Documentation ¶
Index ¶
- type Attribute
- type AttributeCodec
- type AttributeStringer
- type AttributeTransformer
- type Client
- type Code
- type Dictionary
- func (d *Dictionary) Attr(name string, value interface{}, _vendor_id ...uint32) (*Attribute, error)
- func (d *Dictionary) AttributeByName(name string, _vendor_id ...uint32) (entry *dictEntry, vendor_id uint32, ok bool)
- func (d *Dictionary) AttributeByType(t byte, _vendor_id ...uint32) (entry *dictEntry, ok bool)
- func (d *Dictionary) Codec(t byte, _vendor_id ...uint32) AttributeCodec
- func (d *Dictionary) GetVendorId(v string) uint32
- func (d *Dictionary) GetVendorName(i uint32) string
- func (d *Dictionary) InitAttributeDictionaries(_vendor_id ...uint32)
- func (d *Dictionary) InitObjects()
- func (d *Dictionary) LoadDicts(path string) error
- func (d *Dictionary) MustAttr(name string, value interface{}, _vendor_id ...uint32) *Attribute
- func (d *Dictionary) MustRegister(name string, t byte, codec AttributeCodec, _vendor_id ...uint32)
- func (d *Dictionary) Name(t byte, _vendor_id ...uint32) (name string, ok bool)
- func (d *Dictionary) ParseAttrs(arr []string, _vendor_id ...uint32) bool
- func (d *Dictionary) ParseBeginVendor(arr []string) (vendor_name string, ok bool)
- func (d *Dictionary) ParseEndVendor(arr []string) (vendor_name string, ok bool)
- func (d *Dictionary) ParseVendor(arr []string) bool
- func (d *Dictionary) Register(name string, t byte, codec AttributeCodec, _vendor_id ...uint32) error
- func (d *Dictionary) RegisterVendor(v string, id uint32)
- func (d *Dictionary) SubAttributeDecode(vendor_id uint32, data []byte) (attributes []*Attribute)
- func (d *Dictionary) SubAttributeEncode(attributes []*Attribute, _vendor_id ...uint32) (vendor_id uint32, data []byte, err error)
- func (d *Dictionary) SwitchVendor(v string)
- func (d *Dictionary) Type(name string, _vendor_id ...uint32) (t byte, ok bool)
- func (d *Dictionary) Values(_vendor_id ...uint32) *dictAttr
- type ErrorFunc
- type ErrorHandler
- type Handler
- type HandlerFunc
- type Packet
- func (p *Packet) Add(name string, value interface{}) error
- func (p *Packet) AddAttr(attribute *Attribute) error
- func (p *Packet) AddVSAAttr(attribute *Attribute) error
- func (p *Packet) Attr(name string) *Attribute
- func (p *Packet) ClearAttributes()
- func (p *Packet) Encode() ([]byte, error)
- func (p *Packet) IsAuthentic(request *Packet) bool
- func (p *Packet) PAP() (username, password string, ok bool)
- func (p *Packet) Set(name string, value interface{}) error
- func (p *Packet) String(name string) string
- func (p *Packet) Value(name string) interface{}
- type ResponseWriter
- type Server
- type VendorSpecific
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AttributeCodec ¶
type AttributeCodec interface { // Note: do not store wire; make a copy of it. Decode(packet *Packet, wire []byte) (interface{}, error) Encode(packet *Packet, value interface{}) ([]byte, error) }
AttributeCodec defines how an Attribute is encoded and decoded to and from wire data.
var ( // string AttributeText AttributeCodec // []byte AttributeString AttributeCodec // net.IP as an IPv4 address AttributeAddress AttributeCodec // uint32 AttributeInteger AttributeCodec // time.Time AttributeTime AttributeCodec // []byte AttributeUnknown AttributeCodec // net.IP as an IPv6 address AttributeAddress6 AttributeCodec )
The base attribute value formats that are defined in RFC 2865.
type AttributeStringer ¶
type AttributeStringer interface {
String(value interface{}) string
}
AttributeStringer defines an extension of AttributeCodec. It provides a method for converting an attribute value to a string.
type AttributeTransformer ¶
type AttributeTransformer interface {
Transform(value interface{}) (interface{}, error)
}
AttributeTransformer defines an extension of AttributeCodec. It provides a method for converting attribute values to ones permitted by the attribute.
type Client ¶
type Client struct { // Network on which to make the connection. Defaults to "udp". Net string // Local address to use for outgoing connections (can be nil). LocalAddr net.Addr // Timeouts for various operations. Default values for each field is 10 // seconds. DialTimeout time.Duration ReadTimeout time.Duration WriteTimeout time.Duration // Interval on which to resend packet. Retry time.Duration // If the correct response of the server isn't important for you WithoutAuthentic bool }
Client is a RADIUS client that can send and receive packets to and from a RADIUS server.
