/builds/wireshark/wireshark/epan/dissectors/packet-eap.c

Bug Summary

File:	builds/wireshark/wireshark/epan/dissectors/packet-eap.c
Warning:	line 1302, column 9 Value stored to 'aleft' is never read

Annotated Source Code

Press '?' to see keyboard shortcuts

Show analyzer invocation

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name packet-eap.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -fno-delete-null-pointer-checks -mframe-pointer=all -relaxed-aliasing -fmath-errno -ffp-contract=on -fno-rounding-math -ffloat16-excess-precision=fast -fbfloat16-excess-precision=fast -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/builds/wireshark/wireshark/build -fcoverage-compilation-dir=/builds/wireshark/wireshark/build -resource-dir /usr/lib/llvm-18/lib/clang/18 -isystem /usr/include/glib-2.0 -isystem /usr/lib/x86_64-linux-gnu/glib-2.0/include -isystem /usr/include/mit-krb5 -isystem /usr/include/libxml2 -isystem /builds/wireshark/wireshark/build/epan/dissectors -isystem /builds/wireshark/wireshark/epan/dissectors -isystem /builds/wireshark/wireshark/epan -D G_DISABLE_DEPRECATED -D G_DISABLE_SINGLE_INCLUDES -D WS_BUILD_DLL -D WS_DEBUG -D WS_DEBUG_UTF_8 -I /builds/wireshark/wireshark/build -I /builds/wireshark/wireshark -I /builds/wireshark/wireshark/include -D _GLIBCXX_ASSERTIONS -internal-isystem /usr/lib/llvm-18/lib/clang/18/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -fmacro-prefix-map=/builds/wireshark/wireshark/= -fmacro-prefix-map=/builds/wireshark/wireshark/build/= -fmacro-prefix-map=../= -Wno-format-truncation -Wno-format-nonliteral -Wno-pointer-sign -std=gnu11 -ferror-limit 19 -fvisibility=hidden -fwrapv -fstrict-flex-arrays=3 -stack-protector 2 -fstack-clash-protection -fcf-protection=full -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -fexceptions -fcolor-diagnostics -analyzer-output=html -dwarf-debug-flags /usr/lib/llvm-18/bin/clang -### --analyze -x c -D G_DISABLE_DEPRECATED -D G_DISABLE_SINGLE_INCLUDES -D WS_BUILD_DLL -D WS_DEBUG -D WS_DEBUG_UTF_8 -I /builds/wireshark/wireshark/build -I /builds/wireshark/wireshark -I /builds/wireshark/wireshark/include -isystem /usr/include/glib-2.0 -isystem /usr/lib/x86_64-linux-gnu/glib-2.0/include -isystem /usr/include/mit-krb5 -isystem /usr/include/libxml2 -isystem /builds/wireshark/wireshark/build/epan/dissectors -isystem /builds/wireshark/wireshark/epan/dissectors -isystem /builds/wireshark/wireshark/epan -fvisibility=hidden -fexcess-precision=fast -fstrict-flex-arrays=3 -fstack-clash-protection -fcf-protection=full -D _GLIBCXX_ASSERTIONS -fstack-protector-strong -fno-delete-null-pointer-checks -fno-strict-overflow -fno-strict-aliasing -fexceptions -Wno-format-truncation -Wno-format-nonliteral -fdiagnostics-color=always -Wno-pointer-sign -fmacro-prefix-map=/builds/wireshark/wireshark/= -fmacro-prefix-map=/builds/wireshark/wireshark/build/= -fmacro-prefix-map=../= -std=gnu11 -fPIC /builds/wireshark/wireshark/epan/dissectors/packet-eap.c -o /builds/wireshark/wireshark/sbout/2024-11-17-100340-3912-1 -Xclang -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /builds/wireshark/wireshark/sbout/2024-11-17-100340-3912-1 -x c /builds/wireshark/wireshark/epan/dissectors/packet-eap.c

1	/* packet-eap.c
2	* Routines for EAP Extensible Authentication Protocol dissection
3	* RFC 2284, RFC 3748
4	*
5	* Wireshark - Network traffic analyzer
6	* By Gerald Combs <[email protected]>
7	* Copyright 1998 Gerald Combs
8	*
9	* SPDX-License-Identifier: GPL-2.0-or-later
10	*/
11
12	#include "config.h"
13
14	#include <epan/packet.h>
15	#include <epan/conversation.h>
16	#include <epan/ppptypes.h>
17	#include <epan/reassemble.h>
18	#include <epan/eap.h>
19	#include <epan/expert.h>
20	#include <epan/proto_data.h>
21	#include <wsutil/strtoi.h>
22
23	#include "packet-eapol.h"
24	#include "packet-wps.h"
25	#include "packet-e212.h"
26	#include "packet-tls-utils.h"
27
28	void proto_register_eap(void);
29	void proto_reg_handoff_eap(void);
30
31	static int proto_eap;
32	static int hf_eap_code;
33	static int hf_eap_identifier;
34	static int hf_eap_len;
35	static int hf_eap_type;
36	static int hf_eap_type_nak;
37
38	static int hf_eap_identity;
39	static int hf_eap_identity_full;
40	static int hf_eap_identity_actual_len;
41	static int hf_eap_identity_prefix;
42	static int hf_eap_identity_type;
43	static int hf_eap_identity_certificate_sn;
44	static int hf_eap_identity_mcc;
45	static int hf_eap_identity_mcc_mnc_2digits;
46	static int hf_eap_identity_mcc_mnc_3digits;
47	static int hf_eap_identity_padding;
48
49	static int hf_eap_notification;
50
51	static int hf_eap_md5_value_size;
52	static int hf_eap_md5_value;
53	static int hf_eap_md5_extra_data;
54
55	static int hf_eap_sim_subtype;
56	static int hf_eap_sim_reserved;
57	static int hf_eap_sim_subtype_attribute;
58	static int hf_eap_sim_subtype_type;
59	static int hf_eap_sim_subtype_length;
60	static int hf_eap_sim_notification_type;
61	static int hf_eap_sim_error_code_type;
62	static int hf_eap_sim_subtype_value;
63
64	static int hf_eap_aka_subtype;
65	static int hf_eap_aka_reserved;
66	static int hf_eap_aka_subtype_attribute;
67	static int hf_eap_aka_subtype_type;
68	static int hf_eap_aka_subtype_length;
69	static int hf_eap_aka_notification_type;
70	static int hf_eap_aka_error_code_type;
71	static int hf_eap_aka_rand;
72	static int hf_eap_aka_autn;
73	static int hf_eap_aka_res_len;
74	static int hf_eap_aka_res;
75	static int hf_eap_aka_auts;
76	static int hf_eap_aka_subtype_value;
77
78	static int hf_eap_leap_version;
79	static int hf_eap_leap_reserved;
80	static int hf_eap_leap_count;
81	static int hf_eap_leap_peer_challenge;
82	static int hf_eap_leap_peer_response;
83	static int hf_eap_leap_ap_challenge;
84	static int hf_eap_leap_ap_response;
85	static int hf_eap_leap_data;
86	static int hf_eap_leap_name;
87
88	static int hf_eap_ms_chap_v2_opcode;
89	static int hf_eap_ms_chap_v2_id;
90	static int hf_eap_ms_chap_v2_length;
91	static int hf_eap_ms_chap_v2_value_size;
92	static int hf_eap_ms_chap_v2_challenge;
93	static int hf_eap_ms_chap_v2_name;
94	static int hf_eap_ms_chap_v2_peer_challenge;
95	static int hf_eap_ms_chap_v2_reserved;
96	static int hf_eap_ms_chap_v2_nt_response;
97	static int hf_eap_ms_chap_v2_flags;
98	static int hf_eap_ms_chap_v2_response;
99	static int hf_eap_ms_chap_v2_message;
100	static int hf_eap_ms_chap_v2_failure_request;
101	static int hf_eap_ms_chap_v2_data;
102
103	static int hf_eap_pax_opcode;
104	static int hf_eap_pax_flags;
105	static int hf_eap_pax_flags_mf;
106	static int hf_eap_pax_flags_ce;
107	static int hf_eap_pax_flags_ai;
108	static int hf_eap_pax_flags_reserved;
109	static int hf_eap_pax_mac_id;
110	static int hf_eap_pax_dh_group_id;
111	static int hf_eap_pax_public_key_id;
112	static int hf_eap_pax_a_len;
113	static int hf_eap_pax_a;
114	static int hf_eap_pax_b_len;
115	static int hf_eap_pax_b;
116	static int hf_eap_pax_cid_len;
117	static int hf_eap_pax_cid;
118	static int hf_eap_pax_mac_ck_len;
119	static int hf_eap_pax_mac_ck;
120	static int hf_eap_pax_ade_len;
121	static int hf_eap_pax_ade;
122	static int hf_eap_pax_mac_icv;
123
124	static int hf_eap_psk_flags;
125	static int hf_eap_psk_flags_t;
126	static int hf_eap_psk_flags_reserved;
127	static int hf_eap_psk_rand_p;
128	static int hf_eap_psk_rand_s;
129	static int hf_eap_psk_mac_p;
130	static int hf_eap_psk_mac_s;
131	static int hf_eap_psk_id_p;
132	static int hf_eap_psk_id_s;
133	static int hf_eap_psk_pchannel;
134
135	static int hf_eap_sake_version;
136	static int hf_eap_sake_session_id;
137	static int hf_eap_sake_subtype;
138	static int hf_eap_sake_attr_type;
139	static int hf_eap_sake_attr_len;
140	static int hf_eap_sake_attr_value;
141	static int hf_eap_sake_attr_value_str;
142	static int hf_eap_sake_attr_value_uint48;
143
144	static int hf_eap_gpsk_opcode;
145	static int hf_eap_gpsk_id_server_len;
146	static int hf_eap_gpsk_id_server;
147	static int hf_eap_gpsk_id_peer_len;
148	static int hf_eap_gpsk_id_peer;
149	static int hf_eap_gpsk_rand_server;
150	static int hf_eap_gpsk_rand_peer;
151	static int hf_eap_gpsk_csuite_list_len;
152	static int hf_eap_gpsk_csuite_vendor;
153	static int hf_eap_gpsk_csuite_specifier;
154	static int hf_eap_gpsk_pd_payload_len;
155	static int hf_eap_gpsk_pd_payload;
156	static int hf_eap_gpsk_payload_mac;
157	static int hf_eap_gpsk_failure_code;
158
159	static int hf_eap_msauth_tlv_mandatory;
160	static int hf_eap_msauth_tlv_reserved;
161	static int hf_eap_msauth_tlv_type;
162	static int hf_eap_msauth_tlv_len;
163	static int hf_eap_msauth_tlv_val;
164	static int hf_eap_msauth_tlv_status;
165	static int hf_eap_msauth_tlv_crypto_reserved;
166	static int hf_eap_msauth_tlv_crypto_version;
167	static int hf_eap_msauth_tlv_crypto_rcv_version;
168	static int hf_eap_msauth_tlv_crypto_subtype;
169	static int hf_eap_msauth_tlv_crypto_nonce;
170	static int hf_eap_msauth_tlv_crypto_cmac;
171
172	static int hf_eap_data;
173
174	static int ett_eap;
175	static int ett_eap_pax_flags;
176	static int ett_eap_psk_flags;
177	static int ett_eap_sake_attr;
178	static int ett_eap_gpsk_csuite_list;
179	static int ett_eap_gpsk_csuite;
180	static int ett_eap_gpsk_csuite_sel;
181	static int ett_eap_msauth_tlv;
182	static int ett_eap_msauth_tlv_tree;
183
184	static expert_field ei_eap_ms_chap_v2_length;
185	static expert_field ei_eap_mitm_attacks;
186	static expert_field ei_eap_md5_value_size_overflow;
187	static expert_field ei_eap_dictionary_attacks;
188	static expert_field ei_eap_identity_nonascii;
189	static expert_field ei_eap_identity_invalid;
190	static expert_field ei_eap_retransmission;
191	static expert_field ei_eap_bad_length;
192
193	static dissector_table_t eap_expanded_type_dissector_table;
194
195	static dissector_handle_t eap_handle;
196
197	static dissector_handle_t tls_handle;
198	static dissector_handle_t diameter_avps_handle;
199	static dissector_handle_t peap_handle;
200	static dissector_handle_t teap_handle;
201
202	static dissector_handle_t isakmp_handle;
203
204	const value_string eap_code_vals[] = {
205	{ EAP_REQUEST1, "Request" },
206	{ EAP_RESPONSE2, "Response" },
207	{ EAP_SUCCESS3, "Success" },
208	{ EAP_FAILURE4, "Failure" },
209	{ EAP_INITIATE5, "Initiate" }, /* [RFC5296] */
210	{ EAP_FINISH6, "Finish" }, /* [RFC5296] */
211	{ 0, NULL((void*)0) }
212	};
213
214	/*
215	References:
216	1) https://www.iana.org/assignments/ppp-numbers PPP EAP REQUEST/RESPONSE TYPES
217	2) https://tools.ietf.org/html/draft-ietf-pppext-rfc2284bis-02
218	3) RFC2284
219	4) RFC3748
220	5) https://www.iana.org/assignments/eap-numbers EAP registry (updated 2011-02-22)
221	6) https://tools.ietf.org/html/draft-bersani-eap-synthesis-sharedkeymethods-00
222	*/
223
224	static const value_string eap_type_vals[] = {
225	{ 1, "Identity" },
226	{ 2, "Notification" },
227	{ 3, "Legacy Nak (Response Only)" },
228	{ 4, "MD5-Challenge EAP (EAP-MD5-CHALLENGE)" },
229	{ 5, "One-Time Password EAP (EAP-OTP)" },
230	{ 6, "Generic Token Card EAP (EAP-GTC)" },
231	{ 7, "Allocated" },
232	{ 8, "Allocated" },
233	{ 9, "RSA Public Key Authentication EAP (EAP-RSA-PKA)" },
234	{ 10, "DSS Unilateral EAP (EAP-DSS)" },
235	{ 11, "KEA EAP (EAP-KEA)" },
236	{ 12, "KEA Validate EAP (EAP-KEA-VALIDATE)" },
237	{ 13, "TLS EAP (EAP-TLS)" },
238	{ 14, "Defender Token EAP (EAP-AXENT)" },
239	{ 15, "RSA Security SecurID EAP (EAP-RSA-SECURID)" },
240	{ 16, "Arcot Systems EAP (EAP-ARCOT-SYSTEMS)" },
241	{ 17, "Cisco Wireless EAP / Lightweight EAP (EAP-LEAP)" },
242	{ 18, "GSM Subscriber Identity Modules EAP (EAP-SIM)" },
243	{ 19, "Secure Remote Password SHA1 Part 1 EAP (EAP-SRP-SHA1-PART1)" },
244	{ 20, "Secure Remote Password SHA1 Part 2 EAP (EAP-SRP-SHA1-PART2)" },
245	{ 21, "Tunneled TLS EAP (EAP-TTLS)" },
246	{ 22, "Remote Access Service EAP (EAP-RAS)" },
247	{ 23, "UMTS Authentication and Key Agreement EAP (EAP-AKA)" },
248	{ 24, "3Com Wireless EAP (EAP-3COM-WIRELESS)" },
249	{ 25, "Protected EAP (EAP-PEAP)" },
250	{ 26, "MS-Authentication EAP (EAP-MS-AUTH)" },
251	{ 27, "Mutual Authentication w/Key Exchange EAP (EAP-MAKE)" },
252	{ 28, "CRYPTOCard EAP (EAP-CRYPTOCARD)" },
253	{ 29, "MS-CHAP-v2 EAP (EAP-MS-CHAP-V2)" },
254	{ 30, "DynamID EAP (EAP-DYNAMID)" },
255	{ 31, "Rob EAP (EAP-ROB)" },
256	{ 32, "Protected One-Time Password EAP (EAP-POTP)" },
257	{ 33, "MS-Authentication TLV EAP (EAP-MS-AUTH-TLV)" },
258	{ 34, "SentriNET (EAP-SENTRINET)" },
259	{ 35, "Actiontec Wireless EAP (EAP-ACTIONTEC-WIRELESS)" },
260	{ 36, "Cogent Systems Biometrics Authentication EAP (EAP-COGENT-BIOMETRIC)" },
261	{ 37, "AirFortress EAP (EAP-AIRFORTRESS)" },
262	{ 38, "HTTP Digest EAP (EAP-HTTP-DIGEST)" },
263	{ 39, "SecureSuite EAP (EAP-SECURESUITE)" },
264	{ 40, "DeviceConnect EAP (EAP-DEVICECONNECT)" },
265	{ 41, "Simple Password Exponential Key Exchange EAP (EAP-SPEKE)" },
266	{ 42, "MOBAC EAP (EAP-MOBAC)" },
267	{ 43, "Flexible Authentication via Secure Tunneling EAP (EAP-FAST)" },
268	{ 44, "ZoneLabs EAP (EAP-ZLXEAP)" },
269	{ 45, "Link EAP (EAP-LINK)" },
270	{ 46, "Password Authenticated eXchange EAP (EAP-PAX)" },
271	{ 47, "Pre-Shared Key EAP (EAP-PSK)" },
272	{ 48, "Shared-secret Authentication and Key Establishment EAP (EAP-SAKE)" },
273	{ 49, "Internet Key Exchange v2 EAP (EAP-IKEv2)" },
274	{ 50, "UMTS Authentication and Key Agreement' EAP (EAP-AKA')" },
275	{ 51, "Generalized Pre-Shared Key EAP (EAP-GPSK)" },
276	{ 52, "Password EAP (EAP-pwd)" },
277	{ 53, "Encrypted Key Exchange v1 EAP (EAP-EKEv1)" },
278	{ 55, "Tunneled EAP protocol" },
279	{ 254, "Expanded Type" },
280	{ 255, "Experimental" },
281	{ 0, NULL((void*)0) }
282	};
283	value_string_ext eap_type_vals_ext = VALUE_STRING_EXT_INIT(eap_type_vals){ _try_val_to_str_ext_init, 0, (sizeof (eap_type_vals) / sizeof ((eap_type_vals)[0]))-1, eap_type_vals, "eap_type_vals" };
284
285	static const value_string eap_identity_prefix_vals[] = {
286	{ 0x00, "Encrypted IMSI" },
287	{ '0', "EAP-AKA Permanent" },
288	{ '1', "EAP-SIM Permanent" },
289	{ '2', "EAP-AKA Pseudonym" },
290	{ '3', "EAP-SIM Pseudonym" },
291	{ '4', "EAP-AKA Reauth ID" },
292	{ '5', "EAP-SIM Reauth ID" },
293	{ '6', "EAP-AKA Prime Permanent" },
294	{ '7', "EAP-AKA Prime Pseudonym" },
295	{ '8', "EAP-AKA Prime Reauth ID" },
296	{ 'C', "Conservative Peer" },
297	{ 'a', "Anonymous Identity" },
298	{ 0, NULL((void*)0) }
299	};
300
301	const value_string eap_sim_subtype_vals[] = {
302	{ SIM_START10, "Start" },
303	{ SIM_CHALLENGE11, "Challenge" },
304	{ SIM_NOTIFICATION12, "Notification" },
305	{ SIM_RE_AUTHENTICATION13, "Re-authentication" },
306	{ SIM_CLIENT_ERROR14, "Client-Error" },
307	{ 0, NULL((void*)0) }
308	};
309
310	const value_string eap_aka_subtype_vals[] = {
311	{ AKA_CHALLENGE1, "AKA-Challenge" },
