osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

From Naoyoshi Ueda: 

Radius dissector enhancement to support WiMAX vendor specific attributes.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3176

svn path=/trunk/; revision=27937
This commit is contained in:
Anders Broman 2009-04-02 19:05:52 +00:00
parent a92cd3fddd
commit 83d1303053
10 changed files with 2293 additions and 980 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
AUTHORS
View File

@ -1729,6 +1729,8 @@ Anders Broman <anders.broman [AT] ericsson.com> {
H264 dissection
AMR dissection
MP4V-ES dissection
NAS EPS dissection
GTPv2 dissection
}
Christian Falckenberg <christian.falckenberg [AT] nortelnetworks.com> {

2
Makefile.am
View File

@ -206,6 +206,7 @@ radius_DATA = \
radius/dictionary.shiva \
radius/dictionary.sonicwall \
radius/dictionary.springtide \
radius/dictionary.starent \
radius/dictionary.t_systems_nova \
radius/dictionary.telebit \
radius/dictionary.trapeze \
@ -215,6 +216,7 @@ radius_DATA = \
radius/dictionary.usr \
radius/dictionary.valemount \
radius/dictionary.versanet \
radius/dictionary.wimax \
radius/dictionary.wispr \
radius/dictionary.xedia

333
epan/dissectors/packet-radius.c
View File

@ -128,9 +128,9 @@ static gint ett_eap = -1;
*/
static int radius_tap = -1;
radius_vendor_info_t no_vendor = {"Unknown Vendor",0,NULL,-1};
radius_vendor_info_t no_vendor = {"Unknown Vendor",0,NULL,-1,1,1,FALSE};
radius_attr_info_t no_dictionary_entry = {"Unknown-Attribute",0,FALSE,FALSE,radius_octets, NULL, NULL, -1, -1, -1, -1, -1 };
radius_attr_info_t no_dictionary_entry = {"Unknown-Attribute",0,FALSE,FALSE,radius_octets, NULL, NULL, -1, -1, -1, -1, -1, NULL };
static dissector_handle_t eap_handle;
@ -210,6 +210,37 @@ static GMemChunk *radius_call_info_key_chunk;
static GMemChunk *radius_call_info_value_chunk;
static GHashTable *radius_calls;
typedef struct _radius_vsa_buffer_key
{
guint32 vendor_id;
guint32 vsa_type;
} radius_vsa_buffer_key;
typedef struct _radius_vsa_buffer
{
radius_vsa_buffer_key key;
guint8* data;
guint seg_num;
guint len;
} radius_vsa_buffer;
static gint radius_vsa_equal(gconstpointer k1, gconstpointer k2)
{
const radius_vsa_buffer_key* key1 = (const radius_vsa_buffer_key*) k1;
const radius_vsa_buffer_key* key2 = (const radius_vsa_buffer_key*) k2;
return (((key1->vendor_id == key2->vendor_id) &&
(key1->vsa_type == key2->vsa_type)
) ? TRUE : FALSE);
}
static guint radius_vsa_hash(gconstpointer k)
{
const radius_vsa_buffer_key* key = (const radius_vsa_buffer_key*) k;
return key->vendor_id + key->vsa_type;
}
/* Compare 2 keys */
static gint radius_call_equal(gconstpointer k1, gconstpointer k2)
{
@ -474,6 +505,9 @@ void radius_integer(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo
guint32 uint;
switch (len) {
case 1:
uint = tvb_get_guint8(tvb,offset);
break;
case 2:
uint = tvb_get_ntohs(tvb,offset);
break;
@ -502,6 +536,42 @@ void radius_integer(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo
}
}
void radius_signed(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
guint32 uint;
switch (len) {
case 1:
uint = tvb_get_guint8(tvb,offset);
break;
case 2:
uint = tvb_get_ntohs(tvb,offset);
break;
case 3:
uint = tvb_get_ntoh24(tvb,offset);
break;
case 4:
uint = tvb_get_ntohl(tvb,offset);
break;
case 8: {
guint64 uint64 = tvb_get_ntoh64(tvb,offset);
proto_tree_add_int64(tree,a->hf64,tvb,offset,len,uint64);
proto_item_append_text(avp_item, "%" G_GINT64_MODIFIER "u", uint64);
return;
}
default:
proto_item_append_text(avp_item, "[unhandled signed integer length(%u)]", len);
return;
}
proto_tree_add_int(tree,a->hf,tvb,offset,len,uint);
if (a->vs) {
proto_item_append_text(avp_item, "%s(%d)", val_to_str(uint, a->vs, "Unknown"),uint);
} else {
proto_item_append_text(avp_item, "%d", uint);
}
}
void radius_string(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
if (a->encrypt) {
if (*shared_secret == '\0') {
@ -591,6 +661,30 @@ void radius_ipv6prefix(radius_attr_info_t* a, proto_tree* tree, packet_info *pin
}
void radius_combo_ip(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
guint32 ip;
struct e_in6_addr ipv6_buff;
gchar buf[256];
if (len == 4){
ip=tvb_get_ipv4(tvb,offset);
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
ip_to_str_buf((guint8 *)&ip, buf, MAX_IP_STR_LEN);
proto_item_append_text(avp_item, "%s", buf);
} else if (len == 16) {
proto_tree_add_item(tree, a->hf64, tvb, offset, len, FALSE);
tvb_get_ipv6(tvb, offset, &ipv6_buff);
ip6_to_str_buf(&ipv6_buff, buf);
proto_item_append_text(avp_item, "%s", buf);
} else {
proto_item_append_text(avp_item, "[wrong length for both of IPv4 and IPv6 address]");
return;
}
}
void radius_ipxnet(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
guint32 net;
@ -630,6 +724,86 @@ void radius_ifid(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_
proto_item_append_text(avp_item, "%s", tvb_bytes_to_str(tvb, offset, len));
}
static void add_tlv_to_tree(proto_tree* tlv_tree, proto_item* tlv_item, packet_info* pinfo, tvbuff_t* tvb, radius_attr_info_t* dictionary_entry, guint32 tlv_length, guint32 offset) {
proto_item_append_text(tlv_item, ": ");
dictionary_entry->type(dictionary_entry,tlv_tree,pinfo,tvb,offset,tlv_length,tlv_item);
}
void radius_tlv(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
proto_item* item;
gint tlv_num = 0;
while (len > 0) {
radius_attr_info_t* dictionary_entry = NULL;
gint tvb_len;
guint32 tlv_type;
guint32 tlv_length;
proto_item* tlv_item;
proto_item* tlv_len_item;
proto_tree* tlv_tree;
if (len < 2) {
item = proto_tree_add_text(tree, tvb, offset, 0,
"Not enough room in packet for TLV header");
PROTO_ITEM_SET_GENERATED(item);
return;
}
tlv_type = tvb_get_guint8(tvb,offset);
tlv_length = tvb_get_guint8(tvb,offset+1);
if (tlv_length < 2) {
item = proto_tree_add_text(tree, tvb, offset, 0,
"TLV too short: length %u < 2", tlv_length);
PROTO_ITEM_SET_GENERATED(item);
return;
}
if (len < (gint)tlv_length) {
item = proto_tree_add_text(tree, tvb, offset, 0,
"Not enough room in packet for TLV");
PROTO_ITEM_SET_GENERATED(item);
return;
}
len -= tlv_length;
dictionary_entry = g_hash_table_lookup(a->tlvs_by_id,GUINT_TO_POINTER(tlv_type));
if (! dictionary_entry ) {
dictionary_entry = &no_dictionary_entry;
}
tlv_item = proto_tree_add_text(tree, tvb, offset, tlv_length,
"TLV: l=%u t=%s(%u)", tlv_length,
dictionary_entry->name, tlv_type);
tlv_length -= 2;
offset += 2;
tlv_tree = proto_item_add_subtree(tlv_item,dictionary_entry->ett);
if (show_length) {
tlv_len_item = proto_tree_add_uint(tlv_tree,
dictionary_entry->hf_len,
tvb,0,0,tlv_length);
PROTO_ITEM_SET_GENERATED(tlv_len_item);
}
tvb_len = tvb_length_remaining(tvb, offset);
if ((gint)tlv_length < tvb_len)
tvb_len = tlv_length;
add_tlv_to_tree(tlv_tree, tlv_item, pinfo, tvb, dictionary_entry,
tlv_length, offset);
offset += tlv_length;
tlv_num++;
}
proto_item_append_text(avp_item, "%d TLV(s) inside", tlv_num);
}
static void add_avp_to_tree(proto_tree* avp_tree, proto_item* avp_item, packet_info* pinfo, tvbuff_t* tvb, radius_attr_info_t* dictionary_entry, guint32 avp_length, guint32 offset) {
proto_item* pi;
@ -674,6 +848,20 @@ static void add_avp_to_tree(proto_tree* avp_tree, proto_item* avp_item, packet_i
}
}
