransform("xml2radiusd", "config", out); + return new String(out.toByteArray()); + } + }); + + registerConverter("uihelp", new UIHelpConvert(getUiHelpDAO())); + registerConverter("nas", new NASConvert(getNasDAO())); + registerConverter("radacct", new RadAcctConvert(getRadAcctDAO())); + registerConverter("radcheck", new RadCheckConvert(getRadCheckDAO())); + registerConverter("radgroupcheck", new RadGroupCheckConvert(getRadGroupCheckDAO())); + registerConverter("radreply", new RadReplyConvert(getRadReplyDAO())); + registerConverter("radgroupreply", new RadGroupReplyConvert(getRadGroupReplyDAO())); + registerConverter("radpostauth", new RadPostAuthConvert(getRadPostAuthDAO())); + registerConverter("radusergroup", new RadUserGroupConvert(getRadUserGroupDAO())); + registerConverter("radippool", new RadIPPoolConvert(getRadIPPoolDAO())); + } + + public NASDAO getNasDAO() + { + return nasDAO; + } + + public void setNasDAO(NASDAO nasDAO) + { + this.nasDAO = nasDAO; + } + + public RadCheckDAO getRadCheckDAO() + { + return radCheckDAO; + } + + public void setRadCheckDAO(RadCheckDAO radCheckDAO) + { + this.radCheckDAO = radCheckDAO; + } + + public RadAcctDAO getRadAcctDAO() + { + return radAcctDAO; + } + + public void setRadAcctDAO(RadAcctDAO radAcctDAO) + { + this.radAcctDAO = radAcctDAO; + } + + public RadGroupCheckDAO getRadGroupCheckDAO() + { + return radGroupCheckDAO; + } + + public void setRadGroupCheckDAO(RadGroupCheckDAO radGroupCheckDAO) + { + this.radGroupCheckDAO = radGroupCheckDAO; + } + + public RadGroupReplyDAO getRadGroupReplyDAO() + { + return radGroupReplyDAO; + } + + public void setRadGroupReplyDAO(RadGroupReplyDAO radGroupReplyDAO) + { + this.radGroupReplyDAO = radGroupReplyDAO; + } + + public RadReplyDAO getRadReplyDAO() + { + return radReplyDAO; + } + + public void setRadReplyDAO(RadReplyDAO radReplyDAO) + { + this.radReplyDAO = radReplyDAO; + } + + public RadPostAuthDAO getRadPostAuthDAO() + { + return radPostAuthDAO; + } + + public void setRadPostAuthDAO(RadPostAuthDAO radPostAuthDAO) + { + this.radPostAuthDAO = radPostAuthDAO; + } + + public RadUserGroupDAO getRadUserGroupDAO() + { + return radUserGroupDAO; + } + + public void setRadUserGroupDAO(RadUserGroupDAO radUserGroupDAO) + { + this.radUserGroupDAO = radUserGroupDAO; + } + + public RadIPPoolDAO getRadIPPoolDAO() + { + return radIPPoolDAO; + } + + public void setRadIPPoolDAO(RadIPPoolDAO radIPPoolDAO) + { + this.radIPPoolDAO = radIPPoolDAO; + } + + public AttributeSearchTree getAttributeSearchTree() + { + return attributeSearchTree; + } + + public void setAttributeSearchTree(AttributeSearchTree attributeSearchTree) + { + this.attributeSearchTree = attributeSearchTree; + } + + public UIHelpDAO getUiHelpDAO() { + return uiHelpDAO; + } + + public void setUiHelpDAO(UIHelpDAO uiHelpDAO) { + this.uiHelpDAO = uiHelpDAO; + } +} diff --git a/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/AttributeSearchTree.java b/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/AttributeSearchTree.java new file mode 100644 index 0000000..826ff22 --- /dev/null +++ b/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/AttributeSearchTree.java @@ -0,0 +1,280 @@ +package net.jradius.ewt.handler; + +import java.util.Collection; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import net.jradius.packet.attribute.AttributeDictionary; +import net.jradius.packet.attribute.VSADictionary; + +import org.springframework.beans.factory.InitializingBean; + +public class AttributeSearchTree implements Map, InitializingBean +{ + private AttributeDictionary attributeDictionary; + private Node _root; + + public AttributeSearchTree() + { + } + + public void afterPropertiesSet() throws Exception + { + attributeDictionary.loadAttributesNames(this); + + LinkedHashMap vendorMap = new LinkedHashMap(); + attributeDictionary.loadVendorCodes(vendorMap); + + for (Long id : vendorMap.keySet()) + { + Class c = vendorMap.get(id); + try + { + VSADictionary vsadict = (VSADictionary)c.newInstance(); + vsadict.loadAttributesNames(this); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + } + + public void clear() + { + } + + public boolean containsKey(Object key) + { + return false; + } + + public boolean containsValue(Object value) + { + return false; + } + + public Set> entrySet() + { + return null; + } + + public Class get(Object key) + { + return null; + } + + public boolean isEmpty() + { + return false; + } + + public Set keySet() + { + return null; + } + + public Class put(String key, Class value) + { + add(key); + return null; + } + + public void putAll(Map m) + { + } + + public Class remove(Object key) + { + return null; + } + + public int size() + { + return 0; + } + + public Collection values() + { + return null; + } + + public void add(String word) + { + Node node = insert(_root, word, word.toLowerCase(), 0); + if (_root == null) + { + _root = node; + } + } + + public boolean contains(String word) + { + Node node = search(_root, word.toLowerCase(), 0); + return node != null && node.isEndOfWord(); + } + + public void prefixSearch(String prefix, List results, int limit) + { + if (prefix == null) return; + inOrderTraversal(search(_root, prefix.toLowerCase(), 0), results, limit); + } + + private Node search(Node node, CharSequence word, int index) + { + Node result = node; + + if (node == null) + { + return null; + } + + char c = word.charAt(index); + + if (c == node.getChar()) + { + if (index + 1 < word.length()) + { + result = search(node.getChild(), word, index + 1); + } + else + { + result = node.getChild(); + } + } + else if (c < node.getChar()) + { + result = search(node.getSmaller(), word, index); + } + else + { + result = search(node.getLarger(), word, index); + } + + return result; + } + + private Node insert(Node node, CharSequence word, CharSequence wordLower, int index) + { + char c = wordLower.charAt(index); + + if (node == null) + { + return insert(new Node(c), word, wordLower, index); + } + + if (c == node.getChar()) + { + if (index + 1 < word.length()) + { + node.setChild(insert(node.getChild(), word, wordLower, index + 1)); + } + else + { + node.setWord(word.toString()); + } + } + else if (c < node.getChar()) + { + node.setSmaller(insert(node.getSmaller(), word, wordLower, index)); + } + else + { + node.setLarger(insert(node.getLarger(), word, wordLower, index)); + } + + return node; + } + + private void inOrderTraversal(Node node, List results, int limit) + { + if (node == null) + { + return; + } + + inOrderTraversal(node.getSmaller(), results, limit); + if (node.isEndOfWord()) + { + results.add(node.getWord()); + } + inOrderTraversal(node.getChild(), results, limit); + inOrderTraversal(node.getLarger(), results, limit); + } + + private static final class Node { + private final char _c; + private Node _smaller; + private Node _larger; + private Node _child; + private String _word; + + public Node(char c) + { + _c = c; + } + + public char getChar() + { + return _c; + } + + public Node getSmaller() + { + return _smaller; + } + + public void setSmaller(Node smaller) + { + _smaller = smaller; + } + + public Node getLarger() + { + return _larger; + } + + public void setLarger(Node larger) + { + _larger = larger; + } + + public Node getChild() + { + return _child; + } + + public void setChild(Node child) + { + _child = child; + } + + public String getWord() + { + return _word; + } + + public void setWord(String word) + { + _word = word; + } + + public boolean isEndOfWord() + { + return getWord() != null; + } + } + + public AttributeDictionary getAttributeDictionary() + { + return attributeDictionary; + } + + public void setAttributeDictionary(AttributeDictionary attributeDictionary) + { + this.attributeDictionary = attributeDictionary; + } +} diff --git a/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/CoreHandler.java b/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/CoreHandler.java new file mode 100644 index 0000000..55fe8d3 --- /dev/null +++ b/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/CoreHandler.java @@ -0,0 +1,49 @@ +/** + * JRadius.EWT Embedded Web Toolkit for JRadius/FreeRADIUS + * Copyright (C) 2008 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.ewt.handler; + +import java.io.FileNotFoundException; +import java.io.InputStream; + +import net.jradius.ewt.EWTServerSupport; +import net.jradius.handler.EventHandlerBase; + +import org.springframework.beans.factory.InitializingBean; + +public abstract class CoreHandler extends EventHandlerBase implements InitializingBean +{ + protected EWTServerSupport ewtServerSupport; + + public InputStream resourceStream(String resourceName) throws FileNotFoundException + { + return ewtServerSupport.resourceStream(resourceName); + } + + public void setEwtServerSupport(EWTServerSupport ewtServerSupport) + { + this.ewtServerSupport = ewtServerSupport; + } + + public void afterPropertiesSet() throws Exception + { + if (ewtServerSupport == null) throw new RuntimeException("ewtServerSupport is null"); + } +} diff --git a/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/JSONHandler.java b/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/JSONHandler.java new file mode 100644 index 0000000..ac65936 --- /dev/null +++ b/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/JSONHandler.java @@ -0,0 +1,163 @@ +/** + * JRadius.EWT Embedded Web Toolkit for JRadius/FreeRADIUS + * Copyright (C) 2008 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.ewt.handler; + +import java.io.BufferedReader; +import java.io.BufferedWriter; +import java.io.InputStreamReader; +import java.io.OutputStreamWriter; +import java.net.URI; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.StringTokenizer; + +import net.jradius.dal.dao.UIHelpDAO; +import net.jradius.dal.model.UIHelp; +import net.jradius.dal.model.UIHelpExample; +import net.jradius.server.JRadiusEvent; +import net.jradius.webservice.WebServiceRequest; +import net.jradius.webservice.WebServiceResponse; + +import com.coova.ewt.server.EWTServerSupport.EWTResponse; + +public class JSONHandler extends CoreHandler +{ + private UIHelpDAO uiHelpDAO; + + public JSONHandler() + { + } + + public boolean doesHandle(JRadiusEvent event) + { + WebServiceRequest request = (WebServiceRequest) event; + String path = request.getUri().getPath(); + return path.startsWith("/ewt/json"); + } + + protected EWTResponse handleEWT(Map map, WebServiceRequest request) throws Exception + { + return ewtServerSupport.handle(map, request.getContentAsString()); + } + + public boolean handle(JRadiusEvent event) throws Exception + { + WebServiceRequest request = (WebServiceRequest) event; + + String error = "no response"; + + Map map = request.getParameterMap(); + + EWTResponse ewtResponse = handleEWT(map, request); + + if (ewtResponse == null) + { + try + { + String res = map.get("res"); + /** + * *** Switch based on "res" == "service" + */ + if ("service".equals(res)) + { + String s = map.get("s"); + + Runtime rtime = Runtime.getRuntime(); + Process child = rtime.exec("ewt/"+s); + + if (request.getContent() != null) + { + BufferedWriter outCommand = new BufferedWriter(new OutputStreamWriter(child.getOutputStream())); + outCommand.write(request.getContentAsString()); + outCommand.flush(); + } + + BufferedReader rd = new BufferedReader(new InputStreamReader(child.getInputStream())); + StringBuffer sb = new StringBuffer(); + String line; + + while ((line = rd.readLine()) != null) + sb.append(line).append("\n"); + + ewtResponse = ewtServerSupport.new EWTResponse(ewtServerSupport.htmlType, sb.toString().getBytes()); + } + /** + * *** Switch based on "res" == "help" + */ + else if ("help".equals(res) && uiHelpDAO != null) + { + String s = map.get("s"); + + UIHelpExample example = new UIHelpExample(); + example.createCriteria().andKeyidEqualTo(s); + + List list = uiHelpDAO.selectByExample(example); + + byte[] reply = "Help not available".getBytes(); + if (list != null && list.size() > 0) + { + reply = list.get(0).getHelptext().getBytes(); + } + + ewtResponse = ewtServerSupport.new EWTResponse(ewtServerSupport.htmlType, reply); + } + } + catch (Exception e) + { + error = e.getMessage(); + e.printStackTrace(); + } + } + + if (ewtResponse == null) { + ewtResponse = ewtServerSupport.new EWTResponse(ewtServerSupport.jsonType, + ("{error: '"+error+"'}").getBytes()); + } + + WebServiceResponse response = new WebServiceResponse(); + + if (response == null) return true; + + response.setContent(ewtResponse.getContent()); + + Map headers = response.getHeaders(); + + headers.put("Content-Type", ewtResponse.getType()); + headers.put("Content-Length", ""+ewtResponse.getContentLength()); + headers.put("Cache-Control", "no-cache, must-revalidate"); + headers.put("Pragma", "no-cache" ); + request.setResponse(response); + + return true; + } + + + public UIHelpDAO getUiHelpDAO() + { + return uiHelpDAO; + } + + public void setUiHelpDAO(UIHelpDAO uiHelpDAO) + { + this.uiHelpDAO = uiHelpDAO; + } +} diff --git a/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/SQLUser.java b/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/SQLUser.java new file mode 100644 index 0000000..8fcdab4 --- /dev/null +++ b/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/SQLUser.java @@ -0,0 +1,50 @@ +package net.jradius.ewt.handler; + +public class SQLUser +{ + private String realm; + private String username; + private String password; + private String group; + + + public String getRealm() + { + return realm; + } + + public void setRealm(String realm) + { + this.realm = realm; + } + + public String getUsername() + { + return username; + } + + public void setUsername(String username) + { + this.username = username; + } + + public String getPassword() + { + return password; + } + + public void setPassword(String password) + { + this.password = password; + } + + public String getGroup() + { + return group; + } + + public void setGroup(String group) + { + this.group = group; + } +} diff --git a/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/SQLUserConvert.java b/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/SQLUserConvert.java new file mode 100644 index 0000000..da1ee46 --- /dev/null +++ b/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/SQLUserConvert.java @@ -0,0 +1,147 @@ +package net.jradius.ewt.handler; + +import java.util.List; +import java.util.Map; + +import net.jradius.dal.dao.RadCheckDAO; +import net.jradius.dal.model.RadCheck; +import net.jradius.dal.model.RadCheckExample; +import net.jradius.dal.model.RadCheckExample.Criteria; + +import org.json.JSONArray; +import org.json.JSONException; +import org.json.JSONObject; + +import com.coova.json.JSONConverter; + +public class SQLUserConvert extends JSONConverter +{ + private final RadCheckDAO dao; + + private static final String passwordAttribute = "Cleartext-Password"; + + public SQLUserConvert(RadCheckDAO dao) + { + this.dao = dao; + } + + public String getActualColumnName(String name) + { + return name; + } + + public SQLUser fromJSON(SQLUser user, JSONObject jsonObject) + { + user.setUsername(jsonObject.optString("username")); + return user; + } + + public JSONObject toJSON(SQLUser user, JSONObject jsonObject) throws JSONException + { + jsonObject.put("username", user.getUsername()); + return jsonObject; + } + + public JSONObject toRefJSON(RadCheck radcheck, String nameColumn, JSONObject jsonObject) throws JSONException + { + jsonObject.put("name", radcheck.getUsername()); + jsonObject.put("value", radcheck.getId()); + return jsonObject; + } + + public JSONObject toSuggestJSON(RadCheck radcheck, String nameColumn, JSONObject jsonObject) throws JSONException + { + jsonObject.put("suggest", radcheck.getUsername()); + return jsonObject; + } + + public JSONObject toJSON(RadCheck radcheck, JSONObject jsonObject) throws JSONException + { + jsonObject.put("username", radcheck.getUsername()); + return jsonObject; + } + + public void insertFromJSON(JSONObject jsonObject) throws JSONException + { + //dao.insert(fromJSON(new SQLUser(), jsonObject)); + } + + public void updateFromJSON(JSONObject jsonObject) throws JSONException + { + } + + public void deleteFromJSON(JSONObject jsonObject) throws JSONException + { + } + + public void listAsArray(JSONArray array, Map requestMap, JSONObject metaObject, Integer startRow, Integer rowCount, String orderByClause) throws JSONException + { + RadCheckExample example = new RadCheckExample(); + Criteria criteria = example.createCriteria(); + + if (requestMap != null) + { + criteriaBeanMapper(criteria, requestMap); + } + + if (metaObject != null) + { + metaObject.put("count", dao.countByExample(example)); + } + + example.createCriteria().andAttributeEqualTo(passwordAttribute); + + example.setStartRow(startRow); + example.setRowCount(rowCount); + example.setOrderByClause(orderByClause); + + List list = dao.selectByExample(example); + for (RadCheck radcheck : list) + { + array.put(array.length(), toJSON(radcheck, new JSONObject())); + } + } + + public void listAsSuggestArray(JSONArray array, + Map requestMap, JSONObject metaObject, + String nameColumn, boolean encodeId, String orderByClause) throws JSONException { + RadCheckExample example = new RadCheckExample(); + Criteria criteria = example.createCriteria(); + + if (requestMap != null) + { + criteriaBeanMapper(criteria, requestMap); + } + + example.createCriteria().andAttributeEqualTo(passwordAttribute); + + example.setOrderByClause(orderByClause); + + List list = dao.selectByExample(example); + for (RadCheck radcheck : list) + { + array.put(array.length(), toSuggestJSON(radcheck, nameColumn, new JSONObject())); + } + } + + public void listAsRefArray(JSONArray array, Map requestMap, JSONObject metaObject, String nameColumn, boolean encodeId, String orderByClause) throws JSONException + { + RadCheckExample example = new RadCheckExample(); + Criteria criteria = example.createCriteria(); + + if (requestMap != null) + { + criteriaBeanMapper(criteria, requestMap); + } + + example.createCriteria().andAttributeEqualTo(passwordAttribute); + + example.setOrderByClause(orderByClause); + + List list = dao.selectByExample(example); + for (RadCheck radcheck : list) + { + array.put(array.length(), toRefJSON(radcheck, nameColumn, new JSONObject())); + } + } +} \ No newline at end of file diff --git a/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/UIHandler.java b/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/UIHandler.java new file mode 100644 index 0000000..8b2a917 --- /dev/null +++ b/extensions/ewt-server/src/main/java/net/jradius/ewt/handler/UIHandler.java @@ -0,0 +1,80 @@ +/** + * JRadius.EWT Embedded Web Toolkit for JRadius/FreeRADIUS + * Copyright (C) 2008 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +package net.jradius.ewt.handler; + +import java.net.URI; +import java.util.Map; + +import net.jradius.log.RadiusLog; +import net.jradius.server.JRadiusEvent; +import net.jradius.webservice.WebServiceRequest; +import net.jradius.webservice.WebServiceResponse; + +public class UIHandler extends CoreHandler +{ + public UIHandler() + { + } + + public boolean doesHandle(JRadiusEvent event) + { + WebServiceRequest request = (WebServiceRequest) event; + String path = request.getUri().getPath(); + return path.startsWith("/ewt/"); + } + + public boolean handle(JRadiusEvent event) throws Exception + { + WebServiceRequest request = (WebServiceRequest) event; + + URI uri = request.getUri(); + + String path = uri.getRawPath().replace("/ewt/", ""); + RadiusLog.debug("EWT Request: " + path); + + byte[] content = ewtServerSupport.getResourceFile(path); + + WebServiceResponse response = new WebServiceResponse(); + response.setContent(content); + + Map headers = response.getHeaders(); + + if (path.endsWith(".gif")) + headers.put("Content-Type", "image/gif"); + else if (path.endsWith(".jpg")) + headers.put("Content-Type", "image/jpeg"); + else if (path.endsWith(".png")) + headers.put("Content-Type", "image/png"); + else if (path.endsWith(".js")) + headers.put("Content-Type", "application/javascript"); + else if (path.endsWith(".css")) + headers.put("Content-Type", "text/css"); + else if (path.endsWith(".html")) + headers.put("Content-Type", "text/html"); + else + return true; + + headers.put("Content-Length", ""+content.length); + + request.setResponse(response); + return true; + } +} diff --git a/extensions/ewt-server/src/main/java/net/jradius/handler/SQLHandler.java b/extensions/ewt-server/src/main/java/net/jradius/handler/SQLHandler.java new file mode 100644 index 0000000..67cf839 --- /dev/null +++ b/extensions/ewt-server/src/main/java/net/jradius/handler/SQLHandler.java @@ -0,0 +1,218 @@ +package net.jradius.handler; + +import java.util.List; + +import net.jradius.dal.dao.RadCheckDAO; +import net.jradius.dal.dao.RadGroupCheckDAO; +import net.jradius.dal.dao.RadGroupReplyDAO; +import net.jradius.dal.dao.RadReplyDAO; +import net.jradius.dal.dao.RadUserGroupDAO; +import net.jradius.dal.model.RadCheck; +import net.jradius.dal.model.RadCheckExample; +import net.jradius.dal.model.RadGroupCheck; +import net.jradius.dal.model.RadGroupCheckExample; +import net.jradius.dal.model.RadGroupReply; +import net.jradius.dal.model.RadGroupReplyExample; +import net.jradius.dal.model.RadReply; +import net.jradius.dal.model.RadReplyExample; +import net.jradius.dal.model.RadUserGroup; +import net.jradius.dal.model.RadUserGroupExample; +import net.jradius.dictionary.Attr_UserName; +import net.jradius.packet.AccessAccept; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.server.JRadiusRequest; +import net.jradius.server.JRadiusServer; + +public class SQLHandler extends RadiusSessionHandler +{ + public boolean handle(JRadiusRequest request) throws Exception + { + RadiusPacket req = request.getRequestPacket(); + RadiusPacket rep = request.getReplyPacket(); + AttributeList ci = request.getConfigItems(); + + switch(request.getType()) + { + case JRadiusServer.JRADIUS_authorize: + return authorize(request, req, rep, ci); + + case JRadiusServer.JRADIUS_post_auth: + return post_auth(request, req, rep, ci); + + case JRadiusServer.JRADIUS_accounting: + return accounting(request, req, rep, ci); + } + + return true; + } + + protected boolean authorize(JRadiusRequest request, RadiusPacket req, RadiusPacket rep, AttributeList ci) + { + String username = (String) req.getAttributeValue(Attr_UserName.TYPE); + + /** + * Get 'Group' membership for the username. + */ + RadUserGroupExample radUserGroupExample = new RadUserGroupExample(); + radUserGroupExample.createCriteria().andUsernameEqualTo(username); + + List radUserGroupList = getRadUserGroupDAO(request).selectByExample(radUserGroupExample); + for (RadUserGroup radUserGroup : radUserGroupList) + { + try + { + /** + * Get 'Group' attributes for each group. + */ + RadGroupCheckExample radGroupCheckExample = new RadGroupCheckExample(); + radGroupCheckExample.createCriteria().andGroupnameEqualTo(radUserGroup.getGroupname()); + + List radGroupCheckList = getRadGroupCheckDAO(request).selectByExample(radGroupCheckExample); + for (RadGroupCheck radGroupCheck : radGroupCheckList) + { + try + { + RadiusAttribute attribute = AttributeFactory.newAttribute(radGroupCheck.getAttribute(),radGroupCheck.getValue(),radGroupCheck.getOp()); + ci.add(attribute, true); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + /** + * Get 'Check' items for the username. + */ + RadCheckExample radCheckExample = new RadCheckExample(); + radCheckExample.createCriteria().andUsernameEqualTo(username); + + List radCheckList = getRadCheckDAO(request).selectByExample(radCheckExample); + for (RadCheck radCheck : radCheckList) + { + try + { + RadiusAttribute attribute = AttributeFactory.newAttribute(radCheck.getAttribute(),radCheck.getValue(),radCheck.getOp()); + ci.add(attribute, false); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + return false; + } + + protected boolean post_auth(JRadiusRequest request, RadiusPacket req, RadiusPacket rep, AttributeList ci) + { + boolean authorized = (rep != null && rep instanceof AccessAccept); + String username = (String) req.getAttributeValue(Attr_UserName.TYPE); + + /** + * Only when authorized + */ + if (!authorized) return false; + + /** + * Get 'Group' membership for the username. + */ + RadUserGroupExample radUserGroupExample = new RadUserGroupExample(); + radUserGroupExample.createCriteria().andUsernameEqualTo(username); + + List radUserGroupList = getRadUserGroupDAO(request).selectByExample(radUserGroupExample); + for (RadUserGroup radUserGroup : radUserGroupList) + { + try + { + /** + * Get 'Reply' attributes for each group. + */ + RadGroupReplyExample radGroupReplyExample = new RadGroupReplyExample(); + radGroupReplyExample.createCriteria().andGroupnameEqualTo(radUserGroup.getGroupname()); + + List radGroupReplyList = getRadGroupReplyDAO(request).selectByExample(radGroupReplyExample); + for (RadGroupReply radGroupReply : radGroupReplyList) + { + try + { + RadiusAttribute attribute = AttributeFactory.newAttribute(radGroupReply.getAttribute(),radGroupReply.getValue(),radGroupReply.getOp()); + rep.addAttribute(attribute); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + /** + * Get 'Reply' items for the username. + */ + RadReplyExample radReplyExample = new RadReplyExample(); + radReplyExample.createCriteria().andUsernameEqualTo(username); + + List list = getRadReplyDAO(request).selectByExample(radReplyExample); + for (RadReply radReply : list) + { + try + { + RadiusAttribute attribute = AttributeFactory.newAttribute(radReply.getAttribute(),radReply.getValue(),radReply.getOp()); + rep.addAttribute(attribute); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + return false; + } + + protected boolean accounting(JRadiusRequest request, RadiusPacket req, RadiusPacket rep, AttributeList ci) + { + String sessionId = request.getSessionKey(); + String username = (String) req.getAttributeValue(Attr_UserName.TYPE); + + return false; + } + + protected RadCheckDAO getRadCheckDAO(JRadiusRequest request) + { + return (RadCheckDAO)request.getApplicationContext().getBean("radCheckDAO"); + } + + protected RadGroupCheckDAO getRadGroupCheckDAO(JRadiusRequest request) + { + return (RadGroupCheckDAO)request.getApplicationContext().getBean("radGroupCheckDAO"); + } + + protected RadGroupReplyDAO getRadGroupReplyDAO(JRadiusRequest request) + { + return (RadGroupReplyDAO)request.getApplicationContext().getBean("radGroupReplyDAO"); + } + + protected RadReplyDAO getRadReplyDAO(JRadiusRequest request) + { + return (RadReplyDAO)request.getApplicationContext().getBean("radReplyDAO"); + } + + protected RadUserGroupDAO getRadUserGroupDAO(JRadiusRequest request) + { + return (RadUserGroupDAO)request.getApplicationContext().getBean("radUserGroupDAO"); + } +} diff --git a/extensions/ewt-server/src/main/resources/net/jradius/dal/sql-map-config.xml b/extensions/ewt-server/src/main/resources/net/jradius/dal/sql-map-config.xml new file mode 100644 index 0000000..5bdd037 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/dal/sql-map-config.xml @@ -0,0 +1,19 @@ + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/config.xml b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/config.xml new file mode 100644 index 0000000..dbd6258 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/config.xml @@ -0,0 +1,122 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-modules.xml b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-modules.xml new file mode 100644 index 0000000..24da267 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-modules.xml @@ -0,0 +1,297 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-proxy.xml b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-proxy.xml new file mode 100644 index 0000000..2c3e166 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-proxy.xml @@ -0,0 +1,107 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-server.xml b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-server.xml new file mode 100644 index 0000000..6d87510 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-server.xml @@ -0,0 +1,140 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-status.xml b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-status.xml new file mode 100644 index 0000000..3cb3744 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-status.xml @@ -0,0 +1,39 @@ + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-users.xml b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-users.xml new file mode 100644 index 0000000..07e0a60 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-aaa-users.xml @@ -0,0 +1,27 @@ + + + + + + + + + + + diff --git a/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-db.xml b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-db.xml new file mode 100644 index 0000000..0b45a98 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-db.xml @@ -0,0 +1,209 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-freeradius.xml b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-freeradius.xml new file mode 100644 index 0000000..3049e41 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-freeradius.xml @@ -0,0 +1,25 @@ + + + + + + + + + diff --git a/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-jradius-client.xml b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-jradius-client.xml new file mode 100644 index 0000000..19810a0 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-jradius-client.xml @@ -0,0 +1,29 @@ + + + + + + + + + + + + + diff --git a/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-jradius-java.xml b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-jradius-java.xml new file mode 100644 index 0000000..9433d2e --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-jradius-java.xml @@ -0,0 +1,26 @@ + + + + + + + + + + diff --git a/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-jradius.xml b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-jradius.xml new file mode 100644 index 0000000..03b8ac9 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/ui-jradius.xml @@ -0,0 +1,22 @@ + + + + + + diff --git a/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/xml2radiusd.xsl b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/xml2radiusd.xsl new file mode 100644 index 0000000..417ecf5 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/ewt/resources/xml2radiusd.xsl @@ -0,0 +1,248 @@ + + + + + + + + + + + + + = " + + " + + + + + + + + + + + = + + + + + + + + + + + + + = + + + + + + + + +# This file is automatically generated from XML + + + + + + + + prefix + + + +exec_prefix = ${prefix} +sysconfdir = ${prefix}/etc +sbindir = ${exec_prefix}/sbin +raddbdir = ${sysconfdir}/raddb +db_dir = $(raddbdir) +confdir = ${raddbdir} +run_dir = ${localstatedir}/run/radiusd + + + + localstatedir + + + + + logdir + + + + + libdir + + + + + radacctdir + + + + + max_request_time + + + + + cleanup_delay + + + + + max_requests + + + + + delete_blocked_requests + + + + + user + + + + + group + + + + + checkrad + + + + + debug_level + + + + + pidfile + + + + + proxy_requests + + + + + hostname_lookups + + + + + allow_core_dumps + + + + + max_attributes + + + + + reject_delay + + + + + status_server + + + + + + + + + +security { + + + + max_attributes + + + + reject_delay + + + + status_server + + + +} + + + + +listen { + + + + ip + + + +} + + + + +thread pool { + + + + start_servers + + + + max_servers + + + + min_spare_servers + + + + max_spare_servers + + + + max_requests_per_server + + + +} + + + + diff --git a/extensions/ewt-server/src/main/resources/net/jradius/server/catalog.xml b/extensions/ewt-server/src/main/resources/net/jradius/server/catalog.xml new file mode 100644 index 0000000..6f40121 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/server/catalog.xml @@ -0,0 +1,100 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/extensions/ewt-server/src/main/resources/net/jradius/spring-config.xml b/extensions/ewt-server/src/main/resources/net/jradius/spring-config.xml new file mode 100644 index 0000000..c5b2ca7 --- /dev/null +++ b/extensions/ewt-server/src/main/resources/net/jradius/spring-config.xml @@ -0,0 +1,79 @@ + + + + + + + + + + + + + + + + + classpath:net/jradius/dal/sql-map-config.xml + + + true + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/extensions/pom.xml b/extensions/pom.xml new file mode 100644 index 0000000..d842223 --- /dev/null +++ b/extensions/pom.xml @@ -0,0 +1,46 @@ + + + + 4.0.0 + net.jradius + jradius-extensions + pom + ${project.artifactId}-${project.version} + 1.0.0-SNAPSHOT + Extended classes + + + net.jradius + jradius + 1.0.0-SNAPSHOT + ../pom.xml + + + + db + dal + ewt-server + ewt-client + + + + + + com.coova + coova-ewt-server + 1.0.0-snapshot-103 + + + + com.coova + coova-ewt-tools + 1.0.0-snapshot-103 + + + + + diff --git a/files/freeradius.sql b/files/freeradius.sql new file mode 100644 index 0000000..d027578 --- /dev/null +++ b/files/freeradius.sql @@ -0,0 +1,135 @@ +CREATE TABLE radippool ( + id serial, + pool_name varchar(30) NOT NULL, + framedipaddress varchar(15) NOT NULL default '', + nasipaddress varchar(15) NOT NULL default '', + calledstationid VARCHAR(30) NOT NULL, + callingstationid VARCHAR(30) NOT NULL, + expiry_time DATETIME NULL default NULL, + username varchar(64) NOT NULL default '', + pool_key varchar(30) NOT NULL, + PRIMARY KEY (id) +); + +CREATE TABLE nas ( + id serial, + nasname varchar(128) NOT NULL, + nastype varchar(30) DEFAULT 'other', + calledstationid varchar(64), + shortname varchar(32), + ports int(5), + secret varchar(60), + community varchar(50), + description varchar(200) DEFAULT 'RADIUS Client', + latitude double, + longitude double, + PRIMARY KEY (id), + KEY nasname (nasname), + KEY calledstationid (calledstationid) +); + +CREATE TABLE radacct ( + id serial, + acctsessionid varchar(64) NOT NULL default '', + acctuniqueid varchar(64) NOT NULL default '', + username varchar(64) NOT NULL default '', + groupname varchar(64) NOT NULL default '', + realm varchar(64) default '', + nasipaddress varchar(64) NOT NULL default '', + nasportid varchar(15) default NULL, + nasporttype varchar(32) default NULL, + acctstarttime datetime NULL default NULL, + acctstoptime datetime NULL default NULL, + acctsessiontime integer default NULL, + acctauthentic varchar(32) default NULL, + connectinfo_start varchar(64) default NULL, + connectinfo_stop varchar(64) default NULL, + acctinputoctets bigint(20) default NULL, + acctoutputoctets bigint(20) default NULL, + calledstationid varchar(64) NOT NULL default '', + callingstationid varchar(64) NOT NULL default '', + acctterminatecause varchar(32) NOT NULL default '', + servicetype varchar(32) default NULL, + framedprotocol varchar(64) default NULL, + framedipaddress varchar(64) NOT NULL default '', + acctstartdelay integer default NULL, + acctstopdelay integer default NULL, + xascendsessionsvrkey varchar(10) default NULL, + PRIMARY KEY (id), + KEY username (username), + KEY framedipaddress (framedipaddress), + KEY acctsessionid (acctsessionid), + KEY acctsessiontime (acctsessiontime), + KEY acctuniqueid (acctuniqueid), + KEY acctstarttime (acctstarttime), + KEY acctstoptime (acctstoptime), + KEY nasipaddress (nasipaddress) +); + +CREATE TABLE radcheck ( + id serial, + username varchar(64) NOT NULL default '', + attribute varchar(64) NOT NULL default '', + op char(2) NOT NULL DEFAULT '==', + value varchar(253) NOT NULL default '', + PRIMARY KEY (id), + KEY username (username) +); + +CREATE TABLE radgroupcheck ( + id serial, + groupname varchar(64) NOT NULL default '', + attribute varchar(64) NOT NULL default '', + op char(2) NOT NULL DEFAULT '==', + value varchar(253) NOT NULL default '', + PRIMARY KEY (id), + KEY groupname (groupname) +); + +CREATE TABLE radgroupreply ( + id serial, + groupname varchar(64) NOT NULL default '', + attribute varchar(64) NOT NULL default '', + op char(2) NOT NULL DEFAULT '=', + value varchar(253) NOT NULL default '', + PRIMARY KEY (id), + KEY groupname (groupname) +); + +CREATE TABLE radreply ( + id serial, + username varchar(64) NOT NULL default '', + attribute varchar(64) NOT NULL default '', + op char(2) NOT NULL DEFAULT '=', + value varchar(253) NOT NULL default '', + PRIMARY KEY (id), + KEY username (username) +); + +CREATE TABLE radusergroup ( + id serial, + username varchar(64) NOT NULL default '', + groupname varchar(64) NOT NULL default '', + priority integer NOT NULL default '1', + PRIMARY KEY (id), + KEY username (username) +); + +CREATE TABLE radpostauth ( + id serial, + username varchar(64) NOT NULL default '', + pass varchar(64) NOT NULL default '', + reply varchar(64) NOT NULL default '', + authdate timestamp(14) NOT NULL, + PRIMARY KEY (id), + KEY username (username) +); + +CREATE TABLE uihelp ( + id serial, + keyid varchar(64), + helptext varchar(1000), + PRIMARY KEY (id), + KEY keyid (keyid) +); + diff --git a/files/simulations/IRAP-Compliant b/files/simulations/IRAP-Compliant new file mode 100644 index 0000000..dc16332 --- /dev/null +++ b/files/simulations/IRAP-Compliant @@ -0,0 +1,13 @@ +#JRadiusSimulator +#Fri Jul 08 18:47:45 CEST 2005 +SimulationType=1 +AuthType=0 +GenerateAcctSessionId=true +Retries=0 +RadiusServer=localhost +CheckStandard=1 +AttributesTableEntries=H4sIAAAAAAAAAKVVz2sTQRR+aSv2h+lPFaUogr8Qu9tsEVsbEWNVDKRtsK2C4mGanYZpt5PtzNs28SAK3vwHLNa7B8GTNw+ioiJ4Ebx5Fw96FTw5M7ttNlXKVsPyDm/m+973vTczefoddkgBffNkmdgBMs/OCUFqBSaxeu/TgdV35HEzpPLQItltWvUBoGelRcX9CmRziracs+cFcVkg7ZLHKEe7HDA7hyjYbIBUTpNZj17iKGoQ/ZqgtQBpUipRKa/SpYBKROgraAWDHuHlwQuVikcJzxagS+2qBBwZL08hEbgEd6C5AJ3xdMWPst317IzvEqRRPk3WxUyQRYrQGys1pVZ4Oasp1zddI15goC0KigHn1ItURnzty3rHmEekROiJkZlUtuqr1vSYfuqsHbn5eEjc/bz260cTpG7ADkNR9VOasrUeENpmJBVWKLRFtQ+lXtiZWhbgbGq3T0oLKrMh3DakdmjJuBh3z4vXj16MqJoF6JD1BWOvKuBUMspcQ2/qcwTlVVM1GfGhUtCx2wSEtHFTVG1ZqQg3cqTXOpSf0WTFL/GSqPlI3ZixtoW1nw+c1B4tIXFjJktIURr8yW/tr24NPbmvGnMT2mZrkTOEppsXqlpfOvQVNV/HffWA0DmRm7LyRSvnuoLqY9DhnBmyndMjtmM7UR+STyxf1DxGwbMvV4aPvLv73kysmyl8VCLStzc8bio/mK8vZuOaN4ltUOyq+8nmGBUI7XoUFieSuXpLvw6dWzGkNUOxItCarvlKStd1JqinqlsjGeXdMSzKdCaZaX3EXePq+df88Iej9kPjudWsjhNfFQi96kdpUCWyatJDCRvKkZZp2FF4e3jg5Ztjq4Z9F4utND46ESZBK1vXG4GQyoSudTy+FaZnjHgedS31iiGrcDUJNZJMZjT2JZtCryZS16CRyXFGY9/fmPr/lHRZ6BE0HON07BjHFB3ciqcrVyqhNaXw63K6zpIAK4fKlFOhnuFzyfSEPBepR2rWNFs0b9TAxlZrE7S/wUqDhH8C57kfoBU+EdsA9xrwZID/gQ5LF81R3g66L157m/B+hN0GPk3FIuNqStYYCaS6E7vMkx37xzOgE9Xf1YkMAykIAAA\= +AuthPort=1812 +StopOnReject=true +SharedSecret=testing123 +AcctPort=1813 diff --git a/files/simulations/IRAP-UAM-Compliant b/files/simulations/IRAP-UAM-Compliant new file mode 100644 index 0000000..e080adc --- /dev/null +++ b/files/simulations/IRAP-UAM-Compliant @@ -0,0 +1,13 @@ +#JRadiusSimulator +#Fri Jul 08 12:18:59 CEST 2005 +SimulationType=1 +AuthType=0 +GenerateAcctSessionId=true +Retries=1 +RadiusServer=localhost +CheckStandard=1 +AttributesTableEntries=H4sIAAAAAAAAAJVVz08TQRSelhKBUii/TEw0If6Kie7SrUQQlFgQtUmFxhZNJB6G3aEZWKbLzCy0Hgwm3vwHJOLdg4knbx6MGjEmXky8eTce9GriyZnZbbstimu7eYc3+33ve+/Ne/vsO2hnFAyswA2ouxzbeoZSWM1hxiv3Px3Z3oVP2kAkC2IM30UVBwAwuBkT9pAA6QRxnS3rKxRa2GW6aWNEuF5ysZ7hnOIllyNWhEs2miWcVoH/i4KOHEhA00SM3UDrLmKcg4GcVDBiQ1IamS6XbQTJZA70irfKLuGYlAocUr4O7oG2HOgJusuO7002vAuOBTny/QlYEzMH1xAH/YFQBXFCSpOSsvbSTWi7ChoTUO4Sgmxfpc/XtSHfmLEhYxz0BciUa7LiiNL0qXpKr+5n83GYbn3e+fUjCiK3QbuiqDgRSdnRMBx0LjBENU9oTJSPM3lwILJBgdFSbgeaq8JTF64rUt1LSWVx3bpE3zx+OS5i5kCcNQ5UehUKRsNRZppq0+gjELlKqqgS7ykF0iaV4SChssmLsmyWqeVnJM/iIp+JcMFniUmrDkdWILHO1Z2fD43IkJQQujDzJkecKfzpb12v76SfPhCFWQSdS1U/Mw6ii9MVqS8RyGtPj3rmMgUtm9cylkWRvARx43xaN86N64ZuqMzDdyublywq+vMv18aO7269V91KYoH3A/jaDnpXTfhHso3DyVa98RbDQYfUmy9TMWaRur50SH2EoxLyBIJ3x868entyWwnsxoGT5vn1MSGUJWrKtGLVESy9tzBFtshKG0+JitbFpsKJlWNjKUEvvmbHPpzQHympHer0OnREAE+mXHQjwuFJHN6v2d0FRDewiXyF8StUBtHkxa7f9FP7EfT5iOCF6TTSY3pK/I06x+F9OWagbQsOsQQ5LhMtK2apJ5WaCDx1op79iPolkZiiZibDmAg8f2La2zpvCCyx8PEyRpSDLjnbGoEMW60Mgc3QxNGbMU2uFURJalKSF6DLy8MlRBAVG9ya+guVvxWlVa9M1cguIxtWtSKW+zOiinJRmqONVJJ1U5PR1yTDw8aMdKCmIeBZ4rhc83aMhKfSZ8PB+xV83uWt+NH/wXvh82ouBD5qhBQ/EIzegKdDwgcDwa/iEpRrntUq/2/4UDB6SHyg9cmagCKia5iIC6PNQJeJ9nWrD0/gu+3NaeU3R/y9TO8IAAA\= +AuthPort=1812 +StopOnReject=true +SharedSecret=testing123 +AcctPort=1813 diff --git a/files/simulations/Simple-AuthOnly b/files/simulations/Simple-AuthOnly new file mode 100644 index 0000000..d814dad --- /dev/null +++ b/files/simulations/Simple-AuthOnly @@ -0,0 +1,13 @@ +#JRadiusSimulator +#Thu Jul 07 11:35:48 CEST 2005 +SimulationType=0 +AuthType=0 +GenerateAcctSessionId=false +Retries=0 +RadiusServer=localhost +CheckStandard=0 +AttributesTableEntries=H4sIAAAAAAAAAI1RPS8EURS9M1ZYsr42CoVEL54QhdjGEoVkfMRXQRRvZ57NMN6M9+7sziqEROcXCHqFn6CiUGkkfoSCVqLy3tthl2pfcYtz7z33nPPu3qFdCsjv0wolMfoBKQpBa44vMTl7Gb58ojdtYC1CRvrHLIkAwK5mVB1SS4QzJHKP7Avq+bEkbuAzjqQc+6SIKPxSjExu0FLAFjiKGqTPhk4HctR1mZRr7ChmEhHyjlYwHlBeHp8Lw4BRXnCgV02FMUefl9eRCjyCE2hzoKcZDqMU7Wugm5FHkaV4jv6IWaaHDGGg6dS66vByQVP+DG3RIDarGbWKMecsSFWmfF0VPTEfUCkR+pvIDFRIIhVNv8lToyR18zwiTl+vvz5ssLah3VAkkaUpOxsFIbspmRirC82o+FDqRodVETDxL+6IugcK+RVODCmpWzIulrxZ8Xh1P61uOtAtGw1jLxEw1Rpl8U82jX8E5VVT2UZ8XSno2mcKQs64WVWxVEPhpY50r1v5mWnt+AJ3RS1C5jUZyx5cf15MWINaQsvBrLjIUJr90beuh93J23MVzA5kS7XUGYK9M5dofbnkG/XjmlYZAwAA +AuthPort=1812 +StopOnReject=false +SharedSecret=testing123 +AcctPort=1813 diff --git a/files/simulations/Simple-Session b/files/simulations/Simple-Session new file mode 100644 index 0000000..e00b1e9 --- /dev/null +++ b/files/simulations/Simple-Session @@ -0,0 +1,13 @@ +#JRadiusSimulator +#Sun Jul 10 10:00:21 CEST 2005 +SimulationType=1 +AuthType=0 +GenerateAcctSessionId=true +Retries=0 +RadiusServer=localhost +CheckStandard=0 +AttributesTableEntries=H4sIAAAAAAAAAI1TPW/TQBh+nabQpCRtqJBACCkSiAXifoAQIgiRog6RTEGkZaBiuNhX61pzdu9epw4DAomNX1BRdgZ+AgMCBBMLEj+CAVYkJu4ubuyEJR5e2e/Hc8/z+L13v2BaCljYIT1ix8gCuyUE6TtMYvLi+7mDr+TNFFhtKEr2lCYRABzbL6p4Rg3ZnKItt+0dQTwWS9sNGOVo+zGzW4iCdWOkcoN0A7rGUfQhfQow40CFuC6V8gHdi6lEhAVHM1gMCPcXV8MwoIQ3HZhTXWHMkXG/g0TgHjyDKQeq+XQYpdn5LLsZeQRpmq+QIzLr5AlFOJk7qqMq3G9qyKOmhySIzWhRjWLMOQ1Slileuac77gRESoRaDsykmkmkrKkZP3XWTtV8q4vnPw7//i6A9QimDUQSWRpyJgsIpU1JRWNAtKjsQ6kLx62egOUxuyPi7qrMkLhtQO2BJKPirndbfHr9/ro604FZmRWMvETA1ckgWyPeZP8RlFYNVTDkB0xBx3kTECpGzX1ly34ovFSRrs0qPTcmO3yNu6IfIfVywkq7h39eLVunNIWJjbnnIkVp5i/9LH98vPL2pTJmC0rdfqoMobC1mmh+lYGu1HwdT2cBobre6jTantp2ts2oQChrYQ1OJPNyNlQzd87+hzHXcl1sdNQlYCFXYCpzk8QY1n3KqVDre2s4N46TBYVTG8HZYHpzCleWTItyeWUyc9ocqU/F4Ad/OX/5w+eLB2ZtTrBcZfSepjPNvGNj9IZvdUXq2tLw80LyD5WtClh5BAAA +AuthPort=1812 +StopOnReject=true +SharedSecret=testing123 +AcctPort=1813 diff --git a/files/webstart/JRadiusSimulator-IRAP.jnlp b/files/webstart/JRadiusSimulator-IRAP.jnlp new file mode 100644 index 0000000..45bd8bc --- /dev/null +++ b/files/webstart/JRadiusSimulator-IRAP.jnlp @@ -0,0 +1,31 @@ + + + + + + JRadiusSimulator + JRadius.org + + JRadius RADIUS Simulator Application + + + + + + + + + + + + + + + + + + +http://jradius.org/simulations/IRAP-Compliant + + + diff --git a/files/webstart/JRadiusSimulator-Sample.jnlp b/files/webstart/JRadiusSimulator-Sample.jnlp new file mode 100644 index 0000000..d60edbc --- /dev/null +++ b/files/webstart/JRadiusSimulator-Sample.jnlp @@ -0,0 +1,31 @@ + + + + + + JRadiusSimulator + JRadius.org + + JRadius RADIUS Simulator Application + + + + + + + + + + + + + + + + + + +http://jradius.org/simulations/Simple-Session + + + diff --git a/files/webstart/JRadiusSimulator.jnlp b/files/webstart/JRadiusSimulator.jnlp new file mode 100644 index 0000000..8391b2e --- /dev/null +++ b/files/webstart/JRadiusSimulator.jnlp @@ -0,0 +1,29 @@ + + + + + + JRadiusSimulator + coova.org + + JRadius RADIUS Simulator Application + + + + + + + + + + + + + + + + + + + + diff --git a/freeradius/README b/freeradius/README new file mode 100644 index 0000000..e17f02f --- /dev/null +++ b/freeradius/README @@ -0,0 +1,93 @@ + +Building and installing FreeRADIUS with JRadius support: + +- rlm_jradius is now part of the FreeRADIUS CVS tree for version 2.0! + +- Download the latest FreeRADIUS server. + + wget ftp://ftp.freeradius.org/pub/radius/freeradius-1.X.X.tar.gz + +- Unpack FreeRADIUS + + tar xzf freeradius-1.X.X.tar.gz + cd freeradius-1.X.X + +- Download the JRadius patch and apply it + + wget http://dev.coova.org/svn/cjradius/freeradius/patch/freeradius-1.X.X.patch + patch -p1 < freeradius-1.X.X.patch + +- Compile and install. + + ./configure + make + make install + + +If upgrading an existing configuration: + +- Configure FreeRADIUS with the rlm_jradius module. Below we show bits of + the FreeRADIUS etc/raddb/radiusd.conf file. We are only showing the + configurations for JRadius. + + modules { + ... + jradius { + name = "example" # The "Requester" name (a single + # JRadius server can have + # multiple "applications") + primary = "localhost" # Uses default port 1814 + secondary = "192.168.0.1" # Fail-over server + tertiary = "192.168.0.1:8002" # Fail-over server on port 8002 + timeout = 1 # Connect Timeout + onfail = NOOP # What to do if no JRadius + # Server is found. Options are: + # FAIL (default), OK, REJECT, NOOP + } + } + + authorize { + ... + jradius + } + + post-auth { + ... + jradius + Post-Auth-Type REJECT { # Use this if you want to + jradius # process AccessReject replies + } # from the post-auth handler. + } + + preacct { + ... + jradius + } + + accounting { + ... + jradius + } + + For the most part, the above configurations are considered to be + required. Only if your FreeRADIUS server is a proxy server would the + following also be used: + + pre-proxy { + ... + jradius + } + + post-proxy { + ... + jradius + } + + Just like with any FreeRADIUS module, you can add this to any of the + FreeRADIUS entry points. It is probably best to add 'jradius' to the + configurations after all other modules. + +- Include the dict/dictionary.jradius dictionary file in your FreeRADIUS + dictionary configuration. You can just simply copy the contents of dict/ + to your FreeRADIUS dictionary directory for the default FreeRADIUS + dictionary plus JRadius VSAs. diff --git a/freeradius/dict/copy-dict b/freeradius/dict/copy-dict new file mode 100644 index 0000000..ca5e719 --- /dev/null +++ b/freeradius/dict/copy-dict @@ -0,0 +1,8 @@ +#!/bin/sh + +dictdir=~/coova/freeradius/radiusd/share + +for d in $dictdir/dictionary*; do + n=`basename $d` + cat $d |grep -v '^#' > $n +done diff --git a/freeradius/dict/dictionary b/freeradius/dict/dictionary new file mode 100644 index 0000000..dc916d4 --- /dev/null +++ b/freeradius/dict/dictionary @@ -0,0 +1,215 @@ +# -*- text -*- +# +# Version $Id$ +# +# DO NOT EDIT THE FILES IN THIS DIRECTORY +# +# The files in this directory are maintained and updated by +# the FreeRADIUS project. Newer releases of software may update +# or change these files. +# +# Use the main dictionary file (usually /etc/raddb/dictionary) +# for local system attributes and $INCLUDEs. +# +# +# +# This file contains dictionary translations for parsing +# requests and generating responses. All transactions are +# composed of Attribute/Value Pairs. The value of each attribute +# is specified as one of 4 data types. Valid data types are: +# +# text - printable, generally UTF-8 encoded (subset of 'string') +# string - 0-253 octets +# ipaddr - 4 octets in network byte order +# integer - 32 bit value in big endian order (high byte first) +# date - 32 bit value in big endian order - seconds since +# 00:00:00 GMT, Jan. 1, 1970 +# ifid - 8 octets in network byte order +# ipv6addr - 16 octets in network byte order +# ipv6prefix - 18 octets in network byte order +# ether - 6 octets of hh:hh:hh:hh:hh:hh +# where 'h' is hex digits, upper or lowercase. +# +# FreeRADIUS includes extended data types which are not defined +# in the RFC's. These data types are: +# +# abinary - Ascend's binary filter format. +# octets - raw octets, printed and input as hex strings. +# e.g.: 0x123456789abcdef +# +# +# Enumerated values are stored in the user file with dictionary +# VALUE translations for easy administration. +# +# Example: +# +# ATTRIBUTE VALUE +# --------------- ----- +# Framed-Protocol = PPP +# 7 = 1 (integer encoding) +# + +# +# Include compatibility dictionary for older users file. Move +# this directive to the end of this file if you want to see the +# old names in the logfiles, INSTEAD OF the new names. +# +$INCLUDE dictionary.compat +$INCLUDE dictionary.coova +$INCLUDE dictionary.chillispot + +# +# Include the RFC dictionaries next. +# +# For a complete list of the standard attributes and values, +# see: +# http://www.iana.org/assignments/radius-types +# +$INCLUDE dictionary.rfc2865 +$INCLUDE dictionary.rfc2866 +$INCLUDE dictionary.rfc2867 +$INCLUDE dictionary.rfc2868 +$INCLUDE dictionary.rfc2869 +$INCLUDE dictionary.rfc3162 +$INCLUDE dictionary.rfc3576 +$INCLUDE dictionary.rfc3580 +$INCLUDE dictionary.rfc4072 +$INCLUDE dictionary.rfc4372 +$INCLUDE dictionary.rfc4675 +$INCLUDE dictionary.rfc4679 +$INCLUDE dictionary.rfc5176 + +# +# Include vendor dictionaries after the standard ones. +# +$INCLUDE dictionary.3com +$INCLUDE dictionary.3gpp +$INCLUDE dictionary.3gpp2 +$INCLUDE dictionary.acc +$INCLUDE dictionary.airespace +$INCLUDE dictionary.alcatel +$INCLUDE dictionary.alteon +$INCLUDE dictionary.alvarion +$INCLUDE dictionary.apc +$INCLUDE dictionary.aruba +$INCLUDE dictionary.azaire +$INCLUDE dictionary.ascend +$INCLUDE dictionary.bay +$INCLUDE dictionary.bintec +$INCLUDE dictionary.cablelabs +$INCLUDE dictionary.cabletron +$INCLUDE dictionary.cisco +# +# The Cisco VPN300 dictionary is the same as the altiga one. +# You shouldn't use both at the same time. +# +#$INCLUDE dictionary.cisco.vpn3000 +$INCLUDE dictionary.cisco.vpn5000 +$INCLUDE dictionary.cisco.bbsm +$INCLUDE dictionary.clavister +$INCLUDE dictionary.colubris +$INCLUDE dictionary.cosine +$INCLUDE dictionary.dhcp +$INCLUDE dictionary.digium +$INCLUDE dictionary.epygi +$INCLUDE dictionary.erx +$INCLUDE dictionary.ericsson +$INCLUDE dictionary.extreme +$INCLUDE dictionary.freeradius +$INCLUDE dictionary.fortinet +$INCLUDE dictionary.foundry +$INCLUDE dictionary.gandalf +$INCLUDE dictionary.gemtek +$INCLUDE dictionary.h3c +$INCLUDE dictionary.hp +$INCLUDE dictionary.huawei +$INCLUDE dictionary.issanni +$INCLUDE dictionary.itk +$INCLUDE dictionary.ipunplugged +$INCLUDE dictionary.juniper +$INCLUDE dictionary.jradius +$INCLUDE dictionary.karlnet +$INCLUDE dictionary.livingston +$INCLUDE dictionary.localweb +$INCLUDE dictionary.lucent +$INCLUDE dictionary.manzara +$INCLUDE dictionary.merit +$INCLUDE dictionary.microsoft +$INCLUDE dictionary.mikrotik +$INCLUDE dictionary.navini +$INCLUDE dictionary.netscreen +$INCLUDE dictionary.nexans +$INCLUDE dictionary.ntua +$INCLUDE dictionary.nokia +# +# Commented out because of attribute conflicts. +# +#$INCLUDE dictionary.nokia.conflict +$INCLUDE dictionary.nomadix +$INCLUDE dictionary.nortel +# +# Commented out because of attribute conflicts. +# +#$INCLUDE dictionary.openser +$INCLUDE dictionary.packeteer +$INCLUDE dictionary.patton +$INCLUDE dictionary.propel +$INCLUDE dictionary.prosoft +$INCLUDE dictionary.quiconnect +$INCLUDE dictionary.quintum +$INCLUDE dictionary.redback +$INCLUDE dictionary.redcreek +$INCLUDE dictionary.riverstone +$INCLUDE dictionary.roaringpenguin +$INCLUDE dictionary.shasta +$INCLUDE dictionary.shiva +$INCLUDE dictionary.slipstream +$INCLUDE dictionary.sonicwall +$INCLUDE dictionary.springtide +$INCLUDE dictionary.starent +$INCLUDE dictionary.telebit +$INCLUDE dictionary.trapeze +$INCLUDE dictionary.tropos +$INCLUDE dictionary.t_systems_nova +$INCLUDE dictionary.usr +$INCLUDE dictionary.valemount +$INCLUDE dictionary.versanet +$INCLUDE dictionary.vqp +$INCLUDE dictionary.waverider +$INCLUDE dictionary.walabi +$INCLUDE dictionary.wispr +$INCLUDE dictionary.xedia +$INCLUDE dictionary.xylan + +# +# And finally the server internal attributes. +# +$INCLUDE dictionary.freeradius.internal + +# +# Miscellaneous attributes defined in weird places that +# don't really belong anywhere else... +# +ATTRIBUTE Originating-Line-Info 94 string + +# As defined in draft-sterman-aaa-sip-00.txt +ATTRIBUTE Digest-Response 206 string +ATTRIBUTE Digest-Attributes 207 octets # stupid format + +# +# Integer Translations +# +VALUE Service-Type Voice 12 +VALUE Service-Type Fax 13 +VALUE Service-Type Modem-Relay 14 +VALUE Service-Type IAPP-Register 15 +VALUE Service-Type IAPP-AP-Check 16 + +VALUE Framed-Protocol GPRS-PDP-Context 7 + +VALUE NAS-Port-Type Wireless-CDMA2000 22 +VALUE NAS-Port-Type Wireless-UMTS 23 +VALUE NAS-Port-Type Wireless-1X-EV 24 +VALUE NAS-Port-Type IAPP 25 + +VALUE Framed-Protocol PPTP 9 diff --git a/freeradius/dict/dictionary.3com b/freeradius/dict/dictionary.3com new file mode 100644 index 0000000..e7d6e9e --- /dev/null +++ b/freeradius/dict/dictionary.3com @@ -0,0 +1,52 @@ +# -*- text -*- +# +# 3com SuperStack Firewall dictionary +# Bought from Sonicwall, apparently, from Enterprise number 8741. +# +# $Id$ +# + +VENDOR 3com 43 + +# +# These attributes contain the access-level value. +# +BEGIN-VENDOR 3com + +ATTRIBUTE 3Com-User-Access-Level 1 integer + +# Read-only access to basic network tools (ping, etc) +VALUE 3Com-User-Access-Level 3Com-Visitor 0 + +# Read-only access to manageable (not security) parameters +VALUE 3Com-User-Access-Level 3Com-Monitor 1 + +# Read-write access to manageable (not security) parameters +VALUE 3Com-User-Access-Level 3Com-Manager 2 + +# Read-write access to all manageable parameters +VALUE 3Com-User-Access-Level 3Com-Administrator 3 + +ATTRIBUTE 3Com-VLAN-Name 2 string +ATTRIBUTE 3Com-Mobility-Profile 3 string +ATTRIBUTE 3Com-Encryption-Type 4 string +ATTRIBUTE 3Com-Time-Of-Day 5 string +ATTRIBUTE 3Com-SSID 6 string + +# String formatted as: YY/MM/DD-HH:MM +# NOT as a "date" attribute! +ATTRIBUTE 3Com-End-Date 7 string + +# Commented out, because the 3Com documentation +# gives it the same number as End-Date, above. +#ATTRIBUTE 3Com-Start-Date 7 string + +# URL where the user is redirected after WebAAA +ATTRIBUTE 3Com-URL 8 string + +ATTRIBUTE 3Com-Connect_Id 26 integer +ATTRIBUTE 3Com-NAS-Startup-Timestamp 59 integer +ATTRIBUTE 3Com-Ip-Host-Addr 60 string +ATTRIBUTE 3Com-Product-ID 255 string + +END-VENDOR 3com diff --git a/freeradius/dict/dictionary.3gpp b/freeradius/dict/dictionary.3gpp new file mode 100644 index 0000000..d9b7df1 --- /dev/null +++ b/freeradius/dict/dictionary.3gpp @@ -0,0 +1,43 @@ +# -*- text -*- +# +# 3GPP stuff. +# +# ftp://ftp.3gpp.org/specs/2002-06/R1999/29_series/29061-3a0.zip +# +# $Id$ +# +VENDOR 3GPP 10415 + +BEGIN-VENDOR 3GPP + +# +# Most of the 'string' attributes are UTF-8 encoded text. +# Maybe we want a UTF-8 'type' in the server... +# +ATTRIBUTE 3GPP-IMSI 1 string +ATTRIBUTE 3GPP-Charging-ID 2 integer +ATTRIBUTE 3GPP-PDP-Type 3 integer +ATTRIBUTE 3GPP-Charging-Gateway-Address 4 ipaddr +ATTRIBUTE 3GPP-GPRS-Negotiated-QoS-profile 5 string +ATTRIBUTE 3GPP-SGSN-Address 6 ipaddr +ATTRIBUTE 3GPP-GGSN-Address 7 ipaddr +ATTRIBUTE 3GPP-IMSI-MCC-MNC 8 string +ATTRIBUTE 3GPP-GGSN-MCC-MNC 9 string +ATTRIBUTE 3GPP-NSAPI 10 string +ATTRIBUTE 3GPP-Session-Stop-Indicator 11 octets +ATTRIBUTE 3GPP-Selection-Mode 12 string +ATTRIBUTE 3GPP-Charging-Characteristics 13 string +ATTRIBUTE 3GPP-Charging-Gateway-IPv6-Address 14 ipv6addr +ATTRIBUTE 3GPP-SGSN-IPv6-Address 15 ipv6addr +ATTRIBUTE 3GPP-GGSN-IPv6-Address 16 ipv6addr + +# +# This attribute is really an array of IPv6 addresses. +# Why the heck couldn't they just send multiple attributes? +# +ATTRIBUTE 3GPP-IPv6-DNS-Servers 17 octets + +ATTRIBUTE 3GPP-SGSN-MCC-MNC 18 string +ATTRIBUTE 3GPP-Teardown-Indicator 19 octets + +END-VENDOR 3GPP diff --git a/freeradius/dict/dictionary.3gpp2 b/freeradius/dict/dictionary.3gpp2 new file mode 100644 index 0000000..d65985e --- /dev/null +++ b/freeradius/dict/dictionary.3gpp2 @@ -0,0 +1,132 @@ +# -*- text -*- +# +# 3GPP2 stuff. +# +# http://www.3gpp2.org/Public_html/specs/index.cfm +# X.S0011-005-C v1.0 +# http://www.3gpp2.org/Public_html/specs/X.S0011-005-C_v2.0_050708.pdf +# +# $Id$ +# +VENDOR 3GPP2 5535 + +BEGIN-VENDOR 3GPP2 + +ATTRIBUTE 3GPP2-Ike-Preshared-Secret-Request 1 integer +ATTRIBUTE 3GPP2-Security-Level 2 integer +ATTRIBUTE 3GPP2-Pre-Shared-Secret 3 string # 18 octets +ATTRIBUTE 3GPP2-Reverse-Tunnel-Spec 4 integer +ATTRIBUTE 3GPP2-Diffserv-Class-Option 5 integer + +# Contains embedded 3GPP2 accounting attributes. +ATTRIBUTE 3GPP2-Accounting-Container 6 octets +ATTRIBUTE 3GPP2-Home-Agent-IP-Address 7 ipaddr + +# A number formed from the concatenation of the home RADIUS IP address, +# the FA IP address, and a 32-bit Unix timestamp, all encoded as 8 ASCII +# hex characters. +ATTRIBUTE 3GPP2-KeyID 8 string # 22 octets + +ATTRIBUTE 3GPP2-PCF-IP-Address 9 ipaddr +ATTRIBUTE 3GPP2-BSID 10 string +ATTRIBUTE 3GPP2-User-Id 11 integer +ATTRIBUTE 3GPP2-Forward-FCH-Mux-Option 12 integer +ATTRIBUTE 3GPP2-Reverse-FCH-Mux-Option 13 integer +# +# 14-15 ? +# +ATTRIBUTE 3GPP2-Service-Option 16 integer +ATTRIBUTE 3GPP2-Forward-Traffic-Type 17 integer +ATTRIBUTE 3GPP2-Reverse-Traffic-Type 18 integer +ATTRIBUTE 3GPP2-FCH-Frame-Size 19 integer +ATTRIBUTE 3GPP2-Forward-FCH-RC 20 integer +ATTRIBUTE 3GPP2-Reverse-FCH-RC 21 integer +ATTRIBUTE 3GPP2-IP-Technology 22 integer +ATTRIBUTE 3GPP2-Compulsory-Tunnel-Indicator 23 integer +ATTRIBUTE 3GPP2-Release-Indicator 24 integer +ATTRIBUTE 3GPP2-Bad-PPP-Frame-Count 25 integer +# +# 26-29 ? +# +ATTRIBUTE 3GPP2-Number-Active-Transitions 30 integer +ATTRIBUTE 3GPP2-Terminating-SDB-Octet-Count 31 integer +ATTRIBUTE 3GPP2-Originating-SDB-OCtet-Count 32 integer +ATTRIBUTE 3GPP2-Terminating-Number-SDBs 33 integer +ATTRIBUTE 3GPP2-Originating-Number-SDBs 34 integer +# 35 ? +ATTRIBUTE 3GPP2-IP-QoS 36 integer +# 37-38 ? +ATTRIBUTE 3GPP2-Airlink-Priority 39 integer +ATTRIBUTE 3GPP2-Airlink-Record-Type 40 integer # ? +#ATTRIBUTE 3GPP2-R-P-Session-ID 41 string +ATTRIBUTE 3GPP2-Airlink-Sequence-Number 42 integer # ? +ATTRIBUTE 3GPP2-Received-HDLC-Octets 43 integer +ATTRIBUTE 3GPP2-Correlation-Id 44 string +ATTRIBUTE 3GPP2-Module-Orig-Term-Indicator 45 octets # ? +ATTRIBUTE 3GPP2-Inbound-Mobile-IP-Sig-Octets 46 integer +ATTRIBUTE 3GPP2-Outbound-Mobile-IP-Sig-Octets 47 integer +ATTRIBUTE 3GPP2-Session-Continue 48 integer +ATTRIBUTE 3GPP2-Active-Time 49 integer +ATTRIBUTE 3GPP2-DCCH-Frame-Size 50 integer +ATTRIBUTE 3GPP2-Begin-Session 51 integer +ATTRIBUTE 3GPP2-ESN 52 string +# 53 ? +ATTRIBUTE 3GPP2-S-Key 54 octets +ATTRIBUTE 3GPP2-S-Request 55 integer +ATTRIBUTE 3GPP2-S-Lifetime 56 date +ATTRIBUTE 3GPP2-MN-HA-SPI 57 integer +ATTRIBUTE 3GPP2-MN-HA-Shared-Key 58 string encrypt=2 + +# The next set of attributes contain sub-types +ATTRIBUTE 3GPP2-Remote-IP-Address 59 octets + +# 60 - 69 are marked "reserved" + +ATTRIBUTE 3GPP2-Remote-IPv6-Address 70 octets +ATTRIBUTE 3GPP2-Remote-Address-Table-Index 71 octets +ATTRIBUTE 3GPP2-Remote-IPv4-Addr-Octet-Count 72 octets +ATTRIBUTE 3GPP2-Allowed-Diffserv-Marking 73 octets +ATTRIBUTE 3GPP2-Service-Option-Profile 74 octets + +# the following don't contain subtypes +ATTRIBUTE 3GPP2-DNS-Update-Required 75 integer + +# Is this 76 or 78? Check... +#ATTRIBUTE 3GPP2-Always-On 76 integer +# 77 ? +#ATTRIBUTE 3GPP2-Always-On 78 integer +ATTRIBUTE 3GPP2-Foreign-Agent-Address 79 ipaddr +ATTRIBUTE 3GPP2-Last-User-Activity-Time 80 integer +ATTRIBUTE 3GPP2-MN-AAA-Removal-Indication 81 integer +ATTRIBUTE 3GPP2-RN-Packet-Data-Inactivity-Timer 82 integer +ATTRIBUTE 3GPP2-Forward-PDCH-RC 83 integer +ATTRIBUTE 3GPP2-Forward-DCCH-Mux-Option 84 integer +ATTRIBUTE 3GPP2-Reverse-DCCH-Mux-Option 85 integer +ATTRIBUTE 3GPP2-Forward-DCCH-RC 86 integer +ATTRIBUTE 3GPP2-Reverse-DHHC-RC 87 integer +ATTRIBUTE 3GPP2-Session-Termination-Capability 88 integer +ATTRIBUTE 3GPP2-Allowed-Persistent-TFTs 89 integer + +# The next set of attributes contain sub-types +ATTRIBUTE 3GPP2-Prepaid-Acct-Quota 90 octets +ATTRIBUTE 3GPP2-Prepaid-acct-Capability 91 octets +ATTRIBUTE 3GPP2-MIP-Lifetime 92 octets + +ATTRIBUTE 3GPP2-Acct-Stop-Trigger 93 integer + +# contains subtypes +ATTRIBUTE 3GPP2-Service-Reference-Id 94 octets + +ATTRIBUTE 3GPP2-DNS-Update-Capability 95 integer +ATTRIBUTE 3GPP2-Disconnect-Reason 96 integer + +# The next set of attributes contain sub-types +ATTRIBUTE 3GPP2-Remote-IPv6-Octet-Count 97 octets +ATTRIBUTE 3GPP2-PrePaid-Tariff-Switching 98 octets + +ATTRIBUTE 3GPP2-HA-Request 168 integer +ATTRIBUTE 3GPP2-HA-Authorised 169 integer +ATTRIBUTE 3GPP2-IP-Ver-Authorised 172 integer +ATTRIBUTE 3GPP2-MIPv4-Mesg-Id 173 string + +END-VENDOR 3GPP2 diff --git a/freeradius/dict/dictionary.acc b/freeradius/dict/dictionary.acc new file mode 100644 index 0000000..f710906 --- /dev/null +++ b/freeradius/dict/dictionary.acc @@ -0,0 +1,259 @@ +# -*- text -*- +# +# dictionary.acc +# Dictionary for Acc/Newbridge, models Tigris, Amazon, etc. +# Written by Stephane Marzloff +# based on specifications available through ftp and the web. +# +# Version: @(#)dictionary.acc 1.00 smarzloff 21-Jun-1999 +# + +VENDOR Acc 5 + +# +# Acc specific +BEGIN-VENDOR Acc + +ATTRIBUTE Acc-Reason-Code 1 integer +ATTRIBUTE Acc-Ccp-Option 2 integer +ATTRIBUTE Acc-Input-Errors 3 integer +ATTRIBUTE Acc-Output-Errors 4 integer +ATTRIBUTE Acc-Access-Partition 5 string +ATTRIBUTE Acc-Customer-Id 6 string +ATTRIBUTE Acc-Ip-Gateway-Pri 7 ipaddr +ATTRIBUTE Acc-Ip-Gateway-Sec 8 ipaddr +ATTRIBUTE Acc-Route-Policy 9 integer +ATTRIBUTE Acc-ML-MLX-Admin-State 10 integer +ATTRIBUTE Acc-ML-Call-Threshold 11 integer +ATTRIBUTE Acc-ML-Clear-Threshold 12 integer +ATTRIBUTE Acc-ML-Damping-Factor 13 integer +ATTRIBUTE Acc-Tunnel-Secret 14 string +ATTRIBUTE Acc-Clearing-Cause 15 integer +ATTRIBUTE Acc-Clearing-Location 16 integer +ATTRIBUTE Acc-Service-Profile 17 string +ATTRIBUTE Acc-Request-Type 18 integer +ATTRIBUTE Acc-Bridging-Support 19 integer +ATTRIBUTE Acc-Apsm-Oversubscribed 20 integer +ATTRIBUTE Acc-Acct-On-Off-Reason 21 integer +ATTRIBUTE Acc-Tunnel-Port 22 integer +ATTRIBUTE Acc-Dns-Server-Pri 23 ipaddr +ATTRIBUTE Acc-Dns-Server-Sec 24 ipaddr +ATTRIBUTE Acc-Nbns-Server-Pri 25 ipaddr +ATTRIBUTE Acc-Nbns-Server-Sec 26 ipaddr +ATTRIBUTE Acc-Dial-Port-Index 27 integer +ATTRIBUTE Acc-Ip-Compression 28 integer +ATTRIBUTE Acc-Ipx-Compression 29 integer +ATTRIBUTE Acc-Connect-Tx-Speed 30 integer +ATTRIBUTE Acc-Connect-Rx-Speed 31 integer +ATTRIBUTE Acc-Modem-Modulation-Type 32 string +ATTRIBUTE Acc-Modem-Error-Protocol 33 string +ATTRIBUTE Acc-Callback-Delay 34 integer +ATTRIBUTE Acc-Callback-Num-Valid 35 string +ATTRIBUTE Acc-Callback-Mode 36 integer +ATTRIBUTE Acc-Callback-CBCP-Type 37 integer +ATTRIBUTE Acc-Dialout-Auth-Mode 38 integer +ATTRIBUTE Acc-Dialout-Auth-Password 39 string +ATTRIBUTE Acc-Dialout-Auth-Username 40 string +ATTRIBUTE Acc-Access-Community 42 integer +ATTRIBUTE Acc-Vpsm-Reject-Cause 43 integer +ATTRIBUTE Acc-Ace-Token 44 string +ATTRIBUTE Acc-Ace-Token-Ttl 45 integer +ATTRIBUTE Acc-Ip-Pool-Name 46 string +ATTRIBUTE Acc-Igmp-Admin-State 47 integer +ATTRIBUTE Acc-Igmp-Version 48 integer +ATTRIBUTE Acc-MN-HA-Secret 73 string +ATTRIBUTE Acc-Location-Id 98 string +ATTRIBUTE Acc-Calling-Station-Category 99 integer + +VALUE Acc-Reason-Code No-reason-No-Failure 0 +VALUE Acc-Reason-Code Resource-shortage 1 +VALUE Acc-Reason-Code Session-already-open 2 +VALUE Acc-Reason-Code Too-many-RADIUS-users 3 +VALUE Acc-Reason-Code No-authentification-server 4 +VALUE Acc-Reason-Code No-authentification-response 5 +VALUE Acc-Reason-Code No-accounting-server 6 +VALUE Acc-Reason-Code No-accounting-response 7 +VALUE Acc-Reason-Code Access-Denied 8 +VALUE Acc-Reason-Code Temporary-buffer-shortage 9 +VALUE Acc-Reason-Code Protocol-error 10 +VALUE Acc-Reason-Code Invalid-attribute 11 +VALUE Acc-Reason-Code Invalid-service-type 12 +VALUE Acc-Reason-Code Invalid-framed-protocol 13 +VALUE Acc-Reason-Code Invalid-attribute-value 14 +VALUE Acc-Reason-Code Invalid-user-information 15 +VALUE Acc-Reason-Code Invalid-IP-address 16 +VALUE Acc-Reason-Code Invalid-integer-syntax 17 +VALUE Acc-Reason-Code Invalid-NAS-port 18 +VALUE Acc-Reason-Code Requested-by-user 19 +VALUE Acc-Reason-Code Network-disconnect 20 +VALUE Acc-Reason-Code Service-interruption 21 +VALUE Acc-Reason-Code Physical-port-error 22 +VALUE Acc-Reason-Code Idle-timeout 23 +VALUE Acc-Reason-Code Session-timeout 24 +VALUE Acc-Reason-Code Administrative-reset 25 +VALUE Acc-Reason-Code NAS-reload-or-reset 26 +VALUE Acc-Reason-Code NAS-error 27 +VALUE Acc-Reason-Code NAS-request 28 +VALUE Acc-Reason-Code Undefined-reason-given 29 +VALUE Acc-Reason-Code Conflicting-attributes 30 +VALUE Acc-Reason-Code Port-limit-exceeded 31 +VALUE Acc-Reason-Code Facility-not-available 32 +VALUE Acc-Reason-Code Internal-config-error 33 +VALUE Acc-Reason-Code Bad-route-specification 34 +VALUE Acc-Reason-Code Access-Partition-bind-failure 35 +VALUE Acc-Reason-Code Security-violation 36 +VALUE Acc-Reason-Code Request-type-conflict 37 +VALUE Acc-Reason-Code Configuration-disallowed 38 +VALUE Acc-Reason-Code Missing-attribute 39 +VALUE Acc-Reason-Code Invalid-request 40 +VALUE Acc-Reason-Code Missing-parameter 41 +VALUE Acc-Reason-Code Invalid-parameter 42 +VALUE Acc-Reason-Code Call-cleared-with-cause 43 +VALUE Acc-Reason-Code Inopportune-config-request 44 +VALUE Acc-Reason-Code Invalid-config-parameter 45 +VALUE Acc-Reason-Code Missing-config-parameter 46 +VALUE Acc-Reason-Code Incompatible-service-profile 47 +VALUE Acc-Reason-Code Administrative-reset-2 48 +VALUE Acc-Reason-Code Administrative-reload 49 +VALUE Acc-Reason-Code Port-unneeded 50 +VALUE Acc-Reason-Code Port-preempted 51 +VALUE Acc-Reason-Code Port-suspended 52 +VALUE Acc-Reason-Code Service-unavailable 53 +VALUE Acc-Reason-Code Callback 54 +VALUE Acc-Reason-Code User-error 55 +VALUE Acc-Reason-Code Host-request 56 + +VALUE Acc-Ccp-Option Disabled 1 +VALUE Acc-Ccp-Option Enabled 2 + +VALUE Acc-Route-Policy Funnel 1 +VALUE Acc-Route-Policy Direct 2 + +VALUE Acc-ML-MLX-Admin-State Enabled 1 +VALUE Acc-ML-MLX-Admin-State Disabled 2 + +VALUE Acc-Clearing-Cause Cause-unspecified 0 +VALUE Acc-Clearing-Cause Unassigned-number 1 +VALUE Acc-Clearing-Cause No-route-to-transit-network 2 +VALUE Acc-Clearing-Cause No-route-to-destination 3 +VALUE Acc-Clearing-Cause Channel-unacceptable 6 +VALUE Acc-Clearing-Cause Call-awarded-being-delivered 7 +VALUE Acc-Clearing-Cause Normal-clearing 16 +VALUE Acc-Clearing-Cause User-busy 17 +VALUE Acc-Clearing-Cause No-user-responding 18 +VALUE Acc-Clearing-Cause User-alerted-no-answer 19 +VALUE Acc-Clearing-Cause Call-rejected 21 +VALUE Acc-Clearing-Cause Number-changed 22 +VALUE Acc-Clearing-Cause Non-selected-user-clearing 26 +VALUE Acc-Clearing-Cause Destination-out-of-order 27 +VALUE Acc-Clearing-Cause Invalid-or-incomplete-number 28 +VALUE Acc-Clearing-Cause Facility-rejected 29 +VALUE Acc-Clearing-Cause Response-to-status-inquiry 30 +VALUE Acc-Clearing-Cause Normal-unspecified-cause 31 +VALUE Acc-Clearing-Cause No-circuit-or-channel-available 34 +VALUE Acc-Clearing-Cause Network-out-of-order 38 +VALUE Acc-Clearing-Cause Temporary-failure 41 +VALUE Acc-Clearing-Cause Switching-equipment-congestion 42 +VALUE Acc-Clearing-Cause Access-information-discarded 43 +VALUE Acc-Clearing-Cause Circuit-or-channel-unavailable 44 +VALUE Acc-Clearing-Cause Circuit-or-channed-preempted 45 +VALUE Acc-Clearing-Cause Resources-unavailable 47 +VALUE Acc-Clearing-Cause Quality-of-service-unavailable 49 +VALUE Acc-Clearing-Cause Facility-not-subscribed 50 +VALUE Acc-Clearing-Cause Outgoing-calls-barred 52 +VALUE Acc-Clearing-Cause Incoming-calls-barred 54 +VALUE Acc-Clearing-Cause Bearer-capability-unauthorized 57 +VALUE Acc-Clearing-Cause Bearer-capability-not-available 58 +VALUE Acc-Clearing-Cause Service-not-available 63 +VALUE Acc-Clearing-Cause Bearer-capablity-not-implmented 65 +VALUE Acc-Clearing-Cause Channel-type-not-implemented 66 +VALUE Acc-Clearing-Cause Facility-not-implemented 69 +VALUE Acc-Clearing-Cause Restrcted-digtal-infrmtion-only 70 +VALUE Acc-Clearing-Cause Service-not-implemented 79 +VALUE Acc-Clearing-Cause Invalid-call-reference 81 +VALUE Acc-Clearing-Cause Identified-channel-doesnt-exist 82 +VALUE Acc-Clearing-Cause Call-identify-in-use 84 +VALUE Acc-Clearing-Cause No-call-suspended 85 +VALUE Acc-Clearing-Cause Suspended-call-cleared 86 +VALUE Acc-Clearing-Cause Incompatible-destination 88 +VALUE Acc-Clearing-Cause Invalid-transit-network-selctin 91 +VALUE Acc-Clearing-Cause Invalid-message 95 +VALUE Acc-Clearing-Cause Mandtory-infrmtion-elment-miss 96 +VALUE Acc-Clearing-Cause Message-not-implemented 97 +VALUE Acc-Clearing-Cause Inopportune-message 98 +VALUE Acc-Clearing-Cause Infrmtion-elemnt-not-implmented 99 +VALUE Acc-Clearing-Cause Invlid-infrmtion-element-contnt 100 +VALUE Acc-Clearing-Cause Message-incompatible-with-state 101 +VALUE Acc-Clearing-Cause Recovery-on-timer-expiration 102 +VALUE Acc-Clearing-Cause Mndtry-infrmtion-elmnt-lngt-err 103 +VALUE Acc-Clearing-Cause Protocol-error 111 +VALUE Acc-Clearing-Cause Interworking 127 + +VALUE Acc-Clearing-Location Local-or-remote-user 0 +VALUE Acc-Clearing-Location Prvte-ntwork-serving-local-user 1 +VALUE Acc-Clearing-Location Pblic-ntwork-serving-local-user 2 +VALUE Acc-Clearing-Location Transit-network 3 +VALUE Acc-Clearing-Location Prvte-ntwork-serv-remote-user 4 +VALUE Acc-Clearing-Location Pblic-ntwork-serv-remote-user 5 +VALUE Acc-Clearing-Location International-network 6 +VALUE Acc-Clearing-Location Beyond-interworking-point 10 + +VALUE Acc-Request-Type Ring-Indication 1 +VALUE Acc-Request-Type Dial-Request 2 +VALUE Acc-Request-Type User-Authentification 3 +VALUE Acc-Request-Type Tunnel-Authentification 4 + +VALUE Acc-Bridging-Support Disabled 1 +VALUE Acc-Bridging-Support Enabled 2 + +VALUE Acc-Apsm-Oversubscribed False 1 +VALUE Acc-Apsm-Oversubscribed True 2 + +VALUE Acc-Acct-On-Off-Reason NAS-Reset 0 +VALUE Acc-Acct-On-Off-Reason NAS-Reload 1 +VALUE Acc-Acct-On-Off-Reason Configuration-Reset 2 +VALUE Acc-Acct-On-Off-Reason Configuration-Reload 3 +VALUE Acc-Acct-On-Off-Reason Enabled 4 +VALUE Acc-Acct-On-Off-Reason Disabled 5 + +VALUE Acc-Ip-Compression Disabled 1 +VALUE Acc-Ip-Compression Enabled 2 + +VALUE Acc-Ipx-Compression Disabled 1 +VALUE Acc-Ipx-Compression Enabled 2 + +VALUE Acc-Callback-Mode User-Auth 0 +VALUE Acc-Callback-Mode User-Specified-E-164 3 +VALUE Acc-Callback-Mode CBCP-Callback 6 +VALUE Acc-Callback-Mode CLI-Callback 7 + +VALUE Acc-Callback-CBCP-Type CBCP-None 1 +VALUE Acc-Callback-CBCP-Type CBCP-User-Specified 2 +VALUE Acc-Callback-CBCP-Type CBCP-Pre-Specified 3 + +VALUE Acc-Dialout-Auth-Mode PAP 1 +VALUE Acc-Dialout-Auth-Mode CHAP 2 +VALUE Acc-Dialout-Auth-Mode CHAP-PAP 3 +VALUE Acc-Dialout-Auth-Mode NONE 4 + +VALUE Acc-Access-Community PUBLIC 1 +VALUE Acc-Access-Community NETMAN 2 + +# Acc-Vpsm-Reject-Cause values (available in access-reject packets only) +VALUE Acc-Vpsm-Reject-Cause No-Access-Partition 1 +VALUE Acc-Vpsm-Reject-Cause Access-Partition-Disabled 2 +VALUE Acc-Vpsm-Reject-Cause Partition-Portlimit-Exceeded 3 +VALUE Acc-Vpsm-Reject-Cause License-Portlimit-Exceeded 4 +VALUE Acc-Vpsm-Reject-Cause Home-Server-Down 5 +VALUE Acc-Vpsm-Reject-Cause Rejected-By-Home-Server 6 +VALUE Acc-Vpsm-Reject-Cause NAS-Administratively-Disabled 7 + +# Acc-Igmp-Admin-State values +VALUE Acc-Igmp-Admin-State Enabled 1 +VALUE Acc-Igmp-Admin-State Disabled 2 + +# Acc-Igmp-Version values +VALUE Acc-Igmp-Version V1 1 +VALUE Acc-Igmp-Version V2 2 + +END-VENDOR Acc diff --git a/freeradius/dict/dictionary.airespace b/freeradius/dict/dictionary.airespace new file mode 100755 index 0000000..e163a15 --- /dev/null +++ b/freeradius/dict/dictionary.airespace @@ -0,0 +1,23 @@ +# -*- text -*- +# +# As found on the net. +# +# $Id$ +# +VENDOR Airespace 14179 + +BEGIN-VENDOR Airespace +ATTRIBUTE Airespace-Wlan-Id 1 integer +ATTRIBUTE Airespace-QOS-Level 2 integer +ATTRIBUTE Airespace-DSCP 3 integer +ATTRIBUTE Airespace-8021p-Tag 4 integer +ATTRIBUTE Airespace-Interface-Name 5 string +ATTRIBUTE Airespace-ACL-Name 6 string + +VALUE Airespace-QOS-Level Bronze 0 +VALUE Airespace-QOS-Level Silver 1 +VALUE Airespace-QOS-Level Gold 2 +VALUE Airespace-QOS-Level Platinum 3 +VALUE Airespace-QOS-Level Uranium 4 + +END-VENDOR Airespace \ No newline at end of file diff --git a/freeradius/dict/dictionary.alcatel b/freeradius/dict/dictionary.alcatel new file mode 100644 index 0000000..5db9cf9 --- /dev/null +++ b/freeradius/dict/dictionary.alcatel @@ -0,0 +1,98 @@ +# -*- text -*- +############################################################################## +# +# Alcatel Broadband Access Server dictionary. +# +# $Id$ +# +############################################################################## + +VENDOR Alcatel 3041 + +BEGIN-VENDOR Alcatel + +ATTRIBUTE AAT-Client-Primary-DNS 5 ipaddr +ATTRIBUTE AAT-Client-Primary-WINS-NBNS 6 ipaddr +ATTRIBUTE AAT-Client-Secondary-WINS-NBNS 7 ipaddr +ATTRIBUTE AAT-Client-Secondary-DNS 8 ipaddr +ATTRIBUTE AAT-PPP-Address 9 ipaddr +ATTRIBUTE AAT-PPP-Netmask 10 ipaddr +ATTRIBUTE AAT-Primary-Home-Agent 12 string +ATTRIBUTE AAT-Secondary-Home-Agent 13 string +ATTRIBUTE AAT-Home-Agent-Password 14 string +ATTRIBUTE AAT-Home-Network-Name 15 string +ATTRIBUTE AAT-Home-Agent-UDP-Port 16 integer +ATTRIBUTE AAT-IP-Direct 17 ipaddr +ATTRIBUTE AAT-FR-Direct 18 integer +ATTRIBUTE AAT-FR-Direct-Profile 19 string +ATTRIBUTE AAT-FR-Direct-DLCI 20 integer +ATTRIBUTE AAT-ATM-Direct 21 string +ATTRIBUTE AAT-IP-TOS 22 integer +ATTRIBUTE AAT-IP-TOS-Precedence 23 integer +ATTRIBUTE AAT-IP-TOS-Apply-To 24 integer +ATTRIBUTE AAT-MCast-Client 27 integer +ATTRIBUTE AAT-Modem-Port-No 28 integer +ATTRIBUTE AAT-Modem-Slot-No 29 integer +ATTRIBUTE AAT-Modem-Shelf-No 30 integer +ATTRIBUTE AAT-Filter 60 string +ATTRIBUTE AAT-Vrouter-Name 61 string +ATTRIBUTE AAT-Require-Auth 62 integer +ATTRIBUTE AAT-IP-Pool-Definition 63 string +ATTRIBUTE AAT-Assign-IP-Pool 64 integer +ATTRIBUTE AAT-Data-Filter 65 string +ATTRIBUTE AAT-Source-IP-Check 66 integer +ATTRIBUTE AAT-Modem-Answer-String 67 string +ATTRIBUTE AAT-Auth-Type 68 integer +ATTRIBUTE AAT-Qos 70 integer +ATTRIBUTE AAT-Qoa 71 integer +ATTRIBUTE AAT-Client-Assign-DNS 72 integer +ATTRIBUTE AAT-ATM-VPI 128 integer +ATTRIBUTE AAT-ATM-VCI 129 integer +ATTRIBUTE AAT-Input-Octets-Diff 130 integer +ATTRIBUTE AAT-Output-Octets-Diff 131 integer +ATTRIBUTE AAT-User-MAC-Address 132 string +ATTRIBUTE AAT-ATM-Traffic-Profile 133 string + +VALUE AAT-MCast-Client Multicast-No 0 +VALUE AAT-MCast-Client Multicast-Yes 1 + +VALUE AAT-Require-Auth Not-Require-Auth 0 +VALUE AAT-Require-Auth Require-Auth 1 + +VALUE AAT-FR-Direct No 0 +VALUE AAT-FR-Direct Yes 1 + +VALUE AAT-Source-IP-Check Source-IP-Check-No 0 +VALUE AAT-Source-IP-Check Source-IP-Check-Yes 1 + +VALUE AAT-IP-TOS IP-TOS-Normal 0 +VALUE AAT-IP-TOS IP-TOS-Disabled 1 +VALUE AAT-IP-TOS IP-TOS-Cost 2 +VALUE AAT-IP-TOS IP-TOS-Reliability 4 +VALUE AAT-IP-TOS IP-TOS-Throughput 8 +VALUE AAT-IP-TOS IP-TOS-Latency 16 + +VALUE AAT-IP-TOS-Apply-To IP-TOS-Apply-To-Incoming 1024 +VALUE AAT-IP-TOS-Apply-To IP-TOS-Apply-To-Both 3072 +VALUE AAT-IP-TOS-Apply-To IP-TOS-Apply-To-Outgoing 2048 + +VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Normal 0 +VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-One 32 +VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Two 64 +VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Three 96 +VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Four 128 +VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Five 160 +VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Six 192 +VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Seven 224 + +VALUE AAT-Auth-Type AAT-Auth-None 0 +VALUE AAT-Auth-Type AAT-Auth-Default 1 +VALUE AAT-Auth-Type AAT-Auth-Any 2 +VALUE AAT-Auth-Type AAT-Auth-PAP 3 +VALUE AAT-Auth-Type AAT-Auth-CHAP 4 +VALUE AAT-Auth-Type AAT-Auth-MS-CHAP 5 + +VALUE AAT-Client-Assign-DNS DNS-Assign-No 0 +VALUE AAT-Client-Assign-DNS DNS-Assign-Yes 1 + +END-VENDOR Alcatel diff --git a/freeradius/dict/dictionary.alteon b/freeradius/dict/dictionary.alteon new file mode 100644 index 0000000..250ec2a --- /dev/null +++ b/freeradius/dict/dictionary.alteon @@ -0,0 +1,32 @@ +# -*- text -*- +# +# dictionary.alteon +# +# Alteon Webswitch +# +# $Id$ +# +VENDOR Alteon 1872 + +BEGIN-VENDOR Alteon + +ATTRIBUTE Alteon-Group-Mapping 1 string +ATTRIBUTE Alteon-VPN-Id 3 integer +ATTRIBUTE Alteon-Client-IP-Address 4 string +ATTRIBUTE Alteon-Client-Netmask 5 string +ATTRIBUTE Alteon-Primary-NBNS-Server 6 string +ATTRIBUTE Alteon-Secondary-NBNS-Server 7 string +ATTRIBUTE Alteon-Primary-DNS-Server 8 string +ATTRIBUTE Alteon-Secondary-DNS-Server 9 string +ATTRIBUTE Alteon-Domain-Name 10 string + +ATTRIBUTE Alteon-Service-Type 26 integer + +VALUE Alteon-Service-Type Alteon-L4admin 250 +VALUE Alteon-Service-Type Alteon-Slbadmin 251 +VALUE Alteon-Service-Type Alteon-Oper 252 +VALUE Alteon-Service-Type Alteon-L4oper 253 +VALUE Alteon-Service-Type Alteon-Slboper 254 +VALUE Alteon-Service-Type Alteon-User 255 + +END-VENDOR Alteon diff --git a/freeradius/dict/dictionary.altiga b/freeradius/dict/dictionary.altiga new file mode 100644 index 0000000..8222ccf --- /dev/null +++ b/freeradius/dict/dictionary.altiga @@ -0,0 +1,135 @@ +# -*- text -*- +# Altiga vendor attributes +# +# $Id$ +# + +VENDOR Altiga 3076 + +BEGIN-VENDOR Altiga +ATTRIBUTE Altiga-Access-Hours-G/U 1 string +ATTRIBUTE Altiga-Simultaneous-Logins-G/U 2 integer +ATTRIBUTE Altiga-Min-Password-Length-G 3 integer +ATTRIBUTE Altiga-Allow-Alpha-Only-Passwords-G 4 integer +ATTRIBUTE Altiga-Primary-DNS-G 5 ipaddr +ATTRIBUTE Altiga-Secondary-DNS-G 6 ipaddr +ATTRIBUTE Altiga-Primary-WINS-G 7 ipaddr +ATTRIBUTE Altiga-Secondary-WINS-G 8 ipaddr +ATTRIBUTE Altiga-SEP-Card-Assignment-G/U 9 integer +ATTRIBUTE Altiga-Priority-on-SEP-G/U 10 integer +ATTRIBUTE Altiga-Tunneling-Protocols-G/U 11 integer +ATTRIBUTE Altiga-IPSec-Sec-Association-G/U 12 string +ATTRIBUTE Altiga-IPSec-Authentication-G 13 integer +ATTRIBUTE Altiga-IPSec-Banner-G 15 string +ATTRIBUTE Altiga-IPSec-Allow-Passwd-Store-G/U 16 integer +ATTRIBUTE Altiga-Use-Client-Address-G/U 17 integer +ATTRIBUTE Altiga-PPTP-Min-Authentication-G/U 18 integer +ATTRIBUTE Altiga-L2TP-Min-Authentication-G/U 19 integer +ATTRIBUTE Altiga-PPTP-Encryption-G 20 integer +ATTRIBUTE Altiga-L2TP-Encryption-G 21 integer +ATTRIBUTE Altiga-IPSec-L2L-Keepalives-G 25 integer +ATTRIBUTE Altiga-IPSec-Split-Tunnel-List-G 27 string +ATTRIBUTE Altiga-IPSec-Default-Domain-G 28 string +ATTRIBUTE Altiga-IPSec-Secondary-Domains-G 29 string +ATTRIBUTE Altiga-IPSec-Tunnel-Type-G 30 integer +ATTRIBUTE Altiga-IPSec-Mode-Config-G 31 integer +ATTRIBUTE Altiga-IPSec-User-Group-Lock-G 33 integer +ATTRIBUTE Altiga-IPSec-Over-NAT-G 34 integer +ATTRIBUTE Altiga-IPSec-Over-NAT-Port-Num-G 35 integer + +# Altiga value +VALUE Altiga-Allow-Alpha-Only-Passwords-G Allow 1 +VALUE Altiga-Allow-Alpha-Only-Passwords-G Disallow 0 + +VALUE Altiga-SEP-Card-Assignment-G/U SEP1 1 +VALUE Altiga-SEP-Card-Assignment-G/U SEP2 2 +VALUE Altiga-SEP-Card-Assignment-G/U SEP3 4 +VALUE Altiga-SEP-Card-Assignment-G/U SEP4 8 +VALUE Altiga-SEP-Card-Assignment-G/U Any-SEP 15 + +VALUE Altiga-Priority-on-SEP-G/U High 1 +VALUE Altiga-Priority-on-SEP-G/U Med-High 2 +VALUE Altiga-Priority-on-SEP-G/U Medium 3 +VALUE Altiga-Priority-on-SEP-G/U Med-Low 4 +VALUE Altiga-Priority-on-SEP-G/U Low 5 + +VALUE Altiga-Tunneling-Protocols-G/U PPTP 1 +VALUE Altiga-Tunneling-Protocols-G/U L2TP 2 +VALUE Altiga-Tunneling-Protocols-G/U IPSec 4 +VALUE Altiga-Tunneling-Protocols-G/U L2TP/IPSec 8 +VALUE Altiga-Tunneling-Protocols-G/U PPTP-and-IPSec 5 +VALUE Altiga-Tunneling-Protocols-G/U All 15 + +VALUE Altiga-IPSec-Authentication-G None 0 +VALUE Altiga-IPSec-Authentication-G RADIUS 1 +VALUE Altiga-IPSec-Authentication-G LDAP 2 +VALUE Altiga-IPSec-Authentication-G NTDomain 3 +VALUE Altiga-IPSec-Authentication-G SDI 4 +VALUE Altiga-IPSec-Authentication-G Internal 5 + +VALUE Altiga-IPSec-Allow-Passwd-Store-G/U Allow 1 +VALUE Altiga-IPSec-Allow-Passwd-Store-G/U Disallow 0 + +VALUE Altiga-Use-Client-Address-G/U Allow 1 +VALUE Altiga-Use-Client-Address-G/U Disallow 0 + +VALUE Altiga-PPTP-Min-Authentication-G/U PAP 1 +VALUE Altiga-PPTP-Min-Authentication-G/U CHAP 2 +VALUE Altiga-PPTP-Min-Authentication-G/U EAP-MD5 4 +VALUE Altiga-PPTP-Min-Authentication-G/U EAP-GTC 8 +VALUE Altiga-PPTP-Min-Authentication-G/U EAP-TLS 16 +VALUE Altiga-PPTP-Min-Authentication-G/U MSCHAPv1 32 +VALUE Altiga-PPTP-Min-Authentication-G/U MSCHAPv2 64 +VALUE Altiga-PPTP-Min-Authentication-G/U Default 102 + +VALUE Altiga-L2TP-Min-Authentication-G/U PAP 1 +VALUE Altiga-L2TP-Min-Authentication-G/U CHAP 2 +VALUE Altiga-L2TP-Min-Authentication-G/U EAP-MD5 4 +VALUE Altiga-L2TP-Min-Authentication-G/U EAP-GTC 8 +VALUE Altiga-L2TP-Min-Authentication-G/U EAP-TLS 16 +VALUE Altiga-L2TP-Min-Authentication-G/U MSCHAPv1 32 +VALUE Altiga-L2TP-Min-Authentication-G/U MSCHAPv2 64 +VALUE Altiga-L2TP-Min-Authentication-G/U Default 102 + +VALUE Altiga-PPTP-Encryption-G PPTP-40bit 2 +VALUE Altiga-PPTP-Encryption-G PPTP-40-Encryption-Req 3 +VALUE Altiga-PPTP-Encryption-G PPTP-128 4 +VALUE Altiga-PPTP-Encryption-G PPTP-128-Encryption-Req 5 +VALUE Altiga-PPTP-Encryption-G PPTP-40-or-128 6 +VALUE Altiga-PPTP-Encryption-G PPTP-40-or-128-Encry-Req 7 +VALUE Altiga-PPTP-Encryption-G PPTP-40-Stateless-Req 10 +VALUE Altiga-PPTP-Encryption-G PPTP-40-Enc/Stateless-Req 11 +VALUE Altiga-PPTP-Encryption-G PPTP-128-Stateless-Req 12 +VALUE Altiga-PPTP-Encryption-G PPTP-128-Enc/Stateless-Req 13 +VALUE Altiga-PPTP-Encryption-G PPTP-40/128-Stateless-Req 14 +VALUE Altiga-PPTP-Encryption-G PPTP-40/128-Enc/Statls-Req 15 + +VALUE Altiga-L2TP-Encryption-G L2TP-40bit 2 +VALUE Altiga-L2TP-Encryption-G L2TP-40-Encryption-Req 3 +VALUE Altiga-L2TP-Encryption-G L2TP-128 4 +VALUE Altiga-L2TP-Encryption-G L2TP-128-Encryption-Req 5 +VALUE Altiga-L2TP-Encryption-G L2TP-40-or-128 6 +VALUE Altiga-L2TP-Encryption-G L2TP-40-or-128-Encry-Req 7 +VALUE Altiga-L2TP-Encryption-G L2TP-40-Stateless-Req 10 +VALUE Altiga-L2TP-Encryption-G L2TP-40-Enc/Stateless-Req 11 +VALUE Altiga-L2TP-Encryption-G L2TP-128-Stateless-Req 12 +VALUE Altiga-L2TP-Encryption-G L2TP-128-Enc/Stateless-Req 13 +VALUE Altiga-L2TP-Encryption-G L2TP-40/128-Stateless-Req 14 +VALUE Altiga-L2TP-Encryption-G L2TP-40/128-Enc/Statls-Req 15 + +VALUE Altiga-IPSec-L2L-Keepalives-G ON 1 +VALUE Altiga-IPSec-L2L-Keepalives-G OFF 0 + +VALUE Altiga-IPSec-Tunnel-Type-G LAN-to-LAN 1 +VALUE Altiga-IPSec-Tunnel-Type-G Remote-Access 2 + +VALUE Altiga-IPSec-Mode-Config-G ON 1 +VALUE Altiga-IPSec-Mode-Config-G OFF 0 + +VALUE Altiga-IPSec-User-Group-Lock-G ON 1 +VALUE Altiga-IPSec-User-Group-Lock-G OFF 0 + +VALUE Altiga-IPSec-Over-NAT-G ON 1 +VALUE Altiga-IPSec-Over-NAT-G OFF 0 + +END-VENDOR Altiga diff --git a/freeradius/dict/dictionary.alvarion b/freeradius/dict/dictionary.alvarion new file mode 100644 index 0000000..5146031 --- /dev/null +++ b/freeradius/dict/dictionary.alvarion @@ -0,0 +1,310 @@ +# -*- text -*- +############################################################################## +# +# Alvarion VSAs, also known as Breezecom / Breezenet. +# +# +# These are retarded beyond belief. The only VSA's it sends in +# accounting packets are text strings for accounting. And, it +# doesn't use the same VSA numbers consistently. WTF? +# +# Here's what it does, and we'll let you decide if this is: +# +# a) Sane +# b) Easier than doing it the way everyone else does +# c) none of the above. +# +# * The NAS sends up to 11 VSA's in each accounting packet. +# * The VSA numbers start off at 1, 2, 3, ... 11. This part is +# somewhat sane. +# * The *next* packet has up to 11 VSA's, but the NAS remembers +# that it sent the first packet, and starts the VSA numbers +# off at 12, 13, 14, ... 22. Huh? +# * This process continues with the next packet, at 23, 24,... 33. +# * eventually the numbers space wraps at 256 modulo 11, and it +# keeps going. +# +# Why anyone thought this was a good idea is beyond rational +# understanding. +# +# $Id$ +# +############################################################################## + +VENDOR Alvarion 12394 + +BEGIN-VENDOR Alvarion + +ATTRIBUTE Alvariaon-VSA-1 1 string +ATTRIBUTE Alvariaon-VSA-2 2 string +ATTRIBUTE Alvariaon-VSA-3 3 string +ATTRIBUTE Alvariaon-VSA-4 4 string +ATTRIBUTE Alvariaon-VSA-5 5 string +ATTRIBUTE Alvariaon-VSA-6 6 string +ATTRIBUTE Alvariaon-VSA-7 7 string +ATTRIBUTE Alvariaon-VSA-8 8 string +ATTRIBUTE Alvariaon-VSA-9 9 string +ATTRIBUTE Alvariaon-VSA-10 10 string +ATTRIBUTE Alvariaon-VSA-11 11 string +ATTRIBUTE Alvariaon-VSA-12 12 string +ATTRIBUTE Alvariaon-VSA-13 13 string +ATTRIBUTE Alvariaon-VSA-14 14 string +ATTRIBUTE Alvariaon-VSA-15 15 string +ATTRIBUTE Alvariaon-VSA-16 16 string +ATTRIBUTE Alvariaon-VSA-17 17 string +ATTRIBUTE Alvariaon-VSA-18 18 string +ATTRIBUTE Alvariaon-VSA-19 19 string +ATTRIBUTE Alvariaon-VSA-20 20 string +ATTRIBUTE Alvariaon-VSA-21 21 string +ATTRIBUTE Alvariaon-VSA-22 22 string +ATTRIBUTE Alvariaon-VSA-23 23 string +ATTRIBUTE Alvariaon-VSA-24 24 string +ATTRIBUTE Alvariaon-VSA-25 25 string +ATTRIBUTE Alvariaon-VSA-26 26 string +ATTRIBUTE Alvariaon-VSA-27 27 string +ATTRIBUTE Alvariaon-VSA-28 28 string +ATTRIBUTE Alvariaon-VSA-29 29 string +ATTRIBUTE Alvariaon-VSA-30 30 string +ATTRIBUTE Alvariaon-VSA-31 31 string +ATTRIBUTE Alvariaon-VSA-32 32 string +ATTRIBUTE Alvariaon-VSA-33 33 string +ATTRIBUTE Alvariaon-VSA-34 34 string +ATTRIBUTE Alvariaon-VSA-35 35 string +ATTRIBUTE Alvariaon-VSA-36 36 string +ATTRIBUTE Alvariaon-VSA-37 37 string +ATTRIBUTE Alvariaon-VSA-38 38 string +ATTRIBUTE Alvariaon-VSA-39 39 string +ATTRIBUTE Alvariaon-VSA-40 40 string +ATTRIBUTE Alvariaon-VSA-41 41 string +ATTRIBUTE Alvariaon-VSA-42 42 string +ATTRIBUTE Alvariaon-VSA-43 43 string +ATTRIBUTE Alvariaon-VSA-44 44 string +ATTRIBUTE Alvariaon-VSA-45 45 string +ATTRIBUTE Alvariaon-VSA-46 46 string +ATTRIBUTE Alvariaon-VSA-47 47 string +ATTRIBUTE Alvariaon-VSA-48 48 string +ATTRIBUTE Alvariaon-VSA-49 49 string +ATTRIBUTE Alvariaon-VSA-50 50 string +ATTRIBUTE Alvariaon-VSA-51 51 string +ATTRIBUTE Alvariaon-VSA-52 52 string +ATTRIBUTE Alvariaon-VSA-53 53 string +ATTRIBUTE Alvariaon-VSA-54 54 string +ATTRIBUTE Alvariaon-VSA-55 55 string +ATTRIBUTE Alvariaon-VSA-56 56 string +ATTRIBUTE Alvariaon-VSA-57 57 string +ATTRIBUTE Alvariaon-VSA-58 58 string +ATTRIBUTE Alvariaon-VSA-59 59 string +ATTRIBUTE Alvariaon-VSA-60 60 string +ATTRIBUTE Alvariaon-VSA-61 61 string +ATTRIBUTE Alvariaon-VSA-62 62 string +ATTRIBUTE Alvariaon-VSA-63 63 string +ATTRIBUTE Alvariaon-VSA-64 64 string +ATTRIBUTE Alvariaon-VSA-65 65 string +ATTRIBUTE Alvariaon-VSA-66 66 string +ATTRIBUTE Alvariaon-VSA-67 67 string +ATTRIBUTE Alvariaon-VSA-68 68 string +ATTRIBUTE Alvariaon-VSA-69 69 string +ATTRIBUTE Alvariaon-VSA-70 70 string +ATTRIBUTE Alvariaon-VSA-71 71 string +ATTRIBUTE Alvariaon-VSA-72 72 string +ATTRIBUTE Alvariaon-VSA-73 73 string +ATTRIBUTE Alvariaon-VSA-74 74 string +ATTRIBUTE Alvariaon-VSA-75 75 string +ATTRIBUTE Alvariaon-VSA-76 76 string +ATTRIBUTE Alvariaon-VSA-77 77 string +ATTRIBUTE Alvariaon-VSA-78 78 string +ATTRIBUTE Alvariaon-VSA-79 79 string +ATTRIBUTE Alvariaon-VSA-80 80 string +ATTRIBUTE Alvariaon-VSA-81 81 string +ATTRIBUTE Alvariaon-VSA-82 82 string +ATTRIBUTE Alvariaon-VSA-83 83 string +ATTRIBUTE Alvariaon-VSA-84 84 string +ATTRIBUTE Alvariaon-VSA-85 85 string +ATTRIBUTE Alvariaon-VSA-86 86 string +ATTRIBUTE Alvariaon-VSA-87 87 string +ATTRIBUTE Alvariaon-VSA-88 88 string +ATTRIBUTE Alvariaon-VSA-89 89 string +ATTRIBUTE Alvariaon-VSA-90 90 string +ATTRIBUTE Alvariaon-VSA-91 91 string +ATTRIBUTE Alvariaon-VSA-92 92 string +ATTRIBUTE Alvariaon-VSA-93 93 string +ATTRIBUTE Alvariaon-VSA-94 94 string +ATTRIBUTE Alvariaon-VSA-95 95 string +ATTRIBUTE Alvariaon-VSA-96 96 string +ATTRIBUTE Alvariaon-VSA-97 97 string +ATTRIBUTE Alvariaon-VSA-98 98 string +ATTRIBUTE Alvariaon-VSA-99 99 string +ATTRIBUTE Alvariaon-VSA-100 100 string +ATTRIBUTE Alvariaon-VSA-101 101 string +ATTRIBUTE Alvariaon-VSA-102 102 string +ATTRIBUTE Alvariaon-VSA-103 103 string +ATTRIBUTE Alvariaon-VSA-104 104 string +ATTRIBUTE Alvariaon-VSA-105 105 string +ATTRIBUTE Alvariaon-VSA-106 106 string +ATTRIBUTE Alvariaon-VSA-107 107 string +ATTRIBUTE Alvariaon-VSA-108 108 string +ATTRIBUTE Alvariaon-VSA-109 109 string +ATTRIBUTE Alvariaon-VSA-110 110 string +ATTRIBUTE Alvariaon-VSA-111 111 string +ATTRIBUTE Alvariaon-VSA-112 112 string +ATTRIBUTE Alvariaon-VSA-113 113 string +ATTRIBUTE Alvariaon-VSA-114 114 string +ATTRIBUTE Alvariaon-VSA-115 115 string +ATTRIBUTE Alvariaon-VSA-116 116 string +ATTRIBUTE Alvariaon-VSA-117 117 string +ATTRIBUTE Alvariaon-VSA-118 118 string +ATTRIBUTE Alvariaon-VSA-119 119 string +ATTRIBUTE Alvariaon-VSA-120 120 string +ATTRIBUTE Alvariaon-VSA-121 121 string +ATTRIBUTE Alvariaon-VSA-122 122 string +ATTRIBUTE Alvariaon-VSA-123 123 string +ATTRIBUTE Alvariaon-VSA-124 124 string +ATTRIBUTE Alvariaon-VSA-125 125 string +ATTRIBUTE Alvariaon-VSA-126 126 string +ATTRIBUTE Alvariaon-VSA-127 127 string +ATTRIBUTE Alvariaon-VSA-128 128 string +ATTRIBUTE Alvariaon-VSA-129 129 string +ATTRIBUTE Alvariaon-VSA-130 130 string +ATTRIBUTE Alvariaon-VSA-131 131 string +ATTRIBUTE Alvariaon-VSA-132 132 string +ATTRIBUTE Alvariaon-VSA-133 133 string +ATTRIBUTE Alvariaon-VSA-134 134 string +ATTRIBUTE Alvariaon-VSA-135 135 string +ATTRIBUTE Alvariaon-VSA-136 136 string +ATTRIBUTE Alvariaon-VSA-137 137 string +ATTRIBUTE Alvariaon-VSA-138 138 string +ATTRIBUTE Alvariaon-VSA-139 139 string +ATTRIBUTE Alvariaon-VSA-140 140 string +ATTRIBUTE Alvariaon-VSA-141 141 string +ATTRIBUTE Alvariaon-VSA-142 142 string +ATTRIBUTE Alvariaon-VSA-143 143 string +ATTRIBUTE Alvariaon-VSA-144 144 string +ATTRIBUTE Alvariaon-VSA-145 145 string +ATTRIBUTE Alvariaon-VSA-146 146 string +ATTRIBUTE Alvariaon-VSA-147 147 string +ATTRIBUTE Alvariaon-VSA-148 148 string +ATTRIBUTE Alvariaon-VSA-149 149 string +ATTRIBUTE Alvariaon-VSA-150 150 string +ATTRIBUTE Alvariaon-VSA-151 151 string +ATTRIBUTE Alvariaon-VSA-152 152 string +ATTRIBUTE Alvariaon-VSA-153 153 string +ATTRIBUTE Alvariaon-VSA-154 154 string +ATTRIBUTE Alvariaon-VSA-155 155 string +ATTRIBUTE Alvariaon-VSA-156 156 string +ATTRIBUTE Alvariaon-VSA-157 157 string +ATTRIBUTE Alvariaon-VSA-158 158 string +ATTRIBUTE Alvariaon-VSA-159 159 string +ATTRIBUTE Alvariaon-VSA-160 160 string +ATTRIBUTE Alvariaon-VSA-161 161 string +ATTRIBUTE Alvariaon-VSA-162 162 string +ATTRIBUTE Alvariaon-VSA-163 163 string +ATTRIBUTE Alvariaon-VSA-164 164 string +ATTRIBUTE Alvariaon-VSA-165 165 string +ATTRIBUTE Alvariaon-VSA-166 166 string +ATTRIBUTE Alvariaon-VSA-167 167 string +ATTRIBUTE Alvariaon-VSA-168 168 string +ATTRIBUTE Alvariaon-VSA-169 169 string +ATTRIBUTE Alvariaon-VSA-170 170 string +ATTRIBUTE Alvariaon-VSA-171 171 string +ATTRIBUTE Alvariaon-VSA-172 172 string +ATTRIBUTE Alvariaon-VSA-173 173 string +ATTRIBUTE Alvariaon-VSA-174 174 string +ATTRIBUTE Alvariaon-VSA-175 175 string +ATTRIBUTE Alvariaon-VSA-176 176 string +ATTRIBUTE Alvariaon-VSA-177 177 string +ATTRIBUTE Alvariaon-VSA-178 178 string +ATTRIBUTE Alvariaon-VSA-179 179 string +ATTRIBUTE Alvariaon-VSA-180 180 string +ATTRIBUTE Alvariaon-VSA-181 181 string +ATTRIBUTE Alvariaon-VSA-182 182 string +ATTRIBUTE Alvariaon-VSA-183 183 string +ATTRIBUTE Alvariaon-VSA-184 184 string +ATTRIBUTE Alvariaon-VSA-185 185 string +ATTRIBUTE Alvariaon-VSA-186 186 string +ATTRIBUTE Alvariaon-VSA-187 187 string +ATTRIBUTE Alvariaon-VSA-188 188 string +ATTRIBUTE Alvariaon-VSA-189 189 string +ATTRIBUTE Alvariaon-VSA-190 190 string +ATTRIBUTE Alvariaon-VSA-191 191 string +ATTRIBUTE Alvariaon-VSA-192 192 string +ATTRIBUTE Alvariaon-VSA-193 193 string +ATTRIBUTE Alvariaon-VSA-194 194 string +ATTRIBUTE Alvariaon-VSA-195 195 string +ATTRIBUTE Alvariaon-VSA-196 196 string +ATTRIBUTE Alvariaon-VSA-197 197 string +ATTRIBUTE Alvariaon-VSA-198 198 string +ATTRIBUTE Alvariaon-VSA-199 199 string +ATTRIBUTE Alvariaon-VSA-200 200 string +ATTRIBUTE Alvariaon-VSA-201 201 string +ATTRIBUTE Alvariaon-VSA-202 202 string +ATTRIBUTE Alvariaon-VSA-203 203 string +ATTRIBUTE Alvariaon-VSA-204 204 string +ATTRIBUTE Alvariaon-VSA-205 205 string +ATTRIBUTE Alvariaon-VSA-206 206 string +ATTRIBUTE Alvariaon-VSA-207 207 string +ATTRIBUTE Alvariaon-VSA-208 208 string +ATTRIBUTE Alvariaon-VSA-209 209 string +ATTRIBUTE Alvariaon-VSA-210 210 string +ATTRIBUTE Alvariaon-VSA-211 211 string +ATTRIBUTE Alvariaon-VSA-212 212 string +ATTRIBUTE Alvariaon-VSA-213 213 string +ATTRIBUTE Alvariaon-VSA-214 214 string +ATTRIBUTE Alvariaon-VSA-215 215 string +ATTRIBUTE Alvariaon-VSA-216 216 string +ATTRIBUTE Alvariaon-VSA-217 217 string +ATTRIBUTE Alvariaon-VSA-218 218 string +ATTRIBUTE Alvariaon-VSA-219 219 string +ATTRIBUTE Alvariaon-VSA-220 220 string +ATTRIBUTE Alvariaon-VSA-221 221 string +ATTRIBUTE Alvariaon-VSA-222 222 string +ATTRIBUTE Alvariaon-VSA-223 223 string +ATTRIBUTE Alvariaon-VSA-224 224 string +ATTRIBUTE Alvariaon-VSA-225 225 string +ATTRIBUTE Alvariaon-VSA-226 226 string +ATTRIBUTE Alvariaon-VSA-227 227 string +ATTRIBUTE Alvariaon-VSA-228 228 string +ATTRIBUTE Alvariaon-VSA-229 229 string +ATTRIBUTE Alvariaon-VSA-230 230 string +ATTRIBUTE Alvariaon-VSA-231 231 string +ATTRIBUTE Alvariaon-VSA-232 232 string +ATTRIBUTE Alvariaon-VSA-233 233 string +ATTRIBUTE Alvariaon-VSA-234 234 string +ATTRIBUTE Alvariaon-VSA-235 235 string +ATTRIBUTE Alvariaon-VSA-236 236 string +ATTRIBUTE Alvariaon-VSA-237 237 string +ATTRIBUTE Alvariaon-VSA-238 238 string +ATTRIBUTE Alvariaon-VSA-239 239 string +ATTRIBUTE Alvariaon-VSA-240 240 string +ATTRIBUTE Alvariaon-VSA-241 241 string +ATTRIBUTE Alvariaon-VSA-242 242 string +ATTRIBUTE Alvariaon-VSA-243 243 string +ATTRIBUTE Alvariaon-VSA-244 244 string +ATTRIBUTE Alvariaon-VSA-245 245 string +ATTRIBUTE Alvariaon-VSA-246 246 string +ATTRIBUTE Alvariaon-VSA-247 247 string +ATTRIBUTE Alvariaon-VSA-248 248 string +ATTRIBUTE Alvariaon-VSA-249 249 string +ATTRIBUTE Alvariaon-VSA-250 250 string +ATTRIBUTE Alvariaon-VSA-251 251 string +ATTRIBUTE Alvariaon-VSA-252 252 string +ATTRIBUTE Alvariaon-VSA-253 253 string +ATTRIBUTE Alvariaon-VSA-254 254 string +ATTRIBUTE Alvariaon-VSA-255 255 string + +# +# And these are what the above attributes should get mapped to, +# once we get around to caring. +# +ATTRIBUTE Breezecom-Attr1 1 string +ATTRIBUTE Breezecom-Attr2 2 string +ATTRIBUTE Breezecom-Attr3 3 string +ATTRIBUTE Breezecom-Attr4 4 string +ATTRIBUTE Breezecom-Attr5 5 string +ATTRIBUTE Breezecom-Attr6 6 string +ATTRIBUTE Breezecom-Attr7 7 string +ATTRIBUTE Breezecom-Attr8 8 string +ATTRIBUTE Breezecom-Attr9 9 string +ATTRIBUTE Breezecom-Attr10 10 string +ATTRIBUTE Breezecom-Attr11 11 string + +END-VENDOR Alvarion diff --git a/freeradius/dict/dictionary.apc b/freeradius/dict/dictionary.apc new file mode 100644 index 0000000..6a263b0 --- /dev/null +++ b/freeradius/dict/dictionary.apc @@ -0,0 +1,22 @@ +# -*- text -*- +############################################################################## +# +# http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=8012 +# +# $Id$ +# +############################################################################## + +VENDOR APC 318 + +BEGIN-VENDOR APC + +ATTRIBUTE APC-Service-Type 1 integer +ATTRIBUTE APC-Outlets 2 string + +VALUE APC-Service-Type Admin 1 +VALUE APC-Service-Type Device 2 +VALUE APC-Service-Type ReadOnly 3 +VALUE APC-Service-Type Outlet 4 + +END-VENDOR APC diff --git a/freeradius/dict/dictionary.aptis b/freeradius/dict/dictionary.aptis new file mode 100644 index 0000000..4eff1b2 --- /dev/null +++ b/freeradius/dict/dictionary.aptis @@ -0,0 +1,182 @@ +# -*- text -*- +# +# $Id$ +# + +VENDOR Aptis 2637 + +BEGIN-VENDOR Aptis +ATTRIBUTE CVX-Identification 1 string +ATTRIBUTE CVX-VPOP-ID 2 integer +ATTRIBUTE CVX-SS7-Session-ID-Type 3 integer +ATTRIBUTE CVX-Radius-Redirect 4 integer +ATTRIBUTE CVX-IPSVC-AZNLVL 5 integer +ATTRIBUTE CVX-IPSVC-Mask 6 integer +ATTRIBUTE CVX-Multilink-Match-Info 7 integer +ATTRIBUTE CVX-Multilink-Group-Number 8 integer +ATTRIBUTE CVX-PPP-Log-Mask 9 integer + +ATTRIBUTE CVX-Modem-Begin-Modulation 10 string +ATTRIBUTE CVX-Modem-End-Modulation 11 string +ATTRIBUTE CVX-Modem-Error-Correction 12 string +ATTRIBUTE CVX-Modem-Data-Compression 13 string +ATTRIBUTE CVX-Modem-Tx-Packets 14 integer +ATTRIBUTE CVX-Modem-ReTx-Packets 15 integer +ATTRIBUTE CVX-Modem-SNR 16 integer +ATTRIBUTE CVX-Modem-Local-Retrains 17 integer +ATTRIBUTE CVX-Modem-Remote-Retrains 18 integer +ATTRIBUTE CVX-Modem-Local-Rate-Negs 19 integer +ATTRIBUTE CVX-Modem-Remote-Rate-Negs 20 integer +ATTRIBUTE CVX-Modem-Begin-Recv-Line-Lvl 21 integer +ATTRIBUTE CVX-Modem-End-Recv-Line-Lvl 22 integer +ATTRIBUTE CVX-Terminate-Component 23 integer +ATTRIBUTE CVX-Terminate-Cause 24 integer +ATTRIBUTE CVX-Reject-Reason 25 integer + +# +# These are similar to the Ascend attributes +# +ATTRIBUTE CVX-Primary-DNS 135 ipaddr +ATTRIBUTE CVX-Secondary-DNS 136 ipaddr +ATTRIBUTE CVX-Client-Assign-DNS 137 integer +ATTRIBUTE CVX-Multicast-Rate-Limit 152 integer +ATTRIBUTE CVX-Multicast-Client 155 integer +ATTRIBUTE CVX-Disconnect-Cause 195 integer +ATTRIBUTE CVX-Data-Rate 197 integer +ATTRIBUTE CVX-PreSession-Time 198 integer +ATTRIBUTE CVX-Assign-IP-Pool 218 integer +ATTRIBUTE CVX-Maximum-Channels 235 integer +ATTRIBUTE CVX-Data-Filter 242 string +ATTRIBUTE CVX-Idle-Limit 244 integer +ATTRIBUTE CVX-PPP-Address 253 ipaddr +ATTRIBUTE CVX-Xmit-Rate 255 integer + +# +# Aptis VSAs may have either one-octet or four-octet +# fields. One-octet types always have a type less than or equal +# to 127 (i.e. the upper bit is set to 0); four-octet types +# always have the upper bit set to 1. +# +# The 4-byte ones *appear* to also have a length, unlike the USR +# attributes, but there's no way of knowing for sure. +# +# http://samuel.labs.nic.at/at43/dictionary +# says a number of these are "boolean", which means what, exactly? +# +# These are commented out until we figure out how to parse them. +# +#ATTRIBUTE CVX-VPOP-DSByteEnabled 0x84c80001 integer +#ATTRIBUTE CVX-VPOP-DSByteValue 0x84c80002 integer +#ATTRIBUTE CVX-PPP-EstablishTimeLimit 0x85210065 integer +#ATTRIBUTE CVX-PPP-ConnectLimit 0x85210066 integer +#ATTRIBUTE CVX-PPP-InactivityLimit 0x85210067 integer +#ATTRIBUTE CVX-PPP-MonitorTxActivity 0x85210068 integer +#ATTRIBUTE CVX-PPP-MonitorRxActivity 0x85210069 integer +#ATTRIBUTE CVX-PPP-CountRIP 0x8521006a integer +#ATTRIBUTE CVX-PPP-CountPings 0x8521006b integer +#ATTRIBUTE CVX-PPP-CountIGMP 0x8521006c integer +#ATTRIBUTE CVX-PPP-UseEchoes 0x852100c9 integer +#ATTRIBUTE CVX-PPP-SendID 0x852100ca integer +#ATTRIBUTE CVX-PPP-SendTimeRemaining 0x852100cb integer +#ATTRIBUTE CVX-PPP-SendMRU 0x8521012d integer +#ATTRIBUTE CVX-PPP-SendACCM 0x8521012e integer +#ATTRIBUTE CVX-PPP-SendMagic 0x8521012f integer +#ATTRIBUTE CVX-PPP-SendPFC 0x85210130 integer +#ATTRIBUTE CVX-PPP-SendACFC 0x85210131 integer +#ATTRIBUTE CVX-PPP-SendShortSeq 0x85210132 integer +#ATTRIBUTE CVX-PPP-SendEndpointDisc 0x85210133 integer +#ATTRIBUTE CVX-PPP-AllowMRU 0x85210137 integer +#ATTRIBUTE CVX-PPP-AllowACCM 0x85210138 integer +#ATTRIBUTE CVX-PPP-AllowMagic 0x85210139 integer +#ATTRIBUTE CVX-PPP-AllowPFC 0x8521013a integer +#ATTRIBUTE CVX-PPP-AllowACFC 0x8521013b integer +#ATTRIBUTE CVX-PPP-AllowShortSeq 0x8521013c integer +#ATTRIBUTE CVX-PPP-AllowEndpointDisc 0x8521013d integer +#ATTRIBUTE CVX-PPP-LCPMaxConfigure 0x85210191 integer +#ATTRIBUTE CVX-PPP-LCPRestartTimer 0x85210192 integer +#ATTRIBUTE CVX-PPP-PassiveLCP 0x85210193 integer +#ATTRIBUTE CVX-PPP-PassiveLCPTimeout 0x85210194 integer +#ATTRIBUTE CVX-PPP-MinRemoteMRU 0x852101f5 integer +#ATTRIBUTE CVX-PPP-MinLocalMRU 0x852101f6 integer +#ATTRIBUTE CVX-PPP-DesiredLocalMRU 0x852101f7 integer +#ATTRIBUTE CVX-PPP-TransmitACCM 0x852101f8 integer +#ATTRIBUTE CVX-PPP-ReceiveACCM 0x852101f9 integer +#ATTRIBUTE CVX-PPP-MinRemoteMRRU 0x852101fa integer +#ATTRIBUTE CVX-PPP-DesiredRemoteMRRU 0x852101fb integer +#ATTRIBUTE CVX-PPP-MinLocalMRRU 0x852101fc integer +#ATTRIBUTE CVX-PPP-DesiredLocalMRRU 0x852101fd integer +#ATTRIBUTE CVX-PPP-LCPEchoRetries 0x852101fe integer +#ATTRIBUTE CVX-PPP-LCPEchoTimeout 0x852101ff integer +#ATTRIBUTE CVX-PPP-LCPEchoErrorTimeout 0x85210200 integer +#ATTRIBUTE CVX-PPP-TimeRemainingInterval 0x85210201 integer +#ATTRIBUTE CVX-PPP-IDText 0x85210202 string +#ATTRIBUTE CVX-PPP-AuthRequire 0x85210259 integer +#ATTRIBUTE CVX-PPP-AuthAllow 0x8521025a integer +#ATTRIBUTE CVX-PPP-AuthServerProtocol1 0x85210262 integer +#ATTRIBUTE CVX-PPP-AuthServerProtocol2 0x85210263 integer +#ATTRIBUTE CVX-PPP-AuthServerProtocol3 0x85210264 integer +#ATTRIBUTE CVX-PPP-AuthServerProtocol4 0x85210265 integer +#ATTRIBUTE CVX-PPP-AuthClientProtocol1 0x8521026d integer +#ATTRIBUTE CVX-PPP-AuthClientProtocol2 0x8521026e integer +#ATTRIBUTE CVX-PPP-AuthClientProtocol3 0x8521026f integer +#ATTRIBUTE CVX-PPP-AuthClientProtocol4 0x85210270 integer +#ATTRIBUTE CVX-PPP-PAPClientRetries 0x85210277 integer +#ATTRIBUTE CVX-PPP-PAPClientTimeout 0x85210278 integer +#ATTRIBUTE CVX-PPP-PAPServerRetries 0x85210279 integer +#ATTRIBUTE CVX-PPP-PAPServerTimeout 0x8521027a integer +#ATTRIBUTE CVX-PPP-CHAPClientRetries 0x85210281 integer +#ATTRIBUTE CVX-PPP-CHAPClientTimeout 0x85210282 integer +#ATTRIBUTE CVX-PPP-CHAPServerRetries 0x85210283 integer +#ATTRIBUTE CVX-PPP-CHAPServerChallenges 0x85210284 integer +#ATTRIBUTE CVX-PPP-CHAPServerTimeout 0x85210285 integer +#ATTRIBUTE CVX-PPP-CHAPValueLength 0x85210286 integer +#ATTRIBUTE CVX-PPP-AuthFailureRenegotiatesLCP 0x85210287 integer +#ATTRIBUTE CVX-PPP-UserName 0x8521028b string +#ATTRIBUTE CVX-PPP-Password 0x8521028c string +#ATTRIBUTE CVX-PPP-IPCPEnabled 0x852102bd integer +#ATTRIBUTE CVX-PPP-LocalIPAddress 0x852102be ipaddr +#ATTRIBUTE CVX-PPP-RemoteIPAddress 0x852102bf ipaddr +#ATTRIBUTE CVX-PPP-AllowPeerIPAddress 0x852102c0 integer +#ATTRIBUTE CVX-PPP-VJEnabled 0x852102c1 integer +#ATTRIBUTE CVX-PPP-VJSlots 0x852102c2 integer +#ATTRIBUTE CVX-PPP-SendDNS 0x852102c3 integer +#ATTRIBUTE CVX-PPP-SendNBNS 0x852102c4 integer +#ATTRIBUTE CVX-PPP-IPCPMaxConfigure 0x852102c5 integer +#ATTRIBUTE CVX-PPP-IPCPRestartTimer 0x852102c6 integer +#ATTRIBUTE CVX-PPP-PassiveIPCP 0x852102c7 integer +#ATTRIBUTE CVX-PPP-PassiveIPCPTimeout 0x852102c8 integer +#ATTRIBUTE CVX-PPP-DNS1 0x852102c9 ipaddr +#ATTRIBUTE CVX-PPP-DNS2 0x852102ca ipaddr +#ATTRIBUTE CVX-PPP-NBNS1 0x852102cb ipaddr +#ATTRIBUTE CVX-PPP-NBNS2 0x852102cc ipaddr +#ATTRIBUTE CVX-PPP-SendLocalIPAddress 0x852102cd integer +#ATTRIBUTE CVX-PPP-RejectUnknownNS 0x852102ce integer +#ATTRIBUTE CVX-PPP-PeerNSStrategy 0x852102cf integer +#ATTRIBUTE CVX-PPP-MLPEnabled 0x85210321 integer +#ATTRIBUTE CVX-PPP-MLPMaxLinks 0x85210322 integer +#ATTRIBUTE CVX-PPP-MLPFragmentSize 0x85210323 integer +#ATTRIBUTE CVX-PPP-MLPMaxFragments 0x85210324 integer +#ATTRIBUTE CVX-PPP-MLPScaleFragments 0x85210325 integer +#ATTRIBUTE CVX-PPP-MLPSendNullFragments 0x85210326 integer +#ATTRIBUTE CVX-PPP-MLPNullFragmentTimeout 0x85210327 integer +#ATTRIBUTE CVX-PPP-MLPEndpointDisc 0x85210328 integer +#ATTRIBUTE CVX-PPP-MLPGroupNumber 0x85210329 integer +#ATTRIBUTE CVX-PPP-LogEnabled 0x85210385 integer +#ATTRIBUTE CVX-PPP-LogDump 0x85210386 integer +#ATTRIBUTE CVX-PPP-LogSize 0x8521038e integer +#ATTRIBUTE CVX-PPP-LogControlFrames 0x8521038f integer +#ATTRIBUTE CVX-PPP-LogProtocolFrames 0x85210390 integer +#ATTRIBUTE CVX-PPP-LogOptions 0x85210391 integer +#ATTRIBUTE CVX-PPP-LogStates 0x85210392 integer +#ATTRIBUTE CVX-PPP-LogCompression 0x85210393 integer +#ATTRIBUTE CVX-PPP-LogMLP 0x85210394 integer +#ATTRIBUTE CVX-PPP-LogVJ 0x85210395 integer +#ATTRIBUTE CVX-PPP-CCPEnabled 0x852103e9 integer +#ATTRIBUTE CVX-PPP-CompressFrames 0x852103ea integer +#ATTRIBUTE CVX-PPP-Stac3Enabled 0x852103eb integer +#ATTRIBUTE CVX-PPP-Stac4Enabled 0x852103ec integer +#ATTRIBUTE CVX-PPP-MPPCEnabled 0x852103ed integer +#ATTRIBUTE CVX-PPP-StacPerformance 0x852103ee integer +#ATTRIBUTE CVX-PPP-StacMode 0x852103ef integer + +END-VENDOR Aptis diff --git a/freeradius/dict/dictionary.aruba b/freeradius/dict/dictionary.aruba new file mode 100644 index 0000000..7792807 --- /dev/null +++ b/freeradius/dict/dictionary.aruba @@ -0,0 +1,17 @@ +# -*- text -*- +# +# As posted to the list. +# +# Version: $Id$ +# +VENDOR Aruba 14823 +BEGIN-VENDOR Aruba + +ATTRIBUTE Aruba-User-Role 1 string +ATTRIBUTE Aruba-User-Vlan 2 integer +ATTRIBUTE Aruba-Priv-Admin-User 3 integer +ATTRIBUTE Aruba-Admin-Role 4 string +ATTRIBUTE Aruba-Essid-Name 5 string +ATTRIBUTE Aruba-Location-Id 6 string + +END-VENDOR Aruba diff --git a/freeradius/dict/dictionary.ascend b/freeradius/dict/dictionary.ascend new file mode 100644 index 0000000..4819471 --- /dev/null +++ b/freeradius/dict/dictionary.ascend @@ -0,0 +1,1319 @@ +# -*- text -*- +############################################################################## +# +# Ascend dictionary. +# +# $Id$ +# +############################################################################## + +# +# For 16-bit Ascend VSA's, see dictionary.lucent. Those VSA's +# are in the Lucent namespace, and belong in that file, rather +# than here. +# +# +# The Ascend-Data-Filter and Ascend-Call-Filter are case insensitive +# strings, with the following format: +# +# IP FILTERS: +# +# ip dir action [ dstip n.n.n.n/nn ] [ srcip n.n.n.n/nn ] +# [ proto [ dstport cmp value ] [ srcport cmd value ] [ est ] ] +# +# Fields in [...] are optional. +# where: +# +# ip: Keyword to designate an IP filter. Actually this +# has been determined by parseFilter. +# +# dir: Filter direction. "IN" or "OUT" +# +# action: Filter action. "FORWARD" or "DROP" +# +# dstip: Keyword for destination IP address. +# n.n.n.n = IP address. /nn - netmask. +# +# srcip: Keyword for source IP address. +# n.n.n.n = IP address. /nn - netmask. +# +# proto: Optional protocol field. Either a name or +# number. Known names are in FilterProtoName[]. +# +# dstport: Keyword for destination port. Only valid with tcp +# or udp. 'cmp' are in FilterPortType[]. 'value' can be +# a name or number. +# +# srcport: Keyword for source port. Only valid with tcp +# or udp. 'cmp' are in FilterPortType[]. 'value' can be +# a name or number. +# +# est: Keyword for TCP established. Valid only for tcp. +# +# IPX FILTERS +# +# ipx dir action [ srcipxnet nnnn srcipxnode mmmmm [srcipxsoc cmd value ]] +# [ dstipxnet nnnn dstipxnode mmmmm [dstipxsoc cmd value ]] +# +# Fields in [...] are optional. +# where: +# +# ipx: Keyword to designate an IPX filter. Actually this +# has been determined by parseFilter. +# +# dir: Filter direction. "IN" or "OUT" +# +# action: Filter action. "FORWARD" or "DROP" +# +# srcipxnet: Keyword for source IPX address. +# nnnn = IPX Node address. +# +# srcipxnode: Keyword for source IPX Node address. +# mmmmm = IPX Node Address, could be FFFFFF. +# A vlid ipx node number should accompany ipx net number. +# +# srcipxsoc: Keyword for source IPX socket address. +# +# cmd: One of ">" or "<" or "=" or "!=". +# (without the quotes) +# +# value: Socket value to be compared against, in hex. +# +# dstipxnet: Keyword for destination IPX address. +# nnnn = IPX Node address. +# +# dstipxnode: Keyword for destination IPX Node address. +# mmmmm = IPX Node Address, could be FFFFFF. +# A vlid ipx node number should accompany ipx net number. +# +# dstipxsoc: Keyword for destination IPX socket address. +# +# cmd: One of ">" or "<" or "=" or "!=". +# (without the quotes) +# +# value: Socket value to be compared against, in hex. +# +# GENERIC FILTERS +# +# generic dir action offset mask value [== or != ] [more] +# +# Fields in [...] are optional. +# where: +# +# generic: Keyword to indicate a generic filter. This +# has been determined by parseFilter. +# +# dir: Filter direction. "IN" or "OUT" +# +# action: Filter action. "FORWARD" or "DROP" +# +# offset: A Number. Specifies an offset into a frame +# to start comparing. +# +# mask: A hexadecimal mask of bits to compare. +# +# value: A value to compare with the masked data. +# +# compNeq: Defines type of comparison. ( "==" or "!=") +# Default is "==". +# +# more: Optional keyword MORE, to represent the attachment +# to the next entry. + +VENDOR Ascend 529 + +# +# Ascend vendor-specific attributes. +# +BEGIN-VENDOR Ascend +ATTRIBUTE Ascend-Max-Shared-Users 2 integer +ATTRIBUTE Ascend-UU-Info 7 string +ATTRIBUTE Ascend-CIR-Timer 9 integer +ATTRIBUTE Ascend-FR-08-Mode 10 integer +ATTRIBUTE Ascend-Destination-Nas-Port 11 integer +ATTRIBUTE Ascend-FR-SVC-Addr 12 string +ATTRIBUTE Ascend-NAS-Port-Format 13 integer +ATTRIBUTE Ascend-ATM-Fault-Management 14 integer +ATTRIBUTE Ascend-ATM-Loopback-Cell-Loss 15 integer +ATTRIBUTE Ascend-Ckt-Type 16 integer +ATTRIBUTE Ascend-SVC-Enabled 17 integer +ATTRIBUTE Ascend-Session-Type 18 integer +ATTRIBUTE Ascend-H323-Gatekeeper 19 ipaddr +ATTRIBUTE Ascend-Global-Call-Id 20 string +ATTRIBUTE Ascend-H323-Conference-Id 21 integer +ATTRIBUTE Ascend-H323-Fegw-Address 22 ipaddr +ATTRIBUTE Ascend-H323-Dialed-Time 23 integer +ATTRIBUTE Ascend-Dialed-Number 24 string +ATTRIBUTE Ascend-Inter-Arrival-Jitter 25 integer +ATTRIBUTE Ascend-Dropped-Octets 26 integer +ATTRIBUTE Ascend-Dropped-Packets 27 integer +ATTRIBUTE Ascend-Auth-Delay 28 integer +ATTRIBUTE Ascend-X25-Pad-X3-Profile 29 integer +ATTRIBUTE Ascend-X25-Pad-X3-Parameters 30 string +ATTRIBUTE Ascend-Tunnel-VRouter-Name 31 string +ATTRIBUTE Ascend-X25-Reverse-Charging 32 integer +ATTRIBUTE Ascend-X25-Nui-Prompt 33 string +ATTRIBUTE Ascend-X25-Nui-Password-Prompt 34 string +ATTRIBUTE Ascend-X25-Cug 35 string +ATTRIBUTE Ascend-X25-Pad-Alias-1 36 string +ATTRIBUTE Ascend-X25-Pad-Alias-2 37 string +ATTRIBUTE Ascend-X25-Pad-Alias-3 38 string +ATTRIBUTE Ascend-X25-X121-Address 39 string +ATTRIBUTE Ascend-X25-Nui 40 string +ATTRIBUTE Ascend-X25-Rpoa 41 string +ATTRIBUTE Ascend-X25-Pad-Prompt 42 string +ATTRIBUTE Ascend-X25-Pad-Banner 43 string +ATTRIBUTE Ascend-X25-Profile-Name 44 string +ATTRIBUTE Ascend-Recv-Name 45 string +ATTRIBUTE Ascend-Bi-Directional-Auth 46 integer +ATTRIBUTE Ascend-MTU 47 integer +ATTRIBUTE Ascend-Call-Direction 48 integer +ATTRIBUTE Ascend-Service-Type 49 integer +ATTRIBUTE Ascend-Filter-Required 50 integer +ATTRIBUTE Ascend-Traffic-Shaper 51 integer +ATTRIBUTE Ascend-Access-Intercept-LEA 52 string +ATTRIBUTE Ascend-Access-Intercept-Log 53 string +ATTRIBUTE Ascend-Private-Route-Table-ID 54 string +ATTRIBUTE Ascend-Private-Route-Required 55 integer +ATTRIBUTE Ascend-Cache-Refresh 56 integer +ATTRIBUTE Ascend-Cache-Time 57 integer +ATTRIBUTE Ascend-Egress-Enabled 58 integer +ATTRIBUTE Ascend-QOS-Upstream 59 string +ATTRIBUTE Ascend-QOS-Downstream 60 string +ATTRIBUTE Ascend-ATM-Connect-Vpi 61 integer +ATTRIBUTE Ascend-ATM-Connect-Vci 62 integer +ATTRIBUTE Ascend-ATM-Connect-Group 63 integer +ATTRIBUTE Ascend-ATM-Group 64 integer +ATTRIBUTE Ascend-IPX-Header-Compression 65 integer +ATTRIBUTE Ascend-Calling-Id-Type-Of-Num 66 integer +ATTRIBUTE Ascend-Calling-Id-Number-Plan 67 integer +ATTRIBUTE Ascend-Calling-Id-Presentatn 68 integer +ATTRIBUTE Ascend-Calling-Id-Screening 69 integer +ATTRIBUTE Ascend-BIR-Enable 70 integer +ATTRIBUTE Ascend-BIR-Proxy 71 integer +ATTRIBUTE Ascend-BIR-Bridge-Group 72 integer +ATTRIBUTE Ascend-IPSEC-Profile 73 string +ATTRIBUTE Ascend-PPPoE-Enable 74 integer +ATTRIBUTE Ascend-Bridge-Non-PPPoE 75 integer +ATTRIBUTE Ascend-ATM-Direct 76 integer +ATTRIBUTE Ascend-ATM-Direct-Profile 77 string +ATTRIBUTE Ascend-Client-Primary-WINS 78 ipaddr +ATTRIBUTE Ascend-Client-Secondary-WINS 79 ipaddr +ATTRIBUTE Ascend-Client-Assign-WINS 80 integer +ATTRIBUTE Ascend-Auth-Type 81 integer +ATTRIBUTE Ascend-Port-Redir-Protocol 82 integer +ATTRIBUTE Ascend-Port-Redir-Portnum 83 integer +ATTRIBUTE Ascend-Port-Redir-Server 84 ipaddr +ATTRIBUTE Ascend-IP-Pool-Chaining 85 integer +ATTRIBUTE Ascend-Owner-IP-Addr 86 ipaddr +ATTRIBUTE Ascend-IP-TOS 87 integer +ATTRIBUTE Ascend-IP-TOS-Precedence 88 integer +ATTRIBUTE Ascend-IP-TOS-Apply-To 89 integer +ATTRIBUTE Ascend-Filter 90 string +ATTRIBUTE Ascend-Telnet-Profile 91 string +ATTRIBUTE Ascend-Dsl-Rate-Type 92 integer +ATTRIBUTE Ascend-Redirect-Number 93 string +ATTRIBUTE Ascend-ATM-Vpi 94 integer +ATTRIBUTE Ascend-ATM-Vci 95 integer +ATTRIBUTE Ascend-Source-IP-Check 96 integer +ATTRIBUTE Ascend-Dsl-Rate-Mode 97 integer +ATTRIBUTE Ascend-Dsl-Upstream-Limit 98 integer +ATTRIBUTE Ascend-Dsl-Downstream-Limit 99 integer +ATTRIBUTE Ascend-Dsl-CIR-Recv-Limit 100 integer +ATTRIBUTE Ascend-Dsl-CIR-Xmit-Limit 101 integer +ATTRIBUTE Ascend-VRouter-Name 102 string +ATTRIBUTE Ascend-Source-Auth 103 string +ATTRIBUTE Ascend-Private-Route 104 string +ATTRIBUTE Ascend-Numbering-Plan-ID 105 integer +ATTRIBUTE Ascend-FR-Link-Status-DLCI 106 integer +ATTRIBUTE Ascend-Calling-Subaddress 107 string +ATTRIBUTE Ascend-Callback-Delay 108 integer +ATTRIBUTE Ascend-Endpoint-Disc 109 string +ATTRIBUTE Ascend-Remote-FW 110 string +ATTRIBUTE Ascend-Multicast-GLeave-Delay 111 integer +ATTRIBUTE Ascend-CBCP-Enable 112 integer +ATTRIBUTE Ascend-CBCP-Mode 113 integer +ATTRIBUTE Ascend-CBCP-Delay 114 integer +ATTRIBUTE Ascend-CBCP-Trunk-Group 115 integer +ATTRIBUTE Ascend-Appletalk-Route 116 string +ATTRIBUTE Ascend-Appletalk-Peer-Mode 117 integer +ATTRIBUTE Ascend-Route-Appletalk 118 integer +ATTRIBUTE Ascend-FCP-Parameter 119 string +ATTRIBUTE Ascend-Modem-PortNo 120 integer +ATTRIBUTE Ascend-Modem-SlotNo 121 integer +ATTRIBUTE Ascend-Modem-ShelfNo 122 integer +ATTRIBUTE Ascend-Call-Attempt-Limit 123 integer +ATTRIBUTE Ascend-Call-Block-Duration 124 integer +ATTRIBUTE Ascend-Maximum-Call-Duration 125 integer +ATTRIBUTE Ascend-Temporary-Rtes 126 integer +ATTRIBUTE Ascend-Tunneling-Protocol 127 integer +ATTRIBUTE Ascend-Shared-Profile-Enable 128 integer +ATTRIBUTE Ascend-Primary-Home-Agent 129 string +ATTRIBUTE Ascend-Secondary-Home-Agent 130 string +ATTRIBUTE Ascend-Dialout-Allowed 131 integer +ATTRIBUTE Ascend-Client-Gateway 132 ipaddr +ATTRIBUTE Ascend-BACP-Enable 133 integer +ATTRIBUTE Ascend-DHCP-Maximum-Leases 134 integer +ATTRIBUTE Ascend-Client-Primary-DNS 135 ipaddr +ATTRIBUTE Ascend-Client-Secondary-DNS 136 ipaddr +ATTRIBUTE Ascend-Client-Assign-DNS 137 integer +ATTRIBUTE Ascend-User-Acct-Type 138 integer +ATTRIBUTE Ascend-User-Acct-Host 139 ipaddr +ATTRIBUTE Ascend-User-Acct-Port 140 integer +ATTRIBUTE Ascend-User-Acct-Key 141 string +ATTRIBUTE Ascend-User-Acct-Base 142 integer +ATTRIBUTE Ascend-User-Acct-Time 143 integer +ATTRIBUTE Ascend-Assign-IP-Client 144 ipaddr +ATTRIBUTE Ascend-Assign-IP-Server 145 ipaddr +ATTRIBUTE Ascend-Assign-IP-Global-Pool 146 string +ATTRIBUTE Ascend-DHCP-Reply 147 integer +ATTRIBUTE Ascend-DHCP-Pool-Number 148 integer +ATTRIBUTE Ascend-Expect-Callback 149 integer +ATTRIBUTE Ascend-Event-Type 150 integer +ATTRIBUTE Ascend-Session-Svr-Key 151 string +ATTRIBUTE Ascend-Multicast-Rate-Limit 152 integer +ATTRIBUTE Ascend-IF-Netmask 153 ipaddr +ATTRIBUTE Ascend-Remote-Addr 154 ipaddr +ATTRIBUTE Ascend-Multicast-Client 155 integer +ATTRIBUTE Ascend-FR-Circuit-Name 156 string +ATTRIBUTE Ascend-FR-LinkUp 157 integer +ATTRIBUTE Ascend-FR-Nailed-Grp 158 integer +ATTRIBUTE Ascend-FR-Type 159 integer +ATTRIBUTE Ascend-FR-Link-Mgt 160 integer +ATTRIBUTE Ascend-FR-N391 161 integer +ATTRIBUTE Ascend-FR-DCE-N392 162 integer +ATTRIBUTE Ascend-FR-DTE-N392 163 integer +ATTRIBUTE Ascend-FR-DCE-N393 164 integer +ATTRIBUTE Ascend-FR-DTE-N393 165 integer +ATTRIBUTE Ascend-FR-T391 166 integer +ATTRIBUTE Ascend-FR-T392 167 integer +ATTRIBUTE Ascend-Bridge-Address 168 string +ATTRIBUTE Ascend-TS-Idle-Limit 169 integer +ATTRIBUTE Ascend-TS-Idle-Mode 170 integer +ATTRIBUTE Ascend-DBA-Monitor 171 integer +ATTRIBUTE Ascend-Base-Channel-Count 172 integer +ATTRIBUTE Ascend-Minimum-Channels 173 integer +ATTRIBUTE Ascend-IPX-Route 174 string +ATTRIBUTE Ascend-FT1-Caller 175 integer +ATTRIBUTE Ascend-Backup 176 string +ATTRIBUTE Ascend-Call-Type 177 integer +ATTRIBUTE Ascend-Group 178 string +ATTRIBUTE Ascend-FR-DLCI 179 integer +ATTRIBUTE Ascend-FR-Profile-Name 180 string +ATTRIBUTE Ascend-Ara-PW 181 string +ATTRIBUTE Ascend-IPX-Node-Addr 182 string +ATTRIBUTE Ascend-Home-Agent-IP-Addr 183 ipaddr +ATTRIBUTE Ascend-Home-Agent-Password 184 string +ATTRIBUTE Ascend-Home-Network-Name 185 string +ATTRIBUTE Ascend-Home-Agent-UDP-Port 186 integer +ATTRIBUTE Ascend-Multilink-ID 187 integer +ATTRIBUTE Ascend-Num-In-Multilink 188 integer +ATTRIBUTE Ascend-First-Dest 189 ipaddr +ATTRIBUTE Ascend-Pre-Input-Octets 190 integer +ATTRIBUTE Ascend-Pre-Output-Octets 191 integer +ATTRIBUTE Ascend-Pre-Input-Packets 192 integer +ATTRIBUTE Ascend-Pre-Output-Packets 193 integer +ATTRIBUTE Ascend-Maximum-Time 194 integer +ATTRIBUTE Ascend-Disconnect-Cause 195 integer +ATTRIBUTE Ascend-Connect-Progress 196 integer +ATTRIBUTE Ascend-Data-Rate 197 integer +ATTRIBUTE Ascend-PreSession-Time 198 integer +ATTRIBUTE Ascend-Token-Idle 199 integer +ATTRIBUTE Ascend-Token-Immediate 200 integer +ATTRIBUTE Ascend-Require-Auth 201 integer +ATTRIBUTE Ascend-Number-Sessions 202 string +ATTRIBUTE Ascend-Authen-Alias 203 string +ATTRIBUTE Ascend-Token-Expiry 204 integer +ATTRIBUTE Ascend-Menu-Selector 205 string +ATTRIBUTE Ascend-Menu-Item 206 string +ATTRIBUTE Ascend-PW-Warntime 207 integer +ATTRIBUTE Ascend-PW-Lifetime 208 integer +ATTRIBUTE Ascend-IP-Direct 209 ipaddr +ATTRIBUTE Ascend-PPP-VJ-Slot-Comp 210 integer +ATTRIBUTE Ascend-PPP-VJ-1172 211 integer +ATTRIBUTE Ascend-PPP-Async-Map 212 integer +ATTRIBUTE Ascend-Third-Prompt 213 string +ATTRIBUTE Ascend-Send-Secret 214 string encrypt=3 +ATTRIBUTE Ascend-Receive-Secret 215 string encrypt=3 +ATTRIBUTE Ascend-IPX-Peer-Mode 216 integer +ATTRIBUTE Ascend-IP-Pool-Definition 217 string +ATTRIBUTE Ascend-Assign-IP-Pool 218 integer +ATTRIBUTE Ascend-FR-Direct 219 integer +ATTRIBUTE Ascend-FR-Direct-Profile 220 string +ATTRIBUTE Ascend-FR-Direct-DLCI 221 integer +ATTRIBUTE Ascend-Handle-IPX 222 integer +ATTRIBUTE Ascend-Netware-timeout 223 integer +ATTRIBUTE Ascend-IPX-Alias 224 integer +ATTRIBUTE Ascend-Metric 225 integer +ATTRIBUTE Ascend-PRI-Number-Type 226 integer +ATTRIBUTE Ascend-Dial-Number 227 string +ATTRIBUTE Ascend-Route-IP 228 integer +ATTRIBUTE Ascend-Route-IPX 229 integer +ATTRIBUTE Ascend-Bridge 230 integer +ATTRIBUTE Ascend-Send-Auth 231 integer +ATTRIBUTE Ascend-Send-Passwd 232 string +ATTRIBUTE Ascend-Link-Compression 233 integer +ATTRIBUTE Ascend-Target-Util 234 integer +ATTRIBUTE Ascend-Maximum-Channels 235 integer +ATTRIBUTE Ascend-Inc-Channel-Count 236 integer +ATTRIBUTE Ascend-Dec-Channel-Count 237 integer +ATTRIBUTE Ascend-Seconds-Of-History 238 integer +ATTRIBUTE Ascend-History-Weigh-Type 239 integer +ATTRIBUTE Ascend-Add-Seconds 240 integer +ATTRIBUTE Ascend-Remove-Seconds 241 integer +ATTRIBUTE Ascend-Data-Filter 242 abinary +ATTRIBUTE Ascend-Call-Filter 243 abinary +ATTRIBUTE Ascend-Idle-Limit 244 integer +ATTRIBUTE Ascend-Preempt-Limit 245 integer +ATTRIBUTE Ascend-Callback 246 integer +ATTRIBUTE Ascend-Data-Svc 247 integer +ATTRIBUTE Ascend-Force-56 248 integer +ATTRIBUTE Ascend-Billing-Number 249 string +ATTRIBUTE Ascend-Call-By-Call 250 integer +ATTRIBUTE Ascend-Transit-Number 251 string +ATTRIBUTE Ascend-Host-Info 252 string +ATTRIBUTE Ascend-PPP-Address 253 ipaddr +ATTRIBUTE Ascend-MPP-Idle-Percent 254 integer +ATTRIBUTE Ascend-Xmit-Rate 255 integer + +# Ascend protocols +VALUE Service-Type Dialout-Framed-User 5 +VALUE Framed-Protocol Ascend-ARA 255 +VALUE Framed-Protocol Ascend-MPP 256 +VALUE Framed-Protocol Ascend-EURAW 257 +VALUE Framed-Protocol Ascend-EUUI 258 +VALUE Framed-Protocol Ascend-X25 259 +VALUE Framed-Protocol Ascend-COMB 260 +VALUE Framed-Protocol Ascend-FR 261 +VALUE Framed-Protocol Ascend-MP 262 +VALUE Framed-Protocol Ascend-FR-CIR 263 + +# +# Ascend specific extensions +# Used by ASCEND MAX/Pipeline products (see above) +# + +VALUE Ascend-Source-IP-Check Source-IP-Check-No 0 +VALUE Ascend-Source-IP-Check Source-IP-Check-Yes 1 +VALUE Ascend-CBCP-Enable CBCP-Not-Enabled 0 +VALUE Ascend-CBCP-Enable CBCP-Enabled 1 +VALUE Ascend-CBCP-Mode CBCP-No-Callback 1 +VALUE Ascend-CBCP-Mode CBCP-User-Callback 2 +VALUE Ascend-CBCP-Mode CBCP-Profile-Callback 3 +VALUE Ascend-CBCP-Mode CBCP-Any-Or-No 7 +VALUE Ascend-CBCP-Mode CBCP-Off 8 +VALUE Ascend-FR-Direct FR-Direct-No 0 +VALUE Ascend-FR-Direct FR-Direct-Yes 1 +VALUE Ascend-Handle-IPX Handle-IPX-None 0 +VALUE Ascend-Handle-IPX Handle-IPX-Client 1 +VALUE Ascend-Handle-IPX Handle-IPX-Server 2 +VALUE Ascend-IPX-Peer-Mode IPX-Peer-Router 0 +VALUE Ascend-IPX-Peer-Mode IPX-Peer-Dialin 1 +VALUE Ascend-Call-Type Switched 0 +VALUE Ascend-Call-Type Nailed 1 +VALUE Ascend-Call-Type Nailed/Mpp 2 +VALUE Ascend-Call-Type Perm/Switched 3 +VALUE Ascend-Call-Type AO/DI 6 +VALUE Ascend-Call-Type MegaMax 7 +VALUE Ascend-FT1-Caller FT1-No 0 +VALUE Ascend-FT1-Caller FT1-Yes 1 +VALUE Ascend-PRI-Number-Type Unknown-Number 0 +VALUE Ascend-PRI-Number-Type Intl-Number 1 +VALUE Ascend-PRI-Number-Type National-Number 2 +VALUE Ascend-PRI-Number-Type Net-Specific-Number 3 +VALUE Ascend-PRI-Number-Type Local-Number 4 +VALUE Ascend-PRI-Number-Type Abbrev-Number 5 + +VALUE Ascend-Route-IP Route-IP-No 0 +VALUE Ascend-Route-IP Route-IP-Yes 1 +VALUE Ascend-Route-IPX Route-IPX-No 0 +VALUE Ascend-Route-IPX Route-IPX-Yes 1 +VALUE Ascend-Bridge Bridge-No 0 +VALUE Ascend-Bridge Bridge-Yes 1 +VALUE Ascend-TS-Idle-Mode TS-Idle-None 0 +VALUE Ascend-TS-Idle-Mode TS-Idle-Input 1 +VALUE Ascend-TS-Idle-Mode TS-Idle-Input-Output 2 + +VALUE Ascend-Send-Auth Send-Auth-None 0 +VALUE Ascend-Send-Auth Send-Auth-PAP 1 +VALUE Ascend-Send-Auth Send-Auth-CHAP 2 +VALUE Ascend-Send-Auth Send-Auth-MS-CHAP 3 + +VALUE Ascend-Link-Compression Link-Comp-None 0 +VALUE Ascend-Link-Compression Link-Comp-Stac 1 +VALUE Ascend-Link-Compression Link-Comp-Stac-Draft-9 2 +VALUE Ascend-Link-Compression Link-Comp-MS-Stac 3 +VALUE Ascend-History-Weigh-Type History-Constant 0 +VALUE Ascend-History-Weigh-Type History-Linear 1 +VALUE Ascend-History-Weigh-Type History-Quadratic 2 +VALUE Ascend-Callback Callback-No 0 +VALUE Ascend-Callback Callback-Yes 1 +VALUE Ascend-Expect-Callback Expect-Callback-No 0 +VALUE Ascend-Expect-Callback Expect-Callback-Yes 1 +VALUE Ascend-Data-Svc Switched-Voice-Bearer 0 +VALUE Ascend-Data-Svc Nailed-56KR 1 +VALUE Ascend-Data-Svc Nailed-64K 2 +VALUE Ascend-Data-Svc Switched-64KR 3 +VALUE Ascend-Data-Svc Switched-56K 4 +VALUE Ascend-Data-Svc Switched-384KR 5 +VALUE Ascend-Data-Svc Switched-384K 6 +VALUE Ascend-Data-Svc Switched-1536K 7 +VALUE Ascend-Data-Svc Switched-1536KR 8 +VALUE Ascend-Data-Svc Switched-128K 9 +VALUE Ascend-Data-Svc Switched-192K 10 +VALUE Ascend-Data-Svc Switched-256K 11 +VALUE Ascend-Data-Svc Switched-320K 12 +VALUE Ascend-Data-Svc Switched-384K-MR 13 +VALUE Ascend-Data-Svc Switched-448K 14 +VALUE Ascend-Data-Svc Switched-512K 15 +VALUE Ascend-Data-Svc Switched-576K 16 +VALUE Ascend-Data-Svc Switched-640K 17 +VALUE Ascend-Data-Svc Switched-704K 18 +VALUE Ascend-Data-Svc Switched-768K 19 +VALUE Ascend-Data-Svc Switched-832K 20 +VALUE Ascend-Data-Svc Switched-896K 21 +VALUE Ascend-Data-Svc Switched-960K 22 +VALUE Ascend-Data-Svc Switched-1024K 23 +VALUE Ascend-Data-Svc Switched-1088K 24 +VALUE Ascend-Data-Svc Switched-1152K 25 +VALUE Ascend-Data-Svc Switched-1216K 26 +VALUE Ascend-Data-Svc Switched-1280K 27 +VALUE Ascend-Data-Svc Switched-1344K 28 +VALUE Ascend-Data-Svc Switched-1408K 29 +VALUE Ascend-Data-Svc Switched-1472K 30 +VALUE Ascend-Data-Svc Switched-1600K 31 +VALUE Ascend-Data-Svc Switched-1664K 32 +VALUE Ascend-Data-Svc Switched-1728K 33 +VALUE Ascend-Data-Svc Switched-1792K 34 +VALUE Ascend-Data-Svc Switched-1856K 35 +VALUE Ascend-Data-Svc Switched-1920K 36 +VALUE Ascend-Data-Svc Switched-inherited 37 +VALUE Ascend-Data-Svc Switched-restricted-bearer-x30 38 +VALUE Ascend-Data-Svc Switched-clear-bearer-v110 39 +VALUE Ascend-Data-Svc Switched-restricted-64-x30 40 +VALUE Ascend-Data-Svc Switched-clear-56-v110 41 +VALUE Ascend-Data-Svc Switched-modem 42 +VALUE Ascend-Data-Svc Switched-atmodem 43 +VALUE Ascend-Data-Svc Switched-V110-24-56 45 +VALUE Ascend-Data-Svc Switched-V110-48-56 46 +VALUE Ascend-Data-Svc Switched-V110-96-56 47 +VALUE Ascend-Data-Svc Switched-V110-192-56 48 +VALUE Ascend-Data-Svc Switched-V110-384-56 49 +VALUE Ascend-Data-Svc Switched-V110-24-56R 50 +VALUE Ascend-Data-Svc Switched-V110-48-56R 51 +VALUE Ascend-Data-Svc Switched-V110-96-56R 52 +VALUE Ascend-Data-Svc Switched-V110-192-56R 53 +VALUE Ascend-Data-Svc Switched-V110-384-56R 54 +VALUE Ascend-Data-Svc Switched-V110-24-64 55 +VALUE Ascend-Data-Svc Switched-V110-48-64 56 +VALUE Ascend-Data-Svc Switched-V110-96-64 57 +VALUE Ascend-Data-Svc Switched-V110-192-64 58 +VALUE Ascend-Data-Svc Switched-V110-384-64 59 +VALUE Ascend-Data-Svc Switched-V110-24-64R 60 +VALUE Ascend-Data-Svc Switched-V110-48-64R 61 +VALUE Ascend-Data-Svc Switched-V110-96-64R 62 +VALUE Ascend-Data-Svc Switched-V110-384-64R 64 +VALUE Ascend-Data-Svc Switched-V110-192-64R 63 + +VALUE Ascend-Data-Svc Switched-Pots 68 +VALUE Ascend-Data-Svc Switched-ATM 69 +VALUE Ascend-Data-Svc Switched-FR 70 + +VALUE Ascend-Force-56 Force-56-No 0 +VALUE Ascend-Force-56 Force-56-Yes 1 +VALUE Ascend-PW-Lifetime Lifetime-In-Days 0 +VALUE Ascend-PW-Warntime Days-Of-Warning 0 +VALUE Ascend-PPP-VJ-1172 PPP-VJ-1172 1 +VALUE Ascend-PPP-VJ-Slot-Comp VJ-Slot-Comp-No 1 +VALUE Ascend-Require-Auth Not-Require-Auth 0 +VALUE Ascend-Require-Auth Require-Auth 1 +VALUE Ascend-Token-Immediate Tok-Imm-No 0 +VALUE Ascend-Token-Immediate Tok-Imm-Yes 1 +VALUE Ascend-DBA-Monitor DBA-Transmit 0 +VALUE Ascend-DBA-Monitor DBA-Transmit-Recv 1 +VALUE Ascend-DBA-Monitor DBA-None 2 +VALUE Ascend-FR-Type Ascend-FR-DTE 0 +VALUE Ascend-FR-Type Ascend-FR-DCE 1 +VALUE Ascend-FR-Type Ascend-FR-NNI 2 +VALUE Ascend-FR-Link-Mgt Ascend-FR-No-Link-Mgt 0 +VALUE Ascend-FR-Link-Mgt Ascend-FR-T1-617D 1 +VALUE Ascend-FR-Link-Mgt Ascend-FR-Q-933A 2 +VALUE Ascend-FR-LinkUp Ascend-LinkUp-Default 0 +VALUE Ascend-FR-LinkUp Ascend-LinkUp-AlwaysUp 1 +VALUE Ascend-Multicast-Client Multicast-No 0 +VALUE Ascend-Multicast-Client Multicast-Yes 1 +VALUE Ascend-User-Acct-Type Ascend-User-Acct-None 0 +VALUE Ascend-User-Acct-Type Ascend-User-Acct-User 1 +VALUE Ascend-User-Acct-Type Ascend-User-Acct-User-Default 2 +VALUE Ascend-User-Acct-Base Base-10 0 +VALUE Ascend-User-Acct-Base Base-16 1 +VALUE Ascend-DHCP-Reply DHCP-Reply-No 0 +VALUE Ascend-DHCP-Reply DHCP-Reply-Yes 1 +VALUE Ascend-Client-Assign-DNS DNS-Assign-No 0 +VALUE Ascend-Client-Assign-DNS DNS-Assign-Yes 1 +VALUE Ascend-Event-Type Ascend-ColdStart 1 +VALUE Ascend-Event-Type Ascend-Session-Event 2 +VALUE Ascend-BACP-Enable BACP-No 0 +VALUE Ascend-BACP-Enable BACP-Yes 1 + +VALUE Ascend-Dialout-Allowed Dialout-Not-Allowed 0 +VALUE Ascend-Dialout-Allowed Dialout-Allowed 1 + +VALUE Ascend-Shared-Profile-Enable Shared-Profile-No 0 +VALUE Ascend-Shared-Profile-Enable Shared-Profile-Yes 1 + +VALUE Ascend-Temporary-Rtes Temp-Rtes-No 0 +VALUE Ascend-Temporary-Rtes Temp-Rtes-Yes 1 + +# Ascend Disconnect Cause Values + +VALUE Ascend-Disconnect-Cause No-Reason 0 +VALUE Ascend-Disconnect-Cause Not-Applicable 1 +VALUE Ascend-Disconnect-Cause Unknown 2 +VALUE Ascend-Disconnect-Cause Call-Disconnected 3 +VALUE Ascend-Disconnect-Cause CLID-Authentication-Failed 4 +VALUE Ascend-Disconnect-Cause CLID-RADIUS-Timeout 5 + +VALUE Ascend-Disconnect-Cause Modem-No-DCD 10 +VALUE Ascend-Disconnect-Cause DCD-Detected-Then-Inactive 11 +VALUE Ascend-Disconnect-Cause Modem-Invalid-Result-Codes 12 + +VALUE Ascend-Disconnect-Cause TermSrv-User-Quit 20 +VALUE Ascend-Disconnect-Cause TermSrv-Idle-Timeout 21 +VALUE Ascend-Disconnect-Cause TermSrv-Exit-Telnet 22 +VALUE Ascend-Disconnect-Cause TermSrv-No-IPaddr 23 +VALUE Ascend-Disconnect-Cause TermSrv-Exit-Raw-TCP 24 +VALUE Ascend-Disconnect-Cause TermSrv-Exit-Login-Failed 25 +VALUE Ascend-Disconnect-Cause TermSrv-Exit-Raw-TCP-Disabled 26 +VALUE Ascend-Disconnect-Cause TermSrv-CTRL-C-In-Login 27 +VALUE Ascend-Disconnect-Cause TermSrv-Destroyed 28 +VALUE Ascend-Disconnect-Cause TermSrv-User-Closed-VCon 29 + +VALUE Ascend-Disconnect-Cause TermSrv-VCon-Destroyed 30 +VALUE Ascend-Disconnect-Cause TermSrv-Exit-Rlogin 31 +VALUE Ascend-Disconnect-Cause TermSrv-Bad-Rlogin-Option 32 +VALUE Ascend-Disconnect-Cause TermSrv-Not-Enough-Resources 33 + +VALUE Ascend-Disconnect-Cause MPP-No-NULL-Msg-Timeout 35 + +VALUE Ascend-Disconnect-Cause PPP-LCP-Timeout 40 +VALUE Ascend-Disconnect-Cause PPP-LCP-Negotion-Failed 41 +VALUE Ascend-Disconnect-Cause PPP-PAP-Auth-Failed 42 +VALUE Ascend-Disconnect-Cause PPP-CHAP-Auth-Failed 43 +VALUE Ascend-Disconnect-Cause PPP-Rmt-Auth-Failed 44 +VALUE Ascend-Disconnect-Cause PPP-Rcv-Terminate-Req 45 +VALUE Ascend-Disconnect-Cause PPP-Rcv-Close-Event 46 +VALUE Ascend-Disconnect-Cause PPP-No-NCPs-Open 47 +VALUE Ascend-Disconnect-Cause PPP-MP-Bundle-Unknown 48 +VALUE Ascend-Disconnect-Cause PPP-LCP-Close-MP-Add-Fail 49 + +VALUE Ascend-Disconnect-Cause Session-Table-Full 50 +VALUE Ascend-Disconnect-Cause Out-Of-Resources 51 +VALUE Ascend-Disconnect-Cause Invalid-IP-Address 52 +VALUE Ascend-Disconnect-Cause Hostname-Resolution-Failed 53 +VALUE Ascend-Disconnect-Cause Bad-Or-Missing-Port-Number 54 + +VALUE Ascend-Disconnect-Cause Host-Reset 60 +VALUE Ascend-Disconnect-Cause Connection-Refused 61 +VALUE Ascend-Disconnect-Cause Connection-Timeout 62 +VALUE Ascend-Disconnect-Cause Connection-Closed 63 +VALUE Ascend-Disconnect-Cause Network-Unreachable 64 +VALUE Ascend-Disconnect-Cause Host-Unreachable 65 +VALUE Ascend-Disconnect-Cause Network-Unreachable-Admin 66 +VALUE Ascend-Disconnect-Cause Host-Unreachable-Admin 67 +VALUE Ascend-Disconnect-Cause Port-Unreachable 68 + +VALUE Ascend-Disconnect-Cause Session-Timeout 100 +VALUE Ascend-Disconnect-Cause Invalid-Incoming-User 101 +VALUE Ascend-Disconnect-Cause Disconnect-Due-To-Callback 102 + +VALUE Ascend-Disconnect-Cause Proto-Disabled-Or-Unsupported 120 + +VALUE Ascend-Disconnect-Cause Disconnect-Req-By-RADIUS 150 +VALUE Ascend-Disconnect-Cause Disconnect-Req-By-Local-Admin 151 + +VALUE Ascend-Disconnect-Cause V110-Timeout-Sync-Retry-Exceed 160 + +VALUE Ascend-Disconnect-Cause PPP-Auth-Timeout-Exceeded 170 +VALUE Ascend-Disconnect-Cause User-Executed-Do-Hangup 180 +VALUE Ascend-Disconnect-Cause Remote-End-Hung-Up 185 +VALUE Ascend-Disconnect-Cause Resource-Has-Been-Quiesced 190 +VALUE Ascend-Disconnect-Cause Max-Call-Duration-Reached 195 + +# ascend connect progress codes +VALUE Ascend-Connect-Progress No-Progress 0 +VALUE Ascend-Connect-Progress Call-Up 10 +VALUE Ascend-Connect-Progress Modem-Up 30 +VALUE Ascend-Connect-Progress Modem-Awaiting-DCD 31 +VALUE Ascend-Connect-Progress Modem-Awaiting-Codes 32 +VALUE Ascend-Connect-Progress TermSrv-Started 40 +VALUE Ascend-Connect-Progress TermSrv-Raw-TCP-Started 41 +VALUE Ascend-Connect-Progress TermSrv-Telnet-Started 42 +VALUE Ascend-Connect-Progress TermSrv-Raw-TCP-Connected 43 +VALUE Ascend-Connect-Progress TermSrv-Telnet-Connected 44 +VALUE Ascend-Connect-Progress TermSrv-Rlogin-Started 45 +VALUE Ascend-Connect-Progress TermSrv-Rlogin-Connected 46 +VALUE Ascend-Connect-Progress Modem-Outdial-Call-Up 50 +VALUE Ascend-Connect-Progress LAN-Session-Up 60 +VALUE Ascend-Connect-Progress LCP-Opening 61 +VALUE Ascend-Connect-Progress CCP-Opening 62 +VALUE Ascend-Connect-Progress IPNCP-Opening 63 +VALUE Ascend-Connect-Progress BNCP-Opening 64 +VALUE Ascend-Connect-Progress LCP-Opened 65 +VALUE Ascend-Connect-Progress CCP-Opened 66 +VALUE Ascend-Connect-Progress IPNCP-Opened 67 +VALUE Ascend-Connect-Progress BNCP-Opened 68 +VALUE Ascend-Connect-Progress LCP-State-Initial 69 +VALUE Ascend-Connect-Progress LCP-State-Starting 70 +VALUE Ascend-Connect-Progress LCP-State-Closed 71 +VALUE Ascend-Connect-Progress LCP-State-Stopped 72 +VALUE Ascend-Connect-Progress LCP-State-Closing 73 +VALUE Ascend-Connect-Progress LCP-State-Stopping 74 +VALUE Ascend-Connect-Progress LCP-State-Request-Sent 75 +VALUE Ascend-Connect-Progress LCP-State-Ack-Received 76 +VALUE Ascend-Connect-Progress LCP-State-Ack-Sent 77 +VALUE Ascend-Connect-Progress IPXNCP-Opened 80 +VALUE Ascend-Connect-Progress ATNCP-Opened 81 +VALUE Ascend-Connect-Progress BACP-Opening 82 +VALUE Ascend-Connect-Progress BACP-Opened 83 +VALUE Ascend-Connect-Progress V110-Up 90 +VALUE Ascend-Connect-Progress V110-State-Opened 91 +VALUE Ascend-Connect-Progress V110-State-Carrier 92 +VALUE Ascend-Connect-Progress V110-State-Reset 93 +VALUE Ascend-Connect-Progress V110-State-Closed 94 +VALUE Ascend-ATM-Direct ATM-Direct-No 0 +VALUE Ascend-ATM-Direct ATM-Direct-Yes 1 +VALUE Ascend-ATM-Fault-Management VC-End-To-End-Loopback 2 +VALUE Ascend-ATM-Fault-Management VC-No-Loopback 0 +VALUE Ascend-ATM-Fault-Management VC-Segment-Loopback 1 +VALUE Ascend-Appletalk-Peer-Mode Appletalk-Peer-Dialin 1 +VALUE Ascend-Appletalk-Peer-Mode Appletalk-Peer-Router 0 +VALUE Ascend-Auth-Type Auth-Any 2 +VALUE Ascend-Auth-Type Auth-CHAP 4 +VALUE Ascend-Auth-Type Auth-Default 1 +VALUE Ascend-Auth-Type Auth-MS-CHAP 5 +VALUE Ascend-Auth-Type Auth-None 0 +VALUE Ascend-Auth-Type Auth-PAP 3 +VALUE Ascend-BIR-Enable BIR-Enable-No 0 +VALUE Ascend-BIR-Enable BIR-Enable-Yes 1 +VALUE Ascend-BIR-Proxy BIR-Proxy-No 0 +VALUE Ascend-BIR-Proxy BIR-Proxy-Yes 1 +VALUE Ascend-Bi-Directional-Auth Bi-Directional-Auth-Allowed 1 +VALUE Ascend-Bi-Directional-Auth Bi-Directional-Auth-None 0 +VALUE Ascend-Bi-Directional-Auth Bi-Directional-Auth-Required 2 +VALUE Ascend-Bridge-Non-PPPoE Bridge-Non-PPPoE-No 0 +VALUE Ascend-Bridge-Non-PPPoE Bridge-Non-PPPoE-Yes 1 +VALUE Ascend-Cache-Refresh Refresh-No 0 +VALUE Ascend-Cache-Refresh Refresh-Yes 1 +VALUE Ascend-Call-Direction Ascend-Call-Direction-Incoming 0 +VALUE Ascend-Call-Direction Ascend-Call-Direction-Outgoing 1 +VALUE Ascend-Calling-Id-Number-Plan Data 3 +VALUE Ascend-Calling-Id-Number-Plan ISDN-Telephony 1 +VALUE Ascend-Calling-Id-Number-Plan National 8 +VALUE Ascend-Calling-Id-Number-Plan Private 9 +VALUE Ascend-Calling-Id-Number-Plan Telex 4 +VALUE Ascend-Calling-Id-Number-Plan Unknown 0 +VALUE Ascend-Calling-Id-Presentatn Allowed 0 +VALUE Ascend-Calling-Id-Presentatn Number-Not-Available 2 +VALUE Ascend-Calling-Id-Presentatn Restricted 1 +VALUE Ascend-Calling-Id-Screening Network-Provided 3 +VALUE Ascend-Calling-Id-Screening User-Not-Screened 0 +VALUE Ascend-Calling-Id-Screening User-Provided-Failed 2 +VALUE Ascend-Calling-Id-Screening User-Provided-Passed 1 +VALUE Ascend-Calling-Id-Type-Of-Num Abbreviated-Number 6 +VALUE Ascend-Calling-Id-Type-Of-Num International-Number 1 +VALUE Ascend-Calling-Id-Type-Of-Num National-Number 2 +VALUE Ascend-Calling-Id-Type-Of-Num Network-Specific 3 +VALUE Ascend-Calling-Id-Type-Of-Num Subscriber-Number 4 +VALUE Ascend-Calling-Id-Type-Of-Num Unknown 0 +VALUE Ascend-Ckt-Type Ascend-PVC 0 +VALUE Ascend-Ckt-Type Ascend-SVC 1 +VALUE Ascend-Client-Assign-WINS WINS-Assign-No 0 +VALUE Ascend-Client-Assign-WINS WINS-Assign-Yes 1 + +VALUE Ascend-Dsl-Downstream-Limit adslcap-dn-1280000 10 +VALUE Ascend-Dsl-Downstream-Limit adslcap-dn-1600000 9 +VALUE Ascend-Dsl-Downstream-Limit adslcap-dn-1920000 8 +VALUE Ascend-Dsl-Downstream-Limit adslcap-dn-2240000 7 +VALUE Ascend-Dsl-Downstream-Limit adslcap-dn-2560000 6 +VALUE Ascend-Dsl-Downstream-Limit adslcap-dn-2688000 5 +VALUE Ascend-Dsl-Downstream-Limit adslcap-dn-3200000 4 +VALUE Ascend-Dsl-Downstream-Limit adslcap-dn-4480000 3 +VALUE Ascend-Dsl-Downstream-Limit adslcap-dn-5120000 2 +VALUE Ascend-Dsl-Downstream-Limit adslcap-dn-6272000 1 +VALUE Ascend-Dsl-Downstream-Limit adslcap-dn-640000 12 +VALUE Ascend-Dsl-Downstream-Limit adslcap-dn-7168000 0 +VALUE Ascend-Dsl-Downstream-Limit adslcap-dn-960000 11 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-128000 121 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-1280000 114 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-1600000 113 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-1920000 112 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-2240000 111 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-256000 120 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-2560000 110 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-2688000 109 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-3200000 108 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-384000 119 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-4480000 107 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-512000 118 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-5120000 106 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-6272000 105 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-640000 117 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-7168000 104 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-768000 116 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-8000000 103 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-8960000 102 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-9504000 101 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-960000 115 +VALUE Ascend-Dsl-Downstream-Limit adsldmt-dn-auto 100 +VALUE Ascend-Dsl-Rate-Mode Rate-Mode-AutoBaud 1 +VALUE Ascend-Dsl-Rate-Mode Rate-Mode-Single 2 +VALUE Ascend-Dsl-Rate-Type Rate-Type-AdslCap 2 +VALUE Ascend-Dsl-Rate-Type Rate-Type-AdslDmt 4 +VALUE Ascend-Dsl-Rate-Type Rate-Type-AdslDmtCell 3 +VALUE Ascend-Dsl-Rate-Type Rate-Type-Disabled 0 +VALUE Ascend-Dsl-Rate-Type Rate-Type-Sdsl 1 +VALUE Ascend-Dsl-Upstream-Limit adsldmt-up-896000 153 +VALUE Ascend-Dsl-Upstream-Limit adslcap-up-1088000 50 +VALUE Ascend-Dsl-Upstream-Limit adslcap-up-272000 56 +VALUE Ascend-Dsl-Upstream-Limit adslcap-up-408000 55 +VALUE Ascend-Dsl-Upstream-Limit adslcap-up-544000 54 +VALUE Ascend-Dsl-Upstream-Limit adslcap-up-680000 53 +VALUE Ascend-Dsl-Upstream-Limit adslcap-up-816000 52 +VALUE Ascend-Dsl-Upstream-Limit adslcap-up-952000 51 +VALUE Ascend-Dsl-Upstream-Limit adsldmt-up-1088000 151 +VALUE Ascend-Dsl-Upstream-Limit adsldmt-up-128000 160 +VALUE Ascend-Dsl-Upstream-Limit adsldmt-up-256000 159 +VALUE Ascend-Dsl-Upstream-Limit adsldmt-up-384000 158 +VALUE Ascend-Dsl-Upstream-Limit adsldmt-up-512000 157 +VALUE Ascend-Dsl-Upstream-Limit adsldmt-up-640000 156 +VALUE Ascend-Dsl-Upstream-Limit adsldmt-up-768000 155 +VALUE Ascend-Dsl-Upstream-Limit adsldmt-up-800000 154 +VALUE Ascend-Dsl-Upstream-Limit adsldmt-up-928000 152 +VALUE Ascend-Dsl-Upstream-Limit adsldmt-up-auto 150 +VALUE Ascend-Dsl-Upstream-Limit sdsl-1168000 5 +VALUE Ascend-Dsl-Upstream-Limit sdsl-144000 0 +VALUE Ascend-Dsl-Upstream-Limit sdsl-1552000 6 +VALUE Ascend-Dsl-Upstream-Limit sdsl-2320000 7 +VALUE Ascend-Dsl-Upstream-Limit sdsl-272000 1 +VALUE Ascend-Dsl-Upstream-Limit sdsl-400000 2 +VALUE Ascend-Dsl-Upstream-Limit sdsl-528000 3 +VALUE Ascend-Dsl-Upstream-Limit sdsl-784000 4 +VALUE Ascend-FR-Link-Status-DLCI Ascend-FR-LMI-Dlci-0 0 +VALUE Ascend-FR-Link-Status-DLCI Ascend-FR-LMI-Dlci-1023 1023 +VALUE Ascend-Filter-Required Required-No 0 +VALUE Ascend-Filter-Required Required-Yes 1 +VALUE Ascend-IP-Pool-Chaining IP-Pool-Chaining-No 0 +VALUE Ascend-IP-Pool-Chaining IP-Pool-Chaining-Yes 1 +VALUE Ascend-IP-TOS IP-TOS-Cost 2 +VALUE Ascend-IP-TOS IP-TOS-Disabled 1 +VALUE Ascend-IP-TOS IP-TOS-Latency 16 +VALUE Ascend-IP-TOS IP-TOS-Normal 0 +VALUE Ascend-IP-TOS IP-TOS-Reliability 4 +VALUE Ascend-IP-TOS IP-TOS-Throughput 8 +VALUE Ascend-IP-TOS-Apply-To IP-TOS-Apply-To-Both 3072 +VALUE Ascend-IP-TOS-Apply-To IP-TOS-Apply-To-Incoming 1024 +VALUE Ascend-IP-TOS-Apply-To IP-TOS-Apply-To-Outgoing 2048 +VALUE Ascend-IP-TOS-Precedence IP-TOS-Precedence-Pri-Five 160 +VALUE Ascend-IP-TOS-Precedence IP-TOS-Precedence-Pri-Four 128 +VALUE Ascend-IP-TOS-Precedence IP-TOS-Precedence-Pri-Normal 0 +VALUE Ascend-IP-TOS-Precedence IP-TOS-Precedence-Pri-One 32 +VALUE Ascend-IP-TOS-Precedence IP-TOS-Precedence-Pri-Seven 224 +VALUE Ascend-IP-TOS-Precedence IP-TOS-Precedence-Pri-Six 192 +VALUE Ascend-IP-TOS-Precedence IP-TOS-Precedence-Pri-Three 96 +VALUE Ascend-IP-TOS-Precedence IP-TOS-Precedence-Pri-Two 64 +VALUE Ascend-IPX-Header-Compression IPX-Header-Compression-No 0 +VALUE Ascend-IPX-Header-Compression IPX-Header-Compression-Yes 1 +VALUE Ascend-NAS-Port-Format 1_2_2 3 +VALUE Ascend-NAS-Port-Format 2_4_5_5 2 +VALUE Ascend-NAS-Port-Format 2_4_6_4 1 +VALUE Ascend-NAS-Port-Format Unknown 0 +VALUE Ascend-Numbering-Plan-ID ISDN-Numbering-Plan 1 +VALUE Ascend-Numbering-Plan-ID Private-Numbering-Plan 9 +VALUE Ascend-Numbering-Plan-ID Unknown-Numbering-Plan 0 +VALUE Ascend-PPPoE-Enable PPPoE-No 0 +VALUE Ascend-PPPoE-Enable PPPoE-Yes 1 +VALUE Ascend-Port-Redir-Protocol Ascend-Proto-TCP 6 +VALUE Ascend-Port-Redir-Protocol Ascend-Proto-UDP 17 +VALUE Ascend-Private-Route-Required Required-No 0 +VALUE Ascend-Private-Route-Required Required-Yes 1 +VALUE Ascend-Route-Appletalk Route-Appletalk-No 0 +VALUE Ascend-Route-Appletalk Route-Appletalk-Yes 1 +VALUE Ascend-SVC-Enabled Ascend-SVC-Enabled-No 0 +VALUE Ascend-SVC-Enabled Ascend-SVC-Enabled-Yes 1 + +VALUE Ascend-Service-Type Ascend-Service-Type-ATM 20 +VALUE Ascend-Service-Type Ascend-Service-Type-Combinet 7 +VALUE Ascend-Service-Type Ascend-Service-Type-EuRaw 9 +VALUE Ascend-Service-Type Ascend-Service-Type-EuUi 10 +VALUE Ascend-Service-Type Ascend-Service-Type-FR 8 +VALUE Ascend-Service-Type Ascend-Service-Type-HdlcNrm 21 +VALUE Ascend-Service-Type Ascend-Service-Type-IpFax 19 +VALUE Ascend-Service-Type Ascend-Service-Type-MP 15 +VALUE Ascend-Service-Type Ascend-Service-Type-MPP 5 +VALUE Ascend-Service-Type Ascend-Service-Type-NetToNet 25 +VALUE Ascend-Service-Type Ascend-Service-Type-None 1 +VALUE Ascend-Service-Type Ascend-Service-Type-NotUsed 0 +VALUE Ascend-Service-Type Ascend-Service-Type-Other 2 +VALUE Ascend-Service-Type Ascend-Service-Type-PPP 3 +VALUE Ascend-Service-Type Ascend-Service-Type-PseuTunPPP 18 +VALUE Ascend-Service-Type Ascend-Service-Type-RawTcp 13 +VALUE Ascend-Service-Type Ascend-Service-Type-Slip 4 +VALUE Ascend-Service-Type Ascend-Service-Type-Telnet 11 +VALUE Ascend-Service-Type Ascend-Service-Type-TelnetBin 12 +VALUE Ascend-Service-Type Ascend-Service-Type-TermServer 14 +VALUE Ascend-Service-Type Ascend-Service-Type-VirtualConn 16 +VALUE Ascend-Service-Type Ascend-Service-Type-Visa2 23 +VALUE Ascend-Service-Type Ascend-Service-Type-VoIp 22 +VALUE Ascend-Service-Type Ascend-Service-Type-X25 6 +VALUE Ascend-Service-Type Ascend-Service-Type-X25DChan 17 +VALUE Ascend-Session-Type Ascend-Session-G711-Alaw 3 +VALUE Ascend-Session-Type Ascend-Session-G711-Ulaw 2 +VALUE Ascend-Session-Type Ascend-Session-G723 4 +VALUE Ascend-Session-Type Ascend-Session-G723-64KPS 6 +VALUE Ascend-Session-Type Ascend-Session-G728 7 +VALUE Ascend-Session-Type Ascend-Session-G729 5 +VALUE Ascend-Session-Type Ascend-Session-RT24 8 +VALUE Ascend-Session-Type Ascend-Session-Unknown 1 +VALUE Ascend-Session-Type Ascend-Session-Unused 0 + +VALUE Ascend-Tunneling-Protocol ATMP-Tunnel 0 +VALUE Ascend-Tunneling-Protocol VTP-Tunnel 1 + +VALUE Ascend-X25-Pad-X3-Profile CC_SSP 4 +VALUE Ascend-X25-Pad-X3-Profile CC_TSP 5 +VALUE Ascend-X25-Pad-X3-Profile CRT 0 +VALUE Ascend-X25-Pad-X3-Profile CUSTOM 11 +VALUE Ascend-X25-Pad-X3-Profile DEFAULT 2 +VALUE Ascend-X25-Pad-X3-Profile HARDCOPY 6 +VALUE Ascend-X25-Pad-X3-Profile HDX 7 +VALUE Ascend-X25-Pad-X3-Profile INFONET 1 +VALUE Ascend-X25-Pad-X3-Profile NULL 10 +VALUE Ascend-X25-Pad-X3-Profile POS 9 +VALUE Ascend-X25-Pad-X3-Profile SCEN 3 +VALUE Ascend-X25-Pad-X3-Profile SHARK 8 +VALUE Ascend-X25-Reverse-Charging Reverse-Charging-No 0 +VALUE Ascend-X25-Reverse-Charging Reverse-Charging-Yes 1 +END-VENDOR Ascend + +# +# Ascend specific extensions +# Used by ASCEND MAX/Pipeline products +# +# This next block is renamed because they share the same +# names as the vendor-specific attributes, BUT they occur +# in the lower (1-255) RADIUS attribute space. +# +# Older Ascend software will send these, rather than the +# vendor specific attributes. +# +ATTRIBUTE X-Ascend-FCP-Parameter 119 string +ATTRIBUTE X-Ascend-Modem-PortNo 120 integer +ATTRIBUTE X-Ascend-Modem-SlotNo 121 integer +ATTRIBUTE X-Ascend-Modem-ShelfNo 122 integer +ATTRIBUTE X-Ascend-Call-Attempt-Limit 123 integer +ATTRIBUTE X-Ascend-Call-Block-Duration 124 integer +ATTRIBUTE X-Ascend-Maximum-Call-Duration 125 integer +ATTRIBUTE X-Ascend-Temporary-Rtes 126 integer +ATTRIBUTE X-Ascend-Tunneling-Protocol 127 integer +ATTRIBUTE X-Ascend-Shared-Profile-Enable 128 integer +ATTRIBUTE X-Ascend-Primary-Home-Agent 129 string +ATTRIBUTE X-Ascend-Secondary-Home-Agent 130 string +ATTRIBUTE X-Ascend-Dialout-Allowed 131 integer +ATTRIBUTE X-Ascend-Client-Gateway 132 ipaddr +ATTRIBUTE X-Ascend-BACP-Enable 133 integer +ATTRIBUTE X-Ascend-DHCP-Maximum-Leases 134 integer +ATTRIBUTE X-Ascend-Client-Primary-DNS 135 ipaddr +ATTRIBUTE X-Ascend-Client-Secondary-DNS 136 ipaddr +ATTRIBUTE X-Ascend-Client-Assign-DNS 137 integer +ATTRIBUTE X-Ascend-User-Acct-Type 138 integer +ATTRIBUTE X-Ascend-User-Acct-Host 139 ipaddr +ATTRIBUTE X-Ascend-User-Acct-Port 140 integer +ATTRIBUTE X-Ascend-User-Acct-Key 141 string +ATTRIBUTE X-Ascend-User-Acct-Base 142 integer +ATTRIBUTE X-Ascend-User-Acct-Time 143 integer +ATTRIBUTE X-Ascend-Assign-IP-Client 144 ipaddr +ATTRIBUTE X-Ascend-Assign-IP-Server 145 ipaddr +ATTRIBUTE X-Ascend-Assign-IP-Global-Pool 146 string +ATTRIBUTE X-Ascend-DHCP-Reply 147 integer +ATTRIBUTE X-Ascend-DHCP-Pool-Number 148 integer +ATTRIBUTE X-Ascend-Expect-Callback 149 integer +ATTRIBUTE X-Ascend-Event-Type 150 integer +ATTRIBUTE X-Ascend-Session-Svr-Key 151 string +ATTRIBUTE X-Ascend-Multicast-Rate-Limit 152 integer +ATTRIBUTE X-Ascend-IF-Netmask 153 ipaddr +ATTRIBUTE X-Ascend-Remote-Addr 154 ipaddr +ATTRIBUTE X-Ascend-Multicast-Client 155 integer +ATTRIBUTE X-Ascend-FR-Circuit-Name 156 string +ATTRIBUTE X-Ascend-FR-LinkUp 157 integer +ATTRIBUTE X-Ascend-FR-Nailed-Grp 158 integer +ATTRIBUTE X-Ascend-FR-Type 159 integer +ATTRIBUTE X-Ascend-FR-Link-Mgt 160 integer +ATTRIBUTE X-Ascend-FR-N391 161 integer +ATTRIBUTE X-Ascend-FR-DCE-N392 162 integer +ATTRIBUTE X-Ascend-FR-DTE-N392 163 integer +ATTRIBUTE X-Ascend-FR-DCE-N393 164 integer +ATTRIBUTE X-Ascend-FR-DTE-N393 165 integer +ATTRIBUTE X-Ascend-FR-T391 166 integer +ATTRIBUTE X-Ascend-FR-T392 167 integer +ATTRIBUTE X-Ascend-Bridge-Address 168 string +ATTRIBUTE X-Ascend-TS-Idle-Limit 169 integer +ATTRIBUTE X-Ascend-TS-Idle-Mode 170 integer +ATTRIBUTE X-Ascend-DBA-Monitor 171 integer +ATTRIBUTE X-Ascend-Base-Channel-Count 172 integer +ATTRIBUTE X-Ascend-Minimum-Channels 173 integer +ATTRIBUTE X-Ascend-IPX-Route 174 string +ATTRIBUTE X-Ascend-FT1-Caller 175 integer +ATTRIBUTE X-Ascend-Backup 176 string +ATTRIBUTE X-Ascend-Call-Type 177 integer +ATTRIBUTE X-Ascend-Group 178 string +ATTRIBUTE X-Ascend-FR-DLCI 179 integer +ATTRIBUTE X-Ascend-FR-Profile-Name 180 string +ATTRIBUTE X-Ascend-Ara-PW 181 string +ATTRIBUTE X-Ascend-IPX-Node-Addr 182 string +ATTRIBUTE X-Ascend-Home-Agent-IP-Addr 183 ipaddr +ATTRIBUTE X-Ascend-Home-Agent-Password 184 string +ATTRIBUTE X-Ascend-Home-Network-Name 185 string +ATTRIBUTE X-Ascend-Home-Agent-UDP-Port 186 integer +ATTRIBUTE X-Ascend-Multilink-ID 187 integer +ATTRIBUTE X-Ascend-Num-In-Multilink 188 integer +ATTRIBUTE X-Ascend-First-Dest 189 ipaddr +ATTRIBUTE X-Ascend-Pre-Input-Octets 190 integer +ATTRIBUTE X-Ascend-Pre-Output-Octets 191 integer +ATTRIBUTE X-Ascend-Pre-Input-Packets 192 integer +ATTRIBUTE X-Ascend-Pre-Output-Packets 193 integer +ATTRIBUTE X-Ascend-Maximum-Time 194 integer +ATTRIBUTE X-Ascend-Disconnect-Cause 195 integer +ATTRIBUTE X-Ascend-Connect-Progress 196 integer +ATTRIBUTE X-Ascend-Data-Rate 197 integer +ATTRIBUTE X-Ascend-PreSession-Time 198 integer +ATTRIBUTE X-Ascend-Token-Idle 199 integer +ATTRIBUTE X-Ascend-Token-Immediate 200 integer +ATTRIBUTE X-Ascend-Require-Auth 201 integer +ATTRIBUTE X-Ascend-Number-Sessions 202 string +ATTRIBUTE X-Ascend-Authen-Alias 203 string +ATTRIBUTE X-Ascend-Token-Expiry 204 integer +ATTRIBUTE X-Ascend-Menu-Selector 205 string + +# +# These next two attributes conflict with the Digest attributes! +# +ATTRIBUTE X-Ascend-Menu-Item 206 string +ATTRIBUTE X-Ascend-PW-Warntime 207 integer + +ATTRIBUTE X-Ascend-PW-Lifetime 208 integer +ATTRIBUTE X-Ascend-IP-Direct 209 ipaddr +ATTRIBUTE X-Ascend-PPP-VJ-Slot-Comp 210 integer +ATTRIBUTE X-Ascend-PPP-VJ-1172 211 integer +ATTRIBUTE X-Ascend-PPP-Async-Map 212 integer +ATTRIBUTE X-Ascend-Third-Prompt 213 string +ATTRIBUTE X-Ascend-Send-Secret 214 string encrypt=3 +ATTRIBUTE X-Ascend-Receive-Secret 215 string encrypt=3 +ATTRIBUTE X-Ascend-IPX-Peer-Mode 216 integer +ATTRIBUTE X-Ascend-IP-Pool-Definition 217 string +ATTRIBUTE X-Ascend-Assign-IP-Pool 218 integer +ATTRIBUTE X-Ascend-FR-Direct 219 integer +ATTRIBUTE X-Ascend-FR-Direct-Profile 220 string +ATTRIBUTE X-Ascend-FR-Direct-DLCI 221 integer +ATTRIBUTE X-Ascend-Handle-IPX 222 integer +ATTRIBUTE X-Ascend-Netware-timeout 223 integer +ATTRIBUTE X-Ascend-IPX-Alias 224 integer +ATTRIBUTE X-Ascend-Metric 225 integer +ATTRIBUTE X-Ascend-PRI-Number-Type 226 integer +ATTRIBUTE X-Ascend-Dial-Number 227 string +ATTRIBUTE X-Ascend-Route-IP 228 integer +ATTRIBUTE X-Ascend-Route-IPX 229 integer +ATTRIBUTE X-Ascend-Bridge 230 integer +ATTRIBUTE X-Ascend-Send-Auth 231 integer +ATTRIBUTE X-Ascend-Send-Passwd 232 string +ATTRIBUTE X-Ascend-Link-Compression 233 integer +ATTRIBUTE X-Ascend-Target-Util 234 integer +ATTRIBUTE X-Ascend-Maximum-Channels 235 integer +ATTRIBUTE X-Ascend-Inc-Channel-Count 236 integer +ATTRIBUTE X-Ascend-Dec-Channel-Count 237 integer +ATTRIBUTE X-Ascend-Seconds-Of-History 238 integer +ATTRIBUTE X-Ascend-History-Weigh-Type 239 integer +ATTRIBUTE X-Ascend-Add-Seconds 240 integer +ATTRIBUTE X-Ascend-Remove-Seconds 241 integer +ATTRIBUTE X-Ascend-Data-Filter 242 abinary +ATTRIBUTE X-Ascend-Call-Filter 243 abinary +ATTRIBUTE X-Ascend-Idle-Limit 244 integer +ATTRIBUTE X-Ascend-Preempt-Limit 245 integer +ATTRIBUTE X-Ascend-Callback 246 integer +ATTRIBUTE X-Ascend-Data-Svc 247 integer +ATTRIBUTE X-Ascend-Force-56 248 integer +ATTRIBUTE X-Ascend-Billing-Number 249 string +ATTRIBUTE X-Ascend-Call-By-Call 250 integer +ATTRIBUTE X-Ascend-Transit-Number 251 string +ATTRIBUTE X-Ascend-Host-Info 252 string +ATTRIBUTE X-Ascend-PPP-Address 253 ipaddr +ATTRIBUTE X-Ascend-MPP-Idle-Percent 254 integer +ATTRIBUTE X-Ascend-Xmit-Rate 255 integer + +# +# VALUEs for X-Ascend-* attributes, copied verbatim from the +# VALUEs above, for the VSA versions of Ascend-*. +# +# Do NOT edit the following VALUEs! Instead, re-generate them via: +# +# (for x in `egrep ^ATTRIBUTE dictionary.ascend | egrep 'X-Ascend-' | awk '{print $2}' | uniq`;do y=`echo $x | sed 's/X-//'`;egrep VALUE dictionary.ascend | egrep $y[^-] | sed "s/$y/X-$y/" ; done) > new-value +# +# +VALUE X-Ascend-Temporary-Rtes Temp-Rtes-No 0 +VALUE X-Ascend-Temporary-Rtes Temp-Rtes-Yes 1 +VALUE X-Ascend-Tunneling-Protocol ATMP-Tunnel 0 +VALUE X-Ascend-Tunneling-Protocol VTP-Tunnel 1 +VALUE X-Ascend-Shared-Profile-Enable Shared-Profile-No 0 +VALUE X-Ascend-Shared-Profile-Enable Shared-Profile-Yes 1 +VALUE X-Ascend-Dialout-Allowed Dialout-Not-Allowed 0 +VALUE X-Ascend-Dialout-Allowed Dialout-Allowed 1 +VALUE X-Ascend-BACP-Enable BACP-No 0 +VALUE X-Ascend-BACP-Enable BACP-Yes 1 +VALUE X-Ascend-Client-Assign-DNS DNS-Assign-No 0 +VALUE X-Ascend-Client-Assign-DNS DNS-Assign-Yes 1 +VALUE X-Ascend-User-Acct-Type Ascend-User-Acct-None 0 +VALUE X-Ascend-User-Acct-Type Ascend-User-Acct-User 1 +VALUE X-Ascend-User-Acct-Type Ascend-User-Acct-User-Default 2 +VALUE X-Ascend-User-Acct-Base Base-10 0 +VALUE X-Ascend-User-Acct-Base Base-16 1 +VALUE X-Ascend-DHCP-Reply DHCP-Reply-No 0 +VALUE X-Ascend-DHCP-Reply DHCP-Reply-Yes 1 +VALUE X-Ascend-Expect-Callback Expect-Callback-No 0 +VALUE X-Ascend-Expect-Callback Expect-Callback-Yes 1 +VALUE X-Ascend-Event-Type Ascend-ColdStart 1 +VALUE X-Ascend-Event-Type Ascend-Session-Event 2 +VALUE X-Ascend-Multicast-Client Multicast-No 0 +VALUE X-Ascend-Multicast-Client Multicast-Yes 1 +VALUE X-Ascend-FR-LinkUp Ascend-LinkUp-Default 0 +VALUE X-Ascend-FR-LinkUp Ascend-LinkUp-AlwaysUp 1 +VALUE X-Ascend-FR-Type Ascend-FR-DTE 0 +VALUE X-Ascend-FR-Type Ascend-FR-DCE 1 +VALUE X-Ascend-FR-Type Ascend-FR-NNI 2 +VALUE X-Ascend-FR-Link-Mgt Ascend-FR-No-Link-Mgt 0 +VALUE X-Ascend-FR-Link-Mgt Ascend-FR-T1-617D 1 +VALUE X-Ascend-FR-Link-Mgt Ascend-FR-Q-933A 2 +VALUE X-Ascend-TS-Idle-Mode TS-Idle-None 0 +VALUE X-Ascend-TS-Idle-Mode TS-Idle-Input 1 +VALUE X-Ascend-TS-Idle-Mode TS-Idle-Input-Output 2 +VALUE X-Ascend-DBA-Monitor DBA-Transmit 0 +VALUE X-Ascend-DBA-Monitor DBA-Transmit-Recv 1 +VALUE X-Ascend-DBA-Monitor DBA-None 2 +VALUE X-Ascend-FT1-Caller FT1-No 0 +VALUE X-Ascend-FT1-Caller FT1-Yes 1 +VALUE X-Ascend-Call-Type Switched 0 +VALUE X-Ascend-Call-Type Nailed 1 +VALUE X-Ascend-Call-Type Nailed/Mpp 2 +VALUE X-Ascend-Call-Type Perm/Switched 3 +VALUE X-Ascend-Call-Type AO/DI 6 +VALUE X-Ascend-Call-Type MegaMax 7 +VALUE X-Ascend-Disconnect-Cause No-Reason 0 +VALUE X-Ascend-Disconnect-Cause Not-Applicable 1 +VALUE X-Ascend-Disconnect-Cause Unknown 2 +VALUE X-Ascend-Disconnect-Cause Call-Disconnected 3 +VALUE X-Ascend-Disconnect-Cause CLID-Authentication-Failed 4 +VALUE X-Ascend-Disconnect-Cause CLID-RADIUS-Timeout 5 +VALUE X-Ascend-Disconnect-Cause Modem-No-DCD 10 +VALUE X-Ascend-Disconnect-Cause DCD-Detected-Then-Inactive 11 +VALUE X-Ascend-Disconnect-Cause Modem-Invalid-Result-Codes 12 +VALUE X-Ascend-Disconnect-Cause TermSrv-User-Quit 20 +VALUE X-Ascend-Disconnect-Cause TermSrv-Idle-Timeout 21 +VALUE X-Ascend-Disconnect-Cause TermSrv-Exit-Telnet 22 +VALUE X-Ascend-Disconnect-Cause TermSrv-No-IPaddr 23 +VALUE X-Ascend-Disconnect-Cause TermSrv-Exit-Raw-TCP 24 +VALUE X-Ascend-Disconnect-Cause TermSrv-Exit-Login-Failed 25 +VALUE X-Ascend-Disconnect-Cause TermSrv-Exit-Raw-TCP-Disabled 26 +VALUE X-Ascend-Disconnect-Cause TermSrv-CTRL-C-In-Login 27 +VALUE X-Ascend-Disconnect-Cause TermSrv-Destroyed 28 +VALUE X-Ascend-Disconnect-Cause TermSrv-User-Closed-VCon 29 +VALUE X-Ascend-Disconnect-Cause TermSrv-VCon-Destroyed 30 +VALUE X-Ascend-Disconnect-Cause TermSrv-Exit-Rlogin 31 +VALUE X-Ascend-Disconnect-Cause TermSrv-Bad-Rlogin-Option 32 +VALUE X-Ascend-Disconnect-Cause TermSrv-Not-Enough-Resources 33 +VALUE X-Ascend-Disconnect-Cause MPP-No-NULL-Msg-Timeout 35 +VALUE X-Ascend-Disconnect-Cause PPP-LCP-Timeout 40 +VALUE X-Ascend-Disconnect-Cause PPP-LCP-Negotion-Failed 41 +VALUE X-Ascend-Disconnect-Cause PPP-PAP-Auth-Failed 42 +VALUE X-Ascend-Disconnect-Cause PPP-CHAP-Auth-Failed 43 +VALUE X-Ascend-Disconnect-Cause PPP-Rmt-Auth-Failed 44 +VALUE X-Ascend-Disconnect-Cause PPP-Rcv-Terminate-Req 45 +VALUE X-Ascend-Disconnect-Cause PPP-Rcv-Close-Event 46 +VALUE X-Ascend-Disconnect-Cause PPP-No-NCPs-Open 47 +VALUE X-Ascend-Disconnect-Cause PPP-MP-Bundle-Unknown 48 +VALUE X-Ascend-Disconnect-Cause PPP-LCP-Close-MP-Add-Fail 49 +VALUE X-Ascend-Disconnect-Cause Session-Table-Full 50 +VALUE X-Ascend-Disconnect-Cause Out-Of-Resources 51 +VALUE X-Ascend-Disconnect-Cause Invalid-IP-Address 52 +VALUE X-Ascend-Disconnect-Cause Hostname-Resolution-Failed 53 +VALUE X-Ascend-Disconnect-Cause Bad-Or-Missing-Port-Number 54 +VALUE X-Ascend-Disconnect-Cause Host-Reset 60 +VALUE X-Ascend-Disconnect-Cause Connection-Refused 61 +VALUE X-Ascend-Disconnect-Cause Connection-Timeout 62 +VALUE X-Ascend-Disconnect-Cause Connection-Closed 63 +VALUE X-Ascend-Disconnect-Cause Network-Unreachable 64 +VALUE X-Ascend-Disconnect-Cause Host-Unreachable 65 +VALUE X-Ascend-Disconnect-Cause Network-Unreachable-Admin 66 +VALUE X-Ascend-Disconnect-Cause Host-Unreachable-Admin 67 +VALUE X-Ascend-Disconnect-Cause Port-Unreachable 68 +VALUE X-Ascend-Disconnect-Cause Session-Timeout 100 +VALUE X-Ascend-Disconnect-Cause Invalid-Incoming-User 101 +VALUE X-Ascend-Disconnect-Cause Disconnect-Due-To-Callback 102 +VALUE X-Ascend-Disconnect-Cause Proto-Disabled-Or-Unsupported 120 +VALUE X-Ascend-Disconnect-Cause Disconnect-Req-By-RADIUS 150 +VALUE X-Ascend-Disconnect-Cause Disconnect-Req-By-Local-Admin 151 +VALUE X-Ascend-Disconnect-Cause V110-Timeout-Sync-Retry-Exceed 160 +VALUE X-Ascend-Disconnect-Cause PPP-Auth-Timeout-Exceeded 170 +VALUE X-Ascend-Disconnect-Cause User-Executed-Do-Hangup 180 +VALUE X-Ascend-Disconnect-Cause Remote-End-Hung-Up 185 +VALUE X-Ascend-Disconnect-Cause Resource-Has-Been-Quiesced 190 +VALUE X-Ascend-Disconnect-Cause Max-Call-Duration-Reached 195 +VALUE X-Ascend-Connect-Progress No-Progress 0 +VALUE X-Ascend-Connect-Progress Call-Up 10 +VALUE X-Ascend-Connect-Progress Modem-Up 30 +VALUE X-Ascend-Connect-Progress Modem-Awaiting-DCD 31 +VALUE X-Ascend-Connect-Progress Modem-Awaiting-Codes 32 +VALUE X-Ascend-Connect-Progress TermSrv-Started 40 +VALUE X-Ascend-Connect-Progress TermSrv-Raw-TCP-Started 41 +VALUE X-Ascend-Connect-Progress TermSrv-Telnet-Started 42 +VALUE X-Ascend-Connect-Progress TermSrv-Raw-TCP-Connected 43 +VALUE X-Ascend-Connect-Progress TermSrv-Telnet-Connected 44 +VALUE X-Ascend-Connect-Progress TermSrv-Rlogin-Started 45 +VALUE X-Ascend-Connect-Progress TermSrv-Rlogin-Connected 46 +VALUE X-Ascend-Connect-Progress Modem-Outdial-Call-Up 50 +VALUE X-Ascend-Connect-Progress LAN-Session-Up 60 +VALUE X-Ascend-Connect-Progress LCP-Opening 61 +VALUE X-Ascend-Connect-Progress CCP-Opening 62 +VALUE X-Ascend-Connect-Progress IPNCP-Opening 63 +VALUE X-Ascend-Connect-Progress BNCP-Opening 64 +VALUE X-Ascend-Connect-Progress LCP-Opened 65 +VALUE X-Ascend-Connect-Progress CCP-Opened 66 +VALUE X-Ascend-Connect-Progress IPNCP-Opened 67 +VALUE X-Ascend-Connect-Progress BNCP-Opened 68 +VALUE X-Ascend-Connect-Progress LCP-State-Initial 69 +VALUE X-Ascend-Connect-Progress LCP-State-Starting 70 +VALUE X-Ascend-Connect-Progress LCP-State-Closed 71 +VALUE X-Ascend-Connect-Progress LCP-State-Stopped 72 +VALUE X-Ascend-Connect-Progress LCP-State-Closing 73 +VALUE X-Ascend-Connect-Progress LCP-State-Stopping 74 +VALUE X-Ascend-Connect-Progress LCP-State-Request-Sent 75 +VALUE X-Ascend-Connect-Progress LCP-State-Ack-Received 76 +VALUE X-Ascend-Connect-Progress LCP-State-Ack-Sent 77 +VALUE X-Ascend-Connect-Progress IPXNCP-Opened 80 +VALUE X-Ascend-Connect-Progress ATNCP-Opened 81 +VALUE X-Ascend-Connect-Progress BACP-Opening 82 +VALUE X-Ascend-Connect-Progress BACP-Opened 83 +VALUE X-Ascend-Connect-Progress V110-Up 90 +VALUE X-Ascend-Connect-Progress V110-State-Opened 91 +VALUE X-Ascend-Connect-Progress V110-State-Carrier 92 +VALUE X-Ascend-Connect-Progress V110-State-Reset 93 +VALUE X-Ascend-Connect-Progress V110-State-Closed 94 +VALUE X-Ascend-Token-Immediate Tok-Imm-No 0 +VALUE X-Ascend-Token-Immediate Tok-Imm-Yes 1 +VALUE X-Ascend-Require-Auth Not-Require-Auth 0 +VALUE X-Ascend-Require-Auth Require-Auth 1 +VALUE X-Ascend-PW-Warntime Days-Of-Warning 0 +VALUE X-Ascend-PW-Lifetime Lifetime-In-Days 0 +VALUE X-Ascend-PPP-VJ-Slot-Comp VJ-Slot-Comp-No 1 +VALUE X-Ascend-PPP-VJ-1172 PPP-VJ-1172 1 +VALUE X-Ascend-IPX-Peer-Mode IPX-Peer-Router 0 +VALUE X-Ascend-IPX-Peer-Mode IPX-Peer-Dialin 1 +VALUE X-Ascend-FR-Direct FR-Direct-No 0 +VALUE X-Ascend-FR-Direct FR-Direct-Yes 1 +VALUE X-Ascend-Handle-IPX Handle-IPX-None 0 +VALUE X-Ascend-Handle-IPX Handle-IPX-Client 1 +VALUE X-Ascend-Handle-IPX Handle-IPX-Server 2 +VALUE X-Ascend-PRI-Number-Type Unknown-Number 0 +VALUE X-Ascend-PRI-Number-Type Intl-Number 1 +VALUE X-Ascend-PRI-Number-Type National-Number 2 +VALUE X-Ascend-PRI-Number-Type Net-Specific-Number 3 +VALUE X-Ascend-PRI-Number-Type Local-Number 4 +VALUE X-Ascend-PRI-Number-Type Abbrev-Number 5 +VALUE X-Ascend-Route-IP Route-IP-No 0 +VALUE X-Ascend-Route-IP Route-IP-Yes 1 +VALUE X-Ascend-Route-IPX Route-IPX-No 0 +VALUE X-Ascend-Route-IPX Route-IPX-Yes 1 +VALUE X-Ascend-Route-IPX Route-IPX-No 0 +VALUE X-Ascend-Route-IPX Route-IPX-Yes 1 +VALUE X-Ascend-Bridge Bridge-No 0 +VALUE X-Ascend-Bridge Bridge-Yes 1 +VALUE X-Ascend-Send-Auth Send-Auth-None 0 +VALUE X-Ascend-Send-Auth Send-Auth-PAP 1 +VALUE X-Ascend-Send-Auth Send-Auth-CHAP 2 +VALUE X-Ascend-Send-Auth Send-Auth-MS-CHAP 3 +VALUE X-Ascend-Link-Compression Link-Comp-None 0 +VALUE X-Ascend-Link-Compression Link-Comp-Stac 1 +VALUE X-Ascend-Link-Compression Link-Comp-Stac-Draft-9 2 +VALUE X-Ascend-Link-Compression Link-Comp-MS-Stac 3 +VALUE X-Ascend-History-Weigh-Type History-Constant 0 +VALUE X-Ascend-History-Weigh-Type History-Linear 1 +VALUE X-Ascend-History-Weigh-Type History-Quadratic 2 +VALUE X-Ascend-Callback Callback-No 0 +VALUE X-Ascend-Callback Callback-Yes 1 +VALUE X-Ascend-Data-Svc Switched-Voice-Bearer 0 +VALUE X-Ascend-Data-Svc Nailed-56KR 1 +VALUE X-Ascend-Data-Svc Nailed-64K 2 +VALUE X-Ascend-Data-Svc Switched-64KR 3 +VALUE X-Ascend-Data-Svc Switched-56K 4 +VALUE X-Ascend-Data-Svc Switched-384KR 5 +VALUE X-Ascend-Data-Svc Switched-384K 6 +VALUE X-Ascend-Data-Svc Switched-1536K 7 +VALUE X-Ascend-Data-Svc Switched-1536KR 8 +VALUE X-Ascend-Data-Svc Switched-128K 9 +VALUE X-Ascend-Data-Svc Switched-192K 10 +VALUE X-Ascend-Data-Svc Switched-256K 11 +VALUE X-Ascend-Data-Svc Switched-320K 12 +VALUE X-Ascend-Data-Svc Switched-384K-MR 13 +VALUE X-Ascend-Data-Svc Switched-448K 14 +VALUE X-Ascend-Data-Svc Switched-512K 15 +VALUE X-Ascend-Data-Svc Switched-576K 16 +VALUE X-Ascend-Data-Svc Switched-640K 17 +VALUE X-Ascend-Data-Svc Switched-704K 18 +VALUE X-Ascend-Data-Svc Switched-768K 19 +VALUE X-Ascend-Data-Svc Switched-832K 20 +VALUE X-Ascend-Data-Svc Switched-896K 21 +VALUE X-Ascend-Data-Svc Switched-960K 22 +VALUE X-Ascend-Data-Svc Switched-1024K 23 +VALUE X-Ascend-Data-Svc Switched-1088K 24 +VALUE X-Ascend-Data-Svc Switched-1152K 25 +VALUE X-Ascend-Data-Svc Switched-1216K 26 +VALUE X-Ascend-Data-Svc Switched-1280K 27 +VALUE X-Ascend-Data-Svc Switched-1344K 28 +VALUE X-Ascend-Data-Svc Switched-1408K 29 +VALUE X-Ascend-Data-Svc Switched-1472K 30 +VALUE X-Ascend-Data-Svc Switched-1600K 31 +VALUE X-Ascend-Data-Svc Switched-1664K 32 +VALUE X-Ascend-Data-Svc Switched-1728K 33 +VALUE X-Ascend-Data-Svc Switched-1792K 34 +VALUE X-Ascend-Data-Svc Switched-1856K 35 +VALUE X-Ascend-Data-Svc Switched-1920K 36 +VALUE X-Ascend-Data-Svc Switched-inherited 37 +VALUE X-Ascend-Data-Svc Switched-restricted-bearer-x30 38 +VALUE X-Ascend-Data-Svc Switched-clear-bearer-v110 39 +VALUE X-Ascend-Data-Svc Switched-restricted-64-x30 40 +VALUE X-Ascend-Data-Svc Switched-clear-56-v110 41 +VALUE X-Ascend-Data-Svc Switched-modem 42 +VALUE X-Ascend-Data-Svc Switched-atmodem 43 +VALUE X-Ascend-Data-Svc Switched-V110-24-56 45 +VALUE X-Ascend-Data-Svc Switched-V110-48-56 46 +VALUE X-Ascend-Data-Svc Switched-V110-96-56 47 +VALUE X-Ascend-Data-Svc Switched-V110-192-56 48 +VALUE X-Ascend-Data-Svc Switched-V110-384-56 49 +VALUE X-Ascend-Data-Svc Switched-V110-24-56R 50 +VALUE X-Ascend-Data-Svc Switched-V110-48-56R 51 +VALUE X-Ascend-Data-Svc Switched-V110-96-56R 52 +VALUE X-Ascend-Data-Svc Switched-V110-192-56R 53 +VALUE X-Ascend-Data-Svc Switched-V110-384-56R 54 +VALUE X-Ascend-Data-Svc Switched-V110-24-64 55 +VALUE X-Ascend-Data-Svc Switched-V110-48-64 56 +VALUE X-Ascend-Data-Svc Switched-V110-96-64 57 +VALUE X-Ascend-Data-Svc Switched-V110-192-64 58 +VALUE X-Ascend-Data-Svc Switched-V110-384-64 59 +VALUE X-Ascend-Data-Svc Switched-V110-24-64R 60 +VALUE X-Ascend-Data-Svc Switched-V110-48-64R 61 +VALUE X-Ascend-Data-Svc Switched-V110-96-64R 62 +VALUE X-Ascend-Data-Svc Switched-V110-384-64R 64 +VALUE X-Ascend-Data-Svc Switched-V110-192-64R 63 +VALUE X-Ascend-Data-Svc Switched-Pots 68 +VALUE X-Ascend-Data-Svc Switched-ATM 69 +VALUE X-Ascend-Data-Svc Switched-FR 70 +VALUE X-Ascend-Force-56 Force-56-No 0 +VALUE X-Ascend-Force-56 Force-56-Yes 1 diff --git a/freeradius/dict/dictionary.asn b/freeradius/dict/dictionary.asn new file mode 100755 index 0000000..8a64e4d --- /dev/null +++ b/freeradius/dict/dictionary.asn @@ -0,0 +1,93 @@ +# -*- text -*- +############################################################################## +# +# ASN Attributes. +# +# Taken from http://svn.asn.pl/misc/freeradius/dictionary.asn +# +# $Id$ +# +############################################################################## + +VENDOR ASN 23782 + +BEGIN-VENDOR ASN + +## Server-side extensions +# dynamic IP pool name +ATTRIBUTE ASN-IP-Pool-Name 1 string + +### 2-99: free ### + +## limits +ATTRIBUTE ASN-Kbps-Down 100 integer +ATTRIBUTE ASN-Kbps-Down-Localmedia 112 integer +ATTRIBUTE ASN-Kbps-Up 101 integer +ATTRIBUTE ASN-Pps-Down 102 integer +ATTRIBUTE ASN-Pps-Up 103 integer +ATTRIBUTE ASN-TCP-Connlimit 104 integer + +## firewall +ATTRIBUTE ASN-Firewall-Available 110 integer +VALUE ASN-Firewall-Available Yes 1 +VALUE ASN-Firewall-Available No 2 + +ATTRIBUTE ASN-Firewall-State 105 integer +VALUE ASN-Firewall-State Enabled 1 +VALUE ASN-Firewall-State Disabled 2 + +ATTRIBUTE ASN-Firewall-Block-Ping 107 integer +VALUE ASN-Firewall-Block-Ping Enabled 1 +VALUE ASN-Firewall-Block-Ping Disabled 2 + +# hosts to allow " " +ATTRIBUTE ASN-Firewall-Open 106 string + +## QoS +ATTRIBUTE ASN-QoS-Available 111 integer +VALUE ASN-QoS-Available Yes 1 +VALUE ASN-QoS-Available No 2 + +ATTRIBUTE ASN-QoS-State 108 integer +VALUE ASN-QoS-State Enabled 1 +VALUE ASN-QoS-State Disabled 2 + +# IP redirection, with optional randomness +# " src/dst [:] : []" +# where src/dst decides whether to match source or destination ports +# random is an integer number from 1 to 99, or null - no randomness +ATTRIBUTE ASN-IP-Redirect 109 string + +## web filtering +# decides whether to deny or to allow only the specified web topics +ATTRIBUTE ASN-Webfilter-Mode 113 integer +VALUE ASN-Webfilter-Mode Deny 1 +VALUE ASN-Webfilter-Mode Allow 2 + +# where to redirect blocked request +# "[301:302]" +# 301/302 - redirect permanently (301) or temporarily (302) (default 302) +# - an URL address, with following possible substitutions: +# %a - IP address of the client +# %i - user ID (RFC931) or "unknown" +# %n - domainname of the client or "unknown" +# %p - REQUEST_URI, ie. the path and the optional +# query string of %u, but note for convenience +# without the leading "/". +# %t - matched destination group or "unknown" +# %u - requested URL +# %% - single '%' +# +ATTRIBUTE ASN-Webfilter-Redirect 114 string + +# squidGuard destination group to match +# destinations available by default: sglists- - tags: +# ads adult audioandvideo banks blogs chatandforum finance freemail games +# home jobsearch keylogger news onlineGames phishing proxies recreation +# reference science searchengine +ATTRIBUTE ASN-Webfilter-Destination 115 string + +# web domain to match (will match all subdomains, too) +ATTRIBUTE ASN-Webfilter-Domain 116 string + +END-VENDOR ASN diff --git a/freeradius/dict/dictionary.avaya b/freeradius/dict/dictionary.avaya new file mode 100644 index 0000000..a24eeae --- /dev/null +++ b/freeradius/dict/dictionary.avaya @@ -0,0 +1,30 @@ +# -*- text -*- +# +# Avaya P330 dictionary file +# $Id$ +# +# http://support.avaya.com/elmodocs2/p330/P330/Configuring%20FreeRadius.pdf +# + +VENDOR Cajun_p330 2167 +BEGIN-VENDOR Cajun_p330 + +ATTRIBUTE Cajun-Service-Type 1 integer + +VALUE Cajun-Service-Type Cajun-Read-Only-User 1 +VALUE Cajun-Service-Type Cajun-Read-Write-User 2 +VALUE Cajun-Service-Type Cajun-Admin-User 3 + +ATTRIBUTE Avaya-StaticVlan-Type 12 string +ATTRIBUTE Avaya-PortPriority-Type 13 integer + +VALUE Avaya-PortPriority-Type Type-0 0 +VALUE Avaya-PortPriority-Type Type-1 1 +VALUE Avaya-PortPriority-Type Type-2 2 +VALUE Avaya-PortPriority-Type Type-3 3 +VALUE Avaya-PortPriority-Type Type-4 4 +VALUE Avaya-PortPriority-Type Type-5 5 +VALUE Avaya-PortPriority-Type Type-6 6 +VALUE Avaya-PortPriority-Type Type-7 7 + +END-VENDOR Cajun_p330 diff --git a/freeradius/dict/dictionary.azaire b/freeradius/dict/dictionary.azaire new file mode 100644 index 0000000..1a536ac --- /dev/null +++ b/freeradius/dict/dictionary.azaire @@ -0,0 +1,50 @@ +# -*- text -*- +############################################################################## +# +# Azaire VSAs +# +# $Id$ +# +############################################################################## + +VENDOR Azaire 7751 + +BEGIN-VENDOR Azaire + +ATTRIBUTE Azaire-Triplets 1 octets +ATTRIBUTE Azaire-IMSI 2 octets +ATTRIBUTE Azaire-MSISDN 3 octets +ATTRIBUTE Azaire-APN 4 string +ATTRIBUTE Azaire-QoS 5 octets +ATTRIBUTE Azaire-Selection-Mode 6 integer +ATTRIBUTE Azaire-APN-Resolution-Req 7 integer +ATTRIBUTE Azaire-Start-Time 8 octets +ATTRIBUTE Azaire-NAS-Type 9 integer +ATTRIBUTE Azaire-Status 10 integer +ATTRIBUTE Azaire-APN-OI 11 string +ATTRIBUTE Azaire-Auth-Type 12 integer +ATTRIBUTE Azaire-Gn-User-Name 13 string +ATTRIBUTE Azaire-Brand-Code 14 string +ATTRIBUTE Azaire-Policy-Name 15 string +ATTRIBUTE Azaire-Client-Local-IP 16 ipaddr + +VALUE Azaire-Selection-Mode Subscribed 0 +VALUE Azaire-Selection-Mode Sent-By-MS 1 +VALUE Azaire-Selection-Mode Chosen-By-SGSN 2 + +VALUE Azaire-APN-Resolution-Req Not-Required 0 +VALUE Azaire-APN-Resolution-Req Required 1 + +VALUE Azaire-Status Success 0 +VALUE Azaire-Status Failure 1 + +VALUE Azaire-Auth-Type PPP-SIM 1 +VALUE Azaire-Auth-Type Dummy-IMSI 2 +VALUE Azaire-Auth-Type Soft-SIM 3 +VALUE Azaire-Auth-Type Radius-SIM 4 +VALUE Azaire-Auth-Type Post-paid 5 +VALUE Azaire-Auth-Type Pre-paid 6 +VALUE Azaire-Auth-Type Local-Radius 7 +VALUE Azaire-Auth-Type Proxy-Radius 8 + +END-VENDOR Azaire diff --git a/freeradius/dict/dictionary.bay b/freeradius/dict/dictionary.bay new file mode 100644 index 0000000..3507247 --- /dev/null +++ b/freeradius/dict/dictionary.bay @@ -0,0 +1,282 @@ +# -*- text -*- +# +# Bay Networks +# http://www.baynetworks.com/ +# +# From MegaZone , as posted to the bay-isp list. +# Modified for libradius by Alan DeKok +# + +VENDOR Bay-Networks 1584 # now Nortel + +BEGIN-VENDOR Bay-Networks +# Bay Networks Extensions + +ATTRIBUTE Annex-Filter 28 string +ATTRIBUTE Annex-CLI-Command 29 string +ATTRIBUTE Annex-CLI-Filter 30 string +ATTRIBUTE Annex-Host-Restrict 31 string +ATTRIBUTE Annex-Host-Allow 32 string +ATTRIBUTE Annex-Product-Name 33 string +ATTRIBUTE Annex-SW-Version 34 string +ATTRIBUTE Annex-Local-IP-Address 35 ipaddr +ATTRIBUTE Annex-Callback-Portlist 36 integer +ATTRIBUTE Annex-Sec-Profile-Index 37 integer +ATTRIBUTE Annex-Tunnel-Authen-Type 38 integer +ATTRIBUTE Annex-Tunnel-Authen-Mode 39 integer +ATTRIBUTE Annex-Authen-Servers 40 string +ATTRIBUTE Annex-Acct-Servers 41 string +ATTRIBUTE Annex-User-Server-Location 42 integer +ATTRIBUTE Annex-Local-Username 43 string +ATTRIBUTE Annex-System-Disc-Reason 44 integer +ATTRIBUTE Annex-Modem-Disc-Reason 45 integer +ATTRIBUTE Annex-Disconnect-Reason 46 integer +ATTRIBUTE Annex-Addr-Resolution-Protocol 47 integer +ATTRIBUTE Annex-Addr-Resolution-Servers 48 string +ATTRIBUTE Annex-Domain-Name 49 string +ATTRIBUTE Annex-Transmit-Speed 50 integer +ATTRIBUTE Annex-Receive-Speed 51 integer +ATTRIBUTE Annex-Input-Filter 52 string +ATTRIBUTE Annex-Output-Filter 53 string +ATTRIBUTE Annex-Primary-DNS-Server 54 ipaddr +ATTRIBUTE Annex-Secondary-DNS-Server 55 ipaddr +ATTRIBUTE Annex-Primary-NBNS-Server 56 ipaddr +ATTRIBUTE Annex-Secondary-NBNS-Server 57 ipaddr +ATTRIBUTE Annex-Syslog-Tap 58 integer +ATTRIBUTE Annex-Keypress-Timeout 59 integer +ATTRIBUTE Annex-Unauthenticated-Time 60 integer +ATTRIBUTE Annex-Re-CHAP-Timeout 61 integer +ATTRIBUTE Annex-MRRU 62 integer +ATTRIBUTE Annex-EDO 63 string +# Annex R18.0 software +ATTRIBUTE Annex-PPP-Trace-Level 64 integer +ATTRIBUTE Annex-Pre-Input-Octets 65 integer +ATTRIBUTE Annex-Pre-Output-Octets 66 integer +ATTRIBUTE Annex-Pre-Input-Packets 67 integer +ATTRIBUTE Annex-Pre-Output-Packets 68 integer +ATTRIBUTE Annex-Connect-Progress 69 integer +ATTRIBUTE Annex-Multicast-Rate-Limit 73 integer +ATTRIBUTE Annex-Maximum-Call-Duration 74 integer +ATTRIBUTE Annex-Multilink-Id 75 integer +ATTRIBUTE Annex-Num-In-Multilink 76 integer +ATTRIBUTE Annex-Secondary-Srv-Endpoint 79 string +ATTRIBUTE Annex-Gwy-Selection-Mode 80 integer +ATTRIBUTE Annex-Logical-Channel-Number 81 integer +ATTRIBUTE Annex-Wan-Number 82 integer +ATTRIBUTE Annex-Port 83 integer +ATTRIBUTE Annex-Pool-Id 85 integer +ATTRIBUTE Annex-Compression-Protocol 86 string +ATTRIBUTE Annex-Transmitted-Packets 87 integer +ATTRIBUTE Annex-Retransmitted-Packets 88 integer +ATTRIBUTE Annex-Signal-to-Noise-Ratio 89 integer +ATTRIBUTE Annex-Retrain-Requests-Sent 90 integer +ATTRIBUTE Annex-Retrain-Requests-Rcvd 91 integer +ATTRIBUTE Annex-Rate-Reneg-Req-Sent 92 integer +ATTRIBUTE Annex-Rate-Reneg-Req-Rcvd 93 integer +ATTRIBUTE Annex-Begin-Receive-Line-Level 94 integer +ATTRIBUTE Annex-End-Receive-Line-Level 95 integer +ATTRIBUTE Annex-Begin-Modulation 96 string +ATTRIBUTE Annex-Error-Correction-Prot 97 string +ATTRIBUTE Annex-End-Modulation 98 string + +# Bay Router Specific Attributes +# +ATTRIBUTE Annex-User-Level 100 integer +ATTRIBUTE Annex-Audit-Level 101 integer + +# Contivity +ATTRIBUTE CES-Group 102 string + +# Passport 8000 Series Specific Attributes +# +ATTRIBUTE Passport-Access-Priority 192 integer + +VALUE Passport-Access-Priority None-Access 0 +VALUE Passport-Access-Priority Read-Only-Access 1 +VALUE Passport-Access-Priority L1-Read-Write-Access 2 +VALUE Passport-Access-Priority L2-Read-Write-Access 3 +VALUE Passport-Access-Priority L3-Read-Write-Access 4 +VALUE Passport-Access-Priority Read-Write-Access 5 +VALUE Passport-Access-Priority Read-Write-All-Access 6 + +# Annex Tunnel Authen Type Values + +VALUE Annex-Tunnel-Authen-Type none 0 +VALUE Annex-Tunnel-Authen-Type kmd5-128 1 + +# Annex Tunnel Authen Mode Values + +VALUE Annex-Tunnel-Authen-Mode none 0 +VALUE Annex-Tunnel-Authen-Mode prefix-suffix 1 + +# Annex User Server Location Values + +VALUE Annex-User-Server-Location local 1 +VALUE Annex-User-Server-Location remote 2 + +# Annex Addr Resolution Protocol Values + +VALUE Annex-Addr-Resolution-Protocol none 0 +VALUE Annex-Addr-Resolution-Protocol DHCP 1 + +# Annex System Disconnect Reason Values + +VALUE Annex-System-Disc-Reason Unknown 0 +VALUE Annex-System-Disc-Reason Line-disconnected 1 +VALUE Annex-System-Disc-Reason Dial-failed 2 +VALUE Annex-System-Disc-Reason WAN-manager-error 3 +VALUE Annex-System-Disc-Reason Disconnect-reset 4 +VALUE Annex-System-Disc-Reason Error-from-adm_notify 5 +VALUE Annex-System-Disc-Reason Modem-down-adm_notify 6 +VALUE Annex-System-Disc-Reason PPP-protocol-disconnect 7 +VALUE Annex-System-Disc-Reason Inactivity-timer 8 +VALUE Annex-System-Disc-Reason CLI-Hangup-command 9 +VALUE Annex-System-Disc-Reason CLI-last-job 10 +VALUE Annex-System-Disc-Reason Session-timeout 11 +VALUE Annex-System-Disc-Reason Slave-termination 12 +VALUE Annex-System-Disc-Reason Abnormal-termination 13 +VALUE Annex-System-Disc-Reason DCD-wait-failed 14 +VALUE Annex-System-Disc-Reason CLI-inactivity 15 +VALUE Annex-System-Disc-Reason Admin-port-reset 16 +VALUE Annex-System-Disc-Reason CLI-auth-failed 17 +VALUE Annex-System-Disc-Reason Slave-auth-failed 18 +VALUE Annex-System-Disc-Reason PAP-auth-failed 19 +VALUE Annex-System-Disc-Reason CHAP-auth-failed 20 +VALUE Annex-System-Disc-Reason Local-modem-reset 21 +VALUE Annex-System-Disc-Reason Modem-dead 22 +VALUE Annex-System-Disc-Reason PPP-LCP-failure 23 +VALUE Annex-System-Disc-Reason PPP-IPCP-failure 24 +VALUE Annex-System-Disc-Reason PPP-IPXCP-failure 25 +VALUE Annex-System-Disc-Reason PPP-ATCP-failure 26 +VALUE Annex-System-Disc-Reason PPP-CCP-failure 27 +VALUE Annex-System-Disc-Reason PPP-MP-failure 28 +VALUE Annex-System-Disc-Reason PPP-IPCP-timeout 29 +VALUE Annex-System-Disc-Reason PPP-IPXCP-timeout 30 +VALUE Annex-System-Disc-Reason PPP-ATCP-timeout 31 +VALUE Annex-System-Disc-Reason PPP-CCP-timeout 32 +VALUE Annex-System-Disc-Reason PPP-MP-timeout 33 +VALUE Annex-System-Disc-Reason PPP-init-failure 34 +VALUE Annex-System-Disc-Reason PPP-Unknown 35 +VALUE Annex-System-Disc-Reason PPP-Dialback-failed 36 +VALUE Annex-System-Disc-Reason PPP-Address-In-Use 37 +VALUE Annex-System-Disc-Reason PPP-No-device 38 +VALUE Annex-System-Disc-Reason PPP-Modem-hangup-rcvd 39 +VALUE Annex-System-Disc-Reason PPP-Hangup-rcvd 40 +VALUE Annex-System-Disc-Reason PPP-Termination-rcvd 41 +VALUE Annex-System-Disc-Reason PPP-Kill-rcvd 42 +VALUE Annex-System-Disc-Reason PPP-Time-rcvd 43 +VALUE Annex-System-Disc-Reason PPP-No-memory 44 +VALUE Annex-System-Disc-Reason PPP-Connection-Abort 45 +VALUE Annex-System-Disc-Reason PPP-VPN-LCP-failure 46 +VALUE Annex-System-Disc-Reason PPP-VPN-Auth-failure 47 +VALUE Annex-System-Disc-Reason PPP-MP-invalid-port 48 +VALUE Annex-System-Disc-Reason PPP-Invalid-device 49 +VALUE Annex-System-Disc-Reason PPP-MMP-bundle-failure 50 +VALUE Annex-System-Disc-Reason DVS-Registration-failure 51 +VALUE Annex-System-Disc-Reason DVS-Home-agent-dereg 52 +VALUE Annex-System-Disc-Reason DVS-Tunnel-no-renew 53 +VALUE Annex-System-Disc-Reason DVS-Tunnel-expired 54 + +# Annex Modem Disconnect Reason Values + +VALUE Annex-Modem-Disc-Reason Unknown 0 +VALUE Annex-Modem-Disc-Reason Local-disconnect 1 +VALUE Annex-Modem-Disc-Reason CD-Timer-Expired 2 +VALUE Annex-Modem-Disc-Reason Remote-protocol-disc 4 +VALUE Annex-Modem-Disc-Reason Clear-down 5 +VALUE Annex-Modem-Disc-Reason Long-Space-disconnect 6 +VALUE Annex-Modem-Disc-Reason Carrier-Lost 7 +VALUE Annex-Modem-Disc-Reason Modem-Retrain-Timeout 8 + +# Annex Connection Progress Values + +#VALUE Annex-Connect-Progress Progress-Unknown 2 +#VALUE Annex-Connect-Progress Call-Is-Up 10 +#VALUE Annex-Connect-Progress CLI-Started 40 +#VALUE Annex-Connect-Progress LAN-Session-Is-Up 60 +#VALUE Annex-Connect-Progress LCP-Negotiations-Allowed 61 +#VALUE Annex-Connect-Progress CCP-Negotiations-Allowed 62 +#VALUE Annex-Connect-Progress IPCP-Negotiations-Allowed 63 +#VALUE Annex-Connect-Progress LCP-Is-In-Open-State 65 +#VALUE Annex-Connect-Progress CCP-Is-In-Open-State 66 +#VALUE Annex-Connect-Progress IPCP-Is-In-Open-State 67 +#VALUE Annex-Connect-Progress LCP-Is-In-Closed-State 71 +#VALUE Annex-Connect-Progress LCP-Is-In-Stopped-State 72 +#VALUE Annex-Connect-Progress LCP-Is-In-Closing-State 73 +#VALUE Annex-Connect-Progress LCP-Is-In-Request-Sent-State 75 +#VALUE Annex-Connect-Progress LCP-Is-In-Ack-Recvd-State 76 +#VALUE Annex-Connect-Progress LCP-Is-In-Ack-Sent-State 77 +#VALUE Annex-Connect-Progress IPXCP-Is-In-Open-State 80 + +#VALUE Annex-Multicast-Client Multicast-No 0 +#VALUE Annex-Multicast-Client Multicast-Yes 1 + +#VALUE Annex-Inbound-Precedence Routine 0 +#VALUE Annex-Inbound-Precedence Priority 1 +#VALUE Annex-Inbound-Precedence Immediate 2 +#VALUE Annex-Inbound-Precedence Flash 3 +#VALUE Annex-Inbound-Precedence Flash-Override 4 +#VALUE Annex-Inbound-Precedence CRITIC/ECP 5 +#VALUE Annex-Inbound-Precedence Internetwork-Control 6 +#VALUE Annex-Inbound-Precedence Network-Control 7 + +#VALUE Annex-Outbound-Precedence Routine 0 +#VALUE Annex-Outbound-Precedence Priority 1 +#VALUE Annex-Outbound-Precedence Immediate 2 +#VALUE Annex-Outbound-Precedence Flash 3 +#VALUE Annex-Outbound-Precedence Flash-Override 4 +#VALUE Annex-Outbound-Precedence CRITIC/ECP 5 +#VALUE Annex-Outbound-Precedence Internetwork-Control 6 +#VALUE Annex-Outbound-Precedence Network-Control 7 + +#VALUE Annex-Gwy-Selection-Mode Normal 0 +#VALUE Annex-Gwy-Selection-Mode Backup 1 +#VALUE Annex-Gwy-Selection-Mode Distribution 2 + +#VALUE Annex-Pool-Id Pool-One 1 +#VALUE Annex-Pool-Id Pool-Two 2 +#VALUE Annex-Pool-Id Pool-Three 3 +#VALUE Annex-Pool-Id Pool-Four 4 +#VALUE Annex-Pool-Id Pool-Five 5 +#VALUE Annex-Pool-Id Pool-Six 6 + +VALUE Annex-User-Level Manager 2 +VALUE Annex-User-Level User 4 +VALUE Annex-User-Level Operator 8 + +VALUE Annex-Audit-Level Manager 2 +VALUE Annex-Audit-Level User 4 +VALUE Annex-Audit-Level Operator 8 + +END-VENDOR Bay-Networks + +# +# Define additional Bay Networks specific values for the main +# RADIUS dictionary +# +# Note that '0x0630' == 1584, which is the Vendor-ID for Bay Networks. +# Nice design, and probably the best way of adding vendor-specific +# VALUE extensions to the standard RADIUS attributes. +# + +VALUE Service-Type Annex-Authorize-Only 0x06300001 +VALUE Service-Type Annex-Framed-Tunnel 0x06300002 + +VALUE Acct-Status-Type Annex-User-Reject 0x06300001 +VALUE Acct-Status-Type Annex-Call-Reject 0x06300002 +VALUE Acct-Status-Type Annex-IPCP-Start 0x06300003 +VALUE Acct-Status-Type Annex-IPXCP-Start 0x06300004 +VALUE Acct-Status-Type Annex-ATCP-Start 0x06300005 +VALUE Acct-Status-Type Annex-Accounting-Restart 0x06300006 +VALUE Acct-Status-Type Annex-Accounting-Shutoff 0x06300007 +VALUE Acct-Status-Type Annex-Tunnel-Start 0x06300008 +VALUE Acct-Status-Type Annex-Tunnel-Stop 0x06300009 +VALUE Acct-Status-Type Annex-Tunnel-Reject 0x0630000a +VALUE Acct-Status-Type Annex-Tunnel-Link-Start 0x0630000b +VALUE Acct-Status-Type Annex-Tunnel-Link-Stop 0x0630000c +VALUE Acct-Status-Type Annex-MP-Start 0x0630000d +VALUE Acct-Status-Type Annex-MP-Stop 0x0630000e +VALUE Acct-Status-Type Annex-Line-Seizure 0x0630000f +VALUE Acct-Status-Type Annex-Rlogin-Start 0x06300010 +VALUE Acct-Status-Type Annex-Rlogin-Stop 0x06300011 + diff --git a/freeradius/dict/dictionary.bintec b/freeradius/dict/dictionary.bintec new file mode 100644 index 0000000..49585c9 --- /dev/null +++ b/freeradius/dict/dictionary.bintec @@ -0,0 +1,47 @@ +# -*- text -*- +# +# Bintec dictionary +# $Id$ +# +# +# +VENDOR BinTec 272 + +# (272 << 16) | N +# +VALUE Framed-Protocol Bintec-X25 0x01100002 +VALUE Framed-Protocol Bintec-X25-PPP 0x01100003 +VALUE Framed-Protocol Bintec-IP-LAPB 0x01100004 +VALUE Framed-Protocol Bintec-IP-HDLC 0x01100006 +VALUE Framed-Protocol Bintec-MPR-LAPB 0x01100007 +VALUE Framed-Protocol Bintec-MPR-HDLC 0x01100008 +VALUE Framed-Protocol Bintec-FRAME-RELAY 0x01100009 +VALUE Framed-Protocol Bintec-X31-BCHAN 0x0110000a +VALUE Framed-Protocol Bintec-X75-PPP 0x0110000b +VALUE Framed-Protocol Bintec-X75BTX-PPP 0x0110000c +VALUE Framed-Protocol Bintec-X25-NOSIG 0x0110000d +VALUE Framed-Protocol Bintec-X25-PPP-OPT 0x0110000e + +# +# +BEGIN-VENDOR BinTec + +ATTRIBUTE BinTec-biboPPPTable 224 string +ATTRIBUTE BinTec-biboDialTable 225 string +ATTRIBUTE BinTec-ipExtIfTable 226 string +ATTRIBUTE BinTec-ipRouteTable 227 string +ATTRIBUTE BinTec-ipExtRtTable 228 string +ATTRIBUTE BinTec-ipNatPresetTable 229 string +ATTRIBUTE BinTec-ipxCircTable 230 string +ATTRIBUTE BinTec-ripCircTable 231 string +ATTRIBUTE BinTec-sapCircTable 232 string +ATTRIBUTE BinTec-ipxStaticRouteTable 233 string +ATTRIBUTE BinTec-ipxStaticServTable 234 string +ATTRIBUTE BinTec-ospfIfTable 235 string +ATTRIBUTE BinTec-pppExtIfTable 236 string +ATTRIBUTE BinTec-ipFilterTable 237 string +ATTRIBUTE BinTec-ipQoSTable 238 string +ATTRIBUTE BinTec-qosIfTable 239 string +ATTRIBUTE BinTec-qosPolicyTable 240 string + +END-VENDOR BinTec diff --git a/freeradius/dict/dictionary.bristol b/freeradius/dict/dictionary.bristol new file mode 100644 index 0000000..832c260 --- /dev/null +++ b/freeradius/dict/dictionary.bristol @@ -0,0 +1,23 @@ +# -*- text -*- +# +# dictionary.bristol +# +# RoamNode VSA's +# +# Version: $Id$ +# + +VENDOR Bristol 4363 + +# +# Standard attribute +# +BEGIN-VENDOR Bristol + +ATTRIBUTE NN-Data-Rate 1 integer +ATTRIBUTE NN-Data-Rate-Ceiling 2 integer +ATTRIBUTE NN-Homenode 3 ipaddr +ATTRIBUTE NN-Homeservice 4 ipaddr +ATTRIBUTE NN-Homeservice-Name 5 string + +END-VENDOR Bristol diff --git a/freeradius/dict/dictionary.cablelabs b/freeradius/dict/dictionary.cablelabs new file mode 100644 index 0000000..2314e4a --- /dev/null +++ b/freeradius/dict/dictionary.cablelabs @@ -0,0 +1,199 @@ +# -*- text -*- +############################################################################## +# +# CableLabs +# +# $Id$ +# +############################################################################## + +VENDOR CableLabs 4491 + +BEGIN-VENDOR CableLabs + +ATTRIBUTE CableLabs-Reserved 0 octets +ATTRIBUTE CableLabs-Event-Message 1 octets +ATTRIBUTE CableLabs-MTA-Endpoint-Name 3 string +ATTRIBUTE CableLabs-Calling-Party-Number 4 string +ATTRIBUTE CableLabs-Called-Party-Number 5 string +ATTRIBUTE CableLabs-Database-ID 6 string +ATTRIBUTE CableLabs-Query-Type 7 integer +ATTRIBUTE CableLabs-Returned-Number 9 string +ATTRIBUTE CableLabs-Call-Termination-Cause 11 octets + +#ATTRIBUTE CableLabs-Related-Call-Billing-Correlation-ID 13 octets +ATTRIBUTE CableLabs-Related-Call-Billing-Crl-ID 13 octets + +#ATTRIBUTE CableLabs-First-Call-Calling-Party-Number 14 string +#ATTRIBUTE CableLabs-Second-Call-Calling-Party-Number 15 string +ATTRIBUTE CableLabs-First-Call-Calling-Party-Num 14 string +ATTRIBUTE CableLabs-Second-Call-Calling-Party-Num 15 string + +ATTRIBUTE CableLabs-Charge-Number 16 string +ATTRIBUTE CableLabs-Forwarded-Number 17 string +ATTRIBUTE CableLabs-Service-Name 18 string +ATTRIBUTE CableLabs-Intl-Code 20 string +ATTRIBUTE CableLabs-Dial-Around-Code 21 string +ATTRIBUTE CableLabs-Location-Routing-Number 22 string +ATTRIBUTE CableLabs-Carrier-Identification-Code 23 string +ATTRIBUTE CableLabs-Trunk-Group-ID 24 octets +ATTRIBUTE CableLabs-Routing-Number 25 string +ATTRIBUTE CableLabs-MTA-UDP-Portnum 26 integer +ATTRIBUTE CableLabs-Channel-State 29 integer +ATTRIBUTE CableLabs-SF-ID 30 integer +ATTRIBUTE CableLabs-Error-Description 31 string +ATTRIBUTE CableLabs-QoS-Descriptor 32 octets +ATTRIBUTE CableLabs-Direction-indicator 37 integer +ATTRIBUTE CableLabs-Time-Adjustment 38 octets +ATTRIBUTE CableLabs-SDP-Upstream 39 string +ATTRIBUTE CableLabs-SDP-Downstream 40 string +ATTRIBUTE CableLabs-User-Input 41 string +ATTRIBUTE CableLabs-Translation-Input 42 string +ATTRIBUTE CableLabs-Redirected-From-Info 43 octets + +#ATTRIBUTE CableLabs-Electronic-Surveillance-Indication 44 octets +ATTRIBUTE CableLabs-Electronic-Surveillance-Ind 44 octets + +ATTRIBUTE CableLabs-Redirected-From-Party-Number 45 string +ATTRIBUTE CableLabs-Redirected-To-Party-Number 46 string + +#ATTRIBUTE CableLabs-Electronic-Surveillance-DF-Security 47 octets +ATTRIBUTE CableLabs-El-Surveillance-DF-Security 47 octets + +ATTRIBUTE CableLabs-CCC-ID 48 octets +ATTRIBUTE CableLabs-Financial-Entity-ID 49 string +ATTRIBUTE CableLabs-Flow-Direction 50 integer +ATTRIBUTE CableLabs-Signal-Type 51 integer +ATTRIBUTE CableLabs-Alerting-Signal 52 integer +ATTRIBUTE CableLabs-Subject-Audible-Signal 53 integer +ATTRIBUTE CableLabs-Terminal-Display-Info 54 octets +ATTRIBUTE CableLabs-Switch-Hook-Flash 55 string +ATTRIBUTE CableLabs-Dialed-Digits 56 string +ATTRIBUTE CableLabs-Misc-Signaling-Information 57 string +ATTRIBUTE CableLabs-AM-Opaque-Data 61 integer +ATTRIBUTE CableLabs-Subscriber-ID 62 integer +ATTRIBUTE CableLabs-Volume-Usage-Limit 63 integer +ATTRIBUTE CableLabs-Gate-Usage-Info 64 integer +ATTRIBUTE CableLabs-Element-Requesting-QoS 65 integer +ATTRIBUTE CableLabs-QoS-Release-Reason 66 integer +ATTRIBUTE CableLabs-Policy-Denied-Reason 67 integer +ATTRIBUTE CableLabs-Policy-Deleted-Reason 68 integer +ATTRIBUTE CableLabs-Policy-Update-Reason 69 integer +ATTRIBUTE CableLabs-Policy-Decision-Status 70 integer +ATTRIBUTE CableLabs-Application-Manager-ID 71 integer +ATTRIBUTE CableLabs-Time-Usage-Limit 72 integer +ATTRIBUTE CableLabs-Gate-Time-Info 73 integer +ATTRIBUTE CableLabs-Account-Code 80 string +ATTRIBUTE CableLabs-Authorization-Code 81 string + +VALUE CableLabs-Event-Message Reserved 0 +VALUE CableLabs-Event-Message Signaling-Start 1 +VALUE CableLabs-Event-Message Signaling-Stop 2 +VALUE CableLabs-Event-Message Database-Query 3 +VALUE CableLabs-Event-Message Intelligent-Peripheral-Usage-Start 4 +VALUE CableLabs-Event-Message Intelligent-Peripheral-Usage-Stop 5 +VALUE CableLabs-Event-Message Service-Instance 6 +VALUE CableLabs-Event-Message QoS-Reserve 7 +VALUE CableLabs-Event-Message QoS-Release 8 +VALUE CableLabs-Event-Message Service-Activation 9 +VALUE CableLabs-Event-Message Service-Deactivation 10 +VALUE CableLabs-Event-Message Media-Report 11 +VALUE CableLabs-Event-Message Signal-Instance 12 +VALUE CableLabs-Event-Message Interconnect-Signaling-Start 13 +VALUE CableLabs-Event-Message Interconnect-Signaling-Stop 14 +VALUE CableLabs-Event-Message Call-Answer 15 +VALUE CableLabs-Event-Message Call-Disconnect 16 +VALUE CableLabs-Event-Message Time-Change 17 +VALUE CableLabs-Event-Message QoS-Commit 19 +VALUE CableLabs-Event-Message Media-Alive 20 +VALUE CableLabs-Event-Message Policy-Request 31 +VALUE CableLabs-Event-Message Policy-Delete 32 +VALUE CableLabs-Event-Message Policy-Update 33 + +VALUE CableLabs-Query-Type Reserved 0 +VALUE CableLabs-Query-Type Toll-Free-Number-Looukp 1 +VALUE CableLabs-Query-Type LNP-Number-Lookup 2 +VALUE CableLabs-Query-Type Calling-Name-Delivery-Lookup 3 + +VALUE CableLabs-Channel-State Reserved 0 +VALUE CableLabs-Channel-State Open 1 +VALUE CableLabs-Channel-State Change 2 +VALUE CableLabs-Channel-State Close 3 + +VALUE CableLabs-Direction-indicator Undefined 0 +VALUE CableLabs-Direction-indicator Originating 1 +VALUE CableLabs-Direction-indicator Terminating 2 + +VALUE CableLabs-Flow-Direction Reserved 0 +VALUE CableLabs-Flow-Direction Upstream 1 +VALUE CableLabs-Flow-Direction Downstream 2 + +VALUE CableLabs-Signal-Type Reserved 0 +VALUE CableLabs-Signal-Type Network-Signal 1 +VALUE CableLabs-Signal-Type Subject-Signal 2 + +VALUE CableLabs-Alerting-Signal Reserved-0 0 +VALUE CableLabs-Alerting-Signal Ringing 1 +VALUE CableLabs-Alerting-Signal Distinctive-Ringing-2 2 +VALUE CableLabs-Alerting-Signal Distinctive-Ringing-3 3 +VALUE CableLabs-Alerting-Signal Distinctive-Ringing-4 4 +VALUE CableLabs-Alerting-Signal Ringsplash 5 +VALUE CableLabs-Alerting-Signal Call-Waiting-Tone-1 6 +VALUE CableLabs-Alerting-Signal Call-Waiting-Tone-2 7 +VALUE CableLabs-Alerting-Signal Call-Waiting-Tone-3 8 +VALUE CableLabs-Alerting-Signal Call-Waiting-Tone-4 9 +VALUE CableLabs-Alerting-Signal Reserved-10 10 +VALUE CableLabs-Alerting-Signal Distinctive-Ringing-0 11 +VALUE CableLabs-Alerting-Signal Distinctive-Ringing-1 12 +VALUE CableLabs-Alerting-Signal Distinctive-Ringing-5 13 +VALUE CableLabs-Alerting-Signal Distinctive-Ringing-6 14 +VALUE CableLabs-Alerting-Signal Distinctive-Ringing-7 15 + +VALUE CableLabs-AM-Opaque-Data Reserved-0 0 +VALUE CableLabs-AM-Opaque-Data Dial-Tone 1 +VALUE CableLabs-AM-Opaque-Data Stutter-Dial-Tone 2 +VALUE CableLabs-AM-Opaque-Data Ring-Back-Tone 3 +VALUE CableLabs-AM-Opaque-Data Reorder-Tone 4 +VALUE CableLabs-AM-Opaque-Data Busy-Tone 5 +VALUE CableLabs-AM-Opaque-Data Confirmation-Tone 6 +VALUE CableLabs-AM-Opaque-Data Reserved-7 7 +VALUE CableLabs-AM-Opaque-Data Message-Waiting-Indicator 8 +VALUE CableLabs-AM-Opaque-Data Off-hook-Warning-Tone 9 + +VALUE CableLabs-Element-Requesting-QoS Client 0 +VALUE CableLabs-Element-Requesting-QoS Policy-Server 1 +VALUE CableLabs-Element-Requesting-QoS Embedded-Client 2 + +VALUE CableLabs-QoS-Release-Reason Gate-Closed-By-PS 1 +VALUE CableLabs-QoS-Release-Reason Inactivity-Resource-Recovery-Timer-Expiration 2 +VALUE CableLabs-QoS-Release-Reason CM-Failure 3 +VALUE CableLabs-QoS-Release-Reason Pre-Empted 4 +VALUE CableLabs-QoS-Release-Reason RSVP-PathTear-request 5 +VALUE CableLabs-QoS-Release-Reason CM-Request 6 +VALUE CableLabs-QoS-Release-Reason Admitted-Timer-Expiration 7 +VALUE CableLabs-QoS-Release-Reason Other 127 + +VALUE CableLabs-Policy-Denied-Reason Policy-Server-Admission-Control-Failure 1 +VALUE CableLabs-Policy-Denied-Reason Insufficient-Resources 2 +VALUE CableLabs-Policy-Denied-Reason Unknown-Subscriber 3 +VALUE CableLabs-Policy-Denied-Reason Unauthorized-AMID 4 +VALUE CableLabs-Policy-Denied-Reason Undefined-Service-Class-Name 5 +VALUE CableLabs-Policy-Denied-Reason Incompatible-Envelope 6 +VALUE CableLabs-Policy-Denied-Reason Other 127 + +VALUE CableLabs-Policy-Deleted-Reason Application-Manager-Request 1 +VALUE CableLabs-Policy-Deleted-Reason CMTS-Decistion 2 +VALUE CableLabs-Policy-Deleted-Reason Other 127 + +VALUE CableLabs-Policy-Update-Reason Traffic-Profile 1 +VALUE CableLabs-Policy-Update-Reason Classifier 2 +VALUE CableLabs-Policy-Update-Reason Volume-Limit 3 +VALUE CableLabs-Policy-Update-Reason Time-Limit 4 +VALUE CableLabs-Policy-Update-Reason Opaque-Data 5 +VALUE CableLabs-Policy-Update-Reason Multiple-Updates 6 +VALUE CableLabs-Policy-Update-Reason Other 127 + +VALUE CableLabs-Policy-Decision-Status Policy-Approved 1 +VALUE CableLabs-Policy-Decision-Status Policy-Denied 2 + +END-VENDOR CableLabs diff --git a/freeradius/dict/dictionary.cabletron b/freeradius/dict/dictionary.cabletron new file mode 100644 index 0000000..f370e84 --- /dev/null +++ b/freeradius/dict/dictionary.cabletron @@ -0,0 +1,26 @@ +# -*- text -*- +# +# http://www.cabletron.com (now http://www.enterasys.com) +# $Id$ +# + +VENDOR Cabletron 52 + +BEGIN-VENDOR Cabletron + +ATTRIBUTE Cabletron-Protocol-Enable 201 integer +ATTRIBUTE Cabletron-Protocol-Callable 202 integer + +VALUE Cabletron-Protocol-Enable IP-Enable 1 +VALUE Cabletron-Protocol-Enable Bridge-Enable 2 +VALUE Cabletron-Protocol-Enable IP-BR-Enable 3 +VALUE Cabletron-Protocol-Enable BR-IPX-Enable 6 +VALUE Cabletron-Protocol-Enable IP-BR-IPX-Enable 7 + +VALUE Cabletron-Protocol-Callable IP-Callable 1 +VALUE Cabletron-Protocol-Callable Bridge-Callable 2 +VALUE Cabletron-Protocol-Callable IP-BR-Callable 3 +VALUE Cabletron-Protocol-Callable BR-IPX-Callable 6 +VALUE Cabletron-Protocol-Callable IP-BR-IPX-Callable 7 + +END-VENDOR Cabletron diff --git a/freeradius/dict/dictionary.chillispot b/freeradius/dict/dictionary.chillispot new file mode 100644 index 0000000..ee96773 --- /dev/null +++ b/freeradius/dict/dictionary.chillispot @@ -0,0 +1,49 @@ +# +# ChilliSpot (and CoovaChilli) captive portal +# http://coova.org/wiki/index.php/CoovaChilli +# +# $Id: dictionary.chillispot,v 1.3 2007/09/24 16:16:22 dwbird Exp $ +# + +VENDOR ChilliSpot 14559 + +BEGIN-VENDOR ChilliSpot + +ATTRIBUTE ChilliSpot-Max-Input-Octets 1 integer +ATTRIBUTE ChilliSpot-Max-Output-Octets 2 integer +ATTRIBUTE ChilliSpot-Max-Total-Octets 3 integer +ATTRIBUTE ChilliSpot-Bandwidth-Max-Up 4 integer +ATTRIBUTE ChilliSpot-Bandwidth-Max-Down 5 integer +ATTRIBUTE ChilliSpot-Config 6 string +ATTRIBUTE ChilliSpot-Lang 7 string +ATTRIBUTE ChilliSpot-Version 8 string +ATTRIBUTE ChilliSpot-OriginalURL 9 string +ATTRIBUTE ChilliSpot-Acct-View-Point 10 integer +ATTRIBUTE ChilliSpot-Require-UAM 11 string +ATTRIBUTE ChilliSpot-Require-Splash 12 string +ATTRIBUTE ChilliSpot-Route-To-Interface 13 string + +ATTRIBUTE ChilliSpot-DHCP-Vendor-Class-Id 50 string +ATTRIBUTE ChilliSpot-DHCP-Client-Id 51 string +ATTRIBUTE ChilliSpot-DHCP-Options 52 string +ATTRIBUTE ChilliSpot-DHCP-Filename 53 string +ATTRIBUTE ChilliSpot-DHCP-Hostname 54 string +ATTRIBUTE ChilliSpot-DHCP-Server-Name 55 string +ATTRIBUTE ChilliSpot-DHCP-Client-FQDN 56 string +ATTRIBUTE ChilliSpot-DHCP-Parameter-Request-List 57 string + +VALUE ChilliSpot-Acct-View-Point ChilliSpot-NAS-View-Point 1 +VALUE ChilliSpot-Acct-View-Point ChilliSpot-Client-View-Point 2 + +# Configuration management parameters (ChilliSpot Only) +ATTRIBUTE ChilliSpot-UAM-Allowed 100 string +ATTRIBUTE ChilliSpot-MAC-Allowed 101 string +ATTRIBUTE ChilliSpot-Interval 102 integer + +# Inline with RFC 2882 use of VSE-Authorize-Only for remote config +# Note that 14559 = 0x38df is used as prefix for the VSE. +# This is recognized as the best (but bad) way of doing VSEs. +# (ChilliSpot Only - CoovaChilli uses Service-Type = Administrative-User) +VALUE Service-Type ChilliSpot-Authorize-Only 0x38df0001 + +END-VENDOR ChilliSpot diff --git a/freeradius/dict/dictionary.cisco b/freeradius/dict/dictionary.cisco new file mode 100644 index 0000000..08b43a5 --- /dev/null +++ b/freeradius/dict/dictionary.cisco @@ -0,0 +1,156 @@ +# -*- text -*- +# +# dictionary.cisco +# +# Accounting VSAs originally by +# "Marcelo M. Sosa Lugones" +# +# Version: $Id$ +# +# For documentation on Cisco RADIUS attributes, see: +# +# http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/vapp_dev/vsaig3.htm +# +# For general documentation on Cisco RADIUS configuration, see: +# +# http://www.cisco.com/en/US/partner/tech/tk583/tk547/tsd_technology_support_sub-protocol_home.html +# + +VENDOR Cisco 9 + +# +# Standard attribute +# +BEGIN-VENDOR Cisco + +ATTRIBUTE Cisco-AVPair 1 string +ATTRIBUTE Cisco-NAS-Port 2 string + +# +# T.37 Store-and-Forward attributes. +# +ATTRIBUTE Cisco-Fax-Account-Id-Origin 3 string +ATTRIBUTE Cisco-Fax-Msg-Id 4 string +ATTRIBUTE Cisco-Fax-Pages 5 string +ATTRIBUTE Cisco-Fax-Coverpage-Flag 6 string +ATTRIBUTE Cisco-Fax-Modem-Time 7 string +ATTRIBUTE Cisco-Fax-Connect-Speed 8 string +ATTRIBUTE Cisco-Fax-Recipient-Count 9 string +ATTRIBUTE Cisco-Fax-Process-Abort-Flag 10 string +ATTRIBUTE Cisco-Fax-Dsn-Address 11 string +ATTRIBUTE Cisco-Fax-Dsn-Flag 12 string +ATTRIBUTE Cisco-Fax-Mdn-Address 13 string +ATTRIBUTE Cisco-Fax-Mdn-Flag 14 string +ATTRIBUTE Cisco-Fax-Auth-Status 15 string +ATTRIBUTE Cisco-Email-Server-Address 16 string +ATTRIBUTE Cisco-Email-Server-Ack-Flag 17 string +ATTRIBUTE Cisco-Gateway-Id 18 string +ATTRIBUTE Cisco-Call-Type 19 string +ATTRIBUTE Cisco-Port-Used 20 string +ATTRIBUTE Cisco-Abort-Cause 21 string + +# +# Voice over IP attributes. +# +ATTRIBUTE h323-remote-address 23 string +ATTRIBUTE h323-conf-id 24 string +ATTRIBUTE h323-setup-time 25 string +ATTRIBUTE h323-call-origin 26 string +ATTRIBUTE h323-call-type 27 string +ATTRIBUTE h323-connect-time 28 string +ATTRIBUTE h323-disconnect-time 29 string +ATTRIBUTE h323-disconnect-cause 30 string +ATTRIBUTE h323-voice-quality 31 string +ATTRIBUTE h323-gw-id 33 string +ATTRIBUTE h323-incoming-conf-id 35 string + +ATTRIBUTE h323-credit-amount 101 string +ATTRIBUTE h323-credit-time 102 string +ATTRIBUTE h323-return-code 103 string +ATTRIBUTE h323-prompt-id 104 string +ATTRIBUTE h323-time-and-day 105 string +ATTRIBUTE h323-redirect-number 106 string +ATTRIBUTE h323-preferred-lang 107 string +ATTRIBUTE h323-redirect-ip-address 108 string +ATTRIBUTE h323-billing-model 109 string +ATTRIBUTE h323-currency 110 string +ATTRIBUTE subscriber 111 string +ATTRIBUTE gw-rxd-cdn 112 string +ATTRIBUTE gw-final-xlated-cdn 113 string +ATTRIBUTE remote-media-address 114 string +ATTRIBUTE release-source 115 string +ATTRIBUTE gw-rxd-cgn 116 string +ATTRIBUTE gw-final-xlated-cgn 117 string + +# SIP Attributes +ATTRIBUTE call-id 141 string +ATTRIBUTE session-protocol 142 string +ATTRIBUTE method 143 string +ATTRIBUTE prev-hop-via 144 string +ATTRIBUTE prev-hop-ip 145 string +ATTRIBUTE incoming-req-uri 146 string +ATTRIBUTE outgoing-req-uri 147 string +ATTRIBUTE next-hop-ip 148 string +ATTRIBUTE next-hop-dn 149 string +ATTRIBUTE sip-hdr 150 string + +# +# Extra attributes sent by the Cisco, if you configure +# "radius-server vsa accounting" (requires IOS11.2+). +# +ATTRIBUTE Cisco-Multilink-ID 187 integer +ATTRIBUTE Cisco-Num-In-Multilink 188 integer +ATTRIBUTE Cisco-Pre-Input-Octets 190 integer +ATTRIBUTE Cisco-Pre-Output-Octets 191 integer +ATTRIBUTE Cisco-Pre-Input-Packets 192 integer +ATTRIBUTE Cisco-Pre-Output-Packets 193 integer +ATTRIBUTE Cisco-Maximum-Time 194 integer +ATTRIBUTE Cisco-Disconnect-Cause 195 integer +ATTRIBUTE Cisco-Data-Rate 197 integer +ATTRIBUTE Cisco-PreSession-Time 198 integer +ATTRIBUTE Cisco-PW-Lifetime 208 integer +ATTRIBUTE Cisco-IP-Direct 209 integer +ATTRIBUTE Cisco-PPP-VJ-Slot-Comp 210 integer +ATTRIBUTE Cisco-PPP-Async-Map 212 integer +ATTRIBUTE Cisco-IP-Pool-Definition 217 string +ATTRIBUTE Cisco-Assign-IP-Pool 218 integer +ATTRIBUTE Cisco-Route-IP 228 integer +ATTRIBUTE Cisco-Link-Compression 233 integer +ATTRIBUTE Cisco-Target-Util 234 integer +ATTRIBUTE Cisco-Maximum-Channels 235 integer +ATTRIBUTE Cisco-Data-Filter 242 integer +ATTRIBUTE Cisco-Call-Filter 243 integer +ATTRIBUTE Cisco-Idle-Limit 244 integer +ATTRIBUTE Cisco-Account-Info 250 string +ATTRIBUTE Cisco-Service-Info 251 string +ATTRIBUTE Cisco-Command-Code 252 string +ATTRIBUTE Cisco-Control-Info 253 string +ATTRIBUTE Cisco-Xmit-Rate 255 integer + +VALUE Cisco-Disconnect-Cause Unknown 2 +VALUE Cisco-Disconnect-Cause CLID-Authentication-Failure 4 +VALUE Cisco-Disconnect-Cause No-Carrier 10 +VALUE Cisco-Disconnect-Cause Lost-Carrier 11 +VALUE Cisco-Disconnect-Cause No-Detected-Result-Codes 12 +VALUE Cisco-Disconnect-Cause User-Ends-Session 20 +VALUE Cisco-Disconnect-Cause Idle-Timeout 21 +VALUE Cisco-Disconnect-Cause Exit-Telnet-Session 22 +VALUE Cisco-Disconnect-Cause No-Remote-IP-Addr 23 +VALUE Cisco-Disconnect-Cause Exit-Raw-TCP 24 +VALUE Cisco-Disconnect-Cause Password-Fail 25 +VALUE Cisco-Disconnect-Cause Raw-TCP-Disabled 26 +VALUE Cisco-Disconnect-Cause Control-C-Detected 27 +VALUE Cisco-Disconnect-Cause EXEC-Program-Destroyed 28 +VALUE Cisco-Disconnect-Cause Timeout-PPP-LCP 40 +VALUE Cisco-Disconnect-Cause Failed-PPP-LCP-Negotiation 41 +VALUE Cisco-Disconnect-Cause Failed-PPP-PAP-Auth-Fail 42 +VALUE Cisco-Disconnect-Cause Failed-PPP-CHAP-Auth 43 +VALUE Cisco-Disconnect-Cause Failed-PPP-Remote-Auth 44 +VALUE Cisco-Disconnect-Cause PPP-Remote-Terminate 45 +VALUE Cisco-Disconnect-Cause PPP-Closed-Event 46 +VALUE Cisco-Disconnect-Cause Session-Timeout 100 +VALUE Cisco-Disconnect-Cause Session-Failed-Security 101 +VALUE Cisco-Disconnect-Cause Session-End-Callback 102 +VALUE Cisco-Disconnect-Cause Invalid-Protocol 120 + +END-VENDOR Cisco diff --git a/freeradius/dict/dictionary.cisco.bbsm b/freeradius/dict/dictionary.cisco.bbsm new file mode 100644 index 0000000..ebdde08 --- /dev/null +++ b/freeradius/dict/dictionary.cisco.bbsm @@ -0,0 +1,13 @@ +# -*- text -*- +# +# Cisco Building Broadband Service Manager Dictionary +# +# http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/csnt30/user/ad.htm +# +# $Id$ +# +VENDOR Cisco-BBSM 5263 + +BEGIN-VENDOR Cisco-BBSM +ATTRIBUTE CBBSM-Bandwidth 1 integer +END-VENDOR Cisco-BBSM diff --git a/freeradius/dict/dictionary.cisco.vpn3000 b/freeradius/dict/dictionary.cisco.vpn3000 new file mode 100644 index 0000000..c1ff41e --- /dev/null +++ b/freeradius/dict/dictionary.cisco.vpn3000 @@ -0,0 +1,198 @@ +# -*- text -*- +# +# Cisco VPN 3000 Concentrator Dictionary +# +# http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/csnt30/user/ad.htm +# http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs31/acsuser/ad.htm +# +# $Id$ +# +VENDOR Cisco-VPN3000 3076 + +BEGIN-VENDOR Cisco-VPN3000 +ATTRIBUTE CVPN3000-Access-Hours 1 string +ATTRIBUTE CVPN3000-Simultaneous-Logins 2 integer +ATTRIBUTE CVPN3000-Min-Password-Length 3 integer +ATTRIBUTE CVPN3000-Allow-Alpha-Only-Passwords 4 integer +ATTRIBUTE CVPN3000-Primary-DNS 5 ipaddr +ATTRIBUTE CVPN3000-Secondary-DNS 6 ipaddr +ATTRIBUTE CVPN3000-Primary-WINS 7 ipaddr +ATTRIBUTE CVPN3000-Secondary-WINS 8 ipaddr +ATTRIBUTE CVPN3000-SEP-Card-Assignment 9 integer +ATTRIBUTE CVPN3000-Priority-On-SEP 10 ipaddr +ATTRIBUTE CVPN3000-Tunneling-Protocols 11 integer +ATTRIBUTE CVPN3000-IPSec-Sec-Association 12 string +ATTRIBUTE CVPN3000-IPSec-Authentication 13 integer +ATTRIBUTE CVPN3000-IPSec-Banner1 15 string +ATTRIBUTE CVPN3000-IPSec-Allow-Passwd-Store 16 integer +ATTRIBUTE CVPN3000-Use-Client-Address 17 integer +ATTRIBUTE CVPN3000-PPTP-Min-Auth-Protocol 18 integer +ATTRIBUTE CVPN3000-L2TP-Min-Auth-Protocol 19 integer +ATTRIBUTE CVPN3000-PPTP-Encryption 20 integer +ATTRIBUTE CVPN3000-L2TP-Encryption 21 integer +ATTRIBUTE CVPN3000-Auth-Server-Type 22 integer +ATTRIBUTE CVPN3000-Auth-Server-Password 23 string +ATTRIBUTE CVPN3000-Request-Auth-Vector 24 string +ATTRIBUTE CVPN3000-IPSec-LTL-Keepalives 25 integer +ATTRIBUTE CVPN3000-IPSec-Group-Name 26 string +ATTRIBUTE CVPN3000-IPSec-Split-Tunnel-List 27 string +ATTRIBUTE CVPN3000-IPSec-Default-Domain 28 string +ATTRIBUTE CVPN3000-IPSec-Split-DNS-Names 29 string +ATTRIBUTE CVPN3000-IPSec-Tunnel-Type 30 integer +ATTRIBUTE CVPN3000-IPSec-Mode-Config 31 integer +ATTRIBUTE CVPN3000-Auth-Server-Priority 32 integer +ATTRIBUTE CVPN3000-IPSec-User-Group-Lock 33 integer +ATTRIBUTE CVPN3000-IPSec-Over-UDP 34 integer +ATTRIBUTE CVPN3000-IPSec-Over-UDP-Port 35 integer +ATTRIBUTE CVPN3000-IPSec-Banner2 36 string +ATTRIBUTE CVPN3000-PPTP-MPPC-Compression 37 integer +ATTRIBUTE CVPN3000-L2TP-MPPC-Compression 38 integer +ATTRIBUTE CVPN3000-IPSec-IP-Compression 39 integer +ATTRIBUTE CVPN3000-IPSec-IKE-Peer-ID-Check 40 integer +ATTRIBUTE CVPN3000-IKE-Keep-Alives 41 integer +ATTRIBUTE CVPN3000-IPSec-Auth-On-Rekey 42 integer +ATTRIBUTE CVPN3000-Reqrd-Client-Fw-Vendor-Code 45 integer +ATTRIBUTE CVPN3000-Reqrd-Client-Fw-Product-Code 46 integer +ATTRIBUTE CVPN3000-Reqrd-Client-Fw-Description 47 string +ATTRIBUTE CVPN3000-Require-HW-Client-Auth 48 integer +ATTRIBUTE CVPN3000-Require-Individual-User-Auth 49 integer +ATTRIBUTE CVPN3000-Authd-User-Idle-Timeout 50 integer +ATTRIBUTE CVPN3000-Cisco-IP-Phone-Bypass 51 integer +ATTRIBUTE CVPN3000-User-Auth-Server-Name 52 string +ATTRIBUTE CVPN3000-User-Auth-Server-Port 53 integer +ATTRIBUTE CVPN3000-User-Auth-Server-Secret 54 string +ATTRIBUTE CVPN3000-IPSec-Split-Tunneling-Policy 55 integer +ATTRIBUTE CVPN3000-IPSec-Reqrd-Client-Fw-Cap 56 integer +ATTRIBUTE CVPN3000-IPSec-Client-Fw-Filter-Name 57 string +ATTRIBUTE CVPN3000-IPSec-Client-Fw-Filter-Opt 58 integer +ATTRIBUTE CVPN3000-IPSec-Backup-Servers 59 integer +ATTRIBUTE CVPN3000-IPSec-Backup-Server-List 60 string +ATTRIBUTE CVPN3000-DHCP-Network-Scope 61 ipaddr +ATTRIBUTE CVPN3000-MS-Client-Icpt-DHCP-Conf-Msg 62 integer +ATTRIBUTE CVPN3000-MS-Client-Subnet-Mask 63 ipaddr +ATTRIBUTE CVPN3000-Allow-Network-Extension-Mode 64 integer +ATTRIBUTE CVPN3000-IPSec-Authorization-Type 65 integer +ATTRIBUTE CVPN3000-IPSec-Authorization-Required 66 integer +ATTRIBUTE CVPN3000-IPSec-DN-Field 67 string +ATTRIBUTE CVPN3000-IPSec-Confidence-Level 68 integer +ATTRIBUTE CVPN3000-WebVPN-Content-Filter 69 integer +ATTRIBUTE CVPN3000-WebVPN-Enable-functions 70 integer +ATTRIBUTE CVPN3000-WebVPN-Exchange-Addr 74 string +ATTRIBUTE CVPN3000-LEAP-Bypass 75 integer +ATTRIBUTE CVPN3000-WebVPN-Exchange-NETBIOS-name 78 string +ATTRIBUTE CVPN3000-Port-Forwarding-Name 79 string +ATTRIBUTE CVPN3000-Partition-Primary-DHCP 128 ipaddr +ATTRIBUTE CVPN3000-Partition-Secondary-DHCP 129 ipaddr +ATTRIBUTE CVPN3000-Partition-Premise-Router 131 ipaddr +ATTRIBUTE CVPN3000-Partition-Max-Sessions 132 integer +ATTRIBUTE CVPN3000-Partition-Mobile-IP-Key 133 string +ATTRIBUTE CVPN3000-Partition-Mobile-IP-Address 134 ipaddr +ATTRIBUTE CVPN3000-Partition-Mobile-IP-SPI 135 integer +ATTRIBUTE CVPN3000-Strip-Realm 136 integer +ATTRIBUTE CVPN3000-Group-Name 137 integer + +VALUE CVPN3000-Allow-Alpha-Only-Passwords Disallow 0 +VALUE CVPN3000-Allow-Alpha-Only-Passwords Allow 1 + +VALUE CVPN3000-SEP-Card-Assignment SEP1 1 +VALUE CVPN3000-SEP-Card-Assignment SEP2 2 +VALUE CVPN3000-SEP-Card-Assignment SEP3 4 +VALUE CVPN3000-SEP-Card-Assignment SEP4 8 +VALUE CVPN3000-SEP-Card-Assignment Any-SEP 15 + +VALUE CVPN3000-Priority-On-SEP High 1 +VALUE CVPN3000-Priority-On-SEP Med-High 2 +VALUE CVPN3000-Priority-On-SEP Medium 3 +VALUE CVPN3000-Priority-On-SEP Med-Low 4 +VALUE CVPN3000-Priority-On-SEP Low 5 + +VALUE CVPN3000-Tunneling-Protocols PPTP 1 +VALUE CVPN3000-Tunneling-Protocols L2TP 2 +VALUE CVPN3000-Tunneling-Protocols IPSec 4 +VALUE CVPN3000-Tunneling-Protocols PPTP-and-IPSec 5 +VALUE CVPN3000-Tunneling-Protocols L2TP/IPSec 8 +VALUE CVPN3000-Tunneling-Protocols All 15 + +VALUE CVPN3000-IPSec-Authentication None 0 +VALUE CVPN3000-IPSec-Authentication RADIUS 1 +VALUE CVPN3000-IPSec-Authentication LDAP 2 +VALUE CVPN3000-IPSec-Authentication NTDomain 3 +VALUE CVPN3000-IPSec-Authentication SDI 4 +VALUE CVPN3000-IPSec-Authentication Internal 5 + +VALUE CVPN3000-IPSec-Allow-Passwd-Store Disallow 0 +VALUE CVPN3000-IPSec-Allow-Passwd-Store Allow 1 + +VALUE CVPN3000-Use-Client-Address Disallow 0 +VALUE CVPN3000-Use-Client-Address Allow 1 + +VALUE CVPN3000-PPTP-Min-Auth-Protocol PAP 1 +VALUE CVPN3000-PPTP-Min-Auth-Protocol CHAP 2 +VALUE CVPN3000-PPTP-Min-Auth-Protocol EAP-MD5 4 +VALUE CVPN3000-PPTP-Min-Auth-Protocol EAP-GTC 8 +VALUE CVPN3000-PPTP-Min-Auth-Protocol EAP-TLS 16 +VALUE CVPN3000-PPTP-Min-Auth-Protocol MSCHAPv1 32 +VALUE CVPN3000-PPTP-Min-Auth-Protocol MSCHAPv2 64 +VALUE CVPN3000-PPTP-Min-Auth-Protocol Default 102 + +VALUE CVPN3000-L2TP-Min-Auth-Protocol PAP 1 +VALUE CVPN3000-L2TP-Min-Auth-Protocol CHAP 2 +VALUE CVPN3000-L2TP-Min-Auth-Protocol EAP-MD5 4 +VALUE CVPN3000-L2TP-Min-Auth-Protocol EAP-GTC 8 +VALUE CVPN3000-L2TP-Min-Auth-Protocol EAP-TLS 16 +VALUE CVPN3000-L2TP-Min-Auth-Protocol MSCHAPv1 32 +VALUE CVPN3000-L2TP-Min-Auth-Protocol MSCHAPv2 64 +VALUE CVPN3000-L2TP-Min-Auth-Protocol Default 102 + +VALUE CVPN3000-PPTP-Encryption PPTP-40bit 2 +VALUE CVPN3000-PPTP-Encryption PPTP-40-Encryption-Req 3 +VALUE CVPN3000-PPTP-Encryption PPTP-128 4 +VALUE CVPN3000-PPTP-Encryption PPTP-128-Encryption-Req 5 +VALUE CVPN3000-PPTP-Encryption PPTP-40-or-128 6 +VALUE CVPN3000-PPTP-Encryption PPTP-40-or-128-Encry-Req 7 +VALUE CVPN3000-PPTP-Encryption PPTP-40-Stateless-Req 10 +VALUE CVPN3000-PPTP-Encryption PPTP-40-Enc/Stateless-Req 11 +VALUE CVPN3000-PPTP-Encryption PPTP-128-Stateless-Req 12 +VALUE CVPN3000-PPTP-Encryption PPTP-128-Enc/Stateless-Req 13 +VALUE CVPN3000-PPTP-Encryption PPTP-40/128-Stateless-Req 14 +VALUE CVPN3000-PPTP-Encryption PPTP-40/128-Enc/Statls-Req 15 + +VALUE CVPN3000-L2TP-Encryption L2TP-40bit 2 +VALUE CVPN3000-L2TP-Encryption L2TP-40-Encryption-Req 3 +VALUE CVPN3000-L2TP-Encryption L2TP-128 4 +VALUE CVPN3000-L2TP-Encryption L2TP-128-Encryption-Req 5 +VALUE CVPN3000-L2TP-Encryption L2TP-40-or-128 6 +VALUE CVPN3000-L2TP-Encryption L2TP-40-or-128-Encry-Req 7 +VALUE CVPN3000-L2TP-Encryption L2TP-40-Stateless-Req 10 +VALUE CVPN3000-L2TP-Encryption L2TP-40-Enc/Stateless-Req 11 +VALUE CVPN3000-L2TP-Encryption L2TP-128-Stateless-Req 12 +VALUE CVPN3000-L2TP-Encryption L2TP-128-Enc/Stateless-Req 13 +VALUE CVPN3000-L2TP-Encryption L2TP-40/128-Stateless-Req 14 +VALUE CVPN3000-L2TP-Encryption L2TP-40/128-Enc/Statls-Req 15 + +VALUE CVPN3000-Auth-Server-Type First-Active-Server 0 +VALUE CVPN3000-Auth-Server-Type RADIUS 1 +VALUE CVPN3000-Auth-Server-Type LDAP 2 +VALUE CVPN3000-Auth-Server-Type NT 3 +VALUE CVPN3000-Auth-Server-Type SDI 4 +VALUE CVPN3000-Auth-Server-Type Internal 5 + +VALUE CVPN3000-IPSec-LTL-Keepalives OFF 0 +VALUE CVPN3000-IPSec-LTL-Keepalives ON 1 + +VALUE CVPN3000-IPSec-Tunnel-Type LAN-to-LAN 1 +VALUE CVPN3000-IPSec-Tunnel-Type Remote-Access 2 + +VALUE CVPN3000-IPSec-Mode-Config ON 1 +VALUE CVPN3000-IPSec-Mode-Config OFF 0 + +VALUE CVPN3000-IPSec-User-Group-Lock OFF 0 +VALUE CVPN3000-IPSec-User-Group-Lock ON 1 + +VALUE CVPN3000-IPSec-Over-UDP OFF 0 +VALUE CVPN3000-IPSec-Over-UDP ON 1 + +VALUE CVPN3000-Strip-Realm FALSE 0 +VALUE CVPN3000-Strip-Realm TRUE 1 + +END-VENDOR Cisco-VPN3000 diff --git a/freeradius/dict/dictionary.cisco.vpn5000 b/freeradius/dict/dictionary.cisco.vpn5000 new file mode 100644 index 0000000..3758e2c --- /dev/null +++ b/freeradius/dict/dictionary.cisco.vpn5000 @@ -0,0 +1,19 @@ +# -*- text -*- +# +# Cisco VPN 5000 Concentrator Dictionary +# +# http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/csnt30/user/ad.htm +# +# $Id$ +# +VENDOR Cisco-VPN5000 255 + +BEGIN-VENDOR Cisco-VPN5000 +ATTRIBUTE CVPN5000-Tunnel-Throughput 1 integer +ATTRIBUTE CVPN5000-Client-Assigned-IP 2 string +ATTRIBUTE CVPN5000-Client-Real-IP 3 string +ATTRIBUTE CVPN5000-VPN-GroupInfo 4 string +ATTRIBUTE CVPN5000-VPN-Password 5 string +ATTRIBUTE CVPN5000-Echo 6 integer +ATTRIBUTE CVPN5000-Client-Assigned-IPX 7 integer +END-VENDOR Cisco-VPN5000 diff --git a/freeradius/dict/dictionary.clavister b/freeradius/dict/dictionary.clavister new file mode 100644 index 0000000..a21fec7 --- /dev/null +++ b/freeradius/dict/dictionary.clavister @@ -0,0 +1,19 @@ +# -*- text -*- +############################################################################## +# +# Clavister VSAs +# +# $Id$ +# +############################################################################## + +VENDOR Clavister 5089 + +# +# User group attribute +# +BEGIN-VENDOR Clavister + +ATTRIBUTE Clavister-User-Group 1 string + +END-VENDOR Clavister diff --git a/freeradius/dict/dictionary.colubris b/freeradius/dict/dictionary.colubris new file mode 100644 index 0000000..70913d4 --- /dev/null +++ b/freeradius/dict/dictionary.colubris @@ -0,0 +1,13 @@ +# -*- text -*- +# Colubris dictionary - dictionary.colubris +# +VENDOR Colubris 8744 +# +# Vendor-specific attributes +# +BEGIN-VENDOR Colubris + +ATTRIBUTE Colubris-AVPair 0 string +ATTRIBUTE Colubris-Intercept 1 integer + +END-VENDOR Colubris diff --git a/freeradius/dict/dictionary.columbia_university b/freeradius/dict/dictionary.columbia_university new file mode 100644 index 0000000..fff9465 --- /dev/null +++ b/freeradius/dict/dictionary.columbia_university @@ -0,0 +1,24 @@ +# -*- text -*- +VALUE Service-Type Sip-session 12 + +# Columbia University VSAs, from: +# +# http://www.cs.columbia.edu/IRT/cinema/release/radius_notes.html +# +# $Id$ +# +VENDOR Columbia-University 11862 + +BEGIN-VENDOR Columbia-University + +ATTRIBUTE Sip-Method 0 integer +ATTRIBUTE Sip-From 1 string +ATTRIBUTE Sip-To 2 string +ATTRIBUTE Sip-Translated-Request-URI 4 string + +VALUE Sip-Method INVITE 0 +VALUE Sip-Method BYE 1 +VALUE Sip-Method REGISTER 2 +VALUE Sip-Method OTHER 3 + +END-VENDOR Columbia-University diff --git a/freeradius/dict/dictionary.compat b/freeradius/dict/dictionary.compat new file mode 100644 index 0000000..34bed08 --- /dev/null +++ b/freeradius/dict/dictionary.compat @@ -0,0 +1,39 @@ +# -*- text -*- +# +# Obsolete names for backwards compatibility with older users files. +# Move the $INCLUDE in the main dictionary file to the end if you want +# these names to be used in the "details" logfile. +# +ATTRIBUTE Password 2 string encrypt=1 +ATTRIBUTE Client-Id 4 ipaddr +ATTRIBUTE Client-Port-Id 5 integer +ATTRIBUTE User-Service-Type 6 integer +ATTRIBUTE Framed-Address 8 ipaddr +ATTRIBUTE Framed-Netmask 9 ipaddr +ATTRIBUTE Framed-Filter-Id 11 string +ATTRIBUTE Login-Host 14 ipaddr +ATTRIBUTE Login-Port 16 integer +ATTRIBUTE Old-Password 17 string +ATTRIBUTE Port-Message 18 string +ATTRIBUTE Dialback-No 19 string +ATTRIBUTE Dialback-Name 20 string +ATTRIBUTE Challenge-State 24 string +VALUE Framed-Compression Van-Jacobsen-TCP-IP 1 +VALUE Framed-Compression VJ-TCP-IP 1 +VALUE Service-Type Shell-User 6 +VALUE Auth-Type Unix 1 +VALUE Service-Type Dialback-Login-User 3 +VALUE Service-Type Dialback-Framed-User 4 + +# +# For compatibility with MERIT users files. +# +ATTRIBUTE Login-Callback-Number 19 string +ATTRIBUTE Framed-Callback-Id 20 string +ATTRIBUTE Client-Port-DNIS 30 string +ATTRIBUTE Caller-ID 31 string +VALUE Service-Type Login 1 +VALUE Service-Type Framed 2 +VALUE Service-Type Callback-Login 3 +VALUE Service-Type Callback-Framed 4 +VALUE Service-Type Exec-User 7 diff --git a/freeradius/dict/dictionary.coova b/freeradius/dict/dictionary.coova new file mode 100644 index 0000000..956715c --- /dev/null +++ b/freeradius/dict/dictionary.coova @@ -0,0 +1,14 @@ +# +# Coova dictionary. +# +# Enable by putting the line "$INCLUDE dictionary.coova" +# into the main dictionary file. +# + +VENDOR Coova 31515 +ATTRIBUTE Coova-Request 1 string Coova +ATTRIBUTE Coova-Response 2 string Coova +ATTRIBUTE Coova-Config 3 string Coova +ATTRIBUTE Coova-AP-Config 4 string Coova +ATTRIBUTE Coova-Session-Id 5 string Coova +ATTRIBUTE Coova-Parent-Session-Id 6 string Coova diff --git a/freeradius/dict/dictionary.cosine b/freeradius/dict/dictionary.cosine new file mode 100644 index 0000000..31c7297 --- /dev/null +++ b/freeradius/dict/dictionary.cosine @@ -0,0 +1,23 @@ +# -*- text -*- +############################################################################## +# +# Cosine IPSX Dictionary +# +# $Id$ +# +############################################################################## + +VENDOR Cosine 3085 + +BEGIN-VENDOR Cosine + +ATTRIBUTE Cosine-Connection-Profile-Name 1 string +ATTRIBUTE Cosine-Enterprise-ID 2 string +ATTRIBUTE Cosine-Address-Pool-Name 3 string +ATTRIBUTE Cosine-DS-Byte 4 integer +ATTRIBUTE Cosine-VPI-VCI 5 octets +ATTRIBUTE Cosine-DLCI 6 integer +ATTRIBUTE Cosine-LNS-IP-Address 7 ipaddr +ATTRIBUTE Cosine-CLI-User-Permission-ID 8 string + +END-VENDOR Cosine diff --git a/freeradius/dict/dictionary.dhcp b/freeradius/dict/dictionary.dhcp new file mode 100644 index 0000000..3f95c2e --- /dev/null +++ b/freeradius/dict/dictionary.dhcp @@ -0,0 +1,420 @@ +# -*- text -*- +############################################################################## +# +# DHCP to RADUS gateway dictionary. +# +# http://www.iana.org/assignments/bootp-dhcp-parameters +# +# Also http://www.networksorcery.com/enp/protocol/bootp/options.htm +# +# http://www.bind9.net/rfc-dhcp +# +# $Id$ +# +############################################################################## + +# + +# This is really Apollo's number, but since they're out of business, +# I don't think they'll be needing this. +# +# HP owns the Apollo assets, but let's not worry about that. +# +# The vendor codes are 2 octets, because we need 256 numbers +# for the base DHCP options, PLUS a few for the DHCP headers, +# which aren't in option format. +# +# On top of that, a number of options are really TLV's. +# We need to be able to understand them, too. +# +VENDOR DHCP 54 format=2,1 + +BEGIN-VENDOR DHCP + +ATTRIBUTE DHCP-Opcode 256 byte +ATTRIBUTE DHCP-Hardware-Type 257 byte +ATTRIBUTE DHCP-Hardware-Address-Length 258 byte +ATTRIBUTE DHCP-Hop-Count 259 byte +ATTRIBUTE DHCP-Transaction-Id 260 integer +ATTRIBUTE DHCP-Number-of-Seconds 261 short +ATTRIBUTE DHCP-Flags 262 short +ATTRIBUTE DHCP-Client-IP-Address 263 ipaddr +ATTRIBUTE DHCP-Your-IP-Address 264 ipaddr +ATTRIBUTE DHCP-Server-IP-Address 265 ipaddr +ATTRIBUTE DHCP-Gateway-IP-Address 266 ipaddr +ATTRIBUTE DHCP-Client-Hardware-Address 267 ether # 16 octets +ATTRIBUTE DHCP-Server-Host-Name 268 string # 64 octets +ATTRIBUTE DHCP-Boot-Filename 269 string # 128 octets + +VALUE DHCP-Flags Broadcast 0x8000 + + +VALUE DHCP-Hardware-Type Ethernet 1 +VALUE DHCP-Hardware-Type Experiemental-Ethernet 2 +VALUE DHCP-Hardware-Type AX.25 3 +VALUE DHCP-Hardware-Type Proteon-Token-Ring 4 +VALUE DHCP-Hardware-Type Chaos 5 +VALUE DHCP-Hardware-Type IEEE-802 6 +VALUE DHCP-Hardware-Type Arcnet 7 +VALUE DHCP-Hardware-Type Hyperchannel 8 +VALUE DHCP-Hardware-Type Lanstar 9 +VALUE DHCP-Hardware-Type Autonet-Short-Address 10 +VALUE DHCP-Hardware-Type LocalTalk 11 +VALUE DHCP-Hardware-Type LocalNet 12 +VALUE DHCP-Hardware-Type Ultra-Link 13 +VALUE DHCP-Hardware-Type SMDS 14 +VALUE DHCP-Hardware-Type Frame-Relay 15 +VALUE DHCP-Hardware-Type ATM-16 16 +VALUE DHCP-Hardware-Type HDLC 17 +VALUE DHCP-Hardware-Type Fibre-Channel 18 +VALUE DHCP-Hardware-Type ATM-19 19 +VALUE DHCP-Hardware-Type Serial-Line 20 +VALUE DHCP-Hardware-Type ATM-21 21 +VALUE DHCP-Hardware-Type MIL-STD-188-220 22 +VALUE DHCP-Hardware-Type Metricom 23 +VALUE DHCP-Hardware-Type IEEE-1394 24 +VALUE DHCP-Hardware-Type MAPOS 25 +VALUE DHCP-Hardware-Type Twinaxial 26 +VALUE DHCP-Hardware-Type EUI-64 27 +VALUE DHCP-Hardware-Type HIPARP 28 +VALUE DHCP-Hardware-Type IP-Over-ISO-7816-3 29 +VALUE DHCP-Hardware-Type ARPSec 30 +VALUE DHCP-Hardware-Type IPSec-Tunnel 31 +VALUE DHCP-Hardware-Type Infiniband 32 +VALUE DHCP-Hardware-Type CAI-TIA-102 33 + +############################################################################## +# +# DHCP Options, with comments. For now, many are as FreeRADIUS +# doesn't handle MAC addresses natively. +# +############################################################################## + +#ATTRIBUTE DHCP-Pad 0 octets +ATTRIBUTE DHCP-Subnet-Mask 1 ipaddr +# Time Offset in +ATTRIBUTE DHCP-Time-Offset 2 octets +ATTRIBUTE DHCP-Router-Address 3 ipaddr array +ATTRIBUTE DHCP-Time-Server 4 ipaddr array +ATTRIBUTE DHCP-IEN-116-Name-Server 5 ipaddr array +ATTRIBUTE DHCP-Domain-Name-Server 6 ipaddr array +# Logging-Server addresses +ATTRIBUTE DHCP-Log-Server 7 ipaddr array +ATTRIBUTE DHCP-Quotes-Server 8 ipaddr array +ATTRIBUTE DHCP-LPR-Server 9 ipaddr array +ATTRIBUTE DHCP-Impress-Server 10 ipaddr array +ATTRIBUTE DHCP-RLP-Server 11 ipaddr array +# Hostname string +ATTRIBUTE DHCP-Hostname 12 string +# Size of boot file in 512 byte +ATTRIBUTE DHCP-Boot-File-Size 13 short +# Client to dump and name +ATTRIBUTE DHCP-Merit-Dump-File 14 octets +ATTRIBUTE DHCP-Domain-Name 15 string +ATTRIBUTE DHCP-Swap-Server 16 ipaddr +# Path name for root disk +ATTRIBUTE DHCP-Root-Path 17 string +ATTRIBUTE DHCP-Bootp-Extensions-Path 18 string +ATTRIBUTE DHCP-IP-Forward-Enable 19 byte +ATTRIBUTE DHCP-Source-Route-Enable 20 byte +# Routing Policy Filters +ATTRIBUTE DHCP-Policy-Filter 21 octets +ATTRIBUTE DHCP-Max-Datagram-Reassembly-Sz 22 short +ATTRIBUTE DHCP-Default-IP-TTL 23 octets +ATTRIBUTE DHCP-Path-MTU-Aging-Timeout 24 integer +ATTRIBUTE DHCP-Path-MTU-Plateau-Table 25 short array +ATTRIBUTE DHCP-Interface-MTU-Size 26 short +ATTRIBUTE DHCP-All-Subnets-Are-Local 27 byte +ATTRIBUTE DHCP-Broadcast-Address 28 ipaddr +ATTRIBUTE DHCP-Perform-Mask-Discovery 29 byte +ATTRIBUTE DHCP-Provide-Mask-To-Others 30 byte +ATTRIBUTE DHCP-Perform-Router-Discovery 31 byte +ATTRIBUTE DHCP-Router-Solicitation-Address 32 ipaddr +# first is destination address, second is router. +ATTRIBUTE DHCP-Static-Routes 33 ipaddr array +ATTRIBUTE DHCP-Trailer-Encapsulation 34 byte +ATTRIBUTE DHCP-ARP-Cache-Timeout 35 integer +ATTRIBUTE DHCP-Ethernet-Encapsulation 36 byte +ATTRIBUTE DHCP-Default-TCP-TTL 37 byte +ATTRIBUTE DHCP-Keep-Alive-Interval 38 integer +ATTRIBUTE DHCP-Keep-Alive-Garbage 39 byte +ATTRIBUTE DHCP-NIS-Domain-Name 40 string +ATTRIBUTE DHCP-NIS-Servers 41 ipaddr array +ATTRIBUTE DHCP-NTP-Servers 42 ipaddr array +# N Vendor Specific Information +ATTRIBUTE DHCP-Vendor 43 octets # tlv +ATTRIBUTE DHCP-NETBIOS-Name-Servers 44 ipaddr array +ATTRIBUTE DHCP-NETBIOS-Dgm-Dist-Servers 45 ipaddr array +ATTRIBUTE DHCP-NETBIOS-Node-Type 46 byte +# N NETBIOS Scope +ATTRIBUTE DHCP-NETBIOS 47 octets +ATTRIBUTE DHCP-X-Window-Font-Server 48 ipaddr array +ATTRIBUTE DHCP-X-Window-Display-Mgr 49 ipaddr array +ATTRIBUTE DHCP-Requested-IP-Address 50 ipaddr +ATTRIBUTE DHCP-IP-Address-Lease-Time 51 integer +# Overload "sname" or "file" +ATTRIBUTE DHCP-Overload 52 byte +ATTRIBUTE DHCP-Message-Type 53 byte +ATTRIBUTE DHCP-DHCP-Server-Identifier 54 ipaddr + +# Array of 1-byte numbers indicating which options the client +# would like to see in the response. +ATTRIBUTE DHCP-Parameter-Request-List 55 byte array +ATTRIBUTE DHCP-DHCP-Error-Message 56 octets +ATTRIBUTE DHCP-DHCP-Maximum-Msg-Size 57 short +ATTRIBUTE DHCP-Renewal-Time 58 integer +ATTRIBUTE DHCP-Rebinding-Time 59 integer +ATTRIBUTE DHCP-Vendor-Class-Identifier 60 string + +# Client Identifier +# First octets is DHCP-Hardware-Type, rest are type-specific data, +# e.g. MAC address. +ATTRIBUTE DHCP-Client-Identifier 61 octets +ATTRIBUTE DHCP-Netware-Domain-Name 62 octets +ATTRIBUTE DHCP-Netware-Sub-Options 63 octets +ATTRIBUTE DHCP-NIS-Client-Domain-Name 64 octets +ATTRIBUTE DHCP-NIS-Server-Address 65 ipaddr +ATTRIBUTE DHCP-TFTP-Server-Name 66 string +ATTRIBUTE DHCP-Boot-File-Name 67 string +# Home Agent Addresses +ATTRIBUTE DHCP-Home-Agent-Address 68 octets +ATTRIBUTE DHCP-SMTP-Server-Address 69 ipaddr array +ATTRIBUTE DHCP-POP3-Server-Address 70 ipaddr array +ATTRIBUTE DHCP-NNTP-Server-Address 71 ipaddr array +ATTRIBUTE DHCP-WWW-Server-Address 72 ipaddr array +ATTRIBUTE DHCP-Finger-Server-Address 73 ipaddr array +ATTRIBUTE DHCP-IRC-Server-Address 74 ipaddr array +ATTRIBUTE DHCP-StreetTalk-Server-Address 75 ipaddr array +ATTRIBUTE DHCP-STDA-Server-Address 76 ipaddr array +# User Class Information +ATTRIBUTE DHCP-User-Class 77 octets +# directory agent information +ATTRIBUTE DHCP-Directory-Agent 78 octets +# service location agent scope +ATTRIBUTE DHCP-Service-Scope 79 octets +# Rapid Commit +ATTRIBUTE DHCP-Rapid-Commit 80 octets +# Fully Qualified Domain Name +ATTRIBUTE DHCP-Client-FQDN 81 string +# Relay Agent Information +ATTRIBUTE DHCP-Relay-Agent-Information 82 octets # tlv +# Internet Storage Name Service +ATTRIBUTE DHCP-iSNS 83 octets +# Novell Directory Services +ATTRIBUTE DHCP-NDS-Servers 85 octets +# Novell Directory Services +ATTRIBUTE DHCP-NDS-Tree-Name 86 octets +# Novell Directory Services +ATTRIBUTE DHCP-NDS-Context 87 octets +# Authentication +ATTRIBUTE DHCP-Authentication 90 octets + +ATTRIBUTE DHCP-Client-Last-Txn-Time 91 octets + +ATTRIBUTE DHCP-associated-ip 92 octets +# Client System Architecture +ATTRIBUTE DHCP-Client-System 93 octets +# Client Network Device Interface +ATTRIBUTE DHCP-Client-NDI 94 octets +# Lightweight Directory Access Protocol +ATTRIBUTE DHCP-LDAP 95 octets +# UUID/GUID-based Client Identifier +ATTRIBUTE DHCP-UUID/GUID 97 octets +# Open Group's User Authentication +ATTRIBUTE DHCP-User-Auth 98 octets +# NetInfo Parent-Server Address +ATTRIBUTE DHCP-Netinfo-Address 112 octets +# NetInfo Parent-Server Tag +ATTRIBUTE DHCP-Netinfo-Tag 113 octets +# URL +ATTRIBUTE DHCP-URL 114 octets +# DHCP Auto-Configuration +ATTRIBUTE DHCP-Auto-Config 116 byte +# Name Service Search +ATTRIBUTE DHCP-Name-Service-Search 117 octets +# Subnet Selection Option +ATTRIBUTE DHCP-Subnet-Selection-Option 118 octets +# DNS domain serach list +ATTRIBUTE DHCP-Domain-Search 119 octets +# SIP-Servers DHCP Option +ATTRIBUTE DHCP-SIP-Servers-DHCP-Option 120 octets +# Classless Static Route Option +ATTRIBUTE DHCP-Classless-Static-Route 121 octets +# CableLabs Client Configuration +ATTRIBUTE DHCP-CCC 122 octets +# 16 GeoConf Option +ATTRIBUTE DHCP-GeoConf-Option 123 octets + +# Vendor Class +# +# String name that defines the vendor space used for the TLV's +# in option 125. +# +ATTRIBUTE DHCP-V-I-Vendor-Class 124 octets +# Vendor-Specific +ATTRIBUTE DHCP-V-I-Vendor-Specific 125 octets # tlv +# 6 bytes: E4:45:74:68:00:00 +ATTRIBUTE DHCP-Etherboot 128 octets +# (for IP Phone software load) +ATTRIBUTE DHCP-TFTP-Server-IP-Address 128 octets + +ATTRIBUTE DHCP-Call-Server-IP-address 129 octets + +ATTRIBUTE DHCP-Ethernet-Interface 130 octets + +ATTRIBUTE DHCP-Vendor-Discrimination-Str 130 octets + +ATTRIBUTE DHCP-Remote-Stats-Svr-IP-Address 131 octets + +ATTRIBUTE DHCP-IEEE-802.1Q-L2-Priority 132 octets + +ATTRIBUTE DHCP-IEEE-802.1P-VLAN-ID 133 octets + +ATTRIBUTE DHCP-Diffserv-Code-Point 134 octets + +ATTRIBUTE DHCP-HTTP-Proxy 135 octets + +ATTRIBUTE DHCP-EAP-Message 254 octets + +ATTRIBUTE DHCP-End-Of-Options 255 byte + +VALUE DHCP-Opcode Client-Message 1 +VALUE DHCP-Opcode Server-Message 2 + +VALUE DHCP-Message-Type DHCP-Discover 1 +VALUE DHCP-Message-Type DHCP-Offer 2 +VALUE DHCP-Message-Type DHCP-Request 3 +VALUE DHCP-Message-Type DHCP-Decline 4 +VALUE DHCP-Message-Type DHCP-Ack 5 +VALUE DHCP-Message-Type DHCP-NAK 6 +VALUE DHCP-Message-Type DHCP-Release 7 +VALUE DHCP-Message-Type DHCP-Inform 8 +VALUE DHCP-Message-Type DHCP-Force-Renew 9 +VALUE DHCP-Message-Type DHCP-EAP 254 + +VALUE DHCP-Parameter-Request-List DHCP-Subnet-Mask 1 +VALUE DHCP-Parameter-Request-List DHCP-Time-Offset 2 +VALUE DHCP-Parameter-Request-List DHCP-Router-Address 3 +VALUE DHCP-Parameter-Request-List DHCP-Time-Server 4 +VALUE DHCP-Parameter-Request-List DHCP-IEN-116-Name-Server 5 +VALUE DHCP-Parameter-Request-List DHCP-Domain-Name-Server 6 +VALUE DHCP-Parameter-Request-List DHCP-Log-Server 7 +VALUE DHCP-Parameter-Request-List DHCP-Quotes-Server 8 +VALUE DHCP-Parameter-Request-List DHCP-LPR-Server 9 +VALUE DHCP-Parameter-Request-List DHCP-Impress-Server 10 +VALUE DHCP-Parameter-Request-List DHCP-RLP-Server 11 +VALUE DHCP-Parameter-Request-List DHCP-Hostname 12 +VALUE DHCP-Parameter-Request-List DHCP-Boot-File-Size 13 +VALUE DHCP-Parameter-Request-List DHCP-Merit-Dump-File 14 +VALUE DHCP-Parameter-Request-List DHCP-Domain-Name 15 +VALUE DHCP-Parameter-Request-List DHCP-Swap-Server 16 +VALUE DHCP-Parameter-Request-List DHCP-Root-Path 17 +VALUE DHCP-Parameter-Request-List DHCP-Bootp-Extensions-Path 18 +VALUE DHCP-Parameter-Request-List DHCP-IP-Forward-Enable 19 +VALUE DHCP-Parameter-Request-List DHCP-Source-Route-Enable 20 +VALUE DHCP-Parameter-Request-List DHCP-Policy-Filter 21 +VALUE DHCP-Parameter-Request-List DHCP-Max-Datagram-Reassembly-Sz 22 +VALUE DHCP-Parameter-Request-List DHCP-Default-IP-TTL 23 +VALUE DHCP-Parameter-Request-List DHCP-Path-MTU-Aging-Timeout 24 +VALUE DHCP-Parameter-Request-List DHCP-Path-MTU-Plateau-Table 25 +VALUE DHCP-Parameter-Request-List DHCP-Interface-MTU-Size 26 +VALUE DHCP-Parameter-Request-List DHCP-All-Subnets-Are-Local 27 +VALUE DHCP-Parameter-Request-List DHCP-Broadcast-Address 28 +VALUE DHCP-Parameter-Request-List DHCP-Perform-Mask-Discovery 29 +VALUE DHCP-Parameter-Request-List DHCP-Provide-Mask-To-Others 30 +VALUE DHCP-Parameter-Request-List DHCP-Perform-Router-Discovery 31 +VALUE DHCP-Parameter-Request-List DHCP-Router-Solicitation-Address 32 +VALUE DHCP-Parameter-Request-List DHCP-Static-Routes 33 +VALUE DHCP-Parameter-Request-List DHCP-Trailer-Encapsulation 34 +VALUE DHCP-Parameter-Request-List DHCP-ARP-Cache-Timeout 35 +VALUE DHCP-Parameter-Request-List DHCP-Ethernet-Encapsulation 36 +VALUE DHCP-Parameter-Request-List DHCP-Default-TCP-TTL 37 +VALUE DHCP-Parameter-Request-List DHCP-Keep-Alive-Interval 38 +VALUE DHCP-Parameter-Request-List DHCP-Keep=Alive-Garbage 39 +VALUE DHCP-Parameter-Request-List DHCP-NIS-Domain-Name 40 +VALUE DHCP-Parameter-Request-List DHCP-NIS-Servers 41 +VALUE DHCP-Parameter-Request-List DHCP-NTP-Servers 42 +VALUE DHCP-Parameter-Request-List DHCP-Vendor 43 +VALUE DHCP-Parameter-Request-List DHCP-NETBIOS-Name-Servers 44 +VALUE DHCP-Parameter-Request-List DHCP-NETBIOS-Dgm-Dist-Servers 45 +VALUE DHCP-Parameter-Request-List DHCP-NETBIOS-Node-Type 46 +VALUE DHCP-Parameter-Request-List DHCP-NETBIOS 47 +VALUE DHCP-Parameter-Request-List DHCP-X-Window-Font-Server 48 +VALUE DHCP-Parameter-Request-List DHCP-X-Window-Display-Mgr 49 +VALUE DHCP-Parameter-Request-List DHCP-Requested-IP-Address 50 +VALUE DHCP-Parameter-Request-List DHCP-IP-Address-Lease-Time 51 +VALUE DHCP-Parameter-Request-List DHCP-Overload 52 +VALUE DHCP-Parameter-Request-List DHCP-Message-Type 53 +VALUE DHCP-Parameter-Request-List DHCP-DHCP-Server-Identifier 54 +VALUE DHCP-Parameter-Request-List DHCP-Parameter-Request-List 55 +VALUE DHCP-Parameter-Request-List DHCP-DHCP-Error-Message 56 +VALUE DHCP-Parameter-Request-List DHCP-DHCP-Maximum-Msg-Size 57 +VALUE DHCP-Parameter-Request-List DHCP-Renewal-Time 58 +VALUE DHCP-Parameter-Request-List DHCP-Rebinding-Time 59 +VALUE DHCP-Parameter-Request-List DHCP-Class-Identifier 60 +VALUE DHCP-Parameter-Request-List DHCP-Client-Identifier 61 +VALUE DHCP-Parameter-Request-List DHCP-Netware-Domain-Name 62 +VALUE DHCP-Parameter-Request-List DHCP-Netware-Sub-Options 63 +VALUE DHCP-Parameter-Request-List DHCP-NIS-Client-Domain-Name 64 +VALUE DHCP-Parameter-Request-List DHCP-NIS-Server-Address 65 +VALUE DHCP-Parameter-Request-List DHCP-TFTP-Server-Name 66 +VALUE DHCP-Parameter-Request-List DHCP-Boot-File-Name 67 +VALUE DHCP-Parameter-Request-List DHCP-Home-Agent-Address 68 +VALUE DHCP-Parameter-Request-List DHCP-SMTP-Server-Address 69 +VALUE DHCP-Parameter-Request-List DHCP-POP3-Server-Address 70 +VALUE DHCP-Parameter-Request-List DHCP-NNTP-Server-Address 71 +VALUE DHCP-Parameter-Request-List DHCP-WWW-Server-Address 72 +VALUE DHCP-Parameter-Request-List DHCP-Finger-Server-Address 73 +VALUE DHCP-Parameter-Request-List DHCP-IRC-Server-Address 74 +VALUE DHCP-Parameter-Request-List DHCP-StreetTalk-Server-Address 75 +VALUE DHCP-Parameter-Request-List DHCP-STDA-Server-Address 76 +VALUE DHCP-Parameter-Request-List DHCP-User-Class 77 +VALUE DHCP-Parameter-Request-List DHCP-Directory-Agent 78 +VALUE DHCP-Parameter-Request-List DHCP-Service-Scope 79 +VALUE DHCP-Parameter-Request-List DHCP-Rapid-Commit 80 +VALUE DHCP-Parameter-Request-List DHCP-Client-FQDN 81 +VALUE DHCP-Parameter-Request-List DHCP-Relay-Agent-Information 82 +VALUE DHCP-Parameter-Request-List DHCP-iSNS 83 +VALUE DHCP-Parameter-Request-List DHCP-NDS-Servers 85 +VALUE DHCP-Parameter-Request-List DHCP-NDS-Tree-Name 86 +VALUE DHCP-Parameter-Request-List DHCP-NDS-Context 87 +VALUE DHCP-Parameter-Request-List DHCP-Authentication 90 +VALUE DHCP-Parameter-Request-List DHCP-Client-Last-Txn-Time 91 +VALUE DHCP-Parameter-Request-List DHCP-associated-ip 92 +VALUE DHCP-Parameter-Request-List DHCP-Client-System 93 +VALUE DHCP-Parameter-Request-List DHCP-Client-NDI 94 +VALUE DHCP-Parameter-Request-List DHCP-LDAP 95 +VALUE DHCP-Parameter-Request-List DHCP-UUID/GUID 97 +VALUE DHCP-Parameter-Request-List DHCP-User-Auth 98 +VALUE DHCP-Parameter-Request-List DHCP-Netinfo-Address 112 +VALUE DHCP-Parameter-Request-List DHCP-Netinfo-Tag 113 +VALUE DHCP-Parameter-Request-List DHCP-URL 114 +VALUE DHCP-Parameter-Request-List DHCP-Auto-Config 116 +VALUE DHCP-Parameter-Request-List DHCP-Name-Service-Search 117 +VALUE DHCP-Parameter-Request-List DHCP-Subnet-Selection-Option 118 +VALUE DHCP-Parameter-Request-List DHCP-Domain-Search 119 +VALUE DHCP-Parameter-Request-List DHCP-SIP-Servers-DHCP-Option 120 +VALUE DHCP-Parameter-Request-List DHCP-Classless-Static-Route 121 +VALUE DHCP-Parameter-Request-List DHCP-CCC 122 +VALUE DHCP-Parameter-Request-List DHCP-GeoConf-Option 123 +VALUE DHCP-Parameter-Request-List DHCP-V-I-Vendor-Class 124 +VALUE DHCP-Parameter-Request-List DHCP-V-I-Vendor-Specific 125 +VALUE DHCP-Parameter-Request-List DHCP-Etherboot 128 +VALUE DHCP-Parameter-Request-List DHCP-TFTP-Server-IP-Address 128 +VALUE DHCP-Parameter-Request-List DHCP-Call-Server-IP-address 129 +VALUE DHCP-Parameter-Request-List DHCP-Ethernet-Interface 130 +VALUE DHCP-Parameter-Request-List DHCP-Vendor-Discrimination-Str 130 +VALUE DHCP-Parameter-Request-List DHCP-Remote-Stats-Svr-IP-Address 131 +VALUE DHCP-Parameter-Request-List DHCP-IEEE-802.1P-VLAN-ID 132 +VALUE DHCP-Parameter-Request-List DHCP-IEEE-802.1Q-L2-Priority 133 +VALUE DHCP-Parameter-Request-List DHCP-Diffserv-Code-Point 134 +VALUE DHCP-Parameter-Request-List DHCP-HTTP-Proxy 135 + +# +# Don't pay too much attention to these values. They will be fixed +# in a future release. +# +ATTRIBUTE DHCP-Agent-Circuit-Id 0x0152 octets +ATTRIBUTE DHCP-Agent-Remote-Id 0x0252 octets + +END-VENDOR DHCP diff --git a/freeradius/dict/dictionary.digest b/freeradius/dict/dictionary.digest new file mode 100644 index 0000000..777b79f --- /dev/null +++ b/freeradius/dict/dictionary.digest @@ -0,0 +1,16 @@ +# As defined in draft-sterman-aaa-sip-00.txt +ATTRIBUTE Digest-Response 206 string +ATTRIBUTE Digest-Attributes 207 octets # stupid format + +BEGIN-SUB-ATTR Digest-Attributes +ATTRIBUTE Digest-Realm 1 string +ATTRIBUTE Digest-Nonce 2 string +ATTRIBUTE Digest-Method 3 string +ATTRIBUTE Digest-URI 4 string +ATTRIBUTE Digest-QOP 5 string +ATTRIBUTE Digest-Algorithm 6 string +ATTRIBUTE Digest-Body-Digest 7 string +ATTRIBUTE Digest-CNonce 8 string +ATTRIBUTE Digest-Nonce-Count 9 string +ATTRIBUTE Digest-User-Name 10 string +END-SUB-ATTR diff --git a/freeradius/dict/dictionary.digium b/freeradius/dict/dictionary.digium new file mode 100644 index 0000000..edf8564 --- /dev/null +++ b/freeradius/dict/dictionary.digium @@ -0,0 +1,36 @@ +# -*- text -*- +############################################################################## +# +# Digium's Asterisk specific radius attributes +# markster@digium.com +# +# http://bugs.digium.com/file_download.php\?file_id=9688\&type=bug +# +# $Id$ +# +############################################################################## + +VENDOR Digium 22736 + +BEGIN-VENDOR Digium + +ATTRIBUTE Asterisk-Acc-Code 101 string +ATTRIBUTE Asterisk-Src 102 string +ATTRIBUTE Asterisk-Dst 103 string +ATTRIBUTE Asterisk-Dst-Ctx 104 string +ATTRIBUTE Asterisk-Clid 105 string +ATTRIBUTE Asterisk-Chan 106 string +ATTRIBUTE Asterisk-Dst-Chan 107 string +ATTRIBUTE Asterisk-Last-App 108 string +ATTRIBUTE Asterisk-Last-Data 109 string +ATTRIBUTE Asterisk-Start-Time 110 string +ATTRIBUTE Asterisk-Answer-Time 111 string +ATTRIBUTE Asterisk-End-Time 112 string +ATTRIBUTE Asterisk-Duration 113 integer +ATTRIBUTE Asterisk-Bill-Sec 114 integer +ATTRIBUTE Asterisk-Disposition 115 string +ATTRIBUTE Asterisk-AMA-Flags 116 string +ATTRIBUTE Asterisk-Unique-ID 117 string +ATTRIBUTE Asterisk-User-Field 118 string + +END-VENDOR Digium diff --git a/freeradius/dict/dictionary.epygi b/freeradius/dict/dictionary.epygi new file mode 100644 index 0000000..dfb17e3 --- /dev/null +++ b/freeradius/dict/dictionary.epygi @@ -0,0 +1,118 @@ +# -*- text -*- +# +# dictionary.Epygi +# + +VENDOR Epygi 16459 + +# +# Standard attribute +# +BEGIN-VENDOR Epygi + +ATTRIBUTE Epygi-AVPair 1 string +ATTRIBUTE Epygi-NAS-Port 2 string + +# +# Voice over IP attributes. +# +ATTRIBUTE Epygi-h323-remote-address 23 string +ATTRIBUTE Epygi-h323-conf-id 24 string +ATTRIBUTE Epygi-h323-setup-time 25 string +ATTRIBUTE Epygi-h323-call-origin 26 string +ATTRIBUTE Epygi-h323-call-type 27 string +ATTRIBUTE Epygi-h323-connect-time 28 string +ATTRIBUTE Epygi-h323-disconnect-time 29 string +ATTRIBUTE Epygi-h323-disconnect-cause 30 string +ATTRIBUTE Epygi-h323-voice-quality 31 string +ATTRIBUTE Epygi-h323-gw-id 33 string +ATTRIBUTE Epygi-h323-incoming-conf-id 35 string + +ATTRIBUTE Epygi-h323-credit-amount 101 string +ATTRIBUTE Epygi-h323-credit-time 102 string +ATTRIBUTE Epygi-h323-return-code 103 string +ATTRIBUTE Epygi-h323-prompt-id 104 string +ATTRIBUTE Epygi-h323-time-and-day 105 string +ATTRIBUTE Epygi-h323-redirect-number 106 string +ATTRIBUTE Epygi-h323-preferred-lang 107 string +ATTRIBUTE Epygi-h323-redirect-ip-address 108 string +ATTRIBUTE Epygi-h323-billing-model 109 string +ATTRIBUTE Epygi-h323-currency 110 string + +ATTRIBUTE Epygi-RegExpDate 150 string +ATTRIBUTE Epygi-FiadID 151 string +ATTRIBUTE Epygi-PortID 152 string +ATTRIBUTE Epygi-AccessType 153 string +ATTRIBUTE Epygi-CallInfo 154 string + +ATTRIBUTE Epygi-OrigCallID 170 string +ATTRIBUTE Epygi-ParentCallID 171 string +ATTRIBUTE Epygi-CallType 172 integer +ATTRIBUTE Epygi-DeviceName 173 string +ATTRIBUTE Epygi-InterfaceName 174 integer +ATTRIBUTE Epygi-InterfaceNumber 175 integer +ATTRIBUTE Epygi-TimeslotNumber 176 integer +ATTRIBUTE Epygi-OrigIpAddr 177 integer +ATTRIBUTE Epygi-DestIpAddr 178 integer +ATTRIBUTE Epygi-OrigIpPort 179 integer +ATTRIBUTE Epygi-DestIpPort 180 integer +ATTRIBUTE Epygi-CallingPartyNumber 181 string +ATTRIBUTE Epygi-CalledPartyNumber 182 string +ATTRIBUTE Epygi-DateTimeOrigination 183 integer +ATTRIBUTE Epygi-DateTimeConnect 184 integer +ATTRIBUTE Epygi-DateTimeDisconnect 185 integer +ATTRIBUTE Epygi-Duration 186 integer +ATTRIBUTE Epygi-OutSourceRTP_IP 187 integer +ATTRIBUTE Epygi-OutDestRTP_IP 188 integer +ATTRIBUTE Epygi-InSourceRTP_IP 189 integer +ATTRIBUTE Epygi-InDestRTP_IP 190 integer +ATTRIBUTE Epygi-OutSourceRTP_port 191 integer +ATTRIBUTE Epygi-OutDestRTP_port 192 integer +ATTRIBUTE Epygi-InSourceRTP_port 193 integer +ATTRIBUTE Epygi-InDestRTP_port 194 integer +ATTRIBUTE Epygi-CallRedirectReason 195 integer +ATTRIBUTE Epygi-CallDisconnectReason 196 integer +ATTRIBUTE Epygi-OutRTP_Payload 197 integer +ATTRIBUTE Epygi-OutRTP_PacketSize 198 integer +ATTRIBUTE Epygi-OutRTP_Packets 199 integer +ATTRIBUTE Epygi-OutRTP_Octets 200 integer +ATTRIBUTE Epygi-InRTP_Payload 201 integer +ATTRIBUTE Epygi-InRTP_PacketSize 202 integer +ATTRIBUTE Epygi-InRTP_Packets 203 integer +ATTRIBUTE Epygi-InRTP_Octets 204 integer +ATTRIBUTE Epygi-InRTP_PacketsLost 205 integer +ATTRIBUTE Epygi-InRTP_PacketsDupl 206 integer +ATTRIBUTE Epygi-InRTP_Jitter 207 integer +ATTRIBUTE Epygi-InRTP_Latency 208 integer + +VALUE Epygi-CallType Internal 0 +VALUE Epygi-CallType SIP 1 +VALUE Epygi-CallType H.323 2 +VALUE Epygi-CallType FXO 3 +VALUE Epygi-CallType T1-E1-CAS 4 +VALUE Epygi-CallType T1-E1-CCS 5 +VALUE Epygi-CallType ISDN-PRI 6 + +VALUE Epygi-InterfaceName Ethernet 0 +VALUE Epygi-InterfaceName FXO 1 +VALUE Epygi-InterfaceName T1-E1-User 2 +VALUE Epygi-InterfaceName T1-E1-Network 3 +VALUE Epygi-InterfaceName ISDN 4 + +VALUE Epygi-CallRedirectReason No-Reason 0 +VALUE Epygi-CallRedirectReason Call-Forward-Uncondit 1 +VALUE Epygi-CallRedirectReason Call-Forward-Busy 2 +VALUE Epygi-CallRedirectReason Call-Forward-NoAnswer 3 +VALUE Epygi-CallRedirectReason Call-Tranfer 4 +VALUE Epygi-CallRedirectReason Call-Park 5 +VALUE Epygi-CallRedirectReason Call-Pickup 6 +VALUE Epygi-CallRedirectReason ManyExtension-Ringing 7 +VALUE Epygi-CallRedirectReason Hunt-Group 8 + +VALUE Epygi-CallDisconnectReason Call-Is-Redirected 0 +VALUE Epygi-CallDisconnectReason Call-Origin-OnHook 1 +VALUE Epygi-CallDisconnectReason Call-Temin-OnHook 2 +VALUE Epygi-CallDisconnectReason Disconected-by-CAC 3 +VALUE Epygi-CallDisconnectReason Other 4 + +END-VENDOR Epygi diff --git a/freeradius/dict/dictionary.ericsson b/freeradius/dict/dictionary.ericsson new file mode 100644 index 0000000..0859e94 --- /dev/null +++ b/freeradius/dict/dictionary.ericsson @@ -0,0 +1,133 @@ +# -*- text -*- +############################################################################## +# +# Ericsson dictionary +# +# $Id$ +# +############################################################################## + +VENDOR Ericsson 193 + +BEGIN-VENDOR Ericsson + +ATTRIBUTE Ericsson-ViG-Balance 3 integer +ATTRIBUTE Ericsson-ViG-Codec 4 integer +ATTRIBUTE Ericsson-ViG-Currency 5 string +ATTRIBUTE Ericsson-ViG-Currency-Quote 6 string +ATTRIBUTE Ericsson-ViG-Endpoint-Type 8 integer +ATTRIBUTE Ericsson-ViG-Sequence-Number 9 integer +ATTRIBUTE Ericsson-ViG-Access-Agent-IP-Address 11 ipaddr +ATTRIBUTE Ericsson-ViG-QoS-Class 12 integer + +# +# These next two attributes look to be similar to Digest-Response (206) and +# Digest-Attributes (207) +# +ATTRIBUTE Ericsson-ViG-Digest-Response 14 string +ATTRIBUTE Ericsson-ViG-Digest-Attributes 15 octets + +ATTRIBUTE Ericsson-ViG-Business-Agreement-Name 16 string +ATTRIBUTE Ericsson-ViG-Call-Role 17 integer +ATTRIBUTE Ericsson-ViG-Remote-SK-UA-IP-Address 20 ipaddr +ATTRIBUTE Ericsson-ViG-Site 23 string +ATTRIBUTE Ericsson-ViG-TTL-relative 32 integer +ATTRIBUTE Ericsson-ViG-Account-error-reason 33 integer +ATTRIBUTE Ericsson-ViG-Layer-identity 34 integer +ATTRIBUTE Ericsson-ViG-Major-protocol-version 35 integer +ATTRIBUTE Ericsson-ViG-Minor-protocol-version 36 integer +ATTRIBUTE Ericsson-ViG-Authentication-type 37 integer +ATTRIBUTE Ericsson-ViG-Trusted-access 38 integer +ATTRIBUTE Ericsson-ViG-User-name 39 string +ATTRIBUTE Ericsson-ViG-Global-unique-call-ID 40 string +ATTRIBUTE Ericsson-ViG-Global-unique-service-ID 41 string +ATTRIBUTE Ericsson-ViG-Interim-interval 42 integer +ATTRIBUTE Ericsson-ViG-Alive-Indicator 43 integer +ATTRIBUTE Ericsson-ViG-TTL-Absolute 44 integer +ATTRIBUTE Ericsson-ViG-TTL-Start-Event 45 integer +ATTRIBUTE Ericsson-ViG-SK-IP-address 46 ipaddr +ATTRIBUTE Ericsson-ViG-UA-IP-address 47 ipaddr +ATTRIBUTE Ericsson-ViG-SA-IP-address 48 ipaddr +ATTRIBUTE Ericsson-ViG-Calling-e164-number 49 string +ATTRIBUTE Ericsson-ViG-Calling-H323Id 50 string +ATTRIBUTE Ericsson-ViG-Calling-Email-address 51 string +ATTRIBUTE Ericsson-ViG-Dialled-e164-number 52 string +ATTRIBUTE Ericsson-ViG-Dialled-H323Id 53 string +ATTRIBUTE Ericsson-ViG-Dialled-Email-address 54 string +ATTRIBUTE Ericsson-ViG-Routed-e164-number 55 string +ATTRIBUTE Ericsson-ViG-Routed-H323Id 56 string +ATTRIBUTE Ericsson-ViG-Routed-Email-address 57 string +ATTRIBUTE Ericsson-ViG-SiteKeeper-name 58 string +ATTRIBUTE Ericsson-ViG-Access-Group-name 59 string +ATTRIBUTE Ericsson-ViG-Access-Agent-name 60 string +ATTRIBUTE Ericsson-ViG-User-agent-group-name 61 string +ATTRIBUTE Ericsson-ViG-User-agent-name 62 string +ATTRIBUTE Ericsson-ViG-Routing-tariff 63 integer +ATTRIBUTE Ericsson-ViG-Re-selection-counter 64 integer +ATTRIBUTE Ericsson-ViG-CPN-digits 65 string +ATTRIBUTE Ericsson-ViG-CPN-TON 66 integer +ATTRIBUTE Ericsson-ViG-CPN-NP 67 integer +ATTRIBUTE Ericsson-ViG-CPN-PI 68 integer +ATTRIBUTE Ericsson-ViG-CPN-SI 69 integer +ATTRIBUTE Ericsson-ViG-Dialled-num-digits 70 string +ATTRIBUTE Ericsson-ViG-Dialled-num-TON 71 integer +ATTRIBUTE Ericsson-ViG-Dialled-num-NP 72 integer +ATTRIBUTE Ericsson-ViG-Routing-num-digits 73 string +ATTRIBUTE Ericsson-ViG-Routing-num-TON 74 integer +ATTRIBUTE Ericsson-ViG-Routing-num-NP 75 integer +ATTRIBUTE Ericsson-ViG-Redirecting-num-digits 76 string +ATTRIBUTE Ericsson-ViG-Redirecting-num-TON 77 integer +ATTRIBUTE Ericsson-ViG-Redirecting-num-NP 78 integer +ATTRIBUTE Ericsson-ViG-Redirecting-num-PI 79 integer +ATTRIBUTE Ericsson-ViG-Redirecting-num-RFD 80 integer +ATTRIBUTE Ericsson-ViG-Time-stamp-UTC 81 integer +ATTRIBUTE Ericsson-ViG-Time-stamp-UTC 81 integer +ATTRIBUTE Ericsson-ViG-Time-stamp-TZ 82 integer +ATTRIBUTE Ericsson-ViG-Time-stamp-DST 83 integer +ATTRIBUTE Ericsson-ViG-Session-routing-duration 84 integer +ATTRIBUTE Ericsson-ViG-Session-ringing-duration 85 integer +ATTRIBUTE Ericsson-ViG-Access-type 86 integer +ATTRIBUTE Ericsson-ViG-Requested-bandwidth 87 integer +ATTRIBUTE Ericsson-ViG-Allowed-bandwidth 88 integer +ATTRIBUTE Ericsson-ViG-Media-channel-count 89 integer +ATTRIBUTE Ericsson-ViG-Voice-media-rec-forward 90 string +ATTRIBUTE Ericsson-ViG-Voice-media-rec-backward 91 string +ATTRIBUTE Ericsson-ViG-Video-media-rec-forward 92 string +ATTRIBUTE Ericsson-ViG-Video-media-rec-backward 93 string +ATTRIBUTE Ericsson-ViG-Fax-media-rec-forward 94 string +ATTRIBUTE Ericsson-ViG-Fax-media-rec-backward 95 string +ATTRIBUTE Ericsson-ViG-Data-media-rec-forward 96 string +ATTRIBUTE Ericsson-ViG-Data-media-rec-backward 97 string +ATTRIBUTE Ericsson-ViG-Charging-Case 98 integer +ATTRIBUTE Ericsson-ViG-Rel-cause-coding-std 99 integer +ATTRIBUTE Ericsson-ViG-Rel-cause-location 100 integer +ATTRIBUTE Ericsson-ViG-Rel-cause-class 101 integer +ATTRIBUTE Ericsson-ViG-Rel-cause-value 102 integer +ATTRIBUTE Ericsson-ViG-Rel-reason 103 integer +ATTRIBUTE Ericsson-ViG-Internal-Rel-reason-val 104 integer +ATTRIBUTE Ericsson-ViG-Internal-Rel-reason-orig 105 integer +ATTRIBUTE Ericsson-ViG-Service-ID 106 integer +ATTRIBUTE Ericsson-ViG-User-ID 107 string +ATTRIBUTE Ericsson-ViG-Service-Name 108 string +ATTRIBUTE Ericsson-ViG-Test-Call-Indicator 109 integer +ATTRIBUTE Ericsson-ViG-Test-Call-Indicator 109 integer +ATTRIBUTE Ericsson-ViG-Emergency-Call-Indicator 110 integer +ATTRIBUTE Ericsson-ViG-Calling-ID 111 string +ATTRIBUTE Ericsson-ViG-Called-ID 112 string +ATTRIBUTE Ericsson-ViG-Translated-ID 113 string +ATTRIBUTE Ericsson-ViG-Calling-User-Group-ID 114 string +ATTRIBUTE Ericsson-ViG-Calling-Usr-Sub-Group-ID 115 string +ATTRIBUTE Ericsson-ViG-Called-Usr-Group-ID 116 string +ATTRIBUTE Ericsson-ViG-Called-Usr-Sub-Group-ID 117 string +ATTRIBUTE Ericsson-ViG-Terminal-Type 118 string +ATTRIBUTE Ericsson-ViG-Service-Duration 119 integer +ATTRIBUTE Ericsson-ViG-Service-Execution-Result 120 integer +ATTRIBUTE Ericsson-ViG-Service-Exe-Rslt-Desc 121 string +ATTRIBUTE Ericsson-ViG-Service-Description 122 string +ATTRIBUTE Ericsson-ViG-Service-Specific-Info 123 string +ATTRIBUTE Ericsson-ViG-Proxy-IP-Address 124 ipaddr +ATTRIBUTE Ericsson-ViG-Auth-DataRequest 125 integer +ATTRIBUTE Ericsson-ViG-IPT-Time-Stamp 126 integer +ATTRIBUTE Ericsson-ViG-User-Name-Info 127 integer + +END-VENDOR Ericsson diff --git a/freeradius/dict/dictionary.erx b/freeradius/dict/dictionary.erx new file mode 100644 index 0000000..038d3cc --- /dev/null +++ b/freeradius/dict/dictionary.erx @@ -0,0 +1,197 @@ +# -*- text -*- +# +# dictionary.erx +# +# Juniper's (was Unisphere's) broadband RAS +# From Terje Krogdahl +# +# Version: $Id$ +# +# Juniper ERX dictionaries are available at: +# http://www.juniper.net/techpubs/software/erx/junose71/unisphere7-1.dct +# http://www.juniper.net/techpubs/software/erx/junose700/unisphere7-0.dct +# http://www.juniper.net/techpubs/software/erx/junose700/swconfig-broadband/html/radius-attributes.html +# http://www.juniper.net/techpubs/software/erx/junose52/unisphere5-2.dct +# http://www.juniper.net/techpubs/software/erx/erx50x/swconfig-broadband/html/radius-attributes.html +# (The below are from when it was the Unisphere ERX) +# http://www.juniper.net/techpubs/software/erx/erx410/unisphere4-1.dct +# http://www.juniper.net/techpubs/software/erx/erx403/unisphere4-0.dct +# http://www.juniper.net/techpubs/software/erx/erx3xx/unisphere3-2.dct +# http://www.juniper.net/techpubs/software/erx/erx3xx/unisphere3-0.dct +# +# As a note on ERX broken-ness, If you don't send a Framed-IP-Address +# in the Access-Accept packet, the ERX disconnects the user, and +# sends an Accounting-Request packet with Acct-Status-Type = Stop +# +# It does NOT send a 'Start' packet, so this behaviour confuses the +# heck out of most admins, who do everything right, but have the ERX +# do stupid things. +# +# The ERX supports Ascend "abinary" format. See: +# +# http://www.juniper.net/techpubs/software/erx/junose71/swconfig-policy/html/policy-mgmt-apply5.html +# +# For this to work in FreeRADIUS, you will have to specify the attribute +# in hex, as in: +# +# Ascend-Data-Filter = 0x010203... +# + +VENDOR ERX 4874 + +BEGIN-VENDOR ERX + +ATTRIBUTE ERX-Virtual-Router-Name 1 string +ATTRIBUTE ERX-Address-Pool-Name 2 string +ATTRIBUTE ERX-Local-Loopback-Interface 3 string +ATTRIBUTE ERX-Primary-Dns 4 ipaddr +ATTRIBUTE ERX-Secondary-Dns 5 ipaddr +ATTRIBUTE ERX-Primary-Wins 6 ipaddr +ATTRIBUTE ERX-Secondary-Wins 7 ipaddr +ATTRIBUTE ERX-Tunnel-Virtual-Router 8 string +ATTRIBUTE ERX-Tunnel-Password 9 string +ATTRIBUTE ERX-Ingress-Policy-Name 10 string +ATTRIBUTE ERX-Egress-Policy-Name 11 string +ATTRIBUTE ERX-Ingress-Statistics 12 integer +ATTRIBUTE ERX-Egress-Statistics 13 integer +ATTRIBUTE ERX-Atm-Service-Category 14 integer +ATTRIBUTE ERX-Atm-PCR 15 integer +ATTRIBUTE ERX-Atm-SCR 16 integer +ATTRIBUTE ERX-Atm-MBS 17 integer +ATTRIBUTE ERX-Cli-Initial-Access-Level 18 string +ATTRIBUTE ERX-Cli-Allow-All-VR-Access 19 integer +ATTRIBUTE ERX-Alternate-Cli-Access-Level 20 string +ATTRIBUTE ERX-Alternate-Cli-Vrouter-Name 21 string +ATTRIBUTE ERX-Sa-Validate 22 integer +ATTRIBUTE ERX-Igmp-Enable 23 integer +ATTRIBUTE ERX-Pppoe-Description 24 string +ATTRIBUTE ERX-Redirect-VR-Name 25 string +ATTRIBUTE ERX-Qos-Profile-Name 26 string +ATTRIBUTE ERX-Pppoe-Max-Sessions 27 integer +ATTRIBUTE ERX-Pppoe-Url 28 string +ATTRIBUTE ERX-Qos-Profile-Interface-Type 29 integer +ATTRIBUTE ERX-Tunnel-Nas-Port-Method 30 integer +ATTRIBUTE ERX-Service-Bundle 31 string +ATTRIBUTE ERX-Tunnel-Tos 32 integer +ATTRIBUTE ERX-Tunnel-Maximum-Sessions 33 integer +ATTRIBUTE ERX-Framed-Ip-Route-Tag 34 string +ATTRIBUTE ERX-Dial-Out-Number 35 string +ATTRIBUTE ERX-PPP-Username 36 string +ATTRIBUTE ERX-PPP-Password 37 string +ATTRIBUTE ERX-PPP-Auth-Protocol 38 integer +ATTRIBUTE ERX-Minimum-BPS 39 integer +ATTRIBUTE ERX-Maximum-BPS 40 integer +ATTRIBUTE ERX-Bearer-Type 41 integer +ATTRIBUTE ERX-Input-Gigapkts 42 integer +ATTRIBUTE ERX-Output-Gigapkts 43 integer +ATTRIBUTE ERX-Tunnel-Interface-Id 44 string +ATTRIBUTE ERX-IpV6-Virtual-Router 45 string +ATTRIBUTE ERX-IpV6-Local-Interface 46 string +ATTRIBUTE ERX-Ipv6-Primary-Dns 47 string +ATTRIBUTE ERX-Ipv6-Secondary-Dns 48 string +ATTRIBUTE Sdx-Service-Name 49 string +ATTRIBUTE Sdx-Session-Volume-Quota 50 string +ATTRIBUTE Sdx-Tunnel-Disconnect-Cause-Info 51 string +ATTRIBUTE ERX-Radius-Client-Address 52 ipaddr +ATTRIBUTE ERX-Service-Description 53 string +ATTRIBUTE ERX-L2tp-Recv-Window-Size 54 integer +ATTRIBUTE ERX-Dhcp-Options 55 string +ATTRIBUTE ERX-Dhcp-Mac-Addr 56 string +ATTRIBUTE ERX-Dhcp-Gi-Address 57 ipaddr +ATTRIBUTE ERX-LI-Action 58 integer encrypt=2 +ATTRIBUTE ERX-Med-Dev-Handle 59 octets encrypt=2 +ATTRIBUTE ERX-Med-Ip-Address 60 ipaddr encrypt=2 +ATTRIBUTE ERX-Med-Port-Number 61 integer encrypt=2 +ATTRIBUTE ERX-MLPPP-Bundle-Name 62 string +ATTRIBUTE ERX-Interface-Desc 63 string +ATTRIBUTE ERX-Tunnel-Group 64 string +ATTRIBUTE ERX-Service-Activate 65 string has_tag +ATTRIBUTE ERX-Service-Deactivate 66 string +ATTRIBUTE ERX-Service-Volume 67 integer has_tag +ATTRIBUTE ERX-Service-Timeout 68 integer has_tag +ATTRIBUTE ERX-Service-Statistics 69 integer has_tag + +ATTRIBUTE ERX-DF-Bit 70 integer + +ATTRIBUTE ERX-IGMP-Access-Name 71 string +ATTRIBUTE ERX-IGMP-Access-Src-Name 72 string +ATTRIBUTE ERX-IGMP-OIF-Map-Name 73 string + +ATTRIBUTE ERX-MLD-Access-Name 74 string +ATTRIBUTE ERX-MLD-Access-Src-Name 75 string +ATTRIBUTE ERX-MLD-OIF-Map-Name 76 string +ATTRIBUTE ERX-MLD-Version 77 integer +ATTRIBUTE ERX-IGMP-Version 78 integer +ATTRIBUTE ERX-IP-Mcast-Adm-Bw-Limit 79 integer +ATTRIBUTE ERX-IPv6-Mcast-Adm-Bw-Limit 80 integer +ATTRIBUTE ERX-Qos-Parameters 82 string +ATTRIBUTE ERX-Service-Session 83 string + +# +# Values Attribute Name Number +# +VALUE ERX-Ingress-Statistics disable 0 +VALUE ERX-Ingress-Statistics enable 1 + +VALUE ERX-Egress-Statistics disable 0 +VALUE ERX-Egress-Statistics enable 1 + +VALUE ERX-Atm-Service-Category UBR 1 +VALUE ERX-Atm-Service-Category UBRPCR 2 +VALUE ERX-Atm-Service-Category nrtVBR 3 +VALUE ERX-Atm-Service-Category CBR 4 + +VALUE ERX-Cli-Allow-All-VR-Access disable 0 +VALUE ERX-Cli-Allow-All-VR-Access enable 1 + +VALUE ERX-Sa-Validate disable 0 +VALUE ERX-Sa-Validate enable 1 + +VALUE ERX-Igmp-Enable disable 0 +VALUE ERX-Igmp-Enable enable 1 + +VALUE ERX-Qos-Profile-Interface-Type IP 1 +VALUE ERX-Qos-Profile-Interface-Type ATM 2 +VALUE ERX-Qos-Profile-Interface-Type HDLC 3 +VALUE ERX-Qos-Profile-Interface-Type ETHERNET 4 +VALUE ERX-Qos-Profile-Interface-Type SERVER-PORT 5 +VALUE ERX-Qos-Profile-Interface-Type ATM-1483 6 +VALUE ERX-Qos-Profile-Interface-Type FRAME-RELAY 7 +VALUE ERX-Qos-Profile-Interface-Type MPLS-MINOR 8 +VALUE ERX-Qos-Profile-Interface-Type CBF 9 +VALUE ERX-Qos-Profile-Interface-Type IP-TUNNEL 10 +VALUE ERX-Qos-Profile-Interface-Type VLAN-SUB 11 +VALUE ERX-Qos-Profile-Interface-Type PPPOE-SUB 12 + +VALUE ERX-Tunnel-Nas-Port-Method None 0 +VALUE ERX-Tunnel-Nas-Port-Method CISCO-CLID 1 + +VALUE ERX-PPP-Auth-Protocol None 0 +VALUE ERX-PPP-Auth-Protocol PAP 1 +VALUE ERX-PPP-Auth-Protocol CHAP 2 +VALUE ERX-PPP-Auth-Protocol PAP-CHAP 3 +VALUE ERX-PPP-Auth-Protocol CHAP-PAP 4 + +VALUE ERX-Bearer-Type None 0 +VALUE ERX-Bearer-Type Analog 1 +VALUE ERX-Bearer-Type Digital 2 + +VALUE ERX-LI-Action off 0 +VALUE ERX-LI-Action on 1 +VALUE ERX-LI-Action noop 2 + +VALUE ERX-DF-Bit dont-ignore-df-bit 0 +VALUE ERX-DF-Bit ignore-df-bit 1 + +VALUE ERX-MLD-Version v1 1 +VALUE ERX-MLD-Version v2 2 + +VALUE ERX-IGMP-Version v1 1 +VALUE ERX-IGMP-Version v2 2 +VALUE ERX-IGMP-Version v3 3 + +VALUE ERX-Service-Statistics disabled 0 +VALUE ERX-Service-Statistics time 1 +VALUE ERX-Service-Statistics time-volume 2 + +END-VENDOR ERX diff --git a/freeradius/dict/dictionary.extreme b/freeradius/dict/dictionary.extreme new file mode 100644 index 0000000..281b6b8 --- /dev/null +++ b/freeradius/dict/dictionary.extreme @@ -0,0 +1,27 @@ +# -*- text -*- +# +# Dictionary for Extreme Networks VSA's. +# http://www.extremenetworks.com/ +# +# $Id$ +# +VENDOR Extreme 1916 + +BEGIN-VENDOR Extreme + +ATTRIBUTE Extreme-CLI-Authorization 201 integer +ATTRIBUTE Extreme-Shell-Command 202 string +ATTRIBUTE Extreme-Netlogin-Vlan 203 string +ATTRIBUTE Extreme-Netlogin-Url 204 string +ATTRIBUTE Extreme-Netlogin-Url-Desc 205 string +ATTRIBUTE Extreme-Netlogin-Only 206 integer +ATTRIBUTE Extreme-User-Location 208 string +ATTRIBUTE Extreme-Netlogin-Vlan-Tag 209 integer + +VALUE Extreme-CLI-Authorization Disabled 0 +VALUE Extreme-CLI-Authorization Enabled 1 + +VALUE Extreme-Netlogin-Only Disabled 0 +VALUE Extreme-Netlogin-Only Enabled 1 + +END-VENDOR Extreme diff --git a/freeradius/dict/dictionary.fortinet b/freeradius/dict/dictionary.fortinet new file mode 100644 index 0000000..22668dd --- /dev/null +++ b/freeradius/dict/dictionary.fortinet @@ -0,0 +1,26 @@ +# -*- text -*- +############################################################################## +# +# Fortinet's VSA's +# As posted to the list by Richie Lee. +# +# $Id$ +# +############################################################################## + +# +# Fortinet's VSA's +# + +VENDOR Fortinet 12356 + +BEGIN-VENDOR Fortinet +ATTRIBUTE Fortinet-Group-Name 1 string +ATTRIBUTE Fortinet-Client-IP-Address 2 ipaddr +ATTRIBUTE Fortinet-Vdom-Name 3 string + +# +# Integer Translations +# + +END-VENDOR Fortinet diff --git a/freeradius/dict/dictionary.foundry b/freeradius/dict/dictionary.foundry new file mode 100644 index 0000000..46c9c9e --- /dev/null +++ b/freeradius/dict/dictionary.foundry @@ -0,0 +1,36 @@ +# -*- text -*- +# +# dictionary.foundry +# +# As posted to the list by Thomas Keitel +# +# Version: $Id$ +# + +VENDOR Foundry 1991 + +BEGIN-VENDOR Foundry + +ATTRIBUTE Foundry-Privilege-Level 1 integer +ATTRIBUTE Foundry-Command-String 2 string +ATTRIBUTE Foundry-Command-Exception-Flag 3 integer +ATTRIBUTE Foundry-INM-Privilege 4 integer + +VALUE Foundry-INM-Privilege AAA_pri_0 0 +VALUE Foundry-INM-Privilege AAA_pri_1 1 +VALUE Foundry-INM-Privilege AAA_pri_2 2 +VALUE Foundry-INM-Privilege AAA_pri_3 3 +VALUE Foundry-INM-Privilege AAA_pri_4 4 +VALUE Foundry-INM-Privilege AAA_pri_5 5 +VALUE Foundry-INM-Privilege AAA_pri_6 6 +VALUE Foundry-INM-Privilege AAA_pri_7 7 +VALUE Foundry-INM-Privilege AAA_pri_8 8 +VALUE Foundry-INM-Privilege AAA_pri_9 9 +VALUE Foundry-INM-Privilege AAA_pri_10 10 +VALUE Foundry-INM-Privilege AAA_pri_11 11 +VALUE Foundry-INM-Privilege AAA_pri_12 12 +VALUE Foundry-INM-Privilege AAA_pri_13 13 +VALUE Foundry-INM-Privilege AAA_pri_14 14 +VALUE Foundry-INM-Privilege AAA_pri_15 15 + +END-VENDOR Foundry diff --git a/freeradius/dict/dictionary.freeradius b/freeradius/dict/dictionary.freeradius new file mode 100644 index 0000000..09f65da --- /dev/null +++ b/freeradius/dict/dictionary.freeradius @@ -0,0 +1,137 @@ +# -*- text -*- +# +# The FreeRADIUS Vendor-Specific dictionary. +# +# Version: $Id$ +# +# For a complete list of Private Enterprise Codes, see: +# +# http://www.isi.edu/in-notes/iana/assignments/enterprise-numbers +# + +VENDOR FreeRADIUS 11344 + +BEGIN-VENDOR FreeRADIUS + +ATTRIBUTE FreeRADIUS-Proxied-To 1 ipaddr + + +# +# This attribute is really a bitmask. +# +ATTRIBUTE FreeRADIUS-Statistics-Type 127 integer + +VALUE FreeRADIUS-Statistics-Type None 0 +VALUE FreeRADIUS-Statistics-Type Authentication 1 +VALUE FreeRADIUS-Statistics-Type Accounting 2 +VALUE FreeRADIUS-Statistics-Type Proxy-Authentication 4 +VALUE FreeRADIUS-Statistics-Type Proxy-Accounting 8 +VALUE FreeRADIUS-Statistics-Type Internal 0x10 +VALUE FreeRADIUS-Statistics-Type Client 0x20 +VALUE FreeRADIUS-Statistics-Type Server 0x40 +VALUE FreeRADIUS-Statistics-Type Home-Server 0x80 + +VALUE FreeRADIUS-Statistics-Type Auth-Acct 0x03 +VALUE FreeRADIUS-Statistics-Type Proxy-Auth-Acct 0x0c + +VALUE FreeRADIUS-Statistics-Type All 0x1f + +# +# Global authentication statistics for packets received by the server. +# +ATTRIBUTE FreeRADIUS-Total-Access-Requests 128 integer +ATTRIBUTE FreeRADIUS-Total-Access-Accepts 129 integer +ATTRIBUTE FreeRADIUS-Total-Access-Rejects 130 integer +ATTRIBUTE FreeRADIUS-Total-Access-Challenges 131 integer +ATTRIBUTE FreeRADIUS-Total-Auth-Responses 132 integer +ATTRIBUTE FreeRADIUS-Total-Auth-Duplicate-Requests 133 integer +ATTRIBUTE FreeRADIUS-Total-Auth-Malformed-Requests 134 integer +ATTRIBUTE FreeRADIUS-Total-Auth-Invalid-Requests 135 integer +ATTRIBUTE FreeRADIUS-Total-Auth-Dropped-Requests 136 integer +ATTRIBUTE FreeRADIUS-Total-Auth-Unknown-Types 137 integer + +# +# Global statistics for auth packets sent by the server to all home servers +# +ATTRIBUTE FreeRADIUS-Total-Proxy-Access-Requests 138 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Access-Accepts 139 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Access-Rejects 140 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Access-Challenges 141 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Auth-Responses 142 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Auth-Duplicate-Requests 143 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Auth-Malformed-Requests 144 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Auth-Invalid-Requests 145 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Auth-Dropped-Requests 146 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Auth-Unknown-Types 147 integer + +# +# Global accounting statistics for packets received by the server. +# +ATTRIBUTE FreeRADIUS-Total-Accounting-Requests 148 integer +ATTRIBUTE FreeRADIUS-Total-Accounting-Responses 149 integer +ATTRIBUTE FreeRADIUS-Total-Acct-Duplicate-Requests 150 integer +ATTRIBUTE FreeRADIUS-Total-Acct-Malformed-Requests 151 integer +ATTRIBUTE FreeRADIUS-Total-Acct-Invalid-Requests 152 integer +ATTRIBUTE FreeRADIUS-Total-Acct-Dropped-Requests 153 integer +ATTRIBUTE FreeRADIUS-Total-Acct-Unknown-Types 154 integer + +# +# Global statistics for acct packets sent by the server to all home servers +# +ATTRIBUTE FreeRADIUS-Total-Proxy-Accounting-Requests 155 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Accounting-Responses 156 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Acct-Duplicate-Requests 157 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Acct-Malformed-Requests 158 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Acct-Invalid-Requests 159 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Acct-Dropped-Requests 160 integer +ATTRIBUTE FreeRADIUS-Total-Proxy-Acct-Unknown-Types 161 integer + +# +# Internal queues. Different packet types are put into different queues. +# +ATTRIBUTE FreeRADIUS-Queue-Len-Internal 162 integer +ATTRIBUTE FreeRADIUS-Queue-Len-Proxy 163 integer +ATTRIBUTE FreeRADIUS-Queue-Len-Auth 164 integer +ATTRIBUTE FreeRADIUS-Queue-Len-Acct 165 integer +ATTRIBUTE FreeRADIUS-Queue-Len-Detail 166 integer + +ATTRIBUTE FreeRADIUS-Stats-Client-IP-Address 167 ipaddr +ATTRIBUTE FreeRADIUS-Stats-Client-Number 