xref: /libbtbb/wireshark/plugins-legacy/btle/wireshark-1.8-btle-ppi.patch (revision e018180df8c9bd1ca869d5329a027253be1a76ec) 
1Index: wireshark-1.8.2/epan/dissectors/packet-ppi.c
2===================================================================
3--- wireshark-1.8.2.orig/epan/dissectors/packet-ppi.c	2013-02-01 12:18:18.208820553 -0800
4+++ wireshark-1.8.2/epan/dissectors/packet-ppi.c	2013-02-01 12:18:50.000000000 -0800
5@@ -181,6 +181,7 @@
6     PPI_VECTOR_INFO              = 30003, /* currently available in draft from. [email protected] */
7     PPI_SENSOR_INFO              = 30004,
8     PPI_ANTENNA_INFO             = 30005,
9+    PPI_BTLE                     = 30006,
10     CACE_PRIVATE                 = 0xCACE
11     /* All others RESERVED.  Contact the WinPcap team for an assignment */
12 } ppi_field_type;
13@@ -319,7 +320,7 @@
14
15 static dissector_handle_t data_handle;
16 static dissector_handle_t ieee80211_ht_handle;
17-static dissector_handle_t ppi_gps_handle, ppi_vector_handle, ppi_sensor_handle, ppi_antenna_handle;
18+static dissector_handle_t ppi_gps_handle, ppi_vector_handle, ppi_sensor_handle, ppi_antenna_handle, ppi_btle_handle;
19
20
21 static const true_false_string tfs_ppi_head_flag_alignment = { "32-bit aligned", "Not aligned" };
22@@ -881,7 +882,19 @@
23                 call_dissector(ppi_antenna_handle, next_tvb, pinfo, ppi_tree);
24             }
25             break;
26-
27+        case PPI_BTLE:
28+            if (ppi_btle_handle == NULL)
29+            {
30+                proto_tree_add_text(ppi_tree, tvb, offset, data_len,
31+                                    "%s (%u bytes)", val_to_str(data_type, (value_string *)&vs_ppi_field_type, "BTLE: "), data_len);
32+            }
33+            else /* we found a suitable dissector */
34+            {
35+                /* skip over the ppi_fieldheader, and pass it off to the dedicated BTLE dissetor */
36+                next_tvb = tvb_new_subset(tvb, offset + 4, data_len - 4 , -1);
37+                call_dissector(ppi_btle_handle, next_tvb, pinfo, ppi_tree);
38+            }
39+            break;
40         default:
41             if (tree)
42                 proto_tree_add_text(ppi_tree, tvb, offset, data_len,
43@@ -1365,6 +1378,7 @@
44     ppi_vector_handle = find_dissector("ppi_vector");
45     ppi_sensor_handle = find_dissector("ppi_sensor");
46     ppi_antenna_handle = find_dissector("ppi_antenna");
47+    ppi_btle_handle = find_dissector("ppi_btle");
48
49     dissector_add_uint("wtap_encap", WTAP_ENCAP_PPI, ppi_handle);
50 }
51Index: wireshark-1.8.2/epan/dissectors/packet-ppi-btle.c
52===================================================================
53--- /dev/null	1970-01-01 00:00:00.000000000 +0000
54+++ wireshark-1.8.2/epan/dissectors/packet-ppi-btle.c	2013-02-01 13:37:09.020642835 -0800
55@@ -0,0 +1,179 @@
56+/* packet-ppi-btle.c
57+ * Routines for PPI-BTLE  dissection
58+ * Copyright 2013, Mike Ryan, mikeryan /at/ isecpartners /dot/ com
59+ *
60+ * $Id$
61+ *
62+ * Wireshark - Network traffic analyzer
63+ * By Gerald Combs <[email protected]>
64+ * Copyright 1998 Gerald Combs
65+ *
66+ * Copied from packet-ppi-gps.c
67+ *
68+ * This program is free software; you can redistribute it and/or modify
69+ * it under the terms of the GNU General Public License as published by
70+ * the Free Software Foundation; either version 2 of the License, or
71+ * (at your option) any later version.
72+ *
73+ * This program is distributed in the hope that it will be useful,
74+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
75+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
76+ * GNU General Public License for more details.
77+ *
78+ * You should have received a copy of the GNU General Public License along
79+ * with this program; if not, write to the Free Software Foundation, Inc.,
80+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
81+ */
82+
83+#ifdef HAVE_CONFIG_H
84+# include "config.h"
85+#endif
86+
87+#include <glib.h>
88+#include <epan/packet.h>
89+
90+#define PPI_BTLE_MINTAGLEN  12
91+#define PPI_BTLE_MAXTAGLEN  12
92+
93+/* protocol */
94+static int proto_ppi_btle = -1;
95+
96+static int hf_ppi_btle_version = -1;
97+static int hf_ppi_btle_channel = -1;
98+static int hf_ppi_btle_clkn_high = -1;
99+static int hf_ppi_btle_clk100ns = -1;
100+static int hf_ppi_btle_rssi_max = -1;
101+static int hf_ppi_btle_rssi_min = -1;
102+static int hf_ppi_btle_rssi_avg = -1;
103+static int hf_ppi_btle_rssi_count = -1;
104+
105+static gint ett_ppi_btle = -1;
106+
107+static void
108+dissect_ppi_btle(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
109+    /* These are locals used for processing the current tvb */
110+    guint length;
111+    guint version;
112+    guint32 channel, clkn_high, clk100ns;
113+    guint8 urssi_max, urssi_min, urssi_avg;
114+    gint8 rssi_max, rssi_min, rssi_avg;
115+    guint rssi_count;
116+
117+    proto_tree *ppi_btle_tree = NULL;
118+    proto_tree *pt, *present_tree = NULL;
119+
120+    proto_item *ti = NULL;
121+
122+    /* Clear out stuff in the info column */
123+    col_clear(pinfo->cinfo,COL_INFO);
124+
125+    /* Setup basic column info */
126+    if (check_col(pinfo->cinfo, COL_INFO))
127+        col_add_fstr(pinfo->cinfo, COL_INFO, "PPI_BTLE Capture");
128+
129+    /* Create the basic dissection tree*/
130+    if (tree)
131+        ti = proto_tree_add_protocol_format(tree, proto_ppi_btle, tvb, 0, length, "BTLE:");
132+
133+    /* Sanity check length of tag */
134+    length = tvb_length(tvb);
135+    if (length < PPI_BTLE_MINTAGLEN) {
136+        if (tree)
137+            proto_item_append_text(ti, "Invalid PPI-BTLE length  (got %d, %d min)", length, PPI_BTLE_MAXTAGLEN);
138+        return;
139+    }
140+
141+    if (tree) {
142+        channel = tvb_get_letohs(tvb, 1);
143+        clkn_high = tvb_get_guint8(tvb, 3);
144+        clk100ns = tvb_get_letohl(tvb, 4);
145+        urssi_max = tvb_get_guint8(tvb, 8);
146+        urssi_min = tvb_get_guint8(tvb, 9);
147+        urssi_avg = tvb_get_guint8(tvb, 10);
148+        rssi_count = tvb_get_guint8(tvb, 11);
149+
150+        rssi_max = *(gint8 *)&urssi_max;
151+        rssi_min = *(gint8 *)&urssi_min;
152+        rssi_avg = *(gint8 *)&urssi_avg;
153+
154+        ppi_btle_tree= proto_item_add_subtree(ti, ett_ppi_btle);
155+        proto_tree_add_uint(ppi_btle_tree, hf_ppi_btle_version, tvb, 0, 1, version);
156+        proto_tree_add_uint(ppi_btle_tree, hf_ppi_btle_channel, tvb, 1, 2, channel);
157+        proto_tree_add_uint(ppi_btle_tree, hf_ppi_btle_clkn_high, tvb, 3, 1, clkn_high);
158+        proto_tree_add_uint(ppi_btle_tree, hf_ppi_btle_clk100ns, tvb, 4, 4, clk100ns);
159+        proto_tree_add_int(ppi_btle_tree, hf_ppi_btle_rssi_max, tvb, 8, 1, rssi_max);
160+        proto_tree_add_int(ppi_btle_tree, hf_ppi_btle_rssi_min, tvb, 9, 1, rssi_min);
161+        proto_tree_add_int(ppi_btle_tree, hf_ppi_btle_rssi_avg, tvb, 10, 1, rssi_avg);
162+        proto_tree_add_uint(ppi_btle_tree, hf_ppi_btle_rssi_count, tvb, 11, 1, rssi_count);
163+    }
164+
165+    version = tvb_get_guint8(tvb, 0);
166+    if (version > 0) {
167+        if (tree)
168+            proto_item_append_text(ti, "Warning: New version of PPI-BTLE (length %d, I can only decode first %d bytes)", length, PPI_BTLE_MAXTAGLEN);
169+    }
170+
171+    /* perform tag-specific max length sanity checking */
172+    else if (length > PPI_BTLE_MAXTAGLEN ) {
173+        if (tree)
174+            proto_item_append_text(ti, "Invalid PPI-BTLE length  (got %d, %d max)", length, PPI_BTLE_MAXTAGLEN);
175+        return;
176+    }
177+
178+    return;
179+}
180+
181+void
182+proto_register_ppi_btle(void) {
183+    /* The following array initializes those header fields declared above to the values displayed */
184+    static hf_register_info hf[] = {
185+
186+        { &hf_ppi_btle_version,
187+          { "Version", "ppi_btle.version",
188+            FT_UINT8, BASE_DEC, NULL, 0x0,
189+            NULL, HFILL } },
190+
191+        { &hf_ppi_btle_channel,
192+          { "Channel", "ppi_btle.channel",
193+            FT_UINT16, BASE_DEC, NULL, 0x0,
194+            "MHz", HFILL } },
195+
196+        { &hf_ppi_btle_clkn_high,
197+          { "clkn_high", "ppi_btle.clkn_high",
198+            FT_UINT8, BASE_DEC, NULL, 0x0,
199+            "High bits of native clock", HFILL } },
200+
201+        { &hf_ppi_btle_clk100ns,
202+          { "clk100ns", "ppi_btle.clk100ns",
203+            FT_UINT32, BASE_DEC, NULL, 0x0,
204+            "100 ns clock", HFILL } },
205+
206+        // RSSI
207+        { &hf_ppi_btle_rssi_max,
208+          { "Max RSSI", "ppi_btle.rssi_max",
209+            FT_INT8, BASE_DEC, NULL, 0x0,
210+            NULL, HFILL } },
211+        { &hf_ppi_btle_rssi_min,
212+          { "Min RSSI", "ppi_btle.rssi_min",
213+            FT_INT8, BASE_DEC, NULL, 0x0,
214+            NULL, HFILL } },
215+        { &hf_ppi_btle_rssi_avg,
216+          { "Average RSSI", "ppi_btle.rssi_avg",
217+            FT_INT8, BASE_DEC, NULL, 0x0,
218+            NULL, HFILL } },
219+        { &hf_ppi_btle_rssi_count,
220+          { "RSSI Count", "ppi_btle.rssi_count",
221+            FT_UINT8, BASE_DEC, NULL, 0x0,
222+            NULL, HFILL } },
223+
224+    };
225+
226+    static gint *ett[] = {
227+        &ett_ppi_btle,
228+    };
229+
230+    proto_ppi_btle = proto_register_protocol("PPI Ubertooth BTLE tag decoder", "PPI BTLE Decoder", "ppi_btle");
231+    proto_register_field_array(proto_ppi_btle, hf, array_length(hf));
232+    proto_register_subtree_array(ett, array_length(ett));
233+    register_dissector("ppi_btle", dissect_ppi_btle, proto_ppi_btle);
234+}
235Index: wireshark-1.8.2/epan/dissectors/Makefile.common
236===================================================================
237--- wireshark-1.8.2.orig/epan/dissectors/Makefile.common	2013-01-29 11:46:35.429559060 -0800
238+++ wireshark-1.8.2/epan/dissectors/Makefile.common	2013-01-29 11:56:46.541536579 -0800
239@@ -881,6 +881,7 @@
240 	packet-ppi-gps.c	\
241 	packet-ppi-sensor.c	\
242 	packet-ppi-vector.c	\
243+	packet-ppi-btle.c	\
244 	packet-ppp.c		\
245 	packet-pppoe.c		\
246 	packet-pptp.c		\
247