2 * Copyright (C) 2000 Alfredo Andres Omella. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in
12 * the documentation and/or other materials provided with the
14 * 3. The names of the authors may not be used to endorse or promote
15 * products derived from this software without specific prior
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
20 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
23 * Radius printer routines as specified on:
26 * "Remote Authentication Dial In User Service (RADIUS)"
32 * "RADIUS Accounting Modifications for Tunnel Protocol Support"
35 * "RADIUS Attributes for Tunnel Protocol Support"
40 * Alfredo Andres Omella (aandres@s21sec.com) v0.1 2000/09/15
42 * TODO: Among other things to print ok MacIntosh and Vendor values
45 #define NETDISSECT_REWORKED
50 #include <tcpdump-stdinc.h>
54 #include "interface.h"
55 #include "addrtoname.h"
59 static const char tstr[] = " [|radius]";
61 #define TAM_SIZE(x) (sizeof(x)/sizeof(x[0]) )
63 #define PRINT_HEX(bytes_len, ptr_data) \
66 ND_PRINT((ndo, "%02X", *ptr_data )); \
72 /* Radius packet codes */
73 #define RADCMD_ACCESS_REQ 1 /* Access-Request */
74 #define RADCMD_ACCESS_ACC 2 /* Access-Accept */
75 #define RADCMD_ACCESS_REJ 3 /* Access-Reject */
76 #define RADCMD_ACCOUN_REQ 4 /* Accounting-Request */
77 #define RADCMD_ACCOUN_RES 5 /* Accounting-Response */
78 #define RADCMD_ACCESS_CHA 11 /* Access-Challenge */
79 #define RADCMD_STATUS_SER 12 /* Status-Server */
80 #define RADCMD_STATUS_CLI 13 /* Status-Client */
81 #define RADCMD_RESERVED 255 /* Reserved */
83 static const struct tok radius_command_values[] = {
84 { RADCMD_ACCESS_REQ, "Access Request" },
85 { RADCMD_ACCESS_ACC, "Access Accept" },
86 { RADCMD_ACCESS_REJ, "Access Reject" },
87 { RADCMD_ACCOUN_REQ, "Accounting Request" },
88 { RADCMD_ACCOUN_RES, "Accounting Response" },
89 { RADCMD_ACCESS_CHA, "Access Challenge" },
90 { RADCMD_STATUS_SER, "Status Server" },
91 { RADCMD_STATUS_CLI, "Status Client" },
92 { RADCMD_RESERVED, "Reserved" },
96 /********************************/
97 /* Begin Radius Attribute types */
98 /********************************/
101 #define LOG_IPHOST 14
102 #define LOG_SERVICE 15
104 #define SESSION_TIMEOUT 27
105 #define IDLE_TIMEOUT 28
106 #define FRM_ATALK_LINK 37
107 #define FRM_ATALK_NETWORK 38
109 #define ACCT_DELAY 41
110 #define ACCT_SESSION_TIME 46
112 #define TUNNEL_TYPE 64
113 #define TUNNEL_MEDIUM 65
114 #define TUNNEL_CLIENT_END 66
115 #define TUNNEL_SERVER_END 67
116 #define TUNNEL_PASS 69
119 #define ARAP_FEATURES 71
121 #define TUNNEL_PRIV_GROUP 81
122 #define TUNNEL_ASSIGN_ID 82
123 #define TUNNEL_PREFERENCE 83
125 #define ARAP_CHALLENGE_RESP 84
126 #define ACCT_INT_INTERVAL 85
128 #define TUNNEL_CLIENT_AUTH 90
129 #define TUNNEL_SERVER_AUTH 91
130 /********************************/
131 /* End Radius Attribute types */
132 /********************************/
135 static void print_attr_string(netdissect_options *, register u_char *, u_int, u_short );
136 static void print_attr_num(netdissect_options *, register u_char *, u_int, u_short );
137 static void print_vendor_attr(netdissect_options *, register u_char *, u_int, u_short );
138 static void print_attr_address(netdissect_options *, register u_char *, u_int, u_short);
139 static void print_attr_time(netdissect_options *, register u_char *, u_int, u_short);
