pytest.ini: declare minimum version requirement
[metze/wireshark/wip.git] / epan / packet_info.h
index 4731e9b6fdb57254838fa6bf34e8a0c19a65fbd0..0c71af8ede0ec6a6db0a9b6c763d0745a61e88f5 100644 (file)
@@ -1,25 +1,11 @@
 /* packet_info.h
  * Definitions for packet info structures and routines
  *
- * $Id$
- *
  * Wireshark - Network traffic analyzer
  * By Gerald Combs <gerald@wireshark.org>
  * Copyright 1998 Gerald Combs
  *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ * SPDX-License-Identifier: GPL-2.0-or-later
  */
 
 #ifndef __PACKET_INFO_H__
 #include "tvbuff.h"
 #include "address.h"
 
-#define P2P_DIR_UNKNOWN        -1
-#define P2P_DIR_SENT   0
-#define P2P_DIR_RECV   1
+struct endpoint;
+
+/** @file
+ * Dissected packet data and metadata.
+ */
+
+/** @defgroup packetinfo Packet Data and Metadata
+ *
+ * @{
+ */
+
+/* Also defined in wiretap/wtap.h */
+#define P2P_DIR_UNKNOWN -1
+#define P2P_DIR_SENT    0
+#define P2P_DIR_RECV    1
 
-#define MTP2_ANNEX_A_USED_UNKNOWN -1
-#define MTP2_ANNEX_A_NOT_USED      0
-#define MTP2_ANNEX_A_USED          1
+/* Link direction */
+#define LINK_DIR_UNKNOWN    -1
+#define P2P_DIR_UL  0
+#define P2P_DIR_DL  1
 
-#define PINFO_SOF_FIRST_FRAME   0x1
-#define PINFO_SOF_SOFF          0x2
-#define PINFO_EOF_LAST_FRAME    0x80
-#define PINFO_EOF_INVALID       0x40
-#define MAX_NUMBER_OF_PPIDS     2
+/*
+ * Presence flags.
+ */
+#define PINFO_HAS_TS            0x00000001  /**< time stamp */
 
