[#3860] Last updates including doc

changelog_unreleased/3860-radius-vendor-attributes

@@ -0,0 +1,5 @@
+[func]		fdupont
+	Added support of RADIUS vendor attributes and integer
+	translations to the RADIUS hook library for compatibility
+	with previous versions using the FreeRADIUS client library.
+	(Gitlab #2860)

doc/sphinx/arm/ext-radius.rst

@@ -226,9 +226,20 @@ At the service level, three sections can be configured:
    -  ``expr`` - is the last of the three ways to specify the attribute content.
       It specifies an evaluation expression on the DHCP query packet.
 
+   -  ``vendor`` -  since Kea 3.1.2 is the vendor id of the attribute.
+      It allways contents a string with the vendor name or an integer litteral.
 
     Attributes are supported only for the access service.
 
+.. note::
+
+   Vendor-Specific attribute can be specified in two ways: using a ``raw``
+   value which must include the vendor and the vsa data, note that the ``data``
+   value is no longer supported sine Kea 3.1.2, and the ``expr`` value
+   is evaluated to the content of the attribute. The second way was added
+   by 3.1.2 and allows to specify a vendor attribute which is automatically
+   embedded into a Vendor-Specific attribute.
+
 - The ``peer-updates`` boolean flag (default ``true``) controls whether lease
   updates coming from an active High-Availability (HA) partner should result in
   an accounting request. This may be desirable to remove duplicates if HA
@@ -570,6 +581,12 @@ RADIUS dictionary. There are differences:
 
       - Must have an associated attribute definition in the dictionary.
 
+    * - Attribute and Integer Value name spaces
+
+      - flat name spaces allowing duplicates.
+
+      - since Kea 3.1.2 different name spaces per vendor.
+
     * - Reply-Message Presence in the Kea Logs
 
       - Only as part of the aggregated list of attributes in ``RADIUS_AUTHENTICATION_ACCEPTED``, ``RADIUS_ACCESS_CACHE_INSERT``, ``RADIUS_ACCESS_CACHE_GET`` log messages.

src/hooks/dhcp/radius/client_attribute.cc

@@ -49,7 +49,8 @@ Attribute::fromText0(const AttrDefPtr& def, const string& value) {
     case PW_TYPE_INTEGER:
         if (!isdigit(value[0])) {
             IntCstDefPtr ic_def =
-                AttrDefs::instance().getByName(def->type_, value);
+                AttrDefs::instance().getByName(def->type_, value,
+                                               def->vendor_);
             if (ic_def) {
                 return (fromInt(def->type_, ic_def->value_));
             }

src/hooks/dhcp/radius/tests/attribute_unittests.cc

@@ -184,7 +184,7 @@ TEST_F(AttributeTest, rawAttrString) {
         << from_bytes->toText() << " != " << attr->toText();
 }
 
-// Verifies integer string attribute.
+// Verifies integer attribute.
 TEST_F(AttributeTest, attrInt) {
     // Using NAS-Port-Type (61) integer attribute.
     AttrDefPtr def = AttrDefs::instance().getByType(PW_NAS_PORT_TYPE);
@@ -251,6 +251,20 @@ TEST_F(AttributeTest, attrInt) {
                      "the attribute value type must be vsa, not integer");
 }
 
+// Verifies vendor integer attribute.
+TEST_F(AttributeTest, vendorAttrInt) {
+    // Attibute.
+    AttrDefPtr def(new AttrDef(1, "My-Int", PW_TYPE_INTEGER, 2495));
+    ASSERT_NO_THROW(AttrDefs::instance().add(def));
+    // Integer constant.
+    IntCstDefPtr cst(new IntCstDef(1, "My-Cst", 144, 2495));
+    ASSERT_NO_THROW(AttrDefs::instance().add(cst));
+    AttributePtr attr;
+    ASSERT_NO_THROW(attr = Attribute::fromText(def, "My-Cst"));
+    ASSERT_TRUE(attr);
+    EXPECT_EQ("Vendor-Specific=[2495]0x010600000090", attr->toText());
+}
+
 // Verifies IP address attribute.
 TEST_F(AttributeTest, attrIpAddr) {
     // Using Framed-IP-Address (8) IP address attribute.