https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6645
--- Comment #9 from Guy Harris <guy@xxxxxxxxxxxx> 2012-09-24 22:18:00 PDT ---
On the general note of "why do some devices have the singularly useless name
"Microsoft"?", which is annoying me on general principles:
It looks as if WinPcap gets the list of adapters from
HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}
in the Registry. Looking under there on my Windows 7 virtual machine, I'm
seeing
0000: DriverDesc "WAN Miniport (SSTP)", ProviderName "Microsoft"
0001: DriverDesc "WAN Miniport (IKEv2)", ProviderName "Microsoft"
0003, 0004: more tunnely "WAN Miniport" things;
0005: DriverDesc "WAN Miniport (Network Monitor)", ProviderName "Microsoft"
0006: DriverDesc "WAN Miniport (IPv6)", ProviderName "Microsoft"
0007: DriverDesc "Intel(R) PRO/1000 MT Network Connection", ProviderName
"Microsoft"
0008: DriverDesc "WAN Miniport (IP)", ProviderName "Microsoft"
0009: DriverDesc "Microsoft ISATAP Adapter", ProviderName "Microsoft"
0010: DriverDesc "RAS Async Adapter", ProviderName "Microsoft"
0011: DriverDesc "Microsoft Teredo Tunneling Adapter", ProviderName
"Microsoft"
I guess the ProviderName is "who provides the *driver*", not "who provides the
*adapter*", although the adapter in question is implemented in a pile of code
in some file under /Applications/VMware Fusion.app, as well as the OS X BPF
code.
The OID OID_GEN_VENDOR_DESCRIPTION:
http://msdn.microsoft.com/en-us/library/windows/hardware/ff569649(v=vs.85).aspx
appears to be what WinPcap uses to get the description; it doesn't dig them
directly out of the Registry. Maybe it's somehow returning the ProviderName
rather than the DriverDesc for some adapters; this might be a driver botch.
If you can, could you fire up the Registry Editor and open up
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}?
Then, for each of the 4-digit numbers under that key:
open it up;
click on the "Linkage" item under it;
see whether the "Export" item in the right-hand pane contains
498AC5A6-38EE-46FE-9213-3C072CA0B447 (it might be
\Device\{498AC5A6-38EE-46FE-9213-3C072CA0B447}, for example);
if it does, click on the 4-digit number above "Linkage" and see whether the
right-hand pane has a DriverDesc item and/or a ProviderName item and indicate
what both of them are.
I wonder whether it has no DriverDesc - if not, perhaps NDIS supplies the
ProviderName as an attempt to "fake" a vendor description - or whether it has
one but it's something stupid like "Microsoft"?
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.