/* packet-radius.c
* Routines for RADIUS packet disassembly
+ * Copyright 1999 Johan Feyaerts
+ *
+ * RFC 2865, RFC 2866, RFC 2867, RFC 2868, RFC 2869
*
- * $Id: packet-radius.c,v 1.10 2000/04/05 16:01:39 gram Exp $
+ * $Id: packet-radius.c,v 1.55 2002/04/14 23:04:04 guy Exp $
*
* Ethereal - Network traffic analyzer
- * By Johan Feyaerts
- * Copyright 1999 Johan Feyaerts
+ * By Gerald Combs <gerald@ethereal.com>
+ * Copyright 1998 Gerald Combs
+ *
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
#include <stdio.h>
#include <stdlib.h>
+#include <string.h>
#include <ctype.h>
#include <glib.h>
-#include "packet.h"
-#include "resolv.h"
+#include <time.h>
+#include <epan/packet.h>
+#include <epan/resolv.h>
static int proto_radius = -1;
static int hf_radius_length = -1;
static gint ett_radius = -1;
static gint ett_radius_avp = -1;
+static gint ett_radius_eap = -1;
+
+static dissector_handle_t eap_fragment_handle;
+
+#define UDP_PORT_RADIUS 1645
+#define UDP_PORT_RADIUS_NEW 1812
+#define UDP_PORT_RADACCT 1646
+#define UDP_PORT_RADACCT_NEW 1813
typedef struct _e_radiushdr {
guint8 rh_code;
#define RD_TP_ACCT_TERMINATE_CAUSE 49
#define RD_TP_ACCT_MULTI_SESSION_ID 50
#define RD_TP_ACCT_LINK_COUNT 51
+#define RD_TP_ACCT_INPUT_GIGAWORDS 52
+#define RD_TP_ACCT_OUTPUT_GIGAWORDS 53
+/* 54 Unused */
+#define RD_TP_EVENT_TIMESTAMP 55
+/* 56-59 Unused */
#define RD_TP_CHAP_CHALLENGE 60
#define RD_TP_NAS_PORT_TYPE 61
#define RD_TP_PORT_LIMIT 62
#define RD_TP_TUNNEL_MEDIUM_TYPE 65
#define RD_TP_TUNNEL_CLIENT_ENDPOINT 66
#define RD_TP_TUNNEL_SERVER_ENDPOINT 67
+#define RD_TP_TUNNEL_CONNECTION 68
#define RD_TP_TUNNEL_PASSWORD 69
+#define RD_TP_ARAP_PASSWORD 70
+#define RD_TP_ARAP_FEATURES 71
+#define RD_TP_ARAP_ZONE_ACCESS 72
+#define RD_TP_ARAP_SECURITY 73
+#define RD_TP_ARAP_SECURITY_DATA 74
+#define RD_TP_PASSWORD_RETRY 75
+#define RD_TP_PROMPT 76
+#define RD_TP_CONNECT_INFO 77
+#define RD_TP_CONFIGURATION_TOKEN 78
+#define RD_TP_EAP_MESSAGE 79
+#define RD_TP_MESSAGE_AUTHENTICATOR 80
+#define RD_TP_TUNNEL_PRIVATE_GROUP_ID 81
#define RD_TP_TUNNEL_ASSIGNMENT_ID 82
+#define RD_TP_TUNNEL_TUNNEL_PREFERENCE 83
+#define RD_TP_TUNNEL_PACKETS_LOST 86
+#define RD_TP_NAS_PORT_ID 87
+#define RD_TP_TUNNEL_CLIENT_AUTH_ID 90
+#define RD_TP_TUNNEL_SERVER_AUTH_ID 91
+#define RD_TP_ASCEND_MODEM_PORTNO 120
+#define RD_TP_ASCEND_MODEM_SLOTNO 121
+#define RD_TP_ASCEND_MULTILINK_ID 187
+#define RD_TP_ASCEND_NUM_IN_MULTILINK 188
+#define RD_TP_ASCEND_FIRST_DEST 189
+#define RD_TP_ASCEND_PRE_INPUT_OCTETS 190
+#define RD_TP_ASCEND_PRE_OUTPUT_OCTETS 191
+#define RD_TP_ASCEND_PRE_INPUT_PACKETS 192
+#define RD_TP_ASCEND_PRE_OUTPUT_PACKETS 193
+#define RD_TP_ASCEND_MAXIMUM_TIME 194
+#define RD_TP_ASCEND_DISCONNECT_CAUSE 195
+#define RD_TP_ASCEND_CONNECT_PROGRESS 196
+#define RD_TP_ASCEND_DATA_RATE 197
+#define RD_TP_ASCEND_PRESESSION_TIME 198
+#define RD_TP_ASCEND_ASSIGN_IP_POOL 218
+#define RD_TP_ASCEND_XMIT_RATE 255
+
+
+
+
#define AUTHENTICATOR_LENGTH 16
#define RD_HDR_LENGTH 4
#define RADIUS_TUNNEL_MEDIUM_TYPE 18
#define RADIUS_STRING_TAGGED 19
#define RADIUS_VENDOR_SPECIFIC 20
+#define RADIUS_TIMESTAMP 21
+#define RADIUS_INTEGER4_TAGGED 22
static value_string radius_vals[] = {
{RADIUS_ACCESS_REQUEST, "Access Request"},
{RADIUS_ACCESS_REJECT, "Access Reject"},
{RADIUS_ACCOUNTING_REQUEST, "Accounting Request"},
{RADIUS_ACCOUNTING_RESPONSE, "Accounting Response"},
- {RADIUS_ACCESS_CHALLENGE, "Accounting challenge"},
+ {RADIUS_ACCESS_CHALLENGE, "Access challenge"},
{RADIUS_STATUS_SERVER, "StatusServer"},
{RADIUS_STATUS_CLIENT, "StatusClient"},
{RADIUS_RESERVED, "Reserved"},
{10, "Call Check"},
{0,NULL}};
+/*
+ * These are SMI Network Management Private Enterprise Codes for
+ * organizations; see
+ *
+ * http://www.isi.edu/in-notes/iana/assignments/enterprise-numbers
+ *
+ * for a list.
