2 * Routines for RADIUS packet disassembly
3 * Copyright 1999 Johan Feyaerts
5 * $Id: packet-radius.c,v 1.48 2002/02/26 00:51:41 guy Exp $
7 * Ethereal - Network traffic analyzer
8 * By Gerald Combs <gerald@ethereal.com>
9 * Copyright 1998 Gerald Combs
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version 2
14 * of the License, or (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
30 #ifdef HAVE_SYS_TYPES_H
31 # include <sys/types.h>
34 #ifdef HAVE_NETINET_IN_H
35 #include <netinet/in.h>
44 #include <epan/packet.h>
45 #include <epan/resolv.h>
47 static int proto_radius = -1;
48 static int hf_radius_length = -1;
49 static int hf_radius_code = -1;
50 static int hf_radius_id =-1;
52 static gint ett_radius = -1;
53 static gint ett_radius_avp = -1;
54 static gint ett_radius_eap = -1;
56 static dissector_handle_t eap_handle;
58 #define UDP_PORT_RADIUS 1645
59 #define UDP_PORT_RADIUS_NEW 1812
60 #define UDP_PORT_RADACCT 1646
61 #define UDP_PORT_RADACCT_NEW 1813
63 typedef struct _e_radiushdr {
69 typedef struct _e_avphdr {
74 typedef struct _value_value_pair {
79 #define RADIUS_ACCESS_REQUEST 1
80 #define RADIUS_ACCESS_ACCEPT 2
81 #define RADIUS_ACCESS_REJECT 3
82 #define RADIUS_ACCOUNTING_REQUEST 4
83 #define RADIUS_ACCOUNTING_RESPONSE 5
84 #define RADIUS_ACCESS_CHALLENGE 11
85 #define RADIUS_STATUS_SERVER 12
86 #define RADIUS_STATUS_CLIENT 13
87 #define RADIUS_RESERVED 255
89 #define RD_TP_USER_NAME 1
90 #define RD_TP_USER_PASSWORD 2
91 #define RD_TP_CHAP_PASSWORD 3
92 #define RD_TP_NAS_IP_ADDRESS 4
93 #define RD_TP_NAS_PORT 5
94 #define RD_TP_SERVICE_TYPE 6
95 #define RD_TP_FRAMED_PROTOCOL 7
96 #define RD_TP_FRAMED_IP_ADDRESS 8
97 #define RD_TP_FRAMED_IP_NETMASK 9
98 #define RD_TP_FRAMED_ROUTING 10
99 #define RD_TP_FILTER_ID 11
100 #define RD_TP_FRAMED_MTU 12
101 #define RD_TP_FRAMED_COMPRESSION 13
102 #define RD_TP_LOGIN_IP_HOST 14
103 #define RD_TP_LOGIN_SERVICE 15
104 #define RD_TP_LOGIN_TCP_PORT 16
105 #define RD_TP_UNASSIGNED 17
106 #define RD_TP_REPLY_MESSAGE 18
107 #define RD_TP_CALLBACK_NUMBER 19
108 #define RD_TP_CALLBACK_ID 20
109 #define RD_TP_UNASSIGNED2 21
110 #define RD_TP_FRAMED_ROUTE 22
111 #define RD_TP_FRAMED_IPX_NETWORK 23
112 #define RD_TP_STATE 24
113 #define RD_TP_CLASS 25
114 #define RD_TP_VENDOR_SPECIFIC 26
115 #define RD_TP_SESSION_TIMEOUT 27
116 #define RD_TP_IDLE_TIMEOUT 28
117 #define RD_TP_TERMINATING_ACTION 29
118 #define RD_TP_CALLED_STATION_ID 30
119 #define RD_TP_CALLING_STATION_ID 31
120 #define RD_TP_NAS_IDENTIFIER 32
121 #define RD_TP_PROXY_STATE 33
122 #define RD_TP_LOGIN_LAT_SERVICE 34
123 #define RD_TP_LOGIN_LAT_NODE 35
124 #define RD_TP_LOGIN_LAT_GROUP 36
125 #define RD_TP_FRAMED_APPLETALK_LINK 37
126 #define RD_TP_FRAMED_APPLETALK_NETWORK 38
127 #define RD_TP_FRAMED_APPLETALK_ZONE 39
128 #define RD_TP_ACCT_STATUS_TYPE 40
129 #define RD_TP_ACCT_DELAY_TIME 41
130 #define RD_TP_ACCT_INPUT_OCTETS 42
131 #define RD_TP_ACCT_OUTPUT_OCTETS 43
132 #define RD_TP_ACCT_SESSION_ID 44
133 #define RD_TP_ACCT_AUTHENTIC 45
134 #define RD_TP_ACCT_SESSION_TIME 46
135 #define RD_TP_ACCT_INPUT_PACKETS 47
136 #define RD_TP_ACCT_OUTPUT_PACKETS 48
137 #define RD_TP_ACCT_TERMINATE_CAUSE 49
138 #define RD_TP_ACCT_MULTI_SESSION_ID 50
139 #define RD_TP_ACCT_LINK_COUNT 51
140 #define RD_TP_ACCT_INPUT_GIGAWORDS 52
141 #define RD_TP_ACCT_OUTPUT_GIGAWORDS 53
143 #define RD_TP_EVENT_TIMESTAMP 55
145 #define RD_TP_CHAP_CHALLENGE 60
146 #define RD_TP_NAS_PORT_TYPE 61
147 #define RD_TP_PORT_LIMIT 62
148 #define RD_TP_LOGIN_LAT_PORT 63
149 #define RD_TP_TUNNEL_TYPE 64
150 #define RD_TP_TUNNEL_MEDIUM_TYPE 65
151 #define RD_TP_TUNNEL_CLIENT_ENDPOINT 66
152 #define RD_TP_TUNNEL_SERVER_ENDPOINT 67
153 #define RD_TP_TUNNEL_CONNECTION 68
154 #define RD_TP_TUNNEL_PASSWORD 69
155 #define RD_TP_ARAP_PASSWORD 70