312	{ AKA_AUTHENTICATION_REJECT2, "AKA-Authentication-Reject" },
313	{ AKA_SYNCHRONIZATION_FAILURE4, "AKA-Synchronization-Failure" },
314	{ AKA_IDENTITY5, "AKA-Identity" },
315	{ AKA_NOTIFICATION12, "Notification" },
316	{ AKA_REAUTHENTICATION13, "Re-authentication" },
317	{ AKA_CLIENT_ERROR14, "Client-Error" },
318	{ 0, NULL((void*)0) }
319	};
320
321	/*
322	References:
323	1) http://www.iana.org/assignments/eapsimaka-numbers/eapsimaka-numbers.xml
324	3) RFC4186
325	3) RFC4187
326	4) RFC5448
327	5) 3GPP TS 24.302
328	6) RFC9048
329	*/
330
331	#define AT_RAND1 1
332	#define AT_AUTN2 2
333	#define AT_RES3 3
334	#define AT_AUTS4 4
335	#define AT_NOTIFICATION12 12
336	#define AT_IDENTITY14 14
337	#define AT_CLIENT_ERROR_CODE22 22
338
339	static const value_string eap_sim_aka_attribute_vals[] = {
340	{ 1, "AT_RAND" },
341	{ 2, "AT_AUTN" },
342	{ 3, "AT_RES" },
343	{ 4, "AT_AUTS" },
344	{ 6, "AT_PADDING" },
345	{ 7, "AT_NONCE_MT" },
346	{ 10, "AT_PERMANENT_ID_REQ" },
347	{ 11, "AT_MAC" },
348	{ 12, "AT_NOTIFICATION" },
349	{ 13, "AT_ANY_ID_REQ" },
350	{ 14, "AT_IDENTITY" },
351	{ 15, "AT_VERSION_LIST" },
352	{ 16, "AT_SELECTED_VERSION" },
353	{ 17, "AT_FULLAUTH_ID_REQ" },
354	{ 19, "AT_COUNTER" },
355	{ 20, "AT_COUNTER_TOO_SMALL" },
356	{ 21, "AT_NONCE_S" },
357	{ 22, "AT_CLIENT_ERROR_CODE" },
358	{ 23, "AT_KDF_INPUT"},
359	{ 24, "AT_KDF"},
360	{ 128, "Unassigned" },
361	{ 129, "AT_IV" },
362	{ 130, "AT_ENCR_DATA" },
363	{ 131, "Unassigned" },
364	{ 132, "AT_NEXT_PSEUDONYM" },
365	{ 133, "AT_NEXT_REAUTH_ID" },
366	{ 134, "AT_CHECKCODE" },
367	{ 135, "AT_RESULT_IND" },
368	{ 136, "AT_BIDDING" },
369	{ 137, "AT_IPMS_IND" },
370	{ 138, "AT_IPMS_RES" },
371	{ 139, "AT_TRUST_IND" },
372	{ 140, "AT_SHORT_NAME_FOR_NETWORK" },
373	{ 141, "AT_FULL_NAME_FOR_NETWORK" },
374	{ 142, "AT_RQSI_IND" },
375	{ 143, "AT_RQSI_RES" },
376	{ 144, "AT_TWAN_CONN_MODE" },
377	{ 145, "AT_VIRTUAL_NETWORK_ID" },
378	{ 146, "AT_VIRTUAL_NETWORK_REQ" },
379	{ 147, "AT_CONNECTIVITY_TYPE" },
380	{ 148, "AT_HANDOVER_INDICATION" },
381	{ 149, "AT_HANDOVER_SESSION_ID" },
382	{ 150, "AT_MN_SERIAL_ID" },
383	{ 151, "AT_DEVICE_IDENTITY" },
384	{ 0, NULL((void*)0) }
385	};
386	static value_string_ext eap_sim_aka_attribute_vals_ext = VALUE_STRING_EXT_INIT(eap_sim_aka_attribute_vals){ _try_val_to_str_ext_init, 0, (sizeof (eap_sim_aka_attribute_vals ) / sizeof ((eap_sim_aka_attribute_vals)[0]))-1, eap_sim_aka_attribute_vals , "eap_sim_aka_attribute_vals" };
387
388	static const value_string eap_sim_aka_notification_vals[] = {
389	{ 0, "General Failure after Authentication" },
390	{ 1026, "User has been temporarily denied access" },
391	{ 1031, "User has not subscribed to the requested service" },
392	{ 8192, "Failure to Terminate the Authentication Exchange" },
393	{16384, "General Failure" },
394	{32768, "Success" },
395	{0, NULL((void*)0) }
396	};
397
398	static const value_string eap_sim_aka_client_error_codes[] = {
399	{ 0, "Unable to process packet" },
400	{ 1, "Unsupported version" },
401	{ 2, "Insufficient number of challenges" },
402	{ 3, "RANDs are not fresh" },
403	{ 0, NULL((void*)0) }
404	};
405
406	const value_string eap_ms_chap_v2_opcode_vals[] = {
407	{ MS_CHAP_V2_CHALLENGE1, "Challenge" },
408	{ MS_CHAP_V2_RESPONSE2, "Response" },
409	{ MS_CHAP_V2_SUCCESS3, "Success" },
410	{ MS_CHAP_V2_FAILURE4, "Failure" },
411	{ MS_CHAP_V2_CHANGE_PASSWORD7, "Change-Password" },
412	{ 0, NULL((void*)0) }
413	};
414
415	#define PAX_STD_10x01 0x01
416	#define PAX_STD_20x02 0x02
417	#define PAX_STD_30x03 0x03
418	#define PAX_SEC_10x11 0x11
419	#define PAX_SEC_20x12 0x12
420	#define PAX_SEC_30x13 0x13
421	#define PAX_SEC_40x14 0x14
422	#define PAX_SEC_50x15 0x15
423	#define PAX_ACK0x21 0x21
424
425	static const value_string eap_pax_opcode_vals[] = {
426	{ PAX_STD_10x01, "STD-1" },
427	{ PAX_STD_20x02, "STD-2" },
428	{ PAX_STD_30x03, "STD-3" },
429	{ PAX_SEC_10x11, "SEC-1" },
430	{ PAX_SEC_20x12, "SEC-2" },
431	{ PAX_SEC_30x13, "SEC-3" },
432	{ PAX_SEC_40x14, "SEC-4" },
433	{ PAX_SEC_50x15, "SEC-5" },
434	{ PAX_ACK0x21, "ACK" },
435	{ 0, NULL((void*)0) }
436	};
437
438	#define EAP_PAX_FLAG_MF0x01 0x01 /* more fragments */
439	#define EAP_PAX_FLAG_CE0x02 0x02 /* certificate enabled */
440	#define EAP_PAX_FLAG_AI0x04 0x04 /* ADE included */
441	#define EAP_PAX_FLAG_RESERVED0xF8 0xF8 /* reserved */
442
443	#define PAX_MAC_ID_HMAC_SHA1_1280x01 0x01
444	#define PAX_MAC_ID_HMAC_SHA256_1280x02 0x02
445
446	static const value_string eap_pax_mac_id_vals[] = {
447	{ PAX_MAC_ID_HMAC_SHA1_1280x01, "HMAC_SHA1_128" },
448	{ PAX_MAC_ID_HMAC_SHA256_1280x02, "HMAXĆ_SHA256_128" },
449	{ 0, NULL((void*)0) }
450	};
451
452	#define PAX_DH_GROUP_ID_NONE0x00 0x00
453	#define PAX_DH_GROUP_ID_DH_140x01 0x01
454	#define PAX_DH_GROUP_ID_DH_150x02 0x02
455	#define PAX_DH_GROUP_ID_ECC_P2560x03 0x03
456
457	static const value_string eap_pax_dh_group_id_vals[] = {
458	{ PAX_DH_GROUP_ID_NONE0x00, "NONE" },
459	{ PAX_DH_GROUP_ID_DH_140x01, "2048-bit MODP Group (IANA DH Group 14)" },
460	{ PAX_DH_GROUP_ID_DH_150x02, "3072-bit MODP Group (IANA DH Group 15)" },
461	{ PAX_DH_GROUP_ID_ECC_P2560x03, "NIST ECC Group P-256" },
462	{ 0, NULL((void*)0) }
463	};
464
465	#define PAX_PUBLIC_KEY_ID_NONE0x00 0x00
466	#define PAX_PUBLIC_KEY_ID_RSAES_OAEP0x01 0x01
467	#define PAX_PUBLIC_KEY_ID_RSA_PKCS1_V1_50x02 0x02
468	#define PAX_PUBLIC_KEY_ID_EL_GAMAL_ECC_P2560x03 0x03
469
470	static const value_string eap_pax_public_key_id_vals[] = {
471	{ PAX_PUBLIC_KEY_ID_NONE0x00, "NONE" },
472	{ PAX_PUBLIC_KEY_ID_RSAES_OAEP0x01, "RSAES-OAEP" },
473	{ PAX_PUBLIC_KEY_ID_RSA_PKCS1_V1_50x02, "RSA-PKCS1-V1_5" },
474	{ PAX_PUBLIC_KEY_ID_EL_GAMAL_ECC_P2560x03, "El-Gamal Over NIST ECC Group P-256" },
475	{ 0, NULL((void*)0) }
476	};
477
478	#define EAP_PSK_FLAGS_T_MASK0xC0 0xC0
479
480	#define SAKE_CHALLENGE1 1
481	#define SAKE_CONFIRM2 2
482	#define SAKE_AUTH_REJECT3 3
483	#define SAKE_IDENTITY4 4
484
485	static const value_string eap_sake_subtype_vals[] = {
486	{ SAKE_CHALLENGE1, "SAKE/Challenge" },
487	{ SAKE_CONFIRM2, "SAKE/Confirm" },
488	{ SAKE_AUTH_REJECT3, "SAKE/Auth-Reject" },
489	{ SAKE_IDENTITY4, "SAKE/Identity" },
490	{ 0, NULL((void*)0) }
491	};
492
493	#define SAKE_AT_RAND_S1 1
494	#define SAKE_AT_RAND_P2 2
495	#define SAKE_AT_MIC_S3 3
496	#define SAKE_AT_MIC_P4 4
497	#define SAKE_AT_SERVERID5 5
498	#define SAKE_AT_PEERID6 6
499	#define SAKE_AT_SPI_S7 7
500	#define SAKE_AT_SPI_P8 8
501	#define SAKE_AT_ANY_ID_REQ9 9
502	#define SAKE_AT_PERM_ID_REQ10 10
503	#define SAKE_AT_ENCR_DATA128 128
504	#define SAKE_AT_IV129 129
505	#define SAKE_AT_PADDING130 130
506	#define SAKE_AT_NEXT_TMPID131 131
507	#define SAKE_AT_MSK_LIFE132 132
508
509	static const value_string eap_sake_attr_type_vals[] = {
510	{ SAKE_AT_RAND_S1, "Server Nonce RAND_S" },
511	{ SAKE_AT_RAND_P2, "Peer Nonce RAND_P" },
512	{ SAKE_AT_MIC_S3, "Server MIC" },
513	{ SAKE_AT_MIC_P4, "Peer MIC" },
514	{ SAKE_AT_SERVERID5, "Server FQDN" },
515	{ SAKE_AT_PEERID6, "Peer NAI (tmp, perm)" },
516	{ SAKE_AT_SPI_S7, "Server chosen SPI SPI_S" },
517	{ SAKE_AT_SPI_P8, "Peer SPI list SPI_P" },
518	{ SAKE_AT_ANY_ID_REQ9, "Requires any Peer Id (tmp, perm)" },
519	{ SAKE_AT_PERM_ID_REQ10, "Requires Peer's permanent Id/NAI" },
520	{ SAKE_AT_ENCR_DATA128, "Contains encrypted attributes" },
521	{ SAKE_AT_IV129, "IV for encrypted attributes" },
522	{ SAKE_AT_PADDING130, "Padding for encrypted attributes" },
523	{ SAKE_AT_NEXT_TMPID131, "TempID for next EAP-SAKE phase" },
524	{ SAKE_AT_MSK_LIFE132, "MSK Lifetime" },
525	{ 0, NULL((void*)0) }
526	};
527
528	#define GPSK_RESERVED0 0
529	#define GPSK_GPSK_11 1
530	#define GPSK_GPSK_22 2
531	#define GPSK_GPSK_33 3
532	#define GPSK_GPSK_44 4
533	#define GPSK_FAIL5 5
534	#define GPSK_PROTECTED_FAIL6 6
535
536	static const value_string eap_gpsk_opcode_vals[] = {
537	{ GPSK_RESERVED0, "Reserved" },
538	{ GPSK_GPSK_11, "GPSK-1" },
539	{ GPSK_GPSK_22, "GPSK-2" },
540	{ GPSK_GPSK_33, "GPSK-3" },
541	{ GPSK_GPSK_44, "GPSK-4" },
542	{ GPSK_FAIL5, "Fail" },
543	{ GPSK_PROTECTED_FAIL6, "Protected Fail" },
544	{ 0, NULL((void*)0) }
545	};
546
547	static const value_string eap_gpsk_failure_code_vals[] = {
548	{ 0x00000000, "Reserved" },
549	{ 0x00000001, "PSK Not Found" },
550	{ 0x00000002, "Authentication Failure" },
551	{ 0x00000003, "Authorization Failure" },
552	{ 0, NULL((void*)0) }
553	};
554
555	#define MSAUTH_TLV_MANDATORY0x8000 0x8000
556	#define MSAUTH_TLV_RESERVED0x4000 0x4000
557	#define MSAUTH_TLV_TYPE0x3FFF 0x3FFF
558
559	#define MSAUTH_TLV_TYPE_EXTENSION_UNASSIGNED0 0
560	#define MSAUTH_TLV_TYPE_EXTENSION_RESULT3 3
561	#define MSAUTH_TLV_TYPE_EXTENSION_CRYPTOBINDING12 12
562
563	#define MSAUTH_TLV_TYPE_EXPANDED_SOH33 33
564
565	static const value_string eap_msauth_tlv_type_vals[] = {
566	{ MSAUTH_TLV_TYPE_EXTENSION_UNASSIGNED0, "Unassigned" },
567	{ MSAUTH_TLV_TYPE_EXTENSION_RESULT3, "Result" },
568	{ MSAUTH_TLV_TYPE_EXTENSION_CRYPTOBINDING12, "Cryptobinding" },
569	{ 0, NULL((void*)0) }
570	};
571
572	static const value_string eap_msauth_tlv_status_vals[] = {
573	{ 1, "Success" },
574	{ 2, "Failure" },
575	{ 0, NULL((void*)0) }
576	};
577
578	static const value_string eap_msauth_tlv_crypto_subtype_vals[] = {
579	{ 0, "Binding Request" },
580	{ 1, "Binding Response" },
581	{ 0, NULL((void*)0) }
582	};
583
584	/*
585	* State information for EAP-TLS (RFC2716) and Lightweight EAP:
586	*
587	* http://www.missl.cs.umd.edu/wireless/ethereal/leap.txt
588	*
589	* Attach to all conversations:
590	*
591	* a sequence number to be handed to "fragment_add_seq()" as
592	* the fragment sequence number - if it's -1, no reassembly
593	* is in progress, but if it's not, it's the sequence number
594	* to use for the current fragment;
595	*
596	* a value to be handed to "fragment_add_seq()" as the
597	* reassembly ID - when a reassembly is started, it's set to
598	* the frame number of the current frame, i.e. the frame
599	* that starts the reassembly;
600	*
601	* an indication of the current state of LEAP negotiation,
602	* with -1 meaning no LEAP negotiation is in progress.
603	*
604	* Attach to frames containing fragments of EAP-TLS messages the
605	* reassembly ID for those fragments, so we can find the reassembled
606	* data after the first pass through the packets.
607	*
608	* Attach to LEAP frames the state of the LEAP negotiation when the
609	* frame was processed, so we can properly dissect
610	* the LEAP message after the first pass through the packets.
611	*
612	* Attach to all conversations both pieces of information, to keep
613	* track of EAP-TLS reassembly and the LEAP state machine.
614	*/
615
616	typedef struct {
617	int eap_tls_seq;
618	uint32_t eap_reass_cookie;
619	int leap_state;
620	int16_t last_eap_id_req; /* Last ID of the request from the authenticator. */
621	int16_t last_eap_id_resp; /* Last ID of the response from the peer. */
622	} conv_state_t;
623
624	typedef struct {
625	int info; /* interpretation depends on EAP message type */
626	} frame_state_t;
627
628	/*
629	from RFC5216, pg 21
630
631	Flags
632
633	0 1 2 3 4 5 6 7 8
634	+-+-+-+-+-+-+-+-+
635	\|L M S R R R R R\| TLS (RFC5216)
636	+-+-+-+-+-+-+-+-+
637	\|L M S R R\| V \| TTLS (RFC5281) and FAST (RFC4851)
638	+-+-+-+-+-+-+-+-+
639	\|L M S O R\| V \| TEAP (RFC7170)
640	+-+-+-+-+-+-+-+-+
641	\|L M S R R R\| V \| PEAPv0 (draft-kamath-pppext-peapv0)
642	+-+-+-+-+-+-+-+-+
643	\|L M S R R\| V \| PEAPv1 (draft-josefsson-pppext-eap-tls-eap-06) and PEAPv2 (draft-josefsson-pppext-eap-tls-eap-10)
644	+-+-+-+-+-+-+-+-+
645
646	L = Length included
647	M = More fragments
648	S = EAP-TLS start
649	O = Outer TLV length included (TEAP only)
650	R = Reserved
651	V = TTLS/FAST/TEAP/PEAP version (Reserved for TLS)
652	*/
653
654	#define EAP_TLS_FLAG_L0x80 0x80 /* Length included */
655	#define EAP_TLS_FLAG_M0x40 0x40 /* More fragments */
656	#define EAP_TLS_FLAG_S0x20 0x20 /* EAP-TLS start */
657	#define EAP_TLS_FLAG_O0x10 0x10 /* Outer TLV length included */
658
659	#define EAP_TLS_FLAGS_VERSION0x07 0x07 /* Version mask */
660
661	/*
662	* reassembly of EAP-TLS
663	*/
664	static reassembly_table eap_tls_reassembly_table;
665
666	static int hf_eap_tls_flags;
667	static int hf_eap_tls_flag_l;
668	static int hf_eap_tls_flag_m;
669	static int hf_eap_tls_flag_s;
670	static int hf_eap_tls_flag_o;
671	static int hf_eap_tls_flags_version;
672	static int hf_eap_tls_len;
673	static int hf_eap_tls_outer_tlvs_len;
674	static int hf_eap_tls_fragment;
675	static int hf_eap_tls_fragments;
676	static int hf_eap_tls_fragment_overlap;
677	static int hf_eap_tls_fragment_overlap_conflict;
678	static int hf_eap_tls_fragment_multiple_tails;
679	static int hf_eap_tls_fragment_too_long_fragment;
680	static int hf_eap_tls_fragment_error;
681	static int hf_eap_tls_fragment_count;
682	static int hf_eap_tls_reassembled_in;
683	static int hf_eap_tls_reassembled_length;
684	static int hf_eap_fast_type;
685	static int hf_eap_fast_length;
686	static int hf_eap_fast_aidd;
687	static int ett_eap_tls_fragment;
688	static int ett_eap_tls_fragments;
689	static int ett_eap_sim_attr;
690	static int ett_eap_aka_attr;
691	static int ett_eap_exp_attr;
692	static int ett_eap_tls_flags;
693	static int ett_identity;
694	static int ett_eap_ikev2_flags;
695
696	static const fragment_items eap_tls_frag_items = {
697	&ett_eap_tls_fragment,
698	&ett_eap_tls_fragments,
699	&hf_eap_tls_fragments,
700	&hf_eap_tls_fragment,
701	&hf_eap_tls_fragment_overlap,
702	&hf_eap_tls_fragment_overlap_conflict,
703	&hf_eap_tls_fragment_multiple_tails,
704	&hf_eap_tls_fragment_too_long_fragment,
705	&hf_eap_tls_fragment_error,
706	&hf_eap_tls_fragment_count,
707	&hf_eap_tls_reassembled_in,
708	&hf_eap_tls_reassembled_length,
709	/* Reassembled data field */
710	NULL((void*)0),
711	"fragments"
712	};
713
714
715	/*
716	* EAP-IKE2, RFC5106
717	*/
718
719	/*
720	RFC5106, 8.1, page 17
721
722	0 1 2 3 4 5 6 7
723	+-+-+-+-+-+-+-+-+
724	\|L M I 0 0 0 0 0\|
725	+-+-+-+-+-+-+-+-+
726
727	L = Length included
728	M = More fragments
729	I = Integrity Checksum Data included
730	*/
731	#define EAP_IKEV2_FLAG_L0x80 0x80 /* Length included */
732	#define EAP_IKEV2_FLAG_M0x40 0x40 /* More fragments */
733	#define EAP_IKEV2_FLAG_I0x20 0x20 /* Integrity checksum data included */
734
735	static int hf_eap_ikev2_flags;
736	static int hf_eap_ikev2_flag_l;
737	static int hf_eap_ikev2_flag_m;
738	static int hf_eap_ikev2_flag_i;
739	static int hf_eap_ikev2_len;
740	static int hf_eap_ikev2_int_chk_data;
741
742	/**********************************************************************
743	Support for EAP Expanded Type.
744
745	Currently this is limited to WifiProtectedSetup. Maybe we need
746	a generic method to support EAP extended types ?