+ */
+#define VENDOR_ACC 5
+#define VENDOR_CISCO 9
+#define VENDOR_SHIVA 166
+#define VENDOR_LIVINGSTON 307
+#define VENDOR_MICROSOFT 311
+#define VENDOR_3COM 429
+#define VENDOR_ASCEND 529
+#define VENDOR_BAY 1584
+#define VENDOR_JUNIPER 2636
+#define VENDOR_COSINE 3085
+#define VENDOR_UNISPHERE 4874
+#define VENDOR_ISSANNI 5948
+
static value_string radius_vendor_specific_vendors[]=
-{{5, "ACC"},
-{9,"Cisco"},
-{123,"Ascend"},
-{166,"Shiva"},
-{307,"Livingston"},
-{429,"3Com"},
-{1584,"Bay Networks"},
+{{VENDOR_ACC,"ACC"},
+{VENDOR_CISCO,"Cisco"},
+{VENDOR_SHIVA,"Shiva"},
+{VENDOR_MICROSOFT,"Microsoft"},
+{VENDOR_LIVINGSTON,"Livingston"},
+{VENDOR_3COM,"3Com"},
+{VENDOR_ASCEND,"Ascend"},
+{VENDOR_BAY,"Bay Networks"},
+{VENDOR_JUNIPER,"Juniper Networks"},
+{VENDOR_COSINE,"CoSine Communications"},
+{VENDOR_UNISPHERE,"Unisphere Networks"},
+{VENDOR_ISSANNI,"Issanni Communications"},
+{0,NULL}};
+
+/*
+references:
+ 'dictoinary.cisco' file from FreeRADIUS
+ http://www.freeradius.org
+ radiusd/raddb/dictionary.cisco
+
+ http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/vapp_dev/vsaig3.htm
+
+ http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/fappendx/fradattr/scfrdat3.pdf
+ http://www.missl.cs.umd.edu/wireless/ethereal/cisco-vsa.pdf
+
+*/
+
+ /* stanard sttributes */
+#define VENDOR_CISCO_AVP_CISCO 1
+#define VENDOR_CISCO_NAS_PORT 2
+ /* fax */
+#define VENDOR_CISCO_FAX_ACCOUNT_ID_ORIGIN 3
+#define VENDOR_CISCO_FAX_MSG_ID 4
+#define VENDOR_CISCO_FAX_PAGES 5
+#define VENDOR_CISCO_FAX_COVERPAGE_FLAG 6
+#define VENDOR_CISCO_FAX_MODEM_TIME 7
+#define VENDOR_CISCO_FAX_CONNECT_SPEED 8
+#define VENDOR_CISCO_FAX_RECIPENT_COUNT 9
+#define VENDOR_CISCO_FAX_PROCESS_ABORT_FLAG 10
+#define VENDOR_CISCO_FAX_DSN_ADDRESS 11
+#define VENDOR_CISCO_FAX_DSN_FLAG 12
+#define VENDOR_CISCO_FAX_MDN_ADDRESS 13
+#define VENDOR_CISCO_FAX_MDN_FLAG 14
+#define VENDOR_CISCO_FAX_AUTH_STATUS 15
+#define VENDOR_CISCO_EMAIL_SERVER_ADDRESS 16
+#define VENDOR_CISCO_EMAIL_SERVER_ACK_FLAG 17
+#define VENDOR_CISCO_GATEWAY_ID 18
+#define VENDOR_CISCO_CALL_TYPE 19
+#define VENDOR_CISCO_PORT_USED 20
+#define VENDOR_CISCO_ABORT_CAUSE 21
+ /* #22 */
+ /* H323 - Voice over IP attributes. */
+#define VENDOR_CISCO_H323_REMOTE_ADDRESS 23
+#define VENDOR_CISCO_H323_CONF_ID 24
+#define VENDOR_CISCO_H323_SETUP_TIME 25
+#define VENDOR_CISCO_H323_CALL_ORIGIN 26
+#define VENDOR_CISCO_H323_CALL_TYPE 27
+#define VENDOR_CISCO_H323_CONNECT_TIME 28
+#define VENDOR_CISCO_H323_DISCONNECT_TIME 29
+#define VENDOR_CISCO_H323_DISCONNECT_CAUSE 30
+#define VENDOR_CISCO_H323_VOICE_QUALITY 31
+ /* #32 */
+#define VENDOR_CISCO_H323_GW_ID 33
+ /* #34 */
+#define VENDOR_CISCO_H323_INCOMING_CONF_ID 35
+ /* #36-#100 */
+#define VENDOR_CISCO_H323_CREDIT_AMOUNT 101
+#define VENDOR_CISCO_H323_CREDIT_TIME 102
+#define VENDOR_CISCO_H323_RETURN_CODE 103
+#define VENDOR_CISCO_H323_PROMPT_ID 104
+#define VENDOR_CISCO_H323_TIME_AND_DAY 105
+#define VENDOR_CISCO_H323_REDIRECT_NUMBER 106
+#define VENDOR_CISCO_H323_PREFERRED_LANG 107
+#define VENDOR_CISCO_H323_REDIRECT_IP_ADDRESS 108
+#define VENDOR_CISCO_H323_BILLING_MODEL 109
+#define VENDOR_CISCO_H323_CURRENCY_TYPE 110
+ /* #111-#186 */
+/*
+ Extra attributes sent by the Cisco, if you configure
+ "radius-server vsa accounting" (requires IOS11.2+).
+*/
+#define VENDOR_CISCO_MULTILINK_ID 187
+#define VENDOR_CISCO_NUM_IN_MULTILINK 188
+ /* #189 */
+#define VENDOR_CISCO_PRE_INPUT_OCTETS 190
+#define VENDOR_CISCO_PRE_OUTPUT_OCTETS 191
+#define VENDOR_CISCO_PRE_INPUT_PACKETS 192
+#define VENDOR_CISCO_PRE_OUTPUT_PACKETS 193
+#define VENDOR_CISCO_MAXIMUM_TIME 194
+#define VENDOR_CISCO_DISCONNECT_CAUSE 195
+ /* #196 */
+#define VENDOR_CISCO_DATA_RATE 197
+#define VENDOR_CISCO_PRESESSION_TIME 198
+ /* #199-#207 */
+#define VENDOR_CISCO_PW_LIFETIME 208
+#define VENDOR_CISCO_IP_DIRECT 209
+#define VENDOR_CISCO_PPP_VJ_SLOT_COMP 210
+ /* #211 */
+#define VENDOR_CISCO_PPP_ASYNC_MAP 212
+ /* #213-#216 */
+#define VENDOR_CISCO_IP_POOL_DEFINITION 217
+#define VENDOR_CISCO_ASING_IP_POOL 218
+ /* #219-#227 */
+#define VENDOR_CISCO_ROUTE_IP 228
+ /* #229-#232 */
+#define VENDOR_CISCO_LINK_COMPRESSION 233
+#define VENDOR_CISCO_TARGET_UTIL 234
+#define VENDOR_CISCO_MAXIMUM_CHANNELS 235
+ /* #236-#241 */
+#define VENDOR_CISCO_DATA_FILTER 242
+#define VENDOR_CISCO_CALL_FILTER 243
+#define VENDOR_CISCO_IDLE_LIMIT 244
+#define VENDOR_CISCO_XMIT_RATE 255
+
+static value_string radius_vendor_cisco_types[]=
+{{VENDOR_CISCO_AVP_CISCO ,"Cisco AV Pair" },
+{ VENDOR_CISCO_NAS_PORT ,"Cisco NAS Port" },
+{ VENDOR_CISCO_FAX_ACCOUNT_ID_ORIGIN ,"Fax Account Id Origin" },
+{ VENDOR_CISCO_FAX_MSG_ID ,"Fax Msg Id" },
+{ VENDOR_CISCO_FAX_PAGES ,"Fax Pages" },
+{ VENDOR_CISCO_FAX_COVERPAGE_FLAG ,"Fax Cover Page Flag" },
+{ VENDOR_CISCO_FAX_MODEM_TIME ,"Fax Modem Time" },
+{ VENDOR_CISCO_FAX_CONNECT_SPEED ,"Fax Connect Speed" },
+{ VENDOR_CISCO_FAX_RECIPENT_COUNT ,"Fax Recipent Count" },
+{ VENDOR_CISCO_FAX_PROCESS_ABORT_FLAG ,"Fax Process Abort Flag" },
+{ VENDOR_CISCO_FAX_DSN_ADDRESS ,"Fax DSN Address" },
+{ VENDOR_CISCO_FAX_DSN_FLAG ,"Fax DSN Flag" },
+{ VENDOR_CISCO_FAX_MDN_ADDRESS ,"Fax MDN Address" },
