2 * Routines for RADIUS packet disassembly
4 * $Id: packet-radius.c,v 1.13 2000/05/31 05:07:33 guy Exp $
6 * Ethereal - Network traffic analyzer
8 * Copyright 1999 Johan Feyaerts
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version 2
12 * of the License, or (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
28 #ifdef HAVE_SYS_TYPES_H
29 # include <sys/types.h>
32 #ifdef HAVE_NETINET_IN_H
33 #include <netinet/in.h>
43 static int proto_radius = -1;
44 static int hf_radius_length = -1;
45 static int hf_radius_code = -1;
46 static int hf_radius_id =-1;
48 static gint ett_radius = -1;
49 static gint ett_radius_avp = -1;
51 #define UDP_PORT_RADIUS 1645
52 #define UDP_PORT_RADIUS_NEW 1812
53 #define UDP_PORT_RADACCT 1646
54 #define UDP_PORT_RADACCT_NEW 1813
56 typedef struct _e_radiushdr {
62 typedef struct _e_avphdr {
67 typedef struct _value_value_pair {
72 #define RADIUS_ACCESS_REQUEST 1
73 #define RADIUS_ACCESS_ACCEPT 2
74 #define RADIUS_ACCESS_REJECT 3
75 #define RADIUS_ACCOUNTING_REQUEST 4
76 #define RADIUS_ACCOUNTING_RESPONSE 5
77 #define RADIUS_ACCESS_CHALLENGE 11
78 #define RADIUS_STATUS_SERVER 12
79 #define RADIUS_STATUS_CLIENT 13
80 #define RADIUS_RESERVED 255
82 #define RD_TP_USER_NAME 1
83 #define RD_TP_USER_PASSWORD 2
84 #define RD_TP_CHAP_PASSWORD 3
85 #define RD_TP_NAS_IP_ADDRESS 4
86 #define RD_TP_NAS_PORT 5
87 #define RD_TP_SERVICE_TYPE 6
88 #define RD_TP_FRAMED_PROTOCOL 7
89 #define RD_TP_FRAMED_IP_ADDRESS 8
90 #define RD_TP_FRAMED_IP_NETMASK 9
91 #define RD_TP_FRAMED_ROUTING 10
92 #define RD_TP_FILTER_ID 11
93 #define RD_TP_FRAMED_MTU 12
94 #define RD_TP_FRAMED_COMPRESSION 13
95 #define RD_TP_LOGIN_IP_HOST 14
96 #define RD_TP_LOGIN_SERVICE 15
97 #define RD_TP_LOGIN_TCP_PORT 16
98 #define RD_TP_UNASSIGNED 17
99 #define RD_TP_REPLY_MESSAGE 18
100 #define RD_TP_CALLBACK_NUMBER 19
101 #define RD_TP_CALLBACK_ID 20
102 #define RD_TP_UNASSIGNED2 21
103 #define RD_TP_FRAMED_ROUTE 22
104 #define RD_TP_FRAMED_IPX_NETWORK 23
105 #define RD_TP_STATE 24
106 #define RD_TP_CLASS 25
107 #define RD_TP_VENDOR_SPECIFIC 26
108 #define RD_TP_SESSION_TIMEOUT 27
109 #define RD_TP_IDLE_TIMEOUT 28
110 #define RD_TP_TERMINATING_ACTION 29
111 #define RD_TP_CALLED_STATION_ID 30
112 #define RD_TP_CALLING_STATION_ID 31
113 #define RD_TP_NAS_IDENTIFIER 32
114 #define RD_TP_PROXY_STATE 33
115 #define RD_TP_LOGIN_LAT_SERVICE 34
116 #define RD_TP_LOGIN_LAT_NODE 35
117 #define RD_TP_LOGIN_LAT_GROUP 36
118 #define RD_TP_FRAMED_APPLETALK_LINK 37
119 #define RD_TP_FRAMED_APPLETALK_NETWORK 38
120 #define RD_TP_FRAMED_APPLETALK_ZONE 39
121 #define RD_TP_ACCT_STATUS_TYPE 40
122 #define RD_TP_ACCT_DELAY_TIME 41
123 #define RD_TP_ACCT_INPUT_OCTETS 42
124 #define RD_TP_ACCT_OUTPUT_OCTETS 43
125 #define RD_TP_ACCT_SESSION_ID 44
126 #define RD_TP_ACCT_AUTHENTIC 45