747	*********************************************************************/
748	static int hf_eap_ext_vendor_id;
749	static int hf_eap_ext_vendor_type;
750
751	static const value_string eap_ext_vendor_id_vals[] = {
752	{ WFA_VENDOR_ID0x00372A, "WFA" },
753	{ 0, NULL((void*)0) }
754	};
755
756	static const value_string eap_ext_vendor_type_vals[] = {
757	{ WFA_SIMPLECONFIG_TYPE0x1, "SimpleConfig" },
758	{ 0, NULL((void*)0) }
759	};
760
761	static void
762	dissect_exteap(proto_tree eap_tree, tvbuff_t tvb, int offset,
763	int size _U___attribute__((unused)), packet_info* pinfo, uint8_t eap_code, uint8_t eap_identifier)
764	{
765	tvbuff_t *next_tvb;
766	uint32_t vendor_id;
767	uint32_t vendor_type;
768	eap_vendor_context *vendor_context;
769
770	vendor_context = wmem_new(pinfo->pool, eap_vendor_context)((eap_vendor_context*)wmem_alloc((pinfo->pool), sizeof(eap_vendor_context )));
771
772	proto_tree_add_item_ret_uint(eap_tree, hf_eap_ext_vendor_id, tvb, offset, 3, ENC_BIG_ENDIAN0x00000000, &vendor_id);
773	offset += 3;
774
775	proto_tree_add_item_ret_uint(eap_tree, hf_eap_ext_vendor_type, tvb, offset, 4, ENC_BIG_ENDIAN0x00000000, &vendor_type);
776	offset += 4;
777
778	vendor_context->eap_code = eap_code;
779	vendor_context->eap_identifier = eap_identifier;
780	vendor_context->vendor_id = vendor_id;
781	vendor_context->vendor_type = vendor_type;
782
783	next_tvb = tvb_new_subset_remaining(tvb, offset);
784	if (!dissector_try_uint_with_data(eap_expanded_type_dissector_table,
785	vendor_id, next_tvb, pinfo, eap_tree,
786	false0, vendor_context)) {
787	call_data_dissector(next_tvb, pinfo, eap_tree);
788	}
789	}
790	/* *********************************************************************
791	********************************************************************* */
792
793	static void
794	dissect_eap_mschapv2(proto_tree eap_tree, tvbuff_t tvb, packet_info *pinfo, int offset,
795	int size)
796	{
797	proto_item *item;
798	int left = size;
799	int ms_len;
800	uint8_t value_size;
801	uint8_t opcode;
802
803	/* OpCode (1 byte), MS-CHAPv2-ID (1 byte), MS-Length (2 bytes), Data */
804	opcode = tvb_get_uint8(tvb, offset);
805	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_opcode, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
806	offset += 1;
807	left -= 1;
808	if (left <= 0)
809	return;
810
811	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_id, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
812	offset += 1;
813	left -= 1;
814	if (left <= 0)
815	return;
816
817	item = proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_length, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000);
818	ms_len = tvb_get_ntohs(tvb, offset);
819	if (ms_len != size)
820	expert_add_info(pinfo, item, &ei_eap_ms_chap_v2_length);
821	offset += 2;
822	left -= 2;
823
824	switch (opcode) {
825	case MS_CHAP_V2_CHALLENGE1:
826	if (left <= 0)
827	break;
828	value_size = tvb_get_uint8(tvb, offset);
829	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_value_size,
830	tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
831	offset += 1;
832	left -= 1;
833	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_challenge,
834	tvb, offset, value_size, ENC_NA0x00000000);
835	offset += value_size;
836	left -= value_size;
837	if (left <= 0)
838	break;
839	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_name,
840	tvb, offset, left, ENC_ASCII0x00000000);
841	break;
842	case MS_CHAP_V2_RESPONSE2:
843	if (left <= 0)
844	break;
845	value_size = tvb_get_uint8(tvb, offset);
846	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_value_size,
847	tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
848	offset += 1;
849	left -= 1;
850	if (value_size == 49) {
851	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_peer_challenge,
852	tvb, offset, 16, ENC_NA0x00000000);
853	offset += 16;
854	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_reserved,
855	tvb, offset, 8, ENC_NA0x00000000);
856	offset += 8;
857	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_nt_response,
858	tvb, offset, 24, ENC_NA0x00000000);
859	offset += 24;
860	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_flags,
861	tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
862	offset += 1;
863	left -= value_size;
864	} else {
865	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_response, tvb, offset, value_size, ENC_NA0x00000000);
866	offset += value_size;
867	left -= value_size;
868	}
869	if (left <= 0)
870	break;
871	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_name, tvb, offset, left, ENC_ASCII0x00000000);
872	break;
873	case MS_CHAP_V2_SUCCESS3:
874	if (left <= 0)
875	break;
876	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_message,
877	tvb, offset, left, ENC_ASCII0x00000000);
878	break;
879	case MS_CHAP_V2_FAILURE4:
880	if (left <= 0)
881	break;
882	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_failure_request,
883	tvb, offset, left, ENC_ASCII0x00000000);
884	break;
885	default:
886	proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_data, tvb, offset, left, ENC_NA0x00000000);
887	break;
888	}
889	}
890
891	static bool_Bool
892	realm_is_3gpp(char** realm_tokens, unsigned *nrealm_tokensp)
893	{
894	unsigned nrealm_tokens = g_strv_length(realm_tokens);
895	if (nrealm_tokensp) {
896	*nrealm_tokensp = nrealm_tokens;
897	}
898
899	if (nrealm_tokens < 5 \|\|
900	g_ascii_strncasecmp(realm_tokens[nrealm_tokens - 4], "mnc", 3) \|\|
901	g_ascii_strncasecmp(realm_tokens[nrealm_tokens - 3], "mcc", 3) \|\|
902	g_ascii_strncasecmp(realm_tokens[nrealm_tokens - 2], "3gppnetwork", 11) \|\|
903	g_ascii_strncasecmp(realm_tokens[nrealm_tokens - 1], "org", 3)) {
904	return false0;
905	}
906	return true1;
907	}
908
909	/* Dissect the 3GPP identity */
910	bool_Bool
911	dissect_eap_identity_3gpp(tvbuff_t tvb, packet_info pinfo, proto_tree* tree, int offset, int size)
912	{
913	unsigned mnc = 0;
914	unsigned mcc = 0;
915	unsigned mcc_mnc = 0;
916	proto_tree* eap_identity_tree = NULL((void*)0);
917	uint32_t eap_identity_prefix = 0;
918	uint8_t* identity = NULL((void*)0);
919	char** tokens = NULL((void*)0);
920	char** realm_tokens = NULL((void*)0);
921	unsigned ntokens = 0;
922	unsigned nrealm_tokens = 0;
923	const char* mnc_token;
924	const char* mcc_token;
925	bool_Bool ret = false0;
926	int hf_eap_identity_mcc_mnc;
927	proto_item* item;
928
929	/* See 3GPP TS 23.003, 3GPP TS 29.273, and RFCs 4186, 4187, 5247, 9048.
930	*
931	* XXX - The possible use of "Decorated NAIs" (prepending a string for
932	* source routing as described in RFC 4282 Section 2.7) is not handled
933	* here. We would need to process '!' as a delimiter in the username.
934	*/
935
936	/* Check for Encrypted IMSI - NULL prefix byte */
937	if (tvb_get_uint8(tvb, offset) == 0x00) {
938	/* Check if the identity string complies with ASCII character set. Encrypted IMSI
939	* identities use Base64 encoding and should therefore be ASCII-compliant.
940	*/
941	if (size < 2 \|\| tvb_ascii_isprint(tvb, offset + 1, size - 1) == false0) {
942	goto end;
943	}
944	identity = tvb_get_string_enc(pinfo->pool, tvb, offset + 1, size - 1, ENC_ASCII0x00000000);
945	/* Encrypted IMSIs must be delimited twice:
946	* (1) Once to tokenize the 3GPP realm from the Certificate Serial Number
947	* using the ',' character
948	* (2) Once to tokenize the 3GPP realm using the '@' character
949	*/
950	tokens = g_strsplit_set(identity, ",", -1);
951
952	ntokens = g_strv_length(tokens);
953	if (ntokens < 2 \|\| g_ascii_strncasecmp(tokens[1], "CertificateSerialNumber=", strlen("CertificateSerialNumber="))) {
954	goto end;
955	}
956
957	/* The Realm is optional in the Encrypted IMSI format, apparently.
958	* So add the prefix, identity, and cert before checking for the realm.
959	* Consider the dissection successful and return true from this point.
960	*/
961	ret = true1;
962
963	/* Skip the null byte when adding the full identity to avoid an expert info.
964	* (Does escaping it make sense?)
965	*/
966	item = proto_tree_add_item(tree, hf_eap_identity_full, tvb, offset + 1, size - 1, ENC_ASCII0x00000000);
967	eap_identity_tree = proto_item_add_subtree(item, ett_identity);
968	proto_tree_add_item_ret_uint(eap_identity_tree, hf_eap_identity_prefix, tvb, offset, 1, ENC_NA0x00000000, &eap_identity_prefix);
969	item = proto_tree_add_string(eap_identity_tree, hf_eap_identity_type,
970	tvb, offset, 1, val_to_str_const(eap_identity_prefix, eap_identity_prefix_vals, "Unknown"));
971	offset += 1;
972	size -= 1;
973
974	#if 0
975	/* XXX - Would adding the Base64 decoded (but still encrypted) IMSI
976	* be of any use?
977	*/
978	tvbuff_t *decoded_tvb = base64_to_tvb(tvb, tokens[0]);
979	if (tvb_reported_length(decoded_tvb)) {
980	add_new_data_source(pinfo, decoded_tvb, "Encrypted IMSI");
981	}
982	#endif
983
984	/* We have already checked above that the identity was valid ASCII so
985	* offsets in the tokens are the same as in the TVB. */
986	proto_tree_add_item(eap_identity_tree, hf_eap_identity, tvb, offset, (int)strlen(tokens[0]), ENC_ASCII0x00000000);
987	offset += (int)(strlen(tokens[0]) + 1 + strlen("CertificateSerialNumber="));
988	const char* cert = tokens[1] + strlen("CertificateSerialNumber=");
989
990	/* Add Certificate Serial Number to the tree */
991	proto_tree_add_item(eap_identity_tree, hf_eap_identity_certificate_sn, tvb,
992	offset, (int)strlen(cert), ENC_ASCII0x00000000);
993
994	/* Check for the optional NAI Realm string */
995	if (ntokens != 3 \|\| g_ascii_strncasecmp(tokens[2], "Realm=", 6)) {
996	goto end;
997	}
998
999	const char* realm = strchr(tokens[2], '@');
1000	if (!realm) {
1001	goto end;
1002	}
1003
1004	realm += 1;
1005	realm_tokens = g_strsplit_set(realm, ".", -1);
1006
1007	/* Check for a realm of the form
1008	.mnc<mnc>.mcc<mcc>.3gppnetwork.org
1009	*/
1010	if (!realm_is_3gpp(realm_tokens, &nrealm_tokens)) {
1011	goto end;
1012	}
1013	} else {
1014	/* Check if identity string complies with ASCII character set */
1015	if (tvb_ascii_isprint(tvb, offset, size) == false0) {
1016	goto end;
1017	}
1018	/* All other identities may be delimited with the '@' character */
1019	identity = tvb_get_string_enc(pinfo->pool, tvb, offset, size, ENC_ASCII0x00000000);
1020	tokens = g_strsplit_set(identity, "@", -1);
1021
1022	ntokens = g_strv_length(tokens);
1023	/* tokens[0] is the identity, tokens[1] is the NAI Realm */
1024	if (ntokens != 2) {
1025	goto end;
1026	}
1027
1028	/* Check for valid EAP Identity strings based on tokens and 3GPP-format */
1029	realm_tokens = g_strsplit_set(tokens[1], ".", -1);
1030
1031	/* The identity must have the form of
1032	<username>@...mnc<mnc>.mcc<mcc>.3gppnetwork.org
1033	If not, we don't have a 3GPP identity.
1034	*/
1035	if (!realm_is_3gpp(realm_tokens, &nrealm_tokens)) {
1036	goto end;
1037	}
1038
1039	const char* label = realm_tokens[nrealm_tokens - 5];
1040
1041	/* We have a 3GPP realm. Add the full identity, and a tree to add the
1042	* MNC and MCC below.
1043	*/
1044	ret = true1;
1045	item = proto_tree_add_item(tree, hf_eap_identity_full, tvb, offset, size, ENC_ASCII0x00000000);
1046	eap_identity_tree = proto_item_add_subtree(item, ett_identity);
1047
1048	if ((g_ascii_strncasecmp(label, "wlan", 4) == 0) \|\|
1049	(g_ascii_strncasecmp(label, "epc", 3) == 0) \|\|
1050	(g_ascii_strncasecmp(label, "gan", 3) == 0)) {
1051
1052	/* It is very likely that we have an identity (EAP-AKA/EAP-SIM) using
1053	* a single-character prefix. (XXX - Perhaps not all of these should
1054	* be treated as prefixes. GAN might not use the prefix for fast
1055	* re-authentication.) */
1056	proto_tree_add_item_ret_uint(eap_identity_tree, hf_eap_identity_prefix, tvb, offset, 1, ENC_NA0x00000000, &eap_identity_prefix);
1057	item = proto_tree_add_string(eap_identity_tree, hf_eap_identity_type,
1058	tvb, offset, 1, val_to_str_const(eap_identity_prefix, eap_identity_prefix_vals, "Unknown"));
1059
1060	switch(eap_identity_prefix) {
1061	case '0': /* EAP-AKA Permanent */
1062	case '1': /* EAP-SIM Permanent */
1063	case '6': /* EAP-AKA' Permanent */
1064	dissect_e212_utf8_imsi(tvb, pinfo, eap_identity_tree, offset + 1, (unsigned)strlen(tokens[0]) - 1);
1065	break;
1066	case '2': /* EAP-AKA Pseudonym */
1067	case '3': /* EAP-SIM Pseudonym */
1068	case '7': /* EAP-AKA' Pseudonym */
1069	proto_tree_add_item(eap_identity_tree, hf_eap_identity, tvb, offset + 1, (unsigned)strlen(tokens[0]) - 1, ENC_ASCII0x00000000);
1070	break;
1071	case '4': /* EAP-AKA Reauth ID */
1072	case '5': /* EAP-SIM Reauth ID */
1073	case '8': /* EAP-AKA' Reauth ID */
1074	proto_tree_add_item(eap_identity_tree, hf_eap_identity, tvb, offset + 1, (unsigned)strlen(tokens[0]) - 1, ENC_ASCII0x00000000);
1075	break;
1076	case 'C': /* Conservative Peer */
1077	proto_tree_add_item(eap_identity_tree, hf_eap_identity, tvb, offset + 1, (unsigned)strlen(tokens[0]) - 1, ENC_ASCII0x00000000);
1078	break;
1079	case 'a': /* Anonymous User */
1080	/* This is not really a prefix, just a username "anonymous" */
1081	proto_tree_add_item(eap_identity_tree, hf_eap_identity, tvb, offset, (unsigned)strlen(tokens[0]), ENC_ASCII0x00000000);
1082	break;
1083	case 'G': /* TODO: 'G' Unknown */
1084	case 'I': /* TODO: 'I' Unknown */
1085	default:
1086	proto_tree_add_item(eap_identity_tree, hf_eap_identity, tvb, offset + 1, (unsigned)strlen(tokens[0]) - 1, ENC_ASCII0x00000000);
1087	expert_add_info(pinfo, item, &ei_eap_identity_invalid);
1088	}
1089	} else {
1090	/* It's a 3GPP realm, but probably not using a prefix, e.g. in 5G. */
1091	proto_tree_add_item(eap_identity_tree, hf_eap_identity, tvb, offset, (int)strlen(tokens[0]), ENC_ASCII0x00000000);
1092	}
1093	}
1094
1095	/* EAP identities do not always equate to IMSIs. We should
1096	* still add the MCC and MNC values if present. */
1097	mnc_token = realm_tokens[nrealm_tokens - 4];
1098	mcc_token = realm_tokens[nrealm_tokens - 3];
1099	if (!ws_strtou(mnc_token + 3, NULL((void)0), &mnc) \|\| !ws_strtou(mcc_token + 3, NULL((void)0), &mcc)) {
1100	goto end;
1101	}
1102
1103	if (!try_val_to_str_ext(mcc * 100 + mnc, &mcc_mnc_2digits_codes_ext)) {
1104	/* May have
1105	* (1) an invalid 2-digit MNC so it won't resolve,
1106	* (2) an invalid 3-digit MNC so it won't resolve, or
1107	* (3) a valid 3-digit MNC.
1108	* For all cases we treat as 3-digit MNC and continue. */
1109	mcc_mnc = 1000 * mcc + mnc;
1110	hf_eap_identity_mcc_mnc = hf_eap_identity_mcc_mnc_3digits;
1111	} else {
1112	/* We got a 2-digit MNC match */
1113	mcc_mnc = 100 * mcc + mnc;
1114	hf_eap_identity_mcc_mnc = hf_eap_identity_mcc_mnc_2digits;
1115	}
1116
1117	offset = tvb_find_uint8(tvb, offset, size, '@');
1118	if (offset != -1) {
1119	/* Should always be true. */
1120	offset += 1;
1121	for (int i = 0; realm_tokens[i] != mnc_token; ++i) {
1122	offset += (int)(strlen(realm_tokens[i])) + 1;
1123	}
1124	/* XXX - This presentation order is the opposite of the "usual" one.
1125	* Move the MCC item above after adding? (#16538)
1126	*/
1127	/* Add MNC to tree */
1128	proto_tree_add_uint(eap_identity_tree, hf_eap_identity_mcc_mnc, tvb,
1129	offset + (int)strlen("mnc"), (int)strlen(mnc_token) - (int)strlen("mnc"), mcc_mnc);
1130	offset += (int)strlen(mnc_token) + 1;
1131	/* Add MCC to tree */
1132	proto_tree_add_uint(eap_identity_tree, hf_eap_identity_mcc, tvb,
1133	offset + (int)strlen("mcc"), (int)strlen(mcc_token) - (int)strlen("mcc"), mcc);
1134	}
1135
1136	end:
1137	g_strfreev(tokens);
1138	g_strfreev(realm_tokens);
1139
1140	return ret;
1141	}
1142
1143	static void
1144	dissect_eap_identity(tvbuff_t tvb, packet_info pinfo, proto_tree* tree, int offset, int size)
1145	{
1146	proto_item *item;
1147	/*
1148	* Try to dissect as a 3GPP identity.
1149	*
1150	* XXX - what other types of identity are there?
