* By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
- * SPDX-License-Identifier: GPL-2.0+
+ * SPDX-License-Identifier: GPL-2.0-or-later
*/
#include <config.h>
#include <glib.h>
#include <epan/exceptions.h>
-#include <epan/epan-int.h>
#include <epan/epan.h>
#include <wsutil/clopts_common.h>
#include "ui/filter_files.h"
#include "ui/tap_export_pdu.h"
#include "ui/failure_message.h"
-#include "epan/register.h"
#include <epan/epan_dissect.h>
#include <epan/tap.h>
+#include <epan/uat-int.h>
#include <codecs/codecs.h>
/*
* Attempt to get the pathname of the executable file.
*/
- init_progfile_dir_error = init_progfile_dir(argv[0], main);
+ init_progfile_dir_error = init_progfile_dir(argv[0]);
if (init_progfile_dir_error != NULL) {
fprintf(stderr, "sharkd: Can't get pathname of sharkd program: %s.\n",
init_progfile_dir_error);
timestamp_set_precision(TS_PREC_AUTO);
timestamp_set_seconds_type(TS_SECONDS_DEFAULT);
- wtap_init();
-
-#ifdef HAVE_PLUGINS
- /* Register all the plugin types we have. */
- epan_register_plugin_types(); /* Types known to libwireshark */
-
- /* Scan for plugins. This does *not* call their registration routines;
- that's done later. */
- scan_plugins(REPORT_LOAD_FAILURE);
-
- /* Register all libwiretap plugin modules. */
- register_all_wiretap_modules();
-#endif
-
- register_all_codecs();
+ wtap_init(TRUE);
/* Register all dissectors; we must do this before checking for the
"-G" flag, as the "-G" flag dumps information registered by the
dissectors, and we must do it before we read the preferences, in
case any dissectors register preferences. */
- if (!epan_init(register_all_protocols, register_all_protocol_handoffs, NULL,
- NULL)) {
+ if (!epan_init(NULL, NULL, TRUE)) {
ret = EPAN_INIT_FAIL;
goto clean_exit;
}
+ codecs_init();
+
/* Load libwireshark settings from the current profile. */
prefs_p = epan_load_settings();
/* Build the column format array */
build_column_format_array(&cfile.cinfo, prefs_p->num_cols, TRUE);
+#ifdef HAVE_MAXMINDDB
+ /* mmdbresolve is started from mmdb_resolve_start(), which is called from epan_load_settings via: read_prefs -> (...) uat_load_all -> maxmind_db_post_update_cb.
+ * Need to stop it, otherwise all sharkd will have same mmdbresolve process, including pipe descriptors to read and write. */
+ uat_clear(uat_get_table_by_name("MaxMind Database Paths"));
+#endif
+
ret = sharkd_loop();
clean_exit:
col_cleanup(&cfile.cinfo);
free_filter_lists();
+ codecs_cleanup();
wtap_cleanup();
free_progdirs();
-#ifdef HAVE_PLUGINS
- plugins_cleanup();
-#endif
return ret;
}
static const nstime_t *
-sharkd_get_frame_ts(frame_set *fs, guint32 frame_num)
+sharkd_get_frame_ts(struct packet_provider_data *prov, guint32 frame_num)
{
- if (fs->ref && fs->ref->num == frame_num)
- return &fs->ref->abs_ts;
+ if (prov->ref && prov->ref->num == frame_num)
+ return &prov->ref->abs_ts;
- if (fs->prev_dis && fs->prev_dis->num == frame_num)
- return &fs->prev_dis->abs_ts;
+ if (prov->prev_dis && prov->prev_dis->num == frame_num)
+ return &prov->prev_dis->abs_ts;
- if (fs->prev_cap && fs->prev_cap->num == frame_num)
- return &fs->prev_cap->abs_ts;
+ if (prov->prev_cap && prov->prev_cap->num == frame_num)
+ return &prov->prev_cap->abs_ts;
- if (fs->frames) {
- frame_data *fd = frame_data_sequence_find(fs->frames, frame_num);
+ if (prov->frames) {
+ frame_data *fd = frame_data_sequence_find(prov->frames, frame_num);
return (fd) ? &fd->abs_ts : NULL;
}
static epan_t *
sharkd_epan_new(capture_file *cf)
{
- epan_t *epan = epan_new();
-
- epan->fs = &cf->frame_set_info;
- epan->get_frame_ts = sharkd_get_frame_ts;