168 integer +ATTRIBUTE FreeRADIUS-Stats-Client-Netmask 169 integer + +ATTRIBUTE FreeRADIUS-Stats-Server-IP-Address 170 ipaddr +ATTRIBUTE FreeRADIUS-Stats-Server-Port 171 integer + +ATTRIBUTE FreeRADIUS-Stats-Server-Outstanding-Requests 172 integer +ATTRIBUTE FreeRADIUS-Stats-Server-State 173 integer + +VALUE FreeRADIUS-Stats-Server-State Alive 0 +VALUE FreeRADIUS-Stats-Server-State Zombie 1 +VALUE FreeRADIUS-Stats-Server-State Dead 2 + +# +# When a home server is marked "dead" or "alive" +# +ATTRIBUTE FreeRADIUS-Stats-Server-Time-Of-Death 174 date +ATTRIBUTE FreeRADIUS-Stats-Server-Time-Of-Life 175 date + +# +# When this server was started. If start == hup, it hasn't been +# hup'd yet. This is friendlier than having hup == 0 on start. +# +ATTRIBUTE FreeRADIUS-Stats-Start-Time 176 date +ATTRIBUTE FreeRADIUS-Stats-HUP-Time 177 date + +# +# Exponential moving average of home server response time +# Window-1 is the average is calculated over "window" packets. +# Window-10 is the average is calculated over "10 * window" packets. +# +# Both Window-1 and Window-10 are times in microseconds +# (1/1000000 of a second). +# +ATTRIBUTE FreeRADIUS-Server-EMA-Window 178 integer +ATTRIBUTE FreeRADIUS-Server-EMA-USEC-Window-1 179 integer +ATTRIBUTE FreeRADIUS-Server-EMA-USEC-Window-10 180 integer + +END-VENDOR FreeRADIUS diff --git a/freeradius/dict/dictionary.freeradius.internal b/freeradius/dict/dictionary.freeradius.internal new file mode 100644 index 0000000..7db3178 --- /dev/null +++ b/freeradius/dict/dictionary.freeradius.internal @@ -0,0 +1,540 @@ +# -*- text -*- +# +# Non Protocol Attributes used by FreeRADIUS +# +# $Id$ +# + +# The attributes number ranges are allocates as follows: +# +# Range: 500-999 +# server-side attributes which can go in a reply list + +# These attributes CAN go in the reply item list. +ATTRIBUTE Fall-Through 500 integer +ATTRIBUTE Exec-Program 502 string +ATTRIBUTE Exec-Program-Wait 503 string + +# These attributes CANNOT go in the reply item list. + +# +# Range: 1000+ +# Attributes which cannot go in a reply list. +# +# +# Range: 1000-1199 +# Miscellaneous server attributes. +# +# +# Non-Protocol Attributes +# These attributes are used internally by the server +# +ATTRIBUTE Auth-Type 1000 integer +ATTRIBUTE Menu 1001 string +ATTRIBUTE Termination-Menu 1002 string +ATTRIBUTE Prefix 1003 string +ATTRIBUTE Suffix 1004 string +ATTRIBUTE Group 1005 string +ATTRIBUTE Crypt-Password 1006 string +ATTRIBUTE Connect-Rate 1007 integer +ATTRIBUTE Add-Prefix 1008 string +ATTRIBUTE Add-Suffix 1009 string +ATTRIBUTE Expiration 1010 date +ATTRIBUTE Autz-Type 1011 integer +ATTRIBUTE Acct-Type 1012 integer +ATTRIBUTE Session-Type 1013 integer +ATTRIBUTE Post-Auth-Type 1014 integer +ATTRIBUTE Pre-Proxy-Type 1015 integer +ATTRIBUTE Post-Proxy-Type 1016 integer +ATTRIBUTE Pre-Acct-Type 1017 integer + +# +# This is the EAP type of authentication, which is set +# by the EAP module, for informational purposes only. +# +ATTRIBUTE EAP-Type 1018 integer +ATTRIBUTE EAP-TLS-Require-Client-Cert 1019 integer +ATTRIBUTE EAP-Id 1020 integer +ATTRIBUTE EAP-Code 1021 integer +# Attribute 1022 unused, was EAP-MD5-Password, which was +# used only be radeapclient. It's been replaced by Cleartext-Password +ATTRIBUTE PEAP-Version 1023 integer +ATTRIBUTE Client-Shortname 1024 string +ATTRIBUTE Load-Balance-Key 1025 string +ATTRIBUTE Raw-Attribute 1026 octets +ATTRIBUTE TNC-VLAN-Access 1027 string +ATTRIBUTE TNC-VLAN-Isolate 1028 string +ATTRIBUTE User-Category 1029 string +ATTRIBUTE Group-Name 1030 string +ATTRIBUTE Huntgroup-Name 1031 string +ATTRIBUTE Simultaneous-Use 1034 integer +ATTRIBUTE Strip-User-Name 1035 integer +ATTRIBUTE Hint 1040 string +ATTRIBUTE Pam-Auth 1041 string +ATTRIBUTE Login-Time 1042 string +ATTRIBUTE Stripped-User-Name 1043 string +ATTRIBUTE Current-Time 1044 string +ATTRIBUTE Realm 1045 string +ATTRIBUTE No-Such-Attribute 1046 string +ATTRIBUTE Packet-Type 1047 integer +ATTRIBUTE Proxy-To-Realm 1048 string +ATTRIBUTE Replicate-To-Realm 1049 string +ATTRIBUTE Acct-Session-Start-Time 1050 date +ATTRIBUTE Acct-Unique-Session-Id 1051 string +ATTRIBUTE Client-IP-Address 1052 ipaddr +ATTRIBUTE Ldap-UserDn 1053 string +ATTRIBUTE NS-MTA-MD5-Password 1054 string +ATTRIBUTE SQL-User-Name 1055 string +ATTRIBUTE LM-Password 1057 octets +ATTRIBUTE NT-Password 1058 octets +ATTRIBUTE SMB-Account-CTRL 1059 integer +ATTRIBUTE SMB-Account-CTRL-TEXT 1061 string +ATTRIBUTE User-Profile 1062 string +ATTRIBUTE Digest-Realm 1063 string +ATTRIBUTE Digest-Nonce 1064 string +ATTRIBUTE Digest-Method 1065 string +ATTRIBUTE Digest-URI 1066 string +ATTRIBUTE Digest-QOP 1067 string +ATTRIBUTE Digest-Algorithm 1068 string +ATTRIBUTE Digest-Body-Digest 1069 string +ATTRIBUTE Digest-CNonce 1070 string +ATTRIBUTE Digest-Nonce-Count 1071 string +ATTRIBUTE Digest-User-Name 1072 string +ATTRIBUTE Pool-Name 1073 string +ATTRIBUTE Ldap-Group 1074 string +ATTRIBUTE Module-Success-Message 1075 string +ATTRIBUTE Module-Failure-Message 1076 string +# X99-Fast 1077 integer +ATTRIBUTE Rewrite-Rule 1078 string +ATTRIBUTE Sql-Group 1079 string +ATTRIBUTE Response-Packet-Type 1080 integer +ATTRIBUTE Digest-HA1 1081 string +ATTRIBUTE MS-CHAP-Use-NTLM-Auth 1082 integer +ATTRIBUTE NTLM-User-Name 1083 string +ATTRIBUTE Packet-Src-IP-Address 1084 ipaddr +ATTRIBUTE Packet-Dst-IP-Address 1085 ipaddr +ATTRIBUTE Packet-Src-Port 1086 integer +ATTRIBUTE Packet-Dst-Port 1087 integer +ATTRIBUTE Packet-Authentication-Vector 1088 octets +ATTRIBUTE Time-Of-Day 1089 string +ATTRIBUTE Request-Processing-Stage 1090 string +ATTRIBUTE Cache-No-Caching 1091 string +ATTRIBUTE Cache-Delete-Cache 1092 string +ATTRIBUTE SHA-Password 1093 octets +ATTRIBUTE SSHA-Password 1094 octets +ATTRIBUTE SHA1-Password 1093 octets +ATTRIBUTE SSHA1-Password 1094 octets +ATTRIBUTE MD5-Password 1095 octets +ATTRIBUTE SMD5-Password 1096 octets +ATTRIBUTE Packet-Src-IPv6-Address 1097 ipv6addr +ATTRIBUTE Packet-Dst-IPv6-Address 1098 ipv6addr +ATTRIBUTE Virtual-Server 1099 string +ATTRIBUTE Cleartext-Password 1100 string +ATTRIBUTE Password-With-Header 1101 string +ATTRIBUTE Inner-Tunnel-User-Name 1102 string + +ATTRIBUTE Shared-Secret 1189 string + +ATTRIBUTE Shared-Secret 1189 string + + +# +# EAP-IKEv2 is experimental. +# +ATTRIBUTE EAP-IKEv2-IDType 1103 integer + +VALUE EAP-IKEv2-IDType IPV4_ADDR 1 +VALUE EAP-IKEv2-IDType FQDN 2 +VALUE EAP-IKEv2-IDType RFC822_ADDR 3 +VALUE EAP-IKEv2-IDType IPV6_ADDR 5 +VALUE EAP-IKEv2-IDType DER_ASN1_DN 9 +VALUE EAP-IKEv2-IDType DER_ASN1_GN 10 +VALUE EAP-IKEv2-IDType KEY_ID 11 + +ATTRIBUTE EAP-IKEv2-ID 1104 string +ATTRIBUTE EAP-IKEv2-Secret 1105 string +ATTRIBUTE EAP-IKEv2-AuthType 1106 integer + +VALUE EAP-IKEv2-AuthType none 0 +VALUE EAP-IKEv2-AuthType secret 1 +VALUE EAP-IKEv2-AuthType cert 2 +VALUE EAP-IKEv2-AuthType both 3 + +ATTRIBUTE Module-Return-Code 1108 integer + +VALUE Module-Return-Code reject 0 +VALUE Module-Return-Code fail 1 +VALUE Module-Return-Code ok 2 +VALUE Module-Return-Code handled 3 +VALUE Module-Return-Code invalid 4 +VALUE Module-Return-Code userlock 5 +VALUE Module-Return-Code notfound 6 +VALUE Module-Return-Code noop 7 +VALUE Module-Return-Code updated 8 + +ATTRIBUTE Packet-Original-Timestamp 1109 date +ATTRIBUTE SQL-Table-Name 1110 string + +ATTRIBUTE FreeRADIUS-Client-IP-Address 1120 ipaddr +ATTRIBUTE FreeRADIUS-Client-IPv6-Address 1121 ipv6addr +ATTRIBUTE FreeRADIUS-Client-Require-MA 1122 integer + +VALUE FreeRADIUS-Client-Require-MA no 0 +VALUE FreeRADIUS-Client-Require-MA yes 1 + +ATTRIBUTE FreeRADIUS-Client-Secret 1123 string +ATTRIBUTE FreeRADIUS-Client-Shortname 1124 string +ATTRIBUTE FreeRADIUS-Client-NAS-Type 1125 string +ATTRIBUTE FreeRADIUS-Client-Virtual-Server 1126 string + +# +# Range: 1200-1279 +# EAP-SIM (and other EAP type) weirdness. +# +# For EAP-SIM, some attribute definitions for database interface +# +ATTRIBUTE EAP-Sim-Subtype 1200 integer + +ATTRIBUTE EAP-Sim-Rand1 1201 octets +ATTRIBUTE EAP-Sim-Rand2 1202 octets +ATTRIBUTE EAP-Sim-Rand3 1203 octets + +ATTRIBUTE EAP-Sim-SRES1 1204 octets +VALUE EAP-Sim-Subtype AKA_Challenge 1 +ATTRIBUTE EAP-Sim-SRES2 1205 octets +ATTRIBUTE EAP-Sim-SRES3 1206 octets + +VALUE EAP-Sim-Subtype Start 10 +VALUE EAP-Sim-Subtype Challenge 11 +VALUE EAP-Sim-Subtype Notification 12 +VALUE EAP-Sim-Subtype Re-authentication 13 + +# this attribute is used internally by the client code. +ATTRIBUTE EAP-Sim-State 1207 integer + +ATTRIBUTE EAP-Sim-IMSI 1208 string +ATTRIBUTE EAP-Sim-HMAC 1209 string +ATTRIBUTE EAP-Sim-KEY 1210 octets +ATTRIBUTE EAP-Sim-EXTRA 1211 octets + +ATTRIBUTE EAP-Aka-IK 1215 octets +ATTRIBUTE EAP-Aka-CK 1216 octets +ATTRIBUTE EAP-Sim-KC1 1212 octets +ATTRIBUTE EAP-Sim-KC2 1213 octets +ATTRIBUTE EAP-Sim-KC3 1214 octets + +# +# Range: 1280 - 1535 +# EAP-type specific attributes +# + +# these are PW_EAP_X + 1280 +ATTRIBUTE EAP-Type-Identity 1281 string +ATTRIBUTE EAP-Type-Notification 1282 string +ATTRIBUTE EAP-Type-NAK 1283 string +ATTRIBUTE EAP-Type-MD5 1284 octets +ATTRIBUTE EAP-Type-OTP 1285 string +ATTRIBUTE EAP-Type-GTC 1286 string +ATTRIBUTE EAP-Type-TLS 1297 octets +ATTRIBUTE EAP-Type-SIM 1298 octets +ATTRIBUTE EAP-Type-AKA 1307 octets +ATTRIBUTE EAP-Type-LEAP 1301 octets +ATTRIBUTE EAP-Type-SIM2 1302 octets +ATTRIBUTE EAP-Type-TTLS 1305 octets +ATTRIBUTE EAP-Type-PEAP 1309 octets + +# +# Range: 1536 - 1791 +# EAP Sim sub-types. +# +ATTRIBUTE EAP-Sim-AUTN 1538 octets +ATTRIBUTE EAP-Sim-RES 1539 octets + +# these are PW_EAP_SIM_X + 1536 +ATTRIBUTE EAP-Sim-RAND 1537 octets +ATTRIBUTE EAP-Sim-PADDING 1542 octets +ATTRIBUTE EAP-Sim-NONCE_MT 1543 octets +ATTRIBUTE EAP-Sim-PERMANENT_ID_REQ 1546 octets +ATTRIBUTE EAP-Sim-MAC 1547 octets +ATTRIBUTE EAP-Sim-NOTIFICATION 1548 octets +ATTRIBUTE EAP-Sim-ANY_ID_REQ 1549 octets +ATTRIBUTE EAP-Sim-IDENTITY 1550 octets +ATTRIBUTE EAP-Sim-VERSION_LIST 1551 octets +ATTRIBUTE EAP-Sim-SELECTED_VERSION 1552 octets +ATTRIBUTE EAP-Sim-FULLAUTH_ID_REQ 1553 octets +ATTRIBUTE EAP-Sim-CLIENT_ERROR_CODE 1558 integer +ATTRIBUTE EAP-Sim-COUNTER 1555 octets +ATTRIBUTE EAP-Sim-COUNTER_TOO_SMALL 1556 octets +ATTRIBUTE EAP-Sim-NONCE_S 1557 octets +ATTRIBUTE EAP-Sim-IV 1665 octets +ATTRIBUTE EAP-Sim-ENCR_DATA 1666 octets +ATTRIBUTE EAP-Sim-NEXT_PSEUDONUM 1668 octets +VALUE EAP-Sim-CLIENT_ERROR_CODE Unable-To-Process-Packet 0 +VALUE EAP-Sim-CLIENT_ERROR_CODE Unsupport-Version 1 +VALUE EAP-Sim-CLIENT_ERROR_CODE Insufficient-Challenges 2 +VALUE EAP-Sim-CLIENT_ERROR_CODE RANDS-Not-Fresh 3 + +ATTRIBUTE EAP-Sim-NEXT_REAUTH_ID 1669 octets +ATTRIBUTE EAP-Sim-CHECKCODE 1670 octets + +# +# Range: 1800-1899 +# Temporary attributes, for local storage. +# +ATTRIBUTE Tmp-String-0 1800 string +ATTRIBUTE Tmp-String-1 1801 string +ATTRIBUTE Tmp-String-2 1802 string +ATTRIBUTE Tmp-String-3 1803 string +ATTRIBUTE Tmp-String-4 1804 string +ATTRIBUTE Tmp-String-5 1805 string +ATTRIBUTE Tmp-String-6 1806 string +ATTRIBUTE Tmp-String-7 1807 string +ATTRIBUTE Tmp-String-8 1808 string +ATTRIBUTE Tmp-String-9 1809 string + +ATTRIBUTE Tmp-Integer-0 1810 integer +ATTRIBUTE Tmp-Integer-1 1811 integer +ATTRIBUTE Tmp-Integer-2 1812 integer +ATTRIBUTE Tmp-Integer-3 1813 integer +ATTRIBUTE Tmp-Integer-4 1814 integer +ATTRIBUTE Tmp-Integer-5 1815 integer +ATTRIBUTE Tmp-Integer-6 1816 integer +ATTRIBUTE Tmp-Integer-7 1817 integer +ATTRIBUTE Tmp-Integer-8 1818 integer +ATTRIBUTE Tmp-Integer-9 1819 integer + +ATTRIBUTE Tmp-IP-Address-0 1820 ipaddr +ATTRIBUTE Tmp-IP-Address-1 1821 ipaddr +ATTRIBUTE Tmp-IP-Address-2 1822 ipaddr +ATTRIBUTE Tmp-IP-Address-3 1823 ipaddr +ATTRIBUTE Tmp-IP-Address-4 1824 ipaddr +ATTRIBUTE Tmp-IP-Address-5 1825 ipaddr +ATTRIBUTE Tmp-IP-Address-6 1826 ipaddr +ATTRIBUTE Tmp-IP-Address-7 1827 ipaddr +ATTRIBUTE Tmp-IP-Address-8 1828 ipaddr +ATTRIBUTE Tmp-IP-Address-9 1829 ipaddr + +# +# Range: 1900-2999 +# Free +# +# Range: 3000-3999 +# Site-local attributes (see raddb/dictionary.in) +# Do NOT define attributes in this range! +# +# Range: 4000-65535 +# Unused +# +# Range: 65536- +# Invalid. Don't use. +# + +# +# Non-Protocol Integer Translations +# + +VALUE Auth-Type Local 0 +VALUE Auth-Type System 1 +VALUE Auth-Type SecurID 2 +VALUE Auth-Type Crypt-Local 3 +VALUE Auth-Type Reject 4 +VALUE Auth-Type ActivCard 5 +VALUE Auth-Type EAP 6 +VALUE Auth-Type ARAP 7 + +# +# FreeRADIUS extensions (most originally from Cistron) +# +VALUE Auth-Type Accept 254 + +VALUE Auth-Type PAP 1024 +VALUE Auth-Type CHAP 1025 +# 1026 was LDAP, but we deleted it. Adding it back will break the +# ldap module. +VALUE Auth-Type PAM 1027 +VALUE Auth-Type MS-CHAP 1028 +VALUE Auth-Type MSCHAP 1028 +VALUE Auth-Type Kerberos 1029 +VALUE Auth-Type CRAM 1030 +VALUE Auth-Type NS-MTA-MD5 1031 +# 1032 is unused (was a duplicate of CRAM) +VALUE Auth-Type SMB 1033 + +# +# Authorization type, too. +# +VALUE Autz-Type Local 0 + +# +# And accounting +# +VALUE Acct-Type Local 0 + +# +# And Session handling +# +VALUE Session-Type Local 0 + +# +# And Post-Auth +VALUE Post-Auth-Type Local 0 + +# +# Experimental Non-Protocol Integer Translations for FreeRADIUS +# +VALUE Fall-Through No 0 +VALUE Fall-Through Yes 1 + +VALUE Strip-User-Name No 0 +VALUE Strip-User-Name Yes 1 + +VALUE Packet-Type Access-Request 1 +VALUE Packet-Type Access-Accept 2 +VALUE Packet-Type Access-Reject 3 +VALUE Packet-Type Accounting-Request 4 +VALUE Packet-Type Accounting-Response 5 +VALUE Packet-Type Accounting-Status 6 +VALUE Packet-Type Password-Request 7 +VALUE Packet-Type Password-Accept 8 +VALUE Packet-Type Password-Reject 9 +VALUE Packet-Type Accounting-Message 10 +VALUE Packet-Type Access-Challenge 11 +VALUE Packet-Type Status-Server 12 +VALUE Packet-Type Status-Client 13 + +# +# The following packet types are described in RFC 2882, +# but they are NOT part of the RADIUS standard. Instead, +# they are informational about vendor-specific extensions +# to the RADIUS standard. +# +VALUE Packet-Type Resource-Free-Request 21 +VALUE Packet-Type Resource-Free-Response 22 +VALUE Packet-Type Resource-Query-Request 23 +VALUE Packet-Type Resource-Query-Response 24 +VALUE Packet-Type Alternate-Resource-Reclaim-Request 25 +VALUE Packet-Type NAS-Reboot-Request 26 +VALUE Packet-Type NAS-Reboot-Response 27 +VALUE Packet-Type Next-Passcode 29 +VALUE Packet-Type New-Pin 30 +VALUE Packet-Type Terminate-Session 31 +VALUE Packet-Type Password-Expired 32 +VALUE Packet-Type Event-Request 33 +VALUE Packet-Type Event-Response 34 + +# RFC 3576 allocates packet types 40-45 + +VALUE Packet-Type Disconnect-Request 40 +VALUE Packet-Type Disconnect-ACK 41 +VALUE Packet-Type Disconnect-NAK 42 +VALUE Packet-Type CoA-Request 43 +VALUE Packet-Type CoA-ACK 44 +VALUE Packet-Type CoA-NAK 45 + +VALUE Packet-Type IP-Address-Allocate 50 +VALUE Packet-Type IP-Address-Release 51 + +VALUE Response-Packet-Type Access-Request 1 +VALUE Response-Packet-Type Access-Accept 2 +VALUE Response-Packet-Type Access-Reject 3 +VALUE Response-Packet-Type Accounting-Request 4 +VALUE Response-Packet-Type Accounting-Response 5 +VALUE Response-Packet-Type Accounting-Status 6 +VALUE Response-Packet-Type Password-Request 7 +VALUE Response-Packet-Type Password-Accept 8 +VALUE Response-Packet-Type Password-Reject 9 +VALUE Response-Packet-Type Accounting-Message 10 +VALUE Response-Packet-Type Access-Challenge 11 +VALUE Response-Packet-Type Status-Server 12 +VALUE Response-Packet-Type Status-Client 13 + +# +# Special value +# +VALUE Response-Packet-Type Do-Not-Respond 256 + +# +# EAP Sub-types, inside of Request and Response packets +# +# http://www.iana.org/assignments/ppp-numbers +# "PPP EAP REQUEST/RESPONSE TYPES" +# +# +# See dictionary.microsoft, MS-Acct-EAP-Type for similar definitions +# +VALUE EAP-Type None 0 +VALUE EAP-Type Identity 1 +VALUE EAP-Type Notification 2 +VALUE EAP-Type NAK 3 +VALUE EAP-Type MD5-Challenge 4 +VALUE EAP-Type One-Time-Password 5 +VALUE EAP-Type Generic-Token-Card 6 +VALUE EAP-Type RSA-Public-Key 9 +VALUE EAP-Type DSS-Unilateral 10 +VALUE EAP-Type KEA 11 +VALUE EAP-Type KEA-Validate 12 +VALUE EAP-Type EAP-TLS 13 +VALUE EAP-Type Defender-Token 14 +VALUE EAP-Type RSA-SecurID-EAP 15 +VALUE EAP-Type Arcot-Systems-EAP 16 +VALUE EAP-Type Cisco-LEAP 17 +VALUE EAP-Type Nokia-IP-Smart-Card 18 +VALUE EAP-Type SIM 18 +VALUE EAP-Type SRP-SHA1-Part-1 19 +VALUE EAP-Type SRP-SHA1-Part-2 20 +VALUE EAP-Type AKA 23 +VALUE EAP-Type EAP-TTLS 21 +VALUE EAP-Type Remote-Access-Service 22 +VALUE EAP-Type UMTS 23 +VALUE EAP-Type EAP-3Com-Wireless 24 +VALUE EAP-Type PEAP 25 +VALUE EAP-Type MS-EAP-Authentication 26 +VALUE EAP-Type MAKE 27 +VALUE EAP-Type CRYPTOCard 28 +VALUE EAP-Type EAP-MSCHAP-V2 29 +VALUE EAP-Type DynamID 30 +VALUE EAP-Type Rob-EAP 31 +VALUE EAP-Type SecurID-EAP 32 +VALUE EAP-Type MS-Authentication-TLV 33 +VALUE EAP-Type SentriNET 34 +VALUE EAP-Type EAP-Actiontec-Wireless 35 +VALUE EAP-Type Cogent-Biomentric-EAP 36 +VALUE EAP-Type AirFortress-EAP 37 +VALUE EAP-Type EAP-HTTP-Digest 38 +VALUE EAP-Type SecuriSuite-EAP 39 +VALUE EAP-Type DeviceConnect-EAP 40 +VALUE EAP-Type EAP-SPEKE 41 +VALUE EAP-Type EAP-MOBAC 42 + +# +# These are duplicate values, to get around the problem of +# having two MS-CHAPv2 EAP types. +# +VALUE EAP-Type Microsoft-MS-CHAPv2 26 +VALUE EAP-Type Cisco-MS-CHAPv2 29 + +# +# And this is what most people mean by MS-CHAPv2 +# +VALUE EAP-Type MS-CHAP-V2 26 + +# +# This says TLS, but it's only valid for TTLS & PEAP. +# EAP-TLS *always* requires a client certificate. +# +VALUE EAP-TLS-Require-Client-Cert No 0 +VALUE EAP-TLS-Require-Client-Cert Yes 1 + +# +# These are the EAP-Code values. +# +VALUE EAP-Code Request 1 +VALUE EAP-Code Response 2 +VALUE EAP-Code Success 3 +VALUE EAP-Code Failure 4 + +# +# For MS-CHAP, do we run ntlm_auth, or not. +# +VALUE MS-CHAP-Use-NTLM-Auth No 0 +VALUE MS-CHAP-Use-NTLM-Auth Yes 1 diff --git a/freeradius/dict/dictionary.gandalf b/freeradius/dict/dictionary.gandalf new file mode 100644 index 0000000..86bf45d --- /dev/null +++ b/freeradius/dict/dictionary.gandalf @@ -0,0 +1,105 @@ +# -*- text -*- +# Gandalf dictionary +# +# Version: 1.00 24-July-2003 Blaise St-Laurent +# +# Notes: Dictionary was made specifically for the Gandalf XpressWay +# RLAN with Link Authentication through RADIUS +# +# $Id$ +# +VENDOR Gandalf 64 + +# +# Vendor-specific attributes +# +BEGIN-VENDOR Gandalf + +ATTRIBUTE Gandalf-Remote-LAN-Name 0 string +ATTRIBUTE Gandalf-Operational-Modes 1 integer +ATTRIBUTE Gandalf-Compression-Status 2 integer +ATTRIBUTE Gandalf-Min-Outgoing-Bearer 3 integer +ATTRIBUTE Gandalf-Authentication-String 5 string +ATTRIBUTE Gandalf-PPP-Authentication 6 integer +ATTRIBUTE Gandalf-PPP-NCP-Type 7 integer +ATTRIBUTE Gandalf-Fwd-Multicast-In 8 integer +ATTRIBUTE Gandalf-Fwd-Broadcast-In 9 integer +ATTRIBUTE Gandalf-Fwd-Unicast-In 10 integer +ATTRIBUTE Gandalf-Fwd-Multicast-Out 11 integer +ATTRIBUTE Gandalf-Fwd-Broadcast-Out 12 integer +ATTRIBUTE Gandalf-Fwd-Unicast-Out 13 integer +ATTRIBUTE Gandalf-Around-The-Corner 14 integer +ATTRIBUTE Gandalf-Channel-Group-Name-1 15 string +ATTRIBUTE Gandalf-Dial-Prefix-Name-1 16 string +ATTRIBUTE Gandalf-Phone-Number-1 17 string +ATTRIBUTE Gandalf-Calling-Line-ID-1 18 string +ATTRIBUTE Gandalf-Channel-Group-Name-2 19 string +ATTRIBUTE Gandalf-Dial-Prefix-Name-2 20 string +ATTRIBUTE Gandalf-Phone-Number-2 21 string +ATTRIBUTE Gandalf-Calling-Line-ID-2 22 string +ATTRIBUTE Gandalf-IPX-Spoofing-State 23 integer +ATTRIBUTE Gandalf-IPX-Watchdog-Spoof 24 integer +ATTRIBUTE Gandalf-SAP-Group-Name-1 25 string +ATTRIBUTE Gandalf-SAP-Group-Name-2 26 string +ATTRIBUTE Gandalf-SAP-Group-Name-3 27 string +ATTRIBUTE Gandalf-SAP-Group-Name-4 28 string +ATTRIBUTE Gandalf-SAP-Group-Name-5 29 string +ATTRIBUTE Gandalf-Hunt-Group 30 string +ATTRIBUTE Gandalf-Modem-Mode 31 integer +ATTRIBUTE Gandalf-Modem-Required-1 32 integer +ATTRIBUTE Gandalf-Modem-Required-2 33 integer + +VALUE Gandalf-Operational-Modes Disabled 1 +VALUE Gandalf-Operational-Modes Called-Only 2 +VALUE Gandalf-Operational-Modes Calling-Called 3 +VALUE Gandalf-Operational-Modes Calling-Only 4 + +VALUE Gandalf-Compression-Status Disabled 1 +VALUE Gandalf-Compression-Status Enabled 2 + +VALUE Gandalf-Min-Outgoing-Bearer Unrestricted-64K 1 +VALUE Gandalf-Min-Outgoing-Bearer Digital-56K 2 +VALUE Gandalf-Min-Outgoing-Bearer 3100Hz-Audio 3 + +VALUE Gandalf-PPP-Authentication CHAP 1 +VALUE Gandalf-PPP-Authentication PAP 2 +VALUE Gandalf-PPP-Authentication PAP-Sending-on-Incoming-Calls 3 + +VALUE Gandalf-PPP-NCP-Type BCP 2 +VALUE Gandalf-PPP-NCP-Type IPCP 3 + +VALUE Gandalf-Fwd-Multicast-In Disabled 1 +VALUE Gandalf-Fwd-Multicast-In Enabled 2 + +VALUE Gandalf-Fwd-Broadcast-In Disabled 1 +VALUE Gandalf-Fwd-Broadcast-In Enabled 2 + +VALUE Gandalf-Fwd-Unicast-In Disabled 1 +VALUE Gandalf-Fwd-Unicast-In Enabled 2 + +VALUE Gandalf-Fwd-Multicast-Out Disabled 1 +VALUE Gandalf-Fwd-Multicast-Out Enabled 2 + +VALUE Gandalf-Fwd-Broadcast-Out Disabled 1 +VALUE Gandalf-Fwd-Broadcast-Out Enabled 2 + +VALUE Gandalf-Fwd-Unicast-Out Disabled 1 +VALUE Gandalf-Fwd-Unicast-Out Enabled 2 + +VALUE Gandalf-IPX-Spoofing-State Forward 1 +VALUE Gandalf-IPX-Spoofing-State Spoof 2 +VALUE Gandalf-IPX-Spoofing-State Filter-all-outgoing-RIP-SAP 3 + +VALUE Gandalf-IPX-Watchdog-Spoof Disabled 1 +VALUE Gandalf-IPX-Watchdog-Spoof Enabled 2 + +VALUE Gandalf-Modem-Mode Disabled 1 +VALUE Gandalf-Modem-Mode Enabled 2 + +VALUE Gandalf-Modem-Required-1 Disabled 1 +VALUE Gandalf-Modem-Required-1 Enabled 2 + +VALUE Gandalf-Modem-Required-2 Disabled 1 +VALUE Gandalf-Modem-Required-2 Enabled 2 + +END-VENDOR Gandalf diff --git a/freeradius/dict/dictionary.garderos b/freeradius/dict/dictionary.garderos new file mode 100644 index 0000000..49b9acb --- /dev/null +++ b/freeradius/dict/dictionary.garderos @@ -0,0 +1,23 @@ +# -*- text -*- +# +# dictionary.garderos +# +# Version: $Id$ +# +# For documentation on Garderos attributes, see: +# +# http://www.garderos.com + +VENDOR Garderos 16108 + +# +# Standard attribute +# +BEGIN-VENDOR Garderos + +ATTRIBUTE Garderos-Location-Name 1 string +ATTRIBUTE Garderos-Service-Name 2 string +ATTRIBUTE Garderos-MSISDN 3 string +ATTRIBUTE Garderos-Proxy 4 string + +END-VENDOR Garderos diff --git a/freeradius/dict/dictionary.gemtek b/freeradius/dict/dictionary.gemtek new file mode 100644 index 0000000..7659a85 --- /dev/null +++ b/freeradius/dict/dictionary.gemtek @@ -0,0 +1,19 @@ +# -*- text -*- +# +# Gemtek Systems VSA's +# Version: dictionary.gemtek, v1.2 2004/07/13 + +VENDOR Gemtek 10529 + +BEGIN-VENDOR Gemtek + +# Attributes for volume accounting limit. + +ATTRIBUTE Acct-Session-Input-Octets 21 integer +ATTRIBUTE Acct-Session-Input-Gigawords 22 integer +ATTRIBUTE Acct-Session-Output-Octets 23 integer +ATTRIBUTE Acct-Session-Output-Gigawords 24 integer +ATTRIBUTE Acct-Session-Octets 25 integer +ATTRIBUTE Acct-Session-Gigawords 26 integer + +END-VENDOR Gemtek diff --git a/freeradius/dict/dictionary.h3c b/freeradius/dict/dictionary.h3c new file mode 100644 index 0000000..579e5a7 --- /dev/null +++ b/freeradius/dict/dictionary.h3c @@ -0,0 +1,21 @@ +# -*- text -*- +############################################################################## +# +# Dictionary for Huawei-3Com. See also dictionary.huawei +# +# http://www.h3c.com +# +# $Id$ +# +############################################################################## + +VENDOR H3C 25506 + +BEGIN-VENDOR H3C + +ATTRIBUTE H3C-Connect_Id 26 integer +ATTRIBUTE H3C-NAS-Startup-Timestamp 59 integer +ATTRIBUTE H3C-Ip-Host-Addr 60 string +ATTRIBUTE H3C-Product-ID 255 string + +END-VENDOR H3C \ No newline at end of file diff --git a/freeradius/dict/dictionary.hp b/freeradius/dict/dictionary.hp new file mode 100644 index 0000000..c8b178a --- /dev/null +++ b/freeradius/dict/dictionary.hp @@ -0,0 +1,54 @@ +# -*- text -*- +############################################################################## +# +# HP ProCurve VSA's +# +# $Id$ +# +############################################################################## + +VENDOR HP 11 + +# Management authorization +BEGIN-VENDOR HP + +ATTRIBUTE HP-Privilege-Level 1 integer +ATTRIBUTE HP-Command-String 2 string +ATTRIBUTE HP-Command-Exception-Flag 3 integer +ATTRIBUTE HP-Management-Protocol 26 integer + + +# +# HP's names for some attributes +# +ATTRIBUTE HP-port-priority-regeneration-table 40 string +ATTRIBUTE HP-EI-Status 47 string +ATTRIBUTE HP-nas-filter-rule 61 string + +# Access control +ATTRIBUTE HP-Cos 40 string +#ATTRIBUTE HP-Rate-Limit 46 integer + +ATTRIBUTE HP-Bandwidth-Max-Ingress 46 integer +ATTRIBUTE HP-Bandwidth-Max-Egress 48 integer + +ATTRIBUTE HP-Ip-Filter-Raw 61 string + +# HP-Management-Protocol +VALUE HP-Management-Protocol HTTP 5 +VALUE HP-Management-Protocol HTTPS 6 + +# +# Conflicting attributes are commented out. +# +#ATTRIBUTE HP-Management-Role 26 integer + +# HP-Management-Role +#VALUE HP-Management-Role SuperUser 1 +#VALUE HP-Management-Role Monitor 2 +#VALUE HP-Management-Role HelpDeskManager 16 +#VALUE HP-Management-Role NetworkAdministrator 17 +#VALUE HP-Management-Role SystemAdministrator 18 +#VALUE HP-Management-Role WebUserAdminstrator 19 + +END-VENDOR HP diff --git a/freeradius/dict/dictionary.huawei b/freeradius/dict/dictionary.huawei new file mode 100644 index 0000000..40c0fa6 --- /dev/null +++ b/freeradius/dict/dictionary.huawei @@ -0,0 +1,78 @@ +# -*- text -*- +############################################################################## +# +# Dictionary for Huawei. See also dictionary.h3c +# +# $Id$ +# +############################################################################## + +VENDOR Huawei 2011 + +BEGIN-VENDOR Huawei + +# 1 - Unused +ATTRIBUTE Huawei-Input-Average-Rate 2 integer +ATTRIBUTE Huawei-Input-Peak-Rate 3 integer +# 4 - Unused +ATTRIBUTE Huawei-Output-Average-Rate 5 integer +ATTRIBUTE Huawei-Output-Peak-Rate 6 integer +ATTRIBUTE Huawei-In-Kb-Before-T-Switch 7 integer +ATTRIBUTE Huawei-Out-Kb-Before-T-Switch 8 integer +ATTRIBUTE Huawei-In-Pkt-Before-T-Switch 9 integer +ATTRIBUTE Huawei-Out-Pkt-Before-T-Switch 10 integer +ATTRIBUTE Huawei-In-Kb-After-T-Switch 11 integer +ATTRIBUTE Huawei-Out-Kb-After-T-Switch 12 integer +ATTRIBUTE Huawei-In-Pkt-After-T-Switch 13 integer +ATTRIBUTE Huawei-Out-Pkt-After-T-Switch 14 integer +ATTRIBUTE Huawei-Remanent-Volume 15 integer +ATTRIBUTE Huawei-Tariff-Switch-Interval 16 integer +ATTRIBUTE Huawei-ISP-ID 17 string +ATTRIBUTE Huawei-Max-Users-Per-Logic-Port 18 integer +ATTRIBUTE Huawei-Command 20 integer +ATTRIBUTE Huawei-Priority 22 integer +ATTRIBUTE Huawei-Control-Identifier 24 integer +ATTRIBUTE Huawei-Result-Code 25 integer +ATTRIBUTE Huawei-Connect-ID 26 integer +ATTRIBUTE Huawei-PortalURL 27 string +ATTRIBUTE Huawei-FTP-Directory 28 string +ATTRIBUTE Huawei-Exec-Privilege 29 integer +ATTRIBUTE Huawei-IP-Address 30 integer +ATTRIBUTE Huawei-Qos-Profile-Name 31 string +ATTRIBUTE Huawei-Destnation-IP-Addr 39 string +ATTRIBUTE Huawei-Destnation-Volume 40 string +ATTRIBUTE Huawei-Startup-Stamp 59 integer +ATTRIBUTE Huawei-IPHost-Addr 60 string +ATTRIBUTE Huawei-HW-Portal-Mode 85 integer +ATTRIBUTE Huawei-VPN-Instance 94 string +ATTRIBUTE Huawei-Policy-Name 95 string +ATTRIBUTE Huawei-Tunnel-Group-Name 96 string +ATTRIBUTE Huawei-Multicast-Source-Group 97 string +ATTRIBUTE Huawei-Multicast-Receive-Group 98 ipaddr +ATTRIBUTE Huawei-User-Multicast-Type 99 integer +ATTRIBUTE Huawei-Service-Chg-Cmd 105 integer +ATTRIBUTE Huawei-Acct-Packet-Type 106 integer +ATTRIBUTE Huawei-Call-Reference 107 integer +ATTRIBUTE Huawei-PSTN-Port 108 integer +ATTRIBUTE Huawei-Voip-Service-Type 109 integer +ATTRIBUTE Huawei-Acct-Connection-Time 110 integer +ATTRIBUTE Huawei-Error-Reason 112 integer +ATTRIBUTE Huawei-Remain-Monney 113 integer +ATTRIBUTE Huawei-Org-GK-ipaddr 123 ipaddr +ATTRIBUTE Huawei-Org-GW-ipaddr 124 ipaddr +ATTRIBUTE Huawei-Dst-GK-ipaddr 125 ipaddr +ATTRIBUTE Huawei-Dst-GW-ipaddr 126 ipaddr +ATTRIBUTE Huawei-Access-Num 127 string +ATTRIBUTE Huawei-Remain-Time 128 integer +ATTRIBUTE Huawei-Codec-Type 131 integer +ATTRIBUTE Huawei-Transfer-Num 132 string +ATTRIBUTE Huawei-New-User-Name 133 string +ATTRIBUTE Huawei-Transfer-Station-Id 134 string +ATTRIBUTE Huawei-Primary-DNS 135 ipaddr +ATTRIBUTE Huawei-Secondary-DNS 136 ipaddr +ATTRIBUTE Huawei-ONLY-Account-Type 137 integer +ATTRIBUTE Huawei-Domain-Name 138 string +ATTRIBUTE Huawei-Version 254 string +ATTRIBUTE Huawei-Product-ID 255 string + +END-VENDOR Huawei diff --git a/freeradius/dict/dictionary.ipunplugged b/freeradius/dict/dictionary.ipunplugged new file mode 100644 index 0000000..28d24e3 --- /dev/null +++ b/freeradius/dict/dictionary.ipunplugged @@ -0,0 +1,26 @@ +# -*- text -*- +############################################################################## +# +# ipUnplugged +# http://www.ipunplugged.com/ +# +# $Id$ +# +############################################################################## + +VENDOR ipUnplugged 5925 + +BEGIN-VENDOR ipUnplugged + +ATTRIBUTE IPU-MIP-Spi 51 integer +ATTRIBUTE IPU-MIP-Key 52 string +ATTRIBUTE IPU-MIP-Alg-Type 53 integer +ATTRIBUTE IPU-MIP-Alg-Mode 54 integer +ATTRIBUTE IPU-MIP-Replay-Prot 55 integer +ATTRIBUTE IPU-IKE-Remote-Addr 61 ipaddr +ATTRIBUTE IPU-IKE-Local-Addr 62 ipaddr +ATTRIBUTE IPU-IKE-Auth 63 string +ATTRIBUTE IPU-IKE-Conf-Name 64 string +ATTRIBUTE IPU-IKE-Cmd 65 string + +END-VENDOR ipUnplugged diff --git a/freeradius/dict/dictionary.issanni b/freeradius/dict/dictionary.issanni new file mode 100644 index 0000000..2a7b9f1 --- /dev/null +++ b/freeradius/dict/dictionary.issanni @@ -0,0 +1,41 @@ +# -*- text -*- +############################################################################## +# +# UTStarcom Issanni DSL router. +# +# $Id$ +# +############################################################################## + +VENDOR Issanni 5948 + +BEGIN-VENDOR Issanni +# +# UTStarcom Issanni DSL router. +# +ATTRIBUTE Issanni-SoftFlow-Template 1 string +ATTRIBUTE Issanni-NAT-Support 2 string +ATTRIBUTE Issanni-Routing-Context 3 string +ATTRIBUTE Issanni-Tunnel-Name 4 string +ATTRIBUTE Issanni-IP-Pool-Name 5 string +ATTRIBUTE Issanni-PPPoE-URL 6 string +ATTRIBUTE Issanni-PPPoE-MOTM 7 string +ATTRIBUTE Issanni-Service 8 string +ATTRIBUTE Issanni-Pri-DNS 9 ipaddr +ATTRIBUTE Issanni-Sec-DNS 10 ipaddr +ATTRIBUTE Issanni-Pri-NBNS 11 ipaddr +ATTRIBUTE Issanni-Sec-NBNS 12 ipaddr +ATTRIBUTE Issanni-Traffic-Class 13 string +ATTRIBUTE Issanni-Tunnel-Type 14 integer +ATTRIBUTE Issanni-NAT-Type 15 integer +ATTRIBUTE Issanni-QOS-Class 16 string +ATTRIBUTE Issanni-Interface-Name 17 string + +VALUE Issanni-Tunnel-Type IP-IP 1 +VALUE Issanni-Tunnel-Type ESP 2 +VALUE Issanni-Tunnel-Type L2TP 3 + +VALUE Issanni-NAT-Type NAT 1 +VALUE Issanni-NAT-Type NAPT 2 + +END-VENDOR Issanni diff --git a/freeradius/dict/dictionary.itk b/freeradius/dict/dictionary.itk new file mode 100644 index 0000000..2b7fbdd --- /dev/null +++ b/freeradius/dict/dictionary.itk @@ -0,0 +1,43 @@ +# -*- text -*- +# +# http://www.digieurope.com/ +# $Id$ +# +VENDOR ITK 1195 + +BEGIN-VENDOR ITK + +ATTRIBUTE ITK-Auth-Serv-IP 100 ipaddr +ATTRIBUTE ITK-Auth-Serv-Prot 101 integer +ATTRIBUTE ITK-Provider-Id 102 integer +ATTRIBUTE ITK-Usergroup 103 integer +ATTRIBUTE ITK-Banner 104 string +ATTRIBUTE ITK-Username-Prompt 105 string +ATTRIBUTE ITK-Password-Prompt 106 string +ATTRIBUTE ITK-Welcome-Message 107 string +ATTRIBUTE ITK-Prompt 108 string +ATTRIBUTE ITK-IP-Pool 109 integer +ATTRIBUTE ITK-Tunnel-IP 110 ipaddr +ATTRIBUTE ITK-Tunnel-Prot 111 integer +ATTRIBUTE ITK-Acct-Serv-IP 112 ipaddr +ATTRIBUTE ITK-Acct-Serv-Prot 113 integer +ATTRIBUTE ITK-Filter-Rule 114 string +ATTRIBUTE ITK-Channel-Binding 115 integer +ATTRIBUTE ITK-Start-Delay 116 integer +ATTRIBUTE ITK-NAS-Name 117 string +ATTRIBUTE ITK-ISDN-Prot 118 integer +ATTRIBUTE ITK-PPP-Auth-Type 119 integer +ATTRIBUTE ITK-Dialout-Type 120 integer +ATTRIBUTE ITK-Ftp-Auth-IP 121 ipaddr +ATTRIBUTE ITK-Users-Default-Entry 122 string +ATTRIBUTE ITK-Users-Default-Pw 123 string +ATTRIBUTE ITK-Auth-Req-Type 124 string +ATTRIBUTE ITK-Modem-Pool-Id 125 integer +ATTRIBUTE ITK-Modem-Init-String 126 string +ATTRIBUTE ITK-PPP-Client-Server-Mode 127 integer +ATTRIBUTE ITK-PPP-Compression-Prot 128 string +ATTRIBUTE ITK-Username 129 string +ATTRIBUTE ITK-Dest-No 130 string +ATTRIBUTE ITK-DDI 131 string + +END-VENDOR ITK diff --git a/freeradius/dict/dictionary.jradius b/freeradius/dict/dictionary.jradius new file mode 100644 index 0000000..aa5ae7a --- /dev/null +++ b/freeradius/dict/dictionary.jradius @@ -0,0 +1,18 @@ +# -*- text -*- +############################################################################## +# +# jradius VSAs. See http://jradius.org +# +# $Id$ +# +############################################################################## + +VENDOR JRadius 19211 + +BEGIN-VENDOR JRadius + +ATTRIBUTE JRadius-Request-Id 1 string +ATTRIBUTE JRadius-Session-Id 2 string +ATTRIBUTE JRadius-Proxy-Client 3 octets + +END-VENDOR JRadius diff --git a/freeradius/dict/dictionary.juniper b/freeradius/dict/dictionary.juniper new file mode 100644 index 0000000..20ec2b3 --- /dev/null +++ b/freeradius/dict/dictionary.juniper @@ -0,0 +1,20 @@ +# -*- text -*- +# +# dictionary.juniper +# +# As posted to the list by Eric Kilfoil +# +# Version: $Id$ +# + +VENDOR Juniper 2636 + +BEGIN-VENDOR Juniper + +ATTRIBUTE Juniper-Local-User-Name 1 string +ATTRIBUTE Juniper-Allow-Commands 2 string +ATTRIBUTE Juniper-Deny-Commands 3 string +ATTRIBUTE Juniper-Allow-Configuration 4 string +ATTRIBUTE Juniper-Deny-Configuration 5 string + +END-VENDOR Juniper diff --git a/freeradius/dict/dictionary.karlnet b/freeradius/dict/dictionary.karlnet new file mode 100644 index 0000000..a475709 --- /dev/null +++ b/freeradius/dict/dictionary.karlnet @@ -0,0 +1,2084 @@ +# -*- text -*- +# -------------------------------------- +# KarlNet Vendor-specific information +# -------------------------------------- + +#--------------------------------------------------------------------------- +# "VENDOR" VENDOR-NAME VENDOR-ID +#--------------------------------------------------------------------------- +VENDOR KarlNet 762 + +#--------------------------------------------------------------------------- +# "ATTRIBUTE" ATTRIBUTE-NAME ATTR-NUMBER ATTRTYPE VENDOR-NAME +#--------------------------------------------------------------------------- +# Sets the remote client's Station Name +BEGIN-VENDOR KarlNet + +ATTRIBUTE KarlNet-TurboCell-Name 151 string + +# Sets the remote client's Data Transmit Rate +ATTRIBUTE KarlNet-TurboCell-TxRate 152 integer + +#--------------------------------------------------------------------------- +# "VALUE" ATTRIBUTE-NAME SETTING-NAME SETTING-VALUE +#--------------------------------------------------------------------------- +# 0x00 // Use the locally defined Data Rate +VALUE KarlNet-TurboCell-TxRate TxRate-Local 0 +# 0x08 // Use the maximum data rate possible +VALUE KarlNet-TurboCell-TxRate TxRate-MaxSpeed 8 + +VALUE KarlNet-TurboCell-TxRate TxRate-11k 11 +VALUE KarlNet-TurboCell-TxRate TxRate-12k 12 +VALUE KarlNet-TurboCell-TxRate TxRate-13k 13 +VALUE KarlNet-TurboCell-TxRate TxRate-14k 14 +VALUE KarlNet-TurboCell-TxRate TxRate-15k 15 +VALUE KarlNet-TurboCell-TxRate TxRate-16k 16 +VALUE KarlNet-TurboCell-TxRate TxRate-17k 17 +VALUE KarlNet-TurboCell-TxRate TxRate-18k 18 +VALUE KarlNet-TurboCell-TxRate TxRate-19k 19 +VALUE KarlNet-TurboCell-TxRate TxRate-20k 20 +VALUE KarlNet-TurboCell-TxRate TxRate-21k 21 +VALUE KarlNet-TurboCell-TxRate TxRate-22k 22 +VALUE KarlNet-TurboCell-TxRate TxRate-23k 23 +VALUE KarlNet-TurboCell-TxRate TxRate-24k 24 +VALUE KarlNet-TurboCell-TxRate TxRate-25k 25 +VALUE KarlNet-TurboCell-TxRate TxRate-26k 26 +VALUE KarlNet-TurboCell-TxRate TxRate-27k 27 +VALUE KarlNet-TurboCell-TxRate TxRate-28k 28 +VALUE KarlNet-TurboCell-TxRate TxRate-29k 29 +VALUE KarlNet-TurboCell-TxRate TxRate-30k 30 +VALUE KarlNet-TurboCell-TxRate TxRate-31k 31 +VALUE KarlNet-TurboCell-TxRate TxRate-32k 32 +VALUE KarlNet-TurboCell-TxRate TxRate-33k 33 +VALUE KarlNet-TurboCell-TxRate TxRate-34k 34 +VALUE KarlNet-TurboCell-TxRate TxRate-35k 35 +VALUE KarlNet-TurboCell-TxRate TxRate-36k 36 +VALUE KarlNet-TurboCell-TxRate TxRate-37k 37 +VALUE KarlNet-TurboCell-TxRate TxRate-38k 38 +VALUE KarlNet-TurboCell-TxRate TxRate-39k 39 +VALUE KarlNet-TurboCell-TxRate TxRate-40k 40 +VALUE KarlNet-TurboCell-TxRate TxRate-41k 41 +VALUE KarlNet-TurboCell-TxRate TxRate-42k 42 +VALUE KarlNet-TurboCell-TxRate TxRate-43k 43 +VALUE KarlNet-TurboCell-TxRate TxRate-44k 44 +VALUE KarlNet-TurboCell-TxRate TxRate-45k 45 +VALUE KarlNet-TurboCell-TxRate TxRate-46k 46 +VALUE KarlNet-TurboCell-TxRate TxRate-47k 47 +VALUE KarlNet-TurboCell-TxRate TxRate-48k 48 +VALUE KarlNet-TurboCell-TxRate TxRate-49k 49 +VALUE KarlNet-TurboCell-TxRate TxRate-50k 50 +VALUE KarlNet-TurboCell-TxRate TxRate-51k 51 +VALUE KarlNet-TurboCell-TxRate TxRate-52k 52 +VALUE KarlNet-TurboCell-TxRate TxRate-53k 53 +VALUE KarlNet-TurboCell-TxRate TxRate-54k 54 +VALUE KarlNet-TurboCell-TxRate TxRate-55k 55 +VALUE KarlNet-TurboCell-TxRate TxRate-56k 56 +VALUE KarlNet-TurboCell-TxRate TxRate-57k 57 +VALUE KarlNet-TurboCell-TxRate TxRate-58k 58 +VALUE KarlNet-TurboCell-TxRate TxRate-59k 59 +VALUE KarlNet-TurboCell-TxRate TxRate-60k 60 +VALUE KarlNet-TurboCell-TxRate TxRate-61k 61 +VALUE KarlNet-TurboCell-TxRate TxRate-62k 62 +VALUE KarlNet-TurboCell-TxRate TxRate-63k 63 +VALUE KarlNet-TurboCell-TxRate TxRate-64k 64 +VALUE KarlNet-TurboCell-TxRate TxRate-65k 65 +VALUE KarlNet-TurboCell-TxRate TxRate-66k 66 +VALUE KarlNet-TurboCell-TxRate TxRate-67k 67 +VALUE KarlNet-TurboCell-TxRate TxRate-68k 68 +VALUE KarlNet-TurboCell-TxRate TxRate-69k 69 +VALUE KarlNet-TurboCell-TxRate TxRate-70k 70 +VALUE KarlNet-TurboCell-TxRate TxRate-71k 71 +VALUE KarlNet-TurboCell-TxRate TxRate-72k 72 +VALUE KarlNet-TurboCell-TxRate TxRate-73k 73 +VALUE KarlNet-TurboCell-TxRate TxRate-74k 74 +VALUE KarlNet-TurboCell-TxRate TxRate-75k 75 +VALUE KarlNet-TurboCell-TxRate TxRate-76k 76 +VALUE KarlNet-TurboCell-TxRate TxRate-77k 77 +VALUE KarlNet-TurboCell-TxRate TxRate-78k 78 +VALUE KarlNet-TurboCell-TxRate TxRate-79k 79 +VALUE KarlNet-TurboCell-TxRate TxRate-80k 80 +VALUE KarlNet-TurboCell-TxRate TxRate-81k 81 +VALUE KarlNet-TurboCell-TxRate TxRate-82k 82 +VALUE KarlNet-TurboCell-TxRate TxRate-83k 83 +VALUE KarlNet-TurboCell-TxRate TxRate-84k 84 +VALUE KarlNet-TurboCell-TxRate TxRate-85k 85 +VALUE KarlNet-TurboCell-TxRate TxRate-86k 86 +VALUE KarlNet-TurboCell-TxRate TxRate-87k 87 +VALUE KarlNet-TurboCell-TxRate TxRate-88k 88 +VALUE KarlNet-TurboCell-TxRate TxRate-89k 89 +VALUE KarlNet-TurboCell-TxRate TxRate-90k 90 +VALUE KarlNet-TurboCell-TxRate TxRate-91k 91 +VALUE KarlNet-TurboCell-TxRate TxRate-92k 92 +VALUE KarlNet-TurboCell-TxRate TxRate-93k 93 +VALUE KarlNet-TurboCell-TxRate TxRate-94k 94 +VALUE KarlNet-TurboCell-TxRate TxRate-95k 95 +VALUE KarlNet-TurboCell-TxRate TxRate-96k 96 +VALUE KarlNet-TurboCell-TxRate TxRate-97k 97 +VALUE KarlNet-TurboCell-TxRate TxRate-98k 98 +VALUE KarlNet-TurboCell-TxRate TxRate-99k 99 +VALUE KarlNet-TurboCell-TxRate TxRate-100k 100 +VALUE KarlNet-TurboCell-TxRate TxRate-101k 101 +VALUE KarlNet-TurboCell-TxRate TxRate-102k 102 +VALUE KarlNet-TurboCell-TxRate TxRate-103k 103 +VALUE KarlNet-TurboCell-TxRate TxRate-104k 104 +VALUE KarlNet-TurboCell-TxRate TxRate-105k 105 +VALUE KarlNet-TurboCell-TxRate TxRate-106k 106 +VALUE KarlNet-TurboCell-TxRate TxRate-107k 107 +VALUE KarlNet-TurboCell-TxRate TxRate-108k 108 +VALUE KarlNet-TurboCell-TxRate TxRate-109k 109 +VALUE KarlNet-TurboCell-TxRate TxRate-110k 110 +VALUE KarlNet-TurboCell-TxRate TxRate-111k 111 +VALUE KarlNet-TurboCell-TxRate TxRate-112k 112 +VALUE KarlNet-TurboCell-TxRate TxRate-113k 113 +VALUE KarlNet-TurboCell-TxRate TxRate-114k 114 +VALUE KarlNet-TurboCell-TxRate TxRate-115k 115 +VALUE KarlNet-TurboCell-TxRate TxRate-116k 116 +VALUE KarlNet-TurboCell-TxRate TxRate-117k 117 +VALUE KarlNet-TurboCell-TxRate TxRate-118k 118 +VALUE KarlNet-TurboCell-TxRate TxRate-119k 119 +VALUE KarlNet-TurboCell-TxRate TxRate-120k 120 +VALUE KarlNet-TurboCell-TxRate TxRate-121k 121 +VALUE KarlNet-TurboCell-TxRate TxRate-122k 122 +VALUE KarlNet-TurboCell-TxRate TxRate-123k 123 +VALUE KarlNet-TurboCell-TxRate TxRate-124k 124 +VALUE KarlNet-TurboCell-TxRate TxRate-125k 125 +VALUE KarlNet-TurboCell-TxRate TxRate-126k 126 +VALUE KarlNet-TurboCell-TxRate TxRate-127k 127 +VALUE KarlNet-TurboCell-TxRate TxRate-128k 128 +VALUE KarlNet-TurboCell-TxRate TxRate-129k 129 +VALUE KarlNet-TurboCell-TxRate TxRate-130k 130 +VALUE KarlNet-TurboCell-TxRate TxRate-131k 131 +VALUE KarlNet-TurboCell-TxRate TxRate-132k 132 +VALUE KarlNet-TurboCell-TxRate TxRate-133k 133 +VALUE KarlNet-TurboCell-TxRate TxRate-134k 134 +VALUE KarlNet-TurboCell-TxRate TxRate-135k 135 +VALUE KarlNet-TurboCell-TxRate TxRate-136k 136 +VALUE KarlNet-TurboCell-TxRate TxRate-137k 137 +VALUE KarlNet-TurboCell-TxRate TxRate-138k 138 +VALUE KarlNet-TurboCell-TxRate TxRate-139k 139 +VALUE KarlNet-TurboCell-TxRate TxRate-140k 140 +VALUE KarlNet-TurboCell-TxRate TxRate-141k 141 +VALUE KarlNet-TurboCell-TxRate TxRate-142k 142 +VALUE KarlNet-TurboCell-TxRate TxRate-143k 143 +VALUE KarlNet-TurboCell-TxRate TxRate-144k 144 +VALUE KarlNet-TurboCell-TxRate TxRate-145k 145 +VALUE KarlNet-TurboCell-TxRate TxRate-146k 146 +VALUE KarlNet-TurboCell-TxRate TxRate-147k 147 +VALUE KarlNet-TurboCell-TxRate TxRate-148k 148 +VALUE KarlNet-TurboCell-TxRate TxRate-149k 149 +VALUE KarlNet-TurboCell-TxRate TxRate-150k 150 +VALUE KarlNet-TurboCell-TxRate TxRate-151k 151 +VALUE KarlNet-TurboCell-TxRate TxRate-152k 152 +VALUE KarlNet-TurboCell-TxRate TxRate-153k 153 +VALUE KarlNet-TurboCell-TxRate TxRate-154k 154 +VALUE KarlNet-TurboCell-TxRate TxRate-155k 155 +VALUE KarlNet-TurboCell-TxRate TxRate-156k 156 +VALUE KarlNet-TurboCell-TxRate TxRate-157k 157 +VALUE KarlNet-TurboCell-TxRate TxRate-158k 158 +VALUE KarlNet-TurboCell-TxRate TxRate-159k 159 +VALUE KarlNet-TurboCell-TxRate TxRate-160k 160 +VALUE KarlNet-TurboCell-TxRate TxRate-161k 161 +VALUE KarlNet-TurboCell-TxRate TxRate-162k 162 +VALUE KarlNet-TurboCell-TxRate TxRate-163k 163 +VALUE KarlNet-TurboCell-TxRate TxRate-164k 164 +VALUE KarlNet-TurboCell-TxRate TxRate-165k 165 +VALUE KarlNet-TurboCell-TxRate TxRate-166k 166 +VALUE KarlNet-TurboCell-TxRate TxRate-167k 167 +VALUE KarlNet-TurboCell-TxRate TxRate-168k 168 +VALUE KarlNet-TurboCell-TxRate TxRate-169k 169 +VALUE KarlNet-TurboCell-TxRate TxRate-170k 170 +VALUE KarlNet-TurboCell-TxRate TxRate-171k 171 +VALUE KarlNet-TurboCell-TxRate TxRate-172k 172 +VALUE KarlNet-TurboCell-TxRate TxRate-173k 173 +VALUE KarlNet-TurboCell-TxRate TxRate-174k 174 +VALUE KarlNet-TurboCell-TxRate TxRate-175k 175 +VALUE KarlNet-TurboCell-TxRate TxRate-176k 176 +VALUE KarlNet-TurboCell-TxRate TxRate-177k 177 +VALUE KarlNet-TurboCell-TxRate TxRate-178k 178 +VALUE KarlNet-TurboCell-TxRate TxRate-179k 179 +VALUE KarlNet-TurboCell-TxRate TxRate-180k 180 +VALUE KarlNet-TurboCell-TxRate TxRate-181k 181 +VALUE KarlNet-TurboCell-TxRate TxRate-182k 182 +VALUE KarlNet-TurboCell-TxRate TxRate-183k 183 +VALUE KarlNet-TurboCell-TxRate TxRate-184k 184 +VALUE KarlNet-TurboCell-TxRate TxRate-185k 185 +VALUE KarlNet-TurboCell-TxRate TxRate-186k 186 +VALUE KarlNet-TurboCell-TxRate TxRate-187k 187 +VALUE KarlNet-TurboCell-TxRate TxRate-188k 188 +VALUE KarlNet-TurboCell-TxRate TxRate-189k 189 +VALUE KarlNet-TurboCell-TxRate TxRate-190k 190 +VALUE KarlNet-TurboCell-TxRate TxRate-191k 191 +VALUE KarlNet-TurboCell-TxRate TxRate-192k 192 +VALUE KarlNet-TurboCell-TxRate TxRate-193k 193 +VALUE KarlNet-TurboCell-TxRate TxRate-194k 194 +VALUE KarlNet-TurboCell-TxRate TxRate-195k 195 +VALUE KarlNet-TurboCell-TxRate TxRate-196k 196 +VALUE KarlNet-TurboCell-TxRate TxRate-197k 197 +VALUE KarlNet-TurboCell-TxRate TxRate-198k 198 +VALUE KarlNet-TurboCell-TxRate TxRate-199k 199 +VALUE KarlNet-TurboCell-TxRate TxRate-200k 200 +VALUE KarlNet-TurboCell-TxRate TxRate-201k 201 +VALUE KarlNet-TurboCell-TxRate TxRate-202k 202 +VALUE KarlNet-TurboCell-TxRate TxRate-203k 203 +VALUE KarlNet-TurboCell-TxRate TxRate-204k 204 +VALUE KarlNet-TurboCell-TxRate TxRate-205k 205 +VALUE KarlNet-TurboCell-TxRate TxRate-206k 206 +VALUE KarlNet-TurboCell-TxRate TxRate-207k 207 +VALUE KarlNet-TurboCell-TxRate TxRate-208k 208 +VALUE KarlNet-TurboCell-TxRate TxRate-209k 209 +VALUE KarlNet-TurboCell-TxRate TxRate-210k 210 +VALUE KarlNet-TurboCell-TxRate TxRate-211k 211 +VALUE KarlNet-TurboCell-TxRate TxRate-212k 212 +VALUE KarlNet-TurboCell-TxRate TxRate-213k 213 +VALUE KarlNet-TurboCell-TxRate TxRate-214k 214 +VALUE KarlNet-TurboCell-TxRate TxRate-215k 215 +VALUE KarlNet-TurboCell-TxRate TxRate-216k 216 +VALUE KarlNet-TurboCell-TxRate TxRate-217k 217 +VALUE KarlNet-TurboCell-TxRate TxRate-218k 218 +VALUE KarlNet-TurboCell-TxRate TxRate-219k 219 +VALUE KarlNet-TurboCell-TxRate TxRate-220k 220 +VALUE KarlNet-TurboCell-TxRate TxRate-221k 221 +VALUE KarlNet-TurboCell-TxRate TxRate-222k 222 +VALUE KarlNet-TurboCell-TxRate TxRate-223k 223 +VALUE KarlNet-TurboCell-TxRate TxRate-224k 224 +VALUE KarlNet-TurboCell-TxRate TxRate-225k 225 +VALUE KarlNet-TurboCell-TxRate TxRate-226k 226 +VALUE KarlNet-TurboCell-TxRate TxRate-227k 227 +VALUE KarlNet-TurboCell-TxRate TxRate-228k 228 +VALUE KarlNet-TurboCell-TxRate TxRate-229k 229 +VALUE KarlNet-TurboCell-TxRate TxRate-230k 230 +VALUE KarlNet-TurboCell-TxRate TxRate-231k 231 +VALUE KarlNet-TurboCell-TxRate TxRate-232k 232 +VALUE KarlNet-TurboCell-TxRate TxRate-233k 233 +VALUE KarlNet-TurboCell-TxRate TxRate-234k 234 +VALUE KarlNet-TurboCell-TxRate TxRate-235k 235 +VALUE KarlNet-TurboCell-TxRate TxRate-236k 236 +VALUE KarlNet-TurboCell-TxRate TxRate-237k 237 +VALUE KarlNet-TurboCell-TxRate TxRate-238k 238 +VALUE KarlNet-TurboCell-TxRate TxRate-239k 239 +VALUE KarlNet-TurboCell-TxRate TxRate-240k 240 +VALUE KarlNet-TurboCell-TxRate TxRate-241k 241 +VALUE KarlNet-TurboCell-TxRate TxRate-242k 242 +VALUE KarlNet-TurboCell-TxRate TxRate-243k 243 +VALUE KarlNet-TurboCell-TxRate TxRate-244k 244 +VALUE KarlNet-TurboCell-TxRate TxRate-245k 245 +VALUE KarlNet-TurboCell-TxRate TxRate-246k 246 +VALUE KarlNet-TurboCell-TxRate TxRate-247k 247 +VALUE KarlNet-TurboCell-TxRate TxRate-248k 248 +VALUE KarlNet-TurboCell-TxRate TxRate-249k 249 +VALUE KarlNet-TurboCell-TxRate TxRate-250k 250 +VALUE KarlNet-TurboCell-TxRate TxRate-251k 251 +VALUE KarlNet-TurboCell-TxRate TxRate-252k 252 +VALUE KarlNet-TurboCell-TxRate TxRate-253k 253 +VALUE KarlNet-TurboCell-TxRate TxRate-254k 254 +VALUE KarlNet-TurboCell-TxRate TxRate-255k 255 +VALUE KarlNet-TurboCell-TxRate TxRate-256k 256 +VALUE KarlNet-TurboCell-TxRate TxRate-257k 257 +VALUE KarlNet-TurboCell-TxRate TxRate-258k 258 +VALUE KarlNet-TurboCell-TxRate TxRate-259k 259 +VALUE KarlNet-TurboCell-TxRate TxRate-260k 260 +VALUE KarlNet-TurboCell-TxRate TxRate-261k 261 +VALUE KarlNet-TurboCell-TxRate TxRate-262k 262 +VALUE KarlNet-TurboCell-TxRate TxRate-263k 263 +VALUE KarlNet-TurboCell-TxRate TxRate-264k 264 +VALUE KarlNet-TurboCell-TxRate TxRate-265k 265 +VALUE KarlNet-TurboCell-TxRate TxRate-266k 266 +VALUE KarlNet-TurboCell-TxRate TxRate-267k 267 +VALUE KarlNet-TurboCell-TxRate TxRate-268k 268 +VALUE KarlNet-TurboCell-TxRate TxRate-269k 269 +VALUE KarlNet-TurboCell-TxRate TxRate-270k 270 +VALUE KarlNet-TurboCell-TxRate TxRate-271k 271 +VALUE KarlNet-TurboCell-TxRate TxRate-272k 272 +VALUE KarlNet-TurboCell-TxRate TxRate-273k 273 +VALUE KarlNet-TurboCell-TxRate TxRate-274k 274 +VALUE KarlNet-TurboCell-TxRate TxRate-275k 275 +VALUE KarlNet-TurboCell-TxRate TxRate-276k 276 +VALUE KarlNet-TurboCell-TxRate TxRate-277k 277 +VALUE KarlNet-TurboCell-TxRate TxRate-278k 278 +VALUE KarlNet-TurboCell-TxRate TxRate-279k 279 +VALUE KarlNet-TurboCell-TxRate TxRate-280k 280 +VALUE KarlNet-TurboCell-TxRate TxRate-281k 281 +VALUE KarlNet-TurboCell-TxRate TxRate-282k 282 +VALUE KarlNet-TurboCell-TxRate TxRate-283k 283 +VALUE KarlNet-TurboCell-TxRate TxRate-284k 284 +VALUE KarlNet-TurboCell-TxRate TxRate-285k 285 +VALUE KarlNet-TurboCell-TxRate TxRate-286k 286 +VALUE KarlNet-TurboCell-TxRate TxRate-287k 287 +VALUE KarlNet-TurboCell-TxRate TxRate-288k 288 +VALUE KarlNet-TurboCell-TxRate TxRate-289k 289 +VALUE KarlNet-TurboCell-TxRate TxRate-290k 290 +VALUE KarlNet-TurboCell-TxRate TxRate-291k 291 +VALUE KarlNet-TurboCell-TxRate TxRate-292k 292 +VALUE KarlNet-TurboCell-TxRate TxRate-293k 293 +VALUE KarlNet-TurboCell-TxRate TxRate-294k 294 +VALUE KarlNet-TurboCell-TxRate TxRate-295k 295 +VALUE KarlNet-TurboCell-TxRate TxRate-296k 296 +VALUE KarlNet-TurboCell-TxRate TxRate-297k 297 +VALUE KarlNet-TurboCell-TxRate TxRate-298k 298 +VALUE KarlNet-TurboCell-TxRate TxRate-299k 299 +VALUE KarlNet-TurboCell-TxRate TxRate-300k 300 +VALUE KarlNet-TurboCell-TxRate TxRate-301k 301 +VALUE KarlNet-TurboCell-TxRate TxRate-302k 302 +VALUE KarlNet-TurboCell-TxRate TxRate-303k 303 +VALUE KarlNet-TurboCell-TxRate TxRate-304k 304 +VALUE KarlNet-TurboCell-TxRate TxRate-305k 305 +VALUE KarlNet-TurboCell-TxRate TxRate-306k 306 +VALUE KarlNet-TurboCell-TxRate TxRate-307k 307 +VALUE KarlNet-TurboCell-TxRate TxRate-308k 308 +VALUE KarlNet-TurboCell-TxRate TxRate-309k 309 +VALUE KarlNet-TurboCell-TxRate TxRate-310k 310 +VALUE KarlNet-TurboCell-TxRate TxRate-311k 311 +VALUE KarlNet-TurboCell-TxRate TxRate-312k 312 +VALUE KarlNet-TurboCell-TxRate TxRate-313k 313 +VALUE KarlNet-TurboCell-TxRate TxRate-314k 314 +VALUE KarlNet-TurboCell-TxRate TxRate-315k 315 +VALUE KarlNet-TurboCell-TxRate TxRate-316k 316 +VALUE KarlNet-TurboCell-TxRate TxRate-317k 317 +VALUE KarlNet-TurboCell-TxRate TxRate-318k 318 +VALUE KarlNet-TurboCell-TxRate TxRate-319k 319 +VALUE KarlNet-TurboCell-TxRate TxRate-320k 320 +VALUE KarlNet-TurboCell-TxRate TxRate-321k 321 +VALUE KarlNet-TurboCell-TxRate TxRate-322k 322 +VALUE KarlNet-TurboCell-TxRate TxRate-323k 323 +VALUE KarlNet-TurboCell-TxRate TxRate-324k 324 +VALUE KarlNet-TurboCell-TxRate TxRate-325k 325 +VALUE KarlNet-TurboCell-TxRate TxRate-326k 326 +VALUE KarlNet-TurboCell-TxRate TxRate-327k 327 +VALUE KarlNet-TurboCell-TxRate TxRate-328k 328 +VALUE KarlNet-TurboCell-TxRate TxRate-329k 329 +VALUE KarlNet-TurboCell-TxRate TxRate-330k 330 +VALUE KarlNet-TurboCell-TxRate TxRate-331k 331 +VALUE KarlNet-TurboCell-TxRate TxRate-332k 332 +VALUE KarlNet-TurboCell-TxRate TxRate-333k 333 +VALUE KarlNet-TurboCell-TxRate TxRate-334k 334 +VALUE KarlNet-TurboCell-TxRate TxRate-335k 335 +VALUE KarlNet-TurboCell-TxRate TxRate-336k 336 +VALUE KarlNet-TurboCell-TxRate TxRate-337k 337 +VALUE KarlNet-TurboCell-TxRate TxRate-338k 338 +VALUE KarlNet-TurboCell-TxRate TxRate-339k 339 +VALUE KarlNet-TurboCell-TxRate TxRate-340k 340 +VALUE KarlNet-TurboCell-TxRate TxRate-341k 341 +VALUE KarlNet-TurboCell-TxRate TxRate-342k 342 +VALUE KarlNet-TurboCell-TxRate TxRate-343k 343 +VALUE KarlNet-TurboCell-TxRate TxRate-344k 344 +VALUE KarlNet-TurboCell-TxRate TxRate-345k 345 +VALUE KarlNet-TurboCell-TxRate TxRate-346k 346 +VALUE KarlNet-TurboCell-TxRate TxRate-347k 347 +VALUE KarlNet-TurboCell-TxRate TxRate-348k 348 +VALUE KarlNet-TurboCell-TxRate TxRate-349k 349 +VALUE KarlNet-TurboCell-TxRate TxRate-350k 350 +VALUE KarlNet-TurboCell-TxRate TxRate-351k 351 +VALUE KarlNet-TurboCell-TxRate TxRate-352k 352 +VALUE KarlNet-TurboCell-TxRate TxRate-353k 353 +VALUE KarlNet-TurboCell-TxRate TxRate-354k 354 +VALUE KarlNet-TurboCell-TxRate TxRate-355k 355 +VALUE KarlNet-TurboCell-TxRate TxRate-356k 356 +VALUE KarlNet-TurboCell-TxRate TxRate-357k 357 +VALUE KarlNet-TurboCell-TxRate TxRate-358k 358 +VALUE KarlNet-TurboCell-TxRate TxRate-359k 359 +VALUE KarlNet-TurboCell-TxRate TxRate-360k 360 +VALUE KarlNet-TurboCell-TxRate TxRate-361k 361 +VALUE KarlNet-TurboCell-TxRate TxRate-362k 362 +VALUE KarlNet-TurboCell-TxRate TxRate-363k 363 +VALUE KarlNet-TurboCell-TxRate TxRate-364k 364 +VALUE KarlNet-TurboCell-TxRate TxRate-365k 365 +VALUE KarlNet-TurboCell-TxRate TxRate-366k 366 +VALUE KarlNet-TurboCell-TxRate TxRate-367k 367 +VALUE KarlNet-TurboCell-TxRate TxRate-368k 368 +VALUE KarlNet-TurboCell-TxRate TxRate-369k 369 +VALUE KarlNet-TurboCell-TxRate TxRate-370k 370 +VALUE KarlNet-TurboCell-TxRate TxRate-371k 371 +VALUE KarlNet-TurboCell-TxRate TxRate-372k 372 +VALUE KarlNet-TurboCell-TxRate TxRate-373k 373 +VALUE KarlNet-TurboCell-TxRate TxRate-374k 374 +VALUE KarlNet-TurboCell-TxRate TxRate-375k 375 +VALUE KarlNet-TurboCell-TxRate TxRate-376k 376 +VALUE KarlNet-TurboCell-TxRate TxRate-377k 377 +VALUE KarlNet-TurboCell-TxRate TxRate-378k 378 +VALUE KarlNet-TurboCell-TxRate TxRate-379k 379 +VALUE KarlNet-TurboCell-TxRate TxRate-380k 380 +VALUE KarlNet-TurboCell-TxRate TxRate-381k 381 +VALUE KarlNet-TurboCell-TxRate TxRate-382k 382 +VALUE KarlNet-TurboCell-TxRate TxRate-383k 383 +VALUE KarlNet-TurboCell-TxRate TxRate-384k 384 +VALUE KarlNet-TurboCell-TxRate TxRate-385k 385 +VALUE KarlNet-TurboCell-TxRate TxRate-386k 386 +VALUE KarlNet-TurboCell-TxRate TxRate-387k 387 +VALUE KarlNet-TurboCell-TxRate TxRate-388k 388 +VALUE KarlNet-TurboCell-TxRate TxRate-389k 389 +VALUE KarlNet-TurboCell-TxRate TxRate-390k 390 +VALUE KarlNet-TurboCell-TxRate TxRate-391k 391 +VALUE KarlNet-TurboCell-TxRate TxRate-392k 392 +VALUE KarlNet-TurboCell-TxRate TxRate-393k 393 +VALUE KarlNet-TurboCell-TxRate TxRate-394k 394 +VALUE KarlNet-TurboCell-TxRate TxRate-395k 395 +VALUE KarlNet-TurboCell-TxRate TxRate-396k 396 +VALUE KarlNet-TurboCell-TxRate TxRate-397k 397 +VALUE KarlNet-TurboCell-TxRate TxRate-398k 398 +VALUE KarlNet-TurboCell-TxRate TxRate-399k 399 +VALUE KarlNet-TurboCell-TxRate TxRate-400k 400 +VALUE KarlNet-TurboCell-TxRate TxRate-401k 401 +VALUE KarlNet-TurboCell-TxRate TxRate-402k 402 +VALUE KarlNet-TurboCell-TxRate TxRate-403k 403 +VALUE KarlNet-TurboCell-TxRate TxRate-404k 404 +VALUE KarlNet-TurboCell-TxRate TxRate-405k 405 +VALUE KarlNet-TurboCell-TxRate TxRate-406k 406 +VALUE KarlNet-TurboCell-TxRate TxRate-407k 407 +VALUE KarlNet-TurboCell-TxRate TxRate-408k 408 +VALUE KarlNet-TurboCell-TxRate TxRate-409k 409 +VALUE KarlNet-TurboCell-TxRate TxRate-410k 410 +VALUE KarlNet-TurboCell-TxRate TxRate-411k 411 +VALUE KarlNet-TurboCell-TxRate TxRate-412k 412 +VALUE KarlNet-TurboCell-TxRate TxRate-413k 413 +VALUE KarlNet-TurboCell-TxRate TxRate-414k 414 +VALUE KarlNet-TurboCell-TxRate TxRate-415k 415 +VALUE KarlNet-TurboCell-TxRate TxRate-416k 416 +VALUE KarlNet-TurboCell-TxRate TxRate-417k 417 +VALUE KarlNet-TurboCell-TxRate TxRate-418k 418 +VALUE KarlNet-TurboCell-TxRate TxRate-419k 419 +VALUE KarlNet-TurboCell-TxRate TxRate-420k 420 +VALUE KarlNet-TurboCell-TxRate TxRate-421k 421 +VALUE KarlNet-TurboCell-TxRate TxRate-422k 422 +VALUE KarlNet-TurboCell-TxRate TxRate-423k 423 +VALUE KarlNet-TurboCell-TxRate TxRate-424k 424 +VALUE KarlNet-TurboCell-TxRate TxRate-425k 425 +VALUE KarlNet-TurboCell-TxRate TxRate-426k 426 +VALUE KarlNet-TurboCell-TxRate TxRate-427k 427 +VALUE KarlNet-TurboCell-TxRate TxRate-428k 428 +VALUE KarlNet-TurboCell-TxRate TxRate-429k 429 +VALUE KarlNet-TurboCell-TxRate TxRate-430k 430 +VALUE KarlNet-TurboCell-TxRate TxRate-431k 431 +VALUE KarlNet-TurboCell-TxRate TxRate-432k 432 +VALUE KarlNet-TurboCell-TxRate TxRate-433k 433 +VALUE KarlNet-TurboCell-TxRate TxRate-434k 434 +VALUE KarlNet-TurboCell-TxRate TxRate-435k 435 +VALUE KarlNet-TurboCell-TxRate TxRate-436k 436 +VALUE KarlNet-TurboCell-TxRate TxRate-437k 437 +VALUE KarlNet-TurboCell-TxRate TxRate-438k 438 +VALUE KarlNet-TurboCell-TxRate TxRate-439k 439 +VALUE KarlNet-TurboCell-TxRate TxRate-440k 440 +VALUE KarlNet-TurboCell-TxRate TxRate-441k 441 +VALUE KarlNet-TurboCell-TxRate TxRate-442k 442 +VALUE KarlNet-TurboCell-TxRate TxRate-443k 443 +VALUE KarlNet-TurboCell-TxRate TxRate-444k 444 +VALUE KarlNet-TurboCell-TxRate TxRate-445k 445 +VALUE KarlNet-TurboCell-TxRate TxRate-446k 446 +VALUE KarlNet-TurboCell-TxRate TxRate-447k 447 +VALUE KarlNet-TurboCell-TxRate TxRate-448k 448 +VALUE KarlNet-TurboCell-TxRate TxRate-449k 449 +VALUE KarlNet-TurboCell-TxRate TxRate-450k 450 +VALUE KarlNet-TurboCell-TxRate TxRate-451k 451 +VALUE KarlNet-TurboCell-TxRate TxRate-452k 452 +VALUE KarlNet-TurboCell-TxRate TxRate-453k 453 +VALUE KarlNet-TurboCell-TxRate TxRate-454k 454 +VALUE KarlNet-TurboCell-TxRate TxRate-455k 455 +VALUE KarlNet-TurboCell-TxRate TxRate-456k 456 +VALUE KarlNet-TurboCell-TxRate TxRate-457k 457 +VALUE KarlNet-TurboCell-TxRate TxRate-458k 458 +VALUE KarlNet-TurboCell-TxRate TxRate-459k 459 +VALUE KarlNet-TurboCell-TxRate TxRate-460k 460 +VALUE KarlNet-TurboCell-TxRate TxRate-461k 461 +VALUE KarlNet-TurboCell-TxRate TxRate-462k 462 +VALUE KarlNet-TurboCell-TxRate TxRate-463k 463 +VALUE KarlNet-TurboCell-TxRate TxRate-464k 464 +VALUE KarlNet-TurboCell-TxRate TxRate-465k 465 +VALUE KarlNet-TurboCell-TxRate TxRate-466k 466 +VALUE KarlNet-TurboCell-TxRate TxRate-467k 467 +VALUE KarlNet-TurboCell-TxRate TxRate-468k 468 +VALUE KarlNet-TurboCell-TxRate TxRate-469k 469 +VALUE KarlNet-TurboCell-TxRate TxRate-470k 470 +VALUE KarlNet-TurboCell-TxRate TxRate-471k 471 +VALUE KarlNet-TurboCell-TxRate TxRate-472k 472 +VALUE KarlNet-TurboCell-TxRate TxRate-473k 473 +VALUE KarlNet-TurboCell-TxRate TxRate-474k 474 +VALUE KarlNet-TurboCell-TxRate TxRate-475k 475 +VALUE KarlNet-TurboCell-TxRate TxRate-476k 476 +VALUE KarlNet-TurboCell-TxRate TxRate-477k 477 +VALUE KarlNet-TurboCell-TxRate TxRate-478k 478 +VALUE KarlNet-TurboCell-TxRate TxRate-479k 479 +VALUE KarlNet-TurboCell-TxRate TxRate-480k 480 +VALUE KarlNet-TurboCell-TxRate TxRate-481k 481 +VALUE KarlNet-TurboCell-TxRate TxRate-482k 482 +VALUE KarlNet-TurboCell-TxRate TxRate-483k 483 +VALUE KarlNet-TurboCell-TxRate TxRate-484k 484 +VALUE KarlNet-TurboCell-TxRate TxRate-485k 485 +VALUE KarlNet-TurboCell-TxRate TxRate-486k 486 +VALUE KarlNet-TurboCell-TxRate TxRate-487k 487 +VALUE KarlNet-TurboCell-TxRate TxRate-488k 488 +VALUE KarlNet-TurboCell-TxRate TxRate-489k 489 +VALUE KarlNet-TurboCell-TxRate TxRate-490k 490 +VALUE KarlNet-TurboCell-TxRate TxRate-491k 491 +VALUE KarlNet-TurboCell-TxRate TxRate-492k 492 +VALUE KarlNet-TurboCell-TxRate TxRate-493k 493 +VALUE KarlNet-TurboCell-TxRate TxRate-494k 494 +VALUE KarlNet-TurboCell-TxRate TxRate-495k 495 +VALUE KarlNet-TurboCell-TxRate TxRate-496k 496 +VALUE KarlNet-TurboCell-TxRate TxRate-497k 497 +VALUE KarlNet-TurboCell-TxRate TxRate-498k 498 +VALUE KarlNet-TurboCell-TxRate TxRate-499k 499 +VALUE KarlNet-TurboCell-TxRate TxRate-500k 500 +VALUE KarlNet-TurboCell-TxRate TxRate-501k 501 +VALUE KarlNet-TurboCell-TxRate TxRate-502k 502 +VALUE KarlNet-TurboCell-TxRate TxRate-503k 503 +VALUE KarlNet-TurboCell-TxRate TxRate-504k 504 +VALUE KarlNet-TurboCell-TxRate TxRate-505k 505 +VALUE KarlNet-TurboCell-TxRate TxRate-506k 506 +VALUE KarlNet-TurboCell-TxRate TxRate-507k 507 +VALUE KarlNet-TurboCell-TxRate TxRate-508k 508 +VALUE KarlNet-TurboCell-TxRate TxRate-509k 509 +VALUE KarlNet-TurboCell-TxRate TxRate-510k 510 +VALUE KarlNet-TurboCell-TxRate TxRate-511k 511 +VALUE KarlNet-TurboCell-TxRate TxRate-512k 512 +VALUE KarlNet-TurboCell-TxRate TxRate-513k 513 +VALUE KarlNet-TurboCell-TxRate TxRate-514k 514 +VALUE KarlNet-TurboCell-TxRate TxRate-515k 515 +VALUE KarlNet-TurboCell-TxRate TxRate-516k 516 +VALUE KarlNet-TurboCell-TxRate TxRate-517k 517 +VALUE KarlNet-TurboCell-TxRate TxRate-518k 518 +VALUE KarlNet-TurboCell-TxRate TxRate-519k 519 +VALUE KarlNet-TurboCell-TxRate TxRate-520k 520 +VALUE KarlNet-TurboCell-TxRate TxRate-521k 521 +VALUE KarlNet-TurboCell-TxRate TxRate-522k 522 +VALUE KarlNet-TurboCell-TxRate TxRate-523k 523 +VALUE KarlNet-TurboCell-TxRate TxRate-524k 524 +VALUE KarlNet-TurboCell-TxRate TxRate-525k 525 +VALUE KarlNet-TurboCell-TxRate TxRate-526k 526 +VALUE KarlNet-TurboCell-TxRate TxRate-527k 527 +VALUE KarlNet-TurboCell-TxRate TxRate-528k 528 +VALUE KarlNet-TurboCell-TxRate TxRate-529k 529 +VALUE KarlNet-TurboCell-TxRate TxRate-530k 530 +VALUE KarlNet-TurboCell-TxRate TxRate-531k 531 +VALUE KarlNet-TurboCell-TxRate TxRate-532k 532 +VALUE KarlNet-TurboCell-TxRate TxRate-533k 533 +VALUE KarlNet-TurboCell-TxRate TxRate-534k 534 +VALUE KarlNet-TurboCell-TxRate TxRate-535k 535 +VALUE KarlNet-TurboCell-TxRate TxRate-536k 536 +VALUE KarlNet-TurboCell-TxRate TxRate-537k 537 +VALUE KarlNet-TurboCell-TxRate TxRate-538k 538 +VALUE KarlNet-TurboCell-TxRate TxRate-539k 539 +VALUE KarlNet-TurboCell-TxRate TxRate-540k 540 +VALUE KarlNet-TurboCell-TxRate TxRate-541k 541 +VALUE KarlNet-TurboCell-TxRate TxRate-542k 542 +VALUE KarlNet-TurboCell-TxRate TxRate-543k 543 +VALUE KarlNet-TurboCell-TxRate TxRate-544k 544 +VALUE KarlNet-TurboCell-TxRate TxRate-545k 545 +VALUE KarlNet-TurboCell-TxRate TxRate-546k 546 +VALUE KarlNet-TurboCell-TxRate TxRate-547k 547 +VALUE KarlNet-TurboCell-TxRate TxRate-548k 548 +VALUE KarlNet-TurboCell-TxRate TxRate-549k 549 +VALUE KarlNet-TurboCell-TxRate TxRate-550k 550 +VALUE KarlNet-TurboCell-TxRate TxRate-551k 551 +VALUE KarlNet-TurboCell-TxRate TxRate-552k 552 +VALUE KarlNet-TurboCell-TxRate TxRate-553k 553 +VALUE KarlNet-TurboCell-TxRate TxRate-554k 554 +VALUE KarlNet-TurboCell-TxRate TxRate-555k 555 +VALUE KarlNet-TurboCell-TxRate TxRate-556k 556 +VALUE KarlNet-TurboCell-TxRate TxRate-557k 557 +VALUE KarlNet-TurboCell-TxRate TxRate-558k 558 +VALUE KarlNet-TurboCell-TxRate TxRate-559k 559 +VALUE KarlNet-TurboCell-TxRate TxRate-560k 560 +VALUE KarlNet-TurboCell-TxRate TxRate-561k 561 +VALUE KarlNet-TurboCell-TxRate TxRate-562k 562 +VALUE KarlNet-TurboCell-TxRate TxRate-563k 563 +VALUE KarlNet-TurboCell-TxRate TxRate-564k 564 +VALUE KarlNet-TurboCell-TxRate TxRate-565k 565 +VALUE KarlNet-TurboCell-TxRate TxRate-566k 566 +VALUE KarlNet-TurboCell-TxRate TxRate-567k 567 +VALUE KarlNet-TurboCell-TxRate TxRate-568k 568 +VALUE KarlNet-TurboCell-TxRate TxRate-569k 569 +VALUE KarlNet-TurboCell-TxRate TxRate-570k 570 +VALUE KarlNet-TurboCell-TxRate TxRate-571k 571 +VALUE KarlNet-TurboCell-TxRate TxRate-572k 572 +VALUE KarlNet-TurboCell-TxRate TxRate-573k 573 +VALUE KarlNet-TurboCell-TxRate TxRate-574k 574 +VALUE KarlNet-TurboCell-TxRate TxRate-575k 575 +VALUE KarlNet-TurboCell-TxRate TxRate-576k 576 +VALUE KarlNet-TurboCell-TxRate TxRate-577k 577 +VALUE KarlNet-TurboCell-TxRate TxRate-578k 578 +VALUE KarlNet-TurboCell-TxRate TxRate-579k 579 +VALUE KarlNet-TurboCell-TxRate TxRate-580k 580 +VALUE KarlNet-TurboCell-TxRate TxRate-581k 581 +VALUE KarlNet-TurboCell-TxRate TxRate-582k 582 +VALUE KarlNet-TurboCell-TxRate TxRate-583k 583 +VALUE KarlNet-TurboCell-TxRate TxRate-584k 584 +VALUE KarlNet-TurboCell-TxRate TxRate-585k 585 +VALUE KarlNet-TurboCell-TxRate TxRate-586k 586 +VALUE KarlNet-TurboCell-TxRate TxRate-587k 587 +VALUE KarlNet-TurboCell-TxRate TxRate-588k 588 +VALUE KarlNet-TurboCell-TxRate TxRate-589k 589 +VALUE KarlNet-TurboCell-TxRate TxRate-590k 590 +VALUE KarlNet-TurboCell-TxRate TxRate-591k 591 +VALUE KarlNet-TurboCell-TxRate TxRate-592k 592 +VALUE KarlNet-TurboCell-TxRate TxRate-593k 593 +VALUE KarlNet-TurboCell-TxRate TxRate-594k 594 +VALUE KarlNet-TurboCell-TxRate TxRate-595k 595 +VALUE KarlNet-TurboCell-TxRate TxRate-596k 596 +VALUE KarlNet-TurboCell-TxRate TxRate-597k 597 +VALUE KarlNet-TurboCell-TxRate TxRate-598k 598 +VALUE KarlNet-TurboCell-TxRate TxRate-599k 599 +VALUE KarlNet-TurboCell-TxRate TxRate-600k 600 +VALUE KarlNet-TurboCell-TxRate TxRate-601k 601 +VALUE KarlNet-TurboCell-TxRate TxRate-602k 602 +VALUE KarlNet-TurboCell-TxRate TxRate-603k 603 +VALUE KarlNet-TurboCell-TxRate TxRate-604k 604 +VALUE KarlNet-TurboCell-TxRate TxRate-605k 605 +VALUE KarlNet-TurboCell-TxRate TxRate-606k 606 +VALUE KarlNet-TurboCell-TxRate TxRate-607k 607 +VALUE KarlNet-TurboCell-TxRate TxRate-608k 608 +VALUE KarlNet-TurboCell-TxRate TxRate-609k 609 +VALUE KarlNet-TurboCell-TxRate TxRate-610k 610 +VALUE KarlNet-TurboCell-TxRate TxRate-611k 611 +VALUE KarlNet-TurboCell-TxRate TxRate-612k 612 +VALUE KarlNet-TurboCell-TxRate TxRate-613k 613 +VALUE KarlNet-TurboCell-TxRate TxRate-614k 614 +VALUE KarlNet-TurboCell-TxRate TxRate-615k 615 +VALUE KarlNet-TurboCell-TxRate TxRate-616k 616 +VALUE KarlNet-TurboCell-TxRate TxRate-617k 617 +VALUE KarlNet-TurboCell-TxRate TxRate-618k 618 +VALUE KarlNet-TurboCell-TxRate TxRate-619k 619 +VALUE KarlNet-TurboCell-TxRate TxRate-620k 620 +VALUE KarlNet-TurboCell-TxRate TxRate-621k 621 +VALUE KarlNet-TurboCell-TxRate TxRate-622k 622 +VALUE KarlNet-TurboCell-TxRate TxRate-623k 623 +VALUE KarlNet-TurboCell-TxRate TxRate-624k 624 +VALUE KarlNet-TurboCell-TxRate TxRate-625k 625 +VALUE KarlNet-TurboCell-TxRate TxRate-626k 626 +VALUE KarlNet-TurboCell-TxRate TxRate-627k 627 +VALUE KarlNet-TurboCell-TxRate TxRate-628k 628 +VALUE KarlNet-TurboCell-TxRate TxRate-629k 629 +VALUE KarlNet-TurboCell-TxRate TxRate-630k 630 +VALUE KarlNet-TurboCell-TxRate TxRate-631k 631 +VALUE KarlNet-TurboCell-TxRate TxRate-632k 632 +VALUE KarlNet-TurboCell-TxRate TxRate-633k 633 +VALUE KarlNet-TurboCell-TxRate TxRate-634k 634 +VALUE KarlNet-TurboCell-TxRate TxRate-635k 635 +VALUE KarlNet-TurboCell-TxRate TxRate-636k 636 +VALUE KarlNet-TurboCell-TxRate TxRate-637k 637 +VALUE KarlNet-TurboCell-TxRate TxRate-638k 638 +VALUE KarlNet-TurboCell-TxRate TxRate-639k 639 +VALUE KarlNet-TurboCell-TxRate TxRate-640k 640 +VALUE KarlNet-TurboCell-TxRate TxRate-641k 641 +VALUE KarlNet-TurboCell-TxRate TxRate-642k 642 +VALUE KarlNet-TurboCell-TxRate TxRate-643k 643 +VALUE KarlNet-TurboCell-TxRate TxRate-644k 644 +VALUE KarlNet-TurboCell-TxRate TxRate-645k 645 +VALUE KarlNet-TurboCell-TxRate TxRate-646k 646 +VALUE KarlNet-TurboCell-TxRate TxRate-647k 647 +VALUE KarlNet-TurboCell-TxRate TxRate-648k 648 +VALUE KarlNet-TurboCell-TxRate TxRate-649k 649 +VALUE KarlNet-TurboCell-TxRate TxRate-650k 650 +VALUE KarlNet-TurboCell-TxRate TxRate-651k 651 +VALUE KarlNet-TurboCell-TxRate TxRate-652k 652 +VALUE KarlNet-TurboCell-TxRate TxRate-653k 653 +VALUE KarlNet-TurboCell-TxRate TxRate-654k 654 +VALUE KarlNet-TurboCell-TxRate TxRate-655k 655 +VALUE KarlNet-TurboCell-TxRate TxRate-656k 656 +VALUE KarlNet-TurboCell-TxRate TxRate-657k 657 +VALUE KarlNet-TurboCell-TxRate TxRate-658k 658 +VALUE KarlNet-TurboCell-TxRate TxRate-659k 659 +VALUE KarlNet-TurboCell-TxRate TxRate-660k 660 +VALUE KarlNet-TurboCell-TxRate TxRate-661k 661 +VALUE KarlNet-TurboCell-TxRate TxRate-662k 662 +VALUE KarlNet-TurboCell-TxRate TxRate-663k 663 +VALUE KarlNet-TurboCell-TxRate TxRate-664k 664 +VALUE KarlNet-TurboCell-TxRate TxRate-665k 665 +VALUE KarlNet-TurboCell-TxRate TxRate-666k 666 +VALUE KarlNet-TurboCell-TxRate TxRate-667k 667 +VALUE KarlNet-TurboCell-TxRate TxRate-668k 668 +VALUE KarlNet-TurboCell-TxRate TxRate-669k 669 +VALUE KarlNet-TurboCell-TxRate TxRate-670k 670 +VALUE KarlNet-TurboCell-TxRate TxRate-671k 671 +VALUE KarlNet-TurboCell-TxRate TxRate-672k 672 +VALUE KarlNet-TurboCell-TxRate TxRate-673k 673 +VALUE KarlNet-TurboCell-TxRate TxRate-674k 674 +VALUE KarlNet-TurboCell-TxRate TxRate-675k 675 +VALUE KarlNet-TurboCell-TxRate TxRate-676k 676 +VALUE KarlNet-TurboCell-TxRate TxRate-677k 677 +VALUE KarlNet-TurboCell-TxRate TxRate-678k 678 +VALUE KarlNet-TurboCell-TxRate TxRate-679k 679 +VALUE KarlNet-TurboCell-TxRate TxRate-680k 680 +VALUE KarlNet-TurboCell-TxRate TxRate-681k 681 +VALUE KarlNet-TurboCell-TxRate TxRate-682k 682 +VALUE KarlNet-TurboCell-TxRate TxRate-683k 683 +VALUE KarlNet-TurboCell-TxRate TxRate-684k 684 +VALUE KarlNet-TurboCell-TxRate TxRate-685k 685 +VALUE KarlNet-TurboCell-TxRate TxRate-686k 686 +VALUE KarlNet-TurboCell-TxRate TxRate-687k 687 +VALUE KarlNet-TurboCell-TxRate TxRate-688k 688 +VALUE KarlNet-TurboCell-TxRate TxRate-689k 689 +VALUE KarlNet-TurboCell-TxRate TxRate-690k 690 +VALUE KarlNet-TurboCell-TxRate TxRate-691k 691 +VALUE KarlNet-TurboCell-TxRate TxRate-692k 692 +VALUE KarlNet-TurboCell-TxRate TxRate-693k 693 +VALUE KarlNet-TurboCell-TxRate TxRate-694k 694 +VALUE KarlNet-TurboCell-TxRate TxRate-695k 695 +VALUE KarlNet-TurboCell-TxRate TxRate-696k 696 +VALUE KarlNet-TurboCell-TxRate TxRate-697k 697 +VALUE KarlNet-TurboCell-TxRate TxRate-698k 698 +VALUE KarlNet-TurboCell-TxRate TxRate-699k 699 +VALUE KarlNet-TurboCell-TxRate TxRate-700k 700 +VALUE KarlNet-TurboCell-TxRate TxRate-701k 701 +VALUE KarlNet-TurboCell-TxRate TxRate-702k 702 +VALUE KarlNet-TurboCell-TxRate TxRate-703k 703 +VALUE KarlNet-TurboCell-TxRate TxRate-704k 704 +VALUE KarlNet-TurboCell-TxRate TxRate-705k 705 +VALUE KarlNet-TurboCell-TxRate TxRate-706k 706 +VALUE KarlNet-TurboCell-TxRate TxRate-707k 707 +VALUE KarlNet-TurboCell-TxRate TxRate-708k 708 +VALUE KarlNet-TurboCell-TxRate TxRate-709k 709 +VALUE KarlNet-TurboCell-TxRate TxRate-710k 710 +VALUE KarlNet-TurboCell-TxRate TxRate-711k 711 +VALUE KarlNet-TurboCell-TxRate TxRate-712k 712 +VALUE KarlNet-TurboCell-TxRate TxRate-713k 713 +VALUE KarlNet-TurboCell-TxRate TxRate-714k 714 +VALUE KarlNet-TurboCell-TxRate TxRate-715k 715 +VALUE KarlNet-TurboCell-TxRate TxRate-716k 716 +VALUE KarlNet-TurboCell-TxRate TxRate-717k 717 +VALUE KarlNet-TurboCell-TxRate TxRate-718k 718 +VALUE KarlNet-TurboCell-TxRate TxRate-719k 719 +VALUE KarlNet-TurboCell-TxRate TxRate-720k 720 +VALUE KarlNet-TurboCell-TxRate TxRate-721k 721 +VALUE KarlNet-TurboCell-TxRate TxRate-722k 722 +VALUE KarlNet-TurboCell-TxRate TxRate-723k 723 +VALUE KarlNet-TurboCell-TxRate TxRate-724k 724 +VALUE KarlNet-TurboCell-TxRate TxRate-725k 725 +VALUE KarlNet-TurboCell-TxRate TxRate-726k 726 +VALUE KarlNet-TurboCell-TxRate TxRate-727k 727 +VALUE KarlNet-TurboCell-TxRate TxRate-728k 728 +VALUE KarlNet-TurboCell-TxRate TxRate-729k 729 +VALUE KarlNet-TurboCell-TxRate TxRate-730k 730 +VALUE KarlNet-TurboCell-TxRate TxRate-731k 731 +VALUE KarlNet-TurboCell-TxRate TxRate-732k 732 +VALUE KarlNet-TurboCell-TxRate TxRate-733k 733 +VALUE KarlNet-TurboCell-TxRate TxRate-734k 734 +VALUE KarlNet-TurboCell-TxRate TxRate-735k 735 +VALUE KarlNet-TurboCell-TxRate TxRate-736k 736 +VALUE KarlNet-TurboCell-TxRate TxRate-737k 737 +VALUE KarlNet-TurboCell-TxRate TxRate-738k 738 +VALUE KarlNet-TurboCell-TxRate TxRate-739k 739 +VALUE KarlNet-TurboCell-TxRate TxRate-740k 740 +VALUE KarlNet-TurboCell-TxRate TxRate-741k 741 +VALUE KarlNet-TurboCell-TxRate TxRate-742k 742 +VALUE KarlNet-TurboCell-TxRate TxRate-743k 743 +VALUE KarlNet-TurboCell-TxRate TxRate-744k 744 +VALUE KarlNet-TurboCell-TxRate TxRate-745k 745 +VALUE KarlNet-TurboCell-TxRate TxRate-746k 746 +VALUE KarlNet-TurboCell-TxRate TxRate-747k 747 +VALUE KarlNet-TurboCell-TxRate TxRate-748k 748 +VALUE KarlNet-TurboCell-TxRate TxRate-749k 749 +VALUE KarlNet-TurboCell-TxRate TxRate-750k 750 +VALUE KarlNet-TurboCell-TxRate TxRate-751k 751 +VALUE KarlNet-TurboCell-TxRate TxRate-752k 752 +VALUE KarlNet-TurboCell-TxRate TxRate-753k 753 +VALUE KarlNet-TurboCell-TxRate TxRate-754k 754 +VALUE KarlNet-TurboCell-TxRate TxRate-755k 755 +VALUE KarlNet-TurboCell-TxRate TxRate-756k 756 +VALUE KarlNet-TurboCell-TxRate TxRate-757k 757 +VALUE KarlNet-TurboCell-TxRate TxRate-758k 758 +VALUE KarlNet-TurboCell-TxRate TxRate-759k 759 +VALUE KarlNet-TurboCell-TxRate TxRate-760k 760 +VALUE KarlNet-TurboCell-TxRate TxRate-761k 761 +VALUE KarlNet-TurboCell-TxRate TxRate-762k 762 +VALUE KarlNet-TurboCell-TxRate TxRate-763k 763 +VALUE KarlNet-TurboCell-TxRate TxRate-764k 764 +VALUE KarlNet-TurboCell-TxRate TxRate-765k 765 +VALUE KarlNet-TurboCell-TxRate TxRate-766k 766 +VALUE KarlNet-TurboCell-TxRate TxRate-767k 767 +VALUE KarlNet-TurboCell-TxRate TxRate-768k 768 +VALUE KarlNet-TurboCell-TxRate TxRate-769k 769 +VALUE KarlNet-TurboCell-TxRate TxRate-770k 770 +VALUE KarlNet-TurboCell-TxRate TxRate-771k 771 +VALUE KarlNet-TurboCell-TxRate TxRate-772k 772 +VALUE KarlNet-TurboCell-TxRate TxRate-773k 773 +VALUE KarlNet-TurboCell-TxRate TxRate-774k 774 +VALUE KarlNet-TurboCell-TxRate TxRate-775k 775 +VALUE KarlNet-TurboCell-TxRate TxRate-776k 776 +VALUE KarlNet-TurboCell-TxRate TxRate-777k 777 +VALUE KarlNet-TurboCell-TxRate TxRate-778k 778 +VALUE KarlNet-TurboCell-TxRate TxRate-779k 779 +VALUE KarlNet-TurboCell-TxRate TxRate-780k 780 +VALUE KarlNet-TurboCell-TxRate TxRate-781k 781 +VALUE KarlNet-TurboCell-TxRate TxRate-782k 782 +VALUE KarlNet-TurboCell-TxRate TxRate-783k 783 +VALUE KarlNet-TurboCell-TxRate TxRate-784k 784 +VALUE KarlNet-TurboCell-TxRate TxRate-785k 785 +VALUE KarlNet-TurboCell-TxRate TxRate-786k 786 +VALUE KarlNet-TurboCell-TxRate TxRate-787k 787 +VALUE KarlNet-TurboCell-TxRate TxRate-788k 788 +VALUE KarlNet-TurboCell-TxRate TxRate-789k 789 +VALUE KarlNet-TurboCell-TxRate TxRate-790k 790 +VALUE KarlNet-TurboCell-TxRate TxRate-791k 791 +VALUE KarlNet-TurboCell-TxRate TxRate-792k 792 +VALUE KarlNet-TurboCell-TxRate TxRate-793k 793 +VALUE KarlNet-TurboCell-TxRate TxRate-794k 794 +VALUE KarlNet-TurboCell-TxRate TxRate-795k 795 +VALUE KarlNet-TurboCell-TxRate TxRate-796k 796 +VALUE KarlNet-TurboCell-TxRate TxRate-797k 797 +VALUE KarlNet-TurboCell-TxRate TxRate-798k 798 +VALUE KarlNet-TurboCell-TxRate TxRate-799k 799 +VALUE KarlNet-TurboCell-TxRate TxRate-800k 800 +VALUE KarlNet-TurboCell-TxRate TxRate-801k 801 +VALUE KarlNet-TurboCell-TxRate TxRate-802k 802 +VALUE KarlNet-TurboCell-TxRate TxRate-803k 803 +VALUE KarlNet-TurboCell-TxRate TxRate-804k 804 +VALUE KarlNet-TurboCell-TxRate TxRate-805k 805 +VALUE KarlNet-TurboCell-TxRate TxRate-806k 806 +VALUE KarlNet-TurboCell-TxRate TxRate-807k 807 +VALUE KarlNet-TurboCell-TxRate TxRate-808k 808 +VALUE KarlNet-TurboCell-TxRate TxRate-809k 809 +VALUE KarlNet-TurboCell-TxRate TxRate-810k 810 +VALUE KarlNet-TurboCell-TxRate TxRate-811k 811 +VALUE KarlNet-TurboCell-TxRate TxRate-812k 812 +VALUE KarlNet-TurboCell-TxRate TxRate-813k 813 +VALUE KarlNet-TurboCell-TxRate TxRate-814k 814 +VALUE KarlNet-TurboCell-TxRate TxRate-815k 815 +VALUE KarlNet-TurboCell-TxRate TxRate-816k 816 +VALUE KarlNet-TurboCell-TxRate TxRate-817k 817 +VALUE KarlNet-TurboCell-TxRate TxRate-818k 818 +VALUE KarlNet-TurboCell-TxRate TxRate-819k 819 +VALUE KarlNet-TurboCell-TxRate TxRate-820k 820 +VALUE KarlNet-TurboCell-TxRate TxRate-821k 821 +VALUE KarlNet-TurboCell-TxRate TxRate-822k 822 +VALUE KarlNet-TurboCell-TxRate TxRate-823k 823 +VALUE KarlNet-TurboCell-TxRate TxRate-824k 824 +VALUE KarlNet-TurboCell-TxRate TxRate-825k 825 +VALUE KarlNet-TurboCell-TxRate TxRate-826k 826 +VALUE KarlNet-TurboCell-TxRate TxRate-827k 827 +VALUE KarlNet-TurboCell-TxRate TxRate-828k 828 +VALUE KarlNet-TurboCell-TxRate TxRate-829k 829 +VALUE KarlNet-TurboCell-TxRate TxRate-830k 830 +VALUE KarlNet-TurboCell-TxRate TxRate-831k 831 +VALUE KarlNet-TurboCell-TxRate TxRate-832k 832 +VALUE KarlNet-TurboCell-TxRate TxRate-833k 833 +VALUE KarlNet-TurboCell-TxRate TxRate-834k 834 +VALUE KarlNet-TurboCell-TxRate TxRate-835k 835 +VALUE KarlNet-TurboCell-TxRate TxRate-836k 836 +VALUE KarlNet-TurboCell-TxRate TxRate-837k 837 +VALUE KarlNet-TurboCell-TxRate TxRate-838k 838 +VALUE KarlNet-TurboCell-TxRate TxRate-839k 839 +VALUE KarlNet-TurboCell-TxRate TxRate-840k 840 +VALUE KarlNet-TurboCell-TxRate TxRate-841k 841 +VALUE KarlNet-TurboCell-TxRate TxRate-842k 842 +VALUE KarlNet-TurboCell-TxRate TxRate-843k 843 +VALUE KarlNet-TurboCell-TxRate TxRate-844k 844 +VALUE KarlNet-TurboCell-TxRate TxRate-845k 845 +VALUE KarlNet-TurboCell-TxRate TxRate-846k 846 +VALUE KarlNet-TurboCell-TxRate TxRate-847k 847 +VALUE KarlNet-TurboCell-TxRate TxRate-848k 848 +VALUE KarlNet-TurboCell-TxRate TxRate-849k 849 +VALUE KarlNet-TurboCell-TxRate TxRate-850k 850 +VALUE KarlNet-TurboCell-TxRate TxRate-851k 851 +VALUE KarlNet-TurboCell-TxRate TxRate-852k 852 +VALUE KarlNet-TurboCell-TxRate TxRate-853k 853 +VALUE KarlNet-TurboCell-TxRate TxRate-854k 854 +VALUE KarlNet-TurboCell-TxRate TxRate-855k 855 +VALUE KarlNet-TurboCell-TxRate TxRate-856k 856 +VALUE KarlNet-TurboCell-TxRate TxRate-857k 857 +VALUE KarlNet-TurboCell-TxRate TxRate-858k 858 +VALUE KarlNet-TurboCell-TxRate TxRate-859k 859 +VALUE KarlNet-TurboCell-TxRate TxRate-860k 860 +VALUE KarlNet-TurboCell-TxRate TxRate-861k 861 +VALUE KarlNet-TurboCell-TxRate TxRate-862k 862 +VALUE KarlNet-TurboCell-TxRate TxRate-863k 863 +VALUE KarlNet-TurboCell-TxRate TxRate-864k 864 +VALUE KarlNet-TurboCell-TxRate TxRate-865k 865 +VALUE KarlNet-TurboCell-TxRate TxRate-866k 866 +VALUE KarlNet-TurboCell-TxRate TxRate-867k 867 +VALUE KarlNet-TurboCell-TxRate TxRate-868k 868 +VALUE KarlNet-TurboCell-TxRate TxRate-869k 869 +VALUE KarlNet-TurboCell-TxRate TxRate-870k 870 +VALUE KarlNet-TurboCell-TxRate TxRate-871k 871 +VALUE KarlNet-TurboCell-TxRate TxRate-872k 872 +VALUE KarlNet-TurboCell-TxRate TxRate-873k 873 +VALUE KarlNet-TurboCell-TxRate TxRate-874k 874 +VALUE KarlNet-TurboCell-TxRate TxRate-875k 875 +VALUE KarlNet-TurboCell-TxRate TxRate-876k 876 +VALUE KarlNet-TurboCell-TxRate TxRate-877k 877 +VALUE KarlNet-TurboCell-TxRate TxRate-878k 878 +VALUE KarlNet-TurboCell-TxRate TxRate-879k 879 +VALUE KarlNet-TurboCell-TxRate TxRate-880k 880 +VALUE KarlNet-TurboCell-TxRate TxRate-881k 881 +VALUE KarlNet-TurboCell-TxRate TxRate-882k 882 +VALUE KarlNet-TurboCell-TxRate TxRate-883k 883 +VALUE KarlNet-TurboCell-TxRate TxRate-884k 884 +VALUE KarlNet-TurboCell-TxRate TxRate-885k 885 +VALUE KarlNet-TurboCell-TxRate TxRate-886k 886 +VALUE KarlNet-TurboCell-TxRate TxRate-887k 887 +VALUE KarlNet-TurboCell-TxRate TxRate-888k 888 +VALUE KarlNet-TurboCell-TxRate TxRate-889k 889 +VALUE KarlNet-TurboCell-TxRate TxRate-890k 890 +VALUE KarlNet-TurboCell-TxRate TxRate-891k 891 +VALUE KarlNet-TurboCell-TxRate TxRate-892k 892 +VALUE KarlNet-TurboCell-TxRate TxRate-893k 893 +VALUE KarlNet-TurboCell-TxRate TxRate-894k 894 +VALUE KarlNet-TurboCell-TxRate TxRate-895k 895 +VALUE KarlNet-TurboCell-TxRate TxRate-896k 896 +VALUE KarlNet-TurboCell-TxRate TxRate-897k 897 +VALUE KarlNet-TurboCell-TxRate TxRate-898k 898 +VALUE KarlNet-TurboCell-TxRate TxRate-899k 899 +VALUE KarlNet-TurboCell-TxRate TxRate-900k 900 +VALUE KarlNet-TurboCell-TxRate TxRate-901k 901 +VALUE KarlNet-TurboCell-TxRate TxRate-902k 902 +VALUE KarlNet-TurboCell-TxRate TxRate-903k 903 +VALUE KarlNet-TurboCell-TxRate TxRate-904k 904 +VALUE KarlNet-TurboCell-TxRate TxRate-905k 905 +VALUE KarlNet-TurboCell-TxRate TxRate-906k 906 +VALUE KarlNet-TurboCell-TxRate TxRate-907k 907 +VALUE KarlNet-TurboCell-TxRate TxRate-908k 908 +VALUE KarlNet-TurboCell-TxRate TxRate-909k 909 +VALUE KarlNet-TurboCell-TxRate TxRate-910k 910 +VALUE KarlNet-TurboCell-TxRate TxRate-911k 911 +VALUE KarlNet-TurboCell-TxRate TxRate-912k 912 +VALUE KarlNet-TurboCell-TxRate TxRate-913k 913 +VALUE KarlNet-TurboCell-TxRate TxRate-914k 914 +VALUE KarlNet-TurboCell-TxRate TxRate-915k 915 +VALUE KarlNet-TurboCell-TxRate TxRate-916k 916 +VALUE KarlNet-TurboCell-TxRate TxRate-917k 917 +VALUE KarlNet-TurboCell-TxRate TxRate-918k 918 +VALUE KarlNet-TurboCell-TxRate TxRate-919k 919 +VALUE KarlNet-TurboCell-TxRate TxRate-920k 920 +VALUE KarlNet-TurboCell-TxRate TxRate-921k 921 +VALUE KarlNet-TurboCell-TxRate TxRate-922k 922 +VALUE KarlNet-TurboCell-TxRate TxRate-923k 923 +VALUE KarlNet-TurboCell-TxRate TxRate-924k 924 +VALUE KarlNet-TurboCell-TxRate TxRate-925k 925 +VALUE KarlNet-TurboCell-TxRate TxRate-926k 926 +VALUE KarlNet-TurboCell-TxRate TxRate-927k 927 +VALUE KarlNet-TurboCell-TxRate TxRate-928k 928 +VALUE KarlNet-TurboCell-TxRate TxRate-929k 929 +VALUE KarlNet-TurboCell-TxRate TxRate-930k 930 +VALUE KarlNet-TurboCell-TxRate TxRate-931k 931 +VALUE KarlNet-TurboCell-TxRate TxRate-932k 932 +VALUE KarlNet-TurboCell-TxRate TxRate-933k 933 +VALUE KarlNet-TurboCell-TxRate TxRate-934k 934 +VALUE KarlNet-TurboCell-TxRate TxRate-935k 935 +VALUE KarlNet-TurboCell-TxRate TxRate-936k 936 +VALUE KarlNet-TurboCell-TxRate TxRate-937k 937 +VALUE KarlNet-TurboCell-TxRate TxRate-938k 938 +VALUE KarlNet-TurboCell-TxRate TxRate-939k 939 +VALUE KarlNet-TurboCell-TxRate TxRate-940k 940 +VALUE KarlNet-TurboCell-TxRate TxRate-941k 941 +VALUE KarlNet-TurboCell-TxRate TxRate-942k 942 +VALUE KarlNet-TurboCell-TxRate TxRate-943k 943 +VALUE KarlNet-TurboCell-TxRate TxRate-944k 944 +VALUE KarlNet-TurboCell-TxRate TxRate-945k 945 +VALUE KarlNet-TurboCell-TxRate TxRate-946k 946 +VALUE KarlNet-TurboCell-TxRate TxRate-947k 947 +VALUE KarlNet-TurboCell-TxRate TxRate-948k 948 +VALUE KarlNet-TurboCell-TxRate TxRate-949k 949 +VALUE KarlNet-TurboCell-TxRate TxRate-950k 950 +VALUE KarlNet-TurboCell-TxRate TxRate-951k 951 +VALUE KarlNet-TurboCell-TxRate TxRate-952k 952 +VALUE KarlNet-TurboCell-TxRate TxRate-953k 953 +VALUE KarlNet-TurboCell-TxRate TxRate-954k 954 +VALUE KarlNet-TurboCell-TxRate TxRate-955k 955 +VALUE KarlNet-TurboCell-TxRate TxRate-956k 956 +VALUE KarlNet-TurboCell-TxRate TxRate-957k 957 +VALUE KarlNet-TurboCell-TxRate TxRate-958k 958 +VALUE KarlNet-TurboCell-TxRate TxRate-959k 959 +VALUE KarlNet-TurboCell-TxRate TxRate-960k 960 +VALUE KarlNet-TurboCell-TxRate TxRate-961k 961 +VALUE KarlNet-TurboCell-TxRate TxRate-962k 962 +VALUE KarlNet-TurboCell-TxRate TxRate-963k 963 +VALUE KarlNet-TurboCell-TxRate TxRate-964k 964 +VALUE KarlNet-TurboCell-TxRate TxRate-965k 965 +VALUE KarlNet-TurboCell-TxRate TxRate-966k 966 +VALUE KarlNet-TurboCell-TxRate TxRate-967k 967 +VALUE KarlNet-TurboCell-TxRate TxRate-968k 968 +VALUE KarlNet-TurboCell-TxRate TxRate-969k 969 +VALUE KarlNet-TurboCell-TxRate TxRate-970k 970 +VALUE KarlNet-TurboCell-TxRate TxRate-971k 971 +VALUE KarlNet-TurboCell-TxRate TxRate-972k 972 +VALUE KarlNet-TurboCell-TxRate TxRate-973k 973 +VALUE KarlNet-TurboCell-TxRate TxRate-974k 974 +VALUE KarlNet-TurboCell-TxRate TxRate-975k 975 +VALUE KarlNet-TurboCell-TxRate TxRate-976k 976 +VALUE KarlNet-TurboCell-TxRate TxRate-977k 977 +VALUE KarlNet-TurboCell-TxRate TxRate-978k 978 +VALUE KarlNet-TurboCell-TxRate TxRate-979k 979 +VALUE KarlNet-TurboCell-TxRate TxRate-980k 980 +VALUE KarlNet-TurboCell-TxRate TxRate-981k 981 +VALUE KarlNet-TurboCell-TxRate TxRate-982k 982 +VALUE KarlNet-TurboCell-TxRate TxRate-983k 983 +VALUE KarlNet-TurboCell-TxRate TxRate-984k 984 +VALUE KarlNet-TurboCell-TxRate TxRate-985k 985 +VALUE KarlNet-TurboCell-TxRate TxRate-986k 986 +VALUE KarlNet-TurboCell-TxRate TxRate-987k 987 +VALUE KarlNet-TurboCell-TxRate TxRate-988k 988 +VALUE KarlNet-TurboCell-TxRate TxRate-989k 989 +VALUE KarlNet-TurboCell-TxRate TxRate-990k 990 +VALUE KarlNet-TurboCell-TxRate TxRate-991k 991 +VALUE KarlNet-TurboCell-TxRate TxRate-992k 992 +VALUE KarlNet-TurboCell-TxRate TxRate-993k 993 +VALUE KarlNet-TurboCell-TxRate TxRate-994k 994 +VALUE KarlNet-TurboCell-TxRate TxRate-995k 995 +VALUE KarlNet-TurboCell-TxRate TxRate-996k 996 +VALUE KarlNet-TurboCell-TxRate TxRate-997k 997 +VALUE KarlNet-TurboCell-TxRate TxRate-998k 998 +VALUE KarlNet-TurboCell-TxRate TxRate-999k 999 +VALUE KarlNet-TurboCell-TxRate TxRate-1000k 1000 +VALUE KarlNet-TurboCell-TxRate TxRate-1001k 1001 +VALUE KarlNet-TurboCell-TxRate TxRate-1002k 1002 +VALUE KarlNet-TurboCell-TxRate TxRate-1003k 1003 +VALUE KarlNet-TurboCell-TxRate TxRate-1004k 1004 +VALUE KarlNet-TurboCell-TxRate TxRate-1005k 1005 +VALUE KarlNet-TurboCell-TxRate TxRate-1006k 1006 +VALUE KarlNet-TurboCell-TxRate TxRate-1007k 1007 +VALUE KarlNet-TurboCell-TxRate TxRate-1008k 1008 +VALUE KarlNet-TurboCell-TxRate TxRate-1009k 1009 +VALUE KarlNet-TurboCell-TxRate TxRate-1010k 1010 +VALUE KarlNet-TurboCell-TxRate TxRate-1011k 1011 +VALUE KarlNet-TurboCell-TxRate TxRate-1012k 1012 +VALUE KarlNet-TurboCell-TxRate TxRate-1013k 1013 +VALUE KarlNet-TurboCell-TxRate TxRate-1014k 1014 +VALUE KarlNet-TurboCell-TxRate TxRate-1015k 1015 +VALUE KarlNet-TurboCell-TxRate TxRate-1016k 1016 +VALUE KarlNet-TurboCell-TxRate TxRate-1017k 1017 +VALUE KarlNet-TurboCell-TxRate TxRate-1018k 1018 +VALUE KarlNet-TurboCell-TxRate TxRate-1019k 1019 +VALUE KarlNet-TurboCell-TxRate TxRate-1020k 1020 +VALUE KarlNet-TurboCell-TxRate TxRate-1021k 1021 +VALUE KarlNet-TurboCell-TxRate TxRate-1022k 1022 +VALUE KarlNet-TurboCell-TxRate TxRate-1023k 1023 +VALUE KarlNet-TurboCell-TxRate TxRate-1024k 1024 +VALUE KarlNet-TurboCell-TxRate TxRate-1152k 1025 +VALUE KarlNet-TurboCell-TxRate TxRate-1280k 1026 +VALUE KarlNet-TurboCell-TxRate TxRate-1408k 1027 +VALUE KarlNet-TurboCell-TxRate TxRate-1536k 1028 +VALUE KarlNet-TurboCell-TxRate TxRate-1664k 1029 +VALUE KarlNet-TurboCell-TxRate TxRate-1792k 1030 +VALUE KarlNet-TurboCell-TxRate TxRate-1920k 1031 +VALUE KarlNet-TurboCell-TxRate TxRate-2048k 1032 +VALUE KarlNet-TurboCell-TxRate TxRate-2176k 1033 +VALUE KarlNet-TurboCell-TxRate TxRate-2304k 1034 +VALUE KarlNet-TurboCell-TxRate TxRate-2432k 1035 +VALUE KarlNet-TurboCell-TxRate TxRate-2560k 1036 +VALUE KarlNet-TurboCell-TxRate TxRate-2688k 1037 +VALUE KarlNet-TurboCell-TxRate TxRate-2816k 1038 +VALUE KarlNet-TurboCell-TxRate TxRate-2944k 1039 +VALUE KarlNet-TurboCell-TxRate TxRate-3072k 1040 +VALUE KarlNet-TurboCell-TxRate TxRate-3200k 1041 +VALUE KarlNet-TurboCell-TxRate TxRate-3328k 1042 +VALUE KarlNet-TurboCell-TxRate TxRate-3456k 1043 +VALUE KarlNet-TurboCell-TxRate TxRate-3584k 1044 +VALUE KarlNet-TurboCell-TxRate TxRate-3712k 1045 +VALUE KarlNet-TurboCell-TxRate TxRate-3840k 1046 +VALUE KarlNet-TurboCell-TxRate TxRate-3968k 1047 +VALUE KarlNet-TurboCell-TxRate TxRate-4096k 1048 +VALUE KarlNet-TurboCell-TxRate TxRate-4224k 1049 +VALUE KarlNet-TurboCell-TxRate TxRate-4352k 1050 +VALUE KarlNet-TurboCell-TxRate TxRate-4480k 1051 +VALUE KarlNet-TurboCell-TxRate TxRate-4608k 1052 +VALUE KarlNet-TurboCell-TxRate TxRate-4736k 1053 +VALUE KarlNet-TurboCell-TxRate TxRate-4864k 1054 +VALUE KarlNet-TurboCell-TxRate TxRate-4992k 1055 +VALUE KarlNet-TurboCell-TxRate TxRate-5120k 1056 +VALUE KarlNet-TurboCell-TxRate TxRate-5248k 1057 +VALUE KarlNet-TurboCell-TxRate TxRate-5376k 1058 +VALUE KarlNet-TurboCell-TxRate TxRate-5504k 1059 +VALUE KarlNet-TurboCell-TxRate TxRate-5632k 1060 +VALUE KarlNet-TurboCell-TxRate TxRate-5760k 1061 +VALUE KarlNet-TurboCell-TxRate TxRate-5888k 1062 +VALUE KarlNet-TurboCell-TxRate TxRate-6016k 1063 +VALUE KarlNet-TurboCell-TxRate TxRate-6144k 1064 +VALUE KarlNet-TurboCell-TxRate TxRate-6272k 1065 +VALUE KarlNet-TurboCell-TxRate TxRate-6400k 1066 +VALUE KarlNet-TurboCell-TxRate TxRate-6528k 1067 +VALUE KarlNet-TurboCell-TxRate TxRate-6656k 1068 +VALUE KarlNet-TurboCell-TxRate TxRate-6784k 1069 +VALUE KarlNet-TurboCell-TxRate TxRate-6912k 1070 +VALUE KarlNet-TurboCell-TxRate TxRate-7040k 1071 +VALUE KarlNet-TurboCell-TxRate TxRate-7168k 1072 +VALUE KarlNet-TurboCell-TxRate TxRate-7296k 1073 +VALUE KarlNet-TurboCell-TxRate TxRate-7424k 1074 +VALUE KarlNet-TurboCell-TxRate TxRate-7552k 1075 +VALUE KarlNet-TurboCell-TxRate TxRate-7680k 1076 +VALUE KarlNet-TurboCell-TxRate TxRate-7808k 1077 +VALUE KarlNet-TurboCell-TxRate TxRate-7936k 1078 +VALUE KarlNet-TurboCell-TxRate TxRate-8064k 1079 +VALUE KarlNet-TurboCell-TxRate TxRate-8192k 1080 +VALUE KarlNet-TurboCell-TxRate TxRate-8320k 1081 +VALUE KarlNet-TurboCell-TxRate TxRate-8448k 1082 +VALUE KarlNet-TurboCell-TxRate TxRate-8576k 1083 +VALUE KarlNet-TurboCell-TxRate TxRate-8704k 1084 +VALUE KarlNet-TurboCell-TxRate TxRate-8832k 1085 +VALUE KarlNet-TurboCell-TxRate TxRate-8960k 1086 +VALUE KarlNet-TurboCell-TxRate TxRate-9088k 1087 +VALUE KarlNet-TurboCell-TxRate TxRate-9216k 1088 +VALUE KarlNet-TurboCell-TxRate TxRate-9344k 1089 +VALUE KarlNet-TurboCell-TxRate TxRate-9472k 1090 +VALUE KarlNet-TurboCell-TxRate TxRate-9600k 1091 +VALUE KarlNet-TurboCell-TxRate TxRate-9728k 1092 +VALUE KarlNet-TurboCell-TxRate TxRate-9856k 1093 +VALUE KarlNet-TurboCell-TxRate TxRate-9984k 1094 +VALUE KarlNet-TurboCell-TxRate TxRate-10112k 1095 +VALUE KarlNet-TurboCell-TxRate TxRate-10240k 1096 +VALUE KarlNet-TurboCell-TxRate TxRate-10368k 1097 +VALUE KarlNet-TurboCell-TxRate TxRate-10496k 1098 +VALUE KarlNet-TurboCell-TxRate TxRate-10624k 1099 +VALUE KarlNet-TurboCell-TxRate TxRate-10752k 1100 +VALUE KarlNet-TurboCell-TxRate TxRate-10880k 1101 +VALUE KarlNet-TurboCell-TxRate TxRate-11008k 1102 +VALUE KarlNet-TurboCell-TxRate TxRate-11136k 1103 +VALUE KarlNet-TurboCell-TxRate TxRate-11264k 1104 +VALUE KarlNet-TurboCell-TxRate TxRate-11392k 1105 +VALUE KarlNet-TurboCell-TxRate TxRate-11520k 1106 +VALUE KarlNet-TurboCell-TxRate TxRate-11648k 1107 +VALUE KarlNet-TurboCell-TxRate TxRate-11776k 1108 +VALUE KarlNet-TurboCell-TxRate TxRate-11904k 1109 +VALUE KarlNet-TurboCell-TxRate TxRate-12032k 1110 +VALUE KarlNet-TurboCell-TxRate TxRate-12160k 1111 +VALUE KarlNet-TurboCell-TxRate TxRate-12288k 1112 +VALUE KarlNet-TurboCell-TxRate TxRate-12416k 1113 +VALUE KarlNet-TurboCell-TxRate TxRate-12544k 1114 +VALUE KarlNet-TurboCell-TxRate TxRate-12672k 1115 +VALUE KarlNet-TurboCell-TxRate TxRate-12800k 1116 +VALUE KarlNet-TurboCell-TxRate TxRate-12928k 1117 +VALUE KarlNet-TurboCell-TxRate TxRate-13056k 1118 +VALUE KarlNet-TurboCell-TxRate TxRate-13184k 1119 +VALUE KarlNet-TurboCell-TxRate TxRate-13312k 1120 +VALUE KarlNet-TurboCell-TxRate TxRate-13440k 1121 +VALUE KarlNet-TurboCell-TxRate TxRate-13568k 1122 +VALUE KarlNet-TurboCell-TxRate TxRate-13696k 1123 +VALUE KarlNet-TurboCell-TxRate TxRate-13824k 1124 +VALUE KarlNet-TurboCell-TxRate TxRate-13952k 1125 +VALUE KarlNet-TurboCell-TxRate TxRate-14080k 1126 +VALUE KarlNet-TurboCell-TxRate TxRate-14208k 1127 +VALUE KarlNet-TurboCell-TxRate TxRate-14336k 1128 +VALUE KarlNet-TurboCell-TxRate TxRate-14464k 1129 +VALUE KarlNet-TurboCell-TxRate TxRate-14592k 1130 +VALUE KarlNet-TurboCell-TxRate TxRate-14720k 1131 +VALUE KarlNet-TurboCell-TxRate TxRate-14848k 1132 +VALUE KarlNet-TurboCell-TxRate TxRate-14976k 1133 +VALUE KarlNet-TurboCell-TxRate TxRate-15104k 1134 +VALUE KarlNet-TurboCell-TxRate TxRate-15232k 1135 +VALUE KarlNet-TurboCell-TxRate TxRate-15360k 1136 +VALUE KarlNet-TurboCell-TxRate TxRate-15488k 1137 +VALUE KarlNet-TurboCell-TxRate TxRate-15616k 1138 +VALUE KarlNet-TurboCell-TxRate TxRate-15744k 1139 +VALUE KarlNet-TurboCell-TxRate TxRate-15872k 1140 +VALUE KarlNet-TurboCell-TxRate TxRate-16000k 1141 +VALUE KarlNet-TurboCell-TxRate TxRate-16128k 1142 +VALUE KarlNet-TurboCell-TxRate TxRate-16256k 1143 +VALUE KarlNet-TurboCell-TxRate TxRate-16384k 1144 +VALUE KarlNet-TurboCell-TxRate TxRate-16512k 1145 +VALUE KarlNet-TurboCell-TxRate TxRate-16640k 1146 +VALUE KarlNet-TurboCell-TxRate TxRate-16768k 1147 +VALUE KarlNet-TurboCell-TxRate TxRate-16896k 1148 +VALUE KarlNet-TurboCell-TxRate TxRate-17024k 1149 +VALUE KarlNet-TurboCell-TxRate TxRate-17152k 1150 +VALUE KarlNet-TurboCell-TxRate TxRate-17280k 1151 +VALUE KarlNet-TurboCell-TxRate TxRate-17408k 1152 +VALUE KarlNet-TurboCell-TxRate TxRate-17536k 1153 +VALUE KarlNet-TurboCell-TxRate TxRate-17664k 1154 +VALUE KarlNet-TurboCell-TxRate TxRate-17792k 1155 +VALUE KarlNet-TurboCell-TxRate TxRate-17920k 1156 +VALUE KarlNet-TurboCell-TxRate TxRate-18048k 1157 +VALUE KarlNet-TurboCell-TxRate TxRate-18176k 1158 +VALUE KarlNet-TurboCell-TxRate TxRate-18304k 1159 +VALUE KarlNet-TurboCell-TxRate TxRate-18432k 1160 +VALUE KarlNet-TurboCell-TxRate TxRate-18560k 1161 +VALUE KarlNet-TurboCell-TxRate TxRate-18688k 1162 +VALUE KarlNet-TurboCell-TxRate TxRate-18816k 1163 +VALUE KarlNet-TurboCell-TxRate TxRate-18944k 1164 +VALUE KarlNet-TurboCell-TxRate TxRate-19072k 1165 +VALUE KarlNet-TurboCell-TxRate TxRate-19200k 1166 +VALUE KarlNet-TurboCell-TxRate TxRate-19328k 1167 +VALUE KarlNet-TurboCell-TxRate TxRate-19456k 1168 +VALUE KarlNet-TurboCell-TxRate TxRate-19584k 1169 +VALUE KarlNet-TurboCell-TxRate TxRate-19712k 1170 +VALUE KarlNet-TurboCell-TxRate TxRate-19840k 1171 +VALUE KarlNet-TurboCell-TxRate TxRate-19968k 1172 +VALUE KarlNet-TurboCell-TxRate TxRate-20096k 1173 +VALUE KarlNet-TurboCell-TxRate TxRate-20224k 1174 +VALUE KarlNet-TurboCell-TxRate TxRate-20352k 1175 +VALUE KarlNet-TurboCell-TxRate TxRate-20480k 1176 +VALUE KarlNet-TurboCell-TxRate TxRate-20608k 1177 +VALUE KarlNet-TurboCell-TxRate TxRate-20736k 1178 +VALUE KarlNet-TurboCell-TxRate TxRate-20864k 1179 +VALUE KarlNet-TurboCell-TxRate TxRate-20992k 1180 +VALUE KarlNet-TurboCell-TxRate TxRate-21120k 1181 +VALUE KarlNet-TurboCell-TxRate TxRate-21248k 1182 +VALUE KarlNet-TurboCell-TxRate TxRate-21376k 1183 +VALUE KarlNet-TurboCell-TxRate TxRate-21504k 1184 +VALUE KarlNet-TurboCell-TxRate TxRate-21632k 1185 +VALUE KarlNet-TurboCell-TxRate TxRate-21760k 1186 +VALUE KarlNet-TurboCell-TxRate TxRate-21888k 1187 +VALUE KarlNet-TurboCell-TxRate TxRate-22016k 1188 +VALUE KarlNet-TurboCell-TxRate TxRate-22144k 1189 +VALUE KarlNet-TurboCell-TxRate TxRate-22272k 1190 +VALUE KarlNet-TurboCell-TxRate TxRate-22400k 1191 +VALUE KarlNet-TurboCell-TxRate TxRate-22528k 1192 +VALUE KarlNet-TurboCell-TxRate TxRate-22656k 1193 +VALUE KarlNet-TurboCell-TxRate TxRate-22784k 1194 +VALUE KarlNet-TurboCell-TxRate TxRate-22912k 1195 +VALUE KarlNet-TurboCell-TxRate TxRate-23040k 1196 +VALUE KarlNet-TurboCell-TxRate TxRate-23168k 1197 +VALUE KarlNet-TurboCell-TxRate TxRate-23296k 1198 +VALUE KarlNet-TurboCell-TxRate TxRate-23424k 1199 +VALUE KarlNet-TurboCell-TxRate TxRate-23552k 1200 +VALUE KarlNet-TurboCell-TxRate TxRate-23680k 1201 +VALUE KarlNet-TurboCell-TxRate TxRate-23808k 1202 +VALUE KarlNet-TurboCell-TxRate TxRate-23936k 1203 +VALUE KarlNet-TurboCell-TxRate TxRate-24064k 1204 +VALUE KarlNet-TurboCell-TxRate TxRate-24192k 1205 +VALUE KarlNet-TurboCell-TxRate TxRate-24320k 1206 +VALUE KarlNet-TurboCell-TxRate TxRate-24448k 1207 +VALUE KarlNet-TurboCell-TxRate TxRate-24576k 1208 +VALUE KarlNet-TurboCell-TxRate TxRate-24704k 1209 +VALUE KarlNet-TurboCell-TxRate TxRate-24832k 1210 +VALUE KarlNet-TurboCell-TxRate TxRate-24960k 1211 +VALUE KarlNet-TurboCell-TxRate TxRate-25088k 1212 +VALUE KarlNet-TurboCell-TxRate TxRate-25216k 1213 +VALUE KarlNet-TurboCell-TxRate TxRate-25344k 1214 +VALUE KarlNet-TurboCell-TxRate TxRate-25472k 1215 +VALUE KarlNet-TurboCell-TxRate TxRate-25600k 1216 +VALUE KarlNet-TurboCell-TxRate TxRate-25728k 1217 +VALUE KarlNet-TurboCell-TxRate TxRate-25856k 1218 +VALUE KarlNet-TurboCell-TxRate TxRate-25984k 1219 +VALUE KarlNet-TurboCell-TxRate TxRate-26112k 1220 +VALUE KarlNet-TurboCell-TxRate TxRate-26240k 1221 +VALUE KarlNet-TurboCell-TxRate TxRate-26368k 1222 +VALUE KarlNet-TurboCell-TxRate TxRate-26496k 1223 +VALUE KarlNet-TurboCell-TxRate TxRate-26624k 1224 +VALUE KarlNet-TurboCell-TxRate TxRate-26752k 1225 +VALUE KarlNet-TurboCell-TxRate TxRate-26880k 1226 +VALUE KarlNet-TurboCell-TxRate TxRate-27008k 1227 +VALUE KarlNet-TurboCell-TxRate TxRate-27136k 1228 +VALUE KarlNet-TurboCell-TxRate TxRate-27264k 1229 +VALUE KarlNet-TurboCell-TxRate TxRate-27392k 1230 +VALUE KarlNet-TurboCell-TxRate TxRate-27520k 1231 +VALUE KarlNet-TurboCell-TxRate TxRate-27648k 1232 +VALUE KarlNet-TurboCell-TxRate TxRate-27776k 1233 +VALUE KarlNet-TurboCell-TxRate TxRate-27904k 1234 +VALUE KarlNet-TurboCell-TxRate TxRate-28032k 1235 +VALUE KarlNet-TurboCell-TxRate TxRate-28160k 1236 +VALUE KarlNet-TurboCell-TxRate TxRate-28288k 1237 +VALUE KarlNet-TurboCell-TxRate TxRate-28416k 1238 +VALUE KarlNet-TurboCell-TxRate TxRate-28544k 1239 +VALUE KarlNet-TurboCell-TxRate TxRate-28672k 1240 +VALUE KarlNet-TurboCell-TxRate TxRate-28800k 1241 +VALUE KarlNet-TurboCell-TxRate TxRate-28928k 1242 +VALUE KarlNet-TurboCell-TxRate TxRate-29056k 1243 +VALUE KarlNet-TurboCell-TxRate TxRate-29184k 1244 +VALUE KarlNet-TurboCell-TxRate TxRate-29312k 1245 +VALUE KarlNet-TurboCell-TxRate TxRate-29440k 1246 +VALUE KarlNet-TurboCell-TxRate TxRate-29568k 1247 +VALUE KarlNet-TurboCell-TxRate TxRate-29696k 1248 +VALUE KarlNet-TurboCell-TxRate TxRate-29824k 1249 +VALUE KarlNet-TurboCell-TxRate TxRate-29952k 1250 +VALUE KarlNet-TurboCell-TxRate TxRate-30080k 1251 +VALUE KarlNet-TurboCell-TxRate TxRate-30208k 1252 +VALUE KarlNet-TurboCell-TxRate TxRate-30336k 1253 +VALUE KarlNet-TurboCell-TxRate TxRate-30464k 1254 +VALUE KarlNet-TurboCell-TxRate TxRate-30592k 1255 +VALUE KarlNet-TurboCell-TxRate TxRate-30720k 1256 +VALUE KarlNet-TurboCell-TxRate TxRate-30848k 1257 +VALUE KarlNet-TurboCell-TxRate TxRate-30976k 1258 +VALUE KarlNet-TurboCell-TxRate TxRate-31104k 1259 +VALUE KarlNet-TurboCell-TxRate TxRate-31232k 1260 +VALUE KarlNet-TurboCell-TxRate TxRate-31360k 1261 +VALUE KarlNet-TurboCell-TxRate TxRate-31488k 1262 +VALUE KarlNet-TurboCell-TxRate TxRate-31616k 1263 +VALUE KarlNet-TurboCell-TxRate TxRate-31744k 1264 +VALUE KarlNet-TurboCell-TxRate TxRate-31872k 1265 +VALUE KarlNet-TurboCell-TxRate TxRate-32000k 1266 +VALUE KarlNet-TurboCell-TxRate TxRate-32128k 1267 +VALUE KarlNet-TurboCell-TxRate TxRate-32256k 1268 +VALUE KarlNet-TurboCell-TxRate TxRate-32384k 1269 +VALUE KarlNet-TurboCell-TxRate TxRate-32512k 1270 +VALUE KarlNet-TurboCell-TxRate TxRate-32640k 1271 +VALUE KarlNet-TurboCell-TxRate TxRate-32768k 1272 +VALUE KarlNet-TurboCell-TxRate TxRate-32896k 1273 +VALUE KarlNet-TurboCell-TxRate TxRate-33024k 1274 +VALUE KarlNet-TurboCell-TxRate TxRate-33152k 1275 +VALUE KarlNet-TurboCell-TxRate TxRate-33280k 1276 +VALUE KarlNet-TurboCell-TxRate TxRate-33408k 1277 +VALUE KarlNet-TurboCell-TxRate TxRate-33536k 1278 +VALUE KarlNet-TurboCell-TxRate TxRate-33664k 1279 +VALUE KarlNet-TurboCell-TxRate TxRate-33792k 1280 +VALUE KarlNet-TurboCell-TxRate TxRate-33920k 1281 +VALUE KarlNet-TurboCell-TxRate TxRate-34048k 1282 +VALUE KarlNet-TurboCell-TxRate TxRate-34176k 1283 +VALUE KarlNet-TurboCell-TxRate TxRate-34304k 1284 +VALUE KarlNet-TurboCell-TxRate TxRate-34432k 1285 +VALUE KarlNet-TurboCell-TxRate TxRate-34560k 1286 +VALUE KarlNet-TurboCell-TxRate TxRate-34688k 1287 +VALUE KarlNet-TurboCell-TxRate TxRate-34816k 1288 +VALUE KarlNet-TurboCell-TxRate TxRate-34944k 1289 +VALUE KarlNet-TurboCell-TxRate TxRate-35072k 1290 +VALUE KarlNet-TurboCell-TxRate TxRate-35200k 1291 +VALUE KarlNet-TurboCell-TxRate TxRate-35328k 1292 +VALUE KarlNet-TurboCell-TxRate TxRate-35456k 1293 +VALUE KarlNet-TurboCell-TxRate TxRate-35584k 1294 +VALUE KarlNet-TurboCell-TxRate TxRate-35712k 1295 +VALUE KarlNet-TurboCell-TxRate TxRate-35840k 1296 +VALUE KarlNet-TurboCell-TxRate TxRate-35968k 1297 +VALUE KarlNet-TurboCell-TxRate TxRate-36096k 1298 +VALUE KarlNet-TurboCell-TxRate TxRate-36224k 1299 +VALUE KarlNet-TurboCell-TxRate TxRate-36352k 1300 +VALUE KarlNet-TurboCell-TxRate TxRate-36480k 1301 +VALUE KarlNet-TurboCell-TxRate TxRate-36608k 1302 +VALUE KarlNet-TurboCell-TxRate TxRate-36736k 1303 +VALUE KarlNet-TurboCell-TxRate TxRate-36864k 1304 +VALUE KarlNet-TurboCell-TxRate TxRate-36992k 1305 +VALUE KarlNet-TurboCell-TxRate TxRate-37120k 1306 +VALUE KarlNet-TurboCell-TxRate TxRate-37248k 1307 +VALUE KarlNet-TurboCell-TxRate TxRate-37376k 1308 +VALUE KarlNet-TurboCell-TxRate TxRate-37504k 1309 +VALUE KarlNet-TurboCell-TxRate TxRate-37632k 1310 +VALUE KarlNet-TurboCell-TxRate TxRate-37760k 1311 +VALUE KarlNet-TurboCell-TxRate TxRate-37888k 1312 +VALUE KarlNet-TurboCell-TxRate TxRate-38016k 1313 +VALUE KarlNet-TurboCell-TxRate TxRate-38144k 1314 +VALUE KarlNet-TurboCell-TxRate TxRate-38272k 1315 +VALUE KarlNet-TurboCell-TxRate TxRate-38400k 1316 +VALUE KarlNet-TurboCell-TxRate TxRate-38528k 1317 +VALUE KarlNet-TurboCell-TxRate TxRate-38656k 1318 +VALUE KarlNet-TurboCell-TxRate TxRate-38784k 1319 +VALUE KarlNet-TurboCell-TxRate TxRate-38912k 1320 +VALUE KarlNet-TurboCell-TxRate TxRate-39040k 1321 +VALUE KarlNet-TurboCell-TxRate TxRate-39168k 1322 +VALUE KarlNet-TurboCell-TxRate TxRate-39296k 1323 +VALUE KarlNet-TurboCell-TxRate TxRate-39424k 1324 +VALUE KarlNet-TurboCell-TxRate TxRate-39552k 1325 +VALUE KarlNet-TurboCell-TxRate TxRate-39680k 1326 +VALUE KarlNet-TurboCell-TxRate TxRate-39808k 1327 +VALUE KarlNet-TurboCell-TxRate TxRate-39936k 1328 +VALUE KarlNet-TurboCell-TxRate TxRate-40064k 1329 +VALUE KarlNet-TurboCell-TxRate TxRate-40192k 1330 +VALUE KarlNet-TurboCell-TxRate TxRate-40320k 1331 +VALUE KarlNet-TurboCell-TxRate TxRate-40448k 1332 +VALUE KarlNet-TurboCell-TxRate TxRate-40576k 1333 +VALUE KarlNet-TurboCell-TxRate TxRate-40704k 1334 +VALUE KarlNet-TurboCell-TxRate TxRate-40832k 1335 +VALUE KarlNet-TurboCell-TxRate TxRate-40960k 1336 +VALUE KarlNet-TurboCell-TxRate TxRate-41088k 1337 +VALUE KarlNet-TurboCell-TxRate TxRate-41216k 1338 +VALUE KarlNet-TurboCell-TxRate TxRate-41344k 1339 +VALUE KarlNet-TurboCell-TxRate TxRate-41472k 1340 +VALUE KarlNet-TurboCell-TxRate TxRate-41600k 1341 +VALUE KarlNet-TurboCell-TxRate TxRate-41728k 1342 +VALUE KarlNet-TurboCell-TxRate TxRate-41856k 1343 +VALUE KarlNet-TurboCell-TxRate TxRate-41984k 1344 +VALUE KarlNet-TurboCell-TxRate TxRate-42112k 1345 +VALUE KarlNet-TurboCell-TxRate TxRate-42240k 1346 +VALUE KarlNet-TurboCell-TxRate TxRate-42368k 1347 +VALUE KarlNet-TurboCell-TxRate TxRate-42496k 1348 +VALUE KarlNet-TurboCell-TxRate TxRate-42624k 1349 +VALUE KarlNet-TurboCell-TxRate TxRate-42752k 1350 +VALUE KarlNet-TurboCell-TxRate TxRate-42880k 1351 +VALUE KarlNet-TurboCell-TxRate TxRate-43008k 1352 +VALUE KarlNet-TurboCell-TxRate TxRate-43136k 1353 +VALUE KarlNet-TurboCell-TxRate TxRate-43264k 1354 +VALUE KarlNet-TurboCell-TxRate TxRate-43392k 1355 +VALUE KarlNet-TurboCell-TxRate TxRate-43520k 1356 +VALUE KarlNet-TurboCell-TxRate TxRate-43648k 1357 +VALUE KarlNet-TurboCell-TxRate TxRate-43776k 1358 +VALUE KarlNet-TurboCell-TxRate TxRate-43904k 1359 +VALUE KarlNet-TurboCell-TxRate TxRate-44032k 1360 +VALUE KarlNet-TurboCell-TxRate TxRate-44160k 1361 +VALUE KarlNet-TurboCell-TxRate TxRate-44288k 1362 +VALUE KarlNet-TurboCell-TxRate TxRate-44416k 1363 +VALUE KarlNet-TurboCell-TxRate TxRate-44544k 1364 +VALUE KarlNet-TurboCell-TxRate TxRate-44672k 1365 +VALUE KarlNet-TurboCell-TxRate TxRate-44800k 1366 +VALUE KarlNet-TurboCell-TxRate TxRate-44928k 1367 +VALUE KarlNet-TurboCell-TxRate TxRate-45056k 1368 +VALUE KarlNet-TurboCell-TxRate TxRate-45184k 1369 +VALUE KarlNet-TurboCell-TxRate TxRate-45312k 1370 +VALUE KarlNet-TurboCell-TxRate TxRate-45440k 1371 +VALUE KarlNet-TurboCell-TxRate TxRate-45568k 1372 +VALUE KarlNet-TurboCell-TxRate TxRate-45696k 1373 +VALUE KarlNet-TurboCell-TxRate TxRate-45824k 1374 +VALUE KarlNet-TurboCell-TxRate TxRate-45952k 1375 +VALUE KarlNet-TurboCell-TxRate TxRate-46080k 1376 +VALUE KarlNet-TurboCell-TxRate TxRate-46208k 1377 +VALUE KarlNet-TurboCell-TxRate TxRate-46336k 1378 +VALUE KarlNet-TurboCell-TxRate TxRate-46464k 1379 +VALUE KarlNet-TurboCell-TxRate TxRate-46592k 1380 +VALUE KarlNet-TurboCell-TxRate TxRate-46720k 1381 +VALUE KarlNet-TurboCell-TxRate TxRate-46848k 1382 +VALUE KarlNet-TurboCell-TxRate TxRate-46976k 1383 +VALUE KarlNet-TurboCell-TxRate TxRate-47104k 1384 +VALUE KarlNet-TurboCell-TxRate TxRate-47232k 1385 +VALUE KarlNet-TurboCell-TxRate TxRate-47360k 1386 +VALUE KarlNet-TurboCell-TxRate TxRate-47488k 1387 +VALUE KarlNet-TurboCell-TxRate TxRate-47616k 1388 +VALUE KarlNet-TurboCell-TxRate TxRate-47744k 1389 +VALUE KarlNet-TurboCell-TxRate TxRate-47872k 1390 +VALUE KarlNet-TurboCell-TxRate TxRate-48000k 1391 +VALUE KarlNet-TurboCell-TxRate TxRate-48128k 1392 +VALUE KarlNet-TurboCell-TxRate TxRate-48256k 1393 +VALUE KarlNet-TurboCell-TxRate TxRate-48384k 1394 +VALUE KarlNet-TurboCell-TxRate TxRate-48512k 1395 +VALUE KarlNet-TurboCell-TxRate TxRate-48640k 1396 +VALUE KarlNet-TurboCell-TxRate TxRate-48768k 1397 +VALUE KarlNet-TurboCell-TxRate TxRate-48896k 1398 +VALUE KarlNet-TurboCell-TxRate TxRate-49024k 1399 +VALUE KarlNet-TurboCell-TxRate TxRate-49152k 1400 +VALUE KarlNet-TurboCell-TxRate TxRate-49280k 1401 +VALUE KarlNet-TurboCell-TxRate TxRate-49408k 1402 +VALUE KarlNet-TurboCell-TxRate TxRate-49536k 1403 +VALUE KarlNet-TurboCell-TxRate TxRate-49664k 1404 +VALUE KarlNet-TurboCell-TxRate TxRate-49792k 1405 +VALUE KarlNet-TurboCell-TxRate TxRate-49920k 1406 +VALUE KarlNet-TurboCell-TxRate TxRate-50048k 1407 +VALUE KarlNet-TurboCell-TxRate TxRate-50176k 1408 +VALUE KarlNet-TurboCell-TxRate TxRate-50304k 1409 +VALUE KarlNet-TurboCell-TxRate TxRate-50432k 1410 +VALUE KarlNet-TurboCell-TxRate TxRate-50560k 1411 +VALUE KarlNet-TurboCell-TxRate TxRate-50688k 1412 +VALUE KarlNet-TurboCell-TxRate TxRate-50816k 1413 +VALUE KarlNet-TurboCell-TxRate TxRate-50944k 1414 +VALUE KarlNet-TurboCell-TxRate TxRate-51072k 1415 +VALUE KarlNet-TurboCell-TxRate TxRate-51200k 1416 +VALUE KarlNet-TurboCell-TxRate TxRate-51328k 1417 +VALUE KarlNet-TurboCell-TxRate TxRate-51456k 1418 +VALUE KarlNet-TurboCell-TxRate TxRate-51584k 1419 +VALUE KarlNet-TurboCell-TxRate TxRate-51712k 1420 +VALUE KarlNet-TurboCell-TxRate TxRate-51840k 1421 +VALUE KarlNet-TurboCell-TxRate TxRate-51968k 1422 +VALUE KarlNet-TurboCell-TxRate TxRate-52096k 1423 +VALUE KarlNet-TurboCell-TxRate TxRate-52224k 1424 +VALUE KarlNet-TurboCell-TxRate TxRate-52352k 1425 +VALUE KarlNet-TurboCell-TxRate TxRate-52480k 1426 +VALUE KarlNet-TurboCell-TxRate TxRate-52608k 1427 +VALUE KarlNet-TurboCell-TxRate TxRate-52736k 1428 +VALUE KarlNet-TurboCell-TxRate TxRate-52864k 1429 +VALUE KarlNet-TurboCell-TxRate TxRate-52992k 1430 +VALUE KarlNet-TurboCell-TxRate TxRate-53120k 1431 +VALUE KarlNet-TurboCell-TxRate TxRate-53248k 1432 +VALUE KarlNet-TurboCell-TxRate TxRate-53376k 1433 +VALUE KarlNet-TurboCell-TxRate TxRate-53504k 1434 +VALUE KarlNet-TurboCell-TxRate TxRate-53632k 1435 +VALUE KarlNet-TurboCell-TxRate TxRate-53760k 1436 +VALUE KarlNet-TurboCell-TxRate TxRate-53888k 1437 +VALUE KarlNet-TurboCell-TxRate TxRate-54016k 1438 +VALUE KarlNet-TurboCell-TxRate TxRate-54144k 1439 +VALUE KarlNet-TurboCell-TxRate TxRate-54272k 1440 +VALUE KarlNet-TurboCell-TxRate TxRate-54400k 1441 +VALUE KarlNet-TurboCell-TxRate TxRate-54528k 1442 +VALUE KarlNet-TurboCell-TxRate TxRate-54656k 1443 +VALUE KarlNet-TurboCell-TxRate TxRate-54784k 1444 +VALUE KarlNet-TurboCell-TxRate TxRate-54912k 1445 +VALUE KarlNet-TurboCell-TxRate TxRate-55040k 1446 +VALUE KarlNet-TurboCell-TxRate TxRate-55168k 1447 +VALUE KarlNet-TurboCell-TxRate TxRate-55296k 1448 +VALUE KarlNet-TurboCell-TxRate TxRate-55424k 1449 +VALUE KarlNet-TurboCell-TxRate TxRate-55552k 1450 +VALUE KarlNet-TurboCell-TxRate TxRate-55680k 1451 +VALUE KarlNet-TurboCell-TxRate TxRate-55808k 1452 +VALUE KarlNet-TurboCell-TxRate TxRate-55936k 1453 +VALUE KarlNet-TurboCell-TxRate TxRate-56064k 1454 +VALUE KarlNet-TurboCell-TxRate TxRate-56192k 1455 +VALUE KarlNet-TurboCell-TxRate TxRate-56320k 1456 +VALUE KarlNet-TurboCell-TxRate TxRate-56448k 1457 +VALUE KarlNet-TurboCell-TxRate TxRate-56576k 1458 +VALUE KarlNet-TurboCell-TxRate TxRate-56704k 1459 +VALUE KarlNet-TurboCell-TxRate TxRate-56832k 1460 +VALUE KarlNet-TurboCell-TxRate TxRate-56960k 1461 +VALUE KarlNet-TurboCell-TxRate TxRate-57088k 1462 +VALUE KarlNet-TurboCell-TxRate TxRate-57216k 1463 +VALUE KarlNet-TurboCell-TxRate TxRate-57344k 1464 +VALUE KarlNet-TurboCell-TxRate TxRate-57472k 1465 +VALUE KarlNet-TurboCell-TxRate TxRate-57600k 1466 +VALUE KarlNet-TurboCell-TxRate TxRate-57728k 1467 +VALUE KarlNet-TurboCell-TxRate TxRate-57856k 1468 +VALUE KarlNet-TurboCell-TxRate TxRate-57984k 1469 +VALUE KarlNet-TurboCell-TxRate TxRate-58112k 1470 +VALUE KarlNet-TurboCell-TxRate TxRate-58240k 1471 +VALUE KarlNet-TurboCell-TxRate TxRate-58368k 1472 +VALUE KarlNet-TurboCell-TxRate TxRate-58496k 1473 +VALUE KarlNet-TurboCell-TxRate TxRate-58624k 1474 +VALUE KarlNet-TurboCell-TxRate TxRate-58752k 1475 +VALUE KarlNet-TurboCell-TxRate TxRate-58880k 1476 +VALUE KarlNet-TurboCell-TxRate TxRate-59008k 1477 +VALUE KarlNet-TurboCell-TxRate TxRate-59136k 1478 +VALUE KarlNet-TurboCell-TxRate TxRate-59264k 1479 +VALUE KarlNet-TurboCell-TxRate TxRate-59392k 1480 +VALUE KarlNet-TurboCell-TxRate TxRate-59520k 1481 +VALUE KarlNet-TurboCell-TxRate TxRate-59648k 1482 +VALUE KarlNet-TurboCell-TxRate TxRate-59776k 1483 +VALUE KarlNet-TurboCell-TxRate TxRate-59904k 1484 +VALUE KarlNet-TurboCell-TxRate TxRate-60032k 1485 +VALUE KarlNet-TurboCell-TxRate TxRate-60160k 1486 +VALUE KarlNet-TurboCell-TxRate TxRate-60288k 1487 +VALUE KarlNet-TurboCell-TxRate TxRate-60416k 1488 +VALUE KarlNet-TurboCell-TxRate TxRate-60544k 1489 +VALUE KarlNet-TurboCell-TxRate TxRate-60672k 1490 +VALUE KarlNet-TurboCell-TxRate TxRate-60800k 1491 +VALUE KarlNet-TurboCell-TxRate TxRate-60928k 1492 +VALUE KarlNet-TurboCell-TxRate TxRate-61056k 1493 +VALUE KarlNet-TurboCell-TxRate TxRate-61184k 1494 +VALUE KarlNet-TurboCell-TxRate TxRate-61312k 1495 +VALUE KarlNet-TurboCell-TxRate TxRate-61440k 1496 +VALUE KarlNet-TurboCell-TxRate TxRate-61568k 1497 +VALUE KarlNet-TurboCell-TxRate TxRate-61696k 1498 +VALUE KarlNet-TurboCell-TxRate TxRate-61824k 1499 +VALUE KarlNet-TurboCell-TxRate TxRate-61952k 1500 +VALUE KarlNet-TurboCell-TxRate TxRate-62080k 1501 +VALUE KarlNet-TurboCell-TxRate TxRate-62208k 1502 +VALUE KarlNet-TurboCell-TxRate TxRate-62336k 1503 +VALUE KarlNet-TurboCell-TxRate TxRate-62464k 1504 +VALUE KarlNet-TurboCell-TxRate TxRate-62592k 1505 +VALUE KarlNet-TurboCell-TxRate TxRate-62720k 1506 +VALUE KarlNet-TurboCell-TxRate TxRate-62848k 1507 +VALUE KarlNet-TurboCell-TxRate TxRate-62976k 1508 +VALUE KarlNet-TurboCell-TxRate TxRate-63104k 1509 +VALUE KarlNet-TurboCell-TxRate TxRate-63232k 1510 +VALUE KarlNet-TurboCell-TxRate TxRate-63360k 1511 +VALUE KarlNet-TurboCell-TxRate TxRate-63488k 1512 +VALUE KarlNet-TurboCell-TxRate TxRate-63616k 1513 +VALUE KarlNet-TurboCell-TxRate TxRate-63744k 1514 +VALUE KarlNet-TurboCell-TxRate TxRate-63872k 1515 +VALUE KarlNet-TurboCell-TxRate TxRate-64000k 1516 +VALUE KarlNet-TurboCell-TxRate TxRate-64128k 1517 +VALUE KarlNet-TurboCell-TxRate TxRate-64256k 1518 +VALUE KarlNet-TurboCell-TxRate TxRate-64384k 1519 +VALUE KarlNet-TurboCell-TxRate TxRate-64512k 1520 +VALUE KarlNet-TurboCell-TxRate TxRate-64640k 1521 +VALUE KarlNet-TurboCell-TxRate TxRate-64768k 1522 +VALUE KarlNet-TurboCell-TxRate TxRate-64896k 1523 +VALUE KarlNet-TurboCell-TxRate TxRate-65024k 1524 +VALUE KarlNet-TurboCell-TxRate TxRate-65152k 1525 +VALUE KarlNet-TurboCell-TxRate TxRate-65280k 1526 +VALUE KarlNet-TurboCell-TxRate TxRate-65408k 1527 +VALUE KarlNet-TurboCell-TxRate TxRate-65536k 1528 +VALUE KarlNet-TurboCell-TxRate TxRate-65664k 1529 +VALUE KarlNet-TurboCell-TxRate TxRate-65792k 1530 +VALUE KarlNet-TurboCell-TxRate TxRate-65920k 1531 +VALUE KarlNet-TurboCell-TxRate TxRate-66048k 1532 +VALUE KarlNet-TurboCell-TxRate TxRate-66176k 1533 +VALUE KarlNet-TurboCell-TxRate TxRate-66304k 1534 +VALUE KarlNet-TurboCell-TxRate TxRate-66432k 1535 +VALUE KarlNet-TurboCell-TxRate TxRate-66560k 1536 +VALUE KarlNet-TurboCell-TxRate TxRate-66688k 1537 +VALUE KarlNet-TurboCell-TxRate TxRate-66816k 1538 +VALUE KarlNet-TurboCell-TxRate TxRate-66944k 1539 +VALUE KarlNet-TurboCell-TxRate TxRate-67072k 1540 +VALUE KarlNet-TurboCell-TxRate TxRate-67200k 1541 +VALUE KarlNet-TurboCell-TxRate TxRate-67328k 1542 +VALUE KarlNet-TurboCell-TxRate TxRate-67456k 1543 +VALUE KarlNet-TurboCell-TxRate TxRate-67584k 1544 +VALUE KarlNet-TurboCell-TxRate TxRate-67712k 1545 +VALUE KarlNet-TurboCell-TxRate TxRate-67840k 1546 +VALUE KarlNet-TurboCell-TxRate TxRate-67968k 1547 +VALUE KarlNet-TurboCell-TxRate TxRate-68096k 1548 +VALUE KarlNet-TurboCell-TxRate TxRate-68224k 1549 +VALUE KarlNet-TurboCell-TxRate TxRate-68352k 1550 +VALUE KarlNet-TurboCell-TxRate TxRate-68480k 1551 +VALUE KarlNet-TurboCell-TxRate TxRate-68608k 1552 +VALUE KarlNet-TurboCell-TxRate TxRate-68736k 1553 +VALUE KarlNet-TurboCell-TxRate TxRate-68864k 1554 +VALUE KarlNet-TurboCell-TxRate TxRate-68992k 1555 +VALUE KarlNet-TurboCell-TxRate TxRate-69120k 1556 +VALUE KarlNet-TurboCell-TxRate TxRate-69248k 1557 +VALUE KarlNet-TurboCell-TxRate TxRate-69376k 1558 +VALUE KarlNet-TurboCell-TxRate TxRate-69504k 1559 +VALUE KarlNet-TurboCell-TxRate TxRate-69632k 1560 +VALUE KarlNet-TurboCell-TxRate TxRate-69760k 1561 +VALUE KarlNet-TurboCell-TxRate TxRate-69888k 1562 +VALUE KarlNet-TurboCell-TxRate TxRate-70016k 1563 +VALUE KarlNet-TurboCell-TxRate TxRate-70144k 1564 +VALUE KarlNet-TurboCell-TxRate TxRate-70272k 1565 +VALUE KarlNet-TurboCell-TxRate TxRate-70400k 1566 +VALUE KarlNet-TurboCell-TxRate TxRate-70528k 1567 +VALUE KarlNet-TurboCell-TxRate TxRate-70656k 1568 +VALUE KarlNet-TurboCell-TxRate TxRate-70784k 1569 +VALUE KarlNet-TurboCell-TxRate TxRate-70912k 1570 +VALUE KarlNet-TurboCell-TxRate TxRate-71040k 1571 +VALUE KarlNet-TurboCell-TxRate TxRate-71168k 1572 +VALUE KarlNet-TurboCell-TxRate TxRate-71296k 1573 +VALUE KarlNet-TurboCell-TxRate TxRate-71424k 1574 +VALUE KarlNet-TurboCell-TxRate TxRate-71552k 1575 +VALUE KarlNet-TurboCell-TxRate TxRate-71680k 1576 +VALUE KarlNet-TurboCell-TxRate TxRate-71808k 1577 +VALUE KarlNet-TurboCell-TxRate TxRate-71936k 1578 +VALUE KarlNet-TurboCell-TxRate TxRate-72064k 1579 +VALUE KarlNet-TurboCell-TxRate TxRate-72192k 1580 +VALUE KarlNet-TurboCell-TxRate TxRate-72320k 1581 +VALUE KarlNet-TurboCell-TxRate TxRate-72448k 1582 +VALUE KarlNet-TurboCell-TxRate TxRate-72576k 1583 +VALUE KarlNet-TurboCell-TxRate TxRate-72704k 1584 +VALUE KarlNet-TurboCell-TxRate TxRate-72832k 1585 +VALUE KarlNet-TurboCell-TxRate TxRate-72960k 1586 +VALUE KarlNet-TurboCell-TxRate TxRate-73088k 1587 +VALUE KarlNet-TurboCell-TxRate TxRate-73216k 1588 +VALUE KarlNet-TurboCell-TxRate TxRate-73344k 1589 +VALUE KarlNet-TurboCell-TxRate TxRate-73472k 1590 +VALUE KarlNet-TurboCell-TxRate TxRate-73600k 1591 +VALUE KarlNet-TurboCell-TxRate TxRate-73728k 1592 +VALUE KarlNet-TurboCell-TxRate TxRate-73856k 1593 +VALUE KarlNet-TurboCell-TxRate TxRate-73984k 1594 +VALUE KarlNet-TurboCell-TxRate TxRate-74112k 1595 +VALUE KarlNet-TurboCell-TxRate TxRate-74240k 1596 +VALUE KarlNet-TurboCell-TxRate TxRate-74368k 1597 +VALUE KarlNet-TurboCell-TxRate TxRate-74496k 1598 +VALUE KarlNet-TurboCell-TxRate TxRate-74624k 1599 +VALUE KarlNet-TurboCell-TxRate TxRate-74752k 1600 +VALUE KarlNet-TurboCell-TxRate TxRate-74880k 1601 +VALUE KarlNet-TurboCell-TxRate TxRate-75008k 1602 +VALUE KarlNet-TurboCell-TxRate TxRate-75136k 1603 +VALUE KarlNet-TurboCell-TxRate TxRate-75264k 1604 +VALUE KarlNet-TurboCell-TxRate TxRate-75392k 1605 +VALUE KarlNet-TurboCell-TxRate TxRate-75520k 1606 +VALUE KarlNet-TurboCell-TxRate TxRate-75648k 1607 +VALUE KarlNet-TurboCell-TxRate TxRate-75776k 1608 +VALUE KarlNet-TurboCell-TxRate TxRate-75904k 1609 +VALUE KarlNet-TurboCell-TxRate TxRate-76032k 1610 +VALUE KarlNet-TurboCell-TxRate TxRate-76160k 1611 +VALUE KarlNet-TurboCell-TxRate TxRate-76288k 1612 +VALUE KarlNet-TurboCell-TxRate TxRate-76416k 1613 +VALUE KarlNet-TurboCell-TxRate TxRate-76544k 1614 +VALUE KarlNet-TurboCell-TxRate TxRate-76672k 1615 +VALUE KarlNet-TurboCell-TxRate TxRate-76800k 1616 +VALUE KarlNet-TurboCell-TxRate TxRate-76928k 1617 +VALUE KarlNet-TurboCell-TxRate TxRate-77056k 1618 +VALUE KarlNet-TurboCell-TxRate TxRate-77184k 1619 +VALUE KarlNet-TurboCell-TxRate TxRate-77312k 1620 +VALUE KarlNet-TurboCell-TxRate TxRate-77440k 1621 +VALUE KarlNet-TurboCell-TxRate TxRate-77568k 1622 +VALUE KarlNet-TurboCell-TxRate TxRate-77696k 1623 +VALUE KarlNet-TurboCell-TxRate TxRate-77824k 1624 +VALUE KarlNet-TurboCell-TxRate TxRate-77952k 1625 +VALUE KarlNet-TurboCell-TxRate TxRate-78080k 1626 +VALUE KarlNet-TurboCell-TxRate TxRate-78208k 1627 +VALUE KarlNet-TurboCell-TxRate TxRate-78336k 1628 +VALUE KarlNet-TurboCell-TxRate TxRate-78464k 1629 +VALUE KarlNet-TurboCell-TxRate TxRate-78592k 1630 +VALUE KarlNet-TurboCell-TxRate TxRate-78720k 1631 +VALUE KarlNet-TurboCell-TxRate TxRate-78848k 1632 +VALUE KarlNet-TurboCell-TxRate TxRate-78976k 1633 +VALUE KarlNet-TurboCell-TxRate TxRate-79104k 1634 +VALUE KarlNet-TurboCell-TxRate TxRate-79232k 1635 +VALUE KarlNet-TurboCell-TxRate TxRate-79360k 1636 +VALUE KarlNet-TurboCell-TxRate TxRate-79488k 1637 +VALUE KarlNet-TurboCell-TxRate TxRate-79616k 1638 +VALUE KarlNet-TurboCell-TxRate TxRate-79744k 1639 +VALUE KarlNet-TurboCell-TxRate TxRate-79872k 1640 +VALUE KarlNet-TurboCell-TxRate TxRate-80000k 1641 +VALUE KarlNet-TurboCell-TxRate TxRate-80128k 1642 +VALUE KarlNet-TurboCell-TxRate TxRate-80256k 1643 +VALUE KarlNet-TurboCell-TxRate TxRate-80384k 1644 +VALUE KarlNet-TurboCell-TxRate TxRate-80512k 1645 +VALUE KarlNet-TurboCell-TxRate TxRate-80640k 1646 +VALUE KarlNet-TurboCell-TxRate TxRate-80768k 1647 +VALUE KarlNet-TurboCell-TxRate TxRate-80896k 1648 +VALUE KarlNet-TurboCell-TxRate TxRate-81024k 1649 +VALUE KarlNet-TurboCell-TxRate TxRate-81152k 1650 +VALUE KarlNet-TurboCell-TxRate TxRate-81280k 1651 +VALUE KarlNet-TurboCell-TxRate TxRate-81408k 1652 +VALUE KarlNet-TurboCell-TxRate TxRate-81536k 1653 +VALUE KarlNet-TurboCell-TxRate TxRate-81664k 1654 +VALUE KarlNet-TurboCell-TxRate TxRate-81792k 1655 +VALUE KarlNet-TurboCell-TxRate TxRate-81920k 1656 +VALUE KarlNet-TurboCell-TxRate TxRate-82048k 1657 +VALUE KarlNet-TurboCell-TxRate TxRate-82176k 1658 +VALUE KarlNet-TurboCell-TxRate TxRate-82304k 1659 +VALUE KarlNet-TurboCell-TxRate TxRate-82432k 1660 +VALUE KarlNet-TurboCell-TxRate TxRate-82560k 1661 +VALUE KarlNet-TurboCell-TxRate TxRate-82688k 1662 +VALUE KarlNet-TurboCell-TxRate TxRate-82816k 1663 +VALUE KarlNet-TurboCell-TxRate TxRate-82944k 1664 +VALUE KarlNet-TurboCell-TxRate TxRate-83072k 1665 +VALUE KarlNet-TurboCell-TxRate TxRate-83200k 1666 +VALUE KarlNet-TurboCell-TxRate TxRate-83328k 1667 +VALUE KarlNet-TurboCell-TxRate TxRate-83456k 1668 +VALUE KarlNet-TurboCell-TxRate TxRate-83584k 1669 +VALUE KarlNet-TurboCell-TxRate TxRate-83712k 1670 +VALUE KarlNet-TurboCell-TxRate TxRate-83840k 1671 +VALUE KarlNet-TurboCell-TxRate TxRate-83968k 1672 +VALUE KarlNet-TurboCell-TxRate TxRate-84096k 1673 +VALUE KarlNet-TurboCell-TxRate TxRate-84224k 1674 +VALUE KarlNet-TurboCell-TxRate TxRate-84352k 1675 +VALUE KarlNet-TurboCell-TxRate TxRate-84480k 1676 +VALUE KarlNet-TurboCell-TxRate TxRate-84608k 1677 +VALUE KarlNet-TurboCell-TxRate TxRate-84736k 1678 +VALUE KarlNet-TurboCell-TxRate TxRate-84864k 1679 +VALUE KarlNet-TurboCell-TxRate TxRate-84992k 1680 +VALUE KarlNet-TurboCell-TxRate TxRate-85120k 1681 +VALUE KarlNet-TurboCell-TxRate TxRate-85248k 1682 +VALUE KarlNet-TurboCell-TxRate TxRate-85376k 1683 +VALUE KarlNet-TurboCell-TxRate TxRate-85504k 1684 +VALUE KarlNet-TurboCell-TxRate TxRate-85632k 1685 +VALUE KarlNet-TurboCell-TxRate TxRate-85760k 1686 +VALUE KarlNet-TurboCell-TxRate TxRate-85888k 1687 +VALUE KarlNet-TurboCell-TxRate TxRate-86016k 1688 +VALUE KarlNet-TurboCell-TxRate TxRate-86144k 1689 +VALUE KarlNet-TurboCell-TxRate TxRate-86272k 1690 +VALUE KarlNet-TurboCell-TxRate TxRate-86400k 1691 +VALUE KarlNet-TurboCell-TxRate TxRate-86528k 1692 +VALUE KarlNet-TurboCell-TxRate TxRate-86656k 1693 +VALUE KarlNet-TurboCell-TxRate TxRate-86784k 1694 +VALUE KarlNet-TurboCell-TxRate TxRate-86912k 1695 +VALUE KarlNet-TurboCell-TxRate TxRate-87040k 1696 +VALUE KarlNet-TurboCell-TxRate TxRate-87168k 1697 +VALUE KarlNet-TurboCell-TxRate TxRate-87296k 1698 +VALUE KarlNet-TurboCell-TxRate TxRate-87424k 1699 +VALUE KarlNet-TurboCell-TxRate TxRate-87552k 1700 +VALUE KarlNet-TurboCell-TxRate TxRate-87680k 1701 +VALUE KarlNet-TurboCell-TxRate TxRate-87808k 1702 +VALUE KarlNet-TurboCell-TxRate TxRate-87936k 1703 +VALUE KarlNet-TurboCell-TxRate TxRate-88064k 1704 +VALUE KarlNet-TurboCell-TxRate TxRate-88192k 1705 +VALUE KarlNet-TurboCell-TxRate TxRate-88320k 1706 +VALUE KarlNet-TurboCell-TxRate TxRate-88448k 1707 +VALUE KarlNet-TurboCell-TxRate TxRate-88576k 1708 +VALUE KarlNet-TurboCell-TxRate TxRate-88704k 1709 +VALUE KarlNet-TurboCell-TxRate TxRate-88832k 1710 +VALUE KarlNet-TurboCell-TxRate TxRate-88960k 1711 +VALUE KarlNet-TurboCell-TxRate TxRate-89088k 1712 +VALUE KarlNet-TurboCell-TxRate TxRate-89216k 1713 +VALUE KarlNet-TurboCell-TxRate TxRate-89344k 1714 +VALUE KarlNet-TurboCell-TxRate TxRate-89472k 1715 +VALUE KarlNet-TurboCell-TxRate TxRate-89600k 1716 +VALUE KarlNet-TurboCell-TxRate TxRate-89728k 1717 +VALUE KarlNet-TurboCell-TxRate TxRate-89856k 1718 +VALUE KarlNet-TurboCell-TxRate TxRate-89984k 1719 +VALUE KarlNet-TurboCell-TxRate TxRate-90112k 1720 +VALUE KarlNet-TurboCell-TxRate TxRate-90240k 1721 +VALUE KarlNet-TurboCell-TxRate TxRate-90368k 1722 +VALUE KarlNet-TurboCell-TxRate TxRate-90496k 1723 +VALUE KarlNet-TurboCell-TxRate TxRate-90624k 1724 +VALUE KarlNet-TurboCell-TxRate TxRate-90752k 1725 +VALUE KarlNet-TurboCell-TxRate TxRate-90880k 1726 +VALUE KarlNet-TurboCell-TxRate TxRate-91008k 1727 +VALUE KarlNet-TurboCell-TxRate TxRate-91136k 1728 +VALUE KarlNet-TurboCell-TxRate TxRate-91264k 1729 +VALUE KarlNet-TurboCell-TxRate TxRate-91392k 1730 +VALUE KarlNet-TurboCell-TxRate TxRate-91520k 1731 +VALUE KarlNet-TurboCell-TxRate TxRate-91648k 1732 +VALUE KarlNet-TurboCell-TxRate TxRate-91776k 1733 +VALUE KarlNet-TurboCell-TxRate TxRate-91904k 1734 +VALUE KarlNet-TurboCell-TxRate TxRate-92032k 1735 +VALUE KarlNet-TurboCell-TxRate TxRate-92160k 1736 +VALUE KarlNet-TurboCell-TxRate TxRate-92288k 1737 +VALUE KarlNet-TurboCell-TxRate TxRate-92416k 1738 +VALUE KarlNet-TurboCell-TxRate TxRate-92544k 1739 +VALUE KarlNet-TurboCell-TxRate TxRate-92672k 1740 +VALUE KarlNet-TurboCell-TxRate TxRate-92800k 1741 +VALUE KarlNet-TurboCell-TxRate TxRate-92928k 1742 +VALUE KarlNet-TurboCell-TxRate TxRate-93056k 1743 +VALUE KarlNet-TurboCell-TxRate TxRate-93184k 1744 +VALUE KarlNet-TurboCell-TxRate TxRate-93312k 1745 +VALUE KarlNet-TurboCell-TxRate TxRate-93440k 1746 +VALUE KarlNet-TurboCell-TxRate TxRate-93568k 1747 +VALUE KarlNet-TurboCell-TxRate TxRate-93696k 1748 +VALUE KarlNet-TurboCell-TxRate TxRate-93824k 1749 +VALUE KarlNet-TurboCell-TxRate TxRate-93952k 1750 +VALUE KarlNet-TurboCell-TxRate TxRate-94080k 1751 +VALUE KarlNet-TurboCell-TxRate TxRate-94208k 1752 +VALUE KarlNet-TurboCell-TxRate TxRate-94336k 1753 +VALUE KarlNet-TurboCell-TxRate TxRate-94464k 1754 +VALUE KarlNet-TurboCell-TxRate TxRate-94592k 1755 +VALUE KarlNet-TurboCell-TxRate TxRate-94720k 1756 +VALUE KarlNet-TurboCell-TxRate TxRate-94848k 1757 +VALUE KarlNet-TurboCell-TxRate TxRate-94976k 1758 +VALUE KarlNet-TurboCell-TxRate TxRate-95104k 1759 +VALUE KarlNet-TurboCell-TxRate TxRate-95232k 1760 +VALUE KarlNet-TurboCell-TxRate TxRate-95360k 1761 +VALUE KarlNet-TurboCell-TxRate TxRate-95488k 1762 +VALUE KarlNet-TurboCell-TxRate TxRate-95616k 1763 +VALUE KarlNet-TurboCell-TxRate TxRate-95744k 1764 +VALUE KarlNet-TurboCell-TxRate TxRate-95872k 1765 +VALUE KarlNet-TurboCell-TxRate TxRate-96000k 1766 +VALUE KarlNet-TurboCell-TxRate TxRate-96128k 1767 +VALUE KarlNet-TurboCell-TxRate TxRate-96256k 1768 +VALUE KarlNet-TurboCell-TxRate TxRate-96384k 1769 +VALUE KarlNet-TurboCell-TxRate TxRate-96512k 1770 +VALUE KarlNet-TurboCell-TxRate TxRate-96640k 1771 +VALUE KarlNet-TurboCell-TxRate TxRate-96768k 1772 +VALUE KarlNet-TurboCell-TxRate TxRate-96896k 1773 +VALUE KarlNet-TurboCell-TxRate TxRate-97024k 1774 +VALUE KarlNet-TurboCell-TxRate TxRate-97152k 1775 +VALUE KarlNet-TurboCell-TxRate TxRate-97280k 1776 +VALUE KarlNet-TurboCell-TxRate TxRate-97408k 1777 +VALUE KarlNet-TurboCell-TxRate TxRate-97536k 1778 +VALUE KarlNet-TurboCell-TxRate TxRate-97664k 1779 +VALUE KarlNet-TurboCell-TxRate TxRate-97792k 1780 +VALUE KarlNet-TurboCell-TxRate TxRate-97920k 1781 +VALUE KarlNet-TurboCell-TxRate TxRate-98048k 1782 +VALUE KarlNet-TurboCell-TxRate TxRate-98176k 1783 +VALUE KarlNet-TurboCell-TxRate TxRate-98304k 1784 +VALUE KarlNet-TurboCell-TxRate TxRate-98432k 1785 +VALUE KarlNet-TurboCell-TxRate TxRate-98560k 1786 +VALUE KarlNet-TurboCell-TxRate TxRate-98688k 1787 +VALUE KarlNet-TurboCell-TxRate TxRate-98816k 1788 +VALUE KarlNet-TurboCell-TxRate TxRate-98944k 1789 +VALUE KarlNet-TurboCell-TxRate TxRate-99072k 1790 +VALUE KarlNet-TurboCell-TxRate TxRate-99200k 1791 +VALUE KarlNet-TurboCell-TxRate TxRate-99328k 1792 +VALUE KarlNet-TurboCell-TxRate TxRate-99456k 1793 +VALUE KarlNet-TurboCell-TxRate TxRate-99584k 1794 +VALUE KarlNet-TurboCell-TxRate TxRate-99712k 1795 +VALUE KarlNet-TurboCell-TxRate TxRate-99840k 1796 +VALUE KarlNet-TurboCell-TxRate TxRate-99968k 1797 +VALUE KarlNet-TurboCell-TxRate TxRate-100096k 1798 +VALUE KarlNet-TurboCell-TxRate TxRate-100224k 1799 +VALUE KarlNet-TurboCell-TxRate TxRate-100352k 1800 +VALUE KarlNet-TurboCell-TxRate TxRate-100480k 1801 +VALUE KarlNet-TurboCell-TxRate TxRate-100608k 1802 +VALUE KarlNet-TurboCell-TxRate TxRate-100736k 1803 +VALUE KarlNet-TurboCell-TxRate TxRate-100864k 1804 +VALUE KarlNet-TurboCell-TxRate TxRate-100992k 1805 +VALUE KarlNet-TurboCell-TxRate TxRate-101120k 1806 +VALUE KarlNet-TurboCell-TxRate TxRate-101248k 1807 +VALUE KarlNet-TurboCell-TxRate TxRate-101376k 1808 +VALUE KarlNet-TurboCell-TxRate TxRate-101504k 1809 +VALUE KarlNet-TurboCell-TxRate TxRate-101632k 1810 +VALUE KarlNet-TurboCell-TxRate TxRate-101760k 1811 +VALUE KarlNet-TurboCell-TxRate TxRate-101888k 1812 +VALUE KarlNet-TurboCell-TxRate TxRate-102016k 1813 +VALUE KarlNet-TurboCell-TxRate TxRate-102144k 1814 +VALUE KarlNet-TurboCell-TxRate TxRate-102272k 1815 +VALUE KarlNet-TurboCell-TxRate TxRate-102400k 1816 +VALUE KarlNet-TurboCell-TxRate TxRate-102528k 1817 +VALUE KarlNet-TurboCell-TxRate TxRate-102656k 1818 +VALUE KarlNet-TurboCell-TxRate TxRate-102784k 1819 +VALUE KarlNet-TurboCell-TxRate TxRate-102912k 1820 +VALUE KarlNet-TurboCell-TxRate TxRate-103040k 1821 +VALUE KarlNet-TurboCell-TxRate TxRate-103168k 1822 +VALUE KarlNet-TurboCell-TxRate TxRate-103296k 1823 +VALUE KarlNet-TurboCell-TxRate TxRate-103424k 1824 +VALUE KarlNet-TurboCell-TxRate TxRate-103552k 1825 +VALUE KarlNet-TurboCell-TxRate TxRate-103680k 1826 +VALUE KarlNet-TurboCell-TxRate TxRate-103808k 1827 +VALUE KarlNet-TurboCell-TxRate TxRate-103936k 1828 +VALUE KarlNet-TurboCell-TxRate TxRate-104064k 1829 +VALUE KarlNet-TurboCell-TxRate TxRate-104192k 1830 +VALUE KarlNet-TurboCell-TxRate TxRate-104320k 1831 +VALUE KarlNet-TurboCell-TxRate TxRate-104448k 1832 +VALUE KarlNet-TurboCell-TxRate TxRate-104576k 1833 +VALUE KarlNet-TurboCell-TxRate TxRate-104704k 1834 +VALUE KarlNet-TurboCell-TxRate TxRate-104832k 1835 +VALUE KarlNet-TurboCell-TxRate TxRate-104960k 1836 +VALUE KarlNet-TurboCell-TxRate TxRate-105088k 1837 +VALUE KarlNet-TurboCell-TxRate TxRate-105216k 1838 +VALUE KarlNet-TurboCell-TxRate TxRate-105344k 1839 +VALUE KarlNet-TurboCell-TxRate TxRate-105472k 1840 +VALUE KarlNet-TurboCell-TxRate TxRate-105600k 1841 +VALUE KarlNet-TurboCell-TxRate TxRate-105728k 1842 +VALUE KarlNet-TurboCell-TxRate TxRate-105856k 1843 +VALUE KarlNet-TurboCell-TxRate TxRate-105984k 1844 +VALUE KarlNet-TurboCell-TxRate TxRate-106112k 1845 +VALUE KarlNet-TurboCell-TxRate TxRate-106240k 1846 +VALUE KarlNet-TurboCell-TxRate TxRate-106368k 1847 +VALUE KarlNet-TurboCell-TxRate TxRate-106496k 1848 +VALUE KarlNet-TurboCell-TxRate TxRate-106624k 1849 +VALUE KarlNet-TurboCell-TxRate TxRate-106752k 1850 +VALUE KarlNet-TurboCell-TxRate TxRate-106880k 1851 +VALUE KarlNet-TurboCell-TxRate TxRate-107008k 1852 +VALUE KarlNet-TurboCell-TxRate TxRate-107136k 1853 +VALUE KarlNet-TurboCell-TxRate TxRate-107264k 1854 +VALUE KarlNet-TurboCell-TxRate TxRate-107392k 1855 +VALUE KarlNet-TurboCell-TxRate TxRate-107520k 1856 +VALUE KarlNet-TurboCell-TxRate TxRate-107648k 1857 +VALUE KarlNet-TurboCell-TxRate TxRate-107776k 1858 +VALUE KarlNet-TurboCell-TxRate TxRate-107904k 1859 +VALUE KarlNet-TurboCell-TxRate TxRate-108032k 1860 +VALUE KarlNet-TurboCell-TxRate TxRate-108160k 1861 +VALUE KarlNet-TurboCell-TxRate TxRate-108288k 1862 +VALUE KarlNet-TurboCell-TxRate TxRate-108416k 1863 +VALUE KarlNet-TurboCell-TxRate TxRate-108544k 1864 +VALUE KarlNet-TurboCell-TxRate TxRate-108672k 1865 +VALUE KarlNet-TurboCell-TxRate TxRate-108800k 1866 +VALUE KarlNet-TurboCell-TxRate TxRate-108928k 1867 +VALUE KarlNet-TurboCell-TxRate TxRate-109056k 1868 +VALUE KarlNet-TurboCell-TxRate TxRate-109184k 1869 +VALUE KarlNet-TurboCell-TxRate TxRate-109312k 1870 +VALUE KarlNet-TurboCell-TxRate TxRate-109440k 1871 +VALUE KarlNet-TurboCell-TxRate TxRate-109568k 1872 +VALUE KarlNet-TurboCell-TxRate TxRate-109696k 1873 +VALUE KarlNet-TurboCell-TxRate TxRate-109824k 1874 +VALUE KarlNet-TurboCell-TxRate TxRate-109952k 1875 +VALUE KarlNet-TurboCell-TxRate TxRate-110080k 1876 +VALUE KarlNet-TurboCell-TxRate TxRate-110208k 1877 +VALUE KarlNet-TurboCell-TxRate TxRate-110336k 1878 +VALUE KarlNet-TurboCell-TxRate TxRate-110464k 1879 +VALUE KarlNet-TurboCell-TxRate TxRate-110592k 1880 +VALUE KarlNet-TurboCell-TxRate TxRate-110720k 1881 +VALUE KarlNet-TurboCell-TxRate TxRate-110848k 1882 +VALUE KarlNet-TurboCell-TxRate TxRate-110976k 1883 +VALUE KarlNet-TurboCell-TxRate TxRate-111104k 1884 +VALUE KarlNet-TurboCell-TxRate TxRate-111232k 1885 +VALUE KarlNet-TurboCell-TxRate TxRate-111360k 1886 +VALUE KarlNet-TurboCell-TxRate TxRate-111488k 1887 +VALUE KarlNet-TurboCell-TxRate TxRate-111616k 1888 +VALUE KarlNet-TurboCell-TxRate TxRate-111744k 1889 +VALUE KarlNet-TurboCell-TxRate TxRate-111872k 1890 +VALUE KarlNet-TurboCell-TxRate TxRate-112000k 1891 +VALUE KarlNet-TurboCell-TxRate TxRate-112128k 1892 +VALUE KarlNet-TurboCell-TxRate TxRate-112256k 1893 +VALUE KarlNet-TurboCell-TxRate TxRate-112384k 1894 +VALUE KarlNet-TurboCell-TxRate TxRate-112512k 1895 +VALUE KarlNet-TurboCell-TxRate TxRate-112640k 1896 +VALUE KarlNet-TurboCell-TxRate TxRate-112768k 1897 +VALUE KarlNet-TurboCell-TxRate TxRate-112896k 1898 +VALUE KarlNet-TurboCell-TxRate TxRate-113024k 1899 +VALUE KarlNet-TurboCell-TxRate TxRate-113152k 1900 +VALUE KarlNet-TurboCell-TxRate TxRate-113280k 1901 +VALUE KarlNet-TurboCell-TxRate TxRate-113408k 1902 +VALUE KarlNet-TurboCell-TxRate TxRate-113536k 1903 +VALUE KarlNet-TurboCell-TxRate TxRate-113664k 1904 +VALUE KarlNet-TurboCell-TxRate TxRate-113792k 1905 +VALUE KarlNet-TurboCell-TxRate TxRate-113920k 1906 +VALUE KarlNet-TurboCell-TxRate TxRate-114048k 1907 +VALUE KarlNet-TurboCell-TxRate TxRate-114176k 1908 +VALUE KarlNet-TurboCell-TxRate TxRate-114304k 1909 +VALUE KarlNet-TurboCell-TxRate TxRate-114432k 1910 +VALUE KarlNet-TurboCell-TxRate TxRate-114560k 1911 +VALUE KarlNet-TurboCell-TxRate TxRate-114688k 1912 +VALUE KarlNet-TurboCell-TxRate TxRate-114816k 1913 +VALUE KarlNet-TurboCell-TxRate TxRate-114944k 1914 +VALUE KarlNet-TurboCell-TxRate TxRate-115072k 1915 +VALUE KarlNet-TurboCell-TxRate TxRate-115200k 1916 +VALUE KarlNet-TurboCell-TxRate TxRate-115328k 1917 +VALUE KarlNet-TurboCell-TxRate TxRate-115456k 1918 +VALUE KarlNet-TurboCell-TxRate TxRate-115584k 1919 +VALUE KarlNet-TurboCell-TxRate TxRate-115712k 1920 +VALUE KarlNet-TurboCell-TxRate TxRate-115840k 1921 +VALUE KarlNet-TurboCell-TxRate TxRate-115968k 1922 +VALUE KarlNet-TurboCell-TxRate TxRate-116096k 1923 +VALUE KarlNet-TurboCell-TxRate TxRate-116224k 1924 +VALUE KarlNet-TurboCell-TxRate TxRate-116352k 1925 +VALUE KarlNet-TurboCell-TxRate TxRate-116480k 1926 +VALUE KarlNet-TurboCell-TxRate TxRate-116608k 1927 +VALUE KarlNet-TurboCell-TxRate TxRate-116736k 1928 +VALUE KarlNet-TurboCell-TxRate TxRate-116864k 1929 +VALUE KarlNet-TurboCell-TxRate TxRate-116992k 1930 +VALUE KarlNet-TurboCell-TxRate TxRate-117120k 1931 +VALUE KarlNet-TurboCell-TxRate TxRate-117248k 1932 +VALUE KarlNet-TurboCell-TxRate TxRate-117376k 1933 +VALUE KarlNet-TurboCell-TxRate TxRate-117504k 1934 +VALUE KarlNet-TurboCell-TxRate TxRate-117632k 1935 +VALUE KarlNet-TurboCell-TxRate TxRate-117760k 1936 +VALUE KarlNet-TurboCell-TxRate TxRate-117888k 1937 +VALUE KarlNet-TurboCell-TxRate TxRate-118016k 1938 +VALUE KarlNet-TurboCell-TxRate TxRate-118144k 1939 +VALUE KarlNet-TurboCell-TxRate TxRate-118272k 1940 +VALUE KarlNet-TurboCell-TxRate TxRate-118400k 1941 +VALUE KarlNet-TurboCell-TxRate TxRate-118528k 