diff --git a/agents/radagent.go b/agents/radagent.go index d4119d8eb..235942d6e 100644 --- a/agents/radagent.go +++ b/agents/radagent.go @@ -47,6 +47,8 @@ const ( func NewRadiusAgent(cgrCfg *config.CGRConfig, smg rpcclient.RpcClientConnection) (ra *RadiusAgent, err error) { dts := make(map[string]*radigo.Dictionary, len(cgrCfg.RadiusAgentCfg().ClientDictionaries)) for clntID, dictPath := range cgrCfg.RadiusAgentCfg().ClientDictionaries { + utils.Logger.Info(fmt.Sprintf( + " Loading dictionary for clientID: <%s> out of path <%s>", clntID, dictPath)) if dts[clntID], err = radigo.NewDictionaryFromFolderWithRFC2865(dictPath); err != nil { return } @@ -177,12 +179,17 @@ func (ra *RadiusAgent) processRequest(reqProcessor *config.RARequestProcessor, processorVars[MetaCGRError] = err.Error() return } - if reqUsage, has := smgEv[utils.USAGE]; !has { // usage was not requested, decide based on 0 + if reqUsageStr, has := smgEv[utils.USAGE]; !has { // usage was not requested, decide based on 0 if maxUsage == 0 { reply.Code = radigo.AccessReject } - } else if reqUsage.(time.Duration) < maxUsage { - reply.Code = radigo.AccessReject + } else { // usage requested + if reqUsage, err := utils.ParseDurationWithSecs(reqUsageStr.(string)); err != nil { + processorVars[MetaCGRError] = err.Error() + return false, err + } else if reqUsage < maxUsage { + reply.Code = radigo.AccessReject + } } case MetaRadAcctStart: err = ra.smg.Call("SMGenericV2.InitiateSession", smgEv, &maxUsage) diff --git a/cmd/cgr-engine/cgr-engine.go b/cmd/cgr-engine/cgr-engine.go index 2ff1bc6d8..0a198cb95 100644 --- a/cmd/cgr-engine/cgr-engine.go +++ b/cmd/cgr-engine/cgr-engine.go @@ -263,7 +263,8 @@ func startRadiusAgent(internalSMGChan chan *sessionmanager.SMGeneric, exitChan c }(internalSMGChan, smgChan) var smgConn *rpcclient.RpcClientPool if len(cfg.RadiusAgentCfg().SMGenericConns) != 0 { - smgConn, err = engine.NewRPCPool(rpcclient.POOL_FIRST, cfg.ConnectAttempts, cfg.Reconnects, cfg.ConnectTimeout, cfg.ReplyTimeout, + smgConn, err = engine.NewRPCPool(rpcclient.POOL_FIRST, cfg.ConnectAttempts, + cfg.Reconnects, cfg.ConnectTimeout, cfg.ReplyTimeout, cfg.RadiusAgentCfg().SMGenericConns, smgChan, cfg.InternalTtl) if err != nil { utils.Logger.Crit(fmt.Sprintf(" Could not connect to SMG: %s", err.Error())) diff --git a/data/radius/dict/dictionary.kamailio b/data/radius/dict/dictionary.kamailio index 131bff30b..148dec072 100644 --- a/data/radius/dict/dictionary.kamailio +++ b/data/radius/dict/dictionary.kamailio @@ -40,16 +40,16 @@ ATTRIBUTE Sip-CC 212 string ATTRIBUTE Sip-RPId 213 string ATTRIBUTE Digest-Response 206 string ATTRIBUTE Digest-Attributes 207 string -ATTRIBUTE Digest-Realm 1063 string -ATTRIBUTE Digest-Nonce 1064 string -ATTRIBUTE Digest-Method 1065 string -ATTRIBUTE Digest-URI 1066 string -ATTRIBUTE Digest-QOP 1067 string -ATTRIBUTE Digest-Algorithm 1068 string -ATTRIBUTE Digest-Body-Digest 1069 string -ATTRIBUTE Digest-CNonce 1070 string -ATTRIBUTE Digest-Nonce-Count 1071 string -ATTRIBUTE Digest-User-Name 1072 string +#ATTRIBUTE Digest-Realm 1063 string +#ATTRIBUTE Digest-Nonce 1064 string +#ATTRIBUTE Digest-Method 1065 string +#ATTRIBUTE Digest-URI 1066 string +#ATTRIBUTE Digest-QOP 1067 string +#ATTRIBUTE Digest-Algorithm 