2 * Routines for RADIUS packet disassembly
3 * Copyright 1999 Johan Feyaerts
5 * $Id: packet-radius.c,v 1.31 2001/06/18 02:17:51 guy Exp $
7 * Ethereal - Network traffic analyzer
8 * By Gerald Combs <gerald@ethereal.com>
9 * Copyright 1998 Gerald Combs
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version 2
14 * of the License, or (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
30 #ifdef HAVE_SYS_TYPES_H
31 # include <sys/types.h>
34 #ifdef HAVE_NETINET_IN_H
35 #include <netinet/in.h>
46 static int proto_radius = -1;
47 static int hf_radius_length = -1;
48 static int hf_radius_code = -1;
49 static int hf_radius_id =-1;
51 static gint ett_radius = -1;
52 static gint ett_radius_avp = -1;
54 #define UDP_PORT_RADIUS 1645
55 #define UDP_PORT_RADIUS_NEW 1812
56 #define UDP_PORT_RADACCT 1646
57 #define UDP_PORT_RADACCT_NEW 1813
59 typedef struct _e_radiushdr {
65 typedef struct _e_avphdr {
70 typedef struct _value_value_pair {
75 #define RADIUS_ACCESS_REQUEST 1
76 #define RADIUS_ACCESS_ACCEPT 2
77 #define RADIUS_ACCESS_REJECT 3
78 #define RADIUS_ACCOUNTING_REQUEST 4
79 #define RADIUS_ACCOUNTING_RESPONSE 5
80 #define RADIUS_ACCESS_CHALLENGE 11
81 #define RADIUS_STATUS_SERVER 12
82 #define RADIUS_STATUS_CLIENT 13
83 #define RADIUS_RESERVED 255
85 #define RD_TP_USER_NAME 1
86 #define RD_TP_USER_PASSWORD 2
87 #define RD_TP_CHAP_PASSWORD 3
88 #define RD_TP_NAS_IP_ADDRESS 4
89 #define RD_TP_NAS_PORT 5
90 #define RD_TP_SERVICE_TYPE 6
91 #define RD_TP_FRAMED_PROTOCOL 7
92 #define RD_TP_FRAMED_IP_ADDRESS 8
93 #define RD_TP_FRAMED_IP_NETMASK 9
94 #define RD_TP_FRAMED_ROUTING 10
95 #define RD_TP_FILTER_ID 11
96 #define RD_TP_FRAMED_MTU 12
97 #define RD_TP_FRAMED_COMPRESSION 13
98 #define RD_TP_LOGIN_IP_HOST 14
99 #define RD_TP_LOGIN_SERVICE 15
100 #define RD_TP_LOGIN_TCP_PORT 16
101 #define RD_TP_UNASSIGNED 17
102 #define RD_TP_REPLY_MESSAGE 18
103 #define RD_TP_CALLBACK_NUMBER 19
104 #define RD_TP_CALLBACK_ID 20
105 #define RD_TP_UNASSIGNED2 21
106 #define RD_TP_FRAMED_ROUTE 22
107 #define RD_TP_FRAMED_IPX_NETWORK 23
108 #define RD_TP_STATE 24
109 #define RD_TP_CLASS 25
110 #define RD_TP_VENDOR_SPECIFIC 26
111 #define RD_TP_SESSION_TIMEOUT 27
112 #define RD_TP_IDLE_TIMEOUT 28
113 #define RD_TP_TERMINATING_ACTION 29
114 #define RD_TP_CALLED_STATION_ID 30
115 #define RD_TP_CALLING_STATION_ID 31
116 #define RD_TP_NAS_IDENTIFIER 32
117 #define RD_TP_PROXY_STATE 33
118 #define RD_TP_LOGIN_LAT_SERVICE 34
119 #define RD_TP_LOGIN_LAT_NODE 35
120 #define RD_TP_LOGIN_LAT_GROUP 36
121 #define RD_TP_FRAMED_APPLETALK_LINK 37
122 #define RD_TP_FRAMED_APPLETALK_NETWORK 38
123 #define RD_TP_FRAMED_APPLETALK_ZONE 39
124 #define RD_TP_ACCT_STATUS_TYPE 40
125 #define RD_TP_ACCT_DELAY_TIME 41
126 #define RD_TP_ACCT_INPUT_OCTETS 42
127 #define RD_TP_ACCT_OUTPUT_OCTETS 43
128 #define RD_TP_ACCT_SESSION_ID 44
129 #define RD_TP_ACCT_AUTHENTIC 45
130 #define RD_TP_ACCT_SESSION_TIME 46
131 #define RD_TP_ACCT_INPUT_PACKETS 47
132 #define RD_TP_ACCT_OUTPUT_PACKETS 48
133 #define RD_TP_ACCT_TERMINATE_CAUSE 49
134 #define RD_TP_ACCT_MULTI_SESSION_ID 50
135 #define RD_TP_ACCT_LINK_COUNT 51
136 #define RD_TP_CHAP_CHALLENGE 60
137 #define RD_TP_NAS_PORT_TYPE 61
138 #define RD_TP_PORT_LIMIT 62
139 #define RD_TP_LOGIN_LAT_PORT 63
140 #define RD_TP_TUNNEL_TYPE 64
141 #define RD_TP_TUNNEL_MEDIUM_TYPE 65
142 #define RD_TP_TUNNEL_CLIENT_ENDPOINT 66
143 #define RD_TP_TUNNEL_SERVER_ENDPOINT 67
144 #define RD_TP_TUNNEL_PASSWORD 69
145 #define RD_TP_TUNNEL_ASSIGNMENT_ID 82
147 #define AUTHENTICATOR_LENGTH 16
148 #define RD_HDR_LENGTH 4
151 #define RADIUS_STRING 1
152 #define RADIUS_BINSTRING 2
153 #define RADIUS_INTEGER4 3
154 #define RADIUS_IP_ADDRESS 4
155 #define RADIUS_SERVICE_TYPE 5
156 #define RADIUS_FRAMED_PROTOCOL 6
157 #define RADIUS_FRAMED_ROUTING 7
158 #define RADIUS_FRAMED_COMPRESSION 8
159 #define RADIUS_LOGIN_SERVICE 9
160 #define RADIUS_UNKNOWN 10
161 #define RADIUS_IPX_ADDRESS 11
162 #define RADIUS_TERMINATING_ACTION 12
163 #define RADIUS_ACCOUNTING_STATUS_TYPE 13
164 #define RADIUS_ACCT_AUTHENTIC 14
165 #define RADIUS_ACCT_TERMINATE_CAUSE 15
166 #define RADIUS_NAS_PORT_TYPE 16
167 #define RADIUS_TUNNEL_TYPE 17
168 #define RADIUS_TUNNEL_MEDIUM_TYPE 18
169 #define RADIUS_STRING_TAGGED 19
170 #define RADIUS_VENDOR_SPECIFIC 20
172 static value_string radius_vals[] = {
173 {RADIUS_ACCESS_REQUEST, "Access Request"},
174 {RADIUS_ACCESS_ACCEPT, "Access Accept"},
175 {RADIUS_ACCESS_REJECT, "Access Reject"},
176 {RADIUS_ACCOUNTING_REQUEST, "Accounting Request"},
177 {RADIUS_ACCOUNTING_RESPONSE, "Accounting Response"},
178 {RADIUS_ACCESS_CHALLENGE, "Accounting challenge"},
179 {RADIUS_STATUS_SERVER, "StatusServer"},
180 {RADIUS_STATUS_CLIENT, "StatusClient"},
181 {RADIUS_RESERVED, "Reserved"},
184 static value_string radius_service_type_vals[]=
187 {3, "Callback Login"},
188 {4, "Callback Framed"},
190 {6, "Administrative"},
192 {8, "Authenticate Only"},
193 {9, "Callback NAS Prompt"},
198 * These are SMI Network Management Private Enterprise Codes for
201 * http://www.isi.edu/in-notes/iana/assignments/enterprise-numbers
205 static value_string radius_vendor_specific_vendors[]=
212 {1584,"Bay Networks"},
213 {2636,"Juniper Networks"},
216 static value_string radius_framed_protocol_vals[]=
219 {3, "Appletalk Remote Access Protocol (ARAP)"},
220 {4, "Gandalf proprietary Singlelink/Multilink Protocol"},
221 {5, "Xylogics proprietary IPX/SLIP"},
222 {6, "X.75 Synchronous"},
225 static value_string radius_framed_routing_vals[]=
226 {{1, "Send Routing Packets"},
227 {2, "Listen for routing packets"},
228 {3, "Send and Listen"},
232 static value_string radius_framed_compression_vals[]=
233 {{1, "VJ TCP/IP Header Compression"},
