]> The Tcpdump Group git mirrors - tcpdump/blob - print-radius.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Don't use "sizeof()" to find the minimum RADIUS packet length (although,
[tcpdump] / print-radius.c
1 /*
2 * Radius printer routines as specified on:
3 *
4 * RFC 2865:
5 * "Remote Authentication Dial In User Service (RADIUS)"
6 *
7 * RFC 2866:
8 * "RADIUS Accounting"
9 *
10 * RFC 2867:
11 * "RADIUS Accounting Modifications for Tunnel Protocol Support"
12 *
13 * RFC 2868:
14 * "RADIUS Attributes for Tunnel Protocol Support"
15 *
16 * RFC 2869:
17 * "RADIUS Extensions"
18 *
19 * Alfredo Andres Omella (aandres@s21sec.com) v0.1 2000/09/15
20 *
21 * TODO: Among other things to print ok MacIntosh and Vendor values
22 */
23
24 #ifndef lint
25 static const char rcsid[] =
26 "$Id: print-radius.c,v 1.7 2001-06-18 09:16:28 guy Exp $";
27 #endif
28
29 #ifdef HAVE_CONFIG_H
30 #include "config.h"
31 #endif
32
33 #include <string.h>
34
35 #include <sys/param.h>
36
37 #include <netinet/in.h>
38
39 #include <stdio.h>
40
41 #include "interface.h"
42 #include "addrtoname.h"
43 #include "extract.h"
44
45 #define TAM_SIZE(x) (sizeof(x)/sizeof(x[0]) )
46
47 #define PRINT_HEX(bytes_len, ptr_data) \
48 while(bytes_len) \
49 { \
50 printf("%02X", *ptr_data ); \
51 ptr_data++; \
52 bytes_len--; \
53 }
54
55
56 /* Radius packet codes */
57 #define RADCMD_ACCESS_REQ 1 /* Access-Request */
58 #define RADCMD_ACCESS_ACC 2 /* Access-Accept */
59 #define RADCMD_ACCESS_REJ 3 /* Access-Reject */
60 #define RADCMD_ACCOUN_REQ 4 /* Accounting-Request */
61 #define RADCMD_ACCOUN_RES 5 /* Accounting-Response */
62 #define RADCMD_ACCESS_CHA 11 /* Access-Challenge */
63 #define RADCMD_STATUS_SER 12 /* Status-Server */
64 #define RADCMD_STATUS_CLI 13 /* Status-Client */
65 #define RADCMD_RESERVED 255 /* Reserved */
66
67
68 /********************************/
69 /* Begin Radius Attribute types */
70 /********************************/
71 #define SERV_TYPE 6
72 #define FRM_IPADDR 8
73 #define LOG_IPHOST 14
74 #define LOG_SERVICE 15
75 #define FRM_IPX 23
76 #define SESSION_TIMEOUT 27
77 #define IDLE_TIMEOUT 28
78 #define FRM_ATALK_LINK 37
79 #define FRM_ATALK_NETWORK 38
80
81 #define ACCT_DELAY 41
82 #define ACCT_SESSION_TIME 46
83
84 #define TUNNEL_TYPE 64
85 #define TUNNEL_MEDIUM 65
86 #define TUNNEL_CLIENT_END 66
87 #define TUNNEL_SERVER_END 67
88 #define TUNNEL_PASS 69
89
90 #define ARAP_PASS 70
91 #define ARAP_FEATURES 71
92
93 #define TUNNEL_PRIV_GROUP 81
94 #define TUNNEL_ASSIGN_ID 82
95 #define TUNNEL_PREFERENCE 83
96
97 #define ARAP_CHALLENGE_RESP 84
98 #define ACCT_INT_INTERVAL 85
99
100 #define TUNNEL_CLIENT_AUTH 90
101 #define TUNNEL_SERVER_AUTH 91
102 /********************************/
103 /* End Radius Attribute types */
104 /********************************/
105
106
107 static void print_attr_string(register u_char *, u_int, u_short );
108 static void print_attr_num(register u_char *, u_int, u_short );
109 static void print_attr_address(register u_char *, u_int, u_short);
110 static void print_attr_time(register u_char *, u_int, u_short);
111 static void print_attr_strange(register u_char *, u_int, u_short);
112
113
114 struct radius_hdr { u_int8_t code; /* Radius packet code */
115 u_int8_t id; /* Radius packet id */
116 u_int16_t len; /* Radius total length */
117 u_int8_t auth[16]; /* Authenticator */
118 };
119
120 #define MIN_RADIUS_LEN 20
121
122 struct radius_attr { u_int8_t type; /* Attribute type */
123 u_int8_t len; /* Attribute length */
124 };
125
126
127 /* Service-Type Attribute standard values */
128 static const char *serv_type[]={ NULL,
129 "Login",
130 "Framed",
131 "Callback Login",
132 "Callback Framed",
133 "Outbound",
134 "Administrative",
135 "NAS Prompt",
136 "Authenticate Only",
137 "Callback NAS Prompt",
138 "Call Check",
139 "Callback Administrative",
140 };
141
142 /* Framed-Protocol Attribute standard values */
143 static const char *frm_proto[]={ NULL,
144 "PPP",
145 "SLIP",
146 "ARAP",
147 "Gandalf proprietary",
148 "Xylogics IPX/SLIP",
149 "X.75 Synchronous",
150 };
151
152 /* Framed-Routing Attribute standard values */
153 static const char *frm_routing[]={ "None",
154 "Send",
155 "Listen",
156 "Send&Listen",
157 };
158
159 /* Framed-Compression Attribute standard values */
160 static const char *frm_comp[]={ "None",
161 "VJ TCP/IP",
162 "IPX",
163 "Stac-LZS",
164 };
165
166 /* Login-Service Attribute standard values */
167 static const char *login_serv[]={ "Telnet",
168 "Rlogin",
169 "TCP Clear",
170 "PortMaster(proprietary)",
171 "LAT",
172 "X.25-PAD",
173 "X.25-T3POS",
174 "Unassigned",
175 "TCP Clear Quiet",
176 };
177
178
179 /* Termination-Action Attribute standard values */
180 static const char *term_action[]={ "Default",
181 "RADIUS-Request",
182 };
183
184 /* NAS-Port-Type Attribute standard values */
185 static const char *nas_port_type[]={ "Async",
186 "Sync",
187 "ISDN Sync",
188 "ISDN Async V.120",
189 "ISDN Async V.110",
190 "Virtual",
191 "PIAFS",
192 "HDLC Clear Channel",
193 "X.25",
194 "X.75",
195 "G.3 Fax",
196 "SDSL",
197 "ADSL-CAP",
198 "ADSL-DMT",
199 "ISDN-DSL",
200 "Ethernet",
201 "xDSL",
202 "Cable",
203 "Wireless - Other",
204 "Wireless - IEEE 802.11",
205 };
206
207 /* Acct-Status-Type Accounting Attribute standard values */
208 static const char *acct_status[]={ NULL,
209 "Start",
210 "Stop",
211 "Interim-Update",
212 "Unassigned",
213 "Unassigned",
214 "Unassigned",
215 "Accounting-On",
216 "Accounting-Off",
217 "Tunnel-Start",
218 "Tunnel-Stop",
219 "Tunnel-Reject",
220 "Tunnel-Link-Start",
221 "Tunnel-Link-Stop",
222 "Tunnel-Link-Reject",
223 "Failed",
224 };
225
226 /* Acct-Authentic Accounting Attribute standard values */
227 static const char *acct_auth[]={ NULL,
228 "RADIUS",
229 "Local",
230 "Remote",
231 };
232
233 /* Acct-Terminate-Cause Accounting Attribute standard values */
234 static const char *acct_term[]={ NULL,
235 "User Request",
236 "Lost Carrier",
237 "Lost Service",
238 "Idle Timeout",
239 "Session Timeout",
240 "Admin Reset",
241 "Admin Reboot",
242 "Port Error",
243 "NAS Error",
244 "NAS Request",
245 "NAS Reboot",
246 "Port Unneeded",
247 "Port Preempted",
248 "Port Suspended",
249 "Service Unavailable",
250 "Callback",
251 "User Error",
252 "Host Request",
253 };
254
255 /* Tunnel-Type Attribute standard values */
256 static const char *tunnel_type[]={ NULL,
257 "PPTP",
258 "L2F",
259 "L2TP",
260 "ATMP",
261 "VTP",
262 "AH",
263 "IP-IP",
