/* util.c
* Utility routines
*
- * $Id: util.c,v 1.50 2001/03/22 06:14:27 guy Exp $
+ * $Id: util.c,v 1.76 2004/01/11 22:17:42 guy Exp $
*
* Ethereal - Network traffic analyzer
- * By Gerald Combs <gerald@zing.org>
+ * By Gerald Combs <gerald@ethereal.com>
* Copyright 1998 Gerald Combs
*
- *
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#include <unistd.h>
#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
#ifdef HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
# include "snprintf.h"
#endif
-#ifndef WIN32
-#include <pwd.h>
-#endif
-
#ifdef NEED_MKSTEMP
#include "mkstemp.h"
#endif
-#include "util.h"
-
#ifdef HAVE_IO_H
#include <io.h>
+#ifndef __MINGW32__
typedef int mode_t; /* for win32 */
-#endif
-
-#ifdef HAVE_LIBPCAP
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_SYS_IOCTL_H
-#include <sys/ioctl.h>
-#endif
-
-#include <pcap.h>
-
-#ifndef WIN32
-#include <net/if.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKIO_H
-# include <sys/sockio.h>
-#endif
-
-#include "globals.h"
-
-#endif
-
-/*
- * Given a pathname, return:
- *
- * the errno, if an attempt to "stat()" the file fails;
- *
- * EISDIR, if the attempt succeeded and the file turned out
- * to be a directory;
- *
- * 0, if the attempt succeeded and the file turned out not
- * to be a directory.
- */
+#endif /* __MINGW32__ */
+#endif /* HAVE_IO_H */
/*
- * Visual C++ on Win32 systems doesn't define these. (Old UNIX systems don't
- * define them either.)
- *
- * Visual C++ on Win32 systems doesn't define S_IFIFO, it defines _S_IFIFO.
+ * This has to come after the include of <pcap.h>, as the include of
+ * <pcap.h> might cause <winsock2.h> to be included, and if we've
+ * already included <winsock.h> as a result of including <windows.h>,
+ * we get a bunch of redefinitions.
*/
-#ifndef S_ISREG
-#define S_ISREG(mode) (((mode) & S_IFMT) == S_IFREG)
-#endif
-#ifndef S_IFIFO
-#define S_IFIFO _S_IFIFO
-#endif
-#ifndef S_ISFIFO
-#define S_ISFIFO(mode) (((mode) & S_IFMT) == S_IFIFO)
-#endif
-#ifndef S_ISDIR
-#define S_ISDIR(mode) (((mode) & S_IFMT) == S_IFDIR)
+#ifdef HAVE_WINDOWS_H
+#include <windows.h>
#endif
-int
-test_for_directory(const char *path)
-{
- struct stat statb;
-
- if (stat(path, &statb) < 0)
- return errno;
-
- if (S_ISDIR(statb.st_mode))
- return EISDIR;
- else
- return 0;
-}
-
-/*
- * Given a pathname, return a pointer to the last pathname separator
- * character in the pathname, or NULL if the pathname contains no
- * separators.
- */
-char *
-find_last_pathname_separator(char *path)
-{
- char *separator;
-
-#ifdef WIN32
- char c;
-
- /*
- * We have to scan for '\' or '/'.
- * Get to the end of the string.
- */
- separator = path + strlen(path); /* points to ending '\0' */
- while (separator > path) {
- c = *--separator;
- if (c == '\\' || c == '/')
- return separator; /* found it */
- }
-
- /*
- * OK, we didn't find any, so no directories - but there might
- * be a drive letter....
- */
- return strchr(path, ':');
-#else
- separator = strrchr(path, '/');
-#endif
- return separator;
-}
-
-/*
- * Given a pathname, return the last component.
- */
-char *
-get_basename(char *path)
-{
- char *filename;
-
- filename = find_last_pathname_separator(path);
- if (filename == NULL) {
- /*
- * There're no directories, drive letters, etc. in the
- * name; the pathname *is* the file name.
- */
- filename = path;
- } else {
- /*
- * Skip past the pathname or drive letter separator.
- */
- filename++;
- }
- return filename;
-}
-
-/*
- * Given a pathname, return a string containing everything but the
- * last component. NOTE: this overwrites the pathname handed into
- * it....
