#include <locale.h>
#include <limits.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
#ifdef HAVE_GETOPT_H
#include <getopt.h>
#endif
#include <errno.h>
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#include <signal.h>
-
-#ifdef HAVE_SYS_STAT_H
-# include <sys/stat.h>
-#endif
-
-#ifndef HAVE_GETOPT
+#ifndef HAVE_GETOPT_LONG
#include "wsutil/wsgetopt.h"
#endif
#include <wsutil/cmdarg_err.h>
#include <wsutil/crash_info.h>
-#include <wsutil/privileges.h>
-#include <wsutil/file_util.h>
#include <wsutil/filesystem.h>
+#include <wsutil/file_util.h>
#include <wsutil/plugins.h>
+#include <wsutil/privileges.h>
#include <wsutil/report_err.h>
-#include <wsutil/copyright_info.h>
+#include <wsutil/ws_diag_control.h>
#include "globals.h"
#include <epan/packet.h>
#include "ui/capture_ui_utils.h"
#endif
#include "ui/util.h"
-#include "version_info.h"
#include "register.h"
#include "conditions.h"
#include "capture_stop_conditions.h"
#endif /* HAVE_LIBPCAP */
#include "log.h"
-#ifdef _WIN32
-#include <wsutil/unicode-utils.h>
-#endif /* _WIN32 */
-
#if 0
/*
* This is the template for the decode as option; it is shared between the
fprintf(output, " packet encapsulation or protocol\n");
fprintf(output, " -F <field> field to display\n");
fprintf(output, " -n disable all name resolution (def: all enabled)\n");
- fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mntC\"\n");
+ fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtCd\"\n");
fprintf(output, " -p use the system's packet header format\n");
fprintf(output, " (which may have 64-bit timestamps)\n");
fprintf(output, " -R <read filter> packet filter in Wireshark display filter syntax\n");
if (err != ERROR_PIPE_BUSY) {
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_IGNORE_INSERTS,
NULL, err, 0, (LPTSTR) &err_str, 0, NULL);
- fprintf(stderr, "rawshark: \"%s\" could not be opened: %s (error %d)\n",
+ fprintf(stderr, "rawshark: \"%s\" could not be opened: %s (error %lu)\n",
pipe_name, utf_16to8(err_str), err);
LocalFree(err_str);
return -1;
err = GetLastError();
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_IGNORE_INSERTS,
NULL, err, 0, (LPTSTR) &err_str, 0, NULL);
- fprintf(stderr, "rawshark: \"%s\" could not be waited for: %s (error %d)\n",
+ fprintf(stderr, "rawshark: \"%s\" could not be waited for: %s (error %lu)\n",
pipe_name, utf_16to8(err_str), err);
LocalFree(err_str);
return -1;
}
}
- rfd = _open_osfhandle((long) hPipe, _O_RDONLY);
+ rfd = _open_osfhandle((intptr_t) hPipe, _O_RDONLY);
if (rfd == -1) {
fprintf(stderr, "rawshark: \"%s\" could not be opened: %s\n",
pipe_name, g_strerror(errno));
return FALSE;
}
-static void
-show_version(GString *comp_info_str, GString *runtime_info_str)
-{
- printf("Rawshark (Wireshark) %s\n"
- "\n"
- "%s"
- "\n"
- "%s"
- "\n"
- "%s",
- get_ws_vcs_version_info(), get_copyright_info(), comp_info_str->str,
- runtime_info_str->str);
-}
-
int
main(int argc, char *argv[])
{
guint fc;
gboolean skip_pcap_header = FALSE;
static const struct option long_options[] = {
- {(char *)"help", no_argument, NULL, 'h'},
- {(char *)"version", no_argument, NULL, 'v'},
+ {"help", no_argument, NULL, 'h'},
+ {"version", no_argument, NULL, 'v'},
{0, 0, 0, 0 }
};
static const char optstring[] = OPTSTRING_INIT;
+ /* Set the C-language locale to the native environment. */
+ setlocale(LC_ALL, "");
+
cmdarg_err_init(rawshark_cmdarg_err, rawshark_cmdarg_err_cont);
- /* Assemble the compile-time version information string */
- comp_info_str = g_string_new("Compiled ");
- get_compiled_version_info(comp_info_str, NULL, epan_get_compiled_version_info);
+ /* Get the compile-time version information string */
+ comp_info_str = get_compiled_version_info(NULL, epan_get_compiled_version_info);
- /* Assemble the run-time version information string */
- runtime_info_str = g_string_new("Running ");
- get_runtime_version_info(runtime_info_str, NULL);
+ /* Get the run-time version information string */
+ runtime_info_str = get_runtime_version_info(NULL);
/* Add it to the information to be reported on a crash. */
ws_add_crash_info("Rawshark (Wireshark) %s\n"
init_progfile_dir_error);
}
- /*
- * Get credential information for later use.
- */
- init_process_policies();
-
/* nothing more than the standard GLib handler, but without a warning */
log_flags =
G_LOG_LEVEL_WARNING |
"-G" flag, as the "-G" flag dumps information registered by the
dissectors, and we must do it before we read the preferences, in
case any dissectors register preferences. */
- epan_init(register_all_protocols, register_all_protocol_handoffs, NULL, NULL);
-
- /* Set the C-language locale to the native environment. */
- setlocale(LC_ALL, "");
+ if (!epan_init(register_all_protocols, register_all_protocol_handoffs,
+ NULL, NULL))
+ return 2;
prefs_p = read_prefs(&gpf_open_errno, &gpf_read_errno, &gpf_path,
&pf_open_errno, &pf_read_errno, &pf_path);
/* Read the disabled protocols file. */
read_disabled_protos_list(&gdp_path, &gdp_open_errno, &gdp_read_errno,
&dp_path, &dp_open_errno, &dp_read_errno);
+ read_disabled_heur_dissector_list(&gdp_path, &gdp_open_errno, &gdp_read_errno,
+ &dp_path, &dp_open_errno, &dp_read_errno);
if (gdp_path != NULL) {
if (gdp_open_errno != 0) {
cmdarg_err("Could not open global disabled protocols file\n\"%s\": %s.",
case 'h': /* Print help and exit */
printf("Rawshark (Wireshark) %s\n"
"Dump and analyze network traffic.\n"
- "See http://www.wireshark.org for more information.\n",
+ "See https://www.wireshark.org for more information.\n",
get_ws_vcs_version_info());
print_usage(stdout);
exit(0);
line_buffered = TRUE;
break;
case 'n': /* No name resolution */
- gbl_resolv_flags.mac_name = FALSE;
- gbl_resolv_flags.network_name = FALSE;
- gbl_resolv_flags.transport_name = FALSE;
- gbl_resolv_flags.concurrent_dns = FALSE;
+ disable_name_resolution();
break;
case 'N': /* Select what types of addresses/port #s to resolve */
badopt = string_to_name_resolve(optarg, &gbl_resolv_flags);
if (badopt != '\0') {
- cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'm', 'n', and 't'",
+ cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'C', 'd', m', 'n', 'N', and 't'",
badopt);
exit(1);
}
break;
case 'v': /* Show version and exit */
{
- show_version(comp_info_str, runtime_info_str);
+ show_version("Rawshark (Wireshark)", comp_info_str, runtime_info_str);
g_string_free(comp_info_str, TRUE);
g_string_free(runtime_info_str, TRUE);
exit(0);
/* disabled protocols as per configuration file */
if (gdp_path == NULL && dp_path == NULL) {
set_disabled_protos_list();
+ set_disabled_heur_dissector_list();
}
/* Build the column format array */
if (n_rfilters != 0) {
for (i = 0; i < n_rfilters; i++) {
- if (!dfilter_compile(rfilters[i], &rfcodes[n_rfcodes])) {
- cmdarg_err("%s", dfilter_error_msg);
+ gchar *err_msg;
+
+ if (!dfilter_compile(rfilters[i], &rfcodes[n_rfcodes], &err_msg)) {
+ cmdarg_err("%s", err_msg);
+ g_free(err_msg);
epan_free(cfile.epan);
epan_cleanup();
exit(2);
size_t bytes_left = sizeof(struct pcap_hdr) + sizeof(guint32);
gchar buf[sizeof(struct pcap_hdr) + sizeof(guint32)];
while (bytes_left != 0) {
- ssize_t bytes = read(fd, buf, (int)bytes_left);
+ ssize_t bytes = ws_read(fd, buf, (int)bytes_left);
if (bytes <= 0) {
cmdarg_err("Not enough bytes for pcap header.");
exit(2);
/* Copied from capture_loop.c */
while (bytes_needed > 0) {
- bytes_read = read(fd, ptr, (int)bytes_needed);
+ bytes_read = ws_read(fd, ptr, (int)bytes_needed);
if (bytes_read == 0) {
*err = 0;
*err_info = NULL;
ptr = pd;
while (bytes_needed > 0) {
- bytes_read = read(fd, ptr, (int)bytes_needed);
+ bytes_read = ws_read(fd, ptr, (int)bytes_needed);
if (bytes_read == 0) {
*err = WTAP_ERR_SHORT_READ;