140 static void print_attr_strange(netdissect_options *, register u_char *, u_int, u_short);
143 struct radius_hdr { uint8_t code; /* Radius packet code */
144 uint8_t id; /* Radius packet id */
145 uint16_t len; /* Radius total length */
146 uint8_t auth[16]; /* Authenticator */
149 #define MIN_RADIUS_LEN 20
151 struct radius_attr { uint8_t type; /* Attribute type */
152 uint8_t len; /* Attribute length */
156 /* Service-Type Attribute standard values */
157 static const char *serv_type[]={ NULL,
166 "Callback NAS Prompt",
168 "Callback Administrative",
171 /* Framed-Protocol Attribute standard values */
172 static const char *frm_proto[]={ NULL,
176 "Gandalf proprietary",
181 /* Framed-Routing Attribute standard values */
182 static const char *frm_routing[]={ "None",
188 /* Framed-Compression Attribute standard values */
189 static const char *frm_comp[]={ "None",
195 /* Login-Service Attribute standard values */
196 static const char *login_serv[]={ "Telnet",
199 "PortMaster(proprietary)",
208 /* Termination-Action Attribute standard values */
209 static const char *term_action[]={ "Default",
213 /* NAS-Port-Type Attribute standard values */
214 static const char *nas_port_type[]={ "Async",
221 "HDLC Clear Channel",
233 "Wireless - IEEE 802.11",
236 /* Acct-Status-Type Accounting Attribute standard values */
237 static const char *acct_status[]={ NULL,
251 "Tunnel-Link-Reject",
255 /* Acct-Authentic Accounting Attribute standard values */
256 static const char *acct_auth[]={ NULL,
262 /* Acct-Terminate-Cause Accounting Attribute standard values */
263 static const char *acct_term[]={ NULL,
278 "Service Unavailable",
284 /* Tunnel-Type Attribute standard values */
285 static const char *tunnel_type[]={ NULL,
297 "IP-in-IP Tunneling",
300 /* Tunnel-Medium-Type Attribute standard values */
301 static const char *tunnel_medium[]={ NULL,
316 "E.164 with NSAP subaddress",
319 /* ARAP-Zone-Access Attribute standard values */
320 static const char *arap_zone[]={ NULL,
321 "Only access to dfl zone",
322 "Use zone filter inc.",
324 "Use zone filter exc.",
327 static const char *prompt[]={ "No Echo",
332 struct attrtype { const char *name; /* Attribute name */
333 const char **subtypes; /* Standard Values (if any) */
334 u_char siz_subtypes; /* Size of total standard values */
335 u_char first_subtype; /* First standard value is 0 or 1 */
336 void (*print_func)(netdissect_options *, register u_char *, u_int, u_short);
339 { NULL, NULL, 0, 0, NULL },
340 { "Username", NULL, 0, 0, print_attr_string },
341 { "Password", NULL, 0, 0, NULL },
342 { "CHAP Password", NULL, 0, 0, NULL },
343 { "NAS IP Address", NULL, 0, 0, print_attr_address },
344 { "NAS Port", NULL, 0, 0, print_attr_num },
345 { "Service Type", serv_type, TAM_SIZE(serv_type)-1, 1, print_attr_num },
346 { "Framed Protocol", frm_proto, TAM_SIZE(frm_proto)-1, 1, print_attr_num },
347 { "Framed IP Address", NULL, 0, 0, print_attr_address },
348 { "Framed IP Network", NULL, 0, 0, print_attr_address },
349 { "Framed Routing", frm_routing, TAM_SIZE(frm_routing), 0, print_attr_num },
350 { "Filter ID", NULL, 0, 0, print_attr_string },
351 { "Framed MTU", NULL, 0, 0, print_attr_num },
352 { "Framed Compression", frm_comp, TAM_SIZE(frm_comp), 0, print_attr_num },
353 { "Login IP Host", NULL, 0, 0, print_attr_address },
354 { "Login Service", login_serv, TAM_SIZE(login_serv), 0, print_attr_num },