264 "MIN-IP-IP",
265 "ESP",
266 "GRE",
267 "DVS",
268 "IP-in-IP Tunneling",
269 };
270
271 /* Tunnel-Medium-Type Attribute standard values */
272 static const char *tunnel_medium[]={ NULL,
273 "IPv4",
274 "IPv6",
275 "NSAP",
276 "HDLC",
277 "BBN 1822",
278 "802",
279 "E.163",
280 "E.164",
281 "F.69",
282 "X.121",
283 "IPX",
284 "Appletalk",
285 "Decnet IV",
286 "Banyan Vines",
287 "E.164 with NSAP subaddress",
288 };
289
290 /* ARAP-Zone-Access Attribute standard values */
291 static const char *arap_zone[]={ NULL,
292 "Only access to dfl zone",
293 "Use zone filter inc.",
294 "Not used",
295 "Use zone filter exc.",
296 };
297
298 static const char *prompt[]={ "No Echo",
299 "Echo",
300 };
301
302
303 struct attrtype { char *name; /* Attribute name */
304 const char **subtypes; /* Standard Values (if any) */
305 u_char siz_subtypes; /* Size of total standard values */
306 u_char first_subtype; /* First standard value is 0 or 1 */
307 void (*print_func)(register u_char *, u_int, u_short );
308 } attr_type[]=
309 {
310 { NULL, NULL, 0, 0, NULL },
311 { "User", NULL, 0, 0, print_attr_string },
312 { "Pass", NULL, 0, 0, NULL },
313 { "CHAP-Pass", NULL, 0, 0, NULL },
314 { "NAS_ipaddr", NULL, 0, 0, print_attr_address },
315 { "NAS_port", NULL, 0, 0, print_attr_num },
316 { "Service_type", serv_type, TAM_SIZE(serv_type)-1, 1, print_attr_num },
317 { "Framed_proto", frm_proto, TAM_SIZE(frm_proto)-1, 1, print_attr_num },
318 { "Framed_ipaddr", NULL, 0, 0, print_attr_address },
319 { "Framed_ipnet", NULL, 0, 0, print_attr_address },
320 { "Framed_routing", frm_routing, TAM_SIZE(frm_routing), 0,
321 print_attr_num },
322 { "Filter_id", NULL, 0, 0, print_attr_string },
323 { "Framed_mtu", NULL, 0, 0, print_attr_num },
324 { "Framed_compress", frm_comp, TAM_SIZE(frm_comp), 0, print_attr_num },
325 { "Login_iphost", NULL, 0, 0, print_attr_address },
326 { "Login_service", login_serv, TAM_SIZE(login_serv), 0, print_attr_num },
327 { "Login_TCP_port", NULL, 0, 0, print_attr_num },
328 /*17*/ { "Unassigned", NULL, 0, 0, NULL },
329 { "Reply", NULL, 0, 0, print_attr_string },
330 { "Callback-number", NULL, 0, 0, print_attr_string },
331 { "Callback-id", NULL, 0, 0, print_attr_string },
332 /*21*/ { "Unassigned", NULL, 0, 0, NULL },
333 { "Framed_route", NULL, 0, 0, print_attr_string },
334 { "Framed_ipx_net", NULL, 0, 0, print_attr_num },
335 { "State", NULL, 0, 0, print_attr_string },
336 { "Class", NULL, 0, 0, print_attr_string },
337 { "Vendor_specific", NULL, 0, 0, print_attr_string },
338 { "Session_timeout", NULL, 0, 0, print_attr_num },
339 { "Idle_timeout", NULL, 0, 0, print_attr_num },
340 { "Term_action", term_action, TAM_SIZE(term_action), 0, print_attr_num },
341 { "Called_station", NULL, 0, 0, print_attr_string },
342 { "Calling_station", NULL, 0, 0, print_attr_string },
343 { "NAS_id", NULL, 0, 0, print_attr_string },
344 { "Proxy_state", NULL, 0, 0, print_attr_string },
345 { "Login_LAT_service", NULL, 0, 0, print_attr_string },
346 { "Login_LAT_node", NULL, 0, 0, print_attr_string },
347 { "Login_LAT_group", NULL, 0, 0, print_attr_string },
348 { "Framed_atalk_link", NULL, 0, 0, print_attr_num },
349 { "Framed_atalk_net", NULL, 0, 0, print_attr_num },