static gboolean vsa_buffer_destroy(gpointer k _U_, gpointer v, gpointer p _U_) {
radius_vsa_buffer* vsa_buffer = (radius_vsa_buffer*)v;
g_free((gpointer)vsa_buffer->data);
g_free(v);
return TRUE;
}
static void vsa_buffer_table_destroy(GHashTable *table) {
if (table) {
g_hash_table_foreach_remove(table, vsa_buffer_destroy, NULL);
g_hash_table_destroy(table);
}
}
static void dissect_attribute_value_pairs(proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb, int offset, guint length) {
proto_item* item;
gboolean last_eap = FALSE;
@ -684,6 +872,8 @@ static void dissect_attribute_value_pairs(proto_tree *tree, packet_info *pinfo,
proto_tree* eap_tree = NULL;
tvbuff_t* eap_tvb = NULL;
GHashTable* vsa_buffer_table = NULL;
/*
* In case we throw an exception, clean up whatever stuff we've
* allocated (if any).
@ -770,17 +960,53 @@ static void dissect_attribute_value_pairs(proto_tree *tree, packet_info *pinfo,
vendor_tree = proto_item_add_subtree(avp_item,vendor->ett);
while (offset < max_offset) {
guint32 avp_vsa_type = tvb_get_guint8(tvb,offset++);
guint32 avp_vsa_len = tvb_get_guint8(tvb,offset++);
guint32 avp_vsa_type;
guint32 avp_vsa_len;
guint8 avp_vsa_flags = 0;
guint32 avp_vsa_header_len = vendor->type_octets + vendor->length_octets + (vendor->has_flags ? 1 : 0);
switch (vendor->type_octets) {
case 1:
avp_vsa_type = tvb_get_guint8(tvb,offset++);
break;
case 2:
avp_vsa_type = tvb_get_ntohs(tvb,offset);
offset += 2;
break;
case 4:
avp_vsa_type = tvb_get_ntohl(tvb,offset);
offset += 4;
break;
default:
avp_vsa_type = tvb_get_guint8(tvb,offset++);
}
if (avp_vsa_len < 2) {
switch (vendor->length_octets) {
case 1:
avp_vsa_len = tvb_get_guint8(tvb,offset++);
break;
case 0:
avp_vsa_len = avp_length;
break;
case 2:
avp_vsa_len = tvb_get_ntohs(tvb,offset);
offset += 2;
break;
default:
avp_vsa_len = tvb_get_guint8(tvb,offset++);
}
if (vendor->has_flags) {
avp_vsa_flags = tvb_get_guint8(tvb,offset++);
}
if (avp_vsa_len < avp_vsa_header_len) {
proto_tree_add_text(tree, tvb, offset+1, 1,
"[VSA too short]");
return;
}
avp_vsa_len -= 2;
avp_vsa_len -= avp_vsa_header_len;
dictionary_entry = g_hash_table_lookup(vendor->attrs_by_id,GUINT_TO_POINTER(avp_vsa_type));
@ -788,9 +1014,15 @@ static void dissect_attribute_value_pairs(proto_tree *tree, packet_info *pinfo,
dictionary_entry = &no_dictionary_entry;
}
avp_item = proto_tree_add_text(vendor_tree,tvb,offset-2,avp_vsa_len+2,
if (vendor->has_flags){
avp_item = proto_tree_add_text(vendor_tree,tvb,offset-avp_vsa_header_len,avp_vsa_len+avp_vsa_header_len,
"VSA: l=%u t=%s(%u) C=0x%02x",
avp_vsa_len+avp_vsa_header_len, dictionary_entry->name, avp_vsa_type, avp_vsa_flags);
} else {
avp_item = proto_tree_add_text(vendor_tree,tvb,offset-avp_vsa_header_len,avp_vsa_len+avp_vsa_header_len,
"VSA: l=%u t=%s(%u)",
avp_vsa_len+2, dictionary_entry->name, avp_vsa_type);
avp_vsa_len+avp_vsa_header_len, dictionary_entry->name, avp_vsa_type);
}
avp_tree = proto_item_add_subtree(avp_item,dictionary_entry->ett);
@ -801,7 +1033,57 @@ static void dissect_attribute_value_pairs(proto_tree *tree, packet_info *pinfo,
PROTO_ITEM_SET_GENERATED(avp_len_item);
}
add_avp_to_tree(avp_tree, avp_item, pinfo, tvb, dictionary_entry, avp_vsa_len, offset);
if (vendor->has_flags) {
radius_vsa_buffer_key key;
radius_vsa_buffer* vsa_buffer = NULL;
key.vendor_id = vendor_id;
key.vsa_type = avp_vsa_type;
if (!vsa_buffer_table) {
vsa_buffer_table = g_hash_table_new(radius_vsa_hash, radius_vsa_equal);
}
vsa_buffer = g_hash_table_lookup(vsa_buffer_table, &key);
if (vsa_buffer) {
vsa_buffer->data = g_realloc(vsa_buffer->data, vsa_buffer->len + avp_vsa_len);
tvb_memcpy(tvb, vsa_buffer->data + vsa_buffer->len, offset, avp_vsa_len);
vsa_buffer->len += avp_vsa_len;
vsa_buffer->seg_num++;
}
if (avp_vsa_flags & 0x80) {
if (!vsa_buffer) {
vsa_buffer = g_malloc(sizeof(radius_vsa_buffer));
vsa_buffer->key.vendor_id = vendor_id;
vsa_buffer->key.vsa_type = avp_vsa_type;
vsa_buffer->len = avp_vsa_len;
vsa_buffer->seg_num = 1;
vsa_buffer->data = g_malloc(avp_vsa_len);
tvb_memcpy(tvb, vsa_buffer->data, offset, avp_vsa_len);
g_hash_table_insert(vsa_buffer_table, &(vsa_buffer->key), vsa_buffer);
}
proto_tree_add_text(avp_tree, tvb, offset, avp_vsa_len, "VSA fragment");
proto_item_append_text(avp_item, ": VSA fragment[%u]", vsa_buffer->seg_num);
} else {
if (vsa_buffer) {
tvbuff_t* vsa_tvb = NULL;
proto_tree_add_text(avp_tree, tvb, offset, avp_vsa_len, "VSA fragment");
proto_item_append_text(avp_item, ": Last VSA fragment[%u]", vsa_buffer->seg_num);
vsa_tvb = tvb_new_real_data(vsa_buffer->data, vsa_buffer->len, vsa_buffer->len);
tvb_set_free_cb(vsa_tvb, g_free);
tvb_set_child_real_data_tvbuff(tvb, vsa_tvb);
add_new_data_source(pinfo, vsa_tvb, "Reassembled VSA");
add_avp_to_tree(avp_tree, avp_item, pinfo, vsa_tvb, dictionary_entry, vsa_buffer->len, 0);
g_hash_table_remove(vsa_buffer_table, &(vsa_buffer->key));
g_free(vsa_buffer);
} else {
add_avp_to_tree(avp_tree, avp_item, pinfo, tvb, dictionary_entry, avp_vsa_len, offset);
}
}
} else {
add_avp_to_tree(avp_tree, avp_item, pinfo, tvb, dictionary_entry, avp_vsa_len, offset);
}
offset += avp_vsa_len;
};
@ -945,6 +1227,7 @@ static void dissect_attribute_value_pairs(proto_tree *tree, packet_info *pinfo,
}
vsa_buffer_table_destroy(vsa_buffer_table);
/*
* Call the cleanup handler to free any reassembled data we haven't
* attached to a tvbuff, and pop the handler.
@ -1383,7 +1666,21 @@ static void register_attrs(gpointer k _U_, gpointer v, gpointer p) {
}
len_hf++;
}else if (a->type == radius_signed) {
hfri[0].hfinfo.type = FT_INT32;
hfri[0].hfinfo.display = BASE_DEC;
hfri[2].p_id = &(a->hf64);
hfri[2].hfinfo.name = g_strdup(a->name);
hfri[2].hfinfo.abbrev = abbrev;
hfri[2].hfinfo.type = FT_INT64;
hfri[2].hfinfo.display = BASE_DEC;
if (a->vs) {
hfri[0].hfinfo.strings = VALS(a->vs);
}
len_hf++;
} else if (a->type == radius_string) {
hfri[0].hfinfo.type = FT_STRING;
hfri[0].hfinfo.display = BASE_NONE;
@ -1411,6 +1708,20 @@ static void register_attrs(gpointer k _U_, gpointer v, gpointer p) {
} else if (a->type == radius_ifid) {
hfri[0].hfinfo.type = FT_BYTES;
hfri[0].hfinfo.display = BASE_NONE;
} else if (a->type == radius_combo_ip) {
hfri[0].hfinfo.type = FT_IPv4;
hfri[0].hfinfo.display = BASE_NONE;
hfri[2].p_id = &(a->hf64);
hfri[2].hfinfo.name = g_strdup(a->name);
hfri[2].hfinfo.abbrev = g_strdup(abbrev);
hfri[2].hfinfo.type = FT_IPv6;
hfri[2].hfinfo.display = BASE_NONE;
len_hf++;
} else if (a->type == radius_tlv) {
hfri[0].hfinfo.type = FT_BYTES;
hfri[0].hfinfo.display = BASE_NONE;
} else {
hfri[0].hfinfo.type = FT_BYTES;
hfri[0].hfinfo.display = BASE_NONE;
@ -1429,6 +1740,9 @@ static void register_attrs(gpointer k _U_, gpointer v, gpointer p) {
g_array_append_vals(ri->hf,hfri,len_hf);
g_array_append_val(ri->ett,ett);
if (a->tlvs_by_id) {
g_hash_table_foreach(a->tlvs_by_id,register_attrs,ri);
}
}
static void register_vendors(gpointer k _U_, gpointer v, gpointer p) {
@ -1683,6 +1997,7 @@ proto_register_radius(void)
dict->attrs_by_name = g_hash_table_new(g_str_hash,g_str_equal);
dict->vendors_by_id = g_hash_table_new(g_direct_hash,g_direct_equal);
dict->vendors_by_name = g_hash_table_new(g_str_hash,g_str_equal);
dict->tlvs_by_name = g_hash_table_new(g_str_hash,g_str_equal);
}
void

