README
¶
Radius
Documentation
Example
package main
import (
"fmt"
"github.com/Windscribe/radius"
)
type radiusService struct{}
func (p radiusService) RadiusHandle(request *radius.Packet) *radius.Packet {
// a pretty print of the request.
fmt.Printf("[Authenticate] %s\n", request.String())
npac := request.Reply()
switch request.Code {
case radius.AccessRequest:
// check username and password
if request.GetUsername() == "a" && request.GetPassword() == "a" {
npac.Code = radius.AccessAccept
// add Vendor-specific attribute - Vendor Cisco (code 9) Attribute h323-remote-address (code 23)
npac.AddVSA( radius.VSA{Vendor: 9, Type: 23, Value: []byte("10.20.30.40")} )
} else {
npac.Code = radius.AccessReject
npac.AddAVP( radius.AVP{Type: radius.ReplyMessage, Value: []byte("you dick!")} )
}
case radius.AccountingRequest:
// accounting start or end
npac.Code = radius.AccountingResponse
default:
npac.Code = radius.AccessAccept
}
return npac
}
func main() {
s := radius.NewServer(":1812", "secret", radiusService{})
// or you can convert it to a server that accept request
// from some host with different secret
// cls := radius.NewClientList([]radius.Client{
// radius.NewClient("127.0.0.1", "secret1"),
// radius.NewClient("10.10.10.10", "secret2"),
// })
// s.WithClientList(cls)
signalChan := make(chan os.Signal, 1)
signal.Notify(signalChan, syscall.SIGINT, syscall.SIGTERM)
errChan := make(chan error)
go func() {
fmt.Println("waiting for packets...")
err := s.ListenAndServe()
if err != nil {
errChan <- err
}
}()
select {
case <-signalChan:
log.Println("stopping server...")
s.Stop()
case err := <-errChan:
log.Println("[ERR] %v", err.Error())
}
}
Reference
- EAP MS-CHAPv2 packet format http://tools.ietf.org/id/draft-kamath-pppext-eap-mschapv2-01.txt
- EAP MS-CHAPv2 https://tools.ietf.org/html/rfc2759
- RADIUS Access-Request part https://tools.ietf.org/html/rfc2865
- RADIUS Accounting-Request part https://tools.ietf.org/html/rfc2866
- RADIUS Support For Extensible Authentication Protocol https://tools.ietf.org/html/rfc3579
- RADIUS Implementation Issues and Suggested Fixes https://tools.ietf.org/html/rfc5080
Documentation
¶
Overview ¶
MPPE to support encryption with MSCHAPv2
Index ¶
- Constants
- Variables
- func ChallengeHash(PeerChallenge, AuthenticatorChallenge, username []byte) []byte
- func ChallengeResponse(challenge, passwordHash []byte) []byte
- func CheckResponseValidity(response, AuthenticatorChallenge, PeerChallenge []byte, username string, ...) bool
- func GenerateAuthenticatorResponse(PasswordHash, NTResponse, PeerChallenge, AuthenticatorChallenge []byte, ...) string
- func GenerateNTResponse(AuthenticatorChallenge, PeerChallenge []byte, username string, ...) []byte
- func Mmpev2(secret string, passHash []byte, reqAuth []byte, ntResponse []byte) ([]byte, []byte)
- func NTPassword(pass string) []byte
- func NextIdentifier() uint8
- func NtPasswordHash(password []byte) []byte
- func RandomBytes(n int) ([]byte, error)
- type AVP
- type AcctStatusTypeEnum
- type AcctTerminateCauseEnum
- type AttributeType
- type Client
- type ClientList
- type DefaultClient
- type EapCode
- type EapOpCode
- type EapPacket
