Failing to get my tree to show

[Kaul <mykaul () gmail com>]

Hi,

I'm trying to write a new dissector, and failing miserably getting my tree
to show, because the tree I'm getting in my dissect_PROTONAME() is always
NULL, not sure why.
I'm dissecting over TCP, with (regretfully) my own desegmentation:
packets 1-3 are syn, syn-ack, ack.
packet 4 is a start of a PDU, which is not enough to dissect the PDU,
although I'm a getting its header. From the header, I'm taking the complete
PDU length and therefore setting pinfo->desegment_len to calculated PDU
length - length of what I got already ( with the offset = 0).
This looks nice and correct and indeed seems to be desegmented correctly,
BUT:
packet 4 has my COL_PROTOCOL set (why?, I didn't dissect it eventually)
packet 5 doesn't (correct, I've asked for more than it has - it just a TCP
segment)
packet 6 has my COL_PROTOCOL set (good) - but the packet isn't dissected
there, although now I have the complete data (and TCP desgmentation shows
the data is indeed taken from packets 4, 5 ,6 correctly.

This is part of my dissection:

...< get conversation data and state of the protocol>

col_set_str(pinfo->cinfo, COL_PROTOCOL, "Spice");

    col_clear(pinfo->cinfo, COL_INFO);

    if (tree) { /* WHY IS TREE ALWAYS NULL HERE?! */
        ti = proto_tree_add_item(tree, proto_spice, tvb, 0, -1, FALSE);
        spice_tree = proto_item_add_subtree(ti, ett_spice);
    }

    switch (spice_info->next_state) {
        case RED_STATE_LINK_CLIENT:
                len = tvb_reported_length(tvb);
                if (len < 16 && redc_desegment) { /* the header is at least
16 bytes long */
                    pinfo->desegment_offset = 0;
                    pinfo->desegment_len = 16 - len;
                    return len;
                }
                pdu_len = tvb_get_letohl(tvb, 12) + 16;
                if (len < pdu_len && redc_desegment) { /* Did not get all
the PDU - request the full length of the PDU */
                    pinfo->desegment_offset = 0;
                    pinfo->desegment_len = pdu_len - len;
                    return len;
                 }
                col_set_str(pinfo->cinfo, COL_INFO,
"RED_STATE_LINK_CLIENT");
                dissect_spice_link_client_pdu(tvb, pinfo, spice_tree,
spice_info);
                spice_info->next_state = RED_STATE_LINK_SERVER;
                break;
...


I must be missing something obvious here. I just fail to understand what it
is. I do know wireshark has two modes, one of which it goes over packets
without the tree set, but I don't get when and where.
I've looked at other dissectors and they seem to be doing identical/similar
dissection (wrongfully setting the protocol to their own even on segments,
btw?).
Thanks in advance,
Yaniv.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe