{"id":926,"date":"2016-02-29T22:43:39","date_gmt":"2016-02-29T14:43:39","guid":{"rendered":"http:\/\/www.alextwl.idv.tw\/memo\/?p=926"},"modified":"2016-02-29T22:52:12","modified_gmt":"2016-02-29T14:52:12","slug":"freeradius-eap-gtc-or-eap-ttls-with-inner-pap","status":"publish","type":"post","link":"https:\/\/www.alextwl.idv.tw\/memo\/2016\/02\/freeradius-eap-gtc-or-eap-ttls-with-inner-pap\/","title":{"rendered":"FreeRADIUS + EAP-GTC or EAP-TTLS with inner PAP"},"content":{"rendered":"<p>\u524d\u9663\u5b50\u88ab\u670b\u53cb\u627e\u53bb\u770b\u7121\u7dda\u7db2\u8def + RADIUS \u4e0a WPA2 Enterprise \u7684\u554f\u984c\uff0c\u8a8d\u8b49\u7528\u7684\u5bc6\u78bc\u662f\u4ee5 MD5 \u5f62\u5f0f\u5b58\u5728 LDAP\uff0c\u65bc\u662f\u6709\u4eba\u9023 Wifi \u6642\uff0c\u8d70\u6c92\u52a0\u5bc6\u7684 SSID \u7d93\u904e controller \u7684\u7db2\u9801\u8a8d\u8b49\u6703\u904e\uff0c\u4f46\u8d70 WPA2 \u5c31\u600e\u9ebc\u6539\u8a2d\u5b9a\u90fd\u904e\u4e0d\u4e86\u3002<\/p>\n<p>\u6311\u9078\u7d93\u7531 RADIUS \u4f5c\u8a8d\u8b49\u7684\u5354\u5b9a\uff0c\u9700\u8996\u5bc6\u78bc\u7684\u5132\u5b58\u65b9\u5f0f\u800c\u5b9a\u3002\u53ef\u53c3\u898b <a href=\"http:\/\/deployingradius.com\/documents\/protocols\/compatibility.html\" target=\"_blank\">Deploying RADIUS: Protocol and Password Compatibility<\/a> \u5bc6\u78bc\u683c\u5f0f\u8207\u8a8d\u8b49\u5354\u5b9a\u7684\u5c0d\u61c9\u8868\u3002<\/p>\n<p>\u5f9e\u5c0d\u61c9\u8868\u4f86\u770b\uff0c\u5982\u679c\u5bc6\u78bc\u8cc7\u6599\u5eab\u4e0d\u80fd\u63d0\u4f9b\u660e\u78bc(\u6216\u662f\u7528\u5fae\u8edf\u7684\u5e33\u865f\u6216 AD)\uff0c\u90a3\u9ebc\u53ef\u4ee5\u63a1\u7528\u7684\u65b9\u6848\u5f88\u5c11\uff0c\u53ea\u80fd\u60f3\u8fa6\u6cd5\u8b93\u7528\u6236\u4ee5\u5b89\u5168\u7684\u65b9\u5f0f\u4e5f\u628a\u660e\u78bc\u4e1f\u56de RADIUS \u4f5c\u8a8d\u8b49\u3002\u9019\u6b21\u9047\u5230\u7684\u4f8b\u5b50\uff0c\u53ef\u8003\u616e\u7684\u6709 EAP-GTC (\u5305\u5728 PEAPv0 \u6216 EAP-TTLS \u88e1\u9762) \u8207 EAP-TTLS-PAP (EAP-TTLS with inner PAP) \u7b49\u7b49\uff0c\u5176\u5be6\u90fd\u662f\u5efa\u901a\u9053\u5728\u88e1\u982d\u8dd1 PAP \u7684\u4f5c\u6cd5\uff0c\u4f46\u5728\u7528\u6236\u7aef\u7684\u652f\u63f4\u5ea6\u662f\u6709\u5dee\u5225\u7684\uff0c\u800c\u4e14\u90fd\u6c92\u6709\u5f88\u5ee3\u6cdb\u7684\u652f\u63f4\u3002<\/p>\n<p>\u76f8\u95dc\u7684\u53c3\u8003\u8cc7\u6599\uff0c\u76ee\u524d\u770b\u8d77\u4f86\u5c31 eduroam \u6574\u7406\u5730\u6700\u9f4a\u5168\u3002\u7528\u6236\u7aef\u7684\u76f8\u5bb9\u6027\u53ef\u53c3\u898b <a href=\"https:\/\/wiki.geant.org\/display\/H2eduroam\/Devices+that+are+compatible+with+eduroam\">Devices that are compatible with eduroam (G\u00c9ANT federated confluence)<\/a>\u3002<\/p>\n<p>\u9019\u908a\u6574\u7406\u4e00\u4e0b\u8dd1 EAP-GTC \u8207 EAP-TTLS with inner PAP \u7684\u7b46\u8a18\u3002<br \/>\n<!