TFShark (Terminal Fileshark) v.001. Bug 9607 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9607)

This is a VERY PRELIMINARY version of tfshark.  It's an attempt to jumpstart FileShark and its architecture.  Right now it's mostly just a very stripped down version of tshark with all of the necessary build modifications (including now building filetap library since tfshark depends on it)

This code has helped me identify what I believe to be all of the necessary layers for a complete fileshark architecture.  And those layers will slowly be added in time (patches always welcome!).

svn path=/trunk/; revision=54646

CMakeLists.txt

@@ -818,7 +818,6 @@ set(SHARK_COMMON_CAPTURE_SRC
 set(WIRESHARK_COMMON_SRC
 	${PLATFORM_CAPTURE_SRC}
 	capture-pcap-util.c
-	cfile.c
 	cfutils.c
 	clopts_common.c
 	frame_tvbuff.c
@@ -944,6 +943,7 @@ if( (BUILD_wireshark AND GTK_FOUND) OR (BUILD_qtshark AND QT_FOUND) )
 		proto_hier_stats.c
 		summary.c
 		ws80211_utils.c
+		cfile.c
 		${SHARK_COMMON_CAPTURE_SRC}
 		${WIRESHARK_COMMON_SRC}
 		${PLATFORM_UI_SRC}
@@ -1016,6 +1016,7 @@ if(BUILD_tshark)
 		capture_sync.c
 		tshark-tap-register.c
 		tshark.c
+		cfile.c
 		${TSHARK_TAP_SRC}
 		${SHARK_COMMON_CAPTURE_SRC}
 		${WIRESHARK_COMMON_SRC}
@@ -1028,6 +1029,28 @@ if(BUILD_tshark)
 	install(TARGETS tshark RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
 endif()
 
+if(BUILD_tfshark)
+	set(tfshark_LIBS
+		ui
+		${LIBEPAN_LIBS}
+		${APPLE_CORE_FOUNDATION_LIBRARY}
+		${APPLE_SYSTEM_CONFIGURATION_LIBRARY}
+	)
+	set(tfshark_FILES
+		tfshark.c
+#		tfshark-tap-register.c
+		${TSHARK_TAP_SRC}
+		${SHARK_COMMON_CAPTURE_SRC}
+		${WIRESHARK_COMMON_SRC}
+	)
+	add_executable(tfshark ${tfshark_FILES})
+	add_dependencies(tfshark svnversion)
+	set_target_properties(tfshark PROPERTIES LINK_FLAGS "${WS_LINK_FLAGS}")
+	set_target_properties(tfshark PROPERTIES FOLDER "Executables")
+	target_link_libraries(tfshark ${tfshark_LIBS})
+	install(TARGETS tfshark RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
+endif()
+
 if(BUILD_rawshark AND PCAP_FOUND)
 	set(rawshark_LIBS
 		${LIBEPAN_LIBS}
@@ -1035,6 +1058,7 @@ if(BUILD_rawshark AND PCAP_FOUND)
 		${APPLE_SYSTEM_CONFIGURATION_LIBRARY}
 	)
 	set(rawshark_FILES
+		cfile.c
 		${WIRESHARK_COMMON_SRC}
 		rawshark.c
 		ui/util.c

CMakeOptions.txt

@@ -5,6 +5,7 @@
 option(BUILD_wireshark   "Build the GTK+-GUI version of Wireshark" ON)
 option(BUILD_qtshark     "Build the Qt-GUI version of Wireshark" ON)
 option(BUILD_tshark      "Build tshark" ON)
+option(BUILD_tfshark     "Build tfshark" ON)
 option(BUILD_rawshark    "Build rawshark" ON)
 option(BUILD_dumpcap     "Build dumpcap" ON)
 option(BUILD_text2pcap   "Build text2pcap" ON)

Makefile.am

@@ -38,6 +38,7 @@ endif
 bin_PROGRAMS = \
 	@wireshark_bin@		\
 	@tshark_bin@		\
+	@tfshark_bin@		\
 	@text2pcap_bin@		\
 	@mergecap_bin@		\
 	@capinfos_bin@		\
@@ -50,7 +51,7 @@ bin_PROGRAMS = \
 	@rawshark_bin@		\
 	@echld_test_bin@
 
-EXTRA_PROGRAMS = wireshark wireshark-qt tshark capinfos captype editcap \
+EXTRA_PROGRAMS = wireshark wireshark-qt tshark tfshark capinfos captype editcap \
 	mergecap dftest randpkt text2pcap dumpcap reordercap rawshark \
 	wireshark_cxx echld_test
 
@@ -361,6 +362,7 @@ wireshark_ldadd = \
 	ui/libui.a			\
 	ui/libui_dirty.a		\
 	codecs/libcodec.a		\
+	filetap/libfiletap.la		\
 	wiretap/libwiretap.la		\
 	epan/libwireshark.la		\
 	wsutil/libwsutil.la		\
@@ -447,6 +449,33 @@ tshark_LDADD = \
 	@LIBSMI_LDFLAGS@
 tshark_CFLAGS = $(AM_CLEAN_CFLAGS) $(py_dissectors_dir)
 