+{ VENDOR_CISCO_FAX_MDN_FLAG ,"Fax MDN Flag" },
+{ VENDOR_CISCO_FAX_AUTH_STATUS ,"Fax Auth Status" },
+{ VENDOR_CISCO_EMAIL_SERVER_ADDRESS ,"Email Server Address" },
+{ VENDOR_CISCO_EMAIL_SERVER_ACK_FLAG ,"Email Server Ack Flag" },
+{ VENDOR_CISCO_GATEWAY_ID ,"Gateway Id" },
+{ VENDOR_CISCO_CALL_TYPE ,"Call Type" },
+{ VENDOR_CISCO_PORT_USED ,"Port Used" },
+{ VENDOR_CISCO_ABORT_CAUSE ,"Abort Cause" },
+{ VENDOR_CISCO_H323_REMOTE_ADDRESS ,"H323 Remote Address" },
+{ VENDOR_CISCO_H323_CONF_ID ,"H323 Conf Id" },
+{ VENDOR_CISCO_H323_SETUP_TIME ,"H323 Setup Time" },
+{ VENDOR_CISCO_H323_CALL_ORIGIN ,"H323 Call Origin" },
+{ VENDOR_CISCO_H323_CALL_TYPE ,"H323 Call Type" },
+{ VENDOR_CISCO_H323_CONNECT_TIME ,"H323 Connect Time" },
+{ VENDOR_CISCO_H323_DISCONNECT_TIME ,"H323 Disconnect Time" },
+{ VENDOR_CISCO_H323_DISCONNECT_CAUSE ,"H323 Disconnect Cause" },
+{ VENDOR_CISCO_H323_VOICE_QUALITY ,"H323 Voice Quality" },
+{ VENDOR_CISCO_H323_GW_ID ,"H323 GW Id" },
+{ VENDOR_CISCO_H323_INCOMING_CONF_ID ,"H323 Incoming Conf Id" },
+{ VENDOR_CISCO_H323_CREDIT_AMOUNT ,"H323 Credit Amount" },
+{ VENDOR_CISCO_H323_CREDIT_TIME ,"H323 Credit Time" },
+{ VENDOR_CISCO_H323_RETURN_CODE ,"H323 Return Code" },
+{ VENDOR_CISCO_H323_PROMPT_ID ,"H323 Prompt Id" },
+{ VENDOR_CISCO_H323_TIME_AND_DAY ,"H323 Time And Day" },
+{ VENDOR_CISCO_H323_REDIRECT_NUMBER ,"H323 Redirect Number" },
+{ VENDOR_CISCO_H323_PREFERRED_LANG ,"H323 Preferred Lang" },
+{ VENDOR_CISCO_H323_REDIRECT_IP_ADDRESS ,"H323 Redirect Ip Address" },
+{ VENDOR_CISCO_H323_BILLING_MODEL ,"H323 Billing Model" },
+{ VENDOR_CISCO_H323_CURRENCY_TYPE ,"H323 Currency Type" },
+{ VENDOR_CISCO_MULTILINK_ID ,"Cisco Multilink ID" },
+{ VENDOR_CISCO_NUM_IN_MULTILINK ,"Cisco Num In Multilink" },
+{ VENDOR_CISCO_PRE_INPUT_OCTETS ,"Cisco Pre Input Octets" },
+{ VENDOR_CISCO_PRE_OUTPUT_OCTETS ,"Cisco Pre Output Octets" },
+{ VENDOR_CISCO_PRE_INPUT_PACKETS ,"Cisco Pre Input Packets" },
+{ VENDOR_CISCO_PRE_OUTPUT_PACKETS ,"Cisco Pre Output Packets" },
+{ VENDOR_CISCO_MAXIMUM_TIME ,"Cisco Maximum Time" },
+{ VENDOR_CISCO_DISCONNECT_CAUSE ,"Cisco Disconnect Cause" },
+{ VENDOR_CISCO_DATA_RATE ,"Cisco Data Rate" },
+{ VENDOR_CISCO_PRESESSION_TIME ,"Cisco PreSession Time" },
+{ VENDOR_CISCO_PW_LIFETIME ,"Cisco PW Lifetime" },
+{ VENDOR_CISCO_IP_DIRECT ,"Cisco IP Direct" },
+{ VENDOR_CISCO_PPP_VJ_SLOT_COMP ,"Cisco PPP VJ Slot Comp" },
+{ VENDOR_CISCO_PPP_ASYNC_MAP ,"Cisco PPP Async Map" },
+{ VENDOR_CISCO_IP_POOL_DEFINITION ,"Cisco IP Pool Definition" },
+{ VENDOR_CISCO_ASING_IP_POOL ,"Cisco Asing IP Pool" },
+{ VENDOR_CISCO_ROUTE_IP ,"Cisco Route IP" },
+{ VENDOR_CISCO_LINK_COMPRESSION ,"Cisco Link Compression" },
+{ VENDOR_CISCO_TARGET_UTIL ,"Cisco Target Util" },
+{ VENDOR_CISCO_MAXIMUM_CHANNELS ,"Cisco Maximum Channels" },
+{ VENDOR_CISCO_DATA_FILTER ,"Cisco Data Filter" },
+{ VENDOR_CISCO_CALL_FILTER ,"Cisco Call Filter" },
+{ VENDOR_CISCO_IDLE_LIMIT ,"Cisco Idle Limit" },
+{ VENDOR_CISCO_XMIT_RATE ,"Cisco Xmit Rate" },
+{0,NULL}};
+
+#define VENDOR_COSINE_VSA_CONNECTION_PROFILE_NAME 1
+#define VENDOR_COSINE_VSA_ENTERPRISE_ID 2
+#define VENDOR_COSINE_VSA_ADDRESS_POOL_NAME 3
+#define VENDOR_COSINE_VSA_DS_BYTE 4
+#define VENDOR_COSINE_VSA_VPI_VCI 5
+#define VENDOR_COSINE_VSA_DLCI 6
+#define VENDOR_COSINE_VSA_LNS_IP_ADDRESS 7
+#define VENDOR_COSINE_VSA_CLI_USER_PERMISSION_ID 8
+
+static value_string radius_vendor_cosine_types[]=
+{{VENDOR_COSINE_VSA_CONNECTION_PROFILE_NAME,"Connection Profile Name"},
+{VENDOR_COSINE_VSA_ENTERPRISE_ID,"Enterprise ID"},
+{VENDOR_COSINE_VSA_ADDRESS_POOL_NAME,"Address Pool Name"},
+{VENDOR_COSINE_VSA_DS_BYTE,"DS Byte"},
+{VENDOR_COSINE_VSA_VPI_VCI,"VPI/VCI"},
+{VENDOR_COSINE_VSA_DLCI,"DLCI"},
+{VENDOR_COSINE_VSA_LNS_IP_ADDRESS,"LNS IP Address"},
+{VENDOR_COSINE_VSA_CLI_USER_PERMISSION_ID,"CLI User Permission ID"},
+{0,NULL}};
+
+#define VENDOR_ISSANNI_VSA_SOFTFLOW_TEMPLATE 1
+#define VENDOR_ISSANNI_VSA_NAT_POOL_NAME 2
+#define VENDOR_ISSANNI_VSA_VRD 3
+#define VENDOR_ISSANNI_VSA_TUNNEL_NAME 4
+#define VENDOR_ISSANNI_VSA_IP_POOL_NAME 5
+#define VENDOR_ISSANNI_VSA_PPPOE_URL 6
+#define VENDOR_ISSANNI_VSA_PPPOE_MOTM 7
+#define VENDOR_ISSANNI_VSA_SERVICE 8
+#define VENDOR_ISSANNI_VSA_PRI_DNS 9
+#define VENDOR_ISSANNI_VSA_SEC_DNS 10
+#define VENDOR_ISSANNI_VSA_PRI_NBNS 11
+#define VENDOR_ISSANNI_VSA_SEC_NBNS 12
+#define VENDOR_ISSANNI_VSA_TRAFFIC_CLASS 13
+#define VENDOR_ISSANNI_VSA_TUNNEL_TYPE 14
+#define VENDOR_ISSANNI_VSA_NAT_TYPE 15
+#define VENDOR_ISSANNI_VSA_QOS_CLASS 16
+#define VENDOR_ISSANNI_VSA_IFACE_NAME 17
+
+static value_string radius_vendor_issanni_types[]=
+{{VENDOR_ISSANNI_VSA_SOFTFLOW_TEMPLATE,"Softflow Template"},
+{VENDOR_ISSANNI_VSA_NAT_POOL_NAME,"NAT Pool"},
+{VENDOR_ISSANNI_VSA_VRD,"Virtual Routing Domain"},
+{VENDOR_ISSANNI_VSA_TUNNEL_NAME,"Tunnel Name"},
+{VENDOR_ISSANNI_VSA_IP_POOL_NAME,"IP Pool Name"},
+{VENDOR_ISSANNI_VSA_PPPOE_URL,"PPPoE URL"},
+{VENDOR_ISSANNI_VSA_PPPOE_MOTM,"PPPoE MOTM"},
+{VENDOR_ISSANNI_VSA_SERVICE,"PPPoE Service"},
+{VENDOR_ISSANNI_VSA_PRI_DNS,"Primary DNS"},
+{VENDOR_ISSANNI_VSA_SEC_DNS,"Secondary DNS"},
+{VENDOR_ISSANNI_VSA_PRI_NBNS,"Primary NBNS"},
+{VENDOR_ISSANNI_VSA_SEC_NBNS,"Secondary NBNS"},
+{VENDOR_ISSANNI_VSA_TRAFFIC_CLASS,"Policing Traffic Class"},
+{VENDOR_ISSANNI_VSA_TUNNEL_TYPE,"Tunnel Type"},
+{VENDOR_ISSANNI_VSA_NAT_TYPE,"NAT Type"},
+{VENDOR_ISSANNI_VSA_QOS_CLASS,"QoS Traffic Class"},
+{VENDOR_ISSANNI_VSA_IFACE_NAME,"Interface Name"},
{0,NULL}};
static value_string radius_framed_protocol_vals[]=
{4, "Gandalf proprietary Singlelink/Multilink Protocol"},
{5, "Xylogics proprietary IPX/SLIP"},
{6, "X.75 Synchronous"},
+{256, "Ascend MPP"},
+{262, "Ascend MP"},
{0,NULL}};
static value_string radius_framed_routing_vals[]=
static value_string radius_accounting_status_type_vals[]=
{{1, "Start"},
{2, "Stop"},
+{3, "Interim-Update"},
{7,"Accounting-On"},
{8,"Accounting-Off"},
+{9, "Tunnel-Start"}, /* Tunnel accounting */
+{10, "Tunnel-Stop"}, /* Tunnel accounting */
+{11, "Tunnel-Reject"}, /* Tunnel accounting */
+{12, "Tunnel-Link-Start"}, /* Tunnel accounting */
+{13, "Tunnel-Link-Stop"}, /* Tunnel accounting */
+{14, "Tunnel-Link-Reject"}, /* Tunnel accounting */
{0,NULL}};
static value_string radius_accounting_authentication_vals[]=
{{1, "Radius"},
{2, "Local"},
+{3,"Remote"},
+/* RFC 2866 says 3 is Remote. Is 7 a mistake? */
{7,"Remote"},
{0,NULL}};
{12, "ADSL-CAP"},
{13, "ADSL-DMT"},
{14,"IDSL - ISDN"},
+{15,"Ethernet"},
+{16,"xDSL"},
+{17,"Cable"},
+{18,"Wireless Other"},
+{19,"Wireless IEEE 802.11"},
{0,NULL}};
static value_value_pair radius_printinfo[] = {
{ RD_TP_ACCT_TERMINATE_CAUSE, RADIUS_ACCT_TERMINATE_CAUSE},
{ RD_TP_ACCT_MULTI_SESSION_ID, RADIUS_STRING},
{ RD_TP_ACCT_LINK_COUNT, RADIUS_INTEGER4},
+{ RD_TP_ACCT_INPUT_GIGAWORDS, RADIUS_INTEGER4},
+{ RD_TP_ACCT_OUTPUT_GIGAWORDS, RADIUS_INTEGER4},
+{ RD_TP_EVENT_TIMESTAMP, RADIUS_TIMESTAMP},
{ RD_TP_CHAP_CHALLENGE, RADIUS_BINSTRING},
{ RD_TP_NAS_PORT_TYPE, RADIUS_NAS_PORT_TYPE},
{ RD_TP_PORT_LIMIT, RADIUS_INTEGER4},
{ RD_TP_TUNNEL_MEDIUM_TYPE, RADIUS_TUNNEL_MEDIUM_TYPE},
{ RD_TP_TUNNEL_CLIENT_ENDPOINT, RADIUS_STRING_TAGGED},
{ RD_TP_TUNNEL_SERVER_ENDPOINT, RADIUS_STRING_TAGGED},
+{ RD_TP_TUNNEL_CONNECTION, RADIUS_BINSTRING},
{ RD_TP_TUNNEL_PASSWORD, RADIUS_STRING_TAGGED},
+{ RD_TP_ARAP_PASSWORD, RADIUS_BINSTRING},
+{ RD_TP_ARAP_FEATURES, RADIUS_BINSTRING},
+{ RD_TP_ARAP_ZONE_ACCESS, RADIUS_BINSTRING},
+{ RD_TP_ARAP_SECURITY, RADIUS_BINSTRING},
+{ RD_TP_ARAP_SECURITY_DATA, RADIUS_BINSTRING},
+{ RD_TP_PASSWORD_RETRY, RADIUS_BINSTRING},
+{ RD_TP_PROMPT, RADIUS_BINSTRING},
+{ RD_TP_CONNECT_INFO, RADIUS_STRING},
+{ RD_TP_CONFIGURATION_TOKEN, RADIUS_BINSTRING},
+{ RD_TP_EAP_MESSAGE, RADIUS_BINSTRING},
+{ RD_TP_MESSAGE_AUTHENTICATOR, RADIUS_BINSTRING},
+{ RD_TP_TUNNEL_PRIVATE_GROUP_ID, RADIUS_STRING_TAGGED},
{ RD_TP_TUNNEL_ASSIGNMENT_ID, RADIUS_STRING_TAGGED},
+{ RD_TP_TUNNEL_TUNNEL_PREFERENCE, RADIUS_INTEGER4_TAGGED},
+{ RD_TP_TUNNEL_PACKETS_LOST, RADIUS_INTEGER4},
+{ RD_TP_NAS_PORT_ID, RADIUS_STRING},
+{ RD_TP_TUNNEL_CLIENT_AUTH_ID, RADIUS_STRING_TAGGED},
+{ RD_TP_TUNNEL_SERVER_AUTH_ID, RADIUS_STRING_TAGGED},
+{ RD_TP_ASCEND_MODEM_PORTNO, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_MODEM_SLOTNO, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_MULTILINK_ID, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_NUM_IN_MULTILINK, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_FIRST_DEST, RADIUS_IP_ADDRESS},
+{ RD_TP_ASCEND_PRE_INPUT_OCTETS, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_PRE_OUTPUT_OCTETS, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_PRE_INPUT_PACKETS, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_PRE_OUTPUT_PACKETS, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_MAXIMUM_TIME, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_DISCONNECT_CAUSE, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_CONNECT_PROGRESS, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_DATA_RATE, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_PRESESSION_TIME, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_ASSIGN_IP_POOL, RADIUS_INTEGER4},
+{ RD_TP_ASCEND_XMIT_RATE, RADIUS_INTEGER4},
{0,0},
};
{ RD_TP_ACCT_TERMINATE_CAUSE, "Acct Terminate Cause"},
{ RD_TP_ACCT_MULTI_SESSION_ID, "Acct Multi Session Id"},
{ RD_TP_ACCT_LINK_COUNT, "Acct Link Count"},
+{ RD_TP_ACCT_INPUT_GIGAWORDS, "Acct Input Gigawords"},
+{ RD_TP_ACCT_OUTPUT_GIGAWORDS, "Acct Output Gigawords"},
+{ RD_TP_EVENT_TIMESTAMP, "Event Timestamp"},
{ RD_TP_CHAP_CHALLENGE, "Chap Challenge"},
{ RD_TP_NAS_PORT_TYPE, "NAS Port Type"},
{ RD_TP_PORT_LIMIT, "Port Limit"},
{ RD_TP_TUNNEL_MEDIUM_TYPE, "Tunnel Medium Type"},
{ RD_TP_TUNNEL_CLIENT_ENDPOINT, "Tunnel Client Endpoint"},
{ RD_TP_TUNNEL_SERVER_ENDPOINT, "Tunnel Server Endpoint"},
+{ RD_TP_TUNNEL_CONNECTION, "Tunnel Connection"},
{ RD_TP_TUNNEL_PASSWORD, "Tunnel Password"},
+{ RD_TP_ARAP_PASSWORD, "ARAP-Password"},
+{ RD_TP_ARAP_FEATURES, "ARAP-Features"},
+{ RD_TP_ARAP_ZONE_ACCESS, "ARAP-Zone-Access"},
+{ RD_TP_ARAP_SECURITY, "ARAP-Security"},
+{ RD_TP_ARAP_SECURITY_DATA, "ARAP-Security-Data"},
+{ RD_TP_PASSWORD_RETRY, "Password-Retry"},
+{ RD_TP_PROMPT, "Prompt"},
+{ RD_TP_CONNECT_INFO, "Connect-Info"},
+{ RD_TP_CONFIGURATION_TOKEN, "Configuration-Token"},