--more--><\/p>\n<h2>EAP-GTC<\/h2>\n<p>Generic Token Card (GTC) \u662f Cisco \u63d0\u51fa\u7684 EAP Type\uff0c\u5df2\u6536\u9304\u5728 <a href=\"https:\/\/tools.ietf.org\/html\/rfc3748#section-5.6\">RFC 3748 Section 5.6<\/a>\uff0c\u4f46\u7531\u65bc Cisco \u4e26\u6c92\u6709\u63a8\u5f97\u5f88\u7528\u529b\uff0c<a href=\"http:\/\/wiki.freeradius.org\/protocol\/EAP#eap-sub-types_peap_peapv1-eap-gtc\">\u7528\u6236\u7aef\u7684\u666e\u53ca\u7387\u4e26\u4e0d\u9ad8<\/a>\u3002<\/p>\n<p>Windows \u6c92\u6709\u5167\u5efa\u652f\u63f4 EAP-GTC\uff0c\u76ee\u524d\u666e\u904d\u770b\u5230\u7684\u652f\u63f4\u65b9\u5f0f\u90fd\u662f\u8acb\u5927\u5bb6\u53bb\u88dd Cisco Aironet \u7121\u7dda\u7db2\u5361\u7684\u9a45\u52d5\u7a0b\u5f0f\u3001\u6216\u662f Aruba \u63d0\u4f9b\u7684\u51fd\u5f0f\u5eab\u3002iOS 9 \u5012\u662f\u4e0d\u7528\u7279\u5225\u8a2d\u5b9a\uff0c\u9023\u5230\u57fa\u5730\u53f0\u7684\u6642\u5019\u76f4\u63a5\u8f38\u5165\u5e33\u865f\u5bc6\u78bc\u5373\u53ef\u3002<\/p>\n<p>\u7531\u65bc EAP-GTC \u672c\u8eab\u6c92\u6709\u52a0\u5bc6\uff0c\u6545\u8003\u616e PEAPv0\/EAP-GTC \u8207 EAP-TTLS-GTC \u5169\u7a2e\u8a2d\u5b9a\u65b9\u5f0f\u3002(\u8a3b\uff1a<a href=\"http:\/\/freeradius.org\/features\/eap.html\">FreeRADIUS \u53ea\u652f\u63f4\u5728 EAP-PEAPv0 \u8207 EAP-TTLS \u88e1\u9762\u8dd1 EAP-GTC<\/a>)<\/p>\n<p>\u4e0b\u9762\u662f FreeRADIUS \u7684\u90e8\u4efd\u8a2d\u5b9a\uff0c\u6709\u7701\u7565\u4e00\u4e9b\u539f\u59cb\u7bc4\u4f8b\u5c31\u6709\u7684\u8a2d\u5b9a\uff0c\u4f7f\u7528\u4e0a\u9084\u8acb\u6ce8\u610f\u3002<\/p>\n<h3>eap.conf<\/h3>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\neap {\r\n        default_eap_type = peap # or &quot;ttls&quot; for EAP-TTLS-GTC\r\n        gtc {\r\n                auth_type = PAP\r\n        }\r\n        tls {\r\n                ... # (ignored, see your eap.conf example)\r\n        }\r\n        ttls {\r\n                default_eap_type = gtc\r\n                copy_request_to_tunnel = no\r\n                use_tunneled_reply = no\r\n                virtual_server = &quot;inner-tunnel&quot;\r\n        }\r\n        peap {\r\n                default_eap_type = gtc\r\n                copy_request_to_tunnel = no\r\n                use_tunneled_reply = no\r\n                virtual_server = &quot;inner-tunnel&quot;\r\n        }\r\n}\r\n<\/pre>\n<h2>EAP-TTLS