+if ENABLE_STATIC
+tfshark_LDFLAGS = -Wl,-static -all-static
+else
+tfshark_LDFLAGS = -export-dynamic
+endif
+
+# Libraries and plugin flags with which to link tfshark.
+tfshark_LDADD = \
+	ui/cli/libcliui.a		\
+	ui/libui.a			\
+	filetap/libfiletap.la		\
+	epan/libwireshark.la		\
+	wsutil/libwsutil.la		\
+	@SSL_LIBS@			\
+	$(plugin_ldadd)			\
+	@GLIB_LIBS@ -lm			\
+	@PCAP_LIBS@			\
+	@SOCKET_LIBS@			\
+	@NSL_LIBS@			\
+	@KRB5_LIBS@			\
+	@SYSTEMCONFIGURATION_FRAMEWORKS@	\
+	@COREFOUNDATION_FRAMEWORKS@	\
+	@PY_LIBS@			\
+	@LIBGNUTLS_LIBS@		\
+	@LIBSMI_LDFLAGS@
+tfshark_CFLAGS = $(AM_CLEAN_CFLAGS) $(py_dissectors_dir)
+
 if ENABLE_STATIC
 rawshark_LDFLAGS = -Wl,-static -all-static
 else
@@ -722,6 +751,7 @@ EXTRA_DIST = \
 	dumpcap.c	\
 	editcap.c		\
 	epan/print.ps		\
+	filetap/CMakeLists.txt	\
 	fix/FIX.xml		\
 	fix/FIX40.xml		\
 	fix/FIX41.xml		\
@@ -802,6 +832,7 @@ EXTRA_DIST = \
 	image/expert_note.png	\
 	image/expert_warn.png	\
 	image/file_dlg_win32.rc \
+	image/filetap.rc.in	\
 	image/hi16-app-wireshark.png	\
 	image/hi32-app-wireshark.png	\
 	image/hi48-app-wireshark.png	\
@@ -1037,12 +1068,12 @@ endif
 endif
 
 
-DIST_SUBDIRS = asn1 codecs doc epan echld ui ui/cli ui/gtk ui/qt help packaging plugins tools wiretap wsutil docbook
+DIST_SUBDIRS = asn1 codecs doc epan echld filetap ui ui/cli ui/gtk ui/qt help packaging plugins tools wiretap wsutil docbook
 
 if HAVE_PLUGINS
-SUBDIRS = tools wsutil wiretap epan @echld_dir@ plugins packaging help ui @wireshark_SUBDIRS@ ui/cli . doc
+SUBDIRS = tools wsutil wiretap filetap epan @echld_dir@ plugins packaging help ui @wireshark_SUBDIRS@ ui/cli . doc
 else
-SUBDIRS = tools wsutil wiretap epan @echld_dir@ packaging help ui @wireshark_SUBDIRS@ ui/cli . doc
+SUBDIRS = tools wsutil wiretap filetap epan @echld_dir@ packaging help ui @wireshark_SUBDIRS@ ui/cli . doc
 endif
 
 help/faq.txt: $(srcdir)/help/faq.py
@@ -1177,6 +1208,7 @@ clean-local:
 	rm -rf $(top_stagedir)
 
 dumpabi:
+	$(MAKE) -C filetap dumpabi-libfiletap
 	$(MAKE) -C wiretap dumpabi-libwiretap
 	$(MAKE) -C epan dumpabi-libwireshark
 	$(MAKE) -C wsutil dumpabi-libwsutil
@@ -1189,6 +1221,7 @@ checkapi_local:
 
 checkapi: checkapi_local
 	cd wiretap && $(MAKE) checkapi
+	cd filetap && $(MAKE) checkapi
 	cd codecs && $(MAKE) checkapi
 	cd ui && $(MAKE) checkapi
 	cd ui/gtk && $(MAKE) checkapi

Makefile.common

@@ -45,7 +45,6 @@ GENERATED_FILES = $(GENERATED_C_FILES) $(GENERATED_HEADER_FILES)
 SHARK_COMMON_SRC =	\
 	$(PLATFORM_SRC)		\
 	capture-pcap-util.c	\
-	cfile.c			\
 	cfutils.c		\
 	clopts_common.c		\
 	frame_tvbuff.c		\
@@ -91,6 +90,7 @@ WIRESHARK_COMMON_SRC =	\
 	capture.c	\
 	capture_info.c	\
 	capture_opts.c	\
+	cfile.c			\
 	color_filters.c	\
 	file.c		\
 	fileset.c	\
@@ -122,12 +122,20 @@ WIRESHARK_COMMON_INCLUDES =	\
 tshark_SOURCES =	\
 	$(SHARK_COMMON_SRC)	\
 	$(SHARK_COMMON_CAPTURE_SRC) \
+	cfile.c			\
 	capture_opts.c		\
 	tshark.c
 
+# tfshark specifics
+tfshark_SOURCES =	\
+	$(SHARK_COMMON_SRC)	\
+	cfile.c			\
+	tfshark.c
+
 # rawshark specifics
 rawshark_SOURCES =	\
 	$(SHARK_COMMON_SRC)	\
+	cfile.c			\
 	rawshark.c
 