127 #define RD_TP_ACCT_SESSION_TIME 46
128 #define RD_TP_ACCT_INPUT_PACKETS 47
129 #define RD_TP_ACCT_OUTPUT_PACKETS 48
130 #define RD_TP_ACCT_TERMINATE_CAUSE 49
131 #define RD_TP_ACCT_MULTI_SESSION_ID 50
132 #define RD_TP_ACCT_LINK_COUNT 51
133 #define RD_TP_CHAP_CHALLENGE 60
134 #define RD_TP_NAS_PORT_TYPE 61
135 #define RD_TP_PORT_LIMIT 62
136 #define RD_TP_LOGIN_LAT_PORT 63
137 #define RD_TP_TUNNEL_TYPE 64
138 #define RD_TP_TUNNEL_MEDIUM_TYPE 65
139 #define RD_TP_TUNNEL_CLIENT_ENDPOINT 66
140 #define RD_TP_TUNNEL_SERVER_ENDPOINT 67
141 #define RD_TP_TUNNEL_PASSWORD 69
142 #define RD_TP_TUNNEL_ASSIGNMENT_ID 82
144 #define AUTHENTICATOR_LENGTH 16
145 #define RD_HDR_LENGTH 4
148 #define RADIUS_STRING 1
149 #define RADIUS_BINSTRING 2
150 #define RADIUS_INTEGER4 3
151 #define RADIUS_IP_ADDRESS 4
152 #define RADIUS_SERVICE_TYPE 5
153 #define RADIUS_FRAMED_PROTOCOL 6
154 #define RADIUS_FRAMED_ROUTING 7
155 #define RADIUS_FRAMED_COMPRESSION 8
156 #define RADIUS_LOGIN_SERVICE 9
157 #define RADIUS_UNKNOWN 10
158 #define RADIUS_IPX_ADDRESS 11
159 #define RADIUS_TERMINATING_ACTION 12
160 #define RADIUS_ACCOUNTING_STATUS_TYPE 13
161 #define RADIUS_ACCT_AUTHENTIC 14
162 #define RADIUS_ACCT_TERMINATE_CAUSE 15
163 #define RADIUS_NAS_PORT_TYPE 16
164 #define RADIUS_TUNNEL_TYPE 17
165 #define RADIUS_TUNNEL_MEDIUM_TYPE 18
166 #define RADIUS_STRING_TAGGED 19
167 #define RADIUS_VENDOR_SPECIFIC 20
169 static value_string radius_vals[] = {
170 {RADIUS_ACCESS_REQUEST, "Access Request"},
171 {RADIUS_ACCESS_ACCEPT, "Access Accept"},
172 {RADIUS_ACCESS_REJECT, "Access Reject"},
173 {RADIUS_ACCOUNTING_REQUEST, "Accounting Request"},
174 {RADIUS_ACCOUNTING_RESPONSE, "Accounting Response"},
175 {RADIUS_ACCESS_CHALLENGE, "Accounting challenge"},
176 {RADIUS_STATUS_SERVER, "StatusServer"},
177 {RADIUS_STATUS_CLIENT, "StatusClient"},
178 {RADIUS_RESERVED, "Reserved"},
181 static value_string radius_service_type_vals[]=
184 {3, "Callback Login"},
185 {4, "Callback Framed"},
187 {6, "Administrative"},
189 {8, "Authenticate Only"},
190 {9, "Callback NAS Prompt"},
194 static value_string radius_vendor_specific_vendors[]=
201 {1584,"Bay Networks"},
204 static value_string radius_framed_protocol_vals[]=
207 {3, "Appletalk Remote Access Protocol (ARAP)"},
208 {4, "Gandalf proprietary Singlelink/Multilink Protocol"},
209 {5, "Xylogics proprietary IPX/SLIP"},
210 {6, "X.75 Synchronous"},
213 static value_string radius_framed_routing_vals[]=
214 {{1, "Send Routing Packets"},
215 {2, "Listen for routing packets"},
216 {3, "Send and Listen"},
220 static value_string radius_framed_compression_vals[]=
221 {{1, "VJ TCP/IP Header Compression"},
222 {2, "IPX Header Compression"},
223 {3, "Stac-LZS compression"},
227 static value_string radius_login_service_vals[]=
234 {8, "TCP Clear Quit"},
238 static value_string radius_terminating_action_vals[]=
