From Marcel Holtmann: support for reading Linux Bluez Bluetooth stack

"hcidump -w" traces.

Note that Jesper Peterson contributed support for reading Endace ERF
files.

svn path=/trunk/; revision=8824

7 files changed, 205 insertions, 8 deletions

diff --git a/wiretap/AUTHORS b/wiretap/AUTHORS
index b9a58ff61f..8194ce4ddd 100644
--- a/wiretap/AUTHORS
+++ b/wiretap/AUTHORS
@@ -18,5 +18,6 @@ Markus Steinmann	<ms[AT]seh.de>
 Mark C. Brown		<mbrown[AT]nosila.net>
 Martin Warnes		<martin.warnes[AT]ntlworld.com>
 Thierry Martin		<thierry.martin[AT]accellent-group.com>
-Jesper Peterson		<jesper [AT] endace.com>
+Jesper Peterson		<jesper[AT]endace.com>
+Marcel Holtmann		<marcel[AT]holtmann.org>
 
diff --git a/wiretap/Makefile.am b/wiretap/Makefile.am
index e4501e52c6..9780aff8e4 100644
--- a/wiretap/Makefile.am
+++ b/wiretap/Makefile.am
@@ -1,7 +1,7 @@
 # Makefile.am
 # Automake file for Wiretap
 #
-# $Id: Makefile.am,v 1.45 2003/08/26 07:10:38 guy Exp $
+# $Id: Makefile.am,v 1.46 2003/10/30 03:11:02 guy Exp $
 #
 # Ethereal - Network traffic analyzer
 # By Gerald Combs <gerald@ethereal.com>
@@ -54,6 +54,8 @@ libwiretap_a_SOURCES = \
 	file_access.c		\
 	file_wrappers.c		\
 	file_wrappers.h		\
+	hcidump.c		\
+	hcidump.h		\
 	i4btrace.c		\
 	i4btrace.h		\
 	i4b_trace.h		\
diff --git a/wiretap/Makefile.nmake b/wiretap/Makefile.nmake
index 2555798b7d..9e38b2f7b6 100644
--- a/wiretap/Makefile.nmake
+++ b/wiretap/Makefile.nmake
@@ -1,5 +1,5 @@
 #
-# $Id: Makefile.nmake,v 1.35 2003/10/10 21:31:53 guy Exp $
+# $Id: Makefile.nmake,v 1.36 2003/10/30 03:11:02 guy Exp $
 #
 
 include ..\config.nmake
@@ -25,6 +25,7 @@ OBJECTS=ascend-grammar.obj \
 	etherpeek.obj \
 	file_access.obj \
 	file_wrappers.obj \
+	hcidump.obj \
 	i4btrace.obj \
 	iptrace.obj \
 	lanalyzer.obj \
diff --git a/wiretap/file_access.c b/wiretap/file_access.c
index 74e4bb6260..f5ef156da1 100644
--- a/wiretap/file_access.c
+++ b/wiretap/file_access.c
@@ -1,6 +1,6 @@
 /* file_access.c
  *
- * $Id: file_access.c,v 1.3 2003/10/01 07:11:47 guy Exp $
+ * $Id: file_access.c,v 1.4 2003/10/30 03:11:02 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
@@ -70,6 +70,7 @@
 #include "cosine.h"
 #include "5views.h"
 #include "erf.h"
+#include "hcidump.h"
 
 /* The open_file_* routines should return:
  *
@@ -120,6 +121,7 @@ static int (*const open_routines[])(wtap *, int *) = {
 	dbs_etherwatch_open,
 	cosine_open,
 	erf_open,
+	hcidump_open,
 };
 
 #define	N_FILE_TYPES	(sizeof open_routines / sizeof open_routines[0])
@@ -435,6 +437,10 @@ static const struct file_type_info {
 	/* WTAP_FILE_ERF */
 	{ "Endace DAG capture", "erf",
 	  NULL, NULL },
+
+	/* WTAP_FILE_HCIDUMP */
+	{ "Bluetooth HCI dump", "hcidump",
+	  NULL, NULL },
 };
 
 /* Name that should be somewhat descriptive. */
diff --git a/wiretap/hcidump.c b/wiretap/hcidump.c
new file mode 100644
index 0000000000..f61c092c82
--- /dev/null
+++ b/wiretap/hcidump.c
@@ -0,0 +1,157 @@
+/* hcidump.c
+ *
+ * $Id: hcidump.c,v 1.1 2003/10/30 03:11:02 guy Exp $
+ *
+ * Copyright (c) 2003 by Marcel Holtmann <marcel@holtmann.org>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include "wtap-int.h"
+#include "file_wrappers.h"
+#include "buffer.h"
+#include "hcidump.h"
+
+struct dump_hdr {
+	guint16 len;
+	guint8  in;
+	guint8  pad;
+	guint32 ts_sec;
+	guint32 ts_usec;
+};
+
+#define DUMP_HDR_SIZE (sizeof(struct dump_hdr))
+
+static gboolean hcidump_read(wtap *wth, int *err, long *data_offset)
+{
+	struct dump_hdr dh;
+	guint8 *buf;
+	int bytes_read, packet_size;
+
+	*data_offset = wth->data_offset;
+
+	bytes_read = file_read(&dh, 1, DUMP_HDR_SIZE, wth->fh);
+	if (bytes_read != DUMP_HDR_SIZE) {
+		*err = file_error(wth->fh);
+		if (*err == 0 && bytes_read != 0)
+			*err = WTAP_ERR_SHORT_READ;
+		return FALSE;
+	}
+	wth->data_offset += DUMP_HDR_SIZE;
+
+	packet_size = g_ntohs(dh.len);
+	if (packet_size > WTAP_MAX_PACKET_SIZE) {
+		/*
+		 * Probably a corrupt capture file; don't blow up trying
+		 * to allocate space for an immensely-large packet.
+		 */
+		g_message("hcidump: File has %u-byte packet, bigger than maximum of %u",
+			packet_size, WTAP_MAX_PACKET_SIZE);
+		*err = WTAP_ERR_BAD_RECORD;
+		return FALSE;
+	}
+
+	buffer_assure_space(wth->frame_buffer, packet_size);
+	buf = buffer_start_ptr(wth->frame_buffer);
+
+	bytes_read = file_read(buf, 1, packet_size, wth->fh);
+	if (bytes_read != packet_size) {
+		*err = file_error(wth->fh);
+		if (*err == 0)
+			*err = WTAP_ERR_SHORT_READ;
+		return FALSE;
+	}
+	wth->data_offset += packet_size;
+
+	wth->phdr.ts.tv_sec = g_ntohl(dh.ts_sec);
+	wth->phdr.ts.tv_usec = g_ntohl(dh.ts_usec);
+	wth->phdr.caplen = packet_size;
+	wth->phdr.len = packet_size;
+	wth->phdr.pkt_encap = WTAP_ENCAP_BLUETOOTH_H4;
+
+	wth->pseudo_header.p2p.sent = (dh.in ? FALSE : TRUE);
+
+	return TRUE;
+}
+
+static gboolean hcidump_seek_read(wtap *wth, long seek_off, union wtap_pseudo_header *pseudo_header, guint8 *pd, int length, int *err)
+{
+	struct dump_hdr dh;
+	int bytes_read;
+
+	if (file_seek(wth->random_fh, seek_off, SEEK_SET, err) == -1)
+		return FALSE;
+
+	bytes_read = file_read(&dh, 1, DUMP_HDR_SIZE, wth->random_fh);
+	if (bytes_read != DUMP_HDR_SIZE) {
+		*err = file_error(wth->random_fh);
+		if (*err == 0 && bytes_read != 0)
+			*err = WTAP_ERR_SHORT_READ;
+		return FALSE;
+	}
+
+	bytes_read = file_read(pd, 1, length, wth->random_fh);
+	if (bytes_read != length) {
+		*err = file_error(wth->random_fh);
+		if (*err == 0)
+			*err = WTAP_ERR_SHORT_READ;
+		return FALSE;
+	}
+
+	pseudo_header->p2p.sent = (dh.in ? FALSE : TRUE);
+
+	return TRUE;
+}
+
+int hcidump_open(wtap *wth, int *err)
+{
+	struct dump_hdr dh;
+	guint8 type;
+	int bytes_read;
+
+	bytes_read = file_read(&dh, 1, DUMP_HDR_SIZE, wth->fh);
+	if (bytes_read != DUMP_HDR_SIZE) {
+		*err = file_error(wth->fh);
+		return (*err != 0) ? -1 : 0;
+	}
+
+	if (dh.in != 0 && dh.in != 1 && dh.pad != 0 && g_ntohs(dh.len) < 1)
+		return 0;
+
+	bytes_read = file_read(&type, 1, 1, wth->fh);
+	if (bytes_read != 1) {
+		*err = file_error(wth->fh);
+		return (*err != 0) ? -1 : 0;
+	}
+
+	if (type < 1 || type > 4)
+		return 0;
+
+	if (file_seek(wth->fh, 0, SEEK_SET, err) == -1)
+		return -1;
+
+	wth->file_type = WTAP_FILE_HCIDUMP;
+	wth->file_encap = WTAP_ENCAP_BLUETOOTH_H4;
+	wth->snapshot_length = 0;
+
+	wth->subtype_read = hcidump_read;
+	wth->subtype_seek_read = hcidump_seek_read;
+
+	return 1;
+}
diff --git a/wiretap/hcidump.h b/wiretap/hcidump.h
new file mode 100644
index 0000000000..134fbf0fb4
--- /dev/null
+++ b/wiretap/hcidump.h
@@ -0,0 +1,28 @@
+/* hcidump.h
+ *
+ * $Id: hcidump.h,v 1.1 2003/10/30 03:11:02 guy Exp $
+ *
+ * Copyright (c) 2003 by Marcel Holtmann <marcel@holtmann.org>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ */
+
+#ifndef __HCIDUMP_H__
+#define __HCIDUMP_H__
+
+int hcidump_open(wtap *wth, int *err);
+
+#endif
diff --git a/wiretap/wtap.h b/wiretap/wtap.h
index 5671803c7f..b752515843 100644
--- a/wiretap/wtap.h
+++ b/wiretap/wtap.h
@@ -1,6 +1,6 @@
 /* wtap.h
  *
- * $Id: wtap.h,v 1.142 2003/10/25 07:17:28 guy Exp $
+ * $Id: wtap.h,v 1.143 2003/10/30 03:11:03 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
@@ -129,9 +129,10 @@
 #define WTAP_ENCAP_ENC				37
 #define WTAP_ENCAP_PFLOG			38
 #define WTAP_ENCAP_CHDLC_WITH_PHDR		39
+#define WTAP_ENCAP_BLUETOOTH_H4			40
 
 /* last WTAP_ENCAP_ value + 1 */
-#define WTAP_NUM_ENCAP_TYPES			40
+#define WTAP_NUM_ENCAP_TYPES			41
 
 /* File types that can be read by wiretap.
    We support writing some many of these file types, too, so we
@@ -172,9 +173,10 @@
 #define WTAP_FILE_COSINE			33
 #define WTAP_FILE_5VIEWS			34
 #define WTAP_FILE_ERF				35
+#define WTAP_FILE_HCIDUMP			36
 
 /* last WTAP_FILE_ value + 1 */
-#define WTAP_NUM_FILE_TYPES			36
+#define WTAP_NUM_FILE_TYPES			37
 
 /*
  * Maximum packet size we'll support.
@@ -350,7 +352,7 @@ struct ieee_802_11_phdr {
 struct cosine_phdr {
 	guint8 encap;		/* COSINE_ENCAP_* as defined above */
 	guint8 direction;	/* COSINE_DIR_*, as defined above */
-        char if_name[COSINE_MAX_IF_NAME_LEN];  /* Encap & Logical I/F name */
+	char if_name[COSINE_MAX_IF_NAME_LEN];  /* Encap & Logical I/F name */
 	guint16 pro;		/* Protocol */
 	guint16 off;		/* Offset */
 	guint16 pri;		/* Priority */