There's two variants for the Ms Radio Access Capabilities.
* The usual encoding with spare bits (usually to fill up to octet boundary)
as defined in TS 24.008 Table 10.5.146
And there's too:
* MS Radio Access Capabilities 2 IE from TS44.060 section 12.30, which is
the same but removing all spare bits, and which is used in messages like
Packet Resource Request and Additional MS RAC messages.
The later is used basically for messages having extra IEs after the MS
Radio Access capabilities IE, since they are encoded immediatelly
afterwards.
So this patch does:
* Adds the expected spare bits (M_PADDING) to MS_Radio_Access_capability_t
* Creates a new MS_Radio_Access_capability2_t without padding
* Updates code to use the new "2" version where needed.
The new MS_Radio_Access_capability_t with padding is disabled since it's
not used in wirehsark because it's using an ad-hoc decoder for that TS
24.008 IE: see packet-gsm_a_gm.c de_gmm_ms_radio_acc_cap()
Port from osmo-pcu.git e50ce6e45c4509805807d599cadf1a1b23d37f63
Related: https://osmocom.org/issues/4463
Change-Id: Ie2844bd94437c8d7a50787cc7c8c4d81a4fc48ba
Reviewed-on: https://code.wireshark.org/review/36574
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
It seems the assumptions regarding maximum number of RA capabilitites
in one message were wrong. Doing some rough calculations, each RA
capabilitiy value (without extensions) can take around 20ish bits, which
means for a message containing up to 52 bytes that quite a lot of
different values could be theoretically fed in. Let's be safe and
increase the array size to be able to handle all different access
technologies listed in See TS 24.008 table 10.5.146 following
restrictions:
* "The MS Radio Access capability is a type 4 information element, with a maximum length of 52 octets."
* "Among the three Access Type Technologies GSM 900-P, GSM 900-E and GSM 900-R only one shall be present."
* "the mobile station should provide the relevant radio access
capability for either GSM 1800 band OR GSM 1900 band, not both".
Port from osmo-pcu.git 7faa5da209d0ef48fe593603c217615f09fb61fb.
Related: https://osmocom.org/issues/4463
Change-Id: Ief5189f88ba0e4970847567c9a15b1ada8b9df4b
Reviewed-on: https://code.wireshark.org/review/36573
Reviewed-by: Harald Welte <laforge@gnumonks.org>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
This way the macros can be used to access the arrays themselves and
calculate its static size to enable validation lateri on.
In the case of Packet_Access_Reject_t, modify the description to use a
M_REC_TARRAY_1 object to get rid of access to 2nd element. The new
description is the correct one, since the first element is mandatory
according to TS 44.060 Table 11.2.1.
Port from osmo-pcu.git 81b40cbaf3070f70954663f68375100128bdc77e.
Change-Id: I48fc257305af799beb6a48ffc6d11b73026bff51
Reviewed-on: https://code.wireshark.org/review/36571
Reviewed-by: Harald Welte <laforge@gnumonks.org>
Reviewed-by: Vadim Yanitskiy <axilirator@gmail.com>
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
This way if CSN1 encoded bitstream contains more elements than what the
defintion expects it will fail instead of overflowing the decoded
buffer.
Example: RA Capabilities struct (recursive array) sent by a real android phone
when attaching to the network. Then SGSN sends it back and osmo-pcu would crash
similar to this:
*** stack smashing detected ***: terminated
Process terminating with default action of signal 6 (SIGABRT): dumping core
at 0x4C62CE5: raise (in /usr/lib/libc-2.31.so)
by 0x4C4C856: abort (in /usr/lib/libc-2.31.so)
by 0x4CA62AF: __libc_message (in /usr/lib/libc-2.31.so)
by 0x4D36069: __fortify_fail (in /usr/lib/libc-2.31.so)
by 0x4D36033: __stack_chk_fail (in /usr/lib/libc-2.31.so)
by 0x124706: testRAcap2(void*) (RLCMACTest.cpp:468)
Port from osmo-pcu.git efad80bfbffb2a35d2516e56dc40979f19c6c370
Related: https://osmocom.org/issues/4463
Change-Id: I6bdd6960141829491aebbfdaab548c41d4a3bc9f
Reviewed-on: https://code.wireshark.org/review/36572
Reviewed-by: Harald Welte <laforge@gnumonks.org>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Add support to dissect ASTERIX CAT010 Version 1.10
Change-Id: I82f59555e75c03fc4bd2819b2455f7fd6fa08384
Reviewed-on: https://code.wireshark.org/review/36560
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Requires an updated wireshark/wireshark-ubuntu-dev image:
https://github.com/wireshark/wireshark-ubuntu-dev-docker/pull/2
Remove -Wframe-larger-than while at it. The default size in our CMake
config is 32k. Clang should not significantly go over it. If so, then it
has to be solved there, and not in the Gitlab config.