- */
-char *
-get_dirname(char *path)
-{
- char *separator;
-
- separator = find_last_pathname_separator(path);
- if (separator == NULL) {
- /*
- * There're no directories, drive letters, etc. in the
- * name; there is no directory path to return.
- */
- return NULL;
- }
-
- /*
- * Get rid of the last pathname separator and the final file
- * name following it.
- */
- *separator = '\0';
-
- /*
- * "path" now contains the pathname of the directory containing
- * the file/directory to which it referred.
- */
- return path;
-}
+#include "util.h"
/*
* Collect command-line arguments as a string consisting of the arguments,
/* ASCII/EBCDIC conversion tables from
* http://www.room42.com/store/computer_center/code_tables.shtml
*/
+#if 0
static guint8 ASCII_translate_EBCDIC [ 256 ] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
{
return ASCII_translate_EBCDIC[c];
}
+#endif
static guint8 EBCDIC_translate_ASCII [ 256 ] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x2E, 0x2E, 0x2E, 0x2E, 0x5D, 0x2E, 0x2E,
0x7B, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48,
0x49, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E,
- 0x7D, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F, 0x50, 0x51,
+ 0x7D, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F, 0x50, 0x51,
0x52, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E,
0x5C, 0x2E, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59,
0x5A, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E,
- 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
+ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
0x39, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E
};
return EBCDIC_translate_ASCII[c];
}
-#ifdef HAVE_LIBPCAP
-
-/*
- * If the ability to capture packets is added to Wiretap, these
- * routines should be moved to the Wiretap source (with
- * "get_interface_list()" and "free_interface_list()" renamed to
- * "wtap_get_interface_list()" and "wtap_free_interface_list()",
- * and modified to use Wiretap routines to attempt to open the
- * interface.
- */
-
-struct search_user_data {
- char *name;
- int found;
-};
-
-static void
-search_for_if_cb(gpointer data, gpointer user_data);
-
-static void
-free_if_cb(gpointer data, gpointer user_data);
-
-#ifndef WIN32
-GList *
-get_interface_list(int *err, char *err_str)
-{
- GList *il = NULL;
- gint nonloopback_pos = 0;
- struct ifreq *ifr, *last;
- struct ifconf ifc;
- struct ifreq ifrflags;
- int sock = socket(AF_INET, SOCK_DGRAM, 0);
- struct search_user_data user_data;
- pcap_t *pch;
- int len, lastlen;
- char *buf;
-
- if (sock < 0) {
- sprintf(err_str, "Error opening socket: %s",
- strerror(errno));
- return NULL;
- }
-
- /*
- * This code came from: W. Richard Stevens: "UNIX Network Programming",
- * Networking APIs: Sockets and XTI, Vol 1, page 434.
- */
- lastlen = 0;
- len = 100 * sizeof(struct ifreq);
- for ( ; ; ) {
- buf = g_malloc(len);
- ifc.ifc_len = len;
- ifc.ifc_buf = buf;
- memset (buf, 0, len);
- if (ioctl(sock, SIOCGIFCONF, &ifc) < 0) {
- if (errno != EINVAL || lastlen != 0) {
- sprintf(err_str,
- "SIOCGIFCONF ioctl error getting list of interfaces: %s",
- strerror(errno));
- goto fail;
- }
- } else {
- if (ifc.ifc_len < sizeof(struct ifreq)) {
- sprintf(err_str,
- "SIOCGIFCONF ioctl gave too small return buffer");
- goto fail;
- }
- if (ifc.ifc_len == lastlen)
- break; /* success, len has not changed */
- lastlen = ifc.ifc_len;
- }
- len += 10 * sizeof(struct ifreq); /* increment */
- g_free(buf);
- }
- ifr = (struct ifreq *) ifc.ifc_req;
- last = (struct ifreq *) ((char *) ifr + ifc.ifc_len);
- while (ifr < last) {
- /*
- * Skip addresses that begin with "dummy", or that include
- * a ":" (the latter are Solaris virtuals).
- */
- if (strncmp(ifr->ifr_name, "dummy", 5) == 0 ||
- strchr(ifr->ifr_name, ':') != NULL)
- goto next;
-
- /*
- * If we already have this interface name on the list,
- * don't add it (SIOCGIFCONF returns, at least on
- * BSD-flavored systems, one entry per interface *address*;
- * if an interface has multiple addresses, we get multiple
- * entries for it).
