ATTRIBUTE Packet-Authentication-Vector 1088 octets
ATTRIBUTE Time-Of-Day 1089 string
ATTRIBUTE Request-Processing-Stage 1090 string
+ATTRIBUTE SHA2-Password 1092 octets
ATTRIBUTE SHA-Password 1093 octets
ATTRIBUTE SSHA-Password 1094 octets
ATTRIBUTE SHA1-Password 1093 octets
ATTRIBUTE FreeRADIUS-Client-IP-Address 1120 ipaddr
ATTRIBUTE FreeRADIUS-Client-IPv6-Address 1121 ipv6addr
+# The rest of the FreeRADIUS-Client-* attributes are at 1150...
ATTRIBUTE FreeRADIUS-Client-Require-MA 1122 integer
ATTRIBUTE Stripped-User-Domain 1138 string
ATTRIBUTE Called-Station-SSID 1139 string
-ATTRIBUTE Cache-TTL 1140 integer
+ATTRIBUTE Cache-TTL 1140 signed
ATTRIBUTE Cache-Status-Only 1141 integer
ATTRIBUTE Cache-Merge 1142 integer
ATTRIBUTE Cache-Entry-Hits 1143 integer
+ATTRIBUTE Cache-Read-Only 1144 integer
VALUE Cache-Status-Only no 0
VALUE Cache-Status-Only yes 1
VALUE Cache-Merge no 0
VALUE Cache-Merge yes 1
-# More dynamic client attributes
+VALUE Cache-Read-Only no 0
+VALUE Cache-Read-Only yes 1
-ATTRIBUTE FreeRADIUS-Client-Src-IP-Address 1143 ipaddr
-ATTRIBUTE FreeRADIUS-Client-Src-IPv6-Address 1144 ipv6addr
+ATTRIBUTE OTP-Challenge 1145 string
+ATTRIBUTE EAP-Session-Id 1146 octets
+ATTRIBUTE Chbind-Response-Code 1147 integer
+
+ATTRIBUTE Chbind-Response-Code 1147 integer
+
+VALUE Chbind-Response-Code success 2
+VALUE Chbind-Response-Code failure 3
+
+# For EAP channel binding
+
+ATTRIBUTE Chbind-Response-Code 1147 integer
+
+VALUE Chbind-Response-Code success 2
+VALUE Chbind-Response-Code failure 3
+
+ATTRIBUTE Acct-Input-Octets64 1148 integer64
+ATTRIBUTE Acct-Output-Octets64 1149 integer64
+
+ATTRIBUTE FreeRADIUS-Client-IP-Prefix 1150 ipv4prefix
+ATTRIBUTE FreeRADIUS-Client-IPv6-Prefix 1151 ipv6prefix
+ATTRIBUTE FreeRADIUS-Response-Delay 1152 integer
+ATTRIBUTE FreeRADIUS-Client-Src-IP-Address 1153 ipaddr
+ATTRIBUTE FreeRADIUS-Client-Src-IPv6-Address 1154 ipv6addr
+
+ATTRIBUTE REST-HTTP-Header 1160 string
#
# Range: 1200-1279
ATTRIBUTE EAP-Sim-KC2 1213 octets
ATTRIBUTE EAP-Sim-KC3 1214 octets
+ATTRIBUTE EAP-Sim-Ki 1215 octets
+ATTRIBUTE EAP-Sim-Algo-Version 1216 integer
+
#
# Range: 1280 - 1535
# EAP-type specific attributes
#
# egrep VALUE dictionary.freeradius.internal | grep EAP-Type | awk '{print "ATTRIBUTE EAP-Type-" $3 " " 1280+$4 " octets"}' > foo;./format.pl foo
#
+ATTRIBUTE EAP-Type-Base 1280 octets
ATTRIBUTE EAP-Type-VALUE 1280 octets
ATTRIBUTE EAP-Type-None 1280 octets
ATTRIBUTE EAP-Type-Identity 1281 octets
ATTRIBUTE EAP-Type-Cisco-LEAP 1297 octets
