rpms / wireshark

Clone
Source Code
GIT

Blame wireshark-0010-Allow-redefining-all-ports-for-RADIUS.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta
  1.   0745176bae4681a33daf82801946982da17014e3
  2.   wireshark-0010-Allow-redefining-all-ports-for-RADIUS.patch
Blob History Raw
76137e 
From: Peter Lemenkov <lemenkov@gmail.com>
76137e 
Date: Thu, 13 Aug 2015 18:13:45 +0300
76137e 
Subject: [PATCH] Allow redefining all ports for RADIUS
76137e
76137e 
RADIUS configuration sometimes uses more ports - for example, one for
76137e 
authentication, another one for accounting. Sometimes it uses the entire
76137e 
port ranges. In case of FreeRADIUS 2.x.x server it might look like this:
76137e
76137e 
...
76137e 
listen {
76137e 
        type = auth
76137e 
        ipaddr = *
76137e 
        port = 13812
76137e 
}
76137e 
listen {
76137e 
        type = acct
76137e 
        ipaddr = *
76137e 
        port = 13813
76137e 
}
76137e 
...
76137e
76137e 
Unfortunately we allow only one port to be redefined, not more. So it
76137e 
forces a person who's analyzing a traffic from such a RADIUS server
76137e 
manually select "Decode as" every time for each port.
76137e
76137e 
It was requested at least once to lift this limitation:
76137e
76137e 
* https://ask.wireshark.org/questions/2189/decode-multiple-ports-as-radius
76137e
76137e 
So let's fix it!
76137e
76137e 
With this commit it's possible to set a port ranges for RADIUS dissector
76137e 
to handle. An example (default) configuration looks like (see
76137e 
~/.wireshark/preferences):
76137e
76137e 
radius.ports: 1645,1646,1700,1812,1813,3799
76137e
76137e 
Old "alternate_port" preference is marked as obsolete. It won't be shown
76137e 
to a user but it will still be used if exists (remained from a previous
76137e 
installations).
76137e
76137e 
*Ver. 2*:
76137e 
Old alternate_port value is copied to the ports range, thus making
76137e 
transition even more smooth.
76137e
76137e 
Change-Id: Ibdd6f4f9fa1e0ac186147cec380bbfc62d509b17
76137e 
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
76137e 
Reviewed-on: https://code.wireshark.org/review/10015
76137e 
Petri-Dish: Anders Broman <a.broman58@gmail.com>
76137e 
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
76137e 
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
76137e 
Reviewed-by: Anders Broman <a.broman58@gmail.com>
76137e
76137e 
Conflicts:
76137e 
	epan/dissectors/packet-radius.c
76137e
76137e 
diff --git a/epan/dissectors/packet-radius.c b/epan/dissectors/packet-radius.c
76137e 
index 7cc440e..5f9e52e 100644
76137e 
--- a/epan/dissectors/packet-radius.c
76137e 
+++ b/epan/dissectors/packet-radius.c
76137e 
@@ -95,12 +95,16 @@ typedef struct {
76137e 
 #define RD_HDR_LENGTH		4
76137e 
 #define HDR_LENGTH		(RD_HDR_LENGTH + AUTHENTICATOR_LENGTH)
76137e
76137e 
-#define UDP_PORT_RADIUS		1645
76137e 
-#define UDP_PORT_RADIUS_NEW	1812
76137e 
-#define UDP_PORT_RADACCT	1646
76137e 
-#define UDP_PORT_RADACCT_NEW	1813
76137e 
-#define UDP_PORT_DAE_OLD	1700 /* DAE: pre RFC */
76137e 
-#define UDP_PORT_DAE		3799 /* DAE: rfc3576 */
76137e 
+/*
76137e 
+ * Default RADIUS ports:
76137e 
+ * 1645 (Authentication, pre RFC 2865)
76137e 
+ * 1646 (Accounting, pre RFC 2866)
76137e 
+ * 1812 (Authentication, RFC 2865)
76137e 
+ * 1813 (Accounting, RFC 2866)
76137e 
+ * 1700 (Dynamic Authorization Extensions, pre RFC 3576)
76137e 
+ * 3799 (Dynamic Authorization Extensions, RFC 3576)
76137e 
+*/
76137e 
+#define DEFAULT_RADIUS_PORT_RANGE "1645,1646,1700,1812,1813,3799"
76137e
76137e 
 static radius_dictionary_t* dict = NULL;
76137e
76137e 
@@ -152,6 +156,7 @@ static dissector_handle_t eap_handle;
76137e 
 static const gchar* shared_secret = "";
76137e 
 static gboolean show_length = FALSE;
76137e 
 static guint alt_port_pref = 0;
76137e 
+static range_t *global_ports_range;
76137e 
 static guint request_ttl = 5;
76137e
76137e 
