RADIUS: Sync with FreeRADIUS Master

commit 30dac6d3dc87aaaa9c29ecdb33874fa57c2bcbc6 Author: Alan T. DeKok <aland@freeradius.org> Date: Tue Nov 25 16:45:45 2014 -0500 as found on the net commit ee79c59d3a1cae76fcb1940710d9a0f7fbdf8427 Author: Arran Cudbard-Bell <a.cudbardb@freeradius.org> Date: Thu Nov 13 17:39:46 2014 -0500 Add memcached rlm_cache_driver commit 6277960bc830891123b00400af56912e51d4d311 Author: Alan T. DeKok <aland@freeradius.org> Date: Tue Oct 28 17:01:49 2014 -0400 Add FreeRADIUS-Response-Delay-USec Change-Id: I705d0e852d38eaace4f71cfc0a38ecdd41c0b58f Reviewed-on: https://code.wireshark.org/review/5510 Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
author: Alexis La Goutte <alexis.lagoutte@gmail.com> 2014-11-26 20:08:07 +0100
committer: Anders Broman <a.broman58@gmail.com> 2014-11-28 04:43:17 +0000
commit: 3f8576157be83d746cc200991f6fc5149833e8ce (patch)
tree: 423e4ab9cce2a3ac66b614d2c029965b90282f50 /radius
parent: 8839d7b4526656a04ef563651bbd03ac001c3a66 (diff)
4 files changed, 340 insertions, 60 deletions
diff --git a/radius/dictionary b/radius/dictionary
index 8c81daa8e3..bdfc179471 100644
--- a/radius/dictionary
+++ b/radius/dictionary
@@ -143,6 +143,7 @@ $INCLUDE dictionary.alcatel-lucent.aaa
 $INCLUDE dictionary.alteon
 $INCLUDE dictionary.alvarion
 $INCLUDE dictionary.apc
+$INCLUDE dictionary.arbor
 $INCLUDE dictionary.aruba
 $INCLUDE dictionary.azaire
 $INCLUDE dictionary.ascend
@@ -210,6 +211,7 @@ $INCLUDE dictionary.livingston
 $INCLUDE dictionary.localweb
 $INCLUDE dictionary.lucent
 $INCLUDE dictionary.manzara
+$INCLUDE dictionary.meinberg
 $INCLUDE dictionary.merit
 $INCLUDE dictionary.meru
 $INCLUDE dictionary.microsoft
diff --git a/radius/dictionary.arbor b/radius/dictionary.arbor
new file mode 100644
index 0000000000..91dce9f662
--- /dev/null
+++ b/radius/dictionary.arbor
@@ -0,0 +1,19 @@
+# -*- text -*-
+# Copyright (C) 2014 The FreeRADIUS Server project and contributors
+##############################################################################
+#
+#	Arbor networks.
+#
+#	$Id: 97ed3c7cb058ef82af27ca701fc52fad0b452086 $
+#
+##############################################################################
+
+VENDOR		Arbor				9694
+
+BEGIN-VENDOR	Arbor
+
+# Arbor-Privilege-Level = "sytem_admin or system_analyst or system_user"
+
+ATTRIBUTE	Arbor-Privilege-Level			1	string
+
+END-VENDOR Arbor
diff --git a/radius/dictionary.freeradius.internal b/radius/dictionary.freeradius.internal
index 933bfeede3..d75e9d6974 100644
--- a/radius/dictionary.freeradius.internal
+++ b/radius/dictionary.freeradius.internal
@@ -1,8 +1,9 @@
 # -*- text -*-
+# Copyright (C) 2011 The FreeRADIUS Server project and contributors
 #
 #	Non Protocol Attributes used by FreeRADIUS
 #
-#	$Id$
+#	$Id: b830d56623fc3aad78122fa6af04ce66416123b6 $
 #
 
 #	The attributes number ranges are allocates as follows:
@@ -12,6 +13,7 @@
 
 # 	These attributes CAN go in the reply item list.
 ATTRIBUTE	Fall-Through				500	integer
+ATTRIBUTE	Relax-Filter				501	integer
 ATTRIBUTE	Exec-Program				502	string
 ATTRIBUTE	Exec-Program-Wait			503	string
 
