2016-07-17 02:29:35 +00:00
|
|
|
/* editcap.c
|
|
|
|
|
* Edit capture files. We can delete packets, adjust timestamps, or
|
2001-07-12 08:16:45 +00:00
|
|
|
* simply convert from one format to another format.
|
1999-12-04 21:42:56 +00:00
|
|
|
*
|
1999-12-04 12:53:52 +00:00
|
|
|
* Originally written by Richard Sharpe.
|
|
|
|
|
* Improved by Guy Harris.
|
2000-01-17 20:21:40 +00:00
|
|
|
* Further improved by Richard Sharpe.
|
2013-01-14 15:25:49 +00:00
|
|
|
*
|
|
|
|
|
* Copyright 2013, Richard Sharpe <realrichardsharpe[AT]gmail.com>
|
|
|
|
|
*
|
|
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
|
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
|
*
|
2018-02-07 11:26:45 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
1999-12-04 12:53:52 +00:00
|
|
|
*/
|
|
|
|
|
|
2014-08-22 21:13:05 +00:00
|
|
|
#include <config.h>
|
2022-10-06 17:41:17 +00:00
|
|
|
#define WS_LOG_DOMAIN LOG_DOMAIN_MAIN
|
2000-04-12 21:52:11 +00:00
|
|
|
|
2012-02-24 05:17:46 +00:00
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <stdarg.h>
|
2019-07-14 16:51:40 +00:00
|
|
|
#include <math.h>
|
2021-11-09 14:46:47 +00:00
|
|
|
#include <stddef.h>
|
2012-02-24 05:17:46 +00:00
|
|
|
|
2007-01-16 19:13:09 +00:00
|
|
|
#include <time.h>
|
1999-12-04 12:53:52 +00:00
|
|
|
#include <glib.h>
|
2023-02-06 10:36:41 +00:00
|
|
|
#include <gcrypt.h>
|
2000-04-12 21:52:11 +00:00
|
|
|
|
|
|
|
|
#ifdef HAVE_UNISTD_H
|
1999-12-04 12:53:52 +00:00
|
|
|
#include <unistd.h>
|
2000-04-12 21:52:11 +00:00
|
|
|
#endif
|
|
|
|
|
|
2023-02-06 22:16:37 +00:00
|
|
|
#include <ws_exit_codes.h>
|
2021-07-26 16:22:36 +00:00
|
|
|
#include <wsutil/ws_getopt.h>
|
2014-07-03 04:50:54 +00:00
|
|
|
|
2018-11-17 21:43:14 +00:00
|
|
|
#include <wiretap/secrets-types.h>
|
2016-01-06 00:24:52 +00:00
|
|
|
#include <wiretap/wtap.h>
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2016-01-19 13:04:10 +00:00
|
|
|
#include "epan/etypes.h"
|
2018-07-24 18:43:31 +00:00
|
|
|
#include "epan/dissectors/packet-ieee80211-radiotap-defs.h"
|
2016-01-19 13:04:10 +00:00
|
|
|
|
2005-07-26 09:34:49 +00:00
|
|
|
#ifdef _WIN32
|
|
|
|
|
#include <process.h> /* getpid */
|
2008-10-24 00:42:09 +00:00
|
|
|
#include <winsock2.h>
|
|
|
|
|
#endif
|
2005-07-26 09:34:49 +00:00
|
|
|
|
2023-02-06 22:50:32 +00:00
|
|
|
#include <wsutil/clopts_common.h>
|
2023-02-06 22:46:45 +00:00
|
|
|
#include <wsutil/cmdarg_err.h>
|
2013-11-17 02:55:14 +00:00
|
|
|
#include <wsutil/filesystem.h>
|
2016-04-11 18:31:17 +00:00
|
|
|
#include <wsutil/file_util.h>
|
2013-12-02 08:30:29 +00:00
|
|
|
#include <wsutil/plugins.h>
|
2015-02-20 00:05:49 +00:00
|
|
|
#include <wsutil/privileges.h>
|
2017-04-08 19:45:19 +00:00
|
|
|
#include <wsutil/report_message.h>
|
2015-02-20 00:05:49 +00:00
|
|
|
#include <wsutil/strnatcmp.h>
|
2015-11-04 08:45:54 +00:00
|
|
|
#include <wsutil/str_util.h>
|
2018-12-12 10:53:08 +00:00
|
|
|
#include <cli_main.h>
|
2023-02-06 21:57:51 +00:00
|
|
|
#include <wsutil/version_info.h>
|
2016-03-06 17:23:32 +00:00
|
|
|
#include <wsutil/pint.h>
|
2016-09-05 13:50:38 +00:00
|
|
|
#include <wsutil/strtoi.h>
|
2021-06-18 18:21:42 +00:00
|
|
|
#include <wsutil/ws_assert.h>
|
2021-06-19 18:44:58 +00:00
|
|
|
#include <wsutil/wslog.h>
|
2016-01-26 01:17:21 +00:00
|
|
|
#include <wiretap/wtap_opttypes.h>
|
2006-07-27 17:53:29 +00:00
|
|
|
|
2017-04-20 02:21:11 +00:00
|
|
|
#include "ui/failure_message.h"
|
|
|
|
|
|
2012-10-15 08:40:43 +00:00
|
|
|
#include "ringbuffer.h" /* For RINGBUFFER_MAX_NUM_FILES */
|
|
|
|
|
|
2021-04-13 08:23:21 +00:00
|
|
|
/* Additional exit codes */
|
2017-02-20 14:30:27 +00:00
|
|
|
#define CANT_EXTRACT_PREFIX 2
|
2021-04-13 08:23:21 +00:00
|
|
|
#define WRITE_ERROR 2
|
|
|
|
|
#define DUMP_ERROR 2
|
|
|
|
|
|
2019-07-14 16:51:40 +00:00
|
|
|
#define NANOSECS_PER_SEC 1000000000
|
2017-02-04 15:26:34 +00:00
|
|
|
|
1999-12-04 12:53:52 +00:00
|
|
|
/*
|
|
|
|
|
* Some globals so we can pass things to various routines
|
|
|
|
|
*/
|
|
|
|
|
|
2000-01-17 08:06:03 +00:00
|
|
|
struct select_item {
|
2016-01-14 14:52:27 +00:00
|
|
|
gboolean inclusive;
|
|
|
|
|
guint first, second;
|
2002-03-14 04:32:35 +00:00
|
|
|
};
|
2000-01-17 08:06:03 +00:00
|
|
|
|
2006-07-27 17:53:29 +00:00
|
|
|
/*
|
|
|
|
|
* Duplicate frame detection
|
|
|
|
|
*/
|
|
|
|
|
typedef struct _fd_hash_t {
|
2017-02-13 18:31:26 +00:00
|
|
|
guint8 digest[16];
|
2014-01-03 14:30:09 +00:00
|
|
|
guint32 len;
|
2015-09-28 13:11:44 +00:00
|
|
|
nstime_t frame_time;
|
2006-07-27 17:53:29 +00:00
|
|
|
} fd_hash_t;
|
|
|
|
|
|
2014-01-03 14:30:09 +00:00
|
|
|
#define DEFAULT_DUP_DEPTH 5 /* Used with -d */
|
|
|
|
|
#define MAX_DUP_DEPTH 1000000 /* the maximum window (and actual size of fd_hash[]) for de-duplication */
|
2009-04-17 15:21:46 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
static fd_hash_t fd_hash[MAX_DUP_DEPTH];
|
2014-01-03 14:30:09 +00:00
|
|
|
static int dup_window = DEFAULT_DUP_DEPTH;
|
|
|
|
|
static int cur_dup_entry = 0;
|
2006-07-27 17:53:29 +00:00
|
|
|
|
2016-09-05 13:50:38 +00:00
|
|
|
static guint32 ignored_bytes = 0; /* Used with -I */
|
2014-09-14 01:01:05 +00:00
|
|
|
|
2009-04-17 15:21:46 +00:00
|
|
|
#define ONE_BILLION 1000000000
|
2001-07-12 08:16:45 +00:00
|
|
|
|
2005-04-10 23:12:48 +00:00
|
|
|
/* Weights of different errors we can introduce */
|
|
|
|
|
/* We should probably make these command-line arguments */
|
|
|
|
|
/* XXX - Should we add a bit-level error? */
|
2013-09-09 06:26:42 +00:00
|
|
|
#define ERR_WT_BIT 5 /* Flip a random bit */
|
|
|
|
|
#define ERR_WT_BYTE 5 /* Substitute a random byte */
|
|
|
|
|
#define ERR_WT_ALNUM 5 /* Substitute a random character in [A-Za-z0-9] */
|
|
|
|
|
#define ERR_WT_FMT 2 /* Substitute "%s" */
|
|
|
|
|
#define ERR_WT_AA 1 /* Fill the remainder of the buffer with 0xAA */
|
|
|
|
|
#define ERR_WT_TOTAL (ERR_WT_BIT + ERR_WT_BYTE + ERR_WT_ALNUM + ERR_WT_FMT + ERR_WT_AA)
|
2005-04-10 23:12:48 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
#define ALNUM_CHARS "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
|
|
|
|
|
#define ALNUM_LEN (sizeof(ALNUM_CHARS) - 1)
|
2005-04-10 23:12:48 +00:00
|
|
|
|
2001-07-12 08:16:45 +00:00
|
|
|
struct time_adjustment {
|
2014-09-28 23:41:43 +00:00
|
|
|
nstime_t tv;
|
2013-09-09 06:26:42 +00:00
|
|
|
int is_negative;
|
2001-07-12 08:16:45 +00:00
|
|
|
};
|
|
|
|
|
|
2013-09-09 19:39:45 +00:00
|
|
|
typedef struct _chop_t {
|
|
|
|
|
int len_begin;
|
|
|
|
|
int off_begin_pos;
|
|
|
|
|
int off_begin_neg;
|
|
|
|
|
int len_end;
|
|
|
|
|
int off_end_pos;
|
|
|
|
|
int off_end_neg;
|
|
|
|
|
} chop_t;
|
|
|
|
|
|
2015-06-25 22:36:54 +00:00
|
|
|
|
|
|
|
|
/* Table of user comments */
|
|
|
|
|
GTree *frames_user_comments = NULL;
|
2020-08-06 13:30:38 +00:00
|
|
|
GPtrArray *capture_comments = NULL;
|
2015-06-25 22:36:54 +00:00
|
|
|
|
2014-01-03 14:30:09 +00:00
|
|
|
#define MAX_SELECTIONS 512
|
|
|
|
|
static struct select_item selectfrm[MAX_SELECTIONS];
|
2016-01-14 14:52:27 +00:00
|
|
|
static guint max_selected = 0;
|
2020-12-23 23:49:07 +00:00
|
|
|
static gboolean keep_em = FALSE;
|
2021-02-23 09:18:31 +00:00
|
|
|
static int out_file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_UNKNOWN;
|
2014-01-03 14:30:09 +00:00
|
|
|
static int out_frame_type = -2; /* Leave frame type alone */
|
2020-12-24 01:55:20 +00:00
|
|
|
static gboolean verbose = FALSE; /* Not so verbose */
|
2018-06-28 03:39:15 +00:00
|
|
|
static struct time_adjustment time_adj = {NSTIME_INIT_ZERO, 0}; /* no adjustment */
|
|
|
|
|
static nstime_t relative_time_window = NSTIME_INIT_ZERO; /* de-dup time window */
|
2018-08-22 08:17:02 +00:00
|
|
|
static double err_prob = -1.0;
|
2020-08-05 17:20:07 +00:00
|
|
|
static nstime_t starttime = NSTIME_INIT_ZERO;
|
2020-08-06 10:09:15 +00:00
|
|
|
static gboolean have_starttime = FALSE;
|
2020-08-05 17:20:07 +00:00
|
|
|
static nstime_t stoptime = NSTIME_INIT_ZERO;
|
2020-08-06 10:09:15 +00:00
|
|
|
static gboolean have_stoptime = FALSE;
|
2014-01-03 14:30:09 +00:00
|
|
|
static gboolean check_startstop = FALSE;
|
2016-01-19 13:04:10 +00:00
|
|
|
static gboolean rem_vlan = FALSE;
|
2014-01-03 14:30:09 +00:00
|
|
|
static gboolean dup_detect = FALSE;
|
|
|
|
|
static gboolean dup_detect_by_time = FALSE;
|
2018-07-24 18:43:31 +00:00
|
|
|
static gboolean skip_radiotap = FALSE;
|
2019-05-11 03:59:53 +00:00
|
|
|
static gboolean discard_all_secrets = FALSE;
|
2020-08-06 13:30:38 +00:00
|
|
|
static gboolean discard_cap_comments = FALSE;
|
2021-11-02 15:04:46 +00:00
|
|
|
static gboolean set_unused = FALSE;
|
2014-01-03 14:30:09 +00:00
|
|
|
|
|
|
|
|
static int do_strict_time_adjustment = FALSE;
|
2018-06-28 03:39:15 +00:00
|
|
|
static struct time_adjustment strict_time_adj = {NSTIME_INIT_ZERO, 0}; /* strict time adjustment */
|
|
|
|
|
static nstime_t previous_time = NSTIME_INIT_ZERO; /* previous time */
|
2010-06-02 00:30:25 +00:00
|
|
|
|
2018-11-17 21:43:14 +00:00
|
|
|
static const struct {
|
|
|
|
|
const char *str;
|
|
|
|
|
guint32 id;
|
|
|
|
|
} secrets_types[] = {
|
2019-05-21 17:06:49 +00:00
|
|
|
{ "tls", SECRETS_TYPE_TLS },
|
2021-12-04 13:55:17 +00:00
|
|
|
{ "ssh", SECRETS_TYPE_SSH },
|
2019-05-21 17:06:49 +00:00
|
|
|
{ "wg", SECRETS_TYPE_WIREGUARD },
|
2018-11-17 21:43:14 +00:00
|
|
|
};
|
|
|
|
|
|
2008-02-20 14:13:15 +00:00
|
|
|
static int find_dct2000_real_data(guint8 *buf);
|
2018-02-09 00:19:12 +00:00
|
|
|
static void handle_chopping(chop_t chop, wtap_packet_header *out_phdr,
|
|
|
|
|
const wtap_packet_header *in_phdr, guint8 **buf,
|
2013-09-09 19:39:45 +00:00
|
|
|
gboolean adjlen);
|
2008-02-20 14:13:15 +00:00
|
|
|
|
2009-05-23 07:59:23 +00:00
|
|
|
static gchar *
|
2013-11-09 10:38:02 +00:00
|
|
|
abs_time_to_str_with_sec_resolution(const nstime_t *abs_time)
|
2009-05-23 07:59:23 +00:00
|
|
|
{
|
|
|
|
|
struct tm *tmp;
|
2014-01-03 14:30:09 +00:00
|
|
|
gchar *buf = (gchar *)g_malloc(16);
|
2010-05-28 20:19:55 +00:00
|
|
|
|
2014-01-26 12:56:32 +00:00
|
|
|
tmp = localtime(&abs_time->secs);
|
2013-09-09 06:26:42 +00:00
|
|
|
|
2009-05-23 07:59:23 +00:00
|
|
|
if (tmp) {
|
2021-12-17 20:05:19 +00:00
|
|
|
snprintf(buf, 16, "%d%02d%02d%02d%02d%02d",
|
2009-05-23 07:59:23 +00:00
|
|
|
tmp->tm_year + 1900,
|
|
|
|
|
tmp->tm_mon+1,
|
|
|
|
|
tmp->tm_mday,
|
|
|
|
|
tmp->tm_hour,
|
|
|
|
|
tmp->tm_min,
|
|
|
|
|
tmp->tm_sec);
|
2013-09-09 06:26:42 +00:00
|
|
|
} else {
|
2011-04-12 18:43:44 +00:00
|
|
|
buf[0] = '\0';
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2009-05-23 07:59:23 +00:00
|
|
|
|
|
|
|
|
return buf;
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-03 14:30:09 +00:00
|
|
|
static gchar *
|
2018-02-09 00:19:12 +00:00
|
|
|
fileset_get_filename_by_pattern(guint idx, const wtap_rec *rec,
|
2010-11-01 14:33:14 +00:00
|
|
|
gchar *fprefix, gchar *fsuffix)
|
2009-05-23 07:59:23 +00:00
|
|
|
{
|
2014-01-03 14:30:09 +00:00
|
|
|
gchar filenum[5+1];
|
2009-05-23 07:59:23 +00:00
|
|
|
gchar *timestr;
|
|
|
|
|
gchar *abs_str;
|
|
|
|
|
|
2021-12-17 20:05:19 +00:00
|
|
|
snprintf(filenum, sizeof(filenum), "%05u", idx % RINGBUFFER_MAX_NUM_FILES);
|
2018-02-09 00:19:12 +00:00
|
|
|
if (rec->presence_flags & WTAP_HAS_TS) {
|
|
|
|
|
timestr = abs_time_to_str_with_sec_resolution(&rec->ts);
|
2014-05-23 21:03:42 +00:00
|
|
|
abs_str = g_strconcat(fprefix, "_", filenum, "_", timestr, fsuffix, NULL);
|
|
|
|
|
g_free(timestr);
|
|
|
|
|
} else
|
|
|
|
|
abs_str = g_strconcat(fprefix, "_", filenum, fsuffix, NULL);
|
2009-05-23 07:59:23 +00:00
|
|
|
|
|
|
|
|
return abs_str;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static gboolean
|
|
|
|
|
fileset_extract_prefix_suffix(const char *fname, gchar **fprefix, gchar **fsuffix)
|
|
|
|
|
{
|
|
|
|
|
char *pfx, *last_pathsep;
|
|
|
|
|
gchar *save_file;
|
|
|
|
|
|
|
|
|
|
save_file = g_strdup(fname);
|
2009-05-23 20:29:12 +00:00
|
|
|
if (save_file == NULL) {
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(stderr, "editcap: Out of memory\n");
|
|
|
|
|
return FALSE;
|
2009-05-23 20:29:12 +00:00
|
|
|
}
|
2009-05-23 07:59:23 +00:00
|
|
|
|
|
|
|
|
last_pathsep = strrchr(save_file, G_DIR_SEPARATOR);
|
|
|
|
|
pfx = strrchr(save_file,'.');
|
|
|
|
|
if (pfx != NULL && (last_pathsep == NULL || pfx > last_pathsep)) {
|
2013-09-09 06:26:42 +00:00
|
|
|
/* The pathname has a "." in it, and it's in the last component
|
|
|
|
|
* of the pathname (because there is either only one component,
|
|
|
|
|
* i.e. last_pathsep is null as there are no path separators,
|
|
|
|
|
* or the "." is after the path separator before the last
|
|
|
|
|
* component.