350 { "Framed_atalk_zone", NULL, 0, 0, print_attr_string },
351 { "Acct_status", acct_status, TAM_SIZE(acct_status)-1, 1, print_attr_num },
352 { "Acct_delay", NULL, 0, 0, print_attr_num },
353 { "Acct_in_octets", NULL, 0, 0, print_attr_num },
354 { "Acct_out_octets", NULL, 0, 0, print_attr_num },
355 { "Acct_session_id", NULL, 0, 0, print_attr_string },
356 { "Acct_authentic", acct_auth, TAM_SIZE(acct_auth)-1, 1, print_attr_num },
357 { "Acct_session_time", NULL, 0, 0, print_attr_num },
358 { "Acct_in_packets", NULL, 0, 0, print_attr_num },
359 { "Acct_out_packets", NULL, 0, 0, print_attr_num },
360 { "Acct_term_cause", acct_term, TAM_SIZE(acct_term)-1, 1, print_attr_num },
361 { "Acct_multi_session_id", NULL, 0, 0, print_attr_string },
362 { "Acct_link_count", NULL, 0, 0, print_attr_num },
363 { "Acct_in_giga", NULL, 0, 0, print_attr_num },
364 { "Acct_out_giga", NULL, 0, 0, print_attr_num },
365 /*54*/ { "Unassigned", NULL, 0, 0, NULL },
366 { "Event_timestamp", NULL, 0, 0, print_attr_time },
367 /*56*/ { "Unassigned", NULL, 0, 0, NULL },
368 /*57*/ { "Unassigned", NULL, 0, 0, NULL },
369 /*58*/ { "Unassigned", NULL, 0, 0, NULL },
370 /*59*/ { "Unassigned", NULL, 0, 0, NULL },
371 { "CHAP_challenge", NULL, 0, 0, print_attr_string },
372 { "NAS_port_type", nas_port_type, TAM_SIZE(nas_port_type), 0,
373 print_attr_num },
374 { "Port_limit", NULL, 0, 0, print_attr_num },
375 /*63*/ { "Login_LAT_port", NULL, 0, 0, print_attr_string },
376 { "Tunnel_type", tunnel_type, TAM_SIZE(tunnel_type)-1, 1, print_attr_num },
377 { "Tunnel_medium", tunnel_medium, TAM_SIZE(tunnel_medium)-1, 1,
378 print_attr_num },
379 { "Tunnel_client_end", NULL, 0, 0, print_attr_string },
380 { "Tunnel_server_end", NULL, 0, 0, print_attr_string },
381 { "Acct_tunnel_connect", NULL, 0, 0, print_attr_string },
382 { "Tunnel_pass", NULL, 0, 0, print_attr_string },
383 { "ARAP_pass", NULL, 0, 0, print_attr_strange },
384 { "ARAP_feature", NULL, 0, 0, print_attr_strange },
385 /*72*/ { "ARAP_zone_acces", arap_zone, TAM_SIZE(arap_zone)-1, 1,
386 print_attr_num },
387 { "ARAP_security", NULL, 0, 0, print_attr_string },
388 { "ARAP_security_data", NULL, 0, 0, print_attr_string },
389 { "Password_retry", NULL, 0, 0, print_attr_num },
390 { "Prompt", prompt, TAM_SIZE(prompt), 0, print_attr_num },
391 { "Connect_info", NULL, 0, 0, print_attr_string },
392 { "Config_token", NULL, 0, 0, print_attr_string },
393 { "EAP_msg", NULL, 0, 0, print_attr_string },
394 /*80*/ { "Message_auth", NULL, 0, 0, print_attr_string },
395 { "Tunnel_priv_group", NULL, 0, 0, print_attr_string },
396 { "Tunnel_assign_id", NULL, 0, 0, print_attr_string },
397 { "Tunnel_pref", NULL, 0, 0, print_attr_num },
398 { "ARAP_challenge_resp", NULL, 0, 0, print_attr_strange },
399 { "Acct_interim_interval", NULL, 0, 0, print_attr_num },
400 /*86*/ { "Acct_tunnel_pack_lost", NULL, 0, 0, print_attr_num },
401 { "NAS_port_id", NULL, 0, 0, print_attr_string },
402 { "Framed_pool", NULL, 0, 0, print_attr_string },
403 { "Unassigned", NULL, 0, 0, NULL },
404 { "Tunnel_client_auth_id", NULL, 0, 0, print_attr_string },
405 { "Tunnel_server_auth_id", NULL, 0, 0, print_attr_string },
406 /*92*/ { "Unassigned", NULL, 0, 0, NULL },