ATTRIBUTE EAP-Type-Nokia-IP-Smart-Card 1298 octets
ATTRIBUTE EAP-Type-SIM 1298 octets
-ATTRIBUTE EAP-Type-SRP-SHA1-Part-1 1299 octets
-ATTRIBUTE EAP-Type-SRP-SHA1-Part-2 1300 octets
+ATTRIBUTE EAP-Type-SRP-SHA1 1299 octets
ATTRIBUTE EAP-Type-EAP-TTLS 1301 octets
ATTRIBUTE EAP-Type-Remote-Access-Service 1302 octets
-ATTRIBUTE EAP-Type-UMTS 1303 octets
+ATTRIBUTE EAP-Type-AKA 1303 octets
ATTRIBUTE EAP-Type-EAP-3Com-Wireless 1304 octets
ATTRIBUTE EAP-Type-PEAP 1305 octets
ATTRIBUTE EAP-Type-MS-EAP-Authentication 1306 octets
ATTRIBUTE EAP-Type-DeviceConnect-EAP 1320 octets
ATTRIBUTE EAP-Type-EAP-SPEKE 1321 octets
ATTRIBUTE EAP-Type-EAP-MOBAC 1322 octets
+ATTRIBUTE EAP-Type-EAP-FAST 1323 octets
+ATTRIBUTE EAP-Type-Zonelabs 1324 octets
+ATTRIBUTE EAP-Type-EAP-Link 1325 octets
+ATTRIBUTE EAP-Type-EAP-PAX 1326 octets
+ATTRIBUTE EAP-Type-EAP-PSK 1327 octets
+ATTRIBUTE EAP-Type-EAP-SAKE 1328 octets
+ATTRIBUTE EAP-Type-EAP-IKEv2 1329 octets
+ATTRIBUTE EAP-Type-EAP-AKA2 1330 octets
+ATTRIBUTE EAP-Type-EAP-GPSK 1331 octets
+ATTRIBUTE EAP-Type-EAP-PWD 1332 octets
+ATTRIBUTE EAP-Type-EAP-EVEv1 1333 octets
ATTRIBUTE EAP-Type-Microsoft-MS-CHAPv2 1306 octets
ATTRIBUTE EAP-Type-Cisco-MS-CHAPv2 1309 octets
ATTRIBUTE EAP-Type-MS-CHAP-V2 1306 octets
-
#
# Range: 1536 - 1791
# EAP Sim sub-types.
#
# these are PW_EAP_SIM_X + 1536
+ATTRIBUTE EAP_Sim-Base 1536 octets
ATTRIBUTE EAP-Sim-RAND 1537 octets
ATTRIBUTE EAP-Sim-PADDING 1542 octets
ATTRIBUTE EAP-Sim-NONCE_MT 1543 octets
ATTRIBUTE Tmp-Octets-8 1838 octets
ATTRIBUTE Tmp-Octets-9 1839 octets
+ATTRIBUTE Tmp-Date-0 1840 date
+ATTRIBUTE Tmp-Date-1 1841 date
+ATTRIBUTE Tmp-Date-2 1842 date
+ATTRIBUTE Tmp-Date-3 1843 date
+ATTRIBUTE Tmp-Date-4 1844 date
+ATTRIBUTE Tmp-Date-5 1845 date
+ATTRIBUTE Tmp-Date-6 1846 date
+ATTRIBUTE Tmp-Date-7 1847 date
+ATTRIBUTE Tmp-Date-8 1848 date
+ATTRIBUTE Tmp-Date-9 1849 date
+
+ATTRIBUTE Tmp-Integer64-0 1871 integer64
+ATTRIBUTE Tmp-Integer64-1 1872 integer64
+ATTRIBUTE Tmp-Integer64-2 1873 integer64
+ATTRIBUTE Tmp-Integer64-3 1874 integer64
+ATTRIBUTE Tmp-Integer64-4 1875 integer64
+ATTRIBUTE Tmp-Integer64-5 1876 integer64
+ATTRIBUTE Tmp-Integer64-6 1877 integer64
+ATTRIBUTE Tmp-Integer64-7 1878 integer64
+ATTRIBUTE Tmp-Integer64-8 1879 integer64
+ATTRIBUTE Tmp-Integer64-9 1880 integer64
+#
+# These attributes shouldn't be used anywhere. They are defined here
+# only for casting of values in conditional expressions.
+#
+# The order and number need to be consistent with the typedefs used
+# in the server source.
