From: Alan T. DeKok <aland@freeradius.org>
Date: Mon, 21 Mar 2022 22:36:13 +0000 (-0400)
Subject: update for child struct
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ef5414dc3f2e9c17c7ebab62fb95349e8d55aa98;p=thirdparty%2Ffreeradius-server.git

update for child struct
---

diff --git a/share/dictionary/dhcpv4/dictionary.rfc3118 b/share/dictionary/dhcpv4/dictionary.rfc3118
index 254dcce967a..843704c9a9e 100644
--- a/share/dictionary/dhcpv4/dictionary.rfc3118
+++ b/share/dictionary/dhcpv4/dictionary.rfc3118
@@ -10,10 +10,22 @@
 #
 ##############################################################################
 
-# Authentication
-ATTRIBUTE       Authentication                          90      struct
-MEMBER          Protocol                        uint8
-MEMBER          Algorithm                       uint8
-MEMBER          RDM                             uint8
-MEMBER          Replay-Detection                uint64
-MEMBER          Authentication-Information      octets
+#
+#  This structure is also used in the relay-agent option, sub-option 8.
+#
+ATTRIBUTE	Authentication				90	struct
+MEMBER		protocol				uint8
+MEMBER		algorithm				uint8	key
+MEMBER		RDM					uint8
+MEMBER		replay-detection			uint64
+
+VALUE	RDM				monotonically-increasing 1
+
+VALUE	protocol			configuration-token	0
+VALUE	protocol			delayed-authentication	1
+VALUE	protocol			dhcpv6-delayed-authentication 2
+VALUE	protocol			dhcpv6-reconfigure-key	3
+
+STRUCT	HMAC-SHA1-keyed-hash			algorithm	1
+MEMBER		key-id				uint32
+MEMBER		hash				octets[20]
diff --git a/src/tests/unit/protocols/dhcpv4/rfc3118.txt b/src/tests/unit/protocols/dhcpv4/rfc3118.txt
index a87ddd66d61..16108e1192a 100644
--- a/src/tests/unit/protocols/dhcpv4/rfc3118.txt
+++ b/src/tests/unit/protocols/dhcpv4/rfc3118.txt
@@ -8,11 +8,11 @@ fuzzer-out dhcpv4
 #
 # Authentication
 #
-encode-pair Authentication = { Protocol = 1, Algorithm = 2, RDM = 32, Replay-Detection = 0, Authentication-Information = "123456789a123456789a123456789a"  }
-match 5a 29 01 02 20 00 00 00 00 00 00 00 00 31 32 33 34 35 36 37 38 39 61 31 32 33 34 35 36 37 38 39 61 31 32 33 34 35 36 37 38 39 61
+encode-pair Authentication = { protocol = 1, algorithm = 1, rdm = 1, replay-detection = 0xdeadbeef, algorithm.HMAC-SHA1-keyed-hash = { key-id = 0x2112, hash = 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaab } }
+match 5a 23 01 01 01 00 00 00 00 de ad be ef 00 00 21 12 aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa ab
 
 decode-pair -
-match Authentication = { Protocol = 1, Algorithm = 2, RDM = 32, Replay-Detection = 0, Authentication-Information = 0x313233343536373839613132333435363738396131323334353637383961 }
+match Authentication = { protocol = delayed-authentication, algorithm = HMAC-SHA1-keyed-hash, RDM = monotonically-increasing, replay-detection = 3735928559, algorithm.HMAC-SHA1-keyed-hash = { key-id = 8466, hash = 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaab } }
 
 count
 match 7