|
|
|
|
|
|
|
|
|
|
* Treat it as a separator between the rest of the file name and
|
|
|
|
|
* the file name suffix, and arrange that the names given to the
|
|
|
|
|
* ring buffer files have the specified suffix, i.e. put the
|
|
|
|
|
* changing part of the name *before* the suffix. */
|
|
|
|
|
pfx[0] = '\0';
|
|
|
|
|
*fprefix = g_strdup(save_file);
|
|
|
|
|
pfx[0] = '.'; /* restore capfile_name */
|
|
|
|
|
*fsuffix = g_strdup(pfx);
|
2009-05-23 07:59:23 +00:00
|
|
|
} else {
|
2013-09-09 06:26:42 +00:00
|
|
|
/* Either there's no "." in the pathname, or it's in a directory
|
|
|
|
|
* component, so the last component has no suffix. */
|
|
|
|
|
*fprefix = g_strdup(save_file);
|
|
|
|
|
*fsuffix = NULL;
|
2009-05-23 07:59:23 +00:00
|
|
|
}
|
|
|
|
|
g_free(save_file);
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
2000-01-17 08:06:03 +00:00
|
|
|
/* Add a selection item, a simple parser for now */
|
2007-06-20 20:02:52 +00:00
|
|
|
static gboolean
|
2016-01-14 14:52:27 +00:00
|
|
|
add_selection(char *sel, guint* max_selection)
|
2000-01-17 08:06:03 +00:00
|
|
|
{
|
2013-09-09 06:26:42 +00:00
|
|
|
char *locn;
|
|
|
|
|
char *next;
|
2000-01-17 08:06:03 +00:00
|
|
|
|
2016-01-14 14:52:27 +00:00
|
|
|
if (max_selected >= MAX_SELECTIONS) {
|
2013-09-09 06:26:42 +00:00
|
|
|
/* Let the user know we stopped selecting */
|
2017-02-19 18:58:47 +00:00
|
|
|
fprintf(stderr, "Out of room for packet selections.\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
return(FALSE);
|
|
|
|
|
}
|
2000-01-17 08:06:03 +00:00
|
|
|
|
2013-10-29 08:34:35 +00:00
|
|
|
if (verbose)
|
|
|
|
|
fprintf(stderr, "Add_Selected: %s\n", sel);
|
2000-01-17 08:06:03 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
if ((locn = strchr(sel, '-')) == NULL) { /* No dash, so a single number? */
|
2013-10-29 08:34:35 +00:00
|
|
|
if (verbose)
|
|
|
|
|
fprintf(stderr, "Not inclusive ...");
|
2000-01-17 08:06:03 +00:00
|
|
|
|
2016-01-14 14:52:27 +00:00
|
|
|
selectfrm[max_selected].inclusive = FALSE;
|
2016-09-08 18:26:45 +00:00
|
|
|
selectfrm[max_selected].first = get_guint32(sel, "packet number");
|
2016-06-20 20:29:49 +00:00
|
|
|
if (selectfrm[max_selected].first > *max_selection)
|
2016-01-14 14:52:27 +00:00
|
|
|
*max_selection = selectfrm[max_selected].first;
|
2000-01-17 08:06:03 +00:00
|
|
|
|
2013-10-29 08:34:35 +00:00
|
|
|
if (verbose)
|
2016-07-17 02:29:35 +00:00
|
|
|
fprintf(stderr, " %u\n", selectfrm[max_selected].first);
|
2013-09-09 06:26:42 +00:00
|
|
|
} else {
|
2013-10-29 08:34:35 +00:00
|
|
|
if (verbose)
|
|
|
|
|
fprintf(stderr, "Inclusive ...");
|
2000-01-17 08:06:03 +00:00
|
|
|
|
2017-04-15 00:44:04 +00:00
|
|
|
*locn = '\0'; /* split the range */
|
2013-09-09 06:26:42 +00:00
|
|
|
next = locn + 1;
|
2016-01-14 14:52:27 +00:00
|
|
|
selectfrm[max_selected].inclusive = TRUE;
|
2016-09-08 18:26:45 +00:00
|
|
|
selectfrm[max_selected].first = get_guint32(sel, "beginning of packet range");
|
2016-09-09 08:34:13 +00:00
|
|
|
selectfrm[max_selected].second = get_guint32(next, "end of packet range");
|
2016-01-14 14:52:27 +00:00
|
|
|
|
|
|
|
|
if (selectfrm[max_selected].second == 0)
|
|
|
|
|
{
|
|
|
|
|
/* Not a valid number, presume all */
|
|
|
|
|
selectfrm[max_selected].second = *max_selection = G_MAXUINT;
|
|
|
|
|
}
|
2016-06-20 20:29:49 +00:00
|
|
|
else if (selectfrm[max_selected].second > *max_selection)
|
2016-01-14 14:52:27 +00:00
|
|
|
*max_selection = selectfrm[max_selected].second;
|
2000-01-17 08:06:03 +00:00
|
|
|
|
2013-10-29 08:34:35 +00:00
|
|
|
if (verbose)
|
2016-07-17 02:29:35 +00:00
|
|
|
fprintf(stderr, " %u, %u\n", selectfrm[max_selected].first,
|
2013-10-29 08:34:35 +00:00
|
|
|
selectfrm[max_selected].second);
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2000-01-17 08:06:03 +00:00
|
|
|
|
2016-01-14 14:52:27 +00:00
|
|
|
max_selected++;
|
2013-09-09 06:26:42 +00:00
|
|
|
return(TRUE);
|
2000-01-17 08:06:03 +00:00
|
|
|
}
|
|
|
|
|
|
2006-01-09 21:14:32 +00:00
|
|
|
/* Was the packet selected? */
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2020-12-24 07:09:19 +00:00
|
|
|
static gboolean
|
2016-01-14 14:52:27 +00:00
|
|
|
selected(guint recno)
|
1999-12-04 12:53:52 +00:00
|
|
|
{
|
2016-01-14 14:52:27 +00:00
|
|
|
guint i;
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2016-01-14 14:52:27 +00:00
|
|
|
for (i = 0; i < max_selected; i++) {
|
2013-09-09 06:26:42 +00:00
|
|
|
if (selectfrm[i].inclusive) {
|
|
|
|
|
if (selectfrm[i].first <= recno && selectfrm[i].second >= recno)
|
2020-12-24 07:09:19 +00:00
|
|
|
return TRUE;
|
2013-09-09 06:26:42 +00:00
|
|
|
} else {
|
|
|
|
|
if (recno == selectfrm[i].first)
|
2020-12-24 07:09:19 +00:00
|
|
|
return TRUE;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2000-01-17 08:06:03 +00:00
|
|
|
}
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2020-12-24 07:09:19 +00:00
|
|
|
return FALSE;
|
1999-12-04 12:53:52 +00:00
|
|
|
}
|
|
|
|
|
|
2017-02-04 15:26:34 +00:00
|
|
|
static gboolean
|
2010-01-29 16:09:25 +00:00
|
|
|
set_time_adjustment(char *optarg_str_p)
|
2001-07-12 08:16:45 +00:00
|
|
|
{
|
2014-01-03 14:30:09 +00:00
|
|
|
char *frac, *end;
|
|
|
|
|
long val;
|
|
|
|
|
size_t frac_digits;
|
2013-09-09 06:26:42 +00:00
|
|
|
|
|
|
|
|
if (!optarg_str_p)
|
2017-02-04 15:26:34 +00:00
|
|
|
return TRUE;
|
2013-09-09 06:26:42 +00:00
|
|
|
|
|
|
|
|
/* skip leading whitespace */
|
|
|
|
|
while (*optarg_str_p == ' ' || *optarg_str_p == '\t')
|
|
|
|
|
optarg_str_p++;
|
|
|
|
|
|
|
|
|
|
/* check for a negative adjustment */
|
|
|
|
|
if (*optarg_str_p == '-') {
|
|
|
|
|
time_adj.is_negative = 1;
|
|
|
|
|
optarg_str_p++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* collect whole number of seconds, if any */
|
|
|
|
|
if (*optarg_str_p == '.') { /* only fractional (i.e., .5 is ok) */
|
|
|
|
|
val = 0;
|
|
|
|
|
frac = optarg_str_p;
|
|
|
|
|
} else {
|
|
|
|
|
val = strtol(optarg_str_p, &frac, 10);
|
|
|
|
|
if (frac == NULL || frac == optarg_str_p
|
|
|
|
|
|| val == LONG_MIN || val == LONG_MAX) {
|
|
|
|
|
fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
|
|
|
|
|
optarg_str_p);
|
2017-02-04 15:26:34 +00:00
|
|
|
return FALSE;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
if (val < 0) { /* implies '--' since we caught '-' above */
|
|
|
|
|
fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
|
|
|
|
|
optarg_str_p);
|
2017-02-04 15:26:34 +00:00
|
|
|
return FALSE;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2009-10-25 20:18:24 +00:00
|
|
|
}
|
2014-09-28 23:41:43 +00:00
|
|
|
time_adj.tv.secs = val;
|
2013-09-09 06:26:42 +00:00
|
|
|
|
|
|
|
|
/* now collect the partial seconds, if any */
|
|
|
|
|
if (*frac != '\0') { /* chars left, so get fractional part */
|
|
|
|
|
val = strtol(&(frac[1]), &end, 10);
|
2014-09-28 23:41:43 +00:00
|
|
|
/* if more than 9 fractional digits truncate to 9 */
|
|
|
|
|
if ((end - &(frac[1])) > 9) {
|
|
|
|
|
frac[10] = 't'; /* 't' for truncate */
|
2013-09-09 06:26:42 +00:00
|
|
|
val = strtol(&(frac[1]), &end, 10);
|
|
|
|
|
}
|
|
|
|
|
if (*frac != '.' || end == NULL || end == frac || val < 0
|
2018-06-22 08:04:27 +00:00
|
|
|
|| val >= ONE_BILLION || val == LONG_MIN || val == LONG_MAX) {
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
|
|
|
|
|
optarg_str_p);
|
2017-02-04 15:26:34 +00:00
|
|
|
return FALSE;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
2017-02-04 15:26:34 +00:00
|
|
|
return TRUE; /* no fractional digits */
|
2001-07-12 08:16:45 +00:00
|
|
|
}
|
2013-09-09 06:26:42 +00:00
|
|
|
|
|
|
|
|
/* adjust fractional portion from fractional to numerator
|
2014-09-28 23:41:43 +00:00
|
|
|
* e.g., in "1.5" from 5 to 500000000 since .5*10^9 = 500000000 */
|
2016-03-08 22:13:45 +00:00
|
|
|
frac_digits = end - frac - 1; /* fractional digit count (remember '.') */
|
|
|
|
|
while(frac_digits < 9) { /* this is frac of 10^9 */
|
|
|
|
|
val *= 10;
|
|
|
|
|
frac_digits++;
|
2001-07-12 08:16:45 +00:00
|
|
|
}
|
2016-03-08 22:13:45 +00:00
|
|
|
|
2014-09-28 23:41:43 +00:00
|
|
|
time_adj.tv.nsecs = (int)val;
|
2017-02-04 15:26:34 +00:00
|
|
|
return TRUE;
|
2001-07-12 08:16:45 +00:00
|
|
|
}
|
|
|
|
|
|
2017-02-04 15:26:34 +00:00
|
|
|
static gboolean
|
2010-06-03 19:14:18 +00:00
|
|
|
set_strict_time_adj(char *optarg_str_p)
|
2010-06-02 00:30:25 +00:00
|
|
|
{
|
2014-01-03 14:30:09 +00:00
|
|
|
char *frac, *end;
|
|
|
|
|
long val;
|
|
|
|
|
size_t frac_digits;
|
2013-09-09 06:26:42 +00:00
|
|
|
|
|
|
|
|
if (!optarg_str_p)
|
2017-02-04 15:26:34 +00:00
|
|
|
return TRUE;
|
2013-09-09 06:26:42 +00:00
|
|
|
|
|
|
|
|
/* skip leading whitespace */
|
|
|
|
|
while (*optarg_str_p == ' ' || *optarg_str_p == '\t')
|
|
|
|
|
optarg_str_p++;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* check for a negative adjustment
|
|
|
|
|
* A negative strict adjustment value is a flag
|
|
|
|
|
* to adjust all frames by the specifed delta time.
|
|
|
|
|
*/
|
|
|
|
|
if (*optarg_str_p == '-') {
|
|
|
|
|
strict_time_adj.is_negative = 1;
|
|
|
|
|
optarg_str_p++;
|
|
|
|
|
}
|
2010-06-02 00:30:25 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
/* collect whole number of seconds, if any */
|
|
|
|
|
if (*optarg_str_p == '.') { /* only fractional (i.e., .5 is ok) */
|
|
|
|
|
val = 0;
|
|
|
|
|
frac = optarg_str_p;
|
|
|
|
|
} else {
|
|
|
|
|
val = strtol(optarg_str_p, &frac, 10);
|
|
|
|
|
if (frac == NULL || frac == optarg_str_p
|
|
|
|
|
|| val == LONG_MIN || val == LONG_MAX) {
|
|
|
|
|
fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
|
|
|
|
|
optarg_str_p);
|
2017-02-04 15:26:34 +00:00
|
|
|
return FALSE;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
if (val < 0) { /* implies '--' since we caught '-' above */
|
|
|
|
|
fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
|
|
|
|
|
optarg_str_p);
|
2017-02-04 15:26:34 +00:00
|
|
|
return FALSE;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
}
|
2014-09-28 23:41:43 +00:00
|
|
|
strict_time_adj.tv.secs = val;
|
2010-06-02 00:30:25 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
/* now collect the partial seconds, if any */
|
|
|
|
|
if (*frac != '\0') { /* chars left, so get fractional part */
|
2010-06-02 00:30:25 +00:00
|
|
|
val = strtol(&(frac[1]), &end, 10);
|
2014-09-28 23:41:43 +00:00
|
|
|
/* if more than 9 fractional digits truncate to 9 */
|
|
|
|
|
if ((end - &(frac[1])) > 9) {
|
|
|
|
|
frac[10] = 't'; /* 't' for truncate */
|
2013-09-09 06:26:42 +00:00
|
|
|
val = strtol(&(frac[1]), &end, 10);
|
|
|
|
|
}
|
|
|
|
|
if (*frac != '.' || end == NULL || end == frac || val < 0
|
2018-06-22 08:04:27 +00:00
|
|
|
|| val >= ONE_BILLION || val == LONG_MIN || val == LONG_MAX) {
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
|
|
|
|
|
optarg_str_p);
|
2017-02-04 15:26:34 +00:00
|
|
|
return FALSE;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
2017-02-04 15:26:34 +00:00
|
|
|
return TRUE; /* no fractional digits */
|
2010-06-02 00:30:25 +00:00
|
|
|
}
|
2013-09-09 06:26:42 +00:00
|
|
|
|
|
|
|
|
/* adjust fractional portion from fractional to numerator
|
2014-09-28 23:41:43 +00:00
|
|
|
* e.g., in "1.5" from 5 to 500000000 since .5*10^9 = 500000000 */
|
2016-03-08 22:13:45 +00:00
|
|
|
frac_digits = end - frac - 1; /* fractional digit count (remember '.') */
|
|
|
|
|
while(frac_digits < 9) { /* this is frac of 10^9 */
|
|
|
|
|
val *= 10;
|
|
|
|
|
frac_digits++;
|
2010-06-02 00:30:25 +00:00
|
|
|
}
|
2016-03-08 22:13:45 +00:00
|
|
|
|
2014-09-28 23:41:43 +00:00
|
|
|
strict_time_adj.tv.nsecs = (int)val;
|
2017-02-04 15:26:34 +00:00
|
|
|
return TRUE;
|
2010-06-02 00:30:25 +00:00
|
|
|
}
|
|
|
|
|
|
2017-02-04 15:26:34 +00:00
|
|
|
static gboolean
|
2010-01-29 16:09:25 +00:00
|
|
|
set_rel_time(char *optarg_str_p)
|
2009-04-17 15:21:46 +00:00
|
|
|
{
|
2014-01-03 14:30:09 +00:00
|
|
|
char *frac, *end;
|
|
|
|
|
long val;
|
|
|
|
|
size_t frac_digits;
|
2013-09-09 06:26:42 +00:00
|
|
|
|
|
|
|
|
if (!optarg_str_p)
|
2017-02-04 15:26:34 +00:00
|
|
|
return TRUE;
|
2013-09-09 06:26:42 +00:00
|
|
|
|
|
|
|
|
/* skip leading whitespace */
|
|
|
|
|
while (*optarg_str_p == ' ' || *optarg_str_p == '\t')
|
|
|
|
|
optarg_str_p++;
|
|
|
|
|
|
|
|
|
|
/* ignore negative adjustment */
|
|
|
|
|
if (*optarg_str_p == '-')
|
|
|
|
|
optarg_str_p++;
|
|
|
|
|
|
|
|
|
|
/* collect whole number of seconds, if any */
|
|
|
|
|
if (*optarg_str_p == '.') { /* only fractional (i.e., .5 is ok) */
|
|
|
|
|
val = 0;
|
|
|
|
|
frac = optarg_str_p;
|
|
|
|
|
} else {
|
|
|
|
|
val = strtol(optarg_str_p, &frac, 10);
|
|
|
|
|
if (frac == NULL || frac == optarg_str_p
|
|
|
|
|
|| val == LONG_MIN || val == LONG_MAX) {
|
|
|
|
|
fprintf(stderr, "1: editcap: \"%s\" isn't a valid rel time value\n",
|
|
|
|
|
optarg_str_p);
|
2017-02-04 15:26:34 +00:00
|
|
|
return FALSE;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
if (val < 0) { /* implies '--' since we caught '-' above */
|
|
|
|
|
fprintf(stderr, "2: editcap: \"%s\" isn't a valid rel time value\n",
|
|
|
|
|
optarg_str_p);
|
2017-02-04 15:26:34 +00:00
|
|
|
return FALSE;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2009-10-25 20:18:24 +00:00
|
|
|
}
|
2013-09-09 06:26:42 +00:00
|
|
|
relative_time_window.secs = val;
|
|
|
|
|
|
|
|
|
|
/* now collect the partial seconds, if any */
|
|
|
|
|
if (*frac != '\0') { /* chars left, so get fractional part */
|
|
|
|
|
val = strtol(&(frac[1]), &end, 10);
|
|
|
|
|
/* if more than 9 fractional digits truncate to 9 */
|
|
|
|
|
if ((end - &(frac[1])) > 9) {
|
|
|
|
|
frac[10] = 't'; /* 't' for truncate */
|
|
|
|
|
val = strtol(&(frac[1]), &end, 10);
|
|
|
|
|
}
|
|
|
|
|
if (*frac != '.' || end == NULL || end == frac || val < 0
|
2018-06-22 08:04:27 +00:00
|
|
|
|| val >= ONE_BILLION || val == LONG_MIN || val == LONG_MAX) {
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(stderr, "3: editcap: \"%s\" isn't a valid rel time value\n",
|
|
|
|
|
optarg_str_p);
|
2017-02-04 15:26:34 +00:00
|
|
|
return FALSE;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
2017-02-04 15:26:34 +00:00
|
|
|
return TRUE; /* no fractional digits */
|
2009-04-17 15:21:46 +00:00
|
|
|
}
|
2013-09-09 06:26:42 +00:00
|
|
|
|
|
|
|
|
/* adjust fractional portion from fractional to numerator
|
|
|
|
|
* e.g., in "1.5" from 5 to 500000000 since .5*10^9 = 500000000 */
|
2016-03-08 22:13:45 +00:00
|
|
|
frac_digits = end - frac - 1; /* fractional digit count (remember '.') */
|
|
|
|
|
while(frac_digits < 9) { /* this is frac of 10^9 */
|
|
|
|
|
val *= 10;
|
|
|
|
|
frac_digits++;
|
2009-04-17 15:21:46 +00:00
|
|
|
}
|
2016-03-08 22:13:45 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
relative_time_window.nsecs = (int)val;
|
2017-02-04 15:26:34 +00:00
|
|
|
return TRUE;
|
2009-04-17 15:21:46 +00:00
|
|
|
}
|
|
|
|
|
|
2021-11-09 14:46:47 +00:00
|
|
|
#define SLL_ADDRLEN 8 /* length of address field */
|
|
|
|
|
struct sll_header {
|
|
|
|
|
uint16_t sll_pkttype; /* packet type */
|
|
|
|
|
uint16_t sll_hatype; /* link-layer address type */
|
|
|
|
|
uint16_t sll_halen; /* link-layer address length */
|
|
|
|
|
uint8_t sll_addr[SLL_ADDRLEN]; /* link-layer address */
|
|
|
|
|
uint16_t sll_protocol; /* protocol */
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct sll2_header {
|
|
|
|
|
uint16_t sll2_protocol; /* protocol */
|
|
|
|
|
uint16_t sll2_reserved_mbz; /* reserved - must be zero */
|
|
|
|
|
uint32_t sll2_if_index; /* 1-based interface index */
|
|
|
|
|
uint16_t sll2_hatype; /* link-layer address type */
|
|
|
|
|
uint8_t sll2_pkttype; /* packet type */
|
|
|
|
|
uint8_t sll2_halen; /* link-layer address length */
|
|
|
|
|
uint8_t sll2_addr[SLL_ADDRLEN]; /* link-layer address */
|
|
|
|
|
};
|
|
|
|
|
|
2016-01-19 13:04:10 +00:00
|
|
|
#define VLAN_SIZE 4
|
|
|
|
|
static void
|
|
|
|
|
sll_remove_vlan_info(guint8* fd, guint32* len) {
|
2021-11-09 14:46:47 +00:00
|
|
|
if (pntoh16(fd + offsetof(struct sll_header, sll_protocol)) == ETHERTYPE_VLAN) {
|
2016-01-19 13:04:10 +00:00
|
|
|
int rest_len;
|
|
|
|
|
/* point to start of vlan */
|
2021-11-09 14:46:47 +00:00
|
|
|
fd = fd + offsetof(struct sll_header, sll_protocol);
|
2016-01-19 13:04:10 +00:00
|
|
|
/* bytes to read after vlan info */
|
2021-11-09 14:46:47 +00:00
|
|
|
rest_len = *len - (offsetof(struct sll_header, sll_protocol) + VLAN_SIZE);
|
2016-01-19 13:04:10 +00:00
|
|
|
/* remove vlan info from packet */
|
|
|
|
|
memmove(fd, fd + VLAN_SIZE, rest_len);
|
|
|
|
|
*len -= 4;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-11-09 14:46:47 +00:00
|
|
|
|
|
|
|
|
|
2021-11-02 15:04:46 +00:00
|
|
|
static void
|
|
|
|
|
sll_set_unused_info(guint8* fd) {
|
|
|
|
|
guint32 ha_len;
|
2021-11-09 14:46:47 +00:00
|
|
|
ha_len = pntoh16(fd + offsetof(struct sll_header, sll_halen));
|
2021-11-02 15:04:46 +00:00
|
|
|
|
|
|
|
|
if (ha_len < SLL_ADDRLEN) {
|
|
|
|
|
int unused;
|
|
|
|
|
unused = SLL_ADDRLEN - ha_len;
|
2021-11-09 14:46:47 +00:00
|
|
|
/* point to end of sll_ddr */
|
|
|
|
|
fd = fd + offsetof(struct sll_header, sll_addr) + ha_len;
|
2021-11-02 15:04:46 +00:00
|
|
|
/* set zeros in the unused data */
|
2021-11-09 14:46:47 +00:00
|
|
|
memset(fd, 0, unused);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
sll2_set_unused_info(guint8* fd) {
|
|
|
|
|
guint32 ha_len;
|
|
|
|
|
ha_len = *(fd + offsetof(struct sll2_header, sll2_halen));
|
|
|
|
|
|
|
|
|
|
if (ha_len < SLL_ADDRLEN) {
|
|
|
|
|
int unused;
|
|
|
|
|
unused = SLL_ADDRLEN - ha_len;
|
|
|
|
|
/* point to end of sll2_addr */
|
|
|
|
|
fd = fd + offsetof(struct sll2_header, sll2_addr) + ha_len;
|
|
|
|
|
/* set zeros in the unused data */
|
|
|
|
|
memset(fd, 0, unused);
|
2021-11-02 15:04:46 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-19 13:04:10 +00:00
|
|
|
static void
|
2018-02-09 00:19:12 +00:00
|
|
|
remove_vlan_info(const wtap_packet_header *phdr, guint8* fd, guint32* len) {
|
2016-01-19 13:04:10 +00:00
|
|
|
switch (phdr->pkt_encap) {
|
|
|
|
|
case WTAP_ENCAP_SLL:
|
|
|
|
|
sll_remove_vlan_info(fd, len);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
/* no support for current pkt_encap */
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-11-02 15:04:46 +00:00
|
|
|
static void
|
|
|
|
|
set_unused_info(const wtap_packet_header *phdr, guint8* fd) {
|
|
|
|
|
switch (phdr->pkt_encap) {
|
|
|
|
|
case WTAP_ENCAP_SLL:
|
|
|
|
|
sll_set_unused_info(fd);
|
|
|
|
|
break;
|
2021-11-09 14:46:47 +00:00
|
|
|
case WTAP_ENCAP_SLL2:
|
|
|
|
|
sll2_set_unused_info(fd);
|
|
|
|
|
break;
|
2021-11-02 15:04:46 +00:00
|
|
|
default:
|
|
|
|
|
/* no support for current pkt_encap */
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-27 17:53:29 +00:00
|
|
|
static gboolean
|
|
|
|
|
is_duplicate(guint8* fd, guint32 len) {
|
2013-09-09 06:26:42 +00:00
|
|
|
int i;
|
2018-07-24 18:43:31 +00:00
|
|
|
const struct ieee80211_radiotap_header* tap_header;
|
2006-07-27 17:53:29 +00:00
|
|
|
|
2014-09-14 01:01:05 +00:00
|
|
|
/*Hint to ignore some bytes at the start of the frame for the digest calculation(-I option) */
|
2017-02-07 22:35:50 +00:00
|
|
|
guint32 offset = ignored_bytes;
|
2014-09-14 01:01:05 +00:00
|
|
|
guint32 new_len;
|
|
|
|
|
guint8 *new_fd;
|
|
|
|
|
|
2017-02-07 22:35:50 +00:00
|
|
|
if (len <= ignored_bytes) {
|
|
|
|
|
offset = 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-07-24 18:43:31 +00:00
|
|
|
/* Get the size of radiotap header and use that as offset (-p option) */
|
|
|
|
|
if (skip_radiotap == TRUE) {
|
|
|
|
|
tap_header = (const struct ieee80211_radiotap_header*)fd;
|
|
|
|
|
offset = pletoh16(&tap_header->it_len);
|
|
|
|
|
if (offset >= len)
|
|
|
|
|
offset = 0;
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-07 22:35:50 +00:00
|
|
|
new_fd = &fd[offset];
|
|
|
|
|
new_len = len - (offset);
|
2014-09-14 01:01:05 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
cur_dup_entry++;
|
|
|
|
|
if (cur_dup_entry >= dup_window)
|
|
|
|
|
cur_dup_entry = 0;
|
2006-07-27 17:53:29 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
/* Calculate our digest */
|
2017-02-13 18:31:26 +00:00
|
|
|
gcry_md_hash_buffer(GCRY_MD_MD5, fd_hash[cur_dup_entry].digest, new_fd, new_len);
|
2006-07-27 17:53:29 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
fd_hash[cur_dup_entry].len = len;
|
2006-07-27 17:53:29 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
/* Look for duplicates */
|
|
|
|
|
for (i = 0; i < dup_window; i++) {
|
|
|
|
|
if (i == cur_dup_entry)
|
|
|
|
|
continue;
|
2006-07-27 17:53:29 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
if (fd_hash[i].len == fd_hash[cur_dup_entry].len
|
|
|
|
|
&& memcmp(fd_hash[i].digest, fd_hash[cur_dup_entry].digest, 16) == 0) {
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
2009-04-17 15:21:46 +00:00
|
|
|
}
|
|
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
return FALSE;
|
2009-04-17 15:21:46 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static gboolean
|
|
|
|
|
is_duplicate_rel_time(guint8* fd, guint32 len, const nstime_t *current) {
|
2013-09-09 06:26:42 +00:00
|
|
|
int i;
|
|
|
|
|
|
2014-09-14 01:01:05 +00:00
|
|
|
/*Hint to ignore some bytes at the start of the frame for the digest calculation(-I option) */
|
2017-02-07 22:35:50 +00:00
|
|
|
guint32 offset = ignored_bytes;
|
2014-09-14 01:01:05 +00:00
|
|
|
guint32 new_len;
|
|
|
|
|
guint8 *new_fd;
|
|
|
|
|
|
2017-02-07 22:35:50 +00:00
|
|
|
if (len <= ignored_bytes) {
|
|
|
|
|
offset = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
new_fd = &fd[offset];
|
|
|
|
|
new_len = len - (offset);
|
2014-09-14 01:01:05 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
cur_dup_entry++;
|
|
|
|
|
if (cur_dup_entry >= dup_window)
|
|
|
|
|
cur_dup_entry = 0;
|
|
|
|
|
|
|
|
|
|
/* Calculate our digest */
|
2017-02-13 18:31:26 +00:00
|
|
|
gcry_md_hash_buffer(GCRY_MD_MD5, fd_hash[cur_dup_entry].digest, new_fd, new_len);
|
2013-09-09 06:26:42 +00:00
|
|
|
|
|
|
|
|
fd_hash[cur_dup_entry].len = len;
|
2015-09-28 13:11:44 +00:00
|
|
|
fd_hash[cur_dup_entry].frame_time.secs = current->secs;
|
|
|
|
|
fd_hash[cur_dup_entry].frame_time.nsecs = current->nsecs;
|
2013-09-09 06:26:42 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Look for relative time related duplicates.
|
|
|
|
|
* This is hopefully a reasonably efficient mechanism for
|
|
|
|
|
* finding duplicates by rel time in the fd_hash[] cache.
|
|
|
|
|
* We check starting from the most recently added hash
|
|
|
|
|
* entries and work backwards towards older packets.
|
|
|
|
|
* This approach allows the dup test to be terminated
|
|
|
|
|
* when the relative time of a cached entry is found to
|
|
|
|
|
* be beyond the dup time window.
|
|
|
|
|
*
|
|
|
|
|
* Of course this assumes that the input trace file is
|
|
|
|
|
* "well-formed" in the sense that the packet timestamps are
|
|
|
|
|
* in strict chronologically increasing order (which is NOT
|
|
|
|
|
* always the case!!).
|
|
|
|
|
*
|
2013-12-23 15:53:13 +00:00
|
|
|
* The fd_hash[] table was deliberately created large (1,000,000).