1151	*/
1152	if (!dissect_eap_identity_3gpp(tvb, pinfo, tree, offset, size)) {
1153	item = proto_tree_add_item(tree, hf_eap_identity, tvb, offset, size, ENC_ASCII0x00000000);
1154	/* XXX - RFC 7542 revises earlier standards by allowing UTF-8 in the
1155	* NAI (username and realm); if this happens in EAP, remove the expert info. */
1156	if (tvb_ascii_isprint(tvb, offset, size) == false0) {
1157	expert_add_info(pinfo, item, &ei_eap_identity_nonascii);
1158	}
1159	}
1160	}
1161
1162	static void
1163	dissect_eap_sim(proto_tree eap_tree, tvbuff_t tvb, packet_info* pinfo, int offset, int size)
1164	{
1165	int left = size;
1166
1167	proto_tree_add_item(eap_tree, hf_eap_sim_subtype, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
1168
1169	offset += 1;
1170	left -= 1;
1171
1172	if (left < 2)
1173	return;
1174	proto_tree_add_item(eap_tree, hf_eap_sim_reserved, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000);
1175	offset += 2;
1176	left -= 2;
1177
1178	/* Rest of EAP-SIM data is in Type-Len-Value format. */
1179	while (left >= 2) {
1180	uint8_t type, length;
1181	int padding;
1182	proto_item *pi;
1183	proto_tree *attr_tree;
1184	int aoffset;
1185	int aleft;
1186
1187	aoffset = offset;
1188	type = tvb_get_uint8(tvb, aoffset);
1189	length = tvb_get_uint8(tvb, aoffset + 1);
1190	aleft = 4 * length;
1191
1192	pi = proto_tree_add_none_format(eap_tree, hf_eap_sim_subtype_attribute, tvb,
1193	aoffset, aleft, "EAP-SIM Attribute: %s (%d)",
1194	val_to_str_ext_const(type,
1195	&eap_sim_aka_attribute_vals_ext,
1196	"Unknown"),
1197	type);
1198	attr_tree = proto_item_add_subtree(pi, ett_eap_sim_attr);
1199	proto_tree_add_uint(attr_tree, hf_eap_sim_subtype_type, tvb, aoffset, 1, type);
1200	aoffset += 1;
1201	aleft -= 1;
1202
1203	if (aleft <= 0)
1204	break;
1205	proto_tree_add_item(attr_tree, hf_eap_sim_subtype_length, tvb, aoffset, 1, ENC_BIG_ENDIAN0x00000000);
1206	aoffset += 1;
1207	aleft -= 1;
1208
1209	switch(type){
1210	case AT_IDENTITY14:
1211	proto_tree_add_item(attr_tree, hf_eap_identity_actual_len, tvb, aoffset, 2, ENC_BIG_ENDIAN0x00000000);
1212	dissect_eap_identity(tvb, pinfo, attr_tree, aoffset + 2, tvb_get_ntohs(tvb, aoffset));
1213	/* If we have a disparity between the EAP-SIM length (minus the
1214	* first 4 bytes of header fields) * 4 and the Identity Actual
1215	* Length then it's padding and we need to adjust for that
1216	* accurately before looking at the next EAP-SIM attribute. */
1217	padding = ((length - 1) * 4) - tvb_get_ntohs(tvb, aoffset);
1218	if (padding != 0) {
1219	proto_tree_add_item(attr_tree, hf_eap_identity_padding, tvb,
1220	aoffset + 2 + tvb_get_ntohs(tvb, aoffset), padding, ENC_NA0x00000000);
1221	}
1222	break;
1223	case AT_NOTIFICATION12:
1224	proto_tree_add_item(attr_tree, hf_eap_sim_notification_type, tvb, aoffset, 2, ENC_BIG_ENDIAN0x00000000);
1225	break;
1226	case AT_CLIENT_ERROR_CODE22:
1227	proto_tree_add_item(attr_tree, hf_eap_sim_error_code_type, tvb, aoffset, 2, ENC_BIG_ENDIAN0x00000000);
1228	break;
1229	default:
1230	proto_tree_add_item(attr_tree, hf_eap_sim_subtype_value, tvb, aoffset, aleft, ENC_NA0x00000000);
1231	}
1232
1233	offset += 4 * length;
1234	left -= 4 * length;
1235	}
1236	}
1237
1238	static void
1239	dissect_eap_aka(proto_tree eap_tree, tvbuff_t tvb, packet_info* pinfo, int offset, int size)
1240	{
1241	int left = size;
1242
1243	proto_tree_add_item(eap_tree, hf_eap_aka_subtype, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
1244
1245	offset += 1;
1246	left -= 1;
1247
1248	if (left < 2)
1249	return;
1250	proto_tree_add_item(eap_tree, hf_eap_aka_reserved, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000);
1251	offset += 2;
1252	left -= 2;
1253
1254	/* Rest of EAP-AKA data is in Type-Len-Value format. */
1255	while (left >= 2) {
1256	uint8_t type, length;
1257	uint32_t actual_length;
1258	int padding;
1259	proto_item *pi;
1260	proto_tree *attr_tree;
1261	int aoffset;
1262	int aleft;
1263
1264	aoffset = offset;
1265	type = tvb_get_uint8(tvb, aoffset);
1266	length = tvb_get_uint8(tvb, aoffset + 1);
1267	aleft = 4 * length;
1268
1269	pi = proto_tree_add_none_format(eap_tree, hf_eap_aka_subtype_attribute, tvb,
1270	aoffset, aleft, "EAP-AKA Attribute: %s (%d)",
1271	val_to_str_ext_const(type,
1272	&eap_sim_aka_attribute_vals_ext,
1273	"Unknown"),
1274	type);
1275	attr_tree = proto_item_add_subtree(pi, ett_eap_aka_attr);
1276	proto_tree_add_uint(attr_tree, hf_eap_aka_subtype_type, tvb, aoffset, 1, type);
1277	aoffset += 1;
1278	aleft -= 1;
1279
1280	if (aleft <= 0)
1281	break;
1282	proto_tree_add_item(attr_tree, hf_eap_aka_subtype_length, tvb, aoffset, 1, ENC_BIG_ENDIAN0x00000000);
1283	aoffset += 1;
1284	aleft -= 1;
1285
1286	switch(type){
1287	case AT_RAND1:
1288	proto_tree_add_item(attr_tree, hf_eap_aka_reserved, tvb, aoffset, 2, ENC_BIG_ENDIAN0x00000000);
1289	aoffset += 2;
1290	aleft -= 2;
1291	proto_tree_add_item(attr_tree, hf_eap_aka_rand, tvb, aoffset, aleft, ENC_NA0x00000000);
1292	break;
1293	case AT_AUTN2:
1294	proto_tree_add_item(attr_tree, hf_eap_aka_reserved, tvb, aoffset, 2, ENC_BIG_ENDIAN0x00000000);
1295	aoffset += 2;
1296	aleft -= 2;
1297	proto_tree_add_item(attr_tree, hf_eap_aka_autn, tvb, aoffset, aleft, ENC_NA0x00000000);
1298	break;
1299	case AT_RES3:
1300	proto_tree_add_item_ret_uint(attr_tree, hf_eap_aka_res_len, tvb, aoffset, 2, ENC_BIG_ENDIAN0x00000000, &actual_length);
1301	aoffset += 2;
1302	aleft -= 2;
	Value stored to 'aleft' is never read
1303	proto_tree_add_bits_item(attr_tree, hf_eap_aka_res, tvb, aoffset << 3, actual_length, ENC_NA0x00000000);
1304	break;
1305	case AT_AUTS4:
1306	proto_tree_add_item(attr_tree, hf_eap_aka_auts, tvb, aoffset, aleft, ENC_NA0x00000000);
1307	break;
1308	case AT_IDENTITY14:
1309	proto_tree_add_item_ret_uint(attr_tree, hf_eap_identity_actual_len, tvb, aoffset, 2, ENC_BIG_ENDIAN0x00000000, &actual_length);
1310	dissect_eap_identity(tvb, pinfo, attr_tree, aoffset + 2, actual_length);
1311	/* If we have a disparity between the EAP-AKA length (minus the
1312	* first 4 bytes of header fields) * 4 and the Identity Actual
1313	* Length then it's padding and we need to adjust for that
1314	* accurately before looking at the next EAP-AKA attribute. */
1315	padding = ((length - 1) * 4) - actual_length;
1316	if (padding != 0) {
1317	proto_tree_add_item(attr_tree, hf_eap_identity_padding, tvb,
1318	aoffset + 2 + actual_length, padding, ENC_NA0x00000000);
1319	}
1320	break;
1321	case AT_NOTIFICATION12:
1322	proto_tree_add_item(attr_tree, hf_eap_aka_notification_type, tvb, aoffset, 2, ENC_BIG_ENDIAN0x00000000);
1323	break;
1324	case AT_CLIENT_ERROR_CODE22:
1325	proto_tree_add_item(attr_tree, hf_eap_aka_error_code_type, tvb, aoffset, 2, ENC_BIG_ENDIAN0x00000000);
1326	break;
1327	default:
1328	proto_tree_add_item(attr_tree, hf_eap_aka_subtype_value, tvb, aoffset, aleft, ENC_NA0x00000000);
1329	}
1330
1331	offset += 4 * length;
1332	left -= 4 * length;
1333	}
1334	}
1335
1336	static int
1337	dissect_eap_pax(proto_tree eap_tree, tvbuff_t tvb, packet_info *pinfo, int offset, int size)
1338	{
1339	static int * const pax_flags[] = {
1340	&hf_eap_pax_flags_mf,
1341	&hf_eap_pax_flags_ce,
1342	&hf_eap_pax_flags_ai,
1343	&hf_eap_pax_flags_reserved,
1344	NULL((void*)0)
1345	};
1346	uint32_t opcode;
1347	uint64_t flags;
1348	uint32_t len;
1349
1350	proto_tree_add_item_ret_uint(eap_tree, hf_eap_pax_opcode, tvb, offset, 1, ENC_NA0x00000000, &opcode);
1351	offset++;
1352
1353	col_append_fstr(pinfo->cinfo, COL_INFO, " %s",
1354	val_to_str(opcode, eap_pax_opcode_vals, "Unknown opcode (0x%02X)"));
1355
1356	proto_tree_add_bitmask_ret_uint64(eap_tree, tvb, offset, hf_eap_pax_flags, ett_eap_pax_flags,
1357	pax_flags, ENC_BIG_ENDIAN0x00000000, &flags);
1358	offset++;
1359
1360	proto_tree_add_item(eap_tree, hf_eap_pax_mac_id, tvb, offset, 1, ENC_NA0x00000000);
1361	offset++;
1362
1363	proto_tree_add_item(eap_tree, hf_eap_pax_dh_group_id, tvb, offset, 1, ENC_NA0x00000000);
1364	offset++;
1365
1366	proto_tree_add_item(eap_tree, hf_eap_pax_public_key_id, tvb, offset, 1, ENC_NA0x00000000);
1367	offset++;
1368
1369	switch (opcode) {
1370	case PAX_STD_10x01:
1371	proto_tree_add_item_ret_uint(eap_tree, hf_eap_pax_a_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1372	offset += 2;
1373	proto_tree_add_item(eap_tree, hf_eap_pax_a, tvb, offset, len, ENC_NA0x00000000);
1374	offset += len;
1375	len = 5 + size - offset;
1376	proto_tree_add_item(eap_tree, hf_eap_pax_mac_icv, tvb, offset, len, ENC_NA0x00000000);
1377	offset += len;
1378	break;
1379	case PAX_STD_20x02:
1380	proto_tree_add_item_ret_uint(eap_tree, hf_eap_pax_b_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1381	offset += 2;
1382	proto_tree_add_item(eap_tree, hf_eap_pax_b, tvb, offset, len, ENC_NA0x00000000);
1383	offset += len;
1384	proto_tree_add_item_ret_uint(eap_tree, hf_eap_pax_cid_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1385	offset += 2;
1386	proto_tree_add_item(eap_tree, hf_eap_pax_cid, tvb, offset, len, ENC_ASCII0x00000000 \| ENC_NA0x00000000);
1387	offset += len;
1388	proto_tree_add_item_ret_uint(eap_tree, hf_eap_pax_mac_ck_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1389	offset += 2;
1390	proto_tree_add_item(eap_tree, hf_eap_pax_mac_ck, tvb, offset, len, ENC_NA0x00000000);
1391	offset += len;
1392	if (flags & EAP_PAX_FLAG_AI0x04) {
1393	proto_tree_add_item_ret_uint(eap_tree, hf_eap_pax_ade_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1394	offset += 2;
1395	proto_tree_add_item(eap_tree, hf_eap_pax_ade, tvb, offset, len, ENC_NA0x00000000);
1396	offset += len;
1397	}
1398	len = 5 + size - offset;
1399	proto_tree_add_item(eap_tree, hf_eap_pax_mac_icv, tvb, offset, len, ENC_NA0x00000000);
1400	offset += len;
1401	break;
1402	case PAX_STD_30x03:
1403	proto_tree_add_item_ret_uint(eap_tree, hf_eap_pax_mac_ck_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1404	offset += 2;
1405	proto_tree_add_item(eap_tree, hf_eap_pax_mac_ck, tvb, offset, len, ENC_NA0x00000000);
1406	offset += len;
1407	if (flags & EAP_PAX_FLAG_AI0x04) {
1408	proto_tree_add_item_ret_uint(eap_tree, hf_eap_pax_ade_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1409	offset += 2;
1410	proto_tree_add_item(eap_tree, hf_eap_pax_ade, tvb, offset, len, ENC_NA0x00000000);
1411	offset += len;
1412	}
1413	len = 5 + size - offset;
1414	proto_tree_add_item(eap_tree, hf_eap_pax_mac_icv, tvb, offset, len, ENC_NA0x00000000);
1415	offset += len;
1416	break;
1417	case PAX_ACK0x21:
1418	if (flags & EAP_PAX_FLAG_AI0x04) {
1419	proto_tree_add_item_ret_uint(eap_tree, hf_eap_pax_ade_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1420	offset += 2;
1421	proto_tree_add_item(eap_tree, hf_eap_pax_ade, tvb, offset, len, ENC_NA0x00000000);
1422	offset += len;
1423	}
1424	len = 5 + size - offset;
1425	proto_tree_add_item(eap_tree, hf_eap_pax_mac_icv, tvb, offset, len, ENC_NA0x00000000);
1426	offset += len;
1427	break;
1428	case PAX_SEC_10x11:
1429	case PAX_SEC_20x12:
1430	case PAX_SEC_30x13:
1431	case PAX_SEC_40x14:
1432	case PAX_SEC_50x15:
1433	/* TODO implement */
1434	default:
1435	break;
1436	}
1437
1438	return offset;
1439	}
1440
1441	static int
1442	dissect_eap_psk_pchannel(proto_tree eap_tree, tvbuff_t tvb, int offset, int size)
1443	{
1444	/* The protected channel (PCHANNEL) content is encrypted so for now just present
1445	* it as a binary blob */
1446	proto_tree_add_item(eap_tree, hf_eap_psk_pchannel, tvb, offset, size, ENC_NA0x00000000);
1447	offset += size;
1448	return offset;
1449	}
1450
1451	static int
1452	dissect_eap_psk(proto_tree eap_tree, tvbuff_t tvb, packet_info *pinfo, int offset, int size)
1453	{
1454	static int * const psk_flags[] = {
1455	&hf_eap_psk_flags_t,
1456	&hf_eap_psk_flags_reserved,
1457	NULL((void*)0)
1458	};
1459	uint64_t flags;
1460
1461	proto_tree_add_bitmask_ret_uint64(eap_tree, tvb, offset, hf_eap_psk_flags, ett_eap_psk_flags,
1462	psk_flags, ENC_NA0x00000000, &flags);
1463	offset++;
1464
1465	switch (flags & EAP_PSK_FLAGS_T_MASK0xC0) {
1466	case 0x00: /* T == 0 - EAP-PSK First Message */
1467	col_append_str(pinfo->cinfo, COL_INFO, " First Message");
1468	proto_tree_add_item(eap_tree, hf_eap_psk_rand_s, tvb, offset, 16, ENC_NA0x00000000);
1469	offset += 16;
1470	proto_tree_add_item(eap_tree, hf_eap_psk_id_s, tvb, offset, size + 5 - offset, ENC_ASCII0x00000000 \| ENC_NA0x00000000);
1471	offset = size;
1472	break;
1473	case 0x40: /* T == 1 - EAP-PSK Second Message */
1474	col_append_str(pinfo->cinfo, COL_INFO, " Second Message");
1475	proto_tree_add_item(eap_tree, hf_eap_psk_rand_s, tvb, offset, 16, ENC_NA0x00000000);
1476	offset += 16;
1477	proto_tree_add_item(eap_tree, hf_eap_psk_rand_p, tvb, offset, 16, ENC_NA0x00000000);
1478	offset += 16;
1479	proto_tree_add_item(eap_tree, hf_eap_psk_mac_p, tvb, offset, 16, ENC_NA0x00000000);
1480	offset += 16;
1481	proto_tree_add_item(eap_tree, hf_eap_psk_id_p, tvb, offset, size + 5 - offset, ENC_ASCII0x00000000 \| ENC_NA0x00000000);
1482	offset = size;
1483	break;
1484	case 0x80: /* T == 2 - EAP-PSK Third Message */
1485	col_append_str(pinfo->cinfo, COL_INFO, " Third Message");
1486	proto_tree_add_item(eap_tree, hf_eap_psk_rand_s, tvb, offset, 16, ENC_NA0x00000000);
1487	offset += 16;
1488	proto_tree_add_item(eap_tree, hf_eap_psk_mac_s, tvb, offset, 16, ENC_NA0x00000000);
1489	offset += 16;
1490	offset = dissect_eap_psk_pchannel(eap_tree, tvb, offset, size + 5 - offset);
1491	break;
1492	case 0xC0: /* T == 3 - EAP-PSK Fourth Message */
1493	col_append_str(pinfo->cinfo, COL_INFO, " Fourth Message");
1494	proto_tree_add_item(eap_tree, hf_eap_psk_rand_s, tvb, offset, 16, ENC_NA0x00000000);
1495	offset += 16;
1496	offset = dissect_eap_psk_pchannel(eap_tree, tvb, offset, size + 5 - offset);
1497	break;
1498	default:
1499	break;
1500	}
1501
1502	return offset;
1503	}
1504
1505	static int
1506	dissect_eap_gpsk_csuite_sel(proto_tree eap_tree, tvbuff_t tvb, int offset)
1507	{
1508	proto_tree *csuite_tree;
1509	csuite_tree = proto_tree_add_subtree(eap_tree, tvb, offset, 6, ett_eap_gpsk_csuite_sel,
1510	NULL((void*)0), "EAP-GPSK CSuite_Sel");
1511	proto_tree_add_item(csuite_tree, hf_eap_gpsk_csuite_vendor, tvb, offset, 4, ENC_BIG_ENDIAN0x00000000);
1512	offset += 4;
1513	proto_tree_add_item(csuite_tree, hf_eap_gpsk_csuite_specifier, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000);
1514	offset += 2;
1515	return offset;
1516	}
1517
1518	static int
1519	dissect_eap_gpsk_csuite_list(proto_tree eap_tree, tvbuff_t tvb, int offset)
1520	{
1521	int start_offset = offset;
1522	uint16_t len;
1523	proto_tree list_tree, csuite_tree;
1524
1525	len = tvb_get_ntohs(tvb, offset) + 2;
1526	list_tree = proto_tree_add_subtree(eap_tree, tvb, offset, len, ett_eap_gpsk_csuite_list,
1527	NULL((void*)0), "EAP-GPSK CSuite List");
1528	proto_tree_add_item(list_tree, hf_eap_gpsk_csuite_list_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000);
1529	offset += 2;
1530
1531	while (offset < start_offset + len) {
1532	csuite_tree = proto_tree_add_subtree(list_tree, tvb, offset, 6, ett_eap_gpsk_csuite,
1533	NULL((void*)0), "CSuite");
1534	proto_tree_add_item(csuite_tree, hf_eap_gpsk_csuite_vendor, tvb, offset, 4, ENC_BIG_ENDIAN0x00000000);
1535	offset += 4;
1536	proto_tree_add_item(csuite_tree, hf_eap_gpsk_csuite_specifier, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000);
1537	offset += 2;
1538	}
1539	return offset;
1540	}
1541
1542	static int
1543	dissect_eap_sake_attribute(proto_tree eap_tree, tvbuff_t tvb, int offset, int size)
1544	{
1545	int start_offset = offset;
1546	uint8_t type;
1547	uint8_t len;
1548	proto_tree *attr_tree;
1549
1550	type = tvb_get_uint8(tvb, offset);
1551	len = tvb_get_uint8(tvb, offset + 1);
1552
1553	if (len < 2 \|\| len > size) {
1554	return -1;
1555	}
1556	attr_tree = proto_tree_add_subtree_format(eap_tree, tvb, offset, len, ett_eap_sake_attr, NULL((void*)0),
1557	"EAP-SAKE Attribute: %s",
1558	val_to_str(type, eap_sake_attr_type_vals,
1559	"Unknown (%d)"));
1560
1561	proto_tree_add_item(attr_tree, hf_eap_sake_attr_type, tvb, offset, 1, ENC_NA0x00000000);
1562	offset++;
1563	proto_tree_add_item(attr_tree, hf_eap_sake_attr_len, tvb, offset, 1, ENC_NA0x00000000);
1564	offset++;
1565	len -= 2;
1566
1567	switch (type) {
1568	case SAKE_AT_SERVERID5:
1569	case SAKE_AT_PEERID6:
1570	proto_tree_add_item(attr_tree, hf_eap_sake_attr_value_str, tvb, offset, len, ENC_ASCII0x00000000 \| ENC_NA0x00000000);
1571	offset += len;
1572	break;
1573	case SAKE_AT_MSK_LIFE132:
1574	proto_tree_add_item(attr_tree, hf_eap_sake_attr_value_uint48, tvb, offset, len,
1575	ENC_BIG_ENDIAN0x00000000);
1576	offset += len;
1577	break;
1578	case SAKE_AT_RAND_S1:
1579	case SAKE_AT_RAND_P2:
1580	case SAKE_AT_MIC_S3:
1581	case SAKE_AT_MIC_P4:
1582	case SAKE_AT_SPI_S7:
1583	case SAKE_AT_SPI_P8:
1584	case SAKE_AT_ANY_ID_REQ9:
1585	case SAKE_AT_PERM_ID_REQ10:
1586	case SAKE_AT_ENCR_DATA128:
1587	case SAKE_AT_IV129:
1588	case SAKE_AT_PADDING130:
1589	case SAKE_AT_NEXT_TMPID131:
1590	default:
1591	proto_tree_add_item(attr_tree, hf_eap_sake_attr_value, tvb, offset, len, ENC_NA0x00000000);
1592	offset += len;
1593	break;
1594	}
1595	return offset - start_offset;
1596	}
1597
1598	static void
1599	dissect_eap_sake_attributes(proto_tree eap_tree, tvbuff_t tvb, int offset, int size)
1600	{
1601	int attr_size;
1602	while (offset < size) {
1603	attr_size = dissect_eap_sake_attribute(eap_tree, tvb, offset, size);
1604	if (attr_size == -1) {
1605	break;
1606	}
1607	offset += attr_size;
1608	}
1609	}
1610
1611	static void
1612	dissect_eap_sake(proto_tree eap_tree, tvbuff_t tvb, packet_info *pinfo _U___attribute__((unused)), int offset, int size)
1613	{
1614	uint32_t version;
1615	uint32_t subtype;
1616
1617	proto_tree_add_item_ret_uint(eap_tree, hf_eap_sake_version, tvb, offset, 1, ENC_NA0x00000000, &version);
1618	offset++;
1619	if (version != 2) {
1620	/* RFC 4763 specify version 2. Everything else is unsupported */
1621	return;
1622	}
1623	proto_tree_add_item(eap_tree, hf_eap_sake_session_id, tvb, offset, 1, ENC_NA0x00000000);
1624	offset++;
1625	proto_tree_add_item_ret_uint(eap_tree, hf_eap_sake_subtype, tvb, offset, 1, ENC_NA0x00000000, &subtype);
1626	offset++;
