Class: RadiusRB::Packet

Inherits:
Object
  • Object
show all
Defined in:
lib/radiusrb/packet.rb

Defined Under Namespace

Classes: Attribute

Constant Summary collapse

CODES =
{ 'Access-Request' => 1,        'Access-Accept' => 2,
'Access-Reject' => 3,         'Accounting-Request' => 4,
'Accounting-Response' => 5,   'Access-Challenge' => 11,
'Status-Server' => 12,        'Status-Client' => 13 }
HDRLEN =

size of packet header

1 + 1 + 2 + 16
P_HDR =

pack template for header

"CCna16a*"
P_ATTR =

pack template for attribute

"CCa*"

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(dictionary, id, data = nil) ⇒ Packet

Returns a new instance of Packet.



38
39
40
41
42
43
44
45
46
47
# File 'lib/radiusrb/packet.rb', line 38

def initialize(dictionary, id, data = nil)
  @dict = dictionary
  @id = id
  unset_all_attributes
  if data
    @packed = data
    self.unpack
  end
  self
end

Instance Attribute Details

#attributesObject (readonly)

Returns the value of attribute attributes.



36
37
38
# File 'lib/radiusrb/packet.rb', line 36

def attributes
  @attributes
end

#authenticatorObject (readonly)

Returns the value of attribute authenticator.



36
37
38
# File 'lib/radiusrb/packet.rb', line 36

def authenticator
  @authenticator
end

#codeObject

Returns the value of attribute code.



35
36
37
# File 'lib/radiusrb/packet.rb', line 35

def code
  @code
end

#idObject (readonly)

Returns the value of attribute id.



36
37
38
# File 'lib/radiusrb/packet.rb', line 36

def id
  @id
end

Instance Method Details

#attribute(name) ⇒ Object



128
129
130
131
132
# File 'lib/radiusrb/packet.rb', line 128

def attribute(name)
  if @attributes[name]
    @attributes[name].value
  end
end

#decode_attribute(name, secret) ⇒ Object



142
143
144
145
146
# File 'lib/radiusrb/packet.rb', line 142

def decode_attribute(name, secret)
  if @attributes[name]
    decode(@attributes[name].value.to_s, secret)
  end
end

#gen_acct_authenticator(secret) ⇒ Object



73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
# File 'lib/radiusrb/packet.rb', line 73

def gen_acct_authenticator(secret)
  # From RFC2866
  # Request Authenticator
  # 
  #       In Accounting-Request Packets, the Authenticator value is a 16
  #       octet MD5 [5] checksum, called the Request Authenticator.
  # 
  #       The NAS and RADIUS accounting server share a secret.  The Request
  #       Authenticator field in Accounting-Request packets contains a one-
  #       way MD5 hash calculated over a stream of octets consisting of the
  #       Code + Identifier + Length + 16 zero octets + request attributes +
  #       shared secret (where + indicates concatenation).  The 16 octet MD5
  #       hash value is stored in the Authenticator field of the
  #       Accounting-Request packet.
  # 
  #       Note that the Request Authenticator of an Accounting-Request can
  #       not be done the same way as the Request Authenticator of a RADIUS
  #       Access-Request, because there is no User-Password attribute in an
  #       Accounting-Request.
  #       
  @authenticator = "\000"*16
  @authenticator = Digest::MD5.digest(pack + secret)
  @packed = nil
  @authenticator
end

#gen_auth_authenticatorObject

Generate an authenticator. It will try to use /dev/urandom if possible, or the system rand call if that’s not available.



59
60
61
62
63
64
65
66
67
68
69
70
71
# File 'lib/radiusrb/packet.rb', line 59

def gen_auth_authenticator
  if (File.exist?("/dev/urandom"))
    File.open("/dev/urandom") do |urandom|
      @authenticator = urandom.read(16)
    end
  else
    @authenticator = []
    8.times do
      @authenticator << rand(65536)
    end
    @authenticator = @authenticator.pack("n8")
  end
end

#gen_response_authenticator(secret, request_authenticator) ⇒ Object



99
100
101
102
103
104
# File 'lib/radiusrb/packet.rb', line 99

def gen_response_authenticator(secret, request_authenticator)
  @authenticator = request_authenticator
  @authenticator = Digest::MD5.digest(pack + secret)
  @packed = nil
  @authenticator
end

#increment_idObject



49
50
51
# File 'lib/radiusrb/packet.rb', line 49

def increment_id
  @id = (@id + 1) & 0xff
end

#packObject



148
149
150
151
152
153
154
# File 'lib/radiusrb/packet.rb', line 148

def pack
  attstr = ""
  @attributes.values.each do |attribute|
    attstr += attribute.pack
  end
  @packed = [CODES[@code], @id, attstr.length + HDRLEN, @authenticator, attstr].pack(P_HDR)
end

#set_attribute(name, value) ⇒ Object



120
121
122
# File 'lib/radiusrb/packet.rb', line 120

def set_attribute(name, value)
  @attributes[name] = Attribute.new(@dict, name, value)
end

#set_encoded_attribute(name, value, secret) ⇒ Object



138
139
140
# File 'lib/radiusrb/packet.rb', line 138

def set_encoded_attribute(name, value, secret)
  @attributes[name] = Attribute.new(@dict, name, encode(value, secret))
end

#to_aObject



53
54
55
# File 'lib/radiusrb/packet.rb', line 53

def to_a
  @attributes.to_a
end

#unset_all_attributesObject



134
135
136
# File 'lib/radiusrb/packet.rb', line 134

def unset_all_attributes
  @attributes = {}
end

#unset_attribute(name) ⇒ Object



124
125
126
# File 'lib/radiusrb/packet.rb', line 124

def unset_attribute(name)
  @attributes.delete(name)
end

#validate_acct_authenticator(secret) ⇒ Object



106
107
108
109
110
111
112
113
114
115
116
117
118
# File 'lib/radiusrb/packet.rb', line 106

def validate_acct_authenticator(secret)
  if @authenticator
    original_authenticator = @authenticator
    if gen_acct_authenticator(secret) == original_authenticator
      true
    else
      @authenticator = original_authenticator
      false
    end
  else
    false
  end
end