Home Verkennen Help
Inloggen
SoftwareDesign
/
csu3_am335x
8
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Aftakking: master
Aftakkingen Labels
csu3_am335x
/
EVSE
/
GPL
/
tcpdump-4.9.2
/
print-radius.c

print-radius.c 35 KB
Permalink Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993 
  1. /*
    2. 

  2.  * Copyright (C) 2000 Alfredo Andres Omella.  All rights reserved.
    3. 

  3.  *
    4. 

  4.  * Redistribution and use in source and binary forms, with or without
    5. 

  5.  * modification, are permitted provided that the following conditions
    6. 

  6.  * are met:
    7. 

  7.  *
    8. 

  8.  *   1. Redistributions of source code must retain the above copyright
    9. 

  9.  *      notice, this list of conditions and the following disclaimer.
    10. 

  10.  *   2. Redistributions in binary form must reproduce the above copyright
    11. 

  11.  *      notice, this list of conditions and the following disclaimer in
    12. 

  12.  *      the documentation and/or other materials provided with the
    13. 

  13.  *      distribution.
    14. 

  14.  *   3. The names of the authors may not be used to endorse or promote
    15. 

  15.  *      products derived from this software without specific prior
    16. 

  16.  *      written permission.
    17. 

  17.  *
    18. 

  18.  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
    19. 

  19.  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
    20. 

  20.  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
    21. 

  21.  */
    22. 

  22. 

  23. /* \summary: Radius protocol printer */
    24. 

  24. 

  25. /*
    26. 

  26.  * Radius printer routines as specified on:
    27. 

  27.  *
    28. 

  28.  * RFC 2865:
    29. 

  29.  *      "Remote Authentication Dial In User Service (RADIUS)"
    30. 

  30.  *
    31. 

  31.  * RFC 2866:
    32. 

  32.  *      "RADIUS Accounting"
    33. 

  33.  *
    34. 

  34.  * RFC 2867:
    35. 

  35.  *      "RADIUS Accounting Modifications for Tunnel Protocol Support"
    36. 

  36.  *
    37. 

  37.  * RFC 2868:
    38. 

  38.  *      "RADIUS Attributes for Tunnel Protocol Support"
    39. 

  39.  *
    40. 

  40.  * RFC 2869:
    41. 

  41.  *      "RADIUS Extensions"
    42. 

  42.  *
    43. 

  43.  * RFC 3580:
    44. 

  44.  *      "IEEE 802.1X Remote Authentication Dial In User Service (RADIUS)"
    45. 

  45.  *      "Usage Guidelines"
    46. 

  46.  *
    47. 

  47.  * RFC 4675:
    48. 

  48.  *      "RADIUS Attributes for Virtual LAN and Priority Support"
    49. 

  49.  *
    50. 

  50.  * RFC 5176:
    51. 

  51.  *      "Dynamic Authorization Extensions to RADIUS"
    52. 

  52.  *
    53. 

  53.  * Alfredo Andres Omella (aandres@s21sec.com) v0.1 2000/09/15
    54. 

  54.  *
    55. 

  55.  * TODO: Among other things to print ok MacIntosh and Vendor values
    56. 

  56.  */
    57. 

  57. 

  58. #ifdef HAVE_CONFIG_H
    59. 

  59. #include "config.h"
    60. 

  60. #endif
    61. 

  61. 

  62. #include <netdissect-stdinc.h>
    63. 

  63. 

  64. #include <string.h>
    65. 

  65. 

  66. #include "netdissect.h"
    67. 

  67. #include "addrtoname.h"
    68. 

  68. #include "extract.h"
    69. 

  69. #include "oui.h"
    70. 

  70. 

  71. static const char tstr[] = " [|radius]";
    72. 

  72. 

  73. #define TAM_SIZE(x) (sizeof(x)/sizeof(x[0]) )
    74. 

  74. 

  75. #define PRINT_HEX(bytes_len, ptr_data)                               \
    76. 

  76.            while(bytes_len)                                          \
    77. 

  77.            {                                                         \
    78. 

  78.               ND_PRINT((ndo, "%02X", *ptr_data ));                   \
    79. 

  79.               ptr_data++;                                            \
    80. 

  80.               bytes_len--;                                           \
    81. 

  81.            }
    82. 

  82. 

  83. 

  84. /* Radius packet codes */
    85. 

  85. #define RADCMD_ACCESS_REQ   1 /* Access-Request      */
    86. 

  86. #define RADCMD_ACCESS_ACC   2 /* Access-Accept       */
    87. 

  87. #define RADCMD_ACCESS_REJ   3 /* Access-Reject       */
    88. 

  88. #define RADCMD_ACCOUN_REQ   4 /* Accounting-Request  */
    89. 

  89. #define RADCMD_ACCOUN_RES   5 /* Accounting-Response */
    90. 

  90. #define RADCMD_ACCESS_CHA  11 /* Access-Challenge    */
    91. 

  91. #define RADCMD_STATUS_SER  12 /* Status-Server       */
    92. 

  92. #define RADCMD_STATUS_CLI  13 /* Status-Client       */
    93. 

  93. #define RADCMD_DISCON_REQ  40 /* Disconnect-Request  */
    94. 

  94. #define RADCMD_DISCON_ACK  41 /* Disconnect-ACK      */
    95. 

  95. #define RADCMD_DISCON_NAK  42 /* Disconnect-NAK      */
    96. 

  96. #define RADCMD_COA_REQ     43 /* CoA-Request         */
    97. 

  97. #define RADCMD_COA_ACK     44 /* CoA-ACK             */
    98. 

  98. #define RADCMD_COA_NAK     45 /* CoA-NAK             */
    99. 

  99. #define RADCMD_RESERVED   255 /* Reserved            */
    100. 

  100. 

  101. static const struct tok radius_command_values[] = {
    102. 

  102.     { RADCMD_ACCESS_REQ, "Access-Request" },
    103. 

  103.     { RADCMD_ACCESS_ACC, "Access-Accept" },
    104. 

  104.     { RADCMD_ACCESS_REJ, "Access-Reject" },
    105. 

  105.     { RADCMD_ACCOUN_REQ, "Accounting-Request" },
    106. 

  106.     { RADCMD_ACCOUN_RES, "Accounting-Response" },
    107. 

  107.     { RADCMD_ACCESS_CHA, "Access-Challenge" },
    108. 

  108.     { RADCMD_STATUS_SER, "Status-Server" },
    109. 

  109.     { RADCMD_STATUS_CLI, "Status-Client" },
    110. 

  110.     { RADCMD_DISCON_REQ, "Disconnect-Request" },
    111. 

  111.     { RADCMD_DISCON_ACK, "Disconnect-ACK" },
    112. 

  112.     { RADCMD_DISCON_NAK, "Disconnect-NAK" },
    113. 

  113.     { RADCMD_COA_REQ,    "CoA-Request" },
    114. 

  114.     { RADCMD_COA_ACK,    "CoA-ACK" },
    115. 

