radius

package module
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 12, 2017 License: MPL-2.0 Imports: 16 Imported by: 0

README

radius GoDoc

a Go (golang) RADIUS client and server implementation

Installation

go get -u github.com/foodforarabbit/radius

License

MPL 2.0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Attribute 

type Attribute struct {
	Type     byte
	Value    interface{}
	VendorId uint32
}

Attribute is a RADIUS attribute, which is part of a RADIUS packet.

type AttributeCodec 

type AttributeCodec interface {
	// Note: do not store wire; make a copy of it.
	Decode(packet *Packet, wire []byte) (interface{}, error)
	Encode(packet *Packet, value interface{}) ([]byte, error)
}

AttributeCodec defines how an Attribute is encoded and decoded to and from wire data. 

var (
	// string
	AttributeText AttributeCodec
	// []byte
	AttributeString AttributeCodec
	// net.IP as an IPv4 address
	AttributeAddress AttributeCodec
	// uint32
	AttributeInteger AttributeCodec
	// time.Time
	AttributeTime AttributeCodec
	// []byte
	AttributeUnknown AttributeCodec
	// net.IP as an IPv6 address
	AttributeAddress6 AttributeCodec
)

The base attribute value formats that are defined in RFC 2865.

type AttributeStringer 

type AttributeStringer interface {
	String(value interface{}) string
}

AttributeStringer defines an extension of AttributeCodec. It provides a method for converting an attribute value to a string.

type AttributeTransformer 

type AttributeTransformer interface {
	Transform(value interface{}) (interface{}, error)
}

AttributeTransformer defines an extension of AttributeCodec. It provides a method for converting attribute values to ones permitted by the attribute.

type Client 

type Client struct {
	// Network on which to make the connection. Defaults to "udp".
	Net string

	// Local address to use for outgoing connections (can be nil).
	LocalAddr net.Addr

	// Timeouts for various operations. Default values for each field is 10
	// seconds.
	DialTimeout  time.Duration
	ReadTimeout  time.Duration
	WriteTimeout time.Duration

	// Interval on which to resend packet.
	Retry time.Duration

	// If the correct response of the server isn't important for you
	WithoutAuthentic bool
}

Client is a RADIUS client that can send and receive packets to and from a RADIUS server.

func (*Client) Exchange 

func (c *Client) Exchange(packet *Packet, addr string) (*Packet, error)

Exchange sends the packet to the given server address and waits for a response. nil and an error is returned upon failure.

type Code 

type Code byte

Code specifies the kind of RADIUS packet. 

const (
	CodeAccessRequest      Code = 1
	CodeAccessAccept       Code = 2
	CodeAccessReject       Code = 3
	CodeAccountingRequest  Code = 4
	CodeAccountingResponse Code = 5
	CodeAccessChallenge    Code = 11
	CodeStatusServer       Code = 12
	CodeStatusClient       Code = 13

	CodeDisconnectRequest Code = 40
	CodeDisconnectAck     Code = 41
	CodeDisconnectNak     Code = 42

	CodeReserved Code = 255
)

Codes which are defined in RFC 2865 and RFC 5176.

type Dictionary 

type Dictionary struct {
	Vendor            string            // current Vendor name
	VendorId          map[string]uint32 // vendor name to id map
	VendorName        map[uint32]string // vendor id to name map
	AttributeVendorId map[string]uint32 // attribute to vendor id map
	// contains filtered or unexported fields
}

Dictionary stores mappings between attribute names and types and AttributeCodecs. 

var Builtin *Dictionary

Builtin is the built-in dictionary. It is initially loaded with the attributes defined in RFC 2865 and RFC 2866.

func (*Dictionary) Attr 

func (d *Dictionary) Attr(name string, value interface{}, _vendor_id ...uint32) (*Attribute, error)

Attr returns a new *Attribute whose type is registered under the given name.

If name is not registered, nil and an error is returned.

func (*Dictionary) AttributeByName 

func (d *Dictionary) AttributeByName(name string, _vendor_id ...uint32) (entry *dictEntry, vendor_id uint32, ok bool)

get attribute dictionary

func (*Dictionary) AttributeByType 

func (d *Dictionary) AttributeByType(t byte, _vendor_id ...uint32) (entry *dictEntry, ok bool)

get attribute dictionary

func (*Dictionary) Codec 

func (d *Dictionary) Codec(t byte, _vendor_id ...uint32) AttributeCodec

Codec returns the AttributeCodec for the given registered type. nil is returned if the given type is not registered.