239 {{1, "RADIUS-Request"},
243 static value_string radius_accounting_status_type_vals[]=
247 {8,"Accounting-Off"},
250 static value_string radius_accounting_authentication_vals[]=
256 static value_string radius_acct_terminate_cause_vals[]=
257 {{1, "User Request"},
261 {5,"Session Timeout"},
268 {12, "Port Unneeded"},
269 {13, "Port Preempted"},
270 {14,"Port Suspended"},
271 {15,"Service Unavailable"},
277 static value_string radius_tunnel_type_vals[]=
292 static value_string radius_tunnel_medium_type_vals[]=
310 static value_string radius_nas_port_type_vals[]=
314 {3, "ISDN Async V.120"},
315 {4,"ISDN Async V.110"},
318 {7, "HDLC Clear Channel"},
328 static value_value_pair radius_printinfo[] = {
329 { RD_TP_USER_NAME, RADIUS_STRING },
330 { RD_TP_USER_PASSWORD,RADIUS_BINSTRING },
331 { RD_TP_CHAP_PASSWORD, RADIUS_BINSTRING },
332 { RD_TP_NAS_IP_ADDRESS, RADIUS_IP_ADDRESS },
333 { RD_TP_NAS_PORT, RADIUS_INTEGER4},
334 { RD_TP_SERVICE_TYPE, RADIUS_SERVICE_TYPE},
335 { RD_TP_FRAMED_PROTOCOL, RADIUS_FRAMED_PROTOCOL},
336 { RD_TP_FRAMED_IP_ADDRESS, RADIUS_IP_ADDRESS},
337 { RD_TP_FRAMED_IP_NETMASK, RADIUS_IP_ADDRESS},
338 { RD_TP_FRAMED_ROUTING, RADIUS_FRAMED_ROUTING},
339 { RD_TP_FILTER_ID, RADIUS_STRING},
340 { RD_TP_FRAMED_MTU, RADIUS_INTEGER4},
341 { RD_TP_FRAMED_COMPRESSION, RADIUS_FRAMED_COMPRESSION},
342 { RD_TP_LOGIN_IP_HOST, RADIUS_IP_ADDRESS},
343 { RD_TP_LOGIN_SERVICE, RADIUS_LOGIN_SERVICE},
344 { RD_TP_LOGIN_TCP_PORT, RADIUS_INTEGER4},
345 { RD_TP_UNASSIGNED, RADIUS_UNKNOWN},
346 { RD_TP_REPLY_MESSAGE, RADIUS_STRING},
347 { RD_TP_CALLBACK_NUMBER, RADIUS_BINSTRING},
348 { RD_TP_CALLBACK_ID, RADIUS_BINSTRING},
349 { RD_TP_UNASSIGNED2, RADIUS_UNKNOWN},
350 { RD_TP_FRAMED_ROUTE, RADIUS_STRING},
351 { RD_TP_FRAMED_IPX_NETWORK, RADIUS_IPX_ADDRESS},
352 { RD_TP_STATE, RADIUS_BINSTRING},
353 { RD_TP_CLASS, RADIUS_BINSTRING},
354 { RD_TP_VENDOR_SPECIFIC, RADIUS_VENDOR_SPECIFIC},
355 { RD_TP_SESSION_TIMEOUT, RADIUS_INTEGER4},
356 { RD_TP_IDLE_TIMEOUT, RADIUS_INTEGER4},
357 { RD_TP_TERMINATING_ACTION, RADIUS_TERMINATING_ACTION},
358 { RD_TP_CALLED_STATION_ID, RADIUS_BINSTRING},
359 { RD_TP_CALLING_STATION_ID, RADIUS_BINSTRING},
360 { RD_TP_NAS_IDENTIFIER, RADIUS_BINSTRING},
361 { RD_TP_PROXY_STATE, RADIUS_BINSTRING},
362 { RD_TP_LOGIN_LAT_SERVICE, RADIUS_BINSTRING},
363 { RD_TP_LOGIN_LAT_NODE, RADIUS_BINSTRING},
364 { RD_TP_LOGIN_LAT_GROUP, RADIUS_BINSTRING},
365 { RD_TP_FRAMED_APPLETALK_LINK, RADIUS_INTEGER4},
366 { RD_TP_FRAMED_APPLETALK_NETWORK, RADIUS_INTEGER4},
367 { RD_TP_FRAMED_APPLETALK_ZONE, RADIUS_BINSTRING},
368 { RD_TP_ACCT_STATUS_TYPE, RADIUS_ACCOUNTING_STATUS_TYPE},
369 { RD_TP_ACCT_DELAY_TIME, RADIUS_INTEGER4},
370 { RD_TP_ACCT_INPUT_OCTETS, RADIUS_INTEGER4},
371 { RD_TP_ACCT_OUTPUT_OCTETS, RADIUS_INTEGER4},