1627
1628	switch (subtype) {
1629	case SAKE_CHALLENGE1:
1630	case SAKE_CONFIRM2:
1631	case SAKE_AUTH_REJECT3:
1632	case SAKE_IDENTITY4:
1633	dissect_eap_sake_attributes(eap_tree, tvb, offset, size + 5 - offset);
1634	break;
1635	default:
1636	break;
1637	}
1638	}
1639
1640	static int
1641	dissect_eap_gpsk(proto_tree eap_tree, tvbuff_t tvb, packet_info *pinfo, int offset, int size)
1642	{
1643	uint32_t opcode;
1644	uint32_t len;
1645
1646	proto_tree_add_item_ret_uint(eap_tree, hf_eap_gpsk_opcode, tvb, offset, 1, ENC_NA0x00000000, &opcode);
1647	offset++;
1648	col_append_fstr(pinfo->cinfo, COL_INFO, " %s",
1649	val_to_str(opcode, eap_gpsk_opcode_vals, "Unknown opcode (0x%02X)"));
1650
1651	switch (opcode) {
1652	case GPSK_GPSK_11:
1653	proto_tree_add_item_ret_uint(eap_tree, hf_eap_gpsk_id_server_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1654	offset += 2;
1655	proto_tree_add_item(eap_tree, hf_eap_gpsk_id_server, tvb, offset, len, ENC_ASCII0x00000000 \| ENC_NA0x00000000);
1656	offset += len;
1657	proto_tree_add_item(eap_tree, hf_eap_gpsk_rand_server, tvb, offset, 32, ENC_NA0x00000000);
1658	offset += 32;
1659	offset = dissect_eap_gpsk_csuite_list(eap_tree, tvb, offset);
1660	break;
1661	case GPSK_GPSK_22:
1662	proto_tree_add_item_ret_uint(eap_tree, hf_eap_gpsk_id_peer_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1663	offset += 2;
1664	proto_tree_add_item(eap_tree, hf_eap_gpsk_id_peer, tvb, offset, len, ENC_ASCII0x00000000 \| ENC_NA0x00000000);
1665	offset += len;
1666	proto_tree_add_item_ret_uint(eap_tree, hf_eap_gpsk_id_server_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1667	offset += 2;
1668	proto_tree_add_item(eap_tree, hf_eap_gpsk_id_server, tvb, offset, len, ENC_ASCII0x00000000 \| ENC_NA0x00000000);
1669	offset += len;
1670	proto_tree_add_item(eap_tree, hf_eap_gpsk_rand_peer, tvb, offset, 32, ENC_NA0x00000000);
1671	offset += 32;
1672	proto_tree_add_item(eap_tree, hf_eap_gpsk_rand_server, tvb, offset, 32, ENC_NA0x00000000);
1673	offset += 32;
1674	offset = dissect_eap_gpsk_csuite_list(eap_tree, tvb, offset);
1675	offset = dissect_eap_gpsk_csuite_sel(eap_tree, tvb, offset);
1676	proto_tree_add_item_ret_uint(eap_tree, hf_eap_gpsk_pd_payload_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1677	offset += 2;
1678	if (len > 0) {
1679	proto_tree_add_item(eap_tree, hf_eap_gpsk_pd_payload, tvb, offset, len, ENC_NA0x00000000);
1680	offset += len;
1681	}
1682	len = size + 5 - offset;
1683	proto_tree_add_item(eap_tree, hf_eap_gpsk_payload_mac, tvb, offset, len, ENC_NA0x00000000);
1684	offset += len;
1685	break;
1686	case GPSK_GPSK_33:
1687	proto_tree_add_item(eap_tree, hf_eap_gpsk_rand_peer, tvb, offset, 32, ENC_NA0x00000000);
1688	offset += 32;
1689	proto_tree_add_item(eap_tree, hf_eap_gpsk_rand_server, tvb, offset, 32, ENC_NA0x00000000);
1690	offset += 32;
1691	proto_tree_add_item_ret_uint(eap_tree, hf_eap_gpsk_id_server_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1692	offset += 2;
1693	proto_tree_add_item(eap_tree, hf_eap_gpsk_id_server, tvb, offset, len, ENC_ASCII0x00000000 \| ENC_NA0x00000000);
1694	offset += len;
1695	offset = dissect_eap_gpsk_csuite_sel(eap_tree, tvb, offset);
1696	proto_tree_add_item_ret_uint(eap_tree, hf_eap_gpsk_pd_payload_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1697	offset += 2;
1698	if (len > 0) {
1699	proto_tree_add_item(eap_tree, hf_eap_gpsk_pd_payload, tvb, offset, len, ENC_NA0x00000000);
1700	offset += len;
1701	}
1702	len = size + 5 - offset;
1703	proto_tree_add_item(eap_tree, hf_eap_gpsk_payload_mac, tvb, offset, len, ENC_NA0x00000000);
1704	offset += len;
1705	break;
1706	case GPSK_GPSK_44:
1707	proto_tree_add_item_ret_uint(eap_tree, hf_eap_gpsk_pd_payload_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &len);
1708	offset += 2;
1709	if (len > 0) {
1710	proto_tree_add_item(eap_tree, hf_eap_gpsk_pd_payload, tvb, offset, len, ENC_NA0x00000000);
1711	offset += len;
1712	}
1713	len = size + 5 - offset;
1714	proto_tree_add_item(eap_tree, hf_eap_gpsk_payload_mac, tvb, offset, len, ENC_NA0x00000000);
1715	offset += len;
1716	break;
1717	case GPSK_FAIL5:
1718	proto_tree_add_item(eap_tree, hf_eap_gpsk_failure_code, tvb, offset, 4, ENC_BIG_ENDIAN0x00000000);
1719	offset += 4;
1720	break;
1721	case GPSK_PROTECTED_FAIL6:
1722	proto_tree_add_item(eap_tree, hf_eap_gpsk_failure_code, tvb, offset, 4, ENC_BIG_ENDIAN0x00000000);
1723	offset += 4;
1724	len = size + 5 - offset;
1725	proto_tree_add_item(eap_tree, hf_eap_gpsk_payload_mac, tvb, offset, len, ENC_NA0x00000000);
1726	offset += len;
1727	break;
1728	default:
1729	break;
1730	}
1731
1732	return offset;
1733	}
1734
1735	static int
1736	dissect_eap_msauth_tlv(proto_tree eap_tree, tvbuff_t tvb, packet_info *pinfo, int offset, int size)
1737	{
1738	unsigned tlv_type, tlv_len;
1739	proto_tree tlv_tree, tree, *ti_len;
1740
1741	tlv_tree = proto_tree_add_subtree(eap_tree, tvb, offset, size, ett_eap_msauth_tlv,
1742	NULL((void*)0), "Tag Length Values");
1743
1744	next_tlv:
1745	tlv_type = tvb_get_uint16(tvb, offset, ENC_BIG_ENDIAN0x00000000) & MSAUTH_TLV_TYPE0x3FFF;
1746	tlv_len = tvb_get_uint16(tvb, offset + 2, ENC_BIG_ENDIAN0x00000000);
1747
1748	tree = proto_tree_add_subtree_format(tlv_tree, tvb, offset, 4 + tlv_len,
1749	ett_eap_msauth_tlv_tree, NULL((void*)0), "TLV: t=%s(%d) l=%d",
1750	val_to_str_const(tlv_type, eap_msauth_tlv_type_vals, "Unknown"),
1751	tlv_type, 4 + tlv_len);
1752
1753	proto_tree_add_item(tree, hf_eap_msauth_tlv_mandatory, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000);
1754	proto_tree_add_item(tree, hf_eap_msauth_tlv_reserved, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000);
1755	proto_tree_add_item(tree, hf_eap_msauth_tlv_type, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000);
1756	offset += 2;
1757
1758	proto_tree_add_item(tree, hf_eap_msauth_tlv_len, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000);
1759	offset += 2;
1760
1761	switch (tlv_type) {
1762	case MSAUTH_TLV_TYPE_EXTENSION_RESULT3:
1763	proto_tree_add_item(tree, hf_eap_msauth_tlv_status, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000);
1764	offset += 2;
1765	break;
1766
1767	case MSAUTH_TLV_TYPE_EXTENSION_CRYPTOBINDING12:
1768	proto_tree_add_item(tree, hf_eap_msauth_tlv_crypto_reserved, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
1769	offset += 1;
1770	proto_tree_add_item(tree, hf_eap_msauth_tlv_crypto_version, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
1771	offset += 1;
1772	proto_tree_add_item(tree, hf_eap_msauth_tlv_crypto_rcv_version, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
1773	offset += 1;
1774	proto_tree_add_item(tree, hf_eap_msauth_tlv_crypto_subtype, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
1775	offset += 1;
1776	proto_tree_add_item(tree, hf_eap_msauth_tlv_crypto_nonce, tvb, offset, 32, ENC_NA0x00000000);
1777	offset += 32;
1778	proto_tree_add_item(tree, hf_eap_msauth_tlv_crypto_cmac, tvb, offset, 20, ENC_NA0x00000000);
1779	offset += 20;
1780	break;
1781
1782	default:
1783	ti_len = proto_tree_add_item(tree, hf_eap_msauth_tlv_val, tvb, offset, tlv_len, ENC_NA0x00000000);
1784	if (4 + tlv_len > (unsigned)size - offset) {
1785	expert_add_info(pinfo, ti_len, &ei_eap_bad_length);
1786	}
1787	offset += tlv_len;
1788	}
1789
1790	if (offset < size) {
1791	goto next_tlv;
1792	}
1793
1794	return offset;
1795	}
1796
1797
1798	static int
1799	dissect_eap(tvbuff_t tvb, packet_info pinfo, proto_tree tree, void data _U___attribute__((unused)))
1800	{
1801	uint8_t eap_code;
1802	uint8_t eap_identifier;
1803	uint16_t eap_len;
1804	uint8_t eap_type;
1805	int len;
1806	conversation_t conversation = NULL((void)0);
1807	conv_state_t conversation_state = NULL((void)0);
1808	frame_state_t *packet_state;
1809	int leap_state;
1810	proto_tree ti, ti_id, *ti_len;
1811	proto_tree *eap_tree;
1812	proto_tree *eap_tls_flags_tree;
1813	proto_item *eap_type_item;
1814	static address null_address = ADDRESS_INIT_NONE{AT_NONE, 0, ((void)0), ((void)0)};
1815	static uint8_t pae_group_address_mac_addr[6] = { 0x01, 0x80, 0xC2, 0x00, 0x00, 0x03 };
1816	static address pae_group_address = ADDRESS_INIT(AT_ETHER, sizeof(pae_group_address_mac_addr), pae_group_address_mac_addr){AT_ETHER, sizeof(pae_group_address_mac_addr), pae_group_address_mac_addr , ((void*)0)};
1817
1818	col_set_str(pinfo->cinfo, COL_PROTOCOL, "EAP");
1819	col_clear(pinfo->cinfo, COL_INFO);
1820
1821	eap_code = tvb_get_uint8(tvb, 0);
1822	eap_identifier = tvb_get_uint8(tvb, 1);
1823
1824	col_add_str(pinfo->cinfo, COL_INFO,
1825	val_to_str(eap_code, eap_code_vals, "Unknown code (0x%02X)"));
1826
1827	/*
1828	* Find a conversation to which we belong; create one if we don't find it.
1829	*
1830	* EAP runs over RADIUS (which runs over UDP), EAPOL (802.1X Authentication)
1831	* or other transports. In case of RADIUS, a single "session" may consist
1832	* of two UDP associations (one for authorization, one for accounting) which
1833	* results in two separate conversations. This wastes memory, but won't affect
1834	* the use cases below. In case of EAPOL, there are no ports. In any case,
1835	* force a new conversation when the EAP-Request/Identity message is found.
1836	*
1837	* Conversation tracking is required for 1) EAP-TLS reassembly and 2) tracking
1838	* the stage in the LEAP protocol. In both cases, the protocol starts with an
1839	* EAP-Request/Identity message which cannot be found in the middle of the
1840	* session. Use it as a signal to start a new conversation. This ensures that
1841	* the TLS dissector associates new TLS messages with a unique TLS session.
1842	*
1843	* For EAPOL frames we need to massage the source/destination addresses into
1844	* something stable for the TLS decoder as wireshark typically thinks there
1845	* are three conversations occurring when there is only one:
1846	* * src ether = server mac -> dst ether = PAE multicast group address
1847	* * src ether = server mac -> dst ether = client mac
1848	* * src ether = client mac -> dst ether = PAE multicast group address
1849	* We set the port so the TLS decoder can figure out which side is the server
1850	*/
1851	address conv_src, conv_dst;
1852	uint32_t tls_group = pinfo->curr_proto_layer_num << 16;
1853	uint32_t conv_srcport = pinfo->srcport;
1854	uint32_t conv_destport = pinfo->destport;
1855	if (pinfo->src.type == AT_ETHER) {
1856	if (eap_code == EAP_REQUEST1) { /* server -> client */
1857	copy_address_shallow(&conv_src, &null_address);
1858	copy_address_shallow(&conv_dst, &pae_group_address);
1859	conv_srcport = 443;
1860	} else { /* client -> server */
1861	copy_address_shallow(&conv_src, &pae_group_address);
1862	copy_address_shallow(&conv_dst, &null_address);
1863	conv_destport = 443;
1864	}
1865	}
1866	else {
1867	copy_address_shallow(&conv_src, &pinfo->src);
1868	copy_address_shallow(&conv_dst, &pinfo->dst);
1869	}
1870
1871	/*
1872	* To support tunneled EAP-TLS (e.g. {TTLS,PEAP,TEAP,...}/EAP-TLS) we
1873	* group our TLS frames by the depth they are found at and use this
1874	* as offsets for p_get_proto_data/p_add_proto_data and as done for
1875	* EAPOL above we massage the client port using this too
1876	*/
1877
1878	if (eap_code == EAP_REQUEST1) { /* server -> client */
1879	conv_destport \|= tls_group;
1880	}
1881	else { /* client -> server */
1882	conv_srcport \|= tls_group;
1883	}
1884
1885	conversation_set_conv_addr_port_endpoints(pinfo, &conv_src, &conv_dst,
1886	conversation_pt_to_conversation_type(pinfo->ptype), conv_srcport, conv_destport);
1887
1888	if (PINFO_FD_VISITED(pinfo)((pinfo)->fd->visited) \|\| !(eap_code == EAP_REQUEST1 && tvb_get_uint8(tvb, 4) == EAP_TYPE_ID1)) {
1889	conversation = find_or_create_conversation(pinfo);
1890	}
1891	if (conversation == NULL((void*)0)) {
1892	conversation = conversation_new(pinfo->num, &conv_src,
1893	&conv_dst, conversation_pt_to_conversation_type(pinfo->ptype),
1894	conv_srcport, conv_destport, 0);
1895	}
1896
1897	/*
1898	* Get the state information for the conversation; attach some if
1899	* we don't find it.
1900	*/
1901	conversation_state = (conv_state_t *)conversation_get_proto_data(conversation, proto_eap);
1902	if (conversation_state == NULL((void*)0)) {
1903	/*
1904	* Attach state information to the conversation.
1905	*/
1906	conversation_state = wmem_new(wmem_file_scope(), conv_state_t)((conv_state_t*)wmem_alloc((wmem_file_scope()), sizeof(conv_state_t )));
1907	conversation_state->eap_tls_seq = -1;
1908	conversation_state->eap_reass_cookie = 0;
1909	conversation_state->leap_state = -1;
1910	conversation_state->last_eap_id_req = -1;
1911	conversation_state->last_eap_id_resp = -1;
1912	conversation_add_proto_data(conversation, proto_eap, conversation_state);
1913	}
1914
1915	/*
1916	* Set this now, so that it gets remembered even if we throw an exception
1917	* later.
1918	*/
1919	if (eap_code == EAP_FAILURE4)
1920	conversation_state->leap_state = -1;
1921
1922	eap_len = tvb_get_ntohs(tvb, 2);
1923	len = eap_len;
1924
1925	ti = proto_tree_add_item(tree, proto_eap, tvb, 0, len, ENC_NA0x00000000);
1926	eap_tree = proto_item_add_subtree(ti, ett_eap);
1927
1928	proto_tree_add_item(eap_tree, hf_eap_code, tvb, 0, 1, ENC_BIG_ENDIAN0x00000000);
1929	ti_id = proto_tree_add_item(eap_tree, hf_eap_identifier, tvb, 1, 1, ENC_BIG_ENDIAN0x00000000);
1930	ti_len = proto_tree_add_item(eap_tree, hf_eap_len, tvb, 2, 2, ENC_BIG_ENDIAN0x00000000);
1931	if (len < 4 \|\| (unsigned)len > tvb_reported_length(tvb)) {
1932	expert_add_info(pinfo, ti_len, &ei_eap_bad_length);
1933	}
1934
1935	/* Detect message retransmissions. Since the protocol proceeds in lock-step,
1936	* reordering is not expected. If retransmissions somehow occur, we would have
1937	* to detect retransmissions via a bitmap. */
1938	bool_Bool is_duplicate_id = false0;
1939	if (conversation_state) {
1940	if (eap_code == EAP_REQUEST1 \|\| eap_code == EAP_RESPONSE2 \|\|
1941	eap_code == EAP_INITIATE5 \|\| eap_code == EAP_FINISH6) {
1942	if (!PINFO_FD_VISITED(pinfo)((pinfo)->fd->visited)) {
1943	int16_t *last_eap_id = eap_code == EAP_REQUEST1 \|\| eap_code == EAP_INITIATE5 ?
1944	&conversation_state->last_eap_id_req :
1945	&conversation_state->last_eap_id_resp;
1946	is_duplicate_id = *last_eap_id == eap_identifier;
1947	*last_eap_id = eap_identifier;
1948	if (is_duplicate_id) {
1949	// Use a dummy value to remember that this packet is a duplicate.
1950	p_add_proto_data(wmem_file_scope(), pinfo, proto_eap, PROTO_DATA_EAP_DUPLICATE_ID \| tls_group, GINT_TO_POINTER(1)((gpointer) (glong) (1)));
1951	}
1952	} else {
1953	is_duplicate_id = !!p_get_proto_data(wmem_file_scope(), pinfo, proto_eap, PROTO_DATA_EAP_DUPLICATE_ID \| tls_group);
1954	}
1955	if (is_duplicate_id) {
1956	expert_add_info(pinfo, ti_id, &ei_eap_retransmission);
1957	}
1958	}
1959	}
1960
1961	switch (eap_code) {
1962
1963	case EAP_SUCCESS3:
1964	case EAP_FAILURE4:
1965	break;
1966
1967	case EAP_REQUEST1:
1968	case EAP_RESPONSE2:
1969	eap_type = tvb_get_uint8(tvb, 4);
1970
1971	col_append_fstr(pinfo->cinfo, COL_INFO, ", %s",
1972	val_to_str_ext(eap_type, &eap_type_vals_ext,
1973	"Unknown type (0x%02x)"));
1974	eap_type_item = proto_tree_add_item(eap_tree, hf_eap_type, tvb, 4, 1, ENC_BIG_ENDIAN0x00000000);
1975
1976	if ((len > 5) \|\| ((len == 5) && (eap_type == EAP_TYPE_ID1))) {
1977	int offset = 5;
1978	int size = len - offset;
1979
1980	switch (eap_type) {
1981	/*********************************************************************
1982	**********************************************************************/
1983	case EAP_TYPE_ID1:
1984	if (size > 0) {
1985	dissect_eap_identity(tvb, pinfo, eap_tree, offset, size);
1986	}
1987	if (conversation_state && !PINFO_FD_VISITED(pinfo)((pinfo)->fd->visited)) {
1988	conversation_state->leap_state = 0;
1989	conversation_state->eap_tls_seq = -1;
1990	}
1991	break;
1992
1993	/*********************************************************************
1994	**********************************************************************/
1995	case EAP_TYPE_NOTIFY2:
1996	proto_tree_add_item(eap_tree, hf_eap_notification, tvb,
1997	offset, size, ENC_ASCII0x00000000);
1998	break;
1999
2000	/*********************************************************************
2001	**********************************************************************/
2002	case EAP_TYPE_NAK3:
2003	proto_tree_add_item(eap_tree, hf_eap_type_nak, tvb,
2004	offset, 1, ENC_BIG_ENDIAN0x00000000);
2005	break;
2006	/*********************************************************************
2007	**********************************************************************/
2008	case EAP_TYPE_MD54:
2009	{
2010	uint8_t value_size = tvb_get_uint8(tvb, offset);
2011	int extra_len = size - 1 - value_size;
2012	proto_item *item;
2013
2014	/* Warn that this is an insecure EAP type. */
2015	expert_add_info(pinfo, eap_type_item, &ei_eap_mitm_attacks);
2016
2017	item = proto_tree_add_item(eap_tree, hf_eap_md5_value_size, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
2018	if (value_size > (size - 1))
2019	{
2020	expert_add_info(pinfo, item, &ei_eap_md5_value_size_overflow);
2021	value_size = size - 1;
2022	}
2023
2024	offset += 1;
2025	proto_tree_add_item(eap_tree, hf_eap_md5_value, tvb, offset, value_size, ENC_NA0x00000000);
2026	offset += value_size;
2027	if (extra_len > 0) {
2028	proto_tree_add_item(eap_tree, hf_eap_md5_extra_data, tvb, offset, extra_len, ENC_NA0x00000000);
2029	}
2030	}
2031	break;
2032
2033	/*********************************************************************
2034	EAP-TLS
2035	**********************************************************************/
2036	case EAP_TYPE_FAST43:
2037	case EAP_TYPE_PEAP25:
2038	case EAP_TYPE_TTLS21:
2039	case EAP_TYPE_TLS13:
2040	case EAP_TYPE_TEAP55:
2041	{
2042	bool_Bool more_fragments;
2043	bool_Bool has_length;
2044	bool_Bool is_start;
2045	bool_Bool outer_tlvs = false0;
2046	int outer_tlvs_length = 0;
2047	int eap_tls_seq = -1;
2048	uint32_t eap_reass_cookie = 0;
2049	bool_Bool needs_reassembly = false0;
2050
2051	if (!conversation_state) {
2052	// XXX expert info? There cannot be another EAP-TTLS message within
2053	// the EAP-Message inside EAP-TTLS.