@@ -56,10 +58,9 @@ ATTRIBUTE	EAP-Type				1018	integer
 ATTRIBUTE	EAP-TLS-Require-Client-Cert		1019	integer
 ATTRIBUTE	EAP-Id					1020	integer
 ATTRIBUTE	EAP-Code				1021	integer
-# Attribute 1022 unused, was EAP-MD5-Password, which was
-# used only be radeapclient.  It's been replaced by Cleartext-Password
+ATTRIBUTE	EAP-MD5-Password			1022	string
 ATTRIBUTE	PEAP-Version				1023	integer
-ATTRIBUTE	Client-Shortname			1024	string
+ATTRIBUTE	Client-Shortname			1024	string virtual
 ATTRIBUTE	Load-Balance-Key			1025	string
 ATTRIBUTE	Raw-Attribute				1026	octets
 ATTRIBUTE	TNC-VLAN-Access				1027	string
@@ -76,12 +77,12 @@ ATTRIBUTE	Stripped-User-Name			1043	string
 ATTRIBUTE	Current-Time				1044	string
 ATTRIBUTE	Realm					1045	string
 ATTRIBUTE	No-Such-Attribute			1046	string
-ATTRIBUTE	Packet-Type				1047	integer
+ATTRIBUTE	Packet-Type				1047	integer virtual
 ATTRIBUTE	Proxy-To-Realm				1048	string
 ATTRIBUTE	Replicate-To-Realm			1049	string
 ATTRIBUTE	Acct-Session-Start-Time			1050	date
 ATTRIBUTE	Acct-Unique-Session-Id			1051	string
-ATTRIBUTE	Client-IP-Address			1052	ipaddr
+ATTRIBUTE	Client-IP-Address			1052	ipaddr virtual
 ATTRIBUTE	Ldap-UserDn				1053	string
 ATTRIBUTE	NS-MTA-MD5-Password			1054	string
 ATTRIBUTE	SQL-User-Name				1055	string
@@ -107,33 +108,31 @@ ATTRIBUTE	Module-Failure-Message			1076	string
 #		X99-Fast		1077	integer
 ATTRIBUTE	Rewrite-Rule				1078	string
 ATTRIBUTE	Sql-Group				1079	string
-ATTRIBUTE	Response-Packet-Type			1080	integer
+ATTRIBUTE	Response-Packet-Type			1080	integer virtual
 ATTRIBUTE	Digest-HA1				1081	string
 ATTRIBUTE	MS-CHAP-Use-NTLM-Auth			1082	integer
 ATTRIBUTE	NTLM-User-Name				1083	string
 ATTRIBUTE	MS-CHAP-User-Name			1083	string
-ATTRIBUTE	Packet-Src-IP-Address			1084	ipaddr
-ATTRIBUTE	Packet-Dst-IP-Address			1085	ipaddr
-ATTRIBUTE	Packet-Src-Port				1086	integer
-ATTRIBUTE	Packet-Dst-Port				1087	integer
-ATTRIBUTE	Packet-Authentication-Vector		1088	octets
+ATTRIBUTE	Packet-Src-IP-Address			1084	ipaddr virtual
+ATTRIBUTE	Packet-Dst-IP-Address			1085	ipaddr virtual
+ATTRIBUTE	Packet-Src-Port				1086	integer virtual
+ATTRIBUTE	Packet-Dst-Port				1087	integer virtual
+ATTRIBUTE	Packet-Authentication-Vector		1088	octets virtual
 ATTRIBUTE	Time-Of-Day				1089	string
-ATTRIBUTE	Request-Processing-Stage		1090	string
-ATTRIBUTE	Cache-No-Caching			1091	string
-ATTRIBUTE	Cache-Delete-Cache			1092	string
+ATTRIBUTE	Request-Processing-Stage		1090	string virtual
+ATTRIBUTE	SHA2-Password				1092	octets
 ATTRIBUTE	SHA-Password				1093	octets
 ATTRIBUTE	SSHA-Password				1094	octets
 ATTRIBUTE	SHA1-Password				1093	octets
 ATTRIBUTE	SSHA1-Password				1094	octets
 ATTRIBUTE	MD5-Password				1095	octets
 ATTRIBUTE	SMD5-Password				1096	octets
-ATTRIBUTE	Packet-Src-IPv6-Address			1097	ipv6addr
-ATTRIBUTE	Packet-Dst-IPv6-Address			1098	ipv6addr
-ATTRIBUTE	Virtual-Server				1099	string
+ATTRIBUTE	Packet-Src-IPv6-Address			1097	ipv6addr virtual
+ATTRIBUTE	Packet-Dst-IPv6-Address			1098	ipv6addr virtual
+ATTRIBUTE	Virtual-Server				1099	string virtual
 ATTRIBUTE	Cleartext-Password			1100	string
 ATTRIBUTE	Password-With-Header			1101	string
 ATTRIBUTE	Inner-Tunnel-User-Name			1102	string
-
 #
 #	EAP-IKEv2 is experimental.
 #
@@ -162,7 +161,7 @@ ATTRIBUTE	Send-CoA-Request			1107	integer
 VALUE	Send-CoA-Request		No			0
 VALUE	Send-CoA-Request		Yes			1
 