with inner PAP<\/h2>\n<p>\u5728 Tunneled TLS \u901a\u9053\u5167\u8dd1 PAP \u8a8d\u8b49\u7684\u4f5c\u6cd5\uff0c\u7528\u6236\u7aef\u7684\u652f\u63f4\u6bd4\u8f03\u8907\u96dc\u3002<\/p>\n<ol>\n<li><strong>Windows 8 \/ 8.1 \/ 10<\/strong>: \u6709\u652f\u63f4\uff0c\u7bc4\u4f8b\u53c3\u898b<a href=\"https:\/\/adamsync.wordpress.com\/2012\/05\/08\/eap-ttls-on-windows-2012-build-8250\/\">EAP-TTLS on Windows 8 (Build 8250) | Notes on IT (mainly Microsoft)<\/a>\u3002\u9808\u4e8b\u5148\u5728\u7528\u6236\u7aef\u532f\u5165\u6191\u8b49\u3002<\/li>\n<li><strong>Windows XP \/ Vista \/ 7<\/strong>: \u6c92\u6709\u539f\u751f\u652f\u63f4\uff0c\u8a31\u591a\u6a5f\u69cb\u5efa\u8b70\u52a0\u88dd <a href=\"https:\/\/www.securew2.com\/\">SecureW2 EAP Suite<\/a> \u61c9\u5c0d\uff0c\u4f46\u8a72\u8edf\u9ad4\u7684\u65b0\u7248\u672c\u5df2\u7d93\u6c92\u6709\u514d\u8cbb\u6388\u6b0a\u4e86\u3002<\/li>\n<li><strong>Apple iOS<\/strong>: \u9808\u984d\u5916\u532f\u5165\u8a2d\u5b9a\u6a94\u6216\u662f Helper App \u505a\u8a2d\u5b9a\u3002\u4ee5\u524d\u6709 iPhone Configuration Utility \u53ef\u4ee5\u7522\u751f Wifi profile\uff0c\u4f46 Apple \u5df2\u7d93\u5728\u53bb\u5e74\u5e74\u521d\u505c\u6b62\u63d0\u4f9b\uff0c\u6211\u66ab\u6642\u6c92\u6709\u627e\u5230\u65b9\u4fbf\u7684\u8a2d\u5b9a\u65b9\u5f0f\u3002(\u8a3b\uff1aeduroam \u5f8c\u4f86\u81ea\u5df1\u958b\u767c\u4e86 <a href=\"https:\/\/cat.eduroam.org\/\">Configuration Assistant Tool<\/a> \u63d0\u4f9b\u81ea\u5bb6\u7528\u6236\u4f5c\u8a2d\u5b9a\u3002)<\/li>\n<\/ol>\n<p>\u4ee5\u4e0b\u662f FreeRADIUS \u4f5c EAP-TTLS with inner PAP \u7684\u8a2d\u5b9a\u3002\u9808\u6ce8\u610f\u7531\u65bc EAP type \u4e26\u6c92\u6709 pap, \u6545 <code>ttls<\/code> \u7684 <code>default_eap_type<\/code> \u9810\u8a2d\u70ba <code>md5<\/code>, \u4f46\u5be6\u969b\u4e0a\u4ee5\u672c\u6587 MD5 \u5bc6\u78bc\u5b58\u5728 LDAP \u7684\u4f8b\u5b50\u662f<strong>\u7121\u6cd5<\/strong>\u505a EAP-TTLS-MD5 \u8a8d\u8b49\u7684\u3002<\/p>\n<h3>eap.conf<\/h3>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\neap {\r\n        default_eap_type = ttls\r\n        tls {\r\n                ... # (ignored, see your eap.conf example)\r\n        }\r\n        ttls {\r\n                default_eap_type = md5\r\n                copy_request_to_tunnel = no\r\n                use_tunneled_reply = no\r\n                virtual_server = &quot;inner-tunnel&quot;\r\n        }\r\n}\r\n<\/pre>\n<h2>FreeRADIUS \u7684 virtual server \u8a2d\u5b9a<\/h2>\n<h3>sites-enabled\/default \u6216\u662f radiusd.conf<\/h3>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\nauthorize {\r\n\tpreprocess\r\n\tchap\r\n\tmschap\r\n\tdigest\r\n\tsuffix\r\n\teap {\r\n\t\tok = return\r\n\t}\r\n\tfiles\r\n\tldap\r\n\texpiration\r\n\tlogintime\r\n\tpap\r\n}\r\nauthenticate {\r\n\tAuth-Type PAP {\r\n\t\t# \u8a3b\uff1a\u5728\u6b64\u7f6e\u5165\u4f60\u7684\u5bc6\u78bc\u8a8d\u8b49\u6a21\u7d44\uff0c\u4f8b\u5982 ldap\r\n\t\tldap\r\n\t}\r\n\tAuth-Type CHAP {\r\n\t\tchap\r\n\t}\r\n\tAuth-Type MS-CHAP {\r\n\t\tmschap\r\n\t}\r\n\tdigest\r\n\tunix\r\n\teap\r\n}\r\n# ... (ignored, see your configuration examples)\r\npost-proxy {\r\n\teap\r\n}\r\n<\/pre>\n<h3>sites-enabled\/inner-tunnel \u6216\u662f radiusd.conf \u7684 <code>server inner-tunnel { ... }<\/code><\/h3>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\nserver inner-tunnel {\r\n    listen {\r\n           ipaddr = 127.0.0.1\r\n           port = 18120\r\n           type = auth\r\n    }\r\n    authorize {\r\n\t    chap\r\n\t    mschap\r\n\t    suffix\r\n\t    update control {\r\n\t           Proxy-To-Realm := LOCAL\r\n\t    }\r\n\t    eap {\r\n\t\t    ok = return\r\n\t    }\r\n\t    ldap\r\n\t    # \u8a3b\uff1a\u5982\u679c\u6536\u5230 User-Password \u5bc6\u78bc\u6b04\uff0c\u5f37\u5236\u9032\u884c LDAP \u8a8d\u8b49\u3002(\u50c5\u4f9b\u53c3\u8003)\r\n\t    if (User-Password) {\r\n\t\t    update control {\r\n\t\t\t    Auth-Type := LDAP\r\n\t\t    }\r\n\t    }\r\n\t    files\r\n\t    expiration\r\n\t    logintime\r\n\t    pap\r\n    }\r\n    authenticate {\r\n\t    Auth-Type PAP {\r\n\t\t    # \u8a3b\uff1a\u5728\u6b64\u7f6e\u5165\u4f60\u7684\u5bc6\u78bc\u8a8d\u8b49\u6a21\u7d44\uff0c\u4f8b\u5982 ldap\r\n\t\t    ldap\r\n\t    }\r\n\t    Auth-Type CHAP {\r\n\t\t    chap\r\n\t    }\r\n\t    Auth-Type MS-CHAP {\r\n\t\t    mschap\r\n\t    }\r\n\t    unix\r\n\t    Auth-Type LDAP {\r\n\t\t    ldap\r\n\t    }\r\n\t    eap\r\n    }\r\n    # ... (ignored, see your configuration examples)\r\n    post-proxy {\r\n\t    eap\r\n    }\r\n} # inner-tunnel server block\r\n<\/pre>\n<h2>802.1x \u6e2c\u8a66\u65b9\u6cd5<\/h2>\n<p><a href=\"https:\/\/w1.fi\/wpa_supplicant\/\">wpa_supplicant<\/a> \u6709 eapol_test \u5de5\u5177\u53ef\u4f9b\u6e2c\u8a66\u3002<\/p>\n<p>Linux distribution \u5305\u7684 wpa_supplicant \u53ef\u80fd\u4e0d\u6703\u63d0\u4f9b eapol_test binary (Ubuntu \u8207 CentOS \u90fd\u6c92\u6709)\uff0c\u7de8\u8b6f\u6307\u4ee4\u5982\u4e0b\uff1a<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\nwget http:\/\/w1.fi\/releases\/wpa_supplicant-2.5.tar.gz\r\ntar zxvf wpa_supplicant-2.5.tar.gz\r\ncd wpa_supplicant-2.5\/wpa_supplicant\r\ncp