10
epan/dissectors/packet-radius.h
View File

@ -58,6 +58,9 @@ typedef struct _radius_vendor_info_t {
guint code;
GHashTable* attrs_by_id;
gint ett;
guint type_octets;
guint length_octets;
gboolean has_flags;
} radius_vendor_info_t;
typedef struct _radius_attr_info_t radius_attr_info_t;
@ -78,6 +81,7 @@ struct _radius_attr_info_t {
int hf64;
int hf_tag;
int hf_len;
GHashTable* tlvs_by_id;
};
typedef struct _radius_dictionary_t {
@ -85,6 +89,7 @@ typedef struct _radius_dictionary_t {
GHashTable* attrs_by_name;
GHashTable* vendors_by_id;
GHashTable* vendors_by_name;
GHashTable* tlvs_by_name;
} radius_dictionary_t;
radius_attr_dissector_t radius_integer;
@ -97,6 +102,11 @@ radius_attr_dissector_t radius_ipxnet;
radius_attr_dissector_t radius_date;
radius_attr_dissector_t radius_abinary;
radius_attr_dissector_t radius_ifid;
radius_attr_dissector_t radius_byte;
radius_attr_dissector_t radius_short;
radius_attr_dissector_t radius_signed;
radius_attr_dissector_t radius_combo_ip;
radius_attr_dissector_t radius_tlv;
extern void radius_register_avp_dissector(guint32 vendor_id, guint32 attribute_id, radius_avp_dissector_t dissector);