func (*Dictionary) GetVendorId 

func (d *Dictionary) GetVendorId(v string) uint32

get vendor id from name

func (*Dictionary) GetVendorName 

func (d *Dictionary) GetVendorName(i uint32) string

get vendor name from id

func (*Dictionary) InitAttributeDictionaries 

func (d *Dictionary) InitAttributeDictionaries(_vendor_id ...uint32)

func (*Dictionary) InitObjects 

func (d *Dictionary) InitObjects()

func (*Dictionary) LoadDicts 

func (d *Dictionary) LoadDicts(path string) error

load vsa dictionary file to be parsed see paloalto.dictionary for example

func (*Dictionary) MustAttr 

func (d *Dictionary) MustAttr(name string, value interface{}, _vendor_id ...uint32) *Attribute

MustAttr is a helper for Attr that panics if Attr were to return an error.

func (*Dictionary) MustRegister 

func (d *Dictionary) MustRegister(name string, t byte, codec AttributeCodec, _vendor_id ...uint32)

MustRegister is a helper for Register that panics if it returns an error.

func (*Dictionary) Name 

func (d *Dictionary) Name(t byte, _vendor_id ...uint32) (name string, ok bool)

Name returns the registered name for the given attribute type. ok is false if the given type is not registered.

func (*Dictionary) ParseAttrs 

func (d *Dictionary) ParseAttrs(arr []string, _vendor_id ...uint32) bool

vendor attribute parsing

func (*Dictionary) ParseBeginVendor 

func (d *Dictionary) ParseBeginVendor(arr []string) (vendor_name string, ok bool)

vendor attributes begin parsing

func (*Dictionary) ParseEndVendor 

func (d *Dictionary) ParseEndVendor(arr []string) (vendor_name string, ok bool)

vendor attributes end parsing

func (*Dictionary) ParseVendor 

func (d *Dictionary) ParseVendor(arr []string) bool

vendor id parsing

func (*Dictionary) Register 

func (d *Dictionary) Register(name string, t byte, codec AttributeCodec, _vendor_id ...uint32) error

Register registers the AttributeCodec for the given attribute name and type.

func (*Dictionary) RegisterVendor 

func (d *Dictionary) RegisterVendor(v string, id uint32)

add vendor id + name mapping

func (*Dictionary) SubAttributeDecode 

func (d *Dictionary) SubAttributeDecode(vendor_id uint32, data []byte) (attributes []*Attribute)

func (*Dictionary) SubAttributeEncode 

func (d *Dictionary) SubAttributeEncode(attributes []*Attribute, _vendor_id ...uint32) (vendor_id uint32, data []byte, err error)

func (*Dictionary) SwitchVendor 

func (d *Dictionary) SwitchVendor(v string)

switch vendor (obsolete soon)

func (*Dictionary) Type 

func (d *Dictionary) Type(name string, _vendor_id ...uint32) (t byte, ok bool)

Type returns the registered type for the given attribute name. ok is false if the given name is not registered.

func (*Dictionary) Values 

func (d *Dictionary) Values(_vendor_id ...uint32) *dictAttr

get attribute dictionary

type ErrorFunc 

type ErrorFunc func(e error, p *Packet)

func (ErrorFunc) Error 

func (h ErrorFunc) Error(e error, p *Packet)

Handle any errors

type ErrorHandler 

type ErrorHandler interface {
	Error(e error, p *Packet)
}

type Handler 

type Handler interface {
	ServeRadius(w ResponseWriter, p *Packet)
}

Handler is a value that can handle a server's RADIUS packet event.

type HandlerFunc 

type HandlerFunc func(w ResponseWriter, p *Packet)

HandlerFunc is a wrapper that allows ordinary functions to be used as a handler.

func (HandlerFunc) ServeRadius 

func (h HandlerFunc) ServeRadius(w ResponseWriter, p *Packet)

ServeRadius calls h(w, p).

type Packet 

type Packet struct {
	Code          Code
	Identifier    byte
	Authenticator [16]byte

	Secret []byte

	Dictionary *Dictionary

	Attributes []*Attribute

	VendorId      uint32
	SubAttributes []*Attribute
}

Packet defines a RADIUS packet.

func New 

func New(code Code, secret []byte) *Packet

New returns a new packet with the given code and secret. The identifier and authenticator are filled with random data, and the dictionary is set to Builtin. nil is returned if not enough random data could be generated.

func Parse 

func Parse(data, secret []byte, dictionary *Dictionary) (*Packet, error)

Parse parses a RADIUS packet from wire data, using the given shared secret and dictionary. nil and an error is returned if there is a problem parsing the packet.