156 #define RD_TP_ARAP_FEATURES 71
157 #define RD_TP_ARAP_ZONE_ACCESS 72
158 #define RD_TP_ARAP_SECURITY 73
159 #define RD_TP_ARAP_SECURITY_DATA 74
160 #define RD_TP_PASSWORD_RETRY 75
161 #define RD_TP_PROMPT 76
162 #define RD_TP_CONNECT_INFO 77
163 #define RD_TP_CONFIGURATION_TOKEN 78
164 #define RD_TP_EAP_MESSAGE 79
165 #define RD_TP_MESSAGE_AUTHENTICATOR 80
166 #define RD_TP_TUNNEL_PRIVATE_GROUP_ID 81
167 #define RD_TP_TUNNEL_ASSIGNMENT_ID 82
168 #define RD_TP_TUNNEL_TUNNEL_PREFERENCE 83
169 #define RD_TP_TUNNEL_PACKETS_LOST 86
170 #define RD_TP_NAS_PORT_ID 87
171 #define RD_TP_TUNNEL_CLIENT_AUTH_ID 90
172 #define RD_TP_TUNNEL_SERVER_AUTH_ID 91
173 #define RD_TP_ASCEND_MODEM_PORTNO 120
174 #define RD_TP_ASCEND_MODEM_SLOTNO 121
175 #define RD_TP_ASCEND_MULTILINK_ID 187
176 #define RD_TP_ASCEND_NUM_IN_MULTILINK 188
177 #define RD_TP_ASCEND_FIRST_DEST 189
178 #define RD_TP_ASCEND_PRE_INPUT_OCTETS 190
179 #define RD_TP_ASCEND_PRE_OUTPUT_OCTETS 191
180 #define RD_TP_ASCEND_PRE_INPUT_PACKETS 192
181 #define RD_TP_ASCEND_PRE_OUTPUT_PACKETS 193
182 #define RD_TP_ASCEND_MAXIMUM_TIME 194
183 #define RD_TP_ASCEND_DISCONNECT_CAUSE 195
184 #define RD_TP_ASCEND_CONNECT_PROGRESS 196
185 #define RD_TP_ASCEND_DATA_RATE 197
186 #define RD_TP_ASCEND_PRESESSION_TIME 198
187 #define RD_TP_ASCEND_ASSIGN_IP_POOL 218
188 #define RD_TP_ASCEND_XMIT_RATE 255
194 #define AUTHENTICATOR_LENGTH 16
195 #define RD_HDR_LENGTH 4
198 #define RADIUS_STRING 1
199 #define RADIUS_BINSTRING 2
200 #define RADIUS_INTEGER4 3
201 #define RADIUS_IP_ADDRESS 4
202 #define RADIUS_SERVICE_TYPE 5
203 #define RADIUS_FRAMED_PROTOCOL 6
204 #define RADIUS_FRAMED_ROUTING 7
205 #define RADIUS_FRAMED_COMPRESSION 8
206 #define RADIUS_LOGIN_SERVICE 9
207 #define RADIUS_UNKNOWN 10
208 #define RADIUS_IPX_ADDRESS 11
209 #define RADIUS_TERMINATING_ACTION 12
210 #define RADIUS_ACCOUNTING_STATUS_TYPE 13
211 #define RADIUS_ACCT_AUTHENTIC 14
212 #define RADIUS_ACCT_TERMINATE_CAUSE 15
213 #define RADIUS_NAS_PORT_TYPE 16
214 #define RADIUS_TUNNEL_TYPE 17
215 #define RADIUS_TUNNEL_MEDIUM_TYPE 18
216 #define RADIUS_STRING_TAGGED 19
217 #define RADIUS_VENDOR_SPECIFIC 20
218 #define RADIUS_TIMESTAMP 21
219 #define RADIUS_INTEGER4_TAGGED 22
221 static value_string radius_vals[] = {
222 {RADIUS_ACCESS_REQUEST, "Access Request"},
223 {RADIUS_ACCESS_ACCEPT, "Access Accept"},
224 {RADIUS_ACCESS_REJECT, "Access Reject"},
225 {RADIUS_ACCOUNTING_REQUEST, "Accounting Request"},
226 {RADIUS_ACCOUNTING_RESPONSE, "Accounting Response"},
227 {RADIUS_ACCESS_CHALLENGE, "Access challenge"},
228 {RADIUS_STATUS_SERVER, "StatusServer"},
229 {RADIUS_STATUS_CLIENT, "StatusClient"},
230 {RADIUS_RESERVED, "Reserved"},
233 static value_string radius_service_type_vals[]=
236 {3, "Callback Login"},
237 {4, "Callback Framed"},
239 {6, "Administrative"},
241 {8, "Authenticate Only"},
242 {9, "Callback NAS Prompt"},
247 * These are SMI Network Management Private Enterprise Codes for
250 * http://www.isi.edu/in-notes/iana/assignments/enterprise-numbers
255 #define VENDOR_CISCO 9
256 #define VENDOR_SHIVA 166
257 #define VENDOR_LIVINGSTON 307
258 #define VENDOR_3COM 429
259 #define VENDOR_ASCEND 529
260 #define VENDOR_BAY 1584
261 #define VENDOR_JUNIPER 2636
262 #define VENDOR_COSINE 3085
263 #define VENDOR_UNISPHERE 4874
265 static value_string radius_vendor_specific_vendors[]=
267 {VENDOR_CISCO,"Cisco"},
268 {VENDOR_SHIVA,"Shiva"},
269 {VENDOR_LIVINGSTON,"Livingston"},
270 {VENDOR_3COM,"3Com"},
271 {VENDOR_ASCEND,"Ascend"},
272 {VENDOR_BAY,"Bay Networks"},
273 {VENDOR_JUNIPER,"Juniper Networks"},
274 {VENDOR_COSINE,"CoSine Communications"},
275 {VENDOR_UNISPHERE,"Unisphere Networks"},
278 #define VENDOR_COSINE_VSA_CONNECION_PROFILE_NAME 1
279 #define VENDOR_COSINE_VSA_ENTERPRISE_ID 2
280 #define VENDOR_COSINE_VSA_ADDRESS_POOL_NAME 3
281 #define VENDOR_COSINE_VSA_DS_BYTE 4
282 #define VENDOR_COSINE_VSA_VPI_VCI 5
283 #define VENDOR_COSINE_VSA_DLCI 6
284 #define VENDOR_COSINE_VSA_LNS_IP_ADDRESS 7
285 #define VENDOR_COSINE_VSA_CLI_USER_PERMISSION_ID 8
287 static value_string radius_vendor_cosine_types[]=
288 {{VENDOR_COSINE_VSA_CONNECION_PROFILE_NAME,"Connection Profile Name"},
289 {VENDOR_COSINE_VSA_ENTERPRISE_ID,"Enterprise ID"},
290 {VENDOR_COSINE_VSA_ADDRESS_POOL_NAME,"Address Pool Name"},
291 {VENDOR_COSINE_VSA_DS_BYTE,"DS Byte"},
292 {VENDOR_COSINE_VSA_VPI_VCI,"VPI/VCI"},
293 {VENDOR_COSINE_VSA_DLCI,"DLCI"},
294 {VENDOR_COSINE_VSA_LNS_IP_ADDRESS,"LNS IP Address"},
295 {VENDOR_COSINE_VSA_CLI_USER_PERMISSION_ID,"CLI User Permission ID"},
298 static value_string radius_framed_protocol_vals[]=
301 {3, "Appletalk Remote Access Protocol (ARAP)"},
302 {4, "Gandalf proprietary Singlelink/Multilink Protocol"},
303 {5, "Xylogics proprietary IPX/SLIP"},
304 {6, "X.75 Synchronous"},
309 static value_string radius_framed_routing_vals[]=
310 {{1, "Send Routing Packets"},
311 {2, "Listen for routing packets"},
312 {3, "Send and Listen"},
316 static value_string radius_framed_compression_vals[]=
317 {{1, "VJ TCP/IP Header Compression"},
318 {2, "IPX Header Compression"},
319 {3, "Stac-LZS compression"},
323 static value_string radius_login_service_vals[]=
330 {8, "TCP Clear Quit"},
334 static value_string radius_terminating_action_vals[]=
335 {{1, "RADIUS-Request"},
339 static value_string radius_accounting_status_type_vals[]=
342 {3, "Interim-Update"},
344 {8,"Accounting-Off"},
345 {9, "Tunnel-Start"}, /* Tunnel accounting */
346 {10, "Tunnel-Stop"}, /* Tunnel accounting */
347 {11, "Tunnel-Reject"}, /* Tunnel accounting */
348 {12, "Tunnel-Link-Start"}, /* Tunnel accounting */
349 {13, "Tunnel-Link-Stop"}, /* Tunnel accounting */
350 {14, "Tunnel-Link-Reject"}, /* Tunnel accounting */
353 static value_string radius_accounting_authentication_vals[]=
357 /* RFC 2866 says 3 is Remote. Is 7 a mistake? */
361 static value_string radius_acct_terminate_cause_vals[]=
362 {{1, "User Request"},
366 {5,"Session Timeout"},
373 {12, "Port Unneeded"},
374 {13, "Port Preempted"},
375 {14,"Port Suspended"},
376 {15,"Service Unavailable"},
382 static value_string radius_tunnel_type_vals[]=
397 static value_string radius_tunnel_medium_type_vals[]=
415 static value_string radius_nas_port_type_vals[]=
419 {3, "ISDN Async V.120"},
420 {4,"ISDN Async V.110"},
423 {7, "HDLC Clear Channel"},
434 {18,"Wireless Other"},
435 {19,"Wireless IEEE 802.11"},
438 static value_value_pair radius_printinfo[] = {
439 { RD_TP_USER_NAME, RADIUS_STRING },
440 { RD_TP_USER_PASSWORD,RADIUS_BINSTRING },
441 { RD_TP_CHAP_PASSWORD, RADIUS_BINSTRING },
442 { RD_TP_NAS_IP_ADDRESS, RADIUS_IP_ADDRESS },
443 { RD_TP_NAS_PORT, RADIUS_INTEGER4},
444 { RD_TP_SERVICE_TYPE, RADIUS_SERVICE_TYPE},
445 { RD_TP_FRAMED_PROTOCOL, RADIUS_FRAMED_PROTOCOL},
446 { RD_TP_FRAMED_IP_ADDRESS, RADIUS_IP_ADDRESS},
447 { RD_TP_FRAMED_IP_NETMASK, RADIUS_IP_ADDRESS},
448 { RD_TP_FRAMED_ROUTING, RADIUS_FRAMED_ROUTING},
449 { RD_TP_FILTER_ID, RADIUS_STRING},
450 { RD_TP_FRAMED_MTU, RADIUS_INTEGER4},
451 { RD_TP_FRAMED_COMPRESSION, RADIUS_FRAMED_COMPRESSION},
452 { RD_TP_LOGIN_IP_HOST, RADIUS_IP_ADDRESS},
453 { RD_TP_LOGIN_SERVICE, RADIUS_LOGIN_SERVICE},
454 { RD_TP_LOGIN_TCP_PORT, RADIUS_INTEGER4},
455 { RD_TP_UNASSIGNED, RADIUS_UNKNOWN},
456 { RD_TP_REPLY_MESSAGE, RADIUS_STRING},
457 { RD_TP_CALLBACK_NUMBER, RADIUS_BINSTRING},
458 { RD_TP_CALLBACK_ID, RADIUS_BINSTRING},
459 { RD_TP_UNASSIGNED2, RADIUS_UNKNOWN},
460 { RD_TP_FRAMED_ROUTE, RADIUS_STRING},
461 { RD_TP_FRAMED_IPX_NETWORK, RADIUS_IPX_ADDRESS},
462 { RD_TP_STATE, RADIUS_BINSTRING},
463 { RD_TP_CLASS, RADIUS_BINSTRING},
464 { RD_TP_VENDOR_SPECIFIC, RADIUS_VENDOR_SPECIFIC},
