Diameter: Add MS-CHAP/MS-CHAPv2 AVP support for EAP-TLS

Created the Microsoft Diameter file based on MS-CHAP-* AVPs listed at
https://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml#eap-numbers-10
Many values are displayed as bytes for simplicit. The MS-CHAP2-Success
attribute could for example be dissected further as 1 byte followed by a
string, but that requires more effort.

Allow padding to be missing since the eap-ttls-mschapv2.pcapng capture
would throw a Malformed Packet exception otherwise.

Bug: 15603
Change-Id: I9efc322a86802e78bb6cd4bc3df1c1282a45fe9e
Reviewed-on: https://code.wireshark.org/review/34291
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

diameter/Microsoft.xml

@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!-- Microsoft vendor-specific AVPs as specified in RFC 2548 for RADIUS.
+     These are not defined for Diameter, but were converted anyway to enable
+     use with EAP-TTLS (RFC 5281). -->
+
+<vendor vendor-id="Microsoft" code="311" name="Microsoft">
+    <avp name="MS-CHAP-Response" code="1" vendor-id="Microsoft">
+        <type type-name="OctetString" />
+    </avp>
+    <avp name="MS-CHAP-Error" code="2" vendor-id="Microsoft">
+        <type type-name="UTF8String" />
+    </avp>
+    <avp name="MS-CHAP-NT-Enc-PW" code="6" vendor-id="Microsoft">
+        <type type-name="OctetString" />
+    </avp>
+    <avp name="MS-CHAP-Domain" code="10" vendor-id="Microsoft">
+        <type type-name="UTF8String" />
+    </avp>
+    <avp name="MS-CHAP-Challenge" code="11" vendor-id="Microsoft">
+        <type type-name="OctetString" />
+    </avp>
+    <avp name="MS-CHAP2-Response" code="25" vendor-id="Microsoft">
+        <type type-name="OctetString" />
+    </avp>
+    <avp name="MS-CHAP2-Success" code="26" vendor-id="Microsoft">
+        <type type-name="OctetString" />
+    </avp>
+    <avp name="MS-CHAP2-CPW" code="27" vendor-id="Microsoft">
+        <type type-name="OctetString" />
+    </avp>
+</vendor>

diameter/dictionary.xml

@@ -32,6 +32,7 @@
 	<!ENTITY VerizonWireless	SYSTEM "VerizonWireless.xml">
 	<!ENTITY Telefonica		SYSTEM "Telefonica.xml">
 	<!ENTITY Siemens		SYSTEM "Siemens.xml">
+	<!ENTITY Microsoft		SYSTEM "Microsoft.xml">
 	<!ENTITY Custom			SYSTEM "Custom.xml">
 ]>
 <dictionary>
@@ -8839,5 +8840,6 @@
 	&VerizonWireless;
 	&Telefonica;
 	&Siemens;
+	&Microsoft;
 	&Custom;
 </dictionary>

epan/dissectors/packet-diameter.c

@@ -297,6 +297,7 @@ static expert_field ei_diameter_avp_no_data = EI_INIT;
 static expert_field ei_diameter_application_id = EI_INIT;
 static expert_field ei_diameter_version = EI_INIT;
 static expert_field ei_diameter_avp_pad = EI_INIT;
+static expert_field ei_diameter_avp_pad_missing = EI_INIT;
 static expert_field ei_diameter_code = EI_INIT;
 static expert_field ei_diameter_avp_code = EI_INIT;
 static expert_field ei_diameter_avp_vendor_id = EI_INIT;
@@ -762,6 +763,13 @@ dissect_diameter_avp(diam_ctx_t *c, tvbuff_t *tvb, int offset, diam_sub_dis_t *d
 		return tvb_reported_length(tvb);
 	}
 
+	/*
+	 * Workaround for a MS-CHAPv2 capture from Bug 15603 that lacks padding.
+	 */
+	if (tvb_reported_length_remaining(tvb, offset + len) < pad_len) {
+		pad_len = (guint32)tvb_reported_length_remaining(tvb, offset + len);
+	}
+
 	/* Add root of tree for this AVP */
 	avp_item = proto_tree_add_item(c->tree, hf_diameter_avp, tvb, offset, len + pad_len, ENC_NA);
 	avp_tree = proto_item_add_subtree(avp_item, a->ett);
@@ -891,6 +899,9 @@ dissect_diameter_avp(diam_ctx_t *c, tvbuff_t *tvb, int offset, diam_sub_dis_t *d
 			}
 		}
 	}
+	if ((len + pad_len) % 4) {
+		proto_tree_add_expert(avp_tree, c->pinfo, &ei_diameter_avp_pad_missing, tvb, offset, pad_len);
+	}
 
 	return len+pad_len;
 }
@@ -2390,6 +2401,7 @@ real_register_diameter_fields(void)
 		{ &ei_diameter_avp_vendor_id, { "diameter.unknown_vendor", PI_UNDECODED, PI_WARN, "Unknown Vendor, if you know whose this is you can add it to dictionary.xml", EXPFILL }},
 		{ &ei_diameter_avp_no_data, { "diameter.avp.no_data", PI_UNDECODED, PI_WARN, "Data is empty", EXPFILL }},
 		{ &ei_diameter_avp_pad, { "diameter.avp.pad.non_zero", PI_MALFORMED, PI_NOTE, "Padding is non-zero", EXPFILL }},
+		{ &ei_diameter_avp_pad_missing, { "diameter.avp.pad.missing", PI_MALFORMED, PI_NOTE, "Padding is missing", EXPFILL }},
 		{ &ei_diameter_avp_len, { "diameter.avp.invalid-len", PI_MALFORMED, PI_WARN, "Wrong length", EXPFILL }},
 		{ &ei_diameter_application_id, { "diameter.applicationId.unknown", PI_UNDECODED, PI_WARN, "Unknown Application Id, if you know what this is you can add it to dictionary.xml", EXPFILL }},
 		{ &ei_diameter_version, { "diameter.version.unknown", PI_UNDECODED, PI_WARN, "Unknown Diameter Version (decoding as RFC 3588)", EXPFILL }},

packaging/nsis/wireshark.nsi

@@ -575,6 +575,7 @@ File "${STAGING_DIR}\diameter\HP.xml"
 File "${STAGING_DIR}\diameter\Huawei.xml"
 File "${STAGING_DIR}\diameter\Inovar.xml"
 File "${STAGING_DIR}\diameter\Juniper.xml"
+File "${STAGING_DIR}\diameter\Microsoft.xml"
 File "${STAGING_DIR}\diameter\mobileipv4.xml"
 File "${STAGING_DIR}\diameter\mobileipv6.xml"
 File "${STAGING_DIR}\diameter\nasreq.xml"