 static guint8 authenticator[AUTHENTICATOR_LENGTH];
76137e 
@@ -1938,12 +1943,22 @@ extern void radius_register_avp_dissector(guint32 vendor_id, guint32 attribute_i
76137e 
 static void
76137e 
 radius_init_protocol(void)
76137e 
 {
76137e 
+	module_t *radius_module = prefs_find_module("radius");
76137e 
+	pref_t *alternate_port;
76137e 
+
76137e 
 	if (radius_calls != NULL)
76137e 
 	{
76137e 
 		g_hash_table_destroy(radius_calls);
76137e 
 		radius_calls = NULL;
76137e 
 	}
76137e
76137e 
+	if (radius_module) {
76137e 
+		/* Find alternate_port preference and mark it obsolete (thus hiding it from a user) */
76137e 
+		alternate_port = prefs_find_preference(radius_module, "alternate_port");
76137e 
+		if (! prefs_get_preference_obsolete(alternate_port))
76137e 
+			prefs_set_preference_obsolete(alternate_port);
76137e 
+	}
76137e 
+
76137e 
 	radius_calls = g_hash_table_new(radius_call_hash, radius_call_equal);
76137e 
 }
76137e
76137e 
@@ -2116,6 +2131,10 @@ proto_register_radius(void)
76137e 
 				       &show_length);
76137e 
 	prefs_register_uint_preference(radius_module, "alternate_port","Alternate Port",
76137e 
 				       "An alternate UDP port to decode as RADIUS", 10, &alt_port_pref);
76137e 
+
76137e 
+	range_convert_str(&global_ports_range, DEFAULT_RADIUS_PORT_RANGE, MAX_UDP_PORT);
76137e 
+	prefs_register_range_preference(radius_module, "ports","RADIUS ports",
76137e 
+				       "A list of UDP ports to decode as RADIUS", &global_ports_range, MAX_UDP_PORT);
76137e 
 	prefs_register_uint_preference(radius_module, "request_ttl", "Request TimeToLive",
76137e 
 				       "Time to live for a radius request used for matching it with a response", 10, &request_ttl);
76137e 
 	radius_tap = register_tap("radius");
76137e 
@@ -2134,29 +2153,32 @@ proto_reg_handoff_radius(void)
76137e 
 {
76137e 
 	static gboolean initialized = FALSE;
76137e 
 	static dissector_handle_t radius_handle;
76137e 
-	static guint alt_port;
76137e 
+	static range_t *ports_range;
76137e
76137e 
 	if (!initialized) {
76137e 
 		radius_handle = find_dissector("radius");
76137e 
-		dissector_add_uint("udp.port", UDP_PORT_RADIUS, radius_handle);
76137e 
-		dissector_add_uint("udp.port", UDP_PORT_RADIUS_NEW, radius_handle);
76137e 
-		dissector_add_uint("udp.port", UDP_PORT_RADACCT, radius_handle);
76137e 
-		dissector_add_uint("udp.port", UDP_PORT_RADACCT_NEW, radius_handle);
76137e 
-		dissector_add_uint("udp.port", UDP_PORT_DAE_OLD, radius_handle);
76137e 
-		dissector_add_uint("udp.port", UDP_PORT_DAE, radius_handle);
76137e 
-
76137e 
 		eap_handle = find_dissector("eap");
76137e
76137e 
 		initialized = TRUE;
76137e 
 	} else {
76137e 
-		if (alt_port != 0)
76137e 
-			dissector_delete_uint("udp.port", alt_port, radius_handle);
76137e 
+		dissector_delete_uint_range("udp.port", ports_range, radius_handle);
76137e 
+		g_free(ports_range);
76137e 
 	}
76137e
76137e 
-	if (alt_port_pref != 0)
76137e 
-		dissector_add_uint("udp.port", alt_port_pref, radius_handle);
76137e 
+	if (alt_port_pref != 0) {
76137e 
+		/* Append it to the range of ports but only if necessary */
76137e 
+		if (!value_is_in_range(global_ports_range, alt_port_pref)) {
76137e 
+			global_ports_range = (range_t*)g_realloc(global_ports_range,
76137e 
+					/* see epan/range.c:range_copy function */
76137e 
+					sizeof (range_t) - sizeof (range_admin_t) + (global_ports_range->nranges + 1) * sizeof (range_admin_t));
76137e 
+			global_ports_range->ranges[global_ports_range->nranges].low = alt_port_pref;
76137e 
+			global_ports_range->ranges[global_ports_range->nranges].high = alt_port_pref;
76137e 
+			global_ports_range->nranges++;
76137e 
+		}
76137e 
+	}
76137e
76137e 
-	alt_port = alt_port_pref;
76137e 
+	ports_range = range_copy(global_ports_range);
76137e 
+	dissector_add_uint_range("udp.port", ports_range, radius_handle);
76137e 
 }
76137e
76137e 
 /*

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation