1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
|
/*
* packet-radius.h
*
* Definitions for RADIUS packet disassembly
* Wireshark - Network traffic analyzer
* By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
* SPDX-License-Identifier: GPL-2.0-or-later
*/
#include <epan/proto.h>
/* radius packet-type codes */
/* 09/12/2011: Updated from IANA:
* http://www.iana.org/assignments/radius-types/radius-types.xml#radius-types-27
*/
#define RADIUS_PKT_TYPE_ACCESS_REQUEST 1
#define RADIUS_PKT_TYPE_ACCESS_ACCEPT 2
#define RADIUS_PKT_TYPE_ACCESS_REJECT 3
#define RADIUS_PKT_TYPE_ACCOUNTING_REQUEST 4
#define RADIUS_PKT_TYPE_ACCOUNTING_RESPONSE 5
#define RADIUS_PKT_TYPE_ACCOUNTING_STATUS 6
#define RADIUS_PKT_TYPE_PASSWORD_REQUEST 7
#define RADIUS_PKT_TYPE_PASSWORD_ACK 8
#define RADIUS_PKT_TYPE_PASSWORD_REJECT 9
#define RADIUS_PKT_TYPE_ACCOUNTING_MESSAGE 10
#define RADIUS_PKT_TYPE_ACCESS_CHALLENGE 11
#define RADIUS_PKT_TYPE_STATUS_SERVER 12
#define RADIUS_PKT_TYPE_STATUS_CLIENT 13
#define RADIUS_PKT_TYPE_RESOURCE_FREE_REQUEST 21
#define RADIUS_PKT_TYPE_RESOURCE_FREE_RESPONSE 22
#define RADIUS_PKT_TYPE_RESOURCE_QUERY_REQUEST 23
#define RADIUS_PKT_TYPE_RESOURCE_QUERY_RESPONSE 24
#define RADIUS_PKT_TYPE_ALTERNATE_RESOURCE_RECLAIM_REQUEST 25
#define RADIUS_PKT_TYPE_NAS_REBOOT_REQUEST 26
#define RADIUS_PKT_TYPE_NAS_REBOOT_RESPONSE 27
#define RADIUS_PKT_TYPE_NEXT_PASSCODE 29
#define RADIUS_PKT_TYPE_NEW_PIN 30
#define RADIUS_PKT_TYPE_TERMINATE_SESSION 31
#define RADIUS_PKT_TYPE_PASSWORD_EXPIRED 32
#define RADIUS_PKT_TYPE_EVENT_REQUEST 33
#define RADIUS_PKT_TYPE_EVENT_RESPONSE 34
#define RADIUS_PKT_TYPE_DISCONNECT_REQUEST 40
#define RADIUS_PKT_TYPE_DISCONNECT_ACK 41
#define RADIUS_PKT_TYPE_DISCONNECT_NAK 42
#define RADIUS_PKT_TYPE_COA_REQUEST 43
#define RADIUS_PKT_TYPE_COA_ACK 44
#define RADIUS_PKT_TYPE_COA_NAK 45
#define RADIUS_PKT_TYPE_IP_ADDRESS_ALLOCATE 50
#define RADIUS_PKT_TYPE_IP_ADDRESS_RELEASE 51
/* ALU proprietary packet type codes */
#define RADIUS_PKT_TYPE_ALU_STATE_REQUEST 129
#define RADIUS_PKT_TYPE_ALU_STATE_ACCEPT 130
#define RADIUS_PKT_TYPE_ALU_STATE_REJECT 131
#define RADIUS_PKT_TYPE_ALU_STATE_ERROR 132
/* Radius Attribute Types*/
/* 09/12/2011: Updated from IANA:
* http://www.iana.org/assignments/radius-types/radius-types.xml#radius-types-1
*/
#define RADIUS_ATTR_TYPE_VENDOR_SPECIFIC 26
#define RADIUS_ATTR_TYPE_EAP_MESSAGE 79
#define RADIUS_ATTR_TYPE_EXTENDED_1 241
#define RADIUS_ATTR_TYPE_EXTENDED_2 242
#define RADIUS_ATTR_TYPE_EXTENDED_3 243
#define RADIUS_ATTR_TYPE_EXTENDED_4 244
#define RADIUS_ATTR_TYPE_EXTENDED_5 245
#define RADIUS_ATTR_TYPE_EXTENDED_6 246
#define RADIUS_ATTR_TYPE_IS_EXTENDED(avp_type) \
((avp_type) == RADIUS_ATTR_TYPE_EXTENDED_1 || \
(avp_type) == RADIUS_ATTR_TYPE_EXTENDED_2 || \
(avp_type) == RADIUS_ATTR_TYPE_EXTENDED_3 || \
(avp_type) == RADIUS_ATTR_TYPE_EXTENDED_4 || \
