* USA.
*/
-#include "config.h"
-
-#include <gtk/gtk.h>
-
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
#include <stdio.h>
#include <string.h>
#include <ctype.h>
-#include <color.h>
-#include <gtk/colors.h>
-#include <gtk/main.h>
+#include <gtk/gtk.h>
+
#include <epan/follow.h>
-#include <gtk/dlg_utils.h>
-#include <gtk/file_dlg.h>
-#include <gtk/keys.h>
-#include <globals.h>
-#include <alert_box.h>
-#include <simple_dialog.h>
#include <epan/dissectors/packet-ipv6.h>
#include <epan/prefs.h>
#include <epan/addr_resolv.h>
-#include <util.h>
-#include <gtk/gui_utils.h>
#include <epan/epan_dissect.h>
#include <epan/filesystem.h>
-#include <gtk/compat_macros.h>
-#include <epan/ipproto.h>
-#include <gtk/font_utils.h>
-#include <wiretap/file_util.h>
#include <epan/tap.h>
+#include <../alert_box.h>
+#include <../simple_dialog.h>
+#include <../util.h>
+
+#include "gtkglobals.h"
+#include <gtk/color_utils.h>
+#include <gtk/main.h>
+#include <gtk/dlg_utils.h>
+#include <gtk/file_dlg.h>
+#include <gtk/keys.h>
+#include <gtk/gui_utils.h>
+#include <gtk/font_utils.h>
+#include "gtk/follow_ssl.h"
+#include "gtk/follow_stream.h"
+#include "gtk/utf8_entities.h"
+
#ifdef SSL_PLUGIN
#include "packet-ssl-utils.h"
#else
#include <epan/dissectors/packet-ssl-utils.h>
#endif
-#include "follow_ssl.h"
-
-#include "follow_stream.h"
typedef struct {
gboolean is_server;
int proto_ssl = (long) ssl;
SslPacketInfo* pi = p_get_proto_data(pinfo->fd, proto_ssl);
- /* skip packet without decrypted data payload*/
+ /* skip packet without decrypted data payload*/
if (!pi || !pi->appl_data)
return 0;
total_len = 0;
appl_data = pi->appl_data;
do {
- total_len += appl_data->plain_data.data_len;
+ total_len += appl_data->plain_data.data_len;
appl_data = appl_data->next;
} while (appl_data);
-
+
/* compute packet direction */
rec = g_malloc(sizeof(SslDecryptedRecord) + total_len);
if (follow_info->client_port == 0) {
follow_info->client_port = pinfo->srcport;
- memcpy(follow_info->client_ip, pinfo->src.data, pinfo->src.len);
+ COPY_ADDRESS(&follow_info->client_ip, &pinfo->src);
}
- if (memcmp(follow_info->client_ip, pinfo->src.data, pinfo->src.len) == 0 &&
- follow_info->client_port == pinfo->srcport) {
+ if (ADDRESSES_EQUAL(&follow_info->client_ip, &pinfo->src) &&
+ follow_info->client_port == pinfo->srcport)
rec->is_server = 0;
- }
- else
+ else
rec->is_server = 1;
/* update stream counter */
follow_info->bytes_written[rec->is_server] += total_len;
-
- /* extract decrypted data and queue it locally */
+
+ /* extract decrypted data and queue it locally */
rec->data.data = (guchar*)(rec + 1);
rec->data.data_len = total_len;
appl_data = pi->appl_data;
p = rec->data.data;
do {
memcpy(p, appl_data->plain_data.data, appl_data->plain_data.data_len);
- p += appl_data->plain_data.data_len;
+ p += appl_data->plain_data.data_len;
appl_data = appl_data->next;
} while (appl_data);
- follow_info->ssl_decrypted_data = g_list_append(
- follow_info->ssl_decrypted_data,rec);
+ follow_info->payload = g_list_append(
+ follow_info->payload,rec);
return 0;
}
-extern int
+extern gboolean
packet_is_ssl(epan_dissect_t* edt);
a dissection routine on belongs (this might be the most recently
selected packet, or it might be the last packet in the file). */
void
-follow_ssl_stream_cb(GtkWidget * w, gpointer data _U_)
+follow_ssl_stream_cb(GtkWidget * w _U_, gpointer data _U_)
{
- GtkWidget *filter_te;
+ GtkWidget *filter_te, *filter_cm;
gchar *follow_filter;
const gchar *previous_filter;
int filter_out_filter_len, previous_filter_len;
gchar *server_to_client_string = NULL;
gchar *client_to_server_string = NULL;
gchar *both_directions_string = NULL;
- follow_tcp_stats_t stats;
+ follow_stats_t stats;
follow_info_t *follow_info;
GString* msg;
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
"Error creating filter for this stream.\n"
"A network layer header is needed");
+ g_free(follow_info);
return;
}
/* Set the display filter entry accordingly */
- filter_te = OBJECT_GET_DATA(w, E_DFILTER_TE_KEY);
+ filter_cm = g_object_get_data(G_OBJECT(top_level), E_DFILTER_CM_KEY);
+ filter_te = gtk_bin_get_child(GTK_BIN(filter_cm));
/* needed in follow_filter_out_stream(), is there a better way? */
follow_info->filter_te = filter_te;
/* allocate our new filter. API claims g_malloc terminates program on failure */
/* my calc for max alloc needed is really +10 but when did a few extra bytes hurt ? */
- previous_filter_len = previous_filter?strlen(previous_filter):0;