465 { RD_TP_SESSION_TIMEOUT, RADIUS_INTEGER4},
466 { RD_TP_IDLE_TIMEOUT, RADIUS_INTEGER4},
467 { RD_TP_TERMINATING_ACTION, RADIUS_TERMINATING_ACTION},
468 { RD_TP_CALLED_STATION_ID, RADIUS_BINSTRING},
469 { RD_TP_CALLING_STATION_ID, RADIUS_BINSTRING},
470 { RD_TP_NAS_IDENTIFIER, RADIUS_BINSTRING},
471 { RD_TP_PROXY_STATE, RADIUS_BINSTRING},
472 { RD_TP_LOGIN_LAT_SERVICE, RADIUS_BINSTRING},
473 { RD_TP_LOGIN_LAT_NODE, RADIUS_BINSTRING},
474 { RD_TP_LOGIN_LAT_GROUP, RADIUS_BINSTRING},
475 { RD_TP_FRAMED_APPLETALK_LINK, RADIUS_INTEGER4},
476 { RD_TP_FRAMED_APPLETALK_NETWORK, RADIUS_INTEGER4},
477 { RD_TP_FRAMED_APPLETALK_ZONE, RADIUS_BINSTRING},
478 { RD_TP_ACCT_STATUS_TYPE, RADIUS_ACCOUNTING_STATUS_TYPE},
479 { RD_TP_ACCT_DELAY_TIME, RADIUS_INTEGER4},
480 { RD_TP_ACCT_INPUT_OCTETS, RADIUS_INTEGER4},
481 { RD_TP_ACCT_OUTPUT_OCTETS, RADIUS_INTEGER4},
482 { RD_TP_ACCT_SESSION_ID, RADIUS_STRING},
483 { RD_TP_ACCT_AUTHENTIC, RADIUS_ACCT_AUTHENTIC},
484 { RD_TP_ACCT_SESSION_TIME, RADIUS_INTEGER4},
485 { RD_TP_ACCT_INPUT_PACKETS, RADIUS_INTEGER4},
486 { RD_TP_ACCT_OUTPUT_PACKETS, RADIUS_INTEGER4},
487 { RD_TP_ACCT_TERMINATE_CAUSE, RADIUS_ACCT_TERMINATE_CAUSE},
488 { RD_TP_ACCT_MULTI_SESSION_ID, RADIUS_STRING},
489 { RD_TP_ACCT_LINK_COUNT, RADIUS_INTEGER4},
490 { RD_TP_ACCT_INPUT_GIGAWORDS, RADIUS_INTEGER4},
491 { RD_TP_ACCT_OUTPUT_GIGAWORDS, RADIUS_INTEGER4},
492 { RD_TP_EVENT_TIMESTAMP, RADIUS_TIMESTAMP},
493 { RD_TP_CHAP_CHALLENGE, RADIUS_BINSTRING},
494 { RD_TP_NAS_PORT_TYPE, RADIUS_NAS_PORT_TYPE},
495 { RD_TP_PORT_LIMIT, RADIUS_INTEGER4},
496 { RD_TP_LOGIN_LAT_PORT, RADIUS_BINSTRING},
497 { RD_TP_TUNNEL_TYPE, RADIUS_TUNNEL_TYPE},
498 { RD_TP_TUNNEL_MEDIUM_TYPE, RADIUS_TUNNEL_MEDIUM_TYPE},
499 { RD_TP_TUNNEL_CLIENT_ENDPOINT, RADIUS_STRING_TAGGED},
500 { RD_TP_TUNNEL_SERVER_ENDPOINT, RADIUS_STRING_TAGGED},
501 { RD_TP_TUNNEL_CONNECTION, RADIUS_BINSTRING},
502 { RD_TP_TUNNEL_PASSWORD, RADIUS_STRING_TAGGED},
503 { RD_TP_ARAP_PASSWORD, RADIUS_BINSTRING},
504 { RD_TP_ARAP_FEATURES, RADIUS_BINSTRING},
505 { RD_TP_ARAP_ZONE_ACCESS, RADIUS_BINSTRING},
506 { RD_TP_ARAP_SECURITY, RADIUS_BINSTRING},
507 { RD_TP_ARAP_SECURITY_DATA, RADIUS_BINSTRING},
508 { RD_TP_PASSWORD_RETRY, RADIUS_BINSTRING},
509 { RD_TP_PROMPT, RADIUS_BINSTRING},
510 { RD_TP_CONNECT_INFO, RADIUS_STRING},
511 { RD_TP_CONFIGURATION_TOKEN, RADIUS_BINSTRING},
512 { RD_TP_EAP_MESSAGE, RADIUS_BINSTRING},
513 { RD_TP_MESSAGE_AUTHENTICATOR, RADIUS_BINSTRING},
514 { RD_TP_TUNNEL_PRIVATE_GROUP_ID, RADIUS_STRING_TAGGED},
515 { RD_TP_TUNNEL_ASSIGNMENT_ID, RADIUS_STRING_TAGGED},
516 { RD_TP_TUNNEL_TUNNEL_PREFERENCE, RADIUS_INTEGER4_TAGGED},
517 { RD_TP_TUNNEL_PACKETS_LOST, RADIUS_INTEGER4},
518 { RD_TP_NAS_PORT_ID, RADIUS_STRING},
519 { RD_TP_TUNNEL_CLIENT_AUTH_ID, RADIUS_STRING_TAGGED},
520 { RD_TP_TUNNEL_SERVER_AUTH_ID, RADIUS_STRING_TAGGED},
521 { RD_TP_ASCEND_MODEM_PORTNO, RADIUS_INTEGER4},
522 { RD_TP_ASCEND_MODEM_SLOTNO, RADIUS_INTEGER4},
523 { RD_TP_ASCEND_MULTILINK_ID, RADIUS_INTEGER4},
524 { RD_TP_ASCEND_NUM_IN_MULTILINK, RADIUS_INTEGER4},
525 { RD_TP_ASCEND_FIRST_DEST, RADIUS_IP_ADDRESS},
526 { RD_TP_ASCEND_PRE_INPUT_OCTETS, RADIUS_INTEGER4},
527 { RD_TP_ASCEND_PRE_OUTPUT_OCTETS, RADIUS_INTEGER4},
528 { RD_TP_ASCEND_PRE_INPUT_PACKETS, RADIUS_INTEGER4},
529 { RD_TP_ASCEND_PRE_OUTPUT_PACKETS, RADIUS_INTEGER4},
530 { RD_TP_ASCEND_MAXIMUM_TIME, RADIUS_INTEGER4},
531 { RD_TP_ASCEND_DISCONNECT_CAUSE, RADIUS_INTEGER4},
532 { RD_TP_ASCEND_CONNECT_PROGRESS, RADIUS_INTEGER4},
533 { RD_TP_ASCEND_DATA_RATE, RADIUS_INTEGER4},
534 { RD_TP_ASCEND_PRESESSION_TIME, RADIUS_INTEGER4},
535 { RD_TP_ASCEND_ASSIGN_IP_POOL, RADIUS_INTEGER4},
536 { RD_TP_ASCEND_XMIT_RATE, RADIUS_INTEGER4},
540 static value_string radius_attrib_type_vals[] = {
541 { RD_TP_USER_NAME, "User Name"},
542 { RD_TP_USER_PASSWORD, "User Password"},
543 { RD_TP_CHAP_PASSWORD, "Chap Password"},
544 { RD_TP_NAS_IP_ADDRESS, "NAS IP Address"},
545 { RD_TP_NAS_PORT, "NAS Port"},
546 { RD_TP_SERVICE_TYPE, "Service Type"},
547 { RD_TP_FRAMED_PROTOCOL, "Framed Protocol"},
548 { RD_TP_FRAMED_IP_ADDRESS, "Framed IP Address"},
549 { RD_TP_FRAMED_IP_NETMASK, "Framed IP Netmask"},
550 { RD_TP_FRAMED_ROUTING, "Framed Routing"},
551 { RD_TP_FILTER_ID, "Filter Id"},
552 { RD_TP_FRAMED_MTU, "Framed MTU"},
553 { RD_TP_FRAMED_COMPRESSION, "Framed Compression"},
554 { RD_TP_LOGIN_IP_HOST, "Login IP Host"},
555 { RD_TP_LOGIN_SERVICE, "Login Service"},
556 { RD_TP_LOGIN_TCP_PORT, "Login TCP Port"},
557 { RD_TP_UNASSIGNED, "Unassigned"},
558 { RD_TP_REPLY_MESSAGE, "Reply Message"},
559 { RD_TP_CALLBACK_NUMBER, "Callback Number"},
560 { RD_TP_CALLBACK_ID, "Callback Id"},
561 { RD_TP_UNASSIGNED2, "Unassigned"},
562 { RD_TP_FRAMED_ROUTE, "Framed Route"},
563 { RD_TP_FRAMED_IPX_NETWORK, "Framed IPX network"},
564 { RD_TP_STATE, "State"},
565 { RD_TP_CLASS, "Class"},
566 { RD_TP_VENDOR_SPECIFIC, "Vendor Specific" },
567 { RD_TP_SESSION_TIMEOUT, "Session Timeout"},
568 { RD_TP_IDLE_TIMEOUT, "Idle Timeout"},
569 { RD_TP_TERMINATING_ACTION, "Terminating Action"},
570 { RD_TP_CALLED_STATION_ID, "Called Station Id"},
571 { RD_TP_CALLING_STATION_ID, "Calling Station Id"},
572 { RD_TP_NAS_IDENTIFIER, "NAS identifier"},
573 { RD_TP_PROXY_STATE, "Proxy State"},
574 { RD_TP_LOGIN_LAT_SERVICE, "Login LAT Service"},
575 { RD_TP_LOGIN_LAT_NODE, "Login LAT Node"},
576 { RD_TP_LOGIN_LAT_GROUP, "Login LAT Group"},
577 { RD_TP_FRAMED_APPLETALK_LINK, "Framed Appletalk Link"},
578 { RD_TP_FRAMED_APPLETALK_NETWORK, "Framed Appletalk Network"},
579 { RD_TP_FRAMED_APPLETALK_ZONE, "Framed Appletalk Zone"},
580 { RD_TP_ACCT_STATUS_TYPE, "Acct Status Type"},
581 { RD_TP_ACCT_DELAY_TIME, "Acct Delay Time"},
582 { RD_TP_ACCT_INPUT_OCTETS, "Acct Input Octets"},
583 { RD_TP_ACCT_OUTPUT_OCTETS, "Acct Output Octets"},
584 { RD_TP_ACCT_SESSION_ID, "Acct Session Id"},
585 { RD_TP_ACCT_AUTHENTIC, "Acct Authentic"},
586 { RD_TP_ACCT_SESSION_TIME, "Acct Session Time"},
587 { RD_TP_ACCT_INPUT_PACKETS, "Acct Input Packets"},
588 { RD_TP_ACCT_OUTPUT_PACKETS, "Acct Output Packets"},
589 { RD_TP_ACCT_TERMINATE_CAUSE, "Acct Terminate Cause"},
590 { RD_TP_ACCT_MULTI_SESSION_ID, "Acct Multi Session Id"},
591 { RD_TP_ACCT_LINK_COUNT, "Acct Link Count"},
592 { RD_TP_ACCT_INPUT_GIGAWORDS, "Acct Input Gigawords"},
593 { RD_TP_ACCT_OUTPUT_GIGAWORDS, "Acct Output Gigawords"},
594 { RD_TP_EVENT_TIMESTAMP, "Event Timestamp"},
595 { RD_TP_CHAP_CHALLENGE, "Chap Challenge"},
596 { RD_TP_NAS_PORT_TYPE, "NAS Port Type"},
597 { RD_TP_PORT_LIMIT, "Port Limit"},
598 { RD_TP_LOGIN_LAT_PORT, "Login LAT Port"},
599 { RD_TP_TUNNEL_TYPE, "Tunnel Type"},
600 { RD_TP_TUNNEL_MEDIUM_TYPE, "Tunnel Medium Type"},
601 { RD_TP_TUNNEL_CLIENT_ENDPOINT, "Tunnel Client Endpoint"},
602 { RD_TP_TUNNEL_SERVER_ENDPOINT, "Tunnel Server Endpoint"},
603 { RD_TP_TUNNEL_CONNECTION, "Tunnel Connection"},
604 { RD_TP_TUNNEL_PASSWORD, "Tunnel Password"},
605 { RD_TP_ARAP_PASSWORD, "ARAP-Password"},
606 { RD_TP_ARAP_FEATURES, "ARAP-Features"},
607 { RD_TP_ARAP_ZONE_ACCESS, "ARAP-Zone-Access"},
608 { RD_TP_ARAP_SECURITY, "ARAP-Security"},
609 { RD_TP_ARAP_SECURITY_DATA, "ARAP-Security-Data"},
610 { RD_TP_PASSWORD_RETRY, "Password-Retry"},
611 { RD_TP_PROMPT, "Prompt"},
612 { RD_TP_CONNECT_INFO, "Connect-Info"},
613 { RD_TP_CONFIGURATION_TOKEN, "Configuration-Token"},
614 { RD_TP_EAP_MESSAGE, "EAP-Message"},
615 { RD_TP_MESSAGE_AUTHENTICATOR, "Message Authenticator"},
616 { RD_TP_TUNNEL_PRIVATE_GROUP_ID, "Tunnel Private Group ID"},
617 { RD_TP_TUNNEL_ASSIGNMENT_ID, "Tunnel Assignment ID"},
618 { RD_TP_TUNNEL_TUNNEL_PREFERENCE, "Tunnel Preference"},
