forked from osmocom/wireshark
Remove synchronous DNS name resolution
Change-Id: Ie5e670b769eb0674950f3679ef511047641c2873 Reviewed-on: https://code.wireshark.org/review/14751 Petri-Dish: João Valverde <j@v6e.pt> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
parent
1cf7834b2d
commit
e005bc819c
|
@ -879,9 +879,8 @@ if(HAVE_LIBCARES)
|
|||
set(HAVE_C_ARES 1)
|
||||
endif()
|
||||
if(NOT HAVE_LIBCARES)
|
||||
# We should make this an error at some point.
|
||||
message(WARNING "Not using c-ares.")
|
||||
message(WARNING "Synchronous name resolution can seriously degrade performance.")
|
||||
message(WARNING "DNS name resolution for captures will be disabled.")
|
||||
endif()
|
||||
if(HAVE_LIBNL AND HAVE_AIRPCAP)
|
||||
message(ERROR "Airpcap and Libnl support are mutually exclusive")
|
||||
|
|
|
@ -105,8 +105,7 @@ check_symbol_exists("lrint" "math.h" HAVE_LRINT)
|
|||
cmake_pop_check_state()
|
||||
|
||||
check_function_exists("getaddrinfo" HAVE_GETADDRINFO)
|
||||
check_function_exists("gethostbyname" HAVE_GETHOSTBYNAME)
|
||||
check_function_exists("gethostbyname2" HAVE_GETHOSTBYNAME2)
|
||||
|
||||
check_function_exists("getopt_long" HAVE_GETOPT_LONG)
|
||||
if(HAVE_GETOPT_LONG)
|
||||
if(HAVE_GETOPT_H)
|
||||
|
|
|
@ -88,12 +88,6 @@
|
|||
/* Define to 1 if you have the `getaddrinfo' function. */
|
||||
#cmakedefine HAVE_GETADDRINFO 1
|
||||
|
||||
/* Define to 1 if you have the `gethostbyname' function. */
|
||||
#cmakedefine HAVE_GETHOSTBYNAME 1
|
||||
|
||||
/* Define to 1 if you have the `gethostbyname2' function. */
|
||||
#cmakedefine HAVE_GETHOSTBYNAME2 1
|
||||
|
||||
/* Define to 1 if you have the getopt_long function. */
|
||||
#cmakedefine HAVE_GETOPT_LONG 1
|
||||
|
||||
|
|
|
@ -2628,9 +2628,6 @@ else
|
|||
fi
|
||||
AC_SUBST(C_ARES_LIBS)
|
||||
|
||||
# Check for synchronous name resolvers
|
||||
AC_CHECK_FUNCS([getaddrinfo gethostbyname gethostbyname2])
|
||||
|
||||
dnl GEOIP Check
|
||||
GEOIP_LIBS=''
|
||||
AC_MSG_CHECKING(whether to use the GeoIP IP address mapping library if available)
|
||||
|
@ -2715,6 +2712,8 @@ AC_C_BIGENDIAN
|
|||
# XXX - do we need this?
|
||||
AC_PROG_GCC_TRADITIONAL
|
||||
|
||||
AC_CHECK_FUNCS([getaddrinfo])
|
||||
|
||||
AC_CHECK_FUNC(getopt_long,
|
||||
[
|
||||
GETOPT_LO=""
|
||||
|
@ -3354,8 +3353,7 @@ fi
|
|||
if test "x$have_good_c_ares" = "xyes" ; then
|
||||
c_ares_message="yes"
|
||||
else
|
||||
# We should make this an error at some point.
|
||||
c_ares_message="no. This can cause serious performance issues."
|
||||
c_ares_message="no (name resolution will be disabled)"
|
||||
fi
|
||||
|
||||
if test "x$have_good_libcap" = "xyes" ; then
|
||||
|
|
|
@ -170,8 +170,6 @@ resolution
|
|||
|
||||
B<t> to enable transport-layer port number resolution
|
||||
|
||||
B<C> to enable concurrent (asynchronous) DNS lookups
|
||||
|
||||
B<d> to enable resolution from captured DNS packets
|
||||
|
||||
=item -o E<lt>preferenceE<gt>:E<lt>valueE<gt>
|
||||
|
|
|
@ -575,8 +575,6 @@ are turned on.
|
|||
|
||||
The argument is a string that may contain the letters:
|
||||
|
||||
B<C> to enable concurrent (asynchronous) DNS lookups
|
||||
|
||||
B<d> to enable resolution from captured DNS packets
|
||||
|
||||
B<m> to enable MAC address resolution
|
||||
|
|
|
@ -475,8 +475,6 @@ resolution
|
|||
|
||||
B<t> to enable transport-layer port number resolution
|
||||
|
||||
B<C> to enable concurrent (asynchronous) DNS lookups
|
||||
|
||||
B<d> to enable resolution from captured DNS packets
|
||||
|
||||
=item -o E<lt>preference/recent settingE<gt>
|
||||
|
|
|
@ -29,6 +29,11 @@ since version 2.0.0:
|
|||
the current capture file via the View menu in the Qt GUI.