 # text2pcap specifics

Makefile.nmake

@@ -57,6 +57,7 @@ include Makefile.common
 
 wireshark_OBJECTS = $(WIRESHARK_COMMON_SRC:.c=.obj)
 tshark_OBJECTS = $(tshark_SOURCES:.c=.obj)
+tfshark_OBJECTS = $(tfshark_SOURCES:.c=.obj)
 rawshark_OBJECTS = $(rawshark_SOURCES:.c=.obj)
 ###text2pcap_OBJECTS = $(text2pcap_SOURCES:.c=.obj)
 mergecap_OBJECTS = $(mergecap_SOURCES:.c=.obj)
@@ -112,6 +113,24 @@ tshark_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
 	$(ZLIB_LIBS)
 !ENDIF
 
+tfshark_LIBS= filetap\filetap-$(FTAP_VERSION).lib \
+	wiretap\wiretap-$(WTAP_VERSION).lib \
+	wsock32.lib user32.lib psapi.lib \
+	$(GLIB_LIBS) \
+	$(GTHREAD_LIBS) \
+	wsutil\libwsutil.lib \
+	$(GNUTLS_LIBS) \
+	$(PYTHON_LIBS) \
+!IFDEF ENABLE_LIBWIRESHARK
+	epan\libwireshark.lib \
+!ELSE
+	epan\dissectors\dissectors.lib \
+	epan\wireshark.lib \
+	epan\dfilter\dfilter.lib \
+	epan\ftypes\ftypes.lib \
+	epan\wmem\wmem.lib
+!ENDIF
+
 rawshark_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
 	wsock32.lib user32.lib psapi.lib \
 	$(GLIB_LIBS) \
@@ -190,7 +209,7 @@ randpkt_LIBS= wiretap\wiretap-$(WTAP_VERSION).lib \
 	wsutil\libwsutil.lib \
 	$(GLIB_LIBS)
 
-EXECUTABLES=wireshark.exe tshark.exe rawshark.exe \
+EXECUTABLES=wireshark.exe tshark.exe tfshark.exe rawshark.exe \
 	capinfos.exe captype.exe editcap.exe mergecap.exe text2pcap.exe \
 	randpkt.exe reordercap.exe dumpcap.exe dftest.exe
 
@@ -199,13 +218,13 @@ EXECUTABLES=$(EXECUTABLES) qtshark.exe
 !ENDIF
 
 RESOURCES=image\wireshark.res image\file_dlg_win32.res \
-	image\libwireshark.res image\tshark.res image\capinfos.res \
+	image\libwireshark.res image\tshark.res image\tfshark.res image\capinfos.res \
 	image\captype.res image\editcap.res image\mergecap.res \
-	image\text2pcap.res image\wiretap.res image\dumpcap.res \
+	image\text2pcap.res image\wiretap.res image\filetap.res image\dumpcap.res \
 	image\rawshark.res image\reordercap.res image\libwsutil.res
 
 
-all: $(LIBS_CHECK) config.h ui\qt\config.pri tools image codecs $(C_ARES_DLL) $(ADNS_DLL) $(ZLIB_DLL) wsutil wiretap epan $(EXECUTABLES) wireshark.bsc $(RESOURCES) help install-all
+all: $(LIBS_CHECK) config.h ui\qt\config.pri tools image codecs $(C_ARES_DLL) $(ADNS_DLL) $(ZLIB_DLL) wsutil wiretap filetap epan $(EXECUTABLES) wireshark.bsc $(RESOURCES) help install-all
 
 !IFDEF MAKENSIS
 packaging: all
@@ -257,6 +276,7 @@ wireshark.bsc: \
 	epan\dissectors\*.sbr		\
 	epan\ftypes\*.sbr		\
 	epan\wslua\*.sbr		\
+	filetap\*.sbr			\
 	plugins\asn1\*.sbr		\
 	plugins\docsis\*.sbr		\
 	plugins\ethercat\*.sbr		\
@@ -295,6 +315,7 @@ $(RESOURCES): image
 ## Note: The proper "SUBSYSTEM" link option to be used for linking each of the Wireshark executables
 ##       is specified in '$(guiflags)' or '$(conflags)' as used as part of the link options.
 ##       (These variables are defined in win32.mak).
+filetap\filetap-$(FTAP_VERSION).lib: image $(ZLIB_DLL) filetap
 wiretap\wiretap-$(WTAP_VERSION).lib: image $(ZLIB_DLL) wiretap
 
 wireshark.exe	: $(LIBS_CHECK) config.h $(wireshark_OBJECTS) codecs epan ui gtk win32 image\wireshark.res image\file_dlg_win32.res wsutil\libwsutil.lib wiretap\wiretap-$(WTAP_VERSION).lib codecs\codecs.lib ui\libui.lib ui\gtk\libgtkui.lib ui\win32\libgtkui_win32.lib plugins
@@ -317,6 +338,15 @@ tshark.exe	: $(LIBS_CHECK) config.h $(tshark_OBJECTS) epan ui cli image\tshark.r
 	mt.exe -nologo -manifest "tshark.exe.manifest" -outputresource:tshark.exe;1
 !ENDIF
 
