forked from osmocom/wireshark
Get rid of remaining Booleans-as-encoding-arguments in
proto_tree_add_item() calls. For RADIUS, this means that, for string attributes that are encrypted, we need separate fields for the encrypted and decrypted versions, the former of which is an FT_BYTES (as its value is *NOT* a text string!) and the latter of which is FT_STRING. While we're at it: make some routines static that don't need to be exported; "encrypt=" takes a value between 1 and 3 - get the value from the dictionary and store it, and only do User-Password-style decryption for encrypt=1 attributes; rename "hf64" to "hf_alt", as it's a general "alternate field", used for 64-bit values for integral attributess, IPv6 addresses for "combo IP" attributes, and encrypted values for string fields; give the URL for the FreeRADIUS dictionary file format man page. svn path=/trunk/; revision=42530
This commit is contained in:
Guy Harris
parent
dedd0eadd0
commit
47cd41dbda
|
|
@ -39,6 +39,12 @@
|
|||
* See also
|
||||
*
|
||||
* http://www.iana.org/assignments/radius-types
|
||||
*
|
||||
* and see
|
||||
*
|
||||
* http://freeradius.org/radiusd/man/dictionary.html
|
||||
*
|
||||
* for the dictionary file syntax.
|
||||
*/
|
||||
|
||||
|
||||
|
|
@ -563,7 +569,7 @@ void radius_integer(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo
|
|||
break;
|
||||
case 8: {
|
||||
guint64 uint64 = tvb_get_ntoh64(tvb,offset);
|
||||
proto_tree_add_uint64(tree,a->hf64,tvb,offset,len,uint64);
|
||||
proto_tree_add_uint64(tree,a->hf_alt,tvb,offset,len,uint64);
|
||||
proto_item_append_text(avp_item, "%" G_GINT64_MODIFIER "u", uint64);
|
||||
return;
|
||||
}
|
||||
|
|
@ -571,7 +577,7 @@ void radius_integer(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo
|
|||
proto_item_append_text(avp_item, "[unhandled integer length(%u)]", len);
|
||||
return;
|
||||
}
|
||||
proto_tree_add_item(tree,a->hf,tvb, offset, len, FALSE);
|
||||
proto_tree_add_item(tree,a->hf,tvb, offset, len, ENC_BIG_ENDIAN);
|
||||
|
||||
if (a->vs) {
|
||||
proto_item_append_text(avp_item, "%s(%u)", val_to_str(uint, a->vs, "Unknown"),uint);
|
||||
|
|
@ -598,7 +604,7 @@ void radius_signed(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _
|
|||
break;
|
||||
case 8: {
|
||||
guint64 uint64 = tvb_get_ntoh64(tvb,offset);
|
||||
proto_tree_add_int64(tree,a->hf64,tvb,offset,len,uint64);
|
||||
proto_tree_add_int64(tree,a->hf_alt,tvb,offset,len,uint64);
|
||||
proto_item_append_text(avp_item, "%" G_GINT64_MODIFIER "u", uint64);
|
||||
return;
|
||||
}
|
||||
|
|
@ -617,10 +623,17 @@ void radius_signed(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _
|
|||
}
|
||||
|
||||
void radius_string(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
|
||||
if (a->encrypt) {
|
||||
switch (a->encrypt) {
|
||||
|
||||
case 0: /* not encrypted */
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, ENC_UTF_8|ENC_NA);
|
||||
proto_item_append_text(avp_item, "%s", tvb_format_text(tvb, offset, len));
|
||||
break;
|
||||
|
||||
case 1: /* encrypted like User-Password as defined in RFC 2865 */
|
||||
if (*shared_secret == '\0') {
|
||||
proto_item_append_text(avp_item, "Encrypted");
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
|
||||
proto_tree_add_item(tree, a->hf_alt, tvb, offset, len, ENC_NA);
|
