From Linas Vepstas via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8962

Enhancement: Add STANAG 4607 file format

svn path=/trunk/; revision=50996

AUTHORS

@@ -3749,6 +3749,7 @@ Fabio Tarabelloni	<fabio.tarabelloni[AT]reloc.it>
 Chas Williams		<chas[AT]cmf.nrl.navy.mil>
 Javier Godoy		<uce[AT]rjgodoy.com.ar>
 Matt Texier		<mtexier[AT]arbor.net>
+Linas Vepstas		<linasvepstas[AT]gmail.com>
 
 Dan Lasley <dlasley[AT]promus.com> gave permission for his
 dumpit() hex-dump routine to be used.

docbook/release-notes.asciidoc

@@ -55,6 +55,7 @@ Too many protocols have been updated to list here.
 --sort-and-group--
 
 Netscaler 2.6
+STANAG 4607
 
 --sort-and-group--
 

wiretap/CMakeLists.txt

@@ -69,6 +69,7 @@ set(CLEAN_FILES
 	pppdump.c
 	radcom.c
 	snoop.c
+	stanag4607.c
 	tnef.c
 	toshiba.c
 	visual.c

wiretap/Makefile.common

@@ -75,6 +75,7 @@ NONGENERATED_C_FILES = \
 	pppdump.c		\
 	radcom.c		\
 	snoop.c			\
+	stanag4607.c		\
 	tnef.c			\
 	toshiba.c		\
 	visual.c		\
@@ -133,6 +134,7 @@ NONGENERATED_HEADER_FILES = \
 	pppdump.h		\
 	radcom.h		\
 	snoop.h			\
+	stanag4607.h		\
 	tnef.h			\
 	toshiba.h		\
 	visual.h		\

wiretap/README

@@ -176,3 +176,9 @@ usually found on board ports).
 
 Gilbert Ramirez <gram@alumni.rice.edu>
 Guy Harris <guy@alum.mit.edu>
+
+STANAG 4607
+-----------
+Initial support for the STANAG 4607 protocol.  Documentation at:
+http://www.nato.int/structur/AC/224/standard/4607/4607.htm
+

wiretap/file_access.c

@@ -86,6 +86,7 @@
 #include "ipfix.h"
 #include "vwr.h"
 #include "camins.h"
+#include "stanag4607.h"
 #include "pcap-encap.h"
 
 /* The open_file_* routines should return:
@@ -147,6 +148,7 @@ static wtap_open_routine_t open_routines_base[] = {
 	dct3trace_open,
 	daintree_sna_open,
 	mime_file_open,
+	stanag4607_open,
 	/* Files that don't have magic bytes at a fixed location,
 	 * but that instead require a heuristic of some sort to
 	 * identify them.  This includes the ASCII trace files that
@@ -821,8 +823,14 @@ static const struct file_type_info dump_open_table_base[] = {
 
 	/* WTAP_FILE_CAMINS */
 	{ "CAM Inspector file", "camins", "camins", NULL,
+	  FALSE, FALSE, 0,
+	  NULL, NULL },
+
+	/* WTAP_FILE_STANAG_4607 */
+	{ "STANAG 4607 Format", "stanag4607", NULL, NULL,
 	  FALSE, FALSE, 0,
 	  NULL, NULL }
+
 };
 
 gint wtap_num_file_types = sizeof(dump_open_table_base) / sizeof(struct file_type_info);