234 {2, "IPX Header Compression"},
235 {3, "Stac-LZS compression"},
239 static value_string radius_login_service_vals[]=
246 {8, "TCP Clear Quit"},
250 static value_string radius_terminating_action_vals[]=
251 {{1, "RADIUS-Request"},
255 static value_string radius_accounting_status_type_vals[]=
258 {3, "Interim-Update"},
260 {8,"Accounting-Off"},
263 static value_string radius_accounting_authentication_vals[]=
269 static value_string radius_acct_terminate_cause_vals[]=
270 {{1, "User Request"},
274 {5,"Session Timeout"},
281 {12, "Port Unneeded"},
282 {13, "Port Preempted"},
283 {14,"Port Suspended"},
284 {15,"Service Unavailable"},
290 static value_string radius_tunnel_type_vals[]=
305 static value_string radius_tunnel_medium_type_vals[]=
323 static value_string radius_nas_port_type_vals[]=
327 {3, "ISDN Async V.120"},
328 {4,"ISDN Async V.110"},
331 {7, "HDLC Clear Channel"},
341 static value_value_pair radius_printinfo[] = {
342 { RD_TP_USER_NAME, RADIUS_STRING },
343 { RD_TP_USER_PASSWORD,RADIUS_BINSTRING },
344 { RD_TP_CHAP_PASSWORD, RADIUS_BINSTRING },
345 { RD_TP_NAS_IP_ADDRESS, RADIUS_IP_ADDRESS },
346 { RD_TP_NAS_PORT, RADIUS_INTEGER4},
347 { RD_TP_SERVICE_TYPE, RADIUS_SERVICE_TYPE},
348 { RD_TP_FRAMED_PROTOCOL, RADIUS_FRAMED_PROTOCOL},
349 { RD_TP_FRAMED_IP_ADDRESS, RADIUS_IP_ADDRESS},
350 { RD_TP_FRAMED_IP_NETMASK, RADIUS_IP_ADDRESS},
351 { RD_TP_FRAMED_ROUTING, RADIUS_FRAMED_ROUTING},
352 { RD_TP_FILTER_ID, RADIUS_STRING},
353 { RD_TP_FRAMED_MTU, RADIUS_INTEGER4},
354 { RD_TP_FRAMED_COMPRESSION, RADIUS_FRAMED_COMPRESSION},
355 { RD_TP_LOGIN_IP_HOST, RADIUS_IP_ADDRESS},
356 { RD_TP_LOGIN_SERVICE, RADIUS_LOGIN_SERVICE},
357 { RD_TP_LOGIN_TCP_PORT, RADIUS_INTEGER4},
358 { RD_TP_UNASSIGNED, RADIUS_UNKNOWN},
359 { RD_TP_REPLY_MESSAGE, RADIUS_STRING},
360 { RD_TP_CALLBACK_NUMBER, RADIUS_BINSTRING},
361 { RD_TP_CALLBACK_ID, RADIUS_BINSTRING},
362 { RD_TP_UNASSIGNED2, RADIUS_UNKNOWN},
363 { RD_TP_FRAMED_ROUTE, RADIUS_STRING},
364 { RD_TP_FRAMED_IPX_NETWORK, RADIUS_IPX_ADDRESS},
365 { RD_TP_STATE, RADIUS_BINSTRING},
366 { RD_TP_CLASS, RADIUS_BINSTRING},
367 { RD_TP_VENDOR_SPECIFIC, RADIUS_VENDOR_SPECIFIC},
368 { RD_TP_SESSION_TIMEOUT, RADIUS_INTEGER4},
369 { RD_TP_IDLE_TIMEOUT, RADIUS_INTEGER4},
370 { RD_TP_TERMINATING_ACTION, RADIUS_TERMINATING_ACTION},
371 { RD_TP_CALLED_STATION_ID, RADIUS_BINSTRING},
372 { RD_TP_CALLING_STATION_ID, RADIUS_BINSTRING},
373 { RD_TP_NAS_IDENTIFIER, RADIUS_BINSTRING},
374 { RD_TP_PROXY_STATE, RADIUS_BINSTRING},
375 { RD_TP_LOGIN_LAT_SERVICE, RADIUS_BINSTRING},
376 { RD_TP_LOGIN_LAT_NODE, RADIUS_BINSTRING},
377 { RD_TP_LOGIN_LAT_GROUP, RADIUS_BINSTRING},
378 { RD_TP_FRAMED_APPLETALK_LINK, RADIUS_INTEGER4},
379 { RD_TP_FRAMED_APPLETALK_NETWORK, RADIUS_INTEGER4},
380 { RD_TP_FRAMED_APPLETALK_ZONE, RADIUS_BINSTRING},
