* By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ * SPDX-License-Identifier: GPL-2.0-or-later
*/
/*
#include <wiretap/wtap.h>
+#include <wsutil/cmdarg_err.h>
#include <wsutil/crash_info.h>
#include <wsutil/filesystem.h>
#include <wsutil/privileges.h>
-#include <ws_version_info.h>
+#include <version_info.h>
#include <wiretap/wtap_opttypes.h>
#ifdef HAVE_PLUGINS
#include <wsutil/plugins.h>
#endif
-#include <wsutil/report_err.h>
+#include <wsutil/report_message.h>
#include <wsutil/str_util.h>
#include <wsutil/file_util.h>
#include <wsutil/unicode-utils.h>
#endif /* _WIN32 */
+#include "ui/failure_message.h"
+
+#define INVALID_OPTION 1
+#define BAD_FLAG 1
+
/*
* By default capinfos now continues processing
* the next filename if and when wiretap detects
static gboolean cap_file_hashes = TRUE; /* Calculate file hashes */
-#define HASH_SIZE_SHA1 20
+// Strongest to weakest
+#define HASH_SIZE_SHA256 32
#define HASH_SIZE_RMD160 20
-#define HASH_SIZE_MD5 16
+#define HASH_SIZE_SHA1 20
-#define HASH_STR_SIZE (41) /* Max hash size * 2 + '\0' */
+#define HASH_STR_SIZE (65) /* Max hash size * 2 + '\0' */
#define HASH_BUF_SIZE (1024 * 1024)
-static gchar file_sha1[HASH_STR_SIZE];
+static gchar file_sha256[HASH_STR_SIZE];
static gchar file_rmd160[HASH_STR_SIZE];
-static gchar file_md5[HASH_STR_SIZE];
+static gchar file_sha1[HASH_STR_SIZE];
/*
* If we have at least two packets with time stamps, and they're not in
}
}
if (cap_file_hashes) {
- printf ("SHA1: %s\n", file_sha1);
+ printf ("SHA256: %s\n", file_sha256);
printf ("RIPEMD160: %s\n", file_rmd160);
- printf ("MD5: %s\n", file_md5);
+ printf ("SHA1: %s\n", file_sha1);
}
if (cap_order) printf ("Strict time order: %s\n", order_string(cf_info->order));
if (cf_info->shb != NULL) {
- if (cap_comment) {
- unsigned int i;
- char *str;
-
- for (i = 0; wtap_block_get_nth_string_option_value(cf_info->shb, OPT_COMMENT, i, &str) == WTAP_OPTTYPE_SUCCESS; i++) {
- show_option_string("Capture comment: ", str);
- }
- }
if (cap_file_more_info) {
char *str;
if (wtap_block_get_string_option_value(cf_info->shb, OPT_SHB_USERAPPL, &str) == WTAP_OPTTYPE_SUCCESS)
show_option_string("Capture application: ", str);
}
+ if (cap_comment) {
+ unsigned int i;
+ char *str;
+
+ for (i = 0; wtap_block_get_nth_string_option_value(cf_info->shb, OPT_COMMENT, i, &str) == WTAP_OPTTYPE_SUCCESS; i++) {
+ show_option_string("Capture comment: ", str);
+ }
+ }
if (cap_file_idb && cf_info->num_interfaces != 0) {
guint i;
if (cap_packet_size) print_stats_table_header_label("Average packet size (bytes)");
if (cap_packet_rate) print_stats_table_header_label("Average packet rate (packets/sec)");
if (cap_file_hashes) {
- print_stats_table_header_label("SHA1");
+ print_stats_table_header_label("SHA256");
print_stats_table_header_label("RIPEMD160");
- print_stats_table_header_label("MD5");
+ print_stats_table_header_label("SHA1");
}
if (cap_order) print_stats_table_header_label("Strict time order");
- if (cap_comment) print_stats_table_header_label("Capture comment");
if (cap_file_more_info) {
print_stats_table_header_label("Capture hardware");
print_stats_table_header_label("Capture oper-sys");
print_stats_table_header_label("Capture application");
}
+ if (cap_comment) print_stats_table_header_label("Capture comment");
printf("\n");
}
if (cap_file_hashes) {
putsep();
putquote();
- printf("%s", file_sha1);
+ printf("%s", file_sha256);
putquote();
putsep();
putsep();
putquote();
- printf("%s", file_md5);
+ printf("%s", file_sha1);
putquote();
}
}
if (cf_info->shb != NULL) {
+ if (cap_file_more_info) {
+ char *str;
+
+ putsep();
+ putquote();
+ if (wtap_block_get_string_option_value(cf_info->shb, OPT_SHB_HARDWARE, &str) == WTAP_OPTTYPE_SUCCESS) {
+ printf("%s", str);
+ }
+ putquote();
+
+ putsep();
+ putquote();
+ if (wtap_block_get_string_option_value(cf_info->shb, OPT_SHB_OS, &str) == WTAP_OPTTYPE_SUCCESS) {
+ printf("%s", str);
+ }
+ putquote();
+
+ putsep();
+ putquote();
+ if (wtap_block_get_string_option_value(cf_info->shb, OPT_SHB_USERAPPL, &str) == WTAP_OPTTYPE_SUCCESS) {
+ printf("%s", str);
+ }
+ putquote();
+ }
+
/*
- * this is silly to put into a table format, but oh well
- * note that there may be *more than one* of each of these types
- * of options
+ * One might argue that the following is silly to put into a table format,
+ * but oh well note that there may be *more than one* of each of these types
+ * of options. To mitigate some of the potential silliness the if(cap_comment)
+ * block is moved AFTER the if(cap_file_more_info) block. This will make any
+ * comments the last item(s) in each row. We now have a new -K option to
+ * disable cap_comment to more easily manage the potential silliness.
+ * Potential silliness includes multiple comments (therefore resulting in
+ * more than one additional column and/or comments with embeded newlines
+ * and/or possible delimiters).
*/
if (cap_comment) {
unsigned int i;
char *opt_comment;
+ gboolean have_cap = FALSE;
for (i = 0; wtap_block_get_nth_string_option_value(cf_info->shb, OPT_COMMENT, i, &opt_comment) == WTAP_OPTTYPE_SUCCESS; i++) {
+ have_cap = TRUE;
putsep();
putquote();
printf("%s", opt_comment);
putquote();
}
- }
-
- if (cap_file_more_info) {
- char *str;
-
- if (wtap_block_get_string_option_value(cf_info->shb, OPT_SHB_HARDWARE, &str) == WTAP_OPTTYPE_SUCCESS) {
- putsep();
- putquote();
- printf("%s", str);
- putquote();
- }
- if (wtap_block_get_string_option_value(cf_info->shb, OPT_SHB_OS, &str) == WTAP_OPTTYPE_SUCCESS) {
- putsep();
- putquote();
- printf("%s", str);
- putquote();
- }
- if (wtap_block_get_string_option_value(cf_info->shb, OPT_SHB_USERAPPL, &str) == WTAP_OPTTYPE_SUCCESS) {
+ if(!have_cap) {
+ /* Maintain column alignment when we have no OPT_COMMENT */
putsep();
putquote();
- printf("%s", str);
putquote();
}
}
+
}
printf("\n");
gint64 bytes = 0;
guint32 snaplen_min_inferred = 0xffffffff;
guint32 snaplen_max_inferred = 0;
- const struct wtap_pkthdr *phdr;
+ wtap_rec *rec;
capture_info cf_info;
gboolean have_times = TRUE;
nstime_t start_time;
/* Tally up data that we need to parse through the file to find */
while (wtap_read(wth, &err, &err_info, &data_offset)) {
- phdr = wtap_phdr(wth);
- if (phdr->presence_flags & WTAP_HAS_TS) {
+ rec = wtap_get_rec(wth);
+ if (rec->presence_flags & WTAP_HAS_TS) {
prev_time = cur_time;
- cur_time = phdr->ts;
+ cur_time = rec->ts;
if (packet == 0) {
- start_time = phdr->ts;
- start_time_tsprec = phdr->pkt_tsprec;
- stop_time = phdr->ts;
- stop_time_tsprec = phdr->pkt_tsprec;
- prev_time = phdr->ts;
+ start_time = rec->ts;
+ start_time_tsprec = rec->tsprec;