+tfshark.exe	: $(LIBS_CHECK) config.h $(tfshark_OBJECTS) epan ui cli image\tfshark.res wsutil\libwsutil.lib filetap\filetap-$(FTAP_VERSION).lib plugins
+	@echo Linking $@
+	$(LINK) @<<
+		/OUT:tfshark.exe $(conflags) $(conlibsdll) $(LDFLAGS) /LARGEADDRESSAWARE $(tfshark_LIBS) $(tfshark_OBJECTS) ui\cli\libcliui.lib ui\libui.lib image\tfshark.res
+<<
+!IFDEF MANIFEST_INFO_REQUIRED
+	mt.exe -nologo -manifest "tfshark.exe.manifest" -outputresource:tfshark.exe;1
+!ENDIF
+
 rawshark.exe	: $(LIBS_CHECK) config.h $(rawshark_OBJECTS) epan ui image\rawshark.res wsutil\libwsutil.lib wiretap\wiretap-$(WTAP_VERSION).lib plugins
 	@echo Linking $@
 	$(LINK) @<<
@@ -530,7 +560,7 @@ text2pcap.obj mergecap.obj capinfos.obj captype.obj editcap.obj reordercap.obj v
 
 
 clean-local:
-	rm -f $(wireshark_OBJECTS) $(tshark_OBJECTS) $(dumpcap_OBJECTS) $(rawshark_OBJECTS) \
+	rm -f $(wireshark_OBJECTS) $(tshark_OBJECTS) $(tfshark_OBJECTS) $(dumpcap_OBJECTS) $(rawshark_OBJECTS) \
 		$(EXECUTABLES) *.pdb *.sbr *.exe.manifest \
 		capinfos.obj capinfos.exp capinfos.lib \
 		captype.obj captype.exp captype.lib \
@@ -554,6 +584,8 @@ clean: clean-local
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake clean
 	cd ../wsutil
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake clean
+	cd ../filetap
+	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake clean
 	cd ../codecs
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake clean
 	cd ../ui
@@ -604,6 +636,8 @@ distclean-local: clean-local
 distclean: distclean-local
 	cd wiretap
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake distclean
+	cd ../filetap
+	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake distclean
 	cd ../wsutil
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake distclean
 	cd ../codecs
@@ -649,6 +683,8 @@ maintainer-clean-local: distclean-local
 maintainer-clean: maintainer-clean-local
 	cd wiretap
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake maintainer-clean
+	cd ../filetap
+	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake maintainer-clean
 	cd ../wsutil
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake maintainer-clean
 	cd ../codecs
@@ -759,6 +795,11 @@ wiretap::
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake
 	cd ..
 
+filetap::
+	cd filetap
+	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake
+	cd ..
+
 codecs::
 	cd codecs
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake
@@ -799,7 +840,7 @@ cli:: help config.h svnversion.h doxygen
 	$(MAKE) /$(MAKEFLAGS) /f Makefile.nmake libcliui.lib
 	cd ../..
 
-epan:: $(RESOURCES) $(ZLIB_DLL) wiretap\wiretap-$(WTAP_VERSION).lib $(BUILT_SOURCES) doxygen
+epan:: $(RESOURCES) $(ZLIB_DLL) wiretap\wiretap-$(WTAP_VERSION).lib filetap\filetap-$(FTAP_VERSION).lib $(BUILT_SOURCES) doxygen
 	cd epan
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake
 	cd ..
@@ -1080,6 +1121,9 @@ debug-wireshark: wireshark.exe install-generated-files
 # prepare debugging of tshark in INSTALL_DIR
 debug-tshark: tshark.exe install-generated-files
 
+# prepare debugging of tfshark in INSTALL_DIR
+debug-tfshark: tfshark.exe install-generated-files
+
 # prepare debugging of rawshark in INSTALL_DIR
 debug-rawshark: rawshark.exe install-generated-files
 
@@ -1102,6 +1146,9 @@ install-generated-files: doc
 	xcopy ".\wiretap\wiretap-$(WTAP_VERSION).dll" $(INSTALL_DIR) /d
 	if exist ".\wiretap\wiretap-$(WTAP_VERSION).lib" xcopy ".\wiretap\wiretap-$(WTAP_VERSION).lib" $(INSTALL_DIR) /d
 	if exist ".\wiretap\wiretap-$(WTAP_VERSION).pdb" xcopy ".\wiretap\wiretap-$(WTAP_VERSION).pdb" $(INSTALL_DIR) /d
+	xcopy ".\filetap\filetap-$(FTAP_VERSION).dll" $(INSTALL_DIR) /d
+	if exist ".\filetap\filetap-$(FTAP_VERSION).lib" xcopy ".\filetap\filetap-$(FTAP_VERSION).lib" $(INSTALL_DIR) /d
+	if exist ".\filetap\filetap-$(FTAP_VERSION).pdb" xcopy ".\filetap\filetap-$(FTAP_VERSION).pdb" $(INSTALL_DIR) /d
 	xcopy ".\wsutil\libwsutil.dll" $(INSTALL_DIR) /d
 	if exist ".\wsutil\libwsutil.lib" xcopy ".\wsutil\libwsutil.lib" $(INSTALL_DIR) /d
 	if exist ".\wsutil\libwsutil.pdb" xcopy ".\wsutil\libwsutil.pdb" $(INSTALL_DIR) /d
@@ -1125,6 +1172,8 @@ install-generated-files: doc
 	if exist rawshark.pdb xcopy rawshark.pdb $(INSTALL_DIR) /d
 	if exist text2pcap.exe xcopy text2pcap.exe $(INSTALL_DIR) /d
 	if exist text2pcap.pdb xcopy text2pcap.pdb $(INSTALL_DIR) /d
+	if exist tfshark.exe xcopy tfshark.exe $(INSTALL_DIR) /d
+	if exist tfshark.pdb xcopy tfshark.pdb $(INSTALL_DIR) /d
 	if exist tshark.exe xcopy tshark.exe $(INSTALL_DIR) /d
 	if exist tshark.pdb xcopy tshark.pdb $(INSTALL_DIR) /d
 	xcopy "doc\AUTHORS-SHORT" $(INSTALL_DIR) /d
@@ -1333,6 +1382,7 @@ install-all: install-generated-files
 