|
2013-09-09 06:26:42 +00:00
|
|
|
* Looking for time related duplicates in large trace files with
|
|
|
|
|
* non-fractional dup time window values can potentially take
|
|
|
|
|
* a long time to complete.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
for (i = cur_dup_entry - 1;; i--) {
|
|
|
|
|
nstime_t delta;
|
|
|
|
|
int cmp;
|
|
|
|
|
|
|
|
|
|
if (i < 0)
|
|
|
|
|
i = dup_window - 1;
|
|
|
|
|
|
|
|
|
|
if (i == cur_dup_entry) {
|
|
|
|
|
/*
|
|
|
|
|
* We've decremented back to where we started.
|
|
|
|
|
* Check no more!
|
|
|
|
|
*/
|
|
|
|
|
break;
|
|
|
|
|
}
|
2009-04-17 15:21:46 +00:00
|
|
|
|
2015-09-28 13:11:44 +00:00
|
|
|
if (nstime_is_unset(&(fd_hash[i].frame_time))) {
|
2013-09-09 06:26:42 +00:00
|
|
|
/*
|
|
|
|
|
* We've decremented to an unused fd_hash[] entry.
|
|
|
|
|
* Check no more!
|
|
|
|
|
*/
|
|
|
|
|
break;
|
|
|
|
|
}
|
2009-04-17 15:21:46 +00:00
|
|
|
|
2015-09-28 13:11:44 +00:00
|
|
|
nstime_delta(&delta, current, &fd_hash[i].frame_time);
|
2009-04-17 15:21:46 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
if (delta.secs < 0 || delta.nsecs < 0) {
|
|
|
|
|
/*
|
|
|
|
|
* A negative delta implies that the current packet
|
|
|
|
|
* has an absolute timestamp less than the cached packet
|
|
|
|
|
* that it is being compared to. This is NOT a normal
|
|
|
|
|
* situation since trace files usually have packets in
|
|
|
|
|
* chronological order (oldest to newest).
|
|
|
|
|
*
|
|
|
|
|
* There are several possible ways to deal with this:
|
|
|
|
|
* 1. 'continue' dup checking with the next cached frame.
|
|
|
|
|
* 2. 'break' from looking for a duplicate of the current frame.
|
|
|
|
|
* 3. Take the absolute value of the delta and see if that
|
|
|
|
|
* falls within the specifed dup time window.
|
|
|
|
|
*
|
|
|
|
|
* Currently this code does option 1. But it would pretty
|
|
|
|
|
* easy to add yet-another-editcap-option to select one of
|
|
|
|
|
* the other behaviors for dealing with out-of-sequence
|
|
|
|
|
* packets.
|
|
|
|
|
*/
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2009-04-17 15:21:46 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
cmp = nstime_cmp(&delta, &relative_time_window);
|
2009-04-17 15:21:46 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
if (cmp > 0) {
|
|
|
|
|
/*
|
|
|
|
|
* The delta time indicates that we are now looking at
|
|
|
|
|
* cached packets beyond the specified dup time window.
|
|
|
|
|
* Check no more!
|
|
|
|
|
*/
|
|
|
|
|
break;
|
|
|
|
|
} else if (fd_hash[i].len == fd_hash[cur_dup_entry].len
|
|
|
|
|
&& memcmp(fd_hash[i].digest, fd_hash[cur_dup_entry].digest, 16) == 0) {
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
2006-07-27 17:53:29 +00:00
|
|
|
}
|
|
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
return FALSE;
|
2006-07-27 17:53:29 +00:00
|
|
|
}
|
|
|
|
|
|
2008-03-16 00:32:12 +00:00
|
|
|
static void
|
2014-07-03 08:45:32 +00:00
|
|
|
print_usage(FILE *output)
|
1999-12-04 12:53:52 +00:00
|
|
|
{
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, "\n");
|
|
|
|
|
fprintf(output, "Usage: editcap [options] ... <infile> <outfile> [ <packet#>[-<packet#>] ... ]\n");
|
|
|
|
|
fprintf(output, "\n");
|
2022-04-08 00:57:08 +00:00
|
|
|
fprintf(output, "<infile> and <outfile> must both be present; use '-' for stdin or stdout.\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, "A single packet or a range of packets can be selected.\n");
|
|
|
|
|
fprintf(output, "\n");
|
|
|
|
|
fprintf(output, "Packet selection:\n");
|
|
|
|
|
fprintf(output, " -r keep the selected packets; default is to delete them.\n");
|
2020-12-28 17:26:16 +00:00
|
|
|
fprintf(output, " -A <start time> only read packets whose timestamp is after (or equal\n");
|
2021-01-08 09:18:39 +00:00
|
|
|
fprintf(output, " to) the given time.\n");
|
2020-12-28 17:26:16 +00:00
|
|
|
fprintf(output, " -B <stop time> only read packets whose timestamp is before the\n");
|
2021-01-08 09:18:39 +00:00
|
|
|
fprintf(output, " given time.\n");
|
|
|
|
|
fprintf(output, " Time format for -A/-B options is\n");
|
|
|
|
|
fprintf(output, " YYYY-MM-DDThh:mm:ss[.nnnnnnnnn][Z|+-hh:mm]\n");
|
2020-11-02 21:51:36 +00:00
|
|
|
fprintf(output, " Unix epoch timestamps are also supported.\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, "\n");
|
|
|
|
|
fprintf(output, "Duplicate packet removal:\n");
|
2016-07-26 09:56:28 +00:00
|
|
|
fprintf(output, " --novlan remove vlan info from packets before checking for duplicates.\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, " -d remove packet if duplicate (window == %d).\n", DEFAULT_DUP_DEPTH);
|
2016-07-26 09:56:28 +00:00
|
|
|
fprintf(output, " -D <dup window> remove packet if duplicate; configurable <dup window>.\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, " Valid <dup window> values are 0 to %d.\n", MAX_DUP_DEPTH);
|
2022-06-15 02:05:10 +00:00
|
|
|
fprintf(output, " NOTE: A <dup window> of 0 with -V (verbose option) is\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, " useful to print MD5 hashes.\n");
|
|
|
|
|
fprintf(output, " -w <dup time window> remove packet if duplicate packet is found EQUAL TO OR\n");
|
|
|
|
|
fprintf(output, " LESS THAN <dup time window> prior to current packet.\n");
|
|
|
|
|
fprintf(output, " A <dup time window> is specified in relative seconds\n");
|
|
|
|
|
fprintf(output, " (e.g. 0.000001).\n");
|
|
|
|
|
fprintf(output, " NOTE: The use of the 'Duplicate packet removal' options with\n");
|
2022-06-15 02:05:10 +00:00
|
|
|
fprintf(output, " other editcap options except -V may not always work as expected.\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, " Specifically the -r, -t or -S options will very likely NOT have the\n");
|
|
|
|
|
fprintf(output, " desired effect if combined with the -d, -D or -w.\n");
|
2018-07-24 18:43:31 +00:00
|
|
|
fprintf(output, " --skip-radiotap-header skip radiotap header when checking for packet duplicates.\n");
|
|
|
|
|
fprintf(output, " Useful when processing packets captured by multiple radios\n");
|
|
|
|
|
fprintf(output, " on the same channel in the vicinity of each other.\n");
|
2021-11-02 15:04:46 +00:00
|
|
|
fprintf(output, " --set-unused set unused byts to zero in sll link addr.\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, "\n");
|
|
|
|
|
fprintf(output, "Packet manipulation:\n");
|
|
|
|
|
fprintf(output, " -s <snaplen> truncate each packet to max. <snaplen> bytes of data.\n");
|
|
|
|
|
fprintf(output, " -C [offset:]<choplen> chop each packet by <choplen> bytes. Positive values\n");
|
|
|
|
|
fprintf(output, " chop at the packet beginning, negative values at the\n");
|
|
|
|
|
fprintf(output, " packet end. If an optional offset precedes the length,\n");
|
|
|
|
|
fprintf(output, " then the bytes chopped will be offset from that value.\n");
|
|
|
|
|
fprintf(output, " Positive offsets are from the packet beginning,\n");
|
|
|
|
|
fprintf(output, " negative offsets are from the packet end. You can use\n");
|
2013-09-09 19:39:45 +00:00
|
|
|
fprintf(output, " this option more than once, allowing up to 2 chopping\n");
|
|
|
|
|
fprintf(output, " regions within a packet provided that at least 1\n");
|
|
|
|
|
fprintf(output, " choplen is positive and at least 1 is negative.\n");
|
2015-06-21 12:17:33 +00:00
|
|
|
fprintf(output, " -L adjust the frame (i.e. reported) length when chopping\n");
|
2016-07-26 09:56:28 +00:00
|
|
|
fprintf(output, " and/or snapping.\n");
|
|
|
|
|
fprintf(output, " -t <time adjustment> adjust the timestamp of each packet.\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, " <time adjustment> is in relative seconds (e.g. -0.5).\n");
|
2016-07-29 12:07:09 +00:00
|
|
|
fprintf(output, " -S <strict adjustment> adjust timestamp of packets if necessary to ensure\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, " strict chronological increasing order. The <strict\n");
|
|
|
|
|
fprintf(output, " adjustment> is specified in relative seconds with\n");
|
|
|
|
|
fprintf(output, " values of 0 or 0.000001 being the most reasonable.\n");
|
|
|
|
|
fprintf(output, " A negative adjustment value will modify timestamps so\n");
|
|
|
|
|
fprintf(output, " that each packet's delta time is the absolute value\n");
|
|
|
|
|
fprintf(output, " of the adjustment specified. A value of -0 will set\n");
|
|
|
|
|
fprintf(output, " all packets to the timestamp of the first packet.\n");
|
|
|
|
|
fprintf(output, " -E <error probability> set the probability (between 0.0 and 1.0 incl.) that\n");
|
|
|
|
|
fprintf(output, " a particular packet byte will be randomly changed.\n");
|
2016-01-16 11:22:38 +00:00
|
|
|
fprintf(output, " -o <change offset> When used in conjunction with -E, skip some bytes from the\n");
|
|
|
|
|
fprintf(output, " beginning of the packet. This allows one to preserve some\n");
|
2015-08-11 21:58:54 +00:00
|
|
|
fprintf(output, " bytes, in order to have some headers untouched.\n");
|
2018-08-22 08:17:02 +00:00
|
|
|
fprintf(output, " --seed <seed> When used in conjunction with -E, set the seed to use for\n");
|
|
|
|
|
fprintf(output, " the pseudo-random number generator. This allows one to\n");
|
|
|
|
|
fprintf(output, " repeat a particular sequence of errors.\n");
|
2018-06-26 23:09:41 +00:00
|
|
|
fprintf(output, " -I <bytes to ignore> ignore the specified number of bytes at the beginning\n");
|
|
|
|
|
fprintf(output, " of the frame during MD5 hash calculation, unless the\n");
|
|
|
|
|
fprintf(output, " frame is too short, then the full frame is used.\n");
|
|
|
|
|
fprintf(output, " Useful to remove duplicated packets taken on\n");
|
|
|
|
|
fprintf(output, " several routers (different mac addresses for\n");
|
|
|
|
|
fprintf(output, " example).\n");
|
|
|
|
|
fprintf(output, " e.g. -I 26 in case of Ether/IP will ignore\n");
|
|
|
|
|
fprintf(output, " ether(14) and IP header(20 - 4(src ip) - 4(dst ip)).\n");
|
|
|
|
|
fprintf(output, " -a <framenum>:<comment> Add or replace comment for given frame number\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, "\n");
|
|
|
|
|
fprintf(output, "Output File(s):\n");
|
|
|
|
|
fprintf(output, " -c <packets per file> split the packet output to different files based on\n");
|
|
|
|
|
fprintf(output, " uniform packet counts with a maximum of\n");
|
|
|
|
|
fprintf(output, " <packets per file> each.\n");
|
|
|
|
|
fprintf(output, " -i <seconds per file> split the packet output to different files based on\n");
|
|
|
|
|
fprintf(output, " uniform time intervals with a maximum of\n");
|
|
|
|
|
fprintf(output, " <seconds per file> each.\n");
|
2018-12-06 23:24:29 +00:00
|
|
|
fprintf(output, " -F <capture type> set the output file type; default is pcapng.\n");
|
|
|
|
|
fprintf(output, " An empty \"-F\" option will list the file types.\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, " -T <encap type> set the output file encapsulation type; default is the\n");
|
|
|
|
|
fprintf(output, " same as the input file. An empty \"-T\" option will\n");
|
|
|
|
|
fprintf(output, " list the encapsulation types.\n");
|
2019-01-21 22:09:56 +00:00
|
|
|
fprintf(output, " --inject-secrets <type>,<file> Insert decryption secrets from <file>. List\n");
|
|
|
|
|
fprintf(output, " supported secret types with \"--inject-secrets help\".\n");
|
2019-02-19 09:01:48 +00:00
|
|
|
fprintf(output, " --discard-all-secrets Discard all decryption secrets from the input file\n");
|
|
|
|
|
fprintf(output, " when writing the output file. Does not discard\n");
|
|
|
|
|
fprintf(output, " secrets added by \"--inject-secrets\" in the same\n");
|
|
|
|
|
fprintf(output, " command line.\n");
|
2020-08-06 13:30:38 +00:00
|
|
|
fprintf(output, " --capture-comment <comment>\n");
|
|
|
|
|
fprintf(output, " Add a capture file comment, if supported.\n");
|
|
|
|
|
fprintf(output, " --discard-capture-comment\n");
|
|
|
|
|
fprintf(output, " Discard capture file comments from the input file\n");
|
|
|
|
|
fprintf(output, " when writing the output file. Does not discard\n");
|
|
|
|
|
fprintf(output, " comments added by \"--capture-comment\" in the same\n");
|
|
|
|
|
fprintf(output, " command line.\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, "\n");
|
|
|
|
|
fprintf(output, "Miscellaneous:\n");
|
2022-06-15 02:05:10 +00:00
|
|
|
fprintf(output, " -h, --help display this help and exit.\n");
|
|
|
|
|
fprintf(output, " -V verbose output.\n");
|
|
|
|
|
fprintf(output, " If -V is used with any of the 'Duplicate Packet\n");
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(output, " Removal' options (-d, -D or -w) then Packet lengths\n");
|
2014-01-23 15:11:00 +00:00
|
|
|
fprintf(output, " and MD5 hashes are printed to standard-error.\n");
|
2022-06-15 02:05:10 +00:00
|
|
|
fprintf(output, " -v, --version print version information and exit.\n");
|
2006-01-10 21:37:36 +00:00
|
|
|
}
|
|
|
|
|
|
2010-11-24 16:24:44 +00:00
|
|
|
struct string_elem {
|
|
|
|
|
const char *sstr; /* The short string */
|
|
|
|
|
const char *lstr; /* The long string */
|
|
|
|
|
};
|
|
|
|
|
|
2013-07-10 16:18:37 +00:00
|
|
|
static gint
|
|
|
|
|
string_nat_compare(gconstpointer a, gconstpointer b)
|
|
|
|
|
{
|
2014-10-29 17:53:49 +00:00
|
|
|
return ws_ascii_strnatcmp(((const struct string_elem *)a)->sstr,
|
2013-07-10 16:18:37 +00:00
|
|
|
((const struct string_elem *)b)->sstr);
|
|
|
|
|
}
|
|
|
|
|
|
2010-11-24 16:24:44 +00:00
|
|
|
static void
|
2017-09-25 23:18:21 +00:00
|
|
|
string_elem_print(gpointer data, gpointer stream_ptr)
|
2011-05-24 00:07:56 +00:00
|
|
|
{
|
2017-09-25 23:18:21 +00:00
|
|
|
fprintf((FILE *) stream_ptr, " %s - %s\n",
|
2010-11-24 17:10:48 +00:00
|
|
|
((struct string_elem *)data)->sstr,
|
|
|
|
|
((struct string_elem *)data)->lstr);
|
2010-11-24 16:24:44 +00:00
|
|
|
}
|
|
|
|
|
|
2008-03-16 00:32:12 +00:00
|
|
|
static void
|
2017-09-25 23:18:21 +00:00
|
|
|
list_capture_types(FILE *stream) {
|
wiretap: more work on file type/subtypes.
Provide a wiretap routine to get an array of all savable file
type/subtypes, sorted with pcap and pcapng at the top, followed by the
other types, sorted either by the name or the description.
Use that routine to list options for the -F flag for various commands
Rename wtap_get_savable_file_types_subtypes() to
wtap_get_savable_file_types_subtypes_for_file(), to indicate that it
provides an array of all file type/subtypes in which a given file can be
saved. Have it sort all types, other than the default type/subtype and,
if there is one, the "other" type (both of which are put at the top), by
the name or the description.
Don't allow wtap_register_file_type_subtypes() to override any existing
registrations; have them always register a new type. In that routine,
if there are any emply slots in the table, due to an entry being
unregistered, use it rather than allocating a new slot.
Don't allow unregistration of built-in types.
Rename the "dump open table" to the "file type/subtype table", as it has
entries for all types/subtypes, even if we can't write them.
Initialize that table in a routine that pre-allocates the GArray before
filling it with built-in types/subtypes, so it doesn't keep getting
reallocated.
Get rid of wtap_num_file_types_subtypes - it's just a copy of the size
of the GArray.
Don't have wtap_file_type_subtype_description() crash if handed an
file type/subtype that isn't a valid array index - just return NULL, as
we do with wtap_file_type_subtype_name().
In wtap_name_to_file_type_subtype(), don't use WTAP_FILE_TYPE_SUBTYPE_
names for the backwards-compatibility names - map those names to the
current names, and then look them up. This reduces the number of
uses of hardwired WTAP_FILE_TYPE_SUBTYPE_ values.
Clean up the type of wtap_module_count - it has no need to be a gulong.
Have built-in wiretap file handlers register names to be used for their
file type/subtypes, rather than building the table in init.lua.
Add a new Lua C function get_wtap_filetypes() to construct the
wtap_filetypes table, based on the registered names, and use it in
init.lua.
Add a #define WSLUA_INTERNAL_FUNCTION to register functions intended
only for internal use in init.lua, so they can be made available from
Lua without being documented.
Get rid of WTAP_NUM_FILE_TYPES_SUBTYPES - most code has no need to use
it, as it can just request arrays of types, and the space of
type/subtype codes can be sparse due to registration in any case, so
code has to be careful using it.
wtap_get_num_file_types_subtypes() is no longer used, so remove it. It
returns the number of elements in the file type/subtype array, which is
not necessarily the name of known file type/subtypes, as there may have
been some deregistered types, and those types do *not* get removed from
the array, they just get cleared so that they're available for future
allocation (we don't want the indices of any registered types to changes
if another type is deregistered, as those indicates are the type/subtype
values, so we can't shrink the array).
Clean up white space and remove some comments that shouldn't have been
added.
2021-02-17 06:24:47 +00:00
|
|
|
GArray *writable_type_subtypes;
|
2006-01-10 21:37:36 +00:00
|
|
|
|
2017-09-25 23:18:21 +00:00
|
|
|
fprintf(stream, "editcap: The available capture file types for the \"-F\" flag are:\n");
|
wiretap: more work on file type/subtypes.
Provide a wiretap routine to get an array of all savable file
type/subtypes, sorted with pcap and pcapng at the top, followed by the
other types, sorted either by the name or the description.
Use that routine to list options for the -F flag for various commands
Rename wtap_get_savable_file_types_subtypes() to
wtap_get_savable_file_types_subtypes_for_file(), to indicate that it
provides an array of all file type/subtypes in which a given file can be
saved. Have it sort all types, other than the default type/subtype and,
if there is one, the "other" type (both of which are put at the top), by
the name or the description.
Don't allow wtap_register_file_type_subtypes() to override any existing
registrations; have them always register a new type. In that routine,
if there are any emply slots in the table, due to an entry being
unregistered, use it rather than allocating a new slot.
Don't allow unregistration of built-in types.
Rename the "dump open table" to the "file type/subtype table", as it has
entries for all types/subtypes, even if we can't write them.
Initialize that table in a routine that pre-allocates the GArray before
filling it with built-in types/subtypes, so it doesn't keep getting
reallocated.
Get rid of wtap_num_file_types_subtypes - it's just a copy of the size
of the GArray.
Don't have wtap_file_type_subtype_description() crash if handed an
file type/subtype that isn't a valid array index - just return NULL, as
we do with wtap_file_type_subtype_name().
In wtap_name_to_file_type_subtype(), don't use WTAP_FILE_TYPE_SUBTYPE_
names for the backwards-compatibility names - map those names to the
current names, and then look them up. This reduces the number of
uses of hardwired WTAP_FILE_TYPE_SUBTYPE_ values.
Clean up the type of wtap_module_count - it has no need to be a gulong.
Have built-in wiretap file handlers register names to be used for their
file type/subtypes, rather than building the table in init.lua.
Add a new Lua C function get_wtap_filetypes() to construct the
wtap_filetypes table, based on the registered names, and use it in
init.lua.
Add a #define WSLUA_INTERNAL_FUNCTION to register functions intended
only for internal use in init.lua, so they can be made available from
Lua without being documented.
Get rid of WTAP_NUM_FILE_TYPES_SUBTYPES - most code has no need to use
it, as it can just request arrays of types, and the space of
type/subtype codes can be sparse due to registration in any case, so
code has to be careful using it.
wtap_get_num_file_types_subtypes() is no longer used, so remove it. It
returns the number of elements in the file type/subtype array, which is
not necessarily the name of known file type/subtypes, as there may have
been some deregistered types, and those types do *not* get removed from
the array, they just get cleared so that they're available for future
allocation (we don't want the indices of any registered types to changes
if another type is deregistered, as those indicates are the type/subtype
values, so we can't shrink the array).
Clean up white space and remove some comments that shouldn't have been
added.
2021-02-17 06:24:47 +00:00
|
|
|
writable_type_subtypes = wtap_get_writable_file_types_subtypes(FT_SORT_BY_NAME);
|
|
|
|
|
for (guint i = 0; i < writable_type_subtypes->len; i++) {
|
|
|
|
|
int ft = g_array_index(writable_type_subtypes, int, i);
|
2021-02-21 17:46:59 +00:00
|
|
|
fprintf(stream, " %s - %s\n", wtap_file_type_subtype_name(ft),
|
wiretap: more work on file type/subtypes.
Provide a wiretap routine to get an array of all savable file
type/subtypes, sorted with pcap and pcapng at the top, followed by the
other types, sorted either by the name or the description.
Use that routine to list options for the -F flag for various commands
Rename wtap_get_savable_file_types_subtypes() to
wtap_get_savable_file_types_subtypes_for_file(), to indicate that it
provides an array of all file type/subtypes in which a given file can be
saved. Have it sort all types, other than the default type/subtype and,
if there is one, the "other" type (both of which are put at the top), by
the name or the description.
Don't allow wtap_register_file_type_subtypes() to override any existing
registrations; have them always register a new type. In that routine,
if there are any emply slots in the table, due to an entry being
unregistered, use it rather than allocating a new slot.
Don't allow unregistration of built-in types.
Rename the "dump open table" to the "file type/subtype table", as it has
entries for all types/subtypes, even if we can't write them.
Initialize that table in a routine that pre-allocates the GArray before
filling it with built-in types/subtypes, so it doesn't keep getting
reallocated.
Get rid of wtap_num_file_types_subtypes - it's just a copy of the size
of the GArray.
Don't have wtap_file_type_subtype_description() crash if handed an
file type/subtype that isn't a valid array index - just return NULL, as
we do with wtap_file_type_subtype_name().
In wtap_name_to_file_type_subtype(), don't use WTAP_FILE_TYPE_SUBTYPE_
names for the backwards-compatibility names - map those names to the
current names, and then look them up. This reduces the number of
uses of hardwired WTAP_FILE_TYPE_SUBTYPE_ values.
Clean up the type of wtap_module_count - it has no need to be a gulong.
Have built-in wiretap file handlers register names to be used for their
file type/subtypes, rather than building the table in init.lua.
Add a new Lua C function get_wtap_filetypes() to construct the
wtap_filetypes table, based on the registered names, and use it in
init.lua.
Add a #define WSLUA_INTERNAL_FUNCTION to register functions intended
only for internal use in init.lua, so they can be made available from
Lua without being documented.
Get rid of WTAP_NUM_FILE_TYPES_SUBTYPES - most code has no need to use
it, as it can just request arrays of types, and the space of
type/subtype codes can be sparse due to registration in any case, so
code has to be careful using it.
wtap_get_num_file_types_subtypes() is no longer used, so remove it. It
returns the number of elements in the file type/subtype array, which is
not necessarily the name of known file type/subtypes, as there may have
been some deregistered types, and those types do *not* get removed from
the array, they just get cleared so that they're available for future
allocation (we don't want the indices of any registered types to changes
if another type is deregistered, as those indicates are the type/subtype
values, so we can't shrink the array).