|
||||
** You can now show selected packet bytes as ASCII, HTML, Image, ISO 8859-1, Raw or UTF-8.
|
||||
** You can now use regular expressions in Find Packet.
|
||||
** Name resolution for packet capture now supports asynchronous DNS lookups only. Therefore the
|
||||
"concurrent DNS resolution" preference has been deprecated and is a no-op. To enable DNS name
|
||||
resolution some build dependencies must be present (currently c-ares). If that is not the case DNS
|
||||
name resolution will be disabled (but other name resolution mechanisms, such as host files,
|
||||
are still available).
|
||||
|
||||
//=== Removed Dissectors
|
||||
|
||||
|
|
|
@ -700,34 +700,30 @@ an abbreviated manufacturer name, which has been assigned by the IEEE (e.g.
|
|||
Try to resolve an IP address (e.g. 216.239.37.99) to something more ``human
|
||||
readable''.
|
||||
|
||||
__DNS/concurrent DNS name resolution (system/library service)__: Wireshark will
|
||||
ask the operating system (or the concurrent DNS library), to convert an IP
|
||||
address to the hostname associated with it (e.g. 216.239.37.99 ->
|
||||
www.1.google.com). The DNS service is using synchronous calls to the DNS server.
|
||||
So Wireshark will stop responding until a response to a DNS request is returned.
|
||||
If possible, you might consider using the concurrent DNS library (which won't
|
||||
wait for a name server response).
|
||||
__DNS name resolution (system/library service)__: Wireshark will use a name
|
||||
resolver to convert an IP address to the hostname associated with it
|
||||
(e.g. 216.239.37.99 -> www.1.google.com).
|
||||
|
||||
[WARNING]
|
||||
====
|
||||
Enabling network name resolution when your name server is unavailable may
|
||||
significantly slow down Wireshark while it waits for all of the name server
|
||||
requests to time out. Always use concurrent DNS resolution.
|
||||
====
|
||||
DNS name resolution can generally be performed synchronously or asynchronously.
|
||||
Both mechanisms can be used to convert an IP address to some human readable
|
||||
(domain) name. A system call like gethostname() will try to convert the address
|
||||
to a name. To do this, it will first ask the systems hosts file
|
||||
(e.g. __/etc/hosts__) if it finds a matching entry. If that fails, it will ask
|
||||
the configured DNS server(s) about the name.
|
||||
|
||||
__DNS vs. concurrent DNS__: here's a short comparison: Both mechanisms are used
|
||||
to convert an IP address to some human readable (domain) name. The usual DNS
|
||||
call gethostname() will try to convert the address to a name. To do this, it
|
||||
will first ask the systems hosts file (e.g. __/etc/hosts__) if it finds a
|
||||
matching entry. If that fails, it will ask the configured DNS server(s) about
|
||||
the name.
|
||||
|
||||
So the real difference between DNS and concurrent DNS comes when the system has
|
||||
to wait for the DNS server about a name resolution. The system call
|
||||
So the real difference between synchronous DNS and asynchronous DNS comes when
|
||||
the system has to wait for the DNS server about a name resolution. The system call
|
||||
gethostname() will wait until a name is resolved or an error occurs. If the DNS
|
||||
server is unavailable, this might take quite a while (several seconds).
|
||||
|
||||
The concurrent DNS service works a bit differently. It will also ask the DNS
|
||||
[WARNING]
|
||||
====
|
||||
To provide acceptable performance Wireshark depends on
|
||||
an asynchronous DNS library to do name resolution. If one isn't available
|
||||
during compilation the feature will be unavailable.
|
||||
====
|
||||
|
||||
The asynchronous DNS service works a bit differently. It will also ask the DNS
|
||||
server, but it won't wait for the answer. It will just return to Wireshark in a
|
||||
very short amount of time. The actual (and the following) address fields won't
|
||||
show the resolved name until the DNS server returns an answer. As mentioned
|
||||
|
|
|
@ -287,8 +287,7 @@ Turns on name resolving for particular types of addresses and port numbers. The
|
|||
argument is a string that may contain the letters `m` to enable MAC address
|
||||
resolution, `n` to enable network address resolution, and `t` to enable
|
||||
transport-layer port number resolution. This overrides `-n` if both `-N` and
|
||||
`-n` are present. The letter `C` enables concurrent (asynchronous) DNS lookups.
|
||||
The letter `d` enables resolution from captured DNS packets.
|
||||
`-n` are present. The letter `d` enables resolution from captured DNS packets.
|
||||
|
||||
-o <preference or recent settings>::
|
||||
|
||||
|
|
|
@ -284,7 +284,6 @@ e_addr_resolve gbl_resolv_flags = {
|
|||
TRUE, /* mac_name */
|
||||
FALSE, /* network_name */
|
||||
FALSE, /* transport_name */
|
||||
TRUE, /* concurrent_dns */
|
||||
TRUE, /* dns_pkt_addr_resolution */
|
||||
TRUE, /* use_external_net_name_resolver */
|
||||
FALSE, /* load_hosts_file_from_profile_only */
|
||||
|
@ -318,7 +317,6 @@ gchar *g_pvlan_path = NULL; /* personal vlans file */
|
|||
* ares_gethostbyaddr().
|
||||
* The callback processes the response, then frees the request.
