encode groups for VSAs

update the dictionaries, and the tests
FreeRADIUS · Jan 27, 2024 · 8810f8f · 8810f8f
1 parent d8aa086
commit 8810f8f
Show file tree

Hide file tree

Showing 5 changed files with 28 additions and 21 deletions.
diff --git a/share/dictionary/radius/dictionary.nokia.sr b/share/dictionary/radius/dictionary.nokia.sr
@@ -296,8 +296,8 @@ ATTRIBUTE	Force-Nak				98	string	# CoA
 ATTRIBUTE	Ipv6-Address				99	ipv6addr
 ATTRIBUTE	Serv-Id					100	integer
 ATTRIBUTE	Interface				101	string
-ATTRIBUTE	ToServer-Dhcp-Options			102	octets
-ATTRIBUTE	ToClient-Dhcp-Options			103	octets
+ATTRIBUTE	ToServer-Dhcp-Options			102	group ref=..DHCPv4
+ATTRIBUTE	ToClient-Dhcp-Options			103	group ref=..DHCPv4
 ATTRIBUTE	Tunnel-Serv-Id				104	integer
 ATTRIBUTE	Ipv6-Primary-Dns			105	ipv6addr
 ATTRIBUTE	Ipv6-Secondary-Dns			106	ipv6addr
@@ -530,8 +530,8 @@ ATTRIBUTE	WPP-ErrorCode				183	integer
 ATTRIBUTE	Onetime-Http-Redirect-Reactivate	185	string
 
 # DHCP6 attributes
-ATTRIBUTE	ToServer-Dhcp6-Options			191	octets
-ATTRIBUTE	ToClient-Dhcp6-Options			192	octets
+ATTRIBUTE	ToServer-Dhcp6-Options			191	group ref=..DHCPv6
+ATTRIBUTE	ToClient-Dhcp6-Options			192	group ref=..DHCPv6
 
 #
 #  MUST have renew time <= rebind time <= preferred lifetime <= valid lifetime

diff --git a/share/dictionary/radius/dictionary.starent b/share/dictionary/radius/dictionary.starent
@@ -288,7 +288,7 @@ ATTRIBUTE	Fast-Reauth-Username			304	octets
 ATTRIBUTE	Pseudonym-Username			305	octets
 ATTRIBUTE	WiMAX-Auth-Only				306	integer
 ATTRIBUTE	TrafficSelector-Class			307	integer
-ATTRIBUTE	DHCP-Options				309	octets
+ATTRIBUTE	DHCP-Options				309	group ref=..DHCPv4
 ATTRIBUTE	Handoff-Indicator			310	integer
 ATTRIBUTE	User-Privilege				313	integer
 ATTRIBUTE	IPv6-Alloc-Method			314	integer

diff --git a/share/dictionary/radius/dictionary.unisphere b/share/dictionary/radius/dictionary.unisphere
@@ -108,9 +108,9 @@ ATTRIBUTE	Sdx-Tunnel-Disconnect-Cause-Info	51	string
 ATTRIBUTE	Radius-Client-Address			52	ipaddr
 ATTRIBUTE	Service-Description			53	string
 ATTRIBUTE	L2tp-Recv-Window-Size			54	integer
-ATTRIBUTE	Dhcp-Options				55	octets
-ATTRIBUTE	Dhcp-Mac-Addr				56	string
-ATTRIBUTE	Dhcp-Gi-Address				57	ipaddr
+ATTRIBUTE	DHCP-Options				55	group ref=..DHCPv4
+ATTRIBUTE	DHCP-Mac-Addr				56	string
+ATTRIBUTE	DHCP-Gi-Address				57	ipaddr
 ATTRIBUTE	LI-Action				58	integer	encrypt=2
 ATTRIBUTE	Med-Dev-Handle				59	octets	encrypt=2
 ATTRIBUTE	Med-Ip-Address				60	ipaddr	encrypt=2
@@ -218,7 +218,7 @@ ATTRIBUTE	IPv6-Acct-Input-Gigawords		155	integer
 ATTRIBUTE	IPv6-Acct-Output-Gigawords		156	integer
 ATTRIBUTE	IPv6-NdRa-Pool-Name			157	string
 ATTRIBUTE	PppoE-Padn				158	string
-ATTRIBUTE	Dhcp-Option-82				159	octets
+ATTRIBUTE	DHCP-Option-82				159	octets # ref=..DHCPv4.Relay-Agent-Information
 ATTRIBUTE	Vlan-Map-Id				160	integer
 ATTRIBUTE	IPv6-Delegated-Pool-Name		161	string
 ATTRIBUTE	Tx-Connect-Speed			162	integer
@@ -262,7 +262,7 @@ ATTRIBUTE	IPv6-Output-Service-Filter		203	string
 ATTRIBUTE	Adv-Pcef-Profile-Name			204	string
 ATTRIBUTE	Adv-Pcef-Rule-Name			205	string
 ATTRIBUTE	Re-Authentication-Catalyst		206	integer
-ATTRIBUTE	DHCPv6-Options				207	octets
+ATTRIBUTE	DHCPv6-Options				207	group ref=..DHCPv4
 ATTRIBUTE	DHCP-Header				208	octets
 ATTRIBUTE	DHCPv6-Header				209	octets
 ATTRIBUTE	Acct-Request-Reason			210	integer