372 { RD_TP_ACCT_SESSION_ID, RADIUS_STRING},
373 { RD_TP_ACCT_AUTHENTIC, RADIUS_ACCT_AUTHENTIC},
374 { RD_TP_ACCT_SESSION_TIME, RADIUS_INTEGER4},
375 { RD_TP_ACCT_INPUT_PACKETS, RADIUS_INTEGER4},
376 { RD_TP_ACCT_OUTPUT_PACKETS, RADIUS_INTEGER4},
377 { RD_TP_ACCT_TERMINATE_CAUSE, RADIUS_ACCT_TERMINATE_CAUSE},
378 { RD_TP_ACCT_MULTI_SESSION_ID, RADIUS_STRING},
379 { RD_TP_ACCT_LINK_COUNT, RADIUS_INTEGER4},
380 { RD_TP_CHAP_CHALLENGE, RADIUS_BINSTRING},
381 { RD_TP_NAS_PORT_TYPE, RADIUS_NAS_PORT_TYPE},
382 { RD_TP_PORT_LIMIT, RADIUS_INTEGER4},
383 { RD_TP_LOGIN_LAT_PORT, RADIUS_BINSTRING},
384 { RD_TP_TUNNEL_TYPE, RADIUS_TUNNEL_TYPE},
385 { RD_TP_TUNNEL_MEDIUM_TYPE, RADIUS_TUNNEL_MEDIUM_TYPE},
386 { RD_TP_TUNNEL_CLIENT_ENDPOINT, RADIUS_STRING_TAGGED},
387 { RD_TP_TUNNEL_SERVER_ENDPOINT, RADIUS_STRING_TAGGED},
388 { RD_TP_TUNNEL_PASSWORD, RADIUS_STRING_TAGGED},
389 { RD_TP_TUNNEL_ASSIGNMENT_ID, RADIUS_STRING_TAGGED},
393 static value_string radius_attrib_type_vals[] = {
394 { RD_TP_USER_NAME, "User Name"},
395 { RD_TP_USER_PASSWORD, "User Password"},
396 { RD_TP_CHAP_PASSWORD, "Chap Password"},
397 { RD_TP_NAS_IP_ADDRESS, "NAS IP Address"},
398 { RD_TP_NAS_PORT, "NAS Port"},
399 { RD_TP_SERVICE_TYPE, "Service Type"},
400 { RD_TP_FRAMED_PROTOCOL, "Framed Protocol"},
401 { RD_TP_FRAMED_IP_ADDRESS, "Framed IP Address"},
402 { RD_TP_FRAMED_IP_NETMASK, "Framed IP Netmask"},
403 { RD_TP_FRAMED_ROUTING, "Framed Routing"},
404 { RD_TP_FILTER_ID, "Filter Id"},
405 { RD_TP_FRAMED_MTU, "Framed MTU"},
406 { RD_TP_FRAMED_COMPRESSION, "Framed Compression"},
407 { RD_TP_LOGIN_IP_HOST, "Login IP Host"},
408 { RD_TP_LOGIN_SERVICE, "Login Service"},
409 { RD_TP_LOGIN_TCP_PORT, "Login TCP Port"},
410 { RD_TP_UNASSIGNED, "Unassigned"},
411 { RD_TP_REPLY_MESSAGE, "Reply Message"},
412 { RD_TP_CALLBACK_NUMBER, "Callback Number"},
413 { RD_TP_CALLBACK_ID, "Callback Id"},
414 { RD_TP_UNASSIGNED2, "Unassigned"},
415 { RD_TP_FRAMED_ROUTE, "Framed Route"},
416 { RD_TP_FRAMED_IPX_NETWORK, "Framed IPX network"},
417 { RD_TP_STATE, "State"},
418 { RD_TP_CLASS, "Class"},
419 { RD_TP_VENDOR_SPECIFIC, "Vendor Specific" },
420 { RD_TP_SESSION_TIMEOUT, "Session Timeout"},
421 { RD_TP_IDLE_TIMEOUT, "Idle Timeout"},
422 { RD_TP_TERMINATING_ACTION, "Terminating Action"},
423 { RD_TP_CALLED_STATION_ID, "Called Station Id"},
424 { RD_TP_CALLING_STATION_ID, "Calling Station Id"},
425 { RD_TP_NAS_IDENTIFIER, "NAS identifier"},
426 { RD_TP_PROXY_STATE, "Proxy State"},
427 { RD_TP_LOGIN_LAT_SERVICE, "Login LAT Service"},
428 { RD_TP_LOGIN_LAT_NODE, "Login LAT Node"},
429 { RD_TP_LOGIN_LAT_GROUP, "Login LAT Group"},
430 { RD_TP_FRAMED_APPLETALK_LINK, "Framed Appletalk Link"},
431 { RD_TP_FRAMED_APPLETALK_NETWORK, "Framed Appletalk Network"},
432 { RD_TP_FRAMED_APPLETALK_ZONE, "Framed Appletalk Zone"},