-ATTRIBUTE	Module-Return-Code			1108	integer
+ATTRIBUTE	Module-Return-Code			1108	integer virtual
 
 VALUE	Module-Return-Code		reject			0
 VALUE	Module-Return-Code		fail			1
@@ -180,6 +179,8 @@ ATTRIBUTE	Home-Server-Pool			1111	string
 
 ATTRIBUTE	FreeRADIUS-Client-IP-Address		1120	ipaddr
 ATTRIBUTE	FreeRADIUS-Client-IPv6-Address		1121	ipv6addr
+# The rest of the FreeRADIUS-Client-* attributes are at 1150...
+
 ATTRIBUTE	FreeRADIUS-Client-Require-MA		1122	integer
 
 VALUE	FreeRADIUS-Client-Require-MA	no			0
@@ -216,6 +217,69 @@ ATTRIBUTE	Send-CoA-Type				1132	integer
 ATTRIBUTE	MS-CHAP-Password			1133	string
 ATTRIBUTE	Packet-Transmit-Counter			1134	integer
 ATTRIBUTE	Cached-Session-Policy			1135	string
+ATTRIBUTE	MS-CHAP-New-Cleartext-Password		1136	string
+ATTRIBUTE	MS-CHAP-New-NT-Password			1137	octets
+
+#	For default policies
+
+ATTRIBUTE	Stripped-User-Domain			1138	string
+ATTRIBUTE	Called-Station-SSID			1139	string
+
+VALUE	Cache-Status-Only		no			0
+VALUE	Cache-Status-Only		yes			1
+
+VALUE	Cache-Merge			no			0
+VALUE	Cache-Merge			yes			1
+
+VALUE	Cache-Read-Only			no			0
+VALUE	Cache-Read-Only			yes			1
+
+ATTRIBUTE	OTP-Challenge				1145	string
+ATTRIBUTE	EAP-Session-Id				1146	octets
+ATTRIBUTE	Chbind-Response-Code			1147	integer
+
+ATTRIBUTE	Chbind-Response-Code			1147	integer
+
+VALUE	Chbind-Response-Code		success			2
+VALUE	Chbind-Response-Code		failure			3
+
+#
+#  Server-side "listen type = foo"
+#
+ATTRIBUTE	Listen-Socket-Type			1147	integer
+
+VALUE	Listen-Socket-Type		none			0
+VALUE	Listen-Socket-Type		status			0
+VALUE	Listen-Socket-Type		proxy			1
+VALUE	Listen-Socket-Type		auth			2
+VALUE	Listen-Socket-Type		auth+acct		2
+VALUE	Listen-Socket-Type		acct			3
+VALUE	Listen-Socket-Type		detail			4
+VALUE	Listen-Socket-Type		vmps			5
+VALUE	Listen-Socket-Type		dhcp			6
+VALUE	Listen-Socket-Type		control			7
+VALUE	Listen-Socket-Type		coa			8
+
+ATTRIBUTE	Acct-Input-Octets64			1148	integer64
+ATTRIBUTE	Acct-Output-Octets64			1149	integer64
+
+ATTRIBUTE	FreeRADIUS-Client-IP-Prefix		1150	ipv4prefix
+ATTRIBUTE	FreeRADIUS-Client-IPv6-Prefix		1151	ipv6prefix
+ATTRIBUTE	FreeRADIUS-Response-Delay		1152	integer
+ATTRIBUTE	FreeRADIUS-Client-Src-IP-Address	1153	ipaddr
+ATTRIBUTE	FreeRADIUS-Client-Src-IPv6-Address	1154	ipv6addr
+ATTRIBUTE	FreeRADIUS-Response-Delay-USec		1155	integer
+
+ATTRIBUTE	REST-HTTP-Header			1160	string
+ATTRIBUTE	REST-HTTP-Body				1161	string
+
+ATTRIBUTE	Cache-Expires				1170	date
+ATTRIBUTE	Cache-Created				1171	date
+ATTRIBUTE	Cache-TTL				1172	signed
+ATTRIBUTE	Cache-Status-Only			1173	integer
+ATTRIBUTE	Cache-Merge				1174	integer
+ATTRIBUTE	Cache-Entry-Hits			1175	integer
+ATTRIBUTE	Cache-Read-Only				1176	integer
 