defconfig .config\r\nmake eapol_test\r\n<\/pre>\n<p>\u8a3b\uff1a\u5982\u679c\u9047\u5230 <code>crypto_openssl.c:316: undefined reference<\/code> \u7684\u7de8\u8b6f\u932f\u8aa4\uff0c\u6539\u7528\u820a\u7248\u672c\u7684 wpa_supplicant \u8a66\u8a66\u3002<\/p>\n<p>\u5b89\u88dd\u5b8c\u6210\u5f8c\uff0c\u6e96\u5099 <code>eapol_test<\/code> \u6307\u4ee4\u9700\u8981\u7684\u8a2d\u5b9a\u6a94\u3002\u5404\u7a2e\u7bc4\u4f8b\u53ef\u53c3\u8003 FreeRADIUS \u7684 test case\u3002(\u5c0d\uff0c\u662f\u5728 FreeRADIUS \u7684 source code \u88e1\u9762\uff0c\u4e0d\u662f wpa_supplicant\u3002)<\/p>\n<p>\u6e2c\u8a66\u6307\u4ee4\u7684\u683c\u5f0f\uff1a<code>.\/eapol_test -c eap-foo.conf -s AS_secret<\/code><br \/>\n(<code>eap-foo.conf<\/code> \u70ba\u8a2d\u5b9a\u6a94\u540d\u7a31\uff0c<code>AS_secret<\/code> \u70ba RADIUS server \u7684 secret key\u3002)<\/p>\n<h3>PEAPv0\/EAP-GTC \u7684 eapol_test config<\/h3>\n<p>\u5f15\u7528\u81ea <a href=\"https:\/\/github.com\/FreeRADIUS\/freeradius-server\/blob\/v3.1.x\/src\/tests\/eapol_test\/peap-eap-gtc.conf\">freeradius-server\/src\/tests\/eapol_test\/peap-eap-gtc.conf<\/a>\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\n#\r\n#   .\/eapol_test -c peap-eap-gtc.conf -s testing123\r\n#\r\nnetwork={\r\n\tssid=&quot;example&quot;\r\n\tkey_mgmt=WPA-EAP\r\n\teap=PEAP\r\n\tidentity=&quot;bob&quot;\r\n\tanonymous_identity=&quot;anonymous&quot;\r\n\tpassword=&quot;bob&quot;\r\n\tphase2=&quot;auth=GTC&quot;\r\n\tphase1=&quot;peapver=0&quot;\r\n}\r\n<\/pre>\n<h3>EAP-TTLS-GTC \u7684 eapol_test config<\/h3>\n<p>\u5f15\u7528\u81ea <a href=\"https:\/\/github.com\/FreeRADIUS\/freeradius-server\/blob\/v3.1.x\/src\/tests\/eapol_test\/ttls-eap-gtc.conf\">freeradius-server\/src\/tests\/eapol_test\/ttls-eap-gtc.conf<\/a>\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\n#\r\n#   eapol_test -c eap-ttls-eap-gtc.conf -s testing123\r\n#\r\nnetwork={\r\n\tkey_mgmt=WPA-EAP\r\n\teap=TTLS\r\n\tidentity=&quot;bob&quot;\r\n\tanonymous_identity=&quot;anonymous&quot;\r\n\tca_cert=&quot;raddb\/certs\/ca.pem&quot;\r\n\tpassword=&quot;bob&quot;\r\n\tphase2=&quot;autheap=GTC&quot;\r\n}\r\n<\/pre>\n<h3>EAP-TTLS with inner PAP \u7684 eapol_test config<\/h3>\n<p>\u5f15\u7528\u81ea <a href=\"https:\/\/github.com\/FreeRADIUS\/freeradius-server\/blob\/v3.1.x\/src\/tests\/eapol_test\/ttls-pap.conf\">freeradius-server\/src\/tests\/eapol_test\/ttls-pap.conf<\/a>\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\n#\r\n#   eapol_test -c ttls-pap.conf -s