 checkapi_local:
 	$(PERL) tools/checkAPIs.pl -build \
+	cfile.c
 	$(WIRESHARK_COMMON_SRC) \
 	$(TSHARK_TAP_SRC) \
 #	$(EXTRA_wireshark_SOURCES)
@@ -1340,6 +1390,8 @@ checkapi_local:
 checkapi: checkapi_local
 	cd wiretap
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake checkapi
+	cd ../filetap
+	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake checkapi
 	cd ../codecs
 	$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake checkapi
 	cd ../ui

config.nmake

@@ -42,6 +42,11 @@ WTAP_VERSION_MAJOR=$(VERSION_MAJOR)
 WTAP_VERSION_MINOR=$(VERSION_MINOR)
 WTAP_VERSION_MICRO=0
 
+# The version of the filetap library. Recommended: Leave unchanged.
+FTAP_VERSION_MAJOR=$(VERSION_MAJOR)
+FTAP_VERSION_MINOR=$(VERSION_MINOR)
+FTAP_VERSION_MICRO=0
+
 ##### Directories #####
 
 #
@@ -1286,6 +1291,8 @@ PRODUCT_VERSION=$(VERSION_MAJOR).$(VERSION_MINOR).$(VERSION_MICRO).$(VERSION_BUI
 
 WTAP_VERSION=$(WTAP_VERSION_MAJOR).$(WTAP_VERSION_MINOR).$(WTAP_VERSION_MICRO)
 RC_WTAP_VERSION=$(WTAP_VERSION_MAJOR),$(WTAP_VERSION_MINOR),$(WTAP_VERSION_MICRO)
+FTAP_VERSION=$(FTAP_VERSION_MAJOR).$(FTAP_VERSION_MINOR).$(FTAP_VERSION_MICRO)
+RC_FTAP_VERSION=$(FTAP_VERSION_MAJOR),$(FTAP_VERSION_MINOR),$(FTAP_VERSION_MICRO)
 
 # GLib
 GLIB_CFLAGS=/I$(GTK_DIR)\include\glib-$(GLIB_VERSION) \

configure.ac

@@ -2860,6 +2860,7 @@ AC_OUTPUT(
   epan/wmem/Makefile
   epan/wslua/Makefile
   epan/wspython/Makefile
+  filetap/Makefile
   codecs/Makefile
   ui/Makefile
   ui/doxygen.cfg

epan/dissectors/file-elf.c

@@ -2435,6 +2435,9 @@ proto_reg_handoff_elf(void)
     dissector_add_string("media_type", "application/x-object", elf_handle);
     dissector_add_string("media_type", "application/x-sharedlib", elf_handle);
 
+    /* XXX - TEMPORARY HACK */
+    dissector_add_uint("ftap_encap", 1234, elf_handle);
+
     heur_dissector_add("wtap_file", dissect_elf_heur, proto_elf);
 }
 

epan/dissectors/packet-ndmp.c

@@ -2547,7 +2547,7 @@ dissect_file_stats(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *pa
 
 
 static int
-dissect_file(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, void* data _U_)
+dissect_ndmp_file(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, void* data _U_)
 {
 	proto_item* item = NULL;
 	proto_tree* tree = NULL;
@@ -2585,7 +2585,7 @@ dissect_fh_add_file_request(tvbuff_t *tvb, int offset, packet_info *pinfo,
 {
 	/* files */
 	offset = dissect_rpc_array(tvb, pinfo, tree, offset,
-			dissect_file, hf_ndmp_files);
+			dissect_ndmp_file, hf_ndmp_files);
 
 	return offset;
 }

epan/epan.c

@@ -334,6 +334,35 @@ epan_dissect_run_with_taps(epan_dissect_t *edt, struct wtap_pkthdr *phdr,
 	wmem_leave_packet_scope();
 }
 
+void
+epan_dissect_file_run(epan_dissect_t *edt, struct wtap_pkthdr *phdr,
+        tvbuff_t *tvb, frame_data *fd, column_info *cinfo)
+{
+#ifdef HAVE_LUA
+	wslua_prime_dfilter(edt); /* done before entering wmem scope */
+#endif
+	wmem_enter_packet_scope();
+	dissect_file(edt, phdr, tvb, fd, cinfo);
+
+	/* free all memory allocated */
+	ep_free_all();
+	wmem_leave_packet_scope();
+}
+
+void
+epan_dissect_file_run_with_taps(epan_dissect_t *edt, struct wtap_pkthdr *phdr,
+        tvbuff_t *tvb, frame_data *fd, column_info *cinfo)
+{
+	wmem_enter_packet_scope();
+	tap_queue_init(edt);
+	dissect_file(edt, phdr, tvb, fd, cinfo);
+	tap_push_tapped_queue(edt);
+
+	/* free all memory allocated */
+	ep_free_all();
+	wmem_leave_packet_scope();
+}
+
 void
 epan_dissect_cleanup(epan_dissect_t* edt)
 {

epan/epan.h

@@ -177,6 +177,17 @@ void
 epan_dissect_run_with_taps(epan_dissect_t *edt, struct wtap_pkthdr *phdr,
         tvbuff_t *tvb, frame_data *fd, struct epan_column_info *cinfo);
 
+/** run a single file packet dissection */
+WS_DLL_PUBLIC
+void
+epan_dissect_file_run(epan_dissect_t *edt, struct wtap_pkthdr *phdr,
+        tvbuff_t *tvb, frame_data *fd, struct epan_column_info *cinfo);
+
+WS_DLL_PUBLIC
+void
+epan_dissect_file_run_with_taps(epan_dissect_t *edt, struct wtap_pkthdr *phdr,
+        tvbuff_t *tvb, frame_data *fd, struct epan_column_info *cinfo);
+
 /** Prime a proto_tree using the fields/protocols used in a dfilter. */
 WS_DLL_PUBLIC
 void

epan/packet.c

@@ -60,6 +60,7 @@
 
 static gint proto_malformed = -1;
 static dissector_handle_t frame_handle = NULL;
+static dissector_handle_t file_handle = NULL;
 static dissector_handle_t data_handle = NULL;
 
 /**
@@ -154,6 +155,9 @@ packet_cache_proto_handles(void)
 	frame_handle = find_dissector("frame");
 	g_assert(frame_handle != NULL);
 
+	file_handle = find_dissector("file");
+	g_assert(file_handle != NULL);
+
 	data_handle = find_dissector("data");
 	g_assert(data_handle != NULL);
 
@@ -465,6 +469,71 @@ dissect_packet(epan_dissect_t *edt, struct wtap_pkthdr *phdr,
 	fd->flags.visited = 1;
 }
 
+/* Creates the top-most tvbuff and calls dissect_file() */
+void
+dissect_file(epan_dissect_t *edt, struct wtap_pkthdr *phdr,
+	       tvbuff_t *tvb, frame_data *fd, column_info *cinfo)
+{
+	if (cinfo != NULL)
+		col_init(cinfo, edt->session);
+	edt->pi.epan = edt->session;
+	/* edt->pi.pool created in epan_dissect_init() */
+	edt->pi.current_proto = "<Missing Filetype Name>";
+	edt->pi.cinfo = cinfo;
+	edt->pi.fd    = fd;
+	edt->pi.phdr  = phdr;
+	edt->pi.pseudo_header = &phdr->pseudo_header;
+	edt->pi.dl_src.type   = AT_NONE;
+	edt->pi.dl_dst.type   = AT_NONE;
+	edt->pi.net_src.type  = AT_NONE;
+	edt->pi.net_dst.type  = AT_NONE;
+	edt->pi.src.type = AT_NONE;
+	edt->pi.dst.type = AT_NONE;
+	edt->pi.ctype = CT_NONE;
+	edt->pi.noreassembly_reason = "";
+	edt->pi.ptype = PT_NONE;
+	edt->pi.p2p_dir = P2P_DIR_UNKNOWN;
+	edt->pi.annex_a_used = MTP2_ANNEX_A_USED_UNKNOWN;
+	edt->pi.link_dir = LINK_DIR_UNKNOWN;
+	edt->pi.layers = wmem_list_new(edt->pi.pool);
+	edt->tvb = tvb;
+
+
+	frame_delta_abs_time(edt->session, fd, fd->frame_ref_num, &edt->pi.rel_ts);
+
+	/* pkt comment use first user, later from phdr */
+	if (fd->flags.has_user_comment) 
+		edt->pi.pkt_comment = epan_get_user_comment(edt->session, fd);
+	else if (fd->flags.has_phdr_comment)
+		edt->pi.pkt_comment = phdr->opt_comment;
+
+	EP_CHECK_CANARY(("before dissecting file %d",fd->num));
+
+	TRY {
+		/* Add this tvbuffer into the data_src list */
+		add_new_data_source(&edt->pi, edt->tvb, "File");
+
+		/* Even though dissect_file() catches all the exceptions a
+		 * sub-dissector can throw, dissect_frame() itself may throw
+		 * a ReportedBoundsError in bizarre cases. Thus, we catch the exception
+		 * in this function. */
+		call_dissector(file_handle, edt->tvb, &edt->pi, edt->tree);
+
+	}
+	CATCH(BoundsError) {
+		g_assert_not_reached();
+	}
+	CATCH2(FragmentBoundsError, ReportedBoundsError) {
+		proto_tree_add_protocol_format(edt->tree, proto_malformed, edt->tvb, 0, 0,
+					       "[Malformed Record: Packet Length]" );
+	}
+	ENDTRY;
+
+	EP_CHECK_CANARY(("after dissecting file %d",fd->num));
+
+	fd->flags.visited = 1;
+}
+
 /*********************** code added for sub-dissector lookup *********************/
 