381 { RD_TP_ACCT_STATUS_TYPE, RADIUS_ACCOUNTING_STATUS_TYPE},
382 { RD_TP_ACCT_DELAY_TIME, RADIUS_INTEGER4},
383 { RD_TP_ACCT_INPUT_OCTETS, RADIUS_INTEGER4},
384 { RD_TP_ACCT_OUTPUT_OCTETS, RADIUS_INTEGER4},
385 { RD_TP_ACCT_SESSION_ID, RADIUS_STRING},
386 { RD_TP_ACCT_AUTHENTIC, RADIUS_ACCT_AUTHENTIC},
387 { RD_TP_ACCT_SESSION_TIME, RADIUS_INTEGER4},
388 { RD_TP_ACCT_INPUT_PACKETS, RADIUS_INTEGER4},
389 { RD_TP_ACCT_OUTPUT_PACKETS, RADIUS_INTEGER4},
390 { RD_TP_ACCT_TERMINATE_CAUSE, RADIUS_ACCT_TERMINATE_CAUSE},
391 { RD_TP_ACCT_MULTI_SESSION_ID, RADIUS_STRING},
392 { RD_TP_ACCT_LINK_COUNT, RADIUS_INTEGER4},
393 { RD_TP_CHAP_CHALLENGE, RADIUS_BINSTRING},
394 { RD_TP_NAS_PORT_TYPE, RADIUS_NAS_PORT_TYPE},
395 { RD_TP_PORT_LIMIT, RADIUS_INTEGER4},
396 { RD_TP_LOGIN_LAT_PORT, RADIUS_BINSTRING},
397 { RD_TP_TUNNEL_TYPE, RADIUS_TUNNEL_TYPE},
398 { RD_TP_TUNNEL_MEDIUM_TYPE, RADIUS_TUNNEL_MEDIUM_TYPE},
399 { RD_TP_TUNNEL_CLIENT_ENDPOINT, RADIUS_STRING_TAGGED},
400 { RD_TP_TUNNEL_SERVER_ENDPOINT, RADIUS_STRING_TAGGED},
401 { RD_TP_TUNNEL_PASSWORD, RADIUS_STRING_TAGGED},
402 { RD_TP_TUNNEL_ASSIGNMENT_ID, RADIUS_STRING_TAGGED},
406 static value_string radius_attrib_type_vals[] = {
407 { RD_TP_USER_NAME, "User Name"},
408 { RD_TP_USER_PASSWORD, "User Password"},
409 { RD_TP_CHAP_PASSWORD, "Chap Password"},
410 { RD_TP_NAS_IP_ADDRESS, "NAS IP Address"},
411 { RD_TP_NAS_PORT, "NAS Port"},
412 { RD_TP_SERVICE_TYPE, "Service Type"},
413 { RD_TP_FRAMED_PROTOCOL, "Framed Protocol"},
414 { RD_TP_FRAMED_IP_ADDRESS, "Framed IP Address"},
415 { RD_TP_FRAMED_IP_NETMASK, "Framed IP Netmask"},
416 { RD_TP_FRAMED_ROUTING, "Framed Routing"},
417 { RD_TP_FILTER_ID, "Filter Id"},
418 { RD_TP_FRAMED_MTU, "Framed MTU"},
419 { RD_TP_FRAMED_COMPRESSION, "Framed Compression"},
420 { RD_TP_LOGIN_IP_HOST, "Login IP Host"},
421 { RD_TP_LOGIN_SERVICE, "Login Service"},
422 { RD_TP_LOGIN_TCP_PORT, "Login TCP Port"},
423 { RD_TP_UNASSIGNED, "Unassigned"},
424 { RD_TP_REPLY_MESSAGE, "Reply Message"},
425 { RD_TP_CALLBACK_NUMBER, "Callback Number"},
426 { RD_TP_CALLBACK_ID, "Callback Id"},
427 { RD_TP_UNASSIGNED2, "Unassigned"},
428 { RD_TP_FRAMED_ROUTE, "Framed Route"},
429 { RD_TP_FRAMED_IPX_NETWORK, "Framed IPX network"},
430 { RD_TP_STATE, "State"},
431 { RD_TP_CLASS, "Class"},
432 { RD_TP_VENDOR_SPECIFIC, "Vendor Specific" },
433 { RD_TP_SESSION_TIMEOUT, "Session Timeout"},
434 { RD_TP_IDLE_TIMEOUT, "Idle Timeout"},
435 { RD_TP_TERMINATING_ACTION, "Terminating Action"},
436 { RD_TP_CALLED_STATION_ID, "Called Station Id"},
437 { RD_TP_CALLING_STATION_ID, "Calling Station Id"},
438 { RD_TP_NAS_IDENTIFIER, "NAS identifier"},
439 { RD_TP_PROXY_STATE, "Proxy State"},
440 { RD_TP_LOGIN_LAT_SERVICE, "Login LAT Service"},
441 { RD_TP_LOGIN_LAT_NODE, "Login LAT Node"},
442 { RD_TP_LOGIN_LAT_GROUP, "Login LAT Group"},