191
epan/radius_dict.l
View File

@ -70,9 +70,10 @@
#define ECHO
#define MAX_INCLUDE_DEPTH 10
void add_vendor(const gchar* name, guint32 vendor_id);
void add_vendor(const gchar* name, guint32 vendor_id, guint vendor_type_octets, guint vendor_length_octets, gboolean vendor_has_flags);
void add_value(const gchar* attrib_name,const gchar* value_repr, long value);
void add_attribute(const gchar*,const gchar*, radius_attr_dissector_t,const gchar*, gboolean, gboolean);
void add_tlv(const gchar* name, const gchar* code, radius_attr_dissector_t type, const gchar* current_attr);
void add_attribute(const gchar*,const gchar*, radius_attr_dissector_t,const gchar*, gboolean, gboolean, const gchar*);
static YY_BUFFER_STATE include_stack[10];
static int include_stack_ptr = 0;
@ -85,10 +86,15 @@
static radius_attr_dissector_t* attr_type = NULL;
static gchar* attr_vendor = NULL;
static gchar* vendor_name = NULL;
static guint32 vendor_id = 0;
static guint vendor_type_octets = 1;
static guint vendor_length_octets = 1;
static gboolean vendor_has_flags = FALSE;
static gchar* value_repr = NULL;
static gboolean encrypted = FALSE;
static gboolean has_tag = FALSE;
static gchar* current_vendor = NULL;
static gchar* current_attr = NULL;
static GString* error = NULL;
static gchar* directory = NULL;
@ -97,7 +103,7 @@
%}
%START WS_OUT VENDOR VENDOR_W_NAME ATTR ATTR_W_NAME ATTR_W_ID ATTR_W_TYPE ATTR_W_VENDOR VALUE VALUE_W_ATTR VALUE_W_NAME INCLUDE JUNK BEGIN_VENDOR END_VENDOR
%START WS_OUT VENDOR VENDOR_W_NAME ATTR ATTR_W_NAME ATTR_W_ID ATTR_W_TYPE ATTR_W_VENDOR VALUE VALUE_W_ATTR VALUE_W_NAME INCLUDE JUNK BEGIN_VENDOR END_VENDOR VENDOR_W_ID VENDOR_W_FORMAT VENDOR_W_TYPE_OCTETS VENDOR_W_LENGTH_OCTETS VENDOR_W_CONTINUATION BEGIN_TLV END_TLV
%%
[:blank:] ;
#[^\n]* ;
@ -110,6 +116,8 @@
<WS_OUT>\$INCLUDE { BEGIN INCLUDE; }
<WS_OUT>BEGIN-VENDOR { BEGIN BEGIN_VENDOR; }
<WS_OUT>END-VENDOR { BEGIN END_VENDOR; }
<WS_OUT>BEGIN-TLV { BEGIN BEGIN_TLV; }
<WS_OUT>END-TLV { BEGIN END_TLV; }
<BEGIN_VENDOR>[0-9a-z_-]+ {
if (current_vendor) {
@ -126,14 +134,57 @@
BEGIN WS_OUT;
}
<VENDOR>[0-9a-z_-]+ { vendor_name = g_strdup(yytext); BEGIN VENDOR_W_NAME; }
<VENDOR_W_NAME>[0-9]+ {
add_vendor(vendor_name,strtol(yytext,NULL,10));
g_free(vendor_name);
<BEGIN_TLV>[0-9a-z_-]+ {
if (current_attr) {
g_free(current_attr);
}
current_attr = g_strdup(yytext);
BEGIN WS_OUT;
}
<END_TLV>[^\n]* {
if (current_attr) {
g_free(current_attr);
current_attr = NULL;
}
BEGIN WS_OUT;
}
<VENDOR>[0-9a-z_-]+ {
vendor_name = g_strdup(yytext);
vendor_type_octets = 1;
vendor_length_octets = 1;
vendor_has_flags = FALSE;
BEGIN VENDOR_W_NAME;
}
<VENDOR_W_NAME>[0-9]+ {
vendor_id = strtol(yytext,NULL,10);
BEGIN VENDOR_W_ID;
}
<VENDOR_W_NAME>0x[0-9a-f]+ {
add_vendor(vendor_name,strtol(yytext,NULL,16));
vendor_id = strtol(yytext,NULL,16);
BEGIN VENDOR_W_ID;
}
<VENDOR_W_ID>format= {
BEGIN VENDOR_W_FORMAT;
}
<VENDOR_W_FORMAT>[124] {
vendor_type_octets = strtol(yytext,NULL,10);
BEGIN VENDOR_W_TYPE_OCTETS;
}
<VENDOR_W_TYPE_OCTETS>,[012] {
vendor_length_octets = strtol(yytext+1,NULL,10);
BEGIN VENDOR_W_LENGTH_OCTETS;
}
<VENDOR_W_LENGTH_OCTETS>,c {
vendor_has_flags = TRUE;
BEGIN VENDOR_W_CONTINUATION;
}
<VENDOR_W_FORMAT>\n |
<VENDOR_W_TYPE_OCTETS>\n |
<VENDOR_W_LENGTH_OCTETS>\n |
<VENDOR_W_CONTINUATION>\n |
<VENDOR_W_ID>\n {
add_vendor(vendor_name, vendor_id, vendor_type_octets, vendor_length_octets, vendor_has_flags);
g_free(vendor_name);
BEGIN WS_OUT;
}
@ -150,13 +201,18 @@
<ATTR_W_ID>ipxnet { attr_type = radius_ipxnet; BEGIN ATTR_W_TYPE; }
<ATTR_W_ID>date { attr_type = radius_date; BEGIN ATTR_W_TYPE; }
<ATTR_W_ID>ifid { attr_type = radius_ifid; BEGIN ATTR_W_TYPE; }
<ATTR_W_ID>byte { attr_type = radius_integer; BEGIN ATTR_W_TYPE; }
<ATTR_W_ID>short { attr_type = radius_integer; BEGIN ATTR_W_TYPE; }
<ATTR_W_ID>signed { attr_type = radius_signed; BEGIN ATTR_W_TYPE; }
<ATTR_W_ID>combo-ip { attr_type = radius_combo_ip; BEGIN ATTR_W_TYPE; }
<ATTR_W_ID>tlv { attr_type = radius_tlv; BEGIN ATTR_W_TYPE; }
<ATTR_W_ID>[0-9a-z_-]+ { attr_type = radius_octets; BEGIN ATTR_W_TYPE; }
<ATTR_W_TYPE>has_tag[,]? { has_tag = TRUE; }
<ATTR_W_TYPE>encrypt=1[,]? { encrypted=TRUE; }
<ATTR_W_TYPE>[0-9a-z_-]+=([^\n]*) ;
<ATTR_W_TYPE>[0-9a-z_-]+ {
attr_vendor = g_strdup(yytext);
add_attribute(attr_name,attr_id,attr_type,attr_vendor,encrypted,has_tag);
add_attribute(attr_name,attr_id,attr_type,attr_vendor,encrypted,has_tag,current_attr);
g_free(attr_id);
g_free(attr_vendor);
g_free(attr_name);
@ -166,7 +222,7 @@
BEGIN WS_OUT;
}
<ATTR_W_TYPE>\n {
add_attribute(attr_name,attr_id,attr_type,current_vendor,encrypted,has_tag);
add_attribute(attr_name,attr_id,attr_type,current_vendor,encrypted,has_tag,current_attr);
g_free(attr_id);
g_free(attr_name);
linenums[include_stack_ptr]++;
@ -175,7 +231,7 @@
BEGIN WS_OUT;
}
<ATTR_W_VENDOR>\n {
add_attribute(attr_name,attr_id,attr_type,attr_vendor,encrypted,has_tag);
add_attribute(attr_name,attr_id,attr_type,attr_vendor,encrypted,has_tag,current_attr);