*err_info = NULL;
case WTAP_ERR_UNSUPPORTED:
cmdarg_err("The file \"%s\" contains record data that Rawshark doesn't support.\n(%s)",
- cf->filename, err_info);
- g_free(err_info);
- break;
-
- case WTAP_ERR_UNSUPPORTED_ENCAP:
- cmdarg_err("The file \"%s\" has a packet with a network type that Rawshark doesn't support.\n(%s)",
- cf->filename, err_info);
+ cf->filename,
+ err_info != NULL ? err_info : "no information supplied");
g_free(err_info);
break;
case WTAP_ERR_BAD_FILE:
cmdarg_err("The file \"%s\" appears to be damaged or corrupt.\n(%s)",
- cf->filename, err_info);
+ cf->filename,
+ err_info != NULL ? err_info : "no information supplied");
g_free(err_info);
break;
case WTAP_ERR_DECOMPRESS:
cmdarg_err("The compressed file \"%s\" appears to be damaged or corrupt.\n(%s)",
- cf->filename, err_info);
+ cf->filename,
+ err_info != NULL ? err_info : "no information supplied");
g_free(err_info);
break;
* this field has an associated value,
* e.g: ip.hdr_len
*/
- fs_len = fvalue_string_repr_len(&finfo->value, FTREPR_DFILTER);
+ fs_len = fvalue_string_repr_len(&finfo->value, FTREPR_DFILTER, finfo->hfinfo->display);
while (fs_buf_len < fs_len) {
fs_buf_len *= 2;
fs_buf = (char *)g_realloc(fs_buf, fs_buf_len + 1);
fs_ptr = fs_buf;
}
fvalue_to_string_repr(&finfo->value,
- FTREPR_DFILTER,
+ FTREPR_DFILTER, finfo->hfinfo->display,
fs_buf);
/* String types are quoted. Remove them. */
g_string_append(label_s, val_to_str_const(svalue, cVALS(hfinfo->strings), "Unknown"));
}
break;
+ case FT_INT40: /* XXX: Shouldn't these be as smart as FT_INT{8,16,24,32}? */
+ case FT_INT48:
+ case FT_INT56:
case FT_INT64:
DISSECTOR_ASSERT(!hfinfo->bitmask);
- svalue64 = (gint64)fvalue_get_integer64(&finfo->value);
+ svalue64 = (gint64)fvalue_get_sinteger64(&finfo->value);
if (hfinfo->display & BASE_VAL64_STRING) {
g_string_append(label_s, val64_to_str_const(svalue64, (const val64_string *)(hfinfo->strings), "Unknown"));
}
case FT_UINT16:
case FT_UINT24:
case FT_UINT32:
+ DISSECTOR_ASSERT(!hfinfo->bitmask);
uvalue = fvalue_get_uinteger(&finfo->value);
if (!hfinfo->bitmask && hfinfo->display & BASE_RANGE_STRING) {
g_string_append(label_s, rval_to_str_const(uvalue, RVALS(hfinfo->strings), "Unknown"));
g_string_append(label_s, val_to_str_const(uvalue, cVALS(hfinfo->strings), "Unknown"));
}
break;
+ case FT_UINT40: /* XXX: Shouldn't these be as smart as FT_INT{8,16,24,32}? */
+ case FT_UINT48:
+ case FT_UINT56:
case FT_UINT64:
DISSECTOR_ASSERT(!hfinfo->bitmask);
- uvalue64 = fvalue_get_integer64(&finfo->value);
+ uvalue64 = fvalue_get_uinteger64(&finfo->value);
if (hfinfo->display & BASE_VAL64_STRING) {
g_string_append(label_s, val64_to_str_const(uvalue64, (const val64_string *)(hfinfo->strings), "Unknown"));
}
}
}
}
- printf(" %u=\"%s\"", cmd_line_index, label_s->str);
+ printf(" %d=\"%s\"", cmd_line_index, label_s->str);
return TRUE;
}
if(finfo->value.ftype->val_to_string_repr)
{
- printf(" %u=\"%s\"", cmd_line_index, fs_ptr);
+ printf(" %d=\"%s\"", cmd_line_index, fs_ptr);
return TRUE;
}
* e.g. http
* We return n.a.
*/
- printf(" %u=\"n.a.\"", cmd_line_index);
+ printf(" %d=\"n.a.\"", cmd_line_index);
return TRUE;
}
switch (hfi->type) {
case FT_ABSOLUTE_TIME:
- printf("%u %s %s - ",
+ printf("%d %s %s - ",
g_cmd_line_index,
ftenum_to_string(hfi),
absolute_time_display_e_to_string((absolute_time_display_e)hfi->display));
break;
default:
- printf("%u %s %s - ",
+ printf("%d %s %s - ",
g_cmd_line_index,
ftenum_to_string(hfi),
field_display_e_to_string((field_display_e)hfi->display));