Clean up white space and remove some comments that shouldn't have been
added.
2021-02-17 06:24:47 +00:00
|
|
|
wtap_file_type_subtype_description(ft));
|
2006-01-10 21:37:36 +00:00
|
|
|
}
|
wiretap: more work on file type/subtypes.
Provide a wiretap routine to get an array of all savable file
type/subtypes, sorted with pcap and pcapng at the top, followed by the
other types, sorted either by the name or the description.
Use that routine to list options for the -F flag for various commands
Rename wtap_get_savable_file_types_subtypes() to
wtap_get_savable_file_types_subtypes_for_file(), to indicate that it
provides an array of all file type/subtypes in which a given file can be
saved. Have it sort all types, other than the default type/subtype and,
if there is one, the "other" type (both of which are put at the top), by
the name or the description.
Don't allow wtap_register_file_type_subtypes() to override any existing
registrations; have them always register a new type. In that routine,
if there are any emply slots in the table, due to an entry being
unregistered, use it rather than allocating a new slot.
Don't allow unregistration of built-in types.
Rename the "dump open table" to the "file type/subtype table", as it has
entries for all types/subtypes, even if we can't write them.
Initialize that table in a routine that pre-allocates the GArray before
filling it with built-in types/subtypes, so it doesn't keep getting
reallocated.
Get rid of wtap_num_file_types_subtypes - it's just a copy of the size
of the GArray.
Don't have wtap_file_type_subtype_description() crash if handed an
file type/subtype that isn't a valid array index - just return NULL, as
we do with wtap_file_type_subtype_name().
In wtap_name_to_file_type_subtype(), don't use WTAP_FILE_TYPE_SUBTYPE_
names for the backwards-compatibility names - map those names to the
current names, and then look them up. This reduces the number of
uses of hardwired WTAP_FILE_TYPE_SUBTYPE_ values.
Clean up the type of wtap_module_count - it has no need to be a gulong.
Have built-in wiretap file handlers register names to be used for their
file type/subtypes, rather than building the table in init.lua.
Add a new Lua C function get_wtap_filetypes() to construct the
wtap_filetypes table, based on the registered names, and use it in
init.lua.
Add a #define WSLUA_INTERNAL_FUNCTION to register functions intended
only for internal use in init.lua, so they can be made available from
Lua without being documented.
Get rid of WTAP_NUM_FILE_TYPES_SUBTYPES - most code has no need to use
it, as it can just request arrays of types, and the space of
type/subtype codes can be sparse due to registration in any case, so
code has to be careful using it.
wtap_get_num_file_types_subtypes() is no longer used, so remove it. It
returns the number of elements in the file type/subtype array, which is
not necessarily the name of known file type/subtypes, as there may have
been some deregistered types, and those types do *not* get removed from
the array, they just get cleared so that they're available for future
allocation (we don't want the indices of any registered types to changes
if another type is deregistered, as those indicates are the type/subtype
values, so we can't shrink the array).
Clean up white space and remove some comments that shouldn't have been
added.
2021-02-17 06:24:47 +00:00
|
|
|
g_array_free(writable_type_subtypes, TRUE);
|
2006-01-10 22:00:37 +00:00
|
|
|
}
|
|
|
|
|
|
2008-03-16 00:32:12 +00:00
|
|
|
static void
|
2017-09-25 23:18:21 +00:00
|
|
|
list_encap_types(FILE *stream) {
|
2006-01-10 22:00:37 +00:00
|
|
|
int i;
|
2010-11-24 16:24:44 +00:00
|
|
|
struct string_elem *encaps;
|
|
|
|
|
GSList *list = NULL;
|
2006-01-10 22:00:37 +00:00
|
|
|
|
2020-12-21 02:30:28 +00:00
|
|
|
encaps = g_new(struct string_elem, WTAP_NUM_ENCAP_TYPES);
|
2017-09-25 23:18:21 +00:00
|
|
|
fprintf(stream, "editcap: The available encapsulation types for the \"-T\" flag are:\n");
|
2006-01-10 21:37:36 +00:00
|
|
|
for (i = 0; i < WTAP_NUM_ENCAP_TYPES; i++) {
|
2019-01-09 21:21:10 +00:00
|
|
|
encaps[i].sstr = wtap_encap_name(i);
|
2010-11-24 16:24:44 +00:00
|
|
|
if (encaps[i].sstr != NULL) {
|
2019-01-09 21:21:10 +00:00
|
|
|
encaps[i].lstr = wtap_encap_description(i);
|
2013-07-10 16:18:37 +00:00
|
|
|
list = g_slist_insert_sorted(list, &encaps[i], string_nat_compare);
|
2010-11-24 16:24:44 +00:00
|
|
|
}
|
2006-01-10 21:37:36 +00:00
|
|
|
}
|
2017-09-25 23:18:21 +00:00
|
|
|
g_slist_foreach(list, string_elem_print, stream);
|
2010-11-24 16:24:44 +00:00
|
|
|
g_slist_free(list);
|
|
|
|
|
g_free(encaps);
|
1999-12-04 12:53:52 +00:00
|
|
|
}
|
|
|
|
|
|
2018-11-17 21:43:14 +00:00
|
|
|
static void
|
|
|
|
|
list_secrets_types(FILE *stream)
|
|
|
|
|
{
|
|
|
|
|
for (guint i = 0; i < G_N_ELEMENTS(secrets_types); i++) {
|
|
|
|
|
fprintf(stream, " %s\n", secrets_types[i].str);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static guint32
|
|
|
|
|
lookup_secrets_type(const char *type)
|
|
|
|
|
{
|
|
|
|
|
for (guint i = 0; i < G_N_ELEMENTS(secrets_types); i++) {
|
|
|
|
|
if (!strcmp(secrets_types[i].str, type)) {
|
|
|
|
|
return secrets_types[i].id;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-05 12:40:23 +00:00
|
|
|
static void
|
|
|
|
|
validate_secrets_file(const char *filename, guint32 secrets_type, const char *data)
|
|
|
|
|
{
|
|
|
|
|
if (secrets_type == SECRETS_TYPE_TLS) {
|
|
|
|
|
/*
|
|
|
|
|
* A key log file is unlikely going to look like either:
|
|
|
|
|
* - a PEM-encoded private key file.
|
|
|
|
|
* - a BER-encoded PKCS #12 file ("PFX file"). (Look for a Constructed
|
|
|
|
|
* SEQUENCE tag, e.g. bytes 0x30 which happens to be ASCII '0'.)
|
|
|
|
|
*/
|
|
|
|
|
if (g_str_has_prefix(data, "-----BEGIN ") || data[0] == 0x30) {
|
|
|
|
|
fprintf(stderr,
|
|
|
|
|
"editcap: Warning: \"%s\" is not a key log file, but an unsupported private key file. Decryption will not work.\n",
|
|
|
|
|
filename);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-25 22:36:54 +00:00
|
|
|
static int
|
2016-01-14 04:37:53 +00:00
|
|
|
framenum_compare(gconstpointer a, gconstpointer b, gpointer user_data _U_)
|
2015-06-25 22:36:54 +00:00
|
|
|
{
|
2016-01-14 04:37:53 +00:00
|
|
|
if (GPOINTER_TO_UINT(a) < GPOINTER_TO_UINT(b))
|
|
|
|
|
return -1;
|
2015-06-25 22:36:54 +00:00
|
|
|
|
2016-01-14 04:37:53 +00:00
|
|
|
if (GPOINTER_TO_UINT(a) > GPOINTER_TO_UINT(b))
|
|
|
|
|
return 1;
|
2015-06-25 22:36:54 +00:00
|
|
|
|
2016-01-14 04:37:53 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
2015-06-25 22:36:54 +00:00
|
|
|
|
2008-03-16 00:58:15 +00:00
|
|
|
/*
|
2021-03-15 18:29:43 +00:00
|
|
|
* Report an error in command-line arguments.
|
2008-03-16 00:58:15 +00:00
|
|
|
*/
|
2007-05-25 17:22:32 +00:00
|
|
|
static void
|
2021-03-15 18:29:43 +00:00
|
|
|
editcap_cmdarg_err(const char *msg_format, va_list ap)
|
2007-05-25 17:22:32 +00:00
|
|
|
{
|
2019-02-19 03:12:27 +00:00
|
|
|
fprintf(stderr, "editcap: ");
|
|
|
|
|
vfprintf(stderr, msg_format, ap);
|
|
|
|
|
fprintf(stderr, "\n");
|
2007-05-25 17:22:32 +00:00
|
|
|
}
|
2016-09-05 23:39:25 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Report additional information for an error in command-line arguments.
|
|
|
|
|
*/
|
|
|
|
|
static void
|
2021-03-15 18:29:43 +00:00
|
|
|
editcap_cmdarg_err_cont(const char *msg_format, va_list ap)
|
2016-09-05 23:39:25 +00:00
|
|
|
{
|
2019-02-19 03:12:27 +00:00
|
|
|
vfprintf(stderr, msg_format, ap);
|
|
|
|
|
fprintf(stderr, "\n");
|
2016-09-05 23:39:25 +00:00
|
|
|
}
|
2007-05-25 17:22:32 +00:00
|
|
|
|
2015-11-10 01:21:46 +00:00
|
|
|
static wtap_dumper *
|
2018-11-14 00:10:53 +00:00
|
|
|
editcap_dump_open(const char *filename, const wtap_dump_params *params,
|
2020-12-05 21:22:49 +00:00
|
|
|
GArray *idbs_seen, int *err, gchar **err_info)
|
2015-11-10 01:21:46 +00:00
|
|
|
{
|
2019-02-19 03:12:27 +00:00
|
|
|
wtap_dumper *pdh;
|
|
|
|
|
|
|
|
|
|
if (strcmp(filename, "-") == 0) {
|
|
|
|
|
/* Write to the standard output. */
|
|
|
|
|
pdh = wtap_dump_open_stdout(out_file_type_subtype, WTAP_UNCOMPRESSED,
|
2020-12-05 21:22:49 +00:00
|
|
|
params, err, err_info);
|
2019-02-19 03:12:27 +00:00
|
|
|
} else {
|
|
|
|
|
pdh = wtap_dump_open(filename, out_file_type_subtype, WTAP_UNCOMPRESSED,
|
2020-12-05 21:22:49 +00:00
|
|
|
params, err, err_info);
|
2019-02-19 03:12:27 +00:00
|
|
|
}
|
2020-12-05 21:22:49 +00:00
|
|
|
if (pdh == NULL)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
/*
|
wiretap: have file handlers advertise blocks and options supported.
Instead of a "supports name resolution" Boolean and bitflags for types of
comments supported, provide a list of block types that the file
type/subtype supports, with each block type having a list of options
supported. Indicate whether "supported" means "one instance" or
"multiple instances".
"Supports" doesn't just mean "can be written", it also means "could be
read".
Rename WTAP_BLOCK_IF_DESCRIPTION to WTAP_BLOCK_IF_ID_AND_INFO, to
indicate that it provides, in addition to information about the
interface, an ID (implicitly, in pcapng files, by its ordinal number)
that is associated with every packet in the file. Emphasize that in
comments - just because your capture file format can list the interfaces
on which a capture was done, that doesn't mean it supports this; it
doesn't do so if the file doesn't indicate, for every packet, on which
of those interfaces it was captured (I'm looking at *you*, Microsoft
Network Monitor...).
Use APIs to query that information to do what the "does this file
type/subtype support name resolution information", "does this file
type/subtype support all of these comment types", and "does this file
type/subtype support - and require - interface IDs" APIs did.
Provide backwards compatibility for Lua.
This allows us to eliminate the WTAP_FILE_TYPE_SUBTYPE_ values for IBM's
iptrace; do so.
2021-02-21 22:18:04 +00:00
|
|
|
* If the output file supporst identifying the interfaces on which
|
|
|
|
|
* packets arrive, add all the IDBs we've seen so far.
|
|
|
|
|
*
|
|
|
|
|
* That mean that the abstract interface provided by libwiretap
|
|
|
|
|
* involves WTAP_BLOCK_IF_ID_AND_INFO blocks.
|
2020-12-05 21:22:49 +00:00
|
|
|
*/
|
wiretap: have file handlers advertise blocks and options supported.
Instead of a "supports name resolution" Boolean and bitflags for types of
comments supported, provide a list of block types that the file
type/subtype supports, with each block type having a list of options
supported. Indicate whether "supported" means "one instance" or
"multiple instances".
"Supports" doesn't just mean "can be written", it also means "could be
read".
Rename WTAP_BLOCK_IF_DESCRIPTION to WTAP_BLOCK_IF_ID_AND_INFO, to
indicate that it provides, in addition to information about the
interface, an ID (implicitly, in pcapng files, by its ordinal number)
that is associated with every packet in the file. Emphasize that in
comments - just because your capture file format can list the interfaces
on which a capture was done, that doesn't mean it supports this; it
doesn't do so if the file doesn't indicate, for every packet, on which
of those interfaces it was captured (I'm looking at *you*, Microsoft
Network Monitor...).
Use APIs to query that information to do what the "does this file
type/subtype support name resolution information", "does this file
type/subtype support all of these comment types", and "does this file
type/subtype support - and require - interface IDs" APIs did.
Provide backwards compatibility for Lua.
This allows us to eliminate the WTAP_FILE_TYPE_SUBTYPE_ values for IBM's
iptrace; do so.
2021-02-21 22:18:04 +00:00
|
|
|
if (wtap_file_type_subtype_supports_block(wtap_dump_file_type_subtype(pdh),
|
|
|
|
|
WTAP_BLOCK_IF_ID_AND_INFO) != BLOCK_NOT_SUPPORTED) {
|
2020-12-05 21:22:49 +00:00
|
|
|
for (guint i = 0; i < idbs_seen->len; i++) {
|
|
|
|
|
wtap_block_t if_data = g_array_index(idbs_seen, wtap_block_t, i);
|
2021-08-10 05:53:29 +00:00
|
|
|
wtap_block_t if_data_copy;
|
2020-12-05 21:22:49 +00:00
|
|
|
|
|
|
|
|
/*
|
2021-08-10 05:53:29 +00:00
|
|
|
* Make a copy of this IDB, so that we can change the
|
|
|
|
|
* encapsulation type without trashing the original.
|
2020-12-05 21:22:49 +00:00
|
|
|
*/
|
2021-08-10 05:53:29 +00:00
|
|
|
if_data_copy = wtap_block_make_copy(if_data);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If an encapsulation type was specified, override the
|
|
|
|
|
* encapsulation type of the interface.
|
|
|
|
|
*/
|
|
|
|
|
if (out_frame_type != -2) {
|
|
|
|
|
wtapng_if_descr_mandatory_t *if_mand;
|
|
|
|
|
|
|
|
|
|
if_mand = (wtapng_if_descr_mandatory_t *)wtap_block_get_mandatory_data(if_data_copy);
|
|
|
|
|
if_mand->wtap_encap = out_frame_type;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Add this possibly-modified IDB to the file to which
|
|
|
|
|
* we're currently writing.
|
|
|
|
|
*/
|
|
|
|
|
if (!wtap_dump_add_idb(pdh, if_data_copy, err, err_info)) {
|
2020-12-05 21:22:49 +00:00
|
|
|
int close_err;
|
|
|
|
|
gchar *close_err_info;
|
|
|
|
|
|
2022-03-14 19:11:24 +00:00
|
|
|
wtap_dump_close(pdh, NULL, &close_err, &close_err_info);
|
2020-12-05 21:22:49 +00:00
|
|
|
g_free(close_err_info);
|
2021-08-10 05:53:29 +00:00
|
|
|
wtap_block_unref(if_data_copy);
|
2020-12-05 21:22:49 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
2021-08-10 05:53:29 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Release the copy - wtap_dump_add_idb() makes its own copy.
|
|
|
|
|
*/
|
|
|
|
|
wtap_block_unref(if_data_copy);
|
2020-12-05 21:22:49 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-19 03:12:27 +00:00
|
|
|
return pdh;
|
2015-11-10 01:21:46 +00:00
|
|
|
}
|
|
|
|
|
|
editcap, tshark: process IDBs in the middle of input files.
Instead of grabbing the set of IDBs found at open time, have a loop
using wtap_get_next_interface_description() to read all unread IDBs run
after opening the input file, after reading a packet from the input
file, and after getting an EOF on the input file.
Add a routine wtap_uses_interface_ids() to check whether the file type
and subtype for a dump file uses interface IDs and requires IDBs. If
so, in the aforementioned loop, add the IDBs to the dump stream.
Add a routine wtap_dump_add_idb() to add IDBs to a dump stream. Have it
call a file-format-specific routine to add the IDBs; the only file type
that supports it is pcapng, and it 1) writes out the IDB and 2) adds it
to the set of IDBs for the stream.
Add a wtap_dump_params_init_no_idbs() routine that prevents the IDBs
from the input file from being used to initialize the output file; use
it in cases where we're using the aforementioned loop to copy over IDBs.
Don't require any IDBs to be present when opening a pcapng file for
writing; 1) the simplest pcapng file has just an SHB in it, 2) that
requirement causes dumps that don't provide IDBs at open time to fail,
and 3) the real issue is that we don't want packets with an interface ID
not corresponding to a known IDB, and we already have a check for that.
(There are some hacks here; eventually, when everything processes the
IDBs in such a loop, we may be able to get rid of the "two favors of
dump parameter initialization" hack.)
Fixes #15844.
Addresses the same issue in #15502, but there are other issues there
that also need to be addressed.
In addition, the merge code also needs to be changed to handle this.
2020-10-22 08:10:57 +00:00
|
|
|
static gboolean
|
2020-12-05 21:22:49 +00:00
|
|
|
process_new_idbs(wtap *wth, wtap_dumper *pdh, GArray *idbs_seen,
|
|
|
|
|
int *err, gchar **err_info)
|
editcap, tshark: process IDBs in the middle of input files.
Instead of grabbing the set of IDBs found at open time, have a loop
using wtap_get_next_interface_description() to read all unread IDBs run
after opening the input file, after reading a packet from the input
file, and after getting an EOF on the input file.
Add a routine wtap_uses_interface_ids() to check whether the file type
and subtype for a dump file uses interface IDs and requires IDBs. If
so, in the aforementioned loop, add the IDBs to the dump stream.
Add a routine wtap_dump_add_idb() to add IDBs to a dump stream. Have it
call a file-format-specific routine to add the IDBs; the only file type
that supports it is pcapng, and it 1) writes out the IDB and 2) adds it
to the set of IDBs for the stream.
Add a wtap_dump_params_init_no_idbs() routine that prevents the IDBs
from the input file from being used to initialize the output file; use
it in cases where we're using the aforementioned loop to copy over IDBs.
Don't require any IDBs to be present when opening a pcapng file for
writing; 1) the simplest pcapng file has just an SHB in it, 2) that
requirement causes dumps that don't provide IDBs at open time to fail,
and 3) the real issue is that we don't want packets with an interface ID
not corresponding to a known IDB, and we already have a check for that.
(There are some hacks here; eventually, when everything processes the
IDBs in such a loop, we may be able to get rid of the "two favors of
dump parameter initialization" hack.)
Fixes #15844.
Addresses the same issue in #15502, but there are other issues there
that also need to be addressed.
In addition, the merge code also needs to be changed to handle this.
2020-10-22 08:10:57 +00:00
|
|
|
{
|
|
|
|
|
wtap_block_t if_data;
|
|
|
|
|
|
|
|
|
|
while ((if_data = wtap_get_next_interface_description(wth)) != NULL) {
|
|
|
|
|
/*
|
wiretap: have file handlers advertise blocks and options supported.
Instead of a "supports name resolution" Boolean and bitflags for types of
comments supported, provide a list of block types that the file
type/subtype supports, with each block type having a list of options
supported. Indicate whether "supported" means "one instance" or
"multiple instances".
"Supports" doesn't just mean "can be written", it also means "could be
read".
Rename WTAP_BLOCK_IF_DESCRIPTION to WTAP_BLOCK_IF_ID_AND_INFO, to
indicate that it provides, in addition to information about the
interface, an ID (implicitly, in pcapng files, by its ordinal number)
that is associated with every packet in the file. Emphasize that in
comments - just because your capture file format can list the interfaces
on which a capture was done, that doesn't mean it supports this; it
doesn't do so if the file doesn't indicate, for every packet, on which
of those interfaces it was captured (I'm looking at *you*, Microsoft
Network Monitor...).
Use APIs to query that information to do what the "does this file
type/subtype support name resolution information", "does this file
type/subtype support all of these comment types", and "does this file
type/subtype support - and require - interface IDs" APIs did.
Provide backwards compatibility for Lua.
This allows us to eliminate the WTAP_FILE_TYPE_SUBTYPE_ values for IBM's
iptrace; do so.
2021-02-21 22:18:04 +00:00
|
|
|
* Only add interface blocks if the output file supports (meaning
|
|
|
|
|
* *requires*) them.
|
|
|
|
|
*
|
|
|
|
|
* That mean that the abstract interface provided by libwiretap
|
|
|
|
|
* involves WTAP_BLOCK_IF_ID_AND_INFO blocks.
|
editcap, tshark: process IDBs in the middle of input files.
Instead of grabbing the set of IDBs found at open time, have a loop
using wtap_get_next_interface_description() to read all unread IDBs run
after opening the input file, after reading a packet from the input
file, and after getting an EOF on the input file.
Add a routine wtap_uses_interface_ids() to check whether the file type
and subtype for a dump file uses interface IDs and requires IDBs. If
so, in the aforementioned loop, add the IDBs to the dump stream.
Add a routine wtap_dump_add_idb() to add IDBs to a dump stream. Have it
call a file-format-specific routine to add the IDBs; the only file type
that supports it is pcapng, and it 1) writes out the IDB and 2) adds it
to the set of IDBs for the stream.
Add a wtap_dump_params_init_no_idbs() routine that prevents the IDBs
from the input file from being used to initialize the output file; use
it in cases where we're using the aforementioned loop to copy over IDBs.
Don't require any IDBs to be present when opening a pcapng file for
writing; 1) the simplest pcapng file has just an SHB in it, 2) that
requirement causes dumps that don't provide IDBs at open time to fail,
and 3) the real issue is that we don't want packets with an interface ID
not corresponding to a known IDB, and we already have a check for that.
(There are some hacks here; eventually, when everything processes the
IDBs in such a loop, we may be able to get rid of the "two favors of
dump parameter initialization" hack.)
Fixes #15844.
Addresses the same issue in #15502, but there are other issues there
that also need to be addressed.
In addition, the merge code also needs to be changed to handle this.
2020-10-22 08:10:57 +00:00
|
|
|
*/
|
2023-02-02 02:14:10 +00:00
|
|
|
if (pdh != NULL && wtap_file_type_subtype_supports_block(wtap_dump_file_type_subtype(pdh),
|
wiretap: have file handlers advertise blocks and options supported.
Instead of a "supports name resolution" Boolean and bitflags for types of
comments supported, provide a list of block types that the file
type/subtype supports, with each block type having a list of options
supported. Indicate whether "supported" means "one instance" or
"multiple instances".
"Supports" doesn't just mean "can be written", it also means "could be
read".
Rename WTAP_BLOCK_IF_DESCRIPTION to WTAP_BLOCK_IF_ID_AND_INFO, to
indicate that it provides, in addition to information about the
interface, an ID (implicitly, in pcapng files, by its ordinal number)
that is associated with every packet in the file. Emphasize that in
comments - just because your capture file format can list the interfaces
on which a capture was done, that doesn't mean it supports this; it
doesn't do so if the file doesn't indicate, for every packet, on which
of those interfaces it was captured (I'm looking at *you*, Microsoft
Network Monitor...).
Use APIs to query that information to do what the "does this file
type/subtype support name resolution information", "does this file
type/subtype support all of these comment types", and "does this file
type/subtype support - and require - interface IDs" APIs did.
Provide backwards compatibility for Lua.
This allows us to eliminate the WTAP_FILE_TYPE_SUBTYPE_ values for IBM's
iptrace; do so.