- */
- user_data.name = ifr->ifr_name;
- user_data.found = FALSE;
- g_list_foreach(il, search_for_if_cb, &user_data);
- if (user_data.found)
- goto next;
-
- /*
- * Get the interface flags.
- */
- memset(&ifrflags, 0, sizeof ifrflags);
- strncpy(ifrflags.ifr_name, ifr->ifr_name,
- sizeof ifrflags.ifr_name);
- if (ioctl(sock, SIOCGIFFLAGS, (char *)&ifrflags) < 0) {
- if (errno == ENXIO)
- goto next;
- sprintf(err_str, "SIOCGIFFLAGS error getting flags for interface %s: %s",
- ifr->ifr_name, strerror(errno));
- goto fail;
- }
-
- /*
- * Skip interfaces that aren't up.
- */
- if (!(ifrflags.ifr_flags & IFF_UP))
- goto next;
-
- /*
- * Skip interfaces that we can't open with "libpcap".
- * Open with the minimum packet size - it appears that the
- * IRIX SIOCSNOOPLEN "ioctl" may fail if the capture length
- * supplied is too large, rather than just truncating it.
- */
- pch = pcap_open_live(ifr->ifr_name, MIN_PACKET_SIZE, 0, 0,
- err_str);
- if (pch == NULL)
- goto next;
- pcap_close(pch);
-
- /*
- * If it's a loopback interface, add it at the end of the
- * list, otherwise add it after the last non-loopback
- * interface, so all loopback interfaces go at the end - we
- * don't want a loopback interface to be the default capture
- * device unless there are no non-loopback devices.
- */
- if ((ifrflags.ifr_flags & IFF_LOOPBACK) ||
- strncmp(ifr->ifr_name, "lo", 2) == 0)
- il = g_list_insert(il, g_strdup(ifr->ifr_name), -1);
- else {
- il = g_list_insert(il, g_strdup(ifr->ifr_name),
- nonloopback_pos);
- /*
- * Insert the next non-loopback interface after this
- * one.
- */
- nonloopback_pos++;
- }
-
- next:
-#ifdef HAVE_SA_LEN
- ifr = (struct ifreq *) ((char *) ifr + ifr->ifr_addr.sa_len + IFNAMSIZ);
-#else
- ifr = (struct ifreq *) ((char *) ifr + sizeof(struct ifreq));
-#endif
- }
-
-#ifdef linux
- /*
- * OK, maybe we have support for the "any" device, to do a cooked
- * capture on all interfaces at once.
- * Try opening it and, if that succeeds, add it to the end of
- * the list of interfaces.
- */
- pch = pcap_open_live("any", MIN_PACKET_SIZE, 0, 0, err_str);
- if (pch != NULL) {
- /*
- * It worked; we can use the "any" device.
- */
- il = g_list_insert(il, g_strdup("any"), -1);
- pcap_close(pch);
- }
-#endif
-
- g_free(ifc.ifc_buf);
- close(sock);
-
- if (il == NULL) {
- /*
- * No interfaces found.
- */
- *err = NO_INTERFACES_FOUND;
- }
- return il;
-
-fail:
- if (il != NULL) {
- g_list_foreach(il, free_if_cb, NULL);
- g_list_free(il);
- }
- g_free(ifc.ifc_buf);
- close(sock);
- *err = CANT_GET_INTERFACE_LIST;
- return NULL;
-}
-
-static void
-search_for_if_cb(gpointer data, gpointer user_data)
-{
- struct search_user_data *search_user_data = user_data;
-
- if (strcmp((char *)data, search_user_data->name) == 0)
- search_user_data->found = TRUE;
-}
-#else
-GList *
-get_interface_list(int *err, char *err_str) {
- GList *il = NULL;
- wchar_t *names;
- char *win95names;
- char newname[255];
- int i, j, done;
-
- names = (wchar_t *)pcap_lookupdev(err_str);
- i = done = 0;
-
- if (names) {
- if (names[0]<256) {
- /* If names[0] is less than 256 it means the first byte is 0
- This implies that we are using unicode characters */
- do
- {
- j = 0;
- while (names[i] != 0)
- newname[j++] = names[i++];
- i++;
- if (names[i] == 0)
- done = 1;
- newname[j++] = 0;
- il = g_list_append(il, g_strdup(newname));
- } while (!done);
- }
- else {
- /* Otherwise we are in Windows 95/98 and using ascii(8 bit)
- characters */
- do
- {
- win95names=(char *)names;
- j = 0;
- while (win95names[i] != 0)
- newname[j++] = win95names[i++];
- i++;
- if (win95names[i] == 0)
- done = 1;
- newname[j++] = 0;
- il = g_list_append(il, g_strdup(newname));
- } while (!done);
- }
- }
- return(il);
-}
-#endif
-
-static void
-free_if_cb(gpointer data, gpointer user_data)
-{
- g_free(data);
-}
-
-void
-free_interface_list(GList *if_list)
-{
- while (if_list != NULL) {
- g_free(if_list->data);
- if_list = g_list_remove_link(if_list, if_list);
- }
-}
-
-#endif /* HAVE_LIBPCAP */
-
-
/* Compute the difference between two seconds/microseconds time stamps. */
void
compute_timestamp_diff(gint *diffsec, gint *diffusec,
}
}
}
+
+/* Decode a base64 string in-place - simple and slow algorithm.
+ Return length of result. Taken from rproxy/librsync/base64.c by
+ Andrew Tridgell. */
+
+size_t base64_decode(char *s)
+{
+ static const char b64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+ int bit_offset, byte_offset, idx, i, n;
+ unsigned char *d = (unsigned char *)s;
+ char *p;
+
+ n=i=0;
+
+ while (*s && (p=strchr(b64, *s))) {
+ idx = (int)(p - b64);
+ byte_offset = (i*6)/8;
+ bit_offset = (i*6)%8;
+ d[byte_offset] &= ~((1<<(8-bit_offset))-1);
+ if (bit_offset < 3) {
+ d[byte_offset] |= (idx << (2-bit_offset));
+ n = byte_offset+1;
+ } else {
+ d[byte_offset] |= (idx >> (bit_offset-2));
+ d[byte_offset+1] = 0;
+ d[byte_offset+1] |= (idx << (8-(bit_offset-2))) & 0xFF;
+ n = byte_offset+2;
+ }
+ s++; i++;
+ }
+
+ return n;
+}
+
+/* Try to figure out if we're remotely connected, e.g. via ssh or
+ Terminal Server, and create a capture filter that matches aspects of the
+ connection. We match the following environment variables:
+
+ SSH_CONNECTION (ssh): <remote IP> <remote port> <local IP> <local port>
+ SSH_CLIENT (ssh): <remote IP> <remote port> <local port>
+ REMOTEHOST (tcsh, others?): <remote name>
+ DISPLAY (x11): [remote name]:<display num>
+ CLIENTNAME (terminal server): <remote name>
+ */
+
+gchar *get_conn_cfilter(void) {
+ static GString *filter_str = NULL;
+ gchar *env, **tokens;
+
+ if (filter_str == NULL) {
+ filter_str = g_string_new("");
+ }
+ if ((env = getenv("SSH_CONNECTION")) != NULL) {
+ tokens = g_strsplit(env, " ", 4);
+ if (tokens[3]) {
+ g_string_sprintf(filter_str, "not (tcp port %s and ip host %s "
+ "and tcp port %s and ip host %s)", tokens[1], tokens[0],
+ tokens[3], tokens[2]);
+ return filter_str->str;
+ }
+ } else if ((env = getenv("SSH_CLIENT")) != NULL) {
+ tokens = g_strsplit(env, " ", 3);
+ g_string_sprintf(filter_str, "not (tcp port %s and ip host %s "
+ "and tcp port %s)", tokens[1], tokens[0], tokens[2]);
+ return filter_str->str;
+ } else if ((env = getenv("REMOTEHOST")) != NULL) {
+ g_string_sprintf(filter_str, "not ip host %s", env);
+ return filter_str->str;
+ } else if ((env = getenv("DISPLAY")) != NULL) {
+ tokens = g_strsplit(env, ":", 2);
+ if (tokens[0] && tokens[0][0] != 0) {
+ g_string_sprintf(filter_str, "not ip host %s",
+ tokens[0]);
+ return filter_str->str;
+ }
+ } else if ((env = getenv("CLIENTNAME")) != NULL) {
+ if (g_strcasecmp("console", env) != 0) {
+ g_string_sprintf(filter_str, "not ip host %s", env);
+ return filter_str->str;
+ }
+ }
+ return "";
+}