wiretap/stanag4607.c

@@ -0,0 +1,192 @@
+/* stanag4607.c
+ *
+ * STANAG 4607 file reading
+ *
+ * $Id$
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#include "config.h"
+
+#include <arpa/inet.h>
+#include <errno.h>
+
+#ifdef HAVE_SYS_STAT_H
+#include <sys/stat.h>
+#endif
+
+#include "wtap-int.h"
+#include "file_wrappers.h"
+#include "buffer.h"
+#include "stanag4607.h"
+
+static gboolean is_valid_id(guint16 version_id)
+{
+#define VERSION_21 0x3231
+#define VERSION_30 0x3330
+  if ((version_id != VERSION_21) &&
+      (version_id != VERSION_30))
+     /* Not a stanag4607 file */
+     return FALSE;
+  return TRUE;
+}
+
+static gboolean stanag4607_read_file(wtap *wth, FILE_T fh, struct wtap_pkthdr *phdr,
+                               Buffer *buf, int *err, gchar **err_info)
+{
+  static gint64 base_secs = 0;
+  guint32 millisecs, secs, nsecs;
+  gint64 offset = 0;
+  guint8 stanag_pkt_hdr[37];
+  int bytes_read;
+  guint32 packet_size;
+
+  *err = 0;
+
+  /* Combined packet header and segment header */
+  bytes_read = file_read(stanag_pkt_hdr, sizeof stanag_pkt_hdr, fh);
+  if (bytes_read != sizeof stanag_pkt_hdr)
+    goto fail;
+  offset += bytes_read;
+
+  if (!is_valid_id(pntohs(&stanag_pkt_hdr[0]))) {
+    *err = WTAP_ERR_BAD_FILE;
+    *err_info = g_strdup("Bad version number");
+    return FALSE;
+  }
+
+  /* The next 4 bytes are the packet length */
+  packet_size = pntohl(&stanag_pkt_hdr[2]);
+  phdr->caplen = packet_size;
+  phdr->len = packet_size;
+
+  /* Sadly, the header doesn't contain times; but some segments do */
+  /* So, get the segment header, which is just past tthe 32-byte header. */
+  phdr->presence_flags = WTAP_HAS_TS;
+
+  /* If no time specified, its the last baseline time */
+  phdr->ts.secs = base_secs;
+  phdr->ts.nsecs = 0;
+  millisecs = 0;
+
+#define MISSION_SEGMENT 1
+#define DWELL_SEGMENT 2
+#define JOB_DEFINITION_SEGMENT 5
+#define PLATFORM_LOCATION_SEGMENT 13
+  if (MISSION_SEGMENT == stanag_pkt_hdr[32]) {
+    guint8 mseg[39];
+    struct tm tm;
+
+    bytes_read = file_read(&mseg, sizeof mseg, fh);
+    if (bytes_read != sizeof mseg)
+      goto fail;
+    offset += bytes_read;
+
+    tm.tm_year = pntohs(&mseg[35]) - 1900;
+    tm.tm_mon = mseg[37] - 1;
+    tm.tm_mday = mseg[38];
+    tm.tm_hour = 0;
+    tm.tm_min = 0;
+    tm.tm_sec = 0;
+    tm.tm_isdst = -1;
+    base_secs = mktime(&tm);
+    phdr->ts.secs = base_secs;
+  }
+  else if (PLATFORM_LOCATION_SEGMENT == stanag_pkt_hdr[32]) {
+    bytes_read = file_read(&millisecs, sizeof millisecs, fh);
+    if (bytes_read != sizeof millisecs)
+      goto fail;
+    offset += bytes_read;
+    millisecs = ntohl(millisecs);
+  }
+  else if (DWELL_SEGMENT == stanag_pkt_hdr[32]) {
+    guint8 dseg[19];
+    bytes_read = file_read(&dseg, sizeof dseg, fh);
+    if (bytes_read != sizeof dseg)
+      goto fail;
+    offset += bytes_read;
+    millisecs = pntohl(&dseg[15]);
+  }
+  if (0 != millisecs) {
+    secs = millisecs/1000;
+    nsecs = (millisecs - 1000 * secs) * 1000000;
+    phdr->ts.secs = base_secs + secs;
+    phdr->ts.nsecs = nsecs;
+  }
+
+  /* wind back to the start of the packet ... */
+  if (file_seek(fh, - offset, SEEK_CUR, err) == -1)
+    goto fail;
+
+  return wtap_read_packet_bytes(fh, buf, packet_size, err, err_info);
+
+fail:
+  *err = file_error(wth->fh, err_info);
+  return FALSE;
+}
+
+static gboolean stanag4607_read(wtap *wth, int *err, gchar **err_info, gint64 *data_offset)
+{
+  gint64 offset;
+
+  *err = 0;
+
+  offset = file_tell(wth->fh);
+
+  *data_offset = offset;
+
+  return stanag4607_read_file(wth, wth->fh, &wth->phdr, wth->frame_buffer, err, err_info);
+}
+
+static gboolean stanag4607_seek_read(wtap *wth, gint64 seek_off,
+                               struct wtap_pkthdr *phdr,
+                               Buffer *buf, int length _U_, int *err, gchar **err_info)
+{
+  if (file_seek(wth->random_fh, seek_off, SEEK_SET, err) == -1)
+    return FALSE;
+
+  return stanag4607_read_file(wth, wth->random_fh, phdr, buf, err, err_info);
+}
+
+int stanag4607_open(wtap *wth, int *err, gchar **err_info)
+{
+  int bytes_read;
+  guint16 version_id;
+
+  bytes_read = file_read(&version_id, sizeof version_id, wth->fh);
+  if (bytes_read != sizeof version_id) {
+    *err = file_error(wth->fh, err_info);
+    return (*err != 0) ? -1 : 0;
+  }
+
+  if (!is_valid_id(GUINT16_TO_BE(version_id)))
+     /* Not a stanag4607 file */
+     return 0;
+
+  /* seek back to the start of the file  */
+  if (file_seek(wth->fh, 0, SEEK_SET, err) == -1)
+    return -1;
+
+  wth->file_type = WTAP_FILE_STANAG_4607;
+  wth->file_encap = WTAP_ENCAP_STANAG_4607;
+  wth->snapshot_length = 0; /* not known */
+
+  wth->subtype_read = stanag4607_read;
+  wth->subtype_seek_read = stanag4607_seek_read;
+  wth->tsprecision = WTAP_FILE_TSPREC_MSEC;
+
+  return 1;
+}

wiretap/stanag4607.h

@@ -0,0 +1,32 @@
+/* stanag4607.h
+ *
+ * STANAG 4607 file reading
+ *
+ * $Id$
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#ifndef __STANAG_4607_H__
+#define __STANAG_4607_H__
+
+#include <glib.h>
+#include <wiretap/wtap.h>
+#include "ws_symbol_export.h"
+
+int stanag4607_open(wtap *wth, int *err, gchar **err_info);
+
+#endif

wiretap/wtap.h

@@ -248,6 +248,7 @@ extern "C" {
 #define WTAP_ENCAP_RTAC_SERIAL                  154
 #define WTAP_ENCAP_BLUETOOTH_LE_LL              155
 #define WTAP_ENCAP_WIRESHARK_UPPER_PDU          156
+#define WTAP_ENCAP_STANAG_4607                  157
 
 #define WTAP_NUM_ENCAP_TYPES                    wtap_get_num_encap_types()
 
@@ -319,6 +320,7 @@ extern "C" {
 #define WTAP_FILE_VWR_80211                     62
 #define WTAP_FILE_VWR_ETH                       63
 #define WTAP_FILE_CAMINS                        64
+#define WTAP_FILE_STANAG_4607                   65
 
 #define WTAP_NUM_FILE_TYPES                     wtap_get_num_file_types()