355 { "Login TCP Port", NULL, 0, 0, print_attr_num },
356 { "Unassigned", NULL, 0, 0, NULL }, /*17*/
357 { "Reply", NULL, 0, 0, print_attr_string },
358 { "Callback-number", NULL, 0, 0, print_attr_string },
359 { "Callback-ID", NULL, 0, 0, print_attr_string },
360 { "Unassigned", NULL, 0, 0, NULL }, /*21*/
361 { "Framed Route", NULL, 0, 0, print_attr_string },
362 { "Framed IPX Network", NULL, 0, 0, print_attr_num },
363 { "State", NULL, 0, 0, print_attr_string },
364 { "Class", NULL, 0, 0, print_attr_string },
365 { "Vendor Specific", NULL, 0, 0, print_vendor_attr },
366 { "Session Timeout", NULL, 0, 0, print_attr_num },
367 { "Idle Timeout", NULL, 0, 0, print_attr_num },
368 { "Termination Action", term_action, TAM_SIZE(term_action), 0, print_attr_num },
369 { "Called Station", NULL, 0, 0, print_attr_string },
370 { "Calling Station", NULL, 0, 0, print_attr_string },
371 { "NAS ID", NULL, 0, 0, print_attr_string },
372 { "Proxy State", NULL, 0, 0, print_attr_string },
373 { "Login LAT Service", NULL, 0, 0, print_attr_string },
374 { "Login LAT Node", NULL, 0, 0, print_attr_string },
375 { "Login LAT Group", NULL, 0, 0, print_attr_string },
376 { "Framed Appletalk Link", NULL, 0, 0, print_attr_num },
377 { "Framed Appltalk Net", NULL, 0, 0, print_attr_num },
378 { "Framed Appletalk Zone", NULL, 0, 0, print_attr_string },
379 { "Accounting Status", acct_status, TAM_SIZE(acct_status)-1, 1, print_attr_num },
380 { "Accounting Delay", NULL, 0, 0, print_attr_num },
381 { "Accounting Input Octets", NULL, 0, 0, print_attr_num },
382 { "Accounting Output Octets", NULL, 0, 0, print_attr_num },
383 { "Accounting Session ID", NULL, 0, 0, print_attr_string },
384 { "Accounting Authentication", acct_auth, TAM_SIZE(acct_auth)-1, 1, print_attr_num },
385 { "Accounting Session Time", NULL, 0, 0, print_attr_num },
386 { "Accounting Input Packets", NULL, 0, 0, print_attr_num },
387 { "Accounting Output Packets", NULL, 0, 0, print_attr_num },
388 { "Accounting Termination Cause", acct_term, TAM_SIZE(acct_term)-1, 1, print_attr_num },
389 { "Accounting Multilink Session ID", NULL, 0, 0, print_attr_string },
390 { "Accounting Link Count", NULL, 0, 0, print_attr_num },
391 { "Accounting Input Giga", NULL, 0, 0, print_attr_num },
392 { "Accounting Output Giga", NULL, 0, 0, print_attr_num },
393 { "Unassigned", NULL, 0, 0, NULL }, /*54*/
394 { "Event Timestamp", NULL, 0, 0, print_attr_time },
395 { "Unassigned", NULL, 0, 0, NULL }, /*56*/
396 { "Unassigned", NULL, 0, 0, NULL }, /*57*/
397 { "Unassigned", NULL, 0, 0, NULL }, /*58*/
398 { "Unassigned", NULL, 0, 0, NULL }, /*59*/
399 { "CHAP challenge", NULL, 0, 0, print_attr_string },
400 { "NAS Port Type", nas_port_type, TAM_SIZE(nas_port_type), 0, print_attr_num },
401 { "Port Limit", NULL, 0, 0, print_attr_num },
402 { "Login LAT Port", NULL, 0, 0, print_attr_string }, /*63*/
403 { "Tunnel Type", tunnel_type, TAM_SIZE(tunnel_type)-1, 1, print_attr_num },
404 { "Tunnel Medium", tunnel_medium, TAM_SIZE(tunnel_medium)-1, 1, print_attr_num },
405 { "Tunnel Client End", NULL, 0, 0, print_attr_string },
406 { "Tunnel Server End", NULL, 0, 0, print_attr_string },
407 { "Accounting Tunnel connect", NULL, 0, 0, print_attr_string },
408 { "Tunnel Password", NULL, 0, 0, print_attr_string },
409 { "ARAP Password", NULL, 0, 0, print_attr_strange },
410 { "ARAP Feature", NULL, 0, 0, print_attr_strange },
