aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/eap_radius/eap_radius.c
Commit message (Collapse)AuthorAgeFilesLines
* eap-radius: Optionally send Class attributes in RADIUS accounting messagesTobias Brunner2017-11-021-19/+26
| | | | | | | If enabled, add the RADIUS Class attributes received in Access-Accept messages to RADIUS accounting messages as suggested by RFC 2865 section 5.25. Fixes #2451.
* Use standard unsigned integer typesAndreas Steffen2016-03-241-16/+16
|
* eap-radius: Fix creation of host_t objects based on Framed-IPv6-Address ↵Tobias Brunner2015-08-281-1/+1
| | | | | | | attributes Fixes ec490e68ae37 ("eap-radius: Add support for some basic IPv6-specific RADIUS attributes"). References #1001.
* eap-radius: Add support for some basic IPv6-specific RADIUS attributesTobias Brunner2015-08-171-1/+10
| | | | | | These are defined in RFC 6911. Fixes #1001.
* eap-radius: Forward Cisco and Microsoft specific DNS/NBNS attributesTobias Brunner2014-09-091-0/+50
| | | | Fixes #677.
* libcharon: Use lib->ns instead of charon->nameTobias Brunner2014-02-121-5/+5
|
* eap-radius: Forward RAT_FRAMED_IP_NETMASK as INTERNAL_IP4_NETMASKTobias Brunner2013-10-111-0/+5
|
* eap-radius: Forward UNITY_SPLIT_INCLUDE or UNITY_LOCAL_LAN attributesTobias Brunner2013-10-111-0/+93
| | | | | | | | | | | | | | | Depending on the value of the CVPN3000-IPSec-Split-Tunneling-Policy(55) radius attribute, the subnets in the CVPN3000-IPSec-Split-Tunnel-List(27) attribute are sent in either a UNITY_SPLIT_INCLUDE (if the value is 1) or a UNITY_LOCAL_LAN (if the value is 2). So if the following attributes would be configured for a RADIUS user CVPN3000-IPSec-Split-Tunnel-List := "10.0.1.0/255.255.255.0,10.0.2.0/255.255.255.0" CVPN3000-IPSec-Split-Tunneling-Policy := 1 A UNITY_SPLIT_INCLUDE configuration payload containing these two subnets would be sent to the client during the ModeCfg exchange.
* eap-radius: Forward UNITY_DEF_DOMAIN and UNITY_SPLITDNS_NAME attributesTobias Brunner2013-10-111-3/+25
| | | | | | The contents of the CVPN3000-IPSec-Default-Domain(28) and CVPN3000-IPSec-Split-DNS-Names(29) radius attributes are forwarded in the corresponding Unity configuration attributes.
* eap-radius: export function to build common attributes of Access-RequestMartin Willi2013-07-291-24/+29
|
* eap-radius: export function to process common attributes of Access-AcceptMartin Willi2013-07-291-31/+24
|
* eap-radius: use IKE_SA unique id instead of peer identity to manage virtual IPsMartin Willi2013-05-061-3/+5
| | | | Fixes some corner cases if multiple tunnels use the same peer identity.
* eap-radius: Add an option to exclude ports from Called/Calling-Station-IdMartin Willi2013-04-101-2/+16
|
* Add support for RADIUS Interim accounting updatesMartin Willi2013-03-141-7/+12
|
* Add an option to delete any established IKE_SA if RADIUS server is not ↵Martin Willi2013-03-141-1/+1
| | | | responding
* Send NAS-Port, NAS-IP and Calling/Called-Station-ID in Access-RequestMartin Willi2013-03-131-7/+56
|
* Forward Cisco Banner received from RADIUS to Unity capable clientsMartin Willi2013-03-121-2/+26
|
* In eap-radius, hand out received Framed-IP-Address attributes as virtual IPMartin Willi2013-03-121-1/+33
|
* Handle type of first EAP-RADIUS response more sophisticatedTobias Brunner2012-10-181-3/+18
|
* Make sure first argument is an int when using %.*s to print e.g. chunksTobias Brunner2012-09-281-1/+1
|
* Use name from initialization to access settings in libcharon.Tobias Brunner2012-05-031-5/+8
| | | | Also fixes several whitespace errors.
* use RADIUS_TUNNEL_TYPE_ESP defined in header fileAndreas Steffen2012-03-131-3/+1
|
* define MAX_RADIUS_ATTRIBUTE_SIZEAndreas Steffen2012-03-131-4/+5
|
* Moved generic RADIUS protocol support to a dedicated libradiusMartin Willi2012-03-051-3/+4
|
* Removed libcharon dependencies from generic RADIUS protocol supportMartin Willi2012-03-051-0/+4
|
* Forward specifcied RADIUS attributes between AAA backend and clientMartin Willi2012-03-051-0/+5
|
* Rename RADIUS message constructors to handle both, requests and responsesMartin Willi2012-03-051-2/+2
|
* Set IKE_SA lifetime based on RADIUS Session-Timeout attributeMartin Willi2012-03-051-0/+26
|
* RADIUS message constructor accepts a message code parameterMartin Willi2012-01-301-3/+3
|
* added level 3 debug output of forwarded EAP payloadsAndreas Steffen2011-04-211-1/+6
|
* Revert alloc_str changesMartin Willi2011-04-211-3/+1
| | | | | | This reverts commit fdead26ffe1da8501a6ff5e0639a6f44c723e763. This reverts commit 3e2419ebe32de72d824864eb2e0e677a7c197af1. This reverts commit 17ce69b47a1efd6234960cf7d1f50712aee61db5.
* Use thread save settings alloc_str function where appropriateMartin Willi2011-04-211-1/+3
|
* implemented get|set_identifier() for eap_radius_tAndreas Steffen2011-04-051-1/+20
|
* Show result of RADIUS authentication along with EAP identityMartin Willi2010-10-071-5/+6
|
* use group membership to implement access/isolate redirection in filter-based ↵Andreas Steffen2010-10-051-4/+14
| | | | TNC scenario
* moved CHILD_SA selection out of attribute loopAndreas Steffen2010-10-051-5/+6
|
* receive name of preferred CHILD_SA via RADIUS Filter-Id attributeAndreas Steffen2010-10-051-0/+59
|
* Use a seperate section for each nested struct member in INIT macroMartin Willi2010-08-181-7/+9
|
* Implemented support for multiple RADIUS serversMartin Willi2010-07-211-11/+6
|
* Migrated eap-radius plugin to INIT/METHOD macrosMartin Willi2010-07-211-44/+32
|
* Do not interpret long class attributes (such as from NPS) as groupMartin Willi2010-07-091-2/+10
|
* Added support for group membership information containted in the RADIUS ↵Martin Willi2010-07-051-0/+40
| | | | class attribute
* Moving charon to libcharon.Tobias Brunner2010-03-191-0/+312
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-28 13:11:44 +0000