407 /*93*/ { "Unassigned", NULL, 0, 0, NULL }
408 };
409
410
411 /*****************************/
412 /* Print an attribute string */
413 /* value pointed by 'data' */
414 /* and 'length' size. */
415 /*****************************/
416 /* Returns nothing. */
417 /*****************************/
418 static void
419 print_attr_string(register u_char *data, u_int length, u_short attr_code )
420 {
421 register u_int i;
422
423 TCHECK2(data[0],length);
424
425 printf("{");
426 switch(attr_code)
427 {
428 case TUNNEL_PASS:
429 if (*data && (*data <=0x1F) )
430 printf("Tag[%d] ",*data);
431 data++;
432 printf("Salt[%d] ",EXTRACT_16BITS(data) );
433 data+=2;
434 length-=2;
435 break;
436 case TUNNEL_CLIENT_END:
437 case TUNNEL_SERVER_END:
438 case TUNNEL_PRIV_GROUP:
439 case TUNNEL_ASSIGN_ID:
440 case TUNNEL_CLIENT_AUTH:
441 case TUNNEL_SERVER_AUTH:
442 if (*data <= 0x1F)
443 {
444 printf("Tag[%d] ",*data);
445 data++;
446 length--;
447 }
448 break;
449 }
450
451 for (i=0; i < length ; i++, data++)
452 printf("%c",(*data < 32 || *data > 128) ? '.' : *data );
453
454 printf("}");
455
456 return;
457
458 trunc:
459 printf("|radius");
460 }
461
462
463 /******************************/
464 /* Print an attribute numeric */
465 /* value pointed by 'data' */
466 /* and 'length' size. */
467 /******************************/
468 /* Returns nothing. */
469 /******************************/
470 static void
471 print_attr_num(register u_char *data, u_int length, u_short attr_code )
472 {
473 u_int8_t tag;
474 u_int32_t timeout;
475
476 if (length != 4)
477 {
478 printf("{length %u != 4}", length);
479 return;
480 }
481
482 TCHECK2(data[0],4);
483 /* This attribute has standard values */
484 if (attr_type[attr_code].siz_subtypes)
485 {
486 static const char **table;
487 u_int32_t data_value;
488 table = attr_type[attr_code].subtypes;
489
490 if ( (attr_code == TUNNEL_TYPE) || (attr_code == TUNNEL_MEDIUM) )
491 {
492 if (!*data)
493 printf("{Tag[Unused]");
494 else
495 printf("{Tag[%d]", *data);
496 data++;
497 data_value = EXTRACT_24BITS(data);
498 }
499 else
500 {
501 data++;
502 data_value = EXTRACT_32BITS(data);
503 }
504 if ( data_value <= (attr_type[attr_code].siz_subtypes - 1 +
505 attr_type[attr_code].first_subtype) )
506 printf("{%s}",table[data_value]);
507 else
508 printf("{#%d}",data_value);
509 }
510 else
511 {
512 switch(attr_code) /* Be aware of special cases... */
513 {
514 case FRM_IPX:
515 if (EXTRACT_32BITS( data) == 0xFFFFFFFE )
516 printf("{NAS_select}");
517 else
518 printf("{%d}",EXTRACT_32BITS( data) );
519 break;
520
521 case SESSION_TIMEOUT:
522 case IDLE_TIMEOUT:
523 case ACCT_DELAY:
524 case ACCT_SESSION_TIME:
525 case ACCT_INT_INTERVAL:
526 timeout = EXTRACT_32BITS( data);
527 if ( timeout < 60 )
528 printf( "{%02d secs}", timeout);
529 else
530 {
531 if ( timeout < 3600 )
532 printf( "{%02d:%02d min}",
533 timeout / 60, timeout % 60);
534 else
535 printf( "{%02d:%02d:%02d hours}",
536 timeout / 3600, (timeout % 3600) / 60,
537 timeout % 60);
538 }
539 break;
540
541 case FRM_ATALK_LINK:
542 if (EXTRACT_32BITS(data) )
543 printf("{%d}",EXTRACT_32BITS(data) );
544 else
545 printf("{Unnumbered}" );
546 break;
547
548 case FRM_ATALK_NETWORK:
549 if (EXTRACT_32BITS(data) )