(avp_type) == RADIUS_ATTR_TYPE_EXTENDED_5 || \
(avp_type) == RADIUS_ATTR_TYPE_EXTENDED_6)
#define RADIUS_ATTR_TYPE_IS_EXTENDED_LONG(avp_type) \
((avp_type) == RADIUS_ATTR_TYPE_EXTENDED_5 || \
(avp_type) == RADIUS_ATTR_TYPE_EXTENDED_6)
typedef struct _radius_vendor_info_t {
gchar *name;
guint code;
GHashTable* attrs_by_id;
gint ett;
guint type_octets;
guint length_octets;
gboolean has_flags;
} radius_vendor_info_t;
typedef struct _radius_attr_info_t radius_attr_info_t;
typedef void (radius_attr_dissector_t)(radius_attr_info_t*, proto_tree*, packet_info*, tvbuff_t*, int, int, proto_item* );
typedef const gchar* (radius_avp_dissector_t)(proto_tree*,tvbuff_t*, packet_info*);
typedef union _radius_attr_type_t {
guint8 u8_code[2];
guint value;
} radius_attr_type_t;
struct _radius_attr_info_t {
gchar *name;
radius_attr_type_t code;
guint encrypt; /* 0 or value for "encrypt=" option */
gboolean tagged;
radius_attr_dissector_t* type;
radius_avp_dissector_t* dissector;
const value_string *vs;
gint ett;
int hf;
int hf_alt; /* 64-bit version for integers, encrypted version for strings, IPv6 for radius_combo_ip */
int hf_tag;
int hf_len;
GHashTable* tlvs_by_id; /**< Owns the data (see also radius_dictionary_t). */
};
/*
* Attributes and Vendors are a mapping between IDs and names. Names
* are normally uniquely identified by a number. Identifiers for
* Vendor-Specific Attributes (VSA) are scoped within the vendor.
*
* The attribute/vendor structures are owned by the by_id tables,
* the by_name tables point to the same data.
*/
typedef struct _radius_dictionary_t {
GHashTable* attrs_by_id;
GHashTable* attrs_by_name;
GHashTable* vendors_by_id;
GHashTable* vendors_by_name;
GHashTable* tlvs_by_name; /**< Used for debugging duplicate assignments, does not own the data. */
} radius_dictionary_t;
radius_attr_dissector_t radius_integer;
radius_attr_dissector_t radius_string;
radius_attr_dissector_t radius_octets;
radius_attr_dissector_t radius_ipaddr;
radius_attr_dissector_t radius_ipv6addr;
radius_attr_dissector_t radius_ipv6prefix;
radius_attr_dissector_t radius_ipxnet;
radius_attr_dissector_t radius_date;
radius_attr_dissector_t radius_abinary;
radius_attr_dissector_t radius_ether;
radius_attr_dissector_t radius_ifid;
radius_attr_dissector_t radius_byte;
radius_attr_dissector_t radius_short;
radius_attr_dissector_t radius_signed;
radius_attr_dissector_t radius_combo_ip;
radius_attr_dissector_t radius_tlv;
extern void radius_register_avp_dissector(guint32 vendor_id, guint32 attribute_id, radius_avp_dissector_t dissector);
void dissect_attribute_value_pairs(proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb, int offset, guint length);
extern void free_radius_attr_info(gpointer data);
/* from radius_dict.l */
gboolean radius_load_dictionary (radius_dictionary_t* dict, gchar* directory, const gchar* filename, gchar** err_str);
|