g_free(attr_id);
g_free(attr_vendor);
g_free(attr_name);
@ -238,10 +294,10 @@
%%
void add_vendor(const gchar* name, guint32 vendor_id) {
void add_vendor(const gchar* name, guint32 vendor_id, guint vendor_type_octets, guint vendor_length_octets, gboolean vendor_has_flags) {
radius_vendor_info_t* v;
v=g_hash_table_lookup(dict->vendors_by_id, GUINT_TO_POINTER(vendor_id));
v = g_hash_table_lookup(dict->vendors_by_id, GUINT_TO_POINTER(vendor_id));
if (!v) {
v = g_malloc(sizeof(radius_vendor_info_t));
@ -249,6 +305,9 @@ void add_vendor(const gchar* name, guint32 vendor_id) {
v->code = vendor_id;
v->ett = -1;
v->name = NULL;
v->type_octets = vendor_type_octets;
v->length_octets = vendor_length_octets;
v->has_flags = vendor_has_flags;
}
if (v->name)
@ -259,11 +318,18 @@ void add_vendor(const gchar* name, guint32 vendor_id) {
g_hash_table_insert(dict->vendors_by_name, (gpointer) v->name, v);
}
void add_attribute(const gchar* name, const gchar* codestr, radius_attr_dissector_t type, const gchar* vendor_name, gboolean crypt, gboolean tagged) {
void add_attribute(const gchar* name, const gchar* codestr, radius_attr_dissector_t type, const gchar* vendor_name, gboolean crypt, gboolean tagged, const gchar* current_attr) {
radius_attr_info_t* a;
GHashTable* by_id;
guint32 code;
if (current_attr){
add_tlv(name, codestr, type, current_attr);
return;
}
if (vendor_name) {
radius_vendor_info_t* v;
v = g_hash_table_lookup(dict->vendors_by_name,vendor_name);
@ -299,6 +365,7 @@ void add_attribute(const gchar* name, const gchar* codestr, radius_attr_dissect
a->hf_tag = -1;
a->hf_len = -1;
a->ett = -1;
a->tlvs_by_id = NULL;
if (a->name)
g_free((gpointer) a->name);
@ -308,6 +375,61 @@ void add_attribute(const gchar* name, const gchar* codestr, radius_attr_dissect
g_hash_table_insert(dict->attrs_by_name,(gpointer) (a->name),a);
}
void add_tlv(const gchar* name, const gchar* codestr, radius_attr_dissector_t type, const gchar* current_attr) {
radius_attr_info_t* a;
radius_attr_info_t* s = g_malloc(sizeof(radius_attr_info_t));
guint32 code;
a = g_hash_table_lookup(dict->attrs_by_name, current_attr);
if (! a) {
g_string_sprintfa(error, "Attr: '%s', does not exist in %s:%i \n", current_attr, fullpaths[include_stack_ptr], linenums[include_stack_ptr]);
BEGIN JUNK;
return;
}
if (type == radius_tlv) {
g_string_sprintfa(error, "sub-TLV: '%s', sub-TLV's type is specified as tlv in %s:%i \n", name, fullpaths[include_stack_ptr], linenums[include_stack_ptr]);
BEGIN JUNK;
return;
}
if (! a->tlvs_by_id) {
a->tlvs_by_id = g_hash_table_new(g_direct_hash,g_direct_equal);
}
code=strtol(codestr, NULL, 10);
s = g_hash_table_lookup(a->tlvs_by_id, GUINT_TO_POINTER(code));
if (!s) {
s = g_malloc(sizeof(radius_attr_info_t));
s->name = NULL;
s->dissector = NULL;
}
s->code = code;
s->type = type;
s->encrypt = FALSE;
s->tagged = FALSE;
s->dissector = NULL;
s->vs = NULL;
s->hf = -1;
s->hf64 = -1;
s->hf_tag = -1;
s->hf_len = -1;
s->ett = -1;
s->tlvs_by_id = NULL;
if (s->name)
g_free((gpointer) s->name);
s->name = g_strdup(name);
g_hash_table_insert(a->tlvs_by_id,GUINT_TO_POINTER(s->code),s);
g_hash_table_insert(dict->tlvs_by_name,(gpointer) (s->name),s);
}
void add_value(const gchar* attrib_name, const gchar* value_repr, long value) {
value_string v;
GArray* a = g_hash_table_lookup(value_strings,attrib_name);
@ -323,6 +445,22 @@ void add_value(const gchar* attrib_name, const gchar* value_repr, long value) {
g_array_append_val(a,v);
}
static void setup_tlvs(gpointer k _U_, gpointer v, gpointer p _U_) {
radius_attr_info_t* s = v;
gpointer key;
union {
GArray* a;
gpointer p;
} vs;
if (g_hash_table_lookup_extended(value_strings, s->name, &key, &vs.p)) {
s->vs = (value_string*) vs.a->data;
g_array_free(vs.a, FALSE);
g_hash_table_remove(value_strings, key);
g_free(key);
}
}
static void setup_attrs(gpointer k _U_, gpointer v, gpointer p _U_) {
radius_attr_info_t* a = v;
@ -339,6 +477,10 @@ static void setup_attrs(gpointer k _U_, gpointer v, gpointer p _U_) {
g_hash_table_remove(value_strings,key);
g_free(key);
}
if (a->tlvs_by_id) {
g_hash_table_foreach(a->tlvs_by_id, setup_tlvs, p);
}
}
static void setup_vendors(gpointer k _U_, gpointer v, gpointer p) {
@ -360,11 +502,32 @@ static gboolean destroy_value_strings(gpointer k, gpointer v, gpointer p _U_) {
return TRUE;
}
static gboolean destroy_tlvs(gpointer k _U_, gpointer v, gpointer p _U_) {
radius_attr_info_t* s = v;
int i;
g_free((gpointer) (s->name));
if (s->vs) {
for(i=0; s->vs[i].strptr; i++) {
g_free((void *)s->vs[i].strptr);
}
g_free((void *)s->vs);
}
g_free(s);
return TRUE;
}
static gboolean destroy_attrs(gpointer k _U_, gpointer v, gpointer p _U_) {
radius_attr_info_t* a = v;
int i;
g_free((gpointer) (a->name));
if (a->tlvs_by_id) {
g_hash_table_foreach_remove(a->tlvs_by_id, destroy_tlvs, p);
g_hash_table_destroy(a->tlvs_by_id);
}
if (a->vs) {
for(i=0; a->vs[i].strptr; i++) {
g_free((void *)a->vs[i].strptr);

