In the EtherPeek file reader, keep the capture start time in a private

data structure attached to the "wtap" structure, rather than in a
pseudo-header structure; get rid of the EtherPeek pseudo-header
structure, as it's not actually used as a pseudo-header, it's just used
as private data for the EtherPeek reader.

Get rid of an extra level of indentation in switch statements.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4561 f5534014-38df-0310-8fa8-9805f1628bb7

3 files changed, 99 insertions, 68 deletions

diff --git a/wiretap/etherpeek.c b/wiretap/etherpeek.c
index f30f639e94..658d22fb43 100644
--- a/wiretap/etherpeek.c
+++ b/wiretap/etherpeek.c
@@ -2,7 +2,7 @@
  * Routines for opening etherpeek files
  * Copyright (c) 2001, Daniel Thompson <d.thompson@gmx.net>
  *
- * $Id: etherpeek.c,v 1.7 2001/12/05 07:19:11 guy Exp $
+ * $Id: etherpeek.c,v 1.8 2002/01/18 00:25:50 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
@@ -127,10 +127,12 @@ static const etherpeek_encap_lookup_t etherpeek_encap[] = {
 
 static gboolean etherpeek_read_m7(wtap *wth, int *err, long *data_offset);
 static gboolean etherpeek_read_m56(wtap *wth, int *err, long *data_offset);
+static void etherpeek_close(wtap *wth);
 
 int etherpeek_open(wtap *wth, int *err)
 {
 	etherpeek_header_t ep_hdr;
+	struct timeval start_time;
 
 	/* etherpeek files to not start with a magic value large enough
 	 * to be unique hence we use the following algorithm to determine
@@ -149,69 +151,78 @@ int etherpeek_open(wtap *wth, int *err)
 
 	/* switch on the file version */
 	switch (ep_hdr.master.version) {
-		case 5:
-		case 6:
-		case 7:
-			/* get the secondary header */
-			g_assert(sizeof(ep_hdr.secondary.m567) ==
-			        ETHERPEEK_M567_HDR_SIZE);
-			wtap_file_read_unknown_bytes(
-				&ep_hdr.secondary.m567,
-				sizeof(ep_hdr.secondary.m567), wth->fh, err);
-			wth->data_offset += sizeof(ep_hdr.secondary.m567);
+
+	case 5:
+	case 6:
+	case 7:
+		/* get the secondary header */
+		g_assert(sizeof(ep_hdr.secondary.m567) ==
+		        ETHERPEEK_M567_HDR_SIZE);
+		wtap_file_read_unknown_bytes(
+			&ep_hdr.secondary.m567,
+			sizeof(ep_hdr.secondary.m567), wth->fh, err);
+		wth->data_offset += sizeof(ep_hdr.secondary.m567);
 			
-			if ((0 != ep_hdr.secondary.m567.reserved[0]) ||
-			    (0 != ep_hdr.secondary.m567.reserved[1]) ||
-			    (0 != ep_hdr.secondary.m567.reserved[2]) ||
-			    (0 != ep_hdr.secondary.m567.reserved[3])) {
-				/* still unknown */
-				return 0;
-			}
-
-			/* we have a match for a Mac V5, V6 or V7,
-			 * so it is worth preforming byte swaps
-			 */
-			ep_hdr.secondary.m567.filelength =
-				ntohl(ep_hdr.secondary.m567.filelength);
-			ep_hdr.secondary.m567.numPackets =
-				ntohl(ep_hdr.secondary.m567.numPackets);
-			ep_hdr.secondary.m567.timeDate =
-				ntohl(ep_hdr.secondary.m567.timeDate);
-			ep_hdr.secondary.m567.timeStart =
-				ntohl(ep_hdr.secondary.m567.timeStart);
-			ep_hdr.secondary.m567.timeStop =
-				ntohl(ep_hdr.secondary.m567.timeStop);
-
-			/* populate the pseudo header */
-			wth->pseudo_header.etherpeek.reference_time.tv_sec  =
-				ep_hdr.secondary.m567.timeDate - mac2unix;
-			wth->pseudo_header.etherpeek.reference_time.tv_usec =
-				0;
-			break;
-		default:
+		if ((0 != ep_hdr.secondary.m567.reserved[0]) ||
+		    (0 != ep_hdr.secondary.m567.reserved[1]) ||
+		    (0 != ep_hdr.secondary.m567.reserved[2]) ||
+		    (0 != ep_hdr.secondary.m567.reserved[3])) {
+			/* still unknown */
 			return 0;
+		}
+
+		/* we have a match for a Mac V5, V6 or V7,
+		 * so it is worth performing byte swaps
+		 */
+		ep_hdr.secondary.m567.filelength =
+		    ntohl(ep_hdr.secondary.m567.filelength);
+		ep_hdr.secondary.m567.numPackets =
+		    ntohl(ep_hdr.secondary.m567.numPackets);
+		ep_hdr.secondary.m567.timeDate =
+		    ntohl(ep_hdr.secondary.m567.timeDate);
+		ep_hdr.secondary.m567.timeStart =
+		    ntohl(ep_hdr.secondary.m567.timeStart);
+		ep_hdr.secondary.m567.timeStop =
+		    ntohl(ep_hdr.secondary.m567.timeStop);
+
+		/* Get the start time as a "struct timeval" */
+		start_time.tv_sec  =
+			ep_hdr.secondary.m567.timeDate - mac2unix;
+		start_time.tv_usec = 0;
+		break;
+
+	default:
+		return 0;
 	}
 
-	/* at this point we have recognised the file type and have populated
-	 * the whole ep_hdr structure in host byte order
+	/*
+	 * This is an EtherPeek (or TokenPeek?) file.
+	 *
+	 * At this point we have recognised the file type and have populated
+	 * the whole ep_hdr structure in host byte order.
 	 */
-	
+	wth->capture.etherpeek = g_malloc(sizeof(etherpeek_t));
+	wth->capture.etherpeek->start_timestamp = start_time;
+	wth->subtype_close = etherpeek_close;
 	switch (ep_hdr.master.version) {
-		case 5:
-		case 6:
-			wth->file_type = WTAP_FILE_ETHERPEEK_MAC_V56;
-			wth->subtype_read = etherpeek_read_m56;
-			wth->subtype_seek_read = wtap_def_seek_read;
-			break;
-		case 7:
-			wth->file_type = WTAP_FILE_ETHERPEEK_MAC_V7;
-			wth->subtype_read = etherpeek_read_m7;
-			wth->subtype_seek_read = wtap_def_seek_read;
-			break;
-		default:
-			/* this is impossible */
-			g_assert_not_reached();
-	};
+
+	case 5:
+	case 6:
+		wth->file_type = WTAP_FILE_ETHERPEEK_MAC_V56;
+		wth->subtype_read = etherpeek_read_m56;
+		wth->subtype_seek_read = wtap_def_seek_read;
+		break;
+
+	case 7:
+		wth->file_type = WTAP_FILE_ETHERPEEK_MAC_V7;
+		wth->subtype_read = etherpeek_read_m7;
+		wth->subtype_seek_read = wtap_def_seek_read;
+		break;
+
+	default:
+		/* this is impossible */
+		g_assert_not_reached();
+	}
 
 	wth->file_encap	       = WTAP_ENCAP_PER_PACKET;
 	wth->snapshot_length   = 16384; /* just guessing */
@@ -219,6 +230,11 @@ int etherpeek_open(wtap *wth, int *err)
 	return 1;
 }
 