- filter_out_filter_len = strlen(follow_filter) + previous_filter_len + 16;
+ previous_filter_len = previous_filter?(int)strlen(previous_filter):0;
+ filter_out_filter_len = (int)strlen(follow_filter) + previous_filter_len + 16;
follow_info->filter_out_filter = (gchar *)g_malloc(filter_out_filter_len);
/* append the negation */
}
/* data will be passed via tap callback*/
- msg = register_tap_listener("ssl", follow_info, follow_filter,
+ msg = register_tap_listener("ssl", follow_info, follow_filter, 0,
NULL, ssl_queue_packet_data, NULL);
if (msg)
{
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
"Can't register ssl tap: %s\n",msg->str);
+ g_free(follow_info->filter_out_filter);
+ g_free(follow_info);
+ g_free(follow_filter);
return;
}
gtk_entry_set_text(GTK_ENTRY(filter_te), follow_filter);
remove_tap_listener(follow_info);
/* Stream to show */
- follow_tcp_stats(&stats);
+ follow_stats(&stats);
if (stats.is_ipv6) {
struct e_in6_addr ipaddr;
memcpy(&ipaddr, stats.ip_address[1], 4);
hostname1 = get_hostname(ipaddr);
}
-
- port0 = get_tcp_port(stats.tcp_port[0]);
- port1 = get_tcp_port(stats.tcp_port[1]);
-
+
+ port0 = get_tcp_port(stats.port[0]);
+ port1 = get_tcp_port(stats.port[1]);
+
follow_info->is_ipv6 = stats.is_ipv6;
/* Both Stream Directions */
both_directions_string = g_strdup_printf("Entire conversation (%u bytes)", follow_info->bytes_written[0] + follow_info->bytes_written[1]);
-
- /* Host 0 --> Host 1 */
- server_to_client_string =
- g_strdup_printf("%s:%s --> %s:%s (%u bytes)",
- hostname0, port0,
- hostname1, port1,
- follow_info->bytes_written[0]);
-
- /* Host 1 --> Host 0 */
- client_to_server_string =
- g_strdup_printf("%s:%s --> %s:%s (%u bytes)",
- hostname1, port1,
- hostname0, port0,
- follow_info->bytes_written[1]);
+
+ if(follow_info->client_port == stats.port[0]) {
+ server_to_client_string =
+ g_strdup_printf("%s:%s " UTF8_RIGHTWARDS_ARROW " %s:%s (%u bytes)",
+ hostname0, port0,
+ hostname1, port1,
+ follow_info->bytes_written[0]);
+
+ client_to_server_string =
+ g_strdup_printf("%s:%s " UTF8_RIGHTWARDS_ARROW " %s:%s (%u bytes)",
+ hostname1, port1,
+ hostname0, port0,
+ follow_info->bytes_written[1]);
+ } else {
+ server_to_client_string =
+ g_strdup_printf("%s:%s " UTF8_RIGHTWARDS_ARROW " %s:%s (%u bytes)",
+ hostname1, port1,
+ hostname0, port0,
+ follow_info->bytes_written[0]);
+
+ client_to_server_string =
+ g_strdup_printf("%s:%s " UTF8_RIGHTWARDS_ARROW " %s:%s (%u bytes)",
+ hostname0, port0,
+ hostname1, port1,
+ follow_info->bytes_written[1]);
+ }
follow_stream("Follow SSL Stream", follow_info, both_directions_string,
server_to_client_string, client_to_server_string);
+
+ g_free(both_directions_string);
+ g_free(server_to_client_string);
+ g_free(client_to_server_string);
}
#define FLT_BUF_SIZE 1024
/*
- * XXX - the routine pointed to by "print_line" doesn't get handed lines,
+ * XXX - the routine pointed to by "print_line_fcn_p" doesn't get handed lines,
* it gets handed bufferfuls. That's fine for "follow_write_raw()"
* and "follow_add_to_gtk_text()", but, as "follow_print_text()" calls
* the "print_line()" routine from "print.c", and as that routine might
*/
frs_return_t
follow_read_ssl_stream(follow_info_t *follow_info,
- gboolean (*print_line)(char *, size_t, gboolean, void *),
+ gboolean (*print_line_fcn_p)(char *, size_t, gboolean, void *),
void *arg)
{
- int iplen;
guint32 global_client_pos = 0, global_server_pos = 0;
+ guint32 server_packet_count = 0;
+ guint32 client_packet_count = 0;
guint32 *global_pos;
gboolean skip;
GList* cur;
frs_return_t frs_return;
- iplen = (follow_info->is_ipv6) ? 16 : 4;
-
- for (cur = follow_info->ssl_decrypted_data; cur; cur = g_list_next(cur)) {
+ for (cur = follow_info->payload; cur; cur = g_list_next(cur)) {
SslDecryptedRecord* rec = cur->data;
skip = FALSE;
if (!rec->is_server) {
if (follow_info->show_stream == FROM_SERVER) {
skip = TRUE;
}
- }
- else {
+ } else {
global_pos = &global_server_pos;
if (follow_info->show_stream == FROM_CLIENT) {
skip = TRUE;
if (!skip) {
size_t nchars = rec->data.data_len;
- gchar *buffer = g_strndup(rec->data.data, nchars);
-
- frs_return = follow_show(follow_info, print_line, buffer, nchars,
- rec->is_server, arg, global_pos);
+ gchar *buffer = g_memdup(rec->data.data, (guint) nchars);
+
+ frs_return = follow_show(follow_info, print_line_fcn_p, buffer, nchars,
+ rec->is_server, arg, global_pos,
+ &server_packet_count, &client_packet_count);
g_free(buffer);
if(frs_return == FRS_PRINT_ERROR)
return frs_return;