- epan->get_interface_name = frame_set_get_interface_name;
- epan->get_interface_description = frame_set_get_interface_description;
- epan->get_user_comment = NULL;
-
- return epan;
+ static const struct packet_provider_funcs funcs = {
+ sharkd_get_frame_ts,
+ cap_file_provider_get_interface_name,
+ cap_file_provider_get_interface_description,
+ cap_file_provider_get_user_comment
+ };
+
+ return epan_new(&cf->provider, &funcs);
}
static gboolean
process_packet(capture_file *cf, epan_dissect_t *edt,
- gint64 offset, struct wtap_pkthdr *whdr,
- const guchar *pd)
+ gint64 offset, wtap_rec *rec, const guchar *pd)
{
frame_data fdlocal;
- guint32 framenum;
gboolean passed;
- /* The frame number of this packet is one more than the count of
- frames in this packet. */
- framenum = cf->count + 1;
-
/* If we're not running a display filter and we're not printing any
packet information, we don't need to do a dissection. This means
that all packets can be marked as 'passed'. */
passed = TRUE;
- frame_data_init(&fdlocal, framenum, whdr, offset, cum_bytes);
+ /* The frame number of this packet, if we add it to the set of frames,
+ would be one more than the count of frames in the file so far. */
+ frame_data_init(&fdlocal, cf->count + 1, rec, offset, cum_bytes);
/* If we're going to print packet information, or we're going to
run a read filter, or display filter, or we're going to process taps, set up to
prime_epan_dissect_with_postdissector_wanted_hfids(edt);
frame_data_set_before_dissect(&fdlocal, &cf->elapsed_time,
- &cf->frame_set_info.ref, cf->frame_set_info.prev_dis);
- if (cf->frame_set_info.ref == &fdlocal) {
+ &cf->provider.ref, cf->provider.prev_dis);
+ if (cf->provider.ref == &fdlocal) {
ref_frame = fdlocal;
- cf->frame_set_info.ref = &ref_frame;
+ cf->provider.ref = &ref_frame;
}
- epan_dissect_run(edt, cf->cd_t, whdr, frame_tvbuff_new(&fdlocal, pd), &fdlocal, NULL);
+ epan_dissect_run(edt, cf->cd_t, rec,
+ frame_tvbuff_new(&cf->provider, &fdlocal, pd),
+ &fdlocal, NULL);
/* Run the read filter if we have one. */
if (cf->rfcode)
if (passed) {
frame_data_set_after_dissect(&fdlocal, &cum_bytes);
- cf->frame_set_info.prev_cap = cf->frame_set_info.prev_dis = frame_data_sequence_add(cf->frame_set_info.frames, &fdlocal);
+ cf->provider.prev_cap = cf->provider.prev_dis = frame_data_sequence_add(cf->provider.frames, &fdlocal);
/* If we're not doing dissection then there won't be any dependent frames.
* More importantly, edt.pi.dependent_frames won't be initialized because
*/
if (edt && cf->dfcode) {
if (dfilter_apply_edt(cf->dfcode, edt)) {
- g_slist_foreach(edt->pi.dependent_frames, find_and_mark_frame_depended_upon, cf->frame_set_info.frames);
+ g_slist_foreach(edt->pi.dependent_frames, find_and_mark_frame_depended_upon, cf->provider.frames);
}
}
{
/* Allocate a frame_data_sequence for all the frames. */
- cf->frame_set_info.frames = new_frame_data_sequence();
+ cf->provider.frames = new_frame_data_sequence();
{
gboolean create_proto_tree;
edt = epan_dissect_new(cf->epan, create_proto_tree, FALSE);
}
- while (wtap_read(cf->frame_set_info.wth, &err, &err_info, &data_offset)) {
- if (process_packet(cf, edt, data_offset, wtap_phdr(cf->frame_set_info.wth),
- wtap_buf_ptr(cf->frame_set_info.wth))) {
+ while (wtap_read(cf->provider.wth, &err, &err_info, &data_offset)) {
+ if (process_packet(cf, edt, data_offset, wtap_get_rec(cf->provider.wth),
+ wtap_get_buf_ptr(cf->provider.wth))) {
/* Stop reading if we have the maximum number of packets;
* When the -c option has not been used, max_packet_count
* starts at 0, which practically means, never stop reading.
