Wireshark-dev: Re: [Wireshark-dev] Calling other dissectors and returning

From: Joerg Mayer <jmayer@xxxxxxxxx>
Date: Thu, 3 May 2007 16:40:00 +0200

On Thu, May 03, 2007 at 10:07:22AM -0400, Kevin A. Noll wrote:
> I am trying to finish writing additional decode details for the WLCCP
> dissector. In places, though, the WLCCP protocol carries other protocol data
> that I'd like to decode, but not re-write the code.

Nice. Can you send in what you already have?

> I know I can call other dissectors, but it's not apparent to me (an amateur)
> how or if they return to the original dissector, which is what I would need
> to do. For example, WLCCP can embed EAPOL messages as follows:
> 
> 
> 1. Generic WLCCP Headers
> 2. WLCCP Message-Type Specific Headers
> 2a. Embedded EAPOL
> 3. More WLCCP Message-Type Specific Data 4. Possibly some variable TLV
> information
> 
> 
> I need to be able to call the external EAPOL dissector and return to the
> WLCCP dissector to finish dissecting the WLCCP headers and TLVs.
> 
> I would be much obliged if someone could give me a pointer on how to do this
> and/or to a dissector that does something similar.

have a look at packet-radius.c and how eap support is handlered there.
In short:

proto_reg_handoff_radius(void)
	...
        eap_handle = find_dissector("eap");

And further up: 

	call_dissector(eap_handle, eap_tvb, pinfo, eap_tree);

Ciao
   Joerg
-- 
Joerg Mayer                                           <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.