 /*

epan/packet.h

@@ -541,6 +541,13 @@ extern void dissect_packet(struct epan_dissect *edt,
     struct wtap_pkthdr *phdr, tvbuff_t *tvb,
     frame_data *fd, column_info *cinfo);
 
+/*
+ * Dissectors should never modify the packet data.
+ */
+extern void dissect_file(struct epan_dissect *edt,
+    struct wtap_pkthdr *phdr, tvbuff_t *tvb,
+    frame_data *fd, column_info *cinfo);
+
 /* These functions are in packet-ethertype.c */
 extern void capture_ethertype(guint16 etype, const guchar *pd, int offset,
 		int len, packet_counts *ld);

filetap/file_access.c

@@ -208,6 +208,11 @@ GSList *ftap_get_all_file_extensions_list(void)
 	return extensions;
 }
 
+int empty_open(ftap *wth, int *err, gchar **err_info)
+{
+	return 0;
+}
+
 /* The open_file_* routines should return:
  *
  *	-1 on an I/O error;
@@ -232,7 +237,7 @@ GSList *ftap_get_all_file_extensions_list(void)
  * are easy to identify.  Only an open routine is needed.
  */
 static const ftap_open_routine_t magic_number_open_routines_base[] = {
-	NULL/* libpcap_open, */
+	empty_open/* libpcap_open, */
 };
 #define	N_MAGIC_FILE_TYPES	(sizeof magic_number_open_routines_base / sizeof magic_number_open_routines_base[0])
 

frame_tvbuff.c

@@ -270,3 +270,71 @@ frame_clone(tvbuff_t *tvb, guint abs_offset, guint abs_length)
 
 	return cloned_tvb;
 }
+
+
+/* based on tvb_new_real_data() */
+tvbuff_t *
+file_tvbuff_new(const frame_data *fd, const guint8 *buf)
+{
+	struct tvb_frame *frame_tvb;
+	tvbuff_t *tvb;
+
+	tvb = tvb_new(&tvb_frame_ops);
+
+	/*
+	 * XXX - currently, the length arguments in
+	 * tvbuff structure are signed, but the captured
+	 * and reported length values are unsigned; this means
+	 * that length values > 2^31 - 1 will appear as
+	 * negative lengths
+	 *
+	 * Captured length values that large will already
+	 * have been filtered out by the Wiretap modules
+	 * (the file will be reported as corrupted), to
+	 * avoid trying to allocate large chunks of data.
+	 *
+	 * Reported length values will not have been
+	 * filtered out, and should not be filtered out,
+	 * as those lengths are not necessarily invalid.
+	 *
+	 * For now, we clip the reported length at G_MAXINT
+	 *
+	 * (XXX, is this still a problem?) There was an exception when we call
+	 * tvb_new_real_data() now there's no one
+	 */
+
+	tvb->real_data       = buf;
+	tvb->length          = fd->cap_len;
+	tvb->reported_length = fd->pkt_len > G_MAXINT ? G_MAXINT : fd->pkt_len;
+	tvb->initialized     = TRUE;
+
+	/*
+	 * This is the top-level real tvbuff for this data source,
+	 * so its data source tvbuff is itself.
+	 */
+	tvb->ds_tvb = tvb;
+
+	frame_tvb = (struct tvb_frame *) tvb;
+
+	/* XXX, wtap_can_seek() */
+	if (cfile.wth && cfile.wth->random_fh 
+#ifdef WANT_PACKET_EDITOR
+		&& fd->file_off != -1 /* generic clone for modified packets */
+#endif
+	) {
+		frame_tvb->wth = cfile.wth;
+		frame_tvb->file_off = fd->file_off;
+		frame_tvb->offset = 0;
+	} else
+		frame_tvb->wth = NULL;
+
+	frame_tvb->buf = NULL;
+
+	return tvb;
+}
+
+tvbuff_t *
+file_tvbuff_new_buffer(const frame_data *fd, Buffer *buf)
+{
+	return frame_tvbuff_new(fd, buffer_start_ptr(buf));
+}

frame_tvbuff.h

@@ -35,6 +35,10 @@ extern tvbuff_t *frame_tvbuff_new(const frame_data *fd, const guint8 *buf);
 
 extern tvbuff_t *frame_tvbuff_new_buffer(const frame_data *fd, Buffer *buf);
 
+extern tvbuff_t *file_tvbuff_new(const frame_data *fd, const guint8 *buf);
+
+extern tvbuff_t *file_tvbuff_new_buffer(const frame_data *fd, Buffer *buf);
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */

image/Makefile.nmake

@@ -6,7 +6,7 @@ include ..\config.nmake
 
 # Nmake uses an implicit rule to build a .res from a .rc file!
 
-ALL_RC=wireshark.rc libwireshark.rc tshark.rc rawshark.rc capinfos.rc captype.rc editcap.rc text2pcap.rc mergecap.rc reordercap.rc wiretap.rc dumpcap.rc libwsutil.rc wireshark.exe.manifest
+ALL_RC=wireshark.rc libwireshark.rc tshark.rc tfshark.rc rawshark.rc capinfos.rc captype.rc editcap.rc text2pcap.rc mergecap.rc reordercap.rc filetap.rc wiretap.rc dumpcap.rc libwsutil.rc wireshark.exe.manifest
 all : $(ALL_RC)
 
 wireshark.exe.manifest: wireshark.exe.manifest.in ..\config.nmake
@@ -31,6 +31,11 @@ tshark.rc  : tshark.rc.in wireshark.exe.manifest ..\config.nmake
 		-e s/@RC_VERSION@/$(RC_VERSION)/ \
 		< tshark.rc.in > $@
 