 #
 #	Range:	1200-1279
@@ -246,28 +310,80 @@ ATTRIBUTE	EAP-Sim-HMAC				1209	string
 ATTRIBUTE	EAP-Sim-KEY				1210	octets
 ATTRIBUTE	EAP-Sim-EXTRA				1211	octets
 
-ATTRIBUTE	EAP-Sim-KC1				1212	octets
-ATTRIBUTE	EAP-Sim-KC2				1213	octets
-ATTRIBUTE	EAP-Sim-KC3				1214	octets
+ATTRIBUTE	EAP-Sim-Kc1				1212	octets
+ATTRIBUTE	EAP-Sim-Kc2				1213	octets
+ATTRIBUTE	EAP-Sim-Kc3				1214	octets
+
+ATTRIBUTE	EAP-Sim-Ki				1215	octets
+ATTRIBUTE	EAP-Sim-Algo-Version			1216	integer
 
 #
 #	Range:	1280 - 1535
 #		EAP-type specific attributes
 #
-
-# these are PW_EAP_X  + 1280
-ATTRIBUTE	EAP-Type-Identity			1281	string
-ATTRIBUTE	EAP-Type-Notification			1282	string
-ATTRIBUTE	EAP-Type-NAK				1283	string
-ATTRIBUTE	EAP-Type-MD5				1284	octets
-ATTRIBUTE	EAP-Type-OTP				1285	string
-ATTRIBUTE	EAP-Type-GTC				1286	string
-ATTRIBUTE	EAP-Type-TLS				1297	octets
+#		These are used mostly for radeapclient, and aren't
+#		that useful for anyone else.
+#
+#  egrep VALUE dictionary.freeradius.internal  | grep EAP-Type | awk '{print "ATTRIBUTE EAP-Type-" $3 " " 1280+$4 " octets"}' > foo;./format.pl foo
+#
+ATTRIBUTE	EAP-Type-Base				1280	octets
+ATTRIBUTE	EAP-Type-VALUE				1280	octets
+ATTRIBUTE	EAP-Type-None				1280	octets
+ATTRIBUTE	EAP-Type-Identity			1281	octets
+ATTRIBUTE	EAP-Type-Notification			1282	octets
+ATTRIBUTE	EAP-Type-NAK				1283	octets
+ATTRIBUTE	EAP-Type-MD5-Challenge			1284	octets
+ATTRIBUTE	EAP-Type-One-Time-Password		1285	octets
+ATTRIBUTE	EAP-Type-Generic-Token-Card		1286	octets
+ATTRIBUTE	EAP-Type-RSA-Public-Key			1289	octets
+ATTRIBUTE	EAP-Type-DSS-Unilateral			1290	octets
+ATTRIBUTE	EAP-Type-KEA				1291	octets
+ATTRIBUTE	EAP-Type-KEA-Validate			1292	octets
+ATTRIBUTE	EAP-Type-EAP-TLS			1293	octets
+ATTRIBUTE	EAP-Type-Defender-Token			1294	octets
+ATTRIBUTE	EAP-Type-RSA-SecurID-EAP		1295	octets
+ATTRIBUTE	EAP-Type-Arcot-Systems-EAP		1296	octets
+ATTRIBUTE	EAP-Type-Cisco-LEAP			1297	octets
+ATTRIBUTE	EAP-Type-Nokia-IP-Smart-Card		1298	octets
 ATTRIBUTE	EAP-Type-SIM				1298	octets
-ATTRIBUTE	EAP-Type-LEAP				1301	octets
-ATTRIBUTE	EAP-Type-SIM2				1302	octets
-ATTRIBUTE	EAP-Type-TTLS				1305	octets
-ATTRIBUTE	EAP-Type-PEAP				1309	octets
+ATTRIBUTE	EAP-Type-SRP-SHA1			1299	octets
+ATTRIBUTE	EAP-Type-EAP-TTLS			1301	octets
+ATTRIBUTE	EAP-Type-Remote-Access-Service		1302	octets
+ATTRIBUTE	EAP-Type-AKA				1303	octets
+ATTRIBUTE	EAP-Type-EAP-3Com-Wireless		1304	octets
+ATTRIBUTE	EAP-Type-PEAP				1305	octets
+ATTRIBUTE	EAP-Type-MS-EAP-Authentication		1306	octets
+ATTRIBUTE	EAP-Type-MAKE				1307	octets
+ATTRIBUTE	EAP-Type-CRYPTOCard			1308	octets
+ATTRIBUTE	EAP-Type-EAP-MSCHAP-V2			1309	octets
+ATTRIBUTE	EAP-Type-DynamID			1310	octets
+ATTRIBUTE	EAP-Type-Rob-EAP			1311	octets
+ATTRIBUTE	EAP-Type-SecurID-EAP			1312	octets
+ATTRIBUTE	EAP-Type-MS-Authentication-TLV		1313	octets
+ATTRIBUTE	EAP-Type-SentriNET			1314	octets
+ATTRIBUTE	EAP-Type-EAP-Actiontec-Wireless		1315	octets
+ATTRIBUTE	EAP-Type-Cogent-Biomentric-EAP		1316	octets
+ATTRIBUTE	EAP-Type-AirFortress-EAP		1317	octets
+ATTRIBUTE	EAP-Type-EAP-HTTP-Digest		1318	octets
+ATTRIBUTE	EAP-Type-SecuriSuite-EAP		1319	octets
+ATTRIBUTE	EAP-Type-DeviceConnect-EAP		1320	octets
+ATTRIBUTE	EAP-Type-EAP-SPEKE			1321	octets
+ATTRIBUTE	EAP-Type-EAP-MOBAC			1322	octets
+ATTRIBUTE	EAP-Type-EAP-FAST			1323	octets
+ATTRIBUTE	EAP-Type-Zonelabs			1324	octets
+ATTRIBUTE	EAP-Type-EAP-Link			1325	octets
+ATTRIBUTE	EAP-Type-EAP-PAX			1326	octets
+ATTRIBUTE	EAP-Type-EAP-PSK			1327	octets
+ATTRIBUTE	EAP-Type-EAP-SAKE			1328	octets
+ATTRIBUTE	EAP-Type-EAP-IKEv2			1329	octets
+ATTRIBUTE	EAP-Type-EAP-AKA2			1330	octets
+ATTRIBUTE	EAP-Type-EAP-GPSK			1331	octets
+ATTRIBUTE	EAP-Type-EAP-PWD			1332	octets
+ATTRIBUTE	EAP-Type-EAP-EVEv1			1333	octets
+
+ATTRIBUTE	EAP-Type-Microsoft-MS-CHAPv2		1306	octets
+ATTRIBUTE	EAP-Type-Cisco-MS-CHAPv2		1309	octets
+ATTRIBUTE	EAP-Type-MS-CHAP-V2			1306	octets
 