  115.     { RADCMD_COA_NAK,    "CoA-NAK" },
    116. 

  116.     { RADCMD_RESERVED,   "Reserved" },
    117. 

  117.     { 0, NULL}
    118. 

  118. };
    119. 

  119. 

  120. /********************************/
    121. 

  121. /* Begin Radius Attribute types */
    122. 

  122. /********************************/
    123. 

  123. #define SERV_TYPE    6
    124. 

  124. #define FRM_IPADDR   8
    125. 

  125. #define LOG_IPHOST  14
    126. 

  126. #define LOG_SERVICE 15
    127. 

  127. #define FRM_IPX     23
    128. 

  128. #define SESSION_TIMEOUT   27
    129. 

  129. #define IDLE_TIMEOUT      28
    130. 

  130. #define FRM_ATALK_LINK    37
    131. 

  131. #define FRM_ATALK_NETWORK 38
    132. 

  132. 

  133. #define ACCT_DELAY        41
    134. 

  134. #define ACCT_SESSION_TIME 46
    135. 

  135. 

  136. #define EGRESS_VLAN_ID   56
    137. 

  137. #define EGRESS_VLAN_NAME 58
    138. 

  138. 

  139. #define TUNNEL_TYPE        64
    140. 

  140. #define TUNNEL_MEDIUM      65
    141. 

  141. #define TUNNEL_CLIENT_END  66
    142. 

  142. #define TUNNEL_SERVER_END  67
    143. 

  143. #define TUNNEL_PASS        69
    144. 

  144. 

  145. #define ARAP_PASS          70
    146. 

  146. #define ARAP_FEATURES      71
    147. 

  147. 

  148. #define TUNNEL_PRIV_GROUP  81
    149. 

  149. #define TUNNEL_ASSIGN_ID   82
    150. 

  150. #define TUNNEL_PREFERENCE  83
    151. 

  151. 

  152. #define ARAP_CHALLENGE_RESP 84
    153. 

  153. #define ACCT_INT_INTERVAL   85
    154. 

  154. 

  155. #define TUNNEL_CLIENT_AUTH 90
    156. 

  156. #define TUNNEL_SERVER_AUTH 91
    157. 

  157. /********************************/
    158. 

  158. /* End Radius Attribute types */
    159. 

  159. /********************************/
    160. 

  160. 

  161. #define RFC4675_TAGGED   0x31
    162. 

  162. #define RFC4675_UNTAGGED 0x32
    163. 

  163. 

  164. static const struct tok rfc4675_tagged[] = {
    165. 

  165.     { RFC4675_TAGGED,   "Tagged" },
    166. 

  166.     { RFC4675_UNTAGGED, "Untagged" },
    167. 

  167.     { 0, NULL}
    168. 

  168. };
    169. 

  169. 

  170. 

  171. static void print_attr_string(netdissect_options *, register const u_char *, u_int, u_short );
    172. 

  172. static void print_attr_num(netdissect_options *, register const u_char *, u_int, u_short );
    173. 

  173. static void print_vendor_attr(netdissect_options *, register const u_char *, u_int, u_short );
    174. 

  174. static void print_attr_address(netdissect_options *, register const u_char *, u_int, u_short);
    175. 

  175. static void print_attr_time(netdissect_options *, register const u_char *, u_int, u_short);
    176. 

  176. static void print_attr_strange(netdissect_options *, register const u_char *, u_int, u_short);
    177. 

  177. 

  178. 

  179. struct radius_hdr { uint8_t  code; /* Radius packet code  */
    180. 

  180.                     uint8_t  id;   /* Radius packet id    */
    181. 

  181.                     uint16_t len;  /* Radius total length */
    182. 

  182.                     uint8_t  auth[16]; /* Authenticator   */
    183. 

  183.                   };
    184. 

  184. 

  185. #define MIN_RADIUS_LEN	20
    186. 

  186. 

  187. struct radius_attr { uint8_t type; /* Attribute type   */
    188. 

  188.                      uint8_t len;  /* Attribute length */
    189. 

  189.                    };
    190. 

  190. 

  191. 

  192. /* Service-Type Attribute standard values */
    193. 

  193. static const char *serv_type[]={ NULL,
    194. 

  194.                                 "Login",
    195. 

  195.                                 "Framed",
    196. 

  196.                                 "Callback Login",
    197. 

  197.                                 "Callback Framed",
    198. 

  198.                                 "Outbound",
    199. 

  199.                                 "Administrative",
    200. 

  200.                                 "NAS Prompt",
    201. 

  201.                                 "Authenticate Only",
    202. 

  202.                                 "Callback NAS Prompt",
    203. 

  203.                                 "Call Check",
    204. 

  204.                                 "Callback Administrative",
    205. 

  205.                                };
    206. 

  206. 

  207. /* Framed-Protocol Attribute standard values */
    208. 

  208. static const char *frm_proto[]={ NULL,
    209. 

  209.                                  "PPP",
    210. 

  210.                                  "SLIP",
    211. 

  211.                                  "ARAP",
    212. 

  212.                                  "Gandalf proprietary",
    213. 

  213.                                  "Xylogics IPX/SLIP",
    214. 

  214.                                  "X.75 Synchronous",
    215. 

  215.                                };
    216. 

  216. 

  217. /* Framed-Routing Attribute standard values */
    218. 

  218. static const char *frm_routing[]={ "None",
    219. 

  219.                                    "Send",
    220. 

  220.                                    "Listen",
    221. 

  221.                                    "Send&Listen",
    222. 

  222.                                  };
    223. 

  223. 

  224. /* Framed-Compression Attribute standard values */
    225. 

  225. static const char *frm_comp[]={ "None",
    226. 

  226.                                 "VJ TCP/IP",
    227. 

  227.                                 "IPX",
    228. 

  228.                                 "Stac-LZS",
    229. 

  229.                               };
    230. 

  230. 

  231. /* Login-Service Attribute standard values */
    232. 

  232. static const char *login_serv[]={ "Telnet",
    233. 

  233.                                   "Rlogin",
    234. 

  234.                                   "TCP Clear",
    235. 

  235.                                   "PortMaster(proprietary)",
    236. 

  236.                                   "LAT",
    237. 

  237.                                   "X.25-PAD",
    238. 

  238.                                   "X.25-T3POS",
    239. 

  239.                                   "Unassigned",
    240. 

  240.                                   "TCP Clear Quiet",
    241. 

  241.                                 };
    242. 

  242. 

  243. 

  244. /* Termination-Action Attribute standard values */
    245. 

  245. static const char *term_action[]={ "Default",
    246. 

  246.                                    "RADIUS-Request",
    247. 

  247.                                  };
    248. 

  248. 

  249. /* Ingress-Filters Attribute standard values */
    250. 

  250. static const char *ingress_filters[]={ NULL,
    251. 

  251.                                        "Enabled",
    252. 

  252.                                        "Disabled",
    253. 