550 printf("{%d}",EXTRACT_32BITS(data) );
551 else
552 printf("{NAS_assign}" );
553 break;
554
555 case TUNNEL_PREFERENCE:
556 tag = *data;
557 data++;
558 if (tag == 0)
559 printf("{Tag[Unused] %d}",EXTRACT_24BITS(data) );
560 else
561 printf("{Tag[%d] %d}", tag, EXTRACT_24BITS(data) );
562 break;
563
564 default:
565 printf("{%d}",EXTRACT_32BITS( data) );
566 break;
567
568 } /* switch */
569
570 } /* if-else */
571
572 return;
573
574 trunc:
575 printf("|radius}");
576 }
577
578
579 /*****************************/
580 /* Print an attribute IPv4 */
581 /* address value pointed by */
582 /* 'data' and 'length' size. */
583 /*****************************/
584 /* Returns nothing. */
585 /*****************************/
586 static void
587 print_attr_address(register u_char *data, u_int length, u_short attr_code )
588 {
589 if (length != 4)
590 {
591 printf("{length %u != 4}", length);
592 return;
593 }
594
595 TCHECK2(data[0],4);
596
597 switch(attr_code)
598 {
599 case FRM_IPADDR:
600 case LOG_IPHOST:
601 if (EXTRACT_32BITS(data) == 0xFFFFFFFF )
602 printf("{User_select}");
603 else
604 if (EXTRACT_32BITS(data) == 0xFFFFFFFE )
605 printf("{NAS_select}");
606 else
607 printf("{%s}",ipaddr_string(data));
608 break;
609
610 default:
611 printf("{%s}",ipaddr_string(data) );
612 break;
613 }
614
615 return;
616
617 trunc:
618 printf("{|radius}");
619 }
620
621
622 /*************************************/
623 /* Print an attribute of 'secs since */
624 /* January 1, 1970 00:00 UTC' value */
625 /* pointed by 'data' and 'length' */
626 /* size. */
627 /*************************************/
628 /* Returns nothing. */
629 /*************************************/
630 static void print_attr_time(register u_char *data, u_int length, u_short attr_code)
631 {
632 time_t attr_time;
633 char string[26];
634
635 if (length != 4)
636 {
637 printf("{length %u != 4}", length);
638 return;
639 }
640
641 TCHECK2(data[0],4);
642
643 attr_time = EXTRACT_32BITS(data);
644 strcpy(string, ctime(&attr_time));
645 /* Get rid of the newline */
646 string[24] = '\0';
647 printf("{%.24s}", string);
648 return;
649
650 trunc:
651 printf("{|radius}");
652 }
653
654
655 /***********************************/
656 /* Print an attribute of 'strange' */
657 /* data format pointed by 'data' */
658 /* and 'length' size. */
659 /***********************************/
660 /* Returns nothing. */
661 /***********************************/
662 static void print_attr_strange(register u_char *data, u_int length, u_short attr_code)
663 {
664 u_short len_data;
665
666 switch(attr_code)
667 {
668 case ARAP_PASS:
669 if (length != 16)
670 {
671 printf("{length %u != 16}", length);
672 return;
673 }
674 printf("{User_challenge[");
675 TCHECK2(data[0],8);
676 len_data = 8;
677 PRINT_HEX(len_data, data);
678 printf("] User_resp[");
679 TCHECK2(data[0],8);
680 len_data = 8;
681 PRINT_HEX(len_data, data);
682 printf("]}");
683 break;
684
685 case ARAP_FEATURES:
686 if (length != 14)
687 {
688 printf("{length %u != 14}", length);
689 return;
690 }
691 TCHECK2(data[0],1);
692 if (*data)
693 printf("{User_can_change_pass");
694 else
695 printf("{User_cant_change_pass");
696 data++;
697 TCHECK2(data[0],1);