2021-02-21 22:18:04 +00:00
|
|
|
WTAP_BLOCK_IF_ID_AND_INFO) != BLOCK_NOT_SUPPORTED) {
|
2020-12-05 21:22:49 +00:00
|
|
|
wtap_block_t if_data_copy;
|
|
|
|
|
|
|
|
|
|
/*
|
2021-08-10 05:53:29 +00:00
|
|
|
* Make a copy of this IDB, so that we can change the
|
|
|
|
|
* encapsulation type without trashing the original.
|
2020-12-05 21:22:49 +00:00
|
|
|
*/
|
2021-08-10 05:53:29 +00:00
|
|
|
if_data_copy = wtap_block_make_copy(if_data);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If an encapsulation type was specified, override the
|
|
|
|
|
* encapsulation type of the interface.
|
|
|
|
|
*/
|
|
|
|
|
if (out_frame_type != -2) {
|
|
|
|
|
wtapng_if_descr_mandatory_t *if_mand;
|
|
|
|
|
|
|
|
|
|
if_mand = (wtapng_if_descr_mandatory_t *)wtap_block_get_mandatory_data(if_data_copy);
|
|
|
|
|
if_mand->wtap_encap = out_frame_type;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Add this possibly-modified IDB to the file to which
|
|
|
|
|
* we're currently writing.
|
|
|
|
|
*/
|
|
|
|
|
if (!wtap_dump_add_idb(pdh, if_data_copy, err, err_info))
|
editcap, tshark: process IDBs in the middle of input files.
Instead of grabbing the set of IDBs found at open time, have a loop
using wtap_get_next_interface_description() to read all unread IDBs run
after opening the input file, after reading a packet from the input
file, and after getting an EOF on the input file.
Add a routine wtap_uses_interface_ids() to check whether the file type
and subtype for a dump file uses interface IDs and requires IDBs. If
so, in the aforementioned loop, add the IDBs to the dump stream.
Add a routine wtap_dump_add_idb() to add IDBs to a dump stream. Have it
call a file-format-specific routine to add the IDBs; the only file type
that supports it is pcapng, and it 1) writes out the IDB and 2) adds it
to the set of IDBs for the stream.
Add a wtap_dump_params_init_no_idbs() routine that prevents the IDBs
from the input file from being used to initialize the output file; use
it in cases where we're using the aforementioned loop to copy over IDBs.
Don't require any IDBs to be present when opening a pcapng file for
writing; 1) the simplest pcapng file has just an SHB in it, 2) that
requirement causes dumps that don't provide IDBs at open time to fail,
and 3) the real issue is that we don't want packets with an interface ID
not corresponding to a known IDB, and we already have a check for that.
(There are some hacks here; eventually, when everything processes the
IDBs in such a loop, we may be able to get rid of the "two favors of
dump parameter initialization" hack.)
Fixes #15844.
Addresses the same issue in #15502, but there are other issues there
that also need to be addressed.
In addition, the merge code also needs to be changed to handle this.
2020-10-22 08:10:57 +00:00
|
|
|
return FALSE;
|
2020-12-05 21:22:49 +00:00
|
|
|
|
|
|
|
|
/*
|
2021-08-10 05:53:29 +00:00
|
|
|
* Release the copy - wtap_dump_add_idb() makes its own copy.
|
|
|
|
|
*/
|
|
|
|
|
wtap_block_unref(if_data_copy);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Also add an unmodified copy to the set of IDBs we've seen,
|
|
|
|
|
* in case we start writing to another file (which would be
|
|
|
|
|
* of the same type as the current file, and thus will also
|
|
|
|
|
* require interface IDs).
|
2020-12-05 21:22:49 +00:00
|
|
|
*/
|
|
|
|
|
if_data_copy = wtap_block_make_copy(if_data);
|
|
|
|
|
g_array_append_val(idbs_seen, if_data_copy);
|
editcap, tshark: process IDBs in the middle of input files.
Instead of grabbing the set of IDBs found at open time, have a loop
using wtap_get_next_interface_description() to read all unread IDBs run
after opening the input file, after reading a packet from the input
file, and after getting an EOF on the input file.
Add a routine wtap_uses_interface_ids() to check whether the file type
and subtype for a dump file uses interface IDs and requires IDBs. If
so, in the aforementioned loop, add the IDBs to the dump stream.
Add a routine wtap_dump_add_idb() to add IDBs to a dump stream. Have it
call a file-format-specific routine to add the IDBs; the only file type
that supports it is pcapng, and it 1) writes out the IDB and 2) adds it
to the set of IDBs for the stream.
Add a wtap_dump_params_init_no_idbs() routine that prevents the IDBs
from the input file from being used to initialize the output file; use
it in cases where we're using the aforementioned loop to copy over IDBs.
Don't require any IDBs to be present when opening a pcapng file for
writing; 1) the simplest pcapng file has just an SHB in it, 2) that
requirement causes dumps that don't provide IDBs at open time to fail,
and 3) the real issue is that we don't want packets with an interface ID
not corresponding to a known IDB, and we already have a check for that.
(There are some hacks here; eventually, when everything processes the
IDBs in such a loop, we may be able to get rid of the "two favors of
dump parameter initialization" hack.)
Fixes #15844.
Addresses the same issue in #15502, but there are other issues there
that also need to be addressed.
In addition, the merge code also needs to be changed to handle this.
2020-10-22 08:10:57 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-12 10:53:08 +00:00
|
|
|
int
|
2018-12-26 17:10:12 +00:00
|
|
|
main(int argc, char *argv[])
|
1999-12-04 12:53:52 +00:00
|
|
|
{
|
2022-02-20 20:09:34 +00:00
|
|
|
char *configuration_init_error;
|
2021-03-15 18:29:43 +00:00
|
|
|
static const struct report_message_routines editcap_report_routines = {
|
|
|
|
|
failure_message,
|
|
|
|
|
failure_message,
|
|
|
|
|
open_failure_message,
|
|
|
|
|
read_failure_message,
|
|
|
|
|
write_failure_message,
|
|
|
|
|
cfile_open_failure_message,
|
|
|
|
|
cfile_dump_open_failure_message,
|
|
|
|
|
cfile_read_failure_message,
|
|
|
|
|
cfile_write_failure_message,
|
|
|
|
|
cfile_close_failure_message
|
|
|
|
|
};
|
2017-02-20 14:30:27 +00:00
|
|
|
wtap *wth = NULL;
|
2015-08-28 22:54:53 +00:00
|
|
|
int i, j, read_err, write_err;
|
|
|
|
|
gchar *read_err_info, *write_err_info;
|
2014-01-03 14:30:09 +00:00
|
|
|
int opt;
|
2019-12-15 13:15:34 +00:00
|
|
|
|
|
|
|
|
#define LONGOPT_NO_VLAN LONGOPT_BASE_APPLICATION+1
|
|
|
|
|
#define LONGOPT_SKIP_RADIOTAP_HEADER LONGOPT_BASE_APPLICATION+2
|
|
|
|
|
#define LONGOPT_SEED LONGOPT_BASE_APPLICATION+3
|
|
|
|
|
#define LONGOPT_INJECT_SECRETS LONGOPT_BASE_APPLICATION+4
|
|
|
|
|
#define LONGOPT_DISCARD_ALL_SECRETS LONGOPT_BASE_APPLICATION+5
|
2020-08-06 13:30:38 +00:00
|
|
|
#define LONGOPT_CAPTURE_COMMENT LONGOPT_BASE_APPLICATION+6
|
|
|
|
|
#define LONGOPT_DISCARD_CAPTURE_COMMENT LONGOPT_BASE_APPLICATION+7
|
2021-11-02 15:04:46 +00:00
|
|
|
#define LONGOPT_SET_UNUSED LONGOPT_BASE_APPLICATION+8
|
2019-12-15 13:15:34 +00:00
|
|
|
|
2021-09-29 17:32:28 +00:00
|
|
|
static const struct ws_option long_options[] = {
|
|
|
|
|
{"novlan", ws_no_argument, NULL, LONGOPT_NO_VLAN},
|
|
|
|
|
{"skip-radiotap-header", ws_no_argument, NULL, LONGOPT_SKIP_RADIOTAP_HEADER},
|
|
|
|
|
{"seed", ws_required_argument, NULL, LONGOPT_SEED},
|
|
|
|
|
{"inject-secrets", ws_required_argument, NULL, LONGOPT_INJECT_SECRETS},
|
|
|
|
|
{"discard-all-secrets", ws_no_argument, NULL, LONGOPT_DISCARD_ALL_SECRETS},
|
|
|
|
|
{"help", ws_no_argument, NULL, 'h'},
|
2022-06-15 02:05:10 +00:00
|
|
|
{"version", ws_no_argument, NULL, 'v'},
|
2021-09-29 17:32:28 +00:00
|
|
|
{"capture-comment", ws_required_argument, NULL, LONGOPT_CAPTURE_COMMENT},
|
|
|
|
|
{"discard-capture-comment", ws_no_argument, NULL, LONGOPT_DISCARD_CAPTURE_COMMENT},
|
2021-11-02 15:04:46 +00:00
|
|
|
{"set-unused", ws_no_argument, NULL, LONGOPT_SET_UNUSED},
|
2014-07-03 04:50:54 +00:00
|
|
|
{0, 0, 0, 0 }
|
|
|
|
|
};
|
2014-05-23 10:50:02 +00:00
|
|
|
|
2014-01-03 14:30:09 +00:00
|
|
|
char *p;
|
|
|
|
|
guint32 snaplen = 0; /* No limit */
|
|
|
|
|
chop_t chop = {0, 0, 0, 0, 0, 0}; /* No chop */
|
|
|
|
|
gboolean adjlen = FALSE;
|
2014-05-09 05:18:49 +00:00
|
|
|
wtap_dumper *pdh = NULL;
|
2020-12-05 21:22:49 +00:00
|
|
|
GArray *idbs_seen = NULL;
|
2014-01-03 14:30:09 +00:00
|
|
|
unsigned int count = 1;
|
|
|
|
|
unsigned int duplicate_count = 0;
|
|
|
|
|
gint64 data_offset;
|
|
|
|
|
int err_type;
|
|
|
|
|
guint8 *buf;
|
|
|
|
|
guint32 read_count = 0;
|
2016-09-05 13:50:38 +00:00
|
|
|
guint32 split_packet_count = 0;
|
2014-01-03 14:30:09 +00:00
|
|
|
int written_count = 0;
|
|
|
|
|
char *filename = NULL;
|
2014-05-23 18:53:08 +00:00
|
|
|
gboolean ts_okay;
|
2019-07-14 16:51:40 +00:00
|
|
|
nstime_t secs_per_block = NSTIME_INIT_UNSET;
|
2014-01-03 14:30:09 +00:00
|
|
|
int block_cnt = 0;
|
2019-07-14 16:51:40 +00:00
|
|
|
nstime_t block_next = NSTIME_INIT_UNSET;
|
2014-01-03 14:30:09 +00:00
|
|
|
gchar *fprefix = NULL;
|
|
|
|
|
gchar *fsuffix = NULL;
|
2015-08-11 21:58:54 +00:00
|
|
|
guint32 change_offset = 0;
|
2016-06-20 20:29:49 +00:00
|
|
|
guint max_packet_number = 0;
|
2018-11-17 21:43:14 +00:00
|
|
|
GArray *dsb_types = NULL;
|
|
|
|
|
GPtrArray *dsb_filenames = NULL;
|
2019-04-05 01:56:27 +00:00
|
|
|
wtap_rec read_rec;
|
|
|
|
|
Buffer read_buf;
|
2018-02-09 00:19:12 +00:00
|
|
|
const wtap_rec *rec;
|
|
|
|
|
wtap_rec temp_rec;
|
2018-11-14 00:10:53 +00:00
|
|
|
wtap_dump_params params = WTAP_DUMP_PARAMS_INIT;
|
2016-01-26 01:17:21 +00:00
|
|
|
char *shb_user_appl;
|
2018-02-09 00:19:12 +00:00
|
|
|
gboolean do_mutation;
|
|
|
|
|
guint32 caplen;
|
2017-02-04 15:26:34 +00:00
|
|
|
int ret = EXIT_SUCCESS;
|
2018-08-22 08:17:02 +00:00
|
|
|
gboolean valid_seed = FALSE;
|
|
|
|
|
unsigned int seed = 0;
|
2008-06-21 09:45:21 +00:00
|
|
|
|
2021-03-15 18:29:43 +00:00
|
|
|
cmdarg_err_init(editcap_cmdarg_err, editcap_cmdarg_err_cont);
|
2021-08-04 17:18:46 +00:00
|
|
|
memset(&read_rec, 0, sizeof *rec);
|
2016-09-05 23:39:25 +00:00
|
|
|
|
2021-06-24 20:20:25 +00:00
|
|
|
/* Initialize log handler early so we can have proper logging during startup. */
|
|
|
|
|
ws_log_init("editcap", vcmdarg_err);
|
|
|
|
|
|
2021-06-19 18:44:58 +00:00
|
|
|
/* Early logging command-line initialization. */
|
2023-02-06 22:16:37 +00:00
|
|
|
ws_log_parse_args(&argc, argv, vcmdarg_err, WS_EXIT_INVALID_OPTION);
|
2021-06-19 18:44:58 +00:00
|
|
|
|
2022-10-06 17:41:17 +00:00
|
|
|
ws_noisy("Finished log init and parsing command line log arguments");
|
|
|
|
|
|
2011-01-06 23:28:58 +00:00
|
|
|
#ifdef _WIN32
|
2013-09-09 06:26:42 +00:00
|
|
|
create_app_running_mutex();
|
2011-01-06 23:28:58 +00:00
|
|
|
#endif /* _WIN32 */
|
|
|
|
|
|
2018-12-13 02:16:15 +00:00
|
|
|
/* Initialize the version information. */
|
2022-02-24 13:27:08 +00:00
|
|
|
ws_init_version_info("Editcap", NULL, NULL);
|
2014-07-03 08:45:32 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Get credential information for later use.
|
|
|
|
|
*/
|
2013-09-09 06:26:42 +00:00
|
|
|
init_process_policies();
|
2016-12-04 21:42:07 +00:00
|
|
|
|
2016-12-05 04:25:51 +00:00
|
|
|
/*
|
|
|
|
|
* Attempt to get the pathname of the directory containing the
|
|
|
|
|
* executable file.
|
|
|
|
|
*/
|
2022-02-20 20:09:34 +00:00
|
|
|
configuration_init_error = configuration_init(argv[0], NULL);
|
|
|
|
|
if (configuration_init_error != NULL) {
|
2016-12-05 04:25:51 +00:00
|
|
|
fprintf(stderr,
|
|
|
|
|
"editcap: Can't get pathname of directory containing the editcap program: %s.\n",
|
2022-02-20 20:09:34 +00:00
|
|
|
configuration_init_error);
|
|
|
|
|
g_free(configuration_init_error);
|
2016-12-05 04:25:51 +00:00
|
|
|
}
|
|
|
|
|
|
2021-03-15 18:29:43 +00:00
|
|
|
init_report_message("editcap", &editcap_report_routines);
|
2013-12-02 08:30:29 +00:00
|
|
|
|
2018-01-09 08:55:37 +00:00
|
|
|
wtap_init(TRUE);
|
2007-11-09 20:05:44 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
/* Process the options */
|
2021-07-26 16:22:36 +00:00
|
|
|
while ((opt = ws_getopt_long(argc, argv, ":a:A:B:c:C:dD:E:F:hi:I:Lo:rs:S:t:T:vVw:", long_options, NULL)) != -1) {
|
2013-09-09 06:26:42 +00:00
|
|
|
switch (opt) {
|
2019-02-19 03:58:29 +00:00
|
|
|
case LONGOPT_NO_VLAN:
|
2016-01-19 13:04:10 +00:00
|
|
|
{
|
|
|
|
|
rem_vlan = TRUE;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-19 03:58:29 +00:00
|
|
|
case LONGOPT_SKIP_RADIOTAP_HEADER:
|
2018-07-24 18:43:31 +00:00
|
|
|
{
|
|
|
|
|
skip_radiotap = TRUE;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-19 03:58:29 +00:00
|
|
|
case LONGOPT_SEED:
|
2018-08-22 08:17:02 +00:00
|
|
|
{
|
2021-07-26 16:22:36 +00:00
|
|
|
if (sscanf(ws_optarg, "%u", &seed) != 1) {
|
2018-08-22 08:17:02 +00:00
|
|
|
fprintf(stderr, "editcap: \"%s\" isn't a valid seed\n\n",
|
2021-07-26 16:22:36 +00:00
|
|
|
ws_optarg);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2018-08-22 08:17:02 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
|
|
|
|
valid_seed = TRUE;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-19 03:58:29 +00:00
|
|
|
case LONGOPT_INJECT_SECRETS:
|
2018-11-17 21:43:14 +00:00
|
|
|
{
|
|
|
|
|
guint32 secrets_type_id = 0;
|
|
|
|
|
const char *secrets_filename = NULL;
|
2021-07-26 16:22:36 +00:00
|
|
|
if (strcmp("help", ws_optarg) == 0) {
|
2018-11-17 21:43:14 +00:00
|
|
|
list_secrets_types(stdout);
|
|
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
2021-07-26 16:22:36 +00:00
|
|
|
gchar **splitted = g_strsplit(ws_optarg, ",", 2);
|
2019-01-22 04:57:13 +00:00
|
|
|
if (splitted[0] && splitted[0][0] != '\0') {
|
2018-11-17 21:43:14 +00:00
|
|
|
secrets_type_id = lookup_secrets_type(splitted[0]);
|
2019-01-22 04:57:13 +00:00
|
|
|
if (secrets_type_id == 0) {
|
|
|
|
|
fprintf(stderr, "editcap: \"%s\" isn't a valid secrets type\n", splitted[0]);
|
|
|
|
|
g_strfreev(splitted);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2019-01-22 04:57:13 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
2018-11-17 21:43:14 +00:00
|
|
|
secrets_filename = splitted[1];
|
2019-01-22 04:57:13 +00:00
|
|
|
} else {
|
|
|
|
|
fprintf(stderr, "editcap: no secrets type was specified for --inject-secrets\n");
|
2018-11-17 21:43:14 +00:00
|
|
|
g_strfreev(splitted);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2018-11-17 21:43:14 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
|
|
|
|
if (!dsb_filenames) {
|
|
|
|
|
dsb_types = g_array_new(FALSE, FALSE, sizeof(guint32));
|
|
|
|
|
dsb_filenames = g_ptr_array_new_with_free_func(g_free);
|
|
|
|
|
}
|
|
|
|
|
g_array_append_val(dsb_types, secrets_type_id);
|
|
|
|
|
g_ptr_array_add(dsb_filenames, g_strdup(secrets_filename));
|
|
|
|
|
g_strfreev(splitted);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-19 09:01:48 +00:00
|
|
|
case LONGOPT_DISCARD_ALL_SECRETS:
|
|
|
|
|
{
|
2019-05-11 03:59:53 +00:00
|
|
|
discard_all_secrets = TRUE;
|
2019-02-19 09:01:48 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2020-08-06 13:30:38 +00:00
|
|
|
case LONGOPT_CAPTURE_COMMENT:
|
|
|
|
|
{
|
2022-08-02 23:38:49 +00:00
|
|
|
/*
|
|
|
|
|
* Make sure this would fit in a pcapng option.
|
|
|
|
|
*
|
|
|
|
|
* XXX - 65535 is the maximum size for an option in pcapng;
|
|
|
|
|
* what if another capture file format supports larger
|
|
|
|
|
* comments?
|
|
|
|
|
*/
|
|
|
|
|
if (strlen(ws_optarg) > 65535) {
|
|
|
|
|
/* It doesn't fit. Tell the user and give up. */
|
|
|
|
|
cmdarg_err("Capture comment %u is too large to save in a capture file.",
|
|
|
|
|
capture_comments->len + 1);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2022-08-02 23:38:49 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
|
|
|
|
|
2020-08-06 13:30:38 +00:00
|
|
|
/* pcapng supports multiple comments, so support them here too.
|
|
|
|
|
*/
|
|
|
|
|
if (!capture_comments) {
|
|
|
|
|
capture_comments = g_ptr_array_new_with_free_func(g_free);
|
|
|
|
|
}
|
2021-07-26 16:22:36 +00:00
|
|
|
g_ptr_array_add(capture_comments, g_strdup(ws_optarg));
|
2020-08-06 13:30:38 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
case LONGOPT_DISCARD_CAPTURE_COMMENT:
|
|
|
|
|
{
|
|
|
|
|
discard_cap_comments = TRUE;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2021-11-02 15:04:46 +00:00
|
|
|
case LONGOPT_SET_UNUSED:
|
|
|
|
|
{
|
|
|
|
|
set_unused = TRUE;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-25 22:36:54 +00:00
|
|
|
case 'a':
|
|
|
|
|
{
|
|
|
|
|
guint frame_number;
|
|
|
|
|
gint string_start_index = 0;
|
|
|
|
|
|
2021-07-26 16:22:36 +00:00
|
|
|
if ((sscanf(ws_optarg, "%u:%n", &frame_number, &string_start_index) < 1) || (string_start_index == 0)) {
|
2015-06-25 22:36:54 +00:00
|
|
|
fprintf(stderr, "editcap: \"%s\" isn't a valid <frame>:<comment>\n\n",
|
2021-07-26 16:22:36 +00:00
|
|
|
ws_optarg);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
2015-06-25 22:36:54 +00:00
|
|
|
}
|
|
|
|
|
|
2022-08-02 23:38:49 +00:00
|
|
|
/*
|
|
|
|
|
* Make sure this would fit in a pcapng option.
|
|
|
|
|
*
|
|
|
|
|
* XXX - 65535 is the maximum size for an option in pcapng;
|
|
|
|
|
* what if another capture file format supports larger
|
|
|
|
|
* comments?