|
||||
*/
|
||||
#define ASYNC_DNS
|
||||
typedef struct _async_dns_queue_msg
|
||||
{
|
||||
union {
|
||||
|
@ -343,9 +341,7 @@ static void c_ares_ghba_cb(void *arg, int status, int timeouts _U_, struct hoste
|
|||
|
||||
ares_channel ghba_chan; /* ares_gethostbyaddr -- Usually non-interactive, no timeout */
|
||||
ares_channel ghbn_chan; /* ares_gethostbyname -- Usually interactive, timeout */
|
||||
#endif /* HAVE_C_ARES */
|
||||
|
||||
#ifdef ASYNC_DNS
|
||||
static gboolean async_dns_initialized = FALSE;
|
||||
static guint async_dns_in_flight = 0;
|
||||
static GList *async_dns_queue_head = NULL;
|
||||
|
@ -361,7 +357,7 @@ add_async_dns_ipv4(int type, guint32 addr)
|
|||
msg->addr.ip4 = addr;
|
||||
async_dns_queue_head = g_list_append(async_dns_queue_head, (gpointer) msg);
|
||||
}
|
||||
#endif /* ASYNC_DNS */
|
||||
#endif /* HAVE_C_ARES */
|
||||
|
||||
typedef struct {
|
||||
guint32 mask;
|
||||
|
@ -798,69 +794,29 @@ host_lookup(const guint addr)
|
|||
*/
|
||||
tp = new_ipv4(addr);
|
||||
g_hash_table_insert(ipv4_hash_table, GUINT_TO_POINTER(addr), tp);
|
||||
} else {
|
||||
if ((tp->flags & DUMMY_AND_RESOLVE_FLGS) == DUMMY_ADDRESS_ENTRY) {
|
||||
/*
|
||||
* This hasn't been resolved yet, and we haven't tried to
|
||||
* resolve it already, so try.
|
||||
*/
|
||||
goto try_resolv;
|
||||
}
|
||||
} else if ((tp->flags & DUMMY_AND_RESOLVE_FLGS) != DUMMY_ADDRESS_ENTRY) {
|
||||
return tp;
|
||||
}
|
||||
|
||||
try_resolv:
|
||||
if (gbl_resolv_flags.network_name && gbl_resolv_flags.use_external_net_name_resolver) {
|
||||
tp->flags |= TRIED_RESOLVE_ADDRESS;
|
||||
|
||||
#ifdef ASYNC_DNS
|
||||
if (gbl_resolv_flags.concurrent_dns &&
|
||||
name_resolve_concurrency > 0 &&
|
||||
async_dns_initialized) {
|
||||
add_async_dns_ipv4(AF_INET, addr);
|
||||
fill_dummy_ip4(addr, tp);
|
||||
return tp;
|
||||
}
|
||||
|
||||
/*
|
||||
* The Windows "gethostbyaddr()" insists on translating 0.0.0.0 to
|
||||
* the name of the host on which it's running; to work around that
|
||||
* botch, we don't try to translate an all-zero IP address to a host
|
||||
* name.
|
||||
*
|
||||
* Presumably getaddrinfo() behaves the same way. Anyway, we should
|
||||
* never get to this code on Windows since those builds include c-ares.
|
||||
*/
|
||||
#elif defined(HAVE_GETADDRINFO)
|
||||
if (addr != 0) {
|
||||
struct sockaddr_in sin;
|
||||
|
||||
memset(&sin, 0, sizeof(sin));
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = addr;
|
||||
if (getnameinfo((struct sockaddr *)&sin, sizeof(sin),
|
||||
tp->name, sizeof(tp->name),
|
||||
NULL, 0, NI_NAMEREQD) == 0) {
|
||||
return tp;
|
||||
}
|
||||
}
|
||||
#elif defined(HAVE_GETHOSTBYNAME)
|
||||
if (addr != 0) {
|
||||
struct hostent *hostp;
|
||||
|
||||
hostp = gethostbyaddr((const char *)&addr, 4, AF_INET);
|
||||
|
||||
if (hostp != NULL && hostp->h_name[0] != '\0') {
|
||||
g_strlcpy(tp->name, hostp->h_name, MAXNAMELEN);
|
||||
return tp;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/* unknown host or DNS timeout */
|
||||
}
|
||||
/*
|
||||
* This hasn't been resolved yet, and we haven't tried to
|
||||
* resolve it already.
|
||||
*/
|
||||
|
||||
fill_dummy_ip4(addr, tp);
|
||||
if (!gbl_resolv_flags.network_name)
|
||||
return tp;
|
||||
|
||||
if (gbl_resolv_flags.use_external_net_name_resolver) {
|
||||
tp->flags |= TRIED_RESOLVE_ADDRESS;
|
||||
|
||||
#ifdef HAVE_C_ARES
|
||||
if (async_dns_initialized && name_resolve_concurrency > 0) {
|
||||
add_async_dns_ipv4(AF_INET, addr);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
return tp;
|
||||
|
||||
} /* host_lookup */
|
||||
|
@ -884,10 +840,6 @@ host_lookup6(const struct e_in6_addr *addr)
|
|||
hashipv6_t * volatile tp;
|
||||
#ifdef HAVE_C_ARES
|
||||
async_dns_queue_msg_t *caqm;
|
||||
#elif defined(HAVE_GETADDRINFO)
|
||||
struct sockaddr_in6 sin6;
|
||||
#elif defined(HAVE_GETHOSTBYNAME)
|
||||
struct hostent *hostp;
|
||||
#endif
|
||||
|
||||
tp = (hashipv6_t *)g_hash_table_lookup(ipv6_hash_table, addr);
|
||||
|
@ -902,54 +854,31 @@ host_lookup6(const struct e_in6_addr *addr)
|
|||
tp = new_ipv6(addr);
|
||||
memcpy(addr_key, addr, 16);
|
||||
g_hash_table_insert(ipv6_hash_table, addr_key, tp);
|
||||
} else {
|
||||
if ((tp->flags & DUMMY_AND_RESOLVE_FLGS) == DUMMY_ADDRESS_ENTRY) {
|
||||
/*
|
||||
* This hasn't been resolved yet, and we haven't tried to
|
||||
* resolve it already, so try.
|
||||
*/
|
||||
goto try_resolv;
|
||||
}
|
||||
} else if ((tp->flags & DUMMY_AND_RESOLVE_FLGS) != DUMMY_ADDRESS_ENTRY) {
|
||||
return tp;
|
||||
}
|
||||
|
||||
try_resolv:
|
||||
if (gbl_resolv_flags.network_name &&
|
||||
gbl_resolv_flags.use_external_net_name_resolver) {
|
||||
/*
|
||||
* This hasn't been resolved yet, and we haven't tried to
|
||||
* resolve it already.
|
||||
*/
|
||||
|
||||
fill_dummy_ip6(tp);
|
||||
if (!gbl_resolv_flags.network_name)
|
||||
return tp;
|
||||
|
||||
if (gbl_resolv_flags.use_external_net_name_resolver) {
|
||||
tp->flags |= TRIED_RESOLVE_ADDRESS;
|
||||
#ifdef HAVE_C_ARES
|
||||
if ((gbl_resolv_flags.concurrent_dns) &&
|
||||
name_resolve_concurrency > 0 &&
|
||||
async_dns_initialized) {
|
||||
if (async_dns_initialized && name_resolve_concurrency > 0) {
|
||||
caqm = g_new(async_dns_queue_msg_t,1);
|
||||
caqm->family = AF_INET6;
|
||||
memcpy(&caqm->addr.ip6, addr, sizeof(caqm->addr.ip6));
|
||||
async_dns_queue_head = g_list_append(async_dns_queue_head, (gpointer) caqm);
|
||||
fill_dummy_ip6(tp);
|
||||
return tp;
|
||||
}
|
||||
#elif defined(HAVE_GETADDRINFO)
|
||||
memset(&sin6, 0, sizeof(sin6));
|
||||
sin6.sin6_family = AF_INET6;
|
||||
memcpy(sin6.sin6_addr.s6_addr, addr, sizeof(*addr));
|
||||
if (getnameinfo((struct sockaddr *)&sin6, sizeof(sin6),
|
||||
tp->name, sizeof(tp->name),
|
||||
NULL, 0, NI_NAMEREQD) == 0) {
|
||||
return tp;
|
||||
}
|
||||
#elif defined(HAVE_GETHOSTBYNAME)
|
||||
/* Quick hack to avoid DNS/YP timeout */
|
||||
hostp = gethostbyaddr((const char *)addr, sizeof(*addr), AF_INET6);
|
||||
|
||||
if (hostp != NULL && hostp->h_name[0] != '\0') {
|
||||
g_strlcpy(tp->name, hostp->h_name, MAXNAMELEN);
|
||||
return tp;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
/* unknown host or DNS timeout */
|
||||
fill_dummy_ip6(tp);
|
||||
return tp;
|
||||
|
||||
} /* host_lookup6 */
|
||||
|
@ -2461,6 +2390,7 @@ addr_resolve_pref_init(module_t *nameres)
|
|||
"Whether address/name pairs found in captured DNS packets should be used by Wireshark for name resolution.",
|
||||
&gbl_resolv_flags.dns_pkt_addr_resolution);
|
||||
|
||||
#ifdef HAVE_C_ARES
|
||||
prefs_register_bool_preference(nameres, "use_external_name_resolver",
|
||||
"Use an external network name resolver",
|
||||
"Use your system's configured name resolver"
|
||||
|
@ -2469,13 +2399,7 @@ addr_resolve_pref_init(module_t *nameres)
|
|||
" is enabled.",
|
||||
&gbl_resolv_flags.use_external_net_name_resolver);
|
||||
|
||||
#ifdef HAVE_C_ARES
|
||||
prefs_register_bool_preference(nameres, "concurrent_dns",
|
||||
"Enable concurrent DNS name resolution",
|
||||
"Enable concurrent DNS name resolution. Only"
|
||||
" applies when network name resolution is"
|
||||
" enabled. You probably want to enable this.",
|
||||
&gbl_resolv_flags.concurrent_dns);
|
||||
prefs_register_obsolete_preference(nameres, "concurrent_dns");
|
||||
|
||||
prefs_register_uint_preference(nameres, "name_resolve_concurrency",
|
||||
"Maximum concurrent requests",
|
||||
|
@ -2486,9 +2410,9 @@ addr_resolve_pref_init(module_t *nameres)
|
|||
10,
|
||||
&name_resolve_concurrency);
|
||||
#else
|
||||
prefs_register_static_text_preference(nameres, "concurrent_dns",
|
||||
"Enable concurrent DNS name resolution: N/A",
|
||||
"Support for concurrent DNS name resolution was not"
|
||||
prefs_register_static_text_preference(nameres, "use_external_name_resolver",