}
/* Close the sequential I/O side, to free up memory it requires. */
- wtap_sequential_close(cf->frame_set_info.wth);
+ wtap_sequential_close(cf->provider.wth);
/* Allow the protocol dissectors to free up memory that they
* don't need after the sequential run-through of the packets. */
postseq_cleanup_all_protocols();
- cf->frame_set_info.prev_dis = NULL;
- cf->frame_set_info.prev_cap = NULL;
+ cf->provider.prev_dis = NULL;
+ cf->provider.prev_cap = NULL;
}
if (err != 0) {
/* The open succeeded. Fill in the information for this file. */
- /* Create new epan session for dissection. */
- epan_free(cf->epan);
- cf->epan = sharkd_epan_new(cf);
-
- cf->frame_set_info.wth = wth;
+ cf->provider.wth = wth;
cf->f_datalen = 0; /* not used, but set it anyway */
/* Set the file name because we need it to set the follow stream filter.
/* No user changes yet. */
cf->unsaved_changes = FALSE;
- cf->cd_t = wtap_file_type_subtype(cf->frame_set_info.wth);
+ cf->cd_t = wtap_file_type_subtype(cf->provider.wth);
cf->open_type = type;
cf->count = 0;
cf->drops_known = FALSE;
cf->drops = 0;
- cf->snap = wtap_snapshot_length(cf->frame_set_info.wth);
+ cf->snap = wtap_snapshot_length(cf->provider.wth);
nstime_set_zero(&cf->elapsed_time);
- cf->frame_set_info.ref = NULL;
- cf->frame_set_info.prev_dis = NULL;
- cf->frame_set_info.prev_cap = NULL;
+ cf->provider.ref = NULL;
+ cf->provider.prev_dis = NULL;
+ cf->provider.prev_cap = NULL;
+
+ /* Create new epan session for dissection. */
+ epan_free(cf->epan);
+ cf->epan = sharkd_epan_new(cf);
cf->state = FILE_READ_IN_PROGRESS;
- wtap_set_cb_new_ipv4(cf->frame_set_info.wth, add_ipv4_name);
- wtap_set_cb_new_ipv6(cf->frame_set_info.wth, (wtap_new_ipv6_callback_t) add_ipv6_name);
+ wtap_set_cb_new_ipv4(cf->provider.wth, add_ipv4_name);
+ wtap_set_cb_new_ipv6(cf->provider.wth, (wtap_new_ipv6_callback_t) add_ipv6_name);
return CF_OK;
return load_cap_file(&cfile, 0, 0);
}
+frame_data *
+sharkd_get_frame(guint32 framenum)
+{
+ return frame_data_sequence_find(cfile.provider.frames, framenum);
+}
+
int
-sharkd_dissect_request(unsigned int framenum, void (*cb)(epan_dissect_t *, proto_tree *, struct epan_column_info *, const GSList *, void *), int dissect_bytes, int dissect_columns, int dissect_tree, void *data)
+sharkd_dissect_request(guint32 framenum, guint32 frame_ref_num, guint32 prev_dis_num, sharkd_dissect_func_t cb, guint32 dissect_flags, void *data)
{
frame_data *fdata;
- column_info *cinfo = (dissect_columns) ? &cfile.cinfo : NULL;
+ column_info *cinfo = (dissect_flags & SHARKD_DISSECT_FLAG_COLUMNS) ? &cfile.cinfo : NULL;
epan_dissect_t edt;
gboolean create_proto_tree;
- struct wtap_pkthdr phdr; /* Packet header */
- Buffer buf; /* Packet data */
+ wtap_rec rec; /* Record metadata */
+ Buffer buf; /* Record data */
int err;
char *err_info = NULL;
- fdata = frame_data_sequence_find(cfile.frame_set_info.frames, framenum);
+ fdata = sharkd_get_frame(framenum);
if (fdata == NULL)
return -1;
- wtap_phdr_init(&phdr);
+ wtap_rec_init(&rec);
ws_buffer_init(&buf, 1500);
- if (!wtap_seek_read(cfile.frame_set_info.wth, fdata->file_off, &phdr, &buf, &err, &err_info)) {
+ if (!wtap_seek_read(cfile.provider.wth, fdata->file_off, &rec, &buf, &err, &err_info)) {
+ wtap_rec_cleanup(&rec);
ws_buffer_free(&buf);
return -1; /* error reading the record */
}
- create_proto_tree = (dissect_tree) || (cinfo && have_custom_cols(cinfo));
- epan_dissect_init(&edt, cfile.epan, create_proto_tree, dissect_tree);
+ create_proto_tree = ((dissect_flags & SHARKD_DISSECT_FLAG_PROTO_TREE) ||
+ ((dissect_flags & SHARKD_DISSECT_FLAG_COLOR) && color_filters_used()) ||
+ (cinfo && have_custom_cols(cinfo)));
+ epan_dissect_init(&edt, cfile.epan, create_proto_tree, (dissect_flags & SHARKD_DISSECT_FLAG_PROTO_TREE));
+
+ if (dissect_flags & SHARKD_DISSECT_FLAG_COLOR) {
+ color_filters_prime_edt(&edt);
+ fdata->flags.need_colorize = 1;
+ }
if (cinfo)
col_custom_prime_edt(&edt, cinfo);
* XXX - need to catch an OutOfMemoryError exception and
* attempt to recover from it.
