[RADIATOR] Updated dictionaries

[Heikki Vatiainen]

On 19/11/2019 11.09, Stefan Winter wrote:

> I found an updated Lancom (2356) dictionary here:

> https://www2.lancom.de/kb.nsf/bf0ed2a4d2a4419ac125721b00471d85/55e4bb5ab82937fac1257f72003afbcf/$FILE/dictionary.lancom

Thanks, added with two more VSAs found from Lancom's site and other 
dictionaries.

> Also, for Aerohive I saw an attribute 6 which I didn't find in official
> Aerohive docs, but apparently Wireshark devs know more of their attributes:
>  
> https://sashkastechnical.blogspot.com/2013/01/12-networking-series-aerohive.html

Actually, Wireshark and other dictionaries only had 
AH-HM-Admin-Group-Id. After looking up more information, it seems that 
HiveManager and HiveOS use vendor attribute 1 for different purposes 
with different definitions. Luckily the type is the same 'integer' for 
the both.

If someone can clarify how Aerohive uses their vendor attributes, please 
let us know. The above is my understanding how it goes.

All Aerohive-* attributes are now in the default dictionary. To solve 
the overlapping attribute 1, Aerohive-User-Vlan is defined before 
AH-HM-Admin-Group-Id. This allows using the both names in outoing 
messages, but incoming Aerohive attribute 1 remains named as 
AH-HM-Admin-Group-Id.

This arrangement is backwards compatible with the existing 
configurations while still allowing the use of newly added Aerohive-* 
attributes.

If it's necessary to see Aerohive-User-Vlan in the decoded incoming 
messages, it can be done by creating a minimal custom dictionary and 
loading it with DictionaryFile configuration parameter.

> Maybe something to add in the next release...

Done. Thanks again,
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.