|
|
|
|
|
*/
|
|
|
|
|
if (strlen(ws_optarg+string_start_index) > 65535) {
|
|
|
|
|
/* It doesn't fit. Tell the user and give up. */
|
|
|
|
|
cmdarg_err("A comment for frame %u is too large to save in a capture file.",
|
|
|
|
|
frame_number);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2022-08-02 23:38:49 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-25 22:36:54 +00:00
|
|
|
/* Lazily create the table */
|
|
|
|
|
if (!frames_user_comments) {
|
2016-01-14 04:37:53 +00:00
|
|
|
frames_user_comments = g_tree_new_full(framenum_compare, NULL, NULL, g_free);
|
2015-06-25 22:36:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Insert this entry (framenum -> comment) */
|
2021-07-26 16:22:36 +00:00
|
|
|
g_tree_replace(frames_user_comments, GUINT_TO_POINTER(frame_number), g_strdup(ws_optarg+string_start_index));
|
2015-06-25 22:36:54 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'A':
|
2020-08-05 17:20:07 +00:00
|
|
|
case 'B':
|
2013-09-09 06:26:42 +00:00
|
|
|
{
|
2021-01-08 09:18:39 +00:00
|
|
|
nstime_t in_time;
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2021-01-08 09:18:39 +00:00
|
|
|
check_startstop = TRUE;
|
2021-11-30 06:04:07 +00:00
|
|
|
if ((0 < iso8601_to_nstime(&in_time, ws_optarg, ISO8601_DATETIME)) || (0 < unix_epoch_to_nstime(&in_time, ws_optarg))) {
|
2021-01-08 09:18:39 +00:00
|
|
|
if (opt == 'A') {
|
|
|
|
|
nstime_copy(&starttime, &in_time);
|
|
|
|
|
have_starttime = TRUE;
|
|
|
|
|
} else {
|
|
|
|
|
nstime_copy(&stoptime, &in_time);
|
|
|
|
|
have_stoptime = TRUE;
|
2020-08-06 09:10:04 +00:00
|
|
|
}
|
2021-01-08 09:18:39 +00:00
|
|
|
break;
|
2020-08-05 17:20:07 +00:00
|
|
|
}
|
2021-01-08 09:18:39 +00:00
|
|
|
else {
|
|
|
|
|
fprintf(stderr, "editcap: \"%s\" isn't a valid date and time\n\n",
|
2021-07-26 16:22:36 +00:00
|
|
|
ws_optarg);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2021-01-08 09:18:39 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2013-07-10 20:02:45 +00:00
|
|
|
}
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'c':
|
2021-07-26 16:22:36 +00:00
|
|
|
split_packet_count = get_nonzero_guint32(ws_optarg, "packet count");
|
2013-09-09 06:26:42 +00:00
|
|
|
break;
|
2006-07-27 17:53:29 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'C':
|
|
|
|
|
{
|
|
|
|
|
int choplen = 0, chopoff = 0;
|
2013-09-09 19:46:02 +00:00
|
|
|
|
2021-07-26 16:22:36 +00:00
|
|
|
switch (sscanf(ws_optarg, "%d:%d", &chopoff, &choplen)) {
|
2013-09-09 06:26:42 +00:00
|
|
|
case 1: /* only the chop length was specififed */
|
|
|
|
|
choplen = chopoff;
|
|
|
|
|
chopoff = 0;
|
|
|
|
|
break;
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 2: /* both an offset and chop length was specified */
|
|
|
|
|
break;
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
default:
|
|
|
|
|
fprintf(stderr, "editcap: \"%s\" isn't a valid chop length or offset:length\n",
|
2021-07-26 16:22:36 +00:00
|
|
|
ws_optarg);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
break;
|
|
|
|
|
}
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
if (choplen > 0) {
|
2013-09-09 19:39:45 +00:00
|
|
|
chop.len_begin += choplen;
|
2013-09-09 06:26:42 +00:00
|
|
|
if (chopoff > 0)
|
2013-09-09 19:39:45 +00:00
|
|
|
chop.off_begin_pos += chopoff;
|
2013-09-09 06:26:42 +00:00
|
|
|
else
|
2013-09-09 19:39:45 +00:00
|
|
|
chop.off_begin_neg += chopoff;
|
2013-09-09 06:26:42 +00:00
|
|
|
} else if (choplen < 0) {
|
2013-09-09 19:39:45 +00:00
|
|
|
chop.len_end += choplen;
|
2013-09-09 06:26:42 +00:00
|
|
|
if (chopoff > 0)
|
2013-09-09 19:39:45 +00:00
|
|
|
chop.off_end_pos += chopoff;
|
2013-09-09 06:26:42 +00:00
|
|
|
else
|
2013-09-09 19:39:45 +00:00
|
|
|
chop.off_end_neg += chopoff;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
}
|
2007-09-30 22:13:38 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'd':
|
|
|
|
|
dup_detect = TRUE;
|
|
|
|
|
dup_detect_by_time = FALSE;
|
|
|
|
|
dup_window = DEFAULT_DUP_DEPTH;
|
|
|
|
|
break;
|
2006-07-27 17:53:29 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'D':
|
|
|
|
|
dup_detect = TRUE;
|
|
|
|
|
dup_detect_by_time = FALSE;
|
2021-07-26 16:22:36 +00:00
|
|
|
dup_window = get_guint32(ws_optarg, "duplicate window");
|
2016-09-08 18:26:45 +00:00
|
|
|
if (dup_window > MAX_DUP_DEPTH) {
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(stderr, "editcap: \"%d\" duplicate window value must be between 0 and %d inclusive.\n",
|
|
|
|
|
dup_window, MAX_DUP_DEPTH);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
break;
|
2009-05-23 07:59:23 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'E':
|
2021-07-26 16:22:36 +00:00
|
|
|
err_prob = g_ascii_strtod(ws_optarg, &p);
|
|
|
|
|
if (p == ws_optarg || err_prob < 0.0 || err_prob > 1.0) {
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(stderr, "editcap: probability \"%s\" must be between 0.0 and 1.0\n",
|
2021-07-26 16:22:36 +00:00
|
|
|
ws_optarg);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
break;
|
2006-07-27 17:53:29 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'F':
|
2021-07-26 16:22:36 +00:00
|
|
|
out_file_type_subtype = wtap_name_to_file_type_subtype(ws_optarg);
|
2013-11-08 09:53:01 +00:00
|
|
|
if (out_file_type_subtype < 0) {
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(stderr, "editcap: \"%s\" isn't a valid capture file type\n\n",
|
2021-07-26 16:22:36 +00:00
|
|
|
ws_optarg);
|
2017-09-25 23:18:21 +00:00
|
|
|
list_capture_types(stderr);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
break;
|
2008-06-21 09:45:21 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'h':
|
2018-12-13 02:16:15 +00:00
|
|
|
show_help_header("Edit and/or translate the format of capture files.");
|
2014-07-03 08:45:32 +00:00
|
|
|
print_usage(stdout);
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
break;
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'i': /* break capture file based on time interval */
|
2019-07-14 16:51:40 +00:00
|
|
|
{
|
2021-07-26 16:22:36 +00:00
|
|
|
double spb = get_positive_double(ws_optarg, "time interval");
|
2019-07-14 16:51:40 +00:00
|
|
|
if (spb == 0.0) {
|
|
|
|
|
cmdarg_err("The specified interval is zero");
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2019-07-14 16:51:40 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
double spb_int, spb_frac;
|
|
|
|
|
spb_frac = modf(spb, &spb_int);
|
|
|
|
|
secs_per_block.secs = (time_t) spb_int;
|
|
|
|
|
secs_per_block.nsecs = (int) (NANOSECS_PER_SEC * spb_frac);
|
|
|
|
|
}
|
2013-09-09 06:26:42 +00:00
|
|
|
break;
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
|
2014-09-14 01:01:05 +00:00
|
|
|
case 'I': /* ignored_bytes at the beginning of the frame for duplications removal */
|
2021-07-26 16:22:36 +00:00
|
|
|
ignored_bytes = get_guint32(ws_optarg, "number of bytes to ignore");
|
2014-09-14 01:01:05 +00:00
|
|
|
break;
|
|
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'L':
|
|
|
|
|
adjlen = TRUE;
|
|
|
|
|
break;
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2015-08-11 21:58:54 +00:00
|
|
|
case 'o':
|
2021-07-26 16:22:36 +00:00
|
|
|
change_offset = get_guint32(ws_optarg, "change offset");
|
2015-08-11 21:58:54 +00:00
|
|
|
break;
|
|
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'r':
|
2020-12-24 01:55:20 +00:00
|
|
|
if (keep_em) {
|
|
|
|
|
cmdarg_err("-r was specified twice");
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2020-12-24 01:55:20 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
2020-12-23 23:49:07 +00:00
|
|
|
keep_em = TRUE;
|
2013-09-09 06:26:42 +00:00
|
|
|
break;
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 's':
|
2021-07-26 16:22:36 +00:00
|
|
|
snaplen = get_nonzero_guint32(ws_optarg, "snapshot length");
|
2013-09-09 06:26:42 +00:00
|
|
|
break;
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'S':
|
2021-07-26 16:22:36 +00:00
|
|
|
if (!set_strict_time_adj(ws_optarg)) {
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
2013-09-09 06:26:42 +00:00
|
|
|
do_strict_time_adjustment = TRUE;
|
|
|
|
|
break;
|
2012-03-03 00:14:16 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 't':
|
2021-07-26 16:22:36 +00:00
|
|
|
if (!set_time_adjustment(ws_optarg)) {
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
2013-09-09 06:26:42 +00:00
|
|
|
break;
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'T':
|
2021-07-26 16:22:36 +00:00
|
|
|
out_frame_type = wtap_name_to_encap(ws_optarg);
|
2013-09-09 06:26:42 +00:00
|
|
|
if (out_frame_type < 0) {
|
|
|
|
|
fprintf(stderr, "editcap: \"%s\" isn't a valid encapsulation type\n\n",
|
2021-07-26 16:22:36 +00:00
|
|
|
ws_optarg);
|
2017-09-25 23:18:21 +00:00
|
|
|
list_encap_types(stderr);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
break;
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2022-06-15 02:05:10 +00:00
|
|
|
case 'V':
|
2020-12-24 01:55:20 +00:00
|
|
|
if (verbose) {
|
2022-06-15 02:05:10 +00:00
|
|
|
cmdarg_err("-V was specified twice");
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2020-12-24 01:55:20 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
|
|
|
|
verbose = TRUE;
|
2013-09-09 06:26:42 +00:00
|
|
|
break;
|
1999-12-04 12:53:52 +00:00
|
|
|
|
2022-06-15 02:05:10 +00:00
|
|
|
case 'v':
|
2018-12-13 02:16:15 +00:00
|
|
|
show_version();
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
2014-06-20 18:48:27 +00:00
|
|
|
break;
|
|
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case 'w':
|
|
|
|
|
dup_detect = FALSE;
|
|
|
|
|
dup_detect_by_time = TRUE;
|
|
|
|
|
dup_window = MAX_DUP_DEPTH;
|
2021-07-26 16:22:36 +00:00
|
|
|
if (!set_rel_time(ws_optarg)) {
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
2013-09-09 06:26:42 +00:00
|
|
|
break;
|
1999-12-12 21:04:29 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
case '?': /* Bad options if GNU getopt */
|
2017-11-13 23:43:10 +00:00
|
|
|
case ':': /* missing option argument */
|
2021-07-26 16:22:36 +00:00
|
|
|
switch(ws_optopt) {
|
2013-09-09 06:26:42 +00:00
|
|
|
case'F':
|
2017-09-25 23:18:21 +00:00
|
|
|
list_capture_types(stdout);
|
2013-09-09 06:26:42 +00:00
|
|
|
break;
|
|
|
|
|
case'T':
|
2017-09-25 23:18:21 +00:00
|
|
|
list_encap_types(stdout);
|
2013-09-09 06:26:42 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2017-11-13 23:43:10 +00:00
|
|
|
if (opt == '?') {
|
2021-07-26 16:22:36 +00:00
|
|
|
fprintf(stderr, "editcap: invalid option -- '%c'\n", ws_optopt);
|
2017-11-13 23:43:10 +00:00
|
|
|
} else {
|
2021-07-26 16:22:36 +00:00
|
|
|
fprintf(stderr, "editcap: option requires an argument -- '%c'\n", ws_optopt);
|
2017-11-13 23:43:10 +00:00
|
|
|
}
|
2014-07-03 08:45:32 +00:00
|
|
|
print_usage(stderr);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2013-09-09 06:26:42 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2015-06-25 22:36:54 +00:00
|
|
|
} /* processing commmand-line options */
|
2009-04-17 15:21:46 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
#ifdef DEBUG
|
2021-07-26 16:22:36 +00:00
|
|
|
fprintf(stderr, "Optind = %i, argc = %i\n", ws_optind, argc);
|
2013-09-09 06:26:42 +00:00
|
|
|
#endif
|
2005-04-03 11:00:49 +00:00
|
|
|
|
2021-07-26 16:22:36 +00:00
|
|
|
if ((argc - ws_optind) < 2) {
|
2014-07-03 08:45:32 +00:00
|
|
|
print_usage(stderr);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
2021-02-23 09:18:31 +00:00
|
|
|
}
|
2018-08-22 08:17:02 +00:00
|
|
|
|
2021-02-23 09:18:31 +00:00
|
|
|
if (out_file_type_subtype == WTAP_FILE_TYPE_SUBTYPE_UNKNOWN) {
|
|
|
|
|
/* default to pcapng */
|
|
|
|
|
out_file_type_subtype = wtap_pcapng_file_type_subtype();
|
2018-08-22 08:17:02 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (err_prob >= 0.0) {
|
|
|
|
|
if (!valid_seed) {
|
|
|
|
|
seed = (unsigned int) (time(NULL) + ws_getpid());
|
|
|
|
|
}
|
|
|
|
|
if (verbose) {
|
|
|
|
|
fprintf(stderr, "Using seed %u\n", seed);
|
|
|
|
|
}
|
|
|
|
|
srand(seed);
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2008-06-21 09:45:21 +00:00
|
|
|
|
2020-08-06 10:09:15 +00:00
|
|
|
if (have_starttime && have_stoptime &&
|
2020-08-06 09:37:14 +00:00
|
|
|
nstime_cmp(&starttime, &stoptime) > 0) {
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(stderr, "editcap: start time is after the stop time\n");
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2009-05-23 07:59:23 +00:00
|
|
|
|
2019-07-14 16:51:40 +00:00
|
|
|
if (split_packet_count != 0 && !nstime_is_unset(&secs_per_block)) {
|
2013-09-09 06:26:42 +00:00
|
|
|
fprintf(stderr, "editcap: can't split on both packet count and time interval\n");
|
|
|
|
|
fprintf(stderr, "editcap: at the same time\n");
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2009-05-23 07:59:23 +00:00
|
|
|
|
2021-07-26 16:22:36 +00:00
|
|
|
wth = wtap_open_offline(argv[ws_optind], WTAP_TYPE_AUTO, &read_err, &read_err_info, FALSE);
|
2008-06-21 09:45:21 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
if (!wth) {
|
2021-07-26 16:22:36 +00:00
|
|
|
cfile_open_failure_message(argv[ws_optind], read_err, read_err_info);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_FILE;
|
2017-02-04 15:26:34 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2008-06-21 09:45:21 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
if (verbose) {
|
2021-07-26 16:22:36 +00:00
|
|
|
fprintf(stderr, "File %s is a %s capture file.\n", argv[ws_optind],
|
2021-02-13 08:03:51 +00:00
|
|
|
wtap_file_type_subtype_description(wtap_file_type_subtype(wth)));
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2005-12-16 16:37:03 +00:00
|
|
|
|
2020-10-15 04:22:53 +00:00
|
|
|
if (skip_radiotap) {
|
|
|
|
|
if (ignored_bytes != 0) {
|
|
|
|
|
fprintf(stderr, "editcap: can't skip radiotap headers and %d byte(s)\n", ignored_bytes);
|
|
|
|
|
fprintf(stderr, "editcap: at the start of packet at the same time\n");
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2020-10-15 04:22:53 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
2018-07-24 18:43:31 +00:00
|
|
|
|
2020-10-15 04:22:53 +00:00
|
|
|
if (wtap_file_encap(wth) != WTAP_ENCAP_IEEE_802_11_RADIOTAP) {
|
|
|
|
|
fprintf(stderr, "editcap: can't skip radiotap header because input file has non-radiotap packets\n");
|
|
|
|
|
if (wtap_file_encap(wth) == WTAP_ENCAP_PER_PACKET) {
|
|
|
|
|
fprintf(stderr, "editcap: expected '%s', not all packets are necessarily that type\n",
|
|
|
|
|
wtap_encap_description(WTAP_ENCAP_IEEE_802_11_RADIOTAP));
|
|
|
|
|
} else {
|
|
|
|
|
fprintf(stderr, "editcap: expected '%s', packets are '%s'\n",
|
|
|
|
|
wtap_encap_description(WTAP_ENCAP_IEEE_802_11_RADIOTAP),
|
|
|
|
|
wtap_encap_description(wtap_file_encap(wth)));
|
|
|
|
|
}
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2020-10-15 04:22:53 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
2018-07-24 18:43:31 +00:00
|
|
|
}
|
|
|
|
|
|
editcap, tshark: process IDBs in the middle of input files.
Instead of grabbing the set of IDBs found at open time, have a loop
using wtap_get_next_interface_description() to read all unread IDBs run
after opening the input file, after reading a packet from the input
file, and after getting an EOF on the input file.
Add a routine wtap_uses_interface_ids() to check whether the file type
and subtype for a dump file uses interface IDs and requires IDBs. If
so, in the aforementioned loop, add the IDBs to the dump stream.
Add a routine wtap_dump_add_idb() to add IDBs to a dump stream. Have it
call a file-format-specific routine to add the IDBs; the only file type
that supports it is pcapng, and it 1) writes out the IDB and 2) adds it
to the set of IDBs for the stream.
Add a wtap_dump_params_init_no_idbs() routine that prevents the IDBs
from the input file from being used to initialize the output file; use
it in cases where we're using the aforementioned loop to copy over IDBs.
Don't require any IDBs to be present when opening a pcapng file for
writing; 1) the simplest pcapng file has just an SHB in it, 2) that
requirement causes dumps that don't provide IDBs at open time to fail,
and 3) the real issue is that we don't want packets with an interface ID
not corresponding to a known IDB, and we already have a check for that.
(There are some hacks here; eventually, when everything processes the
IDBs in such a loop, we may be able to get rid of the "two favors of
dump parameter initialization" hack.)
Fixes #15844.
Addresses the same issue in #15502, but there are other issues there
that also need to be addressed.
In addition, the merge code also needs to be changed to handle this.
2020-10-22 08:10:57 +00:00
|
|
|
wtap_dump_params_init_no_idbs(¶ms, wth);
|
2005-12-16 16:37:03 +00:00
|
|
|
|
2019-02-19 09:01:48 +00:00
|
|
|
/*
|
|
|
|
|
* Discard any secrets we read in while opening the file.
|
|
|
|
|
*/
|
2019-05-11 03:59:53 +00:00
|
|
|
if (discard_all_secrets) {
|
2019-02-19 09:01:48 +00:00
|
|
|
wtap_dump_params_discard_decryption_secrets(¶ms);
|
|
|
|
|
}
|
|
|
|
|
|
2020-08-06 13:30:38 +00:00
|
|
|
/*
|
|
|
|
|
* Discard capture file comments.
|
|
|
|
|
*/
|
|
|
|
|
if (discard_cap_comments) {
|
|
|
|
|
for (guint b = 0; b < params.shb_hdrs->len; b++) {
|
|
|
|
|
wtap_block_t shb = g_array_index(params.shb_hdrs, wtap_block_t, b);
|
|
|
|
|
while (WTAP_OPTTYPE_SUCCESS == wtap_block_remove_nth_option_instance(shb, OPT_COMMENT, 0)) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Add new capture file comments.
|
|
|
|
|
*/
|
|
|
|
|
if (capture_comments != NULL) {
|
|
|
|
|
for (guint b = 0; b < params.shb_hdrs->len; b++) {
|
|
|
|
|
wtap_block_t shb = g_array_index(params.shb_hdrs, wtap_block_t, b);
|
|
|
|
|
for (guint c = 0; c < capture_comments->len; c++) {
|
|
|
|
|
char *comment = (char *)g_ptr_array_index(capture_comments, c);
|
|
|
|
|
wtap_block_add_string_option(shb, OPT_COMMENT, comment, strlen(comment));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-11-17 21:43:14 +00:00
|
|
|
if (dsb_filenames) {
|
|
|
|
|
for (guint k = 0; k < dsb_filenames->len; k++) {
|
|
|
|
|
guint32 secrets_type_id = g_array_index(dsb_types, guint32, k);
|
|
|
|
|
const char *secrets_filename = (const char *)g_ptr_array_index(dsb_filenames, k);
|
|
|
|
|
char *data;
|
|
|
|
|
gsize data_len;
|
|
|
|
|
wtap_block_t block;
|
|
|
|
|
wtapng_dsb_mandatory_t *dsb;
|
|
|
|
|
GError *err = NULL;
|
|
|
|
|
|
|
|
|
|
if (!g_file_get_contents(secrets_filename, &data, &data_len, &err)) {
|
|
|
|
|
fprintf(stderr, "editcap: \"%s\" could not be read: %s\n", secrets_filename, err->message);
|
|
|
|
|
g_clear_error(&err);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_OPTION;
|
2018-11-17 21:43:14 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
|
|
|
|
if (data_len == 0) {
|
|
|
|
|
fprintf(stderr, "editcap: \"%s\" is an empty file, ignoring\n", secrets_filename);
|
|
|
|
|
g_free(data);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (data_len >= G_MAXINT) {
|
|
|
|
|
fprintf(stderr, "editcap: \"%s\" is too large, ignoring\n", secrets_filename);
|
|
|
|
|
g_free(data);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-05 12:40:23 +00:00
|
|
|
/* Warn for badly formatted files, but proceed anyway. */
|
|
|
|
|
validate_secrets_file(secrets_filename, secrets_type_id, data);
|
|
|
|
|
|
2021-02-09 21:40:59 +00:00
|
|
|
block = wtap_block_create(WTAP_BLOCK_DECRYPTION_SECRETS);
|
2018-11-17 21:43:14 +00:00
|
|
|
dsb = (wtapng_dsb_mandatory_t *)wtap_block_get_mandatory_data(block);
|
|
|
|
|
dsb->secrets_type = secrets_type_id;
|
|
|
|
|
dsb->secrets_len = (guint)data_len;
|
|
|
|
|
dsb->secrets_data = data;
|
|
|
|
|
if (params.dsbs_initial == NULL) {
|
|
|
|
|
params.dsbs_initial = g_array_new(FALSE, FALSE, sizeof(wtap_block_t));
|
|
|
|
|
}
|
|
|
|
|
g_array_append_val(params.dsbs_initial, block);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-11-14 00:10:53 +00:00
|
|
|
/*
|
|
|
|
|
* If an encapsulation type was specified, override the encapsulation
|
|
|
|
|
* type of the input file.
|
|
|
|
|
*/
|
|
|
|
|
if (out_frame_type != -2)
|
|
|
|
|
params.encap = out_frame_type;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If a snapshot length was specified, and it's less than the snapshot
|
|
|
|
|
* length of the input file, override the snapshot length of the input
|
|
|
|
|
* file.
|
|
|
|
|
*/
|
|
|
|
|
if (snaplen != 0 && snaplen < wtap_snapshot_length(wth))
|
|
|
|
|
params.snaplen = snaplen;
|
2018-11-13 23:05:33 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
/*
|
2018-11-13 23:05:33 +00:00
|
|
|
* Now process the arguments following the input and output file
|
|
|
|
|
* names, if any; they specify packets to include/exclude.
|
2013-09-09 06:26:42 +00:00
|
|
|
*/
|
2021-07-26 16:22:36 +00:00
|
|
|
for (i = ws_optind + 2; i < argc; i++)
|
2018-11-13 23:05:33 +00:00
|
|
|
if (add_selection(argv[i], &max_packet_number) == FALSE)
|
|
|
|
|
break;
|
2006-07-27 17:53:29 +00:00
|
|
|
|
2020-12-23 23:49:07 +00:00
|
|
|
if (!keep_em)
|
2018-11-13 23:05:33 +00:00
|
|
|
max_packet_number = G_MAXUINT;
|
2016-01-14 14:52:27 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (dup_detect || dup_detect_by_time) {
|
|
|
|
|
for (i = 0; i < dup_window; i++) {
|
|
|
|
|
memset(&fd_hash[i].digest, 0, 16);
|
|
|
|
|
fd_hash[i].len = 0;
|
|
|
|
|
nstime_set_unset(&fd_hash[i].frame_time);
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
}
|
2007-11-09 20:05:44 +00:00
|
|
|
|
2020-12-05 21:22:49 +00:00
|
|
|
/* Set up an array of all IDBs seen */
|
|
|
|
|
idbs_seen = g_array_new(FALSE, FALSE, sizeof(wtap_block_t));
|
|
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
/* Read all of the packets in turn */
|
2019-04-05 01:56:27 +00:00
|
|
|
wtap_rec_init(&read_rec);
|
2019-04-06 21:02:49 +00:00
|
|
|
ws_buffer_init(&read_buf, 1514);
|
2019-04-05 01:56:27 +00:00
|
|
|
while (wtap_read(wth, &read_rec, &read_buf, &read_err, &read_err_info, &data_offset)) {
|
editcap, tshark: process IDBs in the middle of input files.
Instead of grabbing the set of IDBs found at open time, have a loop
using wtap_get_next_interface_description() to read all unread IDBs run
after opening the input file, after reading a packet from the input
file, and after getting an EOF on the input file.
Add a routine wtap_uses_interface_ids() to check whether the file type
and subtype for a dump file uses interface IDs and requires IDBs. If
so, in the aforementioned loop, add the IDBs to the dump stream.
Add a routine wtap_dump_add_idb() to add IDBs to a dump stream. Have it
call a file-format-specific routine to add the IDBs; the only file type
that supports it is pcapng, and it 1) writes out the IDB and 2) adds it
to the set of IDBs for the stream.
Add a wtap_dump_params_init_no_idbs() routine that prevents the IDBs
from the input file from being used to initialize the output file; use
it in cases where we're using the aforementioned loop to copy over IDBs.
Don't require any IDBs to be present when opening a pcapng file for
writing; 1) the simplest pcapng file has just an SHB in it, 2) that
requirement causes dumps that don't provide IDBs at open time to fail,
and 3) the real issue is that we don't want packets with an interface ID
not corresponding to a known IDB, and we already have a check for that.
(There are some hacks here; eventually, when everything processes the
IDBs in such a loop, we may be able to get rid of the "two favors of
dump parameter initialization" hack.)
Fixes #15844.
Addresses the same issue in #15502, but there are other issues there
that also need to be addressed.
In addition, the merge code also needs to be changed to handle this.
2020-10-22 08:10:57 +00:00
|
|
|
/*
|
|
|
|
|
* XXX - what about non-packet records in the file after this?
|
2023-02-02 02:14:10 +00:00
|
|
|
* NRBs, DSBs, and ISBs are now written when wtap_dump_close() calls
|
|
|
|
|
* pcapng_dump_finish(), and we handle IDBs below, but what about
|
|
|
|
|
* custom blocks?
|
editcap, tshark: process IDBs in the middle of input files.
Instead of grabbing the set of IDBs found at open time, have a loop
using wtap_get_next_interface_description() to read all unread IDBs run
after opening the input file, after reading a packet from the input
file, and after getting an EOF on the input file.
Add a routine wtap_uses_interface_ids() to check whether the file type
and subtype for a dump file uses interface IDs and requires IDBs. If
so, in the aforementioned loop, add the IDBs to the dump stream.
Add a routine wtap_dump_add_idb() to add IDBs to a dump stream. Have it
call a file-format-specific routine to add the IDBs; the only file type
that supports it is pcapng, and it 1) writes out the IDB and 2) adds it
to the set of IDBs for the stream.