619 { RD_TP_TUNNEL_PACKETS_LOST, "Tunnel Packets Lost"},
620 { RD_TP_NAS_PORT_ID, "NAS Port ID"},
621 { RD_TP_TUNNEL_CLIENT_AUTH_ID, "Tunnel Client Auth ID"},
622 { RD_TP_TUNNEL_SERVER_AUTH_ID, "Tunnel Server Auth ID"},
623 { RD_TP_ASCEND_MODEM_PORTNO, "Ascend Modem Port No"},
624 { RD_TP_ASCEND_MODEM_SLOTNO, "Ascend Modem Slot No"},
625 { RD_TP_ASCEND_MULTILINK_ID, "Ascend Multilink ID"},
626 { RD_TP_ASCEND_NUM_IN_MULTILINK, "Ascend Num In Multilink"},
627 { RD_TP_ASCEND_FIRST_DEST, "Ascend First Dest"},
628 { RD_TP_ASCEND_PRE_INPUT_OCTETS, "Ascend Pre Input Octets"},
629 { RD_TP_ASCEND_PRE_OUTPUT_OCTETS, "Ascend Pre Output Octets"},
630 { RD_TP_ASCEND_PRE_INPUT_PACKETS, "Ascend Pre Input Packets"},
631 { RD_TP_ASCEND_PRE_OUTPUT_PACKETS, "Ascend Pre Output Packets"},
632 { RD_TP_ASCEND_MAXIMUM_TIME, "Ascend Maximum Time"},
633 { RD_TP_ASCEND_DISCONNECT_CAUSE, "Ascend Disconnect Cause"},
634 { RD_TP_ASCEND_CONNECT_PROGRESS, "Ascend Connect Progress"},
635 { RD_TP_ASCEND_DATA_RATE, "Ascend Data Rate"},
636 { RD_TP_ASCEND_PRESESSION_TIME, "Ascend PreSession Time"},
637 { RD_TP_ASCEND_ASSIGN_IP_POOL, "Ascend Assign IP Pool"},
638 { RD_TP_ASCEND_XMIT_RATE, "Ascend Xmit Rate"},
642 guint32 match_numval(guint32 val, const value_value_pair *vs)
647 if (vs[i].val1 == val)
655 static gchar textbuffer[2000];
657 gchar *rdconvertbufftostr(gchar *dest, tvbuff_t *tvb, int offset, int length)
659 /*converts the raw buffer into printable text */
662 const guint8 *pd = tvb_get_ptr(tvb, offset, length);
667 for (i=0; i < (guint32)length; i++)
669 if( isalnum((int)pd[i])||ispunct((int)pd[i])
670 ||((int)pd[i]==' ')) {
671 dest[totlen]=(gchar)pd[i];
676 sprintf(&(dest[totlen]), "\\%03u", pd[i]);
677 totlen=totlen+strlen(&(dest[totlen]));
685 gchar *rd_match_strval(guint32 val, const value_string *vs) {
686 return val_to_str(val, vs, "Undefined (%u)");
689 gchar *rd_value_to_str(e_avphdr *avph, tvbuff_t *tvb, int offset)
693 value_string *valstrarr;
699 extern char *tzname[2];
701 /* prints the values of the attribute value pairs into a text buffer */
702 print_type=match_numval(avph->avp_type,radius_printinfo);
705 strcpy(textbuffer,"Value:");
706 cont=&textbuffer[strlen(textbuffer)];
709 case( RADIUS_STRING ):
710 case( RADIUS_BINSTRING ):
711 rdconvertbufftostr(cont,tvb,offset+2,avph->avp_length-2);
713 case( RADIUS_INTEGER4 ):
714 sprintf(cont,"%u", tvb_get_ntohl(tvb,offset+2));
716 case( RADIUS_IP_ADDRESS ):
717 ip_to_str_buf(tvb_get_ptr(tvb,offset+2,4),cont);
719 case( RADIUS_SERVICE_TYPE ):
720 valstrarr=radius_service_type_vals;
721 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
723 case( RADIUS_FRAMED_PROTOCOL ):
724 valstrarr= radius_framed_protocol_vals;
725 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
727 case( RADIUS_FRAMED_ROUTING ):
728 valstrarr=radius_framed_routing_vals;
729 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
731 case( RADIUS_FRAMED_COMPRESSION ):
732 valstrarr=radius_framed_compression_vals;
733 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
735 case( RADIUS_LOGIN_SERVICE ):
736 valstrarr=radius_login_service_vals;
737 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
739 case( RADIUS_IPX_ADDRESS ):
740 pd = tvb_get_ptr(tvb,offset+2,4);
741 sprintf(cont,"%u:%u:%u:%u",(guint8)pd[offset+2],
742 (guint8)pd[offset+3],(guint8)pd[offset+4],
743 (guint8)pd[offset+5]);
744 case( RADIUS_TERMINATING_ACTION ):
745 valstrarr=radius_terminating_action_vals;
746 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
748 case( RADIUS_ACCOUNTING_STATUS_TYPE ):
749 valstrarr=radius_accounting_status_type_vals;
750 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
752 case( RADIUS_ACCT_AUTHENTIC ):
753 valstrarr=radius_accounting_authentication_vals;
754 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
756 case( RADIUS_ACCT_TERMINATE_CAUSE ):
757 valstrarr=radius_acct_terminate_cause_vals;
758 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
760 case( RADIUS_NAS_PORT_TYPE ):
761 valstrarr=radius_nas_port_type_vals;
762 strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
764 case( RADIUS_TUNNEL_TYPE ):
765 valstrarr=radius_tunnel_type_vals;
767 intval = tvb_get_ntohl(tvb,offset+2);
769 sprintf(textbuffer, "Tag:%u, Value:%s",
771 rd_match_strval(intval & 0xffffff,valstrarr));
774 strcpy(cont,rd_match_strval(intval,valstrarr));
776 case( RADIUS_TUNNEL_MEDIUM_TYPE ):
777 valstrarr=radius_tunnel_medium_type_vals;
778 intval = tvb_get_ntohl(tvb,offset+2);
781 sprintf(textbuffer, "Tag:%u, Value:%s",
783 rd_match_strval(intval & 0xffffff,valstrarr));
786 strcpy(cont,rd_match_strval(intval,valstrarr));
788 case( RADIUS_STRING_TAGGED ):
790 tag = tvb_get_guint8(tvb,offset+2);
792 sprintf(textbuffer, "Tag:%u, Value:",
794 cont=&textbuffer[strlen(textbuffer)];
795 rdconvertbufftostr(cont,tvb,offset+3,avph->avp_length-3);
798 rdconvertbufftostr(cont,tvb,offset+2,avph->avp_length-2);
800 case ( RADIUS_VENDOR_SPECIFIC ):
801 valstrarr=radius_vendor_specific_vendors;
802 sprintf(textbuffer,"Vendor:%s,",
803 rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
804 cont=&textbuffer[strlen(textbuffer)];
805 switch (tvb_get_ntohl(tvb,offset+2)) {
806 case ( VENDOR_COSINE ):
807 vtype = tvb_get_guint8(tvb,offset+6);
809 case ( VENDOR_COSINE_VSA_CONNECION_PROFILE_NAME ):
810 case ( VENDOR_COSINE_VSA_ENTERPRISE_ID ):
811 case ( VENDOR_COSINE_VSA_ADDRESS_POOL_NAME ):
812 case ( VENDOR_COSINE_VSA_CLI_USER_PERMISSION_ID ):
813 sprintf(cont," Type:%s, Value:",
814 rd_match_strval(vtype, radius_vendor_cosine_types));
815 cont=&textbuffer[strlen(textbuffer)];
816 rdconvertbufftostr(cont,tvb,offset+8,avph->avp_length-8);
818 case ( VENDOR_COSINE_VSA_VPI_VCI ):
819 sprintf(cont," Type:%s, Value:%u/%u",
820 rd_match_strval(vtype, radius_vendor_cosine_types),
821 tvb_get_ntohs(tvb,offset+8),
822 tvb_get_ntohs(tvb,offset+10));
824 case ( VENDOR_COSINE_VSA_DS_BYTE ):
825 case ( VENDOR_COSINE_VSA_DLCI ):
826 sprintf(cont," Type:%s, Value:%u",
827 rd_match_strval(vtype, radius_vendor_cosine_types),
828 tvb_get_ntohl(tvb,offset+8));
830 case ( VENDOR_COSINE_VSA_LNS_IP_ADDRESS ):
831 sprintf(cont," Type:%s, Value:",
832 rd_match_strval(vtype, radius_vendor_cosine_types));
833 cont=&textbuffer[strlen(textbuffer)];
834 ip_to_str_buf(tvb_get_ptr(tvb,offset+8,4),cont);
837 sprintf(cont," Unknown Value Type");
842 sprintf(cont, " Value:");
843 rdconvertbufftostr(cont,tvb,offset+6,avph->avp_length-6);
847 case( RADIUS_TIMESTAMP ):
848 intval=tvb_get_ntohl(tvb,offset+2);
849 rtimestamp=ctime((time_t*)&intval);
850 rtimestamp[strlen(rtimestamp)-1]=0;
851 sprintf(cont,"%d (%s %s)", tvb_get_ntohl(tvb,offset+2), rtimestamp, *tzname);
853 case( RADIUS_INTEGER4_TAGGED ):
854 intval = tvb_get_ntohl(tvb,offset+2);
857 sprintf(textbuffer, "Tag:%u, Value:%u",
862 sprintf(cont,"%u", intval);
864 case( RADIUS_UNKNOWN ):
866 strcpy(textbuffer,"Unknown Value Type");
869 if (cont == textbuffer) {
870 strcpy(cont,"Unknown Value");
876 void dissect_attribute_value_pairs(tvbuff_t *tvb, int offset,proto_tree *tree,
877 int avplength,packet_info *pinfo) {
878 /* adds the attribute value pairs to the tree */
885 proto_tree_add_text(tree, tvb,offset,0,"No Attribute Value Pairs Found");
889 while (avplength > 0 )
892 tvb_memcpy(tvb,(guint8 *)&avph,offset,sizeof(e_avphdr));
893 avptpstrval=match_strval(avph.avp_type, radius_attrib_type_vals);
894 if (avptpstrval == NULL) avptpstrval="Unknown Type";
895 if (avph.avp_length < 2) {
897 * This AVP is bogus - the length includes the type and length
898 * fields, so it must be >= 2.
900 proto_tree_add_text(tree, tvb, offset, avph.avp_length,
901 "t:%s(%u) l:%u (length not >= 2)",
902 avptpstrval,avph.avp_type,avph.avp_length);
906 if (avph.avp_type == RD_TP_EAP_MESSAGE) {
908 proto_tree *eap_tree;
911 ti = proto_tree_add_text(tree, tvb,offset,avph.avp_length,"t:%s(%u) l:%u",
912 avptpstrval,avph.avp_type,avph.avp_length);
913 eap_tree = proto_item_add_subtree(ti, ett_radius_eap);
914 tvb_len = tvb_length_remaining(tvb, offset+2);
915 if (avph.avp_length-2 < tvb_len)
916 tvb_len = avph.avp_length-2;
917 next_tvb = tvb_new_subset(tvb, offset+2, tvb_len, avph.avp_length-2);
920 * Set the columns non-writable, so that the packet list
921 * shows this as an RADIUS packet, not as an EAP packet.
923 * XXX - we'll call the EAP dissector only if we're building
924 * a protocol tree. The EAP dissector currently saves no state,
925 * and won't be modifying the columns, so that's OK right now,
926 * but it might call the SSL dissector - if that maintains state
927 * needed for dissection, we'll have to arrange that AVPs be
928 * dissected even if we're not building a protocol tree.
930 col_set_writable(pinfo->cinfo, FALSE);
931 call_dissector(eap_handle, next_tvb, pinfo, eap_tree);
933 valstr=rd_value_to_str(&avph, tvb, offset);
934 proto_tree_add_text(tree, tvb,offset,avph.avp_length,
936 avptpstrval,avph.avp_type,avph.avp_length,valstr);
939 offset=offset+avph.avp_length;
940 avplength=avplength-avph.avp_length;
944 static void dissect_radius(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
946 proto_tree *radius_tree,*avptree;
947 proto_item *ti,*avptf;
951 int avplength,hdrlength;
956 if (check_col(pinfo->cinfo, COL_PROTOCOL))
957 col_set_str(pinfo->cinfo, COL_PROTOCOL, "RADIUS");
958 if (check_col(pinfo->cinfo, COL_INFO))
959 col_clear(pinfo->cinfo, COL_INFO);
961 tvb_memcpy(tvb,(guint8 *)&rh,0,sizeof(e_radiushdr));
963 rhcode= (int)rh.rh_code;
964 rhident= (int)rh.rh_ident;
965 rhlength= (int)ntohs(rh.rh_pktlength);
966 codestrval= match_strval(rhcode,radius_vals);
967 if (codestrval==NULL)
969 codestrval="Unknown Packet";
971 if (check_col(pinfo->cinfo, COL_INFO))
973 col_add_fstr(pinfo->cinfo,COL_INFO,"%s(%d) (id=%d, l=%d)",
974 codestrval, rhcode, rhident, rhlength);
979 ti = proto_tree_add_item(tree,proto_radius, tvb, 0, rhlength, FALSE);
981 radius_tree = proto_item_add_subtree(ti, ett_radius);
983 proto_tree_add_uint(radius_tree,hf_radius_code, tvb, 0, 1,
985 proto_tree_add_uint_format(radius_tree,hf_radius_id, tvb, 1, 1,
986 rh.rh_ident, "Packet identifier: 0x%01x (%d)",
989 proto_tree_add_uint(radius_tree, hf_radius_length, tvb,
991 proto_tree_add_text(radius_tree, tvb, 4,
992 AUTHENTICATOR_LENGTH,
995 hdrlength=RD_HDR_LENGTH+AUTHENTICATOR_LENGTH;
996 avplength= rhlength -hdrlength;
999 /* list the attribute value pairs */
1001 avptf = proto_tree_add_text(radius_tree,
1002 tvb,hdrlength,avplength,
1003 "Attribute value pairs");
1004 avptree = proto_item_add_subtree(avptf, ett_radius_avp);
1008 dissect_attribute_value_pairs(tvb, hdrlength,
1009 avptree,avplength,pinfo);
1014 /* registration with the filtering engine */
1016 proto_register_radius(void)
1018 static hf_register_info hf[] = {
1020 { "Code","radius.code", FT_UINT8, BASE_DEC, VALS(radius_vals), 0x0,
1024 { "Identifier", "radius.id", FT_UINT8, BASE_DEC, NULL, 0x0,
1027 { &hf_radius_length,
1028 { "Length","radius.length", FT_UINT16, BASE_DEC, NULL, 0x0,
1031 static gint *ett[] = {
1037 proto_radius = proto_register_protocol("Radius Protocol", "RADIUS",
1039 proto_register_field_array(proto_radius, hf, array_length(hf));
1040 proto_register_subtree_array(ett, array_length(ett));
1044 proto_reg_handoff_radius(void)
1046 dissector_handle_t radius_handle;
1049 * Get a handle for the EAP dissector.
1051 eap_handle = find_dissector("eap");
1053 radius_handle = create_dissector_handle(dissect_radius, proto_radius);
1054 dissector_add("udp.port", UDP_PORT_RADIUS, radius_handle);
1055 dissector_add("udp.port", UDP_PORT_RADIUS_NEW, radius_handle);
1056 dissector_add("udp.port", UDP_PORT_RADACCT, radius_handle);
1057 dissector_add("udp.port", UDP_PORT_RADACCT_NEW, radius_handle);