Class: RadiusRB::Packet
- Inherits:
-
Object
- Object
- RadiusRB::Packet
- Defined in:
- lib/radiusrb/packet.rb
Defined Under Namespace
Classes: Attribute
Constant Summary collapse
- CODES =
{ 'Access-Request' => 1, 'Access-Accept' => 2, 'Access-Reject' => 3, 'Accounting-Request' => 4, 'Accounting-Response' => 5, 'Access-Challenge' => 11, 'Status-Server' => 12, 'Status-Client' => 13 }
- HDRLEN =
size of packet header
1 + 1 + 2 + 16
- P_HDR =
pack template for header
"CCna16a*"
- P_ATTR =
pack template for attribute
"CCa*"
Instance Attribute Summary collapse
-
#attributes ⇒ Object
readonly
Returns the value of attribute attributes.
-
#authenticator ⇒ Object
readonly
Returns the value of attribute authenticator.
-
#code ⇒ Object
Returns the value of attribute code.
-
#id ⇒ Object
readonly
Returns the value of attribute id.
Instance Method Summary collapse
- #attribute(name) ⇒ Object
- #decode_attribute(name, secret) ⇒ Object
- #gen_acct_authenticator(secret) ⇒ Object
-
#gen_auth_authenticator ⇒ Object
Generate an authenticator.
- #gen_response_authenticator(secret, request_authenticator) ⇒ Object
- #increment_id ⇒ Object
-
#initialize(dictionary, id, data = nil) ⇒ Packet
constructor
A new instance of Packet.
- #pack ⇒ Object
- #set_attribute(name, value) ⇒ Object
- #set_encoded_attribute(name, value, secret) ⇒ Object
- #to_a ⇒ Object
- #unset_all_attributes ⇒ Object
- #unset_attribute(name) ⇒ Object
- #validate_acct_authenticator(secret) ⇒ Object
Constructor Details
#initialize(dictionary, id, data = nil) ⇒ Packet
Returns a new instance of Packet.
38 39 40 41 42 43 44 45 46 47 |
# File 'lib/radiusrb/packet.rb', line 38 def initialize(dictionary, id, data = nil) @dict = dictionary @id = id unset_all_attributes if data @packed = data self.unpack end self end |
Instance Attribute Details
#attributes ⇒ Object (readonly)
Returns the value of attribute attributes.
36 37 38 |
# File 'lib/radiusrb/packet.rb', line 36 def attributes @attributes end |
#authenticator ⇒ Object (readonly)
Returns the value of attribute authenticator.
36 37 38 |
# File 'lib/radiusrb/packet.rb', line 36 def authenticator @authenticator end |
#code ⇒ Object
Returns the value of attribute code.
35 36 37 |
# File 'lib/radiusrb/packet.rb', line 35 def code @code end |
#id ⇒ Object (readonly)
Returns the value of attribute id.
36 37 38 |
# File 'lib/radiusrb/packet.rb', line 36 def id @id end |
Instance Method Details
#attribute(name) ⇒ Object
128 129 130 131 132 |
# File 'lib/radiusrb/packet.rb', line 128 def attribute(name) if @attributes[name] @attributes[name].value end end |
#decode_attribute(name, secret) ⇒ Object
142 143 144 145 146 |
# File 'lib/radiusrb/packet.rb', line 142 def decode_attribute(name, secret) if @attributes[name] decode(@attributes[name].value.to_s, secret) end end |
#gen_acct_authenticator(secret) ⇒ Object
73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 |
# File 'lib/radiusrb/packet.rb', line 73 def gen_acct_authenticator(secret) # From RFC2866 # Request Authenticator # # In Accounting-Request Packets, the Authenticator value is a 16 # octet MD5 [5] checksum, called the Request Authenticator. # # The NAS and RADIUS accounting server share a secret. The Request # Authenticator field in Accounting-Request packets contains a one- # way MD5 hash calculated over a stream of octets consisting of the # Code + Identifier + Length + 16 zero octets + request attributes + # shared secret (where + indicates concatenation). The 16 octet MD5 # hash value is stored in the Authenticator field of the # Accounting-Request packet. # # Note that the Request Authenticator of an Accounting-Request can # not be done the same way as the Request Authenticator of a RADIUS # Access-Request, because there is no User-Password attribute in an # Accounting-Request. # @authenticator = "\000"*16 @authenticator = Digest::MD5.digest(pack + secret) @packed = nil @authenticator end |
#gen_auth_authenticator ⇒ Object
Generate an authenticator. It will try to use /dev/urandom if possible, or the system rand call if that’s not available.
59 60 61 62 63 64 65 66 67 68 69 70 71 |
# File 'lib/radiusrb/packet.rb', line 59 def gen_auth_authenticator if (File.exist?("/dev/urandom")) File.open("/dev/urandom") do |urandom| @authenticator = urandom.read(16) end else @authenticator = [] 8.times do @authenticator << rand(65536) end @authenticator = @authenticator.pack("n8") end end |
#gen_response_authenticator(secret, request_authenticator) ⇒ Object
99 100 101 102 103 104 |
# File 'lib/radiusrb/packet.rb', line 99 def gen_response_authenticator(secret, request_authenticator) @authenticator = request_authenticator @authenticator = Digest::MD5.digest(pack + secret) @packed = nil @authenticator end |
#increment_id ⇒ Object
49 50 51 |
# File 'lib/radiusrb/packet.rb', line 49 def increment_id @id = (@id + 1) & 0xff end |
#pack ⇒ Object
148 149 150 151 152 153 154 |
# File 'lib/radiusrb/packet.rb', line 148 def pack attstr = "" @attributes.values.each do |attribute| attstr += attribute.pack end @packed = [CODES[@code], @id, attstr.length + HDRLEN, @authenticator, attstr].pack(P_HDR) end |
#set_attribute(name, value) ⇒ Object
120 121 122 |
# File 'lib/radiusrb/packet.rb', line 120 def set_attribute(name, value) @attributes[name] = Attribute.new(@dict, name, value) end |
#set_encoded_attribute(name, value, secret) ⇒ Object
138 139 140 |
# File 'lib/radiusrb/packet.rb', line 138 def set_encoded_attribute(name, value, secret) @attributes[name] = Attribute.new(@dict, name, encode(value, secret)) end |
#to_a ⇒ Object
53 54 55 |
# File 'lib/radiusrb/packet.rb', line 53 def to_a @attributes.to_a end |
#unset_all_attributes ⇒ Object
134 135 136 |
# File 'lib/radiusrb/packet.rb', line 134 def unset_all_attributes @attributes = {} end |
#unset_attribute(name) ⇒ Object
124 125 126 |
# File 'lib/radiusrb/packet.rb', line 124 def unset_attribute(name) @attributes.delete(name) end |
#validate_acct_authenticator(secret) ⇒ Object
106 107 108 109 110 111 112 113 114 115 116 117 118 |
# File 'lib/radiusrb/packet.rb', line 106 def validate_acct_authenticator(secret) if @authenticator original_authenticator = @authenticator if gen_acct_authenticator(secret) == original_authenticator true else @authenticator = original_authenticator false end else false end end |