| Bug ID |
9385
|
| Summary |
Diameter Sh AVP codes incorrect - update to latest version of specification needed
|
| Classification |
Unclassified
|
| Product |
Wireshark
|
| Version |
1.10.3
|
| Hardware |
x86
|
| OS |
Windows 7
|
| Status |
UNCONFIRMED
|
| Severity |
Normal
|
| Priority |
Low
|
| Component |
Wireshark
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Created attachment 12010 [details]
Example of incorrect decode of 3GPP Diameter Sh AVP 713
Build Information:
Version 1.10.3 (SVN Rev 53022 from /trunk-1.10)
Copyright 1998-2013 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GTK+ 2.24.14, with Cairo 1.10.2, with Pango 1.30.1, with
GLib 2.34.1, with WinPcap (4_1_3), with libz 1.2.5, without POSIX capabilities,
without libnl, with SMI 0.4.8, with c-ares 1.9.1, with Lua 5.1, without Python,
with GnuTLS 2.12.18, with Gcrypt 1.4.6, without Kerberos, with GeoIP, with
PortAudio V19-devel (built Nov 1 2013), with AirPcap.
Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 2.12.18, Gcrypt 1.4.6, without AirPcap.
Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz, with 3943MB of physical
memory.
Built using Microsoft Visual C++ 10.0 build 40219
--
When decoding 3GPP Sh Diameter trace, certain AVPs are decoded with the
incorrect name:
3GPP 29.329 section 6.3 defines the Attribute Name and AVP Code, but Wireshark
uses the incorrect Attribute Name for some AVP Codes.
This seems to be due to the TGPPSh.xml datafile containing the incorrect
mapping, also the file is based on an outdated version of the 3GPP document.
The file is based on 3GPP TS 29.329 version 6.6.0, the latest version is 12.1.0
(date 2013-06-25).
The following AVPs present in the file are incorrect, and in fact, not listed
in the version 6.6.0 as state in the header of the TGPPSh.xml datafile:
-<avp name="One-Time-Notification" vendor-id="TGPP" code="713"
may-encrypt="yes" vendor-bit="must" mandatory="must" protected="may"><type
type-name="Enumerated"/>
<enum name="ONE_TIME_NOTIFICATION_REQUESTED" code="0"/></avp>
* This is code 712
-<avp name="Requested-Nodes" vendor-id="TGPP" code="714" may-encrypt="no"
vendor-bit="must" mandatory="must"><type type-name="Unsigned32"/></avp>
* This is code 713
See attached file for example trace of Location Retrieval incorrectly decoding
AVP 713 as One-Time-Notification rather than Requested Nodes. Note,
identifying host/realm information has been redacted.
You are receiving this mail because:
- You are watching all bug changes.