Note: this function does not validate the authenticity of a packet. Ensuring a packet's authenticity should be done using the IsAuthentic method.

func (*Packet) Add 

func (p *Packet) Add(name string, value interface{}) error

Add adds an attribute whose dictionary name matches the given name.

func (*Packet) AddAttr 

func (p *Packet) AddAttr(attribute *Attribute) error

AddAttr adds the given attribute to the packet.

func (*Packet) AddVSAAttr 

func (p *Packet) AddVSAAttr(attribute *Attribute) error

func (*Packet) Attr 

func (p *Packet) Attr(name string) *Attribute

Attr returns the first attribute whose dictionary name matches the given name. nil is returned if no such attribute exists.

func (*Packet) ClearAttributes 

func (p *Packet) ClearAttributes()

ClearAttributes removes all of the packet's attributes.

func (*Packet) Encode 

func (p *Packet) Encode() ([]byte, error)

Encode encodes the packet to wire format. If there is an error encoding the packet, nil and an error is returned.

func (*Packet) IsAuthentic 

func (p *Packet) IsAuthentic(request *Packet) bool

IsAuthentic returns if the packet is an authenticate response to the given request packet. Calling this function is only valid if both:

  • p.code is one of: CodeAccessAccept CodeAccessReject CodeAccountingRequest CodeAccountingResponse CodeAccessChallenge CodeDisconnectRequest, Ack or Nak
  • p.Authenticator contains the calculated authenticator

func (*Packet) PAP 

func (p *Packet) PAP() (username, password string, ok bool)

PAP returns the User-Name and User-Password attributes of an Access-Request packet.

If the packet does not contain a User-Password attribute, the password is set to the empty string.

func (*Packet) Set 

func (p *Packet) Set(name string, value interface{}) error

Set sets the value of the first attribute whose dictionary name matches the given name. If no such attribute exists, a new attribute is added

func (*Packet) String 

func (p *Packet) String(name string) string

String returns the string representation of the value of the first attribute whose dictionary name matches the given name. The following rules are used for converting the attribute value to a string:

  • If no such attribute exists with the given dictionary name, "" is returned
  • If the value implements fmt.Stringer, value.String() is returned
  • If the value is string, itself is returned
  • If the value is []byte, string(value) is returned
  • Otherwise, "" is returned

func (*Packet) Value 

func (p *Packet) Value(name string) interface{}

Value returns the value of the first attribute whose dictionary name matches the given name. nil is returned if no such attribute exists.

type ResponseWriter 

type ResponseWriter interface {
	// LocalAddr returns the address of the local server that accepted the
	// packet.
	LocalAddr() net.Addr

	// RemoteAddr returns the address of the remote client that sent to packet.
	RemoteAddr() net.Addr

	// Write sends a packet to the sender.
	Write(packet *Packet) error

	// AccessAccept sends an Access-Accept packet to the sender that includes
	// the given attributes.
	AccessAccept(attributes ...*Attribute) error

	// AccessAccept sends an Access-Reject packet to the sender that includes
	// the given attributes.
	AccessReject(attributes ...*Attribute) error

	// AccessAccept sends an Access-Challenge packet to the sender that includes
	// the given attributes.
	AccessChallenge(attributes ...*Attribute) error

	AccountingResponse(attributes ...*Attribute) error
}

ResponseWriter is used by Handler when replying to a RADIUS packet.

type Server 

type Server struct {
	// Address to bind the server on. If empty, the address defaults to ":1812".
	Addr string

	// Network of the server. Valid values are "udp", "udp4", "udp6". If empty,
	// the network defaults to "udp".
	Network string

	// The shared secret between the client and server.
	Secret []byte

	// Client->Secret mapping
	ClientsMap map[string]string

	ClientIPMap  map[string]string
	ClientNetMap map[string]string

	// Dictionary used when decoding incoming packets.
	Dictionary *Dictionary

	// The packet handler that handles incoming, valid packets.
	Handler Handler

	// Error handler for any errors outside the handler
	ErrorHandler ErrorHandler

	// quit channel
	CloseChan chan bool
	// contains filtered or unexported fields
}

Server is a server that listens for and handles RADIUS packets.

func (*Server) AddClientsMap 

func (s *Server) AddClientsMap(m map[string]string)

func (*Server) Close 

func (s *Server) Close() error

Close stops listening for packets. Any packet that is currently being handled will not be able to respond to the sender.

func (*Server) ListenAndServe 

func (s *Server) ListenAndServe() error

ListenAndServe starts a RADIUS server on the address given in s.

func (*Server) ResetClientNetMap 

func (s *Server) ResetClientNetMap() error

type VendorSpecific 

type VendorSpecific struct {
	VendorID uint32
	Data     []byte
}

VendorSpecific defines RFC 2865's Vendor-Specific attribute.

Source Files

View all Source files

Directories

Path Synopsis
cmd
radserver
radtest

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.