*/
- epan_dissect_run(&edt, cfile.cd_t, &phdr, frame_tvbuff_new_buffer(fdata, &buf), fdata, cinfo);
+ fdata->flags.ref_time = (framenum == frame_ref_num);
+ fdata->frame_ref_num = frame_ref_num;
+ fdata->prev_dis_num = prev_dis_num;
+ epan_dissect_run(&edt, cfile.cd_t, &rec,
+ frame_tvbuff_new_buffer(&cfile.provider, fdata, &buf),
+ fdata, cinfo);
if (cinfo) {
/* "Stringify" non frame_data vals */
epan_dissect_fill_in_columns(&edt, FALSE, TRUE/* fill_fd_columns */);
}
- cb(&edt, dissect_tree ? edt.tree : NULL, cinfo, dissect_bytes ? edt.pi.data_src : NULL, data);
+ cb(&edt, (dissect_flags & SHARKD_DISSECT_FLAG_PROTO_TREE) ? edt.tree : NULL,
+ cinfo, (dissect_flags & SHARKD_DISSECT_FLAG_BYTES) ? edt.pi.data_src : NULL,
+ data);
epan_dissect_cleanup(&edt);
- wtap_phdr_cleanup(&phdr);
+ wtap_rec_cleanup(&rec);
ws_buffer_free(&buf);
return 0;
}
/* based on packet_list_dissect_and_cache_record */
int
-sharkd_dissect_columns(int framenum, column_info *cinfo, gboolean dissect_color)
+sharkd_dissect_columns(frame_data *fdata, guint32 frame_ref_num, guint32 prev_dis_num, column_info *cinfo, gboolean dissect_color)
{
- frame_data *fdata;
epan_dissect_t edt;
gboolean create_proto_tree;
- struct wtap_pkthdr phdr; /* Packet header */
- Buffer buf; /* Packet data */
+ wtap_rec rec; /* Record metadata */
+ Buffer buf; /* Record data */
int err;
char *err_info = NULL;
- fdata = frame_data_sequence_find(cfile.frame_set_info.frames, framenum);
- if (fdata == NULL) {
- col_fill_in_error(cinfo, fdata, FALSE, TRUE/* fill_fd_columns */);
- return -1; /* error reading the record */
- }
-
- wtap_phdr_init(&phdr);
+ wtap_rec_init(&rec);
ws_buffer_init(&buf, 1500);
- if (!wtap_seek_read(cfile.frame_set_info.wth, fdata->file_off, &phdr, &buf, &err, &err_info)) {
+ if (!wtap_seek_read(cfile.provider.wth, fdata->file_off, &rec, &buf, &err, &err_info)) {
col_fill_in_error(cinfo, fdata, FALSE, FALSE /* fill_fd_columns */);
+ wtap_rec_cleanup(&rec);
ws_buffer_free(&buf);
return -1; /* error reading the record */
}
* XXX - need to catch an OutOfMemoryError exception and
* attempt to recover from it.