 #
 #	Range:	1536 - 1791
@@ -275,6 +391,7 @@ ATTRIBUTE	EAP-Type-PEAP				1309	octets
 #
 
 # these are PW_EAP_SIM_X + 1536
+ATTRIBUTE	EAP_Sim-Base				1536	octets
 ATTRIBUTE	EAP-Sim-RAND				1537	octets
 ATTRIBUTE	EAP-Sim-PADDING				1542	octets
 ATTRIBUTE	EAP-Sim-NONCE_MT			1543	octets
@@ -332,6 +449,63 @@ ATTRIBUTE	Tmp-IP-Address-7			1827	ipaddr
 ATTRIBUTE	Tmp-IP-Address-8			1828	ipaddr
 ATTRIBUTE	Tmp-IP-Address-9			1829	ipaddr
 
+ATTRIBUTE	Tmp-Octets-0				1830	octets
+ATTRIBUTE	Tmp-Octets-1				1831	octets
+ATTRIBUTE	Tmp-Octets-2				1832	octets
+ATTRIBUTE	Tmp-Octets-3				1833	octets
+ATTRIBUTE	Tmp-Octets-4				1834	octets
+ATTRIBUTE	Tmp-Octets-5				1835	octets
+ATTRIBUTE	Tmp-Octets-6				1836	octets
+ATTRIBUTE	Tmp-Octets-7				1837	octets
+ATTRIBUTE	Tmp-Octets-8				1838	octets
+ATTRIBUTE	Tmp-Octets-9				1839	octets
+
+ATTRIBUTE	Tmp-Date-0				1840	date
+ATTRIBUTE	Tmp-Date-1				1841	date
+ATTRIBUTE	Tmp-Date-2				1842	date
+ATTRIBUTE	Tmp-Date-3				1843	date
+ATTRIBUTE	Tmp-Date-4				1844	date
+ATTRIBUTE	Tmp-Date-5				1845	date
+ATTRIBUTE	Tmp-Date-6				1846	date
+ATTRIBUTE	Tmp-Date-7				1847	date
+ATTRIBUTE	Tmp-Date-8				1848	date
+ATTRIBUTE	Tmp-Date-9				1849	date
+
+ATTRIBUTE	Tmp-Integer64-0				1871	integer64
+ATTRIBUTE	Tmp-Integer64-1				1872	integer64
+ATTRIBUTE	Tmp-Integer64-2				1873	integer64
+ATTRIBUTE	Tmp-Integer64-3				1874	integer64
+ATTRIBUTE	Tmp-Integer64-4				1875	integer64
+ATTRIBUTE	Tmp-Integer64-5				1876	integer64
+ATTRIBUTE	Tmp-Integer64-6				1877	integer64
+ATTRIBUTE	Tmp-Integer64-7				1878	integer64
+ATTRIBUTE	Tmp-Integer64-8				1879	integer64
+ATTRIBUTE	Tmp-Integer64-9				1880	integer64
+#
+#  These attributes shouldn't be used anywhere.  They are defined here
+#  only for casting of values in conditional expressions.
+#
+#  The order and number need to be consistent with the typedefs used
+#  in the server source.
+#
+ATTRIBUTE	Tmp-Cast-String				1851	string
+ATTRIBUTE	Tmp-Cast-Integer			1852	integer
+ATTRIBUTE	Tmp-Cast-Ipaddr				1853	ipaddr
+ATTRIBUTE	Tmp-Cast-Date				1854	date
+ATTRIBUTE	Tmp-Cast-Abinary			1855	abinary