2
packaging/nsis/wireshark.nsi
View File

@ -517,6 +517,7 @@ File "..\..\radius\dictionary.shasta"
File "..\..\radius\dictionary.shiva"
File "..\..\radius\dictionary.sonicwall"
File "..\..\radius\dictionary.springtide"
File "..\..\radius\dictionary.starent"
File "..\..\radius\dictionary.t_systems_nova"
File "..\..\radius\dictionary.telebit"
File "..\..\radius\dictionary.trapeze"
@ -526,6 +527,7 @@ File "..\..\radius\dictionary.unix"
File "..\..\radius\dictionary.usr"
File "..\..\radius\dictionary.valemount"
File "..\..\radius\dictionary.versanet"
File "..\..\radius\dictionary.wimax"
File "..\..\radius\dictionary.wispr"
File "..\..\radius\dictionary.xedia"
SetOutPath $INSTDIR

12
radius/dictionary
View File

@ -21,6 +21,13 @@
# ipv6addr - 16 octets in network byte order
# ipv6prefix - 18 octets in network byte order
# octets - raw octets, printed as hex strings
# byte - one-octet unsigned integer
# short - two-octet unsigned integer in network byte order
# signed - 4-octet signed integer in network byte order.
# combo-ip - if length 4, is the same as the "ipaddr" type.
# if length 16, is the same as "ipv6addr" type.
# tlv - encapsulated sub-attributes
# i.e. Vendor-Specific -> WiMAX TLV -> WiMAX sub-tlv.
#
$INCLUDE dictionary.3com
@ -86,8 +93,9 @@ $INCLUDE dictionary.xedia
$INCLUDE dictionary.ascend
# we do not support 16bit attribute codes yet
# $INCLUDE dictionary.usr
$INCLUDE dictionary.usr
$INCLUDE dictionary.starent
$INCLUDE dictionary.wimax
#
# The following are the proper new names. Use these.

176
radius/dictionary.starent Normal file
View File

@ -0,0 +1,176 @@
# -*- text -*-
##############################################################################
#
# Starent dictionary
# http://www.starentnetworks.com/
#
# These appear to be 16-bit VSA types, with 16-bit lengths.
#
# $Id$
#
##############################################################################
VENDOR Starent 8164 format=2,2
BEGIN-VENDOR Starent
ATTRIBUTE SN-VPN-ID 1 integer
ATTRIBUTE SN-VPN-Name 2 string
ATTRIBUTE SN-Disconnect-Reason 3 integer
ATTRIBUTE SN-PPP-Progress-Code 4 integer
ATTRIBUTE SN-Primary-DNS-Server 5 ipaddr
ATTRIBUTE SN-Secondary-DNS-Server 6 ipaddr
ATTRIBUTE SN-Re-CHAP-Interval 7 integer
ATTRIBUTE SN-IP-Pool-Name 8 string
ATTRIBUTE SN-PPP-Data-Compression 9 integer
ATTRIBUTE SN-IP-Filter-In 10 string
ATTRIBUTE SN-IP-Filter-Out 11 string
ATTRIBUTE SN-Local-IP-Address 13 ipaddr
ATTRIBUTE SN-IP-Source-Validation 14 integer
ATTRIBUTE SN-PPP-Outbound-Password 15 string
ATTRIBUTE SN-PPP-Keepalive 16 integer
ATTRIBUTE SN-IP-In-ACL 17 string
ATTRIBUTE SN-IP-Out-ACL 18 string
ATTRIBUTE SN-PPP-Data-Compression-Mode 19 integer
ATTRIBUTE SN-Subscriber-Permission 20 integer
ATTRIBUTE SN-Admin-Permission 21 integer
ATTRIBUTE SN-Simultaneous-SIP-MIP 22 integer
ATTRIBUTE SN-Min-Compress-Size 23 integer
ATTRIBUTE SNA-PPP-Unfr-data-In-Oct 200 integer
ATTRIBUTE SNA-PPP-Unfr-data-Out-Oct 201 integer
ATTRIBUTE SNA-PPP-Ctrl-Input-Octets 1001 integer
ATTRIBUTE SNA-PPP-Ctrl-Output-Octets 1002 integer
ATTRIBUTE SNA-PPP-Ctrl-Input-Packets 1003 integer
ATTRIBUTE SNA-PPP-Ctrl-Output-Packets 1004 integer
ATTRIBUTE SNA-PPP-Framed-Input-Octets 1005 integer
ATTRIBUTE SNA-PPP-Framed-Output-Octets 1006 integer
ATTRIBUTE SNA-PPP-Discards-Input 1007 integer
ATTRIBUTE SNA-PPP-Discards-Output 1008 integer
ATTRIBUTE SNA-PPP-Errors-Input 1009 integer
ATTRIBUTE SNA-PPP-Errors-Output 1010 integer
ATTRIBUTE SNA-PPP-Bad-Addr 1011 integer
ATTRIBUTE SNA-PPP-Bad-Ctrl 1012 integer
ATTRIBUTE SNA-PPP-Packet-Too-Long 1013 integer
ATTRIBUTE SNA-PPP-Bad-FCS 1014 integer
ATTRIBUTE SNA-PPP-Echo-Req-Input 1015 integer
ATTRIBUTE SNA-PPP-Echo-Req-Output 1016 integer
ATTRIBUTE SNA-PPP-Echo-Rsp-Input 1017 integer
ATTRIBUTE SNA-PPP-Echo-Rsp-Output 1018 integer
ATTRIBUTE SNA-RPRRQ-Rcvd-Total 1019 integer
ATTRIBUTE SNA-RPRRQ-Rcvd-Acc-Reg 1020 integer
ATTRIBUTE SNA-RPRRQ-Rcvd-Acc-Dereg 1021 integer
ATTRIBUTE SNA-RPRRQ-Rcvd-Msg-Auth-Fail 1022 integer
ATTRIBUTE SNA-RPRRQ-Rcvd-Mis-ID 1023 integer
ATTRIBUTE SNA-RPRRQ-Rcvd-Badly-Formed 1024 integer
ATTRIBUTE SNA-RPRRQ-Rcvd-VID-Unsupported 1025 integer
ATTRIBUTE SNA-RPRRQ-Rcvd-T-Bit-Not-Set 1026 integer
ATTRIBUTE SNA-RPRAK-Rcvd-Total 1027 integer
ATTRIBUTE SNA-RPRAK-Rcvd-Acc-Ack 1028 integer
ATTRIBUTE SNA-RPRAK-Rcvd-Msg-Auth-Fail 1029 integer
ATTRIBUTE SNA-RPRAK-Rcvd-Mis-ID 1030 integer
ATTRIBUTE SNA-RP-Reg-Reply-Sent-Total 1031 integer
ATTRIBUTE SNA-RP-Reg-Reply-Sent-Acc-Reg 1032 integer
ATTRIBUTE SNA-RP-Reg-Reply-Sent-Acc-Dereg 1033 integer
ATTRIBUTE SNA-RP-Reg-Reply-Sent-Bad-Req 1034 integer
ATTRIBUTE SNA-RP-Reg-Reply-Sent-Denied 1035 integer
ATTRIBUTE SNA-RP-Reg-Reply-Sent-Mis-ID 1036 integer
ATTRIBUTE SNA-RP-Reg-Reply-Sent-Send-Err 1037 integer
ATTRIBUTE SNA-RP-Reg-Upd-Sent 1038 integer
ATTRIBUTE SNA-RP-Reg-Upd-Re-Sent 1039 integer
ATTRIBUTE SNA-RP-Reg-Upd-Send-Err 1040 integer
VALUE SN-Disconnect-Reason Not-Defined 0
VALUE SN-Disconnect-Reason Admin-Disconnect 1
VALUE SN-Disconnect-Reason Remote-Disconnect 2
VALUE SN-Disconnect-Reason Local-Disconnect 3
VALUE SN-Disconnect-Reason Disc-No-Resource 4
VALUE SN-Disconnect-Reason Disc-Excd-Service-Limit 5
VALUE SN-Disconnect-Reason PPP-LCP-Neg-Failed 6
VALUE SN-Disconnect-Reason PPP-LCP-No-Response 7
VALUE SN-Disconnect-Reason PPP-LCP-Loopback 8
VALUE SN-Disconnect-Reason PPP-LCP-Max-Retry 9
VALUE SN-Disconnect-Reason PPP-Echo-Failed 10
VALUE SN-Disconnect-Reason PPP-Auth-Failed 11
VALUE SN-Disconnect-Reason PPP-Auth-Failed-No-AAA-Resp 12
VALUE SN-Disconnect-Reason PPP-Auth-No-Response 13
VALUE SN-Disconnect-Reason PPP-Auth-Max-Retry 14
VALUE SN-Disconnect-Reason Invalid-AAA-Attr 15
VALUE SN-Disconnect-Reason Failed-User-Filter 16
VALUE SN-Disconnect-Reason Failed-Provide-Service 17
VALUE SN-Disconnect-Reason Invalid-IP-Address-AAA 18
VALUE SN-Disconnect-Reason Invalid-IP-Pool-AAA 19
VALUE SN-Disconnect-Reason PPP-IPCP-Neg-Failed 20
VALUE SN-Disconnect-Reason PPP-IPCP-No-Response 21
VALUE SN-Disconnect-Reason PPP-IPCP-Max-Retry 22
VALUE SN-Disconnect-Reason PPP-No-Rem-IP-Address 23
VALUE SN-Disconnect-Reason Inactivity-Timeout 24
VALUE SN-Disconnect-Reason Session-Timeout 25
VALUE SN-Disconnect-Reason Max-Data-Excd 26
VALUE SN-Disconnect-Reason Invalid-IP-Source-Address 27
VALUE SN-Disconnect-Reason MSID-Auth-Failed 28
VALUE SN-Disconnect-Reason MSID-Auth-Fauiled-No-AAA-Resp 29
VALUE SN-Disconnect-Reason A11-Max-Retry 30
VALUE SN-Disconnect-Reason A11-Lifetime-Expired 31
VALUE SN-Disconnect-Reason A11-Message-Integrity-Failure 32
VALUE SN-Disconnect-Reason PPP-lcp-remote-disc 33
VALUE SN-Disconnect-Reason Session-setup-timeout 34
VALUE SN-Disconnect-Reason PPP-keepalive-failure 35
VALUE SN-Disconnect-Reason Flow-add-failed 36
VALUE SN-Disconnect-Reason Call-type-detection-failed 37
VALUE SN-Disconnect-Reason Wrong-ipcp-params 38
VALUE SN-Disconnect-Reason MIP-remote-dereg 39
VALUE SN-Disconnect-Reason MIP-lifetime-expiry 40
VALUE SN-Disconnect-Reason MIP-proto-error 41
VALUE SN-Disconnect-Reason MIP-auth-failure 42
VALUE SN-Disconnect-Reason MIP-reg-timeout 43
VALUE SN-Disconnect-Reason Invalid-dest-context 44
VALUE SN-Disconnect-Reason Source-context-removed 45
VALUE SN-Disconnect-Reason Destination-context-removed 46
VALUE SN-Disconnect-Reason Req-service-addr-unavailable 47
VALUE SN-Disconnect-Reason Demux-mgr-failed 48
VALUE SN-Disconnect-Reason Internal-error 49
VALUE SN-PPP-Progress-Code Not-Defined 0
VALUE SN-PPP-Progress-Code Call-Lcp-Down 1
VALUE SN-PPP-Progress-Code Call-Disconnecting 2
VALUE SN-PPP-Progress-Code Call-Ppp-Renegotiating 3
VALUE SN-PPP-Progress-Code Call-Arrived 11
VALUE SN-PPP-Progress-Code Call-Lcp-Up 12
VALUE SN-PPP-Progress-Code Call-Authenticating 13
VALUE SN-PPP-Progress-Code Call-Authenticated 14
VALUE SN-PPP-Progress-Code Call-Ipcp-Up 15
VALUE SN-PPP-Progress-Code Call-Simple-IP-Connected 16
VALUE SN-PPP-Progress-Code Call-Mobile-IP-Connected 17
VALUE SN-PPP-Data-Compression None 0
VALUE SN-PPP-Data-Compression Stac-LZS 1
VALUE SN-PPP-Data-Compression MPPC 2
VALUE SN-PPP-Data-Compression MPCC-Stac-LZS 3
VALUE SN-PPP-Data-Compression Deflate 4
VALUE SN-PPP-Data-Compression Deflate-Stac-LZS 5
VALUE SN-PPP-Data-Compression Deflate-MPCC 6
VALUE SN-PPP-Data-Compression Deflate-MPCC-Stac-LZS 7
VALUE SN-IP-Source-Validation No 0
VALUE SN-IP-Source-Validation Yes 1
VALUE SN-Subscriber-Permission None 0
VALUE SN-Subscriber-Permission Simple-IP 1
VALUE SN-Subscriber-Permission Mobile-IP 2
VALUE SN-Subscriber-Permission Simple-IP-Mobile-IP 3
VALUE SN-Subscriber-Permission HA-Mobile-IP 4
VALUE SN-Subscriber-Permission Simple-IP-HA-Mobile-IP 5
VALUE SN-Subscriber-Permission Mobile-IP-HA-Mobile-IP 6
VALUE SN-Subscriber-Permission All 7
VALUE SN-Admin-Permission None 0
VALUE SN-Admin-Permission CLI 1
VALUE SN-Admin-Permission FTP 2
VALUE SN-Simultaneous-SIP-MIP Disabled 0
VALUE SN-Simultaneous-SIP-MIP Enabled 1
VALUE SN-PPP-Data-Compression-Mode Normal 0
VALUE SN-PPP-Data-Compression-Mode Stateless 1
END-VENDOR Starent

