* RFC 2869:
* "RADIUS Extensions"
*
+ * RFC 3162:
+ * "RADIUS and IPv6"
+ *
* RFC 3580:
* "IEEE 802.1X Remote Authentication Dial In User Service (RADIUS)"
* "Usage Guidelines"
static void print_attr_num(netdissect_options *, register const u_char *, u_int, u_short );
static void print_vendor_attr(netdissect_options *, register const u_char *, u_int, u_short );
static void print_attr_address(netdissect_options *, register const u_char *, u_int, u_short);
+static void print_attr_address6(netdissect_options *, register const u_char *, u_int, u_short);
+static void print_attr_netmask6(netdissect_options *, register const u_char *, u_int, u_short);
static void print_attr_time(netdissect_options *, register const u_char *, u_int, u_short);
static void print_attr_strange(netdissect_options *, register const u_char *, u_int, u_short);
{ "Tunnel-Server-Auth-ID", NULL, 0, 0, print_attr_string },
{ "NAS-Filter-Rule", NULL, 0, 0, print_attr_string },
{ "Unassigned", NULL, 0, 0, NULL }, /*93*/
- { "Originating-Line-Info", NULL, 0, 0, NULL }
+ { "Originating-Line-Info", NULL, 0, 0, NULL },
+ { "NAS-IPv6-Address", NULL, 0, 0, print_attr_address6 },
+ { "Framed-Interface-ID", NULL, 0, 0, NULL },
+ { "Framed-IPv6-Prefix", NULL, 0, 0, print_attr_netmask6 },
+ { "Login-IPv6-Host", NULL, 0, 0, print_attr_address6 },
+ { "Framed-IPv6-Route", NULL, 0, 0, print_attr_string },
+ { "Framed-IPv6-Pool", NULL, 0, 0, print_attr_string }
};
ND_PRINT((ndo, "%s", tstr));
}
+/*****************************/
+/* Print an attribute IPv6 */
+/* address value pointed by */
+/* 'data' and 'length' size. */
+/*****************************/
+/* Returns nothing. */
+/*****************************/
+static void
+print_attr_address6(netdissect_options *ndo,
+ register const u_char *data, u_int length, u_short attr_code _U_)
+{
+ if (length != 16)
+ {
+ ND_PRINT((ndo, "ERROR: length %u != 16", length));
+ return;
+ }
+
+ ND_TCHECK2(data[0], 16);
+
+ ND_PRINT((ndo, "%s", ip6addr_string(ndo, data)));
+
+ return;
+
+ trunc:
+ ND_PRINT((ndo, "%s", tstr));
+}
+
+static void
+print_attr_netmask6(netdissect_options *ndo,
+ register const u_char *data, u_int length, u_short attr_code _U_)
+{
+ u_char data2[18];
+
+ if (length < 2 || length > 18)
+ {
+ ND_PRINT((ndo, "ERROR: length %u not in range (2..18)", length));
+ return;
+ }
+ else if (data[1] > 128)
+ {
+ ND_PRINT((ndo, "ERROR: netmask %u not in range (0..128)", data[1]));
+ return;
+ }
+
+ ND_TCHECK2(data[0], length);
+ memset(data2, 0, sizeof(data2));
+ if (length > 2)
+ memcpy(data2, data+2, length-2);
+
+ ND_PRINT((ndo, "%s/%u", ip6addr_string(ndo, data2), data[1]));
+
+ return;
+
+ trunc:
+ ND_PRINT((ndo, "%s", tstr));
+}
+
/*************************************/
/* Print an attribute of 'secs since */
/* January 1, 1970 00:00 UTC' value */
--- /dev/null
+IP (tos 0x0, ttl 64, id 60508, offset 0, flags [DF], proto UDP (17), length 169)
+ 127.0.0.1.39646 > 127.0.0.1.1812: RADIUS, length: 141
+ Access-Request (1), id: 0xf0, Authenticator: 2afdb090418ac6365298fbbb15e0fd2e
+ User-Name Attribute (1), length: 5, Value: bob
+ User-Password Attribute (2), length: 18, Value:
+ NAS-IPv6-Address Attribute (95), length: 18, Value: 2001:db8:a0b:12f0::1
+ Framed-IPv6-Prefix Attribute (97), length: 20, Value: 2001:db8:a0b:12f0::/64
+ Framed-IPv6-Prefix Attribute (97), length: 12, Value: 2001:db8:a0b:12f0::/64
+ Framed-IPv6-Prefix Attribute (97), length: 4, Value: ::/0
+ Framed-IPv6-Prefix Attribute (97), length: 3, Value: ERROR: length 1 not in range (2..18)
+ Framed-IPv6-Prefix Attribute (97), length: 21, Value: ERROR: length 19 not in range (2..18)
+ Framed-IPv6-Prefix Attribute (97), length: 20, Value: ERROR: netmask 129 not in range (0..128)
projects / tcpdump / commitdiff