- type EapType
- type LeveledLogger
- type MsCHapV2ResponsePacket
- type MsChapV2ChallengePacket
- type MsChapV2OpCode
- type MsChapV2Packet
- type MsChapV2SuccessPacket
- type NASPortTypeEnum
- type Packet
- func (p *Packet) AddAVP(avp AVP)
- func (p *Packet) AddVSA(vsa VSA)
- func (p *Packet) Copy() *Packet
- func (p *Packet) DeleteAVP(avp *AVP)
- func (p *Packet) DeleteOneType(attrType AttributeType)
- func (p *Packet) Encode() (b []byte, err error)
- func (p *Packet) GetAVP(attrType AttributeType) *AVP
- func (p *Packet) GetAcctSessionId() string
- func (p *Packet) GetAcctStatusType() AcctStatusTypeEnum
- func (p *Packet) GetAcctTotalInputOctets() uint64
- func (p *Packet) GetAcctTotalOutputOctets() uint64
- func (p *Packet) GetCalledStationId() string
- func (p *Packet) GetCallingStationId() string
- func (p *Packet) GetEAPMessage() *EapPacket
- func (p *Packet) GetFramedIPAddress() (ip net.IP)
- func (p *Packet) GetNASIdentifier() string
- func (p *Packet) GetNASPort() uint32
- func (p *Packet) GetNASPortId() string
- func (p *Packet) GetNasIpAddress() (ip net.IP)
- func (p *Packet) GetPassword() (password string)
- func (p *Packet) GetTerminateCause() string
- func (p *Packet) GetUsername() (username string)
- func (p *Packet) GetVSA(vendor uint32, attr uint8) *VSA
- func (p *Packet) HasAVP(attrType AttributeType) bool
- func (p *Packet) Reply() *Packet
- func (p *Packet) Send(c net.PacketConn, addr net.Addr) error
- func (p *Packet) SetAVP(avp AVP)
- func (p *Packet) String() string
- type PacketCode
- type Server
- type Service
- type ServiceTypeEnum
- type VSA
Constants ¶
View Source
const ( MSMPPEEncryptionPolicy = 7 MSMPPEEncryptionTypes = 8 MSCHAPMPPEKeys uint8 = 12 MSMPPESendKey uint8 = 16 MSMPPERecvKey uint8 = 17 Microsoft uint32 = 311 )
View Source
const ACCOUNTING_PORT = 1813
View Source
const AUTH_PORT = 1812
Variables ¶
View Source
var ErrMessageAuthenticatorCheckFail = fmt.Errorf("RADIUS Response-Authenticator verification failed")
View Source
var PeerMSK map[uint8]map[string][]byte
PeerMSK stores the password and ntResponse of a successful challenge response for generating the MSK upon AccessAccept. The key is the EAP Identifier field
View Source
var SHSpad1 = []byte{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
}
Pads used in key derivation
View Source
var SHSpad2 = []byte{
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
}
View Source
var ServerChallenges map[uint8][]byte
ServerChallenges stores the challenges sent to peers. The key is the EAP Identifier field
Functions ¶
func ChallengeHash ¶
ChallengeHash (
IN 16-octet PeerChallenge,
IN 16-octet AuthenticatorChallenge,
IN 0-to-256-char UserName,
OUT 8-octet Challenge
{
/*
* SHAInit(), SHAUpdate() and SHAFinal() functions are an
* implementation of Secure Hash Algorithm (SHA-1) [11]. These are
* available in public domain or can be licensed from
* RSA Data Security, Inc.
*/
SHAInit(Context)
SHAUpdate(Context, PeerChallenge, 16)
SHAUpdate(Context, AuthenticatorChallenge, 16)
/*
* Only the user name (as presented by the peer and
* excluding any prepended domain name)
* is used as input to SHAUpdate().