1068 string +#ATTRIBUTE Digest-Body-Digest 1069 string +#ATTRIBUTE Digest-CNonce 1070 string +#ATTRIBUTE Digest-Nonce-Count 1071 string +#ATTRIBUTE Digest-User-Name 1072 string ATTRIBUTE Ascend-User-Acct-Time 143 integer ATTRIBUTE Sip-Uri-User 208 string # Proprietary, auth_radius diff --git a/data/radius/dict/dictionary.microsoft b/data/radius/dict/dictionary.microsoft new file mode 100644 index 000000000..734559162 --- /dev/null +++ b/data/radius/dict/dictionary.microsoft @@ -0,0 +1,170 @@ +# -*- text -*- +# Copyright (C) 2015 The FreeRADIUS Server project and contributors +# +# Microsoft's VSA's, from RFC 2548 +# +# $Id$ +# + +VENDOR Microsoft 311 + +BEGIN-VENDOR Microsoft +ATTRIBUTE MS-CHAP-Response 1 octets[50] +ATTRIBUTE MS-CHAP-Error 2 string +ATTRIBUTE MS-CHAP-CPW-1 3 octets[70] +ATTRIBUTE MS-CHAP-CPW-2 4 octets[84] +ATTRIBUTE MS-CHAP-LM-Enc-PW 5 octets +ATTRIBUTE MS-CHAP-NT-Enc-PW 6 octets +ATTRIBUTE MS-MPPE-Encryption-Policy 7 integer + +VALUE MS-MPPE-Encryption-Policy Encryption-Allowed 1 +VALUE MS-MPPE-Encryption-Policy Encryption-Required 2 + +# This is referred to as both singular and plural in the RFC. +# Plural seems to make more sense. +ATTRIBUTE MS-MPPE-Encryption-Type 8 integer +ATTRIBUTE MS-MPPE-Encryption-Types 8 integer + +VALUE MS-MPPE-Encryption-Types RC4-40bit-Allowed 1 +VALUE MS-MPPE-Encryption-Types RC4-128bit-Allowed 2 +VALUE MS-MPPE-Encryption-Types RC4-40or128-bit-Allowed 6 + +ATTRIBUTE MS-RAS-Vendor 9 integer # content is Vendor-ID +ATTRIBUTE MS-CHAP-Domain 10 string +ATTRIBUTE MS-CHAP-Challenge 11 octets +ATTRIBUTE MS-CHAP-MPPE-Keys 12 octets[24] encrypt=1 +ATTRIBUTE MS-BAP-Usage 13 integer +ATTRIBUTE MS-Link-Utilization-Threshold 14 integer # values are 1-100 +ATTRIBUTE MS-Link-Drop-Time-Limit 15 integer +ATTRIBUTE MS-MPPE-Send-Key 16 octets encrypt=2 +ATTRIBUTE MS-MPPE-Recv-Key 17 octets encrypt=2 +ATTRIBUTE MS-RAS-Version 18 string +ATTRIBUTE MS-Old-ARAP-Password 19 octets +ATTRIBUTE MS-New-ARAP-Password 20 octets +ATTRIBUTE MS-ARAP-PW-Change-Reason 21 integer + +ATTRIBUTE MS-Filter 22 octets +ATTRIBUTE MS-Acct-Auth-Type 23 integer +ATTRIBUTE MS-Acct-EAP-Type 24 integer + +ATTRIBUTE MS-CHAP2-Response 25 octets[50] +ATTRIBUTE MS-CHAP2-Success 26 octets +ATTRIBUTE MS-CHAP2-CPW 27 octets[68] + +ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr +ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr +ATTRIBUTE MS-Primary-NBNS-Server 30 ipaddr +ATTRIBUTE MS-Secondary-NBNS-Server 31 ipaddr + +#ATTRIBUTE MS-ARAP-Challenge 33 octets[8] + +## MS-RNAP +# +# http://download.microsoft.com/download/9/5/E/95EF66AF-9026-4BB0-A41D-A4F81802D92C/%5BMS-RNAP%5D.pdf + +ATTRIBUTE MS-RAS-Client-Name 34 string +ATTRIBUTE MS-RAS-Client-Version 35 string +ATTRIBUTE MS-Quarantine-IPFilter 36 octets +ATTRIBUTE MS-Quarantine-Session-Timeout 37 integer +ATTRIBUTE MS-User-Security-Identity 40 string +ATTRIBUTE MS-Identity-Type 41 integer +ATTRIBUTE MS-Service-Class 42 string +ATTRIBUTE MS-Quarantine-User-Class 44 string +ATTRIBUTE MS-Quarantine-State 45 integer +ATTRIBUTE MS-Quarantine-Grace-Time 46 integer +ATTRIBUTE MS-Network-Access-Server-Type 47 integer +ATTRIBUTE MS-AFW-Zone 48 integer + +VALUE MS-AFW-Zone MS-AFW-Zone-Boundary-Policy 1 +VALUE MS-AFW-Zone