The RANAP ASN.1 defines a RAI as being composed of an LAI and a RAC.
(Cf. the RNSAP ASN.1, which defines a RAI as being composed of a
PLMN-Identity, a LAC, and an RAC.) Handle it so that the RAI fields
are used when dissecting a RAI, only using the LAI fields if the LAI
dissection was not called from the RAI.
Use the specific MCC/MNC fields in NGAP for the ECGI, NRCGI, LAI,
TAI, and 5GSTAI, using E212_NONE elsewhre. (Note that NGAP refers to
the 5GSTAI as just TAI, and the original TAI as EPS-TAI.)
Use the specific MCC/MNC fields for the LAI, CGI, ECGI, NR-CGI, TAI,
and 5GS-TAI IEs, continuing to use E212_NONE for PLMNidentity in all
other cases. Add fields and an enum value for 5GS-TAI to packet-e212.
(The 5GSTAC has an additional octet compared to the original TAC.)
When the PLMNidentity information element is part of the CGI, LAI, RAI,
SAI, or TAI, use the specific MNC/MCC field types as appropriate.
Otherwise, use E212_NONE as before.
Most of the time, the return value tells us nothing useful, as we've
already decided that we're perfectly willing to live with string
truncation. Hopefully this keeps Coverity from whining that those
routines could return an error code (NARRATOR: They don't) and thus that
we're ignoring the possibility of failure (as indicated, we've already
decided that we can live with string truncation, so truncation is *NOT*
a failure).
commit 19b3376a24
("LDAP bogus malformed errors: decoding encrypted data")
introduced 2 problems:
- guint decr_len = tvb_reported_length(decr_tvb); was
always called with decr_tvb==NULL
- dissect_ldap_payload() was not called if sasl_tree is NULL,
it needs to be called even if the tree pointer are NULL
in order to have the COL_INFO setup correctly.
I guess this should also be backported to stable branches
(together with 2e6d3b571b
"LDAP: SASL Buffer doesn't include Length field")
https://gitlab.com/wireshark/wireshark/-/issues/17347
Signed-off-by: Stefan Metzmacher <metze@samba.org>
The LAC, RAC, SAC, and TAC tend to be defined in ASN.1 as OCTET STRINGS
of lengths 1, 2, or 3. It generally makes sense to dissect them as
FT_UINT[8,16,24], as appropriate, with BASE_DEC_HEX instead of as FT_BYTES,
so standardize on that. See commit d6f91a7ca4
for similar work for S1AP.
SASL Buffer starts after the SASL Buffer Length field. Therefore
we should only mark the bytes without the Length field.
Sample capture can be found in wireshark/wireshark#15128
If a header declares a function, or anything else requiring the extern
"C" decoration, have it wrap the declaration itself; don't rely on the
header itself being included inside extern "C".
Use the new stat_tap_find_table function during init to check if our
statistics table already exists.
If so, we can safely assume that its rows have already beend initialized.
All we have to do is clear the data that was collected by the tap.
Use the new stat_tap_find_table function during init to check if our
statistics table already exists.
If so, we can safely assume that its rows have already beend initialized.
All we have to do is clear the data that was collected by the tap.
Use the new stat_tap_find_table function during init to check if our
statistics table already exists.
If so, we can safely assume that its rows have already beend initialized.
All we have to do is clear the data that was collected by the tap.
John Thacker