 typedef struct _packet_info {
-  const char *current_proto;   /* name of protocol currently being dissected */
-  column_info *cinfo;          /* Column formatting information */
+  const char *current_proto;        /**< name of protocol currently being dissected */
+  struct epan_column_info *cinfo;   /**< Column formatting information */
+  guint32 presence_flags;           /**< Presence flags for some items */
+  guint32 num;                      /**< Frame number */
+  nstime_t abs_ts;                  /**< Packet absolute time stamp */
+  nstime_t rel_ts;                  /**< Relative timestamp (yes, it can be negative) */
   frame_data *fd;
   union wtap_pseudo_header *pseudo_header;
-  GSList *data_src;            /* Frame data sources */
-  address dl_src;              /* link-layer source address */
-  address dl_dst;              /* link-layer destination address */
-  address net_src;             /* network-layer source address */
-  address net_dst;             /* network-layer destination address */
-  address src;                 /* source address (net if present, DL otherwise )*/
-  address dst;                 /* destination address (net if present, DL otherwise )*/
-  guint32 ethertype;           /* Ethernet Type Code, if this is an Ethernet packet */
-  guint32 ipproto;             /* IP protocol, if this is an IP packet */
-  guint32 ipxptype;            /* IPX packet type, if this is an IPX packet */
-  circuit_type ctype;          /* type of circuit, for protocols with a VC identifier */
-  guint32 circuit_id;          /* circuit ID, for protocols with a VC identifier */
-  const char *noreassembly_reason;  /* reason why reassembly wasn't done, if any */
-  gboolean fragmented;         /* TRUE if the protocol is only a fragment */
-  gboolean in_error_pkt;       /* TRUE if we're inside an {ICMP,CLNP,...} error packet */
-  port_type ptype;             /* type of the following two port numbers */
-  guint32 srcport;             /* source port */
-  guint32 destport;            /* destination port */
-  guint32 match_port;
-  const char *match_string;    /* Subdissectors with string dissector tables use this */
-  guint16 can_desegment;       /* >0 if this segment could be desegmented.
-                                  A dissector that can offer this API (e.g.
-                                  TCP) sets can_desegment=2, then
-                                  can_desegment is decremented by 1 each time
-                                  we pass to the next subdissector. Thus only
-                                  the dissector immediately above the
-                                  protocol which sets the flag can use it*/
-  guint16 saved_can_desegment; /* Value of can_desegment before current
-                                  dissector was called.  Supplied so that
-                                  dissectors for proxy protocols such as
-                                  SOCKS can restore it, allowing the
-                                  dissectors that they call to use the
-                                  TCP dissector's desegmentation (SOCKS
-                                  just retransmits TCP segments once it's
-                                  finished setting things up, so the TCP
-                                  desegmentor can desegment its payload). */
-  int desegment_offset;                /* offset to stuff needing desegmentation */
+  wtap_rec *rec;                    /**< Record metadata */
+  GSList *data_src;                 /**< Frame data sources */
+  address dl_src;                   /**< link-layer source address */
+  address dl_dst;                   /**< link-layer destination address */
+  address net_src;                  /**< network-layer source address */
+  address net_dst;                  /**< network-layer destination address */
+  address src;                      /**< source address (net if present, DL otherwise )*/
+  address dst;                      /**< destination address (net if present, DL otherwise )*/
+  guint32 vlan_id;                  /**< First encountered VLAN Id if present otherwise 0 */
+  const char *noreassembly_reason;  /**< reason why reassembly wasn't done, if any */
+  gboolean fragmented;              /**< TRUE if the protocol is only a fragment */
+  struct {
+    guint32 in_error_pkt:1;         /**< TRUE if we're inside an {ICMP,CLNP,...} error packet */
+    guint32 in_gre_pkt:1;           /**< TRUE if we're encapsulated inside a GRE packet */
+  } flags;
+  port_type ptype;                  /**< type of the following two port numbers */
+  guint32 srcport;                  /**< source port */
+  guint32 destport;                 /**< destination port */
+  guint32 match_uint;               /**< matched uint for calling subdissector from table */
+  const char *match_string;         /**< matched string for calling subdissector from table */
+  gboolean use_endpoint;            /**< TRUE if endpoint member should be used for conversations */
+  struct endpoint* conv_endpoint;   /**< Data that can be used for conversations */
+  guint16 can_desegment;            /**< >0 if this segment could be desegmented.
+                                         A dissector that can offer this API (e.g.
+                                         TCP) sets can_desegment=2, then
+                                         can_desegment is decremented by 1 each time
+                                         we pass to the next subdissector. Thus only
+                                         the dissector immediately above the
+                                         protocol which sets the flag can use it*/
+  guint16 saved_can_desegment;      /**< Value of can_desegment before current
+                                         dissector was called.  Supplied so that
+                                         dissectors for proxy protocols such as
+                                         SOCKS can restore it, allowing the
+                                         dissectors that they call to use the
+                                         TCP dissector's desegmentation (SOCKS
+                                         just retransmits TCP segments once it's
+                                         finished setting things up, so the TCP
+                                         desegmentor can desegment its payload). */
+  int desegment_offset;             /**< offset to stuff needing desegmentation */
 #define DESEGMENT_ONE_MORE_SEGMENT 0x0fffffff
 #define DESEGMENT_UNTIL_FIN        0x0ffffffe
-  guint32 desegment_len;       /* requested desegmentation additional length
-                                  or 
-                                  DESEGMENT_ONE_MORE_SEGMENT:
-                                    Desegment one more full segment 
-                                    (warning! only partially implemented)
-                                  DESEGMENT_UNTIL_FIN:
-                                    Desgment all data for this tcp session 
-                                    until the FIN segment.
-                               */
-  guint16 want_pdu_tracking;   /* >0 if the subdissector has specified
-                                  a value in 'bytes_until_next_pdu'.
-                                  When a dissector detects that the next PDU
-                                  will start beyond the start of the next
-                                  segment, it can set this value to 2
-                                  and 'bytes_until_next_pdu' to the number of
-                                  bytes beyond the next segment where the
-                                  next PDU starts.
-
-                                  If the protocol dissector below this
-                                  one is capable of PDU tracking it can
-                                  use this hint to detect PDUs that starts
-                                  unaligned to the segment boundaries.
-                                  The TCP dissector is using this hint from
-                                  (some) protocols to detect when a new PDU
-                                  starts in the middle of a tcp segment.
-
-                                  There is intelligence in the glue between
-                                  dissector layers to make sure that this
-                                  request is only passed down to the protocol
-                                  immediately below the current one and not
-                                  any further.
-                               */
-  guint32 bytes_until_next_pdu;
+  guint32 desegment_len;            /**< requested desegmentation additional length
+                                       or
+                                       DESEGMENT_ONE_MORE_SEGMENT:
+                                         Desegment one more full segment
+                                         (warning! only partially implemented)
+                                       DESEGMENT_UNTIL_FIN:
+                                         Desgment all data for this tcp session
+                                         until the FIN segment.
+                                    */
+  guint16 want_pdu_tracking;    /**< >0 if the subdissector has specified
+                                   a value in 'bytes_until_next_pdu'.
+                                   When a dissector detects that the next PDU
+                                   will start beyond the start of the next
+                                   segment, it can set this value to 2
+                                   and 'bytes_until_next_pdu' to the number of
+                                   bytes beyond the next segment where the
+                                   next PDU starts.
+
+                                   If the protocol dissector below this
+                                   one is capable of PDU tracking it can
+                                   use this hint to detect PDUs that starts
+                                   unaligned to the segment boundaries.
+                                   The TCP dissector is using this hint from
+                                   (some) protocols to detect when a new PDU
+                                   starts in the middle of a tcp segment.
 