  253.                                      };
    254. 

  254. 

  255. /* NAS-Port-Type Attribute standard values */
    256. 

  256. static const char *nas_port_type[]={ "Async",
    257. 

  257.                                      "Sync",
    258. 

  258.                                      "ISDN Sync",
    259. 

  259.                                      "ISDN Async V.120",
    260. 

  260.                                      "ISDN Async V.110",
    261. 

  261.                                      "Virtual",
    262. 

  262.                                      "PIAFS",
    263. 

  263.                                      "HDLC Clear Channel",
    264. 

  264.                                      "X.25",
    265. 

  265.                                      "X.75",
    266. 

  266.                                      "G.3 Fax",
    267. 

  267.                                      "SDSL",
    268. 

  268.                                      "ADSL-CAP",
    269. 

  269.                                      "ADSL-DMT",
    270. 

  270.                                      "ISDN-DSL",
    271. 

  271.                                      "Ethernet",
    272. 

  272.                                      "xDSL",
    273. 

  273.                                      "Cable",
    274. 

  274.                                      "Wireless - Other",
    275. 

  275.                                      "Wireless - IEEE 802.11",
    276. 

  276.                                    };
    277. 

  277. 

  278. /* Acct-Status-Type Accounting Attribute standard values */
    279. 

  279. static const char *acct_status[]={ NULL,
    280. 

  280.                                    "Start",
    281. 

  281.                                    "Stop",
    282. 

  282.                                    "Interim-Update",
    283. 

  283.                                    "Unassigned",
    284. 

  284.                                    "Unassigned",
    285. 

  285.                                    "Unassigned",
    286. 

  286.                                    "Accounting-On",
    287. 

  287.                                    "Accounting-Off",
    288. 

  288.                                    "Tunnel-Start",
    289. 

  289.                                    "Tunnel-Stop",
    290. 

  290.                                    "Tunnel-Reject",
    291. 

  291.                                    "Tunnel-Link-Start",
    292. 

  292.                                    "Tunnel-Link-Stop",
    293. 

  293.                                    "Tunnel-Link-Reject",
    294. 

  294.                                    "Failed",
    295. 

  295.                                  };
    296. 

  296. 

  297. /* Acct-Authentic Accounting Attribute standard values */
    298. 

  298. static const char *acct_auth[]={ NULL,
    299. 

  299.                                  "RADIUS",
    300. 

  300.                                  "Local",
    301. 

  301.                                  "Remote",
    302. 

  302.                                };
    303. 

  303. 

  304. /* Acct-Terminate-Cause Accounting Attribute standard values */
    305. 

  305. static const char *acct_term[]={ NULL,
    306. 

  306.                                  "User Request",
    307. 

  307.                                  "Lost Carrier",
    308. 

  308.                                  "Lost Service",
    309. 

  309.                                  "Idle Timeout",
    310. 

  310.                                  "Session Timeout",
    311. 

  311.                                  "Admin Reset",
    312. 

  312.                                  "Admin Reboot",
    313. 

  313.                                  "Port Error",
    314. 

  314.                                  "NAS Error",
    315. 

  315.                                  "NAS Request",
    316. 

  316.                                  "NAS Reboot",
    317. 

  317.                                  "Port Unneeded",
    318. 

  318.                                  "Port Preempted",
    319. 

  319.                                  "Port Suspended",
    320. 

  320.                                  "Service Unavailable",
    321. 

  321.                                  "Callback",
    322. 

  322.                                  "User Error",
    323. 

  323.                                  "Host Request",
    324. 

  324.                                };
    325. 

  325. 

  326. /* Tunnel-Type Attribute standard values */
    327. 

  327. static const char *tunnel_type[]={ NULL,
    328. 

  328.                                    "PPTP",
    329. 

  329.                                    "L2F",
    330. 

  330.                                    "L2TP",
    331. 

  331.                                    "ATMP",
    332. 

  332.                                    "VTP",
    333. 

  333.                                    "AH",
    334. 

  334.                                    "IP-IP",
    335. 

  335.                                    "MIN-IP-IP",
    336. 

  336.                                    "ESP",
    337. 

  337.                                    "GRE",
    338. 

  338.                                    "DVS",
    339. 

  339.                                    "IP-in-IP Tunneling",
    340. 

  340.                                    "VLAN",
    341. 

  341.                                  };
    342. 

  342. 

  343. /* Tunnel-Medium-Type Attribute standard values */
    344. 

  344. static const char *tunnel_medium[]={ NULL,
    345. 

  345.                                      "IPv4",
    346. 

  346.                                      "IPv6",
    347. 

  347.                                      "NSAP",
    348. 

  348.                                      "HDLC",
    349. 

  349.                                      "BBN 1822",
    350. 

  350.                                      "802",
    351. 

  351.                                      "E.163",
    352. 

  352.                                      "E.164",
    353. 

  353.                                      "F.69",
    354. 

  354.                                      "X.121",
    355. 

  355.                                      "IPX",
    356. 

  356.                                      "Appletalk",
    357. 

  357.                                      "Decnet IV",
    358. 

  358.                                      "Banyan Vines",
    359. 

  359.                                      "E.164 with NSAP subaddress",
    360. 

  360.                                    };
    361. 

  361. 

  362. /* ARAP-Zone-Access Attribute standard values */
    363. 

  363. static const char *arap_zone[]={ NULL,
    364. 

  364.                                  "Only access to dfl zone",
    365. 

  365.                                  "Use zone filter inc.",
    366. 

  366.                                  "Not used",
    367. 

  367.                                  "Use zone filter exc.",
    368. 

  368.                                };
    369. 

  369. 

  370. static const char *prompt[]={ "No Echo",
    371. 

  371.                               "Echo",
    372. 

  372.                             };
    373. 

  373. 

  374. 

  375. static struct attrtype {
    376. 

  376.                   const char *name;      /* Attribute name                 */
    377. 

  377.                   const char **subtypes; /* Standard Values (if any)       */
    378. 

  378.                   u_char siz_subtypes;   /* Size of total standard values  */
    379. 

  379.                   u_char first_subtype;  /* First standard value is 0 or 1 */
    380. 

  380.                   void (*print_func)(netdissect_options *, register const u_char *, u_int, u_short);
    381. 

  381.                 } attr_type[]=
    382. 

  382.   {
    383. 

  383.      { NULL,                              NULL, 0, 0, NULL               },
    384. 

  384.      { "User-Name",                       NULL, 0, 0, print_attr_string  },
    385. 

  385.      { "User-Password",                   NULL, 0, 0, NULL               },
    386. 

  386.      { "CHAP-Password",                   NULL, 0, 0, NULL               },
    387. 

  387.      { "NAS-IP-Address",                  NULL, 0, 0, print_attr_address },
    388. 

  388.      { "NAS-Port",                        NULL, 0, 0, print_attr_num     },
    389. 

