}
}
+#ifdef HAVE_LIBCAP
+static void
+#if 0 /* Set to enable capability debugging */
+/* see 'man cap_to_text()' for explanation of output */
+/* '=' means 'all= ' ie: no capabilities */
+/* '=ip' means 'all=ip' ie: all capabilities are permissible and inheritable */
+/* .... */
+print_caps(const char *pfx) {
+ cap_t caps = cap_get_proc();
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
+ "%s: EUID: %d Capabilities: %s", pfx,
+ geteuid(), cap_to_text(caps, NULL));
+ cap_free(caps);
+#else
+print_caps(const char *pfx _U_) {
+#endif
+}
+
+static void
+relinquish_all_capabilities(void)
+{
+ /* Drop any and all capabilities this process may have. */
+ /* Allowed whether or not process has any privileges. */
+ cap_t caps = cap_init(); /* all capabilities initialized to off */
+ print_caps("Pre-clear");
+ if (cap_set_proc(caps)) {
+ cmdarg_err("cap_set_proc() fail return: %s", strerror(errno));
+ }
+ print_caps("Post-clear");
+ cap_free(caps);
+}
+#endif
+
static pcap_t *
-open_capture_device(capture_options *capture_opts, char *open_err_str,
- size_t open_err_str_size)
+open_capture_device(capture_options *capture_opts,
+ char (*open_err_str)[PCAP_ERRBUF_SIZE])
{
pcap_t *pcap_h;
#ifdef HAVE_PCAP_CREATE
Some versions of libpcap may put warnings into the error buffer
if they succeed; to tell if that's happened, we have to clear
the error buffer, and check if it's still a null string. */
- open_err_str[0] = '\0';
+ (*open_err_str)[0] = '\0';
#ifdef HAVE_PCAP_OPEN
/*
* If we're opening a remote device, use pcap_open(); that's currently
(capture_opts->promisc_mode ? PCAP_OPENFLAG_PROMISCUOUS : 0) |
(capture_opts->datatx_udp ? PCAP_OPENFLAG_DATATX_UDP : 0) |
(capture_opts->nocap_rpcap ? PCAP_OPENFLAG_NOCAPTURE_RPCAP : 0),
- CAP_READ_TIMEOUT, &auth, open_err_str);
+ CAP_READ_TIMEOUT, &auth, *open_err_str);
} else
#endif /* HAVE_PCAP_OPEN */
{
* size, otherwise use pcap_open_live().
*/
#ifdef HAVE_PCAP_CREATE
- pcap_h = pcap_create(capture_opts->iface, open_err_str);
+ pcap_h = pcap_create(capture_opts->iface, *open_err_str);
if (pcap_h != NULL) {
pcap_set_snaplen(pcap_h, capture_opts->has_snaplen ? capture_opts->snaplen : WTAP_MAX_PACKET_SIZE);
pcap_set_promisc(pcap_h, capture_opts->promisc_mode);
if (err < 0) {
/* Failed to activate, set to NULL */
if (err == PCAP_ERROR)
- g_strlcpy(open_err_str, pcap_geterr(pcap_h), open_err_str_size);
+ g_strlcpy(*open_err_str, pcap_geterr(pcap_h), sizeof *open_err_str);
else
- g_strlcpy(open_err_str, pcap_statustostr(err), open_err_str_size);
+ g_strlcpy(*open_err_str, pcap_statustostr(err), sizeof *open_err_str);
pcap_close(pcap_h);
pcap_h = NULL;
}
capture_opts->has_snaplen ? capture_opts->snaplen :
WTAP_MAX_PACKET_SIZE,
capture_opts->promisc_mode, CAP_READ_TIMEOUT,
- open_err_str);
+ *open_err_str);
#endif
}
static void
get_capture_device_open_failure_messages(const char *open_err_str,
+ const char *iface
+#ifndef _WIN32
+ _U_
+#endif
+ ,
char *errmsg, size_t errmsg_len,
char *secondary_errmsg,
size_t secondary_errmsg_len)
"\n"
" http://wiki.wireshark.org/WinPcap\n"
" http://wiki.wireshark.org/CaptureSetup\n",
- capture_opts->iface);
+ iface);
#endif /* _WIN32 */
}
char *set_linktype_err_str;
if (capture_opts->linktype == -1)
- return TRUE; /* just use the default */
+ return TRUE; /* just use the default */
#ifdef HAVE_PCAP_SET_DATALINK
if (pcap_set_datalink(pcap_h, capture_opts->linktype) == 0)
return TRUE; /* no error */
#endif
g_snprintf(errmsg, (gulong) errmsg_len, "Unable to set data link type (%s).",
set_linktype_err_str);
- g_snprintf(secondary_errmsg, (gulong) secondary_errmsg_len, please_report);
+ /*
+ * If the error isn't "XXX is not one of the DLTs supported by this device",
+ * tell the user to tell the Wireshark developers about it.
+ */
+ if (strstr(set_linktype_err_str, "is not one of the DLTs supported by this device") == NULL)
+ g_snprintf(secondary_errmsg, (gulong) secondary_errmsg_len, please_report);
+ else
+ secondary_errmsg[0] = '\0';
return FALSE;
}
static gboolean
compile_capture_filter(const char *iface, pcap_t *pcap_h,
- struct bpf_program *fcode, const char *cfilter)
+ struct bpf_program *fcode, char *cfilter)
{
bpf_u_int32 netnum, netmask;
gchar lookup_net_err_str[PCAP_ERRBUF_SIZE];
return TRUE;
}
+#ifdef HAVE_BPF_IMAGE
static gboolean
show_filter_code(capture_options *capture_opts)
{
struct bpf_insn *insn;
u_int i;
- pcap_h = open_capture_device(capture_opts, open_err_str,
- sizeof open_err_str);
+ pcap_h = open_capture_device(capture_opts, &open_err_str);
if (pcap_h == NULL) {
/* Open failed; get messages */
get_capture_device_open_failure_messages(open_err_str,
+ capture_opts->iface,
errmsg, sizeof errmsg,
secondary_errmsg,
sizeof secondary_errmsg);
printf("%s\n", bpf_image(insn, i));
return TRUE;
}
+#endif
/*
* capture_interface_list() is expected to do the right thing to get
* CAP_NET_ADMIN and CAP_NET_RAW, then relinquish our permissions.
* (See comment in main() for details)
*/
-
-static void
-#if 0 /* Set to enable capability debugging */
-/* see 'man cap_to_text()' for explanation of output */
-/* '=' means 'all= ' ie: no capabilities */
-/* '=ip' means 'all=ip' ie: all capabilities are permissible and inheritable */
-/* .... */
-print_caps(const char *pfx) {
- cap_t caps = cap_get_proc();
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "%s: EUID: %d Capabilities: %s", pfx,
- geteuid(), cap_to_text(caps, NULL));
- cap_free(caps);
-#else
-print_caps(const char *pfx _U_) {
-#endif
-}
-
static void
relinquish_privs_except_capture(void)
{
}
}
-
-static void
-relinquish_all_capabilities(void)
-{
- /* Drop any and all capabilities this process may have. */
- /* Allowed whether or not process has any privileges. */
- cap_t caps = cap_init(); /* all capabilities initialized to off */
- print_caps("Pre-clear");
- if (cap_set_proc(caps)) {
- cmdarg_err("cap_set_proc() fail return: %s", strerror(errno));
- }
- print_caps("Post-clear");
- cap_free(caps);
-}
-
#endif /* HAVE_LIBCAP */
/* Take care of byte order in the libpcap headers read from pipes.
}
#endif
- ld->pcap_h = open_capture_device(capture_opts, open_err_str,
- sizeof open_err_str);
+ ld->pcap_h = open_capture_device(capture_opts, &open_err_str);
if (ld->pcap_h != NULL) {
/* we've opened "iface" as a network device */
if (ld->cap_pipe_err == PIPNEXIST) {
/* Pipe doesn't exist, so output message for interface */
- get_capture_device_open_failure_messages(open_err_str, errmsg,
+ get_capture_device_open_failure_messages(open_err_str,
+ capture_opts->iface,
+ errmsg,
errmsg_len,
secondary_errmsg,
secondary_errmsg_len);
struct utsname osinfo;
#endif
+#ifdef _WIN32
+ /*
+ * Initialize our DLL search path. MUST be called before LoadLibrary
+ * or g_module_open.
+ */
+ ws_init_dll_search_path();
+#endif
+
#ifdef HAVE_PCAP_REMOTE
#define OPTSTRING_A "A:"
#define OPTSTRING_r "r"
"Secondary Error: %s", secondary_error_msg);
sync_pipe_errmsg_to_parent(2, error_msg, secondary_error_msg);
} else {
- fprintf(stderr, "%s\n%s\n", error_msg, secondary_error_msg);
+ fprintf(stderr, "%s\n", error_msg);
+ if (secondary_error_msg[0] != '\0')
+ fprintf(stderr, "%s\n", secondary_error_msg);
}
}