|
||||
"Use an external network name resolver: N/A",
|
||||
"Support for using a concurrent external name resolver was not"
|
||||
" compiled into this version of Wireshark");
|
||||
#endif
|
||||
|
||||
|
@ -2514,7 +2438,6 @@ disable_name_resolution(void) {
|
|||
gbl_resolv_flags.mac_name = FALSE;
|
||||
gbl_resolv_flags.network_name = FALSE;
|
||||
gbl_resolv_flags.transport_name = FALSE;
|
||||
gbl_resolv_flags.concurrent_dns = FALSE;
|
||||
gbl_resolv_flags.dns_pkt_addr_resolution = FALSE;
|
||||
gbl_resolv_flags.use_external_net_name_resolver = FALSE;
|
||||
gbl_resolv_flags.vlan_name = FALSE;
|
||||
|
@ -2758,17 +2681,15 @@ host_name_lookup_init(void)
|
|||
}
|
||||
g_free(hostspath);
|
||||
#ifdef HAVE_C_ARES
|
||||
if (gbl_resolv_flags.concurrent_dns) {
|
||||
#ifdef CARES_HAVE_ARES_LIBRARY_INIT
|
||||
if (ares_library_init(ARES_LIB_INIT_ALL) == ARES_SUCCESS) {
|
||||
if (ares_library_init(ARES_LIB_INIT_ALL) == ARES_SUCCESS) {
|
||||
#endif
|
||||
if (ares_init(&ghba_chan) == ARES_SUCCESS && ares_init(&ghbn_chan) == ARES_SUCCESS) {
|
||||
async_dns_initialized = TRUE;
|
||||
}
|
||||
#ifdef CARES_HAVE_ARES_LIBRARY_INIT
|
||||
if (ares_init(&ghba_chan) == ARES_SUCCESS && ares_init(&ghbn_chan) == ARES_SUCCESS) {
|
||||
async_dns_initialized = TRUE;
|
||||
}
|
||||
#endif
|
||||
#ifdef CARES_HAVE_ARES_LIBRARY_INIT
|
||||
}
|
||||
#endif
|
||||
#else
|
||||
#endif /* HAVE_C_ARES */
|
||||
|
||||
|
@ -3195,10 +3116,6 @@ get_host_ipaddr(const char *host, guint32 *addrp)
|
|||
int nfds;
|
||||
fd_set rfds, wfds;
|
||||
async_hostent_t ahe;
|
||||
#elif defined(HAVE_GETADDRINFO)
|
||||
struct addrinfo hint, *result = NULL;
|
||||
#elif defined(HAVE_GETHOSTBYNAME)
|
||||
struct hostent *hp;
|
||||
#endif
|
||||
|
||||
/*
|
||||
|
@ -3221,9 +3138,7 @@ get_host_ipaddr(const char *host, guint32 *addrp)
|
|||
}
|
||||
|
||||
#ifdef HAVE_C_ARES
|
||||
if (! (gbl_resolv_flags.concurrent_dns) ||
|
||||
name_resolve_concurrency < 1 ||
|
||||
! async_dns_initialized) {
|
||||
if (!async_dns_initialized || name_resolve_concurrency < 1) {
|
||||
return FALSE;
|
||||
}
|
||||
ahe.addr_size = (int) sizeof (struct in_addr);
|
||||
|
@ -3246,37 +3161,6 @@ get_host_ipaddr(const char *host, guint32 *addrp)
|
|||
return TRUE;
|
||||
}
|
||||
return FALSE;
|
||||
#elif defined(HAVE_GETADDRINFO)
|
||||
/*
|
||||
* This can be slow, particularly for capture files with lots of
|
||||
* addresses. Should we just return FALSE instead?
|
||||
*/
|
||||
memset(&hint, 0, sizeof(hint));
|
||||
hint.ai_family = AF_INET;
|
||||
if (getaddrinfo(host, NULL, &hint, &result) == 0) {
|
||||
/* Probably more checks than necessary */
|
||||
if (result != NULL) {
|
||||
gboolean ret_val = FALSE;
|
||||
if (result->ai_family == AF_INET && result->ai_addrlen == 4) {
|
||||
memcpy(&ipaddr, result->ai_addr->sa_data, result->ai_addrlen);
|
||||
ret_val = TRUE;
|
||||
}
|
||||
freeaddrinfo(result);
|
||||
return ret_val;
|
||||
}
|
||||
}
|
||||
#elif defined(HAVE_GETHOSTBYNAME)
|
||||
hp = gethostbyname(host);
|
||||
if (hp == NULL) {
|
||||
/* No. */
|
||||
return FALSE;
|
||||
/* Apparently, some versions of gethostbyaddr can
|
||||
* return IPv6 addresses. */
|
||||
} else if (hp->h_length <= (int) sizeof (struct in_addr)) {
|
||||
memcpy(&ipaddr, hp->h_addr, hp->h_length);
|
||||
} else {
|
||||
return FALSE;
|
||||
}
|
||||
#endif
|
||||
} else {
|
||||
/* Does the string really contain dotted-quad IP?
|
||||
|
@ -3306,10 +3190,6 @@ get_host_ipaddr6(const char *host, struct e_in6_addr *addrp)
|
|||
int nfds;
|
||||
fd_set rfds, wfds;
|
||||
async_hostent_t ahe;
|
||||
#elif defined(HAVE_GETADDRINFO)
|
||||
struct addrinfo hint, *result = NULL;
|
||||
#elif defined(HAVE_GETHOSTBYNAME2)
|
||||
struct hostent *hp;
|
||||
#endif /* HAVE_C_ARES */
|
||||
|
||||
if (str_to_ip6(host, addrp))
|
||||
|
@ -3329,9 +3209,7 @@ get_host_ipaddr6(const char *host, struct e_in6_addr *addrp)
|
|||
|
||||
/* try FQDN */
|
||||
#ifdef HAVE_C_ARES
|
||||
if (! (gbl_resolv_flags.concurrent_dns) ||
|
||||
name_resolve_concurrency < 1 ||
|
||||
! async_dns_initialized) {
|
||||
if (!async_dns_initialized || name_resolve_concurrency < 1) {
|
||||
return FALSE;
|
||||
}
|
||||
ahe.addr_size = (int) sizeof (struct e_in6_addr);
|
||||
|
@ -3353,31 +3231,6 @@ get_host_ipaddr6(const char *host, struct e_in6_addr *addrp)
|
|||
if (ahe.addr_size == ahe.copied) {
|
||||
return TRUE;
|
||||
}
|
||||
#elif defined(HAVE_GETADDRINFO)
|
||||
/*
|
||||
* This can be slow, particularly for capture files with lots of
|
||||
* addresses. Should we just return FALSE instead?
|
||||
*/
|
||||
memset(&hint, 0, sizeof(hint));
|
||||
hint.ai_family = AF_INET6;
|
||||
if (getaddrinfo(host, NULL, &hint, &result) == 0) {
|
||||
/* Probably more checks than necessary */
|
||||
if (result != NULL) {
|
||||
gboolean ret_val = FALSE;
|
||||
if (result->ai_family == AF_INET6 && result->ai_addrlen == sizeof(struct e_in6_addr)) {
|
||||
memcpy(addrp, result->ai_addr->sa_data, result->ai_addrlen);
|
||||
ret_val = TRUE;
|
||||
}
|
||||
freeaddrinfo(result);
|
||||
return ret_val;
|
||||
}
|
||||
}
|
||||
#elif defined(HAVE_GETHOSTBYNAME2)
|
||||
hp = gethostbyname2(host, AF_INET6);
|
||||
if (hp != NULL && hp->h_length == sizeof(struct e_in6_addr)) {
|
||||
memcpy(addrp, hp->h_addr, hp->h_length);
|
||||
return TRUE;
|
||||
}
|
||||
#endif
|
||||
|
||||
return FALSE;
|
||||
|
@ -3389,13 +3242,14 @@ get_host_ipaddr6(const char *host, struct e_in6_addr *addrp)
|
|||
* that we don't know)
|
||||
*/
|
||||
const char *
|
||||
host_ip_af(const char *host
|
||||
#if !defined(HAVE_GETADDRINFO) || !defined(HAVE_GETHOSTBYNAME2)
|
||||
_U_
|
||||
#ifdef HAVE_GETADDRINFO
|
||||
host_ip_af(const char *host)
|
||||
#else
|
||||
host_ip_af(const char *host _U_)
|
||||
#endif
|
||||
)
|
||||
{
|
||||
const char *af = "ip";
|
||||
|
||||
#ifdef HAVE_GETADDRINFO
|
||||
struct addrinfo hint, *result = NULL;
|
||||
memset(&hint, 0, sizeof(hint));
|
||||
|
@ -3406,9 +3260,6 @@ host_ip_af(const char *host
|
|||
}
|
||||
freeaddrinfo(result);
|
||||
}
|
||||
#elif defined(HAVE_GETHOSTBYNAME2)
|
||||
struct hostent *h;
|
||||
return (h = gethostbyname2(host, AF_INET6)) && h->h_addrtype == AF_INET6 ? "ip6" : "ip";
|
||||
#endif
|
||||
return af;
|
||||
}
|
||||
|
|
|
@ -58,7 +58,6 @@ typedef struct _e_addr_resolve {
|
|||
gboolean mac_name; /**< Whether to resolve Ethernet MAC to manufacturer names */
|
||||
gboolean network_name; /**< Whether to resolve IPv4, IPv6, and IPX addresses into host names */
|
||||
gboolean transport_name; /**< Whether to resolve TCP/UDP/DCCP/SCTP ports into service names */
|
||||
gboolean concurrent_dns; /**< Whether to use concurrent DNS name resolution */
|
||||
gboolean dns_pkt_addr_resolution; /**< Whether to resolve addresses using captured DNS packets */
|
||||
gboolean use_external_net_name_resolver; /**< Whether to system's configured DNS server to resolve names */
|
||||
gboolean load_hosts_file_from_profile_only; /**< Whether to only load the hosts in the current profile, not hosts files */
|
||||
|
|
|
@ -282,7 +282,7 @@ const char *ipprotostr(const int proto) {
|
|||
* protocol names?