*/
SHAUpdate(Context, UserName, strlen(Username))
SHAFinal(Context, Digest)
memcpy(Challenge, Digest, 8)
}
func ChallengeResponse ¶
ChallengeResponse (
IN 8-octet Challenge,
IN 16-octet PasswordHash,
OUT 24-octet Response )
{
Set ZPasswordHash to PasswordHash zero-padded to 21 octets
DesEncrypt( Challenge,
1st 7-octets of ZPasswordHash,
giving 1st 8-octets of Response )
DesEncrypt( Challenge,
2nd 7-octets of ZPasswordHash,
giving 2nd 8-octets of Response )
DesEncrypt( Challenge,
3rd 7-octets of ZPasswordHash,
giving 3rd 8-octets of Response )
}
func CheckResponseValidity ¶
func CheckResponseValidity(response, AuthenticatorChallenge, PeerChallenge []byte, username string, password []byte) bool
CheckResponseValidity returns true is the resonse is valid, false if its not
func GenerateAuthenticatorResponse ¶
func GenerateAuthenticatorResponse(PasswordHash, NTResponse, PeerChallenge, AuthenticatorChallenge []byte, username string) string
GenerateAuthenticatorResponse (
IN 0-to-256-unicode-char Password,
IN 24-octet NT-Response,
IN 16-octet PeerChallenge,
IN 16-octet AuthenticatorChallenge,
IN 0-to-256-char UserName,
OUT 42-octet AuthenticatorResponse )
{
16-octet PasswordHash
16-octet PasswordHashHash
8-octet Challenge
/*
* "Magic" constants used in response generation
*/
Magic1[39] =
{0x4D, 0x61, 0x67, 0x69, 0x63, 0x20, 0x73, 0x65, 0x72, 0x76,
0x65, 0x72, 0x20, 0x74, 0x6F, 0x20, 0x63, 0x6C, 0x69, 0x65,
0x6E, 0x74, 0x20, 0x73, 0x69, 0x67, 0x6E, 0x69, 0x6E, 0x67,
0x20, 0x63, 0x6F, 0x6E, 0x73, 0x74, 0x61, 0x6E, 0x74};
Magic2[41] =
{0x50, 0x61, 0x64, 0x20, 0x74, 0x6F, 0x20, 0x6D, 0x61, 0x6B,
0x65, 0x20, 0x69, 0x74, 0x20, 0x64, 0x6F, 0x20, 0x6D, 0x6F,
0x72, 0x65, 0x20, 0x74, 0x68, 0x61, 0x6E, 0x20, 0x6F, 0x6E,
0x65, 0x20, 0x69, 0x74, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6F,
0x6E};
/*
* Hash the password with MD4
*/
NtPasswordHash( Password, giving PasswordHash )
/*
* Now hash the hash
*/
HashNtPasswordHash( PasswordHash, giving PasswordHashHash)
SHAInit(Context)
SHAUpdate(Context, PasswordHashHash, 16)
SHAUpdate(Context, NTResponse, 24)
SHAUpdate(Context, Magic1, 39)
SHAFinal(Context, Digest)
ChallengeHash( PeerChallenge, AuthenticatorChallenge, UserName,
giving Challenge)
SHAInit(Context)
SHAUpdate(Context, Digest, 20)
SHAUpdate(Context, Challenge, 8)
SHAUpdate(Context, Magic2, 41)
SHAFinal(Context, Digest)
/*
* Encode the value of 'Digest' as "S=" followed by
* 40 ASCII hexadecimal digits and return it in
* AuthenticatorResponse.
* For example,
* "S=0123456789ABCDEF0123456789ABCDEF01234567"
*/
}
func GenerateNTResponse ¶
func GenerateNTResponse(AuthenticatorChallenge, PeerChallenge []byte, username string, passwordHash []byte) []byte
GenerateNTResponse (
IN 16-octet AuthenticatorChallenge,
IN 16-octet PeerChallenge,
IN 0-to-256-char UserName,
IN 0-to-256-unicode-char Password,
OUT 24-octet Response )
{
8-octet Challenge
16-octet PasswordHash
ChallengeHash( PeerChallenge, AuthenticatorChallenge, UserName,
giving Challenge)
NtPasswordHash( Password, giving PasswordHash )
ChallengeResponse( Challenge, PasswordHash, giving Response )
}
func NextIdentifier ¶
func NextIdentifier() uint8
func NtPasswordHash ¶
NtPasswordHash (
IN 0-to-256-unicode-char Password,
OUT 16-octet PasswordHash )
{
/*
* Use the MD4 algorithm [5] to irreversibly hash Password
* into PasswordHash. Only the password is hashed without
* including any terminating 0.
