Allow raw attributes to be sent if the server was built with

	debug symbols.  This means that the administrator can send
	*anything* in a packet, including badly formatted attributes

	Raw-Attribute = 0x050600000001

		NAS-Port = 1

	Raw-Attribute = 0x0505000001

		Badly formatted NAS-Port.  (length is 5, not 6)

diff --git a/share/dictionary.freeradius.internal b/share/dictionary.freeradius.internal
index 65ee711..efa6410 100644 (file)
--- a/share/dictionary.freeradius.internal
+++ b/share/dictionary.freeradius.internal
@@ -61,11 +61,7 @@ ATTRIBUTE    EAP-Code                                1021    integer
 ATTRIBUTE      PEAP-Version                            1023    integer
 ATTRIBUTE      Client-Shortname                        1024    string
 ATTRIBUTE      Load-Balance-Key                        1025    string
-
-#
-#      Range:  1025-1026
-#              unused
-#
+ATTRIBUTE      Raw-Attribute                           1026    octets
 ATTRIBUTE      TNC-VLAN-Access                         1027    string
 ATTRIBUTE      TNC-VLAN-Isolate                        1028    string
 ATTRIBUTE      User-Category                           1029    string

diff --git a/src/include/radius.h b/src/include/radius.h
index 8c54852..38651b3 100644 (file)
--- a/src/include/radius.h
+++ b/src/include/radius.h
@@ -114,6 +114,7 @@
 #define PW_ARAP_CHALLENGE_RESPONSE     84
 #define PW_NAS_PORT_ID_STRING                  87
 #define PW_FRAMED_POOL                 88
+#define PW_CHARGEABLE_USER_IDENTITY    89
 #define PW_NAS_IPV6_ADDRESS            95
 
 #define PW_EXTENDED_ATTRIBUTE          192
@@ -145,7 +146,7 @@
 #define PW_EAP_TLS_REQUIRE_CLIENT_CERT 1019
 #define PW_CLIENT_SHORTNAME            1024
 #define PW_LOAD_BALANCE_KEY            1025
-
+#define PW_RAW_ATTRIBUTE               1026
 #define PW_TNC_VLAN_ACCESS             1027
 #define PW_TNC_VLAN_ISOLATE            1028
 #define PW_USER_CATEGORY               1029

diff --git a/src/lib/radius.c b/src/lib/radius.c
index bc3619a..d85d404 100644 (file)
--- a/src/lib/radius.c
+++ b/src/lib/radius.c
@@ -1019,6 +1019,17 @@ int rad_encode(RADIUS_PACKET *packet, const RADIUS_PACKET *original,
                 */
                if ((VENDOR(reply->attribute) == 0) &&
                    ((reply->attribute & 0xFFFF) > 0xff)) {
+#ifndef NDEBUG
+                       /*
+                        *      Permit the admin to send BADLY formatted
+                        *      attributes with a debug build.
+                        */
+                       if (reply->attribute == PW_RAW_ATTRIBUTE) {
+                               memcpy(ptr, reply->vp_octets, reply->length);
+                               len = reply->length;
+                               goto next;
+                       }
+#endif
                        continue;
                }
 
@@ -1060,6 +1071,7 @@ int rad_encode(RADIUS_PACKET *packet, const RADIUS_PACKET *original,
                        break;
                }
 
+       next:
                ptr += len;
                total_length += len;
        } /* done looping over all attributes */