1942 +VALUE KarlNet-TurboCell-TxRate TxRate-118656k 1943 +VALUE KarlNet-TurboCell-TxRate TxRate-118784k 1944 +VALUE KarlNet-TurboCell-TxRate TxRate-118912k 1945 +VALUE KarlNet-TurboCell-TxRate TxRate-119040k 1946 +VALUE KarlNet-TurboCell-TxRate TxRate-119168k 1947 +VALUE KarlNet-TurboCell-TxRate TxRate-119296k 1948 +VALUE KarlNet-TurboCell-TxRate TxRate-119424k 1949 +VALUE KarlNet-TurboCell-TxRate TxRate-119552k 1950 +VALUE KarlNet-TurboCell-TxRate TxRate-119680k 1951 +VALUE KarlNet-TurboCell-TxRate TxRate-119808k 1952 +VALUE KarlNet-TurboCell-TxRate TxRate-119936k 1953 +VALUE KarlNet-TurboCell-TxRate TxRate-120064k 1954 +VALUE KarlNet-TurboCell-TxRate TxRate-120192k 1955 +VALUE KarlNet-TurboCell-TxRate TxRate-120320k 1956 +VALUE KarlNet-TurboCell-TxRate TxRate-120448k 1957 +VALUE KarlNet-TurboCell-TxRate TxRate-120576k 1958 +VALUE KarlNet-TurboCell-TxRate TxRate-120704k 1959 +VALUE KarlNet-TurboCell-TxRate TxRate-120832k 1960 +VALUE KarlNet-TurboCell-TxRate TxRate-120960k 1961 +VALUE KarlNet-TurboCell-TxRate TxRate-121088k 1962 +VALUE KarlNet-TurboCell-TxRate TxRate-121216k 1963 +VALUE KarlNet-TurboCell-TxRate TxRate-121344k 1964 +VALUE KarlNet-TurboCell-TxRate TxRate-121472k 1965 +VALUE KarlNet-TurboCell-TxRate TxRate-121600k 1966 +VALUE KarlNet-TurboCell-TxRate TxRate-121728k 1967 +VALUE KarlNet-TurboCell-TxRate TxRate-121856k 1968 +VALUE KarlNet-TurboCell-TxRate TxRate-121984k 1969 +VALUE KarlNet-TurboCell-TxRate TxRate-122112k 1970 +VALUE KarlNet-TurboCell-TxRate TxRate-122240k 1971 +VALUE KarlNet-TurboCell-TxRate TxRate-122368k 1972 +VALUE KarlNet-TurboCell-TxRate TxRate-122496k 1973 +VALUE KarlNet-TurboCell-TxRate TxRate-122624k 1974 +VALUE KarlNet-TurboCell-TxRate TxRate-122752k 1975 +VALUE KarlNet-TurboCell-TxRate TxRate-122880k 1976 +VALUE KarlNet-TurboCell-TxRate TxRate-123008k 1977 +VALUE KarlNet-TurboCell-TxRate TxRate-123136k 1978 +VALUE KarlNet-TurboCell-TxRate TxRate-123264k 1979 +VALUE KarlNet-TurboCell-TxRate TxRate-123392k 1980 +VALUE KarlNet-TurboCell-TxRate TxRate-123520k 1981 +VALUE KarlNet-TurboCell-TxRate TxRate-123648k 1982 +VALUE KarlNet-TurboCell-TxRate TxRate-123776k 1983 +VALUE KarlNet-TurboCell-TxRate TxRate-123904k 1984 +VALUE KarlNet-TurboCell-TxRate TxRate-124032k 1985 +VALUE KarlNet-TurboCell-TxRate TxRate-124160k 1986 +VALUE KarlNet-TurboCell-TxRate TxRate-124288k 1987 +VALUE KarlNet-TurboCell-TxRate TxRate-124416k 1988 +VALUE KarlNet-TurboCell-TxRate TxRate-124544k 1989 +VALUE KarlNet-TurboCell-TxRate TxRate-124672k 1990 +VALUE KarlNet-TurboCell-TxRate TxRate-124800k 1991 +VALUE KarlNet-TurboCell-TxRate TxRate-124928k 1992 +VALUE KarlNet-TurboCell-TxRate TxRate-125056k 1993 +VALUE KarlNet-TurboCell-TxRate TxRate-125184k 1994 +VALUE KarlNet-TurboCell-TxRate TxRate-125312k 1995 +VALUE KarlNet-TurboCell-TxRate TxRate-125440k 1996 +VALUE KarlNet-TurboCell-TxRate TxRate-125568k 1997 +VALUE KarlNet-TurboCell-TxRate TxRate-125696k 1998 +VALUE KarlNet-TurboCell-TxRate TxRate-125824k 1999 +VALUE KarlNet-TurboCell-TxRate TxRate-125952k 2000 +VALUE KarlNet-TurboCell-TxRate TxRate-126080k 2001 +VALUE KarlNet-TurboCell-TxRate TxRate-126208k 2002 +VALUE KarlNet-TurboCell-TxRate TxRate-126336k 2003 +VALUE KarlNet-TurboCell-TxRate TxRate-126464k 2004 +VALUE KarlNet-TurboCell-TxRate TxRate-126592k 2005 +VALUE KarlNet-TurboCell-TxRate TxRate-126720k 2006 +VALUE KarlNet-TurboCell-TxRate TxRate-126848k 2007 +VALUE KarlNet-TurboCell-TxRate TxRate-126976k 2008 +VALUE KarlNet-TurboCell-TxRate TxRate-127104k 2009 +VALUE KarlNet-TurboCell-TxRate TxRate-127232k 2010 +VALUE KarlNet-TurboCell-TxRate TxRate-127360k 2011 +VALUE KarlNet-TurboCell-TxRate TxRate-127488k 2012 +VALUE KarlNet-TurboCell-TxRate TxRate-127616k 2013 +VALUE KarlNet-TurboCell-TxRate TxRate-127744k 2014 +VALUE KarlNet-TurboCell-TxRate TxRate-127872k 2015 +VALUE KarlNet-TurboCell-TxRate TxRate-128000k 2016 +VALUE KarlNet-TurboCell-TxRate TxRate-128128k 2017 +VALUE KarlNet-TurboCell-TxRate TxRate-128256k 2018 +VALUE KarlNet-TurboCell-TxRate TxRate-128384k 2019 +VALUE KarlNet-TurboCell-TxRate TxRate-128512k 2020 +VALUE KarlNet-TurboCell-TxRate TxRate-128640k 2021 +VALUE KarlNet-TurboCell-TxRate TxRate-128768k 2022 +VALUE KarlNet-TurboCell-TxRate TxRate-128896k 2023 +VALUE KarlNet-TurboCell-TxRate TxRate-129024k 2024 +VALUE KarlNet-TurboCell-TxRate TxRate-129152k 2025 +VALUE KarlNet-TurboCell-TxRate TxRate-129280k 2026 +VALUE KarlNet-TurboCell-TxRate TxRate-129408k 2027 +VALUE KarlNet-TurboCell-TxRate TxRate-129536k 2028 +VALUE KarlNet-TurboCell-TxRate TxRate-129664k 2029 +VALUE KarlNet-TurboCell-TxRate TxRate-129792k 2030 +VALUE KarlNet-TurboCell-TxRate TxRate-129920k 2031 +VALUE KarlNet-TurboCell-TxRate TxRate-130048k 2032 +VALUE KarlNet-TurboCell-TxRate TxRate-130176k 2033 +VALUE KarlNet-TurboCell-TxRate TxRate-130304k 2034 +VALUE KarlNet-TurboCell-TxRate TxRate-130432k 2035 +VALUE KarlNet-TurboCell-TxRate TxRate-130560k 2036 +VALUE KarlNet-TurboCell-TxRate TxRate-130688k 2037 +VALUE KarlNet-TurboCell-TxRate TxRate-130816k 2038 +VALUE KarlNet-TurboCell-TxRate TxRate-130944k 2039 +VALUE KarlNet-TurboCell-TxRate TxRate-131072k 2040 +VALUE KarlNet-TurboCell-TxRate TxRate-131200k 2041 +VALUE KarlNet-TurboCell-TxRate TxRate-131328k 2042 +VALUE KarlNet-TurboCell-TxRate TxRate-131456k 2043 +VALUE KarlNet-TurboCell-TxRate TxRate-131584k 2044 +VALUE KarlNet-TurboCell-TxRate TxRate-131712k 2045 +VALUE KarlNet-TurboCell-TxRate TxRate-131840k 2046 +VALUE KarlNet-TurboCell-TxRate TxRate-131968k 2047 + +# Sets the remote client's Operating State +ATTRIBUTE KarlNet-TurboCell-OpState 153 integer +VALUE KarlNet-TurboCell-OpState Up 0 +VALUE KarlNet-TurboCell-OpState Down 1 + +# Sets the remote client's Operating Mode +ATTRIBUTE KarlNet-TurboCell-OpMode 154 integer +VALUE KarlNet-TurboCell-OpMode Peer-to-Peer 0 +VALUE KarlNet-TurboCell-OpMode Base 1 +VALUE KarlNet-TurboCell-OpMode Base-Polling 2 +VALUE KarlNet-TurboCell-OpMode Satellite-NT 3 + +# ---------------------------------------------- +# END OF KarlNet Vendor-specific information +# ---------------------------------------------- + +END-VENDOR KarlNet diff --git a/freeradius/dict/dictionary.lancom b/freeradius/dict/dictionary.lancom new file mode 100644 index 0000000..a52255c --- /dev/null +++ b/freeradius/dict/dictionary.lancom @@ -0,0 +1,12 @@ +VENDOR Lancom 16787 +ATTRIBUTE Lancom-Location-ID 1 string Lancom +ATTRIBUTE Lancom-Location-Name 2 string Lancom +ATTRIBUTE Lancom-Logoff-URL 3 string Lancom +ATTRIBUTE Lancom-Redirection-URL 4 string Lancom +ATTRIBUTE Lancom-Bandwidth-Min-Up 5 integer Lancom +ATTRIBUTE Lancom-Bandwidth-Min-Down 6 integer Lancom +ATTRIBUTE Lancom-Bandwidth-Max-Up 7 integer Lancom +ATTRIBUTE Lancom-Bandwidth-Max-Down 8 integer Lancom +ATTRIBUTE Lancom-Session-Terminate-Time 9 string Lancom +ATTRIBUTE Lancom-Session-Terminate-End-Of-Day 10 string Lancom +ATTRIBUTE Lancom-Billing-Class-Of-Service 11 string Lancom diff --git a/freeradius/dict/dictionary.livingston b/freeradius/dict/dictionary.livingston new file mode 100644 index 0000000..4f5a289 --- /dev/null +++ b/freeradius/dict/dictionary.livingston @@ -0,0 +1,64 @@ +# -*- text -*- +# +# Vendor-Specific attributes use the SMI Network Management Private +# Enterprise Code from the "Assigned Numbers" RFC +# +VENDOR Livingston 307 + +# +# Livingston Vendor-Specific Attributes (requires ComOS 3.8) +# +BEGIN-VENDOR Livingston + +ATTRIBUTE LE-Terminate-Detail 2 string +ATTRIBUTE LE-Advice-of-Charge 3 string +ATTRIBUTE LE-Connect-Detail 4 string + +ATTRIBUTE LE-IP-Pool 6 string +ATTRIBUTE LE-IP-Gateway 7 ipaddr +ATTRIBUTE LE-Modem-Info 8 string +ATTRIBUTE LE-IPSec-Log-Options 9 integer +ATTRIBUTE LE-IPSec-Deny-Action 10 integer +ATTRIBUTE LE-IPSec-Active-Profile 11 string +ATTRIBUTE LE-IPSec-Outsource-Profile 12 string +ATTRIBUTE LE-IPSec-Passive-Profile 13 string +ATTRIBUTE LE-NAT-TCP-Session-Timeout 14 integer +ATTRIBUTE LE-NAT-Other-Session-Timeout 15 integer +ATTRIBUTE LE-NAT-Log-Options 16 integer +ATTRIBUTE LE-NAT-Sess-Dir-Fail-Action 17 integer +ATTRIBUTE LE-NAT-Inmap 18 string +ATTRIBUTE LE-NAT-Outmap 19 string +ATTRIBUTE LE-NAT-Outsource-Inmap 20 string +ATTRIBUTE LE-NAT-Outsource-Outmap 21 string +ATTRIBUTE LE-Admin-Group 22 string +ATTRIBUTE LE-Multicast-Client 23 integer + +VALUE LE-IPSec-Deny-Action Drop 1 +VALUE LE-IPSec-Deny-Action ICMP-Reject 2 +VALUE LE-IPSec-Deny-Action Pass-Through 3 + +VALUE LE-IPSec-Log-Options SA-Success-On 1 +VALUE LE-IPSec-Log-Options SA-Failure-On 2 +VALUE LE-IPSec-Log-Options Console-On 3 +VALUE LE-IPSec-Log-Options Syslog-On 4 +VALUE LE-IPSec-Log-Options SA-Success-Off 5 +VALUE LE-IPSec-Log-Options SA-Failure-Off 6 +VALUE LE-IPSec-Log-Options Console-Off 7 +VALUE LE-IPSec-Log-Options Syslog-Off 8 + +VALUE LE-NAT-Sess-Dir-Fail-Action Drop 1 +VALUE LE-NAT-Sess-Dir-Fail-Action ICMP-Reject 2 +VALUE LE-NAT-Sess-Dir-Fail-Action Pass-Through 3 + +VALUE LE-NAT-Log-Options Session-Success-On 1 +VALUE LE-NAT-Log-Options Session-Failure-On 2 +VALUE LE-NAT-Log-Options Console-On 3 +VALUE LE-NAT-Log-Options Syslog-On 4 +VALUE LE-NAT-Log-Options Success-Off 5 +VALUE LE-NAT-Log-Options Failure-Off 6 +VALUE LE-NAT-Log-Options Console-Off 7 +VALUE LE-NAT-Log-Options Syslog-Off 8 + +VALUE LE-Multicast-Client On 1 + +END-VENDOR Livingston diff --git a/freeradius/dict/dictionary.localweb b/freeradius/dict/dictionary.localweb new file mode 100644 index 0000000..c9a27be --- /dev/null +++ b/freeradius/dict/dictionary.localweb @@ -0,0 +1,32 @@ +# -*- text -*- +############################################################################## +# +# Local-Web Accesspoints +# +############################################################################## + +VENDOR Local-Web 19220 + +BEGIN-VENDOR Local-Web + +ATTRIBUTE Local-Web-Client-Ip 192 string +ATTRIBUTE Local-Web-Border-Router 193 string + +ATTRIBUTE Local-Web-Tx-Limit 200 integer +ATTRIBUTE Local-Web-Rx-Limit 201 integer + +ATTRIBUTE Local-Web-Acct-Time 210 integer +ATTRIBUTE Local-Web-Acct-Duration 211 integer +ATTRIBUTE Local-Web-Acct-Interim-Tx-Bytes 212 integer +ATTRIBUTE Local-Web-Acct-Interim-Rx-Bytes 213 integer +ATTRIBUTE Local-Web-Acct-Interim-Tx-Gigawords 214 integer +ATTRIBUTE Local-Web-Acct-Interim-Rx-Gigawords 215 integer +ATTRIBUTE Local-Web-Acct-Interim-Tx-Mgmt 216 integer +ATTRIBUTE Local-Web-Acct-Interim-Rx-Mgmt 217 integer + +ATTRIBUTE Local-Web-Acct-Tx-Mgmt 230 integer +ATTRIBUTE Local-Web-Acct-Rx-Mgmt 231 integer + +ATTRIBUTE Local-Web-Reauth-Counter 240 integer + +END-VENDOR Local-Web diff --git a/freeradius/dict/dictionary.lucent b/freeradius/dict/dictionary.lucent new file mode 100644 index 0000000..7341e44 --- /dev/null +++ b/freeradius/dict/dictionary.lucent @@ -0,0 +1,451 @@ +# -*- text -*- +############################################################################## +# +# Lucent VSAs, in their own "magic" 16-bit format. +# +# $Id$ +# +############################################################################## + +VENDOR Lucent 4846 format=2,1 + +BEGIN-VENDOR Lucent + +ATTRIBUTE Lucent-Max-Shared-Users 2 integer +ATTRIBUTE Lucent-IP-DSCP 3 integer +ATTRIBUTE Lucent-X25-X121-Source-Address 4 string +ATTRIBUTE Lucent-PPP-Circuit 5 integer +ATTRIBUTE Lucent-PPP-Circuit-Name 6 string +ATTRIBUTE Lucent-UU-Info 7 string +ATTRIBUTE Lucent-User-Priority 8 integer +ATTRIBUTE Lucent-CIR-Timer 9 integer +ATTRIBUTE Lucent-FR-08-Mode 10 integer +ATTRIBUTE Lucent-Destination-NAS-Port 11 integer +ATTRIBUTE Lucent-FR-SVC-Addr 12 string +ATTRIBUTE Lucent-NAS-Port-Format 13 integer +ATTRIBUTE Lucent-ATM-Fault-Management 14 integer +ATTRIBUTE Lucent-ATM-Loopback-Cell-Loss 15 integer +ATTRIBUTE Lucent-Ckt-Type 16 integer +ATTRIBUTE Lucent-SVC-Enabled 17 integer +ATTRIBUTE Lucent-Session-Type 18 integer +ATTRIBUTE Lucent-H323-Gatekeeper 19 ipaddr +ATTRIBUTE Lucent-Global-Call-Id 20 string +ATTRIBUTE Lucent-H323-Conference-Id 21 integer +ATTRIBUTE Lucent-H323-Destination-NAS-ID 22 ipaddr +ATTRIBUTE Lucent-H323-Dialed-Time 23 integer +ATTRIBUTE Lucent-Dialed-Number 24 string +ATTRIBUTE Lucent-Inter-Arrival-Jitter 25 integer +ATTRIBUTE Lucent-Dropped-Octets 26 integer +ATTRIBUTE Lucent-Dropped-Packets 27 integer +ATTRIBUTE Lucent-Auth-Delay 28 integer +ATTRIBUTE Lucent-X25-Pad-X3-Profile 29 integer +ATTRIBUTE Lucent-X25-Pad-X3-Parameters 30 string +ATTRIBUTE Lucent-Tunnel-VRouter-Name 31 string +ATTRIBUTE Lucent-X25-Reverse-Charging 32 integer +ATTRIBUTE Lucent-X25-Nui-Prompt 33 string +ATTRIBUTE Lucent-X25-Nui-Password-Prompt 34 string +ATTRIBUTE Lucent-X25-Cug 35 string +ATTRIBUTE Lucent-X25-Pad-Alias-1 36 string +ATTRIBUTE Lucent-X25-Pad-Alias-2 37 string +ATTRIBUTE Lucent-X25-Pad-Alias-3 38 string +ATTRIBUTE Lucent-X25-X121-Address 39 string +ATTRIBUTE Lucent-X25-Nui 40 string +ATTRIBUTE Lucent-X25-Rpoa 41 string +ATTRIBUTE Lucent-X25-Pad-Prompt 42 string +ATTRIBUTE Lucent-X25-Pad-Banner 43 string +ATTRIBUTE Lucent-X25-Profile-Name 44 string +ATTRIBUTE Lucent-Recv-Name 45 string +ATTRIBUTE Lucent-Bi-Directional-Auth 46 integer +ATTRIBUTE Lucent-MTU 47 integer +ATTRIBUTE Lucent-Call-Direction 48 integer +ATTRIBUTE Lucent-Service-Type 49 integer +ATTRIBUTE Lucent-Filter-Required 50 integer +ATTRIBUTE Lucent-Traffic-Shaper 51 integer +ATTRIBUTE Lucent-Access-Intercept-LEA 52 string +ATTRIBUTE Lucent-Access-Intercept-Log 53 string +ATTRIBUTE Lucent-Private-Route-Table-ID 54 string +ATTRIBUTE Lucent-Private-Route-Required 55 integer +ATTRIBUTE Lucent-Cache-Refresh 56 integer +ATTRIBUTE Lucent-Cache-Time 57 integer +ATTRIBUTE Lucent-Egress-Enabled 58 integer +ATTRIBUTE Lucent-QOS-Upstream 59 string +ATTRIBUTE Lucent-QOS-Downstream 60 string +ATTRIBUTE Lucent-ATM-Connect-Vpi 61 integer +ATTRIBUTE Lucent-ATM-Connect-Vci 62 integer +ATTRIBUTE Lucent-ATM-Connect-Group 63 integer +ATTRIBUTE Lucent-ATM-Group 64 integer +ATTRIBUTE Lucent-IPX-Header-Compression 65 integer +ATTRIBUTE Lucent-Calling-Id-Type-Of-Number 66 integer +ATTRIBUTE Lucent-Calling-Id-Numbering-Plan 67 integer +ATTRIBUTE Lucent-Calling-Id-Presentation 68 integer +ATTRIBUTE Lucent-Calling-Id-Screening 69 integer +ATTRIBUTE Lucent-BIR-Enable 70 integer +ATTRIBUTE Lucent-BIR-Proxy 71 integer +ATTRIBUTE Lucent-BIR-Bridge-Group 72 integer +ATTRIBUTE Lucent-IPSEC-Profile 73 string +ATTRIBUTE Lucent-PPPoE-Enable 74 integer +ATTRIBUTE Lucent-Bridge-Non-PPPoE 75 integer +ATTRIBUTE Lucent-ATM-Direct 76 integer +ATTRIBUTE Lucent-ATM-Direct-Profile 77 string +ATTRIBUTE Lucent-Client-Primary-WINS 78 ipaddr +ATTRIBUTE Lucent-Client-Secondary-WINS 79 ipaddr +ATTRIBUTE Lucent-Client-Assign-WINS 80 integer +ATTRIBUTE Lucent-Auth-Type 81 integer +ATTRIBUTE Lucent-Port-Redir-Protocol 82 integer +ATTRIBUTE Lucent-Port-Redir-Portnum 83 integer +ATTRIBUTE Lucent-Port-Redir-Server 84 ipaddr +ATTRIBUTE Lucent-IP-Pool-Chaining 85 integer +ATTRIBUTE Lucent-Owner-IP-Addr 86 ipaddr +ATTRIBUTE Lucent-IP-TOS 87 integer +ATTRIBUTE Lucent-IP-TOS-Precedence 88 integer +ATTRIBUTE Lucent-IP-TOS-Apply-To 89 integer +ATTRIBUTE Lucent-Filter 90 string +ATTRIBUTE Lucent-Telnet-Profile 91 string +ATTRIBUTE Lucent-Dsl-Rate-Type 92 integer +ATTRIBUTE Lucent-Redirect-Number 93 string +ATTRIBUTE Lucent-ATM-Vpi 94 integer +ATTRIBUTE Lucent-ATM-Vci 95 integer +ATTRIBUTE Lucent-Source-IP-Check 96 integer +ATTRIBUTE Lucent-Dsl-Rate-Mode 97 integer +ATTRIBUTE Lucent-Dsl-Upstream-Limit 98 integer +ATTRIBUTE Lucent-Dsl-Downstream-Limit 99 integer +ATTRIBUTE Lucent-Dsl-CIR-Recv-Limit 100 integer +ATTRIBUTE Lucent-Dsl-CIR-Xmit-Limit 101 integer +ATTRIBUTE Lucent-VRouter-Name 102 string +ATTRIBUTE Lucent-Source-Auth 103 string +ATTRIBUTE Lucent-Private-Route 104 string +ATTRIBUTE Lucent-Numbering-Plan-ID 105 integer +ATTRIBUTE Lucent-FR-Link-Status-DLCI 106 integer +ATTRIBUTE Lucent-Calling-Subaddress 107 string +ATTRIBUTE Lucent-Callback-Delay 108 integer +ATTRIBUTE Lucent-Endpoint-Disc 109 octets +ATTRIBUTE Lucent-Remote-FW 110 string +ATTRIBUTE Lucent-Multicast-GLeave-Delay 111 integer +ATTRIBUTE Lucent-CBCP-Enable 112 integer +ATTRIBUTE Lucent-CBCP-Mode 113 integer +ATTRIBUTE Lucent-CBCP-Delay 114 integer +ATTRIBUTE Lucent-CBCP-Trunk-Group 115 integer +ATTRIBUTE Lucent-Appletalk-Route 116 string +ATTRIBUTE Lucent-Appletalk-Peer-Mode 117 integer +ATTRIBUTE Lucent-Route-Appletalk 118 integer +ATTRIBUTE Lucent-FCP-Parameter 119 string +ATTRIBUTE Lucent-Modem-PortNo 120 integer +ATTRIBUTE Lucent-Modem-SlotNo 121 integer +ATTRIBUTE Lucent-Modem-ShelfNo 122 integer +ATTRIBUTE Lucent-Call-Attempt-Limit 123 integer +ATTRIBUTE Lucent-Call-Block-Duration 124 integer +ATTRIBUTE Lucent-Maximum-Call-Duration 125 integer +ATTRIBUTE Lucent-Route-Preference 126 integer +ATTRIBUTE Lucent-Tunneling-Protocol 127 integer +ATTRIBUTE Lucent-Shared-Profile-Enable 128 integer +ATTRIBUTE Lucent-Primary-Home-Agent 129 string +ATTRIBUTE Lucent-Secondary-Home-Agent 130 string +ATTRIBUTE Lucent-Dialout-Allowed 131 integer +ATTRIBUTE Lucent-Client-Gateway 132 ipaddr +ATTRIBUTE Lucent-BACP-Enable 133 integer +ATTRIBUTE Lucent-DHCP-Maximum-Leases 134 integer +ATTRIBUTE Lucent-Client-Primary-DNS 135 ipaddr +ATTRIBUTE Lucent-Client-Secondary-DNS 136 ipaddr +ATTRIBUTE Lucent-Client-Assign-DNS 137 integer +ATTRIBUTE Lucent-User-Acct-Type 138 integer +ATTRIBUTE Lucent-User-Acct-Host 139 ipaddr +ATTRIBUTE Lucent-User-Acct-Port 140 integer +ATTRIBUTE Lucent-User-Acct-Key 141 string +ATTRIBUTE Lucent-User-Acct-Base 142 integer +ATTRIBUTE Lucent-User-Acct-Time 143 integer +ATTRIBUTE Lucent-Assign-IP-Client 144 ipaddr +ATTRIBUTE Lucent-Assign-IP-Server 145 ipaddr +ATTRIBUTE Lucent-Assign-IP-Global-Pool 146 string +ATTRIBUTE Lucent-DHCP-Reply 147 integer +ATTRIBUTE Lucent-DHCP-Pool-Number 148 integer +ATTRIBUTE Lucent-Expect-Callback 149 integer +ATTRIBUTE Lucent-Event-Type 150 integer +ATTRIBUTE Lucent-Session-Svr-Key 151 string +ATTRIBUTE Lucent-Multicast-Rate-Limit 152 integer +ATTRIBUTE Lucent-IF-Netmask 153 ipaddr +ATTRIBUTE Lucent-Remote-Addr 154 ipaddr +ATTRIBUTE Lucent-Multicast-Client 155 integer +ATTRIBUTE Lucent-FR-Circuit-Name 156 string +ATTRIBUTE Lucent-FR-LinkUp 157 integer +ATTRIBUTE Lucent-FR-Nailed-Grp 158 integer +ATTRIBUTE Lucent-FR-Type 159 integer +ATTRIBUTE Lucent-FR-Link-Mgt 160 integer +ATTRIBUTE Lucent-FR-N391 161 integer +ATTRIBUTE Lucent-FR-DCE-N392 162 integer +ATTRIBUTE Lucent-FR-DTE-N392 163 integer +ATTRIBUTE Lucent-FR-DCE-N393 164 integer +ATTRIBUTE Lucent-FR-DTE-N393 165 integer +ATTRIBUTE Lucent-FR-T391 166 integer +ATTRIBUTE Lucent-FR-T392 167 integer +ATTRIBUTE Lucent-Bridge-Address 168 string +ATTRIBUTE Lucent-TS-Idle-Limit 169 integer +ATTRIBUTE Lucent-TS-Idle-Mode 170 integer +ATTRIBUTE Lucent-DBA-Monitor 171 integer +ATTRIBUTE Lucent-Base-Channel-Count 172 integer +ATTRIBUTE Lucent-Minimum-Channels 173 integer +ATTRIBUTE Lucent-IPX-Route 174 string +ATTRIBUTE Lucent-FT1-Caller 175 integer +ATTRIBUTE Lucent-Backup 176 string +ATTRIBUTE Lucent-Call-Type 177 integer +ATTRIBUTE Lucent-Group 178 string +ATTRIBUTE Lucent-FR-DLCI 179 integer +ATTRIBUTE Lucent-FR-Profile-Name 180 string +ATTRIBUTE Lucent-Ara-PW 181 string +ATTRIBUTE Lucent-IPX-Node-Addr 182 string +ATTRIBUTE Lucent-Home-Agent-IP-Addr 183 ipaddr +ATTRIBUTE Lucent-Home-Agent-Password 184 string +ATTRIBUTE Lucent-Home-Network-Name 185 string +ATTRIBUTE Lucent-Home-Agent-UDP-Port 186 integer +ATTRIBUTE Lucent-Multilink-ID 187 integer +ATTRIBUTE Lucent-Num-In-Multilink 188 integer +ATTRIBUTE Lucent-First-Dest 189 ipaddr +ATTRIBUTE Lucent-Pre-Input-Octets 190 integer +ATTRIBUTE Lucent-Pre-Output-Octets 191 integer +ATTRIBUTE Lucent-Pre-Input-Packets 192 integer +ATTRIBUTE Lucent-Pre-Output-Packets 193 integer +ATTRIBUTE Lucent-Maximum-Time 194 integer +ATTRIBUTE Lucent-Disconnect-Cause 195 integer +ATTRIBUTE Lucent-Connect-Progress 196 integer +ATTRIBUTE Lucent-Data-Rate 197 integer +ATTRIBUTE Lucent-PreSession-Time 198 integer +ATTRIBUTE Lucent-Token-Idle 199 integer +ATTRIBUTE Lucent-Token-Immediate 200 integer +ATTRIBUTE Lucent-Require-Auth 201 integer +ATTRIBUTE Lucent-Number-Sessions 202 string +ATTRIBUTE Lucent-Authen-Alias 203 string +ATTRIBUTE Lucent-Token-Expiry 204 integer +ATTRIBUTE Lucent-Menu-Selector 205 string +ATTRIBUTE Lucent-Menu-Item 206 string +ATTRIBUTE Lucent-PW-Warntime 207 integer +ATTRIBUTE Lucent-PW-Lifetime 208 integer +ATTRIBUTE Lucent-IP-Direct 209 ipaddr +ATTRIBUTE Lucent-PPP-VJ-Slot-Comp 210 integer +ATTRIBUTE Lucent-PPP-VJ-1172 211 integer +ATTRIBUTE Lucent-PPP-Async-Map 212 integer +ATTRIBUTE Lucent-Third-Prompt 213 string +ATTRIBUTE Lucent-Send-Secret 214 string encrypt=3 +ATTRIBUTE Lucent-Receive-Secret 215 string encrypt=3 +ATTRIBUTE Lucent-IPX-Peer-Mode 216 integer +ATTRIBUTE Lucent-IP-Pool-Definition 217 string +ATTRIBUTE Lucent-Assign-IP-Pool 218 integer +ATTRIBUTE Lucent-FR-Direct 219 integer +ATTRIBUTE Lucent-FR-Direct-Profile 220 string +ATTRIBUTE Lucent-FR-Direct-DLCI 221 integer +ATTRIBUTE Lucent-Handle-IPX 222 integer +ATTRIBUTE Lucent-Netware-timeout 223 integer +ATTRIBUTE Lucent-IPX-Alias 224 integer +ATTRIBUTE Lucent-Metric 225 integer +ATTRIBUTE Lucent-PRI-Number-Type 226 integer +ATTRIBUTE Lucent-Dial-Number 227 string +ATTRIBUTE Lucent-Route-IP 228 integer +ATTRIBUTE Lucent-Route-IPX 229 integer +ATTRIBUTE Lucent-Bridge 230 integer +ATTRIBUTE Lucent-Send-Auth 231 integer +ATTRIBUTE Lucent-Send-Passwd 232 string +ATTRIBUTE Lucent-Link-Compression 233 integer +ATTRIBUTE Lucent-Target-Util 234 integer +ATTRIBUTE Lucent-Maximum-Channels 235 integer +ATTRIBUTE Lucent-Inc-Channel-Count 236 integer +ATTRIBUTE Lucent-Dec-Channel-Count 237 integer +ATTRIBUTE Lucent-Seconds-Of-History 238 integer +ATTRIBUTE Lucent-History-Weigh-Type 239 integer +ATTRIBUTE Lucent-Add-Seconds 240 integer +ATTRIBUTE Lucent-Remove-Seconds 241 integer +ATTRIBUTE Lucent-Data-Filter 242 abinary +ATTRIBUTE Lucent-Call-Filter 243 abinary +ATTRIBUTE Lucent-Idle-Limit 244 integer +ATTRIBUTE Lucent-Preempt-Limit 245 integer +ATTRIBUTE Lucent-Callback 246 integer +ATTRIBUTE Lucent-Data-Svc 247 integer +ATTRIBUTE Lucent-Force-56 248 integer +ATTRIBUTE Lucent-Billing-Number 249 string +ATTRIBUTE Lucent-Call-By-Call 250 integer +ATTRIBUTE Lucent-Transit-Number 251 string +ATTRIBUTE Lucent-Host-Info 252 string +ATTRIBUTE Lucent-PPP-Address 253 ipaddr +ATTRIBUTE Lucent-MPP-Idle-Percent 254 integer +ATTRIBUTE Lucent-Xmit-Rate 255 integer +ATTRIBUTE Lucent-Fr05-Traffic-Shaper 256 integer +ATTRIBUTE Lucent-Fr05-Vpi 257 integer +ATTRIBUTE Lucent-Fr05-Vci 258 integer +ATTRIBUTE Lucent-Fr05-Enabled 259 integer +ATTRIBUTE Lucent-Tunnel-Auth-Type 260 octets # tag? +ATTRIBUTE Lucent-MOH-Timeout 261 integer +ATTRIBUTE Lucent-ATM-Circuit-Name 262 string +ATTRIBUTE Lucent-Priority-For-PPP 263 integer +ATTRIBUTE Lucent-Max-RTP-Delay 264 integer +ATTRIBUTE Lucent-RTP-Port-Range 265 string +ATTRIBUTE Lucent-TOS-Copying 266 integer +ATTRIBUTE Lucent-Packet-Classification 267 integer +ATTRIBUTE Lucent-No-High-Prio-Pkt-Duratio 268 integer +ATTRIBUTE Lucent-AT-Answer-String 269 string +ATTRIBUTE Lucent-IP-OUTGOING-TOS 270 integer +ATTRIBUTE Lucent-IP-OUTGOING-TOS-Precedence 271 integer +ATTRIBUTE Lucent-IP-OUTGOING-DSCP 272 integer +ATTRIBUTE Lucent-TermSrv-Login-Prompt 273 string +ATTRIBUTE Lucent-Multicast-Service-Profile-Name 274 string +ATTRIBUTE Lucent-Multicast-Max-Groups 275 integer +ATTRIBUTE Lucent-Multicast-Service-Name 276 string +ATTRIBUTE Lucent-Multicast-Service-Active 277 integer +ATTRIBUTE Lucent-Multicast-Service-Snmp-Trap 278 integer +ATTRIBUTE Lucent-Multicast-Service-Filter-Type 279 integer +ATTRIBUTE Lucent-Multicast-Filter-Active 280 integer +ATTRIBUTE Lucent-Multicast-Filter-Address 281 ipaddr +ATTRIBUTE Lucent-Tunnel-TOS 282 integer +ATTRIBUTE Lucent-Tunnel-TOS-Precedence 283 integer +ATTRIBUTE Lucent-Tunnel-DSCP 284 integer +ATTRIBUTE Lucent-Tunnel-TOS-Filter 285 string +ATTRIBUTE Lucent-Tunnel-TOS-Copy 286 integer +ATTRIBUTE Lucent-Http-Redirect-URL 287 string +ATTRIBUTE Lucent-Http-Redirect-Port 288 integer +ATTRIBUTE Lucent-L2TP-DCI-Disconnect-Code 289 integer +ATTRIBUTE Lucent-L2TP-DCI-Protocol-Number 290 integer +ATTRIBUTE Lucent-L2TP-DCI-Direction 291 integer +ATTRIBUTE Lucent-L2TP-DCI-Message 292 string +ATTRIBUTE Lucent-L2TP-Q931-Cause-Code 293 integer +ATTRIBUTE Lucent-L2TP-Q931-Cause-Message 294 integer +ATTRIBUTE Lucent-L2TP-Q931-Advisory-Message 295 string +ATTRIBUTE Lucent-L2TP-RC-Result-Code 296 integer +ATTRIBUTE Lucent-L2TP-RC-Error-Code 297 integer +ATTRIBUTE Lucent-L2TP-RC-Error-Message 298 string +ATTRIBUTE Lucent-L2TP-Disconnect-Scenario 299 integer +ATTRIBUTE Lucent-L2TP-Peer-Disconnect-Cause 300 integer +ATTRIBUTE Lucent-L2TP-Peer-Connect-Progress 301 integer +ATTRIBUTE Lucent-QuickConnect-Attempted 302 integer +ATTRIBUTE Lucent-Num-Moh-Sessions 303 integer +ATTRIBUTE Lucent-Cumulative-Hold-Time 304 integer +ATTRIBUTE Lucent-Modem-Modulation 305 integer +ATTRIBUTE Lucent-User-Acct-Expiration 306 date +ATTRIBUTE Lucent-User-Login-Level 307 integer +ATTRIBUTE Lucent-First-Level-User 308 string +ATTRIBUTE Lucent-IP-Source-If 309 string +ATTRIBUTE Lucent-Reverse-Path-Check 310 integer +ATTRIBUTE Lucent-LCP-Keepalive-Period 321 integer +ATTRIBUTE Lucent-LCP-Keepalive-Missed-Limit 322 integer +ATTRIBUTE Lucent-Dsl-Atuc-Chan-Uncorrect-Blks 10000 integer +ATTRIBUTE Lucent-Dsl-Atuc-Chan-Corrected-Blks 10001 integer +ATTRIBUTE Lucent-Dsl-Atuc-Chan-Xmit-Blks 10002 integer +ATTRIBUTE Lucent-Dsl-Atuc-Chan-Recd-Blks 10003 integer +ATTRIBUTE Lucent-Dsl-Atuc-Perf-Inits 10004 integer +ATTRIBUTE Lucent-Dsl-Atuc-Perf-ESs 10005 integer +ATTRIBUTE Lucent-Dsl-Atuc-Perf-Lprs 10006 integer +ATTRIBUTE Lucent-Dsl-Atuc-Perf-Lols 10007 integer +ATTRIBUTE Lucent-Dsl-Atuc-Perf-Loss 10008 integer +ATTRIBUTE Lucent-Dsl-Atuc-Perf-Lofs 10009 integer +ATTRIBUTE Lucent-Dsl-Atuc-Curr-Attainable-Rate-Dn 10010 integer +ATTRIBUTE Lucent-Dsl-Atuc-Curr-Output-Pwr-Dn 10011 integer +ATTRIBUTE Lucent-Dsl-Atuc-Curr-Atn-Up 10012 integer +ATTRIBUTE Lucent-Dsl-Atuc-Curr-Snr-Mgn-Up 10013 integer +#ATTRIBUTE Lucent-Dsl-Atuc-Perf-Stat-Fast-Retrains 10014 integer +#ATTRIBUTE Lucent-Dsl-Atuc-Perf-Stat-Failed-Fast-Retrains 10015 integer + +# FIXME when we can deal with long attribute names. +ATTRIBUTE Lucent-Dsl-Atuc-PS-Fast-Retrains 10014 integer +ATTRIBUTE Lucent-Dsl-Atuc-PS-Failed-Fast-Retrains 10015 integer + +ATTRIBUTE Lucent-Dsl-Code-Violations 10016 integer +ATTRIBUTE Lucent-Line-Type 10017 integer +ATTRIBUTE Lucent-Dsl-Curr-Up-Rate 10018 integer +ATTRIBUTE Lucent-Dsl-Curr-Dn-Rate 10019 integer +ATTRIBUTE Lucent-Dsl-Physical-Slot 10020 integer +ATTRIBUTE Lucent-Dsl-Physical-Line 10021 integer +ATTRIBUTE Lucent-Dsl-If-Index 10022 integer +ATTRIBUTE Lucent-Dsl-Oper-Status 10023 integer +ATTRIBUTE Lucent-Dsl-Related-If-Index 10024 integer +ATTRIBUTE Lucent-Dsl-Atuc-Curr-Attainable-Rate-Up 10025 integer +ATTRIBUTE Lucent-Dsl-Atuc-Curr-Output-Pwr-Up 10026 integer +ATTRIBUTE Lucent-Dsl-Atuc-Curr-Atn-Dn 10027 integer +ATTRIBUTE Lucent-Dsl-Atuc-Curr-Snr-Mgn-D 10028 integer +ATTRIBUTE Lucent-Dsl-Related-Slot 10029 integer +ATTRIBUTE Lucent-Dsl-Related-Port 10030 integer +ATTRIBUTE Lucent-Dsl-Sparing-Role 10031 integer +ATTRIBUTE Lucent-Absolute-Time 10032 integer +ATTRIBUTE Lucent-Configured-Rate-Up-Min 10033 integer +ATTRIBUTE Lucent-Configured-Rate-Up-Max 10034 integer +ATTRIBUTE Lucent-Configured-Rate-Dn-Min 10035 integer +ATTRIBUTE Lucent-Configured-Rate-Dn-Max 10036 integer +ATTRIBUTE Lucent-Dsl-Physical-Channel 10037 integer +ATTRIBUTE Lucent-Sonet-Section-ESs 10100 integer +ATTRIBUTE Lucent-Sonet-Section-SESs 10101 integer +ATTRIBUTE Lucent-Sonet-Section-SEFSs 10102 integer +ATTRIBUTE Lucent-Sonet-Section-CVs 10103 integer +ATTRIBUTE Lucent-Sonet-Line-ESs-Near 10104 integer +ATTRIBUTE Lucent-Sonet-Line-SESs-Near 10105 integer +ATTRIBUTE Lucent-Sonet-Line-CVs-Near 10106 integer +ATTRIBUTE Lucent-Sonet-Line-USs-Near 10107 integer +ATTRIBUTE Lucent-Sonet-Line-ESs-Far 10108 integer +ATTRIBUTE Lucent-Sonet-Line-SESs-Far 10109 integer +ATTRIBUTE Lucent-Sonet-Line-CVs-Far 10110 integer +ATTRIBUTE Lucent-Sonet-Line-USs-Far 10111 integer +ATTRIBUTE Lucent-Sonet-Path-ESs-Near 10112 integer +ATTRIBUTE Lucent-Sonet-Path-SESs-Near 10113 integer +ATTRIBUTE Lucent-Sonet-Path-CVs-Near 10114 integer +ATTRIBUTE Lucent-Sonet-Path-USs-Near 10115 integer +ATTRIBUTE Lucent-Sonet-Path-ESs-Far 10116 integer +ATTRIBUTE Lucent-Sonet-Path-SESs-Far 10117 integer +ATTRIBUTE Lucent-Sonet-Path-CVs-Far 10118 integer +ATTRIBUTE Lucent-Sonet-Path-USs-Far 10119 integer +ATTRIBUTE Lucent-Ds3-F-Bit-Err 10200 integer +ATTRIBUTE Lucent-Ds3-P-Bit-Err 10201 integer +ATTRIBUTE Lucent-Ds3-CCVs 10202 integer +ATTRIBUTE Lucent-Ds3-PESs 10203 integer +ATTRIBUTE Lucent-Ds3-PSESs 10204 integer +ATTRIBUTE Lucent-Ds3-SEFs 10205 integer +ATTRIBUTE Lucent-Ds3-UASs 10206 integer +ATTRIBUTE Lucent-Ds3-LCVs 10207 integer +ATTRIBUTE Lucent-Ds3-PCVs 10208 integer +ATTRIBUTE Lucent-Ds3-LESs 10209 integer +ATTRIBUTE Lucent-Ds3-CESs 10210 integer +ATTRIBUTE Lucent-Ds3-CSESs 10211 integer +ATTRIBUTE Lucent-Rtp-Local-Number-Of-Samples 10300 integer +ATTRIBUTE Lucent-Rtp-Remote-Number-Of-Samples 10301 integer +ATTRIBUTE Lucent-Rtp-Local-Jitter-Minimum 10302 integer +ATTRIBUTE Lucent-Rtp-Local-Jitter-Maximum 10303 integer +ATTRIBUTE Lucent-Rtp-Local-Jitter-Mean 10304 integer +ATTRIBUTE Lucent-Rtp-Local-Jitter-Variance 10305 integer +ATTRIBUTE Lucent-Rtp-Local-Delay-Minimum 10306 integer +ATTRIBUTE Lucent-Rtp-Local-Delay-Maximum 10307 integer +ATTRIBUTE Lucent-Rtp-Local-Delay-Mean 10308 integer +ATTRIBUTE Lucent-Rtp-Local-Delay-Variance 10309 integer +ATTRIBUTE Lucent-Rtp-Local-Packets-Sent 10310 integer +ATTRIBUTE Lucent-Rtp-Local-Packets-Lost 10311 integer +ATTRIBUTE Lucent-Rtp-Local-Packets-Late 10312 integer +ATTRIBUTE Lucent-Rtp-Local-Bytes-Sent 10313 integer +ATTRIBUTE Lucent-Rtp-Local-Silence-Percent 10314 integer +ATTRIBUTE Lucent-Rtp-Remote-Jitter-Minimum 10315 integer +ATTRIBUTE Lucent-Rtp-Remote-Jitter-Maximum 10316 integer +ATTRIBUTE Lucent-Rtp-Remote-Jitter-Mean 10317 integer +ATTRIBUTE Lucent-Rtp-Remote-Jitter-Variance 10318 integer +ATTRIBUTE Lucent-Rtp-Remote-Delay-Minimum 10319 integer +ATTRIBUTE Lucent-Rtp-Remote-Delay-Maximum 10320 integer +ATTRIBUTE Lucent-Rtp-Remote-Delay-Mean 10321 integer +ATTRIBUTE Lucent-Rtp-Remote-Delay-Variance 10322 integer +ATTRIBUTE Lucent-Rtp-Remote-Packets-Sent 10323 integer +ATTRIBUTE Lucent-Rtp-Remote-Packets-Lost 10324 integer +ATTRIBUTE Lucent-Rtp-Remote-Packets-Late 10325 integer +ATTRIBUTE Lucent-Rtp-Remote-Bytes-Sent 10326 integer +ATTRIBUTE Lucent-Rtp-Remote-Silence-Percent 10327 integer +ATTRIBUTE Lucent-Tunnel-Auth-Type2 19999 integer +ATTRIBUTE Lucent-Multi-Packet-Separator 20000 integer +ATTRIBUTE Lucent-Min-Xmit-Rate 20100 integer +ATTRIBUTE Lucent-Max-Xmit-Rate 20101 integer +ATTRIBUTE Lucent-Min-Recv-Rate 20102 integer +ATTRIBUTE Lucent-Max-Recv-Rate 20103 integer +ATTRIBUTE Lucent-Error-Correction-Protocol 20104 integer +ATTRIBUTE Lucent-Compression-Protocol 20105 integer +ATTRIBUTE Lucent-Modulation 20106 integer +ATTRIBUTE Lucent-Xmit-Symbol-Rate 20107 integer +ATTRIBUTE Lucent-Recv-Symbol-Rate 20108 integer +ATTRIBUTE Lucent-Current-Xmit-Level 20109 integer +ATTRIBUTE Lucent-Current-Recv-Level 20110 integer +ATTRIBUTE Lucent-Current-Line-Quality 20111 integer +ATTRIBUTE Lucent-Current-SNR 20112 integer +ATTRIBUTE Lucent-Min-SNR 20113 integer +ATTRIBUTE Lucent-Max-SNR 20114 integer +ATTRIBUTE Lucent-Local-Retrain-Requested 20115 integer +ATTRIBUTE Lucent-Remote-Retrain-Requested 20116 integer +ATTRIBUTE Lucent-Connection-Time 20117 integer +ATTRIBUTE Lucent-Modem-Disconnect-Reason 20118 integer +ATTRIBUTE Lucent-Retrain-Reason 20119 integer + +END-VENDOR Lucent diff --git a/freeradius/dict/dictionary.manzara b/freeradius/dict/dictionary.manzara new file mode 100644 index 0000000..17092c5 --- /dev/null +++ b/freeradius/dict/dictionary.manzara @@ -0,0 +1,24 @@ +VENDOR Manzara 19382 + +BEGIN-VENDOR Manzara + +ATTRIBUTE Manzara-User-UID 1 integer +ATTRIBUTE Manzara-User-GID 2 integer +ATTRIBUTE Manzara-User-Home 3 string +ATTRIBUTE Manzara-User-Shell 4 string +ATTRIBUTE Manzara-PPP-Addr-String 5 string +ATTRIBUTE Manzara-Full-Login-String 6 string +ATTRIBUTE Manzara-Tariff-Units 7 integer +ATTRIBUTE Manzara-Tariff-Type 8 integer +ATTRIBUTE Manzara-ECP-Session-Key 9 octets + +VALUE Manzara-Tariff-Type MMS-Picture 1 +VALUE Manzara-Tariff-Type Unused 2 +VALUE Manzara-Tariff-Type Internet 3 + +# +# Poaching on the standard space is wrong. +# +VALUE Acct-Status-Type One-Time 17 + +END-VENDOR Manzara diff --git a/freeradius/dict/dictionary.merit b/freeradius/dict/dictionary.merit new file mode 100644 index 0000000..3940bb4 --- /dev/null +++ b/freeradius/dict/dictionary.merit @@ -0,0 +1,15 @@ +# -*- text -*- +# +# For Merit. +# +# $Id$ +# +VENDOR Merit 61 + +BEGIN-VENDOR Merit + +ATTRIBUTE Merit-Proxy-Action 211 string +ATTRIBUTE Merit-User-Id 222 string +ATTRIBUTE Merit-User-Realm 223 string + +END-VENDOR Merit diff --git a/freeradius/dict/dictionary.microsoft b/freeradius/dict/dictionary.microsoft new file mode 100644 index 0000000..aaa8b61 --- /dev/null +++ b/freeradius/dict/dictionary.microsoft @@ -0,0 +1,129 @@ +# -*- text -*- +# +# Microsoft's VSA's, from RFC 2548 +# +# $Id$ +# + +VENDOR Microsoft 311 + +BEGIN-VENDOR Microsoft +ATTRIBUTE MS-CHAP-Response 1 octets +ATTRIBUTE MS-CHAP-Error 2 string +ATTRIBUTE MS-CHAP-CPW-1 3 octets +ATTRIBUTE MS-CHAP-CPW-2 4 octets +ATTRIBUTE MS-CHAP-LM-Enc-PW 5 octets +ATTRIBUTE MS-CHAP-NT-Enc-PW 6 octets +ATTRIBUTE MS-MPPE-Encryption-Policy 7 octets +# This is referred to as both singular and plural in the RFC. +# Plural seems to make more sense. +ATTRIBUTE MS-MPPE-Encryption-Type 8 octets +ATTRIBUTE MS-MPPE-Encryption-Types 8 octets +ATTRIBUTE MS-RAS-Vendor 9 integer # content is Vendor-ID +ATTRIBUTE MS-CHAP-Domain 10 string +ATTRIBUTE MS-CHAP-Challenge 11 octets +ATTRIBUTE MS-CHAP-MPPE-Keys 12 octets encrypt=1 +ATTRIBUTE MS-BAP-Usage 13 integer +ATTRIBUTE MS-Link-Utilization-Threshold 14 integer # values are 1-100 +ATTRIBUTE MS-Link-Drop-Time-Limit 15 integer +ATTRIBUTE MS-MPPE-Send-Key 16 octets encrypt=2 +ATTRIBUTE MS-MPPE-Recv-Key 17 octets encrypt=2 +ATTRIBUTE MS-RAS-Version 18 string +ATTRIBUTE MS-Old-ARAP-Password 19 octets +ATTRIBUTE MS-New-ARAP-Password 20 octets +ATTRIBUTE MS-ARAP-PW-Change-Reason 21 integer + +ATTRIBUTE MS-Filter 22 octets +ATTRIBUTE MS-Acct-Auth-Type 23 integer +ATTRIBUTE MS-Acct-EAP-Type 24 integer + +ATTRIBUTE MS-CHAP2-Response 25 octets +ATTRIBUTE MS-CHAP2-Success 26 octets +ATTRIBUTE MS-CHAP2-CPW 27 octets + +ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr +ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr +ATTRIBUTE MS-Primary-NBNS-Server 30 ipaddr +ATTRIBUTE MS-Secondary-NBNS-Server 31 ipaddr + +#ATTRIBUTE MS-ARAP-Challenge 33 octets + +## MS-RNAP +# +# http://download.microsoft.com/download/9/5/E/95EF66AF-9026-4BB0-A41D-A4F81802D92C/%5BMS-RNAP%5D.pdf + +ATTRIBUTE MS-RAS-Client-Name 34 string +ATTRIBUTE MS-RAS-Client-Version 35 string +ATTRIBUTE MS-Quarantine-IPFilter 36 octets +ATTRIBUTE MS-Quarantine-Session-Timeout 37 integer +ATTRIBUTE MS-User-Security-Identity 40 string +ATTRIBUTE MS-Identity-Type 41 integer +ATTRIBUTE MS-Service-Class 42 string +ATTRIBUTE MS-Quarantine-User-Class 44 string +ATTRIBUTE MS-Quarantine-State 45 integer +ATTRIBUTE MS-Quarantine-Grace-Time 46 integer +ATTRIBUTE MS-Network-Access-Server-Type 47 integer +ATTRIBUTE MS-AFW-Zone 48 integer + +VALUE MS-AFW-Zone MS-AFW-Zone-Boundary-Policy 1 +VALUE MS-AFW-Zone MS-AFW-Zone-Unprotected-Policy 2 +VALUE MS-AFW-Zone MS-AFW-Zone-Protected-Policy 3 + +ATTRIBUTE MS-AFW-Protection-Level 49 integer + +VALUE MS-AFW-Protection-Level HECP-Response-Sign-Only 1 +VALUE MS-AFW-Protection-Level HECP-Response-Sign-And-Encrypt 2 + +ATTRIBUTE MS-Machine-Name 50 string +ATTRIBUTE MS-IPv6-Filter 51 octets +ATTRIBUTE MS-IPv4-Remediation-Servers 52 octets +ATTRIBUTE MS-IPv6-Remediation-Servers 53 octets +ATTRIBUTE MS-RNAP-Not-Quarantine-Capable 54 integer + +VALUE MS-RNAP-Not-Quarantine-Capable SoH-Sent 0 +VALUE MS-RNAP-Not-Quarantine-Capable SoH-Not-Sent 1 + +ATTRIBUTE MS-Quarantine-SOH 55 octets +ATTRIBUTE MS-RAS-Correlation-ID 56 octets +ATTRIBUTE MS-Extended-Quarantine-State 57 integer + +ATTRIBUTE MS-HCAP-User-Groups 58 string +ATTRIBUTE MS-HCAP-Location-Group-Name 59 string +ATTRIBUTE MS-HCAP-User-Name 60 string +ATTRIBUTE MS-User-IPv4-Address 61 ipaddr +ATTRIBUTE MS-User-IPv6-Address 62 ipv6addr +ATTRIBUTE MS-TSG-Device-Redirection 63 integer + +# +# Integer Translations +# + +# MS-BAP-Usage Values + +VALUE MS-BAP-Usage Not-Allowed 0 +VALUE MS-BAP-Usage Allowed 1 +VALUE MS-BAP-Usage Required 2 + +# MS-ARAP-Password-Change-Reason Values + +VALUE MS-ARAP-PW-Change-Reason Just-Change-Password 1 +VALUE MS-ARAP-PW-Change-Reason Expired-Password 2 +VALUE MS-ARAP-PW-Change-Reason Admin-Requires-Password-Change 3 +VALUE MS-ARAP-PW-Change-Reason Password-Too-Short 4 + +# MS-Acct-Auth-Type Values + +VALUE MS-Acct-Auth-Type PAP 1 +VALUE MS-Acct-Auth-Type CHAP 2 +VALUE MS-Acct-Auth-Type MS-CHAP-1 3 +VALUE MS-Acct-Auth-Type MS-CHAP-2 4 +VALUE MS-Acct-Auth-Type EAP 5 + +# MS-Acct-EAP-Type Values + +VALUE MS-Acct-EAP-Type MD5 4 +VALUE MS-Acct-EAP-Type OTP 5 +VALUE MS-Acct-EAP-Type Generic-Token-Card 6 +VALUE MS-Acct-EAP-Type TLS 13 + +END-VENDOR Microsoft diff --git a/freeradius/dict/dictionary.mikrotik b/freeradius/dict/dictionary.mikrotik new file mode 100644 index 0000000..ce8634c --- /dev/null +++ b/freeradius/dict/dictionary.mikrotik @@ -0,0 +1,42 @@ +# -*- text -*- +# http://www.mikrotik.com +# +# http://www.mikrotik.com/documentation//manual_2.9/dictionary +# +# Do NOT follow their instructions and replace the dictionary +# in /etc/raddb with the one that they supply. It is NOT necessary. +# +# On top of that, the sample dictionary file they provide +# DOES NOT WORK. Do NOT use it. +# +# $Id$ +# +VENDOR Mikrotik 14988 + +BEGIN-VENDOR Mikrotik + +ATTRIBUTE Mikrotik-Recv-Limit 1 integer +ATTRIBUTE Mikrotik-Xmit-Limit 2 integer + +# this attribute is unused +ATTRIBUTE Mikrotik-Group 3 string + +ATTRIBUTE Mikrotik-Wireless-Forward 4 integer +ATTRIBUTE Mikrotik-Wireless-Skip-Dot1x 5 integer +ATTRIBUTE Mikrotik-Wireless-Enc-Algo 6 integer +ATTRIBUTE Mikrotik-Wireless-Enc-Key 7 string +ATTRIBUTE Mikrotik-Rate-Limit 8 string +ATTRIBUTE Mikrotik-Realm 9 string +ATTRIBUTE Mikrotik-Host-IP 10 ipaddr +ATTRIBUTE Mikrotik-Mark-Id 11 string +ATTRIBUTE Mikrotik-Advertise-URL 12 string +ATTRIBUTE Mikrotik-Advertise-Interval 13 integer +ATTRIBUTE Mikrotik-Recv-Limit-Gigawords 14 integer +ATTRIBUTE Mikrotik-Xmit-Limit-Gigawords 15 integer +# MikroTik Values + +VALUE Mikrotik-Wireless-Enc-Algo No-encryption 0 +VALUE Mikrotik-Wireless-Enc-Algo 40-bit-WEP 1 +VALUE Mikrotik-Wireless-Enc-Algo 104-bit-WEP 2 + +END-VENDOR Mikrotik diff --git a/freeradius/dict/dictionary.motorola b/freeradius/dict/dictionary.motorola new file mode 100644 index 0000000..83f2323 --- /dev/null +++ b/freeradius/dict/dictionary.motorola @@ -0,0 +1,27 @@ +# -*- text -*- +############################################################################## +# +# Motorola Canopy attributes. +# +# NOT included in the main dictionaries because of conflicts +# with Ascend attributes. +# +# $Id$ +# +############################################################################## + +VENDOR Motorola 161 + +ATTRIBUTE Motorola-Canopy-Shared-Secret 224 string +ATTRIBUTE Motorola-Canopy-SULDR 225 string +ATTRIBUTE Motorola-Canopy-SDLDR 226 string +ATTRIBUTE Motorola-Canopy-ULBA 227 string +ATTRIBUTE Motorola-Canopy-DLBA 228 string +ATTRIBUTE Motorola-Canopy-Enable 229 string +ATTRIBUTE Motorola-Canopy-LPSULDR 230 string +ATTRIBUTE Motorola-Canopy-LPSDLDR 231 string +ATTRIBUTE Motorola-Canopy-HPCENABLE 232 string +ATTRIBUTE Motorola-Canopy-HPSULDR 233 string +ATTRIBUTE Motorola-Canopy-HPSDLDR 234 string +ATTRIBUTE Motorola-Canopy-HIGHERBW 235 string +ATTRIBUTE Motorola-Canopy-CIRENABLE 236 string diff --git a/freeradius/dict/dictionary.navini b/freeradius/dict/dictionary.navini new file mode 100644 index 0000000..6e16f7c --- /dev/null +++ b/freeradius/dict/dictionary.navini @@ -0,0 +1,20 @@ +# -*- text -*- +# +# dictionary.navini +# +# By +# "Paul Shields" +# +# Version: $Id$ +# + +VENDOR Navini 6504 + +# +# Standard attribute +# +BEGIN-VENDOR Navini + +ATTRIBUTE Navini-AVPair 1 string + +END-VENDOR Navini diff --git a/freeradius/dict/dictionary.netscreen b/freeradius/dict/dictionary.netscreen new file mode 100644 index 0000000..61056a3 --- /dev/null +++ b/freeradius/dict/dictionary.netscreen @@ -0,0 +1,32 @@ +# -*- text -*- +# +# From: +# http://www.netscreen.com/support/downloads/4.0_configuring_screenOS_for_NTdomain_v11.pdf +# + +VENDOR Netscreen 3224 + +BEGIN-VENDOR Netscreen + +ATTRIBUTE NS-Admin-Privilege 1 integer +ATTRIBUTE NS-VSYS-Name 2 string +ATTRIBUTE NS-User-Group 3 string +ATTRIBUTE NS-Primary-DNS 4 ipaddr +ATTRIBUTE NS-Secondary-DNS 5 ipaddr +ATTRIBUTE NS-Primary-WINS 6 ipaddr +ATTRIBUTE NS-Secondary-WINS 7 ipaddr + +ATTRIBUTE NS-NSM-User-Domain-Name 220 string +ATTRIBUTE NS-NSM-User-Role-Mapping 221 string + +# +# Values VSYS-Admin and Read-Only-VSYS-Admin require a NS-VSYS-Name +# attribute in the response packet. +# +VALUE NS-Admin-Privilege Root-Admin 1 +VALUE NS-Admin-Privilege All-VSYS-Root-Admin 2 +VALUE NS-Admin-Privilege VSYS-Admin 3 +VALUE NS-Admin-Privilege Read-Only-Admin 4 +VALUE NS-Admin-Privilege Read-Only-VSYS-Admin 5 + +END-VENDOR Netscreen diff --git a/freeradius/dict/dictionary.nexans b/freeradius/dict/dictionary.nexans new file mode 100644 index 0000000..f30e696 --- /dev/null +++ b/freeradius/dict/dictionary.nexans @@ -0,0 +1,18 @@ +# -*- text -*- +############################################################################## +# Nexans Active Networking Systems dictionary http://www.nexans.de/ans +# +# Version: $Id$ +# +# Hubert Theissen +# +############################################################################## + +VENDOR Nexans 266 + +BEGIN-VENDOR Nexans + +ATTRIBUTE Nexans-Port-Default-VLAN-ID 1 integer +ATTRIBUTE Nexans-Port-Voice-VLAN-ID 2 integer + +END-VENDOR Nexans diff --git a/freeradius/dict/dictionary.nokia b/freeradius/dict/dictionary.nokia new file mode 100644 index 0000000..517e9e3 --- /dev/null +++ b/freeradius/dict/dictionary.nokia @@ -0,0 +1,38 @@ +# -*- text -*- +###################################################################### +# +# Nokia dictionary +# $Id$ +# +###################################################################### + +VENDOR Nokia 94 + +BEGIN-VENDOR Nokia + +ATTRIBUTE Nokia-AVPair 1 string +ATTRIBUTE Nokia-User-Profile 2 string +ATTRIBUTE Nokia-Service-Name 3 octets # magic format +ATTRIBUTE Nokia-Service-Id 4 octets # magic format +ATTRIBUTE Nokia-Service-Username 5 octets # magic format +ATTRIBUTE Nokia-Service-Password 6 octets # magic format +ATTRIBUTE Nokia-Service-Primary-Indicator 7 octets +ATTRIBUTE Nokia-Service-Charging-Type 8 octets # magic format +ATTRIBUTE Nokia-Service-Encrypted-Password 9 octets # magic format +ATTRIBUTE Nokia-Session-Access-Method 10 octets +ATTRIBUTE Nokia-Session-Charging-Type 11 octets +ATTRIBUTE Nokia-OCS-ID1 12 integer +ATTRIBUTE Nokia-OCS-ID2 13 integer +ATTRIBUTE Nokia-TREC-Index 14 integer +ATTRIBUTE Nokia-Requested-APN 15 string +END-VENDOR Nokia + +# +# The format of some Nokia attributes is binary coded decimal +# (BCD) with the last four bits all set to 1 if there are an odd +# number of digits, +# +# e.g 123 is encoded as hexadecimal bytes 21 F3 +# +# This is an incredibly stupid way of encoding the data. +# diff --git a/freeradius/dict/dictionary.nokia.conflict b/freeradius/dict/dictionary.nokia.conflict new file mode 100644 index 0000000..4cd306a --- /dev/null +++ b/freeradius/dict/dictionary.nokia.conflict @@ -0,0 +1,30 @@ +# -*- text -*- +############################################################################## +# +# Nokia dictionary for attributes that conflict with other dictionaries. +# +# $Id$ +# +############################################################################## + +# +# Enable by putting the line "$INCLUDE dictionary.nokia.conflict" into +# the main dictionary file. Don't forget to comment out the +# $INCLUDE dictionary.ascend, because these over-lap with the +# standard RADIUS attributes, which are also illegitimately used +# by Ascend. +# +# It's apparently rocket science for people to define their own +# VSA's. +# + +ATTRIBUTE Nokia-Primary-DNS-Server 135 ipaddr +ATTRIBUTE Nokia-Secondary-DNS-Server 136 ipaddr + + +ATTRIBUTE Nokia-IMSI 224 octets +ATTRIBUTE Nokia-Charging-Id 225 integer +ATTRIBUTE Nokia-Prepaid-Ind 226 integer +ATTRIBUTE Nokia-GGSN-IP-Address 227 ipaddr +ATTRIBUTE Nokia-SGSN-IP-Address 228 ipaddr + diff --git a/freeradius/dict/dictionary.nomadix b/freeradius/dict/dictionary.nomadix new file mode 100644 index 0000000..f662c66 --- /dev/null +++ b/freeradius/dict/dictionary.nomadix @@ -0,0 +1,26 @@ +# -*- text -*- +# +# Version: $Id$ +# +VENDOR Nomadix 3309 +# +BEGIN-VENDOR Nomadix + +ATTRIBUTE Nomadix-Bw-Up 1 integer +ATTRIBUTE Nomadix-Bw-Down 2 integer +ATTRIBUTE Nomadix-URL-Redirection 3 string +ATTRIBUTE Nomadix-IP-Upsell 4 integer +ATTRIBUTE Nomadix-Expiration 5 string +ATTRIBUTE Nomadix-Subnet 6 string +ATTRIBUTE Nomadix-MaxBytesUp 7 integer +ATTRIBUTE Nomadix-MaxBytesDown 8 integer +ATTRIBUTE Nomadix-EndofSession 9 integer +ATTRIBUTE Nomadix-Logoff-URL 10 string +ATTRIBUTE Nomadix-Net-VLAN 11 integer +ATTRIBUTE Nomadix-Config-URL 12 string +ATTRIBUTE Nomadix-Goodbye-URL 13 string + +VALUE Nomadix-IP-Upsell PrivatePool 0 +VALUE Nomadix-IP-Upsell PublicPool 1 + +END-VENDOR Nomadix diff --git a/freeradius/dict/dictionary.nortel b/freeradius/dict/dictionary.nortel new file mode 100644 index 0000000..88b62a7 --- /dev/null +++ b/freeradius/dict/dictionary.nortel @@ -0,0 +1,24 @@ +# -*- text -*- +############################################################################## +# +# Nortel Passport 8600 VSA's. +# +# http://www142.nortelnetworks.com/bvdoc/setips/july04/engineeringtipstricksv12.pdf +# +# $Id$ +# +############################################################################## + +VENDOR Nortel 562 +BEGIN-VENDOR Nortel + +ATTRIBUTE Passport-Command-Scope 200 integer +ATTRIBUTE Passport-Command-Impact 201 integer +ATTRIBUTE Passport-Customer-Identifier 202 integer +ATTRIBUTE Passport-Allowed-Access 203 integer +ATTRIBUTE Passport-AllowedOut-Access 204 integer +ATTRIBUTE Passport-Login-Directory 205 string +ATTRIBUTE Passport-Timeout-Protocol 206 integer +ATTRIBUTE Passport-Role 207 string + +END-VENDOR Nortel diff --git a/freeradius/dict/dictionary.ntua b/freeradius/dict/dictionary.ntua new file mode 100644 index 0000000..4dee9f9 --- /dev/null +++ b/freeradius/dict/dictionary.ntua @@ -0,0 +1,43 @@ +# -*- text -*- +VENDOR NTUA 969 + +BEGIN-VENDOR NTUA + +# +# Authentication Attributes +# +ATTRIBUTE UserLogon-Uid 10 integer +ATTRIBUTE UserLogon-Gid 11 integer +ATTRIBUTE UserLogon-HomeDir 12 string +ATTRIBUTE UserLogon-Type 13 integer +ATTRIBUTE UserLogon-QuotaBytes 14 integer +ATTRIBUTE UserLogon-QuotaFiles 15 integer +ATTRIBUTE UserLogon-Shell 16 string +ATTRIBUTE UserLogon-Restriction 17 integer +ATTRIBUTE UserLogon-GroupNames 18 string +ATTRIBUTE UserLogon-DriveNames 19 string +ATTRIBUTE UserLogon-UserDescription 20 string +ATTRIBUTE UserLogon-UserFullName 21 string +ATTRIBUTE UserLogon-UserDomain 22 string +ATTRIBUTE UserLogon-LogonTask 23 string +ATTRIBUTE UserLogon-LogoffTask 24 string +ATTRIBUTE UserLogon-Expiration 25 string +ATTRIBUTE UserLogon-UserProfile 26 string +# +# Accounting Attributes +# +ATTRIBUTE UserLogon-Acct-TerminateCause 50 string + +VALUE UserLogon-Type FTP 1 +VALUE UserLogon-Type WEB 2 +VALUE UserLogon-Type POP 3 +VALUE UserLogon-Type IMAP 4 +VALUE UserLogon-Type Windows-Logon 5 +VALUE UserLogon-Type Unix-Logon 6 +VALUE UserLogon-Type SMTP-Auth 7 +VALUE UserLogon-Type Other 200 + +VALUE UserLogon-Restriction Anonymous-User 1 +VALUE UserLogon-Restriction Admin-User 2 + +END-VENDOR NTUA diff --git a/freeradius/dict/dictionary.openser b/freeradius/dict/dictionary.openser new file mode 100644 index 0000000..a581810 --- /dev/null +++ b/freeradius/dict/dictionary.openser @@ -0,0 +1,40 @@ +# -*- text -*- +############################################################################## +# +# OpenSER dictionary. +# +# This dictionary is NOT included by default, because it conflicts +# with attributes defined in the RADIUS standard. Vendors SHOULD +# be using a VSA space to assign attributes. +# +# Be aware that if you DO include this dictionary in the main +# dictionary file, other parts of your configuration may break! +# +# http://www.openser.org/docs/openser-radius-1.0.x.html +# +# $Id$ +# +############################################################################## + +ATTRIBUTE Sip-Method 101 integer +ATTRIBUTE Sip-Response-Code 102 integer +ATTRIBUTE Sip-Cseq 103 string +ATTRIBUTE Sip-To-Tag 104 string +ATTRIBUTE Sip-From-Tag 105 string +ATTRIBUTE Sip-Translated-Request-URI 107 string +ATTRIBUTE Sip-Src-IP 108 string +ATTRIBUTE Sip-Src-Port 109 string +ATTRIBUTE Sip-Uri-User 208 string +ATTRIBUTE Sip-Group 211 string +ATTRIBUTE Sip-Rpid 213 string +ATTRIBUTE SIP-AVP 225 string + +VALUE Service-Type Group-Check 12 +VALUE Service-Type Sip-Session 15 +VALUE Service-Type SIP-Caller-AVPs 30 +VALUE Service-Type SIP-Callee-AVPs 31 + +VALUE Sip-Method INVITE 1 +VALUE Sip-Method CANCEL 2 +VALUE Sip-Method ACK 4 +VALUE Sip-Method BYE 8 diff --git a/freeradius/dict/dictionary.packeteer b/freeradius/dict/dictionary.packeteer new file mode 100644 index 0000000..f2958f0 --- /dev/null +++ b/freeradius/dict/dictionary.packeteer @@ -0,0 +1,20 @@ +# -*- text -*- +############################################################################## +# +# Packeteer VSAs, who followed the Cisco way of putting everything +# into one text string. +# +# $Id$ +# +############################################################################## + +VENDOR Packeteer 2334 + +# +# Standard attribute +# +BEGIN-VENDOR Packeteer + +ATTRIBUTE Packeteer-AVPair 1 string + +END-VENDOR Packeteer diff --git a/freeradius/dict/dictionary.patton b/freeradius/dict/dictionary.patton new file mode 100644 index 0000000..740f6b5 --- /dev/null +++ b/freeradius/dict/dictionary.patton @@ -0,0 +1,114 @@ +# +# dictionary.patton +# Dictionary for Patton IADs. +# Written by Pawel Pierscionek +# based on specifications available from vendor +# +# Version: @(#)dictionary.patton 1.00 urtho 08-Sep-2006 +# $Id$ + +VENDOR Patton 1768 + +BEGIN-VENDOR Patton + +ATTRIBUTE Patton-Setup-Time 32 string +ATTRIBUTE Patton-Connect-Time 33 string +ATTRIBUTE Patton-Disconnect-Time 34 string +ATTRIBUTE Patton-Disconnect-Cause 35 integer +ATTRIBUTE Patton-Disconnect-Source 36 string +ATTRIBUTE Patton-Called-Unique-Id 48 string +ATTRIBUTE Patton-Called-IP-Address 49 ipaddr +ATTRIBUTE Patton-Called-Numbering-Plan 50 string +ATTRIBUTE Patton-Called-Type-Of-Number 51 string +ATTRIBUTE Patton-Calling-Unique-Id 80 string +ATTRIBUTE Patton-Calling-IP-Address 81 ipaddr +ATTRIBUTE Patton-Calling-Numbering-Plan 82 string +ATTRIBUTE Patton-Calling-Type-Of-Number 83 string +ATTRIBUTE Patton-Calling-Presentation-Indicator 88 string +ATTRIBUTE Patton-Calling-Screening-Indicator 89 string + +VALUE Patton-Disconnect-Cause Valid-cause-code-not-yet-received 0x00 +VALUE Patton-Disconnect-Cause Unallocated-runassigned-number 0x01 +VALUE Patton-Disconnect-Cause No-route-to-specified-transit-network-WAN 0x02 +VALUE Patton-Disconnect-Cause No-route-to-destination 0x03 +VALUE Patton-Disconnect-Cause send-special-information-tone 0x04 +VALUE Patton-Disconnect-Cause misdialled-trunk-prefix 0x05 +VALUE Patton-Disconnect-Cause Channel-unacceptable 0x06 +VALUE Patton-Disconnect-Cause Call-awarded-and-being-delivered-in-an-established-channel 0x07 +VALUE Patton-Disconnect-Cause Prefix-0-dialed-but-not-allowed 0x08 +VALUE Patton-Disconnect-Cause Prefix-1-dialed-but-not-allowed 0x09 +VALUE Patton-Disconnect-Cause Prefix-1-dialed-but-not-required 0x0A +VALUE Patton-Disconnect-Cause More-digits-received-than-allowed-call-is-proceeding 0x0B +VALUE Patton-Disconnect-Cause Normal-call-clearing 0x10 +VALUE Patton-Disconnect-Cause User-busy 0x11 +VALUE Patton-Disconnect-Cause No-user-responding 0x12 +VALUE Patton-Disconnect-Cause no-answer-from-user 0x13 +VALUE Patton-Disconnect-Cause Call-rejected 0x15 +VALUE Patton-Disconnect-Cause Number-changed 0x16 +VALUE Patton-Disconnect-Cause Reverse-charging-rejected 0x17 +VALUE Patton-Disconnect-Cause Call-suspended 0x18 +VALUE Patton-Disconnect-Cause Call-resumed 0x19 +VALUE Patton-Disconnect-Cause Non-selected-user-clearing 0x1A +VALUE Patton-Disconnect-Cause Destination-out-of-order 0x1B +VALUE Patton-Disconnect-Cause Invalid-number-format-incomplete-number 0x1C +VALUE Patton-Disconnect-Cause Facility-rejected 0x1D +VALUE Patton-Disconnect-Cause Response-to-STATUS-ENQUIRY 0x1E +VALUE Patton-Disconnect-Cause Normal-unspecified 0x1F +VALUE Patton-Disconnect-Cause Circuit-out-of-order 0x21 +VALUE Patton-Disconnect-Cause No-circuit/channel-available 0x22 +VALUE Patton-Disconnect-Cause Destination-unattainable 0x23 +VALUE Patton-Disconnect-Cause Degraded-service 0x25 +VALUE Patton-Disconnect-Cause Network-WAN-out-of-order 0x26 +VALUE Patton-Disconnect-Cause Transit-delay-range-cannot-be-achieved 0x27 +VALUE Patton-Disconnect-Cause Throughput-range-cannot-be-achieved 0x28 +VALUE Patton-Disconnect-Cause Temporary-failure 0x29 +VALUE Patton-Disconnect-Cause Switching-equipment-congestion 0x2A +VALUE Patton-Disconnect-Cause Access-information-discarded 0x2B +VALUE Patton-Disconnect-Cause Requested-circuit-channel-not-available 0x2C +VALUE Patton-Disconnect-Cause Pre-empted 0x2D +VALUE Patton-Disconnect-Cause Precedence-call-blocked 0x2E +VALUE Patton-Disconnect-Cause Resource-unavailable-unspecified 0x2F +VALUE Patton-Disconnect-Cause Quality-of-service-unavailable 0x31 +VALUE Patton-Disconnect-Cause Requested-facility-not-subscribed 0x32 +VALUE Patton-Disconnect-Cause Reverse-charging-not-allowed 0x33 +VALUE Patton-Disconnect-Cause Outgoing-calls-barred 0x34 +VALUE Patton-Disconnect-Cause Outgoing-calls-barred-within-CUG 0x35 +VALUE Patton-Disconnect-Cause Incoming-calls-barred 0x36 +VALUE Patton-Disconnect-Cause Incoming-calls-barred-within-CUG 0x37 +VALUE Patton-Disconnect-Cause Call-waiting-not-subscribed 0x38 +VALUE Patton-Disconnect-Cause Bearer-capability-not-authorized 0x39 +VALUE Patton-Disconnect-Cause Bearer-capability-not-presently-available 0x3A +VALUE Patton-Disconnect-Cause Service-or-option-not-available-unspecified 0x3F +VALUE Patton-Disconnect-Cause Bearer-service-not-implemented 0x41 +VALUE Patton-Disconnect-Cause Channel-type-not-implemented 0x42 +VALUE Patton-Disconnect-Cause Transit-network-selection-not-implemented 0x43 +VALUE Patton-Disconnect-Cause Message-not-implemented 0x44 +VALUE Patton-Disconnect-Cause Requested-facility-not-implemented 0x45 +VALUE Patton-Disconnect-Cause Only-restricted-digital-information-bearer-capability-is-avail 0x46 +VALUE Patton-Disconnect-Cause Service-or-option-not-implemented-unspecified 0x4F +VALUE Patton-Disconnect-Cause Invalid-call-reference-value 0x51 +VALUE Patton-Disconnect-Cause Identified-channel-does-not-exist 0x52 +VALUE Patton-Disconnect-Cause A-suspended-call-exists-but-this-call-identity-does-not 0x53 +VALUE Patton-Disconnect-Cause Call-identity-in-use 0x54 +VALUE Patton-Disconnect-Cause No-call-suspended 0x55 +VALUE Patton-Disconnect-Cause Call-having-the-requested-call-identity-has-been-cleared 0x56 +VALUE Patton-Disconnect-Cause Called-user-not-member-of-CUG 0x57 +VALUE Patton-Disconnect-Cause Incompatible-destination 0x58 +VALUE Patton-Disconnect-Cause Non-existent-abbreviated-address-entry 0x59 +VALUE Patton-Disconnect-Cause Destination-address-missing-and-direct-call-not-subscribed 0x5A +VALUE Patton-Disconnect-Cause Invalid-transit-network-selection-national-use 0x5B +VALUE Patton-Disconnect-Cause Invalid-facility-parameter 0x5C +VALUE Patton-Disconnect-Cause Mandatory-information-element-is-missing 0x5D +VALUE Patton-Disconnect-Cause Invalid-message-unspecified 0x5F +VALUE Patton-Disconnect-Cause Mandatory-information-element-is-missing-2 0x60 +VALUE Patton-Disconnect-Cause Message-type-non-existent-or-not-implemented 0x61 +VALUE Patton-Disconnect-Cause Message-not-compatible-with-call-state 0x62 +VALUE Patton-Disconnect-Cause information-element-nonexistant-or-not-implemented 0x63 +VALUE Patton-Disconnect-Cause Invalid-information-element-contents 0x64 +VALUE Patton-Disconnect-Cause Message-not-compatible-with-call-state-2 0x65 +VALUE Patton-Disconnect-Cause Recovery-on-timer-expiry 0x66 +VALUE Patton-Disconnect-Cause parameter-non-existent-or-not-implemented-passed-on 0x67 +VALUE Patton-Disconnect-Cause Protocol-error-unspecified 0x6F +VALUE Patton-Disconnect-Cause Internetworking-unspecified 0x7F + +END-VENDOR Patton diff --git a/freeradius/dict/dictionary.propel b/freeradius/dict/dictionary.propel new file mode 100644 index 0000000..0f7cebd --- /dev/null +++ b/freeradius/dict/dictionary.propel @@ -0,0 +1,17 @@ +# -*- text -*- +# +# Found on the net. +# +# $Id$ +# + +VENDOR Propel 14895 + +BEGIN-VENDOR Propel +ATTRIBUTE Propel-Accelerate 1 integer +ATTRIBUTE Propel-Dialed-Digits 2 string +ATTRIBUTE Propel-Client-IP-Address 3 ipaddr +ATTRIBUTE Propel-Client-NAS-IP-Address 4 ipaddr +ATTRIBUTE Propel-Client-Source-ID 5 integer +ATTRIBUTE Propel-Content-Filter-ID 6 integer +END-VENDOR Propel diff --git a/freeradius/dict/dictionary.prosoft b/freeradius/dict/dictionary.prosoft new file mode 100644 index 0000000..1bd3c0d --- /dev/null +++ b/freeradius/dict/dictionary.prosoft @@ -0,0 +1,42 @@ +# -*- text -*- +############################################################################## +# +# Prosoft, as posted to the list. +# +# $Id$ +# +############################################################################## + +VENDOR Prosoft 4735 + +# +# Custom Prosoft attributes. +# + +BEGIN-VENDOR Prosoft + +ATTRIBUTE Prosoft-Home-Agent-Address 0 ipaddr +ATTRIBUTE Prosoft-Default-Gateway 1 ipaddr +ATTRIBUTE Prosoft-Primary-DNS 2 ipaddr +ATTRIBUTE Prosoft-Secondary-DNS 3 ipaddr +ATTRIBUTE Prosoft-Security-Parameter-Index 4 integer +ATTRIBUTE Prosoft-Security-Key 5 string +ATTRIBUTE Prosoft-MAC-Address 7 string +ATTRIBUTE Prosoft-Authentication-Reason 8 integer +ATTRIBUTE Prosoft-ATM-Interface 9 integer +ATTRIBUTE Prosoft-ATM-VPI 10 integer +ATTRIBUTE Prosoft-ATM-VCI 11 integer +ATTRIBUTE Prosoft-RSC-Identifier 12 string +ATTRIBUTE Prosoft-NPM-Identifier 13 string +ATTRIBUTE Prosoft-NPM-IP 14 string +ATTRIBUTE Prosoft-Sector-ID 15 string +ATTRIBUTE Prosoft-Auth-Role 16 integer + +VALUE Prosoft-Auth-Role Read-Status 0 +VALUE Prosoft-Auth-Role Read-Config 1 +VALUE Prosoft-Auth-Role Read-Write 2 +VALUE Prosoft-Auth-Role Admin 3 +VALUE Prosoft-Auth-Role Super-user 4 + + +END-VENDOR Prosoft diff --git a/freeradius/dict/dictionary.quiconnect b/freeradius/dict/dictionary.quiconnect new file mode 100644 index 0000000..5f52cf4 --- /dev/null +++ b/freeradius/dict/dictionary.quiconnect @@ -0,0 +1,18 @@ +# -*- text -*- +############################################################################## +# +# Quiconnect VSA's. +# +# $Id$ +# +############################################################################## + +VENDOR Quiconnect 14436 + +BEGIN-VENDOR Quiconnect + +ATTRIBUTE Quiconnect-AVPair 1 string +ATTRIBUTE Quiconnect-VNP-Information 2 string +ATTRIBUTE Quiconnect-HSP-Information 3 string + +END-VENDOR Quiconnect diff --git a/freeradius/dict/dictionary.quintum b/freeradius/dict/dictionary.quintum new file mode 100644 index 0000000..3751eea --- /dev/null +++ b/freeradius/dict/dictionary.quintum @@ -0,0 +1,50 @@ +# -*- text -*- +# +# dictionary.quintum +# +# Copied mostly from the Cisco dictionary, by +# Jeremy McNamara +# +# Version: $Id$ +# + +VENDOR Quintum 6618 + +# +# Standard attribute +# +BEGIN-VENDOR Quintum + +ATTRIBUTE Quintum-AVPair 1 string +ATTRIBUTE Quintum-NAS-Port 2 string + +# +# Voice over IP attributes. +# +ATTRIBUTE Quintum-h323-remote-address 23 string +ATTRIBUTE Quintum-h323-conf-id 24 string +ATTRIBUTE Quintum-h323-setup-time 25 string +ATTRIBUTE Quintum-h323-call-origin 26 string +ATTRIBUTE Quintum-h323-call-type 27 string +ATTRIBUTE Quintum-h323-connect-time 28 string +ATTRIBUTE Quintum-h323-disconnect-time 29 string +ATTRIBUTE Quintum-h323-disconnect-cause 30 string +ATTRIBUTE Quintum-h323-voice-quality 31 string +ATTRIBUTE Quintum-h323-gw-id 33 string +ATTRIBUTE Quintum-h323-incoming-conf-id 35 string + +ATTRIBUTE Quintum-h323-credit-amount 101 string +ATTRIBUTE Quintum-h323-credit-time 102 string +ATTRIBUTE Quintum-h323-return-code 103 string +ATTRIBUTE Quintum-h323-prompt-id 104 string +ATTRIBUTE Quintum-h323-time-and-day 105 string +ATTRIBUTE Quintum-h323-redirect-number 106 string +ATTRIBUTE Quintum-h323-preferred-lang 107 string +ATTRIBUTE Quintum-h323-redirect-ip-address 108 string +ATTRIBUTE Quintum-h323-billing-model 109 string +ATTRIBUTE Quintum-h323-currency-type 110 string + +ATTRIBUTE Quintum-Trunkid-In 230 string +ATTRIBUTE Quintum-Trunkid-Out 231 string + +END-VENDOR Quintum diff --git a/freeradius/dict/dictionary.redback b/freeradius/dict/dictionary.redback new file mode 100644 index 0000000..f0865a0 --- /dev/null +++ b/freeradius/dict/dictionary.redback @@ -0,0 +1,474 @@ +# -*- text -*- +# +# Redback dictionary. +# +# Version: 1.00 14-Sep-2000 Chris Adams +# $Id$ +# + +VENDOR Redback 2352 + +# +# Redback Vendor Specific Extensions +# +# The first set here uses '_' as the separator, as Redback has changed +# their documentation to use '-' vs. '_'. The older '_' style entries +# are listed first so that they will still be accepted, +# yet not preferred. +# +# +# Redback Vendor Specific Extensions ( older style syntax ) +# +# The names use underscores (_) instead of dashes (-), because +# that's what Redback used in their older documentation and examples. +# +BEGIN-VENDOR Redback + +ATTRIBUTE Client_DNS_Pri 1 ipaddr +ATTRIBUTE Client_DNS_Sec 2 ipaddr +ATTRIBUTE DHCP_Max_Leases 3 integer +ATTRIBUTE Context_Name 4 string +ATTRIBUTE Bridge_Group 5 string +ATTRIBUTE BG_Aging_Time 6 string +ATTRIBUTE BG_Path_Cost 7 string +ATTRIBUTE BG_Span_Dis 8 string +ATTRIBUTE BG_Trans_BPDU 9 string +ATTRIBUTE Rate_Limit_Rate 10 integer +ATTRIBUTE Rate_Limit_Burst 11 integer +ATTRIBUTE Police_Rate 12 integer +ATTRIBUTE Police_Burst 13 integer +ATTRIBUTE Source_Validation 14 integer +ATTRIBUTE Tunnel_Domain 15 integer +ATTRIBUTE Tunnel_Local_Name 16 string +ATTRIBUTE Tunnel_Remote_Name 17 string +ATTRIBUTE Tunnel_Function 18 integer +ATTRIBUTE Tunnel_Max_Sessions 21 integer +ATTRIBUTE Tunnel_Max_Tunnels 22 integer +ATTRIBUTE Tunnel_Session_Auth 23 integer +ATTRIBUTE Tunnel_Window 24 integer +ATTRIBUTE Tunnel_Retransmit 25 integer +ATTRIBUTE Tunnel_Cmd_Timeout 26 integer +ATTRIBUTE PPPOE_URL 27 string +ATTRIBUTE PPPOE_MOTM 28 string +ATTRIBUTE Tunnel_Group 29 integer +ATTRIBUTE Tunnel_Context 30 string +ATTRIBUTE Tunnel_Algorithm 31 integer +ATTRIBUTE Tunnel_Deadtime 32 integer +ATTRIBUTE Mcast_Send 33 integer +ATTRIBUTE Mcast_Receive 34 integer +ATTRIBUTE Mcast_MaxGroups 35 integer +ATTRIBUTE Ip_Address_Pool_Name 36 string +ATTRIBUTE Tunnel_DNIS 37 integer +ATTRIBUTE Medium_Type 38 integer +ATTRIBUTE PVC_Encapsulation_Type 39 integer +ATTRIBUTE PVC_Profile_Name 40 string +ATTRIBUTE PVC_Circuit_Padding 41 integer +ATTRIBUTE Bind_Type 42 integer +ATTRIBUTE Bind_Auth_Protocol 43 integer +ATTRIBUTE Bind_Auth_Max_Sessions 44 integer +ATTRIBUTE Bind_Bypass_Bypass 45 string +ATTRIBUTE Bind_Auth_Context 46 string +ATTRIBUTE Bind_Auth_Service_Grp 47 string +ATTRIBUTE Bind_Bypass_Context 48 string +ATTRIBUTE Bind_Int_Context 49 string +ATTRIBUTE Bind_Tun_Context 50 string +ATTRIBUTE Bind_Ses_Context 51 string +ATTRIBUTE Bind_Dot1q_Slot 52 integer +ATTRIBUTE Bind_Dot1q_Port 53 integer +ATTRIBUTE Bind_Dot1q_Vlan_Tag_Id 54 integer +ATTRIBUTE Bind_Int_Interface_Name 55 string +ATTRIBUTE Bind_L2TP_Tunnel_Name 56 string +ATTRIBUTE Bind_L2TP_Flow_Control 57 integer +ATTRIBUTE Bind_Sub_User_At_Context 58 string +ATTRIBUTE Bind_Sub_Password 59 string +ATTRIBUTE Ip_Host_Addr 60 string +ATTRIBUTE IP_TOS_Field 61 integer +ATTRIBUTE NAS_Real_Port 62 integer +ATTRIBUTE Tunnel_Session_Auth_Ctx 63 string +ATTRIBUTE Tunnel_Session_Auth_Service_Grp 64 string +ATTRIBUTE Tunnel_Rate_Limit_Rate 65 integer +ATTRIBUTE Tunnel_Rate_Limit_Burst 66 integer +ATTRIBUTE Tunnel_Police_Rate 67 integer +ATTRIBUTE Tunnel_Police_Burst 68 integer +ATTRIBUTE Tunnel_L2F_Second_Password 69 string +ATTRIBUTE TTY_Level_Max 72 integer +ATTRIBUTE TTY_Level_Start 73 integer +ATTRIBUTE Qos-Policy-Policing 87 string +ATTRIBUTE Qos-Policy-Metering 88 string +ATTRIBUTE Qos-Policy-Queuing 89 string +ATTRIBUTE Igmp-Service-Profile 90 string +ATTRIBUTE Sub-Profile-Name 91 string +ATTRIBUTE Forward-Policy 92 string +ATTRIBUTE Reauth-String 94 string +ATTRIBUTE Reauth-More 95 integer +ATTRIBUTE Agent-Remote-Id 96 string +ATTRIBUTE Agent-Circuit-Id 97 string +ATTRIBUTE Platform-Type 98 integer +ATTRIBUTE RB-Client-NBNS-Pri 99 ipaddr +ATTRIBUTE RB-Client-NBNS-Sec 100 ipaddr +ATTRIBUTE Shaping-Profile-Name 101 string +ATTRIBUTE IP-Interface 104 string +ATTRIBUTE NAT-Policy-Name 105 string +ATTRIBUTE HTTP-Redirect-Profile-Name 107 string +ATTRIBUTE OS-Version 112 string +ATTRIBUTE Session-Traffic-Limit 113 string +ATTRIBUTE Acct_Input_Octets_64 128 octets +ATTRIBUTE Acct_Output_Octets_64 129 octets +ATTRIBUTE Acct_Input_Packets_64 130 octets +ATTRIBUTE Acct_Output_Packets_64 131 octets +ATTRIBUTE Assigned_IP_Address 132 ipaddr +ATTRIBUTE Acct_Mcast_In_Octets 133 integer +ATTRIBUTE Acct_Mcast_Out_Octets 134 integer +ATTRIBUTE Acct_Mcast_In_Packets 135 integer +ATTRIBUTE Acct_Mcast_Out_Packets 136 integer +ATTRIBUTE LAC_Port 137 integer +ATTRIBUTE LAC_Real_Port 138 integer +ATTRIBUTE LAC_Port_Type 139 integer +ATTRIBUTE LAC_Real_Port_Type 140 integer +ATTRIBUTE Acct_Dyn_Ac_Ent 141 string +ATTRIBUTE Session_Error_Code 142 integer +ATTRIBUTE Session_Error_Msg 143 string + +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_RAW 1 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_ROUTE1483 2 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_AUTO1483 3 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_MULTI 4 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_BRIDGE1483 5 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_PPP 6 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_PPP_SERIAL 7 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_PPP_NLPID 8 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_PPP_AUTO 9 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_PPPOE 10 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_L2TP 11 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_PPP_LLC 12 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_AUTO1490 13 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_MULTI 14 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_BRIDGE1490 15 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_PPP 16 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_PPP_AUTO 17 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_PPPOE 18 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_ROUTE1490 19 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_L2TP 20 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_L2TP_VC_MUXED 21 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ETH 22 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ETH_PPPOE 23 +VALUE PVC_Encapsulation_Type AAA_ENCAPS_ETH_MULTI 24 +VALUE PVC_Circuit_Padding AAA_CIRCUIT_PADDING 1 +VALUE PVC_Circuit_Padding AAA_CIRCUIT_NO_PADDING 2 +VALUE Bind_Type AAA_AUTH_BIND 1 +VALUE Bind_Type AAA_BYPASS_BIND 2 +VALUE Bind_Type AAA_INTERFACE_BIND 3 +VALUE Bind_Type AAA_SUBSCRIBE_BIND 4 +VALUE Bind_Type AAA_TUNNEL_BIND 5 +VALUE Bind_Type AAA_SESSION_BIND 6 +VALUE Bind_Type AAA_Q8021_BIND 7 +VALUE Bind_Type AAA_MULTI_BIND 8 +VALUE Bind_Auth_Protocol AAA_PPP_PAP 1 +VALUE Bind_Auth_Protocol AAA_PPP_CHAP 2 +VALUE Bind_Auth_Protocol AAA_PPP_CHAP_WAIT 3 +VALUE Bind_Auth_Protocol AAA_PPP_CHAP_PAP 4 +VALUE Bind_Auth_Protocol AAA_PPP_CHAP_WAIT_PAP 5 + +VALUE Tunnel_Function LAC-Only 1 +VALUE Tunnel_Function LNS-Only 2 +VALUE Tunnel_Function LAC-LNS 3 +VALUE Tunnel_Session_Auth CHAP 1 +VALUE Tunnel_Session_Auth PAP 2 +VALUE Tunnel_Session_Auth CHAP-PAP 3 +VALUE Mcast_Send NO-SEND 1 +VALUE Mcast_Send SEND 2 +VALUE Mcast_Send UNSOLICITED-SEND 3 +VALUE Mcast_Receive NO-RECEIVE 1 +VALUE Mcast_Receive RECEIVE 2 + +VALUE Tunnel_DNIS DNIS 1 +VALUE Tunnel_DNIS DNIS-Only 2 + +VALUE LAC_Port_Type NAS_PORT_TYPE_10BT 40 +VALUE LAC_Port_Type NAS_PORT_TYPE_100BT 41 +VALUE LAC_Port_Type NAS_PORT_TYPE_DS3_FR 42 +VALUE LAC_Port_Type NAS_PORT_TYPE_DS3_ATM 43 +VALUE LAC_Port_Type NAS_PORT_TYPE_OC3 44 +VALUE LAC_Port_Type NAS_PORT_TYPE_HSSI 45 +VALUE LAC_Port_Type NAS_PORT_TYPE_EIA530 46 +VALUE LAC_Port_Type NAS_PORT_TYPE_T1 47 +VALUE LAC_Port_Type NAS_PORT_TYPE_CHAN_T3 48 +VALUE LAC_Port_Type NAS_PORT_TYPE_DS1_FR 49 +VALUE LAC_Port_Type NAS_PORT_TYPE_E3_ATM 50 +VALUE LAC_Port_Type NAS_PORT_TYPE_IMA_ATM 51 +VALUE LAC_Port_Type NAS_PORT_TYPE_DS3_ATM_2 52 +VALUE LAC_Port_Type NAS_PORT_TYPE_OC3_ATM_2 53 +VALUE LAC_Port_Type NAS_PORT_TYPE_1000BSX 54 +VALUE LAC_Port_Type NAS_PORT_TYPE_E1_FR 55 +VALUE LAC_Port_Type NAS_PORT_TYPE_E1_ATM 56 +VALUE LAC_Port_Type NAS_PORT_TYPE_E3_FR 57 +VALUE LAC_Port_Type NAS_PORT_TYPE_OC3_POS 58 +VALUE LAC_Port_Type NAS_PORT_TYPE_OC12_POS 59 +VALUE LAC_Port_Type NAS_PORT_TYPE_PPPOE 60 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_10BT 40 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_100BT 41 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_DS3_FR 42 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_DS3_ATM 43 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_OC3 44 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_HSSI 45 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_EIA530 46 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_T1 47 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_CHAN_T3 48 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_DS1_FR 49 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_E3_ATM 50 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_IMA_ATM 51 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_DS3_ATM_2 52 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_OC3_ATM_2 53 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_1000BSX 54 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_E1_FR 55 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_E1_ATM 56 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_E3_FR 57 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_OC3_POS 58 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_OC12_POS 59 +VALUE LAC_Real_Port_Type NAS_PORT_TYPE_PPPOE 60 + +# +# New names. +# +ATTRIBUTE Client-DNS-Pri 1 ipaddr +ATTRIBUTE Client-DNS-Sec 2 ipaddr +ATTRIBUTE DHCP-Max-Leases 3 integer +ATTRIBUTE Context-Name 4 string +ATTRIBUTE Bridge-Group 5 string +ATTRIBUTE BG-Aging-Time 6 string +ATTRIBUTE BG-Path-Cost 7 string +ATTRIBUTE BG-Span-Dis 8 string +ATTRIBUTE BG-Trans-BPDU 9 string +ATTRIBUTE Rate-Limit-Rate 10 integer +ATTRIBUTE Rate-Limit-Burst 11 integer +ATTRIBUTE Police-Rate 12 integer +ATTRIBUTE Police-Burst 13 integer +ATTRIBUTE Source-Validation 14 integer +ATTRIBUTE Tunnel-Domain 15 integer +ATTRIBUTE Tunnel-Local-Name 16 string +ATTRIBUTE Tunnel-Remote-Name 17 string +ATTRIBUTE Tunnel-Function 18 integer +ATTRIBUTE Tunnel-Max-Sessions 21 integer +ATTRIBUTE Tunnel-Max-Tunnels 22 integer +ATTRIBUTE Tunnel-Session-Auth 23 integer +ATTRIBUTE Tunnel-Window 24 integer +ATTRIBUTE Tunnel-Retransmit 25 integer +ATTRIBUTE Tunnel-Cmd-Timeout 26 integer +ATTRIBUTE PPPOE-URL 27 string +ATTRIBUTE PPPOE-MOTM 28 string +ATTRIBUTE Tunnel-Group 29 integer +ATTRIBUTE Tunnel-Context 30 string +ATTRIBUTE Tunnel-Algorithm 31 integer +ATTRIBUTE Tunnel-Deadtime 32 integer +ATTRIBUTE Mcast-Send 33 integer +ATTRIBUTE Mcast-Receive 34 integer +ATTRIBUTE Mcast-MaxGroups 35 integer +ATTRIBUTE Ip-Address-Pool-Name 36 string +ATTRIBUTE Tunnel-DNIS 37 integer +ATTRIBUTE Medium-Type 38 integer +ATTRIBUTE PVC-Encapsulation-Type 39 integer +ATTRIBUTE PVC-Profile-Name 40 string +ATTRIBUTE PVC-Circuit-Padding 41 integer +ATTRIBUTE Bind-Type 42 integer +ATTRIBUTE Bind-Auth-Protocol 43 integer +ATTRIBUTE Bind-Auth-Max-Sessions 44 integer +ATTRIBUTE Bind-Bypass-Bypass 45 string +ATTRIBUTE Bind-Auth-Context 46 string +ATTRIBUTE Bind-Auth-Service-Grp 47 string +ATTRIBUTE Bind-Bypass-Context 48 string +ATTRIBUTE Bind-Int-Context 49 string +ATTRIBUTE Bind-Tun-Context 50 string +ATTRIBUTE Bind-Ses-Context 51 string +ATTRIBUTE Bind-Dot1q-Slot 52 integer +ATTRIBUTE Bind-Dot1q-Port 53 integer +ATTRIBUTE Bind-Dot1q-Vlan-Tag-Id 54 integer +ATTRIBUTE Bind-Int-Interface-Name 55 string +ATTRIBUTE Bind-L2TP-Tunnel-Name 56 string +ATTRIBUTE Bind-L2TP-Flow-Control 57 integer +ATTRIBUTE Bind-Sub-User-At-Context 58 string +ATTRIBUTE Bind-Sub-Password 59 string +ATTRIBUTE Ip-Host-Addr 60 string +ATTRIBUTE IP-TOS-Field 61 integer +ATTRIBUTE NAS-Real-Port 62 integer +ATTRIBUTE Tunnel-Session-Auth-Ctx 63 string +ATTRIBUTE Tunnel-Session-Auth-Service-Grp 64 string +ATTRIBUTE Tunnel-Rate-Limit-Rate 65 integer +ATTRIBUTE Tunnel-Rate-Limit-Burst 66 integer +ATTRIBUTE Tunnel-Police-Rate 67 integer +ATTRIBUTE Tunnel-Police-Burst 68 integer +ATTRIBUTE Tunnel-L2F-Second-Password 69 string +ATTRIBUTE ACL-Definition 70 string +ATTRIBUTE PPPoE-IP-Route-Add 71 string +ATTRIBUTE TTY-Level-Max 72 integer +ATTRIBUTE TTY-Level-Start 73 integer +ATTRIBUTE Tunnel-Checksum 74 integer +ATTRIBUTE Tunnel-Profile 75 string +ATTRIBUTE Tunnel-Client-VPN 78 string +ATTRIBUTE Tunnel-Server-VPN 79 string +ATTRIBUTE Tunnel-Client-Rhost 80 string +ATTRIBUTE Tunnel-Server-Rhost 81 string +ATTRIBUTE Tunnel-Client-Int-Addr 82 ipaddr +ATTRIBUTE Tunnel-Server-Int-Addr 83 ipaddr +ATTRIBUTE Agent-Remote-Id 96 string +ATTRIBUTE Agent-Circuit-Id 97 string +ATTRIBUTE Platform-Type 98 integer +ATTRIBUTE Client-NBNS-Pri 99 ipaddr +ATTRIBUTE Client-NBNS-Sec 100 ipaddr +ATTRIBUTE BG-Cct-Addr-Max 103 integer +ATTRIBUTE IP-Interface-Name 104 string +ATTRIBUTE Rate-Limit-Excess-Burst 121 octets +ATTRIBUTE Police-Excess-Burst 122 octets +ATTRIBUTE Tunnel-Rate-Limit-Excess-Burst 123 octets +ATTRIBUTE Tunnel-Police-Excess-Burst 124 octets +ATTRIBUTE Acct-Input-Octets-64 128 octets +ATTRIBUTE Acct-Output-Octets-64 129 octets +ATTRIBUTE Acct-Input-Packets-64 130 octets +ATTRIBUTE Acct-Output-Packets-64 131 octets +ATTRIBUTE Assigned-IP-Address 132 ipaddr +ATTRIBUTE Acct-Mcast-In-Octets-64 133 octets +ATTRIBUTE Acct-Mcast-Out-Octets-64 134 octets +ATTRIBUTE Acct-Mcast-In-Packets-64 135 octets +ATTRIBUTE Acct-Mcast-Out-Packets-64 136 octets +ATTRIBUTE LAC-Port 137 integer +ATTRIBUTE LAC-Real-Port 138 integer +ATTRIBUTE LAC-Port-Type 139 integer +ATTRIBUTE LAC-Real-Port-Type 140 integer +ATTRIBUTE Acct-Dyn-Ac-Ent 141 string +ATTRIBUTE Session-Error-Code 142 integer +ATTRIBUTE Session-Error-Msg 143 string +ATTRIBUTE Acct-Update-Reason 144 integer +ATTRIBUTE Mac-Addr 145 string +ATTRIBUTE Vlan-Source-Info 146 string +ATTRIBUTE Acct-Mcast-In-Octets 147 integer +ATTRIBUTE Acct-Mcast-Out-Octets 148 integer +ATTRIBUTE Acct-Mcast-In-Packets 149 integer +ATTRIBUTE Acct-Mcast-Out-Packets 150 integer +ATTRIBUTE Reauth-Session-Id 151 string + +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-RAW 1 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-ROUTE1483 2 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-AUTO1483 3 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-MULTI 4 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-BRIDGE1483 5 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-PPP 6 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-PPP-SERIAL 7 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-PPP-NLPID 8 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-PPP-AUTO 9 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-PPPOE 10 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-L2TP 11 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-PPP-LLC 12 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-AUTO1490 13 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-MULTI 14 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-BRIDGE1490 15 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-PPP 16 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-PPP-AUTO 17 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-PPPOE 18 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-ROUTE1490 19 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-L2TP 20 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-L2TP-VC-MUXED 21 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ETH 22 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ETH-PPPOE 23 +VALUE PVC-Encapsulation-Type AAA-ENCAPS-ETH-MULTI 24 +VALUE PVC-Circuit-Padding AAA-CIRCUIT-PADDING 1 +VALUE PVC-Circuit-Padding AAA-CIRCUIT-NO-PADDING 2 +VALUE Bind-Type AAA-AUTH-BIND 1 +VALUE Bind-Type AAA-BYPASS-BIND 2 +VALUE Bind-Type AAA-INTERFACE-BIND 3 +VALUE Bind-Type AAA-SUBSCRIBE-BIND 4 +VALUE Bind-Type AAA-TUNNEL-BIND 5 +VALUE Bind-Type AAA-SESSION-BIND 6 +VALUE Bind-Type AAA-Q8021-BIND 7 +VALUE Bind-Type AAA-MULTI-BIND 8 +VALUE Bind-Auth-Protocol AAA-PPP-PAP 1 +VALUE Bind-Auth-Protocol AAA-PPP-CHAP 2 +VALUE Bind-Auth-Protocol AAA-PPP-CHAP-WAIT 3 +VALUE Bind-Auth-Protocol AAA-PPP-CHAP-PAP 4 +VALUE Bind-Auth-Protocol AAA-PPP-CHAP-WAIT-PAP 5 + +VALUE Tunnel-Function LAC-Only 1 +VALUE Tunnel-Function LNS-Only 2 +VALUE Tunnel-Function LAC-LNS 3 +VALUE Tunnel-Session-Auth CHAP 1 +VALUE Tunnel-Session-Auth PAP 2 +VALUE Tunnel-Session-Auth CHAP-PAP 3 +VALUE Mcast-Send NO-SEND 1 +VALUE Mcast-Send SEND 2 +VALUE Mcast-Send UNSOLICITED-SEND 3 +VALUE Mcast-Receive NO-RECEIVE 1 +VALUE Mcast-Receive RECEIVE 2 + +VALUE Tunnel-DNIS DNIS 1 +VALUE Tunnel-DNIS DNIS-Only 2 + +VALUE Platform-Type SMS 1 +VALUE Platform-Type SmartEdge-800 2 + +VALUE Medium-Type DSL 11 +VALUE Medium-Type Cable 12 +VALUE Medium-Type Wireless 13 +VALUE Medium-Type Satellite 14 + +VALUE LAC-Port-Type NAS-PORT-TYPE-10BT 40 +VALUE LAC-Port-Type NAS-PORT-TYPE-100BT 41 +VALUE LAC-Port-Type NAS-PORT-TYPE-DS3-FR 42 +VALUE LAC-Port-Type NAS-PORT-TYPE-DS3-ATM 43 +VALUE LAC-Port-Type NAS-PORT-TYPE-OC3 44 +VALUE LAC-Port-Type NAS-PORT-TYPE-HSSI 45 +VALUE LAC-Port-Type NAS-PORT-TYPE-EIA530 46 +VALUE LAC-Port-Type NAS-PORT-TYPE-T1 47 +VALUE LAC-Port-Type NAS-PORT-TYPE-CHAN-T3 48 +VALUE LAC-Port-Type NAS-PORT-TYPE-DS1-FR 49 +VALUE LAC-Port-Type NAS-PORT-TYPE-E3-ATM 50 +VALUE LAC-Port-Type NAS-PORT-TYPE-IMA-ATM 51 +VALUE LAC-Port-Type NAS-PORT-TYPE-DS3-ATM-2 52 +VALUE LAC-Port-Type NAS-PORT-TYPE-OC3-ATM-2 53 +VALUE LAC-Port-Type NAS-PORT-TYPE-1000BSX 54 +VALUE LAC-Port-Type NAS-PORT-TYPE-E1-FR 55 +VALUE LAC-Port-Type NAS-PORT-TYPE-E1-ATM 56 +VALUE LAC-Port-Type NAS-PORT-TYPE-E3-FR 57 +VALUE LAC-Port-Type NAS-PORT-TYPE-OC3-POS 58 +VALUE LAC-Port-Type NAS-PORT-TYPE-OC12-POS 59 +VALUE LAC-Port-Type NAS-PORT-TYPE-PPPOE 60 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-10BT 40 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-100BT 41 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-DS3-FR 42 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-DS3-ATM 43 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-OC3 44 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-HSSI 45 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-EIA530 46 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-T1 47 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-CHAN-T3 48 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-DS1-FR 49 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-E3-ATM 50 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-IMA-ATM 51 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-DS3-ATM-2 52 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-OC3-ATM-2 53 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-1000BSX 54 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-E1-FR 55 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-E1-ATM 56 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-E3-FR 57 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-OC3-POS 58 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-OC12-POS 59 +VALUE LAC-Real-Port-Type NAS-PORT-TYPE-PPPOE 60 + +# Although Redback uses - instead of _ in the Attributes, these values are listed +# with _ in the latest (6.1.4.4) documentation, so I have entered them as so +# graeme + +VALUE Acct-Update-Reason AAA_LOAD_ACCT_SESSION_UP 1 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_SESSION_DOWN 2 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_PERIODIC 3 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_DYN_AC_ENT_START 4 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_DYN_AC_ENT_STOP 5 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_DYN_AC_ENT_TIMEOUT 6 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_SUBSCRIBER_REAUTHOR 7 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_PPP_IPCP_UP 8 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_PPP_MP_LINK_UP 9 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_DHCP_IP_ADDR_GRANTED 10 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_DHCP_IP_ADDR_RELEASED 11 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_ACL_TIMERED_ACTION 12 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_ACL_ACTION 13 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_CMD 14 +VALUE Acct-Update-Reason AAA_LOAD_ACCT_TEST 15 + +END-VENDOR Redback diff --git a/freeradius/dict/dictionary.redcreek b/freeradius/dict/dictionary.redcreek new file mode 100644 index 0000000..6deaafb --- /dev/null +++ b/freeradius/dict/dictionary.redcreek @@ -0,0 +1,21 @@ +# -*- text -*- +# +# http://www.redcreek.com +# $Id$ +# + +VENDOR RedCreek 1958 + +BEGIN-VENDOR RedCreek + +ATTRIBUTE RedCreek-Tunneled-IP-Addr 5 ipaddr +ATTRIBUTE RedCreek-Tunneled-IP-Netmask 6 ipaddr +ATTRIBUTE RedCreek-Tunneled-Gateway 7 ipaddr +ATTRIBUTE RedCreek-Tunneled-DNS-Server 8 string +ATTRIBUTE RedCreek-Tunneled-WINS-Server1 9 string +ATTRIBUTE RedCreek-Tunneled-WINS-Server2 10 string +ATTRIBUTE RedCreek-Tunneled-HostName 11 string +ATTRIBUTE RedCreek-Tunneled-DomainName 12 string +ATTRIBUTE RedCreek-Tunneled-Search-List 13 string + +END-VENDOR RedCreek diff --git a/freeradius/dict/dictionary.rfc2865 b/freeradius/dict/dictionary.rfc2865 new file mode 100644 index 0000000..2edcb9f --- /dev/null +++ b/freeradius/dict/dictionary.rfc2865 @@ -0,0 +1,137 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 2865. +# http://www.ietf.org/rfc/rfc2865.txt +# +# $Id$ +# +ATTRIBUTE User-Name 1 string +ATTRIBUTE User-Password 2 string encrypt=1 +ATTRIBUTE CHAP-Password 3 octets +ATTRIBUTE NAS-IP-Address 4 ipaddr +ATTRIBUTE NAS-Port 5 integer +ATTRIBUTE Service-Type 6 integer +ATTRIBUTE Framed-Protocol 7 integer +ATTRIBUTE Framed-IP-Address 8 ipaddr +ATTRIBUTE Framed-IP-Netmask 9 ipaddr +ATTRIBUTE Framed-Routing 10 integer +ATTRIBUTE Filter-Id 11 string +ATTRIBUTE Framed-MTU 12 integer +ATTRIBUTE Framed-Compression 13 integer +ATTRIBUTE Login-IP-Host 14 ipaddr +ATTRIBUTE Login-Service 15 integer +ATTRIBUTE Login-TCP-Port 16 integer +# Attribute 17 is undefined +ATTRIBUTE Reply-Message 18 string +ATTRIBUTE Callback-Number 19 string +ATTRIBUTE Callback-Id 20 string +# Attribute 21 is undefined +ATTRIBUTE Framed-Route 22 string +ATTRIBUTE Framed-IPX-Network 23 ipaddr +ATTRIBUTE State 24 octets +ATTRIBUTE Class 25 octets +ATTRIBUTE Vendor-Specific 26 octets +ATTRIBUTE Session-Timeout 27 integer +ATTRIBUTE Idle-Timeout 28 integer +ATTRIBUTE Termination-Action 29 integer +ATTRIBUTE Called-Station-Id 30 string +ATTRIBUTE Calling-Station-Id 31 string +ATTRIBUTE NAS-Identifier 32 string +ATTRIBUTE Proxy-State 33 octets +ATTRIBUTE Login-LAT-Service 34 string +ATTRIBUTE Login-LAT-Node 35 string +ATTRIBUTE Login-LAT-Group 36 octets +ATTRIBUTE Framed-AppleTalk-Link 37 integer +ATTRIBUTE Framed-AppleTalk-Network 38 integer +ATTRIBUTE Framed-AppleTalk-Zone 39 string + +ATTRIBUTE CHAP-Challenge 60 octets +ATTRIBUTE NAS-Port-Type 61 integer +ATTRIBUTE Port-Limit 62 integer +ATTRIBUTE Login-LAT-Port 63 string + +# +# Integer Translations +# + +# Service types + +VALUE Service-Type Login-User 1 +VALUE Service-Type Framed-User 2 +VALUE Service-Type Callback-Login-User 3 +VALUE Service-Type Callback-Framed-User 4 +VALUE Service-Type Outbound-User 5 +VALUE Service-Type Administrative-User 6 +VALUE Service-Type NAS-Prompt-User 7 +VALUE Service-Type Authenticate-Only 8 +VALUE Service-Type Callback-NAS-Prompt 9 +VALUE Service-Type Call-Check 10 +VALUE Service-Type Callback-Administrative 11 + +# Framed Protocols + +VALUE Framed-Protocol PPP 1 +VALUE Framed-Protocol SLIP 2 +VALUE Framed-Protocol ARAP 3 +VALUE Framed-Protocol Gandalf-SLML 4 +VALUE Framed-Protocol Xylogics-IPX-SLIP 5 +VALUE Framed-Protocol X.75-Synchronous 6 + +# Framed Routing Values + +VALUE Framed-Routing None 0 +VALUE Framed-Routing Broadcast 1 +VALUE Framed-Routing Listen 2 +VALUE Framed-Routing Broadcast-Listen 3 + +# Framed Compression Types + +VALUE Framed-Compression None 0 +VALUE Framed-Compression Van-Jacobson-TCP-IP 1 +VALUE Framed-Compression IPX-Header-Compression 2 +VALUE Framed-Compression Stac-LZS 3 + +# Login Services + +VALUE Login-Service Telnet 0 +VALUE Login-Service Rlogin 1 +VALUE Login-Service TCP-Clear 2 +VALUE Login-Service PortMaster 3 +VALUE Login-Service LAT 4 +VALUE Login-Service X25-PAD 5 +VALUE Login-Service X25-T3POS 6 +VALUE Login-Service TCP-Clear-Quiet 8 + +# Login-TCP-Port (see /etc/services for more examples) + +VALUE Login-TCP-Port Telnet 23 +VALUE Login-TCP-Port Rlogin 513 +VALUE Login-TCP-Port Rsh 514 + +# Termination Options + +VALUE Termination-Action Default 0 +VALUE Termination-Action RADIUS-Request 1 + +# NAS Port Types + +VALUE NAS-Port-Type Async 0 +VALUE NAS-Port-Type Sync 1 +VALUE NAS-Port-Type ISDN 2 +VALUE NAS-Port-Type ISDN-V120 3 +VALUE NAS-Port-Type ISDN-V110 4 +VALUE NAS-Port-Type Virtual 5 +VALUE NAS-Port-Type PIAFS 6 +VALUE NAS-Port-Type HDLC-Clear-Channel 7 +VALUE NAS-Port-Type X.25 8 +VALUE NAS-Port-Type X.75 9 +VALUE NAS-Port-Type G.3-Fax 10 +VALUE NAS-Port-Type SDSL 11 +VALUE NAS-Port-Type ADSL-CAP 12 +VALUE NAS-Port-Type ADSL-DMT 13 +VALUE NAS-Port-Type IDSL 14 +VALUE NAS-Port-Type Ethernet 15 +VALUE NAS-Port-Type xDSL 16 +VALUE NAS-Port-Type Cable 17 +VALUE NAS-Port-Type Wireless-Other 18 +VALUE NAS-Port-Type Wireless-802.11 19 diff --git a/freeradius/dict/dictionary.rfc2866 b/freeradius/dict/dictionary.rfc2866 new file mode 100644 index 0000000..34972b2 --- /dev/null +++ b/freeradius/dict/dictionary.rfc2866 @@ -0,0 +1,57 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 2866. +# http://www.ietf.org/rfc/rfc2866.txt +# +# $Id$ +# +ATTRIBUTE Acct-Status-Type 40 integer +ATTRIBUTE Acct-Delay-Time 41 integer +ATTRIBUTE Acct-Input-Octets 42 integer +ATTRIBUTE Acct-Output-Octets 43 integer +ATTRIBUTE Acct-Session-Id 44 string +ATTRIBUTE Acct-Authentic 45 integer +ATTRIBUTE Acct-Session-Time 46 integer +ATTRIBUTE Acct-Input-Packets 47 integer +ATTRIBUTE Acct-Output-Packets 48 integer +ATTRIBUTE Acct-Terminate-Cause 49 integer +ATTRIBUTE Acct-Multi-Session-Id 50 string +ATTRIBUTE Acct-Link-Count 51 integer + +# Accounting Status Types + +VALUE Acct-Status-Type Start 1 +VALUE Acct-Status-Type Stop 2 +VALUE Acct-Status-Type Alive 3 # dup +VALUE Acct-Status-Type Interim-Update 3 +VALUE Acct-Status-Type Accounting-On 7 +VALUE Acct-Status-Type Accounting-Off 8 +VALUE Acct-Status-Type Failed 15 + +# Authentication Types + +VALUE Acct-Authentic RADIUS 1 +VALUE Acct-Authentic Local 2 +VALUE Acct-Authentic Remote 3 +VALUE Acct-Authentic Diameter 4 + +# Acct Terminate Causes + +VALUE Acct-Terminate-Cause User-Request 1 +VALUE Acct-Terminate-Cause Lost-Carrier 2 +VALUE Acct-Terminate-Cause Lost-Service 3 +VALUE Acct-Terminate-Cause Idle-Timeout 4 +VALUE Acct-Terminate-Cause Session-Timeout 5 +VALUE Acct-Terminate-Cause Admin-Reset 6 +VALUE Acct-Terminate-Cause Admin-Reboot 7 +VALUE Acct-Terminate-Cause Port-Error 8 +VALUE Acct-Terminate-Cause NAS-Error 9 +VALUE Acct-Terminate-Cause NAS-Request 10 +VALUE Acct-Terminate-Cause NAS-Reboot 11 +VALUE Acct-Terminate-Cause Port-Unneeded 12 +VALUE Acct-Terminate-Cause Port-Preempted 13 +VALUE Acct-Terminate-Cause Port-Suspended 14 +VALUE Acct-Terminate-Cause Service-Unavailable 15 +VALUE Acct-Terminate-Cause Callback 16 +VALUE Acct-Terminate-Cause User-Error 17 +VALUE Acct-Terminate-Cause Host-Request 18 diff --git a/freeradius/dict/dictionary.rfc2867 b/freeradius/dict/dictionary.rfc2867 new file mode 100644 index 0000000..00a1189 --- /dev/null +++ b/freeradius/dict/dictionary.rfc2867 @@ -0,0 +1,16 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 2867. +# http://www.ietf.org/rfc/rfc2867.txt +# +# $Id$ +# +ATTRIBUTE Acct-Tunnel-Connection 68 string +ATTRIBUTE Acct-Tunnel-Packets-Lost 86 integer + +VALUE Acct-Status-Type Tunnel-Start 9 +VALUE Acct-Status-Type Tunnel-Stop 10 +VALUE Acct-Status-Type Tunnel-Reject 11 +VALUE Acct-Status-Type Tunnel-Link-Start 12 +VALUE Acct-Status-Type Tunnel-Link-Stop 13 +VALUE Acct-Status-Type Tunnel-Link-Reject 14 diff --git a/freeradius/dict/dictionary.rfc2868 b/freeradius/dict/dictionary.rfc2868 new file mode 100644 index 0000000..7f699c5 --- /dev/null +++ b/freeradius/dict/dictionary.rfc2868 @@ -0,0 +1,54 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 2868. +# http://www.ietf.org/rfc/rfc2868.txt +# +# $Id$ +# +ATTRIBUTE Tunnel-Type 64 integer has_tag +ATTRIBUTE Tunnel-Medium-Type 65 integer has_tag +ATTRIBUTE Tunnel-Client-Endpoint 66 string has_tag +ATTRIBUTE Tunnel-Server-Endpoint 67 string has_tag + +ATTRIBUTE Tunnel-Password 69 string has_tag,encrypt=2 + +ATTRIBUTE Tunnel-Private-Group-Id 81 string has_tag +ATTRIBUTE Tunnel-Assignment-Id 82 string has_tag +ATTRIBUTE Tunnel-Preference 83 integer has_tag + +ATTRIBUTE Tunnel-Client-Auth-Id 90 string has_tag +ATTRIBUTE Tunnel-Server-Auth-Id 91 string has_tag + +# Tunnel Type + +VALUE Tunnel-Type PPTP 1 +VALUE Tunnel-Type L2F 2 +VALUE Tunnel-Type L2TP 3 +VALUE Tunnel-Type ATMP 4 +VALUE Tunnel-Type VTP 5 +VALUE Tunnel-Type AH 6 +VALUE Tunnel-Type IP 7 +VALUE Tunnel-Type MIN-IP 8 +VALUE Tunnel-Type ESP 9 +VALUE Tunnel-Type GRE 10 +VALUE Tunnel-Type DVS 11 +VALUE Tunnel-Type IP-in-IP 12 + +# Tunnel Medium Type + +VALUE Tunnel-Medium-Type IP 1 +VALUE Tunnel-Medium-Type IPv4 1 +VALUE Tunnel-Medium-Type IPv6 2 +VALUE Tunnel-Medium-Type NSAP 3 +VALUE Tunnel-Medium-Type HDLC 4 +VALUE Tunnel-Medium-Type BBN-1822 5 +VALUE Tunnel-Medium-Type IEEE-802 6 +VALUE Tunnel-Medium-Type E.163 7 +VALUE Tunnel-Medium-Type E.164 8 +VALUE Tunnel-Medium-Type F.69 9 +VALUE Tunnel-Medium-Type X.121 10 +VALUE Tunnel-Medium-Type IPX 11 +VALUE Tunnel-Medium-Type Appletalk 12 +VALUE Tunnel-Medium-Type DecNet-IV 13 +VALUE Tunnel-Medium-Type Banyan-Vines 14 +VALUE Tunnel-Medium-Type E.164-NSAP 15 diff --git a/freeradius/dict/dictionary.rfc2869 b/freeradius/dict/dictionary.rfc2869 new file mode 100644 index 0000000..94f86f9 --- /dev/null +++ b/freeradius/dict/dictionary.rfc2869 @@ -0,0 +1,39 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 2869. +# http://www.ietf.org/rfc/rfc2869.txt +# +# $Id$ +# +ATTRIBUTE Acct-Input-Gigawords 52 integer +ATTRIBUTE Acct-Output-Gigawords 53 integer + +ATTRIBUTE Event-Timestamp 55 date + +ATTRIBUTE ARAP-Password 70 octets # 16 octets of data +ATTRIBUTE ARAP-Features 71 octets # 14 octets of data +ATTRIBUTE ARAP-Zone-Access 72 integer +ATTRIBUTE ARAP-Security 73 integer +ATTRIBUTE ARAP-Security-Data 74 string +ATTRIBUTE Password-Retry 75 integer +ATTRIBUTE Prompt 76 integer +ATTRIBUTE Connect-Info 77 string +ATTRIBUTE Configuration-Token 78 string +ATTRIBUTE EAP-Message 79 octets +ATTRIBUTE Message-Authenticator 80 octets + +ATTRIBUTE ARAP-Challenge-Response 84 octets # 8 octets of data +ATTRIBUTE Acct-Interim-Interval 85 integer +# 86: RFC 2867 +ATTRIBUTE NAS-Port-Id 87 string +ATTRIBUTE Framed-Pool 88 string + +# ARAP Zone Access + +VALUE ARAP-Zone-Access Default-Zone 1 +VALUE ARAP-Zone-Access Zone-Filter-Inclusive 2 +VALUE ARAP-Zone-Access Zone-Filter-Exclusive 4 + +# Prompt +VALUE Prompt No-Echo 0 +VALUE Prompt Echo 1 diff --git a/freeradius/dict/dictionary.rfc3162 b/freeradius/dict/dictionary.rfc3162 new file mode 100644 index 0000000..5fc58af --- /dev/null +++ b/freeradius/dict/dictionary.rfc3162 @@ -0,0 +1,13 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 3162. +# http://www.ietf.org/rfc/rfc3162.txt +# +# $Id$ +# +ATTRIBUTE NAS-IPv6-Address 95 ipv6addr +ATTRIBUTE Framed-Interface-Id 96 ifid +ATTRIBUTE Framed-IPv6-Prefix 97 ipv6prefix +ATTRIBUTE Login-IPv6-Host 98 ipv6addr +ATTRIBUTE Framed-IPv6-Route 99 string +ATTRIBUTE Framed-IPv6-Pool 100 string diff --git a/freeradius/dict/dictionary.rfc3576 b/freeradius/dict/dictionary.rfc3576 new file mode 100644 index 0000000..40f1da5 --- /dev/null +++ b/freeradius/dict/dictionary.rfc3576 @@ -0,0 +1,30 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 3576. +# http://www.ietf.org/rfc/rfc3576.txt +# +# $Id$ +# +ATTRIBUTE Error-Cause 101 integer + +# Service Types + +VALUE Service-Type Authorize-Only 17 + +# Error causes + +VALUE Error-Cause Residual-Context-Removed 201 +VALUE Error-Cause Invalid-EAP-Packet 202 +VALUE Error-Cause Unsupported-Attribute 401 +VALUE Error-Cause Missing-Attribute 402 +VALUE Error-Cause NAS-Identification-Mismatch 403 +VALUE Error-Cause Invalid-Request 404 +VALUE Error-Cause Unsupported-Service 405 +VALUE Error-Cause Unsupported-Extension 406 +VALUE Error-Cause Administratively-Prohibited 501 +VALUE Error-Cause Proxy-Request-Not-Routable 502 +VALUE Error-Cause Session-Context-Not-Found 503 +VALUE Error-Cause Session-Context-Not-Removable 504 +VALUE Error-Cause Proxy-Processing-Error 505 +VALUE Error-Cause Resources-Unavailable 506 +VALUE Error-Cause Request-Initiated 507 diff --git a/freeradius/dict/dictionary.rfc3580 b/freeradius/dict/dictionary.rfc3580 new file mode 100644 index 0000000..71030b3 --- /dev/null +++ b/freeradius/dict/dictionary.rfc3580 @@ -0,0 +1,16 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 3580. +# http://www.ietf.org/rfc/rfc3580.txt +# +# $Id$ +# +VALUE Acct-Terminate-Cause Supplicant-Restart 19 +VALUE Acct-Terminate-Cause Reauthentication-Failure 20 +VALUE Acct-Terminate-Cause Port-Reinit 21 +VALUE Acct-Terminate-Cause Port-Disabled 22 + +VALUE NAS-Port-Type Token-Ring 20 +VALUE NAS-Port-Type FDDI 21 + +VALUE Tunnel-Type VLAN 13 diff --git a/freeradius/dict/dictionary.rfc4072 b/freeradius/dict/dictionary.rfc4072 new file mode 100644 index 0000000..fdd8faa --- /dev/null +++ b/freeradius/dict/dictionary.rfc4072 @@ -0,0 +1,9 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 4072 +# http://www.ietf.org/rfc/4072.txt +# +# $Id$ +# + +ATTRIBUTE EAP-Key-Name 102 string diff --git a/freeradius/dict/dictionary.rfc4372 b/freeradius/dict/dictionary.rfc4372 new file mode 100644 index 0000000..9a5d773 --- /dev/null +++ b/freeradius/dict/dictionary.rfc4372 @@ -0,0 +1,8 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 4372. +# http://www.ietf.org/rfc/4372.txt +# +# $Id$ +# +ATTRIBUTE Chargeable-User-Identity 89 string diff --git a/freeradius/dict/dictionary.rfc4675 b/freeradius/dict/dictionary.rfc4675 new file mode 100644 index 0000000..c331f8e --- /dev/null +++ b/freeradius/dict/dictionary.rfc4675 @@ -0,0 +1,28 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 4675. +# http://www.ietf.org/rfc/4675.txt +# +# $Id$ +# + +# +# High byte = '1' (0x31) means the frames are tagged. +# High byte = '2' (0x32) means the frames are untagged. +# +# Next 12 bits MUST be zero. +# +# Lower 12 bits is the IEEE-802.1Q VLAN VID. +# +ATTRIBUTE Egress-VLANID 56 integer +ATTRIBUTE Ingress-Filters 57 integer + +# +# First byte == '1' (0x31) means that the frames are tagged. +# First byte == '2' (0x32) means that the frames are untagged. +# +ATTRIBUTE Egress-VLAN-Name 58 string +ATTRIBUTE User-Priority-Table 59 octets # 8 + +VALUE Ingress-Filters Enabled 1 +VALUE Ingress-Filters Disabled 2 diff --git a/freeradius/dict/dictionary.rfc4679 b/freeradius/dict/dictionary.rfc4679 new file mode 100644 index 0000000..d410d7c --- /dev/null +++ b/freeradius/dict/dictionary.rfc4679 @@ -0,0 +1,62 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 4679. +# http://www.ietf.org/rfc/4679.txt +# +# $Id$ +# + +VENDOR ADSL-Forum 3561 + +BEGIN-VENDOR ADSL-Forum + +# +# The first two attributes are prefixed with "ADSL-" because of +# conflicting names in dictionary.redback. +# +ATTRIBUTE ADSL-Agent-Circuit-Id 1 string +ATTRIBUTE ADSL-Agent-Remote-Id 2 string +ATTRIBUTE Actual-Data-Rate-Upstream 129 integer +ATTRIBUTE Actual-Data-Rate-Downstream 130 integer +ATTRIBUTE Minimum-Data-Rate-Upstream 131 integer +ATTRIBUTE Minimum-Data-Rate-Downstream 132 integer +ATTRIBUTE Attainable-Data-Rate-Upstream 133 integer +ATTRIBUTE Attainable-Data-Rate-Downstream 134 integer +ATTRIBUTE Maximum-Data-Rate-Upstream 135 integer +ATTRIBUTE Maximum-Data-Rate-Downstream 136 integer +ATTRIBUTE Minimum-Data-Rate-Upstream-Low-Power 137 integer +ATTRIBUTE Minimum-Data-Rate-Downstream-Low-Power 138 integer +ATTRIBUTE Maximum-Interleaving-Delay-Upstream 139 integer +ATTRIBUTE Actual-Interleaving-Delay-Upstream 140 integer +ATTRIBUTE Maximum-Interleaving-Delay-Downstream 141 integer +ATTRIBUTE Actual-Interleaving-Delay-Downstream 142 integer + +# +# This next attribute has a weird encoding. +# +# Octet[0] - 0x01 AAL5 +# Octet[0] - 0x02 Ethernet + +# Octet[1] - 0x00 Not Available +# Octet[1] - 0x01 Untagged Ethernet +# Octet[1] - 0x02 Single-Tagged Ethernet + +# Octet[2] - 0x00 Not available +# Octet[2] - 0x01 PPPoA LLC +# Octet[2] - 0x02 PPPoA Null +# Octet[2] - 0x03 IPoA LLC +# Octet[2] - 0x04 IPoA NULL +# Octet[2] - 0x05 Ethernet over AAL5 LLC with FCS +# Octet[2] - 0x06 Ethernet over AAL5 LLC without FCS +# Octet[2] - 0x07 Ethernet over AAL5 Null with FCS +# Octet[2] - 0x08 Ethernet over AAL5 Null without FCS +# +ATTRIBUTE Access-Loop-Encapsulation 144 octets # 3 + +# +# If this attribute exists, it means that IFW has been performed +# for the subscribers session. +# +ATTRIBUTE IWF-Session 252 octets # 0 + +END-VENDOR ADSL-Forum diff --git a/freeradius/dict/dictionary.rfc4818 b/freeradius/dict/dictionary.rfc4818 new file mode 100644 index 0000000..c18b850 --- /dev/null +++ b/freeradius/dict/dictionary.rfc4818 @@ -0,0 +1,11 @@ +# -*- text -*- +############################################################################## +# +# Attributes and values defined in RFC 4818. +# http://www.ietf.org/rfc/rfc4818.txt +# +# $Id$ +# +############################################################################## + +ATTRIBUTE Delegated-IPv6-Prefix 123 ipv6prefix diff --git a/freeradius/dict/dictionary.rfc4849 b/freeradius/dict/dictionary.rfc4849 new file mode 100644 index 0000000..ed390b8 --- /dev/null +++ b/freeradius/dict/dictionary.rfc4849 @@ -0,0 +1,8 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 4849. +# http://www.ietf.org/rfc/rfc4849.txt +# +# $Id$ +# +ATTRIBUTE NAS-Filter-Rule 92 string diff --git a/freeradius/dict/dictionary.rfc5090 b/freeradius/dict/dictionary.rfc5090 new file mode 100644 index 0000000..4feda43 --- /dev/null +++ b/freeradius/dict/dictionary.rfc5090 @@ -0,0 +1,27 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 5090. +# http://www.ietf.org/rfc/rfc5090.txt +# +# $Id$ +# +ATTRIBUTE Digest-Response 103 string +ATTRIBUTE Digest-Realm 104 string +ATTRIBUTE Digest-Nonce 105 string +ATTRIBUTE Digest-Response-Auth 106 string +ATTRIBUTE Digest-Nextnonce 107 string +ATTRIBUTE Digest-Method 108 string +ATTRIBUTE Digest-URI 109 string +ATTRIBUTE Digest-Qop 110 string +ATTRIBUTE Digest-Algorithm 111 string +ATTRIBUTE Digest-Entity-Body-Hash 112 string +ATTRIBUTE Digest-CNonce 113 string +ATTRIBUTE Digest-Nonce-Count 114 string +ATTRIBUTE Digest-Username 115 string +ATTRIBUTE Digest-Opaque 116 string +ATTRIBUTE Digest-Auth-Param 117 string +ATTRIBUTE Digest-AKA-Auts 118 string +ATTRIBUTE Digest-Domain 119 string +ATTRIBUTE Digest-Stale 120 string +ATTRIBUTE Digest-HA1 121 string +ATTRIBUTE SIP-AOR 122 string diff --git a/freeradius/dict/dictionary.rfc5176 b/freeradius/dict/dictionary.rfc5176 new file mode 100644 index 0000000..c59f39a --- /dev/null +++ b/freeradius/dict/dictionary.rfc5176 @@ -0,0 +1,9 @@ +# -*- text -*- +# +# Attributes and values defined in RFC 5176. +# http://www.ietf.org/rfc/rfc5176.txt +# +# $Id$ +# +VALUE Error-Cause Invalid-Attribute-Value 407 +VALUE Error-Cause Multiple-Session-Selection-Unsupported 508 diff --git a/freeradius/dict/dictionary.riverstone b/freeradius/dict/dictionary.riverstone new file mode 100644 index 0000000..3a05748 --- /dev/null +++ b/freeradius/dict/dictionary.riverstone @@ -0,0 +1,42 @@ +# -*- text -*- +############################################################################## +# +# Riverstone Networks' RADIUS VSAs +# *** For RapidOS Versions 9.1 and above ONLY *** +# +# $Id$ +# +############################################################################## + +VENDOR Riverstone 5567 + +# +# Riverstone-Command +# +# This attribute is sent in Accounting-Requests, and contains text +# from the admin's CLI session. +# +BEGIN-VENDOR Riverstone + +ATTRIBUTE Riverstone-Command 1 string + +# +# This attribute is sent in Accounting-Requests, as a duplicate +# of syslog for system event messages. +# +ATTRIBUTE Riverstone-System-Event 2 string + +# +# This attribute is sent in Accounting-Requests, to log changes +# made via SNMP. +# +ATTRIBUTE Riverstone-SNMP-Config-Change 3 string + +# +# This attribute should be sent in Access-Accept packets, to set +# the privilege level. It MUST be sent when the device is operating +# in Mult-User Access mode. +# +ATTRIBUTE Riverstone-User-Level 4 integer + +END-VENDOR Riverstone diff --git a/freeradius/dict/dictionary.roaringpenguin b/freeradius/dict/dictionary.roaringpenguin new file mode 100644 index 0000000..eb31d2d --- /dev/null +++ b/freeradius/dict/dictionary.roaringpenguin @@ -0,0 +1,28 @@ +# -*- text -*- +############################################################################## +# +# Roaring Penguin attributes +# +# $Id$ +# +############################################################################## + +VENDOR Roaring-Penguin 10055 + +BEGIN-VENDOR Roaring-Penguin + +# Upstream speed limit in kb/s +ATTRIBUTE RP-Upstream-Speed-Limit 1 integer + # Downstream speed limit in kb/s +ATTRIBUTE RP-Downstream-Speed-Limit 2 integer + +# Send a HURL +ATTRIBUTE RP-HURL 3 string + +# Send a MOTM +ATTRIBUTE RP-MOTM 4 string + +# Maximum sessions per user +ATTRIBUTE RP-Max-Sessions-Per-User 5 integer + +END-VENDOR Roaring-Penguin diff --git a/freeradius/dict/dictionary.ser b/freeradius/dict/dictionary.ser new file mode 100644 index 0000000..1817c30 --- /dev/null +++ b/freeradius/dict/dictionary.ser @@ -0,0 +1,49 @@ +# +# $Id: dictionary.ser,v 1.4 2006/02/10 14:55:07 picopoint Exp $ +# +# SIP RADIUS attributes +# +# Schulzrinne indicates attributes according to +# draft-schulzrinne-sipping-radius-accounting-00 +# +# Sterman indicates attributes according to +# draft-sterman-aaa-sip-00 +# +# Standard indicates a standard RADIUS attribute +# which is missing in radiusclient dictionary +# +# Digest indicates attributes according to +# +# Proprietary indicates an attribute that hasn't +# been standardized +# + +### acc ### +ATTRIBUTE Sip-Method 101 integer # Schulzrinne +ATTRIBUTE Sip-Response-Code 102 integer # Schulzrinne +ATTRIBUTE Sip-Cseq 103 string # Schulzrinne +ATTRIBUTE Sip-To-Tag 104 string # Schulzrinne +ATTRIBUTE Sip-From-Tag 105 string # Schulzrinne +ATTRIBUTE Sip-Branch-Id 106 string # Schulzrinne +ATTRIBUTE Sip-Translated-Req-ID 107 string # Schulzrinne +ATTRIBUTE Sip-Source-Ip-Address 108 ipaddr # Schulzrinne +ATTRIBUTE Sip-Source-Port 109 integer # Schulzrinne + +ATTRIBUTE Digest-Response 206 string # Sterman +ATTRIBUTE Digest-Attributes 207 string # Sterman + +ATTRIBUTE Sip-Uri-User 208 string # Proprietary +ATTRIBUTE Sip-Rpid 213 string # Proprietary + +ATTRIBUTE Digest-Realm 1063 string # Sterman +ATTRIBUTE Digest-Nonce 1064 string # Sterman +ATTRIBUTE Digest-Method 1065 string # Sterman +ATTRIBUTE Digest-Uri 1066 string # Sterman +ATTRIBUTE Digest-Qop 1067 string # Sterman +ATTRIBUTE Digest-Algorithm 1068 string # Sterman +ATTRIBUTE Digest-Body-Digest 1069 string # Sterman +ATTRIBUTE Digest-Cnonce 1070 string # Sterman +ATTRIBUTE Digest-Nonce-Count 1071 string # Sterman +ATTRIBUTE Digest-User-Name 1072 string # Sterman + +ATTRIBUTE Sip-Group 211 string # Proprietary diff --git a/freeradius/dict/dictionary.shasta b/freeradius/dict/dictionary.shasta new file mode 100644 index 0000000..42164f3 --- /dev/null +++ b/freeradius/dict/dictionary.shasta @@ -0,0 +1,24 @@ +# -*- text -*- +# +# dictionary.shasta +# +# Nortel Shasta VSAs +# Andre Gustavo de C. Albuquerque +# + +VENDOR Shasta 3199 + +# +# Standard attribute +# +BEGIN-VENDOR Shasta + +ATTRIBUTE Shasta-User-Privilege 1 integer +ATTRIBUTE Shasta-Service-Profile 2 string +ATTRIBUTE Shasta-VPN-Name 3 string + +VALUE Shasta-User-Privilege User 1 +VALUE Shasta-User-Privilege Super-User 2 +VALUE Shasta-User-Privilege SSuper-User 3 + +END-VENDOR Shasta diff --git a/freeradius/dict/dictionary.shiva b/freeradius/dict/dictionary.shiva new file mode 100644 index 0000000..1d4ec71 --- /dev/null +++ b/freeradius/dict/dictionary.shiva @@ -0,0 +1,129 @@ +# -*- text -*- +# +# Shiva dictionary. +# +# Shiva Inc. +# http://www.shiva.com/ +# +# For more information on magic values for Shiva-User-Attributes, +# see their web page, at: +# +# http://www.shiva.com/prod/kbase/mapping.html +# +# Enable by putting the line "$INCLUDE dictionary.shiva" into +# the main dictionary file. +# +# Version: 1.00 27-Apr-1999 contributed by Alan DeKok +# $Id$ +# + +VENDOR Shiva 166 + +# Shiva Extensions + +# +# This next attribute is Shiva's attempt to create their own +# VSA in the main dictionary. Don't use it. It's a bad idea. +# +#ATTRIBUTE Shiva-User-Attributes 51 string + +BEGIN-VENDOR Shiva + +ATTRIBUTE Shiva-User-Attributes 1 string +ATTRIBUTE Shiva-Compression 30 integer +ATTRIBUTE Shiva-Dialback-Delay 31 integer +ATTRIBUTE Shiva-Call-Durn-Trap 32 integer +ATTRIBUTE Shiva-Bandwidth-Trap 33 integer +ATTRIBUTE Shiva-Minimum-Call 34 integer +ATTRIBUTE Shiva-Default-Host 35 string +ATTRIBUTE Shiva-Menu-Name 36 string +ATTRIBUTE Shiva-User-Flags 37 string +ATTRIBUTE Shiva-Termtype 38 string +ATTRIBUTE Shiva-Break-Key 39 string +ATTRIBUTE Shiva-Fwd-Key 40 string +ATTRIBUTE Shiva-Bak-Key 41 string +ATTRIBUTE Shiva-Dial-Timeout 42 integer +ATTRIBUTE Shiva-LAT-Port 43 string +ATTRIBUTE Shiva-Max-VCs 44 integer +ATTRIBUTE Shiva-DHCP-Leasetime 45 integer +ATTRIBUTE Shiva-LAT-Groups 46 string +ATTRIBUTE Shiva-RTC-Timestamp 60 integer +ATTRIBUTE Shiva-Circuit-Type 61 integer +ATTRIBUTE Shiva-Called-Number 90 string +ATTRIBUTE Shiva-Calling-Number 91 string +ATTRIBUTE Shiva-Customer-Id 92 string +ATTRIBUTE Shiva-Type-Of-Service 93 integer +ATTRIBUTE Shiva-Link-Speed 94 integer +ATTRIBUTE Shiva-Links-In-Bundle 95 integer +ATTRIBUTE Shiva-Compression-Type 96 integer +ATTRIBUTE Shiva-Link-Protocol 97 integer +ATTRIBUTE Shiva-Network-Protocols 98 integer +ATTRIBUTE Shiva-Session-Id 99 integer +ATTRIBUTE Shiva-Disconnect-Reason 100 integer +ATTRIBUTE Shiva-Acct-Serv-Switch 101 ipaddr +ATTRIBUTE Shiva-Event-Flags 102 integer +ATTRIBUTE Shiva-Function 103 integer +ATTRIBUTE Shiva-Connect-Reason 104 integer + +VALUE Shiva-Compression None 0 +VALUE Shiva-Compression Negotiate 1 +VALUE Shiva-Compression Spider 2 +VALUE Shiva-Compression Predictor 3 +VALUE Shiva-Compression STAC 4 + +VALUE Shiva-Circuit-Type Primary 1 +VALUE Shiva-Circuit-Type Secondary-Backup 2 +VALUE Shiva-Circuit-Type Secondary-Augment 3 +VALUE Shiva-Circuit-Type Secondary-Switch 4 +VALUE Shiva-Circuit-Type Listener 5 +VALUE Shiva-Circuit-Type RADIUS 6 + +# Shiva Type Of Service Values + +VALUE Shiva-Type-Of-Service Analog 1 +VALUE Shiva-Type-Of-Service Digitized-Analog 2 +VALUE Shiva-Type-Of-Service Digital 3 +VALUE Shiva-Type-Of-Service Digital-V110 4 +VALUE Shiva-Type-Of-Service Digital-V120 5 +VALUE Shiva-Type-Of-Service Digital-Leased-Line 6 + +# Shiva Link Protocol Values + +VALUE Shiva-Link-Protocol HDLC 1 +VALUE Shiva-Link-Protocol ARAV1 2 +VALUE Shiva-Link-Protocol ARAV2 3 +VALUE Shiva-Link-Protocol SHELL 4 +VALUE Shiva-Link-Protocol AALAP 5 +VALUE Shiva-Link-Protocol SLIP 6 + +# Shiva Connect Reason Values + +VALUE Shiva-Connect-Reason Remote 1 +VALUE Shiva-Connect-Reason Dialback 2 +VALUE Shiva-Connect-Reason Virtual-Connection 3 +VALUE Shiva-Connect-Reason Bandwidth-On-Demand 4 + +# Shiva Disconnect Reason Values + +VALUE Shiva-Disconnect-Reason Remote 1 +VALUE Shiva-Disconnect-Reason Error 2 +VALUE Shiva-Disconnect-Reason Idle-Timeout 3 +VALUE Shiva-Disconnect-Reason Session-Timeout 4 +VALUE Shiva-Disconnect-Reason Admin-Disconnect 5 +VALUE Shiva-Disconnect-Reason Dialback 6 +VALUE Shiva-Disconnect-Reason Virtual-Connection 7 +VALUE Shiva-Disconnect-Reason Bandwidth-On-Demand 8 +VALUE Shiva-Disconnect-Reason Failed-Authentication 9 +VALUE Shiva-Disconnect-Reason Preempted 10 +VALUE Shiva-Disconnect-Reason Blocked 11 +VALUE Shiva-Disconnect-Reason Tariff-Management 12 +VALUE Shiva-Disconnect-Reason Backup 13 + +# Shiva Function Values + +VALUE Shiva-Function Unknown 0 +VALUE Shiva-Function Dialin 1 +VALUE Shiva-Function Dialout 2 +VALUE Shiva-Function Lan-To-Lan 3 + +END-VENDOR Shiva diff --git a/freeradius/dict/dictionary.slipstream b/freeradius/dict/dictionary.slipstream new file mode 100644 index 0000000..3baa7ad --- /dev/null +++ b/freeradius/dict/dictionary.slipstream @@ -0,0 +1,18 @@ +# -*- text -*- +############################################################################## +# +# For Slipstream dialup accelerator servers +# Created based on +# slipstream_sp_6.0_installation_and_configuration_guide.pdf +# +# $Id$ +# +############################################################################## + +VENDOR Slipstream 7000 + +BEGIN-VENDOR Slipstream + +ATTRIBUTE Slipstream-Auth 1 string + +END-VENDOR Slipstream diff --git a/freeradius/dict/dictionary.sofaware b/freeradius/dict/dictionary.sofaware new file mode 100644 index 0000000..43eeccf --- /dev/null +++ b/freeradius/dict/dictionary.sofaware @@ -0,0 +1,36 @@ +# -*- text -*- +############################################################################## +# +# Sofaware VPN-1 Edge from Sofaware (Check Point appliance). +# +# Values are strings, rather than real VALUEs. +# +# SofaWare-Admin : "none" / "readonly" / "readwrite" +# Users have no, read-only or read-write access to the +# appliance's configuration interface (Web / SSH) +# +# SofaWare-VPN : `true" / "false" +# User can / cannot connect the VPN +# +# SofaWare-Hotspot : "true" / "false" +# The account can be used for authentication on the +# Hotspot web page (may be required before accessing +# the Internet) +# +# SofaWare-UFP : "true" / "false" +# The user can /cannot overwrite the URL Filtering policy +# +# $Id$ +# +############################################################################## + +VENDOR SofaWare 6983 + +BEGIN-VENDOR SofaWare + +ATTRIBUTE SofaWare-Admin 1 string +ATTRIBUTE SofaWare-VPN 2 string +ATTRIBUTE SofaWare-Hotspot 3 string +ATTRIBUTE SofaWare-UFP 4 string + +END-VENDOR SofaWare diff --git a/freeradius/dict/dictionary.sonicwall b/freeradius/dict/dictionary.sonicwall new file mode 100644 index 0000000..f841d21 --- /dev/null +++ b/freeradius/dict/dictionary.sonicwall @@ -0,0 +1,62 @@ +# -*- text -*- +# +# Sonicwall Firewall dictionary +# +# $Id$ +# + +VENDOR SonicWall 8741 + +# Backwards compatibility. +BEGIN-VENDOR SonicWall + +ATTRIBUTE SS3-Firewall-User-Privilege 1 integer + +# New names. +ATTRIBUTE SonicWall-User-Privilege 1 integer +VALUE SonicWall-User-Privilege Remote-Access 1 # deprecated +VALUE SonicWall-User-Privilege Bypass-Filters 2 +VALUE SonicWall-User-Privilege VPN-Client-Access 3 # standard +VALUE SonicWall-User-Privilege Access-To-VPN 4 # standard +VALUE SonicWall-User-Privilege Limited-Management 5 +VALUE SonicWall-User-Privilege L2TP-Client-Access 6 # standard +VALUE SonicWall-User-Privilege Wireless-Guest 7 # standard +VALUE SonicWall-User-Privilege Wireless-Add-ACL 8 +VALUE SonicWall-User-Privilege Internet-Access 9 # standard + +# Those values indicated as "standard" are applicable only on a SonicWall +# firewall running standard firmware and not on one running enhanced firmware. + +# +# This attribute is to use in place of SonicWall-User-Privilege with RADIUS +# servers that allow only one instance of a Vendor-Specific attribute to be +# set (such as the ACE Server from RSA). Note that it is commented out in this +# file because it is not needed in any servers that support multiple VSA's. +# +# The value of this attribute is a text string giving a comma-separated list +# of one or more privileges, each corresponding to a value of the +# SonicWall-User-Privilege attribute above (and note that some are applicable +# only on a SonicWall firewall running standard firmware as indicated above): +# "BF,VC,VA,LM,LA,WG,WA,IA" +# "RA" for "Remote-Access" is now deprecated. +# ATTRIBUTE SonicWall-User-Privileges 2 string SonicWall + +# Multiple of these can be set for a user, each specifying the name of a +# user group to which that user has membership. Note that this can +# alternatively be achieved by use of the Filter-Id attribute. +# This is applicable only on a SonicWall firewall running enhanced firmware. +# +ATTRIBUTE SonicWall-User-Group 3 string + +# This attribute is to use in place of SonicWall-User-Group with RADIUS +# servers that allow only one instance of a Vendor-Specific attribute to be +# set (such as the ACE Server from RSA). Note that it is commented out in this +# file because it is not needed in any servers that support multiple VSA's. +# +# The value of this attribute is a text string giving a comma-separated list +# of the names of one or more user groups to which that user has membership. +# This is applicable only on a SonicWall firewall running enhanced firmware. +# +# ATTRIBUTE SonicWall-User-Groups 4 string SonicWall. + +END-VENDOR SonicWall diff --git a/freeradius/dict/dictionary.springtide b/freeradius/dict/dictionary.springtide new file mode 100644 index 0000000..994cd4c --- /dev/null +++ b/freeradius/dict/dictionary.springtide @@ -0,0 +1,31 @@ +# -*- text -*- +############################################################################## +# +# SpringTide VSAs +# +# $Id$ +# +############################################################################## + +VENDOR SpringTide 3551 + +BEGIN-VENDOR SpringTide + +ATTRIBUTE ST-Acct-VC-Connection-Id 1 string +ATTRIBUTE ST-Service-Name 2 string +ATTRIBUTE ST-Service-Domain 3 integer +ATTRIBUTE ST-Policy-Name 4 string +ATTRIBUTE ST-Primary-DNS-Server 5 ipaddr +ATTRIBUTE ST-Secondary-DNS-Server 6 ipaddr +ATTRIBUTE ST-Primary-NBNS-Server 7 ipaddr +ATTRIBUTE ST-Secondary-NBNS-Server 8 ipaddr +ATTRIBUTE ST-Physical-Port 9 integer +ATTRIBUTE ST-Physical-Slot 10 integer +ATTRIBUTE ST-Virtual-Path-ID 11 integer +ATTRIBUTE ST-Virtual-Circuit-ID 12 integer +ATTRIBUTE ST-Realm-Name 13 string +ATTRIBUTE ST-IPSec-Pfs-Group 14 integer +ATTRIBUTE ST-IPSec-Client-Firewall 15 integer +ATTRIBUTE ST-IPSec-Client-Subnet 16 string + +END-VENDOR SpringTide diff --git a/freeradius/dict/dictionary.starent b/freeradius/dict/dictionary.starent new file mode 100644 index 0000000..88c8b58 --- /dev/null +++ b/freeradius/dict/dictionary.starent @@ -0,0 +1,176 @@ +# -*- text -*- +############################################################################## +# +# Starent dictionary +# http://www.starentnetworks.com/ +# +# These appear to be 16-bit VSA types, with 16-bit lengths. +# +# $Id$ +# +############################################################################## + +VENDOR Starent 8164 format=2,2 + +BEGIN-VENDOR Starent + +ATTRIBUTE SN-VPN-ID 1 integer +ATTRIBUTE SN-VPN-Name 2 string +ATTRIBUTE SN-Disconnect-Reason 3 integer +ATTRIBUTE SN-PPP-Progress-Code 4 integer +ATTRIBUTE SN-Primary-DNS-Server 5 ipaddr +ATTRIBUTE SN-Secondary-DNS-Server 6 ipaddr +ATTRIBUTE SN-Re-CHAP-Interval 7 integer +ATTRIBUTE SN-IP-Pool-Name 8 string +ATTRIBUTE SN-PPP-Data-Compression 9 integer +ATTRIBUTE SN-IP-Filter-In 10 string +ATTRIBUTE SN-IP-Filter-Out 11 string +ATTRIBUTE SN-Local-IP-Address 13 ipaddr +ATTRIBUTE SN-IP-Source-Validation 14 integer +ATTRIBUTE SN-PPP-Outbound-Password 15 string +ATTRIBUTE SN-PPP-Keepalive 16 integer +ATTRIBUTE SN-IP-In-ACL 17 string +ATTRIBUTE SN-IP-Out-ACL 18 string +ATTRIBUTE SN-PPP-Data-Compression-Mode 19 integer +ATTRIBUTE SN-Subscriber-Permission 20 integer +ATTRIBUTE SN-Admin-Permission 21 integer +ATTRIBUTE SN-Simultaneous-SIP-MIP 22 integer +ATTRIBUTE SN-Min-Compress-Size 23 integer +ATTRIBUTE SNA-PPP-Unfr-data-In-Oct 200 integer +ATTRIBUTE SNA-PPP-Unfr-data-Out-Oct 201 integer +ATTRIBUTE SNA-PPP-Ctrl-Input-Octets 1001 integer +ATTRIBUTE SNA-PPP-Ctrl-Output-Octets 1002 integer +ATTRIBUTE SNA-PPP-Ctrl-Input-Packets 1003 integer +ATTRIBUTE SNA-PPP-Ctrl-Output-Packets 1004 integer +ATTRIBUTE SNA-PPP-Framed-Input-Octets 1005 integer +ATTRIBUTE SNA-PPP-Framed-Output-Octets 1006 integer +ATTRIBUTE SNA-PPP-Discards-Input 1007 integer +ATTRIBUTE SNA-PPP-Discards-Output 1008 integer +ATTRIBUTE SNA-PPP-Errors-Input 1009 integer +ATTRIBUTE SNA-PPP-Errors-Output 1010 integer +ATTRIBUTE SNA-PPP-Bad-Addr 1011 integer +ATTRIBUTE SNA-PPP-Bad-Ctrl 1012 integer +ATTRIBUTE SNA-PPP-Packet-Too-Long 1013 integer +ATTRIBUTE SNA-PPP-Bad-FCS 1014 integer +ATTRIBUTE SNA-PPP-Echo-Req-Input 1015 integer +ATTRIBUTE SNA-PPP-Echo-Req-Output 1016 integer +ATTRIBUTE SNA-PPP-Echo-Rsp-Input 1017 integer +ATTRIBUTE SNA-PPP-Echo-Rsp-Output 1018 integer +ATTRIBUTE SNA-RPRRQ-Rcvd-Total 1019 integer +ATTRIBUTE SNA-RPRRQ-Rcvd-Acc-Reg 1020 integer +ATTRIBUTE SNA-RPRRQ-Rcvd-Acc-Dereg 1021 integer +ATTRIBUTE SNA-RPRRQ-Rcvd-Msg-Auth-Fail 1022 integer +ATTRIBUTE SNA-RPRRQ-Rcvd-Mis-ID 1023 integer +ATTRIBUTE SNA-RPRRQ-Rcvd-Badly-Formed 1024 integer +ATTRIBUTE SNA-RPRRQ-Rcvd-VID-Unsupported 1025 integer +ATTRIBUTE SNA-RPRRQ-Rcvd-T-Bit-Not-Set 1026 integer +ATTRIBUTE SNA-RPRAK-Rcvd-Total 1027 integer +ATTRIBUTE SNA-RPRAK-Rcvd-Acc-Ack 1028 integer +ATTRIBUTE SNA-RPRAK-Rcvd-Msg-Auth-Fail 1029 integer +ATTRIBUTE SNA-RPRAK-Rcvd-Mis-ID 1030 integer +ATTRIBUTE SNA-RP-Reg-Reply-Sent-Total 1031 integer +ATTRIBUTE SNA-RP-Reg-Reply-Sent-Acc-Reg 1032 integer +ATTRIBUTE SNA-RP-Reg-Reply-Sent-Acc-Dereg 1033 integer +ATTRIBUTE SNA-RP-Reg-Reply-Sent-Bad-Req 1034 integer +ATTRIBUTE SNA-RP-Reg-Reply-Sent-Denied 1035 integer +ATTRIBUTE SNA-RP-Reg-Reply-Sent-Mis-ID 1036 integer +ATTRIBUTE SNA-RP-Reg-Reply-Sent-Send-Err 1037 integer +ATTRIBUTE SNA-RP-Reg-Upd-Sent 1038 integer +ATTRIBUTE SNA-RP-Reg-Upd-Re-Sent 1039 integer +ATTRIBUTE SNA-RP-Reg-Upd-Send-Err 1040 integer + +VALUE SN-Disconnect-Reason Not-Defined 0 +VALUE SN-Disconnect-Reason Admin-Disconnect 1 +VALUE SN-Disconnect-Reason Remote-Disconnect 2 +VALUE SN-Disconnect-Reason Local-Disconnect 3 +VALUE SN-Disconnect-Reason Disc-No-Resource 4 +VALUE SN-Disconnect-Reason Disc-Excd-Service-Limit 5 +VALUE SN-Disconnect-Reason PPP-LCP-Neg-Failed 6 +VALUE SN-Disconnect-Reason PPP-LCP-No-Response 7 +VALUE SN-Disconnect-Reason PPP-LCP-Loopback 8 +VALUE SN-Disconnect-Reason PPP-LCP-Max-Retry 9 +VALUE SN-Disconnect-Reason PPP-Echo-Failed 10 +VALUE SN-Disconnect-Reason PPP-Auth-Failed 11 +VALUE SN-Disconnect-Reason PPP-Auth-Failed-No-AAA-Resp 12 +VALUE SN-Disconnect-Reason PPP-Auth-No-Response 13 +VALUE SN-Disconnect-Reason PPP-Auth-Max-Retry 14 +VALUE SN-Disconnect-Reason Invalid-AAA-Attr 15 +VALUE SN-Disconnect-Reason Failed-User-Filter 16 +VALUE SN-Disconnect-Reason Failed-Provide-Service 17 +VALUE SN-Disconnect-Reason Invalid-IP-Address-AAA 18 +VALUE SN-Disconnect-Reason Invalid-IP-Pool-AAA 19 +VALUE SN-Disconnect-Reason PPP-IPCP-Neg-Failed 20 +VALUE SN-Disconnect-Reason PPP-IPCP-No-Response 21 +VALUE SN-Disconnect-Reason PPP-IPCP-Max-Retry 22 +VALUE SN-Disconnect-Reason PPP-No-Rem-IP-Address 23 +VALUE SN-Disconnect-Reason Inactivity-Timeout 24 +VALUE SN-Disconnect-Reason Session-Timeout 25 +VALUE SN-Disconnect-Reason Max-Data-Excd 26 +VALUE SN-Disconnect-Reason Invalid-IP-Source-Address 27 +VALUE SN-Disconnect-Reason MSID-Auth-Failed 28 +VALUE SN-Disconnect-Reason MSID-Auth-Fauiled-No-AAA-Resp 29 +VALUE SN-Disconnect-Reason A11-Max-Retry 30 +VALUE SN-Disconnect-Reason A11-Lifetime-Expired 31 +VALUE SN-Disconnect-Reason A11-Message-Integrity-Failure 32 +VALUE SN-Disconnect-Reason PPP-lcp-remote-disc 33 +VALUE SN-Disconnect-Reason Session-setup-timeout 34 +VALUE SN-Disconnect-Reason PPP-keepalive-failure 35 +VALUE SN-Disconnect-Reason Flow-add-failed 36 +VALUE SN-Disconnect-Reason Call-type-detection-failed 37 +VALUE SN-Disconnect-Reason Wrong-ipcp-params 38 +VALUE SN-Disconnect-Reason MIP-remote-dereg 39 +VALUE SN-Disconnect-Reason MIP-lifetime-expiry 40 +VALUE SN-Disconnect-Reason MIP-proto-error 41 +VALUE SN-Disconnect-Reason MIP-auth-failure 42 +VALUE SN-Disconnect-Reason MIP-reg-timeout 43 +VALUE SN-Disconnect-Reason Invalid-dest-context 44 +VALUE SN-Disconnect-Reason Source-context-removed 45 +VALUE SN-Disconnect-Reason Destination-context-removed 46 +VALUE SN-Disconnect-Reason Req-service-addr-unavailable 47 +VALUE SN-Disconnect-Reason Demux-mgr-failed 48 +VALUE SN-Disconnect-Reason Internal-error 49 + +VALUE SN-PPP-Progress-Code Not-Defined 0 +VALUE SN-PPP-Progress-Code Call-Lcp-Down 1 +VALUE SN-PPP-Progress-Code Call-Disconnecting 2 +VALUE SN-PPP-Progress-Code Call-Ppp-Renegotiating 3 +VALUE SN-PPP-Progress-Code Call-Arrived 11 +VALUE SN-PPP-Progress-Code Call-Lcp-Up 12 +VALUE SN-PPP-Progress-Code Call-Authenticating 13 +VALUE SN-PPP-Progress-Code Call-Authenticated 14 +VALUE SN-PPP-Progress-Code Call-Ipcp-Up 15 +VALUE SN-PPP-Progress-Code Call-Simple-IP-Connected 16 +VALUE SN-PPP-Progress-Code Call-Mobile-IP-Connected 17 + +VALUE SN-PPP-Data-Compression None 0 +VALUE SN-PPP-Data-Compression Stac-LZS 1 +VALUE SN-PPP-Data-Compression MPPC 2 +VALUE SN-PPP-Data-Compression MPCC-Stac-LZS 3 +VALUE SN-PPP-Data-Compression Deflate 4 +VALUE SN-PPP-Data-Compression Deflate-Stac-LZS 5 +VALUE SN-PPP-Data-Compression Deflate-MPCC 6 +VALUE SN-PPP-Data-Compression Deflate-MPCC-Stac-LZS 7 + +VALUE SN-IP-Source-Validation No 0 +VALUE SN-IP-Source-Validation Yes 1 + +VALUE SN-Subscriber-Permission None 0 +VALUE SN-Subscriber-Permission Simple-IP 1 +VALUE SN-Subscriber-Permission Mobile-IP 2 +VALUE SN-Subscriber-Permission Simple-IP-Mobile-IP 3 +VALUE SN-Subscriber-Permission HA-Mobile-IP 4 +VALUE SN-Subscriber-Permission Simple-IP-HA-Mobile-IP 5 +VALUE SN-Subscriber-Permission Mobile-IP-HA-Mobile-IP 6 +VALUE SN-Subscriber-Permission All 7 + +VALUE SN-Admin-Permission None 0 +VALUE SN-Admin-Permission CLI 1 +VALUE SN-Admin-Permission FTP 2 + +VALUE SN-Simultaneous-SIP-MIP Disabled 0 +VALUE SN-Simultaneous-SIP-MIP Enabled 1 + +VALUE SN-PPP-Data-Compression-Mode Normal 0 +VALUE SN-PPP-Data-Compression-Mode Stateless 1 + +END-VENDOR Starent diff --git a/freeradius/dict/dictionary.t_systems_nova b/freeradius/dict/dictionary.t_systems_nova new file mode 100644 index 0000000..1139a73 --- /dev/null +++ b/freeradius/dict/dictionary.t_systems_nova @@ -0,0 +1,32 @@ +# -*- text -*- +############################################################################## +# +# T-Systems-Nova +# +# $Id$ +# +############################################################################## +VENDOR T-Systems-Nova 16787 + +BEGIN-VENDOR T-Systems-Nova + +ATTRIBUTE T-Systems-Nova-Location-ID 1 string +ATTRIBUTE T-Systems-Nova-Location-Name 2 string +ATTRIBUTE T-Systems-Nova-Logoff-URL 3 string +ATTRIBUTE T-Systems-Nova-Redirection-URL 4 string +ATTRIBUTE T-Systems-Nova-Bandwidth-Min-Up 5 integer +ATTRIBUTE T-Systems-Nova-Bandwidth-Min-Down 6 integer +ATTRIBUTE T-Systems-Nova-Bandwidth-Max-Up 7 integer +ATTRIBUTE T-Systems-Nova-Bandwidth-Max-Down 8 integer +ATTRIBUTE T-Systems-Nova-Session-Terminate-Time 9 integer + +#ATTRIBUTE T-Systems-Nova-Session-Terminate-End-Of-Day 10 integer +ATTRIBUTE T-Systems-Nova-Session-Terminate-EoD 10 integer + +ATTRIBUTE T-Systems-Nova-Billing-Class-Of-Service 11 string +ATTRIBUTE T-Systems-Nova-Service-Name 12 string +ATTRIBUTE T-Systems-Nova-Price-Of-Service 13 integer +ATTRIBUTE T-Systems-Nova-Visiting-Provider-Code 14 string +ATTRIBUTE T-Systems-Nova-UnknownAVP 15 string + +END-VENDOR T-Systems-Nova diff --git a/freeradius/dict/dictionary.telebit b/freeradius/dict/dictionary.telebit new file mode 100644 index 0000000..24784d2 --- /dev/null +++ b/freeradius/dict/dictionary.telebit @@ -0,0 +1,15 @@ +# -*- text -*- +# +# Telebit dictionary +# $Id$ +# +VENDOR Telebit 117 + +BEGIN-VENDOR Telebit + +ATTRIBUTE Telebit-Login-Command 1 string +ATTRIBUTE Telebit-Port-Name 2 string +ATTRIBUTE Telebit-Activate-Command 3 string +ATTRIBUTE Telebit-Accounting-Info 4 string + +END-VENDOR Telebit diff --git a/freeradius/dict/dictionary.telkom b/freeradius/dict/dictionary.telkom new file mode 100644 index 0000000..b7f9ea4 --- /dev/null +++ b/freeradius/dict/dictionary.telkom @@ -0,0 +1,25 @@ +# -*- text -*- +############################################################################## +# +# Telkom SA - RADIUS dictionary +# Used to convey Telkom Specific Information in proxied requests +# EDS 20031007 eddie@saix.net +# +# $Id$ +# +############################################################################## + +VENDOR Telkom 1431 + +BEGIN-VENDOR Telkom + +# Access-Type is used to describe the Access Medium used eg +# Dial/ADSL/VSAT etc. Used in both Access-Requests and Accounting +ATTRIBUTE Telkom-Access-Type 1 string + +# +# Service-Type is used to indicate the Service used main in conjunction +# with the SSG. Used in both Access-Requests and Accounting +ATTRIBUTE Telkom-Service-Type 2 string + +END-VENDOR Telkom diff --git a/freeradius/dict/dictionary.trapeze b/freeradius/dict/dictionary.trapeze new file mode 100644 index 0000000..7729268 --- /dev/null +++ b/freeradius/dict/dictionary.trapeze @@ -0,0 +1,31 @@ +# -*- text -*- +# +# dictionary.trapeze +# +# For use with FreeRadius and Trapeze Networks MSS software 1.1 +# or greater. +# +# For assistance, email support@trapezenetworks.com. +# +# $Id$ +# +# +VENDOR Trapeze 14525 + +# Attributes for MSS 1.1 and later + +BEGIN-VENDOR Trapeze + +ATTRIBUTE Trapeze-VLAN-Name 1 string +ATTRIBUTE Trapeze-Mobility-Profile 2 string +ATTRIBUTE Trapeze-Encryption-Type 3 string +ATTRIBUTE Trapeze-Time-Of-Day 4 string + +# New attributes for MSS 3.0 and later + +ATTRIBUTE Trapeze-SSID 5 string +ATTRIBUTE Trapeze-End-Date 6 string +ATTRIBUTE Trapeze-Start-Date 7 string +ATTRIBUTE Trapeze-URL 8 string + +END-VENDOR Trapeze diff --git a/freeradius/dict/dictionary.tropos b/freeradius/dict/dictionary.tropos new file mode 100644 index 0000000..97842dc --- /dev/null +++ b/freeradius/dict/dictionary.tropos @@ -0,0 +1,52 @@ +# -*- text -*- +############################################################################## +# +# See support@tropos.com +# +# $Id$ +# +############################################################################## +VENDOR Tropos 14529 + +BEGIN-VENDOR Tropos + +ATTRIBUTE Tropos-Unicast-Cipher 1 integer +ATTRIBUTE Tropos-Layer2-Input-Octets 2 integer +ATTRIBUTE Tropos-Layer2-Output-Octets 3 integer +ATTRIBUTE Tropos-Layer2-Input-Frames 4 integer +ATTRIBUTE Tropos-Layer2-Output-Frames 5 integer +ATTRIBUTE Tropos-Layer2-Input-Drops 6 integer +ATTRIBUTE Tropos-Noise-Floor 7 ifid +ATTRIBUTE Tropos-Noise-Upper-Bound 8 ifid +ATTRIBUTE Tropos-Release 9 string +ATTRIBUTE Tropos-Secondary-IP 11 octets +ATTRIBUTE Tropos-Terminate-Cause 12 integer +ATTRIBUTE Tropos-Average-RSSI 13 integer +ATTRIBUTE Tropos-Channel 15 ifid +ATTRIBUTE Tropos-Retries-Sent 16 integer +ATTRIBUTE Tropos-Retry-Bits 17 integer +ATTRIBUTE Tropos-Rates-Sent 18 octets +ATTRIBUTE Tropos-Rates-Received 19 octets +ATTRIBUTE Tropos-Routed-Time 21 integer +ATTRIBUTE Tropos-Routless-Since 22 integer +ATTRIBUTE Tropos-Capability-Info 23 octets +ATTRIBUTE Tropos-Input-Cap 24 integer +ATTRIBUTE Tropos-Output-Cap 25 integer +ATTRIBUTE Tropos-Class-Mult 26 integer +ATTRIBUTE Tropos-Cell-Name 27 string +ATTRIBUTE Tropos-Cell-Location 28 string +ATTRIBUTE Tropos-Serial-Number 29 string +ATTRIBUTE Tropos-Latitude 30 string +ATTRIBUTE Tropos-Longitude 31 string + +# These are commented out because FreeRadius does not have a way of +# putting the numerical value into SQL. +# +#VALUE Tropos-Unicast-Cipher Legacy-Open 0 +#VALUE Tropos-Unicast-Cipher Legacy-WEP 1 +#VALUE Tropos-Unicast-Cipher WPA-TKIP 5304834 +#VALUE Tropos-Unicast-Cipher WPA-AES-CCMP 5304836 +#VALUE Tropos-Unicast-Cipher WPA2-TKIP 1027074 +#VALUE Tropos-Unicast-Cipher WPA2-AES-CCMP 1027076 + +END-VENDOR Tropos diff --git a/freeradius/dict/dictionary.unix b/freeradius/dict/dictionary.unix new file mode 100644 index 0000000..f1382fd --- /dev/null +++ b/freeradius/dict/dictionary.unix @@ -0,0 +1,19 @@ +# -*- text -*- +# +# Allegedly for ProFTPd. +# +# $Id$ +# + +VENDOR Unix 4 + +BEGIN-VENDOR Unix + +ATTRIBUTE Unix-FTP-UID 10 integer +ATTRIBUTE Unix-FTP-GID 11 integer +ATTRIBUTE Unix-FTP-Home 12 string +ATTRIBUTE Unix-FTP-Shell 13 string +ATTRIBUTE Unix-FTP-Group-Names 14 string +ATTRIBUTE Unix-FTP-Group-Ids 15 string + +END-VENDOR Unix diff --git a/freeradius/dict/dictionary.usr b/freeradius/dict/dictionary.usr new file mode 100644 index 0000000..966ae4c --- /dev/null +++ b/freeradius/dict/dictionary.usr @@ -0,0 +1,1654 @@ +# -*- text -*- +# +# dictionary.usr USR Robotics dictionary. +# +# Taken from the dictionary included with the USR RADIUS server, +# and adjusted a bit. +# +# Version: $Id$ +# + +# +# USR specific attributes +# +# Prompt value should be 1 for echo, 0 for no echo, default 1. +#ATTRIBUTE Prompt 64 integer +ATTRIBUTE Multi-Link-Flag 126 integer +ATTRIBUTE Char-Noecho 250 integer + +# +# USR specific Integer Translations +# + +VALUE Termination-Action Manage-Resources 2 + +VALUE Acct-Status-Type Modem-Start 4 +VALUE Acct-Status-Type Modem-Stop 5 +VALUE Acct-Status-Type Cancel 6 + +VALUE Multi-Link-Flag True 1 +VALUE Multi-Link-Flag False 0 + +# USR specific Authentication Types + +# +# These are commented out because the