|
||||
*/
|
||||
if (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
|
||||
gbl_resolv_flags.transport_name || gbl_resolv_flags.concurrent_dns) {
|
||||
gbl_resolv_flags.transport_name) {
|
||||
static char buf[128];
|
||||
struct protoent *pe;
|
||||
|
||||
|
|
|
@ -3909,7 +3909,8 @@ string_to_name_resolve(const char *string, e_addr_resolve *name_resolve)
|
|||
name_resolve->transport_name = TRUE;
|
||||
break;
|
||||
case 'C':
|
||||
name_resolve->concurrent_dns = TRUE;
|
||||
/* DEPRECATED */
|
||||
/* name_resolve->concurrent_dns */
|
||||
break;
|
||||
case 'd':
|
||||
name_resolve->dns_pkt_addr_resolution = TRUE;
|
||||
|
@ -4067,7 +4068,6 @@ set_pref(gchar *pref_name, const gchar *value, void *private_data _U_,
|
|||
gbl_resolv_flags.mac_name = TRUE;
|
||||
gbl_resolv_flags.network_name = TRUE;
|
||||
gbl_resolv_flags.transport_name = TRUE;
|
||||
gbl_resolv_flags.concurrent_dns = TRUE;
|
||||
}
|
||||
else if (g_ascii_strcasecmp(value, "false") == 0) {
|
||||
disable_name_resolution();
|
||||
|
|
|
@ -189,7 +189,7 @@ print_usage(FILE *output)
|
|||
fprintf(output, " packet encapsulation or protocol\n");
|
||||
fprintf(output, " -F <field> field to display\n");
|
||||
fprintf(output, " -n disable all name resolution (def: all enabled)\n");
|
||||
fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtCd\"\n");
|
||||
fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtd\"\n");
|
||||
fprintf(output, " -p use the system's packet header format\n");
|
||||
fprintf(output, " (which may have 64-bit timestamps)\n");
|
||||
fprintf(output, " -R <read filter> packet filter in Wireshark display filter syntax\n");
|
||||
|
@ -629,7 +629,7 @@ main(int argc, char *argv[])
|
|||
case 'N': /* Select what types of addresses/port #s to resolve */
|
||||
badopt = string_to_name_resolve(optarg, &gbl_resolv_flags);
|
||||
if (badopt != '\0') {
|
||||
cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'C', 'd', m', 'n', 'N', and 't'",
|
||||
cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'd', m', 'n', 'N', and 't'",
|
||||
badopt);
|
||||
exit(1);
|
||||
}
|
||||
|
|
9
tshark.c
9
tshark.c
|
@ -1531,8 +1531,7 @@ main(int argc, char *argv[])
|
|||
if (badopt != '\0') {
|
||||
cmdarg_err("-N specifies unknown resolving option '%c'; valid options are:",
|
||||
badopt);
|
||||
cmdarg_err_cont("\t'C' to enable concurrent (asynchronous) DNS lookups\n"
|
||||
"\t'd' to enable address resolution from captured DNS packets\n"
|
||||
cmdarg_err_cont("\t'd' to enable address resolution from captured DNS packets\n"
|
||||
"\t'm' to enable MAC address resolution\n"
|
||||
"\t'n' to enable network address resolution\n"
|
||||
"\t'N' to enable using external resolvers (e.g., DNS)\n"
|
||||
|
@ -2984,7 +2983,7 @@ process_packet_first_pass(capture_file *cf, epan_dissect_t *edt,
|
|||
do a dissection and do so. */
|
||||
if (edt) {
|
||||
if (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
|
||||
gbl_resolv_flags.transport_name || gbl_resolv_flags.concurrent_dns)
|
||||
gbl_resolv_flags.transport_name)
|
||||
/* Grab any resolved addresses */
|
||||
host_name_lookup_process();
|
||||
|
||||
|
@ -3057,7 +3056,7 @@ process_packet_second_pass(capture_file *cf, epan_dissect_t *edt, frame_data *fd
|
|||
do a dissection and do so. */
|
||||
if (edt) {
|
||||
if (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
|
||||
gbl_resolv_flags.transport_name || gbl_resolv_flags.concurrent_dns)
|
||||
gbl_resolv_flags.transport_name)
|
||||
/* Grab any resolved addresses */
|
||||
host_name_lookup_process();
|
||||
|
||||
|
@ -3696,7 +3695,7 @@ process_packet(capture_file *cf, epan_dissect_t *edt, gint64 offset, struct wtap
|
|||
do a dissection and do so. */
|
||||
if (edt) {
|
||||
if (print_packet_info && (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
|
||||
gbl_resolv_flags.transport_name || gbl_resolv_flags.concurrent_dns))
|
||||
gbl_resolv_flags.transport_name))
|
||||
/* Grab any resolved addresses */
|
||||
host_name_lookup_process();
|
||||
|
||||
|
|
|
@ -929,7 +929,6 @@ void resolve_name_cb(GtkWidget *widget _U_, gpointer data _U_)
|
|||
TRUE, /* mac_name */
|
||||
TRUE, /* network_name */
|
||||
TRUE, /* transport_name */
|
||||
TRUE, /* concurrent_dns */
|
||||
TRUE, /* dns_pkt_addr_resolution */
|
||||
TRUE, /* use_external_net_name_resolver */
|
||||
FALSE, /* load_hosts_file_from_profile_only */
|
||||
|
@ -1213,7 +1212,7 @@ print_usage(gboolean for_help_option) {
|
|||