+ stop_time = rec->ts;
+ stop_time_tsprec = rec->tsprec;
+ prev_time = rec->ts;
}
if (nstime_cmp(&cur_time, &prev_time) < 0) {
order = NOT_IN_ORDER;
}
if (nstime_cmp(&cur_time, &start_time) < 0) {
start_time = cur_time;
- start_time_tsprec = phdr->pkt_tsprec;
+ start_time_tsprec = rec->tsprec;
}
if (nstime_cmp(&cur_time, &stop_time) > 0) {
stop_time = cur_time;
- stop_time_tsprec = phdr->pkt_tsprec;
+ stop_time_tsprec = rec->tsprec;
}
} else {
have_times = FALSE; /* at least one packet has no time stamp */
order = ORDER_UNKNOWN;
}
- if (phdr->rec_type == REC_TYPE_PACKET) {
- bytes+=phdr->len;
+ if (rec->rec_type == REC_TYPE_PACKET) {
+ bytes += rec->rec_header.packet_header.len;
packet++;
/* If caplen < len for a rcd, then presumably */
/* 'Limit packet capture length' was done for this rcd. */
/* Keep track as to the min/max actual snapshot lengths */
/* seen for this file. */
- if (phdr->caplen < phdr->len) {
- if (phdr->caplen < snaplen_min_inferred)
- snaplen_min_inferred = phdr->caplen;
- if (phdr->caplen > snaplen_max_inferred)
- snaplen_max_inferred = phdr->caplen;
+ if (rec->rec_header.packet_header.caplen < rec->rec_header.packet_header.len) {
+ if (rec->rec_header.packet_header.caplen < snaplen_min_inferred)
+ snaplen_min_inferred = rec->rec_header.packet_header.caplen;
+ if (rec->rec_header.packet_header.caplen > snaplen_max_inferred)
+ snaplen_max_inferred = rec->rec_header.packet_header.caplen;
}
- if ((phdr->pkt_encap > 0) && (phdr->pkt_encap < WTAP_NUM_ENCAP_TYPES)) {
- cf_info.encap_counts[phdr->pkt_encap] += 1;
+ if ((rec->rec_header.packet_header.pkt_encap > 0) &&
+ (rec->rec_header.packet_header.pkt_encap < WTAP_NUM_ENCAP_TYPES)) {
+ cf_info.encap_counts[rec->rec_header.packet_header.pkt_encap] += 1;
} else {
fprintf(stderr, "capinfos: Unknown packet encapsulation %d in frame %u of file \"%s\"\n",
- phdr->pkt_encap, packet, filename);
+ rec->rec_header.packet_header.pkt_encap, packet, filename);
}
/* Packet interface_id info */
- if (phdr->presence_flags & WTAP_HAS_INTERFACE_ID) {
+ if (rec->presence_flags & WTAP_HAS_INTERFACE_ID) {
/* cf_info.num_interfaces is size, not index, so it's one more than max index */
- if (phdr->interface_id >= cf_info.num_interfaces) {
+ if (rec->rec_header.packet_header.interface_id >= cf_info.num_interfaces) {
/*
* OK, re-fetch the number of interfaces, as there might have
* been an interface that was in the middle of packets, and
g_free(idb_info);
idb_info = NULL;
}
- if (phdr->interface_id < cf_info.num_interfaces) {
- g_array_index(cf_info.interface_packet_counts, guint32, phdr->interface_id) += 1;
+ if (rec->rec_header.packet_header.interface_id < cf_info.num_interfaces) {
+ g_array_index(cf_info.interface_packet_counts, guint32,
+ rec->rec_header.packet_header.interface_id) += 1;
}
else {
cf_info.pkt_interface_id_unknown += 1;
if (err != 0) {
fprintf(stderr,
- "capinfos: An error occurred after reading %u packets from \"%s\": %s.\n",
- packet, filename, wtap_strerror(err));
+ "capinfos: An error occurred after reading %u packets from \"%s\".\n",
+ packet, filename);
+ cfile_read_failure_message("capinfos", filename, err, err_info);
if (err == WTAP_ERR_SHORT_READ) {
/* Don't give up completely with this one. */
status = 1;
fprintf(stderr,
" (will continue anyway, checksums might be incorrect)\n");
} else {
- if (err_info != NULL) {
- fprintf(stderr, "(%s)\n", err_info);
- g_free(err_info);
- }
-
cleanup_capture_info(&cf_info);
return 1;
}
fprintf(output, " -E display the capture file encapsulation\n");
fprintf(output, " -I display the capture file interface information\n");
fprintf(output, " -F display additional capture file information\n");
- fprintf(output, " -H display the SHA1, RMD160, and MD5 hashes of the file\n");
+ fprintf(output, " -H display the SHA256, RMD160, and SHA1 hashes of the file\n");
fprintf(output, " -k display the capture comment\n");
fprintf(output, "\n");
fprintf(output, "Size infos:\n");
fprintf(output, " -h display this help and exit\n");
fprintf(output, " -C cancel processing if file open fails (default is to continue)\n");
fprintf(output, " -A generate all infos (default)\n");
+ fprintf(output, " -K disable displaying the capture comment\n");
fprintf(output, "\n");
fprintf(output, "Options are processed from left to right order with later options superceding\n");
fprintf(output, "or adding to earlier options.\n");
fprintf(output, "\n");
fprintf(output, "If no options are given the default is to display all infos in long report\n");
fprintf(output, "output format.\n");
- fprintf(output, "\nFile hashing support (-H) is not present.\n");
}
-#ifdef HAVE_PLUGINS
/*
- * General errors are reported with an console message in capinfos.
+ * General errors and warnings are reported with an console message
+ * in capinfos.
*/
static void
-failure_message(const char *msg_format, va_list ap)
+failure_warning_message(const char *msg_format, va_list ap)
{
fprintf(stderr, "capinfos: ");
vfprintf(stderr, msg_format, ap);
fprintf(stderr, "\n");
}
-#endif
+
+/*
+ * Report additional information for an error in command-line arguments.
+ */
+static void
+failure_message_cont(const char *msg_format, va_list ap)
+{
+ vfprintf(stderr, msg_format, ap);
+ fprintf(stderr, "\n");
+}
static void
hash_to_str(const unsigned char *hash, size_t length, char *str) {
}
}
-int
-main(int argc, char *argv[])
+static int
+real_main(int argc, char *argv[])
{
GString *comp_info_str;
GString *runtime_info_str;
int err;
gchar *err_info;
int opt;
- int overall_error_status;
+ int overall_error_status = EXIT_SUCCESS;
static const struct option long_options[] = {
{"help", no_argument, NULL, 'h'},
{"version", no_argument, NULL, 'v'},
/* Set the C-language locale to the native environment. */
setlocale(LC_ALL, "");
+ cmdarg_err_init(failure_warning_message, failure_message_cont);
+
/* Get the decimal point. */
decimal_point = g_strdup(localeconv()->decimal_point);
g_string_free(runtime_info_str, TRUE);
#ifdef _WIN32
- arg_list_utf_16to8(argc, argv);
create_app_running_mutex();
#endif /* _WIN32 */
* Attempt to get the pathname of the directory containing the
* executable file.
*/
- init_progfile_dir_error = init_progfile_dir(argv[0], main);
+ init_progfile_dir_error = init_progfile_dir(argv[0]);
if (init_progfile_dir_error != NULL) {
fprintf(stderr,
"capinfos: Can't get pathname of directory containing the capinfos program: %s.\n",
g_free(init_progfile_dir_error);
}
- wtap_init();
-
-#ifdef HAVE_PLUGINS
- init_report_err(failure_message, NULL, NULL, NULL);
-
- /* Scan for plugins. This does *not* call their registration routines;
- that's done later.
+ init_report_message(failure_warning_message, failure_warning_message,
+ NULL, NULL, NULL);
- Don't report failures to load plugins because most (non-wiretap)
- plugins *should* fail to load (because we're not linked against
- libwireshark and dissector plugins need libwireshark). */
- scan_plugins(DONT_REPORT_LOAD_FAILURE);
-
- /* Register all libwiretap plugin modules. */
- register_all_wiretap_modules();
-#endif
+ wtap_init(TRUE);
/* Process the options */
- while ((opt = getopt_long(argc, argv, "abcdehiklmoqrstuvxyzABCEFHILMNQRST", long_options, NULL)) !=-1) {
+ while ((opt = getopt_long(argc, argv, "abcdehiklmoqrstuvxyzABCEFHIKLMNQRST", long_options, NULL)) !=-1) {
switch (opt) {
cap_comment = TRUE;
break;
+ case 'K':
+ cap_comment = FALSE;
+ break;
+
case 'F':
if (report_all_infos) disable_all_infos();
cap_file_more_info = TRUE;
"See https://www.wireshark.org for more information.\n",
get_ws_vcs_version_info());
print_usage(stdout);
- exit(0);
+ goto exit;
break;
case 'v':
show_version("Capinfos (Wireshark)", comp_info_str, runtime_info_str);
g_string_free(comp_info_str, TRUE);
g_string_free(runtime_info_str, TRUE);
- exit(0);
+ goto exit;
break;
case '?': /* Bad flag - print usage message */
print_usage(stderr);
- exit(1);
+ overall_error_status = BAD_FLAG;
+ goto exit;
break;
}
}
if ((argc - optind) < 1) {
print_usage(stderr);
- exit(1);
+ overall_error_status = INVALID_OPTION;
+ goto exit;
}
if (!long_report && table_report_header) {
if (cap_file_hashes) {
gcry_check_version(NULL);
- gcry_md_open(&hd, GCRY_MD_SHA1, 0);
+ gcry_md_open(&hd, GCRY_MD_SHA256, 0);
if (hd) {
gcry_md_enable(hd, GCRY_MD_RMD160);
- gcry_md_enable(hd, GCRY_MD_MD5);
+ gcry_md_enable(hd, GCRY_MD_SHA1);
}
hash_buf = (char *)g_malloc(HASH_BUF_SIZE);
}
for (opt = optind; opt < argc; opt++) {
- g_strlcpy(file_sha1, "<unknown>", HASH_STR_SIZE);
+ g_strlcpy(file_sha256, "<unknown>", HASH_STR_SIZE);
g_strlcpy(file_rmd160, "<unknown>", HASH_STR_SIZE);
- g_strlcpy(file_md5, "<unknown>", HASH_STR_SIZE);
+ g_strlcpy(file_sha1, "<unknown>", HASH_STR_SIZE);
if (cap_file_hashes) {
fh = ws_fopen(argv[opt], "rb");
gcry_md_write(hd, hash_buf, hash_bytes);
}
gcry_md_final(hd);
- hash_to_str(gcry_md_read(hd, GCRY_MD_SHA1), HASH_SIZE_SHA1, file_sha1);
+ hash_to_str(gcry_md_read(hd, GCRY_MD_SHA256), HASH_SIZE_SHA256, file_sha256);
hash_to_str(gcry_md_read(hd, GCRY_MD_RMD160), HASH_SIZE_RMD160, file_rmd160);
- hash_to_str(gcry_md_read(hd, GCRY_MD_MD5), HASH_SIZE_MD5, file_md5);
+ hash_to_str(gcry_md_read(hd, GCRY_MD_SHA1), HASH_SIZE_SHA1, file_sha1);
}
if (fh) fclose(fh);
if (hd) gcry_md_reset(hd);
wth = wtap_open_offline(argv[opt], WTAP_TYPE_AUTO, &err, &err_info, FALSE);
if (!wth) {
- fprintf(stderr, "capinfos: Can't open %s: %s\n", argv[opt],
- wtap_strerror(err));
- if (err_info != NULL) {
- fprintf(stderr, "(%s)\n", err_info);
- g_free(err_info);
- }
+ cfile_open_failure_message("capinfos", argv[opt], err, err_info);
overall_error_status = 2; /* remember that an error has occurred */
if (!continue_after_wtap_open_offline_failure)
goto exit;
exit:
g_free(hash_buf);
+ gcry_md_close(hd);
wtap_cleanup();
+ free_progdirs();
return overall_error_status;
}
+#ifdef _WIN32
+int
+wmain(int argc, wchar_t *wc_argv[])
+{
+ char **argv;
+
+ argv = arg_list_utf_16to8(argc, wc_argv);
+ return real_main(argc, argv);
+}
+#else
+int
+main(int argc, char *argv[])
+{
+ return real_main(argc, argv);
+}
+#endif
+
/*
* Editor modelines - http://www.wireshark.org/tools/modelines.html
*