radius

package module
v0.0.0-...-87ea4c5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 12, 2019 License: MPL-2.0 Imports: 9 Imported by: 6

README

WARNING

This repo has been archived!

NO further developement will be made in the foreseen future.

radius GoDoc

A Go (golang) RADIUS client and server implementation.

This repository is a fork from https://github.com/layeh/radius.

Installation

go get -u github.com/PromonLogicalis/radius

License

MPL 2.0

Documentation

Overview

Package radius provides a RADIUS client and server.

Attributes

The following tables list the attributes automatically registered in the Builtin dictionary. Each row contains the attributes' name, type (number), and Go data type.

The following attributes are defined by RFC 2865: 

User-Name                 1   string
User-Password             2   string
CHAP-Password             3   []byte
NAS-IP-Address            4   net.IP
NAS-Port                  5   uint32
Service-Type              6   uint32
Framed-Protocol           7   uint32
Framed-IP-Address         8   net.IP
Framed-IP-Netmask         9   net.IP
Framed-Routing            10  uint32
Filter-Id                 11  string
Framed-MTU                12  uint32
Framed-Compression        13  uint32
Login-IP-Host             14  net.IP
Login-Service             15  uint32
Login-TCP-Port            16  uint32
Reply-Message             18  string
Callback-Number           19  []byte
Callback-Id               20  []byte
Framed-Route              22  string
Framed-IPX-Network        23  net.IP
State                     24  []byte
Class                     25  []byte
Vendor-Specific           26  []byte
Session-Timeout           27  uint32
Idle-Timeout              28  uint32
Termination-Action        29  uint32
Called-Station-Id         30  []byte
Calling-Station-Id        31  []byte
NAS-Identifier            32  []byte
Proxy-State               33  []byte
Login-LAT-Service         34  []byte
Login-LAT-Node            35  []byte
Login-LAT-Group           36  []byte
Framed-AppleTalk-Link     37  uint32
Framed-AppleTalk-Network  38  uint32
Framed-AppleTalk-Zone     39  []byte
CHAP-Challenge            60  []byte
NAS-Port-Type             61  uint32
Port-Limit                62  uint32
Login-LAT-Port            63  []byte

The following attributes are defined by RFC 2866: 

Acct-Status-Type       40  uint32
Acct-Delay-Time        41  uint32
Acct-Input-Octets      42  uint32
Acct-Output-Octets     43  uint32
Acct-Session-Id        44  string
Acct-Authentic         45  uint32
Acct-Session-Time      46  uint32
Acct-Input-Packets     47  uint32
Acct-Output-Packets    48  uint32
Acct-Terminate-Cause   49  uint32
Acct-Multi-Session-Id  50  string
Acct-Link-Count        51  uint32

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Attribute 

type Attribute struct {
	Type  byte
	Value interface{}
}

Attribute is a RADIUS attribute, which is part of a RADIUS packet.

type AttributeCodec 

type AttributeCodec interface {
	// Note: do not store wire; make a copy of it.
	Decode(packet *Packet, wire []byte) (interface{}, error)
	Encode(packet *Packet, value interface{}) ([]byte, error)
}

AttributeCodec defines how an Attribute is encoded and decoded to and from wire data. 

var (
	// string
	AttributeText AttributeCodec
	// []byte
	AttributeString AttributeCodec
	// net.IP
	AttributeAddress AttributeCodec
	// uint32
	AttributeInteger AttributeCodec
	// time.Time
	AttributeTime AttributeCodec
	// []byte
	AttributeUnknown AttributeCodec
)

The base attribute value formats that are defined in RFC 2865.

type AttributeStringer 

type AttributeStringer interface {
	String(value interface{}) string
}

AttributeStringer defines an extension of AttributeCodec. It provides a method for converting an attribute value to a string.

type AttributeTransformer 

type AttributeTransformer interface {
	Transform(value interface{}) (interface{}, error)
}

AttributeTransformer defines an extension of AttributeCodec. It provides a method for converting attribute values to ones permitted by the attribute.

type Client 

type Client struct {
	// Network on which to make the connection. Defaults to "udp".
	Net string

	// Local address to use for outgoing connections (can be nil).
	LocalAddr net.Addr

	// Timeouts for various operations. Default values for each field is 10
	// seconds.
	DialTimeout  time.Duration
	ReadTimeout  time.Duration
	WriteTimeout time.Duration
}