*/
- epan_dissect_run(&edt, cfile.cd_t, &phdr, frame_tvbuff_new_buffer(fdata, &buf), fdata, cinfo);
+ fdata->flags.ref_time = (fdata->num == frame_ref_num);
+ fdata->frame_ref_num = frame_ref_num;
+ fdata->prev_dis_num = prev_dis_num;
+ epan_dissect_run(&edt, cfile.cd_t, &rec,
+ frame_tvbuff_new_buffer(&cfile.provider, fdata, &buf),
+ fdata, cinfo);
if (cinfo) {
/* "Stringify" non frame_data vals */
}
epan_dissect_cleanup(&edt);
- wtap_phdr_cleanup(&phdr);
+ wtap_rec_cleanup(&rec);
ws_buffer_free(&buf);
return 0;
}
guint32 framenum;
frame_data *fdata;
Buffer buf;
- struct wtap_pkthdr phdr;
+ wtap_rec rec;
int err;
char *err_info = NULL;
create_proto_tree =
(have_filtering_tap_listeners() || (tap_flags & TL_REQUIRES_PROTO_TREE));
- wtap_phdr_init(&phdr);
+ wtap_rec_init(&rec);
ws_buffer_init(&buf, 1500);
epan_dissect_init(&edt, cfile.epan, create_proto_tree, FALSE);
reset_tap_listeners();
for (framenum = 1; framenum <= cfile.count; framenum++) {
- fdata = frame_data_sequence_find(cfile.frame_set_info.frames, framenum);
+ fdata = sharkd_get_frame(framenum);
- if (!wtap_seek_read(cfile.frame_set_info.wth, fdata->file_off, &phdr, &buf, &err, &err_info))
+ if (!wtap_seek_read(cfile.provider.wth, fdata->file_off, &rec, &buf, &err, &err_info))
break;
- epan_dissect_run_with_taps(&edt, cfile.cd_t, &phdr, frame_tvbuff_new(fdata, ws_buffer_start_ptr(&buf)), fdata, cinfo);
+ fdata->flags.ref_time = FALSE;
+ fdata->frame_ref_num = (framenum != 1) ? 1 : 0;
+ fdata->prev_dis_num = framenum - 1;
+ epan_dissect_run_with_taps(&edt, cfile.cd_t, &rec,
+ frame_tvbuff_new(&cfile.provider, fdata, ws_buffer_start_ptr(&buf)),
+ fdata, cinfo);
epan_dissect_reset(&edt);
}
- wtap_phdr_cleanup(&phdr);
+ wtap_rec_cleanup(&rec);
ws_buffer_free(&buf);
epan_dissect_cleanup(&edt);
{
dfilter_t *dfcode = NULL;
- guint32 framenum;
+ guint32 framenum, prev_dis_num = 0;
guint32 frames_count;
Buffer buf;
- struct wtap_pkthdr phdr;
+ wtap_rec rec;
int err;
char *err_info = NULL;
return -1;
}
+ /* if dfilter_compile() success, but (dfcode == NULL) all frames are matching */
+ if (dfcode == NULL) {
+ *result = NULL;
+ return 0;
+ }
+
frames_count = cfile.count;
- wtap_phdr_init(&phdr);
+ wtap_rec_init(&rec);
ws_buffer_init(&buf, 1500);
epan_dissect_init(&edt, cfile.epan, TRUE, FALSE);
result_bits = (guint8 *) g_malloc(2 + (frames_count / 8));
for (framenum = 1; framenum <= frames_count; framenum++) {
- frame_data *fdata = frame_data_sequence_find(cfile.frame_set_info.frames, framenum);
+ frame_data *fdata = sharkd_get_frame(framenum);
if ((framenum & 7) == 0) {
result_bits[(framenum / 8) - 1] = passed_bits;
passed_bits = 0;
}
- if (!wtap_seek_read(cfile.frame_set_info.wth, fdata->file_off, &phdr, &buf, &err, &err_info))
+ if (!wtap_seek_read(cfile.provider.wth, fdata->file_off, &rec, &buf, &err, &err_info))
break;
/* frame_data_set_before_dissect */
epan_dissect_prime_with_dfilter(&edt, dfcode);
- epan_dissect_run(&edt, cfile.cd_t, &phdr, frame_tvbuff_new_buffer(fdata, &buf), fdata, NULL);
+ fdata->flags.ref_time = FALSE;
+ fdata->frame_ref_num = (framenum != 1) ? 1 : 0;
+ fdata->prev_dis_num = prev_dis_num;
+ epan_dissect_run(&edt, cfile.cd_t, &rec,
+ frame_tvbuff_new_buffer(&cfile.provider, fdata, &buf),
+ fdata, NULL);
- if (dfilter_apply_edt(dfcode, &edt))
+ if (dfilter_apply_edt(dfcode, &edt)) {
passed_bits |= (1 << (framenum % 8));
+ prev_dis_num = framenum;
+ }
/* if passed or ref -> frame_data_set_after_dissect */
framenum--;
result_bits[framenum / 8] = passed_bits;
- wtap_phdr_cleanup(&phdr);
+ wtap_rec_cleanup(&rec);
ws_buffer_free(&buf);
epan_dissect_cleanup(&edt);
return framenum;
}
+const char *
+sharkd_get_user_comment(const frame_data *fd)
+{
+ return cap_file_provider_get_user_comment(&cfile.provider, fd);
+}
+
+int
+sharkd_set_user_comment(frame_data *fd, const gchar *new_comment)
+{
+ cap_file_provider_set_user_comment(&cfile.provider, fd, new_comment);
+ return 0;
+}
+
#include "version.h"
const char *sharkd_version(void)
{
git.samba.org / metze / wireshark / wip.git / blobdiff