Make the capture file's interface description filterable

This patch introduces the frame.interface_description field. While testing this new functionality it became obvious that we have a non-optimal interaction between the existing cfile.c's cap_file_get_interface_name(), the recently added frame.interface_name field and this new frame.interface_description field. The string returned from cap_file_get_interface_name() may in fact come from one of three different sources: the idb's interface name (if it exists) or the idb's interface description (if that exists) or a default text of "unknown". The string ultimately becomes the rame.interface_name whether or not the idb had an interface name option to begin with. This behavior does not allow one to test for the simple presence of frame.interface_name. The new peer function cap_file_get_interface_description() added by this patch returns NULL instead of "unknown" if the idb does not have an interface description. Should cap_file_get_interface_name() be similarly modified to return NULL if the idb does not have an interface name? Bug: 9781 Change-Id: Ie479f373c5080c004dd22bd88919838feca71e95 Reviewed-on: https://code.wireshark.org/review/19861 Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2017-01-30 02:45:15 -05:00 · 2017-01-30 02:45:15 -05:00 · 520a1b2066
parent 9e2366a2e5
commit 520a1b2066
10 changed files with 56 additions and 6 deletions
--- a/cfile.c
+++ b/cfile.c
@ -54,6 +54,28 @@ cap_file_get_interface_name(void *data, guint32 interface_id)
  return "unknown";
 }

+const char *
+cap_file_get_interface_description(void *data, guint32 interface_id)
+{
+  capture_file *cf = (capture_file *) data;
+  wtapng_iface_descriptions_t *idb_info;
+  wtap_block_t wtapng_if_descr = NULL;
+  char* interface_name;
+
+  idb_info = wtap_file_get_idb_info(cf->wth);
+
+  if (interface_id < idb_info->interface_data->len)
+    wtapng_if_descr = g_array_index(idb_info->interface_data, wtap_block_t, interface_id);
+
+  g_free(idb_info);
+
+  if (wtapng_if_descr) {
+    if (wtap_block_get_string_option_value(wtapng_if_descr, OPT_IDB_DESCR, &interface_name) == WTAP_OPTTYPE_SUCCESS)
+      return interface_name;
+  }
+  return NULL;
+}
+
 void
 cap_file_init(capture_file *cf)
 {
--- a/cfile.h
+++ b/cfile.h
@ -137,6 +137,7 @@ typedef struct _capture_file {
 extern void cap_file_init(capture_file *cf);

 extern const char *cap_file_get_interface_name(void *data, guint32 interface_id);
+extern const char *cap_file_get_interface_description(void *data, guint32 interface_id);

 #ifdef __cplusplus
 }
--- a/epan/dissectors/packet-frame.c
+++ b/epan/dissectors/packet-frame.c
@ -75,6 +75,7 @@ static int hf_frame_color_filter_name = -1;
 static int hf_frame_color_filter_text = -1;
 static int hf_frame_interface_id = -1;
 static int hf_frame_interface_name = -1;
+static int hf_frame_interface_description = -1;
 static int hf_frame_pack_flags = -1;
 static int hf_frame_pack_direction = -1;
 static int hf_frame_pack_reception_type = -1;
@ -342,21 +343,26 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void*
 		fh_tree = proto_item_add_subtree(ti, ett_frame);

 		if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID &&
-		   (proto_field_is_referenced(tree, hf_frame_interface_id) ||
-		    proto_field_is_referenced(tree, hf_frame_interface_name))) {
+		   (proto_field_is_referenced(tree, hf_frame_interface_id) || proto_field_is_referenced(tree, hf_frame_interface_name) || proto_field_is_referenced(tree, hf_frame_interface_description))) {
 			const char *interface_name = epan_get_interface_name(pinfo->epan, pinfo->phdr->interface_id);
+			const char *interface_description = epan_get_interface_description(pinfo->epan, pinfo->phdr->interface_id);
+			proto_tree *if_tree;
+			proto_item *if_item;

 			if (interface_name) {
-				proto_tree *if_tree;
-				proto_item *if_item;
 				if_item = proto_tree_add_uint_format_value(fh_tree, hf_frame_interface_id, tvb, 0, 0,
 									   pinfo->phdr->interface_id, "%u (%s)",
 									   pinfo->phdr->interface_id, interface_name);
 				if_tree = proto_item_add_subtree(if_item, ett_ifname);
 				proto_tree_add_string(if_tree, hf_frame_interface_name, tvb, 0, 0, interface_name);
 			} else {
-				proto_tree_add_uint(fh_tree, hf_frame_interface_id, tvb, 0, 0, pinfo->phdr->interface_id);
+				if_item = proto_tree_add_uint(fh_tree, hf_frame_interface_id, tvb, 0, 0, pinfo->phdr->interface_id);
 			}
+
+                        if (interface_description) {
+				if_tree = proto_item_add_subtree(if_item, ett_ifname);
+				proto_tree_add_string(if_tree, hf_frame_interface_description, tvb, 0, 0, interface_description);
+                        }
 		}

 		if (pinfo->phdr->presence_flags & WTAP_HAS_PACK_FLAGS) {
@ -816,6 +822,11 @@ proto_register_frame(void)
 		    FT_STRING, BASE_NONE, NULL, 0x0,
 		    "The friendly name for this interface", HFILL }},

