GH-1186: Remove Packet::hdr_size and uses of it.

This change also removes Packet::IP(), since Packet now contains an ip_hdr member
that points at the IP header if it exists.

src/packet_analysis/protocol/ip/IP.cc

@@ -39,10 +39,7 @@ bool IPAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* packet)
 		return false;
 		}
 
-	// TODO: i feel like this could be generated as we move along the header hierarchy.
-	// TODO: the sessions code expects that the header size does not include the ip header. Should
-	// this change?
-	packet->hdr_size = static_cast<int32_t>(data - packet->data);
+	int32_t hdr_size = static_cast<int32_t>(data - packet->data);
 
 	// Cast the current data pointer to an IP header pointer so we can use it to get some
 	// data about the header.
@@ -82,10 +79,10 @@ bool IPAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* packet)
 		sessions->Weird("ip_hdr_len_zero", packet);
 
 		// Cope with the zero'd out ip_len field by using the caplen.
-		total_len = packet->cap_len - packet->hdr_size;
+		total_len = packet->cap_len - hdr_size;
 		}
 
-	if ( packet->len < total_len + packet->hdr_size )
+	if ( packet->len < total_len + hdr_size )
 		{
 		sessions->Weird("truncated_IPv6", packet);
 		return false;
@@ -158,7 +155,7 @@ bool IPAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* packet)
 		else
 			{
 			f = detail::fragment_mgr->NextFragment(run_state::processing_start_time, packet->ip_hdr,
-			                                       packet->data + packet->hdr_size);
+			                                       packet->data + hdr_size);
 			std::unique_ptr<IP_Hdr> ih = f->ReassembledPkt();
 
 			if ( ! ih )
@@ -173,7 +170,7 @@ bool IPAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* packet)
 
 			len = total_len = packet->ip_hdr->TotalLen();
 			ip_hdr_len = packet->ip_hdr->HdrLen();
-			packet->cap_len = total_len + packet->hdr_size;
+			packet->cap_len = total_len + hdr_size;
 
 			if ( ip_hdr_len > total_len )
 				{
@@ -243,7 +240,7 @@ bool IPAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* packet)
 	case IPPROTO_ICMPV6:
 		DBG_LOG(DBG_PACKET_ANALYSIS, "Analysis in %s succeeded, next layer identifier is %#x.",
 		        GetAnalyzerName(), proto);
-		sessions->DoNextPacket(run_state::processing_start_time, packet);
+		sessions->ProcessTransportLayer(run_state::processing_start_time, packet, len);
 		break;
 	case IPPROTO_NONE:
 		// If the packet is encapsulated in Teredo, then it was a bubble and

src/packet_analysis/protocol/iptunnel/IPTunnel.cc

@@ -128,7 +128,8 @@ bool IPTunnelAnalyzer::ProcessEncapsulatedPacket(double t, const Packet* pkt,
 	auto outer = prev ? prev : std::make_shared<EncapsulationStack>();
 	outer->Add(ec);
 
-	// Construct fake packet for DoNextPacket
+	// Construct fake packet containing the inner packet so it can be processed
+	// like a normal one.
 	Packet p;
 	p.Init(DLT_RAW, &ts, caplen, len, data, false, "");
 	p.encap = outer;
@@ -164,7 +165,8 @@ bool IPTunnelAnalyzer::ProcessEncapsulatedPacket(double t, const Packet* pkt,
 	auto outer = prev ? prev : std::make_shared<EncapsulationStack>();
 	outer->Add(ec);
 
-	// Construct fake packet for DoNextPacket
+	// Construct fake packet containing the inner packet so it can be processed
+	// like a normal one.
 	Packet p;
 	p.Init(link_type, &ts, caplen, len, data, false, "");
 	p.encap = outer;

src/packet_analysis/protocol/iptunnel/IPTunnel.h

@@ -30,9 +30,9 @@ public:
 	 *
 	 * @param t Network time.
 	 * @param pkt If the outer pcap header is available, this pointer can be set
-	 *        so that the fake pcap header passed to DoNextPacket will use
-	 *        the same timeval.  The caplen and len fields of the fake pcap
-	 *        header are always set to the TotalLength() of \a inner.
+	 *        so the fake pcap header passed to the next analyzer will use the
+	 *        same timeval. The caplen and len fields of the fake pcap header
+	 *        are always set to the TotalLength() of \a inner.
 	 * @param inner Pointer to IP header wrapper of the inner packet, ownership
 	 *        of the pointer's memory is assumed by this function.
 	 * @param prev Any previous encapsulation stack of the caller, not including
@@ -48,15 +48,15 @@ public:
 	 * Wrapper that handles encapsulated Ethernet/IP packets and passes them back into
 	 * packet analysis.
 	 *
-	 * @param t  Network time.
-	 * @param pkt  If the outer pcap header is available, this pointer can be
-	 *        set so that the fake pcap header passed to DoNextPacket will use
-	 *        the same timeval.
-	 * @param caplen  number of captured bytes remaining
-	 * @param len  number of bytes remaining as claimed by outer framing
-	 * @param data  the remaining packet data
-	 * @param link_type  layer 2 link type used for initializing inner packet
-	 * @param prev  Any previous encapsulation stack of the caller, not
+	 * @param t Network time.
+	 * @param pkt If the outer pcap header is available, this pointer can be set
+	 *        so the fake pcap header passed to the next analyzer will use the
+	 *        same timeval.
+	 * @param caplen Number of captured bytes remaining
+	 * @param len Number of bytes remaining as claimed by outer framing
+	 * @param data The remaining packet data
+	 * @param link_type Layer 2 link type used for initializing inner packet
+	 * @param prev Any previous encapsulation stack of the caller, not
 	 *        including the most-recently found depth of encapsulation.
 	 * @param ec The most-recently found depth of encapsulation.
 	 */

src/packet_analysis/protocol/wrapper/Wrapper.cc

@@ -155,8 +155,5 @@ bool WrapperAnalyzer::Analyze(Packet* packet, const uint8_t*& data)
 			}
 		}
 
-	// Calculate how much header we've used up.
-	packet->hdr_size = (data - packet->data);
-
 	return AnalyzeInnerPacket(packet, data, protocol);
 	}