+{ RD_TP_EAP_MESSAGE, "EAP-Message"},
+{ RD_TP_MESSAGE_AUTHENTICATOR, "Message Authenticator"},
+{ RD_TP_TUNNEL_PRIVATE_GROUP_ID, "Tunnel Private Group ID"},
{ RD_TP_TUNNEL_ASSIGNMENT_ID, "Tunnel Assignment ID"},
+{ RD_TP_TUNNEL_TUNNEL_PREFERENCE, "Tunnel Preference"},
+{ RD_TP_TUNNEL_PACKETS_LOST, "Tunnel Packets Lost"},
+{ RD_TP_NAS_PORT_ID, "NAS Port ID"},
+{ RD_TP_TUNNEL_CLIENT_AUTH_ID, "Tunnel Client Auth ID"},
+{ RD_TP_TUNNEL_SERVER_AUTH_ID, "Tunnel Server Auth ID"},
+{ RD_TP_ASCEND_MODEM_PORTNO, "Ascend Modem Port No"},
+{ RD_TP_ASCEND_MODEM_SLOTNO, "Ascend Modem Slot No"},
+{ RD_TP_ASCEND_MULTILINK_ID, "Ascend Multilink ID"},
+{ RD_TP_ASCEND_NUM_IN_MULTILINK, "Ascend Num In Multilink"},
+{ RD_TP_ASCEND_FIRST_DEST, "Ascend First Dest"},
+{ RD_TP_ASCEND_PRE_INPUT_OCTETS, "Ascend Pre Input Octets"},
+{ RD_TP_ASCEND_PRE_OUTPUT_OCTETS, "Ascend Pre Output Octets"},
+{ RD_TP_ASCEND_PRE_INPUT_PACKETS, "Ascend Pre Input Packets"},
+{ RD_TP_ASCEND_PRE_OUTPUT_PACKETS, "Ascend Pre Output Packets"},
+{ RD_TP_ASCEND_MAXIMUM_TIME, "Ascend Maximum Time"},
+{ RD_TP_ASCEND_DISCONNECT_CAUSE, "Ascend Disconnect Cause"},
+{ RD_TP_ASCEND_CONNECT_PROGRESS, "Ascend Connect Progress"},
+{ RD_TP_ASCEND_DATA_RATE, "Ascend Data Rate"},
+{ RD_TP_ASCEND_PRESESSION_TIME, "Ascend PreSession Time"},
+{ RD_TP_ASCEND_ASSIGN_IP_POOL, "Ascend Assign IP Pool"},
+{ RD_TP_ASCEND_XMIT_RATE, "Ascend Xmit Rate"},
{0,NULL},
};
-guint32 match_numval(guint32 val, const value_value_pair *vs)
+static guint32 match_numval(guint32 val, const value_value_pair *vs)
{
guint32 i = 0;
static gchar textbuffer[2000];
-gchar *rdconvertbufftostr(gchar *dest,guint8 length,const guint8 *pd)
+static gchar *
+rdconvertbufftostr(gchar *dest, tvbuff_t *tvb, int offset, int length)
{
/*converts the raw buffer into printable text */
-guint32 i;
-guint32 totlen=0;
+ guint32 i;
+ guint32 totlen=0;
+ const guint8 *pd = tvb_get_ptr(tvb, offset, length);
dest[0]='"';
dest[1]=0;
return dest;
}
-gchar *rd_match_strval(guint32 val, const value_string *vs) {
- gchar *result;
- static gchar undf[30];
- result=match_strval(val,vs);
- if (result == NULL ) {
- sprintf(undf,"Undefined(%d)",val);
- result=undf;
- }
- return result;
+static gchar *rd_match_strval(guint32 val, const value_string *vs) {
+ return val_to_str(val, vs, "Undefined (%u)");
}
-gchar *rd_value_to_str(e_avphdr *avph,const u_char *pd, int offset)
+static gchar *rd_value_to_str(e_avphdr *avph, tvbuff_t *tvb, int offset)
{
-int print_type;
-gchar *cont;
-guint32 intval;
-value_string *valstrarr;
+ int print_type;
+ gchar *cont;
+ value_string *valstrarr;
+ guint32 intval;
+ const guint8 *pd;
+ guint8 tag;
+ guint8 vtype;
+ char *rtimestamp;
+ extern char *tzname[2];
+
/* prints the values of the attribute value pairs into a text buffer */
print_type=match_numval(avph->avp_type,radius_printinfo);
- intval=pntohl(&(pd[offset+2]));
+
/* Default begin */
strcpy(textbuffer,"Value:");
cont=&textbuffer[strlen(textbuffer)];
{
case( RADIUS_STRING ):
case( RADIUS_BINSTRING ):
- rdconvertbufftostr(cont,avph->avp_length-2,&(pd[offset+2]));
+ rdconvertbufftostr(cont,tvb,offset+2,avph->avp_length-2);
break;
case( RADIUS_INTEGER4 ):
- sprintf(cont,"%u", intval);
+ sprintf(cont,"%u", tvb_get_ntohl(tvb,offset+2));
break;
case( RADIUS_IP_ADDRESS ):
- sprintf(cont,"%u.%u.%u.%u",(guint8)pd[offset+2],
- (guint8)pd[offset+3],(guint8)pd[offset+4],
- (guint8)pd[offset+5]);
+ ip_to_str_buf(tvb_get_ptr(tvb,offset+2,4),cont);
break;
case( RADIUS_SERVICE_TYPE ):
valstrarr=radius_service_type_vals;
- strcpy(cont,rd_match_strval(intval,valstrarr));
+ strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
break;
case( RADIUS_FRAMED_PROTOCOL ):
valstrarr= radius_framed_protocol_vals;
- strcpy(cont,rd_match_strval(intval,valstrarr));
+ strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
break;
case( RADIUS_FRAMED_ROUTING ):
valstrarr=radius_framed_routing_vals;
- strcpy(cont,rd_match_strval(intval,valstrarr));
+ strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
break;
case( RADIUS_FRAMED_COMPRESSION ):
valstrarr=radius_framed_compression_vals;
- strcpy(cont,rd_match_strval(intval,valstrarr));
+ strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
break;
case( RADIUS_LOGIN_SERVICE ):
valstrarr=radius_login_service_vals;
- strcpy(cont,rd_match_strval(intval,valstrarr));
+ strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
break;
case( RADIUS_IPX_ADDRESS ):
+ pd = tvb_get_ptr(tvb,offset+2,4);
sprintf(cont,"%u:%u:%u:%u",(guint8)pd[offset+2],
(guint8)pd[offset+3],(guint8)pd[offset+4],
(guint8)pd[offset+5]);
case( RADIUS_TERMINATING_ACTION ):
valstrarr=radius_terminating_action_vals;
- strcpy(cont,rd_match_strval(intval,valstrarr));
+ strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
break;
case( RADIUS_ACCOUNTING_STATUS_TYPE ):
valstrarr=radius_accounting_status_type_vals;
- strcpy(cont,rd_match_strval(intval,valstrarr));
+ strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
break;
case( RADIUS_ACCT_AUTHENTIC ):
valstrarr=radius_accounting_authentication_vals;
- strcpy(cont,rd_match_strval(intval,valstrarr));
+ strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
break;
case( RADIUS_ACCT_TERMINATE_CAUSE ):
valstrarr=radius_acct_terminate_cause_vals;
- strcpy(cont,rd_match_strval(intval,valstrarr));
+ strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
break;
case( RADIUS_NAS_PORT_TYPE ):
valstrarr=radius_nas_port_type_vals;
- strcpy(cont,rd_match_strval(intval,valstrarr));
+ strcpy(cont,rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
break;
case( RADIUS_TUNNEL_TYPE ):
valstrarr=radius_tunnel_type_vals;
/* Tagged ? */
+ intval = tvb_get_ntohl(tvb,offset+2);
if (intval >> 24) {
- sprintf(textbuffer, "Tag:%d, Value:%s",
+ sprintf(textbuffer, "Tag:%u, Value:%s",
intval >> 24,
rd_match_strval(intval & 0xffffff,valstrarr));
break;
}
- strcpy(cont,match_strval(intval,valstrarr));
+ strcpy(cont,rd_match_strval(intval,valstrarr));
break;
case( RADIUS_TUNNEL_MEDIUM_TYPE ):
valstrarr=radius_tunnel_medium_type_vals;
+ intval = tvb_get_ntohl(tvb,offset+2);
/* Tagged ? */
if (intval >> 24) {
- sprintf(textbuffer, "Tag:%d, Value:%s",
+ sprintf(textbuffer, "Tag:%u, Value:%s",
intval >> 24,
rd_match_strval(intval & 0xffffff,valstrarr));
break;
}
- strcpy(cont,match_strval(intval,valstrarr));
+ strcpy(cont,rd_match_strval(intval,valstrarr));
break;
case( RADIUS_STRING_TAGGED ):
/* Tagged ? */
- if (pd[offset+2] <= 0x1f) {
- sprintf(textbuffer, "Tag:%d, Value:",
- pd[offset+2]);
+ tag = tvb_get_guint8(tvb,offset+2);
+ if (tag <= 0x1f) {
+ sprintf(textbuffer, "Tag:%u, Value:",
+ tag);
cont=&textbuffer[strlen(textbuffer)];
- rdconvertbufftostr(cont,avph->avp_length-3,
- &(pd[offset+3]));
+ rdconvertbufftostr(cont,tvb,offset+3,avph->avp_length-3);
break;
}
- rdconvertbufftostr(cont,avph->avp_length-2,
- &(pd[offset+2]));
+ rdconvertbufftostr(cont,tvb,offset+2,avph->avp_length-2);
break;
case ( RADIUS_VENDOR_SPECIFIC ):
valstrarr=radius_vendor_specific_vendors;
- sprintf(textbuffer,"Vendor:%s, Value:",
- rd_match_strval(intval,valstrarr));
+ sprintf(textbuffer,"Vendor:%s,",
+ rd_match_strval(tvb_get_ntohl(tvb,offset+2),valstrarr));
cont=&textbuffer[strlen(textbuffer)];
- rdconvertbufftostr(cont,avph->avp_length-6,&(pd[offset+6]));
+ switch (tvb_get_ntohl(tvb,offset+2)) {
+ case ( VENDOR_CISCO ):
+ vtype = tvb_get_guint8(tvb,offset+6);
+ switch (vtype) {
+ case ( VENDOR_CISCO_AVP_CISCO ):
+ sprintf(cont," Type:%s, Len:%i Value:",
+ rd_match_strval(vtype,radius_vendor_cisco_types),
+ avph->avp_length-8);
+ cont=&textbuffer[strlen(textbuffer)];
+ rdconvertbufftostr(cont,tvb,offset+8,
+ avph->avp_length-8);
+ break;
+ default:
+ sprintf(cont," Type:%s, Len:%i Value:",
+ rd_match_strval(vtype,radius_vendor_cisco_types),
+ avph->avp_length-8);
+ cont=&textbuffer[strlen(textbuffer)];
+ rdconvertbufftostr(cont,tvb,offset+8,
+ avph->avp_length-8);
+ break;
+ }
+ break;
+ case ( VENDOR_COSINE ):
+ vtype = tvb_get_guint8(tvb,offset+6);
+ switch (vtype) {
+ case ( VENDOR_COSINE_VSA_CONNECTION_PROFILE_NAME ):
+ case ( VENDOR_COSINE_VSA_ENTERPRISE_ID ):
+ case ( VENDOR_COSINE_VSA_ADDRESS_POOL_NAME ):
+ case ( VENDOR_COSINE_VSA_CLI_USER_PERMISSION_ID ):
+ sprintf(cont," Type:%s, Value:",
+ rd_match_strval(vtype, radius_vendor_cosine_types));
+ cont=&textbuffer[strlen(textbuffer)];
+ rdconvertbufftostr(cont,tvb,offset+8,avph->avp_length-8);
+ break;
+ case ( VENDOR_COSINE_VSA_VPI_VCI ):
+ sprintf(cont," Type:%s, Value:%u/%u",
+ rd_match_strval(vtype, radius_vendor_cosine_types),
+ tvb_get_ntohs(tvb,offset+8),
+ tvb_get_ntohs(tvb,offset+10));
+ break;
+ case ( VENDOR_COSINE_VSA_DS_BYTE ):
+ case ( VENDOR_COSINE_VSA_DLCI ):
+ sprintf(cont," Type:%s, Value:%u",
+ rd_match_strval(vtype, radius_vendor_cosine_types),
+ tvb_get_ntohl(tvb,offset+8));
+ break;
+ case ( VENDOR_COSINE_VSA_LNS_IP_ADDRESS ):
+ sprintf(cont," Type:%s, Value:",
+ rd_match_strval(vtype, radius_vendor_cosine_types));
+ cont=&textbuffer[strlen(textbuffer)];
+ ip_to_str_buf(tvb_get_ptr(tvb,offset+8,4),cont);
+ break;
+ default:
+ sprintf(cont," Unknown Value Type");
+ break;
+ }
+ break;
+ case ( VENDOR_ISSANNI ):
+ vtype = tvb_get_guint8(tvb,offset+6);
+ switch (vtype) {
+ case ( VENDOR_ISSANNI_VSA_SOFTFLOW_TEMPLATE ):
+ case ( VENDOR_ISSANNI_VSA_NAT_POOL_NAME ):
+ case ( VENDOR_ISSANNI_VSA_VRD ):
+ case ( VENDOR_ISSANNI_VSA_TUNNEL_NAME ):
+ case ( VENDOR_ISSANNI_VSA_IP_POOL_NAME ):
+ case ( VENDOR_ISSANNI_VSA_PPPOE_URL ):
+ case ( VENDOR_ISSANNI_VSA_PPPOE_MOTM ):
+ case ( VENDOR_ISSANNI_VSA_SERVICE ):
+ case ( VENDOR_ISSANNI_VSA_TRAFFIC_CLASS ):
+ case ( VENDOR_ISSANNI_VSA_QOS_CLASS ):
+ case ( VENDOR_ISSANNI_VSA_IFACE_NAME ):
+ sprintf(cont," Type:%s, Value:",
+ rd_match_strval(vtype, radius_vendor_issanni_types));
+ cont=&textbuffer[strlen(textbuffer)];
+ rdconvertbufftostr(cont,tvb,offset+8,avph->avp_length-8);
+ break;
+ case ( VENDOR_ISSANNI_VSA_NAT_TYPE ):
+ case ( VENDOR_ISSANNI_VSA_TUNNEL_TYPE ):
+ sprintf(cont," Type:%s, Value:%u",
+ rd_match_strval(vtype, radius_vendor_issanni_types),
+ tvb_get_ntohl(tvb,offset+8));
+ break;
+ case ( VENDOR_ISSANNI_VSA_PRI_DNS ):
+ case ( VENDOR_ISSANNI_VSA_SEC_DNS ):
+ case ( VENDOR_ISSANNI_VSA_PRI_NBNS ):
+ case ( VENDOR_ISSANNI_VSA_SEC_NBNS ):
+ sprintf(cont," Type:%s, Value:",
+ rd_match_strval(vtype, radius_vendor_issanni_types));
