Diameter: Add MS-CHAP/MS-CHAPv2 AVP support for EAP-TLS

Created the Microsoft Diameter file based on MS-CHAP-* AVPs listed at
https://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml#eap-numbers-10
Many values are displayed as bytes for simplicit. The MS-CHAP2-Success
attribute could for example be dissected further as 1 byte followed by a
string, but that requires more effort.

Allow padding to be missing since the eap-ttls-mschapv2.pcapng capture
would throw a Malformed Packet exception otherwise.

Bug: 15603
Change-Id: I9efc322a86802e78bb6cd4bc3df1c1282a45fe9e
Reviewed-on: https://code.wireshark.org/review/34291
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

diff --git a/diameter/Microsoft.xml b/diameter/Microsoft.xml
new file mode 100644 (file)
index 0000000..442f02f
--- /dev/null
+++ b/diameter/Microsoft.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!-- Microsoft vendor-specific AVPs as specified in RFC 2548 for RADIUS.
+     These are not defined for Diameter, but were converted anyway to enable
+     use with EAP-TTLS (RFC 5281). -->
+
+<vendor vendor-id="Microsoft" code="311" name="Microsoft">
+    <avp name="MS-CHAP-Response" code="1" vendor-id="Microsoft">
+        <type type-name="OctetString" />
+    </avp>
+    <avp name="MS-CHAP-Error" code="2" vendor-id="Microsoft">
+        <type type-name="UTF8String" />
+    </avp>
+    <avp name="MS-CHAP-NT-Enc-PW" code="6" vendor-id="Microsoft">
+        <type type-name="OctetString" />
+    </avp>
+    <avp name="MS-CHAP-Domain" code="10" vendor-id="Microsoft">
+        <type type-name="UTF8String" />
+    </avp>
+    <avp name="MS-CHAP-Challenge" code="11" vendor-id="Microsoft">
+        <type type-name="OctetString" />
+    </avp>
+    <avp name="MS-CHAP2-Response" code="25" vendor-id="Microsoft">
+        <type type-name="OctetString" />
+    </avp>
+    <avp name="MS-CHAP2-Success" code="26" vendor-id="Microsoft">
+        <type type-name="OctetString" />
+    </avp>
+    <avp name="MS-CHAP2-CPW" code="27" vendor-id="Microsoft">
+        <type type-name="OctetString" />
+    </avp>
+</vendor>

diff --git a/diameter/dictionary.xml b/diameter/dictionary.xml
index eb58ab47259f6f7a605d02e3bb75684a293fd5ad..ec7fa2c3a56162c1b7799239efb9e2ae6336228e 100644 (file)
--- a/diameter/dictionary.xml
+++ b/diameter/dictionary.xml
@@ -32,6 +32,7 @@
        <!ENTITY VerizonWireless        SYSTEM "VerizonWireless.xml">
        <!ENTITY Telefonica             SYSTEM "Telefonica.xml">
        <!ENTITY Siemens                SYSTEM "Siemens.xml">
+       <!ENTITY Microsoft              SYSTEM "Microsoft.xml">
        <!ENTITY Custom                 SYSTEM "Custom.xml">
 ]>
 <dictionary>
@@ -8839,5 +8840,6 @@
        &VerizonWireless;
        &Telefonica;
        &Siemens;
+       &Microsoft;
        &Custom;
 </dictionary>

diff --git a/epan/dissectors/packet-diameter.c b/epan/dissectors/packet-diameter.c
index 0b9ef856deb1e864466bdd8dee352f0f6c26a97f..ffdb092ce4de8b50db34925c339f36e9682a39c1 100644 (file)
--- a/epan/dissectors/packet-diameter.c
+++ b/epan/dissectors/packet-diameter.c
@@ -297,6 +297,7 @@ static expert_field ei_diameter_avp_no_data = EI_INIT;
 static expert_field ei_diameter_application_id = EI_INIT;
 static expert_field ei_diameter_version = EI_INIT;
 static expert_field ei_diameter_avp_pad = EI_INIT;
+static expert_field ei_diameter_avp_pad_missing = EI_INIT;
 static expert_field ei_diameter_code = EI_INIT;
 static expert_field ei_diameter_avp_code = EI_INIT;
 static expert_field ei_diameter_avp_vendor_id = EI_INIT;
@@ -762,6 +763,13 @@ dissect_diameter_avp(diam_ctx_t *c, tvbuff_t *tvb, int offset, diam_sub_dis_t *d
                return tvb_reported_length(tvb);
        }
 
+       /*
+        * Workaround for a MS-CHAPv2 capture from Bug 15603 that lacks padding.
+        */
+       if (tvb_reported_length_remaining(tvb, offset + len) < pad_len) {
+               pad_len = (guint32)tvb_reported_length_remaining(tvb, offset + len);
+       }
+
        /* Add root of tree for this AVP */
        avp_item = proto_tree_add_item(c->tree, hf_diameter_avp, tvb, offset, len + pad_len, ENC_NA);
        avp_tree = proto_item_add_subtree(avp_item, a->ett);
@@ -891,6 +899,9 @@ dissect_diameter_avp(diam_ctx_t *c, tvbuff_t *tvb, int offset, diam_sub_dis_t *d
                        }
                }
        }
+       if ((len + pad_len) % 4) {
+               proto_tree_add_expert(avp_tree, c->pinfo, &ei_diameter_avp_pad_missing, tvb, offset, pad_len);
+       }
 
        return len+pad_len;
 }
@@ -2390,6 +2401,7 @@ real_register_diameter_fields(void)
                { &ei_diameter_avp_vendor_id, { "diameter.unknown_vendor", PI_UNDECODED, PI_WARN, "Unknown Vendor, if you know whose this is you can add it to dictionary.xml", EXPFILL }},
                { &ei_diameter_avp_no_data, { "diameter.avp.no_data", PI_UNDECODED, PI_WARN, "Data is empty", EXPFILL }},
                { &ei_diameter_avp_pad, { "diameter.avp.pad.non_zero", PI_MALFORMED, PI_NOTE, "Padding is non-zero", EXPFILL }},
+               { &ei_diameter_avp_pad_missing, { "diameter.avp.pad.missing", PI_MALFORMED, PI_NOTE, "Padding is missing", EXPFILL }},
                { &ei_diameter_avp_len, { "diameter.avp.invalid-len", PI_MALFORMED, PI_WARN, "Wrong length", EXPFILL }},
                { &ei_diameter_application_id, { "diameter.applicationId.unknown", PI_UNDECODED, PI_WARN, "Unknown Application Id, if you know what this is you can add it to dictionary.xml", EXPFILL }},
                { &ei_diameter_version, { "diameter.version.unknown", PI_UNDECODED, PI_WARN, "Unknown Diameter Version (decoding as RFC 3588)", EXPFILL }},

diff --git a/packaging/nsis/wireshark.nsi b/packaging/nsis/wireshark.nsi
index 474a1ef918fa8c963a99584ac6c931ad9a14e516..6ac3d290e012daaf03f2684b7fb577a6d9bce7b8 100644 (file)
--- a/packaging/nsis/wireshark.nsi
+++ b/packaging/nsis/wireshark.nsi
@@ -575,6 +575,7 @@ File "${STAGING_DIR}\diameter\HP.xml"
 File "${STAGING_DIR}\diameter\Huawei.xml"
 File "${STAGING_DIR}\diameter\Inovar.xml"
 File "${STAGING_DIR}\diameter\Juniper.xml"
+File "${STAGING_DIR}\diameter\Microsoft.xml"
 File "${STAGING_DIR}\diameter\mobileipv4.xml"
 File "${STAGING_DIR}\diameter\mobileipv6.xml"
 File "${STAGING_DIR}\diameter\nasreq.xml"