+#
+ATTRIBUTE Tmp-Cast-String 1851 string
+ATTRIBUTE Tmp-Cast-Integer 1852 integer
+ATTRIBUTE Tmp-Cast-Ipaddr 1853 ipaddr
+ATTRIBUTE Tmp-Cast-Date 1854 date
+ATTRIBUTE Tmp-Cast-Abinary 1855 abinary
+ATTRIBUTE Tmp-Cast-Octets 1856 octets
+ATTRIBUTE Tmp-Cast-Ifid 1857 ifid
+ATTRIBUTE Tmp-Cast-IPv6Addr 1858 ipv6addr
+ATTRIBUTE Tmp-Cast-IPv6Prefix 1859 ipv6prefix
+ATTRIBUTE Tmp-Cast-Byte 1860 byte
+ATTRIBUTE Tmp-Cast-Short 1861 short
+ATTRIBUTE Tmp-Cast-Ethernet 1862 ether
+ATTRIBUTE Tmp-Cast-Signed 1863 signed
+# don't use or define these
+ATTRIBUTE Tmp-Cast-Integer64 1869 integer64
+ATTRIBUTE Tmp-Cast-IPv4Prefix 1870 ipv4prefix
+# don't use or define VSA or MAX
+
# Range: 1900-1909
# WiMAX server-side attributes.
#
ATTRIBUTE TLS-Cert-Subject 1913 string
ATTRIBUTE TLS-Cert-Common-Name 1914 string
ATTRIBUTE TLS-Cert-Subject-Alt-Name-Email 1915 string
-# 1916 - 1919: reserved for future cert attributes
+ATTRIBUTE TLS-Cert-Subject-Alt-Name-Dns 1916 string
+ATTRIBUTE TLS-Cert-Subject-Alt-Name-Upn 1917 string
+# 1918 - 1919: reserved for future cert attributes
ATTRIBUTE TLS-Client-Cert-Serial 1920 string
ATTRIBUTE TLS-Client-Cert-Expiration 1921 string
ATTRIBUTE TLS-Client-Cert-Issuer 1922 string
ATTRIBUTE TLS-Client-Cert-Common-Name 1924 string
ATTRIBUTE TLS-Client-Cert-Filename 1925 string
ATTRIBUTE TLS-Client-Cert-Subject-Alt-Name-Email 1926 string
+ATTRIBUTE TLS-Client-Cert-X509v3-Extended-Key-Usage 1927 string
+ATTRIBUTE TLS-Client-Cert-X509v3-Subject-Key-Identifier 1928 string
+ATTRIBUTE TLS-Client-Cert-X509v3-Authority-Key-Identifier 1929 string
+ATTRIBUTE TLS-Client-Cert-X509v3-Basic-Constraints 1930 string
+ATTRIBUTE TLS-Client-Cert-Subject-Alt-Name-Dns 1931 string
+ATTRIBUTE TLS-Client-Cert-Subject-Alt-Name-Upn 1932 string
+ATTRIBUTE TLS-PSK-Identity 1933 string
-# 1927 - 1939: reserved for future cert attributes
+# 1934 - 1939: reserved for future cert attributes
#
# Range: 1940-2099
# vendor? Sigh...
#
ATTRIBUTE SoH-MS-Machine-OS-vendor 2100 integer
-VALUE SoH-MS-Machine-OS-vendor Microsoft 311
+VALUE SoH-MS-Machine-OS-vendor Microsoft 311
ATTRIBUTE SoH-MS-Machine-OS-version 2101 integer
ATTRIBUTE SoH-MS-Machine-OS-release 2102 integer
ATTRIBUTE SoH-MS-Machine-SP-release 2105 integer
ATTRIBUTE SoH-MS-Machine-Processor 2106 integer
-VALUE SoH-MS-Machine-Processor x86 0
-VALUE SoH-MS-Machine-Processor i64 6
-VALUE SoH-MS-Machine-Processor x86_64 9
+VALUE SoH-MS-Machine-Processor x86 0
+VALUE SoH-MS-Machine-Processor i64 6
+VALUE SoH-MS-Machine-Processor x86_64 9
ATTRIBUTE SoH-MS-Machine-Name 2107 string
ATTRIBUTE SoH-MS-Correlation-Id 2108 octets
ATTRIBUTE SoH-MS-Machine-Role 2109 integer
-VALUE SoH-MS-Machine-Role client 1
-VALUE SoH-MS-Machine-Role dc 2
-VALUE SoH-MS-Machine-Role server 3
-
+VALUE SoH-MS-Machine-Role client 1
+VALUE SoH-MS-Machine-Role dc 2
+VALUE SoH-MS-Machine-Role server 3
ATTRIBUTE SoH-Supported 2119 integer