*/
}
func RandomBytes ¶
Types ¶
type AcctStatusTypeEnum ¶
type AcctStatusTypeEnum uint32
const ( AcctStatusTypeEnumStart AcctStatusTypeEnum = 1 AcctStatusTypeEnumStop AcctStatusTypeEnum = 2 AcctStatusTypeEnumInterimUpdate AcctStatusTypeEnum = 3 AcctStatusTypeEnumAccountingOn AcctStatusTypeEnum = 7 AcctStatusTypeEnumAccountingOff AcctStatusTypeEnum = 8 )
func (AcctStatusTypeEnum) String ¶
func (e AcctStatusTypeEnum) String() string
type AcctTerminateCauseEnum ¶
type AcctTerminateCauseEnum uint32
const ( AcctTerminateCauseEnumUserRequest AcctTerminateCauseEnum = 1 AcctTerminateCauseEnumLostCarrier AcctTerminateCauseEnum = 2 AcctTerminateCauseEnumLostService AcctTerminateCauseEnum = 3 AcctTerminateCauseEnumIdleTimeout AcctTerminateCauseEnum = 4 AcctTerminateCauseEnumSessionTimout AcctTerminateCauseEnum = 5 AcctTerminateCauseEnumAdminReset AcctTerminateCauseEnum = 6 AcctTerminateCauseEnumAdminReboot AcctTerminateCauseEnum = 7 AcctTerminateCauseEnumPortError AcctTerminateCauseEnum = 8 AcctTerminateCauseEnumNASError AcctTerminateCauseEnum = 9 AcctTerminateCauseEnumNASRequest AcctTerminateCauseEnum = 10 AcctTerminateCauseEnumNASReboot AcctTerminateCauseEnum = 11 AcctTerminateCauseEnumPortUnneeded AcctTerminateCauseEnum = 12 AcctTerminateCauseEnumPortPreempted AcctTerminateCauseEnum = 13 AcctTerminateCauseEnumPortSuspended AcctTerminateCauseEnum = 14 AcctTerminateCauseEnumCallbkack AcctTerminateCauseEnum = 16 AcctTerminateCauseEnumUserError AcctTerminateCauseEnum = 17 AcctTerminateCauseEnumHostRequest AcctTerminateCauseEnum = 18 )
func (AcctTerminateCauseEnum) String ¶
func (e AcctTerminateCauseEnum) String() string
type AttributeType ¶
type AttributeType uint8
const ( UserName AttributeType = iota //1 UserPassword AttributeType = iota //2 CHAPPassword AttributeType = iota //3 NASIPAddress AttributeType = iota //4 NASPort AttributeType = iota //5 ServiceType AttributeType = iota //6 FramedProtocol AttributeType = iota //7 FramedIPAddress AttributeType = iota //8 FramedIPNetmask AttributeType = iota //9 FramedRouting AttributeType = iota //10 FilterId AttributeType = iota //11 FramedMTU AttributeType = iota //12 FramedCompression AttributeType = iota //13 LoginIPHost AttributeType = iota //14 LoginService AttributeType = iota //15 LoginTCPPort AttributeType = iota //16 ReplyMessage AttributeType = iota //18 CallbackNumber AttributeType = iota //19 CallbackId AttributeType = iota //20 FramedRoute AttributeType = iota //22 FramedIPXNetwork AttributeType = iota //23 State AttributeType = iota //24 Class AttributeType = iota //25 VendorSpecific AttributeType = iota SessionTimeout AttributeType = iota IdleTimeout AttributeType = iota TerminationAction AttributeType = iota CalledStationId AttributeType = iota CallingStationId AttributeType = iota NASIdentifier AttributeType = iota ProxyState AttributeType = iota LoginLATService AttributeType = iota LoginLATNode AttributeType = iota LoginLATGroup AttributeType = iota FramedAppleTalkLink AttributeType = iota FramedAppleTalkNetwork AttributeType = iota FramedAppleTalkZone AttributeType = iota AcctStatusType AttributeType = iota AcctDelayTime AttributeType = iota AcctInputOctets AttributeType = iota AcctOutputOctets AttributeType = iota AcctSessionId AttributeType = iota AcctAuthentic AttributeType = iota AcctSessionTime AttributeType = iota AcctInputPackets AttributeType = iota AcctOutputPackets AttributeType = iota AcctTerminateCause AttributeType = iota AcctMultiSessionId AttributeType = iota AcctLinkCount AttributeType = iota AcctInputGigawords AttributeType = iota //52 AcctOutputGigawords AttributeType = iota Unassigned1 AttributeType = iota EventTimestamp AttributeType = iota EgressVLANID AttributeType = iota IngressFilters AttributeType = iota EgressVLANName AttributeType = iota UserPriorityTable AttributeType = iota //59 CHAPChallenge AttributeType = 60 NASPortType AttributeType = 61 PortLimit AttributeType = 62 LoginLATPort AttributeType = 63 //end rfc2865 rfc 2866 TunnelType AttributeType = iota TunnelMediumType AttributeType = iota TunnelClientEndpoint AttributeType = iota TunnelServerEndpoint AttributeType = iota AcctTunnelConnection AttributeType = iota TunnelPassword AttributeType = iota ARAPPassword AttributeType = iota ARAPFeatures AttributeType = iota ARAPZoneAccess AttributeType = iota ARAPSecurity AttributeType = iota ARAPSecurityData AttributeType = iota PasswordRetry AttributeType = iota Prompt AttributeType = iota ConnectInfo AttributeType = iota ConfigurationToken AttributeType = iota EAPMessage AttributeType = iota MessageAuthenticator AttributeType = iota TunnelPrivateGroupID AttributeType = iota TunnelAssignmentID AttributeType = iota TunnelPreference AttributeType = iota ARAPChallengeResponse AttributeType = iota AcctInterimInterval AttributeType = iota AcctTunnelPacketsLost AttributeType = iota NASPortId AttributeType = iota FramedPool AttributeType = iota CUI AttributeType = iota TunnelClientAuthID AttributeType = iota TunnelServerAuthID AttributeType = iota NASFilterRule AttributeType = iota Unassigned AttributeType = iota OriginatingLineInfo AttributeType = iota NASIPv6Address AttributeType = iota FramedInterfaceId AttributeType = iota FramedIPv6Prefix AttributeType = iota LoginIPv6Host AttributeType = iota FramedIPv6Route AttributeType = iota FramedIPv6Pool AttributeType = iota ErrorCause AttributeType = iota EAPKeyName AttributeType = iota DigestResponse AttributeType = iota DigestRealm AttributeType = iota DigestNonce AttributeType = iota DigestResponseAuth AttributeType = iota DigestNextnonce AttributeType = iota DigestMethod AttributeType = iota DigestURI AttributeType = iota DigestQop AttributeType = iota DigestAlgorithm AttributeType = iota DigestEntityBodyHash AttributeType = iota DigestCNonce AttributeType = iota DigestNonceCount AttributeType = iota DigestUsername AttributeType = iota DigestOpaque AttributeType = iota DigestAuthParam AttributeType = iota DigestAKAAuts AttributeType = iota DigestDomain AttributeType = iota DigestStale AttributeType = iota DigestHA1 AttributeType = iota SIPAOR AttributeType = iota DelegatedIPv6Prefix AttributeType = iota MIP6FeatureVector AttributeType = iota MIP6HomeLinkPrefix AttributeType = iota OperatorName AttributeType = iota LocationInformation AttributeType = iota LocationData AttributeType = iota BasicLocationPolicyRules AttributeType = iota ExtendedLocationPolicyRules AttributeType = iota LocationCapable AttributeType = iota RequestedLocationInfo AttributeType = iota FramedManagementProtocol AttributeType = iota ManagementTransportProtectio AttributeType = iota ManagementPolicyId AttributeType = iota ManagementPrivilegeLevel AttributeType = iota PKMSSCert AttributeType = iota PKMCACert AttributeType = iota PKMConfigSettings AttributeType = iota PKMCryptosuiteList AttributeType = iota PKMSAID AttributeType = iota PKMSADescriptor AttributeType = iota PKMAuthKey AttributeType = iota DSLiteTunnelName AttributeType = iota MobileNodeIdentifier AttributeType = iota ServiceSelection AttributeType = iota PMIP6HomeLMAIPv6Address AttributeType = iota PMIP6VisitedLMAIPv6Address