  389.      { "Service-Type",                    serv_type, TAM_SIZE(serv_type)-1, 1, print_attr_num },
    390. 

  390.      { "Framed-Protocol",                 frm_proto, TAM_SIZE(frm_proto)-1, 1, print_attr_num },
    391. 

  391.      { "Framed-IP-Address",               NULL, 0, 0, print_attr_address },
    392. 

  392.      { "Framed-IP-Netmask",               NULL, 0, 0, print_attr_address },
    393. 

  393.      { "Framed-Routing",                  frm_routing, TAM_SIZE(frm_routing), 0, print_attr_num },
    394. 

  394.      { "Filter-Id",                       NULL, 0, 0, print_attr_string  },
    395. 

  395.      { "Framed-MTU",                      NULL, 0, 0, print_attr_num     },
    396. 

  396.      { "Framed-Compression",              frm_comp, TAM_SIZE(frm_comp),   0, print_attr_num },
    397. 

  397.      { "Login-IP-Host",                   NULL, 0, 0, print_attr_address },
    398. 

  398.      { "Login-Service",                   login_serv, TAM_SIZE(login_serv), 0, print_attr_num },
    399. 

  399.      { "Login-TCP-Port",                  NULL, 0, 0, print_attr_num     },
    400. 

  400.      { "Unassigned",                      NULL, 0, 0, NULL }, /*17*/
    401. 

  401.      { "Reply-Message",                   NULL, 0, 0, print_attr_string },
    402. 

  402.      { "Callback-Number",                 NULL, 0, 0, print_attr_string },
    403. 

  403.      { "Callback-Id",                     NULL, 0, 0, print_attr_string },
    404. 

  404.      { "Unassigned",                      NULL, 0, 0, NULL }, /*21*/
    405. 

  405.      { "Framed-Route",                    NULL, 0, 0, print_attr_string },
    406. 

  406.      { "Framed-IPX-Network",              NULL, 0, 0, print_attr_num    },
    407. 

  407.      { "State",                           NULL, 0, 0, print_attr_string },
    408. 

  408.      { "Class",                           NULL, 0, 0, print_attr_string },
    409. 

  409.      { "Vendor-Specific",                 NULL, 0, 0, print_vendor_attr },
    410. 

  410.      { "Session-Timeout",                 NULL, 0, 0, print_attr_num    },
    411. 

  411.      { "Idle-Timeout",                    NULL, 0, 0, print_attr_num    },
    412. 

  412.      { "Termination-Action",              term_action, TAM_SIZE(term_action), 0, print_attr_num },
    413. 

  413.      { "Called-Station-Id",               NULL, 0, 0, print_attr_string },
    414. 

  414.      { "Calling-Station-Id",              NULL, 0, 0, print_attr_string },
    415. 

  415.      { "NAS-Identifier",                  NULL, 0, 0, print_attr_string },
    416. 

  416.      { "Proxy-State",                     NULL, 0, 0, print_attr_string },
    417. 

  417.      { "Login-LAT-Service",               NULL, 0, 0, print_attr_string },
    418. 

  418.      { "Login-LAT-Node",                  NULL, 0, 0, print_attr_string },
    419. 

  419.      { "Login-LAT-Group",                 NULL, 0, 0, print_attr_string },
    420. 

  420.      { "Framed-AppleTalk-Link",           NULL, 0, 0, print_attr_num    },
    421. 

  421.      { "Framed-AppleTalk-Network",        NULL, 0, 0, print_attr_num    },
    422. 

  422.      { "Framed-AppleTalk-Zone",           NULL, 0, 0, print_attr_string },
    423. 

  423.      { "Acct-Status-Type",                acct_status, TAM_SIZE(acct_status)-1, 1, print_attr_num },
    424. 

  424.      { "Acct-Delay-Time",                 NULL, 0, 0, print_attr_num    },
    425. 

  425.      { "Acct-Input-Octets",               NULL, 0, 0, print_attr_num    },
    426. 

  426.      { "Acct-Output-Octets",              NULL, 0, 0, print_attr_num    },
    427. 

  427.      { "Acct-Session-Id",                 NULL, 0, 0, print_attr_string },
    428. 

  428.      { "Acct-Authentic",                  acct_auth, TAM_SIZE(acct_auth)-1, 1, print_attr_num },
    429. 

  429.      { "Acct-Session-Time",               NULL, 0, 0, print_attr_num },
    430. 

  430.      { "Acct-Input-Packets",              NULL, 0, 0, print_attr_num },
    431. 

  431.      { "Acct-Output-Packets",             NULL, 0, 0, print_attr_num },
    432. 

  432.      { "Acct-Terminate-Cause",            acct_term, TAM_SIZE(acct_term)-1, 1, print_attr_num },
    433. 

  433.      { "Acct-Multi-Session-Id",           NULL, 0, 0, print_attr_string },
    434. 

  434.      { "Acct-Link-Count",                 NULL, 0, 0, print_attr_num },
    435. 

  435.      { "Acct-Input-Gigawords",            NULL, 0, 0, print_attr_num },
    436. 

  436.      { "Acct-Output-Gigawords",           NULL, 0, 0, print_attr_num },
    437. 

  437.      { "Unassigned",                      NULL, 0, 0, NULL }, /*54*/
    438. 

  438.      { "Event-Timestamp",                 NULL, 0, 0, print_attr_time },
    439. 

  439.      { "Egress-VLANID",                   NULL, 0, 0, print_attr_num },
    440. 

  440.      { "Ingress-Filters",                 ingress_filters, TAM_SIZE(ingress_filters)-1, 1, print_attr_num },
    441. 

  441.      { "Egress-VLAN-Name",                NULL, 0, 0, print_attr_string },
    442. 

  442.      { "User-Priority-Table",             NULL, 0, 0, NULL },
    443. 

  443.      { "CHAP-Challenge",                  NULL, 0, 0, print_attr_string },
    444. 

  444.      { "NAS-Port-Type",                   nas_port_type, TAM_SIZE(nas_port_type), 0, print_attr_num },
    445. 

  445.      { "Port-Limit",                      NULL, 0, 0, print_attr_num },
    446. 

  446.      { "Login-LAT-Port",                  NULL, 0, 0, print_attr_string }, /*63*/
    447. 

  447.      { "Tunnel-Type",                     tunnel_type, TAM_SIZE(tunnel_type)-1, 1, print_attr_num },
    448. 

  448.      { "Tunnel-Medium-Type",              tunnel_medium, TAM_SIZE(tunnel_medium)-1, 1, print_attr_num },
    449. 

  449.      { "Tunnel-Client-Endpoint",          NULL, 0, 0, print_attr_string },
    450. 

  450.      { "Tunnel-Server-Endpoint",          NULL, 0, 0, print_attr_string },
    451. 

  451.      { "Acct-Tunnel-Connection",          NULL, 0, 0, print_attr_string },
    452. 

  452.      { "Tunnel-Password",                 NULL, 0, 0, print_attr_string  },
    453. 