Client is a RADIUS client that can send and receive packets to and from a RADIUS server.

func (*Client) Exchange 

func (c *Client) Exchange(packet *Packet, addr string) (*Packet, error)

Exchange sends the packet to the given server address and waits for a response. nil and an error is returned upon failure.

type Code 

type Code byte

Code specifies the kind of RADIUS packet. 

const (
	CodeAccessRequest      Code = 1
	CodeAccessAccept       Code = 2
	CodeAccessReject       Code = 3
	CodeAccountingRequest  Code = 4
	CodeAccountingResponse Code = 5
	CodeAccessChallenge    Code = 11
	CodeStatusServer       Code = 12
	CodeStatusClient       Code = 13
	CodeReserved           Code = 255
)

Codes which are defined in RFC 2865.

type Dictionary 

type Dictionary struct {
	// contains filtered or unexported fields
}

Dictionary stores mappings between attribute names and types and AttributeCodecs. 

var Builtin *Dictionary

Builtin is the built-in dictionary. It is initially loaded with the attributes defined in RFC 2865 and RFC 2866.

func (*Dictionary) Attr 

func (d *Dictionary) Attr(name string, value interface{}) (*Attribute, error)

Attr returns a new *Attribute whose type is registered under the given name.

If name is not registered, nil and an error is returned.

If the attribute's codec implements AttributeTransformer, the value is first transformed before being stored in *Attribute. If the transform function returns an error, nil and the error is returned.

func (*Dictionary) Codec 

func (d *Dictionary) Codec(t byte) AttributeCodec

Codec returns the AttributeCodec for the given registered type. nil is returned if the given type is not registered.

func (*Dictionary) Entries 

func (d *Dictionary) Entries() []DictionaryEntry

Entries returns a new slice with a copy of each registered attribute in the dictionary.

func (*Dictionary) MustAttr 

func (d *Dictionary) MustAttr(name string, value interface{}) *Attribute

MustAttr is a helper for Attr that panics if Attr were to return an error.

func (*Dictionary) MustRegister 

func (d *Dictionary) MustRegister(name string, t byte, codec AttributeCodec)

MustRegister is a helper for Register that panics if it returns an error.

func (*Dictionary) Name 

func (d *Dictionary) Name(t byte) (name string, ok bool)

Name returns the registered name for the given attribute type. ok is false if the given type is not registered.

func (*Dictionary) Register 

func (d *Dictionary) Register(name string, t byte, codec AttributeCodec) error

Register registers the AttributeCodec for the given attribute name and type.

func (*Dictionary) Remove 

func (d *Dictionary) Remove(t byte) error

Remove removes an attribute from the dictionary by type. It returns an error only if the attribute type does not exist.

func (*Dictionary) RemoveByName 

func (d *Dictionary) RemoveByName(name string) error

RemoveByName removes an attribute from the dictionary by name. It returns an error only if the attribute name does not exist.

func (*Dictionary) Type 

func (d *Dictionary) Type(name string) (t byte, ok bool)

Type returns the registered type for the given attribute name. ok is false if the given name is not registered.

type DictionaryEntry 

type DictionaryEntry struct {
	Type  byte
	Name  string
	Codec AttributeCodec
}

DictionaryEntry stores a single mapping between an attribute name, type and AttributeCodec.

type Handler 

type Handler interface {
	ServeRadius(w ResponseWriter, p *Packet)
}

Handler is a value that can handle a server's RADIUS packet event.

type HandlerFunc 

type HandlerFunc func(w ResponseWriter, p *Packet)

HandlerFunc is a wrapper that allows ordinary functions to be used as a handler.

func (HandlerFunc) ServeRadius 

func (h HandlerFunc) ServeRadius(w ResponseWriter, p *Packet)

ServeRadius calls h(w, p).

type Packet 

type Packet struct {
	Code          Code
	Identifier    byte
	Authenticator [16]byte

	Secret []byte

	Dictionary *Dictionary

	Attributes []*Attribute
}

Packet defines a RADIUS packet.

func New 

func New(code Code, secret []byte) *Packet

New returns a new packet with the given code and secret. The identifier and authenticator are filled with random data, and the dictionary is set to Builtin. nil is returned if not enough random data could be generated.

func Parse 

func Parse(data, secret []byte, dictionary *Dictionary) (*Packet, error)

Parse parses a RADIUS packet from wire data, using the given shared secret and dictionary. nil and an error is returned if there is a problem parsing the packet.