+ATTRIBUTE	Tmp-Cast-Octets				1856	octets
+ATTRIBUTE	Tmp-Cast-Ifid				1857	ifid
+ATTRIBUTE	Tmp-Cast-IPv6Addr			1858	ipv6addr
+ATTRIBUTE	Tmp-Cast-IPv6Prefix			1859	ipv6prefix
+ATTRIBUTE	Tmp-Cast-Byte				1860	byte
+ATTRIBUTE	Tmp-Cast-Short				1861	short
+ATTRIBUTE	Tmp-Cast-Ethernet			1862	ether
+ATTRIBUTE	Tmp-Cast-Signed				1863	signed
+# don't use or define these
+ATTRIBUTE	Tmp-Cast-Integer64			1869	integer64
+ATTRIBUTE	Tmp-Cast-IPv4Prefix			1870	ipv4prefix
+# don't use or define VSA or MAX
+
 #	Range:	1900-1909
 #	WiMAX server-side attributes.
 #
@@ -341,24 +515,78 @@ ATTRIBUTE	Tmp-IP-Address-9			1829	ipaddr
 #	these attributes.
 #
 ATTRIBUTE	WiMAX-MN-NAI				1900	string
-ATTRIBUTE	WiMAX-FA-IP-Address			1901	ipaddr
-ATTRIBUTE	WiMAX-MN-FA				1902	octets
 
 ATTRIBUTE	TLS-Cert-Serial				1910	string
 ATTRIBUTE	TLS-Cert-Expiration			1911	string
 ATTRIBUTE	TLS-Cert-Issuer				1912	string
 ATTRIBUTE	TLS-Cert-Subject			1913	string
 ATTRIBUTE	TLS-Cert-Common-Name			1914	string
-# 1915 - 1919: reserved for future cert attributes
+ATTRIBUTE	TLS-Cert-Subject-Alt-Name-Email		1915	string
+ATTRIBUTE	TLS-Cert-Subject-Alt-Name-Dns		1916	string
+ATTRIBUTE	TLS-Cert-Subject-Alt-Name-Upn		1917	string
+# 1918 - 1919: reserved for future cert attributes
 ATTRIBUTE	TLS-Client-Cert-Serial			1920	string
 ATTRIBUTE	TLS-Client-Cert-Expiration		1921	string
 ATTRIBUTE	TLS-Client-Cert-Issuer			1922	string
 ATTRIBUTE	TLS-Client-Cert-Subject			1923	string
 ATTRIBUTE	TLS-Client-Cert-Common-Name		1924	string
 ATTRIBUTE	TLS-Client-Cert-Filename		1925	string
+ATTRIBUTE	TLS-Client-Cert-Subject-Alt-Name-Email	1926	string
+ATTRIBUTE	TLS-Client-Cert-X509v3-Extended-Key-Usage 1927	string
+ATTRIBUTE	TLS-Client-Cert-X509v3-Subject-Key-Identifier 1928	string
+ATTRIBUTE	TLS-Client-Cert-X509v3-Authority-Key-Identifier 1929	string
+ATTRIBUTE	TLS-Client-Cert-X509v3-Basic-Constraints 1930	string
+ATTRIBUTE	TLS-Client-Cert-Subject-Alt-Name-Dns	1931	string
+ATTRIBUTE	TLS-Client-Cert-Subject-Alt-Name-Upn	1932	string
+ATTRIBUTE	TLS-PSK-Identity			1933	string
+
+# 1934 - 1939: reserved for future cert attributes
 
