/* ringbuffer.c
* Routines for packet capture windows
*
- * $Id$
- *
- * Ethereal - Network traffic analyzer
- * By Gerald Combs <gerald@ethereal.com>
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ * SPDX-License-Identifier: GPL-2.0-or-later
*/
/*
* <laurent.deniel@free.fr>
*
* Almost completely rewritten in order to:
- *
+ *
* - be able to use a unlimited number of ringbuffer files
* - close the current file and open (truncating) the next file at switch
* - set the final file name once open (or reopen)
* - avoid the deletion of files that could not be truncated (can't arise now)
* and do not erase empty files
*
- * The idea behind that is to remove the limitation of the maximum # of
+ * The idea behind that is to remove the limitation of the maximum # of
* ringbuffer files being less than the maximum # of open fd per process
* and to be able to reduce the amount of virtual memory usage (having only
* one file open at most) or the amount of file system usage (by truncating
- * the files at switch and not the capture stop, and by closing them which
+ * the files at switch and not the capture stop, and by closing them which
* makes possible their move or deletion after a switch).
*
*/
-#ifdef HAVE_CONFIG_H
-#include "config.h"
-#endif
+#include <config.h>
#ifdef HAVE_LIBPCAP
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
#include <stdio.h>
#include <string.h>
#include <time.h>
#include <errno.h>
-#include <wiretap/wtap.h>
+#include <wsutil/wspcap.h>
+
+#include <glib.h>
+
#include "ringbuffer.h"
-#include "file_util.h"
+#include <wsutil/file_util.h>
/* Ringbuffer file structure */
typedef struct _rb_file {
- gchar *name;
+ gchar *name;
} rb_file;
/* Ringbuffer data structure */
gchar *fprefix; /* Filename prefix */
gchar *fsuffix; /* Filename suffix */
gboolean unlimited; /* TRUE if unlimited number of files */
- int filetype;
- int linktype;
- int snaplen;
- int fd; /* Current ringbuffer file descriptor */
- wtap_dumper *pdh;
+ int fd; /* Current ringbuffer file descriptor */
+ FILE *pdh;
+ gboolean group_read_access; /* TRUE if files need to be opened with group read access */
} ringbuf_data;
static ringbuf_data rb_data;
/*
- * create the next filename and open a new binary file with that name
+ * create the next filename and open a new binary file with that name
*/
static int ringbuf_open_file(rb_file *rfile, int *err)
{
char filenum[5+1];
char timestr[14+1];
time_t current_time;
+ struct tm *tm;
if (rfile->name != NULL) {
if (rb_data.unlimited == FALSE) {
/* remove old file (if any, so ignore error) */
- eth_unlink(rfile->name);
+ ws_unlink(rfile->name);
}
g_free(rfile->name);
}
#endif
current_time = time(NULL);
- g_snprintf(filenum, sizeof(filenum), "%05d", rb_data.curr_file_num + 1 /*.number*/);
- strftime(timestr, sizeof(timestr), "%Y%m%d%H%M%S", localtime(¤t_time));
+ g_snprintf(filenum, sizeof(filenum), "%05u", (rb_data.curr_file_num + 1) % RINGBUFFER_MAX_NUM_FILES);
+ tm = localtime(¤t_time);
+ if (tm != NULL)
+ strftime(timestr, sizeof(timestr), "%Y%m%d%H%M%S", tm);
+ else
+ g_strlcpy(timestr, "196912312359", sizeof(timestr)); /* second before the Epoch */
rfile->name = g_strconcat(rb_data.fprefix, "_", filenum, "_", timestr,
- rb_data.fsuffix, NULL);
+ rb_data.fsuffix, NULL);
if (rfile->name == NULL) {
- *err = ENOMEM;
+ if (err != NULL)
+ *err = ENOMEM;
return -1;
}
- rb_data.fd = eth_open(rfile->name, O_RDWR|O_BINARY|O_TRUNC|O_CREAT, 0600);
+ rb_data.fd = ws_open(rfile->name, O_RDWR|O_BINARY|O_TRUNC|O_CREAT,
+ rb_data.group_read_access ? 0640 : 0600);
if (rb_data.fd == -1 && err != NULL) {
*err = errno;
* Initialize the ringbuffer data structures
*/
int
-ringbuf_init(const char *capfile_name, guint num_files)
+ringbuf_init(const char *capfile_name, guint num_files, gboolean group_read_access)
{
unsigned int i;
char *pfx, *last_pathsep;
rb_data.unlimited = FALSE;
rb_data.fd = -1;
rb_data.pdh = NULL;
+ rb_data.group_read_access = group_read_access;
/* just to be sure ... */
if (num_files <= RINGBUFFER_MAX_NUM_FILES) {
rb_data.num_files = 1;
}
- rb_data.files = g_malloc(rb_data.num_files * sizeof(rb_file));
+ rb_data.files = (rb_file *)g_malloc(rb_data.num_files * sizeof(rb_file));
if (rb_data.files == NULL) {
return -1;
}
}
/*
- * Calls wtap_dump_fdopen() for the current ringbuffer file
+ * Calls ws_fdopen() for the current ringbuffer file
*/
-wtap_dumper*
-ringbuf_init_wtap_dump_fdopen(int filetype, int linktype, int snaplen, int *err)
+FILE *
+ringbuf_init_libpcap_fdopen(int *err)
{
-
- rb_data.filetype = filetype;
- rb_data.linktype = linktype;
- rb_data.snaplen = snaplen;
-
- rb_data.pdh = wtap_dump_fdopen(rb_data.fd, filetype, linktype, snaplen, FALSE /* compressed */, err);
-
+ rb_data.pdh = ws_fdopen(rb_data.fd, "wb");
+ if (rb_data.pdh == NULL) {
+ if (err != NULL) {
+ *err = errno;
+ }
+ }
return rb_data.pdh;
}
* Switches to the next ringbuffer file
*/
gboolean
-ringbuf_switch_file(wtap_dumper **pdh, gchar **save_file, int *save_file_fd, int *err)
+ringbuf_switch_file(FILE **pdh, gchar **save_file, int *save_file_fd, int *err)
{
- int next_file_num;
+ int next_file_index;
rb_file *next_rfile = NULL;
/* close current file */
- if (!wtap_dump_close(rb_data.pdh, err)) {
- eth_close(rb_data.fd); /* XXX - the above should have closed this already */
- rb_data.pdh = NULL; /* it's still closed, we just got an error while closing */
+ if (fclose(rb_data.pdh) == EOF) {
+ if (err != NULL) {
+ *err = errno;
+ }
+ ws_close(rb_data.fd); /* XXX - the above should have closed this already */
+ rb_data.pdh = NULL; /* it's still closed, we just got an error while closing */
rb_data.fd = -1;
return FALSE;
}
/* get the next file number and open it */
rb_data.curr_file_num++ /* = next_file_num*/;
- next_file_num = (rb_data.curr_file_num) % rb_data.num_files;
- next_rfile = &rb_data.files[next_file_num];
+ next_file_index = (rb_data.curr_file_num) % rb_data.num_files;
+ next_rfile = &rb_data.files[next_file_index];
if (ringbuf_open_file(next_rfile, err) == -1) {
return FALSE;
}
- if (ringbuf_init_wtap_dump_fdopen(rb_data.filetype, rb_data.linktype,
- rb_data.snaplen, err) == NULL) {
+ if (ringbuf_init_libpcap_fdopen(err) == NULL) {
return FALSE;
}
}
/*
- * Calls wtap_dump_close() for the current ringbuffer file
+ * Calls fclose() for the current ringbuffer file
*/
gboolean
-ringbuf_wtap_dump_close(gchar **save_file, int *err)
+ringbuf_libpcap_dump_close(gchar **save_file, int *err)
{
gboolean ret_val = TRUE;
/* close current file, if it's open */
if (rb_data.pdh != NULL) {
- if (!wtap_dump_close(rb_data.pdh, err)) {
- eth_close(rb_data.fd);
+ if (fclose(rb_data.pdh) == EOF) {
+ if (err != NULL) {
+ *err = errno;
+ }
+ ws_close(rb_data.fd);
ret_val = FALSE;
}
-
rb_data.pdh = NULL;
rb_data.fd = -1;
}
* Frees all memory allocated by the ringbuffer
*/
void
-ringbuf_free()
+ringbuf_free(void)
{
unsigned int i;
if (rb_data.files != NULL) {
for (i=0; i < rb_data.num_files; i++) {
if (rb_data.files[i].name != NULL) {
- g_free(rb_data.files[i].name);
- rb_data.files[i].name = NULL;
+ g_free(rb_data.files[i].name);
+ rb_data.files[i].name = NULL;
}
}
g_free(rb_data.files);
/* try to close via wtap */
if (rb_data.pdh != NULL) {
- if (wtap_dump_close(rb_data.pdh, NULL)) {
+ if (fclose(rb_data.pdh) == 0) {
rb_data.fd = -1;
}
rb_data.pdh = NULL;
}
/* close directly if still open */
- /* XXX - it shouldn't still be open; "wtap_dump_close()" should leave the
- file closed even if it fails */
if (rb_data.fd != -1) {
- eth_close(rb_data.fd);
+ ws_close(rb_data.fd);
rb_data.fd = -1;
}
if (rb_data.files != NULL) {
for (i=0; i < rb_data.num_files; i++) {
if (rb_data.files[i].name != NULL) {
- eth_unlink(rb_data.files[i].name);
+ ws_unlink(rb_data.files[i].name);
}
}
}
}
#endif /* HAVE_LIBPCAP */
+
+/*
+ * Editor modelines - http://www.wireshark.org/tools/modelines.html
+ *
+ * Local Variables:
+ * c-basic-offset: 2
+ * tab-width: 8
+ * indent-tabs-mode: nil
+ * End:
+ *
+ * ex: set shiftwidth=2 tabstop=8 expandtab:
+ * :indentSize=2:tabSize=8:noTabs=true:
+ */