From Marcel Holtmann: support for reading Linux Bluez Bluetooth stack

"hcidump -w" traces.

Note that Jesper Peterson contributed support for reading Endace ERF
files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8824 f5534014-38df-0310-8fa8-9805f1628bb7

diff --git a/AUTHORS b/AUTHORS
index b7d0c538c4233550bea100b0388472da059bbcb5..33554bc27cb95b8f1ff06807b0d24eb51305e88f 100644 (file)
--- a/AUTHORS
+++ b/AUTHORS
@@ -1825,6 +1825,7 @@ Niklas Ogren <niklas.ogren [AT] 71.se> {
 
 Jesper Peterson <jesper [AT] endace.com> {
        Cisco HDLC FCS support
+       Support for reading Endace ERF files
 }
 
 Giles Scott <gscott2 [AT] nortelnetworks.com> {
@@ -1889,6 +1890,11 @@ Lo
        HTTP header and payload desegmentation
 }
 
+Marcel Holtmann <marcel [AT] holtmann.org> {
+       Support for reading Linux Bluez Bluetooth stack "hcidump -w"
+           traces
+}
+
 And assorted fixes and enhancements by the people listed above and by:
 
        Pavel Roskin <proski [AT] gnu.org>

diff --git a/doc/ethereal.pod b/doc/ethereal.pod
index 3a3dd548b42c78ec3e947e4d791695262723f8cf..860a213096d02658d2a2701a0b4d0577093b2951 100644 (file)
--- a/doc/ethereal.pod
+++ b/doc/ethereal.pod
@@ -1946,6 +1946,7 @@ B<http://www.ethereal.com>.
   Samuel Qu                <samuel.qu [AT] utstar.com>
   Baktha Muralitharan      <muralidb [AT] cisco.com>
   Loïc Minier              <lool [AT] dooz.org>
+  Marcel Holtmann          <marcel [AT] holtmann.org>
   Pavel Roskin             <proski [AT] gnu.org>
   Georgi Guninski          <guninski [AT] guninski.com>
   Jason Copenhaver         <jcopenha [AT] typedef.org>

diff --git a/wiretap/AUTHORS b/wiretap/AUTHORS
index b9a58ff61fc0c03f04907f1d40e0fffa1876a300..8194ce4ddde81a26a553d87474d032666fd04d38 100644 (file)
--- a/wiretap/AUTHORS
+++ b/wiretap/AUTHORS
@@ -18,5 +18,6 @@ Markus Steinmann      <ms[AT]seh.de>
 Mark C. Brown          <mbrown[AT]nosila.net>
 Martin Warnes          <martin.warnes[AT]ntlworld.com>
 Thierry Martin         <thierry.martin[AT]accellent-group.com>
-Jesper Peterson                <jesper [AT] endace.com>
+Jesper Peterson                <jesper[AT]endace.com>
+Marcel Holtmann                <marcel[AT]holtmann.org>
 

diff --git a/wiretap/Makefile.am b/wiretap/Makefile.am
index e4501e52c673bdaeb261ebcf3c61f61c68887c7f..9780aff8e4762edb4bfdf3090d60f50545d58498 100644 (file)
--- a/wiretap/Makefile.am
+++ b/wiretap/Makefile.am
@@ -1,7 +1,7 @@
 # Makefile.am
 # Automake file for Wiretap
 #
-# $Id: Makefile.am,v 1.45 2003/08/26 07:10:38 guy Exp $
+# $Id: Makefile.am,v 1.46 2003/10/30 03:11:02 guy Exp $
 #
 # Ethereal - Network traffic analyzer
 # By Gerald Combs <gerald@ethereal.com>
@@ -54,6 +54,8 @@ libwiretap_a_SOURCES = \
        file_access.c           \
        file_wrappers.c         \
        file_wrappers.h         \
+       hcidump.c               \
+       hcidump.h               \
        i4btrace.c              \
        i4btrace.h              \
        i4b_trace.h             \

diff --git a/wiretap/Makefile.nmake b/wiretap/Makefile.nmake
index 2555798b7df79b90684b4d9ee7ed7803b80d74a8..9e38b2f7b6115066dafa857bfc277e23385c136c 100644 (file)
--- a/wiretap/Makefile.nmake
+++ b/wiretap/Makefile.nmake
@@ -1,5 +1,5 @@
 #
-# $Id: Makefile.nmake,v 1.35 2003/10/10 21:31:53 guy Exp $
+# $Id: Makefile.nmake,v 1.36 2003/10/30 03:11:02 guy Exp $
 #
 
 include ..\config.nmake
@@ -25,6 +25,7 @@ OBJECTS=ascend-grammar.obj \
        etherpeek.obj \
        file_access.obj \
        file_wrappers.obj \
+       hcidump.obj \
        i4btrace.obj \
        iptrace.obj \
        lanalyzer.obj \

diff --git a/wiretap/file_access.c b/wiretap/file_access.c
index 74e4bb6260662714b32855f3d04c42a659a8fe6c..f5ef156da1d32aa49221c15311738062a3d2a5d2 100644 (file)
--- a/wiretap/file_access.c
+++ b/wiretap/file_access.c
@@ -1,6 +1,6 @@
 /* file_access.c
  *
- * $Id: file_access.c,v 1.3 2003/10/01 07:11:47 guy Exp $
+ * $Id: file_access.c,v 1.4 2003/10/30 03:11:02 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
@@ -70,6 +70,7 @@
 #include "cosine.h"
 #include "5views.h"
 #include "erf.h"
+#include "hcidump.h"
 
 /* The open_file_* routines should return:
  *
@@ -120,6 +121,7 @@ static int (*const open_routines[])(wtap *, int *) = {
        dbs_etherwatch_open,
        cosine_open,
        erf_open,
+       hcidump_open,
 };
 
 #define        N_FILE_TYPES    (sizeof open_routines / sizeof open_routines[0])
@@ -435,6 +437,10 @@ static const struct file_type_info {
        /* WTAP_FILE_ERF */
        { "Endace DAG capture", "erf",
          NULL, NULL },
+
+       /* WTAP_FILE_HCIDUMP */
+       { "Bluetooth HCI dump", "hcidump",
+         NULL, NULL },
 };
 
 /* Name that should be somewhat descriptive. */

diff --git a/wiretap/hcidump.c b/wiretap/hcidump.c
new file mode 100644 (file)
index 0000000..f61c092
--- /dev/null
+++ b/wiretap/hcidump.c
@@ -0,0 +1,157 @@
+/* hcidump.c
+ *
+ * $Id: hcidump.c,v 1.1 2003/10/30 03:11:02 guy Exp $
+ *
+ * Copyright (c) 2003 by Marcel Holtmann <marcel@holtmann.org>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include "wtap-int.h"
+#include "file_wrappers.h"
+#include "buffer.h"
+#include "hcidump.h"
+
+struct dump_hdr {
+       guint16 len;
+       guint8  in;
+       guint8  pad;
+       guint32 ts_sec;
+       guint32 ts_usec;
+};
+
+#define DUMP_HDR_SIZE (sizeof(struct dump_hdr))
+
+static gboolean hcidump_read(wtap *wth, int *err, long *data_offset)
+{
+       struct dump_hdr dh;
+       guint8 *buf;
+       int bytes_read, packet_size;
+
+       *data_offset = wth->data_offset;
+
+       bytes_read = file_read(&dh, 1, DUMP_HDR_SIZE, wth->fh);
+       if (bytes_read != DUMP_HDR_SIZE) {
+               *err = file_error(wth->fh);
+               if (*err == 0 && bytes_read != 0)
+                       *err = WTAP_ERR_SHORT_READ;
+               return FALSE;
+       }
+       wth->data_offset += DUMP_HDR_SIZE;
+
+       packet_size = g_ntohs(dh.len);
+       if (packet_size > WTAP_MAX_PACKET_SIZE) {
+               /*
+                * Probably a corrupt capture file; don't blow up trying
+                * to allocate space for an immensely-large packet.
+                */
+               g_message("hcidump: File has %u-byte packet, bigger than maximum of %u",
+                       packet_size, WTAP_MAX_PACKET_SIZE);
+               *err = WTAP_ERR_BAD_RECORD;
+               return FALSE;
+       }
+
+       buffer_assure_space(wth->frame_buffer, packet_size);
+       buf = buffer_start_ptr(wth->frame_buffer);
+
+       bytes_read = file_read(buf, 1, packet_size, wth->fh);
+       if (bytes_read != packet_size) {
+               *err = file_error(wth->fh);
+               if (*err == 0)
+                       *err = WTAP_ERR_SHORT_READ;
+               return FALSE;
+       }
+       wth->data_offset += packet_size;
+
+       wth->phdr.ts.tv_sec = g_ntohl(dh.ts_sec);
+       wth->phdr.ts.tv_usec = g_ntohl(dh.ts_usec);
+       wth->phdr.caplen = packet_size;
+       wth->phdr.len = packet_size;
+       wth->phdr.pkt_encap = WTAP_ENCAP_BLUETOOTH_H4;
+
+       wth->pseudo_header.p2p.sent = (dh.in ? FALSE : TRUE);
+
+       return TRUE;
+}
+
+static gboolean hcidump_seek_read(wtap *wth, long seek_off, union wtap_pseudo_header *pseudo_header, guint8 *pd, int length, int *err)
+{
+       struct dump_hdr dh;
+       int bytes_read;
+
+       if (file_seek(wth->random_fh, seek_off, SEEK_SET, err) == -1)
+               return FALSE;
+
+       bytes_read = file_read(&dh, 1, DUMP_HDR_SIZE, wth->random_fh);
+       if (bytes_read != DUMP_HDR_SIZE) {
+               *err = file_error(wth->random_fh);
+               if (*err == 0 && bytes_read != 0)
+                       *err = WTAP_ERR_SHORT_READ;
+               return FALSE;
+       }
+
+       bytes_read = file_read(pd, 1, length, wth->random_fh);
+       if (bytes_read != length) {
+               *err = file_error(wth->random_fh);
+               if (*err == 0)
+                       *err = WTAP_ERR_SHORT_READ;
+               return FALSE;
+       }
+
+       pseudo_header->p2p.sent = (dh.in ? FALSE : TRUE);
+
+       return TRUE;
+}
+
+int hcidump_open(wtap *wth, int *err)
+{
+       struct dump_hdr dh;
+       guint8 type;
+       int bytes_read;
+
+       bytes_read = file_read(&dh, 1, DUMP_HDR_SIZE, wth->fh);
+       if (bytes_read != DUMP_HDR_SIZE) {
+               *err = file_error(wth->fh);
+               return (*err != 0) ? -1 : 0;
+       }
+
+       if (dh.in != 0 && dh.in != 1 && dh.pad != 0 && g_ntohs(dh.len) < 1)
+               return 0;
+
+       bytes_read = file_read(&type, 1, 1, wth->fh);
+       if (bytes_read != 1) {
+               *err = file_error(wth->fh);
+               return (*err != 0) ? -1 : 0;
+       }
+
+       if (type < 1 || type > 4)
+               return 0;
+
+       if (file_seek(wth->fh, 0, SEEK_SET, err) == -1)
+               return -1;
+
+       wth->file_type = WTAP_FILE_HCIDUMP;
+       wth->file_encap = WTAP_ENCAP_BLUETOOTH_H4;
+       wth->snapshot_length = 0;
+
+       wth->subtype_read = hcidump_read;
+       wth->subtype_seek_read = hcidump_seek_read;
+
+       return 1;
+}