433 { RD_TP_ACCT_STATUS_TYPE, "Acct Status Type"},
434 { RD_TP_ACCT_DELAY_TIME, "Acct Delay Time"},
435 { RD_TP_ACCT_INPUT_OCTETS, "Acct Input Octets"},
436 { RD_TP_ACCT_OUTPUT_OCTETS, "Acct Output Octets"},
437 { RD_TP_ACCT_SESSION_ID, "Acct Session Id"},
438 { RD_TP_ACCT_AUTHENTIC, "Acct Authentic"},
439 { RD_TP_ACCT_SESSION_TIME, "Acct Session Time"},
440 { RD_TP_ACCT_INPUT_PACKETS, "Acct Input Packets"},
441 { RD_TP_ACCT_OUTPUT_PACKETS, "Acct Output Packets"},
442 { RD_TP_ACCT_TERMINATE_CAUSE, "Acct Terminate Cause"},
443 { RD_TP_ACCT_MULTI_SESSION_ID, "Acct Multi Session Id"},
444 { RD_TP_ACCT_LINK_COUNT, "Acct Link Count"},
445 { RD_TP_CHAP_CHALLENGE, "Chap Challenge"},
446 { RD_TP_NAS_PORT_TYPE, "NAS Port Type"},
447 { RD_TP_PORT_LIMIT, "Port Limit"},
448 { RD_TP_LOGIN_LAT_PORT, "Login LAT Port"},
449 { RD_TP_TUNNEL_TYPE, "Tunnel Type"},
450 { RD_TP_TUNNEL_MEDIUM_TYPE, "Tunnel Medium Type"},
451 { RD_TP_TUNNEL_CLIENT_ENDPOINT, "Tunnel Client Endpoint"},
452 { RD_TP_TUNNEL_SERVER_ENDPOINT, "Tunnel Server Endpoint"},
453 { RD_TP_TUNNEL_PASSWORD, "Tunnel Password"},
454 { RD_TP_TUNNEL_ASSIGNMENT_ID, "Tunnel Assignment ID"},
458 guint32 match_numval(guint32 val, const value_value_pair *vs)
463 if (vs[i].val1 == val)
471 static gchar textbuffer[2000];
473 gchar *rdconvertbufftostr(gchar *dest,guint8 length,const guint8 *pd)
475 /*converts the raw buffer into printable text */
482 for (i=0; i < (guint32)length; i++)
484 if( isalnum((int)pd[i])||ispunct((int)pd[i])
485 ||((int)pd[i]==' ')) {
486 dest[totlen]=(gchar)pd[i];
491 sprintf(&(dest[totlen]), "\\%03u", pd[i]);
492 totlen=totlen+strlen(&(dest[totlen]));
500 gchar *rd_match_strval(guint32 val, const value_string *vs) {
502 static gchar undf[30];
503 result=match_strval(val,vs);
504 if (result == NULL ) {
505 sprintf(undf,"Undefined(%d)",val);
511 gchar *rd_value_to_str(e_avphdr *avph,const u_char *pd, int offset)
516 value_string *valstrarr;
517 /* prints the values of the attribute value pairs into a text buffer */
518 print_type=match_numval(avph->avp_type,radius_printinfo);
519 intval=pntohl(&(pd[offset+2]));
521 strcpy(textbuffer,"Value:");
522 cont=&textbuffer[strlen(textbuffer)];
525 case( RADIUS_STRING ):
526 case( RADIUS_BINSTRING ):
527 rdconvertbufftostr(cont,avph->avp_length-2,&(pd[offset+2]));
529 case( RADIUS_INTEGER4 ):
530 sprintf(cont,"%u", intval);
532 case( RADIUS_IP_ADDRESS ):
533 sprintf(cont,"%u.%u.%u.%u",(guint8)pd[offset+2],
534 (guint8)pd[offset+3],(guint8)pd[offset+4],
535 (guint8)pd[offset+5]);
537 case( RADIUS_SERVICE_TYPE ):
538 valstrarr=radius_service_type_vals;
539 strcpy(cont,rd_match_strval(intval,valstrarr));
541 case( RADIUS_FRAMED_PROTOCOL ):
542 valstrarr= radius_framed_protocol_vals;
543 strcpy(cont,rd_match_strval(intval,valstrarr));
545 case( RADIUS_FRAMED_ROUTING ):
546 valstrarr=radius_framed_routing_vals;
547 strcpy(cont,rd_match_strval(intval,valstrarr));
549 case( RADIUS_FRAMED_COMPRESSION ):
550 valstrarr=radius_framed_compression_vals;
551 strcpy(cont,rd_match_strval(intval,valstrarr));
553 case( RADIUS_LOGIN_SERVICE ):
554 valstrarr=radius_login_service_vals;
555 strcpy(cont,rd_match_strval(intval,valstrarr));
557 case( RADIUS_IPX_ADDRESS ):
558 sprintf(cont,"%u:%u:%u:%u",(guint8)pd[offset+2],
559 (guint8)pd[offset+3],(guint8)pd[offset+4],
560 (guint8)pd[offset+5]);
561 case( RADIUS_TERMINATING_ACTION ):
562 valstrarr=radius_terminating_action_vals;
563 strcpy(cont,rd_match_strval(intval,valstrarr));
565 case( RADIUS_ACCOUNTING_STATUS_TYPE ):
566 valstrarr=radius_accounting_status_type_vals;
567 strcpy(cont,rd_match_strval(intval,valstrarr));
569 case( RADIUS_ACCT_AUTHENTIC ):
570 valstrarr=radius_accounting_authentication_vals;
571 strcpy(cont,rd_match_strval(intval,valstrarr));
573 case( RADIUS_ACCT_TERMINATE_CAUSE ):
574 valstrarr=radius_acct_terminate_cause_vals;
575 strcpy(cont,rd_match_strval(intval,valstrarr));
577 case( RADIUS_NAS_PORT_TYPE ):
578 valstrarr=radius_nas_port_type_vals;
579 strcpy(cont,rd_match_strval(intval,valstrarr));
581 case( RADIUS_TUNNEL_TYPE ):
582 valstrarr=radius_tunnel_type_vals;
585 sprintf(textbuffer, "Tag:%d, Value:%s",
587 rd_match_strval(intval & 0xffffff,valstrarr));
590 strcpy(cont,match_strval(intval,valstrarr));
592 case( RADIUS_TUNNEL_MEDIUM_TYPE ):
593 valstrarr=radius_tunnel_medium_type_vals;
596 sprintf(textbuffer, "Tag:%d, Value:%s",
598 rd_match_strval(intval & 0xffffff,valstrarr));
601 strcpy(cont,match_strval(intval,valstrarr));
603 case( RADIUS_STRING_TAGGED ):
605 if (pd[offset+2] <= 0x1f) {
606 sprintf(textbuffer, "Tag:%d, Value:",
608 cont=&textbuffer[strlen(textbuffer)];
609 rdconvertbufftostr(cont,avph->avp_length-3,
613 rdconvertbufftostr(cont,avph->avp_length-2,
616 case ( RADIUS_VENDOR_SPECIFIC ):
617 valstrarr=radius_vendor_specific_vendors;
618 sprintf(textbuffer,"Vendor:%s, Value:",
619 rd_match_strval(intval,valstrarr));
620 cont=&textbuffer[strlen(textbuffer)];
621 rdconvertbufftostr(cont,avph->avp_length-6,&(pd[offset+6]));
623 case( RADIUS_UNKNOWN ):
625 strcpy(textbuffer,"Unknown Value Type");
628 if (cont == textbuffer) {
629 strcpy(cont,"Unknown Value");
635 void dissect_attribute_value_pairs(const u_char *pd, int offset, frame_data
636 *fd, proto_tree *tree, int avplength)
638 /* adds the attribute value pairs to the tree */
644 proto_tree_add_text(tree, NullTVB,offset,0,"No Attribute Value Pairs Found");
648 while (avplength > 0 )
651 memcpy(&avph,&pd[offset],sizeof(e_avphdr));
652 avplength=avplength-avph.avp_length;
653 avptpstrval=match_strval(avph.avp_type, radius_attrib_type_vals);
654 if (avptpstrval == NULL) avptpstrval="Unknown Type";