Note: this function does not validate the authenticity of a packet. Ensuring a packet's authenticity should be done using the IsAuthentic method.

func (*Packet) Add 

func (p *Packet) Add(name string, value interface{}) error

Add adds an attribute whose dictionary name matches the given name.

func (*Packet) AddAttr 

func (p *Packet) AddAttr(attribute *Attribute)

AddAttr adds the given attribute to the packet.

func (*Packet) Attr 

func (p *Packet) Attr(name string) *Attribute

Attr returns the first attribute whose dictionary name matches the given name. nil is returned if no such attribute exists.

func (*Packet) ClearAttributes 

func (p *Packet) ClearAttributes()

ClearAttributes removes all of the packet's attributes.

func (*Packet) Encode 

func (p *Packet) Encode() ([]byte, error)

Encode encodes the packet to wire format. If there is an error encoding the packet, nil and an error is returned.

func (*Packet) IsAuthentic 

func (p *Packet) IsAuthentic(request *Packet) bool

IsAuthentic returns if the packet is an authenticate response to the given request packet. Calling this function is only valid if both:

  • p.code is one of: CodeAccessAccept CodeAccessReject CodeAccountingRequest CodeAccountingResponse CodeAccessChallenge
  • p.Authenticator contains the calculated authenticator

func (*Packet) PAP 

func (p *Packet) PAP() (username, password string, ok bool)

PAP returns the User-Name and User-Password attributes of an Access-Request packet.

If packet's code is Access-Request, and the packet has a User-Name and User-Password attribute, ok is true. Otherwise, it is false.

func (*Packet) Set 

func (p *Packet) Set(name string, value interface{}) error

Set sets the value of the first attribute whose dictionary name matches the given name. If no such attribute exists, a new attribute is added

func (*Packet) String 

func (p *Packet) String(name string) string

String returns the string representation of the value of the first attribute whose dictionary name matches the given name. The following rules are used for converting the attribute value to a string:

  • If no such attribute exists with the given dictionary name, "" is returned
  • If the attribute's Codec implements AttributeStringer, AttributeStringer.String(value) is returned
  • If the value implements fmt.Stringer, value.String() is returned
  • If the value is string, itself is returned
  • If the value is []byte, string(value) is returned
  • Otherwise, "" is returned

func (*Packet) Value 

func (p *Packet) Value(name string) interface{}

Value returns the value of the first attribute whose dictionary name matches the given name. nil is returned if no such attribute exists.

type ResponseWriter 

type ResponseWriter interface {
	// LocalAddr returns the address of the local server that accepted the
	// packet.
	LocalAddr() net.Addr
	// RemoteAddr returns the address of the remote client that sent to packet.
	RemoteAddr() net.Addr

	// Write sends a packet to the sender.
	Write(packet *Packet) error

	// AccessAccept sends an Access-Accept packet to the sender that includes
	// the given attributes.
	AccessAccept(attributes ...*Attribute) error
	// AccessAccept sends an Access-Reject packet to the sender that includes
	// the given attributes.
	AccessReject(attributes ...*Attribute) error
	// AccessAccept sends an Access-Challenge packet to the sender that includes
	// the given attributes.
	AccessChallenge(attributes ...*Attribute) error
}

ResponseWriter is used by Handler when replying to a RADIUS packet.

type Server 

type Server struct {
	// Address to bind the server on. If empty, the address defaults to ":1812".
	Addr string
	// Network of the server. Valid values are "udp", "udp4", "udp6". If empty,
	// the network defaults to "udp".
	Network string
	// The shared secret between the client and server.
	Secret []byte

	// Dictionary used when decoding incoming packets.
	Dictionary *Dictionary

	// The packet handler that handles incoming, valid packets.
	Handler Handler
	// contains filtered or unexported fields
}

Server is a server that listens for and handles RADIUS packets.

func (*Server) Close 

func (s *Server) Close() error

Close stops listening for packets. Any packet that is currently being handled will not be able to respond to the sender.

func (*Server) ListenAndServe 

func (s *Server) ListenAndServe() error

ListenAndServe starts a RADIUS server on the address given in s.

Source Files

View all Source files

Directories

Path Synopsis
cmd
radserver
radtest

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.