  453.      { "ARAP-Password",                   NULL, 0, 0, print_attr_strange },
    454. 

  454.      { "ARAP-Features",                   NULL, 0, 0, print_attr_strange },
    455. 

  455.      { "ARAP-Zone-Access",                arap_zone, TAM_SIZE(arap_zone)-1, 1, print_attr_num }, /*72*/
    456. 

  456.      { "ARAP-Security",                   NULL, 0, 0, print_attr_string },
    457. 

  457.      { "ARAP-Security-Data",              NULL, 0, 0, print_attr_string },
    458. 

  458.      { "Password-Retry",                  NULL, 0, 0, print_attr_num    },
    459. 

  459.      { "Prompt",                          prompt, TAM_SIZE(prompt), 0, print_attr_num },
    460. 

  460.      { "Connect-Info",                    NULL, 0, 0, print_attr_string   },
    461. 

  461.      { "Configuration-Token",             NULL, 0, 0, print_attr_string   },
    462. 

  462.      { "EAP-Message",                     NULL, 0, 0, print_attr_string   },
    463. 

  463.      { "Message-Authenticator",           NULL, 0, 0, print_attr_string }, /*80*/
    464. 

  464.      { "Tunnel-Private-Group-ID",         NULL, 0, 0, print_attr_string },
    465. 

  465.      { "Tunnel-Assignment-ID",            NULL, 0, 0, print_attr_string },
    466. 

  466.      { "Tunnel-Preference",               NULL, 0, 0, print_attr_num    },
    467. 

  467.      { "ARAP-Challenge-Response",         NULL, 0, 0, print_attr_strange },
    468. 

  468.      { "Acct-Interim-Interval",           NULL, 0, 0, print_attr_num     },
    469. 

  469.      { "Acct-Tunnel-Packets-Lost",        NULL, 0, 0, print_attr_num }, /*86*/
    470. 

  470.      { "NAS-Port-Id",                     NULL, 0, 0, print_attr_string },
    471. 

  471.      { "Framed-Pool",                     NULL, 0, 0, print_attr_string },
    472. 

  472.      { "CUI",                             NULL, 0, 0, print_attr_string },
    473. 

  473.      { "Tunnel-Client-Auth-ID",           NULL, 0, 0, print_attr_string },
    474. 

  474.      { "Tunnel-Server-Auth-ID",           NULL, 0, 0, print_attr_string },
    475. 

  475.      { "Unassigned",                      NULL, 0, 0, NULL }, /*92*/
    476. 

  476.      { "Unassigned",                      NULL, 0, 0, NULL }  /*93*/
    477. 

  477.   };
    478. 

  478. 

  479. 

  480. /*****************************/
    481. 

  481. /* Print an attribute string */
    482. 

  482. /* value pointed by 'data'   */
    483. 

  483. /* and 'length' size.        */
    484. 

  484. /*****************************/
    485. 

  485. /* Returns nothing.          */
    486. 

  486. /*****************************/
    487. 

  487. static void
    488. 

  488. print_attr_string(netdissect_options *ndo,
    489. 

  489.                   register const u_char *data, u_int length, u_short attr_code)
    490. 

  490. {
    491. 

  491.    register u_int i;
    492. 

  492. 

  493.    ND_TCHECK2(data[0],length);
    494. 

  494. 

  495.    switch(attr_code)
    496. 

  496.    {
    497. 

  497.       case TUNNEL_PASS:
    498. 

  498.            if (length < 3)
    499. 

  499.               goto trunc;
    500. 

  500.            if (*data && (*data <=0x1F) )
    501. 

  501.               ND_PRINT((ndo, "Tag[%u] ", *data));
    502. 

  502.            else
    503. 

  503.               ND_PRINT((ndo, "Tag[Unused] "));
    504. 

  504.            data++;
    505. 

  505.            length--;
    506. 

  506.            ND_PRINT((ndo, "Salt %u ", EXTRACT_16BITS(data)));
    507. 

  507.            data+=2;
    508. 

  508.            length-=2;
    509. 

  509.         break;
    510. 

  510.       case TUNNEL_CLIENT_END:
    511. 

  511.       case TUNNEL_SERVER_END:
    512. 

  512.       case TUNNEL_PRIV_GROUP:
    513. 

  513.       case TUNNEL_ASSIGN_ID:
    514. 

  514.       case TUNNEL_CLIENT_AUTH:
    515. 

  515.       case TUNNEL_SERVER_AUTH:
    516. 

  516.            if (*data <= 0x1F)
    517. 

  517.            {
    518. 

  518.               if (length < 1)
    519. 

  519.                  goto trunc;
    520. 

  520.               if (*data)
    521. 

  521.                 ND_PRINT((ndo, "Tag[%u] ", *data));
    522. 

  522.               else
    523. 

  523.                 ND_PRINT((ndo, "Tag[Unused] "));
    524. 

  524.               data++;
    525. 

  525.               length--;
    526. 

  526.            }
    527. 

  527.         break;
    528. 

  528.       case EGRESS_VLAN_NAME:
    529. 

  529.            if (length < 1)
    530. 

  530.               goto trunc;
    531. 

  531.            ND_PRINT((ndo, "%s (0x%02x) ",
    532. 

  532.                   tok2str(rfc4675_tagged,"Unknown tag",*data),
    533. 

  533.                   *data));
    534. 

  534.            data++;
    535. 

  535.            length--;
    536. 

  536.         break;
    537. 

  537.    }
    538. 

  538. 

  539.    for (i=0; i < length && *data; i++, data++)
    540. 

  540.        ND_PRINT((ndo, "%c", (*data < 32 || *data > 126) ? '.' : *data));
    541. 

  541. 

  542.    return;
    543. 

  543. 

  544.    trunc:
    545. 

  545.       ND_PRINT((ndo, "%s", tstr));
    546. 

  546. }
    547. 

  547. 

  548. /*
    549. 

  549.  * print vendor specific attributes
    550. 

  550.  */
    551. 

  551. static void
    552. 

  552. print_vendor_attr(netdissect_options *ndo,
    553. 

  553.                   register const u_char *data, u_int length, u_short attr_code _U_)
    554. 

  554. {
    555. 

  555.     u_int idx;
    556. 

  556.     u_int vendor_id;
    557. 

  557.     u_int vendor_type;
    558. 

  558.     u_int vendor_length;
    559. 

  559. 

  560.     if (length < 4)
    561. 

  561.         goto trunc;
    562. 

  562.     ND_TCHECK2(*data, 4);
    563. 

  563.     vendor_id = EXTRACT_32BITS(data);
    564. 

  564.     data+=4;
    565. 

  565.     length-=4;
    566. 

  566. 

  567.     ND_PRINT((ndo, "Vendor: %s (%u)",
    568. 

  568.            tok2str(smi_values,"Unknown",vendor_id),
    569. 

  569.            vendor_id));
    570. 

  570. 

  571.     while (length >= 2) {
    572. 