-VALUE SoH-Supported no 0
-VALUE SoH-Supported yes 1
+VALUE SoH-Supported no 0
+VALUE SoH-Supported yes 1
ATTRIBUTE SoH-MS-Windows-Health-Status 2120 string
ATTRIBUTE SoH-MS-Health-Other 2129 string
#
-# Range: 2200-2999
+# Range: 2200-2219
+# Utilities bundled with the server
+#
+ATTRIBUTE Radclient-Test-Name 2200 string
+
+#
+# Range: 2220-2999
# Free
#
# Range: 3000-3999
VALUE EAP-Type Notification 2
VALUE EAP-Type NAK 3
VALUE EAP-Type MD5-Challenge 4
+VALUE EAP-Type MD5 4
VALUE EAP-Type One-Time-Password 5
+VALUE EAP-Type OTP 5
VALUE EAP-Type Generic-Token-Card 6
+VALUE EAP-Type GTC 6
VALUE EAP-Type RSA-Public-Key 9
VALUE EAP-Type DSS-Unilateral 10
VALUE EAP-Type KEA 11
VALUE EAP-Type KEA-Validate 12
-VALUE EAP-Type EAP-TLS 13
+VALUE EAP-Type TLS 13
VALUE EAP-Type Defender-Token 14
VALUE EAP-Type RSA-SecurID-EAP 15
VALUE EAP-Type Arcot-Systems-EAP 16
VALUE EAP-Type Cisco-LEAP 17
+VALUE EAP-Type LEAP 17
VALUE EAP-Type Nokia-IP-Smart-Card 18
VALUE EAP-Type SIM 18
VALUE EAP-Type SRP-SHA1 19
# 20 is unassigned
-VALUE EAP-Type EAP-TTLS 21
+VALUE EAP-Type TTLS 21
VALUE EAP-Type Remote-Access-Service 22
VALUE EAP-Type AKA 23
-VALUE EAP-Type EAP-3Com-Wireless 24
+VALUE EAP-Type 3Com-Wireless 24
VALUE EAP-Type PEAP 25
-VALUE EAP-Type MS-EAP-Authentication 26
+VALUE EAP-Type Microsoft-MS-CHAPv2 26
VALUE EAP-Type MAKE 27
VALUE EAP-Type CRYPTOCard 28
-VALUE EAP-Type EAP-MSCHAP-V2 29
+VALUE EAP-Type Cisco-MS-CHAPv2 29
VALUE EAP-Type DynamID 30
VALUE EAP-Type Rob-EAP 31
VALUE EAP-Type SecurID-EAP 32
VALUE EAP-Type MS-Authentication-TLV 33
VALUE EAP-Type SentriNET 34
-VALUE EAP-Type EAP-Actiontec-Wireless 35
+VALUE EAP-Type Actiontec-Wireless 35
VALUE EAP-Type Cogent-Biomentric-EAP 36
VALUE EAP-Type AirFortress-EAP 37
-VALUE EAP-Type EAP-HTTP-Digest 38
+VALUE EAP-Type HTTP-Digest 38
+VALUE EAP-Type TNC 38
VALUE EAP-Type SecuriSuite-EAP 39
VALUE EAP-Type DeviceConnect-EAP 40
-VALUE EAP-Type EAP-SPEKE 41
-VALUE EAP-Type EAP-MOBAC 42
-VALUE EAP-Type EAP-FAST 43
+VALUE EAP-Type SPEKE 41
+VALUE EAP-Type MOBAC 42
+VALUE EAP-Type FAST 43
VALUE EAP-Type Zonelabs 44
-VALUE EAP-Type EAP-Link 45
-VALUE EAP-Type EAP-PAX 46
-VALUE EAP-Type EAP-PSK 47
-VALUE EAP-Type EAP-SAKE 48
-VALUE EAP-Type EAP-IKEv2 49
-VALUE EAP-Type EAP-AKA2 50
-VALUE EAP-Type EAP-GPSK 51
-VALUE EAP-Type EAP-PWD 52
-VALUE EAP-Type EAP-EVEv1 53
-
-#
-# These are duplicate values, to get around the problem of
-# having two MS-CHAPv2 EAP types.
-#
-VALUE EAP-Type Microsoft-MS-CHAPv2 26
-VALUE EAP-Type Cisco-MS-CHAPv2 29
+VALUE EAP-Type Link 45
+VALUE EAP-Type PAX 46
+VALUE EAP-Type PSK 47
+VALUE EAP-Type SAKE 48
+VALUE EAP-Type IKEv2 49
+VALUE EAP-Type AKA2 50
+VALUE EAP-Type GPSK 51
+VALUE EAP-Type PWD 52
+VALUE EAP-Type EVEv1 53
#
# And this is what most people mean by MS-CHAPv2
#
-VALUE EAP-Type MS-CHAP-V2 26
+VALUE EAP-Type MSCHAPv2 26
#
# This says TLS, but it's only valid for TTLS & PEAP.