+tfshark.rc  : tfshark.rc.in wireshark.exe.manifest ..\config.nmake
+	sed -e s/@VERSION@/$(VERSION)/ \
+		-e s/@RC_VERSION@/$(RC_VERSION)/ \
+		< tfshark.rc.in > $@
+
 rawshark.rc  : rawshark.rc.in wireshark.exe.manifest ..\config.nmake
 	sed -e s/@VERSION@/$(VERSION)/ \
 		-e s/@RC_VERSION@/$(RC_VERSION)/ \
@@ -66,6 +71,11 @@ text2pcap.rc  : text2pcap.rc.in ..\config.nmake
 		-e s/@RC_VERSION@/$(RC_VERSION)/ \
 		< text2pcap.rc.in > $@
 
+filetap.rc    : filetap.rc.in ..\config.nmake
+	sed -e s/@VERSION@/$(FTAP_VERSION)/ \
+		-e s/@RC_VERSION@/$(RC_FTAP_VERSION)/ \
+		< filetap.rc.in > $@
+
 wiretap.rc    : wiretap.rc.in ..\config.nmake
 	sed -e s/@VERSION@/$(WTAP_VERSION)/ \
 		-e s/@RC_VERSION@/$(RC_WTAP_VERSION)/ \

image/README.image

@@ -43,6 +43,7 @@ editcap.rc.in
 mergecap.rc.in
 rawshark.rc.in
 tshark.rc.in
+tfshark.rc.in
 text2pcap.rc.in
 
 stock_dialog_error_48.xpm		GTK2 default icons for simple_dialog, from:

image/tfshark.rc.in

@@ -0,0 +1,41 @@
+#include "winver.h"
+
+WIRESHARK_ICON		ICON			"wireshark.ico"
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION @RC_VERSION@
+ PRODUCTVERSION @RC_VERSION@
+ FILEFLAGSMASK 0x0L
+#ifdef _DEBUG
+ FILEFLAGS VS_FF_DEBUG
+#else
+ FILEFLAGS 0x0L
+#endif
+ FILEOS VOS_NT_WINDOWS32
+ FILETYPE VFT_APP
+ FILESUBTYPE 0x0L
+BEGIN
+    BLOCK "StringFileInfo"
+    BEGIN
+        BLOCK "040904b0"
+        BEGIN
+            VALUE "CompanyName", "The Wireshark developer community\0"
+            VALUE "FileDescription", "TFShark\0"
+            VALUE "FileVersion", "@VERSION@\0"
+            VALUE "InternalName", "TFShark @VERSION@\0"
+            VALUE "LegalCopyright", "Copyright © 2000 Gerald Combs <gerald@wireshark.org>, Gilbert Ramirez <gram@alumni.rice.edu> and others\0"
+            VALUE "OriginalFilename", "TFShark.exe\0"
+            VALUE "ProductName", "TFShark\0"
+            VALUE "ProductVersion", "@VERSION@\0"
+        END
+    END
+    BLOCK "VarFileInfo"
+    BEGIN
+        VALUE "Translation", 0x409, 1200
+    END
+END
+
+#define MANIFEST_RESOURCE_ID 1
+#define RT_MANIFEST 24
+
+MANIFEST_RESOURCE_ID RT_MANIFEST "wireshark.exe.manifest"

make-version.pl

@@ -442,7 +442,7 @@ sub update_debian_wcf
 	while ($line = <DWCF>) {
 		# /usr/lib/wireshark/libwireshark.so.1.1.0
 
-		if ($line =~ qr{^(/usr/lib/wireshark/lib(wireshark|wiretap).so\.\d+\.\d+\.)\d+$}) {
+		if ($line =~ qr{^(/usr/lib/wireshark/lib(wireshark|wiretap|filetap).so\.\d+\.\d+\.)\d+$}) {
 			$line = sprintf("$1%d\n", $version_pref{"version_micro"});
 		}
 		$contents .= $line
@@ -469,10 +469,10 @@ sub update_lib_releases
 	#   "If the library source code has changed at all since the last
 	#    update, then increment revision (‘c:r:a’ becomes ‘c:r+1:a’)."
 	# epan changes with each minor release, almost by definition. wiretap
-	# changes with *most* releases.
+	# and filetap changes with *most* releases.
 	#
 	# http://www.gnu.org/software/libtool/manual/libtool.html#Updating-version-info
-	for $filedir ("epan", "wiretap") {	# "wsutil"
+	for $filedir ("epan", "wiretap", "filetap") {	# "wsutil"
 		$contents = "";
 		$filepath = $filedir . "/Makefile.am";
 		open(MAKEFILE_AM, "< $filepath") || die "Can't read $filepath!";

wiretap/file_wrappers.h

@@ -20,8 +20,8 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  */
 
-#ifndef __FILE_H__
-#define __FILE_H__
+#ifndef __WTAP_FILE_WRAPPERS_H__
+#define __WTAP_FILE_WRAPPERS_H__
 
 #include <glib.h>
 #include <wtap.h>