  572. 	ND_TCHECK2(*data, 2);
    573. 

  573. 

  574.         vendor_type = *(data);
    575. 

  575.         vendor_length = *(data+1);
    576. 

  576. 

  577.         if (vendor_length < 2)
    578. 

  578.         {
    579. 

  579.             ND_PRINT((ndo, "\n\t    Vendor Attribute: %u, Length: %u (bogus, must be >= 2)",
    580. 

  580.                    vendor_type,
    581. 

  581.                    vendor_length));
    582. 

  582.             return;
    583. 

  583.         }
    584. 

  584.         if (vendor_length > length)
    585. 

  585.         {
    586. 

  586.             ND_PRINT((ndo, "\n\t    Vendor Attribute: %u, Length: %u (bogus, goes past end of vendor-specific attribute)",
    587. 

  587.                    vendor_type,
    588. 

  588.                    vendor_length));
    589. 

  589.             return;
    590. 

  590.         }
    591. 

  591.         data+=2;
    592. 

  592.         vendor_length-=2;
    593. 

  593.         length-=2;
    594. 

  594. 	ND_TCHECK2(*data, vendor_length);
    595. 

  595. 

  596.         ND_PRINT((ndo, "\n\t    Vendor Attribute: %u, Length: %u, Value: ",
    597. 

  597.                vendor_type,
    598. 

  598.                vendor_length));
    599. 

  599.         for (idx = 0; idx < vendor_length ; idx++, data++)
    600. 

  600.             ND_PRINT((ndo, "%c", (*data < 32 || *data > 126) ? '.' : *data));
    601. 

  601.         length-=vendor_length;
    602. 

  602.     }
    603. 

  603.     return;
    604. 

  604. 

  605.    trunc:
    606. 

  606.      ND_PRINT((ndo, "%s", tstr));
    607. 

  607. }
    608. 

  608. 

  609. /******************************/
    610. 

  610. /* Print an attribute numeric */
    611. 

  611. /* value pointed by 'data'    */
    612. 

  612. /* and 'length' size.         */
    613. 

  613. /******************************/
    614. 

  614. /* Returns nothing.           */
    615. 

  615. /******************************/
    616. 

  616. static void
    617. 

  617. print_attr_num(netdissect_options *ndo,
    618. 

  618.                register const u_char *data, u_int length, u_short attr_code)
    619. 

  619. {
    620. 

  620.    uint32_t timeout;
    621. 

  621. 

  622.    if (length != 4)
    623. 

  623.    {
    624. 

  624.        ND_PRINT((ndo, "ERROR: length %u != 4", length));
    625. 

  625.        return;
    626. 

  626.    }
    627. 

  627. 

  628.    ND_TCHECK2(data[0],4);
    629. 

  629.                           /* This attribute has standard values */
    630. 

  630.    if (attr_type[attr_code].siz_subtypes)
    631. 

  631.    {
    632. 

  632.       static const char **table;
    633. 

  633.       uint32_t data_value;
    634. 

  634.       table = attr_type[attr_code].subtypes;
    635. 

  635. 

  636.       if ( (attr_code == TUNNEL_TYPE) || (attr_code == TUNNEL_MEDIUM) )
    637. 

  637.       {
    638. 

  638.          if (!*data)
    639. 

  639.             ND_PRINT((ndo, "Tag[Unused] "));
    640. 

  640.          else
    641. 

  641.             ND_PRINT((ndo, "Tag[%d] ", *data));
    642. 

  642.          data++;
    643. 

  643.          data_value = EXTRACT_24BITS(data);
    644. 

  644.       }
    645. 

  645.       else
    646. 

  646.       {
    647. 

  647.          data_value = EXTRACT_32BITS(data);
    648. 

  648.       }
    649. 

  649.       if ( data_value <= (uint32_t)(attr_type[attr_code].siz_subtypes - 1 +
    650. 

  650.             attr_type[attr_code].first_subtype) &&
    651. 

  651. 	   data_value >= attr_type[attr_code].first_subtype )
    652. 

  652.          ND_PRINT((ndo, "%s", table[data_value]));
    653. 

  653.       else
    654. 

  654.          ND_PRINT((ndo, "#%u", data_value));
    655. 

  655.    }
    656. 

  656.    else
    657. 

  657.    {
    658. 

  658.       switch(attr_code) /* Be aware of special cases... */
    659. 

  659.       {
    660. 

  660.         case FRM_IPX:
    661. 

  661.              if (EXTRACT_32BITS( data) == 0xFFFFFFFE )
    662. 

  662.                 ND_PRINT((ndo, "NAS Select"));
    663. 

  663.              else
    664. 

  664.                 ND_PRINT((ndo, "%d", EXTRACT_32BITS(data)));
    665. 

  665.           break;
    666. 

  666. 

  667.         case SESSION_TIMEOUT:
    668. 

  668.         case IDLE_TIMEOUT:
    669. 

  669.         case ACCT_DELAY:
    670. 

  670.         case ACCT_SESSION_TIME:
    671. 

  671.         case ACCT_INT_INTERVAL:
    672. 

  672.              timeout = EXTRACT_32BITS( data);
    673. 

  673.              if ( timeout < 60 )
    674. 

  674.                 ND_PRINT((ndo,  "%02d secs", timeout));
    675. 

  675.              else
    676. 

  676.              {
    677. 

  677.                 if ( timeout < 3600 )
    678. 

  678.                    ND_PRINT((ndo,  "%02d:%02d min",
    679. 

  679.                           timeout / 60, timeout % 60));
    680. 

  680.                 else
    681. 

  681.                    ND_PRINT((ndo, "%02d:%02d:%02d hours",
    682. 

  682.                           timeout / 3600, (timeout % 3600) / 60,
    683. 

  683.                           timeout % 60));
    684. 

  684.              }
    685. 

  685.           break;
    686. 

  686. 

  687.         case FRM_ATALK_LINK:
    688. 

  688.              if (EXTRACT_32BITS(data) )
    689. 

  689.                 ND_PRINT((ndo, "%d", EXTRACT_32BITS(data)));
    690. 

  690.              else
    691. 

  691.                 ND_PRINT((ndo, "Unnumbered"));
    692. 

  692.           break;
    693. 

  693. 

  694.         case FRM_ATALK_NETWORK:
    695. 

  695.              if (EXTRACT_32BITS(data) )
    696. 

  696.                 ND_PRINT((ndo, "%d", EXTRACT_32BITS(data)));
    697. 

  697.              else
    698. 

  698.                 ND_PRINT((ndo, "NAS assigned"));
    699. 

  699.           break;
    700. 

  700. 

  701.         case TUNNEL_PREFERENCE:
    702. 

  702.             if (*data)
    703. 

  703.                ND_PRINT((ndo, "Tag[%d] ", *data));
    704. 

  704.             else
    705. 

  705.                ND_PRINT((ndo, "Tag[Unused] "));
    706. 

  706.             data++;
    707. 