type Code ¶
type Code byte
Code specifies the kind of RADIUS packet.
const ( CodeAccessRequest Code = 1 CodeAccessAccept Code = 2 CodeAccessReject Code = 3 CodeAccountingRequest Code = 4 CodeAccountingResponse Code = 5 CodeAccessChallenge Code = 11 CodeStatusServer Code = 12 CodeStatusClient Code = 13 CodeDisconnectRequest Code = 40 CodeDisconnectAck Code = 41 CodeDisconnectNak Code = 42 CodeReserved Code = 255 )
type Dictionary ¶
type Dictionary struct { Vendor string // current Vendor name VendorId map[string]uint32 // vendor name to id map VendorName map[uint32]string // vendor id to name map AttributeVendorId map[string]uint32 // attribute to vendor id map // contains filtered or unexported fields }
Dictionary stores mappings between attribute names and types and AttributeCodecs.
var Builtin *Dictionary
Builtin is the built-in dictionary. It is initially loaded with the attributes defined in RFC 2865 and RFC 2866.
func (*Dictionary) Attr ¶
func (d *Dictionary) Attr(name string, value interface{}, _vendor_id ...uint32) (*Attribute, error)
Attr returns a new *Attribute whose type is registered under the given name.
If name is not registered, nil and an error is returned.
func (*Dictionary) AttributeByName ¶
func (d *Dictionary) AttributeByName(name string, _vendor_id ...uint32) (entry *dictEntry, vendor_id uint32, ok bool)
get attribute dictionary
func (*Dictionary) AttributeByType ¶
func (d *Dictionary) AttributeByType(t byte, _vendor_id ...uint32) (entry *dictEntry, ok bool)
get attribute dictionary
func (*Dictionary) Codec ¶
func (d *Dictionary) Codec(t byte, _vendor_id ...uint32) AttributeCodec
Codec returns the AttributeCodec for the given registered type. nil is returned if the given type is not registered.
func (*Dictionary) GetVendorId ¶
func (d *Dictionary) GetVendorId(v string) uint32
get vendor id from name
func (*Dictionary) GetVendorName ¶
func (d *Dictionary) GetVendorName(i uint32) string
get vendor name from id
func (*Dictionary) InitAttributeDictionaries ¶
func (d *Dictionary) InitAttributeDictionaries(_vendor_id ...uint32)
func (*Dictionary) InitObjects ¶
func (d *Dictionary) InitObjects()
func (*Dictionary) LoadDicts ¶
func (d *Dictionary) LoadDicts(path string) error
load vsa dictionary file to be parsed see paloalto.dictionary for example
func (*Dictionary) MustAttr ¶
func (d *Dictionary) MustAttr(name string, value interface{}, _vendor_id ...uint32) *Attribute
MustAttr is a helper for Attr that panics if Attr were to return an error.
func (*Dictionary) MustRegister ¶
func (d *Dictionary) MustRegister(name string, t byte, codec AttributeCodec, _vendor_id ...uint32)
MustRegister is a helper for Register that panics if it returns an error.
func (*Dictionary) Name ¶
func (d *Dictionary) Name(t byte, _vendor_id ...uint32) (name string, ok bool)
Name returns the registered name for the given attribute type. ok is false if the given type is not registered.
func (*Dictionary) ParseAttrs ¶
func (d *Dictionary) ParseAttrs(arr []string, _vendor_id ...uint32) bool
vendor attribute parsing
func (*Dictionary) ParseBeginVendor ¶
func (d *Dictionary) ParseBeginVendor(arr []string) (vendor_name string, ok bool)
vendor attributes begin parsing
func (*Dictionary) ParseEndVendor ¶
func (d *Dictionary) ParseEndVendor(arr []string) (vendor_name string, ok bool)
vendor attributes end parsing
func (*Dictionary) ParseVendor ¶
func (d *Dictionary) ParseVendor(arr []string) bool
vendor id parsing
func (*Dictionary) Register ¶
func (d *Dictionary) Register(name string, t byte, codec AttributeCodec, _vendor_id ...uint32) error
Register registers the AttributeCodec for the given attribute name and type.
func (*Dictionary) RegisterVendor ¶
func (d *Dictionary) RegisterVendor(v string, id uint32)
add vendor id + name mapping
func (*Dictionary) SubAttributeDecode ¶
func (d *Dictionary) SubAttributeDecode(vendor_id uint32, data []byte) (attributes []*Attribute)
func (*Dictionary) SubAttributeEncode ¶
func (*Dictionary) SwitchVendor ¶
func (d *Dictionary) SwitchVendor(v string)
switch vendor (obsolete soon)
func (*Dictionary) Type ¶
func (d *Dictionary) Type(name string, _vendor_id ...uint32) (t byte, ok bool)
Type returns the registered type for the given attribute name. ok is false if the given name is not registered.
