From: Nick Porter <nick@portercomputing.co.uk>
Date: Mon, 2 Dec 2024 12:07:59 +0000 (+0000)
Subject: Define attributes for setting TLS min/max versions
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=48c83f74ca0da9643c031d11d9a149b30a19d715;p=thirdparty%2Ffreeradius-server.git

Define attributes for setting TLS min/max versions
---

diff --git a/share/dictionary/tls/dictionary.freeradius b/share/dictionary/tls/dictionary.freeradius
index 8dee103a460..f38e6744f81 100644
--- a/share/dictionary/tls/dictionary.freeradius
+++ b/share/dictionary/tls/dictionary.freeradius
@@ -28,3 +28,6 @@ ATTRIBUTE	Session-Id				10	octets
 ATTRIBUTE	Session-Data				11	octets
 ATTRIBUTE	Session-Resumed				12	bool
 ATTRIBUTE	Session-TTL				13	time_delta
+
+ATTRIBUTE	Min-Version				14	float32
+ATTRIBUTE	Max-Version				15	float32
diff --git a/src/lib/eap/attrs.h b/src/lib/eap/attrs.h
index d783dd969c5..4b4223354f6 100644
--- a/src/lib/eap/attrs.h
+++ b/src/lib/eap/attrs.h
@@ -45,3 +45,5 @@ extern HIDDEN fr_dict_attr_t const *attr_ms_mppe_send_key;
 extern HIDDEN fr_dict_attr_t const *attr_ms_mppe_recv_key;
 extern HIDDEN fr_dict_attr_t const *attr_user_name;
 extern HIDDEN fr_dict_attr_t const *attr_state;
+extern HIDDEN fr_dict_attr_t const *attr_tls_max_version;
+extern HIDDEN fr_dict_attr_t const *attr_tls_min_version;
diff --git a/src/lib/eap/base.c b/src/lib/eap/base.c
index b561ea4260a..55db89cc494 100644
--- a/src/lib/eap/base.c
+++ b/src/lib/eap/base.c
@@ -76,11 +76,13 @@ RCSID("$Id$")
 
 fr_dict_t const *dict_freeradius;
 fr_dict_t const *dict_radius;
+fr_dict_t const *dict_tls;
 
 extern fr_dict_autoload_t eap_base_dict[];
 fr_dict_autoload_t eap_base_dict[] = {
 	{ .out = &dict_freeradius, .proto = "freeradius" },
 	{ .out = &dict_radius, .proto = "radius" },
+	{ .out = &dict_tls, .proto = "tls" },
 	{ NULL }
 };
 
@@ -100,6 +102,8 @@ fr_dict_attr_t const *attr_ms_mppe_send_key;
 fr_dict_attr_t const *attr_ms_mppe_recv_key;
 fr_dict_attr_t const *attr_state;
 fr_dict_attr_t const *attr_user_name;
+fr_dict_attr_t const *attr_tls_min_version;
+fr_dict_attr_t const *attr_tls_max_version;
 
 extern fr_dict_attr_autoload_t eap_base_dict_attr[];
 fr_dict_attr_autoload_t eap_base_dict_attr[] = {
@@ -119,6 +123,8 @@ fr_dict_attr_autoload_t eap_base_dict_attr[] = {
 	{ .out = &attr_ms_mppe_send_key, .name = "Vendor-Specific.Microsoft.MPPE-Send-Key", .type = FR_TYPE_OCTETS, .dict = &dict_radius },
 	{ .out = &attr_ms_mppe_recv_key, .name = "Vendor-Specific.Microsoft.MPPE-Recv-Key", .type = FR_TYPE_OCTETS, .dict = &dict_radius },
 	{ .out = &attr_user_name, .name = "User-Name", .type = FR_TYPE_STRING, .dict = &dict_radius },
+	{ .out = &attr_tls_min_version, .name = "Min-Version", .type = FR_TYPE_FLOAT32, .dict = &dict_tls },
+	{ .out = &attr_tls_max_version, .name = "Max-Version", .type = FR_TYPE_FLOAT32, .dict = &dict_tls },
 
 	{ NULL }
 };