||||
} else {
|
||||
gchar *buffer;
|
||||
buffer=ep_alloc(1024); /* an AVP value can be at most 253 bytes */
|
||||
|
|
@ -628,14 +641,22 @@ void radius_string(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _
|
|||
proto_item_append_text(avp_item, "Decrypted: %s", buffer);
|
||||
proto_tree_add_string(tree, a->hf, tvb, offset, len, buffer);
|
||||
}
|
||||
} else {
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
|
||||
proto_item_append_text(avp_item, "%s", tvb_format_text(tvb, offset, len));
|
||||
break;
|
||||
|
||||
case 2: /* encrypted like Tunnel-Password as defined in RFC 2868 */
|
||||
proto_item_append_text(avp_item, "Encrypted");
|
||||
proto_tree_add_item(tree, a->hf_alt, tvb, offset, len, ENC_NA);
|
||||
break;
|
||||
|
||||
case 3: /* encrypted like Ascend-Send-Secret as defined by Ascend^WLucent^WAlcatel-Lucent */
|
||||
proto_item_append_text(avp_item, "Encrypted");
|
||||
proto_tree_add_item(tree, a->hf_alt, tvb, offset, len, ENC_NA);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
void radius_octets(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, ENC_NA);
|
||||
proto_item_append_text(avp_item, "%s", tvb_bytes_to_str(tvb, offset, len));
|
||||
}
|
||||
|
||||
|
|
@ -650,7 +671,7 @@ void radius_ipaddr(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _
|
|||
|
||||
ip=tvb_get_ipv4(tvb,offset);
|
||||
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, ENC_BIG_ENDIAN);
|
||||
|
||||
ip_to_str_buf((guint8 *)&ip, buf, MAX_IP_STR_LEN);
|
||||
proto_item_append_text(avp_item, "%s", buf);
|
||||
|
|
@ -665,7 +686,7 @@ void radius_ipv6addr(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo
|
|||
return;
|
||||
}
|
||||
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, ENC_NA);
|
||||
|
||||
tvb_get_ipv6(tvb, offset, &ipv6_buff);
|
||||
ip6_to_str_buf(&ipv6_buff, txtbuf);
|
||||
|
|
@ -695,7 +716,7 @@ void radius_ipv6prefix(radius_attr_info_t* a, proto_tree* tree, packet_info *pin
|
|||
return;
|
||||
}
|
||||
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, ENC_NA);
|
||||
|
||||
/* cannot use tvb_get_ipv6() here, since the prefix most likely is truncated */
|
||||
memset(&ipv6_buff, 0, sizeof ipv6_buff);
|
||||
|
|
@ -713,12 +734,12 @@ void radius_combo_ip(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo
|
|||
if (len == 4){
|
||||
ip=tvb_get_ipv4(tvb,offset);
|
||||
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, ENC_BIG_ENDIAN);
|
||||
|
||||
ip_to_str_buf((guint8 *)&ip, buf, MAX_IP_STR_LEN);
|
||||
proto_item_append_text(avp_item, "%s", buf);
|
||||
} else if (len == 16) {
|
||||
proto_tree_add_item(tree, a->hf64, tvb, offset, len, FALSE);
|
||||
proto_tree_add_item(tree, a->hf_alt, tvb, offset, len, ENC_NA);
|
||||
|
||||
tvb_get_ipv6(tvb, offset, &ipv6_buff);
|
||||
ip6_to_str_buf(&ipv6_buff, buf);
|
||||
|
|
@ -739,7 +760,7 @@ void radius_ipxnet(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _
|
|||
|
||||
net=tvb_get_ntohl(tvb,offset);
|
||||
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, ENC_NA);
|
||||
|
||||
proto_item_append_text(avp_item, "0x%08X", net);
|
||||
}
|
||||
|
|
@ -762,7 +783,7 @@ void radius_date(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_
|
|||
* "abinary" is Ascend's binary format for filters. See dissect_ascend_data_filter().