2054	break;
2055	}
2056
2057	/* Flags field, 1 byte */
2058	ti = proto_tree_add_item(eap_tree, hf_eap_tls_flags, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
2059	eap_tls_flags_tree = proto_item_add_subtree(ti, ett_eap_tls_flags);
2060	proto_tree_add_item_ret_boolean(eap_tls_flags_tree, hf_eap_tls_flag_l, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000, &has_length);
2061	proto_tree_add_item_ret_boolean(eap_tls_flags_tree, hf_eap_tls_flag_m, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000, &more_fragments);
2062	proto_tree_add_item_ret_boolean(eap_tls_flags_tree, hf_eap_tls_flag_s, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000, &is_start);
2063
2064	switch (eap_type) {
2065	case EAP_TYPE_TEAP55:
2066	proto_tree_add_item_ret_boolean(eap_tls_flags_tree, hf_eap_tls_flag_o, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000, &outer_tlvs);
2067	/* FALLTHROUGH */
2068	case EAP_TYPE_TTLS21:
2069	case EAP_TYPE_FAST43:
2070	case EAP_TYPE_PEAP25:
2071	proto_tree_add_item(eap_tls_flags_tree, hf_eap_tls_flags_version, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
2072	break;
2073	}
2074	size -= 1;
2075	offset += 1;
2076
2077	/* Length field, 4 bytes, OPTIONAL. */
2078	if (has_length) {
2079	proto_tree_add_item(eap_tree, hf_eap_tls_len, tvb, offset, 4, ENC_BIG_ENDIAN0x00000000);
2080	size -= 4;
2081	offset += 4;
2082	}
2083
2084	/* Outer TLV Length field, 4 bytes, OPTIONAL. */
2085	if (outer_tlvs) {
2086	proto_tree_add_item_ret_uint(eap_tree, hf_eap_tls_outer_tlvs_len, tvb, offset, 4, ENC_BIG_ENDIAN0x00000000, &outer_tlvs_length);
2087	size -= 4;
2088	offset += 4;
2089	}
2090
2091	if (is_start)
2092	conversation_state->eap_tls_seq = -1;
2093
2094	/* 4.1.1 Authority ID Data https://datatracker.ietf.org/doc/html/rfc4851#section-4.1.1 */
2095	if (eap_type == EAP_TYPE_FAST43 && is_start) {
2096	uint32_t length, type;
2097
2098	proto_tree_add_item_ret_uint(eap_tree, hf_eap_fast_type, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &type);
2099	size -= 2;
2100	offset += 2;
2101
2102	proto_tree_add_item_ret_uint(eap_tree, hf_eap_fast_length, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000, &length);
2103	size -= 2;
2104	offset += 2;
2105
2106	proto_tree_add_item(eap_tree, hf_eap_data, tvb, offset, length, ENC_NA0x00000000);
2107
2108	switch (type) {
2109	case 4:
2110	proto_tree_add_item(eap_tree, hf_eap_fast_aidd, tvb, offset, length, ENC_NA0x00000000);
2111	break;
2112	}
2113	size -= length;
2114	offset += length;
2115
2116	}
2117
2118	if (size > 0) {
2119
2120	tvbuff_t next_tvb = NULL((void)0);
2121	int tvb_len;
2122	bool_Bool save_fragmented;
2123
2124	tvb_len = tvb_captured_length_remaining(tvb, offset);
2125	if (size < tvb_len)
2126	tvb_len = size;
2127
2128	/* If this is a retransmission, do not save the fragment. */
2129	if (is_duplicate_id) {
2130	next_tvb = tvb_new_subset_length_caplen(tvb, offset, tvb_len, size);
2131	call_data_dissector(next_tvb, pinfo, eap_tree);
2132	break;
2133	}
2134
2135	/*
2136	EAP/TLS is weird protocol (it comes from
2137	Microsoft after all).
2138
2139	If we have series of fragmented packets,
2140	then there's no way of knowing that from
2141	the packet itself, if it is the last packet
2142	in series, that is that the packet part of
2143	bigger fragmented set of data.
2144
2145	The only way to know is, by knowing
2146	that we are already in defragmentation
2147	"mode" and we are expecing packet
2148	carrying fragment of data. (either
2149	because we have not received expected
2150	amount of data, or because the packet before
2151	had "F"ragment flag set.)
2152
2153	The situation is alleviated by fact that it
2154	is simple ack/nack protcol so there's no
2155	place for out-of-order packets like it is
2156	possible with IP.
2157
2158	Anyway, point of this lengthy essay is that
2159	we have to keep state information in the
2160	conversation, so that we can put ourselves in
2161	defragmenting mode and wait for the last packet,
2162	and have to attach state to frames as well, so
2163	that we can handle defragmentation after the
2164	first pass through the capture.
2165	*/
2166	/* See if we have a remembered defragmentation EAP ID. */
2167	packet_state = (frame_state_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_eap, PROTO_DATA_EAP_FRAME_STATE \| tls_group);
2168	if (packet_state == NULL((void*)0)) {
2169	/*
2170	* We haven't - does this message require reassembly?
2171	*/
2172	if (!pinfo->fd->visited) {
2173	/*
2174	* This is the first time we've looked at this frame,
2175	* so it wouldn't have any remembered information.
2176	*
2177	* Therefore, we check whether this conversation has
2178	* a reassembly operation in progress, or whether
2179	* this frame has the Fragment flag set.
2180	*/
2181	if (conversation_state->eap_tls_seq != -1) {
2182	/*
2183	* There's a reassembly in progress; the sequence number
2184	* of the previous fragment is
2185	* "conversation_state->eap_tls_seq", and the reassembly
2186	* ID is "conversation_state->eap_reass_cookie".
2187	*
2188	* We must include this frame in the reassembly.
2189	* We advance the sequence number, giving us the
2190	* sequence number for this fragment.
2191	*/
2192	needs_reassembly = true1;
2193	conversation_state->eap_tls_seq++;
2194
2195	eap_reass_cookie = conversation_state->eap_reass_cookie;
2196	eap_tls_seq = conversation_state->eap_tls_seq;
2197	} else if (more_fragments && has_length) {
2198	/*
2199	* This message has the Fragment flag set, so it requires
2200	* reassembly. It's the message containing the first
2201	* fragment (if it's a later fragment, the sequence
2202	* number in the conversation state would not be -1).
2203	*
2204	* If it doesn't include a length, however, we can't
2205	* do reassembly (either the message is in error, as
2206	* the first fragment must contain a length, or we
2207	* didn't capture the first fragment, and this just
2208	* happens to be the first fragment we saw), so we
2209	* also check that we have a length;
2210	*/
2211	needs_reassembly = true1;
2212	conversation_state->eap_reass_cookie = pinfo->num;
2213
2214	/*
2215	* Start the reassembly sequence number at 0.
2216	*/
2217	conversation_state->eap_tls_seq = 0;
2218
2219	eap_tls_seq = conversation_state->eap_tls_seq;
2220	eap_reass_cookie = conversation_state->eap_reass_cookie;
2221	}
2222
2223	if (needs_reassembly) {
2224	/*
2225	* This frame requires reassembly; remember the reassembly
2226	* ID for subsequent accesses to it.
2227	*/
2228	packet_state = wmem_new(wmem_file_scope(), frame_state_t)((frame_state_t*)wmem_alloc((wmem_file_scope()), sizeof(frame_state_t )));
2229	packet_state->info = eap_reass_cookie;
2230	p_add_proto_data(wmem_file_scope(), pinfo, proto_eap, PROTO_DATA_EAP_FRAME_STATE \| tls_group, packet_state);
2231	}
2232	}
2233	} else {
2234	/*
2235	* This frame has a reassembly cookie associated with it, so
2236	* it requires reassembly. We've already done the
2237	* reassembly in the first pass, so "fragment_add_seq()"
2238	* won't look at the sequence number; set it to 0.
2239	*
2240	* XXX - a frame isn't supposed to have more than one
2241	* EAP message in it, but if it includes both an EAP-TLS
2242	* message and a LEAP message, we might be mistakenly
2243	* concluding it requires reassembly because the "info"
2244	* field isn't -1. We could, I guess, pack both EAP-TLS
2245	* ID and LEAP state into the structure, but that doesn't
2246	* work if you have multiple EAP-TLS or LEAP messages in
2247	* the frame.
2248	*
2249	* But it's not clear how much work we should do to handle
2250	* a bogus message such as that; as long as we don't crash
2251	* or do something else equally horrible, we may not
2252	* have to worry about this at all.
2253	*/
2254	needs_reassembly = true1;
2255	eap_reass_cookie = packet_state->info;
2256	eap_tls_seq = 0;
2257	}
2258
2259	/*
2260	We test here to see whether EAP-TLS packet
2261	carry fragmented of TLS data.
2262
2263	If this is the case, we do reasembly below,
2264	otherwise we just call dissector.
2265	*/
2266	if (needs_reassembly) {
2267	fragment_head *fd_head;
2268
2269	/*
2270	* Yes, this frame contains a fragment that requires
2271	* reassembly.
2272	*/
2273	save_fragmented = pinfo->fragmented;
2274	pinfo->fragmented = true1;
2275	fd_head = fragment_add_seq(&eap_tls_reassembly_table,
2276	tvb, offset,
2277	pinfo, eap_reass_cookie, NULL((void*)0),
2278	eap_tls_seq,
2279	size,
2280	more_fragments, 0);
2281
2282	if (fd_head != NULL((void*)0)) {
2283	if (fd_head->reassembled_in == pinfo->num) {
2284	/* Reassembled */
2285	proto_item* frag_tree_item;
2286
2287	next_tvb = tvb_new_chain(tvb, fd_head->tvb_data);
2288	add_new_data_source(pinfo, next_tvb, "Reassembled EAP-TLS");
2289
2290	show_fragment_seq_tree(fd_head, &eap_tls_frag_items,
2291	eap_tree, pinfo, next_tvb, &frag_tree_item);
2292
2293	/*
2294	* We're finished reassembing this frame.
2295	* Reinitialize the reassembly state.
2296	*/
2297	if (!pinfo->fd->visited)
2298	conversation_state->eap_tls_seq = -1;
2299	} else {
2300	ti = proto_tree_add_uint(eap_tree, hf_eap_tls_reassembled_in, tvb,
2301	0, 0, fd_head->reassembled_in);
2302	proto_item_set_generated(ti);
2303	}
2304	}
2305
2306	pinfo->fragmented = save_fragmented;
2307
2308	} else { /* this data is NOT fragmented */
2309	next_tvb = tvb_new_subset_length_caplen(tvb, offset, tvb_len, size);
2310	}
2311
2312	if (next_tvb) {
2313	switch (eap_type) {
2314	case EAP_TYPE_TTLS21:
2315	tls_set_appdata_dissector(tls_handle, pinfo, diameter_avps_handle);
2316	break;
2317	case EAP_TYPE_PEAP25:
2318	p_add_proto_data(pinfo->pool, pinfo, proto_eap, PROTO_DATA_EAP_TVB \| tls_group, tvb);
2319	tls_set_appdata_dissector(tls_handle, pinfo, peap_handle);
2320	break;
2321	case EAP_TYPE_TEAP55:
2322	if (outer_tlvs) { /* https://www.rfc-editor.org/rfc/rfc7170.html#section-4.1 */
2323	tvbuff_t *teap_tvb = tvb_new_subset_length(tvb, offset + size - outer_tlvs_length, outer_tlvs_length);
2324	call_dissector(teap_handle, teap_tvb, pinfo, eap_tree);
2325	if (size == outer_tlvs_length) goto skip_tls_dissector;
2326	next_tvb = tvb_new_subset_length(next_tvb, 0, size - outer_tlvs_length);
2327	}
2328	tls_set_appdata_dissector(tls_handle, pinfo, teap_handle);
2329	break;
2330	}
2331	call_dissector(tls_handle, next_tvb, pinfo, eap_tree);
2332	}
2333	}
2334	}
2335	skip_tls_dissector:
2336	break; /* EAP_TYPE_TLS */
2337
2338	/*********************************************************************
2339	Cisco's Lightweight EAP (LEAP)
2340	https://web.archive.org/web/20070623090417if_/http://www.missl.cs.umd.edu/wireless/ethereal/leap.txt
2341	**********************************************************************/
2342	case EAP_TYPE_LEAP17:
2343	{
2344	uint8_t count, namesize;
2345
2346	/* Warn that this is an insecure EAP type. */
2347	expert_add_info(pinfo, eap_type_item, &ei_eap_dictionary_attacks);
2348
2349	/* Version (byte) */
2350	proto_tree_add_item(eap_tree, hf_eap_leap_version, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
2351	offset += 1;
2352
2353	/* Unused (byte) */
2354	proto_tree_add_item(eap_tree, hf_eap_leap_reserved, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
2355	offset += 1;
2356
2357	/* Count (byte) */
2358	count = tvb_get_uint8(tvb, offset);
2359	proto_tree_add_item(eap_tree, hf_eap_leap_count, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
2360	offset += 1;
2361
2362	/* Data (byteCount) /
2363	/* This part is state-dependent. */
2364
2365	if (!conversation_state) {
2366	// XXX expert info? LEAP is not expected within the EAP-Message within EAP-TTLS.
2367	break;
2368	}
2369	/* XXX - are duplicates possible (is_duplicate_id)?
2370	* If so, should we stop here to avoid modifying conversation_state? */
2371
2372	/* See if we've already remembered the state. */
2373	packet_state = (frame_state_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_eap, PROTO_DATA_EAP_FRAME_STATE \| tls_group);
2374	if (packet_state == NULL((void*)0)) {
2375	/*
2376	* We haven't - compute the state based on the current
2377	* state in the conversation.
2378	*/
2379	leap_state = conversation_state->leap_state;
2380
2381	/* Advance the state machine. */
2382	if (leap_state==0) leap_state = 1; else
2383	if (leap_state==1) leap_state = 2; else
2384	if (leap_state==2) leap_state = 3; else
2385	if (leap_state==3) leap_state = 4; else
2386	if (leap_state==4) leap_state = -1;
2387
2388	/*
2389	* Remember the state for subsequent accesses to this
2390	* frame.
2391	*/
2392	packet_state = wmem_new(wmem_file_scope(), frame_state_t)((frame_state_t*)wmem_alloc((wmem_file_scope()), sizeof(frame_state_t )));
2393	packet_state->info = leap_state;
2394	p_add_proto_data(wmem_file_scope(), pinfo, proto_eap, PROTO_DATA_EAP_FRAME_STATE \| tls_group, packet_state);
2395
2396	/*
2397	* Update the conversation's state.
2398	*/
2399	conversation_state->leap_state = leap_state;
2400	}
2401
2402	/* Get the remembered state. */
2403	leap_state = packet_state->info;
2404
2405	switch (leap_state) {
2406	case 1:
2407	proto_tree_add_item(eap_tree, hf_eap_leap_peer_challenge, tvb, offset, count, ENC_NA0x00000000);
2408	break;
2409
2410	case 2:
2411	proto_tree_add_item(eap_tree, hf_eap_leap_peer_response, tvb, offset, count, ENC_NA0x00000000);
2412	break;
2413
2414	case 3:
2415	proto_tree_add_item(eap_tree, hf_eap_leap_ap_challenge, tvb, offset, count, ENC_NA0x00000000);
2416	break;
2417
2418	case 4:
2419	proto_tree_add_item(eap_tree, hf_eap_leap_ap_response, tvb, offset, count, ENC_NA0x00000000);
2420	break;
2421
2422	default:
2423	proto_tree_add_item(eap_tree, hf_eap_leap_data, tvb, offset, count, ENC_NA0x00000000);
2424	break;
2425	}
2426
2427	offset += count;
2428
2429	/* Name (Length-(8+Count)) */
2430	namesize = eap_len - (8+count);
2431	proto_tree_add_item(eap_tree, hf_eap_leap_name, tvb, offset, namesize, ENC_ASCII0x00000000);
2432	}
2433
2434	break; /* EAP_TYPE_LEAP */
2435
2436	/*********************************************************************
2437	EAP-MSCHAPv2 - draft-kamath-pppext-eap-mschapv2-00.txt
2438	**********************************************************************/
2439	case EAP_TYPE_MSCHAPV226:
2440	dissect_eap_mschapv2(eap_tree, tvb, pinfo, offset, size);
2441	break; /* EAP_TYPE_MSCHAPV2 */
2442
2443	/*********************************************************************
2444	EAP-SIM - draft-haverinen-pppext-eap-sim-13.txt
2445	**********************************************************************/
2446	case EAP_TYPE_SIM18:
2447	dissect_eap_sim(eap_tree, tvb, pinfo, offset, size);
2448	break; /* EAP_TYPE_SIM */
2449
2450	/*********************************************************************
2451	EAP-AKA - draft-arkko-pppext-eap-aka-12.txt
2452	**********************************************************************/
2453	case EAP_TYPE_AKA23:
2454	case EAP_TYPE_AKA_PRIME50:
2455	dissect_eap_aka(eap_tree, tvb, pinfo, offset, size);
2456	break; /* EAP_TYPE_AKA */
2457
2458	/*********************************************************************
2459	EAP Expanded Type
2460	**********************************************************************/
2461	case EAP_TYPE_EXT254:
2462	{
2463	proto_tree *exptree;
2464
2465	exptree = proto_tree_add_subtree(eap_tree, tvb, offset, size, ett_eap_exp_attr, NULL((void*)0), "Expanded Type");
2466	dissect_exteap(exptree, tvb, offset, size, pinfo, eap_code, eap_identifier);
2467	}
2468	break;
2469
2470	/*********************************************************************
2471	EAP-PAX - RFC 4746
2472	**********************************************************************/
2473	case EAP_TYPE_PAX46:
2474	dissect_eap_pax(eap_tree, tvb, pinfo, offset, size);
2475	break; /* EAP_TYPE_PAX */
2476
2477	/*********************************************************************
2478	EAP-PSK - RFC 4764
2479	**********************************************************************/
2480	case EAP_TYPE_PSK47:
2481	dissect_eap_psk(eap_tree, tvb, pinfo, offset, size);
2482	break; /* EAP_TYPE_PSK */
2483
2484	/*********************************************************************
2485	EAP-SAKE - RFC 4763
2486	**********************************************************************/
2487	case EAP_TYPE_SAKE48:
2488	dissect_eap_sake(eap_tree, tvb, pinfo, offset, size);
2489	break; /* EAP_TYPE_SAKE */
2490
2491	/*********************************************************************
2492	EAP-GPSK - RFC 5433
2493	**********************************************************************/
2494	case EAP_TYPE_GPSK51:
2495	dissect_eap_gpsk(eap_tree, tvb, pinfo, offset, size);
2496	break; /* EAP_TYPE_GPSK */
2497
2498	/*********************************************************************
2499	EAP-IKEv2 - RFC 5106
2500	**********************************************************************/
2501	case EAP_TYPE_IKEV249:
2502	{
2503	bool_Bool more_fragments;
2504	bool_Bool has_length;
2505	bool_Bool icv_present;
2506
2507	/* Flags field, 1 byte */
2508	ti = proto_tree_add_item(eap_tree, hf_eap_ikev2_flags, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
2509	eap_tls_flags_tree = proto_item_add_subtree(ti, hf_eap_ikev2_flags);
2510	proto_tree_add_item_ret_boolean(eap_tls_flags_tree, hf_eap_ikev2_flag_l, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000, &has_length);
2511	proto_tree_add_item_ret_boolean(eap_tls_flags_tree, hf_eap_ikev2_flag_m, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000, &more_fragments);
2512	proto_tree_add_item_ret_boolean(eap_tls_flags_tree, hf_eap_ikev2_flag_i, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000, &icv_present);
2513
2514	size -= 1;
2515	offset += 1;
2516
2517	/* Length field, 4 bytes, OPTIONAL. */
2518	if (has_length) {
2519	proto_tree_add_item(eap_tree, hf_eap_ikev2_len, tvb, offset, 4, ENC_BIG_ENDIAN0x00000000);
2520	size -= 4;
2521	offset += 4;
2522	}
2523
2524	if (size > 0) {
2525	tvbuff_t* next_tvb = NULL((void*)0);
2526	int tvb_len;
2527
2528	tvb_len = tvb_captured_length_remaining(tvb, offset);
2529	if (size < tvb_len) {
2530	tvb_len = size;
2531	}
2532
2533	if (has_length \|\| more_fragments) {
2534	/* TODO: Add fragmentation support
2535	* Length of integrity check data needs to be determined in case of fragmentation. Chosen INTEG transform?
2536	*/
2537	} else {
2538	next_tvb = tvb_new_subset_length_caplen(tvb, offset, tvb_len, size);
2539	unsigned tmp = call_dissector(isakmp_handle, next_tvb, pinfo, eap_tree);
2540	size -= tmp;
2541	offset += tmp;
2542
2543	if (icv_present && size > 0) {
2544	/* We assume that all data present is integrity check data. We cannot detect too short/long right now. */
2545	proto_tree_add_item(eap_tree, hf_eap_ikev2_int_chk_data, tvb, offset, size, ENC_NA0x00000000);
2546	}
2547	}
2548	}
2549
2550	break;
2551	} /* EAP_TYPE_IKEV2 */
2552
2553	/*********************************************************************
2554	MS-Authentication-TLV - MS-PEAP section 2.2.8.1
2555	**********************************************************************/
2556	case EAP_TYPE_MSAUTH_TLV33:
2557	dissect_eap_msauth_tlv(eap_tree, tvb, pinfo, offset, size);
2558	break; /* EAP_TYPE_MSAUTH_TLV */
2559
2560	/*********************************************************************
2561	**********************************************************************/
2562	default:
2563	proto_tree_add_item(eap_tree, hf_eap_data, tvb, offset, size, ENC_NA0x00000000);
2564	break;
2565	/*********************************************************************
2566	**********************************************************************/
2567	} /* switch (eap_type) */
2568
2569	}
2570
2571	} /* switch (eap_code) */
2572
2573	return tvb_captured_length(tvb);
2574	}
2575
2576	void
2577	proto_register_eap(void)
2578	{
2579	static hf_register_info hf[] = {
2580	{ &hf_eap_code, {
2581	"Code", "eap.code",
2582	FT_UINT8, BASE_DEC, VALS(eap_code_vals)((0 ? (const struct _value_string*)0 : ((eap_code_vals)))), 0x0,
2583	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2584
2585	{ &hf_eap_identifier, {
2586	"Id", "eap.id",
2587	FT_UINT8, BASE_DEC, NULL((void*)0), 0x0,
2588	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2589
2590	{ &hf_eap_len, {
2591	"Length", "eap.len",
2592	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
2593	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2594
2595	{ &hf_eap_type, {
2596	"Type", "eap.type",
2597	FT_UINT8, BASE_DEC\|BASE_EXT_STRING0x00000200, &eap_type_vals_ext, 0x0,
2598	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2599
2600	{ &hf_eap_type_nak, {
2601	"Desired Auth Type", "eap.desired_type",
2602	FT_UINT8, BASE_DEC\|BASE_EXT_STRING0x00000200, &eap_type_vals_ext, 0x0,
2603	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2604
2605	{ &hf_eap_identity, {
2606	"Identity", "eap.identity",
2607	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
2608	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2609
2610	{ &hf_eap_identity_prefix, {
2611	"Identity Prefix", "eap.identity.prefix",
2612	FT_CHAR, BASE_HEX, NULL((void*)0), 0x0,
2613	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2614
2615	{ &hf_eap_identity_type, {
2616	"Identity Type", "eap.identity.type",
2617	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
2618	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2619
2620	{ &hf_eap_identity_full, {
2621	"Identity (Full)", "eap.identity.full",
2622	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
2623	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2624
2625	{ &hf_eap_identity_certificate_sn, {
2626	"Certificate Serial Number", "eap.identity.cert_sn",
2627	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
2628	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2629
2630	{ &hf_eap_identity_mcc, {
2631	"Identity Mobile Country Code", "eap.identity.mcc",
2632	FT_UINT16, BASE_DEC\|BASE_EXT_STRING0x00000200, &E212_codes_ext, 0x0, NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2633
2634	{ &hf_eap_identity_mcc_mnc_2digits, {
2635	"Identity Mobile Network Code", "eap.identity.mnc",
2636	FT_UINT16, BASE_DEC\|BASE_EXT_STRING0x00000200, &mcc_mnc_2digits_codes_ext, 0x0, NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2637
2638	{ &hf_eap_identity_mcc_mnc_3digits, {
2639	"Identity Mobile Network Code", "eap.identity.mnc",
2640	FT_UINT16, BASE_DEC\|BASE_EXT_STRING0x00000200, &mcc_mnc_3digits_codes_ext, 0x0, NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2641
2642	{ &hf_eap_identity_padding, {
2643	"Padding", "eap.identity.padding",
2644	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2645	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2646
2647	{ &hf_eap_identity_actual_len, {
2648	"Identity Actual Length", "eap.identity.actual_len",
2649	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
2650	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2651
2652	{ &hf_eap_notification, {
2653	"Notification", "eap.notification",
2654	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
2655	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2656
2657	{ &hf_eap_md5_value_size, {
2658	"EAP-MD5 Value-Size", "eap.md5.value_size",
2659	FT_UINT8, BASE_DEC, NULL((void*)0), 0x0,
2660	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2661
2662	{ &hf_eap_md5_value, {
2663	"EAP-MD5 Value", "eap.md5.value",
2664	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2665	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2666
2667	{ &hf_eap_md5_extra_data, {
2668	"EAP-MD5 Extra Data", "eap.md5.extra_data",
2669	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2670	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2671
2672	{ &hf_eap_tls_flags, {
2673	"EAP-TLS Flags", "eap.tls.flags",
2674	FT_UINT8, BASE_HEX, NULL((void*)0), 0x0,
2675	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2676
2677	{ &hf_eap_tls_flag_l, {
2678	"Length Included", "eap.tls.flags.len_included",
2679	FT_BOOLEAN, 8, NULL((void*)0), EAP_TLS_FLAG_L0x80,
2680	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2681
2682	{ &hf_eap_tls_flag_m, {
2683	"More Fragments", "eap.tls.flags.more_fragments",
2684	FT_BOOLEAN, 8, NULL((void*)0), EAP_TLS_FLAG_M0x40,
2685	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2686
2687	{ &hf_eap_tls_flag_s, {
2688	"Start", "eap.tls.flags.start",
2689	FT_BOOLEAN, 8, NULL((void*)0), EAP_TLS_FLAG_S0x20,
2690	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2691
2692	{ &hf_eap_tls_flag_o, {
2693	"Outer TLV Length Included", "eap.tls.flags.outer_tlv_len_included",
2694	FT_BOOLEAN, 8, NULL((void*)0), EAP_TLS_FLAG_O0x10,
2695	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2696
2697	{ &hf_eap_tls_flags_version, {
2698	"Version", "eap.tls.flags.version",
2699	FT_UINT8, BASE_DEC, NULL((void*)0), EAP_TLS_FLAGS_VERSION0x07,
2700	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2701
2702	{ &hf_eap_tls_len, {
2703	"EAP-TLS Length", "eap.tls.len",
2704	FT_UINT32, BASE_DEC, NULL((void*)0), 0x0,
2705	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2706
2707	{ &hf_eap_tls_outer_tlvs_len, {
2708	"TEAP Outer TLVs Length", "eap.tls.outer_tlvs_len",
2709	FT_UINT32, BASE_DEC, NULL((void*)0), 0x0,
2710	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2711
2712	{ &hf_eap_tls_fragment, {
2713	"EAP-TLS Fragment", "eap.tls.fragment",
2714	FT_FRAMENUM, BASE_NONE, NULL((void*)0), 0x0,
2715	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2716
2717	{ &hf_eap_tls_fragments, {
2718	"EAP-TLS Fragments", "eap.tls.fragments",
2719	FT_NONE, BASE_NONE, NULL((void*)0), 0x0,
2720	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2721
2722	{ &hf_eap_tls_fragment_overlap, {
2723	"Fragment Overlap", "eap.tls.fragment.overlap",
2724	FT_BOOLEAN, BASE_NONE, NULL((void*)0), 0x0,
2725	"Fragment overlaps with other fragments", HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) }},
2726
2727	{ &hf_eap_tls_fragment_overlap_conflict, {
2728	"Conflicting Data In Fragment Overlap", "eap.tls.fragment.overlap_conflict",
2729	FT_BOOLEAN, BASE_NONE, NULL((void*)0), 0x0,
2730	"Overlapping fragments contained conflicting data", HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) }},
2731
2732	{ &hf_eap_tls_fragment_multiple_tails, {
2733	"Multiple Tail Fragments Found", "eap.tls.fragment.multiple_tails",
2734	FT_BOOLEAN, BASE_NONE, NULL((void*)0), 0x0,
2735	"Several tails were found when defragmenting the packet", HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) }},
2736
2737	{ &hf_eap_tls_fragment_too_long_fragment,{
2738	"Fragment Too Long", "eap.tls.fragment.fragment.too_long",
2739	FT_BOOLEAN, BASE_NONE, NULL((void*)0), 0x0,
2740	"Fragment contained data past end of packet", HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) }},
2741
2742	{ &hf_eap_tls_fragment_error, {
2743	"Defragmentation Error", "eap.tls.fragment.error",
2744	FT_FRAMENUM, BASE_NONE, NULL((void*)0), 0x0,
2745	"Defragmentation error due to illegal fragments", HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) }},
2746
2747	{ &hf_eap_tls_fragment_count, {
2748	"Fragment Count", "eap.tls.fragment.count",
2749	FT_UINT32, BASE_DEC, NULL((void*)0), 0x0,
2750	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2751
2752	{ &hf_eap_tls_reassembled_in, {
2753	"Reassembled EAP-TLS PDU in frame", "eap.tls.reassembled_in",
2754	FT_FRAMENUM, BASE_NONE, NULL((void*)0), 0x0,
2755	"A PDU with a fragment from this frame is reassembled in this frame", HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) } },
2756
2757	{ &hf_eap_tls_reassembled_length, {
2758	"Reassembled EAP-TLS Length", "eap.tls.reassembled.len",
2759	FT_UINT32, BASE_DEC, NULL((void*)0), 0x0,
2760	"Total length of the reassembled payload", HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) }},
2761
2762	{ &hf_eap_sim_subtype, {
2763	"EAP-SIM Subtype", "eap.sim.subtype",
2764	FT_UINT8, BASE_DEC, VALS(eap_sim_subtype_vals)((0 ? (const struct _value_string*)0 : ((eap_sim_subtype_vals )))), 0x0,
2765	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2766
2767	{ &hf_eap_sim_reserved, {
2768	"EAP-SIM Reserved", "eap.sim.reserved",
2769	FT_UINT16, BASE_HEX, NULL((void*)0), 0x0,
2770	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2771
2772	{ &hf_eap_sim_subtype_attribute, {
2773	"EAP-SIM Attribute", "eap.sim.subtype.attribute",
2774	FT_NONE, BASE_NONE, NULL((void*)0), 0x0,
2775	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2776
2777	{ &hf_eap_sim_subtype_type, {
2778	"EAP-SIM Type", "eap.sim.subtype.type",
2779	FT_UINT8, BASE_DEC\|BASE_EXT_STRING0x00000200, &eap_sim_aka_attribute_vals_ext, 0x0,
2780	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2781
2782	{ &hf_eap_sim_subtype_length, {
2783	"EAP-SIM Length", "eap.sim.subtype.len",
2784	FT_UINT8, BASE_DEC, NULL((void*)0), 0x0,
2785	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2786
2787	{ &hf_eap_sim_notification_type, {
2788	"EAP-SIM Notification Type", "eap.sim.notification_type",
2789	FT_UINT16, BASE_DEC, VALS(eap_sim_aka_notification_vals)((0 ? (const struct _value_string*)0 : ((eap_sim_aka_notification_vals )))), 0x0,
2790	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2791
2792	{ &hf_eap_sim_error_code_type, {
2793	"EAP-SIM Error Code", "eap.sim.error_code",
2794	FT_UINT16, BASE_DEC, VALS(eap_sim_aka_client_error_codes)((0 ? (const struct _value_string*)0 : ((eap_sim_aka_client_error_codes )))), 0x0,
2795	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2796
2797	{ &hf_eap_sim_subtype_value, {
2798	"EAP-SIM Value", "eap.sim.subtype.value",
2799	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2800	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2801
2802	{ &hf_eap_aka_subtype, {
2803	"EAP-AKA Subtype", "eap.aka.subtype",
2804	FT_UINT8, BASE_DEC, VALS(eap_aka_subtype_vals)((0 ? (const struct _value_string*)0 : ((eap_aka_subtype_vals )))), 0x0,
2805	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2806
2807	{ &hf_eap_aka_reserved, {
2808	"EAP-AKA Reserved", "eap.aka.reserved",
2809	FT_UINT16, BASE_HEX, NULL((void*)0), 0x0,
2810	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2811
2812	{ &hf_eap_aka_subtype_attribute, {
2813	"EAP-AKA Attribute", "eap.aka.subtype.attribute",
2814	FT_NONE, BASE_NONE, NULL((void*)0), 0x0,
2815	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2816
2817	{ &hf_eap_aka_subtype_type, {
2818	"EAP-AKA Type", "eap.aka.subtype.type",
2819	FT_UINT8, BASE_DEC\|BASE_EXT_STRING0x00000200, &eap_sim_aka_attribute_vals_ext, 0x0,
2820	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2821
2822	{ &hf_eap_aka_subtype_length, {
2823	"EAP-AKA Length", "eap.aka.subtype.len",
2824	FT_UINT8, BASE_DEC, NULL((void*)0), 0x0,
2825	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2826
2827	{ &hf_eap_aka_notification_type, {
2828	"EAP-AKA Notification Type", "eap.aka.notification_type",
2829	FT_UINT16, BASE_DEC, VALS(eap_sim_aka_notification_vals)((0 ? (const struct _value_string*)0 : ((eap_sim_aka_notification_vals )))), 0x0,
2830	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2831
2832	{ &hf_eap_aka_error_code_type, {
2833	"EAP-AKA Error Code", "eap.aka.error_code",
2834	FT_UINT16, BASE_DEC, VALS(eap_sim_aka_client_error_codes)((0 ? (const struct _value_string*)0 : ((eap_sim_aka_client_error_codes )))), 0x0,
2835	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2836
2837	{ &hf_eap_aka_rand, {
2838	"EAP-AKA RAND", "eap.aka.rand",
2839	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2840	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2841
2842	{ &hf_eap_aka_autn, {
2843	"EAP-AKA AUTN", "eap.aka.autn",
2844	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2845	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2846
2847	{ &hf_eap_aka_res_len, {
2848	"EAP-AKA RES Length", "eap.aka.res.len",
2849	FT_UINT16, BASE_DEC\|BASE_UNIT_STRING0x00001000, UNS(&units_bit_bits)((0 ? (const struct unit_name_string*)0 : ((&units_bit_bits )))), 0x0,
2850	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2851
2852	{ &hf_eap_aka_res, {
2853	"EAP-AKA RES", "eap.aka.res",
2854	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2855	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2856
2857	{ &hf_eap_aka_auts, {
2858	"EAP-AKA AUTS", "eap.aka.auts",
2859	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2860	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2861
2862	{ &hf_eap_aka_subtype_value, {
2863	"EAP-AKA Value", "eap.aka.subtype.value",
2864	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2865	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2866
2867	{ &hf_eap_leap_version, {
2868	"EAP-LEAP Version", "eap.leap.version",
2869	FT_UINT8, BASE_DEC, NULL((void*)0), 0x0,
2870	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2871
2872	{ &hf_eap_leap_reserved, {
2873	"EAP-LEAP Reserved", "eap.leap.reserved",
2874	FT_UINT8, BASE_HEX, NULL((void*)0), 0x0,
2875	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2876
2877	{ &hf_eap_leap_count, {
2878	"EAP-LEAP Count", "eap.leap.count",
2879	FT_UINT8, BASE_DEC, NULL((void*)0), 0x0,
2880	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2881
2882	{ &hf_eap_leap_peer_challenge, {
2883	"EAP-LEAP Peer-Challenge", "eap.leap.peer_challenge",
2884	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2885	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2886
2887	{ &hf_eap_leap_peer_response, {
2888	"EAP-LEAP Peer-Response", "eap.leap.peer_response",
2889	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2890	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2891
2892	{ &hf_eap_leap_ap_challenge, {
2893	"EAP-LEAP AP-Challenge", "eap.leap.ap_challenge",
2894	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2895	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2896
2897	{ &hf_eap_leap_ap_response, {
2898	"EAP-LEAP AP-Response", "eap.leap.ap_response",
2899	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2900	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2901
2902	{ &hf_eap_leap_data, {
2903	"EAP-LEAP Data", "eap.leap.data",
2904	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2905	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2906
2907	{ &hf_eap_leap_name, {
2908	"EAP-LEAP Name", "eap.leap.name",
2909	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
2910	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2911
2912	{ &hf_eap_ms_chap_v2_opcode, {
2913	"EAP-MS-CHAP-v2 OpCode", "eap.ms_chap_v2.opcode",
2914	FT_UINT8, BASE_DEC, VALS(eap_ms_chap_v2_opcode_vals)((0 ? (const struct _value_string*)0 : ((eap_ms_chap_v2_opcode_vals )))), 0x0,
2915	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2916
2917	{ &hf_eap_ms_chap_v2_id, {
2918	"EAP-MS-CHAP-v2 Id", "eap.ms_chap_v2.id",
2919	FT_UINT8, BASE_DEC, NULL((void*)0), 0x0,
2920	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2921
2922	{ &hf_eap_ms_chap_v2_length, {
2923	"EAP-MS-CHAP-v2 Length", "eap.ms_chap_v2.length",
2924	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
2925	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2926
2927	{ &hf_eap_ms_chap_v2_value_size, {
2928	"EAP-MS-CHAP-v2 Value-Size", "eap.ms_chap_v2.value_size",
2929	FT_UINT8, BASE_DEC, NULL((void*)0), 0x0,
2930	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2931
2932	{ &hf_eap_ms_chap_v2_challenge, {
2933	"EAP-MS-CHAP-v2 Challenge", "eap.ms_chap_v2.challenge",
2934	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2935	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2936
2937	{ &hf_eap_ms_chap_v2_name, {
2938	"EAP-MS-CHAP-v2 Name", "eap.ms_chap_v2.name",
2939	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
2940	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2941
2942	{ &hf_eap_ms_chap_v2_peer_challenge, {
2943	"EAP-MS-CHAP-v2 Peer-Challenge", "eap.ms_chap_v2.peer_challenge",
2944	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2945	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2946
2947	{ &hf_eap_ms_chap_v2_reserved, {
2948	"EAP-MS-CHAP-v2 Reserved", "eap.ms_chap_v2.reserved",
2949	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2950	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2951
2952	{ &hf_eap_ms_chap_v2_nt_response, {
2953	"EAP-MS-CHAP-v2 NT-Response", "eap.ms_chap_v2.nt_response",
2954	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2955	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2956
2957	{ &hf_eap_ms_chap_v2_flags, {
2958	"EAP-MS-CHAP-v2 Flags", "eap.ms_chap_v2.flags",
2959	FT_UINT8, BASE_HEX, NULL((void*)0), 0x0,
2960	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2961
2962	{ &hf_eap_ms_chap_v2_response, {
2963	"EAP-MS-CHAP-v2 Response (Unknown Length)", "eap.ms_chap_v2.response",
2964	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2965	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2966
2967	{ &hf_eap_ms_chap_v2_message, {
2968	"EAP-MS-CHAP-v2 Message", "eap.ms_chap_v2.message",
2969	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
2970	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2971
2972	{ &hf_eap_ms_chap_v2_failure_request, {
2973	"EAP-MS-CHAP-v2 Failure-Request", "eap.ms_chap_v2.failure_request",
2974	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
2975	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2976
2977	{ &hf_eap_ms_chap_v2_data, {
2978	"EAP-MS-CHAP-v2 Data", "eap.ms_chap_v2.data",
2979	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
2980	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2981
2982	{ &hf_eap_pax_opcode, {
2983	"EAP-PAX OP-Code", "eap.pax.opcode",
2984	FT_UINT8, BASE_HEX, VALS(eap_pax_opcode_vals)((0 ? (const struct _value_string*)0 : ((eap_pax_opcode_vals) ))), 0x0,
2985	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2986
2987	{ &hf_eap_pax_flags, {
2988	"EAP-PAX Flags", "eap.pax.flags",
2989	FT_UINT8, BASE_HEX, NULL((void*)0), 0x0,
2990	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2991
2992	{ &hf_eap_pax_flags_mf, {
2993	"more fragments", "eap.pax.flags.mf",
2994	FT_BOOLEAN, 8, NULL((void*)0), EAP_PAX_FLAG_MF0x01,
2995	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
2996
2997	{ &hf_eap_pax_flags_ce, {
2998	"certificate enabled", "eap.pax.flags.ce",
2999	FT_BOOLEAN, 8, NULL((void*)0), EAP_PAX_FLAG_CE0x02,
