least some of the reassembly mechanism, so we can deal with both bogus
and real last fragment (display the bogus ones as unfragmented frames,
treat the real ones as fragments).
svn path=/trunk/; revision=5186
packets, using the reassembly ID and the frame number of the final frame
as the key. There is no guarantee that reassembly IDs won't be reused,
even when talking between the same source and destination address; if,
once reassembly is complete, the "fragment_data" structure is moved to
the latter hash table, this will keep reused reassembly IDs from causing
mis-reassembly.
Add a routine "fragment_add_seq_check()", which
if a fragment has the "more fragments" flag not set but is the
first fragment of a reassembly, treats that as a non-fragmented
frame, allocating a "fragment_data" structure for the reassembly
but not attaching any fragment to it, and adding it to a
reassembled packet list;
if a packet has been reassembled, removes it from the table of
reassemblies and moves it to the table of reassembled packets;
if the frame's been seen already, looks it up in the table of
reassembled packets rather than the table of reassemblies.
Add reassembly support for fragmented 802.11 frames. Use
"fragment_add_seq_check()" to cope with the fact that some
hardware+drivers apparently hands us reassembled frames with a non-zero
fragment number and the "more fragments" bit clear (as if it puts the
802.11 header of the *last* fragment onto the reassembled data).
svn path=/trunk/; revision=5177
returns radio information such as signal strength, channel, and data
rate in a pseudo-header. Add that pseudo-header.
Use the "802.11 with radio information" encapsulation type for Wireless
Sniffer files; extract the radio information from where it appears to be
in the header.
Add dissector code for that encapsulation type.
Fix an error in the code to put radio information into the AiroPeek
tree.
Make the "wrapped" flag for NetXRay/Windows Sniffer captures a
"gboolean".
svn path=/trunk/; revision=5122
how many bytes remain in the packet starting at the initial offset of
the tagged parameters, not by seeing how many bytes remain in the packet
starting 4 bytes later. (If you're trying to avoid counting a CRC that
appears at the end of the packet data, then you need to be sure there
*is* a CRC first; this may require using a different DLT_ type, in
libpcap, for those captures.)
svn path=/trunk/; revision=4769
arguments to "proto_tree_add_text()", and to "proto_tree_add_XXX()" calls
that add FT_NONE or FT_PROTO items to the protocol tree, with -1.
Replace some calls to "tvb_length()" or "tvb_length_remaining()" with
calls to "tvb_reported_length()" and "tvb_reported_length_remaining()",
as those give the actual length of the data in the packet, not just the
data that happened to be captured.
svn path=/trunk/; revision=4605
"epan/..." pathnames, so as to avoid collisions with header files in any
of the directories in which we look (e.g., "proto.h", as some other
package has its own "proto.h" file which it installs in the top-level
include directory).
Don't add "-I" flags to search "epan", as that's no longer necessary
(and we want includes of "epan" headers to fail if the "epan/" is left
out, so that we don't re-introduce includes lacking "epan/").
svn path=/trunk/; revision=4586
structure to the "packet_info" structure; only stuff that's permanently
stored with each frame should be in the "frame_data" structure, and the
"column_info" structure is not guaranteed to hold the column values for
that frame at all times - it was only in the "frame_data" structure so
that it could be passed to dissectors, and, as all dissectors are now
passed a pointer to a "packet_info" structure, it could just as well be
put in the "packet_info" structure.
That saves memory, by shrinking the "frame_data" structure (there's one
of those per frame), and also lets us clean up the code a bit.
svn path=/trunk/; revision=4370
take a dissector handle as an argument, rather than a pointer to a
dissector function and a protocol ID. Associate dissector handles with
dissector table entries.
svn path=/trunk/; revision=4308
of packet data captured.
Make the "BYTES_ARE_IN_FRAME()" macro take a "captured length of the
packet" argument.
Add some length checks to capture routines.
svn path=/trunk/; revision=4235
room, it might return -1 in some versions of glibc; check for that, and
quit if that happens.
It might also return the number of characters that would've been printed
had there been enough room; this means that a loop that does
n += snprintf (buf + n, BUF_LENGTH - n, ...);
may end up making "n" bigger than BUF_LENGTH, and "snprintf()" might not
sanely handle being passed a negative length, so if "n" isn't less than
the total length of the string buffer, don't add stuff to it.
svn path=/trunk/; revision=3952
8-bit value), and the raw data of an SSID parameter is the
interpretation, so the buffer into which we put the interpretation must
be at least 256 bytes long; it's an array of size SHORT_STR, so boost
SHORT_STR to 256.
svn path=/trunk/; revision=3951
with both source and destination addresses - one instance with the
source address, and one instance with the destination address - to allow
display filtering that checks both the source and destination address
against a single value (as the other 802.x dissectors, and the FDDI
dissector, do).
svn path=/trunk/; revision=3785
frames (with a length field rather than a type field, but with no 802.2
header in the payload), and just stick the payload into an 802.11 frame.
I've seen captures that show frames of that sort.