655 valstr=rd_value_to_str(&avph, pd, offset);
656 if (!BYTES_ARE_IN_FRAME(offset, avph.avp_length)) {
659 proto_tree_add_text(tree, NullTVB,offset,avph.avp_length,
661 avptpstrval,avph.avp_type,avph.avp_length,valstr);
662 offset=offset+avph.avp_length;
663 if (avph.avp_length == 0) {
669 static void dissect_radius(const u_char *pd, int offset, frame_data *fd,
673 proto_tree *radius_tree,*avptree;
674 proto_item *ti,*avptf;
678 int avplength,hdrlength, offsetavp;
683 memcpy(&rh,&pd[offset],sizeof(e_radiushdr));
686 rhcode= (int)rh.rh_code;
687 rhident= (int)rh.rh_ident;
688 rhlength= (int)ntohs(rh.rh_pktlength);
689 codestrval= match_strval(rhcode,radius_vals);
690 if (codestrval==NULL)
692 codestrval="Unknown Packet";
694 if (check_col(fd, COL_PROTOCOL))
695 col_add_str(fd, COL_PROTOCOL, "RADIUS");
696 if (check_col(fd, COL_INFO))
698 sprintf(textbuffer,"%s(%d) (id=%d, l=%d)",
699 codestrval, rhcode, rhident, rhlength);
700 col_add_fstr(fd,COL_INFO,textbuffer);
706 ti = proto_tree_add_item(tree,proto_radius, NullTVB, offset, rhlength,
709 radius_tree = proto_item_add_subtree(ti, ett_radius);
711 proto_tree_add_uint_format(radius_tree,hf_radius_code, NullTVB, offset, 1,
712 rh.rh_code, "Packet code:0x%01x (%s)",rhcode, codestrval);
713 proto_tree_add_uint_format(radius_tree,hf_radius_id, NullTVB, offset+1, 1,
714 rh.rh_ident, "Packet identifier: 0x%01x (%d)",
717 proto_tree_add_uint_format(radius_tree, hf_radius_length, NullTVB,
720 "Packet length: 0x%02x(%d)",rhlength,rhlength);
721 proto_tree_add_text(radius_tree, NullTVB, offset+4,
722 AUTHENTICATOR_LENGTH,
725 hdrlength=RD_HDR_LENGTH+AUTHENTICATOR_LENGTH;
726 avplength= rhlength -hdrlength;
728 offsetavp=offset+hdrlength;
731 /* list the attribute value pairs */
733 avptf = proto_tree_add_text(radius_tree,
734 NullTVB,offset+hdrlength,avplength,
735 "Attribute value pairs");
736 avptree = proto_item_add_subtree(avptf, ett_radius_avp);
740 dissect_attribute_value_pairs( pd,
741 offsetavp,fd,avptree,avplength);
745 /* registration with the filtering engine */
747 proto_register_radius(void)
749 static hf_register_info hf[] = {
751 { "Code","radius.code", FT_UINT8, BASE_DEC, NULL, 0x0,
755 { "Identifier", "radius.id", FT_UINT8, BASE_DEC, NULL, 0x0,
759 { "Length","radius.length", FT_UINT16, BASE_DEC, NULL, 0x0,
762 static gint *ett[] = {
767 proto_radius = proto_register_protocol ("Radius Protocol", "radius");
768 proto_register_field_array(proto_radius, hf, array_length(hf));
769 proto_register_subtree_array(ett, array_length(ett));
773 proto_reg_handoff_radius(void)
775 dissector_add("udp.port", UDP_PORT_RADIUS, dissect_radius);
776 dissector_add("udp.port", UDP_PORT_RADIUS_NEW, dissect_radius);
777 dissector_add("udp.port", UDP_PORT_RADACCT, dissect_radius);
778 dissector_add("udp.port", UDP_PORT_RADACCT_NEW, dissect_radius);