diff --git a/wiretap/hcidump.h b/wiretap/hcidump.h
new file mode 100644 (file)
index 0000000..134fbf0
--- /dev/null
+++ b/wiretap/hcidump.h
@@ -0,0 +1,28 @@
+/* hcidump.h
+ *
+ * $Id: hcidump.h,v 1.1 2003/10/30 03:11:02 guy Exp $
+ *
+ * Copyright (c) 2003 by Marcel Holtmann <marcel@holtmann.org>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ */
+
+#ifndef __HCIDUMP_H__
+#define __HCIDUMP_H__
+
+int hcidump_open(wtap *wth, int *err);
+
+#endif

diff --git a/wiretap/wtap.h b/wiretap/wtap.h
index 5671803c7fcb36ac29aab0a84c3c278991b516b8..b7525158430f13e1c17eac8e3b0f65587c10c181 100644 (file)
--- a/wiretap/wtap.h
+++ b/wiretap/wtap.h
@@ -1,6 +1,6 @@
 /* wtap.h
  *
- * $Id: wtap.h,v 1.142 2003/10/25 07:17:28 guy Exp $
+ * $Id: wtap.h,v 1.143 2003/10/30 03:11:03 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
@@ -129,9 +129,10 @@
 #define WTAP_ENCAP_ENC                         37
 #define WTAP_ENCAP_PFLOG                       38
 #define WTAP_ENCAP_CHDLC_WITH_PHDR             39
+#define WTAP_ENCAP_BLUETOOTH_H4                        40
 
 /* last WTAP_ENCAP_ value + 1 */
-#define WTAP_NUM_ENCAP_TYPES                   40
+#define WTAP_NUM_ENCAP_TYPES                   41
 
 /* File types that can be read by wiretap.
    We support writing some many of these file types, too, so we
@@ -172,9 +173,10 @@
 #define WTAP_FILE_COSINE                       33
 #define WTAP_FILE_5VIEWS                       34
 #define WTAP_FILE_ERF                          35
+#define WTAP_FILE_HCIDUMP                      36
 
 /* last WTAP_FILE_ value + 1 */
-#define WTAP_NUM_FILE_TYPES                    36
+#define WTAP_NUM_FILE_TYPES                    37
 
 /*
  * Maximum packet size we'll support.
@@ -350,7 +352,7 @@ struct ieee_802_11_phdr {
 struct cosine_phdr {
        guint8 encap;           /* COSINE_ENCAP_* as defined above */
        guint8 direction;       /* COSINE_DIR_*, as defined above */
-        char if_name[COSINE_MAX_IF_NAME_LEN];  /* Encap & Logical I/F name */
+       char if_name[COSINE_MAX_IF_NAME_LEN];  /* Encap & Logical I/F name */
        guint16 pro;            /* Protocol */
        guint16 off;            /* Offset */
        guint16 pri;            /* Priority */