+static void etherpeek_close(wtap *wth)
+{
+	g_free(wth->capture.etherpeek);
+}
+
 static gboolean etherpeek_read_m7(wtap *wth, int *err, long *data_offset)
 {
 	guchar ep_pkt[ETHERPEEK_M7_PKT_SIZE];
@@ -328,8 +344,8 @@ static gboolean etherpeek_read_m56(wtap *wth, int *err, long *data_offset)
 	wth->phdr.len        = length;
 	wth->phdr.caplen     = sliceLength;
 	/* timestamp is in milliseconds since reference_time */
-	wth->phdr.ts.tv_sec  = wth->pseudo_header.etherpeek.
-		reference_time.tv_sec + (timestamp / 1000);
+	wth->phdr.ts.tv_sec  = wth->capture.etherpeek->start_timestamp.tv_sec
+	    + (timestamp / 1000);
 	wth->phdr.ts.tv_usec = 1000 * (timestamp % 1000);
 	
 	wth->phdr.pkt_encap = WTAP_ENCAP_UNKNOWN;
diff --git a/wiretap/wtap-int.h b/wiretap/wtap-int.h
index b52ee068e9..5e947f68ac 100644
--- a/wiretap/wtap-int.h
+++ b/wiretap/wtap-int.h
@@ -1,6 +1,6 @@
 /* wtap-int.h
  *
- * $Id: wtap-int.h,v 1.18 2001/12/13 05:49:13 gram Exp $
+ * $Id: wtap-int.h,v 1.19 2002/01/18 00:25:50 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
@@ -116,6 +116,10 @@ typedef struct {
 	gboolean byteswapped;
 } csids_t;
 
+typedef struct {
+	struct timeval start_timestamp;
+} etherpeek_t;
+
 typedef int (*subtype_read_func)(struct wtap*, int*, long*);
 typedef int (*subtype_seek_read_func)(struct wtap*, long, union wtap_pseudo_header*,
 					guint8*, int);
@@ -141,6 +145,7 @@ struct wtap {
 		netxray_t		*netxray;
 		ascend_t		*ascend;
 		csids_t			*csids;
+		etherpeek_t		*etherpeek;
 		void			*generic;
 	} capture;
 
diff --git a/wiretap/wtap.h b/wiretap/wtap.h
index ccf5493923..eaa0fa2314 100644
--- a/wiretap/wtap.h
+++ b/wiretap/wtap.h
@@ -1,6 +1,6 @@
 /* wtap.h
  *
- * $Id: wtap.h,v 1.99 2001/12/04 22:28:19 guy Exp $
+ * $Id: wtap.h,v 1.100 2002/01/18 00:25:50 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
@@ -163,6 +163,22 @@
 #include <glib.h>
 #include <stdio.h>
 
+/*
+ * "Pseudo-headers" are used to supply to the clients of wiretap
+ * per-packet information that's not part of the packet payload
+ * proper.
+ *
+ * NOTE: do not use pseudo-header structures to hold information
+ * used by the code to read a particular capture file type; to
+ * keep that sort of state information, add a new structure for
+ * that private information to "wtap-int.h", add a pointer to that
+ * type of structure to the "capture" member of the "struct wtap"
+ * structure, and allocate one of those structures and set that member
+ * in the "open" routine for that capture file type if the open
+ * succeeds.  See various other capture file type handlers for examples
+ * of that.
+ */
+
 /* Packet "pseudo-header" information for X.25 capture files. */
 struct x25_phdr {
 	guint8	flags; /* ENCAP_LAPB : 1st bit means From DCE */
@@ -199,11 +215,6 @@ struct ascend_phdr {
 	guint32	task;			/* Task number */
 };
 
-/* Packet "pseudo_header" for etherpeek capture files. */
-struct etherpeek_phdr {
-	struct timeval reference_time;
-};
-
 struct p2p_phdr {
 	gboolean	sent; /* TRUE=sent, FALSE=received */
 };
@@ -265,7 +276,6 @@ union wtap_pseudo_header {
 	struct x25_phdr			x25;
 	struct ngsniffer_atm_phdr	ngsniffer_atm;
 	struct ascend_phdr		ascend;
-	struct etherpeek_phdr           etherpeek;
 	struct p2p_phdr			p2p;
 };