3000	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3001
3002	{ &hf_eap_pax_flags_ai, {
3003	"ADE Included", "eap.pax.flags.ai",
3004	FT_BOOLEAN, 8, NULL((void*)0), EAP_PAX_FLAG_AI0x04,
3005	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3006
3007	{ &hf_eap_pax_flags_reserved, {
3008	"reserved", "eap.pax.flags.reserved",
3009	FT_BOOLEAN, 8, NULL((void*)0), EAP_PAX_FLAG_RESERVED0xF8,
3010	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3011
3012	{ &hf_eap_pax_mac_id, {
3013	"EAP-PAX MAC ID", "eap.pax.mac_id",
3014	FT_UINT8, BASE_HEX, VALS(eap_pax_mac_id_vals)((0 ? (const struct _value_string*)0 : ((eap_pax_mac_id_vals) ))), 0x0,
3015	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3016
3017	{ &hf_eap_pax_dh_group_id, {
3018	"EAP-PAX DH Group ID", "eap.pax.dh_group_id",
3019	FT_UINT8, BASE_HEX, VALS(eap_pax_dh_group_id_vals)((0 ? (const struct _value_string*)0 : ((eap_pax_dh_group_id_vals )))), 0x0,
3020	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3021
3022	{ &hf_eap_pax_public_key_id, {
3023	"EAP-PAX Public Key ID", "eap.pax.public_key_id",
3024	FT_UINT8, BASE_HEX, VALS(eap_pax_public_key_id_vals)((0 ? (const struct _value_string*)0 : ((eap_pax_public_key_id_vals )))), 0x0,
3025	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3026
3027	{ &hf_eap_pax_a_len, {
3028	"EAP-PAX A len", "eap.pax.a.len",
3029	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
3030	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3031
3032	{ &hf_eap_pax_a, {
3033	"EAP-PAX A", "eap.pax.a",
3034	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3035	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3036
3037	{ &hf_eap_pax_b_len, {
3038	"EAP-PAX B len", "eap.pax.b.len",
3039	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
3040	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3041
3042	{ &hf_eap_pax_b, {
3043	"EAP-PAX B", "eap.pax.b",
3044	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3045	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3046
3047	{ &hf_eap_pax_cid_len, {
3048	"EAP-PAX CID len", "eap.pax.cid.len",
3049	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
3050	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3051
3052	{ &hf_eap_pax_cid, {
3053	"EAP-PAX CID", "eap.pax.cid",
3054	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
3055	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3056
3057	{ &hf_eap_pax_mac_ck_len, {
3058	"EAP-PAX MAC_CK len", "eap.pax.mac_ck.len",
3059	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
3060	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3061
3062	{ &hf_eap_pax_mac_ck, {
3063	"EAP-PAX MAC_CK", "eap.pax.mac_ck",
3064	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3065	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3066
3067	{ &hf_eap_pax_ade_len, {
3068	"EAP-PAX ADE len", "eap.pax.ade.len",
3069	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
3070	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3071
3072	{ &hf_eap_pax_ade, {
3073	"EAP-PAX ADE", "eap.pax.ade",
3074	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3075	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3076
3077	{ &hf_eap_pax_mac_icv, {
3078	"EAP-PAX ICV", "eap.pax.icv",
3079	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3080	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3081
3082	{ &hf_eap_psk_flags, {
3083	"EAP-PSK Flags", "eap.psk.flags",
3084	FT_UINT8, BASE_HEX, NULL((void*)0), 0x0,
3085	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3086
3087	{ &hf_eap_psk_flags_t, {
3088	"T", "eap.psk.flags.t",
3089	FT_UINT8, BASE_HEX, NULL((void*)0), EAP_PSK_FLAGS_T_MASK0xC0,
3090	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3091
3092	{ &hf_eap_psk_flags_reserved, {
3093	"Reserved", "eap.psk.flags.reserved",
3094	FT_UINT8, BASE_HEX, NULL((void*)0), 0x3F,
3095	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3096
3097	{ &hf_eap_psk_rand_p, {
3098	"EAP-PSK RAND_P", "eap.psk.rand_p",
3099	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3100	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3101
3102	{ &hf_eap_psk_rand_s, {
3103	"EAP-PSK RAND_S", "eap.psk.rand_s",
3104	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3105	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3106
3107	{ &hf_eap_psk_mac_p, {
3108	"EAP-PSK MAC_P", "eap.psk.mac_p",
3109	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3110	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3111
3112	{ &hf_eap_psk_mac_s, {
3113	"EAP-PSK MAC_S", "eap.psk.mac_s",
3114	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3115	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3116
3117	{ &hf_eap_psk_id_p, {
3118	"EAP-PSK ID_P", "eap.psk.id_p",
3119	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
3120	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3121
3122	{ &hf_eap_psk_id_s, {
3123	"EAP-PSK ID_S", "eap.psk.id_s",
3124	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
3125	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3126
3127	{ &hf_eap_psk_pchannel, {
3128	"EAP-PSK Protected Channel (encrypted)", "eap.psk.pchannel",
3129	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3130	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3131
3132	{ &hf_eap_sake_version, {
3133	"EAP-SAKE Version", "eap.sake.version",
3134	FT_UINT8, BASE_HEX, NULL((void*)0), 0x0,
3135	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3136
3137	{ &hf_eap_sake_session_id, {
3138	"EAP-SAKE Session ID", "eap.sake.session_id",
3139	FT_UINT8, BASE_HEX, NULL((void*)0), 0x0,
3140	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3141
3142	{ &hf_eap_sake_subtype, {
3143	"EAP-SAKE Subtype", "eap.sake.subtype",
3144	FT_UINT8, BASE_HEX, VALS(eap_sake_subtype_vals)((0 ? (const struct _value_string*)0 : ((eap_sake_subtype_vals )))), 0x0,
3145	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3146
3147	{ &hf_eap_sake_attr_type, {
3148	"Attribute Type", "eap.sake.attr.type",
3149	FT_UINT8, BASE_HEX, VALS(eap_sake_attr_type_vals)((0 ? (const struct _value_string*)0 : ((eap_sake_attr_type_vals )))), 0x0,
3150	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3151
3152	{ &hf_eap_sake_attr_len, {
3153	"Attribute Length", "eap.sake.attr.len",
3154	FT_UINT8, BASE_DEC, NULL((void*)0), 0x0,
3155	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3156
3157	{ &hf_eap_sake_attr_value, {
3158	"Attribute Value", "eap.sake.attr.val",
3159	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3160	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3161
3162	{ &hf_eap_sake_attr_value_str, {
3163	"Attribute Value", "eap.sake.attr.val_str",
3164	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
3165	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3166
3167	{ &hf_eap_sake_attr_value_uint48, {
3168	"Attribute Value", "eap.sake.attr.val_uint48",
3169	FT_UINT48, BASE_DEC, NULL((void*)0), 0x0,
3170	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3171
3172	{ &hf_eap_gpsk_opcode, {
3173	"EAP-GPSK OP-Code", "eap.gpsk.opcode",
3174	FT_UINT8, BASE_HEX, VALS(eap_gpsk_opcode_vals)((0 ? (const struct _value_string*)0 : ((eap_gpsk_opcode_vals )))), 0x0,
3175	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3176
3177	{ &hf_eap_gpsk_id_server_len, {
3178	"EAP-GPSK ID_Server len", "eap.gpsk.id_server.len",
3179	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
3180	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3181
3182	{ &hf_eap_gpsk_id_server, {
3183	"EAP-GPSK ID_Server", "eap.gpsk.id_server",
3184	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
3185	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3186
3187	{ &hf_eap_gpsk_id_peer_len, {
3188	"EAP-GPSK ID_Peer len", "eap.gpsk.id_peer.len",
3189	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
3190	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3191
3192	{ &hf_eap_gpsk_id_peer, {
3193	"EAP-GPSK ID_Peer", "eap.gpsk.id_peer",
3194	FT_STRING, BASE_NONE, NULL((void*)0), 0x0,
3195	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3196
3197	{ &hf_eap_gpsk_rand_server, {
3198	"EAP-GPSK Rand_Server", "eap.gpsk.rand_server",
3199	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3200	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3201
3202	{ &hf_eap_gpsk_rand_peer, {
3203	"EAP-GPSK Rand_Peer", "eap.gpsk.rand_peer",
3204	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3205	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3206
3207	{ &hf_eap_gpsk_csuite_list_len, {
3208	"Len", "eap.gpsk.csuite_list_len",
3209	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
3210	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3211
3212	{ &hf_eap_gpsk_csuite_vendor, {
3213	"Vendor", "eap.gpsk.csuite.vendor",
3214	FT_UINT32, BASE_HEX, NULL((void*)0), 0x0,
3215	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3216
3217	{ &hf_eap_gpsk_csuite_specifier, {
3218	"Specifier", "eap.gpsk.csuite.specifier",
3219	FT_UINT16, BASE_HEX, NULL((void*)0), 0x0,
3220	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3221
3222	{ &hf_eap_gpsk_pd_payload_len, {
3223	"EAP-GPSK PD_Payload len", "eap.gpsk.pd_payload.len",
3224	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
3225	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3226
3227	{ &hf_eap_gpsk_pd_payload, {
3228	"EAP-GPSK PD_Payload", "eap.gpsk.pd_payload",
3229	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3230	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3231
3232	{ &hf_eap_gpsk_payload_mac, {
3233	"EAP-GPSK Payload MAC", "eap.gpsk.payload_mac",
3234	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3235	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3236
3237	{ &hf_eap_gpsk_failure_code, {
3238	"EAP-GPSK Failure code", "eap.gpsk.failure_code",
3239	FT_UINT32, BASE_HEX, VALS(eap_gpsk_failure_code_vals)((0 ? (const struct _value_string*)0 : ((eap_gpsk_failure_code_vals )))), 0x0,
3240	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3241
3242	{ &hf_eap_data, {
3243	"EAP Data", "eap.data",
3244	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3245	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3246
3247	{ &hf_eap_fast_type, {
3248	"EAP-FAST Type", "eap.fast.type",
3249	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
3250	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3251
3252	{ &hf_eap_fast_length, {
3253	"EAP-FAST Length", "eap.fast.length",
3254	FT_UINT16, BASE_DEC, NULL((void*)0), 0x0,
3255	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3256
3257	{ &hf_eap_fast_aidd, {
3258	"Authority ID Data", "eap.fast.authority_id_data",
3259	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3260	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3261
3262	{ &hf_eap_msauth_tlv_mandatory, {
3263	"Mandatory", "eap.msauth-tlv.mandatory",
3264	FT_BOOLEAN, 16, NULL((void*)0), MSAUTH_TLV_MANDATORY0x8000,
3265	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3266
3267	{ &hf_eap_msauth_tlv_reserved, {
3268	"Reserved", "eap.msauth-tlv.reserved",
3269	FT_BOOLEAN, 16, NULL((void*)0), MSAUTH_TLV_RESERVED0x4000,
3270	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3271
3272	{ &hf_eap_msauth_tlv_type, {
3273	"Type", "eap.msauth-tlv.type",
3274	FT_UINT16, BASE_DEC, VALS(eap_msauth_tlv_type_vals)((0 ? (const struct _value_string*)0 : ((eap_msauth_tlv_type_vals )))), MSAUTH_TLV_TYPE0x3FFF,
3275	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3276
3277	{ &hf_eap_msauth_tlv_len, {
3278	"Length", "eap.msauth-tlv.len",
3279	FT_UINT16, BASE_DEC, NULL((void*)0), 0x00,
3280	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3281
3282	{ &hf_eap_msauth_tlv_val, {
3283	"Value", "eap.msauth-tlv.val",
3284	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3285	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3286
3287	{ &hf_eap_msauth_tlv_status, {
3288	"Status", "eap.msauth-tlv.status",
3289	FT_UINT16, BASE_DEC, VALS(eap_msauth_tlv_status_vals)((0 ? (const struct _value_string*)0 : ((eap_msauth_tlv_status_vals )))), 0x0,
3290	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3291
3292	{ &hf_eap_msauth_tlv_crypto_reserved, {
3293	"Reserved", "eap.msauth-tlv.crypto.reserved",
3294	FT_UINT8, BASE_DEC, NULL((void*)0), 0x0,
3295	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3296
3297	{ &hf_eap_msauth_tlv_crypto_version, {
3298	"Version", "eap.msauth-tlv.crypto.version",
3299	FT_UINT8, BASE_DEC, NULL((void*)0), 0x0,
3300	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3301
3302	{ &hf_eap_msauth_tlv_crypto_rcv_version, {
3303	"Received Version", "eap.msauth-tlv.crypto.received-version",
3304	FT_UINT8, BASE_DEC, NULL((void*)0), 0x0,
3305	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3306
3307	{ &hf_eap_msauth_tlv_crypto_subtype, {
3308	"Subtype", "eap.msauth-tlv.crypto.subtype",
3309	FT_UINT8, BASE_DEC, VALS(eap_msauth_tlv_crypto_subtype_vals)((0 ? (const struct _value_string*)0 : ((eap_msauth_tlv_crypto_subtype_vals )))), 0x0,
3310	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3311
3312	{ &hf_eap_msauth_tlv_crypto_nonce, {
3313	"Nonce", "eap.msauth-tlv.crypto.nonce",
3314	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3315	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3316
3317	{ &hf_eap_msauth_tlv_crypto_cmac, {
3318	"Compound MAC", "eap.msauth-tlv.crypto.cmac",
3319	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3320	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3321
3322	/* Expanded type fields */
3323	{ &hf_eap_ext_vendor_id, {
3324	"EAP-EXT Vendor Id", "eap.ext.vendor_id",
3325	FT_UINT24, BASE_HEX, VALS(eap_ext_vendor_id_vals)((0 ? (const struct _value_string*)0 : ((eap_ext_vendor_id_vals )))), 0x0,
3326	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3327
3328	{ &hf_eap_ext_vendor_type, {
3329	"EAP-EXT Vendor Type", "eap.ext.vendor_type",
3330	FT_UINT32, BASE_HEX, VALS(eap_ext_vendor_type_vals)((0 ? (const struct _value_string*)0 : ((eap_ext_vendor_type_vals )))), 0x0,
3331	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) }},
3332
3333	{ &hf_eap_ikev2_flags, {
3334	"EAP-IKEv2 Flags", "eap.ikev2.flags",
3335	FT_UINT8, BASE_HEX, NULL((void*)0), 0x0,
3336	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) } },
3337
3338	{ &hf_eap_ikev2_flag_l, {
3339	"Length Included", "eap.ikve2.flags.len_included",
3340	FT_BOOLEAN, 8, NULL((void*)0), EAP_IKEV2_FLAG_L0x80,
3341	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) } },
3342
3343	{ &hf_eap_ikev2_flag_m, {
3344	"More Fragments", "eap.ikev2.flags.more_fragments",
3345	FT_BOOLEAN, 8, NULL((void*)0), EAP_IKEV2_FLAG_M0x40,
3346	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) } },
3347
3348	{ &hf_eap_ikev2_flag_i, {
3349	"Integrity Checksum Data present", "eap.ikev2.flags.icv_present",
3350	FT_BOOLEAN, 8, NULL((void*)0), EAP_IKEV2_FLAG_I0x20,
3351	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) } },
3352
3353	{ &hf_eap_ikev2_len, {
3354	"EAP-IKEv2 Length", "eap.ikev2.len",
3355	FT_UINT32, BASE_DEC, NULL((void*)0), 0x0,
3356	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) } },
3357
3358	{ &hf_eap_ikev2_int_chk_data, {
3359	"EAP-IKEv2 Integrity Checksum Data", "eap.ikev2.integrity_checksum_data",
3360	FT_BYTES, BASE_NONE, NULL((void*)0), 0x0,
3361	NULL((void)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void)0) } },
3362	};
3363	static int *ett[] = {
3364	&ett_eap,
3365	&ett_eap_pax_flags,
3366	&ett_eap_psk_flags,
3367	&ett_eap_gpsk_csuite_list,
3368	&ett_eap_gpsk_csuite,
3369	&ett_eap_gpsk_csuite_sel,
3370	&ett_eap_sake_attr,
3371	&ett_eap_msauth_tlv,
3372	&ett_eap_msauth_tlv_tree,
3373	&ett_eap_tls_fragment,
3374	&ett_eap_tls_fragments,
3375	&ett_eap_sim_attr,
3376	&ett_eap_aka_attr,
3377	&ett_eap_exp_attr,
3378	&ett_eap_tls_flags,
3379	&ett_identity,
3380	&ett_eap_ikev2_flags,
3381	};
3382	static ei_register_info ei[] = {
3383	{ &ei_eap_ms_chap_v2_length, { "eap.ms_chap_v2.length.invalid", PI_PROTOCOL0x09000000, PI_WARN0x00600000, "Invalid Length", EXPFILL0, ((void)0), 0, {0, {((void)0), ((void)0), FT_NONE, BASE_NONE , ((void)0), 0, ((void)0), -1, 0, HF_REF_TYPE_NONE, -1, ((void )0)}} }},
3384	{ &ei_eap_mitm_attacks, { "eap.mitm_attacks", PI_SECURITY0x0a000000, PI_WARN0x00600000, "Vulnerable to MITM attacks. If possible, change EAP type.", EXPFILL0, ((void)0), 0, {0, {((void)0), ((void)0), FT_NONE, BASE_NONE , ((void)0), 0, ((void)0), -1, 0, HF_REF_TYPE_NONE, -1, ((void )0)}} }},
3385	{ &ei_eap_md5_value_size_overflow, { "eap.md5.value_size.overflow", PI_PROTOCOL0x09000000, PI_WARN0x00600000, "Overflow", EXPFILL0, ((void)0), 0, {0, {((void)0), ((void)0), FT_NONE, BASE_NONE , ((void)0), 0, ((void)0), -1, 0, HF_REF_TYPE_NONE, -1, ((void )0)}} }},
3386	{ &ei_eap_dictionary_attacks, { "eap.dictionary_attacks", PI_SECURITY0x0a000000, PI_WARN0x00600000,
3387	"Vulnerable to dictionary attacks. If possible, change EAP type."
3388	" See http://www.cisco.com/warp/public/cc/pd/witc/ao350ap/prodlit/2331_pp.pdf", EXPFILL0, ((void)0), 0, {0, {((void)0), ((void)0), FT_NONE, BASE_NONE , ((void)0), 0, ((void)0), -1, 0, HF_REF_TYPE_NONE, -1, ((void )0)}} }},
3389	{ &ei_eap_identity_nonascii, { "eap.identity.nonascii", PI_PROTOCOL0x09000000, PI_WARN0x00600000, "Non-ASCII characters within identity", EXPFILL0, ((void)0), 0, {0, {((void)0), ((void)0), FT_NONE, BASE_NONE , ((void)0), 0, ((void)0), -1, 0, HF_REF_TYPE_NONE, -1, ((void )0)}} }},
3390	{ &ei_eap_identity_invalid, { "eap.identity.invalid", PI_PROTOCOL0x09000000, PI_WARN0x00600000, "Invalid identity code", EXPFILL0, ((void)0), 0, {0, {((void)0), ((void)0), FT_NONE, BASE_NONE , ((void)0), 0, ((void)0), -1, 0, HF_REF_TYPE_NONE, -1, ((void )0)}} }},
3391	{ &ei_eap_retransmission, { "eap.retransmission", PI_SEQUENCE0x02000000, PI_NOTE0x00400000, "This packet is a retransmission", EXPFILL0, ((void)0), 0, {0, {((void)0), ((void)0), FT_NONE, BASE_NONE , ((void)0), 0, ((void)0), -1, 0, HF_REF_TYPE_NONE, -1, ((void )0)}} }},
3392	{ &ei_eap_bad_length, { "eap.bad_length", PI_PROTOCOL0x09000000, PI_WARN0x00600000, "Bad length (too small or too large)", EXPFILL0, ((void)0), 0, {0, {((void)0), ((void)0), FT_NONE, BASE_NONE , ((void)0), 0, ((void)0), -1, 0, HF_REF_TYPE_NONE, -1, ((void )0)}} }},
3393	};
3394
3395	expert_module_t* expert_eap;
3396
3397	proto_eap = proto_register_protocol("Extensible Authentication Protocol",
3398	"EAP", "eap");
3399	proto_register_field_array(proto_eap, hf, array_length(hf)(sizeof (hf) / sizeof (hf)[0]));
3400	proto_register_subtree_array(ett, array_length(ett)(sizeof (ett) / sizeof (ett)[0]));
3401	expert_eap = expert_register_protocol(proto_eap);
3402	expert_register_field_array(expert_eap, ei, array_length(ei)(sizeof (ei) / sizeof (ei)[0]));
3403
3404	eap_handle = register_dissector("eap", dissect_eap, proto_eap);
3405
3406	reassembly_table_register(&eap_tls_reassembly_table,
3407	&addresses_reassembly_table_functions);
3408
3409	eap_expanded_type_dissector_table = register_dissector_table("eap.ext.vendor_id",
3410	"EAP-EXT Vendor Id",
3411	proto_eap, FT_UINT24,
3412	BASE_HEX);
3413
3414	}
3415
3416	void
3417	proto_reg_handoff_eap(void)
3418	{
3419	/*
3420	* Get a handle for the SSL/TLS dissector.
3421	*/
3422	tls_handle = find_dissector_add_dependency("tls", proto_eap);
3423	diameter_avps_handle = find_dissector_add_dependency("diameter_avps", proto_eap);
3424	peap_handle = find_dissector_add_dependency("peap", proto_eap);
3425	teap_handle = find_dissector_add_dependency("teap", proto_eap);
3426
3427	isakmp_handle = find_dissector_add_dependency("isakmp", proto_eap);
3428
3429	dissector_add_uint("ppp.protocol", PPP_EAP0xc227, eap_handle);
3430	dissector_add_uint("eapol.type", EAPOL_EAP0, eap_handle);
3431	}
3432	/*
3433	* Editor modelines
3434	*
3435	* Local Variables:
3436	* c-basic-offset: 2
3437	* tab-width: 8
3438	* indent-tabs-mode: nil
3439	* End:
3440	*
3441	* ex: set shiftwidth=2 tabstop=8 expandtab:
3442	* :indentSize=2:tabSize=8:noTabs=true:
3443	*/