+ cont=&textbuffer[strlen(textbuffer)];
+ ip_to_str_buf(tvb_get_ptr(tvb,offset+8,4),cont);
+ break;
+ default:
+ sprintf(cont," Unknown Value Type");
+ break;
+ }
+ break;
+ default:
+ sprintf(cont, " Value:");
+ rdconvertbufftostr(cont,tvb,offset+6,avph->avp_length-6);
+ break;
+ }
+ break;
+ case( RADIUS_TIMESTAMP ):
+ intval=tvb_get_ntohl(tvb,offset+2);
+ rtimestamp=ctime((time_t*)&intval);
+ rtimestamp[strlen(rtimestamp)-1]=0;
+ sprintf(cont,"%d (%s %s)", tvb_get_ntohl(tvb,offset+2), rtimestamp, *tzname);
+ break;
+ case( RADIUS_INTEGER4_TAGGED ):
+ intval = tvb_get_ntohl(tvb,offset+2);
+ /* Tagged ? */
+ if (intval >> 24) {
+ sprintf(textbuffer, "Tag:%u, Value:%u",
+ intval >> 24,
+ intval & 0xffffff);
+ break;
+ }
+ sprintf(cont,"%u", intval);
break;
case( RADIUS_UNKNOWN ):
default:
}
-void dissect_attribute_value_pairs(const u_char *pd, int offset, frame_data
-*fd, proto_tree *tree, int avplength)
+static void
+dissect_attribute_value_pairs(tvbuff_t *tvb, int offset,proto_tree *tree,
+ int avplength,packet_info *pinfo)
{
/* adds the attribute value pairs to the tree */
e_avphdr avph;
gchar *avptpstrval;
gchar *valstr;
+ guint8 *reassembled_data = NULL;
+ int reassembled_data_len = 0;
+ int data_needed = 0;
+
if (avplength==0)
{
- proto_tree_add_text(tree,offset,0,"No Attribute Value Pairs Found");
- return;
+ if (tree)
+ proto_tree_add_text(tree, tvb,offset,0,"No Attribute Value Pairs Found");
+ return;
}
- while (avplength > 0 )
+ /*
+ * In case we throw an exception, clean up whatever stuff we've
+ * allocated (if any).
+ */
+ CLEANUP_PUSH(g_free, reassembled_data);
+
+ while (avplength > 0)
{
+ tvb_memcpy(tvb,(guint8 *)&avph,offset,sizeof(e_avphdr));
+ avptpstrval = match_strval(avph.avp_type, radius_attrib_type_vals);
+ if (avptpstrval == NULL)
+ avptpstrval = "Unknown Type";
+ if (avph.avp_length < 2) {
+ /*
+ * This AVP is bogus - the length includes the type and length
+ * fields, so it must be >= 2.
+ */
+ if (tree) {
+ proto_tree_add_text(tree, tvb, offset, avph.avp_length,
+ "t:%s(%u) l:%u (length not >= 2)",
+ avptpstrval, avph.avp_type, avph.avp_length);
+ }
+ break;
+ }
+
+ if (avph.avp_type == RD_TP_EAP_MESSAGE) {
+ proto_item *ti;
+ proto_tree *eap_tree = NULL;
+ gint tvb_len;
+ tvbuff_t *next_tvb;
+ int data_len;
+ int result;
+
+ if (tree) {
+ ti = proto_tree_add_text(tree, tvb, offset, avph.avp_length,
+ "t:%s(%u) l:%u",
+ avptpstrval, avph.avp_type, avph.avp_length);
+ eap_tree = proto_item_add_subtree(ti, ett_radius_eap);
+ }
+ tvb_len = tvb_length_remaining(tvb, offset+2);
+ data_len = avph.avp_length-2;
+ if (data_len < tvb_len)
+ tvb_len = data_len;
+ next_tvb = tvb_new_subset(tvb, offset+2, tvb_len, data_len);
+
+ /*
+ * Set the columns non-writable, so that the packet list
+ * shows this as an RADIUS packet, not as an EAP packet.
+ */
+ col_set_writable(pinfo->cinfo, FALSE);
+
+ /*
+ * RFC 2869 says, in section 5.13, describing the EAP-Message
+ * attribute:
+ *
+ * The String field contains EAP packets, as defined in [3]. If
+ * multiple EAP-Message attributes are present in a packet their
+ * values should be concatenated; this allows EAP packets longer than
+ * 253 octets to be passed by RADIUS.
+ *
+ * Do reassembly of EAP-Message attributes.
+ */
+
+ /* Are we in the process of reassembling? */
+ if (reassembled_data != NULL) {
+ /* Yes - show this as an EAP fragment. */
+ if (tree)
+ proto_tree_add_text(eap_tree, next_tvb, 0, -1, "EAP fragment");
+
+ /*
+ * Do we have all of the data in this fragment?
+ */
+ if (tvb_len >= data_len) {
+ /*
+ * Yes - add it to the reassembled data.
+ */
+ tvb_memcpy(next_tvb, reassembled_data + reassembled_data_len,
+ 0, data_len);
+ reassembled_data_len += data_len;
+ data_needed -= data_len;
+ if (data_needed <= 0) {
+ /*
+ * We got at least as much data as we needed; we're done
+ * reassembling.
+ * XXX - what if we got more?
+ */
+
+ /*
+ * Allocate a new tvbuff, referring to the reassembled payload.
+ */
+ next_tvb = tvb_new_real_data(reassembled_data, reassembled_data_len,
+ reassembled_data_len);
+
+ /*
+ * We have a tvbuff that refers to this data, so we shouldn't
+ * free this data if we throw an exception; clear
+ * "reassembled_data", so the cleanup handler won't free it.
+ */
+ reassembled_data = NULL;
+ reassembled_data_len = 0;
+ data_needed = 0;
+
+ /*
+ * Arrange that the allocated packet data copy be freed when the
+ * tvbuff is freed.
+ */
+ tvb_set_free_cb(next_tvb, g_free);
- memcpy(&avph,&pd[offset],sizeof(e_avphdr));
- avplength=avplength-avph.avp_length;
- avptpstrval=match_strval(avph.avp_type, radius_attrib_type_vals);
- if (avptpstrval == NULL) avptpstrval="Unknown Type";
- valstr=rd_value_to_str(&avph, pd, offset);
- if (!BYTES_ARE_IN_FRAME(offset, avph.avp_length)) {
- break;
- }
- proto_tree_add_text(tree,offset,avph.avp_length,
- "t:%s(%d) l:%d, %s",
- avptpstrval,avph.avp_type,avph.avp_length,valstr);
- offset=offset+avph.avp_length;
- if (avph.avp_length == 0) {
- break;
- }
+ /*
+ * Add the tvbuff to the list of tvbuffs to which the tvbuff we
+ * were handed refers, so it'll get cleaned up when that tvbuff
+ * is cleaned up.