func (*Dictionary) Values ¶
func (d *Dictionary) Values(_vendor_id ...uint32) *dictAttr
get attribute dictionary
type ErrorHandler ¶
type Handler ¶
type Handler interface {
ServeRadius(w ResponseWriter, p *Packet)
}
Handler is a value that can handle a server's RADIUS packet event.
type HandlerFunc ¶
type HandlerFunc func(w ResponseWriter, p *Packet)
HandlerFunc is a wrapper that allows ordinary functions to be used as a handler.
func (HandlerFunc) ServeRadius ¶
func (h HandlerFunc) ServeRadius(w ResponseWriter, p *Packet)
ServeRadius calls h(w, p).
type Packet ¶
type Packet struct { Code Code Identifier byte Authenticator [16]byte Secret []byte Dictionary *Dictionary Attributes []*Attribute VendorId uint32 SubAttributes []*Attribute }
Packet defines a RADIUS packet.
func New ¶
New returns a new packet with the given code and secret. The identifier and authenticator are filled with random data, and the dictionary is set to Builtin. nil is returned if not enough random data could be generated.
func Parse ¶
func Parse(data, secret []byte, dictionary *Dictionary) (*Packet, error)
Parse parses a RADIUS packet from wire data, using the given shared secret and dictionary. nil and an error is returned if there is a problem parsing the packet.
Note: this function does not validate the authenticity of a packet. Ensuring a packet's authenticity should be done using the IsAuthentic method.
func (*Packet) AddVSAAttr ¶
func (*Packet) Attr ¶
Attr returns the first attribute whose dictionary name matches the given name. nil is returned if no such attribute exists.
func (*Packet) ClearAttributes ¶
func (p *Packet) ClearAttributes()
ClearAttributes removes all of the packet's attributes.
func (*Packet) Encode ¶
Encode encodes the packet to wire format. If there is an error encoding the packet, nil and an error is returned.
func (*Packet) IsAuthentic ¶
IsAuthentic returns if the packet is an authenticate response to the given request packet. Calling this function is only valid if both:
- p.code is one of: CodeAccessAccept CodeAccessReject CodeAccountingRequest CodeAccountingResponse CodeAccessChallenge CodeDisconnectRequest, Ack or Nak
- p.Authenticator contains the calculated authenticator
func (*Packet) PAP ¶
PAP returns the User-Name and User-Password attributes of an Access-Request packet.
If the packet does not contain a User-Password attribute, the password is set to the empty string.
func (*Packet) Set ¶
Set sets the value of the first attribute whose dictionary name matches the given name. If no such attribute exists, a new attribute is added
func (*Packet) String ¶
String returns the string representation of the value of the first attribute whose dictionary name matches the given name. The following rules are used for converting the attribute value to a string:
- If no such attribute exists with the given dictionary name, "" is returned
- If the value implements fmt.Stringer, value.String() is returned
- If the value is string, itself is returned
- If the value is []byte, string(value) is returned
- Otherwise, "" is returned
type ResponseWriter ¶
type ResponseWriter interface { // LocalAddr returns the address of the local server that accepted the // packet. LocalAddr() net.Addr // RemoteAddr returns the address of the remote client that sent to packet. RemoteAddr() net.Addr // Write sends a packet to the sender. Write(packet *Packet) error // AccessAccept sends an Access-Accept packet to the sender that includes // the given attributes. AccessAccept(attributes ...*Attribute) error // AccessAccept sends an Access-Reject packet to the sender that includes // the given attributes. AccessReject(attributes ...*Attribute) error // AccessAccept sends an Access-Challenge packet to the sender that includes // the given attributes. AccessChallenge(attributes ...*Attribute) error AccountingResponse(attributes ...*Attribute) error }
ResponseWriter is used by Handler when replying to a RADIUS packet.
type Server ¶
type Server struct { // Address to bind the server on. If empty, the address defaults to ":1812". Addr string // Network of the server. Valid values are "udp", "udp4", "udp6". If empty, // the network defaults to "udp". Network string // The shared secret between the client and server. Secret []byte // Client->Secret mapping ClientsMap map[string]string ClientIPMap map[string]string ClientNetMap map[string]string // Dictionary used when decoding incoming packets. Dictionary *Dictionary // The packet handler that handles incoming, valid packets. Handler Handler // Error handler for any errors outside the handler ErrorHandler ErrorHandler // quit channel CloseChan chan bool // contains filtered or unexported fields }
Server is a server that listens for and handles RADIUS packets.
func (*Server) AddClientsMap ¶
func (*Server) Close ¶
Close stops listening for packets. Any packet that is currently being handled will not be able to respond to the sender.
func (*Server) ListenAndServe ¶
ListenAndServe starts a RADIUS server on the address given in s.
func (*Server) ResetClientNetMap ¶
type VendorSpecific ¶
VendorSpecific defines RFC 2865's Vendor-Specific attribute.