testing123\r\n#\r\nnetwork={\r\n\tkey_mgmt=WPA-EAP\r\n\teap=TTLS\r\n\tidentity=&quot;bob&quot;\r\n\tanonymous_identity=&quot;anonymous&quot;\r\n\t#ca_cert=&quot;raddb\/certs\/ca.pem&quot;\r\n\tpassword=&quot;bob&quot;\r\n\tphase2=&quot;auth=PAP&quot;\r\n}\r\n<\/pre>\n<p>\u8a3b\uff1a<code>eapol_test<\/code> \u7684\u8a2d\u5b9a\u6a94\u53c3\u6578\u53ef\u53c3\u8003 <a href=\"https:\/\/w1.fi\/cgit\/hostap\/plain\/wpa_supplicant\/wpa_supplicant.conf\">wpa_supplicant.conf \u7bc4\u4f8b<\/a>\u4e2d\u7684\u8a3b\u89e3\u3002<\/p>\n<h2>\u6191\u8b49\u554f\u984c<\/h2>\n<p>FreeRADIUS server \u4f7f\u7528\u7684 X.509 \u7bc4\u4f8b\u6191\u8b49\u901a\u5e38\u662f\u653e\u5728 <code>\/etc\/raddb\/certs<\/code> \u800c\u4e0d\u662f <code>\/etc\/pki<\/code> \u4e4b\u985e\u7684\u5730\u65b9\u3002\u5b89\u5168\u8d77\u898b<strong>\u4e00\u5b9a\u8981\u91cd\u65b0\u7c3d\u904e<\/strong>\uff0c\u53c3\u898b <a href=\"https:\/\/github.com\/FreeRADIUS\/freeradius-server\/tree\/v3.1.x\/raddb\/certs\">\/etc\/raddb\/certs\/README<\/a> \u7684\u6b65\u9a5f\u91cd\u7c3d\u5373\u53ef\u3002<\/p>\n<p>\u6b64\u5916\uff0cFreeRADIUS Wiki \u8207 eduroam \u7684\u7db2\u7ad9\u4e0a\u4e5f\u6709\u63d0\u4f9b\u8f03\u8a73\u7d30\u7684\u6191\u8b49\u76f8\u5bb9\u6027\u89e3\u8aaa\uff0c\u53ef\u53c3\u7167\uff1a<\/p>\n<ol>\n<li><a href=\"http:\/\/wiki.freeradius.org\/guide\/Certificate%20Compatibility\">Certificate Compatibility (wiki.freeradius.org)<\/a><\/li>\n<li><a href=\"https:\/\/wiki.geant.org\/display\/H2eduroam\/EAP+Server+Certificate+considerations\">EAP Server Certificate considerations (G\u00c9ANT federated confluence)<\/a><\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>\u524d\u9663\u5b50\u88ab\u670b\u53cb\u627e\u53bb\u770b\u7121\u7dda\u7db2\u8def + RADIUS \u4e0a WPA2 Enterprise \u7684\u554f\u984c\uff0c\u8a8d\u8b49\u7528\u7684\u5bc6\u78bc\u662f\u4ee5 M [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[],"tags":[],"class_list":["post-926","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/posts\/926","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/comments?post=926"}],"version-history":[{"count":28,"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/posts\/926\/revisions"}],"predecessor-version":[{"id":962,"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/posts\/926\/revisions\/962"}],"wp:attachment":[{"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/media?parent=926"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/categories?post=926"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/tags?post=926"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}