|
||||
*/
|
||||
void radius_abinary(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, ENC_NA);
|
||||
proto_item_append_text(avp_item, "%s", tvb_bytes_to_str(tvb, offset, len));
|
||||
}
|
||||
|
||||
|
|
@ -772,12 +793,12 @@ void radius_ether(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U
|
|||
return;
|
||||
}
|
||||
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, ENC_NA);
|
||||
proto_item_append_text(avp_item, "%s", tvb_ether_to_str(tvb, offset));
|
||||
}
|
||||
|
||||
void radius_ifid(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
|
||||
proto_tree_add_item(tree, a->hf, tvb, offset, len, ENC_NA);
|
||||
proto_item_append_text(avp_item, "%s", tvb_bytes_to_str(tvb, offset, len));
|
||||
}
|
||||
|
||||
|
|
@ -1693,7 +1714,7 @@ static void register_attrs(gpointer k _U_, gpointer v, gpointer p) {
|
|||
hfri[0].hfinfo.type = FT_UINT32;
|
||||
hfri[0].hfinfo.display = BASE_DEC;
|
||||
|
||||
hfri[2].p_id = &(a->hf64);
|
||||
hfri[2].p_id = &(a->hf_alt);
|
||||
hfri[2].hfinfo.name = g_strdup(a->name);
|
||||
hfri[2].hfinfo.abbrev = abbrev;
|
||||
hfri[2].hfinfo.type = FT_UINT64;
|
||||
|
|
@ -1708,7 +1729,7 @@ static void register_attrs(gpointer k _U_, gpointer v, gpointer p) {
|
|||
hfri[0].hfinfo.type = FT_INT32;
|
||||
hfri[0].hfinfo.display = BASE_DEC;
|
||||
|
||||
hfri[2].p_id = &(a->hf64);
|
||||
hfri[2].p_id = &(a->hf_alt);
|
||||
hfri[2].hfinfo.name = g_strdup(a->name);
|
||||
hfri[2].hfinfo.abbrev = abbrev;
|
||||
hfri[2].hfinfo.type = FT_INT64;
|
||||
|
|
@ -1722,6 +1743,14 @@ static void register_attrs(gpointer k _U_, gpointer v, gpointer p) {
|
|||
} else if (a->type == radius_string) {
|
||||
hfri[0].hfinfo.type = FT_STRING;
|
||||
hfri[0].hfinfo.display = BASE_NONE;
|
||||
|
||||
hfri[2].p_id = &(a->hf_alt);
|
||||
hfri[2].hfinfo.name = g_strdup_printf("%s (encrypted)", a->name);
|
||||
hfri[2].hfinfo.abbrev = g_strdup_printf("%s_encrypted", abbrev);
|
||||
hfri[2].hfinfo.type = FT_BYTES;
|
||||
hfri[2].hfinfo.display = BASE_NONE;
|
||||
|
||||
len_hf++;
|
||||
} else if (a->type == radius_octets) {
|
||||
hfri[0].hfinfo.type = FT_BYTES;
|
||||
hfri[0].hfinfo.display = BASE_NONE;
|
||||
|
|
@ -1750,7 +1779,7 @@ static void register_attrs(gpointer k _U_, gpointer v, gpointer p) {
|
|||
hfri[0].hfinfo.type = FT_IPv4;
|
||||
hfri[0].hfinfo.display = BASE_NONE;
|
||||
|
||||
hfri[2].p_id = &(a->hf64);
|
||||
hfri[2].p_id = &(a->hf_alt);
|
||||
hfri[2].hfinfo.name = g_strdup(a->name);
|
||||
hfri[2].hfinfo.abbrev = g_strdup(abbrev);
|
||||
hfri[2].hfinfo.type = FT_IPv6;
|
||||
|
|
@ -1840,7 +1869,7 @@ extern void radius_register_avp_dissector(guint32 vendor_id, guint32 attribute_i
|
|||
|
||||
dictionary_entry->name = g_strdup_printf("Unknown-Attribute-%u",attribute_id);
|
||||
dictionary_entry->code = attribute_id;
|
||||
dictionary_entry->encrypt = FALSE;