diff --git a/src/protocols/radius/encode.c b/src/protocols/radius/encode.c
@@ -41,6 +41,10 @@ static ssize_t encode_child(fr_dbuff_t *dbuff,
 				fr_da_stack_t *da_stack, unsigned int depth,
 				fr_dcursor_t *cursor, void *encode_ctx);
 
+static ssize_t encode_group(fr_dbuff_t *dbuff,
+			    fr_da_stack_t *da_stack, unsigned int depth,
+			    fr_dcursor_t *cursor, void *encode_ctx);
+
 /** "encrypt" a password RADIUS style
  *
  * Input and output buffers can be identical if in-place encryption is needed.
@@ -349,6 +353,8 @@ static ssize_t encode_value(fr_dbuff_t *dbuff,
 	 */
 	if (da->type == FR_TYPE_TLV) return encode_tlv(dbuff, da_stack, depth, cursor, encode_ctx);
 
+	if (da->type == FR_TYPE_GROUP) return encode_group(dbuff, da_stack, depth, cursor, encode_ctx);
+
 	/*
 	 *	Catch errors early on.
 	 */
@@ -841,19 +847,11 @@ static ssize_t encode_extended(fr_dbuff_t *dbuff,
 	da = da_stack->da[my_depth];
 	fr_assert(vp->da == da);
 
-	if (fr_type_is_leaf(da->type)) {
+	if (da->type != FR_TYPE_STRUCT) {
 		slen = encode_value(&work_dbuff, da_stack, my_depth, cursor, encode_ctx);
 
-	} else if (da->type == FR_TYPE_STRUCT) {
-		slen = fr_struct_to_network(&work_dbuff, da_stack, my_depth, cursor, encode_ctx, encode_value, encode_child);
-
-	} else if (da->type == FR_TYPE_GROUP) {
-		slen = encode_group(&work_dbuff, da_stack, my_depth, cursor, encode_ctx);
-
 	} else {
-		fr_assert(da->type == FR_TYPE_TLV);
-
-		slen = encode_tlv(&work_dbuff, da_stack, my_depth, cursor, encode_ctx);
+		slen = fr_struct_to_network(&work_dbuff, da_stack, my_depth, cursor, encode_ctx, encode_value, encode_child);
 	}
 	if (slen <= 0) return slen;
 

diff --git a/src/tests/unit/protocols/radius/foreign.txt b/src/tests/unit/protocols/radius/foreign.txt
@@ -8,5 +8,14 @@ match f5 0a 04 00 02 04 00 00 08 40
 decode-pair -
 match Extended-Attribute-5 = { DHCPv4-Options = { Time-Offset = 2112 } }
 
+#
+#  So long 
+#
+encode-pair Vendor-Specific = { Nokia-SR = { ToServer-Dhcp-Options = { Time-Offset = 2112 } } }
+match 1a 0e 00 00 19 7f 66 08 02 04 00 00 08 40
+
+decode-pair -
+match Vendor-Specific = { Nokia-SR = { ToServer-Dhcp-Options = { Time-Offset = 2112 } } }
+
 count
-match 7
+match 11