MS-AFW-Zone-Unprotected-Policy 2 +VALUE MS-AFW-Zone MS-AFW-Zone-Protected-Policy 3 + +ATTRIBUTE MS-AFW-Protection-Level 49 integer + +VALUE MS-AFW-Protection-Level HECP-Response-Sign-Only 1 +VALUE MS-AFW-Protection-Level HECP-Response-Sign-And-Encrypt 2 + +ATTRIBUTE MS-Machine-Name 50 string +ATTRIBUTE MS-IPv6-Filter 51 octets +ATTRIBUTE MS-IPv4-Remediation-Servers 52 octets +ATTRIBUTE MS-IPv6-Remediation-Servers 53 octets +ATTRIBUTE MS-RNAP-Not-Quarantine-Capable 54 integer + +VALUE MS-RNAP-Not-Quarantine-Capable SoH-Sent 0 +VALUE MS-RNAP-Not-Quarantine-Capable SoH-Not-Sent 1 + +ATTRIBUTE MS-Quarantine-SOH 55 octets +ATTRIBUTE MS-RAS-Correlation 56 octets + +# Or this might be 56? +ATTRIBUTE MS-Extended-Quarantine-State 57 integer + +ATTRIBUTE MS-HCAP-User-Groups 58 string +ATTRIBUTE MS-HCAP-Location-Group-Name 59 string +ATTRIBUTE MS-HCAP-User-Name 60 string +ATTRIBUTE MS-User-IPv4-Address 61 ipaddr +ATTRIBUTE MS-User-IPv6-Address 62 ipv6addr +ATTRIBUTE MS-TSG-Device-Redirection 63 integer + +# +# Integer Translations +# + +# MS-BAP-Usage Values + +VALUE MS-BAP-Usage Not-Allowed 0 +VALUE MS-BAP-Usage Allowed 1 +VALUE MS-BAP-Usage Required 2 + +# MS-ARAP-Password-Change-Reason Values + +VALUE MS-ARAP-PW-Change-Reason Just-Change-Password 1 +VALUE MS-ARAP-PW-Change-Reason Expired-Password 2 +VALUE MS-ARAP-PW-Change-Reason Admin-Requires-Password-Change 3 +VALUE MS-ARAP-PW-Change-Reason Password-Too-Short 4 + +# MS-Acct-Auth-Type Values + +VALUE MS-Acct-Auth-Type PAP 1 +VALUE MS-Acct-Auth-Type CHAP 2 +VALUE MS-Acct-Auth-Type MS-CHAP-1 3 +VALUE MS-Acct-Auth-Type MS-CHAP-2 4 +VALUE MS-Acct-Auth-Type EAP 5 + +# MS-Acct-EAP-Type Values + +VALUE MS-Acct-EAP-Type MD5 4 +VALUE MS-Acct-EAP-Type OTP 5 +VALUE MS-Acct-EAP-Type Generic-Token-Card 6 +VALUE MS-Acct-EAP-Type TLS 13 + +# MS-Identity-Type Values + +VALUE MS-Identity-Type Machine-Health-Check 1 +VALUE MS-Identity-Type Ignore-User-Lookup-Failure 2 + +# MS-Quarantine-State Values + +VALUE MS-Quarantine-State Full-Access 0 +VALUE MS-Quarantine-State Quarantine 1 +VALUE MS-Quarantine-State Probation 2 + +# MS-Network-Access-Server-Type Values + +VALUE MS-Network-Access-Server-Type Unspecified 0 +VALUE MS-Network-Access-Server-Type Terminal-Server-Gateway 1 +VALUE MS-Network-Access-Server-Type Remote-Access-Server 2 +VALUE MS-Network-Access-Server-Type DHCP-Server 3 +VALUE MS-Network-Access-Server-Type Wireless-Access-Point 4 +VALUE MS-Network-Access-Server-Type HRA 5 +VALUE MS-Network-Access-Server-Type HCAP-Server 6 + +# MS-Extended-Quarantine-State Values + +VALUE MS-Extended-Quarantine-State Transition 1 +VALUE MS-Extended-Quarantine-State Infected 2 +VALUE MS-Extended-Quarantine-State Unknown 3 +VALUE MS-Extended-Quarantine-State No-Data 4 + +END-VENDOR Microsoft + diff --git a/glide.lock b/glide.lock index a1ec4d151..f5638c876 100644 --- a/glide.lock +++ b/glide.lock @@ -20,7 +20,7 @@ imports: - name: github.com/cgrates/osipsdagram version: 3d6beed663452471dec3ca194137a30d379d9e8f - name: github.com/cgrates/radigo - version: 4351b1d135e822472a2759ae1c95f103cf51df60 + version: 69d4269e21990c0f120b8e60d5b75d533db7f3dd - name: github.com/cgrates/rpcclient version: dddae42e9344e877627cd4b7aba075d63b452c0b - name: github.com/ChrisTrenkamp/goxpath