 #
-#	Range:	1910-2999
+#	Range:	1940-2099
+#		Free
+#
+#	Range:	2100-2199
+#	SoH attributes; FIXME: these should really be protocol attributes
+#	so that the SoH radius request can be proxied, but from which
+#	vendor? Sigh...
+#
+ATTRIBUTE	SoH-MS-Machine-OS-vendor		2100	integer
+VALUE	SoH-MS-Machine-OS-vendor	Microsoft		311
+
+ATTRIBUTE	SoH-MS-Machine-OS-version		2101	integer
+ATTRIBUTE	SoH-MS-Machine-OS-release		2102	integer
+ATTRIBUTE	SoH-MS-Machine-OS-build			2103	integer
+ATTRIBUTE	SoH-MS-Machine-SP-version		2104	integer
+ATTRIBUTE	SoH-MS-Machine-SP-release		2105	integer
+
+ATTRIBUTE	SoH-MS-Machine-Processor		2106	integer
+VALUE	SoH-MS-Machine-Processor	x86			0
+VALUE	SoH-MS-Machine-Processor	i64			6
+VALUE	SoH-MS-Machine-Processor	x86_64			9
+
+ATTRIBUTE	SoH-MS-Machine-Name			2107	string
+ATTRIBUTE	SoH-MS-Correlation-Id			2108	octets
+ATTRIBUTE	SoH-MS-Machine-Role			2109	integer
+VALUE	SoH-MS-Machine-Role		client			1
+VALUE	SoH-MS-Machine-Role		dc			2
+VALUE	SoH-MS-Machine-Role		server			3
+
+ATTRIBUTE	SoH-Supported				2119	integer
+VALUE	SoH-Supported			no			0
+VALUE	SoH-Supported			yes			1
+
+ATTRIBUTE	SoH-MS-Windows-Health-Status		2120	string
+ATTRIBUTE	SoH-MS-Health-Other			2129	string
+
+#
+#	Range:	2200-2219
+#		Utilities bundled with the server
+#
+ATTRIBUTE	Radclient-Test-Name			2200	string
+
+#
+#	Range:	2220-2999
 #		Free
 #
 #	Range:	3000-3999
@@ -402,6 +630,7 @@ VALUE	Auth-Type			CRAM			1030
 VALUE	Auth-Type			NS-MTA-MD5		1031
 # 1032 is unused (was a duplicate of CRAM)
 VALUE	Auth-Type			SMB			1033
+VALUE	Auth-Type			MS-CHAP-V2		1034
 
 #
 #	Authorization type, too.
@@ -421,6 +650,7 @@ VALUE	Session-Type			Local			0
 #
 #	And Post-Auth
 VALUE	Post-Auth-Type			Local			0
+VALUE	Post-Auth-Type			Reject			1
 
 #
 #	Experimental Non-Protocol Integer Translations for FreeRADIUS
@@ -428,6 +658,9 @@ VALUE	Post-Auth-Type			Local			0
 VALUE	Fall-Through			No			0
 VALUE	Fall-Through			Yes			1
 
+VALUE	Relax-Filter			No			0
+VALUE	Relax-Filter			Yes			1
+
 VALUE	Strip-User-Name			No			0
 VALUE	Strip-User-Name			Yes			1
 