698 printf(" Min_pass_len[%d]",*data);
699 data++;
700 printf(" Pass_created_at[");
701 TCHECK2(data[0],4);
702 len_data = 4;
703 PRINT_HEX(len_data, data);
704 printf("] Pass_expired_in[");
705 TCHECK2(data[0],4);
706 len_data = 4;
707 PRINT_HEX(len_data, data);
708 printf("] Current_time[");
709 len_data = 4;
710 TCHECK2(data[0],4);
711 PRINT_HEX(len_data, data);
712 printf("]}");
713 break;
714
715 case ARAP_CHALLENGE_RESP:
716 if (length < 8)
717 {
718 printf("{length %u != 8}", length);
719 return;
720 }
721 printf("{");
722 TCHECK2(data[0],8);
723 len_data = 8;
724 PRINT_HEX(len_data, data);
725 printf("}");
726 break;
727 }
728
729 trunc:
730 printf("|radius}");
731 }
732
733
734
735 static void
736 radius_attr_print(register const u_char *attr, u_int length)
737 {
738 register const struct radius_attr *rad_attr = (struct radius_attr *)attr;
739
740 if (length < 3)
741 {
742 printf(" [|radius]");
743 return;
744 }
745
746 printf(" Attr[ ");
747 while (length > 0)
748 {
749 if (rad_attr->len == 0)
750 {
751 printf("(zero-length attribute)");
752 return;
753 }
754 if ( rad_attr->len <= length )
755 {
756 if ( !rad_attr->type || (rad_attr->type > (TAM_SIZE(attr_type)-1)) )
757 printf("#%d",rad_attr->type);
758 else
759 {
760 printf(" %s",attr_type[rad_attr->type].name);
761
762 if (rad_attr->len > 2)
763 {
764 if ( attr_type[rad_attr->type].print_func )
765 (*attr_type[rad_attr->type].print_func)(
766 ((u_char *)(rad_attr+1)),
767 rad_attr->len - 2, rad_attr->type);
768 }
769 }
770 }
771 else
772 {
773 printf(" [|radius]");
774 return;
775 }
776 length-=(rad_attr->len);
777 rad_attr = (struct radius_attr *)( ((char *)(rad_attr))+rad_attr->len);
778 }
779
780 printf(" ]");
781 }
782
783
784 void
785 radius_print(const u_char *dat, u_int length)
786 {
787 register const struct radius_hdr *rad;
788 register int i;
789 int len;
790
791 i = min(length, snapend - dat);
792
793 if (i < MIN_RADIUS_LEN)
794 {
795 printf(" [|radius]");
796 return;
797 }
798
799 rad = (struct radius_hdr *)dat;
800 len = ntohs(rad->len);
801
802 if (len < MIN_RADIUS_LEN)
803 {
804 printf(" [|radius]");
805 return;
806 }
807
808 if (len < i)
809 i = len;
810
811 i -= MIN_RADIUS_LEN;
812
813 switch (rad->code)
814 {
815 case RADCMD_ACCESS_REQ:
816 printf(" rad-access-req %d", length);
817 break;
818
819 case RADCMD_ACCESS_ACC:
820 printf(" rad-access-accept %d", length);
821 break;
822
823 case RADCMD_ACCESS_REJ:
824 printf(" rad-access-reject %d", length);
825 break;
826
827 case RADCMD_ACCOUN_REQ:
828 printf(" rad-account-req %d", length);
829 break;
830
831 case RADCMD_ACCOUN_RES:
832 printf(" rad-account-resp %d", length);
833 break;
834
835 case RADCMD_ACCESS_CHA:
836 printf(" rad-access-cha %d", length);
837 break;
838
839 case RADCMD_STATUS_SER:
840 printf(" rad-status-serv %d", length);
841 break;
842
843 case RADCMD_STATUS_CLI:
844 printf(" rad-status-cli %d", length);
845 break;
846
847 case RADCMD_RESERVED:
848 printf(" rad-reserved %d", length);
849 break;
850
851 default:
852 printf(" rad-#%d %d", rad->code, length);
853 break;
854 }
855 printf(" [id %d]", rad->id);
856
857 if (i)
858 radius_attr_print( dat + MIN_RADIUS_LEN, i);
859 }
[mirror] the TCPdump network dissector