This means we have to do the same check for Netware 802.3 - or, if you
will, "Netware 802.11" - that we do in the Ethernet dissector, i.e.
checking for 0xffff as the first four bytes of the payload and, if we
find it, treating it as an IPX frame.
svn path=/trunk/; revision=3759
Don't bother doing the WEP processing and child-tvbuff construction for
frames other than management and data frames, as they have no payload to
be WEP-encrypted or dissected.
svn path=/trunk/; revision=3600
that you can open up that protocol without opening up the 802.11 MAC
header; this can save some screen real estate.
Make the tree item for all the WEP parameters a text item, rather than a
"string" field with a null string pointer, as "strings" with null string
pointers give the filtering code gastric distress.
Dissect the WEP initialization vector as an FT_UINT24 (as it's a 3-byte
field), and dissect the key ID as part of an FT_UINT8 (as it's in an
8-bit byte).
After dissecting the frame control field, dissect the rest of the header
in one switch statement, and then:
handle WEP-encrypted frames with common code for all frame
types;
handle the payload of other frames.
(If we can supply the relevant keys to Ethereal, we could perhaps add
code to decrypt the WEP payload and then dissect the decrypted payload
the same way we dissect un-encrypted payloads.)
svn path=/trunk/; revision=3599
#defining all the bits in the flags field, and using those #defines in
the macros to test the flag fields, the macros fot the data address
types, the value_string table for the data frame to/from DS
combinations, and the bitfields for the flag bits.
svn path=/trunk/; revision=3598
Make routines not used outside this module static.
Make "find_header_length()" return the correct value for management and
control frames.
svn path=/trunk/; revision=3590
integral value from a packet - "tvb_get_letohs()" can do that just fine.
Don't use "tvb_get_ptr()", casting the result to a "guint16 *", and
dereferencing that pointer, either: that doesn't handle byte order
correctly, and it may fail if the pointer isn't aligned on a 2-byte
boundary.
For that matter, don't just use "tvb_get_ptr()" and dereference the
result to get an 8-bit quantity.
Use "proto_tree_add_item()" in many places where it's possible.
Reuse the results of "tvb_get_ptr()" calls when possible.
Show the fragment number and sequence number in decimal - they're just
ordinals.
Fix the blurb for the sequence number field.
svn path=/trunk/; revision=3589
and put it under the top-level 802.11 protocol item, so you don't have
to open the frame control field to see it.
Rename the variable for it, and the value_string array for it, to
indicate that it's made out of the type and subtype fields.
svn path=/trunk/; revision=3587
instead of having four identical copies of that code in switch
statements, just handle all four of them with the same case.
svn path=/trunk/; revision=3586
for all Association Request frames, or all frames except for
Clear-to-send frames, or....
Compute the composed frame type early in the dissection process, and set
the Info column as soon as you've done that, rather than doing it in the
later switch statement.
svn path=/trunk/; revision=3585
protocol tree; not only is putting it at the top level a little weird,
it upsets the heck out of the protocol-statistics code, causing it to
abort. Put the fixed and tagged parameters under the top-level entry
for 802.11 (where one of the fixed-parameters entries already was).
Call the top-level item just "IEEE 802.11", not "IEEE 802.11 Header", as
it includes management-frame information.
svn path=/trunk/; revision=3584
interpretation of the address fields, in DATA_ADDR_T{1,2,3,4} format.
Clean up a bunch of other macros to enclose their argument in
parentheses.
Clean up "find_header_length()" - it only needs to take the frame
control field of the frame as an argument, and should just check whether
"COOK_ADDR_SELECTOR()" returns DATA_ADDR_T4.
"tofrom_ds" is a value_string table, not a true_false_string table, so
wrap it in "VALS()", not "TFS()".
Don't fetch the header length in N different places in the main
dissector - just fetch it once and use it throughout.
svn path=/trunk/; revision=3582
standard fashion, for data and managment packets, and set the columns
correctly for other packets (as we currently put address types in the
address columns; if we don't do so, we could just set the addresses in
the standard fashion for those packets as well).
svn path=/trunk/; revision=3536
Don't bother doing multiple "tvb_get_letohs()" to get the frame control
field - we fetched it once, just use the value we fetched.
Call sub-dissectors *regardless* of whether a protocol tree is being
built or not - dissectors should always do so.
svn path=/trunk/; revision=3524
Don't use "pinfo->captured_len" to check the length of the packet -
that's the length of the *entire* frame, not the length of the portion
that belongs to the 802.11 dissector (there are currently no dissectors
for protocols in which 802.11 is encapsulated, so it doesn't currently
make a difference, but dissectors should use "tvb_length()" and so on to
get that information for the tvbuff they were handed).
svn path=/trunk/; revision=3483
people don't blindly insert the old address into new dissectors, which
is probably how it got into the dissectors being fixed here.
svn path=/trunk/; revision=3348
Correct number of addresses shown in dataframes.
Duration ID changed to "Association ID" in power-save polls
Added sequence and fragment numbers.
Corrected representation of frame-control flags.
Added dissection of data frames with piggybacked CF-Ack, Poll but no
data.
Cleaned up code a bit (mostly empty lines)...
svn path=/trunk/; revision=2964
Guy Harris