AttributeType = iota PMIP6HomeLMAIPv4Address AttributeType = iota PMIP6VisitedLMAIPv4Address AttributeType = iota PMIP6HomeHNPrefix AttributeType = iota PMIP6VisitedHNPrefix AttributeType = iota PMIP6HomeInterfaceID AttributeType = iota PMIP6VisitedInterfaceID AttributeType = iota PMIP6HomeIPv4HoA AttributeType = iota PMIP6VisitedIPv4HoA AttributeType = iota PMIP6HomeDHCP4ServerAddress AttributeType = iota PMIP6VisitedDHCP4ServerAddre AttributeType = iota PMIP6HomeDHCP6ServerAddress AttributeType = iota PMIP6VisitedDHCP6ServerAddre AttributeType = iota UnassignedStart AttributeType = 161 UnassignedEnd AttributeType = 191 ExperimentalStart AttributeType = 192 ExperimentalEnd AttributeType = 223 ImplementationSpecificStart AttributeType = 224 ImplementationSpecificEnd AttributeType = 240 ReservedStart AttributeType = 241 ReservedEnd AttributeType = 254 )
func (AttributeType) String ¶
func (a AttributeType) String() string
type Client ¶
type Client interface {
// GetHost get the client host
GetHost() string
// GetSecret get shared secret
GetSecret() string
}
Client represent a client to connect to radius server
type ClientList ¶
ClientList are list of client allowed to communicate with server
func NewClientList ¶
func NewClientList(cs []Client) *ClientList
func (*ClientList) AddOrUpdate ¶
func (cls *ClientList) AddOrUpdate(cl Client)
Add new client or reset existing client based on host
func (*ClientList) Get ¶
func (cls *ClientList) Get(host string) Client
Get client from list of clients based on host
func (*ClientList) GetHerd ¶
func (cls *ClientList) GetHerd() []Client
func (*ClientList) SetHerd ¶
func (cls *ClientList) SetHerd(herd []Client)
SetHerd reset/initialize the herd of clients
type DefaultClient ¶
DefaultClient is default client implementation
func (*DefaultClient) GetHost ¶
func (cl *DefaultClient) GetHost() string
GetHost get the client host
func (*DefaultClient) GetSecret ¶
func (cl *DefaultClient) GetSecret() string
GetSecret get shared secret
type EapPacket ¶
type EapPacket struct {
Code EapCode
Identifier uint8
Type EapType
Data []byte
OpCode MsChapV2OpCode
}
func (*EapPacket) DecodeMsChapV2 ¶
func (a *EapPacket) DecodeMsChapV2() (*MsChapV2Packet, error)
type EapType ¶
type EapType uint8
const ( EapTypeIdentity EapType = 1 EapTypeNotification EapType = 2 EapTypeNak EapType = 3 //Response only EapTypeMd5Challenge EapType = 4 EapTypeOneTimePassword EapType = 5 //otp EapTypeGenericTokenCard EapType = 6 //gtc EapTypeMSCHAPV2 EapType = 26 EapTypeExpandedTypes EapType = 254 EapTypeExperimentalUse EapType = 255 )
type LeveledLogger ¶
type LeveledLogger interface {
Debugf(format string, a ...interface{})
Errf(format string, a ...interface{})
}
var Logger LeveledLogger
type MsCHapV2ResponsePacket ¶
type MsCHapV2ResponsePacket struct {
PeerChallenge []byte // 16 bytes
NTResponse []byte // 24 bytes
}
MsCHapV2ResponsePacket is received as a response to the Challenge packet
func DecodeMsChapV2Response ¶
func DecodeMsChapV2Response(data []byte) MsCHapV2ResponsePacket
DecodeMsChapV2Response parses the EAP Message data for the peer-challenge and ntresponse
type MsChapV2ChallengePacket ¶
MsChapV2ChallengePacket is sent after the Identity Request
func (*MsChapV2ChallengePacket) Encode ¶
func (c *MsChapV2ChallengePacket) Encode() []byte
func (*MsChapV2ChallengePacket) GenerateChallenge ¶
func (c *MsChapV2ChallengePacket) GenerateChallenge(nasID string) uint8
type MsChapV2OpCode ¶
type MsChapV2OpCode uint8
const ( MsChapV2OpCodeChallenge MsChapV2OpCode = 1 MsChapV2OpCodeResponse MsChapV2OpCode = 2 MsChapV2OpCodeSuccess MsChapV2OpCode = 3 MsChapV2OpCodeFailure MsChapV2OpCode = 4 MsChapV2OpCodeChangePassword MsChapV2OpCode = 7 )
func (MsChapV2OpCode) String ¶
func (c MsChapV2OpCode) String() string
type MsChapV2Packet ¶
type MsChapV2Packet struct {
Eap *EapPacket
OpCode MsChapV2OpCode
Data []byte
}
func MsChapV2PacketFromEap ¶
func MsChapV2PacketFromEap(eap *EapPacket) (p *MsChapV2Packet, err error)
func (*MsChapV2Packet) Encode ¶
func (p *MsChapV2Packet) Encode() (b []byte)
func (*MsChapV2Packet) String ¶
func (p *MsChapV2Packet) String() string
type MsChapV2SuccessPacket ¶
type MsChapV2SuccessPacket struct {
Eap *EapPacket
OpCode MsChapV2OpCode
Identifier uint8
Data []byte
}
func (*MsChapV2SuccessPacket) Encode ¶
func (p *MsChapV2SuccessPacket) Encode() (b []byte)
type NASPortTypeEnum ¶
type NASPortTypeEnum uint32
const ( NASPortTypeEnumAsync NASPortTypeEnum = 0 NASPortTypeEnumSync NASPortTypeEnum = 1 NASPortTypeEnumISDNSync NASPortTypeEnum = 2 NASPortTypeEnumISDNSyncV120 NASPortTypeEnum = 3 NASPortTypeEnumISDNSyncV110 NASPortTypeEnum = 4 NASPortTypeEnumVirtual NASPortTypeEnum = 5 NASPortTypeEnumPIAFS NASPortTypeEnum = 6 NASPortTypeEnumHDLCClearChannel NASPortTypeEnum = 7 NASPortTypeEnumEthernet NASPortTypeEnum = 15 NASPortTypeEnumCable NASPortTypeEnum = 17 )
TODO finish it
func (NASPortTypeEnum) String ¶
func (e NASPortTypeEnum) String() string
type Packet ¶
type Packet struct {
Secret string
Code PacketCode
Identifier uint8
Authenticator [16]byte
AVPs []AVP
ClientAddr string
}
func (*Packet) DeleteOneType ¶
func (p *Packet) DeleteOneType(attrType AttributeType)
delete all avps with this type
func (*Packet) GetAcctSessionId ¶
func (*Packet) GetAcctStatusType ¶
func (p *Packet) GetAcctStatusType() AcctStatusTypeEnum
func (*Packet) GetAcctTotalInputOctets ¶
func (*Packet) GetAcctTotalOutputOctets ¶
func (*Packet) GetCalledStationId ¶
func (*Packet) GetCallingStationId ¶
func (*Packet) GetEAPMessage ¶
func (*Packet) GetFramedIPAddress ¶
func (*Packet) GetNASIdentifier ¶
func (*Packet) GetNASPortId ¶
func (*Packet) GetNasIpAddress ¶
func (*Packet) GetPassword ¶
func (*Packet) GetTerminateCause ¶
func (*Packet) GetUsername ¶
func (*Packet) HasAVP ¶
func (p *Packet) HasAVP(attrType AttributeType) bool
type PacketCode ¶
type PacketCode uint8
const ( AccessRequest PacketCode = 1 AccessAccept PacketCode = 2 AccessReject PacketCode = 3 AccountingRequest PacketCode = 4 AccountingResponse PacketCode = 5 AccessChallenge PacketCode = 11 StatusServer PacketCode = 12 //(experimental) StatusClient PacketCode = 13 //(experimental) DisconnectRequest PacketCode = 40 DisconnectAccept PacketCode = 41 DisconnectReject PacketCode = 42 CoARequest PacketCode = 43 CoAAccept PacketCode = 44 CoaReject PacketCode = 45 Reserved PacketCode = 255 )
func (PacketCode) String ¶
func (p PacketCode) String() string
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
func (*Server) ListenAndServe ¶
ListenAndServe listen on the UDP network address
func (*Server) WithClientList ¶
func (s *Server) WithClientList(cl *ClientList)
WithClientList set a list of clients that have it's own secret
type ServiceTypeEnum ¶
type ServiceTypeEnum uint32
const ( ServiceTypeEnumLogin ServiceTypeEnum = 1 ServiceTypeEnumFramed ServiceTypeEnum = 2 ServiceTypeEnumCallbackLogin ServiceTypeEnum = 3 ServiceTypeEnumCallbackFramed ServiceTypeEnum = 4 ServiceTypeEnumOutbound ServiceTypeEnum = 5 )
TODO finish it
func (ServiceTypeEnum) String ¶
func (e ServiceTypeEnum) String() string
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.