fprintf(output, "Processing:\n");
|
||||
fprintf(output, " -R <read filter> packet filter in Wireshark display filter syntax\n");
|
||||
fprintf(output, " -n disable all name resolutions (def: all enabled)\n");
|
||||
fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtCd\"\n");
|
||||
fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtd\"\n");
|
||||
fprintf(output, " --disable-protocol <proto_name>\n");
|
||||
fprintf(output, " disable dissection of proto_name\n");
|
||||
fprintf(output, " --enable-heuristic <short_name>\n");
|
||||
|
@ -2712,7 +2711,7 @@ main(int argc, char *argv[])
|
|||
case 'N': /* Select what types of addresses/port #s to resolve */
|
||||
badopt = string_to_name_resolve(optarg, &gbl_resolv_flags);
|
||||
if (badopt != '\0') {
|
||||
cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'C', 'd', m', 'n', 'N', and 't'",
|
||||
cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'd', m', 'n', 'N', and 't'",
|
||||
badopt);
|
||||
exit(1);
|
||||
}
|
||||
|
|
|
@ -4703,7 +4703,7 @@ set_menus_for_selected_packet(capture_file *cf)
|
|||
frame_selected);
|
||||
set_menu_sensitivity(ui_manager_tree_view_menu, "/TreeViewPopup/ResolveName",
|
||||
frame_selected && (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
|
||||
gbl_resolv_flags.transport_name || gbl_resolv_flags.concurrent_dns));
|
||||
gbl_resolv_flags.transport_name));
|
||||
set_menu_sensitivity(ui_manager_main_menubar, "/Menubar/AnalyzeMenu/FollowTCPStream",
|
||||
is_tcp);
|
||||
set_menu_sensitivity(ui_manager_main_menubar, "/Menubar/AnalyzeMenu/FollowUDPStream",
|
||||
|
@ -4716,7 +4716,7 @@ set_menus_for_selected_packet(capture_file *cf)
|
|||
frame_selected && decode_as_ok());
|
||||
set_menu_sensitivity(ui_manager_main_menubar, "/Menubar/ViewMenu/NameResolution/ResolveName",
|
||||
frame_selected && (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
|
||||
gbl_resolv_flags.transport_name || gbl_resolv_flags.concurrent_dns));
|
||||
gbl_resolv_flags.transport_name));
|
||||
set_menu_sensitivity(ui_manager_main_menubar, "/Menubar/ToolsMenu/FirewallACLRules",
|
||||
frame_selected);
|
||||
set_menu_sensitivity(ui_manager_main_menubar, "/Menubar/StatisticsMenu/TCPStreamGraphMenu",
|
||||
|
|
|
@ -1169,7 +1169,7 @@ void MainWindow::setMenusForSelectedPacket()
|
|||
|
||||
// set_menu_sensitivity(ui_manager_main_menubar, "/Menubar/ViewMenu/NameResolution/ResolveName",
|
||||
// frame_selected && (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
|
||||
// gbl_resolv_flags.transport_name || gbl_resolv_flags.concurrent_dns));
|
||||
// gbl_resolv_flags.transport_name));
|
||||
// set_menu_sensitivity(ui_manager_main_menubar, "/Menubar/ToolsMenu/FirewallACLRules",
|
||||
// frame_selected);
|
||||
main_ui_->menuTcpStreamGraphs->setEnabled(is_tcp);
|
||||
|
@ -1266,7 +1266,7 @@ void MainWindow::setMenusForSelectedTreeRow(field_info *fi) {
|
|||
|
||||
// set_menu_sensitivity(ui_manager_tree_view_menu, "/TreeViewPopup/ResolveName",
|
||||
// frame_selected && (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
|
||||
// gbl_resolv_flags.transport_name || gbl_resolv_flags.concurrent_dns));
|
||||
// gbl_resolv_flags.transport_name));
|
||||
|
||||
main_ui_->actionAnalyzeAAFSelected->setEnabled(can_match_selected);
|
||||
main_ui_->actionAnalyzeAAFNotSelected->setEnabled(can_match_selected);
|
||||
|
|
|
@ -215,7 +215,7 @@ print_usage(gboolean for_help_option) {
|
|||
fprintf(output, "Processing:\n");
|
||||
fprintf(output, " -R <read filter> packet filter in Wireshark display filter syntax\n");
|
||||
fprintf(output, " -n disable all name resolutions (def: all enabled)\n");
|
||||
fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtCd\"\n");
|
||||
fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtd\"\n");
|
||||
fprintf(output, " --disable-protocol <proto_name>\n");
|
||||
fprintf(output, " disable dissection of proto_name\n");
|
||||
fprintf(output, " --enable-heuristic <short_name>\n");
|
||||
|
@ -948,7 +948,7 @@ int main(int argc, char *argv[])
|
|||
case 'N': /* Select what types of addresses/port #s to resolve */
|
||||
badopt = string_to_name_resolve(optarg, &gbl_resolv_flags);
|
||||
if (badopt != '\0') {
|
||||
cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'C', 'd', m', 'n', 'N', and 't'",
|
||||
cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'd', m', 'n', 'N', and 't'",
|
||||
badopt);
|
||||
exit(1);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue