. * * * @author: SysCo/al * @since CreationDate: 2008-01-04 * @copyright (c) 2008 by SysCo systemes de communication sa * @version $LastChangedRevision: 1.2.2 $ * @version $LastChangedDate: 2009-01-05 $ * @version $LastChangedBy: SysCo/al $ * @link $HeadURL: radius.class.php $ * @link http://developer.sysco.ch/php/ * @link developer@sysco.ch * Language: PHP 4.0.7 or higher * * * Usage * * require_once('radius.class.php'); * $radius = new Radius($ip_radius_server = 'radius_server_ip_address', $shared_secret = 'radius_shared_secret'[, $radius_suffix = 'optional_radius_suffix'[, $udp_timeout = udp_timeout_in_seconds[, $authentication_port = 1812]]]); * $result = $radius->Access_Request($username = 'username', $password = 'password'[, $udp_timeout = udp_timeout_in_seconds]); * * * Examples * * Example 1 * SetNasIpAddress('1.2.3.4'); // Needed for some devices, and not auto_detected if PHP not runned through a web server * if ($radius->AccessRequest('user', 'pass')) * { * echo "Authentication accepted."; * } * else * { * echo "Authentication rejected."; * } * ?> * * Example 2 * SetNasPort(0); * $radius->SetNasIpAddress('1.2.3.4'); // Needed for some devices, and not auto_detected if PHP not runned through a web server * if ($radius->AccessRequest('user', 'pass')) * { * echo "Authentication accepted."; * echo "
"; * } * else * { * echo "Authentication rejected."; * echo "
"; * } * echo $radius->GetReadableReceivedAttributes(); * ?> * * * External file needed * * none. * * * External file created * * none. * * * Special issues * * - Sockets support must be enabled. * * In Linux and *nix environments, the extension is enabled at * compile time using the --enable-sockets configure option * * In Windows, PHP Sockets can be activated by un-commenting * extension=php_sockets.dll in php.ini * * * Other related ressources * * FreeRADIUS, a free Radius server implementation for Linux and *nix environments: * http://www.freeradius.org/ * * WinRadius, Windows Radius server (free for 5 users): * http://www.itconsult2000.com/en/product/WinRadius.zip * * Radl, a free Radius server for Windows: * http://www.loriotpro.com/Products/RadiusServer/FreeRadiusServer_EN.php * * DOS command line Radius client: * http://www.itconsult2000.com/en/product/WinRadiusClient.zip * * * Users feedbacks and comments * * 2008-07-02 Pim Koeman/Parantion * * When using a radius connection behind a linux iptables firewall * allow port 1812 and 1813 with udp protocol * * IPTABLES EXAMPLE (command line): * iptables -A AlwaysACCEPT -p udp --dport 1812 -j ACCEPT * iptables -A AlwaysACCEPT -p udp --dport 1813 -j ACCEPT * * or put the lines in /etc/sysconfig/iptables (red-hat type systems (fedora, centos, rhel etc.) * -A AlwaysACCEPT -p udp --dport 1812 -j ACCEPT * -A AlwaysACCEPT -p udp --dport 1813 -j ACCEPT * * * Change Log * * 2009-01-05 1.2.2 SysCo/al Added Robert Svensson feedback, Mideye RADIUS server is supported * 2008-11-11 1.2.1 SysCo/al Added Carlo Ferrari resolution in examples (add NAS IP Address for a VASCO Middleware server) * 2008-07-07 1.2 SysCo/al Added Pim Koeman (Parantion) contribution * - comments concerning using radius behind a linux iptables firewall * Added Jon Bright (tick Trading Software AG) contribution * - false octal encoding with 0xx indexes (indexes are now rewritten in xx only) * - challenge/response support for the RSA SecurID New-PIN mode * Added GetRadiusPacketInfo() method * Added GetAttributesInfo() method * Added DecodeVendorSpecificContent() (to answer Raul Carvalho's question) * Added Decoded Vendor Specific Content in debug messages * 2008-02-04 1.1 SysCo/al Typo error for the udp_timeout parameter (line 256 in the version 1.0) * 2008-01-07 1.0 SysCo/al Initial release * *********************************************************************/ /********************************************************************* * * Radius * Pure PHP radius class * * Creation 2008-01-04 * Update 2009-01-05 * @package radius * @version v.1.2.2 * @author SysCo/al * *********************************************************************/ class Radius { var $_ip_radius_server; // Radius server IP address var $_shared_secret; // Shared secret with the radius server var $_radius_suffix; // Radius suffix (default is ''); var $_udp_timeout; // Timeout of the UDP connection in seconds (default value is 5) var $_authentication_port; // Authentication port (default value is 1812) var $_accounting_port; // Accouting port (default value is 1813) var $_nas_ip_address; // NAS IP address var $_nas_port; // NAS port var $_encrypted_password; // Encrypted password, as described in the RFC 2865 var $_user_ip_address; // Remote IP address of the user var $_request_authenticator; // Request-Authenticator, 16 octets random number var $_response_authenticator; // Request-Authenticator, 16 octets random number var $_username; // Username to sent to the Radius server var $_password; // Password to sent to the Radius server (clear password, must be encrypted) var $_identifier_to_send; // Identifier field for the packet to be sent var $_identifier_received; // Identifier field for the received packet var $_radius_packet_to_send; // Radius packet code (1=Access-Request, 2=Access-Accept, 3=Access-Reject, 4=Accounting-Request, 5=Accounting-Response, 11=Access-Challenge, 12=Status-Server (experimental), 13=Status-Client (experimental), 255=Reserved var $_radius_packet_received; // Radius packet code (1=Access-Request, 2=Access-Accept, 3=Access-Reject, 4=Accounting-Request, 5=Accounting-Response, 11=Access-Challenge, 12=Status-Server (experimental), 13=Status-Client (experimental), 255=Reserved var $_attributes_to_send; // Radius attributes to send var $_attributes_received; // Radius attributes received var $_socket_to_server; // Socket connection var $_debug_mode; // Debug mode flag var $_attributes_info; // Attributes info array var $_radius_packet_info; // Radius packet codes info array var $_last_error_code; // Last error code var $_last_error_message; // Last error message /********************************************************************* * * Name: Radius * short description: Radius class constructor * * Creation 2008-01-04 * Update 2009-01-05 * @version v.1.2.2 * @author SysCo/al * @param string ip address of the radius server * @param string shared secret with the radius server * @param string radius domain name suffix (default is empty) * @param integer UDP timeout (default is 5) * @param integer authentication port * @param integer accounting port * @return NULL *********************************************************************/ public function Radius($ip_radius_server = '127.0.0.1', $shared_secret = '', $radius_suffix = '', $udp_timeout = 5, $authentication_port = 1812, $accounting_port = 1813) { $this->_radius_packet_info[1] = 'Access-Request'; $this->_radius_packet_info[2] = 'Access-Accept'; $this->_radius_packet_info[3] = 'Access-Reject'; $this->_radius_packet_info[4] = 'Accounting-Request'; $this->_radius_packet_info[5] = 'Accounting-Response'; $this->_radius_packet_info[11] = 'Access-Challenge'; $this->_radius_packet_info[12] = 'Status-Server (experimental)'; $this->_radius_packet_info[13] = 'Status-Client (experimental)'; $this->_radius_packet_info[255] = 'Reserved'; $this->_attributes_info[1] = array('User-Name', 'S'); $this->_attributes_info[2] = array('User-Password', 'S'); $this->_attributes_info[3] = array('CHAP-Password', 'S'); // Type (1) / Length (1) / CHAP Ident (1) / String $this->_attributes_info[4] = array('NAS-IP-Address', 'A'); $this->_attributes_info[5] = array('NAS-Port', 'I'); $this->_attributes_info[6] = array('Service-Type', 'I'); $this->_attributes_info[7] = array('Framed-Protocol', 'I'); $this->_attributes_info[8] = array('Framed-IP-Address', 'A'); $this->_attributes_info[9] = array('Framed-IP-Netmask', 'A'); $this->_attributes_info[10] = array('Framed-Routing', 'I'); $this->_attributes_info[11] = array('Filter-Id', 'T'); $this->_attributes_info[12] = array('Framed-MTU', 'I'); $this->_attributes_info[13] = array('Framed-Compression', 'I'); $this->_attributes_info[14] = array( 'Login-IP-Host', 'A'); $this->_attributes_info[15] = array('Login-service', 'I'); $this->_attributes_info[16] = array('Login-TCP-Port', 'I'); $this->_attributes_info[17] = array('(unassigned)', ''); $this->_attributes_info[18] = array('Reply-Message', 'T'); $this->_attributes_info[19] = array('Callback-Number', 'S'); $this->_attributes_info[20] = array('Callback-Id', 'S'); $this->_attributes_info[21] = array('(unassigned)', ''); $this->_attributes_info[22] = array('Framed-Route', 'T'); $this->_attributes_info[23] = array('Framed-IPX-Network', 'I'); $this->_attributes_info[24] = array('State', 'S'); $this->_attributes_info[25] = array('Class', 'S'); $this->_attributes_info[26] = array('Vendor-Specific', 'S'); // Type (1) / Length (1) / Vendor-Id (4) / Vendor type (1) / Vendor length (1) / Attribute-Specific... $this->_attributes_info[27] = array('Session-Timeout', 'I'); $this->_attributes_info[28] = array('Idle-Timeout', 'I'); $this->_attributes_info[29] = array('Termination-Action', 'I'); $this->_attributes_info[30] = array('Called-Station-Id', 'S'); $this->_attributes_info[31] = array('Calling-Station-Id', 'S'); $this->_attributes_info[32] = array('NAS-Identifier', 'S'); $this->_attributes_info[33] = array('Proxy-State', 'S'); $this->_attributes_info[34] = array('Login-LAT-Service', 'S'); $this->_attributes_info[35] = array('Login-LAT-Node', 'S'); $this->_attributes_info[36] = array('Login-LAT-Group', 'S'); $this->_attributes_info[37] = array('Framed-AppleTalk-Link', 'I'); $this->_attributes_info[38] = array('Framed-AppleTalk-Network', 'I'); $this->_attributes_info[39] = array('Framed-AppleTalk-Zone', 'S'); $this->_attributes_info[60] = array('CHAP-Challenge', 'S'); $this->_attributes_info[61] = array('NAS-Port-Type', 'I'); $this->_attributes_info[62] = array('Port-Limit', 'I'); $this->_attributes_info[63] = array('Login-LAT-Port', 'S'); $this->_attributes_info[76] = array('Prompt', 'I'); $this->_identifier_to_send = 0; $this->_user_ip_address = (isset($_SERVER['REMOTE_ADDR'])?$_SERVER['REMOTE_ADDR']:'0.0.0.0'); $this->GenerateRequestAuthenticator(); $this->SetIpRadiusServer($ip_radius_server); $this->SetSharedSecret($shared_secret); $this->SetAuthenticationPort($authentication_port); $this->SetAccountingPort($accounting_port); $this->SetRadiusSuffix($radius_suffix); $this->SetUdpTimeout($udp_timeout); $this->SetUsername(); $this->SetPassword(); $this->SetNasIpAddress(); $this->SetNasPort(); $this->ClearLastError(); $this->ClearDataToSend(); $this->ClearDataReceived(); } function GetNextIdentifier() { $this->_identifier_to_send = (($this->_identifier_to_send + 1) % 256); return $this->_identifier_to_send; } function GenerateRequestAuthenticator() { $this->_request_authenticator = ''; for ($ra_loop = 0; $ra_loop <= 15; $ra_loop++) { $this->_request_authenticator .= chr(rand(1, 255)); } } function GetRequestAuthenticator() { return $this->_request_authenticator; } function GetLastError() { if (0 < $this->_last_error_code) { return $this->_last_error_message.' ('.$this->_last_error_code.')'; } else { return ''; } } function ClearDataToSend() { $this->_radius_packet_to_send = 0; $this->_attributes_to_send = NULL; } function ClearDataReceived() { $this->_radius_packet_received = 0; $this->_attributes_received = NULL; } function SetPacketCodeToSend($packet_code) { $this->_radius_packet_to_send = $packet_code; } function SetDebugMode($debug_mode) { $this->_debug_mode = (TRUE === $debug_mode); } function SetIpRadiusServer($ip_radius_server) { $this->_ip_radius_server = gethostbyname($ip_radius_server); } function SetSharedSecret($shared_secret) { $this->_shared_secret = $shared_secret; } function SetRadiusSuffix($radius_suffix) { $this->_radius_suffix = $radius_suffix; } function SetUsername($username = '') { $temp_username = $username; if (false === strpos($temp_username, '@')) { $temp_username .= $this->_radius_suffix; } $this->_username = $temp_username; $this->SetAttribute(1, $this->_username); } function SetPassword($password = '') { $this->_password = $password; $encrypted_password = ''; $padded_password = $password; if (0 != (strlen($password)%16)) { $padded_password .= str_repeat(chr(0),(16-strlen($password)%16)); } $previous_result = $this->_request_authenticator; for ($full_loop = 0; $full_loop < (strlen($padded_password)/16); $full_loop++) { $xor_value = md5($this->_shared_secret.$previous_result); $previous_result = ''; for ($xor_loop = 0; $xor_loop <= 15; $xor_loop++) { $value1 = ord(substr($padded_password, ($full_loop * 16) + $xor_loop, 1)); $value2 = hexdec(substr($xor_value, 2*$xor_loop, 2)); $xor_result = $value1 ^ $value2; $previous_result .= chr($xor_result); } $encrypted_password .= $previous_result; } $this->_encrypted_password = $encrypted_password; $this->SetAttribute(2, $this->_encrypted_password); } function SetNasIPAddress($nas_ip_address = '') { if (0 < strlen($nas_ip_address)) { $this->_nas_ip_address = gethostbyname($nas_ip_address); } else { $this->_nas_ip_address = gethostbyname(isset($_SERVER['SERVER_ADDR'])?$_SERVER['SERVER_ADDR']:'0.0.0.0'); } $this->SetAttribute(4, $this->_nas_ip_address); } function SetNasPort($nas_port = 0) { $this->_nas_port = intval($nas_port); $this->SetAttribute(5, $this->_nas_port); } function SetUdpTimeout($udp_timeout = 5) { if (intval($udp_timeout) > 0) { $this->_udp_timeout = intval($udp_timeout); } } function ClearLastError() { $this->_last_error_code = 0; $this->_last_error_message = ''; } function SetAuthenticationPort($authentication_port) { if ((intval($authentication_port) > 0) && (intval($authentication_port) < 65536)) { $this->_authentication_port = intval($authentication_port); } } function SetAccountingPort($accounting_port) { if ((intval($accounting_port) > 0) && (intval($accounting_port) < 65536)) { $this->_accounting_port = intval($accounting_port); } } function GetReceivedPacket() { return $this->_radius_packet_received; } function GetReceivedAttributes() { return $this->_attributes_received; } function GetReadableReceivedAttributes() { $readable_attributes = ''; if (isset($this->_attributes_received)) { foreach($this->_attributes_received as $one_received_attribute) { $attributes_info = $this->GetAttributesInfo($one_received_attribute[0]); $readable_attributes .= $attributes_info[0].": "; if (26 == $one_received_attribute[0]) { $vendor_array = $this->DecodeVendorSpecificContent($one_received_attribute[1]); foreach($vendor_array as $vendor_one) { $readable_attributes .= 'Vendor-Id: '.$vendor_one[0].", Vendor-type: ".$vendor_one[1].", Attribute-specific: ".$vendor_one[2]; } } else { $readable_attributes .= $one_received_attribute[1]; } $readable_attributes .= "
\n"; } } return $readable_attributes; } function GetAttribute($attribute_type) { $attribute_value = NULL; foreach($this->_attributes_received as $one_received_attribute) { if (intval($attribute_type) == $one_received_attribute[0]) { $attribute_value = $one_received_attribute[1]; break; } } return $attribute_value; } function GetRadiusPacketInfo($info_index) { if (isset($this->_radius_packet_info[intval($info_index)])) { return $this->_radius_packet_info[intval($info_index)]; } else { return ''; } } function GetAttributesInfo($info_index) { if (isset($this->_attributes_info[intval($info_index)])) { return $this->_attributes_info[intval($info_index)]; } else { return array('',''); } } function DebugInfo($debug_info) { if ($this->_debug_mode) { echo date('Y-m-d H:i:s').' DEBUG: '; echo $debug_info; echo '
'; flush(); } } function SetAttribute($type, $value) { $attribute_index = -1; for ($attributes_loop = 0; $attributes_loop < count($this->_attributes_to_send); $attributes_loop++) { if ($type == ord(substr($this->_attributes_to_send[$attributes_loop], 0, 1))) { $attribute_index = $attributes_loop; break; } } $temp_attribute = NULL; if (isset($this->_attributes_info[$type])) { switch ($this->_attributes_info[$type][1]) { case 'T': // Text, 1-253 octets containing UTF-8 encoded ISO 10646 characters (RFC 2279). $temp_attribute = chr($type).chr(2+strlen($value)).$value; break; case 'S': // String, 1-253 octets containing binary data (values 0 through 255 decimal, inclusive). $temp_attribute = chr($type).chr(2+strlen($value)).$value; break; case 'A': // Address, 32 bit value, most significant octet first. $ip_array = explode(".", $value); $temp_attribute = chr($type).chr(6).chr($ip_array[0]).chr($ip_array[1]).chr($ip_array[2]).chr($ip_array[3]); break; case 'I': // Integer, 32 bit unsigned value, most significant octet first. $temp_attribute = chr($type).chr(6).chr(($value/(256*256*256))%256).chr(($value/(256*256))%256).chr(($value/(256))%256).chr($value%256); break; case 'D': // Time, 32 bit unsigned value, most significant octet first -- seconds since 00:00:00 UTC, January 1, 1970. (not used in this RFC) $temp_attribute = NULL; break; default: $temp_attribute = NULL; } } if ($attribute_index > -1) { $this->_attributes_to_send[$attribute_index] = $temp_attribute; $additional_debug = 'Modified'; } else { $this->_attributes_to_send[] = $temp_attribute; $additional_debug = 'Added'; } $attribute_info = $this->GetAttributesInfo($type); $this->DebugInfo($additional_debug.' Attribute '.$type.' ('.$attribute_info[0].'), format '.$attribute_info[1].', value '.$value.''); } function DecodeAttribute($attribute_raw_value, $attribute_format) { $attribute_value = NULL; if (isset($this->_attributes_info[$attribute_format])) { switch ($this->_attributes_info[$attribute_format][1]) { case 'T': // Text, 1-253 octets containing UTF-8 encoded ISO 10646 characters (RFC 2279). $attribute_value = $attribute_raw_value; break; case 'S': // String, 1-253 octets containing binary data (values 0 through 255 decimal, inclusive). $attribute_value = $attribute_raw_value; break; case 'A': // Address, 32 bit value, most significant octet first. $attribute_value = ord(substr($attribute_raw_value, 0, 1)).'.'.ord(substr($attribute_raw_value, 1, 1)).'.'.ord(substr($attribute_raw_value, 2, 1)).'.'.ord(substr($attribute_raw_value, 3, 1)); break; case 'I': // Integer, 32 bit unsigned value, most significant octet first. $attribute_value = (ord(substr($attribute_raw_value, 0, 1))*256*256*256)+(ord(substr($attribute_raw_value, 1, 1))*256*256)+(ord(substr($attribute_raw_value, 2, 1))*256)+ord(substr($attribute_raw_value, 3, 1)); break; case 'D': // Time, 32 bit unsigned value, most significant octet first -- seconds since 00:00:00 UTC, January 1, 1970. (not used in this RFC) $attribute_value = NULL; break; default: $attribute_value = NULL; } } return $attribute_value; } /********************************************************************* * Array returned: array(array(Vendor-Id1, Vendor type1, Attribute-Specific1), ..., array(Vendor-IdN, Vendor typeN, Attribute-SpecificN) *********************************************************************/ function DecodeVendorSpecificContent($vendor_specific_raw_value) { $result = array(); $offset_in_raw = 0; $vendor_id = (ord(substr($vendor_specific_raw_value, 0, 1))*256*256*256)+(ord(substr($vendor_specific_raw_value, 1, 1))*256*256)+(ord(substr($vendor_specific_raw_value, 2, 1))*256)+ord(substr($vendor_specific_raw_value, 3, 1)); $offset_in_raw += 4; while ($offset_in_raw < strlen($vendor_specific_raw_value)) { $vendor_type = (ord(substr($vendor_specific_raw_value, 0+$offset_in_raw, 1))); $vendor_length = (ord(substr($vendor_specific_raw_value, 1+$offset_in_raw, 1))); $attribute_specific = substr($vendor_specific_raw_value, 2+$offset_in_raw, $vendor_length); $result[] = array($vendor_id, $vendor_type, $attribute_specific); $offset_in_raw += ($vendor_length); } return $result; } /* * Function : AccessRequest * * Return TRUE if Access-Request is accepted, FALSE otherwise */ function AccessRequest($username = '', $password = '', $udp_timeout = 0, $state = NULL) { $this->ClearDataReceived(); $this->ClearLastError(); $this->SetPacketCodeToSend(1); // Access-Request if (0 < strlen($username)) { $this->SetUsername($username); } if (0 < strlen($password)) { $this->SetPassword($password); } if ($state!==NULL) { $this->SetAttribute(24, $state); } else { $this->SetAttribute(6, 1); // 1=Login } if (intval($udp_timeout) > 0) { $this->SetUdpTimeout($udp_timeout); } $attributes_content = ''; for ($attributes_loop = 0; $attributes_loop < count($this->_attributes_to_send); $attributes_loop++) { $attributes_content .= $this->_attributes_to_send[$attributes_loop]; } $packet_length = 4; // Radius packet code + Identifier + Length high + Length low $packet_length += strlen($this->_request_authenticator); // Request-Authenticator $packet_length += strlen($attributes_content); // Attributes $packet_data = chr($this->_radius_packet_to_send); $packet_data .= chr($this->GetNextIdentifier()); $packet_data .= chr(intval($packet_length/256)); $packet_data .= chr(intval($packet_length%256)); $packet_data .= $this->_request_authenticator; $packet_data .= $attributes_content; $_socket_to_server = socket_create(AF_INET, SOCK_DGRAM, 17); // UDP packet = 17 if ($_socket_to_server === FALSE) { $this->_last_error_code = socket_last_error(); $this->_last_error_message = socket_strerror($this->_last_error_code); } elseif (FALSE === socket_connect($_socket_to_server, $this->_ip_radius_server, $this->_authentication_port)) { $this->_last_error_code = socket_last_error(); $this->_last_error_message = socket_strerror($this->_last_error_code); } elseif (FALSE === socket_write($_socket_to_server, $packet_data, $packet_length)) { $this->_last_error_code = socket_last_error(); $this->_last_error_message = socket_strerror($this->_last_error_code); } else { $this->DebugInfo('Packet type '.$this->_radius_packet_to_send.' ('.$this->GetRadiusPacketInfo($this->_radius_packet_to_send).')'.' sent'); if ($this->_debug_mode) { $readable_attributes = ''; foreach($this->_attributes_to_send as $one_attribute_to_send) { $attribute_info = $this->GetAttributesInfo(ord(substr($one_attribute_to_send,0,1))); $this->DebugInfo('Attribute '.ord(substr($one_attribute_to_send,0,1)).' ('.$attribute_info[0].'), length '.(ord(substr($one_attribute_to_send,1,1))-2).', format '.$attribute_info[1].', value '.$this->DecodeAttribute(substr($one_attribute_to_send,2), ord(substr($one_attribute_to_send,0,1))).''); } } $read_socket_array = array($_socket_to_server); $write_socket_array = NULL; $except_socket_array = NULL; $received_packet = chr(0); if (!(FALSE === socket_select($read_socket_array, $write_socket_array, $except_socket_array, $this->_udp_timeout))) { if (in_array($_socket_to_server, $read_socket_array)) { if (FALSE === ($received_packet = @socket_read($_socket_to_server, 1024))) // @ used, than no error is displayed if the connection is closed by the remote host { $received_packet = chr(0); $this->_last_error_code = socket_last_error(); $this->_last_error_message = socket_strerror($this->_last_error_code); } else { socket_close($_socket_to_server); } } } else { socket_close($_socket_to_server); } } $this->_radius_packet_received = intval(ord(substr($received_packet, 0, 1))); $this->DebugInfo('Packet type '.$this->_radius_packet_received.' ('.$this->GetRadiusPacketInfo($this->_radius_packet_received).')'.' received'); if ($this->_radius_packet_received > 0) { $this->_identifier_received = intval(ord(substr($received_packet, 1, 1))); $packet_length = (intval(ord(substr($received_packet, 2, 1))) * 256) + (intval(ord(substr($received_packet, 3, 1)))); $this->_response_authenticator = substr($received_packet, 4, 16); $attributes_content = substr($received_packet, 20, ($packet_length - 4 - 16)); while (strlen($attributes_content) > 2) { $attribute_type = intval(ord(substr($attributes_content,0,1))); $attribute_length = intval(ord(substr($attributes_content,1,1))); $attribute_raw_value = substr($attributes_content,2,$attribute_length-2); $attributes_content = substr($attributes_content, $attribute_length); $attribute_value = $this->DecodeAttribute($attribute_raw_value, $attribute_type); $attribute_info = $this->GetAttributesInfo($attribute_type); if (26 == $attribute_type) { $vendor_array = $this->DecodeVendorSpecificContent($attribute_value); foreach($vendor_array as $vendor_one) { $this->DebugInfo('Attribute '.$attribute_type.' ('.$attribute_info[0].'), length '.($attribute_length-2).', format '.$attribute_info[1].', Vendor-Id: '.$vendor_one[0].", Vendor-type: ".$vendor_one[1].", Attribute-specific: ".$vendor_one[2]); } } else { $this->DebugInfo('Attribute '.$attribute_type.' ('.$attribute_info[0].'), length '.($attribute_length-2).', format '.$attribute_info[1].', value '.$attribute_value.''); } $this->_attributes_received[] = array($attribute_type, $attribute_value); } } return (2 == ($this->_radius_packet_received)); } } ?>