  707.             ND_PRINT((ndo, "%d", EXTRACT_24BITS(data)));
    708. 

  708.           break;
    709. 

  709. 

  710.         case EGRESS_VLAN_ID:
    711. 

  711.             ND_PRINT((ndo, "%s (0x%02x) ",
    712. 

  712.                    tok2str(rfc4675_tagged,"Unknown tag",*data),
    713. 

  713.                    *data));
    714. 

  714.             data++;
    715. 

  715.             ND_PRINT((ndo, "%d", EXTRACT_24BITS(data)));
    716. 

  716.           break;
    717. 

  717. 

  718.         default:
    719. 

  719.              ND_PRINT((ndo, "%d", EXTRACT_32BITS(data)));
    720. 

  720.           break;
    721. 

  721. 

  722.       } /* switch */
    723. 

  723. 

  724.    } /* if-else */
    725. 

  725. 

  726.    return;
    727. 

  727. 

  728.    trunc:
    729. 

  729.      ND_PRINT((ndo, "%s", tstr));
    730. 

  730. }
    731. 

  731. 

  732. /*****************************/
    733. 

  733. /* Print an attribute IPv4   */
    734. 

  734. /* address value pointed by  */
    735. 

  735. /* 'data' and 'length' size. */
    736. 

  736. /*****************************/
    737. 

  737. /* Returns nothing.          */
    738. 

  738. /*****************************/
    739. 

  739. static void
    740. 

  740. print_attr_address(netdissect_options *ndo,
    741. 

  741.                    register const u_char *data, u_int length, u_short attr_code)
    742. 

  742. {
    743. 

  743.    if (length != 4)
    744. 

  744.    {
    745. 

  745.        ND_PRINT((ndo, "ERROR: length %u != 4", length));
    746. 

  746.        return;
    747. 

  747.    }
    748. 

  748. 

  749.    ND_TCHECK2(data[0],4);
    750. 

  750. 

  751.    switch(attr_code)
    752. 

  752.    {
    753. 

  753.       case FRM_IPADDR:
    754. 

  754.       case LOG_IPHOST:
    755. 

  755.            if (EXTRACT_32BITS(data) == 0xFFFFFFFF )
    756. 

  756.               ND_PRINT((ndo, "User Selected"));
    757. 

  757.            else
    758. 

  758.               if (EXTRACT_32BITS(data) == 0xFFFFFFFE )
    759. 

  759.                  ND_PRINT((ndo, "NAS Select"));
    760. 

  760.               else
    761. 

  761.                  ND_PRINT((ndo, "%s",ipaddr_string(ndo, data)));
    762. 

  762.       break;
    763. 

  763. 

  764.       default:
    765. 

  765.           ND_PRINT((ndo, "%s", ipaddr_string(ndo, data)));
    766. 

  766.       break;
    767. 

  767.    }
    768. 

  768. 

  769.    return;
    770. 

  770. 

  771.    trunc:
    772. 

  772.      ND_PRINT((ndo, "%s", tstr));
    773. 

  773. }
    774. 

  774. 

  775. /*************************************/
    776. 

  776. /* Print an attribute of 'secs since */
    777. 

  777. /* January 1, 1970 00:00 UTC' value  */
    778. 

  778. /* pointed by 'data' and 'length'    */
    779. 

  779. /* size.                             */
    780. 

  780. /*************************************/
    781. 

  781. /* Returns nothing.                  */
    782. 

  782. /*************************************/
    783. 

  783. static void
    784. 

  784. print_attr_time(netdissect_options *ndo,
    785. 

  785.                 register const u_char *data, u_int length, u_short attr_code _U_)
    786. 

  786. {
    787. 

  787.    time_t attr_time;
    788. 

  788.    char string[26];
    789. 

  789. 

  790.    if (length != 4)
    791. 

  791.    {
    792. 

  792.        ND_PRINT((ndo, "ERROR: length %u != 4", length));
    793. 

  793.        return;
    794. 

  794.    }
    795. 

  795. 

  796.    ND_TCHECK2(data[0],4);
    797. 

  797. 

  798.    attr_time = EXTRACT_32BITS(data);
    799. 

  799.    strlcpy(string, ctime(&attr_time), sizeof(string));
    800. 

  800.    /* Get rid of the newline */
    801. 

  801.    string[24] = '\0';
    802. 

  802.    ND_PRINT((ndo, "%.24s", string));
    803. 

  803.    return;
    804. 

  804. 

  805.    trunc:
    806. 

  806.      ND_PRINT((ndo, "%s", tstr));
    807. 

  807. }
    808. 

  808. 

  809. /***********************************/
    810. 

  810. /* Print an attribute of 'strange' */
    811. 

  811. /* data format pointed by 'data'   */
    812. 

  812. /* and 'length' size.              */
    813. 

  813. /***********************************/
    814. 

  814. /* Returns nothing.                */
    815. 

  815. /***********************************/
    816. 

  816. static void
    817. 

  817. print_attr_strange(netdissect_options *ndo,
    818. 

  818.                    register const u_char *data, u_int length, u_short attr_code)
    819. 

  819. {
    820. 

  820.    u_short len_data;
    821. 

  821. 

  822.    switch(attr_code)
    823. 

  823.    {
    824. 

  824.       case ARAP_PASS:
    825. 

  825.            if (length != 16)
    826. 

  826.            {
    827. 

  827.                ND_PRINT((ndo, "ERROR: length %u != 16", length));
    828. 

  828.                return;
    829. 

  829.            }
    830. 

  830.            ND_PRINT((ndo, "User_challenge ("));
    831. 

  831.            ND_TCHECK2(data[0],8);
    832. 

  832.            len_data = 8;
    833. 

  833.            PRINT_HEX(len_data, data);
    834. 

  834.            ND_PRINT((ndo, ") User_resp("));
    835. 

  835.            ND_TCHECK2(data[0],8);
    836. 

  836.            len_data = 8;
    837. 

  837.            PRINT_HEX(len_data, data);
    838. 

  838.            ND_PRINT((ndo, ")"));
    839. 

  839.         break;
    840. 

  840. 

  841.       case ARAP_FEATURES:
    842. 

  842.            if (length != 14)
    843. 

  843.            {
    844. 

  844.                ND_PRINT((ndo, "ERROR: length %u != 14", length));
    845. 

  845.                return;
    846. 

  846.            }
    847. 

  847.            ND_TCHECK2(data[0],1);
    848. 

  848.            if (*data)
    849. 

  849.               ND_PRINT((ndo, "User can change password"));
    850. 

  850.            else
    851. 

  851.               ND_PRINT((ndo, "User cannot change password"));
    852. 

  852.            data++;
    853. 

  853.            ND_TCHECK2(data[0],1);
    854. 

  854.            ND_PRINT((ndo, ", Min password length: %d", *data));
    855. 

  855.            data++;
    856. 