411 { "ARAP Zone Acces", arap_zone, TAM_SIZE(arap_zone)-1, 1, print_attr_num }, /*72*/
412 { "ARAP Security", NULL, 0, 0, print_attr_string },
413 { "ARAP Security Data", NULL, 0, 0, print_attr_string },
414 { "Password Retry", NULL, 0, 0, print_attr_num },
415 { "Prompt", prompt, TAM_SIZE(prompt), 0, print_attr_num },
416 { "Connect Info", NULL, 0, 0, print_attr_string },
417 { "Config Token", NULL, 0, 0, print_attr_string },
418 { "EAP Message", NULL, 0, 0, print_attr_string },
419 { "Message Authentication", NULL, 0, 0, print_attr_string }, /*80*/
420 { "Tunnel Private Group", NULL, 0, 0, print_attr_string },
421 { "Tunnel Assigned ID", NULL, 0, 0, print_attr_string },
422 { "Tunnel Preference", NULL, 0, 0, print_attr_num },
423 { "ARAP Challenge Response", NULL, 0, 0, print_attr_strange },
424 { "Accounting Interim Interval", NULL, 0, 0, print_attr_num },
425 { "Accounting Tunnel packets lost", NULL, 0, 0, print_attr_num }, /*86*/
426 { "NAS Port ID", NULL, 0, 0, print_attr_string },
427 { "Framed Pool", NULL, 0, 0, print_attr_string },
428 { "Chargeable User Identity", NULL, 0, 0, print_attr_string },
429 { "Tunnel Client Authentication ID", NULL, 0, 0, print_attr_string },
430 { "Tunnel Server Authentication ID", NULL, 0, 0, print_attr_string },
431 { "Unassigned", NULL, 0, 0, NULL }, /*92*/
432 { "Unassigned", NULL, 0, 0, NULL } /*93*/
436 /*****************************/
437 /* Print an attribute string */
438 /* value pointed by 'data' */
439 /* and 'length' size. */
440 /*****************************/
441 /* Returns nothing. */
442 /*****************************/
444 print_attr_string(netdissect_options *ndo,
445 register u_char *data, u_int length, u_short attr_code)
449 ND_TCHECK2(data[0],length);
456 ND_PRINT((ndo, "%s", tstr));
459 if (*data && (*data <=0x1F) )
460 ND_PRINT((ndo, "Tag %u, ",*data));
463 ND_PRINT((ndo, "Salt %u ", EXTRACT_16BITS(data)));
467 case TUNNEL_CLIENT_END:
468 case TUNNEL_SERVER_END:
469 case TUNNEL_PRIV_GROUP:
470 case TUNNEL_ASSIGN_ID:
471 case TUNNEL_CLIENT_AUTH:
472 case TUNNEL_SERVER_AUTH:
477 ND_PRINT((ndo, "%s", tstr));
480 ND_PRINT((ndo, "Tag %u", *data));
487 for (i=0; *data && i < length ; i++, data++)
488 ND_PRINT((ndo, "%c", (*data < 32 || *data > 128) ? '.' : *data));
493 ND_PRINT((ndo, "%s", tstr));
497 * print vendor specific attributes
500 print_vendor_attr(netdissect_options *ndo,
501 register u_char *data, u_int length, u_short attr_code _U_)
510 ND_TCHECK2(*data, 4);
511 vendor_id = EXTRACT_32BITS(data);
515 ND_PRINT((ndo, "Vendor: %s (%u)",
516 tok2str(smi_values,"Unknown",vendor_id),
519 while (length >= 2) {
520 ND_TCHECK2(*data, 2);
522 vendor_type = *(data);
523 vendor_length = *(data+1);
525 if (vendor_length < 2)
527 ND_PRINT((ndo, "\n\t Vendor Attribute: %u, Length: %u (bogus, must be >= 2)",
532 if (vendor_length > length)
534 ND_PRINT((ndo, "\n\t Vendor Attribute: %u, Length: %u (bogus, goes past end of vendor-specific attribute)",
542 ND_TCHECK2(*data, vendor_length);
544 ND_PRINT((ndo, "\n\t Vendor Attribute: %u, Length: %u, Value: ",
547 for (idx = 0; idx < vendor_length ; idx++, data++)
548 ND_PRINT((ndo, "%c", (*data < 32 || *data > 128) ? '.' : *data));
549 length-=vendor_length;
554 ND_PRINT((ndo, "%s", tstr));
557 /******************************/
558 /* Print an attribute numeric */
559 /* value pointed by 'data' */
560 /* and 'length' size. */
561 /******************************/