@@ -516,55 +749,64 @@ VALUE	EAP-Type			Identity		1
 VALUE	EAP-Type			Notification		2
 VALUE	EAP-Type			NAK			3
 VALUE	EAP-Type			MD5-Challenge		4
+VALUE	EAP-Type			MD5			4
 VALUE	EAP-Type			One-Time-Password	5
+VALUE	EAP-Type			OTP			5
 VALUE	EAP-Type			Generic-Token-Card	6
+VALUE	EAP-Type			GTC			6
 VALUE	EAP-Type			RSA-Public-Key		9
 VALUE	EAP-Type			DSS-Unilateral		10
 VALUE	EAP-Type			KEA			11
 VALUE	EAP-Type			KEA-Validate		12
-VALUE	EAP-Type			EAP-TLS			13
+VALUE	EAP-Type			TLS			13
 VALUE	EAP-Type			Defender-Token		14
 VALUE	EAP-Type			RSA-SecurID-EAP		15
 VALUE	EAP-Type			Arcot-Systems-EAP	16
 VALUE	EAP-Type			Cisco-LEAP		17
+VALUE	EAP-Type			LEAP			17
 VALUE	EAP-Type			Nokia-IP-Smart-Card	18
 VALUE	EAP-Type			SIM			18
-VALUE	EAP-Type			SRP-SHA1-Part-1		19
-VALUE	EAP-Type			SRP-SHA1-Part-2		20
-VALUE	EAP-Type			EAP-TTLS		21
+VALUE	EAP-Type			SRP-SHA1		19
+# 20 is unassigned
+VALUE	EAP-Type			TTLS			21
 VALUE	EAP-Type			Remote-Access-Service	22
-VALUE	EAP-Type			UMTS			23
-VALUE	EAP-Type			EAP-3Com-Wireless	24
+VALUE	EAP-Type			AKA			23
+VALUE	EAP-Type			3Com-Wireless		24
 VALUE	EAP-Type			PEAP			25
-VALUE	EAP-Type			MS-EAP-Authentication	26
+VALUE	EAP-Type			Microsoft-MS-CHAPv2	26
 VALUE	EAP-Type			MAKE			27
 VALUE	EAP-Type			CRYPTOCard		28
-VALUE	EAP-Type			EAP-MSCHAP-V2		29
+VALUE	EAP-Type			Cisco-MS-CHAPv2		29
 VALUE	EAP-Type			DynamID			30
 VALUE	EAP-Type			Rob-EAP			31
 VALUE	EAP-Type			SecurID-EAP		32
 VALUE	EAP-Type			MS-Authentication-TLV	33
 VALUE	EAP-Type			SentriNET		34
-VALUE	EAP-Type			EAP-Actiontec-Wireless	35
+VALUE	EAP-Type			Actiontec-Wireless	35
 VALUE	EAP-Type			Cogent-Biomentric-EAP	36
 VALUE	EAP-Type			AirFortress-EAP		37
-VALUE	EAP-Type			EAP-HTTP-Digest		38
+VALUE	EAP-Type			HTTP-Digest		38
+VALUE	EAP-Type			TNC			38
 VALUE	EAP-Type			SecuriSuite-EAP		39
 VALUE	EAP-Type			DeviceConnect-EAP	40
-VALUE	EAP-Type			EAP-SPEKE		41
-VALUE	EAP-Type			EAP-MOBAC		42
-
-#
-#	These are duplicate values, to get around the problem of
-#	having two MS-CHAPv2 EAP types.
-#
-VALUE	EAP-Type			Microsoft-MS-CHAPv2	26
-VALUE	EAP-Type			Cisco-MS-CHAPv2		29
+VALUE	EAP-Type			SPEKE			41
+VALUE	EAP-Type			MOBAC			42
+VALUE	EAP-Type			FAST			43
+VALUE	EAP-Type			Zonelabs		44
+VALUE	EAP-Type			Link			45
+VALUE	EAP-Type			PAX			46
+VALUE	EAP-Type			PSK			47
+VALUE	EAP-Type			SAKE			48
+VALUE	EAP-Type			IKEv2			49
+VALUE	EAP-Type			AKA2			50
+VALUE	EAP-Type			GPSK			51
+VALUE	EAP-Type			PWD			52
+VALUE	EAP-Type			EVEv1			53
 
 #
 #	And this is what most people mean by MS-CHAPv2
 #
-VALUE	EAP-Type			MS-CHAP-V2		26
+VALUE	EAP-Type			MSCHAPv2		26
 
 #
 #	This says TLS, but it's only valid for TTLS & PEAP.
diff --git a/radius/dictionary.meinberg b/radius/dictionary.meinberg
new file mode 100644
index 0000000000..2052a9ce83
--- /dev/null
+++ b/radius/dictionary.meinberg
@@ -0,0 +1,17 @@
+# -*- text -*-
+# Copyright (C) 2014 The FreeRADIUS Server project and contributors
+##############################################################################
+#
+#	Meinberg
+#
+#	$Id: 29364648e694338150f71f124cd62d9730f2366a $
+#
+##############################################################################
+
+VENDOR		Meinberg			5597
+
+BEGIN-VENDOR	Meinberg
+
+ATTRIBUTE	MBG-Management-Privilege-Level		1	integer
+
+END-VENDOR     Meinberg
author	Alexis La Goutte <alexis.lagoutte@gmail.com>	2014-11-26 20:08:07 +0100
committer	Anders Broman <a.broman58@gmail.com>	2014-11-28 04:43:17 +0000
commit	3f8576157be83d746cc200991f6fc5149833e8ce (patch)
tree	423e4ab9cce2a3ac66b614d2c029965b90282f50 /radius
parent	8839d7b4526656a04ef563651bbd03ac001c3a66 (diff)