2176
radius/dictionary.usr
View File

File diff suppressed because it is too large Load Diff

369
radius/dictionary.wimax Normal file
View File

@ -0,0 +1,369 @@
# -*- text -*-
##############################################################################
#
# WiMAX Forum
#
# Updated from NWG_R1_V1.2.1-Stage-3.pdf
#
# NWG_R1_V1.2-Stage-3.pdf
# RADIUS discussion is on pp. 432-498
# WiMAX VSA's are on p. 450 and following.
#
# DHCP && MIP keys are on p.48 and following.
#
# WiMAX VSA's have a non-standard format:
#
# type 1 octet
# length 1 octet
# continuation 1 octet 0bcrrrrrrr
# value 1+ octets
#
# If the high bit of the "continuation" field is set, then
# the next attribute of the same WiMAX type should have it's
# value concatenated to this one.
#
# The C bit MUST be zero for all small types. e.g. integer,
# ipaddr, ipv6addr, etc. It MAY be set for "string" and "octet"
# types. The maximum attribute length for "string" and "octet"
# types is still 253 bytes, even with continuations. The WiMAX
# specifications do not specify a maximum length, so we have chosen
# to keep the traditional RADIUS maximum length here.
#
# The C bit MAY be 1 for TLV types. There is no restriction on
# TLV length other than maximum packet size (a bit less than 4K).
#
# The rest of the bits in the "continuation" octet are reserved,
# and MUST be zero.
#
# Each WiMAX VSA is packed into one Vendor-Specific attribute
# with Vendor-Id of WiMAX. Multiple WiMAX sub-TLV's ARE packed
# into one VSA with an encapsulating TLV.
#
# The WiMAX forum adds the following (non-standard) data types:
#
# byte - one-octet unsigned integer
# short - two-octet unsigned integer in network byte order
# signed - 4-octet signed integer in network byte order.
# combo-ip - if length 4, is the same as the "ipaddr" type.
# if length 16, is the same as "ipv6addr" type.
# tlv - encapsulated sub-attributes
# i.e. Vendor-Specific -> WiMAX TLV -> WiMAX sub-tlv.
#
##############################################################################
#
# $Id$
#
##############################################################################
VENDOR WiMAX 24757 format=1,1,c
BEGIN-VENDOR WiMAX
ATTRIBUTE WiMAX-Capability 1 tlv
BEGIN-TLV WiMAX-Capability
ATTRIBUTE WiMAX-Release 1 string
ATTRIBUTE WiMAX-Accounting-Capabilities 2 byte
ATTRIBUTE WiMAX-Hotlining-Capabilities 3 byte
ATTRIBUTE WiMAX-Idle-Mode-Notification-Cap 4 byte
# This is really a bitmap
VALUE WiMAX-Accounting-Capabilities No-Accounting 0
VALUE WiMAX-Accounting-Capabilities IP-Session-Based 1
VALUE WiMAX-Accounting-Capabilities Flow-Based 2
# This is really a bitmap
VALUE WiMAX-Hotlining-Capabilities Not-Supported 0
VALUE WiMAX-Hotlining-Capabilities Hotline-Profile-Id 1
VALUE WiMAX-Hotlining-Capabilities NAS-Filter-Rule 2
VALUE WiMAX-Hotlining-Capabilities HTTP-Redirection 4
VALUE WiMAX-Hotlining-Capabilities IP-Redirection 8
VALUE WiMAX-Idle-Mode-Notification-Cap Not-Supported 0
VALUE WiMAX-Idle-Mode-Notification-Cap Supported 1
END-TLV WiMAX-Capability
ATTRIBUTE WiMAX-Device-Authentication-Indicator 2 byte
ATTRIBUTE WiMAX-GMT-Timezone-offset 3 signed
ATTRIBUTE WiMAX-AAA-Session-Id 4 octets
# 32 octets in length
ATTRIBUTE WiMAX-MSK 5 octets encrypt=2
ATTRIBUTE WiMAX-hHA-IP-MIP4 6 ipaddr
ATTRIBUTE WiMAX-hHA-IP-MIP6 7 ipv6addr
ATTRIBUTE WiMAX-DHCPv4-Server 8 combo-ip
ATTRIBUTE WiMAX-DHCPv6-Server 9 combo-ip
# MN-HA-CMIP4 = H(MIP-RK, "CMIP4 MN HA" | HA-IPv4 | MN-NAI), or
# MN-HA-PMIP4 = H(MIP-RK, "PMIP4 MN HA" | HA-IPv4 | MN-NAI)
ATTRIBUTE WiMAX-MN-hHA-MIP4-Key 10 octets encrypt=2
# MN-HA-CMIP4-SPI == MIP-SPI, or
# MN-HA-PIMP4-SPI == MIP-SPI + 1
ATTRIBUTE WiMAX-MN-hHA-MIP4-SPI 11 octets
# MN-HA-CMIP6 = H(MIP-RK, "CMIP6 MN HA" | HA-IPv6 | MN-NAI)
ATTRIBUTE WiMAX-MN-hHA-MIP6-Key 12 octets encrypt=2
# MN-HA-CMIP6-SPI == MIP-SPI + 2
ATTRIBUTE WiMAX-MN-hHA-MIP6-SPI 13 integer
# FA-RK = H(MIP-RK, "FA-RK")
ATTRIBUTE WiMAX-FA-RK-Key 14 octets encrypt=2
# 160 bit random number
ATTRIBUTE WiMAX-HA-RK-Key 15 octets encrypt=2
# SPI-CMIP4
ATTRIBUTE WiMAX-HA-RK-SPI 16 integer
ATTRIBUTE WiMAX-HA-RK-Lifetime 17 integer
# The same as MN-HA-CMIP4, etc. But in different packets.
ATTRIBUTE WiMAX-RRQ-HA-IP 18 combo-ip
ATTRIBUTE WiMAX-RRQ-MN-HA-Key 19 octets encrypt=2
ATTRIBUTE WiMAX-RRQ-MN-HA-SPI 20 integer
ATTRIBUTE WiMAX-Session-Continue 21 integer
ATTRIBUTE WiMAX-Beginning-Of-Session 22 integer
ATTRIBUTE WiMAX-IP-Technology 23 integer
VALUE WiMAX-IP-Technology Reserved-0 0
VALUE WiMAX-IP-Technology Reserved-1 1
VALUE WiMAX-IP-Technology PMIP4 2
VALUE WiMAX-IP-Technology CMIP4 3
VALUE WiMAX-IP-Technology CMIP6 4
VALUE WiMAX-IP-Technology Ethernet-CS 5
ATTRIBUTE WiMAX-Hotline-Indicator 24 string
ATTRIBUTE WiMAX-Prepaid-Indicator 25 byte
ATTRIBUTE WiMAX-PDFID 26 short
ATTRIBUTE WiMAX-SDFID 27 short
ATTRIBUTE WiMAX-Packet-Flow-Descriptor 28 tlv
BEGIN-TLV WiMAX-Packet-Flow-Descriptor
ATTRIBUTE WiMAX-Packet-Data-Flow-Id 1 short
ATTRIBUTE WiMAX-Service-Data-Flow-Id 2 short
ATTRIBUTE WiMAX-Service-Profile-Id 3 integer
ATTRIBUTE WiMAX-Direction 4 byte
VALUE WiMAX-Direction Reserved-0 0
VALUE WiMAX-Direction Uplink 1
VALUE WiMAX-Direction Downlink 2
VALUE WiMAX-Direction Bi-Directional 3
ATTRIBUTE WiMAX-Activation-Trigger 5 byte # bitmap
ATTRIBUTE WiMAX-Transport-Type 6 byte
VALUE WiMAX-Transport-Type Reserved-0 0
VALUE WiMAX-Transport-Type IPv4-CS 1
VALUE WiMAX-Transport-Type IPv6-CS 2
VALUE WiMAX-Transport-Type Ethernet 3
ATTRIBUTE WiMAX-Uplink-QOS-Id 7 byte
ATTRIBUTE WiMAX-Downlink-QOS-Id 8 byte
ATTRIBUTE WiMAX-Uplink-Classifier 9 string
ATTRIBUTE WiMAX-Downlink-Classifier 10 string
END-TLV WiMAX-Packet-Flow-Descriptor
ATTRIBUTE WiMAX-QoS-Descriptor 29 tlv
BEGIN-TLV WiMAX-QoS-Descriptor
ATTRIBUTE WiMAX-QoS-Id 1 byte
ATTRIBUTE WiMAX-Global-Service-Class-Name 2 string # 6 octets
ATTRIBUTE WiMAX-Service-Class-Name 3 string
ATTRIBUTE WiMAX-Schedule-Type 4 byte
ATTRIBUTE WiMAX-Traffic-Priority 5 byte
ATTRIBUTE WiMAX-Maximum-Sustained-Traffic-Rate 6 integer
ATTRIBUTE WiMAX-Minimum-Reserved-Traffic-Rate 7 integer
ATTRIBUTE WiMAX-Maximum-Traffic-Burst 8 integer
ATTRIBUTE WiMAX-Tolerated-Jitter 9 integer
ATTRIBUTE WiMAX-Maximum-Latency 10 integer
ATTRIBUTE WiMAX-Reduced-Resources-Code 11 byte
ATTRIBUTE WiMAX-Media-Flow-Type 12 byte
ATTRIBUTE WiMAX-Unsolicited-Grant-Interval 13 short
ATTRIBUTE WiMAX-SDU-Size 14 short
ATTRIBUTE WiMAX-Unsolicited-Polling-Interval 15 short
