Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Parse RADIUS request attributes during Redis cache extraction #8380

Open
wants to merge 3 commits into
base: devel
Choose a base branch
from

Conversation

E-ThanG
Copy link
Contributor

@E-ThanG E-ThanG commented Nov 5, 2024

Description

Parse RADIUS attributes WLAN-AKM-Suite, WLAN-Group-Cipher, WLAN-Pairwise-Cipher, TLS-Cert-Expiration, TLS-Cert-Valid-Since, TLS-Client-Cert-Expiration, and TLS-Client-Cert-Valid-Since into human readable strings.

Addresses issue where WLAN AKM and Cipher suite information integer value is displayed as a float64.

Note: Parsing could be done elsewhere, however, the pfcron flush task is one of the last locations where the RADIUS information is still in JSON and not a formatted string. It's relatively easy to manipulate now. Having said that, from a resource utilization perspective it may make more sense to perform this task as a particular RADIUS log entry is requested from the Admin UI.

Also, there may be additional attributes that would be nice to have parsed. I can add more if desired. The EAP-Message is perhaps a reasonable addition.

Impacts

Usability of information presented in Admin UI RADIUS audit log

Issue

fixes #8358

Delete branch after merge

YES

Checklist

  • [n/a] Document the feature
  • [n/a] Add OpenAPI specification
  • [If required] Add unit tests
  • [n/a] Add acceptance tests (TestLink)

Enhancements

Added parsing of WLAN-AKM-Suite, WLAN-Group-Cipher, WLAN-Pairwise-Cipher, TLS-Cert-Expiration, TLS-Cert-Valid-Since, TLS-Client-Cert-Expiration, and TLS-Client-Cert-Valid-Since attributes.

WLAN AKM and Cipher Suite attributes are decoded and filled with the name of the AKM or suite used. Dates are presented in a human-readable format with 4-digit year.

Existing behavior with WLAN attributes is that the integers are erroneously unmarshaled as Float64 by Golang json.Unmarshal. Date's are presented as a string with 2-digit year and no field delimiters or spacing ("241025235210Z").

Example of change as viewed from Admin UI:

TLS-Cert-Expiration = "2039-04-10 17:00:00",
TLS-Cert-Valid-Since = "2019-04-10 16:51:00",
TLS-Client-Cert-Expiration = "2029-09-27 21:14:28",
TLS-Client-Cert-Valid-Since = "2024-09-27 21:04:00",
WLAN-AKM-Suite = "FT over 802.1X",
WLAN-Group-Cipher = "CCMP-128",
WLAN-Pairwise-Cipher = "CCMP-128"

image

Added parsing of WLAN-AKM-Suite, WLAN-Group-Cipher, WLAN-Pairwise-Cipher, TLS-Cert-Expiration, TLS-Cert-Valid-Since, TLS-Client-Cert-Expiration, and TLS-Client-Cert-Valid-Since attributes.

WLAN AKM and Cipher Suite attributes are decoded and filled with the name of the AKM or suite used. Dates are presented in a human-readable format with 4-digit year.

Existing behavior with WLAN attributes is that the integers are erroneously unmarshaled as Float64 by Golang json.Unmarshal. Dates are presented as a string with 2-digit year and no field delimiters or spacing ("241025235210Z").
@E-ThanG E-ThanG force-pushed the Parsing-RADIUS-request-attributes-after-Redis-cache-extraction branch from 1690715 to 209dbcb Compare November 5, 2024 23:29
The bit field is only 4 bits wide, this only needs the 0x0000000F mask.
Add AM/PM and UTC timezone to time stamp
@E-ThanG E-ThanG force-pushed the Parsing-RADIUS-request-attributes-after-Redis-cache-extraction branch from ddeacd8 to 3ccf193 Compare November 14, 2024 04:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
1 participant