Add a wtap_dump_params_init_no_idbs() routine that prevents the IDBs
from the input file from being used to initialize the output file; use
it in cases where we're using the aforementioned loop to copy over IDBs.
Don't require any IDBs to be present when opening a pcapng file for
writing; 1) the simplest pcapng file has just an SHB in it, 2) that
requirement causes dumps that don't provide IDBs at open time to fail,
and 3) the real issue is that we don't want packets with an interface ID
not corresponding to a known IDB, and we already have a check for that.
(There are some hacks here; eventually, when everything processes the
IDBs in such a loop, we may be able to get rid of the "two favors of
dump parameter initialization" hack.)
Fixes #15844.
Addresses the same issue in #15502, but there are other issues there
that also need to be addressed.
In addition, the merge code also needs to be changed to handle this.
2020-10-22 08:10:57 +00:00
|
|
|
*/
|
2018-11-13 23:05:33 +00:00
|
|
|
if (max_packet_number <= read_count)
|
|
|
|
|
break;
|
2011-02-04 21:09:55 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
read_count++;
|
2014-05-23 21:03:42 +00:00
|
|
|
|
2019-04-05 01:56:27 +00:00
|
|
|
rec = &read_rec;
|
2013-09-09 06:26:42 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
/* Extra actions for the first packet */
|
|
|
|
|
if (read_count == 1) {
|
2019-07-14 16:51:40 +00:00
|
|
|
if (split_packet_count != 0 || !nstime_is_unset(&secs_per_block)) {
|
2021-07-26 16:22:36 +00:00
|
|
|
if (!fileset_extract_prefix_suffix(argv[ws_optind+1], &fprefix, &fsuffix)) {
|
2018-11-13 23:05:33 +00:00
|
|
|
ret = CANT_EXTRACT_PREFIX;
|
|
|
|
|
goto clean_exit;
|
2014-05-23 10:50:02 +00:00
|
|
|
}
|
|
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
filename = fileset_get_filename_by_pattern(block_cnt++, rec, fprefix, fsuffix);
|
|
|
|
|
} else {
|
2021-07-26 16:22:36 +00:00
|
|
|
filename = g_strdup(argv[ws_optind+1]);
|
2018-11-13 23:05:33 +00:00
|
|
|
}
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert(filename);
|
2013-09-09 06:26:42 +00:00
|
|
|
|
2018-12-12 03:09:32 +00:00
|
|
|
/* If we don't have an application name add one */
|
2018-11-14 00:10:53 +00:00
|
|
|
if (wtap_block_get_string_option_value(g_array_index(params.shb_hdrs, wtap_block_t, 0), OPT_SHB_USERAPPL, &shb_user_appl) != WTAP_OPTTYPE_SUCCESS) {
|
2018-12-13 02:16:15 +00:00
|
|
|
wtap_block_add_string_option_format(g_array_index(params.shb_hdrs, wtap_block_t, 0), OPT_SHB_USERAPPL, "%s", get_appname_and_version());
|
2018-11-13 23:05:33 +00:00
|
|
|
}
|
2014-05-23 10:50:02 +00:00
|
|
|
|
2020-12-05 21:22:49 +00:00
|
|
|
pdh = editcap_dump_open(filename, ¶ms, idbs_seen, &write_err,
|
2020-10-14 01:48:46 +00:00
|
|
|
&write_err_info);
|
2015-06-25 22:36:54 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (pdh == NULL) {
|
2021-03-15 18:29:43 +00:00
|
|
|
cfile_dump_open_failure_message(filename,
|
2020-10-14 01:48:46 +00:00
|
|
|
write_err, write_err_info,
|
2018-11-13 23:05:33 +00:00
|
|
|
out_file_type_subtype);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_FILE;
|
2018-11-13 23:05:33 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
|
|
|
|
} /* first packet only handling */
|
2014-05-23 10:50:02 +00:00
|
|
|
|
editcap, tshark: process IDBs in the middle of input files.
Instead of grabbing the set of IDBs found at open time, have a loop
using wtap_get_next_interface_description() to read all unread IDBs run
after opening the input file, after reading a packet from the input
file, and after getting an EOF on the input file.
Add a routine wtap_uses_interface_ids() to check whether the file type
and subtype for a dump file uses interface IDs and requires IDBs. If
so, in the aforementioned loop, add the IDBs to the dump stream.
Add a routine wtap_dump_add_idb() to add IDBs to a dump stream. Have it
call a file-format-specific routine to add the IDBs; the only file type
that supports it is pcapng, and it 1) writes out the IDB and 2) adds it
to the set of IDBs for the stream.
Add a wtap_dump_params_init_no_idbs() routine that prevents the IDBs
from the input file from being used to initialize the output file; use
it in cases where we're using the aforementioned loop to copy over IDBs.
Don't require any IDBs to be present when opening a pcapng file for
writing; 1) the simplest pcapng file has just an SHB in it, 2) that
requirement causes dumps that don't provide IDBs at open time to fail,
and 3) the real issue is that we don't want packets with an interface ID
not corresponding to a known IDB, and we already have a check for that.
(There are some hacks here; eventually, when everything processes the
IDBs in such a loop, we may be able to get rid of the "two favors of
dump parameter initialization" hack.)
Fixes #15844.
Addresses the same issue in #15502, but there are other issues there
that also need to be addressed.
In addition, the merge code also needs to be changed to handle this.
2020-10-22 08:10:57 +00:00
|
|
|
/*
|
|
|
|
|
* Process whatever IDBs we haven't seen yet.
|
|
|
|
|
*/
|
2020-12-05 21:22:49 +00:00
|
|
|
if (!process_new_idbs(wth, pdh, idbs_seen, &write_err, &write_err_info)) {
|
2021-07-26 16:22:36 +00:00
|
|
|
cfile_write_failure_message(argv[ws_optind], filename,
|
editcap, tshark: process IDBs in the middle of input files.
Instead of grabbing the set of IDBs found at open time, have a loop
using wtap_get_next_interface_description() to read all unread IDBs run
after opening the input file, after reading a packet from the input
file, and after getting an EOF on the input file.
Add a routine wtap_uses_interface_ids() to check whether the file type
and subtype for a dump file uses interface IDs and requires IDBs. If
so, in the aforementioned loop, add the IDBs to the dump stream.
Add a routine wtap_dump_add_idb() to add IDBs to a dump stream. Have it
call a file-format-specific routine to add the IDBs; the only file type
that supports it is pcapng, and it 1) writes out the IDB and 2) adds it
to the set of IDBs for the stream.
Add a wtap_dump_params_init_no_idbs() routine that prevents the IDBs
from the input file from being used to initialize the output file; use
it in cases where we're using the aforementioned loop to copy over IDBs.
Don't require any IDBs to be present when opening a pcapng file for
writing; 1) the simplest pcapng file has just an SHB in it, 2) that
requirement causes dumps that don't provide IDBs at open time to fail,
and 3) the real issue is that we don't want packets with an interface ID
not corresponding to a known IDB, and we already have a check for that.
(There are some hacks here; eventually, when everything processes the
IDBs in such a loop, we may be able to get rid of the "two favors of
dump parameter initialization" hack.)
Fixes #15844.
Addresses the same issue in #15502, but there are other issues there
that also need to be addressed.
In addition, the merge code also needs to be changed to handle this.
2020-10-22 08:10:57 +00:00
|
|
|
write_err, write_err_info,
|
|
|
|
|
read_count,
|
|
|
|
|
out_file_type_subtype);
|
|
|
|
|
ret = DUMP_ERROR;
|
|
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
2014-05-23 10:50:02 +00:00
|
|
|
|
2019-04-05 01:56:27 +00:00
|
|
|
buf = ws_buffer_start_ptr(&read_buf);
|
2018-11-13 23:05:33 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Not all packets have time stamps. Only process the time
|
|
|
|
|
* stamp if we have one.
|
|
|
|
|
*/
|
|
|
|
|
if (rec->presence_flags & WTAP_HAS_TS) {
|
2019-07-14 16:51:40 +00:00
|
|
|
if (!nstime_is_unset(&secs_per_block)) {
|
|
|
|
|
if (nstime_is_unset(&block_next)) {
|
|
|
|
|
block_next = rec->ts;
|
|
|
|
|
nstime_add(&block_next, &secs_per_block);
|
|
|
|
|
}
|
|
|
|
|
while (nstime_cmp(&rec->ts, &block_next) > 0) { /* time for the next file */
|
2013-09-09 06:26:42 +00:00
|
|
|
|
2022-03-14 19:11:24 +00:00
|
|
|
if (!wtap_dump_close(pdh, NULL, &write_err, &write_err_info)) {
|
2020-10-14 01:48:46 +00:00
|
|
|
cfile_close_failure_message(filename, write_err,
|
|
|
|
|
write_err_info);
|
2017-02-20 14:30:27 +00:00
|
|
|
ret = WRITE_ERROR;
|
|
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2019-07-14 16:51:40 +00:00
|
|
|
nstime_add(&block_next, &secs_per_block); /* reset for next interval */
|
2014-05-23 10:50:02 +00:00
|
|
|
g_free(filename);
|
2018-02-09 00:19:12 +00:00
|
|
|
filename = fileset_get_filename_by_pattern(block_cnt++, rec, fprefix, fsuffix);
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert(filename);
|
2009-04-17 15:21:46 +00:00
|
|
|
|
2014-05-23 10:50:02 +00:00
|
|
|
if (verbose)
|
|
|
|
|
fprintf(stderr, "Continuing writing in file %s\n", filename);
|
2009-04-17 15:21:46 +00:00
|
|
|
|
2020-12-05 21:22:49 +00:00
|
|
|
pdh = editcap_dump_open(filename, ¶ms, idbs_seen,
|
|
|
|
|
&write_err, &write_err_info);
|
2018-11-13 23:05:33 +00:00
|
|
|
|
2014-05-23 10:50:02 +00:00
|
|
|
if (pdh == NULL) {
|
2021-03-15 18:29:43 +00:00
|
|
|
cfile_dump_open_failure_message(filename,
|
2017-04-20 18:23:51 +00:00
|
|
|
write_err,
|
2020-10-14 01:48:46 +00:00
|
|
|
write_err_info,
|
2017-06-03 02:38:11 +00:00
|
|
|
out_file_type_subtype);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_FILE;
|
2017-02-20 14:30:27 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
}
|
|
|
|
|
} /* time stamp handling */
|
|
|
|
|
|
|
|
|
|
if (split_packet_count != 0) {
|
|
|
|
|
/* time for the next file? */
|
|
|
|
|
if (written_count > 0 && (written_count % split_packet_count) == 0) {
|
2022-03-14 19:11:24 +00:00
|
|
|
if (!wtap_dump_close(pdh, NULL, &write_err, &write_err_info)) {
|
2020-10-14 01:48:46 +00:00
|
|
|
cfile_close_failure_message(filename, write_err,
|
|
|
|
|
write_err_info);
|
2018-11-13 23:05:33 +00:00
|
|
|
ret = WRITE_ERROR;
|
|
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
2006-07-27 17:53:29 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
g_free(filename);
|
|
|
|
|
filename = fileset_get_filename_by_pattern(block_cnt++, rec, fprefix, fsuffix);
|
2021-06-18 18:21:42 +00:00
|
|
|
ws_assert(filename);
|
2018-11-13 23:05:33 +00:00
|
|
|
|
|
|
|
|
if (verbose)
|
|
|
|
|
fprintf(stderr, "Continuing writing in file %s\n", filename);
|
|
|
|
|
|
2020-12-05 21:22:49 +00:00
|
|
|
pdh = editcap_dump_open(filename, ¶ms, idbs_seen,
|
|
|
|
|
&write_err, &write_err_info);
|
2018-11-13 23:05:33 +00:00
|
|
|
if (pdh == NULL) {
|
2021-03-15 18:29:43 +00:00
|
|
|
cfile_dump_open_failure_message(filename,
|
2020-10-14 01:48:46 +00:00
|
|
|
write_err, write_err_info,
|
2018-11-13 23:05:33 +00:00
|
|
|
out_file_type_subtype);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_FILE;
|
2018-11-13 23:05:33 +00:00
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
2014-06-20 18:48:27 +00:00
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
} /* split packet handling */
|
2014-05-23 03:01:31 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (check_startstop) {
|
2020-02-20 01:15:05 +00:00
|
|
|
ts_okay = FALSE;
|
2018-11-13 23:05:33 +00:00
|
|
|
/*
|
|
|
|
|
* Is the packet in the selected timeframe?
|
|
|
|
|
* If the packet has no time stamp, the answer is "no".
|
|
|
|
|
*/
|
2020-02-20 01:15:05 +00:00
|
|
|
if (rec->presence_flags & WTAP_HAS_TS) {
|
2020-08-06 10:09:15 +00:00
|
|
|
if (have_starttime && have_stoptime) {
|
2020-08-05 17:20:07 +00:00
|
|
|
ts_okay = nstime_cmp(&rec->ts, &starttime) >= 0 &&
|
|
|
|
|
nstime_cmp(&rec->ts, &stoptime) < 0;
|
2020-08-06 10:09:15 +00:00
|
|
|
} else if (have_starttime) {
|
2020-08-05 17:20:07 +00:00
|
|
|
ts_okay = nstime_cmp(&rec->ts, &starttime) >= 0;
|
2020-08-06 10:09:15 +00:00
|
|
|
} else if (have_stoptime) {
|
2020-08-05 17:20:07 +00:00
|
|
|
ts_okay = nstime_cmp(&rec->ts, &stoptime) < 0;
|
2020-02-20 01:15:05 +00:00
|
|
|
}
|
|
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
} else {
|
|
|
|
|
/*
|
|
|
|
|
* No selected timeframe, so all packets are "in the
|
|
|
|
|
* selected timeframe".
|
|
|
|
|
*/
|
|
|
|
|
ts_okay = TRUE;
|
|
|
|
|
}
|
2014-05-23 03:01:31 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (ts_okay && ((!selected(count) && !keep_em)
|
|
|
|
|
|| (selected(count) && keep_em))) {
|
2014-05-23 03:01:31 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (verbose && !dup_detect && !dup_detect_by_time)
|
|
|
|
|
fprintf(stderr, "Packet: %u\n", count);
|
2005-04-03 11:00:49 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
/* We simply write it, perhaps after truncating it; we could
|
|
|
|
|
* do other things, like modify it. */
|
2013-09-09 06:26:42 +00:00
|
|
|
|
2019-04-05 01:56:27 +00:00
|
|
|
rec = &read_rec;
|
2018-11-13 23:05:33 +00:00
|
|
|
|
|
|
|
|
if (rec->presence_flags & WTAP_HAS_TS) {
|
|
|
|
|
/* Do we adjust timestamps to ensure strict chronological
|
|
|
|
|
* order? */
|
|
|
|
|
if (do_strict_time_adjustment) {
|
|
|
|
|
if (previous_time.secs || previous_time.nsecs) {
|
|
|
|
|
if (!strict_time_adj.is_negative) {
|
|
|
|
|
nstime_t current;
|
|
|
|
|
nstime_t delta;
|
|
|
|
|
|
|
|
|
|
current = rec->ts;
|
|
|
|
|
|
|
|
|
|
nstime_delta(&delta, ¤t, &previous_time);
|
|
|
|
|
|
|
|
|
|
if (delta.secs < 0 || delta.nsecs < 0) {
|
2013-09-09 06:26:42 +00:00
|
|
|
/*
|
2018-11-13 23:05:33 +00:00
|
|
|
* A negative delta indicates that the current packet
|
|
|
|
|
* has an absolute timestamp less than the previous packet
|
|
|
|
|
* that it is being compared to. This is NOT a normal
|
|
|
|
|
* situation since trace files usually have packets in
|
|
|
|
|
* chronological order (oldest to newest).
|
|
|
|
|
* Copy and change rather than modify
|
|
|
|
|
* returned rec.
|
2013-09-09 06:26:42 +00:00
|
|
|
*/
|
2018-11-13 23:05:33 +00:00
|
|
|
/* fprintf(stderr, "++out of order, need to adjust this packet!\n"); */
|
2018-02-09 00:19:12 +00:00
|
|
|
temp_rec = *rec;
|
|
|
|
|
temp_rec.ts.secs = previous_time.secs + strict_time_adj.tv.secs;
|
|
|
|
|
temp_rec.ts.nsecs = previous_time.nsecs;
|
2018-06-22 05:15:59 +00:00
|
|
|
if (temp_rec.ts.nsecs + strict_time_adj.tv.nsecs >= ONE_BILLION) {
|
2013-09-09 06:26:42 +00:00
|
|
|
/* carry */
|
2018-02-09 00:19:12 +00:00
|
|
|
temp_rec.ts.secs++;
|
|
|
|
|
temp_rec.ts.nsecs += strict_time_adj.tv.nsecs - ONE_BILLION;
|
2013-09-09 06:26:42 +00:00
|
|
|
} else {
|
2018-02-09 00:19:12 +00:00
|
|
|
temp_rec.ts.nsecs += strict_time_adj.tv.nsecs;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2018-02-09 00:19:12 +00:00
|
|
|
rec = &temp_rec;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
} else {
|
|
|
|
|
/*
|
|
|
|
|
* A negative strict time adjustment is requested.
|
|
|
|
|
* Unconditionally set each timestamp to previous
|
|
|
|
|
* packet's timestamp plus delta.
|
|
|
|
|
* Copy and change rather than modify returned
|
|
|
|
|
* rec.
|
|
|
|
|
*/
|
|
|
|
|
temp_rec = *rec;
|
|
|
|
|
temp_rec.ts.secs = previous_time.secs + strict_time_adj.tv.secs;
|
|
|
|
|
temp_rec.ts.nsecs = previous_time.nsecs;
|
|
|
|
|
if (temp_rec.ts.nsecs + strict_time_adj.tv.nsecs >= ONE_BILLION) {
|
2014-05-23 18:53:08 +00:00
|
|
|
/* carry */
|
2018-02-09 00:19:12 +00:00
|
|
|
temp_rec.ts.secs++;
|
2018-11-13 23:05:33 +00:00
|
|
|
temp_rec.ts.nsecs += strict_time_adj.tv.nsecs - ONE_BILLION;
|
2014-05-23 18:53:08 +00:00
|
|
|
} else {
|
2018-11-13 23:05:33 +00:00
|
|
|
temp_rec.ts.nsecs += strict_time_adj.tv.nsecs;
|
2014-05-23 18:53:08 +00:00
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
rec = &temp_rec;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
previous_time = rec->ts;
|
|
|
|
|
}
|
1999-12-12 21:04:29 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (time_adj.tv.secs != 0) {
|
|
|
|
|
/* Copy and change rather than modify returned rec */
|
|
|
|
|
temp_rec = *rec;
|
|
|
|
|
if (time_adj.is_negative)
|
|
|
|
|
temp_rec.ts.secs -= time_adj.tv.secs;
|
|
|
|
|
else
|
|
|
|
|
temp_rec.ts.secs += time_adj.tv.secs;
|
|
|
|
|
rec = &temp_rec;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (time_adj.tv.nsecs != 0) {
|
|
|
|
|
/* Copy and change rather than modify returned rec */
|
|
|
|
|
temp_rec = *rec;
|
|
|
|
|
if (time_adj.is_negative) { /* subtract */
|
|
|
|
|
if (temp_rec.ts.nsecs < time_adj.tv.nsecs) { /* borrow */
|
|
|
|
|
temp_rec.ts.secs--;
|
|
|
|
|
temp_rec.ts.nsecs += ONE_BILLION;
|
2014-05-23 10:50:02 +00:00
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
temp_rec.ts.nsecs -= time_adj.tv.nsecs;
|
|
|
|
|
} else { /* add */
|
|
|
|
|
if (temp_rec.ts.nsecs + time_adj.tv.nsecs >= ONE_BILLION) {
|
|
|
|
|
/* carry */
|
|
|
|
|
temp_rec.ts.secs++;
|
|
|
|
|
temp_rec.ts.nsecs += time_adj.tv.nsecs - ONE_BILLION;
|
|
|
|
|
} else {
|
|
|
|
|
temp_rec.ts.nsecs += time_adj.tv.nsecs;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
}
|
2018-02-09 00:19:12 +00:00
|
|
|
rec = &temp_rec;
|
2018-11-13 23:05:33 +00:00
|
|
|
}
|
|
|
|
|
} /* time stamp adjustment */
|
2018-02-09 00:19:12 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (rec->rec_type == REC_TYPE_PACKET) {
|
|
|
|
|
if (snaplen != 0) {
|
|
|
|
|
/* Limit capture length to snaplen */
|
|
|
|
|
if (rec->rec_header.packet_header.caplen > snaplen) {
|
2021-07-08 09:10:31 +00:00
|
|
|
/* Copy and change rather than modify returned rec */
|
2018-02-09 00:19:12 +00:00
|
|
|
temp_rec = *rec;
|
2018-11-13 23:05:33 +00:00
|
|
|
temp_rec.rec_header.packet_header.caplen = snaplen;
|
2018-02-09 00:19:12 +00:00
|
|
|
rec = &temp_rec;
|
|
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
/* If -L, also set reported length to snaplen */
|
|
|
|
|
if (adjlen && rec->rec_header.packet_header.len > snaplen) {
|
2021-07-08 09:10:31 +00:00
|
|
|
/* Copy and change rather than modify returned rec */
|
2018-11-13 23:05:33 +00:00
|
|
|
temp_rec = *rec;
|
|
|
|
|
temp_rec.rec_header.packet_header.len = snaplen;
|
|
|
|
|
rec = &temp_rec;
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-05-23 18:53:08 +00:00
|
|
|
|
2019-06-26 20:08:51 +00:00
|
|
|
/*
|
|
|
|
|
* If an encapsulation type was specified, override the
|
|
|
|
|
* encapsulation type of the packet.
|
|
|
|
|
* Copy and change rather than modify returned rec.
|
|
|
|
|
*/
|
|
|
|
|
if (out_frame_type != -2) {
|
|
|
|
|
temp_rec = *rec;
|
|
|
|
|
temp_rec.rec_header.packet_header.pkt_encap = out_frame_type;
|
|
|
|
|
rec = &temp_rec;
|
|
|
|
|
}
|
|
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
/*
|
|
|
|
|
* CHOP
|
2019-06-26 20:08:51 +00:00
|
|
|
* Copy and change rather than modify returned rec.
|
2018-11-13 23:05:33 +00:00
|
|
|
*/
|
|
|
|
|
temp_rec = *rec;
|
|
|
|
|
handle_chopping(chop, &temp_rec.rec_header.packet_header,
|
|
|
|
|
&rec->rec_header.packet_header, &buf,
|
|
|
|
|
adjlen);
|
|
|
|
|
rec = &temp_rec;
|
|
|
|
|
|
2021-11-02 15:04:46 +00:00
|
|
|
/* set unused info */
|
|
|
|
|
if (set_unused) {
|
|
|
|
|
/* set unused bytes to zero so that duplicates check ignores unused bytes */
|
|
|
|
|
set_unused_info(&rec->rec_header.packet_header, buf);
|
|
|
|
|
}
|
|
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
/* remove vlan info */
|
|
|
|
|
if (rem_vlan) {
|
|
|
|
|
/* Copy and change rather than modify returned rec */
|
|
|
|
|
temp_rec = *rec;
|
|
|
|
|
remove_vlan_info(&rec->rec_header.packet_header, buf,
|
|
|
|
|
&temp_rec.rec_header.packet_header.caplen);
|
|
|
|
|
rec = &temp_rec;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* suppress duplicates by packet window */
|
|
|
|
|
if (dup_detect) {
|
|
|
|
|
if (is_duplicate(buf, rec->rec_header.packet_header.caplen)) {
|
|
|
|
|
if (verbose) {
|
|
|
|
|
fprintf(stderr, "Skipped: %u, Len: %u, MD5 Hash: ",
|
|
|
|
|
count,
|
|
|
|
|
rec->rec_header.packet_header.caplen);
|
|
|
|
|
for (i = 0; i < 16; i++)
|
|
|
|
|
fprintf(stderr, "%02x",
|
|
|
|
|
(unsigned char)fd_hash[cur_dup_entry].digest[i]);
|
|
|
|
|
fprintf(stderr, "\n");
|
|
|
|
|
}
|
|
|
|
|
duplicate_count++;
|
|
|
|
|
count++;
|
|
|
|
|
continue;
|
|
|
|
|
} else {
|
|
|
|
|
if (verbose) {
|
|
|
|
|
fprintf(stderr, "Packet: %u, Len: %u, MD5 Hash: ",
|
|
|
|
|
count,
|
|
|
|
|
rec->rec_header.packet_header.caplen);
|
|
|
|
|
for (i = 0; i < 16; i++)
|
|
|
|
|
fprintf(stderr, "%02x",
|
|
|
|
|
(unsigned char)fd_hash[cur_dup_entry].digest[i]);
|
|
|
|
|
fprintf(stderr, "\n");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} /* suppression of duplicates */
|
|
|
|
|
|
|
|
|
|
if (rec->presence_flags & WTAP_HAS_TS) {
|
|
|
|
|
/* suppress duplicates by time window */
|
|
|
|
|
if (dup_detect_by_time) {
|
|
|
|
|
nstime_t current;
|
|
|
|
|
|
|
|
|
|
current.secs = rec->ts.secs;
|
|
|
|
|
current.nsecs = rec->ts.nsecs;
|
|
|
|
|
|
|
|
|
|
if (is_duplicate_rel_time(buf,
|
|
|
|
|
rec->rec_header.packet_header.caplen,
|
|
|
|
|
¤t)) {
|
2014-05-23 18:53:08 +00:00
|
|
|
if (verbose) {
|
|
|
|
|
fprintf(stderr, "Skipped: %u, Len: %u, MD5 Hash: ",
|
2018-02-09 00:19:12 +00:00
|
|
|
count,
|
|
|
|
|
rec->rec_header.packet_header.caplen);
|
2014-05-23 18:53:08 +00:00
|
|
|
for (i = 0; i < 16; i++)
|
|
|
|
|
fprintf(stderr, "%02x",
|
|
|
|
|
(unsigned char)fd_hash[cur_dup_entry].digest[i]);
|
|
|
|
|
fprintf(stderr, "\n");
|
|
|
|
|
}
|
|
|
|
|
duplicate_count++;
|
|
|
|
|
count++;
|
|
|
|
|
continue;
|
|
|
|
|
} else {
|
|
|
|
|
if (verbose) {
|
|
|
|
|
fprintf(stderr, "Packet: %u, Len: %u, MD5 Hash: ",
|
2018-02-09 00:19:12 +00:00
|
|
|
count,
|
|
|
|
|
rec->rec_header.packet_header.caplen);
|
2014-05-23 18:53:08 +00:00
|
|
|
for (i = 0; i < 16; i++)
|
|
|
|
|
fprintf(stderr, "%02x",
|
|
|
|
|
(unsigned char)fd_hash[cur_dup_entry].digest[i]);
|
|
|
|
|
fprintf(stderr, "\n");
|
|
|
|
|
}
|
2014-05-23 10:50:02 +00:00
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
}
|
|
|
|
|
} /* suppress duplicates by time window */
|
|
|
|
|
}
|
2018-02-09 00:19:12 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
/* Random error mutation */
|
|
|
|
|
do_mutation = FALSE;
|
|
|
|
|
caplen = 0;
|
|
|
|
|
if (err_prob > 0.0) {
|
|
|
|
|
switch (rec->rec_type) {
|
|
|
|
|
|
|
|
|
|
case REC_TYPE_PACKET:
|
|
|
|
|
caplen = rec->rec_header.packet_header.caplen;
|
|
|
|
|
do_mutation = TRUE;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case REC_TYPE_FT_SPECIFIC_EVENT:
|
|
|
|
|
case REC_TYPE_FT_SPECIFIC_REPORT:
|
|
|
|
|
caplen = rec->rec_header.ft_specific_header.record_len;
|
|
|
|
|
do_mutation = TRUE;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case REC_TYPE_SYSCALL:
|
|
|
|
|
caplen = rec->rec_header.syscall_header.event_filelen;
|
|
|
|
|
do_mutation = TRUE;
|
|
|
|
|
break;
|
2020-10-28 03:06:26 +00:00
|
|
|
|
2021-06-17 20:52:45 +00:00
|
|
|
case REC_TYPE_SYSTEMD_JOURNAL_EXPORT:
|
|
|
|
|
caplen = rec->rec_header.systemd_journal_export_header.record_len;
|
2020-10-28 03:06:26 +00:00
|
|
|
do_mutation = TRUE;
|
|
|
|
|
break;
|
2018-02-09 00:19:12 +00:00
|
|
|
}
|
|
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (change_offset > caplen) {
|
|
|
|
|
fprintf(stderr, "change offset %u is longer than caplen %u in packet %u\n",
|
|
|
|
|
change_offset, caplen, count);
|
|
|
|
|
do_mutation = FALSE;
|
2015-08-11 21:58:54 +00:00
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
}
|
2015-08-11 21:58:54 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (do_mutation) {
|
|
|
|
|
int real_data_start = 0;
|
2013-09-09 06:26:42 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
/* Protect non-protocol data */
|
|
|
|
|
switch (rec->rec_type) {
|
2018-02-09 00:19:12 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
case REC_TYPE_PACKET:
|
2020-10-20 08:50:00 +00:00
|
|
|
/*
|
|
|
|
|
* XXX - any reason not to fuzz this part?
|
|
|
|
|
*/
|
|
|
|
|
if (rec->rec_header.packet_header.pkt_encap == WTAP_ENCAP_CATAPULT_DCT2000)
|
2018-11-13 23:05:33 +00:00
|
|
|
real_data_start = find_dct2000_real_data(buf);
|
|
|
|
|
break;
|
|
|
|
|
}
|
2013-09-09 06:26:42 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
real_data_start += change_offset;
|
2015-08-11 21:58:54 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
for (i = real_data_start; i < (int) caplen; i++) {
|
|
|
|
|
if (rand() <= err_prob * RAND_MAX) {
|
|
|
|
|
err_type = rand() / (RAND_MAX / ERR_WT_TOTAL + 1);
|
2013-09-09 06:26:42 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (err_type < ERR_WT_BIT) {
|
|
|
|
|
buf[i] ^= 1 << (rand() / (RAND_MAX / 8 + 1));
|
|
|
|
|
err_type = ERR_WT_TOTAL;
|
|
|
|
|
} else {
|
|
|
|
|
err_type -= ERR_WT_BYTE;
|
|
|
|
|
}
|
2013-09-09 06:26:42 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (err_type < ERR_WT_BYTE) {
|
|
|
|
|
buf[i] = rand() / (RAND_MAX / 255 + 1);
|
|
|
|
|
err_type = ERR_WT_TOTAL;
|
|
|
|
|
} else {
|
|
|
|
|
err_type -= ERR_WT_BYTE;
|
|
|
|
|
}
|
2013-09-09 06:26:42 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (err_type < ERR_WT_ALNUM) {
|
|
|
|
|
buf[i] = ALNUM_CHARS[rand() / (RAND_MAX / ALNUM_LEN + 1)];
|
|
|
|
|
err_type = ERR_WT_TOTAL;
|
|
|
|
|
} else {
|
|
|
|
|
err_type -= ERR_WT_ALNUM;
|
|
|
|
|
}
|
2013-09-09 06:26:42 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (err_type < ERR_WT_FMT) {
|
|
|
|
|
if ((unsigned int)i < caplen - 2)
|
2021-04-30 10:18:25 +00:00
|
|
|
(void) g_strlcpy((char*) &buf[i], "%s", 2);
|
2018-11-13 23:05:33 +00:00
|
|
|
err_type = ERR_WT_TOTAL;
|
|
|
|
|
} else {
|
|
|
|
|
err_type -= ERR_WT_FMT;
|
|
|
|
|
}
|
2014-05-23 10:50:02 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (err_type < ERR_WT_AA) {
|
|
|
|
|
for (j = i; j < (int) caplen; j++)
|
|
|
|
|
buf[j] = 0xAA;
|
|
|
|
|
i = caplen;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
}
|
2014-05-23 10:50:02 +00:00
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
} /* random error mutation */
|
|
|
|
|
|
|
|
|
|
/* Find a packet comment we may need to write */
|
|
|
|
|
if (frames_user_comments) {
|
|
|
|
|
const char *comment =
|
|
|
|
|
(const char*)g_tree_lookup(frames_user_comments, GUINT_TO_POINTER(read_count));
|
|
|
|
|
/* XXX: What about comment changed to no comment? */
|
|
|
|
|
if (comment != NULL) {
|
|
|
|
|
/* Copy and change rather than modify returned rec */
|
|
|
|
|
temp_rec = *rec;
|
2019-01-24 11:08:57 +00:00
|
|
|
/* The comment is not modified by dumper, cast away. */
|
2021-04-29 11:23:21 +00:00
|
|
|
wtap_block_add_string_option(rec->block, OPT_COMMENT, (char *)comment, strlen((char *)comment));
|
2021-07-08 05:43:29 +00:00
|
|
|
temp_rec.block_was_modified = TRUE;
|
2018-11-13 23:05:33 +00:00
|
|
|
rec = &temp_rec;
|
|
|
|
|
} else {
|
|
|
|
|
/* Copy and change rather than modify returned rec */
|
|
|
|
|
temp_rec = *rec;
|
2021-07-08 05:43:29 +00:00
|
|
|
temp_rec.block_was_modified = FALSE;
|
2018-11-13 23:05:33 +00:00
|
|
|
rec = &temp_rec;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
|
|
|
|
}
|
1999-12-12 21:04:29 +00:00
|
|
|
|
2019-05-11 03:59:53 +00:00
|
|
|
if (discard_all_secrets) {
|
2019-02-19 09:01:48 +00:00
|
|
|
/*
|
|
|
|
|
* Discard any secrets we've read since the last packet
|
|
|
|
|
* we wrote.
|
|
|
|
|
*/
|
|
|
|
|
wtap_dump_discard_decryption_secrets(pdh);
|
|
|
|
|
}
|
|
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
/* Attempt to dump out current frame to the output file */
|
|
|
|
|
if (!wtap_dump(pdh, rec, buf, &write_err, &write_err_info)) {
|
2021-07-26 16:22:36 +00:00
|
|
|
cfile_write_failure_message(argv[ws_optind], filename,
|
2018-11-13 23:05:33 +00:00
|
|
|
write_err, write_err_info,
|
|
|
|
|
read_count,
|
|
|
|
|
out_file_type_subtype);
|
|
|
|
|
ret = DUMP_ERROR;
|
2017-02-20 14:30:27 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
written_count++;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
count++;
|
2021-08-04 17:18:46 +00:00
|
|
|
wtap_rec_reset(&read_rec);
|
2018-11-13 23:05:33 +00:00
|
|
|
}
|
2019-04-05 01:56:27 +00:00
|
|
|
wtap_rec_cleanup(&read_rec);
|
|
|
|
|
ws_buffer_free(&read_buf);
|
2018-11-13 23:05:33 +00:00
|
|
|
|
|
|
|
|
g_free(fprefix);
|
|
|
|
|
g_free(fsuffix);
|
|
|
|
|
|
|
|
|
|
if (read_err != 0) {
|
|
|
|
|
/* Print a message noting that the read failed somewhere along the
|
|
|
|
|
* line. */
|
2021-07-26 16:22:36 +00:00
|
|
|
cfile_read_failure_message(argv[ws_optind], read_err, read_err_info);
|
2018-11-13 23:05:33 +00:00
|
|
|
}
|
2012-06-15 12:27:21 +00:00
|
|
|
|
2018-11-13 23:05:33 +00:00
|
|
|
if (!pdh) {
|
|
|
|
|
/* No valid packages found, open the outfile so we can write an
|
|
|
|
|
* empty header */
|
|
|
|
|
g_free (filename);
|
2021-07-26 16:22:36 +00:00
|
|
|
filename = g_strdup(argv[ws_optind+1]);
|
2018-11-13 23:05:33 +00:00
|
|
|
|
2020-12-05 21:22:49 +00:00
|
|
|
pdh = editcap_dump_open(filename, ¶ms, idbs_seen, &write_err,
|
|
|
|
|
&write_err_info);
|
2018-11-13 23:05:33 +00:00
|
|
|
if (pdh == NULL) {
|
2021-03-15 18:29:43 +00:00
|
|
|
cfile_dump_open_failure_message(filename,
|
2020-10-14 01:48:46 +00:00
|
|
|
write_err, write_err_info,
|
2018-11-13 23:05:33 +00:00
|
|
|
out_file_type_subtype);
|
2023-02-06 22:16:37 +00:00
|
|
|
ret = WS_EXIT_INVALID_FILE;
|
2017-02-20 14:30:27 +00:00
|
|
|
goto clean_exit;
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
2018-11-13 23:05:33 +00:00
|
|
|
}
|
2015-06-25 22:36:54 +00:00
|
|
|
|
2023-02-02 02:14:10 +00:00
|
|
|
/*
|
|
|
|
|
* Process whatever IDBs we haven't seen yet.
|
|
|
|
|
*/
|
|
|
|
|
if (!process_new_idbs(wth, pdh, idbs_seen, &write_err, &write_err_info)) {
|
|
|
|
|
cfile_write_failure_message(argv[ws_optind], filename,
|
|
|
|
|
write_err, write_err_info,
|
|
|
|
|
read_count,
|
|
|
|
|
out_file_type_subtype);
|
|
|
|
|
ret = DUMP_ERROR;
|
|
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-14 19:11:24 +00:00
|
|
|
if (!wtap_dump_close(pdh, NULL, &write_err, &write_err_info)) {
|
2020-10-14 01:48:46 +00:00
|
|
|
cfile_close_failure_message(filename, write_err, write_err_info);
|
2018-11-13 23:05:33 +00:00
|
|
|
ret = WRITE_ERROR;
|
|
|
|
|
goto clean_exit;
|
|
|
|
|
}
|
|
|
|
|
g_free(filename);
|
|
|
|
|
|
|
|
|
|
if (frames_user_comments) {
|
|
|
|
|
g_tree_destroy(frames_user_comments);
|
2013-09-09 06:26:42 +00:00
|
|
|
}
|
1999-12-12 21:04:29 +00:00
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
if (dup_detect) {
|
2014-01-23 15:11:00 +00:00
|
|
|
fprintf(stderr, "%u packet%s seen, %u packet%s skipped with duplicate window of %i packets.\n",
|
2013-09-09 06:26:42 +00:00
|
|
|
count - 1, plurality(count - 1, "", "s"), duplicate_count,
|
|
|
|
|
plurality(duplicate_count, "", "s"), dup_window);
|
|
|
|
|
} else if (dup_detect_by_time) {
|
2014-01-23 15:11:00 +00:00
|
|
|
fprintf(stderr, "%u packet%s seen, %u packet%s skipped with duplicate time window equal to or less than %ld.%09ld seconds.\n",
|
2013-09-09 06:26:42 +00:00
|
|
|
count - 1, plurality(count - 1, "", "s"), duplicate_count,
|
|
|
|
|
plurality(duplicate_count, "", "s"),
|
|
|
|
|
(long)relative_time_window.secs,
|
|
|
|
|
(long int)relative_time_window.nsecs);
|
1999-12-12 21:04:29 +00:00
|
|
|
}
|
2009-04-17 15:21:46 +00:00
|
|
|
|
2017-02-20 14:30:27 +00:00
|
|
|
clean_exit:
|
2018-11-17 21:43:14 +00:00
|
|
|
if (dsb_filenames) {
|
|
|
|
|
g_array_free(dsb_types, TRUE);
|
|
|
|
|
g_ptr_array_free(dsb_filenames, TRUE);
|
|
|
|
|
}
|
2020-12-05 21:22:49 +00:00
|
|
|
if (idbs_seen != NULL) {
|
|
|
|
|
for (guint b = 0; b < idbs_seen->len; b++) {
|
|
|
|
|
wtap_block_t if_data = g_array_index(idbs_seen, wtap_block_t, b);
|
2021-04-29 11:23:21 +00:00
|
|
|
wtap_block_unref(if_data);
|
2020-12-05 21:22:49 +00:00
|
|
|
}
|
|
|
|
|
g_array_free(idbs_seen, TRUE);
|
|
|
|
|
}
|
2018-11-14 00:10:53 +00:00
|
|
|
g_free(params.idb_inf);
|
|
|
|
|
wtap_dump_params_cleanup(¶ms);
|
2017-04-18 00:09:26 +00:00
|
|
|
if (wth != NULL)
|
|
|
|
|
wtap_close(wth);
|
2021-08-04 17:18:46 +00:00
|
|
|
wtap_rec_reset(&read_rec);
|
2017-02-04 15:26:34 +00:00
|
|
|
wtap_cleanup();
|
2017-02-08 13:25:57 +00:00
|
|
|
free_progdirs();
|
2020-08-06 13:30:38 +00:00
|
|
|
if (capture_comments != NULL) {
|
|
|
|
|
g_ptr_array_free(capture_comments, TRUE);
|
|
|
|
|
capture_comments = NULL;
|
|
|
|
|
}
|
2017-02-04 15:26:34 +00:00
|
|
|
return ret;
|
1999-12-04 12:53:52 +00:00
|
|
|
}
|
2002-08-28 21:04:11 +00:00
|
|
|
|
2008-02-20 14:13:15 +00:00
|
|
|
/* Skip meta-information read from file to return offset of real
|
2013-09-09 06:26:42 +00:00
|
|
|
* protocol data */
|
|
|
|
|
static int
|
|
|
|
|
find_dct2000_real_data(guint8 *buf)
|
2008-02-20 14:13:15 +00:00
|
|
|
{
|
2013-09-09 06:26:42 +00:00
|
|
|
int n = 0;
|
|
|
|
|
|
|
|
|
|
for (n = 0; buf[n] != '\0'; n++); /* Context name */
|
|
|
|
|
n++;
|
|
|
|
|
n++; /* Context port number */
|
|
|
|
|
for (; buf[n] != '\0'; n++); /* Timestamp */
|
|
|
|
|
n++;
|
|
|
|
|
for (; buf[n] != '\0'; n++); /* Protocol name */
|
|
|
|
|
n++;
|
|
|
|
|
for (; buf[n] != '\0'; n++); /* Variant number (as string) */
|
|
|
|
|
n++;
|
|
|
|
|
for (; buf[n] != '\0'; n++); /* Outhdr (as string) */
|
|
|
|
|
n++;
|
|
|
|
|
n += 2; /* Direction & encap */
|
|
|
|
|
|
|
|
|
|
return n;
|
2008-02-20 14:13:15 +00:00
|
|
|
}
|
2013-09-09 06:26:42 +00:00
|
|
|
|
2013-09-09 19:39:45 +00:00
|
|
|
/*
|
2014-01-03 14:30:09 +00:00
|
|
|
* We support up to 2 chopping regions in a single pass: one specified by the
|
2013-09-09 19:39:45 +00:00
|
|
|
* positive chop length, and one by the negative chop length.
|
|
|
|
|
*/
|
|
|
|
|
static void
|
2018-02-09 00:19:12 +00:00
|
|
|
handle_chopping(chop_t chop, wtap_packet_header *out_phdr,
|
|
|
|
|
const wtap_packet_header *in_phdr, guint8 **buf,
|
2013-09-09 19:39:45 +00:00
|
|
|
gboolean adjlen)
|
|
|
|
|
{
|
|
|
|
|
/* If we're not chopping anything from one side, then the offset for that
|
|
|
|
|
* side is meaningless. */
|
|
|
|
|
if (chop.len_begin == 0)
|
|
|
|
|
chop.off_begin_pos = chop.off_begin_neg = 0;
|
|
|
|
|
if (chop.len_end == 0)
|
|
|
|
|
chop.off_end_pos = chop.off_end_neg = 0;
|
|
|
|
|
|
|
|
|
|
if (chop.off_begin_neg < 0) {
|
|
|
|
|
chop.off_begin_pos += in_phdr->caplen + chop.off_begin_neg;
|
|
|
|
|
chop.off_begin_neg = 0;
|
|
|
|
|
}
|
|
|
|
|
if (chop.off_end_pos > 0) {
|
|
|
|
|
chop.off_end_neg += chop.off_end_pos - in_phdr->caplen;
|
|
|
|
|
chop.off_end_pos = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* If we've crossed chopping regions, swap them */
|
|
|
|
|
if (chop.len_begin && chop.len_end) {
|
|
|
|
|
if (chop.off_begin_pos > ((int)in_phdr->caplen + chop.off_end_neg)) {
|
|
|
|
|
int tmp_len, tmp_off;
|
|
|
|
|
|
|
|
|
|
tmp_off = in_phdr->caplen + chop.off_end_neg + chop.len_end;
|
|
|
|
|
tmp_len = -chop.len_end;
|
|
|
|
|
|
|
|
|
|
chop.off_end_neg = chop.len_begin + chop.off_begin_pos - in_phdr->caplen;
|
|
|
|
|
chop.len_end = -chop.len_begin;
|
|
|
|
|
|
|
|
|
|
chop.len_begin = tmp_len;
|
|
|
|
|
chop.off_begin_pos = tmp_off;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Make sure we don't chop off more than we have available */
|
|
|
|
|
if (in_phdr->caplen < (guint32)(chop.off_begin_pos - chop.off_end_neg)) {
|
|
|
|
|
chop.len_begin = 0;
|
|
|
|
|
chop.len_end = 0;
|
|
|
|
|
}
|
|
|
|
|
if ((guint32)(chop.len_begin - chop.len_end) >
|
|
|
|
|
(in_phdr->caplen - (guint32)(chop.off_begin_pos - chop.off_end_neg))) {
|
|
|
|
|
chop.len_begin = in_phdr->caplen - (chop.off_begin_pos - chop.off_end_neg);
|
|
|
|
|
chop.len_end = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Handle chopping from the beginning. Note that if a beginning offset
|
|
|
|
|
* was specified, we need to keep that piece */
|
|
|
|
|
if (chop.len_begin > 0) {
|
|
|
|
|
*out_phdr = *in_phdr;
|
|
|
|
|
|
|
|
|
|
if (chop.off_begin_pos > 0) {
|
2013-11-15 22:31:11 +00:00
|
|
|
memmove(*buf + chop.off_begin_pos,
|
|
|
|
|
*buf + chop.off_begin_pos + chop.len_begin,
|
2013-09-09 19:39:45 +00:00
|
|
|
out_phdr->caplen - chop.len_begin);
|
|
|
|
|
} else {
|
2013-11-15 22:31:11 +00:00
|
|
|
*buf += chop.len_begin;
|
2013-09-09 19:39:45 +00:00
|
|
|
}
|
|
|
|
|
out_phdr->caplen -= chop.len_begin;
|
|
|
|
|
|
|
|
|
|
if (adjlen) {
|
|
|
|
|
if (in_phdr->len > (guint32)chop.len_begin)
|
|
|
|
|
out_phdr->len -= chop.len_begin;
|
|
|
|
|
else
|
|
|
|
|
out_phdr->len = 0;
|
|
|
|
|
}
|
|
|
|
|
in_phdr = out_phdr;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Handle chopping from the end. Note that if an ending offset was
|
|
|
|
|
* specified, we need to keep that piece */
|
|
|
|
|
if (chop.len_end < 0) {
|
|
|
|
|
*out_phdr = *in_phdr;
|
|
|
|
|
|
|
|
|
|
if (chop.off_end_neg < 0) {
|
2013-11-15 22:31:11 +00:00
|
|
|
memmove(*buf + (gint)out_phdr->caplen + (chop.len_end + chop.off_end_neg),
|
|
|
|
|
*buf + (gint)out_phdr->caplen + chop.off_end_neg,
|
2013-09-09 19:39:45 +00:00
|
|
|
-chop.off_end_neg);
|
|
|
|
|
}
|
|
|
|
|
out_phdr->caplen += chop.len_end;
|
|
|
|
|
|
|
|
|
|
if (adjlen) {
|
|
|
|
|
if (((signed int) in_phdr->len + chop.len_end) > 0)
|
|
|
|
|
out_phdr->len += chop.len_end;
|
|
|
|
|
else
|
|
|
|
|
out_phdr->len = 0;
|
|
|
|
|
}
|
2013-09-16 07:56:04 +00:00
|
|
|
/*in_phdr = out_phdr;*/
|
2013-09-09 19:39:45 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-09 06:26:42 +00:00
|
|
|
/*
|
2019-07-26 18:43:17 +00:00
|
|
|
* Editor modelines - https://www.wireshark.org/tools/modelines.html
|
2013-09-09 06:26:42 +00:00
|
|
|
*
|
|
|
|
|
* Local variables:
|
|
|
|
|
* c-basic-offset: 4
|
2014-01-03 14:30:09 +00:00
|
|
|
* tab-width: 8
|
2013-09-09 06:26:42 +00:00
|
|
|
* indent-tabs-mode: nil
|
|
|
|
|
* End:
|
|
|
|
|
*
|
2014-01-03 14:30:09 +00:00
|
|
|
* vi: set shiftwidth=4 tabstop=8 expandtab:
|
|
|
|
|
* :indentSize=4:tabSize=8:noTabs=true:
|
2013-09-09 06:26:42 +00:00
|
|
|
*/
|