ATTRIBUTE WiMAX-Media-Flow-Description-SDP 16 string
VALUE WiMAX-Schedule-Type Best-Effort 2
VALUE WiMAX-Schedule-Type nrtPS 3
VALUE WiMAX-Schedule-Type rtPS 4
VALUE WiMAX-Schedule-Type Extended-rtPS 5
VALUE WiMAX-Schedule-Type UGS 6
VALUE WiMAX-Media-Flow-Type VoIP 1
VALUE WiMAX-Media-Flow-Type Robust-Browser 2
VALUE WiMAX-Media-Flow-Type Secure-Browser-VPN 3
VALUE WiMAX-Media-Flow-Type Streaming-Video 4
VALUE WiMAX-Media-Flow-Type Streaming-Live-TV 5
VALUE WiMAX-Media-Flow-Type Music-Photo-Download 6
VALUE WiMAX-Media-Flow-Type Multi-Player-Gaming 7
VALUE WiMAX-Media-Flow-Type Location-Based-Services 8
VALUE WiMAX-Media-Flow-Type Text-Audio-Books 9
VALUE WiMAX-Media-Flow-Type Video-Conversation 10
VALUE WiMAX-Media-Flow-Type Message 11
VALUE WiMAX-Media-Flow-Type Control 12
VALUE WiMAX-Media-Flow-Type Data 13
END-TLV WiMAX-QoS-Descriptor
ATTRIBUTE WiMAX-Uplink-Granted-QoS 30 string
ATTRIBUTE WiMAX-Control-Packets-In 31 integer
ATTRIBUTE WiMAX-Control-Octets-In 32 integer
ATTRIBUTE WiMAX-Control-Packets-Out 33 integer
ATTRIBUTE WiMAX-Control-Octets-Out 34 integer
ATTRIBUTE WiMAX-PPAC 35 tlv
BEGIN-TLV WiMAX-PPAC
ATTRIBUTE WiMAX-Available-In-Client 1 integer
# Really a bitmap
VALUE WiMAX-Available-In-Client Volume-Metering 1
VALUE WiMAX-Available-In-Client Duration-Metering 2
VALUE WiMAX-Available-In-Client Resource-Metering 4
VALUE WiMAX-Available-In-Client Pools 8
VALUE WiMAX-Available-In-Client Rating-Groups 0x10
VALUE WiMAX-Available-In-Client Multi-Services 0x20
VALUE WiMAX-Available-In-Client Tariff-Switch 0x40
END-TLV WiMAX-PPAC
ATTRIBUTE WiMAX-Session-Termination-Capability 36 integer
# Really a bitmap
VALUE WiMAX-Session-Termination-Capability Dynamic-Authorization 1
ATTRIBUTE WiMAX-PPAQ 37 tlv
BEGIN-TLV WiMAX-PPAQ
ATTRIBUTE WiMAX-PPAQ-Quota-Identifier 1 octets
ATTRIBUTE WiMAX-Volume-Quota 2 integer #kb
ATTRIBUTE WiMAX-Volume-Threshold 3 integer #kb
ATTRIBUTE WiMAX-Duration-Quota 4 integer #s
ATTRIBUTE WiMAX-Duration-Threshold 5 integer #s
ATTRIBUTE WiMAX-Resource-Quota 6 integer
ATTRIBUTE WiMAX-Resource-Threshold 7 integer
ATTRIBUTE WiMAX-Update-Reason 8 integer
ATTRIBUTE WiMAX-Prepaid-Server 9 combo-ip
ATTRIBUTE WiMAX-Service-Id 10 string
ATTRIBUTE WiMAX-Rating-Group-Id 11 integer
ATTRIBUTE WiMAX-Termination-Action 12 byte
ATTRIBUTE WiMAX-Pool-Id 13 integer
ATTRIBUTE WiMAX-Pool-Multiplier 14 integer
ATTRIBUTE WiMAX-Requested-Action 15 byte
ATTRIBUTE WiMAX-Check-Balance-Result 16 byte
#
# 4 octets - integer representing 1/10's of lowest currency (e.g. cents)
# 4 octets - currency code as in ISO-4217
# 1+ - UTF8 string containing text like "cost is $1 per minute"
#
ATTRIBUTE WiMAX-Cost-Information-AVP 17 octets
VALUE WiMAX-Update-Reason Pre-Initialization 1
VALUE WiMAX-Update-Reason Initial-Request 2
VALUE WiMAX-Update-Reason Threshold-Reached 3
VALUE WiMAX-Update-Reason Quota-Reached 4
VALUE WiMAX-Update-Reason TITSU-Approaching 5
VALUE WiMAX-Update-Reason Remote-Forced-Disconnect 6
VALUE WiMAX-Update-Reason Client-Service-Termination 7
VALUE WiMAX-Update-Reason Access-Service-Terminated 8
VALUE WiMAX-Update-Reason Service-Not-Established 9
VALUE WiMAX-Update-Reason One-Time-Charging 10
VALUE WiMAX-Termination-Action Terminate 1
VALUE WiMAX-Termination-Action Request-More-Quota 2
VALUE WiMAX-Termination-Action Redirect-Or-Filter 3
VALUE WiMAX-Requested-Action Balance-Check 1
VALUE WiMAX-Requested-Action Price-Enquiry 2
END-TLV WiMAX-PPAQ
ATTRIBUTE WiMAX-Prepaid-Tariff-Switching 38 tlv
BEGIN-TLV WiMAX-Prepaid-Tariff-Switching
ATTRIBUTE WiMAX-Prepaid-Quota-Identifier 1 string
ATTRIBUTE WiMAX-Volume-Used-After 2 integer #1k
ATTRIBUTE WiMAX-Tariff-Switch-Interval 3 integer #s
ATTRIBUTE WiMAX-Time-Interval-After 4 integer #s
END-TLV WiMAX-Prepaid-Tariff-Switching
ATTRIBUTE WiMAX-Active-Time-Duration 39 integer
ATTRIBUTE WiMAX-DHCP-RK 40 octets encrypt=2
ATTRIBUTE WiMAX-DHCP-RK-Key-Id 41 integer
ATTRIBUTE WiMAX-DHCP-RK-Lifetime 42 integer
ATTRIBUTE WiMAX-DHCP-Msg-Server-IP 43 ipaddr
ATTRIBUTE WiMAX-Idle-Mode-Transition 44 byte
ATTRIBUTE WiMAX-NAP-Id 45 octets
# 3 octets of NAP Id
# 3 octets of base-station Id
ATTRIBUTE WiMAX-BS-Id 46 octets
ATTRIBUTE WiMAX-Location 47 octets
# Number of times Acct-Input-Packets rolled over 2^32.
ATTRIBUTE WiMAX-Acct-Input-Packets-Gigaword 48 integer
ATTRIBUTE WiMAX-Acct-Output-Packets-Gigaword 49 integer
# Formatted as per IP Filter rule specification.
ATTRIBUTE WiMAX-Uplink-Flow-Description 50 string
ATTRIBUTE WiMAX-Blu-Coa-IPv6 51 ipv6addr
ATTRIBUTE WiMAX-DNS-Server 52 combo-ip
ATTRIBUTE WiMAX-Hotline-Profile-Id 53 string
# Formatted as per IP Filter rule specification.
ATTRIBUTE WiMAX-HTTP-Redirection-Rule 54 string
# Formatted as per IP Filter rule specification.
ATTRIBUTE WiMAX-IP-Redirection-Rule 55 string
ATTRIBUTE WiMAX-Hotline-Session-Timer 56 integer
# 3 octets
ATTRIBUTE WiMAX-NSP-Id 57 octets
ATTRIBUTE WiMAX-HA-RK-Key-Requested 58 integer
VALUE WiMAX-HA-RK-Key-Requested No 0
VALUE WiMAX-HA-RK-Key-Requested Yes 1
ATTRIBUTE WiMAX-Count-Type 59 byte
ATTRIBUTE WiMAX-DM-Action-Code 60 integer
VALUE WiMAX-DM-Action-Code Deregister-MS 0
VALUE WiMAX-DM-Action-Code Suspend-MS-Traffic 1
VALUE WiMAX-DM-Action-Code Suspend-User-Traffic 2
VALUE WiMAX-DM-Action-Code Resume-Traffic 3
VALUE WiMAX-DM-Action-Code MS-Terminate 4
VALUE WiMAX-DM-Action-Code MS-Idle 5
VALUE WiMAX-DM-Action-Code MS-Completed-IPv6-Handover 6
VALUE WiMAX-DM-Action-Code BS-Sends-RES-Cmd 0xffff
# FA-RK-SPI = SPI-CMIP4 = MIP-SPI
ATTRIBUTE WiMAX-FA-RK-SPI 61 integer
# Formatted as per IP Filter rule specification.
ATTRIBUTE WiMAX-Downlink-Flow-Description 62 string
# Same as QoS-Descriptor... dang.
ATTRIBUTE WiMAX-Downlink-Granted-QoS 63 tlv
# More MIP keys, calculated as above... but in different packets.
# Why, oh why?
ATTRIBUTE WiMAX-vHA-IP-MIP4 64 ipaddr
ATTRIBUTE WiMAX-vHA-IP-MIP6 65 ipv6addr
ATTRIBUTE WiMAX-vHA-MIP4-Key 66 octets encrypt=2
ATTRIBUTE WiMAX-vHA-RK-Key 67 octets encrypt=2
ATTRIBUTE WiMAX-vHA-RK-SPI 68 integer
ATTRIBUTE WiMAX-vHA-RK-Lifetime 69 integer
ATTRIBUTE WiMAX-MN-vHA-MIP6-Key 70 octets encrypt=2
ATTRIBUTE WiMAX-MN-vHA-MIP4-SPI 71 integer
ATTRIBUTE WiMAX-MN-vHA-MIP6-SPI 72 integer
ATTRIBUTE WiMAX-vDHCPv4-Server 73 ipaddr
ATTRIBUTE WiMAX-vDHCPv6-Server 74 ipv6addr
ATTRIBUTE WiMAX-vDHCP-RK 75 octets encrypt=2
ATTRIBUTE WiMAX-vDHCP-RK-Key-ID 76 integer
ATTRIBUTE WiMAX-vDHCP-RK-Lifetime 77 integer
END-VENDOR WiMAX