Update to use IETF RADIUS attributes

draft-ietf-abfab-gss-eap is approved and IANA has assigned
standardized RADIUS attributes, so these are no longer vendor
specific.

Update dictionary file to change the names of the existing attributes.

diff --git a/mech_eap/accept_sec_context.c b/mech_eap/accept_sec_context.c
index ded1ec8..aeba1b4 100644 (file)
--- a/mech_eap/accept_sec_context.c
+++ b/mech_eap/accept_sec_context.c
@@ -352,7 +352,7 @@ setAcceptorIdentity(OM_uint32 *minor,
 
     major = gssEapRadiusAddAvp(minor, req,
                                PW_GSS_ACCEPTOR_SERVICE_NAME,
-                               VENDORPEC_UKERNA,
+                               0,
                                &nameBuf);
     if (GSS_ERROR(major))
         return major;
@@ -362,7 +362,7 @@ setAcceptorIdentity(OM_uint32 *minor,
 
     major = gssEapRadiusAddAvp(minor, req,
                                PW_GSS_ACCEPTOR_HOST_NAME,
-                               VENDORPEC_UKERNA,
+                               0,
                                &nameBuf);
     if (GSS_ERROR(major))
         return major;
@@ -384,8 +384,8 @@ setAcceptorIdentity(OM_uint32 *minor,
         nameBuf.length = strlen(ssi);
 
         major = gssEapRadiusAddAvp(minor, req,
-                                   PW_GSS_ACCEPTOR_SERVICE_SPECIFIC,
-                                   VENDORPEC_UKERNA,
+                                   PW_GSS_ACCEPTOR_SERVICE_SPECIFICS,
+                                   0,
                                    &nameBuf);
 
         if (GSS_ERROR(major)) {
@@ -400,7 +400,7 @@ setAcceptorIdentity(OM_uint32 *minor,
         /* Acceptor-Realm-Name */
         major = gssEapRadiusAddAvp(minor, req,
                                    PW_GSS_ACCEPTOR_REALM_NAME,
-                                   VENDORPEC_UKERNA,
+                                   0,
                                    &nameBuf);
         if (GSS_ERROR(major))
             return major;

diff --git a/mech_eap/dictionary.ukerna b/mech_eap/dictionary.ukerna
index 0e35d43..7d9d22d 100644 (file)
--- a/mech_eap/dictionary.ukerna
+++ b/mech_eap/dictionary.ukerna
@@ -9,10 +9,10 @@ VENDOR        UKERNA                          25622
 
 BEGIN-VENDOR UKERNA
 
-ATTRIBUTE      GSS-Acceptor-Service-Name       128     string
-ATTRIBUTE      GSS-Acceptor-Host-Name          129     string
-ATTRIBUTE      GSS-Acceptor-Service-Specific   130     string
-ATTRIBUTE      GSS-Acceptor-Realm-Name         131     string
+ATTRIBUTE      GSS-Acceptor-Service-Name-VS    128     string
+ATTRIBUTE      GSS-Acceptor-Host-Name-VS               129     string
+ATTRIBUTE      GSS-Acceptor-Service-Specific-VS        130     string
+ATTRIBUTE      GSS-Acceptor-Realm-Name-VS              131     string
 ATTRIBUTE      SAML-AAA-Assertion              132     string
 ATTRIBUTE      MS-Windows-Auth-Data            133     octets
 ATTRIBUTE      MS-Windows-Group-Sid            134     string

diff --git a/mech_eap/util_radius.cpp b/mech_eap/util_radius.cpp
index 8a1edd5..06aa11d 100644 (file)
--- a/mech_eap/util_radius.cpp
+++ b/mech_eap/util_radius.cpp
@@ -171,10 +171,6 @@ isInternalAttributeP(const gss_eap_attrid &attrid)
     switch (attrid.first) {
     case VENDORPEC_UKERNA:
         switch (attrid.second) {
-        case PW_GSS_ACCEPTOR_SERVICE_NAME:
-        case PW_GSS_ACCEPTOR_HOST_NAME:
-        case PW_GSS_ACCEPTOR_SERVICE_SPECIFIC:
-        case PW_GSS_ACCEPTOR_REALM_NAME:
         case PW_SAML_AAA_ASSERTION:
             bInternalAttribute = true;
             break;
@@ -182,6 +178,18 @@ isInternalAttributeP(const gss_eap_attrid &attrid)
             break;
         }
         break;
+    case 0:
+       switch (attrid.second) {
+                   case PW_GSS_ACCEPTOR_SERVICE_NAME:
+        case PW_GSS_ACCEPTOR_HOST_NAME:
+        case PW_GSS_ACCEPTOR_SERVICE_SPECIFICS:
+        case PW_GSS_ACCEPTOR_REALM_NAME:
+            bInternalAttribute = true;
+           break;
+       default:
+           break;
+       }
+       break;
     default:
         break;
     }