|
||||
dictionary_entry->encrypt = 0;
|
||||
dictionary_entry->type = NULL;
|
||||
dictionary_entry->vs = NULL;
|
||||
dictionary_entry->hf = no_dictionary_entry.hf;
|
||||
|
|
|
|||
|
|
@ -93,14 +93,14 @@ typedef const gchar* (radius_avp_dissector_t)(proto_tree*,tvbuff_t*, packet_info
|
|||
struct _radius_attr_info_t {
|
||||
const gchar *name;
|
||||
guint code;
|
||||
gboolean encrypt; /* True if attribute has "encrypt=1" option */
|
||||
guint encrypt; /* 0 or value for "encrypt=" option */
|
||||
gboolean tagged;
|
||||
radius_attr_dissector_t* type;
|
||||
radius_avp_dissector_t* dissector;
|
||||
const value_string *vs;
|
||||
gint ett;
|
||||
int hf;
|
||||
int hf64;
|
||||
int hf_alt; /* 64-bit version for integers, encrypted version for strings, IPv6 for radius_combo_ip */
|
||||
int hf_tag;
|
||||
int hf_len;
|
||||
GHashTable* tlvs_by_id;
|
||||
|
|
|
|||
|
|
@ -70,10 +70,10 @@
|
|||
#define ECHO
|
||||
#define MAX_INCLUDE_DEPTH 10
|
||||
|
||||
void add_vendor(const gchar* name, guint32 vendor_id, guint vendor_type_octets, guint vendor_length_octets, gboolean vendor_has_flags);
|
||||
void add_value(const gchar* attrib_name,const gchar* value_repr, long value);
|
||||
void add_tlv(const gchar* name, const gchar* code, radius_attr_dissector_t type, const gchar* current_attr);
|
||||
void add_attribute(const gchar*,const gchar*, radius_attr_dissector_t,const gchar*, gboolean, gboolean, const gchar*);
|
||||
static void add_vendor(const gchar* name, guint32 vendor_id, guint vendor_type_octets, guint vendor_length_octets, gboolean vendor_has_flags);
|
||||
static void add_value(const gchar* attrib_name,const gchar* value_repr, long value);
|
||||
static void add_tlv(const gchar* name, const gchar* code, radius_attr_dissector_t type, const gchar* current_attr);
|
||||
static void add_attribute(const gchar*,const gchar*, radius_attr_dissector_t,const gchar*, guint, gboolean, const gchar*);
|
||||
|
||||
static YY_BUFFER_STATE include_stack[10];
|
||||
static int include_stack_ptr = 0;
|
||||
|
|
@ -91,7 +91,7 @@
|
|||
static guint vendor_length_octets = 1;
|
||||
static gboolean vendor_has_flags = FALSE;
|
||||
static gchar* value_repr = NULL;
|
||||
static gboolean encrypted = FALSE;
|
||||
static guint encrypted = 0;
|
||||
static gboolean has_tag = FALSE;
|
||||
static gchar* current_vendor = NULL;
|
||||
static gchar* current_attr = NULL;
|
||||
|
|
@ -195,7 +195,7 @@
|
|||
BEGIN WS_OUT;
|
||||
}
|
||||
|
||||
<ATTR>[0-9a-z_/.-]+ { attr_name = g_strdup(yytext); encrypted = FALSE; has_tag = FALSE; BEGIN ATTR_W_NAME; }
|
||||
<ATTR>[0-9a-z_/.-]+ { attr_name = g_strdup(yytext); encrypted = 0; has_tag = FALSE; BEGIN ATTR_W_NAME; }
|
||||
<ATTR_W_NAME>[0-9]+ { attr_id = g_strdup(yytext); BEGIN ATTR_W_ID;}
|
||||
<ATTR_W_NAME>0x[0-9a-f]+ { attr_id = g_strdup_printf("%u",(int)strtoul(yytext,NULL,16)); BEGIN ATTR_W_ID;}
|
||||
<ATTR_W_ID>integer { attr_type = radius_integer; BEGIN ATTR_W_TYPE; }
|
||||
|
|
@ -216,7 +216,7 @@
|
|||
<ATTR_W_ID>tlv { attr_type = radius_tlv; BEGIN ATTR_W_TYPE; }
|
||||
<ATTR_W_ID>[0-9a-z_-]+ { attr_type = radius_octets; BEGIN ATTR_W_TYPE; }
|
||||
<ATTR_W_TYPE>has_tag[,]? { has_tag = TRUE; }
|
||||
<ATTR_W_TYPE>encrypt=1[,]? { encrypted=TRUE; }
|
||||
<ATTR_W_TYPE>encrypt=[123][,]? { encrypted = strtol(yytext+8,NULL,10); }
|
||||
<ATTR_W_TYPE>[0-9a-z_-]+=([^\n]*) ;
|
||||
<ATTR_W_TYPE>[0-9a-z_-]+ {
|
||||
attr_vendor = g_strdup(yytext);
|
||||
|
|
@ -302,7 +302,7 @@
|
|||
|
||||
%%
|
||||
|
||||
void add_vendor(const gchar* name, guint32 vendor_id, guint vendor_type_octets, guint vendor_length_octets, gboolean vendor_has_flags) {
|
||||
static void add_vendor(const gchar* name, guint32 vendor_id, guint vendor_type_octets, guint vendor_length_octets, gboolean vendor_has_flags) {
|
||||
radius_vendor_info_t* v;
|
||||
|
||||
v = g_hash_table_lookup(dict->vendors_by_id, GUINT_TO_POINTER(vendor_id));
|
||||
|
|
@ -330,7 +330,7 @@ void add_vendor(const gchar* name, guint32 vendor_id, guint vendor_type_octets,
|
|||
g_hash_table_insert(dict->vendors_by_name, (gpointer) v->name, v);
|
||||
}
|
||||
|
||||
void add_attribute(const gchar* name, const gchar* codestr, radius_attr_dissector_t type, const gchar* vendor_name, gboolean crypt, gboolean tagged, const gchar* current_attr) {
|
||||
static void add_attribute(const gchar* name, const gchar* codestr, radius_attr_dissector_t type, const gchar* vendor_name, guint crypt, gboolean tagged, const gchar* current_attr) {
|
||||
radius_attr_info_t* a;
|
||||
GHashTable* by_id;
|
||||
guint32 code;
|
||||
|
|
@ -373,7 +373,7 @@ void add_attribute(const gchar* name, const gchar* codestr, radius_attr_dissect
|
|||
a->type = type;
|
||||
a->vs = NULL;
|
||||
a->hf = -1;
|
||||
a->hf64 = -1;
|
||||
a->hf_alt = -1;
|
||||
a->hf_tag = -1;
|
||||
a->hf_len = -1;
|
||||
a->ett = -1;
|
||||
|
|
@ -387,7 +387,7 @@ void add_attribute(const gchar* name, const gchar* codestr, radius_attr_dissect
|
|||
g_hash_table_insert(dict->attrs_by_name,(gpointer) (a->name),a);
|
||||
}
|
||||
|
||||
void add_tlv(const gchar* name, const gchar* codestr, radius_attr_dissector_t type, const gchar* current_attr) {
|
||||
static void add_tlv(const gchar* name, const gchar* codestr, radius_attr_dissector_t type, const gchar* current_attr) {
|
||||
radius_attr_info_t* a;
|
||||
radius_attr_info_t* s;
|
||||
guint32 code;
|
||||
|
|
@ -428,7 +428,7 @@ void add_tlv(const gchar* name, const gchar* codestr, radius_attr_dissector_t t
|
|||
s->dissector = NULL;
|
||||
s->vs = NULL;
|
||||
s->hf = -1;
|
||||
s->hf64 = -1;
|
||||
s->hf_alt = -1;
|
||||
s->hf_tag = -1;
|
||||
s->hf_len = -1;
|
||||
s->ett = -1;
|
||||
|
|
|
|||
Loading…
Reference in New Issue