+                                   There is intelligence in the glue between
+                                   dissector layers to make sure that this
+                                   request is only passed down to the protocol
+                                   immediately below the current one and not
+                                   any further.
+                                */
+  guint32 bytes_until_next_pdu;
 
-  int     iplen;
-  int     iphdrlen;
-  int    p2p_dir;              /* Packet was captured as an 
-                                       outbound (P2P_DIR_SENT) 
-                                       inbound (P2P_DIR_RECV) 
+  int     p2p_dir;              /**< Packet was captured as an
+                                       outbound (P2P_DIR_SENT)
+                                       inbound (P2P_DIR_RECV)
                                        unknown (P2P_DIR_UNKNOWN) */
-  guint16 oxid;                 /* next 2 fields reqd to identify fibre */
-  guint16 rxid;                 /* channel conversations */
-  guint8  r_ctl;                /* R_CTL field in Fibre Channel Protocol */
-  guint8  sof_eof;              /* FC's SOF/EOF encoding passed to FC decoder
-                                 * Bit 7 set if Last frame in sequence
-                                 * Bit 6 set if invalid frame content
-                                 * Bit 2 set if SOFf
-                                 * Bit 1 set if first frame in sequence
-                                 */
-  guint16 src_idx;              /* Source port index (Cisco MDS-specific) */
-  guint16 dst_idx;              /* Dest port index (Cisco MDS-specific) */
-  guint16 vsan;                 /* Fibre channel/Cisco MDS-specific */
-
-  /* Extra data for DCERPC handling and tracking of context ids */
-  guint16 dcectxid;             /* Context ID (DCERPC-specific) */
-  int     dcetransporttype;     /* Transport type
-                                 * Value -1 means "not a DCERPC packet"
-                                 */
-  guint16 dcetransportsalt;    /* fid: if transporttype==DCE_CN_TRANSPORT_SMBPIPE */
-
-  /* Extra data for handling of decryption of GSSAPI wrapped tvbuffs.
-     Caller sets decrypt_gssapi_tvb if this service is requested.
-     If gssapi_encrypted_tvb is NULL, then the rest of the tvb data following
-     the gssapi blob itself is decrypted othervise the gssapi_encrypted_tvb
-     tvb will be decrypted (DCERPC has the data before the gssapi blob)
-     If, on return, gssapi_data_encrypted is FALSE, the wrapped tvbuff
-     was signed (i.e., an encrypted signature was present, to check
-     whether the data was modified by a man in the middle) but not sealed
-     (i.e., the data itself wasn't encrypted).
-  */
-#define DECRYPT_GSSAPI_NORMAL  1
-#define DECRYPT_GSSAPI_DCE     2
-  guint16 decrypt_gssapi_tvb;
-  tvbuff_t *gssapi_wrap_tvb;
-  tvbuff_t *gssapi_encrypted_tvb;
-  tvbuff_t *gssapi_decrypted_tvb;
-  gboolean gssapi_data_encrypted;
-  guint32 ppid[MAX_NUMBER_OF_PPIDS]; /* The first NUMBER_OF_PPIDS PPIDS which are present
-                                      * in the SCTP packet
-                                      */
-  void    *private_data;       /* pointer to data passed from one dissector to another */
-  GString *layer_names;        /* layers of each protocol */
+
+  GHashTable *private_table;    /**< a hash table passed from one dissector to another */
+
+  wmem_list_t *layers;      /**< layers of each protocol */
+  guint8 curr_layer_num;       /**< The current "depth" or layer number in the current frame */
   guint16 link_number;
-  gchar   annex_a_used;
-  guint16 profinet_type;       /* the type of PROFINET packet (0: not a PROFINET packet) */
-  void *usb_conv_info;
-  void *tcp_tree;              /* proto_tree for the tcp layer */
 
-  const char *dcerpc_procedure_name;   /* Used by PIDL to store the name of the current dcerpc procedure */
+  guint16 clnp_srcref;          /**< clnp/cotp source reference (can't use srcport, this would confuse tpkt) */
+  guint16 clnp_dstref;          /**< clnp/cotp destination reference (can't use dstport, this would confuse tpkt) */
+
+  int link_dir;                 /**< 3GPP messages are sometime different UP link(UL) or Downlink(DL) */
+
+  GSList* proto_data;          /**< Per packet proto data */
+
+  GSList* dependent_frames;     /**< A list of frames which this one depends on */
 
-  struct _sccp_msg_info_t* sccp_info;
+  GSList* frame_end_routines;
+
+  wmem_allocator_t *pool;      /**< Memory pool scoped to the pinfo struct */
+  struct epan_session *epan;
+  const gchar *heur_list_name;    /**< name of heur list if this packet is being heuristically dissected */
 } packet_info;
 
+/** @} */
+
 #endif /* __PACKET_INFO_H__ */
+
+/*
+ * Editor modelines
+ *
+ * Local Variables:
+ * c-basic-offset: 2
+ * tab-width: 8
+ * indent-tabs-mode: nil
+ * End:
+ *
+ * ex: set shiftwidth=2 tabstop=8 expandtab:
+ * :indentSize=2:tabSize=8:noTabs=true:
+ */