+		{ &hf_frame_interface_description,
+		  { "Interface description", "frame.interface_description",
+		    FT_STRING, BASE_NONE, NULL, 0x0,
+		    "The descriptionfor this interface", HFILL }},
+
 		{ &hf_frame_pack_flags,
 		  { "Packet flags", "frame.packet_flags",
 		    FT_UINT32, BASE_HEX, NULL, 0x0,
--- a/epan/epan-int.h
+++ b/epan/epan-int.h
@ -30,6 +30,7 @@ struct epan_session {

 	const nstime_t *(*get_frame_ts)(void *data, guint32 frame_num);
 	const char *(*get_interface_name)(void *data, guint32 interface_id);
+	const char *(*get_interface_description)(void *data, guint32 interface_id);
 	const char *(*get_user_comment)(void *data, const frame_data *fd);
 };

--- a/epan/epan.c
+++ b/epan/epan.c
@ -271,6 +271,15 @@ epan_get_interface_name(const epan_t *session, guint32 interface_id)
 	return NULL;
 }

+const char *
+epan_get_interface_description(const epan_t *session, guint32 interface_id)
+{
+	if (session->get_interface_description)
+		return session->get_interface_description(session->data, interface_id);
+
+	return NULL;
+}
+
 const nstime_t *
 epan_get_frame_ts(const epan_t *session, guint32 frame_num)
 {
--- a/epan/epan.h
+++ b/epan/epan.h
@ -131,7 +131,7 @@ void epan_circuit_cleanup(void);
 /** A client will create one epan_t for an entire dissection session.
 * A single epan_t will be used to analyze the entire sequence of packets,
 * sequentially, in a single session. A session corresponds to a single
- * packet trace file. The reaons epan_t exists is that some packets in
+ * packet trace file. The reasons epan_t exists is that some packets in
 * some protocols cannot be decoded without knowledge of previous packets.
 * This inter-packet "state" is stored in the epan_t.
 */
@ -143,6 +143,8 @@ WS_DLL_PUBLIC const char *epan_get_user_comment(const epan_t *session, const fra

 WS_DLL_PUBLIC const char *epan_get_interface_name(const epan_t *session, guint32 interface_id);

+WS_DLL_PUBLIC const char *epan_get_interface_description(const epan_t *session, guint32 interface_id);
+
 const nstime_t *epan_get_frame_ts(const epan_t *session, guint32 frame_num);

 WS_DLL_PUBLIC void epan_free(epan_t *session);
--- a/file.c
+++ b/file.c
@ -283,6 +283,7 @@ ws_epan_new(capture_file *cf)
  epan->data = cf;
  epan->get_frame_ts = ws_get_frame_ts;
  epan->get_interface_name = cap_file_get_interface_name;
+  epan->get_interface_description = cap_file_get_interface_description;
  epan->get_user_comment = ws_get_user_comment;

  return epan;
--- a/rawshark.c
+++ b/rawshark.c
@ -1542,6 +1542,7 @@ raw_epan_new(capture_file *cf)
    epan->data = cf;
    epan->get_frame_ts = raw_get_frame_ts;
    epan->get_interface_name = cap_file_get_interface_name;
+    epan->get_interface_description = cap_file_get_interface_description;
    epan->get_user_comment = NULL;

    return epan;
--- a/sharkd.c
+++ b/sharkd.c
@ -331,6 +331,7 @@ sharkd_epan_new(capture_file *cf)
  epan->data = cf;
  epan->get_frame_ts = sharkd_get_frame_ts;
  epan->get_interface_name = cap_file_get_interface_name;
+  epan->get_interface_description = cap_file_get_interface_description;
  epan->get_user_comment = NULL;

  return epan;
--- a/tshark.c
+++ b/tshark.c
@ -2345,6 +2345,7 @@ tshark_epan_new(capture_file *cf)
  epan->data = cf;
  epan->get_frame_ts = tshark_get_frame_ts;
  epan->get_interface_name = cap_file_get_interface_name;
+  epan->get_interface_description = cap_file_get_interface_description;
  epan->get_user_comment = NULL;

  return epan;