eap-radius: Add support for some basic IPv6-specific RADIUS attributes
authorTobias Brunner <tobias@strongswan.org>
Mon, 22 Jun 2015 09:36:15 +0000 (11:36 +0200)
committerTobias Brunner <tobias@strongswan.org>
Mon, 17 Aug 2015 09:23:33 +0000 (11:23 +0200)
These are defined in RFC 6911.

Fixes #1001.

src/libcharon/plugins/eap_radius/eap_radius.c
src/libradius/radius_message.c
src/libradius/radius_message.h

index 60d12dc..8618ecf 100644 (file)
@@ -434,6 +434,9 @@ static void add_nameserver_attribute(eap_radius_provider_t *provider,
                case 31: /* MS-Secondary-NBNS-Server */
                        provider->add_attribute(provider, id, INTERNAL_IP4_NBNS, data);
                        break;
+               case RAT_FRAMED_IPV6_DNS_SERVER:
+                       provider->add_attribute(provider, id, INTERNAL_IP6_DNS, data);
+                       break;
        }
 }
 
@@ -515,7 +518,8 @@ static void process_cfg_attributes(radius_message_t *msg)
                enumerator = msg->create_enumerator(msg);
                while (enumerator->enumerate(enumerator, &type, &data))
                {
-                       if (type == RAT_FRAMED_IP_ADDRESS && data.len == 4)
+                       if ((type == RAT_FRAMED_IP_ADDRESS && data.len == 4) ||
+                               (type == RAT_FRAMED_IPV6_ADDRESS && data.len == 16))
                        {
                                host = host_create_from_chunk(AF_INET, data, 0);
                                if (host)
@@ -529,6 +533,11 @@ static void process_cfg_attributes(radius_message_t *msg)
                                provider->add_attribute(provider, ike_sa->get_unique_id(ike_sa),
                                                                                INTERNAL_IP4_NETMASK, data);
                        }
+                       else if (type == RAT_FRAMED_IPV6_DNS_SERVER && data.len == 16)
+                       {
+                               add_nameserver_attribute(provider,
+                                                                       ike_sa->get_unique_id(ike_sa), type, data);
+                       }
                }
                enumerator->destroy(enumerator);
 
index e6abfe2..01c8298 100644 (file)
@@ -97,7 +97,7 @@ ENUM_NEXT(radius_message_code_names, RMC_DISCONNECT_REQUEST, RMC_COA_NAK, RMC_AC
        "CoA-NAK");
 ENUM_END(radius_message_code_names, RMC_COA_NAK);
 
-ENUM(radius_attribute_type_names, RAT_USER_NAME, RAT_MIP6_HOME_LINK_PREFIX,
+ENUM_BEGIN(radius_attribute_type_names, RAT_USER_NAME, RAT_MIP6_HOME_LINK_PREFIX,
        "User-Name",
        "User-Password",
        "CHAP-Password",
@@ -223,6 +223,13 @@ ENUM(radius_attribute_type_names, RAT_USER_NAME, RAT_MIP6_HOME_LINK_PREFIX,
        "Delegated-IPv6-Prefix",
        "MIP6-Feature-Vector",
        "MIP6-Home-Link-Prefix");
+ENUM_NEXT(radius_attribute_type_names, RAT_FRAMED_IPV6_ADDRESS, RAT_STATEFUL_IPV6_ADDRESS_POOL, RAT_MIP6_HOME_LINK_PREFIX,
+       "Framed-IPv6-Address",
+       "DNS-Server-IPv6-Address",
+       "Route-IPv6-Information",
+       "Delegated-IPv6-Prefix-Pool",
+       "Stateful-IPv6-Address-Pool");
+ENUM_END(radius_attribute_type_names, RAT_STATEFUL_IPV6_ADDRESS_POOL);
 
 /**
  * Attribute enumerator implementation
index 4ce03a4..e6cb40b 100644 (file)
@@ -186,6 +186,11 @@ enum radius_attribute_type_t {
        RAT_DELEGATED_IPV6_PREFIX = 123,
        RAT_MIP6_FEATURE_VECTOR = 124,
        RAT_MIP6_HOME_LINK_PREFIX = 125,
+       RAT_FRAMED_IPV6_ADDRESS = 168,
+       RAT_FRAMED_IPV6_DNS_SERVER = 169,
+       RAT_ROUTE_IPV6_INFORMATION = 170,
+       RAT_DELEGATED_IPV6_PREFIX_POOL = 171,
+       RAT_STATEFUL_IPV6_ADDRESS_POOL = 172,
 };
 
 /**