443 { RD_TP_FRAMED_APPLETALK_LINK, "Framed Appletalk Link"},
444 { RD_TP_FRAMED_APPLETALK_NETWORK, "Framed Appletalk Network"},
445 { RD_TP_FRAMED_APPLETALK_ZONE, "Framed Appletalk Zone"},
446 { RD_TP_ACCT_STATUS_TYPE, "Acct Status Type"},
447 { RD_TP_ACCT_DELAY_TIME, "Acct Delay Time"},
448 { RD_TP_ACCT_INPUT_OCTETS, "Acct Input Octets"},
449 { RD_TP_ACCT_OUTPUT_OCTETS, "Acct Output Octets"},
450 { RD_TP_ACCT_SESSION_ID, "Acct Session Id"},
451 { RD_TP_ACCT_AUTHENTIC, "Acct Authentic"},
452 { RD_TP_ACCT_SESSION_TIME, "Acct Session Time"},
453 { RD_TP_ACCT_INPUT_PACKETS, "Acct Input Packets"},
454 { RD_TP_ACCT_OUTPUT_PACKETS, "Acct Output Packets"},
455 { RD_TP_ACCT_TERMINATE_CAUSE, "Acct Terminate Cause"},
456 { RD_TP_ACCT_MULTI_SESSION_ID, "Acct Multi Session Id"},
457 { RD_TP_ACCT_LINK_COUNT, "Acct Link Count"},
458 { RD_TP_CHAP_CHALLENGE, "Chap Challenge"},
459 { RD_TP_NAS_PORT_TYPE, "NAS Port Type"},
460 { RD_TP_PORT_LIMIT, "Port Limit"},
461 { RD_TP_LOGIN_LAT_PORT, "Login LAT Port"},
462 { RD_TP_TUNNEL_TYPE, "Tunnel Type"},
463 { RD_TP_TUNNEL_MEDIUM_TYPE, "Tunnel Medium Type"},
464 { RD_TP_TUNNEL_CLIENT_ENDPOINT, "Tunnel Client Endpoint"},
465 { RD_TP_TUNNEL_SERVER_ENDPOINT, "Tunnel Server Endpoint"},
466 { RD_TP_TUNNEL_PASSWORD, "Tunnel Password"},
467 { RD_TP_TUNNEL_ASSIGNMENT_ID, "Tunnel Assignment ID"},
471 guint32 match_numval(guint32 val, const value_value_pair *vs)
476 if (vs[i].val1 == val)
484 static gchar textbuffer[2000];
486 gchar *rdconvertbufftostr(gchar *dest, tvbuff_t *tvb, int offset, int length)
488 /*converts the raw buffer into printable text */
491 const guint8 *pd = tvb_get_ptr(tvb, offset, length);
496 for (i=0; i < (guint32)length; i++)
498 if( isalnum((int)pd[i])||ispunct((int)pd[i])
499 ||((int)pd[i]==' ')) {
500 dest[totlen]=(gchar)pd[i];
505 sprintf(&(dest[totlen]), "\\%03u", pd[i]);
506 totlen=totlen+strlen(&(dest[totlen]));
514 gchar *rd_match_strval(guint32 val, const value_string *vs) {
515 return val_to_str(val, vs, "Undefined (%u)");
518 gchar *rd_value_to_str(e_avphdr *avph, tvbuff_t *tvb, int offset)
522 value_string *valstrarr;
527 /* prints the values of the attribute value pairs into a text buffer */
528 print_type=match_numval(avph->avp_type,radius_printinfo);
531 strcpy(textbuffer,"Value:");
532 cont=&textbuffer[strlen(textbuffer)];
535 case( RADIUS_STRING ):
536 case( RADIUS_BINSTRING ):
537 rdconvertbufftostr(cont,tvb,offset+2,avph->avp_length-2);
539 case( RADIUS_INTEGER4 ):
540 sprintf(cont,"%u", tvb_get_ntohl(tvb,offset+2));
542 case( RADIUS_IP_ADDRESS ):
543 ip_to_str_buf(tvb_get_ptr(tvb,offset+2,4),cont);
545 case( RADIUS_SERVICE_TYPE ):
546 valstrarr=radius_service_type_vals;
547 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
549 case( RADIUS_FRAMED_PROTOCOL ):
550 valstrarr= radius_framed_protocol_vals;
551 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
553 case( RADIUS_FRAMED_ROUTING ):
554 valstrarr=radius_framed_routing_vals;
555 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
557 case( RADIUS_FRAMED_COMPRESSION ):
558 valstrarr=radius_framed_compression_vals;
559 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
561 case( RADIUS_LOGIN_SERVICE ):
562 valstrarr=radius_login_service_vals;
563 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
565 case( RADIUS_IPX_ADDRESS ):
566 pd = tvb_get_ptr(tvb,offset+2,4);
567 sprintf(cont,"%u:%u:%u:%u",(guint8)pd[offset+2],
568 (guint8)pd[offset+3],(guint8)pd[offset+4],
569 (guint8)pd[offset+5]);
570 case( RADIUS_TERMINATING_ACTION ):
571 valstrarr=radius_terminating_action_vals;
572 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
574 case( RADIUS_ACCOUNTING_STATUS_TYPE ):
575 valstrarr=radius_accounting_status_type_vals;
576 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
578 case( RADIUS_ACCT_AUTHENTIC ):
579 valstrarr=radius_accounting_authentication_vals;
580 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
582 case( RADIUS_ACCT_TERMINATE_CAUSE ):
583 valstrarr=radius_acct_terminate_cause_vals;
584 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
586 case( RADIUS_NAS_PORT_TYPE ):
587 valstrarr=radius_nas_port_type_vals;
588 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
590 case( RADIUS_TUNNEL_TYPE ):
591 valstrarr=radius_tunnel_type_vals;
593 intval = tvb_get_ntohl(tvb,offset+2);
595 sprintf(textbuffer, "Tag:%u, Value:%s",
597 rd_match_strval(intval & 0xffffff,valstrarr));
600 strcpy(cont,rd_match_strval(intval,valstrarr));
602 case( RADIUS_TUNNEL_MEDIUM_TYPE ):
603 valstrarr=radius_tunnel_medium_type_vals;
604 intval = tvb_get_ntohl(tvb,offset+2);
607 sprintf(textbuffer, "Tag:%u, Value:%s",
609 rd_match_strval(intval & 0xffffff,valstrarr));
612 strcpy(cont,rd_match_strval(intval,valstrarr));
614 case( RADIUS_STRING_TAGGED ):
616 tag = tvb_get_guint8(tvb,offset+2);
618 sprintf(textbuffer, "Tag:%u, Value:",
620 cont=&textbuffer[strlen(textbuffer)];
621 rdconvertbufftostr(cont,tvb,offset+3,avph->avp_length-3);
624 rdconvertbufftostr(cont,tvb,offset+2,avph->avp_length-2);
626 case ( RADIUS_VENDOR_SPECIFIC ):
627 valstrarr=radius_vendor_specific_vendors;
628 sprintf(textbuffer,"Vendor:%s, Value:",
629 rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
630 cont=&textbuffer[strlen(textbuffer)];
631 rdconvertbufftostr(cont,tvb,offset+6,avph->avp_length-6);
633 case( RADIUS_UNKNOWN ):
635 strcpy(textbuffer,"Unknown Value Type");
638 if (cont == textbuffer) {
639 strcpy(cont,"Unknown Value");
645 void dissect_attribute_value_pairs(tvbuff_t *tvb, int offset, proto_tree *tree,
648 /* adds the attribute value pairs to the tree */
654 proto_tree_add_text(tree, tvb,offset,0,"No Attribute Value Pairs Found");
658 while (avplength > 0 )