+ */
+ tvb_set_child_real_data_tvbuff(tvb, next_tvb);
+
+ /* Add the defragmented data to the data source list. */
+ add_new_data_source(pinfo->fd, next_tvb, "Reassembled EAP");
+
+ /* Now dissect it. */
+ call_dissector(eap_fragment_handle, next_tvb, pinfo, eap_tree);
+ }
+ }
+ } else {
+ /*
+ * No - hand it to the dissector.
+ */
+ result = call_dissector(eap_fragment_handle, next_tvb, pinfo, eap_tree);
+ if (result < 0) {
+ /* This is only part of the full EAP packet; start reassembly. */
+ proto_tree_add_text(eap_tree, next_tvb, 0, -1, "EAP fragment");
+ reassembled_data_len = data_len;
+ data_needed = -result;
+ reassembled_data = g_malloc(reassembled_data_len + data_needed);
+ tvb_memcpy(next_tvb, reassembled_data, 0, reassembled_data_len);
+ }
+ }
+ } else {
+ if (tree) {
+ valstr = rd_value_to_str(&avph, tvb, offset);
+ proto_tree_add_text(tree, tvb, offset, avph.avp_length,
+ "t:%s(%u) l:%u, %s",
+ avptpstrval, avph.avp_type, avph.avp_length,
+ valstr);
+ }
+ }
+
+ offset = offset+avph.avp_length;
+ avplength = avplength-avph.avp_length;
}
+
+ /*
+ * Call the cleanup handler to free any reassembled data we haven't
+ * attached to a tvbuff, and pop the handler.
+ */
+ CLEANUP_CALL_AND_POP;
}
-void dissect_radius(const u_char *pd, int offset, frame_data *fd,
-proto_tree
-*tree)
+static void dissect_radius(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
- proto_tree *radius_tree,*avptree;
+ proto_tree *radius_tree = NULL, *avptree = NULL;
proto_item *ti,*avptf;
int rhlength;
int rhcode;
int rhident;
- int avplength,hdrlength, offsetavp;
+ int avplength,hdrlength;
e_radiushdr rh;
gchar *codestrval;
- memcpy(&rh,&pd[offset],sizeof(e_radiushdr));
+ if (check_col(pinfo->cinfo, COL_PROTOCOL))
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "RADIUS");
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_clear(pinfo->cinfo, COL_INFO);
+ tvb_memcpy(tvb,(guint8 *)&rh,0,sizeof(e_radiushdr));
rhcode= (int)rh.rh_code;
rhident= (int)rh.rh_ident;
{
codestrval="Unknown Packet";
}
- if (check_col(fd, COL_PROTOCOL))
- col_add_str(fd, COL_PROTOCOL, "RADIUS");
- if (check_col(fd, COL_INFO))
+ if (check_col(pinfo->cinfo, COL_INFO))
{
- sprintf(textbuffer,"%s(%d) (id=%d, l=%d)",
+ col_add_fstr(pinfo->cinfo,COL_INFO,"%s(%d) (id=%d, l=%d)",
codestrval, rhcode, rhident, rhlength);
- col_add_fstr(fd,COL_INFO,textbuffer);
}
if (tree)
{
-
- ti = proto_tree_add_item(tree,proto_radius, offset, rhlength,
- NULL);
+ ti = proto_tree_add_item(tree,proto_radius, tvb, 0, rhlength, FALSE);
radius_tree = proto_item_add_subtree(ti, ett_radius);
- proto_tree_add_uint_format(radius_tree,hf_radius_code, offset, 1,
- rh.rh_code, "Packet code:0x%01x (%s)",rhcode, codestrval);
- proto_tree_add_uint_format(radius_tree,hf_radius_id, offset+1, 1,
+ proto_tree_add_uint(radius_tree,hf_radius_code, tvb, 0, 1,
+ rh.rh_code);
+ proto_tree_add_uint_format(radius_tree,hf_radius_id, tvb, 1, 1,
rh.rh_ident, "Packet identifier: 0x%01x (%d)",
rhident,rhident);
- proto_tree_add_uint_format(radius_tree, hf_radius_length,
- offset+2, 2,
- (guint16)rhlength,
- "Packet length: 0x%02x(%d)",rhlength,rhlength);
- proto_tree_add_text(radius_tree, offset+4,
+ proto_tree_add_uint(radius_tree, hf_radius_length, tvb,
+ 2, 2, rhlength);
+ proto_tree_add_text(radius_tree, tvb, 4,
AUTHENTICATOR_LENGTH,
"Authenticator");
+ }
- hdrlength=RD_HDR_LENGTH+AUTHENTICATOR_LENGTH;
- avplength= rhlength -hdrlength;
-
- offsetavp=offset+hdrlength;
-
+ hdrlength=RD_HDR_LENGTH+AUTHENTICATOR_LENGTH;
+ avplength= rhlength -hdrlength;
- /* list the attribute value pairs */
+ if (avplength > 0) {
+ /* list the attribute value pairs */
- avptf = proto_tree_add_text(radius_tree
- ,offset+hdrlength,avplength,
- "Attribute value pairs");
- avptree = proto_item_add_subtree(avptf, ett_radius_avp);
+ if (tree)
+ {
+ avptf = proto_tree_add_text(radius_tree,
+ tvb,hdrlength,avplength,
+ "Attribute value pairs");
+ avptree = proto_item_add_subtree(avptf, ett_radius_avp);
+ }
- if (avptree !=NULL)
- {
- dissect_attribute_value_pairs( pd,
- offsetavp,fd,avptree,avplength);
- }
+ dissect_attribute_value_pairs(tvb, hdrlength, avptree, avplength, pinfo);
}
}
/* registration with the filtering engine */
{
static hf_register_info hf[] = {
{ &hf_radius_code,
- { "Code","radius.code", FT_UINT8, BASE_DEC, NULL, 0x0,
- "" }},
+ { "Code","radius.code", FT_UINT8, BASE_DEC, VALS(radius_vals), 0x0,
+ "", HFILL }},
{ &hf_radius_id,
{ "Identifier", "radius.id", FT_UINT8, BASE_DEC, NULL, 0x0,
- "" }},
+ "", HFILL }},
{ &hf_radius_length,
{ "Length","radius.length", FT_UINT16, BASE_DEC, NULL, 0x0,
- "" }}
+ "", HFILL }}
};
static gint *ett[] = {
&ett_radius,
&ett_radius_avp,
+ &ett_radius_eap,
};
- proto_radius = proto_register_protocol ("Radius Protocol", "radius");
+ proto_radius = proto_register_protocol("Radius Protocol", "RADIUS",
+ "radius");
proto_register_field_array(proto_radius, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
}
+
+void
+proto_reg_handoff_radius(void)
+{
+ dissector_handle_t radius_handle;
+
+ /*
+ * Get a handle for the EAP fragment dissector.
+ */
+ eap_fragment_handle = find_dissector("eap_fragment");
+
+ radius_handle = create_dissector_handle(dissect_radius, proto_radius);
+ dissector_add("udp.port", UDP_PORT_RADIUS, radius_handle);
+ dissector_add("udp.port", UDP_PORT_RADIUS_NEW, radius_handle);
+ dissector_add("udp.port", UDP_PORT_RADACCT, radius_handle);
+ dissector_add("udp.port", UDP_PORT_RADACCT_NEW, radius_handle);
+}