  856.            ND_PRINT((ndo, ", created at: "));
    857. 

  857.            ND_TCHECK2(data[0],4);
    858. 

  858.            len_data = 4;
    859. 

  859.            PRINT_HEX(len_data, data);
    860. 

  860.            ND_PRINT((ndo, ", expires in: "));
    861. 

  861.            ND_TCHECK2(data[0],4);
    862. 

  862.            len_data = 4;
    863. 

  863.            PRINT_HEX(len_data, data);
    864. 

  864.            ND_PRINT((ndo, ", Current Time: "));
    865. 

  865.            ND_TCHECK2(data[0],4);
    866. 

  866.            len_data = 4;
    867. 

  867.            PRINT_HEX(len_data, data);
    868. 

  868.         break;
    869. 

  869. 

  870.       case ARAP_CHALLENGE_RESP:
    871. 

  871.            if (length < 8)
    872. 

  872.            {
    873. 

  873.                ND_PRINT((ndo, "ERROR: length %u != 8", length));
    874. 

  874.                return;
    875. 

  875.            }
    876. 

  876.            ND_TCHECK2(data[0],8);
    877. 

  877.            len_data = 8;
    878. 

  878.            PRINT_HEX(len_data, data);
    879. 

  879.         break;
    880. 

  880.    }
    881. 

  881.    return;
    882. 

  882. 

  883.    trunc:
    884. 

  884.      ND_PRINT((ndo, "%s", tstr));
    885. 

  885. }
    886. 

  886. 

  887. static void
    888. 

  888. radius_attrs_print(netdissect_options *ndo,
    889. 

  889.                    register const u_char *attr, u_int length)
    890. 

  890. {
    891. 

  891.    register const struct radius_attr *rad_attr = (const struct radius_attr *)attr;
    892. 

  892.    const char *attr_string;
    893. 

  893. 

  894.    while (length > 0)
    895. 

  895.    {
    896. 

  896.      if (length < 2)
    897. 

  897.         goto trunc;
    898. 

  898.      ND_TCHECK(*rad_attr);
    899. 

  899. 

  900.      if (rad_attr->type > 0 && rad_attr->type < TAM_SIZE(attr_type))
    901. 

  901. 	attr_string = attr_type[rad_attr->type].name;
    902. 

  902.      else
    903. 

  903. 	attr_string = "Unknown";
    904. 

  904.      if (rad_attr->len < 2)
    905. 

  905.      {
    906. 

  906. 	ND_PRINT((ndo, "\n\t  %s Attribute (%u), length: %u (bogus, must be >= 2)",
    907. 

  907.                attr_string,
    908. 

  908.                rad_attr->type,
    909. 

  909.                rad_attr->len));
    910. 

  910. 	return;
    911. 

  911.      }
    912. 

  912.      if (rad_attr->len > length)
    913. 

  913.      {
    914. 

  914. 	ND_PRINT((ndo, "\n\t  %s Attribute (%u), length: %u (bogus, goes past end of packet)",
    915. 

  915.                attr_string,
    916. 

  916.                rad_attr->type,
    917. 

  917.                rad_attr->len));
    918. 

  918.         return;
    919. 

  919.      }
    920. 

  920.      ND_PRINT((ndo, "\n\t  %s Attribute (%u), length: %u, Value: ",
    921. 

  921.             attr_string,
    922. 

  922.             rad_attr->type,
    923. 

  923.             rad_attr->len));
    924. 

  924. 

  925.      if (rad_attr->type < TAM_SIZE(attr_type))
    926. 

  926.      {
    927. 

  927.          if (rad_attr->len > 2)
    928. 

  928.          {
    929. 

  929.              if ( attr_type[rad_attr->type].print_func )
    930. 

  930.                  (*attr_type[rad_attr->type].print_func)(
    931. 

  931.                      ndo, ((const u_char *)(rad_attr+1)),
    932. 

  932.                      rad_attr->len - 2, rad_attr->type);
    933. 

  933.          }
    934. 

  934.      }
    935. 

  935.      /* do we also want to see a hex dump ? */
    936. 

  936.      if (ndo->ndo_vflag> 1)
    937. 

  937.          print_unknown_data(ndo, (const u_char *)rad_attr+2, "\n\t    ", (rad_attr->len)-2);
    938. 

  938. 

  939.      length-=(rad_attr->len);
    940. 

  940.      rad_attr = (const struct radius_attr *)( ((const char *)(rad_attr))+rad_attr->len);
    941. 

  941.    }
    942. 

  942.    return;
    943. 

  943. 

  944. trunc:
    945. 

  945.    ND_PRINT((ndo, "%s", tstr));
    946. 

  946. }
    947. 

  947. 

  948. void
    949. 

  949. radius_print(netdissect_options *ndo,
    950. 

  950.              const u_char *dat, u_int length)
    951. 

  951. {
    952. 

  952.    register const struct radius_hdr *rad;
    953. 

  953.    u_int len, auth_idx;
    954. 

  954. 

  955.    ND_TCHECK2(*dat, MIN_RADIUS_LEN);
    956. 

  956.    rad = (const struct radius_hdr *)dat;
    957. 

  957.    len = EXTRACT_16BITS(&rad->len);
    958. 

  958. 

  959.    if (len < MIN_RADIUS_LEN)
    960. 

  960.    {
    961. 

  961. 	  ND_PRINT((ndo, "%s", tstr));
    962. 

  962. 	  return;
    963. 

  963.    }
    964. 

  964. 

  965.    if (len > length)
    966. 

  966. 	  len = length;
    967. 

  967. 

  968.    if (ndo->ndo_vflag < 1) {
    969. 

  969.        ND_PRINT((ndo, "RADIUS, %s (%u), id: 0x%02x length: %u",
    970. 

  970.               tok2str(radius_command_values,"Unknown Command",rad->code),
    971. 

  971.               rad->code,
    972. 

  972.               rad->id,
    973. 

  973.               len));
    974. 

  974.        return;
    975. 

  975.    }
    976. 

  976.    else {
    977. 

  977.        ND_PRINT((ndo, "RADIUS, length: %u\n\t%s (%u), id: 0x%02x, Authenticator: ",
    978. 

  978.               len,
    979. 

  979.               tok2str(radius_command_values,"Unknown Command",rad->code),
    980. 

  980.               rad->code,
    981. 

  981.               rad->id));
    982. 

  982. 

  983.        for(auth_idx=0; auth_idx < 16; auth_idx++)
    984. 

  984.             ND_PRINT((ndo, "%02x", rad->auth[auth_idx]));
    985. 

  985.    }
    986. 

  986. 

  987.    if (len > MIN_RADIUS_LEN)
    988. 

  988.       radius_attrs_print(ndo, dat + MIN_RADIUS_LEN, len - MIN_RADIUS_LEN);
    989. 

  989.    return;
    990. 

  990. 

  991. trunc:
    992. 

  992.    ND_PRINT((ndo, "%s", tstr));
    993. 

  993. }
    994.