562 /* Returns nothing. */
563 /******************************/
565 print_attr_num(netdissect_options *ndo,
566 register u_char *data, u_int length, u_short attr_code)
573 ND_PRINT((ndo, "ERROR: length %u != 4", length));
577 ND_TCHECK2(data[0],4);
578 /* This attribute has standard values */
579 if (attr_type[attr_code].siz_subtypes)
581 static const char **table;
583 table = attr_type[attr_code].subtypes;
585 if ( (attr_code == TUNNEL_TYPE) || (attr_code == TUNNEL_MEDIUM) )
588 ND_PRINT((ndo, "Tag[Unused]"));
590 ND_PRINT((ndo, "Tag[%d]", *data));
592 data_value = EXTRACT_24BITS(data);
596 data_value = EXTRACT_32BITS(data);
598 if ( data_value <= (uint32_t)(attr_type[attr_code].siz_subtypes - 1 +
599 attr_type[attr_code].first_subtype) &&
600 data_value >= attr_type[attr_code].first_subtype )
601 ND_PRINT((ndo, "%s", table[data_value]));
603 ND_PRINT((ndo, "#%u", data_value));
607 switch(attr_code) /* Be aware of special cases... */
610 if (EXTRACT_32BITS( data) == 0xFFFFFFFE )
611 ND_PRINT((ndo, "NAS Select"));
613 ND_PRINT((ndo, "%d", EXTRACT_32BITS(data)));
616 case SESSION_TIMEOUT:
619 case ACCT_SESSION_TIME:
620 case ACCT_INT_INTERVAL:
621 timeout = EXTRACT_32BITS( data);
623 ND_PRINT((ndo, "%02d secs", timeout));
626 if ( timeout < 3600 )
627 ND_PRINT((ndo, "%02d:%02d min",
628 timeout / 60, timeout % 60));
630 ND_PRINT((ndo, "%02d:%02d:%02d hours",
631 timeout / 3600, (timeout % 3600) / 60,
637 if (EXTRACT_32BITS(data) )
638 ND_PRINT((ndo, "%d", EXTRACT_32BITS(data)));
640 ND_PRINT((ndo, "Unnumbered"));
643 case FRM_ATALK_NETWORK:
644 if (EXTRACT_32BITS(data) )
645 ND_PRINT((ndo, "%d", EXTRACT_32BITS(data)));
647 ND_PRINT((ndo, "NAS assigned"));
650 case TUNNEL_PREFERENCE:
654 ND_PRINT((ndo, "Tag (Unused) %d", EXTRACT_24BITS(data)));
656 ND_PRINT((ndo, "Tag (%d) %d", tag, EXTRACT_24BITS(data)));
660 ND_PRINT((ndo, "%d", EXTRACT_32BITS(data)));
670 ND_PRINT((ndo, "%s", tstr));
673 /*****************************/
674 /* Print an attribute IPv4 */
675 /* address value pointed by */
676 /* 'data' and 'length' size. */
677 /*****************************/
678 /* Returns nothing. */
679 /*****************************/
681 print_attr_address(netdissect_options *ndo,
682 register u_char *data, u_int length, u_short attr_code)
686 ND_PRINT((ndo, "ERROR: length %u != 4", length));
690 ND_TCHECK2(data[0],4);
696 if (EXTRACT_32BITS(data) == 0xFFFFFFFF )
697 ND_PRINT((ndo, "User Selected"));
699 if (EXTRACT_32BITS(data) == 0xFFFFFFFE )
700 ND_PRINT((ndo, "NAS Select"));
702 ND_PRINT((ndo, "%s",ipaddr_string(ndo, data)));
706 ND_PRINT((ndo, "%s", ipaddr_string(ndo, data)));
713 ND_PRINT((ndo, "%s", tstr));
716 /*************************************/
717 /* Print an attribute of 'secs since */
718 /* January 1, 1970 00:00 UTC' value */
719 /* pointed by 'data' and 'length' */
721 /*************************************/
722 /* Returns nothing. */
723 /*************************************/
725 print_attr_time(netdissect_options *ndo,
726 register u_char *data, u_int length, u_short attr_code _U_)
733 ND_PRINT((ndo, "ERROR: length %u != 4", length));
737 ND_TCHECK2(data[0],4);
739 attr_time = EXTRACT_32BITS(data);
740 strlcpy(string, ctime(&attr_time), sizeof(string));
741 /* Get rid of the newline */
743 ND_PRINT((ndo, "%.24s", string));
747 ND_PRINT((ndo, "%s", tstr));
750 /***********************************/
751 /* Print an attribute of 'strange' */
752 /* data format pointed by 'data' */
753 /* and 'length' size. */
754 /***********************************/
755 /* Returns nothing. */
756 /***********************************/
758 print_attr_strange(netdissect_options *ndo,
759 register u_char *data, u_int length, u_short attr_code)
768 ND_PRINT((ndo, "ERROR: length %u != 16", length));
771 ND_PRINT((ndo, "User_challenge ("));
772 ND_TCHECK2(data[0],8);
774 PRINT_HEX(len_data, data);
775 ND_PRINT((ndo, ") User_resp("));
776 ND_TCHECK2(data[0],8);
778 PRINT_HEX(len_data, data);
779 ND_PRINT((ndo, ")"));
785 ND_PRINT((ndo, "ERROR: length %u != 14", length));
788 ND_TCHECK2(data[0],1);
790 ND_PRINT((ndo, "User can change password"));
792 ND_PRINT((ndo, "User cannot change password"));
794 ND_TCHECK2(data[0],1);
795 ND_PRINT((ndo, ", Min password length: %d", *data));
797 ND_PRINT((ndo, ", created at: "));
798 ND_TCHECK2(data[0],4);
800 PRINT_HEX(len_data, data);
801 ND_PRINT((ndo, ", expires in: "));
802 ND_TCHECK2(data[0],4);
804 PRINT_HEX(len_data, data);
805 ND_PRINT((ndo, ", Current Time: "));
806 ND_TCHECK2(data[0],4);
808 PRINT_HEX(len_data, data);
811 case ARAP_CHALLENGE_RESP:
814 ND_PRINT((ndo, "ERROR: length %u != 8", length));
817 ND_TCHECK2(data[0],8);
819 PRINT_HEX(len_data, data);
825 ND_PRINT((ndo, "%s", tstr));
829 radius_attrs_print(netdissect_options *ndo,
830 register const u_char *attr, u_int length)
832 register const struct radius_attr *rad_attr = (struct radius_attr *)attr;
833 const char *attr_string;
839 ND_TCHECK(*rad_attr);
841 if (rad_attr->type > 0 && rad_attr->type < TAM_SIZE(attr_type))
842 attr_string = attr_type[rad_attr->type].name;
844 attr_string = "Unknown";
845 if (rad_attr->len < 2)
847 ND_PRINT((ndo, "\n\t %s Attribute (%u), length: %u (bogus, must be >= 2)",
853 if (rad_attr->len > length)
855 ND_PRINT((ndo, "\n\t %s Attribute (%u), length: %u (bogus, goes past end of packet)",
861 ND_PRINT((ndo, "\n\t %s Attribute (%u), length: %u, Value: ",
866 if (rad_attr->type < TAM_SIZE(attr_type))
868 if (rad_attr->len > 2)
870 if ( attr_type[rad_attr->type].print_func )
871 (*attr_type[rad_attr->type].print_func)(
872 ndo, ((u_char *)(rad_attr+1)),
873 rad_attr->len - 2, rad_attr->type);
876 /* do we also want to see a hex dump ? */
877 if (ndo->ndo_vflag> 1)
878 print_unknown_data(ndo, (u_char *)rad_attr+2, "\n\t ", (rad_attr->len)-2);
880 length-=(rad_attr->len);
881 rad_attr = (struct radius_attr *)( ((char *)(rad_attr))+rad_attr->len);
886 ND_PRINT((ndo, "%s", tstr));
890 radius_print(netdissect_options *ndo,
891 const u_char *dat, u_int length)
893 register const struct radius_hdr *rad;
896 ND_TCHECK2(*dat, MIN_RADIUS_LEN);
897 rad = (struct radius_hdr *)dat;
898 len = EXTRACT_16BITS(&rad->len);
900 if (len < MIN_RADIUS_LEN)
902 ND_PRINT((ndo, "%s", tstr));
909 if (ndo->ndo_vflag < 1) {
910 ND_PRINT((ndo, "RADIUS, %s (%u), id: 0x%02x length: %u",
911 tok2str(radius_command_values,"Unknown Command",rad->code),
918 ND_PRINT((ndo, "RADIUS, length: %u\n\t%s (%u), id: 0x%02x, Authenticator: ",
920 tok2str(radius_command_values,"Unknown Command",rad->code),
924 for(auth_idx=0; auth_idx < 16; auth_idx++)
925 ND_PRINT((ndo, "%02x", rad->auth[auth_idx]));
928 if (len > MIN_RADIUS_LEN)
929 radius_attrs_print(ndo, dat + MIN_RADIUS_LEN, len - MIN_RADIUS_LEN);
933 ND_PRINT((ndo, "%s", tstr));
projects / FreeBSD / FreeBSD.git / blob