Change-Id: I3891fcbd9dec8e5a4597404aa8131f28a1755a02
Reviewed-on: https://code.wireshark.org/review/36369
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The layout of OpenSecureChannel command is:
struct acTOpenSecureChannelSendCmd
{
int CID;
struct acTOpenChannelCmd OpenChannelCmd;
struct acTOpenSecureChannelCmd SecureChannelCmd;
};
OpenChannelCmd contains a field that stores the offset of
SecureChannelCmd (rtp_authentication_algorithm) from the beginning of
OpenChannelCmd (cmd_rev_lsb).
Support both forward and backward compatibility (added or missing fields).
Change-Id: If277996aa7fb94fef55ae34fed5a307728ebdf7c
Reviewed-on: https://code.wireshark.org/review/36566
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
wsutil/nstime.c:116: warning: Function 'nstime_sum' argument order different: declaration 'sum, b, a' definition 'sum, a, b'
Most likely copy/paste error from nstime_delta() above where that order makes sense.
Change-Id: Icea52b21781ebc09b2b80acdb34d61a28eb1e498
Reviewed-on: https://code.wireshark.org/review/36562
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Define a FunnelStatistics dtor and use it to clear our funnel
operations. This keeps us from crashing if we quit while a ProgDlg or
TextWindow is visible.
In FunnelStatistics::progressDialogNew, pass in our parent MainWindow
instead of depending on capture_file_ having a valid window pointer.
This lets us use a ProgDlg without having to load a capture file.
Define and use the _funnel_ops_id_t struct so that we don't have to cast
void pointers in a bunch of places.
Change-Id: I38dd3f254b705ddf82f7421a14d27b8c3ef7bc98
Reviewed-on: https://code.wireshark.org/review/36538
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fixing infinite loop bugs in multiple places. This
fix is not in bugzilla, it was found by inspecting
the code.
Change-Id: I7c58242d298a73fd929c327d254b34b3e60cf383
Reviewed-on: https://code.wireshark.org/review/36557
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is based on patch created by Krzysztof Opasiak.
USB is a stateful protocol. So we store the link to the previous
packets.
Ping-Bug: 15908
Change-Id: I5d844041b68375a5b3ffc46f1e8ffca2804ed5b6
Reviewed-on: https://code.wireshark.org/review/34309
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's already incluided in the template.
Change-Id: I534b0b116f232e2b0168e141ad865ec6c96612d3
Reviewed-on: https://code.wireshark.org/review/36546
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The asn1 dissector generator creates file with 2 spaces indentation.
The right way to indent a cnf file is the same, then.
Change-Id: I6a210ba17b332234678698d111863e27830dcece
Reviewed-on: https://code.wireshark.org/review/36545
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I17b94100139d3262315cb42b66fc245ade82224b
Reviewed-on: https://code.wireshark.org/review/36544
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I83070917b76c0d730148b29cc38151648a1a88de
Reviewed-on: https://code.wireshark.org/review/36542
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I32f636c5a8de652303fbe03668bf937004f2e6a8
Reviewed-on: https://code.wireshark.org/review/36543
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
dot11decrypt_system.h:274:11: warning: parameter 'decrypt_data' not found in the function declaration [-Wdocumentation]
dot11decrypt_system.h:277:11: warning: parameter 'decrypt_len' not found in the function declaration [-Wdocumentation]
dot11decrypt_system.h:279:11: warning: parameter 'key' not found in the function declaration [-Wdocumentation]
Change-Id: I9a0d1dd29ddd130b9425a38645777e4eb05e9fa3
Reviewed-on: https://code.wireshark.org/review/36540
Reviewed-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I45ae45f61042dc612a63727e9790bf3c036fa608
Reviewed-on: https://code.wireshark.org/review/36533
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
MFP enabled connections with SHA-256 key management (IEEE 802.11w) use
EAPOL key version == 3. This case was missing making decryption of such
connections fail. Allow key version 3 to handle these too.
Change-Id: If9e3fcc5c3bbfb46e82b39dfed5b2a74787a4f16
Reviewed-on: https://code.wireshark.org/review/36534
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Goodbye RTCP packet dissection has to derive whether the optional
"Reason for leaving" string is present or not. This has to be derived
from the length. When put into a compound RTCP packet, the length
derivation from the TVB length does not work, because another RTCP
packet may follow in this compound RTCP packet.
With this change the stated length of this RTCP packet is passed to
the RTCP BYE packet dissection function in order to make a proper
length determination and not overrun into the next RTCP packet in the
compound RTCP packet.
Bug: 16434
Change-Id: Iab0fdd52c745028a9928bbef6c731ff649213277
Reviewed-on: https://code.wireshark.org/review/36532
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- UDPCP: fix test for Sync frame detection
- Avoid a couple of redundant assignemnts
Change-Id: Ib69a3ff4f0e802ddbbbd29eb2a803372c41a7ce4
Reviewed-on: https://code.wireshark.org/review/36526
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
- a SUCI with null scheme is always a MSIN, name it accordingly
- add breakout of scheme output for profiles A and B
Change-Id: I3453336291cbd515809054057a6e53902590e896
Reviewed-on: https://code.wireshark.org/review/36514
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Work based on current code from epan/dissectors/packet-gsm_abis_pgsl.c,
as well as on initial patch from Holger Hans Peter Freyther [1].
Tested with one downlink MCS1 data block generated by osmo-pcu.
[1] https://osmocom.org/issues/1542
Change-Id: I01a8bd1cdb78d1c236a451fbee37854eb688fa14
Reviewed-on: https://code.wireshark.org/review/36489
Reviewed-by: Harald Welte <laforge@gnumonks.org>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Beginning in Wireshark 3.2, the FindGLIB2 cmake module depends on FindWSLibrary
(see 990e409273), so FindWSLibrary needs to be installed as well, or
attempting to build an out-of-tree plugin fails.
Simple example CMakeLists.txt:
cmake_minimum_required(VERSION 2.8)
project(myplugin)
find_package(Wireshark)
LIST(APPEND CMAKE_MODULE_PATH "${Wireshark_LIB_DIR}/wireshark/cmake")
find_package(GLIB2)
Fails:
-- Checking for one of the modules 'glib-2.0'
CMake Error at /usr/local/lib/wireshark/cmake/FindGLIB2.cmake:49 (include):
include could not find load file:
FindWSLibrary
Call Stack (most recent call first):
CMakeLists.txt:5 (find_package)
CMake Error at /usr/local/lib/wireshark/cmake/FindGLIB2.cmake:50 (FindWSLibrary):
Unknown CMake command "FindWSLibrary".
Call Stack (most recent call first):
CMakeLists.txt:5 (find_package)
-- Configuring incomplete, errors occurred!
Change-Id: Id765d671e74fe15a60add38b95e62536abf60a79
Reviewed-on: https://code.wireshark.org/review/36509
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
SOME/IP-SD did not register a port learned correctly, so that packets
with this port number were not dissected.
Bug: 16448
Change-Id: Ic648a50bf08dcab65c49182e08257cf6660261a5
Signed-off-by: Dr. Lars Völker <lars.voelker@technica-engineering.de>
Reviewed-on: https://code.wireshark.org/review/36503
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
On at least some platforms (at least some versions of the Windows SDK,
and netinet/in.h on Illumos and thus possibly Solaris, and possibly
others), struct in_addr's only member is a union, with some members of
the union being substructures with fields corresponding to the pre-CIDR
parts of an IPv4 address, with s_addr #defined to be the member of the
union corresponding to the IPv4 address as a 32-bit integral value.
That's presumably maintained for source compatibility with really old
programs written before CIDR, on platforms where they worry about that.
The *BSDs don't care, and macOS came out post-CIDR and never supportede
the pre-CIDR code in the first place, so they don't do that; the same
probably applies to Linux.
This causes problems when s_addr is used as a variable name.
In addition, inside Wireshark we tend to use "src" rather than just "s"
as a prefix to refer to source addresses and ports - and "dst" or "dest"
rather than just "d" as a prefix to refer to destination addresses and
ports.
So just go with that.
Change-Id: I6010d5ea9697d2333597c06756fa393a5898364e
Reviewed-on: https://code.wireshark.org/review/36504
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
In (deprecated) NOKEY_DATA_FRAG, the frag_number field is a uint32
so ret_uint should be used, etc. Fixing to be like DATA_FRAG.
Change-Id: I75848dfbde114cf6e4bdc6864d0690a75ca58d1d
Reviewed-on: https://code.wireshark.org/review/36500
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
If decrypt_krb5_data_private() is available we use it directly in order
to pass down kerberos_private_data_t.
Change-Id: I864d3e7d9adda454c96384d7b146ec774cd05d5f
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/36491
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This allows passing 'kerberos_private_data_t' down to
used_encryption_key(). This will be used in order
to implement Kerberos FAST decryption.
For now we'll pass a zeroed kerberos_private_data_t,
but in future code can use decrypt_krb5_data_private()
directly and pass in the result of
kerberos_get_private_data(actx).
Change-Id: Iffdd3c3168eca3ed90cfa0a924248df9fac98a0c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/36490
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
* Remove amd64+gcc-8 NOPCAP in favor of the faster clang NOPCAP. GitLab
CI builds showed that both builds would catch the same issues.
* Remove NOPCAP macOS, it is very uncommon so do not waste cycles on it.
* Remove amd64+gcc-8 as amd64+gcc-9 covers the same plus more.
* Remove unnecessary PPA, gcc-8 is included with bionic by default.
* Remove Xcode10.3 build to save resources.
* Update Xcode11.2 to the latest Xcode11.3, no compiler changes.
Change-Id: Iddaa20b865fe16380844f266fc68d394f979a14c
Reviewed-on: https://code.wireshark.org/review/36478
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The following changes would otherwise create conflicts.
Change-Id: I80bf9270aa1bdc1b92602ef68c9bfbf2b2b7ee37
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/36471
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pau Espin
Alexis La Goutte