661 tvb_memcpy(tvb,(guint8 *)&avph,offset,sizeof(e_avphdr));
662 avplength=avplength-avph.avp_length;
663 avptpstrval=match_strval(avph.avp_type, radius_attrib_type_vals);
664 if (avptpstrval == NULL) avptpstrval="Unknown Type";
665 valstr=rd_value_to_str(&avph, tvb, offset);
666 proto_tree_add_text(tree, tvb,offset,avph.avp_length,
668 avptpstrval,avph.avp_type,avph.avp_length,valstr);
669 offset=offset+avph.avp_length;
670 if (avph.avp_length == 0) {
676 static void dissect_radius(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
678 proto_tree *radius_tree,*avptree;
679 proto_item *ti,*avptf;
683 int avplength,hdrlength;
688 if (check_col(pinfo->fd, COL_PROTOCOL))
689 col_set_str(pinfo->fd, COL_PROTOCOL, "RADIUS");
690 if (check_col(pinfo->fd, COL_INFO))
691 col_clear(pinfo->fd, COL_INFO);
693 tvb_memcpy(tvb,(guint8 *)&rh,0,sizeof(e_radiushdr));
695 rhcode= (int)rh.rh_code;
696 rhident= (int)rh.rh_ident;
697 rhlength= (int)ntohs(rh.rh_pktlength);
698 codestrval= match_strval(rhcode,radius_vals);
699 if (codestrval==NULL)
701 codestrval="Unknown Packet";
703 if (check_col(pinfo->fd, COL_INFO))
705 col_add_fstr(pinfo->fd,COL_INFO,"%s(%d) (id=%d, l=%d)",
706 codestrval, rhcode, rhident, rhlength);
711 ti = proto_tree_add_item(tree,proto_radius, tvb, 0, rhlength, FALSE);
713 radius_tree = proto_item_add_subtree(ti, ett_radius);
715 proto_tree_add_uint(radius_tree,hf_radius_code, tvb, 0, 1,
717 proto_tree_add_uint_format(radius_tree,hf_radius_id, tvb, 1, 1,
718 rh.rh_ident, "Packet identifier: 0x%01x (%d)",
721 proto_tree_add_uint(radius_tree, hf_radius_length, tvb,
723 proto_tree_add_text(radius_tree, tvb, 4,
724 AUTHENTICATOR_LENGTH,
727 hdrlength=RD_HDR_LENGTH+AUTHENTICATOR_LENGTH;
728 avplength= rhlength -hdrlength;
730 /* list the attribute value pairs */
732 avptf = proto_tree_add_text(radius_tree,
733 tvb,hdrlength,avplength,
734 "Attribute value pairs");
735 avptree = proto_item_add_subtree(avptf, ett_radius_avp);
739 dissect_attribute_value_pairs(tvb, hdrlength,
744 /* registration with the filtering engine */
746 proto_register_radius(void)
748 static hf_register_info hf[] = {
750 { "Code","radius.code", FT_UINT8, BASE_DEC, VALS(radius_vals), 0x0,
754 { "Identifier", "radius.id", FT_UINT8, BASE_DEC, NULL, 0x0,
758 { "Length","radius.length", FT_UINT16, BASE_DEC, NULL, 0x0,
761 static gint *ett[] = {
766 proto_radius = proto_register_protocol("Radius Protocol", "RADIUS",
768 proto_register_field_array(proto_radius, hf, array_length(hf));
769 proto_register_subtree_array(ett, array_length(ett));
773 proto_reg_handoff_radius(void)
775 dissector_add("udp.port", UDP_PORT_RADIUS, dissect_radius,
777 dissector_add("udp.port", UDP_PORT_RADIUS_NEW, dissect_radius,
779 dissector_add("udp.port", UDP_PORT_RADACCT, dissect_radius,
781 dissector_add("udp.port", UDP_PORT_RADACCT_NEW, dissect_radius,