conflict with the standard +# definitions. +# +#VALUE Acct-Authentic None 0 +#VALUE Acct-Authentic Remote 3 +#VALUE Acct-Authentic RADIUS 4 +#VALUE Acct-Authentic MNET 5 +#VALUE Acct-Authentic KCHAP 6 +#VALUE Acct-Authentic TACACS 7 +#VALUE Acct-Authentic Realm 8 +#VALUE Acct-Authentic Local 9 +#VALUE Acct-Authentic File 10 +#VALUE Acct-Authentic Local-VPN 11 + +# +# USR Extensions: USR Vendor-Specific stuff. +# +# For now in NMC format (whatever that stands for), though the +# normal vendor-specific format would work just as well. +# +# +VENDOR USR 429 format=4,0 +BEGIN-VENDOR USR + +ATTRIBUTE USR-Last-Number-Dialed-Out 0x0066 string +ATTRIBUTE USR-Last-Number-Dialed-In-DNIS 0x00E8 string +ATTRIBUTE USR-Last-Callers-Number-ANI 0x00E9 string +ATTRIBUTE USR-Channel 0xBF38 integer +ATTRIBUTE USR-Event-Id 0xBFBE integer +ATTRIBUTE USR-Event-Date-Time 0xBF2F date +ATTRIBUTE USR-Call-Start-Date-Time 0xBFF7 date +ATTRIBUTE USR-Call-End-Date-Time 0xBFF6 date +ATTRIBUTE USR-Default-DTE-Data-Rate 0x005E integer +ATTRIBUTE USR-Initial-Rx-Link-Data-Rate 0xBF2D integer +ATTRIBUTE USR-Final-Rx-Link-Data-Rate 0xBF2C integer +ATTRIBUTE USR-Initial-Tx-Link-Data-Rate 0x006A integer +ATTRIBUTE USR-Final-Tx-Link-Data-Rate 0x006B integer +ATTRIBUTE USR-Chassis-Temperature 0xBF31 integer +ATTRIBUTE USR-Chassis-Temp-Threshold 0xBE84 integer +ATTRIBUTE USR-Actual-Voltage 0xBF32 integer +ATTRIBUTE USR-Expected-Voltage 0xBF33 integer +ATTRIBUTE USR-Power-Supply-Number 0xBF34 integer +ATTRIBUTE USR-Card-Type 0xBE85 integer +ATTRIBUTE USR-Chassis-Slot 0xBF39 integer +ATTRIBUTE USR-Sync-Async-Mode 0x0067 integer +ATTRIBUTE USR-Originate-Answer-Mode 0x0068 integer +ATTRIBUTE USR-Modulation-Type 0x006C integer +ATTRIBUTE USR-Connect-Term-Reason 0x009B integer +ATTRIBUTE USR-Failure-to-Connect-Reason 0x0069 integer +ATTRIBUTE USR-Equalization-Type 0x006F integer +ATTRIBUTE USR-Fallback-Enabled 0x0070 integer +ATTRIBUTE USR-Connect-Time-Limit 0xBFE7 integer +ATTRIBUTE USR-Number-of-Rings-Limit 0xBFE6 integer +ATTRIBUTE USR-DTE-Data-Idle-Timout 0x0048 integer +ATTRIBUTE USR-Characters-Sent 0x0071 integer +ATTRIBUTE USR-Characters-Received 0x0072 integer +ATTRIBUTE USR-Blocks-Sent 0x0075 integer +ATTRIBUTE USR-Blocks-Received 0x0076 integer +ATTRIBUTE USR-Blocks-Resent 0x0077 integer +ATTRIBUTE USR-Retrains-Requested 0x0078 integer +ATTRIBUTE USR-Retrains-Granted 0x0079 integer +ATTRIBUTE USR-Line-Reversals 0x007A integer +ATTRIBUTE USR-Number-Of-Characters-Lost 0x007B integer +ATTRIBUTE USR-Number-of-Blers 0x007D integer +ATTRIBUTE USR-Number-of-Link-Timeouts 0x007E integer +ATTRIBUTE USR-Number-of-Fallbacks 0x007F integer +ATTRIBUTE USR-Number-of-Upshifts 0x0080 integer +ATTRIBUTE USR-Number-of-Link-NAKs 0x0081 integer +ATTRIBUTE USR-DTR-False-Timeout 0x00BE integer +ATTRIBUTE USR-Fallback-Limit 0x00BF integer +ATTRIBUTE USR-Block-Error-Count-Limit 0x00C0 integer +ATTRIBUTE USR-DTR-True-Timeout 0x00DA integer +ATTRIBUTE USR-Security-Login-Limit 0xBEDE integer +ATTRIBUTE USR-Security-Resp-Limit 0xBEFA integer +ATTRIBUTE USR-DTE-Ring-No-Answer-Limit 0xBF17 integer +ATTRIBUTE USR-Back-Channel-Data-Rate 0x007C integer +ATTRIBUTE USR-Simplified-MNP-Levels 0x0099 integer +ATTRIBUTE USR-Simplified-V42bis-Usage 0x00C7 integer +ATTRIBUTE USR-Mbi_Ct_PRI_Card_Slot 0x0184 integer +ATTRIBUTE USR-Mbi_Ct_TDM_Time_Slot 0x0185 integer +ATTRIBUTE USR-Mbi_Ct_PRI_Card_Span_Line 0x0186 integer +ATTRIBUTE USR-Mbi_Ct_BChannel_Used 0x0187 integer +ATTRIBUTE USR-Physical-State 0xBE77 integer +ATTRIBUTE USR-Packet-Bus-Session 0xBF14 integer +ATTRIBUTE USR-Server-Time 0xF000 date + +# 0xBE5D-0xBE63 sent with Event-Id 79 +ATTRIBUTE USR-Channel-Connected-To 0xBE5D integer +ATTRIBUTE USR-Slot-Connected-To 0xBE5E integer +ATTRIBUTE USR-Device-Connected-To 0xBE5F integer +ATTRIBUTE USR-NFAS-ID 0xBE60 integer +ATTRIBUTE USR-Q931-Call-Reference-Value 0xBE61 integer +ATTRIBUTE USR-Call-Event-Code 0xBE62 integer +ATTRIBUTE USR-DS0 0xBE63 integer +# DS0s sent with Event-Id 77,78 +ATTRIBUTE USR-DS0s 0xBE64 string +# Gateway-IP-Address sent with Event-Id 71,72 +ATTRIBUTE USR-Gateway-IP-Address 0xBE66 ipaddr + +# +# +# +ATTRIBUTE CW-Version-Id 0x8000 integer +ATTRIBUTE CW-Account-Id 0x8001 string +ATTRIBUTE CW-Acct-Type 0x8002 integer +ATTRIBUTE CW-Acct-Identification-Code 0x8003 integer +ATTRIBUTE CW-Service-Type 0x8004 integer +ATTRIBUTE CW-Rate-Plan-Id 0x8005 integer +ATTRIBUTE CW-Source-Identifier 0x8006 integer +ATTRIBUTE CW-Session-Id 0x8007 string +ATTRIBUTE CW-Num-Call-Attempt-Session 0x8008 integer +ATTRIBUTE CW-Session-Sequence-Num 0x8009 integer +ATTRIBUTE CW-Session-Sequence-End 0x800a integer +ATTRIBUTE CW-Authentication-Fail-Cnt 0x800b integer +ATTRIBUTE CW-Clg-Party-E164-Type 0x800c integer +ATTRIBUTE CW-Clg-Party-E164-Number 0x800d string +ATTRIBUTE CW-Clg-Party-Trans-Protocol 0x800e integer +ATTRIBUTE CW-Clg-Party-Trans-Port 0x800f integer +ATTRIBUTE CW-Clg-Party-Trans-IP 0x8010 ipaddr +ATTRIBUTE CW-Clg-Party-Trans-DNS 0x8011 string +ATTRIBUTE CW-Cld-Party-E164-Type 0x8012 integer +ATTRIBUTE CW-Cld-Party-E164-Number 0x8013 string +ATTRIBUTE CW-Cld-Party-Trans-Protocol 0x8014 integer +ATTRIBUTE CW-Cld-Party-Trans-Port 0x8015 integer +ATTRIBUTE CW-Cld-Party-Trans-IP 0x8016 ipaddr +ATTRIBUTE CW-Cld-Party-Trans-DNS 0x8017 string +ATTRIBUTE CW-Orig-Line-Identifier 0x8018 integer +ATTRIBUTE CW-PSTN-Interface-Number 0x8019 integer +ATTRIBUTE CW-Ingr-Gway-E164-Type 0x801a integer +ATTRIBUTE CW-Ingr-Gway-E164-Number 0x801b string +ATTRIBUTE CW-Ingr-Gway-Trans-Protocol 0x801c integer +ATTRIBUTE CW-Ingr-Gway-Trans-Port 0x801d integer +ATTRIBUTE CW-Ingr-Gway-Trans-IP 0x801e ipaddr +ATTRIBUTE CW-Ingr-Gway-Trans-DNS 0x801f string +ATTRIBUTE CW-Egr-Gway-Trans-Protocol 0x8020 integer +ATTRIBUTE CW-Egr-Gway-Trans-Port 0x8021 integer +ATTRIBUTE CW-Egr-Gway-Trans-IP 0x8022 ipaddr +ATTRIBUTE CW-Egr-Gway-Trans-DNS 0x8023 string +ATTRIBUTE CW-Ingr-Gtkpr-Trans-Protocol 0x8024 integer +ATTRIBUTE CW-Ingr-Gtkpr-Trans-Port 0x8025 integer +ATTRIBUTE CW-Ingr-Gtkpr-Trans-IP 0x8026 ipaddr +ATTRIBUTE CW-Ingr-Gtkpr-Trans-DNS 0x8027 string +ATTRIBUTE CW-Egr-Gtkpr-Trans-Protocol 0x8028 integer +ATTRIBUTE CW-Egr-Gtkpr-Trans-Port 0x8029 integer +ATTRIBUTE CW-Egr-Gtkpr-Trans-IP 0x802a ipaddr +ATTRIBUTE CW-Egr-Gtkpr-Trans-DNS 0x802b string +ATTRIBUTE CW-Call-Identifier 0x802c string +ATTRIBUTE CW-Call-Type 0x802d integer +ATTRIBUTE CW-Call-Start-Ingr-GW-Sec 0x802e string +ATTRIBUTE CW-Call-Start-Ingr-GW-Msec 0x802f integer +ATTRIBUTE CW-Call-Start-Time-Ans-Sec 0x8030 string +ATTRIBUTE CW-Call-Start-Time-Ans-Msec 0x8031 integer +ATTRIBUTE CW-Call-End-Time-Sec 0x8032 string +ATTRIBUTE CW-Call-End-Time-Msec 0x8033 integer +ATTRIBUTE CW-Call-Durn-Connect-Disc 0x8034 integer +ATTRIBUTE CW-Codec-Type 0x8035 integer +ATTRIBUTE CW-Call-Termination-Cause 0x8036 integer +ATTRIBUTE CW-Audio-Packets-Sent 0x8037 integer +ATTRIBUTE CW-Audio-Packets-Received 0x8038 integer +ATTRIBUTE CW-Audio-Packets-Lost 0x8039 integer +ATTRIBUTE CW-Audio-Packets-In-Frame 0x803a integer +ATTRIBUTE CW-Audio-Bytes-In-Frame 0x803b integer +ATTRIBUTE CW-Audio-Signal-In-Packet 0x803c integer +ATTRIBUTE CW-Port-Id-For-Call 0x803d integer +ATTRIBUTE CW-Slot-Id-For-Call 0x803e integer +ATTRIBUTE CW-Acct-Balance-Start-Curr 0x803f integer +ATTRIBUTE CW-Acct-Balance-Start-Amt 0x8040 integer +ATTRIBUTE CW-Acct-Balance-Start-Dec 0x8041 integer +ATTRIBUTE CW-Acct-Balance-Decr-Curr 0x8042 integer +ATTRIBUTE CW-LRQ-Token 0x8043 string +ATTRIBUTE CW-ARQ-Token 0x8044 string +ATTRIBUTE CW-Token-Status 0x8045 integer +ATTRIBUTE CW-SS7-Destn-Ptcode-Type 0x8046 integer +ATTRIBUTE CW-SS7-Destn-Ptcode-Address 0x8047 integer +ATTRIBUTE CW-SS7-Orig-Ptcode-Type 0x8048 integer +ATTRIBUTE CW-SS7-Orig-Ptcode-Address 0x8049 integer +ATTRIBUTE CW-SS7-CIC 0x804a integer +ATTRIBUTE CW-MGC-Id 0x804b integer +ATTRIBUTE CW-MG-Id 0x804c integer +ATTRIBUTE CW-Signaling-Protocol 0x804d integer +ATTRIBUTE CW-Protocol-Transport 0x804e integer +ATTRIBUTE CW-Local-Sig-Trans-Protocol 0x804f integer +ATTRIBUTE CW-Local-Sig-Trans-Port 0x8050 integer +ATTRIBUTE CW-Local-Sig-Trans-IP 0x8051 ipaddr +ATTRIBUTE CW-Local-Sig-Trans-DNS 0x8052 string +ATTRIBUTE CW-Remote-Sig-Trans-Protocol 0x8053 integer +ATTRIBUTE CW-Remote-Sig-Trans-Port 0x8054 integer +ATTRIBUTE CW-Remote-Sig-Trans-IP 0x8055 ipaddr +ATTRIBUTE CW-Remote-Sig-Trans-DNS 0x8056 string +ATTRIBUTE CW-Local-MG-RTP-Protocol 0x8057 integer +ATTRIBUTE CW-Local-MG-RTP-Port 0x8058 integer +ATTRIBUTE CW-Local-MG-RTP-IP 0x8059 ipaddr +ATTRIBUTE CW-Local-MG-RTP-DNS 0x805a string +ATTRIBUTE CW-Remote-MG-RTP-Protocol 0x805b integer +ATTRIBUTE CW-Remote-MG-RTP-Port 0x805c integer +ATTRIBUTE CW-Remote-MG-RTP-IP 0x805d ipaddr +ATTRIBUTE CW-Remote-MG-RTP-DNS 0x805e string +ATTRIBUTE CW-Call-Model 0x805f integer +ATTRIBUTE CW-Call-Plan-Id 0x8060 integer +ATTRIBUTE CW-Trans-Cld-Party-E164-Type 0x8061 integer +ATTRIBUTE CW-Trans-Cld-Party-E164-Num 0x8062 string +ATTRIBUTE CW-OSP-Source-Device 0x8063 string + +# +# These are CCA Radius attributes +# +ATTRIBUTE USR-PW_USR_IFilter_IP 0x9000 string +ATTRIBUTE USR-PW_USR_IFilter_IPX 0x9001 string +ATTRIBUTE USR-PW_USR_OFilter_IP 0x9003 string +ATTRIBUTE USR-PW_USR_OFilter_IPX 0x9004 string +ATTRIBUTE USR-PW_USR_OFilter_SAP 0x9005 string +ATTRIBUTE USR-PW_VPN_ID 0x9006 string +ATTRIBUTE USR-PW_VPN_Name 0x9007 string +ATTRIBUTE USR-PW_VPN_Neighbor 0x9008 ipaddr +ATTRIBUTE USR-PW_Framed_Routing_V2 0x9009 string +ATTRIBUTE USR-PW_VPN_Gateway 0x900a string +ATTRIBUTE USR-PW_Tunnel_Authentication 0x900b string +ATTRIBUTE USR-PW_Index 0x900c string +ATTRIBUTE USR-PW_Cutoff 0x900d string +ATTRIBUTE USR-PW_Packet 0x900e string +ATTRIBUTE USR-Primary_DNS_Server 0x900f ipaddr +ATTRIBUTE USR-Secondary_DNS_Server 0x9010 ipaddr +ATTRIBUTE USR-Primary_NBNS_Server 0x9011 ipaddr +ATTRIBUTE USR-Secondary_NBNS_Server 0x9012 ipaddr +ATTRIBUTE USR-Syslog-Tap 0x9013 integer +ATTRIBUTE USR-Chassis-Call-Slot 0x9019 integer +ATTRIBUTE USR-Chassis-Call-Span 0x901A integer +ATTRIBUTE USR-Chassis-Call-Channel 0x901B integer +ATTRIBUTE USR-Keypress-Timeout 0x901C integer +ATTRIBUTE USR-Unauthenticated-Time 0x901D integer +ATTRIBUTE USR-Connect-Speed 0x9023 integer +ATTRIBUTE USR-Framed_IP_Address_Pool_Name 0x9024 string +ATTRIBUTE USR-MP-EDO 0x9025 string + +# +# Pilgrim attributes +# +ATTRIBUTE USR-Bearer-Capabilities 0x9800 integer +ATTRIBUTE USR-Speed-Of-Connection 0x9801 integer +ATTRIBUTE USR-Max-Channels 0x9802 integer +ATTRIBUTE USR-Channel-Expansion 0x9803 integer +ATTRIBUTE USR-Channel-Decrement 0x9804 integer +ATTRIBUTE USR-Expansion-Algorithm 0x9805 integer +ATTRIBUTE USR-Compression-Algorithm 0x9806 integer +ATTRIBUTE USR-Receive-Acc-Map 0x9807 integer +ATTRIBUTE USR-Transmit-Acc-Map 0x9808 integer +ATTRIBUTE USR-Compression-Reset-Mode 0x980a integer +ATTRIBUTE USR-Min-Compression-Size 0x980b integer +ATTRIBUTE USR-IP 0x980c integer +ATTRIBUTE USR-IPX 0x980d integer +ATTRIBUTE USR-Filter-Zones 0x980e integer +ATTRIBUTE USR-Appletalk 0x980f integer +ATTRIBUTE USR-Bridging 0x9810 integer +ATTRIBUTE USR-Spoofing 0x9811 integer +ATTRIBUTE USR-Host-Type 0x9812 integer +ATTRIBUTE USR-Send-Name 0x9813 string +ATTRIBUTE USR-Send-Password 0x9814 string +ATTRIBUTE USR-Start-Time 0x9815 integer +ATTRIBUTE USR-End-Time 0x9816 integer +ATTRIBUTE USR-Send-Script1 0x9817 string +ATTRIBUTE USR-Reply-Script1 0x9818 string +ATTRIBUTE USR-Send-Script2 0x9819 string +ATTRIBUTE USR-Reply-Script2 0x981a string +ATTRIBUTE USR-Send-Script3 0x981b string +ATTRIBUTE USR-Reply-Script3 0x981c string +ATTRIBUTE USR-Send-Script4 0x981d string +ATTRIBUTE USR-Reply-Script4 0x981e string +ATTRIBUTE USR-Send-Script5 0x981f string +ATTRIBUTE USR-Reply-Script5 0x9820 string +ATTRIBUTE USR-Send-Script6 0x9821 string +ATTRIBUTE USR-Reply-Script6 0x9822 string +ATTRIBUTE USR-Terminal-Type 0x9823 string +ATTRIBUTE USR-Appletalk-Network-Range 0x9824 integer +ATTRIBUTE USR-Local-IP-Address 0x9825 string +ATTRIBUTE USR-Routing-Protocol 0x9826 integer +ATTRIBUTE USR-Modem-Group 0x9827 integer +ATTRIBUTE USR-Modem-Training-Time 0x9842 integer +ATTRIBUTE USR-Interface-Index 0x9843 integer +ATTRIBUTE USR-MP-MRRU 0x982f integer + +ATTRIBUTE USR-SAP-Filter-In 0x9002 string +ATTRIBUTE USR-MIC 0x9014 string +ATTRIBUTE USR-Log-Filter-Packets 0x9017 string +ATTRIBUTE USR-VPN-Encrypter 0x901e integer +ATTRIBUTE USR-Re-Chap-Timeout 0x9020 integer +ATTRIBUTE USR-Tunnel-Switch-Endpoint 0x9868 string + +ATTRIBUTE USR-IP-SAA-Filter 0x9870 integer +ATTRIBUTE Initial-Modulation-Type 0x0923 integer +ATTRIBUTE USR-VTS-Session-Key 0x9856 string +ATTRIBUTE USR-Orig-NAS-Type 0x9857 string +ATTRIBUTE USR-Call-Arrival-Time 0x9858 integer +ATTRIBUTE USR-Call-End-Time 0x9859 integer +ATTRIBUTE USR-Tunnel-Auth-Hostname 0x986b string +ATTRIBUTE USR-Acct-Reason-Code 0x986c integer +ATTRIBUTE USR-Supports-Tags 0x9889 integer +ATTRIBUTE USR-HARC-Disconnect-Code 0x988b integer +ATTRIBUTE USR-RMMIE-Status 0x01cd integer +ATTRIBUTE USR-RMMIE-Last-Update-Event 0x0901 integer +ATTRIBUTE USR-RMMIE-x2-Status 0x0909 integer +ATTRIBUTE USR-RMMIE-Planned-Disconnect 0x090a integer +ATTRIBUTE USR-VPN-GW-Location-Id 0x901f string +ATTRIBUTE USR-CCP-Algorithm 0x9021 integer +ATTRIBUTE USR-ACCM-Type 0x9022 integer +ATTRIBUTE USR-Local-Framed-IP-Addr 0x9026 ipaddr +ATTRIBUTE USR-IPX-Routing 0x9828 integer +ATTRIBUTE USR-IPX-WAN 0x9829 integer +ATTRIBUTE USR-IP-RIP-Policies 0x982a integer +ATTRIBUTE USR-IP-RIP-Simple-Auth-Password 0x982b string +ATTRIBUTE USR-IP-RIP-Input-Filter 0x982c string +ATTRIBUTE USR-IP-Call-Input-Filter 0x982d string +ATTRIBUTE USR-IPX-RIP-Input-Filter 0x982e string +ATTRIBUTE USR-IPX-Call-Input-Filter 0x9830 string +ATTRIBUTE USR-AT-Input-Filter 0x9831 string +ATTRIBUTE USR-AT-RTMP-Input-Filter 0x9832 string +ATTRIBUTE USR-AT-Zip-Input-Filter 0x9833 string +ATTRIBUTE USR-AT-Call-Input-Filter 0x9834 string +ATTRIBUTE USR-ET-Bridge-Input-Filter 0x9835 string +ATTRIBUTE USR-IP-RIP-Output-Filter 0x9836 string +ATTRIBUTE USR-IP-Call-Output-Filter 0x9837 string +ATTRIBUTE USR-IPX-RIP-Output-Filter 0x9838 string +ATTRIBUTE USR-IPX-Call-Output-Filter 0x9839 string +ATTRIBUTE USR-AT-Output-Filter 0x983a string +ATTRIBUTE USR-AT-RTMP-Output-Filter 0x983b string +ATTRIBUTE USR-AT-Zip-Output-Filter 0x983c string +ATTRIBUTE USR-AT-Call-Output-Filter 0x983d string +ATTRIBUTE USR-ET-Bridge-Output-Filter 0x983e string +# This item name is too long for the server to parse; had to chop the r off. FIXME? +ATTRIBUTE USR-ET-Bridge-Call-Output-Filte 0x983f string +ATTRIBUTE USR-IP-Default-Route-Option 0x9840 integer +ATTRIBUTE USR-MP-EDO-HIPER 0x9841 string +ATTRIBUTE USR-Tunnel-Security 0x9844 integer +ATTRIBUTE USR-Port-Tap 0x9845 integer +ATTRIBUTE USR-Port-Tap-Format 0x9846 integer +ATTRIBUTE USR-Port-Tap-Output 0x9847 integer +ATTRIBUTE USR-Port-Tap-Facility 0x9848 integer +ATTRIBUTE USR-Port-Tap-Priority 0x9849 integer +ATTRIBUTE USR-Port-Tap-Address 0x984a ipaddr +ATTRIBUTE USR-MobileIP-Home-Agent-Address 0x984b ipaddr +ATTRIBUTE USR-Tunneled-MLPP 0x984c integer +ATTRIBUTE USR-Multicast-Proxy 0x984d integer +ATTRIBUTE USR-Multicast-Receive 0x984e integer +ATTRIBUTE USR-Multicast-Forwarding 0x9850 integer +ATTRIBUTE USR-IGMP-Query-Interval 0x9851 integer +ATTRIBUTE USR-IGMP-Maximum-Response-Time 0x9852 integer +ATTRIBUTE USR-IGMP-Robustness 0x9853 integer +ATTRIBUTE USR-IGMP-Version 0x9854 integer +ATTRIBUTE USR-Callback-Type 0x986a integer +ATTRIBUTE USR-Request-Type 0xf001 integer +ATTRIBUTE USR-RMMIE-Num-Of-Updates 0x01ce integer +ATTRIBUTE USR-RMMIE-Manufacturer-ID 0x01df integer +ATTRIBUTE USR-RMMIE-Product-Code 0x01e0 string +ATTRIBUTE USR-RMMIE-Serial-Number 0x01e1 string +ATTRIBUTE USR-RMMIE-Firmware-Version 0x01e2 string +ATTRIBUTE USR-RMMIE-Firmware-Build-Date 0x01e3 string +ATTRIBUTE USR-Call-Arrival-in-GMT 0xbe52 date +ATTRIBUTE USR-Call-Connect-in-GMT 0xbe51 date +ATTRIBUTE USR-Call-Terminate-in-GMT 0xbe50 date +ATTRIBUTE USR-IDS0-Call-Type 0xbe4f integer +ATTRIBUTE USR-Call-Reference-Number 0xbe7d integer +ATTRIBUTE USR-CDMA-Call-Reference-Number 0x0183 integer +ATTRIBUTE USR-Mobile-IP-Address 0x088e ipaddr +ATTRIBUTE USR-QNC1-Service-Destination 0x08f4 ipaddr +ATTRIBUTE USR-IWF-IP-Address 0x03f4 ipaddr +ATTRIBUTE USR-Called-Party-Number 0x0890 string +ATTRIBUTE USR-Calling-Party-Number 0x088f string +ATTRIBUTE USR-Call-Type 0x0891 integer +ATTRIBUTE USR-ESN 0x0892 string +ATTRIBUTE USR-IWF-Call-Identifier 0x0893 integer +ATTRIBUTE USR-IMSI 0x0894 string +ATTRIBUTE USR-Service-Option 0x0895 integer +ATTRIBUTE USR-Disconnect-Cause-Indicator 0x0896 integer +ATTRIBUTE USR-Mobile-NumBytes-Txed 0x0897 integer +ATTRIBUTE USR-Mobile-NumBytes-Rxed 0x0898 integer +ATTRIBUTE USR-Num-Fax-Pages-Processed 0x0899 integer +ATTRIBUTE USR-Compression-Type 0x089a integer +ATTRIBUTE USR-Call-Error-Code 0x089b integer +ATTRIBUTE USR-Modem-Setup-Time 0x089c integer +ATTRIBUTE USR-Call-Connecting-Time 0x089d integer +ATTRIBUTE USR-Connect-Time 0x089e integer +ATTRIBUTE USR-RMMIE-Last-Update-Time 0x0900 integer +ATTRIBUTE USR-RMMIE-Rcv-Tot-PwrLvl 0x0902 integer +ATTRIBUTE USR-RMMIE-Rcv-PwrLvl-3300Hz 0x0903 integer +ATTRIBUTE USR-RMMIE-Rcv-PwrLvl-3750Hz 0x0904 integer +ATTRIBUTE USR-RMMIE-PwrLvl-NearEcho-Canc 0x0905 integer +ATTRIBUTE USR-RMMIE-PwrLvl-FarEcho-Canc 0x0906 integer +ATTRIBUTE USR-RMMIE-PwrLvl-Noise-Lvl 0x0907 integer +ATTRIBUTE USR-RMMIE-PwrLvl-Xmit-Lvl 0x0908 integer +ATTRIBUTE USR-Framed-IPX-Route 0x9027 ipaddr +ATTRIBUTE USR-MPIP-Tunnel-Originator 0x9028 ipaddr +ATTRIBUTE USR-IGMP-Routing 0x9855 integer +ATTRIBUTE USR-Rad-Multicast-Routing-Ttl 0x9860 integer +# again, too long for cistron to parse "rate-limit", "protocol" and "boundary" +ATTRIBUTE USR-Rad-Multicast-Routing-RtLim 0x9861 integer +ATTRIBUTE USR-Rad-Multicast-Routing-Proto 0x9862 integer +ATTRIBUTE USR-Rad-Multicast-Routing-Bound 0x9863 string +ATTRIBUTE USR-Rad-Dvmrp-Metric 0x9864 integer +ATTRIBUTE USR-Chat-Script-Name 0x9865 string +ATTRIBUTE USR-CUSR-hat-Script-Rules 0x9866 string +ATTRIBUTE USR-Rad-Location-Type 0x9867 integer +ATTRIBUTE USR-OSPF-Addressless-Index 0x9869 integer +ATTRIBUTE USR-QoS-Queuing-Mehtod 0x986d integer +ATTRIBUTE USR-PQ-Default-Priority 0x986e integer +ATTRIBUTE USR-FQ-Default-Priority 0x9871 integer +ATTRIBUTE USR-IPP-Enable 0x9872 integer +ATTRIBUTE USR-Pre-Shared-MN-Key 0x9873 string +ATTRIBUTE USR-MIP-NAI 0x9874 integer +ATTRIBUTE USR-DNIS-ReAuthentication 0x9875 integer +ATTRIBUTE USR-Agent 0x9876 integer +ATTRIBUTE USR-PQ-Parameters 0x9877 integer +ATTRIBUTE USR-Dvmrp-Prune-Lifetime 0x9878 integer +ATTRIBUTE USR-Special-Xon-Xoff-Flow 0x9879 integer +ATTRIBUTE USR-Dvmrp-Advertised-Metric 0x987a integer +ATTRIBUTE USR-Dvmrp-Retransmit-Prunes 0x987b integer +ATTRIBUTE USR-Dvmrp-Non-Pruners 0x987c integer +ATTRIBUTE USR-Dvmrp-Route-Transit 0x987d integer +ATTRIBUTE USR-Dvmrp-Input-Filter 0x987e string +ATTRIBUTE USR-Dvmrp-Output-Filter 0x9880 string +ATTRIBUTE USR-Policy-Access 0x9881 integer +ATTRIBUTE USR-Policy-Configuration 0x9882 integer +ATTRIBUTE USR-Policy-Filename 0x9883 string +ATTRIBUTE USR-Policy-Type 0x9884 integer +ATTRIBUTE USR-Mobile-Session-ID 0x9885 integer +ATTRIBUTE USR-Mobile-Accounting-Type 0x9886 integer +ATTRIBUTE USR-Mobile-Service-Option 0x9887 integer +ATTRIBUTE USR-Wallclock-Timestamp 0x9888 integer +ATTRIBUTE USR-Dvmrp-Initial-Flooding 0x988a integer +ATTRIBUTE USR-Telnet-Options 0x988c integer +ATTRIBUTE USR-CDMA-PktData-Network-ID 0x988d integer +ATTRIBUTE USR-Auth-Next-Server-Address 0x988e ipaddr +ATTRIBUTE USR-User-PPP-AODI-Type 0x988f integer +ATTRIBUTE USR-MLPPP-Fragmentation-Threshld 0x9890 integer +ATTRIBUTE USR-Unnumbered-Local-IP-Address 0x9891 ipaddr +ATTRIBUTE USR-Traffic-Threshold 0x9892 integer +ATTRIBUTE USR-Keep-Alive-Interval 0x9893 integer +ATTRIBUTE USR-Tunnel-Challenge-Outgoing 0x9894 integer +ATTRIBUTE USR-X25-Trunk-Profile 0x9895 string +ATTRIBUTE USR-X25-Acct-Input-Segment-Count 0x9896 integer +ATTRIBUTE USR-X25-Acct-Output-Segment-Coun 0x9897 integer +ATTRIBUTE USR-X25-Acct-Segment-Size 0x9898 integer +ATTRIBUTE USR-X25-Acct-Termination-Code 0x9899 integer +ATTRIBUTE USR-X25-SVC-Logical-Channel-Numb 0x989a integer +ATTRIBUTE USR-Nailed-B-Channel-Indicator 0x989b integer +ATTRIBUTE USR-X25-SVC-Call-Attributes 0x989c integer +ATTRIBUTE USR-Init-Reg-Server-Addr 0x989d ipaddr +ATTRIBUTE USR-Re-Reg-Server-Addr 0x989e ipaddr +ATTRIBUTE USR-Bytes-TX-Remain 0x989f integer +ATTRIBUTE USR-Bytes-RX-Remain 0x98a0 integer +ATTRIBUTE USR-Session-Time-Remain 0x98a1 integer +ATTRIBUTE USR-Pre-Paid-Enabled 0x98a2 integer +ATTRIBUTE USR-Reg-Server-Prov-Timeout 0x98a3 integer +ATTRIBUTE USR-Redirect 0x98a4 integer +ATTRIBUTE USR-VLAN-Tag 0x98a5 integer +ATTRIBUTE USR-Rad-IP-Pool-Definition 0x98a6 string +ATTRIBUTE USR-Rad-NMC-Call-Progress-Status 0x98a7 integer +ATTRIBUTE USR-Rad-NMC-Blocks_RX 0x98a8 integer + +ATTRIBUTE USR-NAS-Type 0xf002 integer +ATTRIBUTE USR-Auth-Mode 0xf003 integer +# +# Integer Translations +# + +#VALUE USR-Character-Echo Echo-On 0 +#VALUE USR-Character-Echo Echo-Off 1 + +#VALUE USR-PW_Framed_Routing_V2 Off 0 +#VALUE USR-PW_Framed_Routing_V2 On 1 + +VALUE USR-Syslog-Tap Off 0 +VALUE USR-Syslog-Tap On-Raw 1 +VALUE USR-Syslog-Tap On-Framed 2 +VALUE USR-Syslog-Tap Unknown 4294967295 + +# Event Indentifiers + +VALUE USR-Event-Id Module-Inserted 6 +VALUE USR-Event-Id Module-Removed 7 +VALUE USR-Event-Id PSU-Voltage-Alarm 8 +VALUE USR-Event-Id PSU-Failed 9 +VALUE USR-Event-Id HUB-Temp-Out-of-Range 10 +VALUE USR-Event-Id Fan-Failed 11 +VALUE USR-Event-Id Watchdog-Timeout 12 +VALUE USR-Event-Id Mgmt-Bus-Failure 13 +VALUE USR-Event-Id In-Connection-Est 14 +VALUE USR-Event-Id Out-Connection-Est 15 +VALUE USR-Event-Id In-Connection-Term 16 +VALUE USR-Event-Id Out-Connection-Term 17 +VALUE USR-Event-Id Connection-Failed 18 +VALUE USR-Event-Id Connection-Timeout 19 +VALUE USR-Event-Id DTE-Transmit-Idle 20 +VALUE USR-Event-Id DTR-True 21 +VALUE USR-Event-Id DTR-False 22 +VALUE USR-Event-Id Block-Error-at-Threshold 23 +VALUE USR-Event-Id Fallbacks-at-Threshold 24 +VALUE USR-Event-Id No-Dial-Tone-Detected 25 +VALUE USR-Event-Id No-Loop-Current-Detected 26 +VALUE USR-Event-Id Yellow-Alarm 27 +VALUE USR-Event-Id Red-Alarm 28 +VALUE USR-Event-Id Loss-Of-Signal 29 +VALUE USR-Event-Id Rcv-Alrm-Ind-Signal 30 +VALUE USR-Event-Id Timing-Source-Switch 31 +VALUE USR-Event-Id Modem-Reset-by-DTE 32 +VALUE USR-Event-Id Modem-Ring-No-Answer 33 +VALUE USR-Event-Id DTE-Ring-No-Answer 34 +VALUE USR-Event-Id Pkt-Bus-Session-Active 35 +VALUE USR-Event-Id Pkt-Bus-Session-Congestion 36 +VALUE USR-Event-Id Pkt-Bus-Session-Lost 37 +VALUE USR-Event-Id Pkt-Bus-Session-Inactive 38 +VALUE USR-Event-Id User-Interface-Reset 39 +VALUE USR-Event-Id Gateway-Port-Out-of-Service 40 +VALUE USR-Event-Id Gateway-Port-Link-Active 41 +VALUE USR-Event-Id Dial-Out-Login-Failure 42 +VALUE USR-Event-Id Dial-In-Login-Failure 43 +VALUE USR-Event-Id Dial-Out-Restricted-Number 44 +VALUE USR-Event-Id Dial-Back-Restricted-Number 45 +VALUE USR-Event-Id User-Blacklisted 46 +VALUE USR-Event-Id Attempted-Login-Blacklisted 47 +VALUE USR-Event-Id Response-Attempt-Limit-Exceeded 48 +VALUE USR-Event-Id Login-Attempt-Limit-Exceeded 49 +VALUE USR-Event-Id Dial-Out-Call-Duration 50 +VALUE USR-Event-Id Dial-In-Call-Duration 51 +VALUE USR-Event-Id Pkt-Bus-Session-Err-Status 52 +VALUE USR-Event-Id NMC-AutoRespnse-Trap 53 +VALUE USR-Event-Id Acct-Server-Contact-Loss 54 +VALUE USR-Event-Id Yellow-Alarm-Clear 55 +VALUE USR-Event-Id Red-Alarm-Clear 56 +VALUE USR-Event-Id Loss-Of-Signal-Clear 57 +VALUE USR-Event-Id Rcv-Alrm-Ind-Signal-Clear 58 +VALUE USR-Event-Id Incoming-Connection-Established 59 +VALUE USR-Event-Id Outgoing-Connection-Established 60 +VALUE USR-Event-Id Incoming-Connection-Terminated 61 +VALUE USR-Event-Id Outgoing-Connection-Terminated 62 +VALUE USR-Event-Id Connection-Attempt-Failure 63 +VALUE USR-Event-Id Continuous-CRC-Alarm 64 +VALUE USR-Event-Id Continuous-CRC-Alarm-Clear 65 +VALUE USR-Event-Id Physical-State-Change 66 +VALUE USR-Event-Id Gateway-Network-Failed 71 +VALUE USR-Event-Id Gateway-Network-Restored 72 +VALUE USR-Event-Id Packet-Bus-Clock-Lost 73 +VALUE USR-Event-Id Packet-Bus-Clock-Restored 74 +VALUE USR-Event-Id D-Channel-In-Service 75 +VALUE USR-Event-Id D-Channel-Out-of-Service 76 +VALUE USR-Event-Id DS0s-In-Service 77 +VALUE USR-Event-Id DS0s-Out-of-Service 78 +VALUE USR-Event-Id T1/T1PRI/E1PRI-Call-Event 79 +VALUE USR-Event-Id Psu-Incompatible 80 +VALUE USR-Event-Id T1,T1-E1/PRI-Call-Arrive-Event 81 +VALUE USR-Event-Id T1,T1-E1/PRI-Call-Connect-Event 82 +VALUE USR-Event-Id T1,T1-E1/PRI-Call-Termina-Event 83 +VALUE USR-Event-Id T1,T1-E1/PRI-Call-Failed-Event 84 +VALUE USR-Event-Id DNS-Contact-Lost 85 +VALUE USR-Event-Id NTP-Contact-Lost 86 +VALUE USR-Event-Id NTP-Contact-Restored 87 +VALUE USR-Event-Id IPGW-Link-Up 88 +VALUE USR-Event-Id IPGW-Link-Down 89 +VALUE USR-Event-Id NTP-Contact-Degraded 90 +VALUE USR-Event-Id In-Connection-Failed 91 +VALUE USR-Event-Id Out-Connection-Failed 92 +VALUE USR-Event-Id Application-ProcessorReset 93 +VALUE USR-Event-Id DSP-Reset 94 +VALUE USR-Event-Id Changed-to-Maint-Srvs-State 95 +VALUE USR-Event-Id Loop-Back-cleared-on-channel 96 +VALUE USR-Event-Id Loop-Back-on-channel 97 +VALUE USR-Event-Id Telco-Abnormal-Response 98 +VALUE USR-Event-Id DNS-Contact-Restored 99 +VALUE USR-Event-Id DNS-Contact-Degraded 100 +VALUE USR-Event-Id RADIUS-Accounting-Restored 101 +VALUE USR-Event-Id RADIUS-Accounting-Group-Restore 102 +VALUE USR-Event-Id RADIUS-Accounting-Group-Degrade 103 +VALUE USR-Event-Id RADIUS-Accounting-Group-NonOper 104 +VALUE USR-Event-Id T1/T1-E1/PRI-InCall-Fail-Event 119 +VALUE USR-Event-Id T1/T1-E1/PRI-OutCall-Fail-Event 120 +VALUE USR-Event-Id RMMIE-Retrain-Event 121 +VALUE USR-Event-Id RMMIE-Speed-Shift-Event 122 +VALUE USR-Event-Id CDMA-Call-Start 191 +VALUE USR-Event-Id CDMA-Call-End 192 + +VALUE USR-Card-Type SlotEmpty 1 +VALUE USR-Card-Type SlotUnknown 2 +VALUE USR-Card-Type NetwMgtCard 3 +VALUE USR-Card-Type DualT1NAC 4 +VALUE USR-Card-Type DualModemNAC 5 +VALUE USR-Card-Type QuadModemNAC 6 +VALUE USR-Card-Type TrGatewayNAC 7 +VALUE USR-Card-Type X25GatewayNAC 8 +VALUE USR-Card-Type DualV34ModemNAC 9 +VALUE USR-Card-Type QuadV32DigitalModemNAC 10 +VALUE USR-Card-Type QuadV32AnalogModemNAC 11 +VALUE USR-Card-Type QuadV32DigAnlModemNAC 12 +VALUE USR-Card-Type QuadV34DigModemNAC 13 +VALUE USR-Card-Type QuadV34AnlModemNAC 14 +VALUE USR-Card-Type QuadV34DigAnlModemNAC 15 +VALUE USR-Card-Type SingleT1NAC 16 +VALUE USR-Card-Type EthernetGatewayNAC 17 +VALUE USR-Card-Type AccessServer 18 +VALUE USR-Card-Type 486TrGatewayNAC 19 +VALUE USR-Card-Type 486EthernetGatewayNAC 20 +VALUE USR-Card-Type DualRS232NAC 22 +VALUE USR-Card-Type 486X25GatewayNAC 23 +VALUE USR-Card-Type ApplicationServerNAC 25 +VALUE USR-Card-Type ISDNGatewayNAC 26 +VALUE USR-Card-Type ISDNpriT1NAC 27 +VALUE USR-Card-Type ClkedNetMgtCard 28 +VALUE USR-Card-Type ModemPoolManagementNAC 29 +VALUE USR-Card-Type ModemPoolNetserverNAC 30 +VALUE USR-Card-Type ModemPoolV34ModemNAC 31 +VALUE USR-Card-Type ModemPoolISDNNAC 32 +VALUE USR-Card-Type NTServerNAC 33 +VALUE USR-Card-Type QuadV34DigitalG2NAC 34 +VALUE USR-Card-Type QuadV34AnalogG2NAC 35 +VALUE USR-Card-Type QuadV34DigAnlgG2NAC 36 +VALUE USR-Card-Type NETServerFrameRelayNAC 37 +VALUE USR-Card-Type NETServerTokenRingNAC 38 +VALUE USR-Card-Type X2524ChannelNAC 39 +VALUE USR-Card-Type WirelessGatewayNac 42 + +VALUE USR-Card-Type EnhancedAccessServer 44 +VALUE USR-Card-Type EnhancedISDNGatewayNAC 45 + +VALUE USR-Card-Type DualT1NIC 1001 +VALUE USR-Card-Type DualAlogMdmNIC 1002 +VALUE USR-Card-Type QuadDgtlMdmNIC 1003 +VALUE USR-Card-Type QuadAlogDgtlMdmNIC 1004 +VALUE USR-Card-Type TokenRingNIC 1005 +VALUE USR-Card-Type SingleT1NIC 1006 +VALUE USR-Card-Type EthernetNIC 1007 +VALUE USR-Card-Type ShortHaulDualT1NIC 1008 +VALUE USR-Card-Type DualAlogMgdIntlMdmNIC 1009 +VALUE USR-Card-Type X25NIC 1010 +VALUE USR-Card-Type QuadAlogNonMgdMdmNIC 1011 +VALUE USR-Card-Type QuadAlogMgdIntlMdmNIC 1012 +VALUE USR-Card-Type QuadAlogNonMgdIntlMdmNIC 1013 +VALUE USR-Card-Type QuadLsdLiMgdMdmNIC 1014 +VALUE USR-Card-Type QuadLsdLiNonMgdMdmNIC 1015 +VALUE USR-Card-Type QuadLsdLiMgdIntlMdmNIC 1016 +VALUE USR-Card-Type QuadLsdLiNonMgdIntlMdmNIC 1017 +VALUE USR-Card-Type HSEthernetWithV35NIC 1018 +VALUE USR-Card-Type HSEthernetWithoutV35NIC 1019 +VALUE USR-Card-Type DualHighSpeedV35NIC 1020 +VALUE USR-Card-Type QuadV35RS232LowSpeedNIC 1021 +VALUE USR-Card-Type DualE1NIC 1022 +VALUE USR-Card-Type ShortHaulDualE1NIC 1023 +VALUE USR-Card-Type BellcoreLongHaulDualT1NIC 1025 +VALUE USR-Card-Type BellcoreShrtHaulDualT1NIC 1026 +VALUE USR-Card-Type SCSIEdgeServerNIC 1027 + +VALUE USR-Default-DTE-Data-Rate 110-BPS 1 +VALUE USR-Default-DTE-Data-Rate 300-BPS 2 +VALUE USR-Default-DTE-Data-Rate 600-BPS 3 +VALUE USR-Default-DTE-Data-Rate 1200-BPS 4 +VALUE USR-Default-DTE-Data-Rate 2400-BPS 5 +VALUE USR-Default-DTE-Data-Rate 4800-BPS 6 +VALUE USR-Default-DTE-Data-Rate 7200-BPS 7 +VALUE USR-Default-DTE-Data-Rate 9600-BPS 8 +VALUE USR-Default-DTE-Data-Rate 12K-BPS 9 +VALUE USR-Default-DTE-Data-Rate 14.4K-BPS 10 +VALUE USR-Default-DTE-Data-Rate 16.8-BPS 11 +VALUE USR-Default-DTE-Data-Rate 19.2K-BPS 12 +VALUE USR-Default-DTE-Data-Rate 38.4K-BPS 13 +VALUE USR-Default-DTE-Data-Rate 75-BPS 14 +VALUE USR-Default-DTE-Data-Rate 450-BPS 15 +VALUE USR-Default-DTE-Data-Rate UNKNOWN-BPS 16 +VALUE USR-Default-DTE-Data-Rate 57.6K-BPS 17 +VALUE USR-Default-DTE-Data-Rate 21.6K-BPS 18 +VALUE USR-Default-DTE-Data-Rate 24K-BPS 19 +VALUE USR-Default-DTE-Data-Rate 26K-BPS 20 +VALUE USR-Default-DTE-Data-Rate 28K-BPS 21 +VALUE USR-Default-DTE-Data-Rate 115K-BPS 22 + +VALUE USR-Initial-Rx-Link-Data-Rate 110-BPS 1 +VALUE USR-Initial-Rx-Link-Data-Rate 300-BPS 2 +VALUE USR-Initial-Rx-Link-Data-Rate 600-BPS 3 +VALUE USR-Initial-Rx-Link-Data-Rate 1200-BPS 4 +VALUE USR-Initial-Rx-Link-Data-Rate 2400-BPS 5 +VALUE USR-Initial-Rx-Link-Data-Rate 4800-BPS 6 +VALUE USR-Initial-Rx-Link-Data-Rate 7200-BPS 7 +VALUE USR-Initial-Rx-Link-Data-Rate 9600-BPS 8 +VALUE USR-Initial-Rx-Link-Data-Rate 12000-BPS 9 +VALUE USR-Initial-Rx-Link-Data-Rate 14400-BPS 10 +VALUE USR-Initial-Rx-Link-Data-Rate 16800-BPS 11 +VALUE USR-Initial-Rx-Link-Data-Rate 19200-BPS 12 +VALUE USR-Initial-Rx-Link-Data-Rate 38400-BPS 13 +VALUE USR-Initial-Rx-Link-Data-Rate 75-BPS 14 +VALUE USR-Initial-Rx-Link-Data-Rate 450-BPS 15 +VALUE USR-Initial-Rx-Link-Data-Rate UNKNOWN-BPS 16 +VALUE USR-Initial-Rx-Link-Data-Rate 57600-BPS 17 +VALUE USR-Initial-Rx-Link-Data-Rate 21600-BPS 18 +VALUE USR-Initial-Rx-Link-Data-Rate 24000-BPS 19 +VALUE USR-Initial-Rx-Link-Data-Rate 26400-BPS 20 +VALUE USR-Initial-Rx-Link-Data-Rate 28800-BPS 21 +VALUE USR-Initial-Rx-Link-Data-Rate 115200-BPS 22 +VALUE USR-Initial-Rx-Link-Data-Rate 31200-BPS 23 +VALUE USR-Initial-Rx-Link-Data-Rate 33600-BPS 24 +VALUE USR-Initial-Rx-Link-Data-Rate 25333-BPS 25 +VALUE USR-Initial-Rx-Link-Data-Rate 26666-BPS 26 +VALUE USR-Initial-Rx-Link-Data-Rate 28000-BPS 27 +VALUE USR-Initial-Rx-Link-Data-Rate 29333-BPS 28 +VALUE USR-Initial-Rx-Link-Data-Rate 30666-BPS 29 +VALUE USR-Initial-Rx-Link-Data-Rate 32000-BPS 30 +VALUE USR-Initial-Rx-Link-Data-Rate 33333-BPS 31 +VALUE USR-Initial-Rx-Link-Data-Rate 34666-BPS 32 +VALUE USR-Initial-Rx-Link-Data-Rate 36000-BPS 33 +VALUE USR-Initial-Rx-Link-Data-Rate 37333-BPS 34 +VALUE USR-Initial-Rx-Link-Data-Rate 38666-BPS 35 +VALUE USR-Initial-Rx-Link-Data-Rate 40000-BPS 36 +VALUE USR-Initial-Rx-Link-Data-Rate 41333-BPS 37 +VALUE USR-Initial-Rx-Link-Data-Rate 42666-BPS 38 +VALUE USR-Initial-Rx-Link-Data-Rate 44000-BPS 39 +VALUE USR-Initial-Rx-Link-Data-Rate 45333-BPS 40 +VALUE USR-Initial-Rx-Link-Data-Rate 46666-BPS 41 +VALUE USR-Initial-Rx-Link-Data-Rate 48000-BPS 42 +VALUE USR-Initial-Rx-Link-Data-Rate 49333-BPS 43 +VALUE USR-Initial-Rx-Link-Data-Rate 50666-BPS 44 +VALUE USR-Initial-Rx-Link-Data-Rate 52000-BPS 45 +VALUE USR-Initial-Rx-Link-Data-Rate 53333-BPS 46 +VALUE USR-Initial-Rx-Link-Data-Rate 54666-BPS 47 +VALUE USR-Initial-Rx-Link-Data-Rate 56000-BPS 48 +VALUE USR-Initial-Rx-Link-Data-Rate 57333-BPS 49 +VALUE USR-Initial-Rx-Link-Data-Rate 58666-BPS 50 +VALUE USR-Initial-Rx-Link-Data-Rate 60000-BPS 51 +VALUE USR-Initial-Rx-Link-Data-Rate 61333-BPS 52 +VALUE USR-Initial-Rx-Link-Data-Rate 62666-BPS 53 +VALUE USR-Initial-Rx-Link-Data-Rate 64000-BPS 54 + +VALUE USR-Final-Rx-Link-Data-Rate 110-BPS 1 +VALUE USR-Final-Rx-Link-Data-Rate 300-BPS 2 +VALUE USR-Final-Rx-Link-Data-Rate 600-BPS 3 +VALUE USR-Final-Rx-Link-Data-Rate 1200-BPS 4 +VALUE USR-Final-Rx-Link-Data-Rate 2400-BPS 5 +VALUE USR-Final-Rx-Link-Data-Rate 4800-BPS 6 +VALUE USR-Final-Rx-Link-Data-Rate 7200-BPS 7 +VALUE USR-Final-Rx-Link-Data-Rate 9600-BPS 8 +VALUE USR-Final-Rx-Link-Data-Rate 12000-BPS 9 +VALUE USR-Final-Rx-Link-Data-Rate 14400-BPS 10 +VALUE USR-Final-Rx-Link-Data-Rate 16800-BPS 11 +VALUE USR-Final-Rx-Link-Data-Rate 19200-BPS 12 +VALUE USR-Final-Rx-Link-Data-Rate 38400-BPS 13 +VALUE USR-Final-Rx-Link-Data-Rate 75-BPS 14 +VALUE USR-Final-Rx-Link-Data-Rate 450-BPS 15 +VALUE USR-Final-Rx-Link-Data-Rate UNKNOWN-BPS 16 +VALUE USR-Final-Rx-Link-Data-Rate 57600-BPS 17 +VALUE USR-Final-Rx-Link-Data-Rate 21600-BPS 18 +VALUE USR-Final-Rx-Link-Data-Rate 24000-BPS 19 +VALUE USR-Final-Rx-Link-Data-Rate 26400-BPS 20 +VALUE USR-Final-Rx-Link-Data-Rate 28800-BPS 21 +VALUE USR-Final-Rx-Link-Data-Rate 115200-BPS 22 +VALUE USR-Final-Rx-Link-Data-Rate 31200-BPS 23 +VALUE USR-Final-Rx-Link-Data-Rate 33600-BPS 24 +VALUE USR-Final-Rx-Link-Data-Rate 25333-BPS 25 +VALUE USR-Final-Rx-Link-Data-Rate 26666-BPS 26 +VALUE USR-Final-Rx-Link-Data-Rate 28000-BPS 27 +VALUE USR-Final-Rx-Link-Data-Rate 29333-BPS 28 +VALUE USR-Final-Rx-Link-Data-Rate 30666-BPS 29 +VALUE USR-Final-Rx-Link-Data-Rate 32000-BPS 30 +VALUE USR-Final-Rx-Link-Data-Rate 33333-BPS 31 +VALUE USR-Final-Rx-Link-Data-Rate 34666-BPS 32 +VALUE USR-Final-Rx-Link-Data-Rate 36000-BPS 33 +VALUE USR-Final-Rx-Link-Data-Rate 37333-BPS 34 +VALUE USR-Final-Rx-Link-Data-Rate 38666-BPS 35 +VALUE USR-Final-Rx-Link-Data-Rate 40000-BPS 36 +VALUE USR-Final-Rx-Link-Data-Rate 41333-BPS 37 +VALUE USR-Final-Rx-Link-Data-Rate 42666-BPS 38 +VALUE USR-Final-Rx-Link-Data-Rate 44000-BPS 39 +VALUE USR-Final-Rx-Link-Data-Rate 45333-BPS 40 +VALUE USR-Final-Rx-Link-Data-Rate 46666-BPS 41 +VALUE USR-Final-Rx-Link-Data-Rate 48000-BPS 42 +VALUE USR-Final-Rx-Link-Data-Rate 49333-BPS 43 +VALUE USR-Final-Rx-Link-Data-Rate 50666-BPS 44 +VALUE USR-Final-Rx-Link-Data-Rate 52000-BPS 45 +VALUE USR-Final-Rx-Link-Data-Rate 53333-BPS 46 +VALUE USR-Final-Rx-Link-Data-Rate 54666-BPS 47 +VALUE USR-Final-Rx-Link-Data-Rate 56000-BPS 48 +VALUE USR-Final-Rx-Link-Data-Rate 57333-BPS 49 +VALUE USR-Final-Rx-Link-Data-Rate 58666-BPS 50 +VALUE USR-Final-Rx-Link-Data-Rate 60000-BPS 51 +VALUE USR-Final-Rx-Link-Data-Rate 61333-BPS 52 +VALUE USR-Final-Rx-Link-Data-Rate 62666-BPS 53 +VALUE USR-Final-Rx-Link-Data-Rate 64000-BPS 54 + +VALUE USR-Initial-Tx-Link-Data-Rate 110-BPS 1 +VALUE USR-Initial-Tx-Link-Data-Rate 300-BPS 2 +VALUE USR-Initial-Tx-Link-Data-Rate 600-BPS 3 +VALUE USR-Initial-Tx-Link-Data-Rate 1200-BPS 4 +VALUE USR-Initial-Tx-Link-Data-Rate 2400-BPS 5 +VALUE USR-Initial-Tx-Link-Data-Rate 4800-BPS 6 +VALUE USR-Initial-Tx-Link-Data-Rate 7200-BPS 7 +VALUE USR-Initial-Tx-Link-Data-Rate 9600-BPS 8 +VALUE USR-Initial-Tx-Link-Data-Rate 12000-BPS 9 +VALUE USR-Initial-Tx-Link-Data-Rate 14400-BPS 10 +VALUE USR-Initial-Tx-Link-Data-Rate 16800-BPS 11 +VALUE USR-Initial-Tx-Link-Data-Rate 19200-BPS 12 +VALUE USR-Initial-Tx-Link-Data-Rate 38400-BPS 13 +VALUE USR-Initial-Tx-Link-Data-Rate 75-BPS 14 +VALUE USR-Initial-Tx-Link-Data-Rate 450-BPS 15 +VALUE USR-Initial-Tx-Link-Data-Rate UNKNOWN-BPS 16 +VALUE USR-Initial-Tx-Link-Data-Rate 57600-BPS 17 +VALUE USR-Initial-Tx-Link-Data-Rate 21600-BPS 18 +VALUE USR-Initial-Tx-Link-Data-Rate 24000-BPS 19 +VALUE USR-Initial-Tx-Link-Data-Rate 26400-BPS 20 +VALUE USR-Initial-Tx-Link-Data-Rate 28800-BPS 21 +VALUE USR-Initial-Tx-Link-Data-Rate 115200-BPS 22 +VALUE USR-Initial-Tx-Link-Data-Rate 31200-BPS 23 +VALUE USR-Initial-Tx-Link-Data-Rate 33600-BPS 24 +VALUE USR-Initial-Tx-Link-Data-Rate 25333-BPS 25 +VALUE USR-Initial-Tx-Link-Data-Rate 26666-BPS 26 +VALUE USR-Initial-Tx-Link-Data-Rate 28000-BPS 27 +VALUE USR-Initial-Tx-Link-Data-Rate 29333-BPS 28 +VALUE USR-Initial-Tx-Link-Data-Rate 30666-BPS 29 +VALUE USR-Initial-Tx-Link-Data-Rate 32000-BPS 30 +VALUE USR-Initial-Tx-Link-Data-Rate 33333-BPS 31 +VALUE USR-Initial-Tx-Link-Data-Rate 34666-BPS 32 +VALUE USR-Initial-Tx-Link-Data-Rate 36000-BPS 33 +VALUE USR-Initial-Tx-Link-Data-Rate 37333-BPS 34 +VALUE USR-Initial-Tx-Link-Data-Rate 38666-BPS 35 +VALUE USR-Initial-Tx-Link-Data-Rate 40000-BPS 36 +VALUE USR-Initial-Tx-Link-Data-Rate 41333-BPS 37 +VALUE USR-Initial-Tx-Link-Data-Rate 42666-BPS 38 +VALUE USR-Initial-Tx-Link-Data-Rate 44000-BPS 39 +VALUE USR-Initial-Tx-Link-Data-Rate 45333-BPS 40 +VALUE USR-Initial-Tx-Link-Data-Rate 46666-BPS 41 +VALUE USR-Initial-Tx-Link-Data-Rate 48000-BPS 42 +VALUE USR-Initial-Tx-Link-Data-Rate 49333-BPS 43 +VALUE USR-Initial-Tx-Link-Data-Rate 50666-BPS 44 +VALUE USR-Initial-Tx-Link-Data-Rate 52000-BPS 45 +VALUE USR-Initial-Tx-Link-Data-Rate 53333-BPS 46 +VALUE USR-Initial-Tx-Link-Data-Rate 54666-BPS 47 +VALUE USR-Initial-Tx-Link-Data-Rate 56000-BPS 48 +VALUE USR-Initial-Tx-Link-Data-Rate 57333-BPS 49 +VALUE USR-Initial-Tx-Link-Data-Rate 58666-BPS 50 +VALUE USR-Initial-Tx-Link-Data-Rate 60000-BPS 51 +VALUE USR-Initial-Tx-Link-Data-Rate 61333-BPS 52 +VALUE USR-Initial-Tx-Link-Data-Rate 62666-BPS 53 +VALUE USR-Initial-Tx-Link-Data-Rate 64000-BPS 54 + +VALUE USR-Final-Tx-Link-Data-Rate 110-BPS 1 +VALUE USR-Final-Tx-Link-Data-Rate 300-BPS 2 +VALUE USR-Final-Tx-Link-Data-Rate 600-BPS 3 +VALUE USR-Final-Tx-Link-Data-Rate 1200-BPS 4 +VALUE USR-Final-Tx-Link-Data-Rate 2400-BPS 5 +VALUE USR-Final-Tx-Link-Data-Rate 4800-BPS 6 +VALUE USR-Final-Tx-Link-Data-Rate 7200-BPS 7 +VALUE USR-Final-Tx-Link-Data-Rate 9600-BPS 8 +VALUE USR-Final-Tx-Link-Data-Rate 12000-BPS 9 +VALUE USR-Final-Tx-Link-Data-Rate 14400-BPS 10 +VALUE USR-Final-Tx-Link-Data-Rate 16800-BPS 11 +VALUE USR-Final-Tx-Link-Data-Rate 19200-BPS 12 +VALUE USR-Final-Tx-Link-Data-Rate 38400-BPS 13 +VALUE USR-Final-Tx-Link-Data-Rate 75-BPS 14 +VALUE USR-Final-Tx-Link-Data-Rate 450-BPS 15 +VALUE USR-Final-Tx-Link-Data-Rate UNKNOWN-BPS 16 +VALUE USR-Final-Tx-Link-Data-Rate 57600-BPS 17 +VALUE USR-Final-Tx-Link-Data-Rate 21600-BPS 18 +VALUE USR-Final-Tx-Link-Data-Rate 24000-BPS 19 +VALUE USR-Final-Tx-Link-Data-Rate 26400-BPS 20 +VALUE USR-Final-Tx-Link-Data-Rate 28800-BPS 21 +VALUE USR-Final-Tx-Link-Data-Rate 115200-BPS 22 +VALUE USR-Final-Tx-Link-Data-Rate 31200-BPS 23 +VALUE USR-Final-Tx-Link-Data-Rate 33600-BPS 24 +VALUE USR-Final-Tx-Link-Data-Rate 25333-BPS 25 +VALUE USR-Final-Tx-Link-Data-Rate 26666-BPS 26 +VALUE USR-Final-Tx-Link-Data-Rate 28000-BPS 27 +VALUE USR-Final-Tx-Link-Data-Rate 29333-BPS 28 +VALUE USR-Final-Tx-Link-Data-Rate 30666-BPS 29 +VALUE USR-Final-Tx-Link-Data-Rate 32000-BPS 30 +VALUE USR-Final-Tx-Link-Data-Rate 33333-BPS 31 +VALUE USR-Final-Tx-Link-Data-Rate 34666-BPS 32 +VALUE USR-Final-Tx-Link-Data-Rate 36000-BPS 33 +VALUE USR-Final-Tx-Link-Data-Rate 37333-BPS 34 +VALUE USR-Final-Tx-Link-Data-Rate 38666-BPS 35 +VALUE USR-Final-Tx-Link-Data-Rate 40000-BPS 36 +VALUE USR-Final-Tx-Link-Data-Rate 41333-BPS 37 +VALUE USR-Final-Tx-Link-Data-Rate 42666-BPS 38 +VALUE USR-Final-Tx-Link-Data-Rate 44000-BPS 39 +VALUE USR-Final-Tx-Link-Data-Rate 45333-BPS 40 +VALUE USR-Final-Tx-Link-Data-Rate 46666-BPS 41 +VALUE USR-Final-Tx-Link-Data-Rate 48000-BPS 42 +VALUE USR-Final-Tx-Link-Data-Rate 49333-BPS 43 +VALUE USR-Final-Tx-Link-Data-Rate 50666-BPS 44 +VALUE USR-Final-Tx-Link-Data-Rate 52000-BPS 45 +VALUE USR-Final-Tx-Link-Data-Rate 53333-BPS 46 +VALUE USR-Final-Tx-Link-Data-Rate 54666-BPS 47 +VALUE USR-Final-Tx-Link-Data-Rate 56000-BPS 48 +VALUE USR-Final-Tx-Link-Data-Rate 57333-BPS 49 +VALUE USR-Final-Tx-Link-Data-Rate 58666-BPS 50 +VALUE USR-Final-Tx-Link-Data-Rate 60000-BPS 51 +VALUE USR-Final-Tx-Link-Data-Rate 61333-BPS 52 +VALUE USR-Final-Tx-Link-Data-Rate 62666-BPS 53 +VALUE USR-Final-Tx-Link-Data-Rate 64000-BPS 54 + +VALUE USR-Connect-Speed NONE 1 +VALUE USR-Connect-Speed 300-BPS 2 +VALUE USR-Connect-Speed 1200-BPS 3 +VALUE USR-Connect-Speed 2400-BPS 4 +VALUE USR-Connect-Speed 4800-BPS 5 +VALUE USR-Connect-Speed 7200-BPS 6 +VALUE USR-Connect-Speed 9600-BPS 7 +VALUE USR-Connect-Speed 12000-BPS 8 +VALUE USR-Connect-Speed 14400-BPS 9 +VALUE USR-Connect-Speed 16800-BPS 10 +VALUE USR-Connect-Speed 19200-BPS 11 +VALUE USR-Connect-Speed 21600-BPS 12 +VALUE USR-Connect-Speed 28800-BPS 13 +VALUE USR-Connect-Speed 38400-BPS 14 +VALUE USR-Connect-Speed 57600-BPS 15 +VALUE USR-Connect-Speed 115200-BPS 16 +VALUE USR-Connect-Speed 288000-BPS 17 +VALUE USR-Connect-Speed 75-1200-BPS 18 +VALUE USR-Connect-Speed 1200-75-BPS 19 +VALUE USR-Connect-Speed 24000-BPS 20 +VALUE USR-Connect-Speed 26400-BPS 21 +VALUE USR-Connect-Speed 31200-BPS 22 +VALUE USR-Connect-Speed 33600-BPS 23 +VALUE USR-Connect-Speed 33333-BPS 24 +VALUE USR-Connect-Speed 37333-BPS 25 +VALUE USR-Connect-Speed 41333-BPS 26 +VALUE USR-Connect-Speed 42666-BPS 27 +VALUE USR-Connect-Speed 44000-BPS 28 +VALUE USR-Connect-Speed 45333-BPS 29 +VALUE USR-Connect-Speed 46666-BPS 30 +VALUE USR-Connect-Speed 48000-BPS 31 +VALUE USR-Connect-Speed 49333-BPS 32 +VALUE USR-Connect-Speed 50666-BPS 33 +VALUE USR-Connect-Speed 52000-BPS 34 +VALUE USR-Connect-Speed 53333-BPS 35 +VALUE USR-Connect-Speed 54666-BPS 36 +VALUE USR-Connect-Speed 56000-BPS 37 +VALUE USR-Connect-Speed 57333-BPS 38 +VALUE USR-Connect-Speed 64000-BPS 39 +VALUE USR-Connect-Speed 25333-BPS 40 +VALUE USR-Connect-Speed 26666-BPS 41 +VALUE USR-Connect-Speed 28000-BPS 42 +VALUE USR-Connect-Speed 29333-BPS 43 +VALUE USR-Connect-Speed 30666-BPS 44 +VALUE USR-Connect-Speed 32000-BPS 45 +VALUE USR-Connect-Speed 34666-BPS 46 +VALUE USR-Connect-Speed 36000-BPS 47 +VALUE USR-Connect-Speed 38666-BPS 48 +VALUE USR-Connect-Speed 40000-BPS 49 +VALUE USR-Connect-Speed 58666-BPS 50 +VALUE USR-Connect-Speed 60000-BPS 51 +VALUE USR-Connect-Speed 61333-BPS 52 +VALUE USR-Connect-Speed 62666-BPS 53 + +VALUE USR-Sync-Async-Mode Asynchronous 1 +VALUE USR-Sync-Async-Mode Synchronous 2 + +VALUE USR-Originate-Answer-Mode Originate_in_Originate_Mode 1 +VALUE USR-Originate-Answer-Mode Originate_in_Answer_Mode 2 +VALUE USR-Originate-Answer-Mode Answer_in_Originate_Mode 3 +VALUE USR-Originate-Answer-Mode Answer_in_Answer_Mode 4 + +VALUE USR-Modulation-Type usRoboticsHST 1 +VALUE USR-Modulation-Type ccittV32 2 +VALUE USR-Modulation-Type ccittV22bis 3 +VALUE USR-Modulation-Type bell103 4 +VALUE USR-Modulation-Type ccittV21 5 +VALUE USR-Modulation-Type bell212 6 +VALUE USR-Modulation-Type ccittV32bis 7 +VALUE USR-Modulation-Type ccittV23 8 +VALUE USR-Modulation-Type negotiationFailed 9 +VALUE USR-Modulation-Type bell208b 10 +VALUE USR-Modulation-Type v21FaxClass1 11 +VALUE USR-Modulation-Type v27FaxClass1 12 +VALUE USR-Modulation-Type v29FaxClass1 13 +VALUE USR-Modulation-Type v17FaxClass1 14 +VALUE USR-Modulation-Type v21FaxClass2 15 +VALUE USR-Modulation-Type v27FaxClass2 16 +VALUE USR-Modulation-Type v29FaxClass2 17 +VALUE USR-Modulation-Type v17FaxClass2 18 +VALUE USR-Modulation-Type v32Terbo 19 +VALUE USR-Modulation-Type v34 20 +VALUE USR-Modulation-Type vFC 21 +VALUE USR-Modulation-Type v34plus 22 +VALUE USR-Modulation-Type x2 23 +VALUE USR-Modulation-Type v110 24 +VALUE USR-Modulation-Type v120 25 +VALUE USR-Modulation-Type x75 26 +VALUE USR-Modulation-Type asyncSyncPPP 27 +VALUE USR-Modulation-Type clearChannel 28 +VALUE USR-Modulation-Type x2client 29 +VALUE USR-Modulation-Type x2symmetric 30 +VALUE USR-Modulation-Type piafs 31 +VALUE USR-Modulation-Type x2version2 32 +VALUE USR-Modulation-Type v90Analog 33 +VALUE USR-Modulation-Type v90Digital 34 +VALUE USR-Modulation-Type v90AllDigital 35 + +VALUE Initial-Modulation-Type usRoboticsHST 1 +VALUE Initial-Modulation-Type ccittV32 2 +VALUE Initial-Modulation-Type ccittV22bis 3 +VALUE Initial-Modulation-Type bell103 4 +VALUE Initial-Modulation-Type ccittV21 5 +VALUE Initial-Modulation-Type bell212 6 +VALUE Initial-Modulation-Type ccittV32bis 7 +VALUE Initial-Modulation-Type ccittV23 8 +VALUE Initial-Modulation-Type negotiationFailed 9 +VALUE Initial-Modulation-Type bell208b 10 +VALUE Initial-Modulation-Type v21FaxClass1 11 +VALUE Initial-Modulation-Type v27FaxClass1 12 +VALUE Initial-Modulation-Type v29FaxClass1 13 +VALUE Initial-Modulation-Type v17FaxClass1 14 +VALUE Initial-Modulation-Type v21FaxClass2 15 +VALUE Initial-Modulation-Type v27FaxClass2 16 +VALUE Initial-Modulation-Type v29FaxClass2 17 +VALUE Initial-Modulation-Type v17FaxClass2 18 +VALUE Initial-Modulation-Type v32Terbo 19 +VALUE Initial-Modulation-Type v34 20 +VALUE Initial-Modulation-Type vFC 21 +VALUE Initial-Modulation-Type v34plus 22 +VALUE Initial-Modulation-Type x2 23 +VALUE Initial-Modulation-Type v110 24 +VALUE Initial-Modulation-Type v120 25 +VALUE Initial-Modulation-Type x75 26 +VALUE Initial-Modulation-Type asyncSyncPPP 27 +VALUE Initial-Modulation-Type clearChannel 28 +VALUE Initial-Modulation-Type x2client 29 +VALUE Initial-Modulation-Type x2symmetric 30 +VALUE Initial-Modulation-Type piafs 31 +VALUE Initial-Modulation-Type x2version2 32 +VALUE Initial-Modulation-Type v90Analogue 33 +VALUE Initial-Modulation-Type v90Digital 34 +VALUE Initial-Modulation-Type v90AllDigital 35 + +VALUE USR-Connect-Term-Reason dtrDrop 1 +VALUE USR-Connect-Term-Reason escapeSequence 2 +VALUE USR-Connect-Term-Reason athCommand 3 +VALUE USR-Connect-Term-Reason carrierLoss 4 +VALUE USR-Connect-Term-Reason inactivityTimout 5 +VALUE USR-Connect-Term-Reason mnpIncompatible 6 +VALUE USR-Connect-Term-Reason undefined 7 +VALUE USR-Connect-Term-Reason remotePassword 8 +VALUE USR-Connect-Term-Reason linkPassword 9 +VALUE USR-Connect-Term-Reason retransmitLimit 10 +VALUE USR-Connect-Term-Reason linkDisconnectMsgReceived 11 +VALUE USR-Connect-Term-Reason noLoopCurrent 12 +VALUE USR-Connect-Term-Reason invalidSpeed 13 +VALUE USR-Connect-Term-Reason unableToRetrain 14 +VALUE USR-Connect-Term-Reason managementCommand 15 +VALUE USR-Connect-Term-Reason noDialTone 16 +VALUE USR-Connect-Term-Reason keyAbort 17 +VALUE USR-Connect-Term-Reason lineBusy 18 +VALUE USR-Connect-Term-Reason noAnswer 19 +VALUE USR-Connect-Term-Reason voice 20 +VALUE USR-Connect-Term-Reason noAnswerTone 21 +VALUE USR-Connect-Term-Reason noCarrier 22 +VALUE USR-Connect-Term-Reason undetermined 23 +VALUE USR-Connect-Term-Reason v42SabmeTimeout 24 +VALUE USR-Connect-Term-Reason v42BreakTimeout 25 +VALUE USR-Connect-Term-Reason v42DisconnectCmd 26 +VALUE USR-Connect-Term-Reason v42IdExchangeFail 27 +VALUE USR-Connect-Term-Reason v42BadSetup 28 +VALUE USR-Connect-Term-Reason v42InvalidCodeWord 29 +VALUE USR-Connect-Term-Reason v42StringToLong 30 +VALUE USR-Connect-Term-Reason v42InvalidCommand 31 +VALUE USR-Connect-Term-Reason none 32 +VALUE USR-Connect-Term-Reason v32Cleardown 33 +VALUE USR-Connect-Term-Reason dialSecurity 34 +VALUE USR-Connect-Term-Reason remoteAccessDenied 35 +VALUE USR-Connect-Term-Reason loopLoss 36 +VALUE USR-Connect-Term-Reason ds0Teardown 37 +VALUE USR-Connect-Term-Reason promptNotEnabled 38 +VALUE USR-Connect-Term-Reason noPromptingInSync 39 +VALUE USR-Connect-Term-Reason nonArqMode 40 +VALUE USR-Connect-Term-Reason modeIncompatible 41 +VALUE USR-Connect-Term-Reason noPromptInNonARQ 42 +VALUE USR-Connect-Term-Reason dialBackLink 43 +VALUE USR-Connect-Term-Reason linkAbort 44 +VALUE USR-Connect-Term-Reason autopassFailed 45 +VALUE USR-Connect-Term-Reason pbGenericError 46 +VALUE USR-Connect-Term-Reason pbLinkErrTxPreAck 47 +VALUE USR-Connect-Term-Reason pbLinkErrTxTardyACK 48 +VALUE USR-Connect-Term-Reason pbTransmitBusTimeout 49 +VALUE USR-Connect-Term-Reason pbReceiveBusTimeout 50 +VALUE USR-Connect-Term-Reason pbLinkErrTxTAL 51 +VALUE USR-Connect-Term-Reason pbLinkErrRxTAL 52 +VALUE USR-Connect-Term-Reason pbTransmitMasterTimeout 53 +VALUE USR-Connect-Term-Reason pbClockMissing 54 +VALUE USR-Connect-Term-Reason pbReceivedLsWhileLinkUp 55 +VALUE USR-Connect-Term-Reason pbOutOfSequenceFrame 56 +VALUE USR-Connect-Term-Reason pbBadFrame 57 +VALUE USR-Connect-Term-Reason pbAckWaitTimeout 58 +VALUE USR-Connect-Term-Reason pbReceivedAckSeqErr 59 +VALUE USR-Connect-Term-Reason pbReceiveOvrflwRNRFail 60 +VALUE USR-Connect-Term-Reason pbReceiveMsgBufOvrflw 61 +VALUE USR-Connect-Term-Reason rcvdGatewayDiscCmd 62 +VALUE USR-Connect-Term-Reason tokenPassingTimeout 63 +VALUE USR-Connect-Term-Reason dspInterruptTimeout 64 +VALUE USR-Connect-Term-Reason mnpProtocolViolation 65 +VALUE USR-Connect-Term-Reason class2FaxHangupCmd 66 +VALUE USR-Connect-Term-Reason hstSpeedSwitchTimeout 67 +VALUE USR-Connect-Term-Reason tooManyUnacked 68 +VALUE USR-Connect-Term-Reason timerExpired 69 +VALUE USR-Connect-Term-Reason t1Glare 70 +VALUE USR-Connect-Term-Reason priDialoutRqTimeout 71 +VALUE USR-Connect-Term-Reason abortAnlgDstOvrIsdn 72 +VALUE USR-Connect-Term-Reason normalUserCallClear 73 +VALUE USR-Connect-Term-Reason normalUnspecified 74 +VALUE USR-Connect-Term-Reason bearerIncompatibility 75 +VALUE USR-Connect-Term-Reason protocolErrorEvent 76 +VALUE USR-Connect-Term-Reason abnormalDisconnect 77 +VALUE USR-Connect-Term-Reason invalidCauseValue 78 +VALUE USR-Connect-Term-Reason resourceUnavailable 79 +VALUE USR-Connect-Term-Reason remoteHungUpDuringTraining 80 +VALUE USR-Connect-Term-Reason trainingTimeout 81 +VALUE USR-Connect-Term-Reason incomingModemNotAvailable 82 +VALUE USR-Connect-Term-Reason incomingInvalidBearerCap 83 +VALUE USR-Connect-Term-Reason incomingInvalidChannelID 84 +VALUE USR-Connect-Term-Reason incomingInvalidProgInd 85 +VALUE USR-Connect-Term-Reason incomingInvalidCallingPty 86 +VALUE USR-Connect-Term-Reason incomingInvalidCalledPty 87 +VALUE USR-Connect-Term-Reason incomingCallBlock 88 +VALUE USR-Connect-Term-Reason incomingLoopStNoRingOff 89 +VALUE USR-Connect-Term-Reason outgoingTelcoDisconnect 90 +VALUE USR-Connect-Term-Reason outgoingEMWinkTimeout 91 +VALUE USR-Connect-Term-Reason outgoingEMWinkTooShort 92 +VALUE USR-Connect-Term-Reason outgoingNoChannelAvail 93 +VALUE USR-Connect-Term-Reason dspReboot 94 +VALUE USR-Connect-Term-Reason noDSPRespToKA 95 +VALUE USR-Connect-Term-Reason noDSPRespToDisc 96 +VALUE USR-Connect-Term-Reason dspTailPtrInvalid 97 +VALUE USR-Connect-Term-Reason dspHeadPtrInvalid 98 + +VALUE USR-Failure-to-Connect-Reason dtrDrop 1 +VALUE USR-Failure-to-Connect-Reason escapeSequence 2 +VALUE USR-Failure-to-Connect-Reason athCommand 3 +VALUE USR-Failure-to-Connect-Reason carrierLoss 4 +VALUE USR-Failure-to-Connect-Reason inactivityTimout 5 +VALUE USR-Failure-to-Connect-Reason mnpIncompatible 6 +VALUE USR-Failure-to-Connect-Reason undefined 7 +VALUE USR-Failure-to-Connect-Reason remotePassword 8 +VALUE USR-Failure-to-Connect-Reason linkPassword 9 +VALUE USR-Failure-to-Connect-Reason retransmitLimit 10 +VALUE USR-Failure-to-Connect-Reason linkDisconnectMsgRec 11 +VALUE USR-Failure-to-Connect-Reason noLoopCurrent 12 +VALUE USR-Failure-to-Connect-Reason invalidSpeed 13 +VALUE USR-Failure-to-Connect-Reason unableToRetrain 14 +VALUE USR-Failure-to-Connect-Reason managementCommand 15 +VALUE USR-Failure-to-Connect-Reason noDialTone 16 +VALUE USR-Failure-to-Connect-Reason keyAbort 17 +VALUE USR-Failure-to-Connect-Reason lineBusy 18 +VALUE USR-Failure-to-Connect-Reason noAnswer 19 +VALUE USR-Failure-to-Connect-Reason voice 20 +VALUE USR-Failure-to-Connect-Reason noAnswerTone 21 +VALUE USR-Failure-to-Connect-Reason noCarrier 22 +VALUE USR-Failure-to-Connect-Reason undetermined 23 +VALUE USR-Failure-to-Connect-Reason v42SabmeTimeout 24 +VALUE USR-Failure-to-Connect-Reason v42BreakTimeout 25 +VALUE USR-Failure-to-Connect-Reason v42DisconnectCmd 26 +VALUE USR-Failure-to-Connect-Reason v42IdExchangeFail 27 +VALUE USR-Failure-to-Connect-Reason v42BadSetup 28 +VALUE USR-Failure-to-Connect-Reason v42InvalidCodeWord 29 +VALUE USR-Failure-to-Connect-Reason v42StringToLong 30 +VALUE USR-Failure-to-Connect-Reason v42InvalidCommand 31 +VALUE USR-Failure-to-Connect-Reason none 32 +VALUE USR-Failure-to-Connect-Reason v32Cleardown 33 +VALUE USR-Failure-to-Connect-Reason dialSecurity 34 +VALUE USR-Failure-to-Connect-Reason remoteAccessDenied 35 +VALUE USR-Failure-to-Connect-Reason loopLoss 36 +VALUE USR-Failure-to-Connect-Reason ds0Teardown 37 +VALUE USR-Failure-to-Connect-Reason promptNotEnabled 38 +VALUE USR-Failure-to-Connect-Reason noPromptingInSync 39 +VALUE USR-Failure-to-Connect-Reason nonArqMode 40 +VALUE USR-Failure-to-Connect-Reason modeIncompatible 41 +VALUE USR-Failure-to-Connect-Reason noPromptInNonARQ 42 +VALUE USR-Failure-to-Connect-Reason dialBackLink 43 +VALUE USR-Failure-to-Connect-Reason linkAbort 44 +VALUE USR-Failure-to-Connect-Reason autopassFailed 45 +VALUE USR-Failure-to-Connect-Reason pbGenericError 46 +VALUE USR-Failure-to-Connect-Reason pbLinkErrTxPreAck 47 +VALUE USR-Failure-to-Connect-Reason pbLinkErrTxTardyACK 48 +VALUE USR-Failure-to-Connect-Reason pbTransmitBusTimeout 49 +VALUE USR-Failure-to-Connect-Reason pbReceiveBusTimeout 50 +VALUE USR-Failure-to-Connect-Reason pbLinkErrTxTAL 51 +VALUE USR-Failure-to-Connect-Reason pbLinkErrRxTAL 52 +VALUE USR-Failure-to-Connect-Reason pbTransmitMasterTimeout 53 +VALUE USR-Failure-to-Connect-Reason pbClockMissing 54 +VALUE USR-Failure-to-Connect-Reason pbReceivedLsWhileLinkUp 55 +VALUE USR-Failure-to-Connect-Reason pbOutOfSequenceFrame 56 +VALUE USR-Failure-to-Connect-Reason pbBadFrame 57 +VALUE USR-Failure-to-Connect-Reason pbAckWaitTimeout 58 +VALUE USR-Failure-to-Connect-Reason pbReceivedAckSeqErr 59 +VALUE USR-Failure-to-Connect-Reason pbReceiveOvrflwRNRFail 60 +VALUE USR-Failure-to-Connect-Reason pbReceiveMsgBufOvrflw 61 +VALUE USR-Failure-to-Connect-Reason rcvdGatewayDiscCmd 62 +VALUE USR-Failure-to-Connect-Reason tokenPassingTimeout 63 +VALUE USR-Failure-to-Connect-Reason dspInterruptTimeout 64 +VALUE USR-Failure-to-Connect-Reason mnpProtocolViolation 65 +VALUE USR-Failure-to-Connect-Reason class2FaxHangupCmd 66 +VALUE USR-Failure-to-Connect-Reason hstSpeedSwitchTimeout 67 +VALUE USR-Failure-to-Connect-Reason tooManyUnacked 68 +VALUE USR-Failure-to-Connect-Reason timerExpired 69 +VALUE USR-Failure-to-Connect-Reason t1Glare 70 +VALUE USR-Failure-to-Connect-Reason priDialoutRqTimeout 71 +VALUE USR-Failure-to-Connect-Reason abortAnlgDstOvrIsdn 72 +VALUE USR-Failure-to-Connect-Reason normalUserCallClear 73 +VALUE USR-Failure-to-Connect-Reason normalUnspecified 74 +VALUE USR-Failure-to-Connect-Reason bearerIncompatibility 75 +VALUE USR-Failure-to-Connect-Reason protocolErrorEvent 76 +VALUE USR-Failure-to-Connect-Reason abnormalDisconnect 77 +VALUE USR-Failure-to-Connect-Reason invalidCauseValue 78 +VALUE USR-Failure-to-Connect-Reason resourceUnavailable 79 +VALUE USR-Failure-to-Connect-Reason remoteHungUpDuringTraining 80 +VALUE USR-Failure-to-Connect-Reason trainingTimeout 81 +VALUE USR-Failure-to-Connect-Reason incomingModemNotAvailable 82 +VALUE USR-Failure-to-Connect-Reason incomingInvalidBearerCap 83 +VALUE USR-Failure-to-Connect-Reason incomingInvalidChannelID 84 +VALUE USR-Failure-to-Connect-Reason incomingInvalidProgInd 85 +VALUE USR-Failure-to-Connect-Reason incomingInvalidCallingPty 86 +VALUE USR-Failure-to-Connect-Reason incomingInvalidCalledPty 87 +VALUE USR-Failure-to-Connect-Reason incomingCallBlock 88 +VALUE USR-Failure-to-Connect-Reason incomingLoopStNoRingOff 89 +VALUE USR-Failure-to-Connect-Reason outgoingTelcoDisconnect 90 +VALUE USR-Failure-to-Connect-Reason outgoingEMWinkTimeout 91 +VALUE USR-Failure-to-Connect-Reason outgoingEMWinkTooShort 92 +VALUE USR-Failure-to-Connect-Reason outgoingNoChannelAvail 93 +VALUE USR-Failure-to-Connect-Reason dspReboot 94 +VALUE USR-Failure-to-Connect-Reason noDSPRespToKA 95 +VALUE USR-Failure-to-Connect-Reason noDSPRespToDisc 96 +VALUE USR-Failure-to-Connect-Reason dspTailPtrInvalid 97 +VALUE USR-Failure-to-Connect-Reason dspHeadPtrInvalid 98 + +VALUE USR-Simplified-MNP-Levels none 1 +VALUE USR-Simplified-MNP-Levels mnpLevel3 2 +VALUE USR-Simplified-MNP-Levels mnpLevel4 3 +VALUE USR-Simplified-MNP-Levels ccittV42 4 +VALUE USR-Simplified-MNP-Levels usRoboticsHST 5 +VALUE USR-Simplified-MNP-Levels synchronousNone 6 +VALUE USR-Simplified-MNP-Levels mnpLevel2 7 +VALUE USR-Simplified-MNP-Levels mnp10 8 +VALUE USR-Simplified-MNP-Levels v42Etc 9 +VALUE USR-Simplified-MNP-Levels mnp10Etc 10 +VALUE USR-Simplified-MNP-Levels lapmEtc 11 +VALUE USR-Simplified-MNP-Levels v42Etc2 12 +VALUE USR-Simplified-MNP-Levels v42SRej 13 +VALUE USR-Simplified-MNP-Levels piafs 14 + +VALUE USR-Simplified-V42bis-Usage none 1 +VALUE USR-Simplified-V42bis-Usage ccittV42bis 2 +VALUE USR-Simplified-V42bis-Usage mnpLevel5 3 + +VALUE USR-Equalization-Type Long 1 +VALUE USR-Equalization-Type Short 2 + +VALUE USR-Fallback-Enabled Disabled 1 +VALUE USR-Fallback-Enabled Enabled 2 + +VALUE USR-Back-Channel-Data-Rate 450BPS 1 +VALUE USR-Back-Channel-Data-Rate 300BPS 2 +VALUE USR-Back-Channel-Data-Rate None 3 + +VALUE USR-Device-Connected-To None 1 +VALUE USR-Device-Connected-To isdnGateway 2 +VALUE USR-Device-Connected-To quadModem 3 + +VALUE USR-Call-Event-Code notSupported 1 +VALUE USR-Call-Event-Code setup 2 +VALUE USR-Call-Event-Code usrSetup 3 +VALUE USR-Call-Event-Code telcoDisconnect 4 +VALUE USR-Call-Event-Code usrDisconnect 5 +VALUE USR-Call-Event-Code noFreeModem 6 +VALUE USR-Call-Event-Code modemsNotAllowed 7 +VALUE USR-Call-Event-Code modemsRejectCall 8 +VALUE USR-Call-Event-Code modemSetupTimeout 9 +VALUE USR-Call-Event-Code noFreeIGW 10 +VALUE USR-Call-Event-Code igwRejectCall 11 +VALUE USR-Call-Event-Code igwSetupTimeout 12 +VALUE USR-Call-Event-Code noFreeTdmts 13 +VALUE USR-Call-Event-Code bcReject 14 +VALUE USR-Call-Event-Code ieReject 15 +VALUE USR-Call-Event-Code chidReject 16 +VALUE USR-Call-Event-Code progReject 17 +VALUE USR-Call-Event-Code callingPartyReject 18 +VALUE USR-Call-Event-Code calledPartyReject 19 +VALUE USR-Call-Event-Code blocked 20 +VALUE USR-Call-Event-Code analogBlocked 21 +VALUE USR-Call-Event-Code digitalBlocked 22 +VALUE USR-Call-Event-Code outOfService 23 +VALUE USR-Call-Event-Code busy 24 +VALUE USR-Call-Event-Code congestion 25 +VALUE USR-Call-Event-Code protocolError 26 +VALUE USR-Call-Event-Code noFreeBchannel 27 +VALUE USR-Call-Event-Code inOutCallCollision 28 +VALUE USR-Call-Event-Code inCallArrival 29 +VALUE USR-Call-Event-Code outCallArrival 30 +VALUE USR-Call-Event-Code inCallConnect 31 +VALUE USR-Call-Event-Code outCallConnect 32 + +VALUE USR-HARC-Disconnect-Code No-Error 0 +VALUE USR-HARC-Disconnect-Code No-Carrier 1 +VALUE USR-HARC-Disconnect-Code No-DSR 2 +VALUE USR-HARC-Disconnect-Code Timeout 3 +VALUE USR-HARC-Disconnect-Code Reset 4 +VALUE USR-HARC-Disconnect-Code Call-Drop-Req 5 +VALUE USR-HARC-Disconnect-Code Idle-Timeout 6 +VALUE USR-HARC-Disconnect-Code Session-Timeout 7 +VALUE USR-HARC-Disconnect-Code User-Req-Drop 8 +VALUE USR-HARC-Disconnect-Code Host-Req-Drop 9 +VALUE USR-HARC-Disconnect-Code Service-Interruption 10 +VALUE USR-HARC-Disconnect-Code Service-Unavailable 11 +VALUE USR-HARC-Disconnect-Code User-Input-Error 12 +VALUE USR-HARC-Disconnect-Code NAS-Drop-For-Callback 13 +VALUE USR-HARC-Disconnect-Code NAS-Drop-Misc-Non-Error 14 +VALUE USR-HARC-Disconnect-Code NAS-Internal-Error 15 +VALUE USR-HARC-Disconnect-Code Line-Busy 16 +VALUE USR-HARC-Disconnect-Code Tunnel-Term-Unreach 19 +VALUE USR-HARC-Disconnect-Code Tunnel-Refused 20 +VALUE USR-HARC-Disconnect-Code Tunnel-Auth-Failed 21 +VALUE USR-HARC-Disconnect-Code Tunnel-Session-Timeout 22 +VALUE USR-HARC-Disconnect-Code Tunnel-Timeout 23 +VALUE USR-HARC-Disconnect-Code Radius-Res-Reclaim 25 +VALUE USR-HARC-Disconnect-Code DNIS-Auth-Failed 26 +VALUE USR-HARC-Disconnect-Code PAP-Auth-Failure 27 +VALUE USR-HARC-Disconnect-Code CHAP-Auth-Failure 28 +VALUE USR-HARC-Disconnect-Code PPP-LCP-Failed 29 +VALUE USR-HARC-Disconnect-Code PPP-NCP-Failed 30 +VALUE USR-HARC-Disconnect-Code Radius-Timeout 31 + +VALUE USR-CCP-Algorithm NONE 1 +VALUE USR-CCP-Algorithm Stac 2 +VALUE USR-CCP-Algorithm MS 3 +VALUE USR-CCP-Algorithm Any 4 + +VALUE USR-Tunnel-Security None 0 +VALUE USR-Tunnel-Security Control-Only 1 +VALUE USR-Tunnel-Security Data-Only 2 +VALUE USR-Tunnel-Security Both-Data-and-Control 3 + +VALUE USR-RMMIE-Status notEnabledInLocalModem 1 +VALUE USR-RMMIE-Status notDetectedInRemoteModem 2 +VALUE USR-RMMIE-Status ok 3 + +VALUE USR-RMMIE-x2-Status notOperational 1 +VALUE USR-RMMIE-x2-Status operational 2 +VALUE USR-RMMIE-x2-Status x2Disabled 3 +VALUE USR-RMMIE-x2-Status v8Disabled 4 +VALUE USR-RMMIE-x2-Status remote3200Disabled 5 +VALUE USR-RMMIE-x2-Status invalidSpeedSetting 6 +VALUE USR-RMMIE-x2-Status v8NotDetected 7 +VALUE USR-RMMIE-x2-Status x2NotDetected 8 +VALUE USR-RMMIE-x2-Status incompatibleVersion 9 +VALUE USR-RMMIE-x2-Status incompatibleModes 10 +VALUE USR-RMMIE-x2-Status local3200Disabled 11 +VALUE USR-RMMIE-x2-Status excessHighFrequencyAtten 12 +VALUE USR-RMMIE-x2-Status connectNotSupport3200 13 +VALUE USR-RMMIE-x2-Status retrainBeforeConnection 14 + +VALUE USR-RMMIE-Planned-Disconnect none 1 +VALUE USR-RMMIE-Planned-Disconnect dteNotReady 2 +VALUE USR-RMMIE-Planned-Disconnect dteInterfaceError 3 +VALUE USR-RMMIE-Planned-Disconnect dteRequest 4 +VALUE USR-RMMIE-Planned-Disconnect escapeToOnlineCommandMode 5 +VALUE USR-RMMIE-Planned-Disconnect athCommand 6 +VALUE USR-RMMIE-Planned-Disconnect inactivityTimeout 7 +VALUE USR-RMMIE-Planned-Disconnect arqProtocolError 8 +VALUE USR-RMMIE-Planned-Disconnect arqProtocolRetransmitLim 9 +VALUE USR-RMMIE-Planned-Disconnect invalidComprDataCodeword 10 +VALUE USR-RMMIE-Planned-Disconnect invalidComprDataStringLen 11 +VALUE USR-RMMIE-Planned-Disconnect invalidComprDataCommand 12 + +VALUE USR-RMMIE-Last-Update-Event none 1 +VALUE USR-RMMIE-Last-Update-Event initialConnection 2 +VALUE USR-RMMIE-Last-Update-Event retrain 3 +VALUE USR-RMMIE-Last-Update-Event speedShift 4 +VALUE USR-RMMIE-Last-Update-Event plannedDisconnect 5 + +VALUE USR-Request-Type Access-Request 1 +VALUE USR-Request-Type Access-Accept 2 +VALUE USR-Request-Type Access-Reject 3 +VALUE USR-Request-Type Accounting-Request 4 +VALUE USR-Request-Type Accounting-Response 5 +# The next three non standard packet types are used by +# US Robotics Security/Accounting Server +VALUE USR-Request-Type Access-Password-Change 7 +VALUE USR-Request-Type Access-Password-Ack 8 +VALUE USR-Request-Type Access-Password-Reject 9 +VALUE USR-Request-Type Access-Challenge 11 +VALUE USR-Request-Type Status-Server 12 +VALUE USR-Request-Type Status-Client 13 +# Non standard packet types used by NetServer to implement +# resource management and NAS reboot conditions +VALUE USR-Request-Type Resource-Free-Request 21 +VALUE USR-Request-Type Resource-Free-Response 22 +VALUE USR-Request-Type Resource-Query-Request 23 +VALUE USR-Request-Type Resource-Query-Response 24 +VALUE USR-Request-Type Disconnect-User 25 +VALUE USR-Request-Type NAS-Reboot-Request 26 +VALUE USR-Request-Type NAS-Reboot-Response 27 +# This value is used for Tacacs Plus translation +VALUE USR-Request-Type Tacacs-Message 253 +VALUE USR-Request-Type Reserved 255 + +VALUE USR-Speed-Of-Connection Auto 0 +VALUE USR-Speed-Of-Connection 56 1 +VALUE USR-Speed-Of-Connection 64 2 +VALUE USR-Speed-Of-Connection Voice 3 + +VALUE USR-Expansion-Algorithm Constant 1 +VALUE USR-Expansion-Algorithm Linear 2 + +VALUE USR-Compression-Algorithm None 0 +VALUE USR-Compression-Algorithm Stac 1 +VALUE USR-Compression-Algorithm Ascend 2 +VALUE USR-Compression-Algorithm Microsoft 3 +VALUE USR-Compression-Algorithm Auto 4 + +VALUE USR-Compression-Reset-Mode Auto 0 +VALUE USR-Compression-Reset-Mode Reset-Every-Packet 1 +VALUE USR-Compression-Reset-Mode Reset-On-Error 2 + +VALUE USR-Filter-Zones enabled 1 +VALUE USR-Filter-Zones disabled 2 + +VALUE USR-Bridging enabled 1 +VALUE USR-Bridging disabled 2 + +VALUE USR-Appletalk enabled 1 +VALUE USR-Appletalk disabled 2 + +VALUE USR-Spoofing enabled 1 +VALUE USR-Spoofing disabled 2 + +VALUE USR-Routing-Protocol Rip1 1 +VALUE USR-Routing-Protocol Rip2 2 + +VALUE USR-IPX-Routing none 0 +VALUE USR-IPX-Routing send 1 +VALUE USR-IPX-Routing listen 2 +VALUE USR-IPX-Routing respond 3 +VALUE USR-IPX-Routing all 4 + +VALUE USR-IPX-WAN enabled 1 +VALUE USR-IPX-WAN disabled 2 + +VALUE USR-IP-Default-Route-Option enabled 1 +VALUE USR-IP-Default-Route-Option disabled 2 + +VALUE USR-IP-RIP-Policies SendDefault 0x0 +VALUE USR-IP-RIP-Policies SendRoutes 0x2 +VALUE USR-IP-RIP-Policies SendSubnets 0x4 +VALUE USR-IP-RIP-Policies AcceptDefault 0x8 +VALUE USR-IP-RIP-Policies SplitHorizon 0x10 +VALUE USR-IP-RIP-Policies PoisonReserve 0x20 +VALUE USR-IP-RIP-Policies FlashUpdate 0x40 +VALUE USR-IP-RIP-Policies SimpleAuth 0x80 +VALUE USR-IP-RIP-Policies V1Send 0x100 +VALUE USR-IP-RIP-Policies V1Receive 0x200 +VALUE USR-IP-RIP-Policies V2Receive 0x400 +VALUE USR-IP-RIP-Policies Silent 0x80000000 + +VALUE USR-Callback-Type Normal 1 +VALUE USR-Callback-Type ANI 2 +VALUE USR-Callback-Type Static 3 +VALUE USR-Callback-Type Dynamic 4 + +VALUE USR-Agent FA 1 +VALUE USR-Agent HA 2 + +VALUE USR-NAS-Type 3Com-NMC 0 +VALUE USR-NAS-Type 3Com-NETServer 1 +VALUE USR-NAS-Type 3Com-HiPerArc 2 +VALUE USR-NAS-Type TACACS+-Server 3 +VALUE USR-NAS-Type 3Com-SA-Server 4 +VALUE USR-NAS-Type Ascend 5 +VALUE USR-NAS-Type Generic-RADIUS 6 +VALUE USR-NAS-Type 3Com-NETBuilder-II 7 + +VALUE USR-Auth-Mode Auth-3Com 0 +VALUE USR-Auth-Mode Auth-Ace 1 +VALUE USR-Auth-Mode Auth-Safeword 2 +VALUE USR-Auth-Mode Auth-UNIX-PW 3 +VALUE USR-Auth-Mode Auth-Defender 4 +VALUE USR-Auth-Mode Auth-TACACSP 5 +VALUE USR-Auth-Mode Auth-Netware 6 +VALUE USR-Auth-Mode Auth-Skey 7 +VALUE USR-Auth-Mode Auth-EAP-Proxy 8 +VALUE USR-Auth-Mode Auth-UNIX-Crypt 9 + +VALUE CW-Acct-Type COMS-UNKNOWN-ACCT-TYPE 0 +VALUE CW-Acct-Type COMS-PREPAID-ACCT 1 +VALUE CW-Acct-Type COMS-NEW-ACCT 2 +VALUE CW-Acct-Type COMS-SUSPENDED-ACCT 3 +VALUE CW-Acct-Type COMS-ADMINISTRATIVE-ACCT 4 + +VALUE CW-Source-Identifier COMS-UNKNOWN-SOURCE 0 +VALUE CW-Source-Identifier COMS-INGRESS-OPEN 257 +VALUE CW-Source-Identifier COMS-EGRESS-OPEN 258 +VALUE CW-Source-Identifier COMS-GTKPR-GEN-INGR-OPEN 259 +VALUE CW-Source-Identifier COMS-GTKPR-GEN-EGR-OPEN 260 +VALUE CW-Source-Identifier COMS-INGRESS-CLOSE 513 +VALUE CW-Source-Identifier COMS-EGRESS-CLOSE 514 +VALUE CW-Source-Identifier COMS-GTKPR-GEN-INGR-CLOSE 515 +VALUE CW-Source-Identifier COMS-GTKPR-GEN-EGR-CLOSE 516 + +VALUE CW-Session-Sequence-End NOT-THE-LAST-CALL 0 +VALUE CW-Session-Sequence-End LAST-CALL 1 + +VALUE CW-Clg-Party-E164-Type comsUnknown 1 +VALUE CW-Clg-Party-E164-Type comsInternationalNumber 2 +VALUE CW-Clg-Party-E164-Type comsNationalNumber 3 +VALUE CW-Clg-Party-E164-Type comsNetworkSpecificNumber 4 +VALUE CW-Clg-Party-E164-Type comsSubscriberNumber 5 +VALUE CW-Clg-Party-E164-Type comsAbbreviatedNumber 6 +VALUE CW-Clg-Party-E164-Type comsReserved 7 + +VALUE CW-Clg-Party-Trans-Protocol TCP 1 +VALUE CW-Clg-Party-Trans-Protocol UDP 2 +VALUE CW-Clg-Party-Trans-Protocol SCTP 3 + +VALUE CW-Cld-Party-E164-Type comsUnknown 1 +VALUE CW-Cld-Party-E164-Type comsInternationalNumber 2 +VALUE CW-Cld-Party-E164-Type comsNationalNumber 3 +VALUE CW-Cld-Party-E164-Type comsNetworkSpecificNumber 4 +VALUE CW-Cld-Party-E164-Type comsSubscriberNumber 5 +VALUE CW-Cld-Party-E164-Type comsAbbreviatedNumber 6 +VALUE CW-Cld-Party-E164-Type comsReserved 7 + +VALUE CW-Cld-Party-Trans-Protocol TCP 1 +VALUE CW-Cld-Party-Trans-Protocol UDP 2 +VALUE CW-Cld-Party-Trans-Protocol SCTP 3 + +VALUE CW-Ingr-Gway-E164-Type comsUnknown 1 +VALUE CW-Ingr-Gway-E164-Type comsInternationalNumber 2 +VALUE CW-Ingr-Gway-E164-Type comsNationalNumber 3 +VALUE CW-Ingr-Gway-E164-Type comsNetworkSpecificNumber 4 +VALUE CW-Ingr-Gway-E164-Type comsSubscriberNumber 5 +VALUE CW-Ingr-Gway-E164-Type comsAbbreviatedNumber 6 +VALUE CW-Ingr-Gway-E164-Type comsReserved 7 + +VALUE CW-Ingr-Gway-Trans-Protocol TCP 1 +VALUE CW-Ingr-Gway-Trans-Protocol UDP 2 +VALUE CW-Ingr-Gway-Trans-Protocol SCTP 3 + +VALUE CW-Egr-Gway-Trans-Protocol TCP 1 +VALUE CW-Egr-Gway-Trans-Protocol UDP 2 +VALUE CW-Egr-Gway-Trans-Protocol SCTP 3 + +VALUE CW-Ingr-Gtkpr-Trans-Protocol TCP 1 +VALUE CW-Ingr-Gtkpr-Trans-Protocol UDP 2 +VALUE CW-Ingr-Gtkpr-Trans-Protocol SCTP 3 + +VALUE CW-Egr-Gtkpr-Trans-Protocol TCP 1 +VALUE CW-Egr-Gtkpr-Trans-Protocol UDP 2 +VALUE CW-Egr-Gtkpr-Trans-Protocol SCTP 3 + +VALUE CW-Call-Type COMS-UNKNOWN-CALLTYPE 0 +VALUE CW-Call-Type COMS-PHONE-TO-PHONE 1 +VALUE CW-Call-Type COMS-PHONE-TO-PC 2 +VALUE CW-Call-Type COMS-PC-TO-PHONE 3 +VALUE CW-Call-Type COMS-PC-TO-PC 4 + +VALUE CW-Codec-Type COMS-UNDEFINED-CODEC 0 +VALUE CW-Codec-Type COMS-G723-1 1 +VALUE CW-Codec-Type COMS-G729-A 2 +VALUE CW-Codec-Type COMS-G710-ALaw 3 +VALUE CW-Codec-Type COMS-G711-MuLaw 4 +VALUE CW-Codec-Type COMS-FAX-MODULATION 255 + +VALUE CW-Call-Termination-Cause CAUSE-UNKNOWN 0 +VALUE CW-Call-Termination-Cause CAUSE-CLD-PARTY-TERMINATE 1 +VALUE CW-Call-Termination-Cause CAUSE-CLG-PARTY-TERMINATE 2 +VALUE CW-Call-Termination-Cause CAUSE-ACCT-BAL-DEPLETED 3 +VALUE CW-Call-Termination-Cause CAUSE-NO-EGR-PORTS-AVAIL 4 +VALUE CW-Call-Termination-Cause CAUSE-H225-UNABLE-TO-CON 5 +VALUE CW-Call-Termination-Cause CAUSE-H245-UNABLE-TO-CON 6 +VALUE CW-Call-Termination-Cause CAUSE-INGR-FACILITY-DISC 7 +VALUE CW-Call-Termination-Cause CAUSE-EGR-FACILITY-DISC 8 +VALUE CW-Call-Termination-Cause CAUSE-DIR-SERVER-DOWN 9 +VALUE CW-Call-Termination-Cause CAUSE-RATING-SERVER-DOWN 10 +VALUE CW-Call-Termination-Cause CAUSE-GATEWAY-SHUTDOWN 11 +VALUE CW-Call-Termination-Cause CAUSE-GTKPR-TERMINATE 12 +VALUE CW-Call-Termination-Cause CAUSE-GTKPR-SHUTDOWN-GTWAY 13 +VALUE CW-Call-Termination-Cause CAUSE-BUSY 14 +VALUE CW-Call-Termination-Cause CAUSE-ABANDON 15 +VALUE CW-Call-Termination-Cause CAUSE-INVALID-LOGIN-LIMIT 16 +VALUE CW-Call-Termination-Cause CAUSE-NOACCTNUMBER-ENTRY 17 +VALUE CW-Call-Termination-Cause CAUSE-SUSPENDED-ACCT-LOGIN 18 +VALUE CW-Call-Termination-Cause CAUSE-AUTHENT-SERVER-DOWN 19 +VALUE CW-Call-Termination-Cause CAUSE-GATEKEEPER-TIMEOUT 20 +VALUE CW-Call-Termination-Cause CAUSE-GATEWAY-NO-RESOURCES 21 +VALUE CW-Call-Termination-Cause CAUSE-ACCT-INUSE 22 +VALUE CW-Call-Termination-Cause CAUSE-DEBIT-ACCT-BAL-ZERO 23 +VALUE CW-Call-Termination-Cause CAUSE-DEBIT-ACCTBAL-INSUFF 24 +VALUE CW-Call-Termination-Cause CAUSE-INVALID-DESTNUMBER-THRESH 25 +VALUE CW-Call-Termination-Cause CAUSE-NO-DESTNUMBER-ENTRY 26 +VALUE CW-Call-Termination-Cause CAUSE-SEQUENCE-DIALING-THRESH 27 + +VALUE CW-Signaling-Protocol SIG-UNKNOWN 0 +VALUE CW-Signaling-Protocol SIG-SIP 1 +VALUE CW-Signaling-Protocol SIG-H323 2 + +VALUE CW-Protocol-Transport TCP 1 +VALUE CW-Protocol-Transport UDP 2 +VALUE CW-Protocol-Transport SCTP 3 + +VALUE CW-Local-Sig-Trans-Protocol TCP 1 +VALUE CW-Local-Sig-Trans-Protocol UDP 2 +VALUE CW-Local-Sig-Trans-Protocol SCTP 3 + +VALUE CW-Remote-Sig-Trans-Protocol TCP 1 +VALUE CW-Remote-Sig-Trans-Protocol UDP 2 +VALUE CW-Remote-Sig-Trans-Protocol SCTP 3 + +VALUE CW-Local-MG-RTP-Protocol TCP 1 +VALUE CW-Local-MG-RTP-Protocol UDP 2 +VALUE CW-Local-MG-RTP-Protocol SCTP 3 + +VALUE CW-Remote-MG-RTP-Protocol TCP 1 +VALUE CW-Remote-MG-RTP-Protocol UDP 2 +VALUE CW-Remote-MG-RTP-Protocol SCTP 3 + +VALUE CW-Trans-Cld-Party-E164-Type Unknown 1 +VALUE CW-Trans-Cld-Party-E164-Type International-Number 2 +VALUE CW-Trans-Cld-Party-E164-Type National-Number 3 +VALUE CW-Trans-Cld-Party-E164-Type Network-Specific-Number 4 +VALUE CW-Trans-Cld-Party-E164-Type Subscriber-Number 5 +VALUE CW-Trans-Cld-Party-E164-Type Abbreviated-Number 6 +VALUE CW-Trans-Cld-Party-E164-Type Reserved 7 + +END-VENDOR USR diff --git a/freeradius/dict/dictionary.valemount b/freeradius/dict/dictionary.valemount new file mode 100644 index 0000000..d529ef5 --- /dev/null +++ b/freeradius/dict/dictionary.valemount @@ -0,0 +1,27 @@ +# -*- text -*- +# +# Valemount Networks Corporation specific radius attributes +# networks@valemount.com +# +# $Id$ +# + +VENDOR ValemountNetworks 16313 + +BEGIN-VENDOR ValemountNetworks + +# Rates to give PPPoE customers, can be used in Authentication replies, +# in bits/s +ATTRIBUTE VNC-PPPoE-CBQ-RX 1 integer +ATTRIBUTE VNC-PPPoE-CBQ-TX 2 integer + +# Fallback support for each direction. (1 / 0) +ATTRIBUTE VNC-PPPoE-CBQ-RX-Fallback 3 integer +ATTRIBUTE VNC-PPPoE-CBQ-TX-Fallback 4 integer + +ATTRIBUTE VNC-Splash 10 integer + +VALUE VNC-Splash Show 1 +VALUE VNC-Splash No-Show 0 + +END-VENDOR ValemountNetworks diff --git a/freeradius/dict/dictionary.versanet b/freeradius/dict/dictionary.versanet new file mode 100644 index 0000000..b2f2098 --- /dev/null +++ b/freeradius/dict/dictionary.versanet @@ -0,0 +1,54 @@ +# -*- text -*- +# +# dictionary.versanet Vendor specfic attributes for versanet +# +# +# VersaNet Communications, Inc. +# Http://www.versa-net.com +# +# +#Versanet add Vendor specific terminal cause in our radius group. +#You can follow this to set it in NAS box. +# +# >> gr radius +# >> sh +# >> set 34 23 +# >> co +# +#This will let our unit transfer every detail terminal cause +#information to Redius server's accounting log file and +#save as "Vendor Specific=Terminate Cause". +# +# Version: @(#)dictionary.versanet 1.00 22-Jul-1999 support@versanetcomm.com +# + +VENDOR Versanet 2180 + +BEGIN-VENDOR Versanet + +ATTRIBUTE Versanet-Termination-Cause 1 integer + +VALUE Versanet-Termination-Cause Normal-Hangup-No-Error-Occurred 0 +VALUE Versanet-Termination-Cause Call-Waiting-Caused-Disconnect 3 +VALUE Versanet-Termination-Cause Physical-Carrier-Loss 4 +VALUE Versanet-Termination-Cause No-err-correction-at-other-end 5 +VALUE Versanet-Termination-Cause No-resp-to-feature-negotiation 6 +VALUE Versanet-Termination-Cause 1st-modem-async-only-2nd-sync 7 +VALUE Versanet-Termination-Cause No-framing-technique-in-common 8 +VALUE Versanet-Termination-Cause No-protocol-in-common 9 +VALUE Versanet-Termination-Cause Bad-resp-to-feature-negotiation 10 +VALUE Versanet-Termination-Cause No-sync-info-from-remote-modem 11 +VALUE Versanet-Termination-Cause Normal-Hangup-by-Remote-modem 12 +VALUE Versanet-Termination-Cause Retransmission-limit-reached 13 +VALUE Versanet-Termination-Cause Protocol-violation-occurred 14 +VALUE Versanet-Termination-Cause Lost-DTR 15 +VALUE Versanet-Termination-Cause Received-GSTN-cleardown 16 +VALUE Versanet-Termination-Cause Inactivity-timeout 17 +VALUE Versanet-Termination-Cause Speed-not-supported 18 +VALUE Versanet-Termination-Cause Long-space-disconnect 19 +VALUE Versanet-Termination-Cause Key-abort-disconnect 20 +VALUE Versanet-Termination-Cause Clears-previous-disc-reason 21 +VALUE Versanet-Termination-Cause No-connection-established 22 +VALUE Versanet-Termination-Cause Disconnect-after-three-retrains 23 + +END-VENDOR Versanet diff --git a/freeradius/dict/dictionary.vqp b/freeradius/dict/dictionary.vqp new file mode 100644 index 0000000..0eafc5a --- /dev/null +++ b/freeradius/dict/dictionary.vqp @@ -0,0 +1,109 @@ +# -*- text -*- +############################################################################## +# +# Cisco's VLAN Query Protocol +# +# This dictionary is NOT a RADIUS dictionary, but is used for a +# similar purpose. +# +# The default destination port is 1589. +# +# $Id$ +# +############################################################################## + +# +# We've allocated "fake" attribute 0x2b00 ... 0x2cff for VQP. +# +# +# 0x2b00..0x2bff are for the VQP packet headers. +# 0x2c00..0x2cff are for the VQP attributes. +# +# Note that the VQP protocol specifies 0x0c01..0x0c08 as the +# real numbers for the VQP attributes. We've added '0x2000' +# to them to separate them from RADIUS attributes... +# + +# +# VQP Op codes +# +ATTRIBUTE VQP-Packet-Type 0x2b00 integer +ATTRIBUTE VQP-Error-Code 0x2b01 integer +ATTRIBUTE VQP-Sequence-Number 0x2b02 integer + +# +# VQP Attributes +# +ATTRIBUTE VQP-Client-IP-Address 0x2c01 ipaddr +ATTRIBUTE VQP-Port-Name 0x2c02 string +ATTRIBUTE VQP-VLAN-Name 0x2c03 string + +# VTP domain +ATTRIBUTE VQP-Domain-Name 0x2c04 string + +# Encapsulates an Ethernet frame... +ATTRIBUTE VQP-Ethernet-Frame 0x2c05 octets +ATTRIBUTE VQP-MAC 0x2c06 ether +ATTRIBUTE VQP-Unknown 0x2c07 octets +ATTRIBUTE VQP-Cookie 0x2c08 ether + +# +# VQP integer mappings +# + +VALUE VQP-Packet-Type VQP-Join-Request 1 +VALUE VQP-Packet-Type VQP-Join-Response 2 +VALUE VQP-Packet-Type VQP-Reconfirm-Request 3 +VALUE VQP-Packet-Type VQP-Reconfirm-Response 4 + +VALUE VQP-Error-Code VQP-No-Error 0 +VALUE VQP-Error-Code VQP-Wrong-Version 1 +VALUE VQP-Error-Code VQP-Insufficient-Resources 2 +VALUE VQP-Error-Code VQP-Deny 3 +VALUE VQP-Error-Code VQP-Shutdown 4 +VALUE VQP-Error-Code VQP-Wrong-Mgmt-Domain 5 + +###################################################################### +# +# Duplicate names here, for simplicity +# +###################################################################### + +# +# VMPS Op codes +# +ATTRIBUTE VMPS-Packet-Type 0x2b00 integer +ATTRIBUTE VMPS-Error-Code 0x2b01 integer +ATTRIBUTE VMPS-Sequence-Number 0x2b02 integer + +# +# VMPS Attributes +# +ATTRIBUTE VMPS-Client-IP-Address 0x2c01 ipaddr +ATTRIBUTE VMPS-Port-Name 0x2c02 string +ATTRIBUTE VMPS-VLAN-Name 0x2c03 string + +# VTP domain +ATTRIBUTE VMPS-Domain-Name 0x2c04 string + +# Encapsulates an Ethernet frame... +ATTRIBUTE VMPS-Ethernet-Frame 0x2c05 octets +ATTRIBUTE VMPS-MAC 0x2c06 ether +ATTRIBUTE VMPS-Unknown 0x2c07 octets +ATTRIBUTE VMPS-Cookie 0x2c08 ether + +# +# VMPS integer mappings +# + +VALUE VMPS-Packet-Type VMPS-Join-Request 1 +VALUE VMPS-Packet-Type VMPS-Join-Response 2 +VALUE VMPS-Packet-Type VMPS-Reconfirm-Request 3 +VALUE VMPS-Packet-Type VMPS-Reconfirm-Response 4 + +VALUE VMPS-Error-Code VMPS-No-Error 0 +VALUE VMPS-Error-Code VMPS-Wrong-Version 1 +VALUE VMPS-Error-Code VMPS-Insufficient-Resources 2 +VALUE VMPS-Error-Code VMPS-Deny 3 +VALUE VMPS-Error-Code VMPS-Shutdown 4 +VALUE VMPS-Error-Code VMPS-Wrong-Mgmt-Domain 5 diff --git a/freeradius/dict/dictionary.walabi b/freeradius/dict/dictionary.walabi new file mode 100644 index 0000000..8e0f8fb --- /dev/null +++ b/freeradius/dict/dictionary.walabi @@ -0,0 +1,28 @@ +# -*- text -*- +############################################################################## +# +# Walabi Store & Forward FAX attributes. +# +# $Id$ +# +############################################################################## + +VENDOR Walabi 2004 + +VALUE Acct-Status-Type WB-Login 217 +VALUE Acct-Status-Type WB-Logout 218 +VALUE Acct-Status-Type WB-WRitelog 219 + +# Store and Forward Fax Attributes: +BEGIN-VENDOR Walabi +ATTRIBUTE WB-AUTH-Time-Left 1 integer +ATTRIBUTE WB-Auth-Accum-BW 2 integer +ATTRIBUTE WB-Auth-BW-Quota 3 integer +ATTRIBUTE WB-Auth-BW-Count 4 integer +ATTRIBUTE WB-Auth-Upload-Limit 5 integer +ATTRIBUTE WB-Auth-Download-Limit 6 integer +ATTRIBUTE WB-Auth-Login-Time 7 integer +ATTRIBUTE WB-Auth-Logout-Time 8 integer +ATTRIBUTE WB-Auth-Time-Diff 9 integer +ATTRIBUTE WB-Auth-BW-Usage 10 integer +END-VENDOR Walabi diff --git a/freeradius/dict/dictionary.waverider b/freeradius/dict/dictionary.waverider new file mode 100644 index 0000000..b641bf5 --- /dev/null +++ b/freeradius/dict/dictionary.waverider @@ -0,0 +1,56 @@ +# -*- text -*- +# +# http://www.waverider.com/ +# $Id$ +# + +VENDOR Waverider 2979 + +BEGIN-VENDOR Waverider +ATTRIBUTE Waverider-Grade-Of-Service 1 integer +ATTRIBUTE Waverider-Priority-Enabled 2 integer +ATTRIBUTE Waverider-Authentication-Key 3 string +ATTRIBUTE Waverider-Current-Password 5 string +ATTRIBUTE Waverider-New-Password 6 string +ATTRIBUTE Waverider-Radio-Frequency 7 integer +ATTRIBUTE Waverider-SNMP-Read-Community 8 string +ATTRIBUTE Waverider-SNMP-Write-Community 9 string +ATTRIBUTE Waverider-SNMP-Trap-Server 10 string +ATTRIBUTE Waverider-SNMP-Contact 11 string +ATTRIBUTE Waverider-SNMP-Location 12 string +ATTRIBUTE Waverider-SNMP-Name 13 string +ATTRIBUTE Waverider-Max-Customers 14 integer +ATTRIBUTE Waverider-Rf-Power 15 integer + +VALUE Waverider-Grade-Of-Service be 1 +VALUE Waverider-Grade-Of-Service bronze 2 +VALUE Waverider-Grade-Of-Service silver 3 +VALUE Waverider-Grade-Of-Service gold 4 + +VALUE Waverider-Priority-Enabled disabled 0 +VALUE Waverider-Priority-Enabled enabled 1 + +VALUE Waverider-Radio-Frequency auto 1 +VALUE Waverider-Radio-Frequency nomadic 2 +VALUE Waverider-Radio-Frequency f_9050 3 +VALUE Waverider-Radio-Frequency f_9116 4 +VALUE Waverider-Radio-Frequency f_9184 5 +VALUE Waverider-Radio-Frequency f_9250 6 +VALUE Waverider-Radio-Frequency f_9084 7 +VALUE Waverider-Radio-Frequency f_9150 8 +VALUE Waverider-Radio-Frequency f_9216 9 + +VALUE Waverider-Rf-Power p_15 1 +VALUE Waverider-Rf-Power p_16 2 +VALUE Waverider-Rf-Power p_17 3 +VALUE Waverider-Rf-Power p_18 4 +VALUE Waverider-Rf-Power p_19 5 +VALUE Waverider-Rf-Power p_20 6 +VALUE Waverider-Rf-Power p_21 7 +VALUE Waverider-Rf-Power p_22 8 +VALUE Waverider-Rf-Power p_23 9 +VALUE Waverider-Rf-Power p_24 10 +VALUE Waverider-Rf-Power p_25 11 +VALUE Waverider-Rf-Power p_26 12 + +END-VENDOR Waverider diff --git a/freeradius/dict/dictionary.wifidog b/freeradius/dict/dictionary.wifidog new file mode 100644 index 0000000..538a85a --- /dev/null +++ b/freeradius/dict/dictionary.wifidog @@ -0,0 +1,10 @@ +# +# WiFiDog dictionary. +# +# Enable by putting the line "$INCLUDE dictionary.wifidog" +# into the main dictionary file. +# + +VENDOR WiFiDog 18721 +ATTRIBUTE WiFiDog-Version 1 string WiFiDog +ATTRIBUTE WiFiDog-Config 2 string WiFiDog diff --git a/freeradius/dict/dictionary.wispr b/freeradius/dict/dictionary.wispr new file mode 100644 index 0000000..d31ef24 --- /dev/null +++ b/freeradius/dict/dictionary.wispr @@ -0,0 +1,36 @@ +# -*- text -*- +# +# dictionary.wispr +# +# VSAs originally by +# "James Underwood" +# +# Version: $Id$ +# +# For documentation on WISPr RADIUS attributes, see: +# +# Wi-Fi Alliance - Wireless ISP Roaming - Best Current Practices v1, +# Feb 2003, p 14 +# +# http://www.weca.net/OpenSection/downloads/WISPr_V1.0.pdf + +VENDOR WISPr 14122 + +# +# Standard attribute +# +BEGIN-VENDOR WISPr + +ATTRIBUTE WISPr-Location-ID 1 string +ATTRIBUTE WISPr-Location-Name 2 string +ATTRIBUTE WISPr-Logoff-URL 3 string +ATTRIBUTE WISPr-Redirection-URL 4 string +ATTRIBUTE WISPr-Bandwidth-Min-Up 5 integer +ATTRIBUTE WISPr-Bandwidth-Min-Down 6 integer +ATTRIBUTE WISPr-Bandwidth-Max-Up 7 integer +ATTRIBUTE WISPr-Bandwidth-Max-Down 8 integer +ATTRIBUTE WISPr-Session-Terminate-Time 9 string +ATTRIBUTE WISPr-Session-Terminate-End-Of-Day 10 string +ATTRIBUTE WISPr-Billing-Class-Of-Service 11 string + +END-VENDOR WISPr diff --git a/freeradius/dict/dictionary.xedia b/freeradius/dict/dictionary.xedia new file mode 100644 index 0000000..3d2eef3 --- /dev/null +++ b/freeradius/dict/dictionary.xedia @@ -0,0 +1,23 @@ +# -*- text -*- +############################################################################## +# +# XEDIA, AP series routers +# From Yard RADIUS, and Piotr Orlewicz, porlewicz@teleton.pl www.real-data.pl +# +# $Id$ +# +############################################################################# +VENDOR Xedia 838 + +BEGIN-Vendor Xedia + +ATTRIBUTE Xedia-DNS-Server 1 ipaddr +ATTRIBUTE Xedia-NetBios-Server 2 ipaddr +ATTRIBUTE Xedia-Address-Pool 3 string +ATTRIBUTE Xedia-PPP-Echo-Interval 4 integer +ATTRIBUTE Xedia-SSH-Privileges 5 integer +ATTRIBUTE Xedia-Client-Access-Network 6 string +ATTRIBUTE Xedia-Client-Firewall-Setting 7 integer +ATTRIBUTE Xedia-Save-Password 8 integer + +END-VENDOR Xedia diff --git a/freeradius/dict/dictionary.xylan b/freeradius/dict/dictionary.xylan new file mode 100644 index 0000000..875ea16 --- /dev/null +++ b/freeradius/dict/dictionary.xylan @@ -0,0 +1,39 @@ +# -*- text -*- +############################################################################## +# +# Xylan dictionary +# +# $Id$ +# +############################################################################## + +VENDOR Xylan 800 + +BEGIN-VENDOR Xylan + +ATTRIBUTE Xylan-Auth-Group 1 integer +ATTRIBUTE Xylan-Slot-Port 2 string +ATTRIBUTE Xylan-Time-of-Day 3 string +ATTRIBUTE Xylan-Client-IP-Addr 4 ipaddr +ATTRIBUTE Xylan-Group-Desc 5 string +ATTRIBUTE Xylan-Port-Desc 6 string +ATTRIBUTE Xylan-Profil-Numb 7 integer +ATTRIBUTE Xylan-Auth-Group-Protocol 8 string +ATTRIBUTE Xylan-Asa-Access 9 string +ATTRIBUTE Xylan-Access-Priv 16 integer +ATTRIBUTE Xylan-Acce-Priv-R1 33 octets +ATTRIBUTE Xylan-Acce-Priv-R2 34 octets +ATTRIBUTE Xylan-Acce-Priv-W1 35 octets +ATTRIBUTE Xylan-Acce-Priv-W2 36 octets +ATTRIBUTE Xylan-Acce-Priv-G1 37 octets +ATTRIBUTE Xylan-Acce-Priv-G2 38 octets +ATTRIBUTE Xylan-Acce-Priv-F-R1 39 octets +ATTRIBUTE Xylan-Acce-Priv-F-R2 40 octets +ATTRIBUTE Xylan-Acce-Priv-F-W1 41 octets +ATTRIBUTE Xylan-Acce-Priv-F-W2 42 octets + +VALUE Xylan-Access-Priv Xylan-Read-Priv 1 +VALUE Xylan-Access-Priv Xylan-Write-Priv 2 +VALUE Xylan-Access-Priv Xylan-Admin-Priv 3 + +END-VENDOR Xylan diff --git a/freeradius/dict/dictionary.zyxel b/freeradius/dict/dictionary.zyxel new file mode 100644 index 0000000..b36d907 --- /dev/null +++ b/freeradius/dict/dictionary.zyxel @@ -0,0 +1,25 @@ +# -*- text -*- +############################################################################## +# +# Zyxel attributes, of course in the RFC space... +# +# This dictionary is NOT included by default, because it conflicts +# with other dictionaries! +# +# http://www.zyxel.com/support/supportnote/p200/ap_note/isdn/radius.htm +# +# $Id$ +# +############################################################################## + +VENDOR Zyxel + +ATTRIBUTE Zyxel-Callback-Option 192 integer +ATTRIBUTE Zyxel-Callback-Phone-Source 193 integer + +VALUE Zyxel-Callback-Phone-Source Preconfigured 0 +VALUE Zyxel-Callback-Phone-Source User 1 + +VALUE Zyxel-Callback-Option None 0 +VALUE Zyxel-Callback-Option Optional 1 +VALUE Zyxel-Callback-Option Mandatory 2 diff --git a/freeradius/patch/freeradius-1.1.1.patch b/freeradius/patch/freeradius-1.1.1.patch new file mode 100644 index 0000000..9dce119 --- /dev/null +++ b/freeradius/patch/freeradius-1.1.1.patch @@ -0,0 +1,1225 @@ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.1.orig/raddb/jradius.conf freeradius-1.1.1/raddb/jradius.conf +--- freeradius-1.1.1.orig/raddb/jradius.conf 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.1/raddb/jradius.conf 2006-05-24 15:53:52.000000000 +0200 +@@ -0,0 +1,15 @@ ++ ++jradius { ++ name = "example" # Name of the JRadius Application ++ # (known as "Sender" in JRadius) ++ primary = "127.0.0.1" # Primary JRadius Server ++ # (using default port of 1814) ++ secondary = "192.168.1.2:1815" # Secondary JRadius Server (port 1815) ++ tertiary = "192.168.1.2:1816" # Tertiary JRadius Server ++ timeout = 1 # JRadius Server Connect Timeout (default 5) ++ onfail = NOOP # What to do if no JRadius ++ # Server is found. Options are: ++ # FAIL (default), OK, REJECT, NOOP ++ keepalive = yes # Keep connections to JRadius pooled ++ connections = 8 # Number of pooled JRadius connections ++} +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.1.orig/raddb/radiusd.conf.in freeradius-1.1.1/raddb/radiusd.conf.in +--- freeradius-1.1.1.orig/raddb/radiusd.conf.in 2006-02-10 16:12:02.000000000 +0100 ++++ freeradius-1.1.1/raddb/radiusd.conf.in 2006-05-24 15:53:52.000000000 +0200 +@@ -536,6 +536,9 @@ + # in other sections of this configuration file. + # + modules { ++ ++$INCLUDE ${confdir}/jradius.conf ++ + # + # Each module has a configuration as follows: + # +@@ -1815,6 +1818,8 @@ + # + # Use the checkval module + # checkval ++ ++ jradius + } + + +@@ -1916,6 +1921,8 @@ + suffix + # ntdomain + ++ jradius ++ + # + # Read the 'acct_users' file + files +@@ -1925,6 +1932,8 @@ + # Accounting. Log the accounting data. + # + accounting { ++ jradius ++ + # + # Create a 'detail'ed log of the packets. + # Note that accounting requests which are proxied +@@ -2020,6 +2029,10 @@ + # insert-module-name-here + # } + ++ jradius ++ Post-Auth-Type REJECT { ++ jradius ++ } + } + + # +@@ -2041,6 +2054,7 @@ + # server, un-comment the following line, and the + # 'detail pre_proxy_log' section, above. + # pre_proxy_log ++ jradius + } + + # +@@ -2074,4 +2088,5 @@ + # reject the EAP request. + # + eap ++ jradius + } +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.1.orig/share/dictionary freeradius-1.1.1/share/dictionary +--- freeradius-1.1.1.orig/share/dictionary 2006-03-16 23:03:11.000000000 +0100 ++++ freeradius-1.1.1/share/dictionary 2006-05-24 15:55:10.000000000 +0200 +@@ -52,7 +52,19 @@ + # this directive to the end of this file if you want to see the + # old names in the logfiles, INSTEAD OF the new names. + # +-$INCLUDE dictionary.compat ++#$INCLUDE dictionary.compat ++ ++$INCLUDE dictionary.jradius ++$INCLUDE dictionary.chillispot ++$INCLUDE dictionary.lancom ++$INCLUDE dictionary.garderos ++$INCLUDE dictionary.ser ++ ++$INCLUDE dictionary.altiga ++$INCLUDE dictionary.aptis ++$INCLUDE dictionary.avaya ++$INCLUDE dictionary.motorola ++$INCLUDE dictionary.nokia + + # + # Include the RFC dictionaries next. +--- freeradius-1.1.1.orig/share/dictionary.chillispot 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.1/share/dictionary.chillispot 2006-05-24 15:55:10.000000000 +0200 +@@ -0,0 +1,20 @@ ++# ++# ChilliSpot dictionary. ++# ++# Enable by putting the line "$INCLUDE dictionary.chillispot" ++# into the main dictionary file. ++# ++# ++ ++VENDOR ChilliSpot 14559 ++ ++# ++# ChilliSpot Vendor Specific Extensions ++# ++# ++ATTRIBUTE ChilliSpot-Max-Input-Octets 1 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Max-Output-Octets 2 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Max-Total-Octets 3 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Bandwidth-Max-Up 4 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Bandwidth-Max-Down 5 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Config 6 string ChilliSpot +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.1.orig/share/dictionary.jradius freeradius-1.1.1/share/dictionary.jradius +--- freeradius-1.1.1.orig/share/dictionary.jradius 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.1/share/dictionary.jradius 2006-05-24 15:55:10.000000000 +0200 +@@ -0,0 +1,4 @@ ++VENDOR JRadius 19211 ++ATTRIBUTE JRadius-Request-Id 1 string JRadius ++ATTRIBUTE JRadius-Session-Id 2 string JRadius ++ATTRIBUTE JRadius-Proxy-Client 3 octets JRadius +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.1.orig/share/dictionary.lancom freeradius-1.1.1/share/dictionary.lancom +--- freeradius-1.1.1.orig/share/dictionary.lancom 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.1/share/dictionary.lancom 2006-05-24 15:55:10.000000000 +0200 +@@ -0,0 +1,12 @@ ++VENDOR Lancom 16787 ++ATTRIBUTE Lancom-Location-ID 1 string Lancom ++ATTRIBUTE Lancom-Location-Name 2 string Lancom ++ATTRIBUTE Lancom-Logoff-URL 3 string Lancom ++ATTRIBUTE Lancom-Redirection-URL 4 string Lancom ++ATTRIBUTE Lancom-Bandwidth-Min-Up 5 integer Lancom ++ATTRIBUTE Lancom-Bandwidth-Min-Down 6 integer Lancom ++ATTRIBUTE Lancom-Bandwidth-Max-Up 7 integer Lancom ++ATTRIBUTE Lancom-Bandwidth-Max-Down 8 integer Lancom ++ATTRIBUTE Lancom-Session-Terminate-Time 9 string Lancom ++ATTRIBUTE Lancom-Session-Terminate-End-Of-Day 10 string Lancom ++ATTRIBUTE Lancom-Billing-Class-Of-Service 11 string Lancom +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.1.orig/share/dictionary.ser freeradius-1.1.1/share/dictionary.ser +--- freeradius-1.1.1.orig/share/dictionary.ser 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.1/share/dictionary.ser 2006-05-24 15:55:10.000000000 +0200 +@@ -0,0 +1,49 @@ ++# ++# $Id: freeradius-1.1.1.patch,v 1.3 2006/05/24 14:11:23 picopoint Exp $ ++# ++# SIP RADIUS attributes ++# ++# Schulzrinne indicates attributes according to ++# draft-schulzrinne-sipping-radius-accounting-00 ++# ++# Sterman indicates attributes according to ++# draft-sterman-aaa-sip-00 ++# ++# Standard indicates a standard RADIUS attribute ++# which is missing in radiusclient dictionary ++# ++# Digest indicates attributes according to ++# ++# Proprietary indicates an attribute that hasn't ++# been standardized ++# ++ ++### acc ### ++ATTRIBUTE Sip-Method 101 integer # Schulzrinne ++ATTRIBUTE Sip-Response-Code 102 integer # Schulzrinne ++ATTRIBUTE Sip-Cseq 103 string # Schulzrinne ++ATTRIBUTE Sip-To-Tag 104 string # Schulzrinne ++ATTRIBUTE Sip-From-Tag 105 string # Schulzrinne ++ATTRIBUTE Sip-Branch-Id 106 string # Schulzrinne ++ATTRIBUTE Sip-Translated-Req-ID 107 string # Schulzrinne ++ATTRIBUTE Sip-Source-Ip-Address 108 ipaddr # Schulzrinne ++ATTRIBUTE Sip-Source-Port 109 integer # Schulzrinne ++ ++ATTRIBUTE Digest-Response 206 string # Sterman ++ATTRIBUTE Digest-Attributes 207 string # Sterman ++ ++ATTRIBUTE Sip-Uri-User 208 string # Proprietary ++ATTRIBUTE Sip-Rpid 213 string # Proprietary ++ ++ATTRIBUTE Digest-Realm 1063 string # Sterman ++ATTRIBUTE Digest-Nonce 1064 string # Sterman ++ATTRIBUTE Digest-Method 1065 string # Sterman ++ATTRIBUTE Digest-Uri 1066 string # Sterman ++ATTRIBUTE Digest-Qop 1067 string # Sterman ++ATTRIBUTE Digest-Algorithm 1068 string # Sterman ++ATTRIBUTE Digest-Body-Digest 1069 string # Sterman ++ATTRIBUTE Digest-Cnonce 1070 string # Sterman ++ATTRIBUTE Digest-Nonce-Count 1071 string # Sterman ++ATTRIBUTE Digest-User-Name 1072 string # Sterman ++ ++ATTRIBUTE Sip-Group 211 string # Proprietary +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.1.orig/src/modules/rlm_jradius/configure freeradius-1.1.1/src/modules/rlm_jradius/configure +--- freeradius-1.1.1.orig/src/modules/rlm_jradius/configure 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.1/src/modules/rlm_jradius/configure 2006-05-24 15:53:52.000000000 +0200 +@@ -0,0 +1,4 @@ ++#! /bin/sh ++ ++echo "did nothing" ++ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.1.orig/src/modules/rlm_jradius/jradius.conf freeradius-1.1.1/src/modules/rlm_jradius/jradius.conf +--- freeradius-1.1.1.orig/src/modules/rlm_jradius/jradius.conf 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.1/src/modules/rlm_jradius/jradius.conf 2006-05-24 16:00:45.000000000 +0200 +@@ -0,0 +1,15 @@ ++ ++jradius { ++ name = "example" # Name of the JRadius Application ++ # (known as "Sender" in JRadius) ++ primary = "127.0.0.1" # Primary JRadius Server ++ # (using default port of 1814) ++ secondary = "192.168.1.2:1815" # Secondary JRadius Server (port 1815) ++ tertiary = "192.168.1.2:1816" # Tertiary JRadius Server ++ timeout = 1 # JRadius Server Connect Timeout (default 5) ++ onfail = NOOP # What to do if no JRadius ++ # Server is found. Options are: ++ # FAIL (default), OK, REJECT, NOOP ++ keepalive = yes # Keep connections to JRadius pooled ++ connections = 8 # Number of pooled JRadius connections ++} +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.1.orig/src/modules/rlm_jradius/Makefile freeradius-1.1.1/src/modules/rlm_jradius/Makefile +--- freeradius-1.1.1.orig/src/modules/rlm_jradius/Makefile 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.1/src/modules/rlm_jradius/Makefile 2006-05-24 15:53:52.000000000 +0200 +@@ -0,0 +1,13 @@ ++TARGET = rlm_jradius ++SRCS = rlm_jradius.c ++HEADERS = ++RLM_CFLAGS = ++RLM_LIBS = ++ ++## this uses the RLM_CFLAGS and RLM_LIBS and SRCS defs to make TARGET. ++include ../rules.mak ++ ++$(STATIC_OBJS): $(HEADERS) ++ ++$(DYNAMIC_OBJS): $(HEADERS) ++ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.1.orig/src/modules/rlm_jradius/rlm_jradius.c freeradius-1.1.1/src/modules/rlm_jradius/rlm_jradius.c +--- freeradius-1.1.1.orig/src/modules/rlm_jradius/rlm_jradius.c 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.1/src/modules/rlm_jradius/rlm_jradius.c 2006-05-24 15:55:45.000000000 +0200 +@@ -0,0 +1,961 @@ ++/** ++ * rlm_jradius - The FreeRADIUS JRadius Server Module ++ * Copyright (C) 2004-2006 PicoPoint, B.V. ++ * ++ * This program is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by the ++ * Free Software Foundation; either version 2 of the License, or (at your ++ * option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * for more details. ++ * ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ++ * ++ * Author(s): David Bird ++ */ ++ ++/*#define FRv2 1*/ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#ifdef FRv2 ++#include ++#include ++#include ++#include ++#include ++#define STR_VALUE(p) ((p)->data.strvalue) ++#else ++#include "autoconf.h" ++#include "libradius.h" ++#include "radiusd.h" ++#include "modules.h" ++#include "conffile.h" ++#define STR_VALUE(p) ((p)->strvalue) ++#endif ++ ++#ifdef HAVE_PTHREAD_H ++#include ++#endif ++ ++#ifdef HAVE_SYS_SOCKET_H ++#include ++#endif ++ ++#ifndef O_NONBLOCK ++#define O_NONBLOCK O_NDELAY ++#endif ++ ++static const char rcsid[] = "$Id: freeradius-1.1.1.patch,v 1.3 2006/05/24 14:11:23 picopoint Exp $"; ++ ++static const int JRADIUS_PORT = 1814; ++static const int HALF_MESSAGE_LEN = 16384; ++static const int MESSAGE_LEN = 32768; ++ ++static const int JRADIUS_authenticate = 1; ++static const int JRADIUS_authorize = 2; ++static const int JRADIUS_preacct = 3; ++static const int JRADIUS_accounting = 4; ++static const int JRADIUS_checksimul = 5; ++static const int JRADIUS_pre_proxy = 6; ++static const int JRADIUS_post_proxy = 7; ++static const int JRADIUS_post_auth = 8; ++ ++#define LOG_PREFIX "rlm_jradius: " ++#define MAX_HOSTS 4 ++ ++typedef struct jradius_socket { ++ int id; ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_t mutex; ++#endif ++ struct jradius_socket *next; ++ enum { is_connected, not_connected } state; ++ ++ union { ++ int sock; ++ } con; ++} JRSOCK; ++ ++typedef struct jradius_inst { ++ time_t connect_after; ++ JRSOCK * sock_pool; ++ JRSOCK * last_used; ++ ++ char * name; ++ char * host [MAX_HOSTS]; ++ uint32_t ipaddr [MAX_HOSTS]; ++ int port [MAX_HOSTS]; ++ int timeout; ++ int onfail; ++ char * onfail_s; ++ int keepalive; ++ int jrsock_cnt; ++} JRADIUS; ++ ++typedef struct _byte_array ++{ ++ unsigned int size; ++ unsigned int pos; ++ unsigned int left; ++ unsigned char * b; ++} byte_array; ++ ++static CONF_PARSER module_config[] = { ++ { "name", PW_TYPE_STRING_PTR, offsetof(JRADIUS, name), NULL, "localhost"}, ++ { "primary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[0]), NULL, "localhost"}, ++ { "secondary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[1]), NULL, NULL}, ++ { "tertiary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[2]), NULL, NULL}, ++ { "timeout", PW_TYPE_INTEGER, offsetof(JRADIUS, timeout), NULL, "5"}, ++ { "onfail", PW_TYPE_STRING_PTR, offsetof(JRADIUS, onfail_s), NULL, NULL}, ++ { "keepalive", PW_TYPE_BOOLEAN, offsetof(JRADIUS, keepalive), NULL, "yes"}, ++ { "connections", PW_TYPE_INTEGER, offsetof(JRADIUS, jrsock_cnt), NULL, "8"}, ++ { NULL, -1, 0, NULL, NULL } ++}; ++ ++static int connect_socket(JRSOCK *jrsock, JRADIUS *inst) ++{ ++ struct sockaddr_in local_addr, serv_addr; ++ int i, connected = 0; ++ char buff[128]; ++ int sock; ++ ++ /* ++ * Connect to jradius servers until we succeed or die trying ++ */ ++ for (i = 0; !connected && i < MAX_HOSTS && inst->ipaddr[i] > 0; i++) { ++ ++ /* ++ * Allocate a TCP socket ++ */ ++ if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not allocate TCP socket"); ++ goto failed; ++ } ++ ++ /* ++ * If we have a timeout value set, make the socket non-blocking ++ */ ++ if (inst->timeout > 0 && ++ fcntl(sock, F_SETFL, fcntl(sock, F_GETFL, 0) | O_NONBLOCK) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not set non-blocking on socket"); ++ goto failed; ++ } ++ ++ /* ++ * Bind to any local port ++ */ ++ memset(&local_addr, 0, sizeof(local_addr)); ++ local_addr.sin_family = AF_INET; ++ local_addr.sin_addr.s_addr = htonl(INADDR_ANY); ++ local_addr.sin_port = htons(0); ++ ++ if (bind(sock, (struct sockaddr *) &local_addr, sizeof(local_addr)) < 0) { ++ radlog(L_ERR, LOG_PREFIX "could not locally bind TCP socket"); ++ goto failed; ++ } ++ ++ /* ++ * Attempt connection to remote server ++ */ ++ memset(&serv_addr, 0, sizeof(serv_addr)); ++ serv_addr.sin_family = AF_INET; ++ memcpy((char *) &serv_addr.sin_addr, &(inst->ipaddr[i]), 4); ++ serv_addr.sin_port = htons(inst->port[i]); ++ ++ if (connect(sock, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0) { ++ if (inst->timeout > 0 && (errno == EINPROGRESS || errno == EWOULDBLOCK)) { ++ /* ++ * Wait to see if non-blocking socket connects or times-out ++ */ ++ struct pollfd pfd; ++ memset(&pfd, 0, sizeof(pfd)); ++ ++ pfd.fd = sock; ++ pfd.events = POLLOUT; ++ ++ if (poll(&pfd, 1, inst->timeout * 1000) == 1 && pfd.revents) { ++ /* ++ * Lets make absolutely sure we are connected ++ */ ++ struct sockaddr_in sa; ++ unsigned int salen = sizeof(sa); ++ if (getpeername(sock, (struct sockaddr *) &sa, &salen) != -1) { ++ /* ++ * CONNECTED! break out of for-loop ++ */ ++ connected = 1; ++ break; ++ } ++ } ++ } ++ ++ /* ++ * Timed-out ++ */ ++ radlog(L_ERR, LOG_PREFIX "could not connect to %s:%d", ++ ip_ntoa(buff, inst->ipaddr[i]), inst->port[i]); ++ ++ } else { ++ /* ++ * CONNECTED (instantly)! break out of for-loop ++ */ ++ connected = 1; ++ break; ++ } ++ ++ /* ++ * Unable to connect, cleanup and start over ++ */ ++ close(sock); sock=0; ++ } ++ ++ if (!connected) { ++ radlog(L_ERR, LOG_PREFIX "could not find any jradius server!"); ++ goto failed; ++ } ++ ++ /* ++ * If we previously set the socket to non-blocking, restore blocking ++ */ ++ if (inst->timeout > 0 && ++ fcntl(sock, F_SETFL, fcntl(sock, F_GETFL, 0) & ~O_NONBLOCK) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not set blocking on socket"); ++ goto failed; ++ } ++ ++ jrsock->state = is_connected; ++ jrsock->con.sock = sock; ++ return 1; ++ ++ failed: ++ if (sock > 0) { shutdown(sock, 2); close(sock); } ++ jrsock->state = not_connected; ++ return 0; ++} ++ ++static void close_socket(JRADIUS * inst, JRSOCK *jrsock) { ++ radlog(L_DBG, "rlm_jradius: Closing JRadius connection %d", jrsock->id); ++ if (jrsock->con.sock > 0) { ++ shutdown(jrsock->con.sock, 2); ++ close(jrsock->con.sock); ++ } ++ jrsock->state = not_connected; ++ jrsock->con.sock = 0; ++} ++ ++static void free_socket(JRADIUS * inst, JRSOCK *jrsock) { ++ close_socket(inst, jrsock); ++ if (inst->keepalive) { ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_destroy(&jrsock->mutex); ++#endif ++ free(jrsock); ++ } ++} ++ ++static int socket_send(JRSOCK *jrsock, unsigned char *b, unsigned int blen) { ++ return send(jrsock->con.sock, b, blen, 0); ++} ++ ++static int init_socketpool(JRADIUS * inst) ++{ ++ int i, rcode; ++ int success = 0; ++ JRSOCK *jrsock; ++ ++ inst->connect_after = 0; ++ inst->sock_pool = NULL; ++ ++ for (i = 0; i < inst->jrsock_cnt; i++) { ++ radlog(L_DBG, "rlm_jradius: starting JRadius connection %d", i); ++ ++ if ((jrsock = rad_malloc(sizeof(*jrsock))) == 0) return -1; ++ ++ memset(jrsock, 0, sizeof(*jrsock)); ++ jrsock->id = i; ++ jrsock->state = not_connected; ++ ++#ifdef HAVE_PTHREAD_H ++ rcode = pthread_mutex_init(&jrsock->mutex,NULL); ++ if (rcode != 0) { ++ radlog(L_ERR, "rlm_jradius: Failed to init lock: %s", strerror(errno)); ++ return 0; ++ } ++#endif ++ ++ if (time(NULL) > inst->connect_after) ++ if (connect_socket(jrsock, inst)) ++ success = 1; ++ ++ jrsock->next = inst->sock_pool; ++ inst->sock_pool = jrsock; ++ } ++ inst->last_used = NULL; ++ ++ if (!success) { ++ radlog(L_DBG, "rlm_jradius: Failed to connect to JRadius server."); ++ } ++ ++ return 1; ++} ++ ++static void free_socketpool(JRADIUS * inst) ++{ ++ JRSOCK *cur; ++ JRSOCK *next; ++ ++ for (cur = inst->sock_pool; cur; cur = next) { ++ next = cur->next; ++ free_socket(inst, cur); ++ } ++ ++ inst->sock_pool = NULL; ++} ++ ++static JRSOCK * get_socket(JRADIUS * inst) ++{ ++ JRSOCK *cur, *start; ++ int tried_to_connect = 0; ++ int unconnected = 0; ++ ++ start = inst->last_used; ++ if (!start) start = inst->sock_pool; ++ ++ cur = start; ++ ++ while (cur) { ++#ifdef HAVE_PTHREAD_H ++ if (pthread_mutex_trylock(&cur->mutex) != 0) { ++ goto next; ++ } ++#endif ++ ++ if ((cur->state == not_connected) && (time(NULL) > inst->connect_after)) { ++ radlog(L_INFO, "rlm_jradius: Trying to (re)connect unconnected handle %d", cur->id); ++ tried_to_connect++; ++ connect_socket(cur, inst); ++ } ++ ++ if (cur->state == not_connected) { ++ radlog(L_DBG, "rlm_jradius: Ignoring unconnected handle %d", cur->id); ++ unconnected++; ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_unlock(&cur->mutex); ++#endif ++ goto next; ++ } ++ ++ radlog(L_DBG, "rlm_jradius: Reserving JRadius socket id: %d", cur->id); ++ ++ if (unconnected != 0 || tried_to_connect != 0) { ++ radlog(L_INFO, "rlm_jradius: got socket %d after skipping %d unconnected handles, tried to reconnect %d though", ++ cur->id, unconnected, tried_to_connect); ++ } ++ ++ inst->last_used = cur->next; ++ return cur; ++ ++ next: ++ cur = cur->next; ++ if (!cur) cur = inst->sock_pool; ++ if (cur == start) break; ++ } ++ ++ radlog(L_INFO, "rlm_jradius: There are no sockets to use! skipped %d, tried to connect %d", ++ unconnected, tried_to_connect); ++ return NULL; ++} ++ ++static int release_socket(JRADIUS * inst, JRSOCK * jrsock) ++{ ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_unlock(&jrsock->mutex); ++#endif ++ ++ radlog(L_DBG, "rlm_jradius: Released JRadius socket id: %d", jrsock->id); ++ ++ return 0; ++} ++ ++ ++/* ++ * Initialize the jradius module ++ */ ++static int jradius_instantiate(CONF_SECTION *conf, void **instance) ++{ ++ JRADIUS *inst = (JRADIUS *) instance; ++ char host[128], b[128], *h; ++ int i, p, idx, port; ++ ++ inst = rad_malloc(sizeof(JRADIUS)); ++ memset(inst, 0, sizeof(JRADIUS)); ++ ++ if (cf_section_parse(conf, inst, module_config) < 0) { ++ free(inst); ++ return -1; ++ } ++ ++ for (i = 0, idx = 0; i < MAX_HOSTS; i++) { ++ if (inst->host[i] && strlen(inst->host[i]) < sizeof(host)) { ++ h = inst->host[i]; ++ p = JRADIUS_PORT; ++ ++ strcpy(b, h); ++ if (sscanf(b, "%[^:]:%d", host, &port) == 2) { h = host; p = port; } ++ ++ if (h) { ++#ifdef FRv2 ++ lrad_ipaddr_t ipaddr; ++ if (ip_hton(h, AF_INET, &ipaddr) < 0) { ++ radlog(L_ERR, "Can't find IP address for host %s", h); ++ continue; ++ } ++ if ((inst->ipaddr[idx] = ipaddr.ipaddr.ip4addr.s_addr) != htonl(INADDR_NONE)) { ++#else ++ if ((inst->ipaddr[idx] = ip_getaddr(h)) != htonl(INADDR_NONE)) { ++#endif ++ inst->port[idx] = p; ++ radlog(L_INFO, LOG_PREFIX "configuring jradius server %s:%d", h, p); ++ idx++; ++ } else { ++ radlog(L_ERR, LOG_PREFIX "invalid jradius server %s", h); ++ } ++ } ++ } ++ } ++ ++ if (inst->keepalive) init_socketpool(inst); ++ ++ inst->onfail = RLM_MODULE_FAIL; ++ ++ if (inst->onfail_s) { ++ if (!strcmp(inst->onfail_s, "NOOP")) inst->onfail = RLM_MODULE_NOOP; ++ else if (!strcmp(inst->onfail_s, "REJECT")) inst->onfail = RLM_MODULE_REJECT; ++ else if (!strcmp(inst->onfail_s, "OK")) inst->onfail = RLM_MODULE_OK; ++ else if (!strcmp(inst->onfail_s, "FAIL")) inst->onfail = RLM_MODULE_FAIL; ++ else radlog(L_ERR, LOG_PREFIX "invalid jradius 'onfail' state %s", inst->onfail_s); ++ } ++ ++ *instance = inst; ++ ++ return 0; ++} ++ ++/* ++ * Initialize a byte array buffer structure ++ */ ++static void init_byte_array(byte_array * ba, unsigned char *b, int blen) ++{ ++ ba->b = b; ++ ba->size = ba->left = blen; ++ ba->pos = 0; ++} ++ ++/* ++ * Pack a single byte into a byte array buffer ++ */ ++static int pack_byte(byte_array * ba, unsigned char c) ++{ ++ if (ba->left < 1) return -1; ++ ++ ba->b[ba->pos] = c; ++ ba->pos++; ++ ba->left--; ++ ++ return 0; ++} ++ ++/* ++ * Pack an array of bytes into a byte array buffer ++ */ ++static int pack_bytes(byte_array * ba, unsigned char *d, unsigned int dlen) ++{ ++ if (ba->left < dlen) return -1; ++ ++ memcpy((void *)(ba->b + ba->pos), d, dlen); ++ ba->pos += dlen; ++ ba->left -= dlen; ++ ++ return 0; ++} ++ ++/* ++ * Pack an integer into a byte array buffer (adjusting for byte-order) ++ */ ++static int pack_int(byte_array * ba, unsigned int i) ++{ ++ if (ba->left < 4) return -1; ++ ++ i = htonl(i); ++ ++ memcpy((void *)(ba->b + ba->pos), (void *)&i, 4); ++ ba->pos += 4; ++ ba->left -= 4; ++ ++ return 0; ++} ++ ++/* ++ * Pack one byte array buffer into another byte array buffer ++ */ ++static int pack_array(byte_array * ba, byte_array * a) ++{ ++ if (ba->left < a->pos) return -1; ++ ++ memcpy((void *)(ba->b + ba->pos), (void *)a->b, a->pos); ++ ba->pos += a->pos; ++ ba->left -= a->pos; ++ ++ return 0; ++} ++ ++/* ++ * Pack radius attributes into a byte array buffer ++ */ ++static int pack_vps(byte_array * ba, VALUE_PAIR * vps) ++{ ++ VALUE_PAIR * vp; ++ ++ for (vp = vps; vp != NULL; vp = vp->next) { ++ ++ radlog(L_DBG, LOG_PREFIX "packing attribute %s (type: %d; len: %d)", ++ vp->name, vp->attribute, vp->length); ++ ++ if (pack_int(ba, vp->attribute) == -1) return -1; ++ if (pack_int(ba, vp->length) == -1) return -1; ++ if (pack_int(ba, vp->operator) == -1) return -1; ++ ++ switch (vp->type) { ++ case PW_TYPE_INTEGER: ++ case PW_TYPE_DATE: ++ if (pack_int(ba, vp->lvalue) == -1) return -1; ++ break; ++ case PW_TYPE_IPADDR: ++ if (pack_bytes(ba, (void *)&vp->lvalue, vp->length) == -1) return -1; ++ break; ++ default: ++ if (pack_bytes(ba, (void *)STR_VALUE(vp), vp->length) == -1) return -1; ++ break; ++ } ++ } ++ ++ return 0; ++} ++ ++/* ++ * Pack a radius packet into a byte array buffer ++ */ ++static int pack_packet(byte_array * ba, RADIUS_PACKET * p) ++{ ++ /*unsigned char code = p->code;*/ ++ unsigned char buff[HALF_MESSAGE_LEN]; ++ byte_array pba; ++ ++ init_byte_array(&pba, buff, sizeof(buff)); ++ ++ if (pack_vps (&pba, p->vps) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "packing packet with code: %d (attr length: %d)", p->code, pba.pos); ++ ++ if (pack_byte (ba, p->code) == -1) return -1; ++ if (pack_byte (ba, p->id) == -1) return -1; ++ if (pack_int (ba, pba.pos) == -1) return -1; ++ if (pba.pos == 0) return 0; ++ if (pack_array (ba, &pba) == -1) return -1; ++ ++ return 0; ++} ++ ++static int pack_request(byte_array * ba, REQUEST *r) ++{ ++ unsigned char buff[HALF_MESSAGE_LEN]; ++ byte_array pba; ++ ++ init_byte_array(&pba, buff, sizeof(buff)); ++ ++ if (pack_vps (&pba, r->config_items) == -1) return -1; ++ if (pack_int (ba, pba.pos) == -1) return -1; ++ if (pba.pos == 0) return 0; ++ if (pack_array (ba, &pba) == -1) return -1; ++ ++ return 0; ++} ++ ++/* ++ * Read a single byte from socket ++ */ ++static int read_byte(JRSOCK *jrsock, unsigned char *b) ++{ ++ return (read(jrsock->con.sock, b, 1) == 1) ? 0 : -1; ++} ++ ++static void unpack_int(unsigned char *c, unsigned int *i) ++{ ++ unsigned int ii; ++ memcpy((void *)&ii, c, 4); ++ *i = ntohl(ii); ++} ++ ++/* ++ * Read an integer from the socket (adjusting for byte-order) ++ */ ++static int read_int(JRSOCK *jrsock, unsigned int *i) ++{ ++ unsigned char c[4]; ++ ++ if (read(jrsock->con.sock, c, 4) != 4) return -1; ++ unpack_int(c, i); ++ ++ return 0; ++} ++ ++/* ++ * Read a value-pair list from the socket ++ */ ++static int read_vps(JRSOCK *jrsock, VALUE_PAIR **pl, int plen) ++{ ++ VALUE_PAIR *vp; ++ unsigned char buff[MESSAGE_LEN]; ++ unsigned int alen, atype, aop; ++ int rlen = 0; ++ ++ while (rlen < plen) { ++ if (read_int (jrsock, &atype) == -1) return -1; rlen += 4; ++ if (read_int (jrsock, &alen) == -1) return -1; rlen += 4; ++ if (read_int (jrsock, &aop) == -1) return -1; rlen += 4; ++ ++ radlog(L_DBG, LOG_PREFIX "reading attribute: type=%d; len=%d", atype, alen); ++ ++ if (alen >= sizeof(buff)) { ++ radlog(L_ERR, LOG_PREFIX "packet value too large (len: %d)", alen); ++ return -1; ++ } ++ ++ if (read(jrsock->con.sock, buff, alen) != (int)alen) return -1; rlen += alen; ++ buff[alen]=0; ++ ++ /* ++ * Create new attribute ++ */ ++ vp = paircreate(atype, -1); ++ vp->operator = aop; ++ ++ if (vp->type == -1) { ++ /* ++ * FreeRADIUS should know about the same attributes that JRadius knows ++ */ ++ radlog(L_ERR, LOG_PREFIX "received attribute we do not recognize (type: %d)", atype); ++ pairbasicfree(vp); ++ continue; ++ } ++ ++ /* ++ * Fill in the attribute value based on type ++ */ ++ switch (vp->type) { ++ case PW_TYPE_INTEGER: ++ case PW_TYPE_DATE: ++ { ++ unpack_int(buff, &vp->lvalue); ++ vp->length = 4; ++ } ++ break; ++ ++ case PW_TYPE_IPADDR: ++ memcpy((void *)&vp->lvalue, buff, 4); ++ vp->length = 4; ++ break; ++ ++ default: ++ if (alen < sizeof(STR_VALUE(vp))) { ++ memcpy((void *)STR_VALUE(vp), buff, alen); ++ vp->length = alen; ++ } ++ break; ++ } ++ ++ /* ++ * Add the attribute to the packet ++ */ ++ pairadd(pl, vp); ++ } ++ ++ return rlen; ++} ++ ++/* ++ * Read a radius packet from the socket ++ */ ++static int read_packet(JRSOCK *jrsock, RADIUS_PACKET *p) ++{ ++ unsigned char code; ++ unsigned char id; ++ unsigned int plen; ++ ++ if (read_byte (jrsock, &code) == -1) return -1; ++ if (read_byte (jrsock, &id) == -1) return -1; ++ if (read_int (jrsock, &plen) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "reading packet: code=%d len=%d", (int)code, plen); ++ ++ /* ++ if (code != p->code) { ++ radlog(L_INFO, LOG_PREFIX "changing packet code from %d to %d", p->code, code); ++ p->code = code; ++ } ++ ++ if (id != p->id) { ++ radlog(L_INFO, LOG_PREFIX "changing packet id from %d to %d", p->id, id); ++ p->id = id; ++ } ++ */ ++ ++ /* ++ * Delete previous attribute list ++ */ ++ pairfree(&p->vps); ++ ++ if (plen == 0) return 0; ++ ++ if (read_vps (jrsock, &p->vps, plen) == -1) return -1; ++ ++ return 0; ++} ++ ++static int read_request(JRSOCK *jrsock, REQUEST *p) ++{ ++ unsigned int plen; ++ ++ if (read_int(jrsock, &plen) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "reading request: config_item: len=%d", plen); ++ ++ /* ++ * Delete previous attribute list ++ */ ++ pairfree(&p->config_items); ++ ++ if (plen == 0) return 0; ++ ++ if (read_vps(jrsock, &p->config_items, plen) == -1) return -1; ++ ++ return 0; ++} ++ ++static int rlm_jradius_call(char func, void *instance, REQUEST *req, int isproxy) ++{ ++ JRADIUS * inst = instance; ++ RADIUS_PACKET * request = isproxy ? req->proxy : req->packet; ++ RADIUS_PACKET * reply = isproxy ? req->proxy_reply : req->reply; ++ JRSOCK * jrsock = 0; ++ JRSOCK sjrsock; ++ ++ int exitstatus = inst->onfail; ++ unsigned char rcode, pcount; ++ ++ unsigned char buff[MESSAGE_LEN]; ++ byte_array ba; ++ ++ char * n = inst->name; ++ unsigned int nlen = strlen(n); ++ const char * err = 0; ++ int rc, attempt2=0; ++ ++#define W_ERR(s) { err=s; goto packerror; } ++#define R_ERR(s) { err=s; goto parseerror; } ++ ++ if (inst->keepalive) { ++ jrsock = get_socket(inst); ++ if (!jrsock) return exitstatus; ++ } else { ++ jrsock = &sjrsock; ++ memset(jrsock, 0, sizeof(*jrsock)); ++ jrsock->state = not_connected; ++ } ++ ++ init_byte_array(&ba, buff, sizeof(buff)); ++ ++ pcount = 0; ++ if (request) pcount++; ++ if (reply) pcount++; ++ ++ /* ++ * Create byte array to send to jradius ++ */ ++ if ((rc = pack_int (&ba, nlen)) == -1) W_ERR("pack_int(nlen)"); ++ if ((rc = pack_bytes (&ba, (void *)n, nlen)) == -1) W_ERR("pack_bytes(name)"); ++ if ((rc = pack_byte (&ba, func)) == -1) W_ERR("pack_byte(fun)"); ++ if ((rc = pack_byte (&ba, pcount)) == -1) W_ERR("pack_byte(pcnt)"); ++ if (pcount > 0 && (rc = pack_packet (&ba, request)) == -1) W_ERR("pack_packet(req)"); ++ if (pcount > 1 && (rc = pack_packet (&ba, reply)) == -1) W_ERR("pack_packet(rep)"); ++ if ((rc = pack_request(&ba, req)) == -1) W_ERR("pack_request()"); ++ ++ /* ++ * Send data ++ */ ++ start_over: ++ if (jrsock->state == not_connected) { ++ if (attempt2) radlog(L_ERR, LOG_PREFIX "reconnecting socket id %d", jrsock->id); ++ if (!connect_socket(jrsock, inst)) { ++ if (attempt2) radlog(L_ERR, LOG_PREFIX "could not reconnect socket %d, giving up", jrsock->id); ++ goto cleanup; ++ } ++ } ++ radlog(L_DBG, LOG_PREFIX "sending %d bytes to socket %d", ba.pos, jrsock->id); ++ if (socket_send(jrsock, ba.b, ba.pos) != (int)ba.pos || ++ (rc = read_byte (jrsock, &rcode)) == -1) { ++ /* ++ * With an error on the write or the first read, try closing the socket ++ * and reconnecting to see if that improves matters any (tries this only once) ++ */ ++ radlog(L_ERR, LOG_PREFIX "error sending request with socket %d", jrsock->id); ++ if (!inst->keepalive || attempt2) W_ERR("socket_send/first_read"); ++ close_socket(inst, jrsock); ++ attempt2 = 1; ++ goto start_over; ++ } ++ ++ /* ++ * Read result ++ */ ++ if ((rc = read_byte (jrsock, &pcount)) == -1) R_ERR("read_byte(pcnt)"); ++ ++ radlog(L_DBG, LOG_PREFIX "return code %d; receiving %d packets", (int)rcode, (int)pcount); ++ ++ if (pcount > 0 && request) if ((rc = read_packet (jrsock, request)) == -1) R_ERR("read_packet(req)"); ++ if (pcount > 1 && reply) if ((rc = read_packet (jrsock, reply)) == -1) R_ERR("read_packet(rep)"); ++ ++ if ((rc = read_request (jrsock, req)) == -1) R_ERR("read_request()"); ++ ++ /* ++ * Since we deleted all the attribute lists in the request, ++ * we need to reconfigure a few pointers in the REQUEST object ++ */ ++ if (req->username) { ++ req->username = pairfind(request->vps, PW_USER_NAME); ++ } ++ if (req->password) { ++ req->password = pairfind(request->vps, PW_PASSWORD); ++ if (!req->password) req->password = pairfind(request->vps, PW_CHAP_PASSWORD); ++ } ++ ++ /* ++ * All done, set return code and cleanup ++ */ ++ exitstatus = (int)rcode; ++ goto cleanup; ++ ++ parseerror: ++ radlog(L_ERR, LOG_PREFIX "problem parsing the data [%s]",err); ++ if (inst->keepalive) close_socket(inst, jrsock); ++ goto cleanup; ++ ++ packerror: ++ radlog(L_ERR, LOG_PREFIX "problem packing the data[%s]",err); ++ if (inst->keepalive) close_socket(inst, jrsock); ++ ++ cleanup: ++ if (inst->keepalive) ++ release_socket(inst, jrsock); ++ else ++ close_socket(inst, jrsock); ++ ++ return exitstatus; ++} ++ ++static int jradius_authenticate(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_authenticate, instance, request, 0); ++} ++ ++static int jradius_authorize(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_authorize, instance, request, 0); ++} ++ ++static int jradius_preacct(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_preacct, instance, request, 0); ++} ++ ++static int jradius_accounting(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_accounting, instance, request, 0); ++} ++ ++static int jradius_checksimul(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_checksimul, instance, request, 0); ++} ++ ++static int jradius_pre_proxy(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_pre_proxy, instance, request, 1); ++} ++ ++static int jradius_post_proxy(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_post_proxy, instance, request, 1); ++} ++ ++static int jradius_post_auth(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_post_auth, instance, request, 0); ++} ++ ++static int jradius_detach(void *instance) ++{ ++ JRADIUS *inst = (JRADIUS *) instance; ++ free_socketpool(inst); ++ free(inst); ++ return 0; ++} ++ ++#ifndef FRv2 ++static int jradius_init(void) { return 0; } ++#endif ++ ++module_t rlm_jradius = { ++#ifdef FRv2 ++ RLM_MODULE_INIT, ++#endif ++ "jradius", ++ RLM_TYPE_THREAD_SAFE, ++#ifndef FRv2 ++ jradius_init, ++#endif ++ jradius_instantiate, ++#ifdef FRv2 ++ jradius_detach, ++#endif ++ { ++ jradius_authenticate, ++ jradius_authorize, ++ jradius_preacct, ++ jradius_accounting, ++ jradius_checksimul, ++ jradius_pre_proxy, ++ jradius_post_proxy, ++ jradius_post_auth ++ }, ++#ifndef FRv2 ++ jradius_detach, ++#endif ++}; ++ ++/* ++ * Connection pooling code based on rlm_sql codebase, under GPL. ++ * See radiusd/src/modules/rlm_sql/sql.c ++ */ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.1.orig/src/modules/stable freeradius-1.1.1/src/modules/stable +--- freeradius-1.1.1.orig/src/modules/stable 2005-12-14 21:58:14.000000000 +0100 ++++ freeradius-1.1.1/src/modules/stable 2006-05-24 15:53:53.000000000 +0200 +@@ -30,3 +30,4 @@ + rlm_sqlcounter + rlm_unix + rlm_checkval ++rlm_jradius diff --git a/freeradius/patch/freeradius-1.1.2.patch b/freeradius/patch/freeradius-1.1.2.patch new file mode 100644 index 0000000..027c538 --- /dev/null +++ b/freeradius/patch/freeradius-1.1.2.patch @@ -0,0 +1,1238 @@ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.2.orig/raddb/jradius.conf freeradius-1.1.2/raddb/jradius.conf +--- freeradius-1.1.2.orig/raddb/jradius.conf 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.2/raddb/jradius.conf 2006-08-19 19:20:27.000000000 +0200 +@@ -0,0 +1,15 @@ ++ ++jradius { ++ name = "example" # Name of the JRadius Application ++ # (known as "Sender" in JRadius) ++ primary = "127.0.0.1" # Primary JRadius Server ++ # (using default port of 1814) ++ secondary = "192.168.1.2:1815" # Secondary JRadius Server (port 1815) ++ tertiary = "192.168.1.2:1816" # Tertiary JRadius Server ++ timeout = 1 # JRadius Server Connect Timeout (default 5) ++ onfail = NOOP # What to do if no JRadius ++ # Server is found. Options are: ++ # FAIL (default), OK, REJECT, NOOP ++ keepalive = yes # Keep connections to JRadius pooled ++ connections = 8 # Number of pooled JRadius connections ++} +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.2.orig/raddb/Makefile freeradius-1.1.2/raddb/Makefile +--- freeradius-1.1.2.orig/raddb/Makefile 2006-04-10 20:53:20.000000000 +0200 ++++ freeradius-1.1.2/raddb/Makefile 2006-08-19 19:49:25.000000000 +0200 +@@ -7,7 +7,7 @@ + experimental.conf hints huntgroups ldap.attrmap \ + mssql.conf naslist naspasswd oraclesql.conf postgresql.conf \ + preproxy_users proxy.conf radiusd.conf realms snmp.conf \ +- sql.conf sqlippool.conf users otp.conf otppasswd.sample ++ sql.conf sqlippool.conf users otp.conf otppasswd.sample jradius.conf + + all: + +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.2.orig/raddb/radiusd.conf.in freeradius-1.1.2/raddb/radiusd.conf.in +--- freeradius-1.1.2.orig/raddb/radiusd.conf.in 2006-04-20 20:40:29.000000000 +0200 ++++ freeradius-1.1.2/raddb/radiusd.conf.in 2006-08-19 19:20:27.000000000 +0200 +@@ -536,6 +536,9 @@ + # in other sections of this configuration file. + # + modules { ++ ++$INCLUDE ${confdir}/jradius.conf ++ + # + # Each module has a configuration as follows: + # +@@ -1841,6 +1844,8 @@ + # + # Use the checkval module + # checkval ++ ++ jradius + } + + +@@ -1942,6 +1947,8 @@ + suffix + # ntdomain + ++ jradius ++ + # + # Read the 'acct_users' file + files +@@ -1951,6 +1958,8 @@ + # Accounting. Log the accounting data. + # + accounting { ++ jradius ++ + # + # Create a 'detail'ed log of the packets. + # Note that accounting requests which are proxied +@@ -2046,6 +2055,10 @@ + # insert-module-name-here + # } + ++ jradius ++ Post-Auth-Type REJECT { ++ jradius ++ } + } + + # +@@ -2067,6 +2080,7 @@ + # server, un-comment the following line, and the + # 'detail pre_proxy_log' section, above. + # pre_proxy_log ++ jradius + } + + # +@@ -2100,4 +2114,5 @@ + # reject the EAP request. + # + eap ++ jradius + } +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.2.orig/share/dictionary freeradius-1.1.2/share/dictionary +--- freeradius-1.1.2.orig/share/dictionary 2006-05-10 18:53:15.000000000 +0200 ++++ freeradius-1.1.2/share/dictionary 2006-08-19 19:20:27.000000000 +0200 +@@ -52,7 +52,19 @@ + # this directive to the end of this file if you want to see the + # old names in the logfiles, INSTEAD OF the new names. + # +-$INCLUDE dictionary.compat ++#$INCLUDE dictionary.compat ++ ++$INCLUDE dictionary.jradius ++$INCLUDE dictionary.chillispot ++$INCLUDE dictionary.lancom ++$INCLUDE dictionary.garderos ++$INCLUDE dictionary.ser ++ ++$INCLUDE dictionary.altiga ++$INCLUDE dictionary.aptis ++$INCLUDE dictionary.avaya ++$INCLUDE dictionary.motorola ++$INCLUDE dictionary.nokia + + # + # Include the RFC dictionaries next. +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.2.orig/share/dictionary.chillispot freeradius-1.1.2/share/dictionary.chillispot +--- freeradius-1.1.2.orig/share/dictionary.chillispot 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.2/share/dictionary.chillispot 2006-08-19 19:20:27.000000000 +0200 +@@ -0,0 +1,20 @@ ++# ++# ChilliSpot dictionary. ++# ++# Enable by putting the line "$INCLUDE dictionary.chillispot" ++# into the main dictionary file. ++# ++# ++ ++VENDOR ChilliSpot 14559 ++ ++# ++# ChilliSpot Vendor Specific Extensions ++# ++# ++ATTRIBUTE ChilliSpot-Max-Input-Octets 1 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Max-Output-Octets 2 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Max-Total-Octets 3 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Bandwidth-Max-Up 4 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Bandwidth-Max-Down 5 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Config 6 string ChilliSpot +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.2.orig/share/dictionary.jradius freeradius-1.1.2/share/dictionary.jradius +--- freeradius-1.1.2.orig/share/dictionary.jradius 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.2/share/dictionary.jradius 2006-08-19 19:20:27.000000000 +0200 +@@ -0,0 +1,4 @@ ++VENDOR JRadius 19211 ++ATTRIBUTE JRadius-Request-Id 1 string JRadius ++ATTRIBUTE JRadius-Session-Id 2 string JRadius ++ATTRIBUTE JRadius-Proxy-Client 3 octets JRadius +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.2.orig/share/dictionary.lancom freeradius-1.1.2/share/dictionary.lancom +--- freeradius-1.1.2.orig/share/dictionary.lancom 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.2/share/dictionary.lancom 2006-08-19 19:20:27.000000000 +0200 +@@ -0,0 +1,12 @@ ++VENDOR Lancom 16787 ++ATTRIBUTE Lancom-Location-ID 1 string Lancom ++ATTRIBUTE Lancom-Location-Name 2 string Lancom ++ATTRIBUTE Lancom-Logoff-URL 3 string Lancom ++ATTRIBUTE Lancom-Redirection-URL 4 string Lancom ++ATTRIBUTE Lancom-Bandwidth-Min-Up 5 integer Lancom ++ATTRIBUTE Lancom-Bandwidth-Min-Down 6 integer Lancom ++ATTRIBUTE Lancom-Bandwidth-Max-Up 7 integer Lancom ++ATTRIBUTE Lancom-Bandwidth-Max-Down 8 integer Lancom ++ATTRIBUTE Lancom-Session-Terminate-Time 9 string Lancom ++ATTRIBUTE Lancom-Session-Terminate-End-Of-Day 10 string Lancom ++ATTRIBUTE Lancom-Billing-Class-Of-Service 11 string Lancom +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.2.orig/share/dictionary.ser freeradius-1.1.2/share/dictionary.ser +--- freeradius-1.1.2.orig/share/dictionary.ser 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.2/share/dictionary.ser 2006-08-19 19:20:27.000000000 +0200 +@@ -0,0 +1,49 @@ ++# ++# $Id: freeradius-1.1.2.patch,v 1.1 2006/08/19 19:11:47 picopoint Exp $ ++# ++# SIP RADIUS attributes ++# ++# Schulzrinne indicates attributes according to ++# draft-schulzrinne-sipping-radius-accounting-00 ++# ++# Sterman indicates attributes according to ++# draft-sterman-aaa-sip-00 ++# ++# Standard indicates a standard RADIUS attribute ++# which is missing in radiusclient dictionary ++# ++# Digest indicates attributes according to ++# ++# Proprietary indicates an attribute that hasn't ++# been standardized ++# ++ ++### acc ### ++ATTRIBUTE Sip-Method 101 integer # Schulzrinne ++ATTRIBUTE Sip-Response-Code 102 integer # Schulzrinne ++ATTRIBUTE Sip-Cseq 103 string # Schulzrinne ++ATTRIBUTE Sip-To-Tag 104 string # Schulzrinne ++ATTRIBUTE Sip-From-Tag 105 string # Schulzrinne ++ATTRIBUTE Sip-Branch-Id 106 string # Schulzrinne ++ATTRIBUTE Sip-Translated-Req-ID 107 string # Schulzrinne ++ATTRIBUTE Sip-Source-Ip-Address 108 ipaddr # Schulzrinne ++ATTRIBUTE Sip-Source-Port 109 integer # Schulzrinne ++ ++ATTRIBUTE Digest-Response 206 string # Sterman ++ATTRIBUTE Digest-Attributes 207 string # Sterman ++ ++ATTRIBUTE Sip-Uri-User 208 string # Proprietary ++ATTRIBUTE Sip-Rpid 213 string # Proprietary ++ ++ATTRIBUTE Digest-Realm 1063 string # Sterman ++ATTRIBUTE Digest-Nonce 1064 string # Sterman ++ATTRIBUTE Digest-Method 1065 string # Sterman ++ATTRIBUTE Digest-Uri 1066 string # Sterman ++ATTRIBUTE Digest-Qop 1067 string # Sterman ++ATTRIBUTE Digest-Algorithm 1068 string # Sterman ++ATTRIBUTE Digest-Body-Digest 1069 string # Sterman ++ATTRIBUTE Digest-Cnonce 1070 string # Sterman ++ATTRIBUTE Digest-Nonce-Count 1071 string # Sterman ++ATTRIBUTE Digest-User-Name 1072 string # Sterman ++ ++ATTRIBUTE Sip-Group 211 string # Proprietary +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.2.orig/src/modules/rlm_jradius/configure freeradius-1.1.2/src/modules/rlm_jradius/configure +--- freeradius-1.1.2.orig/src/modules/rlm_jradius/configure 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.2/src/modules/rlm_jradius/configure 2006-08-19 19:20:27.000000000 +0200 +@@ -0,0 +1,4 @@ ++#! /bin/sh ++ ++echo "did nothing" ++ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.2.orig/src/modules/rlm_jradius/jradius.conf freeradius-1.1.2/src/modules/rlm_jradius/jradius.conf +--- freeradius-1.1.2.orig/src/modules/rlm_jradius/jradius.conf 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.2/src/modules/rlm_jradius/jradius.conf 2006-08-19 19:20:27.000000000 +0200 +@@ -0,0 +1,15 @@ ++ ++jradius { ++ name = "example" # Name of the JRadius Application ++ # (known as "Sender" in JRadius) ++ primary = "127.0.0.1" # Primary JRadius Server ++ # (using default port of 1814) ++ secondary = "192.168.1.2:1815" # Secondary JRadius Server (port 1815) ++ tertiary = "192.168.1.2:1816" # Tertiary JRadius Server ++ timeout = 1 # JRadius Server Connect Timeout (default 5) ++ onfail = NOOP # What to do if no JRadius ++ # Server is found. Options are: ++ # FAIL (default), OK, REJECT, NOOP ++ keepalive = yes # Keep connections to JRadius pooled ++ connections = 8 # Number of pooled JRadius connections ++} +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.2.orig/src/modules/rlm_jradius/Makefile freeradius-1.1.2/src/modules/rlm_jradius/Makefile +--- freeradius-1.1.2.orig/src/modules/rlm_jradius/Makefile 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.2/src/modules/rlm_jradius/Makefile 2006-08-19 19:20:27.000000000 +0200 +@@ -0,0 +1,13 @@ ++TARGET = rlm_jradius ++SRCS = rlm_jradius.c ++HEADERS = ++RLM_CFLAGS = ++RLM_LIBS = ++ ++## this uses the RLM_CFLAGS and RLM_LIBS and SRCS defs to make TARGET. ++include ../rules.mak ++ ++$(STATIC_OBJS): $(HEADERS) ++ ++$(DYNAMIC_OBJS): $(HEADERS) ++ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.2.orig/src/modules/rlm_jradius/rlm_jradius.c freeradius-1.1.2/src/modules/rlm_jradius/rlm_jradius.c +--- freeradius-1.1.2.orig/src/modules/rlm_jradius/rlm_jradius.c 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.2/src/modules/rlm_jradius/rlm_jradius.c 2006-08-19 19:20:27.000000000 +0200 +@@ -0,0 +1,961 @@ ++/** ++ * rlm_jradius - The FreeRADIUS JRadius Server Module ++ * Copyright (C) 2004-2006 PicoPoint, B.V. ++ * ++ * This program is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by the ++ * Free Software Foundation; either version 2 of the License, or (at your ++ * option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * for more details. ++ * ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ++ * ++ * Author(s): David Bird ++ */ ++ ++/*#define FRv2 1*/ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#ifdef FRv2 ++#include ++#include ++#include ++#include ++#include ++#define STR_VALUE(p) ((p)->data.strvalue) ++#else ++#include "autoconf.h" ++#include "libradius.h" ++#include "radiusd.h" ++#include "modules.h" ++#include "conffile.h" ++#define STR_VALUE(p) ((p)->strvalue) ++#endif ++ ++#ifdef HAVE_PTHREAD_H ++#include ++#endif ++ ++#ifdef HAVE_SYS_SOCKET_H ++#include ++#endif ++ ++#ifndef O_NONBLOCK ++#define O_NONBLOCK O_NDELAY ++#endif ++ ++static const char rcsid[] = "$Id: freeradius-1.1.2.patch,v 1.1 2006/08/19 19:11:47 picopoint Exp $"; ++ ++static const int JRADIUS_PORT = 1814; ++static const int HALF_MESSAGE_LEN = 16384; ++static const int MESSAGE_LEN = 32768; ++ ++static const int JRADIUS_authenticate = 1; ++static const int JRADIUS_authorize = 2; ++static const int JRADIUS_preacct = 3; ++static const int JRADIUS_accounting = 4; ++static const int JRADIUS_checksimul = 5; ++static const int JRADIUS_pre_proxy = 6; ++static const int JRADIUS_post_proxy = 7; ++static const int JRADIUS_post_auth = 8; ++ ++#define LOG_PREFIX "rlm_jradius: " ++#define MAX_HOSTS 4 ++ ++typedef struct jradius_socket { ++ int id; ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_t mutex; ++#endif ++ struct jradius_socket *next; ++ enum { is_connected, not_connected } state; ++ ++ union { ++ int sock; ++ } con; ++} JRSOCK; ++ ++typedef struct jradius_inst { ++ time_t connect_after; ++ JRSOCK * sock_pool; ++ JRSOCK * last_used; ++ ++ char * name; ++ char * host [MAX_HOSTS]; ++ uint32_t ipaddr [MAX_HOSTS]; ++ int port [MAX_HOSTS]; ++ int timeout; ++ int onfail; ++ char * onfail_s; ++ int keepalive; ++ int jrsock_cnt; ++} JRADIUS; ++ ++typedef struct _byte_array ++{ ++ unsigned int size; ++ unsigned int pos; ++ unsigned int left; ++ unsigned char * b; ++} byte_array; ++ ++static CONF_PARSER module_config[] = { ++ { "name", PW_TYPE_STRING_PTR, offsetof(JRADIUS, name), NULL, "localhost"}, ++ { "primary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[0]), NULL, "localhost"}, ++ { "secondary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[1]), NULL, NULL}, ++ { "tertiary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[2]), NULL, NULL}, ++ { "timeout", PW_TYPE_INTEGER, offsetof(JRADIUS, timeout), NULL, "5"}, ++ { "onfail", PW_TYPE_STRING_PTR, offsetof(JRADIUS, onfail_s), NULL, NULL}, ++ { "keepalive", PW_TYPE_BOOLEAN, offsetof(JRADIUS, keepalive), NULL, "yes"}, ++ { "connections", PW_TYPE_INTEGER, offsetof(JRADIUS, jrsock_cnt), NULL, "8"}, ++ { NULL, -1, 0, NULL, NULL } ++}; ++ ++static int connect_socket(JRSOCK *jrsock, JRADIUS *inst) ++{ ++ struct sockaddr_in local_addr, serv_addr; ++ int i, connected = 0; ++ char buff[128]; ++ int sock; ++ ++ /* ++ * Connect to jradius servers until we succeed or die trying ++ */ ++ for (i = 0; !connected && i < MAX_HOSTS && inst->ipaddr[i] > 0; i++) { ++ ++ /* ++ * Allocate a TCP socket ++ */ ++ if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not allocate TCP socket"); ++ goto failed; ++ } ++ ++ /* ++ * If we have a timeout value set, make the socket non-blocking ++ */ ++ if (inst->timeout > 0 && ++ fcntl(sock, F_SETFL, fcntl(sock, F_GETFL, 0) | O_NONBLOCK) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not set non-blocking on socket"); ++ goto failed; ++ } ++ ++ /* ++ * Bind to any local port ++ */ ++ memset(&local_addr, 0, sizeof(local_addr)); ++ local_addr.sin_family = AF_INET; ++ local_addr.sin_addr.s_addr = htonl(INADDR_ANY); ++ local_addr.sin_port = htons(0); ++ ++ if (bind(sock, (struct sockaddr *) &local_addr, sizeof(local_addr)) < 0) { ++ radlog(L_ERR, LOG_PREFIX "could not locally bind TCP socket"); ++ goto failed; ++ } ++ ++ /* ++ * Attempt connection to remote server ++ */ ++ memset(&serv_addr, 0, sizeof(serv_addr)); ++ serv_addr.sin_family = AF_INET; ++ memcpy((char *) &serv_addr.sin_addr, &(inst->ipaddr[i]), 4); ++ serv_addr.sin_port = htons(inst->port[i]); ++ ++ if (connect(sock, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0) { ++ if (inst->timeout > 0 && (errno == EINPROGRESS || errno == EWOULDBLOCK)) { ++ /* ++ * Wait to see if non-blocking socket connects or times-out ++ */ ++ struct pollfd pfd; ++ memset(&pfd, 0, sizeof(pfd)); ++ ++ pfd.fd = sock; ++ pfd.events = POLLOUT; ++ ++ if (poll(&pfd, 1, inst->timeout * 1000) == 1 && pfd.revents) { ++ /* ++ * Lets make absolutely sure we are connected ++ */ ++ struct sockaddr_in sa; ++ unsigned int salen = sizeof(sa); ++ if (getpeername(sock, (struct sockaddr *) &sa, &salen) != -1) { ++ /* ++ * CONNECTED! break out of for-loop ++ */ ++ connected = 1; ++ break; ++ } ++ } ++ } ++ ++ /* ++ * Timed-out ++ */ ++ radlog(L_ERR, LOG_PREFIX "could not connect to %s:%d", ++ ip_ntoa(buff, inst->ipaddr[i]), inst->port[i]); ++ ++ } else { ++ /* ++ * CONNECTED (instantly)! break out of for-loop ++ */ ++ connected = 1; ++ break; ++ } ++ ++ /* ++ * Unable to connect, cleanup and start over ++ */ ++ close(sock); sock=0; ++ } ++ ++ if (!connected) { ++ radlog(L_ERR, LOG_PREFIX "could not find any jradius server!"); ++ goto failed; ++ } ++ ++ /* ++ * If we previously set the socket to non-blocking, restore blocking ++ */ ++ if (inst->timeout > 0 && ++ fcntl(sock, F_SETFL, fcntl(sock, F_GETFL, 0) & ~O_NONBLOCK) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not set blocking on socket"); ++ goto failed; ++ } ++ ++ jrsock->state = is_connected; ++ jrsock->con.sock = sock; ++ return 1; ++ ++ failed: ++ if (sock > 0) { shutdown(sock, 2); close(sock); } ++ jrsock->state = not_connected; ++ return 0; ++} ++ ++static void close_socket(JRADIUS * inst, JRSOCK *jrsock) { ++ radlog(L_DBG, "rlm_jradius: Closing JRadius connection %d", jrsock->id); ++ if (jrsock->con.sock > 0) { ++ shutdown(jrsock->con.sock, 2); ++ close(jrsock->con.sock); ++ } ++ jrsock->state = not_connected; ++ jrsock->con.sock = 0; ++} ++ ++static void free_socket(JRADIUS * inst, JRSOCK *jrsock) { ++ close_socket(inst, jrsock); ++ if (inst->keepalive) { ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_destroy(&jrsock->mutex); ++#endif ++ free(jrsock); ++ } ++} ++ ++static int socket_send(JRSOCK *jrsock, unsigned char *b, unsigned int blen) { ++ return send(jrsock->con.sock, b, blen, 0); ++} ++ ++static int init_socketpool(JRADIUS * inst) ++{ ++ int i, rcode; ++ int success = 0; ++ JRSOCK *jrsock; ++ ++ inst->connect_after = 0; ++ inst->sock_pool = NULL; ++ ++ for (i = 0; i < inst->jrsock_cnt; i++) { ++ radlog(L_DBG, "rlm_jradius: starting JRadius connection %d", i); ++ ++ if ((jrsock = rad_malloc(sizeof(*jrsock))) == 0) return -1; ++ ++ memset(jrsock, 0, sizeof(*jrsock)); ++ jrsock->id = i; ++ jrsock->state = not_connected; ++ ++#ifdef HAVE_PTHREAD_H ++ rcode = pthread_mutex_init(&jrsock->mutex,NULL); ++ if (rcode != 0) { ++ radlog(L_ERR, "rlm_jradius: Failed to init lock: %s", strerror(errno)); ++ return 0; ++ } ++#endif ++ ++ if (time(NULL) > inst->connect_after) ++ if (connect_socket(jrsock, inst)) ++ success = 1; ++ ++ jrsock->next = inst->sock_pool; ++ inst->sock_pool = jrsock; ++ } ++ inst->last_used = NULL; ++ ++ if (!success) { ++ radlog(L_DBG, "rlm_jradius: Failed to connect to JRadius server."); ++ } ++ ++ return 1; ++} ++ ++static void free_socketpool(JRADIUS * inst) ++{ ++ JRSOCK *cur; ++ JRSOCK *next; ++ ++ for (cur = inst->sock_pool; cur; cur = next) { ++ next = cur->next; ++ free_socket(inst, cur); ++ } ++ ++ inst->sock_pool = NULL; ++} ++ ++static JRSOCK * get_socket(JRADIUS * inst) ++{ ++ JRSOCK *cur, *start; ++ int tried_to_connect = 0; ++ int unconnected = 0; ++ ++ start = inst->last_used; ++ if (!start) start = inst->sock_pool; ++ ++ cur = start; ++ ++ while (cur) { ++#ifdef HAVE_PTHREAD_H ++ if (pthread_mutex_trylock(&cur->mutex) != 0) { ++ goto next; ++ } ++#endif ++ ++ if ((cur->state == not_connected) && (time(NULL) > inst->connect_after)) { ++ radlog(L_INFO, "rlm_jradius: Trying to (re)connect unconnected handle %d", cur->id); ++ tried_to_connect++; ++ connect_socket(cur, inst); ++ } ++ ++ if (cur->state == not_connected) { ++ radlog(L_DBG, "rlm_jradius: Ignoring unconnected handle %d", cur->id); ++ unconnected++; ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_unlock(&cur->mutex); ++#endif ++ goto next; ++ } ++ ++ radlog(L_DBG, "rlm_jradius: Reserving JRadius socket id: %d", cur->id); ++ ++ if (unconnected != 0 || tried_to_connect != 0) { ++ radlog(L_INFO, "rlm_jradius: got socket %d after skipping %d unconnected handles, tried to reconnect %d though", ++ cur->id, unconnected, tried_to_connect); ++ } ++ ++ inst->last_used = cur->next; ++ return cur; ++ ++ next: ++ cur = cur->next; ++ if (!cur) cur = inst->sock_pool; ++ if (cur == start) break; ++ } ++ ++ radlog(L_INFO, "rlm_jradius: There are no sockets to use! skipped %d, tried to connect %d", ++ unconnected, tried_to_connect); ++ return NULL; ++} ++ ++static int release_socket(JRADIUS * inst, JRSOCK * jrsock) ++{ ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_unlock(&jrsock->mutex); ++#endif ++ ++ radlog(L_DBG, "rlm_jradius: Released JRadius socket id: %d", jrsock->id); ++ ++ return 0; ++} ++ ++ ++/* ++ * Initialize the jradius module ++ */ ++static int jradius_instantiate(CONF_SECTION *conf, void **instance) ++{ ++ JRADIUS *inst = (JRADIUS *) instance; ++ char host[128], b[128], *h; ++ int i, p, idx, port; ++ ++ inst = rad_malloc(sizeof(JRADIUS)); ++ memset(inst, 0, sizeof(JRADIUS)); ++ ++ if (cf_section_parse(conf, inst, module_config) < 0) { ++ free(inst); ++ return -1; ++ } ++ ++ for (i = 0, idx = 0; i < MAX_HOSTS; i++) { ++ if (inst->host[i] && strlen(inst->host[i]) < sizeof(host)) { ++ h = inst->host[i]; ++ p = JRADIUS_PORT; ++ ++ strcpy(b, h); ++ if (sscanf(b, "%[^:]:%d", host, &port) == 2) { h = host; p = port; } ++ ++ if (h) { ++#ifdef FRv2 ++ lrad_ipaddr_t ipaddr; ++ if (ip_hton(h, AF_INET, &ipaddr) < 0) { ++ radlog(L_ERR, "Can't find IP address for host %s", h); ++ continue; ++ } ++ if ((inst->ipaddr[idx] = ipaddr.ipaddr.ip4addr.s_addr) != htonl(INADDR_NONE)) { ++#else ++ if ((inst->ipaddr[idx] = ip_getaddr(h)) != htonl(INADDR_NONE)) { ++#endif ++ inst->port[idx] = p; ++ radlog(L_INFO, LOG_PREFIX "configuring jradius server %s:%d", h, p); ++ idx++; ++ } else { ++ radlog(L_ERR, LOG_PREFIX "invalid jradius server %s", h); ++ } ++ } ++ } ++ } ++ ++ if (inst->keepalive) init_socketpool(inst); ++ ++ inst->onfail = RLM_MODULE_FAIL; ++ ++ if (inst->onfail_s) { ++ if (!strcmp(inst->onfail_s, "NOOP")) inst->onfail = RLM_MODULE_NOOP; ++ else if (!strcmp(inst->onfail_s, "REJECT")) inst->onfail = RLM_MODULE_REJECT; ++ else if (!strcmp(inst->onfail_s, "OK")) inst->onfail = RLM_MODULE_OK; ++ else if (!strcmp(inst->onfail_s, "FAIL")) inst->onfail = RLM_MODULE_FAIL; ++ else radlog(L_ERR, LOG_PREFIX "invalid jradius 'onfail' state %s", inst->onfail_s); ++ } ++ ++ *instance = inst; ++ ++ return 0; ++} ++ ++/* ++ * Initialize a byte array buffer structure ++ */ ++static void init_byte_array(byte_array * ba, unsigned char *b, int blen) ++{ ++ ba->b = b; ++ ba->size = ba->left = blen; ++ ba->pos = 0; ++} ++ ++/* ++ * Pack a single byte into a byte array buffer ++ */ ++static int pack_byte(byte_array * ba, unsigned char c) ++{ ++ if (ba->left < 1) return -1; ++ ++ ba->b[ba->pos] = c; ++ ba->pos++; ++ ba->left--; ++ ++ return 0; ++} ++ ++/* ++ * Pack an array of bytes into a byte array buffer ++ */ ++static int pack_bytes(byte_array * ba, unsigned char *d, unsigned int dlen) ++{ ++ if (ba->left < dlen) return -1; ++ ++ memcpy((void *)(ba->b + ba->pos), d, dlen); ++ ba->pos += dlen; ++ ba->left -= dlen; ++ ++ return 0; ++} ++ ++/* ++ * Pack an integer into a byte array buffer (adjusting for byte-order) ++ */ ++static int pack_int(byte_array * ba, unsigned int i) ++{ ++ if (ba->left < 4) return -1; ++ ++ i = htonl(i); ++ ++ memcpy((void *)(ba->b + ba->pos), (void *)&i, 4); ++ ba->pos += 4; ++ ba->left -= 4; ++ ++ return 0; ++} ++ ++/* ++ * Pack one byte array buffer into another byte array buffer ++ */ ++static int pack_array(byte_array * ba, byte_array * a) ++{ ++ if (ba->left < a->pos) return -1; ++ ++ memcpy((void *)(ba->b + ba->pos), (void *)a->b, a->pos); ++ ba->pos += a->pos; ++ ba->left -= a->pos; ++ ++ return 0; ++} ++ ++/* ++ * Pack radius attributes into a byte array buffer ++ */ ++static int pack_vps(byte_array * ba, VALUE_PAIR * vps) ++{ ++ VALUE_PAIR * vp; ++ ++ for (vp = vps; vp != NULL; vp = vp->next) { ++ ++ radlog(L_DBG, LOG_PREFIX "packing attribute %s (type: %d; len: %d)", ++ vp->name, vp->attribute, vp->length); ++ ++ if (pack_int(ba, vp->attribute) == -1) return -1; ++ if (pack_int(ba, vp->length) == -1) return -1; ++ if (pack_int(ba, vp->operator) == -1) return -1; ++ ++ switch (vp->type) { ++ case PW_TYPE_INTEGER: ++ case PW_TYPE_DATE: ++ if (pack_int(ba, vp->lvalue) == -1) return -1; ++ break; ++ case PW_TYPE_IPADDR: ++ if (pack_bytes(ba, (void *)&vp->lvalue, vp->length) == -1) return -1; ++ break; ++ default: ++ if (pack_bytes(ba, (void *)STR_VALUE(vp), vp->length) == -1) return -1; ++ break; ++ } ++ } ++ ++ return 0; ++} ++ ++/* ++ * Pack a radius packet into a byte array buffer ++ */ ++static int pack_packet(byte_array * ba, RADIUS_PACKET * p) ++{ ++ /*unsigned char code = p->code;*/ ++ unsigned char buff[HALF_MESSAGE_LEN]; ++ byte_array pba; ++ ++ init_byte_array(&pba, buff, sizeof(buff)); ++ ++ if (pack_vps (&pba, p->vps) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "packing packet with code: %d (attr length: %d)", p->code, pba.pos); ++ ++ if (pack_byte (ba, p->code) == -1) return -1; ++ if (pack_byte (ba, p->id) == -1) return -1; ++ if (pack_int (ba, pba.pos) == -1) return -1; ++ if (pba.pos == 0) return 0; ++ if (pack_array (ba, &pba) == -1) return -1; ++ ++ return 0; ++} ++ ++static int pack_request(byte_array * ba, REQUEST *r) ++{ ++ unsigned char buff[HALF_MESSAGE_LEN]; ++ byte_array pba; ++ ++ init_byte_array(&pba, buff, sizeof(buff)); ++ ++ if (pack_vps (&pba, r->config_items) == -1) return -1; ++ if (pack_int (ba, pba.pos) == -1) return -1; ++ if (pba.pos == 0) return 0; ++ if (pack_array (ba, &pba) == -1) return -1; ++ ++ return 0; ++} ++ ++/* ++ * Read a single byte from socket ++ */ ++static int read_byte(JRSOCK *jrsock, unsigned char *b) ++{ ++ return (read(jrsock->con.sock, b, 1) == 1) ? 0 : -1; ++} ++ ++static void unpack_int(unsigned char *c, unsigned int *i) ++{ ++ unsigned int ii; ++ memcpy((void *)&ii, c, 4); ++ *i = ntohl(ii); ++} ++ ++/* ++ * Read an integer from the socket (adjusting for byte-order) ++ */ ++static int read_int(JRSOCK *jrsock, unsigned int *i) ++{ ++ unsigned char c[4]; ++ ++ if (read(jrsock->con.sock, c, 4) != 4) return -1; ++ unpack_int(c, i); ++ ++ return 0; ++} ++ ++/* ++ * Read a value-pair list from the socket ++ */ ++static int read_vps(JRSOCK *jrsock, VALUE_PAIR **pl, int plen) ++{ ++ VALUE_PAIR *vp; ++ unsigned char buff[MESSAGE_LEN]; ++ unsigned int alen, atype, aop; ++ int rlen = 0; ++ ++ while (rlen < plen) { ++ if (read_int (jrsock, &atype) == -1) return -1; rlen += 4; ++ if (read_int (jrsock, &alen) == -1) return -1; rlen += 4; ++ if (read_int (jrsock, &aop) == -1) return -1; rlen += 4; ++ ++ radlog(L_DBG, LOG_PREFIX "reading attribute: type=%d; len=%d", atype, alen); ++ ++ if (alen >= sizeof(buff)) { ++ radlog(L_ERR, LOG_PREFIX "packet value too large (len: %d)", alen); ++ return -1; ++ } ++ ++ if (read(jrsock->con.sock, buff, alen) != (int)alen) return -1; rlen += alen; ++ buff[alen]=0; ++ ++ /* ++ * Create new attribute ++ */ ++ vp = paircreate(atype, -1); ++ vp->operator = aop; ++ ++ if (vp->type == -1) { ++ /* ++ * FreeRADIUS should know about the same attributes that JRadius knows ++ */ ++ radlog(L_ERR, LOG_PREFIX "received attribute we do not recognize (type: %d)", atype); ++ pairbasicfree(vp); ++ continue; ++ } ++ ++ /* ++ * Fill in the attribute value based on type ++ */ ++ switch (vp->type) { ++ case PW_TYPE_INTEGER: ++ case PW_TYPE_DATE: ++ { ++ unpack_int(buff, &vp->lvalue); ++ vp->length = 4; ++ } ++ break; ++ ++ case PW_TYPE_IPADDR: ++ memcpy((void *)&vp->lvalue, buff, 4); ++ vp->length = 4; ++ break; ++ ++ default: ++ if (alen < sizeof(STR_VALUE(vp))) { ++ memcpy((void *)STR_VALUE(vp), buff, alen); ++ vp->length = alen; ++ } ++ break; ++ } ++ ++ /* ++ * Add the attribute to the packet ++ */ ++ pairadd(pl, vp); ++ } ++ ++ return rlen; ++} ++ ++/* ++ * Read a radius packet from the socket ++ */ ++static int read_packet(JRSOCK *jrsock, RADIUS_PACKET *p) ++{ ++ unsigned char code; ++ unsigned char id; ++ unsigned int plen; ++ ++ if (read_byte (jrsock, &code) == -1) return -1; ++ if (read_byte (jrsock, &id) == -1) return -1; ++ if (read_int (jrsock, &plen) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "reading packet: code=%d len=%d", (int)code, plen); ++ ++ /* ++ if (code != p->code) { ++ radlog(L_INFO, LOG_PREFIX "changing packet code from %d to %d", p->code, code); ++ p->code = code; ++ } ++ ++ if (id != p->id) { ++ radlog(L_INFO, LOG_PREFIX "changing packet id from %d to %d", p->id, id); ++ p->id = id; ++ } ++ */ ++ ++ /* ++ * Delete previous attribute list ++ */ ++ pairfree(&p->vps); ++ ++ if (plen == 0) return 0; ++ ++ if (read_vps (jrsock, &p->vps, plen) == -1) return -1; ++ ++ return 0; ++} ++ ++static int read_request(JRSOCK *jrsock, REQUEST *p) ++{ ++ unsigned int plen; ++ ++ if (read_int(jrsock, &plen) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "reading request: config_item: len=%d", plen); ++ ++ /* ++ * Delete previous attribute list ++ */ ++ pairfree(&p->config_items); ++ ++ if (plen == 0) return 0; ++ ++ if (read_vps(jrsock, &p->config_items, plen) == -1) return -1; ++ ++ return 0; ++} ++ ++static int rlm_jradius_call(char func, void *instance, REQUEST *req, int isproxy) ++{ ++ JRADIUS * inst = instance; ++ RADIUS_PACKET * request = isproxy ? req->proxy : req->packet; ++ RADIUS_PACKET * reply = isproxy ? req->proxy_reply : req->reply; ++ JRSOCK * jrsock = 0; ++ JRSOCK sjrsock; ++ ++ int exitstatus = inst->onfail; ++ unsigned char rcode, pcount; ++ ++ unsigned char buff[MESSAGE_LEN]; ++ byte_array ba; ++ ++ char * n = inst->name; ++ unsigned int nlen = strlen(n); ++ const char * err = 0; ++ int rc, attempt2=0; ++ ++#define W_ERR(s) { err=s; goto packerror; } ++#define R_ERR(s) { err=s; goto parseerror; } ++ ++ if (inst->keepalive) { ++ jrsock = get_socket(inst); ++ if (!jrsock) return exitstatus; ++ } else { ++ jrsock = &sjrsock; ++ memset(jrsock, 0, sizeof(*jrsock)); ++ jrsock->state = not_connected; ++ } ++ ++ init_byte_array(&ba, buff, sizeof(buff)); ++ ++ pcount = 0; ++ if (request) pcount++; ++ if (reply) pcount++; ++ ++ /* ++ * Create byte array to send to jradius ++ */ ++ if ((rc = pack_int (&ba, nlen)) == -1) W_ERR("pack_int(nlen)"); ++ if ((rc = pack_bytes (&ba, (void *)n, nlen)) == -1) W_ERR("pack_bytes(name)"); ++ if ((rc = pack_byte (&ba, func)) == -1) W_ERR("pack_byte(fun)"); ++ if ((rc = pack_byte (&ba, pcount)) == -1) W_ERR("pack_byte(pcnt)"); ++ if (pcount > 0 && (rc = pack_packet (&ba, request)) == -1) W_ERR("pack_packet(req)"); ++ if (pcount > 1 && (rc = pack_packet (&ba, reply)) == -1) W_ERR("pack_packet(rep)"); ++ if ((rc = pack_request(&ba, req)) == -1) W_ERR("pack_request()"); ++ ++ /* ++ * Send data ++ */ ++ start_over: ++ if (jrsock->state == not_connected) { ++ if (attempt2) radlog(L_ERR, LOG_PREFIX "reconnecting socket id %d", jrsock->id); ++ if (!connect_socket(jrsock, inst)) { ++ if (attempt2) radlog(L_ERR, LOG_PREFIX "could not reconnect socket %d, giving up", jrsock->id); ++ goto cleanup; ++ } ++ } ++ radlog(L_DBG, LOG_PREFIX "sending %d bytes to socket %d", ba.pos, jrsock->id); ++ if (socket_send(jrsock, ba.b, ba.pos) != (int)ba.pos || ++ (rc = read_byte (jrsock, &rcode)) == -1) { ++ /* ++ * With an error on the write or the first read, try closing the socket ++ * and reconnecting to see if that improves matters any (tries this only once) ++ */ ++ radlog(L_ERR, LOG_PREFIX "error sending request with socket %d", jrsock->id); ++ if (!inst->keepalive || attempt2) W_ERR("socket_send/first_read"); ++ close_socket(inst, jrsock); ++ attempt2 = 1; ++ goto start_over; ++ } ++ ++ /* ++ * Read result ++ */ ++ if ((rc = read_byte (jrsock, &pcount)) == -1) R_ERR("read_byte(pcnt)"); ++ ++ radlog(L_DBG, LOG_PREFIX "return code %d; receiving %d packets", (int)rcode, (int)pcount); ++ ++ if (pcount > 0 && request) if ((rc = read_packet (jrsock, request)) == -1) R_ERR("read_packet(req)"); ++ if (pcount > 1 && reply) if ((rc = read_packet (jrsock, reply)) == -1) R_ERR("read_packet(rep)"); ++ ++ if ((rc = read_request (jrsock, req)) == -1) R_ERR("read_request()"); ++ ++ /* ++ * Since we deleted all the attribute lists in the request, ++ * we need to reconfigure a few pointers in the REQUEST object ++ */ ++ if (req->username) { ++ req->username = pairfind(request->vps, PW_USER_NAME); ++ } ++ if (req->password) { ++ req->password = pairfind(request->vps, PW_PASSWORD); ++ if (!req->password) req->password = pairfind(request->vps, PW_CHAP_PASSWORD); ++ } ++ ++ /* ++ * All done, set return code and cleanup ++ */ ++ exitstatus = (int)rcode; ++ goto cleanup; ++ ++ parseerror: ++ radlog(L_ERR, LOG_PREFIX "problem parsing the data [%s]",err); ++ if (inst->keepalive) close_socket(inst, jrsock); ++ goto cleanup; ++ ++ packerror: ++ radlog(L_ERR, LOG_PREFIX "problem packing the data[%s]",err); ++ if (inst->keepalive) close_socket(inst, jrsock); ++ ++ cleanup: ++ if (inst->keepalive) ++ release_socket(inst, jrsock); ++ else ++ close_socket(inst, jrsock); ++ ++ return exitstatus; ++} ++ ++static int jradius_authenticate(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_authenticate, instance, request, 0); ++} ++ ++static int jradius_authorize(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_authorize, instance, request, 0); ++} ++ ++static int jradius_preacct(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_preacct, instance, request, 0); ++} ++ ++static int jradius_accounting(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_accounting, instance, request, 0); ++} ++ ++static int jradius_checksimul(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_checksimul, instance, request, 0); ++} ++ ++static int jradius_pre_proxy(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_pre_proxy, instance, request, 1); ++} ++ ++static int jradius_post_proxy(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_post_proxy, instance, request, 1); ++} ++ ++static int jradius_post_auth(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_post_auth, instance, request, 0); ++} ++ ++static int jradius_detach(void *instance) ++{ ++ JRADIUS *inst = (JRADIUS *) instance; ++ free_socketpool(inst); ++ free(inst); ++ return 0; ++} ++ ++#ifndef FRv2 ++static int jradius_init(void) { return 0; } ++#endif ++ ++module_t rlm_jradius = { ++#ifdef FRv2 ++ RLM_MODULE_INIT, ++#endif ++ "jradius", ++ RLM_TYPE_THREAD_SAFE, ++#ifndef FRv2 ++ jradius_init, ++#endif ++ jradius_instantiate, ++#ifdef FRv2 ++ jradius_detach, ++#endif ++ { ++ jradius_authenticate, ++ jradius_authorize, ++ jradius_preacct, ++ jradius_accounting, ++ jradius_checksimul, ++ jradius_pre_proxy, ++ jradius_post_proxy, ++ jradius_post_auth ++ }, ++#ifndef FRv2 ++ jradius_detach, ++#endif ++}; ++ ++/* ++ * Connection pooling code based on rlm_sql codebase, under GPL. ++ * See radiusd/src/modules/rlm_sql/sql.c ++ */ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.2.orig/src/modules/stable freeradius-1.1.2/src/modules/stable +--- freeradius-1.1.2.orig/src/modules/stable 2005-12-14 21:58:14.000000000 +0100 ++++ freeradius-1.1.2/src/modules/stable 2006-08-19 19:20:27.000000000 +0200 +@@ -30,3 +30,4 @@ + rlm_sqlcounter + rlm_unix + rlm_checkval ++rlm_jradius diff --git a/freeradius/patch/freeradius-1.1.3.patch b/freeradius/patch/freeradius-1.1.3.patch new file mode 100644 index 0000000..be80f21 --- /dev/null +++ b/freeradius/patch/freeradius-1.1.3.patch @@ -0,0 +1,3369 @@ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/raddb/jradius.conf freeradius-1.1.3/raddb/jradius.conf +--- freeradius-1.1.3.orig/raddb/jradius.conf 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.3/raddb/jradius.conf 2006-10-11 14:08:12.000000000 +0200 +@@ -0,0 +1,15 @@ ++ ++jradius { ++ name = "example" # Name of the JRadius Application ++ # (known as "Sender" in JRadius) ++ primary = "127.0.0.1" # Primary JRadius Server ++ # (using default port of 1814) ++ secondary = "192.168.1.2:1815" # Secondary JRadius Server (port 1815) ++ tertiary = "192.168.1.2:1816" # Tertiary JRadius Server ++ timeout = 1 # JRadius Server Connect Timeout (default 5) ++ onfail = NOOP # What to do if no JRadius ++ # Server is found. Options are: ++ # FAIL (default), OK, REJECT, NOOP ++ keepalive = yes # Keep connections to JRadius pooled ++ connections = 8 # Number of pooled JRadius connections ++} +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/raddb/Makefile freeradius-1.1.3/raddb/Makefile +--- freeradius-1.1.3.orig/raddb/Makefile 2006-04-10 20:53:20.000000000 +0200 ++++ freeradius-1.1.3/raddb/Makefile 2006-10-11 14:08:12.000000000 +0200 +@@ -7,7 +7,7 @@ + experimental.conf hints huntgroups ldap.attrmap \ + mssql.conf naslist naspasswd oraclesql.conf postgresql.conf \ + preproxy_users proxy.conf radiusd.conf realms snmp.conf \ +- sql.conf sqlippool.conf users otp.conf otppasswd.sample ++ sql.conf sqlippool.conf users otp.conf otppasswd.sample jradius.conf + + all: + +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/raddb/radiusd.conf.in freeradius-1.1.3/raddb/radiusd.conf.in +--- freeradius-1.1.3.orig/raddb/radiusd.conf.in 2006-07-29 21:43:30.000000000 +0200 ++++ freeradius-1.1.3/raddb/radiusd.conf.in 2006-10-11 14:08:12.000000000 +0200 +@@ -536,6 +536,9 @@ + # in other sections of this configuration file. + # + modules { ++ ++$INCLUDE ${confdir}/jradius.conf ++ + # + # Each module has a configuration as follows: + # +@@ -1861,6 +1864,8 @@ + # + # Use the checkval module + # checkval ++ ++ jradius + } + + +@@ -1962,6 +1967,8 @@ + suffix + # ntdomain + ++ jradius ++ + # + # Read the 'acct_users' file + files +@@ -1971,6 +1978,8 @@ + # Accounting. Log the accounting data. + # + accounting { ++ jradius ++ + # + # Create a 'detail'ed log of the packets. + # Note that accounting requests which are proxied +@@ -2066,6 +2075,10 @@ + # insert-module-name-here + # } + ++ jradius ++ Post-Auth-Type REJECT { ++ jradius ++ } + } + + # +@@ -2087,6 +2100,7 @@ + # server, un-comment the following line, and the + # 'detail pre_proxy_log' section, above. + # pre_proxy_log ++ jradius + } + + # +@@ -2120,4 +2134,5 @@ + # reject the EAP request. + # + eap ++ jradius + } +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/raddb/radiusd.conf.in.orig freeradius-1.1.3/raddb/radiusd.conf.in.orig +--- freeradius-1.1.3.orig/raddb/radiusd.conf.in.orig 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.3/raddb/radiusd.conf.in.orig 2006-07-29 21:43:30.000000000 +0200 +@@ -0,0 +1,2123 @@ ++## ++## radiusd.conf -- FreeRADIUS server configuration file. ++## ++## http://www.freeradius.org/ ++## $Id: radiusd.conf.in,v 1.188.2.4.2.12 2006/07/29 19:43:30 nbk Exp $ ++## ++ ++# The location of other config files and ++# logfiles are declared in this file ++# ++# Also general configuration for modules can be done ++# in this file, it is exported through the API to ++# modules that ask for it. ++# ++# The configuration variables defined here are of the form ${foo} ++# They are local to this file, and do not change from request to ++# request. ++# ++# The per-request variables are of the form %{Attribute-Name}, and ++# are taken from the values of the attribute in the incoming ++# request. See 'doc/variables.txt' for more information. ++ ++prefix = @prefix@ ++exec_prefix = @exec_prefix@ ++sysconfdir = @sysconfdir@ ++localstatedir = @localstatedir@ ++sbindir = @sbindir@ ++logdir = @logdir@ ++raddbdir = @raddbdir@ ++radacctdir = @radacctdir@ ++ ++# Location of config and logfiles. ++confdir = ${raddbdir} ++run_dir = ${localstatedir}/run/radiusd ++ ++# ++# The logging messages for the server are appended to the ++# tail of this file. ++# ++log_file = ${logdir}/radius.log ++ ++# ++# libdir: Where to find the rlm_* modules. ++# ++# This should be automatically set at configuration time. ++# ++# If the server builds and installs, but fails at execution time ++# with an 'undefined symbol' error, then you can use the libdir ++# directive to work around the problem. ++# ++# The cause is usually that a library has been installed on your ++# system in a place where the dynamic linker CANNOT find it. When ++# executing as root (or another user), your personal environment MAY ++# be set up to allow the dynamic linker to find the library. When ++# executing as a daemon, FreeRADIUS MAY NOT have the same ++# personalized configuration. ++# ++# To work around the problem, find out which library contains that symbol, ++# and add the directory containing that library to the end of 'libdir', ++# with a colon separating the directory names. NO spaces are allowed. ++# ++# e.g. libdir = /usr/local/lib:/opt/package/lib ++# ++# You can also try setting the LD_LIBRARY_PATH environment variable ++# in a script which starts the server. ++# ++# If that does not work, then you can re-configure and re-build the ++# server to NOT use shared libraries, via: ++# ++# ./configure --disable-shared ++# make ++# make install ++# ++libdir = @libdir@ ++ ++# pidfile: Where to place the PID of the RADIUS server. ++# ++# The server may be signalled while it's running by using this ++# file. ++# ++# This file is written when ONLY running in daemon mode. ++# ++# e.g.: kill -HUP `cat /var/run/radiusd/radiusd.pid` ++# ++pidfile = ${run_dir}/radiusd.pid ++ ++ ++# user/group: The name (or #number) of the user/group to run radiusd as. ++# ++# If these are commented out, the server will run as the user/group ++# that started it. In order to change to a different user/group, you ++# MUST be root ( or have root privleges ) to start the server. ++# ++# We STRONGLY recommend that you run the server with as few permissions ++# as possible. That is, if you're not using shadow passwords, the ++# user and group items below should be set to 'nobody'. ++# ++# On SCO (ODT 3) use "user = nouser" and "group = nogroup". ++# ++# NOTE that some kernels refuse to setgid(group) when the value of ++# (unsigned)group is above 60000; don't use group nobody on these systems! ++# ++# On systems with shadow passwords, you might have to set 'group = shadow' ++# for the server to be able to read the shadow password file. If you can ++# authenticate users while in debug mode, but not in daemon mode, it may be ++# that the debugging mode server is running as a user that can read the ++# shadow info, and the user listed below can not. ++# ++#user = nobody ++#group = nobody ++ ++# max_request_time: The maximum time (in seconds) to handle a request. ++# ++# Requests which take more time than this to process may be killed, and ++# a REJECT message is returned. ++# ++# WARNING: If you notice that requests take a long time to be handled, ++# then this MAY INDICATE a bug in the server, in one of the modules ++# used to handle a request, OR in your local configuration. ++# ++# This problem is most often seen when using an SQL database. If it takes ++# more than a second or two to receive an answer from the SQL database, ++# then it probably means that you haven't indexed the database. See your ++# SQL server documentation for more information. ++# ++# Useful range of values: 5 to 120 ++# ++max_request_time = 30 ++ ++# delete_blocked_requests: If the request takes MORE THAN 'max_request_time' ++# to be handled, then maybe the server should delete it. ++# ++# If you're running in threaded, or thread pool mode, this setting ++# should probably be 'no'. Setting it to 'yes' when using a threaded ++# server MAY cause the server to crash! ++# ++delete_blocked_requests = no ++ ++# cleanup_delay: The time to wait (in seconds) before cleaning up ++# a reply which was sent to the NAS. ++# ++# The RADIUS request is normally cached internally for a short period ++# of time, after the reply is sent to the NAS. The reply packet may be ++# lost in the network, and the NAS will not see it. The NAS will then ++# re-send the request, and the server will respond quickly with the ++# cached reply. ++# ++# If this value is set too low, then duplicate requests from the NAS ++# MAY NOT be detected, and will instead be handled as seperate requests. ++# ++# If this value is set too high, then the server will cache too many ++# requests, and some new requests may get blocked. (See 'max_requests'.) ++# ++# Useful range of values: 2 to 10 ++# ++cleanup_delay = 5 ++ ++# max_requests: The maximum number of requests which the server keeps ++# track of. This should be 256 multiplied by the number of clients. ++# e.g. With 4 clients, this number should be 1024. ++# ++# If this number is too low, then when the server becomes busy, ++# it will not respond to any new requests, until the 'cleanup_delay' ++# time has passed, and it has removed the old requests. ++# ++# If this number is set too high, then the server will use a bit more ++# memory for no real benefit. ++# ++# If you aren't sure what it should be set to, it's better to set it ++# too high than too low. Setting it to 1000 per client is probably ++# the highest it should be. ++# ++# Useful range of values: 256 to infinity ++# ++max_requests = 1024 ++ ++# bind_address: Make the server listen on a particular IP address, and ++# send replies out from that address. This directive is most useful ++# for machines with multiple IP addresses on one interface. ++# ++# It can either contain "*", or an IP address, or a fully qualified ++# Internet domain name. The default is "*" ++# ++# As of 1.0, you can also use the "listen" directive. See below for ++# more information. ++# ++bind_address = * ++ ++# port: Allows you to bind FreeRADIUS to a specific port. ++# ++# The default port that most NAS boxes use is 1645, which is historical. ++# RFC 2138 defines 1812 to be the new port. Many new servers and ++# NAS boxes use 1812, which can create interoperability problems. ++# ++# The port is defined here to be 0 so that the server will pick up ++# the machine's local configuration for the radius port, as defined ++# in /etc/services. ++# ++# If you want to use the default RADIUS port as defined on your server, ++# (usually through 'grep radius /etc/services') set this to 0 (zero). ++# ++# A port given on the command-line via '-p' over-rides this one. ++# ++# As of 1.0, you can also use the "listen" directive. See below for ++# more information. ++# ++port = 0 ++ ++# ++# By default, the server uses "bind_address" to listen to all IP's ++# on a machine, or just one IP. The "port" configuration is used ++# to select the authentication port used when listening on those ++# addresses. ++# ++# If you want the server to listen on additional addresses, you can ++# use the "listen" section. A sample section (commented out) is included ++# below. This "listen" section duplicates the functionality of the ++# "bind_address" and "port" configuration entries, but it only listens ++# for authentication packets. ++# ++# If you comment out the "bind_address" and "port" configuration entries, ++# then it becomes possible to make the server accept only accounting, ++# or authentication packets. Previously, it always listened for both ++# types of packets, and it was impossible to make it listen for only ++# one type of packet. ++# ++#listen { ++ # IP address on which to listen. ++ # Allowed values are: ++ # dotted quad (1.2.3.4) ++ # hostname (radius.example.com) ++ # wildcard (*) ++# ipaddr = * ++ ++ # Port on which to listen. ++ # Allowed values are: ++ # integer port number (1812) ++ # 0 means "use /etc/services for the proper port" ++# port = 0 ++ ++ # Type of packets to listen for. ++ # Allowed values are: ++ # auth listen for authentication packets ++ # acct listen for accounting packets ++ # ++# type = auth ++#} ++ ++ ++# hostname_lookups: Log the names of clients or just their IP addresses ++# e.g., www.freeradius.org (on) or 206.47.27.232 (off). ++# ++# The default is 'off' because it would be overall better for the net ++# if people had to knowingly turn this feature on, since enabling it ++# means that each client request will result in AT LEAST one lookup ++# request to the nameserver. Enabling hostname_lookups will also ++# mean that your server may stop randomly for 30 seconds from time ++# to time, if the DNS requests take too long. ++# ++# Turning hostname lookups off also means that the server won't block ++# for 30 seconds, if it sees an IP address which has no name associated ++# with it. ++# ++# allowed values: {no, yes} ++# ++hostname_lookups = no ++ ++# Core dumps are a bad thing. This should only be set to 'yes' ++# if you're debugging a problem with the server. ++# ++# allowed values: {no, yes} ++# ++allow_core_dumps = no ++ ++# Regular expressions ++# ++# These items are set at configure time. If they're set to "yes", ++# then setting them to "no" turns off regular expression support. ++# ++# If they're set to "no" at configure time, then setting them to "yes" ++# WILL NOT WORK. It will give you an error. ++# ++regular_expressions = @REGEX@ ++extended_expressions = @REGEX_EXTENDED@ ++ ++# Log the full User-Name attribute, as it was found in the request. ++# ++# allowed values: {no, yes} ++# ++log_stripped_names = no ++ ++# Log authentication requests to the log file. ++# ++# allowed values: {no, yes} ++# ++log_auth = no ++ ++# Log passwords with the authentication requests. ++# log_auth_badpass - logs password if it's rejected ++# log_auth_goodpass - logs password if it's correct ++# ++# allowed values: {no, yes} ++# ++log_auth_badpass = no ++log_auth_goodpass = no ++ ++# usercollide: Turn "username collision" code on and off. See the ++# "doc/duplicate-users" file ++# ++# WARNING ++# !!!!!!! Setting this to "yes" may result in the server behaving ++# !!!!!!! strangely. The "username collision" code will ONLY work ++# !!!!!!! with clear-text passwords. Even then, it may not do what ++# !!!!!!! you want, or what you expect. ++# !!!!!!! ++# !!!!!!! We STRONGLY RECOMMEND that you do not use this feature, ++# !!!!!!! and that you find another way of acheiving the same goal. ++# !!!!!!! ++# !!!!!!! e,g. module fail-over. See 'doc/configurable_failover' ++# WARNING ++# ++usercollide = no ++ ++# lower_user / lower_pass: ++# Lower case the username/password "before" or "after" ++# attempting to authenticate. ++# ++# If "before", the server will first modify the request and then try ++# to auth the user. If "after", the server will first auth using the ++# values provided by the user. If that fails it will reprocess the ++# request after modifying it as you specify below. ++# ++# This is as close as we can get to case insensitivity. It is the ++# admin's job to ensure that the username on the auth db side is ++# *also* lowercase to make this work ++# ++# Default is 'no' (don't lowercase values) ++# Valid values = "before" / "after" / "no" ++# ++lower_user = no ++lower_pass = no ++ ++# nospace_user / nospace_pass: ++# ++# Some users like to enter spaces in their username or password ++# incorrectly. To save yourself the tech support call, you can ++# eliminate those spaces here: ++# ++# Default is 'no' (don't remove spaces) ++# Valid values = "before" / "after" / "no" (explanation above) ++# ++nospace_user = no ++nospace_pass = no ++ ++# The program to execute to do concurrency checks. ++checkrad = ${sbindir}/checkrad ++ ++# SECURITY CONFIGURATION ++# ++# There may be multiple methods of attacking on the server. This ++# section holds the configuration items which minimize the impact ++# of those attacks ++# ++security { ++ # ++ # max_attributes: The maximum number of attributes ++ # permitted in a RADIUS packet. Packets which have MORE ++ # than this number of attributes in them will be dropped. ++ # ++ # If this number is set too low, then no RADIUS packets ++ # will be accepted. ++ # ++ # If this number is set too high, then an attacker may be ++ # able to send a small number of packets which will cause ++ # the server to use all available memory on the machine. ++ # ++ # Setting this number to 0 means "allow any number of attributes" ++ max_attributes = 200 ++ ++ # ++ # reject_delay: When sending an Access-Reject, it can be ++ # delayed for a few seconds. This may help slow down a DoS ++ # attack. It also helps to slow down people trying to brute-force ++ # crack a users password. ++ # ++ # Setting this number to 0 means "send rejects immediately" ++ # ++ # If this number is set higher than 'cleanup_delay', then the ++ # rejects will be sent at 'cleanup_delay' time, when the request ++ # is deleted from the internal cache of requests. ++ # ++ # Useful ranges: 1 to 5 ++ reject_delay = 1 ++ ++ # ++ # status_server: Whether or not the server will respond ++ # to Status-Server requests. ++ # ++ # Normally this should be set to "no", because they're useless. ++ # See: http://www.freeradius.org/rfc/rfc2865.html#Keep-Alives ++ # ++ # However, certain NAS boxes may require them. ++ # ++ # When sent a Status-Server message, the server responds with ++ # an Access-Accept packet, containing a Reply-Message attribute, ++ # which is a string describing how long the server has been ++ # running. ++ # ++ status_server = no ++} ++ ++# PROXY CONFIGURATION ++# ++# proxy_requests: Turns proxying of RADIUS requests on or off. ++# ++# The server has proxying turned on by default. If your system is NOT ++# set up to proxy requests to another server, then you can turn proxying ++# off here. This will save a small amount of resources on the server. ++# ++# If you have proxying turned off, and your configuration files say ++# to proxy a request, then an error message will be logged. ++# ++# To disable proxying, change the "yes" to "no", and comment the ++# $INCLUDE line. ++# ++# allowed values: {no, yes} ++# ++proxy_requests = yes ++$INCLUDE ${confdir}/proxy.conf ++ ++ ++# CLIENTS CONFIGURATION ++# ++# Client configuration is defined in "clients.conf". ++# ++ ++# The 'clients.conf' file contains all of the information from the old ++# 'clients' and 'naslist' configuration files. We recommend that you ++# do NOT use 'client's or 'naslist', although they are still ++# supported. ++# ++# Anything listed in 'clients.conf' will take precedence over the ++# information from the old-style configuration files. ++# ++$INCLUDE ${confdir}/clients.conf ++ ++ ++# SNMP CONFIGURATION ++# ++# Snmp configuration is only valid if SNMP support was enabled ++# at compile time. ++# ++# To enable SNMP querying of the server, set the value of the ++# 'snmp' attribute to 'yes' ++# ++snmp = no ++$INCLUDE ${confdir}/snmp.conf ++ ++ ++# THREAD POOL CONFIGURATION ++# ++# The thread pool is a long-lived group of threads which ++# take turns (round-robin) handling any incoming requests. ++# ++# You probably want to have a few spare threads around, ++# so that high-load situations can be handled immediately. If you ++# don't have any spare threads, then the request handling will ++# be delayed while a new thread is created, and added to the pool. ++# ++# You probably don't want too many spare threads around, ++# otherwise they'll be sitting there taking up resources, and ++# not doing anything productive. ++# ++# The numbers given below should be adequate for most situations. ++# ++thread pool { ++ # Number of servers to start initially --- should be a reasonable ++ # ballpark figure. ++ start_servers = 5 ++ ++ # Limit on the total number of servers running. ++ # ++ # If this limit is ever reached, clients will be LOCKED OUT, so it ++ # should NOT BE SET TOO LOW. It is intended mainly as a brake to ++ # keep a runaway server from taking the system with it as it spirals ++ # down... ++ # ++ # You may find that the server is regularly reaching the ++ # 'max_servers' number of threads, and that increasing ++ # 'max_servers' doesn't seem to make much difference. ++ # ++ # If this is the case, then the problem is MOST LIKELY that ++ # your back-end databases are taking too long to respond, and ++ # are preventing the server from responding in a timely manner. ++ # ++ # The solution is NOT do keep increasing the 'max_servers' ++ # value, but instead to fix the underlying cause of the ++ # problem: slow database, or 'hostname_lookups=yes'. ++ # ++ # For more information, see 'max_request_time', above. ++ # ++ max_servers = 32 ++ ++ # Server-pool size regulation. Rather than making you guess ++ # how many servers you need, FreeRADIUS dynamically adapts to ++ # the load it sees, that is, it tries to maintain enough ++ # servers to handle the current load, plus a few spare ++ # servers to handle transient load spikes. ++ # ++ # It does this by periodically checking how many servers are ++ # waiting for a request. If there are fewer than ++ # min_spare_servers, it creates a new spare. If there are ++ # more than max_spare_servers, some of the spares die off. ++ # The default values are probably OK for most sites. ++ # ++ min_spare_servers = 3 ++ max_spare_servers = 10 ++ ++ # There may be memory leaks or resource allocation problems with ++ # the server. If so, set this value to 300 or so, so that the ++ # resources will be cleaned up periodically. ++ # ++ # This should only be necessary if there are serious bugs in the ++ # server which have not yet been fixed. ++ # ++ # '0' is a special value meaning 'infinity', or 'the servers never ++ # exit' ++ max_requests_per_server = 0 ++} ++ ++# MODULE CONFIGURATION ++# ++# The names and configuration of each module is located in this section. ++# ++# After the modules are defined here, they may be referred to by name, ++# in other sections of this configuration file. ++# ++modules { ++ # ++ # Each module has a configuration as follows: ++ # ++ # name [ instance ] { ++ # config_item = value ++ # ... ++ # } ++ # ++ # The 'name' is used to load the 'rlm_name' library ++ # which implements the functionality of the module. ++ # ++ # The 'instance' is optional. To have two different instances ++ # of a module, it first must be referred to by 'name'. ++ # The different copies of the module are then created by ++ # inventing two 'instance' names, e.g. 'instance1' and 'instance2' ++ # ++ # The instance names can then be used in later configuration ++ # INSTEAD of the original 'name'. See the 'radutmp' configuration ++ # below for an example. ++ # ++ ++ # PAP module to authenticate users based on their stored password ++ # ++ # Supports multiple encryption schemes ++ # clear: Clear text ++ # crypt: Unix crypt ++ # md5: MD5 ecnryption ++ # sha1: SHA1 encryption. ++ # DEFAULT: crypt ++ pap { ++ encryption_scheme = crypt ++ } ++ ++ # CHAP module ++ # ++ # To authenticate requests containing a CHAP-Password attribute. ++ # ++ chap { ++ authtype = CHAP ++ } ++ ++ # Pluggable Authentication Modules ++ # ++ # For Linux, see: ++ # http://www.kernel.org/pub/linux/libs/pam/index.html ++ # ++ # WARNING: On many systems, the system PAM libraries have ++ # memory leaks! We STRONGLY SUGGEST that you do not ++ # use PAM for authentication, due to those memory leaks. ++ # ++ pam { ++ # ++ # The name to use for PAM authentication. ++ # PAM looks in /etc/pam.d/${pam_auth_name} ++ # for it's configuration. See 'redhat/radiusd-pam' ++ # for a sample PAM configuration file. ++ # ++ # Note that any Pam-Auth attribute set in the 'authorize' ++ # section will over-ride this one. ++ # ++ pam_auth = radiusd ++ } ++ ++ # Unix /etc/passwd style authentication ++ # ++ unix { ++ # ++ # Cache /etc/passwd, /etc/shadow, and /etc/group ++ # ++ # The default is to NOT cache them. ++ # ++ # For FreeBSD and NetBSD, you do NOT want to enable ++ # the cache, as it's password lookups are done via a ++ # database, so set this value to 'no'. ++ # ++ # Some systems (e.g. RedHat Linux with pam_pwbd) can ++ # take *seconds* to check a password, when th passwd ++ # file containing 1000's of entries. For those systems, ++ # you should set the cache value to 'yes', and set ++ # the locations of the 'passwd', 'shadow', and 'group' ++ # files, below. ++ # ++ # allowed values: {no, yes} ++ cache = no ++ ++ # Reload the cache every 600 seconds (10mins). 0 to disable. ++ cache_reload = 600 ++ ++ # ++ # Define the locations of the normal passwd, shadow, and ++ # group files. ++ # ++ # 'shadow' is commented out by default, because not all ++ # systems have shadow passwords. ++ # ++ # To force the module to use the system password functions, ++ # instead of reading the files, leave the following entries ++ # commented out. ++ # ++ # This is required for some systems, like FreeBSD, ++ # and Mac OSX. ++ # ++ # passwd = /etc/passwd ++ # shadow = /etc/shadow ++ # group = /etc/group ++ ++ # ++ # The location of the "wtmp" file. ++ # This should be moved to it's own module soon. ++ # ++ # The only use for 'radlast'. If you don't use ++ # 'radlast', then you can comment out this item. ++ # ++ radwtmp = ${logdir}/radwtmp ++ } ++ ++ # Extensible Authentication Protocol ++ # ++ # For all EAP related authentications. ++ # Now in another file, because it is very large. ++ # ++$INCLUDE ${confdir}/eap.conf ++ ++ # Microsoft CHAP authentication ++ # ++ # This module supports MS-CHAP and MS-CHAPv2 authentication. ++ # It also enforces the SMB-Account-Ctrl attribute. ++ # ++ mschap { ++ # ++ # As of 0.9, the mschap module does NOT support ++ # reading from /etc/smbpasswd. ++ # ++ # If you are using /etc/smbpasswd, see the 'passwd' ++ # module for an example of how to use /etc/smbpasswd ++ ++ # if use_mppe is not set to no mschap will ++ # add MS-CHAP-MPPE-Keys for MS-CHAPv1 and ++ # MS-MPPE-Recv-Key/MS-MPPE-Send-Key for MS-CHAPv2 ++ # ++ #use_mppe = no ++ ++ # if mppe is enabled require_encryption makes ++ # encryption moderate ++ # ++ #require_encryption = yes ++ ++ # require_strong always requires 128 bit key ++ # encryption ++ # ++ #require_strong = yes ++ ++ # Windows sends us a username in the form of ++ # DOMAIN\user, but sends the challenge response ++ # based on only the user portion. This hack ++ # corrects for that incorrect behavior. ++ # ++ #with_ntdomain_hack = no ++ ++ # The module can perform authentication itself, OR ++ # use a Windows Domain Controller. This configuration ++ # directive tells the module to call the ntlm_auth ++ # program, which will do the authentication, and return ++ # the NT-Key. Note that you MUST have "winbindd" and ++ # "nmbd" running on the local machine for ntlm_auth ++ # to work. See the ntlm_auth program documentation ++ # for details. ++ # ++ # Be VERY careful when editing the following line! ++ # ++ #ntlm_auth = "/path/to/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}" ++ } ++ ++ # Lightweight Directory Access Protocol (LDAP) ++ # ++ # This module definition allows you to use LDAP for ++ # authorization and authentication. ++ # ++ # See doc/rlm_ldap for description of configuration options ++ # and sample authorize{} and authenticate{} blocks ++ # ++ # However, LDAP can be used for authentication ONLY when the ++ # Access-Request packet contains a clear-text User-Password ++ # attribute. LDAP authentication will NOT work for any other ++ # authentication method. ++ # ++ # This means that LDAP servers don't understand EAP. If you ++ # force "Auth-Type = LDAP", and then send the server a ++ # request containing EAP authentication, then authentication ++ # WILL NOT WORK. ++ # ++ # The solution is to use the default configuration, which does ++ # work. ++ # ++ # Setting "Auth-Type = LDAP" is ALMOST ALWAYS WRONG. We ++ # really can't emphasize this enough. ++ # ++ ldap { ++ server = "ldap.your.domain" ++ # identity = "cn=admin,o=My Org,c=UA" ++ # password = mypass ++ basedn = "o=My Org,c=UA" ++ filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" ++ # base_filter = "(objectclass=radiusprofile)" ++ ++ # set this to 'yes' to use TLS encrypted connections ++ # to the LDAP database by using the StartTLS extended ++ # operation. ++ # The StartTLS operation is supposed to be used with normal ++ # ldap connections instead of using ldaps (port 689) connections ++ start_tls = no ++ ++ # tls_cacertfile = /path/to/cacert.pem ++ # tls_cacertdir = /path/to/ca/dir/ ++ # tls_certfile = /path/to/radius.crt ++ # tls_keyfile = /path/to/radius.key ++ # tls_randfile = /path/to/rnd ++ # tls_require_cert = "demand" ++ ++ # default_profile = "cn=radprofile,ou=dialup,o=My Org,c=UA" ++ # profile_attribute = "radiusProfileDn" ++ access_attr = "dialupAccess" ++ ++ # Mapping of RADIUS dictionary attributes to LDAP ++ # directory attributes. ++ dictionary_mapping = ${raddbdir}/ldap.attrmap ++ ++ ldap_connections_number = 5 ++ ++ # ++ # NOTICE: The password_header directive is NOT case insensitive ++ # ++ # password_header = "{clear}" ++ # ++ # Set: ++ # password_attribute = nspmPassword ++ # ++ # to get the user's password from a Novell eDirectory ++ # backend. This will work *only if* freeRADIUS is ++ # configured to build with --with-edir option. ++ # ++ # ++ # The server can usually figure this out on its own, and pull ++ # the correct User-Password or NT-Password from the database. ++ # ++ # Note that NT-Passwords MUST be stored as a 32-digit hex ++ # string, and MUST start off with "0x", such as: ++ # ++ # 0x000102030405060708090a0b0c0d0e0f ++ # ++ # Without the leading "0x", NT-Passwords will not work. ++ # This goes for NT-Passwords stored in SQL, too. ++ # ++ # password_attribute = userPassword ++ # ++ # Un-comment the following to disable Novell eDirectory account ++ # policy check and intruder detection. This will work *only if* ++ # FreeRADIUS is configured to build with --with-edir option. ++ # ++ # edir_account_policy_check=no ++ # ++ # groupname_attribute = cn ++ # groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))" ++ # groupmembership_attribute = radiusGroupName ++ timeout = 4 ++ timelimit = 3 ++ net_timeout = 1 ++ # compare_check_items = yes ++ # do_xlat = yes ++ # access_attr_used_for_allow = yes ++ ++ # ++ # By default, if the packet contains a User-Password, ++ # and no other module is configured to handle the ++ # authentication, the LDAP module sets itself to do ++ # LDAP bind for authentication. ++ # ++ # You can disable this behavior by setting the following ++ # configuration entry to "no". ++ # ++ # allowed values: {no, yes} ++ # set_auth_type = yes ++ } ++ ++ # passwd module allows to do authorization via any passwd-like ++ # file and to extract any attributes from these modules ++ # ++ # parameters are: ++ # filename - path to filename ++ # format - format for filename record. This parameters ++ # correlates record in the passwd file and RADIUS ++ # attributes. ++ # ++ # Field marked as '*' is key field. That is, the parameter ++ # with this name from the request is used to search for ++ # the record from passwd file ++ # Attribute marked as '=' is added to reply_itmes instead ++ # of default configure_itmes ++ # Attribute marked as '~' is added to request_items ++ # ++ # Field marked as ',' may contain a comma separated list ++ # of attributes. ++ # authtype - if record found this Auth-Type is used to authenticate ++ # user ++ # hashsize - hashtable size. If 0 or not specified records are not ++ # stored in memory and file is red on every request. ++ # allowmultiplekeys - if few records for every key are allowed ++ # ignorenislike - ignore NIS-related records ++ # delimiter - symbol to use as a field separator in passwd file, ++ # for format ':' symbol is always used. '\0', '\n' are ++ # not allowed ++ # ++ ++ # An example configuration for using /etc/smbpasswd. ++ # ++ #passwd etc_smbpasswd { ++ # filename = /etc/smbpasswd ++ # format = "*User-Name::LM-Password:NT-Password:SMB-Account-CTRL-TEXT::" ++ # authtype = MS-CHAP ++ # hashsize = 100 ++ # ignorenislike = no ++ # allowmultiplekeys = no ++ #} ++ ++ # Similar configuration, for the /etc/group file. Adds a Group-Name ++ # attribute for every group that the user is member of. ++ # ++ #passwd etc_group { ++ # filename = /etc/group ++ # format = "=Group-Name:::*,User-Name" ++ # hashsize = 50 ++ # ignorenislike = yes ++ # allowmultiplekeys = yes ++ # delimiter = ":" ++ #} ++ ++ # Realm module, for proxying. ++ # ++ # You can have multiple instances of the realm module to ++ # support multiple realm syntaxs at the same time. The ++ # search order is defined by the order in the authorize and ++ # preacct sections. ++ # ++ # Four config options: ++ # format - must be 'prefix' or 'suffix' ++ # delimiter - must be a single character ++ # ignore_default - set to 'yes' or 'no' ++ # ignore_null - set to 'yes' or 'no' ++ # ++ # ignore_default and ignore_null can be set to 'yes' to prevent ++ # the module from matching against DEFAULT or NULL realms. This ++ # may be useful if you have have multiple instances of the ++ # realm module. ++ # ++ # They both default to 'no'. ++ # ++ ++ # 'realm/username' ++ # ++ # Using this entry, IPASS users have their realm set to "IPASS". ++ realm IPASS { ++ format = prefix ++ delimiter = "/" ++ ignore_default = no ++ ignore_null = no ++ } ++ ++ # 'username@realm' ++ # ++ realm suffix { ++ format = suffix ++ delimiter = "@" ++ ignore_default = no ++ ignore_null = no ++ } ++ ++ # 'username%realm' ++ # ++ realm realmpercent { ++ format = suffix ++ delimiter = "%" ++ ignore_default = no ++ ignore_null = no ++ } ++ ++ # ++ # 'domain\user' ++ # ++ realm ntdomain { ++ format = prefix ++ delimiter = "\\" ++ ignore_default = no ++ ignore_null = no ++ } ++ ++ # A simple value checking module ++ # ++ # It can be used to check if an attribute value in the request ++ # matches a (possibly multi valued) attribute in the check ++ # items This can be used for example for caller-id ++ # authentication. For the module to run, both the request ++ # attribute and the check items attribute must exist ++ # ++ # i.e. ++ # A user has an ldap entry with 2 radiusCallingStationId ++ # attributes with values "12345678" and "12345679". If we ++ # enable rlm_checkval, then any request which contains a ++ # Calling-Station-Id with one of those two values will be ++ # accepted. Requests with other values for ++ # Calling-Station-Id will be rejected. ++ # ++ # Regular expressions in the check attribute value are allowed ++ # as long as the operator is '=~' ++ # ++ checkval { ++ # The attribute to look for in the request ++ item-name = Calling-Station-Id ++ ++ # The attribute to look for in check items. Can be multi valued ++ check-name = Calling-Station-Id ++ ++ # The data type. Can be ++ # string,integer,ipaddr,date,abinary,octets ++ data-type = string ++ ++ # If set to yes and we dont find the item-name attribute in the ++ # request then we send back a reject ++ # DEFAULT is no ++ #notfound-reject = no ++ } ++ ++ # rewrite arbitrary packets. Useful in accounting and authorization. ++ # ++ # ++ # The module can also use the Rewrite-Rule attribute. If it ++ # is set and matches the name of the module instance, then ++ # that module instance will be the only one which runs. ++ # ++ # Also if new_attribute is set to yes then a new attribute ++ # will be created containing the value replacewith and it ++ # will be added to searchin (packet, reply, proxy, proxy_reply or config). ++ # searchfor,ignore_case and max_matches will be ignored in that case. ++ # ++ # Backreferences are supported: %{0} will contain the string the whole match ++ # and %{1} to %{8} will contain the contents of the 1st to the 8th parentheses ++ # ++ # If max_matches is greater than one the backreferences will correspond to the ++ # first match ++ ++ # ++ #attr_rewrite sanecallerid { ++ # attribute = Called-Station-Id ++ # may be "packet", "reply", "proxy", "proxy_reply" or "config" ++ # searchin = packet ++ # searchfor = "[+ ]" ++ # replacewith = "" ++ # ignore_case = no ++ # new_attribute = no ++ # max_matches = 10 ++ # ## If set to yes then the replace string will be appended to the original string ++ # append = no ++ #} ++ ++ # Preprocess the incoming RADIUS request, before handing it off ++ # to other modules. ++ # ++ # This module processes the 'huntgroups' and 'hints' files. ++ # In addition, it re-writes some weird attributes created ++ # by some NASes, and converts the attributes into a form which ++ # is a little more standard. ++ # ++ preprocess { ++ huntgroups = ${confdir}/huntgroups ++ hints = ${confdir}/hints ++ ++ # This hack changes Ascend's wierd port numberings ++ # to standard 0-??? port numbers so that the "+" works ++ # for IP address assignments. ++ with_ascend_hack = no ++ ascend_channels_per_line = 23 ++ ++ # Windows NT machines often authenticate themselves as ++ # NT_DOMAIN\username ++ # ++ # If this is set to 'yes', then the NT_DOMAIN portion ++ # of the user-name is silently discarded. ++ # ++ # This configuration entry SHOULD NOT be used. ++ # See the "realms" module for a better way to handle ++ # NT domains. ++ with_ntdomain_hack = no ++ ++ # Specialix Jetstream 8500 24 port access server. ++ # ++ # If the user name is 10 characters or longer, a "/" ++ # and the excess characters after the 10th are ++ # appended to the user name. ++ # ++ # If you're not running that NAS, you don't need ++ # this hack. ++ with_specialix_jetstream_hack = no ++ ++ # Cisco (and Quintum in Cisco mode) sends it's VSA attributes ++ # with the attribute name *again* in the string, like: ++ # ++ # H323-Attribute = "h323-attribute=value". ++ # ++ # If this configuration item is set to 'yes', then ++ # the redundant data in the the attribute text is stripped ++ # out. The result is: ++ # ++ # H323-Attribute = "value" ++ # ++ # If you're not running a Cisco or Quintum NAS, you don't ++ # need this hack. ++ with_cisco_vsa_hack = no ++ } ++ ++ # Livingston-style 'users' file ++ # ++ files { ++ usersfile = ${confdir}/users ++ acctusersfile = ${confdir}/acct_users ++ preproxy_usersfile = ${confdir}/preproxy_users ++ ++ # If you want to use the old Cistron 'users' file ++ # with FreeRADIUS, you should change the next line ++ # to 'compat = cistron'. You can the copy your 'users' ++ # file from Cistron. ++ compat = no ++ } ++ ++ # Write a detailed log of all accounting records received. ++ # ++ detail { ++ # Note that we do NOT use NAS-IP-Address here, as ++ # that attribute MAY BE from the originating NAS, and ++ # NOT from the proxy which actually sent us the ++ # request. The Client-IP-Address attribute is ALWAYS ++ # the address of the client which sent us the ++ # request. ++ # ++ # The following line creates a new detail file for ++ # every radius client (by IP address or hostname). ++ # In addition, a new detail file is created every ++ # day, so that the detail file doesn't have to go ++ # through a 'log rotation' ++ # ++ # If your detail files are large, you may also want ++ # to add a ':%H' (see doc/variables.txt) to the end ++ # of it, to create a new detail file every hour, e.g.: ++ # ++ # ..../detail-%Y%m%d:%H ++ # ++ # This will create a new detail file for every hour. ++ # ++ detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d ++ ++ # ++ # The Unix-style permissions on the 'detail' file. ++ # ++ # The detail file often contains secret or private ++ # information about users. So by keeping the file ++ # permissions restrictive, we can prevent unwanted ++ # people from seeing that information. ++ detailperm = 0600 ++ ++ # ++ # Certain attributes such as User-Password may be ++ # "sensitive", so they should not be printed in the ++ # detail file. This section lists the attributes ++ # that should be suppressed. ++ # ++ # The attributes should be listed one to a line. ++ # ++ #suppress { ++ # User-Password ++ #} ++ } ++ ++ # ++ # Many people want to log authentication requests. ++ # Rather than modifying the server core to print out more ++ # messages, we can use a different instance of the 'detail' ++ # module, to log the authentication requests to a file. ++ # ++ # You will also need to un-comment the 'auth_log' line ++ # in the 'authorize' section, below. ++ # ++ # detail auth_log { ++ # detailfile = ${radacctdir}/%{Client-IP-Address}/auth-detail-%Y%m%d ++ ++ # ++ # This MUST be 0600, otherwise anyone can read ++ # the users passwords! ++ # detailperm = 0600 ++ # } ++ ++ # ++ # This module logs authentication reply packets sent ++ # to a NAS. Both Access-Accept and Access-Reject packets ++ # are logged. ++ # ++ # You will also need to un-comment the 'reply_log' line ++ # in the 'post-auth' section, below. ++ # ++ # detail reply_log { ++ # detailfile = ${radacctdir}/%{Client-IP-Address}/reply-detail-%Y%m%d ++ ++ # ++ # This MUST be 0600, otherwise anyone can read ++ # the users passwords! ++ # detailperm = 0600 ++ # } ++ ++ # ++ # This module logs packets proxied to a home server. ++ # ++ # You will also need to un-comment the 'pre_proxy_log' line ++ # in the 'pre-proxy' section, below. ++ # ++ # detail pre_proxy_log { ++ # detailfile = ${radacctdir}/%{Client-IP-Address}/pre-proxy-detail-%Y%m%d ++ ++ # ++ # This MUST be 0600, otherwise anyone can read ++ # the users passwords! ++ # detailperm = 0600 ++ # } ++ ++ # ++ # This module logs response packets from a home server. ++ # ++ # You will also need to un-comment the 'post_proxy_log' line ++ # in the 'post-proxy' section, below. ++ # ++ # detail post_proxy_log { ++ # detailfile = ${radacctdir}/%{Client-IP-Address}/post-proxy-detail-%Y%m%d ++ ++ # ++ # This MUST be 0600, otherwise anyone can read ++ # the users passwords! ++ # detailperm = 0600 ++ # } ++ ++ # ++ # The rlm_sql_log module appends the SQL queries in a log ++ # file which is read later by the radsqlrelay program. ++ # ++ # This module only performs the dynamic expansion of the ++ # variables found in the SQL statements. No operation is ++ # executed on the database server. (this could be done ++ # later by an external program) That means the module is ++ # useful only with non-"SELECT" statements. ++ # ++ # See rlm_sql_log(5) manpage. ++ # ++# sql_log { ++# path = ${radacctdir}/sql-relay ++# acct_table = "radacct" ++# postauth_table = "radpostauth" ++# ++# Start = "INSERT INTO ${acct_table} (AcctSessionId, UserName, \ ++# NASIPAddress, FramedIPAddress, AcctStartTime, AcctStopTime, \ ++# AcctSessionTime, AcctTerminateCause) VALUES \ ++# ('%{Acct-Session-Id}', '%{User-Name}', '%{NAS-IP-Address}', \ ++# '%{Framed-IP-Address}', '%S', '0', '0', '');" ++# Stop = "INSERT INTO ${acct_table} (AcctSessionId, UserName, \ ++# NASIPAddress, FramedIPAddress, AcctStartTime, AcctStopTime, \ ++# AcctSessionTime, AcctTerminateCause) VALUES \ ++# ('%{Acct-Session-Id}', '%{User-Name}', '%{NAS-IP-Address}', \ ++# '%{Framed-IP-Address}', '0', '%S', '%{Acct-Session-Time}', \ ++# '%{Acct-Terminate-Cause}');" ++# Alive = "INSERT INTO ${acct_table} (AcctSessionId, UserName, \ ++# NASIPAddress, FramedIPAddress, AcctStartTime, AcctStopTime, \ ++# AcctSessionTime, AcctTerminateCause) VALUES \ ++# ('%{Acct-Session-Id}', '%{User-Name}', '%{NAS-IP-Address}', \ ++# '%{Framed-IP-Address}', '0', '0', '%{Acct-Session-Time}','');" ++# ++# Post-Auth = "INSERT INTO ${postauth_table} \ ++# (user, pass, reply, date) VALUES \ ++# ('%{User-Name}', '%{User-Password:-Chap-Password}', \ ++# '%{reply:Packet-Type}', '%S');" ++# } ++ ++ # ++ # Create a unique accounting session Id. Many NASes re-use ++ # or repeat values for Acct-Session-Id, causing no end of ++ # confusion. ++ # ++ # This module will add a (probably) unique session id ++ # to an accounting packet based on the attributes listed ++ # below found in the packet. See doc/rlm_acct_unique for ++ # more information. ++ # ++ acct_unique { ++ key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" ++ } ++ ++ ++ # Include another file that has the SQL-related configuration. ++ # This is another file only because it tends to be big. ++ # ++ # The following configuration file is for use with MySQL. ++ # ++ # For Postgresql, use: ${confdir}/postgresql.conf ++ # For MS-SQL, use: ${confdir}/mssql.conf ++ # For Oracle, use: ${confdir}/oraclesql.conf ++ # ++ $INCLUDE ${confdir}/sql.conf ++ ++ ++ # For Cisco VoIP specific accounting with Postgresql, ++ # use: ${confdir}/pgsql-voip.conf ++ # ++ # You will also need the sql schema from: ++ # src/billing/cisco_h323_db_schema-postgres.sql ++ # Note: This config can be use AS WELL AS the standard sql ++ # config if you need SQL based Auth ++ ++ ++ # Write a 'utmp' style file, of which users are currently ++ # logged in, and where they've logged in from. ++ # ++ # This file is used mainly for Simultaneous-Use checking, ++ # and also 'radwho', to see who's currently logged in. ++ # ++ radutmp { ++ # Where the file is stored. It's not a log file, ++ # so it doesn't need rotating. ++ # ++ filename = ${logdir}/radutmp ++ ++ # The field in the packet to key on for the ++ # 'user' name, If you have other fields which you want ++ # to use to key on to control Simultaneous-Use, ++ # then you can use them here. ++ # ++ # Note, however, that the size of the field in the ++ # 'utmp' data structure is small, around 32 ++ # characters, so that will limit the possible choices ++ # of keys. ++ # ++ # You may want instead: %{Stripped-User-Name:-%{User-Name}} ++ username = %{User-Name} ++ ++ ++ # Whether or not we want to treat "user" the same ++ # as "USER", or "User". Some systems have problems ++ # with case sensitivity, so this should be set to ++ # 'no' to enable the comparisons of the key attribute ++ # to be case insensitive. ++ # ++ case_sensitive = yes ++ ++ # Accounting information may be lost, so the user MAY ++ # have logged off of the NAS, but we haven't noticed. ++ # If so, we can verify this information with the NAS, ++ # ++ # If we want to believe the 'utmp' file, then this ++ # configuration entry can be set to 'no'. ++ # ++ check_with_nas = yes ++ ++ # Set the file permissions, as the contents of this file ++ # are usually private. ++ perm = 0600 ++ ++ callerid = "yes" ++ } ++ ++ # "Safe" radutmp - does not contain caller ID, so it can be ++ # world-readable, and radwho can work for normal users, without ++ # exposing any information that isn't already exposed by who(1). ++ # ++ # This is another 'instance' of the radutmp module, but it is given ++ # then name "sradutmp" to identify it later in the "accounting" ++ # section. ++ radutmp sradutmp { ++ filename = ${logdir}/sradutmp ++ perm = 0644 ++ callerid = "no" ++ } ++ ++ # attr_filter - filters the attributes received in replies from ++ # proxied servers, to make sure we send back to our RADIUS client ++ # only allowed attributes. ++ attr_filter { ++ attrsfile = ${confdir}/attrs ++ } ++ ++ # counter module: ++ # This module takes an attribute (count-attribute). ++ # It also takes a key, and creates a counter for each unique ++ # key. The count is incremented when accounting packets are ++ # received by the server. The value of the increment depends ++ # on the attribute type. ++ # If the attribute is Acct-Session-Time or of an integer type we add the ++ # value of the attribute. If it is anything else we increase the ++ # counter by one. ++ # ++ # The 'reset' parameter defines when the counters are all reset to ++ # zero. It can be hourly, daily, weekly, monthly or never. ++ # ++ # hourly: Reset on 00:00 of every hour ++ # daily: Reset on 00:00:00 every day ++ # weekly: Reset on 00:00:00 on sunday ++ # monthly: Reset on 00:00:00 of the first day of each month ++ # ++ # It can also be user defined. It should be of the form: ++ # num[hdwm] where: ++ # h: hours, d: days, w: weeks, m: months ++ # If the letter is ommited days will be assumed. In example: ++ # reset = 10h (reset every 10 hours) ++ # reset = 12 (reset every 12 days) ++ # ++ # ++ # The check-name attribute defines an attribute which will be ++ # registered by the counter module and can be used to set the ++ # maximum allowed value for the counter after which the user ++ # is rejected. ++ # Something like: ++ # ++ # DEFAULT Max-Daily-Session := 36000 ++ # Fall-Through = 1 ++ # ++ # You should add the counter module in the instantiate ++ # section so that it registers check-name before the files ++ # module reads the users file. ++ # ++ # If check-name is set and the user is to be rejected then we ++ # send back a Reply-Message and we log a Failure-Message in ++ # the radius.log ++ # If the count attribute is Acct-Session-Time then on each login ++ # we send back the remaining online time as a Session-Timeout attribute ++ # ++ # The counter-name can also be used instead of using the check-name ++ # like below: ++ # ++ # DEFAULT Daily-Session-Time > 3600, Auth-Type = Reject ++ # Reply-Message = "You've used up more than one hour today" ++ # ++ # The allowed-servicetype attribute can be used to only take ++ # into account specific sessions. For example if a user first ++ # logs in through a login menu and then selects ppp there will ++ # be two sessions. One for Login-User and one for Framed-User ++ # service type. We only need to take into account the second one. ++ # ++ # The module should be added in the instantiate, authorize and ++ # accounting sections. Make sure that in the authorize ++ # section it comes after any module which sets the ++ # 'check-name' attribute. ++ # ++ counter daily { ++ filename = ${raddbdir}/db.daily ++ key = User-Name ++ count-attribute = Acct-Session-Time ++ reset = daily ++ counter-name = Daily-Session-Time ++ check-name = Max-Daily-Session ++ allowed-servicetype = Framed-User ++ cache-size = 5000 ++ } ++ ++ # ++ # This module is an SQL enabled version of the counter module. ++ # ++ # Rather than maintaining seperate (GDBM) databases of ++ # accounting info for each counter, this module uses the data ++ # stored in the raddacct table by the sql modules. This ++ # module NEVER does any database INSERTs or UPDATEs. It is ++ # totally dependent on the SQL module to process Accounting ++ # packets. ++ # ++ # The 'sqlmod_inst' parameter holds the instance of the sql ++ # module to use when querying the SQL database. Normally it ++ # is just "sql". If you define more and one SQL module ++ # instance (usually for failover situations), you can ++ # specify which module has access to the Accounting Data ++ # (radacct table). ++ # ++ # The 'reset' parameter defines when the counters are all ++ # reset to zero. It can be hourly, daily, weekly, monthly or ++ # never. It can also be user defined. It should be of the ++ # form: ++ # num[hdwm] where: ++ # h: hours, d: days, w: weeks, m: months ++ # If the letter is ommited days will be assumed. In example: ++ # reset = 10h (reset every 10 hours) ++ # reset = 12 (reset every 12 days) ++ # ++ # The 'key' parameter specifies the unique identifier for the ++ # counter records (usually 'User-Name'). ++ # ++ # The 'query' parameter specifies the SQL query used to get ++ # the current Counter value from the database. There are 3 ++ # parameters that can be used in the query: ++ # %k 'key' parameter ++ # %b unix time value of beginning of reset period ++ # %e unix time value of end of reset period ++ # ++ # The 'check-name' parameter is the name of the 'check' ++ # attribute to use to access the counter in the 'users' file ++ # or SQL radcheck or radcheckgroup tables. ++ # ++ # DEFAULT Max-Daily-Session > 3600, Auth-Type = Reject ++ # Reply-Message = "You've used up more than one hour today" ++ # ++ sqlcounter dailycounter { ++ counter-name = Daily-Session-Time ++ check-name = Max-Daily-Session ++ sqlmod-inst = sql ++ key = User-Name ++ reset = daily ++ ++ # This query properly handles calls that span from the ++ # previous reset period into the current period but ++ # involves more work for the SQL server than those ++ # below ++ # For mysql: ++ query = "SELECT SUM(AcctSessionTime - \ ++ GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \ ++ FROM radacct WHERE UserName='%{%k}' AND \ ++ UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'" ++ ++ # For postgresql: ++# query = "SELECT SUM(AcctSessionTime - \ ++# GREATER((%b - AcctStartTime::ABSTIME::INT4), 0)) \ ++# FROM radacct WHERE UserName='%{%k}' AND \ ++# AcctStartTime::ABSTIME::INT4 + AcctSessionTime > '%b'" ++ ++ # This query ignores calls that started in a previous ++ # reset period and continue into into this one. But it ++ # is a little easier on the SQL server ++ # For mysql: ++# query = "SELECT SUM(AcctSessionTime) FROM radacct WHERE \ ++# UserName='%{%k}' AND AcctStartTime > FROM_UNIXTIME('%b')" ++ ++ # For postgresql: ++# query = "SELECT SUM(AcctSessionTime) FROM radacct WHERE \ ++# UserName='%{%k}' AND AND AcctStartTime::ABSTIME::INT4 > '%b'" ++ ++ # This query is the same as above, but demonstrates an ++ # additional counter parameter '%e' which is the ++ # timestamp for the end of the period ++ # For mysql: ++# query = "SELECT SUM(AcctSessionTime) FROM radacct \ ++# WHERE UserName='%{%k}' AND AcctStartTime BETWEEN \ ++# FROM_UNIXTIME('%b') AND FROM_UNIXTIME('%e')" ++ ++ # For postgresql: ++# query = "SELECT SUM(AcctSessionTime) FROM radacct \ ++# WHERE UserName='%{%k}' AND AcctStartTime::ABSTIME::INT4 \ ++# BETWEEN '%b' AND '%e'" ++ } ++ ++ sqlcounter monthlycounter { ++ counter-name = Monthly-Session-Time ++ check-name = Max-Monthly-Session ++ sqlmod-inst = sql ++ key = User-Name ++ reset = monthly ++ ++ # This query properly handles calls that span from the ++ # previous reset period into the current period but ++ # involves more work for the SQL server than those ++ # below ++ # The same notes above about the differences between mysql ++ # versus postgres queries apply here. ++ query = "SELECT SUM(AcctSessionTime - \ ++ GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \ ++ FROM radacct WHERE UserName='%{%k}' AND \ ++ UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'" ++ ++ # This query ignores calls that started in a previous ++ # reset period and continue into into this one. But it ++ # is a little easier on the SQL server ++# query = "SELECT SUM(AcctSessionTime) FROM radacct WHERE \ ++# UserName='%{%k}' AND AcctStartTime > FROM_UNIXTIME('%b')" ++ ++ # This query is the same as above, but demonstrates an ++ # additional counter parameter '%e' which is the ++ # timestamp for the end of the period ++# query = "SELECT SUM(AcctSessionTime) FROM radacct \ ++# WHERE UserName='%{%k}' AND AcctStartTime BETWEEN \ ++# FROM_UNIXTIME('%b') AND FROM_UNIXTIME('%e')" ++ } ++ ++ # ++ # The "always" module is here for debugging purposes. Each ++ # instance simply returns the same result, always, without ++ # doing anything. ++ always fail { ++ rcode = fail ++ } ++ always reject { ++ rcode = reject ++ } ++ always ok { ++ rcode = ok ++ simulcount = 0 ++ mpp = no ++ } ++ ++ # ++ # The 'expression' module currently has no configuration. ++ # ++ # This module is useful only for 'xlat'. To use it, ++ # put 'exec' into the 'instantiate' section. You can then ++ # do dynamic translation of attributes like: ++ # ++ # Attribute-Name = `%{expr:2 + 3 + %{exec: uid -u}}` ++ # ++ # The value of the attribute will be replaced with the output ++ # of the program which is executed. Due to RADIUS protocol ++ # limitations, any output over 253 bytes will be ignored. ++ expr { ++ } ++ ++ # ++ # The 'digest' module currently has no configuration. ++ # ++ # "Digest" authentication against a Cisco SIP server. ++ # See 'doc/rfc/draft-sterman-aaa-sip-00.txt' for details ++ # on performing digest authentication for Cisco SIP servers. ++ # ++ digest { ++ } ++ ++ # ++ # Execute external programs ++ # ++ # This module is useful only for 'xlat'. To use it, ++ # put 'exec' into the 'instantiate' section. You can then ++ # do dynamic translation of attributes like: ++ # ++ # Attribute-Name = `%{exec:/path/to/program args}` ++ # ++ # The value of the attribute will be replaced with the output ++ # of the program which is executed. Due to RADIUS protocol ++ # limitations, any output over 253 bytes will be ignored. ++ # ++ # The RADIUS attributes from the user request will be placed ++ # into environment variables of the executed program, as ++ # described in 'doc/variables.txt' ++ # ++ exec { ++ wait = yes ++ input_pairs = request ++ } ++ ++ # ++ # This is a more general example of the execute module. ++ # ++ # This one is called "echo". ++ # ++ # Attribute-Name = `%{echo:/path/to/program args}` ++ # ++ # If you wish to execute an external program in more than ++ # one section (e.g. 'authorize', 'pre_proxy', etc), then it ++ # is probably best to define a different instance of the ++ # 'exec' module for every section. ++ # ++ exec echo { ++ # ++ # Wait for the program to finish. ++ # ++ # If we do NOT wait, then the program is "fire and ++ # forget", and any output attributes from it are ignored. ++ # ++ # If we are looking for the program to output ++ # attributes, and want to add those attributes to the ++ # request, then we MUST wait for the program to ++ # finish, and therefore set 'wait=yes' ++ # ++ # allowed values: {no, yes} ++ wait = yes ++ ++ # ++ # The name of the program to execute, and it's ++ # arguments. Dynamic translation is done on this ++ # field, so things like the following example will ++ # work. ++ # ++ program = "/bin/echo %{User-Name}" ++ ++ # ++ # The attributes which are placed into the ++ # environment variables for the program. ++ # ++ # Allowed values are: ++ # ++ # request attributes from the request ++ # config attributes from the configuration items list ++ # reply attributes from the reply ++ # proxy-request attributes from the proxy request ++ # proxy-reply attributes from the proxy reply ++ # ++ # Note that some attributes may not exist at some ++ # stages. e.g. There may be no proxy-reply ++ # attributes if this module is used in the ++ # 'authorize' section. ++ # ++ input_pairs = request ++ ++ # ++ # Where to place the output attributes (if any) from ++ # the executed program. The values allowed, and the ++ # restrictions as to availability, are the same as ++ # for the input_pairs. ++ # ++ output_pairs = reply ++ ++ # ++ # When to execute the program. If the packet ++ # type does NOT match what's listed here, then ++ # the module does NOT execute the program. ++ # ++ # For a list of allowed packet types, see ++ # the 'dictionary' file, and look for VALUEs ++ # of the Packet-Type attribute. ++ # ++ # By default, the module executes on ANY packet. ++ # Un-comment out the following line to tell the ++ # module to execute only if an Access-Accept is ++ # being sent to the NAS. ++ # ++ #packet_type = Access-Accept ++ } ++ ++ # Do server side ip pool management. Should be added in post-auth and ++ # accounting sections. ++ # ++ # The module also requires the existance of the Pool-Name ++ # attribute. That way the administrator can add the Pool-Name ++ # attribute in the user profiles and use different pools ++ # for different users. The Pool-Name attribute is a *check* item not ++ # a reply item. ++ # ++ # Example: ++ # radiusd.conf: ippool students { [...] } ++ # users file : DEFAULT Group == students, Pool-Name := "students" ++ # ++ # ********* IF YOU CHANGE THE RANGE PARAMETERS YOU MUST ********* ++ # ********* THEN ERASE THE DB FILES ********* ++ # ++ ippool main_pool { ++ ++ # range-start,range-stop: The start and end ip ++ # addresses for the ip pool ++ range-start = 192.168.1.1 ++ range-stop = 192.168.3.254 ++ ++ # netmask: The network mask used for the ip's ++ netmask = 255.255.255.0 ++ ++ # cache-size: The gdbm cache size for the db ++ # files. Should be equal to the number of ip's ++ # available in the ip pool ++ cache-size = 800 ++ ++ # session-db: The main db file used to allocate ip's to clients ++ session-db = ${raddbdir}/db.ippool ++ ++ # ip-index: Helper db index file used in multilink ++ ip-index = ${raddbdir}/db.ipindex ++ ++ # override: Will this ippool override a Framed-IP-Address already set ++ override = no ++ ++ # maximum-timeout: If not zero specifies the maximum time in seconds an ++ # entry may be active. Default: 0 ++ maximum-timeout = 0 ++ } ++ ++ # $INCLUDE ${confdir}/sqlippool.conf ++ ++ # OTP token support. Not included by default. ++ # $INCLUDE ${confdir}/otp.conf ++ ++} ++ ++# Instantiation ++# ++# This section orders the loading of the modules. Modules ++# listed here will get loaded BEFORE the later sections like ++# authorize, authenticate, etc. get examined. ++# ++# This section is not strictly needed. When a section like ++# authorize refers to a module, it's automatically loaded and ++# initialized. However, some modules may not be listed in any ++# of the following sections, so they can be listed here. ++# ++# Also, listing modules here ensures that you have control over ++# the order in which they are initalized. If one module needs ++# something defined by another module, you can list them in order ++# here, and ensure that the configuration will be OK. ++# ++instantiate { ++ # ++ # Allows the execution of external scripts. ++ # The entire command line (and output) must fit into 253 bytes. ++ # ++ # e.g. Framed-Pool = `%{exec:/bin/echo foo}` ++ exec ++ ++ # ++ # The expression module doesn't do authorization, ++ # authentication, or accounting. It only does dynamic ++ # translation, of the form: ++ # ++ # Session-Timeout = `%{expr:2 + 3}` ++ # ++ # So the module needs to be instantiated, but CANNOT be ++ # listed in any other section. See 'doc/rlm_expr' for ++ # more information. ++ # ++ expr ++ ++ # ++ # We add the counter module here so that it registers ++ # the check-name attribute before any module which sets ++ # it ++# daily ++} ++ ++# Authorization. First preprocess (hints and huntgroups files), ++# then realms, and finally look in the "users" file. ++# ++# The order of the realm modules will determine the order that ++# we try to find a matching realm. ++# ++# Make *sure* that 'preprocess' comes before any realm if you ++# need to setup hints for the remote radius server ++authorize { ++ # ++ # The preprocess module takes care of sanitizing some bizarre ++ # attributes in the request, and turning them into attributes ++ # which are more standard. ++ # ++ # It takes care of processing the 'raddb/hints' and the ++ # 'raddb/huntgroups' files. ++ # ++ # It also adds the %{Client-IP-Address} attribute to the request. ++ preprocess ++ ++ # ++ # If you want to have a log of authentication requests, ++ # un-comment the following line, and the 'detail auth_log' ++ # section, above. ++# auth_log ++ ++# attr_filter ++ ++ # ++ # The chap module will set 'Auth-Type := CHAP' if we are ++ # handling a CHAP request and Auth-Type has not already been set ++ chap ++ ++ # ++ # If the users are logging in with an MS-CHAP-Challenge ++ # attribute for authentication, the mschap module will find ++ # the MS-CHAP-Challenge attribute, and add 'Auth-Type := MS-CHAP' ++ # to the request, which will cause the server to then use ++ # the mschap module for authentication. ++ mschap ++ ++ # ++ # If you have a Cisco SIP server authenticating against ++ # FreeRADIUS, uncomment the following line, and the 'digest' ++ # line in the 'authenticate' section. ++# digest ++ ++ # ++ # Look for IPASS style 'realm/', and if not found, look for ++ # '@realm', and decide whether or not to proxy, based on ++ # that. ++# IPASS ++ ++ # ++ # If you are using multiple kinds of realms, you probably ++ # want to set "ignore_null = yes" for all of them. ++ # Otherwise, when the first style of realm doesn't match, ++ # the other styles won't be checked. ++ # ++ suffix ++# ntdomain ++ ++ # ++ # This module takes care of EAP-MD5, EAP-TLS, and EAP-LEAP ++ # authentication. ++ # ++ # It also sets the EAP-Type attribute in the request ++ # attribute list to the EAP type from the packet. ++ eap ++ ++ # ++ # Read the 'users' file ++ files ++ ++ # ++ # Look in an SQL database. The schema of the database ++ # is meant to mirror the "users" file. ++ # ++ # See "Authorization Queries" in sql.conf ++# sql ++ ++ # ++ # If you are using /etc/smbpasswd, and are also doing ++ # mschap authentication, the un-comment this line, and ++ # configure the 'etc_smbpasswd' module, above. ++# etc_smbpasswd ++ ++ # ++ # The ldap module will set Auth-Type to LDAP if it has not ++ # already been set ++# ldap ++ ++ # ++ # Enforce daily limits on time spent logged in. ++# daily ++ ++ # ++ # Use the checkval module ++# checkval ++} ++ ++ ++# Authentication. ++# ++# ++# This section lists which modules are available for authentication. ++# Note that it does NOT mean 'try each module in order'. It means ++# that a module from the 'authorize' section adds a configuration ++# attribute 'Auth-Type := FOO'. That authentication type is then ++# used to pick the apropriate module from the list below. ++# ++ ++# In general, you SHOULD NOT set the Auth-Type attribute. The server ++# will figure it out on its own, and will do the right thing. The ++# most common side effect of erroneously setting the Auth-Type ++# attribute is that one authentication method will work, but the ++# others will not. ++# ++# The common reasons to set the Auth-Type attribute by hand ++# is to either forcibly reject the user, or forcibly accept him. ++# ++authenticate { ++ # ++ # PAP authentication, when a back-end database listed ++ # in the 'authorize' section supplies a password. The ++ # password can be clear-text, or encrypted. ++ Auth-Type PAP { ++ pap ++ } ++ ++ # ++ # Most people want CHAP authentication ++ # A back-end database listed in the 'authorize' section ++ # MUST supply a CLEAR TEXT password. Encrypted passwords ++ # won't work. ++ Auth-Type CHAP { ++ chap ++ } ++ ++ # ++ # MSCHAP authentication. ++ Auth-Type MS-CHAP { ++ mschap ++ } ++ ++ # ++ # If you have a Cisco SIP server authenticating against ++ # FreeRADIUS, uncomment the following line, and the 'digest' ++ # line in the 'authorize' section. ++# digest ++ ++ # ++ # Pluggable Authentication Modules. ++# pam ++ ++ # ++ # See 'man getpwent' for information on how the 'unix' ++ # module checks the users password. Note that packets ++ # containing CHAP-Password attributes CANNOT be authenticated ++ # against /etc/passwd! See the FAQ for details. ++ # ++ unix ++ ++ # Uncomment it if you want to use ldap for authentication ++ # ++ # Note that this means "check plain-text password against ++ # the ldap database", which means that EAP won't work, ++ # as it does not supply a plain-text password. ++# Auth-Type LDAP { ++# ldap ++# } ++ ++ # ++ # Allow EAP authentication. ++ eap ++} ++ ++ ++# ++# Pre-accounting. Decide which accounting type to use. ++# ++preacct { ++ preprocess ++ ++ # ++ # Ensure that we have a semi-unique identifier for every ++ # request, and many NAS boxes are broken. ++ acct_unique ++ ++ # ++ # Look for IPASS-style 'realm/', and if not found, look for ++ # '@realm', and decide whether or not to proxy, based on ++ # that. ++ # ++ # Accounting requests are generally proxied to the same ++ # home server as authentication requests. ++# IPASS ++ suffix ++# ntdomain ++ ++ # ++ # Read the 'acct_users' file ++ files ++} ++ ++# ++# Accounting. Log the accounting data. ++# ++accounting { ++ # ++ # Create a 'detail'ed log of the packets. ++ # Note that accounting requests which are proxied ++ # are also logged in the detail file. ++ detail ++# daily ++ ++ # Update the wtmp file ++ # ++ # If you don't use "radlast", you can delete this line. ++ unix ++ ++ # ++ # For Simultaneous-Use tracking. ++ # ++ # Due to packet losses in the network, the data here ++ # may be incorrect. There is little we can do about it. ++ radutmp ++# sradutmp ++ ++ # Return an address to the IP Pool when we see a stop record. ++# main_pool ++ ++ # ++ # Log traffic to an SQL database. ++ # ++ # See "Accounting queries" in sql.conf ++# sql ++ ++ # ++ # Instead of sending the query to the SQL server, ++ # write it into a log file. ++ # ++# sql_log ++ ++ # Cisco VoIP specific bulk accounting ++# pgsql-voip ++ ++} ++ ++ ++# Session database, used for checking Simultaneous-Use. Either the radutmp ++# or rlm_sql module can handle this. ++# The rlm_sql module is *much* faster ++session { ++ radutmp ++ ++ # ++ # See "Simultaneous Use Checking Querie" in sql.conf ++# sql ++} ++ ++ ++# Post-Authentication ++# Once we KNOW that the user has been authenticated, there are ++# additional steps we can take. ++post-auth { ++ # Get an address from the IP Pool. ++# main_pool ++ ++ # ++ # If you want to have a log of authentication replies, ++ # un-comment the following line, and the 'detail reply_log' ++ # section, above. ++# reply_log ++ ++ # ++ # After authenticating the user, do another SQL query. ++ # ++ # See "Authentication Logging Queries" in sql.conf ++# sql ++ ++ # ++ # Instead of sending the query to the SQL server, ++ # write it into a log file. ++ # ++# sql_log ++ ++ # ++ # Un-comment the following if you have set ++ # 'edir_account_policy_check = yes' in the ldap module sub-section of ++ # the 'modules' section. ++ # ++# ldap ++ # ++ # Access-Reject packets are sent through the REJECT sub-section of the ++ # post-auth section. ++ # Uncomment the following and set the module name to the ldap instance ++ # name if you have set 'edir_account_policy_check = yes' in the ldap ++ # module sub-section of the 'modules' section. ++ # ++# Post-Auth-Type REJECT { ++# insert-module-name-here ++# } ++ ++} ++ ++# ++# When the server decides to proxy a request to a home server, ++# the proxied request is first passed through the pre-proxy ++# stage. This stage can re-write the request, or decide to ++# cancel the proxy. ++# ++# Only a few modules currently have this method. ++# ++pre-proxy { ++# attr_rewrite ++ ++ # Uncomment the following line if you want to change attributes ++ # as defined in the preproxy_users file. ++# files ++ ++ # If you want to have a log of packets proxied to a home ++ # server, un-comment the following line, and the ++ # 'detail pre_proxy_log' section, above. ++# pre_proxy_log ++} ++ ++# ++# When the server receives a reply to a request it proxied ++# to a home server, the request may be massaged here, in the ++# post-proxy stage. ++# ++post-proxy { ++ ++ # If you want to have a log of replies from a home server, ++ # un-comment the following line, and the 'detail post_proxy_log' ++ # section, above. ++# post_proxy_log ++ ++# attr_rewrite ++ ++ # Uncomment the following line if you want to filter replies from ++ # remote proxies based on the rules defined in the 'attrs' file. ++ ++# attr_filter ++ ++ # ++ # If you are proxying LEAP, you MUST configure the EAP ++ # module, and you MUST list it here, in the post-proxy ++ # stage. ++ # ++ # You MUST also use the 'nostrip' option in the 'realm' ++ # configuration. Otherwise, the User-Name attribute ++ # in the proxied request will not match the user name ++ # hidden inside of the EAP packet, and the end server will ++ # reject the EAP request. ++ # ++ eap ++} +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/share/dictionary freeradius-1.1.3/share/dictionary +--- freeradius-1.1.3.orig/share/dictionary 2006-07-27 01:00:19.000000000 +0200 ++++ freeradius-1.1.3/share/dictionary 2006-10-11 14:08:12.000000000 +0200 +@@ -52,7 +52,19 @@ + # this directive to the end of this file if you want to see the + # old names in the logfiles, INSTEAD OF the new names. + # +-$INCLUDE dictionary.compat ++#$INCLUDE dictionary.compat ++ ++$INCLUDE dictionary.jradius ++$INCLUDE dictionary.chillispot ++$INCLUDE dictionary.lancom ++$INCLUDE dictionary.garderos ++$INCLUDE dictionary.ser ++ ++$INCLUDE dictionary.altiga ++$INCLUDE dictionary.aptis ++$INCLUDE dictionary.avaya ++$INCLUDE dictionary.motorola ++$INCLUDE dictionary.nokia + + # + # Include the RFC dictionaries next. +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/share/dictionary.chillispot freeradius-1.1.3/share/dictionary.chillispot +--- freeradius-1.1.3.orig/share/dictionary.chillispot 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.3/share/dictionary.chillispot 2006-10-11 14:08:12.000000000 +0200 +@@ -0,0 +1,20 @@ ++# ++# ChilliSpot dictionary. ++# ++# Enable by putting the line "$INCLUDE dictionary.chillispot" ++# into the main dictionary file. ++# ++# ++ ++VENDOR ChilliSpot 14559 ++ ++# ++# ChilliSpot Vendor Specific Extensions ++# ++# ++ATTRIBUTE ChilliSpot-Max-Input-Octets 1 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Max-Output-Octets 2 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Max-Total-Octets 3 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Bandwidth-Max-Up 4 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Bandwidth-Max-Down 5 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Config 6 string ChilliSpot +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/share/dictionary.jradius freeradius-1.1.3/share/dictionary.jradius +--- freeradius-1.1.3.orig/share/dictionary.jradius 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.3/share/dictionary.jradius 2006-10-11 14:08:12.000000000 +0200 +@@ -0,0 +1,4 @@ ++VENDOR JRadius 19211 ++ATTRIBUTE JRadius-Request-Id 1 string JRadius ++ATTRIBUTE JRadius-Session-Id 2 string JRadius ++ATTRIBUTE JRadius-Proxy-Client 3 octets JRadius +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/share/dictionary.lancom freeradius-1.1.3/share/dictionary.lancom +--- freeradius-1.1.3.orig/share/dictionary.lancom 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.3/share/dictionary.lancom 2006-10-11 14:08:12.000000000 +0200 +@@ -0,0 +1,12 @@ ++VENDOR Lancom 16787 ++ATTRIBUTE Lancom-Location-ID 1 string Lancom ++ATTRIBUTE Lancom-Location-Name 2 string Lancom ++ATTRIBUTE Lancom-Logoff-URL 3 string Lancom ++ATTRIBUTE Lancom-Redirection-URL 4 string Lancom ++ATTRIBUTE Lancom-Bandwidth-Min-Up 5 integer Lancom ++ATTRIBUTE Lancom-Bandwidth-Min-Down 6 integer Lancom ++ATTRIBUTE Lancom-Bandwidth-Max-Up 7 integer Lancom ++ATTRIBUTE Lancom-Bandwidth-Max-Down 8 integer Lancom ++ATTRIBUTE Lancom-Session-Terminate-Time 9 string Lancom ++ATTRIBUTE Lancom-Session-Terminate-End-Of-Day 10 string Lancom ++ATTRIBUTE Lancom-Billing-Class-Of-Service 11 string Lancom +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/share/dictionary.ser freeradius-1.1.3/share/dictionary.ser +--- freeradius-1.1.3.orig/share/dictionary.ser 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.3/share/dictionary.ser 2006-10-11 14:08:12.000000000 +0200 +@@ -0,0 +1,49 @@ ++# ++# $Id: freeradius-1.1.2.patch,v 1.1 2006/08/19 19:11:47 picopoint Exp $ ++# ++# SIP RADIUS attributes ++# ++# Schulzrinne indicates attributes according to ++# draft-schulzrinne-sipping-radius-accounting-00 ++# ++# Sterman indicates attributes according to ++# draft-sterman-aaa-sip-00 ++# ++# Standard indicates a standard RADIUS attribute ++# which is missing in radiusclient dictionary ++# ++# Digest indicates attributes according to ++# ++# Proprietary indicates an attribute that hasn't ++# been standardized ++# ++ ++### acc ### ++ATTRIBUTE Sip-Method 101 integer # Schulzrinne ++ATTRIBUTE Sip-Response-Code 102 integer # Schulzrinne ++ATTRIBUTE Sip-Cseq 103 string # Schulzrinne ++ATTRIBUTE Sip-To-Tag 104 string # Schulzrinne ++ATTRIBUTE Sip-From-Tag 105 string # Schulzrinne ++ATTRIBUTE Sip-Branch-Id 106 string # Schulzrinne ++ATTRIBUTE Sip-Translated-Req-ID 107 string # Schulzrinne ++ATTRIBUTE Sip-Source-Ip-Address 108 ipaddr # Schulzrinne ++ATTRIBUTE Sip-Source-Port 109 integer # Schulzrinne ++ ++ATTRIBUTE Digest-Response 206 string # Sterman ++ATTRIBUTE Digest-Attributes 207 string # Sterman ++ ++ATTRIBUTE Sip-Uri-User 208 string # Proprietary ++ATTRIBUTE Sip-Rpid 213 string # Proprietary ++ ++ATTRIBUTE Digest-Realm 1063 string # Sterman ++ATTRIBUTE Digest-Nonce 1064 string # Sterman ++ATTRIBUTE Digest-Method 1065 string # Sterman ++ATTRIBUTE Digest-Uri 1066 string # Sterman ++ATTRIBUTE Digest-Qop 1067 string # Sterman ++ATTRIBUTE Digest-Algorithm 1068 string # Sterman ++ATTRIBUTE Digest-Body-Digest 1069 string # Sterman ++ATTRIBUTE Digest-Cnonce 1070 string # Sterman ++ATTRIBUTE Digest-Nonce-Count 1071 string # Sterman ++ATTRIBUTE Digest-User-Name 1072 string # Sterman ++ ++ATTRIBUTE Sip-Group 211 string # Proprietary +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/src/modules/rlm_jradius/configure freeradius-1.1.3/src/modules/rlm_jradius/configure +--- freeradius-1.1.3.orig/src/modules/rlm_jradius/configure 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.3/src/modules/rlm_jradius/configure 2006-10-11 14:08:12.000000000 +0200 +@@ -0,0 +1,4 @@ ++#! /bin/sh ++ ++echo "did nothing" ++ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/src/modules/rlm_jradius/jradius.conf freeradius-1.1.3/src/modules/rlm_jradius/jradius.conf +--- freeradius-1.1.3.orig/src/modules/rlm_jradius/jradius.conf 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.3/src/modules/rlm_jradius/jradius.conf 2006-10-11 14:08:12.000000000 +0200 +@@ -0,0 +1,15 @@ ++ ++jradius { ++ name = "example" # Name of the JRadius Application ++ # (known as "Sender" in JRadius) ++ primary = "127.0.0.1" # Primary JRadius Server ++ # (using default port of 1814) ++ secondary = "192.168.1.2:1815" # Secondary JRadius Server (port 1815) ++ tertiary = "192.168.1.2:1816" # Tertiary JRadius Server ++ timeout = 1 # JRadius Server Connect Timeout (default 5) ++ onfail = NOOP # What to do if no JRadius ++ # Server is found. Options are: ++ # FAIL (default), OK, REJECT, NOOP ++ keepalive = yes # Keep connections to JRadius pooled ++ connections = 8 # Number of pooled JRadius connections ++} +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/src/modules/rlm_jradius/Makefile freeradius-1.1.3/src/modules/rlm_jradius/Makefile +--- freeradius-1.1.3.orig/src/modules/rlm_jradius/Makefile 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.3/src/modules/rlm_jradius/Makefile 2006-10-11 14:08:12.000000000 +0200 +@@ -0,0 +1,13 @@ ++TARGET = rlm_jradius ++SRCS = rlm_jradius.c ++HEADERS = ++RLM_CFLAGS = ++RLM_LIBS = ++ ++## this uses the RLM_CFLAGS and RLM_LIBS and SRCS defs to make TARGET. ++include ../rules.mak ++ ++$(STATIC_OBJS): $(HEADERS) ++ ++$(DYNAMIC_OBJS): $(HEADERS) ++ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/src/modules/rlm_jradius/rlm_jradius.c freeradius-1.1.3/src/modules/rlm_jradius/rlm_jradius.c +--- freeradius-1.1.3.orig/src/modules/rlm_jradius/rlm_jradius.c 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.3/src/modules/rlm_jradius/rlm_jradius.c 2006-10-11 14:08:33.000000000 +0200 +@@ -0,0 +1,965 @@ ++/** ++ * rlm_jradius - The FreeRADIUS JRadius Server Module ++ * Copyright (C) 2004-2006 PicoPoint, B.V. ++ * ++ * This program is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by the ++ * Free Software Foundation; either version 2 of the License, or (at your ++ * option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * for more details. ++ * ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ++ * ++ * Author(s): David Bird ++ */ ++ ++/*#define FRv2 1*/ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#ifdef FRv2 ++#include ++#include ++#include ++#include ++#include ++#define STR_VALUE(p) ((p)->data.strvalue) ++#else ++#include "autoconf.h" ++#include "libradius.h" ++#include "radiusd.h" ++#include "modules.h" ++#include "conffile.h" ++#define STR_VALUE(p) ((p)->strvalue) ++#endif ++ ++#ifdef HAVE_PTHREAD_H ++#include ++#endif ++ ++#ifdef HAVE_SYS_SOCKET_H ++#include ++#endif ++ ++#ifndef O_NONBLOCK ++#define O_NONBLOCK O_NDELAY ++#endif ++ ++static const char rcsid[] = "$Id: rlm_jradius.c,v 1.20 2006/05/24 13:58:57 picopoint Exp $"; ++ ++static const int JRADIUS_PORT = 1814; ++static const int HALF_MESSAGE_LEN = 16384; ++static const int MESSAGE_LEN = 32768; ++ ++static const int JRADIUS_authenticate = 1; ++static const int JRADIUS_authorize = 2; ++static const int JRADIUS_preacct = 3; ++static const int JRADIUS_accounting = 4; ++static const int JRADIUS_checksimul = 5; ++static const int JRADIUS_pre_proxy = 6; ++static const int JRADIUS_post_proxy = 7; ++static const int JRADIUS_post_auth = 8; ++ ++#define LOG_PREFIX "rlm_jradius: " ++#define MAX_HOSTS 4 ++ ++typedef struct jradius_socket { ++ int id; ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_t mutex; ++#endif ++ struct jradius_socket *next; ++ enum { is_connected, not_connected } state; ++ ++ union { ++ int sock; ++ } con; ++} JRSOCK; ++ ++typedef struct jradius_inst { ++ time_t connect_after; ++ JRSOCK * sock_pool; ++ JRSOCK * last_used; ++ ++ char * name; ++ char * host [MAX_HOSTS]; ++ uint32_t ipaddr [MAX_HOSTS]; ++ int port [MAX_HOSTS]; ++ int timeout; ++ int allow_codechange; ++ int allow_idchange; ++ int onfail; ++ char * onfail_s; ++ int keepalive; ++ int jrsock_cnt; ++} JRADIUS; ++ ++typedef struct _byte_array ++{ ++ unsigned int size; ++ unsigned int pos; ++ unsigned int left; ++ unsigned char * b; ++} byte_array; ++ ++static CONF_PARSER module_config[] = { ++ { "name", PW_TYPE_STRING_PTR, offsetof(JRADIUS, name), NULL, "localhost"}, ++ { "primary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[0]), NULL, "localhost"}, ++ { "secondary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[1]), NULL, NULL}, ++ { "tertiary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[2]), NULL, NULL}, ++ { "timeout", PW_TYPE_INTEGER, offsetof(JRADIUS, timeout), NULL, "5"}, ++ { "onfail", PW_TYPE_STRING_PTR, offsetof(JRADIUS, onfail_s), NULL, NULL}, ++ { "keepalive", PW_TYPE_BOOLEAN, offsetof(JRADIUS, keepalive), NULL, "yes"}, ++ { "connections", PW_TYPE_INTEGER, offsetof(JRADIUS, jrsock_cnt), NULL, "8"}, ++ { "allow_codechange", PW_TYPE_BOOLEAN, offsetof(JRADIUS, allow_codechange), NULL, "no"}, ++ { "allow_idchange", PW_TYPE_BOOLEAN, offsetof(JRADIUS, allow_idchange), NULL, "no"}, ++ { NULL, -1, 0, NULL, NULL } ++}; ++ ++static int connect_socket(JRSOCK *jrsock, JRADIUS *inst) ++{ ++ struct sockaddr_in local_addr, serv_addr; ++ int i, connected = 0; ++ char buff[128]; ++ int sock; ++ ++ /* ++ * Connect to jradius servers until we succeed or die trying ++ */ ++ for (i = 0; !connected && i < MAX_HOSTS && inst->ipaddr[i] > 0; i++) { ++ ++ /* ++ * Allocate a TCP socket ++ */ ++ if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not allocate TCP socket"); ++ goto failed; ++ } ++ ++ /* ++ * If we have a timeout value set, make the socket non-blocking ++ */ ++ if (inst->timeout > 0 && ++ fcntl(sock, F_SETFL, fcntl(sock, F_GETFL, 0) | O_NONBLOCK) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not set non-blocking on socket"); ++ goto failed; ++ } ++ ++ /* ++ * Bind to any local port ++ */ ++ memset(&local_addr, 0, sizeof(local_addr)); ++ local_addr.sin_family = AF_INET; ++ local_addr.sin_addr.s_addr = htonl(INADDR_ANY); ++ local_addr.sin_port = htons(0); ++ ++ if (bind(sock, (struct sockaddr *) &local_addr, sizeof(local_addr)) < 0) { ++ radlog(L_ERR, LOG_PREFIX "could not locally bind TCP socket"); ++ goto failed; ++ } ++ ++ /* ++ * Attempt connection to remote server ++ */ ++ memset(&serv_addr, 0, sizeof(serv_addr)); ++ serv_addr.sin_family = AF_INET; ++ memcpy((char *) &serv_addr.sin_addr, &(inst->ipaddr[i]), 4); ++ serv_addr.sin_port = htons(inst->port[i]); ++ ++ if (connect(sock, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0) { ++ if (inst->timeout > 0 && (errno == EINPROGRESS || errno == EWOULDBLOCK)) { ++ /* ++ * Wait to see if non-blocking socket connects or times-out ++ */ ++ struct pollfd pfd; ++ memset(&pfd, 0, sizeof(pfd)); ++ ++ pfd.fd = sock; ++ pfd.events = POLLOUT; ++ ++ if (poll(&pfd, 1, inst->timeout * 1000) == 1 && pfd.revents) { ++ /* ++ * Lets make absolutely sure we are connected ++ */ ++ struct sockaddr_in sa; ++ unsigned int salen = sizeof(sa); ++ if (getpeername(sock, (struct sockaddr *) &sa, &salen) != -1) { ++ /* ++ * CONNECTED! break out of for-loop ++ */ ++ connected = 1; ++ break; ++ } ++ } ++ } ++ ++ /* ++ * Timed-out ++ */ ++ radlog(L_ERR, LOG_PREFIX "could not connect to %s:%d", ++ ip_ntoa(buff, inst->ipaddr[i]), inst->port[i]); ++ ++ } else { ++ /* ++ * CONNECTED (instantly)! break out of for-loop ++ */ ++ connected = 1; ++ break; ++ } ++ ++ /* ++ * Unable to connect, cleanup and start over ++ */ ++ close(sock); sock=0; ++ } ++ ++ if (!connected) { ++ radlog(L_ERR, LOG_PREFIX "could not find any jradius server!"); ++ goto failed; ++ } ++ ++ /* ++ * If we previously set the socket to non-blocking, restore blocking ++ */ ++ if (inst->timeout > 0 && ++ fcntl(sock, F_SETFL, fcntl(sock, F_GETFL, 0) & ~O_NONBLOCK) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not set blocking on socket"); ++ goto failed; ++ } ++ ++ jrsock->state = is_connected; ++ jrsock->con.sock = sock; ++ return 1; ++ ++ failed: ++ if (sock > 0) { shutdown(sock, 2); close(sock); } ++ jrsock->state = not_connected; ++ return 0; ++} ++ ++static void close_socket(JRADIUS * inst, JRSOCK *jrsock) { ++ radlog(L_INFO, "rlm_jradius: Closing JRadius connection %d", jrsock->id); ++ if (jrsock->con.sock > 0) { ++ shutdown(jrsock->con.sock, 2); ++ close(jrsock->con.sock); ++ } ++ jrsock->state = not_connected; ++ jrsock->con.sock = 0; ++} ++ ++static void free_socket(JRADIUS * inst, JRSOCK *jrsock) { ++ close_socket(inst, jrsock); ++ if (inst->keepalive) { ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_destroy(&jrsock->mutex); ++#endif ++ free(jrsock); ++ } ++} ++ ++static int socket_send(JRSOCK *jrsock, unsigned char *b, unsigned int blen) { ++ return send(jrsock->con.sock, b, blen, 0); ++} ++ ++static int init_socketpool(JRADIUS * inst) ++{ ++ int i, rcode; ++ int success = 0; ++ JRSOCK *jrsock; ++ ++ inst->connect_after = 0; ++ inst->sock_pool = NULL; ++ ++ for (i = 0; i < inst->jrsock_cnt; i++) { ++ radlog(L_INFO, "rlm_jradius: starting JRadius connection %d", i); ++ ++ if ((jrsock = rad_malloc(sizeof(*jrsock))) == 0) return -1; ++ ++ memset(jrsock, 0, sizeof(*jrsock)); ++ jrsock->id = i; ++ jrsock->state = not_connected; ++ ++#ifdef HAVE_PTHREAD_H ++ rcode = pthread_mutex_init(&jrsock->mutex,NULL); ++ if (rcode != 0) { ++ radlog(L_ERR, "rlm_jradius: Failed to init lock: %s", strerror(errno)); ++ return 0; ++ } ++#endif ++ ++ if (time(NULL) > inst->connect_after) ++ if (connect_socket(jrsock, inst)) ++ success = 1; ++ ++ jrsock->next = inst->sock_pool; ++ inst->sock_pool = jrsock; ++ } ++ inst->last_used = NULL; ++ ++ if (!success) { ++ radlog(L_DBG, "rlm_jradius: Failed to connect to JRadius server."); ++ } ++ ++ return 1; ++} ++ ++static void free_socketpool(JRADIUS * inst) ++{ ++ JRSOCK *cur; ++ JRSOCK *next; ++ ++ for (cur = inst->sock_pool; cur; cur = next) { ++ next = cur->next; ++ free_socket(inst, cur); ++ } ++ ++ inst->sock_pool = NULL; ++} ++ ++static JRSOCK * get_socket(JRADIUS * inst) ++{ ++ JRSOCK *cur, *start; ++ int tried_to_connect = 0; ++ int unconnected = 0; ++ ++ start = inst->last_used; ++ if (!start) start = inst->sock_pool; ++ ++ cur = start; ++ ++ while (cur) { ++#ifdef HAVE_PTHREAD_H ++ if (pthread_mutex_trylock(&cur->mutex) != 0) { ++ goto next; ++ } ++#endif ++ ++ if ((cur->state == not_connected) && (time(NULL) > inst->connect_after)) { ++ radlog(L_INFO, "rlm_jradius: Trying to (re)connect unconnected handle %d", cur->id); ++ tried_to_connect++; ++ connect_socket(cur, inst); ++ } ++ ++ if (cur->state == not_connected) { ++ radlog(L_DBG, "rlm_jradius: Ignoring unconnected handle %d", cur->id); ++ unconnected++; ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_unlock(&cur->mutex); ++#endif ++ goto next; ++ } ++ ++ radlog(L_DBG, "rlm_jradius: Reserving JRadius socket id: %d", cur->id); ++ ++ if (unconnected != 0 || tried_to_connect != 0) { ++ radlog(L_INFO, "rlm_jradius: got socket %d after skipping %d unconnected handles, tried to reconnect %d though", ++ cur->id, unconnected, tried_to_connect); ++ } ++ ++ inst->last_used = cur->next; ++ return cur; ++ ++ next: ++ cur = cur->next; ++ if (!cur) cur = inst->sock_pool; ++ if (cur == start) break; ++ } ++ ++ radlog(L_INFO, "rlm_jradius: There are no sockets to use! skipped %d, tried to connect %d", ++ unconnected, tried_to_connect); ++ return NULL; ++} ++ ++static int release_socket(JRADIUS * inst, JRSOCK * jrsock) ++{ ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_unlock(&jrsock->mutex); ++#endif ++ ++ radlog(L_DBG, "rlm_jradius: Released JRadius socket id: %d", jrsock->id); ++ ++ return 0; ++} ++ ++ ++/* ++ * Initialize the jradius module ++ */ ++static int jradius_instantiate(CONF_SECTION *conf, void **instance) ++{ ++ JRADIUS *inst = (JRADIUS *) instance; ++ char host[128], b[128], *h; ++ int i, p, idx, port; ++ ++ inst = rad_malloc(sizeof(JRADIUS)); ++ memset(inst, 0, sizeof(JRADIUS)); ++ ++ if (cf_section_parse(conf, inst, module_config) < 0) { ++ free(inst); ++ return -1; ++ } ++ ++ for (i = 0, idx = 0; i < MAX_HOSTS; i++) { ++ if (inst->host[i] && strlen(inst->host[i]) < sizeof(host)) { ++ h = inst->host[i]; ++ p = JRADIUS_PORT; ++ ++ strcpy(b, h); ++ if (sscanf(b, "%[^:]:%d", host, &port) == 2) { h = host; p = port; } ++ ++ if (h) { ++#ifdef FRv2 ++ lrad_ipaddr_t ipaddr; ++ if (ip_hton(h, AF_INET, &ipaddr) < 0) { ++ radlog(L_ERR, "Can't find IP address for host %s", h); ++ continue; ++ } ++ if ((inst->ipaddr[idx] = ipaddr.ipaddr.ip4addr.s_addr) != htonl(INADDR_NONE)) { ++#else ++ if ((inst->ipaddr[idx] = ip_getaddr(h)) != htonl(INADDR_NONE)) { ++#endif ++ inst->port[idx] = p; ++ radlog(L_INFO, LOG_PREFIX "configuring jradius server %s:%d", h, p); ++ idx++; ++ } else { ++ radlog(L_ERR, LOG_PREFIX "invalid jradius server %s", h); ++ } ++ } ++ } ++ } ++ ++ if (inst->keepalive) init_socketpool(inst); ++ ++ inst->onfail = RLM_MODULE_FAIL; ++ ++ if (inst->onfail_s) { ++ if (!strcmp(inst->onfail_s, "NOOP")) inst->onfail = RLM_MODULE_NOOP; ++ else if (!strcmp(inst->onfail_s, "REJECT")) inst->onfail = RLM_MODULE_REJECT; ++ else if (!strcmp(inst->onfail_s, "OK")) inst->onfail = RLM_MODULE_OK; ++ else if (!strcmp(inst->onfail_s, "FAIL")) inst->onfail = RLM_MODULE_FAIL; ++ else radlog(L_ERR, LOG_PREFIX "invalid jradius 'onfail' state %s", inst->onfail_s); ++ } ++ ++ *instance = inst; ++ ++ return 0; ++} ++ ++/* ++ * Initialize a byte array buffer structure ++ */ ++static void init_byte_array(byte_array * ba, unsigned char *b, int blen) ++{ ++ ba->b = b; ++ ba->size = ba->left = blen; ++ ba->pos = 0; ++} ++ ++/* ++ * Pack a single byte into a byte array buffer ++ */ ++static int pack_byte(byte_array * ba, unsigned char c) ++{ ++ if (ba->left < 1) return -1; ++ ++ ba->b[ba->pos] = c; ++ ba->pos++; ++ ba->left--; ++ ++ return 0; ++} ++ ++/* ++ * Pack an array of bytes into a byte array buffer ++ */ ++static int pack_bytes(byte_array * ba, unsigned char *d, unsigned int dlen) ++{ ++ if (ba->left < dlen) return -1; ++ ++ memcpy((void *)(ba->b + ba->pos), d, dlen); ++ ba->pos += dlen; ++ ba->left -= dlen; ++ ++ return 0; ++} ++ ++/* ++ * Pack an integer into a byte array buffer (adjusting for byte-order) ++ */ ++static int pack_int(byte_array * ba, unsigned int i) ++{ ++ if (ba->left < 4) return -1; ++ ++ i = htonl(i); ++ ++ memcpy((void *)(ba->b + ba->pos), (void *)&i, 4); ++ ba->pos += 4; ++ ba->left -= 4; ++ ++ return 0; ++} ++ ++/* ++ * Pack one byte array buffer into another byte array buffer ++ */ ++static int pack_array(byte_array * ba, byte_array * a) ++{ ++ if (ba->left < a->pos) return -1; ++ ++ memcpy((void *)(ba->b + ba->pos), (void *)a->b, a->pos); ++ ba->pos += a->pos; ++ ba->left -= a->pos; ++ ++ return 0; ++} ++ ++/* ++ * Pack radius attributes into a byte array buffer ++ */ ++static int pack_vps(byte_array * ba, VALUE_PAIR * vps) ++{ ++ VALUE_PAIR * vp; ++ ++ for (vp = vps; vp != NULL; vp = vp->next) { ++ ++ radlog(L_DBG, LOG_PREFIX "packing attribute %s (type: %d; len: %d)", ++ vp->name, vp->attribute, vp->length); ++ ++ if (pack_int(ba, vp->attribute) == -1) return -1; ++ if (pack_int(ba, vp->length) == -1) return -1; ++ if (pack_int(ba, vp->operator) == -1) return -1; ++ ++ switch (vp->type) { ++ case PW_TYPE_INTEGER: ++ case PW_TYPE_DATE: ++ if (pack_int(ba, vp->lvalue) == -1) return -1; ++ break; ++ case PW_TYPE_IPADDR: ++ if (pack_bytes(ba, (void *)&vp->lvalue, vp->length) == -1) return -1; ++ break; ++ default: ++ if (pack_bytes(ba, (void *)STR_VALUE(vp), vp->length) == -1) return -1; ++ break; ++ } ++ } ++ ++ return 0; ++} ++ ++/* ++ * Pack a radius packet into a byte array buffer ++ */ ++static int pack_packet(byte_array * ba, RADIUS_PACKET * p) ++{ ++ /*unsigned char code = p->code;*/ ++ unsigned char buff[HALF_MESSAGE_LEN]; ++ byte_array pba; ++ ++ init_byte_array(&pba, buff, sizeof(buff)); ++ ++ if (pack_vps (&pba, p->vps) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "packing packet with code: %d (attr length: %d)", p->code, pba.pos); ++ ++ if (pack_byte (ba, p->code) == -1) return -1; ++ if (pack_byte (ba, p->id) == -1) return -1; ++ if (pack_int (ba, pba.pos) == -1) return -1; ++ if (pba.pos == 0) return 0; ++ if (pack_array (ba, &pba) == -1) return -1; ++ ++ return 0; ++} ++ ++static int pack_request(byte_array * ba, REQUEST *r) ++{ ++ unsigned char buff[HALF_MESSAGE_LEN]; ++ byte_array pba; ++ ++ init_byte_array(&pba, buff, sizeof(buff)); ++ ++ if (pack_vps (&pba, r->config_items) == -1) return -1; ++ if (pack_int (ba, pba.pos) == -1) return -1; ++ if (pba.pos == 0) return 0; ++ if (pack_array (ba, &pba) == -1) return -1; ++ ++ return 0; ++} ++ ++/* ++ * Read a single byte from socket ++ */ ++static int read_byte(JRSOCK *jrsock, unsigned char *b) ++{ ++ return (read(jrsock->con.sock, b, 1) == 1) ? 0 : -1; ++} ++ ++static void unpack_int(unsigned char *c, unsigned int *i) ++{ ++ unsigned int ii; ++ memcpy((void *)&ii, c, 4); ++ *i = ntohl(ii); ++} ++ ++/* ++ * Read an integer from the socket (adjusting for byte-order) ++ */ ++static int read_int(JRSOCK *jrsock, unsigned int *i) ++{ ++ unsigned char c[4]; ++ ++ if (read(jrsock->con.sock, c, 4) != 4) return -1; ++ unpack_int(c, i); ++ ++ return 0; ++} ++ ++/* ++ * Read a value-pair list from the socket ++ */ ++static int read_vps(JRSOCK *jrsock, VALUE_PAIR **pl, int plen) ++{ ++ VALUE_PAIR *vp; ++ unsigned char buff[MESSAGE_LEN]; ++ unsigned int alen, atype, aop; ++ int rlen = 0; ++ ++ while (rlen < plen) { ++ if (read_int (jrsock, &atype) == -1) return -1; rlen += 4; ++ if (read_int (jrsock, &alen) == -1) return -1; rlen += 4; ++ if (read_int (jrsock, &aop) == -1) return -1; rlen += 4; ++ ++ radlog(L_DBG, LOG_PREFIX "reading attribute: type=%d; len=%d", atype, alen); ++ ++ if (alen >= sizeof(buff)) { ++ radlog(L_ERR, LOG_PREFIX "packet value too large (len: %d)", alen); ++ return -1; ++ } ++ ++ if (read(jrsock->con.sock, buff, alen) != (int)alen) return -1; rlen += alen; ++ buff[alen]=0; ++ ++ /* ++ * Create new attribute ++ */ ++ vp = paircreate(atype, -1); ++ vp->operator = aop; ++ ++ if (vp->type == -1) { ++ /* ++ * FreeRADIUS should know about the same attributes that JRadius knows ++ */ ++ radlog(L_ERR, LOG_PREFIX "received attribute we do not recognize (type: %d)", atype); ++ pairbasicfree(vp); ++ continue; ++ } ++ ++ /* ++ * Fill in the attribute value based on type ++ */ ++ switch (vp->type) { ++ case PW_TYPE_INTEGER: ++ case PW_TYPE_DATE: ++ { ++ unpack_int(buff, &vp->lvalue); ++ vp->length = 4; ++ } ++ break; ++ ++ case PW_TYPE_IPADDR: ++ memcpy((void *)&vp->lvalue, buff, 4); ++ vp->length = 4; ++ break; ++ ++ default: ++ if (alen < sizeof(STR_VALUE(vp))) { ++ memcpy((void *)STR_VALUE(vp), buff, alen); ++ vp->length = alen; ++ } ++ break; ++ } ++ ++ /* ++ * Add the attribute to the packet ++ */ ++ pairadd(pl, vp); ++ } ++ ++ return rlen; ++} ++ ++/* ++ * Read a radius packet from the socket ++ */ ++static int read_packet(JRADIUS * inst, JRSOCK *jrsock, RADIUS_PACKET *p) ++{ ++ unsigned char code; ++ unsigned char id; ++ unsigned int plen; ++ ++ if (read_byte (jrsock, &code) == -1) return -1; ++ if (read_byte (jrsock, &id) == -1) return -1; ++ if (read_int (jrsock, &plen) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "reading packet: code=%d len=%d", (int)code, plen); ++ ++ if (inst->allow_codechange) ++ if (code != p->code) { ++ radlog(L_INFO, LOG_PREFIX "changing packet code from %d to %d", p->code, code); ++ p->code = code; ++ } ++ ++ if (inst->allow_idchange) ++ if (id != p->id) { ++ radlog(L_INFO, LOG_PREFIX "changing packet id from %d to %d", p->id, id); ++ p->id = id; ++ } ++ ++ /* ++ * Delete previous attribute list ++ */ ++ pairfree(&p->vps); ++ ++ if (plen == 0) return 0; ++ ++ if (read_vps (jrsock, &p->vps, plen) == -1) return -1; ++ ++ return 0; ++} ++ ++static int read_request(JRSOCK *jrsock, REQUEST *p) ++{ ++ unsigned int plen; ++ ++ if (read_int(jrsock, &plen) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "reading request: config_item: len=%d", plen); ++ ++ /* ++ * Delete previous attribute list ++ */ ++ pairfree(&p->config_items); ++ ++ if (plen == 0) return 0; ++ ++ if (read_vps(jrsock, &p->config_items, plen) == -1) return -1; ++ ++ return 0; ++} ++ ++static int rlm_jradius_call(char func, void *instance, REQUEST *req, int isproxy) ++{ ++ JRADIUS * inst = instance; ++ RADIUS_PACKET * request = isproxy ? req->proxy : req->packet; ++ RADIUS_PACKET * reply = isproxy ? req->proxy_reply : req->reply; ++ JRSOCK * jrsock = 0; ++ JRSOCK sjrsock; ++ ++ int exitstatus = inst->onfail; ++ unsigned char rcode, pcount; ++ ++ unsigned char buff[MESSAGE_LEN]; ++ byte_array ba; ++ ++ char * n = inst->name; ++ unsigned int nlen = strlen(n); ++ const char * err = 0; ++ int rc, attempt2=0; ++ ++#define W_ERR(s) { err=s; goto packerror; } ++#define R_ERR(s) { err=s; goto parseerror; } ++ ++ if (inst->keepalive) { ++ jrsock = get_socket(inst); ++ if (!jrsock) return exitstatus; ++ } else { ++ jrsock = &sjrsock; ++ memset(jrsock, 0, sizeof(*jrsock)); ++ jrsock->state = not_connected; ++ } ++ ++ init_byte_array(&ba, buff, sizeof(buff)); ++ ++ pcount = 0; ++ if (request) pcount++; ++ if (reply) pcount++; ++ ++ /* ++ * Create byte array to send to jradius ++ */ ++ if ((rc = pack_int (&ba, nlen)) == -1) W_ERR("pack_int(nlen)"); ++ if ((rc = pack_bytes (&ba, (void *)n, nlen)) == -1) W_ERR("pack_bytes(name)"); ++ if ((rc = pack_byte (&ba, func)) == -1) W_ERR("pack_byte(fun)"); ++ if ((rc = pack_byte (&ba, pcount)) == -1) W_ERR("pack_byte(pcnt)"); ++ if (pcount > 0 && (rc = pack_packet (&ba, request)) == -1) W_ERR("pack_packet(req)"); ++ if (pcount > 1 && (rc = pack_packet (&ba, reply)) == -1) W_ERR("pack_packet(rep)"); ++ if ((rc = pack_request(&ba, req)) == -1) W_ERR("pack_request()"); ++ ++ /* ++ * Send data ++ */ ++ start_over: ++ if (jrsock->state == not_connected) { ++ if (attempt2) radlog(L_ERR, LOG_PREFIX "reconnecting socket id %d", jrsock->id); ++ if (!connect_socket(jrsock, inst)) { ++ if (attempt2) radlog(L_ERR, LOG_PREFIX "could not reconnect socket %d, giving up", jrsock->id); ++ goto cleanup; ++ } ++ } ++ radlog(L_DBG, LOG_PREFIX "sending %d bytes to socket %d", ba.pos, jrsock->id); ++ if (socket_send(jrsock, ba.b, ba.pos) != (int)ba.pos || ++ (rc = read_byte (jrsock, &rcode)) == -1) { ++ /* ++ * With an error on the write or the first read, try closing the socket ++ * and reconnecting to see if that improves matters any (tries this only once) ++ */ ++ radlog(L_ERR, LOG_PREFIX "error sending request with socket %d", jrsock->id); ++ if (!inst->keepalive || attempt2) W_ERR("socket_send/first_read"); ++ close_socket(inst, jrsock); ++ attempt2 = 1; ++ goto start_over; ++ } ++ ++ /* ++ * Read result ++ */ ++ if ((rc = read_byte (jrsock, &pcount)) == -1) R_ERR("read_byte(pcnt)"); ++ ++ radlog(L_DBG, LOG_PREFIX "return code %d; receiving %d packets", (int)rcode, (int)pcount); ++ ++ if (pcount > 0 && request) if ((rc = read_packet (inst, jrsock, request)) == -1) R_ERR("read_packet(req)"); ++ if (pcount > 1 && reply) if ((rc = read_packet (inst, jrsock, reply)) == -1) R_ERR("read_packet(rep)"); ++ ++ if ((rc = read_request (jrsock, req)) == -1) R_ERR("read_request()"); ++ ++ /* ++ * Since we deleted all the attribute lists in the request, ++ * we need to reconfigure a few pointers in the REQUEST object ++ */ ++ if (req->username) { ++ req->username = pairfind(request->vps, PW_USER_NAME); ++ } ++ if (req->password) { ++ req->password = pairfind(request->vps, PW_PASSWORD); ++ if (!req->password) req->password = pairfind(request->vps, PW_CHAP_PASSWORD); ++ } ++ ++ /* ++ * All done, set return code and cleanup ++ */ ++ exitstatus = (int)rcode; ++ goto cleanup; ++ ++ parseerror: ++ radlog(L_ERR, LOG_PREFIX "problem parsing the data [%s]",err); ++ if (inst->keepalive) close_socket(inst, jrsock); ++ goto cleanup; ++ ++ packerror: ++ radlog(L_ERR, LOG_PREFIX "problem packing the data[%s]",err); ++ if (inst->keepalive) close_socket(inst, jrsock); ++ ++ cleanup: ++ if (inst->keepalive) ++ release_socket(inst, jrsock); ++ else ++ close_socket(inst, jrsock); ++ ++ return exitstatus; ++} ++ ++static int jradius_authenticate(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_authenticate, instance, request, 0); ++} ++ ++static int jradius_authorize(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_authorize, instance, request, 0); ++} ++ ++static int jradius_preacct(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_preacct, instance, request, 0); ++} ++ ++static int jradius_accounting(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_accounting, instance, request, 0); ++} ++ ++static int jradius_checksimul(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_checksimul, instance, request, 0); ++} ++ ++static int jradius_pre_proxy(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_pre_proxy, instance, request, 1); ++} ++ ++static int jradius_post_proxy(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_post_proxy, instance, request, 1); ++} ++ ++static int jradius_post_auth(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_post_auth, instance, request, 0); ++} ++ ++static int jradius_detach(void *instance) ++{ ++ JRADIUS *inst = (JRADIUS *) instance; ++ free_socketpool(inst); ++ free(inst); ++ return 0; ++} ++ ++#ifndef FRv2 ++static int jradius_init(void) { return 0; } ++#endif ++ ++module_t rlm_jradius = { ++#ifdef FRv2 ++ RLM_MODULE_INIT, ++#endif ++ "jradius", ++ RLM_TYPE_THREAD_SAFE, ++#ifndef FRv2 ++ jradius_init, ++#endif ++ jradius_instantiate, ++#ifdef FRv2 ++ jradius_detach, ++#endif ++ { ++ jradius_authenticate, ++ jradius_authorize, ++ jradius_preacct, ++ jradius_accounting, ++ jradius_checksimul, ++ jradius_pre_proxy, ++ jradius_post_proxy, ++ jradius_post_auth ++ }, ++#ifndef FRv2 ++ jradius_detach, ++#endif ++}; ++ ++/* ++ * Connection pooling code based on rlm_sql codebase, under GPL. ++ * See radiusd/src/modules/rlm_sql/sql.c ++ */ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.3.orig/src/modules/stable freeradius-1.1.3/src/modules/stable +--- freeradius-1.1.3.orig/src/modules/stable 2005-12-14 21:58:14.000000000 +0100 ++++ freeradius-1.1.3/src/modules/stable 2006-10-11 14:08:12.000000000 +0200 +@@ -30,3 +30,4 @@ + rlm_sqlcounter + rlm_unix + rlm_checkval ++rlm_jradius diff --git a/freeradius/patch/freeradius-1.1.5.patch b/freeradius/patch/freeradius-1.1.5.patch new file mode 100644 index 0000000..7d58f96 --- /dev/null +++ b/freeradius/patch/freeradius-1.1.5.patch @@ -0,0 +1,1263 @@ +diff -baurN freeradius-1.1.5/raddb/jradius.conf freeradius-1.1.5.new/raddb/jradius.conf +--- freeradius-1.1.5/raddb/jradius.conf 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.5.new/raddb/jradius.conf 2007-03-25 20:04:51.000000000 +0200 +@@ -0,0 +1,15 @@ ++ ++jradius { ++ name = "example" # Name of the JRadius Application ++ # (known as "Sender" in JRadius) ++ primary = "127.0.0.1" # Primary JRadius Server ++ # (using default port of 1814) ++ secondary = "192.168.1.2:1815" # Secondary JRadius Server (port 1815) ++ tertiary = "192.168.1.2:1816" # Tertiary JRadius Server ++ timeout = 1 # JRadius Server Connect Timeout (default 5) ++ onfail = NOOP # What to do if no JRadius ++ # Server is found. Options are: ++ # FAIL (default), OK, REJECT, NOOP ++ keepalive = yes # Keep connections to JRadius pooled ++ connections = 8 # Number of pooled JRadius connections ++} +diff -baurN freeradius-1.1.5/raddb/Makefile freeradius-1.1.5.new/raddb/Makefile +--- freeradius-1.1.5/raddb/Makefile 2007-02-13 14:31:38.000000000 +0100 ++++ freeradius-1.1.5.new/raddb/Makefile 2007-03-25 20:04:51.000000000 +0200 +@@ -7,7 +7,7 @@ + experimental.conf hints huntgroups ldap.attrmap \ + mssql.conf naslist naspasswd oraclesql.conf postgresql.conf \ + preproxy_users proxy.conf radiusd.conf realms snmp.conf \ +- sql.conf sqlippool.conf users otp.conf otppasswd.sample ++ sql.conf sqlippool.conf users otp.conf otppasswd.sample jradius.conf + + all: + +diff -baurN freeradius-1.1.5/raddb/radiusd.conf.in freeradius-1.1.5.new/raddb/radiusd.conf.in +--- freeradius-1.1.5/raddb/radiusd.conf.in 2007-02-04 16:28:46.000000000 +0100 ++++ freeradius-1.1.5.new/raddb/radiusd.conf.in 2007-03-25 20:35:54.000000000 +0200 +@@ -536,6 +536,9 @@ + # in other sections of this configuration file. + # + modules { ++ ++$INCLUDE ${confdir}/jradius.conf ++ + # + # Each module has a configuration as follows: + # +@@ -1876,6 +1879,7 @@ + # + # Use the checkval module + # checkval ++ jradius + + # + # As of 1.1.4, you should list "pap" last in this section. +@@ -1982,6 +1986,8 @@ + suffix + # ntdomain + ++ jradius ++ + # + # Read the 'acct_users' file + files +@@ -1991,6 +1997,8 @@ + # Accounting. Log the accounting data. + # + accounting { ++ jradius ++ + # + # Create a 'detail'ed log of the packets. + # Note that accounting requests which are proxied +@@ -2086,6 +2094,10 @@ + # insert-module-name-here + # } + ++ jradius ++ Post-Auth-Type REJECT { ++ jradius ++ } + } + + # +@@ -2107,6 +2119,7 @@ + # server, un-comment the following line, and the + # 'detail pre_proxy_log' section, above. + # pre_proxy_log ++ jradius + } + + # +@@ -2140,4 +2153,5 @@ + # reject the EAP request. + # + eap ++ jradius + } +diff -baurN freeradius-1.1.5/raddb/radiusd.conf.in.rej freeradius-1.1.5.new/raddb/radiusd.conf.in.rej +--- freeradius-1.1.5/raddb/radiusd.conf.in.rej 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.5.new/raddb/radiusd.conf.in.rej 2007-03-25 20:04:51.000000000 +0200 +@@ -0,0 +1,17 @@ ++*************** ++*** 1861,1866 **** ++ # ++ # Use the checkval module ++ # checkval ++ } ++ ++ ++--- 1864,1871 ---- ++ # ++ # Use the checkval module ++ # checkval +++ +++ jradius ++ } ++ ++ +diff -baurN freeradius-1.1.5/share/dictionary freeradius-1.1.5.new/share/dictionary +--- freeradius-1.1.5/share/dictionary 2007-01-30 11:55:00.000000000 +0100 ++++ freeradius-1.1.5.new/share/dictionary 2007-03-25 20:05:03.000000000 +0200 +@@ -52,7 +52,19 @@ + # this directive to the end of this file if you want to see the + # old names in the logfiles, INSTEAD OF the new names. + # +-$INCLUDE dictionary.compat ++#$INCLUDE dictionary.compat ++ ++$INCLUDE dictionary.jradius ++$INCLUDE dictionary.chillispot ++$INCLUDE dictionary.lancom ++$INCLUDE dictionary.garderos ++$INCLUDE dictionary.ser ++ ++$INCLUDE dictionary.altiga ++$INCLUDE dictionary.aptis ++$INCLUDE dictionary.avaya ++$INCLUDE dictionary.motorola ++$INCLUDE dictionary.nokia + + # + # Include the RFC dictionaries next. +diff -baurN freeradius-1.1.5/share/dictionary.chillispot freeradius-1.1.5.new/share/dictionary.chillispot +--- freeradius-1.1.5/share/dictionary.chillispot 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.5.new/share/dictionary.chillispot 2007-03-25 20:05:03.000000000 +0200 +@@ -0,0 +1,20 @@ ++# ++# ChilliSpot dictionary. ++# ++# Enable by putting the line "$INCLUDE dictionary.chillispot" ++# into the main dictionary file. ++# ++# ++ ++VENDOR ChilliSpot 14559 ++ ++# ++# ChilliSpot Vendor Specific Extensions ++# ++# ++ATTRIBUTE ChilliSpot-Max-Input-Octets 1 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Max-Output-Octets 2 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Max-Total-Octets 3 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Bandwidth-Max-Up 4 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Bandwidth-Max-Down 5 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Config 6 string ChilliSpot +diff -baurN freeradius-1.1.5/share/dictionary.jradius freeradius-1.1.5.new/share/dictionary.jradius +--- freeradius-1.1.5/share/dictionary.jradius 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.5.new/share/dictionary.jradius 2007-03-25 20:05:03.000000000 +0200 +@@ -0,0 +1,4 @@ ++VENDOR JRadius 19211 ++ATTRIBUTE JRadius-Request-Id 1 string JRadius ++ATTRIBUTE JRadius-Session-Id 2 string JRadius ++ATTRIBUTE JRadius-Proxy-Client 3 octets JRadius +diff -baurN freeradius-1.1.5/share/dictionary.lancom freeradius-1.1.5.new/share/dictionary.lancom +--- freeradius-1.1.5/share/dictionary.lancom 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.5.new/share/dictionary.lancom 2007-03-25 20:05:03.000000000 +0200 +@@ -0,0 +1,12 @@ ++VENDOR Lancom 16787 ++ATTRIBUTE Lancom-Location-ID 1 string Lancom ++ATTRIBUTE Lancom-Location-Name 2 string Lancom ++ATTRIBUTE Lancom-Logoff-URL 3 string Lancom ++ATTRIBUTE Lancom-Redirection-URL 4 string Lancom ++ATTRIBUTE Lancom-Bandwidth-Min-Up 5 integer Lancom ++ATTRIBUTE Lancom-Bandwidth-Min-Down 6 integer Lancom ++ATTRIBUTE Lancom-Bandwidth-Max-Up 7 integer Lancom ++ATTRIBUTE Lancom-Bandwidth-Max-Down 8 integer Lancom ++ATTRIBUTE Lancom-Session-Terminate-Time 9 string Lancom ++ATTRIBUTE Lancom-Session-Terminate-End-Of-Day 10 string Lancom ++ATTRIBUTE Lancom-Billing-Class-Of-Service 11 string Lancom +diff -baurN freeradius-1.1.5/share/dictionary.ser freeradius-1.1.5.new/share/dictionary.ser +--- freeradius-1.1.5/share/dictionary.ser 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.5.new/share/dictionary.ser 2007-03-25 20:05:03.000000000 +0200 +@@ -0,0 +1,49 @@ ++# ++# $Id: freeradius-1.1.2.patch,v 1.1 2006/08/19 19:11:47 picopoint Exp $ ++# ++# SIP RADIUS attributes ++# ++# Schulzrinne indicates attributes according to ++# draft-schulzrinne-sipping-radius-accounting-00 ++# ++# Sterman indicates attributes according to ++# draft-sterman-aaa-sip-00 ++# ++# Standard indicates a standard RADIUS attribute ++# which is missing in radiusclient dictionary ++# ++# Digest indicates attributes according to ++# ++# Proprietary indicates an attribute that hasn't ++# been standardized ++# ++ ++### acc ### ++ATTRIBUTE Sip-Method 101 integer # Schulzrinne ++ATTRIBUTE Sip-Response-Code 102 integer # Schulzrinne ++ATTRIBUTE Sip-Cseq 103 string # Schulzrinne ++ATTRIBUTE Sip-To-Tag 104 string # Schulzrinne ++ATTRIBUTE Sip-From-Tag 105 string # Schulzrinne ++ATTRIBUTE Sip-Branch-Id 106 string # Schulzrinne ++ATTRIBUTE Sip-Translated-Req-ID 107 string # Schulzrinne ++ATTRIBUTE Sip-Source-Ip-Address 108 ipaddr # Schulzrinne ++ATTRIBUTE Sip-Source-Port 109 integer # Schulzrinne ++ ++ATTRIBUTE Digest-Response 206 string # Sterman ++ATTRIBUTE Digest-Attributes 207 string # Sterman ++ ++ATTRIBUTE Sip-Uri-User 208 string # Proprietary ++ATTRIBUTE Sip-Rpid 213 string # Proprietary ++ ++ATTRIBUTE Digest-Realm 1063 string # Sterman ++ATTRIBUTE Digest-Nonce 1064 string # Sterman ++ATTRIBUTE Digest-Method 1065 string # Sterman ++ATTRIBUTE Digest-Uri 1066 string # Sterman ++ATTRIBUTE Digest-Qop 1067 string # Sterman ++ATTRIBUTE Digest-Algorithm 1068 string # Sterman ++ATTRIBUTE Digest-Body-Digest 1069 string # Sterman ++ATTRIBUTE Digest-Cnonce 1070 string # Sterman ++ATTRIBUTE Digest-Nonce-Count 1071 string # Sterman ++ATTRIBUTE Digest-User-Name 1072 string # Sterman ++ ++ATTRIBUTE Sip-Group 211 string # Proprietary +diff -baurN freeradius-1.1.5/src/modules/rlm_jradius/configure freeradius-1.1.5.new/src/modules/rlm_jradius/configure +--- freeradius-1.1.5/src/modules/rlm_jradius/configure 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.5.new/src/modules/rlm_jradius/configure 2007-03-25 20:05:03.000000000 +0200 +@@ -0,0 +1,4 @@ ++#! /bin/sh ++ ++echo "did nothing" ++ +diff -baurN freeradius-1.1.5/src/modules/rlm_jradius/jradius.conf freeradius-1.1.5.new/src/modules/rlm_jradius/jradius.conf +--- freeradius-1.1.5/src/modules/rlm_jradius/jradius.conf 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.5.new/src/modules/rlm_jradius/jradius.conf 2007-03-25 20:38:30.000000000 +0200 +@@ -0,0 +1,15 @@ ++ ++jradius { ++ name = "example" # Name of the JRadius Application ++ # (known as "Sender" in JRadius) ++ primary = "127.0.0.1" # Primary JRadius Server ++ # (using default port of 1814) ++ secondary = "192.168.1.2:1815" # Secondary JRadius Server (port 1815) ++ tertiary = "192.168.1.2:1816" # Tertiary JRadius Server ++ timeout = 1 # JRadius Server Connect Timeout (default 5) ++ onfail = NOOP # What to do if no JRadius ++ # Server is found. Options are: ++ # FAIL (default), OK, REJECT, NOOP ++ keepalive = yes # Keep connections to JRadius pooled ++ connections = 8 # Number of pooled JRadius connections ++} +diff -baurN freeradius-1.1.5/src/modules/rlm_jradius/Makefile freeradius-1.1.5.new/src/modules/rlm_jradius/Makefile +--- freeradius-1.1.5/src/modules/rlm_jradius/Makefile 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.5.new/src/modules/rlm_jradius/Makefile 2007-03-25 20:05:03.000000000 +0200 +@@ -0,0 +1,13 @@ ++TARGET = rlm_jradius ++SRCS = rlm_jradius.c ++HEADERS = ++RLM_CFLAGS = ++RLM_LIBS = ++ ++## this uses the RLM_CFLAGS and RLM_LIBS and SRCS defs to make TARGET. ++include ../rules.mak ++ ++$(STATIC_OBJS): $(HEADERS) ++ ++$(DYNAMIC_OBJS): $(HEADERS) ++ +diff -baurN freeradius-1.1.5/src/modules/rlm_jradius/rlm_jradius.c freeradius-1.1.5.new/src/modules/rlm_jradius/rlm_jradius.c +--- freeradius-1.1.5/src/modules/rlm_jradius/rlm_jradius.c 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.5.new/src/modules/rlm_jradius/rlm_jradius.c 2007-03-25 20:38:30.000000000 +0200 +@@ -0,0 +1,966 @@ ++/** ++ * rlm_jradius - The FreeRADIUS JRadius Server Module ++ * Copyright (C) 2004-2006 PicoPoint, B.V. ++ * Copyright (c) 2007 David Bird ++ * ++ * This program is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by the ++ * Free Software Foundation; either version 2 of the License, or (at your ++ * option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * for more details. ++ * ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ++ * ++ * Author(s): David Bird ++ */ ++ ++/*#define FRv2 1*/ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#ifdef FRv2 ++#include ++#include ++#include ++#include ++#include ++#define STR_VALUE(p) ((p)->data.strvalue) ++#else ++#include "autoconf.h" ++#include "libradius.h" ++#include "radiusd.h" ++#include "modules.h" ++#include "conffile.h" ++#define STR_VALUE(p) ((p)->strvalue) ++#endif ++ ++#ifdef HAVE_PTHREAD_H ++#include ++#endif ++ ++#ifdef HAVE_SYS_SOCKET_H ++#include ++#endif ++ ++#ifndef O_NONBLOCK ++#define O_NONBLOCK O_NDELAY ++#endif ++ ++static const char rcsid[] = "$Id: rlm_jradius.c,v 1.20 2006/05/24 13:58:57 picopoint Exp $"; ++ ++static const int JRADIUS_PORT = 1814; ++static const int HALF_MESSAGE_LEN = 16384; ++static const int MESSAGE_LEN = 32768; ++ ++static const int JRADIUS_authenticate = 1; ++static const int JRADIUS_authorize = 2; ++static const int JRADIUS_preacct = 3; ++static const int JRADIUS_accounting = 4; ++static const int JRADIUS_checksimul = 5; ++static const int JRADIUS_pre_proxy = 6; ++static const int JRADIUS_post_proxy = 7; ++static const int JRADIUS_post_auth = 8; ++ ++#define LOG_PREFIX "rlm_jradius: " ++#define MAX_HOSTS 4 ++ ++typedef struct jradius_socket { ++ int id; ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_t mutex; ++#endif ++ struct jradius_socket *next; ++ enum { is_connected, not_connected } state; ++ ++ union { ++ int sock; ++ } con; ++} JRSOCK; ++ ++typedef struct jradius_inst { ++ time_t connect_after; ++ JRSOCK * sock_pool; ++ JRSOCK * last_used; ++ ++ char * name; ++ char * host [MAX_HOSTS]; ++ uint32_t ipaddr [MAX_HOSTS]; ++ int port [MAX_HOSTS]; ++ int timeout; ++ int allow_codechange; ++ int allow_idchange; ++ int onfail; ++ char * onfail_s; ++ int keepalive; ++ int jrsock_cnt; ++} JRADIUS; ++ ++typedef struct _byte_array ++{ ++ unsigned int size; ++ unsigned int pos; ++ unsigned int left; ++ unsigned char * b; ++} byte_array; ++ ++static CONF_PARSER module_config[] = { ++ { "name", PW_TYPE_STRING_PTR, offsetof(JRADIUS, name), NULL, "localhost"}, ++ { "primary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[0]), NULL, "localhost"}, ++ { "secondary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[1]), NULL, NULL}, ++ { "tertiary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[2]), NULL, NULL}, ++ { "timeout", PW_TYPE_INTEGER, offsetof(JRADIUS, timeout), NULL, "5"}, ++ { "onfail", PW_TYPE_STRING_PTR, offsetof(JRADIUS, onfail_s), NULL, NULL}, ++ { "keepalive", PW_TYPE_BOOLEAN, offsetof(JRADIUS, keepalive), NULL, "yes"}, ++ { "connections", PW_TYPE_INTEGER, offsetof(JRADIUS, jrsock_cnt), NULL, "8"}, ++ { "allow_codechange", PW_TYPE_BOOLEAN, offsetof(JRADIUS, allow_codechange), NULL, "no"}, ++ { "allow_idchange", PW_TYPE_BOOLEAN, offsetof(JRADIUS, allow_idchange), NULL, "no"}, ++ { NULL, -1, 0, NULL, NULL } ++}; ++ ++static int connect_socket(JRSOCK *jrsock, JRADIUS *inst) ++{ ++ struct sockaddr_in local_addr, serv_addr; ++ int i, connected = 0; ++ char buff[128]; ++ int sock; ++ ++ /* ++ * Connect to jradius servers until we succeed or die trying ++ */ ++ for (i = 0; !connected && i < MAX_HOSTS && inst->ipaddr[i] > 0; i++) { ++ ++ /* ++ * Allocate a TCP socket ++ */ ++ if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not allocate TCP socket"); ++ goto failed; ++ } ++ ++ /* ++ * If we have a timeout value set, make the socket non-blocking ++ */ ++ if (inst->timeout > 0 && ++ fcntl(sock, F_SETFL, fcntl(sock, F_GETFL, 0) | O_NONBLOCK) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not set non-blocking on socket"); ++ goto failed; ++ } ++ ++ /* ++ * Bind to any local port ++ */ ++ memset(&local_addr, 0, sizeof(local_addr)); ++ local_addr.sin_family = AF_INET; ++ local_addr.sin_addr.s_addr = htonl(INADDR_ANY); ++ local_addr.sin_port = htons(0); ++ ++ if (bind(sock, (struct sockaddr *) &local_addr, sizeof(local_addr)) < 0) { ++ radlog(L_ERR, LOG_PREFIX "could not locally bind TCP socket"); ++ goto failed; ++ } ++ ++ /* ++ * Attempt connection to remote server ++ */ ++ memset(&serv_addr, 0, sizeof(serv_addr)); ++ serv_addr.sin_family = AF_INET; ++ memcpy((char *) &serv_addr.sin_addr, &(inst->ipaddr[i]), 4); ++ serv_addr.sin_port = htons(inst->port[i]); ++ ++ if (connect(sock, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0) { ++ if (inst->timeout > 0 && (errno == EINPROGRESS || errno == EWOULDBLOCK)) { ++ /* ++ * Wait to see if non-blocking socket connects or times-out ++ */ ++ struct pollfd pfd; ++ memset(&pfd, 0, sizeof(pfd)); ++ ++ pfd.fd = sock; ++ pfd.events = POLLOUT; ++ ++ if (poll(&pfd, 1, inst->timeout * 1000) == 1 && pfd.revents) { ++ /* ++ * Lets make absolutely sure we are connected ++ */ ++ struct sockaddr_in sa; ++ unsigned int salen = sizeof(sa); ++ if (getpeername(sock, (struct sockaddr *) &sa, &salen) != -1) { ++ /* ++ * CONNECTED! break out of for-loop ++ */ ++ connected = 1; ++ break; ++ } ++ } ++ } ++ ++ /* ++ * Timed-out ++ */ ++ radlog(L_ERR, LOG_PREFIX "could not connect to %s:%d", ++ ip_ntoa(buff, inst->ipaddr[i]), inst->port[i]); ++ ++ } else { ++ /* ++ * CONNECTED (instantly)! break out of for-loop ++ */ ++ connected = 1; ++ break; ++ } ++ ++ /* ++ * Unable to connect, cleanup and start over ++ */ ++ close(sock); sock=0; ++ } ++ ++ if (!connected) { ++ radlog(L_ERR, LOG_PREFIX "could not find any jradius server!"); ++ goto failed; ++ } ++ ++ /* ++ * If we previously set the socket to non-blocking, restore blocking ++ */ ++ if (inst->timeout > 0 && ++ fcntl(sock, F_SETFL, fcntl(sock, F_GETFL, 0) & ~O_NONBLOCK) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not set blocking on socket"); ++ goto failed; ++ } ++ ++ jrsock->state = is_connected; ++ jrsock->con.sock = sock; ++ return 1; ++ ++ failed: ++ if (sock > 0) { shutdown(sock, 2); close(sock); } ++ jrsock->state = not_connected; ++ return 0; ++} ++ ++static void close_socket(JRADIUS * inst, JRSOCK *jrsock) { ++ radlog(L_INFO, "rlm_jradius: Closing JRadius connection %d", jrsock->id); ++ if (jrsock->con.sock > 0) { ++ shutdown(jrsock->con.sock, 2); ++ close(jrsock->con.sock); ++ } ++ jrsock->state = not_connected; ++ jrsock->con.sock = 0; ++} ++ ++static void free_socket(JRADIUS * inst, JRSOCK *jrsock) { ++ close_socket(inst, jrsock); ++ if (inst->keepalive) { ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_destroy(&jrsock->mutex); ++#endif ++ free(jrsock); ++ } ++} ++ ++static int socket_send(JRSOCK *jrsock, unsigned char *b, unsigned int blen) { ++ return send(jrsock->con.sock, b, blen, 0); ++} ++ ++static int init_socketpool(JRADIUS * inst) ++{ ++ int i, rcode; ++ int success = 0; ++ JRSOCK *jrsock; ++ ++ inst->connect_after = 0; ++ inst->sock_pool = NULL; ++ ++ for (i = 0; i < inst->jrsock_cnt; i++) { ++ radlog(L_INFO, "rlm_jradius: starting JRadius connection %d", i); ++ ++ if ((jrsock = rad_malloc(sizeof(*jrsock))) == 0) return -1; ++ ++ memset(jrsock, 0, sizeof(*jrsock)); ++ jrsock->id = i; ++ jrsock->state = not_connected; ++ ++#ifdef HAVE_PTHREAD_H ++ rcode = pthread_mutex_init(&jrsock->mutex,NULL); ++ if (rcode != 0) { ++ radlog(L_ERR, "rlm_jradius: Failed to init lock: %s", strerror(errno)); ++ return 0; ++ } ++#endif ++ ++ if (time(NULL) > inst->connect_after) ++ if (connect_socket(jrsock, inst)) ++ success = 1; ++ ++ jrsock->next = inst->sock_pool; ++ inst->sock_pool = jrsock; ++ } ++ inst->last_used = NULL; ++ ++ if (!success) { ++ radlog(L_DBG, "rlm_jradius: Failed to connect to JRadius server."); ++ } ++ ++ return 1; ++} ++ ++static void free_socketpool(JRADIUS * inst) ++{ ++ JRSOCK *cur; ++ JRSOCK *next; ++ ++ for (cur = inst->sock_pool; cur; cur = next) { ++ next = cur->next; ++ free_socket(inst, cur); ++ } ++ ++ inst->sock_pool = NULL; ++} ++ ++static JRSOCK * get_socket(JRADIUS * inst) ++{ ++ JRSOCK *cur, *start; ++ int tried_to_connect = 0; ++ int unconnected = 0; ++ ++ start = inst->last_used; ++ if (!start) start = inst->sock_pool; ++ ++ cur = start; ++ ++ while (cur) { ++#ifdef HAVE_PTHREAD_H ++ if (pthread_mutex_trylock(&cur->mutex) != 0) { ++ goto next; ++ } ++#endif ++ ++ if ((cur->state == not_connected) && (time(NULL) > inst->connect_after)) { ++ radlog(L_INFO, "rlm_jradius: Trying to (re)connect unconnected handle %d", cur->id); ++ tried_to_connect++; ++ connect_socket(cur, inst); ++ } ++ ++ if (cur->state == not_connected) { ++ radlog(L_DBG, "rlm_jradius: Ignoring unconnected handle %d", cur->id); ++ unconnected++; ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_unlock(&cur->mutex); ++#endif ++ goto next; ++ } ++ ++ radlog(L_DBG, "rlm_jradius: Reserving JRadius socket id: %d", cur->id); ++ ++ if (unconnected != 0 || tried_to_connect != 0) { ++ radlog(L_INFO, "rlm_jradius: got socket %d after skipping %d unconnected handles, tried to reconnect %d though", ++ cur->id, unconnected, tried_to_connect); ++ } ++ ++ inst->last_used = cur->next; ++ return cur; ++ ++ next: ++ cur = cur->next; ++ if (!cur) cur = inst->sock_pool; ++ if (cur == start) break; ++ } ++ ++ radlog(L_INFO, "rlm_jradius: There are no sockets to use! skipped %d, tried to connect %d", ++ unconnected, tried_to_connect); ++ return NULL; ++} ++ ++static int release_socket(JRADIUS * inst, JRSOCK * jrsock) ++{ ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_unlock(&jrsock->mutex); ++#endif ++ ++ radlog(L_DBG, "rlm_jradius: Released JRadius socket id: %d", jrsock->id); ++ ++ return 0; ++} ++ ++ ++/* ++ * Initialize the jradius module ++ */ ++static int jradius_instantiate(CONF_SECTION *conf, void **instance) ++{ ++ JRADIUS *inst = (JRADIUS *) instance; ++ char host[128], b[128], *h; ++ int i, p, idx, port; ++ ++ inst = rad_malloc(sizeof(JRADIUS)); ++ memset(inst, 0, sizeof(JRADIUS)); ++ ++ if (cf_section_parse(conf, inst, module_config) < 0) { ++ free(inst); ++ return -1; ++ } ++ ++ for (i = 0, idx = 0; i < MAX_HOSTS; i++) { ++ if (inst->host[i] && strlen(inst->host[i]) < sizeof(host)) { ++ h = inst->host[i]; ++ p = JRADIUS_PORT; ++ ++ strcpy(b, h); ++ if (sscanf(b, "%[^:]:%d", host, &port) == 2) { h = host; p = port; } ++ ++ if (h) { ++#ifdef FRv2 ++ lrad_ipaddr_t ipaddr; ++ if (ip_hton(h, AF_INET, &ipaddr) < 0) { ++ radlog(L_ERR, "Can't find IP address for host %s", h); ++ continue; ++ } ++ if ((inst->ipaddr[idx] = ipaddr.ipaddr.ip4addr.s_addr) != htonl(INADDR_NONE)) { ++#else ++ if ((inst->ipaddr[idx] = ip_getaddr(h)) != htonl(INADDR_NONE)) { ++#endif ++ inst->port[idx] = p; ++ radlog(L_INFO, LOG_PREFIX "configuring jradius server %s:%d", h, p); ++ idx++; ++ } else { ++ radlog(L_ERR, LOG_PREFIX "invalid jradius server %s", h); ++ } ++ } ++ } ++ } ++ ++ if (inst->keepalive) init_socketpool(inst); ++ ++ inst->onfail = RLM_MODULE_FAIL; ++ ++ if (inst->onfail_s) { ++ if (!strcmp(inst->onfail_s, "NOOP")) inst->onfail = RLM_MODULE_NOOP; ++ else if (!strcmp(inst->onfail_s, "REJECT")) inst->onfail = RLM_MODULE_REJECT; ++ else if (!strcmp(inst->onfail_s, "OK")) inst->onfail = RLM_MODULE_OK; ++ else if (!strcmp(inst->onfail_s, "FAIL")) inst->onfail = RLM_MODULE_FAIL; ++ else radlog(L_ERR, LOG_PREFIX "invalid jradius 'onfail' state %s", inst->onfail_s); ++ } ++ ++ *instance = inst; ++ ++ return 0; ++} ++ ++/* ++ * Initialize a byte array buffer structure ++ */ ++static void init_byte_array(byte_array * ba, unsigned char *b, int blen) ++{ ++ ba->b = b; ++ ba->size = ba->left = blen; ++ ba->pos = 0; ++} ++ ++/* ++ * Pack a single byte into a byte array buffer ++ */ ++static int pack_byte(byte_array * ba, unsigned char c) ++{ ++ if (ba->left < 1) return -1; ++ ++ ba->b[ba->pos] = c; ++ ba->pos++; ++ ba->left--; ++ ++ return 0; ++} ++ ++/* ++ * Pack an array of bytes into a byte array buffer ++ */ ++static int pack_bytes(byte_array * ba, unsigned char *d, unsigned int dlen) ++{ ++ if (ba->left < dlen) return -1; ++ ++ memcpy((void *)(ba->b + ba->pos), d, dlen); ++ ba->pos += dlen; ++ ba->left -= dlen; ++ ++ return 0; ++} ++ ++/* ++ * Pack an integer into a byte array buffer (adjusting for byte-order) ++ */ ++static int pack_int(byte_array * ba, unsigned int i) ++{ ++ if (ba->left < 4) return -1; ++ ++ i = htonl(i); ++ ++ memcpy((void *)(ba->b + ba->pos), (void *)&i, 4); ++ ba->pos += 4; ++ ba->left -= 4; ++ ++ return 0; ++} ++ ++/* ++ * Pack one byte array buffer into another byte array buffer ++ */ ++static int pack_array(byte_array * ba, byte_array * a) ++{ ++ if (ba->left < a->pos) return -1; ++ ++ memcpy((void *)(ba->b + ba->pos), (void *)a->b, a->pos); ++ ba->pos += a->pos; ++ ba->left -= a->pos; ++ ++ return 0; ++} ++ ++/* ++ * Pack radius attributes into a byte array buffer ++ */ ++static int pack_vps(byte_array * ba, VALUE_PAIR * vps) ++{ ++ VALUE_PAIR * vp; ++ ++ for (vp = vps; vp != NULL; vp = vp->next) { ++ ++ radlog(L_DBG, LOG_PREFIX "packing attribute %s (type: %d; len: %d)", ++ vp->name, vp->attribute, vp->length); ++ ++ if (pack_int(ba, vp->attribute) == -1) return -1; ++ if (pack_int(ba, vp->length) == -1) return -1; ++ if (pack_int(ba, vp->operator) == -1) return -1; ++ ++ switch (vp->type) { ++ case PW_TYPE_INTEGER: ++ case PW_TYPE_DATE: ++ if (pack_int(ba, vp->lvalue) == -1) return -1; ++ break; ++ case PW_TYPE_IPADDR: ++ if (pack_bytes(ba, (void *)&vp->lvalue, vp->length) == -1) return -1; ++ break; ++ default: ++ if (pack_bytes(ba, (void *)STR_VALUE(vp), vp->length) == -1) return -1; ++ break; ++ } ++ } ++ ++ return 0; ++} ++ ++/* ++ * Pack a radius packet into a byte array buffer ++ */ ++static int pack_packet(byte_array * ba, RADIUS_PACKET * p) ++{ ++ /*unsigned char code = p->code;*/ ++ unsigned char buff[HALF_MESSAGE_LEN]; ++ byte_array pba; ++ ++ init_byte_array(&pba, buff, sizeof(buff)); ++ ++ if (pack_vps (&pba, p->vps) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "packing packet with code: %d (attr length: %d)", p->code, pba.pos); ++ ++ if (pack_byte (ba, p->code) == -1) return -1; ++ if (pack_byte (ba, p->id) == -1) return -1; ++ if (pack_int (ba, pba.pos) == -1) return -1; ++ if (pba.pos == 0) return 0; ++ if (pack_array (ba, &pba) == -1) return -1; ++ ++ return 0; ++} ++ ++static int pack_request(byte_array * ba, REQUEST *r) ++{ ++ unsigned char buff[HALF_MESSAGE_LEN]; ++ byte_array pba; ++ ++ init_byte_array(&pba, buff, sizeof(buff)); ++ ++ if (pack_vps (&pba, r->config_items) == -1) return -1; ++ if (pack_int (ba, pba.pos) == -1) return -1; ++ if (pba.pos == 0) return 0; ++ if (pack_array (ba, &pba) == -1) return -1; ++ ++ return 0; ++} ++ ++/* ++ * Read a single byte from socket ++ */ ++static int read_byte(JRSOCK *jrsock, unsigned char *b) ++{ ++ return (read(jrsock->con.sock, b, 1) == 1) ? 0 : -1; ++} ++ ++static void unpack_int(unsigned char *c, unsigned int *i) ++{ ++ unsigned int ii; ++ memcpy((void *)&ii, c, 4); ++ *i = ntohl(ii); ++} ++ ++/* ++ * Read an integer from the socket (adjusting for byte-order) ++ */ ++static int read_int(JRSOCK *jrsock, unsigned int *i) ++{ ++ unsigned char c[4]; ++ ++ if (read(jrsock->con.sock, c, 4) != 4) return -1; ++ unpack_int(c, i); ++ ++ return 0; ++} ++ ++/* ++ * Read a value-pair list from the socket ++ */ ++static int read_vps(JRSOCK *jrsock, VALUE_PAIR **pl, int plen) ++{ ++ VALUE_PAIR *vp; ++ unsigned char buff[MESSAGE_LEN]; ++ unsigned int alen, atype, aop; ++ int rlen = 0; ++ ++ while (rlen < plen) { ++ if (read_int (jrsock, &atype) == -1) return -1; rlen += 4; ++ if (read_int (jrsock, &alen) == -1) return -1; rlen += 4; ++ if (read_int (jrsock, &aop) == -1) return -1; rlen += 4; ++ ++ radlog(L_DBG, LOG_PREFIX "reading attribute: type=%d; len=%d", atype, alen); ++ ++ if (alen >= sizeof(buff)) { ++ radlog(L_ERR, LOG_PREFIX "packet value too large (len: %d)", alen); ++ return -1; ++ } ++ ++ if (read(jrsock->con.sock, buff, alen) != (int)alen) return -1; rlen += alen; ++ buff[alen]=0; ++ ++ /* ++ * Create new attribute ++ */ ++ vp = paircreate(atype, -1); ++ vp->operator = aop; ++ ++ if (vp->type == -1) { ++ /* ++ * FreeRADIUS should know about the same attributes that JRadius knows ++ */ ++ radlog(L_ERR, LOG_PREFIX "received attribute we do not recognize (type: %d)", atype); ++ pairbasicfree(vp); ++ continue; ++ } ++ ++ /* ++ * Fill in the attribute value based on type ++ */ ++ switch (vp->type) { ++ case PW_TYPE_INTEGER: ++ case PW_TYPE_DATE: ++ { ++ unpack_int(buff, &vp->lvalue); ++ vp->length = 4; ++ } ++ break; ++ ++ case PW_TYPE_IPADDR: ++ memcpy((void *)&vp->lvalue, buff, 4); ++ vp->length = 4; ++ break; ++ ++ default: ++ if (alen < sizeof(STR_VALUE(vp))) { ++ memcpy((void *)STR_VALUE(vp), buff, alen); ++ vp->length = alen; ++ } ++ break; ++ } ++ ++ /* ++ * Add the attribute to the packet ++ */ ++ pairadd(pl, vp); ++ } ++ ++ return rlen; ++} ++ ++/* ++ * Read a radius packet from the socket ++ */ ++static int read_packet(JRADIUS * inst, JRSOCK *jrsock, RADIUS_PACKET *p) ++{ ++ unsigned char code; ++ unsigned char id; ++ unsigned int plen; ++ ++ if (read_byte (jrsock, &code) == -1) return -1; ++ if (read_byte (jrsock, &id) == -1) return -1; ++ if (read_int (jrsock, &plen) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "reading packet: code=%d len=%d", (int)code, plen); ++ ++ if (inst->allow_codechange) ++ if (code != p->code) { ++ radlog(L_INFO, LOG_PREFIX "changing packet code from %d to %d", p->code, code); ++ p->code = code; ++ } ++ ++ if (inst->allow_idchange) ++ if (id != p->id) { ++ radlog(L_INFO, LOG_PREFIX "changing packet id from %d to %d", p->id, id); ++ p->id = id; ++ } ++ ++ /* ++ * Delete previous attribute list ++ */ ++ pairfree(&p->vps); ++ ++ if (plen == 0) return 0; ++ ++ if (read_vps (jrsock, &p->vps, plen) == -1) return -1; ++ ++ return 0; ++} ++ ++static int read_request(JRSOCK *jrsock, REQUEST *p) ++{ ++ unsigned int plen; ++ ++ if (read_int(jrsock, &plen) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "reading request: config_item: len=%d", plen); ++ ++ /* ++ * Delete previous attribute list ++ */ ++ pairfree(&p->config_items); ++ ++ if (plen == 0) return 0; ++ ++ if (read_vps(jrsock, &p->config_items, plen) == -1) return -1; ++ ++ return 0; ++} ++ ++static int rlm_jradius_call(char func, void *instance, REQUEST *req, int isproxy) ++{ ++ JRADIUS * inst = instance; ++ RADIUS_PACKET * request = isproxy ? req->proxy : req->packet; ++ RADIUS_PACKET * reply = isproxy ? req->proxy_reply : req->reply; ++ JRSOCK * jrsock = 0; ++ JRSOCK sjrsock; ++ ++ int exitstatus = inst->onfail; ++ unsigned char rcode, pcount; ++ ++ unsigned char buff[MESSAGE_LEN]; ++ byte_array ba; ++ ++ char * n = inst->name; ++ unsigned int nlen = strlen(n); ++ const char * err = 0; ++ int rc, attempt2=0; ++ ++#define W_ERR(s) { err=s; goto packerror; } ++#define R_ERR(s) { err=s; goto parseerror; } ++ ++ if (inst->keepalive) { ++ jrsock = get_socket(inst); ++ if (!jrsock) return exitstatus; ++ } else { ++ jrsock = &sjrsock; ++ memset(jrsock, 0, sizeof(*jrsock)); ++ jrsock->state = not_connected; ++ } ++ ++ init_byte_array(&ba, buff, sizeof(buff)); ++ ++ pcount = 0; ++ if (request) pcount++; ++ if (reply) pcount++; ++ ++ /* ++ * Create byte array to send to jradius ++ */ ++ if ((rc = pack_int (&ba, nlen)) == -1) W_ERR("pack_int(nlen)"); ++ if ((rc = pack_bytes (&ba, (void *)n, nlen)) == -1) W_ERR("pack_bytes(name)"); ++ if ((rc = pack_byte (&ba, func)) == -1) W_ERR("pack_byte(fun)"); ++ if ((rc = pack_byte (&ba, pcount)) == -1) W_ERR("pack_byte(pcnt)"); ++ if (pcount > 0 && (rc = pack_packet (&ba, request)) == -1) W_ERR("pack_packet(req)"); ++ if (pcount > 1 && (rc = pack_packet (&ba, reply)) == -1) W_ERR("pack_packet(rep)"); ++ if ((rc = pack_request(&ba, req)) == -1) W_ERR("pack_request()"); ++ ++ /* ++ * Send data ++ */ ++ start_over: ++ if (jrsock->state == not_connected) { ++ if (attempt2) radlog(L_ERR, LOG_PREFIX "reconnecting socket id %d", jrsock->id); ++ if (!connect_socket(jrsock, inst)) { ++ if (attempt2) radlog(L_ERR, LOG_PREFIX "could not reconnect socket %d, giving up", jrsock->id); ++ goto cleanup; ++ } ++ } ++ radlog(L_DBG, LOG_PREFIX "sending %d bytes to socket %d", ba.pos, jrsock->id); ++ if (socket_send(jrsock, ba.b, ba.pos) != (int)ba.pos || ++ (rc = read_byte (jrsock, &rcode)) == -1) { ++ /* ++ * With an error on the write or the first read, try closing the socket ++ * and reconnecting to see if that improves matters any (tries this only once) ++ */ ++ radlog(L_ERR, LOG_PREFIX "error sending request with socket %d", jrsock->id); ++ if (!inst->keepalive || attempt2) W_ERR("socket_send/first_read"); ++ close_socket(inst, jrsock); ++ attempt2 = 1; ++ goto start_over; ++ } ++ ++ /* ++ * Read result ++ */ ++ if ((rc = read_byte (jrsock, &pcount)) == -1) R_ERR("read_byte(pcnt)"); ++ ++ radlog(L_DBG, LOG_PREFIX "return code %d; receiving %d packets", (int)rcode, (int)pcount); ++ ++ if (pcount > 0 && request) if ((rc = read_packet (inst, jrsock, request)) == -1) R_ERR("read_packet(req)"); ++ if (pcount > 1 && reply) if ((rc = read_packet (inst, jrsock, reply)) == -1) R_ERR("read_packet(rep)"); ++ ++ if ((rc = read_request (jrsock, req)) == -1) R_ERR("read_request()"); ++ ++ /* ++ * Since we deleted all the attribute lists in the request, ++ * we need to reconfigure a few pointers in the REQUEST object ++ */ ++ if (req->username) { ++ req->username = pairfind(request->vps, PW_USER_NAME); ++ } ++ if (req->password) { ++ req->password = pairfind(request->vps, PW_PASSWORD); ++ if (!req->password) req->password = pairfind(request->vps, PW_CHAP_PASSWORD); ++ } ++ ++ /* ++ * All done, set return code and cleanup ++ */ ++ exitstatus = (int)rcode; ++ goto cleanup; ++ ++ parseerror: ++ radlog(L_ERR, LOG_PREFIX "problem parsing the data [%s]",err); ++ if (inst->keepalive) close_socket(inst, jrsock); ++ goto cleanup; ++ ++ packerror: ++ radlog(L_ERR, LOG_PREFIX "problem packing the data[%s]",err); ++ if (inst->keepalive) close_socket(inst, jrsock); ++ ++ cleanup: ++ if (inst->keepalive) ++ release_socket(inst, jrsock); ++ else ++ close_socket(inst, jrsock); ++ ++ return exitstatus; ++} ++ ++static int jradius_authenticate(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_authenticate, instance, request, 0); ++} ++ ++static int jradius_authorize(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_authorize, instance, request, 0); ++} ++ ++static int jradius_preacct(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_preacct, instance, request, 0); ++} ++ ++static int jradius_accounting(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_accounting, instance, request, 0); ++} ++ ++static int jradius_checksimul(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_checksimul, instance, request, 0); ++} ++ ++static int jradius_pre_proxy(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_pre_proxy, instance, request, 1); ++} ++ ++static int jradius_post_proxy(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_post_proxy, instance, request, 1); ++} ++ ++static int jradius_post_auth(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_post_auth, instance, request, 0); ++} ++ ++static int jradius_detach(void *instance) ++{ ++ JRADIUS *inst = (JRADIUS *) instance; ++ free_socketpool(inst); ++ free(inst); ++ return 0; ++} ++ ++#ifndef FRv2 ++static int jradius_init(void) { return 0; } ++#endif ++ ++module_t rlm_jradius = { ++#ifdef FRv2 ++ RLM_MODULE_INIT, ++#endif ++ "jradius", ++ RLM_TYPE_THREAD_SAFE, ++#ifndef FRv2 ++ jradius_init, ++#endif ++ jradius_instantiate, ++#ifdef FRv2 ++ jradius_detach, ++#endif ++ { ++ jradius_authenticate, ++ jradius_authorize, ++ jradius_preacct, ++ jradius_accounting, ++ jradius_checksimul, ++ jradius_pre_proxy, ++ jradius_post_proxy, ++ jradius_post_auth ++ }, ++#ifndef FRv2 ++ jradius_detach, ++#endif ++}; ++ ++/* ++ * Connection pooling code based on rlm_sql codebase, under GPL. ++ * See radiusd/src/modules/rlm_sql/sql.c ++ */ +diff -baurN freeradius-1.1.5/src/modules/stable freeradius-1.1.5.new/src/modules/stable +--- freeradius-1.1.5/src/modules/stable 2005-12-14 21:58:14.000000000 +0100 ++++ freeradius-1.1.5.new/src/modules/stable 2007-03-25 20:05:03.000000000 +0200 +@@ -30,3 +30,4 @@ + rlm_sqlcounter + rlm_unix + rlm_checkval ++rlm_jradius diff --git a/freeradius/patch/freeradius-1.1.7.patch b/freeradius/patch/freeradius-1.1.7.patch new file mode 100644 index 0000000..5d4f37b --- /dev/null +++ b/freeradius/patch/freeradius-1.1.7.patch @@ -0,0 +1,1180 @@ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.7.orig/raddb/jradius.conf freeradius-1.1.7/raddb/jradius.conf +--- freeradius-1.1.7.orig/raddb/jradius.conf 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.7/raddb/jradius.conf 2007-08-16 13:51:55.000000000 +0200 +@@ -0,0 +1,15 @@ ++ ++jradius { ++ name = "example" # Name of the JRadius Application ++ # (known as "Sender" in JRadius) ++ primary = "127.0.0.1" # Primary JRadius Server ++ # (using default port of 1814) ++ secondary = "192.168.1.2:1815" # Secondary JRadius Server (port 1815) ++ tertiary = "192.168.1.2:1816" # Tertiary JRadius Server ++ timeout = 1 # JRadius Server Connect Timeout (default 5) ++ onfail = NOOP # What to do if no JRadius ++ # Server is found. Options are: ++ # FAIL (default), OK, REJECT, NOOP ++ keepalive = yes # Keep connections to JRadius pooled ++ connections = 8 # Number of pooled JRadius connections ++} +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.7.orig/raddb/Makefile freeradius-1.1.7/raddb/Makefile +--- freeradius-1.1.7.orig/raddb/Makefile 2007-07-16 13:39:08.000000000 +0200 ++++ freeradius-1.1.7/raddb/Makefile 2007-08-16 13:53:10.000000000 +0200 +@@ -13,7 +13,7 @@ + experimental.conf hints huntgroups ldap.attrmap \ + mssql.conf naslist naspasswd oraclesql.conf postgresql.conf \ + preproxy_users proxy.conf radiusd.conf realms snmp.conf \ +- sql.conf sqlippool.conf postgresqlippool.conf users otp.conf ++ sql.conf sqlippool.conf postgresqlippool.conf users otp.conf jradius.conf + + all: + +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.7.orig/raddb/radiusd.conf.in freeradius-1.1.7/raddb/radiusd.conf.in +--- freeradius-1.1.7.orig/raddb/radiusd.conf.in 2007-07-16 12:53:13.000000000 +0200 ++++ freeradius-1.1.7/raddb/radiusd.conf.in 2007-08-16 13:57:23.000000000 +0200 +@@ -660,6 +660,9 @@ + radwtmp = ${logdir}/radwtmp + } + ++ # The JRadius module configuration ++$INCLUDE ${confdir}/jradius.conf ++ + # Extensible Authentication Protocol + # + # For all EAP related authentications. +@@ -1877,6 +1880,7 @@ + # + # Use the checkval module + # checkval ++ jradius + + # + # As of 1.1.4, you should list "pap" last in this section. +@@ -1983,6 +1987,8 @@ + suffix + # ntdomain + ++ jradius ++ + # + # Read the 'acct_users' file + files +@@ -2031,6 +2037,7 @@ + # Cisco VoIP specific bulk accounting + # pgsql-voip + ++ jradius + } + + +@@ -2089,6 +2096,7 @@ + # insert-module-name-here + # } + ++ jradius + } + + # +@@ -2110,6 +2118,7 @@ + # server, un-comment the following line, and the + # 'detail pre_proxy_log' section, above. + # pre_proxy_log ++ jradius + } + + # +@@ -2143,4 +2152,5 @@ + # reject the EAP request. + # + eap ++ jradius + } +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.7.orig/share/dictionary freeradius-1.1.7/share/dictionary +--- freeradius-1.1.7.orig/share/dictionary 2007-04-08 16:42:06.000000000 +0200 ++++ freeradius-1.1.7/share/dictionary 2007-08-16 14:05:37.000000000 +0200 +@@ -54,6 +54,10 @@ + # + $INCLUDE dictionary.compat + ++$INCLUDE dictionary.jradius ++$INCLUDE dictionary.chillispot ++$INCLUDE dictionary.coova ++ + # + # Include the RFC dictionaries next. + # +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.7.orig/share/dictionary.chillispot freeradius-1.1.7/share/dictionary.chillispot +--- freeradius-1.1.7.orig/share/dictionary.chillispot 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.7/share/dictionary.chillispot 2007-08-16 13:58:01.000000000 +0200 +@@ -0,0 +1,22 @@ ++# ++# ChilliSpot dictionary. ++# ++# Enable by putting the line "$INCLUDE dictionary.chillispot" ++# into the main dictionary file. ++# ++# ++ ++VENDOR ChilliSpot 14559 ++ ++# ++# ChilliSpot Vendor Specific Extensions ++# ++# ++ATTRIBUTE ChilliSpot-Max-Input-Octets 1 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Max-Output-Octets 2 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Max-Total-Octets 3 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Bandwidth-Max-Up 4 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Bandwidth-Max-Down 5 integer ChilliSpot ++ATTRIBUTE ChilliSpot-Config 6 string ChilliSpot ++ATTRIBUTE ChilliSpot-Lang 7 string ChilliSpot ++ATTRIBUTE ChilliSpot-Version 8 string ChilliSpot +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.7.orig/share/dictionary.coova freeradius-1.1.7/share/dictionary.coova +--- freeradius-1.1.7.orig/share/dictionary.coova 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.7/share/dictionary.coova 2007-08-16 13:58:11.000000000 +0200 +@@ -0,0 +1,14 @@ ++# ++# Coova dictionary. ++# ++# Enable by putting the line "$INCLUDE dictionary.coova" ++# into the main dictionary file. ++# ++ ++VENDOR Coova 31515 ++ATTRIBUTE Coova-Request 1 string Coova ++ATTRIBUTE Coova-Response 2 string Coova ++ATTRIBUTE Coova-Config 3 string Coova ++ATTRIBUTE Coova-AP-Config 4 string Coova ++ATTRIBUTE Coova-Session-Id 5 string Coova ++ATTRIBUTE Coova-Parent-Session-Id 6 string Coova +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.7.orig/share/dictionary.jradius freeradius-1.1.7/share/dictionary.jradius +--- freeradius-1.1.7.orig/share/dictionary.jradius 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.7/share/dictionary.jradius 2007-08-16 13:57:57.000000000 +0200 +@@ -0,0 +1,4 @@ ++VENDOR JRadius 19211 ++ATTRIBUTE JRadius-Request-Id 1 string JRadius ++ATTRIBUTE JRadius-Session-Id 2 string JRadius ++ATTRIBUTE JRadius-Proxy-Client 3 octets JRadius +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.7.orig/src/modules/rlm_jradius/configure freeradius-1.1.7/src/modules/rlm_jradius/configure +--- freeradius-1.1.7.orig/src/modules/rlm_jradius/configure 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.7/src/modules/rlm_jradius/configure 2007-08-16 14:01:09.000000000 +0200 +@@ -0,0 +1,4 @@ ++#! /bin/sh ++ ++echo "did nothing" ++ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.7.orig/src/modules/rlm_jradius/jradius.conf freeradius-1.1.7/src/modules/rlm_jradius/jradius.conf +--- freeradius-1.1.7.orig/src/modules/rlm_jradius/jradius.conf 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.7/src/modules/rlm_jradius/jradius.conf 2007-08-16 14:01:09.000000000 +0200 +@@ -0,0 +1,15 @@ ++ ++jradius { ++ name = "example" # Name of the JRadius Application ++ # (known as "Sender" in JRadius) ++ primary = "127.0.0.1" # Primary JRadius Server ++ # (using default port of 1814) ++ secondary = "192.168.1.2:1815" # Secondary JRadius Server (port 1815) ++ tertiary = "192.168.1.2:1816" # Tertiary JRadius Server ++ timeout = 1 # JRadius Server Connect Timeout (default 5) ++ onfail = NOOP # What to do if no JRadius ++ # Server is found. Options are: ++ # FAIL (default), OK, REJECT, NOOP ++ keepalive = yes # Keep connections to JRadius pooled ++ connections = 8 # Number of pooled JRadius connections ++} +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.7.orig/src/modules/rlm_jradius/Makefile freeradius-1.1.7/src/modules/rlm_jradius/Makefile +--- freeradius-1.1.7.orig/src/modules/rlm_jradius/Makefile 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.7/src/modules/rlm_jradius/Makefile 2007-08-16 14:01:09.000000000 +0200 +@@ -0,0 +1,13 @@ ++TARGET = rlm_jradius ++SRCS = rlm_jradius.c ++HEADERS = ++RLM_CFLAGS = ++RLM_LIBS = ++ ++## this uses the RLM_CFLAGS and RLM_LIBS and SRCS defs to make TARGET. ++include ../rules.mak ++ ++$(STATIC_OBJS): $(HEADERS) ++ ++$(DYNAMIC_OBJS): $(HEADERS) ++ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.7.orig/src/modules/rlm_jradius/rlm_jradius.c freeradius-1.1.7/src/modules/rlm_jradius/rlm_jradius.c +--- freeradius-1.1.7.orig/src/modules/rlm_jradius/rlm_jradius.c 1970-01-01 01:00:00.000000000 +0100 ++++ freeradius-1.1.7/src/modules/rlm_jradius/rlm_jradius.c 2007-08-16 14:01:39.000000000 +0200 +@@ -0,0 +1,967 @@ ++/** ++ * rlm_jradius - The FreeRADIUS JRadius Server Module ++ * Copyright (C) 2004-2006 PicoPoint, B.V. ++ * Copyright (c) 2007 David Bird ++ * ++ * This program is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by the ++ * Free Software Foundation; either version 2 of the License, or (at your ++ * option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * for more details. ++ * ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ++ * ++ * Author(s): David Bird ++ */ ++ ++/*#define FRv2 1*/ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#ifdef FRv2 ++#include ++#include ++#include ++#include ++#include ++#define STR_VALUE(p) ((p)->data.strvalue) ++#else ++#include "autoconf.h" ++#include "libradius.h" ++#include "radiusd.h" ++#include "modules.h" ++#include "conffile.h" ++#define STR_VALUE(p) ((p)->strvalue) ++#endif ++ ++#ifdef HAVE_PTHREAD_H ++#include ++#endif ++ ++#ifdef HAVE_SYS_SOCKET_H ++#include ++#endif ++ ++#ifndef O_NONBLOCK ++#define O_NONBLOCK O_NDELAY ++#endif ++ ++static const char rcsid[] = "$Id: rlm_jradius.c,v 1.20 2006/05/24 13:58:57 picopoint Exp $"; ++ ++static const int JRADIUS_PORT = 1814; ++static const int HALF_MESSAGE_LEN = 16384; ++static const int MESSAGE_LEN = 32768; ++ ++static const int JRADIUS_authenticate = 1; ++static const int JRADIUS_authorize = 2; ++static const int JRADIUS_preacct = 3; ++static const int JRADIUS_accounting = 4; ++static const int JRADIUS_checksimul = 5; ++static const int JRADIUS_pre_proxy = 6; ++static const int JRADIUS_post_proxy = 7; ++static const int JRADIUS_post_auth = 8; ++ ++#define LOG_PREFIX "rlm_jradius: " ++#define MAX_HOSTS 4 ++ ++typedef struct jradius_socket { ++ int id; ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_t mutex; ++#endif ++ struct jradius_socket *next; ++ enum { is_connected, not_connected } state; ++ ++ union { ++ int sock; ++ } con; ++} JRSOCK; ++ ++typedef struct jradius_inst { ++ time_t connect_after; ++ JRSOCK * sock_pool; ++ JRSOCK * last_used; ++ ++ char * name; ++ char * host [MAX_HOSTS]; ++ uint32_t ipaddr [MAX_HOSTS]; ++ int port [MAX_HOSTS]; ++ int timeout; ++ int allow_codechange; ++ int allow_idchange; ++ int onfail; ++ char * onfail_s; ++ int keepalive; ++ int jrsock_cnt; ++} JRADIUS; ++ ++typedef struct _byte_array ++{ ++ unsigned int size; ++ unsigned int pos; ++ unsigned int left; ++ unsigned char * b; ++} byte_array; ++ ++static CONF_PARSER module_config[] = { ++ { "name", PW_TYPE_STRING_PTR, offsetof(JRADIUS, name), NULL, "localhost"}, ++ { "primary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[0]), NULL, "localhost"}, ++ { "secondary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[1]), NULL, NULL}, ++ { "tertiary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[2]), NULL, NULL}, ++ { "timeout", PW_TYPE_INTEGER, offsetof(JRADIUS, timeout), NULL, "5"}, ++ { "onfail", PW_TYPE_STRING_PTR, offsetof(JRADIUS, onfail_s), NULL, NULL}, ++ { "keepalive", PW_TYPE_BOOLEAN, offsetof(JRADIUS, keepalive), NULL, "yes"}, ++ { "connections", PW_TYPE_INTEGER, offsetof(JRADIUS, jrsock_cnt), NULL, "8"}, ++ { "allow_codechange", PW_TYPE_BOOLEAN, offsetof(JRADIUS, allow_codechange), NULL, "no"}, ++ { "allow_idchange", PW_TYPE_BOOLEAN, offsetof(JRADIUS, allow_idchange), NULL, "no"}, ++ { NULL, -1, 0, NULL, NULL } ++}; ++ ++static int connect_socket(JRSOCK *jrsock, JRADIUS *inst) ++{ ++ struct sockaddr_in local_addr, serv_addr; ++ int i, connected = 0; ++ char buff[128]; ++ int sock; ++ ++ /* ++ * Connect to jradius servers until we succeed or die trying ++ */ ++ for (i = 0; !connected && i < MAX_HOSTS && inst->ipaddr[i] > 0; i++) { ++ ++ /* ++ * Allocate a TCP socket ++ */ ++ if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not allocate TCP socket"); ++ goto failed; ++ } ++ ++ /* ++ * If we have a timeout value set, make the socket non-blocking ++ */ ++ if (inst->timeout > 0 && ++ fcntl(sock, F_SETFL, fcntl(sock, F_GETFL, 0) | O_NONBLOCK) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not set non-blocking on socket"); ++ goto failed; ++ } ++ ++ /* ++ * Bind to any local port ++ */ ++ memset(&local_addr, 0, sizeof(local_addr)); ++ local_addr.sin_family = AF_INET; ++ local_addr.sin_addr.s_addr = htonl(INADDR_ANY); ++ local_addr.sin_port = htons(0); ++ ++ if (bind(sock, (struct sockaddr *) &local_addr, sizeof(local_addr)) < 0) { ++ radlog(L_ERR, LOG_PREFIX "could not locally bind TCP socket"); ++ goto failed; ++ } ++ ++ /* ++ * Attempt connection to remote server ++ */ ++ memset(&serv_addr, 0, sizeof(serv_addr)); ++ serv_addr.sin_family = AF_INET; ++ memcpy((char *) &serv_addr.sin_addr, &(inst->ipaddr[i]), 4); ++ serv_addr.sin_port = htons(inst->port[i]); ++ ++ if (connect(sock, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0) { ++ if (inst->timeout > 0 && (errno == EINPROGRESS || errno == EWOULDBLOCK)) { ++ /* ++ * Wait to see if non-blocking socket connects or times-out ++ */ ++ struct pollfd pfd; ++ memset(&pfd, 0, sizeof(pfd)); ++ ++ pfd.fd = sock; ++ pfd.events = POLLOUT; ++ ++ if (poll(&pfd, 1, inst->timeout * 1000) == 1 && pfd.revents) { ++ /* ++ * Lets make absolutely sure we are connected ++ */ ++ struct sockaddr_in sa; ++ unsigned int salen = sizeof(sa); ++ if (getpeername(sock, (struct sockaddr *) &sa, &salen) != -1) { ++ /* ++ * CONNECTED! break out of for-loop ++ */ ++ connected = 1; ++ break; ++ } ++ } ++ } ++ ++ /* ++ * Timed-out ++ */ ++ radlog(L_ERR, LOG_PREFIX "could not connect to %s:%d", ++ ip_ntoa(buff, inst->ipaddr[i]), inst->port[i]); ++ ++ } else { ++ /* ++ * CONNECTED (instantly)! break out of for-loop ++ */ ++ connected = 1; ++ break; ++ } ++ ++ /* ++ * Unable to connect, cleanup and start over ++ */ ++ close(sock); sock=0; ++ } ++ ++ if (!connected) { ++ radlog(L_ERR, LOG_PREFIX "could not find any jradius server!"); ++ goto failed; ++ } ++ ++ /* ++ * If we previously set the socket to non-blocking, restore blocking ++ */ ++ if (inst->timeout > 0 && ++ fcntl(sock, F_SETFL, fcntl(sock, F_GETFL, 0) & ~O_NONBLOCK) == -1) { ++ radlog(L_ERR, LOG_PREFIX "could not set blocking on socket"); ++ goto failed; ++ } ++ ++ jrsock->state = is_connected; ++ jrsock->con.sock = sock; ++ return 1; ++ ++ failed: ++ if (sock > 0) { shutdown(sock, 2); close(sock); } ++ jrsock->state = not_connected; ++ return 0; ++} ++ ++static void close_socket(JRADIUS * inst, JRSOCK *jrsock) { ++ radlog(L_INFO, "rlm_jradius: Closing JRadius connection %d", jrsock->id); ++ if (jrsock->con.sock > 0) { ++ shutdown(jrsock->con.sock, 2); ++ close(jrsock->con.sock); ++ } ++ jrsock->state = not_connected; ++ jrsock->con.sock = 0; ++} ++ ++static void free_socket(JRADIUS * inst, JRSOCK *jrsock) { ++ close_socket(inst, jrsock); ++ if (inst->keepalive) { ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_destroy(&jrsock->mutex); ++#endif ++ free(jrsock); ++ } ++} ++ ++static int socket_send(JRSOCK *jrsock, unsigned char *b, unsigned int blen) { ++ return send(jrsock->con.sock, b, blen, 0); ++} ++ ++static int init_socketpool(JRADIUS * inst) ++{ ++ int i, rcode; ++ int success = 0; ++ JRSOCK *jrsock; ++ ++ inst->connect_after = 0; ++ inst->sock_pool = NULL; ++ ++ for (i = 0; i < inst->jrsock_cnt; i++) { ++ radlog(L_INFO, "rlm_jradius: starting JRadius connection %d", i); ++ ++ if ((jrsock = rad_malloc(sizeof(*jrsock))) == 0) return -1; ++ ++ memset(jrsock, 0, sizeof(*jrsock)); ++ jrsock->id = i; ++ jrsock->state = not_connected; ++ ++#ifdef HAVE_PTHREAD_H ++ rcode = pthread_mutex_init(&jrsock->mutex,NULL); ++ if (rcode != 0) { ++ radlog(L_ERR, "rlm_jradius: Failed to init lock: %s", strerror(errno)); ++ return 0; ++ } ++#endif ++ ++ if (time(NULL) > inst->connect_after) ++ if (connect_socket(jrsock, inst)) ++ success = 1; ++ ++ jrsock->next = inst->sock_pool; ++ inst->sock_pool = jrsock; ++ } ++ inst->last_used = NULL; ++ ++ if (!success) { ++ radlog(L_DBG, "rlm_jradius: Failed to connect to JRadius server."); ++ } ++ ++ return 1; ++} ++ ++static void free_socketpool(JRADIUS * inst) ++{ ++ JRSOCK *cur; ++ JRSOCK *next; ++ ++ for (cur = inst->sock_pool; cur; cur = next) { ++ next = cur->next; ++ free_socket(inst, cur); ++ } ++ ++ inst->sock_pool = NULL; ++} ++ ++static JRSOCK * get_socket(JRADIUS * inst) ++{ ++ JRSOCK *cur, *start; ++ int tried_to_connect = 0; ++ int unconnected = 0; ++ ++ start = inst->last_used; ++ if (!start) start = inst->sock_pool; ++ ++ cur = start; ++ ++ while (cur) { ++#ifdef HAVE_PTHREAD_H ++ if (pthread_mutex_trylock(&cur->mutex) != 0) { ++ goto next; ++ } ++#endif ++ ++ if ((cur->state == not_connected) && (time(NULL) > inst->connect_after)) { ++ radlog(L_INFO, "rlm_jradius: Trying to (re)connect unconnected handle %d", cur->id); ++ tried_to_connect++; ++ connect_socket(cur, inst); ++ } ++ ++ if (cur->state == not_connected) { ++ radlog(L_DBG, "rlm_jradius: Ignoring unconnected handle %d", cur->id); ++ unconnected++; ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_unlock(&cur->mutex); ++#endif ++ goto next; ++ } ++ ++ radlog(L_DBG, "rlm_jradius: Reserving JRadius socket id: %d", cur->id); ++ ++ if (unconnected != 0 || tried_to_connect != 0) { ++ radlog(L_INFO, "rlm_jradius: got socket %d after skipping %d unconnected handles, tried to reconnect %d though", ++ cur->id, unconnected, tried_to_connect); ++ } ++ ++ inst->last_used = cur->next; ++ return cur; ++ ++ next: ++ cur = cur->next; ++ if (!cur) cur = inst->sock_pool; ++ if (cur == start) break; ++ } ++ ++ radlog(L_INFO, "rlm_jradius: There are no sockets to use! skipped %d, tried to connect %d", ++ unconnected, tried_to_connect); ++ return NULL; ++} ++ ++static int release_socket(JRADIUS * inst, JRSOCK * jrsock) ++{ ++#ifdef HAVE_PTHREAD_H ++ pthread_mutex_unlock(&jrsock->mutex); ++#endif ++ ++ radlog(L_DBG, "rlm_jradius: Released JRadius socket id: %d", jrsock->id); ++ ++ return 0; ++} ++ ++ ++/* ++ * Initialize the jradius module ++ */ ++static int jradius_instantiate(CONF_SECTION *conf, void **instance) ++{ ++ JRADIUS *inst = (JRADIUS *) instance; ++ char host[128], b[128], *h; ++ int i, p, idx, port; ++ ++ inst = rad_malloc(sizeof(JRADIUS)); ++ memset(inst, 0, sizeof(JRADIUS)); ++ ++ if (cf_section_parse(conf, inst, module_config) < 0) { ++ free(inst); ++ return -1; ++ } ++ ++ for (i = 0, idx = 0; i < MAX_HOSTS; i++) { ++ if (inst->host[i] && strlen(inst->host[i]) < sizeof(host)) { ++ h = inst->host[i]; ++ p = JRADIUS_PORT; ++ ++ strcpy(b, h); ++ if (sscanf(b, "%[^:]:%d", host, &port) == 2) { h = host; p = port; } ++ ++ if (h) { ++#ifdef FRv2 ++ lrad_ipaddr_t ipaddr; ++ if (ip_hton(h, AF_INET, &ipaddr) < 0) { ++ radlog(L_ERR, "Can't find IP address for host %s", h); ++ continue; ++ } ++ if ((inst->ipaddr[idx] = ipaddr.ipaddr.ip4addr.s_addr) != htonl(INADDR_NONE)) { ++#else ++ if ((inst->ipaddr[idx] = ip_getaddr(h)) != htonl(INADDR_NONE)) { ++#endif ++ inst->port[idx] = p; ++ radlog(L_INFO, LOG_PREFIX "configuring jradius server %s:%d", h, p); ++ idx++; ++ } else { ++ radlog(L_ERR, LOG_PREFIX "invalid jradius server %s", h); ++ } ++ } ++ } ++ } ++ ++ if (inst->keepalive) init_socketpool(inst); ++ ++ inst->onfail = RLM_MODULE_FAIL; ++ ++ if (inst->onfail_s) { ++ if (!strcmp(inst->onfail_s, "NOOP")) inst->onfail = RLM_MODULE_NOOP; ++ else if (!strcmp(inst->onfail_s, "REJECT")) inst->onfail = RLM_MODULE_REJECT; ++ else if (!strcmp(inst->onfail_s, "OK")) inst->onfail = RLM_MODULE_OK; ++ else if (!strcmp(inst->onfail_s, "FAIL")) inst->onfail = RLM_MODULE_FAIL; ++ else radlog(L_ERR, LOG_PREFIX "invalid jradius 'onfail' state %s", inst->onfail_s); ++ } ++ ++ *instance = inst; ++ ++ return 0; ++} ++ ++/* ++ * Initialize a byte array buffer structure ++ */ ++static void init_byte_array(byte_array * ba, unsigned char *b, int blen) ++{ ++ ba->b = b; ++ ba->size = ba->left = blen; ++ ba->pos = 0; ++} ++ ++/* ++ * Pack a single byte into a byte array buffer ++ */ ++static int pack_byte(byte_array * ba, unsigned char c) ++{ ++ if (ba->left < 1) return -1; ++ ++ ba->b[ba->pos] = c; ++ ba->pos++; ++ ba->left--; ++ ++ return 0; ++} ++ ++/* ++ * Pack an array of bytes into a byte array buffer ++ */ ++static int pack_bytes(byte_array * ba, unsigned char *d, unsigned int dlen) ++{ ++ if (ba->left < dlen) return -1; ++ ++ memcpy((void *)(ba->b + ba->pos), d, dlen); ++ ba->pos += dlen; ++ ba->left -= dlen; ++ ++ return 0; ++} ++ ++/* ++ * Pack an integer into a byte array buffer (adjusting for byte-order) ++ */ ++static int pack_int(byte_array * ba, unsigned int i) ++{ ++ if (ba->left < 4) return -1; ++ ++ i = htonl(i); ++ ++ memcpy((void *)(ba->b + ba->pos), (void *)&i, 4); ++ ba->pos += 4; ++ ba->left -= 4; ++ ++ return 0; ++} ++ ++/* ++ * Pack one byte array buffer into another byte array buffer ++ */ ++static int pack_array(byte_array * ba, byte_array * a) ++{ ++ if (ba->left < a->pos) return -1; ++ ++ memcpy((void *)(ba->b + ba->pos), (void *)a->b, a->pos); ++ ba->pos += a->pos; ++ ba->left -= a->pos; ++ ++ return 0; ++} ++ ++/* ++ * Pack radius attributes into a byte array buffer ++ */ ++static int pack_vps(byte_array * ba, VALUE_PAIR * vps) ++{ ++ VALUE_PAIR * vp; ++ ++ for (vp = vps; vp != NULL; vp = vp->next) { ++ ++ radlog(L_DBG, LOG_PREFIX "packing attribute %s (type: %d; len: %d)", ++ vp->name, vp->attribute, vp->length); ++ ++ if (pack_int(ba, vp->attribute) == -1) return -1; ++ if (pack_int(ba, vp->length) == -1) return -1; ++ if (pack_int(ba, vp->operator) == -1) return -1; ++ ++ switch (vp->type) { ++ case PW_TYPE_INTEGER: ++ case PW_TYPE_DATE: ++ if (pack_int(ba, vp->lvalue) == -1) return -1; ++ break; ++ case PW_TYPE_IPADDR: ++ if (pack_bytes(ba, (void *)&vp->lvalue, vp->length) == -1) return -1; ++ break; ++ default: ++ if (pack_bytes(ba, (void *)STR_VALUE(vp), vp->length) == -1) return -1; ++ break; ++ } ++ } ++ ++ return 0; ++} ++ ++/* ++ * Pack a radius packet into a byte array buffer ++ */ ++static int pack_packet(byte_array * ba, RADIUS_PACKET * p) ++{ ++ /*unsigned char code = p->code;*/ ++ unsigned char buff[HALF_MESSAGE_LEN]; ++ byte_array pba; ++ ++ init_byte_array(&pba, buff, sizeof(buff)); ++ ++ if (pack_vps (&pba, p->vps) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "packing packet with code: %d (attr length: %d)", p->code, pba.pos); ++ ++ if (pack_byte (ba, p->code) == -1) return -1; ++ if (pack_byte (ba, p->id) == -1) return -1; ++ if (pack_int (ba, pba.pos) == -1) return -1; ++ if (pba.pos == 0) return 0; ++ if (pack_array (ba, &pba) == -1) return -1; ++ ++ return 0; ++} ++ ++static int pack_request(byte_array * ba, REQUEST *r) ++{ ++ unsigned char buff[HALF_MESSAGE_LEN]; ++ byte_array pba; ++ ++ init_byte_array(&pba, buff, sizeof(buff)); ++ ++ if (pack_vps (&pba, r->config_items) == -1) return -1; ++ if (pack_int (ba, pba.pos) == -1) return -1; ++ if (pba.pos == 0) return 0; ++ if (pack_array (ba, &pba) == -1) return -1; ++ ++ return 0; ++} ++ ++/* ++ * Read a single byte from socket ++ */ ++static int read_byte(JRSOCK *jrsock, unsigned char *b) ++{ ++ return (read(jrsock->con.sock, b, 1) == 1) ? 0 : -1; ++} ++ ++static void unpack_int(unsigned char *c, unsigned int *i) ++{ ++ unsigned int ii; ++ memcpy((void *)&ii, c, 4); ++ *i = ntohl(ii); ++} ++ ++/* ++ * Read an integer from the socket (adjusting for byte-order) ++ */ ++static int read_int(JRSOCK *jrsock, unsigned int *i) ++{ ++ unsigned char c[4]; ++ ++ if (read(jrsock->con.sock, c, 4) != 4) return -1; ++ unpack_int(c, i); ++ ++ return 0; ++} ++ ++/* ++ * Read a value-pair list from the socket ++ */ ++static int read_vps(JRSOCK *jrsock, VALUE_PAIR **pl, int plen) ++{ ++ VALUE_PAIR *vp; ++ unsigned char buff[MESSAGE_LEN]; ++ unsigned int alen, atype, aop; ++ int rlen = 0; ++ ++ while (rlen < plen) { ++ if (read_int (jrsock, &atype) == -1) return -1; rlen += 4; ++ if (read_int (jrsock, &alen) == -1) return -1; rlen += 4; ++ if (read_int (jrsock, &aop) == -1) return -1; rlen += 4; ++ ++ radlog(L_DBG, LOG_PREFIX "reading attribute: type=%d; len=%d", atype, alen); ++ ++ if (alen >= sizeof(buff)) { ++ radlog(L_ERR, LOG_PREFIX "packet value too large (len: %d)", alen); ++ return -1; ++ } ++ ++ if (read(jrsock->con.sock, buff, alen) != (int)alen) return -1; rlen += alen; ++ buff[alen]=0; ++ ++ /* ++ * Create new attribute ++ */ ++ vp = paircreate(atype, -1); ++ vp->operator = aop; ++ ++ if (vp->type == -1) { ++ /* ++ * FreeRADIUS should know about the same attributes that JRadius knows ++ */ ++ radlog(L_ERR, LOG_PREFIX "received attribute we do not recognize (type: %d)", atype); ++ pairbasicfree(vp); ++ continue; ++ } ++ ++ /* ++ * Fill in the attribute value based on type ++ */ ++ switch (vp->type) { ++ case PW_TYPE_INTEGER: ++ case PW_TYPE_DATE: ++ { ++ unpack_int(buff, &vp->lvalue); ++ vp->length = 4; ++ } ++ break; ++ ++ case PW_TYPE_IPADDR: ++ memcpy((void *)&vp->lvalue, buff, 4); ++ vp->length = 4; ++ break; ++ ++ default: ++ if (alen < sizeof(STR_VALUE(vp))) { ++ memcpy((void *)STR_VALUE(vp), buff, alen); ++ vp->length = alen; ++ } ++ break; ++ } ++ ++ /* ++ * Add the attribute to the packet ++ */ ++ pairadd(pl, vp); ++ } ++ ++ return rlen; ++} ++ ++/* ++ * Read a radius packet from the socket ++ */ ++static int read_packet(JRADIUS * inst, JRSOCK *jrsock, RADIUS_PACKET *p) ++{ ++ unsigned char code; ++ unsigned char id; ++ unsigned int plen; ++ ++ if (read_byte (jrsock, &code) == -1) return -1; ++ if (read_byte (jrsock, &id) == -1) return -1; ++ if (read_int (jrsock, &plen) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "reading packet: code=%d len=%d", (int)code, plen); ++ ++ if (inst->allow_codechange) ++ if (code != p->code) { ++ radlog(L_INFO, LOG_PREFIX "changing packet code from %d to %d", p->code, code); ++ p->code = code; ++ } ++ ++ if (inst->allow_idchange) ++ if (id != p->id) { ++ radlog(L_INFO, LOG_PREFIX "changing packet id from %d to %d", p->id, id); ++ p->id = id; ++ } ++ ++ /* ++ * Delete previous attribute list ++ */ ++ pairfree(&p->vps); ++ ++ if (plen == 0) return 0; ++ ++ if (read_vps (jrsock, &p->vps, plen) == -1) return -1; ++ ++ return 0; ++} ++ ++static int read_request(JRSOCK *jrsock, REQUEST *p) ++{ ++ unsigned int plen; ++ ++ if (read_int(jrsock, &plen) == -1) return -1; ++ ++ radlog(L_DBG, LOG_PREFIX "reading request: config_item: len=%d", plen); ++ ++ /* ++ * Delete previous attribute list ++ */ ++ pairfree(&p->config_items); ++ ++ if (plen == 0) return 0; ++ ++ if (read_vps(jrsock, &p->config_items, plen) == -1) return -1; ++ ++ return 0; ++} ++ ++static int rlm_jradius_call(char func, void *instance, REQUEST *req, int isproxy) ++{ ++ JRADIUS * inst = instance; ++ RADIUS_PACKET * request = isproxy ? req->proxy : req->packet; ++ RADIUS_PACKET * reply = isproxy ? req->proxy_reply : req->reply; ++ JRSOCK * jrsock = 0; ++ JRSOCK sjrsock; ++ ++ int exitstatus = inst->onfail; ++ unsigned char rcode, pcount; ++ ++ unsigned char buff[MESSAGE_LEN]; ++ byte_array ba; ++ ++ char * n = inst->name; ++ unsigned int nlen = strlen(n); ++ const char * err = 0; ++ int rc, attempt2=0; ++ ++#define W_ERR(s) { err=s; goto packerror; } ++#define R_ERR(s) { err=s; goto parseerror; } ++ ++ if (inst->keepalive) { ++ jrsock = get_socket(inst); ++ if (!jrsock) return exitstatus; ++ } else { ++ jrsock = &sjrsock; ++ memset(jrsock, 0, sizeof(*jrsock)); ++ jrsock->state = not_connected; ++ } ++ ++ init_byte_array(&ba, buff, sizeof(buff)); ++ ++ pcount = 0; ++ if (request) pcount++; ++ if (reply) pcount++; ++ ++ /* ++ * Create byte array to send to jradius ++ */ ++ if ((rc = pack_int (&ba, nlen)) == -1) W_ERR("pack_int(nlen)"); ++ if ((rc = pack_bytes (&ba, (void *)n, nlen)) == -1) W_ERR("pack_bytes(name)"); ++ if ((rc = pack_byte (&ba, func)) == -1) W_ERR("pack_byte(fun)"); ++ if ((rc = pack_byte (&ba, pcount)) == -1) W_ERR("pack_byte(pcnt)"); ++ if (pcount > 0 && (rc = pack_packet (&ba, request)) == -1) W_ERR("pack_packet(req)"); ++ if (pcount > 1 && (rc = pack_packet (&ba, reply)) == -1) W_ERR("pack_packet(rep)"); ++ if ((rc = pack_request(&ba, req)) == -1) W_ERR("pack_request()"); ++ ++ /* ++ * Send data ++ */ ++ start_over: ++ if (jrsock->state == not_connected) { ++ if (attempt2) radlog(L_ERR, LOG_PREFIX "reconnecting socket id %d", jrsock->id); ++ if (!connect_socket(jrsock, inst)) { ++ if (attempt2) radlog(L_ERR, LOG_PREFIX "could not reconnect socket %d, giving up", jrsock->id); ++ goto cleanup; ++ } ++ } ++ radlog(L_DBG, LOG_PREFIX "sending %d bytes to socket %d", ba.pos, jrsock->id); ++ if (socket_send(jrsock, ba.b, ba.pos) != (int)ba.pos || ++ (rc = read_byte (jrsock, &rcode)) == -1) { ++ /* ++ * With an error on the write or the first read, try closing the socket ++ * and reconnecting to see if that improves matters any (tries this only once) ++ */ ++ radlog(L_ERR, LOG_PREFIX "error sending request with socket %d", jrsock->id); ++ if (!inst->keepalive || attempt2) W_ERR("socket_send/first_read"); ++ close_socket(inst, jrsock); ++ attempt2 = 1; ++ goto start_over; ++ } ++ ++ /* ++ * Read result ++ */ ++ if ((rc = read_byte (jrsock, &pcount)) == -1) R_ERR("read_byte(pcnt)"); ++ ++ radlog(L_DBG, LOG_PREFIX "return code %d; receiving %d packets", (int)rcode, (int)pcount); ++ ++ if (pcount > 0 && request) if ((rc = read_packet (inst, jrsock, request)) == -1) R_ERR("read_packet(req)"); ++ if (pcount > 1 && reply) if ((rc = read_packet (inst, jrsock, reply)) == -1) R_ERR("read_packet(rep)"); ++ ++ if ((rc = read_request (jrsock, req)) == -1) R_ERR("read_request()"); ++ ++ /* ++ * Since we deleted all the attribute lists in the request, ++ * we need to reconfigure a few pointers in the REQUEST object ++ */ ++ if (req->username) { ++ req->username = pairfind(request->vps, PW_USER_NAME); ++ } ++ if (req->password) { ++ req->password = pairfind(request->vps, PW_PASSWORD); ++ if (!req->password) req->password = pairfind(request->vps, PW_CHAP_PASSWORD); ++ } ++ ++ /* ++ * All done, set return code and cleanup ++ */ ++ exitstatus = (int)rcode; ++ goto cleanup; ++ ++ parseerror: ++ radlog(L_ERR, LOG_PREFIX "problem parsing the data [%s]",err); ++ if (inst->keepalive) close_socket(inst, jrsock); ++ goto cleanup; ++ ++ packerror: ++ radlog(L_ERR, LOG_PREFIX "problem packing the data[%s]",err); ++ if (inst->keepalive) close_socket(inst, jrsock); ++ ++ cleanup: ++ if (inst->keepalive) ++ release_socket(inst, jrsock); ++ else ++ close_socket(inst, jrsock); ++ ++ return exitstatus; ++} ++ ++static int jradius_authenticate(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_authenticate, instance, request, 0); ++} ++ ++static int jradius_authorize(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_authorize, instance, request, 0); ++} ++ ++static int jradius_preacct(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_preacct, instance, request, 0); ++} ++ ++static int jradius_accounting(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_accounting, instance, request, 0); ++} ++ ++static int jradius_checksimul(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_checksimul, instance, request, 0); ++} ++ ++static int jradius_pre_proxy(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_pre_proxy, instance, request, 1); ++} ++ ++static int jradius_post_proxy(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_post_proxy, instance, request, 1); ++} ++ ++static int jradius_post_auth(void *instance, REQUEST *request) ++{ ++ return rlm_jradius_call(JRADIUS_post_auth, instance, request, 0); ++} ++ ++static int jradius_detach(void *instance) ++{ ++ JRADIUS *inst = (JRADIUS *) instance; ++ free_socketpool(inst); ++ free(inst); ++ return 0; ++} ++ ++#ifndef FRv2 ++static int jradius_init(void) { return 0; } ++#endif ++ ++module_t rlm_jradius = { ++#ifdef FRv2 ++ RLM_MODULE_INIT, ++#endif ++ "jradius", ++ RLM_TYPE_THREAD_SAFE, ++#ifndef FRv2 ++ jradius_init, ++#endif ++ jradius_instantiate, ++#ifdef FRv2 ++ jradius_detach, ++#endif ++ { ++ jradius_authenticate, ++ jradius_authorize, ++ jradius_preacct, ++ jradius_accounting, ++ jradius_checksimul, ++ jradius_pre_proxy, ++ jradius_post_proxy, ++ jradius_post_auth ++ }, ++#ifndef FRv2 ++ jradius_detach, ++ NULL ++#endif ++}; ++ ++/* ++ * Connection pooling code based on rlm_sql codebase, under GPL. ++ * See radiusd/src/modules/rlm_sql/sql.c ++ */ +diff -baurN --exclude='*~' --exclude='.#*' --exclude=CVS freeradius-1.1.7.orig/src/modules/stable freeradius-1.1.7/src/modules/stable +--- freeradius-1.1.7.orig/src/modules/stable 2007-07-18 22:02:18.000000000 +0200 ++++ freeradius-1.1.7/src/modules/stable 2007-08-16 14:02:21.000000000 +0200 +@@ -31,3 +31,4 @@ + rlm_sqlippool + rlm_unix + rlm_checkval ++rlm_jradius diff --git a/freeradius/patch/make-patch b/freeradius/patch/make-patch new file mode 100644 index 0000000..d6db1b6 --- /dev/null +++ b/freeradius/patch/make-patch @@ -0,0 +1,14 @@ +#!/bin/sh +v=1.1.3 +diff -baurN \ + --exclude="*~" \ + --exclude=".#*" \ + --exclude="CVS" \ + freeradius-$v.orig freeradius-$v > freeradius-$v.patch +diff -baurN \ + --exclude="*~" \ + --exclude=".#*" \ + --exclude="CVS" \ + --exclude="share" \ + --exclude="raddb" \ + freeradius-$v.orig freeradius-$v > freeradius-$v-modonly.patch diff --git a/freeradius/rlm_jradius/Makefile b/freeradius/rlm_jradius/Makefile new file mode 100644 index 0000000..53295c5 --- /dev/null +++ b/freeradius/rlm_jradius/Makefile @@ -0,0 +1,13 @@ +TARGET = rlm_jradius +SRCS = rlm_jradius.c +HEADERS = +RLM_CFLAGS = +RLM_LIBS = + +## this uses the RLM_CFLAGS and RLM_LIBS and SRCS defs to make TARGET. +include ../rules.mak + +$(STATIC_OBJS): $(HEADERS) + +$(DYNAMIC_OBJS): $(HEADERS) + diff --git a/freeradius/rlm_jradius/configure b/freeradius/rlm_jradius/configure new file mode 100755 index 0000000..d015c2f --- /dev/null +++ b/freeradius/rlm_jradius/configure @@ -0,0 +1,4 @@ +#! /bin/sh + +echo "did nothing" + diff --git a/freeradius/rlm_jradius/jradius.conf b/freeradius/rlm_jradius/jradius.conf new file mode 100644 index 0000000..ba2d52e --- /dev/null +++ b/freeradius/rlm_jradius/jradius.conf @@ -0,0 +1,17 @@ + +jradius { + name = "example" # Name of the JRadius Application + # (known as "Sender" in JRadius) + primary = "127.0.0.1" # Primary JRadius Server + # (using default port of 1814) + secondary = "192.168.1.2:1815" # Secondary JRadius Server (port 1815) + tertiary = "192.168.1.2:1816" # Tertiary JRadius Server + timeout = 1 # JRadius Server Connect Timeout (default 5) + onfail = NOOP # What to do if no JRadius + # Server is found. Options are: + # FAIL (default), OK, REJECT, NOOP + keepalive = yes # Keep connections to JRadius pooled + connections = 8 # Number of pooled JRadius connections + allow_codechange = yes # Allow the changing the RADIUS code/type + allow_idchange = yes # Allow the change of the RADIUS pkt id +} diff --git a/freeradius/rlm_jradius/rlm_jradius.c b/freeradius/rlm_jradius/rlm_jradius.c new file mode 100644 index 0000000..3403b3f --- /dev/null +++ b/freeradius/rlm_jradius/rlm_jradius.c @@ -0,0 +1,1000 @@ +/** + * rlm_jradius - The FreeRADIUS JRadius Server Module + * Copyright (C) 2004-2006 PicoPoint, B.V. + * Copyright (c) 2007 David Bird + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * This module is used to connect FreeRADIUS to the JRadius server. + * JRadius is a Java RADIUS client and server framework, see doc/rlm_jradius + * and http://jradius.net/ for more information. + * + * Author(s): David Bird + * + * Connection pooling code based on rlm_sql, see rlm_sql/sql.c for copyright and license. + */ + +#include +#include +#include +#include +#include +#include +#include + +#include +RCSID("$Id: rlm_jradius.c,v 1.3 2007/11/23 13:46:57 aland Exp $") + +#include +#include +#include +#include +#include + +#ifdef HAVE_PTHREAD_H +#include +#endif + +#ifdef HAVE_SYS_SOCKET_H +#include +#endif + +#ifndef O_NONBLOCK +#define O_NONBLOCK O_NDELAY +#endif + +static const int JRADIUS_PORT = 1814; +static const int HALF_MESSAGE_LEN = 16384; +static const int MESSAGE_LEN = 32768; + +static const int JRADIUS_authenticate = 1; +static const int JRADIUS_authorize = 2; +static const int JRADIUS_preacct = 3; +static const int JRADIUS_accounting = 4; +static const int JRADIUS_checksimul = 5; +static const int JRADIUS_pre_proxy = 6; +static const int JRADIUS_post_proxy = 7; +static const int JRADIUS_post_auth = 8; + +#define LOG_PREFIX "rlm_jradius: " +#define MAX_HOSTS 4 + +typedef struct jradius_socket { + int id; +#ifdef HAVE_PTHREAD_H + pthread_mutex_t mutex; +#endif + struct jradius_socket *next; + enum { is_connected, not_connected } state; + + union { + int sock; + } con; +} JRSOCK; + +typedef struct jradius_inst { + time_t connect_after; + JRSOCK * sock_pool; + JRSOCK * last_used; + + char * name; + char * host [MAX_HOSTS]; + uint32_t ipaddr [MAX_HOSTS]; + int port [MAX_HOSTS]; + int timeout; + int allow_codechange; + int allow_idchange; + int onfail; + char * onfail_s; + int keepalive; + int jrsock_cnt; +} JRADIUS; + +typedef struct _byte_array +{ + unsigned int size; + unsigned int pos; + unsigned int left; + unsigned char * b; +} byte_array; + +static CONF_PARSER module_config[] = { + { "name", PW_TYPE_STRING_PTR, offsetof(JRADIUS, name), NULL, "localhost"}, + { "primary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[0]), NULL, "localhost"}, + { "secondary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[1]), NULL, NULL}, + { "tertiary", PW_TYPE_STRING_PTR, offsetof(JRADIUS, host[2]), NULL, NULL}, + { "timeout", PW_TYPE_INTEGER, offsetof(JRADIUS, timeout), NULL, "5"}, + { "onfail", PW_TYPE_STRING_PTR, offsetof(JRADIUS, onfail_s), NULL, NULL}, + { "keepalive", PW_TYPE_BOOLEAN, offsetof(JRADIUS, keepalive), NULL, "yes"}, + { "connections", PW_TYPE_INTEGER, offsetof(JRADIUS, jrsock_cnt), NULL, "8"}, + { "allow_codechange", PW_TYPE_BOOLEAN, offsetof(JRADIUS, allow_codechange), NULL, "no"}, + { "allow_idchange", PW_TYPE_BOOLEAN, offsetof(JRADIUS, allow_idchange), NULL, "no"}, + { NULL, -1, 0, NULL, NULL } +}; + +static int connect_socket(JRSOCK *jrsock, JRADIUS *inst) +{ + struct sockaddr_in local_addr, serv_addr; + int i, connected = 0; + char buff[128]; + int sock; + + /* + * Connect to jradius servers until we succeed or die trying + */ + for (i = 0; !connected && i < MAX_HOSTS && inst->ipaddr[i] > 0; i++) { + + /* + * Allocate a TCP socket + */ + if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) { + radlog(L_ERR, LOG_PREFIX "could not allocate TCP socket"); + goto failed; + } + + /* + * If we have a timeout value set, make the socket non-blocking + */ + if (inst->timeout > 0 && + fcntl(sock, F_SETFL, fcntl(sock, F_GETFL, 0) | O_NONBLOCK) == -1) { + radlog(L_ERR, LOG_PREFIX "could not set non-blocking on socket"); + goto failed; + } + + /* + * Bind to any local port + */ + memset(&local_addr, 0, sizeof(local_addr)); + local_addr.sin_family = AF_INET; + local_addr.sin_addr.s_addr = htonl(INADDR_ANY); + local_addr.sin_port = htons(0); + + if (bind(sock, (struct sockaddr *) &local_addr, sizeof(local_addr)) < 0) { + radlog(L_ERR, LOG_PREFIX "could not locally bind TCP socket"); + goto failed; + } + + /* + * Attempt connection to remote server + */ + memset(&serv_addr, 0, sizeof(serv_addr)); + serv_addr.sin_family = AF_INET; + memcpy((char *) &serv_addr.sin_addr, &(inst->ipaddr[i]), 4); + serv_addr.sin_port = htons(inst->port[i]); + + if (connect(sock, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0) { + if (inst->timeout > 0 && (errno == EINPROGRESS || errno == EWOULDBLOCK)) { + /* + * Wait to see if non-blocking socket connects or times-out + */ + struct pollfd pfd; + memset(&pfd, 0, sizeof(pfd)); + + pfd.fd = sock; + pfd.events = POLLOUT; + + if (poll(&pfd, 1, inst->timeout * 1000) == 1 && pfd.revents) { + /* + * Lets make absolutely sure we are connected + */ + struct sockaddr_in sa; + unsigned int salen = sizeof(sa); + if (getpeername(sock, (struct sockaddr *) &sa, &salen) != -1) { + /* + * CONNECTED! break out of for-loop + */ + connected = 1; + break; + } + } + } + + /* + * Timed-out + */ + radlog(L_ERR, LOG_PREFIX "could not connect to %s:%d", + ip_ntoa(buff, inst->ipaddr[i]), inst->port[i]); + + } else { + /* + * CONNECTED (instantly)! break out of for-loop + */ + connected = 1; + break; + } + + /* + * Unable to connect, cleanup and start over + */ + close(sock); sock=0; + } + + if (!connected) { + radlog(L_ERR, LOG_PREFIX "could not find any jradius server!"); + goto failed; + } + + /* + * If we previously set the socket to non-blocking, restore blocking + */ + if (inst->timeout > 0 && + fcntl(sock, F_SETFL, fcntl(sock, F_GETFL, 0) & ~O_NONBLOCK) == -1) { + radlog(L_ERR, LOG_PREFIX "could not set blocking on socket"); + goto failed; + } + + jrsock->state = is_connected; + jrsock->con.sock = sock; + return 1; + + failed: + if (sock > 0) { shutdown(sock, 2); close(sock); } + jrsock->state = not_connected; + return 0; +} + +static void close_socket(UNUSED JRADIUS * inst, JRSOCK *jrsock) +{ + radlog(L_INFO, "rlm_jradius: Closing JRadius connection %d", jrsock->id); + if (jrsock->con.sock > 0) { + shutdown(jrsock->con.sock, 2); + close(jrsock->con.sock); + } + jrsock->state = not_connected; + jrsock->con.sock = 0; +} + +static void free_socket(JRADIUS * inst, JRSOCK *jrsock) { + close_socket(inst, jrsock); + if (inst->keepalive) { +#ifdef HAVE_PTHREAD_H + pthread_mutex_destroy(&jrsock->mutex); +#endif + free(jrsock); + } +} + +static int socket_send(JRSOCK *jrsock, unsigned char *b, unsigned int blen) { + return send(jrsock->con.sock, b, blen, 0); +} + +static int init_socketpool(JRADIUS * inst) +{ + int i, rcode; + int success = 0; + JRSOCK *jrsock; + + inst->connect_after = 0; + inst->sock_pool = NULL; + + for (i = 0; i < inst->jrsock_cnt; i++) { + radlog(L_INFO, "rlm_jradius: starting JRadius connection %d", i); + + if ((jrsock = rad_malloc(sizeof(*jrsock))) == 0) return -1; + + memset(jrsock, 0, sizeof(*jrsock)); + jrsock->id = i; + jrsock->state = not_connected; + +#ifdef HAVE_PTHREAD_H + rcode = pthread_mutex_init(&jrsock->mutex,NULL); + if (rcode != 0) { + radlog(L_ERR, "rlm_jradius: Failed to init lock: %s", strerror(errno)); + return 0; + } +#endif + + if (time(NULL) > inst->connect_after) + if (connect_socket(jrsock, inst)) + success = 1; + + jrsock->next = inst->sock_pool; + inst->sock_pool = jrsock; + } + inst->last_used = NULL; + + if (!success) { + radlog(L_DBG, "rlm_jradius: Failed to connect to JRadius server."); + } + + return 1; +} + +static void free_socketpool(JRADIUS * inst) +{ + JRSOCK *cur; + JRSOCK *next; + + for (cur = inst->sock_pool; cur; cur = next) { + next = cur->next; + free_socket(inst, cur); + } + + inst->sock_pool = NULL; +} + +static JRSOCK * get_socket(JRADIUS * inst) +{ + JRSOCK *cur, *start; + int tried_to_connect = 0; + int unconnected = 0; + + start = inst->last_used; + if (!start) start = inst->sock_pool; + + cur = start; + + while (cur) { +#ifdef HAVE_PTHREAD_H + if (pthread_mutex_trylock(&cur->mutex) != 0) { + goto next; + } +#endif + + if ((cur->state == not_connected) && (time(NULL) > inst->connect_after)) { + radlog(L_INFO, "rlm_jradius: Trying to (re)connect unconnected handle %d", cur->id); + tried_to_connect++; + connect_socket(cur, inst); + } + + if (cur->state == not_connected) { + radlog(L_DBG, "rlm_jradius: Ignoring unconnected handle %d", cur->id); + unconnected++; +#ifdef HAVE_PTHREAD_H + pthread_mutex_unlock(&cur->mutex); +#endif + goto next; + } + + radlog(L_DBG, "rlm_jradius: Reserving JRadius socket id: %d", cur->id); + + if (unconnected != 0 || tried_to_connect != 0) { + radlog(L_INFO, "rlm_jradius: got socket %d after skipping %d unconnected handles, tried to reconnect %d though", + cur->id, unconnected, tried_to_connect); + } + + inst->last_used = cur->next; + return cur; + + next: + cur = cur->next; + if (!cur) cur = inst->sock_pool; + if (cur == start) break; + } + + radlog(L_INFO, "rlm_jradius: There are no sockets to use! skipped %d, tried to connect %d", + unconnected, tried_to_connect); + return NULL; +} + +static int release_socket(UNUSED JRADIUS * inst, JRSOCK * jrsock) +{ +#ifdef HAVE_PTHREAD_H + pthread_mutex_unlock(&jrsock->mutex); +#endif + + radlog(L_DBG, "rlm_jradius: Released JRadius socket id: %d", jrsock->id); + + return 0; +} + + +/* + * Initialize the jradius module + */ +static int jradius_instantiate(CONF_SECTION *conf, void **instance) +{ + JRADIUS *inst = (JRADIUS *) instance; + char host[128], b[128], *h; + int i, p, idx, port; + + inst = rad_malloc(sizeof(JRADIUS)); + memset(inst, 0, sizeof(JRADIUS)); + + if (cf_section_parse(conf, inst, module_config) < 0) { + free(inst); + return -1; + } + + for (i = 0, idx = 0; i < MAX_HOSTS; i++) { + if (inst->host[i] && strlen(inst->host[i]) < sizeof(host)) { + h = inst->host[i]; + p = JRADIUS_PORT; + + strcpy(b, h); + if (sscanf(b, "%[^:]:%d", host, &port) == 2) { h = host; p = port; } + + if (h) { + fr_ipaddr_t ipaddr; + if (ip_hton(h, AF_INET, &ipaddr) < 0) { + radlog(L_ERR, "Can't find IP address for host %s", h); + continue; + } + if ((inst->ipaddr[idx] = ipaddr.ipaddr.ip4addr.s_addr) != htonl(INADDR_NONE)) { + inst->port[idx] = p; + radlog(L_INFO, LOG_PREFIX "configuring jradius server %s:%d", h, p); + idx++; + } else { + radlog(L_ERR, LOG_PREFIX "invalid jradius server %s", h); + } + } + } + } + + if (inst->keepalive) init_socketpool(inst); + + inst->onfail = RLM_MODULE_FAIL; + + if (inst->onfail_s) { + if (!strcmp(inst->onfail_s, "NOOP")) inst->onfail = RLM_MODULE_NOOP; + else if (!strcmp(inst->onfail_s, "REJECT")) inst->onfail = RLM_MODULE_REJECT; + else if (!strcmp(inst->onfail_s, "OK")) inst->onfail = RLM_MODULE_OK; + else if (!strcmp(inst->onfail_s, "FAIL")) inst->onfail = RLM_MODULE_FAIL; + else radlog(L_ERR, LOG_PREFIX "invalid jradius 'onfail' state %s", inst->onfail_s); + } + + *instance = inst; + + return 0; +} + +/* + * Initialize a byte array buffer structure + */ +static void init_byte_array(byte_array * ba, unsigned char *b, int blen) +{ + ba->b = b; + ba->size = ba->left = blen; + ba->pos = 0; +} + +/* + * Pack a single byte into a byte array buffer + */ +static int pack_byte(byte_array * ba, unsigned char c) +{ + if (ba->left < 1) return -1; + + ba->b[ba->pos] = c; + ba->pos++; + ba->left--; + + return 0; +} + +/* + * Pack an array of bytes into a byte array buffer + */ +static int pack_bytes(byte_array * ba, unsigned char *d, unsigned int dlen) +{ + if (ba->left < dlen) return -1; + + memcpy((void *)(ba->b + ba->pos), d, dlen); + ba->pos += dlen; + ba->left -= dlen; + + return 0; +} + +/* + * Pack an integer into a byte array buffer (adjusting for byte-order) + */ +static int pack_uint32(byte_array * ba, uint32_t i) +{ + if (ba->left < 4) return -1; + + i = htonl(i); + + memcpy((void *)(ba->b + ba->pos), (void *)&i, 4); + ba->pos += 4; + ba->left -= 4; + + return 0; +} + +/* + * Pack a short into a byte array buffer (adjusting for byte-order) + */ +static int pack_uint16(byte_array * ba, uint16_t i) +{ + if (ba->left < 2) return -1; + + i = htons(i); + + memcpy((void *)(ba->b + ba->pos), (void *)&i, 2); + ba->pos += 2; + ba->left -= 2; + + return 0; +} + +/* + * Pack a byte into a byte array buffer + */ +static int pack_uint8(byte_array * ba, uint8_t i) +{ + if (ba->left < 1) return -1; + + memcpy((void *)(ba->b + ba->pos), (void *)&i, 1); + ba->pos += 1; + ba->left -= 1; + + return 0; +} + +/* + * Pack one byte array buffer into another byte array buffer + */ +static int pack_array(byte_array * ba, byte_array * a) +{ + if (ba->left < a->pos) return -1; + + memcpy((void *)(ba->b + ba->pos), (void *)a->b, a->pos); + ba->pos += a->pos; + ba->left -= a->pos; + + return 0; +} + +/* + * Pack radius attributes into a byte array buffer + */ +static int pack_vps(byte_array * ba, VALUE_PAIR * vps) +{ + uint32_t i; + VALUE_PAIR * vp; + + for (vp = vps; vp != NULL; vp = vp->next) { + + radlog(L_DBG, LOG_PREFIX "packing attribute %s (type: %d; len: %d)", vp->name, vp->attribute, vp->length); + + i = vp->attribute; /* element is int, not uint32_t */ + if (pack_uint32(ba, i) == -1) return -1; + i = vp->length; + if (pack_uint32(ba, i) == -1) return -1; + i = vp->operator; + if (pack_uint32(ba, i) == -1) return -1; + + switch (vp->type) { + case PW_TYPE_BYTE: + if (pack_uint8(ba, vp->lvalue) == -1) return -1; + break; + case PW_TYPE_SHORT: + if (pack_uint16(ba, vp->lvalue) == -1) return -1; + break; + case PW_TYPE_INTEGER: + case PW_TYPE_DATE: + if (pack_uint32(ba, vp->lvalue) == -1) return -1; + break; + case PW_TYPE_IPADDR: + if (pack_bytes(ba, (void *)&vp->vp_ipaddr, vp->length) == -1) return -1; + break; + default: + if (pack_bytes(ba, (void *)vp->vp_octets, vp->length) == -1) return -1; + break; + } + } + + return 0; +} + +/* + * Pack a radius packet into a byte array buffer + */ +static int pack_packet(byte_array * ba, RADIUS_PACKET * p) +{ + /*unsigned char code = p->code;*/ + unsigned char buff[HALF_MESSAGE_LEN]; + byte_array pba; + + init_byte_array(&pba, buff, sizeof(buff)); + + if (pack_vps(&pba, p->vps) == -1) return -1; + + radlog(L_DBG, LOG_PREFIX "packing packet with code: %d (attr length: %d)", p->code, pba.pos); + + if (pack_uint32(ba, p->code) == -1) return -1; + if (pack_uint32(ba, p->id) == -1) return -1; + if (pack_uint32(ba, pba.pos) == -1) return -1; + if (pba.pos == 0) return 0; + if (pack_array(ba, &pba) == -1) return -1; + + return 0; +} + +static int pack_request(byte_array * ba, REQUEST *r) +{ + unsigned char buff[HALF_MESSAGE_LEN]; + byte_array pba; + + init_byte_array(&pba, buff, sizeof(buff)); + + if (pack_vps(&pba, r->config_items) == -1) return -1; + if (pack_uint32(ba, pba.pos) == -1) return -1; + if (pba.pos == 0) return 0; + if (pack_array(ba, &pba) == -1) return -1; + + return 0; +} + +/* + * Read a single byte from socket + */ +static int read_byte(JRSOCK *jrsock, unsigned char *b) +{ + return (read(jrsock->con.sock, b, 1) == 1) ? 0 : -1; +} + +static uint32_t unpack_uint32(unsigned char *c) +{ + uint32_t ii; + memcpy((void *)&ii, c, 4); + return ntohl(ii); +} + +static uint16_t unpack_uint16(unsigned char *c) +{ + uint16_t ii; + memcpy((void *)&ii, c, 2); + return ntohs(ii); +} + +static uint8_t unpack_uint8(unsigned char *c) +{ + uint8_t ii; + memcpy((void *)&ii, c, 1); + return ii; +} + +/* + * Read an integer from the socket (adjusting for byte-order) + */ +static int read_uint32(JRSOCK *jrsock, uint32_t *i) +{ + uint32_t ii; + + if (read(jrsock->con.sock, &ii, 4) != 4) return -1; + *i = ntohl(ii); + + return 0; +} + +/* + * Read a value-pair list from the socket + */ +static int read_vps(JRSOCK *jrsock, VALUE_PAIR **pl, int plen) +{ + VALUE_PAIR *vp; + unsigned char buff[MESSAGE_LEN]; + uint32_t alen, atype, aop; + int rlen = 0; + + while (rlen < plen) { + if (read_uint32(jrsock, &atype) == -1) return -1; rlen += 4; + if (read_uint32(jrsock, &alen) == -1) return -1; rlen += 4; + if (read_uint32(jrsock, &aop) == -1) return -1; rlen += 4; + + radlog(L_DBG, LOG_PREFIX "reading attribute: type=%d; len=%d", atype, alen); + + if (alen >= sizeof(buff)) { + radlog(L_ERR, LOG_PREFIX "packet value too large (len: %d)", alen); + return -1; + } + + if (read(jrsock->con.sock, buff, alen) != (int)alen) return -1; rlen += alen; + buff[alen]=0; + + /* + * Create new attribute + */ + vp = paircreate(atype, -1); + vp->operator = aop; + + if (vp->type == -1) { + /* + * FreeRADIUS should know about the same attributes that JRadius knows + */ + radlog(L_ERR, LOG_PREFIX "received attribute we do not recognize (type: %d)", atype); + pairbasicfree(vp); + continue; + } + + /* + * Fill in the attribute value based on type + */ + switch (vp->type) { + case PW_TYPE_BYTE: + vp->lvalue = unpack_uint8(buff); + vp->length = 1; + break; + + case PW_TYPE_SHORT: + vp->lvalue = unpack_uint16(buff); + vp->length = 2; + break; + + case PW_TYPE_INTEGER: + case PW_TYPE_DATE: + vp->lvalue = unpack_uint32(buff); + vp->length = 4; + break; + + case PW_TYPE_IPADDR: + memcpy((void *)&vp->vp_ipaddr, buff, 4); + vp->length = 4; + break; + + default: + if (alen >= sizeof(vp->vp_octets)) alen = sizeof(vp->vp_octets) - 1; + memcpy((void *)vp->vp_octets, buff, alen); + vp->length = alen; + break; + } + + /* + * Add the attribute to the packet + */ + pairadd(pl, vp); + } + + return rlen; +} + +/* + * Read a radius packet from the socket + */ +static int read_packet(JRADIUS * inst, JRSOCK *jrsock, RADIUS_PACKET *p) +{ + unsigned int code; + unsigned int id; + unsigned int plen; + + if (read_uint32(jrsock, &code) == -1) return -1; + if (read_uint32(jrsock, &id) == -1) return -1; + if (read_uint32(jrsock, &plen) == -1) return -1; + + radlog(L_DBG, LOG_PREFIX "reading packet: code=%d len=%d", (int)code, plen); + + if (inst->allow_codechange) + if (code != p->code) { + radlog(L_INFO, LOG_PREFIX "changing packet code from %d to %d", p->code, code); + p->code = code; + } + + if (inst->allow_idchange) + if (id != p->id) { + radlog(L_INFO, LOG_PREFIX "changing packet id from %d to %d", p->id, id); + p->id = id; + } + + /* + * Delete previous attribute list + */ + pairfree(&p->vps); + + if (plen == 0) return 0; + + if (read_vps(jrsock, &p->vps, plen) == -1) return -1; + + return 0; +} + +static int read_request(JRSOCK *jrsock, REQUEST *p) +{ + unsigned int plen; + + if (read_uint32(jrsock, &plen) == -1) return -1; + + radlog(L_DBG, LOG_PREFIX "reading request: config_item: len=%d", plen); + + /* + * Delete previous attribute list + */ + pairfree(&p->config_items); + + if (plen == 0) return 0; + + if (read_vps(jrsock, &p->config_items, plen) == -1) return -1; + + return 0; +} + +static int rlm_jradius_call(char func, void *instance, REQUEST *req, int isproxy) +{ + JRADIUS * inst = instance; + RADIUS_PACKET * request = isproxy ? req->proxy : req->packet; + RADIUS_PACKET * reply = isproxy ? req->proxy_reply : req->reply; + JRSOCK * jrsock = 0; + JRSOCK sjrsock; + + int exitstatus = inst->onfail; + unsigned char rcode, pcount; + + unsigned char buff[MESSAGE_LEN]; + byte_array ba; + + char * n = inst->name; + unsigned int nlen = strlen(n); + const char * err = 0; + int rc, attempt2=0; + +#define W_ERR(s) { err=s; goto packerror; } +#define R_ERR(s) { err=s; goto parseerror; } + + if (inst->keepalive) { + jrsock = get_socket(inst); + if (!jrsock) return exitstatus; + } else { + jrsock = &sjrsock; + memset(jrsock, 0, sizeof(*jrsock)); + jrsock->state = not_connected; + } + + init_byte_array(&ba, buff, sizeof(buff)); + + pcount = 0; + if (request) pcount++; + if (reply) pcount++; + + /* + * Create byte array to send to jradius + */ + if ((rc = pack_uint32 (&ba, nlen)) == -1) W_ERR("pack_uint32(nlen)"); + if ((rc = pack_bytes (&ba, (void *)n, nlen)) == -1) W_ERR("pack_bytes(name)"); + if ((rc = pack_byte (&ba, func)) == -1) W_ERR("pack_byte(fun)"); + if ((rc = pack_byte (&ba, pcount)) == -1) W_ERR("pack_byte(pcnt)"); + if (pcount > 0 && (rc = pack_packet (&ba, request)) == -1) W_ERR("pack_packet(req)"); + if (pcount > 1 && (rc = pack_packet (&ba, reply)) == -1) W_ERR("pack_packet(rep)"); + if ((rc = pack_request(&ba, req)) == -1) W_ERR("pack_request()"); + + /* + * Send data + */ + start_over: + if (jrsock->state == not_connected) { + if (attempt2) radlog(L_ERR, LOG_PREFIX "reconnecting socket id %d", jrsock->id); + if (!connect_socket(jrsock, inst)) { + if (attempt2) radlog(L_ERR, LOG_PREFIX "could not reconnect socket %d, giving up", jrsock->id); + goto cleanup; + } + } + radlog(L_DBG, LOG_PREFIX "sending %d bytes to socket %d", ba.pos, jrsock->id); + if (socket_send(jrsock, ba.b, ba.pos) != (int)ba.pos || + (rc = read_byte (jrsock, &rcode)) == -1) { + /* + * With an error on the write or the first read, try closing the socket + * and reconnecting to see if that improves matters any (tries this only once) + */ + radlog(L_ERR, LOG_PREFIX "error sending request with socket %d", jrsock->id); + if (!inst->keepalive || attempt2) W_ERR("socket_send/first_read"); + close_socket(inst, jrsock); + attempt2 = 1; + goto start_over; + } + + /* + * Read result + */ + if ((rc = read_byte (jrsock, &pcount)) == -1) R_ERR("read_byte(pcnt)"); + + radlog(L_DBG, LOG_PREFIX "return code %d; receiving %d packets", (int)rcode, (int)pcount); + + if (pcount > 0 && request) if ((rc = read_packet (inst, jrsock, request)) == -1) R_ERR("read_packet(req)"); + if (pcount > 1 && reply) if ((rc = read_packet (inst, jrsock, reply)) == -1) R_ERR("read_packet(rep)"); + + if ((rc = read_request (jrsock, req)) == -1) R_ERR("read_request()"); + + /* + * Since we deleted all the attribute lists in the request, + * we need to reconfigure a few pointers in the REQUEST object + */ + if (req->username) { + req->username = pairfind(request->vps, PW_USER_NAME); + } + if (req->password) { + req->password = pairfind(request->vps, PW_PASSWORD); + if (!req->password) req->password = pairfind(request->vps, PW_CHAP_PASSWORD); + } + + /* + * All done, set return code and cleanup + */ + exitstatus = (int)rcode; + goto cleanup; + + parseerror: + radlog(L_ERR, LOG_PREFIX "problem parsing the data [%s]",err); + if (inst->keepalive) close_socket(inst, jrsock); + goto cleanup; + + packerror: + radlog(L_ERR, LOG_PREFIX "problem packing the data[%s]",err); + if (inst->keepalive) close_socket(inst, jrsock); + + cleanup: + if (inst->keepalive) + release_socket(inst, jrsock); + else + close_socket(inst, jrsock); + + return exitstatus; +} + +static int jradius_authenticate(void *instance, REQUEST *request) +{ + return rlm_jradius_call(JRADIUS_authenticate, instance, request, 0); +} + +static int jradius_authorize(void *instance, REQUEST *request) +{ + return rlm_jradius_call(JRADIUS_authorize, instance, request, 0); +} + +static int jradius_preacct(void *instance, REQUEST *request) +{ + return rlm_jradius_call(JRADIUS_preacct, instance, request, 0); +} + +static int jradius_accounting(void *instance, REQUEST *request) +{ + return rlm_jradius_call(JRADIUS_accounting, instance, request, 0); +} + +static int jradius_checksimul(void *instance, REQUEST *request) +{ + return rlm_jradius_call(JRADIUS_checksimul, instance, request, 0); +} + +static int jradius_pre_proxy(void *instance, REQUEST *request) +{ + return rlm_jradius_call(JRADIUS_pre_proxy, instance, request, 1); +} + +static int jradius_post_proxy(void *instance, REQUEST *request) +{ + return rlm_jradius_call(JRADIUS_post_proxy, instance, request, 1); +} + +static int jradius_post_auth(void *instance, REQUEST *request) +{ + return rlm_jradius_call(JRADIUS_post_auth, instance, request, 0); +} + +static int jradius_detach(void *instance) +{ + JRADIUS *inst = (JRADIUS *) instance; + free_socketpool(inst); + free(inst); + return 0; +} + +module_t rlm_jradius = { + RLM_MODULE_INIT, + "jradius", + RLM_TYPE_THREAD_SAFE, + jradius_instantiate, + jradius_detach, + { + jradius_authenticate, + jradius_authorize, + jradius_preacct, + jradius_accounting, + jradius_checksimul, + jradius_pre_proxy, + jradius_post_proxy, + jradius_post_auth + }, +}; + diff --git a/html/wifi/index.html b/html/wifi/index.html new file mode 100755 index 0000000..718d34e --- /dev/null +++ b/html/wifi/index.html @@ -0,0 +1,317 @@ + + + + + + + + +HotSpot WISPr Login Client + + + + + + + + +
+
Loading...
+
+Note: You are running an Applet that requires more permissions + than your typical Applet. This is because the Applet tries to access a URL + outside of the "walled-garden" in order to know how to login. For this + reason, the Applet is signed with a self-signed X509 certificate. You will + be asked to verify that you trust the authors before running the Applet. +
+ + + + + + + + + + + + +
+ + + + diff --git a/html/wifi/wifi.cab b/html/wifi/wifi.cab new file mode 100644 index 0000000..84677f3 Binary files /dev/null and b/html/wifi/wifi.cab differ diff --git a/html/wifi/wifi.jar b/html/wifi/wifi.jar new file mode 100644 index 0000000..9abc7e6 Binary files /dev/null and b/html/wifi/wifi.jar differ diff --git a/pom.xml b/pom.xml new file mode 100644 index 0000000..9723137 --- /dev/null +++ b/pom.xml @@ -0,0 +1,171 @@ + + + 4.0.0 + net.jradius + jradius + pom + ${project.artifactId}-${project.version} + 1.0.0-SNAPSHOT + JRadius Client/Server Project + http://jradius.net/ + + + + david + David Bird + david@coova.com + + Developer + + GMT+1 + + + + + + GNU Lessor/Library Public License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + scm:svn:https://coova.org:1443/svn/cjradius + scm:svn:https://coova.org:1443/svn/cjradius + http://dev.coova.org/svn/cjradius + + + + + ssh-repository + scp://coova.org/home/repo/public + + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + 1.5 + 1.5 + + + + + + + org.apache.maven.wagon + wagon-ssh-external + 1.0-alpha-5 + + + install + + + + + release-profile + + + performRelease + true + + + + + + maven-source-plugin + + + attach-sources + + jar + + + + true + + + maven-javadoc-plugin + + + attach-javadocs + + jar + + + + true + + + maven-deploy-plugin + true + + true + + + + + + + + + core + dictionary + extended + extensions + example + applet + server + + + + + + false + + coova + Coova Repository + http://dev.coova.org/mvn + + + + false + + springframework + Spring Repository + https://s3.amazonaws.com/maven.springframework.org/milestone + + + + false + + central + Maven Repository Switchboard + http://repo1.maven.org/maven2 + + + + false + + ibiblio + ibiblio Repository Switchboard + http://www.ibiblio.org/maven + + + + false + + gwt-maven + GWT + http://gwt-maven.googlecode.com/svn/trunk/mavenrepo/ + + + + + target/site + + + diff --git a/server/assembly.xml b/server/assembly.xml new file mode 100644 index 0000000..6312209 --- /dev/null +++ b/server/assembly.xml @@ -0,0 +1,41 @@ + + release + + zip + + jradius + true + + + target/classes + + + + target/lib + lib + + + ../freeradius/dict + share + + + config + + + + scripts + + + + ../doc + doc + + + + LICENSE* + + .. + + + + diff --git a/server/config/configuration.properties b/server/config/configuration.properties new file mode 100644 index 0000000..508db04 --- /dev/null +++ b/server/config/configuration.properties @@ -0,0 +1,4 @@ +db.driver=com.mysql.jdbc.Driver +db.url=jdbc:mysql://localhost/radius +db.username=radius +db.password=radius diff --git a/server/config/ehcache.xml b/server/config/ehcache.xml new file mode 100644 index 0000000..8a69dad --- /dev/null +++ b/server/config/ehcache.xml @@ -0,0 +1,23 @@ + + + + + + + + + + + + diff --git a/server/config/jradius-config.xml b/server/config/jradius-config.xml new file mode 100644 index 0000000..d13b4b8 --- /dev/null +++ b/server/config/jradius-config.xml @@ -0,0 +1,150 @@ + + + + + + + + + true + 0 + + + + + + RADIUS Dictionary + bean:attributeDictionary + + + + + + + + + + + + + + + + + FreeRADIUS rlm_jradius module listener (TCP) + + bean:radiusListener + + bean:radiusProcessor + 4 + + + + + + + port1814 + backlog1024 + + + + + JRadius OTP Proxy Listener + net.jradius.webservice.WebServiceListener + net.jradius.webservice.OTPProxyProcessor + 2 + + + + + + + + JRadius WebServices Listener + net.jradius.webservice.WebServiceListener + net.jradius.webservice.WebServiceProcessor + 2 + + + + + SSO Proxy Redirector + net.jradius.webservice.SSOProxyService + + + + + JRadius UI WebServices Listener + net.jradius.webservice.WebServiceListener + net.jradius.webservice.WebServiceProcessor + 6 + + + + + + + + + + + + + + + + + + + diff --git a/server/config/log4j.properties b/server/config/log4j.properties new file mode 100644 index 0000000..92e37f1 --- /dev/null +++ b/server/config/log4j.properties @@ -0,0 +1,4 @@ +log4j.rootLogger=DEBUG, stdout +log4j.appender.stdout=org.apache.log4j.ConsoleAppender +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout +log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] - %m%n diff --git a/server/config/spring-config.xml b/server/config/spring-config.xml new file mode 100644 index 0000000..fd06064 --- /dev/null +++ b/server/config/spring-config.xml @@ -0,0 +1,93 @@ + + + + + + + + configuration.properties + + + + + + + + + + + + + + ${db.driver} + ${db.url} + ${db.username} + ${db.password} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + otpRequests + + + + + + + + + + + + + + + + jradius-config.xml + + + \ No newline at end of file diff --git a/server/pom.xml b/server/pom.xml new file mode 100644 index 0000000..5a8d667 --- /dev/null +++ b/server/pom.xml @@ -0,0 +1,137 @@ + + + + 4.0.0 + net.jradius + jradius-server + ${project.artifactId}-${project.version} + 1.0.0-SNAPSHOT + Server classes + + + net.jradius + jradius + 1.0.0-SNAPSHOT + ../pom.xml + + + + + net.jradius + jradius-core + 1.0.0-SNAPSHOT + + + + net.jradius + jradius-dictionary + 1.0.0-SNAPSHOT + + + + net.jradius + jradius-extended + 1.0.0-SNAPSHOT + + + + net.jradius + jradius-example + 1.0.0-SNAPSHOT + + + + net.jradius + jradius-dal + 1.0.0-SNAPSHOT + + + + net.jradius + jradius-ewt-server + 1.0.0-SNAPSHOT + + + + net.jradius + jradius-ewt-client + 1.0.0-SNAPSHOT + + + + org.springframework + spring-context-support + 2.5.5 + + + + org.apache.ibatis + ibatis-sqlmap + 2.3.2 + + + + com.mysql + mysql-connector + 5.1.6 + + + + c3p0 + c3p0 + 0.9.1.2 + + + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + 1.5 + 1.5 + + + + org.apache.maven.plugins + maven-dependency-plugin + + + copy-dependencies + package + + copy-dependencies + + + target/lib + false + false + true + + + + + + maven-assembly-plugin + + + assembly.xml + + + + + make-assembly + package + + attached + + + + + + + + diff --git a/server/raddb/modules/acct_unique b/server/raddb/modules/acct_unique new file mode 100644 index 0000000..caa7cbc --- /dev/null +++ b/server/raddb/modules/acct_unique @@ -0,0 +1,17 @@ +# -*- text -*- +# +# $Id$ + +# +# Create a unique accounting session Id. Many NASes re-use +# or repeat values for Acct-Session-Id, causing no end of +# confusion. +# +# This module will add a (probably) unique session id +# to an accounting packet based on the attributes listed +# below found in the packet. See doc/rlm_acct_unique for +# more information. +# +acct_unique { + key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" +} diff --git a/server/raddb/modules/always b/server/raddb/modules/always new file mode 100644 index 0000000..c28187f --- /dev/null +++ b/server/raddb/modules/always @@ -0,0 +1,31 @@ +# -*- text -*- +# +# $Id$ + +# +# The "always" module is here for debugging purposes. Each +# instance simply returns the same result, always, without +# doing anything. +always fail { + rcode = fail +} +always reject { + rcode = reject +} +always noop { + rcode = noop +} +always handled { + rcode = handled +} +always updated { + rcode = updated +} +always notfound { + rcode = notfound +} +always ok { + rcode = ok + simulcount = 0 + mpp = no +} diff --git a/server/raddb/modules/attr_filter b/server/raddb/modules/attr_filter new file mode 100644 index 0000000..535e2a0 --- /dev/null +++ b/server/raddb/modules/attr_filter @@ -0,0 +1,38 @@ +# -*- text -*- +# +# $Id$ + +# +# This file defines a number of instances of the "attr_filter" module. +# + +# attr_filter - filters the attributes received in replies from +# proxied servers, to make sure we send back to our RADIUS client +# only allowed attributes. +attr_filter attr_filter.post-proxy { + attrsfile = ${confdir}/attrs +} + +# attr_filter - filters the attributes in the packets we send to +# the RADIUS home servers. +attr_filter attr_filter.pre-proxy { + attrsfile = ${confdir}/attrs.pre-proxy +} + +# Enforce RFC requirements on the contents of Access-Reject +# packets. See the comments at the top of the file for +# more details. +# +attr_filter attr_filter.access_reject { + key = %{User-Name} + attrsfile = ${confdir}/attrs.access_reject +} + +# Enforce RFC requirements on the contents of the +# Accounting-Response packets. See the comments at the +# top of the file for more details. +# +attr_filter attr_filter.accounting_response { + key = %{User-Name} + attrsfile = ${confdir}/attrs.accounting_response +} diff --git a/server/raddb/modules/attr_rewrite b/server/raddb/modules/attr_rewrite new file mode 100644 index 0000000..f131d98 --- /dev/null +++ b/server/raddb/modules/attr_rewrite @@ -0,0 +1,55 @@ +# -*- text -*- +# +# $Id$ + +# rewrite arbitrary packets. Useful in accounting and authorization. +# +# As of 2.0, much of the functionality of this module is in "unlang". +# You should probably investigate using that before trying to use +# the "attr_rewrite" module. +# +# +# The module can also use the Rewrite-Rule attribute. If it +# is set and matches the name of the module instance, then +# that module instance will be the only one which runs. +# +# Also if new_attribute is set to yes then a new attribute +# will be created containing the value replacewith and it +# will be added to searchin (packet, reply, proxy, +# proxy_reply or config). +# +# searchfor,ignore_case and max_matches will be ignored in that case. +# +# Backreferences are supported. +# %{0} will contain the string the whole match +# %{1} to %{8} will contain the contents of the 1st to +# the 8th parentheses +# +# If max_matches is greater than one, the backreferences will +# correspond to the first attributed that matched. + +# +attr_rewrite sanecallerid { + attribute = Called-Station-Id + # may be "packet", "reply", "proxy", "proxy_reply" or "config" + searchin = packet + searchfor = "[+ ]" + replacewith = "" + ignore_case = no + new_attribute = no + max_matches = 10 + + ## If set to yes then the replace string will be + ## appended to the original string + append = no +} + +attr_rewrite addclientip { + attribute = Client-IP-Address + searchin = packet + searchfor = "^$" + replacewith = "%{Client-IP-Address}" + maxmatches = 1 + new_attribute = yes +} + diff --git a/server/raddb/modules/chap b/server/raddb/modules/chap new file mode 100644 index 0000000..e2a3cd3 --- /dev/null +++ b/server/raddb/modules/chap @@ -0,0 +1,11 @@ +# -*- text -*- +# +# $Id$ + +# CHAP module +# +# To authenticate requests containing a CHAP-Password attribute. +# +chap { + # no configuration +} diff --git a/server/raddb/modules/checkval b/server/raddb/modules/checkval new file mode 100644 index 0000000..ed26e57 --- /dev/null +++ b/server/raddb/modules/checkval @@ -0,0 +1,44 @@ +# -*- text -*- +# +# $Id$ + +# A simple value checking module +# +# As of 2.0, much of the functionality of this module is in "unlang". +# You should probably investigate using that before trying to use +# the "checkval" module. +# +# It can be used to check if an attribute value in the request +# matches a (possibly multi valued) attribute in the check +# items This can be used for example for caller-id +# authentication. For the module to run, both the request +# attribute and the check items attribute must exist +# +# i.e. +# A user has an ldap entry with 2 radiusCallingStationId +# attributes with values "12345678" and "12345679". If we +# enable rlm_checkval, then any request which contains a +# Calling-Station-Id with one of those two values will be +# accepted. Requests with other values for +# Calling-Station-Id will be rejected. +# +# Regular expressions in the check attribute value are allowed +# as long as the operator is '=~' +# +checkval { + # The attribute to look for in the request + item-name = Calling-Station-Id + + # The attribute to look for in check items. Can be multi valued + check-name = Calling-Station-Id + + # The data type. Can be + # string,integer,ipaddr,date,abinary,octets + data-type = string + + # If set to yes and we dont find the item-name attribute in the + # request then we send back a reject + # DEFAULT is no + #notfound-reject = no +} + diff --git a/server/raddb/modules/counter b/server/raddb/modules/counter new file mode 100644 index 0000000..2dad39a --- /dev/null +++ b/server/raddb/modules/counter @@ -0,0 +1,82 @@ +# -*- text -*- +# +# $Id$ + +# counter module: +# This module takes an attribute (count-attribute). +# It also takes a key, and creates a counter for each unique +# key. The count is incremented when accounting packets are +# received by the server. The value of the increment depends +# on the attribute type. +# If the attribute is Acct-Session-Time or of an integer type we add +# the value of the attribute. If it is anything else we increase the +# counter by one. +# +# The 'reset' parameter defines when the counters are all reset to +# zero. It can be hourly, daily, weekly, monthly or never. +# +# hourly: Reset on 00:00 of every hour +# daily: Reset on 00:00:00 every day +# weekly: Reset on 00:00:00 on sunday +# monthly: Reset on 00:00:00 of the first day of each month +# +# It can also be user defined. It should be of the form: +# num[hdwm] where: +# h: hours, d: days, w: weeks, m: months +# If the letter is ommited days will be assumed. In example: +# reset = 10h (reset every 10 hours) +# reset = 12 (reset every 12 days) +# +# +# The check-name attribute defines an attribute which will be +# registered by the counter module and can be used to set the +# maximum allowed value for the counter after which the user +# is rejected. +# Something like: +# +# DEFAULT Max-Daily-Session := 36000 +# Fall-Through = 1 +# +# You should add the counter module in the instantiate +# section so that it registers check-name before the files +# module reads the users file. +# +# If check-name is set and the user is to be rejected then we +# send back a Reply-Message and we log a Failure-Message in +# the radius.log +# +# If the count attribute is Acct-Session-Time then on each +# login we send back the remaining online time as a +# Session-Timeout attribute ELSE and if the reply-name is +# set, we send back that attribute. The reply-name attribute +# MUST be of an integer type. +# +# The counter-name can also be used instead of using the check-name +# like below: +# +# DEFAULT Daily-Session-Time > 3600, Auth-Type = Reject +# Reply-Message = "You've used up more than one hour today" +# +# The allowed-servicetype attribute can be used to only take +# into account specific sessions. For example if a user first +# logs in through a login menu and then selects ppp there will +# be two sessions. One for Login-User and one for Framed-User +# service type. We only need to take into account the second one. +# +# The module should be added in the instantiate, authorize and +# accounting sections. Make sure that in the authorize +# section it comes after any module which sets the +# 'check-name' attribute. +# +counter daily { + filename = ${db_dir}/db.daily + key = User-Name + count-attribute = Acct-Session-Time + reset = daily + counter-name = Daily-Session-Time + check-name = Max-Daily-Session + reply-name = Session-Timeout + allowed-servicetype = Framed-User + cache-size = 5000 +} + diff --git a/server/raddb/modules/detail b/server/raddb/modules/detail new file mode 100644 index 0000000..3183cd7 --- /dev/null +++ b/server/raddb/modules/detail @@ -0,0 +1,63 @@ +# -*- text -*- +# +# $Id$ + +# Write a detailed log of all accounting records received. +# +detail { + # Note that we do NOT use NAS-IP-Address here, as + # that attribute MAY BE from the originating NAS, and + # NOT from the proxy which actually sent us the + # request. The Client-IP-Address attribute is ALWAYS + # the address of the client which sent us the + # request. + # + # The following line creates a new detail file for + # every radius client (by IP address or hostname). + # In addition, a new detail file is created every + # day, so that the detail file doesn't have to go + # through a 'log rotation' + # + # If your detail files are large, you may also want + # to add a ':%H' (see doc/variables.txt) to the end + # of it, to create a new detail file every hour, e.g.: + # + # ..../detail-%Y%m%d:%H + # + # This will create a new detail file for every hour. + # + detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d + + # + # The Unix-style permissions on the 'detail' file. + # + # The detail file often contains secret or private + # information about users. So by keeping the file + # permissions restrictive, we can prevent unwanted + # people from seeing that information. + detailperm = 0600 + + # + # Every entry in the detail file has a header which + # is a timestamp. By default, we use the ctime + # format (see "man ctime" for details). + # + # The header can be customized by editing this + # string. See "doc/variables.txt" for a description + # of what can be put here. + # + header = "%t" + + # + # Certain attributes such as User-Password may be + # "sensitive", so they should not be printed in the + # detail file. This section lists the attributes + # that should be suppressed. + # + # The attributes should be listed one to a line. + # + #suppress { + # User-Password + #} + +} diff --git a/server/raddb/modules/detail.example.com b/server/raddb/modules/detail.example.com new file mode 100644 index 0000000..aba83aa --- /dev/null +++ b/server/raddb/modules/detail.example.com @@ -0,0 +1,27 @@ +# -*- text -*- +# +# Detail file writer, used in the following examples: +# +# raddb/sites-available/robust-proxy-accounting +# raddb/sites-available/decoupled-accounting +# +# Note that this module can write detail files that are read by +# only ONE "listen" section. If you use BOTH of the examples +# above, you will need to define TWO "detail" modules. +# +# e.g. detail1.example.com && detail2.example.com +# +# +# We write *multiple* detail files here. They will be processed by +# the detail "listen" section in the order that they were created. +# The directory containing these files should NOT be used for any +# other purposes. i.e. It should have NO other files in it. +# +# Writing multiple detail enables the server to process the pieces +# in smaller chunks. This helps in certain catastrophic corner cases. +# +# $Id$ +# +detail detail.example.com { + detailfile = ${radacctdir}/detail.example.com/detail-%Y%m%d:%H +} diff --git a/server/raddb/modules/detail.log b/server/raddb/modules/detail.log new file mode 100644 index 0000000..9b11245 --- /dev/null +++ b/server/raddb/modules/detail.log @@ -0,0 +1,75 @@ +# -*- text -*- +# +# $Id$ + +# +# More examples of doing detail logs. + +# +# Many people want to log authentication requests. +# Rather than modifying the server core to print out more +# messages, we can use a different instance of the 'detail' +# module, to log the authentication requests to a file. +# +# You will also need to un-comment the 'auth_log' line +# in the 'authorize' section, below. +# +detail auth_log { + detailfile = ${radacctdir}/%{Client-IP-Address}/auth-detail-%Y%m%d + + # + # This MUST be 0600, otherwise anyone can read + # the users passwords! + detailperm = 0600 + + # You may also strip out passwords completely + suppress { + User-Password + } +} + +# +# This module logs authentication reply packets sent +# to a NAS. Both Access-Accept and Access-Reject packets +# are logged. +# +# You will also need to un-comment the 'reply_log' line +# in the 'post-auth' section, below. +# +detail reply_log { + detailfile = ${radacctdir}/%{Client-IP-Address}/reply-detail-%Y%m%d + + detailperm = 0600 +} + +# +# This module logs packets proxied to a home server. +# +# You will also need to un-comment the 'pre_proxy_log' line +# in the 'pre-proxy' section, below. +# +detail pre_proxy_log { + detailfile = ${radacctdir}/%{Client-IP-Address}/pre-proxy-detail-%Y%m%d + + # + # This MUST be 0600, otherwise anyone can read + # the users passwords! + detailperm = 0600 + + # You may also strip out passwords completely + #suppress { + # User-Password + #} +} + +# +# This module logs response packets from a home server. +# +# You will also need to un-comment the 'post_proxy_log' line +# in the 'post-proxy' section, below. +# +detail post_proxy_log { + detailfile = ${radacctdir}/%{Client-IP-Address}/post-proxy-detail-%Y%m%d + + detailperm = 0600 +} diff --git a/server/raddb/modules/digest b/server/raddb/modules/digest new file mode 100644 index 0000000..f0aa9ed --- /dev/null +++ b/server/raddb/modules/digest @@ -0,0 +1,13 @@ +# -*- text -*- +# +# $Id$ + +# +# The 'digest' module currently has no configuration. +# +# "Digest" authentication against a Cisco SIP server. +# See 'doc/rfc/draft-sterman-aaa-sip-00.txt' for details +# on performing digest authentication for Cisco SIP servers. +# +digest { +} diff --git a/server/raddb/modules/echo b/server/raddb/modules/echo new file mode 100644 index 0000000..ea49eb1 --- /dev/null +++ b/server/raddb/modules/echo @@ -0,0 +1,111 @@ +# -*- text -*- +# +# $Id$ + +# +# This is a more general example of the execute module. +# +# This one is called "echo". +# +# Attribute-Name = `%{echo:/path/to/program args}` +# +# If you wish to execute an external program in more than +# one section (e.g. 'authorize', 'pre_proxy', etc), then it +# is probably best to define a different instance of the +# 'exec' module for every section. +# +# The return value of the program run determines the result +# of the exec instance call as follows: +# (See doc/configurable_failover for details) +# +# < 0 : fail the module failed +# = 0 : ok the module succeeded +# = 1 : reject the module rejected the user +# = 2 : fail the module failed +# = 3 : ok the module succeeded +# = 4 : handled the module has done everything to handle the request +# = 5 : invalid the user's configuration entry was invalid +# = 6 : userlock the user was locked out +# = 7 : notfound the user was not found +# = 8 : noop the module did nothing +# = 9 : updated the module updated information in the request +# > 9 : fail the module failed +# +exec echo { + # + # Wait for the program to finish. + # + # If we do NOT wait, then the program is "fire and + # forget", and any output attributes from it are ignored. + # + # If we are looking for the program to output + # attributes, and want to add those attributes to the + # request, then we MUST wait for the program to + # finish, and therefore set 'wait=yes' + # + # allowed values: {no, yes} + wait = yes + + # + # The name of the program to execute, and it's + # arguments. Dynamic translation is done on this + # field, so things like the following example will + # work. + # + program = "/bin/echo %{User-Name}" + + # + # The attributes which are placed into the + # environment variables for the program. + # + # Allowed values are: + # + # request attributes from the request + # config attributes from the configuration items list + # reply attributes from the reply + # proxy-request attributes from the proxy request + # proxy-reply attributes from the proxy reply + # + # Note that some attributes may not exist at some + # stages. e.g. There may be no proxy-reply + # attributes if this module is used in the + # 'authorize' section. + # + input_pairs = request + + # + # Where to place the output attributes (if any) from + # the executed program. The values allowed, and the + # restrictions as to availability, are the same as + # for the input_pairs. + # + output_pairs = reply + + # + # When to execute the program. If the packet + # type does NOT match what's listed here, then + # the module does NOT execute the program. + # + # For a list of allowed packet types, see + # the 'dictionary' file, and look for VALUEs + # of the Packet-Type attribute. + # + # By default, the module executes on ANY packet. + # Un-comment out the following line to tell the + # module to execute only if an Access-Accept is + # being sent to the NAS. + # + #packet_type = Access-Accept + + # + # Should we escape the environment variables? + # + # If this is set, all the RADIUS attributes + # are capitalised and dashes replaced with + # underscores. Also, RADIUS values are surrounded + # with double-quotes. + # + # That is to say: User-Name=BobUser => USER_NAME="BobUser" + shell_escape = yes + +} diff --git a/server/raddb/modules/etc_group b/server/raddb/modules/etc_group new file mode 100644 index 0000000..fb10684 --- /dev/null +++ b/server/raddb/modules/etc_group @@ -0,0 +1,25 @@ +# -*- text -*- +# +# $Id$ + +# "passwd" configuration, for the /etc/group file. Adds a Etc-Group-Name +# attribute for every group that the user is member of. +# +# You will have to define the Etc-Group-Name in the 'dictionary' file +# as a 'string' type. +# +# The Group-Name attribute is automatically created by the Unix module, +# and does checking against /etc/group automatically. +# +# i.e. this module should NOT be used as-is, but should be edited to +# point to a different group file. +# +passwd etc_group { + filename = /etc/group + format = "=Etc-Group-Name:::*,User-Name" + hashsize = 50 + ignorenislike = yes + allowmultiplekeys = yes + delimiter = ":" +} + diff --git a/server/raddb/modules/exec b/server/raddb/modules/exec new file mode 100644 index 0000000..ba3d59f --- /dev/null +++ b/server/raddb/modules/exec @@ -0,0 +1,29 @@ +# -*- text -*- +# +# $Id$ + +# +# Execute external programs +# +# This module is useful only for 'xlat'. To use it, +# put 'exec' into the 'instantiate' section. You can then +# do dynamic translation of attributes like: +# +# Attribute-Name = `%{exec:/path/to/program args}` +# +# The value of the attribute will be replaced with the output +# of the program which is executed. Due to RADIUS protocol +# limitations, any output over 253 bytes will be ignored. +# +# The RADIUS attributes from the user request will be placed +# into environment variables of the executed program, as +# described in "man unlang" and in doc/variables.txt +# +# See also "echo" for more sample configuration. +# +exec { + wait = no + input_pairs = request + shell_escape = yes + output = none +} diff --git a/server/raddb/modules/expiration b/server/raddb/modules/expiration new file mode 100644 index 0000000..8bbd889 --- /dev/null +++ b/server/raddb/modules/expiration @@ -0,0 +1,19 @@ +# -*- text -*- +# +# $Id$ + +# +# The expiration module. This handles the Expiration attribute +# It should be included in the *end* of the authorize section +# in order to handle user Expiration. It should also be included +# in the instantiate section in order to register the Expiration +# compare function +# +expiration { + # + # The Reply-Message which will be sent back in case the + # account has expired. Dynamic substitution is supported + # + reply-message = "Password Has Expired\r\n" + #reply-message = "Your account has expired, %{User-Name}\r\n" +} diff --git a/server/raddb/modules/expr b/server/raddb/modules/expr new file mode 100644 index 0000000..6caeb9b --- /dev/null +++ b/server/raddb/modules/expr @@ -0,0 +1,20 @@ +# -*- text -*- +# +# $Id$ + +# +# The 'expression' module currently has no configuration. +# +# This module is useful only for 'xlat'. To use it, +# put 'expr' into the 'instantiate' section. You can then +# do dynamic translation of attributes like: +# +# Attribute-Name = `%{expr:2 + 3 + %{exec: uid -u}}` +# +# The value of the attribute will be replaced with the output +# of the program which is executed. Due to RADIUS protocol +# limitations, any output over 253 bytes will be ignored. +# +# The module also registers a few paircompare functions +expr { +} diff --git a/server/raddb/modules/files b/server/raddb/modules/files new file mode 100644 index 0000000..6275b6a --- /dev/null +++ b/server/raddb/modules/files @@ -0,0 +1,22 @@ +# -*- text -*- +# +# $Id$ + +# Livingston-style 'users' file +# +files { + # The default key attribute to use for matches. The content + # of this attribute is used to match the "name" of the + # entry. + #key = "%{Stripped-User-Name:-%{User-Name}}" + + usersfile = ${confdir}/users + acctusersfile = ${confdir}/acct_users + preproxy_usersfile = ${confdir}/preproxy_users + + # If you want to use the old Cistron 'users' file + # with FreeRADIUS, you should change the next line + # to 'compat = cistron'. You can the copy your 'users' + # file from Cistron. + compat = no +} diff --git a/server/raddb/modules/inner-eap b/server/raddb/modules/inner-eap new file mode 100644 index 0000000..0a26c9c --- /dev/null +++ b/server/raddb/modules/inner-eap @@ -0,0 +1,161 @@ +# -*- text -*- +# +# $Id$ + +# +# Sample configuration for an EAP module that occurs *inside* +# of a tunneled method. It is used to limit the EAP types that +# can occur inside of the inner tunnel. +# +# See also raddb/sites-available/inner-tunnel +# +# To use this module, edit raddb/sites-available/inner-tunnel, and +# replace the references to "eap" with "inner-eap". +# +# See raddb/eap.conf for full documentation on the meaning of the +# configuration entries here. +# +eap inner-eap { + # This is the best choice for PEAP. + default_eap_type = mschapv2 + timer_expire = 60 + + # This should be the same as the outer eap "max sessions" + max_sessions = 2048 + + # Supported EAP-types + md5 { + } + + gtc { + # The default challenge, which many clients + # ignore.. + #challenge = "Password: " + + auth_type = PAP + } + + mschapv2 { + } + + # No TTLS or PEAP configuration should be listed here. + + ## EAP-TLS + # + # You SHOULD use different certificates than are used + # for the outer EAP configuration! + # + # Support for PEAP/TLS and RFC 5176 TLS/TLS is experimental. + # + tls { + # + # These is used to simplify later configurations. + # + certdir = ${confdir}/certs + cadir = ${confdir}/certs + + private_key_password = whatever + private_key_file = ${certdir}/server.pem + + # If Private key & Certificate are located in + # the same file, then private_key_file & + # certificate_file must contain the same file + # name. + # + # If CA_file (below) is not used, then the + # certificate_file below MUST include not + # only the server certificate, but ALSO all + # of the CA certificates used to sign the + # server certificate. + certificate_file = ${certdir}/server.pem + + # Trusted Root CA list + # + # ALL of the CA's in this list will be trusted + # to issue client certificates for authentication. + # + # In general, you should use self-signed + # certificates for 802.1x (EAP) authentication. + # In that case, this CA file should contain + # *one* CA certificate. + # + # This parameter is used only for EAP-TLS, + # when you issue client certificates. If you do + # not use client certificates, and you do not want + # to permit EAP-TLS authentication, then delete + # this configuration item. + CA_file = ${cadir}/ca.pem + + # + # For DH cipher suites to work, you have to + # run OpenSSL to create the DH file first: + # + # openssl dhparam -out certs/dh 1024 + # + dh_file = ${certdir}/dh + random_file = ${certdir}/random + + # + # This can never exceed the size of a RADIUS + # packet (4096 bytes), and is preferably half + # that, to accomodate other attributes in + # RADIUS packet. On most APs the MAX packet + # length is configured between 1500 - 1600 + # In these cases, fragment size should be + # 1024 or less. + # + # fragment_size = 1024 + + # include_length is a flag which is + # by default set to yes If set to + # yes, Total Length of the message is + # included in EVERY packet we send. + # If set to no, Total Length of the + # message is included ONLY in the + # First packet of a fragment series. + # + # include_length = yes + + # Check the Certificate Revocation List + # + # 1) Copy CA certificates and CRLs to same directory. + # 2) Execute 'c_rehash '. + # 'c_rehash' is OpenSSL's command. + # 3) uncomment the line below. + # 5) Restart radiusd + # check_crl = yes + # CA_path = /path/to/directory/with/ca_certs/and/crls/ + + # + # If check_cert_issuer is set, the value will + # be checked against the DN of the issuer in + # the client certificate. If the values do not + # match, the cerficate verification will fail, + # rejecting the user. + # + # check_cert_issuer = "/C=GB/ST=Berkshire/L=Newbury/O=My Company Ltd" + + # + # If check_cert_cn is set, the value will + # be xlat'ed and checked against the CN + # in the client certificate. If the values + # do not match, the certificate verification + # will fail rejecting the user. + # + # This check is done only if the previous + # "check_cert_issuer" is not set, or if + # the check succeeds. + # + # check_cert_cn = %{User-Name} + # + # Set this option to specify the allowed + # TLS cipher suites. The format is listed + # in "man 1 ciphers". + cipher_list = "DEFAULT" + + # + # The session resumption / fast reauthentication + # cache CANNOT be used for inner sessions. + # + } +} diff --git a/server/raddb/modules/ippool b/server/raddb/modules/ippool new file mode 100644 index 0000000..05561cf --- /dev/null +++ b/server/raddb/modules/ippool @@ -0,0 +1,75 @@ +# -*- text -*- +# +# $Id$ + +# Do server side ip pool management. Should be added in +# post-auth and accounting sections. +# +# The module also requires the existance of the Pool-Name +# attribute. That way the administrator can add the Pool-Name +# attribute in the user profiles and use different pools for +# different users. The Pool-Name attribute is a *check* item +# not a reply item. +# +# The Pool-Name should be set to the ippool module instance +# name or to DEFAULT to match any module. + +# +# Example: +# radiusd.conf: ippool students { [...] } +# ippool teachers { [...] } +# users file : DEFAULT Group == students, Pool-Name := "students" +# DEFAULT Group == teachers, Pool-Name := "teachers" +# DEFAULT Group == other, Pool-Name := "DEFAULT" +# +# ********* IF YOU CHANGE THE RANGE PARAMETERS YOU MUST ********* +# ********* THEN ERASE THE DB FILES ********* +# +ippool main_pool { + + # range-start,range-stop: + # The start and end ip addresses for this pool. + range-start = 192.168.1.1 + range-stop = 192.168.3.254 + + # netmask: + # The network mask used for this pool. + netmask = 255.255.255.0 + + # cache-size: + # The gdbm cache size for the db files. Should + # be equal to the number of ip's available in + # the ip pool + cache-size = 800 + + # session-db: + # The main db file used to allocate addresses. + session-db = ${db_dir}/db.ippool + + # ip-index: + # Helper db index file used in multilink + ip-index = ${db_dir}/db.ipindex + + # override: + # If set, the Framed-IP-Address already in the + # reply (if any) will be discarded, and replaced + # with a Framed-IP-Address assigned here. + override = no + + # maximum-timeout: + # Specifies the maximum time in seconds that an + # entry may be active. If set to zero, means + # "no timeout". The default value is 0 + maximum-timeout = 0 + + # key: + # The key to use for the session database (which + # holds the allocated ip's) normally it should + # just be the nas ip/port (which is the default). + # + # If your NAS sends the same value of NAS-Port + # all requests, the key should be based on some + # other attribute that is in ALL requests, AND + # is unique to each machine needing an IP address. + #key = "%{NAS-IP-Address} %{NAS-Port}" +} diff --git a/server/raddb/modules/jradius b/server/raddb/modules/jradius new file mode 100644 index 0000000..42fe4da --- /dev/null +++ b/server/raddb/modules/jradius @@ -0,0 +1,10 @@ +jradius { + name = "coova" + primary = "localhost" + secondary = "192.168.0.1" + timeout = 20 + keepalive = yes + connections = 10 + onfail = NOOP + allow_codechange = yes +} diff --git a/server/raddb/modules/krb5 b/server/raddb/modules/krb5 new file mode 100644 index 0000000..81d1cf2 --- /dev/null +++ b/server/raddb/modules/krb5 @@ -0,0 +1,11 @@ +# -*- text -*- +# +# $Id$ + +# +# Kerberos. See doc/rlm_krb5 for minimal docs. +# +krb5 { + keytab = /path/to/keytab + service_principal = name_of_principle +} diff --git a/server/raddb/modules/ldap b/server/raddb/modules/ldap new file mode 100644 index 0000000..2d7d2fd --- /dev/null +++ b/server/raddb/modules/ldap @@ -0,0 +1,160 @@ +# -*- text -*- +# +# $Id$ + +# Lightweight Directory Access Protocol (LDAP) +# +# This module definition allows you to use LDAP for +# authorization and authentication. +# +# See raddb/sites-available/default for reference to the +# ldap module in the authorize and authenticate sections. +# +# However, LDAP can be used for authentication ONLY when the +# Access-Request packet contains a clear-text User-Password +# attribute. LDAP authentication will NOT work for any other +# authentication method. +# +# This means that LDAP servers don't understand EAP. If you +# force "Auth-Type = LDAP", and then send the server a +# request containing EAP authentication, then authentication +# WILL NOT WORK. +# +# The solution is to use the default configuration, which does +# work. +# +# Setting "Auth-Type = LDAP" is ALMOST ALWAYS WRONG. We +# really can't emphasize this enough. +# +ldap { + # + # Note that this needs to match the name in the LDAP + # server certificate, if you're using ldaps. + server = "ldap.your.domain" + #identity = "cn=admin,o=My Org,c=UA" + #password = mypass + basedn = "o=My Org,c=UA" + filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" + #base_filter = "(objectclass=radiusprofile)" + + # How many connections to keep open to the LDAP server. + # This saves time over opening a new LDAP socket for + # every authentication request. + ldap_connections_number = 5 + + # seconds to wait for LDAP query to finish. default: 20 + timeout = 4 + + # seconds LDAP server has to process the query (server-side + # time limit). default: 20 + # + # LDAP_OPT_TIMELIMIT is set to this value. + timelimit = 3 + + # + # seconds to wait for response of the server. (network + # failures) default: 10 + # + # LDAP_OPT_NETWORK_TIMEOUT is set to this value. + net_timeout = 1 + + # + # This subsection configures the tls related items + # that control how FreeRADIUS connects to an LDAP + # server. It contains all of the "tls_*" configuration + # entries used in older versions of FreeRADIUS. Those + # configuration entries can still be used, but we recommend + # using these. + # + tls { + # Set this to 'yes' to use TLS encrypted connections + # to the LDAP database by using the StartTLS extended + # operation. + # + # The StartTLS operation is supposed to be + # used with normal ldap connections instead of + # using ldaps (port 689) connections + start_tls = no + + # cacertfile = /path/to/cacert.pem + # cacertdir = /path/to/ca/dir/ + # certfile = /path/to/radius.crt + # keyfile = /path/to/radius.key + # randfile = /path/to/rnd + + # Certificate Verification requirements. Can be: + # "never" (don't even bother trying) + # "allow" (try, but don't fail if the cerificate + # can't be verified) + # "demand" (fail if the certificate doesn't verify.) + # + # The default is "allow" + # require_cert = "demand" + } + + # default_profile = "cn=radprofile,ou=dialup,o=My Org,c=UA" + # profile_attribute = "radiusProfileDn" + # access_attr = "dialupAccess" + + # Mapping of RADIUS dictionary attributes to LDAP + # directory attributes. + dictionary_mapping = ${confdir}/ldap.attrmap + + # Set password_attribute = nspmPassword to get the + # user's password from a Novell eDirectory + # backend. This will work ONLY IF FreeRADIUS has been + # built with the --with-edir configure option. + # + # See also the following links: + # + # http://www.novell.com/coolsolutions/appnote/16745.html + # https://secure-support.novell.com/KanisaPlatform/Publishing/558/3009668_f.SAL_Public.html + # + # Novell may require TLS encrypted sessions before returning + # the user's password. + # + # password_attribute = userPassword + + # Un-comment the following to disable Novell + # eDirectory account policy check and intruder + # detection. This will work *only if* FreeRADIUS is + # configured to build with --with-edir option. + # + edir_account_policy_check = no + + # + # Group membership checking. Disabled by default. + # + # groupname_attribute = cn + # groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))" + # groupmembership_attribute = radiusGroupName + + # compare_check_items = yes + # do_xlat = yes + # access_attr_used_for_allow = yes + + # + # By default, if the packet contains a User-Password, + # and no other module is configured to handle the + # authentication, the LDAP module sets itself to do + # LDAP bind for authentication. + # + # THIS WILL ONLY WORK FOR PAP AUTHENTICATION. + # + # THIS WILL NOT WORK FOR CHAP, MS-CHAP, or 802.1x (EAP). + # + # You can disable this behavior by setting the following + # configuration entry to "no". + # + # allowed values: {no, yes} + # set_auth_type = yes + + # ldap_debug: debug flag for LDAP SDK + # (see OpenLDAP documentation). Set this to enable + # huge amounts of LDAP debugging on the screen. + # You should only use this if you are an LDAP expert. + # + # default: 0x0000 (no debugging messages) + # Example:(LDAP_DEBUG_FILTER+LDAP_DEBUG_CONNS) + #ldap_debug = 0x0028 +} diff --git a/server/raddb/modules/linelog b/server/raddb/modules/linelog new file mode 100644 index 0000000..30a0d34 --- /dev/null +++ b/server/raddb/modules/linelog @@ -0,0 +1,83 @@ +# -*- text -*- +# +# $Id$ + +# +# The "linelog" module will log one line of text to a file. +# Both the filename and the line of text are dynamically expanded. +# +# We STRONGLY suggest that you do not use data from the +# packet as part of the filename. +# +linelog { + # + # The file where the logs will go. + # + # If the filename is "syslog", then the log messages will + # go to syslog. + filename = ${logdir}/linelog + + # + # The default format string. + format = "This is a log message for %{User-Name}" + + # + # This next line can be omitted. If it is omitted, then + # the log message is static, and is always given by "format", + # above. + # + # If it is defined, then the string is dynamically expanded, + # and the result is used to find another configuration entry + # here, with the given name. That name is then used as the + # format string. + # + # If the configuration entry cannot be found, then no log + # message is printed. + # + # i.e. You can have many log messages in one "linelog" module. + # If this two-step expansion did not exist, you would have + # needed to configure one "linelog" module for each log message. + + # + # Reference the Packet-Type (Access-Request, etc.) If it doesn't + # exist, reference the "format" entry, above. + reference = "%{%{Packet-Type}:-format}" + + # + # Followed by a series of log messages. + Access-Request = "Requested access: %{User-Name}" + Access-Reject = "Rejected access: %{User-Name}" + Access-Challenge = "Sent challenge: %{User-Name}" + + # + # The log messages can be grouped into sections and + # sub-sections, too. The "reference" item needs to have a "." + # for every section. e.g. reference = foo.bar will reference + # the "foo" section, "bar" configuration item. + # + + # + # Used if: reference = "foo.bar". + foo { + bar = "Example log. Please ignore" + } + + # + # Another example: + # reference = "Accounting-Request.%{%{Acct-Status-Type}:-unknown}" + # + Accounting-Request { + Start = "Connect: [%{User-Name}] (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} ip %{Framed-IP-Address})" + Stop = "Disconnect: [%{User-Name}] (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} ip %{Framed-IP-Address}) %{Acct-Session-Time} seconds" + + # Don't log anything for these packets. + Alive = "" + + Accounting-On = "NAS %C (%{NAS-IP-Address}) just came online" + Accounting-Off = "NAS %C (%{NAS-IP-Address}) just went offline" + + # don't log anything for other Acct-Status-Types. + unknown = "" + } + +} diff --git a/server/raddb/modules/logintime b/server/raddb/modules/logintime new file mode 100644 index 0000000..26691a9 --- /dev/null +++ b/server/raddb/modules/logintime @@ -0,0 +1,31 @@ +# -*- text -*- +# +# $Id$ + +# The logintime module. This handles the Login-Time, +# Current-Time, and Time-Of-Day attributes. It should be +# included in the *end* of the authorize section in order to +# handle Login-Time checks. It should also be included in the +# instantiate section in order to register the Current-Time +# and Time-Of-Day comparison functions. +# +# When the Login-Time attribute is set to some value, and the +# user has bene permitted to log in, a Session-Timeout is +# calculated based on the remaining time. See "doc/README". +# +logintime { + # + # The Reply-Message which will be sent back in case + # the account is calling outside of the allowed + # timespan. Dynamic substitution is supported. + # + reply-message = "You are calling outside your allowed timespan\r\n" + #reply-message = "Outside allowed timespan (%{control:Login-Time}), %{User-Name}\r\n" + + # The minimum timeout (in seconds) a user is allowed + # to have. If the calculated timeout is lower we don't + # allow the logon. Some NASes do not handle values + # lower than 60 seconds well. + minimum-timeout = 60 +} + diff --git a/server/raddb/modules/mac2ip b/server/raddb/modules/mac2ip new file mode 100644 index 0000000..793d569 --- /dev/null +++ b/server/raddb/modules/mac2ip @@ -0,0 +1,25 @@ +# -*- text -*- +# +# $Id$ + +###################################################################### +# +# This next section is a sample configuration for the "passwd" +# module, that reads flat-text files. +# +# The file is in the format , +# +# 00:01:02:03:04:05,192.168.1.100 +# 01:01:02:03:04:05,192.168.1.101 +# 02:01:02:03:04:05,192.168.1.102 +# +# This lets you perform simple static IP assignments from a flat-text +# file. You will have to define lease times yourself. +# +###################################################################### + +passwd mac2ip { + filename = ${confdir}/mac2ip + format = "*DHCP-Client-Hardware-Address:=DHCP-Your-IP-Address" + delimiter = "," +} diff --git a/server/raddb/modules/mac2vlan b/server/raddb/modules/mac2vlan new file mode 100644 index 0000000..bdfef23 --- /dev/null +++ b/server/raddb/modules/mac2vlan @@ -0,0 +1,18 @@ +# -*- text -*- +# +# $Id$ + +# A simple file to map a MAC address to a VLAN. +# +# The file should be in the format MAC,VLAN +# the VLAN name cannot have spaces in it, for example: +# +# 00:01:02:03:04:05,VLAN1 +# 03:04:05:06:07:08,VLAN2 +# ... +# +passwd mac2vlan { + filename = ${confdir}/mac2vlan + format = "*VMPS-Mac:=VMPS-VLAN-Name" + delimiter = "," +} diff --git a/server/raddb/modules/mschap b/server/raddb/modules/mschap new file mode 100644 index 0000000..c6cf24e --- /dev/null +++ b/server/raddb/modules/mschap @@ -0,0 +1,66 @@ +# -*- text -*- +# +# $Id$ + +# Microsoft CHAP authentication +# +# This module supports MS-CHAP and MS-CHAPv2 authentication. +# It also enforces the SMB-Account-Ctrl attribute. +# +mschap { + # + # If you are using /etc/smbpasswd, see the 'passwd' + # module for an example of how to use /etc/smbpasswd + + # if use_mppe is not set to no mschap will + # add MS-CHAP-MPPE-Keys for MS-CHAPv1 and + # MS-MPPE-Recv-Key/MS-MPPE-Send-Key for MS-CHAPv2 + # + #use_mppe = no + + # if mppe is enabled require_encryption makes + # encryption moderate + # + #require_encryption = yes + + # require_strong always requires 128 bit key + # encryption + # + #require_strong = yes + + # Windows sends us a username in the form of + # DOMAIN\user, but sends the challenge response + # based on only the user portion. This hack + # corrects for that incorrect behavior. + # + #with_ntdomain_hack = no + + # The module can perform authentication itself, OR + # use a Windows Domain Controller. This configuration + # directive tells the module to call the ntlm_auth + # program, which will do the authentication, and return + # the NT-Key. Note that you MUST have "winbindd" and + # "nmbd" running on the local machine for ntlm_auth + # to work. See the ntlm_auth program documentation + # for details. + # + # If ntlm_auth is configured below, then the mschap + # module will call ntlm_auth for every MS-CHAP + # authentication request. If there is a cleartext + # or NT hashed password available, you can set + # "MS-CHAP-Use-NTLM-Auth := No" in the control items, + # and the mschap module will do the authentication itself, + # without calling ntlm_auth. + # + # Be VERY careful when editing the following line! + # + # You can also try setting the user name as: + # + # ... --username=%{mschap:User-Name} ... + # + # In that case, the mschap module will look at the User-Name + # attribute, and do prefix/suffix checks in order to obtain + # the "best" user name for the request. + # + #ntlm_auth = "/path/to/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}" +} diff --git a/server/raddb/modules/pam b/server/raddb/modules/pam new file mode 100644 index 0000000..f4a91a9 --- /dev/null +++ b/server/raddb/modules/pam @@ -0,0 +1,26 @@ +# -*- text -*- +# +# $Id$ + + +# Pluggable Authentication Modules +# +# For Linux, see: +# http://www.kernel.org/pub/linux/libs/pam/index.html +# +# WARNING: On many systems, the system PAM libraries have +# memory leaks! We STRONGLY SUGGEST that you do not +# use PAM for authentication, due to those memory leaks. +# +pam { + # + # The name to use for PAM authentication. + # PAM looks in /etc/pam.d/${pam_auth_name} + # for it's configuration. See 'redhat/radiusd-pam' + # for a sample PAM configuration file. + # + # Note that any Pam-Auth attribute set in the 'authorize' + # section will over-ride this one. + # + pam_auth = radiusd +} diff --git a/server/raddb/modules/pap b/server/raddb/modules/pap new file mode 100644 index 0000000..447bad4 --- /dev/null +++ b/server/raddb/modules/pap @@ -0,0 +1,18 @@ +# -*- text -*- +# +# $Id$ + +# PAP module to authenticate users based on their stored password +# +# Supports multiple encryption/hash schemes. See "man rlm_pap" +# for details. +# +# The "auto_header" configuration item can be set to "yes". +# In this case, the module will look inside of the User-Password +# attribute for the headers {crypt}, {clear}, etc., and will +# automatically create the attribute on the right-hand side, +# with the correct value. It will also automatically handle +# Base-64 encoded data, hex strings, and binary data. +pap { + auto_header = no +} diff --git a/server/raddb/modules/passwd b/server/raddb/modules/passwd new file mode 100644 index 0000000..7e44256 --- /dev/null +++ b/server/raddb/modules/passwd @@ -0,0 +1,31 @@ +# -*- text -*- +# +# $Id$ + +# passwd module allows to do authorization via any passwd-like +# file and to extract any attributes from these modules +# +# parameters are: +# filename - path to filename +# format - format for filename record. This parameters +# correlates record in the passwd file and RADIUS +# attributes. +# +# Field marked as '*' is key field. That is, the parameter +# with this name from the request is used to search for +# the record from passwd file +# Attribute marked as '=' is added to reply_itmes instead +# of default configure_itmes +# Attribute marked as '~' is added to request_items +# +# Field marked as ',' may contain a comma separated list +# of attributes. +# hashsize - hashtable size. If 0 or not specified records are not +# stored in memory and file is red on every request. +# allowmultiplekeys - if few records for every key are allowed +# ignorenislike - ignore NIS-related records +# delimiter - symbol to use as a field separator in passwd file, +# for format ':' symbol is always used. '\0', '\n' are +# not allowed +# + diff --git a/server/raddb/modules/policy b/server/raddb/modules/policy new file mode 100644 index 0000000..9b1b111 --- /dev/null +++ b/server/raddb/modules/policy @@ -0,0 +1,21 @@ +# -*- text -*- +# +# $Id$ + +# +# Module implementing a DIFFERENT policy language. +# The syntax here is NOT "unlang", but something else. +# +# See the "raddb/policy.txt" file for documentation and examples. +# There isn't much else in the way of documentation, sorry. +# +policy { + # The only configuration item is a filename containing + # the policies to execute. + # + # When "policy" is listed in a section (e.g. "authorize"), + # it will run a policy named for that section. + # + filename = ${confdir}/policy.txt +} + diff --git a/server/raddb/modules/preprocess b/server/raddb/modules/preprocess new file mode 100644 index 0000000..e00aa85 --- /dev/null +++ b/server/raddb/modules/preprocess @@ -0,0 +1,58 @@ +# -*- text -*- +# +# $Id$ + +# Preprocess the incoming RADIUS request, before handing it off +# to other modules. +# +# This module processes the 'huntgroups' and 'hints' files. +# In addition, it re-writes some weird attributes created +# by some NASes, and converts the attributes into a form which +# is a little more standard. +# +preprocess { + huntgroups = ${confdir}/huntgroups + hints = ${confdir}/hints + + # This hack changes Ascend's wierd port numberings + # to standard 0-??? port numbers so that the "+" works + # for IP address assignments. + with_ascend_hack = no + ascend_channels_per_line = 23 + + # Windows NT machines often authenticate themselves as + # NT_DOMAIN\username + # + # If this is set to 'yes', then the NT_DOMAIN portion + # of the user-name is silently discarded. + # + # This configuration entry SHOULD NOT be used. + # See the "realms" module for a better way to handle + # NT domains. + with_ntdomain_hack = no + + # Specialix Jetstream 8500 24 port access server. + # + # If the user name is 10 characters or longer, a "/" + # and the excess characters after the 10th are + # appended to the user name. + # + # If you're not running that NAS, you don't need + # this hack. + with_specialix_jetstream_hack = no + + # Cisco (and Quintum in Cisco mode) sends it's VSA attributes + # with the attribute name *again* in the string, like: + # + # H323-Attribute = "h323-attribute=value". + # + # If this configuration item is set to 'yes', then + # the redundant data in the the attribute text is stripped + # out. The result is: + # + # H323-Attribute = "value" + # + # If you're not running a Cisco or Quintum NAS, you don't + # need this hack. + with_cisco_vsa_hack = no +} diff --git a/server/raddb/modules/radutmp b/server/raddb/modules/radutmp new file mode 100644 index 0000000..3ad88cd --- /dev/null +++ b/server/raddb/modules/radutmp @@ -0,0 +1,53 @@ +# -*- text -*- +# +# $Id$ + +# Write a 'utmp' style file, of which users are currently +# logged in, and where they've logged in from. +# +# This file is used mainly for Simultaneous-Use checking, +# and also 'radwho', to see who's currently logged in. +# +radutmp { + # Where the file is stored. It's not a log file, + # so it doesn't need rotating. + # + filename = ${logdir}/radutmp + + # The field in the packet to key on for the + # 'user' name, If you have other fields which you want + # to use to key on to control Simultaneous-Use, + # then you can use them here. + # + # Note, however, that the size of the field in the + # 'utmp' data structure is small, around 32 + # characters, so that will limit the possible choices + # of keys. + # + # You may want instead: %{Stripped-User-Name:-%{User-Name}} + username = %{User-Name} + + + # Whether or not we want to treat "user" the same + # as "USER", or "User". Some systems have problems + # with case sensitivity, so this should be set to + # 'no' to enable the comparisons of the key attribute + # to be case insensitive. + # + case_sensitive = yes + + # Accounting information may be lost, so the user MAY + # have logged off of the NAS, but we haven't noticed. + # If so, we can verify this information with the NAS, + # + # If we want to believe the 'utmp' file, then this + # configuration entry can be set to 'no'. + # + check_with_nas = yes + + # Set the file permissions, as the contents of this file + # are usually private. + perm = 0600 + + callerid = "yes" +} diff --git a/server/raddb/modules/realm b/server/raddb/modules/realm new file mode 100644 index 0000000..95d9f2b --- /dev/null +++ b/server/raddb/modules/realm @@ -0,0 +1,46 @@ +# -*- text -*- +# +# $Id$ + +# Realm module, for proxying. +# +# You can have multiple instances of the realm module to +# support multiple realm syntaxs at the same time. The +# search order is defined by the order that the modules are listed +# in the authorize and preacct sections. +# +# Four config options: +# format - must be "prefix" or "suffix" +# The special cases of "DEFAULT" +# and "NULL" are allowed, too. +# delimiter - must be a single character + +# 'realm/username' +# +# Using this entry, IPASS users have their realm set to "IPASS". +realm IPASS { + format = prefix + delimiter = "/" +} + +# 'username@realm' +# +realm suffix { + format = suffix + delimiter = "@" +} + +# 'username%realm' +# +realm realmpercent { + format = suffix + delimiter = "%" +} + +# +# 'domain\user' +# +realm ntdomain { + format = prefix + delimiter = "\\" +} diff --git a/server/raddb/modules/smbpasswd b/server/raddb/modules/smbpasswd new file mode 100644 index 0000000..74e6404 --- /dev/null +++ b/server/raddb/modules/smbpasswd @@ -0,0 +1,16 @@ +# -*- text -*- +# +# $Id$ + +# An example configuration for using /etc/smbpasswd. +# +# See the "passwd" file for documentation on the configuration items +# for this module. +# +passwd smbpasswd { + filename = /etc/smbpasswd + format = "*User-Name::LM-Password:NT-Password:SMB-Account-CTRL-TEXT::" + hashsize = 100 + ignorenislike = no + allowmultiplekeys = no +} diff --git a/server/raddb/modules/sql_log b/server/raddb/modules/sql_log new file mode 100644 index 0000000..6060d9a --- /dev/null +++ b/server/raddb/modules/sql_log @@ -0,0 +1,49 @@ +# -*- text -*- +# +# $Id$ + +# +# The rlm_sql_log module appends the SQL queries in a log +# file which is read later by the radsqlrelay program. +# +# This module only performs the dynamic expansion of the +# variables found in the SQL statements. No operation is +# executed on the database server. (this could be done +# later by an external program) That means the module is +# useful only with non-"SELECT" statements. +# +# See rlm_sql_log(5) manpage. +# +# This same functionality could also be implemented by logging +# to a "detail" file, reading that, and then writing to SQL. +# See raddb/sites-available/buffered-sql for an example. +# +sql_log { + path = "${radacctdir}/sql-relay" + acct_table = "radacct" + postauth_table = "radpostauth" + sql_user_name = "%{%{User-Name}:-DEFAULT}" + + Start = "INSERT INTO ${acct_table} (AcctSessionId, UserName, \ + NASIPAddress, FramedIPAddress, AcctStartTime, AcctStopTime, \ + AcctSessionTime, AcctTerminateCause) VALUES \ + ('%{Acct-Session-Id}', '%{User-Name}', '%{NAS-IP-Address}', \ + '%{Framed-IP-Address}', '%S', '0', '0', '');" + Stop = "INSERT INTO ${acct_table} (AcctSessionId, UserName, \ + NASIPAddress, FramedIPAddress, AcctStartTime, AcctStopTime, \ + AcctSessionTime, AcctTerminateCause) VALUES \ + ('%{Acct-Session-Id}', '%{User-Name}', '%{NAS-IP-Address}', \ + '%{Framed-IP-Address}', '0', '%S', '%{Acct-Session-Time}', \ + '%{Acct-Terminate-Cause}');" + Alive = "INSERT INTO ${acct_table} (AcctSessionId, UserName, \ + NASIPAddress, FramedIPAddress, AcctStartTime, AcctStopTime, \ + AcctSessionTime, AcctTerminateCause) VALUES \ + ('%{Acct-Session-Id}', '%{User-Name}', '%{NAS-IP-Address}', \ + '%{Framed-IP-Address}', '0', '0', '%{Acct-Session-Time}','');" + + Post-Auth = "INSERT INTO ${postauth_table} \ + (username, pass, reply, authdate) VALUES \ + ('%{User-Name}', '%{User-Password:-Chap-Password}', \ + '%{reply:Packet-Type}', '%S');" +} + diff --git a/server/raddb/modules/sradutmp b/server/raddb/modules/sradutmp new file mode 100644 index 0000000..a7700ba --- /dev/null +++ b/server/raddb/modules/sradutmp @@ -0,0 +1,16 @@ +# -*- text -*- +# +# $Id$ + +# "Safe" radutmp - does not contain caller ID, so it can be +# world-readable, and radwho can work for normal users, without +# exposing any information that isn't already exposed by who(1). +# +# This is another 'instance' of the radutmp module, but it is given +# then name "sradutmp" to identify it later in the "accounting" +# section. +radutmp sradutmp { + filename = ${logdir}/sradutmp + perm = 0644 + callerid = "no" +} diff --git a/server/raddb/modules/unix b/server/raddb/modules/unix new file mode 100644 index 0000000..916df4c --- /dev/null +++ b/server/raddb/modules/unix @@ -0,0 +1,23 @@ +# -*- text -*- +# +# $Id$ + +# Unix /etc/passwd style authentication +# +unix { + # As of 1.1.0, the Unix module no longer reads, + # or caches /etc/passwd, /etc/shadow, or /etc/group. + # If you wish to cache those files, see the passwd + # module. + # + + # + # The location of the "wtmp" file. + # The only use for 'radlast'. If you don't use + # 'radlast', then you can comment out this item. + # + # Note that the radwtmp file may get large! You should + # rotate it (cp /dev/null radwtmp), or just not use it. + # + radwtmp = ${logdir}/radwtmp +} diff --git a/server/raddb/modules/wimax b/server/raddb/modules/wimax new file mode 100644 index 0000000..f2d0901 --- /dev/null +++ b/server/raddb/modules/wimax @@ -0,0 +1,4 @@ +# +# This module currently takes no configuration. +wimax { +} \ No newline at end of file diff --git a/server/raddb/sites-available/README b/server/raddb/sites-available/README new file mode 100644 index 0000000..55036f0 --- /dev/null +++ b/server/raddb/sites-available/README @@ -0,0 +1,335 @@ +1. Virtual Servers. + + FreeRADIUS 2.0 supports virtual servers. This is probably the +single largest change that is NOT backwards compatible with 1.x. + + The virtual servers do NOT have to be set up with the +"sites-available" and "sites-enabled" directories. You can still have +one "radiusd.conf" file, and put the server configuration there: + + ... + server { + authorize { + ... + } + authenticate { + ... + } + ... + } + ... + + The power of virtual servers lies in their ability to separate +policies. A policy can be placed into a virtual server, where it is +guaranteed to affect only the requests that are passed through that +virtual server. In 1.x, the policies were global, and it sometimes +took much effort to write a policy so that it only applied in certain +limited situations. + + +2. What do we mean by "virtual server"? + + + A virtual server is a (nearly complete) RADIUS server, just like a +configuration for FreeRADIUS 1.x. However, FreeRADIUS can now run +multiple virtual servers at the same time. The virtual servers can +even proxy requests to each other! + + The simplest way to create a virtual server is to take the all of +the request processing sections from radius.conf, ("authorize" , +"authenticate", etc.) and wrap them in a "server {}" block, as above. + + You can create another virtual server by: + + 1) defining a new "server foo {...}" section in radiusd.conf + 2) Putting the normal "authorize", etc. sections inside of it + 3) Adding a "listen" section *inside* of the "server" section. + + e.g. + + ... + server foo { + listen { + ipaddr = 127.0.0.1 + port = 2000 + type = auth + } + + authorize { + update control { + Cleartext-Password := "bob" + } + pap + } + + authenticate { + pap + } + } + ... + + With that text added to "radiusd.conf", run the server in debugging +mode (radiusd -X), and in another terminal window, type: + +$ radtest bob bob localhost:2000 0 testing123 + + You should see the server return an Access-Accept. + + +3. Capabilities and limitations + + + The only sub-sections that can appear in a virtual server section +are: + + listen + client + authorize + authenticate + post-auth + pre-proxy + post-proxy + preacct + accounting + session + + All other configuration parameters (modules, etc.) are global. + + Inside of a virtual server, the authorize, etc. sections have their +normal meaning, and can contain anything that an authorize section +could contain in 1.x. + + When a "listen" section is inside of a virtual server definition, it +means that all requests sent to that IP/port will be processed through +the virtual server. There cannot be two "listen" sections with the +same IP address and port number. + + When a "client" section is inside of a virtual server definition, it +means that that client is known only to the "listen" sections that are +also inside of that virtual server. Not only is this client +definition available only to this virtual server, but the details of +the client configuration is also available only to this virtual +server. + + i.e. Two virtual servers can listen on different IP address and +ports, but both can have a client with IP address 127.0.0.1. The +shared secret for that client can be different for each virtual +server. + + +4. More complex "listen" capabilities + + The "listen" sections have a few additional configuration items that +were not in 1.x, and were not mentioned above. These configuration +items enable almost any mapping of IP / port to clients to virtual +servers. + + The configuration items are: + + virtual_server = + + If set, all requests sent to this IP / port are processed + through the named virtual server. + + This directive can be used only for "listen" sections + that are global. i.e. It CANNOT be used if the + "listen" section is inside of a virtual server. + + clients = + + If set, the "listen" section looks for a "clients" section: + + clients { + ... + } + + It looks inside of that named "clients" section for + "client" subsections, at least one of which must + exist. Each client in that section is added to the + list of known clients for this IP / port. No other + clients are known. + + If it is set, it over-rides the list of clients (if + any) in the same virtual server. Note that the + clients are NOT additive! + + If it is not set, then the clients from the current + virtual server (if any) are used. If there are no + clients in this virtual server, then the global + clients are used. + + i.e. The most specific directive is used: + * configuration in this "listen" section + * clients in the same virtual server + * global clients + + The directives are also *exclusive*, not *additive*. + If you have one client in a virtual server, and + another client referenced from a "listen" section, + then that "listen" section will ONLY use the second + client. It will NOT use both clients. + + +5. More complex "client" capabilities + + The "client" sections have a few additional configuration items that +were not in 1.x, and were not mentioned above. These configuration +items enable almost any mapping of IP / port to clients to virtual +servers. + + The configuration items are: + + virtual_server = + + If set, all requests from this client are processed + through the named virtual server. + + This directive can be used only for "client" sections + that are global. i.e. It CANNOT be used if the + "client" section is inside of a virtual server. + + If the "listen" section has a "server" entry, and a matching +client is found ALSO with a "server" entry, then the clients server is +used for that request. + + +6. Worked examples + + + Listening on one socket, and mapping requests from two clients to +two different servers. + + listen { + ... + } + client one { + ... + virtual_server = server_one + } + client two { + ... + virtual_server = server_two + } + server server_one { + authorize { + ... + } + ... + } + server server_two { + authorize { + ... + } + ... + } + + This could also be done as: + + + listen { + ... + virtual_server = server_one + } + client one { + ... + } + client two { + ... + virtual_server = server_two + } + server server_one { + authorize { + ... + } + ... + } + server server_two { + authorize { + ... + } + ... + } + + In this case, the default server for the socket is "server_one", so +there is no need to set that in the client "one" configuration. The +"server_two" configuration for client "two" over-rides the default +setting for the socket. + + Note that the following configuration will NOT work: + + listen { + ... + virtual_server = server_one + } + client one { + ... + } + server server_one { + authorize { + ... + } + ... + } + server server_two { + client two { + ... + } + authorize { + ... + } + ... + } + + In this example, client "two" is hidden inside of the virtual +server, where the "listen" section cannot find it. + + +7. Outlined examples + + This section outlines a number of examples, with alternatives. + + One server, multiple sockets + - multiple "listen" sections in a "server" section + + one server per client + - define multiple servers + - have a global "listen" section + - have multiple global "clients", each with "virtual_server = X" + + two servers, each with their own sockets + - define multiple servers + - put "client" sections into each "server" + - put a "listen" section into each "server" + + Each server can list the same client IP, and the secret + can be different + + two sockets, sharing a list of clients, but pointing to different servers + - define global "listen" sections + - in each, set "virtual_server = X" + - in each, set "clients = Y" + - define "clients Y" section, containing multiple clients. + + This also means that you can have a third socket, which + doesn't share any of these clients. + + +8. How to decide what to do + + + If you want *completely* separate policies for a socket or a client, +then create a separate virtual server. Then, map the request to that +server by setting configuration entries in a "listen" section or in a +"client" section. + + Start off with the common cases first. If most of the clients +and/or sockets get a particular policy, make that policy the default. +Configure it without paying attention to the sockets or clients you +want to add later, and without adding a second virtual server. Once +it works, then add the second virtual server. + + If you want to re-use the previously defined sockets with the second +virtual server, then you will need one or more global "client" +sections. Those clients will contain a "virtual_server = ..." entry +that will direct requests from those clients to the appropriate +virtual server. diff --git a/server/raddb/sites-available/buffered-sql b/server/raddb/sites-available/buffered-sql new file mode 100644 index 0000000..9904da2 --- /dev/null +++ b/server/raddb/sites-available/buffered-sql @@ -0,0 +1,111 @@ +# -*- text -*- +###################################################################### +# +# In 2.0.0, radrelay functionality is integrated into the +# server core. This virtual server gives an example of +# using radrelay functionality inside of the server. +# +# In this example, the detail file is read, and the data +# is put into SQL. This configuration is used when a RADIUS +# server on this machine is receiving accounting packets, +# and writing them to the detail file. +# +# The purpose of this virtual server is to de-couple the storage +# of long-term accounting data in SQL from "live" information +# needed by the RADIUS server as it is running. +# +# The benefit of this approach is that for a busy server, the +# overhead of performing SQL qeuries may be significant. Also, +# if the SQL databases are large (as is typical for ones storing +# months of data), the INSERTs and UPDATEs may take a relatively +# long time. Rather than slowing down the RADIUS server by +# having it interact with a database, you can just log the +# packets to a detail file, and then read that file later at a +# time when the RADIUS server is typically lightly loaded. +# +# If you use on virtual server to log to the detail file, +# and another virtual server (i.e. this one) to read from +# the detail file, then this process will happen automatically. +# A sudden spike of RADIUS traffic means that the detail file +# will grow in size, and the server will be able to handle +# large volumes of traffic quickly. When the traffic dies down, +# the server will have time to read the detail file, and insert +# the data into a long-term SQL database. +# +# $Id$ +# +###################################################################### + +server buffered-sql { + listen { + type = detail + + # The location where the detail file is located. + # This should be on local disk, and NOT on an NFS + # mounted location! + filename = ${radacctdir}/detail + + # + # The server can read accounting packets from the + # detail file much more quickly than those packets + # can be written to a database. If the database is + # overloaded, then bad things can happen. + # + # The server will keep track of how long it takes to + # process an entry from the detail file. It will + # then pause between handling entries. This pause + # allows databases to "catch up", and gives the + # server time to notice that other packets may have + # arrived. + # + # The pause is calculated dynamically, to ensure that + # the load due to reading the detail files is limited + # to a small percentage of CPU time. The + # "load_factor" configuration item is a number + # between 1 and 100. The server will try to keep the + # percentage of time taken by "detail" file entries + # to "load_factor" percentage of the CPU time. + # + # If the "load_factor" is set to 100, then the server + # will read packets as fast as it can, usually + # causing databases to go into overload. + # + load_factor = 10 + } + + # + # Pre-accounting. Decide which accounting type to use. + # + preacct { + preprocess + + # + # Ensure that we have a semi-unique identifier for every + # request, and many NAS boxes are broken. + acct_unique + + # + # Read the 'acct_users' file. This isn't always + # necessary, and can be deleted if you do not use it. + files + } + + # + # Accounting. Log the accounting data. + # + accounting { + # + # Log traffic to an SQL database. + # + # See "Accounting queries" in sql.conf + # sql + + + # Cisco VoIP specific bulk accounting + # pgsql-voip + + } + + # The requests are not being proxied, so no pre/post-proxy + # sections are necessary. +} diff --git a/server/raddb/sites-available/control-socket b/server/raddb/sites-available/control-socket new file mode 100644 index 0000000..fc2137d --- /dev/null +++ b/server/raddb/sites-available/control-socket @@ -0,0 +1,76 @@ +# -*- text -*- +###################################################################### +# +# Control socket interface. +# +# HIGHLY experimental! It should NOT be used in production +# environments. +# +# In the future, we will add username/password checking for +# connections to the control socket. We will also add +# command authorization, where the commands entered by the +# administrator are run through a virtual server before +# they are executed. +# +# For now, anyone who has permission to connect to the socket +# has nearly complete control over the server. Be warned! +# +# This functionality is NOT enabled by default. +# +# See also the "radmin" program, which is used to communicate +# with the server over the control socket. +# +# $Id$ +# +###################################################################### +listen { + # + # Listen on the control socket. + # + type = control + + # + # Socket location. + # + # This file is created with the server's uid and gid. + # It's permissions are r/w for that user and group, and + # no permissions for "other" users. These permissions form + # minimal security, and should not be relied on. + # + socket = ${run_dir}/${name}.sock + + # + # The following two parameters perform authentication and + # authorization of connections to the control socket. + # + # If not set, then ANYONE can connect to the control socket, + # and have complete control over the server. This is likely + # not what you want. + # + # One, or both, of "uid" and "gid" should be set. If set, the + # corresponding value is checked. Unauthorized users result + # in an error message in the log file, and the connection is + # closed. + # + + # + # Name of user that is allowed to connect to the control socket. + # +# uid = radius + + # + # Name of group that is allowed to connect to the control socket. + # +# gid = radius + + # + # Access mode. + # + # This can be used to give *some* administrators access to + # monitor the system, but not to change it. + # + # ro = read only access (default) + # rw = read/write access. + # +# mode = rw +} diff --git a/server/raddb/sites-available/copy-acct-to-home-server b/server/raddb/sites-available/copy-acct-to-home-server new file mode 100644 index 0000000..5f9a522 --- /dev/null +++ b/server/raddb/sites-available/copy-acct-to-home-server @@ -0,0 +1,171 @@ +# -*- text -*- +###################################################################### +# +# In 2.0.0, radrelay functionality is integrated into the +# server core. This virtual server gives an example of +# using radrelay functionality inside of the server. +# +# In this example, the detail file is read, and the packets +# are proxied to a home server. You will have to configure +# realms, home_server_pool, and home_server in proxy.conf +# for this to work. +# +# The purpose of this virtual server is to enable duplication +# of information across a load-balanced, or fail-over set of +# servers. For example, if a group of clients lists two +# home servers (primary, secondary), then RADIUS accounting +# messages will go only to one server at a time. This file +# configures a server (primary, secondary) to send copies of +# the accounting information to each other. +# +# That way, each server has the same set of information, and +# can make the same decision about the user. +# +# $Id$ +# +###################################################################### + +server copy-acct-to-home-server { + listen { + type = detail + + ###################################################### + # + # !!!! WARNING !!!! + # + # The detail file reader acts just like a NAS. + # + # This means that if accounting fails, the packet + # is re-tried FOREVER. It is YOUR responsibility + # to write an accounting policy that returns "ok" + # if the packet was processed properly, "fail" on + # a database error, AND "ok" if you want to ignore + # the packet (e.g. no Acct-Status-Type). + # + # Neither the detail file write OR the detail file + # reader look at the contents of the packets. They + # just either dump the packet verbatim to the file, + # or read it verbatim from the file and pass it to + # the server. + # + ###################################################### + + + # The location where the detail file is located. + # This should be on local disk, and NOT on an NFS + # mounted location! + # + # On most systems, this should support file globbing + # e.g. "${radacctdir}/detail-*:*" + # This lets you write many smaller detail files as in + # the example in radiusd.conf: ".../detail-%Y%m%d:%H" + # Writing many small files is often better than writing + # one large file. File globbing also means that with + # a common naming scheme for detail files, then you can + # have many detail file writers, and only one reader. + filename = ${radacctdir}/detail + + # + # The server can read accounting packets from the + # detail file much more quickly than those packets + # can be written to a database. If the database is + # overloaded, then bad things can happen. + # + # The server will keep track of how long it takes to + # process an entry from the detail file. It will + # then pause between handling entries. This pause + # allows databases to "catch up", and gives the + # server time to notice that other packets may have + # arrived. + # + # The pause is calculated dynamically, to ensure that + # the load due to reading the detail files is limited + # to a small percentage of CPU time. The + # "load_factor" configuration item is a number + # between 1 and 100. The server will try to keep the + # percentage of time taken by "detail" file entries + # to "load_factor" percentage of the CPU time. + # + # If the "load_factor" is set to 100, then the server + # will read packets as fast as it can, usually + # causing databases to go into overload. + # + load_factor = 10 + } + + # + # Pre-accounting. Decide which accounting type to use. + # + preacct { + preprocess + + # Since we're just proxying, we don't need acct_unique. + + # + # Look for IPASS-style 'realm/', and if not found, look for + # '@realm', and decide whether or not to proxy, based on + # that. + # + # Accounting requests are generally proxied to the same + # home server as authentication requests. + # IPASS + suffix + # ntdomain + + # + # Read the 'acct_users' file. This isn't always + # necessary, and can be deleted if you do not use it. + files + } + + # + # Accounting. Log the accounting data. + # + accounting { + # + # Since we're proxying, we don't log anything + # locally. Ensure that the accounting section + # "succeeds" by forcing an "ok" return. + ok + } + + + # + # When the server decides to proxy a request to a home server, + # the proxied request is first passed through the pre-proxy + # stage. This stage can re-write the request, or decide to + # cancel the proxy. + # + # Only a few modules currently have this method. + # + pre-proxy { + # attr_rewrite + + # If you want to have a log of packets proxied to a home + # server, un-comment the following line, and the + # 'detail pre_proxy_log' section in radiusd.conf. + # pre_proxy_log + } + + # + # When the server receives a reply to a request it proxied + # to a home server, the request may be massaged here, in the + # post-proxy stage. + # + post-proxy { + # + + # If you want to have a log of replies from a home + # server, un-comment the following line, and the + # 'detail post_proxy_log' section in radiusd.conf. + # post_proxy_log + + # attr_rewrite + + # Uncomment the following line if you want to filter + # replies from remote proxies based on the rules + # defined in the 'attrs' file. + + # attr_filter + } +} diff --git a/server/raddb/sites-available/decoupled-accounting b/server/raddb/sites-available/decoupled-accounting new file mode 100644 index 0000000..199258d --- /dev/null +++ b/server/raddb/sites-available/decoupled-accounting @@ -0,0 +1,140 @@ +# -*- text -*- +###################################################################### +# +# This is a sample configuration for "decoupled" accounting. +# "Decoupled" accounting is where the accounting packets are +# NOT written "live" to the back-end database. This method +# can only be used if you are not interested in "live" +# accounting. i.e. Where you can tolerate delays that may be +# a few seconds, before accounting packets get written to +# the DB. +# +# Oddly enough, this method can speed up the processing of +# accounting packets, as all database activity is serialized. +# +# This file is NOT meant to be used as-is. It needs to be +# edited to match your local configuration. +# +# $Id$ +# +###################################################################### + +# Define a virtual server to write the accounting packets. +# Any "listen" section that listens on an accounting port should +# set "virtual_server = write-detail.example.com +server write_detail.example.com { + accounting { + # + # Write the "detail" files. + # + # See raddb/modules/detail.example.com for more info. + detail.example.com + } + + # That's it! +} + +# Define a virtual server to process the accounting packets. +server read-detail.example.com { + # Read accounting packets from the detail file(s) for + # the home server. + listen { + type = detail + filename = "${radacctdir}/detail.example.com/detail-*:*" + load_factor = 10 + } + + # All packets read from the detail file are processed through + # the preacct && accounting sections. + # + # The following text is copied verbatim from sites-available/default. + # You should edit it for your own local configuration. + +# +# Pre-accounting. Decide which accounting type to use. +# +preacct { + preprocess + + # + # Ensure that we have a semi-unique identifier for every + # request, and many NAS boxes are broken. + acct_unique + + # + # Look for IPASS-style 'realm/', and if not found, look for + # '@realm', and decide whether or not to proxy, based on + # that. + # + # Accounting requests are generally proxied to the same + # home server as authentication requests. +# IPASS + suffix +# ntdomain + + # + # Read the 'acct_users' file + files +} + +# +# Accounting. Log the accounting data. +# +accounting { + # + # Create a 'detail'ed log of the packets. + # Note that accounting requests which are proxied + # are also logged in the detail file. + detail +# daily + + # Update the wtmp file + # + # If you don't use "radlast", you can delete this line. + unix + + # + # For Simultaneous-Use tracking. + # + # Due to packet losses in the network, the data here + # may be incorrect. There is little we can do about it. + radutmp +# sradutmp + + # Return an address to the IP Pool when we see a stop record. +# main_pool + + # + # Log traffic to an SQL database. + # + # NOTE! You will have to ensure that any accounting packets + # NOT handled by the SQL module (e.g. "stop with zero session length" + # result in the accounting section still returning "ok". + # + # Otherwise, the server will think that the accounting packet + # was NOT handled properly, and will keep trying to process it + # through this virtual server! + # + # See "Accounting queries" in sql.conf +# sql + + # + # Instead of sending the query to the SQL server, + # write it into a log file. + # +# sql_log + + # Cisco VoIP specific bulk accounting +# pgsql-voip + + # Filter attributes from the accounting response. + attr_filter.accounting_response + + # + # See "Autz-Type Status-Server" for how this works. + # +# Acct-Type Status-Server { +# +# } +} +} diff --git a/server/raddb/sites-available/default b/server/raddb/sites-available/default new file mode 100644 index 0000000..fd6fe6f --- /dev/null +++ b/server/raddb/sites-available/default @@ -0,0 +1,502 @@ +###################################################################### +# +# As of 2.0.0, FreeRADIUS supports virtual hosts using the +# "server" section, and configuration directives. +# +# Virtual hosts should be put into the "sites-available" +# directory. Soft links should be created in the "sites-enabled" +# directory to these files. This is done in a normal installation. +# +# $Id$ +# +###################################################################### +# +# Read "man radiusd" before editing this file. See the section +# titled DEBUGGING. It outlines a method where you can quickly +# obtain the configuration you want, without running into +# trouble. See also "man unlang", which documents the format +# of this file. +# +# This configuration is designed to work in the widest possible +# set of circumstances, with the widest possible number of +# authentication methods. This means that in general, you should +# need to make very few changes to this file. +# +# The best way to configure the server for your local system +# is to CAREFULLY edit this file. Most attempts to make large +# edits to this file will BREAK THE SERVER. Any edits should +# be small, and tested by running the server with "radiusd -X". +# Once the edits have been verified to work, save a copy of these +# configuration files somewhere. (e.g. as a "tar" file). Then, +# make more edits, and test, as above. +# +# There are many "commented out" references to modules such +# as ldap, sql, etc. These references serve as place-holders. +# If you need the functionality of that module, then configure +# it in radiusd.conf, and un-comment the references to it in +# this file. In most cases, those small changes will result +# in the server being able to connect to the DB, and to +# authenticate users. +# +###################################################################### + +# +# In 1.x, the "authorize", etc. sections were global in +# radiusd.conf. As of 2.0, they SHOULD be in a server section. +# +# The server section with no virtual server name is the "default" +# section. It is used when no server name is specified. +# +# We don't indent the rest of this file, because doing so +# would make it harder to read. +# + +# Authorization. First preprocess (hints and huntgroups files), +# then realms, and finally look in the "users" file. +# +# The order of the realm modules will determine the order that +# we try to find a matching realm. +# +# Make *sure* that 'preprocess' comes before any realm if you +# need to setup hints for the remote radius server +authorize { + # + # The preprocess module takes care of sanitizing some bizarre + # attributes in the request, and turning them into attributes + # which are more standard. + # + # It takes care of processing the 'raddb/hints' and the + # 'raddb/huntgroups' files. + # + # It also adds the %{Client-IP-Address} attribute to the request. + preprocess + + # + # If you want to have a log of authentication requests, + # un-comment the following line, and the 'detail auth_log' + # section, above. +# auth_log + + # + # The chap module will set 'Auth-Type := CHAP' if we are + # handling a CHAP request and Auth-Type has not already been set + chap + + # + # If the users are logging in with an MS-CHAP-Challenge + # attribute for authentication, the mschap module will find + # the MS-CHAP-Challenge attribute, and add 'Auth-Type := MS-CHAP' + # to the request, which will cause the server to then use + # the mschap module for authentication. + mschap + + # + # If you have a Cisco SIP server authenticating against + # FreeRADIUS, uncomment the following line, and the 'digest' + # line in the 'authenticate' section. +# digest + + # + # Look for IPASS style 'realm/', and if not found, look for + # '@realm', and decide whether or not to proxy, based on + # that. + IPASS + + # + # If you are using multiple kinds of realms, you probably + # want to set "ignore_null = yes" for all of them. + # Otherwise, when the first style of realm doesn't match, + # the other styles won't be checked. + # + suffix +# ntdomain + + # + # This module takes care of EAP-MD5, EAP-TLS, and EAP-LEAP + # authentication. + # + # It also sets the EAP-Type attribute in the request + # attribute list to the EAP type from the packet. + # + # As of 2.0, the EAP module returns "ok" in the authorize stage + # for TTLS and PEAP. In 1.x, it never returned "ok" here, so + # this change is compatible with older configurations. + # + # The example below uses module failover to avoid querying all + # of the following modules if the EAP module returns "ok". + # Therefore, your LDAP and/or SQL servers will not be queried + # for the many packets that go back and forth to set up TTLS + # or PEAP. The load on those servers will therefore be reduced. + # + eap { + ok = return + } + + # + # Pull crypt'd passwords from /etc/passwd or /etc/shadow, + # using the system API's to get the password. If you want + # to read /etc/passwd or /etc/shadow directly, see the + # passwd module in radiusd.conf. + # + unix + + # + # Read the 'users' file + files + + # + # Look in an SQL database. The schema of the database + # is meant to mirror the "users" file. + # + # See "Authorization Queries" in sql.conf +# sql + + # + # If you are using /etc/smbpasswd, and are also doing + # mschap authentication, the un-comment this line, and + # configure the 'etc_smbpasswd' module, above. +# etc_smbpasswd + + # + # The ldap module will set Auth-Type to LDAP if it has not + # already been set +# ldap + + # + # Enforce daily limits on time spent logged in. +# daily + + # + # Use the checkval module +# checkval + + expiration + logintime + + # + # If no other module has claimed responsibility for + # authentication, then try to use PAP. This allows the + # other modules listed above to add a "known good" password + # to the request, and to do nothing else. The PAP module + # will then see that password, and use it to do PAP + # authentication. + # + # This module should be listed last, so that the other modules + # get a chance to set Auth-Type for themselves. + # + pap + + # + # If "status_server = yes", then Status-Server messages are passed + # through the following section, and ONLY the following section. + # This permits you to do DB queries, for example. If the modules + # listed here return "fail", then NO response is sent. + # +# Autz-Type Status-Server { +# +# } +} + + +# Authentication. +# +# +# This section lists which modules are available for authentication. +# Note that it does NOT mean 'try each module in order'. It means +# that a module from the 'authorize' section adds a configuration +# attribute 'Auth-Type := FOO'. That authentication type is then +# used to pick the apropriate module from the list below. +# + +# In general, you SHOULD NOT set the Auth-Type attribute. The server +# will figure it out on its own, and will do the right thing. The +# most common side effect of erroneously setting the Auth-Type +# attribute is that one authentication method will work, but the +# others will not. +# +# The common reasons to set the Auth-Type attribute by hand +# is to either forcibly reject the user (Auth-Type := Reject), +# or to or forcibly accept the user (Auth-Type := Accept). +# +# Note that Auth-Type := Accept will NOT work with EAP. +# +# Please do not put "unlang" configurations into the "authenticate" +# section. Put them in the "post-auth" section instead. That's what +# the post-auth section is for. +# +authenticate { + # + # PAP authentication, when a back-end database listed + # in the 'authorize' section supplies a password. The + # password can be clear-text, or encrypted. + Auth-Type PAP { + pap + } + + # + # Most people want CHAP authentication + # A back-end database listed in the 'authorize' section + # MUST supply a CLEAR TEXT password. Encrypted passwords + # won't work. + Auth-Type CHAP { + chap + } + + # + # MSCHAP authentication. + Auth-Type MS-CHAP { + mschap + } + + # + # If you have a Cisco SIP server authenticating against + # FreeRADIUS, uncomment the following line, and the 'digest' + # line in the 'authorize' section. +# digest + + # + # Pluggable Authentication Modules. +# pam + + # + # See 'man getpwent' for information on how the 'unix' + # module checks the users password. Note that packets + # containing CHAP-Password attributes CANNOT be authenticated + # against /etc/passwd! See the FAQ for details. + # + unix + + # Uncomment it if you want to use ldap for authentication + # + # Note that this means "check plain-text password against + # the ldap database", which means that EAP won't work, + # as it does not supply a plain-text password. +# Auth-Type LDAP { +# ldap +# } + + # + # Allow EAP authentication. + eap +} + + +# +# Pre-accounting. Decide which accounting type to use. +# +preacct { + preprocess + + # + # Ensure that we have a semi-unique identifier for every + # request, and many NAS boxes are broken. + acct_unique + + # + # Look for IPASS-style 'realm/', and if not found, look for + # '@realm', and decide whether or not to proxy, based on + # that. + # + # Accounting requests are generally proxied to the same + # home server as authentication requests. +# IPASS + suffix +# ntdomain + + # + # Read the 'acct_users' file + files +} + +# +# Accounting. Log the accounting data. +# +accounting { + # + # Create a 'detail'ed log of the packets. + # Note that accounting requests which are proxied + # are also logged in the detail file. + detail +# daily + + # Update the wtmp file + # + # If you don't use "radlast", you can delete this line. + unix + + # + # For Simultaneous-Use tracking. + # + # Due to packet losses in the network, the data here + # may be incorrect. There is little we can do about it. + radutmp +# sradutmp + + # Return an address to the IP Pool when we see a stop record. +# main_pool + + # + # Log traffic to an SQL database. + # + # See "Accounting queries" in sql.conf +# sql + + # + # Instead of sending the query to the SQL server, + # write it into a log file. + # +# sql_log + + # Cisco VoIP specific bulk accounting +# pgsql-voip + + # Filter attributes from the accounting response. + attr_filter.accounting_response + + # + # See "Autz-Type Status-Server" for how this works. + # +# Acct-Type Status-Server { +# +# } +} + + +# Session database, used for checking Simultaneous-Use. Either the radutmp +# or rlm_sql module can handle this. +# The rlm_sql module is *much* faster +session { + radutmp + + # + # See "Simultaneous Use Checking Queries" in sql.conf +# sql +} + + +# Post-Authentication +# Once we KNOW that the user has been authenticated, there are +# additional steps we can take. +post-auth { + # Get an address from the IP Pool. +# main_pool + + # + # If you want to have a log of authentication replies, + # un-comment the following line, and the 'detail reply_log' + # section, above. +# reply_log + + # + # After authenticating the user, do another SQL query. + # + # See "Authentication Logging Queries" in sql.conf +# sql + + # + # Instead of sending the query to the SQL server, + # write it into a log file. + # +# sql_log + + # + # Un-comment the following if you have set + # 'edir_account_policy_check = yes' in the ldap module sub-section of + # the 'modules' section. + # +# ldap + + exec + + # + # Access-Reject packets are sent through the REJECT sub-section of the + # post-auth section. + # + # Add the ldap module name (or instance) if you have set + # 'edir_account_policy_check = yes' in the ldap module configuration + # + Post-Auth-Type REJECT { + attr_filter.access_reject + } +} + +# +# When the server decides to proxy a request to a home server, +# the proxied request is first passed through the pre-proxy +# stage. This stage can re-write the request, or decide to +# cancel the proxy. +# +# Only a few modules currently have this method. +# +pre-proxy { +# attr_rewrite + + # Uncomment the following line if you want to change attributes + # as defined in the preproxy_users file. +# files + + # Uncomment the following line if you want to filter requests + # sent to remote servers based on the rules defined in the + # 'attrs.pre-proxy' file. +# attr_filter.pre-proxy + + # If you want to have a log of packets proxied to a home + # server, un-comment the following line, and the + # 'detail pre_proxy_log' section, above. +# pre_proxy_log +} + +# +# When the server receives a reply to a request it proxied +# to a home server, the request may be massaged here, in the +# post-proxy stage. +# +post-proxy { + + # If you want to have a log of replies from a home server, + # un-comment the following line, and the 'detail post_proxy_log' + # section, above. +# post_proxy_log + +# attr_rewrite + + # Uncomment the following line if you want to filter replies from + # remote proxies based on the rules defined in the 'attrs' file. +# attr_filter.post-proxy + + # + # If you are proxying LEAP, you MUST configure the EAP + # module, and you MUST list it here, in the post-proxy + # stage. + # + # You MUST also use the 'nostrip' option in the 'realm' + # configuration. Otherwise, the User-Name attribute + # in the proxied request will not match the user name + # hidden inside of the EAP packet, and the end server will + # reject the EAP request. + # + eap + + # + # If the server tries to proxy a request and fails, then the + # request is processed through the modules in this section. + # + # The main use of this section is to permit robust proxying + # of accounting packets. The server can be configured to + # proxy accounting packets as part of normal processing. + # Then, if the home server goes down, accounting packets can + # be logged to a local "detail" file, for processing with + # radrelay. When the home server comes back up, radrelay + # will read the detail file, and send the packets to the + # home server. + # + # With this configuration, the server always responds to + # Accounting-Requests from the NAS, but only writes + # accounting packets to disk if the home server is down. + # +# Post-Proxy-Type Fail { +# detail +# } + +} + diff --git a/server/raddb/sites-available/dhcp b/server/raddb/sites-available/dhcp new file mode 100644 index 0000000..1366683 --- /dev/null +++ b/server/raddb/sites-available/dhcp @@ -0,0 +1,198 @@ +# -*- text -*- +###################################################################### +# +# This is a virtual server that handles DHCP. +# +# !!!! WARNING !!!! +# +# This code is experimental, and SHOULD NOT be used in a +# production system. It is intended for validation and +# experimentation ONLY. +# +# In order for this to work, you will need to run configure: +# +# $ ./configure --with-dhcp +# $ make +# $ make install +# +# DHCP is NOT enabled by default. +# +# The goal of this effort is to get the code in front of +# people who are interested in another DHCP server. +# We NEED FEEDBACK, patches, bug reports, etc. Especially patches! +# +# Please contribute, or this work will be nothing more than +# a curiosity. +# +# +# Q: What does it do? +# A: It allows the server to receive DHCP packets, and to +# respond with static, pre-configured DHCP responses. +# +# Q: Does it do static/dynamic IP assignment? +# A: No. Or, maybe. Try it and see. +# +# Q: Does it read ISC configuration or lease files? +# A: No. Please submit patches. +# +# Q: Does it have DHCP feature X? +# A: No. Please submit patches. +# +# Q: Does it support option 82? +# A: Yes. +# +# Q: Does it support other options? +# A: Maybe. See dictionary.dhcp. Please submit patches. +# +# Q: It doesn't seem to do much of anything! +# A: Exactly. +# +# $Id$ +# +###################################################################### + +# +# The DHCP functionality goes into a virtual server. +# +server dhcp { + +# This is part RADIUS legacy (sorry). Clients have to be defined for +# DHCP. This is not normal practice for a DHCP server, but it does +# enable a simple filter list of "known clients". +# + +# DHCP packets are normally sent with source IP address 0.0.0.0. +# If you want to accept packets from any IP, uncomment the "netmask" +# entry below, and delete the other "client" sections in this file. +client any { + ipaddr = 0.0.0.0 + #netmask = 0 + dhcp = yes +} + +# For local testing. +client localnet { + ipaddr = 127.0.0.0 + netmask = 8 + dhcp = yes +} + +# Define a DHCP socket. +# +# The default port below is 6700, so you don't break your network. +# If you want it to do real DHCP, change this to 67, and good luck! +# +# You can also bind the DHCP socket to an interface. +# See below, and raddb/radiusd.conf for examples. +# +# This lets you run *one* DHCP server instance and have it listen on +# multiple interfaces, each with a separate policy. +# +# If you have multiple interfaces, it is a good idea to bind the +# listen section to an interface. You will likely also need one +# listen section per interface. +listen { + ipaddr = * + port = 6700 + type = dhcp + #interface = eth0 +} + +# Packets received on the socket will be processed through one +# of the following sections, named after the DHCP packet type. +# See dictionary.dhcp for the packet types. +dhcp DHCP-Discover { + update reply { + DHCP-Message-Type = DHCP-Offer + } + + # The contents here are invented. Change them! + update reply { + DHCP-Domain-Name-Server = 127.0.0.1 + DHCP-Domain-Name-Server = 127.0.0.2 + DHCP-Subnet-Mask = 255.255.255.0 + DHCP-Router-Address = 192.168.1.1 + DHCP-IP-Address-Lease-Time = 86400 + DHCP-DHCP-Server-Identifier = 192.168.1.1 + } + + # Do a simple mapping of MAC to assigned IP. + # + # See below for the definition of the "mac2ip" + # module. + # + #mac2ip + + # If the MAC wasn't found in that list, do something else. + # You could call a Perl, Python, or Java script here. + + #if (notfound) { + # ... + #} + + ok +} + +dhcp DHCP-Request { + update reply { + DHCP-Message-Type = DHCP-Ack + } + + # The contents here are invented. Change them! + update reply { + DHCP-Domain-Name-Server = 127.0.0.1 + DHCP-Domain-Name-Server = 127.0.0.2 + DHCP-Subnet-Mask = 255.255.255.0 + DHCP-Router-Address = 192.168.1.1 + DHCP-IP-Address-Lease-Time = 86400 + DHCP-DHCP-Server-Identifier = 192.168.1.1 + } + + # Do a simple mapping of MAC to assigned IP. + # + # See below for the definition of the "mac2ip" + # module. + # + #mac2ip + + # If the MAC wasn't found in that list, do something else. + # You could call a Perl, Python, or Java script here. + + #if (notfound) { + # ... + #} + + ok +} + +# If there's no named section for the packet type, then the packet +# is processed through this section. +dhcp { + # send a DHCP NAK. + reject +} + + +} + +###################################################################### +# +# This next section is a sample configuration for the "passwd" +# module, that reads flat-text files. It should go into +# radiusd.conf, in the "modules" section. +# +# The file is in the format , +# +# 00:01:02:03:04:05,192.168.1.100 +# 01:01:02:03:04:05,192.168.1.101 +# 02:01:02:03:04:05,192.168.1.102 +# +# This lets you perform simple static IP assignment. +# +###################################################################### + +#passwd mac2ip { +# filename = ${confdir}/mac2ip +# format = "*DHCP-Client-Hardware-Address:=DHCP-Your-IP-Address" +# delimiter = "," +#} diff --git a/server/raddb/sites-available/dynamic-clients b/server/raddb/sites-available/dynamic-clients new file mode 100644 index 0000000..ab5ae5e --- /dev/null +++ b/server/raddb/sites-available/dynamic-clients @@ -0,0 +1,153 @@ +# -*- text -*- +###################################################################### +# +# Sample configuration file for dynamically updating the list +# of RADIUS clients at run time. +# +# Everything is keyed off of a client "network". (e.g. 192.168/16) +# This configuration lets the server know that clients within +# that network are defined dynamically. +# +# When the server receives a packet from an unknown IP address +# within that network, it tries to find a dynamic definition +# for that client. If the definition is found, the IP address +# (and other configuration) is added to the server's internal +# cache of "known clients", with a configurable lifetime. +# +# Further packets from that IP address result in the client +# definition being found in the cache. Once the lifetime is +# reached, the client definition is deleted, and any new requests +# from that client are looked up as above. +# +# If the dynamic definition is not found, then the request is +# treated as if it came from an unknown client. i.e. It is +# silently discarded. +# +# As part of protection from Denial of Service (DoS) attacks, +# the server will add only one new client per second. This CANNOT +# be changed, and is NOT configurable. +# +# $Id$ +# +###################################################################### + +# +# Define a network where clients may be dynamically defined. +client dynamic { + ipaddr = 192.168.0.0 + + # + # You MUST specify a netmask! + # IPv4 /32 or IPv6 /128 are NOT allowed! + netmask = 16 + + # + # Any other configuration normally found in a "client" + # entry can be used here. + + # + # A shared secret does NOT have to be defined. It can + # be left out. + + # + # Define the virtual server used to discover dynamic clients. + dynamic_clients = dynamic_client_server + + # + # Define the lifetime (in seconds) for dynamic clients. + # They will be cached for this lifetime, and deleted afterwards. + # + # If the lifetime is "0", then the dynamic client is never + # deleted. The only way to delete the client is to re-start + # the server. + lifetime = 86400 +} + +# +# This is the virtual server referenced above by "dynamic_clients". +server dynamic_client_server { + + # + # The only contents of the virtual server is the "authorize" section. + authorize { + + # + # Put any modules you want here. SQL, LDAP, "exec", + # Perl, etc. The only requirements is that the + # attributes MUST go into the control item list. + # + # The request that is processed through this section + # is EMPTY. There are NO attributes. The request is fake, + # and is NOT the packet that triggered the lookup of + # the dynamic client. + # + # The ONLY piece of useful information is either + # + # Packet-Src-IP-Address (IPv4 clients) + # Packet-Src-IPv6-Address (IPv6 clients) + # + # The attributes used to define a dynamic client mirror + # the configuration items in the "client" structure. + # + update control { + + # + # Echo the IP address of the client. + FreeRADIUS-Client-IP-Address = "%{Packet-Src-IP-Address}" + + # require_message_authenticator + FreeRADIUS-Client-Require-MA = no + + # secret + FreeRADIUS-Client-Secret = "testing123" + + # shortname + FreeRADIUS-Client-Shortname = "%{Packet-Src-IP-Address}" + + # nastype + FreeRADIUS-Client-NAS-Type = "other" + + # virtual_server + # + # This can ONLY be used if the network client + # definition (e.g. "client dynamic" above) has + # NO virtual_server defined. + # + # If the network client definition does have a + # virtual_server defined, then that is used, + # and there is no need to define this attribute. + # + FreeRADIUS-Client-Virtual-Server = "something" + + } + + # + # Or, look the client up in SQL. + # + # This requires the SQL module to be configured, of course. + if ("%{sql: SELECT nasname FROM nas WHERE nasname = '%{Packet-Src-IP-Address}'}") { + update control { + # + # Echo the IP. + FreeRADIUS-Client-IP-Address = "%{Packet-Src-IP-Address}" + + # + # Do multiple SELECT statements to grab + # the various definitions. + FreeRADIUS-Client-Shortname = "%{sql: SELECT shortname FROM nas WHERE nasname = '%{Packet-Src-IP-Address}'}" + + FreeRADIUS-Client-Secret = "%{sql: SELECT secret FROM nas WHERE nasname = '%{Packet-Src-IP-Address}'}" + + FreeRADIUS-Client-NAS-Type = "%{sql: SELECT type FROM nas WHERE nasname = '%{Packet-Src-IP-Address}'}" + } + + } + + # + # Tell the caller that the client was defined properly. + # + # If the authorize section does NOT return "ok", then + # the new client is ignored. + ok + } +} diff --git a/server/raddb/sites-available/example b/server/raddb/sites-available/example new file mode 100644 index 0000000..8995030 --- /dev/null +++ b/server/raddb/sites-available/example @@ -0,0 +1,122 @@ +###################################################################### +# +# An example virtual server configuration. +# +# $Id$ +# +###################################################################### + + +# +# This client will be available to any "listen" section that +# are defined outside of a virtual server section. However, +# when the server receives a packet from this client, the +# request will be processed through the "example" virtual +# server, as the "client" section contains a configuration item +# to that effect. +# +# Note that this client will be able to send requests to any +# port defined in a global "listen" section. It will NOT, +# however, be able to send requests to a port defined in a +# "listen" section that is contained in a "server" section. +# +# With careful matching of configurations, you should be able +# to: +# +# - Define one authentication port, but process each client +# through a separate virtual server. +# +# - define multiple authentication ports, each with a private +# list of clients. +# +# - define multiple authentication ports, each of which may +# have the same client listed, but with different shared +# secrets +# +# FYI: We use an address in the 192.0.2.* space for this example, +# as RFC 3330 says that that /24 range is used for documenation +# and examples, and should not appear on the net. You shouldn't +# use it for anything, either. +# +client 192.0.2.10 { + shortname = example-client + secret = testing123 + virtual_server = example +} + +###################################################################### +# +# An example virtual server. It starts off with "server name {" +# The "name" is used to reference this server from a "listen" +# or "client" section. +# +###################################################################### +server example { + # + # Listen on 192.0.2.1:1812 for Access-Requests + # + # When the server receives a packet, it is processed + # through the "authorize", etc. sections listed here, + # NOT the global ones the "default" site. + # + listen { + ipaddr = 192.0.2.1 + port = 1821 + type = auth + } + + # + # This client is listed within the "server" section, + # and is therefore known ONLY to the socket defined + # in the "listen" section above. If the client IP + # sends a request to a different socket, the server + # will treat it as an unknown client, and will not + # respond. + # + # In contrast, the client listed at the top of this file + # is outside of any "server" section, and is therefore + # global in scope. It can send packets to any port + # defined in a global "listen" section. It CANNOT send + # packets to the listen section defined above, though. + # + # Note that you don't have to have a "virtual_server = example" + # line here, as the client is encapsulated within + # the "server" section. + # + client 192.0.2.9 { + shortname = example-client + secret = testing123 + } + + authorize { + # + # Some example policies. See "man unlang" for more. + # + if ("%{User-Name}" == "bob") { + update control { + Cleartext-Password := "bob" + } + } + + # + # And then reject the user. The next line requires + # that the "always reject {}" section is defined in + # the "modules" section of radiusd.conf. + # + reject + } + + authenticate { + + } + + post-auth { + + Post-Auth-Type Reject { + update reply { + Reply-Message = "This is only an example." + } + } + } + +} diff --git a/server/raddb/sites-available/inner-tunnel b/server/raddb/sites-available/inner-tunnel new file mode 100644 index 0000000..1ac43c2 --- /dev/null +++ b/server/raddb/sites-available/inner-tunnel @@ -0,0 +1,405 @@ +# -*- text -*- +###################################################################### +# +# This is a virtual server that handles *only* inner tunnel +# requests for EAP-TTLS and PEAP types. +# +# $Id$ +# +###################################################################### + +server inner-tunnel { + +# +# Un-comment the next section to perform test on the inner tunnel +# without needing an outer tunnel session. The tests will not be +# exactly the same as when TTLS or PEAP are used, but they will +# be close enough for many tests. +# +#listen { +# ipaddr = 127.0.0.1 +# port = 18120 +# type = auth +#} + + +# Authorization. First preprocess (hints and huntgroups files), +# then realms, and finally look in the "users" file. +# +# The order of the realm modules will determine the order that +# we try to find a matching realm. +# +# Make *sure* that 'preprocess' comes before any realm if you +# need to setup hints for the remote radius server +authorize { + # + # The chap module will set 'Auth-Type := CHAP' if we are + # handling a CHAP request and Auth-Type has not already been set + chap + + # + # If the users are logging in with an MS-CHAP-Challenge + # attribute for authentication, the mschap module will find + # the MS-CHAP-Challenge attribute, and add 'Auth-Type := MS-CHAP' + # to the request, which will cause the server to then use + # the mschap module for authentication. + mschap + + # + # Pull crypt'd passwords from /etc/passwd or /etc/shadow, + # using the system API's to get the password. If you want + # to read /etc/passwd or /etc/shadow directly, see the + # passwd module, above. + # + unix + + # + # Look for IPASS style 'realm/', and if not found, look for + # '@realm', and decide whether or not to proxy, based on + # that. +# IPASS + + # + # If you are using multiple kinds of realms, you probably + # want to set "ignore_null = yes" for all of them. + # Otherwise, when the first style of realm doesn't match, + # the other styles won't be checked. + # + # Note that proxying the inner tunnel authentication means + # that the user MAY use one identity in the outer session + # (e.g. "anonymous", and a different one here + # (e.g. "user@example.com"). The inner session will then be + # proxied elsewhere for authentication. If you are not + # careful, this means that the user can cause you to forward + # the authentication to another RADIUS server, and have the + # accounting logs *not* sent to the other server. This makes + # it difficult to bill people for their network activity. + # + suffix +# ntdomain + + # + # The "suffix" module takes care of stripping the domain + # (e.g. "@example.com") from the User-Name attribute, and the + # next few lines ensure that the request is not proxied. + # + # If you want the inner tunnel request to be proxied, delete + # the next few lines. + # + update control { + Proxy-To-Realm := LOCAL + } + + # + # This module takes care of EAP-MSCHAPv2 authentication. + # + # It also sets the EAP-Type attribute in the request + # attribute list to the EAP type from the packet. + # + # The example below uses module failover to avoid querying all + # of the following modules if the EAP module returns "ok". + # Therefore, your LDAP and/or SQL servers will not be queried + # for the many packets that go back and forth to set up TTLS + # or PEAP. The load on those servers will therefore be reduced. + # + eap { + ok = return + } + + # + # Read the 'users' file + files + + # + # Look in an SQL database. The schema of the database + # is meant to mirror the "users" file. + # + # See "Authorization Queries" in sql.conf +# sql + + # + # If you are using /etc/smbpasswd, and are also doing + # mschap authentication, the un-comment this line, and + # configure the 'etc_smbpasswd' module, above. +# etc_smbpasswd + + # + # The ldap module will set Auth-Type to LDAP if it has not + # already been set +# ldap + + # + # Enforce daily limits on time spent logged in. +# daily + + # + # Use the checkval module +# checkval + + expiration + logintime + + # + # If no other module has claimed responsibility for + # authentication, then try to use PAP. This allows the + # other modules listed above to add a "known good" password + # to the request, and to do nothing else. The PAP module + # will then see that password, and use it to do PAP + # authentication. + # + # This module should be listed last, so that the other modules + # get a chance to set Auth-Type for themselves. + # + pap +} + + +# Authentication. +# +# +# This section lists which modules are available for authentication. +# Note that it does NOT mean 'try each module in order'. It means +# that a module from the 'authorize' section adds a configuration +# attribute 'Auth-Type := FOO'. That authentication type is then +# used to pick the apropriate module from the list below. +# + +# In general, you SHOULD NOT set the Auth-Type attribute. The server +# will figure it out on its own, and will do the right thing. The +# most common side effect of erroneously setting the Auth-Type +# attribute is that one authentication method will work, but the +# others will not. +# +# The common reasons to set the Auth-Type attribute by hand +# is to either forcibly reject the user, or forcibly accept him. +# +authenticate { + # + # PAP authentication, when a back-end database listed + # in the 'authorize' section supplies a password. The + # password can be clear-text, or encrypted. + Auth-Type PAP { + pap + } + + # + # Most people want CHAP authentication + # A back-end database listed in the 'authorize' section + # MUST supply a CLEAR TEXT password. Encrypted passwords + # won't work. + Auth-Type CHAP { + chap + } + + # + # MSCHAP authentication. + Auth-Type MS-CHAP { + mschap + } + + # + # Pluggable Authentication Modules. +# pam + + # + # See 'man getpwent' for information on how the 'unix' + # module checks the users password. Note that packets + # containing CHAP-Password attributes CANNOT be authenticated + # against /etc/passwd! See the FAQ for details. + # + unix + + # Uncomment it if you want to use ldap for authentication + # + # Note that this means "check plain-text password against + # the ldap database", which means that EAP won't work, + # as it does not supply a plain-text password. +# Auth-Type LDAP { +# ldap +# } + + # + # Allow EAP authentication. + eap +} + +###################################################################### +# +# There are no accounting requests inside of EAP-TTLS or PEAP +# tunnels. +# +###################################################################### + + +# Session database, used for checking Simultaneous-Use. Either the radutmp +# or rlm_sql module can handle this. +# The rlm_sql module is *much* faster +session { + radutmp + + # + # See "Simultaneous Use Checking Queries" in sql.conf +# sql +} + + +# Post-Authentication +# Once we KNOW that the user has been authenticated, there are +# additional steps we can take. +post-auth { + # Note that we do NOT assign IP addresses here. + # If you try to assign IP addresses for EAP authentication types, + # it WILL NOT WORK. You MUST use DHCP. + + # + # If you want to have a log of authentication replies, + # un-comment the following line, and the 'detail reply_log' + # section, above. +# reply_log + + # + # After authenticating the user, do another SQL query. + # + # See "Authentication Logging Queries" in sql.conf +# sql + + # + # Instead of sending the query to the SQL server, + # write it into a log file. + # +# sql_log + + # + # Un-comment the following if you have set + # 'edir_account_policy_check = yes' in the ldap module sub-section of + # the 'modules' section. + # +# ldap + + # + # Access-Reject packets are sent through the REJECT sub-section of the + # post-auth section. + # + # Add the ldap module name (or instance) if you have set + # 'edir_account_policy_check = yes' in the ldap module configuration + # + Post-Auth-Type REJECT { + attr_filter.access_reject + } + + # + # The example policy below updates the outer tunnel reply + # (usually Access-Accept) with the User-Name from the inner + # tunnel User-Name. Since this section is processed in the + # context of the inner tunnel, "request" here means "inner + # tunnel request", and "outer.reply" means "outer tunnel + # reply attributes". + # + # This example is most useful when the outer session contains + # a User-Name of "anonymous@....", or a MAC address. If it + # is enabled, the NAS SHOULD use the inner tunnel User-Name + # in subsequent accounting packets. This makes it easier to + # track user sessions, as they will all be based on the real + # name, and not on "anonymous". + # + # The problem with doing this is that it ALSO exposes the + # real user name to any intermediate proxies. People use + # "anonymous" identifiers outside of the tunnel for a very + # good reason: it gives them more privacy. Setting the reply + # to contain the real user name removes ALL privacy from + # their session. + # + # If you want privacy to remain, see the + # Chargeable-User-Identity attribute from RFC 4372. In order + # to use that attribute, you will have to allocate a + # per-session identifier for the user, and store it in a + # long-term database (e.g. SQL). You should also use that + # attribute INSTEAD of the configuration below. + # + #update outer.reply { + # User-Name = "%{request:User-Name}" + #} + +} + +# +# When the server decides to proxy a request to a home server, +# the proxied request is first passed through the pre-proxy +# stage. This stage can re-write the request, or decide to +# cancel the proxy. +# +# Only a few modules currently have this method. +# +pre-proxy { +# attr_rewrite + + # Uncomment the following line if you want to change attributes + # as defined in the preproxy_users file. +# files + + # Uncomment the following line if you want to filter requests + # sent to remote servers based on the rules defined in the + # 'attrs.pre-proxy' file. +# attr_filter.pre-proxy + + # If you want to have a log of packets proxied to a home + # server, un-comment the following line, and the + # 'detail pre_proxy_log' section, above. +# pre_proxy_log +} + +# +# When the server receives a reply to a request it proxied +# to a home server, the request may be massaged here, in the +# post-proxy stage. +# +post-proxy { + + # If you want to have a log of replies from a home server, + # un-comment the following line, and the 'detail post_proxy_log' + # section, above. +# post_proxy_log + +# attr_rewrite + + # Uncomment the following line if you want to filter replies from + # remote proxies based on the rules defined in the 'attrs' file. +# attr_filter.post-proxy + + # + # If you are proxying LEAP, you MUST configure the EAP + # module, and you MUST list it here, in the post-proxy + # stage. + # + # You MUST also use the 'nostrip' option in the 'realm' + # configuration. Otherwise, the User-Name attribute + # in the proxied request will not match the user name + # hidden inside of the EAP packet, and the end server will + # reject the EAP request. + # + eap + + # + # If the server tries to proxy a request and fails, then the + # request is processed through the modules in this section. + # + # The main use of this section is to permit robust proxying + # of accounting packets. The server can be configured to + # proxy accounting packets as part of normal processing. + # Then, if the home server goes down, accounting packets can + # be logged to a local "detail" file, for processing with + # radrelay. When the home server comes back up, radrelay + # will read the detail file, and send the packets to the + # home server. + # + # With this configuration, the server always responds to + # Accounting-Requests from the NAS, but only writes + # accounting packets to disk if the home server is down. + # +# Post-Proxy-Type Fail { +# detail +# } + +} + +} # inner-tunnel server block diff --git a/server/raddb/sites-available/jradius-default b/server/raddb/sites-available/jradius-default new file mode 100644 index 0000000..6161978 --- /dev/null +++ b/server/raddb/sites-available/jradius-default @@ -0,0 +1,520 @@ +###################################################################### +# +# As of 2.0.0, FreeRADIUS supports virtual hosts using the +# "server" section, and configuration directives. +# +# Virtual hosts should be put into the "sites-available" +# directory. Soft links should be created in the "sites-enabled" +# directory to these files. This is done in a normal installation. +# +# $Id$ +# +###################################################################### +# +# Read "man radiusd" before editing this file. See the section +# titled DEBUGGING. It outlines a method where you can quickly +# obtain the configuration you want, without running into +# trouble. See also "man unlang", which documents the format +# of this file. +# +# This configuration is designed to work in the widest possible +# set of circumstances, with the widest possible number of +# authentication methods. This means that in general, you should +# need to make very few changes to this file. +# +# The best way to configure the server for your local system +# is to CAREFULLY edit this file. Most attempts to make large +# edits to this file will BREAK THE SERVER. Any edits should +# be small, and tested by running the server with "radiusd -X". +# Once the edits have been verified to work, save a copy of these +# configuration files somewhere. (e.g. as a "tar" file). Then, +# make more edits, and test, as above. +# +# There are many "commented out" references to modules such +# as ldap, sql, etc. These references serve as place-holders. +# If you need the functionality of that module, then configure +# it in radiusd.conf, and un-comment the references to it in +# this file. In most cases, those small changes will result +# in the server being able to connect to the DB, and to +# authenticate users. +# +###################################################################### + +# +# In 1.x, the "authorize", etc. sections were global in +# radiusd.conf. As of 2.0, they SHOULD be in a server section. +# +# The server section with no virtual server name is the "default" +# section. It is used when no server name is specified. +# +# We don't indent the rest of this file, because doing so +# would make it harder to read. +# + +# Authorization. First preprocess (hints and huntgroups files), +# then realms, and finally look in the "users" file. +# +# The order of the realm modules will determine the order that +# we try to find a matching realm. +# +# Make *sure* that 'preprocess' comes before any realm if you +# need to setup hints for the remote radius server +authorize { + addclientip + + # + # The preprocess module takes care of sanitizing some bizarre + # attributes in the request, and turning them into attributes + # which are more standard. + # + # It takes care of processing the 'raddb/hints' and the + # 'raddb/huntgroups' files. + # + # It also adds the %{Client-IP-Address} attribute to the request. + preprocess + + # + # If you want to have a log of authentication requests, + # un-comment the following line, and the 'detail auth_log' + # section, above. +# auth_log + + # + # The chap module will set 'Auth-Type := CHAP' if we are + # handling a CHAP request and Auth-Type has not already been set + chap + + # + # If the users are logging in with an MS-CHAP-Challenge + # attribute for authentication, the mschap module will find + # the MS-CHAP-Challenge attribute, and add 'Auth-Type := MS-CHAP' + # to the request, which will cause the server to then use + # the mschap module for authentication. + mschap + + # + # If you have a Cisco SIP server authenticating against + # FreeRADIUS, uncomment the following line, and the 'digest' + # line in the 'authenticate' section. +# digest + + # + # Look for IPASS style 'realm/', and if not found, look for + # '@realm', and decide whether or not to proxy, based on + # that. + IPASS + + # + # If you are using multiple kinds of realms, you probably + # want to set "ignore_null = yes" for all of them. + # Otherwise, when the first style of realm doesn't match, + # the other styles won't be checked. + # + suffix +# ntdomain + + # + # This module takes care of EAP-MD5, EAP-TLS, and EAP-LEAP + # authentication. + # + # It also sets the EAP-Type attribute in the request + # attribute list to the EAP type from the packet. + # + # As of 2.0, the EAP module returns "ok" in the authorize stage + # for TTLS and PEAP. In 1.x, it never returned "ok" here, so + # this change is compatible with older configurations. + # + # The example below uses module failover to avoid querying all + # of the following modules if the EAP module returns "ok". + # Therefore, your LDAP and/or SQL servers will not be queried + # for the many packets that go back and forth to set up TTLS + # or PEAP. The load on those servers will therefore be reduced. + # + eap { + ok = return + } + + # + # Pull crypt'd passwords from /etc/passwd or /etc/shadow, + # using the system API's to get the password. If you want + # to read /etc/passwd or /etc/shadow directly, see the + # passwd module in radiusd.conf. + # +# unix + + # + # Read the 'users' file + files + + # + # Look in an SQL database. The schema of the database + # is meant to mirror the "users" file. + # + # See "Authorization Queries" in sql.conf +# sql + + # + # If you are using /etc/smbpasswd, and are also doing + # mschap authentication, the un-comment this line, and + # configure the 'etc_smbpasswd' module, above. +# etc_smbpasswd + + # + # The ldap module will set Auth-Type to LDAP if it has not + # already been set +# ldap + + # + # Enforce daily limits on time spent logged in. +# daily + + # + # Use the checkval module +# checkval + + expiration + logintime + + # + # If no other module has claimed responsibility for + # authentication, then try to use PAP. This allows the + # other modules listed above to add a "known good" password + # to the request, and to do nothing else. The PAP module + # will then see that password, and use it to do PAP + # authentication. + # + # This module should be listed last, so that the other modules + # get a chance to set Auth-Type for themselves. + # + pap + + # + # If "status_server = yes", then Status-Server messages are passed + # through the following section, and ONLY the following section. + # This permits you to do DB queries, for example. If the modules + # listed here return "fail", then NO response is sent. + # +# Autz-Type Status-Server { +# +# } + + jradius +} + + +# Authentication. +# +# +# This section lists which modules are available for authentication. +# Note that it does NOT mean 'try each module in order'. It means +# that a module from the 'authorize' section adds a configuration +# attribute 'Auth-Type := FOO'. That authentication type is then +# used to pick the apropriate module from the list below. +# + +# In general, you SHOULD NOT set the Auth-Type attribute. The server +# will figure it out on its own, and will do the right thing. The +# most common side effect of erroneously setting the Auth-Type +# attribute is that one authentication method will work, but the +# others will not. +# +# The common reasons to set the Auth-Type attribute by hand +# is to either forcibly reject the user (Auth-Type := Reject), +# or to or forcibly accept the user (Auth-Type := Accept). +# +# Note that Auth-Type := Accept will NOT work with EAP. +# +# Please do not put "unlang" configurations into the "authenticate" +# section. Put them in the "post-auth" section instead. That's what +# the post-auth section is for. +# +authenticate { + # + # PAP authentication, when a back-end database listed + # in the 'authorize' section supplies a password. The + # password can be clear-text, or encrypted. + Auth-Type PAP { + pap + } + + # + # Most people want CHAP authentication + # A back-end database listed in the 'authorize' section + # MUST supply a CLEAR TEXT password. Encrypted passwords + # won't work. + Auth-Type CHAP { + chap + } + + # + # MSCHAP authentication. + Auth-Type MS-CHAP { + mschap + } + + # + # If you have a Cisco SIP server authenticating against + # FreeRADIUS, uncomment the following line, and the 'digest' + # line in the 'authorize' section. +# digest + + # + # Pluggable Authentication Modules. +# pam + + # + # See 'man getpwent' for information on how the 'unix' + # module checks the users password. Note that packets + # containing CHAP-Password attributes CANNOT be authenticated + # against /etc/passwd! See the FAQ for details. + # +# unix + + # Uncomment it if you want to use ldap for authentication + # + # Note that this means "check plain-text password against + # the ldap database", which means that EAP won't work, + # as it does not supply a plain-text password. +# Auth-Type LDAP { +# ldap +# } + + # + # Allow EAP authentication. + eap +} + + +# +# Pre-accounting. Decide which accounting type to use. +# +preacct { + addclientip + + preprocess + + # + # Ensure that we have a semi-unique identifier for every + # request, and many NAS boxes are broken. + acct_unique + + # + # Look for IPASS-style 'realm/', and if not found, look for + # '@realm', and decide whether or not to proxy, based on + # that. + # + # Accounting requests are generally proxied to the same + # home server as authentication requests. + IPASS + suffix +# ntdomain + + # + # Read the 'acct_users' file + files + + jradius +} + +# +# Accounting. Log the accounting data. +# +accounting { + # + # Create a 'detail'ed log of the packets. + # Note that accounting requests which are proxied + # are also logged in the detail file. + detail +# daily + + # Update the wtmp file + # + # If you don't use "radlast", you can delete this line. +# unix + + # + # For Simultaneous-Use tracking. + # + # Due to packet losses in the network, the data here + # may be incorrect. There is little we can do about it. + radutmp +# sradutmp + + # Return an address to the IP Pool when we see a stop record. +# main_pool + + # + # Log traffic to an SQL database. + # + # See "Accounting queries" in sql.conf +# sql + + # + # Instead of sending the query to the SQL server, + # write it into a log file. + # +# sql_log + + # Cisco VoIP specific bulk accounting +# pgsql-voip + + # Filter attributes from the accounting response. + attr_filter.accounting_response + + # + # See "Autz-Type Status-Server" for how this works. + # +# Acct-Type Status-Server { +# +# } + + jradius +} + + +# Session database, used for checking Simultaneous-Use. Either the radutmp +# or rlm_sql module can handle this. +# The rlm_sql module is *much* faster +session { +# radutmp + + # + # See "Simultaneous Use Checking Queries" in sql.conf +# sql +} + + +# Post-Authentication +# Once we KNOW that the user has been authenticated, there are +# additional steps we can take. +post-auth { + # Get an address from the IP Pool. +# main_pool + + # + # If you want to have a log of authentication replies, + # un-comment the following line, and the 'detail reply_log' + # section, above. +# reply_log + + # + # After authenticating the user, do another SQL query. + # + # See "Authentication Logging Queries" in sql.conf +# sql + + # + # Instead of sending the query to the SQL server, + # write it into a log file. + # +# sql_log + + # + # Un-comment the following if you have set + # 'edir_account_policy_check = yes' in the ldap module sub-section of + # the 'modules' section. + # +# ldap + + exec + + # + # Access-Reject packets are sent through the REJECT sub-section of the + # post-auth section. + # + # Add the ldap module name (or instance) if you have set + # 'edir_account_policy_check = yes' in the ldap module configuration + # +# Post-Auth-Type REJECT { +# attr_filter.access_reject +# } + + jradius + Post-Auth-Type REJECT { + jradius + } +} + +# +# When the server decides to proxy a request to a home server, +# the proxied request is first passed through the pre-proxy +# stage. This stage can re-write the request, or decide to +# cancel the proxy. +# +# Only a few modules currently have this method. +# +pre-proxy { +# attr_rewrite + + # Uncomment the following line if you want to change attributes + # as defined in the preproxy_users file. +# files + + # Uncomment the following line if you want to filter requests + # sent to remote servers based on the rules defined in the + # 'attrs.pre-proxy' file. +# attr_filter.pre-proxy + + # If you want to have a log of packets proxied to a home + # server, un-comment the following line, and the + # 'detail pre_proxy_log' section, above. +# pre_proxy_log + + jradius +} + +# +# When the server receives a reply to a request it proxied +# to a home server, the request may be massaged here, in the +# post-proxy stage. +# +post-proxy { + + # If you want to have a log of replies from a home server, + # un-comment the following line, and the 'detail post_proxy_log' + # section, above. +# post_proxy_log + +# attr_rewrite + + # Uncomment the following line if you want to filter replies from + # remote proxies based on the rules defined in the 'attrs' file. +# attr_filter.post-proxy + + # + # If you are proxying LEAP, you MUST configure the EAP + # module, and you MUST list it here, in the post-proxy + # stage. + # + # You MUST also use the 'nostrip' option in the 'realm' + # configuration. Otherwise, the User-Name attribute + # in the proxied request will not match the user name + # hidden inside of the EAP packet, and the end server will + # reject the EAP request. + # + eap + + # + # If the server tries to proxy a request and fails, then the + # request is processed through the modules in this section. + # + # The main use of this section is to permit robust proxying + # of accounting packets. The server can be configured to + # proxy accounting packets as part of normal processing. + # Then, if the home server goes down, accounting packets can + # be logged to a local "detail" file, for processing with + # radrelay. When the home server comes back up, radrelay + # will read the detail file, and send the packets to the + # home server. + # + # With this configuration, the server always responds to + # Accounting-Requests from the NAS, but only writes + # accounting packets to disk if the home server is down. + # +# Post-Proxy-Type Fail { +# detail +# } + + jradius +} + diff --git a/server/raddb/sites-available/jradius-inner-tunnel b/server/raddb/sites-available/jradius-inner-tunnel new file mode 100644 index 0000000..caae035 --- /dev/null +++ b/server/raddb/sites-available/jradius-inner-tunnel @@ -0,0 +1,414 @@ +# -*- text -*- +###################################################################### +# +# This is a virtual server that handles *only* inner tunnel +# requests for EAP-TTLS and PEAP types. +# +# $Id$ +# +###################################################################### + +server inner-tunnel { + +# +# Un-comment the next section to perform test on the inner tunnel +# without needing an outer tunnel session. The tests will not be +# exactly the same as when TTLS or PEAP are used, but they will +# be close enough for many tests. +# +#listen { +# ipaddr = 127.0.0.1 +# port = 18120 +# type = auth +#} + + +# Authorization. First preprocess (hints and huntgroups files), +# then realms, and finally look in the "users" file. +# +# The order of the realm modules will determine the order that +# we try to find a matching realm. +# +# Make *sure* that 'preprocess' comes before any realm if you +# need to setup hints for the remote radius server +authorize { + # + # The chap module will set 'Auth-Type := CHAP' if we are + # handling a CHAP request and Auth-Type has not already been set + chap + + # + # If the users are logging in with an MS-CHAP-Challenge + # attribute for authentication, the mschap module will find + # the MS-CHAP-Challenge attribute, and add 'Auth-Type := MS-CHAP' + # to the request, which will cause the server to then use + # the mschap module for authentication. + mschap + + # + # Pull crypt'd passwords from /etc/passwd or /etc/shadow, + # using the system API's to get the password. If you want + # to read /etc/passwd or /etc/shadow directly, see the + # passwd module, above. + # + unix + + # + # Look for IPASS style 'realm/', and if not found, look for + # '@realm', and decide whether or not to proxy, based on + # that. + IPASS + + # + # If you are using multiple kinds of realms, you probably + # want to set "ignore_null = yes" for all of them. + # Otherwise, when the first style of realm doesn't match, + # the other styles won't be checked. + # + # Note that proxying the inner tunnel authentication means + # that the user MAY use one identity in the outer session + # (e.g. "anonymous", and a different one here + # (e.g. "user@example.com"). The inner session will then be + # proxied elsewhere for authentication. If you are not + # careful, this means that the user can cause you to forward + # the authentication to another RADIUS server, and have the + # accounting logs *not* sent to the other server. This makes + # it difficult to bill people for their network activity. + # + suffix +# ntdomain + + # + # The "suffix" module takes care of stripping the domain + # (e.g. "@example.com") from the User-Name attribute, and the + # next few lines ensure that the request is not proxied. + # + # If you want the inner tunnel request to be proxied, delete + # the next few lines. + # + update control { + Proxy-To-Realm := LOCAL + } + + # + # This module takes care of EAP-MSCHAPv2 authentication. + # + # It also sets the EAP-Type attribute in the request + # attribute list to the EAP type from the packet. + # + # The example below uses module failover to avoid querying all + # of the following modules if the EAP module returns "ok". + # Therefore, your LDAP and/or SQL servers will not be queried + # for the many packets that go back and forth to set up TTLS + # or PEAP. The load on those servers will therefore be reduced. + # + eap { + ok = return + } + + # + # Read the 'users' file + files + + # + # Look in an SQL database. The schema of the database + # is meant to mirror the "users" file. + # + # See "Authorization Queries" in sql.conf +# sql + + # + # If you are using /etc/smbpasswd, and are also doing + # mschap authentication, the un-comment this line, and + # configure the 'etc_smbpasswd' module, above. +# etc_smbpasswd + + # + # The ldap module will set Auth-Type to LDAP if it has not + # already been set +# ldap + + # + # Enforce daily limits on time spent logged in. +# daily + + # + # Use the checkval module +# checkval + + expiration + logintime + + # + # If no other module has claimed responsibility for + # authentication, then try to use PAP. This allows the + # other modules listed above to add a "known good" password + # to the request, and to do nothing else. The PAP module + # will then see that password, and use it to do PAP + # authentication. + # + # This module should be listed last, so that the other modules + # get a chance to set Auth-Type for themselves. + # + pap + + jradius +} + + +# Authentication. +# +# +# This section lists which modules are available for authentication. +# Note that it does NOT mean 'try each module in order'. It means +# that a module from the 'authorize' section adds a configuration +# attribute 'Auth-Type := FOO'. That authentication type is then +# used to pick the apropriate module from the list below. +# + +# In general, you SHOULD NOT set the Auth-Type attribute. The server +# will figure it out on its own, and will do the right thing. The +# most common side effect of erroneously setting the Auth-Type +# attribute is that one authentication method will work, but the +# others will not. +# +# The common reasons to set the Auth-Type attribute by hand +# is to either forcibly reject the user, or forcibly accept him. +# +authenticate { + # + # PAP authentication, when a back-end database listed + # in the 'authorize' section supplies a password. The + # password can be clear-text, or encrypted. + Auth-Type PAP { + pap + } + + # + # Most people want CHAP authentication + # A back-end database listed in the 'authorize' section + # MUST supply a CLEAR TEXT password. Encrypted passwords + # won't work. + Auth-Type CHAP { + chap + } + + # + # MSCHAP authentication. + Auth-Type MS-CHAP { + mschap + } + + # + # Pluggable Authentication Modules. +# pam + + # + # See 'man getpwent' for information on how the 'unix' + # module checks the users password. Note that packets + # containing CHAP-Password attributes CANNOT be authenticated + # against /etc/passwd! See the FAQ for details. + # +# unix + + # Uncomment it if you want to use ldap for authentication + # + # Note that this means "check plain-text password against + # the ldap database", which means that EAP won't work, + # as it does not supply a plain-text password. +# Auth-Type LDAP { +# ldap +# } + + # + # Allow EAP authentication. + eap +} + +###################################################################### +# +# There are no accounting requests inside of EAP-TTLS or PEAP +# tunnels. +# +###################################################################### + + +# Session database, used for checking Simultaneous-Use. Either the radutmp +# or rlm_sql module can handle this. +# The rlm_sql module is *much* faster +session { + radutmp + + # + # See "Simultaneous Use Checking Queries" in sql.conf +# sql +} + + +# Post-Authentication +# Once we KNOW that the user has been authenticated, there are +# additional steps we can take. +post-auth { + # Note that we do NOT assign IP addresses here. + # If you try to assign IP addresses for EAP authentication types, + # it WILL NOT WORK. You MUST use DHCP. + + # + # If you want to have a log of authentication replies, + # un-comment the following line, and the 'detail reply_log' + # section, above. +# reply_log + + # + # After authenticating the user, do another SQL query. + # + # See "Authentication Logging Queries" in sql.conf +# sql + + # + # Instead of sending the query to the SQL server, + # write it into a log file. + # +# sql_log + + # + # Un-comment the following if you have set + # 'edir_account_policy_check = yes' in the ldap module sub-section of + # the 'modules' section. + # +# ldap + + # + # Access-Reject packets are sent through the REJECT sub-section of the + # post-auth section. + # + # Add the ldap module name (or instance) if you have set + # 'edir_account_policy_check = yes' in the ldap module configuration + # + Post-Auth-Type REJECT { + attr_filter.access_reject + } + + # + # The example policy below updates the outer tunnel reply + # (usually Access-Accept) with the User-Name from the inner + # tunnel User-Name. Since this section is processed in the + # context of the inner tunnel, "request" here means "inner + # tunnel request", and "outer.reply" means "outer tunnel + # reply attributes". + # + # This example is most useful when the outer session contains + # a User-Name of "anonymous@....", or a MAC address. If it + # is enabled, the NAS SHOULD use the inner tunnel User-Name + # in subsequent accounting packets. This makes it easier to + # track user sessions, as they will all be based on the real + # name, and not on "anonymous". + # + # The problem with doing this is that it ALSO exposes the + # real user name to any intermediate proxies. People use + # "anonymous" identifiers outside of the tunnel for a very + # good reason: it gives them more privacy. Setting the reply + # to contain the real user name removes ALL privacy from + # their session. + # + # If you want privacy to remain, see the + # Chargeable-User-Identity attribute from RFC 4372. In order + # to use that attribute, you will have to allocate a + # per-session identifier for the user, and store it in a + # long-term database (e.g. SQL). You should also use that + # attribute INSTEAD of the configuration below. + # + #update outer.reply { + # User-Name = "%{request:User-Name}" + #} + + jradius + Post-Auth-Type REJECT { + jradius + } +} + +# +# When the server decides to proxy a request to a home server, +# the proxied request is first passed through the pre-proxy +# stage. This stage can re-write the request, or decide to +# cancel the proxy. +# +# Only a few modules currently have this method. +# +pre-proxy { +# attr_rewrite + + # Uncomment the following line if you want to change attributes + # as defined in the preproxy_users file. +# files + + # Uncomment the following line if you want to filter requests + # sent to remote servers based on the rules defined in the + # 'attrs.pre-proxy' file. +# attr_filter.pre-proxy + + # If you want to have a log of packets proxied to a home + # server, un-comment the following line, and the + # 'detail pre_proxy_log' section, above. +# pre_proxy_log + + jradius +} + +# +# When the server receives a reply to a request it proxied +# to a home server, the request may be massaged here, in the +# post-proxy stage. +# +post-proxy { + + # If you want to have a log of replies from a home server, + # un-comment the following line, and the 'detail post_proxy_log' + # section, above. +# post_proxy_log + +# attr_rewrite + + # Uncomment the following line if you want to filter replies from + # remote proxies based on the rules defined in the 'attrs' file. +# attr_filter.post-proxy + + # + # If you are proxying LEAP, you MUST configure the EAP + # module, and you MUST list it here, in the post-proxy + # stage. + # + # You MUST also use the 'nostrip' option in the 'realm' + # configuration. Otherwise, the User-Name attribute + # in the proxied request will not match the user name + # hidden inside of the EAP packet, and the end server will + # reject the EAP request. + # + eap + + # + # If the server tries to proxy a request and fails, then the + # request is processed through the modules in this section. + # + # The main use of this section is to permit robust proxying + # of accounting packets. The server can be configured to + # proxy accounting packets as part of normal processing. + # Then, if the home server goes down, accounting packets can + # be logged to a local "detail" file, for processing with + # radrelay. When the home server comes back up, radrelay + # will read the detail file, and send the packets to the + # home server. + # + # With this configuration, the server always responds to + # Accounting-Requests from the NAS, but only writes + # accounting packets to disk if the home server is down. + # +# Post-Proxy-Type Fail { +# detail +# } + + jradius +} + +} # inner-tunnel server block diff --git a/server/raddb/sites-available/proxy-inner-tunnel b/server/raddb/sites-available/proxy-inner-tunnel new file mode 100644 index 0000000..1ce4137 --- /dev/null +++ b/server/raddb/sites-available/proxy-inner-tunnel @@ -0,0 +1,47 @@ +# -*- text -*- +###################################################################### +# +# This is a virtual server that handles *only* inner tunnel +# requests for EAP-TTLS and PEAP types. +# +# $Id$ +# +###################################################################### + +server proxy-inner-tunnel { + +# +# This example is very simple. All inner tunnel requests get +# proxied to another RADIUS server. +# +authorize { + # + # Do other things here, as necessary. + # + # e.g. run the "realms" module, to decide how to proxy + # the inner tunnel request. + # + + update control { + # You should update this to be one of your realms. + Proxy-To-Realm := "example.com" + } +} + +authenticate { + # + # This is necessary so that the inner tunnel EAP-MSCHAPv2 + # method can be called. That method takes care of turning + # EAP-MSCHAPv2 into plain MS-CHAPv2, if necessary. + eap +} + +post-proxy { + # + # This is necessary for LEAP, or if you set: + # + # proxy_tunneled_request_as_eap = no + # + eap +} +} diff --git a/server/raddb/sites-available/robust-proxy-accounting b/server/raddb/sites-available/robust-proxy-accounting new file mode 100644 index 0000000..0f99263 --- /dev/null +++ b/server/raddb/sites-available/robust-proxy-accounting @@ -0,0 +1,160 @@ +# -*- text -*- +###################################################################### +# +# This is a sample configuration for robust proxy accounting. +# accounting packets are proxied, OR logged locally if all +# home servers are down. When the home servers come back up, +# the accounting packets are forwarded. +# +# This method enables the server to proxy all packets to the +# home servers when they're up, AND to avoid writing to the +# detail file in most situations. +# +# In most situations, proxying of accounting messages is done +# in a "pass-through" fashion. If the home server does not +# respond, then the proxy server does not respond to the NAS. +# That means that the NAS must retransmit packets, sometimes +# forever. This example shows how the proxy server can still +# respond to the NAS, even if all home servers are down. +# +# This configuration could be done MUCH more simply if ALL +# packets were written to the detail file. But that would +# involve a lot more disk writes, which may not be a good idea. +# +# This file is NOT meant to be used as-is. It needs to be +# edited to match your local configuration. +# +# $Id$ +# +###################################################################### + +# (1) Define two home servers. +home_server home1.example.com { + type = acct + ipaddr = 192.0.2.10 + port = 1813 + secret = testing123 + + # Mark this home server alive ONLY when it starts being responsive + status_check = request + username = "test_user_status_check" + + # Set the response timeout aggressively low. + # You MAY have to increase this, depending on tests with + # your local installation. + response_window = 6 +} + +home_server home2.example.com { + type = acct + ipaddr = 192.0.2.20 + port = 1813 + secret = testing123 + + # Mark this home server alive ONLY when it starts being responsive + status_check = request + username = "test_user_status_check" + + # Set the response timeout aggressively low. + # You MAY have to increase this, depending on tests with + # your local installation. + response_window = 6 +} + +# (2) Define a virtual server to be used when both of the +# home servers are down. +home_server acct_detail.example.com { + virtual_server = acct_detail.example.com +} + +# Put all of the servers into a pool. +home_server_pool acct_pool.example.com { + type = load-balance # other types are OK, too. + + home_server = home1.example.com + home_server = home2.example.com + # add more home_server's here. + + # If all home servers are down, try a home server that + # is a local virtual server. + fallback = acct_detail.example.com + + # for pre/post-proxy policies + virtual_server = home.example.com +} + +# (3) Define a realm for these home servers. +# It should NOT be used as part of normal proxying decisions! +realm acct_realm.example.com { + acct_pool = acct_pool.example.com +} + +# (4) Define a detail file writer. +# See raddb/modules/detail.example.com + +# (5) Define the virtual server to write the packets to the detail file +# This will be called when ALL home servers are down, because of the +# "fallback" configuration in the home server pool. +server acct_detail.example.com { + accounting { + detail.example.com + } +} + +# (6) Define a virtual server to handle pre/post-proxy re-writing +server home.example.com { + pre-proxy { + # Insert pre-proxy rules here + } + + post-proxy { + # Insert post-proxy rules here + + # This will be called when the CURRENT packet failed + # to be proxied. This may happen when one home server + # suddenly goes down, even though another home server + # may be alive. + # + # i.e. the current request has run out of time, so it + # cannot fail over to another (possibly) alive server. + # + # We want to respond to the NAS, so that it can stop + # re-sending the packet. We write the packet to the + # "detail" file, where it will be read, and sent to + # another home server. + # + Post-Proxy-Type Fail { + detail.example.com + } + } + + + # Read accounting packets from the detail file(s) for + # the home server. + listen { + type = detail + filename = "${radacctdir}/detail.example.com/detail-*:*" + load_factor = 10 + } + + # All packets read from the detail file are proxied back to + # the home servers. + # + # The normal pre/post-proxy rules are applied to them, too. + # + # If the home servers are STILL down, then the server stops + # reading the detail file, and queues the packets for a later + # retransmission. The Post-Proxy-Type "Fail" handler is NOT + # called. + # + # When the home servers come back up, the packets are forwarded, + # and the detail file processed as normal. + accounting { + # You may want accounting policies here... + + update control { + Proxy-To-Realm := "acct_realm.example.com" + } + } + +} diff --git a/server/raddb/sites-available/status b/server/raddb/sites-available/status new file mode 100644 index 0000000..92ef9cf --- /dev/null +++ b/server/raddb/sites-available/status @@ -0,0 +1,123 @@ +# -*- text -*- +###################################################################### +# +# A virtual server to handle ONLY Status-Server packets. +# +# Server statistics can be queried with a properly formatted +# Status-Server request. See dictionary.freeradius for comments. +# +# If radiusd.conf has "status_server = yes", then any client +# will be able to send a Status-Server packet to any port +# (listen section type "auth", "acct", or "status"), and the +# server will respond. +# +# If radiusd.conf has "status_server = no", then the server will +# ignore Status-Server packets to "auth" and "acct" ports. It +# will respond only if the Status-Server packet is sent to a +# "status" port. +# +# The server statistics are available ONLY on socket of type +# "status". Qeuries for statistics sent to any other port +# are ignored. +# +# Similarly, a socket of type "status" will not process +# authentication or accounting packets. This is for security. +# +# $Id$ +# +###################################################################### + +server status { + listen { + # ONLY Status-Server is allowed to this port. + # ALL other packets are ignored. + type = status + + ipaddr = 127.0.0.1 + port = 18120 + } + + # + # We recommend that you list ONLY management clients here. + # i.e. NOT your NASes or Access Points, and for an ISP, + # DEFINITELY not any RADIUS servers that are proxying packets + # to you. + # + # If you do NOT list a client here, then any client that is + # globally defined (i.e. all of them) will be able to query + # these statistics. + # + # Do you really want your partners seeing the internal details + # of what your RADIUS server is doing? + # + client admin { + ipaddr = 127.0.0.1 + secret = adminsecret + } + + # + # Simple authorize section. The "Autz-Type Status-Server" + # section will work here, too. See "raddb/sites-available/default". + authorize { + # respond to the Status-Server request. + ok + } +} + +# Statistics can be queried via a number of methods: +# +# All packets received/sent by the server (1 = auth, 2 = acct) +# FreeRADIUS-Statistics-Type = 3 +# +# All packets proxied by the server (4 = proxy-auth, 8 = proxy-acct) +# FreeRADIUS-Statistics-Type = 12 +# +# All packets sent && received: +# FreeRADIUS-Statistics-Type = 15 +# +# Internal server statistics: +# FreeRADIUS-Statistics-Type = 16 +# +# All packets for a particular client (globally defined) +# FreeRADIUS-Statistics-Type = 35 +# FreeRADIUS-Stats-Client-IP-Address = 192.168.1.1 +# +# All packets for a client attached to a "listen" ip/port +# FreeRADIUS-Statistics-Type = 35 +# FreeRADIUS-Stats-Client-IP-Address = 192.168.1.1 +# FreeRADIUS-Stats-Server-IP-Address = 127.0.0.1 +# FreeRADIUS-Stats-Server-Port = 1812 +# +# All packets for a "listen" IP/port +# FreeRADIUS-Statistics-Type = 67 +# FreeRADIUS-Stats-Server-IP-Address = 127.0.0.1 +# FreeRADIUS-Stats-Server-Port = 1812 +# +# All packets for a home server IP / port +# FreeRADIUS-Statistics-Type = 131 +# FreeRADIUS-Stats-Server-IP-Address = 192.168.1.2 +# FreeRADIUS-Stats-Server-Port = 1812 + +# +# You can also get exponentially weighted moving averages of +# response times (in usec) of home servers. Just set the config +# item "historic_average_window" in a home_server section. +# +# By default it is zero (don't calculate it). Useful values +# are between 100, and 10,000. The server will calculate and +# remember the moving average for this window, and for 10 times +# that window. +# + +# +# Some of this could have been simplified. e.g. the proxy-auth and +# proxy-acct bits aren't completely necessary. But using them permits +# the server to be queried for ALL inbound && outbound packets at once. +# This gives a good snapshot of what the server is doing. +# +# Due to internal limitations, the statistics might not be exactly up +# to date. Do not expect all of the numbers to add up perfectly. +# The Status-Server packets are also counted in the total requests && +# responses. The responses are counted only AFTER the response has +# been sent. +# \ No newline at end of file diff --git a/server/raddb/sites-available/virtual.example.com b/server/raddb/sites-available/virtual.example.com new file mode 100644 index 0000000..d8eff1c --- /dev/null +++ b/server/raddb/sites-available/virtual.example.com @@ -0,0 +1,26 @@ +# -*- text -*- +###################################################################### +# +# Sample virtual server for internally proxied requests. +# +# See the "realm virtual.example.com" example in "proxy.conf". +# +# $Id$ +# +###################################################################### + +# +# Sample contents: just do everything that the default configuration does. +# +# You WILL want to edit this to your local needs. We suggest copying +# the "default" file here, and then editing it. That way, any +# changes to the 'default" file will not affect this virtual server, +# and vice-versa. +# +# When this virtual server receives the request, the original +# attributes can be accessed as "outer.request", "outer.control", etc. +# See "man unlang" for more details. +# +server virtual.example.com { +$INCLUDE ${confdir}/sites-available/default +} diff --git a/server/raddb/sites-available/vmps b/server/raddb/sites-available/vmps new file mode 100644 index 0000000..5416168 --- /dev/null +++ b/server/raddb/sites-available/vmps @@ -0,0 +1,90 @@ +# -*- text -*- +###################################################################### +# +# As of version 2.0.0, the server also supports the VMPS +# protocol. +# +# $Id$ +# +###################################################################### + +server vmps { + listen { + # VMPS sockets only support IPv4 addresses. + ipaddr = * + + # Port on which to listen. + # Allowed values are: + # integer port number + # 1589 is the default VMPS port. + port = 1589 + + # Type of packets to listen for. Here, it is VMPS. + type = vmps + + # Some systems support binding to an interface, in addition + # to the IP address. This feature isn't strictly necessary, + # but for sites with many IP addresses on one interface, + # it's useful to say "listen on all addresses for + # eth0". + # + # If your system does not support this feature, you will + # get an error if you try to use it. + # + # interface = eth0 + } + + # If you have switches that are allowed to send VMPS, but NOT + # RADIUS packets, then list them here as "client" sections. + # + # Note that for compatibility with RADIUS, you still have to + # list a "secret" for each client, though that secret will not + # be used for anything. + + + # And the REAL contents. This section is just like the + # "post-auth" section of radiusd.conf. In fact, it calls the + # "post-auth" component of the modules that are listed here. + # But it's called "vmps" to highlight that it's for VMPS. + # + vmps { + # + # Some requests may not have a MAC address. Try to + # create one using other attributes. + if (!VMPS-Mac) { + if (VMPS-Ethernet-Frame =~ /0x.{12}(..)(..)(..)(..)(..)(..).*/) { + update request { + VMPS-Mac = "%{1}:%{2}:%{3}:%{4}:%{5}:%{6}" + } + } + else { + update request { + VMPS-Mac = "%{VMPS-Cookie}" + } + } + } + + # Do a simple mapping of MAC to VLAN. + # + # See radiusd.conf for the definition of the "mac2vlan" + # module. + # + #mac2vlan + + # required VMPS reply attributes + update reply { + VMPS-Packet-Type = VMPS-Join-Response + VMPS-Cookie = "%{VMPS-Mac}" + + VMPS-VLAN-Name = "please_use_real_vlan_here" + + # + # If you have VLAN's in a database, you can select + # the VLAN name based on the MAC address. + # + #VMPS-VLAN-Name = "%{sql:select ... where mac='%{VMPS-Mac}'}" + } + } + + # Proxying of VMPS requests is NOT supported. +} diff --git a/server/raddb/sites-enabled/control-socket b/server/raddb/sites-enabled/control-socket new file mode 120000 index 0000000..b264d25 --- /dev/null +++ b/server/raddb/sites-enabled/control-socket @@ -0,0 +1 @@ +../sites-available/control-socket \ No newline at end of file diff --git a/server/raddb/sites-enabled/dhcp b/server/raddb/sites-enabled/dhcp new file mode 120000 index 0000000..bec4192 --- /dev/null +++ b/server/raddb/sites-enabled/dhcp @@ -0,0 +1 @@ +../sites-available/dhcp \ No newline at end of file diff --git a/server/raddb/sites-enabled/jradius-default b/server/raddb/sites-enabled/jradius-default new file mode 120000 index 0000000..6c9742d --- /dev/null +++ b/server/raddb/sites-enabled/jradius-default @@ -0,0 +1 @@ +../sites-available/jradius-default \ No newline at end of file diff --git a/server/raddb/sites-enabled/jradius-inner-tunnel b/server/raddb/sites-enabled/jradius-inner-tunnel new file mode 120000 index 0000000..f80b058 --- /dev/null +++ b/server/raddb/sites-enabled/jradius-inner-tunnel @@ -0,0 +1 @@ +../sites-available/jradius-inner-tunnel \ No newline at end of file diff --git a/server/raddb/sites-enabled/status b/server/raddb/sites-enabled/status new file mode 120000 index 0000000..8dbc213 --- /dev/null +++ b/server/raddb/sites-enabled/status @@ -0,0 +1 @@ +../sites-available/status \ No newline at end of file diff --git a/server/scripts/build_dictionary.sh b/server/scripts/build_dictionary.sh new file mode 100755 index 0000000..bc3c81e --- /dev/null +++ b/server/scripts/build_dictionary.sh @@ -0,0 +1,22 @@ +#!/bin/sh +cd `dirname $0` +pwd=$(pwd) +classpath=".:$pwd/lib" + +# pickup jradius-core into classpath +for jar in $pwd/lib/*jradius-core*.jar; do + classpath="$classpath:$jar" +done + +# generate source +CLASSPATH="$classpath" java net.jradius.freeradius.RadiusDictionary net.jradius.dictionary share tmp-dictionary + +# compile and jar +(cd tmp-dictionary + find . -name \*.java -print > file.list + echo "Compiling $(wc -l file.list) classes" + CLASSPATH="$classpath" javac @file.list + echo "Creating jar jradius-dictionary.jar" + find . -name \*.class -print > class.list + jar cf ../jradius-dictionary.jar @class.list +) diff --git a/server/scripts/simulator.sh b/server/scripts/simulator.sh new file mode 100644 index 0000000..41d0819 --- /dev/null +++ b/server/scripts/simulator.sh @@ -0,0 +1,7 @@ +#!/bin/sh +(cd `dirname $0`; classpath=".:./lib" +for jar in ./lib/*.jar; do + classpath="$classpath:$jar" +done +CLASSPATH="$classpath" java net.jradius.client.gui.JRadiusSimulator) + diff --git a/server/scripts/start.sh b/server/scripts/start.sh new file mode 100644 index 0000000..ef9abcf --- /dev/null +++ b/server/scripts/start.sh @@ -0,0 +1,7 @@ +#!/bin/sh +(cd `dirname $0`; classpath=".:./lib" +for jar in ./lib/*.jar; do + classpath="$classpath:$jar" +done +CLASSPATH="$classpath" java net.jradius.StartSpring) +